@ -50,7 +50,9 @@ $*";
mwan3_update_dev_to_table( )
{
local _tid
# shellcheck disable=SC2034
mwan3_dev_tbl_ipv4 = " "
# shellcheck disable=SC2034
mwan3_dev_tbl_ipv6 = " "
update_table( )
@ -99,7 +101,7 @@ mwan3_route_line_dev()
{
# must have mwan3 config already loaded
# arg 1 is route device
local _tid route_line route_device route_family entry curr_table
local _tid route_line route_device route_family entry curr_table
route_line = $2
route_family = $3
route_device = $( echo " $route_line " | sed -ne "s/.*dev \([^ ]*\).*/\1/p" )
@ -170,7 +172,7 @@ mwan3_init()
bitcnt = $( mwan3_count_one_bits MMX_MASK)
mmdefault = $(( ( 1 <<bitcnt) - 1 ))
MWAN3_INTERFACE_MAX = $(( $ mmdefault- 3 ))
MWAN3_INTERFACE_MAX = $(( mmdefault-3))
uci_toggle_state mwan3 globals iface_max " $MWAN3_INTERFACE_MAX "
LOG debug " Max interface count is ${ MWAN3_INTERFACE_MAX } "
fi
@ -178,8 +180,8 @@ mwan3_init()
# mark mask constants
bitcnt = $( mwan3_count_one_bits MMX_MASK)
mmdefault = $(( ( 1 <<bitcnt) - 1 ))
MM_BLACKHOLE = $(( $ mmdefault- 2 ))
MM_UNREACHABLE = $(( $ mmdefault- 1 ))
MM_BLACKHOLE = $(( mmdefault-2))
MM_UNREACHABLE = $(( mmdefault-1))
# MMX_DEFAULT should equal MMX_MASK
MMX_DEFAULT = $( mwan3_id2mask mmdefault MMX_MASK)
@ -220,14 +222,13 @@ mwan3_get_iface_id()
_tmp = " ${ mwan3_iface_tbl ##* ${ 2 } = } "
_tmp = ${ _tmp %% * }
export " $1 = $_tmp "
new_val = $_tmp
}
mwan3_set_custom_ipset_v4( )
{
local custom_network_v4
for custom_network_v4 in $( $IP4 route list table " $1 " | awk '{print $1}' | e grep '[0-9]{1,3}(\.[0-9]{1,3}){3}' ) ; do
for custom_network_v4 in $( $IP4 route list table " $1 " | awk '{print $1}' | grep -E '[0-9]{1,3}(\.[0-9]{1,3}){3}' ) ; do
LOG notice " Adding network $custom_network_v4 from table $1 to mwan3_custom_v4 ipset "
mwan3_push_update -! add mwan3_custom_v4 " $custom_network_v4 "
done
@ -237,7 +238,7 @@ mwan3_set_custom_ipset_v6()
{
local custom_network_v6
for custom_network_v6 in $( $IP6 route list table " $1 " | awk '{print $1}' | e grep " $IPv6_REGEX " ) ; do
for custom_network_v6 in $( $IP6 route list table " $1 " | awk '{print $1}' | grep -E " $IPv6_REGEX " ) ; do
LOG notice " Adding network $custom_network_v6 from table $1 to mwan3_custom_v6 ipset "
mwan3_push_update -! add mwan3_custom_v6 " $custom_network_v6 "
done
@ -274,7 +275,7 @@ mwan3_set_connected_ipv4()
$IP4 route | awk '{print $1}'
$IP4 route list table 0 | awk '{print $2}'
}
for connected_network_v4 in $( route_lists | e grep " $ipv4regex " ) ; do
for connected_network_v4 in $( route_lists | grep -E " $ipv4regex " ) ; do
if [ -z " ${ connected_network_v4 ##*/* } " ] ; then
cidr_list = " $cidr_list $connected_network_v4 "
else
@ -307,7 +308,7 @@ mwan3_set_connected_iptables()
