Add mwan3 to packages feed

Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>

net/mwan3/Makefile

@@ -0,0 +1,48 @@
+#
+# Copyright (C) 2006-2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mwan3
+PKG_VERSION:=1.4
+PKG_RELEASE:=22
+PKG_MAINTAINER:=Jeroen Louwes <jeroen.louwes@gmail.com>
+PKG_LICENSE:=GPLv2
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mwan3
+   SECTION:=net
+   CATEGORY:=Network
+   SUBMENU:=Routing and Redirection
+   DEPENDS:=+ip +iptables +iptables-mod-conntrack-extra +iptables-mod-ipopt
+   TITLE:=Multiwan hotplug script with connection tracking support
+   MAINTAINER:=Jeroen Louwes <jeroen.louwes@gmail.com>
+   PKGARCH:=all
+endef
+
+define Package/mwan3/description
+   Hotplug script which makes configuration of multiple WAN interfaces simple and manageable. With loadbalancing/failover support for up to 250 wan interfaces, connection tracking and an easy to manage traffic ruleset.
+endef
+
+define Package/mwan3/conffiles
+   /etc/config/mwan3
+endef
+
+define Build/Compile
+endef
+
+define Package/mwan3/install
+   $(CP) ./files/* $(1)
+endef
+
+define Package/mwan3/postinst
+   [ -n "$${IPKG_INSTROOT}" ] || /etc/init.d/mwan3 enable
+   exit 0
+endef
+
+$(eval $(call BuildPackage,mwan3))

net/mwan3/files/etc/config/mwan3

@@ -0,0 +1,79 @@
+
+config interface 'wan'
+	option enabled '1'
+	list track_ip '8.8.4.4'
+	list track_ip '8.8.8.8'
+	list track_ip '208.67.222.222'
+	list track_ip '208.67.220.220'
+	option reliability '2'
+	option count '1'
+	option timeout '2'
+	option interval '5'
+	option down '3'
+	option up '8'
+
+config interface 'wan2'
+	option enabled '0'
+	list track_ip '8.8.8.8'
+	list track_ip '208.67.220.220'
+	option reliability '1'
+	option count '1'
+	option timeout '2'
+	option interval '5'
+	option down '3'
+	option up '8'
+
+config member 'wan_m1_w3'
+	option interface 'wan'
+	option metric '1'
+	option weight '3'
+
+config member 'wan_m2_w3'
+	option interface 'wan'
+	option metric '2'
+	option weight '3'
+
+config member 'wan2_m1_w2'
+	option interface 'wan2'
+	option metric '1'
+	option weight '2'
+
+config member 'wan2_m2_w2'
+	option interface 'wan2'
+	option metric '2'
+	option weight '2'
+
+config policy 'wan_only'
+	list use_member 'wan_m1_w3'
+
+config policy 'wan2_only'
+	list use_member 'wan2_m1_w2'
+
+config policy 'balanced'
+	list use_member 'wan_m1_w3'
+	list use_member 'wan2_m1_w2'
+
+config policy 'wan_wan2'
+	list use_member 'wan_m1_w3'
+	list use_member 'wan2_m2_w2'
+
+config policy 'wan2_wan'
+	list use_member 'wan_m2_w3'
+	list use_member 'wan2_m1_w2'
+
+config rule 'sticky_even'
+	option src_ip '0.0.0.0/0.0.0.1'
+	option dest_port '443'
+	option proto 'tcp'
+	option use_policy 'wan_wan2'
+
+config rule 'sticky_odd'
+	option src_ip '0.0.0.1/0.0.0.1'
+	option dest_port '443'
+	option proto 'tcp'
+	option use_policy 'wan2_wan'
+
+config rule 'default_rule'
+	option dest_ip '0.0.0.0/0'
+	option use_policy 'balanced'
+

