ppp: add shellsync support

2025-04-15 18:03:30 +00:00 · 2020-07-08 14:45:43 +08:00 · 2020-07-08 14:45:43 +08:00 · 37c63e9b3d
commit 37c63e9b3d
parent 170042c687
23 changed files with 668 additions and 37 deletions
--- a/feeds.conf.default
+++ b/feeds.conf.default
@ -1,4 +1,4 @@
-src-git packages https://git.openwrt.org/feed/packages.git
+src-git packages https://github.com/coolsnowwolf/packages
 src-git luci https://github.com/coolsnowwolf/luci
 src-git routing https://git.openwrt.org/feed/routing.git
 src-git telephony https://git.openwrt.org/feed/telephony.git
--- a/package/network/services/ppp/Makefile
+++ b/package/network/services/ppp/Makefile
@ -9,19 +9,18 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk

 PKG_NAME:=ppp
-PKG_RELEASE:=2
+PKG_RELEASE:=5

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/paulusmack/ppp
-PKG_SOURCE_DATE:=2020-05-25
-PKG_SOURCE_VERSION:=ddd57c279f467e18c4fb3a661f21a069a5a37a1f
-PKG_MIRROR_HASH:=aac65e65dd25eaf8978a7a0b3258c863d90e29e247dd33d95276c0c189bcd424
+PKG_SOURCE_VERSION:=78cd384ce0f48bb5edb84e4fe9a574eab4a4ad14
+PKG_MIRROR_HASH:=cf284c312b0c90974d11f8aeece173bcac8475f5b810911f4feb2c5a4db263fe
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=BSD-4-Clause
 PKG_CPE_ID:=cpe:/a:samba:ppp

 PKG_RELEASE_VERSION:=2.4.8
-PKG_VERSION:=$(PKG_RELEASE_VERSION).git-$(PKG_SOURCE_DATE)
+PKG_VERSION:=$(PKG_RELEASE_VERSION)

 PKG_BUILD_DEPENDS:=libpcap

@ -39,7 +38,7 @@ endef

 define Package/ppp
 $(call Package/ppp/Default)
-  DEPENDS:=+kmod-ppp
+  DEPENDS:=+kmod-ppp +libpthread +shellsync +kmod-mppe
  TITLE:=PPP daemon
  VARIANT:=default
 endef
--- a/package/network/services/ppp/files/ppp.sh
+++ b/package/network/services/ppp/files/ppp.sh
@ -74,7 +74,7 @@ ppp_generic_init_config() {
 	proto_config_add_string pppd_options
 	proto_config_add_string 'connect:file'
 	proto_config_add_string 'disconnect:file'
-	[ -e /proc/sys/net/ipv6 ] && proto_config_add_string ipv6
+	proto_config_add_string ipv6
 	proto_config_add_boolean authfail
 	proto_config_add_int mtu
 	proto_config_add_string pppname
@ -88,9 +88,7 @@ ppp_generic_setup() {
 	local config="$1"; shift
 	local localip

-	json_get_vars ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns
-
-	[ ! -e /proc/sys/net/ipv6 ] && ipv6=0 || json_get_var ipv6 ipv6
+	json_get_vars ipv6 ip6table demand keepalive keepalive_adaptive username password pppd_options pppname unnumbered persist maxfail holdoff peerdns

 	if [ "$ipv6" = 0 ]; then
 		ipv6=""
@ -151,9 +149,9 @@ ppp_generic_setup() {
 		${connect:+connect "$connect"} \
 		${disconnect:+disconnect "$disconnect"} \
 		ip-up-script /lib/netifd/ppp-up \
-		${ipv6:+ipv6-up-script /lib/netifd/ppp6-up} \
+		ipv6-up-script /lib/netifd/ppp6-up \
 		ip-down-script /lib/netifd/ppp-down \
-		${ipv6:+ipv6-down-script /lib/netifd/ppp-down} \
+		ipv6-down-script /lib/netifd/ppp-down \
 		${mtu:+mtu $mtu mru $mtu} \
 		"$@" $pppd_options
 }
@ -233,7 +231,16 @@ proto_pppoe_setup() {
 	json_get_var padi_attempts padi_attempts
 	json_get_var padi_timeout padi_timeout