mwan3_push_update -! create mwan3_connected_v6 hash:net family inet6
mwan3_push_update flush mwan3_connected_v6
for connected_network_v6 in $( $IP6 route | awk '{print $1}' | e grep " $IPv6_REGEX " ) ; do
for connected_network_v6 in $( $IP6 route | awk '{print $1}' | grep -E " $IPv6_REGEX " ) ; do
mwan3_push_update -! add mwan3_connected_v6 " $connected_network_v6 "
done
@ -336,12 +337,12 @@ mwan3_set_general_rules()
for IP in " $IP4 " " $IP6 " ; do
[ " $IP " = " $IP6 " ] && [ $NO_IPV6 -ne 0 ] && continue
RULE_NO = $(( $ MM_BLACKHOLE+ 2000 ))
RULE_NO = $(( MM_BLACKHOLE+2000))
if [ -z " $( $IP rule list | awk -v var = " $RULE_NO : " '$1 == var' ) " ] ; then
$IP rule add pref $RULE_NO fwmark $MMX_BLACKHOLE /$MMX_MASK blackhole
fi
RULE_NO = $(( $ MM_UNREACHABLE+ 2000 ))
RULE_NO = $(( MM_UNREACHABLE+2000))
if [ -z " $( $IP rule list | awk -v var = " $RULE_NO : " '$1 == var' ) " ] ; then
$IP rule add pref $RULE_NO fwmark $MMX_UNREACHABLE /$MMX_MASK unreachable
fi
@ -466,7 +467,7 @@ mwan3_create_iface_iptables()
mwan3_push_update -N mwan3_ifaces_in
fi
if [ -n " ${ current ##*-N mwan3_iface_in_ $1 * } " ] ; then
if [ -n " ${ current ##*-N mwan3_iface_in_ $1 * } " ] ; then
mwan3_push_update -N " mwan3_iface_in_ $1 "
else
mwan3_push_update -F " mwan3_iface_in_ $1 "
@ -475,22 +476,22 @@ mwan3_create_iface_iptables()
mwan3_push_update -A " mwan3_iface_in_ $1 " \
-i " $2 " \
-m set --match-set $connected_name src \
-m mark --mark 0x0/$MMX_MASK \
-m mark --mark " 0x0/$MMX_MASK " \
-m comment --comment "default" \
-j MARK --set-xmark $MMX_DEFAULT /$MMX_MASK
-j MARK --set-xmark " $MMX_DEFAULT /$MMX_MASK "
mwan3_push_update -A " mwan3_iface_in_ $1 " \
-i " $2 " \
-m mark --mark 0x0/$MMX_MASK \
-m mark --mark " 0x0/$MMX_MASK " \
-m comment --comment " $1 " \
-j MARK --set-xmark $( mwan3_id2mask id MMX_MASK) /$MMX_MASK
-j MARK --set-xmark " $( mwan3_id2mask id MMX_MASK) /$MMX_MASK "
if [ -n " ${ current ##*-A mwan3_ifaces_in -m mark --mark 0x0/ $MMX_MASK -j mwan3_iface_in_ ${ 1 } * } " ] ; then
if [ -n " ${ current ##*-A mwan3_ifaces_in -m mark --mark 0x0/ $MMX_MASK -j mwan3_iface_in_ ${ 1 } * } " ] ; then
mwan3_push_update -A mwan3_ifaces_in \
-m mark --mark 0x0/$MMX_MASK \
-j " mwan3_iface_in_ $1 "
LOG debug " create_iface_iptables: mwan3_iface_in_ $1 not in iptables, adding "
LOG debug " create_iface_iptables: mwan3_iface_in_ $1 not in iptables, adding "
else
LOG debug " create_iface_iptables: mwan3_iface_in_ $1 already in iptables, skip "
LOG debug " create_iface_iptables: mwan3_iface_in_ $1 already in iptables, skip "
fi
mwan3_push_update COMMIT
@ -572,7 +573,7 @@ mwan3_add_non_default_iface_route()
fi
mwan3_update_dev_to_table
$IP route list table main | grep -v "^default\|linkdown\|^::/0\|^fe80::/64\|^unreachable" | while read route_line; do
