298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-19 14:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

add luci nft qos and app

Browse Source
This commit is contained in:
coolsnowwolf 2018-11-09 13:02:17 +08:00
parent 0b049d2385
commit 8be56849a9
40 changed files with 18894 additions and 7874 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
package/lean/luci-app-nft-qos/Makefile Normal file
View File

@ -0,0 +1,14 @@
#
# Copyright (C) 2008-2014 The LuCI Team <luci@lists.subsignal.org>
#
# This is free software, licensed under the Apache License, Version 2.0 .
#
include $(TOPDIR)/rules.mk
LUCI_TITLE:=Qos over Nftables
LUCI_DEPENDS:=+nft-qos
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

51
package/lean/luci-app-nft-qos/luasrc/controller/nft-qos.lua Normal file
View File

@ -0,0 +1,51 @@
-- Copyright 2018 Rosy Song <rosysong@rosinson.com>
-- Licensed to the public under the Apache License 2.0.
module("luci.controller.nft-qos", package.seeall)
function index()
if not nixio.fs.access("/etc/config/nft-qos") then
return
end
entry({"admin", "status", "realtime", "rate"},
template("nft-qos/rate"), _("Rate"), 5).leaf = true
entry({"admin", "status", "realtime", "rate_status"},
call("action_rate")).leaf = true
entry({"admin", "services", "nft-qos"}, cbi("nft-qos/nft-qos"),
_("Qos over Nftables"), 60)
end
function _action_rate(rv, n)
local c = io.popen("nft list chain inet nft-qos-monitor " .. n .. " 2>/dev/null")
if c then
for l in c:lines() do
local _, i, p, b = l:match('^%s+ip ([^%s]+) ([^%s]+) counter packets (%d+) bytes (%d+)')
if i and p and b then
-- handle expression
local r = {
rule = {
family = "inet",
table = "nft-qos-monitor",
chain = n,
handle = 0,
expr = {
{ match = { right = i } },
{ counter = { packets = p, bytes = b } }
}
}
}
rv[#rv + 1] = r
end
end
c:close()
end
end
function action_rate()
luci.http.prepare_content("application/json")
local data = { nftables = {} }
_action_rate(data.nftables, "upload")
_action_rate(data.nftables, "download")
luci.http.write_json(data)
end

229
package/lean/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua Normal file
View File

@ -0,0 +1,229 @@
-- Copyright 2018 Rosy Song <rosysong@rosinson.com>
-- Licensed to the public under the Apache License 2.0.
local uci = require("luci.model.uci").cursor()
local wa = require("luci.tools.webadmin")
local fs = require("nixio.fs")
local ipc = require("luci.ip")
local def_rate_dl = uci:get("nft-qos", "default", "static_rate_dl")
local def_rate_ul = uci:get("nft-qos", "default", "static_rate_ul")
local def_unit_dl = uci:get("nft-qos", "default", "static_unit_dl")
local def_unit_ul = uci:get("nft-qos", "default", "static_unit_ul")
local def_up = uci:get("nft-qos", "default", "dynamic_bw_up")
local def_down = uci:get("nft-qos", "default", "dynamic_bw_down")
local limit_enable = uci:get("nft-qos", "default", "limit_enable")
local limit_type = uci:get("nft-qos", "default", "limit_type")
local enable_priority = uci:get("nft-qos", "default", "priority_enable")
local has_ipv6 = fs.access("/proc/net/ipv6_route")
m = Map("nft-qos", translate("Qos over Nftables"))
--
-- Taboptions
--
s = m:section(TypedSection, "default", translate("NFT-QoS Settings"))
s.addremove = false
s.anonymous = true
s:tab("limit", "Limit Rate")
s:tab("priority", "Traffic Priority")
--
-- Static
--
o = s:taboption("limit", Flag, "limit_enable", translate("Limit Enable"), translate("Enable Limit Rate Feature"))
o.default = limit_enable or o.enabled
o.rmempty = false
o = s:taboption("limit", ListValue, "limit_type", translate("Limit Type"), translate("Type of Limit Rate"))
o.default = limit_static or "static"
o:depends("limit_enable","1")
o:value("static", "Static")
o:value("dynamic", "Dynamic")
o = s:taboption("limit", Value, "static_rate_dl", translate("Default Download Rate"), translate("Default value for download rate"))
o.datatype = "uinteger"
o.default = def_rate_dl or '50'
o:depends("limit_type","static")
o = s:taboption("limit", ListValue, "static_unit_dl", translate("Default Download Unit"), translate("Default unit for download rate"))
o.default = def_unit_dl or "kbytes"
o:depends("limit_type","static")
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
o = s:taboption("limit", Value, "static_rate_ul", translate("Default Upload Rate"), translate("Default value for upload rate"))
o.datatype = "uinteger"
o.default = def_rate_ul or '50'
o:depends("limit_type","static")
o = s:taboption("limit", ListValue, "static_unit_ul", translate("Default Upload Unit"), translate("Default unit for upload rate"))
o.default = def_unit_ul or "kbytes"
o:depends("limit_type","static")
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
--
-- Dynamic
--
o = s:taboption("limit", Value, "dynamic_bw_down", translate("Download Bandwidth (Mbps)"), translate("Default value for download bandwidth"))
o.default = def_up or '100'
o.datatype = "uinteger"
o:depends("limit_type","dynamic")
o = s:taboption("limit", Value, "dynamic_bw_up", translate("Upload Bandwidth (Mbps)"), translate("Default value for upload bandwidth"))
o.default = def_down or '100'
o.datatype = "uinteger"
o:depends("limit_type","dynamic")
o = s:taboption("limit", Value, "dynamic_cidr", translate("Target Network (IPv4/MASK)"), translate("Network to be apply, e.g. 192.168.1.0/24, 10.2.0.0/16, etc"))
o.datatype = "cidr4"
ipc.routes({ family = 4, type = 1 }, function(rt) o.default = rt.dest end)
o:depends("limit_type","dynamic")
if has_ipv6 then
o = s:taboption("limit", Value, "dynamic_cidr6", translate("Target Network6 (IPv6/MASK)"), translate("Network to be apply, e.g. AAAA::BBBB/64, CCCC::1/128, etc"))
o.datatype = "cidr6"
o:depends("limit_type","dynamic")
end
o = s:taboption("limit", DynamicList, "limit_whitelist", translate("White List for Limit Rate"))
o.datatype = "ipaddr"
o:depends("limit_enable","1")
--
-- Priority
--
o = s:taboption("priority", Flag, "priority_enable", translate("Enable Traffic Priority"), translate("Enable this feature"))
o.default = enable_priority or o.enabled
o.rmempty = false
o = s:taboption("priority", ListValue, "priority_netdev", translate("Default Network Interface"), translate("Network Interface for Traffic Shaping, e.g. br-lan, eth0.1, eth0, etc"))
o:depends("priority_enable", "1")
wa.cbi_add_networks(o)
--
-- Static Limit Rate - Download Rate
--
if limit_enable == "1" and limit_type == "static" then
x = m:section(TypedSection, "download", translate("Static QoS-Download Rate"))
x.anonymous = true
x.addremove = true
x.template = "cbi/tblsection"
o = x:option(Value, "hostname", translate("Hostname"))
o.datatype = "hostname"
o.default = 'undefined'
if has_ipv6 then
o = x:option(Value, "ipaddr", translate("IP Address(V4 / V6)"))
else
o = x:option(Value, "ipaddr", translate("IP Address(V4 Only)"))
end
o.datatype = "ipaddr"
if nixio.fs.access("/tmp/dhcp.leases") or nixio.fs.access("/var/dhcp6.leases") then
o.titleref = luci.dispatcher.build_url("admin", "status", "overview")
end
o = x:option(Value, "macaddr", translate("MAC (optional)"))
o.rmempty = true
o.datatype = "macaddr"
o = x:option(Value, "rate", translate("Rate"))
o.default = def_rate_dl or '50'
o.size = 4
o.datatype = "uinteger"
o = x:option(ListValue, "unit", translate("Unit"))
o.default = def_unit_dl or "kbytes"
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
--
-- Static Limit Rate - Upload Rate
--
y = m:section(TypedSection, "upload", translate("Static QoS-Upload Rate"))
y.anonymous = true
y.addremove = true
y.template = "cbi/tblsection"
o = y:option(Value, "hostname", translate("Hostname"))
o.datatype = "hostname"
o.default = 'undefined'
if has_ipv6 then
o = y:option(Value, "ipaddr", translate("IP Address(V4 / V6)"))
else
o = y:option(Value, "ipaddr", translate("IP Address(V4 Only)"))
end
o.datatype = "ipaddr"
if nixio.fs.access("/tmp/dhcp.leases") or nixio.fs.access("/var/dhcp6.leases") then
o.titleref = luci.dispatcher.build_url("admin", "status", "overview")
end
o = y:option(Value, "macaddr", translate("MAC (optional)"))
o.rmempty = true
o.datatype = "macaddr"
o = y:option(Value, "rate", translate("Rate"))
o.default = def_rate_ul or '50'
o.size = 4
o.datatype = "uinteger"
o = y:option(ListValue, "unit", translate("Unit"))
o.default = def_unit_ul or "kbytes"
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
end
--
-- Traffic Priority Settings
--
if enable_priority == "1" then
s = m:section(TypedSection, "priority", translate("Traffic Priority Settings"))
s.anonymous = true
s.addremove = true
s.template = "cbi/tblsection"
o = s:option(ListValue, "protocol", translate("Protocol"))
o.default = "tcp"
o:value("tcp", "TCP")
o:value("udp", "UDP")
o:value("udplite", "UDP-Lite")
o:value("sctp", "SCTP")
o:value("dccp", "DCCP")
o = s:option(ListValue, "priority", translate("Priority"))
o.default = "1"
o:value("-400", "1")
o:value("-300", "2")
o:value("-225", "3")
o:value("-200", "4")
o:value("-150", "5")
o:value("-100", "6")
o:value("0", "7")
o:value("50", "8")
o:value("100", "9")
o:value("225", "10")
o:value("300", "11")
o = s:option(Value, "service", translate("Service"), translate("e.g. https, 23, (separator is comma)"))
o.default = '?'
o = s:option(Value, "comment", translate("Comment"))
o.default = '?'
end
return m

