323 lines
9.3 KiB
Bash
323 lines
9.3 KiB
Bash
# luci-i18n-base-zh-cn luci-i18n-upnp-zh-cn luci-i18n-uhttpd-zh-cn luci-i18n-firewall-zh-cn luci-i18n-package-manager-zh-cn
|
||
|
||
#!/bin/sh
|
||
# 多 LAN 接口配置脚本
|
||
# 配置 5 个独立的 LAN 接口(LAN0-LAN4)
|
||
# LAN0: 192.168.0.1/24 (lan1)
|
||
# LAN1: 192.168.1.1/24 (lan2)
|
||
# LAN2: 192.168.2.1/24 (lan3)
|
||
# LAN3: 192.168.3.1/24 (radio0.network1 - WiFi 2.4G)
|
||
# LAN4: 192.168.5.1/24 (radio1.network1 - WiFi 5G)
|
||
# 注意:删除旧的 lan 接口和 br-lan 桥接设备
|
||
|
||
# 日志配置
|
||
LOG_FILE="/root/setup.log"
|
||
|
||
# 日志函数:写入日志文件
|
||
log() {
|
||
local timestamp=$(date '+%Y-%m-%d %H:%M:%S' 2>/dev/null || date)
|
||
echo "[$timestamp] $1" >>"$LOG_FILE" 2>&1
|
||
}
|
||
|
||
uci_cmd() {
|
||
if ! command -v uci >/dev/null 2>&1; then
|
||
log "uci command not found"
|
||
return 1
|
||
fi
|
||
if ! uci "$@" 2>/dev/null; then
|
||
log "uci command failed: uci $*"
|
||
return 1
|
||
fi
|
||
return 0
|
||
}
|
||
|
||
# 重定向所有输出到日志文件
|
||
exec >>"$LOG_FILE" 2>&1
|
||
|
||
# WiFi 配置变量
|
||
wlan_name0="WZWY_2.4G" # 2.4G WiFi SSID
|
||
wlan_name1="WZWY_5G" # 5G WiFi SSID
|
||
wlan_password="" # WiFi 密码(留空则不设置密码)
|
||
wlan_encryption="sae-mixed" # WiFi 加密方式(sae-mixed, psk2, psk, none)
|
||
|
||
# PPPoE 配置变量
|
||
pppoe_username="" # PPPoE 用户名(留空则不配置)
|
||
pppoe_password="" # PPPoE 密码(留空则不配置)
|
||
|
||
# LAN 接口配置数组
|
||
# 格式: "接口名称:IP地址:设备名称"
|
||
LAN_CONFIGS="
|
||
LAN0:192.168.0.1:lan1
|
||
LAN1:192.168.1.1:lan2
|
||
LAN2:192.168.2.1:lan3
|
||
LAN3:192.168.3.1:radio0.network1
|
||
LAN4:192.168.5.1:radio1.network1
|
||
"
|
||
|
||
# 配置单个网络接口
|
||
# 参数: 接口名称, IP地址, 设备名称
|
||
configure_lan_interface() {
|
||
local ifname="$1"
|
||
local ipaddr="$2"
|
||
local device="$3"
|
||
|
||
uci_cmd set "network.$ifname=interface"
|
||
uci_cmd set "network.$ifname.proto=static"
|
||
uci_cmd set "network.$ifname.device=$device"
|
||
uci_cmd set "network.$ifname.ipaddr=$ipaddr"
|
||
uci_cmd set "network.$ifname.netmask=255.255.255.0"
|
||
uci_cmd set "network.$ifname.ip6assign=62"
|
||
}
|
||
|
||
# 配置网络接口
|
||
configure_network() {
|
||
log "Configuring network interfaces..."
