From b1dfb5edd43efc9a4bc853b2c584788393a31e27 Mon Sep 17 00:00:00 2001 From: avinashdige15 <“avinash.dige@arista.com”> Date: Mon, 24 Jul 2023 15:30:22 +0530 Subject: [PATCH 01/44] MFW-3190: Added uriTranslation host: https://eu.edge.arista.com/cmd/ for uri: https://launchpad.edge.arista.com --- mfw-eu/files/settings_uri.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mfw-eu/files/settings_uri.js b/mfw-eu/files/settings_uri.js index ab7955e12..bb4efd54d 100644 --- a/mfw-eu/files/settings_uri.js +++ b/mfw-eu/files/settings_uri.js @@ -18,6 +18,9 @@ },{ "uri": "https://cmd.untangle.com/", "host": "cmd-eu.untangle.com" + },{ + "uri": "https://launchpad.edge.arista.com", + "host": "eu.edge.arista.com" }] } } From f609a145b58de4f48d8bda1e5677eb9a86a12ff6 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Wed, 27 Sep 2023 07:13:12 +0300 Subject: [PATCH 02/44] MFW-3578 chore: fix vsbuild (#188) * MFW-3578 chore: fix vsbuild * MFW-3578 fix: dupe remove --- .vscode/vsbuild.sh | 92 ++++++++++++++++++++++++++++++---------------- 1 file changed, 60 insertions(+), 32 deletions(-) diff --git a/.vscode/vsbuild.sh b/.vscode/vsbuild.sh index 162f93da2..6786f5c94 100755 --- a/.vscode/vsbuild.sh +++ b/.vscode/vsbuild.sh @@ -3,42 +3,70 @@ ## Compile sync-settings and install if no errors. ## TARGET=$1 +PORT=22 + +GREEN=$'\e[0;32m' +NC=$'\e[0m' # Break target down by commas into an array. TARGET_ADDRESSES=() while IFS=',' read -ra ADDRESSES; do - for address in "${ADDRESSES[@]}"; do - TARGET_ADDRESSES+=($address) - done -done <<< "$TARGET" + for address in "${ADDRESSES[@]}"; do + TARGET_ADDRESSES+=("$address") + done +done <<<"$TARGET" for target_address in "${TARGET_ADDRESSES[@]}"; do - echo "Copying to $target_address..." - ssh-copy-id root@$target_address - - rsync=$(ssh root@$target_address "which rsync") - if [ "$rsync" = "" ] ; then - ssh root@$target_address "opkg update; opkg install rsync" - fi - - rsync -r -a -v --chown=root:root wan-manager/files/* root@$target_address:/usr/bin - rsync -r -a -v --chown=root:root credentials/files/credentials.json root@$target_address:/etc/config/credentials.json - # rsync -r -a -v --chown=root:root pyconnector/files/* root@$target_address:/usr/bin - # rsync -r -a -v --chown=root:root strongswan-full/files/override.ipsec.init root@$target_address:/etc/init.d/ipsec - # rsync -r -a -v --chown=root:root pyconnector/files/pyconnector root@$target_address:/usr/bin/pyconnector - # rsync -r -a -v --chown=root:root pyconnector/files/pyconnector.init root@$target_address:/etc/init.d/pyconnector - rsync -r -a -v --chown=root:root sync-settings/files/speedtest.sh root@$target_address:/usr/bin/speedtest.sh - # rsync -r -a -v --chown=root:root speedtest-cli-dbg root@$target_address:/root/speedtest-cli-dbg - - # Tests - target_sync_path=$(ssh root@$target_address "find /usr -name tests | grep '\(site-packages\|dist-packages\)/tests' | head -1") - if [ "$target_sync_path" != "" ] ; then - rsync -r -a -v runtests/files/usr/lib/python/tests/* root@$target_address:$target_sync_path - fi - - # Restd - target_sync_path=$(ssh root@$target_address "find /usr -name restd | grep '\(site-packages\|dist-packages\)/restd' | head -1") - if [ "$target_sync_path" != "" ] ; then - rsync -r -a -v restd/files/usr/lib/python/restd/* root@$target_address:$target_sync_path - fi + + echo "${GREEN}Copying to $target_address ...${NC}" + + ssh-copy-id root@"$target_address" + + isEos=true + if [ "$(ssh -p "$PORT" root@"$target_address" "uname -n")" == "mfw" ]; then + isEos=false + echo "${GREEN}Bare MFW found${NC}" + else + echo "${GREEN}MFW in EOS found${NC}" + fi + + target_sync_path="" + mfw_dir="" + if [ "$isEos" != true ]; then + # bare MFW target + rsync=$(ssh -p "$PORT" root@"$target_address" "which rsync") + if [ "$rsync" = "" ]; then + ssh -p "$PORT" root@"$target_address" "opkg update; opkg install rsync" + fi + + target_sync_path="/usr/bin" + else + target_sync_path="/mfw/usr/bin" + mfw_dir="/mfw" + fi + + echo "${GREEN}Copying to $target_sync_path... ${NC}" + + rsync -r -a -v --chown=root:root wan-manager/files/* root@"$target_address":"$target_sync_path" + rsync -r -a -v --chown=root:root credentials/files/credentials.json root@"$target_address":"$mfw_dir"/etc/config/credentials.json + # rsync -r -a -v --chown=root:root pyconnector/files/* root@$target_address:/usr/bin + # rsync -r -a -v --chown=root:root strongswan-full/files/override.ipsec.init root@$target_address:/etc/init.d/ipsec + # rsync -r -a -v --chown=root:root pyconnector/files/pyconnector root@$target_address:/usr/bin/pyconnector + # rsync -r -a -v --chown=root:root pyconnector/files/pyconnector.init root@$target_address:/etc/init.d/pyconnector + rsync -r -a -v --chown=root:root sync-settings/files/speedtest.sh root@"$target_address":"$target_sync_path"/speedtest.sh + # rsync -r -a -v --chown=root:root speedtest-cli-dbg root@$target_address:/root/speedtest-cli-dbg + + # Tests + target_site_packages=$(ssh root@"$target_address" "find $mfw_dir/usr -name tests | grep '\(site-packages\|dist-packages\)/tests' | head -1") + if [ "$target_site_packages" != "" ]; then + echo "${GREEN}Copying to $target_site_packages... ${NC}" + rsync -r -a -v runtests/files/usr/lib/python/tests/* root@"$target_address":$target_site_packages + fi + + # Restd + target_site_packages=$(ssh root@"$target_address" "find $mfw_dir/usr -name restd | grep '\(site-packages\|dist-packages\)/restd' | head -1") + if [ "$target_site_packages" != "" ]; then + echo "${GREEN}Copying to $target_site_packages... ${NC}" + rsync -r -a -v restd/files/usr/lib/python/restd/* root@"$target_address":"$target_site_packages" + fi done From de0281beadd45f22b8f994959e891e947fd01b6c Mon Sep 17 00:00:00 2001 From: Rahul <126767141+rahulg-arista@users.noreply.github.com> Date: Fri, 20 Oct 2023 12:17:07 +0530 Subject: [PATCH 03/44] MFW-3555 : Ruby1 hybrid mode: packetd signaling sent before settings.json updated (#189) --- sync-settings/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/sync-settings/Makefile b/sync-settings/Makefile index d8159611f..a65a4d876 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -33,6 +33,7 @@ define Py3Package/sync-settings/install $(INSTALL_DIR) $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sync-settings $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/load-eos-config $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/updateSysdbSignal $(1)/usr/bin $(INSTALL_BIN) files/speedtest.sh $(1)/usr/bin $(INSTALL_BIN) files/wwan_status.sh $(1)/usr/bin $(INSTALL_BIN) files/nft_debug $(1)/usr/bin From 8d0788d3fda50bb323cf63b9832c360208d33137 Mon Sep 17 00:00:00 2001 From: Nobutomo Nakano Date: Mon, 23 Oct 2023 11:33:21 +0000 Subject: [PATCH 04/44] MFW-3790 Modify Interrupt distribution and enable RPS/XPS/HT to improve network throughput --- sync-settings/Makefile | 2 ++ sync-settings/files/set_affinity.sh | 54 +++++++++++++++++++++++++++++ sync-settings/files/set_rpsxps.sh | 47 +++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100755 sync-settings/files/set_affinity.sh create mode 100755 sync-settings/files/set_rpsxps.sh diff --git a/sync-settings/Makefile b/sync-settings/Makefile index a65a4d876..3cdff9824 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -38,6 +38,8 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/wwan_status.sh $(1)/usr/bin $(INSTALL_BIN) files/nft_debug $(1)/usr/bin $(INSTALL_BIN) files/check-for-usb-reset.sh $(1)/usr/bin + $(INSTALL_BIN) files/set_affinity.sh $(1)/usr/bin + $(INSTALL_BIN) files/set_rpsxps.sh $(1)/usr/bin # init.d $(INSTALL_DIR) $(1)/etc/init.d diff --git a/sync-settings/files/set_affinity.sh b/sync-settings/files/set_affinity.sh new file mode 100755 index 000000000..0474fdfac --- /dev/null +++ b/sync-settings/files/set_affinity.sh @@ -0,0 +1,54 @@ +#!/bin/sh + +if [ -z "$NCPUS" ]; then + NCPUS=$(grep processor /proc/cpuinfo | wc -l) +fi + +if [ -z "$DEVLIST" ]; then + DEVLIST=$(cd /sys/class/net; ls -1d et1_* | sort -t_ -k2n) +fi + +case $1 in +show) + for d in $DEVLIST + do + irqs=$(grep "iavf-$d-" /proc/interrupts | awk -F: '{print $1}') + printf "%s irqs: " $d + aflist= + for irq in $irqs + do + al=$(cat /proc/irq/$irq/smp_affinity_list) + aflist="$aflist $al" + printf "%5d" $irq + done + printf "\n\tcore: " + for al in $aflist + do + printf "%5d" $al + done + printf "\n" + done + ;; + +set) + af=0 + for d in $DEVLIST + do + # Setup CPU affinity + irqs=$(grep "iavf-$d-" /proc/interrupts | awk -F: '{print $1}') + for irq in $irqs + do + # echo "Set smp_affinity: $d irq=$irq $af" + echo $af > /proc/irq/$irq/smp_affinity_list + af=$((af+1)) + [ $af -eq $NCPUS ] && af=0 + done + done + ;; + +*) + echo "Usage: set_affinity show|configure" + exit 1 +esac + +exit 0 diff --git a/sync-settings/files/set_rpsxps.sh b/sync-settings/files/set_rpsxps.sh new file mode 100755 index 000000000..af105a0df --- /dev/null +++ b/sync-settings/files/set_rpsxps.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +if [ -z "$DEVLIST" ]; then + DEVLIST=$(cd /sys/class/net; ls -1d et1_* | sort -t_ -k2n) +fi + +# 40 CPUs +CPUMASK_ALL="ff,ffffffff" + +case $1 in +show) + for d in $DEVLIST + do + for rx in $(cd /sys/class/net/$d/queues; ls -1d rx-*) + do + mask=$(cat /sys/class/net/$d/queues/$rx/rps_cpus) + echo $d $rx $mask + done + for tx in $(cd /sys/class/net/$d/queues; ls -1d tx-*) + do + mask=$(cat /sys/class/net/$d/queues/$tx/xps_cpus) + echo $d $tx $mask + done + done + ;; +set|revert) + [ $1 = revert ] && CPUMASK_ALL=0 + + for d in $DEVLIST + do + for rx in $(cd /sys/class/net/$d/queues; ls -1d rx-*) + do + echo $CPUMASK_ALL > /sys/class/net/$d/queues/$rx/rps_cpus + done + for tx in $(cd /sys/class/net/$d/queues; ls -1d tx-*) + do + echo $CPUMASK_ALL > /sys/class/net/$d/queues/$tx/xps_cpus + done + done + ;; +*) + echo "Usage: set_rpsxps show|set|revert" + exit 1 + ;; +esac + +exit 0 From 789883b1dbb0350ac1b08a86b7ff74cef6cd304e Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Fri, 27 Oct 2023 16:10:02 +0300 Subject: [PATCH 05/44] fix: ls etc eos release (#193) --- .vscode/vsbuild.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.vscode/vsbuild.sh b/.vscode/vsbuild.sh index 6786f5c94..199b66fa7 100755 --- a/.vscode/vsbuild.sh +++ b/.vscode/vsbuild.sh @@ -23,7 +23,7 @@ for target_address in "${TARGET_ADDRESSES[@]}"; do ssh-copy-id root@"$target_address" isEos=true - if [ "$(ssh -p "$PORT" root@"$target_address" "uname -n")" == "mfw" ]; then + if eval [ssh -p "$PORT" root@"$target_address" "ls /etc/Eos-release"]; then isEos=false echo "${GREEN}Bare MFW found${NC}" else From 8a4bb020e9c8a34dba5582f8658e4e78f2b22adc Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Sat, 28 Oct 2023 00:54:35 +0300 Subject: [PATCH 06/44] Mfw 3831 fix vsbuild (#194) * fix: ls etc eos release * fix: mistype --- .vscode/vsbuild.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.vscode/vsbuild.sh b/.vscode/vsbuild.sh index 199b66fa7..7bb188b8e 100755 --- a/.vscode/vsbuild.sh +++ b/.vscode/vsbuild.sh @@ -23,7 +23,7 @@ for target_address in "${TARGET_ADDRESSES[@]}"; do ssh-copy-id root@"$target_address" isEos=true - if eval [ssh -p "$PORT" root@"$target_address" "ls /etc/Eos-release"]; then + if ! ssh -p "$PORT" root@"$target_address" "ls /etc/Eos-release"; then isEos=false echo "${GREEN}Bare MFW found${NC}" else From 81852e9569c6a5f80cfa1fba61b0faef6055a0cc Mon Sep 17 00:00:00 2001 From: Naveen Gowda Date: Tue, 31 Oct 2023 17:08:35 +0000 Subject: [PATCH 07/44] Quota changes --- sync-settings/Makefile | 1 + sync-settings/files/quota_cron.sh | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 sync-settings/files/quota_cron.sh diff --git a/sync-settings/Makefile b/sync-settings/Makefile index a65a4d876..5e06114fb 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -38,6 +38,7 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/wwan_status.sh $(1)/usr/bin $(INSTALL_BIN) files/nft_debug $(1)/usr/bin $(INSTALL_BIN) files/check-for-usb-reset.sh $(1)/usr/bin + $(INSTALL_BIN) files/quota_cron.sh $(1)/usr/bin # init.d $(INSTALL_DIR) $(1)/etc/init.d diff --git a/sync-settings/files/quota_cron.sh b/sync-settings/files/quota_cron.sh new file mode 100644 index 000000000..994545cd3 --- /dev/null +++ b/sync-settings/files/quota_cron.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# +export CMD_MATCH=$1 +export FULL_CMD=$2 +c_temp=$(nft list chain inet shaping quota-rules -a | grep "$CMD_MATCH") +c_tmp=${c_temp#*handle} +nft delete rule inet shaping quota-rules handle $c_tmp +$FULL_CMD From bc2e58eb8d6c5de179bf90251aa9f80127903c1a Mon Sep 17 00:00:00 2001 From: Sebastien Delafond Date: Wed, 1 Nov 2023 05:09:17 -0700 Subject: [PATCH 08/44] version.mk: extract package version from environment variables set by barney --- version.mk | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/version.mk b/version.mk index 938a40809..462fd7ea1 100644 --- a/version.mk +++ b/version.mk @@ -15,8 +15,23 @@ PKG_VERSION := $(call MFW_COMMIT,$(PKG_SOURCE_URL),$(PKG_SOURCE_VERSION)) # use historical "go mod vendor" approach export MFW_GOFLAGS="-mod=vendor -buildvcs=false" else # use source tree already checked out on disk -USE_SOURCE_DIR := $(LOCAL_SOURCE_PATH)/$(subst git@,,$(subst :,/,$(subst .git,,$(PKG_SOURCE_URL)))) +PKG_SOURCE_PATH := $(subst git@,,$(subst :,/,$(subst .git,,$(PKG_SOURCE_URL)))) +USE_SOURCE_DIR := $(LOCAL_SOURCE_PATH)/$(PKG_SOURCE_PATH) +HASH := \# +# we want to extract the version that barney stashed inside an +# environment variable; we select it based first on a pattern for +# the variable name, and then filter some more on its value. +# This is not exactly a walk in the park, as a simple $(shell env | +# perl ...) unfortunately dies with the dreaded "argument list too +# long", so we resort to using .VARIABLES instead +PKG_VERSION := $(strip $(foreach V,$(.VARIABLES), \ + $(if $(filter SRC_%, $V), \ + $(if $(filter $(PKG_SOURCE_PATH)%, $($V)), \ + $(subst $(PKG_SOURCE_PATH)$(HASH),,$($V)))))) +# if we couldn't extract a version, go with "local" +ifeq ($(PKG_VERSION),) PKG_VERSION := local +endif # undefine those 2 so there is no fetch attempt undefine PKG_SOURCE_PROTO undefine PKG_SOURCE_URL @@ -31,6 +46,7 @@ PKG_SOURCE := $(PKG_NAME)-$(PKG_SOURCE_VERSION)-$(PKG_VERSION).tar.xz test-mfw-version: @echo "PKG_NAME: $(PKG_NAME)" @echo "PKG_NAME_NO_DASH: $(PKG_NAME_NO_DASH)" + @echo "PKG_SOURCE_PATH: $(PKG_SOURCE_PATH)" @echo "PKG_SOURCE_PROTO: $(PKG_SOURCE_PROTO)" @echo "PKG_SOURCE_URL: $(PKG_SOURCE_URL)" @echo "USE_SOURCE_DIR: $(USE_SOURCE_DIR)" From 005a23315f1abb186ab04703f5320a3914f32c59 Mon Sep 17 00:00:00 2001 From: sumedha-game <124914561+sumedha-game@users.noreply.github.com> Date: Thu, 2 Nov 2023 16:56:53 +0530 Subject: [PATCH 09/44] MFW-3731: Backup Restore (add the logo image file in backup.tar) (#195) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * MFW-3731: Backup Restore (add the logo image file in backup.tar) * updated rsync to cp change with condition * flag to handle exist file error * added TODO comment * updated * updated comment --------- Co-authored-by: “sumedha-game” <“sumedha-game@arista.com”> --- backup-scripts/files/upload-backup.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/backup-scripts/files/upload-backup.sh b/backup-scripts/files/upload-backup.sh index 5b1a9ace1..8da6a1e15 100755 --- a/backup-scripts/files/upload-backup.sh +++ b/backup-scripts/files/upload-backup.sh @@ -31,8 +31,17 @@ function createBackup() { debug "Backing up settings to gunzipped tar archive file" TEMP_DIR=`mktemp -d -t ut-backup.XXXXXXX` TEMP_DIR_NAME=$(basename $TEMP_DIR) + CP_DIR="/etc/config/captive_portal" cp /etc/config/settings.json $TEMP_DIR +# TODO: Directory check is added for cases where upgrade from older builds +# to newer may not have the directory present. This check should probably +# be removed in future builds. + if [ -d "$CP_DIR" ] ; then + cp $CP_DIR/* $TEMP_DIR + rm -f $TEMP_DIR/captive_portal_settings + fi + tar -C /tmp -zcf $BACKUP_FILE $TEMP_DIR_NAME rm -r $TEMP_DIR } From 4426e2ae15586fef9ce59df28a3add558489109c Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Fri, 3 Nov 2023 16:04:26 +0200 Subject: [PATCH 10/44] feat: add run-eos-command installation (#191) --- sync-settings/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/sync-settings/Makefile b/sync-settings/Makefile index a65a4d876..11283807f 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -34,6 +34,7 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sync-settings $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/load-eos-config $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/updateSysdbSignal $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/run-eos-command $(1)/usr/bin $(INSTALL_BIN) files/speedtest.sh $(1)/usr/bin $(INSTALL_BIN) files/wwan_status.sh $(1)/usr/bin $(INSTALL_BIN) files/nft_debug $(1)/usr/bin From b6d7970b7da25bf00502843e29902121bc7277e7 Mon Sep 17 00:00:00 2001 From: Nobutomo Nakano Date: Fri, 10 Nov 2023 05:57:16 +0000 Subject: [PATCH 11/44] Corrected usage message --- sync-settings/files/set_affinity.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sync-settings/files/set_affinity.sh b/sync-settings/files/set_affinity.sh index 0474fdfac..9b72a3f8e 100755 --- a/sync-settings/files/set_affinity.sh +++ b/sync-settings/files/set_affinity.sh @@ -47,7 +47,7 @@ set) ;; *) - echo "Usage: set_affinity show|configure" + echo "Usage: set_affinity show|set" exit 1 esac From 458ea71335311805df1d94e385d9c3c810e0b0f1 Mon Sep 17 00:00:00 2001 From: Sebastien Delafond Date: Thu, 16 Nov 2023 07:32:19 +0100 Subject: [PATCH 12/44] restd: remove python3-package.mk as restd doesn't declare a python package In recent openwrt, including python3-package without defining a python package breaks the build. --- restd/Makefile | 2 -- 1 file changed, 2 deletions(-) diff --git a/restd/Makefile b/restd/Makefile index a623a0e97..64fa9ac08 100644 --- a/restd/Makefile +++ b/restd/Makefile @@ -19,8 +19,6 @@ include $(INCLUDE_DIR)/package.mk # Package/packetd/install include $(INCLUDE_DIR)/../feeds/packages/lang/golang/golang-package.mk -include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk - define Package/restd SECTION:=utils CATEGORY:=Utilities From 1974bc7393196046cb6c1f06e40ccd1a9179f2fb Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Tue, 21 Nov 2023 11:52:55 +0200 Subject: [PATCH 13/44] Mfw 3762 conntrack config (#197) * feat: run sysctl on custom 9* files * fix: only if there are files --- sync-settings/files/sync-settings.init | 29 ++++++++++++++++---------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/sync-settings/files/sync-settings.init b/sync-settings/files/sync-settings.init index 75f0c71ad..5c1d9fafa 100755 --- a/sync-settings/files/sync-settings.init +++ b/sync-settings/files/sync-settings.init @@ -5,17 +5,24 @@ START=14 STOP=14 boot() { - # check if we should reset settings - /usr/bin/check-for-usb-reset.sh && rm /etc/config/settings.json + # check if we should reset settings + /usr/bin/check-for-usb-reset.sh && rm /etc/config/settings.json - if [ ! -f /etc/config/settings.json ] ; then - logger -t "sync-settings" "Creating /etc/config/settings.json" - /usr/bin/sync-settings -c -n -v force=true | logger -t "sync-settings" - else - /usr/bin/sync-settings -u -n -v force=true | logger -t "sync-settings" - fi + if [ ! -f /etc/config/settings.json ]; then + logger -t "sync-settings" "Creating /etc/config/settings.json" + /usr/bin/sync-settings -c -n -v force=true | logger -t "sync-settings" + else + /usr/bin/sync-settings -u -n -v force=true | logger -t "sync-settings" + fi - # ensure we have an up to date defaults.json file - /usr/bin/sync-settings -c -s -f /tmp/settings.json - mv /tmp/settings.json /etc/config/defaults.json + # ensure we have an up to date defaults.json file + /usr/bin/sync-settings -c -s -f /tmp/settings.json + mv /tmp/settings.json /etc/config/defaults.json + + # Run sysctl on 9* prio files if present + CUSTOM_COMMANDS="/etc/sysctl.d/9*" + + if ls "$CUSTOM_COMMANDS"; then + sysctl -p "$CUSTOM_COMMANDS" + fi } From 640ed4a613c857f0403f8de4f1c20ec6d1e8a876 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Tue, 21 Nov 2023 12:56:59 +0200 Subject: [PATCH 14/44] fix: json (#198) --- .vscode/tasks.json | 2 -- 1 file changed, 2 deletions(-) diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 7f6cba2b8..77550d5c3 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -1,6 +1,4 @@ { - // See https://go.microsoft.com/fwlink/?LinkId=733558 - // for the documentation about the tasks.json format "version": "2.0.0", "tasks": [{ "label": "Copy to target", From b2885969eec0595e651f9f797365c31ab840f714 Mon Sep 17 00:00:00 2001 From: manuwelakanade <42827843+manuwelakanade@users.noreply.github.com> Date: Wed, 22 Nov 2023 12:16:21 +0530 Subject: [PATCH 15/44] MFW-3961 Adding categories.json for webroot categories (#200) --- bctid/Makefile | 3 + bctid/files/categories.json | 530 ++++++++++++++++++++++++++++++++++++ 2 files changed, 533 insertions(+) create mode 100644 bctid/files/categories.json diff --git a/bctid/Makefile b/bctid/Makefile index 99f4ba9a4..14db22ebb 100644 --- a/bctid/Makefile +++ b/bctid/Makefile @@ -34,6 +34,9 @@ endef TMP_BUILD_DIR:=$(PKG_BUILD_DIR)/tmp/ define Package/bctid/install + # Copy bctid categories file + $(CP) files/categories.json $(1)/etc/config/categories.json + $(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib/bctid $(1)/usr/share/bctid $(INSTALL_BIN) $(TMP_BUILD_DIR)/src/bin/bctid $(1)/usr/bin/ $(CP) $(TMP_BUILD_DIR)/src/bin/bcti.cfg $(1)/usr/share/bctid/ diff --git a/bctid/files/categories.json b/bctid/files/categories.json new file mode 100644 index 000000000..76cebe6e0 --- /dev/null +++ b/bctid/files/categories.json @@ -0,0 +1,530 @@ +[ + { + "catid": 0, + "catremap": 0, + "catname": "Uncategorized", + "catgroup": "Misc" + }, + { + "catid": 1, + "catremap": 1, + "catname": "Real Estate", + "catgroup": "Productivity" + }, + { + "catid": 2, + "catremap": 2, + "catname": "Computer and Internet Security", + "catgroup": "Productivity" + }, + { + "catid": 3, + "catremap": 3, + "catname": "Financial Services", + "catgroup": "Privacy" + }, + { + "catid": 4, + "catremap": 4, + "catname": "Business and Economy", + "catgroup": "Productivity" + }, + { + "catid": 5, + "catremap": 5, + "catname": "Computer and Internet Info", + "catgroup": "Productivity" + }, + { + "catid": 6, + "catremap": 6, + "catname": "Auctions", + "catgroup": "Productivity" + }, + { + "catid": 7, + "catremap": 7, + "catname": "Shopping", + "catgroup": "Productivity" + }, + { + "catid": 8, + "catremap": 8, + "catname": "Cult and Occult", + "catgroup": "Sensitive" + }, + { + "catid": 9, + "catremap": 9, + "catname": "Travel", + "catgroup": "Productivity" + }, + { + "catid": 10, + "catremap": 10, + "catname": "Abused Drugs", + "catgroup": "Sensitive" + }, + { + "catid": 