Message ID | 1505626685-21623-3-git-send-email-fff@chrisi01.de |
---|---|
State | Superseded |
Headers | show |
diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select deleted file mode 100755 index 16d9853..0000000 --- a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && { - sleep 3 - /usr/sbin/vpn-select -} - diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select deleted file mode 100644 index dc20486..0000000 --- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select +++ /dev/null @@ -1 +0,0 @@ -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select index c3d003f..1867913 100755 --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select @@ -5,21 +5,20 @@ test -f /tmp/started || exit make_config() { # remove old config >/etc/config/tunneldigger -rm /tmp/fastd_${project}_peers/* +rm /tmp/fastd_fff_peers/* count=0 # get fastd peers pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable) -wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output -filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output) +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_fff_output) for file in $filecounts; do - awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file - echo 'float yes;' >> /etc/fastd/$project/peers/$file + awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_fff_output | sed 's/ float;/;/g' > /etc/fastd/fff/peers/$file + echo 'float yes;' >> /etc/fastd/fff/peers/$file # ask for Broker and select the tunnel - IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file) + IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/fff/peers/$file) if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then # Gateway offers l2tp - FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/${project}/peers/$file) + FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/fff/peers/$file) L2PORT=$((FDPORT + 10000)) UUID=$hostname @@ -32,43 +31,27 @@ for file in $filecounts; do uci -c /tmp commit tunneldigger count=$((count + 1)) # remove this fastd-peer - rm /etc/fastd/${project}/peers/$file + rm /etc/fastd/fff/peers/$file fi done } # main -test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver -test_ipv4_host2="8.8.8.8" # Google DNS -test_ipv6_host1="heise.de" # heise Zeitschriftenverlag -# Only do something when the router has internet connection -if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || - ping -w5 -c3 "$test_ipv4_host2" &>/dev/null || - ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then +# Only do something when file is here and greater 0 byte +if [ -s /tmp/fastd_fff_output ]; then # set some vars - . /etc/community.cfg - project="$VPN_PROJECT" - mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null) - lat=$(uci get system.@system[0].latitude) - long=$(uci get system.@system[0].longitude) hostname=$(cat /proc/sys/kernel/hostname) [ "$hostname" = "OpenWrt" ] && hostname="" [ "$hostname" = "" ] && hostname="$mac" - if [ ! -d /tmp/fastd_${project}_peers ]; then + if [ ! -d /tmp/fastd_fff_peers ]; then # first run after reboot - mkdir /tmp/fastd_${project}_peers - # do we have a fastd secret - if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd &>/dev/null; then - secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ { print $2 }') - uci set fastd.${project}.secret="$secret" - uci commit fastd - fi + mkdir /tmp/fastd_fff_peers make_config # start fastd only if there are some peers left - [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start + [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start /etc/init.d/tunneldigger start else # check if new tunneldigger conf is different @@ -79,10 +62,10 @@ if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || /etc/init.d/fastd reload # fastd start/stop for various situations - if [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ]; then - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] || /etc/init.d/fastd start + if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] || /etc/init.d/fastd start else - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] && /etc/init.d/fastd stop + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] && /etc/init.d/fastd stop fi fi
