summaryrefslogtreecommitdiffstats
path: root/openwrt/package/base-files/default
diff options
context:
space:
mode:
Diffstat (limited to 'openwrt/package/base-files/default')
-rwxr-xr-xopenwrt/package/base-files/default/bin/firstboot134
-rwxr-xr-xopenwrt/package/base-files/default/bin/ipcalc32
-rwxr-xr-xopenwrt/package/base-files/default/bin/login12
-rwxr-xr-xopenwrt/package/base-files/default/etc/firewall.user29
-rwxr-xr-xopenwrt/package/base-files/default/etc/functions.sh26
-rw-r--r--openwrt/package/base-files/default/etc/hotplug.d/net/10-net85
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S10boot9
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S40network16
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S45firewall96
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S50telnet2
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S60cron8
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S98done9
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/S99done4
-rwxr-xr-xopenwrt/package/base-files/default/etc/init.d/rcS10
-rw-r--r--openwrt/package/base-files/default/etc/inittab1
-rwxr-xr-xopenwrt/package/base-files/default/etc/preinit23
-rwxr-xr-xopenwrt/package/base-files/default/sbin/halt3
-rwxr-xr-xopenwrt/package/base-files/default/sbin/hotplug10
-rwxr-xr-xopenwrt/package/base-files/default/sbin/ifdown16
-rwxr-xr-xopenwrt/package/base-files/default/sbin/ifup22
-rwxr-xr-xopenwrt/package/base-files/default/sbin/mount_root40
-rw-r--r--openwrt/package/base-files/default/usr/lib/common.awk66
-rw-r--r--openwrt/package/base-files/default/usr/lib/parse-config.awk40
-rwxr-xr-xopenwrt/package/base-files/default/usr/share/udhcpc/default.script37
24 files changed, 343 insertions, 387 deletions
diff --git a/openwrt/package/base-files/default/bin/firstboot b/openwrt/package/base-files/default/bin/firstboot
index eff7063b1..1d9b658b6 100755
--- a/openwrt/package/base-files/default/bin/firstboot
+++ b/openwrt/package/base-files/default/bin/firstboot
@@ -1,62 +1,88 @@
#!/bin/sh
# $Id$
-mount | grep squashfs >&- || {
- echo "You do not have a squashfs partition; aborting"
- echo "(firstboot cannot be run on jffs2 based firmwares)"
- return
+rom=$(awk '/squashfs/ {print $2}' /proc/mounts)
+jffs=$(awk '/jffs2/ {print $2}' /proc/mounts)
+
+dupe() { # <new_root> <old_root>
+ cd $1
+ echo -n "creating directories... "
+ {
+ cd $2
+ find . -xdev -type d
+ echo "./dev ./jffs ./mnt ./proc ./tmp ./sys"
+ # xdev skips mounted directories
+ cd $1
+ } | xargs mkdir -p
+ echo "done"
+
+ echo -n "setting up symlinks... "
+ for file in $(cd $2; find . -xdev -type f;); do
+ case "$file" in
+ "./rom/note") ;; #nothing
+ "./etc/config"|\
+ "./etc/resolv.conf"|\
+ "./usr/lib/ipkg/info") cp -af $2/$file $file;;
+ *) ln -sf /rom/${file#./*} $file;;
+ esac
+ done
+ for file in $(cd $2; find . -xdev -type l;); do
+ cp -af $2/${file#./*} $file
+ done
+ echo "done"
}
-[ -f "/tmp/.firstboot" ] && {
- echo "firstboot is already running"
- return
+pivot() { # <new_root> <old_root>
+ mount -o move /proc $1/proc && \
+ pivot_root $1 $1$2 && {
+ mount -o move $2/dev /dev
+ mount -o move $2/tmp /tmp
+ }
}
-touch /tmp/.firstboot
-jdev=$(mount | awk '/jffs2/ {print $3}')
+mountdp() { # <device> <mount_point> <ignored> <fs>
+ dev=$1; mnt=$2; shift 2; opt=$*
+ mount $dev $mnt $opt
+ dupe $mnt $rom
+ pivot $mnt /rom
+}
-if [ -z "$jdev" ]; then
- echo -n "Creating jffs2 partition... "
- mtd erase OpenWrt >&- 2>&-
- mount -t jffs2 /dev/mtdblock/4 /jffs
- echo "done"
- cd /jffs
-else
- echo "firstboot has already been run"
- echo "jffs2 partition is mounted, only resetting files"
- cd $jdev
-fi
-
-exec 2>/dev/null
-
-mount /dev/mtdblock/2 /rom -o ro
-
-echo -n "creating directories... "
-{
- cd /rom
- find . -type d
- cd -
-} | xargs mkdir
-echo "done"
-
-echo -n "setting up symlinks... "
-for file in $(cd /rom; find * -type f; find * -type l;)
-do {
- case "${file%/*}" in
- "usr/lib/ipkg/info"|"etc/config") cp -f /rom/$file $file;;
- *) ln -sf /rom/$file $file;;
- esac
-} done
-echo "done"
-
-touch /tmp/resolv.conf
-ln -s /tmp/resolv.conf /etc/resolv.conf
-
-umount /rom
-mount none /jffs/proc -t proc
-pivot_root /jffs /jffs/rom
