forked from freifunk-franken/firmware
Restructuring firmware direkctories, work in progress!
This commit is contained in:
parent
15387dddb0
commit
eb4c15a5c1
|
@ -1,8 +0,0 @@
|
|||
config 'mesh' 'bat0'
|
||||
option 'interfaces' 'ath1'
|
||||
option 'orig_interval'
|
||||
option 'log_level'
|
||||
option 'aggregated_ogms'
|
||||
option 'bonding'
|
||||
option 'fragmentation'
|
||||
option 'vis_mode'
|
|
@ -1,33 +0,0 @@
|
|||
config dnsmasq
|
||||
option domainneeded 1
|
||||
option boguspriv 1
|
||||
option filterwin2k '0' #enable for dial on demand
|
||||
option localise_queries 1
|
||||
option local '/lan/'
|
||||
option domain 'lan'
|
||||
option expandhosts 1
|
||||
option nonegcache 0
|
||||
option authoritative 0
|
||||
option readethers 1
|
||||
option leasefile '/tmp/dhcp.leases'
|
||||
option resolvfile '/tmp/resolv.conf.auto'
|
||||
#list server '/mycompany.local/1.2.3.4'
|
||||
#option nonwildcard 1
|
||||
#list interface br-lan
|
||||
#list notinterface lo
|
||||
|
||||
#config dhcp mesh
|
||||
# option interface mesh
|
||||
# option start X.10
|
||||
# option limit 100
|
||||
# option leasetime 6h
|
||||
|
||||
config dhcp lan
|
||||
option interface lan
|
||||
option start 100
|
||||
option limit 150
|
||||
option leasetime 12h
|
||||
|
||||
config dhcp wan
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -1,4 +0,0 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '22'
|
||||
# option BannerFile '/etc/banner'
|
|
@ -1,96 +0,0 @@
|
|||
config defaults
|
||||
option syn_flood 1
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name lan
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name wan
|
||||
option input REJECT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
option masq 1
|
||||
option mtu_fix 1
|
||||
|
||||
config forwarding
|
||||
option src lan
|
||||
option dest wan
|
||||
|
||||
# We need to accept udp packets on port 68,
|
||||
# see https://dev.openwrt.org/ticket/4108
|
||||
config rule
|
||||
option src wan
|
||||
option proto udp
|
||||
option dest_port 68
|
||||
option target ACCEPT
|
||||
|
||||
#Allow ping
|
||||
config rule
|
||||
option src wan
|
||||
option proto icmp
|
||||
option icmp_type echo-request
|
||||
option target ACCEPT
|
||||
|
||||
# include a file with users custom iptables rules
|
||||
config include
|
||||
option path /etc/firewall.user
|
||||
|
||||
|
||||
### EXAMPLE CONFIG SECTIONS
|
||||
# do not allow a specific ip to access wan
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option dest wan
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
# block a specific mac on wan
|
||||
#config rule
|
||||
# option dest wan
|
||||
# option src_mac 00:11:22:33:44:66
|
||||
# option target REJECT
|
||||
|
||||
# block incoming ICMP traffic on a zone
|
||||
#config rule
|
||||
# option src lan
|
||||
# option proto ICMP
|
||||
# option target DROP
|
||||
|
||||
# port redirect port coming in on wan to lan
|
||||
#config redirect
|
||||
# option src wan
|
||||
# option src_dport 80
|
||||
# option dest lan
|
||||
# option dest_ip 192.168.16.235
|
||||
# option dest_port 80
|
||||
# option proto tcp
|
||||
|
||||
|
||||
### FULL CONFIG SECTIONS
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 80
|
||||
# option dest wan
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
#config redirect
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 1024
