diff --git a/squashfs-root/bin/ash b/squashfs-root/bin/ash new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ash @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ated b/squashfs-root/bin/ated new file mode 100755 index 0000000..207f257 Binary files /dev/null and b/squashfs-root/bin/ated differ diff --git a/squashfs-root/bin/base64 b/squashfs-root/bin/base64 new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/base64 @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/boardupgrade.sh b/squashfs-root/bin/boardupgrade.sh new file mode 100755 index 0000000..64384d3 --- /dev/null +++ b/squashfs-root/bin/boardupgrade.sh @@ -0,0 +1,186 @@ +#!/bin/sh +# + +. /lib/upgrade/common.sh + +klogger(){ + local msg1="$1" + local msg2="$2" + + if [ "$msg1" = "-n" ]; then + echo -n "$msg2" >> /dev/kmsg 2>/dev/null + else + echo "$msg1" >> /dev/kmsg 2>/dev/null + fi + + return 0 +} + +hndmsg() { + if [ -n "$msg" ]; then + echo "$msg" >> /dev/kmsg 2>/dev/null + if [ `pwd` = "/tmp" ]; then + rm -rf $filename 2>/dev/null + fi + exit 1 + fi +} + +upgrade_uboot() { + if [ -f uboot.bin ]; then + klogger -n "Burning uboot..." + mtd write uboot.bin Bootloader >& /dev/null + if [ $? -eq 0 ]; then + klogger "Done" + else + klogger "Error" + exit 1 + fi + fi +} + +upgrade_firmware() { + if [ -f firmware.bin ]; then + klogger -n "Burning firmware..." + mtd -r write firmware.bin OS1 >& /dev/null + if [ $? -eq 0 ]; then + klogger "Done" + else + klogger "Error" + exit 1 + fi + fi +} + +board_prepare_upgrade() { + wifi down + rmmod mt7628 + + if [ -f "/etc/init.d/sysapihttpd" ] ;then + /etc/init.d/sysapihttpd stop 2>/dev/null + fi + + # gently stop pppd, let it close pppoe session + ifdown wan + timeout=5 + while [ $timeout -gt 0 ]; do + pidof pppd >/dev/null || break + sleep 1 + let timeout=timeout-1 + done + + # clean up upgrading environment + # call shutdown scripts with some exceptions + wait_stat=0 + klogger "Calling shutdown scripts" + for i in /etc/rc.d/K*; do + # filter out K01reboot-wdt and K99umount + echo "$i" | grep -q '[0-9]\{1,100\}reboot-wdt$' + if [ $? -eq 0 ] + then + klogger "$i skipped" + continue + fi + echo "$i" | grep -q '[0-9]\{1,100\}umount$' + if [ $? -eq 0 ] + then + klogger "$i skipped" + continue + fi + + if [ ! -x "$i" ] + then + continue + fi + + # wait for high-priority K* scripts to finish + echo "$i" | grep -qE "K9" + if [ $? -eq 0 ] + then + if [ $wait_stat -eq 0 ] + then + wait + sleep 2 + wait_stat=1 + fi + $i shutdown 2>&1 + else + $i shutdown 2>&1 & + fi + done + + # try to kill all userspace processes + # at this point the process tree should look like + # init(1)---sh(***)---flash.sh(***) + for i in $(ps w | grep -v "flash.sh" | grep -v "/bin/ash" | grep -v "PID" | awk '{print $1}'); do + if [ $i -gt 100 ]; then + kill -9 $i 2>/dev/null + fi + done +} + +board_start_upgrade_led() { + gpio 1 1 + gpio 3 1 + gpio l 44 2 2 1 0 4000 #led yellow flashing +} + + +upgrade_write_mtd() { + curr_os=`cat /proc/mtd | grep rootfs -B 1 | head -n 1 | awk '{print $NF}' | cut -b 2-4` + if [ "$curr_os" = "OS1" ]; then + target_os="OS2" + else + target_os="OS1" + fi + + [ -f uboot.bin ] && { + klogger "Updating boot..." + mtd write uboot.bin Bootloader + } + + [ -f firmware.bin ] && { + klogger "Updating firmware..." + mtd write firmware.bin "$target_os" + } +} + +board_system_upgrade() { + local filename=$1 + + mkxqimage -x $filename + [ "$?" = "0" ] || { + klogger "cannot extract files" + rm -rf $filename + exit 1 + } + + upgrade_write_mtd + + # back up etc and make sure we have enough space ( > 64kb ) + etc_size=`du -sh /data/etc | cut -d "." -f 1` + free_size=`df -h | grep -m 1 "/etc" | awk '{print $4}' | cut -d "." -f 1` + if [ "$(($free_size-$etc_size))" -lt "64" ]; then + for file in /data/usr/log/* + do + echo "Remove logfile $file" + rm -rf $file + free_size=`df -h | grep -m 1 "/etc" | awk '{print $4}' | cut -d "." -f 1` + [ "$(($free_size-$etc_size))" -gt "100" ] && break + done + fi + + free_size=`df -h | grep -m 1 "/etc" | awk '{print $4}' | cut -d "." -f 1` + if [ "$(($free_size-$etc_size))" -lt "1" ]; then + # do nothing and wait for miracles + echo "etc fucked up" + ls -lRh /data/etc + else + # backup etc + rm -rf /data/etc_bak + cp -prf /etc /data/etc_bak + fi + + return 0 + +} diff --git a/squashfs-root/bin/busybox b/squashfs-root/bin/busybox new file mode 100755 index 0000000..cfab7f7 Binary files /dev/null and b/squashfs-root/bin/busybox differ diff --git a/squashfs-root/bin/cat b/squashfs-root/bin/cat new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/cat @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/chgrp b/squashfs-root/bin/chgrp new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/chgrp @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/chmod b/squashfs-root/bin/chmod new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/chmod @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/chown b/squashfs-root/bin/chown new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/chown @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/cp b/squashfs-root/bin/cp new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/cp @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/date b/squashfs-root/bin/date new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/date @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/dd b/squashfs-root/bin/dd new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/dd @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/df b/squashfs-root/bin/df new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/df @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/dmesg b/squashfs-root/bin/dmesg new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/dmesg @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/dnsdomainname b/squashfs-root/bin/dnsdomainname new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/dnsdomainname @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/echo b/squashfs-root/bin/echo new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/echo @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/egrep b/squashfs-root/bin/egrep new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/egrep @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/false b/squashfs-root/bin/false new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/false @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/fgrep b/squashfs-root/bin/fgrep new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/fgrep @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/flash.sh b/squashfs-root/bin/flash.sh new file mode 100755 index 0000000..178ee09 --- /dev/null +++ b/squashfs-root/bin/flash.sh @@ -0,0 +1,126 @@ +#!/bin/sh +# + +. /lib/upgrade/common.sh +. /bin/boardupgrade.sh + +hndmsg() { + if [ -n "$msg" ]; then + echo "$msg" >> /dev/kmsg 2>/dev/null + if [ `pwd` = "/tmp" ]; then + rm -rf $filename 2>/dev/null + fi + exit 1 + fi +} + +upgrade_param_check() { + if [ -z "$1" -o ! -f "$1" ]; then + klogger "USAGE: $0 input.bin [1:restore defaults, 0:don't] [1:don't reboot, 0:reboot]" + exit 1 + fi + + flg_ota=`nvram get flag_ota_reboot` + if [ "$flg_ota" = "1" ]; then + klogger "flag_ota_reboot is set ?" + exit 1 + fi + + cur_ver=`cat /usr/share/xiaoqiang/xiaoqiang_version` + klogger "Begin Ugrading..., current version: $cur_ver" + echo 3 > /proc/sys/vm/drop_caches +} + +upgrade_prepare_dir() { + absolute_path=`echo "$(cd "$(dirname "$1")"; pwd)/$(basename "$1")"` + mount -o remount,size=100% /tmp + rm -rf /tmp/system_upgrade + mkdir -p /tmp/system_upgrade + + if [ ${absolute_path:0:4} = "/tmp" ]; then + file_in_tmp=1 + mv $absolute_path /tmp/system_upgrade/ + else + file_in_tmp=0 + cp $absolute_path /tmp/system_upgrade/ + fi +} + +upgrade_done_set_flags() { + # tell server upgrade is finished + uci set /etc/config/messaging.deviceInfo.UPGRADE_STATUS_UPLOAD=0 + uci commit + klogger "messaging.deviceInfo.UPGRADE_STATUS_UPLOAD=`uci get /etc/config/messaging.deviceInfo.UPGRADE_STATUS_UPLOAD`" + klogger "/etc/config/messaging : `cat /etc/config/messaging`" + + # update nvram setting when upgrading + if [ "$2" = "1" ]; then + nvram set restore_defaults=1 + klogger "Restore defaults is set." + else + nvram set restore_defaults=2 + fi + nvram set flag_ota_reboot=1 + nvram set flag_upgrade_push=1 + nvram commit + + if [ "$3" = "1" ]; then + klogger "Skip rebooting..." + else + klogger "Rebooting..." + reboot + fi +} + + +#check pid exist +pid_file="/tmp/pid_xxxx" +if [ -f $pid_file ]; then + exist_pid=`cat $pid_file` + if [ -n $exist_pid ]; then + kill -0 $exist_pid 2>/dev/null + if [ $? -eq 0 ]; then + klogger "Upgrading, exit... $?" + exit 1 + else + echo $$ > $pid_file + fi + else + echo $$ > $pid_file + fi +else + echo $$ > $pid_file +fi + +upgrade_param_check $1 + +# image verification... +klogger -n "Verify Image: $1..." +mkxqimage -v "$1" +if [ "$?" = "0" ]; then + klogger "Checksum O.K." +else + msg="Check Failed!!!" + hndmsg +fi + +# stop services +board_prepare_upgrade +board_start_upgrade_led + +# prepare to extract file +filename=`basename $1` +upgrade_prepare_dir $1 +cd /tmp/system_upgrade + +# start board-specific upgrading... +klogger "Begin Upgrading and Rebooting..." +board_system_upgrade $filename $2 $3 + +# some board may reset after system upgrade and not reach here +# clean up +cd / +rm -rf /tmp/system_upgrade + +upgrade_done_set_flags $1 $2 $3 + diff --git a/squashfs-root/bin/flash_check.sh b/squashfs-root/bin/flash_check.sh new file mode 100755 index 0000000..30fb1e4 --- /dev/null +++ b/squashfs-root/bin/flash_check.sh @@ -0,0 +1,11 @@ +#!/bin/sh +pid_file="/tmp/pid_xxxx" +if [ -f $pid_file ]; then + exist_pid=`cat $pid_file` + if [ -n $exist_pid ]; then + kill -0 $exist_pid 2>/dev/null + if [ $? -eq 0 ]; then + exit 1 + fi + fi +fi diff --git a/squashfs-root/bin/fsync b/squashfs-root/bin/fsync new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/fsync @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/grep b/squashfs-root/bin/grep new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/grep @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/gunzip b/squashfs-root/bin/gunzip new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/gunzip @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/gzip b/squashfs-root/bin/gzip new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/gzip @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/hostname b/squashfs-root/bin/hostname new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/hostname @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/iostat b/squashfs-root/bin/iostat new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/iostat @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ip b/squashfs-root/bin/ip new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ip @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ipcalc.sh b/squashfs-root/bin/ipcalc.sh new file mode 100755 index 0000000..d6ef168 --- /dev/null +++ b/squashfs-root/bin/ipcalc.sh @@ -0,0 +1,62 @@ +#!/bin/sh + +awk -f - $* <limit) end=limit + + print "IP="int2ip(ipaddr) + print "NETMASK="int2ip(netmask) + print "BROADCAST="int2ip(broadcast) + print "NETWORK="int2ip(network) + print "PREFIX="32-bitcount(compl(netmask)) + + # range calculations: + # ipcalc + + if (ARGC > 3) { + print "START="int2ip(start) + print "END="int2ip(end) + } +} +EOF diff --git a/squashfs-root/bin/kill b/squashfs-root/bin/kill new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/kill @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ln b/squashfs-root/bin/ln new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ln @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/lock b/squashfs-root/bin/lock new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/lock @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/login b/squashfs-root/bin/login new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/login @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/login.sh b/squashfs-root/bin/login.sh new file mode 100755 index 0000000..27d1f38 --- /dev/null +++ b/squashfs-root/bin/login.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (C) 2006-2011 OpenWrt.org + +if ( ! grep -qs '^root:[!x]\?:' /etc/shadow || \ + ! grep -qs '^root:[!x]\?:' /etc/passwd ) && \ + [ -z "$FAILSAFE" ] +then + ft_mode=`cat /proc/xiaoqiang/ft_mode` + if [ "$ft_mode" = "1" ]; then + exec /bin/ash --login + else + busybox login + fi +fi diff --git a/squashfs-root/bin/ls b/squashfs-root/bin/ls new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ls @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mk_ecos_image b/squashfs-root/bin/mk_ecos_image new file mode 100755 index 0000000..e416f5b Binary files /dev/null and b/squashfs-root/bin/mk_ecos_image differ diff --git a/squashfs-root/bin/mkdir b/squashfs-root/bin/mkdir new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mkdir @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mknod b/squashfs-root/bin/mknod new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mknod @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mktemp b/squashfs-root/bin/mktemp new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mktemp @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mkxqimage b/squashfs-root/bin/mkxqimage new file mode 100755 index 0000000..6dc87fd Binary files /dev/null and b/squashfs-root/bin/mkxqimage differ diff --git a/squashfs-root/bin/more b/squashfs-root/bin/more new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/more @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mount b/squashfs-root/bin/mount new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mount @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mountpoint b/squashfs-root/bin/mountpoint new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mountpoint @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mpstat b/squashfs-root/bin/mpstat new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mpstat @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/mv b/squashfs-root/bin/mv new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/mv @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/netmsg b/squashfs-root/bin/netmsg new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/netmsg @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/netstat b/squashfs-root/bin/netstat new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/netstat @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/next_net.sh b/squashfs-root/bin/next_net.sh new file mode 100755 index 0000000..6dd8960 --- /dev/null +++ b/squashfs-root/bin/next_net.sh @@ -0,0 +1,37 @@ +#!/bin/sh +# find at least N ip which is not contain 'gateway' + +awk -f - $* < + anchor = ip2int(ARGV[1]) + gateway = ip2int(ARGV[2]) + if ( gateway > anchor ) + up = gateway + else + up = anchor + for (i = 1; i <= ARGV[3]; i++) + print int2ip(up + 256 * i) +} +EOF diff --git a/squashfs-root/bin/nice b/squashfs-root/bin/nice new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/nice @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/pidof b/squashfs-root/bin/pidof new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/pidof @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ping b/squashfs-root/bin/ping new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ping @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ping6 b/squashfs-root/bin/ping6 new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ping6 @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ps b/squashfs-root/bin/ps new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/ps @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/pwd b/squashfs-root/bin/pwd new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/pwd @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/reboot_safe.sh b/squashfs-root/bin/reboot_safe.sh new file mode 100755 index 0000000..c987980 --- /dev/null +++ b/squashfs-root/bin/reboot_safe.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +pid=`pidof flash.sh` + +# If system upgrade in progress, system will reboot after upgrade. +[ -z "$pid" ] || return + +#no upgrade in progress +curr_time=`date +%k%M` + +[ "$curr_time" -ge "0300" -a "$curr_time" -le "0510" ] && { + #apply random delay (0-3600s) between 3:00AM to 5:10AM + base=`head -n 10 /dev/urandom | md5sum | cut -c 1-4` + delay=`echo $(($((0x$base))%3600))` + sleep $delay +} + +reboot diff --git a/squashfs-root/bin/rm b/squashfs-root/bin/rm new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/rm @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/rmdir b/squashfs-root/bin/rmdir new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/rmdir @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/safeflash.sh b/squashfs-root/bin/safeflash.sh new file mode 100755 index 0000000..04ad308 --- /dev/null +++ b/squashfs-root/bin/safeflash.sh @@ -0,0 +1,72 @@ +#!/bin/sh +if [ $# != 1 ] ; then + echo "USAGE: $0 " + exit 1; +fi +if [ ! -s "$1" ] + then + echo "ERROR: $1 no exist or empty." + exit 1 +fi + +find_mtd_part() { + local PART="$(grep "\"$1\"" /proc/mtd | awk -F: '{print $1}')" + local PREFIX=/dev/mtdblock + PART="${PART##mtd}" + [ -d /dev/mtdblock ] && PREFIX=/dev/mtdblock/ + echo "${PART:+$PREFIX$PART}" +} + +echo "begin ugrading..." +nsum=`md5sum $1 | awk '{print $1}'` +echo "$0 $@ MD5: $nsum" + +src=`cat /proc/cmdline`; +dst="root=31:04" + +echo $src | grep -q $dst +if [ $? -eq 0 ] + then + WRITECMD="mtd write $1 firmware" + exroot="firmware $nsum" +else + WRITECMD="mtd write $1 firmware2" + exroot="firmware2 $nsum" +fi +#save checksum first +echo "$exroot" > /etc/expectroot +if [ $? -ne 0 ] + then + echo "-----" + echo "WARNING: overlay filesystem unusable, can not save expectroot $exroot to /etc/expectroot." + echo "-----" +fi + +#TODO: save checksum in sysflag MTD block +echo "$nsum" > /etc/romchecksum 2>/dev/null +if [ $? -ne 0 ] + then + echo "-----" + echo "WARNING: overlay filesystem unusable,can not save rom checksum to /etc/romchecksum." + echo "-----" +fi +$WRITECMD +writecode=$? +if [ $writecode -ne 0 ] + then + echo "ERROR: mtd write failed." + exit 1 +fi + +mtdpart="$(find_mtd_part flag_where_reboot)" +if [ -n "$mtdpart" ] + then + echo 1 > $mtdpart +else + echo "WARNING: mtd flag_where_reboot no found." + uname -a + bootinfo +fi + +echo "upgrade finished..., rebooting" +reboot \ No newline at end of file diff --git a/squashfs-root/bin/sed b/squashfs-root/bin/sed new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/sed @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/sh b/squashfs-root/bin/sh new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/sh @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/sleep b/squashfs-root/bin/sleep new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/sleep @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/stat b/squashfs-root/bin/stat new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/stat @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/sync b/squashfs-root/bin/sync new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/sync @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/tar b/squashfs-root/bin/tar new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/tar @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/touch b/squashfs-root/bin/touch new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/touch @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/true b/squashfs-root/bin/true new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/true @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/ubus b/squashfs-root/bin/ubus new file mode 100755 index 0000000..0f50cd6 Binary files /dev/null and b/squashfs-root/bin/ubus differ diff --git a/squashfs-root/bin/umount b/squashfs-root/bin/umount new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/umount @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/uname b/squashfs-root/bin/uname new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/uname @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/usleep b/squashfs-root/bin/usleep new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/usleep @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/vi b/squashfs-root/bin/vi new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/vi @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/watch b/squashfs-root/bin/watch new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/watch @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/bin/zcat b/squashfs-root/bin/zcat new file mode 120000 index 0000000..c3fa810 --- /dev/null +++ b/squashfs-root/bin/zcat @@ -0,0 +1 @@ +busybox \ No newline at end of file diff --git a/squashfs-root/etc/TZ b/squashfs-root/etc/TZ new file mode 120000 index 0000000..b631891 --- /dev/null +++ b/squashfs-root/etc/TZ @@ -0,0 +1 @@ +/tmp/TZ \ No newline at end of file diff --git a/squashfs-root/etc/Wireless/mt7628/mt7628.dat b/squashfs-root/etc/Wireless/mt7628/mt7628.dat new file mode 100755 index 0000000..61d448d --- /dev/null +++ b/squashfs-root/etc/Wireless/mt7628/mt7628.dat @@ -0,0 +1,136 @@ +#The word of "Default" must not be removed +Default +CountryRegion=1 +CountryRegionABand=0 +CountryCode= +BssidNum=1 +SSID1=OpenWrt-MT7628 +SSID2= +SSID3= +SSID4= +WirelessMode=9 +TxRate=0 +Channel=6 +BasicRate=15 +BeaconPeriod=100 +DtimPeriod=1 +TxPower=100 +DisableOLBC=0 +BGProtection=0 +MaxStaNum=0 +TxPreamble=0 +RTSThreshold=2347 +FragThreshold=2346 +TxBurst=1 +PktAggregate=0 +TurboRate=0 +WmmCapable=1 +APSDCapable=1 +DLSCapable=0 +APAifsn=3;7;1;1 +APCwmin=4;4;3;2 +APCwmax=6;10;4;3 +APTxop=0;0;94;47 +APACM=0;0;0;0 +BSSAifsn=3;7;2;2 +BSSCwmin=4;4;3;2 +BSSCwmax=10;10;4;3 +BSSTxop=0;0;94;47 +BSSACM=0;0;0;0 +AckPolicy=0;0;0;0 +NoForwarding=0 +NoForwardingBTNBSSID=0 +HideSSID=0 +StationKeepAlive=0 +ShortSlot=1 +AutoChannelSelect=0 +IEEE8021X=0 +IEEE80211H=0 +CSPeriod=10 +WirelessEvent=1 +IdsEnable=0 +AuthFloodThreshold=32 +AssocReqFloodThreshold=32 +ReassocReqFloodThreshold=32 +ProbeReqFloodThreshold=32 +DisassocFloodThreshold=32 +DeauthFloodThreshold=32 +EapReqFooldThreshold=32 +PreAuth=0 +AuthMode=OPEN +EncrypType=NONE +RekeyInterval=0 +RekeyMethod=DISABLE +PMKCachePeriod=10 +WPAPSK1= +WPAPSK2= +WPAPSK3= +WPAPSK4= +DefaultKeyID=1 +Key1Type=1;1;1;1 +Key1Str1= +Key1Str2= +Key1Str3= +Key1Str4= +Key2Type=1;1;1;1 +Key2Str1= +Key2Str2= +Key2Str3= +Key2Str4= +Key3Type=1;1;1;1 +Key3Str1= +Key3Str2= +Key3Str3= +Key3Str4= +Key4Type=1;1;1;1 +Key4Str1= +Key4Str2= +Key4Str3= +Key4Str4= +HSCounter=0 +AccessPolicy0=0 +AccessControlList0= +AccessPolicy1=0 +AccessControlList1= +AccessPolicy2=0 +AccessControlList2= +AccessPolicy3=0 +AccessControlList3= +WdsEnable=0 +WdsEncrypType=NONE +WdsList=EOF +WdsKey= +RADIUS_Server=192.168.2.3 +RADIUS_Port=1812 +RADIUS_Key=ralink +own_ip_addr=192.168.5.234 +EAPifname=br-lan +PreAuthifname=br-lan +HT_HTC=0 +HT_RDG=0 +HT_EXTCHA=0 +HT_LinkAdapt=0 +HT_OpMode=0 +HT_MpduDensity=5 +HT_BW=1 +HT_AutoBA=1 +HT_AMSDU=0 +HT_BAWinSize=64 +HT_GI=1 +HT_MCS=33 + +# WPS stuff +# 1 = enrollee, 2 = proxy, 4 = registrar (bitmask) +# This value is enabled later on, for WPA only +WscConfMode=6;6;6 +# 1 = disabled, 2 = enabled +WscConfStatus=2 +# 2 = PBC, 1 = PIN +WscMode = 2 +WscDeviceName=XiaoMiRouter +WscSecurityMode=0 + +HT_TxStream=2 +HT_RxStream=2 +EntryLifeCheck=128 +ed_th_nonCE=32 diff --git a/squashfs-root/etc/Wireless/mt7628/mt7628.eeprom.bin b/squashfs-root/etc/Wireless/mt7628/mt7628.eeprom.bin new file mode 120000 index 0000000..c13f48f --- /dev/null +++ b/squashfs-root/etc/Wireless/mt7628/mt7628.eeprom.bin @@ -0,0 +1 @@ +/lib/wifi/mt7628.eeprom.bin \ No newline at end of file diff --git a/squashfs-root/etc/Wireless/mt7628/singlesku b/squashfs-root/etc/Wireless/mt7628/singlesku new file mode 120000 index 0000000..42aac01 --- /dev/null +++ b/squashfs-root/etc/Wireless/mt7628/singlesku @@ -0,0 +1 @@ +/lib/wifi/singlesku \ No newline at end of file diff --git a/squashfs-root/etc/Wireless/mt7628/version b/squashfs-root/etc/Wireless/mt7628/version new file mode 100644 index 0000000..eca5f98 --- /dev/null +++ b/squashfs-root/etc/Wireless/mt7628/version @@ -0,0 +1 @@ +p120395 diff --git a/squashfs-root/etc/app/device_names b/squashfs-root/etc/app/device_names new file mode 100644 index 0000000..e69de29 diff --git a/squashfs-root/etc/banner b/squashfs-root/etc/banner new file mode 100644 index 0000000..5851bb5 --- /dev/null +++ b/squashfs-root/etc/banner @@ -0,0 +1,13 @@ + ----------------------------------------------------- + Welcome to XiaoQiang! + ----------------------------------------------------- + $$$$$$\ $$$$$$$\ $$$$$$$$\ $$\ $$\ $$$$$$\ $$\ $$\ + $$ __$$\ $$ __$$\ $$ _____| $$ | $$ | $$ __$$\ $$ | $$ | + $$ / $$ |$$ | $$ |$$ | $$ | $$ | $$ / $$ |$$ |$$ / + $$$$$$$$ |$$$$$$$ |$$$$$\ $$ | $$ | $$ | $$ |$$$$$ / + $$ __$$ |$$ __$$< $$ __| $$ | $$ | $$ | $$ |$$ $$< + $$ | $$ |$$ | $$ |$$ | $$ | $$ | $$ | $$ |$$ |\$$\ + $$ | $$ |$$ | $$ |$$$$$$$$\ $$$$$$$$$ | $$$$$$ |$$ | \$$\ + \__| \__|\__| \__|\________| \_________/ \______/ \__| \__| + + diff --git a/squashfs-root/etc/config/ab b/squashfs-root/etc/config/ab new file mode 100644 index 0000000..91b8d82 --- /dev/null +++ b/squashfs-root/etc/config/ab @@ -0,0 +1,9 @@ + +config ab settings + option name 'settings' + option enabled 1 + option last_speedtest_time '0' + option last_speedtest_date '0' + option max_log_num '5' + option current_log_num '1' + diff --git a/squashfs-root/etc/config/account b/squashfs-root/etc/config/account new file mode 100644 index 0000000..d268ceb --- /dev/null +++ b/squashfs-root/etc/config/account @@ -0,0 +1,2 @@ +config core 'common' + option 'admin' 'b3a4190199d9ee7fe73ef9a4942a69fece39a771' \ No newline at end of file diff --git a/squashfs-root/etc/config/backup b/squashfs-root/etc/config/backup new file mode 100644 index 0000000..e69de29 diff --git a/squashfs-root/etc/config/cfgbackup b/squashfs-root/etc/config/cfgbackup new file mode 100644 index 0000000..b14f9db --- /dev/null +++ b/squashfs-root/etc/config/cfgbackup @@ -0,0 +1,11 @@ + +config settings 'encryption' + option method 'aes' + option key 'a2ffa5c9be07488bbb04a3a47d3c5f6a' + +config settings 'backup' + list item 'mi_basic_info' + list item 'mi_wifi_info' + list item 'mi_network_info' + list item 'mi_lan_info' + list item 'mi_arn_info' diff --git a/squashfs-root/etc/config/ddns b/squashfs-root/etc/config/ddns new file mode 100755 index 0000000..6b86226 --- /dev/null +++ b/squashfs-root/etc/config/ddns @@ -0,0 +1,2 @@ +config global 'ddns' + option status 'off' diff --git a/squashfs-root/etc/config/deviceinfo b/squashfs-root/etc/config/deviceinfo new file mode 100644 index 0000000..e69de29 diff --git a/squashfs-root/etc/config/devicelist b/squashfs-root/etc/config/devicelist new file mode 100644 index 0000000..47aaa22 --- /dev/null +++ b/squashfs-root/etc/config/devicelist @@ -0,0 +1 @@ +config core 'history' \ No newline at end of file diff --git a/squashfs-root/etc/config/dhcp b/squashfs-root/etc/config/dhcp new file mode 100644 index 0000000..7f6eccb --- /dev/null +++ b/squashfs-root/etc/config/dhcp @@ -0,0 +1,46 @@ +# +config dnsmasq + #enable domainneeded for samba + option domainneeded 1 + option boguspriv 1 + option localise_queries 1 + option rebind_protection 0 # disable if upstream must serve RFC1918 addresses + option rebind_localhost 1 # enable for RBL checking and similar services + #list rebind_domain example.lan # whitelist RFC1918 responses for domains + option local '/lan/' + option expandhosts 1 + option nonegcache 1 + option authoritative 1 + option logqueries 0 + option logdhcp 0 + option allservers 1 + option clearonreload 1 + option cachesize 1000 + option negttl 300 + option maxttl 300 # 5 min + option maxcachettl 1800 # 30 min + option local_ttl 0 + option dnsforwardmax 300 + option leasefile '/tmp/dhcp.leases' + option resolvfile '/tmp/resolv.conf.auto' + option client_update_ddns '1' + +config dhcp lan + option interface lan + option start 5 + option limit 250 + option leasetime 12h + #force mean start dhcp even if already have a dhcp server running + option force 1 + +config dhcp wan + option interface wan + option ignore 1 + +config dhcp ready # for miwifi_ready + option interface ready + option start 10 + option limit 20 + option leasetime 5m + #force mean start dhcp even if already have a dhcp server running + option force 1 diff --git a/squashfs-root/etc/config/disk b/squashfs-root/etc/config/disk new file mode 100755 index 0000000..990005a --- /dev/null +++ b/squashfs-root/etc/config/disk @@ -0,0 +1,20 @@ +# Copyright (C) 2006 OpenWrt.org +# +# setting.status 0: no hdd +# 1: hdd exists +# +# disk.status 0: okay, mounted +# 1: need to do fsck +# 2: no mounted +# + +config disk setting + option total 1 + option status 0 + +config disk p1 + option name data + option node '/dev/mtd7' + option shared 0 + option status 0 + option type jffs2 diff --git a/squashfs-root/etc/config/dropbear b/squashfs-root/etc/config/dropbear new file mode 100644 index 0000000..2139ba0 --- /dev/null +++ b/squashfs-root/etc/config/dropbear @@ -0,0 +1,5 @@ +config dropbear + option PasswordAuth 'on' + option RootPasswordAuth 'on' + option Port '22' +# option BannerFile '/etc/banner' diff --git a/squashfs-root/etc/config/fanctrl b/squashfs-root/etc/config/fanctrl new file mode 100644 index 0000000..b231b66 --- /dev/null +++ b/squashfs-root/etc/config/fanctrl @@ -0,0 +1,4 @@ +config temperature + option 'highest' '64' + option 'middle' '55' + option 'lowest' '50' \ No newline at end of file diff --git a/squashfs-root/etc/config/firewall b/squashfs-root/etc/config/firewall new file mode 100644 index 0000000..91facc1 --- /dev/null +++ b/squashfs-root/etc/config/firewall @@ -0,0 +1,232 @@ +config defaults + #temp disable syn_flood proctect. + option syn_flood 0 + option input ACCEPT + option output ACCEPT + option forward REJECT + option drop_invalid 1 +# Uncomment this line to disable ipv6 rules + option disable_ipv6 1 + +config zone + option name lan + list network 'lan' + option network 'lan' + option input ACCEPT + option output ACCEPT + option forward REJECT + +config zone + option name wan + list network 'wan' + option network 'wan' + option input REJECT + option output ACCEPT + option forward REJECT + option masq 1 + option mtu_fix 1 + +config forwarding + option src lan + option dest wan + +# We need to accept udp packets on port 68, +# see https://dev.openwrt.org/ticket/4108 +config rule + option name Allow-DHCP-Renew + option src wan + option proto udp + option dest_port 68 + option target ACCEPT + option family ipv4 + +# Allow IPv4 ping +config rule + option name Allow-Ping + option src wan + option proto icmp + option icmp_type echo-request + option family ipv4 + option target ACCEPT + +# Allow DHCPv6 replies +# see https://dev.openwrt.org/ticket/10381 +config rule + option name Allow-DHCPv6 + option src wan + option proto udp + option src_ip fe80::/10 + option src_port 547 + option dest_ip fe80::/10 + option dest_port 546 + option family ipv6 + option target ACCEPT + +# Allow essential incoming IPv6 ICMP traffic +config rule + option name Allow-ICMPv6-Input + option src wan + option proto icmp + list icmp_type echo-request + list icmp_type echo-reply + list icmp_type destination-unreachable + list icmp_type packet-too-big + list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type + list icmp_type router-solicitation + list icmp_type neighbour-solicitation + list icmp_type router-advertisement + list icmp_type neighbour-advertisement + option limit 1000/sec + option family ipv6 + option target ACCEPT + +# Allow essential forwarded IPv6 ICMP traffic +config rule + option name Allow-ICMPv6-Forward + option src wan + option dest * + option proto icmp + list icmp_type echo-request + list icmp_type echo-reply + list icmp_type destination-unreachable + list icmp_type packet-too-big + list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type + option limit 1000/sec + option family ipv6 + option target ACCEPT + +# include a file with users custom iptables rules +# +#nat +config include 'webinitrdr' + option path '/lib/firewall.sysapi.loader webinitrdr' + option reload "1" + option enabled "1" + +#nat +config include 'dnsmiwifi' + option path '/lib/firewall.sysapi.loader dnsmiwifi' + option reload "1" + option enabled "1" + +config include 'macfilter' + option path '/lib/firewall.sysapi.loader macfilter' + option reload "1" + option enabled "1" + +config include 'miqos' + option path '/lib/firewall.sysapi.loader miqos' + option reload "1" + +config include 'turbo' + option path '/lib/firewall.sysapi.loader turbo' + option reload "1" + option enabled "1" + +config include 'xqfp' + option path '/lib/firewall.sysapi.loader xqfp' + option reload "1" + +config include 'firewalluser' + option path /etc/firewall.user + option reload 1 + +config include 'dmz_bypass_ctf' + option path '/lib/firewall.sysapi.loader dmz_bypass_ctf' + option reload '1' + +config include 'rr_rule' + option path '/lib/firewall/rr.load reload' + option reload '1' + +config rule 'xunleiwantcpports' + option name 'xunlei wan accept tcp port 1080 4662 2080 2062' + option src 'wan' + option dest_port '1080 4662 2080 2062' + option proto 'tcp' + option target 'ACCEPT' + +config rule 'xunleiwanudpports' + option name 'xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066' + option src 'wan' + option dest_port '4661 3027 888 666 2037 2061 2048 2066' + option proto 'udp' + option target 'ACCEPT' + +config rule 'guest_8999' + option name 'Hello wifi 8999' + option src 'guest' + option proto 'tcp' + option dest_port '8999' + option target 'ACCEPT' + +config rule 'guest_8300' + option name 'Hello wifi 8300' + option src 'guest' + option proto 'tcp' + option dest_port '8300' + option target 'ACCEPT' + +config rule 'guest_7080' + option name 'Hello wifi 7080' + option src 'guest' + option proto 'tcp' + option dest_port '7080' + option target 'ACCEPT' + +config zone 'ready_zone' + option name 'ready' + list network 'ready' + option input 'DROP' + option forward 'DROP' + option output 'DROP' + +config rule 'ready_dhcp' + option name 'DHCP for ready' + option src 'ready' + option src_port '67-68' + option dest_port '67-68' + option proto 'udp' + option target 'ACCEPT' + +config rule 'ready_dhcp_out' + option name 'DHCP for ready' + option dest 'ready' + option src_port '67-68' + option dest_port '67-68' + option proto 'udp' + option target 'ACCEPT' + +config rule 'ready_tbus_in' + option name 'tbus for ready' + option src 'ready' + option dest_port '784' + option proto 'tcp' + option target 'ACCEPT' + +config rule 'ready_tbus_out' + option name 'tbus for ready' + option src 'ready' + option src_port '784' + option proto 'tcp' + option target 'ACCEPT' + +config redirect 'nxdomain' + option name 'nxdomain' + option src 'lan' + option src_dport '80' + option src_dip '198.51.100.9' # rfc5735 + option dest_port '8190' + option proto 'tcp' + option target DNAT + +config rule 'ptdownload' + option name 'ingress port for PT download' + option src 'wan' + option dest_port '51413' + option proto 'tcpudp' + option target 'ACCEPT' diff --git a/squashfs-root/etc/config/firewall_default b/squashfs-root/etc/config/firewall_default new file mode 100644 index 0000000..91facc1 --- /dev/null +++ b/squashfs-root/etc/config/firewall_default @@ -0,0 +1,232 @@ +config defaults + #temp disable syn_flood proctect. + option syn_flood 0 + option input ACCEPT + option output ACCEPT + option forward REJECT + option drop_invalid 1 +# Uncomment this line to disable ipv6 rules + option disable_ipv6 1 + +config zone + option name lan + list network 'lan' + option network 'lan' + option input ACCEPT + option output ACCEPT + option forward REJECT + +config zone + option name wan + list network 'wan' + option network 'wan' + option input REJECT + option output ACCEPT + option forward REJECT + option masq 1 + option mtu_fix 1 + +config forwarding + option src lan + option dest wan + +# We need to accept udp packets on port 68, +# see https://dev.openwrt.org/ticket/4108 +config rule + option name Allow-DHCP-Renew + option src wan + option proto udp + option dest_port 68 + option target ACCEPT + option family ipv4 + +# Allow IPv4 ping +config rule + option name Allow-Ping + option src wan + option proto icmp + option icmp_type echo-request + option family ipv4 + option target ACCEPT + +# Allow DHCPv6 replies +# see https://dev.openwrt.org/ticket/10381 +config rule + option name Allow-DHCPv6 + option src wan + option proto udp + option src_ip fe80::/10 + option src_port 547 + option dest_ip fe80::/10 + option dest_port 546 + option family ipv6 + option target ACCEPT + +# Allow essential incoming IPv6 ICMP traffic +config rule + option name Allow-ICMPv6-Input + option src wan + option proto icmp + list icmp_type echo-request + list icmp_type echo-reply + list icmp_type destination-unreachable + list icmp_type packet-too-big + list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type + list icmp_type router-solicitation + list icmp_type neighbour-solicitation + list icmp_type router-advertisement + list icmp_type neighbour-advertisement + option limit 1000/sec + option family ipv6 + option