if ($layout != "router") {
exit;
}
/* detect interface */
$i = 1;
while ($i < 4) {
$WANSTR = "WAN-" . $i;
$WANDEV = PHYINF_getruntimeifname($WANSTR);
///echo "loop".$i.$waninf."=".$WANDEV."\n";
if ($WANDEV != "") {
break;
}
$i++;
}
$LANSTR = "LAN-1";
$LANDEV = PHYINF_getruntimeifname($LANSTR);
$s1 = "echo Interface is wanif=" . $WANDEV . " lanif=" . $LANDEV . " ";
if ($WANDEV == "" || $LANDEV == "") {
$s2 = " ... Error!!! \n";
} else {
$s2 = " ... OK \n";
}
fwrite("a", $START, $s1 . $s2);
fwrite("a", $STOP, $s1 . $s2);
if ($WANDEV == "" || $LANDEV == "") {
exit;
}
/* tc debug */
$TC = "echo tc";
$TC = "tc";
$K = kbps;
function dhcp_client($mode, $inf, $devnam, $opt, $router, $dns)
{
$hlp = "/var/servd/" . $inf . "-dhcp6c.sh";
$pid = "/var/servd/" . $inf . "-dhcp6c.pid";
$cfg = "/var/servd/" . $inf . "-dhcp6c.cfg";
/* DHCP over PPP session ? */
$previnf = XNODE_get_var($inf . "_PREVINF");
XNODE_del_var($inf . "_PREVINF");
/* dslite ? */
$nextinf = XNODE_get_var($inf . "_NEXTINF");
XNODE_del_var($inf . "_NEXTINF");
//if ($mode=="PPPDHCP" && $_GLOBALS["PREVINF"]!="")
//msg("mode is ".$mode.", previnf is ".$previnf);
msg("mode is " . $mode . ", previnf is " . $previnf . ", nextinf is " . $nextinf);
if ($mode == "PPPDHCP" && $previnf != "") {
//$pppdev = PHYINF_getruntimeifname($_GLOBALS["PREVINF"]);
$pppdev = PHYINF_getruntimeifname($previnf);
if ($pppdev == "") {
return error("no PPP device.");
}
msg("PPP device = " . $pppdev);
}
msg("dhcpopt: " . $opt);
/* Gererate DHCP-IAID from 32-bit of mac address*/
$mac = PHYINF_getphymac($inf);
$mac1 = cut($mac, 3, ":");
$mac2 = cut($mac, 0, ":");
$mac3 = cut($mac, 1, ":");
$mac4 = cut($mac, 2, ":");
$iaidstr = $mac1 . $mac2 . $mac3 . $mac4;
$iaid = strtoul($iaidstr, 16);
/* Generate configuration file. */
if ($mode == "INFOONLY") {
$send = "\tinformation-only;\n";
$idas = "";
} else {
//check if we have pd hint
$stsp = XNODE_getpathbytarget("/runtime", "inf", "uid", $inf, 0);
$pdhint_enable = query($stsp . "/pdhint/enable");
$pdhintmsg = "\n";
if ($pdhint_enable == "1") {
$pdhint_network = query($stsp . "/pdhint/network");
$pdhint_prefix = query($stsp . "/pdhint/prefix");
$pdhint_plft = query($stsp . "/pdhint/preferlft");
$pdhint_vlft = query($stsp . "/pdhint/validlft");
if ($pdhint_vlft != "") {
$pdhintmsg = "\tprefix " . $pdhint_network . "/" . $pdhint_prefix . " " . $pdhint_plft . " " . $pdhint_vlft . ";\n";
} else {
$pdhintmsg = "\tprefix " . $pdhint_network . "/" . $pdhint_prefix . " " . $pdhint_plft . ";\n";
}
}
//check if we got the prefix before
//++++
$pre_pd_network = query("/runtime/ipv6/pre_pdnetwork");
if ($pre_pd_network != "") {
$pre_pd_prefix = query("/runtime/ipv6/pre_pdprefix");
