You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

96 lines
2.5 KiB

mwan3: fix interface-bound traffic when interface is offline This commit fixed what 6d99b602 was supposed to fix without affecting interface-bound traffic. Before 6d99b602 interface-bound traffic was working normally as long as at least one interface was online. However when the last interface went offline, it was impossible to ping and such state was unrecoverable. Commit 6d99b602 fixed unrecoverable offline state problem (it was possible to ping -I iface) but messed inteface-bound traffic. Traffic with interface source address was not working if the interface was in "offline" state, even if another interface was online. The problem was caused by an inconsistent "offline" interface state: iptables-related rules were kept while routing table and policy were deleted. The idea behind this commit is to: 1. Keep all the rules for each interface (iptables, routing table, policy) regardless of its state. This ensures consistency, 2. Make interface state hotplug events affect only iptables' mwan3_policy_* rules. Interface-related iptables, routing table and policy is removed only when mwan3 is manually stopped. To make such changes possible, it's necessary to change the way mwan3_policy_* rule generator keeps track of interface state hotplug events. Until now, it checked for the existence of custom interface-related routing table (table id 1, 2, 3, ...). Clearly we can no longer rely on that so each interface state is stored explicitly in file. Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
7 years ago
mwan3: fix interface-bound traffic when interface is offline This commit fixed what 6d99b602 was supposed to fix without affecting interface-bound traffic. Before 6d99b602 interface-bound traffic was working normally as long as at least one interface was online. However when the last interface went offline, it was impossible to ping and such state was unrecoverable. Commit 6d99b602 fixed unrecoverable offline state problem (it was possible to ping -I iface) but messed inteface-bound traffic. Traffic with interface source address was not working if the interface was in "offline" state, even if another interface was online. The problem was caused by an inconsistent "offline" interface state: iptables-related rules were kept while routing table and policy were deleted. The idea behind this commit is to: 1. Keep all the rules for each interface (iptables, routing table, policy) regardless of its state. This ensures consistency, 2. Make interface state hotplug events affect only iptables' mwan3_policy_* rules. Interface-related iptables, routing table and policy is removed only when mwan3 is manually stopped. To make such changes possible, it's necessary to change the way mwan3_policy_* rule generator keeps track of interface state hotplug events. Until now, it checked for the existence of custom interface-related routing table (table id 1, 2, 3, ...). Clearly we can no longer rely on that so each interface state is stored explicitly in file. Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
7 years ago
mwan3: fix interface-bound traffic when interface is offline This commit fixed what 6d99b602 was supposed to fix without affecting interface-bound traffic. Before 6d99b602 interface-bound traffic was working normally as long as at least one interface was online. However when the last interface went offline, it was impossible to ping and such state was unrecoverable. Commit 6d99b602 fixed unrecoverable offline state problem (it was possible to ping -I iface) but messed inteface-bound traffic. Traffic with interface source address was not working if the interface was in "offline" state, even if another interface was online. The problem was caused by an inconsistent "offline" interface state: iptables-related rules were kept while routing table and policy were deleted. The idea behind this commit is to: 1. Keep all the rules for each interface (iptables, routing table, policy) regardless of its state. This ensures consistency, 2. Make interface state hotplug events affect only iptables' mwan3_policy_* rules. Interface-related iptables, routing table and policy is removed only when mwan3 is manually stopped. To make such changes possible, it's necessary to change the way mwan3_policy_* rule generator keeps track of interface state hotplug events. Until now, it checked for the existence of custom interface-related routing table (table id 1, 2, 3, ...). Clearly we can no longer rely on that so each interface state is stored explicitly in file. Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
