Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision
  • 0x4A6F-master
  • 0x4A6F-rpi4
  • autinerd/experimental-openwrt-24.10
  • experimental
  • feature/addMikrotikwAP
  • master
  • nrb/airmax-test
  • nrb/ar9344-reset-sequence
  • nrb/ex400-remove-wps
  • nrb/gluon-master-cpe510
  • nrb/test-radv-filter
  • nrbffs/fastd-remove-delay
  • nrbffs/netgear-ex6120
  • v2018.2.2-ffs
  • v2018.2.3-ffs
  • v2019.1-ffs
  • v2019.1.1-ffs
  • v2019.1.2-ffs
  • v2020.1-ffs
  • v2020.1.1-ffs
  • v2020.1.3-ffs
  • v2020.2-ffs
  • v2020.2.1-ffs
  • v2020.2.2-ffs
  • v2020.2.3-ffs
  • v2021.1-ffs
  • v2021.1.1-ffs
  • v2021.1.2-ffs
  • v2022.1.1-ffs
  • v2022.1.3-ffs
  • v2022.1.4-ffs
  • v2023.1-ffs
  • v2023.2-ffs
  • v2023.2.2-ffs
  • v2023.2.3-ffs
  • v2023.2.4-ffs
  • v2023.2.5-ffs
  • experimental-2022-09-24
  • experimental-2022-09-24-base
  • experimental-2023-03-11
  • experimental-2023-03-11-base
  • experimental-2023-03-12
  • experimental-2023-03-12-base
  • experimental-2023-03-16
  • experimental-2023-03-16-base
  • experimental-2023-03-20
  • experimental-2023-03-20-base
  • experimental-2023-03-23
  • experimental-2023-03-23-base
  • experimental-2023-03-25
  • experimental-2023-03-25-base
  • experimental-2023-03-26
  • experimental-2023-03-26-base
  • experimental-2023-03-30
  • experimental-2023-03-30-base
  • experimental-2023-03-31
  • experimental-2023-03-31-base
  • experimental-2023-04-01
  • experimental-2023-04-01-base
  • experimental-2023-04-08
  • experimental-2023-04-08-base
  • experimental-2023-04-10
  • experimental-2023-04-10-base
  • experimental-2023-04-13
  • experimental-2023-04-13-base
  • experimental-2023-04-15
  • experimental-2023-04-15-base
  • experimental-2023-04-16
  • experimental-2023-04-16-base
  • experimental-2023-04-18
  • experimental-2023-04-18-base
  • experimental-2023-04-20
  • experimental-2023-04-20-base
  • experimental-2023-04-26
  • experimental-2023-04-26-base
  • experimental-2023-04-28
  • experimental-2023-04-28-base
  • experimental-2023-04-30
  • experimental-2023-04-30-base
  • experimental-2023-05-02
  • experimental-2023-05-02-base
  • experimental-2023-05-03
  • experimental-2023-05-03-base
  • experimental-2023-05-12
  • experimental-2023-05-12-base
  • experimental-2023-05-21
  • experimental-2023-05-21-base
  • experimental-2023-05-25
  • experimental-2023-05-25-base
  • experimental-2023-07-02
  • experimental-2023-07-02-base
  • experimental-2023-07-04
  • experimental-2023-07-04-base
  • experimental-2023-07-12
  • experimental-2023-07-12-base
  • experimental-2023-07-16
  • experimental-2023-07-16-base
  • experimental-2023-08-04
  • experimental-2023-08-04-base
  • experimental-2023-08-10
  • experimental-2023-08-10-base
  • experimental-2023-09-08
  • experimental-2023-09-08-base
  • experimental-2023-09-09
  • experimental-2023-09-09-base
  • experimental-2023-09-10
  • experimental-2023-09-10-base
  • experimental-2023-09-11
  • experimental-2023-09-11-base
  • experimental-2023-09-12
