ac2100 multi lan

2026-01-15 20:46:38 +08:00
commit b03d0c710a
3 changed files with 580 additions and 0 deletions
--- a/01.Multi_LAN_redmi_ac2100/firstboot.sh
+++ b/01.Multi_LAN_redmi_ac2100/firstboot.sh
@@ -0,0 +1,322 @@
+# luci-i18n-base-zh-cn luci-i18n-upnp-zh-cn luci-i18n-uhttpd-zh-cn  luci-i18n-firewall-zh-cn luci-i18n-package-manager-zh-cn
+
+#!/bin/sh
+# 多 LAN 接口配置脚本
+# 配置 5 个独立的 LAN 接口（LAN0-LAN4）
+# LAN0: 192.168.0.1/24 (lan1)
+# LAN1: 192.168.1.1/24 (lan2)
+# LAN2: 192.168.2.1/24 (lan3)
+# LAN3: 192.168.3.1/24 (radio0.network1 - WiFi 2.4G)
+# LAN4: 192.168.5.1/24 (radio1.network1 - WiFi 5G)
+# 注意：删除旧的 lan 接口和 br-lan 桥接设备
+
+# 日志配置
+LOG_FILE="/root/setup.log"
+
+# 日志函数：写入日志文件
+log() {
+	local timestamp=$(date '+%Y-%m-%d %H:%M:%S' 2>/dev/null || date)
+	echo "[$timestamp] $1" >>"$LOG_FILE" 2>&1
+}
+
+uci_cmd() {
+	if ! command -v uci >/dev/null 2>&1; then
+		log "uci command not found"
+		return 1
+	fi
+	if ! uci "$@" 2>/dev/null; then
+		log "uci command failed: uci $*"
+		return 1
+	fi
+	return 0
+}
+
+# 重定向所有输出到日志文件
+exec >>"$LOG_FILE" 2>&1
+
+# WiFi 配置变量
+wlan_name0="WZWY_2.4G"          # 2.4G WiFi SSID
+wlan_name1="WZWY_5G"             # 5G WiFi SSID
+wlan_password=""                     # WiFi 密码（留空则不设置密码）
+wlan_encryption="sae-mixed"         # WiFi 加密方式（sae-mixed, psk2, psk, none）
+
+# PPPoE 配置变量
+pppoe_username=""                    # PPPoE 用户名（留空则不配置）
+pppoe_password=""                    # PPPoE 密码（留空则不配置）
+
+# LAN 接口配置数组
+# 格式: "接口名称:IP地址:设备名称"
+LAN_CONFIGS="
+LAN0:192.168.0.1:lan1
+LAN1:192.168.1.1:lan2
+LAN2:192.168.2.1:lan3
+LAN3:192.168.3.1:radio0.network1
+LAN4:192.168.5.1:radio1.network1
+"
+
+# 配置单个网络接口
+# 参数: 接口名称, IP地址, 设备名称
+configure_lan_interface() {
+	local ifname="$1"
+	local ipaddr="$2"
+	local device="$3"
+	
+	uci_cmd set "network.$ifname=interface"
+	uci_cmd set "network.$ifname.proto=static"
+	uci_cmd set "network.$ifname.device=$device"
+	uci_cmd set "network.$ifname.ipaddr=$ipaddr"
+	uci_cmd set "network.$ifname.netmask=255.255.255.0"
+	uci_cmd set "network.$ifname.ip6assign=62"
+}
+
+# 配置网络接口
+configure_network() {
+	log "Configuring network interfaces..."
