search

Ysurac / openmptcprouter

OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
https://www.openmptcprouter.com/
GNU General Public License v3.0
1.84k stars 265 forks source link

Gros problème de VPN et comportement étrange du serveur DHCP #510

Closed Randdrick closed 5 years ago

Randdrick commented 5 years ago

Expected Behavior

Actual Behavior

Depuis la version 0.50 et supérieur, les problèmes liés au VPN sont plus en plus fréquents. Ils semblent que ces derniers soient liées à GloryTun qui est devenu complètement instable. J'utilise depuis le départ (ou presque), GloruTun TCP, la version UDP ne fonctionnant tout simplement pas. De plus, le serveur DHCP délivre correctement ses adresses que si il est forcé comme étant le serveur DHCP principal.

Specifications

Voici mes derniers logs :

Mon Jun 10 20:36:05 2019 daemon.err glorytun[4625]: read: Operation timed out Mon Jun 10 20:36:05 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:36:22 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:36:32 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:36:32 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:36:33 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:36:43 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:36:43 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:36:44 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:36:54 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:36:54 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:36:55 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:37:05 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:37:05 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:37:06 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:37:16 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:37:16 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:37:17 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:37:27 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:37:27 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:37:28 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:37:38 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:37:38 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:37:39 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:37:49 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:37:49 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:37:50 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:38:00 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Mon Jun 10 20:38:00 2019 daemon.info glorytun[4625]: STOPPED tun0 Mon Jun 10 20:38:41 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Mon Jun 10 20:38:50 2019 daemon.info glorytun[4625]: STARTED tun0

Ysurac commented 5 years ago

Pour le serveur DHCP, si il y a plusieurs serveurs sur le réseau c'est pas forcément étonnant. Sinon pour le soucis avec glorytun il faut voir du côté du VPS, dans /var/log/daemon.log Il faut aussi vérifier la configuration de glorytun tcp si il est bien sur le VPS configuré en chacha20.

Randdrick commented 5 years ago

Pour le DHCP, c'est le seul serveur. Je désactive le DHCP de ma box avant chaque mise à jour pour être sûr que cela soit bien le routeur qui donne les adresses IP. Or, depuis la V 0.50, si je force pas le serveur DHCP comme serveur principal, il ne distribue pas d'adresse Ip.

Concernant GloryTun, il est configuré en chacha20, aussi côté client que VPS (et cela depuis le début). D'ailleurs, côté serveur j'ai eu : (quelques logs significatifs, je l'espère)

Jun 10 19:50:00 vps-42566 ss-server[12455]: 2019/06/10 19:50:00 tcp:2.6.80.105:3 5773 accepted tcp:127.0.0.1:0 Jun 10 19:50:02 vps-42566 ss-server[12455]: 2019/06/10 19:50:02 tcp:2.6.80.105:2 7811 accepted tcp:127.0.0.1:0 Jun 10 19:50:06 vps-42566 ss-server[12455]: 2019/06/10 19:50:06 tcp:2.6.80.105:3 5799 accepted tcp:127.0.0.1:0 Jun 10 19:50:07 vps-42566 ss-server[12455]: 2019/06/10 19:50:07 tcp:2.6.80.105:3 5807 accepted tcp:127.0.0.1:0 Jun 10 19:50:10 vps-42566 ss-server[12455]: 2019/06/10 19:50:10 tcp:193.56.243.7 :40125 accepted tcp:127.0.0.1:0 Jun 10 19:50:17 vps-42566 ss-server[12455]: 2019/06/10 19:50:17 tcp:2.6.80.105:3 5807 accepted tcp:127.0.0.1:0 Jun 10 19:50:25 vps-42566 ss-server[12455]: 2019/06/10 19:50:25 tcp:2.6.80.105:3 5691 accepted tcp:127.0.0.1:0 Jun 10 19:50:27 vps-42566 ss-server[12455]: 2019/06/10 19:50:27 tcp:2.6.80.105:3 5825 accepted tcp:127.0.0.1:0 Jun 10 19:50:28 vps-42566 ss-server[12455]: 2019-06-10 19:50:28 ERROR: remote r ecv: Connection reset by peer Jun 10 19:50:29 vps-42566 ss-server[12455]: 2019-06-10 19:50:29 ERROR: remote r ecv: Connection reset by peer Jun 10 19:50:37 vps-42566 ss-server[12455]: 2019/06/10 19:50:37 tcp:2.6.80.105:3 5825 accepted tcp:127.0.0.1:0 Jun 10 19:50:43 vps-42566 ss-server[12455]: 2019-06-10 19:50:43 ERROR: remote r ecv: Connection reset by peer Jun 10 19:50:45 vps-42566 ss-server[12455]: 2019-06-10 19:50:45 ERROR: remote r ecv: Connection reset by peer Jun 10 19:50:45 vps-42566 ss-server[12455]: 2019-06-10 19:50:45 ERROR: remote r ecv: Connection reset by peer Jun 10 19:50:45 vps-42566 ss-server[12455]: 2019/06/10 19:50:45 tcp:2.6.80.105:3 5449 accepted tcp:127.0.0.1:0 Jun 10 19:50:47 vps-42566 ss-server[12455]: 2019/06/10 19:50:47 tcp:2.6.80.105:3 5841 accepted tcp:127.0.0.1:0 Jun 10 19:50:49 vps-42566 ss-server[12455]: 2019-06-10 19:50:49 ERROR: remote r ecv: Connection reset by peer Jun 10 19:50:57 vps-42566 ss-server[12455]: 2019/06/10 19:50:57 tcp:2.6.80.105:3 5585 accepted tcp:127.0.0.1:0 Jun 10 19:50:57 vps-42566 ss-server[12455]: 2019/06/10 19:50:57 tcp:2.6.80.105:3 5841 accepted tcp:127.0.0.1:0 Jun 10 19:51:05 vps-42566 ss-server[12455]: 2019/06/10 19:51:05 tcp:2.6.80.105:3 5853 accepted tcp:127.0.0.1:0 Jun 10 19:51:07 vps-42566 ss-server[12455]: 2019/06/10 19:51:07 tcp:2.6.80.105:3 5861 accepted tcp:127.0.0.1:0 Jun 10 19:51:10 vps-42566 ss-server[12455]: 2019-06-10 19:51:10 ERROR: remote r ecv: Connection reset by peer Jun 10 19:51:13 vps-42566 ss-server[12455]: 2019-06-10 19:51:13 ERROR: remote r ecv: Connection reset by peer Jun 10 19:51:14 vps-42566 ss-server[12455]: 2019-06-10 19:51:14 ERROR: remote r ecv: Connection reset by peer Jun 10 19:51:16 vps-42566 ss-server[12455]: 2019-06-10 19:51:16 ERROR: remote r ecv: Connection reset by peer Jun 10 19:51:18 vps-42566 ss-server[12455]: 2019/06/10 19:51:18 tcp:2.6.80.105:3 5861 accepted tcp:127.0.0.1:0 Jun 10 19:51:19 vps-42566 ss-server[12455]: 2019-06-10 19:51:19 ERROR: remote r ecv: Connection reset by peer Jun 10 19:51:19 vps-42566 ss-server[12455]: 2019-06-10 19:51:19 ERROR: remote r ecv: Connection reset by peer Jun 10 19:51:21 vps-42566 ss-server[12455]: 2019-06-10 19:51:21 ERROR: remote r ecv: Connection reset by peer //////////////////////////////////////////////////////////////// Jun 10 19:41:17 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28317: connected Jun 10 19:41:17 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28317: key exchang e failed Jun 10 19:41:18 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28369: connected Jun 10 19:41:18 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28369: key exchang e failed Jun 10 19:41:19 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28377: connected Jun 10 19:41:19 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28377: key exchang e failed Jun 10 19:41:20 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28419: connected Jun 10 19:41:20 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28419: key exchang e failed Jun 10 19:41:21 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28473: connected Jun 10 19:41:21 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28473: key exchang e failed Jun 10 19:41:22 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28495: connected Jun 10 19:41:22 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28495: key exchang e failed Jun 10 19:41:23 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28505: connected Jun 10 19:41:23 vps-42566 glorytun-tcp-run[16553]: 2.6.80.105.28505: key exchang e failed ///////////////////////////////////////////////////////////// Jun 10 19:55:18 vps-42566 systemd[1]: Stopping Glorytun TCP on tun0... Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: INITIALIZED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STARTED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STARTED gt-tun0 Jun 10 19:55:18 vps-42566 glorytun-tcp-run[16553]: STOPPED gt-tun0 Jun 10 19:55:18 vps-42566 systemd-networkd[16572]: gt-tun0: Lost carrier Jun 10 19:55:18 vps-42566 named[17497]: no longer listening on 10.255.255.1#53 Jun 10 19:55:18 vps-42566 systemd[1]: Stopped Glorytun TCP on tun0. Jun 10 19:55:18 vps-42566 systemd[1]: Started Glorytun TCP on tun0. Jun 10 19:55:18 vps-42566 systemd[1]: Stopping Glorytun UDP on tun0... Jun 10 19:55:18 vps-42566 systemd[1]: Stopped Glorytun UDP on tun0. Jun 10 19:55:18 vps-42566 systemd[1]: Started Glorytun UDP on tun0. Jun 10 19:55:18 vps-42566 named[17497]: listening on IPv4 interface gt-tun0, 10. 255.255.1#53 Jun 10 19:55:18 vps-42566 systemd-networkd[16572]: gt-tun0: IPv6 enabled for int erface: Success Jun 10 19:55:18 vps-42566 systemd-networkd[16572]: gt-tun0: Gained carrier Jun 10 19:55:18 vps-42566 systemd-networkd[16572]: gt-tun0: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd[1]: Stopping Network Service... Jun 10 19:55:18 vps-42566 glorytun-udp-run[23804]: running on device gt-udp-tun0 as pid 23804 Jun 10 19:55:18 vps-42566 systemd[1]: Stopped Network Service. Jun 10 19:55:18 vps-42566 systemd[1]: Starting Network Service... Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: gt-tun0: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: tun0: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: omr-6in4: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: mlvpn0: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: gt-udp-tun0: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: eth0: Gained IPv6LL Jun 10 19:55:18 vps-42566 systemd-networkd[23815]: Enumeration completed Jun 10 19:55:18 vps-42566 systemd[1]: Started Network Service. Jun 10 19:55:18 vps-42566 named[17497]: no longer listening on 10.255.255.1#53 Jun 10 19:55:18 vps-42566 named[17497]: listening on IPv4 interface gt-tun0, 10. 255.255.1#53 Jun 10 19:55:18 vps-42566 named[17497]: no longer listening on 10.255.252.1#53 Jun 10 19:55:18 vps-42566 named[17497]: listening on IPv4 interface tun0, 10.255 .252.1#53 Jun 10 19:55:18 vps-42566 named[17497]: no longer listening on 10.255.253.1#53 Jun 10 19:55:18 vps-42566 named[17497]: listening on IPv4 interface mlvpn0, 10.2 55.253.1#53 Jun 10 19:55:18 vps-42566 named[17497]: no longer listening on 10.255.254.1#53 Jun 10 19:55:18 vps-42566 named[17497]: listening on IPv4 interface gt-udp-tun0, 10.255.254.1#53 Jun 10 19:55:19 vps-42566 glorytun-tcp-run[23797]: 2.6.80.105.30485: connected Jun 10 19:55:21 vps-42566 ss-server[12455]: 2019/06/10 19:55:21 tcp:2.6.80.105:3 6205 accepted tcp:127.0.0.1:0 Jun 10 19:55:25 vps-42566 ss-server[12455]: 2019/06/10 19:55:25 tcp:2.6.80.105:3 6217 accepted tcp:127.0.0.1:0 Jun 10 19:55:31 vps-42566 systemd-networkd[23815]: gt-tun0: Configured Jun 10 19:55:31 vps-42566 systemd-networkd[23815]: gt-udp-tun0: Configured Jun 10 19:55:31 vps-42566 systemd-networkd[23815]: mlvpn0: Configured Jun 10 19:55:31 vps-42566 systemd-networkd[23815]: tun0: Configured Jun 10 19:55:32 vps-42566 ss-server[12455]: 2019/06/10 19:55:32 tcp:2.6.80.105:3 6225 accepted tcp:127.0.0.1:0

