├── .gitignore ├── .gitmodules ├── .travis.yml ├── Gruntfile.js ├── LICENSE ├── Makefile ├── NetworkingSetup.png ├── OWrt ├── config-OWrt ├── config-OWrt-qemu ├── feeds.conf ├── hostapd-eap-tls-no-client-auth.patch └── pbkdf2.py ├── README.md ├── Vagrantfile ├── app ├── changePassword.html ├── css │ ├── admin-style.css │ ├── oswald-font.css │ └── style.css ├── dashboard.html ├── data │ └── diceware.wordlist.asc ├── fonts │ ├── oswald-bold.woff │ ├── oswald-light.woff │ └── oswald.woff ├── images │ ├── antenna-off.png │ ├── antenna-on.png │ ├── antenna.svg │ ├── backgroundCube.png │ ├── buildings.jpg │ ├── city-tile.png │ ├── dashboard.png │ ├── devices.png │ ├── favicon.png │ ├── lan.png │ ├── logout.png │ ├── router.png │ ├── settings.png │ ├── stars.png │ └── update.png ├── index.html ├── js │ ├── app.js │ ├── changePassword.js │ ├── dashboard.js │ ├── diceware.js │ ├── errorCallback.js │ ├── helper.js │ ├── index.js │ ├── login.js │ ├── logout.js │ ├── monitoring.js │ ├── request.js │ ├── settings.js │ ├── sshupload.js │ ├── ssid.js │ ├── templates.js │ ├── update.js │ ├── updateBytecounts.js │ ├── usageReset.js │ └── welcome.js ├── lib │ ├── d3.min.js │ ├── handlebars-v1.3.0.js │ ├── handlebars-v1.3.0.min.js │ ├── jeditable.min.js │ ├── jquery-2.1.0.min.js │ ├── jquery-timer.js │ ├── jquery.validate.min.js │ └── jstz-1.0.4.min.js ├── login.html ├── logout.html ├── setSSID.html ├── settings.html ├── templates │ ├── dashboard.handlebars │ ├── lastLogin.handlebars │ ├── lastUpdate.handlebars │ ├── setSSID.handlebars │ ├── settings-dropdown.handlebars │ └── settings.handlebars └── welcome.html ├── build.sh ├── changeReleaseDate ├── doc ├── OpenWirelessTalk-HOPE2014.pdf ├── basic architecture and sec questions.png ├── fon research summary.jpg ├── openwireless admin ui.png ├── tech stack.png └── user path.png ├── etc ├── TZ ├── ahcp │ └── ahcp-config.sh ├── auth │ └── .keep ├── avahi │ ├── avahi-daemon.conf │ └── services │ │ ├── http.service │ │ ├── rsync.service │ │ └── ssh.service ├── banner ├── chatscripts │ ├── 3g.chat │ └── evdo.chat ├── commit ├── config │ ├── alttcp │ ├── bcp38 │ ├── ddns │ ├── debloat │ ├── dhcp │ ├── dropbear │ ├── etherwake │ ├── firewall │ ├── fstab │ ├── natpmp │ ├── network │ ├── openwireless │ ├── polipo │ ├── snmpd │ ├── sqm │ ├── system │ ├── transmission │ ├── ubootenv │ ├── ucitrack │ ├── wireless │ └── wol ├── dbus-1 │ ├── session.conf │ ├── session.d │ │ └── .keep │ ├── system.conf │ └── system.d │ │ └── avahi-dbus.conf ├── default │ └── snmpd ├── defconfig │ ├── wndr3700 │ │ ├── dhcp │ │ ├── firewall │ │ ├── network │ │ └── radvd │ └── wndr3700v2 │ │ ├── dhcp │ │ ├── firewall │ │ ├── network │ │ └── radvd ├── diag.sh ├── dibbler │ └── client.conf.sample ├── dnsmasq.conf ├── dnsmasq_net6.sh ├── dnssec-tools │ └── dnsval.conf ├── dropbear │ └── .keep ├── e2fsck.conf ├── ethers ├── firewall.user ├── fw_env.config ├── gcom │ ├── getcardinfo.gcom │ ├── getcarrier.gcom │ ├── getcnum.gcom │ ├── getimsi.gcom │ ├── getstrength.gcom │ ├── setmode.gcom │ └── setpin.gcom ├── group ├── hosts ├── hotplug-preinit.json ├── hotplug.d │ ├── block │ │ └── 10-mount │ ├── firmware │ │ └── 10-ath9k-eeprom │ ├── iface │ │ ├── 00-debloat │ │ ├── 00-netstate │ │ ├── 15-teql │ │ ├── 20-firewall │ │ ├── 25-ddns │ │ ├── 25-dnsmasq │ │ ├── 30-relay │ │ └── 50-miniupnpd │ ├── net │ │ ├── 00-sysctl │ │ └── 10-ar922x-led-fix │ └── tty │ │ └── 30-3g ├── hotplug.json ├── init.d │ ├── ahcpd │ ├── alttcp │ ├── avahi-daemon │ ├── boot │ ├── cron │ ├── dbus │ ├── ddns │ ├── dnsmasq │ ├── done │ ├── dropbear │ ├── etherwake │ ├── firewall │ ├── fstab │ ├── led │ ├── lighttpd │ ├── log │ ├── miniupnpd │ ├── nameif │ ├── natpmp │ ├── network │ ├── odhcpd │ ├── pimd │ ├── relayd │ ├── rngd │ ├── snmpd │ ├── sqm │ ├── sudo │ ├── sysctl │ ├── sysfixtime │ ├── sysntpd │ ├── system │ ├── telnet │ ├── tor │ ├── umount │ ├── wol │ └── xinetd ├── inittab ├── iproute2 │ ├── ematch_map │ ├── rt_dsfield │ ├── rt_protos │ ├── rt_realms │ ├── rt_scopes │ └── rt_tables ├── l7-protocols │ ├── aim.pat │ ├── bittorrent.pat │ ├── edonkey.pat │ ├── fasttrack.pat │ ├── ftp.pat │ ├── gnutella.pat │ ├── http.pat │ ├── ident.pat │ ├── irc.pat │ ├── jabber.pat │ ├── msnmessenger.pat │ ├── ntp.pat │ ├── pop3.pat │ ├── smtp.pat │ ├── ssl.pat │ └── vnc.pat ├── last_update_check ├── lighttpd │ ├── lighttpd.pem │ └── mime.conf ├── mactab ├── make-webcerts.sh ├── modules-boot.d │ ├── 02-crypto-hash │ ├── 20-usb-core │ ├── 30-fs-ext4 │ ├── 30-gpio-button-hotplug │ ├── 40-scsi-core │ ├── 40-usb2 │ ├── 50-usb-ohci │ └── usb-storage ├── modules.d │ ├── 02-crypto-hash │ ├── 09-crypto-arc4 │ ├── 09-crypto-authenc │ ├── 20-ipv6 │ ├── 20-usb-core │ ├── 25-nls-cp437 │ ├── 25-nls-iso8859-1 │ ├── 25-nls-iso8859-13 │ ├── 25-nls-iso8859-15 │ ├── 25-nls-iso8859-2 │ ├── 30-atm │ ├── 30-fs-autofs4 │ ├── 30-fs-ext4 │ ├── 30-fs-vfat │ ├── 30-gpio-button-hotplug │ ├── 31-iptunnel │ ├── 31-iptunnel4 │ ├── 31-iptunnel6 │ ├── 32-ip6-tunnel │ ├── 32-ipip │ ├── 32-sit │ ├── 34-ifb │ ├── 39-gre │ ├── 40-pppoa │ ├── 40-scsi-core │ ├── 40-usb2 │ ├── 42-ip6tables │ ├── 43-ipt-nat6 │ ├── 45-scsi-cdrom │ ├── 49-ipt-ipset │ ├── 50-ledtrig-usbdev │ ├── 50-usb-ohci │ ├── 60-leds-wndr3700-usb │ ├── 70-sched-core │ ├── 73-sched │ ├── ath9k │ ├── ath9k-htc │ ├── ipt-account │ ├── ipt-compat-xtables │ ├── ipt-conntrack │ ├── ipt-conntrack-extra │ ├── ipt-core │ ├── ipt-extra │ ├── ipt-filter │ ├── ipt-hashlimit │ ├── ipt-ipmark │ ├── ipt-ipopt │ ├── ipt-nat │ ├── ipt-nathelper │ ├── ipt-u32 │ ├── lib-crc-ccitt │ ├── lib-crc16 │ ├── lib-textsearch │ ├── nfnetlink │ ├── ppp │ ├── pppoe │ ├── pptp │ ├── usb-net │ └── usb-storage ├── mtab ├── ntp.conf ├── openwrt_release ├── openwrt_version ├── opkg.conf ├── passwd ├── passwd- ├── password ├── pimd.conf ├── polipo │ └── config ├── ppp │ ├── chap-secrets │ ├── filter │ └── options ├── preinit ├── profile ├── protocols ├── rc.button │ ├── failsafe │ ├── reset │ ├── rfkill │ └── wps ├── rc.common ├── rc.d │ ├── K50dropbear │ ├── K85odhcpd │ ├── K89log │ ├── K90network │ ├── K95luci_fixtime │ ├── K98boot │ ├── K99umount │ ├── S00sysfixtime │ ├── S05luci_fixtime │ ├── S05nameif │ ├── S10boot │ ├── S10system │ ├── S11sysctl │ ├── S12log │ ├── S19firewall │ ├── S20network │ ├── S35odhcpd │ ├── S40alttcp │ ├── S40fstab │ ├── S50cron │ ├── S50dropbear │ ├── S50lighttpd │ ├── S50pimd │ ├── S50snmpd │ ├── S50sqm │ ├── S50telnet │ ├── S50xinetd │ ├── S59luci_dhcp_migrate │ ├── S60dbus │ ├── S60dnsmasq │ ├── S60etherwake │ ├── S60wol │ ├── S61avahi-daemon │ ├── S70natpmp │ ├── S71ahcpd │ ├── S80relayd │ ├── S95ddns │ ├── S95done │ ├── S96led │ ├── S98rngd │ ├── S98sysntpd │ ├── S99polipo │ └── S99sudo ├── rc.local ├── resolv.conf ├── services ├── shadow ├── shadow- ├── shells ├── snmp │ └── snmpd.conf ├── ssl │ ├── certs │ │ └── opkg.pem │ ├── openssl.cnf │ └── private │ │ └── .keep ├── sudoers ├── sysctl.conf ├── sysupgrade.conf ├── tor │ └── .keep ├── uci-defaults │ └── .keep ├── update_key.gpg ├── xinetd.conf └── xinetd.d │ ├── netserver │ └── ssh ├── infra ├── etc │ └── init │ │ └── xvfb.conf └── repositories.conf ├── install-dev-dependencies.sh ├── karma.conf.js ├── lib └── update │ ├── create-crontab.py │ ├── delayed-action.py │ ├── systemwide_lock.py │ └── update.py ├── lighttpd ├── lighttpd.conf.template └── router.properties ├── local-lighttpd ├── local-lighttpd.pem ├── run-local-lighttpd.sh ├── run-lots.sh ├── run.py └── uci.py ├── package.json ├── release-testing.txt ├── requirements.txt ├── routerapi ├── accumulate_bytes ├── accumulate_bytes.py ├── audit.py ├── auth.py ├── bytecount ├── bytecount.py ├── change_password ├── change_password.py ├── change_password_first_time ├── change_password_first_time.py ├── check_interface_connection.py ├── check_updates ├── check_updates.py ├── common.py ├── dashboard ├── dashboard.py ├── gen_tz_dictionary.py ├── get_bytecounts.py ├── ip_address_retriever.py ├── login ├── login.py ├── logout ├── pbkdf2.py ├── reset_usage ├── run.py ├── set_private_ssid ├── set_private_ssid.py ├── set_timezone ├── set_timezone.py ├── settings ├── settings.py ├── setup_state ├── setup_state.py ├── speed_data.py ├── ssh_key ├── ssh_key.py ├── toggle_interface ├── toggle_interface.py ├── tz_info.py ├── uci.py ├── update ├── update.py ├── update_setting └── update_setting.py ├── run-selenium-tests.sh ├── run-tests.sh ├── scripts ├── build-with-image-builder ├── pre-commit ├── template └── unit ├── security.txt ├── selenium ├── first_time_login_screen_test.py └── login_test.py ├── sendAppToRouter ├── sendToBuild ├── spec ├── index.html ├── integration │ ├── changePasswordSpec.js │ ├── loginSpec.js │ └── requestSpec.js ├── jasmine-fixture.min.js └── unit │ └── helperSpec.js ├── spikes ├── dashboard │ ├── dashboard.html │ ├── images │ │ ├── antenna-off.png │ │ ├── antenna-on.png │ │ ├── city-tile.png │ │ ├── devices.png │ │ ├── lan.png │ │ ├── router.png │ │ ├── settings.png │ │ ├── stars.png │ │ └── update.png │ └── style.css ├── sendSpikeToOpenWrtVM ├── spike.html └── spike.js ├── sqm ├── ssh-config ├── test ├── accumulate_bytes_test.py ├── audit_test.py ├── auth_test.py ├── fake_uci.py ├── fake_uci_test.py ├── gen_tz_dictionary_test.py ├── set_private_ssid_test.py ├── set_timezone_test.py ├── speed_data_test.py ├── ssh_key_test.py ├── syntax_test.py └── update_setting_test.py ├── var └── dhcp.leases └── wireless /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | /node_modules 3 | **/bin 4 | /.idea 5 | *.pyc 6 | .*.sw* 7 | *.orig 8 | /env/ 9 | local-lighttpd/etc 10 | local-lighttpd/port-*-etc 11 | /.vagrant 12 | /.cache 13 | /dist 14 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "openwrt"] 2 | path = openwrt 3 | url = git://git.openwrt.org/openwrt 4 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: python 2 | python: 3 | - "2.7" 4 | install: 5 | - "pip install -r requirements.txt" 6 | - "npm install" 7 | script: "./run-tests.sh" 8 | -------------------------------------------------------------------------------- /Gruntfile.js: -------------------------------------------------------------------------------- 1 | module.exports = function(grunt) { 2 | grunt.initConfig({ 3 | karma: { 4 | unit: { 5 | configFile: 'karma.conf.js', 6 | singleRun: true 7 | } 8 | }, 9 | watch: { 10 | unit: { 11 | configFile: 'karma.conf.js', 12 | singleRun: false 13 | } 14 | } 15 | }); 16 | grunt.loadNpmTasks('grunt-karma'); 17 | grunt.registerTask('test', ['karma']); 18 | }; 19 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | 2 | TEMPLATES_JS=app/js/templates.js 3 | HANDLEBARS_FILES=$(wildcard app/templates/*.handlebars) # Used to generate templates.js 4 | 5 | .PHONY: all 6 | all: $(TEMPLATES_JS) 7 | 8 | .PHONY: clean 9 | clean: 10 | rm -f $(TEMPLATES_JS) 11 | 12 | 13 | $(TEMPLATES_JS): $(HANDLEBARS_FILES) 14 | $(eval TEMPFILE=$(shell mktemp --suffix _templates.js)) 15 | 16 | ./node_modules/handlebars/bin/handlebars -f $(TEMPFILE) $(HANDLEBARS_FILES) 17 | mv -f $(TEMPFILE) $(TEMPLATES_JS) 18 | chmod 644 $(TEMPLATES_JS) 19 | 20 | 21 | # NOTE: assert_templates_js_up_to_date is a temporary workaround to confirm 22 | # that templates.js is up-to-date with the handlebars templates used to 23 | # generate it. Both are checked in to source control because the build server 24 | # currently does not have handlebars installed so relies on the repo version of 25 | # templates.js 26 | # 27 | # TODO: once the build server has handlebars installed: 28 | # - remove apps/js/templates.js from source control (https://github.com/EFForg/OpenWireless/pull/234) 29 | # - always build templates.js from apps/templates/* 30 | # - remove this make target. 31 | 32 | .PHONY: assert_templates_js_up_to_date 33 | assert_templates_js_up_to_date: 34 | $(eval TEMPFILE=$(shell mktemp --suffix _templates.js)) 35 | ./node_modules/handlebars/bin/handlebars -f $(TEMPFILE) $(HANDLEBARS_FILES) 36 | diff --brief $(TEMPFILE) $(TEMPLATES_JS) # exit=1 if different 37 | -------------------------------------------------------------------------------- /NetworkingSetup.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/NetworkingSetup.png -------------------------------------------------------------------------------- /OWrt/feeds.conf: -------------------------------------------------------------------------------- 1 | src-git packages https://github.com/openwrt/packages.git^5b264252584ef750ad00cd79070ed2bfd3a29c82 2 | src-git routing https://github.com/openwrt-routing/packages.git 3 | src-git telephony http://git.openwrt.org/feed/telephony.git 4 | src-git management https://github.com/openwrt-management/packages.git 5 | src-git oldpackages http://git.openwrt.org/packages.git^2f8b5c3a58d070960e5bda418f9b4feb28629fa0 6 | src-git cero https://github.com/dtaht/ceropackages-3.10 7 | -------------------------------------------------------------------------------- /OWrt/hostapd-eap-tls-no-client-auth.patch: -------------------------------------------------------------------------------- 1 | --- eap_server_tls.c.orig 2014-07-04 20:38:57.375924045 -0700 2 | +++ eap_server_tls.c 2014-07-04 20:40:26.641854356 -0700 3 | @@ -60,7 +60,7 @@ 4 | return NULL; 5 | data->state = START; 6 | 7 | - if (eap_server_tls_ssl_init(sm, &data->ssl, 1)) { 8 | + if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) { 9 | wpa_printf(MSG_INFO, "EAP-TLS: Failed to initialize SSL."); 10 | eap_tls_reset(sm, data); 11 | return NULL; 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Build Status](https://travis-ci.org/EFForg/OpenWireless.svg?branch=master)](https://travis-ci.org/EFForg/OpenWireless) 2 | 3 | # OpenWireless Is No Longer Being Maintained 4 | 5 | In 2014, EFF began the OpenWireless firmware project as a direct, simple and scalable way to deploy high-quality open router firmware. 6 | 7 | Unfortunately, as detailed in this blog post , we’ve encountereed some significant obstacles to direct deployment. We may find a way to overcome those obstacles but, in the meantime, EFF has ceased maintaining the OpenWireless firmware project. 8 | 9 | You can still clone this repository if you wish to, and use the code however you like consistent with the Apache 2.0 license (see https://github.com/EFForg/OpenWireless/blob/master/LICENSE). 10 | 11 | If you are interested in actively maintaining this project, feel free to reach out to EFF . Please note, however, that we don't currently have the resources to provide further support. 12 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | # Vagrantfile API/syntax version. Don't touch unless you know what you're doing! 5 | VAGRANTFILE_API_VERSION = "2" 6 | 7 | Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| 8 | config.vm.box = "ubuntu/trusty64" 9 | 10 | config.vm.box_url = [ 11 | 'http://dev.home.lan/virtualbox.box', 12 | 'https://vagrantcloud.com/ubuntu/boxes/trusty64/versions/14.04/providers/virtualbox.box' 13 | ] 14 | config.vm.box_download_checksum_type='sha1' 15 | config.vm.box_download_checksum='51db35afc1730ed0fdc49f88836aff088e97ca3d' 16 | 17 | if Vagrant.has_plugin?("vagrant-cachier") 18 | config.cache.scope = :box 19 | end 20 | 21 | config.vm.provider "virtualbox" do |v| 22 | v.memory = 4048 23 | v.cpus = 4 24 | end 25 | 26 | config.vm.provision "shell", inline: < 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | Set password 14 | 15 | 16 |
17 |
18 |
19 |

Change Administrator Password

20 |

Set Administrator Password

21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 | 30 |
31 |
32 |
33 | 34 | 35 | -------------------------------------------------------------------------------- /app/css/oswald-font.css: -------------------------------------------------------------------------------- 1 | /* 2 | Oswald-Light.ttf: Copyright (c) 2011-2012, Vernon Adams (vern@newtypography.co.uk), with Reserved Font Names 'Oswald' 3 | Oswald-Regular.ttf: Copyright (c) 2011-2012, Vernon Adams (vern@newtypography.co.uk), with Reserved Font Names 'Oswald' 4 | Oswald-Bold.ttf: Copyright (c) 2011-2012, Vernon Adams (vern@newtypography.co.uk), with Reserved Font Names 'Oswald' 5 | 6 | SIL Open Font License, 1.1 7 | https://scripts.sil.org/cms/scripts/page.php?site_id=nrsi&id=OFL 8 | */ 9 | @font-face { 10 | font-family: 'Oswald'; 11 | font-style: normal; 12 | font-weight: 300; 13 | src: local('Oswald Light'), local('Oswald-Light'), url(../fonts/oswald-light.woff) format('woff'); 14 | } 15 | @font-face { 16 | font-family: 'Oswald'; 17 | font-style: normal; 18 | font-weight: 400; 19 | src: local('Oswald Regular'), local('Oswald-Regular'), url(../fonts/oswald.woff) format('woff'); 20 | } 21 | @font-face { 22 | font-family: 'Oswald'; 23 | font-style: normal; 24 | font-weight: 700; 25 | src: local('Oswald Bold'), local('Oswald-Bold'), url(../fonts/oswald-bold.woff) format('woff'); 26 | } 27 | -------------------------------------------------------------------------------- /app/fonts/oswald-bold.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/fonts/oswald-bold.woff -------------------------------------------------------------------------------- /app/fonts/oswald-light.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/fonts/oswald-light.woff -------------------------------------------------------------------------------- /app/fonts/oswald.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/fonts/oswald.woff -------------------------------------------------------------------------------- /app/images/antenna-off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/antenna-off.png -------------------------------------------------------------------------------- /app/images/antenna-on.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/antenna-on.png -------------------------------------------------------------------------------- /app/images/antenna.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | 9 | 10 | -------------------------------------------------------------------------------- /app/images/backgroundCube.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/backgroundCube.png -------------------------------------------------------------------------------- /app/images/buildings.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/buildings.jpg -------------------------------------------------------------------------------- /app/images/city-tile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/city-tile.png -------------------------------------------------------------------------------- /app/images/dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/dashboard.png -------------------------------------------------------------------------------- /app/images/devices.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/devices.png -------------------------------------------------------------------------------- /app/images/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/favicon.png -------------------------------------------------------------------------------- /app/images/lan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/lan.png -------------------------------------------------------------------------------- /app/images/logout.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/logout.png -------------------------------------------------------------------------------- /app/images/router.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/router.png -------------------------------------------------------------------------------- /app/images/settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/settings.png -------------------------------------------------------------------------------- /app/images/stars.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/stars.png -------------------------------------------------------------------------------- /app/images/update.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/app/images/update.png -------------------------------------------------------------------------------- /app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | OpenWireless Router 13 | 14 | 15 | 16 |
17 |
18 |

Redirecting...