target ACCEPT + +# Allow essential forwarded IPv6 ICMP traffic +config rule + option name Allow-ICMPv6-Forward + option src wan + option dest * + option proto icmp + list icmp_type echo-request + list icmp_type echo-reply + list icmp_type destination-unreachable + list icmp_type packet-too-big + list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type + option limit 1000/sec + option family ipv6 + option target ACCEPT + +# include a file with users custom iptables rules +# +#nat +config include 'webinitrdr' + option path '/lib/firewall.sysapi.loader webinitrdr' + option reload "1" + option enabled "1" + +#nat +config include 'dnsmiwifi' + option path '/lib/firewall.sysapi.loader dnsmiwifi' + option reload "1" + option enabled "1" + +config include 'macfilter' + option path '/lib/firewall.sysapi.loader macfilter' + option reload "1" + option enabled "1" + +config include 'miqos' + option path '/lib/firewall.sysapi.loader miqos' + option reload "1" + +config include 'turbo' + option path '/lib/firewall.sysapi.loader turbo' + option reload "1" + option enabled "1" + +config include 'xqfp' + option path '/lib/firewall.sysapi.loader xqfp' + option reload "1" + +config include 'firewalluser' + option path /etc/firewall.user + option reload 1 + +config include 'dmz_bypass_ctf' + option path '/lib/firewall.sysapi.loader dmz_bypass_ctf' + option reload '1' + +config include 'rr_rule' + option path '/lib/firewall/rr.load reload' + option reload '1' + +config rule 'xunleiwantcpports' + option name 'xunlei wan accept tcp port 1080 4662 2080 2062' + option src 'wan' + option dest_port '1080 4662 2080 2062' + option proto 'tcp' + option target 'ACCEPT' + +config rule 'xunleiwanudpports' + option name 'xunlei wan accept udp port 4661 3027 888 666 2037 2061 2048 2066' + option src 'wan' + option dest_port '4661 3027 888 666 2037 2061 2048 2066' + option proto 'udp' + option target 'ACCEPT' + +config rule 'guest_8999' + option name 'Hello wifi 8999' + option src 'guest' + option proto 'tcp' + option dest_port '8999' + option target 'ACCEPT' + +config rule 'guest_8300' + option name 'Hello wifi 8300' + option src 'guest' + option proto 'tcp' + option dest_port '8300' + option target 'ACCEPT' + +config rule 'guest_7080' + option name 'Hello wifi 7080' + option src 'guest' + option proto 'tcp' + option dest_port '7080' + option target 'ACCEPT' + +config zone 'ready_zone' + option name 'ready' + list network 'ready' + option input 'DROP' + option forward 'DROP' + option output 'DROP' + +config rule 'ready_dhcp' + option name 'DHCP for ready' + option src 'ready' + option src_port '67-68' + option dest_port '67-68' + option proto 'udp' + option target 'ACCEPT' + +config rule 'ready_dhcp_out' + option name 'DHCP for ready' + option dest 'ready' + option src_port '67-68' + option dest_port '67-68' + option proto 'udp' + option target 'ACCEPT' + +config rule 'ready_tbus_in' + option name 'tbus for ready' + option src 'ready' + option dest_port '784' + option proto 'tcp' + option target 'ACCEPT' + +config rule 'ready_tbus_out' + option name 'tbus for ready' + option src 'ready' + option src_port '784' + option proto 'tcp' + option target 'ACCEPT' + +config redirect 'nxdomain' + option name 'nxdomain' + option src 'lan' + option src_dport '80' + option src_dip '198.51.100.9' # rfc5735 + option dest_port '8190' + option proto 'tcp' + option target DNAT + +config rule 'ptdownload' + option name 'ingress port for PT download' + option src 'wan' + option dest_port '51413' + option proto 'tcpudp' + option target 'ACCEPT' diff --git a/squashfs-root/etc/config/http_apk_proxy b/squashfs-root/etc/config/http_apk_proxy new file mode 100755 index 0000000..8888642 --- /dev/null +++ b/squashfs-root/etc/config/http_apk_proxy @@ -0,0 +1,2 @@ +config global 'settings' + option enabled '0' diff --git a/squashfs-root/etc/config/http_client_detect b/squashfs-root/etc/config/http_client_detect new file mode 100755 index 0000000..6e00dd5 --- /dev/null +++ b/squashfs-root/etc/config/http_client_detect @@ -0,0 +1,2 @@ +config global 'settings' + option enabled '1' diff --git a/squashfs-root/etc/config/http_content_mark b/squashfs-root/etc/config/http_content_mark new file mode 100755 index 0000000..6e00dd5 --- /dev/null +++ b/squashfs-root/etc/config/http_content_mark @@ -0,0 +1,2 @@ +config global 'settings' + option enabled '1' diff --git a/squashfs-root/etc/config/http_status_stat b/squashfs-root/etc/config/http_status_stat new file mode 100755 index 0000000..8888642 --- /dev/null +++ b/squashfs-root/etc/config/http_status_stat @@ -0,0 +1,2 @@ +config global 'settings' + option enabled '0' diff --git a/squashfs-root/etc/config/http_url_proxy b/squashfs-root/etc/config/http_url_proxy new file mode 100755 index 0000000..6e00dd5 --- /dev/null +++ b/squashfs-root/etc/config/http_url_proxy @@ -0,0 +1,2 @@ +config global 'settings' + option enabled '1' diff --git a/squashfs-root/etc/config/ipv6 b/squashfs-root/etc/config/ipv6 new file mode 100755 index 0000000..113ae3f --- /dev/null +++ b/squashfs-root/etc/config/ipv6 @@ -0,0 +1,4 @@ +config ipv6 settings + option enabled 0 + + diff --git a/squashfs-root/etc/config/luci b/squashfs-root/etc/config/luci new file mode 100644 index 0000000..97c87d0 --- /dev/null +++ b/squashfs-root/etc/config/luci @@ -0,0 +1,25 @@ +config core main + option lang zh_cn + option 'mediaurlbase' '/xiaoqiang' + option 'resourcebase' '/xiaoqiang' + +config extern flash_keep + option uci "/etc/config/" + option dropbear "/etc/dropbear/" + option openvpn "/etc/openvpn/" + option passwd "/etc/passwd" + option opkg "/etc/opkg.conf" + option firewall "/etc/firewall.user" + option uploads "/lib/uci/upload/" + +config internal languages + +config internal sauth + option sessionpath "/tmp/luci-sessions" + option sessiontime 7200 + +config internal ccache + option enable 1 + +config internal themes + option 'xiaoqiang' '/xiaoqiang' diff --git a/squashfs-root/etc/config/macbind b/squashfs-root/etc/config/macbind new file mode 100644 index 0000000..e69de29 diff --git a/squashfs-root/etc/config/macfilter b/squashfs-root/etc/config/macfilter new file mode 100755 index 0000000..93b28b1 --- /dev/null +++ b/squashfs-root/etc/config/macfilter @@ -0,0 +1,10 @@ +config mode 'mode' + option wan 'blacklist' + option lan 'blacklist' + option admin 'blacklist' + option pridisk 'whitelist' + +config lanports + +config adminports + option tcp 80,443,23,22 diff --git a/squashfs-root/etc/config/messaging b/squashfs-root/etc/config/messaging new file mode 100644 index 0000000..4f28de3 --- /dev/null +++ b/squashfs-root/etc/config/messaging @@ -0,0 +1 @@ +config messaging 'deviceInfo' diff --git a/squashfs-root/etc/config/miqos b/squashfs-root/etc/config/miqos new file mode 100644 index 0000000..556a29f --- /dev/null +++ b/squashfs-root/etc/config/miqos @@ -0,0 +1,53 @@ + +config miqos settings + option name 'settings' + option enabled 0 + option upload 0 + option download 0 + option qos_auto 'auto' + +config system param + option name 'param' + option flow 'game,web,video,download' + option seq_prio 'auto' + +config limit guest + option name 'guest' + +config limit xq + option name 'xq' + +config group 00 + option name '00' + option max_grp_uplink '0' + option max_grp_downlink '0' + option min_grp_uplink '0' + option min_grp_downlink '0' + option mode 'general' + list mac '00' + +config class p1 + option name 'p1' + option tcp_ports '37,21:23,53,123,3389,3455,3478,5060:5063,5890:5892' + option udp_ports '37,22,53,67,123,500,3455' + option tos 'Minimize-Delay' + +config class p2 + option name 'p2' + option tcp_ports '80,443,1710,2222,8000,8080' + option udp_ports '2222,3389,8000,8080' + option tos 'Minimize-Cost' + +config class p3 + option name 'p3' + option tcp_ports '25,110,139,143,220,585,993,995' + option udp_ports '110,143,220,585,993,995' + option tos 'Maximize-Reliability' + +config class p4 + option name 'p4' + option tcp_ports '20,69' + option udp_ports '445' + option tos '' + + diff --git a/squashfs-root/etc/config/miqos_default b/squashfs-root/etc/config/miqos_default new file mode 100644 index 0000000..556a29f --- /dev/null +++ b/squashfs-root/etc/config/miqos_default @@ -0,0 +1,53 @@ + +config miqos settings + option name 'settings' + option enabled 0 + option upload 0 + option download 0 + option qos_auto 'auto' + +config system param + option name 'param' + option flow 'game,web,video,download' + option seq_prio 'auto' + +config limit guest + option name 'guest' + +config limit xq + option name 'xq' + +config group 00 + option name '00' + option max_grp_uplink '0' + option max_grp_downlink '0' + option min_grp_uplink '0' + option min_grp_downlink '0' + option mode 'general' + list mac '00' + +config class p1 + option name 'p1' + option tcp_ports '37,21:23,53,123,3389,3455,3478,5060:5063,5890:5892' + option udp_ports '37,22,53,67,123,500,3455' + option tos 'Minimize-Delay' + +config class p2 + option name 'p2' + option tcp_ports '80,443,1710,2222,8000,8080' + option udp_ports '2222,3389,8000,8080' + option tos 'Minimize-Cost' + +config class p3 + option name 'p3' + option tcp_ports '25,110,139,143,220,585,993,995' + option udp_ports '110,143,220,585,993,995' + option tos 'Maximize-Reliability' + +config class p4 + option name 'p4' + option tcp_ports '20,69' + option udp_ports '445' + option tos '' + + diff --git a/squashfs-root/etc/config/misc b/squashfs-root/etc/config/misc new file mode 100644 index 0000000..75b3833 --- /dev/null +++ b/squashfs-root/etc/config/misc @@ -0,0 +1,138 @@ +config misc mount_bind_etc + option flag_name flag_format_overlay + +config misc mount_jffs2 + option do_mount 1 + +config misc determine_ext_root + option skip_det_ext_root 1 + +config misc wireless + option if_2G mt7628 + option if_5G mt7610e + option ifname_2G wl1 + option ifname_apclient_2G apcli0 + option ifname_lan_ap eth0.2 + option ifname_wifi_ap apcli0 + option wl_if_count 1 + option guest_2G wl3 + option ifname_guest_2G wl3 + option apclient_2G apcli0 + option apcli0_scanifname 'wl1' + option apcli0_scanband '2g' + option apcli0_device 'mt7628' + option apcli0_mode '1' + list APCLI_IFNAMES 'apcli0' + list DEVICE_LIST 'device_2g' + option device_2g_band '2g' + option device_2g_name 'mt7628' + option device_2g_primary 'iface_2g' + list IFACE_LIST 'iface_2g' + list IFACE_LIST 'iface_guest_2g' + list IFACE_LIST 'iface_ready_2g' + option iface_2g_ifname 'wl1' + option iface_2g_deviceidx 'device_2g' + option iface_2g_network 'lan' + option iface_guest_2g_name 'guest_2G' + option iface_guest_2g_ifname 'wl3' + option iface_guest_2g_deviceidx 'device_2g' + option iface_guest_2g_network 'guest' + option iface_ready_2g_name 'miwifi_ready' + option iface_ready_2g_ifname 'wl2' + option iface_ready_2g_deviceidx 'device_2g' + option iface_ready_2g_network 'ready' + list APCLI_LIST 'apcli_2g' + option apcli_2g_ifname 'apcli0' + option apcli_2g_deviceidx 'device_2g' + option apcli_2g_workmode '1' + option apcli_2g_network 'lan' + +config misc httpd + option uhttpd 0 + +config misc sw_reg + option sw_power '0' + option sw_power_up '0x3100' + option sw_power_down '0x3900' + option sw_speed '4' + option sw_neg_100 '5e1' + option sw_neg_10 '461' + option sw_redo_neg '3300' + option sw_lan_ports '2 4' + option sw_wan_port '0' + +config misc switchop + option bridgeap_connect 'bridgeap_connect_r1cm' + option bridgeap_open 'bridgeap_open_r1cm' + option bridgeap_close 'bridgeap_close_r1cm' + option wifiap_connect 'wifiap_connect_r1cm' + option wifiap_open 'wifiap_open_r1cm' + option wifiap_close 'wifiap_close_r1cm' + +config misc quickpass + option ctf 0 + +config misc log + option redundancy_mode 0 + +config misc boot + option syslog 1 + option checkswap 0 + +config misc firewall + option webinit 1 + +config misc messagingagent + option thread_num 2 + +config misc iwevent + option authorize 1 + +config misc samba + option smb_tune 1 + option smb_sndbuf 4194304 + option smb_rcvbuf 4194304 + +config misc initd + option cpulimit_en 1 + option cpuctr_en 0 + option trafctr_en 0 + option networkdt_en 0 + +config misc hardware + option model R3L + option recovery 0 + option gpio 38 + option flash_per 1 + option bbs 'http://bbs.xiaomi.cn/forum/detail/fid/354' + option verify 'cd /tmp;mkxqimage -v ' + option camera '/extdisks/sda1/' + option usbmode 1 + option rom_up_path '/tmp/' + option rom_up_file 'customrom.bin' + option cpufreq '575MHz' + option memtype 'DDR2' + option memfreq '800MHz' + option memsize '64MB' + +config misc modules + option guestwifi 'wl3' + +config misc config_bkup + option cfg_bkup_en 0 + +config misc fantmp + option fantmp_en 0 + +config misc check_for_boottype + option flag31 1 + +config misc ota_pred + option download 0 + +config misc http_proxy + option fastpath "std" + +config misc cgroup + option memgrp1_en 1 + option memgrp1_limit '30m' diff --git a/squashfs-root/etc/config/module b/squashfs-root/etc/config/module new file mode 100644 index 0000000..b8a6c4f --- /dev/null +++ b/squashfs-root/etc/config/module @@ -0,0 +1,2 @@ +config core 'common' + option 'replacement_assistant' '1' diff --git a/squashfs-root/etc/config/netdig b/squashfs-root/etc/config/netdig new file mode 100644 index 0000000..50bc375 --- /dev/null +++ b/squashfs-root/etc/config/netdig @@ -0,0 +1,6 @@ + +config config 'config' + option ip_list 'www.taobao.com www.21cn.com www.letv.com www.ifeng.com www.cntv.cn tv.sohu.com www.chinaz.com www.126.com news.qq.com www.csdn.net' + option max_delay '3600' + option count '4' + diff --git a/squashfs-root/etc/config/otapred b/squashfs-root/etc/config/otapred new file mode 100644 index 0000000..793d88b --- /dev/null +++ b/squashfs-root/etc/config/otapred @@ -0,0 +1,4 @@ + +config ota settings + option enabled 1 + diff --git a/squashfs-root/etc/config/parentalctl b/squashfs-root/etc/config/parentalctl new file mode 100755 index 0000000..4e1dbf6 --- /dev/null +++ b/squashfs-root/etc/config/parentalctl @@ -0,0 +1,7 @@ +#parental control 配置 +config global 'global' + option disabled '1' + + + + diff --git a/squashfs-root/etc/config/push b/squashfs-root/etc/config/push new file mode 100644 index 0000000..9765d0e --- /dev/null +++ b/squashfs-root/etc/config/push @@ -0,0 +1,14 @@ +config core 'common' + option '1' '0x02' + option '2' '0x00' + option '3' '0x02' + option '4' '0x00' + option '5' '0x01' + option '6' '0x02' + option '7' '0x00' + option '8' '0x01' + option '13' '0x02' + option '301' '0x01' + option '302' '0x01' + option '303' '0x01' + option '999' '0x03' \ No newline at end of file diff --git a/squashfs-root/etc/config/rmonitor b/squashfs-root/etc/config/rmonitor new file mode 100644 index 0000000..fb2b5a1 --- /dev/null +++ b/squashfs-root/etc/config/rmonitor @@ -0,0 +1,4 @@ + +config monitor settings + option enabled 1 + diff --git a/squashfs-root/etc/config/sdkfilter b/squashfs-root/etc/config/sdkfilter new file mode 100644 index 0000000..c109d47 --- /dev/null +++ b/squashfs-root/etc/config/sdkfilter @@ -0,0 +1 @@ +config core 'common' \ No newline at end of file diff --git a/squashfs-root/etc/config/security b/squashfs-root/etc/config/security new file mode 100644 index 0000000..27c35d5 --- /dev/null +++ b/squashfs-root/etc/config/security @@ -0,0 +1,4 @@ +config settings 'common' + option 'malicious_url_firewall' '0' + option 'virus_file_firewall' '0' + option 'privacy_protection' '0' \ No newline at end of file diff --git a/squashfs-root/etc/config/securitypage/securitycenter.conf b/squashfs-root/etc/config/securitypage/securitycenter.conf new file mode 100755 index 0000000..6d8c7f4 --- /dev/null +++ b/squashfs-root/etc/config/securitypage/securitycenter.conf @@ -0,0 +1,25 @@ +http_concurrent_num = 10 +http_timeout = 30 +select_timeout = 10 +pool_max_size = 1000 + +sync_rule_interval_ts = 60 +frist_sync_rule_interval_ts = 10 + +thrift_ip = "127.0.0.1" +thrift_port = 9898 +thrift_resend_interval = 6 +thrift_resend_max_count = 10 + +first_feed_hit_count = 10 +feed_hit_interval = 50 + +security_whitelist_url = "http://api.miwifi.com/urlsec/get_white_list" +security_blacklist_url = "http://masterconn2.qq.com/getblacklist" +security_service_provider_url = "http://api.miwifi.com/urlsec/get_service_provider" + +get_statistics_interval = 30 + +security_db_path = "/tmp/" + +security_while_list_max_id = 0 diff --git a/squashfs-root/etc/config/smartvpn b/squashfs-root/etc/config/smartvpn new file mode 100755 index 0000000..51fec6e --- /dev/null +++ b/squashfs-root/etc/config/smartvpn @@ -0,0 +1,25 @@ + +config remote "vpn" + option disabled "1" + option status "off" + option type vpn + option domain_file /etc/smartvpn/proxy.txt + option proxy_local_port 10080 + option proxy_remote_ip 54.85.90.122 + +#mac: devices which transfer through vpn +#notmac: devices which not transfer through vpn +#config device 'device' +# list mac '34:17:eb:d0:e6:f9' + + +config dest 'dest' + list notnet '169.254.0.0/16' + list notnet '10.0.0.0/8' + list notnet '169.254.0.0/16' + list notnet '172.16.0.0/12' + list notnet '192.168.0.0/16' + list notnet '224.0.0.0/4' + list notnet '240.0.0.0/4' + + diff --git a/squashfs-root/etc/config/soft_fast_path b/squashfs-root/etc/config/soft_fast_path new file mode 100755 index 0000000..6e00dd5 --- /dev/null +++ b/squashfs-root/etc/config/soft_fast_path @@ -0,0 +1,2 @@ +config global 'settings' + option enabled '1' diff --git a/squashfs-root/etc/config/system b/squashfs-root/etc/config/system new file mode 100755 index 0000000..23b8ba9 --- /dev/null +++ b/squashfs-root/etc/config/system @@ -0,0 +1,25 @@ +#http://wiki.openwrt.org/doc/uci/system +config system + option hostname 'XiaoQiang' + option timezone 'CST-8' + #log config for busybox syslod + option log_type 'file' + option log_size '100' + option log_rotate '1' + option log_file '/data/usr/log/messages' + +config timeserver 'ntp' + option enable_server '0' + list server '0.pool.ntp.org' + list server '1.pool.ntp.org' + list server '2.pool.ntp.org' + list server '3.pool.ntp.org' + list server '3.asia.pool.ntp.org' + list server '0.asia.pool.ntp.org' + list server '0.cn.pool.ntp.org' + +config hostdns 'netdt' + option cn_domain 'www.baidu.com www.taobao.com www.qq.com www.sohu.com' + option cn_dns '180.76.76.76 114.114.114.114' + option world_domain 'www.google.com www.facebook.com www.microsoft.com' + option world_dns '8.8.8.8 8.8.4.4' \ No newline at end of file diff --git a/squashfs-root/etc/config/traffic b/squashfs-root/etc/config/traffic new file mode 100644 index 0000000..31eb743 --- /dev/null +++ b/squashfs-root/etc/config/traffic @@ -0,0 +1,16 @@ +config globals + option hw_sizelimit '256' + option hw_recycle_percent '10' + option hw_looptime '5000' + option br_looptime '5000' + option br_lan 'br-lan' + option br_guest 'br-guest' + option dev_looptime '2000' + option ip_looptime '2000' + option log_file '/data/trafficd/trafficd.dat' + option ubus_socket '/var/run/ubus.sock' + option tbus_listen_port '784' + option tbus_listen_event 'trafficd' + option http_info_data_path '/tmp/http_info/' + option http_info_item_number '40' + option http_info_cache_size '1048576' diff --git a/squashfs-root/etc/config/ucitrack b/squashfs-root/etc/config/ucitrack new file mode 100644 index 0000000..084bd67 --- /dev/null +++ b/squashfs-root/etc/config/ucitrack @@ -0,0 +1,50 @@ +config network + option init network + list affects dhcp + list affects radvd + +config wireless + list affects network + +config firewall + option init firewall + list affects luci-splash + list affects qos + list affects miniupnpd + +config olsr + option init olsrd + +config dhcp + option init dnsmasq + +config dropbear + option init dropbear + +config httpd + option init httpd + +config fstab + option init fstab + +config qos + option init qos + +config system + option init led + list affects luci_statistics + +config luci_splash + option init luci_splash + +config upnpd + option init miniupnpd + +config ntpclient + option init ntpclient + +config samba + option init samba + +config tinyproxy + option init tinyproxy diff --git a/squashfs-root/etc/config/uhttpd b/squashfs-root/etc/config/uhttpd new file mode 100644 index 0000000..62af045 --- /dev/null +++ b/squashfs-root/etc/config/uhttpd @@ -0,0 +1,90 @@ +#warning: uhttpd is replaced by sysapihttpd +# Server configuration +config uhttpd main + + # HTTP listen addresses, multiple allowed + list listen_http 0.0.0.0:80 +# list listen_http [::]:80 + + # HTTPS listen addresses, multiple allowed + list listen_https 0.0.0.0:443 +# list listen_https [::]:443 + + # Server document root + option home /www + + # Reject requests from RFC1918 IP addresses + # directed to the servers public IP(s). + # This is a DNS rebinding countermeasure. + option rfc1918_filter 1 + + # Maximum number of concurrent requests. + # If this number is exceeded, further requests are + # queued until the number of running requests drops + # below the limit again. + option max_requests 10 + + # Certificate and private key for HTTPS. + # If no listen_https addresses are given, + # the key options are ignored. + option cert /etc/uhttpd.crt + option key /etc/uhttpd.key + + # CGI url prefix, will be searched in docroot. + # Default is /cgi-bin + option cgi_prefix /cgi-bin + + # List of extension->interpreter mappings. + # Files with an associated interpreter can + # be called outside of the CGI prefix and do + # not need to be executable. +# list interpreter ".php=/usr/bin/php-cgi" +# list interpreter ".cgi=/usr/bin/perl" + + # Lua url prefix and handler script. + # Lua support is disabled if no prefix given. + option lua_prefix /luci + option lua_handler /usr/lib/lua/luci/sgi/uhttpd.lua + + # CGI/Lua timeout, if the called script does not + # write data within the given amount of seconds, + # the server will terminate the request with + # 504 Gateway Timeout response. + option script_timeout 150 + + # Network timeout, if the current connection is + # blocked for the specified amount of seconds, + # the server will terminate the associated + # request process. + option network_timeout 30 + + # TCP Keep-Alive, send periodic keep-alive probes + # over established connections to detect dead peers. + # The value is given in seconds to specify the + # interval between subsequent probes. + # Setting this to 0 will disable TCP keep-alive. + option tcp_keepalive 0 + + # Basic auth realm, defaults to local hostname +# option realm OpenWrt + + # Configuration file in busybox httpd format +# option config /etc/httpd.conf + + +# Certificate defaults for px5g key generator +config cert px5g + + # Validity time + option days 730 + + # RSA key size + option bits 1024 + + # Location + option country DE + option state Berlin + option location Berlin + + # Common name + option commonname OpenWrt diff --git a/squashfs-root/etc/config/upnpd b/squashfs-root/etc/config/upnpd new file mode 100644 index 0000000..377831d --- /dev/null +++ b/squashfs-root/etc/config/upnpd @@ -0,0 +1,25 @@ +config upnpd config + option enable_natpmp 1 + option enable_upnp 1 + option secure_mode 0 + option log_output 0 + option download 1024 + option upload 512 + option external_iface wan + option internal_iface lan + option port 5351 + option upnp_lease_file /tmp/upnp.leases + +config perm_rule + option action allow + option ext_ports 1024-65535 + option int_addr 0.0.0.0/0 # Does not override secure_mode + option int_ports 1024-65535 + option comment "Allow high ports" + +config perm_rule + option action deny + option ext_ports 0-65535 + option int_addr 0.0.0.0/0 + option int_ports 0-65535 + option comment "Default deny" diff --git a/squashfs-root/etc/config/vas b/squashfs-root/etc/config/vas new file mode 100644 index 0000000..8824db3 --- /dev/null +++ b/squashfs-root/etc/config/vas @@ -0,0 +1,36 @@ +config settings 'services' + option security_page '0' + option shopping_bar '0' + option auto_upgrade '-1' + option baidu_video_bar '0' + +config rule 'countrycode' + option security_page 'CN' + option shopping_bar 'CN' + option auto_upgrade 'CN' + option baidu_video_bar 'CN' + +config service 'invalid_page' + option on 'matool --method setKV --params invalid_page_status on; /etc/init.d/http_status_stat on' + option off 'matool --method setKV --params invalid_page_status off; /etc/init.d/http_status_stat off' + option status 'uci get http_status_stat.settings.enabled 2>/dev/null' + +config service 'security_page' + option on 'matool --method setKV --params security_page_status on;uci set security.common.malicious_url_firewall=1;uci commit security;touch /etc/config/securitypage/enable.tag; /etc/init.d/securitypage restart' + option off 'matool --method setKV --params security_page_status off;uci set security.common.malicious_url_firewall=0;uci commit security; /etc/init.d/securitypage restart' + option status '' + +config service 'shopping_bar' + option on 'matool --method setKV --params gouwudang_status on; /usr/bin/trmd -f; /usr/bin/trmd' + option off 'matool --method setKV --params gouwudang_status off; /usr/bin/trmd -f; /usr/bin/trmd' + option status '' + +config service 'auto_upgrade' + option on 'uci set otapred.settings.auto=1; uci commit otapred' + option off 'uci set otapred.settings.auto=0; uci commit otapred' + option status 'uci get otapred.settings.auto 2>/dev/null' + +config service 'baidu_video_bar' + option on 'matool --method setKV --params baidu_video_bar on; /usr/bin/trmd -f; /usr/bin/trmd' + option off 'matool --method setKV --params baidu_video_bar off; /usr/bin/trmd -f; /usr/bin/trmd' + option status '' diff --git a/squashfs-root/etc/config/vas_user b/squashfs-root/etc/config/vas_user new file mode 100644 index 0000000..e69de29 diff --git a/squashfs-root/etc/config/vpnlist b/squashfs-root/etc/config/vpnlist new file mode 100644 index 0000000..e69de29 diff --git a/squashfs-root/etc/config/wifiblist b/squashfs-root/etc/config/wifiblist new file mode 100644 index 0000000..8a7758a --- /dev/null +++ b/squashfs-root/etc/config/wifiblist @@ -0,0 +1 @@ +config core 'maclist' \ No newline at end of file diff --git a/squashfs-root/etc/config/wifishare b/squashfs-root/etc/config/wifishare new file mode 100755 index 0000000..52471cd --- /dev/null +++ b/squashfs-root/etc/config/wifishare @@ -0,0 +1,6 @@ +config global 'global' + option disabled '1' + option auth_timeout '90' + option timeout '86400' + + diff --git a/squashfs-root/etc/config/wifiwlist b/squashfs-root/etc/config/wifiwlist new file mode 100644 index 0000000..8a7758a --- /dev/null +++ b/squashfs-root/etc/config/wifiwlist @@ -0,0 +1 @@ +config core 'maclist' \ No newline at end of file diff --git a/squashfs-root/etc/config/xiaoqiang b/squashfs-root/etc/config/xiaoqiang new file mode 100644 index 0000000..c109d47 --- /dev/null +++ b/squashfs-root/etc/config/xiaoqiang @@ -0,0 +1 @@ +config core 'common' \ No newline at end of file diff --git a/squashfs-root/etc/crontabs/root b/squashfs-root/etc/crontabs/root new file mode 100755 index 0000000..c440032 --- /dev/null +++ b/squashfs-root/etc/crontabs/root @@ -0,0 +1,9 @@ +*/15 * * * * /usr/sbin/ntpsetclock 60 log >/dev/null 2>&1 +* * * * * /usr/sbin/startscene_crontab.lua `/bin/date "+%u %H:%M"` +0 12 * * * /usr/sbin/recordscene_crontab.lua +45 23 * * * /usr/sbin/points_sysset_pro.lua >/dev/null 2>&1 +0 20 * * * /usr/bin/stat_lan +5 * * * * /usr/sbin/otapredownload >/dev/null 2>&1 +0 5 * * 3 /etc/init.d/web_filter_record restart >/dev/null 2>&1 +0 3 * * * /etc/init.d/sysapihttpd restart >/dev/null 2>&1 +0 8,19 * * * /usr/sbin/netdig.sh >/dev/null 2>&1 diff --git a/squashfs-root/etc/diag.sh b/squashfs-root/etc/diag.sh new file mode 100755 index 0000000..8726a43 --- /dev/null +++ b/squashfs-root/etc/diag.sh @@ -0,0 +1,4 @@ +#!/bin/sh +# Copyright (C) 2006-2009 OpenWrt.org + +set_state() { :; } diff --git a/squashfs-root/etc/fstab b/squashfs-root/etc/fstab new file mode 120000 index 0000000..f0ece1d --- /dev/null +++ b/squashfs-root/etc/fstab @@ -0,0 +1 @@ +/tmp/fstab \ No newline at end of file diff --git a/squashfs-root/etc/functions.sh b/squashfs-root/etc/functions.sh new file mode 120000 index 0000000..13b3190 --- /dev/null +++ b/squashfs-root/etc/functions.sh @@ -0,0 +1 @@ +../lib/functions.sh \ No newline at end of file diff --git a/squashfs-root/etc/group b/squashfs-root/etc/group new file mode 100755 index 0000000..d366851 --- /dev/null +++ b/squashfs-root/etc/group @@ -0,0 +1,10 @@ +root:x:0: +daemon:x:1: +adm:x:4: +mail:x:8: +audio:x:29: +www-data:x:33: +ftp:x:55: +users:x:100: +network:x:101: +nogroup:x:65534: diff --git a/squashfs-root/etc/hosts b/squashfs-root/etc/hosts new file mode 100755 index 0000000..f86d9a5 --- /dev/null +++ b/squashfs-root/etc/hosts @@ -0,0 +1,2 @@ +127.0.0.1 localhost +127.0.0.1 XiaoQiang diff --git a/squashfs-root/etc/hotplug.d/iface/00-netstate b/squashfs-root/etc/hotplug.d/iface/00-netstate new file mode 100644 index 0000000..c50cda6 --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/00-netstate @@ -0,0 +1,8 @@ +[ ifup = "$ACTION" ] && { + uci_toggle_state network "$INTERFACE" up 1 + uci_toggle_state network "$INTERFACE" connect_time $(sed -ne 's![^0-9].*$!!p' /proc/uptime) + [ -n "$DEVICE" ] && { + uci_toggle_state network "$INTERFACE" device "$(uci -q get network.$INTERFACE.ifname)" + uci_toggle_state network "$INTERFACE" ifname "$DEVICE" + } +} diff --git a/squashfs-root/etc/hotplug.d/iface/01-multicast b/squashfs-root/etc/hotplug.d/iface/01-multicast new file mode 100644 index 0000000..c220dc7 --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/01-multicast @@ -0,0 +1,9 @@ +#!/bin/sh + +[ ifup = "$ACTION" ] && [ "$INTERFACE" = "lan" ] && { + net_mode=$(uci -q get xiaoqiang.common.NETMODE) + if [ $net_mode == "lanapmode" ]; then + # This would forward any multicast packets to all ports allowing your TV to find your DLNA capable NAS with movies + echo "0" > /sys/devices/virtual/net/br-lan/bridge/multicast_snooping + fi +} diff --git a/squashfs-root/etc/hotplug.d/iface/20-firewall b/squashfs-root/etc/hotplug.d/iface/20-firewall new file mode 100644 index 0000000..14366fb --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/20-firewall @@ -0,0 +1,11 @@ +#!/bin/sh +logger -t "${0}-firewall[$$]" "HotPlugEvent: $ACTION of $INTERFACE ($DEVICE)" + +[ "$ACTION" = "ifup" ] || exit 0 + +/etc/init.d/firewall enabled || exit 0 + +fw3 -q network "$INTERFACE" >/dev/null || exit 0 + +logger -t firewall "HotPlugEvent: Reloading firewall due to ifup of $INTERFACE ($DEVICE)" +fw3 -q reload diff --git a/squashfs-root/etc/hotplug.d/iface/25-ddns b/squashfs-root/etc/hotplug.d/iface/25-ddns new file mode 100644 index 0000000..753334a --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/25-ddns @@ -0,0 +1,14 @@ +#!/bin/sh + +. /usr/lib/ddns/dynamic_dns_functions.sh + +if [ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" -a "$(uci get ddns.ddns.status 2>/dev/null)" = "on" ]; then + logger -t "hotplug.d" "reloading ddns" + /usr/sbin/ddnsd reload + if [ $? -eq 0 ] + then + logger -t "hotplug.d" "ddns ok" + else + logger -t "hotplug.d" "ddns failed" + fi +fi diff --git a/squashfs-root/etc/hotplug.d/iface/40-ntpd b/squashfs-root/etc/hotplug.d/iface/40-ntpd new file mode 100644 index 0000000..e4b82fe --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/40-ntpd @@ -0,0 +1,9 @@ +#!/bin/sh + +logger -p notice -t "hotplug.d" "ntpd: run because of $INTERFACE $ACTION" + +[ "$ACTION" = "ifup" ] || exit 0 + +if [ "$INTERFACE" = "wan" -o "$INTERFACE" = "lan" ]; then + /usr/sbin/ntpsetclock post once >/dev/null 2>&1 & +fi diff --git a/squashfs-root/etc/hotplug.d/iface/50-miniupnpd b/squashfs-root/etc/hotplug.d/iface/50-miniupnpd new file mode 100644 index 0000000..472b8c2 --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/50-miniupnpd @@ -0,0 +1,8 @@ +#!/bin/sh + +/etc/init.d/miniupnpd enabled && [ "$ACTION" = "ifup" ] && { + local iface + for iface in $(uci_get upnpd config internal_iface; uci_get upnpd config external_iface); do + [ "$INTERFACE" = "$iface" ] && /etc/init.d/miniupnpd restart + done +} diff --git a/squashfs-root/etc/hotplug.d/iface/60-wan b/squashfs-root/etc/hotplug.d/iface/60-wan new file mode 100755 index 0000000..c3d5a2e --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/60-wan @@ -0,0 +1,16 @@ +#!/bin/sh +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "wan" ] && { + . /lib/network/config.sh + ubus_call network.interface.wan status + json_select "route" + __idx=1 + while json_is_a "$__idx" object; do + json_select "$((__idx++))" + json_get_var target "target" + json_get_var mask "mask" + json_get_var nexthop "nexthop" + route add -net $target/$mask gw $nexthop metric 50 + json_select ".." + done +} + diff --git a/squashfs-root/etc/hotplug.d/iface/70-vpn b/squashfs-root/etc/hotplug.d/iface/70-vpn new file mode 100755 index 0000000..4036759 --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/70-vpn @@ -0,0 +1,137 @@ +#!/bin/sh + +APP_SMARTVPN="/usr/sbin/smartvpn.sh" + +vpn_debug() +{ + logger -t vpn "$1" +} + +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "lan" ] && { + . /lib/functions/network.sh + network_get_subnet subnet lan + ip route add to $(fix_subnet $subnet) dev br-lan table vpn +} + +[ "$ACTION" = "ifdown" ] && [ "$INTERFACE" = "vpn" ] && { + #if boot not finish, don't add vpn route until it finished + local bootcheck=$( cat /proc/xiaoqiang/boot_status ) + [ "$bootcheck" == "3" ] || return + + if [ -f /etc/ppp/vpndown.sh ]; then + . /etc/ppp/vpndown.sh + fi + + if [ -f $APP_SMARTVPN ]; then + vpn_debug "smartvpn off" + $APP_SMARTVPN off + fi + + vpn_debug "ip rule del table vpn." + ip rule del table vpn + + while [[ $? == 0 ]]; do + vpn_debug "ip rule retry del table vpn." + ip rule del table vpn + done + + local _nexthop=$(ubus call network.interface.wan status |jason.sh -b | awk '{if($1~/route\",0,\"nexthop/) {nexthop=$2; gsub(/^ *"|\" *$/,"", nexthop); printf("%s",nexthop); return} }' 2>/dev/null) + [ -z $_nexthop ] && return + + hasdefaultroute=$(route -n | awk -v _nexthop=$_nexthop '{if($1=="0.0.0.0" && $2==_nexthop && $5=="0") { printf("yes") ; exit;}; }' 2>/dev/null) + [ "$hasdefaultroute" != "yes" ] && { + vpn_debug "add default route gateway $_nexthop." + route add -net 0.0.0.0 netmask 0.0.0.0 gw $_nexthop metric 0 + } + + hasdefaultroute=$(route -n | awk -v _nexthop=$_nexthop '{if($1=="0.0.0.0" && $2==_nexthop && $5=="50") { printf("yes") ; exit;}; }' 2>/dev/null) + [ "$hasdefaultroute" != "yes" ] && { + vpn_debug "add default route gateway $_nexthop metric 50." + route add -net 0.0.0.0 netmask 0.0.0.0 gw $_nexthop metric 50 + } + +} + +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "vpn" ] && { + #if boot not finish, don't add vpn route until it finished + local bootcheck=$( cat /proc/xiaoqiang/boot_status ) + [ "$bootcheck" == "3" ] || return + + if [ -f /etc/ppp/vpnup.sh ]; then + . /etc/ppp/vpnup.sh + fi + . /lib/functions/network.sh + + network_get_dnsserver dnsservers vpn + for dnsserver in $dnsservers; do + vpn_debug "add $dnsserver to vpn" + ip rule add to $dnsserver table vpn + done + + network_get_dnsserver dnsservers wan + for dnsserver in $dnsservers; do + vpn_debug "add $dnsserver to vpn" + ip rule add to $dnsserver table vpn + done + + #send all traffic to vpn + wanproto=$(uci get network.wan.proto 2>/dev/null); + + wan_device=$(uci get network.wan.ifname 2>/dev/null); + [ "$wanproto" == "pppoe" ] && wan_device="pppoe-wan" + [ -z $wan_device ] && wan_device="eth0.2" + + trafficall=$(uci get network.vpn.trafficall 2>/dev/null); + vpnproto=$(uci get network.vpn.proto 2>/dev/null); + + vpn_debug "try start, proto=$vpnproto, trafficall=$trafficall, wan_device=$wan_device." + + [ "$trafficall" == "yes" -a $vpnproto != "" ] && { + local _nexthop=$(ubus call network.interface.wan status |jason.sh -b | awk '{if($1~/route\",0,\"nexthop/) {nexthop=$2; gsub(/^ *"|\" *$/,"", nexthop); printf("%s",nexthop); return} }' 2>/dev/null) + vpn_debug "send all traffic to vpn, dev $DEVICE to vpn, wan_device=$wan_device, _nexthop=$_nexthop" + + [ -z $_nexthop ] && { + vpn_debug "nexthop not exist, add default." + ip route del default dev $wan_device + ip route del default dev $wan_device metric 50 + ip route add default dev ${vpnproto}-vpn + ip route flush cache + } + + hasdefaultroute=$(route -n | awk -v _nexthop=$_nexthop '{if($1=="0.0.0.0" && $2==_nexthop && $5=="0") { printf("yes") ; exit;}; }' 2>/dev/null) + while [ "$hasdefaultroute" == "yes" ] + do + vpn_debug "remove $wan_device default route." + ip route del default dev $wan_device + hasdefaultroute=$(route -n | awk -v _nexthop=$_nexthop '{if($1=="0.0.0.0" && $2==_nexthop && $5=="0") { printf("yes") ; exit;}; }' 2>/dev/null) + done + + hasdefaultroute=$(route -n | awk -v _nexthop=$_nexthop '{if($1=="0.0.0.0" && $2==_nexthop && $5=="50") { printf("yes") ; exit;}; }' 2>/dev/null) + while [ "$hasdefaultroute" == "yes" ] + do + vpn_debug "remove $wan_device default route metric 50." + ip route del default dev $wan_device metric 50 + hasdefaultroute=$(route -n | awk -v _nexthop=$_nexthop '{if($1=="0.0.0.0" && $2==_nexthop && $5=="50") { printf("yes") ; exit;}; }' 2>/dev/null) + done + + vpn_debug "add default proto for ${vpnproto}-vpn." + ip route add default dev ${vpnproto}-vpn + ip route flush cache + return; + } + + #send all traffic to vpn except local + vpn_debug "send traffic to vpn except local, dev $DEVICE to vpn" + + ip route add to 0/0 dev $DEVICE table vpn + + network_get_subnet subnet lan + ip rule add from $(fix_subnet $subnet) table vpn + vpn_debug "add $subnet to vpn" + + if [ -f $APP_SMARTVPN ]; then + vpn_debug "smartvpn on" + $APP_SMARTVPN on + fi + +} diff --git a/squashfs-root/etc/hotplug.d/iface/77-traffic b/squashfs-root/etc/hotplug.d/iface/77-traffic new file mode 100644 index 0000000..4002c45 --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/77-traffic @@ -0,0 +1,31 @@ +#!