分类: openwrt

  • 给家中的服务器, 分配 IPv6公网地址

    条件:

    中国电信光猫, Openwrt 路由器, 阿里云域名

    Step 1: 路由器升级, 最新版 OpenWrt / 23.05.03

    Step 2: 从电信获得 宽带帐号/宽带密码

    Step 3: 设置光猫为Bridge 模式

    Step 4: 路由器 Lan 接口 IPv4 地址设置为 10.0.0.1

    Step 5: 路由器 Wan 接口 修改为 PPPoE 模式, PAP/CHAP username/password 填入从电信获得的 宽带帐号/宽带密码

    Step 6: 因为PPPoE 拨号会同时获得 IPv4 和 IPv6地址,wan6 接口没用,删除wan6接口

    Step 7: 重起wan接口,会自动拨号,若成功,自动增加wan_6虚拟接口,IPv6 和IPv6-PD

    Step 8: 修改Lan接口Advanced Setting:

    Delegate IPv6 prefixes = yes

    IPv6 assignment length = 60

    IPv6 prefix filter = wan_6

    Step 9: 修改路由器 network/dhcp/Static Leases, 为每个IPv6公网网卡增加一项纪录:

    包括: Hostname, Mac 地址,IPv4,IPv6-Suffix,

    为方便记忆,我选择 IPv4 最后一栏与IPv6-Suffix 相同,

    比如,mpd IPv4=10.0.0.222, mpd的IPv6-Suffix 设置为0222

    Step 10: 根据应用需要,修改基于端口的防火墙:Network/Firewall/TrafficRules 增加纪录

    至此,路由器设置完毕

    域名更新

    由于每次拨号,都会获得一个不同的IPv6-PD值

    可以使用脚本程序,监控路由器中的IPv6-PD值,若有变化,调用域名服务商的API接口,更新IPv6值

    https://github.com/zhengleic/ddns-aliyun

    存在问题

    发现重新拨号,IPv6-PD变化后,应用服务器可以自动获得新的IPv6,并访问外部网络,但无法从外部网络访问应用服务器

    原因不详, 应用服务器为Debian 10

    解决办法:

    更新域名后,同时将应用服务器的网卡down/up一次: ifdown dev / ifup dev

  • Setup Home WiFi Audio System

    Build home MPD wifi audio system, by combine:

    • Active Speaker
    • Wifi Router with usb port, and support openwrt
    • USB sound card

    Upgrade openwrt to the latest version

    SSH log into openwrt

    ######################################
######### Repository #################

cp /etc/opkg/distfeeds.conf  /etc/opkg/distfeeds.conf.bak
sed -i "s#downloads.openwrt.org#mirrors.ustc.edu.cn/openwrt#g" /etc/opkg/distfeeds.conf
#sed -i "s#downloads.openwrt.org#mirrors.tuna.tsinghua.edu.cn/openwrt#g" /etc/opkg/distfeeds.conf
#sed -i "s#downloads.openwrt.org#mirrors.aliyun.com/openwrt#g" /etc/opkg/distfeeds.conf
#sed -i "s#downloads.openwrt.org#mirrors.cloud.tencent.com/openwrt#g" /etc/opkg/distfeeds.conf

opkg update


######################################
########## pulseaudio ################

opkg install kmod-input-core
opkg install kmod-sound-core
opkg install kmod-usb-audio
opkg install pulseaudio-daemon


#########################################
########## Sound Blaster ################
# opkg install kmod-ac97
# opkg install kmod-sound-ens1371


########## AC 97 ########################
#opkg install kmod-sound-cs5535audio 


####### Motherboard Sound Card ##########
#opkg install  kmod-sound-i8x0

############ Soc Sound Card #############
#opkg install  kmod-sound-soc-core 



##### Editor ############################ 
# opkg install nano


###########  Utility  ###################
#opkg install usbutils
#opkg install alsa-utils


### Allow module load ###
sed -i "s/--disallow-module-loading//"   /etc/init.d/pulseaudio

### Load TCP module ###
sed -i "s/load-module module-native-protocol-unix/load-module module-native-protocol-tcp auth-anonymous=1/"  /etc/pulse/system.pa





### Firewall ###
sh -c " cat >/etc/config/firewall " << EOF


######  ssh port ##################
config redirect
       option src              wan
       option src_dport        22
       option dest             lan
       option dest_ip          192.168.1.1
       option dest_port        22
       option proto            tcp