+#By 蝈蝈：并发拨号同步的前期准备
+	syncppp_option=""
+	[ "$(uci get syncdial.config.enabled)" -eq "1" ] && {
+		ppp_if_cnt=$(uci show network | grep -c "\.proto=\'pppoe\'$")
+		syncppp_option="syncppp $ppp_if_cnt"
+		shellsync $ppp_if_cnt 10
+	}
+
 	ppp_generic_setup "$config" \
+		$syncppp_option \
 		plugin rp-pppoe.so \
 		${ac:+rp_pppoe_ac "$ac"} \
 		${service:+rp_pppoe_service "$service"} \
--- a/package/network/services/ppp/patches/100-debian_ip-ip_option.patch
+++ b/package/network/services/ppp/patches/100-debian_ip-ip_option.patch
@ -85,7 +85,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
       "Enable multilink operation", OPT_PRIO | 1 },
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -335,6 +335,8 @@ extern int	connect_delay;	/* Time to del
+@@ -334,6 +334,8 @@ extern int	connect_delay;	/* Time to del
 extern int	max_data_rate;	/* max bytes/sec through charshunt */
 extern int	req_unit;	/* interface unit number to use */
 extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
--- a/package/network/services/ppp/patches/105-debian_demand.patch
+++ b/package/network/services/ppp/patches/105-debian_demand.patch
@ -161,7 +161,7 @@
     } else {
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -602,7 +602,7 @@ void demand_conf __P((void));	/* config
+@@ -601,7 +601,7 @@ void demand_conf __P((void));	/* config
 void demand_block __P((void));	/* set all NPs to queue up packets */
 void demand_unblock __P((void)); /* set all NPs to pass packets */
 void demand_discard __P((void)); /* set all NPs to discard packets */
--- a/package/network/services/ppp/patches/110-debian_defaultroute.patch
+++ b/package/network/services/ppp/patches/110-debian_defaultroute.patch
@ -137,7 +137,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 .B disconnect \fIscript
 Execute the command specified by \fIscript\fR, by passing it to a
 shell, after
-@@ -751,7 +756,12 @@ disable both forms of hardware flow cont
+@@ -746,7 +751,12 @@ disable both forms of hardware flow cont
 .TP
 .B nodefaultroute
 Disable the \fIdefaultroute\fR option.  The system administrator who
@ -153,7 +153,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 .B nodefaultroute6
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -684,7 +684,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
+@@ -683,7 +683,7 @@ int  sif6addr __P((int, eui64_t, eui64_t
 int  cif6addr __P((int, eui64_t, eui64_t));
 				/* Remove an IPv6 address from i/f */
 #endif
@ -292,7 +292,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 }
 --- a/pppd/sys-solaris.c
 +++ b/pppd/sys-solaris.c
-@@ -2120,12 +2120,18 @@ cifaddr(u, o, h)
+@@ -2119,12 +2119,18 @@ cifaddr(u, o, h)
  * sifdefaultroute - assign a default route through the address given.
  */
 int
--- a/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
+++ b/package/network/services/ppp/patches/120-debian_ipv6_updown_option.patch
@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     }
 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -337,6 +337,8 @@ extern int	req_unit;	/* interface unit n
+@@ -336,6 +336,8 @@ extern int	req_unit;	/* interface unit n
 extern char	req_ifname[MAXIFNAMELEN]; /* interface name to use */
 extern char	path_ipup[MAXPATHLEN]; /* pathname of ip-up script */
 extern char	path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */
--- a/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch
+++ b/package/network/services/ppp/patches/121-debian_adaptive_lcp_echo.patch
@ -0,0 +1,56 @@
+--- a/pppd/lcp.c
+++ b/pppd/lcp.c
+@@ -72,6 +72,7 @@ static void lcp_delayed_up __P((void *))
+  */
+ int	lcp_echo_interval = 0; 	/* Interval between LCP echo-requests */
+ int	lcp_echo_fails = 0;	/* Tolerance to unanswered echo-requests */
+bool	lcp_echo_adaptive = 0;	/* request echo only if the link was idle */
+ bool	lax_recv = 0;		/* accept control chars in asyncmap */
+ bool	noendpoint = 0;		/* don't send/accept endpoint discriminator */
+ 
+@@ -150,6 +151,8 @@ static option_t lcp_option_list[] = {
+       OPT_PRIO },
+     { "lcp-echo-interval", o_int, &lcp_echo_interval,
+       "Set time in seconds between LCP echo requests", OPT_PRIO },
+    { "lcp-echo-adaptive", o_bool, &lcp_echo_adaptive,
+      "Suppress LCP echo requests if traffic was received", 1 },
+     { "lcp-restart", o_int, &lcp_fsm[0].timeouttime,
+       "Set time in seconds between LCP retransmissions", OPT_PRIO },
+     { "lcp-max-terminate", o_int, &lcp_fsm[0].maxtermtransmits,
+@@ -2330,6 +2333,22 @@ LcpSendEchoRequest (f)
+ 	}
+     }
+ 
+    /*
+     * If adaptive echos have been enabled, only send the echo request if
+     * no traffic was received since the last one.
+     */
+    if (lcp_echo_adaptive) {
+	static unsigned int last_pkts_in = 0;
+
+	update_link_stats(f->unit);
+	link_stats_valid = 0;
+
+	if (link_stats.pkts_in != last_pkts_in) {
+	    last_pkts_in = link_stats.pkts_in;
+	    return;
+	}
+    }
+
+     /*
+      * Make and send the echo request frame.
+      */
+--- a/pppd/pppd.8
+++ b/pppd/pppd.8
+@@ -575,6 +575,11 @@ to 1) if the \fIproxyarp\fR option is us
+ dynamic IP address option (i.e. set /proc/sys/net/ipv4/ip_dynaddr to
+ 1) in demand mode if the local address changes.
+ .TP
+.B lcp\-echo\-adaptive
+If this option is used with the \fIlcp\-echo\-failure\fR option then
+pppd will send LCP echo\-request frames only if no traffic was received
+from the peer since the last echo\-request was sent.
+.TP
+ .B lcp\-echo\-failure \fIn
+ If this option is given, pppd will presume the peer to be dead
+ if \fIn\fR LCP echo\-requests are sent without receiving a valid LCP
--- a/package/network/services/ppp/patches/200-makefile.patch
+++ b/package/network/services/ppp/patches/200-makefile.patch
@ -34,7 +34,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 
 CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"'
 