$pre_pd_plft = query("/runtime/ipv6/pre_pdplft");
$pre_pd_vlft = query("/runtime/ipv6/pre_pdvlft");
if ($pre_pd_vlft != "") {
$pdhintmsg = "\tprefix " . $pre_pd_network . "/" . $pre_pd_prefix . " " . $pre_pd_plft . " " . $pre_pd_vlft . ";\n";
} else {
$pdhintmsg = "\tprefix " . $pre_pd_network . "/" . $pre_pd_prefix . " " . $pre_pd_plft . ";\n";
}
} else {
$pdhintmsg = "\tprefix ::/56 0 0;\n";
}
//----
//if (strstr($opt,"IA-NA")!="") {$send=$send."\tsend ia-na 0;\n"; $idas=$idas."id-assoc na {\n};\n";}
if (strstr($opt, "IA-NA") != "") {
$send = $send . "\tsend ia-na " . $iaid . ";\n";
$idas = $idas . "id-assoc na " . $iaid . "{\n};\n";
}
//if (strstr($opt,"IA-PD")!="") {$send=$send."\tsend ia-pd 0;\n"; $idas=$idas."id-assoc pd {\n};\n";}
if (strstr($opt, "IA-PD") != "") {
$send = $send . "\tsend ia-pd 0;\n";
$idas = $idas . "id-assoc pd {\n" . $pdhintmsg . "};\n";
}
}
if ($mode == "PPPDHCP") {
$dname = $pppdev;
} else {
$dname = $devnam;
}
$nextinfp = XNODE_getpathbytarget("", "inf", "uid", $nextinf, 0);
$nextinet = query($nextinfp . "/inet");
$nextinetp = XNODE_getpathbytarget("inet", "entry", "uid", $nextinet, 0);
$nextmode = query($nextinetp . "/ipv4/ipv4in6/mode");
if ($nextinf != "" && $nextmode == "dslite") {
$rqstmsg = "\trequest aftr-server-domain-name;\n";
} else {
$rqstmsg = "";
}
fwrite(w, $cfg, "interface " . $dname . " {\n" . $send . "\trequest domain-name-servers;\n" . "\trequest domain-name;\n" . "\trequest ntp-servers;\n" . $rqstmsg . "\tscript \"" . $hlp . "\";\n" . "};\n" . $idas);
/* generate callback script */
fwrite(w, $hlp, "#!/bin/sh\n" . 'if [ $new_addr != "" ] || [ $new_pd_prefix != "" ]; then\\n' . "\techo [\$0]: [{$new_addr}] [{$new_pd_prefix}] [{$new_pd_plen}] [{$new_pd_pltime}] [{$new_pd_vltime}] > /dev/console\n" . "else\n" . "\texit 0\n" . "fi\n" . "phpsh /etc/services/INET/inet6_dhcpc_helper.php" . " INF=" . $inf . " MODE=" . $mode . " DEVNAM=" . $dname . " GATEWAY=" . $router . " DHCPOPT=" . $opt . ' "NAMESERVERS=$new_domain_name_servers"' . ' "DOMAIN=$new_domain_name"' . ' "NEW_ADDR=$new_addr"' . ' "NEW_PD_PREFIX=$new_pd_prefix"' . ' "NEW_PD_PLEN=$new_pd_plen"' . ' "NEW_PD_PLTIME=$new_pd_pltime"' . ' "NEW_PD_VLTIME=$new_pd_vltime"' . ' "DNS=' . $dns . '"' . ' "NEW_AFTR_NAME=$new_aftr_name"' . ' "NTPSERVER=$new_ntp_servers"' . "\n");
/* Start DHCP client */
cmd("chmod +x " . $hlp);
if ($pppdev == "") {
cmd("dhcp6c -c " . $cfg . " -p " . $pid . " -t LL -n " . $inf . " " . $devnam);
} else {
cmd("dhcp6c -c " . $cfg . " -p " . $pid . " -t LL -o " . $devnam . " -n " . $inf . " " . $pppdev);
}
return 0;
}
If we name the same name on several interfaces,
the dnsmasq will return the first match interface but not the specific interface (input interface).
