298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-06-16 02:25:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

luci ssr plus: global proxy client also can set in route mode

Browse Source
This commit is contained in:
coolsnowwolf 2018-11-28 18:30:52 +08:00
parent bb81f14df0
commit ee677d3a30
22 changed files with 18 additions and 1588 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
package/lean/luci-app-nft-qos/Makefile
View File

@ -1,14 +0,0 @@
#
# Copyright (C) 2008-2014 The LuCI Team <luci@lists.subsignal.org>
#
# This is free software, licensed under the Apache License, Version 2.0 .
#
include $(TOPDIR)/rules.mk
LUCI_TITLE:=Qos over Nftables
LUCI_DEPENDS:=+nft-qos
include $(TOPDIR)/feeds/luci/luci.mk
# call BuildPackage - OpenWrt buildroot signature

51
package/lean/luci-app-nft-qos/luasrc/controller/nft-qos.lua
View File

@ -1,51 +0,0 @@
-- Copyright 2018 Rosy Song <rosysong@rosinson.com>
-- Licensed to the public under the Apache License 2.0.
module("luci.controller.nft-qos", package.seeall)
function index()
if not nixio.fs.access("/etc/config/nft-qos") then
return
end
entry({"admin", "status", "realtime", "rate"},
template("nft-qos/rate"), _("Rate"), 5).leaf = true
entry({"admin", "status", "realtime", "rate_status"},
call("action_rate")).leaf = true
entry({"admin", "services", "nft-qos"}, cbi("nft-qos/nft-qos"),
_("Qos over Nftables"), 60)
end
function _action_rate(rv, n)
local c = io.popen("nft list chain inet nft-qos-monitor " .. n .. " 2>/dev/null")
if c then
for l in c:lines() do
local _, i, p, b = l:match('^%s+ip ([^%s]+) ([^%s]+) counter packets (%d+) bytes (%d+)')
if i and p and b then
-- handle expression
local r = {
rule = {
family = "inet",
table = "nft-qos-monitor",
chain = n,
handle = 0,
expr = {
{ match = { right = i } },
{ counter = { packets = p, bytes = b } }
}
}
}
rv[#rv + 1] = r
end
end
c:close()
end
end
function action_rate()
luci.http.prepare_content("application/json")
local data = { nftables = {} }
_action_rate(data.nftables, "upload")
_action_rate(data.nftables, "download")
luci.http.write_json(data)
end

229
package/lean/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua
View File

