这篇文章将为大家详细讲解有关OpenWRT如何实现有线+WiFi的STA模式双WAN叠加,小编觉得挺实用的,因此分享给大家做个参考,希望大家阅读完这篇文章后可以有所收获。
计算
安全
数据库
网络和加速
企业服务
config switch 'eth2'
option reset '0'
option enable_vlan '0'
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option ifname 'eth2'
option proto 'static'
option ipaddr '192.168.6.1'
option netmask '255.255.255.0'
config interface 'wan0'
option ifname 'wlan0'
option proto 'dhcp'
config interface 'wan1'
option ifname 'eth0'
option proto 'dhcp'
option ifname eth0
option proto dhcp注意:wan0与wan1的配置,ifname的值要对应准确,此处interface的编号要被dhcp、wireless配置文件所使用。
实现wan0、wan1自动dhcp获取IP地址功能
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
config dhcp 'wan0'
option interface 'wan0'
option ignore '1'
config dhcp 'wan1'
option interface 'wan1'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'config wifi-device 'radio0'
option type 'mac80211'
option channel '0'
option hwmode '11g'
option path 'platform/ar933x_wmac'
option htmode 'HT20'
config wifi-iface
option device 'radio0'
option network 'wan0'
option mode 'sta'
option ssid 'wifi名称'
option encryption 'psk2'
option key 'wifi密码'注意:option network的值要与/etc/config/network中的interface编号对应。
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan0'
list network 'wan1'
list network 'wan6'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan0'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan0'
option proto 'icmp'
option icmp_type 'echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type router-solicitation neighbout'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
option icmp_type 'echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user' 所有的配置操作均使用OpenWRT系统提供的uci命令,也是OpenWRT开发中比较正统的操作方法,当然也并不局限于此,如果不怕麻烦的话,直接修改配置文件也能达到同样效果。
#!/bin/sh
ENCRYPTION="psk2" #接入wifi加密方式
SSID="test" #接入wifi的SSID
KEY="12345678" #接入wifi的密码
_wifi_sta_set_firewall(){
echo > /etc/config/firewall
uci add firewall defaults 1>/dev/null
uci set firewall.@defaults[0]=defaults
uci set firewall.@defaults[0].syn_flood=1
uci set firewall.@defaults[0].input=ACCEPT
uci set firewall.@defaults[0].output=ACCEPT
uci set firewall.@defaults[0].forward=REJECT
uci add firewall zone 1>/dev/null
uci set firewall.@zone[0]=zone
uci set firewall.@zone[0].name=lan
uci set firewall.@zone[0].network=lan
uci set firewall.@zone[0].input=ACCEPT
uci set firewall.@zone[0].output=ACCEPT
uci set firewall.@zone[0].forward=ACCEPT
uci add firewall zone 1>/dev/null
uci set firewall.@zone[1]=zone
uci set firewall.@zone[1].name=wan
uci add_list firewall.@zone[1].network=wan0
uci add_list firewall.@zone[1].network=wan1
#uci add_list firewall.@zone[1].network=wan6
uci set firewall.@zone[1].input=ACCEPT
uci set firewall.@zone[1].output=ACCEPT
uci set firewall.@zone[1].forward=ACCEPT
uci set firewall.@zone[1].masq=1
uci set firewall.@zone[1].mtu_fix=1
uci add firewall forwarding 1>/dev/null
uci set firewall.@forwarding[0]=forwarding
uci set firewall.@forwarding[0].src=lan
uci set firewall.@forwarding[0].dest=wan
uci add firewall rule 1>/dev/null
uci set firewall.@rule[0]=rule
uci set firewall.@rule[0].name=Allow-DHCP-Renew
uci set firewall.@rule[0].src=wan
uci set firewall.@rule[0].proto=udp
uci set firewall.@rule[0].dest_port=68
uci set firewall.@rule[0].target=ACCEPT
uci set firewall.@rule[0].family=ipv4
uci add firewall rule 1>/dev/null
uci set firewall.@rule[1]=rule
uci set firewall.@rule[1].name=Allow-Ping
uci set firewall.@rule[1].src=wan
uci set firewall.@rule[1].proto=icmp
uci set firewall.@rule[1].icmp_type=echo-request
uci set firewall.@rule[1].family=ipv4
uci set firewall.@rule[1].target=ACCEPT
uci add firewall rule 1>/dev/null
uci set firewall.@rule[2]=rule
uci set firewall.@rule[2].name=Allow-DHCPv6
uci set firewall.@rule[2].src=wan
uci set firewall.@rule[2].proto=udp
uci set firewall.@rule[2].src_ip=fe80::/10
uci set firewall.@rule[2].src_port=547