Hallo, siehe ganz unten. > -----Original Message----- > From: franken-dev [mailto:franken-dev-bounces@freifunk.net] On Behalf > Of Christian Dresel > Sent: Sonntag, 17. September 2017 07:38 > To: franken-dev@freifunk.net > Subject: [PATCH v7 3/4] Reconfigure vpn-select for keyxchangev2 > > we need some little changes and copy some things to fff-hood later > > Signed-off-by: Christian Dresel <fff@chrisi01.de> > > Update in v6: > - remove /etc/community.cfg variables > - remove load lat/lon from uci system > > Update in v7: > - make main if smaller, only check if file greater 0 byte, no ping anymore > --- > .../files/etc/hotplug.d/iface/50-vpn-select | 6 --- > .../files/usr/lib/micron.d/vpn-select | 1 - > .../fff/fff-vpn-select/files/usr/sbin/vpn-select | 47 +++++++--------------- > 3 files changed, 15 insertions(+), 39 deletions(-) delete mode 100755 > src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select > delete mode 100644 src/packages/fff/fff-vpn- > select/files/usr/lib/micron.d/vpn-select > > diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- > select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- > select > deleted file mode 100755 > index 16d9853..0000000 > --- a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select > +++ /dev/null > @@ -1,6 +0,0 @@ > -#!/bin/sh > -[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && { > - sleep 3 > - /usr/sbin/vpn-select > -} > - > diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select > b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select > deleted file mode 100644 > index dc20486..0000000 > --- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select > +++ /dev/null > @@ -1 +0,0 @@ > -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select diff --git > a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > index c3d003f..1867913 100755 > --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > @@ -5,21 +5,20 @@ test -f /tmp/started || exit > make_config() { > # remove old config > >/etc/config/tunneldigger > -rm /tmp/fastd_${project}_peers/* > +rm /tmp/fastd_fff_peers/* > count=0 > # get fastd peers > pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show- > key --machine-readable) -wget -T15 "http://keyserver.freifunk- > franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port > &key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output - > filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print > $0; }' /tmp/fastd_${project}_output) > +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", > +$0); print $0; }' /tmp/fastd_fff_output) > for file in $filecounts; do > - awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" > /tmp/fastd_${project}_output | sed 's/ float;/;/g' > > /etc/fastd/$project/peers/$file > - echo 'float yes;' >> /etc/fastd/$project/peers/$file > + awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" > /tmp/fastd_fff_output | sed 's/ float;/;/g' > /etc/fastd/fff/peers/$file > + echo 'float yes;' >> /etc/fastd/fff/peers/$file > > # ask for Broker and select the tunnel > - IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file) > + IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/fff/peers/$file) > if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then > # Gateway offers l2tp > - FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' > /etc/fastd/${project}/peers/$file) > + FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' > + /etc/fastd/fff/peers/$file) > L2PORT=$((FDPORT + 10000)) > UUID=$hostname > > @@ -32,43 +31,27 @@ for file in $filecounts; do > uci -c /tmp commit tunneldigger > count=$((count + 1)) > # remove this fastd-peer > - rm /etc/fastd/${project}/peers/$file > + rm /etc/fastd/fff/peers/$file > fi > done > } > > # main > -test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken > keyserver > -test_ipv4_host2="8.8.8.8" # Google DNS > -test_ipv6_host1="heise.de" # heise Zeitschriftenverlag > > -# Only do something when the router has internet connection -if ping -w5 - > c3 "$test_ipv4_host1" &>/dev/null || > - ping -w5 -c3 "$test_ipv4_host2" &>/dev/null || > - ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then > +# Only do something when file is here and greater 0 byte if [ -s > +/tmp/fastd_fff_output ]; then > > # set some vars > - . /etc/community.cfg > - project="$VPN_PROJECT" > - mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' > /sys/class/net/br-mesh/address 2>/dev/null) > - lat=$(uci get system.@system[0].latitude) > - long=$(uci get system.