diff --git a/package/gluon-config-mode-tunneldigger/Makefile b/package/gluon-config-mode-tunneldigger/Makefile new file mode 100644 index 00000000..ecc75ef2 --- /dev/null +++ b/package/gluon-config-mode-tunneldigger/Makefile @@ -0,0 +1,36 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-config-mode-tunneldigger +PKG_VERSION:=1 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(GLUONDIR)/include/package.mk + +PKG_CONFIG_DEPENDS += $(GLUON_I18N_CONFIG) + + +define Package/gluon-config-mode-tunneldigger + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Toggle tunneldigger and bandwidth limit + DEPENDS:=gluon-config-mode-core-virtual +gluon-mesh-vpn-tunneldigger +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile + $(call GluonBuildI18N,gluon-config-mode-tunneldigger,i18n) +endef + +define Package/gluon-config-mode-tunneldigger/install + $(CP) ./files/* $(1)/ + $(call GluonInstallI18N,gluon-config-mode-tunneldigger,$(1)) +endef + +$(eval $(call BuildPackage,gluon-config-mode-tunneldigger)) diff --git a/package/gluon-config-mode-tunneldigger/files/lib/gluon/config-mode/wizard/0300-mesh-vpn.lua b/package/gluon-config-mode-tunneldigger/files/lib/gluon/config-mode/wizard/0300-mesh-vpn.lua new file mode 100755 index 00000000..a8d63f79 --- /dev/null +++ b/package/gluon-config-mode-tunneldigger/files/lib/gluon/config-mode/wizard/0300-mesh-vpn.lua @@ -0,0 +1,64 @@ +local cbi = require "luci.cbi" +local i18n = require "luci.i18n" +local uci = luci.model.uci.cursor() + +local M = {} + +function M.section(form) + local msg = i18n.translate('Your internet connection can be used to establish a ' .. + 'L2TP VPN connection with other nodes. ' .. + 'Enable this option if there are no other nodes reachable ' .. + 'over WLAN in your vicinity or you want to make a part of ' .. + 'your connection\'s bandwidth available for the network. You can limit how ' .. + 'much bandwidth the node will use at most.') + local s = form:section(cbi.SimpleSection, nil, msg) + + local o + + o = s:option(cbi.Flag, "_meshvpn", i18n.translate("Use internet connection (mesh VPN via L2TP)")) + o.default = uci:get_bool("tunneldigger", uci:get_first("tunneldigger", "broker"), "enabled") and o.enabled or o.disabled + o.rmempty = false + + o = s:option(cbi.Flag, "_limit_enabled", i18n.translate("Limit bandwidth")) + o:depends("_meshvpn", "1") + o.default = uci:get_bool("simple-tc", "mesh_vpn", "enabled") and o.enabled or o.disabled + o.rmempty = false + + o = s:option(cbi.Value, "_limit_ingress", i18n.translate("Downstream (kbit/s)")) + o:depends("_limit_enabled", "1") + o.value = uci:get("simple-tc", "mesh_vpn", "limit_ingress") + o.rmempty = false + o.datatype = "integer" + + o = s:option(cbi.Value, "_limit_egress", i18n.translate("Upstream (kbit/s)")) + o:depends("_limit_enabled", "1") + o.value = uci:get("simple-tc", "mesh_vpn", "limit_egress") + o.rmempty = false + o.datatype = "integer" +end + +function M.handle(data) + uci:set("tunneldigger", uci:get_first("tunneldigger", "broker"), "enabled", data._meshvpn) + uci:save("tunneldigger") + uci:commit("tunneldigger") + + -- checks for nil needed due to o:depends(...) + if data._limit_enabled ~= nil then + uci:set("simple-tc", "mesh_vpn", "interface") + uci:set("simple-tc", "mesh_vpn", "enabled", data._limit_enabled) + uci:set("simple-tc", "mesh_vpn", "ifname", "mesh-vpn") + + if data._limit_ingress ~= nil then + uci:set("simple-tc", "mesh_vpn", "limit_ingress", data._limit_ingress) + end + + if data._limit_egress ~= nil then + uci:set("simple-tc", "mesh_vpn", "limit_egress", data._limit_egress) + end + + uci:save("simple-tc") + uci:commit("simple-tc") + end +end + +return M diff --git a/package/gluon-config-mode-tunneldigger/i18n/de.po b/package/gluon-config-mode-tunneldigger/i18n/de.po new file mode 100644 index 00000000..7ae434c8 --- /dev/null +++ b/package/gluon-config-mode-tunneldigger/i18n/de.po @@ -0,0 +1,36 @@ +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"PO-Revision-Date: 