From 676c017ecfced2e37aeec176f8aa6b9df90024f3 Mon Sep 17 00:00:00 2001 From: nbd Date: Wed, 5 Apr 2006 02:09:22 +0000 Subject: large init script cleanup and merge of whiterussian changes, new dnsmasq config handling git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@3588 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/Config.in | 3 - package/Sysconf.in | 31 ---- package/base-files/Makefile | 12 +- package/base-files/default/bin/firstboot | 134 ++++++++++------- package/base-files/default/bin/ipcalc | 32 ++++ package/base-files/default/bin/login | 12 +- package/base-files/default/etc/firewall.user | 29 ---- package/base-files/default/etc/functions.sh | 26 ---- .../base-files/default/etc/hotplug.d/net/10-net | 85 +++++------ package/base-files/default/etc/init.d/S10boot | 9 +- package/base-files/default/etc/init.d/S40network | 16 -- package/base-files/default/etc/init.d/S45firewall | 96 ------------ package/base-files/default/etc/init.d/S50telnet | 2 +- package/base-files/default/etc/init.d/S60cron | 8 +- package/base-files/default/etc/init.d/S98done | 9 ++ package/base-files/default/etc/init.d/S99done | 4 - package/base-files/default/etc/init.d/rcS | 10 +- package/base-files/default/etc/inittab | 1 - package/base-files/default/etc/preinit | 23 +-- package/base-files/default/sbin/halt | 3 - package/base-files/default/sbin/hotplug | 10 +- package/base-files/default/sbin/ifdown | 16 +- package/base-files/default/sbin/ifup | 22 +-- package/base-files/default/sbin/mount_root | 40 +++-- package/base-files/default/usr/lib/common.awk | 66 ++++++++ .../base-files/default/usr/lib/parse-config.awk | 40 +++++ .../default/usr/share/udhcpc/default.script | 37 +++-- package/busybox/config/miscutils/Config.in | 6 + package/busybox/config/networking/Config.in | 4 +- package/busybox/patches/220-awk_bitops.patch | 61 ++++++++ package/busybox/patches/230-passwd_salt.patch | 13 ++ package/busybox/patches/340-lock_util.patch | 167 +++++++++++++++++++++ package/dnsmasq/Makefile | 2 +- package/dnsmasq/files/S50dnsmasq | 30 ---- package/dnsmasq/files/dnsmasq.conf | 8 +- package/dnsmasq/files/dnsmasq.init | 45 ++++++ package/ez-ipupdate/files/ez-ipupdate.hotplug | 6 +- package/iptables/Makefile | 7 + package/iptables/files/firewall.awk | 64 ++++++++ package/iptables/files/firewall.config | 46 ++++++ package/iptables/files/firewall.init | 95 ++++++++++++ package/iptables/files/firewall.user | 31 ++++ package/linux-atm/files/br2684.init | 8 +- package/mtd/mtd.c | 17 ++- package/ntpclient/files/ntpclient.init | 3 +- package/parprouted/files/parprouted.default | 4 +- package/ppp/files/ifup.pppoa | 29 ++-- package/ppp/files/ifup.pppoe | 27 ++-- package/pptp/files/ifup.pptp | 41 ++--- 49 files changed, 950 insertions(+), 540 deletions(-) delete mode 100644 package/Sysconf.in create mode 100755 package/base-files/default/bin/ipcalc delete mode 100755 package/base-files/default/etc/firewall.user delete mode 100755 package/base-files/default/etc/init.d/S40network delete mode 100755 package/base-files/default/etc/init.d/S45firewall create mode 100755 package/base-files/default/etc/init.d/S98done delete mode 100755 package/base-files/default/etc/init.d/S99done delete mode 100755 package/base-files/default/sbin/halt create mode 100644 package/base-files/default/usr/lib/common.awk create mode 100644 package/base-files/default/usr/lib/parse-config.awk create mode 100644 package/busybox/patches/220-awk_bitops.patch create mode 100644 package/busybox/patches/230-passwd_salt.patch create mode 100644 package/busybox/patches/340-lock_util.patch delete mode 100755 package/dnsmasq/files/S50dnsmasq create mode 100644 package/dnsmasq/files/dnsmasq.init create mode 100644 package/iptables/files/firewall.awk create mode 100644 package/iptables/files/firewall.config create mode 100755 package/iptables/files/firewall.init create mode 100755 package/iptables/files/firewall.user (limited to 'package') diff --git a/package/Config.in b/package/Config.in index 55fdba073..619578024 100644 --- a/package/Config.in +++ b/package/Config.in @@ -333,6 +333,3 @@ config BR2_PACKAGE_IMAGEBUILDER endmenu -source "package/Sysconf.in" - - diff --git a/package/Sysconf.in b/package/Sysconf.in deleted file mode 100644 index 6c0cac3cd..000000000 --- a/package/Sysconf.in +++ /dev/null @@ -1,31 +0,0 @@ -# - -menu "Runtime Configuration" - choice - bool "Telnet access" - default BR2_SYSCONF_TELNET_FAILSAFE_ONLY - - config BR2_SYSCONF_TELNET_FAILSAFE_ONLY - bool "open, failsafe only" - - config BR2_SYSCONF_TELNET_OPEN - bool "open" - - endchoice - - menu "Failsafe configuration" - - config BR2_SYSCONF_FAILSAFE_IP - string "IP Address" - default "192.168.1.1" - - config BR2_SYSCONF_FAILSAFE_NETMASK - string "Netmask" - default "255.255.255.0" - - config BR2_SYSCONF_FAILSAFE_MAC - string "MAC Address" - default "00:00:BA:DC:0D:ED" - - endmenu -endmenu diff --git a/package/base-files/Makefile b/package/base-files/Makefile index 1fb0c1449..8517dcc68 100644 --- a/package/base-files/Makefile +++ b/package/base-files/Makefile @@ -55,23 +55,25 @@ $(IPKG_BASE): $(CP) ./default/* $(IDIR_BASE) $(SED) 's,$$R,r$(REV),g' $(IDIR_BASE)/etc/banner $(SED) 's,$$S,$(BOARD)-$(KERNEL),g' $(IDIR_BASE)/etc/ipkg.conf - mkdir -p $(IDIR_BASE)/sys - mkdir -p $(IDIR_BASE)/jffs mkdir -p $(IDIR_BASE)/dev + mkdir -p $(IDIR_BASE)/etc/crontabs + mkdir -p $(IDIR_BASE)/jffs + mkdir -p $(IDIR_BASE)/lib + mkdir -p $(IDIR_BASE)/mnt mkdir -p $(IDIR_BASE)/proc mkdir -p $(IDIR_BASE)/tmp - mkdir -p $(IDIR_BASE)/lib mkdir -p $(IDIR_BASE)/usr/lib mkdir -p $(IDIR_BASE)/usr/bin + mkdir -p $(IDIR_BASE)/sys + mkdir -p $(IDIR_BASE)/www ln -sf /tmp/resolv.conf $(IDIR_BASE)/etc/resolv.conf ln -sf /proc/mounts $(IDIR_BASE)/etc/mtab - rm -rf $(IDIR_BASE)/var + rm -f $(IDIR_BASE)/var ln -sf /tmp $(IDIR_BASE)/var -find $(IDIR_BASE) -type d -name CVS | xargs rm -rf -find $(IDIR_BASE) -type d -name .svn | xargs rm -rf -find $(IDIR_BASE) -name '.#*' | xargs rm -f mkdir -p $(IDIR_BASE)/etc - -grep \^BR2_SYSCONF $(TOPDIR)/.config > $(IDIR_BASE)/etc/sysconf $(IPKG_BUILD) $(IDIR_BASE) $(PACKAGE_DIR) $(IPKG_UCLIBC): diff --git a/package/base-files/default/bin/firstboot b/package/base-files/default/bin/firstboot index eff7063b1..1d9b658b6 100755 --- a/package/base-files/default/bin/firstboot +++ b/package/base-files/default/bin/firstboot @@ -1,62 +1,88 @@ #!/bin/sh # $Id$ -mount | grep squashfs >&- || { - echo "You do not have a squashfs partition; aborting" - echo "(firstboot cannot be run on jffs2 based firmwares)" - return +rom=$(awk '/squashfs/ {print $2}' /proc/mounts) +jffs=$(awk '/jffs2/ {print $2}' /proc/mounts) + +dupe() { # + cd $1 + echo -n "creating directories... " + { + cd $2 + find . -xdev -type d + echo "./dev ./jffs ./mnt ./proc ./tmp ./sys" + # xdev skips mounted directories + cd $1 + } | xargs mkdir -p + echo "done" + + echo -n "setting up symlinks... " + for file in $(cd $2; find . -xdev -type f;); do + case "$file" in + "./rom/note") ;; #nothing + "./etc/config"|\ + "./etc/resolv.conf"|\ + "./usr/lib/ipkg/info") cp -af $2/$file $file;; + *) ln -sf /rom/${file#./*} $file;; + esac + done + for file in $(cd $2; find . -xdev -type l;); do + cp -af $2/${file#./*} $file + done + echo "done" } -[ -f "/tmp/.firstboot" ] && { - echo "firstboot is already running" - return +pivot() { # + mount -o move /proc $1/proc && \ + pivot_root $1 $1$2 && { + mount -o move $2/dev /dev + mount -o move $2/tmp /tmp + } } -touch /tmp/.firstboot -jdev=$(mount | awk '/jffs2/ {print $3}') +mountdp() { # + dev=$1; mnt=$2; shift 2; opt=$* + mount $dev $mnt $opt + dupe $mnt $rom + pivot $mnt /rom +} -if [ -z "$jdev" ]; then - echo -n "Creating jffs2 partition... " - mtd erase OpenWrt >&- 2>&- - mount -t jffs2 /dev/mtdblock/4 /jffs - echo "done" - cd /jffs -else - echo "firstboot has already been run" - echo "jffs2 partition is mounted, only resetting files" - cd $jdev -fi - -exec 2>/dev/null - -mount /dev/mtdblock/2 /rom -o ro - -echo -n "creating directories... " -{ - cd /rom - find . -type d - cd - -} | xargs mkdir -echo "done" - -echo -n "setting up symlinks... " -for file in $(cd /rom; find * -type f; find * -type l;) -do { - case "${file%/*}" in - "usr/lib/ipkg/info"|"etc/config") cp -f /rom/$file $file;; - *) ln -sf /rom/$file $file;; - esac -} done -echo "done" - -touch /tmp/resolv.conf -ln -s /tmp/resolv.conf /etc/resolv.conf - -umount /rom -mount none /jffs/proc -t proc -pivot_root /jffs /jffs/rom -mount none /dev -t devfs -mount none /tmp -t ramfs -umount /rom/proc -umount /rom/tmp -umount /rom/dev +ramoverlay() { + mkdir -p /tmp/root + mountdp /tmp/root /mnt -o bind +} + +[ "${0##*/}" = "firstboot" ] && { + [ -z "$rom" ] && { + echo "You do not have a squashfs partition; aborting" + echo "(firstboot cannot be run on jffs2 based firmwares)" + exit 1 + } + + [ "$1" = "switch2jffs" ] && { + mtd erase OpenWrt + mount -o remount,ro none / # try to avoid fs changing while copying + mount -o bind / /mnt + mount /dev/mtdblock/4 /rom/jffs -t jffs2 + echo -n "copying files ... " + cp -a /mnt/* /rom/jffs + umount /mnt + echo "done" + pivot /rom /mnt + mount -o move /mnt /tmp/root + pivot /jffs /rom + jffs2root --clean + exit 0 + } + + # script run manually + [ \! -z "$jffs" ] && { + echo "firstboot has already been run" + echo "jffs2 partition is mounted, only resetting files" + dupe $jffs $rom + exit 0 + } + + mtd erase OpenWrt + mountdp /dev/mtdblock/4 /jffs -t jffs2 +} diff --git a/package/base-files/default/bin/ipcalc b/package/base-files/default/bin/ipcalc new file mode 100755 index 000000000..318980e5a --- /dev/null +++ b/package/base-files/default/bin/ipcalc @@ -0,0 +1,32 @@ +#!/bin/sh + +awk -f /usr/lib/common.awk -f - $* <limit) end=limit + + print "IP="int2ip(ipaddr) + print "NETMASK="int2ip(netmask) + print "BROADCAST="int2ip(broadcast) + print "NETWORK="int2ip(network) + print "PREFIX="32-bitcount(compl(netmask)) + + # range calculations: + # ipcalc + + if (ARGC > 3) { + print "START="int2ip(start) + print "END="int2ip(end) + } +} +EOF diff --git a/package/base-files/default/bin/login b/package/base-files/default/bin/login index bb065e54a..8f9281726 100755 --- a/package/base-files/default/bin/login +++ b/package/base-files/default/bin/login @@ -1,20 +1,16 @@ #!/bin/sh -. /etc/sysconf 2>&- - -[ "$FAILSAFE" != "true" ] && -[ "$BR2_SYSCONF_TELNET_FAILSAFE_ONLY" = "y" ] && +grep '^root:[^!]' /etc/passwd >&- 2>&- +[ "$?" = "0" -a -z "$FAILSAFE" ] && { - grep '^root:[^!]' /etc/passwd >&- 2>&- && - { echo "Login failed." exit 0 - } || { +} || { cat << EOF === IMPORTANT ============================ Use 'passwd' to set your login password this will disable telnet and enable SSH ------------------------------------------ EOF - } } + exec /bin/ash --login diff --git a/package/base-files/default/etc/firewall.user b/package/base-files/default/etc/firewall.user deleted file mode 100755 index 5774f0c64..000000000 --- a/package/base-files/default/etc/firewall.user +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh -. /etc/functions.sh -. /etc/network.overrides -[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network - -WAN=$(nvram get wan_ifname) -LAN=$(nvram get lan_ifname) - -iptables -F input_rule -iptables -F output_rule -iptables -F forwarding_rule -iptables -t nat -F prerouting_rule -iptables -t nat -F postrouting_rule - -### BIG FAT DISCLAIMER -### The "-i $WAN" literally means packets that came in over the $WAN interface; -### this WILL NOT MATCH packets sent from the LAN to the WAN address. - -### Allow SSH on the WAN interface -# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT -# iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT - -### Port forwarding -# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j DNAT --to 192.168.1.2 -# iptables -A forwarding_rule -i $WAN -p tcp --dport 22 -d 192.168.1.2 -j ACCEPT - -### DMZ (should be placed after port forwarding / accept rules) -# iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2 -# iptables -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT diff --git a/package/base-files/default/etc/functions.sh b/package/base-files/default/etc/functions.sh index e7126473f..526ca52dd 100755 --- a/package/base-files/default/etc/functions.sh +++ b/package/base-files/default/etc/functions.sh @@ -1,6 +1,4 @@ #!/bin/sh -. /etc/nvram.sh - alias debug=${DEBUG:-:} # valid interface? @@ -13,27 +11,3 @@ if_valid () ( hotplug_dev() { env -i ACTION=$1 INTERFACE=$2 /sbin/hotplug net } - -bitcount () { - local c=$1 - echo $(( - c=((c>> 1)&0x55555555)+(c&0x55555555), - c=((c>> 2)&0x33333333)+(c&0x33333333), - c=((c>> 4)&0x0f0f0f0f)+(c&0x0f0f0f0f), - c=((c>> 8)&0x00ff00ff)+(c&0x00ff00ff), - c=((c>>16)&0x0000ffff)+(c&0x0000ffff) - )) -} - -valid_netmask () { - return $((-($1)&~$1)) -} - -ip2int () ( - set $(echo $1 | tr '\.' ' ') - echo $(($1<<24|$2<<16|$3<<8|$4)) -) - -int2ip () { - echo $(($1>>24&255)).$(($1>>16&255)).$(($1>>8&255)).$(($1&255)) -} diff --git a/package/base-files/default/etc/hotplug.d/net/10-net b/package/base-files/default/etc/hotplug.d/net/10-net index 0f384ec46..4bb69378f 100644 --- a/package/base-files/default/etc/hotplug.d/net/10-net +++ b/package/base-files/default/etc/hotplug.d/net/10-net @@ -1,32 +1,28 @@ #!/bin/sh -setup_eth() -{ - for part in $(nvram get unused_ifnames); do - [ "$part" = "$INTERFACE" ] && exit 0 - done - ifconfig "$INTERFACE" up 2>&- >&- -} - find_name() { - pppoa_ifname="atm0" # hack for ppp over atm, which has no ${proto}_ifname - interfaces="lan wan wifi $(nvram get ifnames)" - for ifname in $interfaces; do + for ifname in lan wan wifi ${ifnames}; do IFTYPE="${ifname}" - IFPROTO="$(nvram get ${IFTYPE}_proto)" - IFACE="$(nvram get ${IFTYPE}_ifname)" + eval "IFPROTO=\"\${${IFTYPE}_proto}\"" + eval "IFACE=\"\${${IFTYPE}_ifname}\"" case "$IFPROTO" in ""|none);; static|dhcp) [ "${IFACE}" = "$INTERFACE" ] && return 0 [ "${IFACE%%[0-9]*}" = "br" ] && { - for part in $(nvram get ${IFTYPE}_ifnames); do + eval "ifs=\"\${${IFTYPE}_ifnames}\"" + for part in $ifs; do [ "$part" = "$INTERFACE" ] && return 0 done } ;; + pppoa) + [ "$INTERFACE" = "atm0" \ + -a -x /sbin/ifup.${IFPROTO} ] && return 0 + ;; *) - [ "$(nvram get ${IFTYPE}_device)" = "$INTERFACE" \ + eval "device=\"\${${IFTYPE}_device}\"" + [ "$device" = "$INTERFACE" \ -a -x /sbin/ifup.${IFPROTO} ] && return 0 ;; esac @@ -39,17 +35,18 @@ find_name() do_ifup() { if="$3" - if_proto="$(nvram get ${2}_proto)" + eval "if_proto=\"\${${2}_proto}\"" pidfile=/var/run/${if}.pid [ -f $pidfile ] && $DEBUG kill $(cat $pidfile) case "$1" in static) - ip=$(nvram get ${2}_ipaddr) - ip6=$(nvram get ${2}_ip6addr) - netmask=$(nvram get ${2}_netmask) - gateway=$(nvram get ${2}_gateway) + eval "ip=\"\${${2}_ipaddr}\"" + eval "ip6=\"\${${2}_ip6addr}\"" + eval "netmask=\"\${${2}_netmask}\"" + eval "gateway=\"\${${2}_gateway}\"" + eval "dns=\"\${${2}_dns}\"" $DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up [ -n "$ip6" ] && $DEBUG ifconfig $if add $ip6 @@ -58,24 +55,25 @@ do_ifup() { [ -f /tmp/resolv.conf ] || { debug "# --- creating /tmp/resolv.conf ---" - for dns in $(nvram get ${2}_dns); do - echo "nameserver $dns" >> /tmp/resolv.conf + for ns in $dns; do + echo "nameserver $ns" >> /tmp/resolv.conf done } env -i ACTION="ifup" INTERFACE="${2}" PROTO=static /sbin/hotplug "iface" & ;; dhcp) - DHCP_IP=$(nvram get ${2}_ipaddr) - DHCP_NETMASK=$(nvram get ${2}_netmask) + eval "ip=\"\${${2}_ipaddr}\"" + eval "netmask=\"\${${2}_netmask}\"" + eval "hostname=\"\${${2}_hostname}\"" + $DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up - DHCP_ARGS="-i $if ${DHCP_IP:+-r $DHCP_IP} -b -p $pidfile" - DHCP_HOSTNAME=$(nvram get ${2}_hostname) - DHCP_HOSTNAME=${DHCP_HOSTNAME%%.*} - [ -z $DHCP_HOSTNAME ] || DHCP_ARGS="$DHCP_ARGS -H $DHCP_HOSTNAME" - [ "$if_proto" = "pptp" ] && DHCP_ARGS="$DHCP_ARGS -n -q" || DHCP_ARGS="$DHCP_ARGS -R &" - ${DEBUG:-eval} "udhcpc $DHCP_ARGS" + args="-i $if ${ip:+-r $ip} -b -p $pidfile" + hostname="${hostname%%.