From c56307acc36a03966b45c55e6857d978bbac7f8c Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Tue, 27 Jan 2009 20:49:04 +0000 Subject: [PATCH] Add MSS Clamping option for Essentials (closes #45) Rename "MSS correction" to the correct term "MSS Clamping" in Firewall Automatically set "defaultroute" and "peerdns" when PPP is selected in Essentials --- .../luci-fw/luasrc/i18n/luci-fw.de.lua | 4 +- .../luci-fw/luasrc/i18n/luci-fw.de.xml | 4 +- .../luci-fw/luasrc/i18n/luci-fw.en.lua | 4 +- .../luci-fw/luasrc/i18n/luci-fw.en.xml | 4 +- i18n/english/luasrc/i18n/admin-core.en.lua | 2 + i18n/english/luasrc/i18n/admin-core.en.xml | 3 +- i18n/french/luasrc/i18n/admin-core.fr.lua | 2 + i18n/french/luasrc/i18n/admin-core.fr.xml | 3 ++ i18n/german/luasrc/i18n/admin-core.de.lua | 2 + i18n/german/luasrc/i18n/admin-core.de.xml | 3 ++ i18n/italian/luasrc/i18n/admin-core.it.lua | 2 + i18n/italian/luasrc/i18n/admin-core.it.xml | 2 + .../luasrc/i18n/admin-core.pt-br.lua | 2 + .../luasrc/i18n/admin-core.pt-br.xml | 2 + i18n/russian/luasrc/i18n/admin-core.ru.lua | 2 + i18n/russian/luasrc/i18n/admin-core.ru.xml | 2 + .../luasrc/model/cbi/mini/network.lua | 38 +++++++++++++++++++ 17 files changed, 72 insertions(+), 9 deletions(-) diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.de.lua b/applications/luci-fw/luasrc/i18n/luci-fw.de.lua index c58bba7bd0..9659839e68 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.de.lua +++ b/applications/luci-fw/luasrc/i18n/luci-fw.de.lua @@ -12,7 +12,7 @@ fw_fw1 = 'Die Firewall erstellt Netzwerkzonen über bestimmte Netzwerkschnittste fw_src = 'Quelle' fw_dest = 'Ziel' fw_traffic = 'Verkehrskontrolle' -fw_mtufix = 'MSS-Korrektur' +fw_mtufix = 'MSS Clamping' fw_dropinvalid = 'Ungültige Pakete verwerfen' firewall_rule_src = 'Eingangszone' firewall_rule_dest = 'Ausgangszone' @@ -35,7 +35,7 @@ firewall_redirect_destport = 'Interner Port (optional)' firewall_redirect_destport_desc = 'Port od. Erster-Letzter Port' firewall_redirect_srcip = 'Quelladresse' firewall_redirect_srcmac = 'Quell-MAC-Adresse' -fw_forwarding1 = 'An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann eine MSS-Korrektur helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben.' +fw_forwarding1 = 'An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann MSS Clamping helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben.' firewall_forwarding_src = 'Eingang' firewall_forwarding_dest = 'Ausgang' firewall_defaults = 'Grundeinstellungen' diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.de.xml b/applications/luci-fw/luasrc/i18n/luci-fw.de.xml index 265ac8539f..8578753eb3 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.de.xml +++ b/applications/luci-fw/luasrc/i18n/luci-fw.de.xml @@ -16,7 +16,7 @@ Quelle Ziel Verkehrskontrolle -MSS-Korrektur +MSS Clamping Ungültige Pakete verwerfen Eingangszone Ausgangszone @@ -42,7 +42,7 @@ Quell-MAC-Adresse -An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann eine MSS-Korrektur helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben. +An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann MSS Clamping helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben. Eingang Ausgang diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.en.lua b/applications/luci-fw/luasrc/i18n/luci-fw.en.lua index b39443b108..14bfa3c315 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.en.lua +++ b/applications/luci-fw/luasrc/i18n/luci-fw.en.lua @@ -23,7 +23,7 @@ fw_drop = 'drop' fw_src = 'Source' fw_dest = 'Destination' fw_traffic = 'Traffic Control' -fw_mtufix = 'MSS-Correction' +fw_mtufix = 'MSS Clamping' fw_dropinvalid = 'Drop invalid packets' fw_portfw1 = 'Port forwarding allows to provide network services in the internal network to an external network.' firewall_redirect_src_desc = 'External Zone' @@ -35,7 +35,7 @@ firewall_redirect_destip = 'Internal address' firewall_redirect_destip_desc = 'IP-Address' firewall_redirect_destport = 'Internal port (optional)' firewall_redirect_destport_desc = 'port or range as first-last' -fw_forwarding1 = 'Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS-Correction otherwise disable it for performance reasons.' +fw_forwarding1 = 'Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS Clamping