diff options
Diffstat (limited to 'files/common')
30 files changed, 1203 insertions, 0 deletions
diff --git a/files/common/etc/config/batman-adv b/files/common/etc/config/batman-adv new file mode 100644 index 0000000..cc8db5f --- /dev/null +++ b/files/common/etc/config/batman-adv @@ -0,0 +1,10 @@ +config 'mesh' 'bat0' + option 'interfaces' 'ath1' + option 'orig_interval' + option 'log_level' + option 'aggregated_ogms' + option 'bonding' + option 'fragmentation' + option 'vis_mode' + option 'gw_mode' 'client' + diff --git a/files/common/etc/config/firewall b/files/common/etc/config/firewall new file mode 100644 index 0000000..4b702ba --- /dev/null +++ b/files/common/etc/config/firewall @@ -0,0 +1,50 @@ +config defaults + option syn_flood 1 + option input ACCEPT + option output ACCEPT + option forward REJECT + +config zone + option name wan + option input REJECT + option output ACCEPT + option forward REJECT + option masq 1 + option mtu_fix 1 +config zone + option name mesh + option input ACCEPT + option output ACCEPT + option forward REJECT +config zone + option name lan + option input ACCEPT + option output ACCEPT + option forward REJECT +config forwarding + option src mesh + option dest wan + +config forwarding + option src lan + option dest wan + +# We need to accept udp packets on port 68, +# see https://dev.openwrt.org/ticket/4108 +config rule + option src wan + option proto udp + option dest_port 68 + option target ACCEPT + +#Allow ping +config rule + option src wan + option proto icmp + option icmp_type echo-request + option target ACCEPT + +# include a file with users custom iptables rules +config include + option path /etc/firewall.user + diff --git a/files/common/etc/config/n2n b/files/common/etc/config/n2n new file mode 100644 index 0000000..58cccdc --- /dev/null +++ b/files/common/etc/config/n2n @@ -0,0 +1,17 @@ +config edge + option ipaddr '1.2.3.4' + option supernode 'fritz-der-server.de' + option port '2009' + option community 'ffj1' + option key 'ffj1' + option devname 'n2n1' + option route '' +config edge + option ipaddr '1.2.3.4' + option supernode '89.238.83.22' + option port '9876' + option community 'ffj2' + option key 'ffj2' + option devname 'n2n2' + option route '' + diff --git a/files/common/etc/config/network b/files/common/etc/config/network new file mode 100644 index 0000000..b0d6d9e --- /dev/null +++ b/files/common/etc/config/network @@ -0,0 +1,39 @@ + +config 'interface' 'loopback' + option 'ifname' 'lo' + option 'proto' 'static' + option 'ipaddr' '127.0.0.1' + option 'netmask' '255.0.0.0' + +config 'interface' 'mesh' + option 'type' 'bridge' + option 'ifname' 'bat0 ath0' + option 'mtu' '1527' + +config 'interface' 'lan' + option 'type' 'bridge' + option 'proto' 'static' + option 'ipaddr' '10.17.200.1' + option 'netmask' '255.255.255.0' + option 'ifname' 'eth0.1' + +config 'switch' 'eth0' + option 'name' 'eth0' + option 'reset' '1' + option 'enable_vlan' '1' + +config 'switch_vlan' 'eth0_1' + option 'device' 'eth0' + option 'vlan' '1' + option 'ports' '0 1 2 3 5t' + +config 'switch_vlan' 'eth0_2' + option 'device' 'eth0' + option 'vlan' '2' + option 'ports' '4 5t' + +config 'interface' 'wan' + option 'ifname' 'eth0.2' + option 'proto' 'dhcp' + option 'dns' '217.11.48.200 217.11.49.200 8.8.8.8' + diff --git a/files/common/etc/config/splash_users b/files/common/etc/config/splash_users new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/files/common/etc/config/splash_users @@ -0,0 +1 @@ + diff --git a/files/common/etc/config/system b/files/common/etc/config/system new file mode 100644 index 0000000..3d9683c --- /dev/null +++ b/files/common/etc/config/system @@ -0,0 +1,17 @@ +config system + option hostname OpenWrt + option timezone CET + +config button + option button reset + option action released + option handler "logger reboot" + option min 0 + option max 4 + +config button + option button reset + option action released + option handler "logger factory default" + option min 5 + option max 30 diff --git a/files/common/etc/config/uhttpd b/files/common/etc/config/uhttpd new file mode 100644 index 0000000..8320d42 --- /dev/null +++ b/files/common/etc/config/uhttpd @@ -0,0 +1,39 @@ +# Server configuration +config uhttpd main + + # HTTP listen addresses, multiple allowed + list listen_http 0.0.0.0:80 + # Server document root + option home /www + option error_page /cgi-bin/redirect + option index_page cgi-bin/redirect + # Reject requests from RFC1918 IP addresses + # directed to the servers public IP(s). + # This is a DNS rebinding countermeasure. + option rfc1918_filter 1 + + # CGI url prefix, will be searched in docroot. + # Default is /cgi-bin + option