$IP route list table main | grep -v "^default\|linkdown\|^::/0\|^fe80::/64\|^unreachable" | while read -r route_line; do
mwan3_route_line_dev "tid" " $route_line " " $family "
if [ -z " $tid " ] || [ " $tid " = " $id " ] ; then
$IP route add table $id $route_line ||
@ -615,7 +616,7 @@ mwan3_add_all_nondefault_routes()
tid = 0
active_tbls = " "
config_foreach add_active_tbls interface
$IP route list table main | grep -v "^default\|linkdown\|^::/0\|^fe80::/64\|^unreachable" | while read route_line; do
$IP route list table main | grep -v "^default\|linkdown\|^::/0\|^fe80::/64\|^unreachable" | while read -r route_line; do
mwan3_route_line_dev "tid" " $route_line " " $ipv "
if [ -n " $tid " ] ; then
$IP route add table $tid $route_line
@ -660,21 +661,21 @@ mwan3_create_iface_rules()
return
fi
while [ -n " $( $IP rule list | awk '$1 == "' $(( $ id+ 1000 )) :'"' ) " ] ; do
$IP rule del pref $(( $ id+ 1000 ))
while [ -n " $( $IP rule list | awk '$1 == "' $(( id+1000)) :'"' ) " ] ; do
$IP rule del pref $(( id+1000))
done
while [ -n " $( $IP rule list | awk '$1 == "' $(( $ id+ 2000 )) :'"' ) " ] ; do
$IP rule del pref $(( $ id+ 2000 ))
while [ -n " $( $IP rule list | awk '$1 == "' $(( id+2000)) :'"' ) " ] ; do
$IP rule del pref $(( id+2000))
done
$IP rule add pref $(( $ id+ 1000 )) iif " $2 " lookup " $id "
$IP rule add pref $(( $id + 2000 )) fwmark $( mwan3_id2mask id MMX_MASK) /$MMX_MASK lookup " $id "
$IP rule add pref $(( id+1000)) iif " $2 " lookup " $id "
$IP rule add pref $(( id+2000)) fwmark " $( mwan3_id2mask id MMX_MASK) /$MMX_MASK " lookup " $id "
}
mwan3_delete_iface_rules( )
{
local id family
local id family IP
config_get family " $1 " family ipv4
mwan3_get_iface_id id " $1 "
@ -689,12 +690,12 @@ mwan3_delete_iface_rules()
return
fi
while [ -n " $( $IP rule list | awk '$1 == "' $(( $ id+ 1000 )) :'"' ) " ] ; do
$IP rule del pref $(( $ id+ 1000 ))
while [ -n " $( $IP rule list | awk '$1 == "' $(( id+1000)) :'"' ) " ] ; do
$IP rule del pref $(( id+1000))
done
while [ -n " $( $IP rule list | awk '$1 == "' $(( $ id+ 2000 )) :'"' ) " ] ; do
$IP rule del pref $(( $ id+ 2000 ))
while [ -n " $( $IP rule list | awk '$1 == "' $(( id+2000)) :'"' ) " ] ; do
$IP rule del pref $(( id+2000))
done
}
@ -785,7 +786,7 @@ mwan3_set_policy()
total_weight_v4 = $weight
lowest_metric_v4 = $metric
elif [ " $metric " -eq " $lowest_metric_v4 " ] ; then
total_weight_v4 = $(( $ total_weight_v4+ $ weight))
total_weight_v4 = $(( total_weight_v4+weight))
total_weight = $total_weight_v4
else
return
@ -796,7 +797,7 @@ mwan3_set_policy()
total_weight_v6 = $weight
lowest_metric_v6 = $metric
elif [ " $metric " -eq " $lowest_metric_v6 " ] ; then
total_weight_v6 = $(( $ total_weight_v6+ $ weight))
