mirror of https://github.com/aredn/aredn.git
import of files/ from BBHN 1.0.0 (bbhn svn 273)
This commit is contained in:
commit
ae2674e764
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
cat << EOF
|
||||
=== IMPORTANT ============================
|
||||
|
||||
Use 'mount_root' before changing anything, including the password
|
||||
Use 'setpasswd' to set your login password
|
||||
When finished, cycle the power to reboot
|
||||
|
||||
=== IMPORTANT ============================
|
||||
EOF
|
||||
|
||||
exec /bin/ash --login
|
|
@ -0,0 +1,22 @@
|
|||
wifi_proto = bridge
|
||||
wifi_mode = ap
|
||||
wifi_ssid = <NODE>
|
||||
wifi_txpower = 19
|
||||
wifi_channel = 6
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
wifi_hidden = 0
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.1.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = dhcp
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,22 @@
|
|||
wifi_proto = bridge
|
||||
wifi_mode = ap
|
||||
wifi_ssid = <NODE>
|
||||
wifi_txpower = 19
|
||||
wifi_channel = 6
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
wifi_hidden = 0
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.1.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = dhcp
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,10 @@
|
|||
config dhcp
|
||||
option interface lan
|
||||
option start <dhcp_start>
|
||||
option limit <dhcp_limit>
|
||||
option leasetime 1h
|
||||
option ignore <lan_dhcp>
|
||||
|
||||
config dhcp
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -0,0 +1,3 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '2222'
|
|
@ -0,0 +1,56 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
#
|
||||
# RULE SYNTAX:
|
||||
#
|
||||
# forward:<intf>:<match>:<target>[:<port>]
|
||||
# - forwards all packets matched by <match> to <target>,
|
||||
# optionally changing the port to <port>
|
||||
#
|
||||
# accept:<intf>:<match>
|
||||
# - accepts all traffic matched by <match>
|
||||
#
|
||||
# drop:<intf>:<match>
|
||||
# - drops all traffic matched by <match>
|
||||
#
|
||||
# <intf> is the external interface to which the rule applies
|
||||
# value is either "wifi" or "wan"
|
||||
#
|
||||
#
|
||||
# MATCHING OPTIONS:
|
||||
#
|
||||
# src=<ip>
|
||||
# - match the source ip <ip>
|
||||
#
|
||||
# dest=<ip>
|
||||
# - match the destination ip <ip>
|
||||
#
|
||||
# proto=<proto>
|
||||
# - match the protocol by name or number
|
||||
#
|
||||
# sport=<port(s)>
|
||||
# - match the source port(s), see below for syntax
|
||||
#
|
||||
# dport=<port(s)>
|
||||
# - match the destination port(s), see below for syntax
|
||||
#
|
||||
#
|
||||
#
|
||||
# PORT SYNTAX:
|
||||
#
|
||||
# Arbitrary lists of ports and port ranges are in the following format:
|
||||
# - 22,53,993,1000-1024
|
||||
#
|
||||
# If you don't set the protocol to tcp or udp, it will apply to both
|
||||
#
|
||||
#
|
||||
#
|
||||
# EXAMPLES:
|
||||
#
|
||||
# drop:wan:dport=22 src=1.3.3.7
|
||||
# accept:wifi:proto=tcp dport=22
|
||||
# forward:wifi:dport=60168:192.168.1.2:60169
|
||||
|
||||
accept:wan:dport=2222 proto=tcp
|
||||
accept:wan:dport=8080 proto=tcp
|
||||
accept:wifi:dport=2222 proto=tcp
|
||||
accept:wifi:dport=8080 proto=tcp
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
iptables -F input_rule
|
||||
iptables -F output_rule
|
||||
iptables -F forwarding_rule
|
||||
iptables -t nat -F prerouting_rule
|
||||
iptables -t nat -F postrouting_rule
|
||||
|
||||
# The following chains are for traffic directed at the IP of the
|
||||
# WAN interface
|
||||
|
||||
iptables -F input_wan
|
||||
iptables -F forwarding_wan
|
||||
iptables -t nat -F prerouting_wan
|
||||
|
||||
### Open port to WAN
|
||||
## -- This allows port 22 to be answered by (dropbear on) the router
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
|
||||
# iptables -A input_wan -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
### Port forwarding
|
||||
## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
|
||||
# iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### DMZ
|
||||
## -- Connections to ports not handled above will be forwarded to 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT
|
|
@ -0,0 +1,29 @@
|
|||
include /etc/vlan
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
|
||||
#### LAN configuration
|
||||
config interface lan
|
||||
option type bridge
|
||||
option ifname "eth0.0"
|
||||
option proto <lan_proto>
|
||||
option ipaddr <lan_ip>
|
||||
option netmask <lan_mask>
|
||||
option dns "<wan_dns1> <wan_dns2>"
|
||||
option gateway <lan_gw>
|
||||
|
||||
|
||||
#### WAN configuration
|
||||
config interface wan
|
||||
option ifname "eth0.1"
|
||||
option proto <wan_proto>
|
||||
option ipaddr <wan_ip>
|
||||
option netmask <wan_mask>
|
||||
option gateway <wan_gw>
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
config 'system'
|
||||
option 'hostname' '<NODE>'
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel <wifi_channel>
|
||||
option rxant <wifi_rxant>
|
||||
option txant <wifi_txant>
|
||||
option distance <wifi_distance>
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network lan
|
||||
option mode <wifi_mode>
|
||||
option ssid "<wifi_ssid>"
|
||||
option hidden <wifi_hidden>
|
||||
option encryption none
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
wifi_proto = dhcp
|
||||
wifi_mode = sta
|
||||
wifi_ssid = linksys
|
||||
wifi_txpower = 19
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.2.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = disabled
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,20 @@
|
|||
wifi_proto = dhcp
|
||||
wifi_mode = sta
|
||||
wifi_ssid = linksys
|
||||
wifi_txpower = 19
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.2.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = disabled
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,14 @@
|
|||
config dhcp
|
||||
option interface lan
|
||||
option start <dhcp_start>
|
||||
option limit <dhcp_limit>
|
||||
option leasetime 1h
|
||||
option ignore <lan_dhcp>
|
||||
|
||||
config dhcp
|
||||
option interface wan
|
||||
option ignore 1
|
||||
|
||||
config dhcp
|
||||
option interface wifi
|
||||
option ignore 1
|
|
@ -0,0 +1,3 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '2222'
|
|
@ -0,0 +1,56 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
#
|
||||
# RULE SYNTAX:
|
||||
#
|
||||
# forward:<intf>:<match>:<target>[:<port>]
|
||||
# - forwards all packets matched by <match> to <target>,
|
||||
# optionally changing the port to <port>
|
||||
#
|
||||
# accept:<intf>:<match>
|
||||
# - accepts all traffic matched by <match>
|
||||
#
|
||||
# drop:<intf>:<match>
|
||||
# - drops all traffic matched by <match>
|
||||
#
|
||||
# <intf> is the external interface to which the rule applies
|
||||
# value is either "wifi" or "wan"
|
||||
#
|
||||
#
|
||||
# MATCHING OPTIONS:
|
||||
#
|
||||
# src=<ip>
|
||||
# - match the source ip <ip>
|
||||
#
|
||||
# dest=<ip>
|
||||
# - match the destination ip <ip>
|
||||
#
|
||||
# proto=<proto>
|
||||
# - match the protocol by name or number
|
||||
#
|
||||
# sport=<port(s)>
|
||||
# - match the source port(s), see below for syntax
|
||||
#
|
||||
# dport=<port(s)>
|
||||
# - match the destination port(s), see below for syntax
|
||||
#
|
||||
#
|
||||
#
|
||||
# PORT SYNTAX:
|
||||
#
|
||||
# Arbitrary lists of ports and port ranges are in the following format:
|
||||
# - 22,53,993,1000-1024
|
||||
#
|
||||
# If you don't set the protocol to tcp or udp, it will apply to both
|
||||
#
|
||||
#
|
||||
#
|
||||
# EXAMPLES:
|
||||
#
|
||||
# drop:wan:dport=22 src=1.3.3.7
|
||||
# accept:wifi:proto=tcp dport=22
|
||||
# forward:wifi:dport=60168:192.168.1.2:60169
|
||||
|
||||
accept:wan:dport=2222 proto=tcp
|
||||
accept:wan:dport=8080 proto=tcp
|
||||
accept:wifi:dport=2222 proto=tcp
|
||||
accept:wifi:dport=8080 proto=tcp
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
iptables -F input_rule
|
||||
iptables -F output_rule
|
||||
iptables -F forwarding_rule
|
||||
iptables -t nat -F prerouting_rule
|
||||
iptables -t nat -F postrouting_rule
|
||||
|
||||
# The following chains are for traffic directed at the IP of the
|
||||
# WAN interface
|
||||
|
||||
iptables -F input_wan
|
||||
iptables -F forwarding_wan
|
||||
iptables -t nat -F prerouting_wan
|
||||
|
||||
### Open port to WAN
|
||||
## -- This allows port 22 to be answered by (dropbear on) the router
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
|
||||
# iptables -A input_wan -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
### Port forwarding
|
||||
## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
|
||||
# iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### DMZ
|
||||
## -- Connections to ports not handled above will be forwarded to 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT
|
|
@ -0,0 +1,23 @@
|
|||
include /etc/vlan
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
|
||||
#### LAN configuration
|
||||
config interface lan
|
||||
option ifname "eth0.0"
|
||||
option proto <lan_proto>
|
||||
option ipaddr <lan_ip>
|
||||
option netmask <lan_mask>
|
||||
option dns "<wan_dns1> <wan_dns2>"
|
||||
|
||||
|
||||
#### WAN configuration
|
||||
config interface wan
|
||||
option ifname "wl0"
|
||||
option proto <wifi_proto>
|
|
@ -0,0 +1,3 @@
|
|||
config 'system'
|
||||
option 'hostname' '<NODE>'
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option rxant <wifi_rxant>
|
||||
option txant <wifi_txant>
|
||||
option distance <wifi_distance>
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network wan
|
||||
option mode <wifi_mode>
|
||||
option ssid "<wifi_ssid>"
|
||||
option encryption none
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
wifi_proto = static
|
||||
wifi_ip = 10.<MAC2>
|
||||
wifi_mask = 255.0.0.0
|
||||
wifi_ssid = BroadbandHamnet-v1
|
||||
wifi_mode = adhoc
|
||||
wifi_txpower = 19
|
||||
wifi_channel = 1
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
|
||||
dmz_mode = 3
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.0.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
olsrd_bridge = 0
|
||||
olsrd_gw = 0
|
||||
|
||||
wan_proto = dhcp
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,27 @@
|
|||
wifi_proto = static
|
||||
wifi_ip = 10.<MAC2>
|
||||
wifi_mask = 255.0.0.0
|
||||
wifi_ssid = BroadbandHamnet-v1
|
||||
wifi_mode = adhoc
|
||||
wifi_txpower = 19
|
||||
wifi_channel = 1
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
|
||||
dmz_mode = 3
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.0.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
olsrd_bridge = 0
|
||||
olsrd_gw = 0
|
||||
|
||||
wan_proto = dhcp
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,14 @@
|
|||
config dhcp
|
||||
option interface lan
|
||||
option start <dhcp_start>
|
||||
option limit <dhcp_limit>
|
||||
option leasetime 1h
|
||||
option ignore <lan_dhcp>
|
||||
|
||||
config dhcp
|
||||
option interface wan
|
||||
option ignore 1
|
||||
|
||||
config dhcp
|
||||
option interface wifi
|
||||
option ignore 1
|
|
@ -0,0 +1,3 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '2222'
|
|
@ -0,0 +1,58 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
#
|
||||
# RULE SYNTAX:
|
||||
#
|
||||
# forward:<intf>:<match>:<target>[:<port>]
|
||||
# - forwards all packets matched by <match> to <target>,
|
||||
# optionally changing the port to <port>
|
||||
#
|
||||
# accept:<intf>:<match>
|
||||
# - accepts all traffic matched by <match>
|
||||
#
|
||||
# drop:<intf>:<match>
|
||||
# - drops all traffic matched by <match>
|
||||
#
|
||||
# <intf> is the external interface to which the rule applies
|
||||
# value is either "wifi" or "wan"
|
||||
#
|
||||
#
|
||||
# MATCHING OPTIONS:
|
||||
#
|
||||
# src=<ip>
|
||||
# - match the source ip <ip>
|
||||
#
|
||||
# dest=<ip>
|
||||
# - match the destination ip <ip>
|
||||
#
|
||||
# proto=<proto>
|
||||
# - match the protocol by name or number
|
||||
#
|
||||
# sport=<port(s)>
|
||||
# - match the source port(s), see below for syntax
|
||||
#
|
||||
# dport=<port(s)>
|
||||
# - match the destination port(s), see below for syntax
|
||||
#
|
||||
#
|
||||
#
|
||||
# PORT SYNTAX:
|
||||
#
|
||||
# Arbitrary lists of ports and port ranges are in the following format:
|
||||
# - 22,53,993,1000-1024
|
||||
#
|
||||
# If you don't set the protocol to tcp or udp, it will apply to both
|
||||
#
|
||||
#
|
||||
#
|
||||
# EXAMPLES:
|
||||
#
|
||||
# drop:wan:dport=22 src=1.3.3.7
|
||||
# accept:wifi:proto=tcp dport=22
|
||||
# forward:wifi:dport=60168:192.168.1.2:60169
|
||||
|
||||
accept:wan:dport=2222 proto=tcp
|
||||
accept:wan:dport=8080 proto=tcp
|
||||
accept:wifi:dport=2222 proto=tcp
|
||||
accept:wifi:dport=8080 proto=tcp
|
||||
accept:wifi:dport=698 proto=udp
|
||||
accept:wifi:dport=1978 proto=tcp
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
iptables -F input_rule
|
||||
iptables -F output_rule
|
||||
iptables -F forwarding_rule
|
||||
iptables -t nat -F prerouting_rule
|
||||
iptables -t nat -F postrouting_rule
|
||||
|
||||
# The following chains are for traffic directed at the IP of the
|
||||
# WAN interface
|
||||
|
||||
iptables -F input_wan
|
||||
iptables -F forwarding_wan
|
||||
iptables -t nat -F prerouting_wan
|
||||
|
||||
### Open port to WAN
|
||||
## -- This allows port 22 to be answered by (dropbear on) the router
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
|
||||
# iptables -A input_wan -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
### Port forwarding
|
||||
## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
|
||||
# iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### DMZ
|
||||
## -- Connections to ports not handled above will be forwarded to 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT
|
|
@ -0,0 +1,36 @@
|
|||
include /etc/vlan
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
|
||||
#### LAN configuration
|
||||
config interface lan
|
||||
option ifname "eth0.0"
|
||||
option proto <lan_proto>
|
||||
option ipaddr <lan_ip>
|
||||
option netmask <lan_mask>
|
||||
option dns "<wan_dns1> <wan_dns2>"
|
||||
option gateway <lan_gw>
|
||||
|
||||
|
||||
#### WAN configuration
|
||||
config interface wan
|
||||
option ifname "eth0.1"
|
||||
option proto <wan_proto>
|
||||
option ipaddr <wan_ip>
|
||||
option netmask <wan_mask>
|
||||
option gateway <wan_gw>
|
||||
|
||||
|
||||
#### WIFI configuration
|
||||
config interface wifi
|
||||
option ifname "wl0"
