海运的博客

tc只能对网卡出口(egress)方向限速，如果是单机限制下载速度需将入(ingress)定向到虚拟接口出，然后使用虚拟ifb接口对下载限速。
在限制上传速度时可以直接使用iptables mark数据包，但是下载的时候ingress在iptables mark之前，需要在出的时候对流量mark并save，tc在定向流量到虚拟接口的时候添加connmark。

#!/bin/bash
set -x
#上传限速，使用hfsc模式
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: hfsc default 20
tc class add dev eth0 parent 1:0 classid 1:20 hfsc sc rate 1000mbit ul rate 1000mbit
tc class add dev eth0 parent 1:0 classid 1:21 hfsc sc rate 40mbit ul rate 50mbit
#使用htb模式限速
#tc qdisc add dev eth0 root handle 1: htb default 20
#tc class add dev eth0 parent 1:0 classid 1:20 htb rate 1000mbit
#tc class add dev eth0 parent 1:20 classid 1:21 htb rate 40mbit ceil 50mbit
#给限速队列添加随机公平
#tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
#tc qdisc add dev eth0 parent 1:21 handle 21: sfq perturb 10
#iptables mark 21使用class 1:21
tc filter add dev eth0 parent 1:0 prio 1 handle 21 fw flowid 1:21

#下载限速
modprobe ifb numifbs=1
ip link set dev ifb0 up
tc qdisc del dev eth0 ingress
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: u32 match u32 0 0 action connmark \
action mirred egress redirect dev ifb0
tc qdisc del dev ifb0 root
#tc qdisc add dev ifb0 root handle 2: hfsc default 20
#tc class add dev ifb0 parent 2:0 classid 2:20 hfsc sc rate 1000mbit ul rate 1000mbit
#tc class add dev ifb0 parent 2:0 classid 2:21 hfsc sc rate 80mbit ul rate 80mbit

tc qdisc add dev ifb0 root handle 2: htb default 20
tc class add dev ifb0 parent 2:0 classid 2:20 htb rate 1000mbit
tc class add dev ifb0 parent 2:0 classid 2:21 htb rate 80mbit

#直接使用tc限制特定ip，无需iptables mark
#tc filter add dev ifb0 parent 2:0 protocol ip prio 0 u32 match ip dst 192.168.1.2 flowid 2:21
#tc filter add dev ifb0 parent 2:0 protocol ipv6 prio 0 u32 match ip6 dst 2408::/16 flowid 2:21

tc filter add dev ifb0 parent 2:0 prio 0 handle 21 fw flowid 2:21

iptables -t mangle -F
iptables -t mangle -X
ip6tables -t mangle -F
ip6tables -t mangle -X
iptables -t mangle -A POSTROUTING -p tcp --dport 443 -j MARK --set-mark 21
ip6tables -t mangle -A POSTROUTING -p tcp --dport 443 -j MARK --set-mark 21
iptables -t mangle -A POSTROUTING -m owner --uid-owner user -o eth0 -j MARK --set-mark 21
iptables -t mangle -A POSTROUTING -j CONNMARK --save-mark
ip6tables -t mangle -A POSTROUTING -j CONNMARK --save-mark

参考：
https://blog.csdn.net/i_scream_/article/details/82776333

下载mips musl交叉编译环境，也可以使用https://toolchains.bootlin.com/。

wget https://musl.cc/mips-linux-musl-cross.tgz
tar zxf mips-linux-musl-cross.tgz
export PATH=$PATH:`pwd`/mips-linux-musl-cross/bin/

编译ncurses，后续要将/lib/terminfo/x/xterm-256color等复制到目标机器/data/terminfo目录，不然运行tmux提示找不到terminfo database。

wget https://ftp.gnu.org/pub/gnu/ncurses/ncurses-6.4.tar.gz
tar zxf ncurses-6.4.tar.gz
cd ncurses-6.4/
./configure --prefix /usr/local/tmux --with-default-terminfo-dir=/data/terminfo --enable-pc-files --host=mips-linux-musl
#解决错误:strip: Unable to recognise the format of the input file `/usr/local/tmux/bin/tic'
ln -s `pwd`/../mips-linux-musl-cross/bin/mips-linux-musl-strip /usr/local/bin/strip
make && make install
rm -rf /usr/local/bin/strip

