diff options
Diffstat (limited to 'root/etc')
| -rwxr-xr-x | root/etc/firewall.sh | 26 | ||||
| -rw-r--r-- | root/etc/inittab | 7 | ||||
| -rwxr-xr-x | root/etc/networking.sh | 160 | ||||
| -rwxr-xr-x | root/etc/preinit | 16 | ||||
| -rwxr-xr-x | root/etc/rcS | 27 | ||||
| -rw-r--r-- | root/etc/udhcpd.conf | 12 |
6 files changed, 248 insertions, 0 deletions
diff --git a/root/etc/firewall.sh b/root/etc/firewall.sh new file mode 100755 index 000000000..805aa3f04 --- /dev/null +++ b/root/etc/firewall.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +IPT=/usr/sbin/iptables + +for T in filter nat mangle ; do + $IPT -t $T -F + $IPT -t $T -X +done + +$IPT -t filter -A INPUT -m state --state INVALID -j DROP +$IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +$IPT -t filter -A INPUT -p icmp -j ACCEPT +$IPT -t filter -A INPUT -i vlan1 -p tcp -j REJECT --reject-with tcp-reset +$IPT -t filter -A INPUT -i vlan1 -j REJECT --reject-with icmp-port-unreachable +$IPT -t filter -A FORWARD -m state --state INVALID -j DROP +$IPT -t filter -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT +$IPT -t filter -A FORWARD -i vlan1 -m state --state NEW,INVALID -j DROP + +$IPT -t nat -A POSTROUTING -o vlan1 -j MASQUERADE + +echo "1" >/proc/sys/net/ipv4/ip_forward +echo "1" >/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts +echo "1" >/proc/sys/net/ipv4/icmp_ignore_bogus_error_responses +echo "30" >/proc/sys/net/ipv4/tcp_fin_timeout +echo "120" >/proc/sys/net/ipv4/tcp_keepalive_time +echo "0" >/proc/sys/net/ipv4/tcp_timestamps diff --git a/root/etc/inittab b/root/etc/inittab new file mode 100644 index 000000000..73618d346 --- /dev/null +++ b/root/etc/inittab @@ -0,0 +1,7 @@ +::sysinit:/etc/rcS +::restart:/sbin/init +::ctrlaltdel:/sbin/reboot +::shutdown:/bin/alldone +::respawn:/usr/sbin/dnsmasq -d -l /tmp/udhcpd.leases -s lan + + diff --git a/root/etc/networking.sh b/root/etc/networking.sh new file mode 100755 index 000000000..5242952e9 --- /dev/null +++ b/root/etc/networking.sh @@ -0,0 +1,160 @@ +#!/bin/sh +# OpenWrt Networking script +# $Id$ +# Copyright (c) 2004 Mike Baker <mbm at alt.org> + +# to debug: +# export DEBUG=echo + +export PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# lookup an interface by mac address +mac2if () { + if=$(ifconfig -a | grep -i "$1" | grep -e "^eth" | awk '{print $1}') + echo $if +} + +# allow env to override nvram +nvram_get () { + eval "echo \${$1:=\$(nvram get $1)}" +} + +# valid interface? +if_valid () { + [ "${1%[0-9]}" = "vlan" ] && { + i=${1##vlan} + hwname=$(nvram_get vlan${i}hwname) + hwaddr=$(nvram_get ${hwname}macaddr) + [ -z "$hwaddr" ] && return 1 + + vif=$(mac2if $hwaddr) + echo "# vlan${i}: $hwname $hwaddr => $vif" + + $DEBUG ifconfig $vif up + #$DEBUG vconfig rem vlan${i} + $DEBUG vconfig add $vif $i + } + ifconfig "$1" >/dev/null 2>&1 || [ "${1%[0-9]}" = "br" ] + return $? +} + +wifi_init () { + echo "# --- wifi init ---" + hwaddr=$(nvram_get il0macaddr) + [ -z "$hwaddr" ] && hwaddr=$(nvram_get wl0_hwaddr) + if=$(mac2if $hwaddr) + $DEBUG wlconf $if up +} + +configure () { + type=$1 + echo "# --- $type ---" + + if=$(nvram_get ${type}_ifname) + if [ "${if%[0-9]}" = "ppp" ]; then + if=$(nvram get pppoe_ifname) + fi + if_valid $if || return + + if [ "${if%[0-9]}" = "br" ]; then + $DEBUG ifconfig $if down + $DEBUG brctl delbr $if + $DEBUG brctl addbr $if + $DEBUG brctl setfd $if 0 + if_list=$(nvram_get ${type}_ifnames) + for sif in $if_list; do { + if_valid $sif || continue + $DEBUG ifconfig $sif 0.0.0.0 up + $DEBUG brctl addif $if $sif + }; done + fi + + if_mac=$(nvram_get ${type}_hwaddr) + $DEBUG ifconfig $if hw ether $if_mac + + if_proto=$(nvram_get ${type}_proto) + case "$if_proto" in + static) + if_ip=$(nvram_get ${type}_ipaddr) + if_netmask=$(nvram_get ${type}_netmask) + if_gateway=$(nvram_get ${type}_gateway) + + ipcalc -s "$if_ip" || return + ipcalc -s "$if_netmask" || return + $DEBUG ifconfig $if $if_ip netmask $if_netmask up + + ipcalc -s "$ip_gateway" || return + $DEBUG route add default gw $ip_gateway + ;; + dhcp) + pidfile=/tmp/dhcp-${type}.pid + if [ -f $pidfile ]; then + $DEBUG kill $(cat $pidfile) + fi + $DEBUG udhcpc -i $if -b -p /tmp/dhcp-${type}.pid + ;; + pppoe) + if_username=$(nvram_get ppp_username) + if_password=$(nvram_get ppp_passwd) + if_redial=$(nvram_get ppp_redialperiod) + if_idletime=$(nvram_get ppp_idletime) + + $DEBUG ifconfig $if 0.0.0.0 up + + $DEBUG pppd user "$if_username" password "$if_password" defaultroute + ;; + *) + echo "$if: $if_proto is not supported" + ;; + esac +} + +### START NETWORKING ### +wifi_init + +$DEBUG vconfig set_name_type VLAN_PLUS_VID_NO_PAD + +# hacks for 1.x hardware +[ -z "$(nvram_get vlan0hwname)" ] && { + echo "# 1.x HACK" + vlan1hwname="et0" + vlan2hwname="et0" + + # we remap old device names to new + # it's recommended that you continue to + # use the old names to preserve backwards + # compatibility + remap () { + eval $1=\"$(nvram_get $1 | awk '{ + gsub(/eth0/,"vlan2") + gsub(/eth1/,"vlan1") + print $0 + }')\" + } + + remap lan_ifname + remap lan_ifnames + remap wifi_ifname + remap wifi_ifnames + remap wan_ifname + remap wan_ifnames + remap pppoe_ifname +} + +# failsafe if reset is held +[ "$FAILSAFE" = "true" ] && { + lan_ifname="br0" + lan_ifnames="vlan0 vlan2 eth1 eth2 eth3" + lan_ipaddr="192.168.1.1" + lan_netmask="255.255.255.0" + lan_hwaddr="00:0B:AD:0A:DD:00" + wan_ifname="none" + wifi_ifname="none" +} + +# linksys bug has lan doing dhcp; force static +lan_proto="static" + +configure lan +configure wifi +configure wan diff --git a/root/etc/preinit b/root/etc/preinit new file mode 100755 index 000000000..26025f454 --- /dev/null +++ b/root/etc/preinit @@ -0,0 +1,16 @@ +#!/bin/sh +mount none /proc -t proc +if /sbin/resetmon ; then + mtd unlock mtd4 + mount -t jffs2 /dev/mtdblock/4 /jffs + pivot_root /jffs /jffs/rom + mount none /dev -t devfs + mount none /proc -t proc + umount rom/proc + umount rom/dev +else + FAILSAFE=true + export FAILSAFE +fi +mount none /tmp -t ramfs +exec /sbin/init diff --git a/root/etc/rcS b/root/etc/rcS new file mode 100755 index 000000000..e2ab185bb --- /dev/null +++ b/root/etc/rcS @@ -0,0 +1,27 @@ +#!/bin/sh + +export TZ=$(nvram get tz) + +insmod diag +echo "0x01" > /proc/sys/diag +echo "3" >/proc/sys/kernel/panic + +# networking +insmod et +insmod wl + +ifconfig lo 127.0.0.1 up + +# eth0 and eth1 are shared, must set eth0 as promisc +ifconfig eth0 promisc +ifconfig eth1 promisc +/etc/networking.sh + +# now lets set up a basic set of rules to do ip masquerade +/etc/firewall.sh + +# now lets start some basic services +/usr/sbin/telnetd +/usr/sbin/httpd -p 80 -h /www -r WRT54G Router +/usr/sbin/udhcpd /etc/udhcpd.conf + diff --git a/root/etc/udhcpd.conf b/root/etc/udhcpd.conf new file mode 100644 index 000000000..a82eb37b4 --- /dev/null +++ b/root/etc/udhcpd.conf @@ -0,0 +1,12 @@ +max_leases 200 +start 192.168.1.20 +end 192.168.1.250 +interface br0 +lease_file /tmp/udhcpd.leases +domain lan +pidfile /tmp/udhcpd.pid +option dns 192.168.1.1 +option subnet 255.255.255.0 +option router 192.168.1.1 +lease 7200 + |