@ -1,229 +0,0 @@
-- Copyright 2018 Rosy Song <rosysong@rosinson.com>
-- Licensed to the public under the Apache License 2.0.
local uci = require("luci.model.uci").cursor()
local wa = require("luci.tools.webadmin")
local fs = require("nixio.fs")
local ipc = require("luci.ip")
local def_rate_dl = uci:get("nft-qos", "default", "static_rate_dl")
local def_rate_ul = uci:get("nft-qos", "default", "static_rate_ul")
local def_unit_dl = uci:get("nft-qos", "default", "static_unit_dl")
local def_unit_ul = uci:get("nft-qos", "default", "static_unit_ul")
local def_up = uci:get("nft-qos", "default", "dynamic_bw_up")
local def_down = uci:get("nft-qos", "default", "dynamic_bw_down")
local limit_enable = uci:get("nft-qos", "default", "limit_enable")
local limit_type = uci:get("nft-qos", "default", "limit_type")
local enable_priority = uci:get("nft-qos", "default", "priority_enable")
local has_ipv6 = fs.access("/proc/net/ipv6_route")
m = Map("nft-qos", translate("Qos over Nftables"))
--
-- Taboptions
--
s = m:section(TypedSection, "default", translate("NFT-QoS Settings"))
s.addremove = false
s.anonymous = true
s:tab("limit", "Limit Rate")
s:tab("priority", "Traffic Priority")
--
-- Static
--
o = s:taboption("limit", Flag, "limit_enable", translate("Limit Enable"), translate("Enable Limit Rate Feature"))
o.default = limit_enable or o.enabled
o.rmempty = false
o = s:taboption("limit", ListValue, "limit_type", translate("Limit Type"), translate("Type of Limit Rate"))
o.default = limit_static or "static"
o:depends("limit_enable","1")
o:value("static", "Static")
o:value("dynamic", "Dynamic")
o = s:taboption("limit", Value, "static_rate_dl", translate("Default Download Rate"), translate("Default value for download rate"))
o.datatype = "uinteger"
o.default = def_rate_dl or '50'
o:depends("limit_type","static")
o = s:taboption("limit", ListValue, "static_unit_dl", translate("Default Download Unit"), translate("Default unit for download rate"))
o.default = def_unit_dl or "kbytes"
o:depends("limit_type","static")
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
o = s:taboption("limit", Value, "static_rate_ul", translate("Default Upload Rate"), translate("Default value for upload rate"))
o.datatype = "uinteger"
o.default = def_rate_ul or '50'
o:depends("limit_type","static")
o = s:taboption("limit", ListValue, "static_unit_ul", translate("Default Upload Unit"), translate("Default unit for upload rate"))
o.default = def_unit_ul or "kbytes"
o:depends("limit_type","static")
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
--
-- Dynamic
--
o = s:taboption("limit", Value, "dynamic_bw_down", translate("Download Bandwidth (Mbps)"), translate("Default value for download bandwidth"))
o.default = def_up or '100'
o.datatype = "uinteger"
o:depends("limit_type","dynamic")
o = s:taboption("limit", Value, "dynamic_bw_up", translate("Upload Bandwidth (Mbps)"), translate("Default value for upload bandwidth"))
o.default = def_down or '100'
o.datatype = "uinteger"
o:depends("limit_type","dynamic")
o = s:taboption("limit", Value, "dynamic_cidr", translate("Target Network (IPv4/MASK)"), translate("Network to be apply, e.g. 192.168.1.0/24, 10.2.0.0/16, etc"))
o.datatype = "cidr4"
ipc.routes({ family = 4, type = 1 }, function(rt) o.default = rt.dest end)
o:depends("limit_type","dynamic")
if has_ipv6 then
o = s:taboption("limit", Value, "dynamic_cidr6", translate("Target Network6 (IPv6/MASK)"), translate("Network to be apply, e.g. AAAA::BBBB/64, CCCC::1/128, etc"))
o.datatype = "cidr6"
o:depends("limit_type","dynamic")
end
o = s:taboption("limit", DynamicList, "limit_whitelist", translate("White List for Limit Rate"))
o.datatype = "ipaddr"
o:depends("limit_enable","1")
--
-- Priority
--
o = s:taboption("priority", Flag, "priority_enable", translate("Enable Traffic Priority"), translate("Enable this feature"))
o.default = enable_priority or o.enabled
o.rmempty = false
o = s:taboption("priority", ListValue, "priority_netdev", translate("Default Network Interface"), translate("Network Interface for Traffic Shaping, e.g. br-lan, eth0.1, eth0, etc"))
o:depends("priority_enable", "1")
wa.cbi_add_networks(o)
--
-- Static Limit Rate - Download Rate
--
if limit_enable == "1" and limit_type == "static" then
x = m:section(TypedSection, "download", translate("Static QoS-Download Rate"))
x.anonymous = true
x.addremove = true
x.template = "cbi/tblsection"
o = x:option(Value, "hostname", translate("Hostname"))
o.datatype = "hostname"
o.default = 'undefined'
if has_ipv6 then
o = x:option(Value, "ipaddr", translate("IP Address(V4 / V6)"))
else
o = x:option(Value, "ipaddr", translate("IP Address(V4 Only)"))
end
o.datatype = "ipaddr"
if nixio.fs.access("/tmp/dhcp.leases") or nixio.fs.access("/var/dhcp6.leases") then
o.titleref = luci.dispatcher.build_url("admin", "status", "overview")
end
o = x:option(Value, "macaddr", translate("MAC (optional)"))
o.rmempty = true
o.datatype = "macaddr"
o = x:option(Value, "rate", translate("Rate"))
o.default = def_rate_dl or '50'
o.size = 4
o.datatype = "uinteger"
o = x:option(ListValue, "unit", translate("Unit"))
o.default = def_unit_dl or "kbytes"
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
--
-- Static Limit Rate - Upload Rate
--
y = m:section(TypedSection, "upload", translate("Static QoS-Upload Rate"))
y.anonymous = true
y.addremove = true
y.template = "cbi/tblsection"
o = y:option(Value, "hostname", translate("Hostname"))
o.datatype = "hostname"
o.default = 'undefined'
if has_ipv6 then
o = y:option(Value, "ipaddr", translate("IP Address(V4 / V6)"))
else
o = y:option(Value, "ipaddr", translate("IP Address(V4 Only)"))
end
o.datatype = "ipaddr"
if nixio.fs.access("/tmp/dhcp.leases") or nixio.fs.access("/var/dhcp6.leases") then
o.titleref = luci.dispatcher.build_url("admin", "status", "overview")
end
o = y:option(Value, "macaddr", translate("MAC (optional)"))
o.rmempty = true
o.datatype = "macaddr"
o = y:option(Value, "rate", translate("Rate"))
o.default = def_rate_ul or '50'
o.size = 4
o.datatype = "uinteger"
o = y:option(ListValue, "unit", translate("Unit"))
o.default = def_unit_ul or "kbytes"
o:value("bytes", "Bytes/s")
o:value("kbytes", "KBytes/s")
o:value("mbytes", "MBytes/s")
end
--
-- Traffic Priority Settings
--
if enable_priority == "1" then
s = m:section(TypedSection, "priority", translate("Traffic Priority Settings"))
s.anonymous = true
s.addremove = true
s.template = "cbi/tblsection"
o = s:option(ListValue, "protocol", translate("Protocol"))
o.default = "tcp"
o:value("tcp", "TCP")
o:value("udp", "UDP")
o:value("udplite", "UDP-Lite")
o:value("sctp", "SCTP")
o:value("dccp", "DCCP")
o = s:option(ListValue, "priority", translate("Priority"))
o.default = "1"
o:value("-400", "1")
o:value("-300", "2")
o:value("-225", "3")
o:value("-200", "4")
o:value("-150", "5")
o:value("-100", "6")
o:value("0", "7")
o:value("50", "8")
o:value("100", "9")
o:value("225", "10")
o:value("300", "11")
o = s:option(Value, "service", translate("Service"), translate("e.g. https, 23, (separator is comma)"))
o.default = '?'
o = s:option(Value, "comment", translate("Comment"))
o.default = '?'
end
return m

167
package/lean/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm
View File

