Added tunneldigger/l2tp packages

package/gluon-config-mode-tunneldigger/Makefile

@@ -0,0 +1,36 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gluon-config-mode-tunneldigger
+PKG_VERSION:=1
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(GLUONDIR)/include/package.mk
+
+PKG_CONFIG_DEPENDS += $(GLUON_I18N_CONFIG)
+
+
+define Package/gluon-config-mode-tunneldigger
+  SECTION:=gluon
+  CATEGORY:=Gluon
+  TITLE:=Toggle tunneldigger and bandwidth limit
+  DEPENDS:=gluon-config-mode-core-virtual +gluon-mesh-vpn-tunneldigger
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	$(call GluonBuildI18N,gluon-config-mode-tunneldigger,i18n)
+endef
+
+define Package/gluon-config-mode-tunneldigger/install
+	$(CP) ./files/* $(1)/
+	$(call GluonInstallI18N,gluon-config-mode-tunneldigger,$(1))
+endef
+
+$(eval $(call BuildPackage,gluon-config-mode-tunneldigger))

package/gluon-config-mode-tunneldigger/files/lib/gluon/config-mode/wizard/0300-mesh-vpn.lua

@@ -0,0 +1,64 @@
+local cbi = require "luci.cbi"
+local i18n = require "luci.i18n"
+local uci = luci.model.uci.cursor()
+
+local M = {}
+
+function M.section(form)
+  local msg = i18n.translate('Your internet connection can be used to establish a ' ..
+                             'L2TP VPN connection with other nodes. ' ..
+                             'Enable this option if there are no other nodes reachable ' ..
+                             'over WLAN in your vicinity or you want to make a part of ' ..
+                             'your connection\'s bandwidth available for the network. You can limit how ' ..
+                             'much bandwidth the node will use at most.')
+  local s = form:section(cbi.SimpleSection, nil, msg)
+  
+  local o
+
+  o = s:option(cbi.Flag, "_meshvpn", i18n.translate("Use internet connection (mesh VPN via L2TP)"))
+  o.default = uci:get_bool("tunneldigger", uci:get_first("tunneldigger", "broker"), "enabled") and o.enabled or o.disabled
+  o.rmempty = false
+
+  o = s:option(cbi.Flag, "_limit_enabled", i18n.translate("Limit bandwidth"))
+  o:depends("_meshvpn", "1")
+  o.default = uci:get_bool("simple-tc", "mesh_vpn", "enabled") and o.enabled or o.disabled
+  o.rmempty = false
+
+  o = s:option(cbi.Value, "_limit_ingress", i18n.translate("Downstream (kbit/s)"))
+  o:depends("_limit_enabled", "1")
+  o.value = uci:get("simple-tc", "mesh_vpn", "limit_ingress")
+  o.rmempty = false
+  o.datatype = "integer"
+
+  o = s:option(cbi.Value, "_limit_egress", i18n.translate("Upstream (kbit/s)"))
+  o:depends("_limit_enabled", "1")
+  o.value = uci:get("simple-tc", "mesh_vpn", "limit_egress")
+  o.rmempty = false
+  o.datatype = "integer"
+end
+
+function M.handle(data)
+  uci:set("tunneldigger", uci:get_first("tunneldigger", "broker"), "enabled", data._meshvpn)
+  uci:save("tunneldigger")
+  uci:commit("tunneldigger")
+
+  -- checks for nil needed due to o:depends(...)
+  if data._limit_enabled ~= nil then
+    uci:set("simple-tc", "mesh_vpn", "interface")
+    uci:set("simple-tc", "mesh_vpn", "enabled", data._limit_enabled)
+    uci:set("simple-tc", "mesh_vpn", "ifname", "mesh-vpn")
+
+    if data._limit_ingress ~= nil then
+      uci:set("simple-tc", "mesh_vpn", "limit_ingress", data._limit_ingress)
+    end
+
+    if data._limit_egress ~= nil then
+      uci:set("simple-tc", "mesh_vpn", "limit_egress", data._limit_egress)
+    end
+
+    uci:save("simple-tc")
+    uci:commit("simple-tc")
+  end
+end
+
+return M