Ysurac commented 5 years ago

dnsmasq is the DHCP server, and it wasn't updated for latest releases. Il me faudrait toute la configuration, je pense à un soucis de route. Sinon il faudrait refaire une configuration depuis 0 sur OpenMPTCProuter pour voir si ça corrige.

Randdrick commented 5 years ago

Bonjou Ysurac, Voici toute la configuration. Pour des raison de sécurité, j'ai supprimer les clefs.

Tous les paramètres d'OpenMPTCProuter ddns.global=ddns ddns.global.ddns_dateformat='%F %R' ddns.global.ddns_loglines='250' ddns.global.upd_privateip='0' ddns.myddns_ipv4=service ddns.myddns_ipv4.lookup_host='yourhost.example.com' ddns.myddns_ipv4.domain='yourhost.example.com' ddns.myddns_ipv4.username='your_username' ddns.myddns_ipv4.password='your_password' ddns.myddns_ipv4.interface='wan' ddns.myddns_ipv4.ip_source='network' ddns.myddns_ipv4.ip_network='wan' ddns.myddns_ipv4.service_name='dyn.com' ddns.myddns_ipv6=service ddns.myddns_ipv6.update_url='http://[USERNAME]:[PASSWORD]@your.provider.net/nic/update?hostname=[DOMAIN]&myip=[IP]' ddns.myddns_ipv6.lookup_host='yourhost.example.com' ddns.myddns_ipv6.domain='yourhost.example.com' ddns.myddns_ipv6.username='your_username' ddns.myddns_ipv6.password='your_password' ddns.myddns_ipv6.use_ipv6='1' ddns.myddns_ipv6.interface='wan6' ddns.myddns_ipv6.ip_source='network' ddns.myddns_ipv6.ip_network='wan6' dhcp.@dnsmasq[0]=dnsmasq dhcp.@dnsmasq[0].domainneeded='1' dhcp.@dnsmasq[0].localise_queries='1' dhcp.@dnsmasq[0].rebind_protection='1' dhcp.@dnsmasq[0].rebind_localhost='1' dhcp.@dnsmasq[0].local='/lan/' dhcp.@dnsmasq[0].domain='lan' dhcp.@dnsmasq[0].expandhosts='1' dhcp.@dnsmasq[0].readethers='1' dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases' dhcp.@dnsmasq[0].nonwildcard='1' dhcp.@dnsmasq[0].localservice='1' dhcp.@dnsmasq[0].server='127.0.0.1#5353' dhcp.@dnsmasq[0].noresolv='1' dhcp.@dnsmasq[0].nonegcache='1' dhcp.@dnsmasq[0].quietdhcp='1' dhcp.@dnsmasq[0].notinterface='wan1' dhcp.@dnsmasq[0].ipset='/googlevideo.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/googlevideo.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/googlevideo.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/nflxvideo.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/nflxvideo.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/nflxvideo.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/s3.ll.dash.row.aiv-cdn.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/s3.ll.dash.row.aiv-cdn.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/s3.ll.dash.row.aiv-cdn.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/d25xi40x97liuc.cloudfront.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/d25xi40x97liuc.cloudfront.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/d25xi40x97liuc.cloudfront.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/aiv-delivery.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/aiv-delivery.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/aiv-delivery.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/vevo.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/vevo.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/vevo.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/audio-fa.scdn.cot/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/audio-fa.scdn.cot/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/audio-fa.scdn.cot/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/deezer.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/deezer.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/deezer.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/sndcdn.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/sndcdn.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/sndcdn.com/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/last.fm/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/last.fm/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/last.fm/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/v.redd.it/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/v.redd.it/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/v.redd.it/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/ttvnw.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/ttvnw.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/ttvnw.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/ttvnw.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/ttvnw.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/ttvnw.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs4,omr_dscp6-cs4' '/googletagmanager.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googletagmanager.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googletagmanager.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googleusercontent.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googleusercontent.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googleusercontent.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/google.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/google.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/google.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/fbcdn.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs2,omr_dscp6-cs2' '/fbcdn.net/omr-cs2,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs2,omr_dscp6-cs2' '/fbcdn.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs2,omr_dscp6-cs2' '/fbcdn.net/omr-cs2,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs2,omr_dscp6-cs2' '/fbcdn.net/omr-cs4,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs2,omr_dscp6-cs2' '/fbcdn.net/omr-cs2,omr_dscp-cs4,omr_dscp6-cs4,omr_dscp-cs2,omr_dscp6-cs2' '/akamaihd.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/akamaihd.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/akamaihd.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/whatsapp.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/whatsapp.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/whatsapp.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/whatsapp.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/whatsapp.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/whatsapp.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googleapis.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googleapis.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/googleapis.com/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/1e100.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/1e100.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/1e100.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/hwcdn.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/hwcdn.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/hwcdn.net/omr-cs2,omr_dscp-cs2,omr_dscp6-cs2' '/download.qq.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/download.qq.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/download.qq.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/steamcontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/steamcontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/steamcontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/gs2.ww.prod.dl.playstation.net/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/gs2.ww.prod.dl.playstation.net/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/gs2.ww.prod.dl.playstation.net/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropbox.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropbox.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropbox.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropboxstatic.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropboxstatic.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropboxstatic.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropbox-dns.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropbox-dns.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/dropbox-dns.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/log.getdropbox.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/log.getdropbox.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/log.getdropbox.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/drive.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/drive.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/drive.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/drive-thirdparty.googleusercontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/drive-thirdparty.googleusercontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/drive-thirdparty.googleusercontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/docs.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/docs.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/docs.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/docs.googleusercontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/docs.googleusercontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/docs.googleusercontent.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/gvt1.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/gvt1.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/gvt1.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/mmg-fna.whatsapp.net/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/mmg-fna.whatsapp.net/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/mmg-fna.whatsapp.net/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/upload.youtube.