domenico/openwrt-kernel5.4-nss-qsdk10.0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
domenico
2025-06-24 13:14:22 +02:00
commit 4002f145fc
9002 changed files with 1731834 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
package/qca/qca-nss-ecm/files/ecm_dump.sh Normal file
View File

@@ -0,0 +1,95 @@
#!/bin/sh
#
# Copyright (c) 2015-2016, The Linux Foundation. All rights reserved.
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
ECM_MODULE=${1:-ecm_state}
MOUNT_ROOT=/dev/ecm
#
# usage: ecm_dump.sh [module=ecm_db]
#
# with no parameters, ecm_dump.sh will attempt to mount the
# ecm_db state file and cat its contents.
#
# example with a parameter: ecm_dump.sh ecm_classifier_default
#
# this will cause ecm_dump to attempt to find and mount the state
# file for the ecm_classifier_default module, and if successful
# cat the contents.
#
# this is one of the state files, which happens to be the
# last module started in ecm
ECM_STATE=/sys/kernel/debug/ecm/ecm_state/state_dev_major
# tests to see if ECM is up and ready to receive commands.
# returns 0 if ECM is fully up and ready, else 1
ecm_is_ready() {
if [ ! -e "${ECM_STATE}" ]
then
return 1
fi
return 0
}
#
# module_state_mount(module_name)
# Mounts the state file of the module, if supported
#
module_state_mount() {
local module_name=$1
local mount_dir=$2
local state_file="/sys/kernel/debug/ecm/${module_name}/state_dev_major"
if [ -e "${mount_dir}/${module_name}" ]
then
# already mounted
return 0
fi
#echo "Mount state file for $module_name ..."
if [ ! -e "$state_file" ]
then
#echo "... $module_name does not support state"
return 1
fi
local major="`cat $state_file`"
#echo "... Mounting state $state_file with major: $major"
mknod "${mount_dir}/${module_name}" c $major 0
}
#
# main
#
ecm_is_ready || {
#echo "ECM is not running"
exit 1
}
# all state files are mounted under MOUNT_ROOT, so make sure it exists
mkdir -p ${MOUNT_ROOT}
#
# attempt to mount state files for the requested module and cat it
# if the mount succeeded
#
module_state_mount ${ECM_MODULE} ${MOUNT_ROOT} && {
cat ${MOUNT_ROOT}/${ECM_MODULE}
exit 0
}
exit 2

6
package/qca/qca-nss-ecm/files/on-demand-down Normal file
View File

@@ -0,0 +1,6 @@
#!/bin/sh
# Copyright (c) 2016 The Linux Foundation. All rights reserved.
[ -e "/sys/kernel/debug/ecm/ecm_db/defunct_all" ] && {
echo 1 > /sys/kernel/debug/ecm/ecm_db/defunct_all
}

28
package/qca/qca-nss-ecm/files/qca-nss-ecm.defaults Normal file
View File

@@ -0,0 +1,28 @@
#!/bin/sh
#
# Copyright (c) 2015-2016, The Linux Foundation. All rights reserved.
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
uci -q batch << EOF
delete firewall.qcanssecm
set firewall.qcanssecm=include
set firewall.qcanssecm.type=script
set firewall.qcanssecm.path=/etc/firewall.d/qca-nss-ecm
set firewall.qcanssecm.family=any
set firewall.qcanssecm.reload=1
commit firewall
EOF
exit 0

18
package/qca/qca-nss-ecm/files/qca-nss-ecm.firewall Normal file
View File

@@ -0,0 +1,18 @@
#!/bin/sh
#
# Copyright (c) 2015-2016, The Linux Foundation. All rights reserved.
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
iptables -A FORWARD -m physdev --physdev-is-bridged -j ACCEPT

118
package/qca/qca-nss-ecm/files/qca-nss-ecm.init Normal file
View File

@@ -0,0 +1,118 @@
#!/bin/sh /etc/rc.common
#
# Copyright (c) 2014, 2019 The Linux Foundation. All rights reserved.
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# The shebang above has an extra space intentially to avoid having
# openwrt build scripts automatically enable this package starting
# at boot.
START=19
get_front_end_mode() {
config_load "ecm"
config_get front_end global acceleration_engine "auto"
case $front_end in
auto)
echo '0'
;;
nss)
echo '1'
;;
sfe)
echo '2'
;;
*)
echo 'uci_option_acceleration_engine is invalid'
esac
}
support_bridge() {
#NSS support bridge acceleration
[ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && return 0
#SFE doesn't support bridge acceleration
[ -d /sys/kernel/debug/ecm/ecm_sfe_ipv4 ] && return 1
}
load_sfe() {
[ -d /sys/module/shortcut_fe ] || insmod shortcut-fe
[ -d /sys/module/shortcut_fe_ipv6 ] || insmod shortcut-fe-ipv6
[ -d /sys/module/shortcut_fe_drv ] || insmod shortcut-fe-drv
}
load_ecm() {
[ -d /sys/module/ecm ] || {
[ ! -e /proc/device-tree/MP_256 ] && load_sfe
insmod ecm front_end_selection=$(get_front_end_mode)
}
support_bridge && {
sysctl -w net.bridge.bridge-nf-call-ip6tables=1
sysctl -w net.bridge.bridge-nf-call-iptables=1
}
}
unload_ecm() {
sysctl -w net.bridge.bridge-nf-call-ip6tables=0
sysctl -w net.bridge.bridge-nf-call-iptables=0
if [ -d /sys/module/ecm ]; then
#
# Stop ECM frontends
#
echo 1 > /sys/kernel/debug/ecm/front_end_ipv4_stop
echo 1 > /sys/kernel/debug/ecm/front_end_ipv6_stop
#
# Defunct the connections
#
echo 1 > /sys/kernel/debug/ecm/ecm_db/defunct_all
sleep 5;
rmmod ecm
sleep 1
fi
}
start() {
load_ecm
# If the acceleration engine is NSS, enable wifi redirect.
[ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && sysctl -w dev.nss.general.redirect=1
support_bridge && {
echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.d/qca-nss-ecm.conf
echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.d/qca-nss-ecm.conf
}
if [ -d /sys/module/qca_ovsmgr ]; then
insmod ecm_ovs
fi
}
stop() {
# If the acceleration engine is NSS, disable wifi redirect.
[ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && sysctl -w dev.nss.general.redirect=0
sed '/net.bridge.bridge-nf-call-ip6tables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf
sed '/net.bridge.bridge-nf-call-iptables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf
if [ -d /sys/module/ecm_ovs ]; then
rmmod ecm_ovs
fi
unload_ecm
}

2
package/qca/qca-nss-ecm/files/qca-nss-ecm.sysctl Normal file
View File

@@ -0,0 +1,2 @@
# nf_conntrack_tcp_no_window_check is 0 by default, set it to 1
net.netfilter.nf_conntrack_tcp_no_window_check=1

2
package/qca/qca-nss-ecm/files/qca-nss-ecm.uci Normal file
View File

@@ -0,0 +1,2 @@
config ecm 'global'
option acceleration_engine 'auto'