-mount none /dev -t devfs
-mount none /tmp -t ramfs
-umount /rom/proc
-umount /rom/tmp
-umount /rom/dev
+ramoverlay() {
+ mkdir -p /tmp/root
+ mountdp /tmp/root /mnt -o bind
+}
+
+[ "${0##*/}" = "firstboot" ] && {
+ [ -z "$rom" ] && {
+ echo "You do not have a squashfs partition; aborting"
+ echo "(firstboot cannot be run on jffs2 based firmwares)"
+ exit 1
+ }
+
+ [ "$1" = "switch2jffs" ] && {
+ mtd erase OpenWrt
+ mount -o remount,ro none / # try to avoid fs changing while copying
+ mount -o bind / /mnt
+ mount /dev/mtdblock/4 /rom/jffs -t jffs2
+ echo -n "copying files ... "
+ cp -a /mnt/* /rom/jffs
+ umount /mnt
+ echo "done"
+ pivot /rom /mnt
+ mount -o move /mnt /tmp/root
+ pivot /jffs /rom
+ jffs2root --clean
+ exit 0
+ }
+
+ # script run manually
+ [ \! -z "$jffs" ] && {
+ echo "firstboot has already been run"
+ echo "jffs2 partition is mounted, only resetting files"
+ dupe $jffs $rom
+ exit 0
+ }
+
+ mtd erase OpenWrt
+ mountdp /dev/mtdblock/4 /jffs -t jffs2
+}
diff --git a/openwrt/package/base-files/default/bin/ipcalc b/openwrt/package/base-files/default/bin/ipcalc
new file mode 100755
index 000000000..318980e5a
--- /dev/null
+++ b/openwrt/package/base-files/default/bin/ipcalc
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+awk -f /usr/lib/common.awk -f - $* <<EOF
+BEGIN {
+ ipaddr=ip2int(ARGV[1])
+ netmask=ip2int(ARGV[2])
+ network=and(ipaddr,netmask)
+ broadcast=or(network,compl(netmask))
+
+ start=or(network,and(ip2int(ARGV[3]),compl(netmask)))
+ limit=network+1
+ if (start<limit) start=limit
+
+ end=start+ARGV[4]
+ limit=or(network,compl(netmask))-1
+ if (end>limit) end=limit
+
+ print "IP="int2ip(ipaddr)
+ print "NETMASK="int2ip(netmask)
+ print "BROADCAST="int2ip(broadcast)
+ print "NETWORK="int2ip(network)
+ print "PREFIX="32-bitcount(compl(netmask))
+
+ # range calculations:
+ # ipcalc <ip> <netmask> <start> <num>
+
+ if (ARGC > 3) {
+ print "START="int2ip(start)
+ print "END="int2ip(end)
+ }
+}
+EOF
diff --git a/openwrt/package/base-files/default/bin/login b/openwrt/package/base-files/default/bin/login
index bb065e54a..8f9281726 100755
--- a/openwrt/package/base-files/default/bin/login
+++ b/openwrt/package/base-files/default/bin/login
@@ -1,20 +1,16 @@
#!/bin/sh
-. /etc/sysconf 2>&-
-
-[ "$FAILSAFE" != "true" ] &&
-[ "$BR2_SYSCONF_TELNET_FAILSAFE_ONLY" = "y" ] &&
+grep '^root:[^!]' /etc/passwd >&- 2>&-
+[ "$?" = "0" -a -z "$FAILSAFE" ] &&
{
- grep '^root:[^!]' /etc/passwd >&- 2>&- &&
- {
echo "Login failed."
exit 0
- } || {
+} || {
cat << EOF
=== IMPORTANT ============================
Use 'passwd' to set your login password
this will disable telnet and enable SSH
------------------------------------------
EOF
- }
}
+
exec /bin/ash --login
diff --git a/openwrt/package/base-files/default/etc/firewall.user b/openwrt/package/base-files/default/etc/firewall.user
deleted file mode 100755
index 5774f0c64..000000000
--- a/openwrt/package/base-files/default/etc/firewall.user
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-. /etc/functions.sh
-. /etc/network.overrides
-[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network
-
-WAN=$(nvram get wan_ifname)
-LAN=$(nvram get lan_ifname)
-
-iptables -F input_rule
-iptables -F output_rule
-iptables -F forwarding_rule
-iptables -t nat -F prerouting_rule
-iptables -t nat -F postrouting_rule
-
-### BIG FAT DISCLAIMER
-### The "-i $WAN" literally means packets that came in over the $WAN interface;
-### this WILL NOT MATCH packets sent from the LAN to the WAN address.
-
-### Allow SSH on the WAN interface
-# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT
-# iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT
-
-### Port forwarding
-# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j DNAT --to 192.168.1.2
-# iptables -A forwarding_rule -i $WAN -p tcp --dport 22 -d 192.168.1.2 -j ACCEPT
-
-### DMZ (should be placed after port forwarding / accept rules)
-# iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2
-# iptables -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT
diff --git a/openwrt/package/base-files/default/etc/functions.sh b/openwrt/package/base-files/default/etc/functions.sh