19 |
20 |

21 | This page should take you to welcome 22 | or login in a moment. 23 | If Javascript is disabled, please enable it. 24 |

25 |
26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /app/js/app.js: -------------------------------------------------------------------------------- 1 | Number.prototype.pad = function (len) { 2 | return (new Array(len+1).join("0") + this).slice(-len); 3 | } 4 | 5 | 6 | Handlebars.registerHelper('datetime', function(datetimeString, options) { 7 | var m_names = new Array("January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December"); 8 | 9 | var d = new Date(datetimeString); 10 | var curr_date = d.getDate(); 11 | var curr_month = d.getMonth(); 12 | var curr_year = d.getFullYear(); 13 | var curr_hour = d.getHours().pad(2); 14 | var curr_minutes = d.getMinutes().pad(2); 15 | 16 | return "" + curr_date + "-" + m_names[curr_month] + "-" + curr_year + " " + curr_hour + ":" + curr_minutes; 17 | }); 18 | -------------------------------------------------------------------------------- /app/js/errorCallback.js: -------------------------------------------------------------------------------- 1 | var errorCallback = function(jqXHR, textStatus, errorThrown) { 2 | // Re-enable any buttons that were greyed out to indicate background RPCs. 3 | $("input[type=submit]").prop('disabled', false); 4 | // Filter out spurious XHR errors that are thrown on page unload. Filtering by 5 | // readyState == 0 is imperfect, but good enough. See for details: 6 | // http://stackoverflow.com/questions/1370322/jquery-ajax-fires-error-callback-on-window-unload-how-do-i-filter-out-unload-a 7 | if (jqXHR.readyState == 0) { 8 | console.log("Skipped showing error because readyState == 0."); 9 | return; 10 | } 11 | if (jqXHR.responseJSON && jqXHR.responseJSON.error) { 12 | if (jqXHR.responseJSON.error === "Not authenticated.") { 13 | helperModule.redirectTo('login.html?redirect_after_login=' + 14 | encodeURIComponent(document.location.pathname)); 15 | return; 16 | } 17 | errorText = 'Server Error: ' + jqXHR.responseJSON.error; 18 | } else { 19 | errorText = 'JS error: ' + errorThrown; 20 | } 21 | 22 | var genericError = $("#genericError"); 23 | if (genericError) { 24 | genericError.text(errorText); 25 | genericError.show(); 26 | } else { 27 | console.log("Couldn't display error to user. Error was: ", errorText); 28 | } 29 | }; 30 | -------------------------------------------------------------------------------- /app/js/helper.js: -------------------------------------------------------------------------------- 1 | var helperModule = (function(){ 2 | 3 | var isEmpty = function(value) { return !value || value.length === 0 || value == " " }; 4 | 5 | var checkEmptyField = function(field, errorField, fieldName) { 6 | if(isEmpty(field.val())) { 7 | field.addClass('error'); 8 | errorField.text("Please enter a " + fieldName + "!"); 9 | errorField.show(); 10 | field.focus(); 11 | return true; 12 | } 13 | return false; 14 | }; 15 | 16 | var url = function() { 17 | return document.location.href + ""; 18 | }; 19 | 20 | var redirectTo = function(url) { 21 | // Check for redirect to javascript: or similar URIs 22 | if (url.match(/^[a-zA-Z]*:/) && !url.match(/^https?:/)) { 23 | throw("Invalid redirect URL"); 24 | } else { 25 | window.location.href = url; 26 | } 27 | }; 28 | 29 | return { 30 | isEmpty: isEmpty, 31 | checkEmptyField: checkEmptyField, 32 | redirectTo: redirectTo, 33 | url: url 34 | }; 35 | })(); 36 | -------------------------------------------------------------------------------- /app/js/logout.js: -------------------------------------------------------------------------------- 1 | $(document).ready(function() { 2 | $("#yes").click(function() { 3 | requestModule.submitRequest({ 4 | url: '/cgi-bin/routerapi/logout', 5 | data: {}, 6 | successCallback: function() { 7 | $("#logout").hide(); 8 | $("#logged_out").show(); 9 | } 10 | }); 11 | }); 12 | $("#no").click(function() { 13 | history.back(); 14 | }); 15 | }); 16 | -------------------------------------------------------------------------------- /app/js/request.js: -------------------------------------------------------------------------------- 1 | var requestModule = (function(){ 2 | var getCsrfToken = function() { 3 | var cookies = document.cookie.split('; '); 4 | for (i = cookies.length-1; i >= 0; i--) { 5 | var keyVal = cookies[i].split('='); 6 | if (keyVal[0] === 'csrf_token') { 7 | return keyVal[1]; 8 | } 9 | } 10 | return ''; 11 | } 12 | 13 | var submitRequest = function(request){ 14 | $.ajax({ 15 | type: "POST", 16 | url: request.url, 17 | contentType: "application/json", 18 | dataType: "json", 19 | data: JSON.stringify(request.data), 20 | headers: { 21 | "X-CSRF-Token": getCsrfToken() 22 | }, 23 | success: request.successCallback, 24 | error: request.errorCallback || errorCallback, 25 | timeout: 20000 // twenty seconds 26 | }); 27 | }; 28 | 29 | return { 30 | submitRequest: submitRequest 31 | }; 32 | 33 | })(); 34 | -------------------------------------------------------------------------------- /app/js/sshupload.js: -------------------------------------------------------------------------------- 1 | $(document).on('click', '.edit-ssh', function() { 2 | $('#SSH').hide(); 3 | $('#enterSshKey').show(); 4 | }); 5 | 6 | $(document).on('click', '#cancel-SSH', function(){ 7 | $('#SSH').show(); 8 | $('#enterSshKey').hide(); 9 | }); 10 | 11 | $(document).on('click', '#submit-SSH', function(){ 12 | requestModule.submitRequest({ 13 | url: '/cgi-bin/routerapi/ssh_key', 14 | successCallback: function(data, textStatus, jqXHR) { 15 | location.reload(); 16 | }, 17 | data: { 18 | method: 'set_ssh_key', 19 | params: [$('#input-SSH').val()] 20 | } 21 | }); 22 | }); 23 | -------------------------------------------------------------------------------- /app/js/usageReset.js: -------------------------------------------------------------------------------- 1 | $(document).on('click', '#reset-usage' , function(){ 2 | 3 | var successCallback = function(){ 4 | $("#usage").text("Usage successfully reset!"); 5 | }; 6 | 7 | var errorCallback = function(){}; 8 | 9 | var resetRequest = { 10 | url: "/cgi-bin/routerapi/reset_usage", 11 | data: {}, 12 | successCallback: successCallback, 13 | errorCallback: errorCallback 14 | }; 15 | 16 | requestModule.submitRequest(resetRequest); 17 | }); 18 | -------------------------------------------------------------------------------- /app/js/welcome.js: -------------------------------------------------------------------------------- 1 | $(function() { 2 | if (document.location.port !== "") { 3 | var el = document.getElementById("continue") 4 | if (el) { 5 | var httpsPort = parseInt(document.location.port) + 1000; 6 | el.href = 'https://' + document.location.hostname + ':' + httpsPort; 7 | } 8 | } 9 | }); 10 | -------------------------------------------------------------------------------- /app/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | Login 13 | 14 | 15 | 16 |
17 |
18 |

Open Wireless

19 |

Administrator Login

20 |
21 |
22 |
23 |
24 |
25 | 26 |
27 |
28 | 29 | 30 | -------------------------------------------------------------------------------- /app/logout.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | Logout 13 | 14 | 15 | 16 |
17 |
18 |
19 |
20 |

Log out?

21 | 22 | 23 |
24 |

You are now logged out.

25 |
26 | 27 | 28 | -------------------------------------------------------------------------------- /app/templates/lastLogin.handlebars: -------------------------------------------------------------------------------- 1 | {{#if this}} 2 |

Last Login From: {{address}} on {{{datetime timestamp}}}

3 | {{/if}} 4 | -------------------------------------------------------------------------------- /app/templates/lastUpdate.handlebars: -------------------------------------------------------------------------------- 1 |
2 |
3 |

Update {{#if updateAvailable}}is available{{^}}not available{{/if}} : last checked {{{datetime lastCheckDate}}}

4 | update 5 |
6 | 7 |

Loading...

8 |
9 | -------------------------------------------------------------------------------- /app/templates/setSSID.handlebars: -------------------------------------------------------------------------------- 1 |

Restarting

2 |

SSID updated. Your router is now restarting.

3 |

Please connect to your new network {{ssid}} when it becomes available.

4 | Dashboard 5 | -------------------------------------------------------------------------------- /app/templates/settings-dropdown.handlebars: -------------------------------------------------------------------------------- 1 | {{#each options}} 2 | 3 | {{/each}} 4 | -------------------------------------------------------------------------------- /app/welcome.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | Welcome 10 | 11 | 12 | 13 |
14 |
15 |

OpenWireless

16 |

17 | Welcome to OpenWireless. The next screen will ask you to set an 18 | administrator password for this wireless router. 19 |

20 |

21 | This router uses a self-signed SSL certificate. You should expect to see 22 | a warning saying "This Connection is Untrusted" or "The site's security 23 | certificate is not trusted." Only when administrating your 24 | router, you should click through the warnings to continue. 25 |