|
||
|
||
# 先创建物理接口 LAN0-LAN2(带 device)
|
||
echo "$LAN_CONFIGS" | while IFS= read -r config; do
|
||
[ -z "$config" ] && continue
|
||
local ifname=$(echo "$config" | cut -d: -f1)
|
||
local ipaddr=$(echo "$config" | cut -d: -f2)
|
||
local device=$(echo "$config" | cut -d: -f3)
|
||
# 物理接口(lan1/lan2/lan3)直接设置 device
|
||
case "$device" in
|
||
lan1|lan2|lan3)
|
||
configure_lan_interface "$ifname" "$ipaddr" "$device"
|
||
;;
|
||
esac
|
||
done
|
||
|
||
# 然后删除旧的配置
|
||
uci_cmd del network.lan
|
||
uci_cmd delete network.@device[0]
|
||
|
||
# 创建 WiFi 接口 LAN3-LAN4(先不设置 device,按照 TEMP.SH 的顺序)
|
||
echo "$LAN_CONFIGS" | while IFS= read -r config; do
|
||
[ -z "$config" ] && continue
|
||
local ifname=$(echo "$config" | cut -d: -f1)
|
||
local ipaddr=$(echo "$config" | cut -d: -f2)
|
||
local device=$(echo "$config" | cut -d: -f3)
|
||
# WiFi 接口先创建,device 后设置
|
||
case "$device" in
|
||
radio0.network1|radio1.network1)
|
||
uci_cmd set "network.$ifname=interface"
|
||
uci_cmd set "network.$ifname.proto=static"
|
||
uci_cmd set "network.$ifname.ipaddr=$ipaddr"
|
||
uci_cmd set "network.$ifname.netmask=255.255.255.0"
|
||
uci_cmd set "network.$ifname.ip6assign=62"
|
||
;;
|
||
esac
|
||
done
|
||
|
||
# 设置 WiFi 接口的 device(按照 TEMP.SH 的顺序:后设置)
|
||
echo "$LAN_CONFIGS" | while IFS= read -r config; do
|
||
[ -z "$config" ] && continue
|
||
local ifname=$(echo "$config" | cut -d: -f1)
|
||
local device=$(echo "$config" | cut -d: -f3)
|
||
case "$device" in
|
||
radio0.network1|radio1.network1)
|
||
uci_cmd set "network.$ifname.device=$device"
|
||
;;
|
||
esac
|
||
done
|
||
|
||
# 删除 ULA 前缀
|
||
uci_cmd del network.globals.ula_prefix
|
||
|
||
# 配置 PPPoE(如果提供了用户名和密码)
|
||
if [ -n "$pppoe_username" ] && [ -n "$pppoe_password" ]; then
|
||
uci_cmd set network.wan.proto='pppoe'
|
||
uci_cmd set network.wan.username="$pppoe_username"
|
||
uci_cmd set network.wan.password="$pppoe_password"
|
||
log "PPPoE configured: username=$pppoe_username"
|
||
else
|
||
log "PPPoE not configured (username or password not set)"
|
||
fi
|
||
|
||
uci_cmd commit network
|
||
log "Network interfaces configured"
|
||
}
|
||
|
||
# 配置单个 DHCP 服务器
|
||
# 参数: 接口名称
|
||
configure_lan_dhcp() {
|
||
local ifname="$1"
|
||
|
||
uci_cmd set "dhcp.$ifname=dhcp"
|
||
uci_cmd set "dhcp.$ifname.interface=$ifname"
|
||
uci_cmd set "dhcp.$ifname.start=100"
|
||
uci_cmd set "dhcp.$ifname.limit=150"
|
||
uci_cmd set "dhcp.$ifname.leasetime=12h"
|
||
uci_cmd set "dhcp.$ifname.ra=server"
|
||
}
|
||
|
||
# 配置 DHCP 服务器
|
||
configure_dhcp() {
|
||
log "Configuring DHCP servers..."