@ -1,167 +0,0 @@
<%#
Copyright 2018 Rosy Song <rosysong@rosinson.com>
Licensed to the public under the Apache License 2.0.
-%>
<%+header%>
<script type="text/javascript">//<![CDATA[
var bwxhr = new XHR();
var RC = { };
var em = 0;
var ec = 1;
var rate_table_dl;
var rate_table_ul;
function init_bytes(rl, ra) {
var bytes_pre;
var obj = { };
obj.chain = rl.chain;
obj.ipaddr = rl.expr[em].match.right;
obj.bytes = rl.expr[ec].counter.bytes;
obj.packets = rl.expr[ec].counter.packets;
obj.rate = 0;
if (RC[obj.chain] && RC[obj.chain][obj.ipaddr])
bytes_pre = RC[obj.chain][obj.ipaddr];
else
bytes_pre = 0;
obj.rate = (bytes_pre > 0) ? (obj.bytes - bytes_pre) / 3: 0;
if (!RC[obj.chain])
RC[obj.chain] = { };
RC[obj.chain][obj.ipaddr] = obj.bytes;
if (!ra[obj.chain])
ra[obj.chain] = [ ];
ra[obj.chain].push(obj);
} /* function init_bytes(rl, ra) */
function bytes_label(bytes) {
var uby = '<%:kB%>';
var kby = (bytes / 1024);
if (kby > 1024) {
uby = '<%:MB%>';
kby = (kby / 1024);
}
return String.format("%f %s", kby.toFixed(2), uby);
}
function print_table(tbl, rs, ra) {
ra.sort(function(a, b) { return b.rate - a.rate });
for (var i = 0; i < ra.length; i++) {
rs.push([
ra[i].ipaddr,
bytes_label(ra[i].rate) + '/s',
bytes_label(ra[i].bytes),
'%s Pkts.'.format(ra[i].packets),
]);
}
cbi_update_table(tbl, rs, '<em><%:No information available%></em>');
} /* function print_table(tbl, ra) */
/* wait for SVG */
window.setTimeout(
function() {
if (!RC)
{
window.setTimeout(arguments.callee, 1000);
}
else
{
rate_table_dl = document.getElementById('rate_table_dl');
rate_table_ul = document.getElementById('rate_table_ul');
/* render datasets, start update interval */
XHR.poll(3, '<%=build_url("admin/status/realtime/rate_status")%>', null,
function(x, json)
{
var RA = {};
var rows_dl = [];
var rows_ul = [];
var rules = json.nftables;
for (var i = 0; i < rules.length; i++)
{
if (!rules[i].rule)
continue;
if (rules[i].rule.table != 'nft-qos-monitor')
continue;
var rl = rules[i].rule;
switch (rl.chain)
{
case 'download':
case 'upload': init_bytes(rl, RA); break;
}
} /* for (var i = 0; i < rules.length; i++) */
/* display the result */
if (RA.download) {
while (rate_table_dl.firstElementChild !== rate_table_dl.lastElementChild)
rate_table_dl.removeChild(rate_table_dl.lastElementChild);
print_table(rate_table_dl, rows_dl, RA.download);
}
if (RA.upload) {
while (rate_table_ul.firstElementChild !== rate_table_ul.lastElementChild)
rate_table_ul.removeChild(rate_table_ul.lastElementChild);
print_table(rate_table_ul, rows_ul, RA.upload);
}
} /* function(x, json) */
); /* XHR.poll() */
XHR.run();
}
}, 1000
);
//]]></script>
<h2 name="content"><%:Realtime Rate%></h2>
<div class="cbi-map-descr"><%:This page gives an overview over currently download/upload rate.%></div>
<fieldset class="cbi-section" id="cbi-table-table">
<legend><%:Realtime Download Rate%></legend>
<div class="cbi-section-node">
<div class="table" id="rate_table_dl">
<div class="tr table-titles">
<div class="th col-2 hide-xs"><%:IP Address%></div>
<div class="th col-2"><%:Download Rate%></div>
<div class="th col-7"><%:Bytes Total%></div>
<div class="th col-7"><%:Packets Total%></div>
</div>
<div class="tr placeholder">
<div class="td">
<em><%:Collecting data...%></em>
</div>
</div>
</div>
</div>
</fieldset>
<fieldset class="cbi-section" id="cbi-table-table">
<legend><%:Realtime Upload Rate%></legend>
<div class="cbi-section-node">
<div class="table" id="rate_table_ul">
<div class="tr table-titles">
<div class="th col-2 hide-xs"><%:IP Address%></div>
<div class="th col-2"><%:Upload Rate%></div>
<div class="th col-7"><%:Bytes Total%></div>
<div class="th col-7"><%:Packets Total%></div>
</div>
<div class="tr placeholder">
<div class="td">
<em><%:Collecting data...%></em>
</div>
</div>
</div>
</div>
</fieldset>
<%+footer%>

230
package/lean/luci-app-nft-qos/po/templates/nft-qos.pot
View File

@ -1,230 +0,0 @@
msgid ""
msgstr "Content-Type: text/plain; charset=UTF-8"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:136
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:155
msgid "Bytes Total"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:141
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:160
msgid "Collecting data..."
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:224
msgid "Comment"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default Download Unit"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Default Network Interface"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default Upload Unit"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default unit for download rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default unit for upload rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Default value for download bandwidth"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default value for download rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Default value for upload bandwidth"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default value for upload rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Download Bandwidth (Mbps)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:135
msgid "Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Enable Limit Rate Feature"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable Traffic Priority"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable this feature"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:121
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:158
msgid "Hostname"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:134
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:153
msgid "IP Address"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:126
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:163
msgid "IP Address(V4 / V6)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:128
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:165
msgid "IP Address(V4 Only)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Limit Enable"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Limit Type"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:135
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:172
msgid "MAC (optional)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:48
msgid "MB"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:28
msgid "NFT-QoS Settings"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Network Interface for Traffic Shaping, e.g. br-lan, eth0.1, eth0, etc"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Network to be apply, e.g. 192.168.1.0/24, 10.2.0.0/16, etc"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Network to be apply, e.g. AAAA::BBBB/64, CCCC::1/128, etc"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:65
msgid "No information available"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:137
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:156
msgid "Packets Total"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:207
msgid "Priority"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:199
msgid "Protocol"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:16
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:23
msgid "Qos over Nftables"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:12
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:139
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:176
msgid "Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:130
msgid "Realtime Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:125
msgid "Realtime Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:149
msgid "Realtime Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "Service"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:116
msgid "Static QoS-Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:153
msgid "Static QoS-Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Target Network (IPv4/MASK)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Target Network6 (IPv6/MASK)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:127
msgid "This page gives an overview over currently download/upload rate."
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:194
msgid "Traffic Priority Settings"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Type of Limit Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:144
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:181
msgid "Unit"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Upload Bandwidth (Mbps)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:154
msgid "Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:96
msgid "White List for Limit Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "e.g. https, 23, (separator is comma)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:44
msgid "kB"
msgstr ""