*}" + args="$args${hostname:+ -H $hostname}" + [ "$if_proto" = "pptp" ] && args="$args -n -q" || args="$args -R &" + ${DEBUG:-eval} "udhcpc $args" # hotplug events are handled by /usr/share/udhcpc/default.script ;; *) @@ -88,25 +86,23 @@ do_ifup() { do_register() { - case "${INTERFACE%%[0-9]*}" in - eth) setup_eth;; - esac - [ -z "$IFTYPE" -o -z "$IFPROTO" ] && { find_name || { case "${INTERFACE%%[0-9]*}" in wds) - for tmp in lan wifi; do - [ -z "$IFPROTO" ] && [ "$(nvram get ${tmp}_ifname)" = "br0" ] && { - IFPROTO="$(nvram get ${tmp}_proto)" + for ifname in lan wifi; do + eval "if=\"\${${ifname}_ifname}\"" + [ -z "$IFPROTO" ] && [ "$if" = "br0" ] && { + eval "IFPROTO=\"\${${2}_proto}\"" IFTYPE="${tmp}" } done [ -z "$IFPROTO" ] && return 0 ;; atm) - for tmp in lan wan wifi $(nvram get ifnames); do - [ "$(nvram get ${tmp}_proto)" = "pppoa" ] && { + for tmp in lan wan wifi ${ifnames}; do + eval "if_proto=\"\${${2}_proto}\"" + [ "$if_proto" = "pppoa" ] && { do_ifup "pppoa" "$tmp" "$INTERFACE" return 0 } @@ -122,16 +118,16 @@ do_register() case "${INTERFACE%%[0-9]*}" in ppp|atm);; *) - mac=$(nvram get ${IFTYPE}_hwaddr) + eval "mac=\"\${${IFTYPE}_hwaddr}\"" ${mac:+$DEBUG ifconfig $INTERFACE down hw ether $mac} ;; esac - if="$(nvram get ${IFTYPE}_ifname)" + eval "if=\"\${${IFTYPE}_ifname}\"" if [ "${if%%[0-9]}" = "br" ]; then if_valid "$INTERFACE" && { ifconfig "$if" 2>&- >&- || { - stp=$(nvram get ${IFTYPE}_stp) + eval "stp=\"\${${IFTYPE}_stp}\"" $DEBUG brctl addbr "$if" $DEBUG brctl setfd "$if" 0 $DEBUG brctl stp "$if" "${stp:-0}" @@ -151,8 +147,9 @@ do_register() } do_unregister() { - [ -z "$IFTYPE" -o -z "$IFPROTO" ] && find_name - [ -z "$IFTYPE" -o -z "$IFPROTO" ] && return 0 + [ -z "$IFTYPE" -o -z "$IFPROTO" ] && { + find_name || return 0 + } [ "${IFACE%%[0-9]*}" = "br" ] && { if [ "$INTERFACE" != "$IFACE" ]; then diff --git a/package/base-files/default/etc/init.d/S10boot b/package/base-files/default/etc/init.d/S10boot index 02fddee7b..0cc519d8e 100755 --- a/package/base-files/default/etc/init.d/S10boot +++ b/package/base-files/default/etc/init.d/S10boot @@ -1,14 +1,9 @@ #!/bin/sh -. /etc/nvram.sh - -[ "$(uname -r|grep -c 2.4)" = "1" ] && { - echo "S" > /proc/jffs2_bbc -} +[ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc vconfig set_name_type VLAN_PLUS_VID_NO_PAD -HOSTNAME=$(nvram get wan_hostname) -HOSTNAME=${HOSTNAME%%.*} +HOSTNAME=${wan_hostname%%.*} echo ${HOSTNAME:=OpenWrt}>/proc/sys/kernel/hostname mkdir -p /var/run diff --git a/package/base-files/default/etc/init.d/S40network b/package/base-files/default/etc/init.d/S40network deleted file mode 100755 index 168fd2979..000000000 --- a/package/base-files/default/etc/init.d/S40network +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -. /etc/functions.sh -[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network -case "$1" in - start|restart) -# ifup lan -# ifup wan -# ifup wifi -# wifi up - - for route in $(nvram get static_route); do { - eval "set $(echo $route | sed 's/:/ /g')" - $DEBUG route add -net $1 netmask $2 gw $3 metric $4 dev $5 - } done - ;; -esac diff --git a/package/base-files/default/etc/init.d/S45firewall b/package/base-files/default/etc/init.d/S45firewall deleted file mode 100755 index 8c67d82b1..000000000 --- a/package/base-files/default/etc/init.d/S45firewall +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/sh - -## Please make changes in /etc/firewall.user -${FAILSAFE:+exit} - -. /etc/functions.sh -. /etc/network.overrides -[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network - -WAN=$(nvram get wan_ifname) -LAN=$(nvram get lan_ifname) - -## CLEAR TABLES -for T in filter nat; do - iptables -t $T -F - iptables -t $T -X -done - -iptables -N input_rule -iptables -N output_rule -iptables -N forwarding_rule - -iptables -t nat -N prerouting_rule -iptables -t nat -N postrouting_rule - -### INPUT -### (connections with the router as destination) - - # base case - iptables -P INPUT DROP - iptables -A INPUT -m state --state INVALID -j DROP - iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT - iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j DROP - - # - # insert accept rule or to jump to new accept-check table here - # - iptables -A INPUT -j input_rule - - # allow - iptables -A INPUT ${WAN:+-i \! $WAN} -j ACCEPT # allow from lan/wifi interfaces - iptables -A INPUT -p icmp -j ACCEPT # allow ICMP - iptables -A INPUT -p gre -j ACCEPT # allow GRE - - # reject (what to do with anything not allowed earlier) - iptables -A INPUT -p tcp -j REJECT --reject-with tcp-reset - iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable - -### OUTPUT -### (connections with the router as source) - - # base case - iptables -P OUTPUT DROP - iptables -A OUTPUT -m state --state INVALID -j DROP - iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT - - # - # insert accept rule or to jump to new accept-check table here - # - iptables -A OUTPUT -j output_rule - - # allow - iptables -A OUTPUT -j ACCEPT #allow everything out - - # reject (what to do with anything not allowed earlier) - iptables -A OUTPUT -p tcp -j REJECT --reject-with tcp-reset - iptables -A OUTPUT -j REJECT --reject-with icmp-port-unreachable - -### FORWARDING -### (connections routed through the router) - - # base case - iptables -P FORWARD DROP - iptables -A FORWARD -m state --state INVALID -j DROP - iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu - iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT - - # - # insert accept rule or to jump to new accept-check table here - # - iptables -A FORWARD -j forwarding_rule - - # allow - iptables -A FORWARD -i br0 -o br0 -j ACCEPT - [ -z "$WAN" ] || iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT - - # reject (what to do with anything not allowed earlier) - # uses the default -P DROP - -### MASQ - iptables -t nat -A PREROUTING -j prerouting_rule - iptables -t nat -A POSTROUTING -j postrouting_rule - [ -z "$WAN" ] || iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE - -## USER RULES -[ -f /etc/firewall.user ] && . /etc/firewall.user diff --git a/package/base-files/default/etc/init.d/S50telnet b/package/base-files/default/etc/init.d/S50telnet index ff5659ed4..fb9687c8a 100755 --- a/package/base-files/default/etc/init.d/S50telnet +++ b/package/base-files/default/etc/init.d/S50telnet @@ -1,2 +1,2 @@ #!/bin/sh -if awk -F: '/^root:/ && $2 !~ /\!/ {exit 1}' /etc/passwd 2>/dev/null || test $FAILSAFE; then telnetd -l /bin/login; fi +if awk -F: '/^root:/ && $2 !~ /\!/ {exit 1}' /etc/passwd 2>/dev/null; then telnetd -l /bin/login; fi diff --git a/package/base-files/default/etc/init.d/S60cron b/package/base-files/default/etc/init.d/S60cron index 6069b8177..175273426 100755 --- a/package/base-files/default/etc/init.d/S60cron +++ b/package/base-files/default/etc/init.d/S60cron @@ -1,6 +1,4 @@ #!/bin/sh -[ -d /etc/crontabs ] || mkdir -p /etc/crontabs -[ -e /var/spool/cron/crontabs ] || { - mkdir -p /var/spool/cron - ln -s /etc/crontabs /var/spool/cron/crontabs -} && crond -c /etc/crontabs +mkdir -p /var/spool/cron +ln -s /etc/crontabs /var/spool/cron/crontabs +crond -c /etc/crontabs diff --git a/package/base-files/default/etc/init.d/S98done b/package/base-files/default/etc/init.d/S98done new file mode 100755 index 000000000..5d5ab49ce --- /dev/null +++ b/package/base-files/default/etc/init.d/S98done @@ -0,0 +1,9 @@ +#!/bin/sh +sysctl -p >&- + +# automagically run firstboot +{ mount|grep "on / type tmpfs" 1>&-; } && { + lock /tmp/.switch2jffs + firstboot switch2jffs + lock -u /tmp/.switch2jffs +} diff --git a/package/base-files/default/etc/init.d/S99done b/package/base-files/default/etc/init.d/S99done deleted file mode 100755 index a260ac3d6..000000000 --- a/package/base-files/default/etc/init.d/S99done +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -# set leds to normal state -[ -f /proc/sys/diag ] && echo "0x00" > /proc/sys/diag -sysctl -p >&- diff --git a/package/base-files/default/etc/init.d/rcS b/package/base-files/default/etc/init.d/rcS index 10079c593..b38e44978 100755 --- a/package/base-files/default/etc/init.d/rcS +++ b/package/base-files/default/etc/init.d/rcS @@ -1,8 +1,10 @@ #!