ChristianD
/
firmware
forked from freifunk-franken/firmware
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: ChristianD:master
Branches Tags
ChristianD:master
ChristianD:webuissl
ChristianD:webuineu
ChristianD:ifacetype
ChristianD:s2nproxy
ChristianD:nodewatcherlatency
ChristianD:remalfred
ChristianD:removehood
ChristianD:snmputils
ChristianD:ipv4snatV2
ChristianD:release-CHD-20210220
ChristianD:mqtt
ChristianD:nodewatcherl3
ChristianD:webl3node
ChristianD:buildnew
ChristianD:ipv4snat
ChristianD:l3configweb
ChristianD:autol3complete
ChristianD:build1
ChristianD:keepchanges
ChristianD:l3update
ChristianD:autol3web
ChristianD:autov4
ChristianD:autov6
ChristianD:l3configwebnew
ChristianD:vlan
ChristianD:wgkey
ChristianD:build
ChristianD:iprule
ChristianD:web
ChristianD:0.5.x
freifunk-franken:master
freifunk-franken:0.5.x
ChristianD:CHD-20210220
ChristianD:20210218
freifunk-franken:20240401
freifunk-franken:20240119-beta
freifunk-franken:20230330
freifunk-franken:20230321-beta
freifunk-franken:20221201
freifunk-franken:20221019
freifunk-franken:20220814
freifunk-franken:20220413
freifunk-franken:20220405-beta
freifunk-franken:20211224
freifunk-franken:20211220
freifunk-franken:20211201-beta
freifunk-franken:20210226
freifunk-franken:20210218
freifunk-franken:20210211-beta
freifunk-franken:20200501
freifunk-franken:20200423-beta
freifunk-franken:20200118
freifunk-franken:20191224
freifunk-franken:20191214-beta
freifunk-franken:20191130-alpha
freifunk-franken:20191123-alpha
freifunk-franken:20181202
freifunk-franken:20181128-beta
freifunk-franken:20180802
freifunk-franken:20180802-beta
freifunk-franken:20180726-beta
freifunk-franken:20180304-alpha
freifunk-franken:20180303-alpha
freifunk-franken:20170918
freifunk-franken:20170918-beta
freifunk-franken:20170218-alpha
freifunk-franken:20170110
freifunk-franken:20170110-beta
freifunk-franken:20161105-beta
freifunk-franken:20161008-beta
freifunk-franken:20160506
freifunk-franken:20160506-beta
freifunk-franken:20160310
freifunk-franken:20160213-beta
freifunk-franken:0.5.2
freifunk-franken:0.5.2-b2
freifunk-franken:0.5.2-b1
freifunk-franken:0.5.1
freifunk-franken:0.5.1-b2
freifunk-franken:0.5.1-b1
freifunk-franken:0.5.0
freifunk-franken:0.5.0-b1
freifunk-franken:0.4.3
freifunk-franken:0.4.2
freifunk-franken:0.4.1
freifunk-franken:0.4.0ol
freifunk-franken:0.4.0f
freifunk-franken:0.4.0rc5f
freifunk-franken:0.4.0rc4ol
freifunk-franken:0.4.0rc4f
freifunk-franken:0.4.0rc3f
freifunk-franken:0.4.0rc2f
freifunk-franken:0.3.999f
freifunk-franken:0.3.999
freifunk-franken:0.3.99
freifunk-franken:0.3
freifunk-franken:0.2.1
freifunk-franken:0.2
freifunk-franken:0.1
freifunk-franken:0.3.998
freifunk-franken:20240401-beta
...
pull from: ChristianD:release-CHD-20210220
Branches Tags
ChristianD:webuissl
ChristianD:webuineu
ChristianD:ifacetype
ChristianD:s2nproxy
ChristianD:nodewatcherlatency
ChristianD:remalfred
ChristianD:removehood
ChristianD:snmputils
ChristianD:ipv4snatV2
ChristianD:master
ChristianD:release-CHD-20210220
ChristianD:mqtt
ChristianD:nodewatcherl3
ChristianD:webl3node
ChristianD:buildnew
ChristianD:ipv4snat
ChristianD:l3configweb
ChristianD:autol3complete
ChristianD:build1
ChristianD:keepchanges
ChristianD:l3update
ChristianD:autol3web
ChristianD:autov4
ChristianD:autov6
ChristianD:l3configwebnew
ChristianD:vlan
ChristianD:wgkey
ChristianD:build
ChristianD:iprule
ChristianD:web
ChristianD:0.5.x
freifunk-franken:master
freifunk-franken:0.5.x
ChristianD:CHD-20210220
ChristianD:20210218
freifunk-franken:20240401
freifunk-franken:20240119-beta
freifunk-franken:20230330
freifunk-franken:20230321-beta
freifunk-franken:20221201
freifunk-franken:20221019
freifunk-franken:20220814
freifunk-franken:20220413
freifunk-franken:20220405-beta
freifunk-franken:20211224
freifunk-franken:20211220
freifunk-franken:20211201-beta
freifunk-franken:20210226
freifunk-franken:20210218
freifunk-franken:20210211-beta
freifunk-franken:20200501
freifunk-franken:20200423-beta
freifunk-franken:20200118
freifunk-franken:20191224
freifunk-franken:20191214-beta
freifunk-franken:20191130-alpha
freifunk-franken:20191123-alpha
freifunk-franken:20181202
freifunk-franken:20181128-beta
freifunk-franken:20180802
freifunk-franken:20180802-beta
freifunk-franken:20180726-beta
freifunk-franken:20180304-alpha
freifunk-franken:20180303-alpha
freifunk-franken:20170918
freifunk-franken:20170918-beta
freifunk-franken:20170218-alpha
freifunk-franken:20170110
freifunk-franken:20170110-beta
freifunk-franken:20161105-beta
freifunk-franken:20161008-beta
freifunk-franken:20160506
freifunk-franken:20160506-beta
freifunk-franken:20160310
freifunk-franken:20160213-beta
freifunk-franken:0.5.2
freifunk-franken:0.5.2-b2
freifunk-franken:0.5.2-b1
freifunk-franken:0.5.1
freifunk-franken:0.5.1-b2
freifunk-franken:0.5.1-b1
freifunk-franken:0.5.0
freifunk-franken:0.5.0-b1
freifunk-franken:0.4.3
freifunk-franken:0.4.2
freifunk-franken:0.4.1
freifunk-franken:0.4.0ol
freifunk-franken:0.4.0f
freifunk-franken:0.4.0rc5f
freifunk-franken:0.4.0rc4ol
freifunk-franken:0.4.0rc4f
freifunk-franken:0.4.0rc3f
freifunk-franken:0.4.0rc2f
freifunk-franken:0.3.999f
freifunk-franken:0.3.999
freifunk-franken:0.3.99
freifunk-franken:0.3
freifunk-franken:0.2.1
freifunk-franken:0.2
freifunk-franken:0.1
freifunk-franken:0.3.998
freifunk-franken:20240401-beta