index e7126473f..526ca52dd 100755
--- a/openwrt/package/base-files/default/etc/functions.sh
+++ b/openwrt/package/base-files/default/etc/functions.sh
@@ -1,6 +1,4 @@
#!/bin/sh
-. /etc/nvram.sh
-
alias debug=${DEBUG:-:}
# valid interface?
@@ -13,27 +11,3 @@ if_valid () (
hotplug_dev() {
env -i ACTION=$1 INTERFACE=$2 /sbin/hotplug net
}
-
-bitcount () {
- local c=$1
- echo $((
- c=((c>> 1)&0x55555555)+(c&0x55555555),
- c=((c>> 2)&0x33333333)+(c&0x33333333),
- c=((c>> 4)&0x0f0f0f0f)+(c&0x0f0f0f0f),
- c=((c>> 8)&0x00ff00ff)+(c&0x00ff00ff),
- c=((c>>16)&0x0000ffff)+(c&0x0000ffff)
- ))
-}
-
-valid_netmask () {
- return $((-($1)&~$1))
-}
-
-ip2int () (
- set $(echo $1 | tr '\.' ' ')
- echo $(($1<<24|$2<<16|$3<<8|$4))
-)
-
-int2ip () {
- echo $(($1>>24&255)).$(($1>>16&255)).$(($1>>8&255)).$(($1&255))
-}
diff --git a/openwrt/package/base-files/default/etc/hotplug.d/net/10-net b/openwrt/package/base-files/default/etc/hotplug.d/net/10-net
index 0f384ec46..4bb69378f 100644
--- a/openwrt/package/base-files/default/etc/hotplug.d/net/10-net
+++ b/openwrt/package/base-files/default/etc/hotplug.d/net/10-net
@@ -1,32 +1,28 @@
#!/bin/sh
-setup_eth()
-{
- for part in $(nvram get unused_ifnames); do
- [ "$part" = "$INTERFACE" ] && exit 0
- done
- ifconfig "$INTERFACE" up 2>&- >&-
-}
-
find_name()
{
- pppoa_ifname="atm0" # hack for ppp over atm, which has no ${proto}_ifname
- interfaces="lan wan wifi $(nvram get ifnames)"
- for ifname in $interfaces; do
+ for ifname in lan wan wifi ${ifnames}; do
IFTYPE="${ifname}"
- IFPROTO="$(nvram get ${IFTYPE}_proto)"
- IFACE="$(nvram get ${IFTYPE}_ifname)"
+ eval "IFPROTO=\"\${${IFTYPE}_proto}\""
+ eval "IFACE=\"\${${IFTYPE}_ifname}\""
case "$IFPROTO" in
""|none);;
static|dhcp)
[ "${IFACE}" = "$INTERFACE" ] && return 0
[ "${IFACE%%[0-9]*}" = "br" ] && {
- for part in $(nvram get ${IFTYPE}_ifnames); do
+ eval "ifs=\"\${${IFTYPE}_ifnames}\""
+ for part in $ifs; do
[ "$part" = "$INTERFACE" ] && return 0
done
}
;;
+ pppoa)
+ [ "$INTERFACE" = "atm0" \
+ -a -x /sbin/ifup.${IFPROTO} ] && return 0
+ ;;
*)
- [ "$(nvram get ${IFTYPE}_device)" = "$INTERFACE" \
+ eval "device=\"\${${IFTYPE}_device}\""
+ [ "$device" = "$INTERFACE" \
-a -x /sbin/ifup.${IFPROTO} ] && return 0
;;
esac
@@ -39,17 +35,18 @@ find_name()
do_ifup() {
if="$3"
- if_proto="$(nvram get ${2}_proto)"
+ eval "if_proto=\"\${${2}_proto}\""
pidfile=/var/run/${if}.pid
[ -f $pidfile ] && $DEBUG kill $(cat $pidfile)
case "$1" in
static)
- ip=$(nvram get ${2}_ipaddr)
- ip6=$(nvram get ${2}_ip6addr)
- netmask=$(nvram get ${2}_netmask)
- gateway=$(nvram get ${2}_gateway)
+ eval "ip=\"\${${2}_ipaddr}\""
+ eval "ip6=\"\${${2}_ip6addr}\""
+ eval "netmask=\"\${${2}_netmask}\""
+ eval "gateway=\"\${${2}_gateway}\""
+ eval "dns=\"\${${2}_dns}\""
$DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up
[ -n "$ip6" ] && $DEBUG ifconfig $if add $ip6
@@ -58,24 +55,25 @@ do_ifup() {
[ -f /tmp/resolv.conf ] || {
debug "# --- creating /tmp/resolv.conf ---"
- for dns in $(nvram get ${2}_dns); do
- echo "nameserver $dns" >> /tmp/resolv.conf
+ for ns in $dns; do
+ echo "nameserver $ns" >> /tmp/resolv.conf
done
}
env -i ACTION="ifup" INTERFACE="${2}" PROTO=static /sbin/hotplug "iface" &
;;
dhcp)
- DHCP_IP=$(nvram get ${2}_ipaddr)
- DHCP_NETMASK=$(nvram get ${2}_netmask)
+ eval "ip=\"\${${2}_ipaddr}\""
+ eval "netmask=\"\${${2}_netmask}\""
+ eval "hostname=\"\${${2}_hostname}\""
+
$DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up
- DHCP_ARGS="-i $if ${DHCP_IP:+-r $DHCP_IP} -b -p $pidfile"
- DHCP_HOSTNAME=$(nvram get ${2}_hostname)
- DHCP_HOSTNAME=${DHCP_HOSTNAME%%.*}
- [ -z $DHCP_HOSTNAME ] || DHCP_ARGS="$DHCP_ARGS -H $DHCP_HOSTNAME"
- [ "$if_proto" = "pptp" ] && DHCP_ARGS="$DHCP_ARGS -n -q" || DHCP_ARGS="$DHCP_ARGS -R &"
- ${DEBUG:-eval} "udhcpc $DHCP_ARGS"
+ args="-i $if ${ip:+-r $ip} -b -p $pidfile"
+ hostname="${hostname%%.*}"
+ args="$args${hostname:+ -H $hostname}"
+ [ "$if_proto" = "pptp" ] && args="$args -n -q" || args="$args -R &"
+ ${DEBUG:-eval} "udhcpc $args"