167
package/lean/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm Normal file
View File

@ -0,0 +1,167 @@
<%#
Copyright 2018 Rosy Song <rosysong@rosinson.com>
Licensed to the public under the Apache License 2.0.
-%>
<%+header%>
<script type="text/javascript">//<![CDATA[
var bwxhr = new XHR();
var RC = { };
var em = 0;
var ec = 1;
var rate_table_dl;
var rate_table_ul;
function init_bytes(rl, ra) {
var bytes_pre;
var obj = { };
obj.chain = rl.chain;
obj.ipaddr = rl.expr[em].match.right;
obj.bytes = rl.expr[ec].counter.bytes;
obj.packets = rl.expr[ec].counter.packets;
obj.rate = 0;
if (RC[obj.chain] && RC[obj.chain][obj.ipaddr])
bytes_pre = RC[obj.chain][obj.ipaddr];
else
bytes_pre = 0;
obj.rate = (bytes_pre > 0) ? (obj.bytes - bytes_pre) / 3: 0;
if (!RC[obj.chain])
RC[obj.chain] = { };
RC[obj.chain][obj.ipaddr] = obj.bytes;
if (!ra[obj.chain])
ra[obj.chain] = [ ];
ra[obj.chain].push(obj);
} /* function init_bytes(rl, ra) */
function bytes_label(bytes) {
var uby = '<%:kB%>';
var kby = (bytes / 1024);
if (kby > 1024) {
uby = '<%:MB%>';
kby = (kby / 1024);
}
return String.format("%f %s", kby.toFixed(2), uby);
}
function print_table(tbl, rs, ra) {
ra.sort(function(a, b) { return b.rate - a.rate });
for (var i = 0; i < ra.length; i++) {
rs.push([
ra[i].ipaddr,
bytes_label(ra[i].rate) + '/s',
bytes_label(ra[i].bytes),
'%s Pkts.'.format(ra[i].packets),
]);
}
cbi_update_table(tbl, rs, '<em><%:No information available%></em>');
} /* function print_table(tbl, ra) */
/* wait for SVG */
window.setTimeout(
function() {
if (!RC)
{
window.setTimeout(arguments.callee, 1000);
}
else
{
rate_table_dl = document.getElementById('rate_table_dl');
rate_table_ul = document.getElementById('rate_table_ul');
/* render datasets, start update interval */
XHR.poll(3, '<%=build_url("admin/status/realtime/rate_status")%>', null,
function(x, json)
{
var RA = {};
var rows_dl = [];
var rows_ul = [];
var rules = json.nftables;
for (var i = 0; i < rules.length; i++)
{
if (!rules[i].rule)
continue;
if (rules[i].rule.table != 'nft-qos-monitor')
continue;
var rl = rules[i].rule;
switch (rl.chain)
{
case 'download':
case 'upload': init_bytes(rl, RA); break;
}
} /* for (var i = 0; i < rules.length; i++) */
/* display the result */
if (RA.download) {
while (rate_table_dl.firstElementChild !== rate_table_dl.lastElementChild)
rate_table_dl.removeChild(rate_table_dl.lastElementChild);
print_table(rate_table_dl, rows_dl, RA.download);
}
if (RA.upload) {
while (rate_table_ul.firstElementChild !== rate_table_ul.lastElementChild)
rate_table_ul.removeChild(rate_table_ul.lastElementChild);
print_table(rate_table_ul, rows_ul, RA.upload);
}
} /* function(x, json) */
); /* XHR.poll() */
XHR.run();
}
}, 1000
);
//]]></script>
<h2 name="content"><%:Realtime Rate%></h2>
<div class="cbi-map-descr"><%:This page gives an overview over currently download/upload rate.%></div>
<fieldset class="cbi-section" id="cbi-table-table">
<legend><%:Realtime Download Rate%></legend>
<div class="cbi-section-node">
<div class="table" id="rate_table_dl">
<div class="tr table-titles">
<div class="th col-2 hide-xs"><%:IP Address%></div>
<div class="th col-2"><%:Download Rate%></div>
<div class="th col-7"><%:Bytes Total%></div>
<div class="th col-7"><%:Packets Total%></div>
</div>
<div class="tr placeholder">
<div class="td">
<em><%:Collecting data...%></em>
</div>
</div>
</div>
</div>
</fieldset>
<fieldset class="cbi-section" id="cbi-table-table">
<legend><%:Realtime Upload Rate%></legend>
<div class="cbi-section-node">
<div class="table" id="rate_table_ul">
<div class="tr table-titles">
<div class="th col-2 hide-xs"><%:IP Address%></div>
<div class="th col-2"><%:Upload Rate%></div>
<div class="th col-7"><%:Bytes Total%></div>
<div class="th col-7"><%:Packets Total%></div>
</div>
<div class="tr placeholder">
<div class="td">
<em><%:Collecting data...%></em>
</div>
</div>
</div>
</div>
</fieldset>
<%+footer%>

230
package/lean/luci-app-nft-qos/po/templates/nft-qos.pot Normal file
View File

@ -0,0 +1,230 @@
msgid ""
msgstr "Content-Type: text/plain; charset=UTF-8"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:136
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:155
msgid "Bytes Total"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:141
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:160
msgid "Collecting data..."
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:224
msgid "Comment"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default Download Unit"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Default Network Interface"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default Upload Unit"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default unit for download rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default unit for upload rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Default value for download bandwidth"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default value for download rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Default value for upload bandwidth"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default value for upload rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Download Bandwidth (Mbps)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:135
msgid "Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Enable Limit Rate Feature"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable Traffic Priority"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable this feature"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:121
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:158
msgid "Hostname"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:134
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:153
msgid "IP Address"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:126
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:163
msgid "IP Address(V4 / V6)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:128
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:165
msgid "IP Address(V4 Only)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Limit Enable"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Limit Type"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:135
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:172
msgid "MAC (optional)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:48
msgid "MB"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:28
msgid "NFT-QoS Settings"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Network Interface for Traffic Shaping, e.g. br-lan, eth0.1, eth0, etc"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Network to be apply, e.g. 192.168.1.0/24, 10.2.0.0/16, etc"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Network to be apply, e.g. AAAA::BBBB/64, CCCC::1/128, etc"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:65
msgid "No information available"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:137
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:156
msgid "Packets Total"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:207
msgid "Priority"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:199
msgid "Protocol"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:16
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:23
msgid "Qos over Nftables"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:12
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:139
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:176
msgid "Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:130
msgid "Realtime Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:125
msgid "Realtime Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:149
msgid "Realtime Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "Service"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:116
msgid "Static QoS-Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:153
msgid "Static QoS-Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Target Network (IPv4/MASK)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Target Network6 (IPv6/MASK)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:127
msgid "This page gives an overview over currently download/upload rate."
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:194
msgid "Traffic Priority Settings"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Type of Limit Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:144
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:181
msgid "Unit"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Upload Bandwidth (Mbps)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:154
msgid "Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:96
msgid "White List for Limit Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "e.g. https, 23, (separator is comma)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:44
msgid "kB"
msgstr ""

