diff --git a/net/travelmate/Makefile b/net/travelmate/Makefile index 5361bbc5c..b04b069ca 100644 --- a/net/travelmate/Makefile +++ b/net/travelmate/Makefile @@ -6,8 +6,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=travelmate -PKG_VERSION:=2.0.9 -PKG_RELEASE:=2 +PKG_VERSION:=2.1.0 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/travelmate/files/chs-hotel.login b/net/travelmate/files/chs-hotel.login index 76aa14ef6..842c2a313 100755 --- a/net/travelmate/files/chs-hotel.login +++ b/net/travelmate/files/chs-hotel.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script for chs hotels (DE) -# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -10,7 +10,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail trm_domain="hotspot.internet-for-guests.com" trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" diff --git a/net/travelmate/files/generic-user-pass.login b/net/travelmate/files/generic-user-pass.login index 0cce7d403..f95599063 100755 --- a/net/travelmate/files/generic-user-pass.login +++ b/net/travelmate/files/generic-user-pass.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script template with credentials as parameters -# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -10,7 +10,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail user="${1}" password="${2}" diff --git a/net/travelmate/files/h-hotels.login b/net/travelmate/files/h-hotels.login index efb17e7cf..ddbaeddb9 100755 --- a/net/travelmate/files/h-hotels.login +++ b/net/travelmate/files/h-hotels.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script for Telekom hotspots in h+hotels (DE) -# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -10,7 +10,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail trm_domain="hotspot.t-mobile.net" trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" diff --git a/net/travelmate/files/julianahoeve.login b/net/travelmate/files/julianahoeve.login index 843ffc6ab..b03d02fb9 100755 --- a/net/travelmate/files/julianahoeve.login +++ b/net/travelmate/files/julianahoeve.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script for Julianahoeve beach resort (NL) -# Copyright (c) 2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2021-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -10,7 +10,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail trm_domain="n23.network-auth.com" trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" diff --git a/net/travelmate/files/telekom.login b/net/travelmate/files/telekom.login index 26ce8008e..2cef0e82e 100755 --- a/net/travelmate/files/telekom.login +++ b/net/travelmate/files/telekom.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script for telekom hotspots (DE) -# Copyright (c) 2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2021-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -12,28 +12,27 @@ # urlencode() { - local chr str="${1}" len="${#1}" pos=0 - - while [ "${pos}" -lt "${len}" ]; do - chr="${str:pos:1}" - case "${chr}" in - [a-zA-Z0-9.~_-]) - printf "%s" "${chr}" - ;; - " ") - printf "%%20" - ;; - *) - printf "%%%02X" "'${chr}" - ;; - esac - pos=$((pos + 1)) - done + local chr str="${1}" len="${#1}" pos=0 + + while [ "${pos}" -lt "${len}" ]; do + chr="${str:pos:1}" + case "${chr}" in + [a-zA-Z0-9.~_-]) + printf "%s" "${chr}" + ;; + " ") + printf "%%20" + ;; + *) + printf "%%%02X" "'${chr}" + ;; + esac + pos=$((pos + 1)) + done } export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail username="$(urlencode "${1}")" password="$(urlencode "${2}")" diff --git a/net/travelmate/files/tplink-omada.login b/net/travelmate/files/tplink-omada.login new file mode 100755 index 000000000..fdc87c2de --- /dev/null +++ b/net/travelmate/files/tplink-omada.login @@ -0,0 +1,126 @@ +#!/bin/sh +# captive portal auto-login script for TP-Link Omada (authType=0 only) +# Copyright (c) 2022 Sebastian Muszynski +# This is free software, licensed under the GNU General Public License v3 + +# set (s)hellcheck exceptions +# shellcheck disable=1091,2181,3037,3043,3057 + +. "/lib/functions.sh" +. "/usr/share/libubox/jshn.sh" + +urlencode() +{ + local chr str="${1}" len="${#1}" pos=0 + + while [ "${pos}" -lt "${len}" ]; do + chr="${str:pos:1}" + case "${chr}" in + [a-zA-Z0-9.