-@@ -126,10 +126,10 @@ CFLAGS   += -DHAS_SHADOW
+@@ -125,10 +125,10 @@ CFLAGS   += -DHAS_SHADOW
 #LIBS     += -lshadow $(LIBS)
 endif
 
--- a/package/network/services/ppp/patches/202-no_strip.patch
+++ b/package/network/services/ppp/patches/202-no_strip.patch
@ -19,7 +19,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 clean:
 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -108,7 +108,7 @@ ifdef USE_SRP
+@@ -107,7 +107,7 @@ ifdef USE_SRP
 CFLAGS	+= -DUSE_SRP -DOPENSSL -I/usr/local/ssl/include
 LIBS	+= -lsrp -L/usr/local/ssl/lib -lcrypto
 TARGETS	+= srp-entry
@ -28,7 +28,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 MANPAGES += srp-entry.8
 EXTRACLEAN += srp-entry.o
 NEEDDES=y
-@@ -220,7 +220,7 @@ all: $(TARGETS)
+@@ -219,7 +219,7 @@ all: $(TARGETS)
 install: pppd
 	mkdir -p $(BINDIR) $(MANDIR)
 	$(EXTRAINSTALL)
--- a/package/network/services/ppp/patches/206-compensate_time_change.patch
+++ b/package/network/services/ppp/patches/206-compensate_time_change.patch
@ -0,0 +1,94 @@
+pppd: Watch out for time warps
+
+On many embedded systems there is no battery backed RTC and a proper system
+time only becomes available through NTP after establishing a connection.
+
+When the clock suddenly jumps forward, the internal accounting (connect time)
+is confused resulting in unreliable data.
+
+This patch implements periodic clock checking to look for time warps, if one
+is detected, the internal counters are adjusted accordingly.
+
+Signed-off-by: Jo-Philipp Wich <jo@mein.io>
+
+--- a/pppd/main.c
+++ b/pppd/main.c
+@@ -89,6 +89,7 @@
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+#include <sys/sysinfo.h>
+ 
+ #include "pppd.h"
+ #include "magic.h"
+@@ -226,6 +227,7 @@ static struct subprocess *children;
+ 
+ /* Prototypes for procedures local to this file. */
+ 
+static void check_time(void);
+ static void setup_signals __P((void));
+ static void create_pidfile __P((int pid));
+ static void create_linkpidfile __P((int pid));
+@@ -525,6 +527,7 @@ main(argc, argv)
+ 	    info("Starting link");
+ 	}
+ 
+	check_time();
+ 	gettimeofday(&start_time, NULL);
+ 	script_unsetenv("CONNECT_TIME");
+ 	script_unsetenv("BYTES_SENT");
+@@ -1274,6 +1277,36 @@ struct	callout {
+ 
+ static struct callout *callout = NULL;	/* Callout list */
+ static struct timeval timenow;		/* Current time */
+static long uptime_diff = 0;
+static int uptime_diff_set = 0;
+
+static void check_time(void)
+{
+	long new_diff;
+	struct timeval t;
+	struct sysinfo i;
+    struct callout *p;
+	
+	gettimeofday(&t, NULL);
+	sysinfo(&i);
+	new_diff = t.tv_sec - i.uptime;
+	
+	if (!uptime_diff_set) {
+		uptime_diff = new_diff;
+		uptime_diff_set = 1;
+		return;
+	}
+
+	if ((new_diff - 5 > uptime_diff) || (new_diff + 5 < uptime_diff)) {
+		/* system time has changed, update counters and timeouts */
+		info("System time change detected.");
+		start_time.tv_sec += new_diff - uptime_diff;
+		
+    	for (p = callout; p != NULL; p = p->c_next)
+			p->c_time.tv_sec += new_diff - uptime_diff;
+	}
+	uptime_diff = new_diff;
+}
+ 
+ /*
+  * timeout - Schedule a timeout.
+@@ -1344,6 +1377,8 @@ calltimeout()
+ {
+     struct callout *p;
+ 
+	check_time();
+	
+     while (callout != NULL) {
+ 	p = callout;
+ 
+@@ -1371,6 +1406,8 @@ timeleft(tvp)
+ {
+     if (callout == NULL)
+ 	return NULL;
+	
+	check_time();
+ 
+     gettimeofday(&timenow, NULL);
+     tvp->tv_sec = callout->c_time.tv_sec - timenow.tv_sec;
--- a/package/network/services/ppp/patches/208-fix_status_code.patch
+++ b/package/network/services/ppp/patches/208-fix_status_code.patch
@ -12,7 +12,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>

