|
本帖最后由 myeyre 于 2009-10-17 10:08 编辑
原文链接, 请大家指教:
http://hi.baidu.com/myeyre/blog/ ... 98ebf1431694b3.html
恩山一次贴不下, 分三次:
WRTSL54GS动手玩 之 DD-WRT篇
WRTSL54GS v1.0: BCM4704 rev8 266M/8M Flash(Intel TE28F640 J3C120)/32M RAM(Hynix HY5DU561622DT-J)/USB2.0(NEC D720101F1)(BGA)
WRTSL54GS v1.1: BCM4704 rev9 266M/8M Flash(Intel TE28F640 J3C120??)/32M RAM(Hynix HY5DU561622DT-J??)/USB2.0(NEC D720101F1)(BGA)
Linksys WRT54G series:
http://en.wikipedia.org/wiki/Wrt54g
WRT54G系列, 这是一个传奇的产品线, 拥有十数款百多种型号的无线路由, 开创了在家用电子设备上使用GNU/Linux的先河(后期有些型号转向VxWorks), 由此引发了官司, 和解, 开放源码和第三方固件的大爆发.
这个系列是如此经典, 第三方固件是如此耐玩, 以致直到现在Linksys还有一个怀旧型号WRT54GL在卖, 以致国内的玩家为了玩到这系列的路由, 宁肯出高价去买洋垃圾.
这个系列中, 个人喜欢WRTSL54GS和WTR54GS. WRTSL54GS是系列中唯一有USB接口的型号, USB+第三方固件+较完善的包管理系统(ipkg/opkg)=无限可能:) 而WTR54GS的傲人身材, 使其成为居家旅行必备之物(v1配置较高, 口水...).
生命在于折腾.
0) xxxed
1) 准备工作: 安装Optware支持文件
Optware是由NSLU2-Linux项目提供的面向DD-WRT, OpenWRT等嵌入式Linux的包管理系统:
http://www.nslu2-linux.org/wiki/Optware/HomePage
DD-WRT上的安装参照: http://www.dd-wrt.com/wiki/index.php/Optware
安装DD-WRT(Mega or USB), 连接网络(此处以Client模式接入主路由, WAN口自动获取, LAN地址设为192.168.11.1), 启用USB支持, 挂载优盘或硬盘:
安装OptWare运行时环境:
wget http://www.wlan-sat.com/boleo/optware/optware-install-ddwrt.sh -O - | tr -d '\r' > /opt/optware-install.sh
sh /opt/optware-install.sh
安装功能更全的BusyBox:
ipkg-opt install busybox
如果找不到你熟悉的*nix指令:
ipkg-opt install coreutils
ipkg-opt install util-linux-ng
启用交换分区或文件, 以满足众多软件的内存需求, 大小为内存*2, 我是不喜欢移动硬盘多个分区的:
dd if=/dev/zero of=/opt/swap bs=1024 count=65536
mkswap /opt/swap
swapon /opt/swap
如果使用交换分区, 把/opt/swap换成设备名就好了.
确认交换空间正确启用:
free
建议挂载/opt后即启用交换空间:
cat > /opt/start_opt.sh
#!/bin/sh
#cat > /opt/start_opt_wrapper.sh
##!/bin/sh
#
#/opt/start_opt.sh >> /opt/start_opt.log
#nvram set usb_runonmount=/opt/start_opt_wrapper.sh
#nvram commit
#nvram get usb_runonmount
#wait till network comes up
sleep 10
#set > /opt/env.txt
echo "Adding user for samba..."