###### pulseaudio port ############
config redirect
       option src              wan
       option src_dport        4713
       option dest             lan
       option dest_ip          192.168.1.1
       option dest_port        4713
       option proto            tcp

###### Http Port ##################
onfig redirect
        option src 'wan'
        option src_dport '80'
        option dest 'lan'
        option dest_ip '192.168.1.1'
        option dest_port '80'
        option proto 'tcp'

EOF



/etc/init.d/firewall   restart
/etc/init.d/pulseaudio restart




######################################
######################################
########## WiFI Relay ################
opkg install relayd
opkg install luci-proto-relay


# From web admin portal, setup new wireless wan port for 5G and 2G separately:
# http://192.168.1.1/cgi-bin/luci/
### Network
### Wireless
### Scan
### Selected your existed SSID, Joining Network
### ## Replace wireless configuration  = yes
### ## Create / Assign firewall-zone   = LAN
### Go to Network/Interface
### Set the IP of  wireless wan, as normal

    Login into your MPD system, add the following block into the the mpd.conf file:

    audio_output {

 type "pulse"

 name " Wifi Router"

 server "IP_OF_WIFI_ROUTER:4713" 

}

    Now, you can find the “Wifi Router” option item, from Outputs/Server properties/M.A.L.P, suppose M.A.L.P apk installed android handset

  • socks proxy

    Socks_v5_Proxy_Protocol

  • Advanced Firewall Configurations with ipset

    http://www.linuxjournal.com/content/advanced-firewall-configurations-ipset

  • Update NO-IP DDNS

    Updating no-ip ddns on

    DDWRT Router:  

    with the help of inadyn tool

    https://github.com/torglobit/inadyn

     

     

     

    Linux box:

    With the help of noip-udc-linux

    http://www.no-ip.com/client/linux

     

    Failed Issus:

    No direct internet link

       DNS resolve too slow

    inadyn:   timeout=IP_DEFAULT_TIMEOUT=20s

    noip-udc:   using gethostbyname  linux api to get IP address,  the timeout can be defined in /etc/resolv.conf,  the default value in linux is 5 ms,

    Example of resolv.conf:

    nameserver 8.8.8.8 options timeout:30

     

     

  • Setup SSH VPN between two linux device

    https://help.ubuntu.com/community/SSH_VPN

    SSH_VPN

    work with ddwrt (with openssh+ ip installed)

     

     

     

  • Setup mirror of Openwrt package repository

    Suppose we need a local package repository, 15.05-rc3 branch of  newif

     

    # Create local repository directory

    mkdir -p /mirror/openwrt

     

    # Goto repository directory

    cd /mirror/openwrt

     

    # download packages with wget

    wget -m –no-parent -e robots=off  http://downloads.openwrt.org/chaos_calmer/15.05-rc3/ramips/mt7620/packages/

     

    # config http server, here lighttpd

    # add alias in configure:  alias.url = (“download.openwrt.org”=>”/mirror/openwrt/downloads.openwrt.org/”)

    # restart http server

    /etc/init.d/lighttpd restart

     

    # Modify OPKG-Configuration in luci web site

    # src/gz chaos_calmer_base http://localip/downloads.openwrt.org/…”

    #…

     

  • OpenWrt swconfig

    swconfig 是OpenWrt用来配置交换机的命令。

    swconfig list 现实系统交换机。

    swconfig dev <switch0/eth1> show现实当前端口配置。

     

    http://wiki.openwrt.org/zh-cn/doc/uci/network/switch

  • Config OpenWrt on WNDR3700v4

    Http proxy for opkg:
    Add following line in OPKG-Configuration via LuCI Web
    option http_proxy http://172.24.61.252:8080/

    Enable USB Storage
    Install kmod-usb-storage
    Install kmod-fs-ext4
    Install kmod-fs-msdos
    Install kmod-nls-utf8
    Install block-mount

  • Install openwrt onto WNDR3700v4 from factory image

    Download openwrt image
    openwrt-ar71xx-nand-wndr3700v4-ubi-factory
    https://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/nand/

    Install with update feature from web interface

     

    Issue of of 2014.10.2 version

    Unable to use the 128MB flash space.

     

    Status of 2014.10.2 version

    System
    Hostname OpenWrt
    Model NETGEAR WNDR3700v4
    Firmware Version OpenWrt Barrier Breaker 14.07 / LuCI Trunk (0.12+svn-r10530)
    Kernel Version 3.10.49