OpenWRT实现有线+WiFi的STA模式双WAN叠加
2015-03-27 16:53
417 查看
配置/etc/config/network文件
config switch 'eth1' option reset '0' option enable_vlan '0' config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth1' option proto 'static' option ipaddr '192.168.6.1' option netmask '255.255.255.0' config interface 'wan0' option ifname 'wlan0' option proto 'dhcp' config interface 'wan1' option ifname 'eth0' option proto 'dhcp' option ifname eth0 option proto dhcp
注意:wan0与wan1的配置,ifname的值要对应准确,此处interface的编号要被dhcp、wireless配置文件所使用。
配置/etc/config/dhcp
实现wan0、wan1自动dhcp获取IP地址功能config dnsmasq option domainneeded '1' option boguspriv '1' option filterwin2k '0' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option nonegcache '0' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' config dhcp 'lan' option interface 'lan' option start '100' option limit '150' option leasetime '12h' option dhcpv6 'server' option ra 'server' config dhcp 'wan0' option interface 'wan0' option ignore '1' config dhcp 'wan1' option interface 'wan1' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update'
配置/etc/config/wireless
config wifi-device 'radio0' option type 'mac80211' option channel '0' option hwmode '11g' option path 'platform/ar933x_wmac' option htmode 'HT20' config wifi-iface option device 'radio0' option network 'wan0' option mode 'sta' option ssid 'wifi名称' option encryption 'psk2' option key 'wifi密码'
注意:option network的值要与/etc/config/network中的interface编号对应。
配置/etc/config/firewall
config defaults option syn_flood '1' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'lan' option network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' config zone option name 'wan' list network 'wan0' list network 'wan1' list network 'wan6' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option masq '1' option mtu_fix '1' config forwarding option src 'lan' option dest 'wan' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan0' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option src_ip 'fe80::/10' option src_port '547' option dest_ip 'fe80::/10' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan0' option proto 'icmp' option icmp_type 'echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type router-solicitation neighbout' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan' option dest '*' option proto 'icmp' option icmp_type 'echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config include option path '/etc/firewall.user'
一键配置脚本代码示例
所有的配置操作均使用OpenWRT系统提供的uci命令,也是OpenWRT开发中比较正统的操作方法,当然也并不局限于此,如果不怕麻烦的话,直接修改配置文件也能达到同样效果。#!/bin/sh ENCRYPTION="psk2" #接入wifi加密方式 SSID="test" #接入wifi的SSID KEY="12345678" #接入wifi的密码 _wifi_sta_set_firewall(){ echo > /etc/config/firewall uci add firewall defaults 1>/dev/null uci set firewall.@defaults[0]=defaults uci set firewall.@defaults[0].syn_flood=1 uci set firewall.@defaults[0].input=ACCEPT uci set firewall.@defaults[0].output=ACCEPT uci set firewall.@defaults[0].forward=REJECT uci add firewall zone 1>/dev/null uci set firewall.@zone[0]=zone uci set firewall.@zone[0].name=lan uci set firewall.@zone[0].network=lan uci set firewall.@zone[0].input=ACCEPT uci set firewall.@zone[0].output=ACCEPT uci set firewall.@zone[0].forward=ACCEPT uci add firewall zone 1>/dev/null uci set firewall.@zone[1]=zone uci set firewall.@zone[1].name=wan uci add_list firewall.@zone[1].network=wan0 uci add_list firewall.@zone[1].network=wan1 #uci add_list firewall.@zone[1].network=wan6 uci set firewall.@zone[1].input=ACCEPT uci set firewall.@zone[1].output=ACCEPT uci set firewall.@zone[1].forward=ACCEPT uci set firewall.@zone[1].masq=1 uci set firewall.@zone[1].mtu_fix=1 &nb 4000 sp;uci add firewall forwarding 1>/dev/null uci set firewall.@forwarding[0]=forwarding uci set firewall.@forwarding[0].src=lan uci set firewall.@forwarding[0].dest=wan uci add firewall rule 1>/dev/null uci set firewall.@rule[0]=rule uci set firewall.@rule[0].name=Allow-DHCP-Renew uci set firewall.@rule[0].src=wan uci set firewall.@rule[0].proto=udp uci set firewall.@rule[0].dest_port=68 uci set firewall.@rule[0].target=ACCEPT uci set firewall.@rule[0].family=ipv4 uci add firewall rule 1>/dev/null uci set firewall.@rule[1]=rule uci set firewall.@rule[1].name=Allow-Ping uci set firewall.@rule[1].src=wan uci set firewall.@rule[1].proto=icmp uci set firewall.@rule[1].icmp_type=echo-request uci set firewall.@rule[1].family=ipv4 uci set firewall.@rule[1].target=ACCEPT uci add firewall rule 1>/dev/null uci set firewall.