otherwise disable it for performance reasons.' firewall_forwarding_src = 'Input' firewall_forwarding_dest = 'Output' firewall_defaults = 'Defaults' diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.en.xml b/applications/luci-fw/luasrc/i18n/luci-fw.en.xml index be4118edd9..72856e03d0 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.en.xml +++ b/applications/luci-fw/luasrc/i18n/luci-fw.en.xml @@ -27,7 +27,7 @@ Source Destination Traffic Control -MSS-Correction +MSS Clamping Drop invalid packets Port forwarding allows to provide network services in the internal network to an external network. @@ -41,7 +41,7 @@ Internal port (optional) port or range as first-last -Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS-Correction otherwise disable it for performance reasons. +Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS Clamping otherwise disable it for performance reasons. Input Output diff --git a/i18n/english/luasrc/i18n/admin-core.en.lua b/i18n/english/luasrc/i18n/admin-core.en.lua index 3f2991c298..e22b01917b 100644 --- a/i18n/english/luasrc/i18n/admin-core.en.lua +++ b/i18n/english/luasrc/i18n/admin-core.en.lua @@ -329,3 +329,5 @@ hostnames_entries = 'Host entries' hostnames_hostname = 'Hostname' hostnames_address = 'IP address' luci_components = "LuCI Components" +m_n_mssfix = "Clamp Segment Size" +m_n_mssfix_desc = "Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs." diff --git a/i18n/english/luasrc/i18n/admin-core.en.xml b/i18n/english/luasrc/i18n/admin-core.en.xml index 1040a1726f..23ab06ed57 100644 --- a/i18n/english/luasrc/i18n/admin-core.en.xml +++ b/i18n/english/luasrc/i18n/admin-core.en.xml @@ -329,5 +329,6 @@ Host entries Hostname IP address - +Clamp Segment Size +Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs. diff --git a/i18n/french/luasrc/i18n/admin-core.fr.lua b/i18n/french/luasrc/i18n/admin-core.fr.lua index 06a2cd6acd..a4789a0359 100644 --- a/i18n/french/luasrc/i18n/admin-core.fr.lua +++ b/i18n/french/luasrc/i18n/admin-core.fr.lua @@ -323,3 +323,5 @@ hostnames_entries = 'Entrées d'hôtes' hostnames_hostname = 'Nom d'hôte' hostnames_address = 'Adresse IP' network_interface_encaps = 'PPPoA Encapsulation' +m_n_mssfix = "Clamp Segment Size" +m_n_mssfix_desc = "Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs." diff --git a/i18n/french/luasrc/i18n/admin-core.fr.xml b/i18n/french/luasrc/i18n/admin-core.fr.xml index 9bf1e798af..5629245426 100644 --- a/i18n/french/luasrc/i18n/admin-core.fr.xml +++ b/i18n/french/luasrc/i18n/admin-core.fr.xml @@ -327,5 +327,8 @@ Nom d'hôte Adresse IP PPPoA Encapsulation +Clamp Segment Size +Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs. + diff --git a/i18n/german/luasrc/i18n/admin-core.de.lua b/i18n/german/luasrc/i18n/admin-core.de.lua index ee3cbefbf1..842c6953b8 100644 --- a/i18n/german/luasrc/i18n/admin-core.de.lua +++ b/i18n/german/luasrc/i18n/admin-core.de.lua @@ -341,3 +341,5 @@ hostnames_entries = 'Host-Einträge' hostnames_hostname = 'Rechnername' hostnames_address = 'IP-Adresse' luci_components = "LuCI Komponenten" +m_n_mssfix = "Segmentgrößen Clamping" +m_n_mssfix_desc = "Behebt Probleme bei nicht erreichbaren Webseiten, Absenden von Formularen oder anderes unerwartetes Verhalten für einige ISPs." diff --git a/i18n/german/luasrc/i18n/admin-core.de.xml b/i18n/german/luasrc/i18n/admin-core.de.xml index b3555ee1f9..a522f1f85d 100644 --- a/i18n/german/luasrc/i18n/admin-core.de.xml +++ b/i18n/german/luasrc/i18n/admin-core.de.xml @@ -364,4 +364,7 @@ Rechnername IP-Adresse +Segmentgrößen Clamping +Behebt Probleme bei nicht erreichbaren Webseiten, Absenden von Formularen oder anderes unerwartetes Verhalten für einige ISPs. + diff --git a/i18n/italian/luasrc/i18n/admin-core.it.lua b/i18n/italian/luasrc/i18n/admin-core.it.lua index 67311cd928..2a627880c3 100644 --- a/i18n/italian/luasrc/i18n/admin-core.it.lua +++ b/i18n/italian/luasrc/i18n/admin-core.it.lua @@ -323,3 +323,5 @@ hostnames_entries = 'Campi host' hostnames_hostname = 'Hostname' hostnames_address = 'Indirizzo IP' network_interface_encaps = 'PPPoA Encapsulation' +m_n_mssfix = "Clamp Segment Size" +m_n_mssfix_desc = "Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs." diff --git a/i18n/italian/luasrc/i18n/admin-core.it.xml