海运的博客

ImmortalWrt/OpenWRT为guest wifi网络配置ipv6 nat6

发布时间:February 25, 2024 // 分类: // 2 Comments

先通过web或修改配置添加wifi guest访客网络,network配置,通过mtk管理界面添加的无线接口要添加到网桥:

config globals 'globals'
        option ula_prefix 'xxxx:xxxx:xxxx::/48'

config interface 'guest'
        option proto 'static'
        option ipaddr '10.0.100.1'
        option netmask '255.255.255.0'
        option device 'br-guest'
        option ip6assign '64'
        #分配的前缀,即xxxx:xxxx:xxxx:10::/64
        option ip6hint 10
        #只分配ula_prefix定义的私网,如果pppoe能分配60或以上可以不配置此选项分配私网和wan_6公网                                                                                                                                                                                                                             
        list ip6class local

config device
        option type 'bridge'
        option name 'br-guest'
        list ports 'ra1'
        list ports 'rax1'

通过openwrt原生无线管理添加的接口要添加到指定网络无需额外添加到网桥:

config wifi-iface 'wifinet3'
        option device 'MT7986_1_1'
        option mode 'ap'
        option ssid '2.4G-guest'
        option encryption 'psk-mixed'
        option key 'www.haiyun.me'
        option network 'guest'

dhcp配置:

config dhcp 'guest'                
        option interface 'guest'
        option start '150'
        option limit '100'            
        option leasetime '12h'     
        option dhcpv4 'server'
        list ra_flags 'none'
        option dns_service '0'        
        option ra_default '2' #强制通告ipv6路由给客户端     
        option ra 'server'
        option ra_maxinterval '120'
        option ra_ra_mininterval '60' 
        option ra_lifetime '1200' 
        option ra_useleasetime '1'
        option preferred_lifetime '10m'

iptables配置:

ip6tables -A INPUT -i br-guest -p icmpv6 -j ACCEPT
ip6tables -A FORWARD -i br-guest -o pppoe-wan -j ACCEPT
ip6tables -t nat -A POSTROUTING -s xxxx:xxxx:xxxx:10::/64 -o pppoe-wan -j MASQUERADE

当pppoe成功获取ipv6时添加ipv6默认路由:

echo 'ip -6 rou add default via $LLREMOTE dev $IFNAME' >> /lib/netifd/ppp6-up

PVE更新upgrade遇到The following packages have been kept back

发布时间:January 4, 2024 // 分类: // No Comments

The following packages have been kept back: proxmox-ve pve-kernel-helper
使用dist-upgrade,不要使用apt upgrade:

apt dist-upgrade

openwrt/immortalwrt修改odhcpd ipv6 preferred_lifetime和valid_lifetime

发布时间:December 14, 2023 // 分类: // No Comments

宽带重新拨号会重新分配ipv6前缀,有的设备仍然优先使用旧的ip段,导致ipv6不能使用,可减小preferred_lifetime时间使旧的ip段快速失效。
openwrt dhcp提供preferred_lifetime参数设置preferred时间,需要将ra_useleasetime启用才有效,同时会将valid_lifetime修改为leasetime时间。

option leasetime '2h' 
option ra_lifetime 1200
option ra_useleasetime '1'
option preferred_lifetime '10m'

odhcpd源码判断设置preferred_lifetime和valid_lifetime:

src/router.c
if (addr->preferred > (uint32_t)now) {
        preferred = TIME_LEFT(addr->preferred, now);

        if (iface->ra_useleasetime &&
                        preferred > iface->preferred_lifetime)
                preferred = iface->preferred_lifetime;
}

valid = TIME_LEFT(addr->valid, now);
if (iface->ra_useleasetime && valid > iface->dhcp_leasetime)
        valid = iface->dhcp_leasetime;

使用wireshark查看效果:
2023-12-14_162454.jpg
也可用tcpdump查看:

tcpdump -i br-lan -nn "icmp6 && ip6[40] == 134" -vv

golang版本udpxy iptv rtp多播转http单播

发布时间:December 13, 2023 // 分类: // 2 Comments

使用udpxy和msd_lite都有一些小问题,参考多方用golang写了个简单rtp多播转http单播,无缓存,cpu占用有点小高,效果不错。

package main

import (
    "flag"
    "fmt"
    "github.com/pion/rtp"
    "io"
    "net"
    "net/http"
    //"strings"
    "time"
)

var timeout = 2000 * time.Millisecond
var readbuffer = 2 * 1024 * 1024
var buffer = 1500

const (
    RTP_Payload_MP2T = 33
    ContentType_MP2T    = "video/MP2T"
    ContentType_DEFAULT = "application/octet-stream"
)