 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -1052,7 +1052,8 @@ get_input()
+@@ -1055,7 +1055,8 @@ get_input()
 	}
 	notice("Modem hangup");
 	hungup = 1;
--- a/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
+++ b/package/network/services/ppp/patches/300-filter-pcap-includes-lib.patch
@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>

 --- a/pppd/Makefile.linux
 +++ b/pppd/Makefile.linux
-@@ -190,8 +190,8 @@ endif
+@@ -189,8 +189,8 @@ endif
 
 ifdef FILTER
 ifneq ($(wildcard /usr/include/pcap-bpf.h),)
--- a/package/network/services/ppp/patches/310-precompile_filter.patch
+++ b/package/network/services/ppp/patches/310-precompile_filter.patch
@ -23,7 +23,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 # Uncomment the next line to enable multilink PPP (enabled by default)
 # Linux distributions: Please leave multilink ENABLED in your builds
 # of pppd!
-@@ -195,6 +198,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
+@@ -194,6 +197,14 @@ CFLAGS  += -DPPP_FILTER -I$(STAGING_DIR)
 endif
 endif
 
@ -77,7 +77,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 #ifdef MAXOCTETS
     { "maxoctets", o_int, &maxoctets,
       "Set connection traffic limit",
-@@ -1516,6 +1532,29 @@ callfile(argv)
+@@ -1511,6 +1527,29 @@ callfile(argv)
     return ok;
 }
 
--- a/package/network/services/ppp/patches/401-no_record_file.patch
+++ b/package/network/services/ppp/patches/401-no_record_file.patch
@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>

 --- a/pppd/pppd.h
 +++ b/pppd/pppd.h
-@@ -326,7 +326,6 @@ extern int	holdoff;	/* Dead time before
+@@ -325,7 +325,6 @@ extern int	holdoff;	/* Dead time before
 extern bool	holdoff_specified; /* true if user gave a holdoff value */
 extern bool	notty;		/* Stdin/out is not a tty */
 extern char	*pty_socket;	/* Socket to connect to pty */
--- a/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
+++ b/package/network/services/ppp/patches/404-remove_obsolete_protocol_names.patch
@ -7,7 +7,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>