2015-10-07 00:32+0100\n" +"Last-Translator: Cyrus Fox \n" +"Language-Team: German\n" +"Language: de\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +msgid "Downstream (kbit/s)" +msgstr "Downstream (kbit/s)" + +msgid "Limit bandwidth" +msgstr "Bandbreite begrenzen" + +msgid "Upstream (kbit/s)" +msgstr "Upstream (kbit/s)" + +msgid "Use internet connection (mesh VPN via L2TP)" +msgstr "Internetverbindung nutzen (Mesh-VPN via L2TP)" + +msgid "" +"Your internet connection can be used to establish a L2TP VPN connection " +"with other nodes. Enable this option if there are no other nodes reachable " +"over WLAN in your vicinity or you want to make a part of your connection's " +"bandwidth available for the network. You can limit how much bandwidth the " +"node will use at most." +msgstr "" +"Dein Knoten kann deine Internetverbindung nutzen um darüber eine " +"L2TP-VPN Verbindung zu anderen Knoten aufzubauen. Die dafür " +"genutzte Bandbreite kannst du beschränken. Aktiviere die Option, falls keine " +"per WLAN erreichbaren Nachbarknoten in deiner Nähe sind oder du deine " +"Internetverbindung für das Mesh-Netzwerk zur Verfügung stellen möchtest." diff --git a/package/gluon-config-mode-tunneldigger/i18n/gluon-config-mode-tunneldigger.pot b/package/gluon-config-mode-tunneldigger/i18n/gluon-config-mode-tunneldigger.pot new file mode 100644 index 00000000..de18498d --- /dev/null +++ b/package/gluon-config-mode-tunneldigger/i18n/gluon-config-mode-tunneldigger.pot @@ -0,0 +1,22 @@ +msgid "" +msgstr "Content-Type: text/plain; charset=UTF-8" + +msgid "Downstream (kbit/s)" +msgstr "" + +msgid "Limit bandwidth" +msgstr "" + +msgid "Upstream (kbit/s)" +msgstr "" + +msgid "Use internet connection (mesh VPN via L2TP)" +msgstr "" + +msgid "" +"Your internet connection can be used to establish a L2TP VPN connection " +"with other nodes. Enable this option if there are no other nodes reachable " +"over WLAN in your vicinity or you want to make a part of your connection's " +"bandwidth available for the network. You can limit how much bandwidth the " +"node will use at most." +msgstr "" diff --git a/package/gluon-mesh-vpn-tunneldigger/Makefile b/package/gluon-mesh-vpn-tunneldigger/Makefile new file mode 100644 index 00000000..bc99337e --- /dev/null +++ b/package/gluon-mesh-vpn-tunneldigger/Makefile @@ -0,0 +1,40 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-mesh-vpn-tunneldigger +PKG_VERSION:=3 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(GLUONDIR)/include/package.mk + +define Package/gluon-mesh-vpn-tunneldigger + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Support for connecting batman-adv meshes via tunneltigger/l2tpv3 pseudowire + DEPENDS:=+gluon-core gluon-mesh-batman-adv +gluon-wan-dnsmasq +tunneldigger +iptables-mod-extra +simple-tc +endef + +define Package/gluon-mesh-vpn-tunneldigger/description + Gluon community wifi mesh firmware framework: tunneldigger support +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-mesh-vpn-tunneldigger/install + $(CP) ./files/* $(1)/ +endef + +define Package/gluon-mesh-vpn-tunneldigger/postinst +#!/bin/sh +$(call GluonCheckSite,check_site.lua) +endef + +$(eval $(call BuildPackage,gluon-mesh-vpn-tunneldigger)) diff --git a/package/gluon-mesh-vpn-tunneldigger/check_site.lua b/package/gluon-mesh-vpn-tunneldigger/check_site.lua new file mode 100644 index 00000000..b0d2abd4 --- /dev/null +++ b/package/gluon-mesh-vpn-tunneldigger/check_site.lua @@ -0,0 +1,9 @@ +need_number('tunneldigger_mesh_vpn.mtu') +need_boolean('tunneldigger_mesh_vpn.enabled', false) +need_string_array('tunneldigger_mesh_vpn.brokers') + +if need_table('tunneldigger_mesh_vpn.bandwidth_limit', nil, false) then + need_boolean('tunneldigger_mesh_vpn.bandwidth_limit.enabled', false) + need_number('tunneldigger_mesh_vpn.bandwidth_limit.ingress', false) + need_number('tunneldigger_mesh_vpn.bandwidth_limit.egress', false) +end diff --git