package/gluon-config-mode-tunneldigger/i18n/de.po

@@ -0,0 +1,36 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"PO-Revision-Date: 2015-10-07 00:32+0100\n"
+"Last-Translator: Cyrus Fox <cyrus@lambdacore.de>\n"
+"Language-Team: German\n"
+"Language: de\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+msgid "Downstream (kbit/s)"
+msgstr "Downstream (kbit/s)"
+
+msgid "Limit bandwidth"
+msgstr "Bandbreite begrenzen"
+
+msgid "Upstream (kbit/s)"
+msgstr "Upstream (kbit/s)"
+
+msgid "Use internet connection (mesh VPN via L2TP)"
+msgstr "Internetverbindung nutzen (Mesh-VPN via L2TP)"
+
+msgid ""
+"Your internet connection can be used to establish a L2TP VPN connection "
+"with other nodes. Enable this option if there are no other nodes reachable "
+"over WLAN in your vicinity or you want to make a part of your connection's "
+"bandwidth available for the network. You can limit how much bandwidth the "
+"node will use at most."
+msgstr ""
+"Dein Knoten kann deine Internetverbindung nutzen um darüber eine "
+"L2TP-VPN Verbindung zu anderen Knoten aufzubauen. Die dafür "
+"genutzte Bandbreite kannst du beschränken. Aktiviere die Option, falls keine "
+"per WLAN erreichbaren Nachbarknoten in deiner Nähe sind oder du deine "
+"Internetverbindung für das Mesh-Netzwerk zur Verfügung stellen möchtest."

package/gluon-config-mode-tunneldigger/i18n/gluon-config-mode-tunneldigger.pot

@@ -0,0 +1,22 @@
+msgid ""
+msgstr "Content-Type: text/plain; charset=UTF-8"
+
+msgid "Downstream (kbit/s)"
+msgstr ""
+
+msgid "Limit bandwidth"
+msgstr ""
+
+msgid "Upstream (kbit/s)"
+msgstr ""
+
+msgid "Use internet connection (mesh VPN via L2TP)"
+msgstr ""
+
+msgid ""
+"Your internet connection can be used to establish a L2TP VPN connection "
+"with other nodes. Enable this option if there are no other nodes reachable "
+"over WLAN in your vicinity or you want to make a part of your connection's "
+"bandwidth available for the network. You can limit how much bandwidth the "
+"node will use at most."
+msgstr ""

package/gluon-mesh-vpn-tunneldigger/Makefile

@@ -0,0 +1,40 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gluon-mesh-vpn-tunneldigger
+PKG_VERSION:=3
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(GLUONDIR)/include/package.mk
+
+define Package/gluon-mesh-vpn-tunneldigger
+  SECTION:=gluon
+  CATEGORY:=Gluon
+  TITLE:=Support for connecting batman-adv meshes via tunneltigger/l2tpv3 pseudowire
+  DEPENDS:=+gluon-core gluon-mesh-batman-adv +gluon-wan-dnsmasq +tunneldigger +iptables-mod-extra +simple-tc
+endef
+
+define Package/gluon-mesh-vpn-tunneldigger/description
+	Gluon community wifi mesh firmware framework: tunneldigger support
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+define Package/gluon-mesh-vpn-tunneldigger/install
+	$(CP) ./files/* $(1)/
+endef
+
+define Package/gluon-mesh-vpn-tunneldigger/postinst
+#!/bin/sh
+$(call GluonCheckSite,check_site.lua)
+endef
+
+$(eval $(call BuildPackage,gluon-mesh-vpn-tunneldigger))

package/gluon-mesh-vpn-tunneldigger/check_site.lua

@@ -0,0 +1,9 @@
+need_number('tunneldigger_mesh_vpn.mtu')
+need_boolean('tunneldigger_mesh_vpn.enabled', false)
+need_string_array('tunneldigger_mesh_vpn.brokers')
+
+if need_table('tunneldigger_mesh_vpn.bandwidth_limit', nil, false) then
+  need_boolean('tunneldigger_mesh_vpn.bandwidth_limit.enabled', false)
+  need_number('tunneldigger_mesh_vpn.bandwidth_limit.ingress', false)
+  need_number('tunneldigger_mesh_vpn.bandwidth_limit.egress', false)
+end

package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/mesh-vpn-tunneldigger/iptables.rules