/bin/sh +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "lan" ] && { + if [ -x /usr/sbin/ipaccount ]; then + ipaddr=$(uci get network.lan.ipaddr) + netmask=$(uci get network.lan.netmask) + /usr/sbin/ipaccount -S -n lan -N "$ipaddr/$netmask" + fi + . /lib/functions/network.sh + network_get_device ifname lan + ubus call trafficd setlan '{"dev":"'$ifname'"}' + +} + +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "guest" ] && { + if [ -x /usr/sbin/ipaccount ]; then + ipaddr=$(uci get network.guest.ipaddr) + netmask=$(uci get network.guest.netmask) + /usr/sbin/ipaccount -S -n guest -N "$ipaddr/$netmask" + fi + . /lib/functions/network.sh +} + +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "wan" ] && { + . /lib/functions/network.sh + network_get_device ifname wan + ubus call trafficd setwan '{"dev":"'$ifname'"}' +} + +[ "$ACTION" = "ifup" ] && { + /usr/sbin/ipaccount -r +} diff --git a/squashfs-root/etc/hotplug.d/iface/81-speedtest b/squashfs-root/etc/hotplug.d/iface/81-speedtest new file mode 100755 index 0000000..4e9d3aa --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/81-speedtest @@ -0,0 +1,4 @@ +#!/bin/sh +[ "$ACTION" == "ifup" ] && [ "$INTERFACE" == "wan" ] && { + /etc/init.d/auto_speedtest wan_up +} diff --git a/squashfs-root/etc/hotplug.d/iface/90-tcp_proxy b/squashfs-root/etc/hotplug.d/iface/90-tcp_proxy new file mode 100755 index 0000000..3dc4689 --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/90-tcp_proxy @@ -0,0 +1,15 @@ +#!/bin/sh + +if [ "$ACTION" = "ifup" -a "$INTERFACE" = "lan" ]; then + # for http status + if [ -f /etc/init.d/http_status_stat ]; then + /etc/init.d/http_status_stat is_enabled + if [ $? -eq 1 ]; then + logger -t "hotplug.d" "http_stat_proxy refresh_lan" + /etc/init.d/http_status_stat refresh_lan + fi + fi + + # for http url + [ -f /etc/init.d/http_url_proxy ] && [ -d /sys/module/http_url ] && /etc/init.d/http_url_proxy restart +fi diff --git a/squashfs-root/etc/hotplug.d/iface/91-securitypage b/squashfs-root/etc/hotplug.d/iface/91-securitypage new file mode 100755 index 0000000..e4c005c --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/91-securitypage @@ -0,0 +1,5 @@ +#!/bin/sh +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "wan" ] && { + /etc/init.d/securitypage restart +} + diff --git a/squashfs-root/etc/hotplug.d/iface/99-pull_rr b/squashfs-root/etc/hotplug.d/iface/99-pull_rr new file mode 100644 index 0000000..734219e --- /dev/null +++ b/squashfs-root/etc/hotplug.d/iface/99-pull_rr @@ -0,0 +1,11 @@ +#!/bin/sh + +[ "$ACTION" = "ifdown" ] && [ "$INTERFACE" = "wan" ] && { + killall trmd 2>/dev/null +} + +[ "$ACTION" = "ifup" ] && [ "$INTERFACE" = "wan" ] && { + killall trmd 2>/dev/null + sleep 2 + [ -f /usr/bin/trmd ] && /usr/bin/trmd -r 10 +} diff --git a/squashfs-root/etc/hotplug.d/ntp/01-renew_bfd_firewall b/squashfs-root/etc/hotplug.d/ntp/01-renew_bfd_firewall new file mode 100755 index 0000000..aa9914b --- /dev/null +++ b/squashfs-root/etc/hotplug.d/ntp/01-renew_bfd_firewall @@ -0,0 +1,3 @@ +#!/bin/sh + +/usr/sbin/ban_admin renew diff --git a/squashfs-root/etc/hotplug2-common.rules b/squashfs-root/etc/hotplug2-common.rules new file mode 100755 index 0000000..c284f8f --- /dev/null +++ b/squashfs-root/etc/hotplug2-common.rules @@ -0,0 +1,43 @@ + +# uncomment me to log hotplug events +# DEVPATH is set { +# exec logger -s -t hotplug -p daemon.info "name=%DEVNAME%, path=%DEVPATH%" +# } + +$include /etc/hotplug2-platform.rules + +DEVNAME ~~ (^null$|^full$|^ptmx$|^zero$|^gpio|^hvc) { + makedev /dev/%DEVNAME% 0666 + next-event +} + +DEVNAME == mapper/control { + makedev /dev/%DEVNAME% 0600 + next-event +} + +ACTION == add, DEVPATH is set { + makedev /dev/%DEVNAME% 0644 +} + +ACTION == add, DEVPATH is set, DEVNAME ~~ ^tty { + chmod 0666 /dev/%DEVNAME% +} + +ACTION == add, DEVPATH is set, DEVNAME ~~ ^ppp { + chmod 0600 /dev/%DEVNAME% +} + +ACTION == remove, DEVPATH is set, MAJOR is set, MINOR is set { + remove /dev/%DEVNAME% +} + +FIRMWARE is set, ACTION == add { + exec /sbin/hotplug-call firmware + load-firmware /lib/firmware + next-event +} + +SUBSYSTEM == platform { + exec /sbin/hotplug-call %SUBSYSTEM% +} diff --git a/squashfs-root/etc/hotplug2-init.rules b/squashfs-root/etc/hotplug2-init.rules new file mode 100755 index 0000000..f011697 --- /dev/null +++ b/squashfs-root/etc/hotplug2-init.rules @@ -0,0 +1,5 @@ +$include /etc/hotplug2-common.rules + +SUBSYSTEM == button { + exec kill -USR1 1 +} diff --git a/squashfs-root/etc/hotplug2.rules b/squashfs-root/etc/hotplug2.rules new file mode 100644 index 0000000..72c68c3 --- /dev/null +++ b/squashfs-root/etc/hotplug2.rules @@ -0,0 +1,7 @@ +$include /etc/hotplug2-common.rules + +SUBSYSTEM ~~ (^net$|^input$|^button$|^usb$|^ieee1394$|^block$|^atm$|^zaptel$|^tty$) { + exec /sbin/hotplug-call %SUBSYSTEM% +} + + diff --git a/squashfs-root/etc/init.d/auto_speedtest b/squashfs-root/etc/init.d/auto_speedtest new file mode 100755 index 0000000..8ab6946 --- /dev/null +++ b/squashfs-root/etc/init.d/auto_speedtest @@ -0,0 +1,122 @@ +#!/bin/sh /etc/rc.common + +START=99 + +EXTRA_COMMANDS=" on off wan_up status next_time start stop set_userband debug_on debug_off do_speedtest" +EXTRA_HELP=" + on Turn on Auto speed test service + off Turn off Auto speed test service + wan_up Send wan up messgage + status Show status + next_time Set next time to do speed test + set_userband Set user config band + start Start service + stop Stop service + debug_on Debug on + debug_off Debug off + do_speedtest Do speed test immediately + -------------------------------------------------" + +VERSION="__UNDEFINED__" + +if [ "$VERSION" == "OVERSEA" ]; then + EXECMD="/usr/sbin/auto_speedtestd oversea" +else + EXECMD="/usr/sbin/auto_speedtestd" +fi + +EXECMD_C="/usr/sbin/speedtest_cmd" +export PROCLINE="/usr/bin/lua $EXECMD" +export PROCFLAG=$PROCLINE + +#0,ok; non-0, Nok +start() { + #check NETMODE 1stly + local mode + mode=`uci get xiaoqiang.common.NETMODE 2>/dev/null` + if [ "$mode" == "wifiapmode" -o "$mode" == "lanapmode" ]; then + echo "In AP mode, disable auto speed test. exit!" + return 0 + fi + + #check config file + mode=`uci get ab.settings.enabled 2>/dev/null` + if [ $mode -eq "0" ]; then + echo "ab config enabled not setted, exit!" + return 0 + fi + /usr/sbin/supervisord start + return 0 +} + +restart(){ + stop &>/dev/null + start &>/dev/null + return $? +} + +on(){ + uci set ab.settings.enabled=1 + uci commit ab + + start +} + +stop(){ + running + if [ $? == 1 ]; then + echo "auto speed service is not running. just exit." + return 0 + fi + + $EXECMD_C stop + /usr/sbin/supervisord stop + return 0 +} + +off(){ + stop + uci set ab.settings.enabled=0 + uci commit ab + return 0 +} + +running(){ + /usr/sbin/supervisord status + if [ $? == 1 ]; then + return 1 + fi + return 0 +} + +wan_up(){ + $EXECMD_C wan_up $@ +} + +wan_down(){ + $EXECMD_C wan_down $@ +} + +status(){ + $EXECMD_C status $@ +} + +next_time(){ + $EXECMD_C next_time $@ +} + +set_userband(){ + $EXECMD_C set_userband $@ +} + +debug_on(){ + $EXECMD_C debug_on $@ +} + +debug_off(){ + $EXECMD_C debug_off $@ +} + +do_speedtest(){ + $EXECMD_C do_speedtest $@ +} diff --git a/squashfs-root/etc/init.d/boot b/squashfs-root/etc/init.d/boot new file mode 100755 index 0000000..7e116fe --- /dev/null +++ b/squashfs-root/etc/init.d/boot @@ -0,0 +1,138 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=10 +STOP=98 + +applog(){ + msg="$@" + test -z "$msg" && return 0 + test -z "$APPLOGTAG" && APPLOGTAG="init.d/boot" + /usr/bin/logger -t "${APPLOGTAG}[${$}]" "$msg" + DATE="`date`" + echo "$DATE ${APPLOGTAG}[${$}]: $msg" >> /dev/console 2>/dev/null + return 0 +} +pipelog(){ + local oneline + while read oneline + do + applog "$oneline" + done +} +# +system_config() { + local cfg="$1" + + local hostname conloglevel timezone + + config_get hostname "$cfg" hostname 'OpenWrt' + echo "$hostname" > /proc/sys/kernel/hostname + + config_get conloglevel "$cfg" conloglevel + config_get buffersize "$cfg" buffersize + [ -z "$conloglevel" -a -z "$buffersize" ] || dmesg ${conloglevel:+-n $conloglevel} ${buffersize:+-s $buffersize} + + config_get timezone "$cfg" timezone 'UTC' + echo "$timezone" > /tmp/TZ + + config_get zonename "$cfg" zonename + [ -n "$zonename" ] && [ -f "/usr/share/zoneinfo/$zonename" ] && ln -s "/usr/share/zoneinfo/$zonename" /tmp/localtime + + # apply timezone to kernel + date -k + #squashfs run busybox's syslogd + boot_type="$(nvram get flag_boot_type 2>/dev/null)" + if [ -z "$boot_type" -a "$(uname -m)" = 'mips' ] + then + #mtk7620 hack + boot_type='2' + fi + if [ "$boot_type" = "2" ]; then + if [ -x /sbin/syslogd ]; then + local args log_ip log_size log_port log_type log_file log_rotate + config_get log_ip "$cfg" log_ip + config_get log_size "$cfg" log_size 16 + config_get log_port "$cfg" log_port 514 + config_get log_type "$cfg" log_type circular + config_get log_file "$cfg" log_file "/data/usr/log/messages" + config_get log_rotate "$cfg" log_rotate "1" + args="${log_ip:+-L -R ${log_ip}:${log_port}} ${conloglevel:+-l $conloglevel}" + if [ "$log_type" = "file" ]; then + mkdir -p "$(dirname $log_file)" 2>/dev/null && touch $log_file || echo "ERROR: create syslog file failed +: $log_file" + args="$args -s $log_size -O $log_file -S -b $log_rotate" + else + args="$args -C${log_size}" + fi + service_start /sbin/syslogd $args + fi + if [ -x /sbin/klogd ]; then + config_get klogconloglevel "$cfg" klogconloglevel + args="${klogconloglevel:+-c $klogconloglevel}" + service_start /sbin/klogd $args + fi + fi +} + +apply_uci_config() { + sh -c '. /lib/functions.sh; include /lib/config; uci_apply_defaults' +} + +start() { + [ -f /proc/mounts ] || /sbin/mount_root + [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc + [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD + + mkdir -p /var/run + mkdir -p /var/log + mkdir -p /var/lock + mkdir -p /var/state + mkdir -p /tmp/.uci + chmod 0700 /tmp/.uci + touch /var/log/wtmp + touch /var/log/lastlog + touch /tmp/resolv.conf.auto + ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf + grep -q debugfs /proc/filesystems && mount -t debugfs debugfs /sys/kernel/debug + [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe + + echo "S10boot-check-2" >> /tmp/messages + load_modules /etc/modules.d/* + + echo "S10boot-check-3" >> /tmp/messages + [ ! -f /etc/config/wireless -o -z /etc/config/wireless ] && { + rm -f /etc/config/wireless + /sbin/wifi detect > /tmp/wireless.tmp + + [ -s /tmp/wireless.tmp ] && { + cat /tmp/wireless.tmp > /etc/config/wireless + } + rm -f /tmp/wireless.tmp + } + + apply_uci_config + config_load system + config_foreach system_config system + + echo "S10boot-check-4" >> /tmp/messages + killall -q hotplug2 + [ -x /sbin/hotplug2 ] && /sbin/hotplug2 --override --persistent \ + --set-rules-file /etc/hotplug2.rules \ + --set-coldplug-cmd /sbin/udevtrigger \ + --max-children 1 >/dev/null 2>&1 & + + echo "S10boot-check-5" >> /tmp/messages + # create /dev/root if it doesn't exist + [ -e /dev/root -o -h /dev/root ] || { + rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) + [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root + } + return 0 +} + +stop() { + [ -x /sbin/klogd ] && service_stop /sbin/klogd + [ -x /sbin/syslogd ] && service_stop /sbin/syslogd + killall -q hotplug2 +} diff --git a/squashfs-root/etc/init.d/cgroup_init b/squashfs-root/etc/init.d/cgroup_init new file mode 100755 index 0000000..07437c9 --- /dev/null +++ b/squashfs-root/etc/init.d/cgroup_init @@ -0,0 +1,72 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=03 + +#memory group 1. limit to 150MB +create_mem_group() { + #exit if memory of cgroups is not enabled + memory_flag=`grep memory /proc/cgroups 2>/dev/null` + if [ -z "$memory_flag" ]; then + return 0 + fi + + memgrp_en=`uci get misc.cgroup.memgrp1_en 2>/dev/null` + [ "$memgrp_en" = "1" ] || return 0 + + memgrp_limit=`uci get misc.cgroup.memgrp1_limit 2>/dev/null` + mkdir -p /dev/cgroup/mem + mount -t cgroup none -o memory /dev/cgroup/mem + + mkdir -p /dev/cgroup/mem/group1 + cd /dev/cgroup/mem/group1 + + echo "$memgrp_limit" > memory.limit_in_bytes + echo "$memgrp_limit" > memory.soft_limit_in_bytes + echo 10 > memory.swappiness +} + +#net_cls, only for local networking INPUT/OUTPUT +#limited group/unlimited group +create_net_group() { + #sure net_cls module loaded + #insmod cls_cgroup 2>/dev/null + + #exit if net_cls of cgroups is not enabled + net_cls_flag=`grep net_cls /proc/cgroups 2>/dev/null` + if [ -z "$net_cls_flag" ]; then + return 0 + fi + + # cgroups for net_cls # + mkdir -p /dev/cgroup/net_cls + mount -t cgroup none -o net_cls /dev/cgroup/net_cls + + # unlimit class # + mkdir -p /dev/cgroup/net_cls/unlimited + echo 0x00010000 > /dev/cgroup/net_cls/unlimited/net_cls.classid + + # limited class # + mkdir -p /dev/cgroup/net_cls/limited + echo 0x00050000 > /dev/cgroup/net_cls/limited/net_cls.classid +} + + +start() { + + #check cgroup enabled or not 1stly + cgroup_flag=`grep cgroup /proc/filesystems 2>/dev/null` + if [ -z "$cgroup_flag" ]; then + return 0 + fi + + mkdir -p /dev/cgroup + + create_mem_group + + create_net_group + + return 0 +} + + diff --git a/squashfs-root/etc/init.d/coredump b/squashfs-root/etc/init.d/coredump new file mode 100755 index 0000000..b54e13a --- /dev/null +++ b/squashfs-root/etc/init.d/coredump @@ -0,0 +1,23 @@ +#!/bin/sh /etc/rc.common + +START=70 +STOP=01 + +start() { + [ -e /proc/sys/kernel/core_pattern -a -e /usr/bin/coredump.sh ] && { + echo "|/bin/ash /usr/bin/coredump.sh %p %s %e %c" > /proc/sys/kernel/core_pattern + } + echo 1 > /proc/sys/kernel/print-fatal-signals + return 0 +} + +stop() { + touch /tmp/skip_core + return 0 +} + +demo() { + ulimit -c unlimited + /bin/sleep 100 & + kill -SIGSEGV %% +} diff --git a/squashfs-root/etc/init.d/cron b/squashfs-root/etc/init.d/cron new file mode 100755 index 0000000..ccc20ba --- /dev/null +++ b/squashfs-root/etc/init.d/cron @@ -0,0 +1,19 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=50 +STOP=50 + +SERVICE_USE_PID=1 + +start () { + loglevel=$(uci_get "system.@system[0].cronloglevel") + [ -z "$(ls /etc/crontabs/)" ] && exit 1 + mkdir -p /var/spool/cron + ln -s /etc/crontabs /var/spool/cron/ 2>/dev/null + service_start /usr/sbin/crond -c /etc/crontabs -l ${loglevel:-5} +} + +stop() { + service_stop /usr/sbin/crond +} diff --git a/squashfs-root/etc/init.d/datacenter b/squashfs-root/etc/init.d/datacenter new file mode 100755 index 0000000..7fe21bb --- /dev/null +++ b/squashfs-root/etc/init.d/datacenter @@ -0,0 +1,34 @@ +#!/bin/sh /etc/rc.common + +START=99 +STOP=20 + +#export command line for /usr/sbin/supervisord +export PROCLINE="/usr/sbin/datacenter" + +start() { + /usr/sbin/supervisord start + return $? +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + /usr/sbin/supervisord stop + return $? +} + +status() { + /usr/sbin/supervisord status + return $? +} diff --git a/squashfs-root/etc/init.d/dnsmasq b/squashfs-root/etc/init.d/dnsmasq new file mode 100755 index 0000000..054d997 --- /dev/null +++ b/squashfs-root/etc/init.d/dnsmasq @@ -0,0 +1,255 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2007-2012 OpenWrt.org +# patch by yinjiajin@xiaomi.com, use conf-dir + +START=48 +STOP=60 # stop dnsmasq to ensure it will not miss up LAN + +SERVICE_USE_PID=1 + +DNS_SERVERS="" +DOMAIN="" + +ADD_LOCAL_DOMAIN=1 +ADD_LOCAL_HOSTNAME=1 + +CONFIGFILE="/var/etc/dnsmasq.conf" + +EXECMD="/usr/sbin/dnsmasq --user=root -C ${CONFIGFILE}" +export OOM_FLAG=0 + +. /lib/dnsmasq/gen_config_from_uci + +start() { + local LOCKFILE=/var/lock/dnsmasq_init.lock + trap "lock -u ${LOCKFILE}; return 0" EXIT HUP INT QUIT PIPE TERM + lock $LOCKFILE + include /lib/network + scan_interfaces + + local lanipaddr + config_load network + config_get lanipaddr lan ipaddr '192.168.31.1' + + config_load dhcp + + # before we can call xappend + mkdir -p $(dirname $CONFIGFILE) + + echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE + mkdir -p /etc/dnsmasq.d/ + if [ $? -ne 0 ] + then + conlog "ERROR: mkdir -p /etc/dnsmasq.d/ failed." + exit 1 + fi + [ -d /tmp/etc ] || mkdir -p /tmp/etc/ + cp -a /etc/dnsmasq.d /tmp/etc/ 2>/dev/null && logger -t dnsmasq "sync /etc/dnsmasq.d to /tmp/etc/" + if [ $? -ne 0 ] + then + logger -t dnsmasq "INFO: --config-dir=/etc/dnsmasq.d/" + xappend "--conf-dir=/etc/dnsmasq.d/" + else + logger -t dnsmasq "INFO: --config-dir=/tmp/etc/dnsmasq.d/" + xappend "--conf-dir=/tmp/etc/dnsmasq.d/" + fi + #disabled legacy config file /etc/dnsmasq.conf + needclean=$(cat /etc/dnsmasq.conf 2>/dev/null | grep -v '^#' | grep -cv '^$') + if [ $needclean -ne 0 ] + then + logger -t dnsmasq "WARNING: diable legacy config /etc/dnsmasq.conf, backup to /etc/dnsmasq.conf.disabled.$$" + cat /etc/dnsmasq.conf > /etc/dnsmasq.conf.disabled.$$ + rm -f /overlay/etc/dnsmasq.conf + fi + # + #log ignored noexist link file + filelist=`ls /etc/dnsmasq.d/` + for onefile in $filelist + do + if [ ! -f "/etc/dnsmasq.d/$onefile" ] + then + #it is ignored by dnsmasq code + #rm -f "/etc/dnsmasq.d/$onefile" + logger -t dnsmasq "no-exist file, ignored: /etc/dnsmasq.d/$onefile" + fi + done + # + #a flag for dnsmasq status detecting + #address=/workforme.stat.localdomain/127.0.0.1 + xappend "--address=/workforme.stat.localdomain/127.0.0.1" + # + #setup router domain + + # + #xappend "--address=/miwifi.com/$lanipaddr" + # + mkdir -p /tmp/hosts/ && echo "${lanipaddr} miwifi.com" > /tmp/hosts/miwifi.com && \ + echo "${lanipaddr} www.miwifi.com" > /tmp/hosts/www.miwifi.com + if [ $? -ne 0 ] + then + logger -t dnsmasq "ERROR: save ${lanipaddr} miwifi.com to /tmp/hosts/miwifi.com failed." + fi + myhostname="$(uci get system.@system[0].hostname 2>/dev/null)" + if [ -z "$myhostname" ] + then + logger -t dnsmasq "ERROR: hostname no found: $(uci get system.@system[0].hostname 2>&1)" + else + mkdir -p /tmp/hosts/ && echo "${lanipaddr} ${myhostname}" > /tmp/hosts/${myhostname} + if [ $? -ne 0 ] + then + #domainneeded + logger -t dnsmasq "ERROR: save ${lanipaddr} ${myhostname} to /tmp/hosts/${myhostname} failed." + fi + fi + mydomain="$(uci get dhcp.@dnsmasq[0].domain 2>/dev/null)" + test -z "$mydomain" && mydomain='lan' + if [ -n "$mydomain" -a -n "$myhostname" ] + then + staticfqdn="${myhostname}.${mydomain}" + mkdir -p /tmp/hosts/ && echo "${lanipaddr} ${staticfqdn}" > /tmp/hosts/${staticfqdn} + if [ $? -ne 0 ] + then + #domainneeded + logger -t dnsmasq "ERROR: save ${lanipaddr} ${staticfqdn} to /tmp/hosts/${staticfqdn} failed." + fi + staticfqdn="miwifi.com.${mydomain}" + mkdir -p /tmp/hosts/ && echo "${lanipaddr} ${staticfqdn}" > /tmp/hosts/${staticfqdn} + if [ $? -ne 0 ] + then + #domainneeded + logger -t dnsmasq "ERROR: save ${lanipaddr} ${staticfqdn} to /tmp/hosts/${staticfqdn} failed." + fi + staticfqdn="www.miwifi.com.${mydomain}" + mkdir -p /tmp/hosts/ && echo "${lanipaddr} ${staticfqdn}" > /tmp/hosts/${staticfqdn} + if [ $? -ne 0 ] + then + #domainneeded + logger -t dnsmasq "ERROR: save ${lanipaddr} ${staticfqdn} to /tmp/hosts/${staticfqdn} failed." + fi + fi + + #clear cache onreload, set in /etc/config/dhcp + #xappend "--clear-on-reload" + + args="" + config_foreach dnsmasq dnsmasq + config_foreach dhcp_host_add host + echo >> $CONFIGFILE + config_foreach dhcp_boot_add boot + config_foreach dhcp_mac_add mac + config_foreach dhcp_tag_add tag + config_foreach dhcp_vendorclass_add vendorclass + config_foreach dhcp_userclass_add userclass + config_foreach dhcp_circuitid_add circuitid + config_foreach dhcp_remoteid_add remoteid + config_foreach dhcp_subscrid_add subscrid + config_foreach dhcp_domain_add domain + echo >> $CONFIGFILE + config_foreach dhcp_srv_add srvhost + config_foreach dhcp_mx_add mxhost + echo >> $CONFIGFILE + config_foreach dhcp_add dhcp + echo >> $CONFIGFILE + config_foreach dhcp_cname_add cname + echo >> $CONFIGFILE + + # add own hostname + [ $ADD_LOCAL_HOSTNAME -eq 1 ] && [ -n "$lanipaddr" ] && { + local hostname="$(uci_get system.@system[0].hostname)" + dhcp_domain_add "" "${hostname:-OpenWrt}" "$lanipaddr" + } + remote_resolv=0 + DEVINITMARK="$(uci get xiaoqiang.common.INITTED 2>/dev/null)" + if [ "${DEVINITMARK}" != 'YES' ] + then + remote_resolv=1 + # ${lanipaddr} + logger -t dnsmasq "WARNING: " + logger -t dnsmasq "WARNING: all domain resolv to ${lanipaddr} for router has not initialed." + logger -t dnsmasq "WARNING: " + xappend "--address=/#/${lanipaddr}" + #max-ttl=30 + sed -i -e '/max-ttl=/d' $CONFIGFILE && echo 'max-ttl=0' >> $CONFIGFILE + if [ $? -ne 0 ] + then + logger -t dnsmasq "WARNING: set max-ttl=5 failed." + fi + #resolv-file= + echo '#dummy resolv file for device no initialed' > /tmp/resolv.conf.dummy && sed -i -e '/resolv-file=/d' $CONFIGFILE && echo 'resolv-file=/tmp/resolv.conf.dummy' >> $CONFIGFILE + if [ $? -ne 0 ] + then + logger -t dnsmasq "WARNING: resolv-file=/tmp/resolv.conf.dummy failed." + fi + fi + + #here need check if ipv6 feature is ON or OFF + local ipv6flag=`uci get -q ipv6.settings.enabled` + [ "$ipv6flag" != "1" ] || { + #support ipv6 address assign with dnsmasq. + #here must notice that prefix must equal to 64 + xappend "--enable-ra" + xappend "--dhcp-range=::,constructor:*,ra-stateless,64" + } + + # + #ignored wan nic for pppoe + # + wannic=$(uci get network.wan.ifname 2>/dev/null) + if [ -n "$wannic" ] + then + grep -q "no-dhcp-interface=$wannic" $CONFIGFILE + if [ $? -ne 0 ] + then + xappend "--no-dhcp-interface=$wannic" + fi + fi + # ensure /tmp/state can be written by nobody + mkdir -p /tmp/state/ + chmod o+w /tmp/state/ + loader="/var/etc/dnsmasq_loader" + # a help loader + cat > $loader <> /tmp/resolv.conf + } + DNS_SERVERS="$DNS_SERVERS 127.0.0.1" + for DNS_SERVER in $DNS_SERVERS ; do + echo "nameserver $DNS_SERVER" >> /tmp/resolv.conf + done + fi + if [ -f /etc/ethers ] + then + logger -t dnsmasq "INFO: loading IP-MAC binding from /etc/ethers" + cat /etc/ethers | logger -t dnsmasq + /usr/bin/arp -f 2>&1 | logger -t dnsmasq + if [ $? -ne 0 ] + then + logger -t dnsmasq "WARNING: load IP-MAC binding from /etc/ethers failed." + fi + fi + return 0 +} + +stop() { + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXECMD}" + # dnsmasq will fork itself. + export PROCNUM='2' + /usr/sbin/supervisord stop && { + [ -f /tmp/resolv.conf ] && { + rm -f /tmp/resolv.conf + ln -s /tmp/resolv.conf.auto /tmp/resolv.conf + } + } + +} diff --git a/squashfs-root/etc/init.d/done b/squashfs-root/etc/init.d/done new file mode 100755 index 0000000..8f4d58d --- /dev/null +++ b/squashfs-root/etc/init.d/done @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006 OpenWrt.org + +START=95 + +boot() { + [ -d /tmp/root ] && { + lock /tmp/.switch2jffs + firstboot switch2jffs + lock -u /tmp/.switch2jffs + } + + # process user commands + [ -f /etc/rc.local ] && { + sh /etc/rc.local + } +} diff --git a/squashfs-root/etc/init.d/dropbear b/squashfs-root/etc/init.d/dropbear new file mode 100755 index 0000000..041a259 --- /dev/null +++ b/squashfs-root/etc/init.d/dropbear @@ -0,0 +1,198 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2006 Carlos Sobrinho + +START=50 +STOP=50 + +SERVICE_USE_PID=1 + +NAME=dropbear +PROG=/usr/sbin/dropbear +PIDCOUNT=0 +EXTRA_COMMANDS="killclients" +EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself" + +dropbear_start() +{ + append_ports() + { + local ifname="$1" + local port="$2" + + grep -qs "^ *$ifname:" /proc/net/dev || { + append args "-p $port" + return + } + + for addr in $( + ifconfig "$ifname" | sed -ne ' + /addr: *fe[89ab][0-9a-f]:/d + s/.* addr: *\([0-9a-f:\.]*\).*/\1/p + ' + ); do + append args "-p $addr:$port" + done + } + + + local section="$1" + + # check if section is enabled (default) + local enabled + config_get_bool enabled "${section}" enable 1 + [ "${enabled}" -eq 0 ] && return 1 + + # verbose parameter + local verbosed + config_get_bool verbosed "${section}" verbose 0 + + # increase pid file count to handle multiple instances correctly + PIDCOUNT="$(( ${PIDCOUNT} + 1))" + + # prepare parameters (initialise with pid file) + local pid_file="/var/run/${NAME}.${PIDCOUNT}.pid" + local args="-P $pid_file" + local val + # A) password authentication + config_get_bool val "${section}" PasswordAuth 1 + [ "${val}" -eq 0 ] && append args "-s" + # B) listen interface and port + local port + local interface + config_get interface "${section}" Interface + config_get interface "${interface}" ifname "$interface" + config_get port "${section}" Port 22 + append_ports "$interface" "$port" + # C) banner file + config_get val "${section}" BannerFile + [ -f "${val}" ] && append args "-b ${val}" + # D) gatewayports + config_get_bool val "${section}" GatewayPorts 0 + [ "${val}" -eq 1 ] && append args "-a" + # E) root password authentication + config_get_bool val "${section}" RootPasswordAuth 1 + [ "${val}" -eq 0 ] && append args "-g" + # F) root login + config_get_bool val "${section}" RootLogin 1 + [ "${val}" -eq 0 ] && append args "-w" + # G) host keys + config_get val "${section}" rsakeyfile + [ -f "${val}" ] && append args "-r ${val}" + config_get val "${section}" dsskeyfile + [ -f "${val}" ] && append args "-d ${val}" + + # execute program and return its exit code + [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}" + SERVICE_PID_FILE="$pid_file" service_start ${PROG} ${args} +} + +keygen() +{ + for keytype in rsa dss; do + # check for keys + key=dropbear/dropbear_${keytype}_host_key + [ -f /tmp/$key -o -s /etc/$key ] || { + # generate missing keys + mkdir -p /tmp/dropbear + [ -x /usr/bin/dropbearkey ] && { + /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start + } & + exit 0 + } + done + + lock /tmp/.switch2jffs + mkdir -p /etc/dropbear + mv /tmp/dropbear/dropbear_* /etc/dropbear/ + lock -u /tmp/.switch2jffs + chown root /etc/dropbear + chmod 0700 /etc/dropbear +} + +start() +{ + # 稳定版不能打开ssh服务 + flg_ssh=`nvram get ssh_en` + channel=`/sbin/uci get /usr/share/xiaoqiang/xiaoqiang_version.version.CHANNEL` + if [ "$flg_ssh" != "1" -o "$channel" = "release" ]; then + return 0 + fi + + [ -s /etc/dropbear/dropbear_rsa_host_key -a \ + -s /etc/dropbear/dropbear_dss_host_key ] || keygen + + include /lib/network + scan_interfaces + config_load "${NAME}" + config_foreach dropbear_start dropbear +} + +stop() +{ + local pid_file pid_files + + pid_files=`ls /var/run/${NAME}.*.pid 2>/dev/null` + + [ -z "$pid_files" ] && return 1 + + for pid_file in $pid_files; do + SERVICE_PID_FILE="$pid_file" service_stop ${PROG} && { + rm -f ${pid_file} + } + done +} + +killclients() +{ + local ignore='' + local server + local pid + + # if this script is run from inside a client session, then ignore that session + pid="$$" + while [ "${pid}" -ne 0 ] + do + # get parent process id + pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"` + [ "${pid}" -eq 0 ] && break + + # check if client connection + grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" && { + append ignore "${pid}" + break + } + done + + # get all server pids that should be ignored + for server in `cat /var/run/${NAME}.*.pid` + do + append ignore "${server}" + done + + # get all running pids and kill client connections + local skip + for pid in `pidof "${NAME}"` + do + # check if correct program, otherwise process next pid + grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" || { + continue + } + + # check if pid should be ignored (servers, ourself) + skip=0 + for server in ${ignore} + do + if [ "${pid}" == "${server}" ] + then + skip=1 + break + fi + done + [ "${skip}" -ne 0 ] && continue + + # kill process + echo "${initscript}: Killing ${pid}..." + kill -KILL ${pid} + done +} diff --git a/squashfs-root/etc/init.d/firewall b/squashfs-root/etc/init.d/firewall new file mode 100755 index 0000000..ea18ec9 --- /dev/null +++ b/squashfs-root/etc/init.d/firewall @@ -0,0 +1,26 @@ +#!/bin/sh /etc/rc.common + +START=19 + +boot() { + # Be silent on boot, firewall might be started by hotplug already, + # so don't complain in syslog. + fw3 -q start || true +} + +start() { + fw3 start + /usr/sbin/firewall.webinitrdr start +} + +stop() { + fw3 flush +} + +restart() { + fw3 restart +} + +reload() { + fw3 reload +} diff --git a/squashfs-root/etc/init.d/http_apk_proxy b/squashfs-root/etc/init.d/http_apk_proxy new file mode 100755 index 0000000..3c76852 --- /dev/null +++ b/squashfs-root/etc/init.d/http_apk_proxy @@ -0,0 +1,69 @@ +#!/bin/sh /etc/rc.common + +START=99 + +set_switch_on="uci set http_apk_proxy.settings.enabled=1" +set_switch_off="uci set http_apk_proxy.settings.enabled=0" +set_switch_commit="uci commit http_apk_proxy" +HTTP_APK_PROXY_SH="/usr/sbin/http_apk_proxy.sh" + +export EXTRA_COMMANDS=" on off log_stat reload_iptable_rule" +export EXTRA_HELP=" on Switch to the start state and start + off Switch to the stop state and stop + log_stat log statistics + reload_iptable_rule reload iptable rule" + +log_stat() { + apk_stat_file="/proc/http_apk/apk_stat" + if [ -f $apk_stat_file ]; then + line=`cat $apk_stat_file` + v1=`echo $line | awk -F "," '{print $1}' | awk -F ":" '{print $2}'` + v2=`echo $line | awk -F "," '{print $2}' | awk -F ":" '{print $2}'` + v3=`echo $line | awk -F "," '{print $3}' | awk -F ":" '{print $2}'` + v4=`echo $line | awk -F "," '{print $4}' | awk -F ":" '{print $2}'` + v5=`echo $line | awk -F "," '{print $5}' | awk -F ":" '{print $2}'` + logger stat_points_privacy http_apk_stat_plus=$v1,$v2,$v3,$v4,$v5 + echo "0" > $apk_stat_file + fi +} + +reload_iptable_rule() { + switch=`uci get http_apk_proxy.settings.enabled -q` + if [ $switch -ne "1" ]; then + #if not enabled, just exit + return 0 + fi + $HTTP_APK_PROXY_SH reload_iptable_rule +} + +start() { + switch=`uci get http_apk_proxy.settings.enabled -q` + if [ $switch -ne "1" ]; then + #if not enabled, just exit + return 0 + fi + + $HTTP_APK_PROXY_SH on + return 0 +} + +stop() { + $HTTP_APK_PROXY_SH off + return 0 +} + +off() { + $set_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + stop + return $? +} + +on() { + $set_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + + start + return $? +} + diff --git a/squashfs-root/etc/init.d/http_client_detect b/squashfs-root/etc/init.d/http_client_detect new file mode 100755 index 0000000..13e2634 --- /dev/null +++ b/squashfs-root/etc/init.d/http_client_detect @@ -0,0 +1,93 @@ +#!/bin/sh /etc/rc.common + +START=99 + +set_switch_on="uci set http_client_detect.settings.enabled=1" +set_switch_off="uci set http_client_detect.settings.enabled=0" +set_switch_commit="uci commit http_client_detect" +APP_CTF_MGR="/usr/sbin/ctf_manger.sh" +service_name="http_client_detect" +fastpath="" + +export EXTRA_COMMANDS=" on off " +export EXTRA_HELP=" on Switch to the start state and start + off Switch to the stop state and stop" + +create_ctf_mgr_entry() +{ + uci -q batch < /dev/null +set ctf_mgr.$service_name=service +set ctf_mgr.$service_name.http_switch=off +commit ctf_mgr +EOF +} + +start() { + switch=`uci get http_client_detect.settings.enabled -q` + if [ $switch -ne "1" ]; then + #if not enabled, just exit + return 0 + fi + + fastpath=`uci get misc.http_proxy.fastpath -q` + [ -z $fastpath ] && return 0 + + if [ $fastpath == "ctf" ]; then + if [ -f $APP_CTF_MGR ]; then + is_exist=`uci get ctf_mgr.$service_name -q` + if [ $? -eq "1" ]; then + create_ctf_mgr_entry + fi + $APP_CTF_MGR $service_name http on + fi + elif [ $fastpath == "hwnat" ]; then + echo "http client detect: can work with hw_nat." + else + echo "http client detect: unknown fastpath! Treat as std!" + fi + insmod nf_conn_ext_http >/dev/null 2>&1 + insmod nf_tcp_proxy >/dev/null 2>&1 + # ensure start switch + echo "1" > /proc/sys/net/ipv4/tcp_proxy_switch + insmod http_identify >/dev/null 2>&1 + #avoid to hold start procedure, use nohup + /usr/sbin/http_dpi >/dev/null 2>&1 & + + return 0 +} + +stop() { + killall http_dpi >/dev/null 2>&1 + rmmod http_identify >/dev/null 2>&1 + rmmod nf_tcp_proxy >/dev/null 2>&1 + + fastpath=`uci get misc.http_proxy.fastpath -q` + [ -z $fastpath ] && return 0 + + if [ $fastpath == "ctf" ]; then + if [ -f $APP_CTF_MGR ]; then + $APP_CTF_MGR $service_name http off + fi + elif [ $fastpath == "hwnat" ]; then + echo "http client detect stopped." + else + echo "http client detect: unknown fastpath! Treat as std!" + fi + return 0 +} + +off() { + $set_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + stop + return $? +} + +on() { + $set_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + + start + return $? +} + diff --git a/squashfs-root/etc/init.d/http_content_mark b/squashfs-root/etc/init.d/http_content_mark new file mode 100755 index 0000000..423ff29 --- /dev/null +++ b/squashfs-root/etc/init.d/http_content_mark @@ -0,0 +1,44 @@ +#!/bin/sh /etc/rc.common + +START=99 + +set_switch_on="uci set http_content_mark.settings.enabled=1" +set_switch_off="uci set http_content_mark.settings.enabled=0" +set_switch_commit="uci commit http_content_mark" +HTTP_MARK_SH="/usr/sbin/http_content_type_mark.sh" + +export EXTRA_COMMANDS=" on off " +export EXTRA_HELP=" on Switch to the start state and start + off Switch to the stop state and stop" + +start() { + switch=`uci get http_content_mark.settings.enabled -q` + if [ $switch -ne "1" ]; then + #if not enabled, just exit + return 0 + fi + + $HTTP_MARK_SH on + return 0 +} + +stop() { + $HTTP_MARK_SH off + return 0 +} + +off() { + $set_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + stop + return $? +} + +on() { + $set_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + + start + return $? +} + diff --git a/squashfs-root/etc/init.d/http_status_stat b/squashfs-root/etc/init.d/http_status_stat new file mode 100755 index 0000000..6cda3e8 --- /dev/null +++ b/squashfs-root/etc/init.d/http_status_stat @@ -0,0 +1,115 @@ +#!/bin/sh /etc/rc.common + +START=99 + +CFG_PATH="/proc/sys/net/ipv4/tcp_proxy_action" +SWITCH_PATH="/proc/sys/net/ipv4/tcp_proxy_switch" +set_switch_on="uci set http_status_stat.settings.enabled=1" +set_switch_off="uci set http_status_stat.settings.enabled=0" +set_switch_commit="uci commit http_status_stat" +restart_dnsmasq='/etc/init.d/dnsmasq restart' +LIP=`uci get network.lan.ipaddr 2>/dev/null` +LMASK=`uci get network.lan.netmask 2>/dev/null` +REFERER_STR="miwifi.com" +REFERER_PATH="/proc/http_conn/referer" +PROXY_PORT=8191 +fastpath="" + +APP_CTF_MGR="/usr/sbin/ctf_manger.sh" +export EXTRA_COMMANDS=" on off refresh_lan is_enabled" +export EXTRA_HELP=" on Switch to the start state and start + off Switch to the stop state and stop + is_enabled is http status proxy enabled + refresh_lan refresh lan config when lanip change" + +is_enabled() { + config_load "http_status_stat" + local switch + switch=`uci get http_status_stat.settings.enabled -q` + if [ $switch -eq "1" ]; then + return 1 + fi + return 0 +} + +refresh_lan() { + is_enabled + if [ $? -eq "1" ]; then + logger -t "http_stat" "refresh lan config!" + echo "ADD 5 $LIP $PROXY_PORT" > $CFG_PATH + fi +} + +start() { + config_load "http_status_stat" + local switch + switch=`uci get http_status_stat.settings.enabled -q` + if [ $switch -ne "1" ]; then + return 0 + fi + local cc=$(bdata get CountryCode) + cc=${cc:-"CN"} + if [ $cc != "CN" ]; then + echo "http_stat: Bad Country!" + return 0 + fi + + fastpath=`uci get misc.http_proxy.fastpath -q` + [ -z $fastpath ] && return 0 + + if [ $fastpath == "ctf" ]; then + if [ -f $APP_CTF_MGR ]; then + $APP_CTF_MGR http_stat http on + fi + elif [ $fastpath == "hwnat" ]; then + echo "http status can work with hw_nat." + else + echo "http_status_stat.init: unknown fastpath type! Treat as std!" + fi + insmod nf_conn_ext_http >/dev/null 2>&1 + insmod nf_tcp_proxy >/dev/null 2>&1 + #echo "open and set proxy action to kernel" + echo "ADD 5 $LIP $PROXY_PORT" > $CFG_PATH + # ensure start switch + echo "1" > $SWITCH_PATH + insmod http_status_code_proxy >/dev/null 2>&1 + sysctl -w net.ipv4.tcp_timestamps=0 >/dev/null 2>&1 + [ -f $REFERER_PATH ] && echo $REFERER_STR > $REFERER_PATH 2>/dev/null + return 0 +} + +stop() { + rmmod http_status_code_proxy >/dev/null 2>&1 + rmmod nf_tcp_proxy >/dev/null 2>&1 + + fastpath=`uci get misc.http_proxy.fastpath -q` + [ -z $fastpath ] && return 0 + + if [ $fastpath == "ctf" ]; then + if [ -f $APP_CTF_MGR ]; then + $APP_CTF_MGR http_stat http off + fi + elif [ $fastpath == "hwnat" ]; then + echo "http status stopped." + else + echo "http_status_stat.init: unknown fastpath type! Treat as std!" + fi + return 0 +} + +off(){ + stop + $set_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + $restart_dnsmasq + return $? +} + +on(){ + $set_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + $restart_dnsmasq + start + return $? +} + diff --git a/squashfs-root/etc/init.d/http_url_proxy b/squashfs-root/etc/init.d/http_url_proxy new file mode 100755 index 0000000..605ead7 --- /dev/null +++ b/squashfs-root/etc/init.d/http_url_proxy @@ -0,0 +1,199 @@ +#!