|
@@ -4,76 +4,113 @@ source /usr/sbin/helper.sh
|
|
|
|
|
|
DNSMASQ_CONF=/tmp/etc/dnsmasq.conf
|
|
|
|
|
|
-if [ `cat ${DNSMASQ_CONF} | grep -c "log-dhcp"` -eq 0 ]; then
|
|
|
- pc_append "log-dhcp" ${DNSMASQ_CONF}
|
|
|
-fi
|
|
|
|
|
|
cmd_log () {
|
|
|
logger "${2}[${1}] - ${3}"
|
|
|
}
|
|
|
|
|
|
cmd_run () {
|
|
|
- ERR=`${2}`
|
|
|
+ CMD=`${2}`
|
|
|
ERRCODE=$?
|
|
|
- cmd_log ${ERRCODE} "${1}" "${ERR}: ${2}"
|
|
|
+ cmd_log ${ERRCODE} "${1}" "${ERR}: ${2}, ${CMD}"
|
|
|
return ${ERRCODE}
|
|
|
}
|
|
|
|
|
|
iptable () {
|
|
|
- if [ `iptables -L ${2} -v | grep -c ""${3}.*${1}""` -eq 0 ]; then
|
|
|
- cmd_run "iptables" "iptables -I ${2} -i ${1} -j ${3}"
|
|
|
+
|
|
|
+ ARG="${1}"
|
|
|
+ if [ $# -gt 3 ]; then
|
|
|
+ ARG="${ARG} -d ${4}"
|
|
|
+ fi
|
|
|
+
|
|
|
+ cmd_run "iptable" "iptables -C ${2} -i ${ARG} -j ${3}"
|
|
|
+ if [ $? -eq 1 ]; then
|
|
|
+ cmd_run "iptable" "iptables -I ${2} -i ${ARG} -j ${3}"
|
|
|
else
|
|
|
- cmd_run "iptables" "iptables -D ${2} -i ${1} -j ${3}"
|
|
|
- iptable ${1} ${2} ${3}
|
|
|
+ cmd_run "iptable" "iptables -D ${2} -i ${ARG} -j ${3}"
|
|
|
+ #iptable ${1} ${2} ${3} ${4}
|
|
|
fi
|
|
|
}
|
|
|
|
|
|
ebtable () {
|
|
|
- CMD="-p ${2} -i ${1} -j ${3}"
|
|
|
+
|
|
|
+
|
|
|
+ CMD="-p ${2} -${4} ${1} -j ${3}"
|
|
|
+
|
|
|
if [ `ebtables -t broute -L | grep -ice "${CMD}"` -eq 0 ]; then
|
|
|
- cmd_run "ebtables" "ebtables -t broute -I BROUTING ${CMD}"
|
|
|
+ if [ $# -eq 1 ]; then
|
|
|
+ cmd_run "ebtable" "ebtables ${1}"
|
|
|
+ return $?
|
|
|
+ else
|
|
|
+ cmd_run "ebtable" "ebtables -t broute -I BROUTING ${CMD}"
|
|
|
+ fi
|
|
|
else
|
|
|
- cmd_run "ebtables" "ebtables -t broute -D BROUTING ${CMD}"
|
|
|
- ebtable ${1} ${2} ${3}
|
|
|
+ cmd_run "ebtable" "ebtables -t broute -D BROUTING ${CMD}"
|
|
|
+ if [ $# -eq 4 ]; then
|
|
|
+ ebtable ${1} ${2} ${3} ${4}
|
|
|
+ fi
|
|
|
fi
|
|
|
+ return $?