@@ -0,0 +1,3 @@
+*nat
+-I OUTPUT -m owner --gid-owner gluon-tunneldigger -o lo -d 127.0.0.1 -p udp --dport 53 -j DNAT --to-destination :54
+COMMIT

package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/400-mesh-vpn-tunneldigger

@@ -0,0 +1,61 @@
+#!/usr/bin/lua
+
+local site = require 'gluon.site_config'
+local users = require 'gluon.users'
+local util = require 'gluon.util'
+
+local uci = require('luci.model.uci').cursor()
+local lutil = require 'luci.util'
+
+-- Group for iptables rule
+users.add_group('gluon-tunneldigger', 900)
+
+local enabled = uci:get_first('tunneldigger', 'broker', 'enabled')
+if (tonumber(enabled) == 0) then
+  enabled = site.tunneldigger_mesh_vpn.enabled and 1 or 0
+end
+
+-- Delete old broker config section       
+uci:delete_all('tunneldigger', 'broker')
+
+section = uci:add('tunneldigger', 'broker')
+
+uci:section('tunneldigger', 'broker', section,
+	  {
+		  enabled = enabled,
+		  uuid = util.node_id(),
+		  interface = 'mesh-vpn',
+		  bind_interface = 'br-wan',
+		  group = 'gluon-tunneldigger',
+		  broker_selection = 'usage',
+		  address = site.tunneldigger_mesh_vpn.brokers,
+	  }
+)
+
+uci:save('tunneldigger')
+uci:commit('tunneldigger')
+
+uci:section('network', 'interface', 'mesh_vpn',
+	  {
+		  ifname = 'mesh-vpn',
+		  proto = 'batadv',
+		  mesh = 'bat0',
+		  mesh_no_rebroadcast = 1,
+		  mtu = site.tunneldigger_mesh_vpn.mtu,
+	  }
+)
+
+uci:save('network')
+uci:commit('network')
+
+
+uci:section('firewall', 'include', 'mesh_vpn_dns',
+	  {
+	    type = 'restore',
+	    path = '/lib/gluon/mesh-vpn-tunneldigger/iptables.rules',
+	    family = 'ipv4',
+	  }
+)
+
+uci:save('firewall')
+uci:commit('firewall')

package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/upgrade/420-mesh-vpn-tunneldigger-simple-tc

@@ -0,0 +1,32 @@
+#!/usr/bin/lua
+
+local site = require 'gluon.site_config'
+local uci = require('luci.model.uci').cursor()
+local fs = require 'nixio.fs'
+
+
+if fs.access('/etc/config/gluon-simple-tc') then
+  os.rename('/etc/config/gluon-simple-tc', '/etc/config/simple-tc')
+end
+
+
+if not uci:get('simple-tc', 'mesh_vpn') then
+  local config = {
+    ifname = 'mesh-vpn',
+    enabled = 0,
+  }
+
+
+  if site.tunneldigger_mesh_vpn.bandwidth_limit then
+    if site.tunneldigger_mesh_vpn.bandwidth_limit.enabled then
+      config.enabled = 1
+    end
+
+    config.limit_ingress = site.tunneldigger_mesh_vpn.bandwidth_limit.ingress
+    config.limit_egress = site.tunneldigger_mesh_vpn.bandwidth_limit.egress
+  end
+
+  uci:section('simple-tc', 'interface', 'mesh_vpn', config)
+  uci:save('simple-tc')
+  uci:commit('simple-tc')
+end

package/gluon-migrate-vpn/Makefile

@@ -0,0 +1,38 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gluon-migrate-vpn
+PKG_VERSION:=1
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(GLUONDIR)/include/package.mk
+
+define Package/gluon-migrate-vpn
+  SECTION:=gluon
+  CATEGORY:=Gluon
+  TITLE:=Enables either fastd or tunneldigger if the opposite was active before upgrading
+  DEPENDS:=+gluon-core
+endef
+
+define Package/gluon-migrate-vpn/description
+	Gluon community wifi mesh firmware framework: VPN service migration script
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+define Package/gluon-migrate-vpn/install
+	$(CP) ./files/* $(1)/
+endef
+
+define Package/gluon-migrate-vpn/postinst
+endef
+
+$(eval $(call BuildPackage,gluon-migrate-vpn))