/bin/sh /etc/rc.common + +START=99 + +CFG_PATH="/proc/sys/net/ipv4/tcp_proxy_action" +SWITCH_PATH="/proc/sys/net/ipv4/tcp_proxy_switch" +set_switch_on="uci set http_url_proxy.settings.enabled=1" +set_switch_off="uci set http_url_proxy.settings.enabled=0" +set_switch_commit="uci commit http_url_proxy" +restart_dnsmasq='/etc/init.d/dnsmasq restart' +LIP=`uci get network.lan.ipaddr 2>/dev/null` +LMASK=`uci get network.lan.netmask 2>/dev/null` +PROXY_PORT=8381 +fastpath="" + +APP_CTF_MGR="/usr/sbin/ctf_manger.sh" +export EXTRA_COMMANDS=" on off log_stat" +export EXTRA_HELP=" on Switch to the start state and start + off Switch to the stop state and stop + log_stat log statistics" + +KR_EXECMD="/usr/sbin/kr_query" +KR_EXTRA_FLAG="/usr/sbin/kr_query" + +# only R1CL now +is_support_model() { + boardversion=`cat /proc/xiaoqiang/model 2>/dev/null` + if [ $boardversion == "R1CL" ]; then + return 1 + fi + return 0 +} + +is_repeater() { + netmode=`uci -q -S get xiaoqiang.common.NETMODE` + if [ "$netmode" == "wifiapmode" -o "$netmode" == "lanapmode" ]; then + is_support_model + if [ $? -eq 1 ]; then + return 1 + fi + fi + return 0 +} + +log_stat_normal() { + url_stat_file="/proc/http_url/url_stats" + if [ -f $url_stat_file ]; then + line=`cat $url_stat_file` + v1=`echo $line | awk -F ";" '{print $1}' | awk -F ":" '{print $2}'` + v2=`echo $line | awk -F ";" '{print $2}' | awk -F ":" '{print $2}'` + v3=`echo $line | awk -F ";" '{print $3}' | awk -F ":" '{print $2}'` + v4=`echo $line | awk -F ";" '{print $4}' | awk -F ":" '{print $2}'` + v5=`echo $line | awk -F ";" '{print $5}' | awk -F ":" '{print $2}'` + v6=`echo $line | awk -F ";" '{print $6}' | awk -F ":" '{print $2}'` + logger stat_points_privacy reap_url_stat=$v1,$v2,$v3,$v4,$v5,$v6 + echo "0" > $url_stat_file + fi +} + +br_log_stat() { + url_stat_file="/proc/br_http_url/url_stats" + if [ -f $url_stat_file ]; then + line=`cat $url_stat_file` + v1=`echo $line | awk -F ";" '{print $1}' | awk -F ":" '{print $2}'` + v2=`echo $line | awk -F ";" '{print $2}' | awk -F ":" '{print $2}'` + v3=`echo $line | awk -F ";" '{print $3}' | awk -F ":" '{print $2}'` + v4=`echo $line | awk -F ";" '{print $4}' | awk -F ":" '{print $2}'` + logger stat_points_privacy br_reap_url_stat=$v1,$v2,$v3,$v4 + echo "0" > $url_stat_file + fi +} + +log_stat() { + is_repeater + if [ $? -eq "1" ]; then + br_log_stat + else + log_stat_normal + fi +} + +init_kmod() { + insmod nf_conn_ext_http >/dev/null 2>&1 + is_repeater + if [ $? -eq "1" ]; then + insmod br_http >/dev/null 2>&1 + else + insmod nf_tcp_proxy >/dev/null 2>&1 + #echo "open and set proxy action to kernel" + echo "ADD 7 $LIP $PROXY_PORT" > $CFG_PATH + # ensure start switch + echo "1" > $SWITCH_PATH + insmod http_url >/dev/null 2>&1 + sysctl -w net.ipv4.tcp_timestamps=0 >/dev/null 2>&1 + fi +} + +start() { + config_load "http_url_proxy" + local switch + switch=`uci get http_url_proxy.settings.enabled -q` + if [ $switch -ne "1" ]; then + return 0 + fi + local cc=$(bdata get CountryCode) + cc=${cc:-"CN"} + if [ $cc != "CN" ]; then + echo "http_stat: Bad Country!" + return 0 + fi + + fastpath=`uci get misc.http_proxy.fastpath -q` + [ -z $fastpath ] && return 0 + + if [ $fastpath == "ctf" ]; then + if [ -f $APP_CTF_MGR ]; then + $APP_CTF_MGR http_stat http on + fi + elif [ $fastpath == "hwnat" ]; then + echo "http_url_proxy: can work with hw_nat." + else + echo "http_url_proxy.init: unknown fastpath type! Treat as std!" + fi + init_kmod + + ipset flush kr_query + ipset destroy kr_query + ipset create kr_query hash:net + iptables -t mangle -A fwmark -p tcp -m set --match-set kr_query dst -m comment --comment kr_query -j MARK --set-xmark 0x4/0x4 + +uci -q batch <<-EOF >/dev/null + set firewall.kr_query=include + set firewall.kr_query.path="/lib/firewall.sysapi.loader kr_query" + set firewall.kr_query.reload=1 + commit firewall +EOF + + export PROCLINE="${KR_EXECMD}" + export PROCFLAG="${KR_EXTRA_FLAG}" + export PROCNUM='1' + /usr/sbin/supervisord start + + return 0 +} + +stop() { + kill -9 `cat /tmp/kr_query.pid` + export PROCLINE="${KR_EXECMD}" + export PROCFLAG="${KR_EXTRA_FLAG}" + /usr/sbin/supervisord stop + + # log stat before stop + log_stat + rmmod http_url >/dev/null 2>&1 + rmmod nf_tcp_proxy >/dev/null 2>&1 + # for repeater mode + rmmod br_http >/dev/null 2>&1 + + fastpath=`uci get misc.http_proxy.fastpath -q` + [ -z $fastpath ] && return 0 + + if [ $fastpath == "ctf" ]; then + if [ -f $APP_CTF_MGR ]; then + $APP_CTF_MGR http_stat http off + fi + elif [ $fastpath == "hwnat" ]; then + echo "http_url_proxy: stopped." + else + echo "http_url_proxy: unknown fastpath type! Treat as std!" + fi + +uci -q batch <<-EOF >/dev/null + del firewall.kr_query + commit firewall +EOF + + iptables -t mangle -D fwmark -p tcp -m set --match-set kr_query dst -m comment --comment kr_query -j MARK --set-mark 0x04/0x00000004 + ipset flush kr_query + ipset destroy kr_query + + return 0 +} + +off(){ + stop + $set_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + $restart_dnsmasq + return $? +} + +on(){ + $set_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + $restart_dnsmasq + start + return $? +} + diff --git a/squashfs-root/etc/init.d/iweventd b/squashfs-root/etc/init.d/iweventd new file mode 100755 index 0000000..952f65a --- /dev/null +++ b/squashfs-root/etc/init.d/iweventd @@ -0,0 +1,51 @@ +#!/bin/sh /etc/rc.common + +START=60 +#STOP=99 +SERVICE_DAEMONIZE=1 +SERVICE_USE_PID=1 +SERVICE_WRITE_PID=1 +SERVICE_MATCH_EXEC="" +SERVICE_DEBUG="" +SERVICE_QUIET="1" + + +EXTRA_COMMANDS=" status is_running " +EXECMD="/usr/sbin/iweventd.sh" + +start() { + + is_running + if [ $? -eq 1 ]; then + echo 'iweventd already running.' + return 0 #error + fi + [ -x ${EXECMD} ] && service_start ${EXECMD} + return $? +} + +stop() { + [ -x ${EXECMD} ] && service_stop ${EXECMD} + return $? +} + + +#running: 0, dead, 1, alive +is_running(){ + [ -x ${EXECMD} ] && service_check ${EXECMD} + if [ $? -eq 0 ]; then + return 1 # is running + else + return 0 # error + fi +} + +#status: 0, in-actived, 1, actived +status(){ + [ -x ${EXECMD} ] && service_check ${EXECMD} + if [ $? -eq 0 ]; then + echo "iweventd is running." + else + echo "iweventd is stop." + fi +} \ No newline at end of file diff --git a/squashfs-root/etc/init.d/key_services_boot_check b/squashfs-root/etc/init.d/key_services_boot_check new file mode 100755 index 0000000..e8b4ef4 --- /dev/null +++ b/squashfs-root/etc/init.d/key_services_boot_check @@ -0,0 +1,168 @@ +#!/bin/sh /etc/rc.common + +#this script will run by /etc/init.d/rcS after all rc script. +START=50 +#STOP=99 + +# +#reboot if REBOOTFLAGFILE set to REBOOT=1, by another script +REBOOTFLAGFILE='/tmp/needreboot.stat' + +#/etc/init.d/rcS will save all /etc/rc.d/S* exitcode into this file +RCSTATFILE='/tmp/rc.timing' + +SKIPLIST='boot_check' + +# messageagent was removed temporary +KEYSRVLIST='boot dnsmasq network sysapihttpd' + +elog(){ + tmsg="$@" + logger -p local0.warning -t boot_check "boot_check[${$}]: $tmsg" + echo "`date` boot_check[${$}]: $tmsg" >> /dev/console +} + +failed_flag() { + local system_current=`nvram get flag_boot_rootfs` + + if [ $system_current -ge 0 -a $system_current -le 1 ]; then + nvram set flag_try_sys$((system_current+1))_failed=1 + nvram set flag_ota_reboot=0 + nvram commit + fi +} + +start() { + # + #check /etc/rc.d/S* exitcode + # + errcnt=0 + touch /tmp/$$.bootcheck.log + cat $RCSTATFILE 2>/dev/null | grep 'EXITCODE=' | grep -v 'EXITCODE=0;' > /tmp/$$.bootcheck.log + while read oneline + do + #EXITCODE=0;ESP=0;LIMIT=10;CMD=/etc/rc.d/S99datacenter;ARG=boot; + match=0 + for onesrv in $SKIPLIST + do + echo "$oneline" | grep -q "[0-9]\{1,100\}$onesrv;" && match=1&&break + done + test $match -ne 0 && continue + + match=0 + for onesrv in $KEYSRVLIST + do + echo "$oneline" | grep -q "[0-9]\{1,100\}$onesrv;" && match=1&&break + done + if [ $match -ne 0 ] + then + let errcnt=$errcnt+1 + elog "ERROR: KEY SERVICE FAILED: $oneline" + else + logger -p local0.warning -t boot_check "WARNING: SERVICE FAILED: $oneline" + fi + done /dev/null + [ $? -ne 0 ] && { + elog "INFO: no network available /dev/$hdd" + # save log to crash partition + cd /tmp + gzip messages + mtd_crash_log -f messages.gz + + ft_ret=3 + if [ $ft_mode -ne 1 ] + then + failed_flag + reboot + exit -1 + fi + } + + if [ "$ft_mode" = "1" ] + then + if [ "$ft_ret" != "0" ] + then + elog "INFO: boot_check failed $ft_ret" + dmesg > /data/usr/log/dmesg.log + #red led is set + gpio 1 0 + gpio 2 1 + gpio 3 1 + else + echo 3 > /proc/xiaoqiang/boot_status + fi + else + echo 3 > /proc/xiaoqiang/boot_status + fi +} + +stop() { + echo "stop" +} diff --git a/squashfs-root/etc/init.d/luafcgiserver b/squashfs-root/etc/init.d/luafcgiserver new file mode 100755 index 0000000..9e21356 --- /dev/null +++ b/squashfs-root/etc/init.d/luafcgiserver @@ -0,0 +1,38 @@ +#!/bin/sh /etc/rc.common + +#merge into /etc/init.d/sysapihttpd, delete pending + +#luafastcgiserver will start/stop by /etc/init.d/sysapihttpd +#START=45 +#STOP=50 + +#export command line for /usr/sbin/supervisord +export PROCLINE="/usr/bin/spawn-fcgi -s /tmp/fcgi-cgi.sock -u root -U nobody -C 5 -F 5 -- /usr/bin/fcgi-cgi -c 1024" +export PROCFLAG="/usr/bin/fcgi-cgi -c 1024" +export PROCNUM='5' +export EXTRA_HELP=" status Status the service" +export EXTRA_COMMANDS="status" + +stop() { + /usr/sbin/supervisord stop + return $? +} +start() { + /usr/sbin/supervisord start + return $? +} +restart() { + stop + sleep 1 + start + return $? +} +shutdown() { + stop + return $? +} +status() { + /usr/sbin/supervisord status + return $? +} +# diff --git a/squashfs-root/etc/init.d/luci_dhcp_migrate b/squashfs-root/etc/init.d/luci_dhcp_migrate new file mode 100755 index 0000000..7fb4435 --- /dev/null +++ b/squashfs-root/etc/init.d/luci_dhcp_migrate @@ -0,0 +1,41 @@ +#!/bin/sh /etc/rc.common + +START=59 + +boot() { + if [ -f /etc/config/luci_ethers ]; then + logger -t luci_dhcp_migrate "Migrating luci_ethers configuration ..." + + lua -lluci.model.uci -e ' + x=luci.model.uci.cursor() + x:foreach("luci_ethers", "static_lease", + function(s) + x:section("dhcp", "host", nil, {mac=s.macaddr, ip=s.ipaddr}) + end) + x:save("dhcp") + x:commit("dhcp") + ' + + rm -f /etc/config/luci_ethers + fi + + if [ -f /etc/config/luci_hosts ]; then + logger -t luci_dhcp_migrate "Migrating luci_hosts configuration ..." + + lua -lluci.model.uci -e ' + x=luci.model.uci.cursor() + x:foreach("luci_hosts", "host", + function(s) + x:section("dhcp", "domain", nil, {name=s.hostname, ip=s.ipaddr}) + end) + x:save("dhcp") + x:commit("dhcp") + ' + + rm -f /etc/config/luci_hosts + fi +} + +start() { :; } +stop() { :; } + diff --git a/squashfs-root/etc/init.d/messagingagent.sh b/squashfs-root/etc/init.d/messagingagent.sh new file mode 100755 index 0000000..b5c0bfe --- /dev/null +++ b/squashfs-root/etc/init.d/messagingagent.sh @@ -0,0 +1,41 @@ +#!/bin/sh /etc/rc.common + +START=49 +#STOP=50 + +num='2' + +config_load misc +config_get num messagingagent thread_num + +#export command line for /usr/sbin/supervisord +export PROCLINE="/usr/bin/mald $num" +export PROCFLAG="/usr/bin/messagingagent --handler_threads $num" +export PROC_DEBUG_FLAG="on" +export OOM_FLAG=0 + +export EXTRA_HELP=" status Status the service" +export EXTRA_COMMANDS="status" + +stop() { + /usr/sbin/supervisord stop + return $? +} +start() { + /usr/sbin/supervisord start + return $? +} +restart() { + stop + sleep 1 + start + return $? +} +shutdown() { + stop + return $? +} +status() { + /usr/sbin/supervisord status + return $? +} diff --git a/squashfs-root/etc/init.d/miniupnpd b/squashfs-root/etc/init.d/miniupnpd new file mode 100755 index 0000000..e87c83b --- /dev/null +++ b/squashfs-root/etc/init.d/miniupnpd @@ -0,0 +1,188 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=95 + +SERVICE_USE_PID=1 + +upnpd_get_port_range() { + local _var="$1"; shift + local _val + + config_get _val "$@" + + case "$_val" in + [0-9]*[:-][0-9]*) + export -n -- "${_var}_start=${_val%%[:-]*}" + export -n -- "${_var}_end=${_val##*[:-]}" + ;; + [0-9]*) + export -n -- "${_var}_start=$_val" + export -n -- "${_var}_end=" + ;; + esac +} + +conf_rule_add() { + local cfg="$1" + local tmpconf="$2" + local action external_port_start external_port_end int_addr + local internal_port_start internal_port_end + + config_get action "$cfg" action "deny" # allow or deny + upnpd_get_port_range "ext" "$cfg" ext_ports "0-65535" # external ports: x, x-y, x:y + config_get int_addr "$cfg" int_addr "0.0.0.0/0" # ip or network and subnet mask (internal) + upnpd_get_port_range "int" "$cfg" int_ports "0-65535" # internal ports: x, x-y, x:y or range + + # Make a single IP IP/32 so that miniupnpd.conf can use it. + case "$int_addr" in + */*) ;; + *) int_addr="$int_addr/32" ;; + esac + + echo "${action} ${ext_start}${ext_end:+-}${ext_end} ${int_addr} ${int_start}${int_end:+-}${int_end}" >>$tmpconf +} + +upnpd_write_bool() { + local opt="$1" + local def="${2:-0}" + local alt="$3" + local val + + config_get_bool val config "$opt" "$def" + if [ "$val" -eq 0 ]; then + echo "${alt:-$opt}=no" >> $tmpconf + else + echo "${alt:-$opt}=yes" >> $tmpconf + fi +} + +boot() { + return 0 +} + +start() { + config_load "upnpd" + local extiface intiface upload download logging secure enabled natpmp + local extip port usesysuptime conffile serial_number model_number + local uuid notify_interval presentation_url enable_upnp + local upnp_lease_file clean_ruleset_threshold clean_ruleset_interval + + config_get extiface config external_iface + config_get intiface config internal_iface + config_get extip config external_ip + config_get port config port 5000 + config_get upload config upload + config_get download config download + config_get_bool logging config log_output 0 + config_get conffile config config_file + config_get serial_number config serial_number + config_get model_number config model_number + config_get uuid config uuid + config_get notify_interval config notify_interval + config_get presentation_url config presentation_url + config_get upnp_lease_file config upnp_lease_file + config_get clean_ruleset_threshold config clean_ruleset_threshold + config_get clean_ruleset_interval config clean_ruleset_interval + + local args + + . /lib/functions/network.sh + + local ifname + network_get_device ifname ${extiface:-wan} + + if [ -n "$conffile" ]; then + args="-f $conffile" + else + local tmpconf="/var/etc/miniupnpd.conf" + args="-f $tmpconf" + mkdir -p /var/etc + + echo "ext_ifname=$ifname" >$tmpconf + + [ -n "$extip" ] && \ + echo "ext_ip=$extip" >>$tmpconf + + local iface + for iface in ${intiface:-lan}; do + local device + network_get_device device "$iface" && { + echo "listening_ip=$device" >>$tmpconf + } + done + + [ "$port" != "auto" ] && \ + echo "port=$port" >>$tmpconf + + config_load "upnpd" + upnpd_write_bool enable_natpmp 1 + upnpd_write_bool enable_upnp 1 + upnpd_write_bool secure_mode 1 + upnpd_write_bool system_uptime 1 + + [ -n "$upnp_lease_file" ] && { + touch $upnp_lease_file + echo "lease_file=$upnp_lease_file" >>$tmpconf + } + + [ -n "$upload" -a -n "$download" ] && { + echo "bitrate_down=$(($download * 1024 * 8))" >>$tmpconf + echo "bitrate_up=$(($upload * 1024 * 8))" >>$tmpconf + } + + [ -n "${presentation_url}" ] && \ + echo "presentation_url=${presentation_url}" >>$tmpconf + + [ -n "${notify_interval}" ] && \ + echo "notify_interval=${notify_interval}" >>$tmpconf + + [ -n "${clean_ruleset_threshold}" ] && \ + echo "clean_ruleset_threshold=${clean_ruleset_threshold}" >>$tmpconf + + [ -n "${clean_ruleset_interval}" ] && \ + echo "clean_ruleset_interval=${clean_ruleset_interval}" >>$tmpconf + + [ -z "$uuid" ] && { + uuid="$(cat /proc/sys/kernel/random/uuid)" + uci set upnpd.config.uuid=$uuid + uci commit upnpd + } + + [ "$uuid" = "nocli" ] || \ + echo "uuid=$uuid" >>$tmpconf + + [ -n "${serial_number}" ] && \ + echo "serial=${serial_number}" >>$tmpconf + + [ -n "${model_number}" ] && \ + echo "model_number=${model_number}" >>$tmpconf + + config_foreach conf_rule_add perm_rule "$tmpconf" + fi + + + if [ -n "$ifname" ]; then + # start firewall + iptables -L MINIUPNPD >/dev/null 2>/dev/null || fw3 reload + + if [ "$logging" = "1" ]; then + SERVICE_DAEMONIZE=1 \ + service_start /usr/sbin/miniupnpd $args -d + else + SERVICE_DAEMONIZE= \ + service_start /usr/sbin/miniupnpd $args + fi + else + logger -t "upnp daemon" "external interface not found, not starting" + fi + return 0 +} + +stop() { + service_stop /usr/sbin/miniupnpd + + iptables -t nat -F MINIUPNPD 2>/dev/null + iptables -t filter -F MINIUPNPD 2>/dev/null + return 0 +} diff --git a/squashfs-root/etc/init.d/miqos b/squashfs-root/etc/init.d/miqos new file mode 100755 index 0000000..be08704 --- /dev/null +++ b/squashfs-root/etc/init.d/miqos @@ -0,0 +1,377 @@ +#!/bin/sh /etc/rc.common + +START=99 + +EXTRA_COMMANDS=" init_ipt " +EXTRA_COMMANDS=" $EXTRA_COMMANDS on off shutdown die restart " +EXTRA_COMMANDS=" $EXTRA_COMMANDS qos_flag status " +EXTRA_COMMANDS=" $EXTRA_COMMANDS on_limit off_limit set_limit reset_limit apply show_limit limit_flag " +EXTRA_COMMANDS=" $EXTRA_COMMANDS change_band show_band " +EXTRA_COMMANDS=" $EXTRA_COMMANDS set_type show_cfg " +EXTRA_COMMANDS=" $EXTRA_COMMANDS on_guest show_guest on_xq show_xq " +EXTRA_COMMANDS=" $EXTRA_COMMANDS set_seq get_seq " +EXTRA_COMMANDS=" $EXTRA_COMMANDS nprio reserve " +EXTRA_COMMANDS=" $EXTRA_COMMANDS supress_on supress_off supress_update " + +#FIX-QOS only +EXTRA_COMMANDS=" $EXTRA_COMMANDS device_in device_out " + + +EXTRA_HELP=" +--stat: + on/off/shutdown/die/restart + qos_flag/status +--limit: + on_limit/set_limit min/max/all [MAC] MAX-UP MAX-DOWN MIN-UP MIN-DOWN + off_limit/reset_limit [MAC] + show_limit + apply + limit_flag [MAC] on/off + show_limit_flag [MAC] +--band: + change_band UP-RATE DOWN-RATE + show_band +--type: + set_type [auto/min/max/service] + show_cfg +--guest & xq: + on_guest UP DOWN + show_guest + on_xq UP DOWN + show_xq +--seq: + get_seq + set_seq [auto/game/web/video] +--supress: + supress_update/supress_on/supress_off +--others: + nprio add/del IP HIGH_PRIO_WITHOUT_LIMIT/HIGH_PRIO_WITH_BANDLIMIT + reserve add/del IP video +" + +#only support 3 types, CTF/STD/FIX +QOS_VER="FIX" #here, value would be replace by sed + +if [ "$QOS_VER" == "CTF" ]; then + EXECMD="/usr/bin/lua /usr/sbin/miqosd ctf" + EXECMD_C="/usr/sbin/miqosc" + export PROCLINE=$EXECMD + export PROCFLAG=$PROCLINE +elif [ "$QOS_VER" == "STD" ]; then + EXECMD="/usr/bin/lua /usr/sbin/miqosd std" + EXECMD_C="/usr/sbin/miqosc" + export PROCLINE=$EXECMD + export PROCFLAG=$PROCLINE +elif [ "$QOS_VER" == "HWQOS" ]; then + EXECMD="/usr/bin/lua /usr/sbin/miqosd hwqos" + EXECMD_C="/usr/sbin/miqosc" + export PROCLINE=$EXECMD + export PROCFLAG=$PROCLINE +else + EXECMD_C="/usr/sbin/miqosc" +fi + +#not supported command check +ignore(){ + null_types=$1 + [ -z "$null_types" ] && return 0; + + for t in $null_types; + do + [ "$t" == "$QOS_VER" ] && echo "not supported for $QOS_VER." && exit 0; + done +} + +#------------------------------- +init_ipt(){ + /usr/sbin/miqosd_init.sh + return $? +} + +#------------------------------- +#0,ok; non-0, Nok +start() { + if [ "$QOS_VER" == "FIX" ]; then + #check NETMODE 1stly + local mode + mode=`uci -q get xiaoqiang.common.NETMODE` + if [ "$mode" == "wifiapmode" -o "$mode" == "lanapmode" ]; then + echo "In AP mode, disable QoS. exit!" + $EXECMD_C off + return 0 + fi + + local enabled + enabled=`uci -q get miqos.settings.enabled` + if [ "$enabled" = "1" ]; then + $EXECMD_C on + else + $EXECMD_C off + fi + return 0 + else + #check NETMODE 1stly + local mode + mode=`uci get xiaoqiang.common.NETMODE 2>/dev/null` + if [ "$mode" == "wifiapmode" -o "$mode" == "lanapmode" ]; then + echo "In AP mode, disable QoS. exit!" + return 0 + fi + /usr/sbin/supervisord start + + qos_flag + if [ $? -ne "0" ]; then + echo "miqos is not enabled, only keep top layer1 queue." + running + if [ $? -eq "0" ]; then + $EXECMD_C off + fi + return 0 + fi + + # enable QoS Service + $EXECMD_C on + + return 0 + fi +} + +stop() { + shutdown +} + +shutdown(){ + $EXECMD_C shutdown +} + +restart(){ + stop &>/dev/null + start &>/dev/null + return 0 +} + +on(){ + uci set miqos.settings.enabled=1 + uci commit miqos + if [ -f "/etc/init.d/qca-nss-ecm" ]; then + /etc/init.d/qca-nss-ecm restart 1 &>/dev/null + fi + + if [ "$QOS_VER" == "STD" ]; then + uci set hwnat.switch.miqos=1 + uci commit hwnat + + /etc/init.d/hwnat stop &>/dev/null + fi + + start +} + +off(){ + #set -x + uci set miqos.settings.enabled=0 + uci commit miqos + if [ -f "/etc/init.d/qca-nss-ecm" ]; then + /etc/init.d/qca-nss-ecm restart 0 &>/dev/null + fi + + if [ "$QOS_VER" == "FIX" ]; then + stop #clean directly + elif [ "$QOS_VER" == "STD" ]; then + uci set hwnat.switch.miqos=0 + uci commit hwnat + + running + if [ $? == 1 ]; then + start # if not running, invoke start, and then off it + fi + + $EXECMD_C off #close htb rules + + #try to start hwnat whatever enough memory or not + /etc/init.d/hwnat start &>/dev/null + else + running + if [ $? == 1 ]; then + start # if not running, invoke start, and then off it + fi + $EXECMD_C off #close htb rules + fi + + return 0 +} + +die(){ + # + $EXECMD_C die & + /usr/sbin/supervisord stop + return 0 +} + +#------------------------------- +#return: 0,enabled; 1 disabled +qos_flag(){ + #config_load "miqos" + local st + st=`uci get miqos.settings.enabled 2>/dev/null` + if [ $st -eq "0" ]; then + return 1 + fi + return 0 +} + +# status: 0, actived, 1, inactived +status(){ + qos_flag + if [ $? == 1 ]; then + return 1 + fi + + if [ "$QOS_VER" == "FIX" ]; then + return 0; + else + /usr/sbin/supervisord status + if [ $? == 1 ]; then + return 1 + fi + return 0 + fi +} + +running(){ + ignore "FIX" + /usr/sbin/supervisord status + if [ $? == 1 ]; then + return 1 + fi + return 0 +} + +#------------------------------- +on_limit(){ + $EXECMD_C on_limit $@ +} + +off_limit(){ + $EXECMD_C off_limit $@ +} + +set_limit(){ + $EXECMD_C set_limit $@ +} + +reset_limit(){ + $EXECMD_C reset_limit $@ +} + +apply(){ + $EXECMD_C apply $@ +} + +show_limit(){ + $EXECMD_C show_limit $@ +} + +limit_flag(){ + $EXECMD_C limit_flag $@ +} + + +#------------------------------- +change_band(){ + $EXECMD_C change_band $@ +} + +show_band(){ + $EXECMD_C show_band $@ +} + +#------------------------------- + +set_type(){ + ignore "FIX" + $EXECMD_C set_type $@ +} + +show_cfg(){ + $EXECMD_C show_cfg $@ +} + +#------------------------------- + +on_guest(){ + $EXECMD_C on_guest $@ +} + + +show_guest(){ + $EXECMD_C show_guest $@ +} + +on_xq(){ + $EXECMD_C on_xq $@ +} + + +show_xq(){ + $EXECMD_C show_xq $@ +} + +#------------------------------- + +nprio(){ + ignore "FIX" + $EXECMD_C nprio $@ +} + +reserve(){ + ignore "FIX" + $EXECMD_C reserve $@ +} + +#------------------------------- +get_seq(){ + $EXECMD_C get_seq $@ +} + +set_seq(){ + $EXECMD_C set_seq $@ +} + +#------------------------------- + +supress_on(){ + ignore "FIX" + $EXECMD_C supress_host on +} + +supress_off(){ + ignore "FIX" + $EXECMD_C supress_host off +} + +supress_update(){ + ignore "FIX" + local app_name="2" # xunyou + [ -f /proc/flowmark_app ] && { + ret=`cat /proc/flowmark_app | awk -v app_name=$app_name -F, '{ if($5!="" && $2==app_name){print($5) } }'` + if [ "$ret" != "" ]; then + echo [$ret] + $EXECMD_C supress_host on + else + $EXECMD_C supress_host off + fi + } +} + +#------------------------------- + +device_in(){ + ignore "CTF STD" + $EXECMD_C device_in $@ +} + +device_out(){ + ignore "CTF STD" + $EXECMD_C device_out $@ +} diff --git a/squashfs-root/etc/init.d/netapi b/squashfs-root/etc/init.d/netapi new file mode 100755 index 0000000..fab84b1 --- /dev/null +++ b/squashfs-root/etc/init.d/netapi @@ -0,0 +1,48 @@ +#!/bin/sh /etc/rc.common + +#for test, activate later +START=78 +SERVICE_DAEMONIZE=1 +SERVICE_USE_PID=1 +SERVICE_WRITE_PID=1 +SERVICE_MATCH_EXEC="" +SERVICE_DEBUG="" +SERVICE_QUIET="1" + +EXTRA_COMMANDS="/usr/sbin/netapi" +EXECMD="/usr/sbin/netapi" + +start() { + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + export PROCNUM='1' + /usr/sbin/supervisord start + return $? +} + +stop() { + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord stop + return $? +} + +#running: 0, dead, 1, alive +is_running(){ + status +} + +#status: 0, in-actived, 1, actived +status(){ + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord status +} + +restart(){ + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord restart + return $? +} + diff --git a/squashfs-root/etc/init.d/netconfig b/squashfs-root/etc/init.d/netconfig new file mode 100755 index 0000000..07f610a --- /dev/null +++ b/squashfs-root/etc/init.d/netconfig @@ -0,0 +1,73 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006 OpenWrt.org + +#waiting for filesystem ready, S01fstab, S10boot, S11tftpboot, S11ubus +START=12 + +conlog(){ + msg="$@" + test -z "$msg" && return 0 + DATE="`date`" + logger -t "netconfig[${$}]" "$msg" + echo "$DATE netconfig[${$}]: $msg" >> /dev/console 2>/dev/null + return 0 +} +pipelog(){ + local oneline + while read oneline + do + conlog "$oneline" + done +} +start() { + #is network config realy exist? + if [ -s /etc/config/network ] + then + conlog "INFO: loading exist /etc/config/network." + cat /etc/config/network 2>&1 | grep -v password | pipelog + config_load network + return 0 + fi + + mkdir -p /etc/config + + echo '#### Loopback configuration +config interface loopback + option ifname lo + option proto static + option ipaddr 127.0.0.1 + option netmask 255.0.0.0 + +#### LAN configuration +config interface lan + option ifname eth0.1 + option type bridge + option proto static + option ipaddr 192.168.31.1 + option netmask 255.255.255.0 + option ip6assign 64 + +#### WAN configuration +config interface wan + option ifname eth0.2 + option proto dhcp + +config interface wan6 + option ifname @wan + option proto dhcpv6 + +### IFB interface for MiQoS +config interface ifb + option ifname ifb0 + +#### READY configuration +config interface ready + option proto static + option ipaddr 169.254.29.1 + option netmask 255.255.255.0' > /etc/config/network + + cat /etc/config/network 2>&1| pipelog + + config_load network + return $? +} diff --git a/squashfs-root/etc/init.d/network b/squashfs-root/etc/init.d/network new file mode 100755 index 0000000..dc573dc --- /dev/null +++ b/squashfs-root/etc/init.d/network @@ -0,0 +1,76 @@ +#!/bin/sh /etc/rc.common + +START=20 +STOP=90 + +SERVICE_DAEMONIZE=1 +SERVICE_WRITE_PID=1 + + +# longloopd must be shutdown prior to interface change +stop_longloop() { + [ -x /usr/bin/longloopd ] && /usr/bin/longloopd stop +} + +start() { + stop + + # ensure netifd alive during OOM + echo '-1000' > /proc/$$/oom_score_adj + service_start /sbin/netifd + # wait for netifd start up + ubus -t 30 wait_for network.interface + setup_switch() { return 0; } + + include /lib/network + + { + /sbin/wifi down >/dev/null 2>&1 + /sbin/wifi up + } + + logger -t network -p9 "try to setup_switch and restart interfaces." + setup_switch + + #for mt7621, seperate 16Queues into 2GMAC-scheduler to enable 1G+1G rate in HWNAT + [ -f /usr/bin/qdma ] && { + for i in `seq 14 1 15`; do + qdma sch $i 1 + done + }||: + + return 0 # always return ok + +} + +restart() { + stop_longloop + + ifdown -a + sleep 1 + start +} + +shutdown() { + stop_longloop + ifdown wan + # sleep to let PPPoE clean up its sesssion. + for i in `seq 1 10`; do + pidof pppd >/dev/null || break + sleep 1 + done + wifi down + ifdown -a + stop +} + +stop() { + stop_longloop + service_stop /sbin/netifd +} + +reload() { + ubus call network reload + /sbin/wifi down + /sbin/wifi up +} diff --git a/squashfs-root/etc/init.d/rcS b/squashfs-root/etc/init.d/rcS new file mode 100755 index 0000000..4996302 --- /dev/null +++ b/squashfs-root/etc/init.d/rcS @@ -0,0 +1,182 @@ +#!/bin/sh +# Copyright (C) 2006 OpenWrt.org + +RCSTATFILE='/tmp/rc.timing' +BOOTCHECKCODEFILE='/tmp/rc.done' + +# +export LOGTAG="rcS $1 $2" +export PROC_CALLER="/etc/init.d/rcS $1 $2" +# +dlog() { + local oneline + oneline="$@" + if [ -x /usr/bin/logger ]; then + logger -s -p 1 -t "$LOGTAG" -- "$oneline" + else + echo "`date` ${LOGTAG}[${$}]: $oneline" + fi +} +logexec() { + local exitcode + local execline + local capfile + execline="$@" + test -z "$execline" && return 0 + mkdir -p /tmp/logexec/ + capfile="/dev/null" + $execline > $capfile 2>&1 + exitcode=$? + if [ $exitcode -ne 0 ]; then + dlog "logexec: exitcode $exitcode, $execline" + fi + return $exitcode +} + +execwarnlimit=15 +rctimelimit=65 +run_scripts() { + startts=0 + endts=0 + espts=0 + totalespts=0 + wait_stat=0 + export LOGTAG="rcS $1 $2" + if [ "$1" = 'S' ]; then + echo '' > $BOOTCHECKCODEFILE + if [ $? -ne 0 ]; then + dlog "WARNING: truncat $BOOTCHECKCODEFILE failed." + fi + dlog "INFO: rc script run time limit to $rctimelimit seconds." + fi + echo '#!/bin/sh' > $RCSTATFILE + for i in /etc/rc.d/$1*; do + [ -x $i ] || continue + + export LOGTAG="rcS $1 calling: $i $2" + #dlog "$LOGTAG" + if [ "$1" != 'S' ]; then + #we do not care stop + echo "$i" | grep -qE "K9" + if [ $? -eq 0 ]; then + if [ $wait_stat -eq 0 ]; then + wait + sleep 2 + wait_stat=1 + fi + $i $2 2>&1 + else + $i $2 2>&1 & + fi + continue + fi + #dlog "running ..." + startts=$(printf '%.0f\n' $(cat /proc/uptime | cut -d' ' -f 1)) + logexec "runt $rctimelimit $i $2" + exitcode=$? + endts=$(printf '%.0f\n' $(cat /proc/uptime | cut -d' ' -f 1)) + let espts=$endts-$startts + echo "$i" | grep -q 'waitting$' && continue + if [ $espts -le 1380000000 -a $espts -ge 0 ]; then + if [ $espts -ge $rctimelimit ]; then + dlog "ERROR: EXITCODE=$exitcode, execute too slow, $espts >= ${rctimelimit}: $i $2" + elif [ $espts -ge $execwarnlimit ]; then + dlog "WARNING: EXITCODE=$exitcode, execute too slow, $espts >= ${execwarnlimit}: $i $2" + #else + # echo "INFO: EXITCODE=$exitcode, execut time $espts < ${rctimelimit}: $i $2" + fi + let totalespts=$totalespts+$espts + #else + # let totalespts=$totalespts+1 + # dlog "WARNING: invalid init script execute time ${espts}(> $rctimelimit, clock fast-forward ?): $i $2" + fi + echo "EXITCODE=$exitcode;ESP=$espts;LIMIT=${rctimelimit};CMD=$i;ARG=$2;" >> $RCSTATFILE + echo "TOTALESP=$totalespts;" >> $RCSTATFILE + + fac_mode=`cat /proc/xiaoqiang/ft_mode` + if [ "$fac_mode" = "1" -a "$i" = "/etc/rc.d/S50key_services_boot_check" ]; then + dlog "Fast boot in factory mode" + break + fi + done + # + export LOGTAG="rcS $1 $2" + # + if [ "$1" = 'S' ]; then + eval "$(cat $RCSTATFILE | grep '^TOTALESP='| grep ';$'|tail -n 1)" + test -z "$TOTALESP" && TOTALESP='FIXME:unknow' + tmsg="INFO: rcS $@ timing $TOTALESP seconds." + logger stat_points_none gel_log_boot_time=$TOTALESP + dlog "$tmsg" + echo "`date` $tmsg" >> /dev/console + # flag_boot_type: 1 system in SATA version + # 2 system in SQUASH version + # 9 system in tftp version + # boot_status is no ready + boot_status="$(cat /proc/xiaoqiang/boot_status 2>/dev/null)" + test -z "$boot_status" && boot_status=65535 + test -z "$BOOT_TYPE" && BOOT_TYPE=$(nvram get flag_boot_type 2>/dev/null) + test -z "$BOOT_TYPE" && BOOT_TYPE=65535 + boardversion=`nvram get model` + if [ -z "$boardversion" ]; then + boardversion=`cat /proc/xiaoqiang/model 2>/dev/null` + fi + test -z "$boardversion" && boardversion='unknow_board' + case "$BOOT_TYPE" in + 1) + tmsg="system type(${boardversion}/${BOOT_TYPE}): SATA/${boot_status}" + ;; + 2) + tmsg="system type(${boardversion}/${BOOT_TYPE}): SQUASH/${boot_status}" + ;; + *) + tmsg="system type(${boardversion}/${BOOT_TYPE}): UNKNOW/${boot_status}" + ;; + esac + dlog "$tmsg" + echo "`date` $tmsg" >> /dev/console + tmsg="ROOTFS: $(mount | grep ' on / type ' | tail -n 1)" + dlog "$tmsg" + echo "`date` $tmsg" >> /dev/console + # + #run boot_check to set boot flag + # + bootcheckcode=0 + if [ -x /usr/sbin/boot_check ]; then + /usr/sbin/boot_check $2 + bootcheckcode=$? + else + /etc/init.d/boot_check $2 + bootcheckcode=$? + fi + echo "BOOTCHECKCODE=${bootcheckcode};" > $BOOTCHECKCODEFILE + if [ $? -ne 0 ]; then + dlog "WARNING: save BOOTCHECKCODE $BOOTCHECKCODE to $BOOTCHECKCODEFILE failed." + fi + + # should led be turned off? + if [ -x /usr/sbin/led_check ]; then + /usr/sbin/led_check + fi + + # process crashlog if any + if [ -x /usr/sbin/upcrash ]; then + /usr/sbin/upcrash + fi +fi +} + +system_config() { + config_get_bool foreground $1 foreground 0 +} + +. /lib/functions.sh + +config_load system +config_foreach system_config system + +if [ "$1" = "S" -a "$foreground" != "1" ]; then + run_scripts "$1" "$2" & +else + run_scripts "$1" "$2" +fi diff --git a/squashfs-root/etc/init.d/reboot-wdt b/squashfs-root/etc/init.d/reboot-wdt new file mode 100755 index 0000000..bae82bf --- /dev/null +++ b/squashfs-root/etc/init.d/reboot-wdt @@ -0,0 +1,11 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006 OpenWrt.org + +# In case reboot get stuck + +STOP=01 + +stop() { + /bin/sh -c "sleep 120; reboot -f" & + return 0 +} diff --git a/squashfs-root/etc/init.d/rmonitor b/squashfs-root/etc/init.d/rmonitor new file mode 100755 index 0000000..044de61 --- /dev/null +++ b/squashfs-root/etc/init.d/rmonitor @@ -0,0 +1,84 @@ +#!/bin/sh /etc/rc.common + +START=99 +STOP=20 + +export PROCLINE="/usr/sbin/rmonitor" +export PROCFLAG="/usr/sbin/rmonitor" +export EXTRA_HELP=" + ------------------------------------------------ + on Turn on router monitor + off Turn off router monitor + ------------------------------------------------" +export EXTRA_COMMANDS="on off status" + +on() { + config_load "rmonitor" + uci set rmonitor.settings.enabled=1 + uci commit + + start +} + +off() { + config_load "rmonitor" + uci set rmonitor.settings.enabled=0 + uci commit + + stop +} + +#return: 0,enabled; 1 disabled +rmonitor_flag(){ + config_load "rmonitor" + local st + st=`uci get rmonitor.settings.enabled 2>/dev/null` + if [ $st -eq "0" ]; then + return 1 + fi + return 0 +} + +start() { + rmonitor_flag + if [ $? -ne "0" ]; then + echo 'router monitor is not enabled, exit.' + return 0 + fi + status + if [ $? -eq "0" ]; then + echo 'router monitor already running, exit.' + return 0 + fi + + /usr/sbin/supervisord start + return $? +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + status + if [ $? -ne "0" ]; then + echo 'router monitor is not running, exit.' + return 0 + fi + + nohup /usr/sbin/supervisord stop >/dev/null 2>&1 & + return $? +} + +status() { + /usr/sbin/supervisord status + return $? +} diff --git a/squashfs-root/etc/init.d/securitypage b/squashfs-root/etc/init.d/securitypage new file mode 100755 index 0000000..6cc4f15 --- /dev/null +++ b/squashfs-root/etc/init.d/securitypage @@ -0,0 +1,47 @@ +#!/bin/sh /etc/rc.common + +STOP=21 + +export PROCLINE="/usr/sbin/securitypage -c /etc/config/securitypage/securitycenter.conf" +export PROC_USE_CGROUP_PATH="/dev/cgroup/net_cls/limited/tasks;/dev/cgroup/mem/group1/tasks" + +ENABELTAG="/etc/config/securitypage/enable.tag" + +start() { + if [ -f $ENABELTAG ]; + then + echo "security page enabled." + else + return $? + fi + + security_cfg.sh on + echo 1 > /proc/sys/net/ipv4/http_security_switch + + /usr/sbin/supervisord start + return $? +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + security_cfg.sh off + /usr/sbin/supervisord stop + return $? +} + +status() { + /usr/sbin/supervisord status + return $? +} +# diff --git a/squashfs-root/etc/init.d/smartcontroller b/squashfs-root/etc/init.d/smartcontroller new file mode 100755 index 0000000..39914fb --- /dev/null +++ b/squashfs-root/etc/init.d/smartcontroller @@ -0,0 +1,34 @@ +#!/bin/sh /etc/rc.common + +START=99 +STOP=20 + +#export command line for /usr/sbin/supervisord +export PROCLINE="/usr/sbin/smartcontroller" + +start() { + /usr/sbin/supervisord start + return $? +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + /usr/sbin/supervisord stop + return $? +} + +status() { + /usr/sbin/supervisord status + return $? +} diff --git a/squashfs-root/etc/init.d/smartvpn b/squashfs-root/etc/init.d/smartvpn new file mode 100755 index 0000000..e31b904 --- /dev/null +++ b/squashfs-root/etc/init.d/smartvpn @@ -0,0 +1,76 @@ +#!/bin/sh /etc/rc.common + +START=99 + +set_smartvpn_switch_on="uci set smartvpn.vpn.disabled=0" +set_smartvpn_switch_off="uci set smartvpn.vpn.disabled=1" +set_switch_commit="uci commit smartvpn" + +APP_SMARTVPN="/usr/sbin/smartvpn.sh" +export EXTRA_COMMANDS=" on off status " +export EXTRA_HELP=" on Switch to the start state and start + off Switch to the stop state and stop + status Get smartvpn status" + +start() { + #vpn should relay, + #default route add issue may be cause r1cm crash + #under condition of pppoe+l2tp+route traffic all + local bootcheck=$( cat /proc/xiaoqiang/boot_status ) + [ "$bootcheck" == "3" ] && { + vpnauto=$(uci get network.vpn.auto) + [ "$vpnauto" == "1" ] && ifup vpn + } + + if [ -f $APP_SMARTVPN ]; then + $APP_SMARTVPN on + fi + return 0 +} + +stop() { + if [ -f $APP_SMARTVPN ]; then + $APP_SMARTVPN off + fi + return 0 +} + +status() { + smartvpn_status=`uci get smartvpn.vpn.status 2>/dev/null` + echo "smartvpn status : $smartvpn_status" + if [ $smartvpn_status == "on" ]; then + return 0 + else + return 1 + fi +} + +off(){ + fw3lock="/var/run/fw3.lock" + trap "lock -u $fw3lock; exit 1" SIGHUP SIGINT SIGTERM + lock $fw3lock + + stop + + $set_smartvpn_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + + lock -u $fw3lock + return $? +} + +on(){ + + $set_smartvpn_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + + fw3lock="/var/run/fw3.lock" + trap "lock -u $fw3lock; exit 1" SIGHUP SIGINT SIGTERM + lock $fw3lock + + start + lock -u $fw3lock + + return 0 +} + diff --git a/squashfs-root/etc/init.d/soft_fast_path b/squashfs-root/etc/init.d/soft_fast_path new file mode 100755 index 0000000..7387334 --- /dev/null +++ b/squashfs-root/etc/init.d/soft_fast_path @@ -0,0 +1,120 @@ +#!