|
||||
option proto <wifi_proto>
|
||||
option ipaddr <wifi_ip>
|
||||
option netmask <wifi_mask>
|
||||
|
|
@ -0,0 +1,545 @@
|
|||
#
|
||||
# OLSR.org routing daemon config file
|
||||
# This file contains ALL available options and explanations about them
|
||||
#
|
||||
# Lines starting with a # are discarded
|
||||
#
|
||||
|
||||
#### ATTENTION for IPv6 users ####
|
||||
# Because of limitations in the parser IPv6 addresses must NOT
|
||||
# begin with a ":", so please add a "0" as a prefix.
|
||||
|
||||
###########################
|
||||
### Basic configuration ###
|
||||
###########################
|
||||
# keep this settings at the beginning of your first configuration file
|
||||
|
||||
# Debug level (0-9)
|
||||
# If set to 0 the daemon runs in the background, unless "NoFork" is set to true
|
||||
# (Default is 1)
|
||||
|
||||
DebugLevel 0
|
||||
|
||||
# IP version to use (4 or 6)
|
||||
# (Default is 4)
|
||||
|
||||
# IpVersion 4
|
||||
|
||||
#################################
|
||||
### OLSRd agent configuration ###
|
||||
#################################
|
||||
# this parameters control the settings of the routing agent which are not
|
||||
# related to the OLSR protocol and it's extensions
|
||||
|
||||
# Clear the screen each time the internal state changes
|
||||
# (Default is yes)
|
||||
|
||||
# ClearScreen yes
|
||||
|
||||
# Should olsrd keep on running even if there are
|
||||
# no interfaces available? This is a good idea
|
||||
# for a PCMCIA/USB hotswap environment.
|
||||
# (Default is yes)
|
||||
|
||||
# AllowNoInt yes
|
||||
|
||||
# LockFile
|
||||
# The lockfile is used to prevent multiple OLSR instances running at the same
|
||||
# time.
|
||||
# (Linux/BSD default is "/var/run/olsrd-ipv(4/6).lock")
|
||||
# (Win32 default is "<configfile>-ipv(4/6).lock")
|
||||
|
||||
# LockFile "olsrd.lock"
|
||||
|
||||
# Polling rate for OLSR sockets in seconds (float).
|
||||
# (Default is 0.05)
|
||||
|
||||
# Pollrate 0.05
|
||||
|
||||
# Interval to poll network interfaces for configuration changes (in seconds).
|
||||
# Linux systems can detect interface statechange via netlink sockets.
|
||||
# (Defaults is 2.5)
|
||||
|
||||
# NicChgsPollInt 2.5
|
||||
|
||||
# TOS(type of service) value for the IP header of control traffic.
|
||||
# (Default is 16)
|
||||
|
||||
# TosValue 16
|
||||
|
||||
# FIBMetric controls the metric value of the host-routes OLSRd sets.
|
||||
# - "flat" means that the metric value is always 2. This is the preferred value
|
||||
# because it helps the linux kernel routing to clean up older routes
|
||||
# - "correct" use the hopcount as the metric value.
|
||||
# - "approx" use the hopcount as the metric value too, but does only update the
|
||||
# hopcount if the nexthop changes too
|
||||
# (Default is "flat")
|
||||
|
||||
# FIBMetric "flat"
|
||||
|
||||
#######################################
|
||||
### Linux specific OLSRd extensions ###
|
||||
#######################################
|
||||
# these parameters are only working on linux at the moment, but might become
|
||||
# useful on BSD in the future
|
||||
|
||||
# SrcIpRoutes tells OLSRd to set the Src flag of host routes to the originator-ip
|
||||
# of the node. In addition to this an additional localhost device is created
|
||||
# to make sure the returning traffic can be received.
|
||||
# (Default is "no")
|
||||
|
||||
# SrcIpRoutes no
|
||||
|
||||
# Specify the proto tag to be used for routes olsr inserts into kernel
|
||||
# currently only implemented for linux
|
||||
# valid values under linux are 1 .. 254
|
||||
# 1 gets remapped by olsrd to 0 UNSPECIFIED (1 is reserved for ICMP redirects)
|
||||
# 2 KERNEL routes (not very wise to use)
|
||||
# 3 BOOT (should in fact not be used by routing daemons)
|
||||
# 4 STATIC
|
||||
# 8 .. 15 various routing daemons (gated, zebra, bird, & co)
|
||||
# (defaults to 0 which gets replaced by an OS-specific default value
|
||||
# under linux 3 (BOOT) (for backward compatibility)
|
||||
|
||||
# RtProto 0
|
||||
|
||||
# Specifies the routing Table olsr uses
|
||||
# RtTable is for host routes, RtTableDefault for the route to the default
|
||||
# internet gateway (2 in case of IPv6+NIIT) and RtTableTunnel is for
|
||||
# routes to the ipip tunnels, valid values are 1 to 254
|
||||
# There is a special parameter "auto" (choose default below)
|
||||
# (with smartgw: default is 254/223/224)
|
||||
# (without smartgw: default is 254/254/254, linux main table)
|
||||
|
||||
# RtTable auto
|
||||
# RtTableDefault auto
|
||||
# RtTableTunnel auto
|
||||
|
||||
# Specifies the policy rule priorities for the three routing tables and
|
||||
# a special rule for smartgateway routing (see README-Olsr-Extensions)
|
||||
# Priorities can only be set if three different routing tables are set.
|
||||
# if set the values must obey to condition
|
||||
# RtTablePriority < RtTableDefaultOlsrPriority
|
||||
# < RtTableTunnelPriority < RtTableDefaultPriority.
|
||||
# There are two special parameters, "auto" (choose fitting to SmartGW
|
||||
# mode) and "none" (do not set policy rule)
|
||||
# (with smartgw: default is none/32776/32776/32796)
|
||||
# (without smartgw: default is none/none/none/none)
|
||||
|
||||
# RtTablePriority auto
|
||||
# RtTableDefaultOlsrPriority auto
|
||||
# RtTableTunnelPriority auto
|
||||
# RtTableDefaultPriority auto
|
||||
|
||||
# Activates (in IPv6 mode) the automatic use of NIIT
|
||||
# (see README-Olsr-Extensions)
|
||||
# (default is "yes")
|
||||
|
||||
# UseNiit yes
|
||||
|
||||
# Activates the smartgateway ipip tunnel feature.
|
||||
# See README-Olsr-Extensions for a description of smartgateways.
|
||||
# (default is "yes")
|
||||
|
||||
SmartGateway no
|
||||
|
||||
# Allows the selection of a smartgateway with NAT (only for IPv4)
|
||||
# (default is "yes")
|
||||
|
||||
# SmartGatewayAllowNAT yes
|
||||
|
||||
# Defines what kind of Uplink this node will publish as a
|
||||
# smartgateway. The existence of the uplink is detected by
|
||||
# a route to 0.0.0.0/0, ::ffff:0:0/96 and/or 2000::/3.
|
||||
# possible values are "none", "ipv4", "ipv6", "both"
|
||||
# (default is "both")
|
||||
|
||||
# SmartGatewayUplink "both"
|
||||
|
||||
# Specifies if the local ipv4 uplink use NAT
|
||||
# (default is "yes")
|
||||
|
||||
# SmartGatewayUplinkNAT yes
|
||||
|
||||
# Specifies the speed of the uplink in kilobit/s.
|
||||
# First parameter is upstream, second parameter is downstream
|
||||
# (default is 128/1024)
|
||||
|
||||
# SmartGatewaySpeed 128 1024
|
||||
|
||||
# Specifies the EXTERNAL ipv6 prefix of the uplink. A prefix
|
||||
# length of more than 64 is not allowed.
|
||||
# (default is 0::/0
|
||||
|
||||
# SmartGatewayPrefix 0::/0
|
||||
|
||||
##############################
|
||||
### OLSR protocol settings ###
|
||||
##############################
|
||||
|
||||
# For testing purposes it may be nice to use another port for olsrd
|
||||
# for using another port than the IANA assigned one
|
||||
# for a production network, there should be a good reason!!
|
||||
# valid values are integers >1, please be careful with using reserved
|
||||
# port numbers
|
||||
# (default is 698, the IANA assigned olsr-port)
|
||||
|
||||
# OlsrPort 698
|
||||
|
||||
# Sets the main IP (originator ip) of the router. This IP will NEVER
|
||||
# change during the uptime of olsrd.
|
||||
# (default is 0.0.0.0, which triggers usage of the IP of the first interface)
|
||||
|
||||
# MainIp 10.0.0.1
|
||||
MainIp <wifi_ip>
|
||||
|
||||
# The fixed willingness to use (0-7)
|
||||
# If not set willingness will be calculated
|
||||
# dynamically based on battery/power status
|
||||
# (default is 3)
|
||||
|
||||
# Willingness 3
|
||||
|
||||
# HNA (Host network association) allows the OLSR to announce
|
||||
# additional IPs or IP subnets to the net that are reachable
|
||||
# through this node.
|
||||
# Syntax for HNA4 is "network-address network-mask"
|
||||
# Syntax for HNA6 is "network-address prefix-length"
|
||||
# (default is no HNA)
|
||||
Hna4
|
||||
{
|
||||
# Internet gateway
|
||||
# 0.0.0.0 0.0.0.0
|
||||
