Browse Source

mwan3: Update to version 1.5-1

Add iptables -w option, which increases stability, requires iptables v1.4.20.
Code cleanup

Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
lilik-openwrt-22.03
Adze1502 11 years ago
parent
commit
869e4539f6
4 changed files with 131 additions and 131 deletions
  1. +5
    -3
      net/mwan3/Makefile
  2. +93
    -93
      net/mwan3/files/etc/hotplug.d/iface/15-mwan3
  3. +0
    -1
      net/mwan3/files/etc/init.d/mwan3
  4. +33
    -34
      net/mwan3/files/usr/sbin/mwan3

+ 5
- 3
net/mwan3/Makefile View File

@ -8,8 +8,8 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=mwan3 PKG_NAME:=mwan3
PKG_VERSION:=1.4
PKG_RELEASE:=22
PKG_VERSION:=1.5
PKG_RELEASE:=1
PKG_MAINTAINER:=Jeroen Louwes <jeroen.louwes@gmail.com> PKG_MAINTAINER:=Jeroen Louwes <jeroen.louwes@gmail.com>
PKG_LICENSE:=GPLv2 PKG_LICENSE:=GPLv2
@ -26,7 +26,9 @@ define Package/mwan3
endef endef
define Package/mwan3/description define Package/mwan3/description
Hotplug script which makes configuration of multiple WAN interfaces simple and manageable. With loadbalancing/failover support for up to 250 wan interfaces, connection tracking and an easy to manage traffic ruleset.
Hotplug script which makes configuration of multiple WAN interfaces simple
and manageable. With loadbalancing/failover support for up to 250 wan
interfaces, connection tracking and an easy to manage traffic ruleset.
endef endef
define Package/mwan3/conffiles define Package/mwan3/conffiles


+ 93
- 93
net/mwan3/files/etc/hotplug.d/iface/15-mwan3 View File

@ -6,68 +6,61 @@ mwan3_get_iface_id()
[ "$1" == "$INTERFACE" ] && iface_id=$iface_count [ "$1" == "$INTERFACE" ] && iface_id=$iface_count
} }
mwan3_get_route_args()
{
route_args=$(ip -4 route list dev $DEVICE default | head -1 | sed '/.*via \([^ ]*\) .*$/!d;s//\1/;q' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
[ -n "$route_args" ] && route_args="via $route_args"
route_args="nexthop $route_args dev $DEVICE"
}
mwan3_set_general_iptables() mwan3_set_general_iptables()
{ {
if ! iptables -S mwan3_ifaces -t mangle &> /dev/null; then
iptables -N mwan3_ifaces -t mangle
if ! $IPT -S mwan3_ifaces &> /dev/null; then
$IPT -N mwan3_ifaces
fi fi
if ! iptables -S mwan3_rules -t mangle &> /dev/null; then
iptables -N mwan3_rules -t mangle
if ! $IPT -S mwan3_rules &> /dev/null; then
$IPT -N mwan3_rules
fi fi
if ! iptables -S mwan3_connected -t mangle &> /dev/null; then
iptables -N mwan3_connected -t mangle
if ! $IPT -S mwan3_connected &> /dev/null; then
$IPT -N mwan3_connected
fi fi
if ! iptables -S mwan3_hook -t mangle &> /dev/null; then
iptables -N mwan3_hook -t mangle
iptables -A mwan3_hook -t mangle -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00
iptables -A mwan3_hook -t mangle -m mark --mark 0x0/0xff00 -j mwan3_ifaces
iptables -A mwan3_hook -t mangle -m mark --mark 0x0/0xff00 -j mwan3_connected
iptables -A mwan3_hook -t mangle -m mark --mark 0x0/0xff00 -j mwan3_rules
iptables -A mwan3_hook -t mangle -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00
if ! $IPT -S mwan3_hook &> /dev/null; then
$IPT -N mwan3_hook
$IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00
$IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces
$IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_connected
$IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_rules
$IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00
fi fi
if ! iptables -S mwan3_track_hook -t mangle &> /dev/null; then
iptables -N mwan3_track_hook -t mangle
if ! $IPT -S mwan3_track_hook &> /dev/null; then
$IPT -N mwan3_track_hook
fi fi
if ! iptables -S PREROUTING -t mangle | grep mwan3_hook &> /dev/null; then
iptables -A PREROUTING -t mangle -j mwan3_hook
if ! $IPT -S PREROUTING | grep mwan3_hook &> /dev/null; then
$IPT -A PREROUTING -j mwan3_hook
fi fi
if ! iptables -S OUTPUT -t mangle | grep mwan3_hook &> /dev/null; then
iptables -A OUTPUT -t mangle -j mwan3_hook
if ! $IPT -S OUTPUT | grep mwan3_hook &> /dev/null; then
$IPT -A OUTPUT -j mwan3_hook
fi fi
if ! iptables -S OUTPUT -t mangle | grep mwan3_track_hook &> /dev/null; then
iptables -A OUTPUT -t mangle -j mwan3_track_hook
if ! $IPT -S OUTPUT | grep mwan3_track_hook &> /dev/null; then
$IPT -A OUTPUT -j mwan3_track_hook
fi fi
iptables -F mwan3_rules -t mangle
$IPT -F mwan3_rules
} }
mwan3_set_connected_iptables() mwan3_set_connected_iptables()
{ {
local connected_networks local connected_networks
if iptables -S mwan3_connected -t mangle &> /dev/null; then
iptables -F mwan3_connected -t mangle
if $IPT -S mwan3_connected &> /dev/null; then
$IPT -F mwan3_connected
for connected_networks in $(ip -4 route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
iptables -A mwan3_connected -t mangle -d $connected_networks -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
for connected_networks in $($IP route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
$IPT -A mwan3_connected -d $connected_networks -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
done done
iptables -I mwan3_connected -t mangle -d 224.0.0.0/3 -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
iptables -I mwan3_connected -t mangle -d 127.0.0.0/8 -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
$IPT -I mwan3_connected -d 224.0.0.0/3 -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
$IPT -I mwan3_connected -d 127.0.0.0/8 -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
fi fi
} }
@ -75,56 +68,56 @@ mwan3_set_iface_iptables()
{ {
local local_net local_nets local local_net local_nets
local_net=$(ip -4 route list dev $DEVICE scope link | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
local_net=$($IP route list dev $DEVICE scope link | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
if ! iptables -S mwan3_iface_$INTERFACE -t mangle &> /dev/null; then
iptables -N mwan3_iface_$INTERFACE -t mangle
if ! $IPT -S mwan3_iface_$INTERFACE &> /dev/null; then
$IPT -N mwan3_iface_$INTERFACE
fi fi
iptables -F mwan3_iface_$INTERFACE -t mangle
iptables -D mwan3_ifaces -t mangle -i $DEVICE -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE &> /dev/null
$IPT -F mwan3_iface_$INTERFACE
$IPT -D mwan3_ifaces -i $DEVICE -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE &> /dev/null
if [ $ACTION == "ifup" ]; then if [ $ACTION == "ifup" ]; then
if [ -n "$local_net" ]; then if [ -n "$local_net" ]; then
for local_nets in $local_net ; do for local_nets in $local_net ; do
if [ $ACTION == "ifup" ]; then if [ $ACTION == "ifup" ]; then
iptables -I mwan3_iface_$INTERFACE -t mangle -s $local_net -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark 0xff00/0xff00