 --- a/pppd/main.c
 +++ b/pppd/main.c
-@@ -883,14 +883,17 @@ struct protocol_list {
+@@ -886,14 +886,17 @@ struct protocol_list {
     const char	*name;
 } protocol_list[] = {
     { 0x21,	"IP" },
@ -25,7 +25,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x33,	"Stream Protocol ST-II" },
     { 0x35,	"Banyan Vines" },
     { 0x39,	"AppleTalk EDDP" },
-@@ -904,8 +907,11 @@ struct protocol_list {
+@@ -907,8 +910,11 @@ struct protocol_list {
     { 0x49,	"Serial Data Transport Protocol (PPP-SDTP)" },
     { 0x4b,	"SNA over 802.2" },
     { 0x4d,	"SNA" },
@ -37,7 +37,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x53,	"Encryption" },
     { 0x55,	"Individual Link Encryption" },
     { 0x57,	"IPv6" },
-@@ -916,12 +922,15 @@ struct protocol_list {
+@@ -919,12 +925,15 @@ struct protocol_list {
     { 0x65,	"RTP IPHC Compressed non-TCP" },
     { 0x67,	"RTP IPHC Compressed UDP 8" },
     { 0x69,	"RTP IPHC Compressed RTP 8" },
@ -53,7 +53,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x0203,	"IBM Source Routing BPDU" },
     { 0x0205,	"DEC LANBridge100 Spanning Tree" },
     { 0x0207,	"Cisco Discovery Protocol" },
-@@ -933,15 +942,19 @@ struct protocol_list {
+@@ -936,15 +945,19 @@ struct protocol_list {
     { 0x0231,	"Luxcom" },
     { 0x0233,	"Sigma Network Systems" },
     { 0x0235,	"Apple Client Server Protocol" },
@ -73,7 +73,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x4001,	"Cray Communications Control Protocol" },
     { 0x4003,	"CDPD Mobile Network Registration Protocol" },
     { 0x4005,	"Expand accelerator protocol" },
-@@ -952,8 +965,10 @@ struct protocol_list {
+@@ -955,8 +968,10 @@ struct protocol_list {
     { 0x4023,	"RefTek Protocol" },
     { 0x4025,	"Fibre Channel" },
     { 0x4027,	"EMIT Protocols" },
@ -84,7 +84,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x8023,	"OSI Network Layer Control Protocol" },
     { 0x8025,	"Xerox NS IDP Control Protocol" },
     { 0x8027,	"DECnet Phase IV Control Protocol" },
-@@ -962,7 +977,9 @@ struct protocol_list {
+@@ -965,7 +980,9 @@ struct protocol_list {
     { 0x8031,	"Bridging NCP" },
     { 0x8033,	"Stream Protocol Control Protocol" },
     { 0x8035,	"Banyan Vines Control Protocol" },
@ -94,7 +94,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x803f,	"NETBIOS Framing Control Protocol" },
     { 0x8041,	"Cisco Systems Control Protocol" },
     { 0x8043,	"Ascom Timeplex" },
-@@ -971,18 +988,24 @@ struct protocol_list {
+@@ -974,18 +991,24 @@ struct protocol_list {
     { 0x8049,	"Serial Data Control Protocol (PPP-SDCP)" },
     { 0x804b,	"SNA over 802.2 Control Protocol" },
     { 0x804d,	"SNA Control Protocol" },
@ -119,7 +119,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io>
     { 0x8207,	"Cisco Discovery Protocol Control" },
     { 0x8209,	"Netcs Twin Routing" },
     { 0x820b,	"STP - Control Protocol" },
-@@ -991,24 +1014,29 @@ struct protocol_list {
+@@ -994,24 +1017,29 @@ struct protocol_list {
     { 0x8281,	"MPLSCP" },
     { 0x8285,	"IEEE p1284.4 standard - Protocol Control" },
     { 0x8287,	"ETSI TETRA TNP1 Control Protocol" },
--- a/package/network/services/ppp/patches/511-syncppp.patch
+++ b/package/network/services/ppp/patches/511-syncppp.patch
@ -0,0 +1,207 @@
+--- a/pppd/chap-new.c
+++ b/pppd/chap-new.c
+@@ -37,6 +37,8 @@
+ #include "chap-new.h"
+ #include "chap-md5.h"
+ 
+#include "syncppp.h"
+
+ #ifdef CHAPMS
+ #include "chap_ms.h"
+ #define MDTYPE_ALL (MDTYPE_MICROSOFT_V2 | MDTYPE_MICROSOFT | MDTYPE_MD5)
+@@ -492,6 +494,19 @@ chap_respond(struct chap_client_state *c
+ 	p[2] = len >> 8;
+ 	p[3] = len;
+ 
+    if (npppd > 1) {
+        if (syncppp(npppd) < 0) {
+            error("syncppp sync fail");
+            sem_unlink(SEM_COUNT_NAME);
+            sem_unlink(SEM_BLOCK_NAME);
+        } else {
+            info("syncppp sync succeeded");
+        }   
+    } else {
+        info("syncppp not active");
+    }
+
+
+ 	output(0, response, PPP_HDRLEN + len);
+ }
+ 
+--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
+@@ -13,16 +13,16 @@ TARGETS = pppd
+ 
+ PPPDSRCS = main.c magic.c fsm.c lcp.c ipcp.c upap.c chap-new.c md5.c ccp.c \
+ 	   ecp.c ipxcp.c auth.c options.c sys-linux.c md4.c chap_ms.c \
+-	   demand.c utils.c tty.c eap.c chap-md5.c session.c
+	   demand.c utils.c tty.c eap.c chap-md5.c session.c syncppp.c
+ 
+ HEADERS = ccp.h session.h chap-new.h ecp.h fsm.h ipcp.h \
+ 	ipxcp.h lcp.h magic.h md5.h patchlevel.h pathnames.h pppd.h \
+-	upap.h eap.h
+	upap.h eap.h syncppp.h
+ 
+ MANPAGES = pppd.8
+ PPPDOBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o md5.o ccp.o \
+ 	   ecp.o auth.o options.o demand.o utils.o sys-linux.o ipxcp.o tty.o \
+-	   eap.o chap-md5.o session.o