# specific small networks reachable through this node
|
||||
# 15.15.0.0 255.255.255.0
|
||||
}
|
||||
Hna6
|
||||
{
|
||||
# Internet gateway
|
||||
# 0:: 0
|
||||
# specific small networks reachable through this node
|
||||
# fec0:2200:106:0:0:0:0:0 48
|
||||
}
|
||||
|
||||
|
||||
# Hysteresis for link sensing (only for hopcount metric)
|
||||
# Hysteresis adds more robustness to the link sensing
|
||||
# but delays neighbor registration.
|
||||
# (defaults to yes)
|
||||
|
||||
# UseHysteresis yes
|
||||
|
||||
# Hysteresis parameters (only for hopcount metric)
|
||||
# Do not alter these unless you know what you are doing!
|
||||
# Set to auto by default. Allowed values are floating point
|
||||
# values in the interval 0,1
|
||||
# THR_LOW must always be lower than THR_HIGH!!
|
||||
# (default is 0.5/0.8/0.3)
|
||||
|
||||
# HystScaling 0.50
|
||||
# HystThrHigh 0.80
|
||||
# HystThrLow 0.30
|
||||
|
||||
# TC redundancy
|
||||
# Specifies how much neighbor info should be sent in
|
||||
# TC messages. Because of a design problem in the 0.5.x
|
||||
# dijkstra implementation this value must be set to 2.
|
||||
# 2 - send all neighbors
|
||||
# (default is 2)
|
||||
|
||||
# TcRedundancy 2
|
||||
|
||||
# MPR coverage specifies how many MPRs a node should
|
||||
# try select to reach every 2 hop neighbor. Because of
|
||||
# a design problem in the 0.5.x dijkstra algorithm this
|
||||
# value should be set to 7.
|
||||
# (default is 7)
|
||||
|
||||
# MprCoverage 7
|
||||
|
||||
################################
|
||||
### OLSR protocol extensions ###
|
||||
################################
|
||||
|
||||
# Link quality level switch between hopcount and
|
||||
# cost-based (mostly ETX) routing. Because of
|
||||
# a design problem in the 0.5.x dijkstra algorithm this
|
||||
# value should not be set to 1.
|
||||
# 0 = do not use link quality
|
||||
# 2 = use link quality for MPR selection and routing
|
||||
# (default is 2)
|
||||
|
||||
# LinkQualityLevel 2
|
||||
|
||||
# Link quality algorithm (only for lq level 2)
|
||||
# (see README-Olsr-Extensions)
|
||||
# - "etx_float", a floating point ETX with exponential aging
|
||||
# - "etx_fpm", same as ext_float, but with integer arithmetic
|
||||
# - "etx_ff" (ETX freifunk), an etx variant which use all OLSR
|
||||
# traffic (instead of only hellos) for ETX calculation
|
||||
# - "etx_ffeth", an incompatible variant of etx_ff that allows
|
||||
# ethernet links with ETX 0.1.
|
||||
# (defaults to "etx_ff")
|
||||
|
||||
# LinkQualityAlgorithm "etx_ff"
|
||||
|
||||
# Link quality aging factor (only for lq level 2)
|
||||
# Tuning parameter for etx_float and etx_fpm, smaller values
|
||||
# mean slower changes of ETX value. (allowed values are
|
||||
# between 0.01 and 1.0)
|
||||
# (default is 0.05)
|
||||
|
||||
# LinkQualityAging 0.05
|
||||
|
||||
# Fisheye mechanism for TCs (0 meansoff, 1 means on)
|
||||
# (default is 1)
|
||||
|
||||
# LinkQualityFishEye 1
|
||||
|
||||
#
|
||||
# NatThreshold
|
||||
#
|
||||
# (currently this is only in the freifunk firmware)
|
||||
# If the NAT-Endpoint (the preferred 0/0 HNA emitting node)
|
||||
# is to be changed, the ETX value of the current 0/0 is
|
||||
# multiplied with the NatThreshold value before being
|
||||
# compared to the new one.
|
||||
# The parameter can be a value between 0.1 and 1.0, but
|
||||
# should be close to 1.0 if changed.
|
||||
# WARNING: This parameter should not be used together with
|
||||
# the etx_ffeth metric !!
|
||||
# (defaults to 1.0)
|
||||
|
||||
# NatThreshold 1.0
|
||||
|
||||
#############################################################
|
||||
### Configuration of the IPC to the windows GUI interface ###
|
||||
#############################################################
|
||||
|
||||
IpcConnect
|
||||
{
|
||||
# Determines how many simultaneously
|
||||
# IPC connections that will be allowed
|
||||
# Setting this to 0 disables IPC
|
||||
|
||||
# MaxConnections 0
|
||||
|
||||
# By default only 127.0.0.1 is allowed
|
||||
# to connect. Here allowed hosts and networks can
|
||||
# be added
|
||||
|
||||
# Host 127.0.0.1
|
||||
# Host 10.0.0.5
|
||||
# Net 192.168.1.0 255.255.255.0
|
||||
}
|
||||
|
||||
#####################################
|
||||
### Example plugin configurations ###
|
||||
#####################################
|
||||
# Olsrd plugins to load
|
||||
# This must be the absolute path to the file
|
||||
# or the loader will use the following scheme:
|
||||
# - Try the paths in the LD_LIBRARY_PATH
|
||||
# environment variable.
|
||||
# - The list of libraries cached in /etc/ld.so.cache
|
||||
# - /lib, followed by /usr/lib
|
||||
#
|
||||
# the examples in this list are for linux, so check if the plugin is
|
||||
# available if you use windows/BSD.
|
||||
# each plugin should have a README file in it's lib subfolder
|
||||
|
||||
LoadPlugin "olsrd_arprefresh.so.0.1"
|
||||
{
|
||||
}
|
||||
|
||||
LoadPlugin "olsrd_dot_draw.so.0.3"
|
||||
{
|
||||
PlParam "accept" "127.0.0.1"
|
||||
PlParam "port" "2003"
|
||||
}
|
||||
|
||||
LoadPlugin "olsrd_httpinfo.so.0.1"
|
||||
{
|
||||
# port number the httpinfo plugin will be listening, default 1978
|
||||
# PlParam "port" "8000"
|
||||
|
||||
# ip address that can access the plugin, use "0.0.0.0"
|
||||
# to allow everyone
|
||||
# PlParam "Host" "127.0.0.1"
|
||||
# PlParam "Host" "80.23.53.22"
|
||||
|
||||
# networks that can access the plugin (ip/netmask)
|
||||
# careful with 0.0.0.0/0, makes (ddos) attacks poss.
|
||||
PlParam "Net" "0.0.0.0 0.0.0.0"
|
||||
# PlParam "Net" "192.168.0.0 255.255.0.0"
|
||||
PlParam "Resolve" "true"
|
||||
}
|
||||
|
||||
LoadPlugin "olsrd_txtinfo.so.0.1"
|
||||
{
|
||||
# port number the txtinfo plugin will be listening, default 2006
|
||||
# PlParam "port" "81"
|
||||
# ip address that can access the plugin, use "0.0.0.0"
|
||||
# to allow everyone
|
||||
PlParam "Accept" "0.0.0.0"
|
||||
}
|
||||
|
||||
#LoadPlugin "olsrd_secure.so.0.6"
|
||||
#{
|
||||
# PlParam "Keyfile" "/etc/olsrd.key"
|
||||
#}
|
||||
|
||||
#LoadPlugin "olsrd_dyn_gw.so.0.5"
|
||||
#{
|
||||
# The plugin check interval can be set here in milliseconds.
|
||||
# The default is 1000 ms (1 second).
|
||||
# PlParam "CheckInterval" "5000"
|
||||
|
||||
# The ping check interval in case there is any pinged host specified.
|
||||
# The default is 5 seconds.
|
||||
# PlParam "PingInterval" "40"
|
||||
|
||||
# If one or more IPv4 addresses are given, do a ping on these in
|
||||
# descending order to validate that there is not only an entry in
|
||||
# routing table, but also a real network connection. If any of
|
||||
# these addresses could be pinged successfully, the test was
|
||||
# succesful, i.e. if the ping on the 1st address was successful,the
|
||||
# 2nd won't be pinged.
|
||||
#
|
||||
# The Ping list applies to the group of HNAs specified above or to the
|
||||
# default internet gateway when no HNA is specified.
|
||||
#
|
||||
# Running the plugin without parameters acts as the 'old' dyn_gw_plain.
|
||||
|
||||
# The following ping entries for the internet gateway
|
||||
# PlParam "Ping" "141.1.1.1"
|
||||
# PlParam "Ping" "194.25.2.129"
|
||||
|
||||
# First group of HNAs with related ping host
|
||||
# PlParam "HNA" "192.168.80.0 255.255.255.0"
|
||||
# PlParam "HNA" "192.168.81.0 255.255.255.0"
|
||||
# PlParam "Ping" "192.168.81.12"
|
||||
|
||||
# Second HNA group with multiple related ping hosts.
|
||||
# Specifying multiple ping hosts provides redundancy.
|
||||
# PlParam "HNA" "192.168.100.0 255.255.255.0"
|
||||
# PlParam "HNA" "192.168.101.0 255.255.255.0"
|
||||
# PlParam "HNA" "192.168.102.0 255.255.255.0"
|
||||
# PlParam "Ping" "192.168.100.10"
|
||||
# PlParam "Ping" "192.168.101.10"
|
||||
|
||||
# Third HNA group without ping check
|
||||
# PlParam "HNA" "192.168.200.0 255.255.255.0"
|
||||
# PlParam "HNA" "192.168.201.0 255.255.255.0"
|
||||
# PlParam "HNA" "192.168.202.0 255.255.255.0"
|
||||
#}
|
||||
|
||||
#LoadPlugin "olsrd_dyn_gw_plain.so.0.4"
|
||||
#{
|
||||
#}
|
||||
|
||||
LoadPlugin "olsrd_watchdog.so.0.1"
|
||||
{
|
||||
PlParam "file" "/tmp/olsrd.watchdog"
|
||||
PlParam "interval" "5"