|
||||
# option src_dport 80
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
|
@ -1,37 +0,0 @@
|
|||
config 'interface' 'loopback'
|
||||
option 'ifname' 'lo'
|
||||
option 'proto' 'static'
|
||||
option 'ipaddr' '127.0.0.1'
|
||||
option 'netmask' '255.0.0.0'
|
||||
|
||||
#config 'interface' 'lan'
|
||||
# option 'proto' 'dhcp'
|
||||
# option 'ifname' 'eth0.1'
|
||||
|
||||
config 'interface' 'wlanmesch'
|
||||
option 'ifname' 'ath1'
|
||||
option 'mtu' '1527'
|
||||
|
||||
config 'interface' 'mesh'
|
||||
option 'type' 'bridge'
|
||||
option 'ifname' 'eth0.1 ath0 bat0 tap0'
|
||||
option 'stp' '1'
|
||||
|
||||
config 'switch' 'eth0'
|
||||
option 'name' 'eth0'
|
||||
option 'reset' '1'
|
||||
option 'enable_vlan' '1'
|
||||
|
||||
config 'switch_vlan' 'eth0_1'
|
||||
option 'device' 'eth0'
|
||||
option 'vlan' '1'
|
||||
option 'ports' '0 1 2 3 5t'
|
||||
|
||||
config 'switch_vlan' 'eth0_2'
|
||||
option 'device' 'eth0'
|
||||
option 'vlan' '2'
|
||||
option 'ports' '4 5t'
|
||||
|
||||
config 'interface' 'wan'
|
||||
option 'ifname' 'eth0.2'
|
||||
option 'proto' 'dhcp'
|
|
@ -1,24 +0,0 @@
|
|||
config 'script'
|
||||
option 'version' '15'
|
||||
option 'error_level' '0'
|
||||
option 'logfile' '/var/log/nodewatcher.log'
|
||||
|
||||
config 'api'
|
||||
option 'ipv4_address' '1'
|
||||
option 'ipv6_interface' 'br-mesh'
|
||||
option 'ipv6_address' 'fe80::201:2ff:fe03:405'
|
||||
|
||||
config 'update'
|
||||
option 'autoupdate' '1'
|
||||
|
||||
config 'crawl'
|
||||
option 'method' 'hash'
|
||||
option 'nickname' '1'
|
||||
option 'password' '1'
|
||||
option 'router_id' '1'
|
||||
option 'update_hash' '1'
|
||||
option 'login_string' '1'
|
||||
|
||||
config 'network'
|
||||
option 'mesh-interface' 'br-mesh'
|
||||
option 'client-interfaces' 'ath0'
|
|
@ -1,86 +0,0 @@
|
|||
# QoS configuration for OpenWrt
|
||||
|
||||
# INTERFACES:
|
||||
config interface wan
|
||||
option classgroup "Default"
|
||||
option enabled 1
|
||||
option overhead 1
|
||||
option upload 128
|
||||
option download 1024
|
||||
|
||||
# RULES:
|
||||
config classify
|
||||
option target "Bulk"
|
||||
option layer7 "edonkey"
|
||||
config classify
|
||||
option target "Bulk"
|
||||
option layer7 "bittorrent"
|
||||
config classify
|
||||
option target "Priority"
|
||||
option ports "22,53"
|
||||
config classify
|
||||
option target "Normal"
|
||||
option proto "tcp"
|
||||
option ports "20,21,25,80,110,443,993,995"
|
||||
config classify
|
||||
option target "Express"
|
||||
option ports "5190"
|
||||
config default
|
||||
option target "Express"
|
||||
option proto "udp"
|
||||
option pktsize "-500"
|
||||
config reclassify
|
||||
option target "Priority"
|
||||
option proto "icmp"
|
||||
config default
|
||||
option target "Bulk"
|
||||
option portrange "1024-65535"
|
||||
config reclassify
|
||||
option target "Priority"
|
||||
option proto "tcp"
|
||||
option pktsize "-128"
|
||||
option mark "!Bulk"
|
||||
option tcpflags "SYN"
|
||||
config reclassify
|
||||
option target "Priority"
|
||||
option proto "tcp"
|
||||
option pktsize "-128"
|
||||
option mark "!Bulk"
|
||||
option tcpflags "ACK"
|
||||
|
||||
|
||||
# Don't change the stuff below unless you
|
||||
# really know what it means :)
|
||||
|
||||
config classgroup "Default"
|
||||
option classes "Priority Express Normal Bulk"