26 |
27 | Continue 28 |
29 | 30 | 31 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Begin first time only steps 4 | git submodule init 5 | git submodule update 6 | 7 | #setup the package building system 8 | echo "Setting up feeds ..." 9 | cp OWrt/feeds.conf openwrt/feeds.conf 10 | cd openwrt 11 | ./scripts/feeds update 12 | make package/symlinks 13 | #work around for packages that break but are not needed 14 | rm -rf feeds/oldpackages/libs/libnet-1.1.x 15 | rm -rf feeds/cero/net/inetdxtra 16 | 17 | cd .. 18 | #End first time only steps 19 | 20 | 21 | #customize the target file system 22 | echo "Applying openwireless customizations ..." 23 | ./sendToBuild 24 | 25 | #customize .config 26 | echo "Setting up openwireless .config ..." 27 | cp OWrt/config-OWrt openwrt/.config 28 | 29 | echo "Building openwrt ..." 30 | cd openwrt 31 | make -j4 32 | cd .. 33 | 34 | echo "Build completed. Copying IMAGE to release directory ..." 35 | IMAGE="releases/openwireless-openwrt-squashfs-sysupgrade.bin" 36 | mkdir -p releases 37 | cp openwrt/bin/ar71xx/openwrt-ar71xx-generic-wndr3800-squashfs-sysupgrade.bin $IMAGE 38 | if ! [ -f $IMAGE ]; then 39 | echo "ERROR: For some reason $IMAGE failed to generate!" 40 | exit 1 41 | fi 42 | 43 | -------------------------------------------------------------------------------- /changeReleaseDate: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | 4 | import time 5 | import subprocess 6 | 7 | items = {} 8 | with open("etc/openwrt_release") as f: 9 | for line in f: 10 | (key, val) = line.split('=') 11 | items[key] = val 12 | 13 | items['DISTRIB_CODENAME'] = '\"' + subprocess.check_output(['git', 'rev-parse', '--short', 'HEAD'])[:-1] + '\"\n' 14 | 15 | items['DISTRIB_RELEASE_DATE'] = '\"' + subprocess.check_output(['git','log','-1','--pretty=format:%ct']) + '\"\n' 16 | 17 | version_tuple = items['DISTRIB_DESCRIPTION'].split(' ') 18 | 19 | items['DISTRIB_DESCRIPTION'] = version_tuple[0] + ' ' + subprocess.check_output(['git', 'rev-parse', '--short', 'HEAD'])[:-1] + ' ' + version_tuple[2] + ' ' + version_tuple[3] 20 | 21 | with open("etc/openwrt_release",'w') as f: 22 | for key in items: 23 | f.write(key + '=' + items[key]) 24 | 25 | with open("etc/last_update_check", "w") as f: 26 | f.write(subprocess.check_output(['git','log','-1','--pretty=format:%ct']) + '000' + " N") 27 | -------------------------------------------------------------------------------- /doc/OpenWirelessTalk-HOPE2014.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/doc/OpenWirelessTalk-HOPE2014.pdf -------------------------------------------------------------------------------- /doc/basic architecture and sec questions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/doc/basic architecture and sec questions.png -------------------------------------------------------------------------------- /doc/fon research summary.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/doc/fon research summary.jpg -------------------------------------------------------------------------------- /doc/openwireless admin ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/doc/openwireless admin ui.png -------------------------------------------------------------------------------- /doc/tech stack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/doc/tech stack.png -------------------------------------------------------------------------------- /doc/user path.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/doc/user path.png -------------------------------------------------------------------------------- /etc/TZ: -------------------------------------------------------------------------------- 1 | UTC 2 | -------------------------------------------------------------------------------- /etc/auth/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/auth/.keep -------------------------------------------------------------------------------- /etc/avahi/avahi-daemon.conf: -------------------------------------------------------------------------------- 1 | [server] 2 | host-name=cerowrt 3 | #domain-name=local 4 | use-ipv4=yes 5 | use-ipv6=yes 6 | check-response-ttl=no 7 | use-iff-running=yes 8 | deny-interfaces=ge00 9 | 10 | [publish] 11 | publish-addresses=yes 12 | publish-hinfo=yes 13 | publish-workstation=no 14 | publish-domain=yes 15 | publish-aaaa-on-ipv4=yes 16 | #publish-dns-servers=192.168.1.1 17 | #publish-resolv-conf-dns-servers=yes 18 | 19 | [reflector] 20 | enable-reflector=no 21 | #reflect-ipv6=no 22 | 23 | [rlimits] 24 | #rlimit-as= 25 | rlimit-core=0 26 | rlimit-data=4194304 27 | rlimit-fsize=0 28 | rlimit-nofile=30 29 | rlimit-stack=4194304 30 | rlimit-nproc=1 31 | -------------------------------------------------------------------------------- /etc/avahi/services/http.service: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Web Server on %h 5 | 6 | _http._tcp 7 | 80 8 | path=/ 9 | 10 | 11 | -------------------------------------------------------------------------------- /etc/avahi/services/rsync.service: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | rsync on %h 5 | 6 | _rsync._tcp 7 | 873 8 | 9 | 10 | -------------------------------------------------------------------------------- /etc/avahi/services/ssh.service: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Secure Shell on %h 5 | 6 | _ssh._tcp 7 | 22 8 | 9 | 10 | -------------------------------------------------------------------------------- /etc/banner: -------------------------------------------------------------------------------- 1 | _______ ________ __ 2 | | |.-----.-----.-----.| | | |.----.| |_ 3 | | - || _ | -__| || | | || _|| _| 4 | |_______|| __|_____|__|__||________||__| |____| 5 | |__| W I R E L E S S F R E E D O M 6 | ----------------------------------------------------- 7 | BARRIER BREAKER (3.10.50-1, r41861) 8 | ----------------------------------------------------- 9 | * 1/2 oz Galliano Pour all ingredients into 10 | * 4 oz cold Coffee an irish coffee mug filled 11 | * 1 1/2 oz Dark Rum with crushed ice. Stir. 12 | * 2 tsp. Creme de Cacao 13 | ----------------------------------------------------- 14 | -------------------------------------------------------------------------------- /etc/chatscripts/3g.chat: -------------------------------------------------------------------------------- 1 | ABORT BUSY 2 | ABORT 'NO CARRIER' 3 | ABORT ERROR 4 | REPORT CONNECT 5 | TIMEOUT 10 6 | "" "AT&F" 7 | OK "ATE1" 8 | OK 'AT+CGDCONT=1,"IP","$USE_APN"' 9 | SAY "Calling UMTS/GPRS" 10 | TIMEOUT 30 11 | OK "ATD*99***1#" 12 | CONNECT ' ' 13 | -------------------------------------------------------------------------------- /etc/chatscripts/evdo.chat: -------------------------------------------------------------------------------- 1 | # This is a simple chat script based off of the one provided by Sierra Wireless 2 | # for CDMA connections. It should work for both Sprint and Verizon networks. 3 | 4 | ABORT BUSY 5 | ABORT 'NO CARRIER' 6 | ABORT ERROR 7 | ABORT 'NO DIAL TONE' 8 | ABORT 'NO ANSWER' 9 | ABORT DELAYED 10 | REPORT CONNECT 11 | TIMEOUT 10 12 | '' AT 13 | OK ATZ 14 | SAY 'Calling CDMA/EVDO' 15 | TIMEOUT 30 16 | OK ATDT#777 17 | CONNECT '' 18 | -------------------------------------------------------------------------------- /etc/commit: -------------------------------------------------------------------------------- 1 | commit ad1722cc12af56d8c4656cc942619c968a451aef 2 | commit 80aa5c47cd2af4652ee8aa4e0e463197feef1582 3 | -------------------------------------------------------------------------------- /etc/config/alttcp: -------------------------------------------------------------------------------- 1 | config alttcp 2 | list 'allowed' 'cubic' 3 | list 'allowed' 'lp' 4 | list 'allowed' 'westwood' 5 | list 'allowed' 'reno' 6 | list 'allowed' 'vegas' 7 | option 'default' 'cubic' 8 | -------------------------------------------------------------------------------- /etc/config/bcp38: -------------------------------------------------------------------------------- 1 | config bcp38 2 | option enabled 1 3 | option interface 'ge00' 4 | option detect_upstream 1 5 | list match '127.0.0.0/8' 6 | list match '0.0.0.0/8' # RFC 1700 7 | list match '240.0.0.0/4' # RFC 5745 8 | list match '192.0.2.0/24' # RFC 5737 9 | list match '198.51.100.0/24' # RFC 5737 10 | list match '203.0.113.0/24' # RFC 5737 11 | list match '192.168.0.0/16' # RFC 1918 12 | list match '10.0.0.0/8' # RFC 1918 13 | list match '172.16.0.0/12' # RFC 1918 14 | list match '169.254.0.0/16' # RFC 3927 15 | 16 | # list nomatch '172.26.0.0/21' # Example of something not to match 17 | # There is a dhcp trigger to do this for the netmask of a 18 | # double natted connection needed 19 | 20 | # I will argue that this level of indirection doesn't scale 21 | # very well - see how to block china as an example 22 | # http://www.okean.com/china.txt 23 | -------------------------------------------------------------------------------- /etc/config/debloat: -------------------------------------------------------------------------------- 1 | # This file is presently unused. Hack /etc/hotplug.d/iface/02-debloat 2 | # instead. 3 | 4 | config wireless 5 | option 'txqueuelen' '4' 6 | config wirelessn 7 | option 'txqueuelen' '16' 8 | config wired10 9 | option 'txqueuelen' '4' 10 | config wired100 11 | option 'txqueuelen' '16' 12 | config wired1000 13 | option 'txqueuelen' '32' 14 | 15 | -------------------------------------------------------------------------------- /etc/config/dropbear: -------------------------------------------------------------------------------- 1 | config dropbear 2 | option PasswordAuth 'off' 3 | option RootPasswordAuth 'off' 4 | option Port '22' 5 | # option BannerFile '/etc/banner' 6 | -------------------------------------------------------------------------------- /etc/config/etherwake: -------------------------------------------------------------------------------- 1 | config 'etherwake' 'setup' 2 | # possible program pathes 3 | option 'pathes' '/usr/bin/etherwake /usr/bin/ether-wake' 4 | # use sudo, defaults to off 5 | option 'sudo' 'off' 6 | # interface, defaults to 'eth0' 7 | # -i 8 | option 'interface' '' 9 | # send wake-up packet to the broadcast address, defaults to off 10 | # -b 11 | option 'broadcast' 'off' 12 | 13 | config 'target' 14 | # name for the target 15 | option 'name' 'example' 16 | # mac address to wake up 17 | option 'mac' '11:22:33:44:55:66' 18 | # password in hex without any delimiters 19 | option 'password' 'AABBCCDDEEFF' 20 | # wake up on system start, defaults to off 21 | option 'wakeonboot' 'off' 22 | 23 | # To add a new target use: 24 | # uci add etherwake target 25 | # uci set etherwake.@target[-1].name=example 26 | # uci set etherwake.@target[-1].mac=11:22:33:44:55:66 27 | # uci set etherwake.@target[-1].password=AABBCCDDEEFF 28 | # uci set etherwake.@target[-1].wakeonboot=off 29 | -------------------------------------------------------------------------------- /etc/config/fstab: -------------------------------------------------------------------------------- 1 | config 'global' 2 | option anon_swap '0' 3 | option anon_mount '0' 4 | option auto_swap '1' 5 | option auto_mount '1' 6 | option delay_root '5' 7 | option check_fs '0' 8 | 9 | -------------------------------------------------------------------------------- /etc/config/natpmp: -------------------------------------------------------------------------------- 1 | config natpmp 2 | option outbound_interface ge00 3 | option inbound_interfaces 'se00 sw00 sw10' 4 | option iptables_chain natpmp 5 | 6 | -------------------------------------------------------------------------------- /etc/config/openwireless: -------------------------------------------------------------------------------- 1 | 2 | config Yes 'activatedatacap' 3 | 4 | config 600 'maxmonthlybandwidth' 5 | 6 | config 20 'maxbandwidthpercentage' 7 | 8 | config 0 'use_since_last_ui_reset' 9 | 10 | config audit 'audit' 11 | 12 | -------------------------------------------------------------------------------- /etc/config/snmpd: -------------------------------------------------------------------------------- 1 | config agent 2 | option agentaddress UDP:161 3 | 4 | config com2sec public 5 | option secname ro 6 | option source default 7 | option community public 8 | 9 | config com2sec private 10 | option secname rw 11 | option source localhost 12 | option community private 13 | 14 | config group public_v1 15 | option group public 16 | option version v1 17 | option secname ro 18 | 19 | config group public_v2c 20 | option group public 21 | option version v2c 22 | option secname ro 23 | 24 | config group public_usm 25 | option group public 26 | option version usm 27 | option secname ro 28 | 29 | config group private_v1 30 | option group private 31 | option version v1 32 | option secname rw 33 | 34 | config group private_v2c 35 | option group private 36 | option version v2c 37 | option secname rw 38 | 39 | config group private_usm 40 | option group private 41 | option version usm 42 | option secname rw 43 | 44 | config view all 45 | option viewname all 46 | option type included 47 | option oid .1 48 | 49 | config access public_access 50 | option group public 51 | option context none 52 | option version any 53 | option level noauth 54 | option prefix exact 55 | option read all 56 | option write none 57 | option notify none 58 | 59 | config access private_access 60 | option group private 61 | option context none 62 | option version any 63 | option level noauth 64 | option prefix exact 65 | option read all 66 | option write all 67 | option notify all 68 | 69 | config system 70 | option sysLocation 'office' 71 | option sysContact 'bofh@example.com' 72 | option sysName 'HeartOfGold' 73 | # option sysServices 72 74 | # option sysDescr 'adult playground' 75 | # option sysObjectID '1.2.3.4' 76 | 77 | config exec 78 | option name filedescriptors 79 | option prog /bin/cat 80 | option args /proc/sys/fs/file-nr 81 | # option miboid 1.2.3.4 82 | 83 | -------------------------------------------------------------------------------- /etc/config/sqm: -------------------------------------------------------------------------------- 1 | config queue 'ge00' 2 | option interface 'ge00' 3 | option qdisc 'fq_codel' 4 | option script 'simple.qos' 5 | option qdisc_advanced '0' 6 | option linklayer 'none' 7 | option enabled '1' 8 | option download '10000' 9 | option upload '2000' 10 | 11 | config queue 'gw00' 12 | option interface 'gw00' 13 | option qdisc 'fq_codel' 14 | option script 'simplest.qos' 15 | option qdisc_advanced '0' 16 | option linklayer 'none' 17 | option enabled '1' 18 | option download '2000' 19 | option upload '400' 20 | 21 | -------------------------------------------------------------------------------- /etc/config/system: -------------------------------------------------------------------------------- 1 | 2 | config system 3 | option hostname 'cerowrt.home.lan' 4 | option timezone 'UTC' 5 | 6 | config timeserver 'ntp' 7 | list server '0.openwrt.pool.ntp.org' 8 | list server '1.openwrt.pool.ntp.org' 9 | list server '2.openwrt.pool.ntp.org' 10 | list server '3.openwrt.pool.ntp.org' 11 | option enable_server '1' 12 | 13 | config led 'led_wan' 14 | option name 'WAN LED (green)' 15 | option sysfs 'netgear:green:wan' 16 | option default '0' 17 | 18 | config led 'led_usb' 19 | option name 'USB' 20 | option sysfs 'netgear:green:usb' 21 | option trigger 'usbdev' 22 | option dev '1-1' 23 | option interval '50' 24 | 25 | -------------------------------------------------------------------------------- /etc/config/ubootenv: -------------------------------------------------------------------------------- 1 | 2 | config ubootenv 3 | option dev '/dev/mtd1' 4 | option offset '0x0' 5 | option envsize '0x10000' 6 | option secsize '0x10000' 7 | 8 | -------------------------------------------------------------------------------- /etc/config/ucitrack: -------------------------------------------------------------------------------- 1 | 2 | config network 3 | option init 'network' 4 | list affects 'dhcp' 5 | list affects 'radvd' 6 | 7 | config wireless 8 | list affects 'network' 9 | 10 | config firewall 11 | option init 'firewall' 12 | list affects 'qos' 13 | list affects 'miniupnpd' 14 | list affects 'sqm' 15 | 16 | config olsr 17 | option init 'olsrd' 18 | 19 | config dhcp 20 | option init 'dnsmasq' 21 | 22 | config dropbear 23 | option init 'dropbear' 24 | 25 | config httpd 26 | option init 'httpd' 27 | 28 | config fstab 29 | option init 'fstab' 30 | 31 | config qos 32 | option init 'qos' 33 | 34 | config system 35 | option init 'led' 36 | 37 | config upnpd 38 | option init 'miniupnpd' 39 | 40 | config ntpclient 41 | option init 'ntpclient' 42 | 43 | config tinyproxy 44 | option init 'tinyproxy' 45 | 46 | config 6relayd 47 | option init '6relayd' 48 | 49 | config bcp38 50 | list affects 'firewall' 51 | 52 | config sqm 53 | option init 'sqm' 54 | 55 | -------------------------------------------------------------------------------- /etc/config/wireless: -------------------------------------------------------------------------------- 1 | 2 | config wifi-device 'radio0' 3 | option type 'mac80211' 4 | option channel '11' 5 | option hwmode '11g' 6 | option path 'pci0000:00/0000:00:11.0' 7 | option htmode 'HT20' 8 | option txpower '30' 9 | option country 'US' 10 | 11 | config wifi-iface 12 | option device 'radio0' 13 | option network 'sw00' 14 | option ifname 'sw00' 15 | option mode 'ap' 16 | option ssid 'OWrt' 17 | option encryption 'none' 18 | option disabled '1' 19 | 20 | config wifi-iface 21 | option device 'radio0' 22 | option network 'gw00' 23 | option mode 'ap' 24 | option ifname 'gw00' 25 | option ssid 'openwireless.org' 26 | option encryption 'none' 27 | 28 | config wifi-device 'radio1' 29 | option type 'mac80211' 30 | option channel '36' 31 | option hwmode '11a' 32 | option path 'pci0000:00/0000:00:12.0' 33 | option htmode 'HT20' 34 | option txpower '17' 35 | option country 'US' 36 | 37 | config wifi-iface 38 | option device 'radio1' 39 | option network 'sw10' 40 | option ifname 'sw10' 41 | option mode 'ap' 42 | option encryption 'none' 43 | option ssid 'Setup Open Wireless' 44 | option encryption 'none' 45 | 46 | config wifi-iface 47 | option device 'radio1' 48 | option network 'gw10' 49 | option mode 'ap' 50 | option ifname 'gw10' 51 | option encryption 'none' 52 | option ssid 'openwireless.org-5G' 53 | option encryption 'none' 54 | option disabled '1' 55 | -------------------------------------------------------------------------------- /etc/config/wol: -------------------------------------------------------------------------------- 1 | config wol-target 2 | option mac '' 3 | option enabled '0' 4 | -------------------------------------------------------------------------------- /etc/dbus-1/session.d/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/dbus-1/session.d/.keep -------------------------------------------------------------------------------- /etc/dbus-1/system.d/avahi-dbus.conf: -------------------------------------------------------------------------------- 1 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | -------------------------------------------------------------------------------- /etc/default/snmpd: -------------------------------------------------------------------------------- 1 | OPTIONS="-Lf /dev/null -p /var/run/snmpd.pid" 2 | -------------------------------------------------------------------------------- /etc/dibbler/client.conf.sample: -------------------------------------------------------------------------------- 1 | # 2 | # Example client configuration file: default 3 | # 4 | 5 | # Uncomment following line to use Link-layer DUID instead of default Link-layer+time 6 | #duid-type duid-ll 7 | 8 | # Uncomment following line to make dibbler very aggressive about getting requested 9 | # options. 10 | #insist-mode 11 | 12 | # Uncomment following line to make dibbler accept downed/not associated interfaces 13 | inactive-mode 14 | 15 | # Uncomment following line to skip confirm sending (after crash or power outage) 16 | skip-confirm 17 | 18 | log-mode short 19 | 20 | # 7 = omit debug messages 21 | log-level 7 22 | 23 | # Uncomment this line to run script every time response is received 24 | script "/etc/client-notify.sh" 25 | 26 | 27 | # Current Dibbler release adds obtained addresses with /64 prefix. Although 28 | # this violates spec (RFC3315), it is very useful as hosts in the network can 29 | # exchange data immediately. To restore previous behavior, uncomment this line: 30 | # strict-rfc-no-routing 31 | 32 | # Dibbler can detect interfaces and ask for address on every suitable interface. 