@system[0].longitude) > hostname=$(cat /proc/sys/kernel/hostname) > [ "$hostname" = "OpenWrt" ] && hostname="" > [ "$hostname" = "" ] && hostname="$mac" > > - if [ ! -d /tmp/fastd_${project}_peers ]; then > + if [ ! -d /tmp/fastd_fff_peers ]; then > # first run after reboot > - mkdir /tmp/fastd_${project}_peers > - # do we have a fastd secret > - if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd &>/dev/null; > then > - secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ { print $2 }') > - uci set fastd.${project}.secret="$secret" > - uci commit fastd > - fi > + mkdir /tmp/fastd_fff_peers > make_config > # start fastd only if there are some peers left > - [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && /etc/init.d/fastd > start > + [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && > + /etc/init.d/fastd start > /etc/init.d/tunneldigger start > else > # check if new tunneldigger conf is different @@ -79,10 +62,10 @@ if > ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || > /etc/init.d/fastd reload > > # fastd start/stop for various situations > - if [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ]; then > - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] || /etc/init.d/fastd > start > + if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then > + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] || Hier und ... > + /etc/init.d/fastd start > else > - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] && /etc/init.d/fastd > stop > + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] && ... hier besteht nach wie vor ein Problem, wenn fastd.fff.pid leer ist oder nicht existiert. Mein Patch dazu liegt im Patchwork schon rum, aber natürlich für die alte Version. https://pw.freifunk-franken.de/patch/456/ Willst du das gleich mit einbauen oder soll ich einen eigenen Patch 5/5 für den Keyexchangev2 bauen? Beste Grüße Adrian > + /etc/init.d/fastd stop > fi > > fi > -- > 2.1.4 > > -- > franken-dev mailing list > franken-dev@freifunk.net > http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net
hi On 17.09.2017 12:54, mail@adrianschmutzler.de wrote: > Hallo, > > siehe ganz unten. > >> -----Original Message----- >> From: franken-dev [mailto:franken-dev-bounces@freifunk.net] On Behalf >> Of Christian Dresel >> Sent: Sonntag, 17. September 2017 07:38 >> To: franken-dev@freifunk.net >> Subject: [PATCH v7 3/4] Reconfigure vpn-select for keyxchangev2 >> >> we need some little changes and copy some things to fff-hood later >> >> Signed-off-by: Christian Dresel <fff@chrisi01.de> >> >> Update in v6: >> - remove /etc/community.cfg variables >> - remove load lat/lon from uci system >> >> Update in v7: >> - make main if smaller, only check if file greater 0 byte, no ping > anymore >> --- >> .../files/etc/hotplug.d/iface/50-vpn-select | 6 --- >> .../files/usr/lib/micron.d/vpn-select | 1 - >> .../fff/fff-vpn-select/files/usr/sbin/vpn-select | 47 > +++++++--------------- >> 3 files changed, 15 insertions(+), 39 deletions(-) delete mode 100755 >> src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select >> delete mode 100644 src/packages/fff/fff-vpn- >> select/files/usr/lib/micron.d/vpn-select >> >> diff --git > a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- >> select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- >> select >> deleted file mode 100755 >> index 16d9853..0000000 >> --- > a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select >> +++ /dev/null >> @@ -1,6 +0,0 @@ >> -#!/bin/sh >> -[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && { >> - sleep 3 >> - /usr/sbin/vpn-select >> -} >> - >> diff --git > a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select >> b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select >> deleted file mode 100644 >> index dc20486..0000000 >> --- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select >> +++ /dev/null >> @@ -1 +0,0 @@ >> -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select diff > --git >> a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select >> b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select >> index c3d003f..1867913 100755 >> --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select >> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select >> @@ -5,21 +5,20 @@ test -f /tmp/started || exit >> make_config() { >> # remove old config >> >/etc/config/tunneldigger >> -rm /tmp/fastd_${project}_peers/* >> +rm /tmp/fastd_fff_peers/* >> count=0 >> # get fastd peers >> pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - > --show- >> key --machine-readable) -wget -T15 "http://keyserver.freifunk- >> franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port >> &key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output - >> filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); > print >> $0; }' /tmp/fastd_${project}_output) >> +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", >> +$0); print $0; }' /tmp/fastd_fff_output) >> for file in $filecounts; do >> - awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" >> /tmp/fastd_${project}_output | sed 's/ float;/;/g' > >> /etc/fastd/$project/peers/$file >> - echo 'float yes;' >> /etc/fastd/$project/peers/$file >> + awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" >> /tmp/fastd_fff_output | sed 's/ float;/;/g' > /etc/fastd/fff/peers/$file >> + echo 'float yes;' >> /etc/fastd/fff/peers/$file >> >> # ask for Broker and select the tunnel >> - IP=$(awk -F\" '/remote/ {print $2}' > /etc/fastd/${project}/peers/$file) >> + IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/fff/peers/$file) >> if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then >> # Gateway offers l2tp >> - FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' >> /etc/fastd/${project}/peers/$file) >> + FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' >> + /etc/fastd/fff/peers/$file) >> L2PORT=$((FDPORT + 10000)) >> UUID=$hostname >> >> @@ -32,43 +31,27 @@ for file in $filecounts; do >> uci -c /tmp commit tunneldigger >> count=$((count + 1)) >> # remove this fastd-peer >> - rm /etc/fastd/${project}/peers/$file >> + rm /etc/fastd/fff/peers/$file >> fi >> done >> } >> >> # main >> -test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken >> keyserver >> -test_ipv4_host2="8.8.8.8" # Google DNS >> -test_ipv6_host1="heise.de" # heise Zeitschriftenverlag >> >> -# Only do something when the router has internet connection -if ping -w5 > - >> c3 "$test_ipv4_host1" &>/dev/null || >> - ping -w5 -c3 "$test_ipv4_host2" &>/dev/null || >> - ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then >> +# Only do something when file is here and greater 0 byte if [ -s >> +/tmp/fastd_fff_output ]; then >> >> # set some vars >> - . /etc/community.cfg >> - project="$VPN_PROJECT" >> - mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' >> /sys/class/net/br-mesh/address 2>/dev/null) >> - lat=$(uci get system.@system[0].latitude) >> - long=$(uci get system.@system[0].longitude) >> hostname=$(cat /proc/sys/kernel/hostname) >> [ "$hostname" = "OpenWrt" ] && hostname="" >> [ "$hostname" = "" ] && hostname="$mac" >> >> - if [ ! -d /tmp/fastd_${project}_peers ]; then >> + if [ ! -d /tmp/fastd_fff_peers ]; then >> # first run after reboot >> - mkdir /tmp/fastd_${project}_peers >> - # do we have a fastd secret >> - if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd > &>/dev/null; >> then >> - secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ { > print $2 }') >> - uci set fastd.${project}.secret="$secret" >> - uci commit fastd >> - fi >> + mkdir /tmp/fastd_fff_peers >> make_config >> # start fastd only if there are some peers left >> - [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && > /etc/init.d/fastd >> start >> + [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && >> + /etc/init.d/fastd start >> /etc/init.d/tunneldigger start >> else >> # check if new tunneldigger conf is different @@ -79,10 +62,10 @@ > if >> ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || >> /etc/init.d/fastd reload >> >> # fastd start/stop for various situations >> - if [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ]; then >> - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] || > /etc/init.d/fastd >> start >> + if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then >> + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] || > > Hier und ... > >> + /etc/init.d/fastd start >> else >> - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] && > /etc/init.d/fastd >> stop >> + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] && > > ... hier besteht nach wie vor ein Problem, wenn fastd.fff.pid leer ist oder > nicht existiert. > > Mein Patch dazu liegt im Patchwork schon rum, aber natürlich für die alte > Version. > > https://pw.freifunk-franken.de/patch/456/ > > Willst du das gleich mit einbauen oder soll ich einen eigenen Patch 5/5 für > den Keyexchangev2 bauen? ah stimmt, daran hab ich gar nicht mehr gedacht. Gut erwischt, danke. Ich denke das einfachste wäre, wenn du es einfach auf mein Patchset oben drauf baust oder? Muss dann auch nicht 5/5 sein sondern einfach ein extra Patch das halt erst nach meinen applied werden kann. mfg Christian > > Beste Grüße > > Adrian > >> + /etc/init.d/fastd stop >> fi >> >> fi >> -- >> 2.1.4 >> >> -- >> franken-dev mailing list >> franken-dev@freifunk.net >> http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net >