$IPT -I mwan3_iface_$INTERFACE -s $local_net -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark 0xff00/0xff00
fi fi
done done
fi fi
iptables -A mwan3_iface_$INTERFACE -t mangle -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark $(($iface_id*256))/0xff00
iptables -A mwan3_ifaces -t mangle -i $DEVICE -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE
$IPT -A mwan3_iface_$INTERFACE -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark $(($iface_id*256))/0xff00
$IPT -A mwan3_ifaces -i $DEVICE -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE
fi fi
if [ $ACTION == "ifdown" ]; then if [ $ACTION == "ifdown" ]; then
iptables -X mwan3_iface_$INTERFACE -t mangle
$IPT -X mwan3_iface_$INTERFACE
fi fi
} }
mwan3_set_iface_route() mwan3_set_iface_route()
{ {
ip -4 route flush table $iface_id
[ $ACTION == "ifup" ] && ip -4 route add table $iface_id default $route_args
$IP route flush table $iface_id
[ $ACTION == "ifup" ] && $IP route add table $iface_id default $route_args
} }
mwan3_set_iface_rules() mwan3_set_iface_rules()
{ {
while [ -n "$(ip -4 rule list | awk '$1 == "'$(($iface_id+1000)):'"')" ]; do
ip -4 rule del pref $(($iface_id+1000))
while [ -n "$($IP rule list | awk '$1 == "'$(($iface_id+1000)):'"')" ]; do
$IP rule del pref $(($iface_id+1000))
done done
while [ -n "$(ip -4 rule list | awk '$1 == "'$(($iface_id+2000)):'"')" ]; do
ip -4 rule del pref $(($iface_id+2000))
while [ -n "$($IP rule list | awk '$1 == "'$(($iface_id+2000)):'"')" ]; do
$IP rule del pref $(($iface_id+2000))
done done
while [ -n "$(ip -4 rule list | awk '$1 == "2254:"')" ]; do
ip -4 rule del pref 2254
while [ -n "$($IP rule list | awk '$1 == "2254:"')" ]; do
$IP rule del pref 2254
done done
[ $ACTION == "ifup" ] && ip -4 rule add pref $(($iface_id+1000)) iif $DEVICE lookup main
[ $ACTION == "ifup" ] && ip -4 rule add pref $(($iface_id+2000)) fwmark $(($iface_id*256))/0xff00 lookup $iface_id
ip rule add pref 2254 fwmark 0xfe00/0xff00 unreachable
[ $ACTION == "ifup" ] && $IP rule add pref $(($iface_id+1000)) iif $DEVICE lookup main
[ $ACTION == "ifup" ] && $IP rule add pref $(($iface_id+2000)) fwmark $(($iface_id*256))/0xff00 lookup $iface_id
$IP rule add pref 2254 fwmark 0xfe00/0xff00 unreachable
} }
mwan3_track() mwan3_track()
@ -145,28 +138,28 @@ mwan3_track()
config_get down $INTERFACE down 5 config_get down $INTERFACE down 5
config_get up $INTERFACE up 5 config_get up $INTERFACE up 5
if ! iptables -S mwan3_track_$INTERFACE -t mangle &> /dev/null; then
iptables -N mwan3_track_$INTERFACE -t mangle
iptables -A mwan3_track_hook -t mangle -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE
if ! $IPT -S mwan3_track_$INTERFACE &> /dev/null; then
$IPT -N mwan3_track_$INTERFACE
$IPT -A mwan3_track_hook -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE
fi fi
iptables -F mwan3_track_$INTERFACE -t mangle
$IPT -F mwan3_track_$INTERFACE
for track_ip in $track_ips; do for track_ip in $track_ips; do
iptables -A mwan3_track_$INTERFACE -t mangle -d $track_ip -j MARK --set-xmark 0xff00/0xff00
$IPT -A mwan3_track_$INTERFACE -d $track_ip -j MARK --set-xmark 0xff00/0xff00
done done
[ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $INTERFACE $DEVICE $reliability $count $timeout $interval $down $up $track_ips & [ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $INTERFACE $DEVICE $reliability $count $timeout $interval $down $up $track_ips &