grep -q nobody /etc/passwd || echo 'nobody:*:65534:65534:nobody:/nonexistent:/bin/false
eric:*:0:0:Alias of root,,,:/opt/home/eric:/bin/sh
emily:*:1000:1000:Home User,,,:/opt/home/emily:/bin/false
X:*:2000:2000:Guest User,,,:/opt/home/X:/bin/false
dummy:*:2001:2000:Dummy User for Samba Guest,,,:/nonexistent:/bin/false' >> /etc/passwd
grep -q nogroup /etc/group || echo 'nogroup:x:65534:
home:x:1000:
guests:x:2000:' >>/etc/group
#为各种p2p应用打开防火墙端口:
#@iptables Transmission: /opt/share/transmission/settings.json "peer-port": 51413,
iptables -I INPUT -p tcp --dport 51413 -j ACCEPT
iptables -I INPUT -p udp --dport 51413 -j ACCEPT
#@iptables rTorrent: /opt/etc/rtorrent.conf port_range = 51777-51780
iptables -I INPUT -p tcp --dport 51777:51780 -j ACCEPT
iptables -I INPUT -p udp --dport 51777:51780 -j ACCEPT
#@iptables rTorrent: /opt/etc/rtorrent.conf dht_port = 6881
iptables -I INPUT -p udp --dport 6881 -j ACCEPT
#@iptables aMule: /opt/share/amule/.aMule/amule.conf Port=4662
#@iptables aMule: 4665: "Extended server requests UDP port"
#@iptables aMule: /opt/share/amule/.aMule/amule.conf UDPPort=4672
iptables -I INPUT -p tcp --dport 4662 -j ACCEPT
iptables -I INPUT -p udp --dport 4665 -j ACCEPT
iptables -I INPUT -p udp --dport 4672 -j ACCEPT
##@iptables MLDonkey: /opt/mlnet/.mldonkey/bittorrent.ini 含: BitTorrent及内置Tracker端口, no DHT??
#iptables -I INPUT -p tcp --dport 6882 -j ACCEPT
#iptables -I INPUT -p udp --dport 6882 -j ACCEPT
#iptables -I INPUT -p tcp --dport 6881 -j ACCEPT
#@iptables MLDonkey: /opt/mlnet/.mldonkey/donkey.ini 含: eDonkey, Overnet, Kademlia
iptables -I INPUT -p tcp --dport 20511 -j ACCEPT
iptables -I INPUT -p tcp --dport 11390 -j ACCEPT
iptables -I INPUT -p tcp --dport 15280 -j ACCEPT
iptables -L INPUT
echo "Enabling swap..."
/opt/sbin/swapon /opt/swap
free
/opt/etc/init.d/S99monit start
#echo "Starting Optware programs..."
#for x in /opt/etc/init.d/S* ; do
# echo $x start
# $x start
#done
^D
为避免直接断电带来的文件系统损坏, 断电前把/opt umount掉.
卸载/opt前需要停止后台进程, 禁用交换空间:
cat > /opt/stop_opt.sh
#!/bin/sh
#nvram set rc_shutdown=/opt/stop_opt.sh
#nvram commit
#nvram get rc_shutdown
if [ `dirname $0` != '/tmp/root' ]
then
#
if [ `dirname $0` = '' ]
then
cp `which $0` /tmp/root
else
cp $0 /tmp/root
fi
chmod a+x /tmp/root/`basename $0`
exec /tmp/root/`basename $0`
fi
#set > /opt/env.txt
echo "Stoping Optware programs..."
for x in /opt/etc/init.d/S* ; do
echo $x stop
$x stop
done
echo "Disabling swap..."
/opt/sbin/swapoff /opt/swap
free
sleep 1
#/bin/umount
echo "umounting /opt..."
/bin/umount /opt
df -k
^D
2) NAS - Samba+FTP文件服务器:
先来实现原厂固件的功能Samba+FTP:
Samba:
不知道出于什么原因, DD-WRT连NAS基本的Samba都没有内置. (固件大小限制?? )
先来安装软件包:
ipkg-opt install samba
##SWAT SUCKS. Go ahead if you want to be sucked.
#ipkg-opt install samba3-swat
安装包非常礼貌的提醒你要手工创建/opt/etc/samba/smb.conf, 但由于SWAT这个Web配置工具实在蹩脚, 我们只好手工创建smb.conf:
--------------------------------------------------------------------------------
cat > /opt/etc/samba/smb.conf
#/opt/etc/samba/smb.conf for Optware, 配置参考了:
#http://www.5ilinux.com/samba.html
#http://us3.samba.org/samba/docs/man/manpages-3/smb.conf.5.html
#
#SWAT SUCKS.