250
package/lean/luci-app-nft-qos/po/zh-cn/nft-qos.po
View File

@ -1,250 +0,0 @@
msgid ""
msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Project-Id-Version: \n"
"POT-Creation-Date: \n"
"PO-Revision-Date: \n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Poedit 2.0.3\n"
"Last-Translator: \n"
"Plural-Forms: nplurals=1; plural=0;\n"
"Language: zh_CN\n"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:136
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:155
msgid "Bytes Total"
msgstr "字节总数"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:141
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:160
msgid "Collecting data..."
msgstr "正在收集数据"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:224
msgid "Comment"
msgstr "注释"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default Download Rate"
msgstr "默认下载速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default Download Unit"
msgstr "默认下载速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Default Network Interface"
msgstr "默认网络接口"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default Upload Rate"
msgstr "默认上传速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default Upload Unit"
msgstr "默认上传速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:53
msgid "Default unit for download rate"
msgstr "默认的下载速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:65
msgid "Default unit for upload rate"
msgstr "默认的上传速率单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Default value for download bandwidth"
msgstr "下载带宽的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:48
msgid "Default value for download rate"
msgstr "下载速率的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Default value for upload bandwidth"
msgstr "上传带宽的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:60
msgid "Default value for upload rate"
msgstr "上传速率的默认值"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:75
msgid "Download Bandwidth (Mbps)"
msgstr "下载带宽 (Mbps)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:135
msgid "Download Rate"
msgstr "下载速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Enable Limit Rate Feature"
msgstr "开启速率限制功能"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable Traffic Priority"
msgstr "开启流量优先级"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:103
msgid "Enable this feature"
msgstr "开启这个功能"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:121
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:158
msgid "Hostname"
msgstr "主机名"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:134
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:153
msgid "IP Address"
msgstr "IP地址"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:126
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:163
msgid "IP Address(V4 / V6)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:128
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:165
msgid "IP Address(V4 Only)"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:38
msgid "Limit Enable"
msgstr "限速开启"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Limit Type"
msgstr "限速类型"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:135
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:172
msgid "MAC (optional)"
msgstr "物理地址(可选)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:48
msgid "MB"
msgstr "MB"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:28
msgid "NFT-QoS Settings"
msgstr "NFT-QoS 设置"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:107
msgid "Network Interface for Traffic Shaping, e.g. br-lan, eth0.1, eth0, etc"
msgstr "流量整形的目标网络接口, 例如, br-lan, eth0.1, eth0, etc"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Network to be apply, e.g. 192.168.1.0/24, 10.2.0.0/16, etc"
msgstr "将要应用规则的网络, 例如, 192.168.1.0/24, 10.2.0.0/16, 等等"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Network to be apply, e.g. AAAA::BBBB/64, CCCC::1/128, etc"
msgstr "将要应用规则的网络, 例如, AAAA::BBBB/64, CCCC::1/128, 等等"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:65
msgid "No information available"
msgstr "没有更多的信息"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:137
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:156
msgid "Packets Total"
msgstr "数据包总数"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:207
msgid "Priority"
msgstr "优先级"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:199
msgid "Protocol"
msgstr "协议"
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:16
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:23
msgid "Qos over Nftables"
msgstr "QoS Nftables版"
#: applications/luci-app-nft-qos/luasrc/controller/nft-qos.lua:12
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:139
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:176
msgid "Rate"
msgstr "速率"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:130
msgid "Realtime Download Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:125
msgid "Realtime Rate"
msgstr "实时速率显示"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:149
msgid "Realtime Upload Rate"
msgstr ""
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "Service"
msgstr "服务/端口"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:116
msgid "Static QoS-Download Rate"
msgstr "静态QoS-下载速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:153
msgid "Static QoS-Upload Rate"
msgstr "静态QoS-上传速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:85
msgid "Target Network (IPv4/MASK)"
msgstr "目标网络(IPv4地址/掩码)"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:91
msgid "Target Network6 (IPv6/MASK)"
msgstr "目标网络v6(IPv6地址/掩码)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:127
msgid "This page gives an overview over currently download/upload rate."
msgstr "该页面提供了当前上传和下载速率的一个总览"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:194
msgid "Traffic Priority Settings"
msgstr "流量优先级设置"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:42
msgid "Type of Limit Rate"
msgstr "限速的类型"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:144
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:181
msgid "Unit"
msgstr "单位"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:80
msgid "Upload Bandwidth (Mbps)"
msgstr "上传带宽 (Mbps)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:154
msgid "Upload Rate"
msgstr "上传速率"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:96
msgid "White List for Limit Rate"
msgstr "限速白名单"
#: applications/luci-app-nft-qos/luasrc/model/cbi/nft-qos/nft-qos.lua:221
msgid "e.g. https, 23, (separator is comma)"
msgstr "例如, https, 23 (用逗号分隔)"
#: applications/luci-app-nft-qos/luasrc/view/nft-qos/rate.htm:44
msgid "kB"
msgstr "kB"
#~ msgid "Dynamic Rate Limit"
#~ msgstr "动态QoS"
#~ msgid "Rate Limit"
#~ msgstr "速率限制"
#~ msgid "Traffic Priority"
#~ msgstr "流量优先级"

2
package/lean/luci-app-ssr-plus/Makefile
View File

@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-ssr-plus PKG_NAME:=luci-app-ssr-plus
PKG_VERSION:=1 PKG_VERSION:=1
PKG_RELEASE:=62 PKG_RELEASE:=63
PO2LMO:=$(STAGING_DIR_HOSTPKG)/bin/po2lmo PO2LMO:=$(STAGING_DIR_HOSTPKG)/bin/po2lmo