33 | # If that is what you require, just don't mention any interfaces 34 | 35 | # On the other hand, you may want to specify interfaces to be configured 36 | # explicitely 37 | 38 | # Comcast is only handing out one /64 at present 39 | 40 | downlink-prefix-ifaces "se00" 41 | 42 | # /60s were buggy when last I looked 43 | # if you are getting a /56 you can put ipv6 on everything 44 | # downlink-prefix-ifaces = "se00","sw00","sw10","gw00","gw10" 45 | 46 | iface "ge00" { 47 | ia 48 | pd 49 | option dns-server 50 | option domain 51 | 52 | #option ntp-server 53 | #option time-zone 54 | #option sip-server 55 | #option sip-domain 56 | #option nis-server 57 | #option nis-domain 58 | #option nis+-server 59 | #option nis+-domain 60 | #option vendor-spec 61 | #option aftr 62 | } 63 | -------------------------------------------------------------------------------- /etc/dnsmasq.conf: -------------------------------------------------------------------------------- 1 | # If you are bold, you can enable dnssec 2 | conf-file=/usr/share/dnsmasq/trust-anchors.conf 3 | dnssec 4 | # dnssec-check-unsigned # too many broken servers out there 5 | # We are no longer using dnsmasq's dhcpv6 support and handy naming feature 6 | # Sigh 7 | #enable-ra 8 | #dhcp-range=::1,::400,constructor:se00,ra-names,ra-stateless 9 | #dhcp-range=::1,::400,constructor:sw00,ra-names,ra-stateless 10 | #dhcp-range=::1,::400,constructor:gw00,ra-names,ra-stateless 11 | #dhcp-range=::1,::400,constructor:sw10,ra-names,ra-stateless 12 | #dhcp-range=::1,::400,constructor:gw10,ra-names,ra-stateless 13 | -------------------------------------------------------------------------------- /etc/dnsmasq_net6.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Parse the dnsmasq options and create an autoconfiged ipv6 address 3 | 4 | exit 0 5 | 6 | -------------------------------------------------------------------------------- /etc/dnssec-tools/dnsval.conf: -------------------------------------------------------------------------------- 1 | ################################## 2 | # Includes 3 | ################################## 4 | 5 | # TRUSTMAN-ACTION bind-include /var/opt/named/named.conf 6 | 7 | ################################## 8 | # Global Options 9 | ################################## 10 | 11 | global-options 12 | trust-oob-answers yes 13 | edns0-size 1492 14 | env-policy disable 15 | app-policy disable 16 | ; 17 | 18 | ################################## 19 | # Default policies 20 | ################################## 21 | 22 | : trust-anchor 23 | . DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 24 | ; 25 | 26 | : zone-security-expectation 27 | . validate 28 | ; 29 | 30 | : provably-insecure-status 31 | . trusted 32 | ; 33 | 34 | : clock-skew 35 | . -1 36 | ; 37 | 38 | ################################## 39 | # MTA Policies 40 | ################################## 41 | 42 | mta provably-insecure-status 43 | . trusted 44 | ; 45 | 46 | mta clock-skew 47 | . -1 48 | ; 49 | 50 | ################################## 51 | # Web Browser Policies 52 | ################################## 53 | 54 | browser provably-insecure-status 55 | . trusted 56 | ; 57 | 58 | browser clock-skew 59 | . 0 60 | ; 61 | -------------------------------------------------------------------------------- /etc/dropbear/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/dropbear/.keep -------------------------------------------------------------------------------- /etc/e2fsck.conf: -------------------------------------------------------------------------------- 1 | [options] 2 | broken_system_clock = true 3 | 4 | -------------------------------------------------------------------------------- /etc/ethers: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/ethers -------------------------------------------------------------------------------- /etc/fw_env.config: -------------------------------------------------------------------------------- 1 | /dev/mtd1 0x0 0x10000 0x10000 2 | -------------------------------------------------------------------------------- /etc/gcom/getcardinfo.gcom: -------------------------------------------------------------------------------- 1 | opengt 2 | set com 115200n81 3 | set comecho off 4 | set senddelay 0.02 5 | waitquiet 0.2 0.2 6 | flash 0.1 7 | 8 | :start 9 | send "ATI^m" 10 | get 1 "" $s 11 | print $s 12 | 13 | :continue 14 | exit 0 15 | -------------------------------------------------------------------------------- /etc/gcom/getcarrier.gcom: -------------------------------------------------------------------------------- 1 | opengt 2 | set senddelay 0.05 3 | waitquiet 1 0.2 4 | let c=1 5 | :loop 6 | inc c 7 | send "AT+CGATT?^m" 8 | waitfor 5 "+CGATT: 1","+CGATT: 0" 9 | print "\n." 10 | if % = -1 goto error 11 | if c > 10 goto toolong 12 | if % = 0 goto out 13 | sleep 2 14 | if % = 1 goto loop 15 | :toolong 16 | exit 1 17 | :error 18 | exit 0 19 | :out 20 | exit 0 21 | -------------------------------------------------------------------------------- /etc/gcom/getcnum.gcom: -------------------------------------------------------------------------------- 1 | opengt 2 | set com 115200n81 3 | set comecho off 4 | set senddelay 0.02 5 | waitquiet 0.2 0.2 6 | flash 0.1 7 | 8 | :start 9 | send "AT+CNUM^m" 10 | get 1 "^m" $n 11 | get 1 ":" $n 12 | get 1 "\"" $n 13 | get 1 "\"" $n 14 | get 1 "\"" $n 15 | get 1 "\"" $n 16 | let n = len($n) 17 | if n<1 goto continue 18 | print $n 19 | :continue 20 | exit 0 21 | -------------------------------------------------------------------------------- /etc/gcom/getimsi.gcom: -------------------------------------------------------------------------------- 1 | opengt 2 | set com 115200n81 3 | set comecho off 4 | set senddelay 0.02 5 | waitquiet 0.2 0.2 6 | flash 0.1 7 | 8 | :start 9 | send "AT+CIMI^m" 10 | get 1 "^m" $s 11 | get 1 "^m" $s 12 | let x = len($s) 13 | if x<2 goto continue 14 | let $s = $right($s, x-1) 15 | print $s 16 | :continue 17 | exit 0 18 | -------------------------------------------------------------------------------- /etc/gcom/getstrength.gcom: -------------------------------------------------------------------------------- 1 | opengt 2 | set com 115200n81 3 | set comecho off 4 | set senddelay 0.02 5 | waitquiet 0.2 0.2 6 | flash 0.1 7 | 8 | :start 9 | send "AT+CSQ^m" 10 | get 1 "" $s 11 | print $s 12 | 13 | :continue 14 | exit 0 15 | -------------------------------------------------------------------------------- /etc/gcom/setmode.gcom: -------------------------------------------------------------------------------- 1 | # set wwan mode from environment 2 | opengt 3 | set com 115200n81 4 | set senddelay 0.02 5 | waitquiet 1 0.2 6 | flash 0.1 7 | 8 | :start 9 | print "Trying to set mode\n" 10 | send $env("MODE") 11 | send "^m" 12 | 13 | waitfor 15 "OK","ERR","ERROR" 14 | if % = 0 goto continue 15 | if % = 1 goto modeerror 16 | if % = 2 goto modeerror 17 | 18 | print "Timeout setting WWAN mode!\n" 19 | exit 1 20 | 21 | :modeerror 22 | print "Error setting WWAN mode!\n" 23 | exit 1 24 | 25 | :continue 26 | exit 0 27 | -------------------------------------------------------------------------------- /etc/gcom/setpin.gcom: -------------------------------------------------------------------------------- 1 | # set pin code from evnironment "$PINCODE" 2 | opengt 3 | set com 115200n81 4 | set senddelay 0.05 5 | waitquiet 3 0.5 6 | flash 0.1 7 | 8 | let c=0 9 | :start 10 | send "AT+CPIN?^m" 11 | waitfor 15 "SIM PUK","SIM PIN","READY","ERROR","ERR" 12 | if % = -1 goto timeout 13 | if % = 0 goto ready 14 | if % = 1 goto setpin 15 | if % = 2 goto ready 16 | if % = 3 goto checkrepeat 17 | if % = 4 goto checkrepeat 18 | 19 | :checkrepeat 20 | inc c 21 | if c>3 goto pinerror 22 | waitquiet 12 0.5 23 | goto start 24 | 25 | :timeout 26 | print "timeout checking for PIN." 27 | exit 1 28 | 29 | :ready 30 | print "SIM ready\n" 31 | goto continue 32 | exit 0 33 | 34 | :setpin 35 | # check if output was "SIM PIN2", that's ok. 36 | waitfor 1 "2" 37 | if % = 0 goto ready 38 | 39 | print "Trying to set PIN\n" 40 | send "AT+CPIN=\"" 41 | send $env("PINCODE") 42 | send "\"^m" 43 | 44 | waitfor 20 "OK","ERR" 45 | if % = -1 goto pinerror 46 | if % = 0 goto continue 47 | if % = 1 goto pinerror 48 | 49 | :pinerror 50 | print "Error setting PIN, check card manually\n" 51 | exit 1 52 | 53 | :continue 54 | print "PIN set successfully\n" 55 | exit 0 56 | -------------------------------------------------------------------------------- /etc/group: -------------------------------------------------------------------------------- 1 | root:x:0: 2 | daemon:x:1: 3 | adm:x:4: 4 | mail:x:8: 5 | audio:x:29: 6 | www-data:x:33: 7 | ftp:x:55: 8 | users:x:100: 9 | network:x:101: 10 | nogroup:x:65534: 11 | news:x:31: 12 | www-data:x:33: 13 | bind:x:124: 14 | -------------------------------------------------------------------------------- /etc/hosts: -------------------------------------------------------------------------------- 1 | 127.0.0.1 localhost 2 | -------------------------------------------------------------------------------- /etc/hotplug-preinit.json: -------------------------------------------------------------------------------- 1 | [ 2 | [ "case", "ACTION", { 3 | "add": [ 4 | [ "if", 5 | [ "has", "FIRMWARE" ], 6 | [ 7 | [ "exec", "/sbin/hotplug-call", "%SUBSYSTEM%" ], 8 | [ "load-firmware", "/lib/firmware" ], 9 | [ "return" ] 10 | ] 11 | ], 12 | ], 13 | }, ], 14 | [ "if", 15 | [ "and", 16 | [ "eq", "SUBSYSTEM", "button" ], 17 | ], 18 | [ "exec", "/etc/rc.button/failsafe" ] 19 | ], 20 | ] 21 | -------------------------------------------------------------------------------- /etc/hotplug.d/block/10-mount: -------------------------------------------------------------------------------- 1 | /sbin/block hotplug 2 | -------------------------------------------------------------------------------- /etc/hotplug.d/firmware/10-ath9k-eeprom: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | ath9k_eeprom_die() { 4 | echo "ath9k eeprom: " "$*" 5 | exit 1 6 | } 7 | 8 | ath9k_eeprom_extract() { 9 | local part=$1 10 | local offset=$2 11 | local count=$3 12 | local mtd 13 | 14 | mtd=$(find_mtd_chardev $part) 15 | [ -n "$mtd" ] || \ 16 | ath9k_eeprom_die "no mtd device found for partition $part" 17 | 18 | dd if=$mtd of=/lib/firmware/$FIRMWARE bs=1 skip=$offset count=$count 2>/dev/null || \ 19 | ath9k_eeprom_die "failed to extract from $mtd" 20 | } 21 | 22 | ath9k_patch_firmware_mac() { 23 | local mac=$1 24 | 25 | [ -z "$mac" ] && return 26 | 27 | macaddr_2bin $mac | dd of=/lib/firmware/$FIRMWARE conv=notrunc bs=1 seek=2 count=6 28 | } 29 | 30 | [ -e /lib/firmware/$FIRMWARE ] && exit 0 31 | 32 | . /lib/ar71xx.sh 33 | . /lib/functions.sh 34 | . /lib/functions/system.sh 35 | 36 | board=$(ar71xx_board_name) 37 | 38 | case "$FIRMWARE" in 39 | "soc_wmac.eeprom") 40 | case $board in 41 | wndr4300) 42 | ath9k_eeprom_extract "caldata" 4096 2048 43 | ath9k_patch_firmware_mac $(mtd_get_mac_binary caldata 0) 44 | ;; 45 | *) 46 | ath9k_eeprom_die "board $board is not supported yet" 47 | ;; 48 | esac 49 | ;; 50 | 51 | "pci_wmac0.eeprom") 52 | case $board in 53 | wndr4300) 54 | ath9k_eeprom_extract "caldata" 20480 2048 55 | ath9k_patch_firmware_mac $(mtd_get_mac_binary caldata 12) 56 | ;; 57 | *) 58 | ath9k_eeprom_die "board $board is not supported yet" 59 | ;; 60 | esac 61 | ;; 62 | esac 63 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/00-debloat: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | #DEBLOAT_LOG=/tmp/debloat.log 4 | #DEBLOAT_LOG2=/tmp/debloat2.log 5 | DEBLOAT_LOG=/dev/null 6 | DEBLOAT_LOG2=/dev/null 7 | 8 | SQM=0 9 | SQM=`uci get sqm.${DEVICE}.enabled` 10 | 11 | [ "$ACTION" = "ifup" -a "$SQM" != "1" ] && { 12 | IFACE=$DEVICE QMODEL=fq_codel_ll /usr/sbin/debloat >> $DEBLOAT_LOG 2>> $DEBLOAT_LOG2 13 | } 14 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/00-netstate: -------------------------------------------------------------------------------- 1 | [ ifup = "$ACTION" ] && { 2 | uci_toggle_state network "$INTERFACE" up 1 3 | [ -n "$DEVICE" ] && { 4 | uci_toggle_state network "$INTERFACE" device "$(uci -q get network.$INTERFACE.ifname)" 5 | uci_toggle_state network "$INTERFACE" ifname "$DEVICE" 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/15-teql: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | . /lib/functions.sh 4 | 5 | if [ "$ACTION" != "ifup" ]; then 6 | exit 7 | fi 8 | 9 | config_load network 10 | 11 | config_get teql $INTERFACE teql 12 | 13 | if [ "$teql" != "" ]; then 14 | logger Adding device $DEVICE to TEQL master $teql 15 | insmod sch_teql 16 | tc qdisc add dev $DEVICE root $teql 17 | 18 | # The kernel doesn't let us bring it up until it has at least one 19 | # slave. So bring it up now, if it isn't already. 20 | if ! cat /sys/class/net/$teql/carrier &>/dev/null; then 21 | ifup $teql & 22 | fi 23 | fi 24 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/20-firewall: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | [ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0 4 | [ "$ACTION" = ifupdate -a -z "$IFUPDATE_ADDRESSES" -a -z "$IFUPDATE_DATA" ] && exit 0 5 | 6 | /etc/init.d/firewall enabled || exit 0 7 | 8 | fw3 -q network "$INTERFACE" >/dev/null || exit 0 9 | 10 | logger -t firewall "Reloading firewall due to $ACTION of $INTERFACE ($DEVICE)" 11 | fw3 -q reload 12 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/25-ddns: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | . /usr/lib/ddns/dynamic_dns_functions.sh 4 | 5 | if [ "$ACTION" = "ifup" ]; then 6 | start_daemon_for_all_ddns_sections "$INTERFACE" 7 | fi 8 | 9 | 10 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/25-dnsmasq: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | [ "$ACTION" = ifup ] || exit 0 4 | 5 | export DNSMASQ_HOTPLUG=1 6 | /etc/init.d/dnsmasq enabled && /etc/init.d/dnsmasq start 7 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/30-relay: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | /etc/init.d/relayd enabled && /etc/init.d/relayd start 3 | -------------------------------------------------------------------------------- /etc/hotplug.d/iface/50-miniupnpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | /etc/init.d/miniupnpd enabled && [ "$ACTION" = "ifup" ] && { 4 | local iface 5 | for iface in $(uci_get upnpd config internal_iface; uci_get upnpd config external_iface); do 6 | [ "$INTERFACE" = "$iface" ] && /etc/init.d/miniupnpd restart 7 | done 8 | } 9 | -------------------------------------------------------------------------------- /etc/hotplug.d/net/00-sysctl: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ -f /etc/sysctl.conf ] && [ "$ACTION" = add ]; then 4 | sed -ne "/^[[:space:]]*net\..*\.$DEVICENAME\./p" /etc/sysctl.conf | \ 5 | sysctl -e -p - | logger -t sysctl 6 | fi 7 | -------------------------------------------------------------------------------- /etc/hotplug.d/net/10-ar922x-led-fix: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # For AR9220 and AR9223, GPIO JTAG must explicit be disabled 4 | # before LEDs start working. Do this when wifi device is 5 | # detected. 6 | 7 | # 8 | # $DEVPATH is not valid for some boards (including WZR-HP-AG300H). 9 | # Manipulate the $DEVPATH to reach the corresponding phyN. 10 | # 11 | 12 | devdir=`dirname $DEVPATH` 13 | devdir=`dirname $devdir` 14 | phydir=/sys$devdir/ieee80211 15 | phyname=`cat $phydir/phy*/name` 16 | 17 | if [ -z $phyname -o $ACTION != "add" ]; then exit 0; fi 18 | 19 | # 20 | # ar922x_disable_gpio_jtag(): 21 | # 22 | # Emulate 23 | # REG_SET_BIT(ah, AR_GPIO_INPUT_EN_VAL, AR_GPIO_JTAG_DISABLE); 24 | # for AR9220 and AR9223. 25 | # 26 | 27 | ar922x_disable_gpio_jtag() 28 | { 29 | local regidx=0x4054 30 | 31 | [ -f /sys/kernel/debug/ieee80211/$1/ath9k/regidx ] && { 32 | echo $regidx > /sys/kernel/debug/ieee80211/$1/ath9k/regidx 33 | regval=`cat /sys/kernel/debug/ieee80211/$1/ath9k/regval` 34 | regval=$((regval | 0x20000)) 35 | echo regval $regval 36 | echo $regval > /sys/kernel/debug/ieee80211/$1/ath9k/regval 37 | } 38 | } 39 | 40 | if [ $phyname -a $ACTION = "add" ]; then 41 | 42 | . /lib/ar71xx.sh 43 | 44 | case $(ar71xx_board_name) in 45 | wzr-hp-ag300h) 46 | ar922x_disable_gpio_jtag $phyname 47 | ;; 48 | esac; 49 | fi 50 | 51 | exit 0 52 | -------------------------------------------------------------------------------- /etc/hotplug.d/tty/30-3g: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | . /lib/functions.sh 3 | . /lib/netifd/netifd-proto.sh 4 | 5 | find_3g_iface() { 6 | local cfg="$1" 7 | local tty="$2" 8 | 9 | local proto 10 | config_get proto "$cfg" proto 11 | [ "$proto" = 3g ] || return 0 12 | 13 | # bypass state vars here because 00-netstate could clobber .device 14 | local dev=$(uci_get network "$cfg" device) 15 | 16 | if [ "${dev##*/}" = "${tty##*/}" ]; then 17 | if [ "$ACTION" = add ]; then 18 | available=1 19 | else 20 | available=0 21 | fi 22 | proto_set_available "$cfg" $available 23 | fi 24 | } 25 | 26 | case "$DEVICENAME" in 27 | tty*) 28 | [ -e "/dev/$DEVICENAME" ] || [ "$ACTION" = remove ] || exit 0 29 | config_load network 30 | config_foreach find_3g_iface interface "/dev/$DEVICENAME" 31 | ;; 32 | esac 33 | 34 | -------------------------------------------------------------------------------- /etc/init.d/alttcp: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | START=40 3 | 4 | PDIR=/proc/sys/net/ipv4/ 5 | SERVICE_USE_PID=0 6 | 7 | check_available() { 8 | local cong=$1 9 | local y=0 10 | local i=" " 11 | insmod tcp_$cong 2> /dev/null 12 | local a=`cat $PDIR/tcp_available_congestion_control` 13 | for i in $a 14 | do 15 | if [ "$i" = "$cong" ] 16 | then 17 | y=1 18 | fi 19 | done 20 | echo $y 21 | } 22 | 23 | parse_allowed() { 24 | config_list_foreach $1 $2 $3 25 | } 26 | 27 | alttcp_addproto() { 28 | local argv="$1" 29 | local r=`check_available $argv` 30 | [ "$r" = "1" ] && append protos "$argv" 31 | } 32 | 33 | alttcp_config() { 34 | local cfg="$1" 35 | local interface 36 | local _loctmp 37 | config_list_foreach $cfg 'allowed' alttcp_addproto 38 | config_get default $cfg default 39 | } 40 | 41 | start() { 42 | config_load alttcp 43 | unset args 44 | unset protos 45 | config_foreach alttcp_config alttcp 46 | [ ! -z "$protos" ] && echo $protos > $PDIR/tcp_allowed_congestion_control 47 | echo $default > $PDIR/tcp_congestion_control 48 | } 49 | 50 | stop() { 51 | : 52 | } 53 | -------------------------------------------------------------------------------- /etc/init.d/avahi-daemon: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2014 OpenWrt.org 3 | START=61 4 | USE_PROCD=1 5 | 6 | PROG=/usr/sbin/avahi-daemon 7 | CONFIGFILE=/etc/avahi/avahi-daemon.conf 8 | 9 | start_service() { 10 | procd_open_instance 11 | procd_set_param command $PROG -s 12 | procd_set_param file $CONFIGFILE 13 | procd_set_param respawn 14 | procd_close_instance 15 | } 16 | 17 | reload() { 18 | $PROG -r 19 | } 20 | 21 | -------------------------------------------------------------------------------- /etc/init.d/boot: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=10 5 | STOP=98 6 | 7 | uci_apply_defaults() { 8 | . /lib/functions/system.sh 9 | 10 | cd /etc/uci-defaults || return 0 11 | files="$(ls)" 12 | [ -z "$files" ] && return 0 13 | mkdir -p /tmp/.uci 14 | for file in $files; do 15 | ( . "./$(basename $file)" ) && rm -f "$file" 16 | done 17 | uci commit 18 | } 19 | 20 | boot() { 21 | [ -f /proc/mounts ] || /sbin/mount_root 22 | [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc 23 | [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD 24 | 25 | mkdir -p /var/run 26 | mkdir -p /var/log 27 | mkdir -p /var/lock 28 | mkdir -p /var/state 29 | mkdir -p /tmp/.uci 30 | chmod 0700 /tmp/.uci 31 | touch /var/log/wtmp 32 | touch /var/log/lastlog 33 | touch /tmp/resolv.conf.auto 34 | ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf 35 | grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug 36 | [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe 37 | 38 | /sbin/kmodloader 39 | 40 | # allow wifi modules time to settle 41 | sleep 1 42 | 43 | /sbin/wifi detect > /tmp/wireless.tmp 44 | [ -s /tmp/wireless.tmp ] && { 45 | cat /tmp/wireless.tmp >> /etc/config/wireless 46 | } 47 | rm -f /tmp/wireless.tmp 48 | 49 | uci_apply_defaults 50 | 51 | # temporary hack until configd exists 52 | /sbin/reload_config 53 | 54 | start 55 | 56 | # create /dev/root if it doesn't exist 57 | [ -e /dev/root -o -h /dev/root ] || { 58 | rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) 59 | [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /etc/init.d/cron: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | 6 | USE_PROCD=1 7 | PROG=/usr/sbin/crond 8 | 9 | validate_cron_section() { 10 | uci_validate_section system system "${1}" \ 11 | 'cronloglevel:uinteger' 12 | } 13 | 14 | start_service () { 15 | [ -z "$(ls /etc/crontabs/)" ] && return 1 16 | 17 | loglevel=$(uci_get "system.