|
||
|
||
# 先创建新的 DHCP 配置(按照 TEMP.SH 的顺序:先创建后删除)
|
||
echo "$LAN_CONFIGS" | while IFS= read -r config; do
|
||
[ -z "$config" ] && continue
|
||
local ifname=$(echo "$config" | cut -d: -f1)
|
||
configure_lan_dhcp "$ifname"
|
||
done
|
||
|
||
# 然后删除旧的 lan DHCP
|
||
uci_cmd del dhcp.lan
|
||
|
||
uci_cmd commit dhcp
|
||
log "DHCP servers configured"
|
||
}
|
||
|
||
# 配置防火墙
|
||
configure_firewall() {
|
||
log "Configuring firewall..."
|
||
|
||
# 查找 LAN 区域配置
|
||
local lan_zone=""
|
||
|
||
# 先尝试通过名称查找
|
||
local idx=0
|
||
while uci -q get firewall.@zone[$idx] >/dev/null 2>&1; do
|
||
local zone_name=$(uci -q get firewall.@zone[$idx].name 2>/dev/null)
|
||
if [ "$zone_name" = "lan" ]; then
|
||
lan_zone="@zone[$idx]"
|
||
break
|
||
fi
|
||
idx=$((idx + 1))
|
||
done
|
||
|
||
# 配置 LAN 区域网络列表
|
||
if [ -n "$lan_zone" ]; then
|
||
uci_cmd del "firewall.$lan_zone.network"
|
||
echo "$LAN_CONFIGS" | while IFS= read -r config; do
|
||
[ -z "$config" ] && continue
|
||
local ifname=$(echo "$config" | cut -d: -f1)
|
||
uci_cmd add_list "firewall.$lan_zone.network=$ifname"
|
||
done
|
||
log "LAN zone configured: firewall.$lan_zone"
|
||
else
|
||
log "Warning: LAN zone not found, skipping firewall LAN configuration"
|
||
fi
|
||
|
||
# 添加防火墙规则:允许 18080 和 18443 端口
|
||
if uci_cmd add firewall rule >/dev/null 2>&1; then
|
||
uci_cmd set firewall.@rule[-1].name='Allow_Ports_18080_18443'
|
||
uci_cmd set firewall.@rule[-1].src='wan'
|
||
uci_cmd set firewall.@rule[-1].proto='tcp'
|
||
uci_cmd set firewall.@rule[-1].dest_port='18080 18443'
|
||
uci_cmd set firewall.@rule[-1].target='ACCEPT'
|
||
log "Firewall rule added for ports 18080, 18443"
|
||
fi
|
||
|
||
uci_cmd commit firewall
|
||
log "Firewall configured"
|
||
}
|
||
|
||
# 配置无线网络
|
||
configure_wireless() {
|
||
log "Configuring wireless networks..."
|
||
|
||
# 从配置中获取 radio0 和 radio1 对应的接口名称
|
||
local radio0_ifname=$(echo "$LAN_CONFIGS" | grep "radio0.network1" | cut -d: -f1)
|
||
local radio1_ifname=$(echo "$LAN_CONFIGS" | grep "radio1.network1" | cut -d: -f1)
|
||
|
||
# 配置 radio0 (2.4G)
|
||
if [ -n "$radio0_ifname" ]; then
|
||
uci_cmd set wireless.@wifi-device[0].disabled='0'
|
||
uci_cmd set wireless.@wifi-device[0].channel='auto'
|
||
uci_cmd set wireless.@wifi-iface[0].disabled='0'
|
||
uci_cmd del wireless.default_radio0.network
|
||
uci_cmd set wireless.default_radio0.network="$radio0_ifname"
|
||
|
||
# 配置 SSID 和加密
|
||
if [ -n "$wlan_name0" ]; then
|
||
uci_cmd set wireless.@wifi-iface[0].ssid="$wlan_name0"
|
||
fi
|
||
if [ -n "$wlan_encryption" ]; then
|
||
uci_cmd set wireless.@wifi-iface[0].encryption="$wlan_encryption"