total_weight_v6 = $(( total_weight_v6+weight))
total_weight = $total_weight_v6
else
return
@ -807,9 +808,9 @@ mwan3_set_policy()
mwan3_push_update -A " mwan3_policy_ $policy " \
-m mark --mark 0x0/$MMX_MASK \
-m comment --comment \" $iface $weight $weight \" \
-j MARK --set-xmark $( mwan3_id2mask id MMX_MASK) /$MMX_MASK
-j MARK --set-xmark " $( mwan3_id2mask id MMX_MASK) /$MMX_MASK "
elif [ $is_offline -eq 0 ] ; then
probability = $(( $ weight* 1000 / $ total_weight))
probability = $(( weight*1000/ total_weight))
if [ " $probability " -lt 10 ] ; then
probability = " 0.00 $probability "
elif [ $probability -lt 100 ] ; then
@ -826,7 +827,7 @@ mwan3_set_policy()
--mode random \
--probability " $probability " \
-m comment --comment \" $iface $weight $total_weight \" \
-j MARK --set-xmark $( mwan3_id2mask id MMX_MASK) /$MMX_MASK
-j MARK --set-xmark " $( mwan3_id2mask id MMX_MASK) /$MMX_MASK "
elif [ -n " $device " ] ; then
echo " $current " | grep -q " ^-A mwan3_policy_ $policy .*--comment .* [0-9]* [0-9]* " ||
mwan3_push_update -I " mwan3_policy_ $policy " \
@ -858,7 +859,7 @@ mwan3_create_policies_iptables()
current = " $( $IPT -S) "
update = "*mangle"
if [ -n " ${ current ##*-N mwan3_policy_ $1 * } " ] ; then
mwan3_push_update -N " mwan3_policy_ $1 "
mwan3_push_update -N " mwan3_policy_ $1 "
fi
mwan3_push_update -F " mwan3_policy_ $1 "
@ -917,12 +918,12 @@ mwan3_set_sticky_iptables()
[ -n " $id " ] || return 0
if [ -z " ${ current ##*-N mwan3_iface_in_ $1 * } " ] ; then
mwan3_push_update -I " mwan3_rule_ $rule " \
-m mark --mark $( mwan3_id2mask id MMX_MASK) /$MMX_MASK \
-m mark --mark " $( mwan3_id2mask id MMX_MASK) /$MMX_MASK " \
-m set ! --match-set " mwan3_sticky_ $rule " src,src \
-j MARK --set-xmark 0x0/$MMX_MASK
-j MARK --set-xmark " 0x0/$MMX_MASK "
mwan3_push_update -I " mwan3_rule_ $rule " \
-m mark --mark 0/$MMX_MASK \
-j MARK --set-xmark $( mwan3_id2mask id MMX_MASK) /$MMX_MASK
-m mark --mark " 0/$MMX_MASK " \
-j MARK --set-xmark " $( mwan3_id2mask id MMX_MASK) /$MMX_MASK "
fi
fi
done
@ -932,7 +933,7 @@ mwan3_set_user_iptables_rule()
{
local ipset family proto policy src_ip src_port src_iface src_dev
local sticky dest_ip dest_port use_policy timeout policy
local global_logging rule_logging loglevel rule_policy rule ipv
local global_logging rule_logging loglevel rule_policy rule ipv
rule = " $1 "
ipv = " $2 "
@ -963,9 +964,9 @@ mwan3_set_user_iptables_rule()
[ -z " $dest_ip " ] && unset dest_ip
[ -z " $src_ip " ] && unset src_ip
[ -z " $ipset " ] && unset ipset
[ -z " $src_port " ] && unset src_port
[ -z " $dest_port " ] && unset dest_port
if [ " $proto " != 'tcp' ] && [ " $proto " != 'udp' ] ; then
[ -z " $src_port " ] && unset src_port