11, + "catremap": 11, + "catname": "Adult and Pornography", + "catgroup": "Sensitive" + }, + { + "catid": 12, + "catremap": 12, + "catname": "Home and Garden", + "catgroup": "Productivity" + }, + { + "catid": 13, + "catremap": 13, + "catname": "Military", + "catgroup": "Productivity" + }, + { + "catid": 14, + "catremap": 14, + "catname": "Social Networking", + "catgroup": "Productivity" + }, + { + "catid": 15, + "catremap": 15, + "catname": "Dead Sites", + "catgroup": "Misc" + }, + { + "catid": 16, + "catremap": 16, + "catname": "Individual Stock Advice and Tools", + "catgroup": "Productivity" + }, + { + "catid": 17, + "catremap": 17, + "catname": "Training and Tools", + "catgroup": "Productivity" + }, + { + "catid": 18, + "catremap": 18, + "catname": "Dating", + "catgroup": "Sensitive" + }, + { + "catid": 19, + "catremap": 19, + "catname": "Sex Education", + "catgroup": "Sensitive" + }, + { + "catid": 20, + "catremap": 20, + "catname": "Religion", + "catgroup": "Sensitive" + }, + { + "catid": 21, + "catremap": 21, + "catname": "Entertainment and Arts", + "catgroup": "Productivity" + }, + { + "catid": 22, + "catremap": 22, + "catname": "Personal sites and Blogs", + "catgroup": "Productivity" + }, + { + "catid": 23, + "catremap": 23, + "catname": "Legal", + "catgroup": "Privacy" + }, + { + "catid": 24, + "catremap": 24, + "catname": "Local Information", + "catgroup": "Productivity" + }, + { + "catid": 25, + "catremap": 25, + "catname": "Streaming Media", + "catgroup": "IT Resources" + }, + { + "catid": 26, + "catremap": 26, + "catname": "Job Search", + "catgroup": "Productivity" + }, + { + "catid": 27, + "catremap": 27, + "catname": "Gambling", + "catgroup": "Sensitive" + }, + { + "catid": 28, + "catremap": 28, + "catname": "Translation", + "catgroup": "Sensitive" + }, + { + "catid": 29, + "catremap": 29, + "catname": "Reference and Research", + "catgroup": "Productivity" + }, + { + "catid": 30, + "catremap": 30, + "catname": "Shareware and Freeware", + "catgroup": "IT Resources" + }, + { + "catid": 31, + "catremap": 31, + "catname": "Peer to Peer", + "catgroup": "IT Resources" + }, + { + "catid": 32, + "catremap": 32, + "catname": "Marijuana", + "catgroup": "Sensitive" + }, + { + "catid": 33, + "catremap": 33, + "catname": "Hacking", + "catgroup": "Sensitive" + }, + { + "catid": 34, + "catremap": 34, + "catname": "Games", + "catgroup": "Productivity" + }, + { + "catid": 35, + "catremap": 35, + "catname": "Philosophy and Political Advocacy", + "catgroup": "Productivity" + }, + { + "catid": 36, + "catremap": 36, + "catname": "Weapons", + "catgroup": "Sensitive" + }, + { + "catid": 37, + "catremap": 37, + "catname": "Pay to Surf", + "catgroup": "Productivity" + }, + { + "catid": 38, + "catremap": 38, + "catname": "Hunting and Fishing", + "catgroup": "Productivity" + }, + { + "catid": 39, + "catremap": 39, + "catname": "Society", + "catgroup": "Productivity" + }, + { + "catid": 40, + "catremap": 40, + "catname": "Educational Institutions", + "catgroup": "Productivity" + }, + { + "catid": 41, + "catremap": 41, + "catname": "Online Greeting Cards", + "catgroup": "IT Resources" + }, + { + "catid": 42, + "catremap": 42, + "catname": "Sports", + "catgroup": "Productivity" + }, + { + "catid": 43, + "catremap": 43, + "catname": "Swimsuits and Intimate Apparel", + "catgroup": "Sensitive" + }, + { + "catid": 44, + "catremap": 44, + "catname": "Questionable", + "catgroup": "Sensitive" + }, + { + "catid": 45, + "catremap": 45, + "catname": "Kids", + "catgroup": "Productivity" + }, + { + "catid": 46, + "catremap": 46, + "catname": "Hate and Racism", + "catgroup": "Sensitive" + }, + { + "catid": 47, + "catremap": 47, + "catname": "Personal Storage", + "catgroup": "IT Resources" + }, + { + "catid": 48, + "catremap": 48, + "catname": "Violence", + "catgroup": "Sensitive" + }, + { + "catid": 49, + "catremap": 49, + "catname": "Keyloggers and Monitoring", + "catgroup": "Security" + }, + { + "catid": 50, + "catremap": 50, + "catname": "Search Engines", + "catgroup": "Productivity" + }, + { + "catid": 51, + "catremap": 51, + "catname": "Internet Portals", + "catgroup": "Productivity" + }, + { + "catid": 52, + "catremap": 52, + "catname": "Web Advertisements", + "catgroup": "IT Resources" + }, + { + "catid": 53, + "catremap": 53, + "catname": "Cheating", + "catgroup": "Sensitive" + }, + { + "catid": 54, + "catremap": 54, + "catname": "Gross", + "catgroup": "Sensitive" + }, + { + "catid": 55, + "catremap": 55, + "catname": "Web-based Email", + "catgroup": "Privacy" + }, + { + "catid": 56, + "catremap": 56, + "catname": "Malware Sites", + "catgroup": "Security" + }, + { + "catid": 57, + "catremap": 57, + "catname": "Phishing and Other Frauds", + "catgroup": "Security" + }, + { + "catid": 58, + "catremap": 58, + "catname": "Proxy Avoidance and Anonymizers", + "catgroup": "Security" + }, + { + "catid": 59, + "catremap": 59, + "catname": "Spyware and Adware", + "catgroup": "Security" + }, + { + "catid": 60, + "catremap": 60, + "catname": "Music", + "catgroup": "Productivity" + }, + { + "catid": 61, + "catremap": 61, + "catname": "Government", + "catgroup": "Privacy" + }, + { + "catid": 62, + "catremap": 62, + "catname": "Nudity", + "catgroup": "Sensitive" + }, + { + "catid": 63, + "catremap": 63, + "catname": "News and Media", + "catgroup": "Productivity" + }, + { + "catid": 64, + "catremap": 64, + "catname": "Illegal", + "catgroup": "Sensitive" + }, + { + "catid": 65, + "catremap": 65, + "catname": "Content Delivery Networks", + "catgroup": "IT Resources" + }, + { + "catid": 66, + "catremap": 66, + "catname": "Internet Communications", + "catgroup": "IT Resources" + }, + { + "catid": 67, + "catremap": 67, + "catname": "Bot Nets", + "catgroup": "Security" + }, + { + "catid": 68, + "catremap": 68, + "catname": "Abortion", + "catgroup": "Sensitive" + }, + { + "catid": 69, + "catremap": 69, + "catname": "Health and Medicine", + "catgroup": "Privacy" + }, + { + "catid": 70, + "catremap": 70, + "catname": "Confirmed SPAM Sources", + "catgroup": "Unmaintained" + }, + { + "catid": 71, + "catremap": 71, + "catname": "SPAM URLs", + "catgroup": "Security" + }, + { + "catid": 72, + "catremap": 72, + "catname": "Unconfirmed SPAM Sources", + "catgroup": "Unmaintained" + }, + { + "catid": 73, + "catremap": 73, + "catname": "Open HTTP Proxies", + "catgroup": "Unmaintained" + }, + { + "catid": 74, + "catremap": 74, + "catname": "Dynamically Generated Content", + "catgroup": "Productivity" + }, + { + "catid": 75, + "catremap": 75, + "catname": "Parked Domains", + "catgroup": "Sensitive" + }, + { + "catid": 76, + "catremap": 76, + "catname": "Alcohol and Tobacco", + "catgroup": "Sensitive" + }, + { + "catid": 77, + "catremap": 77, + "catname": "Private IP Addresses", + "catgroup": "Unmaintained" + }, + { + "catid": 78, + "catremap": 78, + "catname": "Image and Video Search", + "catgroup": "Sensitive" + }, + { + "catid": 79, + "catremap": 79, + "catname": "Fashion and Beauty", + "catgroup": "Productivity" + }, + { + "catid": 80, + "catremap": 80, + "catname": "Recreation and Hobbies", + "catgroup": "Productivity" + }, + { + "catid": 81, + "catremap": 81, + "catname": "Motor Vehicles", + "catgroup": "Productivity" + }, + { + "catid": 82, + "catremap": 82, + "catname": "Web Hosting", + "catgroup": "IT Resources" + }, + { + "catid": 83, + "catremap": 83, + "catname": "Food and Dining", + "catgroup": "Unmaintained" + }, + { + "catid": 85, + "catremap": 48, + "catname": "Self Harm", + "catgroup": "Sensitive" + }, + { + "catid": 86, + "catremap": 58, + "catname": "DNS Over HTTPS", + "catgroup": "Security" + }, + { + "catid": 87, + "catremap": 32, + "catname": "Low-THC Cannabis Products", + "catgroup": "Sensitive" + }, + { + "catid": 88, + "catremap": 5, + "catname": "Generative AI", + "catgroup": "Productivity" + } +] From 92999afe21d558e59bf3fadce11b260c480c93bc Mon Sep 17 00:00:00 2001 From: manuwelakanade <42827843+manuwelakanade@users.noreply.github.com> Date: Wed, 22 Nov 2023 14:18:46 +0530 Subject: [PATCH 16/44] MFW-3961 Updating Makefile for categories.json (#202) --- bctid/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/bctid/Makefile b/bctid/Makefile index 14db22ebb..ab151006d 100644 --- a/bctid/Makefile +++ b/bctid/Makefile @@ -35,7 +35,8 @@ TMP_BUILD_DIR:=$(PKG_BUILD_DIR)/tmp/ define Package/bctid/install # Copy bctid categories file - $(CP) files/categories.json $(1)/etc/config/categories.json + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_BIN) files/categories.json $(1)/etc/config/categories.json $(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib/bctid $(1)/usr/share/bctid $(INSTALL_BIN) $(TMP_BUILD_DIR)/src/bin/bctid $(1)/usr/bin/ From 45048127db0afc695f3c8b610316d4af4094e09a Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Wed, 22 Nov 2023 11:31:57 +0200 Subject: [PATCH 17/44] Mfw 3694 eos board info on dash should show cbl/ind instead of custom (#201) * fix: fmt * feat: adding logic for counclibluff and independence boards info * fix: do not fall through for EOS configs * fix: added versions for independence * chore: move logic added to function --- sync-settings/files/product-board-name.init | 137 ++++++++++++-------- 1 file changed, 85 insertions(+), 52 deletions(-) diff --git a/sync-settings/files/product-board-name.init b/sync-settings/files/product-board-name.init index 5dccdc4c1..e6c3b5e0d 100755 --- a/sync-settings/files/product-board-name.init +++ b/sync-settings/files/product-board-name.init @@ -3,57 +3,90 @@ # Copyright (C) 2016 LEDE-Project.org START=12 + +In_eos_board_name() { + # running under EOS + + platform=$(cat /proc/cmdline | xargs -n1 | grep platform | cut -d '=' -f2) + + case "$platform" in + councilbluffs) + echo "Council Bluffs" >/tmp/sysinfo/product_board_name + exit 0 + ;; + independence) + Ind_version=$(cat /etc/prefdl | grep HwApi | awk -F ': ' '{print $2}' | cut -d '.' -f1) + case "$Ind_version" in + 03) + echo "Independence P3" >/tmp/sysinfo/product_board_name + exit 0 + ;; + 02) + echo "Independence P2" >/tmp/sysinfo/product_board_name + exit 0 + ;; + esac + ;; + esac + + # Not exiting here, since we want VMs to overwrite. +} + boot() { - . /lib/functions.sh - - if [ -f /tmp/sysinfo/product_board_name ] ; then - exit - fi - - SERIAL=$(cat /etc/config/serial | tr -d '[ \t\r\n]') - # Q series serial pattern CTWYYWWSSSS - # YYWWSSSS is a series of digits representing the year, number of weeks, and a sequence number - qSerialPattern="^CTW([1-9][0-9])(0[1-9]|[1-4][0-9]|5[0-3])([0-9]{4})$" - - case $(board_name) in - globalscale,espressobin-v7-emmc) - product_board_name="e3" - if [ -L /sys/class/ieee80211/phy0 ] ; then - product_board_name=$product_board_name"w" - fi - echo $product_board_name > /tmp/sysinfo/product_board_name - ;; - caswell-caf-0262|untangle-inc-default-string|arista-networks-inc-default-string) - if [[ $SERIAL =~ $qSerialPattern ]]; - then - # Handle Q series board name. - product_board_name="Q6E" - else - # Handle NON Q series board name. - product_board_name="e6" - fi - - if [ -L /sys/class/ieee80211/phy0 ] ; then - product_board_name=$product_board_name"w" - fi - - if [ -L /sys/class/net/wwan0 ] ; then - product_board_name=$product_board_name"l" - fi - - echo $product_board_name > /tmp/sysinfo/product_board_name - ;; - vmware-inc-vmware-virtual-platform) - echo "VMware" > /tmp/sysinfo/product_board_name - ;; - innotek-gmbh-virtualbox) - echo "VirtualBox" > /tmp/sysinfo/product_board_name - ;; - microsoft-corporation-virtual-machine) - echo "HyperV" > /tmp/sysinfo/product_board_name - ;; - *) - echo "Custom" > /tmp/sysinfo/product_board_name - ;; - esac + . /lib/functions.sh + + if [ -f /tmp/sysinfo/product_board_name ]; then + exit + fi + + # EOS additions + if [ -f /etc/Eos-release ]; then + In_eos_board_name + fi + + SERIAL=$(cat /etc/config/serial | tr -d '[ \t\r\n]') + # Q series serial pattern CTWYYWWSSSS + # YYWWSSSS is a series of digits representing the year, number of weeks, and a sequence number + qSerialPattern="^CTW([1-9][0-9])(0[1-9]|[1-4][0-9]|5[0-3])([0-9]{4})$" + + case $(board_name) in + globalscale,espressobin-v7-emmc) + product_board_name="e3" + if [ -L /sys/class/ieee80211/phy0 ]; then + product_board_name=$product_board_name"w" + fi + echo $product_board_name >/tmp/sysinfo/product_board_name + ;; + caswell-caf-0262 | untangle-inc-default-string | arista-networks-inc-default-string) + if [[ $SERIAL =~ $qSerialPattern ]]; then + # Handle Q series board name. + product_board_name="Q6E" + else + # Handle NON Q series board name. + product_board_name="e6" + fi + + if [ -L /sys/class/ieee80211/phy0 ]; then + product_board_name=$product_board_name"w" + fi + + if [ -L /sys/class/net/wwan0 ]; then + product_board_name=$product_board_name"l" + fi + + echo $product_board_name >/tmp/sysinfo/product_board_name + ;; + vmware-inc-vmware-virtual-platform) + echo "VMware" >/tmp/sysinfo/product_board_name + ;; + innotek-gmbh-virtualbox) + echo "VirtualBox" >/tmp/sysinfo/product_board_name + ;; + microsoft-corporation-virtual-machine) + echo "HyperV" >/tmp/sysinfo/product_board_name + ;; + *) + echo "Custom" >/tmp/sysinfo/product_board_name + ;; + esac } From 1135862fa54ace8063f61a1147ec57b5d47a8994 Mon Sep 17 00:00:00 2001 From: trilok-venkata <126052604+trilok-venkata@users.noreply.github.com> Date: Thu, 23 Nov 2023 14:45:22 +0530 Subject: [PATCH 18/44] MFW-3719: Adding a boot config checkout flag for load-eos-config (#199) Adding a boot config checkout flag for load-eos-config --- sync-settings/files/load-eos-config.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sync-settings/files/load-eos-config.init b/sync-settings/files/load-eos-config.init index cc99eec89..89a6e8928 100644 --- a/sync-settings/files/load-eos-config.init +++ b/sync-settings/files/load-eos-config.init @@ -7,7 +7,7 @@ STOP=17 start() { if [ -f /etc/Eos-release ] ; then - load-eos-config + load-eos-config --save-boot-config fi } From b4f9f2cd0112a38b980d563be16e9c082d9c07d6 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Untangle Date: Tue, 28 Nov 2023 19:18:26 +0200 Subject: [PATCH 19/44] Mfw 3762 conntrack config (#203) * feat: run sysctl on custom 9* files * fix: only if there are files * fix: quotes prevent asterisk expansion --- sync-settings/files/sync-settings.init | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/sync-settings/files/sync-settings.init b/sync-settings/files/sync-settings.init index 5c1d9fafa..076132f1e 100755 --- a/sync-settings/files/sync-settings.init +++ b/sync-settings/files/sync-settings.init @@ -20,9 +20,10 @@ boot() { mv /tmp/settings.json /etc/config/defaults.json # Run sysctl on 9* prio files if present - CUSTOM_COMMANDS="/etc/sysctl.d/9*" + CUSTOM_COMMANDS="/etc/sysctl.d/9*" + + if ls $CUSTOM_COMMANDS; then + sysctl -p $CUSTOM_COMMANDS - if ls "$CUSTOM_COMMANDS"; then - sysctl -p "$CUSTOM_COMMANDS" fi } From 3e3121c8cfcc63d3ff09237f89f600c96fed9655 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Wed, 29 Nov 2023 18:32:48 +0200 Subject: [PATCH 20/44] fix: spelling; adding fixme comments --- wan-manager/files/wan-manager | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/wan-manager/files/wan-manager b/wan-manager/files/wan-manager index c006a11e0..df6cf62e5 100755 --- a/wan-manager/files/wan-manager +++ b/wan-manager/files/wan-manager @@ -14,7 +14,7 @@ COMMAND_NAME=$0 COMMAND_PID=$$ # Debug mode for messages and other output DEBUG=false -# If true, run in interative mode, otherwise in dameon mode. +# If true, run in interactive mode, otherwise in daemon mode. INTERACTIVE=false # If non empty, log debug messages that match substring. Commonly used to watch substring. LOG_WATCH= @@ -51,7 +51,7 @@ LOG_MESSAGE_PRIORITY_DEBUG=1 if [ "$INTERACTIVE" = "true" ] ; then # In interactive mode use echo LOGGER_COMMAND="echo" - LOGGER_TIMESTAMP=date + LOGGER_TIMESTAMP="date" else # LOGGER_COMMAND="logger -t wan-manager" LOGGER_COMMAND="logger -t wan-manager" @@ -195,7 +195,7 @@ get_wan_path(){ } # check_for_table -# Verifies requried nft tables to exists +# Verifies required nft tables to exists # # @param $1 nft ip version type (ip or ipv6) # @param $2 Table name to check @@ -218,14 +218,14 @@ check_for_table() handle_term() { local __function_name="handle_term" - log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: recevied term signal" + log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: received term signal" kill -9 $COMMAND_PID } # wait_for_change # Use inotify to wait for specific files to change # -# @param $1 Comma separated lsit of files to monitor +# @param $1 Comma separated list of files to monitor wait_for_change() { local __function_name="wait_for_change" @@ -595,6 +595,7 @@ get_policy_wans_and_up_wans() fi done + # FIXME: __wans is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy_wans=$__policy_wans wans=$__wans" eval "$__return_policy_wans=\"$__policy_wans\"" eval "$__return_up_wans=\"$__up_wans\"" @@ -847,7 +848,7 @@ criteria_always_up() # @param $2 Numeric policy id # @param $3 Interface name # @param $4 IP family -# @param $5 Attribtute key +# @param $5 Attribute key # @param $6 Attribute value to match # @param $7 Status to set (up or down) criteria_attribute() @@ -869,6 +870,7 @@ criteria_attribute() status=$(head -n 1 $status_file) fi + # FIXME: attribute is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, attribute=$attribute, family=$family, key=$key, value=$value, new_status=$new_status" log_state="status" @@ -989,7 +991,7 @@ criteria_connectivity() local threshold=$8 local host=$9 - log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, family=$family, critera=$critera, interval=$interval, timeout=$timeout, threshold=$threshold, host=$host" + log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, family=$family, criteria=$criteria, interval=$interval, timeout=$timeout, threshold=$threshold, host=$host" local device local ip_address @@ -1194,7 +1196,7 @@ policy_best_of() if [ $stat_name = "latency" ] ; then if [ "$stat" = 0 ] || [ "$stat" = -1 ] ; then - # NOTE: A latency of 0 means 100% pakcet loss, so ignore during best_of calculations + # NOTE: A latency of 0 means 100% packet loss, so ignore during best_of calculations continue fi fi From fb031c042bb03f440aba22dcc4dca720f8e9fe08 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Wed, 29 Nov 2023 18:35:56 +0200 Subject: [PATCH 21/44] fixup! fix: spelling; adding fixme comments --- wan-manager/files/wan-manager | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wan-manager/files/wan-manager b/wan-manager/files/wan-manager index df6cf62e5..c404a73a0 100755 --- a/wan-manager/files/wan-manager +++ b/wan-manager/files/wan-manager @@ -141,7 +141,7 @@ ALLOW_LOG_UPDATE_START=$(date +%s) # - Log policy status for polices that otherwise log a lot like balance. check_allow_log_update() { - local __function_nane="check_allow_log_update" + local __function_name="check_allow_log_update" local currentTime=$(date +%s) local elapsedTime=$((currentTime - $ALLOW_LOG_UPDATE_START)) if [ $elapsedTime -gt $ALLOW_LOG_UPDATE_INTERVAL ]; then From 59a954695cceaf89bdb2cf0ecb5b699d1beaf5cf Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Wed, 29 Nov 2023 18:36:13 +0200 Subject: [PATCH 22/44] fix: fmt --- wan-manager/files/wan-manager | 550 ++++++++++++++++------------------ 1 file changed, 262 insertions(+), 288 deletions(-) diff --git a/wan-manager/files/wan-manager b/wan-manager/files/wan-manager index c404a73a0..9ad722d82 100755 --- a/wan-manager/files/wan-manager +++ b/wan-manager/files/wan-manager @@ -31,14 +31,14 @@ WAN_MANAGER_STATUS_PATH=/tmp/wan_status ## Process command line arguments ## while getopts "d:i:l:v:" flag; do - case "${flag}" in - d) DEBUG=${OPTARG} ;; - i) INTERACTIVE=${OPTARG} ;; - l) LOG_WATCH=${OPTARG} ;; - v) eval "${OPTARG}" ;; - esac + case "${flag}" in + d) DEBUG=${OPTARG} ;; + i) INTERACTIVE=${OPTARG} ;; + l) LOG_WATCH=${OPTARG} ;; + v) eval "${OPTARG}" ;; + esac done -shift $((OPTIND-1)) +shift $((OPTIND - 1)) ## ## Utilities @@ -48,7 +48,7 @@ shift $((OPTIND-1)) LOG_MESSAGE_PRIORITY_ANY=0 # Only log messages if DEBUG=true LOG_MESSAGE_PRIORITY_DEBUG=1 -if [ "$INTERACTIVE" = "true" ] ; then +if [ "$INTERACTIVE" = "true" ]; then # In interactive mode use echo LOGGER_COMMAND="echo" LOGGER_TIMESTAMP="date" @@ -63,13 +63,12 @@ fi # # @param $1 Priority (see above) # @param $2 Message -log_message() -{ +log_message() { local __function_name="log_message" local priority=$1 local message=$2 - if [ $priority = $LOG_MESSAGE_PRIORITY_DEBUG ] ; then + if [ $priority = $LOG_MESSAGE_PRIORITY_DEBUG ]; then if [ "$DEBUG" = true ]; then # Only log if DEBUG is enabled $LOGGER_COMMAND $(eval $LOGGER_TIMESTAMP) "debug $message" @@ -80,7 +79,7 @@ log_message() fi elif [ $priority = $LOG_MESSAGE_PRIORITY_ANY ]; then # Always log these messages - if [ "$DEBUG" = true ] || [ "$LOG_WATCH" != "" ] ; then + if [ "$DEBUG" = true ] || [ "$LOG_WATCH" != "" ]; then # In interactive mode, provide space separation from debug prefix. $LOGGER_COMMAND $(eval $LOGGER_TIMESTAMP) "any $message" else @@ -97,7 +96,7 @@ log_message() # @param $3 Changed message, usually reflecting transitions like "status=up->down" # @param $4 Stats message with fields like "status=up" # @param $5 Extra information to log in debug or watch mode -log_status_message(){ +log_status_message() { local state=$1 local prefix=$2 local change_message=$3 @@ -111,7 +110,7 @@ log_status_message(){ log_watch=true fi - if [ "$state" = "change" ] ; then + if [ "$state" = "change" ]; then __message=$change_message if [ "$DEBUG" = "true" ] || [ "$log_watch" = "true" ]; then __message="$__message $debug_append_message" @@ -139,8 +138,7 @@ ALLOW_LOG_UPDATE_START=$(date +%s) # This is used to: # - Log policy status period regardless of change # - Log policy status for polices that otherwise log a lot like balance. -check_allow_log_update() -{ +check_allow_log_update() { local __function_name="check_allow_log_update" local currentTime=$(date +%s) local elapsedTime=$((currentTime - $ALLOW_LOG_UPDATE_START)) @@ -157,13 +155,13 @@ check_allow_log_update() # # @param $1 Path variable to update. # @param $policyId Policy id -get_policy_path(){ +get_policy_path() { local __function_name="get_policy_path" local __return_path=$1 local policyId=$2 local path=$WAN_MANAGER_STATUS_PATH/$policyId - if [ ! -d $path ] ; then + if [ ! -d $path ]; then mkdir -p $path fi @@ -176,7 +174,7 @@ get_policy_path(){ # @param $1 Path variable to update. # @param $policyId Policy id # @param $policyId WAN interface id -get_wan_path(){ +get_wan_path() { local __function_name="get_wan_path" local __return_path=$1 local policyId=$2 @@ -187,7 +185,7 @@ get_wan_path(){ get_policy_path policyPath $policyId local path=$policyPath/wan-$interfaceId/$family - if [ ! -d $path ] ; then + if [ ! -d $path ]; then mkdir -p $path fi @@ -199,13 +197,12 @@ get_wan_path(){ # # @param $1 nft ip version type (ip or ipv6) # @param $2 Table name to check -check_for_table() -{ +check_for_table() { local __function_name="check_for_table" local ip_check=$1 local table_check=$2 - local output=`nft list table $ip_check $table_check` + local output=$(nft list table $ip_check $table_check) local retval=$? if [ $retval -ne 0 ]; then echo "$__function_name: NFT does not have a required table for wan-manager" @@ -215,8 +212,7 @@ check_for_table() # handle_term # Process signterm signal to exit -handle_term() -{ +handle_term() { local __function_name="handle_term" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: received term signal" kill -9 $COMMAND_PID @@ -226,12 +222,11 @@ handle_term() # Use inotify to wait for specific files to change # # @param $1 Comma separated list of files to monitor -wait_for_change() -{ +wait_for_change() { local __function_name="wait_for_change" local file=$1 - if [ ! -f $file ] ; then + if [ ! -f $file ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: $file not found, sleep instead" sleep 5 return @@ -245,8 +240,7 @@ wait_for_change() # @param $1 Return value of true or false # @param $2 Numeric interface id # @param $3 IP family (ipv4 or ipv6) -is_offline() -{ +is_offline() { local __function_name="is_offline" local __return_offline=$1 local id=$2 @@ -262,26 +256,26 @@ is_offline() fi json_load_file $STATS_FILE_NAME - if json_is_a interfaces array ; then - json_select interfaces - json_get_keys interfaces - for intf in $interfaces; do - json_select $intf - json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then - if [ $family = "ipv6" ] ; then - json_get_var __offline offline6 - else - json_get_var __offline offline - fi - if [ "$__offline" = "" ] ; then - # If variable not found, consider it offline - __offline=true - fi - fi - json_select .. - done + if json_is_a interfaces array; then + json_select interfaces + json_get_keys interfaces + for intf in $interfaces; do + json_select $intf + json_get_var interfaceId interfaceId + if [ $id = $interfaceId ]; then + if [ $family = "ipv6" ]; then + json_get_var __offline offline6 + else + json_get_var __offline offline + fi + if [ "$__offline" = "" ]; then + # If variable not found, consider it offline + __offline=true + fi + fi json_select .. + done + json_select .. fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: offline status for $id family: $family is $__offline" @@ -299,8 +293,7 @@ is_offline() # @param $1 Return value of weight as a number # @param $2 Numeric interface id # @param $3 Short policy identifier -get_wan_bandwidth() -{ +get_wan_bandwidth() { local __function_name="get_wan_bandwidth" local __return_weight=$1 local id=$2 @@ -316,10 +309,10 @@ get_wan_bandwidth() json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then + if [ $id = $interfaceId ]; then json_get_var __settingsWeight downloadKbps fi json_select .. @@ -338,8 +331,7 @@ get_wan_bandwidth() # @param $2 Short policy name # @param $3 Numeric interface id # !!! something to indicate this is from settings -get_static_weight() -{ +get_static_weight() { local __function_name="get_static_weight" local __return_weight=$1 local policy=$2 @@ -357,7 +349,7 @@ get_static_weight() json_select wan json_select policies json_get_keys policies - for p in $policies ; do + for p in $policies; do json_select $p json_get_var policyId policyId policyIdString="policy-$policyId" @@ -365,12 +357,12 @@ get_static_weight() # Substring match on short policy id to full policy id json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $interfaceId -eq 0 ] ; then + if [ $interfaceId -eq 0 ]; then __weight=1 - elif [ $id = $interfaceId ] ; then + elif [ $id = $interfaceId ]; then json_get_var __weight weight fi json_select .. @@ -392,8 +384,7 @@ get_static_weight() # @param $2 Numeric interface id # @param $3 Statistic name to look for (ie: ping, latency, etc.) # @param $4 Metric name to look for (ie: 1_minute, 10_minute, etc.) -get_stat() -{ +get_stat() { local __function_name="get_stat" local __return_stat=$1 local id=$2 @@ -415,25 +406,25 @@ get_stat() fi json_load_file $STATS_FILE_NAME - if json_is_a interfaces array ; then + if json_is_a interfaces array; then json_select interfaces json_get_keys interfaces for intf in $interfaces; do json_select $intf json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then + if [ $id = $interfaceId ]; then json_select "stats" json_get_keys stats for stat in $stats; do json_select $stat json_get_vars name - if [ $stat_name = $name ] ; then + if [ $stat_name = $name ]; then json_select "metrics" json_get_keys metrics for metric in $metrics; do json_select $metric json_get_vars name value - if [ $metric_name = $name ] ; then + if [ $metric_name = $name ]; then stat_value=$(echo ${value%%.*}) fi json_select .. @@ -459,8 +450,7 @@ get_stat() # @param $2 Short policy name # @param $3 Numeric interface id # @param $4 Ip family -is_wan_up_by_family() -{ +is_wan_up_by_family() { local __function_name="is_wan_up_by_family" local __is_wan_up_by_family=$1 local policy=$2 @@ -478,12 +468,12 @@ is_wan_up_by_family() for file in $(find $wan_path -type f); do __criteria_found=$((__criteria_found + 1)) grep -q down $file - if [ $? -eq 0 ] ; then + if [ $? -eq 0 ]; then __down_found=1 fi done __up=false - if [ $__criteria_found -gt 0 ] && [ $__down_found -eq 0 ] ; then + if [ $__criteria_found -gt 0 ] && [ $__down_found -eq 0 ]; then # Only up if we found at least one criteria and no "down" statuses. __up=true fi @@ -498,8 +488,7 @@ is_wan_up_by_family() # @param $1 Return value of test # @param $2 Short policy name # @param $3 Numeric interface id -is_wan_up() -{ +is_wan_up() { local __function_name="is_wan_up" local __return_wan_up=$1 local policy=$2 @@ -513,7 +502,7 @@ is_wan_up() is_wan_up_by_family __ipv4_up $policy $id ipv4 is_wan_up_by_family __ipv6_up $policy $id ipv6 - if [ "$__ipv4_up" = "true" ] || [ "$__ipv6_up" = "true" ] ; then + if [ "$__ipv4_up" = "true" ] || [ "$__ipv6_up" = "true" ]; then __up=true fi @@ -525,23 +514,22 @@ is_wan_up() # # @param $1 Short name of policy to disable # @param $2 Space separated numeric ids of WANs involved -disable_policy() -{ +disable_policy() { local __function_name="disable_policy" local policy=$1 local wans=$2 - TMPFILE=`mktemp -t $policy-changeset.XXXXXX` + TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) - echo flush chain ip wan-routing route-to-$policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy return comment \"policy disabled\" >> $TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy return comment \"policy disabled\" >> $TMPFILE + echo flush chain ip wan-routing route-to-$policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy return comment \"policy disabled\" >>$TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy return comment \"policy disabled\" >>$TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $policy All Wans:$wans Retval: $retval" - while [ $retval -ne 0 ] ; do + while [ $retval -ne 0 ]; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f Failed to disable policy: $policy All Wans:$wans Retval: $retval, trying again..." @@ -555,8 +543,7 @@ disable_policy() # @param $1 Return space separatd list of interfaceIds in policy # @param $2 Return space separatd list of interfaceIds in policy that are up # @param $3 Policy id -get_policy_wans_and_up_wans() -{ +get_policy_wans_and_up_wans() { local __function_name="get_policy_wans_and_up_wans" local __return_policy_wans=$1 local __return_up_wans=$2 @@ -571,12 +558,12 @@ get_policy_wans_and_up_wans() local id get_policy_path policy_dir $policy - for d in $policy_dir/* ; do + for d in $policy_dir/*; do log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: found file: $d" fileName=$(echo ${d##*/}) # Ignore the status files in the policy directory - if [ $fileName == "status" ] ; then + if [ $fileName == "status" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: skipping file: $d" continue fi @@ -590,12 +577,12 @@ get_policy_wans_and_up_wans() local wan_up is_wan_up wan_up $policy $id # if is_wan_up $policy $id; then - if [ "$wan_up" = "true" ] ; then + if [ "$wan_up" = "true" ]; then __up_wans="$__up_wans $id" fi done - # FIXME: __wans is undefined + # FIXME: __wans is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy_wans=$__policy_wans wans=$__wans" eval "$__return_policy_wans=\"$__policy_wans\"" eval "$__return_up_wans=\"$__up_wans\"" @@ -607,27 +594,26 @@ get_policy_wans_and_up_wans() # @param $1 Policy associated with the chain # @param $2 Interface id of the wan to use # @param $3 The wans included in this policy -jump_policy() -{ +jump_policy() { local __function_name="jump_policy" local policy=$1 local id=$2 local wans=$3 - TMPFILE=`mktemp -t $policy-changeset.XXXXXX` + TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) - echo flush chain ip wan-routing route-to-$policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy jump mark-for-wan-$id >> $TMPFILE + echo flush chain ip wan-routing route-to-$policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy jump mark-for-wan-$id >>$TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy jump mark-for-wan-$id >> $TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy jump mark-for-wan-$id >>$TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: updating jump_policy for policy:$policy mark for WAN:$id All WANs: $wans; retval: $retval" - while [ $retval -ne 0 ] ; do + while [ $retval -ne 0 ]; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f failed during jump_policy for policy:$policy mark for WAN:$id All WANs: $wans; retval: $retval, trying again..." @@ -642,28 +628,27 @@ jump_policy() # @param $2 Wans associated with this policy # @param $3 Total weight of all wans in the policy # @param $4 Generated balance string used in the vmap decision -balance_policy() -{ +balance_policy() { local __function_name="balance_policy" local policy=$1 local wans=$2 local total_weight=$3 local balance_string=$4 - TMPFILE=`mktemp -t $policy-changeset.XXXXXX` + TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) - echo flush chain ip wan-routing route-to-$policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add ip wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >> $TMPFILE + echo flush chain ip wan-routing route-to-$policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add ip wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >>$TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add ip6 wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >> $TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add ip6 wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >>$TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: running balance policy:$policy All Wans:$wans total_weight:$total_weight balance string:$balance_string Retval: $retval" - while [ $retval -ne 0 ] ; do + while [ $retval -ne 0 ]; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f failed while running balance policy:$policy All Wans:$wans total_weight:$total_weight balance string:$balance_string Retval: $retval, trying again..." @@ -678,7 +663,7 @@ balance_policy() # @param $1 Return value of of field. # @param $2 Interface id # @param $3 Family -get_openwrt_interface_name(){ +get_openwrt_interface_name() { local __function_name="settings_get_interface_field" local __return_name=$1 local interface_id=$2 @@ -695,19 +680,19 @@ get_openwrt_interface_name(){ json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $interface_id = $interfaceId ] ; then + if [ $interface_id = $interfaceId ]; then json_get_var __name name json_get_var __type type fi json_select .. done - if [ "$__name" != "" ] && [ "$__type" != "" ] ; then - if [ "$__type" != "IPSEC" ] && [ "$__type" != "OPENVPN" ] && [ "$__type" != "WIREGUARD" ] && [ "$__type" != "WWAN" ] ; then - if [ "$family" = "ipv6" ] ; then + if [ "$__name" != "" ] && [ "$__type" != "" ]; then + if [ "$__type" != "IPSEC" ] && [ "$__type" != "OPENVPN" ] && [ "$__type" != "WIREGUARD" ] && [ "$__type" != "WWAN" ]; then + if [ "$family" = "ipv6" ]; then __name="${__name}6" else __name="${__name}4" @@ -725,7 +710,7 @@ get_openwrt_interface_name(){ # @param $1 Return value of gateway IP address # @param $2 Interface Id to match # @param $3 Return value of metric -settings_get_ipsec_remote_gateway(){ +settings_get_ipsec_remote_gateway() { local __return_remoteGateway=$1 local id=$2 @@ -742,12 +727,12 @@ settings_get_ipsec_remote_gateway(){ json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then + if [ $id = $interfaceId ]; then json_get_type type ipsec - if [ "$type" = "" ] ; then + if [ "$type" = "" ]; then # Not an ipsec interface json_select .. continue @@ -774,8 +759,7 @@ settings_get_ipsec_remote_gateway(){ # @param $2 Numeric interface id # @param $3 OpenWrt interface name # @param $4 Ip family of the interface -criteria_up() -{ +criteria_up() { local __function_name="criteria_up" local policy=$1 local interfaceId=$2 @@ -788,7 +772,7 @@ criteria_up() local status_file="${wan_path}/${__function_name}" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi @@ -796,20 +780,19 @@ criteria_up() local offline is_offline offline $interfaceId $family log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $interface and $status_file current status is $status, offline=$offline" - if network_is_up $interface && [ "$offline" = "false" ]; then + if network_is_up $interface && [ "$offline" = "false" ]; then new_status="up" else new_status="down" fi log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file - if [ "$new_status" = "down" ] - then - log_status_message "handling $interface status" - handle_down_interface "$interface" + echo $new_status >$status_file + if [ "$new_status" = "down" ]; then + log_status_message "handling $interface status" + handle_down_interface "$interface" fi fi @@ -824,20 +807,19 @@ criteria_up() # @param $1 Policy id # @param $2 Numeric interface id # @param $3 IP family of the interface -criteria_always_up() -{ - local __function_name="criteria_up" - local policy=$1 - local interfaceId=$2 - local family=$3 - local wan_path - get_wan_path wan_path $policy $interfaceId $family - local status_file="${wan_path}/${__function_name}" - - echo "up" > $status_file - log_status_message "change" "$__function_name:" \ - "policy=$policy, interface=${interfaceId}/$family, status=up" \ - "policy=$policy, interface=${interfaceId}/$family, status=up" +criteria_always_up() { + local __function_name="criteria_up" + local policy=$1 + local interfaceId=$2 + local family=$3 + local wan_path + get_wan_path wan_path $policy $interfaceId $family + local status_file="${wan_path}/${__function_name}" + + echo "up" >$status_file + log_status_message "change" "$__function_name:" \ + "policy=$policy, interface=${interfaceId}/$family, status=up" \ + "policy=$policy, interface=${interfaceId}/$family, status=up" } # attribute @@ -851,8 +833,7 @@ criteria_always_up() # @param $5 Attribute key # @param $6 Attribute value to match # @param $7 Status to set (up or down) -criteria_attribute() -{ +criteria_attribute() { local __function_name="criteria_attribute" local policy=$1 local interfaceId=$2 @@ -866,17 +847,17 @@ criteria_attribute() get_wan_path wan_path $policy $interfaceId $family local status_file="${wan_path}/${__function_name}_${key}_${value}" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi - # FIXME: attribute is undefined + # FIXME: attribute is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, attribute=$attribute, family=$family, key=$key, value=$value, new_status=$new_status" log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file + echo $new_status >$status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -896,8 +877,7 @@ criteria_attribute() # @param $6 Metric name to use in the metric calculation # @param $7 Operator to use in the metric calculation # @param $8 Metric value to test against in the metric calculation -criteria_metric() -{ +criteria_metric() { local __function_name="criteria_metric" local policy=$1 local interfaceId=$2 @@ -915,7 +895,7 @@ criteria_metric() get_wan_path wan_path $policy $interfaceId $family status_file="$wan_path/${__function_name}_${stat_name}_${metric_name}_${operator}_${val}" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi @@ -925,40 +905,40 @@ criteria_metric() # Important assumption here!!! # VPNs and some other interfaces sometimes report a latency of 0 # Setting the test results to -1 will allow the logic below to skip this interface during the WAN checks - if [ $stat_name = "latency" ] && [ $test = 0 ] ; then + if [ $stat_name = "latency" ] && [ $test = 0 ]; then test=-1 fi local new_status="down" - if [ $test -ne -1 ] ; then + if [ $test -ne -1 ]; then case $operator in - le) - if [ $test -le $val ] ; then - new_status="up" - fi - ;; - lt) - if [ $test -lt $val ] ; then - new_status="up" - fi - ;; - ge) - if [ $test -ge $val ] ; then - new_status="up" - fi - ;; - gt) - if [ $test -gt $val ] ; then - new_status="up" - fi - ;; + le) + if [ $test -le $val ]; then + new_status="up" + fi + ;; + lt) + if [ $test -lt $val ]; then + new_status="up" + fi + ;; + ge) + if [ $test -ge $val ]; then + new_status="up" + fi + ;; + gt) + if [ $test -gt $val ]; then + new_status="up" + fi + ;; esac fi log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file + echo $new_status >$status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -978,8 +958,7 @@ criteria_metric() # @param $7 Timeout of when to fail the test # @param $8 Failure threshold of when to fail the tests # @param $9 Fost to run the connectivity tests against -criteria_connectivity() -{ +criteria_connectivity() { local __function_name="criteria_connectivity" local policy=$1 local interfaceId=$2 @@ -1020,70 +999,70 @@ criteria_connectivity() ## If the status_file already exists, lets see what the previous status was local new_status="down" local status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $policy and $status_file current status is $status" - for i in $(seq 0 9) ; do + for i in $(seq 0 9); do network_flush_cache is_offline offline $interfaceId $family - if [ "$offline" = "true" ] ; then + if [ "$offline" = "true" ]; then # No point in continuing if interface is down new_status="down" break fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: test interface=$interface, offline=$offline, interval running sequence i=$i" - if network_is_up $interface && [ "$offline" = "false" ]; then + if network_is_up $interface && [ "$offline" = "false" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: testing up and online interface=$interface" network_get_device device $interface network_get_ipaddr ip_address $interface network_get_dnsserver dns_server $interface network_get_gateway gw $interface - network_get_protocol protocol $interface + network_get_protocol protocol $interface case $criteria in - ping) - if [ "$family" = "ipv4" ] ; then - if [ "$protocol" != "vti" ] ; then - ping -I $device -w $timeout -W $timeout -c 1 $host > /dev/null && let result"$i"=1 || let result"$i"=0 - fi - fi - ;; - arp) - if [ "$family" = "ipv4" ] ; then - arping -s $ip_address -I $device -c 1 $gw > /dev/null && let result"$i"=1 || let result"$i"=0 + ping) + if [ "$family" = "ipv4" ]; then + if [ "$protocol" != "vti" ]; then + ping -I $device -w $timeout -W $timeout -c 1 $host >/dev/null && let result"$i"=1 || let result"$i"=0 fi - ;; - dns) - if [ "$family" = "ipv4" ] ; then - dig -b $ip_address +tries=3 +timeout=$timeout $dns_server $host > /dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - http) - if [ "$family" = "ipv4" ] ; then - wget --no-check-certificate --bind-address=$ip_address --header="Wan-Failover-Flag: true" --tries=3 -O /dev/null $host 2> /dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - *) - echo "Unknown test $criteria" - let result"$i"=0 - ;; + fi + ;; + arp) + if [ "$family" = "ipv4" ]; then + arping -s $ip_address -I $device -c 1 $gw >/dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + dns) + if [ "$family" = "ipv4" ]; then + dig -b $ip_address +tries=3 +timeout=$timeout $dns_server $host >/dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + http) + if [ "$family" = "ipv4" ]; then + wget --no-check-certificate --bind-address=$ip_address --header="Wan-Failover-Flag: true" --tries=3 -O /dev/null $host 2>/dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + *) + echo "Unknown test $criteria" + let result"$i"=0 + ;; esac # While it may seem like we should be calculating this outside the loop, # We want to do it inside so if we meet our threshold of failures, we # can stop immediately. count=0 - for i in $(seq 0 9) ; do + for i in $(seq 0 9); do eval "temp=\"\$result$i\"" - if [ $temp -eq 0 ] ; then + if [ $temp -eq 0 ]; then let count++ fi done - if [ $count -ge $threshold ] ; then + if [ $count -ge $threshold ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: reached failure threshold" new_status="down" break @@ -1094,9 +1073,9 @@ criteria_connectivity() done log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file + echo $new_status >$status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -1113,8 +1092,7 @@ criteria_connectivity() # # @param $1 Policy id # @param $2 Interface id -policy_specific_wan() -{ +policy_specific_wan() { local __function_name="policy_specific_wan" local policy=$1 local id=$2 @@ -1126,23 +1104,23 @@ policy_specific_wan() status_file="$policy_path/status" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi local wan_up is_wan_up wan_up $policy $id - if [ "$wan_up" = "true" ] ; then + if [ "$wan_up" = "true" ]; then new_status="up" else new_status="down" fi local log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then local log_state="change" - echo "status=$new_status" > $status_file - if [ $new_status = "up" ] ; then + echo "status=$new_status" >$status_file + if [ $new_status = "up" ]; then jump_policy $policy $id "$id" else disable_policy $policy "$id" @@ -1161,8 +1139,7 @@ policy_specific_wan() # @param $2 Stat name to test with (e.g.,latency) # @param $3 Metric name to test with (e.g.,1_minute) # @param $4 Operator to test with (e.g.,le) -policy_best_of() -{ +policy_best_of() { local __function_name="policy_best_of" local policy=$1 local stat_name=$2 @@ -1178,7 +1155,7 @@ policy_best_of() # Get current status local status="init" local current_best_wan=-1 - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi @@ -1189,55 +1166,55 @@ policy_best_of() local best_wan=-1 local best_stat=-1 local stat - for wan in $wans ; do + for wan in $wans; do get_stat stat $wan $stat_name $metric_name log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: wan=$wan, stat=$stat comparing