7 years ago
mwan3: fix interface-bound traffic when interface is offline This commit fixed what 6d99b602 was supposed to fix without affecting interface-bound traffic. Before 6d99b602 interface-bound traffic was working normally as long as at least one interface was online. However when the last interface went offline, it was impossible to ping and such state was unrecoverable. Commit 6d99b602 fixed unrecoverable offline state problem (it was possible to ping -I iface) but messed inteface-bound traffic. Traffic with interface source address was not working if the interface was in "offline" state, even if another interface was online. The problem was caused by an inconsistent "offline" interface state: iptables-related rules were kept while routing table and policy were deleted. The idea behind this commit is to: 1. Keep all the rules for each interface (iptables, routing table, policy) regardless of its state. This ensures consistency, 2. Make interface state hotplug events affect only iptables' mwan3_policy_* rules. Interface-related iptables, routing table and policy is removed only when mwan3 is manually stopped. To make such changes possible, it's necessary to change the way mwan3_policy_* rule generator keeps track of interface state hotplug events. Until now, it checked for the existence of custom interface-related routing table (table id 1, 2, 3, ...). Clearly we can no longer rely on that so each interface state is stored explicitly in file. Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
7 years ago
  1. #!/bin/sh
  2. . /lib/functions.sh
  3. . /lib/functions/network.sh
  4. . /lib/mwan3/mwan3.sh
  5. . /usr/share/libubox/jshn.sh
  6. [ "$ACTION" == "ifup" -o "$ACTION" == "ifdown" ] || exit 1
  7. [ -n "$INTERFACE" ] || exit 2
  8. if [ "$ACTION" == "ifup" ]; then
  9. [ -n "$DEVICE" ] || exit 3
  10. fi
  11. config_load mwan3
  12. config_get_bool enabled globals 'enabled' '0'
  13. [ ${enabled} -gt 0 ] || exit 0
  14. mwan3_lock
  15. mwan3_init
  16. mwan3_set_connected_iptables
  17. mwan3_set_custom_ipset
  18. mwan3_unlock
  19. config_get enabled $INTERFACE enabled 0
  20. config_get initial_state $INTERFACE initial_state "online"
  21. [ "$enabled" == "1" ] || exit 0
  22. if [ "$ACTION" == "ifup" ]; then
  23. config_get family $INTERFACE family ipv4
  24. if [ "$family" = "ipv4" ]; then
  25. ubus call network.interface.${INTERFACE}_4 status &>/dev/null
  26. if [ "$?" -eq "0" ]; then
  27. network_get_ipaddr src_ip ${INTERFACE}_4
  28. else
  29. network_get_ipaddr src_ip ${INTERFACE}
  30. fi
  31. [ -n "$src_ip" ] || src_ip="0.0.0.0"
  32. elif [ "$family" = "ipv6" ]; then
  33. ubus call network.interface.${INTERFACE}_6 status &>/dev/null
  34. if [ "$?" -eq "0" ]; then
  35. network_get_ipaddr6 src_ip ${INTERFACE}_6
  36. else
  37. network_get_ipaddr6 src_ip ${INTERFACE}
  38. fi
  39. [ -n "$src_ip" ] || src_ip="::"
  40. fi
  41. fi
  42. if [ "$initial_state" = "offline" ]; then
  43. json_load "$(ubus call mwan3 status '{"section":"interfaces"}')"
  44. json_select "interfaces"
  45. json_select "${INTERFACE}"
  46. json_get_var running running
  47. json_get_var status status
  48. else
  49. status=online
  50. running=1
  51. fi
  52. mwan3_lock
  53. $LOG notice "Execute "$ACTION" event on interface $INTERFACE (${DEVICE:-unknown})"
  54. case "$ACTION" in
  55. ifup)
  56. mwan3_set_general_rules
  57. mwan3_set_general_iptables
  58. mwan3_create_iface_iptables $INTERFACE $DEVICE
  59. mwan3_create_iface_rules $INTERFACE $DEVICE
  60. mwan3_create_iface_route $INTERFACE $DEVICE
  61. if [ ${running} -eq 1 -a "${status}" = "online" ]; then
  62. $LOG notice "Starting tracker on interface $INTERFACE (${DEVICE:-unknown})"
  63. mwan3_set_iface_hotplug_state $INTERFACE "online"
  64. mwan3_track $INTERFACE $DEVICE "online" "$src_ip"
  65. mwan3_set_policies_iptables
  66. mwan3_set_user_rules
  67. mwan3_flush_conntrack $INTERFACE $DEVICE "ifup"
  68. else
  69. $LOG notice "Starting tracker on interface $INTERFACE (${DEVICE:-unknown})"
  70. mwan3_set_iface_hotplug_state $INTERFACE "offline"
  71. mwan3_track $INTERFACE $DEVICE "unknown" "$src_ip"
  72. fi
  73. ;;
  74. ifdown)
  75. mwan3_set_iface_hotplug_state $INTERFACE "offline"
  76. mwan3_delete_iface_ipset_entries $INTERFACE
  77. mwan3_track_signal $INTERFACE $DEVICE
  78. mwan3_set_policies_iptables
  79. mwan3_set_user_rules
  80. mwan3_flush_conntrack $INTERFACE $DEVICE "ifdown"
  81. ;;
  82. esac
  83. mwan3_unlock
  84. exit 0