mirror of https://github.com/hak5/openwrt-owl.git
parent
cd94ce2d10
commit
3a7cd85d28
|
@ -1,5 +1,4 @@
|
|||
#!/bin/sh
|
||||
. /etc/functions.sh
|
||||
case "$1" in
|
||||
start|restart)
|
||||
ifup lan
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
#!/bin/sh
|
||||
${FAILSAFE:+return}
|
||||
. /etc/functions.sh
|
||||
WAN=$(nvram get wan_ifname)
|
||||
LAN=$(nvram get lan_ifname)
|
||||
|
@ -17,18 +16,6 @@ iptables -N forwarding_rule
|
|||
iptables -t nat -N prerouting_rule
|
||||
iptables -t nat -N postrouting_rule
|
||||
|
||||
### Allow SSH from WAN
|
||||
# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT
|
||||
# iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
### Port forwarding
|
||||
# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_rule -i $WAN -p tcp --dport 22 -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### DMZ (should be placed after port forwarding / accept rules)
|
||||
# iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2
|
||||
# iptables -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT
|
||||
|
||||
### INPUT
|
||||
### (connections with the router as destination)
|
||||
|
||||
|
@ -94,3 +81,6 @@ iptables -t nat -N postrouting_rule
|
|||
iptables -t nat -A PREROUTING -j prerouting_rule
|
||||
iptables -t nat -A POSTROUTING -j postrouting_rule
|
||||
iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE
|
||||
|
||||
## USER RULES
|
||||
. /etc/firewall.user
|
||||
|
|
|
@ -22,4 +22,4 @@ udhcpc -n -q -R -s /dev/zero -i $ifname >&- || {
|
|||
|
||||
args="-K -F $(int2ip $start),$(int2ip $end),$(int2ip $netmask),12h"
|
||||
}
|
||||
/usr/sbin/dnsmasq ${args}
|
||||
dnsmasq ${args}
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
#!/bin/sh
|
||||
/usr/sbin/httpd -p 80 -h /www -r WRT54G Router
|
||||
httpd -p 80 -h /www -r WRT54G Router
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
#!/bin/sh
|
||||
/usr/sbin/telnetd -l /bin/login
|
||||
telnetd -l /bin/login
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
#!/bin/sh
|
||||
syslogd -C 16
|
||||
klogd
|
||||
${FAILSAFE:+telnetd -l /bin/login; ifup lan; exit}
|
||||
|
||||
for i in /etc/init.d/S*; do
|
||||
$i start 2>&1
|
||||
done | logger -s -p 6 -t ''
|
||||
|
|
|
@ -1,63 +1,63 @@
|
|||
#!/bin/ash
|
||||
. /etc/functions.sh
|
||||
type=$1
|
||||
debug "### ifup $type ###"
|
||||
type=$1
|
||||
debug "### ifup $type ###"
|
||||
|
||||
if=$(nvram get ${type}_ifname)
|
||||
if [ "${if%%[0-9]}" = "ppp" ]; then
|
||||
if=$(nvram get pppoe_ifname)
|
||||
fi
|
||||
if=$(nvram get ${type}_ifname)
|
||||
if [ "${if%%[0-9]}" = "ppp" ]; then
|
||||
if=$(nvram get pppoe_ifname)
|
||||
fi
|
||||
|
||||
if_valid $if || return
|
||||
if_valid $if || return
|
||||
|
||||
mac=$(nvram get ${type}_hwaddr)
|
||||
$DEBUG ifconfig $if down 2>&-
|
||||
if [ "${if%%[0-9]}" = "br" ]; then
|
||||
stp=$(nvram get ${type}_stp)
|
||||
$DEBUG brctl delbr $if 2>&-
|
||||
$DEBUG brctl addbr $if
|
||||
$DEBUG brctl setfd $if 0