250
package/lean/luci-app-nft-qos/po/zh-cn/nft-qos.po Normal file
View File

@ -0,0 +1,250 @@
msgid ""
msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Project-Id-Version: \n"
"POT-Creation-Date: \n"
"PO-Revision-Date: \n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Poedit 2.0.3\n"
"Last-Translator: \n"
"Plural-Forms: nplurals=1; plural=0;\n"
"Language: zh_CN\n"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:136
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:155
msgid "Bytes Total"
msgstr "字节总数"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:141
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:160
msgid "Collecting data..."
msgstr "正在收集数据"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:224
msgid "Comment"
msgstr "注释"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default Download Rate"
msgstr "默认下载速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default Download Unit"
msgstr "默认下载速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Default Network Interface"
msgstr "默认网络接口"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default Upload Rate"
msgstr "默认上传速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default Upload Unit"
msgstr "默认上传速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default unit for download rate"
msgstr "默认的下载速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default unit for upload rate"
msgstr "默认的上传速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Default value for download bandwidth"
msgstr "下载带宽的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default value for download rate"
msgstr "下载速率的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Default value for upload bandwidth"
msgstr "上传带宽的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default value for upload rate"
msgstr "上传速率的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Download Bandwidth (Mbps)"
msgstr "下载带宽 (Mbps)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:135
msgid "Download Rate"
msgstr "下载速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Enable Limit Rate Feature"
msgstr "开启速率限制功能"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable Traffic Priority"
msgstr "开启流量优先级"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable this feature"
msgstr "开启这个功能"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:121
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:158
msgid "Hostname"
msgstr "主机名"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:134
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:153
msgid "IP Address"
msgstr "IP地址"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:126
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:163
msgid "IP Address(V4 / V6)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:128
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:165
msgid "IP Address(V4 Only)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Limit Enable"
msgstr "限速开启"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Limit Type"
msgstr "限速类型"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:135
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:172
msgid "MAC (optional)"
msgstr "物理地址(可选)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:48
msgid "MB"
msgstr "MB"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:28
msgid "NFT-QoS Settings"
msgstr "NFT-QoS 设置"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Network Interface for Traffic Shaping, e.g. br-lan, eth0.1, eth0, etc"
msgstr "流量整形的目标网络接口, 例如, br-lan, eth0.1, eth0, etc"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Network to be apply, e.g. 192.168.1.0/24, 10.2.0.0/16, etc"
msgstr "将要应用规则的网络, 例如, 192.168.1.0/24, 10.2.0.0/16, 等等"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Network to be apply, e.g. AAAA::BBBB/64, CCCC::1/128, etc"
msgstr "将要应用规则的网络, 例如, AAAA::BBBB/64, CCCC::1/128, 等等"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:65
msgid "No information available"
msgstr "没有更多的信息"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:137
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:156
msgid "Packets Total"
msgstr "数据包总数"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:207
msgid "Priority"
msgstr "优先级"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:199
msgid "Protocol"
msgstr "协议"
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:16
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:23
msgid "Qos over Nftables"
msgstr "QoS Nftables版"
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:12
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:139
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:176
msgid "Rate"
msgstr "速率"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:130
msgid "Realtime Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:125
msgid "Realtime Rate"
msgstr "实时速率显示"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:149
msgid "Realtime Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "Service"
msgstr "服务/端口"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:116
msgid "Static QoS-Download Rate"
msgstr "静态QoS-下载速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:153
msgid "Static QoS-Upload Rate"
msgstr "静态QoS-上传速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Target Network (IPv4/MASK)"
msgstr "目标网络(IPv4地址/掩码)"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Target Network6 (IPv6/MASK)"
msgstr "目标网络v6(IPv6地址/掩码)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:127
msgid "This page gives an overview over currently download/upload rate."
msgstr "该页面提供了当前上传和下载速率的一个总览"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:194
msgid "Traffic Priority Settings"
msgstr "流量优先级设置"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Type of Limit Rate"
msgstr "限速的类型"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:144
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:181
msgid "Unit"
msgstr "单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Upload Bandwidth (Mbps)"
msgstr "上传带宽 (Mbps)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:154
msgid "Upload Rate"
msgstr "上传速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:96
msgid "White List for Limit Rate"
msgstr "限速白名单"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "e.g. https, 23, (separator is comma)"
msgstr "例如, https, 23 (用逗号分隔)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:44
msgid "kB"
msgstr "kB"
#~ msgid "Dynamic Rate Limit"
#~ msgstr "动态QoS"
#~ msgid "Rate Limit"
#~ msgstr "速率限制"
#~ msgid "Traffic Priority"
#~ msgstr "流量优先级"

58
package/lean/nft-qos/Makefile Normal file
View File

@ -0,0 +1,58 @@
#
# Copyright (C) 2018 rosysong@rosinson.com
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=nft-qos
PKG_VERSION:=1.0.0
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Rosy Song <rosysong@rosinson.com>
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
define Package/nft-qos
SECTION:=utils
CATEGORY:=Base system
DEPENDS:=+nftables +kmod-nft-netdev +kmod-nft-bridge
TITLE:=QoS scripts over nftables
endef
define Package/nft-qos/description
This package provides implementation for qos over nftables.
Currently, static/dynamic qos and traffic shaping are supported.
endef
define Package/nft-qos/conffiles
/etc/config/nft-qos
endef
define Build/Prepare
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/nft-qos/install
$(INSTALL_DIR) $(1)/lib/nft-qos
$(INSTALL_DATA) ./files/lib/* $(1)/lib/nft-qos/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/nft-qos.config $(1)/etc/config/nft-qos
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/nft-qos.init $(1)/etc/init.d/nft-qos
$(INSTALL_DIR) $(1)/etc/hotplug.d/dhcp
$(INSTALL_BIN) ./files/nft-qos-monitor.hotplug $(1)/etc/hotplug.d/dhcp/00-nft-qos-monitor
$(INSTALL_BIN) ./files/nft-qos-dynamic.hotplug $(1)/etc/hotplug.d/dhcp/01-nft-qos-dynamic
endef
$(eval $(call BuildPackage,nft-qos))

93
package/lean/nft-qos/files/lib/core.sh Normal file
View File

@ -0,0 +1,93 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
# for uci_validate_section()
. /lib/functions/procd.sh
NFT_QOS_HAS_BRIDGE=
NFT_QOS_INET_FAMILY=ip
NFT_QOS_SCRIPT_TEXT=
NFT_QOS_SCRIPT_FILE=/tmp/qos.nft
qosdef_appendx() { # <string to be appended>
NFT_QOS_SCRIPT_TEXT="$NFT_QOS_SCRIPT_TEXT""$1"
}
qosdef_append_chain_def() { # <type> <hook> <priority> <policy>
qosdef_appendx "\t\ttype $1 hook $2 priority $3; policy $4;\n"
}
qosdef_append_chain_ingress() { # <type> <device> <priority> <policy>
qosdef_appendx "\t\ttype $1 hook ingress device $2 priority $3; policy $4;\n"
}
# qosdef_append_rule_{MATCH}_{STATEMENT}
qosdef_append_rule_ip_limit() { # <ipaddr> <operator> <unit> <rate>
local ipaddr=$1
local operator=$2
local unit=$3
local rate=$4
qosdef_appendx \
"\t\tip $operator $ipaddr limit rate over $rate $unit/second drop\n"
}
# qosdef_append_rule_{MATCH}_{POLICY}
qosdef_append_rule_ip_policy() { # <operator> <ipaddr> <policy>
qosdef_appendx "\t\tip $1 $2 $3\n"
}
_handle_limit_whitelist() { # <value> <chain>
local ipaddr=$1
local operator
[ -z "$ipaddr" ] && return
case "$2" in
download) operator="daddr";;
upload) operator="saddr";;
esac
qosdef_append_rule_ip_policy $operator $ipaddr accept
}
qosdef_append_rule_limit_whitelist() { # <chain>
config_list_foreach default limit_whitelist _handle_limit_whitelist $1
}
qosdef_flush_table() { # <family> <table>
nft flush table $1 $2 2>/dev/null
}
qosdef_remove_table() { # <family> <table>
nft delete table $1 $2 2>/dev/null
}
qosdef_init_header() { # add header for nft script
qosdef_appendx "#!/usr/sbin/nft -f\n"
qosdef_appendx "# Copyright (C) 2018 rosysong@rosinson.com\n"
qosdef_appendx "#\n\n"
}
qosdef_init_env() {
# check interface type of lan
local lt="$(uci_get "network.lan.type")"
[ "$lt" = "bridge" ] && export NFT_QOS_HAS_BRIDGE="y"
# check if ipv6 support
[ -e /proc/sys/net/ipv6 ] && export NFT_QOS_INET_FAMILY="inet"
}
qosdef_clean_cache() {
rm -f $NFT_QOS_SCRIPT_FILE
}
qosdef_init_done() {
echo -e $NFT_QOS_SCRIPT_TEXT > $NFT_QOS_SCRIPT_FILE 2>/dev/null
}
qosdef_start() {
nft -f $NFT_QOS_SCRIPT_FILE 2>/dev/null
}

89
package/lean/nft-qos/files/lib/dynamic.sh Normal file
View File

@ -0,0 +1,89 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
# return average rate for dhcp leases
qosdef_dynamic_rate() { # <bandwidth>
local c=0 c6=0
[ ! -e /tmp/dhcp.leases -a \
! -e /var/dhcp6.leases ] && return
[ -e /tmp/dhcp.leases ] && \
c=$(wc -l < /tmp/dhcp.leases 2>/dev/null)
[ -e /var/dhcp6.leases ] && \
c6=$(wc -l < /var/dhcp6.leases 2>/dev/null)
[ $c -eq 0 -a $c6 -eq 0 ] && \
{ echo 12500; return; }
echo $(($1 / ($c + $c6)))
}
qosdef_append_chain_dym() { # <hook> <name> <bandwidth>
local cidr cidr6
local operator rate
local hook=$1 name=$2 bandwidth=$3
config_get cidr default 'dynamic_cidr'
config_get cidr6 default 'dynamic_cidr6'
[ -z "$cidr" -a -z "$cidr6" ] && return
case "$2" in
download) operator=daddr;;
upload) operator=saddr;;
esac
rate=$(qosdef_dynamic_rate $bandwidth)
qosdef_appendx "\tchain $name {\n"
qosdef_append_chain_def filter $hook 0 accept
qosdef_append_rule_limit_whitelist $name
[ -n "$cidr" ] && \
qosdef_append_rule_ip_limit $cidr $operator kbytes $rate
[ -n "$cidr6" ] && \
qosdef_append_rule_ip_limit $cidr6 $operator kbytes $rate
qosdef_appendx "\t}\n"
}
qosdef_flush_dynamic() {
qosdef_flush_table "$NFT_QOS_INET_FAMILY" nft-qos-dynamic
}
# init dynamic qos
qosdef_init_dynamic() {
local dynamic_bw_up dynamic_bw_down limit_enable limit_type
local hook_ul="input" hook_dl="postrouting"
uci_validate_section nft-qos default default \
'limit_enable:bool:0' \
'limit_type:maxlength(8)' \
'dynamic_bw_up:uinteger:100' \
'dynamic_bw_down:uinteger:100'
[ $? -ne 0 ] && {
logger -t nft-qos-dynamic "validation failed"
return 1
}
[ $limit_enable -eq 0 -o \
"$limit_type" = "static" ] && return 1
# Transfer mbits/s to mbytes/s
# e.g. 100,000 kbits == 12,500 kbytes
dynamic_bw_up=$(($dynamic_bw_up * 1000 / 8))
dynamic_bw_down=$(($dynamic_bw_down * 1000 / 8))
[ -z "$NFT_QOS_HAS_BRIDGE" ] && {
hook_ul="postrouting"
hook_dl="input"
}
qosdef_appendx "table $NFT_QOS_INET_FAMILY nft-qos-dynamic {\n"
qosdef_append_chain_dym $hook_ul upload $dynamic_bw_up
qosdef_append_chain_dym $hook_dl download $dynamic_bw_down
qosdef_appendx "}\n"
}