7 Commits
master ... release-CH

Author SHA1 Message Date
Christian Dresel bd092168bb Merge branch 'ipv4snatV2' of https://git.freifunk-franken.de/ChristianD/firmware into CHD-20210220 2021-02-20 07:21:00 +00:00
Christian Dresel f0c53a61cb Merge branch 'mqtt' of https://git.freifunk-franken.de/ChristianD/firmware into CHD-20210220 2021-02-20 07:20:08 +00:00
Christian Dresel fe06eae15c packages/fff: Add package fff-web-mqtt 
With this package the mqtt settings can configure over the webui

Each user kann use its own mqtt broker or a broker from a other user
This means that the user has a free choice of where to send or get data

Signed-off-by: Christian Dresel <freifunk@dresel.systems>
 2021-02-14 10:39:16 +01:00
Christian Dresel ab5c00fb51 packages/fff: Add package fff-mqtt-monitoring 
This package send Alfred data to the mqtt broker

Anyone can access this data and can build its own monitoring

Signed-off-by: Christian Dresel <freifunk@dresel.systems>
 2021-02-14 10:39:13 +01:00
Christian Dresel 0b585e5273 Add package fff-layer3-ipv4snat 
With this package it is possible to make SNAT with IPv4 on the router

The user must set a peer_ip setting in gateway.meta.peer_ip to get a single ip for peering interfaces.
At ipaddr the user must set a ip that not use in babel (e.g. 192.168.0.1/16) for the clients

With this package the ipaddr address is SNAT to the peer_ip and every router need only one
freifunk ip and can use the same ipaddr on every router.