|
||||
option default "Normal"
|
||||
|
||||
|
||||
config class "Priority"
|
||||
option packetsize 400
|
||||
option maxsize 400
|
||||
option avgrate 10
|
||||
option priority 20
|
||||
config class "Priority_down"
|
||||
option packetsize 1000
|
||||
option avgrate 10
|
||||
|
||||
|
||||
config class "Express"
|
||||
option packetsize 1000
|
||||
option maxsize 800
|
||||
option avgrate 50
|
||||
option priority 10
|
||||
|
||||
config class "Normal"
|
||||
option packetsize 1500
|
||||
option packetdelay 100
|
||||
option avgrate 10
|
||||
option priority 5
|
||||
config class "Normal_down"
|
||||
option avgrate 20
|
||||
|
||||
config class "Bulk"
|
||||
option avgrate 1
|
||||
option packetdelay 200
|
|
@ -1,3 +0,0 @@
|
|||
config system
|
||||
option hostname OpenWrt
|
||||
option timezone "CET-1CEST,M3.5.0,M10.5.0/3"
|
|
@ -1,2 +0,0 @@
|
|||
config timeserver
|
||||
option hostname time.fu-berlin.de
|
|
@ -1,21 +0,0 @@
|
|||
config 'wifi-device' 'wifi0'
|
||||
option 'type' 'atheros'
|
||||
option 'disabled' '0'
|
||||
option 'channel' '6'
|
||||
option 'txpower' '15'
|
||||
option 'bgscan' '0'
|
||||
option 'diversity' '1'
|
||||
|
||||
config 'wifi-iface'
|
||||
option 'device' 'wifi0'
|
||||
option 'mode' 'adhoc'
|
||||
option 'ssid' 'batman.oldenburg.freifunk.net'
|
||||
option 'bssid' '02:CA:FF:EE:BA:BE'
|
||||
option 'encryption' 'none'
|
||||
option 'hidden' '1'
|
||||
|
||||
config 'wifi-iface'
|
||||
option 'device' 'wifi0'
|
||||
option 'mode' 'ap'
|
||||
option 'ssid' 'oldenburg.freifunk.net'
|
||||
option 'encryption' 'none'
|
|
@ -1,8 +0,0 @@
|
|||
config 'mesh' 'bat0'
|
||||
option 'interfaces' 'ath1'
|
||||
option 'orig_interval'
|
||||
option 'log_level'
|
||||
option 'aggregated_ogms'
|
||||
option 'bonding'
|
||||
option 'fragmentation'
|
||||
option 'vis_mode'
|
|
@ -1,33 +0,0 @@
|
|||
config dnsmasq
|
||||
option domainneeded 1
|
||||
option boguspriv 1
|
||||
option filterwin2k '0' #enable for dial on demand
|
||||
option localise_queries 1
|
||||
option local '/lan/'
|
||||
option domain 'lan'
|
||||
option expandhosts 1
|
||||
option nonegcache 0
|
||||
option authoritative 0
|
||||
option readethers 1
|
||||
option leasefile '/tmp/dhcp.leases'
|
||||
option resolvfile '/tmp/resolv.conf.auto'
|
||||
#list server '/mycompany.local/1.2.3.4'
|
||||
#option nonwildcard 1
|
||||
#list interface br-lan
|
||||
#list notinterface lo
|
||||
|
||||
#config dhcp mesh
|
||||
# option interface mesh
|
||||
# option start X.10
|
||||
# option limit 100
|
||||
# option leasetime 6h
|
||||
|
||||
config dhcp lan
|
||||
option interface lan
|
||||
option start 100
|
||||
option limit 150
|
||||
option leasetime 12h
|
||||
|
||||
config dhcp wan
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -1,4 +0,0 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '22'
|
||||
# option BannerFile '/etc/banner'
|
|
@ -1,96 +0,0 @@
|
|||
config defaults
|
||||
option syn_flood 1
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name lan
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name wan
|
||||
option input REJECT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
option masq 1
|
||||
option mtu_fix 1
|
||||
|
||||
config forwarding
|
||||
option src lan
|
||||
option dest wan
|
||||
|
||||
# We need to accept udp packets on port 68,
|
||||
# see https://dev.openwrt.org/ticket/4108
|