/bin/sh -. /etc/nvram.sh -syslog_ip=$(nvram get log_ipaddr) -ipcalc -s "$syslog_ip" || syslog_ip="" -syslogd -C 16 ${syslog_ip:+-L -R $syslog_ip} +${FAILSAFE:+exit} + +[ -f /etc/config/network ] && . /etc/config/network +eval $(ipcalc "$log_ipaddr") +[ "$log_ipaddr" = "$IP" ] || log_ipaddr="" +syslogd -C 16 ${log_ipaddr:+-L -R $log_ipaddr} klogd #${FAILSAFE:+telnetd -l /bin/login; ifup lan; exit} for i in /etc/init.d/S*; do diff --git a/package/base-files/default/etc/inittab b/package/base-files/default/etc/inittab index 5916311e1..39e134cb1 100644 --- a/package/base-files/default/etc/inittab +++ b/package/base-files/default/etc/inittab @@ -1,4 +1,3 @@ ::sysinit:/etc/init.d/rcS -::shutdown:/sbin/halt tts/0::askfirst:/bin/ash --login #tts/1::askfirst:/bin/ash --login diff --git a/package/base-files/default/etc/preinit b/package/base-files/default/etc/preinit index ac9039ca7..5b676ca3a 100755 --- a/package/base-files/default/etc/preinit +++ b/package/base-files/default/etc/preinit @@ -1,24 +1,11 @@ #!/bin/sh -. /etc/nvram.sh export PATH=/bin:/sbin:/usr/bin:/usr/sbin mount none /proc -t proc -insmod diag -[ -f /proc/sys/diag ] && echo 0x01 > /proc/sys/diag -sleep 1 -if [ -f /proc/sys/reset ] && [ $(cat /proc/sys/reset) = 1 -o "$(nvram get failsafe)" = 1 ]; then - export FAILSAFE=true - [ -x /usr/sbin/nvram -a "$(nvram get boot_wait)" != "on" ] && { - nvram set boot_wait=on - nvram commit - } - while :; do { echo $(((X=(X+1)%8)%2)) > /proc/sys/diag; sleep $((X==0)); } done & -fi -mount_root ${FAILSAFE:+failsafe} - -# automagically run firstboot -[ -z "$FAILSAFE" -a -z "$(nvram get no_root_swap)" ] && { - { mount|grep "on / type jffs2" 1>&-; } || firstboot +[ -f /etc/preinit.arch ] && . /etc/preinit.arch +[ -z "$FAILSAFE" ] || { + echo /bin/true > /proc/sys/kernel/hotplug + telnetd -l /bin/login <> /dev/null 2>&1 } - +mount_root ${FAILSAFE:+failsafe} exec /sbin/init diff --git a/package/base-files/default/sbin/halt b/package/base-files/default/sbin/halt deleted file mode 100755 index 39eed2612..000000000 --- a/package/base-files/default/sbin/halt +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -/usr/bin/killall5 -9 -#umount -ar diff --git a/package/base-files/default/sbin/hotplug b/package/base-files/default/sbin/hotplug index 3500f7520..106299343 100755 --- a/package/base-files/default/sbin/hotplug +++ b/package/base-files/default/sbin/hotplug @@ -1,4 +1,7 @@ #!/bin/sh + +# bypass the normal hotplug path for firmware loading +# would otherwise cause problems with drivers like bcm43xx [ "$1" = "firmware" -a "$ACTION" = "add" ] && { [ -f "/lib/firmware/$FIRMWARE" ] && { echo 1 > "/sys$DEVPATH/loading" @@ -8,13 +11,8 @@ exit 0 } -[ -e /tmp/.failsafe ] && { - export FAILSAFE=true -} || { - [ -e /etc/config/network ] && . /etc/config/network -} . /etc/functions.sh -. /etc/network.overrides +. /etc/config/network PATH=/bin:/sbin:/usr/bin:/usr/sbin LOGNAME=root diff --git a/package/base-files/default/sbin/ifdown b/package/base-files/default/sbin/ifdown index d0120dcbe..0d85ca8ea 100755 --- a/package/base-files/default/sbin/ifdown +++ b/package/base-files/default/sbin/ifdown @@ -1,26 +1,18 @@ #!/bin/sh [ $# = 0 ] && { echo " $0 "; exit; } . /etc/functions.sh -. /etc/network.overrides -[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network +. /etc/config/network debug "### ifdown $type ###" type=$1 -if_proto=$(nvram get ${type}_proto) -if=$(nvram get ${type}_ifname) +eval "if_proto=\"\${${type}_proto}\"" +eval "if=\"\${${type}_ifname}\"" +[ "${if%%[0-9]}" = "ppp" ] && eval "if=\"\${${type}_device}\"" case "$if_proto" in pppoa) hotplug_dev unregister atm0; exit 0 ;; ""|none) exit 0;; esac -[ "${if%%[0-9]*}" = "ppp" ] && if="$(nvram get ${type}_device)" - -if [ "${if%%[0-9]}" = "br" ]; then - for sif in $(nvram get ${type}_ifnames); do - hotplug_dev unregister "$sif" - done -fi - hotplug_dev unregister "$if" diff --git a/package/base-files/default/sbin/ifup b/package/base-files/default/sbin/ifup index 8ae641668..a86a7671e 100755 --- a/package/base-files/default/sbin/ifup +++ b/package/base-files/default/sbin/ifup @@ -1,32 +1,34 @@ #!/bin/sh [ $# = 0 ] && { echo " $0 "; exit; } . /etc/functions.sh -. /etc/network.overrides -[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network +. /etc/config/network ifdown $1 debug "### ifup $type ###" type=$1 -if_proto=$(nvram get ${type}_proto) -if=$(nvram get ${type}_ifname) +eval "if_proto=\"\${${type}_proto}\"" +eval "if=\"\${${type}_ifname}\"" +[ "${if%%[0-9]}" = "ppp" ] && eval "if=\"\${${type}_device}\"" case "$if_proto" in pppoa) hotplug_dev register atm0; exit 0 ;; pppoe) - ifconfig nas0 2>&- >&- || { - hotplug_dev register atm0 - exit 0 + # PPPoE over ATM + [ "$if" = "nas0" ] && { + ifconfig nas0 2>&- >&- || { + hotplug_dev register atm0 + exit 0 + } } ;; none|"") exit 0;; esac -[ "${if%%[0-9]*}" = "ppp" ] && if="$(nvram get ${type}_device)" - if [ "${if%%[0-9]}" = "br" ]; then - for sif in $(nvram get ${type}_ifnames); do + eval "ifnames=\"\${${type}_ifnames}\"" + for sif in $ifnames; do hotplug_dev register "$sif" done else diff --git a/package/base-files/default/sbin/mount_root b/package/base-files/default/sbin/mount_root index 427ff0444..38252e83f 100755 --- a/package/base-files/default/sbin/mount_root +++ b/package/base-files/default/sbin/mount_root @@ -1,40 +1,34 @@ #!/bin/sh -. /etc/nvram.sh -is_clean() { - grep Broadcom /proc/cpuinfo 2>&- >&- || return 0 - OFFSET="$((0x$(dd if=/dev/mtdblock/1 bs=1 skip=$((0x14)) count=2 2>&- | hexdump | grep 0000000 | cut -d ' ' -f 2) - 1))" - dd if=/dev/mtdblock/1 bs=1 skip=$OFFSET count=1 2>&- | hexdump -v | grep ' 0000' > /dev/null && return 255 || return 0 +is_dirty() { + grep Broadcom /proc/cpuinfo >&- || return 1 + OFFSET="$(($(hexdump -v /dev/mtdblock/1 -s 20 -n 2 -e '"%d"')-1))" + return $(hexdump -v /dev/mtdblock/1 -s $OFFSET -n 1 -e '"%d"') } +size=$(awk '/Mem:/ {l=5242880;print((s=$2/2)&- if [ $? = 0 ] ; then if [ $(cat /proc/mtd | wc -l) = 6 ]; then - echo 5 > /proc/sys/diag - mtd unlock linux mtd erase OpenWrt jffs2root --move else - mtd unlock rootfs mount -o remount,rw /dev/root / fi else - if [ -z "$(nvram get no_root_swap)" ]; then - is_clean || { - mtd erase OpenWrt - mtd unlock linux - jffs2root --clean - } - mtd unlock OpenWrt - mount -t jffs2 /dev/mtdblock/4 /jffs - pivot_root /jffs /jffs/rom - mount none /proc -t proc - mount none /dev -t devfs - umount /rom/proc /rom/dev >&- - fi + . /bin/firstboot + is_dirty + [ $? != 0 ] && { + mount /dev/mtdblock/4 /jffs + pivot /jffs /rom + } || ramoverlay fi fi -mount none /tmp -t tmpfs -o nosuid,nodev,mode=1777,size=50% + +mount none /tmp -t tmpfs -o remount,nosuid,nodev,mode=1777 mkdir -p /dev/pts mount none /dev/pts -t devpts -grep sysfs /proc/filesystems >&- && mount -t sysfs none /sys +mount -t sysfs none /sys 2>&- diff --git a/package/base-files/default/usr/lib/common.awk b/package/base-files/default/usr/lib/common.awk new file mode 100644 index 000000000..63a8cf23d --- /dev/null +++ b/package/base-files/default/usr/lib/common.awk @@ -0,0 +1,66 @@ +function portstr(type, str) { + gsub(/-/, ":", str) + if (insmod_mport != 1) { + print "insmod ipt_multiport >&- 2>&-" + insmod_mport = 1 + } + if (type == "src") return " -m multiport --sports " str + else return " -m multiport --dports " str +} + +function str2ipt(str) { + str2data(str) + _cmd = "" + if (_l["src"] != "") _cmd = _cmd " -s " _l["src"] + if (_l["dest"] != "") _cmd = _cmd " -d " _l["dest"] + if (_l["proto"] != "") { + _cmd = _cmd " -p " _l["proto"] + } + # scripts need to check for proto="" and emit two rules in that case + if ((_l["proto"] == "") || (_l["proto"] == "tcp") || (_l["proto"] == "udp")) { + if (_l["sport"] != "") _cmd = _cmd portstr("src", _l["sport"]) + if (_l["dport"] != "") _cmd = _cmd portstr("dest", _l["dport"]) + } + if (_l["layer7"] != "") { + if (insmod_l7 != 1) { + print "insmod ipt_layer7 >&- 2>&-" + insmod_l7 = 1 + } + _cmd = _cmd " -m layer7 --l7proto " _l["layer7"] + } + return _cmd +} + +function str2data(str) { + delete _l + _n = split(str, _o, "[\t ]") + for (_i = 1; _i <= _n; _i++) { + _n2 = split(_o[_i], _c, "=") + if (_n2 == 2) _l[_c[1]] = _c[2] + } +} + +function bitcount(c) { + c=and(rshift(c, 1),0x55555555)+and(c,0x55555555) + c=and(rshift(c, 2),0x33333333)+and(c,0x33333333) + c=and(rshift(c, 4),0x0f0f0f0f)+and(c,0x0f0f0f0f) + c=and(rshift(c, 8),0x00ff00ff)+and(c,0x00ff00ff) + c=and(rshift(c,16),0x0000ffff)+and(c,0x0000ffff) + return c +} + +function validate_netmask(nm) { + return and(-nm,compl(nm)) +} + +function ip2int(ip) { + for (ret=0,n=split(ip,a,"\."),x=1;x<=n;x++) ret=or(lshift(ret,8),a[x]) + return ret +} + +function int2ip(ip,ret,x) { + ret=and(ip,255) + ip=rshift(ip,8) + for(;x<3;ret=and(ip,255)"."ret,ip=rshift(ip,8),x++); + return ret +} diff --git a/package/base-files/default/usr/lib/parse-config.awk b/package/base-files/default/usr/lib/parse-config.awk new file mode 100644 index 000000000..bde5c0072 --- /dev/null +++ b/package/base-files/default/usr/lib/parse-config.awk @@ -0,0 +1,40 @@ +{ + line=$0 + gsub(/^[ \t]*/, "") + gsub(/[ \t]*$/, "") +} + +$1 == "@define" { + v[$2] = $3 +} + +$1 == "@ifdef" { + if_open = 1 + if (v[$2] != "") noprint = 0 + else noprint = 1 +} + +$1 == "@ifndef" { + if_open = 1 + if (v[$2] != "") noprint = 1 + else noprint = 0 +} + +$1 == "@else" { + if (noprint == 1) noprint = 0 + else noprint = 1 +} + +($1 !