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/upload.youtube.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/upload.youtube.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/upload.video.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/upload.video.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/upload.video.google.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/windowsupdate.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/windowsupdate.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/windowsupdate.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/update.microsoft.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/update.microsoft.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' '/update.microsoft.com/omr-cs1,omr_dscp-cs1,omr_dscp6-cs1' dhcp.lan=dhcp dhcp.lan.interface='lan' dhcp.lan.start='100' dhcp.lan.limit='150' dhcp.lan.leasetime='720h' dhcp.lan.force='1' dhcp.wan=dhcp dhcp.wan.interface='wan' dhcp.wan.ignore='1' dhcp.odhcpd=odhcpd dhcp.odhcpd.maindhcp='0' dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd' dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update' dhcp.odhcpd.loglevel='4' dhcp.wan1=dhcp dhcp.wan1.interface='wan1' dhcp.wan1.ignore='1' dhcp.@host[0]=host dhcp.@host[0].name='UWM01001' dhcp.@host[0].dns='1' dhcp.@host[0].mac='00:1D:92:30:67:0F' dhcp.@host[0].ip='192.168.100.223' dhcp.@host[0].gw='192.168.100.1' dropbear.@dropbear[0]=dropbear dropbear.@dropbear[0].PasswordAuth='on' dropbear.@dropbear[0].Port='22' dropbear.@dropbear[0].Interface='lan' dscp.@classify[0]=classify dscp.@classify[0].direction='both' dscp.@classify[0].proto='icmp' dscp.@classify[0].class='cs5' dscp.@classify[0].comment='ICMP' dscp.@classify[1]=classify dscp.@classify[1].direction='both' dscp.@classify[1].proto='udp' dscp.@classify[1].class='cs5' dscp.@classify[1].src_port='53,123,5353' dscp.@classify[1].comment='DNS udp and NTP' dscp.@classify[2]=classify dscp.@classify[2].direction='both' dscp.@classify[2].proto='tcp' dscp.@classify[2].class='cs5' dscp.@classify[2].src_port='53,5353' dscp.@classify[2].comment='DNS tcp' dscp.@domains[0]=domains dscp.@domains[0].name='googlevideo.com' dscp.@domains[0].class='cs4' dscp.@domains[0].comment='Youtube' dscp.@domains[1]=domains dscp.@domains[1].name='nflxvideo.net' dscp.@domains[1].class='cs4' dscp.@domains[1].comment='NetFlix' dscp.@domains[2]=domains dscp.@domains[2].name='s3.ll.dash.row.aiv-cdn.net' dscp.@domains[2].class='cs4' dscp.@domains[2].comment='AmazonVideo' dscp.@domains[3]=domains dscp.@domains[3].name='d25xi40x97liuc.cloudfront.net' dscp.@domains[3].class='cs4' dscp.@domains[3].comment='AmazonVideo' dscp.@domains[4]=domains dscp.@domains[4].name='aiv-delivery.net' dscp.@domains[4].class='cs4' dscp.@domains[4].comment='AmazonVideo' dscp.@domains[5]=domains dscp.@domains[5].name='fbcdn.net' dscp.@domains[5].class='cs4' dscp.@domains[5].comment='Facebook' dscp.@domains[6]=domains dscp.@domains[6].name='ttvnw.net' dscp.@domains[6].class='cs4' dscp.@domains[6].comment='Twitch' dscp.@domains[7]=domains dscp.@domains[7].name='vevo.com' dscp.@domains[7].class='cs4' dscp.@domains[7].comment='VeVo' dscp.@domains[8]=domains dscp.@domains[8].name='audio-fa.scdn.cot' dscp.@domains[8].class='cs4' dscp.@domains[8].comment='Spotify' dscp.@domains[9]=domains dscp.@domains[9].name='deezer.com' dscp.@domains[9].class='cs4' dscp.@domains[9].comment='Deezer' dscp.@domains[10]=domains dscp.@domains[10].name='sndcdn.com' dscp.@domains[10].class='cs4' dscp.@domains[10].comment='SoundCloud' dscp.@domains[11]=domains dscp.@domains[11].name='last.fm' dscp.@domains[11].class='cs4' dscp.@domains[11].comment='last.fm' dscp.@domains[12]=domains dscp.@domains[12].name='v.redd.it' dscp.@domains[12].class='cs4' dscp.@domains[12].comment='reddit videos' dscp.@domains[13]=domains dscp.@domains[13].name='ttvnw.net' dscp.@domains[13].class='cs4' dscp.@domains[13].comment='twitch.tv' dscp.@domains[14]=domains dscp.@domains[14].name='googletagmanager.com' dscp.@domains[14].class='cs2' dscp.@domains[14].comment='cdn' dscp.@domains[15]=domains dscp.@domains[15].name='googleusercontent.com' dscp.@domains[15].class='cs2' dscp.@domains[15].comment='cdn' dscp.@domains[16]=domains dscp.@domains[16].name='google.com' dscp.@domains[16].class='cs2' dscp.@domains[16].comment='cdn' dscp.@domains[17]=domains dscp.@domains[17].name='fbcdn.net' dscp.@domains[17].class='cs2' dscp.@domains[17].comment='cdn' dscp.@domains[18]=domains dscp.@domains[18].name='akamaihd.net' dscp.@domains[18].class='cs2' dscp.@domains[18].comment='cdn' dscp.@domains[19]=domains dscp.@domains[19].name='whatsapp.net' dscp.@domains[19].class='cs2' dscp.@domains[19].comment='cdn' dscp.@domains[20]=domains dscp.@domains[20].name='whatsapp.com' dscp.@domains[20].class='cs2' dscp.@domains[20].comment='cdn' dscp.@domains[21]=domains dscp.@domains[21].name='googleapis.com' dscp.@domains[21].class='cs2' dscp.@domains[21].comment='cdn' dscp.@domains[22]=domains dscp.@domains[22].name='1e100.net' dscp.@domains[22].class='cs2' dscp.@domains[22].comment='cdn' dscp.@domains[23]=domains dscp.@domains[23].name='hwcdn.net' dscp.@domains[23].class='cs2' dscp.@domains[23].comment='cdn' dscp.@domains[24]=domains dscp.@domains[24].name='download.qq.com' dscp.@domains[24].class='cs1' dscp.@domains[24].comment='qq download' dscp.@domains[25]=domains dscp.@domains[25].name='steamcontent.com' dscp.@domains[25].class='cs1' dscp.@domains[25].comment='Steam download' dscp.@domains[26]=domains dscp.@domains[26].name='gs2.ww.prod.dl.playstation.net' dscp.@domains[26].class='cs1' dscp.@domains[26].comment='PSN download' dscp.@domains[27]=domains dscp.@domains[27].name='dropbox.com' dscp.@domains[27].class='cs1' dscp.@domains[27].comment='Dropbox' dscp.@domains[28]=domains dscp.@domains[28].name='dropboxstatic.com' dscp.@domains[28].class='cs1' dscp.@domains[28].comment='Dropbox' dscp.@domains[29]=domains dscp.@domains[29].name='dropbox-dns.com' dscp.@domains[29].class='cs1' dscp.@domains[29].comment='Dropbox' dscp.@domains[30]=domains dscp.@domains[30].name='log.getdropbox.com' dscp.@domains[30].class='cs1' dscp.@domains[30].comment='Dropbox' dscp.@domains[31]=domains dscp.@domains[31].name='drive.google.com' dscp.@domains[31].class='cs1' dscp.@domains[31].comment='Google Drive' dscp.@domains[32]=domains dscp.@domains[32].name='drive-thirdparty.googleusercontent.com' dscp.@domains[32].class='cs1' dscp.@domains[32].comment='Google Drive' dscp.@domains[33]=domains dscp.@domains[33].name='docs.google.com' dscp.@domains[33].class='cs1' dscp.@domains[33].comment='Google Docs' dscp.@domains[34]=domains dscp.@domains[34].name='docs.googleusercontent.com' dscp.@domains[34].class='cs1' dscp.@domains[34].comment='Google Docs' dscp.@domains[35]=domains dscp.@domains[35].name='gvt1.com' dscp.@domains[35].class='cs1' dscp.@domains[35].comment='PlayStore Download' dscp.@domains[36]=domains dscp.@domains[36].name='mmg-fna.whatsapp.net' dscp.@domains[36].class='cs1' dscp.@domains[36].comment='WhatsApp Files' dscp.@domains[37]=domains dscp.@domains[37].name='upload.youtube.com' dscp.@domains[37].class='cs1' dscp.@domains[37].comment='Youtube Upload' dscp.@domains[38]=domains dscp.@domains[38].name='upload.video.google.com' dscp.@domains[38].class='cs1' dscp.@domains[38].comment='Youtube Upload' dscp.@domains[39]=domains dscp.@domains[39].name='windowsupdate.com' dscp.@domains[39].class='cs1' dscp.@domains[39].comment='WindowsUpdate' dscp.@domains[40]=domains dscp.@domains[40].name='update.microsoft.com' dscp.@domains[40].class='cs1' dscp.@domains[40].comment='WindowsUpdate' etherwake.setup=etherwake etherwake.setup.pathes='/usr/bin/etherwake /usr/bin/ether-wake' etherwake.setup.sudo='off' etherwake.setup.broadcast='off' etherwake.@target[0]=target etherwake.@target[0].name='example' etherwake.@target[0].mac='11:22:33:44:55:66' etherwake.@target[0].password='AABBCCDDEEFF' etherwake.@target[0].wakeonboot='off' firewall.@redirect[0]=redirect firewall.@redirect[0].target='SNAT' firewall.@redirect[0].src='vpn' firewall.@redirect[0].dest='lan' firewall.@redirect[0].src_dip='192.168.100.1' firewall.@redirect[0].name='EMBY' firewall.@redirect[0].proto='tcp udp' firewall.@redirect[0].dest_ip='192.168.100.223' firewall.@redirect[0].dest_port='8096' firewall.@redirect[1]=redirect firewall.@redirect[1].target='DNAT' firewall.@redirect[1].src='vpn' firewall.@redirect[1].dest='lan' firewall.@redirect[1].proto='tcp udp' firewall.@redirect[1].dest_ip='192.168.100.223' firewall.@redirect[1].dest_port='8096' firewall.@redirect[1].name='EMBY' firewall.@redirect[1].reflection='0' firewall.@redirect[1].src_dport='8096' firewall.@defaults[0]=defaults firewall.@defaults[0].syn_flood='1' firewall.@defaults[0].input='ACCEPT' firewall.@defaults[0].output='ACCEPT' firewall.@defaults[0].forward='REJECT' firewall.@defaults[0].disable_ipv6='1' firewall.@zone[0]=zone firewall.@zone[0].name='lan' firewall.@zone[0].input='ACCEPT' firewall.@zone[0].output='ACCEPT' firewall.@zone[0].forward='ACCEPT' firewall.@zone[0].network='lan' firewall.@zone[0].mtu_fix='1' firewall.@zone[1]=zone firewall.@zone[1].name='wan' firewall.@zone[1].input='REJECT' firewall.@zone[1].output='ACCEPT' firewall.