@system[0].cronloglevel") 18 | 19 | [ -z "${loglevel}" ] || { 20 | /sbin/validate_data uinteger "${loglevel}" 21 | [ "$?" -eq 0 ] || { 22 | echo "validation failed" 23 | return 1 24 | } 25 | } 26 | 27 | mkdir -p /var/spool/cron 28 | ln -s /etc/crontabs /var/spool/cron/ 2>/dev/null 29 | 30 | procd_open_instance 31 | procd_set_param command "$PROG" -f -c /etc/crontabs -l ${loglevel:-5} 32 | procd_close_instance 33 | } 34 | 35 | service_triggers() 36 | { 37 | procd_add_validation validate_cron_section 38 | } 39 | -------------------------------------------------------------------------------- /etc/init.d/dbus: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2007-2011 OpenWrt.org 3 | 4 | START=60 5 | 6 | SERVICE_PID_FILE=/var/run/dbus.pid 7 | 8 | start() { 9 | mkdir -m 0755 -p /var/lib/dbus 10 | mkdir -m 0755 -p /var/run/dbus 11 | [ -x /usr/bin/dbus-uuidgen ] && /usr/bin/dbus-uuidgen --ensure 12 | service_start /usr/sbin/dbus-daemon --system 13 | } 14 | 15 | stop() { 16 | service_stop /usr/sbin/dbus-daemon && rm $SERVICE_PID_FILE 17 | } 18 | -------------------------------------------------------------------------------- /etc/init.d/ddns: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | START=95 3 | 4 | start() { 5 | . /usr/lib/ddns/dynamic_dns_functions.sh 6 | start_daemon_for_all_ddns_sections 7 | } 8 | 9 | stop() { 10 | killall -9 dynamic_dns_updater.sh 11 | } 12 | 13 | -------------------------------------------------------------------------------- /etc/init.d/done: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | START=95 5 | boot() { 6 | [ -d /tmp/root ] && mount_root done 7 | 8 | # process user commands 9 | [ -f /etc/rc.local ] && { 10 | sh /etc/rc.local 11 | } 12 | 13 | # set leds to normal state 14 | . /etc/diag.sh 15 | set_state done 16 | } 17 | -------------------------------------------------------------------------------- /etc/init.d/dropbear: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2010 OpenWrt.org 3 | # Copyright (C) 2006 Carlos Sobrinho 4 | 5 | NAME=dropbear 6 | PROG=/usr/sbin/dropbear 7 | START=50 8 | STOP=50 9 | PIDCOUNT=0 10 | 11 | keygen() 12 | { 13 | mkdir -p /etc/dropbear 14 | chmod 0700 /etc/dropbear 15 | chown 0 /etc/dropbear 16 | for keytype in rsa dss; do 17 | # check for keys 18 | key=dropbear/dropbear_${keytype}_host_key 19 | [ -f /tmp/$key -o -s /etc/$key ] || { 20 | # generate missing keys 21 | mkdir -p /tmp/dropbear 22 | [ -x /usr/bin/dropbearkey ] && { 23 | /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start 24 | } & 25 | exit 0 26 | } 27 | done 28 | 29 | lock /tmp/.switch2jffs 30 | mkdir -p /etc/dropbear 31 | mv /tmp/dropbear/dropbear_* /etc/dropbear/ 32 | lock -u /tmp/.switch2jffs 33 | chown root /etc/dropbear 34 | chmod 0700 /etc/dropbear 35 | } 36 | 37 | start() 38 | { 39 | [ -s /etc/dropbear/dropbear_rsa_host_key -a \ 40 | -s /etc/dropbear/dropbear_dss_host_key ] || keygen 41 | } 42 | 43 | stop() 44 | { 45 | : 46 | } 47 | 48 | -------------------------------------------------------------------------------- /etc/init.d/firewall: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=99 4 | USE_PROCD=1 5 | QUIET="" 6 | 7 | validate_firewall_redirect() 8 | { 9 | uci_validate_section firewall redirect "${1}" \ 10 | 'proto:or(uinteger, string)' \ 11 | 'src:string' \ 12 | 'src_ip:cidr' \ 13 | 'src_dport:or(port, portrange)' \ 14 | 'dest:string' \ 15 | 'dest_ip:cidr' \ 16 | 'dest_port:or(port, portrange)' \ 17 | 'target:or("SNAT", "DNAT")' 18 | 19 | return $? 20 | } 21 | 22 | validate_firewall_rule() 23 | { 24 | uci_validate_section firewall rule "${1}" \ 25 | 'proto:or(uinteger, string)' \ 26 | 'src:string' \ 27 | 'dest:string' \ 28 | 'src_port:or(port, portrange)' \ 29 | 'dest_port:or(port, portrange)' \ 30 | 'target:string' 31 | 32 | return $? 33 | } 34 | 35 | service_triggers() { 36 | procd_add_reload_trigger firewall 37 | 38 | procd_open_validate 39 | validate_firewall_redirect 40 | validate_firewall_rule 41 | procd_close_validate 42 | } 43 | 44 | restart() { 45 | fw3 restart 46 | } 47 | 48 | start_service() { 49 | fw3 ${QUIET} start 50 | } 51 | 52 | stop_service() { 53 | fw3 flush 54 | } 55 | 56 | reload_service() { 57 | fw3 reload 58 | } 59 | 60 | boot() { 61 | # Be silent on boot, firewall might be started by hotplug already, 62 | # so don't complain in syslog. 63 | QUIET=1 64 | start 65 | } 66 | -------------------------------------------------------------------------------- /etc/init.d/fstab: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # (C) 2013 openwrt.org 3 | 4 | START=40 5 | 6 | start() { 7 | echo "this file has been obseleted. please call \"/sbin/block mount\" directly" 8 | /sbin/block mount 9 | } 10 | 11 | stop() { 12 | echo "this file has been obseleted. please call \"/sbin/block umount\" directly" 13 | /sbin/block umount 14 | } 15 | -------------------------------------------------------------------------------- /etc/init.d/lighttpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | PROG=/usr/sbin/lighttpd 6 | CONFIGFILE=/etc/lighttpd/lighttpd.conf 7 | LOGDIR=/var/log/lighttpd 8 | USE_PROCD=1 9 | 10 | start_service() { 11 | mkdir -m 0755 -p $LOGDIR 12 | 13 | procd_open_instance 14 | procd_set_param command $PROG -D -f $CONFIGFILE 15 | procd_set_param file $CONFIGFILE 16 | procd_set_param respawn 17 | procd_close_instance 18 | 19 | } 20 | 21 | -------------------------------------------------------------------------------- /etc/init.d/nameif: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=05 4 | 5 | start() { 6 | /sbin/nameif 7 | } 8 | -------------------------------------------------------------------------------- /etc/init.d/odhcpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=35 4 | STOP=85 5 | USE_PROCD=1 6 | 7 | start_service() { 8 | procd_open_instance 9 | procd_set_param command /usr/sbin/odhcpd 10 | procd_set_param respawn 11 | procd_close_instance 12 | } 13 | 14 | service_triggers() 15 | { 16 | procd_add_reload_trigger "dhcp" 17 | } 18 | 19 | -------------------------------------------------------------------------------- /etc/init.d/pimd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=50 5 | USE_PROCD=1 6 | PROG=/usr/sbin/pimd 7 | 8 | start_service() { 9 | procd_open_instance 10 | procd_set_param command "$PROG" -f 11 | procd_set_param respawn 12 | procd_close_instance 13 | } 14 | 15 | -------------------------------------------------------------------------------- /etc/init.d/rngd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=98 5 | USE_PROCD=1 6 | PROG=/sbin/rngd 7 | 8 | RNGD_INTERVAL=30 9 | RNGD_AMOUNT=4000 10 | RNGD_DEVICE="/dev/urandom" 11 | 12 | start_service() { 13 | procd_open_instance 14 | procd_set_param command $PROG -f -r $RNGD_DEVICE -W $RNGD_AMOUNT -t $RNGD_INTERVAL 15 | procd_set_param respawn 16 | procd_close_instance 17 | } 18 | -------------------------------------------------------------------------------- /etc/init.d/sqm: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=50 4 | 5 | reload() 6 | { 7 | /usr/lib/sqm/run.sh 8 | } 9 | 10 | restart() 11 | { 12 | reload 13 | } 14 | 15 | start() 16 | { 17 | reload 18 | } 19 | 20 | stop() 21 | { 22 | /usr/lib/sqm/run.sh stop 23 | } -------------------------------------------------------------------------------- /etc/init.d/sudo: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=99 5 | 6 | start() { 7 | [ -d /var/lib/sudo ] || { 8 | mkdir -m 0755 -p /var/lib/sudo 9 | chmod 0700 /var/lib/sudo 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /etc/init.d/sysctl: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | START=11 5 | start() { 6 | [ -f /etc/sysctl.conf ] && sysctl -p -e >&- 7 | } 8 | -------------------------------------------------------------------------------- /etc/init.d/sysfixtime: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2013-2014 OpenWrt.org 3 | 4 | START=00 5 | 6 | boot() { 7 | local curtime="$(date +%s)" 8 | local maxtime="$(find /etc -type f -exec date +%s -r {} \; | sort -nr | head -n1)" 9 | [ $curtime -lt $maxtime ] && \ 10 | date -s @$maxtime && \ 11 | logger -t sysfixtime -p daemon.notice "Time fixed" 12 | } 13 | 14 | -------------------------------------------------------------------------------- /etc/init.d/sysntpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=98 5 | 6 | USE_PROCD=1 7 | PROG=/usr/sbin/ntpd 8 | 9 | validate_ntp_section() { 10 | uci_validate_section system timeserver "${1}" \ 11 | 'server:list(host)' 'enable_server:bool:0' 12 | } 13 | 14 | start_service() { 15 | local server enable_server peer 16 | 17 | validate_ntp_section ntp || { 18 | echo "validation failed" 19 | return 1 20 | } 21 | 22 | [ -z "$server" ] && return 23 | 24 | procd_open_instance 25 | procd_set_param command "$PROG" -n -S /usr/sbin/ntpd_record_stratum 26 | [ "$enable_server" = "1" ] && procd_append_param command -l 27 | for peer in $server; do 28 | procd_append_param command -p $peer 29 | done 30 | procd_set_param respawn 31 | procd_close_instance 32 | } 33 | 34 | service_triggers() 35 | { 36 | procd_add_reload_trigger "system" 37 | procd_add_validation validate_ntp_section 38 | } 39 | -------------------------------------------------------------------------------- /etc/init.d/system: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2014 OpenWrt.org 3 | 4 | START=10 5 | USE_PROCD=1 6 | 7 | validate_system_section() 8 | { 9 | uci_validate_section system system "${1}" \ 10 | 'hostname:string:OpenWrt' \ 11 | 'conloglevel:uinteger' \ 12 | 'buffersize:uinteger' \ 13 | 'timezone:string:UTC' \ 14 | 'zonename:string' 15 | 16 | return $? 17 | } 18 | 19 | system_config() { 20 | local cfg="$1" 21 | 22 | local hostname conloglevel buffersize timezone zonename 23 | 24 | validate_system_section "${1}" || { 25 | echo "validation failed" 26 | return 1 27 | } 28 | 29 | echo "$hostname" > /proc/sys/kernel/hostname 30 | [ -z "$conloglevel" -a -z "$buffersize" ] || dmesg ${conloglevel:+-n $conloglevel} ${buffersize:+-s $buffersize} 31 | echo "$timezone" > /tmp/TZ 32 | [ -n "$zonename" ] && [ -f "/usr/share/zoneinfo/$zonename" ] && ln -s "/usr/share/zoneinfo/$zonename" /tmp/localtime 33 | 34 | # apply timezone to kernel 35 | date -k 36 | } 37 | 38 | reload_service() { 39 | config_load system 40 | config_foreach system_config system 41 | } 42 | 43 | service_triggers() 44 | { 45 | procd_add_reload_trigger "system" 46 | procd_add_validation validate_system_section 47 | } 48 | 49 | start_service() { 50 | reload_service 51 | } 52 | -------------------------------------------------------------------------------- /etc/init.d/telnet: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | 6 | USE_PROCD=1 7 | PROG=/usr/sbin/telnetd 8 | 9 | has_root_pwd() { 10 | local pwd=$([ -f "$1" ] && cat "$1") 11 | pwd="${pwd#*root:}" 12 | pwd="${pwd%%:*}" 13 | 14 | test -n "${pwd#[\!x]}" 15 | } 16 | 17 | get_root_home() { 18 | local homedir=$([ -f "$1" ] && cat "$1") 19 | homedir="${homedir#*:*:0:0:*:}" 20 | 21 | echo "${homedir%%:*}" 22 | } 23 | 24 | has_ssh_pubkey() { 25 | ( /etc/init.d/dropbear enabled 2> /dev/null && grep -qs "^ssh-" /etc/dropbear/authorized_keys ) || \ 26 | ( /etc/init.d/sshd enabled 2> /dev/null && grep -qs "^ssh-" "$(get_root_home /etc/passwd)"/.ssh/authorized_keys ) 27 | } 28 | 29 | start_service() { 30 | if ( ! has_ssh_pubkey && \ 31 | ! has_root_pwd /etc/passwd && ! has_root_pwd /etc/shadow ) || \ 32 | ( ! /etc/init.d/dropbear enabled 2> /dev/null && ! /etc/init.d/sshd enabled 2> /dev/null ); 33 | then 34 | procd_open_instance 35 | procd_set_param command "$PROG" -F -l /bin/login.sh 36 | procd_close_instance 37 | fi 38 | } 39 | -------------------------------------------------------------------------------- /etc/init.d/tor: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=99 5 | STOP=50 6 | 7 | USE_PROCD=1 8 | 9 | start_service() { 10 | user_exists tor 52 || user_add tor 52 52 /var/lib/tor 11 | group_exists tor 52 || group_add tor 52 12 | [ -f /var/run/tor.pid ] || { 13 | touch /var/run/tor.pid 14 | chown tor:tor /var/run/tor.pid 15 | } 16 | [ -d /var/lib/tor ] || { 17 | mkdir -m 0755 -p /var/lib/tor 18 | chmod 0700 /var/lib/tor 19 | chown tor:tor /var/lib/tor 20 | } 21 | [ -d /var/log/tor ] || { 22 | mkdir -m 0755 -p /var/log/tor 23 | chown tor:tor /var/log/tor 24 | } 25 | procd_open_instance 26 | procd_set_param command /usr/sbin/tor --runasdaemon 0 27 | procd_close_instance 28 | } 29 | -------------------------------------------------------------------------------- /etc/init.d/umount: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | STOP=99 5 | stop() { 6 | sync 7 | /bin/umount -a -d -r 8 | } 9 | -------------------------------------------------------------------------------- /etc/init.d/wol: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2007 OpenWrt.org 3 | 4 | START=60 5 | 6 | append_string() { 7 | local section="$1" 8 | local option="$2" 9 | local value="$3" 10 | local _val 11 | config_get _val "$section" "$option" 12 | [ -n "$_val" ] && append args "$3$_val" 13 | } 14 | 15 | start_service() { 16 | local cfg="$1" 17 | args="" 18 | 19 | append_string "$cfg" broadcast "--host=" 20 | append_string "$cfg" port "--port=" 21 | append_string "$cfg" password "--passwd=" 22 | append_string "$cfg" mac "" 23 | config_get_bool enabled "$cfg" "enabled" '1' 24 | [ "$enabled" -gt 0 ] && /usr/bin/wol $args 25 | } 26 | 27 | start() { 28 | config_load wol 29 | config_foreach start_service wol-target 30 | } 31 | -------------------------------------------------------------------------------- /etc/init.d/xinetd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | 6 | SERVICE_USE_PID=1 7 | 8 | start() { 9 | service_start /usr/sbin/xinetd -pidfile /var/run/xinetd.pid 10 | } 11 | 12 | stop() { 13 | service_stop /usr/sbin/xinetd 14 | } 15 | 16 | -------------------------------------------------------------------------------- /etc/inittab: -------------------------------------------------------------------------------- 1 | ::sysinit:/etc/init.d/rcS S boot 2 | ::shutdown:/etc/init.d/rcS K shutdown 3 | ::askconsole:/bin/ash --login 4 | -------------------------------------------------------------------------------- /etc/iproute2/ematch_map: -------------------------------------------------------------------------------- 1 | # lookup table for ematch kinds 2 | 1 cmp 3 | 2 nbyte 4 | 3 u32 5 | 4 meta 6 | -------------------------------------------------------------------------------- /etc/iproute2/rt_dsfield: -------------------------------------------------------------------------------- 1 | 0x00 default 2 | 0x10 lowdelay 3 | 0x08 throughput 4 | 0x04 reliability 5 | # This value overlap with ECT, do not use it! 6 | 0x02 mincost 7 | # These values seems do not want to die, Cisco likes them by a strange reason. 8 | 0x20 priority 9 | 0x40 immediate 10 | 0x60 flash 11 | 0x80 flash-override 12 | 0xa0 critical 13 | 0xc0 internet 14 | 0xe0 network 15 | # Newer RFC2597 values 16 | 0x28 AF11 17 | 0x30 AF12 18 | 0x38 AF13 19 | 0x48 AF21 20 | 0x50 AF22 21 | 0x58 AF23 22 | 0x68 AF31 23 | 0x70 AF32 24 | 0x78 AF33 25 | 0x88 AF41 26 | 0x90 AF42 27 | 0x98 AF43 28 | 29 | 30 | -------------------------------------------------------------------------------- /etc/iproute2/rt_protos: -------------------------------------------------------------------------------- 1 | # 2 | # Reserved protocols. 3 | # 4 | 0 unspec 5 | 1 redirect 6 | 2 kernel 7 | 3 boot 8 | 4 static 9 | 8 gated 10 | 9 ra 11 | 10 mrt 12 | 11 zebra 13 | 12 bird 14 | 13 dnrouted 15 | 14 xorp 16 | 15 ntk 17 | 16 dhcp 18 | 42 babel 19 | 20 | # 21 | # Used by me for gated 22 | # 23 | 254 gated/aggr 24 | 253 gated/bgp 25 | 252 gated/ospf 26 | 251 gated/ospfase 27 | 250 gated/rip 28 | 249 gated/static 29 | 248 gated/conn 30 | 247 gated/inet 31 | 246 gated/default 32 | -------------------------------------------------------------------------------- /etc/iproute2/rt_realms: -------------------------------------------------------------------------------- 1 | # 2 | # reserved values 3 | # 4 | 0 cosmos 5 | # 6 | # local 7 | # 8 | #1 inr.ac 9 | #2 inr.ruhep 10 | #3 freenet 11 | #4 radio-msu 12 | #5 russia 13 | #6 internet 14 | -------------------------------------------------------------------------------- /etc/iproute2/rt_scopes: -------------------------------------------------------------------------------- 1 | # 2 | # reserved values 3 | # 4 | 0 global 5 | 255 nowhere 6 | 254 host 7 | 253 link 8 | # 9 | # pseudo-reserved 10 | # 11 | 200 site 12 | -------------------------------------------------------------------------------- /etc/iproute2/rt_tables: -------------------------------------------------------------------------------- 1 | # 2 | # reserved values 3 | # 4 | 255 local 5 | 254 main 6 | 253 default 7 | 0 unspec 8 | # 9 | # local 10 | # 11 | #1 inr.ruhep 12 | -------------------------------------------------------------------------------- /etc/l7-protocols/aim.pat: -------------------------------------------------------------------------------- 1 | # AIM - AOL instant messenger (OSCAR and TOC) 2 | # Pattern attributes: good slow notsofast 3 | # Protocol groups: chat proprietary 4 | # Wiki: http://www.protocolinfo.org/wiki/AIM 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # Usually runs on port 5190 8 | # 9 | # This may also match ICQ traffic. 10 | # 11 | # This pattern has been tested and is believed to work well. 12 | 13 | aim 14 | # See http://gridley.res.carleton.edu/~straitm/final (and various other places) 15 | # The first bit matches OSCAR signon and data commands, but not sure what 16 | # \x03\x0b matches, but it works apparently. 17 | # The next three bits match various parts of the TOC signon process. 18 | # The third one is the magic number "*", then 0x01 for "signon", then up to four 19 | # bytes ("up to" because l7-filter strips out nulls) which contain a sequence 20 | # number (2 bytes) the data length (2 more) and 3 nulls (which don't count), 21 | # then 0x01 for the version number (not sure if there ever has been another 22 | # version) 23 | # The fourth one is a command string, followed by some stuff, then the 24 | # beginning of the "roasted" password 25 | 26 | # This pattern is too slow! 27 | 28 | ^(\*[\x01\x02].*\x03\x0b|\*\x01.?.?.?.?\x01)|flapon|toc_signon.*0x 29 | -------------------------------------------------------------------------------- /etc/l7-protocols/bittorrent.pat: -------------------------------------------------------------------------------- 1 | # Bittorrent - P2P filesharing / publishing tool - http://www.bittorrent.com 2 | # Pattern attributes: good slow594 notsofast undermatch 3 | # Protocol groups: p2p open_source 4 | # Wiki: http://www.protocolinfo.org/wiki/Bittorrent 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # This pattern has been tested and is believed to work well. 8 | # It will, however, not work on bittorrent streams that are encrypted, since 9 | # it's impossible to match (well) encrypted data. 10 | 11 | bittorrent 12 | 13 | # Does not attempt to match the HTTP download of the tracker 14 | # 0x13 is the length of "bittorrent protocol" 15 | # Second two bits match UDP wierdness 16 | # Next bit matches something Azureus does 17 | # Ditto on the next bit. Could also match on "user-agent: azureus", but that's in the next 18 | # packet and perhaps this will match multiple clients. 19 | # bitcomet-specific strings contributed by liangjun. 20 | 21 | # This is not a valid GNU basic regular expression (but that's ok). 22 | ^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP] 23 | 24 | # This pattern is "fast", but won't catch as much 25 | #^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=) 26 | -------------------------------------------------------------------------------- /etc/l7-protocols/edonkey.pat: -------------------------------------------------------------------------------- 1 | # eDonkey2000 - P2P filesharing - http://edonkey2000.com and others 2 | # Pattern attributes: good veryfast fast overmatch 3 | # Protocol groups: p2p 4 | # Wiki: http://www.protocolinfo.org/wiki/EDonkey 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # Tested recently (April/May 2006) with eMule 0.47a and eDonkey2000 1.4 8 | # and a long time ago with something else. 9 | # 10 | # In addition to matching what you might expect, this matches much of 11 | # what eMule does when you tell it to only connect to the KAD network. 12 | # I don't quite know what to make of this. 13 | 14 | # Thanks to Matt Skidmore 15 | 16 | edonkey 17 | 18 | # http://gd.tuwien.ac.at/opsys/linux/sf/p/pdonkey/eDonkey-protocol-0.6 19 | # 20 | # In addition to \xe3, \xc5 and \xd4, I see a lot of \xe5. 21 | # As of April 2006, I also see some \xe4. 22 | # 23 | # God this is a mess. What an irritating protocol. 24 | # This will match about 2% of streams with random data in them! 25 | # (But fortunately much fewer than 2% of streams that are other protocols. 26 | # You can test this with the data in ../testing/) 27 | 28 | ^[\xc5\xd4\xe3-\xe5].?.?.?.?([\x01\x02\x05\x14\x15\x16\x18\x19\x1a\x1b\x1c\x20\x21\x32\x33\x34\x35\x36\x38\x40\x41\x42\x43\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58[\x60\x81\x82\x90\x91\x93\x96\x97\x98\x99\x9a\x9b\x9c\x9e\xa0\xa1\xa2\xa3\xa4]|\x59................?[ -~]|\x96....$) 29 | 30 | # matches everything and too much 31 | # ^(\xe3|\xc5|\xd4) 32 | 33 | # ipp2p essentially uses "\xe3....\x47", which doesn't seem at all right to me. 34 | 35 | # bandwidtharbitrator uses 36 | # e0.*@.*6[a-z].*p$|e0.*@.*[a-z]6[a-z].*p0$|e.*@.*[0-9]6.*p$|emule|edonkey 37 | # no comments to explain what all the mush is, of course... 