10
package/lean/luci-app-ssr-plus/root/usr/bin/ssr-rules
View File

@ -2,6 +2,7 @@
# #
# Copyright (C) 2017 openwrt-ssr # Copyright (C) 2017 openwrt-ssr
# Copyright (C) 2017 yushi studio <ywb94@qq.com> # Copyright (C) 2017 yushi studio <ywb94@qq.com>
# Copyright (C) 2018 lean <coolsnowwolf@gmail.com>
# #
# This is free software, licensed under the GNU General Public License v3. # This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information. # See /LICENSE for more information.
@ -75,9 +76,12 @@ ipset_r() {
$(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /") $(gen_iplist | sed -e "s/^/add ss_spec_wan_ac /")
$(for ip in $WAN_FW_IP; do echo "add ss_spec_wan_ac $ip nomatch"; done) $(for ip in $WAN_FW_IP; do echo "add ss_spec_wan_ac $ip nomatch"; done)
EOF EOF
$IPT -N SS_SPEC_WAN_AC && \ $IPT -N SS_SPEC_WAN_AC
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN && \ ipset -N fplan hash:net 2>/dev/null
$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN && \ for ip in $LAN_FP_IP; do ipset -! add fplan $ip ; done
$IPT -I SS_SPEC_WAN_AC -m set --match-set fplan src -j SS_SPEC_WAN_FW
$IPT -I SS_SPEC_WAN_AC -d $server -j RETURN
$IPT -A SS_SPEC_WAN_AC -m set --match-set ss_spec_wan_ac dst -j RETURN
$IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW $IPT -A SS_SPEC_WAN_AC -j SS_SPEC_WAN_FW
else else
ipset -N gfwlist hash:net 2>/dev/null ipset -N gfwlist hash:net 2>/dev/null

2
package/lean/luci-app-usb-printer/Makefile
View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
LUCI_TITLE:=USB Printer Share via TCP/IP LUCI_TITLE:=USB Printer Share via TCP/IP
LUCI_DEPENDS:=+p910nd +kmod-usb-printer LUCI_DEPENDS:=+p910nd +kmod-usb-printer
PKG_VERSION:=1.0 PKG_VERSION:=1.0
PKG_RELEASE:=1 PKG_RELEASE:=2
include $(TOPDIR)/feeds/luci/luci.mk include $(TOPDIR)/feeds/luci/luci.mk

7
package/lean/luci-app-usb-printer/po/zh-cn/usb-printer.po
View File

@ -56,3 +56,10 @@ msgstr "USB 打印服务器"
msgid "Specifies the interface to listen on." msgid "Specifies the interface to listen on."
msgstr "指定要监听的接口。" msgstr "指定要监听的接口。"
msgid "NAS"
msgstr "网络存储"
msgid "Architecture"
msgstr "架构"

58
package/lean/nft-qos/Makefile
View File

@ -1,58 +0,0 @@
#
# Copyright (C) 2018 rosysong@rosinson.com
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=nft-qos
PKG_VERSION:=1.0.0
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Rosy Song <rosysong@rosinson.com>
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
define Package/nft-qos
SECTION:=utils
CATEGORY:=Base system
DEPENDS:=+nftables +kmod-nft-netdev +kmod-nft-bridge
TITLE:=QoS scripts over nftables
endef
define Package/nft-qos/description
This package provides implementation for qos over nftables.
Currently, static/dynamic qos and traffic shaping are supported.
endef
define Package/nft-qos/conffiles
/etc/config/nft-qos
endef
define Build/Prepare
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/nft-qos/install
$(INSTALL_DIR) $(1)/lib/nft-qos
$(INSTALL_DATA) ./files/lib/* $(1)/lib/nft-qos/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/nft-qos.config $(1)/etc/config/nft-qos
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/nft-qos.init $(1)/etc/init.d/nft-qos
$(INSTALL_DIR) $(1)/etc/hotplug.d/dhcp
$(INSTALL_BIN) ./files/nft-qos-monitor.hotplug $(1)/etc/hotplug.d/dhcp/00-nft-qos-monitor
$(INSTALL_BIN) ./files/nft-qos-dynamic.hotplug $(1)/etc/hotplug.d/dhcp/01-nft-qos-dynamic
endef
$(eval $(call BuildPackage,nft-qos))

93
package/lean/nft-qos/files/lib/core.sh
View File

@ -1,93 +0,0 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
# for uci_validate_section()
. /lib/functions/procd.sh
NFT_QOS_HAS_BRIDGE=
NFT_QOS_INET_FAMILY=ip
NFT_QOS_SCRIPT_TEXT=
NFT_QOS_SCRIPT_FILE=/tmp/qos.nft
qosdef_appendx() { # <string to be appended>
NFT_QOS_SCRIPT_TEXT="$NFT_QOS_SCRIPT_TEXT""$1"
}
qosdef_append_chain_def() { # <type> <hook> <priority> <policy>
qosdef_appendx "\t\ttype $1 hook $2 priority $3; policy $4;\n"
}
qosdef_append_chain_ingress() { # <type> <device> <priority> <policy>
qosdef_appendx "\t\ttype $1 hook ingress device $2 priority $3; policy $4;\n"
}
# qosdef_append_rule_{MATCH}_{STATEMENT}
qosdef_append_rule_ip_limit() { # <ipaddr> <operator> <unit> <rate>
local ipaddr=$1
local operator=$2
local unit=$3
local rate=$4
qosdef_appendx \
"\t\tip $operator $ipaddr limit rate over $rate $unit/second drop\n"
}
# qosdef_append_rule_{MATCH}_{POLICY}
qosdef_append_rule_ip_policy() { # <operator> <ipaddr> <policy>
qosdef_appendx "\t\tip $1 $2 $3\n"
}
_handle_limit_whitelist() { # <value> <chain>
local ipaddr=$1
local operator
[ -z "$ipaddr" ] && return
case "$2" in
download) operator="daddr";;
upload) operator="saddr";;
esac
qosdef_append_rule_ip_policy $operator $ipaddr accept
}
qosdef_append_rule_limit_whitelist() { # <chain>
config_list_foreach default limit_whitelist _handle_limit_whitelist $1
}
qosdef_flush_table() { # <family> <table>
nft flush table $1 $2 2>/dev/null
}
qosdef_remove_table() { # <family> <table>
nft delete table $1 $2 2>/dev/null
}
qosdef_init_header() { # add header for nft script
qosdef_appendx "#!/usr/sbin/nft -f\n"
qosdef_appendx "# Copyright (C) 2018 rosysong@rosinson.com\n"
qosdef_appendx "#\n\n"
}
qosdef_init_env() {
# check interface type of lan
local lt="$(uci_get "network.lan.type")"
[ "$lt" = "bridge" ] && export NFT_QOS_HAS_BRIDGE="y"
# check if ipv6 support
[ -e /proc/sys/net/ipv6 ] && export NFT_QOS_INET_FAMILY="inet"
}
qosdef_clean_cache() {
rm -f $NFT_QOS_SCRIPT_FILE
}
qosdef_init_done() {
echo -e $NFT_QOS_SCRIPT_TEXT > $NFT_QOS_SCRIPT_FILE 2>/dev/null
}
qosdef_start() {
nft -f $NFT_QOS_SCRIPT_FILE 2>/dev/null
}