a/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/mesh-vpn-tunneldigger/iptables.rules b/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/mesh-vpn-tunneldigger/iptables.rules new file mode 100644 index 00000000..2b16750c --- /dev/null +++ b/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/mesh-vpn-tunneldigger/iptables.rules @@ -0,0 +1,3 @@ +*nat +-I OUTPUT -m owner --gid-owner gluon-tunneldigger -o lo -d 127.0.0.1 -p udp --dport 53 -j DNAT --to-destination :54 +COMMIT diff --git a/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/400-mesh-vpn-tunneldigger b/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/400-mesh-vpn-tunneldigger new file mode 100755 index 00000000..462562d5 --- /dev/null +++ b/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/400-mesh-vpn-tunneldigger @@ -0,0 +1,61 @@ +#!/usr/bin/lua + +local site = require 'gluon.site_config' +local users = require 'gluon.users' +local util = require 'gluon.util' + +local uci = require('luci.model.uci').cursor() +local lutil = require 'luci.util' + +-- Group for iptables rule +users.add_group('gluon-tunneldigger', 900) + +local enabled = uci:get_first('tunneldigger', 'broker', 'enabled') +if (tonumber(enabled) == 0) then + enabled = site.tunneldigger_mesh_vpn.enabled and 1 or 0 +end + +-- Delete old broker config section +uci:delete_all('tunneldigger', 'broker') + +section = uci:add('tunneldigger', 'broker') + +uci:section('tunneldigger', 'broker', section, + { + enabled = enabled, + uuid = util.node_id(), + interface = 'mesh-vpn', + bind_interface = 'br-wan', + group = 'gluon-tunneldigger', + broker_selection = 'usage', + address = site.tunneldigger_mesh_vpn.brokers, + } +) + +uci:save('tunneldigger') +uci:commit('tunneldigger') + +uci:section('network', 'interface', 'mesh_vpn', + { + ifname = 'mesh-vpn', + proto = 'batadv', + mesh = 'bat0', + mesh_no_rebroadcast = 1, + mtu = site.tunneldigger_mesh_vpn.mtu, + } +) + +uci:save('network') +uci:commit('network') + + +uci:section('firewall', 'include', 'mesh_vpn_dns', + { + type = 'restore', + path = '/lib/gluon/mesh-vpn-tunneldigger/iptables.rules', + family = 'ipv4', + } +) + +uci:save('firewall') +uci:commit('firewall') diff --git a/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/420-mesh-vpn-tunneldigger-simple-tc b/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/420-mesh-vpn-tunneldigger-simple-tc new file mode 100755 index 00000000..35c43e28 --- /dev/null +++ b/package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/420-mesh-vpn-tunneldigger-simple-tc @@ -0,0 +1,32 @@ +#!/usr/bin/lua + +local site = require 'gluon.site_config' +local uci = require('luci.model.uci').cursor() +local fs = require 'nixio.fs' + + +if fs.access('/etc/config/gluon-simple-tc') then + os.rename('/etc/config/gluon-simple-tc', '/etc/config/simple-tc') +end + + +if not uci:get('simple-tc', 'mesh_vpn') then + local config = { + ifname = 'mesh-vpn', + enabled = 0, + } + + + if site.tunneldigger_mesh_vpn.bandwidth_limit then + if site.tunneldigger_mesh_vpn.bandwidth_limit.enabled then + config.enabled = 1 + end + + config.limit_ingress = site.tunneldigger_mesh_vpn.bandwidth_limit.ingress + config.limit_egress = site.tunneldigger_mesh_vpn.bandwidth_limit.egress + end + + uci:section('simple-tc', 'interface', 'mesh_vpn', config) + uci:save('simple-tc') + uci:commit('simple-tc') +end diff --git a/package/gluon-migrate-vpn/Makefile b/package/gluon-migrate-vpn/Makefile new file mode 100644 index 00000000..a731cf21 --- /dev/null +++ b/package/gluon-migrate-vpn/Makefile @@ -0,0 +1,38 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-migrate-vpn +PKG_VERSION:=1 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(GLUONDIR)/include/package.mk + +define Package/gluon-migrate-vpn + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Enables either fastd or tunneldigger if the opposite was active before upgrading + DEPENDS:=+gluon-core +endef + +define