39
package/lean/nft-qos/files/lib/monitor.sh Normal file
View File

@ -0,0 +1,39 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
qosdef_monitor_get_ip_handle() { # <family> <chain> <ip>
echo $(nft list chain $1 nft-qos-monitor $2 -a 2>/dev/null | grep $3 | awk '{print $11}')
}
qosdef_monitor_add() { # <mac> <ip> <hostname>
handle_dl=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY download $2)
[ -z "$handle_dl" ] && nft add rule $NFT_QOS_INET_FAMILY nft-qos-monitor download ip daddr $2 counter
handle_ul=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY upload $2)
[ -z "$handle_ul" ] && nft add rule $NFT_QOS_INET_FAMILY nft-qos-monitor upload ip saddr $2 counter
}
qosdef_monitor_del() { # <mac> <ip> <hostname>
local handle_dl handle_ul
handle_dl=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY download $2)
handle_ul=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY upload $2)
[ -n "$handle_dl" ] && nft delete handle $handle_dl
[ -n "$handle_ul" ] && nft delete handle $handle_ul
}
# init qos monitor
qosdef_init_monitor() {
local hook_ul="input" hook_dl="postrouting"
[ -z "$NFT_QOS_HAS_BRIDGE" ] && {
hook_ul="postrouting"
hook_dl="input"
}
nft add table $NFT_QOS_INET_FAMILY nft-qos-monitor
nft add chain $NFT_QOS_INET_FAMILY nft-qos-monitor upload { type filter hook $hook_ul priority 0\; }
nft add chain $NFT_QOS_INET_FAMILY nft-qos-monitor download { type filter hook $hook_dl priority 0\; }
}

90
package/lean/nft-qos/files/lib/priority.sh Normal file
View File

@ -0,0 +1,90 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/functions/network.sh
. /lib/nft-qos/core.sh
P1=""; P2=""; P3=""; P4=""; P5=""; P6="";
P7=""; P8=""; P9=""; P10=""; P11="";
_qosdef_handle_protox() { # <priority> <rule>
case "$1" in
-400) P1="$P1""$2";;
-300) P2="$P2""$2";;
-225) P3="$P3""$2";;
-200) P4="$P4""$2";;
-150) P5="$P5""$2";;
-100) P6="$P6""$2";;
0) P7="$P7""$2";;
50) P8="$P8""$2";;
100) P9="$P9""$2";;
225) P10="$P10""$2";;
300) P11="$P11""$2";;
esac
}
qosdef_handle_protox() { # <section>
local proto prio srv
config_get proto $1 'protocol'
config_get prio $1 'priority'
config_get srv $1 'service'
[ -z "$proto" -o \
-z "$prio" -o \
-z "$srv" ] && return
_qosdef_handle_protox $prio \
"\t\t$proto dport { $srv } accept\n"
}
qosdef_append_rule_protox() { # <section>
config_foreach qosdef_handle_protox $1
qosdef_appendx \
"${P1}${P2}${P3}${P4}${P5}${P6}${P7}${P8}${P9}${P10}${P11}"
}
qosdef_append_chain_priority() { # <name> <section> <device>
local name=$1 device=$3
qosdef_appendx "\tchain $name {\n"
qosdef_append_chain_ingress filter $device 0 accept
qosdef_append_rule_protox $2
qosdef_appendx "\t}\n"
}
qosdef_remove_priority() {
qosdef_remove_table netdev nft-qos-priority
}
# init traffic priority
qosdef_init_priority() {
local priority_enable priority_netdev ifname="br-lan"
uci_validate_section nft-qos default default \
'priority_enable:bool:0' \
'priority_netdev:maxlength(8)'
[ $? -ne 0 ] && {
logger -t nft-qos-priority "validation failed"
return 1
}
[ $priority_enable -eq 0 ] && return 1
case "$priority_netdev" in
lan) [ "$(uci_get network.lan.type)" != "bridge" ] && {
network_get_device ifname "$priority_netdev" || \
ifname="$(uci_get network.lan.ifname)"
}
;;
wan*) network_get_device ifname "$priority_netdev" || \
ifname="$(uci_get network.$priority_netdev.ifname)"
esac
qosdef_appendx "table netdev nft-qos-priority {\n"
qosdef_append_chain_priority filter priority $ifname
qosdef_appendx "}\n"
}

73
package/lean/nft-qos/files/lib/static.sh Normal file
View File

@ -0,0 +1,73 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
# append rule for static qos
qosdef_append_rule_sta() { # <section> <operator> <default-unit> <default-rate>
local ipaddr unit rate
local operator=$2
config_get ipaddr $1 ipaddr
config_get unit $1 unit $3
config_get rate $1 rate $4
[ -z "$ipaddr" ] && return
qosdef_append_rule_ip_limit $ipaddr $operator $unit $rate
}
# append chain for static qos
qosdef_append_chain_sta() { # <hook> <name> <section> <unit> <rate>
local hook=$1 name=$2
local config=$3 operator
case "$name" in
download) operator="daddr";;
upload) operator="saddr";;
esac
qosdef_appendx "\tchain $name {\n"
qosdef_append_chain_def filter $hook 0 accept
qosdef_append_rule_limit_whitelist $name
config_foreach qosdef_append_rule_sta $config $operator $4 $5
qosdef_appendx "\t}\n"
}
qosdef_flush_static() {
qosdef_flush_table "$NFT_QOS_INET_FAMILY" nft-qos-static
}
# static limit rate init
qosdef_init_static() {
local unit_dl unit_ul rate_dl rate_ul
local limit_enable limit_type hook_ul="input" hook_dl="postrouting"
uci_validate_section nft-qos default default \
'limit_enable:bool:0' \
'limit_type:maxlength(8)' \
'static_unit_dl:string:kbytes' \
'static_unit_ul:string:kbytes' \
'static_rate_dl:uinteger:50' \
'static_rate_ul:uinteger:50'
[ $? -ne 0 ] && {
logger -t nft-qos-static "validation failed"
return 1
}
[ $limit_enable -eq 0 -o \
$limit_type = "dynamic" ] && return 1
[ -z "$NFT_QOS_HAS_BRIDGE" ] && {
hook_ul="postrouting"
hook_dl="input"
}
qosdef_appendx "table $NFT_QOS_INET_FAMILY nft-qos-static {\n"
qosdef_append_chain_sta $hook_ul upload upload $unit_ul $rate_ul
qosdef_append_chain_sta $hook_dl download download $unit_dl $rate_dl
qosdef_appendx "}\n"
}

40
package/lean/nft-qos/files/nft-qos-dynamic.hotplug Normal file
View File

@ -0,0 +1,40 @@
#!/bin/sh
#
# Copyright 2018 rosysong@rosinson.com
#
. /lib/functions.sh
. /lib/nft-qos/core.sh
. /lib/nft-qos/dynamic.sh
NFT_QOS_DYNAMIC_ON=
qosdef_validate_section_dynamic() {
local limit_enable limit_type
uci_validate_section nft-qos default default \
'limit_enable:bool:0' \
'limit_type:maxlength(8)'
[ $limit_enable -eq 1 -a \
"$limit_type" = "dynamic" ] && \
NFT_QOS_DYNAMIC_ON="y"
}
logger -t nft-qos-dynamic "ACTION=$ACTION, MACADDR=$MACADDR, IPADDR=$IPADDR, HOSTNAME=$HOSTNAME"
case "$ACTION" in
add | update | remove)
qosdef_validate_section_dynamic
[ -z "$NFT_QOS_DYNAMIC_ON" ] && return
qosdef_init_env
qosdef_flush_dynamic
qosdef_init_header
qosdef_init_dynamic
qosdef_init_done
qosdef_start
;;
esac

13
package/lean/nft-qos/files/nft-qos-monitor.hotplug Normal file
View File

@ -0,0 +1,13 @@
#!/bin/sh
#
# Copyright 2018 rosysong@rosinson.com
#
. /lib/nft-qos/monitor.sh
logger -t nft-qos-monitor "ACTION=$ACTION, MACADDR=$MACADDR, IPADDR=$IPADDR, HOSTNAME=$HOSTNAME"
case "$ACTION" in
add | update) qosdef_init_env && qosdef_monitor_add $MACADDR $IPADDR $HOSTNAME;;
remove) qosdef_init_env && qosdef_monitor_del $MACADDR $IPADDR $HOSTNAME;;
esac