For this, we should seperate different interfaces to use individual dnsmasq daemon.
By Enos. 2010/07/19 */
$i = 1;
while ($i > 0) {
/* get LAN path */
$lan = "LAN-" . $i;
$linfp = XNODE_getpathbytarget("", "inf", "uid", $lan, 0);
$lstsp = XNODE_getpathbytarget("/runtime", "inf", "uid", $lan, 0);
if ($lstsp == "" || $linfp == "") {
$i = 0;
break;
}
/* Get phyinf */
$laninf = PHYINF_getruntimeifname($lan);
$infdncmd = $infdncmd . " --interface-name=" . $hdn . "," . $laninf;
$i++;
}
}
$hostname = query("/device/hostname");
$mac = PHYINF_getmacsetting("LAN-1");
$macstr = cut($mac, 4, ":") . cut($mac, 5, ":");
fwrite("a", $hosts, $RouterLANIP . " " . $hostname . " " . $hostname . $macstr . "\n" . $RouterLANIP . " " . $hostname . ".local \n" . $RouterLANIP . " " . $hostname . ".localdomain" . " " . $hostname . $macstr . ".localdomain" . "\n");
//jef add + for support use shareport.local to access shareportmobile
$web_file_access = query("/webaccess/enable");
if ($web_file_access == 1) {
fwrite("a", $hosts, $RouterLANIP . " shareport\n");
fwrite("a", $hosts, $RouterLANIP . " shareport.local\n");
}
//jef add -
function IPTLAN_build_command($name)
{
fwrite("w", $_GLOBALS["START"], "#!/bin/sh\n");
fwrite("w", $_GLOBALS["STOP"], "#!/bin/sh\n");
fwrite("a", $_GLOBALS["START"], "iptables -t nat -F PRE." . $name . "\n");
/* if snmp open wan, drop udp port 161 from lan port */
$snmp_inf = query("/snmp/inf");
$enable_snmp = query("/snmp/active");
$iptcmdNAT = "iptables -t nat -A PRE." . $name;
$dev = PHYINF_getruntimeifname($name);
if ($enable_snmp == "1") {
if ($snmp_inf != $name) {
$path = XNODE_getpathbytarget("", "inf", "uid", $snmp_inf, 0);
$inet = query($path . "/inet");
$inetp = XNODE_getpathbytarget("/inet", "entry", "uid", $inet, 0);
$ipaddr = query($inetp . "/ipv4/ipaddr");
if ($ipaddr != "") {
fwrite("a", $_GLOBALS["START"], $iptcmdNAT . " -i " . $dev . " -p udp --dport 161 -d " . $ipaddr . " -j DROP\n");
}
}
}
fwrite("a", $_GLOBALS["START"], "iptables -t nat -A PRE." . $name . " -j ACCEPT\n");
/* firewall */
fwrite("a", $_GLOBALS["START"], "echo -1 > /proc/fastnat/forskipsupport\n");
fwrite("a", $_GLOBALS["START"], "iptables -t filter -F FWD." . $name . "\n");
fwrite("a", $_GLOBALS["START"], "iptables -t filter -F INP." . $name . "\n");
$iptcmdFWD = "iptables -t filter -A FWD." . $name;
$iptcmdIN = "iptables -t filter -A INP." . $name;
$path = XNODE_getpathbytarget("", "inf", "uid", $name, 0);
if ($path != "") {
$macf = XNODE_get_var("MACF." . $name . ".USED");
$urlf = XNODE_get_var("URLF." . $name . ".USED");
$fw = XNODE_get_var("FIREWALL.USED");
$fw2 = XNODE_get_var("FIREWALL-2.USED");
$fw3 = XNODE_get_var("FIREWALL-3.USED");
$pptppt = query("/device/passthrough/pptp");
$ipsecpt = query("/device/passthrough/ipsec");
$rtsppt = query("/device/passthrough/rtsp");
$sip = query("/device/passthrough/sip");
/* Outbound filter will be run faster to drop some packets. */
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -j FWD.OBFILTER\n");