/bin/sh /etc/rc.common + +START=99 + +SWITCH_PATH="/proc/xqfp/dbg_switch" +set_switch_on="uci set soft_fast_path.settings.enabled=1" +set_switch_off="uci set soft_fast_path.settings.enabled=0" +set_switch_commit="uci commit soft_fast_path" +REFERER_PATH="/proc/http_status/referer" +IPT="/usr/sbin/iptables -t mangle" +XQFP_CHAIN="xqfp_chain" +TCP_PROXY="/proc/sys/net/ipv4/tcp_proxy_switch" + +export EXTRA_COMMANDS=" on off start stop tcp_proxy_load tcp_proxy_unload fw_load fw_unload" +export EXTRA_HELP=" on Enable and start soft fast path + off Disable and stop soft fast path + start Start soft fast path + stop Stop soft fast path + tcp_proxy_load load tcp proxy rules + tcp_proxy_unload unload tcp proxy rules + fw_load firewall rules load" + + +tcp_proxy_load() { + (echo 1 > /proc/xqfp/tcp_proxy_enabled) &>/dev/null +} + +tcp_proxy_unload() { + (echo 0 > /proc/xqfp/tcp_proxy_enabled) &>/dev/null +} + +load_rules() { + $IPT -F $XQFP_CHAIN &>/dev/null + $IPT -D PREROUTING -j $XQFP_CHAIN &>/dev/null + + $IPT -N $XQFP_CHAIN &>/dev/null + $IPT -A $XQFP_CHAIN -m xqfp --mark 0x0/0x1 -m connmark ! --mark 0x0/0xffff0000 -j XQFP --set-mark 0x1/0x1 &>/dev/null + + if [ -f $TCP_PROXY ]; then + local swh + swh=`cat $TCP_PROXY` + if [ $swh -eq "1" ]; then + (echo 1 > /proc/xqfp/tcp_proxy_enabled) &>/dev/null + else + (echo 0 > /proc/xqfp/tcp_proxy_enabled) &>/dev/null + fi + else + (echo 0 > /proc/xqfp/tcp_proxy_enabled) &>/dev/null + fi + + $IPT -A PREROUTING -j $XQFP_CHAIN &>/dev/null +} + +unload_rules() { + $IPT -F $XQFP_CHAIN &>/dev/null + $IPT -D PREROUTING -j $XQFP_CHAIN &>/dev/null + $IPT -X $XQFP_CHAIN &>/dev/null +} + +fw_load() { + if [ -f $SWITCH_PATH ]; then + load_rules + fi +} + +fw_unload() { + unload_rules +} + +start() { + local switch + switch=`uci get soft_fast_path.settings.enabled -q` + if [ $switch -ne "1" ]; then + return 0 + fi + + if [ ! -f $SWITCH_PATH ]; then + insmod xqfastpath + fi + + trap "lock -u /var/run/fw3.lock; exit 1" SIGHUP SIGINT SIGTERM + lock /var/run/fw3.lock + load_rules + lock -u /var/run/fw3.lock + + if [ -f $SWITCH_PATH ]; then + echo "0" > $SWITCH_PATH + fi + + return 0 +} + +stop() { + if [ -f $SWITCH_PATH ]; then + echo "1" > $SWITCH_PATH + fi + + trap "lock -u /var/run/fw3.lock; exit 1" SIGHUP SIGINT SIGTERM + lock /var/run/fw3.lock + unload_rules + lock -u /var/run/fw3.lock + + return 0 +} + +off(){ + stop + $set_switch_off >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + return $? +} + +on(){ + $set_switch_on >/dev/null 2>&1 + $set_switch_commit >/dev/null 2>&1 + + start + return $? +} + diff --git a/squashfs-root/etc/init.d/softdog b/squashfs-root/etc/init.d/softdog new file mode 100755 index 0000000..2e726b1 --- /dev/null +++ b/squashfs-root/etc/init.d/softdog @@ -0,0 +1,42 @@ +#!/bin/sh /etc/rc.common + +START=99 +STOP=91 + +export PROCLINE="watchdog -t 5 -T 120 /dev/watchdog" +export PROCFLAG="watchdog -t 5 -T 120 /dev/watchdog" +export OOM_FLAG=0 + +start() { + status + if [ $? -eq "0" ]; then + return 0 + fi + + [ -e /dev/watchdog ] || return 0 + + /usr/sbin/supervisord start + return $? +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + nohup /usr/sbin/supervisord stop >/dev/null 2>&1 & + return $? +} + +status() { + /usr/sbin/supervisord status + return $? +} diff --git a/squashfs-root/etc/init.d/stat_points b/squashfs-root/etc/init.d/stat_points new file mode 100755 index 0000000..7e715e8 --- /dev/null +++ b/squashfs-root/etc/init.d/stat_points @@ -0,0 +1,32 @@ +#!/bin/sh /etc/rc.common +# +# This script is used for internal application traffic control +# + +START=99 +STOP=89 + +start() { + /usr/sbin/syslog-ng.helper & + tail -F /tmp/stat_points_rom.log /tmp/stat_points_web.log | grep "stat_points_instant" | /usr/sbin/stat_points.helper & + /usr/sbin/stat_points.cron & + + return 0 +} + + +stop() { + /usr/sbin/syslog_sync.sh + + return 0 +} + +restart() { + killall syslog-ng.helper + killall stat_points.cron + sleep 1 + pidof syslog-ng.helper >/dev/null && killall -9 syslog-ng.helper + pidof stat_points.cron >/dev/null && killall -9 stat_points.cron + sleep 1 + start +} diff --git a/squashfs-root/etc/init.d/sysapihttpd b/squashfs-root/etc/init.d/sysapihttpd new file mode 100755 index 0000000..3d29992 --- /dev/null +++ b/squashfs-root/etc/init.d/sysapihttpd @@ -0,0 +1,144 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2009-2012 OpenWrt.org + +START=21 +STOP=60 + +extraHelp=$(cat </dev/null 2>&1 + path_exit + return $ret +} + +start() { + path_init + + # start fcgi first + if ! startFcgi; then + return $? + fi + + . /usr/sbin/ngxld + #export command line for /usr/sbin/supervisord + export PROCLINE="${HTTPDLINE}" + export PROCFLAG="${HTTPDFLAG}" + export PROCNUM='1' + /usr/sbin/supervisord start + return $? +} + +reload() { + . /usr/sbin/ngxld + ${NGINX} -s reload +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +status() { + #export command line for /usr/sbin/supervisord + export PROCLINE="${FCGILINE}" + export PROCFLAG="${FCGIFLAG}" + /usr/sbin/supervisord status + fcgi=$? + export PROCLINE="${HTTPDLINE}" + export PROCFLAG="${HTTPDFLAG}" + /usr/sbin/supervisord status + test $? -eq 0 -a $fcgi -eq 0 && return 0 + return 1 +} + +stopFcgi() { + #export command line for /usr/sbin/supervisord + export PROCLINE="${FCGILINE}" + export PROCFLAG="${FCGIFLAG}" + /usr/sbin/supervisord stop + ret="$?" + killall -s 9 luci >/dev/null 2>&1 + return "$ret" +} + +startFcgi() { + export PROCLINE="${FCGILINE}" + export PROCFLAG="${FCGIFLAG}" + export PROCNUM="${fcgi_process}" + + /usr/sbin/supervisord start + isok=0 + for oneitem in 1 2 3 4 5 + do + /usr/sbin/supervisord status >/dev/null 2>&1 + if [ $? -ne 0 ] + then + sleep 1 + else + isok=1 + break + fi + done + if [ $isok -eq 0 ] + then + echo "WARNING: fcgi-cgi start failed." + fi + return $? +} + +restartFcgi() { + lockdir=/tmp/fcgilock + mkdir "$lockdir" + if [ $? -eq 0 ] + then + echo "Restarting fcgi" + trap 'rm -rf "$lockdir"' 0 + stopFcgi + sleep 1 + startFcgi + return $? + else + echo "Someone else is restarting fcgi" + sleep 5 + rm -rf "$lockdir" >/dev/null 2>&1 + echo "Remove $lockdir after 5 seconds" + fi +} +# diff --git a/squashfs-root/etc/init.d/sysctl b/squashfs-root/etc/init.d/sysctl new file mode 100755 index 0000000..7449a2a --- /dev/null +++ b/squashfs-root/etc/init.d/sysctl @@ -0,0 +1,11 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006 OpenWrt.org + +START=11 +start() { + [ -f /etc/sysctl.conf ] && sysctl -p -e >&- + [ -d /etc/sysctl.d ] && \ + for i in /etc/sysctl.d/*.conf; do + sysctl -e -p $i >&- + done +} diff --git a/squashfs-root/etc/init.d/syslog-ng b/squashfs-root/etc/init.d/syslog-ng new file mode 100755 index 0000000..b3337d8 --- /dev/null +++ b/squashfs-root/etc/init.d/syslog-ng @@ -0,0 +1,37 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +#01 is fstab +START=02 + +miwifi_crash_syslog_conf_init() { + KOPATH="/lib/modules/$(uname -r)/crash_syslog.ko" + [ -f "$KOPATH" ] || return 0 + + insmod "$KOPATH" + [ -e /proc/xiaoqiang/xq_syslog ] || return 0 + + # Has crash syslog capability. modify config + grep -q xq_syslog /etc/syslog-ng.conf + [ "$?" = "0" ] && return 0 + + cp /etc/syslog-ng-cs.conf /etc/syslog-ng.conf +} + +start() { + [ -f /etc/syslog-ng.conf ] || return 1 + + miwifi_crash_syslog_conf_init + + echo -1000 > /proc/$$/oom_score_adj + service_start /usr/sbin/syslog-ng + return $? +} + +stop() { + service_stop /usr/sbin/syslog-ng +} + +reload() { + service_reload /usr/sbin/syslog-ng +} diff --git a/squashfs-root/etc/init.d/taskmonitor b/squashfs-root/etc/init.d/taskmonitor new file mode 100755 index 0000000..ad73707 --- /dev/null +++ b/squashfs-root/etc/init.d/taskmonitor @@ -0,0 +1,34 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2009-2012 OpenWrt.org + +START=12 +STOP=99 + +start() { + ulimit -c unlimited + echo -1000 > /proc/$$/oom_score_adj + /usr/sbin/taskmonitorServer + /usr/sbin/taskmonitorDaemon -p "/usr/sbin/taskmonitorServer" -b "/usr/sbin/taskmonitorServer" + return 0 +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + return $? +} +status() { + echo "status" + return $? +} +# diff --git a/squashfs-root/etc/init.d/telnet b/squashfs-root/etc/init.d/telnet new file mode 100755 index 0000000..5bf93f1 --- /dev/null +++ b/squashfs-root/etc/init.d/telnet @@ -0,0 +1,13 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=40 + +start() { + service_start /usr/sbin/telnetd -l /bin/login.sh + return 0 +} + +stop() { + service_stop /usr/sbin/telnetd +} diff --git a/squashfs-root/etc/init.d/trafficd b/squashfs-root/etc/init.d/trafficd new file mode 100755 index 0000000..3aaaa94 --- /dev/null +++ b/squashfs-root/etc/init.d/trafficd @@ -0,0 +1,50 @@ +#!/bin/sh /etc/rc.common + +#for test, activate later +START=77 +SERVICE_DAEMONIZE=1 +SERVICE_USE_PID=1 +SERVICE_WRITE_PID=1 +SERVICE_MATCH_EXEC="" +SERVICE_DEBUG="" +SERVICE_QUIET="1" + +EXTRA_COMMANDS="/usr/sbin/trafficd" +EXECMD="/usr/sbin/trafficd" + +start() { + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + export PROCNUM='1' + /usr/sbin/supervisord start + [ -f /usr/sbin/http_info.sh ] && /usr/sbin/http_info.sh on + /etc/init.d/web_filter_record restart & + return $? +} + +stop() { + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord stop + return $? +} + +#running: 0, dead, 1, alive +is_running(){ + status +} + +#status: 0, in-actived, 1, actived +status(){ + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord status +} + +restart(){ + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord restart + [ -f /usr/sbin/http_info.sh ] && /usr/sbin/http_info.sh on + return $? +} diff --git a/squashfs-root/etc/init.d/ubus b/squashfs-root/etc/init.d/ubus new file mode 100755 index 0000000..3296ed9 --- /dev/null +++ b/squashfs-root/etc/init.d/ubus @@ -0,0 +1,16 @@ +#!/bin/sh /etc/rc.common + +START=11 + +SERVICE_DAEMONIZE=1 +SERVICE_WRITE_PID=1 + +start() { + echo -1000 > /proc/$$/oom_score_adj + renice -n-10 -p $$ + service_start /sbin/ubusd +} + +stop() { + service_stop /sbin/ubusd +} diff --git a/squashfs-root/etc/init.d/uhttpd b/squashfs-root/etc/init.d/uhttpd new file mode 100755 index 0000000..cf5c276 --- /dev/null +++ b/squashfs-root/etc/init.d/uhttpd @@ -0,0 +1,142 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2010 Jo-Philipp Wich + +START=50 + +SERVICE_DAEMONIZE=1 +SERVICE_WRITE_PID=1 + +UHTTPD_BIN="/usr/sbin/uhttpd" +PX5G_BIN="/usr/sbin/px5g" + +append_arg() { + local cfg="$1" + local var="$2" + local opt="$3" + local def="$4" + local val + + config_get val "$cfg" "$var" + [ -n "$val" -o -n "$def" ] && append UHTTPD_ARGS "$opt ${val:-$def}" +} + +append_bool() { + local cfg="$1" + local var="$2" + local opt="$3" + local def="$4" + local val + + config_get_bool val "$cfg" "$var" "$def" + [ "$val" = 1 ] && append UHTTPD_ARGS "$opt" +} + +generate_keys() { + local cfg="$1" + local key="$2" + local crt="$3" + local days bits country state location commonname + + config_get days "$cfg" days + config_get bits "$cfg" bits + config_get country "$cfg" country + config_get state "$cfg" state + config_get location "$cfg" location + config_get commonname "$cfg" commonname + + [ -x "$PX5G_BIN" ] && { + $PX5G_BIN selfsigned -der \ + -days ${days:-730} -newkey rsa:${bits:-1024} -keyout "$UHTTPD_KEY" -out "$UHTTPD_CERT" \ + -subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}" + } +} + +start_instance() +{ + UHTTPD_ARGS="" + UHTTPD_CERT="" + UHTTPD_KEY="" + + local cfg="$1" + local realm="$(uci_get system.@system[0].hostname)" + local listen http https interpreter indexes path + + append_arg "$cfg" home "-h" + append_arg "$cfg" realm "-r" "${realm:-OpenWrt}" + append_arg "$cfg" config "-c" + append_arg "$cfg" cgi_prefix "-x" + append_arg "$cfg" lua_prefix "-l" + append_arg "$cfg" lua_handler "-L" + append_arg "$cfg" script_timeout "-t" + append_arg "$cfg" network_timeout "-T" + append_arg "$cfg" tcp_keepalive "-A" + append_arg "$cfg" error_page "-E" + append_arg "$cfg" max_requests "-n" 3 + + append_bool "$cfg" no_symlinks "-S" 0 + append_bool "$cfg" no_dirlists "-D" 0 + append_bool "$cfg" rfc1918_filter "-R" 0 + + config_get http "$cfg" listen_http + for listen in $http; do + append UHTTPD_ARGS "-p $listen" + done + + config_get interpreter "$cfg" interpreter + for path in $interpreter; do + append UHTTPD_ARGS "-i $path" + done + + config_get indexes "$cfg" index_page + for path in $indexes; do + append UHTTPD_ARGS "-I $path" + done + + config_get https "$cfg" listen_https + config_get UHTTPD_KEY "$cfg" key /etc/uhttpd.key + config_get UHTTPD_CERT "$cfg" cert /etc/uhttpd.crt + + [ -n "$https" ] && { + [ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] || { + config_foreach generate_keys cert + } + + [ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] && { + append_arg "$cfg" cert "-C" + append_arg "$cfg" key "-K" + + for listen in $https; do + append UHTTPD_ARGS "-s $listen" + done + } + } + + SERVICE_PID_FILE=/var/run/uhttpd_${cfg}.pid + service_start $UHTTPD_BIN -f $UHTTPD_ARGS + + # Check if daemon is running, if not then + # re-execute in foreground to display error. + sleep 1 && service_check $UHTTPD_BIN || \ + $UHTTPD_BIN -f $UHTTPD_ARGS +} + +stop_instance() +{ + local cfg="$1" + + SERVICE_PID_FILE=/var/run/uhttpd_${cfg}.pid + service_stop $UHTTPD_BIN +} + +start() { + config_load misc + config_get use_uhttpd httpd uhttpd + [ $use_uhttpd -eq 0 ] && return 0 + config_load uhttpd + config_foreach start_instance uhttpd +} + +stop() { + config_load uhttpd + config_foreach stop_instance uhttpd +} diff --git a/squashfs-root/etc/init.d/umount b/squashfs-root/etc/init.d/umount new file mode 100755 index 0000000..66200e3 --- /dev/null +++ b/squashfs-root/etc/init.d/umount @@ -0,0 +1,10 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006 OpenWrt.org + +STOP=99 +stop() { + stat=`cat /proc/xiaoqiang/boot_status` + [ "$stat" = "2" ] || swapoff -a + sync +# umount -a -d -r -l +} diff --git a/squashfs-root/etc/init.d/web_filter_record b/squashfs-root/etc/init.d/web_filter_record new file mode 100755 index 0000000..eddfb6d --- /dev/null +++ b/squashfs-root/etc/init.d/web_filter_record @@ -0,0 +1,60 @@ +#!/bin/sh /etc/rc.common + +#for test, activate later + +EXTRA_COMMANDS="/usr/sbin/web_filter_record" +EXECMD="/usr/sbin/web_filter_record" + +start() { + count=10 + sleeptm=`cat /dev/urandom |head -c 30|md5sum | tr -d [0a-zA-Z- ] 2>/dev/null` + sleeptm=$((${sleeptm:0:8}%300)) + echo "INFO: random web filter start." + echo "sleep $sleeptm for web filter start" + sleep $sleeptm + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + export PROCNUM='1' + + while [ $count -ge 0 ] + do + /usr/bin/matool --method api_call --params /dsal/host_list > /tmp/web_config_list + if [ $? -eq 0 ] + then + /usr/sbin/supervisord start + return $? + else + count=`expr $count - 1` + sleep 60 + fi + done + + return 1 +} + +stop() { + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord stop + return $? +} + +#running: 0, dead, 1, alive +is_running() { + status +} + +#status: 0, in-actived, 1, actived +status(){ + export PROCLINE="${EXECMD}" + export PROCFLAG="${EXTRA_COMMANDS}" + /usr/sbin/supervisord status +} + +restart(){ + stop + sleep 1 + start + + return $? +} diff --git a/squashfs-root/etc/init.d/wifiradio b/squashfs-root/etc/init.d/wifiradio new file mode 100755 index 0000000..d93f48b --- /dev/null +++ b/squashfs-root/etc/init.d/wifiradio @@ -0,0 +1,24 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=18 + +start() { + + ft_mode=`cat /proc/xiaoqiang/ft_mode` + if [ "$ft_mode" != "1" ] + then + return 0 + fi + + wl1_radio_sw=`nvram get wl1_radio` + if [ "$wl1_radio_sw" = "0" ]; then + uci set wireless.mt7628.disabled=1 + uci commit wireless + fi + if [ "$wl1_radio_sw" = "1" ]; then + uci set wireless.mt7628.disabled=0 + uci commit wireless + fi +} + diff --git a/squashfs-root/etc/init.d/xl2tpd b/squashfs-root/etc/init.d/xl2tpd new file mode 100755 index 0000000..be98f41 --- /dev/null +++ b/squashfs-root/etc/init.d/xl2tpd @@ -0,0 +1,37 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2010 OpenWrt.org + +START=60 +DEFAULTDISABLE=true +EXECMD=/usr/sbin/xl2tpd +BIN=xl2tpd +DEFAULT=/etc/default/$BIN +RUN_D=/var/run +PID_F=$RUN_D/$BIN.pid +EXTRA_COMMANDS=" status " +SERVICE_USE_PID=1 +SERVICE_WRITE_PID=1 +SERVICE_QUIET="1" +SERVICE_MATCH_EXEC="" + +start() { + mkdir -p $RUN_D/$BIN + [ -f $DEFAULT ] && . $DEFAULT + $EXECMD $OPTIONS +} + +stop() { + [ -f $PID_F ] && kill $(cat $PID_F) +} + +status(){ + service_check ${EXECMD} + err=$? + if [ $err -eq 0 ]; then + echo "xl2tpd is running" + return 0 # is running + else + echo "xl2tpd is error[${err}]" + return $err # error + fi +} diff --git a/squashfs-root/etc/init.d/xqbc b/squashfs-root/etc/init.d/xqbc new file mode 100755 index 0000000..d721d41 --- /dev/null +++ b/squashfs-root/etc/init.d/xqbc @@ -0,0 +1,43 @@ +#!/bin/sh /etc/rc.common + +START=99 +#STOP=99 + +#export command line for /usr/sbin/supervisord +export PROCLINE='/usr/sbin/xqbc 988' +# + +export EXTRA_HELP=" status Status the service" +export EXTRA_COMMANDS="status" + +start() { + local wifimode + netmode=`uci -q -S get xiaoqiang.common.NETMODE` + if [ "$netmode" != "wifiapmode" -a "$netmode" != "lanapmode" ]; then + return 0 + fi + /usr/sbin/supervisord start + return $? +} + +restart() { + stop + sleep 1 + start + return $? +} + +shutdown() { + stop + return $? +} + +stop() { + /usr/sbin/supervisord stop + return $? +} +status() { + /usr/sbin/supervisord status + return $? +} +# diff --git a/squashfs-root/etc/inittab b/squashfs-root/etc/inittab new file mode 100755 index 0000000..717505b --- /dev/null +++ b/squashfs-root/etc/inittab @@ -0,0 +1,3 @@ +::sysinit:/etc/init.d/rcS S boot +::shutdown:/etc/init.d/rcS K shutdown +ttyS1::askfirst:/bin/ash --login diff --git a/squashfs-root/etc/iproute2/rt_tables b/squashfs-root/etc/iproute2/rt_tables new file mode 100644 index 0000000..c6f5882 --- /dev/null +++ b/squashfs-root/etc/iproute2/rt_tables @@ -0,0 +1,12 @@ +# +# reserved values +# +255 local +254 main +253 default +252 vpn +0 unspec +# +# local +# +#1 inr.ruhep diff --git a/squashfs-root/etc/iwevent.d/01-feedpush.sh b/squashfs-root/etc/iwevent.d/01-feedpush.sh new file mode 100755 index 0000000..661783e --- /dev/null +++ b/squashfs-root/etc/iwevent.d/01-feedpush.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +authorize=`uci get misc.iwevent.authorize` + +if [ "$authorize" = "1" ]; then + [ "$ACTION" = "AUTHORIZE" ] && [ -n "$STA" ] && { + feedPush "{\"type\":1,\"data\":{\"mac\":\"$STA\",\"dev\":\"$DEVNAME\"}}" + } +else + [ "$ACTION" = "ASSOC" ] && [ -n "$STA" ] && { + feedPush "{\"type\":1,\"data\":{\"mac\":\"$STA\",\"dev\":\"$DEVNAME\"}}" + } +fi + +[ "$ACTION" = "DISASSOC" ] && [ -n "$STA" ] && { + feedPush "{\"type\":2,\"data\":{\"mac\":\"$STA\",\"dev\":\"$DEVNAME\"}}" +} + +[ "$ACTION" = "MIC_DIFF" ] && [ -n "$STA" ] && { + feedPush "{\"type\":14,\"data\":{\"mac\":\"$STA\",\"dev\":\"$DEVNAME\"}}" +} + +[ "$ACTION" = "BLACKLISTED" ] && [ -n "$STA" ] && { + feedPush "{\"type\":15,\"data\":{\"mac\":\"$STA\",\"dev\":\"$DEVNAME\"}}" +} diff --git a/squashfs-root/etc/iwevent.d/03-wireless-dev-event.sh b/squashfs-root/etc/iwevent.d/03-wireless-dev-event.sh new file mode 100755 index 0000000..ef9c71d --- /dev/null +++ b/squashfs-root/etc/iwevent.d/03-wireless-dev-event.sh @@ -0,0 +1,29 @@ +#!/bin/sh +qosflag=`uci get miqos.settings.enabled 2>/dev/null` +[ "$qosflag" -ne "1" ] && return 0 + +[ -n "$STA" ] && { + [ "$ACTION" = "ASSOC" ] && { + #/etc/init.d/miqos device_in $STA + { + flock -e -n 200 + if [ "$?" -ne "1" ]; then + /usr/sbin/miqosc device_in $STA + fi + } 200<>"/tmp/wireless_dev_event.lock" + } + + [ "$ACTION" = "DISASSOC" ] && { + #/etc/init.d/miqos device_out $STA + { + flock -e -n 200 + if [ "$?" -ne "1" ]; then + /usr/sbin/miqosc device_out $STA + fi + } 200<>"/tmp/wireless_dev_event.lock" + } + +} + +return 0 + diff --git a/squashfs-root/etc/iwevent.d/77-trafficd.sh b/squashfs-root/etc/iwevent.d/77-trafficd.sh new file mode 100755 index 0000000..7ec3b08 --- /dev/null +++ b/squashfs-root/etc/iwevent.d/77-trafficd.sh @@ -0,0 +1,9 @@ +[ "$ACTION" = "DISASSOC" ] && [ -n "$STA" ] && { + /usr/bin/matool --method reportEvents --params "[ { \"eventID\": 0, \"mac\": \"$STA\", \"ip\": \"\", \"payload\": \"\" } ]" + logger -p warn -t trafficd '/usr/bin/matool --method reportEvents --params ' "[ { \"eventID\": 0, \"mac\": \"$STA\", \"ip\": \"\", \"payload\": \"\" } ]" +} + +[ "$ACTION" = "ASSOC" -o "$ACTION" = "AUTHORIZE" ] && [ -n "$STA" ] && { + /usr/bin/matool --method reportEvents --params "[ { \"eventID\": 1, \"mac\": \"$STA\", \"ip\": \"\", \"payload\": \"\" } ]" + logger -p warn -t trafficd '/usr/bin/matool --method reportEvents --params ' "[ { \"eventID\": 1, \"mac\": \"$STA\", \"ip\": \"\", \"payload\": \"\" } ]" +} diff --git a/squashfs-root/etc/linux_version b/squashfs-root/etc/linux_version new file mode 100755 index 0000000..a9ec62b --- /dev/null +++ b/squashfs-root/etc/linux_version @@ -0,0 +1 @@ +2.6.36ralink diff --git a/squashfs-root/etc/modules.d/20-lib-crc-itu-t b/squashfs-root/etc/modules.d/20-lib-crc-itu-t new file mode 100644 index 0000000..febe477 --- /dev/null +++ b/squashfs-root/etc/modules.d/20-lib-crc-itu-t @@ -0,0 +1 @@ +crc-itu-t diff --git a/squashfs-root/etc/modules.d/30-ppp b/squashfs-root/etc/modules.d/30-ppp new file mode 100644 index 0000000..892260e --- /dev/null +++ b/squashfs-root/etc/modules.d/30-ppp @@ -0,0 +1 @@ +ppp_async diff --git a/squashfs-root/etc/modules.d/32-sched b/squashfs-root/etc/modules.d/32-sched new file mode 100644 index 0000000..45f4394 --- /dev/null +++ b/squashfs-root/etc/modules.d/32-sched @@ -0,0 +1,3 @@ +cls_basic +sch_red +sch_sfq diff --git a/squashfs-root/etc/modules.d/39-gre b/squashfs-root/etc/modules.d/39-gre new file mode 100644 index 0000000..d4c897c --- /dev/null +++ b/squashfs-root/etc/modules.d/39-gre @@ -0,0 +1 @@ +ip_gre diff --git a/squashfs-root/etc/modules.d/40-ipt-core b/squashfs-root/etc/modules.d/40-ipt-core new file mode 100644 index 0000000..b6a3d5a --- /dev/null +++ b/squashfs-root/etc/modules.d/40-ipt-core @@ -0,0 +1,6 @@ +xt_limit +xt_mac +xt_multiport +xt_comment +xt_time +xt_mark diff --git a/squashfs-root/etc/modules.d/40-libphy b/squashfs-root/etc/modules.d/40-libphy new file mode 100644 index 0000000..74d5eb1 --- /dev/null +++ b/squashfs-root/etc/modules.d/40-libphy @@ -0,0 +1 @@ +libphy diff --git a/squashfs-root/etc/modules.d/41-ipt-conntrack b/squashfs-root/etc/modules.d/41-ipt-conntrack new file mode 100644 index 0000000..c18f63f --- /dev/null +++ b/squashfs-root/etc/modules.d/41-ipt-conntrack @@ -0,0 +1 @@ +xt_conntrack diff --git a/squashfs-root/etc/modules.d/42-ip6tables b/squashfs-root/etc/modules.d/42-ip6tables new file mode 100644 index 0000000..a3a15e1 --- /dev/null +++ b/squashfs-root/etc/modules.d/42-ip6tables @@ -0,0 +1,7 @@ +nf_defrag_ipv6 +nf_conntrack_ipv6 +ip6_tables +ip6table_filter +ip6table_mangle +ip6table_raw +ip6t_REJECT diff --git a/squashfs-root/etc/modules.d/42-ipt-conntrack-extra b/squashfs-root/etc/modules.d/42-ipt-conntrack-extra new file mode 100644 index 0000000..bea6184 --- /dev/null +++ b/squashfs-root/etc/modules.d/42-ipt-conntrack-extra @@ -0,0 +1,2 @@ +xt_connbytes +xt_recent diff --git a/squashfs-root/etc/modules.d/43-ip6tables-extra b/squashfs-root/etc/modules.d/43-ip6tables-extra new file mode 100644 index 0000000..464cc88 --- /dev/null +++ b/squashfs-root/etc/modules.d/43-ip6tables-extra @@ -0,0 +1,7 @@ +ip6t_ipv6header +ip6t_ah +ip6t_mh +ip6t_eui64 +ip6t_hbh +ip6t_frag +ip6t_rt diff --git a/squashfs-root/etc/modules.d/45-ipt-compat-xtables b/squashfs-root/etc/modules.d/45-ipt-compat-xtables new file mode 100644 index 0000000..35b8200 --- /dev/null +++ b/squashfs-root/etc/modules.d/45-ipt-compat-xtables @@ -0,0 +1 @@ +compat_xtables diff --git a/squashfs-root/etc/modules.d/45-ipt-nathelper b/squashfs-root/etc/modules.d/45-ipt-nathelper new file mode 100644 index 0000000..be00f95 --- /dev/null +++ b/squashfs-root/etc/modules.d/45-ipt-nathelper @@ -0,0 +1,2 @@ +nf_conntrack_irc +nf_nat_irc diff --git a/squashfs-root/etc/modules.d/46-ipt-flowMARK b/squashfs-root/etc/modules.d/46-ipt-flowMARK new file mode 100644 index 0000000..4602295 --- /dev/null +++ b/squashfs-root/etc/modules.d/46-ipt-flowMARK @@ -0,0 +1 @@ +xt_flowMARK diff --git a/squashfs-root/etc/modules.d/46-ipt-ip4mark b/squashfs-root/etc/modules.d/46-ipt-ip4mark new file mode 100644 index 0000000..f9c73b4 --- /dev/null +++ b/squashfs-root/etc/modules.d/46-ipt-ip4mark @@ -0,0 +1 @@ +xt_IP4MARK diff --git a/squashfs-root/etc/modules.d/48-ip6_tables b/squashfs-root/etc/modules.d/48-ip6_tables new file mode 100644 index 0000000..e14bb90 --- /dev/null +++ b/squashfs-root/etc/modules.d/48-ip6_tables @@ -0,0 +1 @@ +ip6_tables diff --git a/squashfs-root/etc/modules.d/49-ip6t_REJECT b/squashfs-root/etc/modules.d/49-ip6t_REJECT new file mode 100644 index 0000000..223feab --- /dev/null +++ b/squashfs-root/etc/modules.d/49-ip6t_REJECT @@ -0,0 +1 @@ +ip6t_REJECT diff --git a/squashfs-root/etc/modules.d/49-ip6table_filter b/squashfs-root/etc/modules.d/49-ip6table_filter new file mode 100644 index 0000000..3db1328 --- /dev/null +++ b/squashfs-root/etc/modules.d/49-ip6table_filter @@ -0,0 +1 @@ +ip6table_filter diff --git a/squashfs-root/etc/modules.d/49-ipt-ipset b/squashfs-root/etc/modules.d/49-ipt-ipset new file mode 100644 index 0000000..bcd4ae2 --- /dev/null +++ b/squashfs-root/etc/modules.d/49-ipt-ipset @@ -0,0 +1,5 @@ +ip_set +ip_set_hash_ip +ip_set_hash_ipport +ip_set_hash_net +xt_set diff --git a/squashfs-root/etc/modules.d/77-ipaccount2 b/squashfs-root/etc/modules.d/77-ipaccount2 new file mode 100644 index 0000000..e78a198 --- /dev/null +++ b/squashfs-root/etc/modules.d/77-ipaccount2 @@ -0,0 +1 @@ +ip_account diff --git a/squashfs-root/etc/modules.d/90-dev_redirect b/squashfs-root/etc/modules.d/90-dev_redirect new file mode 100644 index 0000000..029a920 --- /dev/null +++ b/squashfs-root/etc/modules.d/90-dev_redirect @@ -0,0 +1 @@ +dev_redirect diff --git a/squashfs-root/etc/modules.d/90-mt7628 b/squashfs-root/etc/modules.d/90-mt7628 new file mode 100644 index 0000000..0ef7d9a --- /dev/null +++ b/squashfs-root/etc/modules.d/90-mt7628 @@ -0,0 +1 @@ +mt7628 diff --git a/squashfs-root/etc/mtab b/squashfs-root/etc/mtab new file mode 120000 index 0000000..4c0a094 --- /dev/null +++ b/squashfs-root/etc/mtab @@ -0,0 +1 @@ +/proc/mounts \ No newline at end of file diff --git a/squashfs-root/etc/passwd b/squashfs-root/etc/passwd new file mode 100755 index 0000000..1d06a80 --- /dev/null +++ b/squashfs-root/etc/passwd @@ -0,0 +1,5 @@ +root:x:0:0:root:/root:/bin/ash +daemon:*:1:1:daemon:/var:/bin/false +ftp:*:55:55:ftp:/home/ftp:/bin/false +network:*:101:101:network:/var:/bin/false +nobody:*:65534:65534:nobody:/var:/bin/false diff --git a/squashfs-root/etc/ppp/chap-secrets b/squashfs-root/etc/ppp/chap-secrets new file mode 100644 index 0000000..6ab76e4 --- /dev/null +++ b/squashfs-root/etc/ppp/chap-secrets @@ -0,0 +1 @@ +#USERNAME PROVIDER PASSWORD IPADDRESS diff --git a/squashfs-root/etc/ppp/filter b/squashfs-root/etc/ppp/filter new file mode 100644 index 0000000..ec72a81 --- /dev/null +++ b/squashfs-root/etc/ppp/filter @@ -0,0 +1,23 @@ +# +# Expression: outbound and not icmp[0] != 8 and not tcp[13] & 4 != 0 +# +19 +48 0 0 0 +21 0 16 1 +40 0 0 2 +21 0 13 33 +48 0 0 13 +21 0 5 1 +40 0 0 10 +69 9 0 8191 +177 0 0 4 +80 0 0 4 +21 6 7 8 +21 0 5 6 +40 0 0 10 +69 3 0 8191 +177 0 0 4 +80 0 0 17 +69 1 0 4 +6 0 0 4 +6 0 0 0 diff --git a/squashfs-root/etc/ppp/ip-up.d/02-special_dial b/squashfs-root/etc/ppp/ip-up.d/02-special_dial new file mode 100755 index 0000000..b6f225d --- /dev/null +++ b/squashfs-root/etc/ppp/ip-up.d/02-special_dial @@ -0,0 +1,7 @@ +#!/bin/sh + +special='/tmp/state/pppoe_special' +[ -f "$special" ] && { + specdial=$(cat "$special") + logger stat_points_none "specdial=no_$specdial" +} \ No newline at end of file diff --git a/squashfs-root/etc/ppp/ip-up.d/mark-ppp-succ b/squashfs-root/etc/ppp/ip-up.d/mark-ppp-succ new file mode 100755 index 0000000..9e114b4 --- /dev/null +++ b/squashfs-root/etc/ppp/ip-up.d/mark-ppp-succ @@ -0,0 +1,21 @@ +#!/usr/bin/env lua + +local uci = require("luci.model.uci").cursor() +local crypto = require("xiaoqiang.util.XQCryptoUtil") +local name = uci:get("network", "wan", "username") +local password = uci:get("network", "wan", "password") + +if name and password then + local key = crypto.md5Str(name..password) + local value = uci:get_all("xiaoqiang", key) + if value then + uci:set("xiaoqiang", key, "status", "1") + else + uci:section("xiaoqiang", key, { + ["username"] = name, + ["password"] = password, + ["status"] = 1 + }) + end + uci:commit("xiaoqiang") +end \ No newline at end of file diff --git a/squashfs-root/etc/ppp/options b/squashfs-root/etc/ppp/options new file mode 100644 index 0000000..a59ac71 --- /dev/null +++ b/squashfs-root/etc/ppp/options @@ -0,0 +1,15 @@ +logfile /tmp/pppoe.log +noipdefault +noaccomp +nopcomp +nocrtscts +lock +maxfail 0 +lcp-echo-failure 3 +lcp-echo-interval 10 +lcp-echo-adaptive +lcp-max-terminate 1 + ++ipv6 +ipv6 , + diff --git a/squashfs-root/etc/ppp/options.pptp b/squashfs-root/etc/ppp/options.pptp new file mode 100644 index 0000000..46a3f48 --- /dev/null +++ b/squashfs-root/etc/ppp/options.pptp @@ -0,0 +1,7 @@ +noipdefault +noauth +nobsdcomp +nodeflate +idle 0 +mppe required,no40,no56,stateless +maxfail 0 diff --git a/squashfs-root/etc/ppp/options.xl2tpd b/squashfs-root/etc/ppp/options.xl2tpd new file mode 100644 index 0000000..f0fc4f4 --- /dev/null +++ b/squashfs-root/etc/ppp/options.xl2tpd @@ -0,0 +1,13 @@ +# + +lock +noauth +debug +dump +logfd 2 +logfile /var/log/xl2tpd.log +noccp +novj +novjccomp +nopcomp +noaccomp diff --git a/squashfs-root/etc/ppp/ppp.d/none b/squashfs-root/etc/ppp/ppp.d/none new file mode 100755 index 0000000..46190bb --- /dev/null +++ b/squashfs-root/etc/ppp/ppp.d/none @@ -0,0 +1,13 @@ +#!/bin/sh +PPP_IPPARAM="$6" +. /lib/netifd/netifd-proto.sh +proto_init_update "$IFNAME" 1 1 +proto_set_keep 1 +[ -n "$PPP_IPPARAM" ] && { + [ -n "$IPLOCAL" ] && proto_add_ipv4_address "$IPLOCAL" 32 "" "${IPREMOTE:-2.2.2.2}" + [ -n "$IPREMOTE" ] && unset $IPREMOTE + [ -n "$LLLOCAL" ] && proto_add_ipv6_address "$LLLOCAL" 128 + [ -n "$DNS1" ] && unset $DNS1 + [ -n "$DNS2" ] && unset $DNS2 +} +proto_send_update "$PPP_IPPARAM" diff --git a/squashfs-root/etc/ppp/ppp.d/vpn-up b/squashfs-root/etc/ppp/ppp.d/vpn-up new file mode 100755 index 0000000..ba0badd --- /dev/null +++ b/squashfs-root/etc/ppp/ppp.d/vpn-up @@ -0,0 +1,13 @@ +#!/bin/sh +PPP_IPPARAM="$6" +. /lib/netifd/netifd-proto.sh +proto_init_update "$IFNAME" 1 1 +proto_set_keep 1 +[ -n "$PPP_IPPARAM" ] && { + [ -n "$IPLOCAL" ] && proto_add_ipv4_address "$IPLOCAL" 32 "" "${IPREMOTE:-2.2.2.2}" + [ -n "$IPREMOTE" ] && unset $IPREMOTE + [ -n "$LLLOCAL" ] && proto_add_ipv6_address "$LLLOCAL" 128 + [ -n "$DNS1" ] && proto_add_dns_server "$DNS1" + [ -n "$DNS2" -a "$DNS1" != "$DNS2" ] && proto_add_dns_server "$DNS2" +} +proto_send_update "$PPP_IPPARAM" diff --git a/squashfs-root/etc/ppp/pppoe-server-options b/squashfs-root/etc/ppp/pppoe-server-options new file mode 100644 index 0000000..b442db4 --- /dev/null +++ b/squashfs-root/etc/ppp/pppoe-server-options @@ -0,0 +1,6 @@ +# PPP options for the PPPoE server +# LIC: GPL +require-pap +login +lcp-echo-interval 10 +lcp-echo-failure 2 diff --git a/squashfs-root/etc/ppp/resolv.conf b/squashfs-root/etc/ppp/resolv.conf new file mode 120000 index 0000000..e72f903 --- /dev/null +++ b/squashfs-root/etc/ppp/resolv.conf @@ -0,0 +1 @@ +/tmp/resolv.conf.ppp \ No newline at end of file diff --git a/squashfs-root/etc/profile b/squashfs-root/etc/profile new file mode 100755 index 0000000..171adc1 --- /dev/null +++ b/squashfs-root/etc/profile @@ -0,0 +1,15 @@ +#!/bin/sh +[ -f /etc/banner ] && cat /etc/banner + +export PATH=/bin:/sbin:/usr/bin:/usr/sbin +export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6) +export HOME=${HOME:-/root} +export PS1='\u@\h:\w\$ ' + +[ -x /bin/more ] || alias more=less +[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi + +[ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc + +[ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; } +[ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; } diff --git a/squashfs-root/etc/protocols b/squashfs-root/etc/protocols new file mode 100755 index 0000000..53fecb6 --- /dev/null +++ b/squashfs-root/etc/protocols @@ -0,0 +1,56 @@ +# Internet (IP) protocols +# +# Updated from http://www.iana.org/assignments/protocol-numbers and other +# sources. +# New protocols will be added on request if they have been officially +# assigned by IANA and are not historical. +# If you need a huge list of used numbers please install the nmap package. + +ip 0 IP # internet protocol, pseudo protocol number +#hopopt 0 HOPOPT # IPv6 Hop-by-Hop Option [RFC1883] +icmp 1 ICMP # internet control message protocol +igmp 2 IGMP # Internet Group Management +ggp 3 GGP # gateway-gateway protocol +ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'') +st 5 ST # ST datagram mode +tcp 6 TCP # transmission control protocol +egp 8 EGP # exterior gateway protocol +igp 9 IGP # any private interior gateway (Cisco) +pup 12 PUP # PARC universal packet protocol +udp 17 UDP # user datagram protocol +hmp 20 HMP # host monitoring protocol +xns-idp 22 XNS-IDP # Xerox NS IDP +rdp 27 RDP # "reliable datagram" protocol +iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 [RFC905] +xtp 36 XTP # Xpress Transfer Protocol +ddp 37 DDP # Datagram Delivery Protocol +idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport +ipv6 41 IPv6 # Internet Protocol, version 6 +ipv6-route 43 IPv6-Route # Routing Header for IPv6 +ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 +idrp 45 IDRP # Inter-Domain Routing Protocol +rsvp 46 RSVP # Reservation Protocol +gre 47 GRE # General Routing Encapsulation +esp 50 IPSEC-ESP # Encap Security Payload [RFC2046] +ah 51 IPSEC-AH # Authentication Header [RFC2402] +skip 57 SKIP # SKIP +ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 +ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 +ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 +rspf 73 RSPF CPHB # Radio Shortest Path First (officially CPHB) +vmtp 81 VMTP # Versatile Message Transport +eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco) +ospf 89 OSPFIGP # Open Shortest Path First IGP +ax.25 93 AX.25 # AX.25 frames +ipip 94 IPIP # IP-within-IP Encapsulation Protocol +etherip 97 ETHERIP # Ethernet-within-IP Encapsulation [RFC3378] +encap 98 ENCAP # Yet Another IP encapsulation [RFC1241] +# 99 # any private encryption scheme +pim 103 PIM # Protocol Independent Multicast +ipcomp 108 IPCOMP # IP Payload Compression Protocol +vrrp 112 VRRP # Virtual Router Redundancy Protocol +l2tp 115 L2TP # Layer Two Tunneling Protocol [RFC2661] +isis 124 ISIS # IS-IS over IPv4 +sctp 132 SCTP # Stream Control Transmission Protocol +fc 133 FC # Fibre Channel + diff --git a/squashfs-root/etc/rc.common b/squashfs-root/etc/rc.common new file mode 100755 index 0000000..1d8afef --- /dev/null +++ b/squashfs-root/etc/rc.common @@ -0,0 +1,92 @@ +#!/bin/sh +# Copyright (C) 2006-2012 OpenWrt.org + +. $IPKG_INSTROOT/lib/functions.sh +. $IPKG_INSTROOT/lib/functions/service.sh + +initscript=$1 +action=${2:-help} +shift 2 + +start() { + return 0 +} + +stop() { + return 0 +} + +reload() { + return 1 +} + +restart() { + trap '' TERM + stop "$@" + start "$@" +} + +boot() { + start "$@" +} + +shutdown() { + stop +} + +disable() { + name="$(basename "${initscript}")" + rm -f "$IPKG_INSTROOT"/etc/rc.d/S??$name + rm -f "$IPKG_INSTROOT"/etc/rc.d/K??$name +} + +enable() { + name="$(basename "${initscript}")" + disable + [ -n "$START" -o -n "$STOP" ] || { + echo "/etc/init.d/$name does not have a START or STOP value" + return 1 + } + [ "$START" ] && ln -s "../init.d/$name" "$IPKG_INSTROOT/etc/rc.d/S${START}${name##S[0-9][0-9]}" + [ "$STOP" ] && ln -s "../init.d/$name" "$IPKG_INSTROOT/etc/rc.d/K${STOP}${name##K[0-9][0-9]}" + [ "$DEFAULTDISABLE" = "true" -a -n "$IPKG_INSTROOT" ] && disable +} + +enabled() { + name="$(basename "${initscript}")" + [ -x "$IPKG_INSTROOT/etc/rc.d/S${START}${name##S[0-9][0-9]}" ] +} + +depends() { + return 0 +} + +help() { + cat <sysapi http server +

+

you should not reach here

\ No newline at end of file diff --git a/squashfs-root/etc/sysapihttpd/htdocs/miwifi.html b/squashfs-root/etc/sysapihttpd/htdocs/miwifi.html new file mode 100644 index 0000000..52d8032 --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/htdocs/miwifi.html @@ -0,0 +1,8 @@ + + +Welcome to MiWiFi! + + +

Welcome to MiWiFi!