+	   eap.o chap-md5.o session.o syncppp.o
+ 
+ #
+ # include dependencies if present
+@@ -33,7 +33,7 @@ endif
+ # CC = gcc
+ #
+ COPTS = -O2 -pipe -Wall -g
+-LIBS =
+LIBS = -lpthread
+ 
+ # Uncomment the next line to include support for Microsoft's
+ # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
+--- a/pppd/options.c
+++ b/pppd/options.c
+@@ -128,6 +128,7 @@ bool	dump_options;		/* print out option
+ bool	dryrun;			/* print out option values and exit */
+ char	*domain;		/* domain name set by domain option */
+ int	child_wait = 5;		/* # seconds to wait for children at exit */
+int	npppd = 0;      /* synchronize between multiple pppd */
+ struct userenv *userenv_list;	/* user environment variables */
+ int	dfl_route_metric = -1;	/* metric of the default route to set over the PPP link */
+ 
+@@ -342,6 +343,10 @@ option_t general_options[] = {
+       "Set pathname of ipv6-down script",
+       OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN },
+ 
+    { "syncppp", o_int, &npppd,
+      "sync among multiple pppd when sending chap/pap respond", OPT_PRIO },
+
+
+ #ifdef HAVE_MULTILINK
+     { "multilink", o_bool, &multilink,
+       "Enable multilink operation", OPT_PRIO | 1 },
+--- a/pppd/pppd.h
+++ b/pppd/pppd.h
+@@ -343,6 +343,7 @@ extern char	*bundle_name;	/* bundle name
+ extern bool	dump_options;	/* print out option values */
+ extern bool	dryrun;		/* check everything, print options, exit */
+ extern int	child_wait;	/* # seconds to wait for children at end */
+extern int npppd;  /* synchronize between multiple pppd */
+ 
+ #ifdef MAXOCTETS
+ extern unsigned int maxoctets;	     /* Maximum octetes per session (in bytes) */
+--- /dev/null
+++ b/pppd/syncppp.c
+@@ -0,0 +1,75 @@
+#include<stdio.h>
+#include<semaphore.h>
+#include<fcntl.h>
+#include<stdlib.h>
+#include<time.h>
+#include<errno.h>
+#include "pppd.h"
+#include "syncppp.h"
+
+int syncppp(int nproc)
+{
+    int flags;
+    int value;
+    sem_t *block; 
+    sem_t *count;
+    struct timespec ts;
+
+    if (nproc <= 1) {
+        error("syncppp: number of pppd should be larger than 1");
+        return -1;
+    }
+
+    if (clock_gettime(CLOCK_REALTIME, &ts) == -1) {
+        error("clock_gettime error");
+        return -1;
+    }
+    ts.tv_sec += SYNCPPP_TIMEOUT;
+
+
+    flags = O_RDWR | O_CREAT;
+    block = sem_open(SEM_BLOCK_NAME, flags, 0644, 0);
+    count = sem_open(SEM_COUNT_NAME, flags, 0644, 0);
+    if (block == SEM_FAILED || count == SEM_FAILED) {
+        error("syncppp: sem_open failed");
+        return -1;
+    }
+
+    if (sem_post(count) < 0) {
+        error("syncppp: sem_post failed");
+        return -1;
+    }
+    if (sem_getvalue(count, &value) < 0) {
+        error("syncppp: sem_getvalue failed");
+        return -1;
+    }
+    info("%d pppd have arrived, waiting for the left %d", value, nproc-value);
+    if (value >= nproc) {
+        while (nproc-1 > 0) {
+            if (sem_post(block) < 0) {
+                error("syncppp: sem_post failed");
+                return -1;
+            }
+            nproc--;
+        }
+    } else {
+        if (sem_timedwait(block, &ts) < 0) {
+            if (errno == ETIMEDOUT) {
+                error("syncppp: sem_timewait time out");
+            } else {
+                error("syncppp: sem_timewait error");
+            }
+            return -1;
+        }
+
+    }
+
+    sem_close(count);
+    sem_close(block);
+
+    sem_unlink(SEM_COUNT_NAME);
+    sem_unlink(SEM_BLOCK_NAME);
+
+    return 0;
+}
+
+--- /dev/null
+++ b/pppd/syncppp.h
+@@ -0,0 +1,3 @@
+#define SEM_BLOCK_NAME  "block"
+#define SEM_COUNT_NAME  "count"
+#define SYNCPPP_TIMEOUT 5
+--- a/pppd/upap.c
+++ b/pppd/upap.c
+@@ -52,6 +52,7 @@
+ #include "pppd.h"
+ #include "upap.h"
+ 
+#include "syncppp.h"
+ 
+ static bool hide_password = 1;
+ 
+@@ -567,6 +568,18 @@ upap_sauthreq(u)
+     PUTCHAR(u->us_passwdlen, outp);
+     BCOPY(u->us_passwd, outp, u->us_passwdlen);
+ 
+    if (npppd > 1) {
+        if (syncppp(npppd) < 0) {
+            error("syncppp sync fail");
+            sem_unlink(SEM_COUNT_NAME);
+            sem_unlink(SEM_BLOCK_NAME);
+        } else {
+            info("syncppp sync succeeded");
+        }
+    } else {
+        info("syncppp not active");
+    }   
+
+     output(u->us_unit, outpacket_buf, outlen + PPP_HDRLEN);
+ 
+     TIMEOUT(upap_timeout, u, u->us_timeouttime);
+
--- a/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
+++ b/package/network/services/ppp/patches/600-Revert-pppd-Use-openssl-for-the-DES-instead-of-the-l.patch
@ -17,7 +17,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 +++ b/pppd/Makefile.linux
@@ -35,10 +35,10 @@ endif
 COPTS = -O2 -pipe -Wall -g
- LIBS = -lrt
+ LIBS =
 