package/gluon-migrate-vpn/files/lib/gluon/upgrade/499-migrate-vpn

@@ -0,0 +1,31 @@
+#!/usr/bin/lua
+
+local site = require 'gluon.site_config'
+local users = require 'gluon.users'
+local util = require 'gluon.util'
+
+local uci = require('luci.model.uci').cursor()
+local lutil = require 'luci.util'
+
+local tunneldigger_enabled = uci:get_first('tunneldigger', 'broker', 'enabled')
+local fastd_enabled = uci:get('fastd', 'mesh_vpn', 'enabled')
+
+local tunneldigger_installed = util.exec('sh' , '-c', 'opkg list-installed | grep -e \'^tunneldigger\'')
+local fastd_installed = util.exec('sh' , '-c', 'opkg list-installed | grep -e \'^fastd\'')
+
+local enabled = 0
+
+if (tonumber(tunneldigger_enabled) == 1 or tonumber(fastd_enabled) == 1) then
+  enabled = 1
+end
+
+if (enabled == 1 and tunneldigger_installed == 0 and fastd_installed == 256) then
+  uci:set("tunneldigger", uci:get_first("tunneldigger", "broker"), "enabled", enabled)
+  uci:save("tunneldigger")
+  uci:commit("tunneldigger")
+elseif (enabled == 1 and tunneldigger_installed == 256 and fastd_installed == 0) then
+  uci:set("fastd", "mesh_vpn", "enabled", enabled)
+  uci:save("fastd")
+  uci:commit("fastd")
+end
+

package/gluon-tunneldigger-watchdog/Makefile

@@ -0,0 +1,38 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gluon-tunneldigger-watchdog
+PKG_VERSION:=3
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(GLUONDIR)/include/package.mk
+
+define Package/gluon-tunneldigger-watchdog
+  SECTION:=gluon
+  CATEGORY:=Gluon
+  TITLE:=Automatically restarts tunneldigger if the client crashed
+  DEPENDS:=+gluon-mesh-vpn-tunneldigger
+endef
+
+define Package/gluon-tunneldigger-watchdog/description
+	Gluon community wifi mesh firmware framework: tunneldigger watchdog
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+define Package/gluon-tunneldigger-watchdog/install
+	$(CP) ./files/* $(1)/
+endef
+
+define Package/gluon-tunneldigger-watchdog/postinst
+endef
+
+$(eval $(call BuildPackage,gluon-tunneldigger-watchdog))

package/gluon-tunneldigger-watchdog/files/usr/bin/tunneldigger-watchdog

@@ -0,0 +1,12 @@
+#!/bin/sh
+PIDFILE=/var/run/tunneldigger.mesh-vpn.pid
+
+if [ "$(uci get tunneldigger.@broker[0].enabled)" == "1" ]; then
+    if [ "$(pgrep tunneldigger | head -n 1)" != "$(cat $PIDFILE)" ]; then
+        /etc/init.d/tunneldigger restart
+        logger -t tunneldiger-watchdog "Daemon not running, restarted tunneldigger."
+    elif [ "$(batctl o |grep mesh-vpn |wc -l)" == "0" ]; then
+        /etc/init.d/tunneldigger restart
+        logger -t tunneldiger-watchdog "No neighbours on mesh-vpn interface, restarted tunneldigger."
+    fi
+fi

package/gluon-tunneldigger-watchdog/files/usr/lib/micron.d/tunneldigger-watchdog

@@ -0,0 +1 @@
+*/5 * * * * /usr/bin/tunneldigger-watchdog

package/tunneldigger/Makefile

@@ -0,0 +1,47 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=tunneldigger
+PKG_VERSION:=0.4.7
+PKG_RELEASE:=1
+PKG_REV:=7cc92020cbafe5be2b24eb6bc943a65f151c2a18
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=git://github.com/wlanslovenija/tunneldigger.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=$(PKG_REV)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/tunneldigger
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+libnl-tiny +kmod-l2tp +kmod-l2tp-ip +kmod-l2tp-eth +librt +libpthread
+  TITLE:=L2TPv3 tunnel broker client
+endef
+
+TARGET_CFLAGS += \
+	-I$(STAGING_DIR)/usr/include/libnl-tiny \
+	-I$(STAGING_DIR)/usr/include \
+	-DLIBNL_TINY
+
+define Build/Prepare
+	$(call Build/Prepare/Default)
+	mv $(PKG_BUILD_DIR)/client/* $(PKG_BUILD_DIR)
+	sed -i s/-lnl/-lnl-tiny/g $(PKG_BUILD_DIR)/Makefile
+endef
+
+define Package/tunneldigger/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/l2tp_client $(1)/usr/bin/tunneldigger
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/tunneldigger.init $(1)/etc/init.d/tunneldigger
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DATA) ./files/config.default $(1)/etc/config/tunneldigger
+endef
+
+define Package/tunneldigger/conffiles
+/etc/config/tunneldigger
+endef
+
+$(eval $(call BuildPackage,tunneldigger))