+ + diff --git a/squashfs-root/etc/sysapihttpd/init b/squashfs-root/etc/sysapihttpd/init new file mode 100755 index 0000000..514599b --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/init @@ -0,0 +1,4 @@ +#!/bin/sh + +FCGI_CONNECTION=4 +FCGI_NUM=2 diff --git a/squashfs-root/etc/sysapihttpd/koi-utf b/squashfs-root/etc/sysapihttpd/koi-utf new file mode 100644 index 0000000..e7974ff --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/koi-utf @@ -0,0 +1,109 @@ + +# This map is not a full koi8-r <> utf8 map: it does not contain +# box-drawing and some other characters. Besides this map contains +# several koi8-u and Byelorussian letters which are not in koi8-r. +# If you need a full and standard map, use contrib/unicode2nginx/koi-utf +# map instead. + +charset_map koi8-r utf-8 { + + 80 E282AC ; # euro + + 95 E280A2 ; # bullet + + 9A C2A0 ; #   + + 9E C2B7 ; # · + + A3 D191 ; # small yo + A4 D194 ; # small Ukrainian ye + + A6 D196 ; # small Ukrainian i + A7 D197 ; # small Ukrainian yi + + AD D291 ; # small Ukrainian soft g + AE D19E ; # small Byelorussian short u + + B0 C2B0 ; # ° + + B3 D081 ; # capital YO + B4 D084 ; # capital Ukrainian YE + + B6 D086 ; # capital Ukrainian I + B7 D087 ; # capital Ukrainian YI + + B9 E28496 ; # numero sign + + BD D290 ; # capital Ukrainian soft G + BE D18E ; # capital Byelorussian short U + + BF C2A9 ; # (C) + + C0 D18E ; # small yu + C1 D0B0 ; # small a + C2 D0B1 ; # small b + C3 D186 ; # small ts + C4 D0B4 ; # small d + C5 D0B5 ; # small ye + C6 D184 ; # small f + C7 D0B3 ; # small g + C8 D185 ; # small kh + C9 D0B8 ; # small i + CA D0B9 ; # small j + CB D0BA ; # small k + CC D0BB ; # small l + CD D0BC ; # small m + CE D0BD ; # small n + CF D0BE ; # small o + + D0 D0BF ; # small p + D1 D18F ; # small ya + D2 D180 ; # small r + D3 D181 ; # small s + D4 D182 ; # small t + D5 D183 ; # small u + D6 D0B6 ; # small zh + D7 D0B2 ; # small v + D8 D18C ; # small soft sign + D9 D18B ; # small y + DA D0B7 ; # small z + DB D188 ; # small sh + DC D18D ; # small e + DD D189 ; # small shch + DE D187 ; # small ch + DF D18A ; # small hard sign + + E0 D0AE ; # capital YU + E1 D090 ; # capital A + E2 D091 ; # capital B + E3 D0A6 ; # capital TS + E4 D094 ; # capital D + E5 D095 ; # capital YE + E6 D0A4 ; # capital F + E7 D093 ; # capital G + E8 D0A5 ; # capital KH + E9 D098 ; # capital I + EA D099 ; # capital J + EB D09A ; # capital K + EC D09B ; # capital L + ED D09C ; # capital M + EE D09D ; # capital N + EF D09E ; # capital O + + F0 D09F ; # capital P + F1 D0AF ; # capital YA + F2 D0A0 ; # capital R + F3 D0A1 ; # capital S + F4 D0A2 ; # capital T + F5 D0A3 ; # capital U + F6 D096 ; # capital ZH + F7 D092 ; # capital V + F8 D0AC ; # capital soft sign + F9 D0AB ; # capital Y + FA D097 ; # capital Z + FB D0A8 ; # capital SH + FC D0AD ; # capital E + FD D0A9 ; # capital SHCH + FE D0A7 ; # capital CH + FF D0AA ; # capital hard sign +} diff --git a/squashfs-root/etc/sysapihttpd/koi-win b/squashfs-root/etc/sysapihttpd/koi-win new file mode 100644 index 0000000..72afabe --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/koi-win @@ -0,0 +1,103 @@ + +charset_map koi8-r windows-1251 { + + 80 88 ; # euro + + 95 95 ; # bullet + + 9A A0 ; #   + + 9E B7 ; # · + + A3 B8 ; # small yo + A4 BA ; # small Ukrainian ye + + A6 B3 ; # small Ukrainian i + A7 BF ; # small Ukrainian yi + + AD B4 ; # small Ukrainian soft g + AE A2 ; # small Byelorussian short u + + B0 B0 ; # ° + + B3 A8 ; # capital YO + B4 AA ; # capital Ukrainian YE + + B6 B2 ; # capital Ukrainian I + B7 AF ; # capital Ukrainian YI + + B9 B9 ; # numero sign + + BD A5 ; # capital Ukrainian soft G + BE A1 ; # capital Byelorussian short U + + BF A9 ; # (C) + + C0 FE ; # small yu + C1 E0 ; # small a + C2 E1 ; # small b + C3 F6 ; # small ts + C4 E4 ; # small d + C5 E5 ; # small ye + C6 F4 ; # small f + C7 E3 ; # small g + C8 F5 ; # small kh + C9 E8 ; # small i + CA E9 ; # small j + CB EA ; # small k + CC EB ; # small l + CD EC ; # small m + CE ED ; # small n + CF EE ; # small o + + D0 EF ; # small p + D1 FF ; # small ya + D2 F0 ; # small r + D3 F1 ; # small s + D4 F2 ; # small t + D5 F3 ; # small u + D6 E6 ; # small zh + D7 E2 ; # small v + D8 FC ; # small soft sign + D9 FB ; # small y + DA E7 ; # small z + DB F8 ; # small sh + DC FD ; # small e + DD F9 ; # small shch + DE F7 ; # small ch + DF FA ; # small hard sign + + E0 DE ; # capital YU + E1 C0 ; # capital A + E2 C1 ; # capital B + E3 D6 ; # capital TS + E4 C4 ; # capital D + E5 C5 ; # capital YE + E6 D4 ; # capital F + E7 C3 ; # capital G + E8 D5 ; # capital KH + E9 C8 ; # capital I + EA C9 ; # capital J + EB CA ; # capital K + EC CB ; # capital L + ED CC ; # capital M + EE CD ; # capital N + EF CE ; # capital O + + F0 CF ; # capital P + F1 DF ; # capital YA + F2 D0 ; # capital R + F3 D1 ; # capital S + F4 D2 ; # capital T + F5 D3 ; # capital U + F6 C6 ; # capital ZH + F7 C2 ; # capital V + F8 DC ; # capital soft sign + F9 DB ; # capital Y + FA C7 ; # capital Z + FB D8 ; # capital SH + FC DD ; # capital E + FD D9 ; # capital SHCH + FE D7 ; # capital CH + FF DA ; # capital hard sign +} diff --git a/squashfs-root/etc/sysapihttpd/mime.types b/squashfs-root/etc/sysapihttpd/mime.types new file mode 100644 index 0000000..f2c575f --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/mime.types @@ -0,0 +1,89 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + image/svg+xml svg svgz; + image/webp webp; + + application/font-woff woff; + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.wap.wmlc wmlc; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + application/vnd.android.package-archive apk; + + application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; + application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/vnd.rn-realvideo rmvb; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/squashfs-root/etc/sysapihttpd/miwifi-webinitrd.conf b/squashfs-root/etc/sysapihttpd/miwifi-webinitrd.conf new file mode 100644 index 0000000..8110638 --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/miwifi-webinitrd.conf @@ -0,0 +1,185 @@ + # + set $target_upstream "unknow-http-host"; + # + if ($http_host) { + set $target_upstream $http_host; + } + # + if ($http_host = "www.miwifi.com"){ + # + rewrite ^(.*)$ http://miwifi.com? break; + # + } + # xiaoqiang doesn't act as htp server + if ($http_host = "htp.miwifi.com"){ + # close connection directly, without response + return 444; + } + # block the pop-up portal window + if ($request_uri = "/generate_204"){ + return 204; + } + if ($request_uri = "/connecttest.txt"){ + return 200; + } + #if ($request_uri = "/hotspot-detect.html"){ + if ($http_host = "captive.apple.com"){ + return 200; + } + # + # + set $isluci "0"; + # + set $canproxy "0"; + # + set $finalvar ""; + set $is_intercept 0; # 1 indicate true + # + # 0.0.0.1:65535 no avaible + # + if ($server_port != "8098"){ + # + #it is NOT REDIRECT from WEBINITRDR, enable proxy + # + set $canproxy "1"; + # + } + if ( -f "/tmp/state/dns_intercept"){ + set $is_intercept 1; + } + if ( !-f "/www/xiaoqiang/diagnosis/index.html") { + set $is_intercept 0; + } + if ($server_port = "8098"){ + # + set $isluci "0"; + # + } + if ($http_host = "miwifi.com"){ + set $isluci "1"; + set $is_intercept 0; + } + if ($http_host = "xiaoqiang") { + set $isluci "1"; + } + if ($http_host = "localhost"){ + # + set $isluci "1"; + # + set $canproxy "0"; + set $is_intercept 0; + } + if ($host = $server_addr){ + # + set $isluci "1"; + set $is_intercept 0; + # + } + if ($remote_addr = $server_addr){ + # + set $isluci "1"; + # + set $canproxy "0"; + # + } + if ($remote_addr = "127.0.0.1"){ + # + set $isluci "1"; + set $canproxy "0"; + } + if ($remote_addr = "169.254.31.1"){ + # + set $isluci "1"; + set $canproxy "0"; + set $is_intercept 0; + } + if ($remote_addr = "169.254.31.2"){ + # + set $isluci "1"; + set $canproxy "0"; + set $is_intercept 0; + } + # + set $finalvar "$canproxy $isluci"; + # '0 0' is no access to webadmin, but come from webinitrdr, redirect to web init + if ($finalvar = "0 0") { + rewrite ^(.*)$ http://miwifi.com/webinitrdr.html?webinitrdr=yes? break; + #rewrite ^(.*)$ /webinitrdr.html?webinitrdr=yes? break; + } + # when dnsmasq intercept is working, goto network troubleshoot page + if ($is_intercept) { + rewrite ^(.*)$ http://miwifi.com/diagnosis/index.html? break; + } + # or client requesting us because it cached DNS result, proxy to upstream by http_host + # to prevent miss cache + if ($finalvar = "1 0") { + rewrite ^(.*)$ /miwifi-goto-autoproxy.html? break; + } + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-TproxyInfo "$dst_addr:$dst_port"; + add_header MiCGI-Upstream "$target_upstream"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Status LUAROOT; + add_header MiCGI-Preload no; + # + location /miwifi-goto-autoproxy.html { + # + internal; + keepalive_timeout 0; + # + resolver 127.0.0.1; + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-TproxyInfo "$dst_addr:$dst_port"; + add_header MiCGI-Upstream "$target_upstream"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Status AUTOPROXY; + add_header MiCGI-Preload no; + # + proxy_redirect off; + # + proxy_set_header Host $target_upstream; + # + proxy_pass http://$target_upstream/$request_uri; + # + } + location /webinitrdr.html { + # + expires epoch; + keepalive_timeout 0; + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-TproxyInfo "$dst_addr:$dst_port"; + add_header MiCGI-Upstream "$target_upstream"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Preload no; + # + add_header MiCGI-Status WEBINITRDR; + add_header Cache-Control 'private,max-age=0'; + add_header Content-Type "text/html;charset=utf-8"; + # + #return 503; + # + } + location /diagnosis { + expires -1; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header Content-Type "text/html;charset=utf-8"; + root /www/xiaoqiang/; + index index.html; + } + # diff --git a/squashfs-root/etc/sysapihttpd/stat.conf b/squashfs-root/etc/sysapihttpd/stat.conf new file mode 100644 index 0000000..7f14b05 --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/stat.conf @@ -0,0 +1,17 @@ + # + #request to /stat/proxy.shtml will end here + # + access_log off; + # + add_header MiStat-Client-Ip $remote_addr; + add_header MiStat-Host $host; + add_header MiStat-Http-Host $http_host; + add_header MiStat-Server-Ip $server_addr; + add_header MiStat-Server-Port $server_port; + # + add_header MiStat-Status STATINFO; + add_header Cache-Control 'private,max-age=0'; + expires epoch; + add_header Content-Type "text/plain;charset=utf-8"; + return 200 "\r\nSTAT=OK;\r\nCODE=200;\r\nhostname=$hostname;\r\nserver_addr=$server_addr;\r\nserver_port=$server_port;\r\nremote_addr=$remote_addr;\r\nhttp_host=$http_host;\r\nuri=$request_uri;\r\n\r\n"; + # \ No newline at end of file diff --git a/squashfs-root/etc/sysapihttpd/sysapihttpd.conf b/squashfs-root/etc/sysapihttpd/sysapihttpd.conf new file mode 100644 index 0000000..6963041 --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/sysapihttpd.conf @@ -0,0 +1,600 @@ +# +#httpd for system web api +# +user root root; +worker_processes 1; +worker_rlimit_nofile 512; +worker_priority -5; +# +#/etc/init.d/sysapihttpd +# +#error log will send to stdout and save by syslog +# +daemon on; + +#nginx connect() failed (128: Unknown error) is Destination Net Unreachable +#debug | info | notice | warn | error | crit +error_log stderr warn; + +#pid logs/nginx.pid; + +events { + use epoll; + worker_connections 256; +} + +http { + # + include mime.types; + default_type application/octet-stream; + + #\t"$upstream_cache_status" replaced by \t"$sent_http_ MiCGI_Cache_Status" + log_format main '"$server_addr"\t"$host"\t"$remote_addr"\t"$time_local"\t"$request_method $request_uri"\t"$status"\t"$request_length"\t"$bytes_sent"\t"$request_time"\t"$sent_http_ MiCGI_Cache_Status"\t"$upstream_addr"\t"$upstream_response_time"\t"$http_referer"\t"$http_user_agent"'; + + #access_log /userdisk/sysapihttpd/log/access.log main; + access_log off; + + sendfile on; + #tcp_nopush on; + + #http://wiki.nginx.org/HttpCoreModule#server_tokens + server_tokens off; + + #disable keepalive for webinitrdr + keepalive_timeout 0; + + # zeor for no max limit + client_max_body_size 0; + # + proxy_buffering off; + proxy_max_temp_file_size 2m; + + proxy_buffer_size 256k; + proxy_buffers 32 32k; + proxy_busy_buffers_size 256k; + + server_names_hash_bucket_size 64; + proxy_headers_hash_bucket_size 128; + proxy_headers_hash_max_size 8192; + + #https://groups.google.com/forum/#!msg/openresty/sgNvuGk0tlQ/lFxfl-mg9HMJ + #2013/08/08 11:50:03 [error] 3971#0: wrong ident 16756 response for www.youtube.com, expect 35660 + + proxy_connect_timeout 186; + proxy_read_timeout 1200; + proxy_send_timeout 1200; + + #gzip on; + #gzip_min_length 1024; + #gzip_proxied expired no-cache no-store private auth no_last_modified no_etag; + #gzip_types application/json application/x-json text/css text/xml text/plain application/xml; + #gzip_disable "MSIE [1-6]\."; + + fastcgi_connect_timeout 300; + fastcgi_read_timeout 300; + fastcgi_send_timeout 300; + #fastcgi_buffering off; + fastcgi_buffer_size 64k; + fastcgi_buffers 4 32k; + fastcgi_busy_buffers_size 64k; + fastcgi_temp_file_write_size 64k; + #fastcgi_max_temp_file_size 0; + + limit_conn_zone $binary_remote_addr zone=addr_zone:256k; + + server { + # + #server for sysapi + # + listen 80; + listen 8098; + server_name _; + access_log off; + #access_log /userdisk/sysapihttpd/log/luaroot.access.log main; + + log_not_found off; + limit_conn addr_zone 8; + + # + keepalive_timeout 0; + + #set the send_timeout as 60 minutes + send_timeout 60m; + # + root /www; + index index.html index.htm; + + # 0.0.0.1:65535 no avaible + #redirect 0.0.0.1:65535 127.0.0.1:5081; + + #disable proxy errors handle + proxy_intercept_errors off; + + #http://wiki.nginx.org/HttpCoreModule#reset_timedout_connection + reset_timedout_connection on; + + expires epoch; + # + include 'miwifi-webinitrd.conf'; + # + + location = /miwifi.html + { + root /etc/sysapihttpd/htdocs/; + } + location = /stat/proxy.shtml { + # + keepalive_timeout 0; + access_log off; + # + add_header MiCGI-StatChain STAT; + proxy_set_header Host miwifi.com; + proxy_pass http://127.0.0.1:5081; + # + } + location /backup/log { + alias /tmp/syslogbackup/; + } + location /api/service/plugin { + rewrite ^/api/service/plugin/control /api-third-party/download/private/$arg_appid/control.html? permanent; + } + location /api-third-party/download/public { + alias /userdisk/data/; + } + location /api-third-party/download/private { + alias /userdisk/appdata/; + } + location /api-third-party/download/extdisks { + alias /extdisks/; + } + location /api-third-party/service { + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Status CGI; + add_header MiCGI-Preload no; + # + include 'fastcgi-proxy-tcp.conf'; + # + } + location ^~ /uploadfile/cgi-bin { + # + #for POST /uploadfile/cgi-bin/luci/;stok=42822adbabf606fe7946cd2e9b98d9a5/api/xqsystem/upload_rom + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Status CGI; + add_header MiCGI-Preload no; + add_header MiCGI-Upload-File yes; + # for upload roms only [start] + client_body_temp_path /tmp/uploadfiles/; + client_body_in_file_only on; + client_body_buffer_size 16k; + proxy_pass_request_headers on; + proxy_set_body off; + proxy_redirect off; + fastcgi_param UPLOADFILE $request_body_file; + client_max_body_size 20M; + #TODO: upload_multipart_cut + #upload_multipart_cut on; + fastcgi_max_temp_file_size 0; + # for upload rom only [end] + # + include 'fastcgi-proxy-tcp.conf'; + # + } + location /cgi-bin/upload { + internal; + include 'fastcgi-proxy-tcp.conf'; + } + location /cgi-bin { + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Status CGI; + add_header MiCGI-Preload no; + # + include 'fastcgi-proxy-tcp.conf'; + # + } + + location ^~ /download-userdisk/ { + internal; + alias /userdisk/data/; + } + location ^~ /download-extdisks/ { + internal; + alias /extdisks/; + } + location ^~ /download-pridisk/ { + internal; + alias /userdisk/privacyData/; + } + # + location / { + # + add_header MiCGI-Switch "$finalvar"; + add_header MiCGI-TproxyInfo "$dst_addr:$dst_port"; + add_header MiCGI-Upstream "$target_upstream"; + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Status LUAROOT; + add_header MiCGI-Preload no; + # + root /www; + index index.html index.htm; + # + } + # + #**#error_page 404 /err/404.html; + #**#error_page 500 /err/500.html; + #**#error_page 501 /err/502.html; + #**#error_page 502 /err/502.html; + #**#error_page 503 /err/503.html; + #**#error_page 504 /err/504.html; + # + location ~ /err/ { + # + internal; + # + access_log off; + keepalive_timeout 0; + # + add_header MiCGI-Client-Ip $remote_addr; + add_header MiCGI-Host $host; + add_header MiCGI-Http-Host $http_host; + add_header MiCGI-Server-Ip $server_addr; + add_header MiCGI-Server-Port $server_port; + add_header MiCGI-Preload no; + # + add_header MiCGI-Status ERR-HTML; + add_header Cache-Control 'private,max-age=0'; + expires epoch; + add_header Content-Type "text/html;charset=utf-8"; + # + root /www/; + } + # + } + server { + #request info/stat server + listen 5081; + server_name _; + access_log off; + + log_not_found off; + keepalive_timeout 0; + + # + root /etc/nginx/htdocs/; + index index.html index.htm; + # + # + include 'stat.conf'; + # + } + + ad_filter_zone zone=ad_filter_zone:16k; + server { + listen 8195; + #error_log /userdisk/sysapihttpd/log/error.log info; + ad_filter_statistics ad_filter_zone; + } + + preload_zone zone=web_preload_zone:16k; + server { + listen 8193; + server_name _; + error_log /userdisk/sysapihttpd/log/error.log info; + access_log off; + + location / { + add_header Cache-Mark 'xiaomi'; + preload /userdisk/cachecenter/cache_dir/ /http_proxy/ web_preload_zone; + } + + resolver 127.0.0.1 valid=30s; + location /http_proxy { + internal; + add_header Proxy-Mark 'xiaomi'; + rewrite /http_proxy/ / break; + proxy_pass http://$http_host$request_uri; + } + } + + + server { + listen 8196; + # resolver 8.8.8.8; + resolver 127.0.0.1 valid=30s; + log_format proxy_log '"$server_addr"\t"$host"\t"$remote_addr"\t"$time_local"\t"$request_method $request_uri"\t"$status"\t"$request_length"\t"$bytes_sent"\t"$request_time"\t"$sent_http_ MiCGI_Cache_Status"\t"$upstream_addr"\t"$upstream_response_time"\t"$http_referer"\t"$http_user_agent"'; + access_log off; + #access_log /userdisk/data/proxy_8194.log proxy_log; + #error_log /userdisk/sysapihttpd/log/error.log info; + + location / { + add_header AD-Mark 'xiaomi'; + ad_filter /proxy/ ad_filter_zone; + } + location /proxy { + internal; + add_header Proxy-Mark 'xq-proxy'; + rewrite /proxy/ / break; + proxy_pass http://$http_host$request_uri; + } + } + server { + listen 8197; + # resolver 8.8.8.8; + resolver 127.0.0.1 valid=30s; + log_format log_subfilter '"$server_addr"\t"$host"\t"$remote_addr"\t"$time_local"\t"$request_method $request_uri"\t"$status"\t"$request_length"\t"$bytes_sent"\t"$request_time"\t"$sent_http_ MiCGI_Cache_Status"\t"$upstream_addr"\t"$upstream_response_time"\t"$http_referer"\t"$http_user_agent"'; + access_log off; + #access_log /userdisk/data/proxy_8197.log log_subfilter; + #error_log /userdisk/sysapihttpd/log/error.log info; + + location / { + proxy_set_header Accept-Encoding ""; + proxy_pass http://$http_host$request_uri; + add_header XQ-Mark 'subfilter'; + proxy_connect_timeout 600; + proxy_read_timeout 600; + proxy_send_timeout 600; + #sub_filter '' '
XQ Sub-Filter
'; + sub_filter '' ''; + } + } + + server { + listen 8192; + add_header Safe-Mark 'xiaomi'; + server_name _; + access_log off; + resolver 127.0.0.1 valid=30s; + set $rrd "RR_D_STUB"; + if ( -f "/tmp/state/security_page_baidu") { + set $vend "baidu"; + } + if ( -f "/tmp/state/security_page_tencent") { + set $vend "tencent"; + } + location / { + set_escape_uri $http_url $scheme://$host$request_uri; + set $args "d=$rrd&error_type=4&sc=&url=$http_url&vendor=$vend"; + proxy_pass http://api.miwifi.com/rr/e$is_args$args; + } + } + + server { + listen 8191; + add_header Error-Mark 'xiaomi'; + server_name _; + access_log off; + resolver 127.0.0.1 valid=30s; + set $rrd "RR_D_STUB"; + location /error-page { + set $args "d=$rrd&error_type=$arg_error_type&sc=$arg_sc"; + proxy_pass https://api.miwifi.com/rr/e$is_args$args; + } + } + # for nxdomain resolve result + server { + listen 8190; + add_header Error-Mark 'xiaomi'; + server_name _; + access_log off; + resolver 127.0.0.1 valid=30s; + set $rrd "RR_D_STUB"; + location / { + set $args "d=$rrd&error_type=2"; + proxy_pass https://api.miwifi.com/rr/e$is_args$args; + } + } + + rr_config rr_zone 2M "RR_PATH_STUB"; + server { + listen 8380; + resolver localhost; + location / { + rr_filter rr_zone; + toolbar_config on; + proxy_pass $scheme://$host$request_uri; + proxy_ignore_client_abort off; + proxy_connect_timeout 30s; + proxy_read_timeout 30s; + proxy_send_timeout 30s; + proxy_buffering off; + proxy_set_header Accept-Encoding ''; + proxy_max_temp_file_size 0; + proxy_set_header Host $http_host; + } + } + + server { + listen 8382; + resolver localhost; + location / { + rr_filter rr_zone; + upgrade_config on; + proxy_pass $scheme://$host$request_uri; + proxy_ignore_client_abort off; + proxy_connect_timeout 30s; + proxy_read_timeout 30s; + proxy_send_timeout 30s; + proxy_buffering off; + proxy_set_header Accept-Encoding ''; + proxy_max_temp_file_size 0; + proxy_set_header Host $http_host; + } + } + + server { + listen 8383; + resolver localhost; + location / { + rr_filter rr_zone; + event_config on; + proxy_pass $scheme://$host$request_uri; + proxy_ignore_client_abort off; + proxy_connect_timeout 30s; + proxy_read_timeout 30s; + proxy_send_timeout 30s; + proxy_buffering off; + proxy_set_header Accept-Encoding ''; + proxy_max_temp_file_size 0; + proxy_set_header Host $http_host; + } + } + + # for security dl + server { + listen 8381; + server_name _; + resolver 127.0.0.1 valid=30s; + location / { + add_header REAP-Mark 'xiaomi'; + if ($http_reap_url ~ ^http) + { + return 302 $http_reap_url; + } + if ($http_reap_url !~ ^http) + { + return 302 http://$http_reap_url; + } + } + } + server { + listen 8384; + add_header Error-Mark 'xiaomi'; + server_name _; + access_log off; + resolver 127.0.0.1 valid=30s; + set $rrd "DEV_ID_STUB"; + location / { + set $args "deviceId=$rrd"; + proxy_pass https://api.miwifi.com/thirdparty/yyb/proxy$is_args$args; + } + } + + # for guest portal, set a sepcial server for portal page's link. + server { + listen 8999 default_server; + server_name _; + access_log off; + resolver 127.0.0.1 valid=30s; + set $did "DEV_ID_STUB"; + location / { + if ($request_method != GET) { + return 405; + } + set $args "did=$did"; + proxy_pass https://api.miwifi.com/sns/portal$is_args$args; + } + } + + server { + listen 8999; + server_name miwifi.com *.miwifi.com *.xiaomi.net *.xiaomi.com *.mi.com; + access_log off; + resolver 127.0.0.1 valid=30s; + + location / { + proxy_pass $scheme://$host$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + # for portal page polling access status + location /cgi-bin/luci/api/misns/authorization_status { + proxy_pass http://miwifi.com$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + location /cgi-bin/luci/api/misns/sns_init { + proxy_pass http://miwifi.com$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + location /cgi-bin/luci/api/misns/prepare { + proxy_pass http://miwifi.com$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + location /cgi-bin/luci { + deny all; + } + } + + + #for supporting wifishare dnsd-mode + server { + listen 8899 default_server; + server_name _; + access_log off; + resolver 127.0.0.1 valid=30s; + set $did "DEV_ID_STUB"; + location / { + if ($request_method != GET) { + return 405; + } + set $args "did=$did"; + proxy_pass https://api.miwifi.com/sns/portal$is_args$args; + } + } + + #ensure ios hotspots-detect reachable + server { + listen 8899; + server_name captive.apple.com; + resolver 127.0.0.1 valid=30s; + location / { + proxy_pass $scheme://captive.apple.com$request_uri; + } + } + + server { + listen 8899; + server_name miwifi.com *.miwifi.com *.xiaomi.net *.xiaomi.com *.mi.com; + access_log off; + resolver 127.0.0.1 valid=30s; + location / { + proxy_pass $scheme://$host$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + # for portal page polling access status + location /cgi-bin/luci/api/misns/authorization_status { + proxy_pass http://miwifi.com$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + location /cgi-bin/luci/api/misns/sns_init { + proxy_pass http://miwifi.com$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + location /cgi-bin/luci/api/misns/prepare { + proxy_pass http://miwifi.com$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + } + + location /cgi-bin/luci { + deny all; + } + } +} + +# diff --git a/squashfs-root/etc/sysapihttpd/win-utf b/squashfs-root/etc/sysapihttpd/win-utf new file mode 100644 index 0000000..ed8bc00 --- /dev/null +++ b/squashfs-root/etc/sysapihttpd/win-utf @@ -0,0 +1,126 @@ + +# This map is not a full windows-1251 <> utf8 map: it does not +# contain Serbian and Macedonian letters. If you need a full map, +# use contrib/unicode2nginx/win-utf map instead. + +charset_map windows-1251 utf-8 { + + 82 E2809A ; # single low-9 quotation mark + + 84 E2809E ; # double low-9 quotation mark + 85 E280A6 ; # ellipsis + 86 E280A0 ; # dagger + 87 E280A1 ; # double dagger + 88 E282AC ; # euro + 89 E280B0 ; # per mille + + 91 E28098 ; # left single quotation mark + 92 E28099 ; # right single quotation mark + 93 E2809C ; # left double quotation mark + 94 E2809D ; # right double quotation mark + 95 E280A2 ; # bullet + 96 E28093 ; # en dash + 97 E28094 ; # em dash + + 99 E284A2 ; # trade mark sign + + A0 C2A0 ; #   + A1 D18E ; # capital Byelorussian short U + A2 D19E ; # small Byelorussian short u + + A4 C2A4 ; # currency sign + A5 D290 ; # capital Ukrainian soft G + A6 C2A6 ; # borken bar + A7 C2A7 ; # section sign + A8 D081 ; # capital YO + A9 C2A9 ; # (C) + AA D084 ; # capital Ukrainian YE + AB C2AB ; # left-pointing double angle quotation mark + AC C2AC ; # not sign + AD C2AD ; # soft hypen + AE C2AE ; # (R) + AF D087 ; # capital Ukrainian YI + + B0 C2B0 ; # ° + B1 C2B1 ; # plus-minus sign + B2 D086 ; # capital Ukrainian I + B3 D196 ; # small Ukrainian i + B4 D291 ; # small Ukrainian soft g + B5 C2B5 ; # micro sign + B6 C2B6 ; # pilcrow sign + B7 C2B7 ; # · + B8 D191 ; # small yo + B9 E28496 ; # numero sign + BA D194 ; # small Ukrainian ye + BB C2BB ; # right-pointing double angle quotation mark + + BF D197 ; # small Ukrainian yi + + C0 D090 ; # capital A + C1 D091 ; # capital B + C2 D092 ; # capital V + C3 D093 ; # capital G + C4 D094 ; # capital D + C5 D095 ; # capital YE + C6 D096 ; # capital ZH + C7 D097 ; # capital Z + C8 D098 ; # capital I + C9 D099 ; # capital J + CA D09A ; # capital K + CB D09B ; # capital L + CC D09C ; # capital M + CD D09D ; # capital N + CE D09E ; # capital O + CF D09F ; # capital P + + D0 D0A0 ; # capital R + D1 D0A1 ; # capital S + D2 D0A2 ; # capital T + D3 D0A3 ; # capital U + D4 D0A4 ; # capital F + D5 D0A5 ; # capital KH + D6 D0A6 ; # capital TS + D7 D0A7 ; # capital CH + D8 D0A8 ; # capital SH + D9 D0A9 ; # capital SHCH + DA D0AA ; # capital hard sign + DB D0AB ; # capital Y + DC D0AC ; # capital soft sign + DD D0AD ; # capital E + DE D0AE ; # capital YU + DF D0AF ; # capital YA + + E0 D0B0 ; # small a + E1 D0B1 ; # small b + E2 D0B2 ; # small v + E3 D0B3 ; # small g + E4 D0B4 ; # small d + E5 D0B5 ; # small ye + E6 D0B6 ; # small zh + E7 D0B7 ; # small z + E8 D0B8 ; # small i + E9 D0B9 ; # small j + EA D0BA ; # small k + EB D0BB ; # small l + EC D0BC ; # small m + ED D0BD ; # small n + EE D0BE ; # small o + EF D0BF ; # small p + + F0 D180 ; # small r + F1 D181 ; # small s + F2 D182 ; # small t + F3 D183 ; # small u + F4 D184 ; # small f + F5 D185 ; # small kh + F6 D186 ; # small ts + F7 D187 ; # small ch + F8 D188 ; # small sh + F9 D189 ; # small shch + FA D18A ; # small hard sign + FB D18B ; # small y + FC D18C ; # small soft sign + FD D18D ; # small e + FE D18E ; # small yu + FF D18F ; # small ya +} diff --git a/squashfs-root/etc/sysctl.conf b/squashfs-root/etc/sysctl.conf new file mode 100755 index 0000000..944991c --- /dev/null +++ b/squashfs-root/etc/sysctl.conf @@ -0,0 +1,63 @@ +kernel.panic=3 +kernel.panic_on_oops=1 +fs.file-max = 1000000 +fs.inotify.max_user_watches=2048 +net.ipv4.conf.default.arp_ignore=1 +net.ipv4.conf.all.arp_ignore=1 +net.ipv4.ip_forward=1 +net.ipv4.icmp_echo_ignore_broadcasts=1 +net.ipv4.icmp_ignore_bogus_error_responses=1 +net.ipv4.tcp_ecn=0 +net.ipv4.tcp_fin_timeout=10 +net.ipv4.tcp_keepalive_time=60 +net.ipv4.tcp_syncookies=1 +net.ipv4.tcp_timestamps=1 +net.ipv4.tcp_sack=1 +net.ipv4.tcp_dsack=1 +net.ipv4.tcp_mtu_probing=1 + +net.ipv6.conf.default.forwarding=1 +net.ipv6.conf.all.forwarding=1 + +net.core.rmem_max = 4194304 +net.core.wmem_max = 4194304 + +net.netfilter.nf_conntrack_acct=1 +net.netfilter.nf_conntrack_checksum=0 +net.netfilter.nf_conntrack_max=16384 # 16k, openwrt defualt +net.netfilter.nf_conntrack_tcp_timeout_established=3600 +net.netfilter.nf_conntrack_udp_timeout=60 +net.ipv4.netfilter.ip_conntrack_udp_timeout_stream=180 +net.netfilter.nf_conntrack_udp_timeout_stream=180 +net.netfilter.nf_conntrack_skip_filter=1 + +net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent=60 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent2=60 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv=30 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait=10 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait=30 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack=10 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait=10 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans=30 + +net.ipv4.tcp_max_tw_buckets=40960 +#net.ipv4.netfilter.ip_conntrack_buckets=8192 +net.ipv4.ip_local_port_range=1025 65530 + +net.ipv4.tcp_tw_reuse=1 + +# disable bridge firewalling by default +net.bridge.bridge-nf-call-arptables=0 +net.bridge.bridge-nf-call-ip6tables=0 +net.bridge.bridge-nf-call-iptables=0 + +vm.dirty_background_ratio=5 +vm.dirty_ratio=10 +vm.dirty_expire_centisecs=500 +vm.dirty_writeback_centisecs=200 +vm.extfrag_threshold=100 +vm.min_free_kbytes=512 +vm.pagecache_limit_mb=16 +vm.kwapd_reclaim_order_shift=2 +vm.min_free_order_shift=2 +vm.vfs_cache_pressure=800 diff --git a/squashfs-root/etc/syslog-ng-cs.conf b/squashfs-root/etc/syslog-ng-cs.conf new file mode 100644 index 0000000..f5eee2e --- /dev/null +++ b/squashfs-root/etc/syslog-ng-cs.conf @@ -0,0 +1,170 @@ +@version:3.0 + +options { + chain_hostnames(no); + create_dirs(yes); + flush_lines(0); + keep_hostname(no); + log_fifo_size(10240); + log_msg_size(81920); + log_iw_size(10240); + log_fetch_limit(10240); + stats_freq(0); + use_dns(no); + use_fqdn(no); + dns_cache(no); + ts_format(iso); + keep_timestamp(no); +}; + +source src { + internal(); + unix-stream("/dev/log"); +}; + +source kernel { + file("/proc/kmsg" program_override("kernel") flags(kernel)); +}; + +destination d_messages { + file("/tmp/messages"); +}; + +destination proc_messages { + file("/proc/xiaoqiang/xq_syslog"); +}; + +template t_stat { template("$MSG\n"); }; + +destination d_stat_points_rom { + file("/tmp/stat_points_rom.log" template(t_stat)); +}; + +destination d_stat_points_web { + file("/tmp/stat_points_web.log" template(t_stat)); +}; + +destination d_stat_points_privacy { + file("/tmp/stat_points_privacy.log" template(t_stat)); +}; + +destination d_wifi_log { + file("/tmp/wifi_analysis.log"); +}; + +destination d_dns_log { + pipe("/tmp/web_filter_list",template(t_stat)); +}; + +filter f_luci { + level(alert .. info) + and program(luci) + and not match("stat_points_" value("MESSAGE")); +}; + +filter f_messages { + level(alert .. warning) + and not program(luci) + and not match("wifi_log" value("MESSAGE")) + and not match("stat_points_" value("MESSAGE")); +}; + +filter f_messages_d { + not program(luci) + and not match("wifi_log" value("MESSAGE")) + and not match("stat_points_" value("MESSAGE")); +}; + +filter f_stat_points_rom { + (match("stat_points_none" value("MESSAGE")) + or match("stat_points_instant" value("MESSAGE"))) + and not program(web); +}; + +filter f_stat_points_web { + (match("stat_points_none" value("MESSAGE")) + or match("stat_points_instant" value("MESSAGE"))) + and program(web); +}; + +filter f_stat_points_privacy { + match("stat_points_privacy" value("MESSAGE")); +}; + +filter f_wifi_log { + match("wifi_log" value("MESSAGE")) + and not program(web); +}; + +filter f_dns_log { + match("stat_points_dns" value("MESSAGE")) + and not program(web); +}; + +# user this rewrite to replace kernel timestamp +rewrite f_stat_points_kernel { + subst("^\[ *[0-9]+\.[0-9]+\] ", "", value("MESSAGE")); +}; + +rewrite f_stat_points_dns { + subst("stat_points_dns dns_resolve=", "", value("MESSAGE")); +}; + +log { + source(src); + source(kernel); + filter(f_luci); + destination(d_messages); + destination(proc_messages); +}; +log { + source(src); + source(kernel); + filter(f_messages); + destination(d_messages); + destination(proc_messages); +}; +log { + source(src); + filter(f_stat_points_rom); + destination(d_stat_points_rom); +}; +log { + source(kernel); + rewrite(f_stat_points_kernel); + filter(f_stat_points_rom); + destination(d_stat_points_rom); +}; +log { + source(src); + filter(f_stat_points_web); + destination(d_stat_points_web); +}; +log { + source(src); + filter(f_stat_points_privacy); + destination(d_stat_points_privacy); +}; +log { + source(kernel); + rewrite(f_stat_points_kernel); + filter(f_stat_points_privacy); + destination(d_stat_points_privacy); +}; +log { + source(kernel); + rewrite(f_stat_points_kernel); + filter(f_wifi_log); + destination(d_wifi_log); +}; +log { + source(src); + filter(f_wifi_log); + destination(d_wifi_log); +}; +log { + source(src); + filter(f_dns_log); + rewrite(f_stat_points_dns); + destination(d_dns_log); +}; diff --git a/squashfs-root/etc/syslog-ng.conf b/squashfs-root/etc/syslog-ng.conf new file mode 100644 index 0000000..b43bdf2 --- /dev/null +++ b/squashfs-root/etc/syslog-ng.conf @@ -0,0 +1,164 @@ +@version:3.0 + +options { + chain_hostnames(no); + create_dirs(yes); + flush_lines(0); + keep_hostname(no); + log_fifo_size(10240); + log_msg_size(81920); + log_iw_size(10240); + log_fetch_limit(10240); + stats_freq(0); + use_dns(no); + use_fqdn(no); + dns_cache(no); + ts_format(iso); + keep_timestamp(no); +}; + +source src { + internal(); + unix-stream("/dev/log"); +}; + +source kernel { + file("/proc/kmsg" program_override("kernel") flags(kernel)); +}; + +destination d_messages { + file("/tmp/messages"); +}; + +template t_stat { template("$MSG\n"); }; + +destination d_stat_points_rom { + file("/tmp/stat_points_rom.log" template(t_stat)); +}; + +destination d_stat_points_web { + file("/tmp/stat_points_web.log" template(t_stat)); +}; + +destination d_stat_points_privacy { + file("/tmp/stat_points_privacy.log" template(t_stat)); +}; + +destination d_wifi_log { + file("/tmp/wifi_analysis.log"); +}; + +destination d_dns_log { + pipe("/tmp/web_filter_list",template(t_stat)); +}; + +filter f_luci { + level(alert .. info) + and program(luci) + and not match("stat_points_" value("MESSAGE")); +}; + +filter f_messages { + level(alert .. warning) + and not program(luci) + and not match("wifi_log" value("MESSAGE")) + and not match("stat_points_" value("MESSAGE")); +}; + +filter f_messages_d { + not program(luci) + and not match("wifi_log" value("MESSAGE")) + and not match("stat_points_" value("MESSAGE")); +}; + +filter f_stat_points_rom { + (match("stat_points_none" value("MESSAGE")) + or match("stat_points_instant" value("MESSAGE"))) + and not program(web); +}; + +filter f_stat_points_web { + (match("stat_points_none" value("MESSAGE")) + or match("stat_points_instant" value("MESSAGE"))) + and program(web); +}; + +filter f_stat_points_privacy { + match("stat_points_privacy" value("MESSAGE")); +}; + +filter f_wifi_log { + match("wifi_log" value("MESSAGE")) + and not program(web); +}; + +filter f_dns_log { + match("stat_points_dns" value("MESSAGE")) + and not program(web); +}; + +# user this rewrite to replace kernel timestamp +rewrite f_stat_points_kernel { + subst("^\[ *[0-9]+\.[0-9]+\] ", "", value("MESSAGE")); +}; + +rewrite f_stat_points_dns { + subst("stat_points_dns dns_resolve=", "", value("MESSAGE")); +}; + +log { + source(src); + source(kernel); + filter(f_luci); + destination(d_messages); +}; +log { + source(src); + source(kernel); + filter(f_messages); + destination(d_messages); +}; +log { + source(src); + filter(f_stat_points_rom); + destination(d_stat_points_rom); +}; +log { + source(kernel); + rewrite(f_stat_points_kernel); + filter(f_stat_points_rom); + destination(d_stat_points_rom); +}; +log { + source(src); + filter(f_stat_points_web); + destination(d_stat_points_web); +}; +log { + source(src); + filter(f_stat_points_privacy); + destination(d_stat_points_privacy); +}; +log { + source(kernel); + rewrite(f_stat_points_kernel); + filter(f_stat_points_privacy); + destination(d_stat_points_privacy); +}; +log { + source(kernel); + rewrite(f_stat_points_kernel); + filter(f_wifi_log); + destination(d_wifi_log); +}; +log { + source(src); + filter(f_wifi_log); + destination(d_wifi_log); +}; +log { + source(src); + filter(f_dns_log); + rewrite(f_stat_points_dns); + destination(d_dns_log); +}; diff --git a/squashfs-root/etc/syslog.conf b/squashfs-root/etc/syslog.conf new file mode 100755 index 0000000..5838feb --- /dev/null +++ b/squashfs-root/etc/syslog.conf @@ -0,0 +1,3 @@ +#WARNING: this config file is replace by /etc/syslog-ng.conf, remove is pending. +# +*.* /data/usr/log/messages diff --git a/squashfs-root/etc/sysupgrade.conf b/squashfs-root/etc/sysupgrade.conf new file mode 100755 index 0000000..e06fd5e --- /dev/null +++ b/squashfs-root/etc/sysupgrade.conf @@ -0,0 +1,5 @@ +## This file contains files and directories that should +## be preserved during an upgrade. + +# /etc/example.conf +# /etc/openvpn/ diff --git a/squashfs-root/etc/traffic.d/default/01-controller.sh b/squashfs-root/etc/traffic.d/default/01-controller.sh new file mode 100755 index 0000000..36cfe37 --- /dev/null +++ b/squashfs-root/etc/traffic.d/default/01-controller.sh @@ -0,0 +1,4 @@ + +#!/bin/sh + +/usr/bin/lua /usr/sbin/controller.lua diff --git a/squashfs-root/etc/traffic.d/linkstatus/02-wan_dog.sh b/squashfs-root/etc/traffic.d/linkstatus/02-wan_dog.sh new file mode 100644 index 0000000..070db7c --- /dev/null +++ b/squashfs-root/etc/traffic.d/linkstatus/02-wan_dog.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +wan_port=$(uci -q get misc.sw_reg.sw_wan_port) +[ -n $wan_port ] || exit 0 + +[ $wan_port = $PORT_NUM -a $LINK_STATUS = "linkup" ] && { + pidof udhcpc >/dev/null || exit 0 + logger -p warn -t "trafficd" "run wwdog because wan port up" + pidof wwdog >/dev/null || /usr/sbin/wwdog + exit 0 +} + +[ $wan_port = $PORT_NUM -a $LINK_STATUS = "linkdown" ] && { + pidof udhcpc > /dev/null || exit 0 + . /lib/xq-misc/phy_switch.sh + if ! sw_wan_link_detect; then + logger -p warn -t "trafficd" "port wan is unplugged" + ifup wan + fi + exit 0 +} diff --git a/squashfs-root/etc/traffic.d/linkstatus/03-wired-dev-event.sh b/squashfs-root/etc/traffic.d/linkstatus/03-wired-dev-event.sh new file mode 100755 index 0000000..1ec8f1a --- /dev/null +++ b/squashfs-root/etc/traffic.d/linkstatus/03-wired-dev-event.sh @@ -0,0 +1,11 @@ +#!/bin/sh +qosflag=`uci get miqos.settings.enabled 2>/dev/null` +[ "$qosflag" -ne "1" ] && return 0 + +if [ "$LINK_STATUS" = "linkup" ]; then + #logger -t miqos -p9 "port up $PORT_NUM $LINK_STATUS" + /etc/init.d/miqos device_in 00 +else + #logger -t miqos -p9 "port down $PORT_NUM $LINK_STATUS" + /etc/init.d/miqos device_out 00 +fi diff --git a/squashfs-root/etc/traffic.d/speedup/01-speedupNotify.sh b/squashfs-root/etc/traffic.d/speedup/01-speedupNotify.sh new file mode 100644 index 0000000..701dc13 --- /dev/null +++ b/squashfs-root/etc/traffic.d/speedup/01-speedupNotify.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +#logger -t EbitSPEEDUP -p9 "speedup: dir:$SPEEDUP_DIR,status:$SPEEDUP_STATUS,threshold:$SPEEDUP_THRESHOLD,speed:$SPEEDUP_CUR_SPEED" + +if [ "$SPEEDUP_DIR"x = "down"x ]; then + /usr/sbin/datacenterClient -h localhost -p 9090 -i '{"api":634,"pluginID":"2882303761517410304","info":"{\"api\":1009}"}' >/dev/null 2>&1 +elif [ "$SPEEDUP_DIR"x = "up"x ]; then + #logger -t EbitSPEEDUP -p9 "upupup" + /usr/sbin/datacenterClient -h localhost -p 9090 -i '{"api":634,"pluginID":"2882303761517545233","info":"{\"api\":1009}"}' >/dev/null 2>&1 +else + logger -t EbitSPEEDUP -p9 "speedup:error \$SPEEDUP_DIR must be up or down" +fi diff --git a/squashfs-root/etc/uboot_version b/squashfs-root/etc/uboot_version new file mode 100755 index 0000000..9f9a430 --- /dev/null +++ b/squashfs-root/etc/uboot_version @@ -0,0 +1 @@ +4.2.S.1 diff --git a/squashfs-root/etc/uci-defaults/99-miniupnpd b/squashfs-root/etc/uci-defaults/99-miniupnpd new file mode 100644 index 0000000..c6bc19a --- /dev/null +++ b/squashfs-root/etc/uci-defaults/99-miniupnpd @@ -0,0 +1,13 @@ +#!/bin/sh + +uci -q batch <<-EOT + delete firewall.miniupnpd + set firewall.miniupnpd=include + set firewall.miniupnpd.type=script + set firewall.miniupnpd.path=/usr/share/miniupnpd/firewall.include + set firewall.miniupnpd.family=IPv4 + set firewall.miniupnpd.reload=1 + commit firewall +EOT + +exit 0 diff --git a/squashfs-root/etc/uci-defaults/luci-i18n-chinese b/squashfs-root/etc/uci-defaults/luci-i18n-chinese new file mode 100644 index 0000000..2b83870 --- /dev/null +++ b/squashfs-root/etc/uci-defaults/luci-i18n-chinese @@ -0,0 +1,5 @@ +#!/bin/sh +uci batch <<-EOF + set luci.languages.zh_cn='简体中文' + commit luci +EOF diff --git a/squashfs-root/etc/uci-defaults/luci-i18n-hongkong b/squashfs-root/etc/uci-defaults/luci-i18n-hongkong new file mode 100644 index 0000000..dfddd9c --- /dev/null +++ b/squashfs-root/etc/uci-defaults/luci-i18n-hongkong @@ -0,0 +1,5 @@ +#!/bin/sh +uci batch <<-EOF + set luci.languages.zh_hk='香港繁體' + commit luci +EOF diff --git a/squashfs-root/etc/uci-defaults/luci-i18n-taiwan b/squashfs-root/etc/uci-defaults/luci-i18n-taiwan new file mode 100644 index 0000000..111e8cf --- /dev/null +++ b/squashfs-root/etc/uci-defaults/luci-i18n-taiwan @@ -0,0 +1,5 @@ +#!/bin/sh +uci batch <<-EOF + set luci.languages.zh_tw='台湾繁體' + commit luci +EOF diff --git a/squashfs-root/etc/uci-defaults/luci-theme-openwrt b/squashfs-root/etc/uci-defaults/luci-theme-openwrt new file mode 100755 index 0000000..d8dea04 --- /dev/null +++ b/squashfs-root/etc/uci-defaults/luci-theme-openwrt @@ -0,0 +1,6 @@ +#!/bin/sh +uci batch <<-EOF + set luci.themes.OpenWrt=/luci-static/openwrt.org + commit luci +EOF + diff --git a/squashfs-root/etc/uci-defaults/migrate-shadow b/squashfs-root/etc/uci-defaults/migrate-shadow new file mode 100755 index 0000000..b7ea571 --- /dev/null +++ b/squashfs-root/etc/uci-defaults/migrate-shadow @@ -0,0 +1,12 @@ +#!/bin/sh + +local ppwd="$(sed -ne '/^root:/s/^root:\([^:]*\):.*$/\1/p' /etc/passwd)" +local spwd="$(sed -ne '/^root:/s/^root:\([^:]*\):.*$/\1/p' /etc/shadow)" + +if [ -n "${ppwd#[\!x]}" ] && [ -z "${spwd#[\!x]}" ]; then + logger -t migrate-shadow "Moving root password hash into shadow database" + sed -i -e "s:^root\:[^\:]*\::root\:x\::" /etc/passwd + sed -i -e "s:^root\:[^\:]*\::root\:$ppwd\::" /etc/shadow +fi + +exit 0 diff --git a/squashfs-root/etc/uci-defaults/migrate-sysctl b/squashfs-root/etc/uci-defaults/migrate-sysctl new file mode 100755 index 0000000..b3796a4 --- /dev/null +++ b/squashfs-root/etc/uci-defaults/migrate-sysctl @@ -0,0 +1,17 @@ +#!/bin/sh + +if [ ! -f "/rom/etc/sysctl.conf" ] || cmp -s "/rom/etc/sysctl.conf" "/etc/sysctl.conf"; then + exit 0 +fi + +fingerprint="$(md5sum /etc/sysctl.conf)" +fingerprint="${fingerprint%% *}" + +if [ "$fingerprint" = "1b05ebb41f72cb84e5510573cd4aca26" ] || \ + [ "$fingerprint" = "62deb895be1a7f496040187b7c930e4e" ]; then + logger -t migrate-sysctl "Updating sysctl.conf to use current defaults" + cp "/rom/etc/sysctl.conf" "/etc/sysctl.conf" +fi + +exit 0 + diff --git a/squashfs-root/etc/udhcpc.user b/squashfs-root/etc/udhcpc.user new file mode 100644 index 0000000..d537a82 --- /dev/null +++ b/squashfs-root/etc/udhcpc.user @@ -0,0 +1,13 @@ +#!/bin/sh + +[ -z "$1" ] && echo "Udhcpc.user Error: should be run by udhcpc" && exit 1 + +case "$1" in + deconfig) + #switch batman-adv client->server + ;; + renew|bound) + #wan ip change + lua /usr/sbin/cr_ip_conflict.lua & + ;; +esac \ No newline at end of file diff --git a/squashfs-root/etc/xl2tpd/xl2tp-secrets b/squashfs-root/etc/xl2tpd/xl2tp-secrets new file mode 100644 index 0000000..0fb513f --- /dev/null +++ b/squashfs-root/etc/xl2tpd/xl2tp-secrets @@ -0,0 +1,5 @@ +# Secrets for authenticating l2tp tunnels +# us them secret +# * marko blah2 +# zeus marko blah +# * * interop diff --git a/squashfs-root/etc/xl2tpd/xl2tpd.conf b/squashfs-root/etc/xl2tpd/xl2tpd.conf new file mode 100644 index 0000000..2423ff6 --- /dev/null +++ b/squashfs-root/etc/xl2tpd/xl2tpd.conf @@ -0,0 +1,23 @@ +[global] +port = 1701 +auth file = /etc/xl2tpd/xl2tp-secrets +access control = no + +;[lns default] +;exclusive = yes +;ip range = 192.168.254.202-192.168.254.210 +;lac = 10.0.1.2 +;hidden bit = no +;local ip = 192.168.254.200 +;length bit = yes +;refuse authentication = yes +;name = VersaLink +;ppp debug = yes +;pppoptfile = /etc/ppp/options.xl2tpd + +;[lac left] +;lns = 10.0.1.2 +;refuse authentication = yes +;name = VersaLink +;ppp debug = yes +;pppoptfile = /etc/ppp/options.xl2tpd diff --git a/squashfs-root/etc/xqDb b/squashfs-root/etc/xqDb new file mode 100644 index 0000000..cfc6c8e Binary files /dev/null and b/squashfs-root/etc/xqDb differ diff --git a/squashfs-root/lib/config/uci.sh b/squashfs-root/lib/config/uci.sh new file mode 100644 index 0000000..db84c83 --- /dev/null +++ b/squashfs-root/lib/config/uci.sh @@ -0,0 +1,137 @@ +#!/bin/sh +# Shell script compatibility wrappers for /sbin/uci +# +# Copyright (C) 2008-2010 OpenWrt.org +# Copyright (C) 2008 Felix Fietkau +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +CONFIG_APPEND= +uci_load() { + local PACKAGE="$1" + local DATA + local RET + local VAR + + _C=0 + if [ -z "$CONFIG_APPEND" ]; then + for VAR in $CONFIG_LIST_STATE; do + export ${NO_EXPORT:+-n} CONFIG_${VAR}= + export ${NO_EXPORT:+-n} CONFIG_${VAR}_LENGTH= + done + export ${NO_EXPORT:+-n} CONFIG_LIST_STATE= + export ${NO_EXPORT:+-n} CONFIG_SECTIONS= + export ${NO_EXPORT:+-n} CONFIG_NUM_SECTIONS=0 + export ${NO_EXPORT:+-n} CONFIG_SECTION= + fi + + DATA="$(/sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} ${LOAD_STATE:+-P /var/state} -S -n export "$PACKAGE" 2>/dev/null)" + RET="$?" + [ "$RET" != 0 -o -z "$DATA" ] || eval "$DATA" + unset DATA + + ${CONFIG_SECTION:+config_cb} + return "$RET" +} + +uci_set_default() { + local PACKAGE="$1" + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} -q show "$PACKAGE" > /dev/null && return 0 + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} import "$PACKAGE" + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} commit "$PACKAGE" +} + +uci_revert_state() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} -P /var/state revert "$PACKAGE${CONFIG:+.$CONFIG}${OPTION:+.$OPTION}" +} + +uci_set_state() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + local VALUE="$4" + + [ "$#" = 4 ] || return 0 + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} -P /var/state set "$PACKAGE.$CONFIG${OPTION:+.$OPTION}=$VALUE" +} + +uci_toggle_state() { + uci_revert_state "$1" "$2" "$3" + uci_set_state "$1" "$2" "$3" "$4" +} + +uci_set() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + local VALUE="$4" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} set "$PACKAGE.$CONFIG.$OPTION=$VALUE" +} + +uci_get_state() { + uci_get "$1" "$2" "$3" "$4" "/var/state" +} + +uci_get() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + local DEFAULT="$4" + local STATE="$5" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} ${STATE:+-P $STATE} -q get "$PACKAGE${CONFIG:+.$CONFIG}${OPTION:+.$OPTION}" + RET="$?" + [ "$RET" -ne 0 ] && [ -n "$DEFAULT" ] && echo "$DEFAULT" + return "$RET" +} + +uci_add() { + local PACKAGE="$1" + local TYPE="$2" + local CONFIG="$3" + + if [ -z "$CONFIG" ]; then + export ${NO_EXPORT:+-n} CONFIG_SECTION="$(/sbin/uci add "$PACKAGE" "$TYPE")" + else + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} set "$PACKAGE.$CONFIG=$TYPE" + export ${NO_EXPORT:+-n} CONFIG_SECTION="$CONFIG" + fi +} + +uci_rename() { + local PACKAGE="$1" + local CONFIG="$2" + local VALUE="$3" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} rename "$PACKAGE.$CONFIG=$VALUE" +} + +uci_remove() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} del "$PACKAGE.$CONFIG${OPTION:+.$OPTION}" +} + +uci_commit() { + local PACKAGE="$1" + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} commit $PACKAGE +} diff --git a/squashfs-root/lib/config_post_ota/dnsfixd_post_ota.sh b/squashfs-root/lib/config_post_ota/dnsfixd_post_ota.sh new file mode 100755 index 0000000..99d1295 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/dnsfixd_post_ota.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# Copyright (C) 2016 Xiaomi + +uci -q batch <<-EOF >/dev/null + set dnsfixd.baidu.request_url="https://anquanapi.baidu.com/api/open/adh" + del dnsfixd.whitelist + set dnsfixd.whitelist=whitelist + add_list dnsfixd.whitelist.dns=8.8.8.8 + add_list dnsfixd.whitelist.dns=8.8.4.4 + add_list dnsfixd.whitelist.dns=114.114.114.114 + commit dnsfixd +EOF + diff --git a/squashfs-root/lib/config_post_ota/dnsmasq_config_post_ota.sh b/squashfs-root/lib/config_post_ota/dnsmasq_config_post_ota.sh new file mode 100755 index 0000000..bab4176 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/dnsmasq_config_post_ota.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# +#FILE_TARGET: /lib/config_post_ota/dnsmasq_config_post_ota.sh +# + +/sbin/uci -q batch <<-EOF >/dev/null +set dhcp.@dnsmasq[0].nonegcache=1 +set dhcp.@dnsmasq[0].cachesize=500 +set dhcp.@dnsmasq[0].maxttl=30 +set dhcp.@dnsmasq[0].maxcachettl=1800 +set dhcp.@dnsmasq[0].dnsforwardmax=300 +set dhcp.@dnsmasq[0].leasefile=/tmp/dhcp.leases +set dhcp.@dnsmasq[0].allservers=1 +set dhcp.@dnsmasq[0].client_update_ddns=1 +delete dhcp.@dnsmasq[0].intercept +delete dhcp.@dnsmasq[0].domain +delete dhcp.@dnsmasq[0].filterwin2k +delete dhcp.@dnsmasq[0].readethers +delete dhcp.lan.dhcp_option_force +set dhcp.ready=dhcp +set dhcp.ready.interface=ready +set dhcp.ready.start=10 +set dhcp.ready.limit=20 +set dhcp.ready.leasetime=5m +set dhcp.ready.force=1 +delete dhcp.ready.dhcp_option_force +commit dhcp +EOF + +netmode=$(uci get xiaoqiang.common.NETMODE 2>/dev/null) +if [ "$netmode" = "lanapmode" ] +then + /sbin/uci -q batch <<-EOF >/dev/null + set dhcp.lan.ignore=1; + commit dhcp +EOF +fi + +echo "INFO: update dnsmasq config ok." +exit 0 diff --git a/squashfs-root/lib/config_post_ota/enable_ipv6.sh b/squashfs-root/lib/config_post_ota/enable_ipv6.sh new file mode 100755 index 0000000..906226e --- /dev/null +++ b/squashfs-root/lib/config_post_ota/enable_ipv6.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +#add wan6 interface for lan +/sbin/uci -q batch </dev/null +set network.wan6=interface +set network.wan6.proto=dhcpv6 +set network.wan6.ifname=@wan + +commit network +EOF + +#check if lan ipv6 is enabled or not +ip6assign=`uci get network.lan.ip6assign 2>/dev/null` +if [ x$ip6assign == "x" ]; +then + uci set network.lan.ip6assign=64 +fi + +ip6class=`uci get network.lan.ip6class 2>/dev/null` +if [ x$ip6class == "x" ]; +then + uci set network.lan.ip6class="wan6" +fi + +#check if guest ipv6 is enabled +guestwifi=`uci get network.guest 2>/dev/null` +ip6assign=`uci get network.guest.ip6assign 2>/dev/null` +if [ x$guestwifi != "x" -a x$ip6assign == "x" ]; +then + uci set network.guest.ip6assign=64 +fi + +uci commit network + + diff --git a/squashfs-root/lib/config_post_ota/firewall_cfg_update.lua b/squashfs-root/lib/config_post_ota/firewall_cfg_update.lua new file mode 100755 index 0000000..23b90de --- /dev/null +++ b/squashfs-root/lib/config_post_ota/firewall_cfg_update.lua @@ -0,0 +1,57 @@ +#!/usr/bin/lua +-- it's executed after OTA to upgrade cfg to new version + + +-- local bit= require "bit" +local uci= require 'luci.model.uci' +-- local json= require 'json' +local curs = uci.cursor() + +-- only merge named sections, not touch anonmous sections +function merge_tbl(cfg_from, cfg_to, t_type) + curs:foreach( + cfg_from, t_type, + function(s) + if not s['.anonymous'] and not curs:get(cfg_to,t_type,s['.name']) then + new_name = curs:section(cfg_to,t_type,s['.name']) + for k,v in pairs(s) do + -- only support flat config structure + if type(v) == 'string' then + curs:set(cfg_to,new_name,k,v) + else + -- not supported + end + end + end + end + ) +end + + +function main() + + local from_cfg='firewall_default' + local to_cfg='firewall' + merge_tbl(from_cfg,to_cfg,'include') + merge_tbl(from_cfg,to_cfg,'rule') + merge_tbl(from_cfg,to_cfg,'zone') + merge_tbl(from_cfg,to_cfg,'redirect') + + -- use this form to set options for anonymous section. + curs:foreach("firewall", "defaults", + function(s) + curs:set("firewall",s[".name"],"drop_invalid","1") + curs:set("firewall",s[".name"],"disable_ipv6","1") + end) + curs:save(to_cfg) + curs:commit(to_cfg) + + os.remove('/etc/config/firewall_default') +end + +main() + + + + + diff --git a/squashfs-root/lib/config_post_ota/ifb_config_post_ota.sh b/squashfs-root/lib/config_post_ota/ifb_config_post_ota.sh new file mode 100755 index 0000000..cad1745 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/ifb_config_post_ota.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +/sbin/uci -q batch </dev/null +set network.ifb=interface +set network.ifb.ifname=ifb0 + +commit network +EOF diff --git a/squashfs-root/lib/config_post_ota/locale_info_ota.lua b/squashfs-root/lib/config_post_ota/locale_info_ota.lua new file mode 100755 index 0000000..266b602 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/locale_info_ota.lua @@ -0,0 +1,26 @@ +#!/usr/bin/lua + +local uci = require("luci.model.uci").cursor() + + +-- this patch is ugly but should be +-- fix the config migration failed problem, which occurred when "ROUTER_LOCALE" does not exsit + +function locale_info_set() + local locale = uci.get("xiaoqiang", "common", "ROUTER_LOCALE") + + if locale then + --print("locale already exist: " .. locale) + return + end + + locale = "somewhere" + uci.set("xiaoqiang", "common", "ROUTER_LOCALE", locale) + uci.commit("xiaoqiang") + + --print("locale set: " .. locale) + + return +end + +locale_info_set() diff --git a/squashfs-root/lib/config_post_ota/miqos_cfg_update.lua b/squashfs-root/lib/config_post_ota/miqos_cfg_update.lua new file mode 100755 index 0000000..59acc26 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/miqos_cfg_update.lua @@ -0,0 +1,111 @@ +#!/usr/bin/lua +-- it's executed after OTA to upgrade cft to new version + + +local bit= require "bit" +local px = require "Posix" +local uci= require 'luci.model.uci' +local io= require 'io' +local socket= require 'socket' +local json= require 'json' + +function find_section(curs, conf, type, name) + local id + curs:foreach( + conf, type, + function(s) + if s['name'] == name then + id = s['.name'] + end + end) + return id +end + +function set_tbl(curs,from_cfg,to_cfg,from_section,to_section) + + local tbl=curs:get_all(from_cfg,from_section) + + -- px.var_dump(tbl) + + for k,v in pairs(tbl) do + + -- print(k .. ':' ..type(v)) + if string.sub(k,1,1) ~= '.' and not curs:get(to_cfg,to_section,k) then + if type(v) == 'string' then + curs:set(to_cfg,to_section,k,v) + -- print('set ' .. k .. ' = ' .. v) + elseif type(v) == 'table' then + curs:set_list(to_cfg,to_section,k,v) + else + -- print("** origin " .. k .. ' = ' .. v .. ' (' .. type(v) .. ')') + curs:set(to_cfg,to_section,k,'0') + -- print('set ' .. k .. ' = ' .. 0) + end + end + end + +end + +function merge_tbl(curs,from_cfg,to_cfg,type_name,id_name,clearall) + + -- delete all anonemous type + curs:delete_all(to_cfg,type_name, + function(s) return s[".anonymous"] end + ) + if clearall then + curs:delete_all(to_cfg,type_name, + function(s) if s['.name']==id_name then return true else return false end end + ) + end + + local from_sec_name = find_section(curs,from_cfg,type_name,id_name) + if not from_sec_name then + return + end + local to_sec_name = find_section(curs,to_cfg,type_name,id_name) + + if not to_sec_name then + to_sec_name = curs:section(to_cfg,type_name,id_name) + end + + local to_name = curs:get(to_cfg,to_sec_name,'.name') + if not to_name or to_name ~= id_name then + curs:set(to_cfg,to_sec_name, '.name', id_name) + end + + set_tbl(curs,from_cfg,to_cfg,from_sec_name,to_sec_name) +end + + +function main() + + local from_cfg='miqos_default' + local to_cfg='miqos' + local curs = uci.cursor() + + + -- below can be changed by user + merge_tbl(curs,from_cfg,to_cfg,'miqos','settings',nil) + merge_tbl(curs,from_cfg,to_cfg,'limit','guest',nil) + merge_tbl(curs,from_cfg,to_cfg,'limit','xq',nil) + merge_tbl(curs,from_cfg,to_cfg,'system','param',nil) + + -- below are hold by system, cannot be changed by user + merge_tbl(curs,from_cfg,to_cfg,'group','00',true) + merge_tbl(curs,from_cfg,to_cfg,'mode','general',true) + merge_tbl(curs,from_cfg,to_cfg,'class','p1',true) + merge_tbl(curs,from_cfg,to_cfg,'class','p2',true) + merge_tbl(curs,from_cfg,to_cfg,'class','p3',true) + merge_tbl(curs,from_cfg,to_cfg,'class','p4',true) + + curs:save(to_cfg) + curs:commit(to_cfg) + +end + +main() + + + + + diff --git a/squashfs-root/lib/config_post_ota/netifd_config_post_ota.sh b/squashfs-root/lib/config_post_ota/netifd_config_post_ota.sh new file mode 100755 index 0000000..2ad3ac9 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/netifd_config_post_ota.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# add troubleshoot netowrk +/sbin/uci -q batch <<-EOF >/dev/null +delete network.diagnose +set network.ready=interface +set network.ready.proto=static +set network.ready.ipaddr=169.254.29.1 +set network.ready.netmask=255.255.255.0 +commit network +EOF + +has_smartvpn_old_version=$(uci get smartvpn.settings 2>/dev/null) +[ ! -z $has_smartvpn_old_version ] && { + +smartdns_conf_name="smartdns.conf" +rm "/etc/dnsmasq.d/$smartdns_conf_name" +rm "/var/etc/dnsmasq.d/$smartdns_conf_name" +rm "/tmp/etc/dnsmasq.d/$smartdns_conf_name" + +/sbin/uci -q batch <<-EOF >/dev/null +delete smartvpn.settings +delete smartvpn.dest +set smartvpn.vpn=remote +set smartvpn.vpn.type=vpn +set smartvpn.vpn.domain_file=/etc/smartvpn/proxy.txt +set smartvpn.vpn.disabled=0 +set smartvpn.vpn.status=off +set smartvpn.dest=dest +add_list smartvpn.dest.notnet=169.254.0.0/16 +add_list smartvpn.dest.notnet=172.16.0.0/12 +add_list smartvpn.dest.notnet=192.168.0.0/16 +add_list smartvpn.dest.notnet=224.0.0.0/4 +add_list smartvpn.dest.notnet=240.0.0.0/4 +commit smartvpn + +delete firewall.smartvpn +delete firewall.proxy_thirdparty +commit firewall +EOF + +} + diff --git a/squashfs-root/lib/config_post_ota/parentalctl_post_ota.sh b/squashfs-root/lib/config_post_ota/parentalctl_post_ota.sh new file mode 100755 index 0000000..7f117eb --- /dev/null +++ b/squashfs-root/lib/config_post_ota/parentalctl_post_ota.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# Copyright (C) 2015 Xiaomi +. /lib/functions.sh + +#KEEP THIS BECAUSE IT WOULD HAVE CONFIGS REMAIN IN UCI,SHOULD MV TO OTA SHELL +local delete_cmd=$(uci show firewall | awk -F= '{if($1~/^firewall.parentalctl_/) print "del "$1 }') + +uci -q batch <<-EOF >/dev/null + $delete_cmd + commit firewall +EOF + +uci -q batch <<-EOF >/dev/null + set firewall.parentalctl=include + set firewall.parentalctl.path="/lib/firewall.sysapi.loader parentalctl" + set firewall.parentalctl.reload=1 + commit firewall +EOF + diff --git a/squashfs-root/lib/config_post_ota/ustack_post_ota.sh b/squashfs-root/lib/config_post_ota/ustack_post_ota.sh new file mode 100755 index 0000000..4afee89 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/ustack_post_ota.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Copyright (C) 2015 Xiaomi +. /lib/functions.sh + +uci -q batch <<-EOF >/dev/null + set ustack.settings.enabled=1 + commit ustack +EOF + diff --git a/squashfs-root/lib/config_post_ota/vasinfo_post_ota.sh b/squashfs-root/lib/config_post_ota/vasinfo_post_ota.sh new file mode 100755 index 0000000..5885ce3 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/vasinfo_post_ota.sh @@ -0,0 +1,5 @@ +#!/bin/sh +# Copyright (C) 2015 Xiaomi + +/usr/sbin/vasinfo_fw.sh post_ota + diff --git a/squashfs-root/lib/config_post_ota/wifishare_post_ota.sh b/squashfs-root/lib/config_post_ota/wifishare_post_ota.sh new file mode 100755 index 0000000..97c1163 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/wifishare_post_ota.sh @@ -0,0 +1,24 @@ +#!/bin/sh +# Copyright (C) 2015 Xiaomi +. /lib/functions.sh + +old_timeout=$(uci get wifishare.global.auth_timeout 2>/dev/null) +[ "$old_timeout" == "30" ] && { uci set wifishare.global.auth_timeout=60; uci commit wifishare;} + +guest_configed=$(uci get wireless.guest_2G 2>/dev/null) +isolate_configed=$(uci get wireless.guest_2G.ap_isolate 2>/dev/null) +guest_ssid=$(uci get wireless.guest_2G.ssid 2>/dev/null) + +guest_suffix=$(getmac |cut -b 13-17 |sed 's/://g' |tr '[a-z]' '[A-Z]') +#guest_ssid="Xiaomi_${guest_suffix}_VIP" +[ "$guest_configed" != "" ] && [ "$isolate_configed" == "" ] && { + uci set wireless.guest_2G.ap_isolate=1; + uci commit wireless +} + +#guest default format Xiaomi_xxxx_VIP +#guest_ssid_matched=$(echo $guest_ssid | grep "^Xiaomi_[[:xdigit:]]\{4\}_VIP$") +[ "$guest_ssid" == "Xiaomi_${guest_suffix}_VIP" ] && { + uci set wireless.guest_2G.ssid="小米共享WiFi_${guest_suffix}"; + uci commit wireless +} diff --git a/squashfs-root/lib/config_post_ota/wireless_cfg_update.lua b/squashfs-root/lib/config_post_ota/wireless_cfg_update.lua new file mode 100755 index 0000000..1a8d078 --- /dev/null +++ b/squashfs-root/lib/config_post_ota/wireless_cfg_update.lua @@ -0,0 +1,172 @@ +#!/usr/bin/lua +local px = require "Posix" +local uci= require 'luci.model.uci' + +function update_section(curs, conf, type, network, device, ifname) + local id = nil + curs:foreach( + conf, type, + function(s) + if s['network'] == network and s['device'] == device and not s["ifname"] then + id = s['.name'] + end + end) + if id then + curs:set(conf, id, 'ifname', ifname) + end +end + + +function update_wifi_disabled_section(curs, conf, type) + local hardwaremodel = curs:get('misc','hardware','model') + if hardwaremodel ~= 'R1D' then + return + end + curs:foreach( + conf,type, + function(s) + local enabled = curs:get(conf, s['.name'], 'enabled') + local open = curs:get(conf, s['.name'], 'open') + if open ~= nil then + if open == '0' then + curs:set(conf, s['.name'], 'disabled', '1') + end + curs:delete(conf, s['.name'],'open') + end + + if enabled ~= nil then + if enabled == '0' then + curs:set(conf, s['.name'], 'disabled', '1') + end + curs:delete(conf, s['.name'], 'enabled') + end + end) + +end + +function add_miwifiready_section(curs, conf, type, name, network, device, ifname, mode, ssid, encryption, hidden, key, disabled, dynbcn) + local exist = false + local dynbcn_exist = false + curs:foreach( + conf,type, + function(s) + if s['.name'] == name then + exist = true + end + if s['dynbcn'] == dynbcn then + dynbcn_exist = true + end + end) + if dynbcn_exist == false then + curs:set(conf, name,'dynbcn', dynbcn) + end + if exist == false then + curs:set(conf, name,'wifi-iface') + curs:set(conf, name,'device', device) + curs:set(conf, name,'network', network) + curs:set(conf, name,'mode', mode) + curs:set(conf, name,'ifname', ifname) + curs:set(conf, name,'encryption', encryption) + curs:set(conf, name,'key', key) + curs:set(conf, name,'ssid', ssid) + curs:set(conf, name,'disabled', disabled) + curs:set(conf, name,'hidden', hidden) + end +end + +function add_guestwifi_section(curs, conf, type, name, network, device, ifname, mode, ssid, encryption, hidden, key, disabled) + local exist = false + curs:foreach( + conf,type, + function(s) + if s['.name'] == name then + exist = true + end + end) + if exist == false then + curs:set(conf, name,'wifi-iface') + curs:set(conf, name,'device', device) + curs:set(conf, name,'network', network) + curs:set(conf, name,'mode', mode) + curs:set(conf, name,'ifname', ifname) + curs:set(conf, name,'disabled', disabled) + end +end + +function r3p_remove_nouse_section_option(curs, conf, type, name) + curs:foreach( + conf,type, + function(s) + if s['.name'] == name then + curs:delete(conf, s['.name'], 'bgprotect') + curs:delete(conf, s['.name'], 'beacon') + curs:delete(conf, s['.name'], 'dtim') + curs:delete(conf, s['.name'], 'fragthres') + curs:delete(conf, s['.name'], 'rtsthres') + curs:delete(conf, s['.name'], 'txpreamble') + curs:delete(conf, s['.name'], 'shortslot') + curs:delete(conf, s['.name'], 'txburst') + curs:delete(conf, s['.name'], 'pktaggre') + curs:delete(conf, s['.name'], 'igmpsnoop') + curs:delete(conf, s['.name'], 'ht_extcha') + curs:delete(conf, s['.name'], 'ht_opmode') + curs:delete(conf, s['.name'], 'ht_gi') + curs:delete(conf, s['.name'], 'ht_rdg') + curs:delete(conf, s['.name'], 'ht_stbc') + curs:delete(conf, s['.name'], 'ht_amsdu') + curs:delete(conf, s['.name'], 'ht_autoba') + curs:delete(conf, s['.name'], 'ht_badec') + curs:delete(conf, s['.name'], 'ht_ldpc') + curs:delete(conf, s['.name'], 'ht_txstream') + curs:delete(conf, s['.name'], 'ht_rxstream') + curs:delete(conf, s['.name'], 'ht_bsscoexist') + curs:delete(conf, s['.name'], 'g256qam') + curs:delete(conf, s['.name'], 'vht_stbc') + curs:delete(conf, s['.name'], 'vht_sgi') + curs:delete(conf, s['.name'], 'vht_bw_sig') + curs:delete(conf, s['.name'], 'vht_ldpc') + curs:delete(conf, s['.name'], 'mutxrxenable') + end + end) +end + +function main() + + local curs = uci.cursor() + local hardwaremodel = curs:get('misc','hardware','model') + + -- r1d + update_section(curs, 'wireless', 'wifi-iface', 'lan', 'wl0', 'wl0') + update_section(curs, 'wireless', 'wifi-iface', 'lan', 'wl1', 'wl1') + update_section(curs, 'wireless', 'wifi-iface', 'guest', 'wl1', 'wl1.2') + if hardwaremodel == 'R1D' or hardwaremodel == 'R2D' then + add_miwifiready_section(curs, 'wireless', 'wifi-iface', 'miwifi_ready', 'ready', 'wl1', 'wl1.3', 'ap', 'miwifi_ready', 'none', '1', '', '', '1') + end + update_wifi_disabled_section(curs, 'wireless', 'wifi-iface') + -- r1cm + update_section(curs, 'wireless', 'wifi-iface', 'lan', 'mt7612', 'wl0') + update_section(curs, 'wireless', 'wifi-iface', 'lan', 'mt7620', 'wl1') + if hardwaremodel == 'R1CM' or hardwaremodel == 'R3' then + add_miwifiready_section(curs, 'wireless', 'wifi-iface', 'miwifi_ready', 'ready', 'mt7620', 'wl2', 'ap', 'miwifi_ready', 'none', '1', '', '', '1') + add_guestwifi_section(curs, 'wireless', 'wifi-iface', 'guest_2G', 'guest', 'mt7620', 'wl3', 'ap', 'guest_2G', 'none', '1', '', '1') + end + -- r1cl + update_section(curs, 'wireless', 'wifi-iface', 'lan', 'mt7628', 'wl1') + if hardwaremodel == 'R1CL' or hardwaremodel == 'R3L' then + add_miwifiready_section(curs, 'wireless', 'wifi-iface', 'miwifi_ready', 'ready', 'mt7628', 'wl2', 'ap', 'miwifi_ready', 'none', '1', '', '', '1') + add_guestwifi_section(curs, 'wireless', 'wifi-iface', 'guest_2G', 'guest', 'mt7628', 'wl3', 'ap', 'guest_2G', 'none', '1', '', '1') + end + if hardwaremodel == 'R3P' then + r3p_remove_nouse_section_option(curs, 'wireless', 'wifi-device', 'mt7615e2') + r3p_remove_nouse_section_option(curs, 'wireless', 'wifi-device', 'mt7615e5') + end + curs:save('wireless') + curs:commit('wireless') + +end + +main() + + + + diff --git a/squashfs-root/lib/dnsmasq/dhcp_lease b/squashfs-root/lib/dnsmasq/dhcp_lease new file mode 100755 index 0000000..e12857d --- /dev/null +++ b/squashfs-root/lib/dnsmasq/dhcp_lease @@ -0,0 +1,37 @@ +#!