  • experimental-2023-09-12-base
  • experimental-2023-09-13
  • experimental-2023-09-13-base
  • experimental-2023-09-15
  • experimental-2023-09-15-base
  • experimental-2023-09-16
  • experimental-2023-09-16-base
  • experimental-2023-09-18
  • experimental-2023-09-18-base
  • experimental-2023-09-20
  • experimental-2023-09-20-base
  • experimental-2023-09-27
  • experimental-2023-09-27-base
  • experimental-2023-09-28
  • experimental-2023-09-28-base
  • experimental-2023-09-29
  • experimental-2023-09-29-base
  • experimental-2023-10-02
  • experimental-2023-10-02-base
  • experimental-2023-10-13
  • experimental-2023-10-13-base
  • experimental-2023-10-14
  • experimental-2023-10-14-base
  • experimental-2023-10-16
  • experimental-2023-10-16-base
  • experimental-2023-10-23
  • experimental-2023-10-23-base
137 results

Target

Select target project
  • firmware/gluon
  • 0x4A6F/gluon
  • patrick/gluon
3 results
Select Git revision
  • 0x4A6F-master
  • 0x4A6F-rpi4
  • 2014.3.x
  • 2014.4.x
  • babel
  • experimental
  • hoodselector
  • master
  • nrb/gluon-master-cpe510
  • nrb/test-radv-filter
  • nrbffs/fastd-remove-delay
  • nrbffs/netgear-ex6120
  • radv-filterd
  • v2015.1.x
  • v2016.1.x
  • v2016.2.4-batmanbug
  • v2016.2.x
  • v2018.2.2-ffs
  • v2018.2.3-ffs
  • v2018.2.x
  • v2019.1-ffs
  • v2019.1.1-ffs
  • v2019.1.2-ffs
  • v2020.1-ffs
  • v2020.1.1-ffs
  • v2020.1.3-ffs
  • v2020.2-ffs
  • v2020.2.1-ffs
  • v2020.2.2-ffs
  • v2020.2.3-ffs
  • v2020.2.x
  • v2021.1-ffs
  • v2021.1.1-ffs
  • v2021.1.2-ffs
  • v2014.1
  • v2014.2
  • v2014.3
  • v2014.3.1
  • v2014.4
  • v2015.1
  • v2015.1.1
  • v2015.1.2
  • v2016.1
  • v2016.1.1
  • v2016.1.2
  • v2016.1.3
  • v2016.1.4
  • v2016.1.5
  • v2016.1.6
  • v2016.2
  • v2016.2.1
  • v2016.2.2
  • v2016.2.3
  • v2016.2.4
  • v2016.2.5
  • v2016.2.6
  • v2016.2.7
  • v2017.1
  • v2017.1.1
  • v2017.1.2
  • v2017.1.3
  • v2017.1.4
  • v2017.1.5
  • v2017.1.6
  • v2017.1.7
  • v2017.1.8
  • v2018.1
  • v2018.1.1
  • v2018.1.2
  • v2018.1.3
  • v2018.1.4
  • v2018.2
  • v2018.2-ffs0.1
  • v2018.2.1
  • v2018.2.1-ffs0.1
  • v2018.2.2-ffs0.1
  • v2018.2.3-ffs0.1
  • v2019.1-ffs0.1
  • v2019.1.1-ffs0.1
  • v2019.1.2-ffs0.1
  • v2020.1-ffs0.1
  • v2020.1.1-ffs0.1
  • v2020.1.3-ffs0.1
  • v2020.2
  • v2020.2-ffs0.1
  • v2020.2.1-ffs0.1
  • v2020.2.2-ffs0.1
  • v2020.2.3-ffs0.1
  • v2020.2.3-ffs0.2
  • v2020.2.3-ffs0.3
  • v2020.2.x-ffs0.1
  • v2021.1-ffs0.1
  • v2021.1.1-ffs0.1
  • v2021.1.1-ffs0.2
  • v2021.1.1-ffs0.3
  • v2021.1.1-ffs0.4
  • v2021.1.2-ffs0.1
  • v2021.1.2-ffs0.2
98 results
Show changes
Showing
with 352 additions and 127 deletions
#!/usr/bin/lua #!/usr/bin/lua
local site = require 'gluon.site' local site = require 'gluon.site'
local users = require 'gluon.users'
local util = require 'gluon.util' local util = require 'gluon.util'
local uci = require('simple-uci').cursor() local uci = require('simple-uci').cursor()
local unistd = require 'posix.unistd'