else else
iptables -D mwan3_track_hook -t mangle -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE &> /dev/null
iptables -F mwan3_track_$INTERFACE -t mangle &> /dev/null
iptables -X mwan3_track_$INTERFACE -t mangle &> /dev/null
$IPT -D mwan3_track_hook -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE &> /dev/null
$IPT -F mwan3_track_$INTERFACE &> /dev/null
$IPT -X mwan3_track_$INTERFACE &> /dev/null
fi fi
} }
mwan3_set_policy() mwan3_set_policy()
{ {
local iface_count iface_id metric probability weight
local iface_count iface_id INTERFACE metric probability weight
config_get INTERFACE $1 interface config_get INTERFACE $1 interface
config_get metric $1 metric 1 config_get metric $1 metric 1
@ -178,12 +171,12 @@ mwan3_set_policy()
[ -n "$iface_id" ] || return 0 [ -n "$iface_id" ] || return 0
if iptables -S mwan3_iface_$INTERFACE -t mangle &> /dev/null; then
if $IPT -S mwan3_iface_$INTERFACE &> /dev/null; then
if [ "$metric" -lt "$lowest_metric" ]; then if [ "$metric" -lt "$lowest_metric" ]; then
total_weight=$weight total_weight=$weight
iptables -F mwan3_policy_$policy -t mangle
iptables -A mwan3_policy_$policy -t mangle -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE $weight $weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
$IPT -F mwan3_policy_$policy
$IPT -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE $weight $weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
lowest_metric=$metric lowest_metric=$metric
@ -204,7 +197,7 @@ mwan3_set_policy()
probability="-m statistic --mode random --probability $probability" probability="-m statistic --mode random --probability $probability"
iptables -I mwan3_policy_$policy -t mangle -m mark --mark 0x0/0xff00 $probability -m comment --comment "$INTERFACE $weight $total_weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
$IPT -I mwan3_policy_$policy -m mark --mark 0x0/0xff00 $probability -m comment --comment "$INTERFACE $weight $total_weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
fi fi
fi fi
} }
@ -216,22 +209,22 @@ mwan3_set_policies_iptables()
policy=$1 policy=$1
if [ "$policy" != $(echo "$policy" | cut -c1-15) ]; then if [ "$policy" != $(echo "$policy" | cut -c1-15) ]; then
logger -t mwan3 -p warn "Policy $policy exceeds max of 15 chars. Not setting policy" && return 0
$LOG warn "Policy $policy exceeds max of 15 chars. Not setting policy" && return 0
fi fi
if ! iptables -S mwan3_policy_$policy -t mangle &> /dev/null; then
iptables -N mwan3_policy_$policy -t mangle
if ! $IPT -S mwan3_policy_$policy &> /dev/null; then
$IPT -N mwan3_policy_$policy
fi fi
iptables -F mwan3_policy_$policy -t mangle
iptables -A mwan3_policy_$policy -t mangle -m mark --mark 0x0/0xff00 -m comment --comment "unreachable" -j MARK --set-xmark 0xfe00/0xff00
$IPT -F mwan3_policy_$policy
$IPT -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "unreachable" -j MARK --set-xmark 0xfe00/0xff00
lowest_metric=256 lowest_metric=256
total_weight=0 total_weight=0
config_list_foreach $policy use_member mwan3_set_policy config_list_foreach $policy use_member mwan3_set_policy
iptables -X $policy -t mangle &> /dev/null
$IPT -X $policy &> /dev/null
} }
mwan3_set_user_rules_iptables() mwan3_set_user_rules_iptables()