38 | -------------------------------------------------------------------------------- /etc/l7-protocols/fasttrack.pat: -------------------------------------------------------------------------------- 1 | # FastTrack - P2P filesharing (Kazaa, Morpheus, iMesh, Grokster, etc) 2 | # Pattern attributes: good slow notsofast 3 | # Protocol groups: p2p 4 | # Wiki: http://www.protocolinfo.org/wiki/Fasttrack 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # Tested with Kazaa Lite Resurrection 0.0.7.6F 8 | # 9 | # This appears to match the download connections well, but not the search 10 | # connections (I think they are encrypted :-( ). 11 | 12 | fasttrack 13 | # while this is a valid http request, this will be caught because 14 | # the http pattern matches the response (and therefore the next packet) 15 | # Even so, it's best to put this match earlier in the chain. 16 | # http://cvs.berlios.de/cgi-bin/viewcvs.cgi/gift-fasttrack/giFT-FastTrack/PROTOCOL?rev=HEAD&content-type=text/vnd.viewcvs-markup 17 | 18 | # This pattern is kinda slow, but not too bad. 19 | ^get (/.download/[ -~]*|/.supernode[ -~]|/.status[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]? 20 | 21 | # This isn't much faster: 22 | #^get (/.download/.*|/.supernode.|/.status.|/.network.*|/.files|/.hash=[0-9a-f]*/.*) http/1.1|user-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]?[0-9]?[0-9]? 23 | 24 | -------------------------------------------------------------------------------- /etc/l7-protocols/http.pat: -------------------------------------------------------------------------------- 1 | # HTTP - HyperText Transfer Protocol - RFC 2616 2 | # Pattern attributes: great slow notsofast superset 3 | # Protocol groups: document_retrieval ietf_draft_standard 4 | # Wiki: http://protocolinfo.org/wiki/HTTP 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # Usually runs on port 80 8 | # 9 | # This pattern has been tested and is believed to work well. 10 | # 11 | # this intentionally catches the response from the server rather than 12 | # the request so that other protocols which use http (like kazaa) can be 13 | # caught based on specific http requests regardless of the ordering of 14 | # filters... also matches posts 15 | 16 | # Sites that serve really long cookies may break this by pushing the 17 | # server response too far away from the beginning of the connection. To 18 | # fix this, increase the kernel's data buffer length. 19 | 20 | http 21 | # Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF (rfc 2616) 22 | # As specified in rfc 2616 a status code is preceeded and followed by a 23 | # space. 24 | http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\x09-\x0d -~]*(connection:|content-type:|content-length:|date:)|post [\x09-\x0d -~]* http/[01]\.[019] 25 | # A slightly faster version that might be good enough: 26 | #http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9]|post [\x09-\x0d -~]* http/[01]\.[019] 27 | # old pattern(s): 28 | #(http[\x09-\x0d -~]*(200 ok|302 |304 )[\x09-\x0d -~]*(connection:|content-type:|content-length:))|^(post [\x09-\x0d -~]* http/) 29 | -------------------------------------------------------------------------------- /etc/l7-protocols/ident.pat: -------------------------------------------------------------------------------- 1 | # Ident - Identification Protocol - RFC 1413 2 | # Pattern attributes: good fast fast 3 | # Protocol groups: networking ietf_proposed_standard 4 | # Wiki: http://www.protocolinfo.org/wiki/Ident 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # Usually runs on port 113 8 | # 9 | # This pattern is believed to work. 10 | 11 | ident 12 | # "number , numberCRLF" possibly without the CR and/or LF. 13 | # ^$ is appropriate because the first packet should never have anything 14 | # else in it. 15 | ^[1-9][0-9]?[0-9]?[0-9]?[0-9]?[\x09-\x0d]*,[\x09-\x0d]*[1-9][0-9]?[0-9]?[0-9]?[0-9]?(\x0d\x0a|[\x0d\x0a])?$ 16 | -------------------------------------------------------------------------------- /etc/l7-protocols/irc.pat: -------------------------------------------------------------------------------- 1 | # IRC - Internet Relay Chat - RFC 1459 2 | # Pattern attributes: great veryfast fast 3 | # Protocol groups: chat ietf_proposed_standard 4 | # Wiki: http://www.protocolinfo.org/wiki/IRC 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # Usually runs on port 6666 or 6667 8 | # Note that chat traffic runs on these ports, but IRC-DCC traffic (which 9 | # can use much more bandwidth) uses a dynamically assigned port, so you 10 | # must have the IRC connection tracking module in your kernel to classify 11 | # this. 12 | # 13 | # This pattern has been tested and is believed to work well. 14 | 15 | irc 16 | # First thing that happens is that the client sends NICK and USER, in 17 | # either order. This allows MIRC color codes (\x02-\x0d instead of 18 | # \x09-\x0d). 19 | ^(nick[\x09-\x0d -~]*user[\x09-\x0d -~]*:|user[\x09-\x0d -~]*:[\x02-\x0d -~]*nick[\x09-\x0d -~]*\x0d\x0a) 20 | 21 | -------------------------------------------------------------------------------- /etc/l7-protocols/jabber.pat: -------------------------------------------------------------------------------- 1 | # Jabber (XMPP) - open instant messenger protocol - RFC 3920 - http://jabber.org 2 | # Pattern attributes: good notsofast notsofast 3 | # Protocol groups: chat ietf_proposed_standard 4 | # Wiki: http://www.protocolinfo.org/wiki/Jabber 5 | # Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE 6 | # 7 | # This pattern has been tested with Gaim and Gabber. It is only tested 8 | # with non-SSL mode Jabber with no proxies. 9 | 10 | # Thanks to Jan Hudec for some improvements. 11 | 12 | # Jabber seems to take a long time to set up a connection. I'm 13 | # connecting with Gabber 0.8.8 to 12jabber.org and the first 8 packets 14 | # is this: 15 | # 20 | # 21 | # No mention of my username or password yet, you'll note. 22 | 23 | jabber 24 | for this pattern. 12 | 13 | vnc 14 | # Assumes single digit major and minor version numbers 15 | # This message should be all alone in the first packet, so ^$ is appropriate 16 | ^rfb 00[1-9]\.00[0-9]\x0a$ 17 | 18 | # This is a more restrictive version which assumes the version numbers 19 | # are ones actually in existance at the time of this writing, i.e. 3.3, 20 | # 3.7 and 3.8 (with some clients wrongly reporting 3.5). It should be 21 | # slightly faster, but probably not worth the extra maintenance. 22 | # ^rfb 003\.00[3578]\x0a$ 23 | 24 | -------------------------------------------------------------------------------- /etc/last_update_check: -------------------------------------------------------------------------------- 1 | 1420745793000 N -------------------------------------------------------------------------------- /etc/mactab: -------------------------------------------------------------------------------- 1 | se00 bus=ag71xx.0 2 | ge00 bus=ag71xx.1 3 | -------------------------------------------------------------------------------- /etc/make-webcerts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | days=1826 4 | bits=2048 5 | pem=/etc/lighttpd/lighttpd.pem 6 | 7 | HL=`uname -n` 8 | HS=`hostname` 9 | IP=`ip addr show dev se00 | awk '/inet / {sub(/\/.*/, "", $2); print $2}'` 10 | 11 | if [ "$HS" = "(none)" ] 12 | then 13 | HS=cerowrt 14 | fi 15 | 16 | if [ "$HL" = "(none)" ] 17 | then 18 | HL=cerowrt 19 | fi 20 | 21 | DOTS=`echo $HL | cut -f2 -d.` 22 | 23 | if [ -z $DOTS ] 24 | then 25 | if [ "$HL" = "$HS" ]; then 26 | HL="$HS.home.lan" 27 | fi 28 | fi 29 | 30 | commonname=$HL 31 | if [ -n "$IP" ] 32 | then 33 | export SAN="DNS:gw.home.lan, DNS:gw, DNS:$HS.local, DNS:$HS, DNS:$HL, IP:$IP" 34 | else 35 | export SAN="DNS:gw.home.lan, DNS:gw, DNS:$HS.local, DNS:$HS, DNS:$HL" 36 | fi 37 | 38 | sed '/req_extensions = v3_req/s/^# *//; /SAN/d; /CA:true/d /^HOME/i\ 39 | SAN="email:support@cerowrt.org" 40 | /\[ v3_\(req\|ca\) \]/ a\ 41 | subjectAltName=${ENV::SAN} 42 | ' /etc/ssl/openssl.cnf > /tmp/openssl.cnf 43 | 44 | openssl req -new -newkey rsa:$bits -x509 -keyout $pem -out $pem -days $days \ 45 | -nodes -subj "/CN=$commonname" \ 46 | -config /tmp/openssl.cnf 47 | rm /tmp/openssl.cnf 48 | 49 | /etc/init.d/lighttpd stop # can get wedged 50 | /etc/init.d/lighttpd start # hopefully unwedged 51 | 52 | -------------------------------------------------------------------------------- /etc/modules-boot.d/02-crypto-hash: -------------------------------------------------------------------------------- 1 | crypto_hash 2 | -------------------------------------------------------------------------------- /etc/modules-boot.d/20-usb-core: -------------------------------------------------------------------------------- 1 | usb-common 2 | usbcore 3 | -------------------------------------------------------------------------------- /etc/modules-boot.d/30-fs-ext4: -------------------------------------------------------------------------------- 1 | mbcache 2 | jbd2 3 | ext4 4 | -------------------------------------------------------------------------------- /etc/modules-boot.d/30-gpio-button-hotplug: -------------------------------------------------------------------------------- 1 | gpio-button-hotplug 2 | -------------------------------------------------------------------------------- /etc/modules-boot.d/40-scsi-core: -------------------------------------------------------------------------------- 1 | sd_mod 2 | -------------------------------------------------------------------------------- /etc/modules-boot.d/40-usb2: -------------------------------------------------------------------------------- 1 | ehci-hcd 2 | ehci-platform 3 | -------------------------------------------------------------------------------- /etc/modules-boot.d/50-usb-ohci: -------------------------------------------------------------------------------- 1 | ohci-hcd 2 | -------------------------------------------------------------------------------- /etc/modules-boot.d/usb-storage: -------------------------------------------------------------------------------- 1 | usb-storage 2 | -------------------------------------------------------------------------------- /etc/modules.d/02-crypto-hash: -------------------------------------------------------------------------------- 1 | crypto_hash 2 | -------------------------------------------------------------------------------- /etc/modules.d/09-crypto-arc4: -------------------------------------------------------------------------------- 1 | arc4 2 | -------------------------------------------------------------------------------- /etc/modules.d/09-crypto-authenc: -------------------------------------------------------------------------------- 1 | authenc 2 | -------------------------------------------------------------------------------- /etc/modules.d/20-ipv6: -------------------------------------------------------------------------------- 1 | ipv6 2 | -------------------------------------------------------------------------------- /etc/modules.d/20-usb-core: -------------------------------------------------------------------------------- 1 | usb-common 2 | usbcore 3 | -------------------------------------------------------------------------------- /etc/modules.d/25-nls-cp437: -------------------------------------------------------------------------------- 1 | nls_cp437 2 | -------------------------------------------------------------------------------- /etc/modules.d/25-nls-iso8859-1: -------------------------------------------------------------------------------- 1 | nls_iso8859-1 2 | -------------------------------------------------------------------------------- /etc/modules.d/25-nls-iso8859-13: -------------------------------------------------------------------------------- 1 | nls_iso8859-13 2 | -------------------------------------------------------------------------------- /etc/modules.d/25-nls-iso8859-15: -------------------------------------------------------------------------------- 1 | nls_iso8859-15 2 | -------------------------------------------------------------------------------- /etc/modules.d/25-nls-iso8859-2: -------------------------------------------------------------------------------- 1 | nls_iso8859-2 2 | -------------------------------------------------------------------------------- /etc/modules.d/30-atm: -------------------------------------------------------------------------------- 1 | atm 2 | br2684 3 | -------------------------------------------------------------------------------- /etc/modules.d/30-fs-autofs4: -------------------------------------------------------------------------------- 1 | autofs4 2 | -------------------------------------------------------------------------------- /etc/modules.d/30-fs-ext4: -------------------------------------------------------------------------------- 1 | mbcache 2 | jbd2 3 | ext4 4 | -------------------------------------------------------------------------------- /etc/modules.d/30-fs-vfat: -------------------------------------------------------------------------------- 1 | fat 2 | vfat 3 | -------------------------------------------------------------------------------- /etc/modules.d/30-gpio-button-hotplug: -------------------------------------------------------------------------------- 1 | gpio-button-hotplug 2 | -------------------------------------------------------------------------------- /etc/modules.d/31-iptunnel: -------------------------------------------------------------------------------- 1 | ip_tunnel 2 | -------------------------------------------------------------------------------- /etc/modules.d/31-iptunnel4: -------------------------------------------------------------------------------- 1 | tunnel4 2 | -------------------------------------------------------------------------------- /etc/modules.d/31-iptunnel6: -------------------------------------------------------------------------------- 1 | tunnel6 2 | -------------------------------------------------------------------------------- /etc/modules.d/32-ip6-tunnel: -------------------------------------------------------------------------------- 1 | ip6_tunnel 2 | -------------------------------------------------------------------------------- /etc/modules.d/32-ipip: -------------------------------------------------------------------------------- 1 | ipip 2 | -------------------------------------------------------------------------------- /etc/modules.d/32-sit: -------------------------------------------------------------------------------- 1 | sit 2 | -------------------------------------------------------------------------------- /etc/modules.d/34-ifb: -------------------------------------------------------------------------------- 1 | ifb numifbs=8 2 | -------------------------------------------------------------------------------- /etc/modules.d/39-gre: -------------------------------------------------------------------------------- 1 | gre 2 | ip_gre 3 | -------------------------------------------------------------------------------- /etc/modules.d/40-pppoa: -------------------------------------------------------------------------------- 1 | pppoatm 2 | -------------------------------------------------------------------------------- /etc/modules.d/40-scsi-core: -------------------------------------------------------------------------------- 1 | sd_mod 2 | -------------------------------------------------------------------------------- /etc/modules.d/40-usb2: -------------------------------------------------------------------------------- 1 | ehci-hcd 2 | ehci-platform 3 | -------------------------------------------------------------------------------- /etc/modules.d/42-ip6tables: -------------------------------------------------------------------------------- 1 | nf_defrag_ipv6 2 | nf_conntrack_ipv6 3 | ip6_tables 4 | ip6table_filter 5 | ip6table_mangle 6 | ip6table_raw 7 | ip6t_ah 8 | ip6t_eui64 9 | ip6t_frag 10 | ip6t_ipv6header 11 | ip6t_mh 12 | ip6t_hbh 13 | ip6t_rt 14 | ip6t_REJECT 15 | -------------------------------------------------------------------------------- /etc/modules.d/43-ipt-nat6: -------------------------------------------------------------------------------- 1 | nf_nat_ipv6 2 | ip6table_nat 3 | ip6t_MASQUERADE 4 | ip6t_NPT 5 | -------------------------------------------------------------------------------- /etc/modules.d/45-scsi-cdrom: -------------------------------------------------------------------------------- 1 | sr_mod 2 | -------------------------------------------------------------------------------- /etc/modules.d/49-ipt-ipset: -------------------------------------------------------------------------------- 1 | ip_set 2 | ip_set_bitmap_ip 3 | ip_set_bitmap_ipmac 4 | ip_set_bitmap_port 5 | ip_set_hash_ip 6 | ip_set_hash_ipport 7 | ip_set_hash_ipportip 8 | ip_set_hash_ipportnet 9 | ip_set_hash_net 10 | ip_set_hash_netiface 11 | ip_set_hash_netport 12 | ip_set_list_set 13 | xt_set 14 | -------------------------------------------------------------------------------- /etc/modules.d/50-ledtrig-usbdev: -------------------------------------------------------------------------------- 1 | ledtrig-usbdev 2 | -------------------------------------------------------------------------------- /etc/modules.d/50-usb-ohci: -------------------------------------------------------------------------------- 1 | ohci-hcd 2 | -------------------------------------------------------------------------------- /etc/modules.d/60-leds-wndr3700-usb: -------------------------------------------------------------------------------- 1 | leds-wndr3700-usb 2 | -------------------------------------------------------------------------------- /etc/modules.d/70-sched-core: -------------------------------------------------------------------------------- 1 | sch_ingress 2 | sch_hfsc 3 | cls_fw 4 | cls_route 5 | cls_flow 6 | cls_tcindex 7 | cls_u32 8 | em_u32 9 | act_mirred 10 | act_skbedit 11 | -------------------------------------------------------------------------------- /etc/modules.d/73-sched: -------------------------------------------------------------------------------- 1 | act_ipt 2 | act_police 3 | cls_basic 4 | em_cmp 5 | em_meta 6 | em_nbyte 7 | em_text 8 | sch_codel 9 | sch_dsmark 10 | sch_efq_codel 11 | sch_gred 12 | sch_htb 13 | sch_netem 14 | sch_nfq_codel 15 | sch_ns2_codel 16 | sch_pie 17 | sch_prio 18 | sch_qfq 19 | sch_red 20 | sch_sfq 21 | sch_tbf 22 | sch_teql 23 | -------------------------------------------------------------------------------- /etc/modules.d/ath9k: -------------------------------------------------------------------------------- 1 | ath9k 2 | -------------------------------------------------------------------------------- /etc/modules.d/ath9k-htc: -------------------------------------------------------------------------------- 1 | ath9k_htc 2 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-account: -------------------------------------------------------------------------------- 1 | xt_ACCOUNT 2 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-compat-xtables: -------------------------------------------------------------------------------- 1 | compat_xtables 2 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-conntrack: -------------------------------------------------------------------------------- 1 | nf_conntrack 2 | nf_defrag_ipv4 3 | nf_conntrack_ipv4 4 | xt_state 5 | iptable_raw 6 | xt_CT 7 | xt_conntrack 8 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-conntrack-extra: -------------------------------------------------------------------------------- 1 | xt_connbytes 2 | xt_connlimit 3 | xt_connmark 4 | xt_helper 5 | xt_recent 6 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-core: -------------------------------------------------------------------------------- 1 | x_tables 2 | xt_tcpudp 3 | ip_tables 4 | iptable_filter 5 | iptable_mangle 6 | xt_limit 7 | xt_mac 8 | xt_multiport 9 | xt_comment 10 | xt_LOG 11 | xt_TCPMSS 12 | ipt_REJECT 13 | xt_time 14 | xt_mark 15 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-extra: -------------------------------------------------------------------------------- 1 | xt_addrtype 2 | xt_owner 3 | xt_physdev 4 | xt_pkttype 5 | xt_quota 6 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-filter: -------------------------------------------------------------------------------- 1 | xt_string 2 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-hashlimit: -------------------------------------------------------------------------------- 1 | xt_hashlimit 2 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-ipmark: -------------------------------------------------------------------------------- 1 | xt_IPMARK 2 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-ipopt: -------------------------------------------------------------------------------- 1 | xt_dscp 2 | xt_DSCP 3 | xt_length 4 | xt_statistic 5 | xt_tcpmss 6 | xt_CLASSIFY 7 | ipt_ECN 8 | xt_ecn 9 | xt_hl 10 | xt_HL 11 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-nat: -------------------------------------------------------------------------------- 1 | nf_nat 2 | xt_nat 3 | nf_nat_ipv4 4 | iptable_nat 5 | ipt_MASQUERADE 6 | xt_REDIRECT 7 