best_wan=$best_wan, best_stat=$best_stat" - if [ $stat_name = "latency" ] ; then - if [ "$stat" = 0 ] || [ "$stat" = -1 ] ; then + if [ $stat_name = "latency" ]; then + if [ "$stat" = 0 ] || [ "$stat" = -1 ]; then # NOTE: A latency of 0 means 100% packet loss, so ignore during best_of calculations continue fi fi - if [ $best_wan -eq -1 ] ; then + if [ $best_wan -eq -1 ]; then # Initialize best_wan=$wan best_stat=$stat else case $operator in - le) - if [ $stat -le $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; - lt) - if [ $stat -lt $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; - ge) - if [ $stat -ge $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; - gt) - if [ $stat -gt $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; + le) + if [ $stat -le $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; + lt) + if [ $stat -lt $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; + ge) + if [ $stat -ge $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; + gt) + if [ $stat -gt $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; esac fi done local new_status=$status local new_best_wan=$current_best_wan - if [ $best_wan -eq -1 ] ; then + if [ $best_wan -eq -1 ]; then new_status="down" else new_status="up" @@ -1245,11 +1222,11 @@ policy_best_of() new_best_wan=$best_wan local log_state="status" - if [ "$new_status" != "$status" ] || [ ! $current_best_wan -eq $new_best_wan ] ; then + if [ "$new_status" != "$status" ] || [ ! $current_best_wan -eq $new_best_wan ]; then log_state="change" - echo "status=$new_status" > $status_file - echo "current_best_wan=$new_best_wan" >> $status_file - if [ "$new_status" = "up" ] ; then + echo "status=$new_status" >$status_file + echo "current_best_wan=$new_best_wan" >>$status_file + if [ "$new_status" = "up" ]; then jump_policy $policy $new_best_wan "$policy_wans" else disable_policy $policy "$policy_wans" @@ -1268,8 +1245,7 @@ policy_best_of() # @param $2 Numeric interface id # @param $3 Interface name # @param $4 Ip family for interface -policy_best_of_ipsec_vpn() -{ +policy_best_of_ipsec_vpn() { local __function_name="policy_best_of_ipsec_vpn" local policy=$1 local interfaceId=$2 @@ -1278,11 +1254,11 @@ policy_best_of_ipsec_vpn() local remoteGateway settings_get_ipsec_remote_gateway remoteGateway $interfaceId - if [ "$remoteGateway" = "" ] ; then + if [ "$remoteGateway" = "" ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: policy=$policy, interfaceId=$interfaceId, unable to get remote gateway address" return fi - if [ "$remoteGateway" = "%any" ] ; then + if [ "$remoteGateway" = "%any" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, remote gateway address is %any" return fi @@ -1295,7 +1271,7 @@ policy_best_of_ipsec_vpn() local status="init" local current_best_wan=-1 log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: getting policy=$policy reading $status_file" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi @@ -1312,7 +1288,7 @@ policy_best_of_ipsec_vpn() # Look at current left and if same, continue current_left_address=$(ip xfrm policy | grep "dst $remoteGateway" | head -1 | cut -d' ' -f3) - if [ "$current_left_address" = "dst" ] || [ "$current_left_address" = "" ] ; then + if [ "$current_left_address" = "dst" ] || [ "$current_left_address" = "" ]; then # No found in policies log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: unable to find appropriate remoteGateway=$remoteGateway" if [ "$ALLOW_LOG_UPDATE" == "false" ]; then @@ -1354,8 +1330,8 @@ policy_best_of_ipsec_vpn() ipsec_temp_name=$(mktemp /tmp/ipsec.confXXXXXX) # Looking for our remote gateway, modify the left side to reflect the new WAN IP address. awk '/right='$remoteGateway'/{sub(/left=.*/, "left='$ip_address'", last)} NR>1{print last} {last=$0} END {print last}' \ - $ipsec_live_name > $ipsec_temp_name \ - && mv $ipsec_temp_name $ipsec_live_name + $ipsec_live_name >$ipsec_temp_name && + mv $ipsec_temp_name $ipsec_live_name # Bring IPSec back up ipsec restart 2>/dev/null @@ -1375,8 +1351,7 @@ policy_best_of_ipsec_vpn() # # @param $1 Policy id # @param $2 Balance algorithm to use (ie: LATENCY, WEIGHTED, AVAILABLE_BANDWIDTH) -policy_balance() -{ +policy_balance() { local __function_name="policy_balance" local policy=$1 local algorithm=$2 @@ -1387,7 +1362,7 @@ policy_balance() status="init" balance_string="" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi @@ -1405,37 +1380,37 @@ policy_balance() total_latency=0 local latency local weight - if [ $algorithm = "LATENCY" ] ; then - for wan in $wans ; do + if [ $algorithm = "LATENCY" ]; then + for wan in $wans; do get_stat latency $wan "latency" "1_minute" total_latency=$((total_latency + $latency)) done fi - for wan in $wans ; do - if [ $algorithm = "WEIGHTED" ] ; then + for wan in $wans; do + if [ $algorithm = "WEIGHTED" ]; then get_static_weight weight $policy $wan - elif [ $algorithm = "LATENCY" ] ; then + elif [ $algorithm = "LATENCY" ]; then get_stat weight $wan "latency" "1_minute" weight=$(($total_latency - $weight)) - if [ $weight -eq 0 ] ; then + if [ $weight -eq 0 ]; then weight=100 fi - elif [ $algorithm = "AVAILABLE_BANDWIDTH" ] ; then + elif [ $algorithm = "AVAILABLE_BANDWIDTH" ]; then get_stat weight $wan "available_bandwidth" "1_minute" - elif [ $algorithm = "BANDWIDTH" ] ; then + elif [ $algorithm = "BANDWIDTH" ]; then get_wan_bandwidth weight $wan fi - if [ $weight -eq 0 ] ; then + if [ $weight -eq 0 ]; then continue fi - if [ $total_weight -ne 0 ] ; then + if [ $total_weight -ne 0 ]; then new_balance_string="$new_balance_string, " fi range_end=$(($weight + $total_weight - 1)) - if [ $total_weight -eq $range_end ] ; then + if [ $total_weight -eq $range_end ]; then new_balance_string="$new_balance_string$total_weight : jump mark-for-wan-$wan" else new_balance_string="$new_balance_string$total_weight-$range_end : jump mark-for-wan-$wan" @@ -1443,23 +1418,23 @@ policy_balance() total_weight=$((total_weight + $weight)) done - if [ "$new_balance_string" = "" ] ; then + if [ "$new_balance_string" = "" ]; then new_status="down" else new_status="up" fi local log_state="status" - if [ "$new_status" != "$status" ] || [ "$balance_string" != "$new_balance_string" ] ; then + if [ "$new_status" != "$status" ] || [ "$balance_string" != "$new_balance_string" ]; then local log_state="change" - echo "status=$new_status" > $status_file - echo "balance_string=\"$new_balance_string\"" >> $status_file - if [ "$new_status" = "down" ] ; then - if [ $status != "down" ] ; then + echo "status=$new_status" >$status_file + echo "balance_string=\"$new_balance_string\"" >>$status_file + if [ "$new_status" = "down" ]; then + if [ $status != "down" ]; then disable_policy $policy "$policy_wans" fi else - if [ ! $status = "up" ] || [ "$new_balance_string" != "$balance_string" ] ; then + if [ ! $status = "up" ] || [ "$new_balance_string" != "$balance_string" ]; then balance_policy $policy "$policy_wans" $total_weight "$new_balance_string" fi fi @@ -1479,7 +1454,7 @@ __function_name="main" check_for_table ip wan-routing check_for_table ip6 wan-routing -if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ] ; then +if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: COMMAND_NAME=$COMMAND_NAME" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: COMMAND_PID=$COMMAND_PID" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: INTERACTIVE=$INTERACTIVE" @@ -1487,12 +1462,12 @@ if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ] ; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: LOG_WATCH=$WATCH" fi -if [ "$INTERACTIVE" = "false" ] ; then +if [ "$INTERACTIVE" = "false" ]; then # Create term handler and run the handle_term callback trap 'handle_term' SIGTERM SIGINT else # If we're in interactive (developer) mode we don't want the system daemon process running - for pid in `pgrep -f $COMMAND_NAME `; do + for pid in $(pgrep -f $COMMAND_NAME); do if [ "$pid" = "$COMMAND_PID" ]; then # Ignore ourselves continue @@ -1507,7 +1482,7 @@ log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: started, pid=$COMMAND_P rm -rf ${WAN_MANAGER_STATUS_PATH}/* # Wait for stats.json to change, and then run every policy once (vs having each policy wait for change every time) -while [ 1 ] ; do +while [ 1 ]; do log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: --- begin wan_manager config" . /etc/config/wan_manager check_allow_log_update @@ -1516,8 +1491,7 @@ while [ 1 ] ; do done # Exit, wait for us to finish -for i in `pgrep -P COMMAND_PID ` -do +for i in $(pgrep -P COMMAND_PID); do wait $i done log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: exit, pid=$COMMAND_PID" From 6219fa277152a0ab6b059494b58202ff801ad030 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Wed, 29 Nov 2023 20:19:55 +0200 Subject: [PATCH 23/44] feat: add init and script --- sync-settings/files/interface-watcher.init | 16 ++++++++++++++ sync-settings/files/interface_watcher.sh | 25 ++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100755 sync-settings/files/interface-watcher.init create mode 100644 sync-settings/files/interface_watcher.sh diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init new file mode 100755 index 000000000..1a5a3a2c0 --- /dev/null +++ b/sync-settings/files/interface-watcher.init @@ -0,0 +1,16 @@ +#!/bin/sh /etc/rc.common + +# 16 is right after startup (15) +START=16 +STOP=16 + +USE_PROCD=1 + +start_service() { + procd_open_instance interface-watcher + procd_set_param command /usr/bin/interface_watcher.sh + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_set_param respawn 3600 5 0 + procd_close_instance +} diff --git a/sync-settings/files/interface_watcher.sh b/sync-settings/files/interface_watcher.sh new file mode 100644 index 000000000..afd91e1dc --- /dev/null +++ b/sync-settings/files/interface_watcher.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +grab_intf_name() { + interfaces=$(uci show network | grep $1 | cut -d"." -f2) +} + +# Monitor ip link status for interfaces. +ip -o monitor link | while read -r index interface status remaining; do + iface=$(printf '%s\n' "$interface" | sed -E 's/(@.*)?:$//') + operstate=$(printf '%s\n' "$remaining" | grep -Eo ' state [^ ]+' | sed 's/^ state //') + + # If iface goes to UP + if [ "$operstate" = "UP" ]; then + echo "PEOS" + + # For both ipv6 and ipv4 + grab_intf_name "$iface" + echo "$interfaces" | while read -r line; do ifup "$line"; done + + fi + + logger -t "Interface Watch" "Interface $iface changed state to $operstate" +done + +exit 1 From 68d5f846c19e758f12072970370712286eec3b19 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Wed, 29 Nov 2023 20:22:20 +0200 Subject: [PATCH 24/44] feat: add to makefile --- sync-settings/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sync-settings/Makefile b/sync-settings/Makefile index eafe635a0..db900162d 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -42,6 +42,7 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/set_affinity.sh $(1)/usr/bin $(INSTALL_BIN) files/set_rpsxps.sh $(1)/usr/bin $(INSTALL_BIN) files/quota_cron.sh $(1)/usr/bin + $(INSTALL_BIN) files/interface_watcher.sh $(1)/usr/bin # init.d $(INSTALL_DIR) $(1)/etc/init.d @@ -54,6 +55,7 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/uid.init $(1)/etc/init.d/uid $(INSTALL_BIN) files/product-board-name.init $(1)/etc/init.d/product-board-name $(INSTALL_BIN) files/load-eos-config.init $(1)/etc/init.d/load-eos-config + $(INSTALL_BIN) files/interface-watcher.init $(1)/etc/init.d/interface-watcher # config/startup.d $(INSTALL_DIR) $(1)/etc/config/startup.d From 584975a96a1ee56543d6394cdbe9dcdc30128373 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Fri, 1 Dec 2023 19:27:32 +0200 Subject: [PATCH 25/44] fix: try different order, remove options --- sync-settings/files/interface-watcher.init | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init index 1a5a3a2c0..538b3ca13 100755 --- a/sync-settings/files/interface-watcher.init +++ b/sync-settings/files/interface-watcher.init @@ -1,16 +1,13 @@ #!/bin/sh /etc/rc.common # 16 is right after startup (15) -START=16 -STOP=16 +START=19 +STOP=19 USE_PROCD=1 start_service() { procd_open_instance interface-watcher procd_set_param command /usr/bin/interface_watcher.sh - procd_set_param stdout 1 - procd_set_param stderr 1 - procd_set_param respawn 3600 5 0 procd_close_instance } From 441f73502c6d7a1d888d048af8f5f81fd24ff535 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Fri, 1 Dec 2023 19:43:59 +0200 Subject: [PATCH 26/44] Revert "fix: try different order, remove options" This reverts commit 584975a96a1ee56543d6394cdbe9dcdc30128373. --- sync-settings/files/interface-watcher.init | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init index 538b3ca13..1a5a3a2c0 100755 --- a/sync-settings/files/interface-watcher.init +++ b/sync-settings/files/interface-watcher.init @@ -1,13 +1,16 @@ #!/bin/sh /etc/rc.common # 16 is right after startup (15) -START=19 -STOP=19 +START=16 +STOP=16 USE_PROCD=1 start_service() { procd_open_instance interface-watcher procd_set_param command /usr/bin/interface_watcher.sh + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_set_param respawn 3600 5 0 procd_close_instance } From 445651ef0d2b2d6960f91817b79d2e2f52173641 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Fri, 1 Dec 2023 20:56:31 +0200 Subject: [PATCH 27/44] feat: add stop to init for interface-watcher --- sync-settings/files/interface-watcher.init | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init index 1a5a3a2c0..f9faf22b7 100755 --- a/sync-settings/files/interface-watcher.init +++ b/sync-settings/files/interface-watcher.init @@ -14,3 +14,7 @@ start_service() { procd_set_param respawn 3600 5 0 procd_close_instance } + +stop_service() { + ps | grep "/usr/bin/interface_watcher.sh" | awk '{print $1}' | xargs kill -9 "$1" 2>&1 +} From a7bae4a5ff0b2905e8ec9a84114b93fa67ae77de Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Sat, 2 Dec 2023 16:09:59 +0200 Subject: [PATCH 28/44] fix: remove prints --- sync-settings/files/interface_watcher.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/sync-settings/files/interface_watcher.sh b/sync-settings/files/interface_watcher.sh index afd91e1dc..368e544e0 100644 --- a/sync-settings/files/interface_watcher.sh +++ b/sync-settings/files/interface_watcher.sh @@ -11,8 +11,6 @@ ip -o monitor link | while read -r index interface status remaining; do # If iface goes to UP if [ "$operstate" = "UP" ]; then - echo "PEOS" - # For both ipv6 and ipv4 grab_intf_name "$iface" echo "$interfaces" | while read -r line; do ifup "$line"; done From 036c4c3b28c68cc94f71f7432a8282a952d32b63 Mon Sep 17 00:00:00 2001 From: Utkarsh51 Date: Tue, 5 Dec 2023 12:24:01 +0530 Subject: [PATCH 29/44] MFW:4032- Updated the empty log in pyconnector --- pyconnector/files/pyconnector | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyconnector/files/pyconnector b/pyconnector/files/pyconnector index 54e890b4c..f312717a0 100755 --- a/pyconnector/files/pyconnector +++ b/pyconnector/files/pyconnector @@ -337,5 +337,5 @@ if __name__ == "__main__": # check_pid_file() while True: - debug("") + debug("Attempting to read from cmd") read_from_cmd() From 1f36ac855ddc0af3c20221b5b398cb8c1af8aca2 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Tue, 5 Dec 2023 14:56:42 +0200 Subject: [PATCH 30/44] fix: succint solution for stop service --- sync-settings/files/interface-watcher.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init index f9faf22b7..050c90487 100755 --- a/sync-settings/files/interface-watcher.init +++ b/sync-settings/files/interface-watcher.init @@ -16,5 +16,5 @@ start_service() { } stop_service() { - ps | grep "/usr/bin/interface_watcher.sh" | awk '{print $1}' | xargs kill -9 "$1" 2>&1 + kill -9 "$(pgrep interface_watcher.sh)" } From 81fa33be16fc8a8870a2ec98832ff4161479eb85 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos - Arista Date: Tue, 5 Dec 2023 15:28:25 +0200 Subject: [PATCH 31/44] MFW-4007: Add interfaces watcher (#204) * fix: spelling; adding fixme comments * fixup! fix: spelling; adding fixme comments * fix: fmt * feat: add init and script * feat: add to makefile * fix: try different order, remove options * Revert "fix: try different order, remove options" This reverts commit 584975a96a1ee56543d6394cdbe9dcdc30128373. * feat: add stop to init for interface-watcher * fix: remove prints * fix: succint solution for stop service --- sync-settings/Makefile | 2 + sync-settings/files/interface-watcher.init | 20 + sync-settings/files/interface_watcher.sh | 23 + wan-manager/files/wan-manager | 566 ++++++++++----------- 4 files changed, 316 insertions(+), 295 deletions(-) create mode 100755 sync-settings/files/interface-watcher.init create mode 100644 sync-settings/files/interface_watcher.sh diff --git a/sync-settings/Makefile b/sync-settings/Makefile index eafe635a0..db900162d 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -42,6 +42,7 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/set_affinity.sh $(1)/usr/bin $(INSTALL_BIN) files/set_rpsxps.sh $(1)/usr/bin $(INSTALL_BIN) files/quota_cron.sh $(1)/usr/bin + $(INSTALL_BIN) files/interface_watcher.sh $(1)/usr/bin # init.d $(INSTALL_DIR) $(1)/etc/init.d @@ -54,6 +55,7 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/uid.init $(1)/etc/init.d/uid $(INSTALL_BIN) files/product-board-name.init $(1)/etc/init.d/product-board-name $(INSTALL_BIN) files/load-eos-config.init $(1)/etc/init.d/load-eos-config + $(INSTALL_BIN) files/interface-watcher.init $(1)/etc/init.d/interface-watcher # config/startup.d $(INSTALL_DIR) $(1)/etc/config/startup.d diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init new file mode 100755 index 000000000..050c90487 --- /dev/null +++ b/sync-settings/files/interface-watcher.init @@ -0,0 +1,20 @@ +#!/bin/sh /etc/rc.common + +# 16 is right after startup (15) +START=16 +STOP=16 + +USE_PROCD=1 + +start_service() { + procd_open_instance interface-watcher + procd_set_param command /usr/bin/interface_watcher.sh + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_set_param respawn 3600 5 0 + procd_close_instance +} + +stop_service() { + kill -9 "$(pgrep interface_watcher.sh)" +} diff --git a/sync-settings/files/interface_watcher.sh b/sync-settings/files/interface_watcher.sh new file mode 100644 index 000000000..368e544e0 --- /dev/null +++ b/sync-settings/files/interface_watcher.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +grab_intf_name() { + interfaces=$(uci show network | grep $1 | cut -d"." -f2) +} + +# Monitor ip link status for interfaces. +ip -o monitor link | while read -r index interface status remaining; do + iface=$(printf '%s\n' "$interface" | sed -E 's/(@.*)?:$//') + operstate=$(printf '%s\n' "$remaining" | grep -Eo ' state [^ ]+' | sed 's/^ state //') + + # If iface goes to UP + if [ "$operstate" = "UP" ]; then + # For both ipv6 and ipv4 + grab_intf_name "$iface" + echo "$interfaces" | while read -r line; do ifup "$line"; done + + fi + + logger -t "Interface Watch" "Interface $iface changed state to $operstate" +done + +exit 1 diff --git a/wan-manager/files/wan-manager b/wan-manager/files/wan-manager index c006a11e0..9ad722d82 100755 --- a/wan-manager/files/wan-manager +++ b/wan-manager/files/wan-manager @@ -14,7 +14,7 @@ COMMAND_NAME=$0 COMMAND_PID=$$ # Debug mode for messages and other output DEBUG=false -# If true, run in interative mode, otherwise in dameon mode. +# If true, run in interactive mode, otherwise in daemon mode. INTERACTIVE=false # If non empty, log debug messages that match substring. Commonly used to watch substring. LOG_WATCH= @@ -31,14 +31,14 @@ WAN_MANAGER_STATUS_PATH=/tmp/wan_status ## Process command line arguments ## while getopts "d:i:l:v:" flag; do - case "${flag}" in - d) DEBUG=${OPTARG} ;; - i) INTERACTIVE=${OPTARG} ;; - l) LOG_WATCH=${OPTARG} ;; - v) eval "${OPTARG}" ;; - esac + case "${flag}" in + d) DEBUG=${OPTARG} ;; + i) INTERACTIVE=${OPTARG} ;; + l) LOG_WATCH=${OPTARG} ;; + v) eval "${OPTARG}" ;; + esac done -shift $((OPTIND-1)) +shift $((OPTIND - 1)) ## ## Utilities @@ -48,10 +48,10 @@ shift $((OPTIND-1)) LOG_MESSAGE_PRIORITY_ANY=0 # Only log messages if DEBUG=true LOG_MESSAGE_PRIORITY_DEBUG=1 -if [ "$INTERACTIVE" = "true" ] ; then +if [ "$INTERACTIVE" = "true" ]; then # In interactive mode use echo LOGGER_COMMAND="echo" - LOGGER_TIMESTAMP=date + LOGGER_TIMESTAMP="date" else # LOGGER_COMMAND="logger -t wan-manager" LOGGER_COMMAND="logger -t wan-manager" @@ -63,13 +63,12 @@ fi # # @param $1 Priority (see above) # @param $2 Message -log_message() -{ +log_message() { local __function_name="log_message" local priority=$1 local message=$2 - if [ $priority = $LOG_MESSAGE_PRIORITY_DEBUG ] ; then + if [ $priority = $LOG_MESSAGE_PRIORITY_DEBUG ]; then if [ "$DEBUG" = true ]; then # Only log if DEBUG is enabled $LOGGER_COMMAND $(eval $LOGGER_TIMESTAMP) "debug $message" @@ -80,7 +79,7 @@ log_message() fi elif [ $priority = $LOG_MESSAGE_PRIORITY_ANY ]; then # Always log these messages - if [ "$DEBUG" = true ] || [ "$LOG_WATCH" != "" ] ; then + if [ "$DEBUG" = true ] || [ "$LOG_WATCH" != "" ]; then # In interactive mode, provide space separation from debug prefix. $LOGGER_COMMAND $(eval $LOGGER_TIMESTAMP) "any $message" else @@ -97,7 +96,7 @@ log_message() # @param $3 Changed message, usually reflecting transitions like "status=up->down" # @param $4 Stats message with fields like "status=up" # @param $5 Extra information to log in debug or watch mode -log_status_message(){ +log_status_message() { local state=$1 local prefix=$2 local change_message=$3 @@ -111,7 +110,7 @@ log_status_message(){ log_watch=true fi - if [ "$state" = "change" ] ; then + if [ "$state" = "change" ]; then __message=$change_message if [ "$DEBUG" = "true" ] || [ "$log_watch" = "true" ]; then __message="$__message $debug_append_message" @@ -139,9 +138,8 @@ ALLOW_LOG_UPDATE_START=$(date +%s) # This is used to: # - Log policy status period regardless of change # - Log policy status for polices that otherwise log a lot like balance. -check_allow_log_update() -{ - local __function_nane="check_allow_log_update" +check_allow_log_update() { + local __function_name="check_allow_log_update" local currentTime=$(date +%s) local elapsedTime=$((currentTime - $ALLOW_LOG_UPDATE_START)) if [ $elapsedTime -gt $ALLOW_LOG_UPDATE_INTERVAL ]; then @@ -157,13 +155,13 @@ check_allow_log_update() # # @param $1 Path variable to update. # @param $policyId Policy id -get_policy_path(){ +get_policy_path() { local __function_name="get_policy_path" local __return_path=$1 local policyId=$2 local path=$WAN_MANAGER_STATUS_PATH/$policyId - if [ ! -d $path ] ; then + if [ ! -d $path ]; then mkdir -p $path fi @@ -176,7 +174,7 @@ get_policy_path(){ # @param $1 Path variable to update. # @param $policyId Policy id # @param $policyId WAN interface id -get_wan_path(){ +get_wan_path() { local __function_name="get_wan_path" local __return_path=$1 local policyId=$2 @@ -187,7 +185,7 @@ get_wan_path(){ get_policy_path policyPath $policyId local path=$policyPath/wan-$interfaceId/$family - if [ ! -d $path ] ; then + if [ ! -d $path ]; then mkdir -p $path fi @@ -195,17 +193,16 @@ get_wan_path(){ } # check_for_table -# Verifies requried nft tables to exists +# Verifies required nft tables to exists # # @param $1 nft ip version type (ip or ipv6) # @param $2 Table name to check -check_for_table() -{ +check_for_table() { local __function_name="check_for_table" local ip_check=$1 local table_check=$2 - local output=`nft list table $ip_check $table_check` + local output=$(nft list table $ip_check $table_check) local retval=$? if [ $retval -ne 0 ]; then echo "$__function_name: NFT does not have a required table for wan-manager" @@ -215,23 +212,21 @@ check_for_table() # handle_term # Process signterm signal to exit -handle_term() -{ +handle_term() { local __function_name="handle_term" - log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: recevied term signal" + log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: received term signal" kill -9 $COMMAND_PID } # wait_for_change # Use inotify to wait for specific files to change # -# @param $1 Comma separated lsit of files to monitor -wait_for_change() -{ +# @param $1 Comma separated list of files to monitor +wait_for_change() { local __function_name="wait_for_change" local file=$1 - if [ ! -f $file ] ; then + if [ ! -f $file ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: $file not found, sleep instead" sleep 5 return @@ -245,8 +240,7 @@ wait_for_change() # @param $1 Return value of true or false # @param $2 Numeric interface id # @param $3 IP family (ipv4 or ipv6) -is_offline() -{ +is_offline() { local __function_name="is_offline" local __return_offline=$1 local id=$2 @@ -262,26 +256,26 @@ is_offline() fi json_load_file $STATS_FILE_NAME - if json_is_a interfaces array ; then - json_select interfaces - json_get_keys interfaces - for intf in $interfaces; do - json_select $intf - json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then - if [ $family = "ipv6" ] ; then - json_get_var __offline offline6 - else - json_get_var __offline offline - fi - if [ "$__offline" = "" ] ; then - # If variable not found, consider it offline - __offline=true - fi - fi - json_select .. - done + if json_is_a interfaces array; then + json_select interfaces + json_get_keys interfaces + for intf in $interfaces; do + json_select $intf + json_get_var interfaceId interfaceId + if [ $id = $interfaceId ]; then + if [ $family = "ipv6" ]; then + json_get_var __offline offline6 + else + json_get_var __offline offline + fi + if [ "$__offline" = "" ]; then + # If variable not found, consider it offline + __offline=true + fi + fi json_select .. + done + json_select .. fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: offline status for $id family: $family is $__offline" @@ -299,8 +293,7 @@ is_offline() # @param $1 Return value of weight as a number # @param $2 Numeric interface id # @param $3 Short policy identifier -get_wan_bandwidth() -{ +get_wan_bandwidth() { local __function_name="get_wan_bandwidth" local __return_weight=$1 local id=$2 @@ -316,10 +309,10 @@ get_wan_bandwidth() json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then + if [ $id = $interfaceId ]; then json_get_var __settingsWeight downloadKbps fi json_select .. @@ -338,8 +331,7 @@ get_wan_bandwidth() # @param $2 Short policy name # @param $3 Numeric interface id # !!! something to indicate this is from settings -get_static_weight() -{ +get_static_weight() { local __function_name="get_static_weight" local __return_weight=$1 local policy=$2 @@ -357,7 +349,7 @@ get_static_weight() json_select wan json_select policies json_get_keys policies - for p in $policies ; do + for p in $policies; do json_select $p json_get_var policyId policyId policyIdString="policy-$policyId" @@ -365,12 +357,12 @@ get_static_weight() # Substring match on short policy id to full policy id json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $interfaceId -eq 0 ] ; then + if [ $interfaceId -eq 0 ]; then __weight=1 - elif [ $id = $interfaceId ] ; then + elif [ $id = $interfaceId ]; then json_get_var __weight weight fi json_select .. @@ -392,8 +384,7 @@ get_static_weight() # @param $2 Numeric interface id # @param $3 Statistic name to look for (ie: ping, latency, etc.) # @param $4 Metric name to look for (ie: 1_minute, 10_minute, etc.) -get_stat() -{ +get_stat() { local __function_name="get_stat" local __return_stat=$1 local id=$2 @@ -415,25 +406,25 @@ get_stat() fi json_load_file $STATS_FILE_NAME - if json_is_a interfaces array ; then + if json_is_a interfaces array; then json_select interfaces json_get_keys interfaces for intf in $interfaces; do json_select $intf json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then + if [ $id = $interfaceId ]; then json_select "stats" json_get_keys stats for stat in $stats; do json_select $stat json_get_vars name - if [ $stat_name = $name ] ; then + if [ $stat_name = $name ]; then json_select "metrics" json_get_keys metrics for metric in $metrics; do json_select $metric json_get_vars name value - if [ $metric_name = $name ] ; then + if [ $metric_name = $name ]; then stat_value=$(echo ${value%%.*}) fi json_select .. @@ -459,8 +450,7 @@ get_stat() # @param $2 Short policy name # @param $3 Numeric interface id # @param $4 Ip family -is_wan_up_by_family() -{ +is_wan_up_by_family() { local __function_name="is_wan_up_by_family" local __is_wan_up_by_family=$1 local policy=$2 @@ -478,12 +468,12 @@ is_wan_up_by_family() for file in $(find $wan_path -type f); do __criteria_found=$((__criteria_found + 1)) grep -q down $file - if [ $? -eq 0 ] ; then + if [ $? -eq 0 ]; then __down_found=1 fi done __up=false - if [ $__criteria_found -gt 0 ] && [ $__down_found -eq 0 ] ; then + if [ $__criteria_found -gt 0 ] && [ $__down_found -eq 0 ]; then # Only up if we found at least one criteria and no "down" statuses. __up=true fi @@ -498,8 +488,7 @@ is_wan_up_by_family() # @param $1 Return value of test # @param $2 Short policy name # @param $3 Numeric interface id -is_wan_up() -{ +is_wan_up() { local __function_name="is_wan_up" local __return_wan_up=$1 local policy=$2 @@ -513,7 +502,7 @@ is_wan_up() is_wan_up_by_family __ipv4_up $policy $id ipv4 is_wan_up_by_family __ipv6_up $policy $id ipv6 - if [ "$__ipv4_up" = "true" ] || [ "$__ipv6_up" = "true" ] ; then + if [ "$__ipv4_up" = "true" ] || [ "$__ipv6_up" = "true" ]; then __up=true fi @@ -525,23 +514,22 @@ is_wan_up() # # @param $1 Short name of policy to disable # @param $2 Space separated numeric ids of WANs involved -disable_policy() -{ +disable_policy() { local __function_name="disable_policy" local policy=$1 local wans=$2 - TMPFILE=`mktemp -t $policy-changeset.XXXXXX` + TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) - echo flush chain ip wan-routing route-to-$policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy return comment \"policy disabled\" >> $TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy return comment \"policy disabled\" >> $TMPFILE + echo flush chain ip wan-routing route-to-$policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy return comment \"policy disabled\" >>$TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy return comment \"policy disabled\" >>$TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $policy All Wans:$wans Retval: $retval" - while [ $retval -ne 0 ] ; do + while [ $retval -ne 0 ]; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f Failed to disable policy: $policy All Wans:$wans Retval: $retval, trying again..." @@ -555,8 +543,7 @@ disable_policy() # @param $1 Return space separatd list of interfaceIds in policy # @param $2 Return space separatd list of interfaceIds in policy that are up # @param $3 Policy id -get_policy_wans_and_up_wans() -{ +get_policy_wans_and_up_wans() { local __function_name="get_policy_wans_and_up_wans" local __return_policy_wans=$1 local __return_up_wans=$2 @@ -571,12 +558,12 @@ get_policy_wans_and_up_wans() local id get_policy_path policy_dir $policy - for d in $policy_dir/* ; do + for d in $policy_dir/*; do log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: found file: $d" fileName=$(echo ${d##*/}) # Ignore the status files in the policy directory - if [ $fileName == "status" ] ; then + if [ $fileName == "status" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: skipping file: $d" continue fi @@ -590,11 +577,12 @@ get_policy_wans_and_up_wans() local wan_up is_wan_up wan_up $policy $id # if is_wan_up $policy $id; then - if [ "$wan_up" = "true" ] ; then + if [ "$wan_up" = "true" ]; then __up_wans="$__up_wans $id" fi done + # FIXME: __wans is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy_wans=$__policy_wans wans=$__wans" eval "$__return_policy_wans=\"$__policy_wans\"" eval "$__return_up_wans=\"$__up_wans\"" @@ -606,27 +594,26 @@ get_policy_wans_and_up_wans() # @param $1 Policy associated with the chain # @param $2 Interface id of the wan to use # @param $3 The wans included in this policy -jump_policy() -{ +jump_policy() { local __function_name="jump_policy" local policy=$1 local id=$2 local wans=$3 - TMPFILE=`mktemp -t $policy-changeset.XXXXXX` + TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) - echo flush chain ip wan-routing route-to-$policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy jump mark-for-wan-$id >> $TMPFILE + echo flush chain ip wan-routing route-to-$policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy jump mark-for-wan-$id >>$TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy jump mark-for-wan-$id >> $TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy jump mark-for-wan-$id >>$TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: updating jump_policy for policy:$policy mark for WAN:$id All WANs: $wans; retval: $retval" - while [ $retval -ne 0 ] ; do + while [ $retval -ne 0 ]; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f failed during jump_policy for policy:$policy mark for WAN:$id All WANs: $wans; retval: $retval, trying again..." @@ -641,28 +628,27 @@ jump_policy() # @param $2 Wans associated with this policy # @param $3 Total weight of all wans in the policy # @param $4 Generated balance string used in the vmap decision -balance_policy() -{ +balance_policy() { local __function_name="balance_policy" local policy=$1 local wans=$2 local total_weight=$3 local balance_string=$4 - TMPFILE=`mktemp -t $policy-changeset.XXXXXX` + TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) - echo flush chain ip wan-routing route-to-$policy >> $TMPFILE - echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add ip wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >> $TMPFILE + echo flush chain ip wan-routing route-to-$policy >>$TMPFILE + echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add ip wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >>$TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE - echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE - echo add ip6 wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >> $TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE + echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE + echo add ip6 wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >>$TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: running balance policy:$policy All Wans:$wans total_weight:$total_weight balance string:$balance_string Retval: $retval" - while [ $retval -ne 0 ] ; do + while [ $retval -ne 0 ]; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f failed while running balance policy:$policy All Wans:$wans total_weight:$total_weight balance string:$balance_string Retval: $retval, trying again..." @@ -677,7 +663,7 @@ balance_policy() # @param $1 Return value of of field. # @param $2 Interface id # @param $3 Family -get_openwrt_interface_name(){ +get_openwrt_interface_name() { local __function_name="settings_get_interface_field" local __return_name=$1 local interface_id=$2 @@ -694,19 +680,19 @@ get_openwrt_interface_name(){ json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $interface_id = $interfaceId ] ; then + if [ $interface_id = $interfaceId ]; then json_get_var __name name json_get_var __type type fi json_select .. done - if [ "$__name" != "" ] && [ "$__type" != "" ] ; then - if [ "$__type" != "IPSEC" ] && [ "$__type" != "OPENVPN" ] && [ "$__type" != "WIREGUARD" ] && [ "$__type" != "WWAN" ] ; then - if [ "$family" = "ipv6" ] ; then + if [ "$__name" != "" ] && [ "$__type" != "" ]; then + if [ "$__type" != "IPSEC" ] && [ "$__type" != "OPENVPN" ] && [ "$__type" != "WIREGUARD" ] && [ "$__type" != "WWAN" ]; then + if [ "$family" = "ipv6" ]; then __name="${__name}6" else __name="${__name}4" @@ -724,7 +710,7 @@ get_openwrt_interface_name(){ # @param $1 Return value of gateway IP address # @param $2 Interface Id to match # @param $3 Return value of metric -settings_get_ipsec_remote_gateway(){ +settings_get_ipsec_remote_gateway() { local __return_remoteGateway=$1 local id=$2 @@ -741,12 +727,12 @@ settings_get_ipsec_remote_gateway(){ json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces ; do + for i in $interfaces; do json_select $i json_get_var interfaceId interfaceId - if [ $id = $interfaceId ] ; then + if [ $id = $interfaceId ]; then json_get_type type ipsec - if [ "$type" = "" ] ; then + if [ "$type" = "" ]; then # Not an ipsec interface json_select .. continue @@ -773,8 +759,7 @@ settings_get_ipsec_remote_gateway(){ # @param $2 Numeric interface id # @param $3 OpenWrt interface name # @param $4 Ip family of the interface -criteria_up() -{ +criteria_up() { local __function_name="criteria_up" local policy=$1 local interfaceId=$2 @@ -787,7 +772,7 @@ criteria_up() local status_file="${wan_path}/${__function_name}" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi @@ -795,20 +780,19 @@ criteria_up() local offline is_offline offline $interfaceId $family log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $interface and $status_file current status is $status, offline=$offline" - if network_is_up $interface && [ "$offline" = "false" ]; then + if network_is_up $interface && [ "$offline" = "false" ]; then new_status="up" else new_status="down" fi log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file - if [ "$new_status" = "down" ] - then - log_status_message "handling $interface status" - handle_down_interface "$interface" + echo $new_status >$status_file + if [ "$new_status" = "down" ]; then + log_status_message "handling $interface status" + handle_down_interface "$interface" fi fi @@ -823,20 +807,19 @@ criteria_up() # @param $1 Policy id # @param $2 Numeric interface id # @param $3 IP family of the interface -criteria_always_up() -{ - local __function_name="criteria_up" - local policy=$1 - local interfaceId=$2 - local family=$3 - local wan_path - get_wan_path wan_path $policy $interfaceId $family - local status_file="${wan_path}/${__function_name}" - - echo "up" > $status_file - log_status_message "change" "$__function_name:" \ - "policy=$policy, interface=${interfaceId}/$family, status=up" \ - "policy=$policy, interface=${interfaceId}/$family, status=up" +criteria_always_up() { + local __function_name="criteria_up" + local policy=$1 + local interfaceId=$2 + local family=$3 + local wan_path + get_wan_path wan_path $policy $interfaceId $family + local status_file="${wan_path}/${__function_name}" + + echo "up" >$status_file + log_status_message "change" "$__function_name:" \ + "policy=$policy, interface=${interfaceId}/$family, status=up" \ + "policy=$policy, interface=${interfaceId}/$family, status=up" } # attribute @@ -847,11 +830,10 @@ criteria_always_up() # @param $2 Numeric policy id # @param $3 Interface name # @param $4 IP family -# @param $5 Attribtute key +# @param $5 Attribute key # @param $6 Attribute value to match # @param $7 Status to set (up or down) -criteria_attribute() -{ +criteria_attribute() { local __function_name="criteria_attribute" local policy=$1 local interfaceId=$2 @@ -865,16 +847,17 @@ criteria_attribute() get_wan_path wan_path $policy $interfaceId $family local status_file="${wan_path}/${__function_name}_${key}_${value}" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi + # FIXME: attribute is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, attribute=$attribute, family=$family, key=$key, value=$value, new_status=$new_status" log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file + echo $new_status >$status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -894,8 +877,7 @@ criteria_attribute() # @param $6 Metric name to use in the metric calculation # @param $7 Operator to use in the metric calculation # @param $8 Metric value to test against in the metric calculation -criteria_metric() -{ +criteria_metric() { local __function_name="criteria_metric" local policy=$1 local interfaceId=$2 @@ -913,7 +895,7 @@ criteria_metric() get_wan_path wan_path $policy $interfaceId $family status_file="$wan_path/${__function_name}_${stat_name}_${metric_name}_${operator}_${val}" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi @@ -923,40 +905,40 @@ criteria_metric() # Important assumption here!!! # VPNs and some other interfaces sometimes report a latency of 0 # Setting the test results to -1 will allow the logic below to skip this interface during the WAN checks - if [ $stat_name = "latency" ] && [ $test = 0 ] ; then + if [ $stat_name = "latency" ] && [ $test = 0 ]; then test=-1 fi local new_status="down" - if [ $test -ne -1 ] ; then + if [ $test -ne -1 ]; then case $operator in - le) - if [ $test -le $val ] ; then - new_status="up" - fi - ;; - lt) - if [ $test -lt $val ] ; then - new_status="up" - fi - ;; - ge) - if [ $test -ge $val ] ; then - new_status="up" - fi - ;; - gt) - if [ $test -gt $val ] ; then - new_status="up" - fi - ;; + le) + if [ $test -le $val ]; then + new_status="up" + fi + ;; + lt) + if [ $test -lt $val ]; then + new_status="up" + fi + ;; + ge) + if [ $test -ge $val ]; then + new_status="up" + fi + ;; + gt) + if [ $test -gt $val ]; then + new_status="up" + fi + ;; esac fi log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file + echo $new_status >$status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -976,8 +958,7 @@ criteria_metric() # @param $7 Timeout of when to fail the test # @param $8 Failure threshold of when to fail the tests # @param $9 Fost to run the connectivity tests against -criteria_connectivity() -{ +criteria_connectivity() { local __function_name="criteria_connectivity" local policy=$1 local interfaceId=$2 @@ -989,7 +970,7 @@ criteria_connectivity() local threshold=$8 local host=$9 - log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, family=$family, critera=$critera, interval=$interval, timeout=$timeout, threshold=$threshold, host=$host" + log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, family=$family, criteria=$criteria, interval=$interval, timeout=$timeout, threshold=$threshold, host=$host" local device local ip_address @@ -1018,70 +999,70 @@ criteria_connectivity() ## If the status_file already exists, lets see what the previous status was local new_status="down" local status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then status=$(head -n 1 $status_file) fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $policy and $status_file current status is $status" - for i in $(seq 0 9) ; do + for i in $(seq 0 9); do network_flush_cache is_offline offline $interfaceId $family - if [ "$offline" = "true" ] ; then + if [ "$offline" = "true" ]; then # No point in continuing if interface is down new_status="down" break fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: test interface=$interface, offline=$offline, interval running sequence i=$i" - if network_is_up $interface && [ "$offline" = "false" ]; then + if network_is_up $interface && [ "$offline" = "false" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: testing up and online interface=$interface" network_get_device device $interface network_get_ipaddr ip_address $interface network_get_dnsserver dns_server $interface network_get_gateway gw $interface - network_get_protocol protocol $interface + network_get_protocol protocol $interface case $criteria in - ping) - if [ "$family" = "ipv4" ] ; then - if [ "$protocol" != "vti" ] ; then - ping -I $device -w $timeout -W $timeout -c 1 $host > /dev/null && let result"$i"=1 || let result"$i"=0 - fi - fi - ;; - arp) - if [ "$family" = "ipv4" ] ; then - arping -s $ip_address -I $device -c 1 $gw > /dev/null && let result"$i"=1 || let result"$i"=0 + ping) + if [ "$family" = "ipv4" ]; then + if [ "$protocol" != "vti" ]; then + ping -I $device -w $timeout -W $timeout -c 1 $host >/dev/null && let result"$i"=1 || let result"$i"=0 fi - ;; - dns) - if [ "$family" = "ipv4" ] ; then - dig -b $ip_address +tries=3 +timeout=$timeout $dns_server $host > /dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - http) - if [ "$family" = "ipv4" ] ; then - wget --no-check-certificate --bind-address=$ip_address --header="Wan-Failover-Flag: true" --tries=3 -O /dev/null $host 2> /dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - *) - echo "Unknown test $criteria" - let result"$i"=0 - ;; + fi + ;; + arp) + if [ "$family" = "ipv4" ]; then + arping -s $ip_address -I $device -c 1 $gw >/dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + dns) + if [ "$family" = "ipv4" ]; then + dig -b $ip_address +tries=3 +timeout=$timeout $dns_server $host >/dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + http) + if [ "$family" = "ipv4" ]; then + wget --no-check-certificate --bind-address=$ip_address --header="Wan-Failover-Flag: true" --tries=3 -O /dev/null $host 2>/dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + *) + echo "Unknown test $criteria" + let result"$i"=0 + ;; esac # While it may seem like we should be calculating this outside the loop, # We want to do it inside so if we meet our threshold of failures, we # can stop immediately. count=0 - for i in $(seq 0 9) ; do + for i in $(seq 0 9); do eval "temp=\"\$result$i\"" - if [ $temp -eq 0 ] ; then + if [ $temp -eq 0 ]; then let count++ fi done - if [ $count -ge $threshold ] ; then + if [ $count -ge $threshold ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: reached failure threshold" new_status="down" break @@ -1092,9 +1073,9 @@ criteria_connectivity() done log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then log_state="change" - echo $new_status > $status_file + echo $new_status >$status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -1111,8 +1092,7 @@ criteria_connectivity() # # @param $1 Policy id # @param $2 Interface id -policy_specific_wan() -{ +policy_specific_wan() { local __function_name="policy_specific_wan" local policy=$1 local id=$2 @@ -1124,23 +1104,23 @@ policy_specific_wan() status_file="$policy_path/status" status="init" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi local wan_up is_wan_up wan_up $policy $id - if [ "$wan_up" = "true" ] ; then + if [ "$wan_up" = "true" ]; then new_status="up" else new_status="down" fi local log_state="status" - if [ "$new_status" != "$status" ] ; then + if [ "$new_status" != "$status" ]; then local log_state="change" - echo "status=$new_status" > $status_file - if [ $new_status = "up" ] ; then + echo "status=$new_status" >$status_file + if [ $new_status = "up" ]; then jump_policy $policy $id "$id" else disable_policy $policy "$id" @@ -1159,8 +1139,7 @@ policy_specific_wan() # @param $2 Stat name to test with (e.g.,latency) # @param $3 Metric name to test with (e.g.,1_minute) # @param $4 Operator to test with (e.g.,le) -policy_best_of() -{ +policy_best_of() { local __function_name="policy_best_of" local policy=$1 local stat_name=$2 @@ -1176,7 +1155,7 @@ policy_best_of() # Get current status local status="init" local current_best_wan=-1 - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi @@ -1187,55 +1166,55 @@ policy_best_of() local best_wan=-1 local best_stat=-1 local stat - for wan in $wans ; do + for wan in $wans; do get_stat stat $wan $stat_name $metric_name log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: wan=$wan, stat=$stat comparing best_wan=$best_wan, best_stat=$best_stat" - if [ $stat_name = "latency" ] ; then - if [ "$stat" = 0 ] || [ "$stat" = -1 ] ; then - # NOTE: A latency of 0 means 100% pakcet loss, so ignore during best_of calculations + if [ $stat_name = "latency" ]; then + if [ "$stat" = 0 ] || [ "$stat" = -1 ]; then + # NOTE: A latency of 0 means 100% packet loss, so ignore during best_of calculations continue fi fi - if [ $best_wan -eq -1 ] ; then + if [ $best_wan -eq -1 ]; then # Initialize best_wan=$wan best_stat=$stat else case $operator in - le) - if [ $stat -le $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; - lt) - if [ $stat -lt $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; - ge) - if [ $stat -ge $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; - gt) - if [ $stat -gt $best_stat ] ; then - best_wan=$wan - best_stat=$stat - fi - ;; + le) + if [ $stat -le $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; + lt) + if [ $stat -lt $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; + ge) + if [ $stat -ge $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; + gt) + if [ $stat -gt $best_stat ]; then + best_wan=$wan + best_stat=$stat + fi + ;; esac fi done local new_status=$status local new_best_wan=$current_best_wan - if [ $best_wan -eq -1 ] ; then + if [ $best_wan -eq -1 ]; then new_status="down" else new_status="up" @@ -1243,11 +1222,11 @@ policy_best_of() new_best_wan=$best_wan local log_state="status" - if [ "$new_status" != "$status" ] || [ ! $current_best_wan -eq $new_best_wan ] ; then + if [ "$new_status" != "$status" ] || [ ! $current_best_wan -eq $new_best_wan ]; then log_state="change" - echo "status=$new_status" > $status_file - echo "current_best_wan=$new_best_wan" >> $status_file - if [ "$new_status" = "up" ] ; then + echo "status=$new_status" >$status_file + echo "current_best_wan=$new_best_wan" >>$status_file + if [ "$new_status" = "up" ]; then jump_policy $policy $new_best_wan "$policy_wans" else disable_policy $policy "$policy_wans" @@ -1266,8 +1245,7 @@ policy_best_of() # @param $2 Numeric interface id # @param $3 Interface name # @param $4 Ip family for interface -policy_best_of_ipsec_vpn() -{ +policy_best_of_ipsec_vpn() { local __function_name="policy_best_of_ipsec_vpn" local policy=$1 local interfaceId=$2 @@ -1276,11 +1254,11 @@ policy_best_of_ipsec_vpn() local remoteGateway settings_get_ipsec_remote_gateway remoteGateway $interfaceId - if [ "$remoteGateway" = "" ] ; then + if [ "$remoteGateway" = "" ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: policy=$policy, interfaceId=$interfaceId, unable to get remote gateway address" return fi - if [ "$remoteGateway" = "%any" ] ; then + if [ "$remoteGateway" = "%any" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, remote gateway address is %any" return fi @@ -1293,7 +1271,7 @@ policy_best_of_ipsec_vpn() local status="init" local current_best_wan=-1 log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: getting policy=$policy reading $status_file" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi @@ -1310,7 +1288,7 @@ policy_best_of_ipsec_vpn() # Look at current left and if same, continue current_left_address=$(ip xfrm policy | grep "dst $remoteGateway" | head -1 | cut -d' ' -f3) - if [ "$current_left_address" = "dst" ] || [ "$current_left_address" = "" ] ; then + if [ "$current_left_address" = "dst" ] || [ "$current_left_address" = "" ]; then # No found in policies log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: unable to find appropriate remoteGateway=$remoteGateway" if [ "$ALLOW_LOG_UPDATE" == "false" ]; then @@ -1352,8 +1330,8 @@ policy_best_of_ipsec_vpn() ipsec_temp_name=$(mktemp /tmp/ipsec.confXXXXXX) # Looking for our remote gateway, modify the left side to reflect the new WAN IP address. awk '/right='$remoteGateway'/{sub(/left=.*/, "left='$ip_address'", last)} NR>1{print last} {last=$0} END {print last}' \ - $ipsec_live_name > $ipsec_temp_name \ - && mv $ipsec_temp_name $ipsec_live_name + $ipsec_live_name >$ipsec_temp_name && + mv $ipsec_temp_name $ipsec_live_name # Bring IPSec back up ipsec restart 2>/dev/null @@ -1373,8 +1351,7 @@ policy_best_of_ipsec_vpn() # # @param $1 Policy id # @param $2 Balance algorithm to use (ie: LATENCY, WEIGHTED, AVAILABLE_BANDWIDTH) -policy_balance() -{ +policy_balance() { local __function_name="policy_balance" local policy=$1 local algorithm=$2 @@ -1385,7 +1362,7 @@ policy_balance() status="init" balance_string="" - if [ -f $status_file ] ; then + if [ -f $status_file ]; then . $status_file fi @@ -1403,37 +1380,37 @@ policy_balance() total_latency=0 local latency local weight - if [ $algorithm = "LATENCY" ] ; then - for wan in $wans ; do + if [ $algorithm = "LATENCY" ]; then + for wan in $wans; do get_stat latency $wan "latency" "1_minute" total_latency=$((total_latency + $latency)) done fi - for wan in $wans ; do - if [ $algorithm = "WEIGHTED" ] ; then + for wan in $wans; do + if [ $algorithm = "WEIGHTED" ]; then get_static_weight weight $policy $wan - elif [ $algorithm = "LATENCY" ] ; then + elif [ $algorithm = "LATENCY" ]; then get_stat weight $wan "latency" "1_minute" weight=$(($total_latency - $weight)) - if [ $weight -eq 0 ] ; then + if [ $weight -eq 0 ]; then weight=100 fi - elif [ $algorithm = "AVAILABLE_BANDWIDTH" ] ; then + elif [ $algorithm = "AVAILABLE_BANDWIDTH" ]; then get_stat weight $wan "available_bandwidth" "1_minute" - elif [ $algorithm = "BANDWIDTH" ] ; then + elif [ $algorithm = "BANDWIDTH" ]; then get_wan_bandwidth weight $wan fi - if [ $weight -eq 0 ] ; then + if [ $weight -eq 0 ]; then continue fi - if [ $total_weight -ne 0 ] ; then + if [ $total_weight -ne 0 ]; then new_balance_string="$new_balance_string, " fi range_end=$(($weight + $total_weight - 1)) - if [ $total_weight -eq $range_end ] ; then + if [ $total_weight -eq $range_end ]; then new_balance_string="$new_balance_string$total_weight : jump mark-for-wan-$wan" else new_balance_string="$new_balance_string$total_weight-$range_end : jump mark-for-wan-$wan" @@ -1441,23 +1418,23 @@ policy_balance() total_weight=$((total_weight + $weight)) done - if [ "$new_balance_string" = "" ] ; then + if [ "$new_balance_string" = "" ]; then new_status="down" else new_status="up" fi local log_state="status" - if [ "$new_status" != "$status" ] || [ "$balance_string" != "$new_balance_string" ] ; then + if [ "$new_status" != "$status" ] || [ "$balance_string" != "$new_balance_string" ]; then local log_state="change" - echo "status=$new_status" > $status_file - echo "balance_string=\"$new_balance_string\"" >> $status_file - if [ "$new_status" = "down" ] ; then - if [ $status != "down" ] ; then + echo "status=$new_status" >$status_file + echo "balance_string=\"$new_balance_string\"" >>$status_file + if [ "$new_status" = "down" ]; then + if [ $status != "down" ]; then disable_policy $policy "$policy_wans" fi else - if [ ! $status = "up" ] || [ "$new_balance_string" != "$balance_string" ] ; then + if [ ! $status = "up" ] || [ "$new_balance_string" != "$balance_string" ]; then balance_policy $policy "$policy_wans" $total_weight "$new_balance_string" fi fi @@ -1477,7 +1454,7 @@ __function_name="main" check_for_table ip wan-routing check_for_table ip6 wan-routing -if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ] ; then +if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: COMMAND_NAME=$COMMAND_NAME" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: COMMAND_PID=$COMMAND_PID" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: INTERACTIVE=$INTERACTIVE" @@ -1485,12 +1462,12 @@ if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ] ; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: LOG_WATCH=$WATCH" fi -if [ "$INTERACTIVE" = "false" ] ; then +if [ "$INTERACTIVE" = "false" ]; then # Create term handler and run the handle_term callback trap 'handle_term' SIGTERM SIGINT else # If we're in interactive (developer) mode we don't want the system daemon process running - for pid in `pgrep -f $COMMAND_NAME `; do + for pid in $(pgrep -f $COMMAND_NAME); do if [ "$pid" = "$COMMAND_PID" ]; then # Ignore ourselves continue @@ -1505,7 +1482,7 @@ log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: started, pid=$COMMAND_P rm -rf ${WAN_MANAGER_STATUS_PATH}/* # Wait for stats.json to change, and then run every policy once (vs having each policy wait for change every time) -while [ 1 ] ; do +while [ 1 ]; do log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: --- begin wan_manager config" . /etc/config/wan_manager check_allow_log_update @@ -1514,8 +1491,7 @@ while [ 1 ] ; do done # Exit, wait for us to finish -for i in `pgrep -P COMMAND_PID ` -do +for i in $(pgrep -P COMMAND_PID); do wait $i done log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: exit, pid=$COMMAND_PID" From 3b01a8fac60e780ceb2aa7bf9592f8bb40227c61 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Wed, 6 Dec 2023 19:22:36 +0200 Subject: [PATCH 32/44] Revert "fix: succint solution for stop service" This reverts commit 1f36ac855ddc0af3c20221b5b398cb8c1af8aca2. --- sync-settings/files/interface-watcher.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init index 050c90487..f9faf22b7 100755 --- a/sync-settings/files/interface-watcher.init +++ b/sync-settings/files/interface-watcher.init @@ -16,5 +16,5 @@ start_service() { } stop_service() { - kill -9 "$(pgrep interface_watcher.sh)" + ps | grep "/usr/bin/interface_watcher.sh" | awk '{print $1}' | xargs kill -9 "$1" 2>&1 } From caa4b248f4450d71fe2c1dde2776aeb3f3fe7506 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Thu, 7 Dec 2023 00:29:47 +0200 Subject: [PATCH 33/44] feat: more robust solution --- sync-settings/files/interface_watcher.sh | 35 +++++++++++++++++++----- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/sync-settings/files/interface_watcher.sh b/sync-settings/files/interface_watcher.sh index 368e544e0..b4d52663d 100644 --- a/sync-settings/files/interface_watcher.sh +++ b/sync-settings/files/interface_watcher.sh @@ -1,7 +1,7 @@ #!/bin/sh grab_intf_name() { - interfaces=$(uci show network | grep $1 | cut -d"." -f2) + interfaces=$(uci show network | grep "$1" | cut -d"." -f2) } # Monitor ip link status for interfaces. @@ -9,15 +9,36 @@ ip -o monitor link | while read -r index interface status remaining; do iface=$(printf '%s\n' "$interface" | sed -E 's/(@.*)?:$//') operstate=$(printf '%s\n' "$remaining" | grep -Eo ' state [^ ]+' | sed 's/^ state //') - # If iface goes to UP + # | tr '[:upper:]' '[:lower:]' does not work on busybox atm + grab_intf_name "$iface" if [ "$operstate" = "UP" ]; then - # For both ipv6 and ipv4 - grab_intf_name "$iface" - echo "$interfaces" | while read -r line; do ifup "$line"; done - + action="up" + elif [ "$operstate" = "DOWN" ]; then + action="down" + else + logger -p Error -t "Interface Watch" "Unknown operating state: $operstate" + continue fi - logger -t "Interface Watch" "Interface $iface changed state to $operstate" + [ "$operstate" = "UP" ] && ubus call network reload + + # For both ipv6 and ipv4 + echo "$interfaces" | while read -r intfc; do + # if interface empty string + if [ -z "$intfc" ]; then + continue + fi + + # Check intfc actually exists + ubus -S list "network.interface.$intfc" >/dev/null || { + logger -p Debug -t "Interface Watch" "Interface $intfc not found in UBUS networks" + continue + } + + ubus call network.interface $action "{ \"interface\" : \"$intfc\" }" + logger -p Info -t "Interface Watch" "Interface $intfc of device $interface changed state to $operstate" + done + done exit 1 From dc5a58f28d698978540014a3f9dd7afdee2b9f1c Mon Sep 17 00:00:00 2001 From: John Sommerville Date: Thu, 7 Dec 2023 17:57:11 -0700 Subject: [PATCH 34/44] Revert "Mfw 4007 on network device down, static routes are dropped, but not registered back on device up" --- sync-settings/files/interface-watcher.init | 2 +- sync-settings/files/interface_watcher.sh | 35 +++++----------------- 2 files changed, 8 insertions(+), 29 deletions(-) diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init index f9faf22b7..050c90487 100755 --- a/sync-settings/files/interface-watcher.init +++ b/sync-settings/files/interface-watcher.init @@ -16,5 +16,5 @@ start_service() { } stop_service() { - ps | grep "/usr/bin/interface_watcher.sh" | awk '{print $1}' | xargs kill -9 "$1" 2>&1 + kill -9 "$(pgrep interface_watcher.sh)" } diff --git a/sync-settings/files/interface_watcher.sh b/sync-settings/files/interface_watcher.sh index b4d52663d..368e544e0 100644 --- a/sync-settings/files/interface_watcher.sh +++ b/sync-settings/files/interface_watcher.sh @@ -1,7 +1,7 @@ #!/bin/sh grab_intf_name() { - interfaces=$(uci show network | grep "$1" | cut -d"." -f2) + interfaces=$(uci show network | grep $1 | cut -d"." -f2) } # Monitor ip link status for interfaces. @@ -9,36 +9,15 @@ ip -o monitor link | while read -r index interface status remaining; do iface=$(printf '%s\n' "$interface" | sed -E 's/(@.*)?:$//') operstate=$(printf '%s\n' "$remaining" | grep -Eo ' state [^ ]+' | sed 's/^ state //') - # | tr '[:upper:]' '[:lower:]' does not work on busybox atm - grab_intf_name "$iface" + # If iface goes to UP if [ "$operstate" = "UP" ]; then - action="up" - elif [ "$operstate" = "DOWN" ]; then - action="down" - else - logger -p Error -t "Interface Watch" "Unknown operating state: $operstate" - continue - fi - - [ "$operstate" = "UP" ] && ubus call network reload - - # For both ipv6 and ipv4 - echo "$interfaces" | while read -r intfc; do - # if interface empty string - if [ -z "$intfc" ]; then - continue - fi + # For both ipv6 and ipv4 + grab_intf_name "$iface" + echo "$interfaces" | while read -r line; do ifup "$line"; done - # Check intfc actually exists - ubus -S list "network.interface.$intfc" >/dev/null || { - logger -p Debug -t "Interface Watch" "Interface $intfc not found in UBUS networks" - continue - } - - ubus call network.interface $action "{ \"interface\" : \"$intfc\" }" - logger -p Info -t "Interface Watch" "Interface $intfc of device $interface changed state to $operstate" - done + fi + logger -t "Interface Watch" "Interface $iface changed state to $operstate" done exit 1 From 3c5bfc367d1b9290c34ca1d99d13c5265f13e90d Mon Sep 17 00:00:00 2001 From: John Sommerville Date: Thu, 7 Dec 2023 17:58:06 -0700 Subject: [PATCH 35/44] Revert "MFW-4007: Add interfaces watcher (#204)" This reverts commit 81fa33be16fc8a8870a2ec98832ff4161479eb85. --- sync-settings/Makefile | 2 - sync-settings/files/interface-watcher.init | 20 - sync-settings/files/interface_watcher.sh | 23 - wan-manager/files/wan-manager | 566 +++++++++++---------- 4 files changed, 295 insertions(+), 316 deletions(-) delete mode 100755 sync-settings/files/interface-watcher.init delete mode 100644 sync-settings/files/interface_watcher.sh diff --git a/sync-settings/Makefile b/sync-settings/Makefile index db900162d..eafe635a0 100644 --- a/sync-settings/Makefile +++ b/sync-settings/Makefile @@ -42,7 +42,6 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/set_affinity.sh $(1)/usr/bin $(INSTALL_BIN) files/set_rpsxps.sh $(1)/usr/bin $(INSTALL_BIN) files/quota_cron.sh $(1)/usr/bin - $(INSTALL_BIN) files/interface_watcher.sh $(1)/usr/bin # init.d $(INSTALL_DIR) $(1)/etc/init.d @@ -55,7 +54,6 @@ define Py3Package/sync-settings/install $(INSTALL_BIN) files/uid.init $(1)/etc/init.d/uid $(INSTALL_BIN) files/product-board-name.init $(1)/etc/init.d/product-board-name $(INSTALL_BIN) files/load-eos-config.init $(1)/etc/init.d/load-eos-config - $(INSTALL_BIN) files/interface-watcher.init $(1)/etc/init.d/interface-watcher # config/startup.d $(INSTALL_DIR) $(1)/etc/config/startup.d diff --git a/sync-settings/files/interface-watcher.init b/sync-settings/files/interface-watcher.init deleted file mode 100755 index 050c90487..000000000 --- a/sync-settings/files/interface-watcher.init +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh /etc/rc.common - -# 16 is right after startup (15) -START=16 -STOP=16 - -USE_PROCD=1 - -start_service() { - procd_open_instance interface-watcher - procd_set_param command /usr/bin/interface_watcher.sh - procd_set_param stdout 1 - procd_set_param stderr 1 - procd_set_param respawn 3600 5 0 - procd_close_instance -} - -stop_service() { - kill -9 "$(pgrep interface_watcher.sh)" -} diff --git a/sync-settings/files/interface_watcher.sh b/sync-settings/files/interface_watcher.sh deleted file mode 100644 index 368e544e0..000000000 --- a/sync-settings/files/interface_watcher.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh - -grab_intf_name() { - interfaces=$(uci show network | grep $1 | cut -d"." -f2) -} - -# Monitor ip link status for interfaces. -ip -o monitor link | while read -r index interface status remaining; do - iface=$(printf '%s\n' "$interface" | sed -E 's/(@.*)?:$//') - operstate=$(printf '%s\n' "$remaining" | grep -Eo ' state [^ ]+' | sed 's/^ state //') - - # If iface goes to UP - if [ "$operstate" = "UP" ]; then - # For both ipv6 and ipv4 - grab_intf_name "$iface" - echo "$interfaces" | while read -r line; do ifup "$line"; done - - fi - - logger -t "Interface Watch" "Interface $iface changed state to $operstate" -done - -exit 1 diff --git a/wan-manager/files/wan-manager b/wan-manager/files/wan-manager index 9ad722d82..c006a11e0 100755 --- a/wan-manager/files/wan-manager +++ b/wan-manager/files/wan-manager @@ -14,7 +14,7 @@ COMMAND_NAME=$0 COMMAND_PID=$$ # Debug mode for messages and other output DEBUG=false -# If true, run in interactive mode, otherwise in daemon mode. +# If true, run in interative mode, otherwise in dameon mode. INTERACTIVE=false # If non empty, log debug messages that match substring. Commonly used to watch substring. LOG_WATCH= @@ -31,14 +31,14 @@ WAN_MANAGER_STATUS_PATH=/tmp/wan_status ## Process command line arguments ## while getopts "d:i:l:v:" flag; do - case "${flag}" in - d) DEBUG=${OPTARG} ;; - i) INTERACTIVE=${OPTARG} ;; - l) LOG_WATCH=${OPTARG} ;; - v) eval "${OPTARG}" ;; - esac + case "${flag}" in + d) DEBUG=${OPTARG} ;; + i) INTERACTIVE=${OPTARG} ;; + l) LOG_WATCH=${OPTARG} ;; + v) eval "${OPTARG}" ;; + esac done -shift $((OPTIND - 1)) +shift $((OPTIND-1)) ## ## Utilities @@ -48,10 +48,10 @@ shift $((OPTIND - 1)) LOG_MESSAGE_PRIORITY_ANY=0 # Only log messages if DEBUG=true LOG_MESSAGE_PRIORITY_DEBUG=1 -if [ "$INTERACTIVE" = "true" ]; then +if [ "$INTERACTIVE" = "true" ] ; then # In interactive mode use echo LOGGER_COMMAND="echo" - LOGGER_TIMESTAMP="date" + LOGGER_TIMESTAMP=date else # LOGGER_COMMAND="logger -t wan-manager" LOGGER_COMMAND="logger -t wan-manager" @@ -63,12 +63,13 @@ fi # # @param $1 Priority (see above) # @param $2 Message -log_message() { +log_message() +{ local __function_name="log_message" local priority=$1 local message=$2 - if [ $priority = $LOG_MESSAGE_PRIORITY_DEBUG ]; then + if [ $priority = $LOG_MESSAGE_PRIORITY_DEBUG ] ; then if [ "$DEBUG" = true ]; then # Only log if DEBUG is enabled $LOGGER_COMMAND $(eval $LOGGER_TIMESTAMP) "debug $message" @@ -79,7 +80,7 @@ log_message() { fi elif [ $priority = $LOG_MESSAGE_PRIORITY_ANY ]; then # Always log these messages - if [ "$DEBUG" = true ] || [ "$LOG_WATCH" != "" ]; then + if [ "$DEBUG" = true ] || [ "$LOG_WATCH" != "" ] ; then # In interactive mode, provide space separation from debug prefix. $LOGGER_COMMAND $(eval $LOGGER_TIMESTAMP) "any $message" else @@ -96,7 +97,7 @@ log_message() { # @param $3 Changed message, usually reflecting transitions like "status=up->down" # @param $4 Stats message with fields like "status=up" # @param $5 Extra information to log in debug or watch mode -log_status_message() { +log_status_message(){ local state=$1 local prefix=$2 local change_message=$3 @@ -110,7 +111,7 @@ log_status_message() { log_watch=true fi - if [ "$state" = "change" ]; then + if [ "$state" = "change" ] ; then __message=$change_message if [ "$DEBUG" = "true" ] || [ "$log_watch" = "true" ]; then __message="$__message $debug_append_message" @@ -138,8 +139,9 @@ ALLOW_LOG_UPDATE_START=$(date +%s) # This is used to: # - Log policy status period regardless of change # - Log policy status for polices that otherwise log a lot like balance. -check_allow_log_update() { - local __function_name="check_allow_log_update" +check_allow_log_update() +{ + local __function_nane="check_allow_log_update" local currentTime=$(date +%s) local elapsedTime=$((currentTime - $ALLOW_LOG_UPDATE_START)) if [ $elapsedTime -gt $ALLOW_LOG_UPDATE_INTERVAL ]; then @@ -155,13 +157,13 @@ check_allow_log_update() { # # @param $1 Path variable to update. # @param $policyId Policy id -get_policy_path() { +get_policy_path(){ local __function_name="get_policy_path" local __return_path=$1 local policyId=$2 local path=$WAN_MANAGER_STATUS_PATH/$policyId - if [ ! -d $path ]; then + if [ ! -d $path ] ; then mkdir -p $path fi @@ -174,7 +176,7 @@ get_policy_path() { # @param $1 Path variable to update. # @param $policyId Policy id # @param $policyId WAN interface id -get_wan_path() { +get_wan_path(){ local __function_name="get_wan_path" local __return_path=$1 local policyId=$2 @@ -185,7 +187,7 @@ get_wan_path() { get_policy_path policyPath $policyId local path=$policyPath/wan-$interfaceId/$family - if [ ! -d $path ]; then + if [ ! -d $path ] ; then mkdir -p $path fi @@ -193,16 +195,17 @@ get_wan_path() { } # check_for_table -# Verifies required nft tables to exists +# Verifies requried nft tables to exists # # @param $1 nft ip version type (ip or ipv6) # @param $2 Table name to check -check_for_table() { +check_for_table() +{ local __function_name="check_for_table" local ip_check=$1 local table_check=$2 - local output=$(nft list table $ip_check $table_check) + local output=`nft list table $ip_check $table_check` local retval=$? if [ $retval -ne 0 ]; then echo "$__function_name: NFT does not have a required table for wan-manager" @@ -212,21 +215,23 @@ check_for_table() { # handle_term # Process signterm signal to exit -handle_term() { +handle_term() +{ local __function_name="handle_term" - log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: received term signal" + log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: recevied term signal" kill -9 $COMMAND_PID } # wait_for_change # Use inotify to wait for specific files to change # -# @param $1 Comma separated list of files to monitor -wait_for_change() { +# @param $1 Comma separated lsit of files to monitor +wait_for_change() +{ local __function_name="wait_for_change" local file=$1 - if [ ! -f $file ]; then + if [ ! -f $file ] ; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: $file not found, sleep instead" sleep 5 return @@ -240,7 +245,8 @@ wait_for_change() { # @param $1 Return value of true or false # @param $2 Numeric interface id # @param $3 IP family (ipv4 or ipv6) -is_offline() { +is_offline() +{ local __function_name="is_offline" local __return_offline=$1 local id=$2 @@ -256,26 +262,26 @@ is_offline() { fi json_load_file $STATS_FILE_NAME - if json_is_a interfaces array; then - json_select interfaces - json_get_keys interfaces - for intf in $interfaces; do - json_select $intf - json_get_var interfaceId interfaceId - if [ $id = $interfaceId ]; then - if [ $family = "ipv6" ]; then - json_get_var __offline offline6 - else - json_get_var __offline offline - fi - if [ "$__offline" = "" ]; then - # If variable not found, consider it offline - __offline=true - fi - fi + if json_is_a interfaces array ; then + json_select interfaces + json_get_keys interfaces + for intf in $interfaces; do + json_select $intf + json_get_var interfaceId interfaceId + if [ $id = $interfaceId ] ; then + if [ $family = "ipv6" ] ; then + json_get_var __offline offline6 + else + json_get_var __offline offline + fi + if [ "$__offline" = "" ] ; then + # If variable not found, consider it offline + __offline=true + fi + fi + json_select .. + done json_select .. - done - json_select .. fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: offline status for $id family: $family is $__offline" @@ -293,7 +299,8 @@ is_offline() { # @param $1 Return value of weight as a number # @param $2 Numeric interface id # @param $3 Short policy identifier -get_wan_bandwidth() { +get_wan_bandwidth() +{ local __function_name="get_wan_bandwidth" local __return_weight=$1 local id=$2 @@ -309,10 +316,10 @@ get_wan_bandwidth() { json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces; do + for i in $interfaces ; do json_select $i json_get_var interfaceId interfaceId - if [ $id = $interfaceId ]; then + if [ $id = $interfaceId ] ; then json_get_var __settingsWeight downloadKbps fi json_select .. @@ -331,7 +338,8 @@ get_wan_bandwidth() { # @param $2 Short policy name # @param $3 Numeric interface id # !!! something to indicate this is from settings -get_static_weight() { +get_static_weight() +{ local __function_name="get_static_weight" local __return_weight=$1 local policy=$2 @@ -349,7 +357,7 @@ get_static_weight() { json_select wan json_select policies json_get_keys policies - for p in $policies; do + for p in $policies ; do json_select $p json_get_var policyId policyId policyIdString="policy-$policyId" @@ -357,12 +365,12 @@ get_static_weight() { # Substring match on short policy id to full policy id json_select interfaces json_get_keys interfaces - for i in $interfaces; do + for i in $interfaces ; do json_select $i json_get_var interfaceId interfaceId - if [ $interfaceId -eq 0 ]; then + if [ $interfaceId -eq 0 ] ; then __weight=1 - elif [ $id = $interfaceId ]; then + elif [ $id = $interfaceId ] ; then json_get_var __weight weight fi json_select .. @@ -384,7 +392,8 @@ get_static_weight() { # @param $2 Numeric interface id # @param $3 Statistic name to look for (ie: ping, latency, etc.) # @param $4 Metric name to look for (ie: 1_minute, 10_minute, etc.) -get_stat() { +get_stat() +{ local __function_name="get_stat" local __return_stat=$1 local id=$2 @@ -406,25 +415,25 @@ get_stat() { fi json_load_file $STATS_FILE_NAME - if json_is_a interfaces array; then + if json_is_a interfaces array ; then json_select interfaces json_get_keys interfaces for intf in $interfaces; do json_select $intf json_get_var interfaceId interfaceId - if [ $id = $interfaceId ]; then + if [ $id = $interfaceId ] ; then json_select "stats" json_get_keys stats for stat in $stats; do json_select $stat json_get_vars name - if [ $stat_name = $name ]; then + if [ $stat_name = $name ] ; then json_select "metrics" json_get_keys metrics for metric in $metrics; do json_select $metric json_get_vars name value - if [ $metric_name = $name ]; then + if [ $metric_name = $name ] ; then stat_value=$(echo ${value%%.*}) fi json_select .. @@ -450,7 +459,8 @@ get_stat() { # @param $2 Short policy name # @param $3 Numeric interface id # @param $4 Ip family -is_wan_up_by_family() { +is_wan_up_by_family() +{ local __function_name="is_wan_up_by_family" local __is_wan_up_by_family=$1 local policy=$2 @@ -468,12 +478,12 @@ is_wan_up_by_family() { for file in $(find $wan_path -type f); do __criteria_found=$((__criteria_found + 1)) grep -q down $file - if [ $? -eq 0 ]; then + if [ $? -eq 0 ] ; then __down_found=1 fi done __up=false - if [ $__criteria_found -gt 0 ] && [ $__down_found -eq 0 ]; then + if [ $__criteria_found -gt 0 ] && [ $__down_found -eq 0 ] ; then # Only up if we found at least one criteria and no "down" statuses. __up=true fi @@ -488,7 +498,8 @@ is_wan_up_by_family() { # @param $1 Return value of test # @param $2 Short policy name # @param $3 Numeric interface id -is_wan_up() { +is_wan_up() +{ local __function_name="is_wan_up" local __return_wan_up=$1 local policy=$2 @@ -502,7 +513,7 @@ is_wan_up() { is_wan_up_by_family __ipv4_up $policy $id ipv4 is_wan_up_by_family __ipv6_up $policy $id ipv6 - if [ "$__ipv4_up" = "true" ] || [ "$__ipv6_up" = "true" ]; then + if [ "$__ipv4_up" = "true" ] || [ "$__ipv6_up" = "true" ] ; then __up=true fi @@ -514,22 +525,23 @@ is_wan_up() { # # @param $1 Short name of policy to disable # @param $2 Space separated numeric ids of WANs involved -disable_policy() { +disable_policy() +{ local __function_name="disable_policy" local policy=$1 local wans=$2 - TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) + TMPFILE=`mktemp -t $policy-changeset.XXXXXX` - echo flush chain ip wan-routing route-to-$policy >>$TMPFILE - echo add rule ip wan-routing route-to-$policy return comment \"policy disabled\" >>$TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE - echo add rule ip6 wan-routing route-to-$policy return comment \"policy disabled\" >>$TMPFILE + echo flush chain ip wan-routing route-to-$policy >> $TMPFILE + echo add rule ip wan-routing route-to-$policy return comment \"policy disabled\" >> $TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE + echo add rule ip6 wan-routing route-to-$policy return comment \"policy disabled\" >> $TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $policy All Wans:$wans Retval: $retval" - while [ $retval -ne 0 ]; do + while [ $retval -ne 0 ] ; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f Failed to disable policy: $policy All Wans:$wans Retval: $retval, trying again..." @@ -543,7 +555,8 @@ disable_policy() { # @param $1 Return space separatd list of interfaceIds in policy # @param $2 Return space separatd list of interfaceIds in policy that are up # @param $3 Policy id -get_policy_wans_and_up_wans() { +get_policy_wans_and_up_wans() +{ local __function_name="get_policy_wans_and_up_wans" local __return_policy_wans=$1 local __return_up_wans=$2 @@ -558,12 +571,12 @@ get_policy_wans_and_up_wans() { local id get_policy_path policy_dir $policy - for d in $policy_dir/*; do + for d in $policy_dir/* ; do log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: found file: $d" fileName=$(echo ${d##*/}) # Ignore the status files in the policy directory - if [ $fileName == "status" ]; then + if [ $fileName == "status" ] ; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: skipping file: $d" continue fi @@ -577,12 +590,11 @@ get_policy_wans_and_up_wans() { local wan_up is_wan_up wan_up $policy $id # if is_wan_up $policy $id; then - if [ "$wan_up" = "true" ]; then + if [ "$wan_up" = "true" ] ; then __up_wans="$__up_wans $id" fi done - # FIXME: __wans is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy_wans=$__policy_wans wans=$__wans" eval "$__return_policy_wans=\"$__policy_wans\"" eval "$__return_up_wans=\"$__up_wans\"" @@ -594,26 +606,27 @@ get_policy_wans_and_up_wans() { # @param $1 Policy associated with the chain # @param $2 Interface id of the wan to use # @param $3 The wans included in this policy -jump_policy() { +jump_policy() +{ local __function_name="jump_policy" local policy=$1 local id=$2 local wans=$3 - TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) + TMPFILE=`mktemp -t $policy-changeset.XXXXXX` - echo flush chain ip wan-routing route-to-$policy >>$TMPFILE - echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE - echo add rule ip wan-routing route-to-$policy jump mark-for-wan-$id >>$TMPFILE + echo flush chain ip wan-routing route-to-$policy >> $TMPFILE + echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE + echo add rule ip wan-routing route-to-$policy jump mark-for-wan-$id >> $TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE - echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE - echo add rule ip6 wan-routing route-to-$policy jump mark-for-wan-$id >>$TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE + echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE + echo add rule ip6 wan-routing route-to-$policy jump mark-for-wan-$id >> $TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: updating jump_policy for policy:$policy mark for WAN:$id All WANs: $wans; retval: $retval" - while [ $retval -ne 0 ]; do + while [ $retval -ne 0 ] ; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f failed during jump_policy for policy:$policy mark for WAN:$id All WANs: $wans; retval: $retval, trying again..." @@ -628,27 +641,28 @@ jump_policy() { # @param $2 Wans associated with this policy # @param $3 Total weight of all wans in the policy # @param $4 Generated balance string used in the vmap decision -balance_policy() { +balance_policy() +{ local __function_name="balance_policy" local policy=$1 local wans=$2 local total_weight=$3 local balance_string=$4 - TMPFILE=$(mktemp -t $policy-changeset.XXXXXX) + TMPFILE=`mktemp -t $policy-changeset.XXXXXX` - echo flush chain ip wan-routing route-to-$policy >>$TMPFILE - echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE - echo add ip wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >>$TMPFILE + echo flush chain ip wan-routing route-to-$policy >> $TMPFILE + echo add rule ip wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE + echo add ip wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >> $TMPFILE - echo flush chain ip6 wan-routing route-to-$policy >>$TMPFILE - echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >>$TMPFILE - echo add ip6 wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >>$TMPFILE + echo flush chain ip6 wan-routing route-to-$policy >> $TMPFILE + echo add rule ip6 wan-routing route-to-$policy dict sessions ct id wan_policy long_string set $policy >> $TMPFILE + echo add ip6 wan-routing route-to-$policy numgen random mod $total_weight vmap { $balance_string } >> $TMPFILE nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: running balance policy:$policy All Wans:$wans total_weight:$total_weight balance string:$balance_string Retval: $retval" - while [ $retval -ne 0 ]; do + while [ $retval -ne 0 ] ; do nft -f $TMPFILE retval=$? log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: nft -f failed while running balance policy:$policy All Wans:$wans total_weight:$total_weight balance string:$balance_string Retval: $retval, trying again..." @@ -663,7 +677,7 @@ balance_policy() { # @param $1 Return value of of field. # @param $2 Interface id # @param $3 Family -get_openwrt_interface_name() { +get_openwrt_interface_name(){ local __function_name="settings_get_interface_field" local __return_name=$1 local interface_id=$2 @@ -680,19 +694,19 @@ get_openwrt_interface_name() { json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces; do + for i in $interfaces ; do json_select $i json_get_var interfaceId interfaceId - if [ $interface_id = $interfaceId ]; then + if [ $interface_id = $interfaceId ] ; then json_get_var __name name json_get_var __type type fi json_select .. done - if [ "$__name" != "" ] && [ "$__type" != "" ]; then - if [ "$__type" != "IPSEC" ] && [ "$__type" != "OPENVPN" ] && [ "$__type" != "WIREGUARD" ] && [ "$__type" != "WWAN" ]; then - if [ "$family" = "ipv6" ]; then + if [ "$__name" != "" ] && [ "$__type" != "" ] ; then + if [ "$__type" != "IPSEC" ] && [ "$__type" != "OPENVPN" ] && [ "$__type" != "WIREGUARD" ] && [ "$__type" != "WWAN" ] ; then + if [ "$family" = "ipv6" ] ; then __name="${__name}6" else __name="${__name}4" @@ -710,7 +724,7 @@ get_openwrt_interface_name() { # @param $1 Return value of gateway IP address # @param $2 Interface Id to match # @param $3 Return value of metric -settings_get_ipsec_remote_gateway() { +settings_get_ipsec_remote_gateway(){ local __return_remoteGateway=$1 local id=$2 @@ -727,12 +741,12 @@ settings_get_ipsec_remote_gateway() { json_select network json_select interfaces json_get_keys interfaces - for i in $interfaces; do + for i in $interfaces ; do json_select $i json_get_var interfaceId interfaceId - if [ $id = $interfaceId ]; then + if [ $id = $interfaceId ] ; then json_get_type type ipsec - if [ "$type" = "" ]; then + if [ "$type" = "" ] ; then # Not an ipsec interface json_select .. continue @@ -759,7 +773,8 @@ settings_get_ipsec_remote_gateway() { # @param $2 Numeric interface id # @param $3 OpenWrt interface name # @param $4 Ip family of the interface -criteria_up() { +criteria_up() +{ local __function_name="criteria_up" local policy=$1 local interfaceId=$2 @@ -772,7 +787,7 @@ criteria_up() { local status_file="${wan_path}/${__function_name}" status="init" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then status=$(head -n 1 $status_file) fi @@ -780,19 +795,20 @@ criteria_up() { local offline is_offline offline $interfaceId $family log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $interface and $status_file current status is $status, offline=$offline" - if network_is_up $interface && [ "$offline" = "false" ]; then + if network_is_up $interface && [ "$offline" = "false" ]; then new_status="up" else new_status="down" fi log_state="status" - if [ "$new_status" != "$status" ]; then + if [ "$new_status" != "$status" ] ; then log_state="change" - echo $new_status >$status_file - if [ "$new_status" = "down" ]; then - log_status_message "handling $interface status" - handle_down_interface "$interface" + echo $new_status > $status_file + if [ "$new_status" = "down" ] + then + log_status_message "handling $interface status" + handle_down_interface "$interface" fi fi @@ -807,19 +823,20 @@ criteria_up() { # @param $1 Policy id # @param $2 Numeric interface id # @param $3 IP family of the interface -criteria_always_up() { - local __function_name="criteria_up" - local policy=$1 - local interfaceId=$2 - local family=$3 - local wan_path - get_wan_path wan_path $policy $interfaceId $family - local status_file="${wan_path}/${__function_name}" - - echo "up" >$status_file - log_status_message "change" "$__function_name:" \ - "policy=$policy, interface=${interfaceId}/$family, status=up" \ - "policy=$policy, interface=${interfaceId}/$family, status=up" +criteria_always_up() +{ + local __function_name="criteria_up" + local policy=$1 + local interfaceId=$2 + local family=$3 + local wan_path + get_wan_path wan_path $policy $interfaceId $family + local status_file="${wan_path}/${__function_name}" + + echo "up" > $status_file + log_status_message "change" "$__function_name:" \ + "policy=$policy, interface=${interfaceId}/$family, status=up" \ + "policy=$policy, interface=${interfaceId}/$family, status=up" } # attribute @@ -830,10 +847,11 @@ criteria_always_up() { # @param $2 Numeric policy id # @param $3 Interface name # @param $4 IP family -# @param $5 Attribute key +# @param $5 Attribtute key # @param $6 Attribute value to match # @param $7 Status to set (up or down) -criteria_attribute() { +criteria_attribute() +{ local __function_name="criteria_attribute" local policy=$1 local interfaceId=$2 @@ -847,17 +865,16 @@ criteria_attribute() { get_wan_path wan_path $policy $interfaceId $family local status_file="${wan_path}/${__function_name}_${key}_${value}" status="init" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then status=$(head -n 1 $status_file) fi - # FIXME: attribute is undefined log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, attribute=$attribute, family=$family, key=$key, value=$value, new_status=$new_status" log_state="status" - if [ "$new_status" != "$status" ]; then + if [ "$new_status" != "$status" ] ; then log_state="change" - echo $new_status >$status_file + echo $new_status > $status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -877,7 +894,8 @@ criteria_attribute() { # @param $6 Metric name to use in the metric calculation # @param $7 Operator to use in the metric calculation # @param $8 Metric value to test against in the metric calculation -criteria_metric() { +criteria_metric() +{ local __function_name="criteria_metric" local policy=$1 local interfaceId=$2 @@ -895,7 +913,7 @@ criteria_metric() { get_wan_path wan_path $policy $interfaceId $family status_file="$wan_path/${__function_name}_${stat_name}_${metric_name}_${operator}_${val}" status="init" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then status=$(head -n 1 $status_file) fi @@ -905,40 +923,40 @@ criteria_metric() { # Important assumption here!!! # VPNs and some other interfaces sometimes report a latency of 0 # Setting the test results to -1 will allow the logic below to skip this interface during the WAN checks - if [ $stat_name = "latency" ] && [ $test = 0 ]; then + if [ $stat_name = "latency" ] && [ $test = 0 ] ; then test=-1 fi local new_status="down" - if [ $test -ne -1 ]; then + if [ $test -ne -1 ] ; then case $operator in - le) - if [ $test -le $val ]; then - new_status="up" - fi - ;; - lt) - if [ $test -lt $val ]; then - new_status="up" - fi - ;; - ge) - if [ $test -ge $val ]; then - new_status="up" - fi - ;; - gt) - if [ $test -gt $val ]; then - new_status="up" - fi - ;; + le) + if [ $test -le $val ] ; then + new_status="up" + fi + ;; + lt) + if [ $test -lt $val ] ; then + new_status="up" + fi + ;; + ge) + if [ $test -ge $val ] ; then + new_status="up" + fi + ;; + gt) + if [ $test -gt $val ] ; then + new_status="up" + fi + ;; esac fi log_state="status" - if [ "$new_status" != "$status" ]; then + if [ "$new_status" != "$status" ] ; then log_state="change" - echo $new_status >$status_file + echo $new_status > $status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -958,7 +976,8 @@ criteria_metric() { # @param $7 Timeout of when to fail the test # @param $8 Failure threshold of when to fail the tests # @param $9 Fost to run the connectivity tests against -criteria_connectivity() { +criteria_connectivity() +{ local __function_name="criteria_connectivity" local policy=$1 local interfaceId=$2 @@ -970,7 +989,7 @@ criteria_connectivity() { local threshold=$8 local host=$9 - log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, family=$family, criteria=$criteria, interval=$interval, timeout=$timeout, threshold=$threshold, host=$host" + log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, interface=$interface, family=$family, critera=$critera, interval=$interval, timeout=$timeout, threshold=$threshold, host=$host" local device local ip_address @@ -999,70 +1018,70 @@ criteria_connectivity() { ## If the status_file already exists, lets see what the previous status was local new_status="down" local status="init" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then status=$(head -n 1 $status_file) fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: $policy and $status_file current status is $status" - for i in $(seq 0 9); do + for i in $(seq 0 9) ; do network_flush_cache is_offline offline $interfaceId $family - if [ "$offline" = "true" ]; then + if [ "$offline" = "true" ] ; then # No point in continuing if interface is down new_status="down" break fi log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: test interface=$interface, offline=$offline, interval running sequence i=$i" - if network_is_up $interface && [ "$offline" = "false" ]; then + if network_is_up $interface && [ "$offline" = "false" ]; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: testing up and online interface=$interface" network_get_device device $interface network_get_ipaddr ip_address $interface network_get_dnsserver dns_server $interface network_get_gateway gw $interface - network_get_protocol protocol $interface + network_get_protocol protocol $interface case $criteria in - ping) - if [ "$family" = "ipv4" ]; then - if [ "$protocol" != "vti" ]; then - ping -I $device -w $timeout -W $timeout -c 1 $host >/dev/null && let result"$i"=1 || let result"$i"=0 + ping) + if [ "$family" = "ipv4" ] ; then + if [ "$protocol" != "vti" ] ; then + ping -I $device -w $timeout -W $timeout -c 1 $host > /dev/null && let result"$i"=1 || let result"$i"=0 + fi fi - fi - ;; - arp) - if [ "$family" = "ipv4" ]; then - arping -s $ip_address -I $device -c 1 $gw >/dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - dns) - if [ "$family" = "ipv4" ]; then - dig -b $ip_address +tries=3 +timeout=$timeout $dns_server $host >/dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - http) - if [ "$family" = "ipv4" ]; then - wget --no-check-certificate --bind-address=$ip_address --header="Wan-Failover-Flag: true" --tries=3 -O /dev/null $host 2>/dev/null && let result"$i"=1 || let result"$i"=0 - fi - ;; - *) - echo "Unknown test $criteria" - let result"$i"=0 - ;; + ;; + arp) + if [ "$family" = "ipv4" ] ; then + arping -s $ip_address -I $device -c 1 $gw > /dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + dns) + if [ "$family" = "ipv4" ] ; then + dig -b $ip_address +tries=3 +timeout=$timeout $dns_server $host > /dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + http) + if [ "$family" = "ipv4" ] ; then + wget --no-check-certificate --bind-address=$ip_address --header="Wan-Failover-Flag: true" --tries=3 -O /dev/null $host 2> /dev/null && let result"$i"=1 || let result"$i"=0 + fi + ;; + *) + echo "Unknown test $criteria" + let result"$i"=0 + ;; esac # While it may seem like we should be calculating this outside the loop, # We want to do it inside so if we meet our threshold of failures, we # can stop immediately. count=0 - for i in $(seq 0 9); do + for i in $(seq 0 9) ; do eval "temp=\"\$result$i\"" - if [ $temp -eq 0 ]; then + if [ $temp -eq 0 ] ; then let count++ fi done - if [ $count -ge $threshold ]; then + if [ $count -ge $threshold ] ; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: reached failure threshold" new_status="down" break @@ -1073,9 +1092,9 @@ criteria_connectivity() { done log_state="status" - if [ "$new_status" != "$status" ]; then + if [ "$new_status" != "$status" ] ; then log_state="change" - echo $new_status >$status_file + echo $new_status > $status_file fi log_status_message "$log_state" "$__function_name:" \ @@ -1092,7 +1111,8 @@ criteria_connectivity() { # # @param $1 Policy id # @param $2 Interface id -policy_specific_wan() { +policy_specific_wan() +{ local __function_name="policy_specific_wan" local policy=$1 local id=$2 @@ -1104,23 +1124,23 @@ policy_specific_wan() { status_file="$policy_path/status" status="init" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then . $status_file fi local wan_up is_wan_up wan_up $policy $id - if [ "$wan_up" = "true" ]; then + if [ "$wan_up" = "true" ] ; then new_status="up" else new_status="down" fi local log_state="status" - if [ "$new_status" != "$status" ]; then + if [ "$new_status" != "$status" ] ; then local log_state="change" - echo "status=$new_status" >$status_file - if [ $new_status = "up" ]; then + echo "status=$new_status" > $status_file + if [ $new_status = "up" ] ; then jump_policy $policy $id "$id" else disable_policy $policy "$id" @@ -1139,7 +1159,8 @@ policy_specific_wan() { # @param $2 Stat name to test with (e.g.,latency) # @param $3 Metric name to test with (e.g.,1_minute) # @param $4 Operator to test with (e.g.,le) -policy_best_of() { +policy_best_of() +{ local __function_name="policy_best_of" local policy=$1 local stat_name=$2 @@ -1155,7 +1176,7 @@ policy_best_of() { # Get current status local status="init" local current_best_wan=-1 - if [ -f $status_file ]; then + if [ -f $status_file ] ; then . $status_file fi @@ -1166,55 +1187,55 @@ policy_best_of() { local best_wan=-1 local best_stat=-1 local stat - for wan in $wans; do + for wan in $wans ; do get_stat stat $wan $stat_name $metric_name log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: wan=$wan, stat=$stat comparing best_wan=$best_wan, best_stat=$best_stat" - if [ $stat_name = "latency" ]; then - if [ "$stat" = 0 ] || [ "$stat" = -1 ]; then - # NOTE: A latency of 0 means 100% packet loss, so ignore during best_of calculations + if [ $stat_name = "latency" ] ; then + if [ "$stat" = 0 ] || [ "$stat" = -1 ] ; then + # NOTE: A latency of 0 means 100% pakcet loss, so ignore during best_of calculations continue fi fi - if [ $best_wan -eq -1 ]; then + if [ $best_wan -eq -1 ] ; then # Initialize best_wan=$wan best_stat=$stat else case $operator in - le) - if [ $stat -le $best_stat ]; then - best_wan=$wan - best_stat=$stat - fi - ;; - lt) - if [ $stat -lt $best_stat ]; then - best_wan=$wan - best_stat=$stat - fi - ;; - ge) - if [ $stat -ge $best_stat ]; then - best_wan=$wan - best_stat=$stat - fi - ;; - gt) - if [ $stat -gt $best_stat ]; then - best_wan=$wan - best_stat=$stat - fi - ;; + le) + if [ $stat -le $best_stat ] ; then + best_wan=$wan + best_stat=$stat + fi + ;; + lt) + if [ $stat -lt $best_stat ] ; then + best_wan=$wan + best_stat=$stat + fi + ;; + ge) + if [ $stat -ge $best_stat ] ; then + best_wan=$wan + best_stat=$stat + fi + ;; + gt) + if [ $stat -gt $best_stat ] ; then + best_wan=$wan + best_stat=$stat + fi + ;; esac fi done local new_status=$status local new_best_wan=$current_best_wan - if [ $best_wan -eq -1 ]; then + if [ $best_wan -eq -1 ] ; then new_status="down" else new_status="up" @@ -1222,11 +1243,11 @@ policy_best_of() { new_best_wan=$best_wan local log_state="status" - if [ "$new_status" != "$status" ] || [ ! $current_best_wan -eq $new_best_wan ]; then + if [ "$new_status" != "$status" ] || [ ! $current_best_wan -eq $new_best_wan ] ; then log_state="change" - echo "status=$new_status" >$status_file - echo "current_best_wan=$new_best_wan" >>$status_file - if [ "$new_status" = "up" ]; then + echo "status=$new_status" > $status_file + echo "current_best_wan=$new_best_wan" >> $status_file + if [ "$new_status" = "up" ] ; then jump_policy $policy $new_best_wan "$policy_wans" else disable_policy $policy "$policy_wans" @@ -1245,7 +1266,8 @@ policy_best_of() { # @param $2 Numeric interface id # @param $3 Interface name # @param $4 Ip family for interface -policy_best_of_ipsec_vpn() { +policy_best_of_ipsec_vpn() +{ local __function_name="policy_best_of_ipsec_vpn" local policy=$1 local interfaceId=$2 @@ -1254,11 +1276,11 @@ policy_best_of_ipsec_vpn() { local remoteGateway settings_get_ipsec_remote_gateway remoteGateway $interfaceId - if [ "$remoteGateway" = "" ]; then + if [ "$remoteGateway" = "" ] ; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: policy=$policy, interfaceId=$interfaceId, unable to get remote gateway address" return fi - if [ "$remoteGateway" = "%any" ]; then + if [ "$remoteGateway" = "%any" ] ; then log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: policy=$policy, interfaceId=$interfaceId, remote gateway address is %any" return fi @@ -1271,7 +1293,7 @@ policy_best_of_ipsec_vpn() { local status="init" local current_best_wan=-1 log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: getting policy=$policy reading $status_file" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then . $status_file fi @@ -1288,7 +1310,7 @@ policy_best_of_ipsec_vpn() { # Look at current left and if same, continue current_left_address=$(ip xfrm policy | grep "dst $remoteGateway" | head -1 | cut -d' ' -f3) - if [ "$current_left_address" = "dst" ] || [ "$current_left_address" = "" ]; then + if [ "$current_left_address" = "dst" ] || [ "$current_left_address" = "" ] ; then # No found in policies log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: unable to find appropriate remoteGateway=$remoteGateway" if [ "$ALLOW_LOG_UPDATE" == "false" ]; then @@ -1330,8 +1352,8 @@ policy_best_of_ipsec_vpn() { ipsec_temp_name=$(mktemp /tmp/ipsec.confXXXXXX) # Looking for our remote gateway, modify the left side to reflect the new WAN IP address. awk '/right='$remoteGateway'/{sub(/left=.*/, "left='$ip_address'", last)} NR>1{print last} {last=$0} END {print last}' \ - $ipsec_live_name >$ipsec_temp_name && - mv $ipsec_temp_name $ipsec_live_name + $ipsec_live_name > $ipsec_temp_name \ + && mv $ipsec_temp_name $ipsec_live_name # Bring IPSec back up ipsec restart 2>/dev/null @@ -1351,7 +1373,8 @@ policy_best_of_ipsec_vpn() { # # @param $1 Policy id # @param $2 Balance algorithm to use (ie: LATENCY, WEIGHTED, AVAILABLE_BANDWIDTH) -policy_balance() { +policy_balance() +{ local __function_name="policy_balance" local policy=$1 local algorithm=$2 @@ -1362,7 +1385,7 @@ policy_balance() { status="init" balance_string="" - if [ -f $status_file ]; then + if [ -f $status_file ] ; then . $status_file fi @@ -1380,37 +1403,37 @@ policy_balance() { total_latency=0 local latency local weight - if [ $algorithm = "LATENCY" ]; then - for wan in $wans; do + if [ $algorithm = "LATENCY" ] ; then + for wan in $wans ; do get_stat latency $wan "latency" "1_minute" total_latency=$((total_latency + $latency)) done fi - for wan in $wans; do - if [ $algorithm = "WEIGHTED" ]; then + for wan in $wans ; do + if [ $algorithm = "WEIGHTED" ] ; then get_static_weight weight $policy $wan - elif [ $algorithm = "LATENCY" ]; then + elif [ $algorithm = "LATENCY" ] ; then get_stat weight $wan "latency" "1_minute" weight=$(($total_latency - $weight)) - if [ $weight -eq 0 ]; then + if [ $weight -eq 0 ] ; then weight=100 fi - elif [ $algorithm = "AVAILABLE_BANDWIDTH" ]; then + elif [ $algorithm = "AVAILABLE_BANDWIDTH" ] ; then get_stat weight $wan "available_bandwidth" "1_minute" - elif [ $algorithm = "BANDWIDTH" ]; then + elif [ $algorithm = "BANDWIDTH" ] ; then get_wan_bandwidth weight $wan fi - if [ $weight -eq 0 ]; then + if [ $weight -eq 0 ] ; then continue fi - if [ $total_weight -ne 0 ]; then + if [ $total_weight -ne 0 ] ; then new_balance_string="$new_balance_string, " fi range_end=$(($weight + $total_weight - 1)) - if [ $total_weight -eq $range_end ]; then + if [ $total_weight -eq $range_end ] ; then new_balance_string="$new_balance_string$total_weight : jump mark-for-wan-$wan" else new_balance_string="$new_balance_string$total_weight-$range_end : jump mark-for-wan-$wan" @@ -1418,23 +1441,23 @@ policy_balance() { total_weight=$((total_weight + $weight)) done - if [ "$new_balance_string" = "" ]; then + if [ "$new_balance_string" = "" ] ; then new_status="down" else new_status="up" fi local log_state="status" - if [ "$new_status" != "$status" ] || [ "$balance_string" != "$new_balance_string" ]; then + if [ "$new_status" != "$status" ] || [ "$balance_string" != "$new_balance_string" ] ; then local log_state="change" - echo "status=$new_status" >$status_file - echo "balance_string=\"$new_balance_string\"" >>$status_file - if [ "$new_status" = "down" ]; then - if [ $status != "down" ]; then + echo "status=$new_status" > $status_file + echo "balance_string=\"$new_balance_string\"" >> $status_file + if [ "$new_status" = "down" ] ; then + if [ $status != "down" ] ; then disable_policy $policy "$policy_wans" fi else - if [ ! $status = "up" ] || [ "$new_balance_string" != "$balance_string" ]; then + if [ ! $status = "up" ] || [ "$new_balance_string" != "$balance_string" ] ; then balance_policy $policy "$policy_wans" $total_weight "$new_balance_string" fi fi @@ -1454,7 +1477,7 @@ __function_name="main" check_for_table ip wan-routing check_for_table ip6 wan-routing -if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ]; then +if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ] ; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: COMMAND_NAME=$COMMAND_NAME" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: COMMAND_PID=$COMMAND_PID" log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: INTERACTIVE=$INTERACTIVE" @@ -1462,12 +1485,12 @@ if [ "$DEBUG" = "true" ] || [ "$INTERACTIVE" == "true" ]; then log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: LOG_WATCH=$WATCH" fi -if [ "$INTERACTIVE" = "false" ]; then +if [ "$INTERACTIVE" = "false" ] ; then # Create term handler and run the handle_term callback trap 'handle_term' SIGTERM SIGINT else # If we're in interactive (developer) mode we don't want the system daemon process running - for pid in $(pgrep -f $COMMAND_NAME); do + for pid in `pgrep -f $COMMAND_NAME `; do if [ "$pid" = "$COMMAND_PID" ]; then # Ignore ourselves continue @@ -1482,7 +1505,7 @@ log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: started, pid=$COMMAND_P rm -rf ${WAN_MANAGER_STATUS_PATH}/* # Wait for stats.json to change, and then run every policy once (vs having each policy wait for change every time) -while [ 1 ]; do +while [ 1 ] ; do log_message $LOG_MESSAGE_PRIORITY_DEBUG "$__function_name: --- begin wan_manager config" . /etc/config/wan_manager check_allow_log_update @@ -1491,7 +1514,8 @@ while [ 1 ]; do done # Exit, wait for us to finish -for i in $(pgrep -P COMMAND_PID); do +for i in `pgrep -P COMMAND_PID ` +do wait $i done log_message $LOG_MESSAGE_PRIORITY_ANY "$__function_name: exit, pid=$COMMAND_PID" From d2d2c682238997c5f391392bc8f2a9a5bb6ad97f Mon Sep 17 00:00:00 2001 From: mikegee88 <129445210+mikegee88@users.noreply.github.com> Date: Fri, 14 Jul 2023 07:04:18 -0700 Subject: [PATCH 36/44] Update packetd.init Remove packetd start --- packetd/files/packetd.init | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 3230804e9..8dae9ee68 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -22,14 +22,14 @@ start_service() { then # TODO if dpdk/bess is enabled we load packetd from bess as a dynamic library. # But for not just start it normally. - procd_set_param command /usr/bin/packetd --no-timestamp + # procd_set_param command /usr/bin/packetd --no-timestamp else - procd_set_param command /usr/bin/packetd --no-timestamp + # procd_set_param command /usr/bin/packetd --no-timestamp fi # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log # restart indefinitely if crashed, 5 seconds between attempts - procd_set_param respawn 3600 5 0 + # procd_set_param respawn 3600 5 0 # stdout to system log procd_set_param stdout 1 From 4f107a9a06e4713aab5ee54ee90dbcb88a94fa2a Mon Sep 17 00:00:00 2001 From: mikegee88 <129445210+mikegee88@users.noreply.github.com> Date: Thu, 3 Aug 2023 22:28:36 -0700 Subject: [PATCH 37/44] Add hybrid mode toggle --- packetd/files/packetd.init | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 8dae9ee68..972072ad2 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -18,18 +18,22 @@ start_service() { # --logfile to specify a logfile manually # as output goes to logd which will add timestamps - if [ -e /etc/config/dpdk ] + # if not hybrid mode, start the packetd + if [ ! -e /etc/config/hybrid ] then - # TODO if dpdk/bess is enabled we load packetd from bess as a dynamic library. - # But for not just start it normally. - # procd_set_param command /usr/bin/packetd --no-timestamp - else - # procd_set_param command /usr/bin/packetd --no-timestamp + if [ -e /etc/config/dpdk ] + then + # TODO if dpdk/bess is enabled we load packetd from bess as a dynamic library. + # But for not just start it normally. + procd_set_param command /usr/bin/packetd --no-timestamp + else + procd_set_param command /usr/bin/packetd --no-timestamp + fi + # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log + + # restart indefinitely if crashed, 5 seconds between attempts + procd_set_param respawn 3600 5 0 fi - # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log - - # restart indefinitely if crashed, 5 seconds between attempts - # procd_set_param respawn 3600 5 0 # stdout to system log procd_set_param stdout 1 From f4f9ed73af5e4860dced8ff88db202efb79cc035 Mon Sep 17 00:00:00 2001 From: mikegee88 <129445210+mikegee88@users.noreply.github.com> Date: Tue, 22 Aug 2023 16:01:31 -0700 Subject: [PATCH 38/44] Hybrid mode, start classd --- packetd/files/packetd.init | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 972072ad2..9d15cacb2 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -33,6 +33,9 @@ start_service() { # restart indefinitely if crashed, 5 seconds between attempts procd_set_param respawn 3600 5 0 + else + # Hybrid mode, start classd daemon + procd_set_param command /usr/bin/classd -mfw -w65536 -d fi # stdout to system log From 6541f0b1096e25b5fc2be169f9408ae0b20f7c94 Mon Sep 17 00:00:00 2001 From: Mike Gee Date: Tue, 12 Sep 2023 18:24:01 +0000 Subject: [PATCH 39/44] Create classd service file --- classd/Makefile | 2 ++ classd/files/classd.init | 31 +++++++++++++++++++++++++++++++ packetd/files/packetd.init | 3 --- 3 files changed, 33 insertions(+), 3 deletions(-) create mode 100755 classd/files/classd.init diff --git a/classd/Makefile b/classd/Makefile index ee3f17741..ff8c3f7f6 100644 --- a/classd/Makefile +++ b/classd/Makefile @@ -30,6 +30,8 @@ define Package/classd/install $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/classd $(1)/usr/bin/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnavl.so* $(1)/usr/lib/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/untangle-classd/protolist.csv $(1)/usr/share/untangle-classd/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) files/classd.init $(1)/etc/init.d/classd endef $(eval $(call BuildPackage,classd)) diff --git a/classd/files/classd.init b/classd/files/classd.init new file mode 100755 index 000000000..b49824d08 --- /dev/null +++ b/classd/files/classd.init @@ -0,0 +1,31 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=92 +STOP=02 + +USE_PROCD=1 + +start_service() { + procd_open_instance classd + + # procd_set_param env GODEBUG=schedtrace=30000 + # procd_set_param env GODEBUG=schedtrace=30000,scheddetail=1 + + # if not hybrid mode, start the packetd + if [ -e /etc/config/hybrid ] + then + # procd command to run + procd_set_param command /usr/bin/classd -mfw -w65536 -d + fi + + # restart indefinitely if crashed, 5 seconds between attempts + procd_set_param respawn 3600 5 0 + + # stdout to system log + procd_set_param stdout 1 + # stderr to system log + procd_set_param stderr 1 + + procd_close_instance +} diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 9d15cacb2..972072ad2 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -33,9 +33,6 @@ start_service() { # restart indefinitely if crashed, 5 seconds between attempts procd_set_param respawn 3600 5 0 - else - # Hybrid mode, start classd daemon - procd_set_param command /usr/bin/classd -mfw -w65536 -d fi # stdout to system log From c938ef53863539b697567cb4a141f982c49c3aef Mon Sep 17 00:00:00 2001 From: Mike Gee Date: Tue, 24 Oct 2023 19:53:52 +0000 Subject: [PATCH 40/44] Force hybrid mode packetd and classd --- classd/files/classd.init | 8 ++------ packetd/files/packetd.init | 23 ++++++++++------------- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/classd/files/classd.init b/classd/files/classd.init index b49824d08..64655be15 100755 --- a/classd/files/classd.init +++ b/classd/files/classd.init @@ -12,12 +12,8 @@ start_service() { # procd_set_param env GODEBUG=schedtrace=30000 # procd_set_param env GODEBUG=schedtrace=30000,scheddetail=1 - # if not hybrid mode, start the packetd - if [ -e /etc/config/hybrid ] - then - # procd command to run - procd_set_param command /usr/bin/classd -mfw -w65536 -d - fi + # procd command to run + procd_set_param command /usr/bin/classd -mfw -w65536 -d # restart indefinitely if crashed, 5 seconds between attempts procd_set_param respawn 3600 5 0 diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 972072ad2..5998b7aae 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -19,21 +19,18 @@ start_service() { # as output goes to logd which will add timestamps # if not hybrid mode, start the packetd - if [ ! -e /etc/config/hybrid ] + if [ -e /etc/config/dpdk ] then - if [ -e /etc/config/dpdk ] - then - # TODO if dpdk/bess is enabled we load packetd from bess as a dynamic library. - # But for not just start it normally. - procd_set_param command /usr/bin/packetd --no-timestamp - else - procd_set_param command /usr/bin/packetd --no-timestamp - fi - # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log - - # restart indefinitely if crashed, 5 seconds between attempts - procd_set_param respawn 3600 5 0 + # TODO if dpdk/bess is enabled we load packetd from bess as a dynamic library. + # But for not just start it normally. + #procd_set_param command /usr/bin/packetd --no-timestamp + else + #procd_set_param command /usr/bin/packetd --no-timestamp fi + # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log + + # restart indefinitely if crashed, 5 seconds between attempts + procd_set_param respawn 3600 5 0 # stdout to system log procd_set_param stdout 1 From a29b0173bdb5ffe5f9279807f3d4cdf771b2f29c Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Thu, 15 Feb 2024 13:15:43 +0200 Subject: [PATCH 41/44] fix: remove commenting in the packetd.init --- packetd/files/packetd.init | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 5998b7aae..6161d306a 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -21,11 +21,11 @@ start_service() { # if not hybrid mode, start the packetd if [ -e /etc/config/dpdk ] then - # TODO if dpdk/bess is enabled we load packetd from bess as a dynamic library. - # But for not just start it normally. - #procd_set_param command /usr/bin/packetd --no-timestamp + # TODO: if dpdk/bess is enabled we load packetd from bess as a dynamic library. + # But for now just start it normally. + procd_set_param command /usr/bin/packetd --no-timestamp else - #procd_set_param command /usr/bin/packetd --no-timestamp + procd_set_param command /usr/bin/packetd --no-timestamp fi # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log From 0a6afcda4f344427bd81c96aece0e0bb5547b2a4 Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Thu, 15 Feb 2024 14:23:48 +0200 Subject: [PATCH 42/44] fix: touchfile is /etc/config/hybrid --- packetd/files/packetd.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index 6161d306a..ae26b8186 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -19,7 +19,7 @@ start_service() { # as output goes to logd which will add timestamps # if not hybrid mode, start the packetd - if [ -e /etc/config/dpdk ] + if [ -e /etc/config/hybrid ] then # TODO: if dpdk/bess is enabled we load packetd from bess as a dynamic library. # But for now just start it normally. From 5d4a482796c68c50af324ef9e8c56e4d30a02dfb Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Thu, 22 Feb 2024 11:42:54 +0200 Subject: [PATCH 43/44] fix: remove unused branch --- packetd/files/packetd.init | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/packetd/files/packetd.init b/packetd/files/packetd.init index ae26b8186..700e4cb96 100755 --- a/packetd/files/packetd.init +++ b/packetd/files/packetd.init @@ -19,12 +19,8 @@ start_service() { # as output goes to logd which will add timestamps # if not hybrid mode, start the packetd - if [ -e /etc/config/hybrid ] + if [ ! -e /etc/config/hybrid ] then - # TODO: if dpdk/bess is enabled we load packetd from bess as a dynamic library. - # But for now just start it normally. - procd_set_param command /usr/bin/packetd --no-timestamp - else procd_set_param command /usr/bin/packetd --no-timestamp fi # procd_set_param command /usr/bin/packetd --logfile /tmp/log/packetd.log From fbcd47a841fd3c72c9e1c4ada0db9d883547677e Mon Sep 17 00:00:00 2001 From: Stefanos Mitropoulos Date: Tue, 27 Feb 2024 10:02:00 +0200 Subject: [PATCH 44/44] revert part of c938ef53863539b697567cb4a141f982c49c3aef for classd --- classd/files/classd.init | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/classd/files/classd.init b/classd/files/classd.init index 64655be15..b49824d08 100755 --- a/classd/files/classd.init +++ b/classd/files/classd.init @@ -12,8 +12,12 @@ start_service() { # procd_set_param env GODEBUG=schedtrace=30000 # procd_set_param env GODEBUG=schedtrace=30000,scheddetail=1 - # procd command to run - procd_set_param command /usr/bin/classd -mfw -w65536 -d + # if not hybrid mode, start the packetd + if [ -e /etc/config/hybrid ] + then + # procd command to run + procd_set_param command /usr/bin/classd -mfw -w65536 -d + fi # restart indefinitely if crashed, 5 seconds between attempts procd_set_param respawn 3600 5 0