@ -256,10 +249,10 @@ mwan3_set_user_rules_iptables()
case $proto in case $proto in
tcp|udp) tcp|udp)
iptables -A mwan3_rules -t mangle -p $proto -s $src_ip -d $dest_ip -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
$IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
;; ;;
*) *)
iptables -A mwan3_rules -t mangle -p $proto -s $src_ip -d $dest_ip -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
$IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
;; ;;
esac esac
fi fi
@ -269,45 +262,41 @@ mwan3_ifupdown()
{ {
local counter enabled iface_count iface_id route_args wan_metric local counter enabled iface_count iface_id route_args wan_metric
[ -n "$DEVICE" ] || exit 0
[ -n "$INTERFACE" ] || exit 0
[ "$(uci get -P /var/state mwan3.$INTERFACE 2> /dev/null)" == "interface" ] || return 0
config_load mwan3 config_load mwan3
config_foreach mwan3_get_iface_id interface
[ -n "$iface_id" ] || return 0
[ "$iface_count" -le 250 ] || return 0
unset iface_count
config_get enabled $INTERFACE enabled 0 config_get enabled $INTERFACE enabled 0
counter=0 counter=0
if [ $ACTION == "ifup" ]; then if [ $ACTION == "ifup" ]; then
[ "$enabled" -eq 1 ] || exit 0
[ "$enabled" -eq 1 ] || return 0
while [ -z "$(ip -4 route list dev $DEVICE default | head -1)" -a "$counter" -lt 10 ]; do
while [ -z "$($IP route list dev $DEVICE default | head -1)" -a "$counter" -lt 10 ]; do
sleep 1 sleep 1
let counter++ let counter++
if [ "$counter" -ge 10 ]; then if [ "$counter" -ge 10 ]; then
logger -t mwan3 -p warn "Could not find gateway for interface $INTERFACE ($DEVICE)" && exit 0
$LOG warn "Could not find gateway for interface $INTERFACE ($DEVICE)" && return 0
fi fi
done done
mwan3_get_route_args
route_args=$($IP route list dev $DEVICE default | head -1 | sed '/.*via \([^ ]*\) .*$/!d;s//via \1/;q' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
route_args="nexthop $route_args dev $DEVICE"
fi fi
while [ "$(pgrep -f -o hotplug-call)" -ne $$ -a "$counter" -lt 60 ]; do while [ "$(pgrep -f -o hotplug-call)" -ne $$ -a "$counter" -lt 60 ]; do
sleep 1 sleep 1
let counter++ let counter++
if [ "$counter" -ge 60 ]; then if [ "$counter" -ge 60 ]; then
logger -t mwan3 -p warn "Timeout waiting for older hotplug processes to finish. $ACTION interface $INTERFACE ($DEVICE) aborted" && exit 0
$LOG warn "Timeout waiting for older hotplug processes to finish. $ACTION interface $INTERFACE ($DEVICE) aborted" && return 0
fi fi
done done
config_foreach mwan3_get_iface_id interface
[ -n "$iface_id" ] || exit 0
[ "$iface_count" -le 250 ] || exit 0
unset iface_count
unset counter
logger -t mwan3 -p notice "$ACTION interface $INTERFACE ($DEVICE)"
$LOG notice "$ACTION interface $INTERFACE ($DEVICE)"
mwan3_set_general_iptables mwan3_set_general_iptables
mwan3_set_iface_iptables mwan3_set_iface_iptables
@ -320,9 +309,20 @@ mwan3_ifupdown()
config_foreach mwan3_set_user_rules_iptables rule config_foreach mwan3_set_user_rules_iptables rule
} }
[ -n "$DEVICE" ] || exit 0
[ -n "$INTERFACE" ] || exit 0
local IP IPT LOG
IP="/usr/sbin/ip -4"
IPT="/usr/sbin/iptables -t mangle -w"
LOG="/usr/bin/logger -t mwan3 -p"
case "$ACTION" in case "$ACTION" in
ifup|ifdown) ifup|ifdown)
mwan3_ifupdown mwan3_ifupdown
mwan3_set_connected_iptables mwan3_set_connected_iptables
;; ;;
esac esac
exit 0

+ 0
- 1
net/mwan3/files/etc/init.d/mwan3 View File