||||
config rule
|
||||
option src wan
|
||||
option proto udp
|
||||
option dest_port 68
|
||||
option target ACCEPT
|
||||
|
||||
#Allow ping
|
||||
config rule
|
||||
option src wan
|
||||
option proto icmp
|
||||
option icmp_type echo-request
|
||||
option target ACCEPT
|
||||
|
||||
# include a file with users custom iptables rules
|
||||
config include
|
||||
option path /etc/firewall.user
|
||||
|
||||
|
||||
### EXAMPLE CONFIG SECTIONS
|
||||
# do not allow a specific ip to access wan
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option dest wan
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
# block a specific mac on wan
|
||||
#config rule
|
||||
# option dest wan
|
||||
# option src_mac 00:11:22:33:44:66
|
||||
# option target REJECT
|
||||
|
||||
# block incoming ICMP traffic on a zone
|
||||
#config rule
|
||||
# option src lan
|
||||
# option proto ICMP
|
||||
# option target DROP
|
||||
|
||||
# port redirect port coming in on wan to lan
|
||||
#config redirect
|
||||
# option src wan
|
||||
# option src_dport 80
|
||||
# option dest lan
|
||||
# option dest_ip 192.168.16.235
|
||||
# option dest_port 80
|
||||
# option proto tcp
|
||||
|
||||
|
||||
### FULL CONFIG SECTIONS
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 80
|
||||
# option dest wan
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
#config redirect
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 1024
|
||||
# option src_dport 80
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
|
@ -1,18 +0,0 @@
|
|||
config 'interface' 'loopback'
|
||||
option 'ifname' 'lo'
|
||||
option 'proto' 'static'
|
||||
option 'ipaddr' '127.0.0.1'
|
||||
option 'netmask' '255.0.0.0'
|
||||
|
||||
config 'interface' 'lan'
|
||||
option 'proto' 'dhcp'
|
||||
option 'ifname' 'eth0'
|
||||
|
||||
config 'interface' 'wlanmesch'
|
||||
option 'ifname' 'ath1'
|
||||
option 'mtu' '1527'
|
||||
|
||||
config 'interface' 'mesh'
|
||||
option 'type' 'bridge'
|
||||
option 'ifname' 'ath0 bat0 tap0'
|
||||
option 'stp' '1'
|
|
@ -1,20 +0,0 @@
|
|||
config 'script'
|
||||
option 'version' '15'
|
||||
option 'error_level' '0'
|
||||
option 'logfile' '/var/log/nodewatcher.log'
|
||||
|
||||
config 'api'
|
||||
option 'ipv4_address' '1'
|
||||
option 'ipv6_interface' 'br-mesh'
|
||||
option 'ipv6_address' 'fe80::201:2ff:fe03:405'
|
||||
|
||||
config 'update'
|
||||
option 'autoupdate' '1'
|
||||
|
||||
config 'crawl'
|
||||
option 'method' 'hash'
|
||||
option 'nickname' '1'
|
||||
option 'password' '1'
|
||||
option 'router_id' '1'
|
||||
option 'update_hash' '1'
|
||||
option 'login_string' '1'
|
|
@ -1,86 +0,0 @@
|
|||
# QoS configuration for OpenWrt
|
||||
|
||||
# INTERFACES:
|
||||
config interface wan
|
||||
option classgroup "Default"
|
||||
option enabled 1
|
||||
option overhead 1
|
||||
option upload 128
|
||||
option download 1024
|
||||
|
||||
# RULES:
|
||||
config classify
|
||||
option target "Bulk"
|
||||
option layer7 "edonkey"
|
||||
config classify
|
||||
option target "Bulk"
|
||||
option layer7 "bittorrent"
|
||||
config classify
|
||||
option target "Priority"
|
||||
option ports "22,53"
|
||||
config classify
|
||||
option target "Normal"
|
||||
option proto "tcp"
|
||||
option ports "20,21,25,80,110,443,993,995"
|
||||
config classify
|
||||
option target "Express"
|
||||
option ports "5190"
