From 236ae8b396908832f9d598d29000f47b8bcb6c4e Mon Sep 17 00:00:00 2001 From: coolsnowwolf Date: Sat, 13 Oct 2018 22:04:24 +0800 Subject: [PATCH] update luci app zerotier to enable auto NAT --- package/lean/luci-app-zerotier/Makefile | 2 +- .../luasrc/controller/zerotier.lua | 5 +- .../luasrc/model/cbi/zerotier.lua | 38 ++++--- .../luasrc/view/zerotier/zerotier_status.htm | 7 +- .../luci-app-zerotier/po/zh-cn/zerotier.po | 11 +++ .../root/etc/init.d/zerotier | 99 +++++++++++++++++++ .../root/etc/uci-defaults/40_luci-zerotier | 6 ++ .../luci-app-zerotier/root/etc/zerotier.start | 28 ++++++ .../luci-app-zerotier/root/etc/zerotier.stop | 10 ++ 9 files changed, 179 insertions(+), 27 deletions(-) create mode 100644 package/lean/luci-app-zerotier/po/zh-cn/zerotier.po create mode 100755 package/lean/luci-app-zerotier/root/etc/init.d/zerotier create mode 100755 package/lean/luci-app-zerotier/root/etc/zerotier.start create mode 100755 package/lean/luci-app-zerotier/root/etc/zerotier.stop diff --git a/package/lean/luci-app-zerotier/Makefile b/package/lean/luci-app-zerotier/Makefile index 2a5d12d92..2d6792897 100644 --- a/package/lean/luci-app-zerotier/Makefile +++ b/package/lean/luci-app-zerotier/Makefile @@ -10,7 +10,7 @@ LUCI_TITLE:=LuCI for Zerotier LUCI_DEPENDS:=+zerotier LUCI_PKGARCH:=all PKG_VERSION:=1.0 -PKG_RELEASE:=3 +PKG_RELEASE:=9 include $(TOPDIR)/feeds/luci/luci.mk diff --git a/package/lean/luci-app-zerotier/luasrc/controller/zerotier.lua b/package/lean/luci-app-zerotier/luasrc/controller/zerotier.lua index 3320f8408..fcbc28b68 100644 --- a/package/lean/luci-app-zerotier/luasrc/controller/zerotier.lua +++ b/package/lean/luci-app-zerotier/luasrc/controller/zerotier.lua @@ -5,8 +5,9 @@ function index() return end -entry({"admin","services","zerotier"},cbi("zerotier"),_("ZeroTier"),90).dependent=true -entry({"admin","services","zerotier","status"},call("act_status")).leaf=true +entry({"admin","vpn"}, firstchild(), "VPN", 45).dependent = false +entry({"admin","vpn","zerotier"},cbi("zerotier"),_("ZeroTier"),90).dependent=true +entry({"admin","vpn","zerotier","status"},call("act_status")).leaf=true end function act_status() diff --git a/package/lean/luci-app-zerotier/luasrc/model/cbi/zerotier.lua b/package/lean/luci-app-zerotier/luasrc/model/cbi/zerotier.lua index 21414ddc5..e9d752f8b 100644 --- a/package/lean/luci-app-zerotier/luasrc/model/cbi/zerotier.lua +++ b/package/lean/luci-app-zerotier/luasrc/model/cbi/zerotier.lua @@ -2,31 +2,29 @@ local e=require"nixio.fs" local e=luci.http local o=require"luci.model.network".init() local a,t,e,b -a=Map("zerotier",translate("ZeroTier"),translate("ZeroTier 是一款可以创建P2P虚拟局域网的开源软件。")) + +a=Map("zerotier",translate("ZeroTier"),translate("Zerotier is an open source, cross-platform and easy to use virtual LAN")) a:section(SimpleSection).template = "zerotier/zerotier_status" -t=a:section(NamedSection,"sample_config","zerotier",translate("全局设置")) + +t=a:section(NamedSection,"sample_config","zerotier") t.anonymous=true t.addremove=false -e=t:option(Flag,"enabled",translate("启用")) + +e=t:option(Flag,"enabled",translate("Enable")) e.default=0 e.rmempty=false -e=t:option(ListValue,"interface",translate("接口")) -for b,t in ipairs(o:get_networks())do -if t:name()~="loopback" then e:value(t:name())end -end --- e=t:option(Value,"start_delay",translate("延时启动"),translate("Units:seconds")) --- e.datatype="uinteger" --- e.default="0" --- e.rmempty=true -e=t:option(DynamicList,"join",translate('ZeroTier 网络 ID')) + +e=t:option(DynamicList,"join",translate('ZeroTier Network ID')) e.password=true e.rmempty=false -if nixio.fs.access("/etc/config/zerotier")then -e=t:option(Button,"Configuration",translate("网络配置管理")) -e.inputtitle=translate("打开网站") -e.inputstyle="reload" -e.write=function() -luci.http.redirect("https://my.zerotier.com/") -end -end + +e=t:option(Flag,"nat",translate("Auto NAT Clients")) +e.default=0 +e.rmempty=false +e.description = translate("Allow zerotier clients access your LAN network") + +e=t:option(DummyValue,"opennewwindow" , + translate("")) +e.description = translate("Create or manage your zerotier network, and auth clients who could access") + return a diff --git a/package/lean/luci-app-zerotier/luasrc/view/zerotier/zerotier_status.htm b/package/lean/luci-app-zerotier/luasrc/view/zerotier/zerotier_status.htm index a4dfa39ec..9d216c5d9 100644 --- a/package/lean/luci-app-zerotier/luasrc/view/zerotier/zerotier_status.htm +++ b/package/lean/luci-app-zerotier/luasrc/view/zerotier/zerotier_status.htm @@ -1,13 +1,13 @@
- <%:Running Status%>

<%:Collecting data...%>

diff --git a/package/lean/luci-app-zerotier/po/zh-cn/zerotier.po b/package/lean/luci-app-zerotier/po/zh-cn/zerotier.po new file mode 100644 index 000000000..491ca5a87 --- /dev/null +++ b/package/lean/luci-app-zerotier/po/zh-cn/zerotier.po @@ -0,0 +1,11 @@ +msgid "Zerotier is an open source, cross-platform and easy to use virtual LAN" +msgstr "Zerotier是一个开源,跨平台,而且适合内网穿透互联的傻瓜配置虚拟 VPN LAN" + +msgid "Auto NAT Clients" +msgstr "自动允许客户端NAT" + +msgid "Allow zerotier clients access your LAN network" +msgstr "允许Zerotier的拨入客户端访问LAN局域网" + +msgid "Create or manage your zerotier network, and auth clients who could access" +msgstr "点击跳转到Zerotier官网管理平台,新建或者管理网络,并允许客户端接入访问你私人网路(新接入的节点默认不允许访问)" diff --git a/package/lean/luci-app-zerotier/root/etc/init.d/zerotier b/package/lean/luci-app-zerotier/root/etc/init.d/zerotier new file mode 100755 index 000000000..018620ee0 --- /dev/null +++ b/package/lean/luci-app-zerotier/root/etc/init.d/zerotier @@ -0,0 +1,99 @@ +#!/bin/sh /etc/rc.common + +START=90 + +USE_PROCD=1 + +PROG=/usr/bin/zerotier-one +CONFIG_PATH=/var/lib/zerotier-one + +section_enabled() { + config_get_bool enabled "$1" 'enabled' 0 + [ $enabled -gt 0 ] +} + +start_instance() { + local cfg="$1" + local port secret config_path + local ARGS="" + + if ! section_enabled "$cfg"; then + echo "disabled in config" + return 1 + fi + + config_get config_path $cfg 'config_path' + config_get_bool port $cfg 'port' + config_get secret $cfg 'secret' + + # Remove existing link or folder + rm -rf $CONFIG_PATH + + # Create link from CONFIG_PATH to config_path + if [ -n "$config_path" -a "$config_path" != $CONFIG_PATH ]; then + if [ ! -d "$config_path" ]; then + echo "ZeroTier config_path does not exist: $config_path" + return + fi + + ln -s $config_path $CONFIG_PATH + fi + + mkdir -p $CONFIG_PATH/networks.d + + if [ -n "$port" ]; then + ARGS="$ARGS -p$port" + fi + + if [ "$secret" = "generate" ]; then + echo "Generate secret - please wait..." + local sf="/tmp/zt.