# hotplug events are handled by /usr/share/udhcpc/default.script
;;
*)
@@ -88,25 +86,23 @@ do_ifup() {
do_register()
{
- case "${INTERFACE%%[0-9]*}" in
- eth) setup_eth;;
- esac
-
[ -z "$IFTYPE" -o -z "$IFPROTO" ] && {
find_name || {
case "${INTERFACE%%[0-9]*}" in
wds)
- for tmp in lan wifi; do
- [ -z "$IFPROTO" ] && [ "$(nvram get ${tmp}_ifname)" = "br0" ] && {
- IFPROTO="$(nvram get ${tmp}_proto)"
+ for ifname in lan wifi; do
+ eval "if=\"\${${ifname}_ifname}\""
+ [ -z "$IFPROTO" ] && [ "$if" = "br0" ] && {
+ eval "IFPROTO=\"\${${2}_proto}\""
IFTYPE="${tmp}"
}
done
[ -z "$IFPROTO" ] && return 0
;;
atm)
- for tmp in lan wan wifi $(nvram get ifnames); do
- [ "$(nvram get ${tmp}_proto)" = "pppoa" ] && {
+ for tmp in lan wan wifi ${ifnames}; do
+ eval "if_proto=\"\${${2}_proto}\""
+ [ "$if_proto" = "pppoa" ] && {
do_ifup "pppoa" "$tmp" "$INTERFACE"
return 0
}
@@ -122,16 +118,16 @@ do_register()
case "${INTERFACE%%[0-9]*}" in
ppp|atm);;
*)
- mac=$(nvram get ${IFTYPE}_hwaddr)
+ eval "mac=\"\${${IFTYPE}_hwaddr}\""
${mac:+$DEBUG ifconfig $INTERFACE down hw ether $mac}
;;
esac
- if="$(nvram get ${IFTYPE}_ifname)"
+ eval "if=\"\${${IFTYPE}_ifname}\""
if [ "${if%%[0-9]}" = "br" ]; then
if_valid "$INTERFACE" && {
ifconfig "$if" 2>&- >&- || {
- stp=$(nvram get ${IFTYPE}_stp)
+ eval "stp=\"\${${IFTYPE}_stp}\""
$DEBUG brctl addbr "$if"
$DEBUG brctl setfd "$if" 0
$DEBUG brctl stp "$if" "${stp:-0}"
@@ -151,8 +147,9 @@ do_register()
}
do_unregister() {
- [ -z "$IFTYPE" -o -z "$IFPROTO" ] && find_name
- [ -z "$IFTYPE" -o -z "$IFPROTO" ] && return 0
+ [ -z "$IFTYPE" -o -z "$IFPROTO" ] && {
+ find_name || return 0
+ }
[ "${IFACE%%[0-9]*}" = "br" ] && {
if [ "$INTERFACE" != "$IFACE" ]; then
diff --git a/openwrt/package/base-files/default/etc/init.d/S10boot b/openwrt/package/base-files/default/etc/init.d/S10boot
index 02fddee7b..0cc519d8e 100755
--- a/openwrt/package/base-files/default/etc/init.d/S10boot
+++ b/openwrt/package/base-files/default/etc/init.d/S10boot
@@ -1,14 +1,9 @@
#!/bin/sh
-. /etc/nvram.sh
-
-[ "$(uname -r|grep -c 2.4)" = "1" ] && {
- echo "S" > /proc/jffs2_bbc
-}
+[ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc
vconfig set_name_type VLAN_PLUS_VID_NO_PAD
-HOSTNAME=$(nvram get wan_hostname)
-HOSTNAME=${HOSTNAME%%.*}
+HOSTNAME=${wan_hostname%%.*}
echo ${HOSTNAME:=OpenWrt}>/proc/sys/kernel/hostname
mkdir -p /var/run
diff --git a/openwrt/package/base-files/default/etc/init.d/S40network b/openwrt/package/base-files/default/etc/init.d/S40network
deleted file mode 100755
index 168fd2979..000000000
--- a/openwrt/package/base-files/default/etc/init.d/S40network
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-. /etc/functions.sh
-[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network
-case "$1" in
- start|restart)
-# ifup lan
-# ifup wan
-# ifup wifi
-# wifi up
-
- for route in $(nvram get static_route); do {
- eval "set $(echo $route | sed 's/:/ /g')"
- $DEBUG route add -net $1 netmask $2 gw $3 metric $4 dev $5
- } done
- ;;
-esac
diff --git a/openwrt/package/base-files/default/etc/init.d/S45firewall b/openwrt/package/base-files/default/etc/init.d/S45firewall
deleted file mode 100755
index 8c67d82b1..000000000
--- a/openwrt/package/base-files/default/etc/init.d/S45firewall
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/bin/sh
-
-## Please make changes in /etc/firewall.user
-${FAILSAFE:+exit}
-
-. /etc/functions.sh
-. /etc/network.overrides
-[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network
-
-WAN=$(nvram get wan_ifname)
-LAN=$(nvram get lan_ifname)
-
-## CLEAR TABLES
-for T in filter nat; do
- iptables -t $T -F
- iptables -t $T -X
-done
-
-iptables -N input_rule
-iptables -N output_rule
-iptables -N forwarding_rule
-
-iptables -t nat -N prerouting_rule
-iptables -t nat -N postrouting_rule
-
-### INPUT
-### (connections with the router as destination)
-
- # base case
- iptables -P INPUT DROP
- iptables -A INPUT -m state --state INVALID -j DROP
- iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j DROP