@zone[1].forward='REJECT' firewall.@zone[1].masq='1' firewall.@zone[1].mtu_fix='1' firewall.@zone[1].network='wan wan6 wan1 wan2' firewall.@forwarding[0]=forwarding firewall.@forwarding[0].src='lan' firewall.@forwarding[0].dest='wan' firewall.@rule[0]=rule firewall.@rule[0].name='Allow-DHCP-Renew' firewall.@rule[0].src='wan' firewall.@rule[0].proto='udp' firewall.@rule[0].dest_port='68' firewall.@rule[0].target='ACCEPT' firewall.@rule[0].family='ipv4' firewall.@rule[1]=rule firewall.@rule[1].name='Allow-Ping' firewall.@rule[1].src='wan' firewall.@rule[1].proto='icmp' firewall.@rule[1].icmp_type='echo-request' firewall.@rule[1].family='ipv4' firewall.@rule[1].target='ACCEPT' firewall.@rule[2]=rule firewall.@rule[2].name='Allow-IGMP' firewall.@rule[2].src='wan' firewall.@rule[2].proto='igmp' firewall.@rule[2].family='ipv4' firewall.@rule[2].target='ACCEPT' firewall.@rule[3]=rule firewall.@rule[3].name='Allow-DHCPv6' firewall.@rule[3].src='wan' firewall.@rule[3].proto='udp' firewall.@rule[3].src_ip='fc00::/6' firewall.@rule[3].dest_ip='fc00::/6' firewall.@rule[3].dest_port='546' firewall.@rule[3].family='ipv6' firewall.@rule[3].target='ACCEPT' firewall.@rule[4]=rule firewall.@rule[4].name='Allow-MLD' firewall.@rule[4].src='wan' firewall.@rule[4].proto='icmp' firewall.@rule[4].src_ip='fe80::/10' firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0' firewall.@rule[4].family='ipv6' firewall.@rule[4].target='ACCEPT' firewall.@rule[5]=rule firewall.@rule[5].name='Allow-ICMPv6-Input' firewall.@rule[5].src='wan' firewall.@rule[5].proto='icmp' firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement' firewall.@rule[5].limit='1000/sec' firewall.@rule[5].family='ipv6' firewall.@rule[5].target='ACCEPT' firewall.@rule[6]=rule firewall.@rule[6].name='Allow-ICMPv6-Forward' firewall.@rule[6].src='wan' firewall.@rule[6].dest='' firewall.@rule[6].proto='icmp' firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' firewall.@rule[6].limit='1000/sec' firewall.@rule[6].family='ipv6' firewall.@rule[6].target='ACCEPT' firewall.@rule[7]=rule firewall.@rule[7].name='Allow-IPSec-ESP' firewall.@rule[7].src='wan' firewall.@rule[7].dest='lan' firewall.@rule[7].proto='esp' firewall.@rule[7].target='ACCEPT' firewall.@rule[8]=rule firewall.@rule[8].name='Allow-ISAKMP' firewall.@rule[8].src='wan' firewall.@rule[8].dest='lan' firewall.@rule[8].dest_port='500' firewall.@rule[8].proto='udp' firewall.@rule[8].target='ACCEPT' firewall.@include[0]=include firewall.@include[0].path='/etc/firewall.user' firewall.@rule[9]=rule firewall.@rule[9].target='ACCEPT' firewall.@rule[9].name='Allow-All-LAN-to-VPN' firewall.@rule[9].dest='vpn' firewall.@rule[9].src='lan' firewall.@rule[10]=rule firewall.@rule[10].target='ACCEPT' firewall.@rule[10].name='Allow-All-Ping' firewall.@rule[10].proto='icmp' firewall.@rule[10].dest='' firewall.@rule[10].src='' firewall.@rule[10].icmp_type='echo-request' firewall.@rule[11]=rule firewall.@rule[11].target='ACCEPT' firewall.@rule[11].name='Allow-VPN-ICMP' firewall.@rule[11].proto='icmp' firewall.@rule[11].src='vpn' firewall.@rule[12]=rule firewall.@rule[12].target='ACCEPT' firewall.@rule[12].name='Allow-Lan-to-Wan' firewall.@rule[12].dest='wan' firewall.@rule[12].src='lan' firewall.@rule[13]=rule firewall.@rule[13].target='ACCEPT' firewall.@rule[13].name='ICMPv6-Lan-to-OMR' firewall.@rule[13].src='lan' firewall.@rule[13].family='ipv6' firewall.@rule[13].proto='icmp' firewall.@rule[13].limit='1000/sec' firewall.@rule[13].icmp_type='echo-reply destination-unreachable echo-request router-advertisement router-solicitation time-exceeded' firewall.ss_rules=include firewall.ss_rules.path='/etc/firewall.ss-rules' firewall.ss_rules.reload='1' firewall.@rule[14]=rule firewall.@rule[14].target='ACCEPT' firewall.@rule[14].name='Allow-All-Ping' firewall.@rule[14].proto='icmp' firewall.@rule[14].dest='' firewall.@rule[14].src='' firewall.@rule[14].icmp_type='echo-request' firewall.@rule[15]=rule firewall.@rule[15].target='ACCEPT' firewall.@rule[15].name='Allow-All-Ping' firewall.@rule[15].proto='icmp' firewall.@rule[15].dest='' firewall.@rule[15].src='' firewall.@rule[15].icmp_type='echo-request' firewall.@rule[16]=rule firewall.@rule[16].target='ACCEPT' firewall.@rule[16].name='Allow-All-Ping' firewall.@rule[16].proto='icmp' firewall.@rule[16].dest='' firewall.@rule[16].src='' firewall.@rule[16].icmp_type='echo-request' firewall.@rule[17]=rule firewall.@rule[17].target='ACCEPT' firewall.@rule[17].name='Allow-All-Ping' firewall.@rule[17].proto='icmp' firewall.@rule[17].dest='' firewall.@rule[17].src='' firewall.@rule[17].icmp_type='echo-request' firewall.@rule[18]=rule firewall.@rule[18].target='ACCEPT' firewall.@rule[18].name='Allow-All-Ping' firewall.@rule[18].proto='icmp' firewall.@rule[18].dest='' firewall.@rule[18].src='' firewall.@rule[18].icmp_type='echo-request' firewall.@rule[19]=rule firewall.@rule[19].target='ACCEPT' firewall.@rule[19].name='Allow-All-Ping' firewall.@rule[19].proto='icmp' firewall.@rule[19].dest='' firewall.@rule[19].src='' firewall.@rule[19].icmp_type='echo-request' firewall.@redirect[2]=redirect firewall.@redirect[2].target='DNAT' firewall.@redirect[2].src='vpn' firewall.@redirect[2].dest_port='9' firewall.@redirect[2].name='WOL' firewall.@redirect[2].proto='udp' firewall.@redirect[2].reflection='0' firewall.@redirect[2].dest='lan' firewall.@redirect[2].dest_ip='192.168.100.223' firewall.@rule[20]=rule firewall.@rule[20].enabled='1' firewall.@rule[20].target='ACCEPT' firewall.@rule[20].name='Allow-All-Ping' firewall.@rule[20].proto='icmp' firewall.@rule[20].dest='' firewall.@rule[20].src='' firewall.@rule[20].icmp_type='echo-request' firewall.@rule[21]=rule firewall.@rule[21].enabled='1' firewall.@rule[21].target='ACCEPT' firewall.@rule[21].name='Allow-All-Ping' firewall.@rule[21].proto='icmp' firewall.@rule[21].dest='' firewall.@rule[21].src='' firewall.@rule[21].icmp_type='echo-request' firewall.@rule[22]=rule firewall.@rule[22].enabled='1' firewall.@rule[22].target='ACCEPT' firewall.@rule[22].name='Allow-All-Ping' firewall.@rule[22].proto='icmp' firewall.@rule[22].dest='' firewall.@rule[22].src='' firewall.@rule[22].icmp_type='echo-request' firewall.zone_vpn=zone firewall.zone_vpn.name='vpn' firewall.zone_vpn.masq='1' firewall.zone_vpn.input='REJECT' firewall.zone_vpn.forward='ACCEPT' firewall.zone_vpn.output='ACCEPT' firewall.zone_vpn.mtu_fix='1' firewall.zone_vpn.network='glorytun' 'omrvpn' 'omr6in4' firewall.@rule[23]=rule firewall.@rule[23].enabled='1' firewall.@rule[23].target='ACCEPT' firewall.@rule[23].name='Allow-All-Ping' firewall.@rule[23].proto='icmp' firewall.@rule[23].dest='' firewall.@rule[23].src='*' firewall.@rule[23].icmp_type='echo-request' firewall.allow_dhcp_request_vpn=rule firewall.allow_dhcp_request_vpn.name='Allow-DHCP-Request-VPN' firewall.allow_dhcp_request_vpn.src='vpn' firewall.allow_dhcp_request_vpn.proto='udp' firewall.allow_dhcp_request_vpn.dest_port='67' firewall.allow_dhcp_request_vpn.target='ACCEPT' firewall.allow_dhcp_request_vpn.family='ipv4' firewall.miniupnpd=include firewall.miniupnpd.type='script' firewall.miniupnpd.path='/usr/share/miniupnpd/firewall.include' firewall.miniupnpd.family='any' firewall.miniupnpd.reload='1' glorytun.vpn=glorytun glorytun.vpn.port='65001' glorytun.vpn.mptcp='1' glorytun.vpn.chacha20='1' glorytun.vpn.mtuauto='1' glorytun.vpn.host='188.213.31.131' glorytun.vpn.key='' glorytun.vpn.dev='tun0' glorytun.vpn.proto='tcp' glorytun.vpn.localip='10.255.255.2' glorytun.vpn.remoteip='10.255.255.1' glorytun.vpn.enable='1' glorytun_recipes.servertcp=glorytun_recipe glorytun_recipes.servertcp._description='Simple TCP server configuration' glorytun_recipes.servertcp._role='server' glorytun_recipes.servertcp.port='65001' glorytun_recipes.servertcp.dev='tun0' glorytun_recipes.servertcp.key='secretkey' glorytun_recipes.servertcp.listener='1' glorytun_recipes.servertcp.localip='192.168.99.1' glorytun_recipes.servertcp.remoteip='192.168.99.2' glorytun_recipes.servertcp.proto='tcp' glorytun_recipes.servertcp.enable='0' glorytun_recipes.clienttcp=glorytun_recipe glorytun_recipes.clienttcp._description='Simple TCP client configuration' glorytun_recipes.clienttcp._role='client' glorytun_recipes.clienttcp.port='65001' glorytun_recipes.clienttcp.dev='tun0' glorytun_recipes.clienttcp.host='vpnserver.example.org' glorytun_recipes.clienttcp.key='secretkey' glorytun_recipes.clienttcp.localip='192.168.99.2' glorytun_recipes.clienttcp.remoteip='192.168.99.1' glorytun_recipes.clienttcp.proto='tcp' glorytun_recipes.clienttcp.enable='0' glorytun_recipes.serverudp=glorytun_recipe glorytun_recipes.serverudp._description='Simple UDP server configuration' glorytun_recipes.serverudp._role='server' glorytun_recipes.serverudp.dev='tun0' glorytun_recipes.serverudp.bindport='65003' glorytun_recipes.serverudp.bind='192.168.99.1' glorytun_recipes.serverudp.key='secretkey' glorytun_recipes.serverudp.localip='192.168.99.1' glorytun_recipes.serverudp.remoteip='192.168.99.2' glorytun_recipes.serverudp.proto='udp' glorytun_recipes.serverudp.mtuauto='1' glorytun_recipes.serverudp.enable='0' glorytun_recipes.clientudp=glorytun_recipe glorytun_recipes.clientudp._description='Simple UDP client