编译libevent和tmux：

wget https://github.com/libevent/libevent/releases/download/release-2.1.12-stable/libevent-2.1.12-stable.tar.gz
tar zxf libevent-2.1.12-stable.tar.gz 
cd libevent-2.1.12-stable/
./configure --prefix /usr/local/tmux --host=mips-linux-musl --disable-openssl
make && make install

wget https://github.com/tmux/tmux/releases/download/3.3a/tmux-3.3a.tar.gz
tar zxf tmux-3.3a.tar.gz 
cd tmux-3.3a/
export CFLAGS="-I/usr/local/tmux/include -I/usr/local/tmux/include/ncurses"
export LDFLAGS="-L/usr/local/tmux/lib"
./configure --enable-static --prefix=/usr/local/tmux --host=mips-linux-musl
make && make install

静态编译dropbear，当前最新版本使用SRT关闭窗口后dropbear和执行的命令一直在后台不结束，使用dropbear-2020.81版本正常。

wget https://github.com/mkj/dropbear/archive/refs/tags/DROPBEAR_2022.83.tar.gz
tar zxf DROPBEAR_2022.83.tar.gz 
cd dropbear-DROPBEAR_2022.83/
./configure --enable-static --prefix=/usr/local/dropbear --host=mips-linux-musl --disable-zlib --disable-syslog --disable-harden --disable-lastlog --disable-utmp --disable-utmpx --disable-wtmp --disable-wtmpx --disable-pututline --disable-pututxline --disable-loginfunc 
PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" MULTI=1 make strip

编译前可修改default_options.h定义dropbear运行时的PATH用来查找scp执行文件，sftp-server执行文件路径使用SFTP。

#define SFTPSERVER_PATH "/data/bin/sftp-server"
#define DROPBEAR_PATH_SSH_PROGRAM "/data/bin/dbclient"
#define DEFAULT_ROOT_PATH "/usr/sbin:/usr/bin:/sbin:/bin:/data/bin"
#define DEFAULT_PATH "/usr/bin:/bin:/data/bin"

编译的为单个文件dropbearmulti，使用时创建软链接：

ln -s /data/bin/dropbearmulti /data/bin/dropbear
ln -s /data/bin/dropbearmulti /data/bin/dropbearkey 
ln -s /data/bin/dropbearmulti /data/bin/scp     

静态编译openssl/openssh/sshd：

wget https://www.zlib.net/zlib-1.2.13.tar.gz
tar zxf zlib-1.2.13.tar.gz 
cd zlib-1.2.13/
CC=mips-linux-musl-gcc  ./configure --prefix=/usr/local/openssh --static 
make && make install

wget https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1t/openssl-1.1.1t.tar.gz
tar zxf openssl-1.1.1t.tar.gz 
cd openssl-1.1.1t
#./config no-asm no-shared --prefix=/usr/local/openssh --cross-compile-prefix=mips-linux-musl-
#sed -i 's/-m64//g' Makefile
./Configure linux-mips32 no-asm no-shared --prefix=/usr/local/openssh --cross-compile-prefix=mips-linux-musl-
make && make install

export CFLAGS="-I/usr/local/openssh/include/"
export LDFLAGS="-L/usr/local/openssh/lib/"
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.3p1.tar.gz
tar zxf openssh-9.3p1.tar.gz 
cd openssh-9.3p1/
./configure --prefix=/usr/local/openssh --host=mips-linux-musl --with-ldflags=-static --disable-lastlog --disable-utmp  --disable-utmpx --disable-wtmp  --disable-wtmpx --disable-libutil --disable-pututline --disable-pututxline --with-default-path=/usr/bin:/bin:/usr/sbin:/sbin:/sbin:/usr/sbin:/bin:/usr/bin:/data/bin
make && make install