@ -15,6 +15,5 @@ restart() {
} }
boot() { boot() {
# Don't start on boot, mwan3 is started by hotplug event.
return 0 return 0
} }

+ 33
- 34
net/mwan3/files/usr/sbin/mwan3 View File

@ -16,10 +16,13 @@ EOF
EXTRA_COMMANDS="ifdown ifup interfaces policies rules status" EXTRA_COMMANDS="ifdown ifup interfaces policies rules status"
EXTRA_HELP="$(extra_help)" EXTRA_HELP="$(extra_help)"
IP="/usr/sbin/ip -4"
IPT="/usr/sbin/iptables -t mangle -w"
ifdown() ifdown()
{ {
local device
if [ -z "$1" ]; then if [ -z "$1" ]; then
echo "Error: Expecting interface. Usage: mwan3 ifdown <interface>" && exit 0 echo "Error: Expecting interface. Usage: mwan3 ifdown <interface>" && exit 0
fi fi
@ -28,8 +31,6 @@ ifdown()
echo "Error: Too many arguments. Usage: mwan3 ifdown <interface>" && exit 0 echo "Error: Too many arguments. Usage: mwan3 ifdown <interface>" && exit 0
fi fi
local device
device=$(uci get -p /var/state network.$1.ifname) &> /dev/null device=$(uci get -p /var/state network.$1.ifname) &> /dev/null
if [ -e /var/run/mwan3track-$1.pid ] ; then if [ -e /var/run/mwan3track-$1.pid ] ; then
@ -44,6 +45,8 @@ ifdown()
ifup() ifup()
{ {
local device enabled
config_load mwan3 config_load mwan3
if [ -z "$1" ]; then if [ -z "$1" ]; then
@ -53,8 +56,6 @@ ifup()
if [ -n "$2" ]; then if [ -n "$2" ]; then
echo "Too many arguments. Usage: mwan3 ifup <interface>" && exit 0 echo "Too many arguments. Usage: mwan3 ifup <interface>" && exit 0
fi fi
local device enabled
config_get enabled "$1" enabled 0 config_get enabled "$1" enabled 0
@ -67,10 +68,10 @@ ifup()
interfaces() interfaces()
{ {
config_load mwan3
local device enabled iface_id tracking local device enabled iface_id tracking
config_load mwan3
echo "Interface status:" echo "Interface status:"
check_iface_status() check_iface_status()
@ -91,13 +92,13 @@ interfaces()
tracking="down" tracking="down"
fi fi
if [ -n "$(ip rule | awk '$5 == ("'$device'")')" -a -n "$(iptables -S mwan3_iface_$1 -t mangle 2> /dev/null)" -a -n "$(ip -4 route list table $iface_id default dev $device 2> /dev/null)" ]; then
if [ -n "$($IP rule | awk '$5 == ("'$device'")')" -a -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" -a -n "$($IP route list table $iface_id default dev $device 2> /dev/null)" ]; then
if [ -n "$(uci get -p /var/state mwan3.$1.track_ip 2> /dev/null)" ]; then if [ -n "$(uci get -p /var/state mwan3.$1.track_ip 2> /dev/null)" ]; then
echo "Interface $1 is online (tracking $tracking)" echo "Interface $1 is online (tracking $tracking)"
else else
echo "Interface $1 is online" echo "Interface $1 is online"
fi fi
elif [ -n "$(ip rule | awk '$5 == ("'$device'")')" -o -n "$(iptables -S mwan3_iface_$1 -t mangle 2> /dev/null)" -o -n "$(ip -4 route list table $iface_id default dev $device 2> /dev/null)" ]; then
elif [ -n "$($IP rule | awk '$5 == ("'$device'")')" -o -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" -o -n "$($IP route list table $iface_id default dev $device 2> /dev/null)" ]; then
echo "Interface $1 error" echo "Interface $1 error"
else else
if [ "$enabled" -eq 1 ]; then if [ "$enabled" -eq 1 ]; then
@ -119,21 +120,21 @@ policies()
{ {
local percent policy share total_weight weight iface local percent policy share total_weight weight iface
for policy in $(iptables -S -t mangle | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
for policy in $($IPT -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
echo "Policy $policy:" | sed 's/mwan3_policy_//g' echo "Policy $policy:" | sed 's/mwan3_policy_//g'
for iface in $(iptables -S $policy -t mangle | cut -s -d'"' -f2 | awk '{print $1}'); do
[ -n "$total_weight" ] || total_weight=$(iptables -S $policy -t mangle | grep "$iface " | cut -s -d'"' -f2 | awk '{print $3}')
for iface in $($IPT -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
[ -n "$total_weight" ] || total_weight=$($IPT -S $policy | grep "$iface " | cut -s -d'"' -f2 | awk '{print $3}')
done done
if [ ! -z "${total_weight##*[!0-9]*}" ]; then if [ ! -z "${total_weight##*[!0-9]*}" ]; then