cgi_prefix /cgi-bin + + # CGI/Lua timeout, if the called script does not + # write data within the given amount of seconds, + # the server will terminate the request with + # 504 Gateway Timeout response. + option script_timeout 60 + + # Network timeout, if the current connection is + # blocked for the specified amount of seconds, + # the server will terminate the associated + # request process. + option network_timeout 30 + + # TCP Keep-Alive, send periodic keep-alive probes + # over established connections to detect dead peers. + # The value is given in seconds to specify the + # interval between subsequent probes. + # Setting this to 0 will disable TCP keep-alive. + option tcp_keepalive 1 + + + diff --git a/files/common/etc/config/wireless b/files/common/etc/config/wireless new file mode 100644 index 0000000..17dd0b7 --- /dev/null +++ b/files/common/etc/config/wireless @@ -0,0 +1,16 @@ +config wifi-device wifi0 + option type atheros + option channel 1 + +config wifi-iface + option device wifi0 + option mode adhoc + option ssid batman.jena.freifunk.net + option bssid 12:CA:FF:EE:BA:BE + option hidden 1 + +config wifi-iface + option device wifi0 + option mode ap + option ssid www.freifunk-jena.de + diff --git a/files/common/etc/crontabs/root b/files/common/etc/crontabs/root new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/files/common/etc/crontabs/root @@ -0,0 +1 @@ + diff --git a/files/common/etc/dropbear/authorized_keys b/files/common/etc/dropbear/authorized_keys new file mode 100644 index 0000000..ed898bc --- /dev/null +++ b/files/common/etc/dropbear/authorized_keys @@ -0,0 +1,8 @@ +# egon0 (Freifunk Jena) egon@resonar.de +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwgEYvNnufy2ytpbEfKzbcpj0Ax7xJj1E4DtdCufkrBUfrcnR4Skeq3kGrA74+4ihV5msAqwU/NlWTiyPIiOYBqo9zQx2ynF1n40RgqutzFY1rm1z4iop/9cvqFtWBgOEApDd3WxvDlq/QTcVsxoSu4yk9k/ufu5gdLGFlsGPK9etfEw02w81nGOdbpdWiFu+m19qSaR1gNB6DJF/HEuRZI/rgUQA6mndhA4C5oGtMW8ZlIg3FsrDAJdjZKerxwNaJ7SJC7d8/Rc8w8mYeOdr2aQnzIvy8dT8jmahTuxGpwwPrYo4q4mylbjWU8o21ip2G9lfLEA5iAip7Giuin2oJw== +# Darkeye (Freifunk Jena) martinmichel@die-guten-partei.de +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAufrdEwZmNJhcdxBkBepD/cjCkrxTdM6nC7MtommvbyrivRg8Wc56qNXyqxVoTQ3Rs/auk01r29ZpNmrAVc0xeKEZEf1Xm9bmgMOei/535mssPdqVnH+xWq5xdBAYbBPa01xkWTxBHPWqhy/EtzrFHMk6lYMyMIB1iB+hMbT5U8KYaX9geD9dWZ2Ch5cPRpls1AKvfL0LMOo+sVjDK6DxkUHWBtXmsssF5shas20paqWUzj/noYdzAV7B0lZaavKDJ37gJrEo6V0aDTzXaLVNPp8V6wCuMxhzuMrK9JPooeSAABmEqfVIYUDrGsV/uV76tgCd3Saw7DUrSsnFBVS8ow== +# Darkeye (Freifunk Jena) - mobile +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB7QDvtIcbm2u4bnMVrQro+iFkQEsAHC/nbk8I/V85CpZObiofVWD7xJd/UMU9zxhWJ2UG+aVThNX9vwSHfmBYMfMljFXIRG8vo94uVZmEUvgfMDXAoOE7EhLBXGAx+Z1f4/rwoTWE0b/Nb/CfnxfDTbNYQgrjx9pyMY6CtYMddqjsBmq9ZzO/w4+WUZJXIy7imWkKna7czG20AMUNuo7AvcOlU1rgZIVyi2hN31DvuJNLSDXSDCkxMwcV0iukYnNiGk7N/xReBLKHbp9aUk0/TOr+H7cBjQwkXZPheoPsq3CZfolHQiQxjMGwFQlw+ZnrURDaOGFU6u1sAWZDwj2DaFh4YFaPHH8gKJvsE0vjxzWCc3vmFctCLwGLeLoc7Ghz35q066LX9i972w9HQ1YRcrKLAGDmhkzAQqaX3dT7bsgvylTi+nvhr0iYZ9wg44TDd+KGfm+BHtXOxCmr4MzJWOooQi83gr7ZoqGL3rwK8t2dDDORA9sb6sAe+Srj0GXUxbIRWmJY99JOlIocBGRzsUQ08kulsNryQrgk5iwxqSZy0TAGVisZ2Uz5SfNSYbpKLn3IbNtl2TPvFazdMb0RfXhZpcxoPgbf6UmQBQJdI11e6ga6Evn5KIIT6GvtQQDxwdyn/CggEbnXj20nAp8== +# egon0 (Freifunk Jena) - mobile +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDYdPDqvxN2+oZQr1QEAgcpFgRq7QAk6lNT4f5mFiDII07tlx7KMgWGX5C3hbgHpJgVWXx9uC5aB0qQOO8h0KV0AODQDz9bu7P9SvmpZt0isXzV5jh+b/lzMfwlzZt0tmqOUxzN6JkzBfsaQjMEViSsu/bhQG0nPehiEVykrJeMVPngX9hfA6UMj04hhkUY0bG+ET1JpUCSSXKkvPJHKOfGa9gPeZewSasGnxjwzQ5M2Ikn4CtQuDCIrVnjEvb/rAH3So9TSjV31dx10O6vYY2qAnS/oviQSN9NP729CQLSCaBFv4Z5I7WJaXAxkYSRvC8fzTq62nOXWi3rWg2jfSnsbyEkqQGJ5z6ZaiDIi2tHuXfVoLlCdnaVmgPtQuhGQLamrnOvvn+PJBptPgGWl74g/H/UEsT0v60c6jgfp5jtrEk25Bgk7QITp/aykRf6uGjEfwnatZSs43D2y9TU6EPH0oy2tN0MI+XKU2PwoXme1BwAhpKPawnNY495BmLqyn0u3Fr8C1IqD2nCaLhk8OGVEW3BZAy2wdb2V1huTq0SkEMhILrDLKslZwGpO2mtMRrHwAhk6S220zSOH+B9seNK7P42pNBc0pqP6rJrVRxfjpq/+fA4wjE+ojQagQhTAHuK/SsA79gE/vTtlRGOy2nW7D5hmidaiiqptTxuTENULQ== galaxy diff --git a/files/common/etc/hotplug.d/iface/22-wan_led b/files/common/etc/hotplug.d/iface/22-wan_led new file mode 100644 index 0000000..061a499 --- /dev/null +++ b/files/common/etc/hotplug.d/iface/22-wan_led @@ -0,0 +1,15 @@ +#!/bin/sh +case "${ACTION:-ifup}" in + ifup) + gpioctl set 3 + uci set batman-adv.bat0.gw_mode=server + uci commit batman-adv + /etc/init.d/batman-adv restart + ;; + ifdown) + gpioctl dirout 3 + uci set batman-adv.bat0.gw_mode=client + uci commit batman-adv + /etc/init.d/batman-adv restart + ;; +esac diff --git a/files/common/etc/init.d/batman-adv b/files/common/etc/init.d/batman-adv new file mode 100755 index 0000000..6ecb7ea --- /dev/null +++ b/files/common/etc/init.d/batman-adv @@ -0,0 +1,103 @@ +#!