net/mwan3/files/etc/hotplug.d/iface/15-mwan3

@@ -0,0 +1,328 @@
+#!/bin/sh
+
+mwan3_get_iface_id()
+{
+	let iface_count++
+	[ "$1" == "$INTERFACE" ] && iface_id=$iface_count
+}
+
+mwan3_get_route_args()
+{
+	route_args=$(ip -4 route list dev $DEVICE default | head -1 | sed '/.*via \([^ ]*\) .*$/!d;s//\1/;q' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
+	[ -n "$route_args" ] && route_args="via $route_args"
+	route_args="nexthop $route_args dev $DEVICE"
+}
+
+mwan3_set_general_iptables()
+{
+	if ! iptables -S mwan3_ifaces -t mangle &> /dev/null; then
+		iptables -N mwan3_ifaces -t mangle
+	fi
+
+	if ! iptables -S mwan3_rules -t mangle &> /dev/null; then
+		iptables -N mwan3_rules -t mangle
+	fi
+
+	if ! iptables -S mwan3_connected -t mangle &> /dev/null; then
+		iptables -N mwan3_connected -t mangle
+	fi
+
+	if ! iptables -S mwan3_hook -t mangle &> /dev/null; then
+		iptables -N mwan3_hook -t mangle
+		iptables -A mwan3_hook -t mangle -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00
+		iptables -A mwan3_hook -t mangle -m mark --mark 0x0/0xff00 -j mwan3_ifaces
+		iptables -A mwan3_hook -t mangle -m mark --mark 0x0/0xff00 -j mwan3_connected
+		iptables -A mwan3_hook -t mangle -m mark --mark 0x0/0xff00 -j mwan3_rules
+		iptables -A mwan3_hook -t mangle -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00
+	fi
+
+	if ! iptables -S mwan3_track_hook -t mangle &> /dev/null; then
+		iptables -N mwan3_track_hook -t mangle
+	fi
+
+	if ! iptables -S PREROUTING -t mangle | grep mwan3_hook &> /dev/null; then
+		iptables -A PREROUTING -t mangle -j mwan3_hook
+	fi
+
+	if ! iptables -S OUTPUT -t mangle | grep mwan3_hook &> /dev/null; then
+		iptables -A OUTPUT -t mangle -j mwan3_hook
+	fi
+
+	if ! iptables -S OUTPUT -t mangle | grep mwan3_track_hook &> /dev/null; then
+		iptables -A OUTPUT -t mangle -j mwan3_track_hook
+	fi
+
+	iptables -F mwan3_rules -t mangle
+}
+
+mwan3_set_connected_iptables()
+{
+	local connected_networks
+
+	if iptables -S mwan3_connected -t mangle &> /dev/null; then
+		iptables -F mwan3_connected -t mangle
+
+		for connected_networks in $(ip -4 route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
+			iptables -A mwan3_connected -t mangle -d $connected_networks -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
+		done
+
+		iptables -I mwan3_connected -t mangle -d 224.0.0.0/3 -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
+		iptables -I mwan3_connected -t mangle -d 127.0.0.0/8 -m mark --mark 0x0/0xff00 -j MARK --set-xmark 0xff00/0xff00
+	fi
+}
+
+mwan3_set_iface_iptables()
+{
+	local local_net local_nets
+
+	local_net=$(ip -4 route list dev $DEVICE scope link | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
+
+	if ! iptables -S mwan3_iface_$INTERFACE -t mangle &> /dev/null; then
+		iptables -N mwan3_iface_$INTERFACE -t mangle
+	fi
+
+	iptables -F mwan3_iface_$INTERFACE -t mangle
+	iptables -D mwan3_ifaces -t mangle -i $DEVICE -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE &> /dev/null
+
+	if [ $ACTION == "ifup" ]; then
+		if [ -n "$local_net" ]; then
+			for local_nets in $local_net ; do
+				if [ $ACTION == "ifup" ]; then
+					iptables -I mwan3_iface_$INTERFACE -t mangle -s $local_net -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark 0xff00/0xff00
+				fi
+			done
+		fi
+
+		iptables -A mwan3_iface_$INTERFACE -t mangle -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark $(($iface_id*256))/0xff00
+		iptables -A mwan3_ifaces -t mangle -i $DEVICE -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE
+	fi
+
+	if [ $ACTION == "ifdown" ]; then
+		iptables -X mwan3_iface_$INTERFACE -t mangle
+	fi
+}
+
+mwan3_set_iface_route()
+{
+	ip -4 route flush table $iface_id
+	[ $ACTION == "ifup" ] && ip -4 route add table $iface_id default $route_args
+}
+
+mwan3_set_iface_rules()
+{
+	while [ -n "$(ip -4 rule list | awk '$1 == "'$(($iface_id+1000)):'"')" ]; do
+		ip -4 rule del pref $(($iface_id+1000))
+	done
+
+	while [ -n "$(ip -4 rule list | awk '$1 == "'$(($iface_id+2000)):'"')" ]; do
+		ip -4 rule del pref $(($iface_id+2000))
+	done
+
+	while [ -n "$(ip -4 rule list | awk '$1 == "2254:"')" ]; do
+		ip -4 rule del pref 2254
+	done
+
+	[ $ACTION == "ifup" ] && ip -4 rule add pref $(($iface_id+1000)) iif $DEVICE lookup main
+	[ $ACTION == "ifup" ] && ip -4 rule add pref $(($iface_id+2000)) fwmark $(($iface_id*256))/0xff00 lookup $iface_id
+        ip rule add pref 2254 fwmark 0xfe00/0xff00 unreachable                                   
+}
+
+mwan3_track()
+{
+	local track_ip track_ips reliability count timeout interval down up
+
+	mwan3_list_track_ips()
+	{
+		track_ips="$1 $track_ips"
+	}
+	config_list_foreach $INTERFACE track_ip mwan3_list_track_ips
+
+	if [ -n "$track_ips" ]; then
+		config_get reliability $INTERFACE reliability 1
+		config_get count $INTERFACE count 1
+		config_get timeout $INTERFACE timeout 4
+		config_get interval $INTERFACE interval 10
+		config_get down $INTERFACE down 5
+		config_get up $INTERFACE up 5
+
+		if ! iptables -S mwan3_track_$INTERFACE -t mangle &> /dev/null; then
+			iptables -N mwan3_track_$INTERFACE -t mangle
+			iptables -A mwan3_track_hook -t mangle -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE
+		fi
+
+		iptables -F mwan3_track_$INTERFACE -t mangle
+
+		for track_ip in $track_ips; do
+			iptables -A mwan3_track_$INTERFACE -t mangle -d $track_ip -j MARK --set-xmark 0xff00/0xff00
+		done
+
+		[ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $INTERFACE $DEVICE $reliability $count $timeout $interval $down $up $track_ips &
+	else
+		iptables -D mwan3_track_hook -t mangle -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE &> /dev/null
+		iptables -F mwan3_track_$INTERFACE -t mangle &> /dev/null
+		iptables -X mwan3_track_$INTERFACE -t mangle &> /dev/null
+	fi
+}
+
+mwan3_set_policy()
+{
+	local iface_count iface_id metric probability weight
+
+	config_get INTERFACE $1 interface
+	config_get metric $1 metric 1
+	config_get weight $1 weight 1
+
+	[ -n "$INTERFACE" ] || return 0
+	
+	config_foreach mwan3_get_iface_id interface
+
+	[ -n "$iface_id" ] || return 0
+
+	if iptables -S mwan3_iface_$INTERFACE -t mangle &> /dev/null; then
+		if [ "$metric" -lt "$lowest_metric" ]; then
+
+			total_weight=$weight
+			iptables -F mwan3_policy_$policy -t mangle
+			iptables -A mwan3_policy_$policy -t mangle -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE $weight $weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
+
+			lowest_metric=$metric
+
+		elif [ "$metric" -eq "$lowest_metric" ]; then
+
+			total_weight=$(($total_weight+$weight))
+			probability=$(($weight*1000/$total_weight))
+			
+			if [ "$probability" -lt 10 ]; then
+				probability="0.00$probability"
+				elif [ $probability -lt 100 ]; then
+				probability="0.0$probability"
+				elif [ $probability -lt 1000 ]; then
+				probability="0.$probability"
+			else
+				probability="1"
+			fi
+
+			probability="-m statistic --mode random --probability $probability"