for iface in $(iptables -S $policy -t mangle | cut -s -d'"' -f2 | awk '{print $1}'); do
weight=$(iptables -S $policy -t mangle | grep "$iface " | cut -s -d'"' -f2 | awk '{print $2}')
for iface in $($IPT -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
weight=$($IPT -S $policy | grep "$iface " | cut -s -d'"' -f2 | awk '{print $2}')
percent=$(($weight*100/$total_weight)) percent=$(($weight*100/$total_weight))
echo " $iface ($percent%)" echo " $iface ($percent%)"
done done
else else
echo " $(iptables -S $policy -t mangle | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
echo " $($IPT -S $policy | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
fi fi
echo -e echo -e
@ -144,19 +145,17 @@ policies()
} }
rules() rules()
{ {
if [ -n "$(iptables -S mwan3_connected -t mangle 2> /dev/null)" ]; then
if [ -n "$($IPT -S mwan3_connected 2> /dev/null)" ]; then
echo "Known networks:" echo "Known networks:"
echo "destination policy hits" | awk '{ printf "%-19s%-19s%-9s%s\n",$1,$2,$3}'
echo "------------------------------------------------"
iptables -L mwan3_connected -t mangle -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//g' | awk '{printf "%-19s%-19s%-9s%s\n",$9,"default",$1}'
echo "destination policy hits" | awk '{ printf "%-19s%-19s%-9s%s\n",$1,$2,$3}' | awk '1; {gsub(".","-")}1'
$IPT -L mwan3_connected -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//g' | awk '{printf "%-19s%-19s%-9s%s\n",$9,"default",$1}'
echo -e echo -e
fi fi
if [ -n "$(iptables -S mwan3_rules -t mangle 2> /dev/null)" ]; then
if [ -n "$($IPT -S mwan3_rules 2> /dev/null)" ]; then
echo "Active rules:" echo "Active rules:"
echo "source destination proto src-port dest-port policy hits" | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$1,$2,$3,$4,$5,$6,$7}'
echo "---------------------------------------------------------------------------------------------------"
iptables -L mwan3_rules -t mangle -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//g' | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$8,$9,$4,$12,$15,$3,$1}'
echo "source destination proto src-port dest-port policy hits" | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$1,$2,$3,$4,$5,$6,$7}' | awk '1; {gsub(".","-")}1'
$IPT -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//g' | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$8,$9,$4,$12,$15,$3,$1}'
echo -e echo -e
fi fi
} }
@ -181,24 +180,24 @@ stop()
killall mwan3track &> /dev/null killall mwan3track &> /dev/null
rm /var/run/mwan3track-* &> /dev/null rm /var/run/mwan3track-* &> /dev/null
for route in $(ip route list table all | sed 's/.*table \([^ ]*\) .*/\1/' | awk '{print $1}' | awk '{for(i=1;i<=NF;i++) if($i+0>0) if($i+0<255) {print;break}}'); do
ip -4 route flush table $route &> /dev/null
for route in $($IP route list table all | sed 's/.*table \([^ ]*\) .*/\1/' | awk '{print $1}' | awk '{for(i=1;i<=NF;i++) if($i+0>0) if($i+0<255) {print;break}}'); do
$IP route flush table $route &> /dev/null
done done
for rule in $(ip -4 rule list | egrep '^[1-2][0-9]{3}\:' | cut -d ':' -f 1); do
ip -4 rule del pref $rule &> /dev/null
for rule in $($IP rule list | egrep '^[1-2][0-9]{3}\:' | cut -d ':' -f 1); do
$IP rule del pref $rule &> /dev/null
done done
iptables -D PREROUTING -t mangle -j mwan3_hook &> /dev/null
iptables -D OUTPUT -t mangle -j mwan3_hook &> /dev/null
iptables -D OUTPUT -t mangle -j mwan3_track_hook &> /dev/null
$IPT -D PREROUTING -j mwan3_hook &> /dev/null
$IPT -D OUTPUT -j mwan3_hook &> /dev/null
$IPT -D OUTPUT -j mwan3_track_hook &> /dev/null
for table in $(iptables -S -t mangle | awk '{print $2}' | grep mwan3 | sort -u); do
iptables -F $table -t mangle &> /dev/null
for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do
$IPT -F $table &> /dev/null
done done
for table in $(iptables -S -t mangle | awk '{print $2}' | grep mwan3 | sort -u); do
iptables -X $table -t mangle &> /dev/null
for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do
$IPT -X $table &> /dev/null
done done
} }


Loading…
Cancel
Save