@rule[2]=rule uci set firewall.@rule[2].name=Allow-DHCPv6 uci set firewall.@rule[2].src=wan uci set firewall.@rule[2].proto=udp uci set firewall.@rule[2].src_ip=fe80::/10 uci set firewall.@rule[2].src_port=547 uci set firewall.@rule[2].dest_ip=fe80::/10 uci set firewall.@rule[2].dest_port=546 uci set firewall.@rule[2].family=ipv6 uci set firewall.@rule[2].target=ACCEPT #uci add firewall rule 1>/dev/null #uci set firewall.@rule[3]=rule #uci set firewall.@rule[3].name=Allow-ICMPv6-Input #uci set firewall.@rule[3].src=wan #uci set firewall.@rule[3].proto=icmp #uci set firewall.@rule[3].icmp_type='echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type router-solicitation neighbout' #uci set firewall.@rule[3].limit=1000/sec #uci set firewall.@rule[3].family=ipv6 #uci set firewall.@rule[3].target=ACCEPT #uci add firewall rule 1>/dev/null #uci set firewall.@rule[4]=rule #uci set firewall.@rule[4].name='Allow-ICMPv6-Forward' #uci set firewall.@rule[4].src=wan #uci set firewall.@rule[4].dest=* #uci set firewall.@rule[4].proto=icmp #uci set firewall.@rule[4].icmp_type='echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type' #uci set firewall.@rule[4].limit='1000/sec' #uci set firewall.@rule[4].family='ipv6' #uci set firewall.@rule[4].target='ACCEPT' echo OK uci add firewall include 1>/dev/null uci set firewall.@include[0]=include uci set firewall.@include[0].path='/etc/firewall.user' uci commit } _wifi_sta_set_network(){ echo > /etc/config/network uci set network.eth1=switch uci set network.eth1.reset=0 uci set network.eth1.enable_vlan=0 uci set network.loopback=interface uci set network.loopback.ifname=lo uci set network.loopback.proto=static uci set network.loopback.ipaddr=127.0.0.1 uci set network.loopback.netmask=255.0.0.0 uci set network.lan=interface uci set network.lan.ifname=eth1 uci set network.lan.proto=static uci set network.lan.ipaddr=192.168.6.1 uci set network.lan.netmask=255.255.255.0 uci set network.wan0=interface uci set network.wan0.ifname=wlan0 uci set network.wan0.proto=dhcp uci set network.wan1=interface uci set network.wan1.ifname=eth0 uci set network.wan1.proto=dhcp uci commit } #wifi在STA模式下设置dhcp参数 _wifi_sta_set_dhcp(){ uci delete dhcp.wan 2>/dev/null uci set dhcp.lan=dhcp uci set dhcp.lan.interface=lan uci set dhcp.lan.start=100 uci set dhcp.lan.limit=150 uci set dhcp.lan.leasetime=12h uci set dhcp.lan.dhcpv6=server uci set dhcp.lan.ra=server uci set dhcp.wan0=dhcp uci set dhcp.wan0.interface=wan0 uci set dhcp.wan0.ignore=1 uci set dhcp.wan1=dhcp uci set dhcp.wan1.interface=wan1 uci set dhcp.wan1.ignore=1 uci set dhcp.odhcpd=odhcpd uci set dhcp.odhcpd.maindhcp=0 uci set dhcp.odhcpd.leasefile=/tmp/hosts/odhcpd uci set dhcp.odhcpd.leasetrigger=/usr/sbin/odhcpd-update uci commit } #param: <ssid> <encrymode> <key> # <ssid> 连接AP的SSID名称 # <encrymode> AP加密方式 # <key> AP密码 wifi_connect_to(){ echo > /etc/config/wireless uci set wireless.radio0=wifi-device uci set wireless.radio0.type=mac80211 uci set wireless.radio0.channel=0 uci set wireless.radio0.hwmode=11g uci set wireless.radio0.path=platform/ar933x_wmac uci set wireless.radio0.htmode=HT20 if ! uci get wireless.@wifi-iface[0] 1>/dev/null 2>/dev/null then uci add wireless wifi-iface 1>/dev/null 2>/dev/null fi uci set wireless.@wifi-iface[0]=wifi-iface uci set wireless.@wifi-iface[0].device=radio0 uci set wireless.@wifi-iface[0].network=wan0 uci set wireless.@wifi-iface[0].mode=sta uci set wireless.@wifi-iface[0].ssid=$1 uci set wireless.@wifi-iface[0].encryption=$2 uci set wireless.@wifi-iface[0].key=$3 uci commit } _wifi_sta_set_firewall #设置firewall参数 _wifi_sta_set_network #设置network参数 _wifi_sta_set_dhcp #设置dhcp参数 wifi_connect_to $SSID $ENCRYPTION $KEY #连接wifi /etc/init.d/firewall enable /etc/init.d/firewall restart #/etc/init.d/network restart
相关文章推荐
- 用shell脚本实现linux系统上wifi模式(STA和soft AP)的转换
- 实现RT3070无线网卡STA模式并使开发板接入Wifi上网
- 用shell脚本实现linux系统上wifi模式(STA和soft AP)的转换
- arm9+linux fl2440 实现RT3070无线网卡AP模式并使开发板接入Wifi上网
- OpenWrt无线Wifi客户端模式
- [置顶] ifup-wlan脚本解析(wifi启动STA或是AP模式)
- STA模式 - wifi随时扫描功能
- Linksys WRT54G变废为宝 刷OpenWRT实现一号多拨 且变双Wan
- OpenWRT(四)AP、STA、中继模式
- openwrt配置wifi桥接上级AP,再作为ap路由(可实现ip透传,例如远距离图像传输)
- OpenWRT使用Wifidog实现强制认证的WIFI热点
- Openwrt虚拟WAN口叠加网速
- 完美实现笔记本在有线网卡连通时自动关闭wifi,有线网卡未连通时自动开启wifi
- OpenWrt实现多SSID wifi连接功能并抓包分析
- RT3070无线网卡STA模式并使开发板接入Wifi上网
- <WIFI>在soft-AP模式下实现配置UDP实验——手机点灯
- openwrt系统设置STA模式或AP模式
- FL2440——RT3070 STA模式 实现无线上网功能
- Android手机WIFI模式下实现无线adb调试的方法
- archlinux实现wifi和有线联网