~ /^@/) && (noprint != 1) { + n=split(line "@@", a, /@@/) + for (i=1; i<=n; i++) { + if ((i % 2) == 1) printf a[i] + else printf v[a[i]] + } + print "" +} + +$1 == "@endif" { + if_open = 0 + noprint = 0 +} diff --git a/package/base-files/default/usr/share/udhcpc/default.script b/package/base-files/default/usr/share/udhcpc/default.script index 42d3eaf0c..4604648e6 100755 --- a/package/base-files/default/usr/share/udhcpc/default.script +++ b/package/base-files/default/usr/share/udhcpc/default.script @@ -1,18 +1,17 @@ #!/bin/sh [ -z "$1" ] && echo "Error: should be run by udhcpc" && exit 1 +. /etc/config/network RESOLV_CONF="/tmp/resolv.conf" hotplug_event() { - nvram show 2>&- | grep _proto=dhcp | { - while :; do - read FOO - [ -z "$FOO" ] && break - FOO="${FOO%%_*}" - [ "$(nvram get ${FOO}_ifname)" = "${interface}" ] || continue - env -i ACTION="$1" INTERFACE="${FOO}" PROTO=dhcp /sbin/hotplug iface - done - } + for ifname in lan wan wifi ${ifnames}; do + eval "proto=\"\${${ifname}_proto}\"" + eval "if=\"\${${ifname}_ifname}\"" + [ "$proto" = "dhcp" ] || continue + [ "$if" = "$interface" ] || continue + env -i ACTION="$1" INTERFACE="$ifname" PROTO=dhcp /sbin/hotplug iface + done } case "$1" in @@ -26,22 +25,20 @@ case "$1" in broadcast ${broadcast:-+} if [ -n "$router" ] ; then - - if [ "$router" != "$(route -n | grep '^0.0.0.0' | grep $interface | awk '{ print $2 }')" ] ; then - while route del default gw 0.0.0.0 dev $interface 2>&- ; do - echo "removing old default route" - done - for i in $router ; do - route add default gw $i dev $interface - done - fi + echo "deleting routers" + while route del default gw 0.0.0.0 dev $interface >&- 2>&- ; do :; done + + for i in $router ; do + echo "adding router $i" + route add default gw $i dev $interface + done fi echo -n > $RESOLV_CONF ${domain:+echo search $domain} >> $RESOLV_CONF for i in $dns ; do - echo adding dns $i - echo nameserver $i >> $RESOLV_CONF + echo "adding dns $i" + echo "nameserver $i" >> $RESOLV_CONF done hotplug_event ifup diff --git a/package/busybox/config/miscutils/Config.in b/package/busybox/config/miscutils/Config.in index 1ffb8c653..404170188 100644 --- a/package/busybox/config/miscutils/Config.in +++ b/package/busybox/config/miscutils/Config.in @@ -209,6 +209,12 @@ config BUSYBOX_CONFIG_FEATURE_HDPARM_HDIO_GETSET_DMA Enables the 'hdparm -d' option to get/set using_dma flag. This is dangerous stuff, so you should probably say N. +config BUSYBOX_CONFIG_LOCK + bool "lock" + default y + help + Small utility for using locks in scripts + config BUSYBOX_CONFIG_MAKEDEVS bool "makedevs" default n diff --git a/package/busybox/config/networking/Config.in b/package/busybox/config/networking/Config.in index 14e6b5f79..7e280b76e 100644 --- a/package/busybox/config/networking/Config.in +++ b/package/busybox/config/networking/Config.in @@ -395,14 +395,14 @@ endif config BUSYBOX_CONFIG_IPCALC bool "ipcalc" - default y + default n help ipcalc takes an IP address and netmask and calculates the resulting broadcast, network, and host range. config BUSYBOX_CONFIG_FEATURE_IPCALC_FANCY bool " Fancy IPCALC, more options, adds 1 kbyte" - default y + default n depends on BUSYBOX_CONFIG_IPCALC help Adds the options hostname, prefix and silent to the output of "ipcalc". diff --git a/package/busybox/patches/220-awk_bitops.patch b/package/busybox/patches/220-awk_bitops.patch new file mode 100644 index 000000000..2b8572913 --- /dev/null +++ b/package/busybox/patches/220-awk_bitops.patch @@ -0,0 +1,61 @@ +--- busybox-1.00/editors/awk.c.orig 2004-09-24 05:24:27 -04:00 ++++ busybox-1.00/editors/awk.c 2006-03-08 02:16:52 -05:00 +@@ -271,7 +271,8 @@ + /* builtins */ + enum { + B_a2=0, B_ix, B_ma, B_sp, B_ss, B_ti, B_lo, B_up, +- B_ge, B_gs, B_su ++ B_ge, B_gs, B_su, ++ B_an, B_co, B_ls, B_or, B_rs, B_xo, + }; + + /* tokens and their corresponding info values */ +@@ -311,6 +312,8 @@ + "\5while" NTC + "\4else" NTC + ++ "\3and" "\5compl" "\6lshift" "\2or" ++ "\6rshift" "\3xor" + "\5close" "\6system" "\6fflush" "\5atan2" /* BUILTIN */ + "\3cos" "\3exp" "\3int" "\3log" + "\4rand" "\3sin" "\4sqrt" "\5srand" +@@ -364,6 +367,8 @@ + ST_WHILE, + 0, + ++ OC_B|B_an|P(0x83), OC_B|B_co|P(0x41), OC_B|B_ls|P(0x83), OC_B|B_or|P(0x83), ++ OC_B|B_rs|P(0x83), OC_B|B_xo|P(0x83), + OC_FBLTIN|Sx|F_cl, OC_FBLTIN|Sx|F_sy, OC_FBLTIN|Sx|F_ff, OC_B|B_a2|P(0x83), + OC_FBLTIN|Nx|F_co, OC_FBLTIN|Nx|F_ex, OC_FBLTIN|Nx|F_in, OC_FBLTIN|Nx|F_lg, + OC_FBLTIN|F_rn, OC_FBLTIN|Nx|F_si, OC_FBLTIN|Nx|F_sq, OC_FBLTIN|Nx|F_sr, +@@ -1942,6 +1947,30 @@ + strncpy(s, as[0]+i, n); + s[n] = '\0'; + setvar_p(res, s); ++ break; ++ ++ case B_an: ++ setvar_i(res, (long)getvar_i(av[0]) & (long)getvar_i(av[1])); ++ break; ++ ++ case B_co: ++ setvar_i(res, ~(long)getvar_i(av[0])); ++ break; ++ ++ case B_ls: ++ setvar_i(res, (long)getvar_i(av[0]) << (long)getvar_i(av[1])); ++ break; ++ ++ case B_or: ++ setvar_i(res, (long)getvar_i(av[0]) | (long)getvar_i(av[1])); ++ break; ++ ++ case B_rs: ++ setvar_i(res, (long)((unsigned long)getvar_i(av[0]) >> (unsigned long)getvar_i(av[1]))); ++ break; ++ ++ case B_xo: ++ setvar_i(res, (long)getvar_i(av[0]) ^ (long)getvar_i(av[1])); + break; + + case B_lo: diff --git a/package/busybox/patches/230-passwd_salt.patch b/package/busybox/patches/230-passwd_salt.patch new file mode 100644 index 000000000..0322a9843 --- /dev/null +++ b/package/busybox/patches/230-passwd_salt.patch @@ -0,0 +1,13 @@ +--- busybox-1.00/loginutils/passwd.c 2006-03-26 06:07:37 -05:00 ++++ busybox-1.00/loginutils/passwd.c 2006-03-26 06:09:03 -05:00 +@@ -386,7 +386,9 @@ + bzero(orig, sizeof(orig)); + + if (algo == 1) { +- cp = pw_encrypt(pass, "$1$"); ++ char salt[6]="$1$\0\0\0"; ++ memcpy(salt+3,crypt_make_salt(),3); ++ cp = pw_encrypt(pass, salt); + } else + cp = pw_encrypt(pass, crypt_make_salt()); + bzero(pass, sizeof pass); diff --git a/package/busybox/patches/340-lock_util.patch b/package/busybox/patches/340-lock_util.patch new file mode 100644 index 000000000..f5c0c2e89 --- /dev/null +++ b/package/busybox/patches/340-lock_util.patch @@ -0,0 +1,167 @@ +diff -urN busybox.old/include/applets.h busybox.dev/include/applets.h +--- busybox.old/include/applets.h 2006-04-05 01:06:29.000000000 +0200 ++++ busybox.dev/include/applets.h 2006-04-05 01:19:09.000000000 +0200 +@@ -167,6 +167,7 @@ + USE_LN(APPLET(ln, ln_main, _BB_DIR_BIN, _BB_SUID_NEVER)) + USE_LOADFONT(APPLET(loadfont, loadfont_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) + USE_LOADKMAP(APPLET(loadkmap, loadkmap_main, _BB_DIR_SBIN, _BB_SUID_NEVER)) ++USE_LOCK(APPLET_NOUSAGE(lock, lock_main, _BB_DIR_BIN, _BB_SUID_NEVER)) + USE_LOGGER(APPLET(logger, logger_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) + USE_LOGIN(APPLET(login, login_main, _BB_DIR_BIN, _BB_SUID_ALWAYS)) + USE_LOGNAME(APPLET(logname, logname_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +diff -urN busybox.old/miscutils/Config.in busybox.dev/miscutils/Config.in +--- busybox.old/miscutils/Config.in 2006-03-22 22:16:24.000000000 +0100 ++++ busybox.dev/miscutils/Config.in 2006-04-05 01:07:12.000000000 +0200 +@@ -209,6 +209,12 @@ + Enables the 'hdparm -d' option to get/set using_dma flag. + This is dangerous stuff, so you should probably say N. + ++config CONFIG_LOCK ++ bool "lock" ++ default y ++ help ++ Small