package/tunneldigger/files/config.default

@@ -0,0 +1,10 @@
+config broker
+	list address 'x.y.z.w:8942'
+	list address 'x.y.z.w:53'
+	list address 'x.y.z.w:123'
+	option uuid 'abcd'
+	option group 'root'
+	option interface 'l2tp0'
+	option limit_bw_down '1024'
+	option broker_selection 'usage'
+	option enabled '0'

package/tunneldigger/files/tunneldigger.init

@@ -0,0 +1,97 @@
+#!/bin/sh /etc/rc.common
+
+. $IPKG_INSTROOT/lib/functions/network.sh
+
+START=90
+
+PIDPATH=/var/run
+tunnel_id=1
+
+missing() {
+	echo "Not starting tunneldigger - missing $1" >&2
+}
+
+config_cb() {
+	local cfg="$CONFIG_SECTION"
+	config_get configname "$cfg" TYPE
+	case "$configname" in
+		broker)
+			config_get_bool enabled "$cfg" enabled 1
+			config_get addresses "$cfg" address
+			config_get uuid "$cfg" uuid
+			config_get interface "$cfg" interface
+			config_get group "$cfg" group
+			config_get limit_bw_down "$cfg" limit_bw_down
+			config_get hook_script "$cfg" hook_script
+			config_get bind_interface "$cfg" bind_interface
+			config_get broker_selection "$cfg" broker_selection
+			
+			[ $enabled -eq 0 ] && return
+
+			local broker_opts=""
+			for address in $addresses; do
+			  append broker_opts "-b ${address}"
+			done
+
+			[ ! -z "${limit_bw_down}" ] && append broker_opts "-L ${limit_bw_down}"
+			[ ! -z "${hook_script}" ] && append broker_opts "-s ${hook_script}"
+			[ ! -z "${bind_interface}" ] && {
+				# Resolve logical interface name.
+				unset _bind_interface
+				network_get_device _bind_interface "${bind_interface}" || _bind_interface="${bind_interface}"
+				append broker_opts "-I ${_bind_interface}"
+			}
+			[ ! -z "${broker_selection}" ] && {
+				# Set broker selection.
+				case "${broker_selection}" in
+					usage)
+						append broker_opts "-a"
+					;;
+					first)
+						append broker_opts "-g"
+					;;
+					random)
+						append broker_opts "-r"
+					;;
+				esac
+			}
+
+			if [ -z "$uuid" ]; then
+				missing uuid
+				return
+			elif [ -z "$interface" ]; then
+				missing interface
+				return
+			fi
+
+			echo "Starting tunneldigger on ${interface}"
+			/sbin/start-stop-daemon -S -q -b -m -c root:${group} -p ${PIDPATH}/tunneldigger.${interface}.pid -x /usr/bin/tunneldigger -- -u ${uuid} -i ${interface} -t ${tunnel_id} ${broker_opts}
+
+			let tunnel_id++
+		;;
+	esac
+}
+
+start() {
+	config_load tunneldigger
+}
+
+stop() {
+	for PIDFILE in `find ${PIDPATH}/ -name "tunneldigger\.*\.pid"`; do
+		PID="$(cat ${PIDFILE})"
+		IFACE="$(echo ${PIDFILE} | awk -F\/tunneldigger '{print $2}' | cut -d'.' -f2)"
+		echo "Stopping tunneldigger for interface ${IFACE}"
+		start-stop-daemon -K -q -p $PIDFILE 
+		while test -d "/proc/${PID}"; do
+			echo "  waiting for tunneldigger to stop"
+			sleep 1
+		done
+		echo "  tunneldigger stopped"
+	done
+}
+
+restart() {
+	stop
+	start
+}
+