/bin/sh /etc/rc.common +START=90 + +is_module_loaded() { + + if [ ! -d "/sys/module/batman_adv" ]; then + echo "batman-adv module directory not found - was the kernel module loaded ?" >&2 + return 0 + fi + + return 1 +} + +start_mesh () { + local meshif="$1" + local interfaces orig_interval log_level aggregated_ogms bonding vis_mode + + is_module_loaded + [ $? -ne 1 ] && return + + config_get interfaces "$meshif" interfaces + config_get orig_interval "$meshif" orig_interval + config_get log_level "$meshif" log_level + config_get aggregated_ogms "$meshif" aggregated_ogms + config_get bonding "$meshif" bonding + config_get gw_mode "$meshif" gw_mode + + config_get vis_mode "$meshif" vis_mode + + if [ "$interfaces" = "" ]; then + echo Error, you must specify at least a network interface + return + fi + + for interface in $interfaces + do + [ ! -f "/sys/class/net/$interface/batman_adv/mesh_iface" ] && echo "Can't add interface $interface - ignoring" && continue + echo $meshif > /sys/class/net/$interface/batman_adv/mesh_iface + done + + if [ $orig_interval ]; then + echo $orig_interval > /sys/class/net/$meshif/mesh/orig_interval + fi + + if [ $log_level ]; then + echo $log_level > /sys/class/net/$meshif/mesh/log_level 2>&- + fi + + if [ $aggregated_ogms ]; then + echo $aggregated_ogms > /sys/class/net/$meshif/mesh/aggregated_ogms + fi + + if [ $bonding ]; then + echo $bonding > /sys/class/net/$meshif/mesh/bonding + fi + + if [ $vis_mode ]; then + echo $vis_mode > /sys/class/net/$meshif/mesh/vis_mode + fi + + if [ $gw_mode ]; then + echo $gw_mode > /sys/class/net/$meshif/mesh/gw_mode + fi +} + +stop_mesh() { + local meshif="$1" + + is_module_loaded + [ $? -ne 1 ] && return + + for iface in $(ls /sys/class/net/*) + do + [ ! -f "$iface/batman_adv/mesh_iface" ] && continue + [ "$(head -1 $iface/batman_adv/mesh_iface)" != "status: $meshif" ] && continue + + echo "none" > $iface/batman_adv/mesh_iface + done +} + +# can also be used with "batman-adv start bat0" +start() { + config_load batman-adv + + if [ -n "$1" ]; then + start_mesh $1 + else + config_foreach start_mesh mesh + fi +} + +# can also be used with "batman-adv stop bat0" +stop () { + config_load batman-adv + + if [ -n "$1" ]; then + stop_mesh $1 + else + config_foreach stop_mesh mesh + fi +} + + diff --git a/files/common/etc/init.d/dnsmasq b/files/common/etc/init.d/dnsmasq new file mode 100755 index 0000000..1b934c0 --- /dev/null +++ b/files/common/etc/init.d/dnsmasq @@ -0,0 +1,386 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2007 OpenWrt.org + +START=60 +DNS_SERVERS="" +DOMAIN="" + +dhcp_calc() { + local ip="$1" + local res=0 + + while [ -n "$ip" ]; do + part="${ip%%.*}" + res="$(($res * 256))" + res="$(($res + $part))" + [ "${ip%.*}" != "$ip" ] && ip="${ip#*.}" || ip= + done + echo "$res" +} + +append_bool() { + local section="$1" + local option="$2" + local value="$3" + local _loctmp + config_get_bool _loctmp "$section" "$option" 0 + [ $_loctmp -gt 0 ] && append args "$value" +} + +append_parm() { + local section="$1" + local option="$2" + local switch="$3" + local _loctmp + config_get _loctmp "$section" "$option" + [ -z "$_loctmp" ] && return 0 + append args "$switch $_loctmp" +} + +append_server() { + append args "-S $1" +} + +append_interface() { + local ifname=$(uci_get_state network "$1" ifname "$1") + append args "-i $ifname" +} + +append_notinterface() { + local ifname=$(uci_get_state network "$1" ifname "$1") + append args "-I $ifname" +} + +append_addnhosts() { + append args "-H $1" +} + +append_bogusnxdomain() { + append args "-B $1" +} + +dnsmasq() { + local cfg="$1" + append_bool "$cfg" authoritative "-K" + append_bool "$cfg" nodaemon "-d" + append_bool "$cfg" domainneeded "-D" + append_bool "$cfg" filterwin2k "-f" + append_bool "$cfg" nohosts "-h" + append_bool "$cfg" nonegcache "-N" + append_bool "$cfg" strictorder "-o" + append_bool "$cfg" logqueries "-q" + append_bool "$cfg" noresolv "-R" + append_bool "$cfg" localise_queries "-y" + append_bool "$cfg" readethers "-Z" + append_bool "$cfg" dbus "-1" + append_bool "$cfg" boguspriv "-b" + append_bool "$cfg" expandhosts "-E" + append_bool "$cfg" enable_tftp "--enable-tftp" + append_bool "$cfg" nonwildcard "-z" + + append_parm "$cfg" cachesize "-c" + append_parm "$cfg" dnsforwardmax "-0" + append_parm "$cfg" port "-p" + append_parm "$cfg" ednspacket_max "-P" + append_parm "$cfg" dhcpleasemax "-X" + append_parm "$cfg" "queryport" "-Q" + append_parm "$cfg" "domain" "-s" + append_parm "$cfg" "local" "-S" + config_list_foreach "$cfg" "server" append_server + config_list_foreach "$cfg" "interface" append_interface + config_list_foreach "$cfg" "notinterface" append_notinterface + config_list_foreach "$cfg" "addnhosts" append_addnhosts + config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain + append_parm "$cfg" "leasefile" "-l" + append_parm "$cfg" "resolvfile" "-r" + append_parm "$cfg" "tftp_root" "--tftp-root" + append_parm "$cfg" "dhcp_boot" "--dhcp-boot" + + config_get DOMAIN "$cfg" domain + + config_get_bool readethers "$cfg" readethers + [ "$readethers" = "1" ] && [ -e "/etc/ethers" ] || touch /etc/ethers + + config_get leasefile $cfg leasefile + [ -n "$leasefile" ] && [ -e "$leasefile" ] || touch "$leasefile" + config_get_bool cachelocal "$cfg" cachelocal 1 + + config_get hostsfile "$cfg" dhcphostsfile + [ -e "$hostsfile" ] && append args "--dhcp-hostsfile=$hostsfile" + + local rebind + config_get_bool rebind "$cfg" rebind_protection 1 + [ $rebind -gt 0 ] && { + logger -t dnsmasq \ + "DNS rebinding protection is active," \ + "will discard upstream RFC1918 responses!" + append args "--stop-dns-rebind" + + local rebind_localhost + config_get_bool rebind_localhost "$cfg" rebind_localhost 0 + [ $rebind_localhost -gt 0 ] && { + logger -t dnsmasq "Allowing 127.0.0.0/8 responses" + append args "--rebind-localhost-ok" + } + + append_rebind_domain() { + logger -t dnsmasq "Allowing RFC1918 responses for domain $1" + append args "--rebind-domain-ok=$1" + } + + config_list_foreach "$cfg" rebind_domain append_rebind_domain + } +} + +dhcp_subscrid_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get subscriberid "$cfg" subscriberid + [ -n "$subscriberid" ] || return 0 + + append args "--dhcp-subscrid=$networkid,$subscriberid" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_remoteid_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get remoteid "$cfg" remoteid + [ -n "$remoteid" ] || return 0 + + append args "--dhcp-remoteid=$networkid,$remoteid" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_circuitid_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get circuitid "$cfg" circuitid + [ -n "$circuitid" ] || return 0 + + append args "--dhcp-circuitid=$networkid,$circuitid" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_userclass_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get userclass "$cfg" userclass + [ -n "$userclass" ] || return 0 + + append args "--dhcp-userclass=$networkid,$userclass" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_vendorclass_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get vendorclass "$cfg" vendorclass + [ -n "$vendorclass" ] || return 0 + + append args "--dhcp-vendorclass=$networkid,$vendorclass" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_host_add() { + local cfg="$1" + + config_get name "$cfg" name + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] && dhcp_option_add "$cfg" "$networkid" + + config_get ip "$cfg" ip + [ -n "$ip" ] || return 0 + + macs="" + config_get mac "$cfg" mac + for m in $mac; do append macs "$m" ","; done + [ -n "$macs" ] || return 0 + + append args "--dhcp-host=$macs,${networkid:+net:$networkid,}$ip${name:+,$name}" +} + +dhcp_mac_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get mac "$cfg" mac + [ -n "$mac" ] || return 0 + + append args "--dhcp-mac=$networkid,$mac" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_boot_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + + config_get filename "$cfg" filename + [ -n "$filename" ] || return 0 + + config_get servername "$cfg" servername + [ -n "$servername" ] || return 0 + + config_get serveraddress "$cfg" serveraddress + [ -n "$serveraddress" ] || return 0 + + append args "--dhcp-boot=${networkid:+net:$networkid,}$filename,$servername,$serveraddress" + + dhcp_option_add "$cfg" "$networkid" +} + + +dhcp_add() { + local cfg="$1" + config_get net "$cfg" interface + [ -n "$net" ] || return 0 + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || networkid="$net" + + config_get ifname "$net" ifname + [ -n "$ifname" ] || return 0 + + config_get dnsserver "$net" dns + [ "$cachelocal" = "0" -a -n "$dnsserver" ] && { + DNS_SERVERS="$DNS_SERVERS $dnsserver" + } + + append_bool "$cfg" ignore "-2 $ifname" && return 0 + + config_get proto "$net" proto + [ static = "$proto" ] || return 0 + + config_get ipaddr "$net" ipaddr + config_get netmask "$cfg" netmask + [ -n "$netmask" ] || config_get netmask "$net" netmask + + #check for an already active dhcp server on the interface, unless 'force' is set + config_get_bool force "$cfg" force 0 + [ $force -gt 0 ] || { + udhcpc -n -q -s /bin/true -t 1 -i $ifname >&- && { + logger -t dnsmasq \ + "found already running DHCP-server on