local vpn_core = require 'gluon.mesh-vpn'
local _, active_vpn = vpn_core.get_active_provider()
uci:section('network', 'interface', 'mesh_vpn', { uci:section('network', 'interface', 'mesh_vpn', {
ifname = 'mesh-vpn', ifname = vpn_core.get_interface(),
proto = 'gluon_mesh', proto = 'gluon_mesh',
transitive = true,
fixed_mtu = true, fixed_mtu = true,
macaddr = util.generate_mac(7), macaddr = util.generate_mac(7),
mtu = site.mesh_vpn.mtu(), mtu = active_vpn.mtu(),
}) })
uci:save('network') uci:save('network')
-- The previously used user and group are removed, we now have a generic group
users.remove_user('gluon-fastd')
users.remove_group('gluon-fastd')
uci:section('firewall', 'include', 'mesh_vpn_dns', { uci:section('firewall', 'include', 'mesh_vpn_dns', {
type = 'restore', type = 'restore',
path = '/lib/gluon/mesh-vpn/iptables.rules', path = '/lib/gluon/mesh-vpn/iptables.rules',
...@@ -32,53 +27,13 @@ uci:section('firewall', 'include', 'mesh_vpn_dns', { ...@@ -32,53 +27,13 @@ uci:section('firewall', 'include', 'mesh_vpn_dns', {
uci:save('firewall') uci:save('firewall')
-- Inital VPN setup
-- VPN migration
if not uci:get('gluon', 'mesh_vpn') then if not uci:get('gluon', 'mesh_vpn') then
local vpn local enabled = site.mesh_vpn.enabled(false)
if unistd.access('/lib/gluon/mesh-vpn/fastd') then
vpn = 'fastd'
elseif unistd.access('/lib/gluon/mesh-vpn/tunneldigger') then
vpn = 'tunneldigger'
end
local fastd_enabled = uci:get('fastd', 'mesh_vpn', 'enabled')
local tunneldigger_enabled = uci:get('tunneldigger', 'mesh_vpn', 'enabled')
local enabled
-- If the installed VPN package has its enabled state set, keep the value
if vpn == 'fastd' and fastd_enabled then
enabled = fastd_enabled == '1'
elseif vpn == 'tunneldigger' and tunneldigger_enabled then
enabled = tunneldigger_enabled == '1'
-- Otherwise, migrate the other package's value if any is set
elseif fastd_enabled or tunneldigger_enabled then
enabled = fastd_enabled == '1' or tunneldigger_enabled == '1'
-- If nothing is set, use the default
else
enabled = site.mesh_vpn.enabled(false)
end
local limit_enabled = tonumber((uci:get('simple-tc', 'mesh_vpn', 'enabled')))
if limit_enabled == nil then
limit_enabled = site.mesh_vpn.bandwidth_limit.enabled(false)
end
local limit_ingress = tonumber((uci:get('tunneldigger', 'mesh_vpn', 'limit_bw_down')))
if limit_ingress == nil then
limit_ingress = tonumber((uci:get('simple-tc', 'mesh_vpn', 'limit_ingress')))
end
if limit_ingress == nil then
limit_ingress = site.mesh_vpn.bandwidth_limit.ingress()
end
local limit_egress = tonumber((uci:get('simple-tc', 'mesh_vpn', 'limit_egress')))
if limit_egress == nil then
limit_egress = site.mesh_vpn.bandwidth_limit.egress()
end
local limit_enabled = site.mesh_vpn.bandwidth_limit.enabled(false)
local limit_ingress = site.mesh_vpn.bandwidth_limit.ingress()
local limit_egress = site.mesh_vpn.bandwidth_limit.egress()
uci:section('gluon', 'mesh_vpn', 'mesh_vpn', { uci:section('gluon', 'mesh_vpn', 'mesh_vpn', {
enabled = enabled, enabled = enabled,
......
