hotspotsystem/02_setup_LEDE.sh at master · tlinnet/hotspotsystem · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#!/bin/bash

DEFPERFORM=y
# Install packages for 4 G usb dongle “HUAWEI E3372 LTE” and make new eth2 interface on the USB port
mk4g() {
    echo -e "\nThis will install packages for 4 G usb dongle 'HUAWEI E3372 LTE' and make new eth2 interface on the USB port"
    unset PERFORM
    read -p "Should I perform this? [$DEFPERFORM]:" PERFORM
    PERFORM=${PERFORM:-$DEFPERFORM}
    echo -e "You entered: $PERFORM"
    if [ "$PERFORM" == "y" ]; then
        echo -e "\nInstalling packages: kmod-usb-net-cdc-ether usb-modeswitch"
        opkg update && opkg install kmod-usb-net-cdc-ether usb-modeswitch

        echo -e "\nNow making an 'wan2' interface for eth2"
        uci set network.wan2=interface
        uci set network.wan2.ifname='eth2'
        uci set network.wan2.proto='dhcp'
        uci commit network
        ifup wan2

        echo -e "\nNow adding 'wan2' to the firewall zone 'lan'"
        uci set firewall.@zone[1].network='wan wan2 wan6'
        uci commit firewall
        /etc/init.d/firewall restart
    else
        echo -e "\nSkipping"
    fi

}

# Allow SSH on wan zone
mksshwan() {
    echo -e "\nThis will allow SSH on wan zone"
    echo "Please read: https://wiki.openwrt.org/doc/howto/secure.access"
    unset PERFORM
    read -p "Should I perform this? [$DEFPERFORM]:" PERFORM
    PERFORM=${PERFORM:-$DEFPERFORM}
    echo -e "You entered: $PERFORM"
    if [ "$PERFORM" == "y" ]; then
        DEFPORT=22
        read -p "What port to allow on wan? [$DEFPORT]:" PORT
        PORT=${PORT:-$DEFPORT}
        echo -e "You entered: $PORT"
        echo -e "\nNow setting firewall"
        uci add firewall rule
        uci set firewall.@rule[-1].name='Allow-ssh-wan'
        uci set firewall.@rule[-1].src=wan
        uci set firewall.@rule[-1].target=ACCEPT
        uci set firewall.@rule[-1].proto=tcp
        uci set firewall.@rule[-1].dest_port=$PORT
        uci commit firewall
        /etc/init.d/firewall restart
    else
        echo -e "\nSkipping"
    fi
}

# Sync syslog to papertrailapp.com
mkpapertrail() {
    echo -e "\nThis will Sync syslog to papertrailapp.com"
    unset PERFORM
    read -p "Should I perform this? [$DEFPERFORM]:" PERFORM
    PERFORM=${PERFORM:-$DEFPERFORM}
    echo -e "You entered: $PERFORM"
    if [ "$PERFORM" == "y" ]; then
        DEFPAPERPORT=10000
        read -p "What is the port number to your papertrail system? [$DEFPAPERPORT]:" PAPERPORT
        PAPERPORT=${PAPERPORT:-$DEFPAPERPORT}
        echo -e "You entered: $PAPERPORT"

        DEFPAPERURL=logs1.papertrailapp.com
        read -p "What is the url to your papertrail system? [$DEFPAPERURL]:" PAPERURL
        PAPERURL=${PAPERURL:-$DEFPAPERURL}
        echo -e "You entered: $PAPERURL"

        PAPERIP=`nslookup $PAPERURL | tail -n +3 | grep -m 1 "Address" | cut -d":" -f2 | sed 's/#.*//' | cut -d" " -f2 | tr -d " \t"`
        echo -e "\nWhen I do a nslookup, I translate the IP to: $PAPERIP"

        uci set system.@system[0].log_ip=$PAPERIP
        uci set system.@system[0].log_port=$PAPERPORT
        uci commit system
        echo -e "\nNow setting system"
        echo -e "uci set system.@system[0].log_port=$PAPERPORT"
        echo -e "uci set system.@system[0].log_ip=$PAPERIP"
    else
        echo -e "\nSkipping"
    fi
}

# Many syslog messages of the format "DHCPV6 SOLICIT IA_NA from ..."
dhcpv6disabled() {
    echo -e "\nThis will remove syslog messages of the format 'DHCPV6 SOLICIT IA_NA from ...'"
    unset PERFORM
    read -p "Should I perform this? [$DEFPERFORM]:" PERFORM
    PERFORM=${PERFORM:-$DEFPERFORM}
    echo -e "You entered: $PERFORM"
    if [ "$PERFORM" == "y" ]; then
        # https://wiki.openwrt.org/doc/techref/odhcpd#many_syslog_messages_of_the_format_dhcpv6_solicit_ia_na_from
        # get the current setting for dhcpv6 in /etc/config/dhcp
        uci get dhcp.lan.dhcpv6
        uci set dhcp.lan.dhcpv6=disabled
        uci commit
        uci get dhcp.lan.dhcpv6
        /etc/init.d/odhcpd restart
        echo -e "\nNow setting system"
        echo -e "uci set dhcp.lan.dhcpv6=disabled"
        echo -e "uci commit"
        echo -e "/etc/init.d/odhcpd restart"
    else
        echo -e "\nSkipping"
    fi
}

# Perform
mk4g
#mksshwan
mkpapertrail
dhcpv6disabled