configuration' glorytun_recipes.clientudp._role='client' glorytun_recipes.clientudp.port='65003' glorytun_recipes.clientudp.dev='tun0' glorytun_recipes.clientudp.host='vpnserver.example.org' glorytun_recipes.clientudp.key='secretkey' glorytun_recipes.clientudp.localip='192.168.99.2' glorytun_recipes.clientudp.remoteip='192.168.99.1' glorytun_recipes.clientudp.proto='udp' glorytun_recipes.clientudp.mtuauto='1' glorytun_recipes.clientudp.enable='0' iperf.bouygues=server iperf.bouygues.host='bouygues.iperf.fr' iperf.bouygues.ipv4='1' iperf.bouygues.ipv6='1' iperf.bouygues.speed='10000' iperf.bouygues.ports='5200,5201,5202,5203,5204,5205,5206,5207,5208,5209' iperf.bouygues.tcp='1' iperf.bouygues.udp='0' iperf.bouygues.location='Europe' iperf.online_ipv4=server iperf.online_ipv4.host='ping.online.net' iperf.online_ipv4.ipv4='1' iperf.online_ipv4.ipv6='0' iperf.online_ipv4.speed='10000' iperf.online_ipv4.ports='5200,5201,5202,5203,5204,5205,5206,5207,5208,5209' iperf.online_ipv4.tcp='1' iperf.online_ipv4.udp='1' iperf.online_ipv4.location='Europe' iperf.online_ipv6=server iperf.online_ipv6.host='ping.online.net' iperf.online_ipv6.ipv4='0' iperf.online_ipv6.ipv6='1' iperf.online_ipv6.speed='10000' iperf.online_ipv6.ports='5200,5201,5202,5203,5204,5205,5206,5207,5208,5209' iperf.online_ipv6.tcp='1' iperf.online_ipv6.udp='1' iperf.online_ipv6.location='Europe' iperf.serverius=server iperf.serverius.host='speedtest.serverius.net' iperf.serverius.ipv4='1' iperf.serverius.ipv6='1' iperf.serverius.speed='10000' iperf.serverius.ports='5002' iperf.serverius.tcp='1' iperf.serverius.udp='1' iperf.serverius.location='Europe' iperf.eenet=server iperf.eenet.host='iperf.eenet.ee' iperf.eenet.ipv4='1' iperf.eenet.ipv6='0' iperf.eenet.ports='5201' iperf.eenet.tcp='1' iperf.eenet.udp='1' iperf.eenet.location='Europe' iperf.volia=server iperf.volia.host='iperf.volia.net' iperf.volia.ipv4='1' iperf.volia.ipv6='0' iperf.volia.ports='5201' iperf.volia.tcp='1' iperf.volia.udp='1' iperf.volia.location='Europe' iperf.it_north=server iperf.it_north.host='iperf.it-north.net' iperf.it_north.ipv4='1' iperf.it_north.ipv6='0' iperf.it_north.speed='1000' iperf.it_north.ports='5200,5201,5202,5203,5204,5205,5206,5207,5208,5209' iperf.it_north.tcp='1' iperf.it_north.udp='1' iperf.it_north.location='Asia' iperf.biznet=server iperf.biznet.host='iperf.biznetnetworkds.com' iperf.biznet.ipv4='1' iperf.biznet.ipv6='1' iperf.biznet.speed='1000' iperf.biznet.ports='5201,5202,5203' iperf.biznet.tcp='1' iperf.biznet.udp='0' iperf.biznet.location='Asia' iperf.scottlinux=server iperf.scottlinux.host='iperf.scottlinux.com' iperf.scottlinux.ipv4='1' iperf.scottlinux.ipv6='1' iperf.scottlinux.speed='1000' iperf.scottlinux.ports='5201' iperf.scottlinux.tcp='1' iperf.scottlinux.udp='1' iperf.scottlinux.location='America' iperf.he=server iperf.he.host='iperf.he.net' iperf.he.ipv4='1' iperf.he.ipv6='1' iperf.he.ports='5201' iperf.he.tcp='1' iperf.he.udp='1' iperf.he.location='America' luci.main=core luci.main.lang='auto' luci.main.resourcebase='/luci-static/resources' luci.main.mediaurlbase='/luci-static/openmptcprouter' luci.flash_keep=extern luci.flash_keep.uci='/etc/config/' luci.flash_keep.dropbear='/etc/dropbear/' luci.flash_keep.openvpn='/etc/openvpn/' luci.flash_keep.passwd='/etc/passwd' luci.flash_keep.opkg='/etc/opkg.conf' luci.flash_keep.firewall='/etc/firewall.user' luci.flash_keep.uploads='/lib/uci/upload/' luci.languages=internal luci.languages.ca='Català (Catalan)' luci.languages.cs='Čeština (Czech)' luci.languages.de='Deutsch (German)' luci.languages.el='Ελληνικά (Greek)' luci.languages.en='English' luci.languages.es='Español (Spanish)' luci.languages.fr='Français (French)' luci.languages.he='עִבְרִית (Hebrew)' luci.languages.hu='Magyar (Hungarian)' luci.languages.it='Italiano (Italian)' luci.languages.ja='日本語 (Japanese)' luci.languages.ko='한국어 (Korean)' luci.languages.ms='Bahasa Melayu (Malay)' luci.languages.no='Norsk (Norwegian)' luci.languages.pl='Polski (Polish)' luci.languages.pt='Português (Portuguese)' luci.languages.pt_br='Português do Brasil (Brazialian Portuguese)' luci.languages.ro='Română (Romanian)' luci.languages.ru='Русский (Russian)' luci.languages.sk='Slovenčina (Slovak)' luci.languages.sv='Svenska (Swedish)' luci.languages.tr='Türkçe (Turkish)' luci.languages.vi='Tiếng Việt (Vietnamese)' luci.languages.zh_cn='中文 (Chinese)' luci.languages.zh_tw='臺灣華語 (Taiwanese)' luci.languages.uk='Українська (Ukrainian)' luci.sauth=internal luci.sauth.sessionpath='/tmp/luci-sessions' luci.sauth.sessiontime='3600' luci.ccache=internal luci.ccache.enable='1' luci.themes=internal luci.themes.OpenMPTCProuter='/luci-static/openmptcprouter' luci.themes.Bootstrap='/luci-static/bootstrap' luci.apply=internal luci.apply.rollback='30' luci.apply.holdoff='4' luci.apply.timeout='5' luci.apply.display='1.5' luci.diag=internal luci.diag.ping='openmptcprouter.com' luci.diag.dns='openmptcprouter.com' luci.diag.route='openmptcprouter.com' luci.diag.iperf3='ping-ams1.online.net' luci.diag.getip='ip.openmptcprouter.com' luci.@ifstate[0]=ifstate luci.@ifstate[0].interface='omrvpn' luci.@ifstate[0].ifname='tun0' luci.@ifstate[0].bridge='false' mail.default=smtp mlvpn.general=mlvpn mlvpn.general.timeout='30' mlvpn.general.reorder_buffer_size='64' mlvpn.general.loss_tolerence='50' mlvpn.general.mode='client' mlvpn.general.firstport='65201' mlvpn.general.interface_name='mlvpn0' mlvpn.general.host='188.213.31.131' mlvpn.general.password='' mlvpn.general.loss_tolerance='50' mlvpn.general.enable='0' network.loopback=interface network.loopback.ifname='lo' network.loopback.proto='static' network.loopback.ipaddr='127.0.0.1' network.loopback.netmask='255.0.0.0' network.loopback.multipath='off' network.loopback.macaddr='00:00:00:00:00:00' network.loopback.metric='1' network.globals=globals network.globals.ula_prefix='fd6e:9927:4679::/48' network.globals.multipath='enable' network.globals.mptcp_path_manager='fullmesh' network.globals.mptcp_scheduler='default' network.globals.mptcp_checksum='0' network.globals.mptcp_debug='0' network.globals.mptcp_fullmesh_num_subflows='1' network.globals.mptcp_fullmesh_create_on_err='1' network.globals.mptcp_ndiffports_num_subflows='1' network.globals.congestion='bbr' network.globals.mptcp_syn_retries='1' network.lan=interface network.lan.ifname='eth0' network.lan.proto='static' network.lan.ipaddr='192.168.100.1' network.lan.netmask='255.255.255.0' network.lan.ip6assign='60' network.lan.multipath='off' network.lan.ip4table='lan' network.lan.macaddr='b8:27:eb:47:2d:97' network.lan.metric='2' network.lan.ipv6='0' network.wan1=interface network.wan1.proto='static' network.wan1.ip4table='wan' network.wan1.defaultroute='0' network.wan1.type='macvlan' network.wan1.ifname='wan1' network.wan1.masterintf='eth0' network.wan1.metric='3' network.wan1.netmask='255.255.255.0' network.wan1.macaddr='6e:05:db:bf:9a:f3' network.wan1.ipaddr='192.168.1.10' network.wan1.gateway='192.168.1.1' network.wan1.mtu='1492' network.wan1.peerdns='0' network.wan1.ipv6='0' network.wan1.multipath='master' network.wan2=interface network.wan2.proto='static' network.wan2.ip4table='wan' network.wan2.defaultroute='0' network.wan2.type='macvlan' network.wan2.ifname='wan2' network.wan2.masterintf='eth0' network.wan2.metric='4' network.wan2.netmask='255.255.255.0' network.wan2.macaddr='52:4f:fb:d8:ed:ec' network.wan2.ipaddr='192.168.2.10' network.wan2.gateway='192.168.2.1' network.wan2.mtu='1412' network.wan2.peerdns='0' network.wan2.ipv6='0' network.wan2.multipath='on' network.wan1_dev=device network.wan1_dev.name='wan1' network.wan1_dev.type='macvlan' network.wan1_dev.ifname='eth0' network.wan1_dev.macaddr='6e:05:db:bf:9a:f3' network.wan1_dev.mtu='1492' network.wan2_dev=device network.wan2_dev.name='wan2' network.wan2_dev.type='macvlan' network.wan2_dev.ifname='eth0' network.wan2_dev.macaddr='52:4f:fb:d8:ed:ec' network.wan2_dev.mtu='1412' network.omrvpn=interface network.omrvpn.ip4table='vpn' network.omrvpn.multipath='off' network.omrvpn.leasetime='12h' network.omrvpn.metric='5' network.omrvpn.ifname='tun0' network.omrvpn.ipv6='0' network.omrvpn.proto='none' network.omr6in4=interface network.omr6in4.proto='6in4' network.omr6in4.ip4table='vpn' network.omr6in4.multipath='off' network.omr6in4.peeraddr='10.255.255.1' network.omr6in4.gateway='fe80::a00:1' network.omr6in4.ip6addr='fe80::a00:2' network.omr6in4.metric='6' network.omr6in4.ipaddr='10.255.255.28' nginx-ha.ShadowSocks=nginxha nginx-ha.ShadowSocks.enable='0' nginx-ha.ShadowSocks.retries='1' nginx-ha.ShadowSocks.timeout='1000' nginx-ha.ShadowSocks.listen='0.0.0.0:65101' nginx-ha.ShadowSocks.upstreams='1.2.3.4:65101 weight=1 max_fails=3 fail_timeout=30s' nginx-ha.VPN=nginxha nginx-ha.VPN.enable='0' nginx-ha.VPN.retries='1' nginx-ha.VPN.timeout='1000' nginx-ha.VPN.listen='0.0.0.0:65001' nginx-ha.VPN.upstreams='1.2.3.4:65001 weight=1 max_fails=3 fail_timeout=30s' omr-bypass.all=interface omr-bypass.wan1=interface omr-bypass.wan1.id='3' omr-bypass.wan2=interface omr-bypass.wan2.id='4' omr-bypass.@macs[0]=macs omr-bypass.@macs[0].mac='4C:CC:6A:82:5E:D9' omr-bypass.@macs[0].interface='wan2' omr-bypass.@dpis[0]=dpis omr-bypass.@dpis[0].proto='TeamSpeak' omr-bypass.