local uci = require('simple-uci').cursor()
local util = require 'gluon.util'
local M = {} local M = {}
function M.get_mesh_vpn_interface() function M.enabled()
return uci:get_bool('gluon', 'mesh_vpn', 'enabled')
end
function M.enable(val)
return uci:set('gluon', 'mesh_vpn', 'enabled', val)
end
function M.get_interface()
return 'mesh-vpn' return 'mesh-vpn'
end end
function M.get_provider(name)
return require('gluon.mesh-vpn.provider.' .. name)
end
function M.get_provider_names()
local out = {}
for _, v in ipairs(util.glob('/lib/gluon/mesh-vpn/provider/*')) do
table.insert(out, v:match('([^/]+)$'))
end
return out
end
function M.get_active_provider()
-- Active provider is the provider in use
-- by the currently active site / domain
for _, name in ipairs(M.get_provider_names()) do
local provider = M.get_provider(name)
if provider.active() then
return name, provider
end
end
return nil, nil
end
return M return M
all: respondd.so
CFLAGS += -Wall -Werror-implicit-function-declaration
respondd.so: respondd.c
$(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -shared -fPIC -D_GNU_SOURCE -o $@ $^ $(LDLIBS) -lgluonutil -luci
/* SPDX-FileCopyrightText: 2021, Aiyion <gluon@aiyionpri.me> */
/* SPDX-FileCopyrightText: 2016, Matthias Schiffer <mschiffer@universe-factory.net> */
/* SPDX-License-Identifier: BSD-2-Clause */
#include <respondd.h>
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <json-c/json.h>
#include <libgluonutil.h>
#include <uci.h>
static struct json_object * get_bandwidth_limit(void) {
bool enabled = false;
int egress = -1;
int ingress = -1;
struct json_object *ret = json_object_new_object();
struct uci_context *ctx = uci_alloc_context();
if (!ctx)
goto disabled;
ctx->flags &= ~UCI_FLAG_STRICT;
struct uci_package *p;
if (uci_load(ctx, "gluon", &p))
goto disabled;
struct uci_section *s = uci_lookup_section(ctx, p, "mesh_vpn");
if (!s)
goto disabled;
const char *enabled_str = uci_lookup_option_string(ctx, s, "limit_enabled");
if (enabled_str && strcmp(enabled_str, "1"))
goto disabled;
enabled = true;
const char *egress_str = uci_lookup_option_string(ctx, s, "limit_egress");
if (egress_str && strcmp(egress_str, "-"))
egress = atoi(egress_str);
const char *ingress_str = uci_lookup_option_string(ctx, s, "limit_ingress");
if (ingress_str && strcmp(ingress_str, "-"))
ingress = atoi(ingress_str);
if (egress >= 0)
json_object_object_add(ret, "egress", json_object_new_int(egress));
if (ingress >= 0)
json_object_object_add(ret, "ingress", json_object_new_int(ingress));
disabled:
if (ctx)
uci_free_context(ctx);
json_object_object_add(ret, "enabled", json_object_new_boolean(enabled));
return ret;
}
char * read_stdout(const char *command) {
FILE *f = popen(command, "r");
if (!f)
return NULL;
char *line = NULL;
size_t len = 0;
ssize_t r = getline(&line, &len, f);
pclose(f);
if (r < 0) {
free(line);
return NULL;
}
/* The len given by getline is the buffer size, not the string length */
len = strlen(line);
if (len && line[len-1] == '\n')
line[len-1] = 0;
return line;
}
static struct json_object * get_mesh_vpn_enabled() {
int enabled = -1;
char *line = read_stdout("exec lua -e 'print(require(\"gluon.mesh-vpn\").enabled())'");
if (!line)
return NULL;
if (!strcmp(line, "true"))
enabled = 1;
if (!strcmp(line, "false"))
enabled = 0;
free(line);
if (enabled < 0)
return NULL;
struct json_object *ret = json_object_new_boolean((json_bool)enabled);
return ret;
}
static struct json_object * get_active_vpn_provider() {
char *line = read_stdout("exec lua -e 'name, _ = require(\"gluon.mesh-vpn\").get_active_provider(); print(name)'");
if (line && !strcmp(line, "nil")) {
free(line);
return NULL;
}
return gluonutil_wrap_and_free_string(line);