|
||||
}
|
||||
|
||||
#############################################
|
||||
### OLSRD default interface configuration ###
|
||||
#############################################
|
||||
# the default interface section can have the same values as the following
|
||||
# interface configuration. It will allow you so set common options for all
|
||||
# interfaces.
|
||||
|
||||
InterfaceDefaults {
|
||||
# Ip4Broadcast 255.255.255.255
|
||||
}
|
||||
|
||||
######################################
|
||||
### OLSRd Interfaces configuration ###
|
||||
######################################
|
||||
# multiple interfaces can be specified for a single configuration block
|
||||
# multiple configuration blocks can be specified
|
||||
|
||||
# WARNING, don't forget to insert your interface names here !
|
||||
Interface <olsrd_bridge>
|
||||
{
|
||||
# Interface Mode is used to prevent unnecessary
|
||||
# packet forwarding on switched ethernet interfaces
|
||||
# valid Modes are "mesh" and "ether"
|
||||
# (default is "mesh")
|
||||
|
||||
# Mode "mesh"
|
||||
|
||||
# IPv4 broadcast address for outgoing OLSR packets.
|
||||
# One usefull example would be 255.255.255.255
|
||||
# The second useful value would be to
|
||||
# specify the peer adress of an ptp-tunnel.
|
||||
# another name of this parameter is "IPv4Multicast"
|
||||
# (default is 0.0.0.0, which triggers the usage of the
|
||||
# interface broadcast IP)
|
||||
|
||||
# Ip4Broadcast 0.0.0.0
|
||||
|
||||
# IPv6 multicast address
|
||||
# (default is FF02::6D, the manet-router linklocal multicast)
|
||||
|
||||
# IPv6Multicast FF02::6D
|
||||
|
||||
# IPv4 src address for outgoing OLSR packages
|
||||
# (default is 0.0.0.0, which triggers usage of the interface IP)
|
||||
|
||||
# IPv4Src 0.0.0.0
|
||||
|
||||
# IPv6 src prefix. OLSRd will choose one of the interface IPs
|
||||
# which matches the prefix of this parameter.
|
||||
# (default is 0::/0, which triggers the usage
|
||||
# of a not-linklocal interface IP)
|
||||
|
||||
# IPv6Src 0::/0
|
||||
|
||||
# Emission intervals in seconds.
|
||||
# If not defined, Freifunk network defaults are used
|
||||
# (default is 2.0/20.0 for Hello and 5.0/300.0 for Tc/Mid/Hna)
|
||||
|
||||
# HelloInterval 2.0
|
||||
# HelloValidityTime 20.0
|
||||
# TcInterval 5.0
|
||||
# TcValidityTime 300.0
|
||||
# MidInterval 5.0
|
||||
# MidValidityTime 300.0
|
||||
# HnaInterval 5.0
|
||||
# HnaValidityTime 300.0
|
||||
|
||||
# When multiple links exist between hosts
|
||||
# the weight of interface is used to determine
|
||||
# the link to use. Normally the weight is
|
||||
# automatically calculated by olsrd based
|
||||
# on the characteristics of the interface,
|
||||
# but here you can specify a fixed value.
|
||||
# Olsrd will choose links with the lowest value.
|
||||
# Note:
|
||||
# Interface weight is used only when LinkQualityLevel is set to 0.
|
||||
# For any other value of LinkQualityLevel, the interface ETX
|
||||
# value is used instead.
|
||||
# Weight 0
|
||||
|
||||
# If a certain route should be preferred
|
||||
# or ignored by the mesh, the Link Quality
|
||||
# value of a node can be multiplied with a factor
|
||||
# entered here. In the example the route
|
||||
# using 192.168.0.1 would rather be ignored.
|
||||
# A multiplier of 0.5 will result in a small
|
||||
# (bad) LinkQuality value and a high (bad)
|
||||
# ETX value.
|
||||
# Note:
|
||||
# Link quality multiplier is used only when
|
||||
# LinkQualityLevel is > 0.
|
||||
|
||||
# example 1: reduce LQ to 192.168.0.1 by half
|
||||
# LinkQualityMult 192.168.0.1 0.5
|
||||
|
||||
# example 2: reduce LQ to all nodes on this interface by 20%
|
||||
# LinkQualityMult default 0.8
|
||||
}
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
config 'system'
|
||||
option 'hostname' '<NODE>'
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel <wifi_channel>
|
||||
option rxant <wifi_rxant>
|
||||
option txant <wifi_txant>
|
||||
option distance <wifi_distance>
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network wifi
|
||||
option mode <wifi_mode>
|
||||
option ssid "<wifi_ssid>"
|
||||
option encryption none
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
wifi_proto = bridge
|
||||
wifi_mode = ap
|
||||
wifi_ssid = <NODE>
|
||||
wifi_txpower = 19
|
||||
wifi_channel = 6
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
wifi_hidden = 0
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.0.2
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 0
|
||||
lan_gw = 172.27.0.1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = disabled
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,23 @@
|
|||
wifi_proto = bridge
|
||||
wifi_mode = ap
|
||||
wifi_ssid = <NODE>
|
||||
wifi_txpower = 19
|
||||
wifi_channel = 6
|
||||
wifi_rxant = 3
|
||||
wifi_txant = 3
|
||||
wifi_distance = 0
|
||||
wifi_hidden = 0
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.0.2
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 0
|
||||
lan_gw = 172.27.0.1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = disabled
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,10 @@
|
|||
config dhcp
|
||||
option interface lan
|
||||
option start <dhcp_start>
|
||||
option limit <dhcp_limit>
|
||||
option leasetime 1h
|
||||
option ignore <lan_dhcp>
|
||||
|
||||
config dhcp
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -0,0 +1,3 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '2222'
|
|
@ -0,0 +1,56 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
#
|
||||
# RULE SYNTAX:
|
||||
#
|
||||
# forward:<intf>:<match>:<target>[:<port>]
|
||||
# - forwards all packets matched by <match> to <target>,
|
||||
# optionally changing the port to <port>
|
||||
#
|
||||
# accept:<intf>:<match>
|
||||
# - accepts all traffic matched by <match>
|
||||
#
|
||||
# drop:<intf>:<match>
|
||||
# - drops all traffic matched by <match>
|
||||
#
|
||||
# <intf> is the external interface to which the rule applies
|
||||
# value is either "wifi" or "wan"
|
||||
#
|
||||
#
|
||||
# MATCHING OPTIONS:
|
||||
#
|
||||
# src=<ip>
|
||||
# - match the source ip <ip>
|
||||
#
|
||||
# dest=<ip>
|
||||
# - match the destination ip <ip>
|
||||
#
|
||||
# proto=<proto>
|
||||
# - match the protocol by name or number
|
||||
#
|
||||
# sport=<port(s)>
|
||||
# - match the source port(s), see below for syntax
|
||||
#
|
||||
# dport=<port(s)>
|
||||
# - match the destination port(s), see below for syntax
|
||||
#
|
||||
#
|
||||
#
|
||||
# PORT SYNTAX:
|
||||
#
|
||||
# Arbitrary lists of ports and port ranges are in the following format:
|
||||
# - 22,53,993,1000-1024
|
||||
#
|
||||
# If you don't set the protocol to tcp or udp, it will apply to both
|
||||
#
|
||||
#
|
||||
#
|
||||
# EXAMPLES:
|
||||
#
|
||||
# drop:wan:dport=22 src=1.3.3.7
|
||||
# accept:wifi:proto=tcp dport=22
|
||||
# forward:wifi:dport=60168:192.168.1.2:60169
|
||||
|
||||
accept:wan:dport=2222 proto=tcp
|
||||
accept:wan:dport=8080 proto=tcp
|
||||
accept:wifi:dport=2222 proto=tcp
|
||||
accept:wifi:dport=8080 proto=tcp
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
iptables -F input_rule
|
||||
iptables -F output_rule
|
||||
iptables -F forwarding_rule
|
||||
iptables -t nat -F prerouting_rule
|
||||
iptables -t nat -F postrouting_rule
|
||||
|
||||
# The following chains are for traffic directed at the IP of the
|
||||
# WAN interface
|
||||
|
||||
iptables -F input_wan
|
||||
iptables -F forwarding_wan
|
||||
iptables -t nat -F prerouting_wan
|
||||
|
||||
### Open port to WAN
|
||||
## -- This allows port 22 to be answered by (dropbear on) the router
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
|
||||
# iptables -A input_wan -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
### Port forwarding
|
||||
## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
|
||||
# iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### DMZ
|
||||
## -- Connections to ports not handled above will be forwarded to 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT
|
|
@ -0,0 +1,25 @@
|
|||
include /etc/vlan
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
|
||||
#### LAN configuration
|
||||
config interface lan
|
||||
option type bridge
|
||||
option ifname "eth0.0"
|
||||
option proto <lan_proto>
|
||||
option ipaddr <lan_ip>
|
||||
option netmask <lan_mask>
|
||||
option gateway <lan_gw>
|
||||
option dns <lan_gw>
|
||||
|
||||
|
||||
#### WAN configuration
|
||||
config interface wan
|
||||
option ifname "eth0.1"
|
||||
option proto <wan_proto>
|
|
@ -0,0 +1,3 @@
|
|||
config 'system'
|
||||
option 'hostname' '<NODE>'
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel <wifi_channel>
|
||||
option rxant <wifi_rxant>
|
||||
option txant <wifi_txant>
|
||||
option distance <wifi_distance>
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network lan
|
||||
option mode <wifi_mode>
|
||||
option ssid "<wifi_ssid>"
|
||||
option hidden <wifi_hidden>
|
||||
option encryption none
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
wifi_proto = disabled
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.3.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = dhcp
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,14 @@
|
|||
wifi_proto = disabled
|
||||
|
||||
lan_proto = static
|
||||
lan_ip = 172.27.3.1
|
||||
lan_mask = 255.255.255.0
|
||||
lan_dhcp = 1
|
||||
|
||||
dhcp_start = 5
|
||||
dhcp_end = 25
|
||||
dhcp_limit = 20
|
||||
|
||||
wan_proto = dhcp
|
||||
wan_dns1 = 8.8.8.8
|
||||
wan_dns2 = 8.8.4.4
|
|
@ -0,0 +1,10 @@
|
|||
config dhcp
|
||||
option interface lan
|
||||
option start <dhcp_start>
|
||||
option limit <dhcp_limit>
|
||||
option leasetime 1h
|
||||
option ignore <lan_dhcp>
|
||||
|
||||
config dhcp
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -0,0 +1,3 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '2222'
|
|
@ -0,0 +1,56 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
#
|
||||
# RULE SYNTAX:
|
||||
#
|
||||
# forward:<intf>:<match>:<target>[:<port>]
|
||||
# - forwards all packets matched by <match> to <target>,
|
||||
# optionally changing the port to <port>
|
||||
#
|
||||
# accept:<intf>:<match>
|
||||
# - accepts all traffic matched by <match>
|
||||
#
|
||||
# drop:<intf>:<match>
|
||||
# - drops all traffic matched by <match>
|
||||
#
|
||||
# <intf> is the external interface to which the rule applies
|
||||
# value is either "wifi" or "wan"
|
||||
#
|
||||
#
|
||||
# MATCHING OPTIONS:
|
||||
#
|
||||
# src=<ip>
|
||||
# - match the source ip <ip>
|
||||
#
|
||||
# dest=<ip>
|
||||
# - match the destination ip <ip>
|
||||
#
|
||||
# proto=<proto>
|
||||
# - match the protocol by name or number
|
||||
#
|
||||
# sport=<port(s)>
|
||||
# - match the source port(s), see below for syntax
|
||||
#
|
||||
# dport=<port(s)>
|
||||
# - match the destination port(s), see below for syntax
|
||||
#
|
||||
#
|
||||
#
|
||||
# PORT SYNTAX:
|
||||
#
|
||||
# Arbitrary lists of ports and port ranges are in the following format:
|
||||
# - 22,53,993,1000-1024
|
||||
#
|
||||
# If you don't set the protocol to tcp or udp, it will apply to both
|
||||
#
|
||||
#
|
||||
#
|
||||
# EXAMPLES:
|
||||
#
|
||||
# drop:wan:dport=22 src=1.3.3.7
|
||||
# accept:wifi:proto=tcp dport=22
|
||||
# forward:wifi:dport=60168:192.168.1.2:60169
|
||||
|
||||
accept:wan:dport=2222 proto=tcp
|
||||
accept:wan:dport=8080 proto=tcp
|
||||
accept:wifi:dport=2222 proto=tcp
|
||||
accept:wifi:dport=8080 proto=tcp
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
iptables -F input_rule
|
||||
iptables -F output_rule
|
||||
iptables -F forwarding_rule
|
||||
iptables -t nat -F prerouting_rule
|
||||
iptables -t nat -F postrouting_rule
|
||||
|