b/i18n/italian/luasrc/i18n/admin-core.it.xml index 82c59924a8..51f149bcb8 100644 --- a/i18n/italian/luasrc/i18n/admin-core.it.xml +++ b/i18n/italian/luasrc/i18n/admin-core.it.xml @@ -327,5 +327,7 @@ Hostname Indirizzo IP PPPoA Encapsulation +Clamp Segment Size +Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs. diff --git a/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.lua b/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.lua index e8e6f4b455..585ba860e4 100644 --- a/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.lua +++ b/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.lua @@ -323,3 +323,5 @@ hostnames_entries = 'Entrada do Host' hostnames_hostname = 'Hostname' hostnames_address = 'Endereço de IP' network_interface_encaps = 'PPPoA Encapsulation' +m_n_mssfix = "Clamp Segment Size" +m_n_mssfix_desc = "Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs." diff --git a/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.xml b/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.xml index c2442c52a9..35d30d5e99 100644 --- a/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.xml +++ b/i18n/portuguese_brazilian/luasrc/i18n/admin-core.pt-br.xml @@ -327,5 +327,7 @@ Hostname Endereço de IP PPPoA Encapsulation +Clamp Segment Size +Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs. diff --git a/i18n/russian/luasrc/i18n/admin-core.ru.lua b/i18n/russian/luasrc/i18n/admin-core.ru.lua index 4058646f67..4961495d51 100644 --- a/i18n/russian/luasrc/i18n/admin-core.ru.lua +++ b/i18n/russian/luasrc/i18n/admin-core.ru.lua @@ -265,3 +265,5 @@ network_interface_err_desc = 'Перед. / Получ.' network_interface_fwzone = 'Создать / Добавить Файрвол-зону' network_interface_fwzone_desc = 'Этот интерфейс не принадлежит ни к одной Файрвол-зоне.' network_interface_encaps = 'PPPoA Encapsulation' +m_n_mssfix = "Clamp Segment Size" +m_n_mssfix_desc = "Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs." diff --git a/i18n/russian/luasrc/i18n/admin-core.ru.xml b/i18n/russian/luasrc/i18n/admin-core.ru.xml index a75818e0c8..1de8befc69 100644 --- a/i18n/russian/luasrc/i18n/admin-core.ru.xml +++ b/i18n/russian/luasrc/i18n/admin-core.ru.xml @@ -270,5 +270,7 @@ Создать / Добавить Файрвол-зону Этот интерфейс не принадлежит ни к одной Файрвол-зоне. PPPoA Encapsulation +Clamp Segment Size +Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs. diff --git a/modules/admin-mini/luasrc/model/cbi/mini/network.lua b/modules/admin-mini/luasrc/model/cbi/mini/network.lua index d03e6a7773..508bac155c 100644 --- a/modules/admin-mini/luasrc/model/cbi/mini/network.lua +++ b/modules/admin-mini/luasrc/model/cbi/mini/network.lua @@ -109,6 +109,16 @@ p:value("dhcp", translate("automatic", "automatic")) if has_pppoe then p:value("pppoe", "PPPoE") end if has_pptp then p:value("pptp", "PPTP") end +function p.write(self, section, value) + -- Always set defaultroute to PPP and use remote dns + -- Overwrite a bad variable behaviour in OpenWrt + if value == "pptp" or value == "pppoe" then + self.map:set(section, "peerdns", "1") + self.map:set(section, "defaultroute", "1") + end + return ListValue.write(self, section, value) +end + if not ( has_pppoe and has_pptp ) then p.description = translate("network_interface_prereq_mini") end @@ -137,6 +147,34 @@ pwd.password = true pwd:depends("proto", "pppoe") pwd:depends("proto", "pptp") + +-- Allow user to set MSS correction here if the UCI firewall is installed +-- This cures some cancer for providers with pre-war routers +if luci.fs.access("/etc/config/firewall") then + mssfix = s:option(Flag, "_mssfix", + translate("m_n_mssfix"), translate("m_n_mssfix_desc")) + mssfix.rmempty = false + + function mssfix.cfgvalue(self) + local value + m.uci:foreach("firewall", "forwarding", function(s) + if s.src == "lan" and s.dest == "wan" then + value = s.mtu_fix + end + end) + return value + end + + function mssfix.write(self, section, value) + m.uci:foreach("firewall", "forwarding", function(s) + if s.src == "lan" and s.dest == "wan" then + m.uci:set("firewall", s[".name"], "mtu_fix", value) + m:chain("firewall") + end + end) + end +end + kea = s:option(Flag, "keepalive", translate("m_n_keepalive")) kea:depends("proto", "pppoe") kea:depends("proto", "pptp") -- 2.30.2