utility for using locks in scripts ++ + config CONFIG_MAKEDEVS + bool "makedevs" + default n +diff -urN busybox.old/miscutils/Makefile.in busybox.dev/miscutils/Makefile.in +--- busybox.old/miscutils/Makefile.in 2006-03-22 22:16:24.000000000 +0100 ++++ busybox.dev/miscutils/Makefile.in 2006-04-05 01:10:50.000000000 +0200 +@@ -20,6 +20,7 @@ + MISCUTILS-$(CONFIG_EJECT) += eject.o + MISCUTILS-$(CONFIG_HDPARM) += hdparm.o + MISCUTILS-$(CONFIG_LAST) += last.o ++MISCUTILS-$(CONFIG_LOCK) += lock.o + MISCUTILS-${CONFIG_LESS} += less.o + MISCUTILS-$(CONFIG_MAKEDEVS) += makedevs.o + MISCUTILS-$(CONFIG_MOUNTPOINT) += mountpoint.o +diff -urN busybox.old/miscutils/lock.c busybox.dev/miscutils/lock.c +--- busybox.old/miscutils/lock.c 1970-01-01 01:00:00.000000000 +0100 ++++ busybox.dev/miscutils/lock.c 2006-04-05 01:07:12.000000000 +0200 +@@ -0,0 +1,125 @@ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include "busybox.h" ++ ++static int unlock = 0; ++static int shared = 0; ++static int waitonly = 0; ++static int fd; ++static char *file; ++ ++static void usage(char *name) ++{ ++ fprintf(stderr, "Usage: %s [-suw] \n" ++ " -s Use shared locking\n" ++ " -u Unlock\n" ++ " -w Wait for the lock to become free, don't acquire lock\n" ++ "\n", name); ++ exit(1); ++} ++ ++static void exit_unlock(int sig) ++{ ++ flock(fd, LOCK_UN); ++ unlink(file); ++ exit(0); ++} ++ ++static int do_unlock(void) ++{ ++ FILE *f; ++ int i; ++ ++ f = fopen(file, "r"); ++ fscanf(f, "%d", &i); ++ if (i > 0) ++ kill(i, SIGTERM); ++ fclose(f); ++ ++ return 0; ++} ++ ++static int do_lock(void) ++{ ++ int pid; ++ char pidstr[8]; ++ ++ if ((fd = open(file, O_RDWR | O_CREAT, 0700)) < 0) { ++ fprintf(stderr, "Can't open %s\n", file); ++ return 1; ++ } ++ ++ if (flock(fd, (shared ? LOCK_SH : LOCK_EX)) < 0) { ++ fprintf(stderr, "Can't lock %s\n", file); ++ return 1; ++ } ++ ++ pid = fork(); ++ ++ if (pid < 0) ++ return -1; ++ ++ if (pid == 0) { ++ signal(SIGKILL, exit_unlock); ++ signal(SIGTERM, exit_unlock); ++ signal(SIGINT, exit_unlock); ++ if (waitonly) ++ exit_unlock(0); ++ else ++ while (1) ++ sleep(1); ++ } else { ++ if (!waitonly) { ++ lseek(fd, 0, SEEK_SET); ++ ftruncate(fd, 0); ++ sprintf(pidstr, "%d\n", pid); ++ write(fd, pidstr, strlen(pidstr)); ++ close(fd); ++ } ++ ++ return 0; ++ } ++} ++ ++#ifndef CONFIG_LOCK ++int main(int argc, char **argv) ++#else ++int lock_main(int argc, char **argv) ++#endif ++{ ++ char **args = &argv[1]; ++ int c = argc - 1; ++ ++ while ((*args != NULL) && (*args)[0] == '-') { ++ char *ch = *args; ++ while (*(++ch) > 0) { ++ switch(*ch) { ++ case 'w': ++ waitonly = 1; ++ break; ++ case 's': ++ shared = 1; ++ break; ++ case 'u': ++ unlock = 1; ++ break; ++ } ++ } ++ c--; ++ args++; ++ } ++ ++ if (c != 1) ++ usage(argv[0]); ++ ++ file = *args; ++ if (unlock) ++ return do_unlock(); ++ else ++ return do_lock(); ++} diff --git a/package/dnsmasq/Makefile b/package/dnsmasq/Makefile index 393f0f014..88bd9f21b 100644 --- a/package/dnsmasq/Makefile +++ b/package/dnsmasq/Makefile @@ -31,6 +31,6 @@ $(IPKG_DNSMASQ): $(STRIP) $(IDIR_DNSMASQ)/usr/sbin/* install -d -m0755 $(IDIR_DNSMASQ)/etc/init.d/ install -m0644 ./files/dnsmasq.conf $(IDIR_DNSMASQ)/etc/dnsmasq.conf - install -m0755 ./files/S50dnsmasq $(IDIR_DNSMASQ)/etc/init.d/S50dnsmasq + install -m0755 ./files/dnsmasq.init $(IDIR_DNSMASQ)/etc/init.d/S50dnsmasq $(IPKG_BUILD) $(IDIR_DNSMASQ) $(PACKAGE_DIR) diff --git a/package/dnsmasq/files/S50dnsmasq b/package/dnsmasq/files/S50dnsmasq deleted file mode 100755 index 17e331fac..000000000 --- a/package/dnsmasq/files/S50dnsmasq +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh -. /etc/functions.sh -. /etc/network.overrides -[ "$FAILSAFE" != "true" -a -e /etc/config/network ] && . /etc/config/network - -# interface to use for DHCP -iface=lan - -ifname=$(nvram get ${iface}_ifname) -ipaddr=$(nvram get ${iface}_ipaddr) -netmask=$(nvram get ${iface}_netmask) - -# check for existing DHCP server -udhcpc -n -q -R -s /bin/true -i $ifname >&- || { - - ipaddr=$(ip2int $ipaddr) - netmask=$(ip2int ${netmask:-255.255.255.0}) - network=$((ipaddr&netmask)) - - start=$(nvram get dhcp_start) - start=$((network+${start:-100})) - end=$(nvram get dhcp_num) - end=$((start+${end:-150})) - - wanproto=$(nvram get wan_proto) - [ -z "$wanproto" -o "$wanproto" = "none" ] || wanif=$(nvram get wan_ifname) - - args="-K -F $(int2ip $start),$(int2ip $end),$(int2ip $netmask),12h ${wanif:+-I ${wanif} }" -} -dnsmasq ${args} diff --git a/package/dnsmasq/files/dnsmasq.conf b/package/dnsmasq/files/dnsmasq.conf index d4a9f082c..7aed3a3da 100644 --- a/package/dnsmasq/files/dnsmasq.conf +++ b/package/dnsmasq/files/dnsmasq.conf @@ -9,9 +9,15 @@ local=/lan/ domain=lan expand-hosts +@ifdef dhcp_enable +dhcp-range=@@start@@,@@end@@,@@netmask@@,@@lease@@ +@endif +@ifdef wan_ifname +except-interface=@@wan_ifname@@ +@endif + # enable dhcp (start,end,netmask,leasetime) dhcp-authoritative -#dhcp-range=192.168.1.100,192.168.1.250,255.255.255.0,12h dhcp-leasefile=/tmp/dhcp.leases # use /etc/ethers for static hosts; same format as --dhcp-host diff --git a/package/dnsmasq/files/dnsmasq.init b/package/dnsmasq/files/dnsmasq.init new file mode 100644 index 000000000..17ef43c3d --- /dev/null +++ b/package/dnsmasq/files/dnsmasq.init @@ -0,0 +1,45 @@ +#!/bin/sh +. /etc/config/network + +# The following is to automatically configure the DHCP settings +# based on config settings. Feel free to replace all this crap +# with a simple "dnsmasq" and manage everything via the +# /etc/dnsmasq.conf config file + +[ -f /etc/dnsmasq.conf ] || exit + +args="" +iface=lan +eval "ifname=\${${iface}_ifname}" + +dhcp_enable="${dhcp_enable:-1}" +dhcp_start="${dhcp_start:-100}" +dhcp_num="${dhcp_num:-50}" +dhcp_lease="${dhcp_lease:-12h}" + +# if dhcp_enable is unset and there is a dhcp server on the network already, default to dhcp_enable=0 +[ -z "$dhcp_enable" ] && udhcpc -n -q -R -s /bin/true -i $ifname >&- && dhcp_enable="${dhcp_enable:-0}" + +# dhcp_enable=0 disables the dhcp server +( + [ -z "$dhcp_enable" -o "$dhcp_enable" -eq 1 ] && { + # no existing DHCP server? + + # calculate settings + eval "ipaddr=\${${iface}_ipaddr}" + eval "netmask=\${${iface}_netmask}" + eval $(ipcalc $ipaddr $netmask ${dhcp_start:-100} ${dhcp_num:-150}) + + # and pass the args via config parser defines + echo "@define dhcp_enable 1" + echo "@define netmask $NETMASK" + echo "@define start $START" + echo "@define end $END" + echo "@define lease ${dhcp_lease:-12h}" + } + + # ignore requests from wan interface + [ -z "$wan_proto" -o "$wan_proto" = "none" ] || echo "@define wan_ifname $wan_ifname" + + cat /etc/dnsmasq.conf +) | awk -f /usr/lib/parse-config.awk | dnsmasq -C /proc/self/fd/0 diff --git a/package/ez-ipupdate/files/ez-ipupdate.hotplug b/package/ez-ipupdate/files/ez-ipupdate.hotplug index eb7ab326c..c305458b1 100644 --- a/package/ez-ipupdate/files/ez-ipupdate.hotplug +++ b/package/ez-ipupdate/files/ez-ipupdate.hotplug @@ -1,10 +1,10 @@ -. /etc/functions.sh NAME=ez-ipupdate CONFIG=/etc/$NAME.conf COMMAND=/usr/sbin/$NAME + [ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && { [ -x $COMMAND ] && [ -r $CONFIG ] && { - IFNAME=$(nvram get ${INTERFACE}_ifname) - $COMMAND -c $CONFIG -i $IFNAME 2>&1 | logger -t $NAME + eval "ifname=\"\${${INTERFACE}_ifname}\"" + $COMMAND -c $CONFIG -i $ifname 2>&1 | logger -t $NAME } & } diff --git a/package/iptables/Makefile b/package/iptables/Makefile index 298a9a9e0..f16ac8be4 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -72,6 +72,13 @@ $(PKG_BUILD_DIR)/.built: touch $@ $(IPKG_IPTABLES): + install -d -m0755 $(IDIR_IPTABLES)/etc/config + install -m0644 ./files/firewall.config $(IDIR_IPTABLES)/etc/config/firewall + install -d -m0755 $(IDIR_IPTABLES)/etc/init.d + install -m0755 ./files/firewall.init $(IDIR_IPTABLES)/etc/init.d/S45firewall + install -m0755 ./files/firewall.user $(IDIR_IPTABLES)/etc/ + install -d -m0755 $(IDIR_IPTABLES)/usr/lib + install -m0644 ./files/firewall.awk $(IDIR_IPTABLES)/usr/lib install -d -m0755 $(IDIR_IPTABLES)/usr/sbin $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables $(IDIR_IPTABLES)/usr/sbin/ install -d -m0755 $(IDIR_IPTABLES)/usr/lib/iptables diff --git a/package/iptables/files/firewall.awk b/package/iptables/files/firewall.awk new file mode 100644 index 000000000..1b63f8386 --- /dev/null +++ b/package/iptables/files/firewall.awk @@ -0,0 +1,64 @@ +BEGIN { + print "proto=\"$wan_proto\"" + print "[ -z \"$proto\" -o \"$proto\" = \"none\" ] && exit" + print "ifname=\"$wan_ifname\"" + print "[ -z \"$ifname\" ] && exit" + print "" + print "iptables -X input_$ifname 2>&- >&-" + print "iptables -N input_$ifname" + print "iptables -X forward_$ifname 2>&- >&-" + print "iptables -N forward_$ifname" + print "iptables -t nat -X prerouting_$ifname 2>&- >&-" + print "iptables -t nat -N prerouting_$ifname" + print "" + print "iptables -A input_rule -i \"$ifname\" -j input_$ifname" + print "iptables -A forwarding_rule -i \"$ifname\" -j forward_$ifname" + print "iptables -t nat -A prerouting_rule -i \"$ifname\" -j prerouting_$ifname" + print "" + FS=":" +} + +($1 == "accept") || ($1 == "drop") || ($1 == "forward") { + delete _opt + str2data($2) + if ((_l["proto"] == "") && (_l["sport"] _l["dport"] != "")) { + _opt[0] = " -p tcp" + _opt[1] = " -p udp" + } else { + _opt[0] = "" + } +} + +($1 == "accept") { + target = " -j ACCEPT" + for (o in _opt) { + print "iptables -t nat -A prerouting_$ifname" _opt[o] str2ipt($2) target + print "iptables -A input_$ifname " _opt[o] str2ipt($2) target + print "" + } +} + +($1 == "drop") { + for (o in _opt) { + print "iptables -t nat -A prerouting_$ifname" _opt[o] str2ipt($2) " -j DROP" + print "" + } +} + +($1 == "forward") { + target = " -j DNAT --to " $3 + fwopts = "" + if ($4 != "") { + if ((_l["proto"] == "tcp") || (_l["proto"] == "udp") || (_l["proto"] == "")) { + if (_l["proto"] != "") fwopts = " -p " _l["proto"] + fwopts = fwopts " --dport " $4 + target = target ":" $4 + } + else fwopts = "" + } + for (o in _opt) { + print "iptables -t nat -A prerouting_$ifname" _opt[o] str2ipt($2) target + print "iptables -A forward_$ifname " _opt[o] " -d " $3 fwopts " -j ACCEPT" + print "" + } +} diff --git a/package/iptables/files/firewall.config b/package/iptables/files/firewall.config new file mode 100644 index 000000000..7edd4ba4e --- /dev/null +++ b/package/iptables/files/firewall.config @@ -0,0 +1,46 @@ +# RULE SYNTAX: +# +# forward::[:] +# - forwards all packets matched by to , +# optionally changing the port to +# +# accept: +# - accepts all traffic matched by +# +# drop: +# - drops all traffic matched by +# +# +# MATCHING OPTIONS: +# +# src= +# - match the source ip +# +# dest= +# - match the destination ip +# +# proto= +# - match the protocol by name or number +# +# sport= +# - match the source port(s), see below for syntax +# +# dport= +# - match the destination port(s), see below for syntax +# +# +# +# PORT SYNTAX: +# +# You can enter an arbitrary list of ports and port ranges in the following format: +# - 22,53,993,1000-1024 +# +# If you don't set the protocol to tcp or udp, it will apply to both +# +# +# +# EXAMPLES: +# +# drop:dport=22 src=1.3.3.7 +# accept:proto=tcp dport=22 +# forward:dport=60168:192.168.1.2:60169 diff --git a/package/iptables/files/firewall.init b/package/iptables/files/firewall.init new file mode 100755 index 000000000..3804d044f --- /dev/null +++ b/package/iptables/files/firewall.init @@ -0,0 +1,95 @@ +#!/bin/sh + +## Please make changes in /etc/firewall.user + +. /etc/config/network +WAN="$wan_ifname" +LAN="$lan_ifname" + +## CLEAR TABLES +for T in filter nat; do + iptables -t $T -F + iptables -t $T -X +done + +iptables -N input_rule +iptables -N output_rule +iptables -N forwarding_rule + +iptables -t nat -N prerouting_rule +iptables -t nat -N postrouting_rule + +### INPUT +### (connections with the router as destination) + + # base case + iptables -P INPUT DROP + iptables -A INPUT -m state --state INVALID -j DROP + iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT + iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j DROP + + # + # insert accept rule or to jump to new accept-check table here + # + iptables -A INPUT -j input_rule + + # allow + [ -z "$WAN" ] || iptables -A INPUT -i \! $WAN -j ACCEPT # allow from lan/wifi interfaces + iptables -A INPUT -p icmp -j ACCEPT # allow ICMP + iptables -A INPUT -p gre -j ACCEPT # allow GRE + + # reject (what to do with anything not allowed earlier) + iptables -A INPUT -p tcp -j REJECT --reject-with tcp-reset + iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable + +### OUTPUT +### (connections with the router as source) + + # base case + iptables -P OUTPUT DROP + iptables -A OUTPUT -m state --state INVALID -j DROP + iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT + + # + # insert accept rule or to jump to new accept-check table here + # + iptables -A OUTPUT -j output_rule + + # allow + iptables -A OUTPUT -j ACCEPT #allow everything out + + # reject (what to do with anything not allowed earlier) + iptables -A OUTPUT -p tcp -j REJECT --reject-with tcp-reset + iptables -A OUTPUT -j REJECT --reject-with icmp-port-unreachable + +### FORWARDING +### (connections routed through the router) + + # base case + iptables -P FORWARD DROP + iptables -A FORWARD -m state --state INVALID -j DROP + iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT + + # + # insert accept rule or to jump to new accept-check table here + # + iptables -A FORWARD -j forwarding_rule + + # allow + iptables -A FORWARD -i br0 -o br0 -j ACCEPT + [ -z "$WAN" ] || iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT + + # reject (what to do with anything not allowed earlier) + # uses the default -P DROP + +### MASQ + iptables -t nat -A PREROUTING -j prerouting_rule + iptables -t nat -A POSTROUTING -j postrouting_rule + [ -z "$WAN" ] || iptables -t nat -A POSTROUTING -o $WAN -j MASQUERADE + +## USER RULES +[ -f /etc/firewall.user ] && . /etc/firewall.user +[ -n "$WAN" -a -e /etc/config/firewall ] && { + awk -f /usr/lib/common.awk -f /usr/lib/firewall.awk /etc/config/firewall | ash +} diff --git a/package/iptables/files/firewall.user b/package/iptables/files/firewall.user new file mode 100755 index 000000000..f13f50bf6 --- /dev/null +++ b/package/iptables/files/firewall.user @@ -0,0 +1,31 @@ +#!/bin/sh +. /etc/config/network + +WAN="$wan_ifname" +LAN="$lan_ifname" + +iptables -F input_rule +iptables -F output_rule +iptables -F forwarding_rule +iptables -t nat -F prerouting_rule +iptables -t nat -F postrouting_rule + +### BIG FAT DISCLAIMER +## The "-i $WAN" is used to match packets that come in via the $WAN interface. +## it WILL NOT MATCH packets sent from the $WAN ip address -- you won't be able +## to see the effects from within the LAN. + +### Open port to WAN +## -- This allows port 22 to be answered by (dropbear on) the router +# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT +# iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT + +### Port forwarding +## -- This forwards port 8080 on the WAN to port 80 on 192.168.1.2 +# iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 8080 -j DNAT --to 192.168.1.2:80 +# iptables -A forwarding_rule -i $WAN -p tcp --dport 80 -d 192.168.1.2 -j ACCEPT + +### DMZ +## -- Connections to ports not handled above will be forwarded to 192.168.1.2 +# iptables -t nat -A prerouting_rule -i $WAN -j DNAT --to 192.168.1.2 +# iptables -A forwarding_rule -i $WAN -d 192.168.1.2 -j ACCEPT diff --git a/package/linux-atm/files/br2684.init b/package/linux-atm/files/br2684.init index 88f40e76b..242e7e515 100644 --- a/package/linux-atm/files/br2684.init +++ b/package/linux-atm/files/br2684.init @@ -1,16 +1,14 @@ [ "${INTERFACE%%[0-9]*}" = "atm" ] && { case "$ACTION" in register) - [ "$(nvram get pppoe_atm)" = 1 ] && { - VPI=$(nvram get atm_vpi) - VCI=$(nvram get atm_vci) - case "$(nvram get atm_encaps)" in + [ "$pppoe_atm" = 1 ] && { + case "$atm_encaps" in 0|vc) ENCAPS=0 ;; 1|llc) ENCAPS=1 ;; *) ENCAPS=0 ;; esac insmod br2684 2>&- >&- - br2684ctl -c0 -e${ENCAPS} -a${VPI:-8}.${VCI:-35} & + br2684ctl -c0 -e${ENCAPS} -a${atm_vpi:-8}.