-
- #
- # insert accept rule or to jump to new accept-check table here
- #
- iptables -A INPUT -j input_rule
-
- # allow
- iptables -A INPUT ${WAN:+-i \! $WAN} -j ACCEPT # allow from lan/wifi interfaces
- iptables -A INPUT -p icmp -j ACCEPT # allow ICMP
- iptables -A INPUT -p gre -j ACCEPT # allow GRE
-
- # reject (what to do with anything not allowed earlier)
- iptables -A INPUT -p tcp -j REJECT --reject-with tcp-reset
- iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
-
-### OUTPUT
-### (connections with the router as source)
-
- # base case
- iptables -P OUTPUT DROP
- iptables -A OUTPUT -m state --state INVALID -j DROP
- iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-
- #
- # insert accept rule or to jump to new accept-check table here
- #
- iptables -A OUTPUT -j output_rule
-
- # allow
- iptables -A OUTPUT -j ACCEPT #allow everything out
-
- # reject (what to do with anything not allowed earlier)
- iptables -A OUTPUT -p tcp -j REJECT --reject-with tcp-reset
- iptables -A OUTPUT -j REJECT --reject-with icmp-port-unreachable
-
-### FORWARDING
-### (connections routed through the router)
-
- # base case
- iptables -P FORWARD DROP
- iptables -A FORWARD -m state --state INVALID -j DROP
- iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-
- #
- # insert accept rule or to jump to new accept-check table here
- #
- iptables -A FORWARD -j forwarding_rule
-
- # allow
- iptables -A FORWARD -i br0 -o br0 -j ACCEPT
- [ -z "$WAN" ] || iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
-
- # reject (what to do with anything not allowed earlier)
- # uses the default -P DROP
-
-### MASQ
- iptables -t nat -A PREROUTING -j prerouting_rule
- iptables -t nat -A POSTROUTING -j postrouting_rule
- [ -z "$WAN" ] || iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE
-
-## USER RULES
-[ -f /etc/firewall.user ] && . /etc/firewall.user
diff --git a/openwrt/package/base-files/default/etc/init.d/S50telnet b/openwrt/package/base-files/default/etc/init.d/S50telnet
index ff5659ed4..fb9687c8a 100755
--- a/openwrt/package/base-files/default/etc/init.d/S50telnet
+++ b/openwrt/package/base-files/default/etc/init.d/S50telnet
@@ -1,2 +1,2 @@
#!/bin/sh
-if awk -F: '/^root:/ && $2 !~ /\!/ {exit 1}' /etc/passwd 2>/dev/null || test $FAILSAFE; then telnetd -l /bin/login; fi
+if awk -F: '/^root:/ && $2 !~ /\!/ {exit 1}' /etc/passwd 2>/dev/null; then telnetd -l /bin/login; fi
diff --git a/openwrt/package/base-files/default/etc/init.d/S60cron b/openwrt/package/base-files/default/etc/init.d/S60cron
index 6069b8177..175273426 100755
--- a/openwrt/package/base-files/default/etc/init.d/S60cron
+++ b/openwrt/package/base-files/default/etc/init.d/S60cron
@@ -1,6 +1,4 @@
#!/bin/sh
-[ -d /etc/crontabs ] || mkdir -p /etc/crontabs
-[ -e /var/spool/cron/crontabs ] || {
- mkdir -p /var/spool/cron
- ln -s /etc/crontabs /var/spool/cron/crontabs
-} && crond -c /etc/crontabs
+mkdir -p /var/spool/cron
+ln -s /etc/crontabs /var/spool/cron/crontabs
+crond -c /etc/crontabs
diff --git a/openwrt/package/base-files/default/etc/init.d/S98done b/openwrt/package/base-files/default/etc/init.d/S98done
new file mode 100755
index 000000000..5d5ab49ce
--- /dev/null
+++ b/openwrt/package/base-files/default/etc/init.d/S98done
@@ -0,0 +1,9 @@
+#!/bin/sh
+sysctl -p >&-
+
+# automagically run firstboot
+{ mount|grep "on / type tmpfs" 1>&-; } && {
+ lock /tmp/.switch2jffs
+ firstboot switch2jffs
+ lock -u /tmp/.switch2jffs
+}
diff --git a/openwrt/package/base-files/default/etc/init.d/S99done b/openwrt/package/base-files/default/etc/init.d/S99done
deleted file mode 100755
index a260ac3d6..000000000
--- a/openwrt/package/base-files/default/etc/init.d/S99done
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-# set leds to normal state
-[ -f /proc/sys/diag ] && echo "0x00" > /proc/sys/diag
-sysctl -p >&-
diff --git a/openwrt/package/base-files/default/etc/init.d/rcS b/openwrt/package/base-files/default/etc/init.d/rcS
index 10079c593..b38e44978 100755