+	
+	# 先创建物理接口 LAN0-LAN2（带 device）
+	echo "$LAN_CONFIGS" | while IFS= read -r config; do
+		[ -z "$config" ] && continue
+		local ifname=$(echo "$config" | cut -d: -f1)
+		local ipaddr=$(echo "$config" | cut -d: -f2)
+		local device=$(echo "$config" | cut -d: -f3)
+		# 物理接口（lan1/lan2/lan3）直接设置 device
+		case "$device" in
+			lan1|lan2|lan3)
+				configure_lan_interface "$ifname" "$ipaddr" "$device"
+				;;
+		esac
+	done
+	
+	# 然后删除旧的配置
+	uci_cmd del network.lan
+	uci_cmd delete network.@device[0]
+	
+	# 创建 WiFi 接口 LAN3-LAN4（先不设置 device，按照 TEMP.SH 的顺序）
+	echo "$LAN_CONFIGS" | while IFS= read -r config; do
+		[ -z "$config" ] && continue
+		local ifname=$(echo "$config" | cut -d: -f1)
+		local ipaddr=$(echo "$config" | cut -d: -f2)
+		local device=$(echo "$config" | cut -d: -f3)
+		# WiFi 接口先创建，device 后设置
+		case "$device" in
+			radio0.network1|radio1.network1)
+				uci_cmd set "network.$ifname=interface"
+				uci_cmd set "network.$ifname.proto=static"
+				uci_cmd set "network.$ifname.ipaddr=$ipaddr"
+				uci_cmd set "network.$ifname.netmask=255.255.255.0"
+				uci_cmd set "network.$ifname.ip6assign=62"
+				;;
+		esac
+	done
+	
+	# 设置 WiFi 接口的 device（按照 TEMP.SH 的顺序：后设置）
+	echo "$LAN_CONFIGS" | while IFS= read -r config; do
+		[ -z "$config" ] && continue
+		local ifname=$(echo "$config" | cut -d: -f1)
+		local device=$(echo "$config" | cut -d: -f3)
+		case "$device" in
+			radio0.network1|radio1.network1)
+				uci_cmd set "network.$ifname.device=$device"
+				;;
+		esac
+	done
+	
+	# 删除 ULA 前缀
+	uci_cmd del network.globals.ula_prefix
+	
+	# 配置 PPPoE（如果提供了用户名和密码）
+	if [ -n "$pppoe_username" ] && [ -n "$pppoe_password" ]; then
+		uci_cmd set network.wan.proto='pppoe'
+		uci_cmd set network.wan.username="$pppoe_username"
+		uci_cmd set network.wan.password="$pppoe_password"
+		log "PPPoE configured: username=$pppoe_username"
+	else
+		log "PPPoE not configured (username or password not set)"
+	fi
+	
+	uci_cmd commit network
+	log "Network interfaces configured"
+}
+
+# 配置单个 DHCP 服务器
+# 参数: 接口名称
+configure_lan_dhcp() {
+	local ifname="$1"
+	
+	uci_cmd set "dhcp.$ifname=dhcp"
+	uci_cmd set "dhcp.$ifname.interface=$ifname"
+	uci_cmd set "dhcp.$ifname.start=100"
+	uci_cmd set "dhcp.$ifname.limit=150"
+	uci_cmd set "dhcp.$ifname.leasetime=12h"
+	uci_cmd set "dhcp.$ifname.ra=server"
+}
+
+# 配置 DHCP 服务器
+configure_dhcp() {
+	log "Configuring DHCP servers..."
+	
+	# 先创建新的 DHCP 配置（按照 TEMP.SH 的顺序：先创建后删除）
+	echo "$LAN_CONFIGS" | while IFS= read -r config; do
+		[ -z "$config" ] && continue
+		local ifname=$(echo "$config" | cut -d: -f1)
+		configure_lan_dhcp "$ifname"
+	done
+	
+	# 然后删除旧的 lan DHCP
+	uci_cmd del dhcp.lan
+	
+	uci_cmd commit dhcp
+	log "DHCP servers configured"
+}
+
+# 配置防火墙
+configure_firewall() {
+	log "Configuring firewall..."
+	
+	# 查找 LAN 区域配置
+	local lan_zone=""
+	
+	# 先尝试通过名称查找
+	local idx=0
+	while uci -q get firewall.@zone[$idx] >/dev/null 2>&1; do
+		local zone_name=$(uci -q get firewall.@zone[$idx].name 2>/dev/null)
+		if [ "$zone_name" = "lan" ]; then
+			lan_zone="@zone[$idx]"
+			break
+		fi
+		idx=$((idx + 1))
+	done
+	
+	# 配置 LAN 区域网络列表
+	if [ -n "$lan_zone" ]; then
+		uci_cmd del "firewall.$lan_zone.network"
+		echo "$LAN_CONFIGS" | while IFS= read -r config; do
+			[ -z "$config" ] && continue
+			local ifname=$(echo "$config" | cut -d: -f1)
+			uci_cmd add_list "firewall.$lan_zone.network=$ifname"
+		done
+		log "LAN zone configured: firewall.$lan_zone"
+	else
+		log "Warning: LAN zone not found, skipping firewall LAN configuration"
+	fi
+	
+	# 添加防火墙规则：允许 18080 和 18443 端口
+	if uci_cmd add firewall rule >/dev/null 2>&1; then
+		uci_cmd set firewall.@rule[-1].name='Allow_Ports_18080_18443'
+		uci_cmd set firewall.@rule[-1].src='wan'
+		uci_cmd set firewall.@rule[-1].proto='tcp'
+		uci_cmd set firewall.@rule[-1].dest_port='18080 18443'
+		uci_cmd set firewall.@rule[-1].target='ACCEPT'
+		log "Firewall rule added for ports 18080, 18443"
+	fi
+	
+	uci_cmd commit firewall
+	log "Firewall configured"
+}
+
+# 配置无线网络
+configure_wireless() {
+	log "Configuring wireless networks..."