89
package/lean/nft-qos/files/lib/dynamic.sh
View File

@ -1,89 +0,0 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
# return average rate for dhcp leases
qosdef_dynamic_rate() { # <bandwidth>
local c=0 c6=0
[ ! -e /tmp/dhcp.leases -a \
! -e /var/dhcp6.leases ] && return
[ -e /tmp/dhcp.leases ] && \
c=$(wc -l < /tmp/dhcp.leases 2>/dev/null)
[ -e /var/dhcp6.leases ] && \
c6=$(wc -l < /var/dhcp6.leases 2>/dev/null)
[ $c -eq 0 -a $c6 -eq 0 ] && \
{ echo 12500; return; }
echo $(($1 / ($c + $c6)))
}
qosdef_append_chain_dym() { # <hook> <name> <bandwidth>
local cidr cidr6
local operator rate
local hook=$1 name=$2 bandwidth=$3
config_get cidr default 'dynamic_cidr'
config_get cidr6 default 'dynamic_cidr6'
[ -z "$cidr" -a -z "$cidr6" ] && return
case "$2" in
download) operator=daddr;;
upload) operator=saddr;;
esac
rate=$(qosdef_dynamic_rate $bandwidth)
qosdef_appendx "\tchain $name {\n"
qosdef_append_chain_def filter $hook 0 accept
qosdef_append_rule_limit_whitelist $name
[ -n "$cidr" ] && \
qosdef_append_rule_ip_limit $cidr $operator kbytes $rate
[ -n "$cidr6" ] && \
qosdef_append_rule_ip_limit $cidr6 $operator kbytes $rate
qosdef_appendx "\t}\n"
}
qosdef_flush_dynamic() {
qosdef_flush_table "$NFT_QOS_INET_FAMILY" nft-qos-dynamic
}
# init dynamic qos
qosdef_init_dynamic() {
local dynamic_bw_up dynamic_bw_down limit_enable limit_type
local hook_ul="input" hook_dl="postrouting"
uci_validate_section nft-qos default default \
'limit_enable:bool:0' \
'limit_type:maxlength(8)' \
'dynamic_bw_up:uinteger:100' \
'dynamic_bw_down:uinteger:100'
[ $? -ne 0 ] && {
logger -t nft-qos-dynamic "validation failed"
return 1
}
[ $limit_enable -eq 0 -o \
"$limit_type" = "static" ] && return 1
# Transfer mbits/s to mbytes/s
# e.g. 100,000 kbits == 12,500 kbytes
dynamic_bw_up=$(($dynamic_bw_up * 1000 / 8))
dynamic_bw_down=$(($dynamic_bw_down * 1000 / 8))
[ -z "$NFT_QOS_HAS_BRIDGE" ] && {
hook_ul="postrouting"
hook_dl="input"
}
qosdef_appendx "table $NFT_QOS_INET_FAMILY nft-qos-dynamic {\n"
qosdef_append_chain_dym $hook_ul upload $dynamic_bw_up
qosdef_append_chain_dym $hook_dl download $dynamic_bw_down
qosdef_appendx "}\n"
}

39
package/lean/nft-qos/files/lib/monitor.sh
View File

@ -1,39 +0,0 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
qosdef_monitor_get_ip_handle() { # <family> <chain> <ip>
echo $(nft list chain $1 nft-qos-monitor $2 -a 2>/dev/null | grep $3 | awk '{print $11}')
}
qosdef_monitor_add() { # <mac> <ip> <hostname>
handle_dl=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY download $2)
[ -z "$handle_dl" ] && nft add rule $NFT_QOS_INET_FAMILY nft-qos-monitor download ip daddr $2 counter
handle_ul=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY upload $2)
[ -z "$handle_ul" ] && nft add rule $NFT_QOS_INET_FAMILY nft-qos-monitor upload ip saddr $2 counter
}
qosdef_monitor_del() { # <mac> <ip> <hostname>
local handle_dl handle_ul
handle_dl=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY download $2)
handle_ul=$(qosdef_monitor_get_ip_handle $NFT_QOS_INET_FAMILY upload $2)
[ -n "$handle_dl" ] && nft delete handle $handle_dl
[ -n "$handle_ul" ] && nft delete handle $handle_ul
}
# init qos monitor
qosdef_init_monitor() {
local hook_ul="input" hook_dl="postrouting"
[ -z "$NFT_QOS_HAS_BRIDGE" ] && {
hook_ul="postrouting"
hook_dl="input"
}
nft add table $NFT_QOS_INET_FAMILY nft-qos-monitor
nft add chain $NFT_QOS_INET_FAMILY nft-qos-monitor upload { type filter hook $hook_ul priority 0\; }
nft add chain $NFT_QOS_INET_FAMILY nft-qos-monitor download { type filter hook $hook_dl priority 0\; }
}