~_-]) + printf "%s" "${chr}" + ;; + " ") + printf "%%20" + ;; + *) + printf "%%%02X" "'${chr}" + ;; + esac + pos=$((pos + 1)) + done +} + +urldecode() +{ + echo -e "$(sed 's/+/ /g;s/%\(..\)/\\x\1/g;')" +} + +request_parameter() +{ + grep -oE "$1=[^&]+" | cut -d= -f2 +} + +export LC_ALL=C +export PATH="/usr/sbin:/usr/bin:/sbin:/bin" + +trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")" +trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" +trm_fetch="$(command -v curl) --connect-timeout $((trm_maxwait / 6)) --silent" + +raw_html="$(${trm_fetch} --show-error "${trm_captiveurl}")" + +if [ $? -ne 0 ]; +then + echo "The captive portal didn't respond" + exit 1 +fi + +if [ "$raw_html" = "success" ]; +then + echo "Internet access already available" + exit 0 +fi + +redirect_url=$(echo "$raw_html" | grep -oE 'location.href="[^\"]+"' | cut -d\" -f2) + +portal_baseurl=$(echo "$redirect_url" | cut -d/ -f1-4) +client_mac=$(echo "$redirect_url" | request_parameter cid) +ap_mac=$(echo "$redirect_url" | request_parameter ap) +ssid=$(echo "$redirect_url" | request_parameter ssid | urldecode) +radio_id=$(echo "$redirect_url" | request_parameter rid) +url=$(echo "$redirect_url" | request_parameter u | urldecode) + +${trm_fetch} "${portal_baseurl}/pubKey" | jsonfilter -e '@.result.key' > /tmp/trm-omada-pub.key +if [ $? -ne 0 ]; +then + exit 2 +fi + +json_init +json_add_string "clientMac" "$client_mac" +json_add_string "apMac" "$ap_mac" +json_add_string "ssidName" "$ssid" +json_add_int "radioId" "$radio_id" +json_add_string "originUrl" "$url" +json_close_object +incomplete_auth_request="$(json_dump)" + +auth_type=$(${trm_fetch} "${portal_baseurl}/getPortalPageSetting" \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + -H 'X-Requested-With: XMLHttpRequest' \ + --data-raw "$incomplete_auth_request" | jsonfilter -e '@.result.authType') + +if [ "$auth_type" -ne 0 ]; +then + echo "Unsupported auth type: $auth_type" + exit 3 +fi + +aes_key=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 16) +aes_key_hex=$(printf "%s" "$aes_key" | hexdump -e '16/1 "%02x"') +aes_vi=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 16) +aes_vi_hex=$(printf "%s" "$aes_vi" | hexdump -e '16/1 "%02x"') + +rsa_encrypted_aes_secrets=$(printf "%s" "${aes_key}${aes_vi}" | openssl rsautl -encrypt -pubin -inkey /tmp/trm-omada-pub.key | base64 -w 0) +rsa_encrypted_aes_secrets_urlencoded=$(urlencode "$rsa_encrypted_aes_secrets") + +json_load "$incomplete_auth_request" +json_add_int "authType" "$auth_type" +json_close_object +auth_request="$(json_dump)" + +aes_encrypted_auth_request="$(echo "$auth_request" | openssl enc -aes-128-cbc -K "$aes_key_hex" -iv "$aes_vi_hex" -a -A)" + +auth_response=$(${trm_fetch} "${portal_baseurl}/auth?key=$rsa_encrypted_aes_secrets_urlencoded" \ + -H 'Content-Type: text/plain' \ + -H 'X-Requested-With: XMLHttpRequest' \ + --data-raw "$aes_encrypted_auth_request" \ + --insecure) + +if echo "$auth_response" | grep -q '{"errorCode":0}'; +then + exit 0 +fi + +exit 255 diff --git a/net/travelmate/files/travelmate.init b/net/travelmate/files/travelmate.init index 4a11cf63e..9c03d9875 100755 --- a/net/travelmate/files/travelmate.init +++ b/net/travelmate/files/travelmate.init @@ -1,5 +1,5 @@ #!/bin/sh /etc/rc.common -# Copyright (c) 2016-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2016-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions diff --git a/net/travelmate/files/travelmate.mail b/net/travelmate/files/travelmate.mail index da6558181..74a3a6fc9 100755 --- a/net/travelmate/files/travelmate.mail +++ b/net/travelmate/files/travelmate.mail @@ -1,6 +1,6 @@ #!