|
|
@@ -2,42 +2,23 @@
|
|
|
CONFIG=1
|
|
|
source /usr/sbin/helper.sh
|
|
|
|
|
|
-DNSMASQ_CONF=/etc/dnsmasq.conf
|
|
|
+DNSMASQ_CONF=/tmp/etc/dnsmasq.conf
|
|
|
|
|
|
if [ `cat ${DNSMASQ_CONF} | grep -c "log-dhcp"` -eq 0 ]; then
|
|
|
- echo "log-dhcp" >> ${DNSMASQ_CONF}
|
|
|
+ pc_append "log-dhcp" ${DNSMASQ_CONF}
|
|
|
fi
|
|
|
|
|
|
-#$(logger "")
|
|
|
-#if [ $? -ne 0 ]; then
|
|
|
-# logger () {
|
|
|
-# echo "${1}"
|
|
|
-# }
|
|
|
-#fi
|
|
|
-
|
|
|
-log_err () {
|
|
|
- #if [ ${1} -ne 0 ]; then
|
|
|
+cmd_log () {
|
|
|
logger "${2}[${1}] - ${3}"
|
|
|
- #fi
|
|
|
}
|
|
|
|
|
|
cmd_run () {
|
|
|
ERR=`${2}`
|
|
|
ERRCODE=$?
|
|
|
- log_err ${ERRCODE} "${1}" "${ERR}: ${2}"
|
|
|
+ cmd_log ${ERRCODE} "${1}" "${ERR}: ${2}"
|
|
|
return ${ERRCODE}
|
|
|
}
|
|
|
|
|
|
-ebt_rule () {
|
|
|
- FLAG=${1}
|
|
|
- RULE=${2}
|
|
|
-
|
|
|
- #if [ -n "${RULE}" ] && [ `ebtables -t broute -L | grep -ice "${RULE}"` -ne 1 ]; then
|
|
|
- cmd_run "ebtables" "ebtables -t broute ${FLAG} BROUTING ${RULE}"
|
|
|
- #fi
|
|
|
-}
|
|
|
-
|
|
|
-
|
|
|
assign_ip () {
|
|
|
IFACE=${1}
|
|
|
IFACE_NWRK_ADDR=${2}
|
|
|
@@ -47,47 +28,42 @@ assign_ip () {
|
|
|
DHCP_START=${5}
|
|
|
DHCP_END=${6}
|
|
|
|
|
|
- if [ `cat ${DNSMASQ_CONF} | grep -c ${IFACE}` -eq 0 ]; then
|
|
|
- killall dnsmasq
|
|
|
- logger "dnsmasq-dhcp: Configure ${IFACE} to have special DHCP"
|
|
|
- pc_append "interface=${IFACE}" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-range=${IFACE},${DHCP_START},${DHCP_END},${IFACE_NETMASK},86400s" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-option=${IFACE},3,${IFACE_INET_ADDR}" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-option=${IFACE},6,8.8.8.8,8.8.4.4" ${DNSMASQ_CONF}
|
|
|
- sleep 1
|
|
|
- #service restart_dnsmasq
|
|
|
- dnsmasq --log-async
|
|
|
- else
|
|
|
- _quote "dhcp-range=${IFACE}"
|
|
|
- pc_append "dhcp-range=${IFACE},[a-z0-9]+" "dhcp-range=${IFACE},${DHCP_START},${DHCP_END},${IFACE_NETMASK},86400s" ${DNSMASQ_CONF}
|
|
|
- fi
|
|
|
-
|
|
|
cmd_run "ifconfig" "ifconfig ${IFACE} ${IFACE_INET_ADDR} netmask ${IFACE_NETMASK}"
|
|
|
- #ip route show table main | grep -Ev ^default | while read ROUTE; do
|
|
|
- # if [ `ip route show table 10 | grep -c "${ROUTE}"` -eq 0 ]; then
|
|
|
- # cmd_run "ip-route" "ip route add table 10 ${ROUTE}"
|
|
|
- # fi
|
|
|
- #done
|
|
|
|
|
|
- #cmd_run "ip-rule" "ip rule add dev ${IFACE} table 10"
|
|
|
+ if [ `iptables -L -v | grep -c ${IFACE}` -eq 0 ]; then
|
|
|
+ cmd_run "iptables" "iptables -I INPUT -i ${IFACE} -j ACCEPT"
|
|
|