||||
# The following chains are for traffic directed at the IP of the
|
||||
# WAN interface
|
||||
|
||||
iptables -F input_wan
|
||||
iptables -F forwarding_wan
|
||||
iptables -t nat -F prerouting_wan
|
||||
|
||||
### Open port to WAN
|
||||
## -- This allows port 22 to be answered by (dropbear on) the router
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 22 -j ACCEPT
|
||||
# iptables -A input_wan -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
### Port forwarding
|
||||
## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80
|
||||
# iptables -A forwarding_wan -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### DMZ
|
||||
## -- Connections to ports not handled above will be forwarded to 192.168.1.2
|
||||
# iptables -t nat -A prerouting_wan -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_wan -d 192.168.1.2 -j ACCEPT
|
|
@ -0,0 +1,29 @@
|
|||
include /etc/vlan
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
|
||||
#### LAN configuration
|
||||
config interface lan
|
||||
option type bridge
|
||||
option ifname "eth0.0"
|
||||
option proto <lan_proto>
|
||||
option ipaddr <lan_ip>
|
||||
option netmask <lan_mask>
|
||||
option dns "<wan_dns1> <wan_dns2>"
|
||||
option gateway <lan_gw>
|
||||
|
||||
|
||||
#### WAN configuration
|
||||
config interface wan
|
||||
option ifname "eth0.1"
|
||||
option proto <wan_proto>
|
||||
option ipaddr <wan_ip>
|
||||
option netmask <wan_mask>
|
||||
option gateway <wan_gw>
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
config 'system'
|
||||
option 'hostname' '<NODE>'
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel <wifi_channel>
|
||||
option disabled 1
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network lan
|
||||
option mode <wifi_mode>
|
||||
option ssid "<wifi_ssid>"
|
||||
option encryption none
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
config dhcp
|
||||
option interface lan
|
||||
option start 5
|
||||
option limit 20
|
||||
option leasetime 12h
|
||||
|
||||
config dhcp
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -0,0 +1,3 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '2222'
|
|
@ -0,0 +1,53 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
# RULE SYNTAX:
|
||||
#
|
||||
# forward:<match>:<target>[:<port>]
|
||||
# - forwards all packets matched by <match> to <target>,
|
||||
# optionally changing the port to <port>
|
||||
#
|
||||
# accept:<match>
|
||||
# - accepts all traffic matched by <match>
|
||||
#
|
||||
# drop:<match>
|
||||
# - drops all traffic matched by <match>
|
||||
#
|
||||
#
|
||||
# MATCHING OPTIONS:
|
||||
#
|
||||
# src=<ip>
|
||||
# - match the source ip <ip>
|
||||
#
|
||||
# dest=<ip>
|
||||
# - match the destination ip <ip>
|
||||
#
|
||||
# proto=<proto>
|
||||
# - match the protocol by name or number
|
||||
#
|
||||
# sport=<port(s)>
|
||||
# - match the source port(s), see below for syntax
|
||||
#
|
||||
# dport=<port(s)>
|
||||
# - match the destination port(s), see below for syntax
|
||||
#
|
||||
#
|
||||
#
|
||||
# PORT SYNTAX:
|
||||
#
|
||||
# You can enter an arbitrary list of ports and port ranges in the following format:
|
||||
# - 22,53,993,1000-1024
|
||||
#
|
||||
# If you don't set the protocol to tcp or udp, it will apply to both
|
||||
#
|
||||
#
|
||||
#
|
||||
# EXAMPLES:
|
||||
#
|
||||
# drop:dport=22 src=1.3.3.7
|
||||
# accept:proto=tcp dport=22
|
||||
# forward:dport=60168:192.168.1.2:60169
|
||||
|
||||
accept:wan:dport=2222 proto=tcp
|
||||
accept:wan:dport=8080 proto=tcp
|
||||
accept:wifi:dport=2222 proto=tcp
|
||||
accept:wifi:dport=8080 proto=tcp
|
|
@ -0,0 +1,3 @@
|
|||
config 'system'
|
||||
option 'hostname' 'NOCALL'
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel 1
|
||||
option rxant 3
|
||||
option txant 3
|
||||
option distance 0
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network lan
|
||||
option mode ap
|
||||
option ssid "MeshNode"
|
||||
option hidden 0
|
||||
option encryption none
|
||||
|
|
@ -0,0 +1 @@
|
|||
*/5 * * * * /usr/local/bin/fccid
|
|
@ -0,0 +1,28 @@
|
|||
# filter what we send upstream
|
||||
domain-needed
|
||||
bogus-priv
|
||||
filterwin2k
|
||||
localise-queries
|
||||
|
||||
# allow /etc/hosts and dhcp lookups via *.lan
|
||||
#local=/lan/
|
||||
domain=local.mesh
|
||||
expand-hosts
|
||||
no-negcache
|
||||
resolv-file=/tmp/resolv.conf.auto
|
||||
|
||||
# include olsr nameservice
|
||||
addn-hosts=/var/run/hosts_olsr
|
||||
|
||||
dhcp-authoritative
|
||||
dhcp-leasefile=/tmp/dhcp.leases
|
||||
|
||||
# use /etc/ethers for static hosts; same format as --dhcp-host
|
||||
# <hwaddr> <ipaddr>
|
||||
read-ethers
|
||||
|
||||
# other useful options:
|
||||
# default route(s): dhcp-option=3,192.168.1.1,192.168.1.2
|
||||
# dns server(s): dhcp-option=6,192.168.1.1,192.168.1.2
|
||||
|
||||
strict-order
|
|
@ -0,0 +1,4 @@
|
|||
# automatically generated file - do not edit
|
||||
# use /etc/hosts.user for custom entries
|
||||
127.0.0.1 localhost
|
||||
172.27.0.1 localnode
|
|
@ -0,0 +1,3 @@
|
|||
/cgi-bin/setup:root:hsmm
|
||||
/cgi-bin/ports:root:hsmm
|
||||
/cgi-bin/admin:root:hsmm
|
|
@ -0,0 +1,265 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2007 OpenWrt.org
|
||||
|
||||
START=60
|
||||
DNS_SERVERS=""
|
||||
|
||||
dhcp_calc() {
|
||||
local ip="$1"
|
||||
local res=0
|
||||
|
||||
while [ -n "$ip" ]; do
|
||||
part="${ip%%.*}"
|
||||
res="$(($res * 256))"
|
||||
res="$(($res + $part))"
|
||||
[ "${ip%.*}" != "$ip" ] && ip="${ip#*.}" || ip=
|
||||
done
|
||||
echo "$res"
|
||||
}
|
||||
|
||||
append_bool() {
|
||||
local section="$1"
|
||||
local option="$2"
|
||||
local value="$3"
|
||||
local _loctmp
|
||||
config_get_bool _loctmp "$section" "$option"
|
||||
[ "$_loctmp" -gt 0 ] && append args "$3"
|
||||
}
|
||||
|
||||
append_not_bool() {
|
||||
local section="$1"
|
||||
local option="$2"
|
||||
local value="$3"
|
||||
local _loctmp
|
||||
config_get_bool _loctmp "$section" "$option"
|
||||
[ "$_loctmp" -eq 0 ] && append args "$3"
|
||||
}
|
||||
|
||||
append_parm() {
|
||||
local section="$1"
|
||||
local option="$2"
|
||||
local switch="$3"
|
||||
local _loctmp
|
||||
config_get _loctmp "$section" "$option"
|
||||
[ -z "$_loctmp" ] && return 0
|
||||
append args "$switch $_loctmp"
|
||||
}
|
||||
|
||||
dnsmasq() {
|
||||
local cfg="$1"
|
||||
append_bool "$cfg" authoritative "-K"
|
||||
append_bool "$cfg" nodaemon "-d"
|
||||
append_bool "$cfg" domainneeded "-D"
|
||||
append_bool "$cfg" filterwin2k "-f"
|
||||
append_bool "$cfg" nohosts "-h"
|
||||
append_bool "$cfg" nonegcache "-N"
|
||||
append_bool "$cfg" strictorder "-o"
|
||||
append_bool "$cfg" logqueries "-q"
|
||||
append_bool "$cfg" noresolv "-R"
|
||||
append_bool "$cfg" localise_queries "-y"
|
||||
append_bool "$cfg" readethers "-Z"
|
||||
append_bool "$cfg" dbus "-l"
|
||||
|
||||
append_parm "$cfg" dnsforwardmax "-0"
|
||||
append_parm "$cfg" port "-p"
|
||||
append_parm "$cfg" ednspacket_max "-P"
|
||||
append_parm "$cfg" dhcpleasemax "-X"
|
||||
|
||||
config_get addnhosts "$cfg" addnhosts
|
||||
config_get interface "$cfg" interface
|
||||
config_get exceptinterface "$cfg" exceptinterface
|
||||
config_get queryport "$cfg" queryport
|
||||
config_get domain "$cfg" domain
|
||||
}
|
||||
|
||||
dhcp_subscrid_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get subscriberid "$cfg" subscriberid
|
||||
[ -n "$subscriberid" ] || return 0
|
||||
|
||||
append args "--dhcp-subscrid=$name,$subscriberid"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_remoteid_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get remoteid "$cfg" remoteid
|
||||
[ -n "$remoteid" ] || return 0
|
||||
|
||||
append args "--dhcp-remoteid=$name,$remoteid"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_circuitid_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get circuitid "$cfg" circuitid
|
||||
[ -n "$circuitid" ] || return 0
|
||||
|
||||
append args "--dhcp-circuitid=$name,$circuitid"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_userclass_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get userclass "$cfg" userclass
|
||||
[ -n "$userclass" ] || return 0
|
||||
|
||||
append args "--dhcp-userclass=$name,$userclass"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_vendorclass_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get vendorclass "$cfg" vendorclass
|
||||
[ -n "$vendorclass" ] || return 0
|
||||
|
||||
append args "--dhcp-vendorclass=$name,$vendorclass"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_host_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get mac "$cfg" mac
|
||||
[ -n "$mac" ] || return 0
|
||||
|
||||
|
||||
append args "--dhcp-host=$mac,$ip"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_mac_add() {
|
||||
local cfg="$1"
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || return 0
|
||||
|
||||
config_get mac "$cfg" mac
|
||||
[ -n "$mac" ] || return 0
|
||||
|
||||
append args "--dhcp-mac=$name,$mac"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_add() {
|
||||
local cfg="$1"
|
||||
config_get net "$cfg" interface
|
||||
[ -n "$net" ] || return 0
|
||||
|
||||
config_get name "$cfg" name
|
||||
[ -n "$name" ] || name="$net"
|
||||
|
||||
config_get ifname "$net" ifname
|
||||
[ -n "$ifname" ] || return 0
|
||||
|
||||
config_get dnsserver "$net" dns
|
||||
[ -n "$dnsserver" ] && {
|
||||
DNS_SERVERS="$DNS_SERVERS $dnsserver"
|
||||
}
|
||||
|
||||
if [ "$ifname" == "eth0.0" ]; then
|
||||
append_bool "$cfg" ignore "--no-dhcp-interface=eth0.0"
|
||||
else
|
||||
append_bool "$cfg" ignore "-I $ifname"
|
||||
fi
|
||||
|
||||
config_get proto "$net" proto
|
||||
[ static = "$proto" ] || return 0
|
||||
|
||||
config_get ipaddr "$net" ipaddr
|
||||
config_get netmask "$net" netmask
|
||||
|
||||
#check for an already active dhcp server on the interface, unless 'force' is set
|
||||
config_get_bool force "$cfg" force 0
|
||||
[ "$force" -gt 0 ] || {
|
||||
udhcpc -n -q -R -s /bin/true -t 1 -i $ifname >&- && return 0
|
||||
}
|
||||
|
||||
config_get start "$cfg" start
|
||||
config_get limit "$cfg" limit
|
||||
config_get leasetime "$cfg" leasetime
|
||||
config_get options "$cfg" options
|
||||
|
||||
leasetime="${leasetime:-12h}"
|
||||
start="$(dhcp_calc "${start:-100}")"
|
||||
limit="$((${limit:-150} + 1))"
|
||||
eval "$(ipcalc.sh $ipaddr $netmask $start $limit)"
|
||||
append_not_bool "$cfg" ignore "--dhcp-range=$name,$START,$END,$NETMASK,$leasetime${options:+ $options}"
|
||||
|
||||
dhcp_option_add "$cfg" "$name"
|
||||
}
|
||||
|
||||
dhcp_option_add() {
|
||||
local cfg="$1"
|
||||
local name="$2"
|
||||
|
||||
for count in $(seq 0 100); do
|
||||
eval current_value=\$CONFIG_"$cfg"_dhcp"$count"
|
||||
if [ -z "$current_value" ]; then
|
||||
let "count-=1"
|
||||
break
|
||||
fi
|
||||
append args "-O $name","$current_value"
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
start() {
|
||||
include /lib/network
|
||||
scan_interfaces
|
||||
config_load /var/state/network
|
||||
config_load dhcp
|
||||
|
||||
args=""
|
||||
config_foreach dnsmasq dnsmasq
|
||||
config_foreach dhcp_host_add host
|
||||
config_foreach dhcp_mac_add mac
|
||||
config_foreach dhcp_vendorclass_add vendorclass
|
||||
config_foreach dhcp_userclass_add userclass
|
||||
config_foreach dhcp_circuitid_add circuitid
|
||||
config_foreach dhcp_remoteid_add remoteid
|
||||
config_foreach dhcp_subscrid_add subscrid
|
||||
config_foreach dhcp_add dhcp
|
||||
|
||||
/usr/sbin/dnsmasq $args && {
|
||||
rm -f /tmp/resolv.conf
|
||||
DNS_SERVERS="127.0.0.1 $DNS_SERVERS"
|
||||
for DNS_SERVER in $DNS_SERVERS ; do
|
||||
echo "nameserver $DNS_SERVER" >> /tmp/resolv.conf
|
||||
done
|
||||
}
|
||||
}
|
||||
|
||||
stop() {
|
||||