/bin/sh # send mail script for travelmate notifications -# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -12,7 +12,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail trm_debug="$(uci_get travelmate global trm_debug "0")" trm_mailreceiver="$(uci_get travelmate global trm_mailreceiver)" diff --git a/net/travelmate/files/travelmate.sh b/net/travelmate/files/travelmate.sh index c1b52fd80..fd717c34b 100755 --- a/net/travelmate/files/travelmate.sh +++ b/net/travelmate/files/travelmate.sh @@ -8,14 +8,14 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail -trm_ver="2.0.9" +trm_ver="2.1.0" trm_enabled="0" trm_debug="0" trm_iface="" trm_captive="1" trm_proactive="1" +trm_vpn="1" trm_netcheck="0" trm_autoadd="0" trm_randomize="0" @@ -28,11 +28,12 @@ trm_maxwait="30" trm_maxautoadd="5" trm_maxscan="10" trm_timeout="60" -trm_opensta="0" trm_radio="" trm_connection="" trm_wpaflags="" -trm_uplinkcfg="" +trm_ovpninfolist="" +trm_vpnifacelist="" +trm_vpninfolist="" trm_rtfile="/tmp/trm_runtime.json" trm_wifi="$(command -v wifi)" trm_fetch="$(command -v curl)" @@ -57,7 +58,7 @@ f_env() { return fi - unset trm_stalist trm_radiolist trm_uplinklist trm_vpnifacelist trm_uplinkcfg trm_wpaflags trm_activesta trm_opensta + unset trm_stalist trm_radiolist trm_uplinklist trm_uplinkcfg trm_activesta trm_opensta trm_sysver="$(ubus -S call system board 2>/dev/null | jsonfilter -q -e '@.model' -e '@.release.description' | awk 'BEGIN{RS="";FS="\n"}{printf "%s, %s",$1,$2}')" @@ -70,6 +71,12 @@ f_env() { local option="${1}" value="${2}" eval "${option}=\"${value}\"" } + list_cb() { + local option="${1}" value="${2}" + if [ "${option}" = "trm_vpnifacelist" ]; then + eval "trm_vpnifacelist=\"$(printf "%s" "${trm_vpnifacelist}") ${value}\"" + fi + } elif [ "${name}" = "uplink" ]; then if [ "$(uci_get "travelmate.${type}.opensta")" = "1" ]; then eval "trm_opensta=\"$((${trm_opensta:-0} + 1))\"" @@ -93,17 +100,19 @@ f_env() { /etc/init.d/travelmate stop fi - wpa_checks="sae owe eap suiteb192" - for check in ${wpa_checks}; do - if [ -x "${trm_wpa}" ]; then - if "${trm_wpa}" -v"${check}" >/dev/null 2>&1; then - result="$(f_trim "${result} ${check}: $(f_char 1)")" - else - result="$(f_trim "${result} ${check}: $(f_char 0)")" + if [ -z "${trm_wpaflags}" ]; then + wpa_checks="sae owe eap suiteb192" + for check in ${wpa_checks}; do + if [ -x "${trm_wpa}" ]; then + if "${trm_wpa}" -v"${check}" >/dev/null 2>&1; then + result="$(f_trim "${result} ${check}: $(f_char 1)")" + else + result="$(f_trim "${result} ${check}: $(f_char 0)")" + fi fi - fi - done - trm_wpaflags="$(printf "%s" "${result}" | awk '{printf "%s %s, %s %s, %s %s, %s %s",$1,$2,$3,$4,$5,$6,$7,$8}')" + done + trm_wpaflags="$(printf "%s" "${result}" | awk '{printf "%s %s, %s %s, %s %s, %s %s",$1,$2,$3,$4,$5,$6,$7,$8}')" + fi config_load wireless config_foreach f_setdev "wifi-device" @@ -119,9 +128,11 @@ f_env() { json_add_object "data" fi - config_load network - config_foreach f_getvpn "interface" - f_log "debug" "f_env ::: auto_sta: ${trm_opensta:-"-"}, wpa_flags: ${trm_wpaflags}, sys_ver: ${trm_sysver}" + if [ "${trm_vpn}" = "1" ] && [ -z "${trm_vpninfolist}" ]; then + config_load network + config_foreach f_getvpn "interface" + fi + f_log "debug" "f_env ::: auto_sta: ${trm_opensta:-"-"}, wpa_flags: ${trm_wpaflags}, sys_ver: ${trm_sysver}" } # trim helper function @@ -176,57 +187,74 @@ f_wifi() { sleep "$((trm_maxwait / 6))" timeout="$((timeout + (trm_maxwait / 6)))" fi - f_log "debug" "f_wifi ::: radio_list: ${trm_radiolist}, radio: ${radio}, timeout: ${timeout}" + f_log "debug" "f_wifi ::: radio_list: ${trm_radiolist}, radio: ${radio}, timeout: ${timeout}" } # vpn helper function # f_vpn() { - local rc result iface vpn vpn_service vpn_iface vpn_status vpn_action="${1}" - - vpn="$(f_getval "vpn")" - vpn_service="$(f_getval "vpnservice")" - vpn_iface="$(f_getval "vpniface")" - - if [ ! -f "${trm_vpnfile}" ] || { [ -f "${trm_vpnfile}" ] && [ "${vpn_action}" = "enable" ]; }; then - for iface in ${trm_vpnifacelist}; do - vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')" - if [ "${vpn_status}" = "true" ]; then - ifdown "${iface}" - f_log "info" "take down vpn interface '${iface}' (initial)" + local rc result info iface vpn vpn_service vpn_iface vpn_instance vpn_status vpn_action="${1}" + + if [ "${trm_vpn}" = "1" ] && [ -n "${trm_vpninfolist}" ]; then + vpn="$(f_getval "vpn")" + vpn_service="$(f_getval "vpnservice")" + vpn_iface="$(f_getval "vpniface")" + + if [ ! -f "${trm_vpnfile}" ] || { [ -f "${trm_vpnfile}" ] && [ "${vpn_action}" = "enable" ]; }; then + for info in ${trm_vpninfolist}; do + iface="${info%%&&*}" + [ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" + vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')" + if [ "${vpn_status}" = "true" ]; then + ifdown "${iface}" + if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" + fi + f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (initial)" + fi + done + if [ -f "/etc/init.d/sysntpd" ]; then + /etc/init.d/sysntpd restart >/dev/null 2>&1 fi - done - [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn stop - if [ -f "/etc/init.d/sysntpd" ]; then - /etc/init.d/sysntpd restart >/dev/null 2>&1 + rm -f "${trm_vpnfile}" + elif [ "${vpn}" = "1" ] && [ -n "${vpn_iface}" ] && [ "${vpn_action}" = "enable_keep" ]; then + for info in ${trm_vpninfolist}; do + iface="${info%%&&*}" + [ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" + vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')" + if [ "${vpn_status}" = "true" ] && [ "${iface}" != "${vpn_iface}" ]; then + ifdown "${iface}" + if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" + fi + f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (switch)" + rm -f "${trm_vpnfile}" + break + fi + done fi - rm -f "${trm_vpnfile}" - elif [ "${vpn}" = "1" ] && [ -n "${vpn_iface}" ] && [ "${vpn_action}" = "enable_keep" ]; then - for iface in ${trm_vpnifacelist}; do - vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')" - if [ "${vpn_status}" = "true" ] && [ "${iface}" != "${vpn_iface}" ]; then - ifdown "${iface}" - [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn stop - f_log "info" "take down vpn interface '${iface}' (switch)" - rm -f "${trm_vpnfile}" - break + if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ]; then + if { [ "${vpn_action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; } || + { [ -f "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } || + { [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then + result="$(f_net)" + if [ "${result}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then + for info in ${trm_vpninfolist}; do + iface="${info%%&&*}" + if [ "${iface}" = "${vpn_iface}" ]; then + [ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" + break + fi + done + f_log "debug" "f_vpn ::: vpn: ${vpn:-"0"}, action: ${vpn_action}, service: ${vpn_service}, iface: ${vpn_iface}, instance: ${vpn_instance}" + "${trm_vpnpgm}" "${vpn:-"0"}" "${vpn_action}" "${vpn_service}" "${vpn_iface}" "${vpn_instance}" >/dev/null 2>&1 + rc="${?}" + fi fi - done - fi - if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ]; then - if { [ "${vpn_action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; } || - { [ -f "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } || - { [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then - result="$(f_net)" - if [ "${result}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then - f_log "info" "vpn call '${vpn:-"0"}/${vpn_action}/${vpn_service}/${vpn_iface}'" - "${trm_vpnpgm}" "${vpn:-"0"}" "${vpn_action%_*}" "${vpn_service}" "${vpn_iface}" >/dev/null 2>&1 - rc="${?}" - fi + [ -n "${rc}" ] && f_jsnup fi - [ -n "${rc}" ] && f_jsnup fi - f_log "debug" "f_vpn ::: enabled: ${vpn:-"-"}, action: ${vpn_action}, service: ${vpn_service:-"-"}, iface: ${vpn_iface:-"-"}, rc: ${rc:-"-"}" + f_log "debug" "f_vpn ::: vpn: ${trm_vpn:-"-"}, enabled: ${vpn:-"-"}, action: ${vpn_action}, service: ${vpn_service:-"-"}, iface: ${vpn_iface:-"-"}, instance: ${vpn_instance:-"-"}, infolist: ${trm_vpninfolist:-"-"}, result: ${result}, rc: ${rc:-"-"}" } # mac helper function @@ -257,7 +285,7 @@ f_mac() { fi fi printf "%s" "${result}" - f_log "debug" "f_mac ::: action: ${action:-"-"}, section: ${section:-"-"}, macaddr: ${macaddr:-"-"}, result: ${result:-"-"}" + f_log "debug" "f_mac ::: action: ${action:-"-"}, section: ${section:-"-"}, macaddr: ${macaddr:-"-"}, result: ${result:-"-"}" } # set connection information @@ -315,19 +343,74 @@ f_ctrack() { fi fi fi - f_log "debug" "f_ctrack ::: action: ${action:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" + f_log "debug" "f_ctrack ::: action: ${action:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" +} + +# get openvpn information +# +f_getovpn() { + local file instance device + + for file in /etc/openvpn/*.conf /etc/openvpn/*.ovpn; do + if [ -f "${file}" ]; then + instance="${file##*/}" + instance="${instance%.conf}" + instance="${instance%.ovpn}" + device="$(awk '/^[[:space:]]*dev /{print $2}' "${file}")" + [ "${device}" = "tun" ] && device="tun0" + [ "${device}" = "tap" ] && device="tap0" + if [ -n "${device}" ] && [ -n "${instance}" ] && ! printf "%s" "${trm_ovpninfolist}" | grep -q "${device}"; then + trm_ovpninfolist="${trm_ovpninfolist} ${device}&&${instance}" + fi + fi + done + + uci_config() { + local device section="${1}" + + device="$(uci_get "openvpn" "${section}" "dev")" + [ "${device}" = "tun" ] && device="tun0" + [ "${device}" = "tap" ] && device="tap0" + if [ -n "${device}" ] && ! printf "%s" "${trm_ovpninfolist}" | grep -q "${device}"; then + trm_ovpninfolist="${trm_ovpninfolist} ${device}&&${section}" + fi + } + if [ -f "/etc/config/openvpn" ]; then + config_load openvpn + config_foreach uci_config "openvpn" + fi + f_log "debug" "f_getovpn ::: ovpninfolist: ${trm_ovpninfolist:-"-"}" } # get logical vpn network interfaces # f_getvpn() { - local proto iface="${1}" + local info proto device iface="${1}" proto="$(uci_get "network" "${iface}" "proto")" - if [ "${proto}" = "none" ] || [ "${proto}" = "wireguard" ]; then - trm_vpnifacelist="$(f_trim "${trm_vpnifacelist} ${iface}")" + device="$(uci_get "network" "${iface}" "device")" + if [ "${proto}" = "wireguard" ]; then + if { [ -z "${trm_vpnifacelist}" ] || printf "%s" "${trm_vpnifacelist}" | grep -q "${iface}"; }; then + if ! printf "%s" "${trm_vpninfolist}" | grep -q "${iface}"; then + trm_vpninfolist="$(f_trim "${trm_vpninfolist} ${iface}")" + fi + fi + elif [ "${proto}" = "none" ] && [ -n "${device}" ]; then + if [ -z "${trm_ovpninfolist}" ]; then + f_getovpn + fi + if { [ -z "${trm_vpnifacelist}" ] || printf "%s" "${trm_vpnifacelist}" | grep -q "${iface}"; }; then + for info in ${trm_ovpninfolist}; do + if [ "${info%%&&*}" = "${device}" ]; then + if ! printf "%s" "${trm_vpninfolist}" | grep -q "${iface}"; then + trm_vpninfolist="$(f_trim "${trm_vpninfolist} ${iface}&&${info##*&&}")" + break + fi + fi + done + fi fi - f_log "debug" "f_getvpn ::: interface: ${iface:-"-"}, protocol: ${proto:-"-"}, vpn_interfacelist: ${trm_vpnifacelist:-"-"}" + f_log "debug" "f_getvpn ::: iface: ${iface:-"-"}, proto: ${proto:-"-"}, device: ${device:-"-"}, ifacelist: ${trm_vpnifacelist:-"-"}, infolist: ${trm_vpninfolist:-"-"}" } # get wan gateway addresses @@ -344,7 +427,7 @@ f_getgw() { result="${wan4_gw} ${wan6_gw}" fi printf "%s" "${result}" - f_log "debug" "f_getgw ::: wan4_gw: ${wan4_gw:-"-"}, wan6_gw: ${wan6_gw:-"-"}, result: ${result:-"-"}" + f_log "debug" "f_getgw ::: wan4_gw: ${wan4_gw:-"-"}, wan6_gw: ${wan6_gw:-"-"}, result: ${result:-"-"}" } # get uplink config section @@ -363,7 +446,7 @@ f_getcfg() { fi cnt="$((cnt + 1))" done - f_log "debug" "f_getcfg ::: status: ${status}, section: ${section}, uplink_config: ${trm_uplinkcfg:-"-"}" + f_log "debug" "f_getcfg ::: status: ${status}, section: ${section}, uplink_config: ${trm_uplinkcfg:-"-"}" } # get travelmate option value in 'uplink' sections @@ -375,7 +458,7 @@ f_getval() { result="$(uci_get "travelmate" "${trm_uplinkcfg}" "${t_option}")" printf "%s" "${result}" fi - f_log "debug" "f_getval ::: option: ${t_option:-"-"}, result: ${result:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" + f_log "debug" "f_getval ::: option: ${t_option:-"-"}, result: ${result:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" } # set 'wifi-device' sections @@ -392,7 +475,7 @@ f_setdev() { elif [ -z "${trm_radio}" ] && ! printf "%s" "${trm_radiolist}" | grep -q "${radio}"; then trm_radiolist="$(f_trim "${trm_radiolist} ${radio}")" fi - f_log "debug" "f_setdev ::: radio: ${radio:-"-"}, radio_list(cnf/cur): ${trm_radio:-"-"}/${trm_radiolist:-"-"}, disabled: ${disabled:-"-"}" + f_log "debug" "f_setdev ::: radio: ${radio:-"-"}, radio_list(cnf/cur): ${trm_radio:-"-"}/${trm_radiolist:-"-"}, disabled: ${disabled:-"-"}" } # set 'wifi-iface' sections @@ -447,7 +530,7 @@ f_setif() { trm_stalist="$(f_trim "${trm_stalist} ${section}-${radio}")" fi fi - f_log "debug" "f_setif ::: enabled: ${enabled}, section: ${section}, active_sta: ${trm_activesta:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" + f_log "debug" "f_setif ::: enabled: ${enabled}, section: ${section}, active_sta: ${trm_activesta:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" } # add open uplinks @@ -508,7 +591,7 @@ f_addsta() { f_log "info" "open uplink '${radio}/${essid}' added to wireless config" fi fi - f_log "debug" "f_addsta ::: radio: ${radio:-"-"}, essid: ${essid}, opensta/maxautoadd: ${trm_opensta:-"-"}/${trm_maxautoadd:-"-"}, new_uplink: ${new_uplink}, offset: ${offset}" + f_log "debug" "f_addsta ::: radio: ${radio:-"-"}, essid: ${essid}, opensta/maxautoadd: ${trm_opensta:-"-"}/${trm_maxautoadd:-"-"}, new_uplink: ${new_uplink}, offset: ${offset}" } # check net status @@ -554,7 +637,7 @@ f_net() { fi fi printf "%s" "${result}" - f_log "debug" "f_net ::: fetch: ${trm_fetch}, timeout: $((trm_maxwait / 6)), cp (json/html/js): ${json_cp:-"-"}/${html_cp:-"-"}/${js_cp:-"-"}, result: ${result}, error (rc/msg): ${json_ec}/${err_msg:-"-"}, url: ${trm_captiveurl}, user_agent: ${trm_useragent}" + f_log "debug" "f_net ::: fetch: ${trm_fetch}, timeout: $((trm_maxwait / 6)), cp (json/html/js): ${json_cp:-"-"}/${html_cp:-"-"}/${js_cp:-"-"}, result: ${result}, error (rc/msg): ${json_ec}/${err_msg:-"-"}, url: ${trm_captiveurl}, user_agent: ${trm_useragent}" } # check interface status @@ -688,13 +771,13 @@ f_check() { wait_time="$((wait_time + 1))" sleep 1 done - f_log "debug" "f_check ::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, enabled: ${enabled}, connection: ${trm_connection:-"-"}, wait: ${wait_time}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}" + f_log "debug" "f_check ::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, enabled: ${enabled}, connection: ${trm_connection:-"-"}, wait: ${wait_time}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}" } # update runtime information # f_jsnup() { - local vpn section last_date last_station sta_iface sta_radio sta_essid sta_bssid sta_mac dev_status last_status status="${trm_ifstatus}" ntp_done="0" vpn_done="0" mail_done="0" + local vpn vpn_iface section last_date last_station sta_iface sta_radio sta_essid sta_bssid sta_mac dev_status last_status status="${trm_ifstatus}" ntp_done="0" vpn_done="0" mail_done="0" if [ "${status}" = "true" ]; then status="connected (${trm_connection:-"-"})" @@ -707,7 +790,6 @@ f_jsnup() { sta_bssid="$(uci_get "wireless" "${section}" "bssid")" sta_mac="$(f_mac "get" "${section}")" f_getcfg "${sta_radio}" "${sta_essid}" "${sta_bssid}" - vpn="$(f_getval "vpn")" fi json_get_var last_date "last_run" json_get_var last_station "station_id" @@ -720,6 +802,11 @@ f_jsnup() { printf "%s" "${last_date}" >"${trm_ntpfile}" fi fi + vpn="$(f_getval "vpn")" + if [ "${trm_vpn}" = "1" ] && [ -n "${trm_vpninfolist}" ] && [ "${vpn}" = "1" ] && [ -f "${trm_vpnfile}" ]; then + vpn_iface="$(f_getval "vpniface")" + vpn_done="1" + fi elif [ "${status}" = "error" ]; then unset trm_connection status="program error" @@ -733,9 +820,6 @@ f_jsnup() { if [ -s "${trm_ntpfile}" ]; then ntp_done="1" fi - if [ "${vpn}" = "1" ] && [ -f "${trm_vpnfile}" ]; then - vpn_done="1" - fi if [ "${trm_mail}" = "1" ] && [ -f "${trm_mailfile}" ]; then mail_done="1" fi @@ -743,7 +827,7 @@ f_jsnup() { json_add_string "travelmate_version" "${trm_ver}" json_add_string "station_id" "${sta_radio:-"-"}/${sta_essid:-"-"}/${sta_bssid:-"-"}" json_add_string "station_mac" "${sta_mac:-"-"}" - json_add_string "station_interface" "${sta_iface:-"-"}" + json_add_string "station_interfaces" "${sta_iface:-"-"}, ${vpn_iface:-"-"}" json_add_string "wpa_flags" "${trm_wpaflags:-"-"}" json_add_string "run_flags" "captive: $(f_char ${trm_captive}), proactive: $(f_char ${trm_proactive}), netcheck: $(f_char ${trm_netcheck}), autoadd: $(f_char ${trm_autoadd}), randomize: $(f_char ${trm_randomize})" json_add_string "ext_hooks" "ntp: $(f_char ${ntp_done}), vpn: $(f_char ${vpn_done}), mail: $(f_char ${mail_done})" @@ -752,12 +836,12 @@ f_jsnup() { json_dump >"${trm_rtfile}" if [ "${status%% (net ok/*}" = "connected" ] && [ "${trm_mail}" = "1" ] && [ -x "${trm_mailpgm}" ] && [ "${ntp_done}" = "1" ] && [ "${mail_done}" = "0" ]; then - if [ "${vpn}" != "1" ] || [ "${vpn_done}" = "1" ]; then + if [ "${trm_vpn}" != "1" ] || [ "${vpn}" != "1" ] || [ -z "${trm_vpninfolist}" ] || [ "${vpn_done}" = "1" ]; then : >"${trm_mailfile}" "${trm_mailpgm}" >/dev/null 2>&1 fi fi - f_log "debug" "f_jsnup ::: section: ${section:-"-"}, status: ${status:-"-"}, sta_iface: ${sta_iface:-"-"}, sta_radio: ${sta_radio:-"-"}, sta_essid: ${sta_essid:-"-"}, sta_bssid: ${sta_bssid:-"-"}, ntp: ${ntp_done}, vpn: ${vpn:-"0"}/${vpn_done}, mail: ${trm_mail}/${mail_done}" + f_log "debug" "f_jsnup ::: section: ${section:-"-"}, status: ${status:-"-"}, sta_iface: ${sta_iface:-"-"}, sta_radio: ${sta_radio:-"-"}, sta_essid: ${sta_essid:-"-"}, sta_bssid: ${sta_bssid:-"-"}, ntp: ${ntp_done}, vpn: ${vpn:-"0"}/${vpn_done}, mail: ${trm_mail}/${mail_done}" } # write to syslog @@ -787,7 +871,7 @@ f_main() { local station_id section sta sta_essid sta_bssid sta_radio sta_mac config_essid config_bssid config_radio f_check "initial" "false" - f_log "debug" "f_main-1 ::: status: ${trm_ifstatus}, proactive: ${trm_proactive}" + f_log "debug" "f_main-1 ::: status: ${trm_ifstatus}, proactive: ${trm_proactive}" if [ "${trm_ifstatus}" != "true" ] || [ "${trm_proactive}" = "1" ]; then config_load wireless config_foreach f_setif wifi-iface "${trm_proactive}" @@ -799,12 +883,12 @@ f_main() { config_bssid="${station_id##*/}" config_bssid="${config_bssid//-/}" f_check "dev" "true" - f_log "debug" "f_main-2 ::: config_radio: ${config_radio}, config_essid: \"${config_essid}\", config_bssid: ${config_bssid:-"-"}" + f_log "debug" "f_main-2 ::: config_radio: ${config_radio}, config_essid: \"${config_essid}\", config_bssid: ${config_bssid:-"-"}" else uci_commit "wireless" f_check "dev" "false" fi - f_log "debug" "f_main-3 ::: radio_list: ${trm_radiolist:-"-"}, sta_list: ${trm_stalist:-"-"}" + f_log "debug" "f_main-3 ::: radio_list: ${trm_radiolist:-"-"}, sta_list: ${trm_stalist:-"-"}" # radio loop # @@ -834,10 +918,10 @@ f_main() { [ "${sta_essid}" = "${config_essid}" ] && [ "${sta_bssid}" = "${config_bssid}" ]; then f_ctrack "refresh" f_vpn "enable_keep" - f_log "debug" "f_main-4 ::: config_radio: ${config_radio}, config_essid: ${config_essid}, config_bssid: ${config_bssid:-"-"}" + f_log "debug" "f_main-4 ::: config_radio: ${config_radio}, config_essid: ${config_essid}, config_bssid: ${config_bssid:-"-"}" return 0 fi - f_log "debug" "f_main-5 ::: sta_radio: ${sta_radio}, sta_essid: \"${sta_essid}\", sta_bssid: ${sta_bssid:-"-"}" + f_log "debug" "f_main-5 ::: sta_radio: ${sta_radio}, sta_essid: \"${sta_essid}\", sta_bssid: ${sta_bssid:-"-"}" fi if [ -z "${scan_list}" ]; then scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e "@.${radio}.interfaces[0].ifname")" @@ -845,7 +929,7 @@ f_main() { awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2="";for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}} /Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"}; printf "%i %s %s %s\n",(var0[1]*100/var0[2]),var3,var1,var2}' | sort -rn | head -qn "${trm_maxscan}")" - f_log "debug" "f_main-6 ::: radio: ${radio}, scan_device: ${scan_dev}, scan_max: ${trm_maxscan}" + f_log "debug" "f_main-6 ::: radio: ${radio}, scan_device: ${scan_dev}, scan_max: ${trm_maxscan}" if [ -z "${scan_list}" ]; then f_log "info" "no scan results on '${radio}'" continue 2 @@ -856,7 +940,7 @@ f_main() { # while read -r scan_quality scan_open scan_bssid scan_essid; do if [ -n "${scan_quality}" ] && [ -n "${scan_open}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ]; then - f_log "debug" "f_main-7 ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}" + f_log "debug" "f_main-7 ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}" if [ "${scan_quality}" -ge "${trm_minquality}" ]; then if { { [ "${scan_essid}" = "\"${sta_essid}\"" ] && { [ -z "${sta_bssid}" ] || [ "${scan_bssid}" = "${sta_bssid}" ]; }; } || { [ "${scan_bssid}" = "${sta_bssid}" ] && [ "${scan_essid}" = "unknown" ]; }; } && [ "${radio}" = "${sta_radio}" ]; then diff --git a/net/travelmate/files/travelmate.vpn b/net/travelmate/files/travelmate.vpn index 230f5899e..ed8bd30b2 100755 --- a/net/travelmate/files/travelmate.vpn +++ b/net/travelmate/files/travelmate.vpn @@ -12,12 +12,12 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail vpn="${1}" vpn_action="${2}" vpn_service="${3}" vpn_iface="${4}" +vpn_instance="${5}" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")" trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" @@ -35,40 +35,44 @@ f_net() { printf "%s" "${result}" } -vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')" -if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ]; then - if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then - /etc/init.d/openvpn start - fi - ifup "${vpn_iface}" - cnt=0 - while true; do +if [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ]; then + if [ "${vpn_action}" = "enable_keep" ]; then vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')" - if [ "${vpn_status}" = "true" ]; then - net_status="$(f_net)" - if [ "${net_status}" = "net ok" ]; then - : >"${trm_vpnfile}" - "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection enabled" 2>/dev/null - break - fi + fi + if [ "${vpn_action}" = "enable" ] || [ "${vpn_status}" != "true" ]; then + if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && ! /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn start "${vpn_instance}" fi - if [ "${cnt}" -ge "$((trm_maxwait / 3))" ]; then - ifdown "${vpn_iface}" - if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then - /etc/init.d/openvpn stop + ifup "${vpn_iface}" + cnt=0 + while true; do + vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')" + if [ "${vpn_status}" = "true" ]; then + net_status="$(f_net)" + if [ "${net_status}" = "net ok" ]; then + : >"${trm_vpnfile}" + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection enabled '${vpn_iface}/${vpn_instance:-"-"}'" 2>/dev/null + break + fi fi - rm -f "${trm_vpnfile}" - "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection can't be established" 2>/dev/null - exit 1 - fi - sleep 1 - cnt="$((cnt + 1))" - done -elif { [ "${vpn}" != "1" ] && [ "${vpn_action}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then + if [ "${cnt}" -ge "$((trm_maxwait / 3))" ]; then + ifdown "${vpn_iface}" + if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" + fi + rm -f "${trm_vpnfile}" + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection can't be established '${vpn_iface}/${vpn_instance:-"-"}'" 2>/dev/null + return 1 + fi + sleep 1 + cnt="$((cnt + 1))" + done + fi +elif { [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then ifdown "${vpn_iface}" - if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then - /etc/init.d/openvpn stop + if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" fi rm -f "${trm_vpnfile}" - "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled '${vpn_iface}/${vpn_instance:-"-"}'" 2>/dev/null fi diff --git a/net/travelmate/files/travelmate_ntp.hotplug b/net/travelmate/files/travelmate_ntp.hotplug index 6a9be8219..c27bea73d 100755 --- a/net/travelmate/files/travelmate_ntp.hotplug +++ b/net/travelmate/files/travelmate_ntp.hotplug @@ -1,6 +1,6 @@ #!/bin/sh # ntp hotplug script for travelmate -# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions diff --git a/net/travelmate/files/vodafone.login b/net/travelmate/files/vodafone.login index cf92c8e42..072c71a48 100755 --- a/net/travelmate/files/vodafone.login +++ b/net/travelmate/files/vodafone.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script for vodafone hotspots (DE) -# Copyright (c) 2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2021-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -10,7 +10,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail username="${1}" password="${2}" diff --git a/net/travelmate/files/wifibahn.login b/net/travelmate/files/wifibahn.login index fe31894ce..a2ce8f30c 100755 --- a/net/travelmate/files/wifibahn.login +++ b/net/travelmate/files/wifibahn.login @@ -1,6 +1,6 @@ #!/bin/sh # captive portal auto-login script for bahn hotspots (DE) -# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions @@ -10,7 +10,6 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -set -o pipefail trm_domain="wifi.bahn.de" trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")"