${atm_vci:-35} & } ;; unregister) diff --git a/package/mtd/mtd.c b/package/mtd/mtd.c index 78d38fb6a..23e99160a 100644 --- a/package/mtd/mtd.c +++ b/package/mtd/mtd.c @@ -96,7 +96,7 @@ image_check_bcom(int imagefd, const char *mtd) } /* check if image fits to mtd device */ - fd = mtd_open(mtd, O_RDWR); + fd = mtd_open(mtd, O_RDWR | O_SYNC); if(fd < 0) { fprintf(stderr, "Could not open mtd device: %s\n", mtd); exit(1); @@ -113,6 +113,7 @@ image_check_bcom(int imagefd, const char *mtd) return 0; } + close(fd); return 1; } @@ -148,7 +149,7 @@ int mtd_check(char *mtd) struct mtd_info_user mtdInfo; int fd; - fd = mtd_open(mtd, O_RDWR); + fd = mtd_open(mtd, O_RDWR | O_SYNC); if(fd < 0) { fprintf(stderr, "Could not open mtd device: %s\n", mtd); return 0; @@ -171,7 +172,7 @@ mtd_unlock(const char *mtd) struct mtd_info_user mtdInfo; struct erase_info_user mtdLockInfo; - fd = mtd_open(mtd, O_RDWR); + fd = mtd_open(mtd, O_RDWR | O_SYNC); if(fd < 0) { fprintf(stderr, "Could not open mtd device: %s\n", mtd); exit(1); @@ -222,7 +223,7 @@ mtd_erase(const char *mtd) struct mtd_info_user mtdInfo; struct erase_info_user mtdEraseInfo; - fd = mtd_open(mtd, O_RDWR); + fd = mtd_open(mtd, O_RDWR | O_SYNC); if(fd < 0) { fprintf(stderr, "Could not open mtd device: %s\n", mtd); exit(1); @@ -260,8 +261,9 @@ mtd_write(int imagefd, const char *mtd, int quiet) size_t r, w, e; struct mtd_info_user mtdInfo; struct erase_info_user mtdEraseInfo; + int ret = 0; - fd = mtd_open(mtd, O_RDWR); + fd = mtd_open(mtd, O_RDWR | O_SYNC); if(fd < 0) { fprintf(stderr, "Could not open mtd device: %s\n", mtd); exit(1); @@ -318,7 +320,8 @@ mtd_write(int imagefd, const char *mtd, int quiet) } if (!quiet) fprintf(stderr, "\b\b\b\b"); - + + close(fd); return 0; } @@ -463,6 +466,8 @@ int main (int argc, char **argv) break; } + sync(); + if (boot) kill(1, 15); // send SIGTERM to init for reboot diff --git a/package/ntpclient/files/ntpclient.init b/package/ntpclient/files/ntpclient.init index c8505c5ca..a8944c60e 100644 --- a/package/ntpclient/files/ntpclient.init +++ b/package/ntpclient/files/ntpclient.init @@ -1,9 +1,8 @@ #!/bin/sh -server=$(nvram get ntp_server) case "$ACTION" in ifup) ps x | grep '[n]tpclient' >&- || { - route -n 2>&- | grep '^0.0.0.0' >&- && /usr/sbin/ntpclient -c 1 -s -h ${server:-pool.ntp.org} & + route -n 2>&- | grep '^0.0.0.0' >&- && /usr/sbin/ntpclient -c 1 -s -h ${ntp_server:-pool.ntp.org} & } ;; ifdown) diff --git a/package/parprouted/files/parprouted.default b/package/parprouted/files/parprouted.default index 17169c4b3..7128a56a7 100755 --- a/package/parprouted/files/parprouted.default +++ b/package/parprouted/files/parprouted.default @@ -1,3 +1 @@ -LAN_IF=$(nvram get lan_ifname) -WIFI_IF=$(nvram get wifi_ifname) -OPTIONS="$LAN_IF $WIFI_IF" +OPTIONS="$lan_ifname $wifi_ifname" diff --git a/package/ppp/files/ifup.pppoa b/package/ppp/files/ifup.pppoa index baea25ebf..277266c0f 100644 --- a/package/ppp/files/ifup.pppoa +++ b/package/ppp/files/ifup.pppoa @@ -1,11 +1,10 @@ #!/bin/sh [ $# = 0 ] && { echo " $0 "; exit; } -. /etc/functions.sh -. /etc/network.overrides -[ -e /etc/config/network ] && . /etc/config/network +. /etc/config/network type=$1 -[ "$(nvram get ${type}_proto)" = "pppoa" ] || { +eval "proto=\"\${${type}_proto}\"" +[ "$proto" = "pppoa" ] || { echo "$0: ${type}_proto isn't pppoa" exit } @@ -14,32 +13,24 @@ for module in slhc ppp_generic pppoatm; do /sbin/insmod $module 2>&- >&- done -VPI=$(nvram get atm_vpi) -VCI=$(nvram get atm_vci) -USERNAME=$(nvram get ppp_username) -PASSWORD=$(nvram get ppp_passwd) -KEEPALIVE=$(nvram get ppp_redialperiod) -KEEPALIVE=${KEEPALIVE:+lcp-echo-interval 1 lcp-echo-failure $KEEPALIVE} -DEMAND=$(nvram get ppp_demand) -case "$DEMAND" in +KEEPALIVE=${ppp_redialperiod:+lcp-echo-interval $ppp_redialperiod lcp-echo-failure 5} +case "$ppp_demand" in on|1|enabled) - DEMAND=$(nvram get ppp_idletime) - DEMAND=${IDLETIME:+demand idle $IDLETIME} + DEMAND=${ppp_idletime:+demand idle $ppp_idletime} [ -f /etc/ppp/filter ] && DEMAND=${DEMAND:+precompiled-active-filter /etc/ppp/filter $DEMAND} ;; *) DEMAND="persist";; esac -MTU=$(nvram get ppp_mtu) -MTU=${MTU:-1500} +MTU=${ppp_mtu:-1500} /usr/sbin/pppd \ - plugin pppoatm.so ${VPI:-8}.${VCI:-35} \ + plugin pppoatm.so ${atm_vpi:-8}.${atm_vci:-35} \ usepeerdns \ defaultroute \ linkname $type \ ipparam $type \ - user "$USERNAME" \ - password "$PASSWORD" \ + user "$ppp_username" \ + password "$ppp_passwd" \ mtu $MTU mru $MTU \ $DEMAND \ $KEEPALIVE diff --git a/package/ppp/files/ifup.pppoe b/package/ppp/files/ifup.pppoe index 1f9cd739c..0f3c14ed0 100644 --- a/package/ppp/files/ifup.pppoe +++ b/package/ppp/files/ifup.pppoe @@ -1,11 +1,10 @@ #!/bin/sh [ $# = 0 ] && { echo " $0 "; exit; } -. /etc/functions.sh -. /etc/network.overrides -[ -e /etc/config/network ] && . /etc/config/network +. /etc/config/network type=$1 -[ "$(nvram get ${type}_proto)" = "pppoe" ] || { +eval "proto=\"\${${type}_proto}\"" +[ "$proto" = "pppoe" ] || { echo "$0: ${type}_proto isn't pppoe" exit } @@ -14,22 +13,16 @@ for module in slhc ppp_generic pppox pppoe; do /sbin/insmod $module 2>&- >&- done -IFNAME=$(nvram get ${type}_device) -USERNAME=$(nvram get ppp_username) -PASSWORD=$(nvram get ppp_passwd) -KEEPALIVE=$(nvram get ppp_redialperiod) -KEEPALIVE=${KEEPALIVE:+lcp-echo-interval 1 lcp-echo-failure $KEEPALIVE} -DEMAND=$(nvram get ppp_demand) -case "$DEMAND" in +eval "IFNAME=\"\${${type}_device}\"" +KEEPALIVE=${ppp_redialperiod:+lcp-echo-interval $ppp_redialperiod lcp-echo-failure 5} +case "$ppp_demand" in on|1|enabled) - DEMAND=$(nvram get ppp_idletime) - DEMAND=${IDLETIME:+demand idle $IDLETIME} + DEMAND=${ppp_idletime:+demand idle $ppp_idletime} [ -f /etc/ppp/filter ] && DEMAND=${DEMAND:+precompiled-active-filter /etc/ppp/filter $DEMAND} ;; *) DEMAND="persist";; esac -MTU=$(nvram get ppp_mtu) -MTU=${MTU:-1492} +MTU=${ppp_mtu:-1492} ifconfig $IFNAME up /usr/sbin/pppd \ @@ -39,8 +32,8 @@ ifconfig $IFNAME up defaultroute \ linkname $type \ ipparam $type \ - user "$USERNAME" \ - password "$PASSWORD" \ + user "$ppp_username" \ + password "$ppp_passwd" \ mtu $MTU mru $MTU \ $DEMAND \ $KEEPALIVE \ diff --git a/package/pptp/files/ifup.pptp b/package/pptp/files/ifup.pptp index 9b1ac07c2..a9bc579b5 100644 --- a/package/pptp/files/ifup.pptp +++ b/package/pptp/files/ifup.pptp @@ -1,8 +1,13 @@ #!/bin/sh -. /etc/functions.sh +[ $# = 0 ] && { echo " $0 "; exit; } +. /etc/config/network type=$1 -[ "$(nvram get ${type}_proto)" = "pptp" ] || exit +eval "proto=\"\${${type}_proto}\"" +[ "$proto" = "pptp" ] || { + echo "$0: ${type}_proto isn't pptp" + exit +} [ -d "/var/lock" ] || mkdir -p /var/lock || exit 1 @@ -10,35 +15,21 @@ for module in slhc ppp_generic ppp_async ip_gre; do /sbin/insmod $module 2>&- >&- done -PPTP_PROTO="$(nvram get pptp_proto)" -[ "$PPTP_PROTO" = "static" ] || PPTP_PROTO="" -PPTP_PROTO="${PPTP_PROTO:-dhcp}" -IP=$(nvram get pptp_server_ip) -USERNAME=$(nvram get ppp_username) -PASSWORD=$(nvram get ppp_passwd) -KEEPALIVE=$(nvram get ppp_redialperiod) -KEEPALIVE=${KEEPALIVE:+lcp-echo-interval 10 lcp-echo-failure $KEEPALIVE} -DEMAND=$(nvram get ppp_demand) -case "$DEMAND" in +KEEPALIVE=${ppp_redialperiod:+lcp-echo-interval $ppp_redialperiod lcp-echo-failure 5} +case "$ppp_demand" in on|1|enabled) - DEMAND=$(nvram get ppp_idletime) - DEMAND=${IDLETIME:+demand idle $IDLETIME} + DEMAND=${ppp_idletime:+demand idle $ppp_idletime} [ -f /etc/ppp/filter ] && DEMAND=${DEMAND:+precompiled-active-filter /etc/ppp/filter $DEMAND} ;; *) DEMAND="persist";; esac -MTU=$(nvram get ppp_mtu) -MTU=${MTU:-1452} +MTU=${ppp_mtu:-1452} -do_ifup $PPTP_PROTO $type - -# hack for some buggy ISPs -NETMASK=$(nvram get ${type}_netmask) -IFNAME=$(nvram get ${type}_device) -[ -z "$NETMASK" -o -z "$IFNAME" ] || ifconfig $IFNAME netmask $NETMASK +[ "$pptp_proto" = "static" ] || pptp_proto="dhcp" +do_ifup $pptp_proto $type /usr/sbin/pppd \ - pty "/usr/sbin/pptp $IP --loglevel 0 --nolaunchpppd" \ + pty "/usr/sbin/pptp $pptp_server_ip --loglevel 0 --nolaunchpppd" \ file /etc/ppp/options.pptp \ connect /bin/true \ usepeerdns \ @@ -46,8 +37,8 @@ IFNAME=$(nvram get ${type}_device) replacedefaultroute \ linkname "$type" \ ipparam "$type" \ - user "$USERNAME" \ - password "$PASSWORD" \ + user "$ppp_username" \ + password "$ppp_passwd" \ mtu $MTU mru $MTU \ $DEMAND \ $KEEPALIVE -- cgit v1.2.3