killall dnsmasq
|
||||
}
|
|
@ -0,0 +1,57 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
START=50
|
||||
# Copyright (C) 2006 Carlos Sobrinho
|
||||
|
||||
config_cb() {
|
||||
local cfg="$CONFIG_SECTION"
|
||||
local nopasswd
|
||||
local cfgt
|
||||
config_get cfgt "$cfg" TYPE
|
||||
|
||||
case "$cfgt" in
|
||||
dropbear)
|
||||
config_get passauth $cfg PasswordAuth
|
||||
config_get port $cfg Port
|
||||
|
||||
case "$passauth" in
|
||||
no|off|disabled|0) nopasswd=1;;
|
||||
esac
|
||||
DROPBEAR_ARGS="${nopasswd:+-s }${port:+-p $port}"
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
keygen() {
|
||||
for keytype in rsa dss; do
|
||||
# check for keys
|
||||
key=dropbear/dropbear_${keytype}_host_key
|
||||
[ -f /tmp/$key -o -f /etc/$key ] || {
|
||||
# generate missing keys
|
||||
mkdir -p /tmp/dropbear
|
||||
[ -x /usr/bin/dropbearkey ] && {
|
||||
/usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start
|
||||
} &
|
||||
exit 0
|
||||
}
|
||||
done
|
||||
|
||||
lock /tmp/.switch2jffs
|
||||
mkdir -p /etc/dropbear
|
||||
mv /tmp/dropbear/dropbear_* /etc/dropbear/
|
||||
lock -u /tmp/.switch2jffs
|
||||
chown root /etc/dropbear
|
||||
chmod 0700 /etc/dropbear
|
||||
}
|
||||
|
||||
start() {
|
||||
[ -f /etc/dropbear/dropbear_rsa_host_key -a \
|
||||
-f /etc/dropbear/dropbear_dss_host_key ] || keygen
|
||||
|
||||
config_load dropbear
|
||||
/usr/sbin/dropbear $DROPBEAR_ARGS
|
||||
}
|
||||
|
||||
stop() {
|
||||
killall dropbear
|
||||
}
|
|
@ -0,0 +1,163 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
## Please make changes in /etc/firewall.user
|
||||
START=45
|
||||
start() {
|
||||
include /lib/network
|
||||
scan_interfaces
|
||||
config_load /var/state/network
|
||||
|
||||
config_get WAN wan ifname
|
||||
config_get WANDEV wan device
|
||||
config_get LAN lan ifname
|
||||
config_get LAN_IP lan ipaddr
|
||||
config_get LAN_MASK lan netmask
|
||||
config_get WIFI wifi ifname
|
||||
config_get WIFI_MASK wifi netmask
|
||||
|
||||
if [ -n "$WIFI" ]; then
|
||||
WIFI_IP=`ifconfig $WIFI | grep "inet addr" | cut -f2 -d: | cut -f1 -d' '`
|
||||
[ -n "$WIFI_IP" ] || WIFI=""
|
||||
fi
|
||||
|
||||
## CLEAR TABLES
|
||||
for T in filter nat; do
|
||||
iptables -t $T -F
|
||||
iptables -t $T -X
|
||||
done
|
||||
|
||||
iptables -N input_rule
|
||||
iptables -N input_wan
|
||||
iptables -N input_wifi
|
||||
iptables -N output_rule
|
||||
iptables -N forwarding_rule
|
||||
iptables -N forwarding_wan
|
||||
iptables -N forwarding_wifi
|
||||
|
||||
iptables -t nat -N NEW
|
||||
iptables -t nat -N prerouting_rule
|
||||
iptables -t nat -N prerouting_wan
|
||||
iptables -t nat -N prerouting_wifi
|
||||
iptables -t nat -N postrouting_rule
|
||||
|
||||
iptables -N LAN_ACCEPT
|
||||
[ -z "$WIFI" ] || iptables -A LAN_ACCEPT -i "$WIFI" -j RETURN
|
||||
[ -z "$WAN" ] || iptables -A LAN_ACCEPT -i "$WAN" -j RETURN
|
||||
[ -z "$WANDEV" -o "$WANDEV" = "$WAN" ] || iptables -A LAN_ACCEPT -i "$WANDEV" -j RETURN
|
||||
iptables -A LAN_ACCEPT -j ACCEPT
|
||||
|
||||
### INPUT
|
||||
### (connections with the router as destination)
|
||||
|
||||
# base case
|
||||
iptables -P INPUT DROP
|
||||
[ -z "$WIFI" ] || iptables -A INPUT -i $WIFI -d \! $WIFI_IP -j ACCEPT
|
||||
iptables -A INPUT -m state --state INVALID -j DROP
|
||||
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j DROP
|
||||
|
||||
# accept everything for the node when in dmz mode (now known as direct mode)
|
||||
[ -e /etc/config/dmz-mode ] && iptables -A INPUT -d $WIFI_IP -j ACCEPT
|
||||
|
||||
#
|
||||
# insert accept rule or to jump to new accept-check table here
|
||||
#
|
||||
iptables -A INPUT -j input_rule
|
||||
[ -z "$WIFI" ] || iptables -A INPUT -i $WIFI -j input_wifi
|
||||
[ -z "$WAN" ] || iptables -A INPUT -i $WAN -j input_wan
|
||||
|
||||
# allow
|
||||
iptables -A INPUT -j LAN_ACCEPT # allow from lan/wifi interfaces
|
||||
iptables -A INPUT -p icmp -j ACCEPT # allow ICMP
|
||||
iptables -A INPUT -p gre -j ACCEPT # allow GRE
|
||||
|
||||
# reject (what to do with anything not allowed earlier)
|
||||
iptables -A INPUT -p tcp -j REJECT --reject-with tcp-reset
|
||||
iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
|
||||
|
||||
### OUTPUT
|
||||
### (connections with the router as source)
|
||||
|
||||
# base case
|
||||
iptables -P OUTPUT DROP
|
||||
iptables -A OUTPUT -m state --state INVALID -j DROP
|
||||
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
|
||||
#
|
||||
# insert accept rule or to jump to new accept-check table here
|
||||
#
|
||||
iptables -A OUTPUT -j output_rule
|
||||
|
||||
# allow
|
||||
iptables -A OUTPUT -j ACCEPT #allow everything out
|
||||
|
||||
### FORWARDING
|
||||
### (connections routed through the router)
|
||||
|
||||
# base case
|
||||
iptables -P FORWARD DROP
|
||||
[ -z "$WIFI" ] || iptables -A FORWARD -i $WIFI -d \! $WIFI_IP -j ACCEPT
|
||||
iptables -A FORWARD -m state --state INVALID -j DROP
|
||||
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
|
||||
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
|
||||
#
|
||||
# insert accept rule or to jump to new accept-check table here
|
||||
#
|
||||
iptables -A FORWARD -j forwarding_rule
|
||||
[ -z "$WIFI" ] || iptables -A FORWARD -i $WIFI -j forwarding_wifi
|
||||
[ -z "$WAN" ] || iptables -A FORWARD -i $WAN -j forwarding_wan
|
||||
|
||||
# allow
|
||||
iptables -A FORWARD -i $LAN -o $LAN -j ACCEPT
|
||||
[ -z "$WIFI" ] || iptables -A FORWARD -i $LAN -o $WIFI -j ACCEPT
|
||||
[ -z "$WAN" ] || iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
|
||||
|
||||
# reject (what to do with anything not allowed earlier)
|
||||
iptables -A FORWARD -j REJECT
|
||||
|
||||
### MASQ
|
||||
if [ -z "$WIFI" -o -e /etc/config/dmz-mode ]; then
|
||||
iptables -t nat -A PREROUTING -m state --state NEW -p tcp -j NEW
|
||||
iptables -t nat -A PREROUTING -j prerouting_rule
|
||||
[ -z "$WAN" ] || iptables -t nat -A PREROUTING -i "$WAN" -j prerouting_wan
|
||||
iptables -t nat -A POSTROUTING -j postrouting_rule
|
||||
[ -z "$WAN" ] || iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE
|
||||
iptables -t nat -A NEW -m limit --limit 50 --limit-burst 100 -j RETURN && \
|
||||
iptables -t nat -A NEW -j DROP
|
||||
else
|
||||
eval `ipcalc.sh $WIFI_IP $WIFI_MASK`
|
||||
iptables -t nat -A PREROUTING -m state --state NEW -p tcp -j NEW
|
||||
iptables -t nat -A PREROUTING -j prerouting_rule
|
||||
[ -z "$WIFI" ] || iptables -t nat -A PREROUTING -i "$WIFI" -j prerouting_wifi
|
||||
[ -z "$WAN" ] || iptables -t nat -A PREROUTING -i "$WAN" -j prerouting_wan
|
||||
iptables -t nat -A POSTROUTING -j postrouting_rule
|
||||
[ -z "$WIFI" ] || iptables -t nat -A POSTROUTING -s \! $NETWORK/$PREFIX -o $WIFI -j MASQUERADE
|
||||
[ -z "$WAN" ] || iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE
|
||||
iptables -t nat -A NEW -m limit --limit 50 --limit-burst 100 -j RETURN && \
|
||||
iptables -t nat -A NEW -j DROP
|
||||
fi
|
||||
|
||||
## USER RULES
|
||||
[ -f /etc/config/firewall.user ] && . /etc/config/firewall.user
|
||||
[ \( -n "$WAN" -o -n "$WIFI" \) -a -e /etc/config/firewall ] && {
|
||||
[ -z "$WIFI" ] || export WIFI
|
||||
[ -z "$WAN" ] || export WAN
|
||||
eval `ipcalc.sh $LAN_IP $LAN_MASK`
|
||||
awk -f /usr/lib/common.awk -f /usr/lib/firewall.awk LAN_NET=$NETWORK/$PREFIX /etc/config/firewall | ash
|
||||
}
|
||||
}
|
||||
|
||||
stop() {
|
||||
iptables -P INPUT ACCEPT
|
||||
iptables -P OUTPUT ACCEPT
|
||||
iptables -P FORWARD ACCEPT
|
||||
iptables -F
|
||||
iptables -X
|
||||
iptables -t nat -P PREROUTING ACCEPT
|
||||
iptables -t nat -P POSTROUTING ACCEPT
|
||||
iptables -t nat -P OUTPUT ACCEPT
|
||||
iptables -t nat -F
|
||||
iptables -t nat -X
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
START=50
|
||||
|
||||
start() {
|
||||
include /lib/network
|
||||
scan_interfaces
|
||||
config_get ifname wan hostname
|
||||
[ -d /www ] && httpd -p 8080 -h /www -r ${hostname:-OpenWrt}
|
||||
}
|
||||
|
||||
stop() {
|
||||
killall httpd
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
START=95
|
||||
|
||||
start() {
|
||||
#/usr/local/bin/linkled
|
||||
echo -n
|
||||
}
|
||||
|
||||
stop() {
|
||||
killall linkled
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
START=99
|
||||
boot() {
|
||||
|
||||
# extract kamikaze generated vlan config
|
||||
[ -f /etc/vlan ] || head -n5 /etc/config/network > /etc/vlan
|
||||
|
||||
# setup nvram variables
|
||||
# now just a remnant of what was /usr/local/bin/nvram-setup
|
||||
if [ "`nvram get boot_wait`" != "on" ]; then
|
||||
nvram set boot_wait=on
|
||||
nvram commit
|
||||
fi
|
||||
|
||||
# run mode specific setup
|
||||
[ -x /etc/config/local ] && /etc/config/local
|
||||
}
|
|
@ -0,0 +1,154 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
START=05
|
||||
|
||||
start() {
|
||||
[ -e /etc/config/network ] && exit 0
|
||||
|
||||
mkdir -p /etc/config
|
||||
|
||||
(
|
||||
if grep -E 'mtd0: 000(6|a)0000' /proc/mtd 2>&- >&-; then
|
||||
# WGT634u
|
||||
echo boardtype=wgt634u
|
||||
else
|
||||
strings "$(find_mtd_part nvram)"
|
||||
fi
|
||||
) | awk '
|
||||
function p(cfgname, name) {
|
||||
if (c[name] != "") print " option " cfgname " \"" c[name] "\""
|
||||
}
|
||||
|
||||
function macinc(mac, maca, i, result) {
|
||||
split(mac, maca, ":")
|
||||
for (i = 1; i <= 6; i++) maca[i] = "0x" maca[i]
|
||||
if (++maca[6] > 0xff) {
|
||||
maca[5]++
|
||||
maca[6] = 0
|
||||
}
|
||||
for (i = 1; i <= 6; i++) {
|
||||
if (i != 1) result = result ":"
|
||||
result = result sprintf("%02x", maca[i])
|
||||
}
|
||||
return result
|
||||
}
|
||||
|
||||
BEGIN {
|
||||
FS="="
|
||||
c["lan_ifname"]="eth0.0"
|
||||
c["wan_ifname"]="eth0.1"
|
||||
c["vlan0ports"]="1 2 3 4 5*"
|
||||
c["vlan1ports"]="0 5"
|
||||
getline < "/proc/diag/model"
|
||||
model=$0
|
||||
for (i = 0; i < 6; i++) {
|
||||
if (mac_check != "") mac_check = mac_check ":"
|
||||
mac_check = mac_check "[0-9a-fA-F][0-9a-fA-F]"
|
||||
}
|
||||
}
|
||||
|
||||
($1 == "boardnum") || ($1 == "boardtype") || ($1 == "boardflags") || ($1 ~ /macaddr/) {
|
||||
nvram[$1] = $2
|
||||
}
|
||||
|
||||
END {
|
||||
if ((model == "ASUS WL-HDD") || (model == "ASUS WL-300g") || (model == "Linksys WAP54G V1")) {
|
||||
c["wan_ifname"] = ""
|
||||
c["lan_ifname"] = "eth1"
|
||||
}
|
||||
if (model == "ASUS WL-500g") {
|
||||
c["wan_ifname"] = "eth1"
|
||||
c["lan_ifname"] = "eth0"
|
||||
}
|
||||
if (model == "Dell TrueMobile 2300") {
|
||||
c["vlan0ports"] = "0 1 2 3 5*"
|
||||
c["vlan1ports"] = "4 5"
|
||||
}
|
||||
if (nvram["boardtype"] == "bcm94710r4") {
|
||||
# Toshiba WRC-1000
|
||||
c["lan_ifname"] = "eth0"
|
||||
c["wan_ifname"] = "eth1"
|
||||
}
|
||||
if (nvram["boardtype"] == "wgt634u") {
|
||||
c["vlan0ports"] = "0 1 2 3 5*"
|
||||
c["vlan1ports"] = "4 5"
|
||||
}
|
||||
if (nvram["boardtype"] == "0x0467") {
|
||||
c["vlan0ports"] = "0 1 2 3 5*"
|
||||
c["vlan1ports"] = "4 5"
|
||||
}
|
||||
if ((nvram["boardtype"] == "0x042f") || (nvram["boardtype"] == "0x0472")) {
|
||||
if (nvram["boardnum"] == "45") {
|
||||
# WL-500gP
|
||||
c["vlan0ports"] = "1 2 3 4 5*"
|
||||
c["vlan1ports"] = "0 5"
|
||||
} else {
|
||||
# Generic BCM94704
|
||||
c["vlan0ports"] = "0 1 2 3 4 5u"
|
||||
c["vlan1ports"] = ""
|
||||
c["lan_ifname"] = "eth0"
|
||||
c["wan_ifname"] = "eth1"
|
||||
|
||||
# MAC addresses on 4704 tend to be screwed up. Add a workaround here
|
||||
if (nvram["et0macaddr"] ~ mac_check) {
|
||||
c["lan_macaddr"] = nvram["et0macaddr"]
|
||||
c["wan_macaddr"] = macinc(c["lan_macaddr"])
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# WAP54G
|
||||
if ((nvram["boardnum"] == "2") || \
|
||||
(nvram["boardnum"] == "1024")) {
|
||||
c["lan_ifname"]="eth0"
|
||||
c["wan_ifname"]=""