|
||||
config default
|
||||
option target "Express"
|
||||
option proto "udp"
|
||||
option pktsize "-500"
|
||||
config reclassify
|
||||
option target "Priority"
|
||||
option proto "icmp"
|
||||
config default
|
||||
option target "Bulk"
|
||||
option portrange "1024-65535"
|
||||
config reclassify
|
||||
option target "Priority"
|
||||
option proto "tcp"
|
||||
option pktsize "-128"
|
||||
option mark "!Bulk"
|
||||
option tcpflags "SYN"
|
||||
config reclassify
|
||||
option target "Priority"
|
||||
option proto "tcp"
|
||||
option pktsize "-128"
|
||||
option mark "!Bulk"
|
||||
option tcpflags "ACK"
|
||||
|
||||
|
||||
# Don't change the stuff below unless you
|
||||
# really know what it means :)
|
||||
|
||||
config classgroup "Default"
|
||||
option classes "Priority Express Normal Bulk"
|
||||
option default "Normal"
|
||||
|
||||
|
||||
config class "Priority"
|
||||
option packetsize 400
|
||||
option maxsize 400
|
||||
option avgrate 10
|
||||
option priority 20
|
||||
config class "Priority_down"
|
||||
option packetsize 1000
|
||||
option avgrate 10
|
||||
|
||||
|
||||
config class "Express"
|
||||
option packetsize 1000
|
||||
option maxsize 800
|
||||
option avgrate 50
|
||||
option priority 10
|
||||
|
||||
config class "Normal"
|
||||
option packetsize 1500
|
||||
option packetdelay 100
|
||||
option avgrate 10
|
||||
option priority 5
|
||||
config class "Normal_down"
|
||||
option avgrate 20
|
||||
|
||||
config class "Bulk"
|
||||
option avgrate 1
|
||||
option packetdelay 200
|
|
@ -1,3 +0,0 @@
|
|||
config system
|
||||
option hostname OpenWrt
|
||||
option timezone "CET-1CEST,M3.5.0,M10.5.0/3"
|
|
@ -1,2 +0,0 @@
|
|||
config timeserver
|
||||
option hostname time.fu-berlin.de
|
|
@ -1,21 +0,0 @@
|
|||
config 'wifi-device' 'wifi0'
|
||||
option 'type' 'atheros'
|
||||
option 'disabled' '0'
|
||||
option 'channel' '6'
|
||||
option 'txpower' '15'
|
||||
option 'bgscan' '0'
|
||||
option 'diversity' '1'
|
||||
|
||||
config 'wifi-iface'
|
||||
option 'device' 'wifi0'
|
||||
option 'mode' 'adhoc'
|
||||
option 'ssid' 'batman.oldenburg.freifunk.net'
|
||||
option 'bssid' '02:CA:FF:EE:BA:BE'
|
||||
option 'encryption' 'none'
|
||||
option 'hidden' '1'
|
||||
|
||||
config 'wifi-iface'
|
||||
option 'device' 'wifi0'
|
||||
option 'mode' 'ap'
|
||||
option 'ssid' 'oldenburg.freifunk.net'
|
||||
option 'encryption' 'none'
|
|
@ -1,9 +0,0 @@
|
|||
|
||||
config 'mesh' 'bat0'
|
||||
option 'interfaces' 'wlan0'
|
||||
option 'orig_interval'
|
||||
option 'log_level'
|
||||
option 'aggregated_ogms'
|
||||
option 'bonding'
|
||||
option 'fragmentation'
|
||||
option 'vis_mode'
|
|
@ -1,27 +0,0 @@
|
|||
config dnsmasq
|
||||
option domainneeded 1
|
||||
option boguspriv 1
|
||||
option filterwin2k '0' #enable for dial on demand
|
||||
option localise_queries 1
|
||||
option local '/lan/'
|
||||
option domain 'lan'
|
||||
option expandhosts 1
|
||||
option nonegcache 0
|
||||
option authoritative 1
|
||||
option readethers 1
|
||||
option leasefile '/tmp/dhcp.leases'
|
||||
option resolvfile '/tmp/resolv.conf.auto'
|
||||
#list server '/mycompany.local/1.2.3.4'
|
||||
#option nonwildcard 1
|
||||
#list interface br-lan
|
||||
#list notinterface lo
|
||||
|
||||
config dhcp wlan0
|
||||
option interface wlan0
|
||||
option start 100
|
||||
option limit 150
|
||||
option leasetime 12h
