Browse Source

Archivos para compilar OpenWRT

master
kleper 10 months ago
parent
commit
301543f0f4
14 changed files with 529 additions and 4 deletions
  1. +4
    -4
      README.md
  2. +33
    -0
      openwrt-files/etc/config/dhcp
  3. +6
    -0
      openwrt-files/etc/config/dropbear
  4. +125
    -0
      openwrt-files/etc/config/firewall
  5. +38
    -0
      openwrt-files/etc/config/luci
  6. +43
    -0
      openwrt-files/etc/config/network
  7. +10
    -0
      openwrt-files/etc/config/rpcd
  8. +35
    -0
      openwrt-files/etc/config/system
  9. +0
    -0
      openwrt-files/etc/config/ubootenv
  10. +56
    -0
      openwrt-files/etc/config/ucitrack
  11. +135
    -0
      openwrt-files/etc/config/uhttpd
  12. +32
    -0
      openwrt-files/etc/config/wireless
  13. +6
    -0
      openwrt-files/etc/passwd
  14. +6
    -0
      openwrt-files/etc/shadow

+ 4
- 4
README.md View File

@@ -1,4 +1,4 @@
# RedINC.org - documentacion de implementación
# RedCoMani.org - documentacion de implementación

Diferentes documentos y codigo utilizado para la implementación de los servidores de la Red comunitarioa en Buenavista Cauca.

@@ -11,7 +11,7 @@ La documentacióin de este proyecto se edita de forma colaborativa en la platafo
- Infraestructura con QMP: https://docutopia.tupale.co/s/qmp+pfsense
- Wikipedia Local: https://docutopia.tupale.co/s/KiwixServe
- Configuración servidor local: https://docutopia.tupale.co/s/ServidorLocal
- LibreMESH para RedINC.org: https://tms.openstreetmap.co/lime/
- LibreMESH para RedCoMani.org: https://tms.openstreetmap.co/lime/


# Licencia
@@ -21,5 +21,5 @@ Todos los contenidos, porciones de codigo alojados en este repositorio estan baj
# creditos

Al equipo de NuestraRed.org
- Juliana Hernandez / Diseño Grafico y Programación de HTML / Contacto: juliana@tupale.co
- Fernando Castro / Configuración de Red y Programación de nodos / Contacto: fernando@tupale.co
- Juliana Hernandez / Diseño Grafico y Programación de HTML / Contacto: juliana@nuestrared.org
- Fernando Castro / Configuración de Red y Programación de nodos / Contacto: fernando@nuestrared.org

+ 33
- 0
openwrt-files/etc/config/dhcp View File

@@ -0,0 +1,33 @@

config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'

config dhcp 'lan'
option interface 'lan'
option ignore '1'

config dhcp 'wan'
option interface 'wan'
option ignore '1'

config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'


+ 6
- 0
openwrt-files/etc/config/dropbear View File

@@ -0,0 +1,6 @@

config dropbear
option PasswordAuth 'on'
option Port '22'
option Interface 'lan'


+ 125
- 0
openwrt-files/etc/config/firewall View File

@@ -0,0 +1,125 @@

config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'

config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'

config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network ' '

config forwarding
option src 'lan'
option dest 'wan'

config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'

config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'

config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'

config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'

config include
option path '/etc/firewall.user'


+ 38
- 0
openwrt-files/etc/config/luci View File

@@ -0,0 +1,38 @@

config core 'main'
option lang 'auto'
option mediaurlbase '/luci-static/bootstrap'
option resourcebase '/luci-static/resources'

config extern 'flash_keep'
option uci '/etc/config/'
option dropbear '/etc/dropbear/'
option openvpn '/etc/openvpn/'
option passwd '/etc/passwd'
option opkg '/etc/opkg.conf'
option firewall '/etc/firewall.user'
option uploads '/lib/uci/upload/'

config internal 'languages'

config internal 'sauth'
option sessionpath '/tmp/luci-sessions'
option sessiontime '3600'

config internal 'ccache'
option enable '1'

config internal 'themes'
option Bootstrap '/luci-static/bootstrap'

config internal 'apply'
option rollback '30'
option holdoff '4'
option timeout '5'
option display '1.5'

config internal 'diag'
option dns 'openwrt.org'
option ping 'openwrt.org'
option route 'openwrt.org'