/bin/sh + +SCRIP_PATH='/lib/dnsmasq/lease.d' + +dlog() { + logger -s -p 6 -t "dnsmasq.d" "$@" +} + +run_scripts() { + dlog "Begin run dns add script in $SCRIP_PATH" + for i in $SCRIP_PATH/*; do + dlog "exec $i $@" + $i "$@" 2>&1 + done + dlog "End run script" +} + +remove_nak_entry() { + . /usr/share/libubox/jshn.sh + json_init + json_add_string ip "$2" + json_add_string delete true + ubus call trafficd ip "$(json_dump)" + dlog "ubus call traffice delete $2 at $1" +} + +echo '0' > "/proc/$$/oom_score_adj" +case "$1" in + "add" | "old" | "del" ) + run_scripts "$@" + ;; + nak) + shift + remove_nak_entry "$@" + ;; +esac + diff --git a/squashfs-root/lib/dnsmasq/gen_config_from_uci b/squashfs-root/lib/dnsmasq/gen_config_from_uci new file mode 100644 index 0000000..778e0d5 --- /dev/null +++ b/squashfs-root/lib/dnsmasq/gen_config_from_uci @@ -0,0 +1,546 @@ +#!/bin/sh /etc/rc.common + +conlog(){ + msg="$@" + test -z "$msg" && return 0 + DATE="`date`" + logger -t "dnsmasq[${$}]" "$msg" + echo "$DATE dnsmasq[${$}]: $msg" >> /dev/console 2>/dev/null + return 0 +} + +xappend() { + local value="$1" + + echo "${value#--}" >> $CONFIGFILE +} + +dhcp_calc() { + local ip="$1" + local res=0 + + while [ -n "$ip" ]; do + part="${ip%%.*}" + res="$(($res * 256))" + res="$(($res + $part))" + [ "${ip%.*}" != "$ip" ] && ip="${ip#*.}" || ip= + done + echo "$res" +} + +append_bool() { + local section="$1" + local option="$2" + local value="$3" + local _loctmp + config_get_bool _loctmp "$section" "$option" 0 + [ $_loctmp -gt 0 ] && xappend "$value" +} + +append_parm() { + local section="$1" + local option="$2" + local switch="$3" + local _loctmp + config_get _loctmp "$section" "$option" + [ -z "$_loctmp" ] && return 0 + xappend "$switch=$_loctmp" +} + +append_server() { + xappend "--server=$1" +} + +append_address() { + xappend "--address=$1" +} + +append_interface() { + local ifname=$(uci_get_state network "$1" ifname "$1") + xappend "--interface=$ifname" +} + +append_notinterface() { + local ifname=$(uci_get_state network "$1" ifname "$1") + xappend "--except-interface=$ifname" +} + +append_addnhosts() { + xappend "--addn-hosts=$1" +} + +append_bogusnxdomain() { + xappend "--bogus-nxdomain=$1" +} + +dnsmasq() { + local cfg="$1" + append_bool "$cfg" authoritative "--dhcp-authoritative" + append_bool "$cfg" nodaemon "--no-daemon" + append_bool "$cfg" domainneeded "--domain-needed" + append_bool "$cfg" filterwin2k "--filterwin2k" + append_bool "$cfg" nohosts "--no-hosts" + append_bool "$cfg" nonegcache "--no-negcache" + append_bool "$cfg" strictorder "--strict-order" + append_bool "$cfg" logqueries "--log-queries" + append_bool "$cfg" logdhcp "--log-dhcp" + append_bool "$cfg" clearonreload "--clear-on-reload" + append_bool "$cfg" noresolv "--no-resolv" + append_bool "$cfg" localise_queries "--localise-queries" + append_bool "$cfg" readethers "--read-ethers" + append_bool "$cfg" dbus "--enable-dbus" + append_bool "$cfg" boguspriv "--bogus-priv" + append_bool "$cfg" expandhosts "--expand-hosts" + append_bool "$cfg" enable_tftp "--enable-tftp" + append_bool "$cfg" nonwildcard "--bind-interfaces" + append_bool "$cfg" fqdn "--dhcp-fqdn" + append_bool "$cfg" allservers "--all-servers" + append_bool "$cfg" client_update_ddns "--dhcp-client-update" + + #--dhcp-option-force=[tag:,[tag:,]][encap:,][vi-encap:,][vendor:[],],[[,]] + #This works in exactly the same way as --dhcp-option except that the option will always be sent, even if the client does not ask for + #it in the parameter request list. This is sometimes needed, for example when sending options to PXELinux. + # + #--dhcp-option-force=43,ANDROID_METERED + # + append_parm "$cfg" negttl "--neg-ttl" + append_parm "$cfg" maxttl "--max-ttl" + append_parm "$cfg" maxcachettl "--max-cache-ttl" + append_parm "$cfg" dhcpscript "--dhcp-script" + append_parm "$cfg" cachesize "--cache-size" + append_parm "$cfg" dnsforwardmax "--dns-forward-max" + append_parm "$cfg" port "--port" + append_parm "$cfg" ednspacket_max "--edns-packet-max" + append_parm "$cfg" dhcpleasemax "--dhcp-lease-max" + append_parm "$cfg" "queryport" "--query-port" + append_parm "$cfg" "domain" "--domain" + append_parm "$cfg" "local" "--server" + config_list_foreach "$cfg" "server" append_server + config_list_foreach "$cfg" "address" append_address + config_list_foreach "$cfg" "interface" append_interface + config_list_foreach "$cfg" "notinterface" append_notinterface + config_list_foreach "$cfg" "addnhosts" append_addnhosts + config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain + append_parm "$cfg" "leasefile" "--dhcp-leasefile" + append_parm "$cfg" "resolvfile" "--resolv-file" + append_parm "$cfg" "tftp_root" "--tftp-root" + append_parm "$cfg" "dhcp_boot" "--dhcp-boot" + append_parm "$cfg" "local_ttl" "--local-ttl" + + config_get DOMAIN "$cfg" domain + + config_get_bool ADD_LOCAL_DOMAIN "$cfg" add_local_domain 1 + config_get_bool ADD_LOCAL_HOSTNAME "$cfg" add_local_hostname 1 + + config_get_bool readethers "$cfg" readethers + [ "$readethers" = "1" -a \! -e "/etc/ethers" ] && touch /etc/ethers + + config_get leasefile $cfg leasefile + [ -n "$leasefile" -a \! -e "$leasefile" ] && touch "$leasefile" + config_get_bool cachelocal "$cfg" cachelocal 1 + + config_get hostsfile "$cfg" dhcphostsfile + [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" + + mkdir -p /tmp/hosts + xappend "--addn-hosts=/tmp/hosts" + + local rebind + config_get_bool rebind "$cfg" rebind_protection 1 + [ $rebind -gt 0 ] && { + logger -t dnsmasq \ + "DNS rebinding protection is active," \ + "will discard upstream RFC1918 responses!" + xappend "--stop-dns-rebind" + + local rebind_localhost + config_get_bool rebind_localhost "$cfg" rebind_localhost 0 + [ $rebind_localhost -gt 0 ] && { + logger -t dnsmasq "Allowing 127.0.0.0/8 responses" + xappend "--rebind-localhost-ok" + } + + append_rebind_domain() { + logger -t dnsmasq "Allowing RFC1918 responses for domain $1" + xappend "--rebind-domain-ok=$1" + } + + config_list_foreach "$cfg" rebind_domain append_rebind_domain + } + + [ -f "/www/xiaoqiang/diagnosis/index.html" ] && { + # network troubleshoot intercept + local intercept="$(uci -q get network.lan.ipaddr)" + [ -n "$intercept" ] && xappend "--intercept-ip-address=$intercept" + } + + local is_nxdomain=$(uci -q get http_status_stat.settings.enabled) + is_nxdomain=${is_nxdomain:-"0"} + config_get_bool enable_nxdomain_resolve "$cfg" nxdomain_helper 1 + local cc=$(bdata get CountryCode) + cc=${cc:-"CN"} + local nxdomain_ipaddr=$(uci -q get firewall.nxdomain.src_dip) + [ $is_nxdomain -eq "1" -a $cc = "CN" -a "$enable_nxdomain_resolve" = "1" -a -n "$nxdomain_ipaddr" ] && { + # replace nxdomain + xappend "--nxdomain-ip-address=$nxdomain_ipaddr" + } + + # dnsmasq script + [ -d "/lib/dnsmasq/lease.d" ] && { + xappend "--dhcp-script=/lib/dnsmasq/dhcp_lease" + } + dhcp_option_add "$cfg" "" 0 + + echo >> $CONFIGFILE +} + +dhcp_subscrid_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get subscriberid "$cfg" subscriberid + [ -n "$subscriberid" ] || return 0 + + xappend "--dhcp-subscrid=$networkid,$subscriberid" + + config_get_bool force "$cfg" force 0 + + dhcp_option_add "$cfg" "$networkid" "$force" +} + +dhcp_remoteid_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get remoteid "$cfg" remoteid + [ -n "$remoteid" ] || return 0 + + xappend "--dhcp-remoteid=$networkid,$remoteid" + + config_get_bool force "$cfg" force 0 + + dhcp_option_add "$cfg" "$networkid" "$force" +} + +dhcp_circuitid_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get circuitid "$cfg" circuitid + [ -n "$circuitid" ] || return 0 + + xappend "--dhcp-circuitid=$networkid,$circuitid" + + config_get_bool force "$cfg" force 0 + + dhcp_option_add "$cfg" "$networkid" "$force" +} + +dhcp_userclass_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get userclass "$cfg" userclass + [ -n "$userclass" ] || return 0 + + xappend "--dhcp-userclass=$networkid,$userclass" + + config_get_bool force "$cfg" force 0 + + dhcp_option_add "$cfg" "$networkid" "$force" +} + +dhcp_vendorclass_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get vendorclass "$cfg" vendorclass + [ -n "$vendorclass" ] || return 0 + + xappend "--dhcp-vendorclass=$networkid,$vendorclass" + + config_get_bool force "$cfg" force 0 + + dhcp_option_add "$cfg" "$networkid" "$force" +} + +dhcp_host_add() { + local cfg="$1" + + config_get_bool force "$cfg" force 0 + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] && dhcp_option_add "$cfg" "$networkid" "$force" + + config_get ip "$cfg" ip + [ -n "$ip" ] || return 0 + + macs="" + config_get mac "$cfg" mac + for m in $mac; do append macs "$m" ","; done + [ -n "$macs" ] || return 0 + + config_get tag "$cfg" tag + + xappend "--dhcp-host=$macs${networkid:+,net:$networkid}${tag:+,set:$tag}${ip:+,$ip}" +} + +dhcp_tag_add() { + local cfg="$1" + + tag="$cfg" + + [ -n "$tag" ] || return 0 + + config_get_bool force "$cfg" force 0 + [ "$force" = "0" ] && force= + + config_get option "$cfg" dhcp_option + for o in $option; do + xappend "--dhcp-option${force:+-force}=tag:$tag,$o" + done +} + +dhcp_mac_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || return 0 + + config_get mac "$cfg" mac + [ -n "$mac" ] || return 0 + + xappend "--dhcp-mac=$networkid,$mac" + + dhcp_option_add "$cfg" "$networkid" +} + +dhcp_boot_add() { + local cfg="$1" + + config_get networkid "$cfg" networkid + + config_get filename "$cfg" filename + [ -n "$filename" ] || return 0 + + config_get servername "$cfg" servername + [ -n "$servername" ] || return 0 + + config_get serveraddress "$cfg" serveraddress + [ -n "$serveraddress" ] || return 0 + + xappend "--dhcp-boot=${networkid:+net:$networkid,}$filename,$servername,$serveraddress" + + config_get_bool force "$cfg" force 0 + + dhcp_option_add "$cfg" "$networkid" "$force" +} + + +dhcp_add() { + local cfg="$1" + config_get net "$cfg" interface + [ -n "$net" ] || return 0 + + config_get networkid "$cfg" networkid + [ -n "$networkid" ] || networkid="$net" + + config_get ifname "$net" ifname + + [ "$cachelocal" = "0" ] && network_get_dnsserver dnsserver "$net" && { + DNS_SERVERS="$DNS_SERVERS $dnsserver" + } + + append_bool "$cfg" ignore "--no-dhcp-interface=$ifname" && return 0 + + config_get proto "$net" proto + [ static = "$proto" ] || return 0 + + config_get ipaddr "$net" ipaddr + config_get netmask "$cfg" netmask + [ -n "$netmask" ] || config_get netmask "$net" netmask + + #check for an already active dhcp server on the interface, unless 'force' is set + config_get_bool force "$cfg" force 0 + [ $force -gt 0 -o -z "$ifname" ] || { + udhcpc -n -q -s /bin/true -t 1 -i $ifname >&- && { + conlog "found already running DHCP-server on interface '$ifname'" \ + "refusing to start, use 'option force 1' to override" + return 0 + } + } + + config_get start "$cfg" start + config_get limit "$cfg" limit + config_get leasetime "$cfg" leasetime + config_get options "$cfg" options + config_get_bool dynamicdhcp "$cfg" dynamicdhcp 1 + + leasetime="${leasetime:-12h}" + start="$(dhcp_calc "${start:-100}")" + limit="${limit:-150}" + [ "$limit" -gt 0 ] && limit=$((limit-1)) + eval "$(ipcalc.sh $ipaddr $netmask $start $limit)" + if [ "$dynamicdhcp" = "0" ]; then END="static"; fi + xappend "--dhcp-range=$networkid,$START,$END,$NETMASK,$leasetime${options:+ $options}" + + dhcp_option_add "$cfg" "$networkid" + dhcp_option_force_add "$cfg" "$networkid" +} + +dhcp_option_add() { + local cfg="$1" + local networkid="$2" + local force="$3" + + [ "$force" = "0" ] && force= + + config_get dhcp_option "$cfg" dhcp_option + for o in $dhcp_option; do + xappend "--dhcp-option${force:+-force}=${networkid:+$networkid,}$o" + done +} + +dhcp_option_force_add() { + local cfg="$1" + local networkid="$2" + local force="1" + + config_get dhcp_option_force "$cfg" dhcp_option_force + for o in $dhcp_option_force; do + xappend "--dhcp-option${force:+-force}=${networkid:+$networkid,}$o" + done + + local model=$(uci -q get misc.hardware.model) + [ -z "$model" ] && model=$(cat /proc/xiaoqiang/model) + xappend "--dhcp-option-force=12,MiWiFi-$model-srv" + + local color=$(bdata get color) + local version=$(uci -q -c /usr/share/xiaoqiang get xiaoqiang_version.version.ROM) + # add vendor info options + xappend "dhcp-option-force=43,miwifi-$model-$version${color:+-$color}" +} + +dhcp_domain_add() { + local cfg="$1" + local ip name names + + config_get names "$cfg" name "$2" + [ -n "$names" ] || return 0 + + config_get ip "$cfg" ip "$3" + [ -n "$ip" ] || return 0 + + local oIFS="$IFS"; IFS="."; set -- $ip; IFS="$oIFS" + local raddr="${4:+$4.$3.$2.$1.in-addr.arpa}" + + for name in $names; do + local fqdn="$name" + + [ "${fqdn%.*}" == "$fqdn" ] && \ + fqdn="$fqdn${DOMAIN:+.$DOMAIN}" + + xappend "--address=/$fqdn/$ip" + + [ -n "$raddr" ] && { + xappend "--ptr-record=$raddr,$fqdn" + raddr="" + } + done +} + +dhcp_srv_add() { + local cfg="$1" + + config_get srv "$cfg" srv + [ -n "$srv" ] || return 0 + + config_get target "$cfg" target + [ -n "$target" ] || return 0 + + config_get port "$cfg" port + [ -n "$port" ] || return 0 + + config_get class "$cfg" class + config_get weight "$cfg" weight + + local service="$srv,$target,$port${class:+,$class${weight:+,$weight}}" + + xappend "--srv-host=$service" +} + +dhcp_mx_add() { + local cfg="$1" + local domain relay pref + + config_get domain "$cfg" domain + [ -n "$domain" ] || return 0 + + config_get relay "$cfg" relay + [ -n "$relay" ] || return 0 + + config_get pref "$cfg" pref 0 + + local service="$domain,$relay,$pref" + + xappend "--mx-host=$service" +} + +dhcp_cname_add() { + local cfg="$1" + local cname target + + config_get cname "$cfg" cname + [ -n "$cname" ] || return 0 + + config_get target "$cfg" target + [ -n "$target" ] || return 0 + + xappend "--cname=${cname},${target}" +} + + +killonepid(){ + local onepid ksig timelimit wcnt + onepid=$1 + ksig=$2 + if [ -z "$onepid" ] + then + return 0 + fi + test -z "$ksig" && ksig=15 + # + if [ $onepid -le 100 ] + then + return 0 + fi + timelimit=5 + wcnt=0 + while [ : ] + do + if [ "$ksig" = '0' ] + then + kill -${ksig} $onepid 2>/dev/null + return $? + fi + kill -${ksig} $onepid 2>/dev/null + test $? -ne 0 && return 0 + let wcnt=$wcnt+1 + test $wcnt -gt $timelimit && break + sleep 1 + done + kill -9 $onepid 2>/dev/null + test $? -eq 0 && return 1 + return 0 + # +} diff --git a/squashfs-root/lib/dnsmasq/lease.d/10-dhcp-mitvbox.sh b/squashfs-root/lib/dnsmasq/lease.d/10-dhcp-mitvbox.sh new file mode 100755 index 0000000..b575fa9 --- /dev/null +++ b/squashfs-root/lib/dnsmasq/lease.d/10-dhcp-mitvbox.sh @@ -0,0 +1,30 @@ + +#!/bin/sh + +file='/tmp/mitvbox_records' + +# only handle add and old op in this script +[ "$1" == 'add' -o "$1" == 'old' ] || return 0 +shift + +mitv=`echo $3 | tr '[A-Z]' '[a-z]' | grep -E "^mitv"` +mibox=`echo $3 | tr '[A-Z]' '[a-z]' | grep -E "^mibox"` + +if [ -n "$mitv" ]; then + datacenterClient -h localhost -p 9090 -i "{\"api\":626,\"mac\":\"$1\",\"type\":0}" + record=`sed -n /$1/p $file 2>/dev/null` + if [ -z "$record" ]; then + echo $1 0 >> $file + fi +fi + +if [ -n "$mibox" ]; then + datacenterClient -h localhost -p 9090 -i "{\"api\":626,\"mac\":\"$1\",\"type\":1}" + record=`sed -n /$1/p $file 2>/dev/null` + if [ -z "$record" ]; then + echo $1 1 >> $file + fi +fi + +# for plug-in +datacenterClient -h localhost -p 9090 -i "{\"api\":631,\"mac\":\"$1\",\"ip\":\"$2\",\"deviceName\":\"$3\"}" diff --git a/squashfs-root/lib/firewall.sysapi.loader b/squashfs-root/lib/firewall.sysapi.loader new file mode 100755 index 0000000..982d048 --- /dev/null +++ b/squashfs-root/lib/firewall.sysapi.loader @@ -0,0 +1,11 @@ +#!/bin/sh +# +#sysapi firewall script +# +#include by /etc/config/firewall +# +if [ -x /usr/sbin/sysapi.firewall ] + then + /usr/sbin/sysapi.firewall $@ +fi +# \ No newline at end of file diff --git a/squashfs-root/lib/firewall/ipset_redirect.loader b/squashfs-root/lib/firewall/ipset_redirect.loader new file mode 100755 index 0000000..9681b5a --- /dev/null +++ b/squashfs-root/lib/firewall/ipset_redirect.loader @@ -0,0 +1,34 @@ +#!/bin/sh + +. /lib/functions.sh + +dlog() { + logger -s -t ipset_redirect "$1" +} + +# do for earch rule set +handle_rule_set() { + local config="$1" + local src_port= + local dest_port= + local set_name= + config_get_bool enabled "$config" enabled + [ "$enabled" == '1' ] || exit 0 + config_get src_port "$config" src_port + [ -z $src_port ] && exit 0 + config_get dest_port "$config" dest_port + [ -z $dest_port ] && exit 0 + config_get set_name "$config" match_set + [ -z $set_name ] && exit 0 + + # create ipset group + ipset create $set_name hash:ip > /dev/null 2>&1 + + # del and add ipt rule + iptables -t nat -D PREROUTING -i br-lan -p tcp --dport $src_port -m set --match-set $set_name dst -j REDIRECT --to-ports $dest_port > /dev/null 2>&1 + iptables -t nat -I PREROUTING -i br-lan -p tcp --dport $src_port -m set --match-set $set_name dst -j REDIRECT --to-ports $dest_port > /dev/null 2>&1 +} + +config_load ipset_redirect +config_foreach handle_rule_set redirect + diff --git a/squashfs-root/lib/firewall/revproxy.loader b/squashfs-root/lib/firewall/revproxy.loader new file mode 100644 index 0000000..437d481 --- /dev/null +++ b/squashfs-root/lib/firewall/revproxy.loader @@ -0,0 +1,33 @@ +#!/bin/sh + +. /lib/functions.sh + +dlog() { + logger -s -t revproxy "$1" +} + +# do for earch rule set +handle_rule_set() { + local config="$1" + local src_dport= + local dest_port= + local src_dname= + local ipset_name= + config_get_bool enabled "$config" enabled + [ "$enabled" == '1' ] || exit 0 + config_get src_dport "$config" src_dport + config_get dest_port "$config" dest_port + config_get src_dname "$config" src_dname + config_get ipset_name "$config" ipset + [ -n "$src_dname" ] || exit 0 + iptables -t nat -N $config 2> /dev/null && { + iptables -t nat -A prerouting_lan_rule -p tcp --dport $src_dport -j $config + iptables -t nat -A prerouting_guest_rule -p tcp --dport $src_dport -j $config + } + iptables -t nat -S gwd_proxy | grep -q 'match-set' || { + iptables -t nat -A $config -m set --match-set $ipset_name dst -p tcp -j REDIRECT --to-ports $dest_port + } +} + +config_load revproxy +config_foreach handle_rule_set domain_dest diff --git a/squashfs-root/lib/firewall/rr.load b/squashfs-root/lib/firewall/rr.load new file mode 100755 index 0000000..66918b4 --- /dev/null +++ b/squashfs-root/lib/firewall/rr.load @@ -0,0 +1,56 @@ +#!/bin/sh + +firewall_flush() { + iptables -t nat -F "$1" 2> /dev/null + iptables -t mangle -D fwmark -p tcp -m set --match-set "rr_404" dst -m comment --comment "$1" -j MARK --set-mark 0x02/0x00000002 2> /dev/null +} + +firewall_set() { + iptables -t nat -N "$1" 2> /dev/null + # rule, http only + if ! iptables -t nat -S prerouting_lan_rule | grep -q "$1" + then + iptables -t nat -A prerouting_lan_rule -p tcp --dport 80 -j "$1" + fi + if ! iptables -t nat -S prerouting_guest_rule 2> /dev/null | grep -q "$1" + then + iptables -t nat -A prerouting_guest_rule -p tcp --dport 80 -j "$1" 2> /dev/null + fi + + if /usr/sbin/vasinfo_fw.sh status + then + if ! iptables -t nat -S "$1" | grep -q 'rr_sj' + then + ipset -q -n list "rr_sj" >/dev/null && { + iptables -t nat -A "$1" -m set --match-set "rr_sj" dst -p tcp -j REDIRECT --to-ports 8382 + } + fi + fi + + if ! iptables -t nat -S "$1" | grep -q 'rr_tb' + then + ipset -q -n list "rr_tb" >/dev/null && { + iptables -t nat -A "$1" -m set --match-set "rr_tb" dst -p tcp -j REDIRECT --to-ports 8380 + } + fi + + # mark in mangle + if ! iptables -t mangle -S fwmark | grep -q "$1"; then + ipset -q -n list "rr_404" >/dev/null && { + iptables -t mangle -A fwmark -p tcp -m set --match-set "rr_404" dst -m comment --comment "$1" -j MARK --set-mark 0x02/0x02 + } + fi +} + +case $1 in + reload) + firewall_flush "rr_rule" + firewall_set "rr_rule" + ;; + start) + firewall_set "rr_rule" + ;; + flush) + firewall_flush "rr_rule" + ;; +esac diff --git a/squashfs-root/lib/firstboot/05_firstboot_skip b/squashfs-root/lib/firstboot/05_firstboot_skip new file mode 100755 index 0000000..5f44df6 --- /dev/null +++ b/squashfs-root/lib/firstboot/05_firstboot_skip @@ -0,0 +1,10 @@ +#!/bin/sh + +check_skip() { + if [ "$firstboot_skip_next" = "true" ]; then + return 0 + else + return 1 + fi +} + diff --git a/squashfs-root/lib/firstboot/10_determine_parts b/squashfs-root/lib/firstboot/10_determine_parts new file mode 100755 index 0000000..9805489 --- /dev/null +++ b/squashfs-root/lib/firstboot/10_determine_parts @@ -0,0 +1,46 @@ +#!/bin/sh + +set_mtd_part() { + partname="overlay" + mtdpart="$(find_mtd_part $partname)" +} + +set_rom_part() { + rom=$(awk '/squashfs/ {print $2}' /proc/mounts) +} + +set_jffs_part() { + jffs=$(awk '/jffs2/ {print $2}' /proc/mounts) +} + +determine_mtd_part() { + set_mtd_part + if [ -z "$mtdpart" ]; then + echo "MTD partition not found." + exit 1 + fi +} + +determine_rom_part() { + check_skip || { + set_rom_part + if [ -z "$rom" ]; then + echo "You do not have a squashfs partition; aborting" + echo "(firstboot cannot be run on jffs2 based firmwares)" + exit 1 + fi + } +} + +determine_jffs2_part() { + check_skip || { + set_jffs_part + } +} + +boot_hook_add switch2jffs determine_mtd_part +boot_hook_add jffs2reset determine_mtd_part +boot_hook_add switch2jffs determine_rom_part +boot_hook_add jffs2reset determine_rom_part +boot_hook_add switch2jffs determine_jffs2_part +boot_hook_add jffs2reset determine_jffs2_part diff --git a/squashfs-root/lib/firstboot/10_no_fo_clear_overlay b/squashfs-root/lib/firstboot/10_no_fo_clear_overlay new file mode 100755 index 0000000..8a7d9b0 --- /dev/null +++ b/squashfs-root/lib/firstboot/10_no_fo_clear_overlay @@ -0,0 +1,17 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +no_fo_clear_overlay() { + # switch back to squashfs temporarily + pivot /rom /mnt + + # get rid of the old overlay + umount -l /mnt + + # another umount to get rid of the bind from /tmp/root + umount -l /mnt +} + +boot_hook_add no_fo no_fo_clear_overlay diff --git a/squashfs-root/lib/firstboot/10_reset_has_mini_fo b/squashfs-root/lib/firstboot/10_reset_has_mini_fo new file mode 100755 index 0000000..4e28584 --- /dev/null +++ b/squashfs-root/lib/firstboot/10_reset_has_mini_fo @@ -0,0 +1,12 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +reset_check_for_overlay() { + if grep -qE '(mini_fo|overlay)' /proc/filesystems; then + reset_has_fo=true + fi +} + +boot_hook_add jffs2reset reset_check_for_overlay diff --git a/squashfs-root/lib/firstboot/20_has_mini_fo b/squashfs-root/lib/firstboot/20_has_mini_fo new file mode 100755 index 0000000..8ca6a4f --- /dev/null +++ b/squashfs-root/lib/firstboot/20_has_mini_fo @@ -0,0 +1,13 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +check_for_overlay() { + if ! grep -qE '(mini_fo|overlay)' /proc/filesystems; then + boot_run_hook no_fo + exit 1 + fi +} + +boot_hook_add switch2jffs check_for_overlay diff --git a/squashfs-root/lib/firstboot/20_no_fo_mount_jffs b/squashfs-root/lib/firstboot/20_no_fo_mount_jffs new file mode 100755 index 0000000..8a1d4e0 --- /dev/null +++ b/squashfs-root/lib/firstboot/20_no_fo_mount_jffs @@ -0,0 +1,15 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +no_fo_mount_jffs() { + # initialize jffs2 + mount "$mtdpart" /overlay -t jffs2 || exit + + # workaround to ensure that union can attach properly + sync + ls /overlay >/dev/null +} + +boot_hook_add no_fo no_fo_mount_jffs diff --git a/squashfs-root/lib/firstboot/20_reset_clear_jffs b/squashfs-root/lib/firstboot/20_reset_clear_jffs new file mode 100755 index 0000000..a3cd24f --- /dev/null +++ b/squashfs-root/lib/firstboot/20_reset_clear_jffs @@ -0,0 +1,14 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +reset_clear_jffs() { + [ "$reset_has_fo" = "true" ] && { + rm -rf $jffs/* 2>&- + mount -o remount $jffs / 2>&- + exit 0 + } || reset_has_fo=false +} + +boot_hook_add jffs2reset reset_clear_jffs diff --git a/squashfs-root/lib/firstboot/30_is_rootfs_mounted b/squashfs-root/lib/firstboot/30_is_rootfs_mounted new file mode 100755 index 0000000..e2ba01d --- /dev/null +++ b/squashfs-root/lib/firstboot/30_is_rootfs_mounted @@ -0,0 +1,10 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +skip_if_rootfs_mounted() { + mount "$mtdpart" /rom/overlay -t jffs2 || exit +} + +boot_hook_add switch2jffs skip_if_rootfs_mounted diff --git a/squashfs-root/lib/firstboot/30_no_fo_pivot b/squashfs-root/lib/firstboot/30_no_fo_pivot new file mode 100755 index 0000000..b5c2601 --- /dev/null +++ b/squashfs-root/lib/firstboot/30_no_fo_pivot @@ -0,0 +1,11 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +no_fo_pivot() { + # switch to the new (empty) jffs2 + fopivot /overlay /rom 1 +} + +boot_hook_add no_fo no_fo_pivot diff --git a/squashfs-root/lib/firstboot/30_reset_copy_rom b/squashfs-root/lib/firstboot/30_reset_copy_rom new file mode 100755 index 0000000..d91c689 --- /dev/null +++ b/squashfs-root/lib/firstboot/30_reset_copy_rom @@ -0,0 +1,13 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +reset_copy_rom() { + [ "$reset_has_fo" != "true" ] && { + dupe $jffs $rom + exit 0 + } +} + +boot_hook_add jffs2reset reset_copy_rom diff --git a/squashfs-root/lib/firstboot/40_copy_ramoverlay b/squashfs-root/lib/firstboot/40_copy_ramoverlay new file mode 100755 index 0000000..39c2eda --- /dev/null +++ b/squashfs-root/lib/firstboot/40_copy_ramoverlay @@ -0,0 +1,15 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +copy_ramoverlay() { + # try to avoid fs changing while copying + mount -o remount,ro none / 2>&- + # copy ramoverlay to jffs2 + echo -n "copying files ... " + cp -a /tmp/root/* /rom/overlay 2>&- + echo "done" +} + +boot_hook_add switch2jffs copy_ramoverlay diff --git a/squashfs-root/lib/firstboot/40_no_fo_copy_ramoverlay b/squashfs-root/lib/firstboot/40_no_fo_copy_ramoverlay new file mode 100755 index 0000000..ced7c1b --- /dev/null +++ b/squashfs-root/lib/firstboot/40_no_fo_copy_ramoverlay @@ -0,0 +1,14 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +no_fo_copy_ramoverlay() { + # copy ramoverlay to jffs2, must be done after switching + # to the new rootfs to avoid creating opaque directories + echo -n "copying files ... " + cp -a /tmp/root/* / >/dev/null 2>&1 + sync +} + +boot_hook_add no_fo no_fo_ramoverlay diff --git a/squashfs-root/lib/firstboot/50_pivot b/squashfs-root/lib/firstboot/50_pivot new file mode 100755 index 0000000..53801d7 --- /dev/null +++ b/squashfs-root/lib/firstboot/50_pivot @@ -0,0 +1,17 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +with_fo_pivot() { + # switch back to squashfs (temporarily) + # and park the ramdisk ontop of /tmp/root + pivot /rom /mnt + mount -o move /mnt /tmp/root + + # /overlay is the overlay + # /rom is the readonly + fopivot /overlay /rom +} + +boot_hook_add switch2jffs with_fo_pivot diff --git a/squashfs-root/lib/firstboot/99_10_no_fo_cleanup b/squashfs-root/lib/firstboot/99_10_no_fo_cleanup new file mode 100755 index 0000000..6dedcb1 --- /dev/null +++ b/squashfs-root/lib/firstboot/99_10_no_fo_cleanup @@ -0,0 +1,13 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +no_fo_cleanup() { + echo "done" + umount -l /overlay + umount -l /tmp/root + exit 0 +} + +boot_hook_add no_fo no_fo_cleanup diff --git a/squashfs-root/lib/firstboot/99_10_with_fo_cleanup b/squashfs-root/lib/firstboot/99_10_with_fo_cleanup new file mode 100755 index 0000000..0181b39 --- /dev/null +++ b/squashfs-root/lib/firstboot/99_10_with_fo_cleanup @@ -0,0 +1,25 @@ +#!/bin/sh + +# Copyright (C) 2006-2010 OpenWrt.org +# Copyright (C) 2010 Vertical Communications + +with_fo_cleanup() { + # try to get rid of /tmp/root + # this will almost always fail + umount /tmp/root 2>&- + grep -q overlay /proc/filesystems && { + cd / + ( + cd /overlay + find -type l + ) | while read FILE; do + [ -z "$FILE" ] && break + if ls -la "$FILE" 2>&- | grep -q '(overlay-whiteout)'; then + rm -f "$FILE" + fi + done + } + exit 0 +} + +boot_hook_add switch2jffs with_fo_cleanup diff --git a/squashfs-root/lib/functions.sh b/squashfs-root/lib/functions.sh new file mode 100755 index 0000000..b3a3885 --- /dev/null +++ b/squashfs-root/lib/functions.sh @@ -0,0 +1,340 @@ +#!/bin/sh +# Copyright (C) 2006-2011 OpenWrt.org +# Copyright (C) 2006 Fokus Fraunhofer + + +debug () { + ${DEBUG:-:} "$@" +} +mount() { + busybox mount "$@" +} + +# newline +N=" +" + +_C=0 +NO_EXPORT=1 +LOAD_STATE=1 +LIST_SEP=" " + +hotplug_dev() { + env -i ACTION=$1 INTERFACE=$2 /sbin/hotplug-call net +} + +append() { + local var="$1" + local value="$2" + local sep="${3:- }" + + eval "export ${NO_EXPORT:+-n} -- \"$var=\${$var:+\${$var}\${value:+\$sep}}\$value\"" +} + +list_contains() { + local var="$1" + local str="$2" + local val + + eval "val=\" \${$var} \"" + [ "${val%% $str *}" != "$val" ] +} + +list_remove() { + local var="$1" + local remove="$2" + local val + + eval "val=\" \${$var} \"" + val1="${val%% $remove *}" + [ "$val1" = "$val" ] && return + val2="${val##* $remove }" + [ "$val2" = "$val" ] && return + val="${val1## } ${val2%% }" + val="${val%% }" + eval "export ${NO_EXPORT:+-n} -- \"$var=\$val\"" +} + +config_load() { + [ -n "$IPKG_INSTROOT" ] && return 0 + uci_load "$@" +} + +reset_cb() { + config_cb() { return 0; } + option_cb() { return 0; } + list_cb() { return 0; } +} +reset_cb + +package() { + return 0 +} + +config () { + local cfgtype="$1" + local name="$2" + + export ${NO_EXPORT:+-n} CONFIG_NUM_SECTIONS=$(($CONFIG_NUM_SECTIONS + 1)) + name="${name:-cfg$CONFIG_NUM_SECTIONS}" + append CONFIG_SECTIONS "$name" + [ -n "$NO_CALLBACK" ] || config_cb "$cfgtype" "$name" + export ${NO_EXPORT:+-n} CONFIG_SECTION="$name" + export ${NO_EXPORT:+-n} "CONFIG_${CONFIG_SECTION}_TYPE=$cfgtype" +} + +option () { + local varname="$1"; shift + local value="$*" + + export ${NO_EXPORT:+-n} "CONFIG_${CONFIG_SECTION}_${varname}=$value" + [ -n "$NO_CALLBACK" ] || option_cb "$varname" "$*" +} + +list() { + local varname="$1"; shift + local value="$*" + local len + + config_get len "$CONFIG_SECTION" "${varname}_LENGTH" 0 + [ $len = 0 ] && append CONFIG_LIST_STATE "${CONFIG_SECTION}_${varname}" + len=$(($len + 1)) + config_set "$CONFIG_SECTION" "${varname}_ITEM$len" "$value" + config_set "$CONFIG_SECTION" "${varname}_LENGTH" "$len" + append "CONFIG_${CONFIG_SECTION}_${varname}" "$value" "$LIST_SEP" + list_cb "$varname" "$*" +} + +config_rename() { + local OLD="$1" + local NEW="$2" + local oldvar + local newvar + + [ -n "$OLD" -a -n "$NEW" ] || return + for oldvar in `set | grep ^CONFIG_${OLD}_ | \ + sed -e 's/\(.*\)=.*$/\1/'` ; do + newvar="CONFIG_${NEW}_${oldvar##CONFIG_${OLD}_}" + eval "export ${NO_EXPORT:+-n} \"$newvar=\${$oldvar}\"" + unset "$oldvar" + done + export ${NO_EXPORT:+-n} CONFIG_SECTIONS="$(echo " $CONFIG_SECTIONS " | sed -e "s, $OLD , $NEW ,")" + + [ "$CONFIG_SECTION" = "$OLD" ] && export ${NO_EXPORT:+-n} CONFIG_SECTION="$NEW" +} + +config_unset() { + config_set "$1" "$2" "" +} + +config_clear() { + local SECTION="$1" + local oldvar + + list_remove CONFIG_SECTIONS "$SECTION" + export ${NO_EXPORT:+-n} CONFIG_SECTIONS="${SECTION:+$CONFIG_SECTIONS}" + + for oldvar in `set | grep ^CONFIG_${SECTION:+${SECTION}_} | \ + sed -e 's/\(.*\)=.*$/\1/'` ; do + unset $oldvar + done +} + +# config_get