静态编译bash:

wget https://ftp.gnu.org/gnu/bash/bash-5.1.tar.gz
tar zxf bash-5.1.tar.gz 
cd bash-5.1/
./configure --enable-static-link --host=mips-linux-musl --without-bash-malloc
make
mips-linux-musl-strip -s bash

查看rootfs所在分区：

cat /proc/mtd 
dev:    size   erasesize  name
mtd0: 00040000 00020000 "bootloader"
mtd1: 00040000 00020000 "romfile"
mtd2: 00300000 00020000 "kernel"
mtd3: 01400000 00020000 "rootfs"

通过nc将mtd rootfs分区发送到远程机器上：

nc -l -p 3333 > rootfs.bin
cat /dev/mtd3 | nc 192.168.1.8 3333

查看确认备份的文件头部是squashfs格式：

head -c 4 squashfs-root.bin |hexdump -C
00000000  68 73 71 73                                       |hsqs|

查看squashfs打包参数：

binwalk rootfs.bin 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             Squashfs filesystem, little endian, version 4.0, compression:lzma, size: 17975011 bytes, 2288 inodes, blocksize: 131072 bytes, created: 2020-06-22 04:04:58

用binwalk解压：

binwalk -e rootfs.bin 
ls _rootfs.bin.extracted/
#0.squashfs为真正大小文件，其它空间为FF填充
0.squashfs  squashfs-root

用unsquashfs解压：

unsquashfs rootfs.bin 

修改squashfs-root目录内文件后重新打包，使用之前查看的参数：

mksquashfs squashfs-root rootfs-new.bin -comp lzma -b 131072

将修改的rootfs用mtd刷入：

mtd write rootfs-new.bin rootfs

注意：有的机器固件包含签名验证，修改后不能正常开机。

参考：
https://www.callmewing.com/2018/10/03/%E9%80%86%E5%90%91PT632_G2%E5%85%89%E7%8C%AB%E5%9B%BA%E4%BB%B6/
https://akbwe.com/posts/trying-to-modify-f7607p-rootfs/
https://github.com/csersoft/HWFW_GUI

#编译工具链
make tools/install
make toolchain/install
#先进入菜单将要编译的模块选择为M
make menuconfig
make target/linux/{clean,compile}
make package/kernel/linux/{clean,compile}

使用现成工具链，省得编译浪费时间：

wget https://downloads.openwrt.org/releases/21.02.6/targets/mediatek/mt7622/openwrt-sdk-21.02.6-mediatek-mt7622_gcc-8.4.0_musl.Linux-x86_64.tar.xz
tar Jxf openwrt-sdk-21.02.6-mediatek-mt7622_gcc-8.4.0_musl.Linux-x86_64.tar.xz 
mv staging_dir staging_dir-back
mv openwrt-sdk-21.02.6-mediatek-mt7622_gcc-8.4.0_musl.Linux-x86_64/staging_dir ./

如mtkhnat模块和ipk位置：

build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7981/packages/ipkg-aarch64_cortex-a53/kmod-mediatek_hnat/lib/modules/5.4.238/mtkhnat.ko
bin/targets/mediatek/mt7981/packages/kmod-mediatek_hnat_5.4.238-1_aarch64_cortex-a53.ipk 

如果编译的最新模块小版本号与系统不一致可用sed修改，要确保模块无大更新，不然可能有兼容性问题。

sed -i 's/5\.4\.238/5\.4\.225/g' build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7981/packages/ipkg-aarch64_cortex-a53/kmod-mediatek_hnat/lib/modules/5.4.238/mtkhnat.ko

https://openwrt.org/docs/guide-developer/toolchain/single.package
https://forum.openwrt.org/t/how-to-build-an-additional-kernel-module/56575/2