106
package/lean/nft-qos/files/nft-qos.config Normal file
View File

@ -0,0 +1,106 @@
#
# Copyright (C) 2018 rosysong@rosinson.com
#
# This is the sample for nft-qos configuration file,
# which will generate a nftables script in /tmp/qos.nft
#
# Getting Started
# Official site :
# https://netfilter.org/projects/nftables/index.html
# What is nftables :
# https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
#
# Basic Operations
# Configuring Tables :
# https://wiki.nftables.org/wiki-nftables/index.php/Configuring_tables
# Configuring Chains :
# https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains
# Configuring Rules :
# https://wiki.nftables.org/wiki-nftables/index.php/Simple_rule_management
# Quick Reference (recommended) :
# https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes
# https://netfilter.org/projects/nftables/manpage.html
#
config default default
# Enable Flag for limit rate
option limit_enable '1'
# Options for enable Static QoS (rate limit)
option limit_type 'static'
# Options for Static QoS (rate limit)
option static_unit_dl 'kbytes'
option static_unit_ul 'kbytes'
option static_rate_dl '50'
option static_rate_ul '50'
# Options for enable Dynamic QoS
# This option can not compatible with Static QoS
# option limit_type 'dynamic'
# For Dynamic QoS Samples (unit of bandwidth is Mbps):
option dynamic_cidr '192.168.1.0/24'
option dynamic_cidr6 'AAAA:BBBB::1/64'
option dynamic_bw_up '100'
option dynamic_bw_down '100'
# White list for static/dynamic limit
# list limit_whitelist '192.168.1.225'
# list limit_whitelist '192.168.1.0/24'
# list limit_whitelist 'ABCD:CDEF::1/64'
# Options for Traffic Priority
option priority_enable '0'
option priority_netdev 'lan'
#
# For Static QoS Rate Limit Samples :
#
# For Download :
#config download
# option hostname 'My PC'
# option unit 'kbytes'
# option ipaddr '192.168.1.224'
# option rate '128'
#
# For Upload :
#config upload
# option hostname 'office-pc'
# option unit 'mbytes'
# option ipaddr 'ABCD:FFED::1/64'
# option rate '1024'
#
#
# Traffic Priority Samples :
#
# protocol : tcp, udp, udplite, sctp, dccp, tcp is default
# priority : integer between 1-11, 1 is default
# service : you can input a integer or service name, e.g. '22', '11-22', 'telnet', 'ssh, http, ftp', etc
#
#config priority
# option protocol 'tcp'
# option priority '-400'
# option service '23'
# option comment '?'
#
#config priority
# option protocol 'udp'
# option priority '-400'
# option service 'https'
# option comment '?'
#
#config priority
# option protocol 'dccp'
# option priority '0'
# option service '22-35'
# option comment '?'
#
#config priority
# option protocol 'dccp'
# option priority '300'
# option service 'ftp,ssh,http'
# option comment '?'
#

41
package/lean/nft-qos/files/nft-qos.init Executable file
View File

@ -0,0 +1,41 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
. /lib/nft-qos/monitor.sh
. /lib/nft-qos/dynamic.sh
. /lib/nft-qos/static.sh
. /lib/nft-qos/priority.sh
START=99
USE_PROCD=1
service_triggers() {
procd_add_reload_trigger nft-qos
}
start_service() {
config_load nft-qos
qosdef_init_env
qosdef_flush_static
qosdef_flush_dynamic
qosdef_remove_priority
qosdef_init_header
qosdef_init_monitor
qosdef_init_dynamic
qosdef_init_static
qosdef_init_priority
qosdef_init_done
qosdef_start
}
stop_service() {
qosdef_flush_dynamic
qosdef_flush_static
qosdef_remove_priority
qosdef_clean_cache
}

235
package/lean/shadowsocksR-libev-full/Makefile
View File

@ -1,235 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=shadowsocksR-libev
PKG_VERSION:=3.0.9
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=d4904568c0bd7e0861c0cbfeaa43740f404db214
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=breakwa11
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
PKG_USE_MIPS16:=0
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/shadowsocksr-libev/Default
SECTION:=net
CATEGORY:=Network
TITLE:=Lightweight Secured Socks5 Proxy
URL:=https://github.com/breakwa11/shadowsocks-libev
endef
define Package/shadowsocksr-libev
$(call Package/shadowsocksr-libev/Default)
TITLE+= (OpenSSL)
VARIANT:=openssl
DEPENDS:=+libopenssl +libpthread +libpcre +zlib
endef
define Package/shadowsocksr-libev-alt
$(call Package/shadowsocksr-libev/Default)
TITLE+= (OpenSSL)
VARIANT:=openssl
DEPENDS:=+libopenssl +libpthread +libpcre +zlib
endef
define Package/shadowsocksr-libev-mini
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +libpcre
endef
define Package/shadowsocksr-libev-polarssl
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +libpcre
endef
define Package/shadowsocksr-libev-gfwlist
$(call Package/shadowsocksr-libev/Default)
TITLE+= (OpenSSL)
VARIANT:=openssl
DEPENDS:=+libopenssl +libpthread +dnsmasq-full +ipset +iptables +wget +libpcre
endef
define Package/shadowsocksr-libev-gfwlist-polarssl
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +dnsmasq-full +ipset +iptables +wget-nossl +libpcre
endef
define Package/shadowsocksr-libev-gfwlist-4M
$(call Package/shadowsocksr-libev/Default)
TITLE+= (PolarSSL)
VARIANT:=polarssl
DEPENDS:=+libpolarssl +libpthread +dnsmasq-full +ipset +iptables +libpcre
endef
define Package/shadowsocksr-libev/description
ShadowsocksR-libev is a lightweight secured socks5 proxy for embedded devices and low end boxes.
endef
Package/shadowsocksr-libev-mini/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-alt/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-polarssl/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-gfwlist/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-gfwlist-polarssl/description=$(Package/shadowsocksr-libev/description)
Package/shadowsocksr-libev-gfwlist-4M/description=$(Package/shadowsocksr-libev/description)
define Package/shadowsocksr-libev/conffiles
/etc/shadowsocksr.json
endef
Package/shadowsocksr-libev-alt/conffiles = $(Package/shadowsocksr-libev/conffiles)
Package/shadowsocksr-libev-mini/conffiles = $(Package/shadowsocksr-libev/conffiles)
Package/shadowsocksr-libev-polarssl/conffiles = $(Package/shadowsocksr-libev/conffiles)
define Package/shadowsocksr-libev-gfwlist/conffiles
/etc/shadowsocksr.json
/etc/dnsmasq.d/custom_list.conf
endef
Package/shadowsocksr-libev-gfwlist-polarssl/conffiles = $(Package/shadowsocksr-libev-gfwlist/conffiles)
Package/shadowsocksr-libev-gfwlist-4M/conffiles = $(Package/shadowsocksr-libev-gfwlist/conffiles)
Package/shadowsocksr-libev-server-polarssl/conffiles = $(Package/shadowsocksr-libev-server/conffiles)
define Package/shadowsocksr-libev-gfwlist/postinst
#!/bin/sh
if [ ! -f /etc/dnsmasq.d/custom_list.conf ]; then
echo "ipset -N gfwlist iphash" >> /etc/firewall.user
echo "iptables -t nat -A PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080" >> /etc/firewall.user
echo "iptables -t nat -A OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080" >> /etc/firewall.user
echo "cache-size=5000" >> /etc/dnsmasq.conf
echo "min-cache-ttl=1800" >> /etc/dnsmasq.conf
echo "conf-dir=/etc/dnsmasq.d" >> /etc/dnsmasq.conf
echo "*/10 * * * * /root/ssr-watchdog >> /var/log/shadowsocksr_watchdog.log 2>&1" >> /etc/crontabs/root
echo "0 1 * * 0 echo \"\" > /var/log/shadowsocksr_watchdog.log" >> /etc/crontabs/root
fi
if [ -z "$${IPKG_INSTROOT}" ]; then
ipset create gfwlist hash:ip
iptables -t nat -I PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080
iptables -t nat -I OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080
/etc/init.d/dnsmasq restart
/etc/init.d/cron restart
/etc/init.d/shadowsocksr restart
fi
exit 0
endef
define Package/shadowsocks-libev-gfwlist/postrm
#!/bin/sh
if [ -z "$${IPKG_INSTROOT}" ]; then
sed -i '/cache-size=5000/d' /etc/dnsmasq.conf
sed -i '/min-cache-ttl=1800/d' /etc/dnsmasq.conf
sed -i '/conf-dir=\/etc\/dnsmasq.d/d' /etc/dnsmasq.conf
rm -rf /etc/dnsmasq.d
/etc/init.d/dnsmasq restart
sed -i '/ipset create gfwlist hash:ip/d' /etc/firewall.user
sed -i '/iptables -t nat -I PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080/d' /etc/firewall.user
sed -i '/iptables -t nat -I OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 1080/d' /etc/firewall.user
ipset flush gfwlist
sed -i '/shadowsocksr_watchdog.log/d' /etc/crontabs/root
/etc/init.d/cron restart
fi
exit 0
endef
Package/shadowsocksr-libev-gfwlist-polarssl/postinst = $(Package/shadowsocksr-libev-gfwlist/postinst)
Package/shadowsocksr-libev-gfwlist-polarssl/postrm = $(Package/shadowsocksr-libev-gfwlist/postrm)
Package/shadowsocksr-libev-gfwlist-4M/postinst = $(Package/shadowsocksr-libev-gfwlist/postinst)
Package/shadowsocksr-libev-gfwlist-4M/postrm = $(Package/shadowsocksr-libev-gfwlist/postrm)
CONFIGURE_ARGS += --disable-ssp
ifeq ($(BUILD_VARIANT),polarssl)
CONFIGURE_ARGS += --with-crypto-library=polarssl
endif
define Package/shadowsocksr-libev/install
#$(INSTALL_DIR) $(1)/etc/init.d
#$(INSTALL_BIN) ./files/shadowsocksr $(1)/etc/init.d/shadowsocksr
#$(INSTALL_CONF) ./files/shadowsocksr.json $(1)/etc/shadowsocksr.json
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
endef
define Package/shadowsocksr-libev-mini/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
endef
define Package/shadowsocksr-libev-alt/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-check $(1)/usr/bin/ssr-check
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
endef
Package/shadowsocksr-libev-polarssl/install=$(Package/shadowsocksr-libev/install)
define Package/shadowsocksr-libev-gfwlist/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/shadowsocksr-gfwlist $(1)/etc/init.d/shadowsocksr
$(INSTALL_CONF) ./files/shadowsocksr-gfwlist.json $(1)/etc/shadowsocksr.json.main
$(INSTALL_CONF) ./files/shadowsocksr-gfwlist.json $(1)/etc/shadowsocksr.json.backup
$(INSTALL_CONF) ./files/firewall.user $(1)/etc/firewall.user
$(INSTALL_CONF) ./files/dnsmasq.conf $(1)/etc/dnsmasq.conf
$(INSTALL_DIR) $(1)/etc/dnsmasq.d
$(INSTALL_CONF) ./files/gfw_list.conf $(1)/etc/dnsmasq.d/gfw_list.conf
$(INSTALL_CONF) ./files/custom_list.conf $(1)/etc/dnsmasq.d/custom_list.conf
$(INSTALL_DIR) $(1)/root
$(INSTALL_BIN) ./files/ssr-watchdog $(1)/root/ssr-watchdog
$(INSTALL_DIR) $(1)/etc/crontabs
$(INSTALL_CONF) ./files/root $(1)/etc/crontabs/root
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller
$(INSTALL_CONF) ./files/shadowsocksr-libev.lua $(1)/usr/lib/lua/luci/controller/shadowsocksr-libev.lua
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev
$(INSTALL_CONF) ./files/shadowsocksr-libev-general.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev/shadowsocksr-libev-general.lua
$(INSTALL_CONF) ./files/shadowsocksr-libev-backup.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev/shadowsocksr-libev-backup.lua
$(INSTALL_CONF) ./files/shadowsocksr-libev-custom.lua $(1)/usr/lib/lua/luci/model/cbi/shadowsocksr-libev/shadowsocksr-libev-custom.lua
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/shadowsocksr-libev
$(INSTALL_CONF) ./files/gfwlistr.htm $(1)/usr/lib/lua/luci/view/shadowsocksr-libev/gfwlistr.htm
$(INSTALL_CONF) ./files/watchdogr.htm $(1)/usr/lib/lua/luci/view/shadowsocksr-libev/watchdogr.htm
endef
Package/shadowsocksr-libev-gfwlist-polarssl/install = $(Package/shadowsocksr-libev-gfwlist/install)
Package/shadowsocksr-libev-gfwlist-4M/install = $(Package/shadowsocksr-libev-gfwlist/install)
$(eval $(call BuildPackage,shadowsocksr-libev))
$(eval $(call BuildPackage,shadowsocksr-libev-mini))
$(eval $(call BuildPackage,shadowsocksr-libev-alt))
$(eval $(call BuildPackage,shadowsocksr-libev-polarssl))
$(eval $(call BuildPackage,shadowsocksr-libev-gfwlist))
$(eval $(call BuildPackage,shadowsocksr-libev-gfwlist-polarssl))
$(eval $(call BuildPackage,shadowsocksr-libev-gfwlist-4M))

