из транка
svn://svn.openwrt.org/openwrt/trunk
Пока полёт нормальный, яхуууу, посмотрим на работу wifi.
Т.к. с Backfire 10.03 r.22828 (svn://svn.openwrt.org/openwrt/branches/backfire) работал нестабильно wifi(через несколько минут/часов отрубался, помогала только перезагрузка).
Да, кстати, с Камикадзе драйвер wl для wifi у меня не работал :(
Я его устанавливал не в прошивку, а потом с репозитория локального. Wifi не поднялся с ним.
Конфиги:
=================================
root@zav:~# cat /etc/config/firewall
config 'defaults'
option 'syn_flood' '1'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
config 'zone'
option 'name' 'lan'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
config 'zone'
option 'name' 'wan'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
option 'masq' '1'
option 'mtu_fix' '1'
config 'forwarding'
option 'src' 'lan'
option 'dest' 'wan'
config 'rule'
option 'src' 'wan'
option 'proto' 'udp'
option 'dest_port' '68'
option 'target' 'ACCEPT'
option 'family' 'ipv4'
config 'rule'
option 'src' 'wan'
option 'proto' 'icmp'
option 'icmp_type' 'echo-request'
option 'target' 'ACCEPT'
config 'redirect'
option 'src' 'wan'
option 'src_dport' '80'
option 'dest' 'lan'
option 'dest_ip' '192.168.0.123'
option 'dest_port' '8080'
option 'proto' 'tcp'
config 'include'
option 'path' '/etc/firewall.user'
#config 'redirect'
# option 'src' 'wan'
# option 'proto' 'tcp'
# option 'src_dport' '8888'
# option 'dest_ip' '192.168.0.1'
# option 'dest_port' '8888'
=================================
Вот оригинальный:
=================================
root@zav:~# cat /etc/config/firewall
config defaults
option syn_flood 1
option input ACCEPT
option output ACCEPT
option forward REJECT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
config zone
option name lan
option input ACCEPT
option output ACCEPT
option forward REJECT
config zone
option name wan
option input REJECT
option output ACCEPT
option forward REJECT
option masq 1
option mtu_fix 1
config forwarding
option src lan
option dest wan
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
option src wan
option proto udp
option dest_port 68
option target ACCEPT
option family ipv4
#Allow ping
config rule
option src wan
option proto icmp
option icmp_type echo-request
option target ACCEPT
# include a file with users custom iptables rules
config include
option path /etc/firewall.user
### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
# option src lan
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:66
# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option proto tcp
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
=================================
=================================
root@zav:~# cat /etc/config/fstab
config 'global' 'automount'
option 'from_fstab' '1'
option 'anon_mount' '1'
config 'global' 'autoswap'
option 'from_fstab' '1'
option 'anon_swap' '0'
config 'mount'
option 'target' '/'
option 'device' '/dev/sda1'
option 'fstype' 'ext3'
option 'options' 'rw,sync'
option 'enabled_fsck' '0'
option 'enabled' '1'
option 'is_rootfs' '1'
config 'mount'
option 'target' '/home'
option 'device' '/dev/sda2'
option 'fstype' 'ext3'
option 'options' 'rw,sync'
option 'enabled_fsck' '0'
option 'enabled' '1'
config 'swap'
option 'device' '/dev/sda3'
option 'enabled' '1'
=================================
=================================
root@zav:~# cat /etc/config/network
config 'switch' 'eth0'
option 'enable' '1'
config 'switch_vlan' 'eth0_0'
option 'device' 'eth0'
option 'vlan' '0'
option 'ports' '1 2 3 4 5'
config 'switch_vlan' 'eth0_1'
option 'device' 'eth0'
option 'vlan' '1'
option 'ports' '0 5'
config 'interface' 'loopback'
option 'ifname' 'lo'
option 'proto' 'static'
option 'ipaddr' '127.0.0.1'
option 'netmask' '255.0.0.0'
config 'interface' 'lan'
option 'type' 'bridge'
option 'ifname' 'eth0.0'
option 'proto' 'static'
option 'netmask' '255.255.255.0'
option 'ipaddr' '192.168.0.1'
config 'interface' 'wan'
option 'ifname' 'eth0.1'
option 'proto' 'pppoe'
option 'macaddr' '00:90:4c:c0:00:00'
option 'username' 'bla-bla-bla'
option 'password' 'bla-bla-bla'
option 'defaultroute' '1'
option 'ppp_redial' 'demand'
=================================
=================================
root@zav:~# cat /etc/config/wireless
config 'wifi-device' 'radio0'
option 'type' 'mac80211'
option 'macaddr' '00:90:4c:c0:00:00'
option 'channel' '01'
option 'disabled' '0'
config 'wifi-iface'
option 'device' 'radio0'
option 'network' 'lan'
option 'mode' 'ap'
option 'hidden' '0'
option 'isolate' '0'
option 'bgscan' '0'
option 'wds' '0'
option 'macfilter' 'none'
option 'ssid' 'ZAV'
option 'encryption' 'psk2'
option 'key' 'bla-bla-bla'
=================================
=================================
root@zav:~# cat /etc/config/timezone
config 'timezone'
option 'posixtz' 'EET-2EEST,M3.5.0/3,M10.5.0/4'
option 'zoneinfo' 'Europe/Kiev'
=================================
=================================
root@zav:~# cat /etc/config/updatedd
config 'updatedd'
option 'update' '1'
option 'service' 'dyndns'
option 'username' 'zavizionov'
option 'password' 'bla-bla-bla'
option 'host' '10100.dyndns.org'
=================================
No comments:
Post a Comment