interface '$ifname'" \ + "refusing to start, use 'option force 1' to override" + return 0 + } + } + + config_get start "$cfg" start + config_get limit "$cfg" limit + config_get start_ip "$cfg" start_ip + config_get end_ip "$cfg" end_ip + config_get leasetime "$cfg" leasetime + config_get options "$cfg" options + config_get_bool dynamicdhcp "$cfg" dynamicdhcp 1 + + leasetime="${leasetime:-12h}" + start="$(dhcp_calc "${start:-100}")" + limit="${limit:-150}" + eval "$(ipcalc.sh $ipaddr $netmask $start $limit)" + if [ "$dynamicdhcp" = "0" ]; then END="static"; fi + if [ -n "$start_ip" ]; then START=$start_ip; fi + if [ -n "$end_ip" ]; then END=$end_ip; fi + append args "--dhcp-range=$networkid,$START,$END,$NETMASK,$leasetime${options:+ $options}" + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_option_add() { + local cfg="$1" + local networkid="$2" + + config_get dhcp_option "$cfg" dhcp_option + for o in $dhcp_option; do + append args "-O $networkid","$o" + done + +} + +dhcp_domain_add() { + local cfg="$1" + local ip name names + + config_get names "$cfg" name + [ -n "$names" ] || return 0 + + config_get ip "$cfg" ip + [ -n "$ip" ] || return 0 + + local oIFS="$IFS"; IFS="."; set -- $ip; IFS="$oIFS" + local raddr="${4:+$4.$3.$2.$1.in-addr.arpa}" + + for name in $names; do + local fqdn="$name" + + [ "${fqdn%.*}" == "$fqdn" ] && \ + fqdn="$fqdn${DOMAIN:+.$DOMAIN}" + + append args "-A /$fqdn/$ip" + + [ -n "$raddr" ] && { + append args "--ptr-record=$raddr,$fqdn" + raddr="" + } + done +} + +start() { + include /lib/network + scan_interfaces + config_load dhcp + + args="" + config_foreach dnsmasq dnsmasq + config_foreach dhcp_host_add host + config_foreach dhcp_boot_add boot + config_foreach dhcp_mac_add mac + config_foreach dhcp_vendorclass_add vendorclass + config_foreach dhcp_userclass_add userclass + config_foreach dhcp_circuitid_add circuitid + config_foreach dhcp_remoteid_add remoteid + config_foreach dhcp_subscrid_add subscrid + config_foreach dhcp_domain_add domain + config_foreach dhcp_add dhcp + /usr/sbin/dnsmasq $args && { + rm -f /tmp/resolv.conf + [ -n "$DOMAIN" ] && echo "search $DOMAIN" >> /tmp/resolv.conf + DNS_SERVERS="$DNS_SERVERS 127.0.0.1" + for DNS_SERVER in $DNS_SERVERS ; do + echo "nameserver $DNS_SERVER" >> /tmp/resolv.conf + done + } +} + +stop() { + [ -f /tmp/resolv.conf ] && { + rm -f /tmp/resolv.conf + ln -s /tmp/resolv.conf.auto /tmp/resolv.conf + } + killall dnsmasq + return 0 +} diff --git a/files/common/etc/init.d/n2n b/files/common/etc/init.d/n2n new file mode 100755 index 0000000..26f2e72 --- /dev/null +++ b/files/common/etc/init.d/n2n @@ -0,0 +1,43 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2008 OpenWrt.org +[ -n "$IPKG_INSTROOT" ] && exit 0 +START=90 + +config_cb() { + local cfg="$CONFIG_SECTION" + config_get configname "$cfg" TYPE + + case "$configname" in + edge) + config_get ipaddr "$cfg" ipaddr + config_get supernode "$cfg" supernode + config_get port "$cfg" port + config_get community "$cfg" community + config_get key "$cfg" key + config_get_bool route "$cfg" route 0 + config_get devname "$cfg" devname + node_mac=`ifconfig ath0 | grep HWaddr | awk '{print $5}' | tr -d "\n" | cut -c6-` + [ "$route" = "1" ] && args='-r' + if [ "$ipaddr" != "" ]; then + mac_random=`echo $(head -30 /dev/urandom | tr -dc "0123456789" | head -c2)` + edge -f $args -a 169.254.0.1 -d $devname -c $community -k $key -m 12:${mac_random}${node_mac} -l ${supernode}:${port} + ifconfig $devname 0.0.0.0 + batctl if add $devname + fi + ;; + supernode) + config_get port "$cfg" port + if [ "$port" != "" ]; then + supernode -l $port & + fi + ;; + esac +} + +start() { + config_load n2n +} +stop() { + killall -9 edge + killall supernode +} diff --git a/files/common/etc/rc.local b/files/common/etc/rc.local new file mode 100644 index 0000000..38c68a9 --- /dev/null +++ b/files/common/etc/rc.local @@ -0,0 +1,4 @@ +# the system init finished. By default this file does nothing. +ifconfig br-mesh down +ifconfig br-mesh up +exit 0 diff --git a/files/common/sbin/n2n_watchdog b/files/common/sbin/n2n_watchdog new file mode 100755 index 0000000..247753b --- /dev/null +++ b/files/common/sbin/n2n_watchdog @@ -0,0 +1,26 @@ +#!/bin/ash + +if [[ `uci get batman-adv.bat0.gw_mode` = "server" ]]; then + + n2n_pwd=`wget http://www.freifunk-jena.de/n2n -O - -q` + n2n1_pwd_old=`uci get n2n.@edge[1].key` + n2n2_pwd_old=`uci get n2n.@edge[0].key` + + if [[ $n2n_pwd != $n2n1_pwd_old && $n2n_pwd != "" -o $n2n_pwd != $n2n2_pwd_old && $n2n_pwd != "" ]]; then + uci set n2n.@edge[0].key=$n2n_pwd + uci set n2n.