+			
+			iptables -I mwan3_policy_$policy -t mangle -m mark --mark 0x0/0xff00 $probability -m comment --comment "$INTERFACE $weight $total_weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
+		fi
+	fi
+}
+
+mwan3_set_policies_iptables()
+{
+	local lowest_metric policy total_weight
+
+	policy=$1
+
+	if [ "$policy" != $(echo "$policy" | cut -c1-15) ]; then
+		logger -t mwan3 -p warn "Policy $policy exceeds max of 15 chars. Not setting policy" && return 0
+	fi
+
+	if ! iptables -S mwan3_policy_$policy -t mangle &> /dev/null; then
+		iptables -N mwan3_policy_$policy -t mangle
+	fi
+
+	iptables -F mwan3_policy_$policy -t mangle
+	iptables -A mwan3_policy_$policy -t mangle -m mark --mark 0x0/0xff00 -m comment --comment "unreachable" -j MARK --set-xmark 0xfe00/0xff00
+
+	lowest_metric=256
+	total_weight=0
+
+	config_list_foreach $policy use_member mwan3_set_policy
+
+	iptables -X $policy -t mangle &> /dev/null
+}
+
+mwan3_set_user_rules_iptables()
+{
+	local proto src_ip src_port dest_ip dest_port use_policy
+
+	config_get proto $1 proto all
+	config_get src_ip $1 src_ip 0.0.0.0/0
+	config_get src_port $1 src_port 0:65535
+	config_get dest_ip $1 dest_ip 0.0.0.0/0
+	config_get dest_port $1 dest_port 0:65535
+	config_get use_policy $1 use_policy
+
+	if [ -n "$use_policy" ]; then
+		if [ "$use_policy" == "default" ]; then
+			use_policy="MARK --set-xmark 0xff00/0xff00"
+		elif [ "$use_policy" == "unreachable" ]; then
+			use_policy="MARK --set-xmark 0xfe00/0xff00"
+		else
+			use_policy="mwan3_policy_$use_policy"
+		fi
+
+		case $proto in
+			tcp|udp)
+			iptables -A mwan3_rules -t mangle -p $proto -s $src_ip -d $dest_ip -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
+			;;
+			*)
+			iptables -A mwan3_rules -t mangle -p $proto -s $src_ip -d $dest_ip -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
+			;;
+		esac
+	fi
+}
+
+mwan3_ifupdown()
+{
+	local counter enabled iface_count iface_id route_args wan_metric
+
+	[ -n "$DEVICE" ] || exit 0
+	[ -n "$INTERFACE" ] || exit 0
+	[ "$(uci get -P /var/state mwan3.$INTERFACE 2> /dev/null)" == "interface" ] || return 0
+
+	config_load mwan3
+	config_get enabled $INTERFACE enabled 0
+
+	counter=0
+
+	if [ $ACTION == "ifup" ]; then
+		[ "$enabled" -eq 1 ] || exit 0
+
+		while [ -z "$(ip -4 route list dev $DEVICE default | head -1)" -a "$counter" -lt 10 ]; do
+			sleep 1
+			let counter++
+			if [ "$counter" -ge 10 ]; then
+				logger -t mwan3 -p warn "Could not find gateway for interface $INTERFACE ($DEVICE)" && exit 0
+			fi
+		done
+
+		mwan3_get_route_args
+	fi
+
+	while [ "$(pgrep -f -o hotplug-call)" -ne $$ -a "$counter" -lt 60 ]; do
+		sleep 1
+		let counter++
+		if [ "$counter" -ge 60 ]; then
+			logger -t mwan3 -p warn "Timeout waiting for older hotplug processes to finish. $ACTION interface $INTERFACE ($DEVICE) aborted" && exit 0
+		fi
+	done
+
+	config_foreach mwan3_get_iface_id interface
+
+	[ -n "$iface_id" ] || exit 0
+	[ "$iface_count" -le 250 ] || exit 0
+	unset iface_count
+	unset counter
+
+	logger -t mwan3 -p notice "$ACTION interface $INTERFACE ($DEVICE)"
+
+	mwan3_set_general_iptables
+	mwan3_set_iface_iptables
+	mwan3_set_iface_route
+	mwan3_set_iface_rules
+
+	[ $ACTION == "ifup" ] && mwan3_track
+
+	config_foreach mwan3_set_policies_iptables policy
+	config_foreach mwan3_set_user_rules_iptables rule
+}
+
+case "$ACTION" in
+	ifup|ifdown)
+		mwan3_ifupdown
+		mwan3_set_connected_iptables
+	;;
+esac

net/mwan3/files/etc/init.d/mwan3

@@ -0,0 +1,20 @@
+#!/bin/sh /etc/rc.common
+START=99
+
+start() {
+	/usr/sbin/mwan3 start
+}
+
+stop() {
+	/usr/sbin/mwan3 stop
+}
+
+restart() {
+	stop
+	start
+}
+
+boot() {
+	# Don't start on boot, mwan3 is started by hotplug event.
+	return 0
+}

net/mwan3/files/usr/sbin/mwan3

@@ -0,0 +1,208 @@
+#!/bin/sh /etc/rc.common
+
+. /lib/network/config.sh
+
+extra_help() {
+	cat <<EOF
+
+	ifup <iface>	Start service on interface
+	ifdown <iface>	Stop service on interface
+	interfaces	Show interfaces status
+	policies	Show policies status
+	rules		Show rules status
+	status		Show all status
+EOF
+}
+
+EXTRA_COMMANDS="ifdown ifup interfaces policies rules status"
+EXTRA_HELP="$(extra_help)"
+
+
+ifdown()
+{
+	if [ -z "$1" ]; then
+		echo "Error: Expecting interface. Usage: mwan3 ifdown <interface>" && exit 0
+	fi
+
+	if [ -n "$2" ]; then
+		echo "Error: Too many arguments. Usage: mwan3 ifdown <interface>" && exit 0
+	fi
+
+	local device
+	
+	device=$(uci get -p /var/state network.$1.ifname) &> /dev/null
+	
+	if [ -e /var/run/mwan3track-$1.pid ] ; then
+		kill $(cat /var/run/mwan3track-$1.pid)
+		rm /var/run/mwan3track-$1.pid
+	fi
+
+	if [ -n "$device" ] ; then
+		ACTION=ifdown INTERFACE=$1 DEVICE=$device /sbin/hotplug-call iface
+	fi
+}
+
+ifup()
+{
+	config_load mwan3
+
+	if [ -z "$1" ]; then
+		echo "Expecting interface. Usage: mwan3 ifup <interface>" && exit 0
+	fi
+
+	if [ -n "$2" ]; then
+		echo "Too many arguments. Usage: mwan3 ifup <interface>" && exit 0
+	fi
+
+	local device enabled
+	
+	config_get enabled "$1" enabled 0
+
+	device=$(uci get -p /var/state network.$1.ifname) &> /dev/null
+	
+	if [ -n "$device" ] ; then
+		[ "$enabled" -eq 1 ] && ACTION=ifup INTERFACE=$1 DEVICE=$device /sbin/hotplug-call iface
+	fi
+}
+
+interfaces()
+{
+	config_load mwan3
+
+	local device enabled iface_id tracking
+
+	echo "Interface status:"
+	
+	check_iface_status()
+	{
+		device=$(uci get -p /var/state network.$1.ifname) &> /dev/null
+
+		if [ -z "$device" ]; then
+			echo "Interface $1 is unknown"
+			return 0
+		fi
+
+		config_get enabled "$1" enabled 0
+		let iface_id++
+
+		if [ -n "$(ps -w | grep mwan3track | grep -v grep | sed '/.*\/usr\/sbin\/mwan3track \([^ ]*\) .*$/!d;s//\1/' | awk '$1 == ("'$1'")')" ]; then
+			tracking="active"
+		else
+			tracking="down"
+		fi
+
+		if [ -n "$(ip rule | awk '$5 == ("'$device'")')" -a -n "$(iptables -S mwan3_iface_$1 -t mangle 2> /dev/null)" -a -n "$(ip -4 route list table $iface_id default dev $device 2> /dev/null)" ]; then
+			if [ -n "$(uci get -p /var/state mwan3.$1.track_ip 2> /dev/null)" ]; then
+				echo "Interface $1 is online (tracking $tracking)"
+			else
+				echo "Interface $1 is online"
+			fi
+		elif [ -n "$(ip rule | awk '$5 == ("'$device'")')" -o -n "$(iptables -S mwan3_iface_$1 -t mangle 2> /dev/null)" -o -n "$(ip -4 route list table $iface_id default dev $device 2> /dev/null)" ]; then
+			echo "Interface $1 error"
+		else
+			if [ "$enabled" -eq 1 ]; then
+				if [ -n "$(uci get -p /var/state mwan3.$1.track_ip 2> /dev/null)" ]; then
+					echo "Interface $1 is offline (tracking $tracking)"
+				else
+					echo "Interface $1 is offline"
+				fi
+			else
+				echo "Interface $1 is disabled"
+			fi
+		fi
+	}
+	config_foreach check_iface_status interface
+	echo -e
+}
+
+policies()
+{
+	local percent policy share total_weight weight iface
+
+	for policy in $(iptables -S -t mangle | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
+		echo "Policy $policy:" | sed 's/mwan3_policy_//g'
+
+		for iface in $(iptables -S $policy -t mangle | cut -s -d'"' -f2 | awk '{print $1}'); do
+			[ -n "$total_weight" ] || total_weight=$(iptables -S $policy -t mangle | grep "$iface " | cut -s -d'"' -f2 | awk '{print $3}')
+		done
+
+		if [ ! -z "${total_weight##*[!0-9]*}" ]; then
+			for iface in $(iptables -S $policy -t mangle | cut -s -d'"' -f2 | awk '{print $1}'); do
+				weight=$(iptables -S $policy -t mangle | grep "$iface " | cut -s -d'"' -f2 | awk '{print $2}')
+				percent=$(($weight*100/$total_weight))
+				echo " $iface ($percent%)"
+			done
+		else
+			echo " $(iptables -S $policy -t mangle | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
+		fi
+
+		echo -e
+
+		unset iface
+		unset total_weight
+	done
+}
+rules()
+{
+	if [ -n "$(iptables -S mwan3_connected -t mangle 2> /dev/null)" ]; then
+		echo "Known networks:"
+		echo "destination policy hits" | awk '{ printf "%-19s%-19s%-9s%s\n",$1,$2,$3}'
+		echo "------------------------------------------------"
+		iptables -L mwan3_connected -t mangle -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//g' | awk '{printf "%-19s%-19s%-9s%s\n",$9,"default",$1}'
+		echo -e
+	fi
+
+	if [ -n "$(iptables -S mwan3_rules -t mangle 2> /dev/null)" ]; then
+		echo "Active rules:"
+		echo "source destination proto src-port dest-port policy hits" | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$1,$2,$3,$4,$5,$6,$7}'
+		echo "---------------------------------------------------------------------------------------------------"
+		iptables -L mwan3_rules -t mangle -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//g' | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$8,$9,$4,$12,$15,$3,$1}'
+		echo -e
+	fi
+}
+
+status()
+{
+	interfaces
+	policies
+	rules
+}
+
+start()
+{
+	config_load mwan3
+	config_foreach ifup interface
+}
+
+stop()
+{
+	local route rule table
+
+	killall mwan3track &> /dev/null
+	rm /var/run/mwan3track-* &> /dev/null
+
+	for route in $(ip route list table all | sed 's/.*table \([^ ]*\) .*/\1/' |  awk '{print $1}' | awk '{for(i=1;i<=NF;i++) if($i+0>0) if($i+0<255) {print;break}}'); do
+		ip -4 route flush table $route &> /dev/null
+	done
+
+	for rule in $(ip -4 rule list | egrep '^[1-2][0-9]{3}\:' | cut -d ':' -f 1); do
+		ip -4 rule del pref $rule &> /dev/null
+	done
+
+	iptables -D PREROUTING -t mangle -j mwan3_hook &> /dev/null
+	iptables -D OUTPUT -t mangle -j mwan3_hook &> /dev/null
+	iptables -D OUTPUT -t mangle -j mwan3_track_hook &> /dev/null
+
+	for table in $(iptables -S -t mangle | awk '{print $2}' | grep mwan3 | sort -u); do
+		iptables -F $table -t mangle &> /dev/null
+	done
+
+	for table in $(iptables -S -t mangle | awk '{print $2}' | grep mwan3 | sort -u); do
+		iptables -X $table -t mangle &> /dev/null
+	done
+}
+
+restart() {
+	stop
+	start
+}

net/mwan3/files/usr/sbin/mwan3track

@@ -0,0 +1,65 @@
+#!/bin/sh
+
+[ -z "$9" ] && echo "Error: should not be started manually" && exit 0
+
+if [ -e /var/run/mwan3track-$1.pid ] ; then
+	kill $(cat /var/run/mwan3track-$1.pid) &> /dev/null
+	rm /var/run/mwan3track-$1.pid &> /dev/null
+fi
+
+echo "$$" > /var/run/mwan3track-$1.pid
+
+score=$(($7+$8))
+track_ips=$(echo $* | cut -d ' ' -f 9-99)
+host_up_count=0
+lost=0
+
+while true; do
+
+	for track_ip in $track_ips; do
+		ping -I $2 -c $4 -W $5 -s 4 -q $track_ip &> /dev/null
+		if [ $? -eq 0 ]; then
+			let host_up_count++
+		else
+			let lost++
+		fi
+	done
+		
+	if [ $host_up_count -lt $3 ]; then
+		let score--
+
+		if [ $score -lt $8 ]; then score=0 ; fi
+		if [ $score -eq $8 ]; then
+
+			logger -t mwan3track -p notice "Interface $1 ($2) is offline"
+			env -i ACTION=ifdown INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
+			score=0
+
+		fi
+
+	else
+
+		if [ $score -lt $(($7+$8)) ] && [ $lost -gt 0 ]; then
+
+			logger -t mwan3track -p info "Lost $(($lost*$4)) ping(s) on interface $1 ($2)"
+
+		fi
+
+		let score++
+		lost=0
+
+		if [ $score -gt $8 ]; then score=$(($7+$8)); fi
+		if [ $score -eq $8 ]; then
+
+			logger -t mwan3track -p notice "Interface $1 ($2) is online"
+			env -i ACTION=ifup INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
+			rm /var/run/mwan3track-$1.pid
+			exit 0
+		fi
+	fi
+
+	host_up_count=0
+	sleep $6
+done
+
+exit 1