Hi zusammen Ich werde gleich den Patch von Adrian applien. Wenn es noch eine neue Version dieses Sets gibt, bitte rebasen. Wenn nicht, wird es beim applien rebased. Tim Am Sonntag, den 17.09.2017, 12:54 +0200 schrieb mail@adrianschmutzler.de: > Hallo, > > siehe ganz unten. > > > -----Original Message----- > > From: franken-dev [mailto:franken-dev-bounces@freifunk.net] On > > Behalf > > Of Christian Dresel > > Sent: Sonntag, 17. September 2017 07:38 > > To: franken-dev@freifunk.net > > Subject: [PATCH v7 3/4] Reconfigure vpn-select for keyxchangev2 > > > > we need some little changes and copy some things to fff-hood later > > > > Signed-off-by: Christian Dresel <fff@chrisi01.de> > > > > Update in v6: > > - remove /etc/community.cfg variables > > - remove load lat/lon from uci system > > > > Update in v7: > > - make main if smaller, only check if file greater 0 byte, no ping > > anymore > > --- > > .../files/etc/hotplug.d/iface/50-vpn-select | 6 --- > > .../files/usr/lib/micron.d/vpn-select | 1 - > > .../fff/fff-vpn-select/files/usr/sbin/vpn-select | 47 > > +++++++--------------- > > 3 files changed, 15 insertions(+), 39 deletions(-) delete mode > > 100755 > > src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- > > select > > delete mode 100644 src/packages/fff/fff-vpn- > > select/files/usr/lib/micron.d/vpn-select > > > > diff --git > > a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- > > select b/src/packages/fff/fff-vpn- > > select/files/etc/hotplug.d/iface/50-vpn- > > select > > deleted file mode 100755 > > index 16d9853..0000000 > > --- > > a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn- > select > > +++ /dev/null > > @@ -1,6 +0,0 @@ > > -#!/bin/sh > > -[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && { > > - sleep 3 > > - /usr/sbin/vpn-select > > -} > > - > > diff --git > > a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select > > b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select > > deleted file mode 100644 > > index dc20486..0000000 > > --- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn- > > select > > +++ /dev/null > > @@ -1 +0,0 @@ > > -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select > > diff > > --git > > a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > > b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > > index c3d003f..1867913 100755 > > --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > > +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select > > @@ -5,21 +5,20 @@ test -f /tmp/started || exit > > make_config() { > > # remove old config > > >/etc/config/tunneldigger > > -rm /tmp/fastd_${project}_peers/* > > +rm /tmp/fastd_fff_peers/* > > count=0 > > # get fastd peers > > pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c > > - > > --show- > > key --machine-readable) -wget -T15 "http://keyserver.freifunk- > > franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port > > &key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output - > > filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, > > "", $0); > > print > > $0; }' /tmp/fastd_${project}_output) > > +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, > > "", > > +$0); print $0; }' /tmp/fastd_fff_output) > > for file in $filecounts; do > > - awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" > > /tmp/fastd_${project}_output | sed 's/ float;/;/g' > > > /etc/fastd/$project/peers/$file > > - echo 'float yes;' >> /etc/fastd/$project/peers/$file > > + awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" > > /tmp/fastd_fff_output | sed 's/ float;/;/g' > > > /etc/fastd/fff/peers/$file > > + echo 'float yes;' >> /etc/fastd/fff/peers/$file > > > > # ask for Broker and select the tunnel > > - IP=$(awk -F\" '/remote/ {print $2}' > > /etc/fastd/${project}/peers/$file) > > + IP=$(awk -F\" '/remote/ {print $2}' > > /etc/fastd/fff/peers/$file) > > if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; > > then > > # Gateway offers l2tp > > - FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' > > /etc/fastd/${project}/peers/$file) > > + FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' > > + /etc/fastd/fff/peers/$file) > > L2PORT=$((FDPORT + 10000)) > > UUID=$hostname > > > > @@ -32,43 +31,27 @@ for file in $filecounts; do > > uci -c /tmp commit tunneldigger > > count=$((count + 1)) > > # remove this fastd-peer > > - rm /etc/fastd/${project}/peers/$file > > + rm /etc/fastd/fff/peers/$file > > fi > > done > > } > > > > # main > > -test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken > > keyserver > > -test_ipv4_host2="8.8.8.8" # Google DNS > > -test_ipv6_host1="heise.de" # heise Zeitschriftenverlag > > > > -# Only do something when the router has internet connection -if > > ping -w5 > > - > > c3 "$test_ipv4_host1" &>/dev/null || > > - ping -w5 -c3 "$test_ipv4_host2" &>/dev/null || > > - ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then > > +# Only do something when file is here and greater 0 byte if [ -s > > +/tmp/fastd_fff_output ]; then > > > > # set some vars > > - . /etc/community.cfg > > - project="$VPN_PROJECT" > > - mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' > > /sys/class/net/br-mesh/address 2>/dev/null) > > - lat=$(uci get system.@system[0].latitude) > > - long=$(uci get system.@system[0].longitude) > > hostname=$(cat /proc/sys/kernel/hostname) > > [ "$hostname" = "OpenWrt" ] && hostname="" > > [ "$hostname" = "" ] && hostname="$mac" > > > > - if [ ! -d /tmp/fastd_${project}_peers ]; then > > + if [ ! -d /tmp/fastd_fff_peers ]; then > > # first run after reboot > > - mkdir /tmp/fastd_${project}_peers > > - # do we have a fastd secret > > - if ! egrep "option secret '[0-9a-f]{64}'" > > /etc/config/fastd > > &>/dev/null; > > then > > - secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ > > { > > print $2 }') > > - uci set fastd.${project}.secret="$secret" > > - uci commit fastd > > - fi > > + mkdir /tmp/fastd_fff_peers > > make_config > > # start fastd only if there are some peers left > > - [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && > > /etc/init.d/fastd > > start > > + [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && > > + /etc/init.d/fastd start > > /etc/init.d/tunneldigger start > > else > > # check if new tunneldigger conf is different @@ -79,10 > > +62,10 @@ > > if > > ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || > > /etc/init.d/fastd reload > > > > # fastd start/stop for various situations > > - if [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ]; > > then > > - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] || > > /etc/init.d/fastd > > start > > + if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then > > + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] || > > Hier und ... > > > + /etc/init.d/fastd start > > else > > - [ -d /proc/$(cat /tmp/run/fastd.${project}.pid) ] && > > /etc/init.d/fastd > > stop > > + [ -d /proc/$(cat /tmp/run/fastd.fff.pid) ] && > > ... hier besteht nach wie vor ein Problem, wenn fastd.fff.pid leer > ist oder > nicht existiert. > > Mein Patch dazu liegt im Patchwork schon rum, aber natürlich für die > alte > Version. > > https://pw.freifunk-franken.de/patch/456/ > > Willst du das gleich mit einbauen oder soll ich einen eigenen Patch > 5/5 für > den Keyexchangev2 bauen? > > Beste Grüße > > Adrian > > > + /etc/init.d/fastd stop > > fi > > > > fi > > -- > > 2.1.4 > > > > -- > > franken-dev mailing list > > franken-dev@freifunk.net > > http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net > >
we need some little changes and copy some things to fff-hood later Signed-off-by: Christian Dresel <fff@chrisi01.de> Update in v6: - remove /etc/community.cfg variables - remove load lat/lon from uci system Update in v7: - make main if smaller, only check if file greater 0 byte, no ping anymore --- .../files/etc/hotplug.d/iface/50-vpn-select | 6 --- .../files/usr/lib/micron.d/vpn-select | 1 - .../fff/fff-vpn-select/files/usr/sbin/vpn-select | 47 +++++++--------------- 3 files changed, 15 insertions(+), 39 deletions(-) delete mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select delete mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select