@edge[1].key=$n2n_pwd + uci commit n2n + /etc/init.d/n2n restart + logger "n2n password updated and restarted (new password)" + fi + + sleep 5 + n2n_neighbors=`batctl o | grep n2n | wc -l` + + if [[ $n2n_neighbors -lt 1 ]]; then + /etc/init.d/n2n restart + logger "n2n restarted (no neighbors via n2n)" + fi +else + exit 0 +fi diff --git a/files/common/sbin/setup_router b/files/common/sbin/setup_router new file mode 100755 index 0000000..36b62e5 --- /dev/null +++ b/files/common/sbin/setup_router @@ -0,0 +1,64 @@ +#!/bin/sh +echo "Soll dieser Router als Gateway arbeiten? (j/n) " +read router +echo +if [[ $router = "j" ]] + then + #Act a a Router + #set ipv4 Adress + echo "Bitte warten, es wird automatisch eine freie IP ermittelt (Kann bis zu 10 Minuten dauern)" + /etc/init.d/n2n enable + /etc/init.d/n2n start + sleep 20 + for i in `seq 1 254 `; do + LOSS=`ping -c3 10.17.$i.1 | grep loss | awk '{print $7}' | sed 's/%//g'; sleep 1` + sleep 1; + if [[ 99 -lt $LOSS ]]; then + NODE_IP=10.17.$i.1 + oct3=$i + break + fi + done + + uci set network.mesh.ipaddr=$NODE_IP + uci set network.mesh.proto=static + uci set network.mesh.netmask=255.255.0.0 + uci set dhcp.mesh=dhcp + uci set dhcp.mesh.start=2 + uci set dhcp.mesh.limit=254 + uci set dhcp.mesh.leasetime=12h + uci set dhcp.mesh.interface=mesh + uci set dhcp.mesh.start_ip=10.17.$oct3.2 + uci set dhcp.mesh.end_ip=10.17.$oct3.254 + uci commit dhcp + # Batman Server Mode + uci set batman-adv.bat0.gw_mode=server + uci commit batman-adv + # Add Cron Jobs + echo "* * * * * /sbin/test_gateway > /dev/null" >> /etc/crontabs/root + echo "* * * * * /sbin/splash_sync > /dev/null" >> /etc/crontabs/root + echo "*/15 * * * * /sbin/n2n_watchdog > /dev/null" >> /etc/crontabs/root + /etc/init.d/cron restart + echo $'\n\n\n\n' + echo "Einrichtung des Routers abgeschossen! +Dieser Router hat folgende IP: $NODE_IP" + echo $'\n\n\n\n' + else + # Act as a node only + uci del dhcp.mesh + uci commit dhcp + uci del network.mesh.ipaddr + uci del network.mesh.proto + uci del network.mesh.netmask + uci commit network + echo "Der Router wird als normaler Node konfiguriert" + echo + # Batman Client Mode + uci set batman-adv.bat0.gw_mode=client + uci commit batman-adv +fi +uci commit +/etc/init.d/batman-adv restart +#TODO: Generate Subnet +#TODO: DHCP Configuration +#HINT: Port freifunk-wizzard-leipzig in from lua (http://luci.subsignal.org/trac/browser/luci/branches/luci-0.10/applications/luci-ffwizard-leipzig/luasrc/model/cbi/ffwizard.lua) diff --git a/files/common/sbin/splash_sync b/files/common/sbin/splash_sync new file mode 100755 index 0000000..3a2b0f1 --- /dev/null +++ b/files/common/sbin/splash_sync @@ -0,0 +1,51 @@ +#!/bin/sh +. $IPKG_INSTROOT/etc/functions.sh +x=0 +config_load splash_users +test=1 +myip=`uci get network.mesh.ipaddr` +splash_check() { + timeout=6000 + current_time=`date +%s` + config_get mac "$1" mac + config_get time "$1" time + local config="$1" + let time_check=$time+$timeout + if [ $time_check -gt $current_time ]; then + # User ist noch gesplashed + iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT + iptables -t nat -I ffj_splash 1 -m mac --mac-source $mac -j ACCEPT + else + # User is not longer splashed / the user must click again + iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT + uci delete splash_users.@user[$x].mac + uci delete splash_users.@user[$x].time + uci delete splash_users.@user[$x] + + fi + let x=$x+1 +} +#chain refresh +iptables -t nat -D zone_mesh_prerouting -p tcp -j ffj_splash +iptables -t nat -F ffj_splash +iptables -t nat -X ffj_splash +#recreation +iptables -t nat -N ffj_splash +iptables -t nat -I zone_mesh_prerouting 1 -p tcp -j ffj_splash +config_foreach splash_check user +#DNS Whitelisting +iptables -t nat -p udp -A ffj_splash --dport 53 -j ACCEPT +#Jabber Whitelisting +iptables -t nat -p tcp -A ffj_splash --dport 5222 -j ACCEPT +iptables -t nat -p tcp -A ffj_splash --dport 5223 -j ACCEPT +#Free Wavez in Freifunk +iptables -t nat -A ffj_splash -s 10.0.0.0/8 -d 10.0.0.0/8 -j ACCEPT +#Freifunk-Jena Whitelisting +iptables -t nat -A ffj_splash -d freifunk-jena.de -j ACCEPT +iptables -t nat -A ffj_splash -d www.freifunk-jena.de -j ACCEPT +#Jappix Whitelisting +iptables -t nat -A ffj_splash -d static.jappix.com -j ACCEPT +iptables -t nat -A ffj_splash -p tcp -j DNAT --to $myip:80 + + + diff --git a/files/common/sbin/test_gateway b/files/common/sbin/test_gateway new file mode 100755 index 0000000..97296e2 --- /dev/null +++ b/files/common/sbin/test_gateway @@ -0,0 +1,15 @@ +#!/bin/sh +TESTHOST=4.2.2.4 +ping -c 1 -w 5 $TESTHOST &>/dev/null + +if [ $? -ne 0 ] ; then + // IP not reachable -> try if-down-up + ifdown wan + ifup wan + sleep 10 + // Test Again + ping -c 1 -w 5 4.2.2.4 &>/dev/null + if [ $? -ne 0 ] ; then + ifdown wan + fi +fi diff --git a/files/common/sbin/test_vpn b/files/common/sbin/test_vpn new file mode 100755 index 0000000..f69b5a7 --- /dev/null +++ b/files/common/sbin/test_vpn @@ -0,0 +1,15 @@ +#!/bin/sh +TESTHOST=4.2.2.4 +ping -c 1 -w 5 -I tun0 $TESTHOST &>/dev/null + +if [ $? -ne 0 ] ; then + // IP not reachable -> restart openvpn + /etc/init.d/openvpn restart + sleep 10 + // Test Again + ping -c 1 -w 5 -I tun0 $TESTHOST &>/dev/null + if [ $? -ne 0 ] ; then + /etc/init.d/openvpn stop + ifdown wan + fi +fi diff --git a/files/common/www/cgi-bin/debug b/files/common/www/cgi-bin/debug new file mode 100755 index 0000000..14d8447 --- /dev/null +++ b/files/common/www/cgi-bin/debug @@ -0,0 +1,26 @@ +#!/bin/sh +echo -en "Status: 200 OK\r\n" +echo -en "Content-Type: text/html\r\n" +echo -en "\r\n" + +echo "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head></head><body>" +echo "<h1>Router Status</h1>" +echo "<h2>Batman-ADV</h2>" +echo "<pre>" +batctl tg | cat +batctl tl |cat +echo "</pre>" +echo "<h2>Netzwerk</h2>" +echo "<pre>" +ifconfig | cat +echo "</pre>" +echo "<h2>Prozesse</h2>" +echo "<pre>" +ps aux | cat +echo "</pre>" +echo "<h2>UCI</h2>" +echo "<pre>" +uci show | cat +echo "</pre>" +echo "</body></html>" + diff --git a/files/common/www/cgi-bin/redirect b/files/common/www/cgi-bin/redirect new file mode 100755 index 0000000..9b417db --- /dev/null +++ b/files/common/www/cgi-bin/redirect @@ -0,0 +1,8 @@ +#!/bin/sh +echo -en "Cache-Control: no-cache, max-age=0, no-store, must-revalidate\r\n" +echo -en "Pragma: no-cache\r\n" +echo -en "Expires: -1\r\n" +echo -en "Status: 302 Temporary Redirect\r\n" +echo -en "Location: http://"`uci get network.mesh.ipaddr`"/cgi-bin/splash?"`/bin/urlencode "$HTTP_HOST$REQUEST_URI"`"\r\n" +echo -en "\r\n" +exit 0 diff --git a/files/common/www/cgi-bin/splash b/files/common/www/cgi-bin/splash new file mode 100755 index 0000000..ee907d6 --- /dev/null +++ b/files/common/www/cgi-bin/splash @@ -0,0 +1,8 @@ +#!/bin/sh +echo -en "Status: 200 OK\r\n" +echo -en "Content-Type: text/html\r\n" +echo -en "\r\n" +#targeturl=$(echo $QUERY_STRING) +#targeturl=$(echo $QUERY_STRING | sed -f /etc/urlencode.sed) +targeturl=`echo $QUERY_STRING` +sed "s/targeturl/"$targeturl"/g" /www/splash.html diff --git a/files/common/www/cgi-bin/splash_click b/files/common/www/cgi-bin/splash_click new file mode 100755 index 0000000..d08af6a --- /dev/null +++ b/files/common/www/cgi-bin/splash_click @@ -0,0 +1,38 @@ +#!/bin/sh +echo -en "Status: 200 OK\r\n" +echo -en "Content-Type: text/html\r\n" +echo -en "\r\n" +TEST=`cat ` +TEST=`echo $TEST | sed 's/'target_url='/''/g'` +TEST=`/bin/urldecode "$TEST"` +TEST=`echo $TEST | sed 's/%2F/\//g'` +USER_MAC=`cat /proc/net/arp | grep $REMOTE_HOST | awk 'BEGIN { FS = " " } ; { print $4 }'` + +. $IPKG_INSTROOT/etc/functions.sh +ISSPLASHED=0 +config_load splash_users +is_mac() { + config_get mac "$1" mac + if [ "$mac" == "$USER_MAC" ]; then + ISSPLASHED=1 + fi +} +#check if user is alredy splashed +config_foreach is_mac user +sed 's/targeturl/'"$(echo $TEST| sed 's#/#\\/#g')"'/g' /www/iframe.html + +if [ $ISSPLASHED -eq 1 ]; then + exit +fi +#User is now free to go +iptables -t nat -I ffj_splash 1 -m --mac-source $USER_MAC -j ACCEPT + +uci -q add splash_users user +uci -q set splash_users.@user[-1].mac=$USER_MAC +uci -q set splash_users.@user[-1].time=`date +%s` + +exit 0 + + + + diff --git a/files/common/www/cgi-bin/status.xml b/files/common/www/cgi-bin/status.xml new file mode 100755 index 0000000..8d45a90 --- /dev/null +++ b/files/common/www/cgi-bin/status.xml @@ -0,0 +1,3 @@ +#/bin/bash! +hostname=`hostname` +eval "echo \"$(cat template.status.xml)\"" diff --git a/files/common/www/cgi-bin/template.status.xml b/files/common/www/cgi-bin/template.status.xml new file mode 100644 index 0000000..7df4e9f --- /dev/null +++ b/files/common/www/cgi-bin/template.status.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<node> + <hostname>$hostname</hostname> + <is_hna>0</is_hna> + <network> + <ip_4></ip_4> + <ip_6></ip_6> + </network> + <owner>Max Mustermann</owner> + <godfather>Susi Mustermann</godfather> + <position> + <lat></lat> + <long></long> + <text></text> + </position> + <statistics> + <uptime></uptime> + <dhcp_leases></dhcp_leases> + <load></load> + + </statistics> + + <batman-adv> + <route> + <hostname></hostname> + <mac></mac> + </route> + </batman-adv> +</node> + + diff --git a/files/common/www/ff-jena_signet.png b/files/common/www/ff-jena_signet.png Binary files differnew file mode 100644 index 0000000..15d216c --- /dev/null +++ b/files/common/www/ff-jena_signet.png diff --git a/files/common/www/ffj.css b/files/common/www/ffj.css new file mode 100644 index 0000000..3542611 --- /dev/null +++ b/files/common/www/ffj.css @@ -0,0 +1,61 @@ +div#body { +width: 100%; +text-align: center; +} +div#maincontent{ +margin-left: auto; +margin-right: auto; +max-width: 600px; +font-family: Arial, Verdana, sans-serif; +font-size: 12pt; +text-align: left; +} +div#maincontent a, a:link, a:visited { +color: #464646; +text-decoration: none; +} + +div#button_area{ +padding-left:150px; +padding-right:150px; +text-align:center; +} + +div#button_left{ +float:left; +width: 50%; +text-align:center; +} + +div#button_right{ +float:right; +width: 50%; +text-align:center; +} + +input.button{ +border-color:white black black white; +border-style:solid; +border-width:1px; +background-color: #E5E5E5; +padding: 5px; +color: black; +font-weight: bold; +border-radius: 5px; +-moz-border-radius: 5px; +-webkit-border-radius: 5px; +} +input.button:hover { +background-color: grey; +border-color:white black black white; +border-style:solid; +border-width:1px; +} +div#logo { +height: 125px; +font-size: 24px; +} +img.logo { +float: left; +padding: 5px; +} diff --git a/files/common/www/iframe.html b/files/common/www/iframe.html new file mode 100644 index 0000000..cdee514 --- /dev/null +++ b/files/common/www/iframe.html @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html + PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" + xml:lang="en" lang="en"> + +<head> + <title>Freifunk Jena</title> + + <link rel="stylesheet" type="text/css" href="/ffj.css" /> + + +</head> +<body style="margin:0px;"> +<!-- <div style="width:100%;padding:0px;background-color: #E5E5E5;text-align: center"><a href="targeturl">Weiter zur gesuchten Seite...</a></div>/--> +<iframe src="http://www.freifunk-jena.de/" width="100%" height="1000px"></iframe> +</body> +</html> diff --git a/files/common/www/splash.html b/files/common/www/splash.html new file mode 100644 index 0000000..7b85b5e --- /dev/null +++ b/files/common/www/splash.html @@ -0,0 +1,88 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html + PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + +<head> +<script type="text/javascript" src="https://static.jappix.com/php/get.php?l=de&t=js&g=mini.xml&f=jquery.js"></script> + +<script type="text/javascript"> + jQuery(document).ready(function() { + MINI_GROUPCHATS = ["chat@chat.freifunk-jena.de"]; + launchMini(false, true, "anonymous.jappix.com"); + }); +</script> + + <title>Freifunk Jena</title> + + <link rel="stylesheet" type="text/css" href="/ffj.css" /> + +</head> +<body> + <div id="body"> + <div id="maincontent"> + + <div id="logo"> + <img src="/ff-jena_signet.png" class="logo" alt="Freifunk-Logo"/><br /><strong>Freifunk Jena</strong><br />Das freie Bürgernetz für Jena + </div> + + <h2><a id="content" name="content">Willkommen!</a></h2> + <p> + Du bist jetzt mit dem freien Funknetz <a href="http://www.freifunk-jena.de">Freifunk Jena</a> verbunden.<br /> + + Wir sind ein experimentelles Gemeinschaftsnetzwerk, aber kein Internetanbieter. + </p> + + <p> + Ein Zugang <strong>ins Internet</strong> ist trotzdem möglich, + da einige Freifunker ihre privaten Internetzugänge zur Verfügung stellen. + Diese Zugänge müssen sich hier alle teilen. + Bitte sei Dir dessen bewusst und verhalte Dich dementsprechend: + </p> + + <ul> + <li>bitte <strong>keine Filesharing-Programme</strong> betreiben!</li> + <li>bitte <strong>keine unnötigen Downloads oder Streams</strong> starten!</li> + <li>bitte <strong>keine illegalen Aktivitäten</strong>!</li> + </ul> + + <p> + Wenn Du unsere Idee gut findest und das Netz regelmässig benutzt, dann bitten wir Dich um Unterstützung: + </p> + + <ul> + <li><a href="http://www.freifunk-jena.de">Werde selbst Freifunker oder teile deinen Internetzugang!</a></li> + <li>Spende ein paar Euro, damit wir unser Netz weiter betreiben und ausbauen können.</li> + <li>Wenn Du selbst privat genutzte WLAN-Geräte betreibst nutze dafür bitte andere Kanäle als wir.</li> + </ul> + + <p> + Mit einem Klick auf <em>Akzeptieren</em> kannst du für + 1 Stunde(n) unser Netz verwenden. Dann wirst du + erneut aufgefordet, diese Bedingungen zu akzeptieren. + </p> + + + <div id="button_area"> + <div id="button_left"> + <div class="buttons"> + <form action="/cgi-bin/splash_click" method="post"> + <input type="hidden" name="target_url" value="targeturl"/> + <input class="button" type="submit" value="Akzeptieren"/> + </form> + </div> + </div> + <div id="button_right"> + <div class="buttons"> + <form action="http://www.freifunk-jena.de/Decline" method="get"> + <input class="button" type="submit" value="Ablehnen"/> + </form> + </div> + </div> + </div> + </div> + </div> +</body> +</html> |
