nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-mesh-vpn-fastd: add L2TP offload support

Browse Source
This commit is contained in:
Matthias Schiffer 2021-03-07 20:47:27 +01:00
parent 15eeb86f42
commit 7c6befc7c3
No known key found for this signature in database
GPG Key ID: 16EF3F64CB201D9C
5 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
package/features
View File

@ -16,7 +16,12 @@ when(_'web-wizard' and _'autoupdater', {
'gluon-config-mode-autoupdater', 'gluon-config-mode-autoupdater',
}) })
when(_'web-wizard' and (_'mesh-vpn-fastd' or _'mesh-vpn-tunneldigger' or _'mesh-vpn-wireguard'), { when(_'web-wizard' and (
_'mesh-vpn-fastd' or
_'mesh-vpn-fastd-l2tp' or
_'mesh-vpn-tunneldigger' or
_'mesh-vpn-wireguard'
), {
'gluon-config-mode-mesh-vpn', 'gluon-config-mode-mesh-vpn',
}) })

13
package/gluon-mesh-vpn-fastd-l2tp/Makefile Normal file
View File

@ -0,0 +1,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-mesh-vpn-fastd-l2tp
PKG_VERSION:=1
include ../gluon.mk
define Package/gluon-mesh-vpn-fastd-l2tp
TITLE:=Support for connecting meshes via fastd (with L2TP kernel offloading)
DEPENDS:=+gluon-core +gluon-mesh-vpn-fastd +kmod-l2tp-eth +@GLUON_SPECIALIZE_KERNEL:KERNEL_L2TP
endef
$(eval $(call BuildPackageGluon,gluon-mesh-vpn-fastd-l2tp))

0
package/gluon-mesh-vpn-fastd-l2tp/files/lib/gluon/mesh-vpn/fastd/l2tp Normal file
View File

0
package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/fastd/.keep Normal file
View File

18
package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
View File

@ -5,6 +5,7 @@ local util = require 'gluon.util'
local vpn_core = require 'gluon.mesh-vpn' local vpn_core = require 'gluon.mesh-vpn'
local uci = require('simple-uci').cursor() local uci = require('simple-uci').cursor()
local unistd = require 'posix.unistd'
local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose' local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose'
@ -52,9 +53,19 @@ uci:section('fastd', 'fastd', 'mesh_vpn', {
secure_handshakes = true, secure_handshakes = true,
method = methods, method = methods,
packet_mark = 1, packet_mark = 1,
persist_interface = true,
offload_l2tp = false,
status_socket = '/var/run/fastd.mesh_vpn.socket', status_socket = '/var/run/fastd.mesh_vpn.socket',
}) })
uci:delete('fastd', 'mesh_vpn', 'peer_limit')
-- L2TP offload support
if unistd.access('/lib/gluon/mesh-vpn/fastd/l2tp') then
uci:set('fastd', 'mesh_vpn', 'mode', 'multitap')
uci:set('fastd', 'mesh_vpn', 'persist_interface', false)
uci:set('fastd', 'mesh_vpn', 'offload_l2tp', true)
uci:set('fastd', 'mesh_vpn', 'peer_limit', 1)
end
-- Collect list of groups that have peers with 'preserve' flag -- Collect list of groups that have peers with 'preserve' flag
local preserve_groups = {} local preserve_groups = {}
@ -96,6 +107,7 @@ local function add_peer(group, name, config)
enabled = true, enabled = true,
net = 'mesh_vpn', net = 'mesh_vpn',
group = group, group = group,
interface = 'mesh-vpn',
key = config.key, key = config.key,
remote = config.remotes, remote = config.remotes,
}) })
@ -125,5 +137,11 @@ end
add_groups('mesh_vpn', site.mesh_vpn.fastd.groups()) add_groups('mesh_vpn', site.mesh_vpn.fastd.groups())
-- Update preserved peers as well
uci:foreach('fastd', 'peer', function(peer)
if peer.net == 'mesh_vpn' then
uci:set('fastd', peer['.name'], 'interface', 'mesh-vpn')
end
end)
uci:save('fastd') uci:save('fastd')