$cfg.secret" + + zerotier-idtool generate "$sf" > /dev/null + [ $? -ne 0 ] && return 1 + + secret="$(cat $sf)" + rm "$sf" + + uci set zerotier.$cfg.secret="$secret" + uci commit zerotier + fi + + if [ -n "$secret" ]; then + echo "$secret" > $CONFIG_PATH/identity.secret + # make sure there is not previous identity.public + rm -f $CONFIG_PATH/identity.public + fi + + add_join() { + # an (empty) config file will cause ZT to join a network + touch $CONFIG_PATH/networks.d/$1.conf + } + + config_list_foreach $cfg 'join' add_join + + procd_open_instance + procd_set_param command $PROG $ARGS $CONFIG_PATH + procd_set_param stderr 1 + procd_close_instance +} + +start_service() { + config_load 'zerotier' + config_foreach start_instance 'zerotier' + nohup /etc/zerotier.start >> /tmp/zero.log 2>&1 & +} + +stop_instance() { + nohup /etc/zerotier.stop > /tmp/zero.log 2>&1 & + local cfg="$1" + + # Remove existing link or folder + rm -rf $CONFIG_PATH +} + +stop_service() { + config_load 'zerotier' + config_foreach stop_instance 'zerotier' +} + diff --git a/package/lean/luci-app-zerotier/root/etc/uci-defaults/40_luci-zerotier b/package/lean/luci-app-zerotier/root/etc/uci-defaults/40_luci-zerotier index 06f02e802..95f0ccfc9 100755 --- a/package/lean/luci-app-zerotier/root/etc/uci-defaults/40_luci-zerotier +++ b/package/lean/luci-app-zerotier/root/etc/uci-defaults/40_luci-zerotier @@ -5,6 +5,12 @@ uci -q batch <<-EOF >/dev/null add ucitrack zerotier set ucitrack.@zerotier[-1].init=zerotier commit ucitrack + delete firewall.zerotier + set firewall.zerotier=include + set firewall.zerotier.type=script + set firewall.zerotier.path=/etc/zerotier.start + set firewall.zerotier.reload=1 + commit firewall EOF rm -f /tmp/luci-indexcache diff --git a/package/lean/luci-app-zerotier/root/etc/zerotier.start b/package/lean/luci-app-zerotier/root/etc/zerotier.start new file mode 100755 index 000000000..ab40a0949 --- /dev/null +++ b/package/lean/luci-app-zerotier/root/etc/zerotier.start @@ -0,0 +1,28 @@ +#!/bin/sh + +zero_enable=$(uci get zerotier.sample_config.enabled) + +if [ $zero_enable -eq 1 ]; then + +while [ "$(ifconfig | grep zt | awk '{print $1}')" = "" ] +do + echo "zt interface not started yet, try build rules after 5s" + sleep 5 +done + +nat_enable=$(uci get zerotier.sample_config.nat) +zt0=$(ifconfig | grep zt | awk '{print $1}') +echo "zt interface $zt0 is started!" +echo $zt0 > /tmp/zt.nif +iptables -D FORWARD -i $zt0 -j ACCEPT 2>/dev/null +iptables -D FORWARD -o $zt0 -j ACCEPT 2>/dev/null +iptables -t nat -D POSTROUTING -o $zt0 -j MASQUERADE 2>/dev/null +if [ $nat_enable -eq 1 ]; then + iptables -I FORWARD -i $zt0 -j ACCEPT + iptables -I FORWARD -o $zt0 -j ACCEPT + iptables -t nat -I POSTROUTING -o $zt0 -j MASQUERADE +fi + +fi + + diff --git a/package/lean/luci-app-zerotier/root/etc/zerotier.stop b/package/lean/luci-app-zerotier/root/etc/zerotier.stop new file mode 100755 index 000000000..754c512b4 --- /dev/null +++ b/package/lean/luci-app-zerotier/root/etc/zerotier.stop @@ -0,0 +1,10 @@ +#!/bin/sh + +zt0=$(ifconfig | grep zt | awk '{print $1}') +if [ "$zt0" = "" ]; then + zt0=$(cat /tmp/cat /tmp/zt.nif) +fi +echo "zt interface $zt0 is stopped!" +iptables -D FORWARD -i $zt0 -j ACCEPT 2>/dev/null +iptables -D FORWARD -o $zt0 -j ACCEPT 2>/dev/null +iptables -t nat -D POSTROUTING -o $zt0 -j MASQUERADE 2>/dev/null