}
static struct json_object * respondd_provider_nodeinfo(void) {
struct json_object *ret = json_object_new_object();
struct json_object *network = json_object_new_object();
struct json_object *mesh_vpn = json_object_new_object();
json_object_object_add(mesh_vpn, "bandwidth_limit", get_bandwidth_limit());
json_object_object_add(mesh_vpn, "provider", get_active_vpn_provider());
json_object_object_add(mesh_vpn, "enabled", get_mesh_vpn_enabled());
json_object_object_add(network, "mesh_vpn", mesh_vpn);
json_object_object_add(ret, "network", network);
return ret;
}
const struct respondd_provider_info respondd_providers[] = {
{"nodeinfo", respondd_provider_nodeinfo},
{},
{}
};
include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-mesh-vpn-fastd-l2tp
PKG_VERSION:=1
include ../gluon.mk
define Package/gluon-mesh-vpn-fastd-l2tp
TITLE:=Support for connecting meshes via fastd (with L2TP kernel offloading)
DEPENDS:=+gluon-core +gluon-mesh-vpn-fastd +kmod-l2tp-eth
endef
$(eval $(call BuildPackageGluon,gluon-mesh-vpn-fastd-l2tp))
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-mesh-vpn-fastd PKG_NAME:=gluon-mesh-vpn-fastd
PKG_VERSION:=3
include ../gluon.mk include ../gluon.mk
define Package/gluon-mesh-vpn-fastd define Package/gluon-mesh-vpn-fastd
TITLE:=Support for connecting meshes via fastd TITLE:=Support for connecting meshes via fastd
DEPENDS:=+gluon-core +libgluonutil +gluon-mesh-vpn-core +fastd +@GLUON_SPECIALIZE_KERNEL:KERNEL_TUN DEPENDS:=+gluon-core +libgluonutil +gluon-mesh-vpn-core +fastd +simple-tc
endef endef
$(eval $(call BuildPackageGluon,gluon-mesh-vpn-fastd)) $(eval $(call BuildPackageGluon,gluon-mesh-vpn-fastd))
local fastd_methods = {'salsa2012+gmac', 'salsa2012+umac', 'null+salsa2012+gmac', 'null+salsa2012+umac', 'null'} local fastd_methods = {'salsa2012+umac', 'null+salsa2012+umac', 'null@l2tp', 'null'}
need_array_of({'mesh_vpn', 'fastd', 'methods'}, fastd_methods) need_array_of({'mesh_vpn', 'fastd', 'methods'}, fastd_methods)
need_boolean(in_site({'mesh_vpn', 'fastd', 'configurable'}), false) need_boolean(in_site({'mesh_vpn', 'fastd', 'configurable'}), false)
need_number({'mesh_vpn', 'fastd', 'mtu'})
need_one_of(in_site({'mesh_vpn', 'fastd', 'syslog_level'}), need_one_of(in_site({'mesh_vpn', 'fastd', 'syslog_level'}),
{'error', 'warn', 'info', 'verbose', 'debug', 'debug2'}, false) {'error', 'warn', 'info', 'verbose', 'debug', 'debug2'}, false)
......
...@@ -2,29 +2,39 @@ ...@@ -2,29 +2,39 @@
local site = require 'gluon.site' local site = require 'gluon.site'
local util = require 'gluon.util' local util = require 'gluon.util'
local vpn_core = require 'gluon.mesh-vpn'
local _, active_vpn = vpn_core.get_active_provider()
local uci = require('simple-uci').cursor() local uci = require('simple-uci').cursor()
local unistd = require 'posix.unistd'
local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose' local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose'
local secret = uci:get('fastd', 'mesh_vpn', 'secret')
if not secret or not secret:match(('%x'):rep(64)) then
secret = 'generate'
end
local methods local methods
if site.mesh_vpn.fastd.configurable(false) then if site.mesh_vpn.fastd.configurable(false) then
local has_null = util.contains(site.mesh_vpn.fastd.methods(), 'null') local site_methods = site.mesh_vpn.fastd.methods()
local has_null = util.contains(site_methods, 'null@l2tp') or util.contains(site_methods, 'null')
local old_methods = uci:get('fastd', 'mesh_vpn', 'method') local old_methods = uci:get('fastd', 'mesh_vpn', 'method')
if old_methods then if old_methods then
has_null = util.contains(old_methods, 'null') has_null = util.contains(old_methods, 'null@l2tp') or util.contains(old_methods, 'null')