[ -z " $dest_port " ] && unset dest_port
if [ " $proto " != 'tcp' ] && [ " $proto " != 'udp' ] ; then
[ -n " $src_port " ] && {
LOG warn " src_port set to ' $src_port ' but proto set to ' $proto ' not tcp or udp. src_port will be ignored "
}
@ -1170,8 +1171,8 @@ mwan3_report_iface_status()
if [ -z " $id " ] || [ -z " $device " ] ; then
result = "offline"
elif [ -n " $( $IP rule | awk '$1 == "' $(( $ id+ 1000 )) :'"' ) " ] && \
[ -n " $( $IP rule | awk '$1 == "' $(( $ id+ 2000 )) :'"' ) " ] && \
elif [ -n " $( $IP rule | awk '$1 == "' $(( id+1000)) :'"' ) " ] && \
[ -n " $( $IP rule | awk '$1 == "' $(( id+2000)) :'"' ) " ] && \
[ -n " $( $IPT -S mwan3_iface_in_$1 2> /dev/null) " ] && \
[ -n " $( $IP route list table $id default dev $device 2> /dev/null) " ] ; then
json_init
@ -1183,11 +1184,12 @@ mwan3_report_iface_status()
json_get_vars online uptime
json_select ..
json_select ..
online = " $( printf '%02dh:%02dm:%02ds\n' $(( $ online/ 3600 )) $(( $ online% 3600 / 60 )) $(( $ online% 60 )) ) "
uptime = " $( printf '%02dh:%02dm:%02ds\n' $(( $ uptime/ 3600 )) $(( $ uptime% 3600 / 60 )) $(( $ uptime% 60 )) ) "
online = " $( printf '%02dh:%02dm:%02ds\n' $(( online/ 3600)) $(( online%3600/ 60)) $(( online%60)) ) "
uptime = " $( printf '%02dh:%02dm:%02ds\n' $(( uptime/ 3600)) $(( uptime%3600/ 60)) $(( uptime%60)) ) "
result = " $( mwan3_get_iface_hotplug_state $1 ) $online , uptime $uptime "
elif [ -n " $( $IP rule | awk '$1 == "' $(( $id + 1000 )) :'"' ) " ] || \
[ -n " $( $IP rule | awk '$1 == "' $(( $id + 2000 )) :'"' ) " ] || \
elif [ -n " $( $IP rule | awk '$1 == "' $(( id+1000)) :'"' ) " ] || \
[ -n " $( $IP rule | awk '$1 == "' $(( id+2000)) :'"' ) " ] || \
[ -n " $( $IP rule | awk '$1 == "' $(( id+3000)) :'"' ) " ] || \
[ -n " $( $IPT -S mwan3_iface_in_$1 2> /dev/null) " ] || \
[ -n " $( $IP route list table $id default dev $device 2> /dev/null) " ] ; then
result = "error"
@ -1225,10 +1227,10 @@ mwan3_report_policies()
total_weight = $( $ipt -S " $policy " | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}' )
if [ ! -z " ${ total_weight ##*[!0-9]* } " ] ; then
if [ -n " ${ total_weight ##*[!0-9]* } " ] ; then
for iface in $( $ipt -S " $policy " | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}' ) ; do
weight = $( $ipt -S " $policy " | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "' $iface '"' | awk '{print $2}' )
percent = $(( $ weight* 100 / $ total_weight))
percent = $(( weight*100/ total_weight))
echo " $iface ( $percent %) "
done
else
@ -1306,6 +1308,6 @@ mwan3_flush_conntrack()
mwan3_track_clean( )
{
rm -rf " $ MWAN3_STATUS_DIR/ ${ 1 } " & > /dev/null
rm -rf " ${ MWAN3_STATUS_DIR : ? } / ${ 1 } " & > /dev/null
rmdir --ignore-fail-on-non-empty " $MWAN3_STATUS_DIR "
}