@dpis[0].interface='eth0' omr-bypass.lo=interface omr-bypass.lo.id='1' omr-bypass.eth0=interface omr-bypass.eth0.id='2' omr-bypass.tun0=interface omr-bypass.tun0.id='5' omr-quota.wan1=interface omr-quota.wan1.enabled='0' omr-quota.wan1.txquota='100000' omr-quota.wan1.rxquota='400000' omr-quota.wan1.ttquota='500000' omr-quota.wan1.interval='10' omr-quota.wan1.interface='wan1' omr-quota.wan2=interface omr-quota.wan2.enabled='0' omr-quota.wan2.txquota='100000' omr-quota.wan2.rxquota='400000' omr-quota.wan2.ttquota='500000' omr-quota.wan2.interval='10' omr-quota.wan2.interface='wan2' omr-tracker.defaults=defaults omr-tracker.defaults.enabled='1' omr-tracker.defaults.hosts='4.2.2.1' '8.8.8.8' '8.8.4.4' '9.9.9.9' '1.1.1.1' '1.0.0.1' '80.67.169.12' '80.67.169.40' omr-tracker.defaults.timeout='3' omr-tracker.defaults.tries='4' omr-tracker.defaults.interval='5' omr-tracker.defaults.interval_tries='1' omr-tracker.defaults.type='ping' omr-tracker.defaults.mail_alert='0' omr-tracker.shadowsocks=shadowsocks omr-tracker.shadowsocks.enabled='1' omr-tracker.shadowsocks.hosts='1.1.1.1' '1.0.0.1' '212.27.48.10' '104.16.1.1' '103.224.182.242' '198.27.92.1' '88.191.250.176' '151.101.129.164' omr-tracker.shadowsocks.timeout='10' omr-tracker.shadowsocks.tries='4' omr-tracker.shadowsocks.interval_tries='1' omr-tracker.shadowsocks.interval='10' omr-tracker.omrvpn=interface omr-tracker.omrvpn.type='none' omr-tracker.omrvpn.timeout='10' omr-tracker.omrvpn.tries='5' omr-tracker.omrvpn.interval='5' omr-tracker.omrvpn.mail_alert='0' omr-tracker.omrvpn.enabled='1' openmptcprouter.settings=settings openmptcprouter.settings.enabled='1' openmptcprouter.settings.disable_ipv6='1' openmptcprouter.settings.shadowsocks_disable='0' openmptcprouter.settings.scaling_min_freq='600000' openmptcprouter.settings.scaling_max_freq='1200000' openmptcprouter.settings.scaling_governor='performance' openmptcprouter.settings.vpn='glorytun_tcp' openmptcprouter.settings.master_lcintf='wan2' 'wan1' 'wan2' 'wan1' 'wan2' 'wan1' 'wan2' 'wan1' 'wan2' 'wan1' 'wan2' 'wan1' 'wan2' 'wan1' openmptcprouter.settings.external_check='1' openmptcprouter.settings.firstboot='0' openmptcprouter.settings.version='0.50.2' openmptcprouter.settings.master='dynamic' openmptcprouter.vps=server openmptcprouter.vps.master='1' openmptcprouter.vps.backup='0' openmptcprouter.vps.port='65500' openmptcprouter.vps.username='openmptcprouter' openmptcprouter.vps.ip='188.213.31.131' openmptcprouter.vps.password='' openmptcprouter.vps.machine='x86_64' openmptcprouter.vps.redirect_ports='1' openmptcprouter.vps.available_vpn='glorytun-tcp' 'glorytun-udp' 'openvpn' 'mlvpn' openmptcprouter.vps.get_config='0' openmptcprouter.vps.kernel='4.14.105-mptcp-310b683' openmptcprouter.vps.admin_error='0' openmptcprouter.vps.omr_version='0.995' openmptcprouter.vps.token='' openmptcprouter.omr=router openmptcprouter.omr.detected_public_ipv4='188.213.31.131' openmptcprouter.omr.detected_ss_ipv4='188.213.31.131' openmptcprouter.omr.shadowsocks='up' openmptcprouter.wan1=interface openmptcprouter.wan1.mtu='1492' openmptcprouter.wan1.mptcp_status='MPTCP enabled' openmptcprouter.wan1.asn='AS3215' openmptcprouter.wan1.state='up' openmptcprouter.wan1.publicip='2.6.80.105' openmptcprouter.wan1.latency_max='488' openmptcprouter.wan1.lc='1560268559' openmptcprouter.wan1.latency_previous='49' openmptcprouter.wan1.latency='38' openmptcprouter.wan2=interface openmptcprouter.wan2.mtu='1412' openmptcprouter.wan2.mptcp_status='MPTCP enabled' openmptcprouter.wan2.asn='EI-TELECOM' openmptcprouter.wan2.latency_max='630' openmptcprouter.wan2.state='up' openmptcprouter.wan2.publicip='193.56.243.122' openmptcprouter.wan2.lc='1560268321' openmptcprouter.wan2.latency_previous='83' openmptcprouter.wan2.latency='57' openmptcprouter.omrvpn=interface openmptcprouter.omrvpn.mtu='1500' openmptcprouter.omrvpn.state='down' openmptcprouter.latest_versions=latest_versions openmptcprouter.latest_versions.vps='0.995' openmptcprouter.latest_versions.omr='0.50.2' openmptcprouter.latest_versions.lc='1560268552' openvpn.custom_config=openvpn openvpn.custom_config.enabled='0' openvpn.custom_config.config='/etc/openvpn/my-vpn.conf' openvpn.sample_server=openvpn openvpn.sample_server.enabled='0' openvpn.sample_server.port='1194' openvpn.sample_server.proto='udp' openvpn.sample_server.dev='tun' openvpn.sample_server.ca='/etc/openvpn/ca.crt' openvpn.sample_server.cert='/etc/openvpn/server.crt' openvpn.sample_server.key='/etc/openvpn/server.key' openvpn.sample_server.dh='/etc/openvpn/dh1024.pem' openvpn.sample_server.server='10.8.0.0 255.255.255.0' openvpn.sample_server.ifconfig_pool_persist='/tmp/ipp.txt' openvpn.sample_server.keepalive='10 120' openvpn.sample_server.compress='lzo' openvpn.sample_server.persist_key='1' openvpn.sample_server.persist_tun='1' openvpn.sample_server.user='nobody' openvpn.sample_server.status='/tmp/openvpn-status.log' openvpn.sample_server.verb='3' openvpn.sample_client=openvpn openvpn.sample_client.enabled='0' openvpn.sample_client.client='1' openvpn.sample_client.dev='tun' openvpn.sample_client.proto='udp' openvpn.sample_client.remote='my_server_1 1194' openvpn.sample_client.resolv_retry='infinite' openvpn.sample_client.nobind='1' openvpn.sample_client.persist_key='1' openvpn.sample_client.persist_tun='1' openvpn.sample_client.user='nobody' openvpn.sample_client.ca='/etc/openvpn/ca.crt' openvpn.sample_client.cert='/etc/openvpn/client.crt' openvpn.sample_client.key='/etc/openvpn/client.key' openvpn.sample_client.compress='lzo' openvpn.sample_client.verb='3' openvpn.omr=openvpn openvpn.omr.dev='tun0' openvpn.omr.port='65301' openvpn.omr.cipher='AES-256-CBC' openvpn.omr.proto='tcp-client' openvpn.omr.enabled='0' openvpn.omr.ncp_disable='1' openvpn.omr.auth_nocache='1' openvpn.omr.secret='/etc/luci-uploads/openvpn.key' openvpn.omr.remote='188.213.31.131' rpcd.@rpcd[0]=rpcd rpcd.@rpcd[0].socket='/var/run/ubus.sock' rpcd.@rpcd[0].timeout='30' rpcd.@login[0]=login rpcd.@login[0].username='root' rpcd.@login[0].password='$p$root' rpcd.@login[0].read='' rpcd.@login[0].write='' shadowsocks-libev.hi=ss_redir shadowsocks-libev.hi.server='sss0' shadowsocks-libev.hi.local_port='1100' shadowsocks-libev.hi.mode='tcp_and_udp' shadowsocks-libev.hi.timeout='600' shadowsocks-libev.hi.fast_open='1' shadowsocks-libev.hi.verbose='0' shadowsocks-libev.hi.syslog='1' shadowsocks-libev.hi.reuse_port='1' shadowsocks-libev.hi.mptcp='1' shadowsocks-libev.hi.ipv6_first='1' shadowsocks-libev.hi.no_delay='1' shadowsocks-libev.hi.local_address='0.0.0.0' shadowsocks-libev.hi.ebpf='0' shadowsocks-libev.hi.obfs_plugin='v2ray' shadowsocks-libev.hi.obfs='1' shadowsocks-libev.hi.obfs_type='http' shadowsocks-libev.hi2=ss_redir shadowsocks-libev.hi2.server='sss0' shadowsocks-libev.hi2.local_address='0.0.0.0' shadowsocks-libev.hi2.local_port='1100' shadowsocks-libev.hi2.mode='tcp_and_udp' shadowsocks-libev.hi2.timeout='600' shadowsocks-libev.hi2.fast_open='1' shadowsocks-libev.hi2.verbose='0' shadowsocks-libev.hi2.syslog='1' shadowsocks-libev.hi2.reuse_port='1' shadowsocks-libev.hi2.mptcp='1' shadowsocks-libev.hi2.ipv6_first='1' shadowsocks-libev.hi2.no_delay='1' shadowsocks-libev.hi2.ebpf='0' shadowsocks-libev.hi2.obfs_plugin='v2ray' shadowsocks-libev.hi2.obfs='1' shadowsocks-libev.hi2.obfs_type='http' shadowsocks-libev.ss_rules=ss_rules shadowsocks-libev.ss_rules.disabled='0' shadowsocks-libev.ss_rules.redir_tcp='hi' shadowsocks-libev.ss_rules.src_default='forward' shadowsocks-libev.ss_rules.dst_default='forward' shadowsocks-libev.ss_rules.local_default='forward' shadowsocks-libev.sss0=server shadowsocks-libev.sss0.server_port='65101' shadowsocks-libev.sss0.method='chacha20' shadowsocks-libev.sss0.server='188.213.31.131' shadowsocks-libev.sss0.key='=' shadowsocks-libev.dns=ss_tunnel shadowsocks-libev.dns.disabled='1' shadowsocks-libev.dns.mode='tcp_and_udp' shadowsocks-libev.dns.server='sss0' shadowsocks-libev.dns.local_port='5353' shadowsocks-libev.dns.tunnel_address='8.8.8.8:53' shadowsocks-libev.hi3=ss_redir shadowsocks-libev.hi3.server='sss0' shadowsocks-libev.hi3.local_address='0.0.0.0' shadowsocks-libev.hi3.local_port='1100' shadowsocks-libev.hi3.mode='tcp_and_udp' shadowsocks-libev.hi3.timeout='600' shadowsocks-libev.hi3.fast_open='1' shadowsocks-libev.hi3.reuse_port='1' shadowsocks-libev.hi3.syslog='1' shadowsocks-libev.hi3.mptcp='1' shadowsocks-libev.hi3.no_delay='1' shadowsocks-libev.hi3.verbose='0' shadowsocks-libev.hi3.ebpf='0' shadowsocks-libev.hi3.obfs_plugin='v2ray' shadowsocks-libev.hi3.obfs='1' shadowsocks-libev.hi3.obfs_type='http' shadowsocks-libev.hi4=ss_redir shadowsocks-libev.hi4.server='sss0' shadowsocks-libev.hi4.local_address='0.0.0.0' shadowsocks-libev.hi4.local_port='1100' shadowsocks-libev.hi4.mode='tcp_and_udp' shadowsocks-libev.hi4.timeout='600' shadowsocks-libev.hi4.fast_open='1' shadowsocks-libev.hi4.reuse_port='1' shadowsocks-libev.hi4.syslog='1' shadowsocks-libev.hi4.mptcp='1' shadowsocks-libev.hi4.no_delay='1' shadowsocks-libev.hi4.verbose='0' shadowsocks-libev.hi4.ebpf='0' shadowsocks-libev.hi4.obfs_plugin='v2ray' shadowsocks-libev.hi4.obfs='1' shadowsocks-libev.hi4.obfs_type='http' shadowsocks-libev.tracker=ss_local shadowsocks-libev.tracker.server='sss0' shadowsocks-libev.tracker.local_address='127.0.0.1' shadowsocks-libev.tracker.local_port='1111' shadowsocks-libev.tracker.mode='tcp_and_udp' shadowsocks-libev.tracker.timeout='600' shadowsocks-libev.tracker.fast_open='1' shadowsocks-libev.tracker.syslog='0' shadowsocks-libev.tracker.reuse_port='1' shadowsocks-libev.tracker.mptcp='1' shadowsocks-libev.tracker.verbose='0' shadowsocks-libev.tracker.no_delay='1' shadowsocks-libev.tracker.ebpf='0' shadowsocks-libev.tracker.obfs_plugin='v2ray' shadowsocks-libev.tracker.obfs='1' shadowsocks-libev.tracker.obfs_type='http' snmpd.