--- a/openwrt/package/base-files/default/etc/init.d/rcS
+++ b/openwrt/package/base-files/default/etc/init.d/rcS
@@ -1,8 +1,10 @@
#!/bin/sh
-. /etc/nvram.sh
-syslog_ip=$(nvram get log_ipaddr)
-ipcalc -s "$syslog_ip" || syslog_ip=""
-syslogd -C 16 ${syslog_ip:+-L -R $syslog_ip}
+${FAILSAFE:+exit}
+
+[ -f /etc/config/network ] && . /etc/config/network
+eval $(ipcalc "$log_ipaddr")
+[ "$log_ipaddr" = "$IP" ] || log_ipaddr=""
+syslogd -C 16 ${log_ipaddr:+-L -R $log_ipaddr}
klogd
#${FAILSAFE:+telnetd -l /bin/login; ifup lan; exit}
for i in /etc/init.d/S*; do
diff --git a/openwrt/package/base-files/default/etc/inittab b/openwrt/package/base-files/default/etc/inittab
index 5916311e1..39e134cb1 100644
--- a/openwrt/package/base-files/default/etc/inittab
+++ b/openwrt/package/base-files/default/etc/inittab
@@ -1,4 +1,3 @@
::sysinit:/etc/init.d/rcS
-::shutdown:/sbin/halt
tts/0::askfirst:/bin/ash --login
#tts/1::askfirst:/bin/ash --login
diff --git a/openwrt/package/base-files/default/etc/preinit b/openwrt/package/base-files/default/etc/preinit
index ac9039ca7..5b676ca3a 100755
--- a/openwrt/package/base-files/default/etc/preinit
+++ b/openwrt/package/base-files/default/etc/preinit
@@ -1,24 +1,11 @@
#!/bin/sh
-. /etc/nvram.sh
export PATH=/bin:/sbin:/usr/bin:/usr/sbin
mount none /proc -t proc
-insmod diag
-[ -f /proc/sys/diag ] && echo 0x01 > /proc/sys/diag
-sleep 1
-if [ -f /proc/sys/reset ] && [ $(cat /proc/sys/reset) = 1 -o "$(nvram get failsafe)" = 1 ]; then
- export FAILSAFE=true
- [ -x /usr/sbin/nvram -a "$(nvram get boot_wait)" != "on" ] && {
- nvram set boot_wait=on
- nvram commit
- }
- while :; do { echo $(((X=(X+1)%8)%2)) > /proc/sys/diag; sleep $((X==0)); } done &
-fi
-mount_root ${FAILSAFE:+failsafe}
-
-# automagically run firstboot
-[ -z "$FAILSAFE" -a -z "$(nvram get no_root_swap)" ] && {
- { mount|grep "on / type jffs2" 1>&-; } || firstboot
+[ -f /etc/preinit.arch ] && . /etc/preinit.arch
+[ -z "$FAILSAFE" ] || {
+ echo /bin/true > /proc/sys/kernel/hotplug
+ telnetd -l /bin/login <> /dev/null 2>&1
}
-
+mount_root ${FAILSAFE:+failsafe}
exec /sbin/init
diff --git a/openwrt/package/base-files/default/sbin/halt b/openwrt/package/base-files/default/sbin/halt
deleted file mode 100755
index 39eed2612..000000000
--- a/openwrt/package/base-files/default/sbin/halt
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-/usr/bin/killall5 -9
-#umount -ar
diff --git a/openwrt/package/base-files/default/sbin/hotplug b/openwrt/package/base-files/default/sbin/hotplug
index 3500f7520..106299343 100755
--- a/openwrt/package/base-files/default/sbin/hotplug
+++ b/openwrt/package/base-files/default/sbin/hotplug
@@ -1,4 +1,7 @@
#!/bin/sh
+
+# bypass the normal hotplug path for firmware loading
+# would otherwise cause problems with drivers like bcm43xx
[ "$1" = "firmware" -a "$ACTION" = "add" ] && {
[ -f "/lib/firmware/$FIRMWARE" ] && {
echo 1 > "/sys$DEVPATH/loading"
@@ -8,13 +11,8 @@
exit 0
}
-[ -e /tmp/.failsafe ] && {
- export FAILSAFE=true
-} || {
- [ -e /etc/config/network ] && . /etc/config/network
-}
. /etc/functions.sh
-. /etc/network.overrides
+. /etc/config/network
PATH=/bin:/sbin:/usr/bin:/usr/sbin
LOGNAME=root
diff --git a/openwrt/package/base-files/default/sbin/ifdown b/openwrt/package/base-files/default/sbin/ifdown
index d0120dcbe..0d85ca8ea 100755
--- a/openwrt/package/base-files/default/sbin/ifdown
+++ b/openwrt/package/base-files/default/sbin/ifdown
@@ -1,26 +1,18 @@
#!/bin/sh
[ $# = 0 ] && { echo " $0 <group>"; exit; }
. /etc/functions.sh
-. /etc/network.overrides
-[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network
+. /etc/config/network
debug "### ifdown $type ###"
type=$1
-if_proto=$(nvram get ${type}_proto)
-if=$(nvram get ${type}_ifname)
+eval "if_proto=\"\${${type}_proto}\""
+eval "if=\"\${${type}_ifname}\""
+[ "${if%%[0-9]}" = "ppp" ] && eval "if=\"\${${type}_device}\""
case "$if_proto" in
pppoa) hotplug_dev unregister atm0; exit 0 ;;
""|none) exit 0;;
esac
-[ "${if%%[0-9]*}" = "ppp" ] && if="$(nvram get ${type}_device)"