var McastIface = flag.String("m", "eth1.23", "mcast iface (IP addr or name)")
var ListenAddr = flag.String("a", "0.0.0.0", "http listen addr (default 0.0.0.0)")
var ListenPort = flag.Int("p", 8080, "http listen port (default 8080)")

func main() {
    flag.Parse()
    http.HandleFunc("/", handler)
    fmt.Printf("http listen: %s:%d\n", *ListenAddr, *ListenPort)
    err := http.ListenAndServe(fmt.Sprintf("%s:%d", *ListenAddr, *ListenPort), nil)
    if err != nil {
        panic(err)
    }
}

var tag = "/udp/"
var tagLen = len(tag)

func handler(w http.ResponseWriter, r *http.Request) {
    var err error
    defer func(w http.ResponseWriter, r *http.Request) {
        if err != nil {
            w.WriteHeader(http.StatusInternalServerError)
            io.WriteString(w, err.Error()+"\n")
        }
        fmt.Println(time.Now().Format("2006-01-02 15:04:05"), "close http: "+r.RemoteAddr)
    }(w, r)

    path := r.URL.Path
    if len(path) < tagLen {
        w.WriteHeader(http.StatusBadRequest)
        io.WriteString(w, "No address specified\n")
        return
    }

    addr := path[tagLen:]
    fmt.Println(time.Now().Format("2006-01-02 15:04:05"), addr, r.RemoteAddr)

    conn, err := newMulticastReader(addr)
    if err != nil {
        return
    }

    defer func() {
        _ = conn.Close()
        fmt.Println(time.Now().Format("2006-01-02 15:04:05"), "close udp: "+addr)
    }()

    w.Header().Set("X-Content-Type-Options", "nosniff")
    conn.SetReadBuffer(readbuffer)
    headerSent := false
    p := &rtp.Packet{}
    var buf = make([]byte, buffer)
    for {
        conn.SetReadDeadline(time.Now().Add(timeout))
        n, err := conn.Read(buf)
        if err != nil {
            fmt.Println("read err:", err)
            w.WriteHeader(http.StatusInternalServerError)
            io.WriteString(w, err.Error())
            return
        }

        //fmt.Println(time.Now(), n, "buf len:", len(buf))
        if err = p.Unmarshal(buf[:n]); err != nil {
            fmt.Println("unpack err:", err)
            return
        }
        if !headerSent {
            headerSent = true
            if p.PayloadType == RTP_Payload_MP2T {
                w.Header().Set("Content-Type", ContentType_MP2T)
            } else {
                w.Header().Set("Content-Type", ContentType_DEFAULT)
            }
            w.WriteHeader(http.StatusOK)
        }
        if _, err = w.Write(p.Payload); err != nil {
            return
        }
    }
}

func newMulticastReader(address string) (conn *net.UDPConn, err error) {
    addr, err := net.ResolveUDPAddr("udp", address)
    if err != nil {
        return
    }
    //fmt.Printf(time.Now().Format("2006-01-02 15:04:05")+" multicast: listen addr %s\n", address)
    iface, err := net.InterfaceByName(*McastIface)
    conn, err = net.ListenMulticastUDP("udp", iface, addr)
    if err != nil {
        panic(err)
    }
    return
}

参考:
https://github.com/hello-xnew/gdpxy
https://github.com/darren/retv

贝尔G-140-ME光猫使用sshd登录提示Your password has expired

发布时间:December 5, 2023 // 分类: // No Comments

修改密码后依旧如此,修改/etc/shadow用户第三个字段为正整数即可:

cat /etc/shadow
user:$1$ercaZtGB$S8x9tyPTC1Bd8Litu7irt/:17000:0:99999::::

https://blog.csdn.net/baidu_31381143/article/details/53976386

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. ...
  7. 193
分类
最新文章
最近回复
  • 海运: 不好意思,没有。
  • zongboa: 您好,請問一下有immortalwrt設定guest Wi-Fi的GUI教學嗎?感謝您。
  • 海运: 恩山有很多。
  • swsend: 大佬可以分享一下固件吗,谢谢。
  • Jimmy: 方法一 nghtp3步骤需要改成如下才能编译成功: git clone https://git...
  • 海运: 地址格式和udpxy一样,udpxy和msd_lite能用这个就能用。
  • 1: 怎么用 编译后的程序在家里路由器内任意一台设备上运行就可以吗?比如笔记本电脑 m参数是笔记本的...
  • 孤狼: ups_status_set: seems that UPS [BK650M2-CH] is ...
  • 孤狼: 擦。。。。apcupsd会失联 nut在冲到到100的时候会ONBATT进入关机状态,我想想办...
  • 海运: 网络,找到相应的url编辑重发请求,firefox有此功能,其它未知。
归档