|
||
fi
|
||
if [ -n "$wlan_password" ] && [ "$wlan_encryption" != "none" ]; then
|
||
uci_cmd set wireless.@wifi-iface[0].key="$wlan_password"
|
||
fi
|
||
|
||
log "radio0 configured: SSID=$wlan_name0, network=$radio0_ifname"
|
||
fi
|
||
|
||
# 配置 radio1 (5G)
|
||
if [ -n "$radio1_ifname" ]; then
|
||
uci_cmd set wireless.@wifi-device[1].disabled='0'
|
||
uci_cmd set wireless.@wifi-device[1].channel='auto'
|
||
uci_cmd set wireless.@wifi-iface[1].disabled='0'
|
||
uci_cmd del wireless.default_radio1.network
|
||
uci_cmd set wireless.default_radio1.network="$radio1_ifname"
|
||
|
||
# 配置 SSID 和加密
|
||
if [ -n "$wlan_name1" ]; then
|
||
uci_cmd set wireless.@wifi-iface[1].ssid="$wlan_name1"
|
||
fi
|
||
if [ -n "$wlan_encryption" ]; then
|
||
uci_cmd set wireless.@wifi-iface[1].encryption="$wlan_encryption"
|
||
fi
|
||
if [ -n "$wlan_password" ] && [ "$wlan_encryption" != "none" ]; then
|
||
uci_cmd set wireless.@wifi-iface[1].key="$wlan_password"
|
||
fi
|
||
|
||
log "radio1 configured: SSID=$wlan_name1, network=$radio1_ifname"
|
||
fi
|
||
|
||
uci_cmd commit wireless
|
||
log "Wireless networks configured"
|
||
}
|
||
|
||
# 配置 UPnP
|
||
configure_upnp() {
|
||
log "Configuring UPnP..."
|
||
|
||
uci_cmd set upnpd.config.enabled='1'
|
||
uci_cmd set upnpd.config.interface='lan'
|
||
uci_cmd set upnpd.config.port='5000'
|
||
uci_cmd set upnpd.config.secure_mode='1'
|
||
uci_cmd set upnpd.config.enable_natpmp='1'
|
||
uci_cmd set upnpd.config.log_output='1'
|
||
uci_cmd set upnpd.config.enable_upnp='1'
|
||
|
||
uci_cmd commit upnpd
|
||
log "UPnP configured and enabled"
|
||
}
|
||
|
||
# 配置 uHTTPd 端口
|
||
configure_uhttpd() {
|
||
log "Configuring uHTTPd ports..."
|
||
|
||
# 添加 18080 和 18443 端口监听
|
||
uci_cmd add_list uhttpd.main.listen_http='0.0.0.0:18080'
|
||
uci_cmd add_list uhttpd.main.listen_http='[::]:18080'
|
||
uci_cmd add_list uhttpd.main.listen_https='0.0.0.0:18443'
|
||
uci_cmd add_list uhttpd.main.listen_https='[::]:18443'
|
||
|
||
uci_cmd commit uhttpd
|
||
log "uHTTPd ports 18080 and 18443 configured"
|
||
}
|
||
|
||
# 主函数
|
||
main() {
|
||
log "=== Script started ==="
|
||
log "1/6: Configuring network interfaces..."
|
||
configure_network
|
||
log "2/6: Configuring DHCP servers..."
|
||
configure_dhcp
|
||
log "3/6: Configuring firewall..."
|
||
configure_firewall
|
||
log "4/6: Configuring wireless networks..."
|
||
configure_wireless
|
||
log "5/6: Configuring UPnP..."
|
||
configure_upnp
|
||
log "6/6: Configuring uHTTPd ports..."
|
||
configure_uhttpd
|
||
log "=== Script completed successfully ==="
|
||
}
|
||
|
||
# 执行主函数
|
||
main
|