90
package/lean/nft-qos/files/lib/priority.sh
View File

@ -1,90 +0,0 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/functions/network.sh
. /lib/nft-qos/core.sh
P1=""; P2=""; P3=""; P4=""; P5=""; P6="";
P7=""; P8=""; P9=""; P10=""; P11="";
_qosdef_handle_protox() { # <priority> <rule>
case "$1" in
-400) P1="$P1""$2";;
-300) P2="$P2""$2";;
-225) P3="$P3""$2";;
-200) P4="$P4""$2";;
-150) P5="$P5""$2";;
-100) P6="$P6""$2";;
0) P7="$P7""$2";;
50) P8="$P8""$2";;
100) P9="$P9""$2";;
225) P10="$P10""$2";;
300) P11="$P11""$2";;
esac
}
qosdef_handle_protox() { # <section>
local proto prio srv
config_get proto $1 'protocol'
config_get prio $1 'priority'
config_get srv $1 'service'
[ -z "$proto" -o \
-z "$prio" -o \
-z "$srv" ] && return
_qosdef_handle_protox $prio \
"\t\t$proto dport { $srv } accept\n"
}
qosdef_append_rule_protox() { # <section>
config_foreach qosdef_handle_protox $1
qosdef_appendx \
"${P1}${P2}${P3}${P4}${P5}${P6}${P7}${P8}${P9}${P10}${P11}"
}
qosdef_append_chain_priority() { # <name> <section> <device>
local name=$1 device=$3
qosdef_appendx "\tchain $name {\n"
qosdef_append_chain_ingress filter $device 0 accept
qosdef_append_rule_protox $2
qosdef_appendx "\t}\n"
}
qosdef_remove_priority() {
qosdef_remove_table netdev nft-qos-priority
}
# init traffic priority
qosdef_init_priority() {
local priority_enable priority_netdev ifname="br-lan"
uci_validate_section nft-qos default default \
'priority_enable:bool:0' \
'priority_netdev:maxlength(8)'
[ $? -ne 0 ] && {
logger -t nft-qos-priority "validation failed"
return 1
}
[ $priority_enable -eq 0 ] && return 1
case "$priority_netdev" in
lan) [ "$(uci_get network.lan.type)" != "bridge" ] && {
network_get_device ifname "$priority_netdev" || \
ifname="$(uci_get network.lan.ifname)"
}
;;
wan*) network_get_device ifname "$priority_netdev" || \
ifname="$(uci_get network.$priority_netdev.ifname)"
esac
qosdef_appendx "table netdev nft-qos-priority {\n"
qosdef_append_chain_priority filter priority $ifname
qosdef_appendx "}\n"
}

73
package/lean/nft-qos/files/lib/static.sh
View File

@ -1,73 +0,0 @@
#!/bin/sh
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
# append rule for static qos
qosdef_append_rule_sta() { # <section> <operator> <default-unit> <default-rate>
local ipaddr unit rate
local operator=$2
config_get ipaddr $1 ipaddr
config_get unit $1 unit $3
config_get rate $1 rate $4
[ -z "$ipaddr" ] && return
qosdef_append_rule_ip_limit $ipaddr $operator $unit $rate
}
# append chain for static qos
qosdef_append_chain_sta() { # <hook> <name> <section> <unit> <rate>
local hook=$1 name=$2
local config=$3 operator
case "$name" in
download) operator="daddr";;
upload) operator="saddr";;
esac
qosdef_appendx "\tchain $name {\n"
qosdef_append_chain_def filter $hook 0 accept
qosdef_append_rule_limit_whitelist $name
config_foreach qosdef_append_rule_sta $config $operator $4 $5
qosdef_appendx "\t}\n"
}
qosdef_flush_static() {
qosdef_flush_table "$NFT_QOS_INET_FAMILY" nft-qos-static
}
# static limit rate init
qosdef_init_static() {
local unit_dl unit_ul rate_dl rate_ul
local limit_enable limit_type hook_ul="input" hook_dl="postrouting"
uci_validate_section nft-qos default default \
'limit_enable:bool:0' \
'limit_type:maxlength(8)' \
'static_unit_dl:string:kbytes' \
'static_unit_ul:string:kbytes' \
'static_rate_dl:uinteger:50' \
'static_rate_ul:uinteger:50'
[ $? -ne 0 ] && {
logger -t nft-qos-static "validation failed"
return 1
}
[ $limit_enable -eq 0 -o \
$limit_type = "dynamic" ] && return 1
[ -z "$NFT_QOS_HAS_BRIDGE" ] && {
hook_ul="postrouting"
hook_dl="input"
}
qosdef_appendx "table $NFT_QOS_INET_FAMILY nft-qos-static {\n"
qosdef_append_chain_sta $hook_ul upload upload $unit_ul $rate_ul
qosdef_append_chain_sta $hook_dl download download $unit_dl $rate_dl
qosdef_appendx "}\n"
}

40
package/lean/nft-qos/files/nft-qos-dynamic.hotplug
View File

@ -1,40 +0,0 @@
#!/bin/sh
#
# Copyright 2018 rosysong@rosinson.com
#
. /lib/functions.sh
. /lib/nft-qos/core.sh
. /lib/nft-qos/dynamic.sh
NFT_QOS_DYNAMIC_ON=
qosdef_validate_section_dynamic() {
local limit_enable limit_type
uci_validate_section nft-qos default default \
'limit_enable:bool:0' \
'limit_type:maxlength(8)'
[ $limit_enable -eq 1 -a \
"$limit_type" = "dynamic" ] && \
NFT_QOS_DYNAMIC_ON="y"
}
logger -t nft-qos-dynamic "ACTION=$ACTION, MACADDR=$MACADDR, IPADDR=$IPADDR, HOSTNAME=$HOSTNAME"
case "$ACTION" in
add | update | remove)
qosdef_validate_section_dynamic
[ -z "$NFT_QOS_DYNAMIC_ON" ] && return
qosdef_init_env
qosdef_flush_dynamic
qosdef_init_header
qosdef_init_dynamic
qosdef_init_done
qosdef_start
;;
esac