2
package/lean/shadowsocksR-libev-full/files/custom_list.conf
View File

@ -1,2 +0,0 @@
#server=/.baidu.com/127.0.0.1#5353
#ipset=/.baidu.com/gfwlist

41
package/lean/shadowsocksR-libev-full/files/dnsmasq.conf
View File

@ -1,41 +0,0 @@
# Change the following lines if you want dnsmasq to serve SRV
# records.
# You may add multiple srv-host lines.
# The fields are <name>,<target>,<port>,<priority>,<weight>
# A SRV record sending LDAP for the example.com domain to
# ldapserver.example.com port 289
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
# Two SRV records for LDAP, each with different priorities
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
# A SRV record indicating that there is no LDAP server for the domain
# example.com
#srv-host=_ldap._tcp.example.com
# The following line shows how to make dnsmasq serve an arbitrary PTR
# record. This is useful for DNS-SD.
# The fields are <name>,<target>
#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
# Change the following lines to enable dnsmasq to serve TXT records.
# These are used for things like SPF and zeroconf.
# The fields are <name>,<text>,<text>...
#Example SPF.
#txt-record=example.com,"v=spf1 a -all"
#Example zeroconf
#txt-record=_http._tcp.example.com,name=value,paper=A4
# Provide an alias for a "local" DNS name. Note that this _only_ works
# for targets which are names from DHCP or /etc/hosts. Give host
# "bert" another name, bertrand
# The fields are <cname>,<target>
#cname=bertand,bert
cache-size=1000
min-cache-ttl=1800
conf-dir=/etc/dnsmasq.d

11
package/lean/shadowsocksR-libev-full/files/firewall.user
View File

@ -1,11 +0,0 @@
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
ipset create gfwlist hash:ip
iptables -t nat -I PREROUTING -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 8989
iptables -t nat -I OUTPUT -p tcp -m set --match-set gfwlist dst -j REDIRECT --to-port 8989

6988
package/lean/shadowsocksR-libev-full/files/gfw_list.conf
View File

File diff suppressed because it is too large Load Diff

7
package/lean/shadowsocksR-libev-full/files/gfwlistr.htm
View File

@ -1,7 +0,0 @@
<%+header%>
<h2><a id="content" name="content"><%:ShadowsocksR - GFW List%></a></h2>
<div class="cbi-map-descr">ShadowsocksR内置的 GFW 名单</div>
<div id="content_gfwlist">
<textarea readonly="readonly" wrap="off" style="width: 100%" rows="20" id="gfwlist"><%=gfwlist:pcdata()%></textarea>
</div>
<%+footer%>

3
package/lean/shadowsocksR-libev-full/files/root
View File

@ -1,3 +0,0 @@
*/10 * * * * /root/ssr-watchdog >> /var/log/shadowsocksr_watchdog.log 2>&1
0 1 * * 0 echo "" > /var/log/shadowsocksr_watchdog.log
#0 1 * * 0 sleep 70 && touch /etc/banner && reboot

21
package/lean/shadowsocksR-libev-full/files/shadowsocksr
View File

@ -1,21 +0,0 @@
#!/bin/sh /etc/rc.common
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
CONFIG=/etc/shadowsocksr.json
start() {
service_start /usr/bin/ssr-local -c $CONFIG -l 8888
#service_start /usr/bin/ssr-redir -c $CONFIG
#service_start /usr/bin/ssr-tunnel -c $CONFIG -l 5353 -L 8.8.8.8:53 -U
}
stop() {
service_stop /usr/bin/ssr-local
#service_stop /usr/bin/ssr-redir
#service_stop /usr/bin/ssr-tunnel
}

26
package/lean/shadowsocksR-libev-full/files/shadowsocksr-gfwlist
View File

@ -1,26 +0,0 @@
#!/bin/sh /etc/rc.common
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
CONFIG=/etc/shadowsocksr.json
if [ ! -f $CONFIG ]; then
ln -sf /etc/shadowsocksr.json.main $CONFIG
fi
start() {
service_start /usr/bin/ssr-redir -c $CONFIG -b 0.0.0.0 -l 8989
sleep 1
service_start /usr/bin/ssr-tunnel -c $CONFIG -b 0.0.0.0 -l 5353 -L 8.8.8.8:53 -U
sleep 1
}
stop() {
service_stop /usr/bin/ssr-redir
sleep 1
service_stop /usr/bin/ssr-tunnel
sleep 1
}

11
package/lean/shadowsocksR-libev-full/files/shadowsocksr-gfwlist.json
View File

@ -1,11 +0,0 @@
{
"server": "serv-ro.ddns.info",
"server_port": 23143,
"password": "test.TEST",
"method": "aes-256-cfb",
"protocol": "origin",
"obfs": "plain",
"timeout": 120,
"supported_protocol": "origin, verify_simple, auth_simple, auth_sha1, auth_sha1_v2, auth_sha1_v4",
"supported_obfs": "plain, http_simple, tls1.0_session_auth, tls1.2_ticket_auth"
}

23
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev-backup.lua
View File

@ -1,23 +0,0 @@
local fs = require "nixio.fs"
local conffile = "/etc/shadowsocksr.json.backup"
f = SimpleForm("general", translate("ShadowsocksR - 备份服务器设置"), translate("ShadowsocksR 备份服务器设置地址,当主服务器不可时将自动连接到此服务器。 主服务器可用时将自动切换回主服务器"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/etc/init.d/shadowsocksr restart")
end
end
return true
end
return f

23
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev-custom.lua
View File

@ -1,23 +0,0 @@
local fs = require "nixio.fs"
local conffile = "/etc/dnsmasq.d/custom_list.conf"
f = SimpleForm("custom", translate("ShadowsocksR - 自定义列表"), translate("ShadowsocksR 自动定义翻墙域名的列表。<BR />请参照以下写法去掉前面的 # 输入"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/etc/init.d/dnsmasq restart && ipset flush gfwlist")
end
end
return true
end
return f

23
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev-general.lua
View File

@ -1,23 +0,0 @@
local fs = require "nixio.fs"
local conffile = "/etc/shadowsocksr.json.main"
f = SimpleForm("general", translate("ShadowsocksR - 主服务器配置"), translate("ShadowsocksR 主服务器配置文件,此服务器将优先被使用"))
t = f:field(TextValue, "conf")
t.rmempty = true
t.rows = 20
function t.cfgvalue()
return fs.readfile(conffile) or ""
end
function f.handle(self, state, data)
if state == FORM_VALID then
if data.conf then
fs.writefile(conffile, data.conf:gsub("\r\n", "\n"))
luci.sys.call("/etc/init.d/shadowsocksr restart")
end
end
return true
end
return f