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-nathelper: -------------------------------------------------------------------------------- 1 | nf_conntrack_ftp 2 | nf_conntrack_irc 3 | nf_nat_ftp 4 | nf_nat_irc 5 | -------------------------------------------------------------------------------- /etc/modules.d/ipt-u32: -------------------------------------------------------------------------------- 1 | xt_u32 2 | -------------------------------------------------------------------------------- /etc/modules.d/lib-crc-ccitt: -------------------------------------------------------------------------------- 1 | crc-ccitt 2 | -------------------------------------------------------------------------------- /etc/modules.d/lib-crc16: -------------------------------------------------------------------------------- 1 | crc16 2 | -------------------------------------------------------------------------------- /etc/modules.d/lib-textsearch: -------------------------------------------------------------------------------- 1 | ts_kmp 2 | ts_bm 3 | ts_fsm 4 | -------------------------------------------------------------------------------- /etc/modules.d/nfnetlink: -------------------------------------------------------------------------------- 1 | nfnetlink 2 | -------------------------------------------------------------------------------- /etc/modules.d/ppp: -------------------------------------------------------------------------------- 1 | ppp_async 2 | -------------------------------------------------------------------------------- /etc/modules.d/pppoe: -------------------------------------------------------------------------------- 1 | pppoe 2 | -------------------------------------------------------------------------------- /etc/modules.d/pptp: -------------------------------------------------------------------------------- 1 | pptp 2 | -------------------------------------------------------------------------------- /etc/modules.d/usb-net: -------------------------------------------------------------------------------- 1 | usbnet 2 | -------------------------------------------------------------------------------- /etc/modules.d/usb-storage: -------------------------------------------------------------------------------- 1 | usb-storage 2 | -------------------------------------------------------------------------------- /etc/mtab: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/mtab -------------------------------------------------------------------------------- /etc/ntp.conf: -------------------------------------------------------------------------------- 1 | # use a random selection of 8 public stratum 2 servers 2 | # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers 3 | 4 | #restrict default nomodify notrap noquery 5 | #restrict default noquery 6 | 7 | 8 | restrict 127.0.0.1 9 | 10 | driftfile /tmp/ntp.drift 11 | 12 | # secure time server not ready yet 13 | # server cbbd-secure-ntp.bufferbloat.net iburst autokey 14 | # But the first cosmic background bufferbloat detector is online 15 | server cbbd-ntp.bufferbloat.net iburst 16 | 17 | server 0.openwrt.pool.ntp.org iburst 18 | server 0.openwrt.pool.ntp.org iburst 19 | server 1.openwrt.pool.ntp.org iburst 20 | server 2.openwrt.pool.ntp.org iburst 21 | server 3.openwrt.pool.ntp.org iburst 22 | 23 | # Lets add some more servers than the default 24 | 25 | server 0.pool.ntp.org iburst 26 | server 2.pool.ntp.org iburst 27 | 28 | broadcast ff02::101 autokey 29 | 30 | # GPS(NMEA)+PPS 31 | #server 127.127.20.0 minpoll 4 prefer 32 | #fudge 127.127.20.0 flag3 1 flag2 0 33 | 34 | # SMA PPS 35 | #server 127.127.28.0 minpoll 4 prefer 36 | #fudge 127.127.28.0 refid PPS flag3 1 37 | 38 | #server 192.168.1.253 39 | 40 | -------------------------------------------------------------------------------- /etc/openwrt_release: -------------------------------------------------------------------------------- 1 | DISTRIB_ID="MVP-EA" 2 | DISTRIB_RELEASE="3.10.50-1" 3 | DISTRIB_TAINTS="no-all busybox" 4 | DISTRIB_CODENAME="0785708" 5 | DISTRIB_TARGET="ar71xx/generic" 6 | DISTRIB_REVISION="r41861" 7 | DISTRIB_RELEASE_DATE="1420745793" 8 | DISTRIB_DESCRIPTION="MVP-EA 0785708 r41861 3.10.50-1" 9 | -------------------------------------------------------------------------------- /etc/openwrt_version: -------------------------------------------------------------------------------- 1 | 3.10.50-1 2 | -------------------------------------------------------------------------------- /etc/opkg.conf: -------------------------------------------------------------------------------- 1 | src/gz toronto http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.10.50-1/packages 2 | src/gz snapshots http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages 3 | dest root / 4 | dest ram /tmp 5 | lists_dir ext /var/opkg-lists 6 | option overlay_root /overlay 7 | #option check_signature 1 8 | #option signature_ca_file /etc/ssl/certs/opkg.pem 9 | -------------------------------------------------------------------------------- /etc/passwd: -------------------------------------------------------------------------------- 1 | root:x:0:0:root:/root:/bin/ash 2 | ftp:*:55:55:ftp:/home/ftp:/bin/false 3 | network:*:101:101:network:/var:/bin/false 4 | bind:*:124:124:named:/var:/bin/false 5 | nobody:*:65534:65534:nobody:/var:/bin/false 6 | daemon:*:65534:65534:daemon:/var:/bin/false 7 | news:*:31:31:news:/var/spool/news:/bin/true 8 | www-data:*:33:33:www-data:/etc/www:/bin/false 9 | -------------------------------------------------------------------------------- /etc/passwd-: -------------------------------------------------------------------------------- 1 | root:*:0:0:root:/root:/bin/ash 2 | ftp:*:55:55:ftp:/home/ftp:/bin/false 3 | network:*:101:101:network:/var:/bin/false 4 | bind:*:124:124:named:/var:/bin/false 5 | nobody:*:65534:65534:nobody:/var:/bin/false 6 | daemon:*:65534:65534:daemon:/var:/bin/false 7 | news:*:31:31:news:/var/spool/news:/bin/true 8 | www-data:*:33:33:www-data:/etc/www:/bin/false 9 | -------------------------------------------------------------------------------- /etc/password: -------------------------------------------------------------------------------- 1 | asdf1234 -------------------------------------------------------------------------------- /etc/ppp/chap-secrets: -------------------------------------------------------------------------------- 1 | #USERNAME PROVIDER PASSWORD IPADDRESS 2 | -------------------------------------------------------------------------------- /etc/ppp/filter: -------------------------------------------------------------------------------- 1 | # 2 | # Expression: outbound and not icmp[0] != 8 and not tcp[13] & 4 != 0 3 | # 4 | 19 5 | 48 0 0 0 6 | 21 0 16 1 7 | 40 0 0 2 8 | 21 0 13 33 9 | 48 0 0 13 10 | 21 0 5 1 11 | 40 0 0 10 12 | 69 9 0 8191 13 | 177 0 0 4 14 | 80 0 0 4 15 | 21 6 7 8 16 | 21 0 5 6 17 | 40 0 0 10 18 | 69 3 0 8191 19 | 177 0 0 4 20 | 80 0 0 17 21 | 69 1 0 4 22 | 6 0 0 4 23 | 6 0 0 0 24 | -------------------------------------------------------------------------------- /etc/ppp/options: -------------------------------------------------------------------------------- 1 | #debug 2 | logfile /dev/null 3 | noipdefault 4 | noaccomp 5 | nopcomp 6 | nocrtscts 7 | lock 8 | maxfail 0 9 | lcp-echo-failure 5 10 | lcp-echo-interval 1 11 | -------------------------------------------------------------------------------- /etc/preinit: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2006 OpenWrt.org 3 | # Copyright (C) 2010 Vertical Communications 4 | 5 | [ -z "$PREINIT" ] && exec /sbin/init 6 | 7 | export PATH=/bin:/sbin:/usr/bin:/usr/sbin 8 | 9 | pi_ifname= 10 | pi_ip=192.168.1.1 11 | pi_broadcast=192.168.1.255 12 | pi_netmask=255.255.255.0 13 | 14 | fs_failsafe_ifname= 15 | fs_failsafe_ip=192.168.1.1 16 | fs_failsafe_broadcast=192.168.1.255 17 | fs_failsafe_netmask=255.255.255.0 18 | 19 | fs_failsafe_wait_timeout=2 20 | 21 | pi_suppress_stderr="y" 22 | pi_init_suppress_stderr="y" 23 | pi_init_path="/bin:/sbin:/usr/bin:/usr/sbin" 24 | pi_init_cmd="/sbin/init" 25 | 26 | . /lib/functions.sh 27 | . /lib/functions/preinit.sh 28 | . /lib/functions/system.sh 29 | 30 | boot_hook_init preinit_essential 31 | boot_hook_init preinit_main 32 | boot_hook_init failsafe 33 | boot_hook_init initramfs 34 | boot_hook_init preinit_mount_root 35 | 36 | for pi_source_file in /lib/preinit/*; do 37 | . $pi_source_file 38 | done 39 | 40 | boot_run_hook preinit_essential 41 | 42 | pi_mount_skip_next=false 43 | pi_jffs2_mount_success=false 44 | pi_failsafe_net_message=false 45 | 46 | boot_run_hook preinit_main 47 | -------------------------------------------------------------------------------- /etc/profile: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | [ -f /etc/banner ] && cat /etc/banner 3 | 4 | export PATH=/usr/bin:/usr/sbin:/bin:/sbin 5 | export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6) 6 | export HOME=${HOME:-/root} 7 | export PS1='\u@\h:\w\$ ' 8 | 9 | [ -x /bin/more ] || alias more=less 10 | [ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi 11 | 12 | [ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc 13 | 14 | [ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; } 15 | [ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; } 16 | 17 | # On successful SSH login, set the config variable locking authorized_keys from 18 | # further web updates. 19 | if [ ! -z "$SSH_CONNECTION" -a -f /etc/dropbear/authorized_keys ] ; then 20 | /sbin/uci set openwireless.ssh_success=true 21 | /sbin/uci commit openwireless 22 | fi 23 | -------------------------------------------------------------------------------- /etc/rc.button/failsafe: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | [ "${TYPE}" = "switch" ] || echo ${BUTTON} > /tmp/failsafe_button 4 | -------------------------------------------------------------------------------- /etc/rc.button/reset: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | [ "${ACTION}" = "released" ] || exit 0 4 | 5 | . /lib/functions.sh 6 | 7 | logger "$BUTTON pressed for $SEEN seconds" 8 | 9 | if [ "$SEEN" -lt 1 ] 10 | then 11 | echo "REBOOT" > /dev/console 12 | sync 13 | reboot 14 | elif [ "$SEEN" -gt 5 ] 15 | then 16 | echo "FACTORY RESET" > /dev/console 17 | jffs2reset -y && reboot & 18 | fi 19 | -------------------------------------------------------------------------------- /etc/rc.button/rfkill: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | [ "${ACTION}" = "released" -o -n "${TYPE}" ] || exit 0 4 | 5 | . /lib/functions.sh 6 | 7 | local rfkill_state=0 8 | 9 | wifi_rfkill_set() { 10 | uci set wireless.$1.disabled=$rfkill_state 11 | } 12 | 13 | wifi_rfkill_check() { 14 | local disabled 15 | config_get disabled $1 disabled 16 | [ "$disabled" = "1" ] || rfkill_state=1 17 | } 18 | 19 | config_load wireless 20 | case "${TYPE}" in 21 | "switch") 22 | [ "${ACTION}" = "released" ] && rfkill_state=1 23 | ;; 24 | *) 25 | config_foreach wifi_rfkill_check wifi-device 26 | ;; 27 | esac 28 | config_foreach wifi_rfkill_set wifi-device 29 | uci commit wireless 30 | wifi up 31 | -------------------------------------------------------------------------------- /etc/rc.button/wps: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then 4 | for dir in /var/run/hostapd*; do 5 | [ -d "$dir" ] || continue 6 | hostapd_cli -p "$dir" wps_pbc 7 | done 8 | fi 9 | -------------------------------------------------------------------------------- /etc/rc.d/K50dropbear: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2010 OpenWrt.org 3 | # Copyright (C) 2006 Carlos Sobrinho 4 | 5 | NAME=dropbear 6 | PROG=/usr/sbin/dropbear 7 | START=50 8 | STOP=50 9 | PIDCOUNT=0 10 | 11 | keygen() 12 | { 13 | for keytype in rsa dss; do 14 | # check for keys 15 | key=dropbear/dropbear_${keytype}_host_key 16 | [ -f /tmp/$key -o -s /etc/$key ] || { 17 | # generate missing keys 18 | mkdir -p /tmp/dropbear 19 | [ -x /usr/bin/dropbearkey ] && { 20 | /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start 21 | } & 22 | exit 0 23 | } 24 | done 25 | 26 | lock /tmp/.switch2jffs 27 | mkdir -p /etc/dropbear 28 | mv /tmp/dropbear/dropbear_* /etc/dropbear/ 29 | lock -u /tmp/.switch2jffs 30 | chown root /etc/dropbear 31 | chmod 0700 /etc/dropbear 32 | } 33 | 34 | start() 35 | { 36 | [ -s /etc/dropbear/dropbear_rsa_host_key -a \ 37 | -s /etc/dropbear/dropbear_dss_host_key ] || keygen 38 | } 39 | 40 | stop() 41 | { 42 | : 43 | } 44 | 45 | -------------------------------------------------------------------------------- /etc/rc.d/K85odhcpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=35 4 | STOP=85 5 | USE_PROCD=1 6 | 7 | start_service() { 8 | procd_open_instance 9 | procd_set_param command /usr/sbin/odhcpd 10 | procd_set_param respawn 11 | procd_close_instance 12 | } 13 | 14 | service_triggers() 15 | { 16 | procd_add_reload_trigger "dhcp" 17 | } 18 | 19 | -------------------------------------------------------------------------------- /etc/rc.d/K95luci_fixtime: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=05 4 | STOP=95 5 | 6 | start() { 7 | cat <<' EOF' | lua -l luci.fs -l luci.util - 8 | if (os.time() < 1000000000) then 9 | os.execute('date -s ' .. os.date('%Y%m%d%H%M', luci.fs.mtime("/etc/init.d/luci_fixtime"))) 10 | end 11 | EOF 12 | } 13 | 14 | stop() { 15 | [[ -w /etc/init.d/luci_fixtime ]] && cat /dev/null >> /etc/init.d/luci_fixtime && touch /etc/init.d/luci_fixtime 16 | } 17 | -------------------------------------------------------------------------------- /etc/rc.d/K98boot: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=10 5 | STOP=98 6 | 7 | uci_apply_defaults() { 8 | . /lib/functions/system.sh 9 | 10 | cd /etc/uci-defaults || return 0 11 | files="$(ls)" 12 | [ -z "$files" ] && return 0 13 | mkdir -p /tmp/.uci 14 | for file in $files; do 15 | ( . "./$(basename $file)" ) && rm -f "$file" 16 | done 17 | uci commit 18 | } 19 | 20 | boot() { 21 | [ -f /proc/mounts ] || /sbin/mount_root 22 | [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc 23 | [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD 24 | 25 | mkdir -p /var/run 26 | mkdir -p /var/log 27 | mkdir -p /var/lock 28 | mkdir -p /var/state 29 | mkdir -p /tmp/.uci 30 | chmod 0700 /tmp/.uci 31 | touch /var/log/wtmp 32 | touch /var/log/lastlog 33 | touch /tmp/resolv.conf.auto 34 | ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf 35 | grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug 36 | [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe 37 | 38 | /sbin/kmodloader 39 | 40 | # allow wifi modules time to settle 41 | sleep 1 42 | 43 | /sbin/wifi detect > /tmp/wireless.tmp 44 | [ -s /tmp/wireless.tmp ] && { 45 | cat /tmp/wireless.tmp >> /etc/config/wireless 46 | } 47 | rm -f /tmp/wireless.tmp 48 | 49 | uci_apply_defaults 50 | 51 | # temporary hack until configd exists 52 | /sbin/reload_config 53 | 54 | start 55 | 56 | # create /dev/root if it doesn't exist 57 | [ -e /dev/root -o -h /dev/root ] || { 58 | rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) 59 | [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /etc/rc.d/K99umount: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | STOP=99 5 | stop() { 6 | sync 7 | /bin/umount -a -d -r 8 | } 9 | -------------------------------------------------------------------------------- /etc/rc.d/S00sysfixtime: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2013-2014 OpenWrt.org 3 | 4 | START=00 5 | 6 | boot() { 7 | local curtime="$(date +%s)" 8 | local maxtime="$(find /etc -type f -exec date +%s -r {} \; | sort -nr | head -n1)" 9 | [ $curtime -lt $maxtime ] && \ 10 | date -s @$maxtime && \ 11 | logger -t sysfixtime -p daemon.notice "Time fixed" 12 | } 13 | 14 | -------------------------------------------------------------------------------- /etc/rc.d/S05luci_fixtime: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=05 4 | STOP=95 5 | 6 | start() { 7 | cat <<' EOF' | lua -l luci.fs -l luci.util - 8 | if (os.time() < 1000000000) then 9 | os.execute('date -s ' .. os.date('%Y%m%d%H%M', luci.fs.mtime("/etc/init.d/luci_fixtime"))) 10 | end 11 | EOF 12 | } 13 | 14 | stop() { 15 | [[ -w /etc/init.d/luci_fixtime ]] && cat /dev/null >> /etc/init.d/luci_fixtime && touch /etc/init.d/luci_fixtime 16 | } 17 | -------------------------------------------------------------------------------- /etc/rc.d/S05nameif: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=05 4 | 5 | start() { 6 | /sbin/nameif 7 | } 8 | -------------------------------------------------------------------------------- /etc/rc.d/S10boot: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=10 5 | STOP=98 6 | 7 | uci_apply_defaults() { 8 | . /lib/functions/system.sh 9 | 10 | cd /etc/uci-defaults || return 0 11 | files="$(ls)" 12 | [ -z "$files" ] && return 0 13 | mkdir -p /tmp/.uci 14 | for file in $files; do 15 | ( . "./$(basename $file)" ) && rm -f "$file" 16 | done 17 | uci commit 18 | } 19 | 20 | boot() { 21 | [ -f /proc/mounts ] || /sbin/mount_root 22 | [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc 23 | [ -f /proc/net/vlan/config ] && vconfig set_name_type DEV_PLUS_VID_NO_PAD 24 | 25 | mkdir -p /var/run 26 | mkdir -p /var/log 27 | mkdir -p /var/lock 28 | mkdir -p /var/state 29 | mkdir -p /tmp/.uci 30 | chmod 0700 /tmp/.uci 31 | touch /var/log/wtmp 32 | touch /var/log/lastlog 33 | touch /tmp/resolv.conf.auto 34 | ln -sf /tmp/resolv.conf.auto /tmp/resolv.conf 35 | grep -q debugfs /proc/filesystems && /bin/mount -o noatime -t debugfs debugfs /sys/kernel/debug 36 | [ "$FAILSAFE" = "true" ] && touch /tmp/.failsafe 37 | 38 | /sbin/kmodloader 39 | 40 | # allow wifi modules time to settle 41 | sleep 1 42 | 43 | /sbin/wifi detect > /tmp/wireless.tmp 44 | [ -s /tmp/wireless.tmp ] && { 45 | cat /tmp/wireless.tmp >> /etc/config/wireless 46 | } 47 | rm -f /tmp/wireless.tmp 48 | 49 | uci_apply_defaults 50 | 51 | # temporary hack until configd exists 52 | /sbin/reload_config 53 | 54 | start 55 | 56 | # create /dev/root if it doesn't exist 57 | [ -e /dev/root -o -h /dev/root ] || { 58 | rootdev=$(awk 'BEGIN { RS=" "; FS="="; } $1 == "root" { print $2 }' < /proc/cmdline) 59 | [ -n "$rootdev" ] && ln -s "$rootdev" /dev/root 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /etc/rc.d/S10system: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2014 OpenWrt.org 3 | 4 | START=10 5 | USE_PROCD=1 6 | 7 | validate_system_section() 8 | { 9 | uci_validate_section system system "${1}" \ 10 | 'hostname:string:OpenWrt' \ 11 | 'conloglevel:uinteger' \ 12 | 'buffersize:uinteger' \ 13 | 'timezone:string:UTC' \ 14 | 'zonename:string' 15 | 16 | return $? 17 | } 18 | 19 | system_config() { 20 | local cfg="$1" 21 | 22 | local hostname conloglevel buffersize timezone zonename 23 | 24 | validate_system_section "${1}" || { 25 | echo "validation failed" 26 | return 1 27 | } 28 | 29 | echo "$hostname" > /proc/sys/kernel/hostname 30 | [ -z "$conloglevel" -a -z "$buffersize" ] || dmesg ${conloglevel:+-n $conloglevel} ${buffersize:+-s $buffersize} 31 | echo "$timezone" > /tmp/TZ 32 | [ -n "$zonename" ] && [ -f "/usr/share/zoneinfo/$zonename" ] && ln -s "/usr/share/zoneinfo/$zonename" /tmp/localtime 33 | 34 | # apply timezone to kernel 35 | date -k 36 | } 37 | 38 | reload_service() { 39 | config_load system 40 | config_foreach system_config system 41 | } 42 | 43 | service_triggers() 44 | { 45 | procd_add_reload_trigger "system" 46 | procd_add_validation validate_system_section 47 | } 48 | 49 | start_service() { 50 | reload_service 51 | } 52 | -------------------------------------------------------------------------------- /etc/rc.d/S11sysctl: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | START=11 5 | start() { 6 | [ -f /etc/sysctl.conf ] && sysctl -p -e >&- 7 | } 8 | -------------------------------------------------------------------------------- /etc/rc.d/S19firewall: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=19 4 | USE_PROCD=1 5 | QUIET="" 6 | 7 | validate_firewall_redirect() 8 | { 9 | uci_validate_section firewall redirect "${1}" \ 10 | 'proto:or(uinteger, string)' \ 11 | 'src:string' \ 12 | 'src_ip:cidr' \ 13 | 'src_dport:or(port, portrange)' \ 14 | 'dest:string' \ 15 | 'dest_ip:cidr' \ 16 | 'dest_port:or(port, portrange)' \ 17 | 'target:or("SNAT", "DNAT")' 18 | 19 | return $? 20 | } 21 | 22 | validate_firewall_rule() 23 | { 24 | uci_validate_section firewall rule "${1}" \ 25 | 'proto:or(uinteger, string)' \ 26 | 'src:string' \ 27 | 'dest:string' \ 28 | 'src_port:or(port, portrange)' \ 29 | 'dest_port:or(port, portrange)' \ 30 | 'target:string' 31 | 32 | return $? 33 | } 34 | 35 | service_triggers() { 36 | procd_add_reload_trigger firewall 37 | 38 | procd_open_validate 39 | validate_firewall_redirect 40 | validate_firewall_rule 41 | procd_close_validate 42 | } 43 | 44 | restart() { 45 | fw3 restart 46 | } 47 | 48 | start_service() { 49 | fw3 ${QUIET} start 50 | } 51 | 52 | stop_service() { 53 | fw3 flush 54 | } 55 | 56 | reload_service() { 57 | fw3 reload 58 | } 59 | 60 | boot() { 61 | # Be silent on boot, firewall might be started by hotplug already, 62 | # so don't complain in syslog. 