mirrors/asuswrt-merlin.ng
1
0
Fork 0
mirror of https://github.com/gnuton/asuswrt-merlin.ng.git synced 2025-05-19 07:51:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
asuswrt-merlin.ng/release/src-rt-5.02axhnd.675x/targets/fs.src/rom/etc/mptcp.sh

125 lines
3.7 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/sh
config() {
LAN_DEV=$2
PROXY_SERVER_ADDR=$3
PROXY_SERVER_PORT=$4
WAN1_DEV=$5
WAN1_ADDR=$6
WAN1_GW=$7
WAN1_NET=$8
WAN2_DEV=$9
WAN2_ADDR=${10}
WAN2_GW=${11}
WAN2_NET=${12}
echo "LAN_DEV=$LAN_DEV PROXY_SERVER_ADDR=$PROXY_SERVER_ADDR PROXY_SERVER_PORT=$PROXY_SERVER_PORT"
echo "WAN1_DEV=$WAN1_DEV WAN1_ADDR=$WAN1_ADDR WAN1_GW=$WAN1_GW WAN1_NET=$WAN1_NET"
echo "WAN2_DEV=$WAN2_DEV WAN2_ADDR=$WAN2_ADDR WAN2_GW=$WAN2_GW WAN2_NET=$WAN2_NET"
}
usage() {
echo "##### Usage #####"
echo "mptcp.sh stop"
echo " OR"
echo "mptcp.sh start landev proxt_server_ip porxy_server_port wan1_dev wan1_addr wan1_gw wan1_net wan2_dev wan2_addr wan2_gw wan2_net"
echo "ex: mptcp.sh start br0 4.4.4.4 1080 ptm0.1 3.3.3.1 3.3.3.3 3.3.3.0 eth0.1 2.2.2.1 2.2.2.2 2.2.2.0"
exit
}
cleanup() {
ip rule del table 1 2> /dev/null
ip rule del table 2 2> /dev/null
ip route flush table 1 2> /dev/null
ip route flush table 2 2> /dev/null
iptables -w -t nat -D PREROUTING -i $LAN_DEV -p tcp -j REDSOCKS 2> /dev/null
iptables -w -t nat -F REDSOCKS 2> /dev/null
iptables -w -t nat -X REDSOCKS 2> /dev/null
}
case $1 in
start)
if [ $# -ne 12 ]; then
usage
fi
config $@
cleanup
#disable mptcp on LAN
[ ! -z "$LAN_DEV" ] && ip link set dev $LAN_DEV multipath off
####### Setup Routing ########
echo "configuring routes"
# add policy routing rules for WAN1
[ ! -z "$WAN1_ADDR" ] && ip rule add from $WAN1_ADDR table 1
# add routes on WAN1
[ ! -z "$WAN1_GW" ] && {
ip route add $WAN1_NET dev $WAN1_DEV scope link table 1
ip route add default via $WAN1_GW dev $WAN1_DEV table 1
}
# add policy routing rules for WAN2
[ ! -z "$WAN2_ADDR" ] && ip rule add from $WAN2_ADDR table 2
# add routes on WAN2
[ ! -z "$WAN2_GW" ] && {
ip route add $WAN2_NET dev $WAN2_DEV scope link table 2
ip route add default via $WAN2_GW dev $WAN2_DEV table 2
}
#add routes to default route table
#ip route add $WAN1_NET dev $WAN1_DEV src $WAN1_ADDR
#ip route add $WAN2_NET dev $WAN2_DEV src $WAN2_ADDR
#ip route add default via $WAN1_ADDR
####### Configure Iptables to redirect tcp traffic from LAN to redsocks ########
echo "configuring iptables rules"
# add a new REDSOCKS chain
iptables -w -t nat -N REDSOCKS
# igonre traffic we are not intrested in sending to proxy
# adjust as per test setup
iptables -w -t nat -I REDSOCKS -o lo -j RETURN
iptables -w -t nat -I REDSOCKS -p tcp -d $PROXY_SERVER_ADDR --dport $PROXY_SERVER_PORT -j RETURN
iptables -w -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -w -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -w -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -w -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -w -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -w -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -w -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
#redirect the tcp packets filtered in REDSOCKS chain to port 12345
iptables -w -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345
# add a rule to tap all incoming tcp traffic on br0 into redsocks CHAIN at PREROUTING
iptables -w -t nat -I PREROUTING -i $LAN_DEV -p tcp -j REDSOCKS
# add rules to tap locally generated tcp traffic to REDSOCKS
#[ ! -z "$WAN1_DEV" ] && iptables -w -t nat -A OUTPUT -o $WAN1_DEV -p tcp -j REDSOCKS
#[ ! -z "$WAN2_DEV" ] && iptables -w -t nat -A OUTPUT -o $WAN2_DEV -p tcp -j REDSOCKS
;;
stop)
cleanup
;;
*)
usage
esac
Reference in a new issue View git blame Copy permalink