-
-if [ "${if%%[0-9]}" = "br" ]; then
- for sif in $(nvram get ${type}_ifnames); do
- hotplug_dev unregister "$sif"
- done
-fi
-
hotplug_dev unregister "$if"
diff --git a/openwrt/package/base-files/default/sbin/ifup b/openwrt/package/base-files/default/sbin/ifup
index 8ae641668..a86a7671e 100755
--- a/openwrt/package/base-files/default/sbin/ifup
+++ b/openwrt/package/base-files/default/sbin/ifup
@@ -1,32 +1,34 @@
#!/bin/sh
[ $# = 0 ] && { echo " $0 <group>"; exit; }
. /etc/functions.sh
-. /etc/network.overrides
-[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network
+. /etc/config/network
ifdown $1
debug "### ifup $type ###"
type=$1
-if_proto=$(nvram get ${type}_proto)
-if=$(nvram get ${type}_ifname)
+eval "if_proto=\"\${${type}_proto}\""
+eval "if=\"\${${type}_ifname}\""
+[ "${if%%[0-9]}" = "ppp" ] && eval "if=\"\${${type}_device}\""
case "$if_proto" in
pppoa) hotplug_dev register atm0; exit 0 ;;
pppoe)
- ifconfig nas0 2>&- >&- || {
- hotplug_dev register atm0
- exit 0
+ # PPPoE over ATM
+ [ "$if" = "nas0" ] && {
+ ifconfig nas0 2>&- >&- || {
+ hotplug_dev register atm0
+ exit 0
+ }
}
;;
none|"") exit 0;;
esac
-[ "${if%%[0-9]*}" = "ppp" ] && if="$(nvram get ${type}_device)"
-
if [ "${if%%[0-9]}" = "br" ]; then
- for sif in $(nvram get ${type}_ifnames); do
+ eval "ifnames=\"\${${type}_ifnames}\""
+ for sif in $ifnames; do
hotplug_dev register "$sif"
done
else
diff --git a/openwrt/package/base-files/default/sbin/mount_root b/openwrt/package/base-files/default/sbin/mount_root
index 427ff0444..38252e83f 100755
--- a/openwrt/package/base-files/default/sbin/mount_root
+++ b/openwrt/package/base-files/default/sbin/mount_root
@@ -1,40 +1,34 @@
#!/bin/sh
-. /etc/nvram.sh
-is_clean() {
- grep Broadcom /proc/cpuinfo 2>&- >&- || return 0
- OFFSET="$((0x$(dd if=/dev/mtdblock/1 bs=1 skip=$((0x14)) count=2 2>&- | hexdump | grep 0000000 | cut -d ' ' -f 2) - 1))"
- dd if=/dev/mtdblock/1 bs=1 skip=$OFFSET count=1 2>&- | hexdump -v | grep ' 0000' > /dev/null && return 255 || return 0
+is_dirty() {
+ grep Broadcom /proc/cpuinfo >&- || return 1
+ OFFSET="$(($(hexdump -v /dev/mtdblock/1 -s 20 -n 2 -e '"%d"')-1))"
+ return $(hexdump -v /dev/mtdblock/1 -s $OFFSET -n 1 -e '"%d"')
}
+size=$(awk '/Mem:/ {l=5242880;print((s=$2/2)<l)?$2-l:s}' /proc/meminfo)
+mount none /tmp -t tmpfs -o size=$size
+
if [ "$1" != "failsafe" ]; then
+ mtd unlock linux
mount | grep jffs2 >&-
if [ $? = 0 ] ; then
if [ $(cat /proc/mtd | wc -l) = 6 ]; then
- echo 5 > /proc/sys/diag
- mtd unlock linux
mtd erase OpenWrt
jffs2root --move
else
- mtd unlock rootfs
mount -o remount,rw /dev/root /
fi
else
- if [ -z "$(nvram get no_root_swap)" ]; then
- is_clean || {
- mtd erase OpenWrt
- mtd unlock linux
- jffs2root --clean
- }
- mtd unlock OpenWrt
- mount -t jffs2 /dev/mtdblock/4 /jffs
- pivot_root /jffs /jffs/rom
- mount none /proc -t proc
- mount none /dev -t devfs
- umount /rom/proc /rom/dev >&-
- fi
+ . /bin/firstboot
+ is_dirty
+ [ $? != 0 ] && {
+ mount /dev/mtdblock/4 /jffs
+ pivot /jffs /rom
+ } || ramoverlay
fi
fi
-mount none /tmp -t tmpfs -o nosuid,nodev,mode=1777,size=50%
+
+mount none /tmp -t tmpfs -o remount,nosuid,nodev,mode=1777
mkdir -p /dev/pts
mount none /dev/pts -t devpts
-grep sysfs /proc/filesystems >&- && mount -t sysfs none /sys
+mount -t sysfs none /sys 2>&-
diff --git a/openwrt/package/base-files/default/usr/lib/common.awk b/openwrt/package/base-files/default/usr/lib/common.awk
new file mode 100644
index 000000000..63a8cf23d
--- /dev/null
+++ b/openwrt/package/base-files/default/usr/lib/common.awk
@@ -0,0 +1,66 @@
+function portstr(type, str) {
+ gsub(/-/, ":", str)
+ if (insmod_mport != 1) {
+ print "insmod ipt_multiport >&- 2>&-"
+ insmod_mport = 1
+ }
+ if (type == "src") return " -m multiport --sports " str
+ else return " -m multiport --dports " str
+}
+
+function str2ipt(str) {
+ str2data(str)
+ _cmd = ""
+ if (_l["src"] != "") _cmd = _cmd " -s " _l["src"]
+ if (_l["dest"] != "") _cmd = _cmd " -d " _l["dest"]