|
||||
|
||||
config dhcp wan
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -1,4 +0,0 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '22'
|
||||
# option BannerFile '/etc/banner'
|
|
@ -1,96 +0,0 @@
|
|||
config defaults
|
||||
option syn_flood 1
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name lan
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name wan
|
||||
option input REJECT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
option masq 1
|
||||
option mtu_fix 1
|
||||
|
||||
config forwarding
|
||||
option src lan
|
||||
option dest wan
|
||||
|
||||
# We need to accept udp packets on port 68,
|
||||
# see https://dev.openwrt.org/ticket/4108
|
||||
config rule
|
||||
option src wan
|
||||
option proto udp
|
||||
option dest_port 68
|
||||
option target ACCEPT
|
||||
|
||||
#Allow ping
|
||||
config rule
|
||||
option src wan
|
||||
option proto icmp
|
||||
option icmp_type echo-request
|
||||
option target ACCEPT
|
||||
|
||||
# include a file with users custom iptables rules
|
||||
config include
|
||||
option path /etc/firewall.user
|
||||
|
||||
|
||||
### EXAMPLE CONFIG SECTIONS
|
||||
# do not allow a specific ip to access wan
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option dest wan
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
# block a specific mac on wan
|
||||
#config rule
|
||||
# option dest wan
|
||||
# option src_mac 00:11:22:33:44:66
|
||||
# option target REJECT
|
||||
|
||||
# block incoming ICMP traffic on a zone
|
||||
#config rule
|
||||
# option src lan
|
||||
# option proto ICMP
|
||||
# option target DROP
|
||||
|
||||
# port redirect port coming in on wan to lan
|
||||
#config redirect
|
||||
# option src wan
|
||||
# option src_dport 80
|
||||
# option dest lan
|
||||
# option dest_ip 192.168.16.235
|
||||
# option dest_port 80
|
||||
# option proto tcp
|
||||
|
||||
|
||||
### FULL CONFIG SECTIONS
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 80
|
||||
# option dest wan
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
#config redirect
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 1024
|
||||
# option src_dport 80
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
|
@ -1,45 +0,0 @@
|
|||
#### VLAN configuration
|
||||
config switch eth0
|
||||
option enable 1
|
||||
|
||||
config switch_vlan eth0_0
|
||||
option device "eth0"
|
||||
option vlan 0
|
||||
option ports "1 2 3 4 5"
|
||||
|
||||
config switch_vlan eth0_1
|
||||
option device "eth0"
|
||||
option vlan 1
|
||||
option ports "0 5"
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
|
||||
#### LAN configuration
|
||||
config interface lan
|
||||
option type bridge
|
||||
option ifname "eth0.0"
|
||||
option proto static
|
||||
option ipaddr 192.168.1.1
|
||||
option netmask 255.255.255.0
|
||||
|
||||
|
||||
#### WAN configuration
|
||||
config interface wan
|
||||
option ifname "eth0.1"
|
||||
option proto dhcp
|
||||
|
||||
config interface wlan0
|
||||
option proto static
|
||||
option ipaddr 192.168.2.1
|
||||
option netmask 255.255.255.0
|
||||
|
||||
config interface mesh
|
||||
option type bridge
|
||||
option ifname "bat0 tap0"
|
||||
option stp 1
|
|
@ -1,20 +0,0 @@
|
|||
config 'script'
|
||||
option 'version' '15'
|
||||
option 'error_level' '0'
|
||||
option 'logfile' '/var/log/nodewatcher.log'
|
||||
|
||||
config 'api'