+ 43
- 0
openwrt-files/etc/config/network View File

@@ -0,0 +1,43 @@

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd20:a9a3:4c8a::/48'

config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ip6assign '60'
option ipaddr '10.17.0.101'
option netmask '255.255.0.0'
option gateway '10.17.95.1'
option dns '10.17.95.1'

config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'

config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'

config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'

config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 3 4 5 0t'

config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 0t'


+ 10
- 0
openwrt-files/etc/config/rpcd View File

@@ -0,0 +1,10 @@
config rpcd
option socket /var/run/ubus.sock
option timeout 30

config login
option username 'root'
option password '$p$root'
list read '*'
list write '*'


+ 35
- 0
openwrt-files/etc/config/system View File

@@ -0,0 +1,35 @@

config system
option hostname 'OpenWrt'
option timezone 'UTC'
option ttylogin '0'
option log_size '64'
option urandom_seed '0'

config timeserver 'ntp'
option enabled '1'
option enable_server '0'
list server '0.openwrt.pool.ntp.org'
list server '1.openwrt.pool.ntp.org'
list server '2.openwrt.pool.ntp.org'
list server '3.openwrt.pool.ntp.org'

config led 'led_usb1'
option name 'USB1'
option sysfs 'tp-link:green:usb1'
option trigger 'usbdev'
option interval '50'
option dev '1-1.1'

config led 'led_usb2'
option name 'USB2'
option sysfs 'tp-link:green:usb2'
option trigger 'usbdev'
option interval '50'
option dev '1-1.2'

config led 'led_wlan2g'
option name 'WLAN2G'
option sysfs 'tp-link:blue:wlan2g'
option trigger 'phy0tpt'


+ 0
- 0
openwrt-files/etc/config/ubootenv View File


+ 56
- 0
openwrt-files/etc/config/ucitrack View File

@@ -0,0 +1,56 @@
config network
option init network
list affects dhcp
list affects radvd

config wireless
list affects network

config firewall
option init firewall
list affects luci-splash
list affects qos
list affects miniupnpd

config olsr
option init olsrd

config dhcp
option init dnsmasq
list affects odhcpd

config odhcpd
option init odhcpd

config dropbear
option init dropbear

config httpd
option init httpd

config fstab
option exec '/sbin/block mount'

config qos
option init qos

config system
option init led
option exec '/etc/init.d/log reload'
list affects luci_statistics
list affects dhcp

config luci_splash
option init luci_splash

config upnpd
option init miniupnpd

config ntpclient
option init ntpclient

config samba
option init samba

config tinyproxy
option init tinyproxy

+ 135
- 0
openwrt-files/etc/config/uhttpd View File

@@ -0,0 +1,135 @@
# Server configuration
config uhttpd main

# HTTP listen addresses, multiple allowed
list listen_http 0.0.0.0:80
list listen_http [::]:80

# HTTPS listen addresses, multiple allowed
list listen_https 0.0.0.0:443
list listen_https [::]:443

# Redirect HTTP requests to HTTPS if possible
option redirect_https 1

# Server document root
option home /www

# Reject requests from RFC1918 IP addresses
# directed to the servers public IP(s).
# This is a DNS rebinding countermeasure.
option rfc1918_filter 1

# Maximum number of concurrent requests.
# If this number is exceeded, further requests are
# queued until the number of running requests drops
# below the limit again.
option max_requests 1

# Maximum number of concurrent connections.
# If this number is exceeded, further TCP connection
# attempts are queued until the number of active
# connections drops below the limit again.
option max_connections 100

# Certificate and private key for HTTPS.
# If no listen_https addresses are given,
# the key options are ignored.
option cert /etc/uhttpd.crt
option key /etc/uhttpd.key