 -# Uncomment the next line to include support for Microsoft's
 +# Uncomment the next 2 lines to include support for Microsoft's
@ -28,7 +28,7 @@ This reverts commit 3c7b86229f7bd2600d74db14b1fe5b3896be3875.
 # Don't use MSLANMAN unless you really know what you're doing.
 #MSLANMAN=y
 # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
-@@ -141,8 +141,7 @@ endif
+@@ -140,8 +140,7 @@ endif
 
 ifdef NEEDDES
 ifndef USE_CRYPT
--- a/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch
+++ b/package/network/services/ppp/patches/700-radius-Prevent-buffer-overflow-in-rc_mksid.patch
@ -0,0 +1,30 @@
+From 858976b1fc3107f1261aae337831959b511b83c2 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Sat, 4 Jan 2020 12:01:32 +1100
+Subject: [PATCH] radius: Prevent buffer overflow in rc_mksid()
+
+On some systems getpid() can return a value greater than 65535.
+Increase the size of buf[] to allow for this, and use slprintf()
+to make sure we never overflow it.
+
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+---
+ pppd/plugins/radius/util.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c
+index 6f976a712951..740131e8377c 100644
+--- a/pppd/plugins/radius/util.c
+++ b/pppd/plugins/radius/util.c
+@@ -73,9 +73,9 @@ void rc_mdelay(int msecs)
+ char *
+ rc_mksid (void)
+ {
+-  static char buf[15];
+  static char buf[32];
+   static unsigned short int cnt = 0;
+-  sprintf (buf, "%08lX%04X%02hX",
+  slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
+ 	   (unsigned long int) time (NULL),
+ 	   (unsigned int) getpid (),
+ 	   cnt & 0xFF);
--- a/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch
+++ b/package/network/services/ppp/patches/701-pppd-Fix-bounds-check-in-EAP-code.patch
@ -0,0 +1,37 @@
+From 8d7970b8f3db727fe798b65f3377fe6787575426 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Mon, 3 Feb 2020 15:53:28 +1100
+Subject: [PATCH] pppd: Fix bounds check in EAP code
+
+Given that we have just checked vallen < len, it can never be the case
+that vallen >= len + sizeof(rhostname).  This fixes the check so we
+actually avoid overflowing the rhostname array.
+
+Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+---
+ pppd/eap.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/pppd/eap.c b/pppd/eap.c
+index 94407f56a336..1b93db01aebd 100644
+--- a/pppd/eap.c
+++ b/pppd/eap.c
+@@ -1420,7 +1420,7 @@ int len;
+ 		}
+ 
+ 		/* Not so likely to happen. */
+-		if (vallen >= len + sizeof (rhostname)) {
+		if (len - vallen >= sizeof (rhostname)) {
+ 			dbglog("EAP: trimming really long peer name down");
+ 			BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
+ 			rhostname[sizeof (rhostname) - 1] = '\0';
+@@ -1846,7 +1846,7 @@ int len;
+ 		}
+ 
+ 		/* Not so likely to happen. */
+-		if (vallen >= len + sizeof (rhostname)) {
+		if (len - vallen >= sizeof (rhostname)) {
+ 			dbglog("EAP: trimming really long peer name down");
+ 			BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
+ 			rhostname[sizeof (rhostname) - 1] = '\0';
--- a/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch
+++ b/package/network/services/ppp/patches/702-pppd-Ignore-received-EAP-messages-when-not-doing-EAP.patch
@ -0,0 +1,61 @@
+From 8d45443bb5c9372b4c6a362ba2f443d41c5636af Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Mon, 3 Feb 2020 16:31:42 +1100
+Subject: [PATCH] pppd: Ignore received EAP messages when not doing EAP
+
+This adds some basic checks to the subroutines of eap_input to check
+that we have requested or agreed to doing EAP authentication before
+doing any processing on the received packet.  The motivation is to
+make it harder for a malicious peer to disrupt the operation of pppd
+by sending unsolicited EAP packets.  Note that eap_success() already
+has a check that the EAP client state is reasonable, and does nothing
+(apart from possibly printing a debug message) if not.
+
+Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
+---
+ pppd/eap.c | 18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/pppd/eap.c b/pppd/eap.c
+index 1b93db01aebd..082e95343120 100644
+--- a/pppd/eap.c
+++ b/pppd/eap.c
+@@ -1328,6 +1328,12 @@ int len;
+ 	int fd;
+ #endif /* USE_SRP */
+ 
+	/*
+	 * Ignore requests if we're not open
+	 */
+	if (esp->es_client.ea_state <= eapClosed)
+		return;
+
+ 	/*
+ 	 * Note: we update es_client.ea_id *only if* a Response
+ 	 * message is being generated.  Otherwise, we leave it the