|
||||
option 'ipv4_address' '1'
|
||||
option 'ipv6_interface' 'br-mesh'
|
||||
option 'ipv6_address' 'fe80::201:2ff:fe03:405'
|
||||
|
||||
config 'update'
|
||||
option 'autoupdate' '1'
|
||||
|
||||
config 'crawl'
|
||||
option 'method' 'hash'
|
||||
option 'nickname' '1'
|
||||
option 'password' '1'
|
||||
option 'router_id' '1'
|
||||
option 'update_hash' '1'
|
||||
option 'login_string' '1'
|
|
@ -1,3 +0,0 @@
|
|||
config system
|
||||
option hostname OpenWrt
|
||||
option timezone "CET-1CEST,M3.5.0,M10.5.0/3"
|
|
@ -1,2 +0,0 @@
|
|||
config timeserver
|
||||
option hostname time.fu-berlin.de
|
|
@ -1,16 +0,0 @@
|
|||
config wifi-device radio0
|
||||
option type mac80211
|
||||
option channel 5
|
||||
option macaddr 00:12:17:cc:ef:0d
|
||||
option hwmode 11g
|
||||
|
||||
# REMOVE THIS LINE TO ENABLE WIFI:
|
||||
option disabled 0
|
||||
|
||||
config wifi-iface
|
||||
option device radio0
|
||||
option network wlan0
|
||||
option mode adhoc
|
||||
option ssid batman.oldenburg.freifunk.net
|
||||
option encryption none
|
||||
option bssid 02:CA:FF:EE:BA:BE
|
|
@ -1,8 +0,0 @@
|
|||
config 'mesh' 'bat0'
|
||||
option 'interfaces'
|
||||
option 'orig_interval'
|
||||
option 'log_level'
|
||||
option 'aggregated_ogms'
|
||||
option 'bonding'
|
||||
option 'fragmentation'
|
||||
option 'vis_mode'
|
|
@ -1,30 +0,0 @@
|
|||
config dnsmasq
|
||||
option domainneeded 1
|
||||
option boguspriv 1
|
||||
option filterwin2k 0 # enable for dial on demand
|
||||
option localise_queries 1
|
||||
option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
|
||||
option rebind_localhost 0 # enable for RBL checking and similar services
|
||||
#list rebind_domain example.lan # whitelist RFC1918 responses for domains
|
||||
option local '/lan/'
|
||||
option domain 'lan'
|
||||
option expandhosts 1
|
||||
option nonegcache 0
|
||||
option authoritative 1
|
||||
option readethers 1
|
||||
option leasefile '/tmp/dhcp.leases'
|
||||
option resolvfile '/tmp/resolv.conf.auto'
|
||||
#list server '/mycompany.local/1.2.3.4'
|
||||
#option nonwildcard 1
|
||||
#list interface br-lan
|
||||
#list notinterface lo
|
||||
|
||||
config dhcp lan
|
||||
option interface lan
|
||||
option start 100
|
||||
option limit 150
|
||||
option leasetime 12h
|
||||
|
||||
config dhcp wan
|
||||
option interface wan
|
||||
option ignore 1
|
|
@ -1,4 +0,0 @@
|
|||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '22'
|
||||
# option BannerFile '/etc/banner'
|
|
@ -1,96 +0,0 @@
|
|||
config defaults
|
||||
option syn_flood 1
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name lan
|
||||
option input ACCEPT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
|
||||
config zone
|
||||
option name wan
|
||||
option input REJECT
|
||||
option output ACCEPT
|
||||
option forward REJECT
|
||||
option masq 1
|
||||
option mtu_fix 1
|
||||
|
||||
config forwarding
|
||||
option src lan
|
||||
option dest wan
|
||||
|
||||
# We need to accept udp packets on port 68,
|
||||
# see https://dev.openwrt.org/ticket/4108
|
||||
config rule
|
||||
option src wan
|
||||
option proto udp
|
||||
option dest_port 68
|
||||
option target ACCEPT
|
||||
|
||||
#Allow ping
|
||||
config rule
|
||||
option src wan
|
||||
option proto icmp
|
||||
option icmp_type echo-request
|
||||
option target ACCEPT
|
||||
|
||||
# include a file with users custom iptables rules
|