end end
methods = {} methods = {}
if has_null then if has_null then
table.insert(methods, 'null@l2tp')
table.insert(methods, 'null') table.insert(methods, 'null')
end end
for _, method in ipairs(site.mesh_vpn.fastd.methods()) do for _, method in ipairs(site_methods) do
if method ~= 'null' then if method ~= 'null@l2tp' and method ~= 'null' then
table.insert(methods, method) table.insert(methods, method)
end end
end end
...@@ -37,16 +47,26 @@ end ...@@ -37,16 +47,26 @@ end
uci:section('fastd', 'fastd', 'mesh_vpn', { uci:section('fastd', 'fastd', 'mesh_vpn', {
group = 'gluon-mesh-vpn', group = 'gluon-mesh-vpn',
syslog_level = syslog_level, syslog_level = syslog_level,
interface = 'mesh-vpn', secret = secret,
interface = vpn_core.get_interface(),
mode = 'tap', mode = 'tap',
mtu = site.mesh_vpn.mtu(), mtu = active_vpn.mtu(),
secure_handshakes = true, secure_handshakes = true,
method = methods, method = methods,
packet_mark = 1, packet_mark = 1,
persist_interface = true,
offload_l2tp = false,
status_socket = '/var/run/fastd.mesh_vpn.socket', status_socket = '/var/run/fastd.mesh_vpn.socket',
}) })
uci:delete('fastd', 'mesh_vpn', 'user') uci:delete('fastd', 'mesh_vpn', 'peer_limit')
-- L2TP offload support
if unistd.access('/lib/gluon/mesh-vpn/fastd/l2tp') then
uci:set('fastd', 'mesh_vpn', 'mode', 'multitap')
uci:set('fastd', 'mesh_vpn', 'persist_interface', false)
uci:set('fastd', 'mesh_vpn', 'offload_l2tp', true)
uci:set('fastd', 'mesh_vpn', 'peer_limit', 1)
end
-- Collect list of groups that have peers with 'preserve' flag -- Collect list of groups that have peers with 'preserve' flag
local preserve_groups = {} local preserve_groups = {}
...@@ -88,6 +108,7 @@ local function add_peer(group, name, config) ...@@ -88,6 +108,7 @@ local function add_peer(group, name, config)
enabled = true, enabled = true,
net = 'mesh_vpn', net = 'mesh_vpn',
group = group, group = group,
interface = 'mesh-vpn',
key = config.key, key = config.key,
remote = config.remotes, remote = config.remotes,
}) })
...@@ -117,5 +138,11 @@ end ...@@ -117,5 +138,11 @@ end
add_groups('mesh_vpn', site.mesh_vpn.fastd.groups()) add_groups('mesh_vpn', site.mesh_vpn.fastd.groups())
-- Update preserved peers as well
uci:foreach('fastd', 'peer', function(peer)
if peer.net == 'mesh_vpn' then
uci:set('fastd', peer['.name'], 'interface', 'mesh-vpn')
end
end)
uci:save('fastd') uci:save('fastd')
#!/usr/bin/lua
local uci = require 'simple-uci'
local c = uci.cursor()
local secret = c:get("fastd", "mesh_vpn", "secret")
if not secret or not secret:match(("%x"):rep(64)) then
c:set("fastd", "mesh_vpn", "secret", "generate")
c:save("fastd")
end
local uci = require('simple-uci').cursor()
local site = require 'gluon.site'
local util = require 'gluon.util'
local vpn_core = require 'gluon.mesh-vpn'
local unistd = require 'posix.unistd'
local M = {}
function M.public_key()
local key = util.trim(util.exec('/etc/init.d/fastd show_key mesh_vpn'))
if key == '' then
key = nil
end
return key
end
function M.enable(val)
uci:set('fastd', 'mesh_vpn', 'enabled', val)
uci:save('fastd')
end
function M.active()
return site.mesh_vpn.fastd() ~= nil
end
local function set_limit_simple_tc(ingress_limit, egress_limit)
uci:section('simple-tc', 'interface', 'mesh_vpn', {
ifname = vpn_core.get_interface(),
enabled = true,
limit_egress = egress_limit,
limit_ingress = ingress_limit,
})
end
local function set_limit_sqm(ingress_limit, egress_limit)
uci:section('sqm', 'queue', 'mesh_vpn', {
interface = vpn_core.get_interface(),
enabled = true,
upload = egress_limit,
download = ingress_limit,
qdisc = 'cake',
script = 'piece_of_cake.qos',
debug_logging = '0',
verbosity = '5',
})
end
local function sqm_available()
