From 1123b9dae320ca172b47ad31acabab4f76e5bfd6 Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Wed, 6 Jul 2022 23:16:20 +0200 Subject: [PATCH] travelmate: update 2.0.9 * various vpn fixes/optimizations (run tested by forum users) * refine several log statements Signed-off-by: Dirk Brenken (cherry picked from commit cf1f9dc933eb86e6a78fba3e27ae15428809aa3c) --- net/travelmate/Makefile | 4 +- net/travelmate/files/travelmate.sh | 77 ++++++++++++++++++++++------- net/travelmate/files/travelmate.vpn | 41 ++++++--------- 3 files changed, 76 insertions(+), 46 deletions(-) diff --git a/net/travelmate/Makefile b/net/travelmate/Makefile index baef13d780..73c162541d 100644 --- a/net/travelmate/Makefile +++ b/net/travelmate/Makefile @@ -6,8 +6,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=travelmate -PKG_VERSION:=2.0.8 -PKG_RELEASE:=3 +PKG_VERSION:=2.0.9 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/travelmate/files/travelmate.sh b/net/travelmate/files/travelmate.sh index 87e588cd86..17cb27a0d8 100755 --- a/net/travelmate/files/travelmate.sh +++ b/net/travelmate/files/travelmate.sh @@ -10,7 +10,7 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -trm_ver="2.0.8" +trm_ver="2.0.9" trm_enabled="0" trm_debug="0" trm_iface="" @@ -57,7 +57,7 @@ f_env() { return fi - unset trm_stalist trm_radiolist trm_uplinklist trm_uplinkcfg trm_wpaflags trm_activesta trm_opensta + unset trm_stalist trm_radiolist trm_uplinklist trm_vpnifacelist trm_uplinkcfg trm_wpaflags trm_activesta trm_opensta trm_sysver="$(ubus -S call system board 2>/dev/null | jsonfilter -q -e '@.model' -e '@.release.description' | awk 'BEGIN{RS="";FS="\n"}{printf "%s, %s",$1,$2}')" @@ -113,12 +113,14 @@ f_env() { fi json_load_file "${trm_rtfile}" >/dev/null 2>&1 - if ! json_select data >/dev/null 2>&1; then : >"${trm_rtfile}" json_init json_add_object "data" fi + + config_load network + config_foreach f_getvpn "interface" f_log "debug" "f_env ::: auto_sta: ${trm_opensta:-"-"}, wpa_flags: ${trm_wpaflags}, sys_ver: ${trm_sysver}" } @@ -180,27 +182,56 @@ f_wifi() { # vpn helper function # f_vpn() { - local rc vpn vpn_service vpn_iface vpn_action="${1}" + local rc result iface vpn vpn_service vpn_iface vpn_status vpn_action="${1}" vpn="$(f_getval "vpn")" vpn_service="$(f_getval "vpnservice")" vpn_iface="$(f_getval "vpniface")" - if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ] && [ -f "${trm_ntpfile}" ]; then + if [ ! -f "${trm_vpnfile}" ] || { [ -f "${trm_vpnfile}" ] && [ "${vpn_action}" = "enable" ]; }; then + for iface in ${trm_vpnifacelist}; do + vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')" + if [ "${vpn_status}" = "true" ]; then + ifdown "${iface}" + f_log "info" "take down vpn interface '${iface}' (initial)" + fi + done + [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn stop + if [ -f "/etc/init.d/sysntpd" ]; then + /etc/init.d/sysntpd restart >/dev/null 2>&1 + fi + rm -f "${trm_vpnfile}" + elif [ "${vpn}" = "1" ] && [ -n "${vpn_iface}" ] && [ "${vpn_action}" = "enable_keep" ]; then + for iface in ${trm_vpnifacelist}; do + vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')" + if [ "${vpn_status}" = "true" ] && [ "${iface}" != "${vpn_iface}" ]; then + ifdown "${iface}" + [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn stop + f_log "info" "take down vpn interface '${iface}' (switch)" + rm -f "${trm_vpnfile}" + break + fi + done + fi + if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ] && [ -f "${trm_ntpfile}" ]; then if { [ "${vpn_action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; } || - { [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } || - { [ "${vpn}" != "1" ] && [ "${vpn_action}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; then - "${trm_vpnpgm}" "${vpn}" "${vpn_action}" "${vpn_service}" "${vpn_iface}" >/dev/null 2>&1 - rc="${?}" + { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } || + { [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; then + result="$(f_net)" + if [ "${result}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then + f_log "info" "vpn call '${vpn:-"0"}/${vpn_action}/${vpn_service}/${vpn_iface}'" + "${trm_vpnpgm}" "${vpn:-"0"}" "${vpn_action%_*}" "${vpn_service}" "${vpn_iface}" >/dev/null 2>&1 + rc="${?}" + fi fi - if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${rc}" = "0" ]; then + if [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ "${rc}" = "0" ]; then : >"${trm_vpnfile}" - elif { [ "${vpn}" != "1" ] || [ "${vpn_action}" = "disable" ]; } && [ -f "${trm_vpnfile}" ]; then + elif [ "${vpn}" != "1" ] || [ "${vpn_action}" = "disable" ]; then rm -f "${trm_vpnfile}" fi [ -n "${rc}" ] && f_jsnup fi - f_log "debug" "f_vpn ::: enabled: ${vpn:-"-"}, action: ${vpn_action}, service: ${vpn_service:-"-"}, iface: ${vpn_iface:-"-"}, rc: ${rc:-"-"}, program: ${trm_vpnpgm}" + f_log "debug" "f_vpn ::: enabled: ${vpn:-"-"}, action: ${vpn_action}, service: ${vpn_service:-"-"}, iface: ${vpn_iface:-"-"}, rc: ${rc:-"-"}" } # mac helper function @@ -292,6 +323,18 @@ f_ctrack() { f_log "debug" "f_ctrack ::: action: ${action:-"-"}, uplink_config: ${trm_uplinkcfg:-"-"}" } +# get logical vpn network interfaces +# +f_getvpn() { + local proto iface="${1}" + + proto="$(uci_get "network" "${iface}" "proto")" + if [ "${proto}" = "none" ] || [ "${proto}" = "wireguard" ]; then + trm_vpnifacelist="$(f_trim "${trm_vpnifacelist} ${iface}")" + fi + f_log "debug" "f_getvpn ::: interface: ${iface:-"-"}, protocol: ${proto:-"-"}, vpn_interfacelist: ${trm_vpnifacelist:-"-"}" +} + # get wan gateway addresses # f_getgw() { @@ -790,11 +833,11 @@ f_main() { if [ -n "${trm_connection}" ] && [ "${radio}" = "${config_radio}" ] && [ "${sta_radio}" = "${config_radio}" ] && [ "${sta_essid}" = "${config_essid}" ] && [ "${sta_bssid}" = "${config_bssid}" ]; then f_ctrack "refresh" - f_log "info" "uplink still in range '${config_radio}/${config_essid}/${config_bssid:-"-"}' with mac '${sta_mac:-"-"}'" - f_vpn "enable" + f_vpn "enable_keep" + f_log "debug" "f_main-4 ::: config_radio: ${config_radio}, config_essid: ${config_essid}, config_bssid: ${config_bssid:-"-"}" return 0 fi - f_log "debug" "f_main-4 ::: sta_radio: ${sta_radio}, sta_essid: \"${sta_essid}\", sta_bssid: ${sta_bssid:-"-"}" + f_log "debug" "f_main-5 ::: sta_radio: ${sta_radio}, sta_essid: \"${sta_essid}\", sta_bssid: ${sta_bssid:-"-"}" fi if [ -z "${scan_list}" ]; then scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e "@.${radio}.interfaces[0].ifname")" @@ -802,7 +845,7 @@ f_main() { awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2="";for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}} /Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"}; printf "%i %s %s %s\n",(var0[1]*100/var0[2]),var3,var1,var2}' | sort -rn | head -qn "${trm_maxscan}")" - f_log "debug" "f_main-5 ::: radio: ${radio}, scan_device: ${scan_dev}, scan_max: ${trm_maxscan}" + f_log "debug" "f_main-6 ::: radio: ${radio}, scan_device: ${scan_dev}, scan_max: ${trm_maxscan}" if [ -z "${scan_list}" ]; then f_log "info" "no scan results on '${radio}'" continue 2 @@ -813,7 +856,7 @@ f_main() { # while read -r scan_quality scan_open scan_bssid scan_essid; do if [ -n "${scan_quality}" ] && [ -n "${scan_open}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ]; then - f_log "debug" "f_main-6 ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}" + f_log "debug" "f_main-7 ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}" if [ "${scan_quality}" -ge "${trm_minquality}" ]; then if { { [ "${scan_essid}" = "\"${sta_essid}\"" ] && { [ -z "${sta_bssid}" ] || [ "${scan_bssid}" = "${sta_bssid}" ]; }; } || { [ "${scan_bssid}" = "${sta_bssid}" ] && [ "${scan_essid}" = "unknown" ]; }; } && [ "${radio}" = "${sta_radio}" ]; then diff --git a/net/travelmate/files/travelmate.vpn b/net/travelmate/files/travelmate.vpn index 0bffa1286d..443d7a0283 100755 --- a/net/travelmate/files/travelmate.vpn +++ b/net/travelmate/files/travelmate.vpn @@ -35,28 +35,11 @@ f_net() { } vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')" -case "${vpn_service}" in - "wireguard") - if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"false"}" != "true" ]; then - ubus call network.interface."${vpn_iface}" up - elif { [ "${vpn}" = "0" ] && [ "${vpn_action}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then - ubus call network.interface."${vpn_iface}" down - "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null - fi - ;; - "openvpn") - if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"false"}" != "true" ]; then - ubus call network.interface."${vpn_iface}" up - /etc/init.d/openvpn restart >/dev/null 2>&1 - elif { [ "${vpn}" = "0" ] && [ "${vpn_action}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then - ubus call network.interface."${vpn_iface}" down - /etc/init.d/openvpn stop >/dev/null 2>&1 - "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null - fi - ;; -esac - -if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"false"}" != "true" ]; then +if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ]; then + if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then + /etc/init.d/openvpn start + fi + ifup "${vpn_iface}" cnt=0 while true; do vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')" @@ -68,16 +51,20 @@ if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"fal fi fi if [ "${cnt}" -ge "$((trm_maxwait / 3))" ]; then + ifdown "${vpn_iface}" + if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then + /etc/init.d/openvpn stop + fi "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection can't be established" 2>/dev/null - ubus call network.interface."${vpn_iface}" down exit 1 fi sleep 1 cnt="$((cnt + 1))" done -fi -if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" = "true" ]; then - if [ -f "/etc/init.d/sysntpd" ]; then - /etc/init.d/sysntpd restart >/dev/null 2>&1 +elif { [ "${vpn}" != "1" ] && [ "${vpn_action}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then + ifdown "${vpn_iface}" + if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then + /etc/init.d/openvpn stop fi + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null fi -- 2.30.2