Err.. I thought it might be a neat idea if people posted any useful scripts/files they've written or have to be used with the WL-500g. So post away! I'll post some that I consider useful but most people probably wouldn't. I use some extensive post-firewall stuff with headers and functions which I won't post here (yet); it's slow at loading anyway.
/usr/local/sbin/start-nas:
/var/spool/cron/crontabs/admin: (put in /usr/local/.files)Code:#!/bin/sh # Kill it if it's running killall nas # Use correct library export LD_LIBRARY_PATH=/usr/lib # Allow access to nas again (unmount # it from /dev/null) umount /usr/sbin/nas # I throw these in a lot. May/may not # be necessary. I haven't removed it # because "if it ain't broke don't fix it." # So shoot me. # Sleep for 10 milliseconds to (probably # unnecessarily) make time for an # umount. usleep 10000 # Launch nas nas /tmp/nas.lan.conf /tmp/nas.lan.pid lan &
(every other day it resets the logs, every minute it ensures that important processes are running)Code:0 12 1-30/2 * * /usr/local/sbin/reset-logs * * * * * /usr/local/sbin/ensure-proc
/usr/local/sbin/reset-logs: (chmod +x)
/usr/local/sbin/ensure-proc: (chmod +x)Code:#!/bin/sh #rm /opt/syslog.old #mv /opt/syslog.log /opt/syslog.old #rm /opt/openvpn.old #mv /opt/openvpn.log /opt/openvpn.old rm /opt/radius.old mv /opt/radius.log /opt/radius.old rm /opt/ep.old mv /opt/ep.log /opt/ep.old rm /tmp/syslog.log touch /tmp/syslog.log
/usr/local/sbin/ipt_mac:Code:#!/bin/sh # This script checks to make sure important # processes are running (in case they crash). # It also makes sure annoying or unwanted # programs are not running. #LOGFILE=/dev/null LOGFILE=/opt/ep.log time=`date +"%x %l:%M:%S%p"` echo "`date +%m%d%H%M%C%y`" > /opt/time ensure() { cmd=$2 name=$3 if [ -z "$2" ]; then cmd=$1; fi if [ -z "$3" ]; then name=$1; fi running=`ps | grep "$1" | grep -v "grep"` if [ -z "$running" ]; then echo $time $name": restarting" >> $LOGFILE $cmd fi } ensure upnp "/usr/sbin/upnp -D -L `nvram get lan_ifname` -W `nvram get wan_ifname`" ensure nas "/usr/local/sbin/start-nas" #ensure openvpn "/usr/local/sbin/start-vpn" #ensure radiusd "/usr/local/sbin/start-radius" ensure dropbear ensure dnsmasq
/usr/local/sbin/MACS: (chmod +x)Code:# NOT TO BE RUN DIRECTLY # This script is used to force association between # IP address and MAC address for communication # to occur. Otherwise, all packets are dropped. # Make sure /etc/dnsmasq.conf is configured to # use /etc/ethers. # Communication with authorized MAC addresses # is allowed only with source IP addresses 0.0.0.0 # and that which the MAC address is associated with # in order to allow DHCP assignment, which, with # the help of /etc/ethers, should assign the MAC # the associated address. In other words, an # address assigned manually that is different from # the associated address may not access the # network. . variables init_macs() { if [ -e /tmp/macs ]; then echo "NO!!!" exit fi touch /tmp/macs $IPTM -N MACS $IPTM -F MACS $IPTM -A MACS -s 192.168.1.1 -j RETURN macs= rm -f /etc/ethers touch /etc/ethers killall dnsmasq } MAC() { $IPTM -A MACS -s $2 -m mac --mac-source $1 -j RETURN $IPTM -A MACS -s 0.0.0.0 -m mac --mac-source $1 -j RETURN if [ "$3" -eq 1 ]; then macs="$macs$1 "; fi echo "$1 $2" >> /etc/ethers } finish_macs() { $IPTM -A MACS -j DROP #$IPTM -A MACS -j LOG $IPTM -D PREROUTING -i $INTIF -j MACS $IPTM -I PREROUTING -i $INTIF -j MACS wl macmode 0 usleep 250000 wl mac none usleep 250000 if [ -n "$macs" ]; then wl mac $macs usleep 250000 wl macmode 2 fi /usr/sbin/dnsmasq rm -f /tmp/macs }
/usr/local/sbin/maclist:Code:#!/bin/sh # This is the file which is run in # order to initiate the MAC/IP # association and protection/ # security functions. . /usr/local/sbin/ipt_mac init_macs . /usr/local/sbin/maclist finish_macs
/usr/local/sbin/save:Code:# NOT TO BE RUN DIRECTLY # It looks something like this: # This is a normal LAN device. # MAC 00:00:00:00:00:01 192.168.1.101 # This is a WLAN device. Notice the 1 on the end, # representing to the MAC function that this MAC # address should be allowed to access the network # wirelessly. # MAC 00:00:00:00:00:02 192.168.1.102 1 # You must populate this list according to your own # network if this is to be used.(chmod +x)
/usr/local/sbin/do-dyndns: (chmod +x)Code:#!/bin/sh flashfs save flashfs commit
/etc/dynamic_dns: (to put it /usr/local/.files, or perhaps just save /etc/dynamic_dns in /usr/local/etc since I think it copies it to /etc .. ?)Code:#!/bin/sh wan_ip=`nvram get wan_ipaddr_t` if [ -z "$wan_ip" ]; then exit; fi until [ -e /opt/lastip ] do sleep 1 done lastip=`cat /opt/lastip` if [ "$wan_ip" != "$lastip" ] then echo NEW IP! ez-ipupdate -c /etc/dynamic_dns echo $wan_ip > /opt/lastip #killall noip2 #usleep 250000 #/opt/sbin/noip2 else echo SAME IP! fi
Code:#!/bin/sh service-type=dyndns user=user:pass interface=`nvram get wan_ifname` host=blah.dyndns.org
Reply With Quote