uci set firewall.@rule[2].dest_ip=fe80::/10
uci set firewall.@rule[2].dest_port=546
uci set firewall.@rule[2].family=ipv6
uci set firewall.@rule[2].target=ACCEPT
#uci add firewall rule 1>/dev/null
#uci set firewall.@rule[3]=rule
#uci set firewall.@rule[3].name=Allow-ICMPv6-Input
#uci set firewall.@rule[3].src=wan
#uci set firewall.@rule[3].proto=icmp
#uci set firewall.@rule[3].icmp_type='echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type router-solicitation neighbout'
#uci set firewall.@rule[3].limit=1000/sec
#uci set firewall.@rule[3].family=ipv6
#uci set firewall.@rule[3].target=ACCEPT
#uci add firewall rule 1>/dev/null
#uci set firewall.@rule[4]=rule
#uci set firewall.@rule[4].name='Allow-ICMPv6-Forward'
#uci set firewall.@rule[4].src=wan
#uci set firewall.@rule[4].dest=*
#uci set firewall.@rule[4].proto=icmp
#uci set firewall.@rule[4].icmp_type='echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type'
#uci set firewall.@rule[4].limit='1000/sec'
#uci set firewall.@rule[4].family='ipv6'
#uci set firewall.@rule[4].target='ACCEPT'
echo OK
uci add firewall include 1>/dev/null
uci set firewall.@include[0]=include
uci set firewall.@include[0].path='/etc/firewall.user'
uci commit
}
_wifi_sta_set_network(){
echo > /etc/config/network
uci set network.eth2=switch
uci set network.eth2.reset=0
uci set network.eth2.enable_vlan=0
uci set network.loopback=interface
uci set network.loopback.ifname=lo
uci set network.loopback.proto=static
uci set network.loopback.ipaddr=127.0.0.1
uci set network.loopback.netmask=255.0.0.0
uci set network.lan=interface
uci set network.lan.ifname=eth2
uci set network.lan.proto=static
uci set network.lan.ipaddr=192.168.6.1
uci set network.lan.netmask=255.255.255.0
uci set network.wan0=interface
uci set network.wan0.ifname=wlan0
uci set network.wan0.proto=dhcp
uci set network.wan1=interface
uci set network.wan1.ifname=eth0
uci set network.wan1.proto=dhcp
uci commit
}
#wifi在STA模式下设置dhcp参数
_wifi_sta_set_dhcp(){
uci delete dhcp.wan 2>/dev/null
uci set dhcp.lan=dhcp
uci set dhcp.lan.interface=lan
uci set dhcp.lan.start=100
uci set dhcp.lan.limit=150
uci set dhcp.lan.leasetime=12h
uci set dhcp.lan.dhcpv6=server
uci set dhcp.lan.ra=server
uci set dhcp.wan0=dhcp
uci set dhcp.wan0.interface=wan0
uci set dhcp.wan0.ignore=1
uci set dhcp.wan1=dhcp
uci set dhcp.wan1.interface=wan1
uci set dhcp.wan1.ignore=1
uci set dhcp.odhcpd=odhcpd
uci set dhcp.odhcpd.maindhcp=0
uci set dhcp.odhcpd.leasefile=/tmp/hosts/odhcpd
uci set dhcp.odhcpd.leasetrigger=/usr/sbin/odhcpd-update
uci commit
}
#param: <ssid> <encrymode> <key>
# <ssid> 连接AP的SSID名称
# <encrymode> AP加密方式
# <key> AP密码
wifi_connect_to(){
echo > /etc/config/wireless
uci set wireless.radio0=wifi-device
uci set wireless.radio0.type=mac80211
uci set wireless.radio0.channel=0
uci set wireless.radio0.hwmode=11g
uci set wireless.radio0.path=platform/ar933x_wmac
uci set wireless.radio0.htmode=HT20
if ! uci get wireless.@wifi-iface[0] 1>/dev/null 2>/dev/null
then
uci add wireless wifi-iface 1>/dev/null 2>/dev/null
fi
uci set wireless.@wifi-iface[0]=wifi-iface
uci set wireless.@wifi-iface[0].device=radio0
uci set wireless.@wifi-iface[0].network=wan0
uci set wireless.@wifi-iface[0].mode=sta
uci set wireless.@wifi-iface[0].ssid=$1
uci set wireless.@wifi-iface[0].encryption=$2
uci set wireless.@wifi-iface[0].key=$3
uci commit
}
_wifi_sta_set_firewall #设置firewall参数
_wifi_sta_set_network #设置network参数
_wifi_sta_set_dhcp #设置dhcp参数
wifi_connect_to $SSID $ENCRYPTION $KEY #连接wifi
/etc/init.d/firewall enable
/etc/init.d/firewall restart
#/etc/init.d/network restart关于“OpenWRT如何实现有线+WiFi的STA模式双WAN叠加”这篇文章就分享到这里了,希望以上内容可以对大家有一定的帮助,使各位可以学到更多知识,如果觉得文章不错,请把它分享出去让更多的人看到。
亿速云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
原文链接:https://my.oschina.net/lvsin/blog/392817
