From 41b504010200948030df50c20c5a6af99cc9b97b Mon Sep 17 00:00:00 2001 From: Tim Wilkinson Date: Mon, 14 Nov 2022 20:45:58 -0800 Subject: [PATCH] Improve xlink integration (#545) --- files/etc/local/mesh-firewall/05-xlink | 36 +++++++++++++------------- files/usr/local/bin/mgr/lqm.lua | 32 ++++++++++++++++++++++- files/usr/local/bin/olsrd-config | 13 +++++++++- files/www/cgi-bin/mesh | 7 +++++ 4 files changed, 68 insertions(+), 20 deletions(-) diff --git a/files/etc/local/mesh-firewall/05-xlink b/files/etc/local/mesh-firewall/05-xlink index 12743108..c6765ac4 100755 --- a/files/etc/local/mesh-firewall/05-xlink +++ b/files/etc/local/mesh-firewall/05-xlink @@ -42,29 +42,29 @@ if nixio.fs.stat("/etc/config.mesh/xlink") then uci.cursor("/etc/config.mesh"):foreach("xlink", "interface", function(section) local ifname = section.ifname - os.execute("/usr/sbin/iptables -D FORWARD -i " .. ifname .. " -j zone_vpn_forward 2>/dev/null") - os.execute("/usr/sbin/iptables -D INPUT -i " .. ifname .. " -j zone_vpn_input 2>/dev/null") - os.execute("/usr/sbin/iptables -D OUTPUT -o " .. ifname .. " -j zone_vpn_ACCEPT 2>/dev/null") - os.execute("/usr/sbin/iptables -D zone_vpn_ACCEPT -o " .. ifname .. " -j ACCEPT") - os.execute("/usr/sbin/iptables -D zone_vpn_ACCEPT -i " .. ifname .. " -j ACCEPT") - os.execute("/usr/sbin/iptables -D zone_vpn_REJECT -o " .. ifname .. " -j reject") - os.execute("/usr/sbin/iptables -D zone_vpn_REJECT -i " .. ifname .. " -j reject") - os.execute("/usr/sbin/iptables -D zone_vpn_dest_ACCEPT -o " .. ifname .. " -j ACCEPT") - os.execute("/usr/sbin/iptables -D zone_vpn_dest_REJECT -o " .. ifname .. " -j reject") + os.execute("/usr/sbin/iptables -D FORWARD -i " .. ifname .. " -j zone_dtdlink_forward") + os.execute("/usr/sbin/iptables -D INPUT -i " .. ifname .. " -j zone_dtdlink_input") + os.execute("/usr/sbin/iptables -D OUTPUT -o " .. ifname .. " -j zone_dtdlink_output") + os.execute("/usr/sbin/iptables -D zone_dtdlink_dest_ACCEPT -o " .. ifname .. " -j ACCEPT") + os.execute("/usr/sbin/iptables -D zone_dtdlink_dest_REJECT -o " .. ifname .. " -j reject") + os.execute("/usr/sbin/iptables -D zone_dtdlink_src_REJECT -i " .. ifname .. " -j reject") end ) + os.execute("/usr/sbin/iptables -D zone_dtdlink_forward -j zone_dtdlink_dest_ACCEPT") + local addrule = false uci.cursor("/etc/config.mesh"):foreach("xlink", "interface", function(section) local ifname = section.ifname - os.execute("/usr/sbin/iptables -I FORWARD -i " .. ifname .. " -j zone_vpn_forward") - os.execute("/usr/sbin/iptables -I INPUT -i " .. ifname .. " -j zone_vpn_input") - os.execute("/usr/sbin/iptables -I OUTPUT -o " .. ifname .. " -j zone_vpn_ACCEPT") - os.execute("/usr/sbin/iptables -A zone_vpn_ACCEPT -o " .. ifname .. " -j ACCEPT") - os.execute("/usr/sbin/iptables -A zone_vpn_ACCEPT -i " .. ifname .. " -j ACCEPT") - os.execute("/usr/sbin/iptables -A zone_vpn_REJECT -o " .. ifname .. " -j reject") - os.execute("/usr/sbin/iptables -A zone_vpn_REJECT -i " .. ifname .. " -j reject") - os.execute("/usr/sbin/iptables -A zone_vpn_dest_ACCEPT -o " .. ifname .. " -j ACCEPT") - os.execute("/usr/sbin/iptables -A zone_vpn_dest_REJECT -o " .. ifname .. " -j reject") + os.execute("/usr/sbin/iptables -I FORWARD -i " .. ifname .. " -j zone_dtdlink_forward") + os.execute("/usr/sbin/iptables -A INPUT -i " .. ifname .. " -j zone_dtdlink_input") + os.execute("/usr/sbin/iptables -A OUTPUT -o " .. ifname .. " -j zone_dtdlink_output") + os.execute("/usr/sbin/iptables -A zone_dtdlink_dest_ACCEPT -o " .. ifname .. " -j ACCEPT") + os.execute("/usr/sbin/iptables -A zone_dtdlink_dest_REJECT -o " .. ifname .. " -j reject") + os.execute("/usr/sbin/iptables -A zone_dtdlink_src_REJECT -i " .. ifname .. " -j reject") + addrule = true end ) + if addrule then + os.execute("/usr/sbin/iptables -I zone_dtdlink_forward -j zone_dtdlink_dest_ACCEPT") + end end diff --git a/files/usr/local/bin/mgr/lqm.lua b/files/usr/local/bin/mgr/lqm.lua index 5775b12a..0e5edd67 100755 --- a/files/usr/local/bin/mgr/lqm.lua +++ b/files/usr/local/bin/mgr/lqm.lua @@ -327,6 +327,36 @@ function lqm() end end + -- Xlink + if nixio.fs.stat("/etc/config.mesh/xlink") then + uci.cursor("/etc/config.mesh"):foreach("xlink", "interface", + function(section) + if section.peer and section.ifname then + local foundmac + for mac, entry in pairs(arps) + do + if entry["IP address"] == section.peer then + foundmac = mac + break + end + end + if foundmac then + stations[#stations + 1] = { + type = "Xlink", + device = section.ifname, + signal = nil, + ip = section.peer, + mac = foundmac, + tx_packets = 0, + tx_fail = 0, + tx_retries = 0 + } + end + end + end + ) + end + for _, station in ipairs(stations) do if station.signal ~= 0 and not our_macs[station.mac] then @@ -373,7 +403,7 @@ function lqm() if not track.hostname and track.ip then local hostname = nixio.getnameinfo(track.ip) if hostname then - track.hostname = hostname:lower():gsub("^dtdlink%.",""):gsub("^mid%d+%.",""):gsub("%.local%.mesh$", "") + track.hostname = hostname:lower():gsub("^dtdlink%.",""):gsub("^mid%d+%.",""):gsub("^xlink%d+%.",""):gsub("%.local%.mesh$", "") end end diff --git a/files/usr/local/bin/olsrd-config b/files/usr/local/bin/olsrd-config index b3cc6df5..14363d10 100755 --- a/files/usr/local/bin/olsrd-config +++ b/files/usr/local/bin/olsrd-config @@ -134,10 +134,21 @@ if dmz_mode ~= "0" then end end --- add a name for the dtdlink interface +-- add a name for the dtdlink and xlink interfaces if name then local dtdip = aredn.hardware.get_interface_ip4(aredn.hardware.get_iface_name("dtdlink")) hosts[#hosts + 1] = { ip = dtdip, host = "dtdlink." .. name .. ".local.mesh" } + if nixio.fs.stat("/etc/config.mesh/xlink") then + local count = 0 + uci.cursor("/etc/config.mesh"):foreach("xlink", "interface", + function(section) + if section.ipaddr then + hosts[#hosts + 1] = { ip = section.ipaddr, host = "xlink" .. count .. "." .. name .. ".local.mesh" } + count = count + 1 + end + end + ) + end end -- load the services diff --git a/files/www/cgi-bin/mesh b/files/www/cgi-bin/mesh index 794066a8..4a43ce89 100755 --- a/files/www/cgi-bin/mesh +++ b/files/www/cgi-bin/mesh @@ -345,6 +345,11 @@ if nixio.fs.stat("/var/run/hosts_olsr.stable") then if links[ip] then links[ip].dtd = true end + elseif name:match("^xlink%d+%.") then + dtd[originator] = true + if links[ip] then + links[ip].xlink = true + end elseif name:match("^mid%d+%.") then if not midcount[originator] then midcount[originator] = 1 @@ -663,6 +668,8 @@ do if ipmain ~= ip then if links[ip].dtd then nodeiface = "dtd" + elseif links[ip].xlink then + nodeiface = "xlink" elseif links[ip].tun then nodeiface = "tun" else