return unistd.access('/lib/gluon/mesh-vpn/sqm')
end
function M.set_limit(ingress_limit, egress_limit)
uci:delete('simple-tc', 'mesh_vpn')
uci:delete('sqm', 'mesh_vpn')
if ingress_limit ~= nil and egress_limit ~= nil then
if sqm_available() and util.get_mem_total() > 200*1024 then
set_limit_sqm(ingress_limit, egress_limit)
else
set_limit_simple_tc(ingress_limit, egress_limit)
end
end
uci:save('simple-tc')
uci:save('sqm')
end
function M.mtu()
return site.mesh_vpn.fastd.mtu()
end
return M
/* /* SPDX-License-Identifier: BSD-2-Clause */
Copyright (c) 2016, Matthias Schiffer <mschiffer@universe-factory.net> /* SPDX-FileCopyrightText: 2016, Matthias Schiffer <mschiffer@universe-factory.net> */
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <respondd.h> #include <respondd.h>
...@@ -65,7 +43,7 @@ static struct json_object * get_fastd_version(void) { ...@@ -65,7 +43,7 @@ static struct json_object * get_fastd_version(void) {
} }
const char *version = line; const char *version = line;
if (strncmp(version, "fastd ", 6) == 0) if (version && strncmp(version, "fastd ", 6) == 0)
version += 6; version += 6;
struct json_object *ret = gluonutil_wrap_string(version); struct json_object *ret = gluonutil_wrap_string(version);
...@@ -239,7 +217,7 @@ static bool get_peer_connection(struct json_object **ret, struct json_object *co ...@@ -239,7 +217,7 @@ static bool get_peer_connection(struct json_object **ret, struct json_object *co
if (!key) if (!key)
return false; return false;
struct json_object *peer, *connection, *established; struct json_object *peer, *connection, *established, *method;
if (!json_object_object_get_ex(peers, key, &peer) || if (!json_object_object_get_ex(peers, key, &peer) ||
!json_object_object_get_ex(peer, "connection", &connection)) !json_object_object_get_ex(peer, "connection", &connection))
return false; return false;
...@@ -251,6 +229,10 @@ static bool get_peer_connection(struct json_object **ret, struct json_object *co ...@@ -251,6 +229,10 @@ static bool get_peer_connection(struct json_object **ret, struct json_object *co
struct json_object *jso = json_object_new_double(established_time/1000.0); struct json_object *jso = json_object_new_double(established_time/1000.0);
json_object_set_serializer(jso, json_object_double_to_json_string, "%.3f", NULL); json_object_set_serializer(jso, json_object_double_to_json_string, "%.3f", NULL);
json_object_object_add(*ret, "established", jso); json_object_object_add(*ret, "established", jso);
if (json_object_object_get_ex(connection, "method", &method)) {
json_object_object_add(*ret, "method", json_object_get(method));
}
} }
else { else {
*ret = NULL; *ret = NULL;
......
include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-mesh-vpn-sqm
include ../gluon.mk
define Package/gluon-mesh-vpn-sqm
TITLE:=Adds support for SQM with CAKE on VPN links
DEPENDS:= +gluon-mesh-vpn-core +sqm-scripts
endef
define Package/gluon-mesh-vpn-sqm/install
$(Gluon/Build/Install)
$(INSTALL_DIR) $(1)/lib/gluon/mesh-vpn
touch $(1)/lib/gluon/mesh-vpn/sqm
endef
$(eval $(call BuildPackageGluon,gluon-mesh-vpn-sqm))
include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-mesh-vpn-tunneldigger
PKG_VERSION:=3
include ../gluon.mk
define Package/gluon-mesh-vpn-tunneldigger
TITLE:=Support for connecting meshes via tunneldigger/L2TPv3 pseudowire
DEPENDS:=+gluon-core +gluon-mesh-vpn-core +tunneldigger +@GLUON_SPECIALIZE_KERNEL:KERNEL_L2TP
endef
$(eval $(call BuildPackageGluon,gluon-mesh-vpn-tunneldigger))
need_string_array(in_domain({'mesh_vpn', 'tunneldigger', 'brokers'}))
#!/bin/sh
/etc/init.d/tunneldigger stop
#!/bin/sh
/etc/init.d/tunneldigger start
*/5 * * * * /usr/bin/tunneldigger-watchdog