13
package/lean/nft-qos/files/nft-qos-monitor.hotplug
View File

@ -1,13 +0,0 @@
#!/bin/sh
#
# Copyright 2018 rosysong@rosinson.com
#
. /lib/nft-qos/monitor.sh
logger -t nft-qos-monitor "ACTION=$ACTION, MACADDR=$MACADDR, IPADDR=$IPADDR, HOSTNAME=$HOSTNAME"
case "$ACTION" in
add | update) qosdef_init_env && qosdef_monitor_add $MACADDR $IPADDR $HOSTNAME;;
remove) qosdef_init_env && qosdef_monitor_del $MACADDR $IPADDR $HOSTNAME;;
esac

106
package/lean/nft-qos/files/nft-qos.config
View File

@ -1,106 +0,0 @@
#
# Copyright (C) 2018 rosysong@rosinson.com
#
# This is the sample for nft-qos configuration file,
# which will generate a nftables script in /tmp/qos.nft
#
# Getting Started
# Official site :
# https://netfilter.org/projects/nftables/index.html
# What is nftables :
# https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
#
# Basic Operations
# Configuring Tables :
# https://wiki.nftables.org/wiki-nftables/index.php/Configuring_tables
# Configuring Chains :
# https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains
# Configuring Rules :
# https://wiki.nftables.org/wiki-nftables/index.php/Simple_rule_management
# Quick Reference (recommended) :
# https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes
# https://netfilter.org/projects/nftables/manpage.html
#
config default default
# Enable Flag for limit rate
option limit_enable '1'
# Options for enable Static QoS (rate limit)
option limit_type 'static'
# Options for Static QoS (rate limit)
option static_unit_dl 'kbytes'
option static_unit_ul 'kbytes'
option static_rate_dl '50'
option static_rate_ul '50'
# Options for enable Dynamic QoS
# This option can not compatible with Static QoS
# option limit_type 'dynamic'
# For Dynamic QoS Samples (unit of bandwidth is Mbps):
option dynamic_cidr '192.168.1.0/24'
option dynamic_cidr6 'AAAA:BBBB::1/64'
option dynamic_bw_up '100'
option dynamic_bw_down '100'
# White list for static/dynamic limit
# list limit_whitelist '192.168.1.225'
# list limit_whitelist '192.168.1.0/24'
# list limit_whitelist 'ABCD:CDEF::1/64'
# Options for Traffic Priority
option priority_enable '0'
option priority_netdev 'lan'
#
# For Static QoS Rate Limit Samples :
#
# For Download :
#config download
# option hostname 'My PC'
# option unit 'kbytes'
# option ipaddr '192.168.1.224'
# option rate '128'
#
# For Upload :
#config upload
# option hostname 'office-pc'
# option unit 'mbytes'
# option ipaddr 'ABCD:FFED::1/64'
# option rate '1024'
#
#
# Traffic Priority Samples :
#
# protocol : tcp, udp, udplite, sctp, dccp, tcp is default
# priority : integer between 1-11, 1 is default
# service : you can input a integer or service name, e.g. '22', '11-22', 'telnet', 'ssh, http, ftp', etc
#
#config priority
# option protocol 'tcp'
# option priority '-400'
# option service '23'
# option comment '?'
#
#config priority
# option protocol 'udp'
# option priority '-400'
# option service 'https'
# option comment '?'
#
#config priority
# option protocol 'dccp'
# option priority '0'
# option service '22-35'
# option comment '?'
#
#config priority
# option protocol 'dccp'
# option priority '300'
# option service 'ftp,ssh,http'
# option comment '?'
#

41
package/lean/nft-qos/files/nft-qos.init
View File

@ -1,41 +0,0 @@
#!/bin/sh /etc/rc.common
#
# Copyright (C) 2018 rosysong@rosinson.com
#
. /lib/nft-qos/core.sh
. /lib/nft-qos/monitor.sh
. /lib/nft-qos/dynamic.sh
. /lib/nft-qos/static.sh
. /lib/nft-qos/priority.sh
START=99
USE_PROCD=1
service_triggers() {
procd_add_reload_trigger nft-qos
}
start_service() {
config_load nft-qos
qosdef_init_env
qosdef_flush_static
qosdef_flush_dynamic
qosdef_remove_priority
qosdef_init_header
qosdef_init_monitor
qosdef_init_dynamic
qosdef_init_static
qosdef_init_priority
qosdef_init_done
qosdef_start
}
stop_service() {
qosdef_flush_dynamic
qosdef_flush_static
qosdef_remove_priority
qosdef_clean_cache
}

1
target/linux/ar71xx/config-4.14
View File

@ -422,6 +422,7 @@ CONFIG_MTD_PHYSMAP=y
CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK=-2 CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK=-2
CONFIG_MTD_REDBOOT_PARTS=y CONFIG_MTD_REDBOOT_PARTS=y
CONFIG_MTD_SPI_NOR=y CONFIG_MTD_SPI_NOR=y
# CONFIG_MTD_SPLIT_SQUASHFS_ROOT is not set
CONFIG_MTD_SPLIT_EVA_FW=y CONFIG_MTD_SPLIT_EVA_FW=y
CONFIG_MTD_SPLIT_FIRMWARE=y CONFIG_MTD_SPLIT_FIRMWARE=y
CONFIG_MTD_SPLIT_LZMA_FW=y CONFIG_MTD_SPLIT_LZMA_FW=y

1
target/linux/ar71xx/config-4.9
View File

@ -421,6 +421,7 @@ CONFIG_MTD_PHYSMAP=y
CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK=-2 CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK=-2
CONFIG_MTD_REDBOOT_PARTS=y CONFIG_MTD_REDBOOT_PARTS=y
CONFIG_MTD_SPI_NOR=y CONFIG_MTD_SPI_NOR=y
# CONFIG_MTD_SPLIT_SQUASHFS_ROOT is not set
CONFIG_MTD_SPLIT_EVA_FW=y CONFIG_MTD_SPLIT_EVA_FW=y
CONFIG_MTD_SPLIT_FIRMWARE=y CONFIG_MTD_SPLIT_FIRMWARE=y
CONFIG_MTD_SPLIT_LZMA_FW=y CONFIG_MTD_SPLIT_LZMA_FW=y