diff --git a/package/features b/package/features index 72887e3a..a061dd16 100644 --- a/package/features +++ b/package/features @@ -16,7 +16,7 @@ when(_'web-wizard' and _'autoupdater', { 'gluon-config-mode-autoupdater', }) -when(_'web-wizard' and (_'mesh-vpn-fastd' or _'mesh-vpn-tunneldigger'), { +when(_'web-wizard' and (_'mesh-vpn-fastd' or _'mesh-vpn-fastd-l2tp' or _'mesh-vpn-tunneldigger'), { 'gluon-config-mode-mesh-vpn', }) diff --git a/package/gluon-mesh-vpn-fastd-l2tp/Makefile b/package/gluon-mesh-vpn-fastd-l2tp/Makefile new file mode 100644 index 00000000..5add4f1d --- /dev/null +++ b/package/gluon-mesh-vpn-fastd-l2tp/Makefile @@ -0,0 +1,13 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=gluon-mesh-vpn-fastd-l2tp +PKG_VERSION:=1 + +include ../gluon.mk + +define Package/gluon-mesh-vpn-fastd-l2tp + TITLE:=Support for connecting meshes via fastd (with L2TP kernel offloading) + DEPENDS:=+gluon-core +gluon-mesh-vpn-fastd +fastd-l2tp +@GLUON_SPECIALIZE_KERNEL:KERNEL_L2TP +endef + +$(eval $(call BuildPackageGluon,gluon-mesh-vpn-fastd-l2tp)) diff --git a/package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/fastd b/package/gluon-mesh-vpn-fastd-l2tp/files/lib/gluon/mesh-vpn/fastd/l2tp similarity index 100% rename from package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/fastd rename to package/gluon-mesh-vpn-fastd-l2tp/files/lib/gluon/mesh-vpn/fastd/l2tp diff --git a/package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/fastd/.keep b/package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/fastd/.keep new file mode 100644 index 00000000..e69de29b diff --git a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd index 908c053f..668dc90b 100755 --- a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd +++ b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd @@ -4,6 +4,7 @@ local site = require 'gluon.site' local util = require 'gluon.util' local uci = require('simple-uci').cursor() +local unistd = require 'posix.unistd' local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose' @@ -45,9 +46,20 @@ uci:section('fastd', 'fastd', 'mesh_vpn', { secure_handshakes = true, method = methods, packet_mark = 1, + persist_interface = true, + offload_l2tp = false, status_socket = '/var/run/fastd.mesh_vpn.socket', }) uci:delete('fastd', 'mesh_vpn', 'user') +uci:delete('fastd', 'mesh_vpn', 'peer_limit') + +-- L2TP offload support +if unistd.access('/lib/gluon/mesh-vpn/fastd/l2tp') then + uci:set('fastd', 'mesh_vpn', 'mode', 'multitap') + uci:set('fastd', 'mesh_vpn', 'persist_interface', false) + uci:set('fastd', 'mesh_vpn', 'offload_l2tp', true) + uci:set('fastd', 'mesh_vpn', 'peer_limit', 1) +end -- Collect list of groups that have peers with 'preserve' flag @@ -90,6 +102,7 @@ local function add_peer(group, name, config) enabled = true, net = 'mesh_vpn', group = group, + interface = 'mesh-vpn', key = config.key, remote = config.remotes, }) @@ -119,5 +132,11 @@ end add_groups('mesh_vpn', site.mesh_vpn.fastd.groups()) +-- Update preserved peers as well +uci:foreach('fastd', 'peer', function(peer) + if peer.net == 'mesh_vpn' then + uci:set('fastd', peer['.name'], 'interface', 'mesh-vpn') + end +end) uci:save('fastd')