+@@ -1736,6 +1742,12 @@ int len;
+ 	u_char dig[SHA_DIGESTSIZE];
+ #endif /* USE_SRP */
+ 
+	/*
+	 * Ignore responses if we're not open
+	 */
+	if (esp->es_server.ea_state <= eapClosed)
+		return;
+
+ 	if (esp->es_server.ea_id != id) {
+ 		dbglog("EAP: discarding Response %d; expected ID %d", id,
+ 		    esp->es_server.ea_id);
+@@ -2047,6 +2059,12 @@ u_char *inp;
+ int id;
+ int len;
+ {
+	/*
+	 * Ignore failure messages if we're not open
+	 */
+	if (esp->es_client.ea_state <= eapClosed)
+		return;
+
+ 	if (!eap_client_active(esp)) {
+ 		dbglog("EAP unexpected failure message in state %s (%d)",
+ 		    eap_state_name(esp->es_client.ea_state),
--- a/package/network/services/shellsync/Makefile
+++ b/package/network/services/shellsync/Makefile
@ -0,0 +1,34 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shellsync
+PKG_VERSION:=0.2
+PKG_RELEASE:=2
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shellsync
+  CATEGORY:=Utilities
+  TITLE:=shellsync
+  DEPENDS:=+libpthread +kmod-macvlan
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+	$(CP) ./src/* $(PKG_BUILD_DIR)/
+endef
+
+define Package/shellsync/description
+A tool to sync different shell scripts.Based on syncppp patch by morfast.
+endef
+
+define Build/Compile
+	$(TARGET_CROSS)gcc -pthread -o $(PKG_BUILD_DIR)/shellsync $(PKG_BUILD_DIR)/shellsync.c
+endef
+
+define Package/shellsync/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/shellsync $(1)/usr/bin
+endef
+
+
+$(eval $(call BuildPackage,shellsync))
--- a/package/network/services/shellsync/src/shellsync.c
+++ b/package/network/services/shellsync/src/shellsync.c
@ -0,0 +1,106 @@
+/*************************************************************************
+	> File Name: shellsync.c
+	> Author: GuoGuo
+	> Mail: gch981213@gmail.com
+	> Created Time: 2014年11月06日 星期四 19时15分30秒
+ ************************************************************************/
+#include<stdio.h>
+#include<semaphore.h>
+#include<fcntl.h>
+#include<stdlib.h>
+#include<time.h>
+#include<errno.h>
+#define SEM_BLOCK_NAME  "SYNCSHELL_block"
+#define SEM_COUNT_NAME  "SYNCSHELL_count"
+int wait_timeout;
+int sync_wait(int nproc)
+{
+    int flags;
+    int value;
+    sem_t *block; 
+    sem_t *count;
+    struct timespec ts;
+
+    if (nproc <= 1) {
+        printf("sync_wait: number of processes should be larger than 1\n");
+        return -1;
+    }
+
+    if (clock_gettime(CLOCK_REALTIME, &ts) == -1) {
+        printf("clock_gettime error\n");
+        return -1;
+    }
+    ts.tv_sec += wait_timeout;
+
+
+    flags = O_RDWR | O_CREAT;
+    block = sem_open(SEM_BLOCK_NAME, flags, 0644, 0);
+    count = sem_open(SEM_COUNT_NAME, flags, 0644, 0);
+    if (block == SEM_FAILED || count == SEM_FAILED) {
+        printf("sync_wait: sem_open failed\n");
+        return -1;
+    }
+
+    if (sem_post(count) < 0) {
+        printf("sync_wait: sem_post failed\n");
+        return -1;
+    }
+    if (sem_getvalue(count, &value) < 0) {
+        printf("sync_wait: sem_getvalue failed\n");
+        return -1;
+    }
+    printf("%d processes have arrived, waiting for the left %d\n", value, nproc-value);
+    if (value >= nproc) {
+        while (nproc-1 > 0) {
+            if (sem_post(block) < 0) {
+                printf("sync_wait: sem_post failed\n");
+                return -1;
+            }
+            nproc--;
+        }
+    } else {
+        if (sem_timedwait(block, &ts) < 0) {
+            if (errno == ETIMEDOUT) {
+                printf("sync_wait: sem_timewait time out\n");
+            } else {
+                printf("sync_wait: sem_timewait error\n");
+            }
+            return -1;
+        }
+
+    }
+
+    sem_close(count);
+    sem_close(block);
+
+    sem_unlink(SEM_COUNT_NAME);
+    sem_unlink(SEM_BLOCK_NAME);
+
+    return 0;
+}
+
+int main(int argc,char *argv[])
+{
+    if(argc!=3)
+    {
+        printf("Usage: shellsync <process num> <wait_timeout>\n");
+    }
+    else
+    {
+        int proc_num;
+        sscanf(argv[1],"%d",&proc_num);
+        sscanf(argv[2],"%d",&wait_timeout);
+        if(sync_wait(proc_num)<0)
+        {
+            printf("Processes sync failed.\n");
+            sem_unlink(SEM_COUNT_NAME);
+            sem_unlink(SEM_BLOCK_NAME);
+            return 1;
+        }
+        else
+        {
+            printf("Processes sync succeed.\n");
+            return 0;
+        }
+    }
+}