|
||||
$DEBUG brctl stp $if ${stp:-0}
|
||||
for sif in $(nvram get ${type}_ifnames); do {
|
||||
if_valid $sif || continue
|
||||
${mac:+$DEBUG ifconfig $sif down hw ether $mac}
|
||||
$DEBUG ifconfig $sif 0.0.0.0 up
|
||||
$DEBUG brctl addif $if $sif
|
||||
} done
|
||||
else
|
||||
${mac:+$DEBUG ifconfig $if down hw ether $mac}
|
||||
fi
|
||||
mac=$(nvram get ${type}_hwaddr)
|
||||
$DEBUG ifconfig $if down 2>&-
|
||||
if [ "${if%%[0-9]}" = "br" ]; then
|
||||
stp=$(nvram get ${type}_stp)
|
||||
$DEBUG brctl delbr $if 2>&-
|
||||
$DEBUG brctl addbr $if
|
||||
$DEBUG brctl setfd $if 0
|
||||
$DEBUG brctl stp $if ${stp:-0}
|
||||
for sif in $(nvram get ${type}_ifnames); do {
|
||||
if_valid $sif || continue
|
||||
${mac:+$DEBUG ifconfig $sif down hw ether $mac}
|
||||
$DEBUG ifconfig $sif 0.0.0.0 up
|
||||
$DEBUG brctl addif $if $sif
|
||||
} done
|
||||
else
|
||||
${mac:+$DEBUG ifconfig $if down hw ether $mac}
|
||||
fi
|
||||
|
||||
|
||||
if_proto=$(nvram get ${type}_proto)
|
||||
case "$if_proto" in
|
||||
static)
|
||||
ip=$(nvram get ${type}_ipaddr)
|
||||
netmask=$(nvram get ${type}_netmask)
|
||||
gateway=$(nvram get ${type}_gateway)
|
||||
if_proto=$(nvram get ${type}_proto)
|
||||
case "$if_proto" in
|
||||
static)
|
||||
ip=$(nvram get ${type}_ipaddr)
|
||||
netmask=$(nvram get ${type}_netmask)
|
||||
gateway=$(nvram get ${type}_gateway)
|
||||
|
||||
$DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up
|
||||
${gateway:+$DEBUG route add default gw $gateway}
|
||||
$DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up
|
||||
${gateway:+$DEBUG route add default gw $gateway}
|
||||
|
||||
[ -f /etc/resolv.conf ] && return
|
||||
[ -f /etc/resolv.conf ] && return
|
||||
|
||||
debug "# --- creating /etc/resolv.conf ---"
|
||||
for dns in $(nvram get ${type}_dns); do {
|
||||
debug "# --- creating /etc/resolv.conf ---"
|
||||
for dns in $(nvram get ${type}_dns); do {
|
||||
echo "nameserver $dns" >> /etc/resolv.conf
|
||||
} done
|
||||
;;
|
||||
dhcp)
|
||||
ip=$(nvram get ${type}_ipaddr)
|
||||
pidfile=/tmp/dhcp-${type}.pid
|
||||
if [ -f $pidfile ]; then
|
||||
$DEBUG kill $(cat $pidfile)
|
||||
fi
|
||||
${DEBUG:-eval} "udhcpc -R -i $if ${ip:+-r $ip} -b -p $pidfile &"
|
||||
;;
|
||||
none|"")
|
||||
# pppoe is handled by /etc/init.d/S50pppoe
|
||||
;;
|
||||
*)
|
||||
echo "### ifup $type: ignored ${type}_proto=\"$if_proto\" (not supported)"
|
||||
;;
|
||||
esac
|
||||
} done
|
||||
;;
|
||||
dhcp)
|
||||
ip=$(nvram get ${type}_ipaddr)
|
||||
pidfile=/tmp/dhcp-${type}.pid
|
||||
if [ -f $pidfile ]; then
|
||||
$DEBUG kill $(cat $pidfile)
|
||||
fi
|
||||
${DEBUG:-eval} "udhcpc -R -i $if ${ip:+-r $ip} -b -p $pidfile &"
|
||||
;;
|
||||
none|"")
|
||||
;;
|
||||
*)
|
||||
[ -x "/sbin/ifup.${if_proto}" ] && { $DEBUG /sbin/ifup.${if_proto} $*; exit; }
|
||||
echo "### ifup $type: ignored ${type}_proto=\"$if_proto\" (not supported)"
|
||||
;;
|
||||
esac
|
||||
|
|
Loading…
Reference in New Issue