|
||||
}
|
||||
|
||||
# ASUS WL-700gE
|
||||
# These are actually same as defaults above. For some reason this script applies
|
||||
# Generic BCM94704 settings instead so we revert to proper settings here.
|
||||
# Hopefully someone will fix this properly soon.
|
||||
if (model == "ASUS WL-700gE") {
|
||||
c["lan_ifname"]="eth0.0"
|
||||
c["wan_ifname"]="eth0.1"
|
||||
c["vlan0ports"]="1 2 3 4 5*"
|
||||
c["vlan1ports"]="0 5"
|
||||
}
|
||||
|
||||
if (model == "Motorola WR850G V2/V3") {
|
||||
c["vlan0ports"]="0 1 2 3 5*"
|
||||
c["vlan1ports"]="4 5"
|
||||
}
|
||||
|
||||
print "#### VLAN configuration "
|
||||
print "config switch eth0"
|
||||
p("vlan0", "vlan0ports")
|
||||
p("vlan1", "vlan1ports")
|
||||
print ""
|
||||
print ""
|
||||
print "#### Loopback configuration"
|
||||
print "config interface loopback"
|
||||
print " option ifname \"lo\""
|
||||
print " option proto static"
|
||||
print " option ipaddr 127.0.0.1"
|
||||
print " option netmask 255.0.0.0"
|
||||
print ""
|
||||
print ""
|
||||
print "#### LAN configuration"
|
||||
print "config interface lan"
|
||||
print " option type bridge"
|
||||
p("ifname", "lan_ifname")
|
||||
p("macaddr", "lan_macaddr")
|
||||
print " option proto static"
|
||||
print " option ipaddr 172.27.0.1"
|
||||
print " option netmask 255.255.255.0"
|
||||
print ""
|
||||
print ""
|
||||
print "#### WAN configuration"
|
||||
print "config interface wan"
|
||||
p("ifname", "wan_ifname")
|
||||
p("macaddr", "wan_macaddr")
|
||||
print " option proto dhcp"
|
||||
}' > /etc/config/network
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
START=70
|
||||
|
||||
start() {
|
||||
{
|
||||
while ! ping -c1 us.pool.ntp.org >/dev/null 2>&1; do sleep 60; done
|
||||
/usr/sbin/ntpclient -s -l -h us.pool.ntp.org >/dev/null 2>&1;
|
||||
} &
|
||||
}
|
||||
|
||||
stop() {
|
||||
killall ntpclient
|
||||
}
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2006 OpenWrt.org
|
||||
START=50
|
||||
|
||||
BIN=olsrd
|
||||
DEFAULT=/etc/default/olsrd
|
||||
RUN_D=/var/run
|
||||
PID_F=$RUN_D/$BIN.pid
|
||||
|
||||
start() {
|
||||
# generate the config file
|
||||
/usr/local/bin/olsrd-config || exit 1
|
||||
|
||||
# start the daemon
|
||||
[ -f $DEFAULT ] && . $DEFAULT
|
||||
$BIN -f /tmp/olsrd.conf -nofork $OPTIONS &
|
||||
|
||||
# write pid file (but strip out own pid ($$))
|
||||
mkdir -p $RUN_D
|
||||
PID=`pidof $BIN`
|
||||
echo ${PID%$$} > $PID_F
|
||||
}
|
||||
|
||||
stop() {
|
||||
killall olsrd
|
||||
}
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
src release http://broadband-hamnet.org/download/kamikaze/7.09/brcm-2.4/packages
|
||||
src packages http://broadband-hamnet.org/download/kamikaze/7.09/packages/mipsel
|
||||
dest root /
|
||||
dest ram /tmp
|
|
@ -0,0 +1 @@
|
|||
1.0.0
|
|
@ -0,0 +1 @@
|
|||
64509bfa335a2864a34a0e7e296593c9
|
|
@ -0,0 +1,2 @@
|
|||
root:$1$HKbcBnZl$Nl5jwzjejikuGScKRKBrT1:0:0:root:/tmp:/bin/ash
|
||||
nobody:*:65534:65534:nobody:/var:/bin/false
|
|
@ -0,0 +1,35 @@
|
|||
base-files-brcm-2.4
|
||||
bridge
|
||||
busybox
|
||||
dnsmasq
|
||||
dropbear
|
||||
ip6tables
|
||||
iptables
|
||||
kernel
|
||||
kmod-brcm-wl
|
||||
kmod-diag
|
||||
kmod-ipt-nathelper
|
||||
kmod-iptunnel4
|
||||
kmod-ipv6
|
||||
kmod-ppp
|
||||
kmod-pppoe
|
||||
kmod-switch
|
||||
kmod-wlcompat
|
||||
libgcc
|
||||
libpthread
|
||||
microperl
|
||||
mrd6
|
||||
mtd
|
||||
ndisc6
|
||||
ntpclient
|
||||
nvram
|
||||
ppp
|
||||
ppp-mod-pppoe
|
||||
rdisc6
|
||||
tcptraceroute6
|
||||
uclibc
|
||||
uclibcxx
|
||||
udp-broadcast-relay
|
||||
wireless-tools
|
||||
wlc
|
||||
xinetd
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh
|
||||
[ -f /etc/banner ] && cat /etc/banner
|
||||
|
||||
export PATH=/usr/local/bin:/bin:/sbin:/usr/bin:/usr/sbin
|
||||
export HOME=/tmp
|
||||
export PS1='\u@\h:\w\$ '
|
||||
|
||||
[ -x /bin/more ] || alias more=less
|
||||
[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi
|
||||
|
||||
[ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc
|
||||
|
||||
[ -x /sbin/arp ] || arp() { cat /proc/net/arp; }
|
||||
[ -z /bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }
|
|
@ -0,0 +1,46 @@
|
|||
## Keyword Decimal Description References
|
||||
# ------- ------- ----------- ----------
|
||||
# 0/tcp Reserved
|
||||
# 0/udp Reserved
|
||||
# Jon Postel <postel@isi.edu>
|
||||
tcpmux 1/tcp # TCP Port Service Multiplexer
|
||||
tcpmux 1/udp # TCP Port Service Multiplexer
|
||||
compressnet 2/tcp # Management Utility
|
||||
compressnet 2/udp # Management Utility
|
||||
compressnet 3/tcp # Compression Process
|
||||
compressnet 3/udp # Compression Process
|
||||
rje 5/tcp # Remote Job Entry
|
||||
rje 5/udp # Remote Job Entry
|
||||
echo 7/tcp Echo
|
||||
echo 7/udp Echo
|
||||
discard 9/tcp # Discard
|
||||
discard 9/udp # Discard
|
||||
discard 9/dccp # Discard SC:DISC
|
||||
systat 11/tcp users # Active Users
|
||||
systat 11/udp users # Active Users
|
||||
daytime 13/tcp # Daytime (RFC 867)
|
||||
daytime 13/udp # Daytime (RFC 867)
|
||||
netstat 15/tcp # Unassigned [was netstat]
|
||||
qotd 17/tcp quote # Quote of the Day
|
||||
qotd 17/udp quote # Quote of the Day
|
||||
msp 18/tcp # Message Send Protocol
|
||||
msp 18/udp # Message Send Protocol
|
||||
chargen 19/tcp # Character Generator
|
||||
chargen 19/udp # Character Generator
|
||||
ftp-data 20/tcp # File Transfer [Default Data]
|
||||
ftp-data 20/udp # File Transfer [Default Data]
|
||||
ftp 21/tcp # File Transfer [Control]
|
||||
fsp 21/udp # File Transfer [Control]
|
||||
ssh 22/tcp # SSH Remote Login Protocol
|
||||
ssh 22/udp # SSH Remote Login Protocol
|
||||
telnet 23/tcp # Telnet
|
||||
telnet 23/udp # Telnet
|
||||
smtp 25/tcp mail # Simple Mail Transfer
|
||||
smtp 25/udp mail # Simple Mail Transfer
|
||||
nsw-fe 27/tcp # NSW User System FE
|
||||
nsw-fe 27/udp # NSW User System FE
|
||||
msg-icp 29/tcp # MSG ICP
|
||||
msg-icp 29/udp # MSG ICP
|
||||
msg-auth 31/tcp # MSG Authentication
|
||||
msg-auth 31/udp # MSG Authentication
|
||||
dotdraw 2004/tcp # olsrd dot draw plugin
|
|
@ -0,0 +1,15 @@
|
|||
# description: a workaround for the overly restrictive olsr dot_draw plugin
|
||||
# - open up the port to anyone instead of just one specific ip address
|
||||
|
||||
service dotdraw
|
||||
{
|
||||
disable = no
|
||||
socket_type = stream
|
||||
protocol = tcp
|
||||
wait = no
|
||||
user = root
|
||||
group = root
|
||||
server = /usr/bin/nc
|
||||
server_args = 127.0.0.1 2003
|
||||
}
|
||||
|
|
@ -0,0 +1,275 @@
|
|||
append DRIVERS "broadcom"
|
||||
|
||||
scan_broadcom() {
|
||||
local device="$1"
|
||||
local wds
|
||||
local adhoc sta apmode
|
||||
local adhoc_if sta_if ap_if
|
||||
|
||||
config_get vifs "$device" vifs
|
||||
for vif in $vifs; do
|
||||
config_get mode "$vif" mode
|
||||
case "$mode" in
|
||||
adhoc)
|
||||
adhoc=1
|
||||
adhoc_if="$vif"
|
||||
;;
|
||||
sta)
|
||||
sta=1
|
||||
sta_if="$vif"
|
||||
;;
|
||||
ap)
|
||||
apmode=1
|
||||
ap_if="${ap_if:+$ap_if }$vif"
|
||||
;;
|
||||
wds)
|
||||
config_get addr "$vif" bssid
|
||||
[ -z "$addr" ] || append wds "$addr"
|
||||
;;
|
||||
*) echo "$device($vif): Invalid mode";;
|
||||
esac
|
||||
done
|
||||
config_set "$device" wds "$wds"
|
||||
|
||||
local _c=
|
||||
for vif in ${adhoc_if:-$sta_if $ap_if}; do
|
||||
config_set "$vif" ifname "wl0${_c:+.$_c}"
|
||||
_c=$((${_c:-0} + 1))
|
||||
done
|
||||
config_set "$device" vifs "${adhoc_if:-$sta_if $ap_if}"
|
||||
|
||||
ifdown="down"
|
||||
for vif in 0 1 2 3; do
|
||||
append ifdown "vif $vif" "$N"
|
||||
append ifdown "enabled 0" "$N"
|
||||
done
|
||||
|
||||
ap=1
|
||||
infra=1
|
||||
mssid=1
|
||||
apsta=0
|
||||
radio=1
|
||||
case "$adhoc:$sta:$apmode" in
|
||||
1*)
|
||||
ap=0
|
||||
mssid=0
|
||||
infra=0
|
||||
;;
|
||||
:1:1)
|
||||
apsta=1
|
||||
wet=1
|
||||
;;
|
||||
:1:)
|
||||
wet=1
|
||||
ap=0
|
||||
mssid=0
|
||||
;;
|
||||
::)
|
||||
radio=0
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
disable_broadcom() {
|
||||
set_wifi_down "$1"
|
||||
wlc down
|
||||
(
|
||||
include /lib/network
|
||||
|
||||
# make sure the interfaces are down and removed from all bridges
|
||||
for dev in wl0 wl0.1 wl0.2 wl0.3; do
|
||||
ifconfig "$dev" down 2>/dev/null >/dev/null && {
|
||||
unbridge "$dev"
|
||||
}
|
||||
done
|
||||
)
|
||||
true
|
||||
}
|
||||
|
||||
enable_broadcom() {
|
||||
local _c
|
||||
config_get channel "$device" channel
|
||||
config_get country "$device" country
|
||||
config_get maxassoc "$device" maxassoc
|
||||
config_get wds "$device" wds
|
||||
config_get vifs "$device" vifs
|
||||
config_get distance "$device" distance
|
||||
config_get slottime "$device" slottime
|
||||
config_get rxant "$device" rxant
|
||||
config_get txant "$device" txant
|
||||
local vif_pre_up vif_post_up vif_do_up
|
||||
|
||||
_c=0
|
||||
nas="$(which nas)"
|
||||
nas_cmd=
|
||||
if_up=
|
||||
|
||||
[ -z "$slottime" ] && {
|
||||
[ -n "$distance" ] && {
|
||||
slottime=$((10 + ($distance / 150)))
|
||||
[ $distance = 0 ] && slottime=-1
|
||||
}
|
||||
} || {
|
||||
slottime="${slottime:--1}"
|
||||
}
|
||||
|
||||
for vif in $vifs; do
|
||||
config_get mode "$vif" mode
|
||||
append vif_pre_up "vif $_c" "$N"
|
||||
append vif_post_up "vif $_c" "$N"
|
||||
|
||||
[ "$mode" = "sta" ] || {
|
||||