@agent[0]=agent snmpd.@agent[0].agentaddress='UDP:161,UDP6:161' snmpd.@agentx[0]=agentx snmpd.@agentx[0].agentxsocket='/var/run/agentx.sock' snmpd.public=com2sec snmpd.public.secname='ro' snmpd.public.source='default' snmpd.public.community='public' snmpd.private=com2sec snmpd.private.secname='rw' snmpd.private.source='localhost' snmpd.private.community='private' snmpd.public_v1=group snmpd.public_v1.group='public' snmpd.public_v1.version='v1' snmpd.public_v1.secname='ro' snmpd.public_v2c=group snmpd.public_v2c.group='public' snmpd.public_v2c.version='v2c' snmpd.public_v2c.secname='ro' snmpd.public_usm=group snmpd.public_usm.group='public' snmpd.public_usm.version='usm' snmpd.public_usm.secname='ro' snmpd.private_v1=group snmpd.private_v1.group='private' snmpd.private_v1.version='v1' snmpd.private_v1.secname='rw' snmpd.private_v2c=group snmpd.private_v2c.group='private' snmpd.private_v2c.version='v2c' snmpd.private_v2c.secname='rw' snmpd.private_usm=group snmpd.private_usm.group='private' snmpd.private_usm.version='usm' snmpd.private_usm.secname='rw' snmpd.all=view snmpd.all.viewname='all' snmpd.all.type='included' snmpd.all.oid='.1' snmpd.public_access=access snmpd.public_access.group='public' snmpd.public_access.context='none' snmpd.public_access.version='any' snmpd.public_access.level='noauth' snmpd.public_access.prefix='exact' snmpd.public_access.read='all' snmpd.public_access.write='none' snmpd.public_access.notify='none' snmpd.private_access=access snmpd.private_access.group='private' snmpd.private_access.context='none' snmpd.private_access.version='any' snmpd.private_access.level='noauth' snmpd.private_access.prefix='exact' snmpd.private_access.read='all' snmpd.private_access.write='all' snmpd.private_access.notify='all' snmpd.@system[0]=system snmpd.@system[0].sysLocation='office' snmpd.@system[0].sysContact='bofh@example.com' snmpd.@system[0].sysName='OpenMPTCProuter' snmpd.@exec[0]=exec snmpd.@exec[0].name='filedescriptors' snmpd.@exec[0].prog='/bin/cat' snmpd.@exec[0].args='/proc/sys/fs/file-nr' snmpd.@engineid[0]=engineid snmpd.@engineid[0].engineidtype='3' snmpd.@engineid[0].engineidnic='eth0' snmpd.general=snmpd snmpd.general.network='lan' snmpd.general.enabled='0' snmpd.general.ipv6cpipv4='1' sqm.wan1=queue sqm.wan1.qdisc='fq_codel' sqm.wan1.script='simple.qos' sqm.wan1.qdisc_advanced='0' sqm.wan1.linklayer='none' sqm.wan1.upload='0' sqm.wan1.debug_logging='0' sqm.wan1.verbosity='5' sqm.wan1.interface='eth0' sqm.wan1.enabled='0' sqm.wan1.download='0' sqm.wan2=queue sqm.wan2.qdisc='fq_codel' sqm.wan2.script='simple.qos' sqm.wan2.qdisc_advanced='0' sqm.wan2.linklayer='none' sqm.wan2.upload='0' sqm.wan2.debug_logging='0' sqm.wan2.verbosity='5' sqm.wan2.interface='eth0' sqm.wan2.enabled='0' sqm.wan2.download='0' system.@system[0]=system system.@system[0].hostname='OpenMPTCProuter' system.@system[0].log_size='64' system.@system[0].urandom_seed='0' system.@system[0].ttylogin='1' system.@system[0].zonename='Europe/Paris' system.@system[0].timezone='CET-1CEST,M3.5.0,M10.5.0/3' system.@system[0].log_proto='udp' system.@system[0].conloglevel='8' system.@system[0].cronloglevel='8' system.ntp=timeserver system.ntp.enabled='1' system.ntp.server='0.lede.pool.ntp.org' '1.lede.pool.ntp.org' '2.lede.pool.ntp.org' '3.lede.pool.ntp.org' system.@rngd[0]=rngd system.@rngd[0].device='/dev/urandom' system.@rngd[0].enabled='1' ucitrack.@network[0]=network ucitrack.@network[0].init='network' ucitrack.@network[0].affects='dhcp' 'radvd' 'macvlan' 'omr6in4' 'mptcp' 'omr-quota' 'omr-tracker' 'openmptcprouter' 'openmptcprouter' 'openmptcprouter' 'openmptcprouter' 'openmptcprouter' 'openmptcprouter' 'openmptcprouter' 'openmptcprouter' ucitrack.@wireless[0]=wireless ucitrack.@wireless[0].affects='network' ucitrack.@firewall[0]=firewall ucitrack.@firewall[0].init='firewall' ucitrack.@firewall[0].affects='luci-splash' 'qos' 'miniupnpd' 'sqm' ucitrack.@olsr[0]=olsr ucitrack.@olsr[0].init='olsrd' ucitrack.@dhcp[0]=dhcp ucitrack.@dhcp[0].init='dnsmasq' ucitrack.@dhcp[0].affects='odhcpd' ucitrack.@odhcpd[0]=odhcpd ucitrack.@odhcpd[0].init='odhcpd' ucitrack.@dropbear[0]=dropbear ucitrack.@dropbear[0].init='dropbear' ucitrack.@httpd[0]=httpd ucitrack.@httpd[0].init='httpd' ucitrack.@fstab[0]=fstab ucitrack.@fstab[0].exec='/sbin/block mount' ucitrack.@qos[0]=qos ucitrack.@qos[0].init='qos' ucitrack.@system[0]=system ucitrack.@system[0].init='led' ucitrack.@system[0].exec='/etc/init.d/log reload' ucitrack.@system[0].affects='luci_statistics' 'dhcp' ucitrack.@luci_splash[0]=luci_splash ucitrack.@luci_splash[0].init='luci_splash' ucitrack.@ntpclient[0]=ntpclient ucitrack.@ntpclient[0].init='ntpclient' ucitrack.@samba[0]=samba ucitrack.@samba[0].init='samba' ucitrack.@tinyproxy[0]=tinyproxy ucitrack.@tinyproxy[0].init='tinyproxy' ucitrack.@glorytun[0]=glorytun ucitrack.@glorytun[0].init='glorytun' ucitrack.@glorytun[0].affects='glorytun-udp' ucitrack.@glorytun-udp[0]=glorytun-udp ucitrack.@glorytun-udp[0].init='glorytun-udp' ucitrack.@upnpd[0]=upnpd ucitrack.@upnpd[0].init='miniupnpd' ucitrack.@shadowsocks-libev[0]=shadowsocks-libev ucitrack.@shadowsocks-libev[0].init='shadowsocks-libev' ucitrack.@shadowsocks-libev[0].affects='omr-tracker' ucitrack.@vnstat[0]=vnstat ucitrack.@vnstat[0].init='vnstat' ucitrack.@mlvpn[0]=mlvpn ucitrack.@mlvpn[0].init='mlvpn' ucitrack.@mail[0]=mail ucitrack.@mail[0].init='mail' ucitrack.@omr-bypass[0]=omr-bypass ucitrack.@omr-bypass[0].init='omr-bypass' ucitrack.@nginx-ha[0]=nginx-ha ucitrack.@nginx-ha[0].init='nginx-ha' ucitrack.@snmpd[0]=snmpd ucitrack.@snmpd[0].init='snmpd' ucitrack.@macvlan[0]=macvlan ucitrack.@macvlan[0].init='macvlan' ucitrack.@unbound[0]=unbound ucitrack.@unbound[0].init='unbound' ucitrack.@sqm[0]=sqm ucitrack.@sqm[0].init='sqm' ucitrack.@mptcp[0]=mptcp ucitrack.@mptcp[0].init='mptcp' ucitrack.@omr-quota[0]=omr-quota ucitrack.@omr-quota[0].init='omr-quota' ucitrack.@omr-tracker[0]=omr-tracker ucitrack.@omr-tracker[0].init='omr-tracker' ucitrack.@openmptcprouter[0]=openmptcprouter ucitrack.@openmptcprouter[0].init='openmptcprouter' uhttpd.main=uhttpd uhttpd.main.listen_http='0.0.0.0:80' '[::]:80' uhttpd.main.listen_https='0.0.0.0:443' '[::]:443' uhttpd.main.home='/www' uhttpd.main.rfc1918_filter='1' uhttpd.main.max_requests='3' uhttpd.main.max_connections='100' uhttpd.main.cert='/etc/uhttpd.crt' uhttpd.main.key='/etc/uhttpd.key' uhttpd.main.cgi_prefix='/cgi-bin' uhttpd.main.lua_prefix='/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua' uhttpd.main.tcp_keepalive='1' uhttpd.main.ubus_prefix='/ubus' uhttpd.main.redirect_https='0' uhttpd.main.script_timeout='240' uhttpd.main.network_timeout='240' uhttpd.main.http_keepalive='60' uhttpd.defaults=cert uhttpd.defaults.days='730' uhttpd.defaults.bits='2048' uhttpd.defaults.country='ZZ' uhttpd.defaults.state='Somewhere' uhttpd.defaults.location='Unknown' uhttpd.defaults.commonname='openmptcprouter' unbound.@unbound[0]=unbound unbound.@unbound[0].add_extra_dns='0' unbound.@unbound[0].add_local_fqdn='1' unbound.@unbound[0].add_wan_fqdn='0' unbound.@unbound[0].dhcp_link='none' unbound.@unbound[0].dhcp4_slaac6='0' unbound.@unbound[0].dns64='0' unbound.@unbound[0].dns64_prefix='64:ff9b::/96' unbound.@unbound[0].domain='lan' unbound.@unbound[0].domain_type='static' unbound.@unbound[0].edns_size='1280' unbound.@unbound[0].extended_luci='0' unbound.@unbound[0].extended_stats='0' unbound.@unbound[0].hide_binddata='1' unbound.@unbound[0].localservice='1' unbound.@unbound[0].manual_conf='0' unbound.@unbound[0].query_minimize='0' unbound.@unbound[0].query_min_strict='0' unbound.@unbound[0].rebind_localhost='0' unbound.@unbound[0].rebind_protection='1' unbound.@unbound[0].resource='default' unbound.@unbound[0].root_age='9' unbound.@unbound[0].ttl_min='120' unbound.@unbound[0].unbound_control='0' unbound.@unbound[0].validator='0' unbound.@unbound[0].validator_ntp='1' unbound.@unbound[0].trigger_interface='lan' 'wan' unbound.@unbound[0].listen_port='5353' unbound.@unbound[0].protocol='ip4_only' unbound.@unbound[0].enabled='1' unbound.@unbound[0].recursion='aggressive' upnpd.@perm_rule[0]=perm_rule upnpd.@perm_rule[0].action='allow' upnpd.@perm_rule[0].ext_ports='1024-65535' upnpd.@perm_rule[0].int_addr='0.0.0.0/0' upnpd.@perm_rule[0].int_ports='1024-65535' upnpd.@perm_rule[0].comment='Allow high ports' upnpd.@perm_rule[1]=perm_rule upnpd.@perm_rule[1].action='deny' upnpd.@perm_rule[1].ext_ports='0-65535' upnpd.@perm_rule[1].int_addr='0.0.0.0/0' upnpd.@perm_rule[1].int_ports='0-65535' upnpd.@perm_rule[1].comment='Default deny' upnpd.config=upnpd upnpd.config.download='1024' upnpd.config.upload='512' upnpd.config.internal_iface='lan' upnpd.config.port='5000' upnpd.config.upnp_lease_file='/var/run/miniupnpd.leases' upnpd.config.uuid='194fa5ae-29ff-4200-a4fe-de5ddba2532f' upnpd.config.enable_natpmp='0' upnpd.config.igdv1='1' upnpd.config.enabled='0' vnstat.@vnstat[0]=vnstat vnstat.@vnstat[0].interface='wan1' 'wan2' wireless.radio0=wifi-device wireless.radio0.type='mac80211' wireless.radio0.channel='11' wireless.radio0.hwmode='11g' wireless.radio0.path='platform/soc/3f300000.mmc/mmc_host/mmc1/mmc1:0001/mmc1:0001:1' wireless.radio0.htmode='HT20' wireless.radio0.disabled='1'

================================================ J'en profite pour te joindre aussi les routes actives IPv4 (je n'utilise pas l'IPv6). Pour ma part, je n'ai pas défini de routes autres que celles prévues par le système :

Capture

Ysurac commented 5 years ago

Le VPS ne semble pas avoir été redémarré après la mise à jour. Tu peux déjà essayer et vérifier que le kernel est bien le 4.14.122

Randdrick commented 5 years ago

En effet, je n'avais pas redémarré le VPS. Chose faite désormais. Il est bien à la version 4.14.122.

Je te tiens au courant dans le cas ou le problème persiste. merci pour ton aide.

Randdrick commented 5 years ago

Bonjour, Bon malgré le reboot du serveur, le problème persiste. Voici ce que j'ai relevé dans mon journal aujourd'hui :

Wed Jun 12 15:09:38 2019 daemon.err glorytun[4625]: read: Operation timed out Wed Jun 12 15:09:38 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:10:04 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:10:09 2019 user.notice post-tracking-post-tracking: Change master interface from wan2 (201 ms) to wan1 (36 ms) Wed Jun 12 15:10:14 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:10:14 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:10:15 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:10:17 2019 user.notice post-tracking-post-tracking: Set server vps (188.213.31.131) default route via 192.168.1.1 Wed Jun 12 15:10:25 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:10:25 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:10:26 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:10:36 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:10:36 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:10:37 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:10:47 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:10:47 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:10:49 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:10:59 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:10:59 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:11:00 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:11:10 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:11:10 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:11:11 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:11:21 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:11:21 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:11:22 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:11:32 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: key exchange failed Wed Jun 12 15:11:32 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:11:33 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:11:42 2019 daemon.info glorytun[4625]: STARTED tun0 Wed Jun 12 15:25:43 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:25:44 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:25:44 2019 daemon.info glorytun[4625]: STARTED tun0

Il doit y avoir quelque chose qui ne plait pas à Glorytun.

Ysurac commented 5 years ago

Ca semble être quand OpenMPTCProuter change d'interface maitre. Dans Systéme->OpenMPTCProuter puis paramètres avancés en mettant "Selection de l'interface maître" à autre chose que dynamique ça devrait limiter le soucis, au moins celui du "key exchange failed". Sinon le soucis est ailleurs...

Randdrick commented 5 years ago

Avant la version 0.50, je n'avais pas de problèmes avec le mode dynamique, dans le changement d'interface. Peut-être est-ce une piste ?

Dans le log, glorytun passe en timeout avant le changement d'interface :

Wed Jun 12 15:09:38 2019 daemon.err glorytun[4625]: read: Operation timed out Wed Jun 12 15:09:38 2019 daemon.info glorytun[4625]: STOPPED tun0 Wed Jun 12 15:10:04 2019 daemon.err glorytun[4625]: 188.213.31.131.65001: connected Wed Jun 12 15:10:09 2019 user.notice post-tracking-post-tracking: Change master interface from wan2 (201 ms) to wan1 (36 ms)

C’est pour cela que je pense à un problème au niveau de Glorytun

Ysurac commented 5 years ago

Il passe en timeout car l'interface wan2 répond mal, le tracker doit avoir un timeout un peu plus élevé, je vais augmenter un peu celui de glorytun tcp dans la prochaine version. Mais ce n'est pas réellement le soucis.