Package/gluon-migrate-vpn/description + Gluon community wifi mesh firmware framework: VPN service migration script +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-migrate-vpn/install + $(CP) ./files/* $(1)/ +endef + +define Package/gluon-migrate-vpn/postinst +endef + +$(eval $(call BuildPackage,gluon-migrate-vpn)) diff --git a/package/gluon-migrate-vpn/files/lib/gluon/upgrade/499-migrate-vpn b/package/gluon-migrate-vpn/files/lib/gluon/upgrade/499-migrate-vpn new file mode 100755 index 00000000..24e8e315 --- /dev/null +++ b/package/gluon-migrate-vpn/files/lib/gluon/upgrade/499-migrate-vpn @@ -0,0 +1,31 @@ +#!/usr/bin/lua + +local site = require 'gluon.site_config' +local users = require 'gluon.users' +local util = require 'gluon.util' + +local uci = require('luci.model.uci').cursor() +local lutil = require 'luci.util' + +local tunneldigger_enabled = uci:get_first('tunneldigger', 'broker', 'enabled') +local fastd_enabled = uci:get('fastd', 'mesh_vpn', 'enabled') + +local tunneldigger_installed = util.exec('sh' , '-c', 'opkg list-installed | grep -e \'^tunneldigger\'') +local fastd_installed = util.exec('sh' , '-c', 'opkg list-installed | grep -e \'^fastd\'') + +local enabled = 0 + +if (tonumber(tunneldigger_enabled) == 1 or tonumber(fastd_enabled) == 1) then + enabled = 1 +end + +if (enabled == 1 and tunneldigger_installed == 0 and fastd_installed == 256) then + uci:set("tunneldigger", uci:get_first("tunneldigger", "broker"), "enabled", enabled) + uci:save("tunneldigger") + uci:commit("tunneldigger") +elseif (enabled == 1 and tunneldigger_installed == 256 and fastd_installed == 0) then + uci:set("fastd", "mesh_vpn", "enabled", enabled) + uci:save("fastd") + uci:commit("fastd") +end + diff --git a/package/gluon-tunneldigger-watchdog/Makefile b/package/gluon-tunneldigger-watchdog/Makefile new file mode 100644 index 00000000..c88d86e2 --- /dev/null +++ b/package/gluon-tunneldigger-watchdog/Makefile @@ -0,0 +1,38 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-tunneldigger-watchdog +PKG_VERSION:=3 + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) + +include $(GLUONDIR)/include/package.mk + +define Package/gluon-tunneldigger-watchdog + SECTION:=gluon + CATEGORY:=Gluon + TITLE:=Automatically restarts tunneldigger if the client crashed + DEPENDS:=+gluon-mesh-vpn-tunneldigger +endef + +define Package/gluon-tunneldigger-watchdog/description + Gluon community wifi mesh firmware framework: tunneldigger watchdog +endef + +define Build/Prepare + mkdir -p $(PKG_BUILD_DIR) +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/gluon-tunneldigger-watchdog/install + $(CP) ./files/* $(1)/ +endef + +define Package/gluon-tunneldigger-watchdog/postinst +endef + +$(eval $(call BuildPackage,gluon-tunneldigger-watchdog)) diff --git a/package/gluon-tunneldigger-watchdog/files/usr/bin/tunneldigger-watchdog b/package/gluon-tunneldigger-watchdog/files/usr/bin/tunneldigger-watchdog new file mode 100755 index 00000000..8b26212f --- /dev/null +++ b/package/gluon-tunneldigger-watchdog/files/usr/bin/tunneldigger-watchdog @@ -0,0 +1,12 @@ +#!/bin/sh +PIDFILE=/var/run/tunneldigger.mesh-vpn.pid + +if [ "$(uci get tunneldigger.@broker[0].enabled)" == "1" ]; then + if [ "$(pgrep tunneldigger | head -n 1)" != "$(cat $PIDFILE)" ]; then + /etc/init.d/tunneldigger restart + logger -t tunneldiger-watchdog "Daemon not running, restarted tunneldigger." + elif [ "$(batctl o |grep mesh-vpn |wc -l)" == "0" ]; then + /etc/init.d/tunneldigger restart + logger -t tunneldiger-watchdog "No neighbours on mesh-vpn interface, restarted tunneldigger." + fi +fi diff --git a/package/gluon-tunneldigger-watchdog/files/usr/lib/micron.d/tunneldigger-watchdog b/package/gluon-tunneldigger-watchdog/files/usr/lib/micron.d/tunneldigger-watchdog new file mode 100644 index 00000000..c4ae3bc6 --- /dev/null +++ b/package/gluon-tunneldigger-watchdog/files/usr/lib/micron.d/tunneldigger-watchdog @@ -0,0 +1 @@ +*/5 * * * * /usr/bin/tunneldigger-watchdog