45
package/lean/shadowsocksR-libev-full/files/shadowsocksr-libev.lua
View File

@ -1,45 +0,0 @@
module("luci.controller.shadowsocksr-libev", package.seeall)
function index()
if not nixio.fs.access("/etc/shadowsocksr.json") then
return
end
entry({"admin", "services", "shadowsocksr-libev"},
alias("admin", "services", "shadowsocksr-libev", "general"),
_("ShadowsocksR设置"), 10)
entry({"admin", "services", "shadowsocksr-libev", "general"},
cbi("shadowsocksr-libev/shadowsocksr-libev-general"),
_("主服务器设置"), 10).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "backup"},
cbi("shadowsocksr-libev/shadowsocksr-libev-backup"),
_("备份服务器设置"), 20).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "gfwlist"},
call("action_gfwlist"),
_("GFW 内置名单"), 30).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "custom"},
cbi("shadowsocksr-libev/shadowsocksr-libev-custom"),
_("自定义域名列表"), 40).leaf = true
entry({"admin", "services", "shadowsocksr-libev", "watchdog"},
call("action_watchdog"),
_("守护进程日志"), 50).leaf = true
end
function action_gfwlist()
local fs = require "nixio.fs"
local conffile = "/etc/dnsmasq.d/gfw_list.conf"
local gfwlist = fs.readfile(conffile) or ""
luci.template.render("shadowsocksr-libev/gfwlistr", {gfwlist=gfwlist})
end
function action_watchdog()
local fs = require "nixio.fs"
local conffile = "/var/log/shadowsocksr_watchdog.log"
local watchdog = fs.readfile(conffile) or ""
luci.template.render("shadowsocksr-libev/watchdogr", {watchdog=watchdog})
end

17
package/lean/shadowsocksR-libev-full/files/shadowsocksr-server
View File

@ -1,17 +0,0 @@
#!/bin/sh /etc/rc.common
START=95
SERVICE_USE_PID=1
SERVICE_WRITE_PID=1
SERVICE_DAEMONIZE=1
CONFIG=/etc/shadowsocksr-server.json
start() {
service_start /usr/bin/ssr-server -c $CONFIG -u
}
stop() {
service_stop /usr/bin/ssr-server
}

15
package/lean/shadowsocksR-libev-full/files/shadowsocksr-server.json
View File

@ -1,15 +0,0 @@
{
"server": "0.0.0.0",
"server_ipv6": "::",
"server_port": 443,
"password": "password",
"method": "rc4-md5",
"timeout": 120,
"protocol": "origin",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"redirect": "",
"dns_ipv6": false,
"fast_open": false
}

14
package/lean/shadowsocksR-libev-full/files/shadowsocksr.json
View File

@ -1,14 +0,0 @@
{
"server": "serverip",
"server_port": 443,
"password": "password",
"method": "rc4-md5",
"local_address": "0.0.0.0",
"local_port": 1080,
"timeout": 120,
"protocol": "origin",
"protocol_param": "",
"obfs": "plain",
"obfs_param": "",
"fast_open": false
}

47
package/lean/shadowsocksR-libev-full/files/ssr-watchdog
View File

@ -1,47 +0,0 @@
#!/bin/sh
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
CURRENT=$(ls -l /etc/shadowsocksr.json | awk -F "." '{print $4}')
if [ "$CURRENT" == "backup" ]; then
echo "[$LOGTIME] Backup server is running."
MAIN=$(cat /etc/shadowsocksr.json.main | awk -F '\"' '/\"server\"/ {print $4}')
PM=$(ping -c 3 $MAIN | grep 'loss' | awk -F ',' '{ print $3 }' | awk -F "%" '{ print $1 }')
if [ "$PM" -lt "50" ]; then
echo "[$LOGTIME] Main server up,$PM% packet loss, switch back."
ln -sf /etc/shadowsocksr.json.main /etc/shadowsocksr.json
CURRENT=$(ls -l /etc/shadowsocksr.json | awk -F "." '{print $4}')
/etc/init.d/shadowsocksr restart
sleep 3
else
echo "[$LOGTIME] Main server down,$PM% packet loss."
fi
fi
wget --spider --quiet -T 3 www.google.com.hk
if [ "$?" == "0" ]; then
echo "[$LOGTIME] No problem."
exit 0
else
wget --spider --quiet -T 3 www.baidu.com
if [ "$?" == "0" ]; then
echo "[$LOGTIME] Problem decteted, restart ShadowsocksR."
/etc/init.d/shadowsocksr restart
if [ "$CURRENT" == "main" ]; then
sleep 3
wget --spider --quiet -T 3 www.google.com.hk
if [ "$?" == "0" ]; then
echo "[$LOGTIME] ShadowsocksR recovered."
exit 0
else
echo "[$LOGTIME] Main server down, switch to backup server."
ln -sf /etc/shadowsocksr.json.backup /etc/shadowsocksr.json
/etc/init.d/shadowsocksr restart
exit 0
fi
fi
else
echo "[$LOGTIME] Network problem. Do nothing."
fi
fi

7
package/lean/shadowsocksR-libev-full/files/watchdogr.htm
View File

@ -1,7 +0,0 @@
<%+header%>
<h2><a id="content" name="content"><%:ShadowsocksR - 守护进程日志%></a></h2>
<div class="cbi-map-descr">ShadowsocksR 守护进程日志</div>
<div id="content_watchdog">
<textarea readonly="readonly" wrap="off" style="width: 100%" rows="20" id="watchdog"><%=watchdog:pcdata()%></textarea>
</div>
<%+footer%>

315
package/lean/shadowsocksR-libev-full/patches/0001-ss-check-Backport.patch
View File