# CGI url prefix, will be searched in docroot.
# Default is /cgi-bin
option cgi_prefix /cgi-bin

# List of extension->interpreter mappings.
# Files with an associated interpreter can
# be called outside of the CGI prefix and do
# not need to be executable.
# list interpreter ".php=/usr/bin/php-cgi"
# list interpreter ".cgi=/usr/bin/perl"

# List of prefix->Lua handler mappings.
# Any request to an URL beneath the prefix
# will be dispatched to the associated Lua
# handler script. Lua support is disabled when
# no handler mappings are specified. Lua prefix
# matches have precedence over the CGI prefix.
list lua_prefix "/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua"

# Specify the ubus-rpc prefix and socket path.
# option ubus_prefix /ubus
# option ubus_socket /var/run/ubus.sock

# CGI/Lua timeout, if the called script does not
# write data within the given amount of seconds,
# the server will terminate the request with
# 504 Gateway Timeout response.
option script_timeout 60

# Network timeout, if the current connection is
# blocked for the specified amount of seconds,
# the server will terminate the associated
# request process.
option network_timeout 30

# HTTP Keep-Alive, specifies the timeout for persistent
# HTTP/1.1 connections. Setting this to 0 will disable
# persistent HTTP connections.
option http_keepalive 20

# TCP Keep-Alive, send periodic keep-alive probes
# over established connections to detect dead peers.
# The value is given in seconds to specify the
# interval between subsequent probes.
# Setting this to 0 will disable TCP keep-alive.
option tcp_keepalive 1

# Basic auth realm, defaults to local hostname
# option realm OpenWrt

# Configuration file in busybox httpd format
# option config /etc/httpd.conf

# Do not follow symlinks that point outside of the
# home directory.
# option no_symlinks 0

# Do not produce directory listings but send 403
# instead if a client requests an url pointing to
# a directory without any index file.
# option no_dirlists 0

# Do not authenticate any ubus-rpc requests against
# the ubus session/access procedure.
# This is dangerous and should be always left off
# except for development and debug purposes!
# option no_ubusauth 0

# For this instance of uhttpd use the listed httpauth
# sections to require Basic auth to the specified
# resources.
# list httpauth prefix_user


# Defaults for automatic certificate and key generation
config cert defaults

# Validity time
option days 730

# RSA key size
option bits 2048

# Location
option country ZZ
option state Somewhere
option location Unknown

# Common name
option commonname 'OpenWrt'

# config httpauth prefix_user
# option prefix /protected/url/path
# option username user
# option password 'plaintext_or_md5_or_$p$user_for_system_user'

+ 32
- 0
openwrt-files/etc/config/wireless View File

@@ -0,0 +1,32 @@

config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11g'
option path 'platform/ar934x_wmac'
option channel '6'
option htmode 'HT40'
option country 'US'
option legacy_rates '1'

config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option encryption 'none'
option ssid 'RedCoMani.org'

config wifi-device 'radio1'
option type 'mac80211'
option hwmode '11a'
option path 'pci0000:00/0000:00:00.0'
option channel '120'
option htmode 'HT40'
option country 'US'
option legacy_rates '1'

config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option ssid 'RedCoMani.org'
option encryption 'none'


+ 6
- 0
openwrt-files/etc/passwd View File

@@ -0,0 +1,6 @@
root:x:0:0:root:/root:/bin/ash
daemon:*:1:1:daemon:/var:/bin/false
ftp:*:55:55:ftp:/home/ftp:/bin/false
network:*:101:101:network:/var:/bin/false
nobody:*:65534:65534:nobody:/var:/bin/false
dnsmasq:x:453:453:dnsmasq:/var/run/dnsmasq:/bin/false

+ 6
- 0
openwrt-files/etc/shadow View File

@@ -0,0 +1,6 @@
root:$1$o0K13DIt$44HqwLkJyp3ZpxHjNjMh//:17926:0:99999:7:::
daemon:*:0:0:99999:7:::
ftp:*:0:0:99999:7:::
network:*:0:0:99999:7:::
nobody:*:0:0:99999:7:::
dnsmasq:x:0:0:99999:7:::

Loading…
Cancel
Save