|
|
|
}
|
|
|
|
|
|
assign_ip () {
|
|
|
- IFACE=${1}
|
|
|
- IFACE_NWRK_ADDR=${2}
|
|
|
- IFACE_INET_ADDR=${3}
|
|
|
- IFACE_NETMASK=${4}
|
|
|
+ IFACE="${1}"
|
|
|
+ IFACE_INET_ADDR="${2}"
|
|
|
+
|
|
|
+ IFACE_NWRK_ADDR="${IFACE_INET_ADDR%.*}.0"
|
|
|
+ IFACE_MASK_ADDR="255.255.255.0"
|
|
|
|
|
|
- DHCP_START=${5}
|
|
|
- DHCP_END=${6}
|
|
|
+ DHCP_START="${IFACE_INET_ADDR%.*}.${3}"
|
|
|
+ DHCP_END="${IFACE_INET_ADDR%.*}.${4}"
|
|
|
|
|
|
- if [ `cat ${DNSMASQ_CONF} | grep -c ${IFACE}` -eq 0 ]; then
|
|
|
- logger "dnsmasq-dhcp: Configure ${IFACE} to have special DHCP"
|
|
|
- pc_append "interface=${IFACE}" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-range=${IFACE},${DHCP_START},${DHCP_END},${IFACE_NETMASK},24h" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-option=${IFACE},3,${IFACE_INET_ADDR}" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-option=${IFACE},6,8.8.8.8,8.8.4.4" ${DNSMASQ_CONF}
|
|
|
- pc_append "dhcp-option=${IFACE},252,\"\n\"" ${DNSMASQ_CONF}
|
|
|
- fi
|
|
|
+ LAN=$(ifconfig "br0" | sed -ne's/.*inet addr:\([^ ]*\).*$/\1/p')
|
|
|
+
|
|
|
+ echo "
|
|
|
+ IFACE: ${IFACE}
|
|
|
+ INET: ${IFACE_INET_ADDR}
|
|
|
+ NWRK: ${IFACE_NWRK_ADDR}
|
|
|
+ MASK: ${IFACE_MASK_ADDR}
|
|
|
+ DCHP
|
|
|
+ START: ${DHCP_START}
|
|
|
+ END: ${DHCP_END}
|
|
|
+ LAN: ${LAN}"
|
|
|
|
|
|
- cmd_run "ifconfig" "ifconfig ${IFACE} ${IFACE_INET_ADDR} netmask ${IFACE_NETMASK} up"
|
|
|
+ ifconfig "${IFACE}" > /dev/null 2>&1 || continue
|
|
|
|
|
|
- ebtable "${IFACE}" "ipv4" "DROP"
|
|
|
- ebtable "${IFACE}" "ipv6" "DROP"
|
|
|
- ebtable "${IFACE}" "arp" "DROP"
|
|
|
+ cmd_run "ifconfig" "ifconfig ${IFACE} ${IFACE_INET_ADDR} netmask ${IFACE_MASK_ADDR}"
|
|
|
|
|
|
+ ebtable "${IFACE}" "ipv4" "DROP" "i"
|
|
|
+ ebtable "${IFACE}" "ipv6" "DROP" "i"
|
|
|
+ ebtable "${IFACE}" "arp" "DROP" "i"
|
|
|
+
|
|
|
iptable "${IFACE}" "FORWARD" "ACCEPT"
|
|
|
iptable "${IFACE}" "INPUT" "ACCEPT"
|
|
|
+ iptable "${IFACE}" "FORWARD" "DROP" "${LAN}/24"
|
|
|
+ iptable "${IFACE}" "INPUT" "DROP" "${LAN}/24"
|
|
|
+
|
|
|
+ ebtable "-D FORWARD -i ${IFACE} -j DROP"
|
|
|
+ ebtable "-D FORWARD -o ${IFACE} -j DROP"
|
|
|
|
|
|
- #cmd_run "ip-route" "ip route flush cache"
|
|
|
+ if [ `cat ${DNSMASQ_CONF} | grep -c ${IFACE}` -eq 0 ]; then
|
|
|
+ logger "dnsmasq-dhcp: Configure ${IFACE} to have special DHCP"
|
|
|
+ pc_append "interface=${IFACE}" ${DNSMASQ_CONF}
|
|
|
+ pc_append "dhcp-range=${IFACE},${DHCP_START},${DHCP_END},${IFACE_MASK_ADDR},24h" ${DNSMASQ_CONF}
|
|
|
+ pc_append "dhcp-option=${IFACE},3,${IFACE_INET_ADDR}" ${DNSMASQ_CONF}
|
|
|
+ #pc_append "dhcp-option=${IFACE},6,8.8.8.8,8.8.4.4" ${DNSMASQ_CONF}
|
|
|
+ pc_append "dhcp-option=${IFACE},252,\"\n\"" ${DNSMASQ_CONF}
|
|
|
+ fi
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
killall dnsmasq
|
|
|
|
|
|
-assign_ip "wl0.1" "192.168.2.0" "192.168.2.1" "255.255.255.0" "192.168.2.128" "192.168.2.191" #/26
|
|
|
-assign_ip "wl0.2" "192.168.3.0" "192.168.3.1" "255.255.255.0" "192.168.3.128" "192.168.3.191" #/26
|
|
|
+if [ `cat ${DNSMASQ_CONF} | grep -c "log-dhcp"` -eq 0 ]; then
|
|
|
+ pc_append "log-dhcp" ${DNSMASQ_CONF}
|
|
|
+fi
|
|
|
+
|
|
|
+assign_ip "wl0.1" "192.168.2.1" "128" "191" #/26
|
|
|
+assign_ip "wl0.2" "192.168.3.1" "128" "191" #/26
|
|
|
|
|
|
cat ${DNSMASQ_CONF}
|
|
|
|