Err.. I thought it might be a neat idea if people posted any useful scripts/files they've written or have to be used with the WL-500g. So post away! I'll post some that I consider useful but most people probably wouldn't. I use some extensive post-firewall stuff with headers and functions which I won't post here (yet); it's slow at loading anyway.
/usr/local/sbin/start-nas:
Code:
#!/bin/sh
# Kill it if it's running
killall nas
# Use correct library
export LD_LIBRARY_PATH=/usr/lib
# Allow access to nas again (unmount
# it from /dev/null)
umount /usr/sbin/nas
# I throw these in a lot. May/may not
# be necessary. I haven't removed it
# because "if it ain't broke don't fix it."
# So shoot me.
# Sleep for 10 milliseconds to (probably
# unnecessarily) make time for an
# umount.
usleep 10000
# Launch nas
nas /tmp/nas.lan.conf /tmp/nas.lan.pid lan &
/var/spool/cron/crontabs/admin: (put in /usr/local/.files)
Code:
0 12 1-30/2 * * /usr/local/sbin/reset-logs
* * * * * /usr/local/sbin/ensure-proc
(every other day it resets the logs, every minute it ensures that important processes are running)
/usr/local/sbin/reset-logs: (chmod +x)
Code:
#!/bin/sh
#rm /opt/syslog.old
#mv /opt/syslog.log /opt/syslog.old
#rm /opt/openvpn.old
#mv /opt/openvpn.log /opt/openvpn.old
rm /opt/radius.old
mv /opt/radius.log /opt/radius.old
rm /opt/ep.old
mv /opt/ep.log /opt/ep.old
rm /tmp/syslog.log
touch /tmp/syslog.log
/usr/local/sbin/ensure-proc: (chmod +x)
Code:
#!/bin/sh
# This script checks to make sure important
# processes are running (in case they crash).
# It also makes sure annoying or unwanted
# programs are not running.
#LOGFILE=/dev/null
LOGFILE=/opt/ep.log
time=`date +"%x %l:%M:%S%p"`
echo "`date +%m%d%H%M%C%y`" > /opt/time
ensure()
{
cmd=$2
name=$3
if [ -z "$2" ]; then cmd=$1; fi
if [ -z "$3" ]; then name=$1; fi
running=`ps | grep "$1" | grep -v "grep"`
if [ -z "$running" ]; then
echo $time $name": restarting" >> $LOGFILE
$cmd
fi
}
ensure upnp "/usr/sbin/upnp -D -L `nvram get lan_ifname` -W `nvram get wan_ifname`"
ensure nas "/usr/local/sbin/start-nas"
#ensure openvpn "/usr/local/sbin/start-vpn"
#ensure radiusd "/usr/local/sbin/start-radius"
ensure dropbear
ensure dnsmasq
/usr/local/sbin/ipt_mac:
Code:
# NOT TO BE RUN DIRECTLY
# This script is used to force association between
# IP address and MAC address for communication
# to occur. Otherwise, all packets are dropped.
# Make sure /etc/dnsmasq.conf is configured to
# use /etc/ethers.
# Communication with authorized MAC addresses
# is allowed only with source IP addresses 0.0.0.0
# and that which the MAC address is associated with
# in order to allow DHCP assignment, which, with
# the help of /etc/ethers, should assign the MAC
# the associated address. In other words, an
# address assigned manually that is different from
# the associated address may not access the
# network.
. variables
init_macs() {
if [ -e /tmp/macs ]; then
echo "NO!!!"
exit
fi
touch /tmp/macs
$IPTM -N MACS
$IPTM -F MACS
$IPTM -A MACS -s 192.168.1.1 -j RETURN
macs=
rm -f /etc/ethers
touch /etc/ethers
killall dnsmasq
}
MAC() {
$IPTM -A MACS -s $2 -m mac --mac-source $1 -j RETURN
$IPTM -A MACS -s 0.0.0.0 -m mac --mac-source $1 -j RETURN
if [ "$3" -eq 1 ]; then macs="$macs$1 "; fi
echo "$1 $2" >> /etc/ethers
}
finish_macs() {
$IPTM -A MACS -j DROP
#$IPTM -A MACS -j LOG
$IPTM -D PREROUTING -i $INTIF -j MACS
$IPTM -I PREROUTING -i $INTIF -j MACS
wl macmode 0
usleep 250000
wl mac none
usleep 250000
if [ -n "$macs" ]; then
wl mac $macs
usleep 250000
wl macmode 2
fi
/usr/sbin/dnsmasq
rm -f /tmp/macs
}
/usr/local/sbin/MACS: (chmod +x)
Code:
#!/bin/sh
# This is the file which is run in
# order to initiate the MAC/IP
# association and protection/
# security functions.
. /usr/local/sbin/ipt_mac
init_macs
. /usr/local/sbin/maclist
finish_macs
/usr/local/sbin/maclist:
Code:
# NOT TO BE RUN DIRECTLY
# It looks something like this:
# This is a normal LAN device.
# MAC 00:00:00:00:00:01 192.168.1.101
# This is a WLAN device. Notice the 1 on the end,
# representing to the MAC function that this MAC
# address should be allowed to access the network
# wirelessly.
# MAC 00:00:00:00:00:02 192.168.1.102 1
# You must populate this list according to your own
# network if this is to be used.
/usr/local/sbin/save: (chmod +x)
Code:
#!/bin/sh
flashfs save
flashfs commit
/usr/local/sbin/do-dyndns: (chmod +x)
Code:
#!/bin/sh
wan_ip=`nvram get wan_ipaddr_t`
if [ -z "$wan_ip" ]; then exit; fi
until [ -e /opt/lastip ]
do
sleep 1
done
lastip=`cat /opt/lastip`
if [ "$wan_ip" != "$lastip" ]
then
echo NEW IP!
ez-ipupdate -c /etc/dynamic_dns
echo $wan_ip > /opt/lastip
#killall noip2
#usleep 250000
#/opt/sbin/noip2
else
echo SAME IP!
fi
/etc/dynamic_dns: (to put it /usr/local/.files, or perhaps just save /etc/dynamic_dns in /usr/local/etc since I think it copies it to /etc .. ?)
Code:
#!/bin/sh
service-type=dyndns
user=user:pass
interface=`nvram get wan_ifname`
host=blah.dyndns.org