+	
+	# 从配置中获取 radio0 和 radio1 对应的接口名称
+	local radio0_ifname=$(echo "$LAN_CONFIGS" | grep "radio0.network1" | cut -d: -f1)
+	local radio1_ifname=$(echo "$LAN_CONFIGS" | grep "radio1.network1" | cut -d: -f1)
+	
+	# 配置 radio0 (2.4G)
+	if [ -n "$radio0_ifname" ]; then
+		uci_cmd set wireless.@wifi-device[0].disabled='0'
+		uci_cmd set wireless.@wifi-device[0].channel='auto'
+		uci_cmd set wireless.@wifi-iface[0].disabled='0'
+		uci_cmd del wireless.default_radio0.network
+		uci_cmd set wireless.default_radio0.network="$radio0_ifname"
+		
+		# 配置 SSID 和加密
+		if [ -n "$wlan_name0" ]; then
+			uci_cmd set wireless.@wifi-iface[0].ssid="$wlan_name0"
+		fi
+		if [ -n "$wlan_encryption" ]; then
+			uci_cmd set wireless.@wifi-iface[0].encryption="$wlan_encryption"
+		fi
+		if [ -n "$wlan_password" ] && [ "$wlan_encryption" != "none" ]; then
+			uci_cmd set wireless.@wifi-iface[0].key="$wlan_password"
+		fi
+		
+		log "radio0 configured: SSID=$wlan_name0, network=$radio0_ifname"
+	fi
+	
+	# 配置 radio1 (5G)
+	if [ -n "$radio1_ifname" ]; then
+		uci_cmd set wireless.@wifi-device[1].disabled='0'
+		uci_cmd set wireless.@wifi-device[1].channel='auto'
+		uci_cmd set wireless.@wifi-iface[1].disabled='0'
+		uci_cmd del wireless.default_radio1.network
+		uci_cmd set wireless.default_radio1.network="$radio1_ifname"
+		
+		# 配置 SSID 和加密
+		if [ -n "$wlan_name1" ]; then
+			uci_cmd set wireless.@wifi-iface[1].ssid="$wlan_name1"
+		fi
+		if [ -n "$wlan_encryption" ]; then
+			uci_cmd set wireless.@wifi-iface[1].encryption="$wlan_encryption"
+		fi
+		if [ -n "$wlan_password" ] && [ "$wlan_encryption" != "none" ]; then
+			uci_cmd set wireless.@wifi-iface[1].key="$wlan_password"
+		fi
+		
+		log "radio1 configured: SSID=$wlan_name1, network=$radio1_ifname"
+	fi
+	
+	uci_cmd commit wireless
+	log "Wireless networks configured"
+}
+
+# 配置 UPnP
+configure_upnp() {
+	log "Configuring UPnP..."
+	
+	uci_cmd set upnpd.config.enabled='1'
+	uci_cmd set upnpd.config.interface='lan'
+	uci_cmd set upnpd.config.port='5000'
+	uci_cmd set upnpd.config.secure_mode='1'
+	uci_cmd set upnpd.config.enable_natpmp='1'
+	uci_cmd set upnpd.config.log_output='1'
+	uci_cmd set upnpd.config.enable_upnp='1'
+	
+	uci_cmd commit upnpd
+	log "UPnP configured and enabled"
+}
+
+# 配置 uHTTPd 端口
+configure_uhttpd() {
+	log "Configuring uHTTPd ports..."
+	
+	# 添加 18080 和 18443 端口监听
+	uci_cmd add_list uhttpd.main.listen_http='0.0.0.0:18080'
+	uci_cmd add_list uhttpd.main.listen_http='[::]:18080'
+	uci_cmd add_list uhttpd.main.listen_https='0.0.0.0:18443'
+	uci_cmd add_list uhttpd.main.listen_https='[::]:18443'
+	
+	uci_cmd commit uhttpd
+	log "uHTTPd ports 18080 and 18443 configured"
+}
+
+# 主函数
+main() {
+	log "=== Script started ==="
+	log "1/6: Configuring network interfaces..."
+	configure_network
+	log "2/6: Configuring DHCP servers..."
+	configure_dhcp
+	log "3/6: Configuring firewall..."
+	configure_firewall
+	log "4/6: Configuring wireless networks..."
+	configure_wireless
+	log "5/6: Configuring UPnP..."
+	configure_upnp
+	log "6/6: Configuring uHTTPd ports..."
+	configure_uhttpd
+	log "=== Script completed successfully ==="
+}
+
+# 执行主函数
+main