@ -1,315 +0,0 @@
From 4a153bc0bb8ed20517871bddbf92ba69057bef97 Mon Sep 17 00:00:00 2001
From: WouldChar <wouldchar@gmail.com>
Date: Mon, 18 Dec 2017 19:33:51 +0800
Subject: [PATCH 1/7] Backport ss-check
* from https://github.com/ywb94/shadowsocks-libev
---
src/Makefile.am | 5 ++
src/check.c | 242 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
src/redir.c | 2 +-
3 files changed, 248 insertions(+), 1 deletion(-)
create mode 100644 src/check.c
diff --git a/src/Makefile.am b/src/Makefile.am
index eea1300..d2c6d24 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -22,7 +22,7 @@ SS_COMMON_LIBS += $(top_builddir)/libev/libev.la \
$(top_builddir)/libsodium/src/libsodium/libsodium.la
endif
-bin_PROGRAMS = ss-local
+bin_PROGRAMS = ss-local ss-check
#bin_PROGRAMS += ss-tunnel
if !BUILD_WINCOMPAT
#bin_PROGRAMS += ss-server ss-manager
@@ -42,6 +43,8 @@ ss_local_SOURCES = utils.c \
local.c \
$(sni_src)
+ss_check_SOURCES = check.c
+
#ss_tunnel_SOURCES = utils.c \
# jconf.c \
# json.c \
@@ -69,6 +72,7 @@ ss_local_SOURCES = utils.c \
# manager.c
ss_local_LDADD = $(SS_COMMON_LIBS)
+ss_check_LDADD = $(SS_COMMON_LIBS)
#ss_tunnel_LDADD = $(SS_COMMON_LIBS)
#ss_server_LDADD = $(SS_COMMON_LIBS)
#ss_manager_LDADD = $(SS_COMMON_LIBS)
@@ -83,6 +87,7 @@ ss_local_LDADD += $(top_builddir)/libudns/libudns.la
endif
ss_local_CFLAGS = $(AM_CFLAGS) -DMODULE_LOCAL
+ss_check_CFLAGS = $(AM_CFLAGS) -DMODULE_CHECK
#ss_tunnel_CFLAGS = $(AM_CFLAGS) -DMODULE_TUNNEL
#ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE
#ss_manager_CFLAGS = $(AM_CFLAGS) -DMODULE_MANAGER
diff --git a/src/check.c b/src/check.c
new file mode 100644
index 0000000..9243686
--- /dev/null
+++ b/src/check.c
@@ -0,0 +1,242 @@
+/*
+ * check.c - check remote shadowsocks server port
+ *
+ * Copyright (C) 2017, yushi studio <ywb94@qq.com>
+ *
+ * This file is part of the shadowsocks-libev.
+ *
+ * shadowsocks-libev is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * shadowsocks-libev is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with shadowsocks-libev; see the file COPYING. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <errno.h>
+#include <time.h>
+#include <arpa/inet.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <string.h>
+
+//#define __DEBUG__
+#ifdef __DEBUG__
+#define DEBUG(format,...) printf("File: "__FILE__", Line: %05d: "format"/n", __LINE__, ##__VA_ARGS__)
+#else
+#define DEBUG(format,...)
+#endif
+
+static sigjmp_buf jmpbuf;
+
+static void alarm_func()
+{
+ siglongjmp(jmpbuf, 1);
+}
+
+static struct hostent *timeGethostbyname(const char *domain, int timeout)
+{
+ struct hostent *ipHostent = NULL;
+ signal(SIGALRM, alarm_func);
+ if (sigsetjmp(jmpbuf, 1) != 0) {
+ alarm(0); //timout
+ signal(SIGALRM, SIG_IGN);
+ return NULL;
+ }
+ alarm(timeout); //setting alarm
+ ipHostent = gethostbyname(domain);
+ signal(SIGALRM, SIG_IGN);
+ return ipHostent;
+}
+
+
+#define MY_HTTP_DEFAULT_PORT 80
+#define BUFFER_SIZE 1024
+#define HTTP_POST "POST /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n"\
+ "Content-Type:application/x-www-form-urlencoded\r\nContent-Length: %d\r\n\r\n%s"
+#define HTTP_GET "GET /%s HTTP/1.1\r\nHOST: %s:%d\r\nAccept: */*\r\n\r\n"
+
+static int http_parse_url(const char *url, char *host, char *file, int *port)
+{
+ char *ptr1, *ptr2;
+ int len = 0;
+ if (!url || !host || !file || !port)
+ return 1;
+
+ ptr1 = (char *)url;
+
+ if (!strncmp(ptr1, "http://", strlen("http://")))
+ ptr1 += strlen("http://");
+ else
+ return 1;
+
+ ptr2 = strchr(ptr1, '/');
+ if (ptr2) {
+ len = strlen(ptr1) - strlen(ptr2);
+ memcpy(host, ptr1, len);
+ host[len] = '\0';
+ if (*(ptr2 + 1)) {
+ memcpy(file, ptr2 + 1, strlen(ptr2) - 1);
+ file[strlen(ptr2) - 1] = '\0';
+ }
+ }
+ else {
+ memcpy(host,ptr1,strlen(ptr1));
+ host[strlen(ptr1)] = '\0';
+ }
+
+ //get host and ip
+ ptr1 = strchr(host, ':');
+ if (ptr1) {
+ *ptr1++ = '\0';
+ *port = atoi(ptr1);
+ }
+ else
+ *port = MY_HTTP_DEFAULT_PORT;
+
+ return 0;
+}
+
+static int http_tcpclient_recv(int socket, char *lpbuff)
+{
+ int recvnum = 0;
+
+ recvnum = recv(socket, lpbuff, BUFFER_SIZE*4, 0);
+
+ return recvnum;
+}
+
+static int http_tcpclient_send(int socket, char *buff, int size)
+{
+ int sent = 0, tmpres = 0;
+
+ while (sent < size) {
+ tmpres = send(socket, buff + sent, size - sent, 0);
+ if (tmpres == -1)
+ return 1;
+ sent += tmpres;
+ }
+ return sent;
+}
+
+int http_get(const char *url, int socket_fd)
+{
+ char lpbuf[BUFFER_SIZE * 4] = {'\0'};
+
+ char host_addr[BUFFER_SIZE] = {'\0'};
+ char file[BUFFER_SIZE] = {'\0'};
+ int port = 0;
+
+ if (!url) {
+ DEBUG("url failed\n");
+ return 1;
+ }
+
+ if (http_parse_url(url, host_addr, file, &port)) {
+ DEBUG("http_parse_url failed\n");
+ return 1;
+ }
+ DEBUG("url: %s\thost_addr: %s\tfile: %s\t, %d\n", url, host_addr, file, port);
+
+ if (socket_fd < 0) {
+ DEBUG("http_tcpclient_create failed\n");
+ return 1;
+ }
+
+ sprintf(lpbuf, HTTP_GET, file, host_addr, port);
+
+ if (http_tcpclient_send(socket_fd, lpbuf, strlen(lpbuf)) < 0) {
+ DEBUG("http_tcpclient_send failed\n");
+ return 1;
+ }
+ DEBUG("request:\n%s\n", lpbuf);
+
+ if (http_tcpclient_recv(socket_fd, lpbuf) <= 0) {
+ DEBUG("http_tcpclient_recv failed\n");
+ close(socket_fd);
+ return 1;
+ }
+ DEBUG("rec:\n%s\n", lpbuf);
+ close(socket_fd);
+
+ //return http_parse_result(lpbuf);
+ return 0;
+}
+
+int main(int argc, char *argv[])
+{
+ int fd, http_flag = 0, http_ret = 1;
+ struct sockaddr_in addr;
+ struct hostent *host;
+ struct timeval timeo = {3, 0};
+ socklen_t len = sizeof(timeo);
+
+ char http_url[100] = "http://";
+
+ fd = socket(AF_INET, SOCK_STREAM, 0);
+ if (argc >= 4)
+ timeo.tv_sec = atoi(argv[3]);
+ if (argc >= 5)
+ http_flag=1;
+
+ if ((host = timeGethostbyname(argv[1], timeo.tv_sec)) == NULL) {
+ DEBUG("gethostbyname err\n");
+ return 1;
+ }
+
+ if (setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, &timeo, len) == -1) {
+ DEBUG("setsockopt send err\n");
+ return 1;
+ }
+
+ if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, &timeo, len) == -1) {
+ DEBUG("setsockopt recv err\n");
+ return 1;
+ }
+
+ addr.sin_family = AF_INET;
+ addr.sin_addr = *((struct in_addr *)host->h_addr);
+ //addr.sin_addr.s_addr = inet_addr(argv[1]);
+ addr.sin_port = htons(atoi(argv[2]));
+
+ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
+ if (errno == EINPROGRESS) {
+ DEBUG("timeout err\n");
+ return 1;
+ }
+ DEBUG("connect err\n");
+ return 1;
+ }
+
+ if (http_flag == 0) {
+ close(fd);
+ return 0;
+ }
+
+ strcat(http_url, argv[1]);
+ http_ret = http_get(http_url, fd);
+
+ if (http_ret == 1) {
+ DEBUG("recv err");
+ return 1;
+ }
+ else {
+ DEBUG("recv ok");
+ return 0;
+ }
+}
diff --git a/src/redir.c b/src/redir.c
index 4345a36..e2bdd0e 100644
--- a/src/redir.c
+++ b/src/redir.c
@@ -203,7 +203,7 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
// continue to wait for recv
return;
} else {
- ERROR("server recv");
+ //ERROR("server recv");
close_and_free_remote(EV_A_ remote);
close_and_free_server(EV_A_ server);
return;
--
2.7.4

61
package/lean/shadowsocksr-libev/Makefile Normal file
View File

@ -0,0 +1,61 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=shadowsocksr-libev
PKG_VERSION:=2.5.6
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/shadowsocksrr/shadowsocksr-libev
PKG_SOURCE_VERSION:=d63ff863800a5645aca4309d5dd5962bd1e95543
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION)
PKG_LICENSE:=GPLv3
PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION)
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
PKG_USE_MIPS16:=0
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/shadowsocksr-libev
SECTION:=net
CATEGORY:=Network
TITLE:=Lightweight Secured Socks5 Proxy
URL:=https://github.com/shadowsocksrr/shadowsocksr-libev
DEPENDS:=+libopenssl +libpthread +libpcre +zlib
endef
Package/shadowsocksr-libev-server = $(Package/shadowsocksr-libev)
Package/shadowsocksr-libev-alt = $(Package/shadowsocksr-libev)
CONFIGURE_ARGS += --disable-documentation --disable-ssp --disable-assert
define Package/shadowsocksr-libev/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
$(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-check $(1)/usr/bin/ssr-check
endef
define Package/shadowsocksr-libev-alt/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-redir $(1)/usr/bin/ssr-redir
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ss-local $(1)/usr/bin/ssr-local
$(LN) ssr-local $(1)/usr/bin/ssr-tunnel
$(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-check $(1)/usr/bin/ssr-check
endef
define Package/shadowsocksr-libev-server/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/server/ss-server $(1)/usr/bin/ssr-server
endef
$(eval $(call BuildPackage,shadowsocksr-libev))
$(eval $(call BuildPackage,shadowsocksr-libev-alt))
$(eval $(call BuildPackage,shadowsocksr-libev-server))

17186
package/lean/shadowsocksr-libev/patches/0001-Add-ss-server-and-ss-check.patch Normal file
View File

File diff suppressed because it is too large Load Diff

22
package/lean/shadowsocksr-libev/patches/0002-Revert-verify_simple-and-auth_simple.patch Normal file
View File

@ -0,0 +1,22 @@
diff --git a/src/obfs/obfs.c b/src/obfs/obfs.c
index 463359f..4cd750a 100644
--- a/src/obfs/obfs.c
+++ b/src/obfs/obfs.c
@@ -88,7 +88,7 @@
plugin->client_decode = tls12_ticket_auth_client_decode;
return plugin;
- /*} else if (strcmp(plugin_name, "verify_simple") == 0) {
+ } else if (strcmp(plugin_name, "verify_simple") == 0) {
obfs_class * plugin = (obfs_class*)malloc(sizeof(obfs_class));
plugin->init_data = init_data;
plugin->new_obfs = verify_simple_new_obfs;
@@ -115,7 +115,7 @@
plugin->client_udp_pre_encrypt = NULL;
plugin->client_udp_post_decrypt = NULL;
- return plugin;*/
+ return plugin;
} else if (strcmp(plugin_name, "auth_sha1") == 0) {
obfs_class *plugin = (obfs_class *) malloc(sizeof(obfs_class));
plugin->init_data = auth_simple_init_data;

42
package/lean/shadowsocksr-libev/patches/0003-Refine-Usage.patch Normal file
View File

@ -0,0 +1,42 @@
diff --git a/src/utils.c b/src/utils.c
index 94f8a83..01bcbac 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -258,8 +258,6 @@ usage()
{
printf("\n");
printf("shadowsocks-libev %s with %s\n\n", VERSION, USING_CRYPTO);
- printf(
- " maintained by Max Lv <max.c.lv@gmail.com> and Linus Yang <laokongzi@gmail.com>\n\n");
printf(" usage:\n\n");
#ifdef MODULE_LOCAL
printf(" ss-local\n");
@@ -298,6 +296,25 @@ usage()
printf(
" The default cipher is rc4-md5.\n");
printf("\n");
+ printf(
+ " -o <obfs> Obfs of your remote server: plain,\n");
+ printf(
+ " http_simple, http_post and tls1.2_ticket_auth.\n");
+ printf(
+ " -g <obfs-param> Obfs-Param of your remote server.\n");
+ printf(
+ " -O <protocol> Protocol of your remote server: orgin,\n");
+ printf(
+ " auth_sha1, auth_sha1_v2, auth_sha1_v4,\n");
+ printf(
+ " auth_aes128_md5, auth_aes128_sha1,\n");
+ printf(
+ " auth_chain_a, auth_chain_b, auth_chain_c,\n");
+ printf(
+ " auth_chain_d, auth_chain_e and auth_chain_f.\n");
+ printf(
+ " -G <protocol-param> Protocol-Param of your remote server.\n");
+ printf("\n");
printf(
" [-a <user>] Run as another user.\n");
printf(
--
2.19.1