||||
config include
|
||||
option path /etc/firewall.user
|
||||
|
||||
|
||||
### EXAMPLE CONFIG SECTIONS
|
||||
# do not allow a specific ip to access wan
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option dest wan
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
# block a specific mac on wan
|
||||
#config rule
|
||||
# option dest wan
|
||||
# option src_mac 00:11:22:33:44:66
|
||||
# option target REJECT
|
||||
|
||||
# block incoming ICMP traffic on a zone
|
||||
#config rule
|
||||
# option src lan
|
||||
# option proto ICMP
|
||||
# option target DROP
|
||||
|
||||
# port redirect port coming in on wan to lan
|
||||
#config redirect
|
||||
# option src wan
|
||||
# option src_dport 80
|
||||
# option dest lan
|
||||
# option dest_ip 192.168.16.235
|
||||
# option dest_port 80
|
||||
# option proto tcp
|
||||
|
||||
|
||||
### FULL CONFIG SECTIONS
|
||||
#config rule
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 80
|
||||
# option dest wan
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
||||
# option target REJECT
|
||||
|
||||
#config redirect
|
||||
# option src lan
|
||||
# option src_ip 192.168.45.2
|
||||
# option src_mac 00:11:22:33:44:55
|
||||
# option src_port 1024
|
||||
# option src_dport 80
|
||||
# option dest_ip 194.25.2.129
|
||||
# option dest_port 120
|
||||
# option proto tcp
|
|
@ -1,33 +0,0 @@
|
|||
config 'interface' 'loopback'
|
||||
option 'ifname' 'lo'
|
||||
option 'proto' 'static'
|
||||
option 'ipaddr' '127.0.0.1'
|
||||
option 'netmask' '255.0.0.0'
|
||||
|
||||
config 'interface' 'lan'
|
||||
option 'proto' 'dhcp'
|
||||
option 'ifname' 'eth0.1'
|
||||
|
||||
config 'interface' 'mesh'
|
||||
option 'type' 'bridge'
|
||||
option 'ifname' 'wl0 tap0'
|
||||
option 'stp' '1'
|
||||
|
||||
config 'switch' 'eth0'
|
||||
option 'name' 'eth0'
|
||||
option 'reset' '1'
|
||||
option 'enable_vlan' '1'
|
||||
|
||||
config 'switch_vlan' 'eth0_1'
|
||||
option 'device' 'eth0'
|
||||
option 'vlan' '1'
|
||||
option 'ports' '0 1 2 3 5t'
|
||||
|
||||
config 'switch_vlan' 'eth0_2'
|
||||
option 'device' 'eth0'
|
||||
option 'vlan' '2'
|
||||
option 'ports' '4 5t'
|
||||
|
||||
config 'interface' 'wan'
|
||||
option 'ifname' 'eth0.2'
|
||||
option 'proto' 'dhcp'
|
|
@ -1,22 +0,0 @@
|
|||
|
||||
config 'script'
|
||||
option 'version' '15'
|
||||
option 'error_level' '0'
|
||||
option 'logfile' '/var/log/nodewatcher.log'
|
||||
|
||||
config 'api'
|
||||
option 'ipv4_address' '1'
|
||||
option 'ipv6_interface' 'br-mesh'
|
||||
option 'ipv6_address' 'fe80::201:2ff:fe03:405'
|
||||
|
||||
config 'update'
|
||||
option 'autoupdate' '1'
|
||||
|
||||
config 'crawl'
|
||||
option 'method' 'hash'
|
||||
option 'nickname' '1'
|
||||
option 'password' '1'
|
||||
option 'login_string' '1'
|
||||
option 'router_id' '1'
|
||||
option 'update_hash' '1'
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
config system
|
||||
option hostname OpenWrt
|
||||
option timezone "CET-1CEST,M3.5.0,M10.5.0/3"
|
|
@ -1,2 +0,0 @@
|
|||
config timeserver
|
||||
option hostname time.fu-berlin.de
|
|
@ -1,10 +0,0 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel 6
|
||||
option disabled 0
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option mode ap
|
||||
option ssid oldenburg.freifunk.net
|
||||
option encryption none
|
Loading…
Reference in New Issue