It is a system like cgnat from big provider

Signed-off-by: Christian Dresel <freifunk@dresel.systems>
 2021-02-13 17:45:18 +01:00
Christian Dresel 93106ff9d6 fff-firewall: Flush nat und mangle iptables table 
We should flush all tables and not only filter to reset the complete firewall

Signed-off-by: Christian Dresel <freifunk@dresel.systems>
 2021-01-28 09:48:12 +01:00
Christian Dresel 706736eeca packages/fff: Add package fff-mqtt 
This package provides mosquitto and set default settings

mosquitto is used for mqtt communication.
With mqtt we can use a distributed mqtt broker for decentralized communication

We can use this for monitoring data or router configuration

Signed-off-by: Christian Dresel <freifunk@dresel.systems>
 2021-01-01 11:08:14 +01:00
14 changed files with 221 additions and 0 deletions
Show Stats Expand all files Collapse all files

1
src/packages/fff/fff-firewall/Makefile
View File

@ -2,6 +2,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=fff-firewall
PKG_RELEASE:=6
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk

6
src/packages/fff/fff-firewall/files/usr/lib/firewall.d/00-prepare
View File

@ -5,5 +5,11 @@ ebtables -X
iptables -F
iptables -X
iptables -F -t nat
iptables -X -t nat
iptables -F -t mangle
iptables -X -t mangle
ip6tables -F
ip6tables -X

32
src/packages/fff/fff-layer3-ipv4snat/Makefile Normal file
View File

@ -0,0 +1,32 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=fff-layer3-ipv4snat
PKG_RELEASE:=1
include $(INCLUDE_DIR)/package.mk
define Package/fff-layer3-ipv4snat
SECTION:=base
CATEGORY:=Freifunk
TITLE:=Freifunk-Franken layer3 configuration with SNAT
URL:=https://www.freifunk-franken.de
DEPENDS:= \
+iptables-mod-nat-extra \
+fff-firewall \
+fff-layer3-config
endef
define Package/fff-layer3-ipv4snat/description
With this package it is possible to make SNAT with IPv4 on the router
endef
define Build/Compile
# nothing
endef
define Package/fff-layer3-ipv4snat/install
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,fff-layer3-ipv4snat))

31
src/packages/fff/fff-layer3-ipv4snat/files/etc/layer3.d/33-snat.conf Normal file
View File

@ -0,0 +1,31 @@
configure() {
# first we delete the snat config
uci -q del network.client.nat
if [ "$(uci -q get gateway.@client[0].nat)" = '1' ]; then
# first check the config is plausible
if ! peer_ip=$(uci get gateway.meta.peer_ip); then
echo "ERROR: No peer_ip set! For SNAT use you must set a peer_ip"
return 1
fi
if ! ipaddr=$(uci get gateway.@client[0].ipaddr); then
echo "ERROR: No ipaddr set! For SNAT use you must set ipaddr"
return 1
fi
# We set the snat config
uci set network.client.nat=1
fi
}
reload() {
/etc/init.d/fff-firewall start
}
apply() {
uci commit network
}
revert() {
uci revert network
}

7
src/packages/fff/fff-layer3-ipv4snat/files/usr/lib/firewall.d/30-SNAT Normal file
View File

@ -0,0 +1,7 @@
if [ "$(uci -q get gateway.@client[0].nat)" = '1' ]; then
peer_ip=$(uci get gateway.meta.peer_ip)
ipaddr=$(uci get gateway.@client[0].ipaddr)
for ip in $ipaddr; do
iptables -t nat -A POSTROUTING -s $ip -j SNAT --to-source $peer_ip
done
fi

4
src/packages/fff/fff-layer3/Makefile
View File

@ -2,6 +2,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=fff-layer3
PKG_RELEASE:=8
PKG_BUILD_DIR:=$(BUILD_DIR)/fff-layer3
include $(INCLUDE_DIR)/package.mk
@ -15,8 +16,11 @@ define Package/fff-layer3
+fff-boardname \
+fff-dhcp \
+fff-layer3-config \
+fff-mqtt-monitoring \
+fff-layer3-ipv4snat \
+fff-network \
+fff-ra \
+fff-web-mqtt \
+fff-wireguard \
+arptables \
+bmon \