#
[global]
workgroup = WORKGROUP
netbios name = DD-WRT
server string = Samba %v on %h
interfaces = 192.168.11.1/255.255.255.0 br0
bind interfaces only = yes
log file = /opt/var/samba/log.%m
max log size = 1024
syslog = 0
encrypt passwords = true
smb passwd file = /opt/etc/samba/smbpasswd
map to guest = bad user
guest account = dummy
printcap name = /dev/null
load printers = no
hosts deny = ALL
# hosts allow = 192.168.11.
hosts allow = ALL
#允许用户访问自己的home目录, 使用如下命令添加用户或修改密码:
#smbpasswd -a root
#smbpasswd root
[homes]
comment = Home Directories
browseable = no
writable = yes
create mask = 0640
directory mask = 0750
valid users = %S
#整个文件系统的管理共享, 仅eric可以访问
[root]
comment = Full filesystem access for eric
path = /
public = no
browseable = no
valid users = root, eric
write list = root, eric
printable = no
#共享下载目录, home组用户和X用户可以访问, 但只有home组用户可写
#mkdir -p /opt/home/share
#chmod 777 /opt/home/share
#并将下载目录链接到该文件夹
[Share]
comment = Torrents downloaded and eDonkey incomings
path = /opt/home/share
public = no
# browseable = no
valid users = @root, @home, X
write list = @root, @home
printable = no
#browseable = no 将对其他用户隐藏该共享, 效果与$共享类似, 可用作临时文件夹
#mkdir -p /opt/home/xxx
#chmod 777 /opt/home/xxx
[xxx]
comment = xxx
path = /opt/home/xxx
public = no
browseable = no
valid users = @root, @home, X
write list = @root, @home
printable = no
#文件交换目录exchange,所有人都能读写,但不能删除其他人的文件。
#通过以下命令设置该目录的粘着位:
#mkdir -p /opt/home/exchange
#chmod -R 1777 /opt/home/exchange
[Exchage]
comment = Exchange Directory
path = /opt/home/exchange
# browseable = no
valid users = @root, @home, X
writable = yes
#公共的只读文件夹public
#mkdir -p /opt/home/public
[Public]
comment = Read Only Public
path = /opt/home/public
public = yes
read only = yes
^D
--------------------------------------------------------------------------------
#启动smb前使用以下命令为Samba用户建立系统账号并将其添加到smbpasswd:
#dummy账户仅在使用错误的用户名登陆时使用, 此时用户仅可以访问Public共享.
#在DD-WRT下, /etc/passwd的修改会在路由重启后消失, 建议将其加入开始Startup脚本或/opt/etc/init.d/S08samba
grep -q nobody /etc/passwd || echo 'nobody:*:65534:65534:nobody:/nonexistent:/bin/false
eric:*:0:0:Alias of root,,,:/opt/home/eric:/bin/sh
emily:*:1000:1000:Home User,,,:/opt/home/emily:/bin/false
X:*:2000:2000:Guest User,,,:/opt/home/X:/bin/false
dummy:*:2001:2000:Dummy User for Samba Guest,,,:/nonexistent:/bin/false' >> /etc/passwd
grep -q nogroup /etc/group || echo 'nogroup:x:65534:
home:x:1000:
guests:x:2000:' >>/etc/group
##用户home目录
#for user in eric emily
#do
# mkdir -p /opt/home/$user
# chown $user:home /opt/home/$user
#done
mkdir -p /opt/home/eric
mkdir -p /opt/home/emily
chown eric:home /opt/home/eric
chown emily:home /opt/home/emily
mkdir -p /opt/home/X
chown X:guest /opt/home/X
#共享下载目录
mkdir -p /opt/home/share
chmod 777 /opt/home/share
#隐藏共享目录
mkdir -p /opt/home/xxx
chmod 777 /opt/home/xxx
#文件交换目录
mkdir -p /opt/home/exchange
chmod -R 1777 /opt/home/exchange
#公用的只读目录
mkdir -p /opt/home/public
#添加用户到smbpasswd前需先创建/opt/etc/samba/smb.conf
smbpasswd -a root
smbpasswd -a eric
smbpasswd -a emily
smbpasswd -a X
smbpasswd -a dummy
--------------------------------------------------------------------------------
#修改/opt/etc/init.d/S08samba设置"samba_active=1", 之后启动smb:
/opt/etc/init.d/S08samba
sleep 1;ps|grep -i mbd
#停止smb:
killall smbd
killall nmbd
ftpd:
DD-WRT(Mega or USB_FTP)自带了一个ProFTPD, "用户名 密码(明文, md5不支持??)" 写到一行上就好了.
mount -o bind /opt /mnt
如果对内置的ftpd不满意, 几个流行的ftpd如proftpd, vsftpd, pureftpd都可以ipkg安装. 不太用, 略去不提. |
|