+ if (_l["proto"] != "") {
+ _cmd = _cmd " -p " _l["proto"]
+ }
+ # scripts need to check for proto="" and emit two rules in that case
+ if ((_l["proto"] == "") || (_l["proto"] == "tcp") || (_l["proto"] == "udp")) {
+ if (_l["sport"] != "") _cmd = _cmd portstr("src", _l["sport"])
+ if (_l["dport"] != "") _cmd = _cmd portstr("dest", _l["dport"])
+ }
+ if (_l["layer7"] != "") {
+ if (insmod_l7 != 1) {
+ print "insmod ipt_layer7 >&- 2>&-"
+ insmod_l7 = 1
+ }
+ _cmd = _cmd " -m layer7 --l7proto " _l["layer7"]
+ }
+ return _cmd
+}
+
+function str2data(str) {
+ delete _l
+ _n = split(str, _o, "[\t ]")
+ for (_i = 1; _i <= _n; _i++) {
+ _n2 = split(_o[_i], _c, "=")
+ if (_n2 == 2) _l[_c[1]] = _c[2]
+ }
+}
+
+function bitcount(c) {
+ c=and(rshift(c, 1),0x55555555)+and(c,0x55555555)
+ c=and(rshift(c, 2),0x33333333)+and(c,0x33333333)
+ c=and(rshift(c, 4),0x0f0f0f0f)+and(c,0x0f0f0f0f)
+ c=and(rshift(c, 8),0x00ff00ff)+and(c,0x00ff00ff)
+ c=and(rshift(c,16),0x0000ffff)+and(c,0x0000ffff)
+ return c
+}
+
+function validate_netmask(nm) {
+ return and(-nm,compl(nm))
+}
+
+function ip2int(ip) {
+ for (ret=0,n=split(ip,a,"\."),x=1;x<=n;x++) ret=or(lshift(ret,8),a[x])
+ return ret
+}
+
+function int2ip(ip,ret,x) {
+ ret=and(ip,255)
+ ip=rshift(ip,8)
+ for(;x<3;ret=and(ip,255)"."ret,ip=rshift(ip,8),x++);
+ return ret
+}
diff --git a/openwrt/package/base-files/default/usr/lib/parse-config.awk b/openwrt/package/base-files/default/usr/lib/parse-config.awk
new file mode 100644
index 000000000..bde5c0072
--- /dev/null
+++ b/openwrt/package/base-files/default/usr/lib/parse-config.awk
@@ -0,0 +1,40 @@
+{
+ line=$0
+ gsub(/^[ \t]*/, "")
+ gsub(/[ \t]*$/, "")
+}
+
+$1 == "@define" {
+ v[$2] = $3
+}
+
+$1 == "@ifdef" {
+ if_open = 1
+ if (v[$2] != "") noprint = 0
+ else noprint = 1
+}
+
+$1 == "@ifndef" {
+ if_open = 1
+ if (v[$2] != "") noprint = 1
+ else noprint = 0
+}
+
+$1 == "@else" {
+ if (noprint == 1) noprint = 0
+ else noprint = 1
+}
+
+($1 !~ /^@/) && (noprint != 1) {
+ n=split(line "@@", a, /@@/)
+ for (i=1; i<=n; i++) {
+ if ((i % 2) == 1) printf a[i]
+ else printf v[a[i]]
+ }
+ print ""
+}
+
+$1 == "@endif" {
+ if_open = 0
+ noprint = 0
+}
diff --git a/openwrt/package/base-files/default/usr/share/udhcpc/default.script b/openwrt/package/base-files/default/usr/share/udhcpc/default.script
index 42d3eaf0c..4604648e6 100755
--- a/openwrt/package/base-files/default/usr/share/udhcpc/default.script
+++ b/openwrt/package/base-files/default/usr/share/udhcpc/default.script
@@ -1,18 +1,17 @@
#!/bin/sh
[ -z "$1" ] && echo "Error: should be run by udhcpc" && exit 1
+. /etc/config/network
RESOLV_CONF="/tmp/resolv.conf"
hotplug_event() {
- nvram show 2>&- | grep _proto=dhcp | {
- while :; do
- read FOO
- [ -z "$FOO" ] && break
- FOO="${FOO%%_*}"
- [ "$(nvram get ${FOO}_ifname)" = "${interface}" ] || continue
- env -i ACTION="$1" INTERFACE="${FOO}" PROTO=dhcp /sbin/hotplug iface
- done
- }
+ for ifname in lan wan wifi ${ifnames}; do
+ eval "proto=\"\${${ifname}_proto}\""
+ eval "if=\"\${${ifname}_ifname}\""
+ [ "$proto" = "dhcp" ] || continue
+ [ "$if" = "$interface" ] || continue
+ env -i ACTION="$1" INTERFACE="$ifname" PROTO=dhcp /sbin/hotplug iface
+ done
}
case "$1" in
@@ -26,22 +25,20 @@ case "$1" in
broadcast ${broadcast:-+}
if [ -n "$router" ] ; then
-
- if [ "$router" != "$(route -n | grep '^0.0.0.0' | grep $interface | awk '{ print $2 }')" ] ; then
- while route del default gw 0.0.0.0 dev $interface 2>&- ; do
- echo "removing old default route"
- done
- for i in $router ; do
- route add default gw $i dev $interface
- done
- fi
+ echo "deleting routers"
+ while route del default gw 0.0.0.0 dev $interface >&- 2>&- ; do :; done
+
+ for i in $router ; do
+ echo "adding router $i"
+ route add default gw $i dev $interface
+ done
fi
echo -n > $RESOLV_CONF
${domain:+echo search $domain} >> $RESOLV_CONF
for i in $dns ; do
- echo adding dns $i
- echo nameserver $i >> $RESOLV_CONF
+ echo "adding dns $i"
+ echo "nameserver $i" >> $RESOLV_CONF
done
hotplug_event ifup