fwrite("a", $_GLOBALS["START"], $iptcmdIN . " -j INP.OBFILTER\n");
if ($macf > 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -j MACF." . $name . "\n" . $iptcmdIN . " -j MACF." . $name . "\n");
}
if ($fw > 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -j FIREWALL\n");
}
if ($fw2 > 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -j FIREWALL-2\n");
}
if ($fw3 > 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -j FIREWALL-3\n");
}
if ($urlf > 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -p tcp --dport 80 -j URLF." . $name . "\n" . "echo 80 > /proc/fastnat/forskipsupport\n" . "event SW.FASTNAT.DOWN\n");
fwrite("a", $_GLOBALS["STOP"], "event SW.FASTNAT.UP\n");
}
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -j FOR_POLICY\n");
port_trigger_command($iptcmdFWD);
if ($pptppt == 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -p tcp --dport 1723 -j DROP\n" . "echo 1723 > /proc/fastnat/forskipsupport\n");
}
if ($ipsecpt == 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -p udp --dport 500 -j DROP\n" . "echo 500 > /proc/fastnat/forskipsupport\n" . $iptcmdFWD . " -p udp --dport 4500 -j DROP\n" . "echo 4500 > /proc/fastnat/forskipsupport\n" . $iptcmdFWD . " -p ah -j DROP\n" . $iptcmdFWD . " -p esp -j DROP\n");
}
if ($rtsppt == 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -p tcp --dport 554 -j DROP\n" . "echo 554 > /proc/fastnat/forskipsupport\n");
}
if ($sip == 0) {
fwrite("a", $_GLOBALS["START"], $iptcmdFWD . " -p udp --dport 5060 -j DROP\n" . "echo 5060 > /proc/fastnat/forskipsupport\n");
}
}
fwrite("a", $_GLOBALS["START"], "exit 0\n");
fwrite("a", $_GLOBALS["STOP"], "iptables -t nat -F PRE." . $name . "\n");
/* firewall */
fwrite("a", $_GLOBALS["STOP"], "echo -1 > /proc/fastnat/forskipsupport\n");
fwrite("a", $_GLOBALS["STOP"], "iptables -t filter -F FWD." . $name . "\n");
fwrite("a", $_GLOBALS["STOP"], "iptables -t filter -F INP." . $name . "\n");
fwrite("a", $_GLOBALS["STOP"], "exit 0\n");
}
$del_ipt = "iptables -t nat -D " . $ipt_cmd;
exe_ouside_cmd($del_ipt);
$add_ipt = "iptables -t nat -A " . $ipt_cmd;
exe_ouside_cmd($add_ipt);
}
/*$ext_ip=query("/runtime/webaccess/wan_ext_ip");
if($ext_ip != "")
{*/
$ipt_cmd = "";
$wan_ip = query("/runtime/webaccess/wanip");
$wan_st = query("/runtime/webaccess/wanst");
$mask = query("/runtime/webaccess/mask");
/* if($C_IP==$ext_ip)
{
*/
$laninf = PHYINF_getruntimeifname("LAN-1");
if ($SSL == '0') {
$ipt_cmd = "PRE.WFA -i " . $laninf . " -p tcp --dport " . $E_PORT . " -j DNAT --to-destination " . $wan_ip . ":" . query("/webaccess/httpport") . " &";
} else {
$ipt_cmd = "PRE.WFA -i " . $laninf . " -p tcp --dport " . $E_PORT . " -j DNAT --to-destination " . $wan_ip . ":" . query("/webaccess/httpsport") . " &";
}
if ($ipt_cmd != "") {
$del_ipt = "iptables -t nat -D " . $ipt_cmd;
exe_ouside_cmd($del_ipt);
$add_ipt = "iptables -t nat -A " . $ipt_cmd;
exe_ouside_cmd($add_ipt);
}
//if($wan_st!="public" && $mask != "")
if ($wan_st != "ppp" && $mask != "") {
$host_ip = ipv4networkid($wan_ip, $mask);
if ($SSL == '0') {