35
src/packages/fff/fff-mqtt-monitoring/Makefile Normal file
View File

@ -0,0 +1,35 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=fff-mqtt-monitoring
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/fff-mqtt-monitoring
include $(INCLUDE_DIR)/package.mk
define Package/fff-mqtt-monitoring
SECTION:=base
CATEGORY:=Freifunk
TITLE:=Freifunk-Franken mqtt configuration
URL:=https://www.freifunk-franken.de
DEPENDS:= \
+alfred-json \
+fff-mqtt \
+micrond \
+fff-alfred
endef
define Package/fff-mqtt-monitoring/description
This package send monitoring informations to
the mqtt broker
endef
define Build/Compile
# nothing
endef
define Package/fff-mqtt-monitoring/install
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,fff-mqtt-monitoring))

1
src/packages/fff/fff-mqtt-monitoring/files/usr/lib/micron.d/fff-alfred-mqtt-proxy Normal file
View File

@ -0,0 +1 @@
*/5 * * * * sleep $(/usr/bin/random 70 85); /usr/sbin/alfred-mqtt-proxy

8
src/packages/fff/fff-mqtt-monitoring/files/usr/sbin/alfred-mqtt-proxy Executable file
View File

@ -0,0 +1,8 @@
#!/bin/sh
MACADDR=$(cat /sys/class/net/br-client/address | /bin/sed 's/://g')
fetch_id="64"
if [ -n "$(uci -q get fff.mqtt.server)" ] ; then
mosquitto_pub -h "$(uci get fff.mqtt.server)" -p 1883 -t /monitoring/v1/$MACADDR -m "$(/bin/alfred-json -r "$fetch_id")"
fi

34
src/packages/fff/fff-mqtt/Makefile Normal file
View File

@ -0,0 +1,34 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=fff-mqtt
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/fff-mqtt
include $(INCLUDE_DIR)/package.mk
define Package/fff-mqtt
SECTION:=base
CATEGORY:=Freifunk
TITLE:=Freifunk-Franken mqtt configuration
URL:=https://www.freifunk-franken.de
DEPENDS:= \
+fff-config \
+libmosquitto-ssl \
+mosquitto-client-ssl \
+mosquitto-ssl
endef
define Package/fff-mqtt/description
This package provides mosquitto and settings
endef
define Build/Compile
# nothing
endef
define Package/fff-mqtt/install
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,fff-mqtt))

3
src/packages/fff/fff-mqtt/files/etc/uci-defaults/35-fff-mqtt Normal file
View File

@ -0,0 +1,3 @@
uci set fff.mqtt=mqtt
exit 0

32
src/packages/fff/fff-web-mqtt/Makefile Normal file
View File

@ -0,0 +1,32 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=fff-web-mqtt
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
define Package/fff-web-mqtt
SECTION:=base
CATEGORY:=Freifunk
TITLE:=Freifunk-Franken mqtt config webui
URL:=http://www.freifunk-franken.de
DEPENDS:= \
+fff-mqtt \
+fff-web-ui
endef
define Package/fff-web-mqtt/description
Configure mqtt via a web UI
endef
define Build/Compile
# nothing
endef
define Package/fff-web-mqtt/install
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,fff-web-mqtt))

1
src/packages/fff/fff-web-mqtt/files/www/menu/ssl/17-mqtt Normal file
View File

@ -0,0 +1 @@
mqtt,MQTT-Einstellungen

26
src/packages/fff/fff-web-mqtt/files/www/ssl/cgi-bin/mqtt.html Executable file
View File

@ -0,0 +1,26 @@
#!/usr/bin/haserl
<%in /www/include/header %>
<%in /www/include/helpers %>
<% show_msg %>
<%
# write
if [ "$REQUEST_METHOD" = "POST" ] ; then
uci -q set "fff.mqtt.server=${POST_server}"
uci commit fff
fi
%>
<form method="post">
<fieldset style="min-height: 7em;" class="smallinput">
<legend>MQTT</legend>
<table>
<tr><th>Server:</th><td><input type="text" name="server" value="<%= $(uci -q get fff.mqtt.server) %>" /></td></tr>
</table>
</fieldset>
<input type="submit" style="margin-top: 5px; margin-left: 3px;" />
</form>
<%in /www/include/footer %>