+ cmd_run "iptables" "iptables -I FORWARD -i ${IFACE} -m state --state NEW -j ACCEPT"
|
|
|
+ cmd_run "iptables" "iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu"
|
|
|
+ fi
|
|
|
|
|
|
- #sleep 1
|
|
|
+ if [ `ebtables -t broute -L | grep -ice "-p ipv4 -i ${IFACE} -j DROP"` -eq 0 ]; then
|
|
|
+ cmd_run "ebtables" "ebtables -t broute -I BROUTING -p ipv4 -i ${IFACE} -j ACCEPT"
|
|
|
+ fi
|
|
|
|
|
|
- #if [ `iptables -L -v | grep -c ${IFACE}` -eq 0 ]; then
|
|
|
- #cmd_run "iptables" "iptables -D INPUT -i ${IFACE} -j ACCEPT"
|
|
|
- #cmd_run "iptables" "iptables -I INPUT -i ${IFACE} -j ACCEPT"
|
|
|
+ #if [ `ebtables -t broute -L | grep -ice "-p arp -i ${IFACE} - DROP"` -eq 0 ]; then
|
|
|
+ # cmd_run "ebtables" "ebtables -t broute -I BROUTING -p arp -i ${IFACE} -j DROP"
|
|
|
#fi
|
|
|
|
|
|
- #ebt_rule "-D" "-p ipv4 -i ${IFACE} -j DROP"
|
|
|
- #ebt_rule "-I" "-p ipv4 -i ${IFACE} -j DROP"
|
|
|
- #ebt_rule "-D" "-p arp -i ${IFACE} -j DROP"
|
|
|
- #ebt_rule "-I" "-p arp -i ${IFACE} -j DROP"
|
|
|
+ if [ `cat ${DNSMASQ_CONF} | grep -c ${IFACE}` -eq 0 ]; then
|
|
|
+ logger "dnsmasq-dhcp: Configure ${IFACE} to have special DHCP"
|
|
|
+ pc_append "interface=${IFACE}" ${DNSMASQ_CONF}
|
|
|
+ pc_append "dhcp-range=${IFACE},${DHCP_START},${DHCP_END},${IFACE_NETMASK},24h" ${DNSMASQ_CONF}
|
|
|
+ pc_append "dhcp-option=${IFACE},3,${IFACE_INET_ADDR}" ${DNSMASQ_CONF}
|
|
|
+ pc_append "dhcp-option=${IFACE},6,192.168.1.1" ${DNSMASQ_CONF}
|
|
|
+ fi
|
|
|
|
|
|
cmd_run "ip-route" "ip route flush cache"
|
|
|
|
|
|
}
|
|
|
|
|
|
-assign_ip "vlan1" "192.168.1.0" "192.168.1.1" "255.255.255.0" "192.168.1.1" "192.168.1.127" #/25
|
|
|
-assign_ip "wl0.1" "192.168.1.0" "192.168.1.1" "255.255.255.0" "192.168.1.128" "192.168.1.159" #/27
|
|
|
-assign_ip "wl1.1" "192.168.1.0" "192.168.1.1" "255.255.255.0" "192.168.1.128" "192.168.1.159" #/27
|
|
|
-assign_ip "wl2.1" "192.168.1.0" "192.168.1.1" "255.255.255.0" "192.168.1.128" "192.168.1.159" #/27
|
|
|
+
|
|
|
+killall dnsmasq
|
|
|
+#assign_ip "vlan1" "192.168.1.0" "192.168.1.1" "255.255.255.0" "192.168.1.1" "192.168.1.127" #/25
|
|
|
+assign_ip "wl0.1" "192.168.2.0" "192.168.2.1" "255.255.255.0" "192.168.2.1" "192.168.2.128" #/25
|
|
|
+assign_ip "wl1.1" "192.168.2.0" "192.168.2.1" "255.255.255.0" "192.168.2.1" "192.168.2.128" #/25
|
|
|
+assign_ip "wl2.1" "192.168.2.0" "192.168.2.1" "255.255.255.0" "192.168.2.1" "192.168.2.128" #/25
|
|
|
+assign_ip "wl0.2" "192.168.2.0" "192.168.2.1" "255.255.255.0" "192.168.2.129" "192.168.2.255" #/25
|
|
|
+
|
|
|
+cat ${DNSMASQ_CONF}
|
|
|
+
|
|
|
+dnsmasq --log-async
|