config_get_bool hidden "$vif" hidden 0
|
||||
append vif_pre_up "closed $hidden" "$N"
|
||||
config_get_bool isolate "$vif" isolate 0
|
||||
append vif_pre_up "ap_isolate $isolate" "$N"
|
||||
}
|
||||
|
||||
wsec_r=0
|
||||
eap_r=0
|
||||
wsec=0
|
||||
auth=0
|
||||
nasopts=
|
||||
config_get enc "$vif" encryption
|
||||
case "$enc" in
|
||||
WEP|wep)
|
||||
wsec_r=1
|
||||
wsec=1
|
||||
defkey=1
|
||||
config_get key "$vif" key
|
||||
case "$key" in
|
||||
[1234])
|
||||
defkey="$key"
|
||||
for knr in 1 2 3 4; do
|
||||
config_get k "$vif" key$knr
|
||||
[ -n "$k" ] || continue
|
||||
[ "$defkey" = "$knr" ] && def="=" || def=""
|
||||
append vif_pre_up "wepkey $def$knr,$k" "$N"
|
||||
done
|
||||
;;
|
||||
"");;
|
||||
*) append vif_pre_up "wepkey =1,$key" "$N";;
|
||||
esac
|
||||
;;
|
||||
*psk*|*PSK*)
|
||||
wsec_r=1
|
||||
config_get key "$vif" key
|
||||
case "$enc" in
|
||||
wpa*+wpa2*|WPA*+WPA2*|*psk+*psk2|*PSK+*PSK2) auth=132; wsec=6;;
|
||||
wpa2*|WPA2*|*PSK2|*psk2) auth=128; wsec=4;;
|
||||
*) auth=4; wsec=2;;
|
||||
esac
|
||||
eval "${vif}_key=\"\$key\""
|
||||
nasopts="-k \"\$${vif}_key\""
|
||||
;;
|
||||
*wpa*|*WPA*)
|
||||
wsec_r=1
|
||||
eap_r=1
|
||||
config_get key "$vif" key
|
||||
config_get server "$vif" server
|
||||
config_get port "$vif" port
|
||||
case "$enc" in
|
||||
wpa*+wpa2*|WPA*+WPA2*) auth=66; wsec=6;;
|
||||
wpa2*|WPA2*) auth=64; wsec=4;;
|
||||
*) auth=2; wsec=2;;
|
||||
esac
|
||||
eval "${vif}_key=\"\$key\""
|
||||
nasopts="-r \"\$${vif}_key\" -h $server -p $port"
|
||||
;;
|
||||
esac
|
||||
append vif_post_up "wsec $wsec" "$N"
|
||||
append vif_post_up "wpa_auth $auth" "$N"
|
||||
append vif_post_up "wsec_restrict $wsec_r" "$N"
|
||||
append vif_post_up "eap_restrict $eap_r" "$N"
|
||||
|
||||
config_get ssid "$vif" ssid
|
||||
append vif_post_up "vlan_mode 0" "$N"
|
||||
append vif_post_up "ssid $ssid" "$N"
|
||||
case "$mode" in
|
||||
sta|adhoc) append vif_do_up "ssid $ssid" "$N";;
|
||||
esac
|
||||
|
||||
append vif_post_up "enabled 1" "$N"
|
||||
|
||||
config_get ifname "$vif" ifname
|
||||
#append if_up "ifconfig $ifname up" ";$N"
|
||||
local net_cfg bridge
|
||||
net_cfg="$(find_net_config "$vif")"
|
||||
[ -z "$net_cfg" ] || {
|
||||
bridge="$(bridge_interface "$net_cfg")"
|
||||
append if_up "start_net '$ifname' '$net_cfg'" ";$N"
|
||||
append if_up "set_wifi_up '$vif' '$ifname'" ";$N"
|
||||
}
|
||||
[ -z "$nasopts" ] || {
|
||||
eval "${vif}_ssid=\"\$ssid\""
|
||||
nas_mode="-A"
|
||||
use_nas=1
|
||||
[ "$mode" = "sta" ] && {
|
||||
nas_mode="-S"
|
||||
[ -z "$bridge" ] || {
|
||||
append vif_pre_up "supplicant 1" "$N"
|
||||
append vif_pre_up "passphrase $key" "$N"
|
||||
|
||||
use_nas=0
|
||||
}
|
||||
}
|
||||
[ -z "$nas" -o "$use_nas" = "0" ] || nas_cmd="${nas_cmd:+$nas_cmd$N}$nas -P /var/run/nas.$ifname.pid -H 34954 ${bridge:+ -l $bridge} -i $ifname $nas_mode -m $auth -w $wsec -s \"\$${vif}_ssid\" -g 3600 $nasopts &"
|
||||
}
|
||||
_c=$(($_c + 1))
|
||||
done
|
||||
killall -KILL nas >&- 2>&-
|
||||
wlc stdin <<EOF
|
||||
$ifdown
|
||||
|
||||
ap $ap
|
||||
mssid $mssid
|
||||
apsta $apsta
|
||||
infra $infra
|
||||
${wet:+wet 1}
|
||||
802.11d 0
|
||||
802.11h 0
|
||||
rxant ${rxant:-3}
|
||||
txant ${txant:-3}
|
||||
|
||||
radio ${radio:-1}
|
||||
macfilter 0
|
||||
maclist none
|
||||
wds none
|
||||
${wds:+wds $wds}
|
||||
${channel:+channel $channel}
|
||||
country ${country:-IL0}
|
||||
maxassoc ${maxassoc:-128}
|
||||
slottime ${slottime:--1}
|
||||
|
||||
$vif_pre_up
|
||||
up
|
||||
$vif_post_up
|
||||
EOF
|
||||
eval "$if_up"
|
||||
wlc stdin <<EOF
|
||||
$vif_do_up
|
||||
EOF
|
||||
eval "$nas_cmd"
|
||||
}
|
||||
|
||||
|
||||
detect_broadcom() {
|
||||
[ -f /proc/net/wl0 ] || return
|
||||
config_get type wl0 type
|
||||
[ "$type" = broadcom ] && return
|
||||
cat <<EOF
|
||||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel 5
|
||||
|
||||
# REMOVE THIS LINE TO ENABLE WIFI:
|
||||
option disabled 1
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network lan
|
||||
option mode ap
|
||||
option ssid OpenWrt
|
||||
option encryption none
|
||||
EOF
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
microperl
|
|
@ -0,0 +1,68 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
function portstr(type, str) {
|
||||
gsub(/-/, ":", str)
|
||||
if (insmod_mport != 1) {
|
||||
print "insmod ipt_multiport >&- 2>&-"
|
||||
insmod_mport = 1
|
||||
}
|
||||
if (type == "src") return " -m multiport --sports " str
|
||||
else return " -m multiport --dports " str
|
||||
}
|
||||
|
||||
function str2ipt(str) {
|
||||
str2data(str)
|
||||
_cmd = ""
|
||||
if (_l["src"] != "") _cmd = _cmd " -s " _l["src"]
|
||||
if (_l["dest"] != "") _cmd = _cmd " -d " _l["dest"]
|
||||
if (_l["proto"] != "") {
|
||||
_cmd = _cmd " -p " _l["proto"]
|
||||
}
|
||||
# scripts need to check for proto="" and emit two rules in that case
|
||||
if ((_l["proto"] == "") || (_l["proto"] == "tcp") || (_l["proto"] == "udp")) {
|
||||
if (_l["sport"] != "") _cmd = _cmd portstr("src", _l["sport"])
|
||||
if (_l["dport"] != "") _cmd = _cmd portstr("dest", _l["dport"])
|
||||
}
|
||||
if (_l["layer7"] != "") {
|
||||
if (insmod_l7 != 1) {
|
||||
print "insmod ipt_layer7 >&- 2>&-"
|
||||
insmod_l7 = 1
|
||||
}
|
||||
_cmd = _cmd " -m layer7 --l7proto " _l["layer7"]
|
||||
}
|
||||
return _cmd
|
||||
}
|
||||
|
||||
function str2data(str) {
|
||||
delete _l
|
||||
_n = split(str, _o, "[\t ]")
|
||||
for (_i = 1; _i <= _n; _i++) {
|
||||
_n2 = split(_o[_i], _c, "=")
|
||||
if (_n2 == 2) _l[_c[1]] = _c[2]
|
||||
}
|
||||
}
|
||||
|
||||
function bitcount(c) {
|
||||
c=and(rshift(c, 1),0x55555555)+and(c,0x55555555)
|
||||
c=and(rshift(c, 2),0x33333333)+and(c,0x33333333)
|
||||
c=and(rshift(c, 4),0x0f0f0f0f)+and(c,0x0f0f0f0f)
|
||||
c=and(rshift(c, 8),0x00ff00ff)+and(c,0x00ff00ff)
|
||||
c=and(rshift(c,16),0x0000ffff)+and(c,0x0000ffff)
|
||||
return c
|
||||
}
|
||||
|
||||
function validate_netmask(nm) {
|
||||
return and(-nm,compl(nm))
|
||||
}
|
||||
|
||||
function ip2int(ip) {
|
||||
for (ret=0,n=split(ip,a,"\."),x=1;x<=n;x++) ret=or(lshift(ret,8),a[x])
|
||||
return ret
|
||||
}
|
||||
|
||||
function int2ip(ip,ret,x) {
|
||||
ret=and(ip,255)
|
||||
ip=rshift(ip,8)
|
||||
for(;x<3;ret=and(ip,255)"."ret,ip=rshift(ip,8),x++);
|
||||
return ret
|
||||
}
|
|
@ -0,0 +1,83 @@
|
|||
# Copyright (C) 2006 OpenWrt.org
|
||||
|
||||
BEGIN {
|
||||
FS=":"
|
||||
}
|
||||
|
||||
($1 == "accept") || ($1 == "drop") || ($1 == "forward") {
|
||||
delete _opt
|
||||
str2data($3)
|
||||
if ((_l["proto"] == "") && (_l["sport"] _l["dport"] != "")) {
|
||||
_opt[0] = " -p tcp"
|
||||
_opt[1] = " -p udp"
|
||||
} else {
|
||||
_opt[0] = ""
|
||||
}
|
||||
}
|
||||
|
||||
($1 == "accept") {
|
||||
print "#\n# rules for " $_
|
||||
target = " -j ACCEPT"
|
||||
for (o in _opt) {
|
||||
print "iptables -t nat -A prerouting_" $2 _opt[o] str2ipt($3) target
|
||||
# this one is to allow LAN access to node services when a DMZ server is in use
|
||||
if ($2 == "wifi") print "iptables -t nat -A PREROUTING " _opt[o] str2ipt($3) target
|
||||
print "iptables -A input_" $2 " " _opt[o] str2ipt($3) target
|
||||
}
|
||||
}
|
||||
|
||||
($1 == "drop") {
|
||||
print "#\n# rules for " $_
|
||||
for (o in _opt) {
|
||||
print "iptables -t nat -A prerouting_" $2 _opt[o] str2ipt($3) " -j DROP"
|
||||
}
|
||||
}
|
||||
|
||||
# 1 2 3 4 5
|
||||
# forward:wifi:dport=80 proto=tcp dest=10.122.140.13:172.27.0.5:80
|
||||
|
||||
($1 == "forward") {
|
||||
print "#\n# rules for " $_
|
||||
target = " -j DNAT --to " $4
|
||||
fwopts = ""
|
||||
if ($5 != "") {
|
||||
if ((_l["proto"] == "tcp") || (_l["proto"] == "udp") || (_l["proto"] == "")) {
|
||||
if (_l["proto"] != "") fwopts = " -p " _l["proto"]
|
||||
fwopts = fwopts " --dport " $5
|
||||
target = target ":" $5
|
||||
}
|
||||
else fwopts = ""
|
||||
}
|
||||
for (o in _opt) {
|
||||
print "iptables -t nat -A prerouting_" $2 _opt[o] str2ipt($3) target
|
||||
# everything seems to work without this rule
|
||||
#print "iptables -A forwarding_" $2 _opt[o] " -d " $4 fwopts " -j ACCEPT"
|
||||
|
||||
# the wan is more restricted so it needs extra rules
|
||||
if($2 == "wan") {
|
||||
fwopts = _opt[o]
|
||||
if ((_l["proto"] != "") && (_opt[0] == "")) fwopts = " -p " _l["proto"]
|
||||
if(_l["dport"] ~ /-/) {
|
||||
dport = portstr("dst", _l["dport"])
|
||||
print "iptables -A input_" $2 fwopts " -d " $4 dport " -j ACCEPT"
|
||||
} else {
|
||||
print "iptables -A input_" $2 fwopts " -d " $4 " --dport " $5 " -j ACCEPT"
|
||||
}
|
||||
}
|
||||
|
||||
# rules to give lan hosts access to port forwarded services
|
||||
if ($2 == "wifi") {
|
||||
fwopts = _opt[o]
|
||||
dport = ""
|
||||
if ((_l["proto"] != "") && (_opt[0] == "")) fwopts = " -p " _l["proto"]
|
||||
if (_l["dport"] != "") dport = portstr("dst", _l["dport"])
|
||||
print "iptables -t nat -A PREROUTING " fwopts " -s " LAN_NET " -d " _l["dest"] dport target
|
||||
}
|
||||
}
|
||||
|
||||
# nat the packet source for requests that came from the lan
|
||||
# this doesn't work for the wan yet
|
||||
if ($2 == "wifi") {
|
||||
print "iptables -t nat -A POSTROUTING -s " LAN_NET " -d " $4 " -j SNAT --to " _l["dest"]
|
||||
}
|
||||
}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue