3 # Konfiguriere uebliche Opennet-Interfaces sowie ein lokales Interface.
5 # Dieses Skript wird nur ein einziges Mal nach einem Upgrade oder der Erstinstallation ausgefuehrt:
10 # shellcheck source=opennet/packages/on-core/files/usr/lib/opennet/on-helper.sh
11 .
"${IPKG_INSTROOT:-}/usr/lib/opennet/on-helper.sh"
14 OPENWRT_DEFAULT_LOCAL_IP=192.168.1.1
17 configure_local_network() {
18 local uci_prefix=
"network.$NETWORK_LOCAL"
19 # wurde die Standard-IP bereits veraendert?
20 [
"$(uci_get "${uci_prefix}.ipaddr
")" !=
"$OPENWRT_DEFAULT_LOCAL_IP" ] &&
return 0
21 uci set
"${uci_prefix}.ipaddr=$(get_on_core_default lan_ipaddr)"
22 uci set
"${uci_prefix}.netmask=$(get_on_core_default lan_netmask)"
26 configure_opennet_zone() {
28 # Forwarding (die letzte Aktion dieses Ablaufs) existiert? Keine Aenderungen ...
29 [ -n
"$(find_first_uci_section "firewall
" "forwarding
" "src=$ZONE_MESH
" "dest=$ZONE_MESH
")" ] &&
return 0
30 uci_prefix=$(find_first_uci_section
"firewall" "zone" "name=$ZONE_MESH")
31 # Zone anlegen, falls leer
32 [ -z
"$uci_prefix" ] && uci_prefix=firewall.$(uci add firewall zone)
33 uci set
"$uci_prefix=zone"
34 uci set
"$uci_prefix.name=$ZONE_MESH"
35 # Opennet-APs bieten ueblicherweise keine privaten Dienste an
36 uci set
"$uci_prefix.input=ACCEPT"
37 # ausgehende Pakete sind OK
38 uci set
"$uci_prefix.output=ACCEPT"
39 # Verkehr aus dem opennet-Netz darf nicht in lokale oder tunnel-Netze
40 uci set
"$uci_prefix.forward=REJECT"
41 # via "masq_src" ersetzen wir die ehemalige "/etc/firewall.opennet" fuer Quell-basiertes Masquerading
42 add_zone_forward
"$ZONE_LOCAL" "$ZONE_MESH"
43 # intra-Zone-Verkehr muss explizit erlaubt werden
44 add_zone_forward
"$ZONE_MESH" "$ZONE_MESH"
48 configure_olsr_radio() {
49 trap
'error_trap configure_olsr_radio "$*"' EXIT
50 local iface_index=
"$1"
51 local iface_logical=
"$2"
52 local iface_device=
"$3"
54 local uci_wifi=
"wireless.@wifi-iface[$iface_index]"
58 uci_radio=
"wireless.$(uci_get "${uci_wifi}.device
")"
59 radio_band=$(uci_get
"${uci_radio}.band")
60 htmode=$(uci_get
"${uci_radio}.htmode")
61 bssid=$(get_on_core_default wifi_bssid)
63 uci set
"${uci_wifi}.network=$iface_logical"
64 uci set
"${uci_wifi}.device=$iface_device"
66 uci set
"wireless.radio${iface_index}.country=$(get_on_core_default wifi_country)"
67 uci_delete "wireless.radio${iface_index}.disabled"
69 # typ-spezifische Attribute
70 if echo
"$radio_band" | grep -q
"5g"; then
71 # 5 GHz: kein Mesh-Modus verfuegbar
72 uci set
"${uci_wifi}.ssid=$(get_on_core_default wifi_ssid_5ghz)"
73 uci set
"${uci_wifi}.mode=$(get_on_core_default wifi_mode_5ghz)"
74 # Use one (random) indoor channel and multiple outdoor channels.
75 # Indoor channel: as fallback otherwise wireless scans fail (ap + DFS channel -> no scan)
76 # Outdoor channels: remove TDWR channels + bandwidth
77 indoor_channel=$(( 36 + 4 * $(get_random 4) ))
78 uci set
"${uci_radio}.channel=$indoor_channel"
79 uci set
"${uci_radio}.chanlist=$indoor_channel $(get_on_core_default wifi_outdoor_chanlist_5ghz)"
80 # Fix 11ac
default bandwidth
81 if [
"$htmode" =
"VHT80" ]; then
82 uci set
"${uci_radio}.htmode=VHT20"
84 uci set
"${uci_wifi}.isolate=1"
86 # 2,4 GHz: Ad-hoc-Modus
87 uci set
"${uci_wifi}.ssid=$(get_on_core_default wifi_ssid)"
88 uci set
"${uci_wifi}.mode=$(get_on_core_default wifi_mode)"
89 [ -n
"$bssid" ] && uci set
"${uci_wifi}.bssid=$bssid"
90 uci set
"${uci_radio}.channel=$(get_on_core_default wifi_channel)"
96 configure_olsr_single_interface() {
97 trap
'error_trap configure_olsr_single_interface "$*"' EXIT
98 local iface_logical=
"$1"
100 local iface_netmask=
"$3"
101 local iface_device=
"$4"
104 uci set
"network.${iface_logical}=interface"
105 uci set
"network.${iface_logical}.proto=static"
106 uci set
"network.${iface_logical}.netmask=$iface_netmask"
107 uci set
"network.${iface_logical}.defaultroute=0"
108 uci set
"network.${iface_logical}.peerdns=0"
109 uci set
"network.${iface_logical}.ipaddr=$iface_addr"
111 # disable dhcp on on_wifi
112 uci set
"dhcp.${iface_logical}=dhcp"
113 uci set
"dhcp.${iface_logical}.interface=${iface_logical}"
114 uci set
"dhcp.${iface_logical}.dynamicdhcp=0"
115 uci set
"dhcp.${iface_logical}.ignore=1"
119 configure_olsr_interfaces() {
120 trap
'error_trap configure_olsr_interfaces "$*"' EXIT
122 # diese Aktion ist bereits abgeschlossen
123 uci -q show
"network" | grep -q
'^network\.on_eth_0\.' &&
return 0
128 on_id=$(uci_get on-core.settings.on_id
"$(get_on_core_default on_id_preset)")
129 on_ipschema=$(get_on_core_default on_ipschema)
130 on_netmask=$(get_on_core_default on_netmask)
135 # Erstelle wifi config in uci, falls noch keine vorhanden ist
139 while [ -n
"$(uci_get "wireless.@wifi-iface[${iface_index}]
")" ];
do
140 on_ipaddr=$(get_on_ip
"$on_id" "$on_ipschema" "$iface_index")
141 iface_wifi_device=$(uci_get
"wireless.@wifi-iface[${iface_index}].device")
142 iface_logical=on_wifi_$iface_index
144 configure_olsr_single_interface
"$iface_logical" "$on_ipaddr" "$on_netmask" "$iface_wifi_device"
145 configure_olsr_radio
"$iface_index" "$iface_logical" "$iface_wifi_device"
149 iface_index=$((iface_index + 1))
152 for iface_logical in
"on_eth_0" "on_eth_1";
do
153 on_ipaddr=$(get_on_ip
"$on_id" "$on_ipschema" "$iface_index")
155 configure_olsr_single_interface
"$iface_logical" "$on_ipaddr" "$on_netmask" "$iface_phys"
157 iface_index=$((iface_index + 1))
162 # jede Funktion sollte selbst pruefen, ob ihre Aktion bereits abgeschlossen ist
163 configure_local_network
164 configure_opennet_zone
165 configure_olsr_interfaces
167 apply_changes network wireless dhcp firewall
add_interface_to_zone()
Fuege ein logisches Netzwerk-Interface zu einer Firewall-Zone hinzu.
uci_delete(uci_path)
Lösche ein UCI-Element.
1.9.1