63 | QUIET=1 64 | start 65 | } 66 | -------------------------------------------------------------------------------- /etc/rc.d/S35odhcpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=35 4 | STOP=85 5 | USE_PROCD=1 6 | 7 | start_service() { 8 | procd_open_instance 9 | procd_set_param command /usr/sbin/odhcpd 10 | procd_set_param respawn 11 | procd_close_instance 12 | } 13 | 14 | service_triggers() 15 | { 16 | procd_add_reload_trigger "dhcp" 17 | } 18 | 19 | -------------------------------------------------------------------------------- /etc/rc.d/S40alttcp: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | START=40 3 | 4 | PDIR=/proc/sys/net/ipv4/ 5 | SERVICE_USE_PID=0 6 | 7 | check_available() { 8 | local cong=$1 9 | local y=0 10 | local i=" " 11 | insmod tcp_$cong 2> /dev/null 12 | local a=`cat $PDIR/tcp_available_congestion_control` 13 | for i in $a 14 | do 15 | if [ "$i" = "$cong" ] 16 | then 17 | y=1 18 | fi 19 | done 20 | echo $y 21 | } 22 | 23 | parse_allowed() { 24 | config_list_foreach $1 $2 $3 25 | } 26 | 27 | alttcp_addproto() { 28 | local argv="$1" 29 | local r=`check_available $argv` 30 | [ "$r" = "1" ] && append protos "$argv" 31 | } 32 | 33 | alttcp_config() { 34 | local cfg="$1" 35 | local interface 36 | local _loctmp 37 | config_list_foreach $cfg 'allowed' alttcp_addproto 38 | config_get default $cfg default 39 | } 40 | 41 | start() { 42 | config_load alttcp 43 | unset args 44 | unset protos 45 | config_foreach alttcp_config alttcp 46 | [ ! -z "$protos" ] && echo $protos > $PDIR/tcp_allowed_congestion_control 47 | echo $default > $PDIR/tcp_congestion_control 48 | } 49 | 50 | stop() { 51 | : 52 | } 53 | -------------------------------------------------------------------------------- /etc/rc.d/S40fstab: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # (C) 2013 openwrt.org 3 | 4 | START=40 5 | 6 | start() { 7 | echo "this file has been obseleted. please call \"/sbin/block mount\" directly" 8 | /sbin/block mount 9 | } 10 | 11 | stop() { 12 | echo "this file has been obseleted. please call \"/sbin/block umount\" directly" 13 | /sbin/block umount 14 | } 15 | -------------------------------------------------------------------------------- /etc/rc.d/S50cron: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | 6 | USE_PROCD=1 7 | PROG=/usr/sbin/crond 8 | 9 | validate_cron_section() { 10 | uci_validate_section system system "${1}" \ 11 | 'cronloglevel:uinteger' 12 | } 13 | 14 | start_service () { 15 | [ -z "$(ls /etc/crontabs/)" ] && return 1 16 | 17 | loglevel=$(uci_get "system.@system[0].cronloglevel") 18 | 19 | [ -z "${loglevel}" ] || { 20 | /sbin/validate_data uinteger "${loglevel}" 21 | [ "$?" -eq 0 ] || { 22 | echo "validation failed" 23 | return 1 24 | } 25 | } 26 | 27 | mkdir -p /var/spool/cron 28 | ln -s /etc/crontabs /var/spool/cron/ 2>/dev/null 29 | 30 | procd_open_instance 31 | procd_set_param command "$PROG" -f -c /etc/crontabs -l ${loglevel:-5} 32 | procd_close_instance 33 | } 34 | 35 | service_triggers() 36 | { 37 | procd_add_validation validate_cron_section 38 | } 39 | -------------------------------------------------------------------------------- /etc/rc.d/S50dropbear: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2010 OpenWrt.org 3 | # Copyright (C) 2006 Carlos Sobrinho 4 | 5 | NAME=dropbear 6 | PROG=/usr/sbin/dropbear 7 | START=50 8 | STOP=50 9 | PIDCOUNT=0 10 | 11 | keygen() 12 | { 13 | for keytype in rsa dss; do 14 | # check for keys 15 | key=dropbear/dropbear_${keytype}_host_key 16 | [ -f /tmp/$key -o -s /etc/$key ] || { 17 | # generate missing keys 18 | mkdir -p /tmp/dropbear 19 | [ -x /usr/bin/dropbearkey ] && { 20 | /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start 21 | } & 22 | exit 0 23 | } 24 | done 25 | 26 | lock /tmp/.switch2jffs 27 | mkdir -p /etc/dropbear 28 | mv /tmp/dropbear/dropbear_* /etc/dropbear/ 29 | lock -u /tmp/.switch2jffs 30 | chown root /etc/dropbear 31 | chmod 0700 /etc/dropbear 32 | } 33 | 34 | start() 35 | { 36 | [ -s /etc/dropbear/dropbear_rsa_host_key -a \ 37 | -s /etc/dropbear/dropbear_dss_host_key ] || keygen 38 | } 39 | 40 | stop() 41 | { 42 | : 43 | } 44 | 45 | -------------------------------------------------------------------------------- /etc/rc.d/S50lighttpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | PROG=/usr/sbin/lighttpd 6 | CONFIGFILE=/etc/lighttpd/lighttpd.conf 7 | LOGDIR=/var/log/lighttpd 8 | USE_PROCD=1 9 | 10 | start_service() { 11 | mkdir -m 0755 -p $LOGDIR 12 | 13 | procd_open_instance 14 | procd_set_param command $PROG -D -f $CONFIGFILE 15 | procd_set_param file $CONFIGFILE 16 | procd_set_param respawn 17 | procd_close_instance 18 | 19 | } 20 | 21 | -------------------------------------------------------------------------------- /etc/rc.d/S50pimd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=50 5 | USE_PROCD=1 6 | PROG=/usr/sbin/pimd 7 | 8 | start_service() { 9 | procd_open_instance 10 | procd_set_param command "$PROG" -f 11 | procd_set_param respawn 12 | procd_close_instance 13 | } 14 | 15 | -------------------------------------------------------------------------------- /etc/rc.d/S50sqm: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=50 4 | 5 | reload() 6 | { 7 | /usr/lib/sqm/run.sh 8 | } 9 | 10 | restart() 11 | { 12 | reload 13 | } 14 | 15 | start() 16 | { 17 | reload 18 | } 19 | 20 | stop() 21 | { 22 | /usr/lib/sqm/run.sh stop 23 | } -------------------------------------------------------------------------------- /etc/rc.d/S50telnet: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | 6 | USE_PROCD=1 7 | PROG=/usr/sbin/telnetd 8 | 9 | has_root_pwd() { 10 | local pwd=$([ -f "$1" ] && cat "$1") 11 | pwd="${pwd#*root:}" 12 | pwd="${pwd%%:*}" 13 | 14 | test -n "${pwd#[\!x]}" 15 | } 16 | 17 | get_root_home() { 18 | local homedir=$([ -f "$1" ] && cat "$1") 19 | homedir="${homedir#*:*:0:0:*:}" 20 | 21 | echo "${homedir%%:*}" 22 | } 23 | 24 | has_ssh_pubkey() { 25 | ( /etc/init.d/dropbear enabled 2> /dev/null && grep -qs "^ssh-" /etc/dropbear/authorized_keys ) || \ 26 | ( /etc/init.d/sshd enabled 2> /dev/null && grep -qs "^ssh-" "$(get_root_home /etc/passwd)"/.ssh/authorized_keys ) 27 | } 28 | 29 | start_service() { 30 | if ( ! has_ssh_pubkey && \ 31 | ! has_root_pwd /etc/passwd && ! has_root_pwd /etc/shadow ) || \ 32 | ( ! /etc/init.d/dropbear enabled 2> /dev/null && ! /etc/init.d/sshd enabled 2> /dev/null ); 33 | then 34 | procd_open_instance 35 | procd_set_param command "$PROG" -F -l /bin/login.sh 36 | procd_close_instance 37 | fi 38 | } 39 | -------------------------------------------------------------------------------- /etc/rc.d/S50xinetd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006-2011 OpenWrt.org 3 | 4 | START=50 5 | 6 | SERVICE_USE_PID=1 7 | 8 | start() { 9 | service_start /usr/sbin/xinetd -pidfile /var/run/xinetd.pid 10 | } 11 | 12 | stop() { 13 | service_stop /usr/sbin/xinetd 14 | } 15 | 16 | -------------------------------------------------------------------------------- /etc/rc.d/S59luci_dhcp_migrate: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=59 4 | 5 | boot() { 6 | if [ -f /etc/config/luci_ethers ]; then 7 | logger -t luci_dhcp_migrate "Migrating luci_ethers configuration ..." 8 | 9 | lua -lluci.model.uci -e ' 10 | x=luci.model.uci.cursor() 11 | x:foreach("luci_ethers", "static_lease", 12 | function(s) 13 | x:section("dhcp", "host", nil, {mac=s.macaddr, ip=s.ipaddr}) 14 | end) 15 | x:save("dhcp") 16 | x:commit("dhcp") 17 | ' 18 | 19 | rm -f /etc/config/luci_ethers 20 | fi 21 | 22 | if [ -f /etc/config/luci_hosts ]; then 23 | logger -t luci_dhcp_migrate "Migrating luci_hosts configuration ..." 24 | 25 | lua -lluci.model.uci -e ' 26 | x=luci.model.uci.cursor() 27 | x:foreach("luci_hosts", "host", 28 | function(s) 29 | x:section("dhcp", "domain", nil, {name=s.hostname, ip=s.ipaddr}) 30 | end) 31 | x:save("dhcp") 32 | x:commit("dhcp") 33 | ' 34 | 35 | rm -f /etc/config/luci_hosts 36 | fi 37 | } 38 | 39 | start() { :; } 40 | stop() { :; } 41 | 42 | -------------------------------------------------------------------------------- /etc/rc.d/S60dbus: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2007-2011 OpenWrt.org 3 | 4 | START=60 5 | 6 | SERVICE_PID_FILE=/var/run/dbus.pid 7 | 8 | start() { 9 | mkdir -m 0755 -p /var/lib/dbus 10 | mkdir -m 0755 -p /var/run/dbus 11 | [ -x /usr/bin/dbus-uuidgen ] && /usr/bin/dbus-uuidgen --ensure 12 | service_start /usr/sbin/dbus-daemon --system 13 | } 14 | 15 | stop() { 16 | service_stop /usr/sbin/dbus-daemon && rm $SERVICE_PID_FILE 17 | } 18 | -------------------------------------------------------------------------------- /etc/rc.d/S60wol: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2007 OpenWrt.org 3 | 4 | START=60 5 | 6 | append_string() { 7 | local section="$1" 8 | local option="$2" 9 | local value="$3" 10 | local _val 11 | config_get _val "$section" "$option" 12 | [ -n "$_val" ] && append args "$3$_val" 13 | } 14 | 15 | start_service() { 16 | local cfg="$1" 17 | args="" 18 | 19 | append_string "$cfg" broadcast "--host=" 20 | append_string "$cfg" port "--port=" 21 | append_string "$cfg" password "--passwd=" 22 | append_string "$cfg" mac "" 23 | config_get_bool enabled "$cfg" "enabled" '1' 24 | [ "$enabled" -gt 0 ] && /usr/bin/wol $args 25 | } 26 | 27 | start() { 28 | config_load wol 29 | config_foreach start_service wol-target 30 | } 31 | -------------------------------------------------------------------------------- /etc/rc.d/S61avahi-daemon: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2014 OpenWrt.org 3 | START=61 4 | USE_PROCD=1 5 | 6 | PROG=/usr/sbin/avahi-daemon 7 | CONFIGFILE=/etc/avahi/avahi-daemon.conf 8 | 9 | start_service() { 10 | procd_open_instance 11 | procd_set_param command $PROG -s 12 | procd_set_param file $CONFIGFILE 13 | procd_set_param respawn 14 | procd_close_instance 15 | } 16 | 17 | reload() { 18 | $PROG -r 19 | } 20 | 21 | -------------------------------------------------------------------------------- /etc/rc.d/S95ddns: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | START=95 3 | 4 | start() { 5 | . /usr/lib/ddns/dynamic_dns_functions.sh 6 | start_daemon_for_all_ddns_sections 7 | } 8 | 9 | stop() { 10 | killall -9 dynamic_dns_updater.sh 11 | } 12 | 13 | -------------------------------------------------------------------------------- /etc/rc.d/S95done: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | START=95 5 | boot() { 6 | [ -d /tmp/root ] && mount_root done 7 | 8 | # process user commands 9 | [ -f /etc/rc.local ] && { 10 | sh /etc/rc.local 11 | } 12 | 13 | # set leds to normal state 14 | . /etc/diag.sh 15 | set_state done 16 | } 17 | -------------------------------------------------------------------------------- /etc/rc.d/S98rngd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=98 5 | USE_PROCD=1 6 | PROG=/sbin/rngd 7 | 8 | RNGD_INTERVAL=30 9 | RNGD_AMOUNT=4000 10 | RNGD_DEVICE="/dev/urandom" 11 | 12 | start_service() { 13 | procd_open_instance 14 | procd_set_param command $PROG -f -r $RNGD_DEVICE -W $RNGD_AMOUNT -t $RNGD_INTERVAL 15 | procd_set_param respawn 16 | procd_close_instance 17 | } 18 | -------------------------------------------------------------------------------- /etc/rc.d/S98sysntpd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=98 5 | 6 | USE_PROCD=1 7 | PROG=/usr/sbin/ntpd 8 | 9 | validate_ntp_section() { 10 | uci_validate_section system timeserver "${1}" \ 11 | 'server:list(host)' 'enable_server:bool:0' 12 | } 13 | 14 | start_service() { 15 | local server enable_server peer 16 | 17 | validate_ntp_section ntp || { 18 | echo "validation failed" 19 | return 1 20 | } 21 | 22 | [ -z "$server" ] && return 23 | 24 | procd_open_instance 25 | procd_set_param command "$PROG" -n -S /usr/sbin/ntpd_record_stratum 26 | [ "$enable_server" = "1" ] && procd_append_param command -l 27 | for peer in $server; do 28 | procd_append_param command -p $peer 29 | done 30 | procd_set_param respawn 31 | procd_close_instance 32 | } 33 | 34 | service_triggers() 35 | { 36 | procd_add_reload_trigger "system" 37 | procd_add_validation validate_ntp_section 38 | } 39 | -------------------------------------------------------------------------------- /etc/rc.d/S99sudo: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2011 OpenWrt.org 3 | 4 | START=99 5 | 6 | start() { 7 | [ -d /var/lib/sudo ] || { 8 | mkdir -m 0755 -p /var/lib/sudo 9 | chmod 0700 /var/lib/sudo 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /etc/rc.local: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | chown -R www-data:www-data /etc/auth 4 | chmod 0700 /etc/auth 5 | 6 | # Since lighttpd and therefore the Python routerapi runs as www-data, 7 | # it needs to be able to read /etc/dropbear/authorized_keys to know 8 | # whether SSH has been enabled. /etc/rc.d/S50dropbear sets the directory to 0700 9 | # but this is excessive. The host keys need to be rw-------, and they are 10 | # already. /etc/dropbear/authorized_keys can be world-readable since it contains 11 | # public keys. 12 | chmod 0755 /etc/dropbear 13 | 14 | tor 15 | python /lib/update/create-crontab.py 16 | crond 17 | 18 | chown www-data:www-data /etc/TZ 19 | chmod 0644 /etc/TZ 20 | 21 | /etc/init.d/firewall restart 22 | 23 | rm /etc/lighttpd/conf.d/* 24 | /etc/init.d/lighttpd restart 25 | 26 | exit 0 27 | -------------------------------------------------------------------------------- /etc/resolv.conf: -------------------------------------------------------------------------------- 1 | search home.lan 2 | nameserver 127.0.0.1 3 | -------------------------------------------------------------------------------- /etc/shadow: -------------------------------------------------------------------------------- 1 | root::16249:0:99999:7::: 2 | daemon:*:0:0:99999:7::: 3 | ftp:*:0:0:99999:7::: 4 | network:*:0:0:99999:7::: 5 | nobody:*:0:0:99999:7::: 6 | bind:*:0:0:99999:7::: 7 | daemon:*:0:0:99999:7::: 8 | news:*:0:0:99999:7::: 9 | www-data:*:0:0:99999:7::: 10 | -------------------------------------------------------------------------------- /etc/shadow-: -------------------------------------------------------------------------------- 1 | root::15226:0:99999:7::: 2 | daemon:*:0:0:99999:7::: 3 | ftp:*:0:0:99999:7::: 4 | network:*:0:0:99999:7::: 5 | nobody:*:0:0:99999:7::: 6 | bind:*:0:0:99999:7::: 7 | daemon:*:0:0:99999:7::: 8 | news:*:0:0:99999:7::: 9 | www-data:*:0:0:99999:7::: 10 | -------------------------------------------------------------------------------- /etc/shells: -------------------------------------------------------------------------------- 1 | /bin/ash 2 | -------------------------------------------------------------------------------- /etc/snmp/snmpd.conf: -------------------------------------------------------------------------------- 1 | agentaddress UDP:161 2 | sysLocation office 3 | sysContact bofh@example.com 4 | sysName HeartOfGold 5 | com2sec ro default public 6 | com2sec rw localhost private 7 | group public v1 ro 8 | group public v2c ro 9 | group public usm ro 10 | group private v1 rw 11 | group private v2c rw 12 | group private usm rw 13 | view all included .1 14 | access public "" any noauth exact all none none 15 | access private "" any noauth exact all all all 16 | exec filedescriptors /bin/cat /proc/sys/fs/file-nr 17 | -------------------------------------------------------------------------------- /etc/ssl/certs/opkg.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDuTCCAqGgAwIBAgIJANvwnKMc0R5fMA0GCSqGSIb3DQEBBQUAMHMxCzAJBgNV 3 | BAYTAlVTMREwDwYDVQQIDAhFaGVyZVdvbjEUMBIGA1UEBwwLTHVwaW4gTG9kZ2Ux 4 | EDAOBgNVBAoMB0Nlcm93cnQxETAPBgNVBAsMCFBhcmFub2lhMRYwFAYDVQQDDA1n 5 | dy5ob21lLmxvY2FsMB4XDTEzMTAyMTA0NTYzOFoXDTE0MDExOTA0NTYzOFowczEL 6 | MAkGA1UEBhMCVVMxETAPBgNVBAgMCEVoZXJlV29uMRQwEgYDVQQHDAtMdXBpbiBM 7 | b2RnZTEQMA4GA1UECgwHQ2Vyb3dydDERMA8GA1UECwwIUGFyYW5vaWExFjAUBgNV 8 | BAMMDWd3LmhvbWUubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB 9 | AQDpH5Z2Aq5unOrCNspPtGUu+YDqjIbHQUHvo9BcVGbq6LilyueSiZPV0hwxEc1+ 10 | FJ/iU8xS2o7BbtPo9MZiE7R7SM6dauTXVPXnQFfGms265g5K8Kvyxb0VFBo76zZl 11 | pfKgPRstQxckcXaLQG9qAsZFiZn4eHx7BOS4LgklsZ8jdr6p9GIe7xFbGxwQdjTM 12 | nURgV7Oq8rwNxuhuJMbqEwojnZW+bdzxNp/2HxIaqd5J5Pi8rLGVIm58U3VpaAll 13 | HDDerPKh2mN8HlZsjPy1uxeHBBsMVd5B+4ZZyf2kiBP0OvqFr4h0SRaN6LusRvgg 14 | uURpicdU9lfgvJ5C8aG38HofAgMBAAGjUDBOMB0GA1UdDgQWBBQiLjjjQhTZwzuc 15 | gZOwTcrufPY8uzAfBgNVHSMEGDAWgBQiLjjjQhTZwzucgZOwTcrufPY8uzAMBgNV 16 | HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAWBYt0Nqm19+kjVYhFxFD+lUOn 17 | LageCiCbb7Xrj8TTwlSIgljdtQIfxKl4lbSUkf7E6ac3vpjgl/faMMoDLIthxNV3 18 | QFoVU9JeXv9/ZP4h1lgut0yw0Vxh+2YSNdqkyUeKr7/AKW5tNmQdo8IURGRMziXa 19 | 2vzySH+7mH9FmemCI1B7JVYtuYLTu2YPMS0q/4EiEiU0qRFB6XcGCXLDuJkhtO88 20 | axB05vglmro0dxhFIYIJOIcRneKuNdHyglxnl2UTjN7cdr6OvxP3orAcURNv7Z1q 21 | OsryyAUaCk0G4kQbiQTOyW9TUIabJwyMkeM1/tJw9GSMdzWtRfetHYDfQ34O 22 | -----END CERTIFICATE----- 23 | -------------------------------------------------------------------------------- /etc/ssl/private/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/ssl/private/.keep -------------------------------------------------------------------------------- /etc/sudoers: -------------------------------------------------------------------------------- 1 | root ALL=(ALL) ALL 2 | # www-data is allowed to run as root certain commands it needs in 3 | # order to configure the router. 4 | www-data ALL=(root)NOPASSWD:/sbin/wifi,/usr/sbin/iptaccount,/sbin/uci,/bin/ping,/sbin/reboot,/www/cgi-bin/routerapi/ssh_key,/lib/update/update.py 5 | -------------------------------------------------------------------------------- /etc/sysctl.conf: -------------------------------------------------------------------------------- 1 | kernel.panic=3 2 | net.ipv4.conf.default.arp_ignore=1 3 | net.ipv4.conf.all.arp_ignore=1 4 | net.ipv4.ip_forward=1 5 | net.ipv4.icmp_echo_ignore_broadcasts=1 6 | net.ipv4.icmp_ignore_bogus_error_responses=1 7 | net.ipv4.tcp_ecn=1 8 | net.ipv4.tcp_sack=1 9 | net.ipv4.tcp_dsack=1 10 | net.ipv4.tcp_fin_timeout=30 11 | net.ipv4.tcp_keepalive_time=120 12 | net.ipv4.tcp_syncookies=1 13 | net.ipv4.tcp_timestamps=1 14 | 15 | net.ipv4.netfilter.ip_conntrack_checksum=0 16 | net.ipv4.netfilter.ip_conntrack_max=16384 17 | net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=432000 18 | net.ipv4.netfilter.ip_conntrack_udp_timeout=60 19 | net.ipv4.netfilter.ip_conntrack_udp_timeout_stream=180 20 | net.ipv6.conf.all.forwarding=1 21 | 22 | net.netfilter.nf_conntrack_checksum=0 23 | net.netfilter.nf_conntrack_max=16384 24 | net.netfilter.nf_conntrack_tcp_timeout_established=3600 25 | net.netfilter.nf_conntrack_udp_timeout=60 26 | net.netfilter.nf_conntrack_udp_timeout_stream=180 27 | 28 | # disable bridge firewalling by default 29 | net.bridge.bridge-nf-call-arptables=0 30 | net.bridge.bridge-nf-call-ip6tables=0 31 | net.bridge.bridge-nf-call-iptables=0 32 | 33 | net.ipv4.neigh.default.gc_thresh2 = 4096 34 | net.ipv4.neigh.default.gc_thresh3 = 8192 35 | 36 | net.core.rmem_max = 2097152 37 | net.core.wmem_max = 2097152 38 | net.ipv4.tcp_rmem = 4096 87380 2097152 39 | net.ipv4.tcp_wmem = 4096 65536 2097152 40 | -------------------------------------------------------------------------------- /etc/sysupgrade.conf: -------------------------------------------------------------------------------- 1 | ## This file contains files and directories that should 2 | ## be preserved during an upgrade. 3 | 4 | # /etc/example.conf 5 | # /etc/openvpn/ 6 | 7 | /etc/auth/ 8 | 9 | -------------------------------------------------------------------------------- /etc/tor/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/tor/.keep -------------------------------------------------------------------------------- /etc/uci-defaults/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/uci-defaults/.keep -------------------------------------------------------------------------------- /etc/update_key.gpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/etc/update_key.gpg -------------------------------------------------------------------------------- /etc/xinetd.conf: -------------------------------------------------------------------------------- 1 | defaults 2 | { 3 | per_source = 16 4 | only_from = 192.168.0.0/16 172.16.0.0/12 5 | instances = 18 6 | max_load = 16 7 | } 8 | 9 | includedir /etc/xinetd.d 10 | 11 | -------------------------------------------------------------------------------- /etc/xinetd.d/netserver: -------------------------------------------------------------------------------- 1 | service netperf 2 | { 3 | disable = no 4 | socket_type = stream 5 | wait = no 6 | user = nobody 7 | port = 12865 8 | type = UNLISTED 9 | server = /usr/bin/netserver 10 | server_args = -N 11 | flags = IPv6 12 | log_on_success += HOST USERID 13 | log_on_failure += HOST USERID 14 | instances = 16 15 | } 16 | 17 | -------------------------------------------------------------------------------- /etc/xinetd.d/ssh: -------------------------------------------------------------------------------- 1 | service ssh 2 | { 3 | port = 22 4 | protocol = tcp 5 | type = UNLISTED 6 | disable = no 7 | socket_type = stream 8 | wait = no 9 | user = root 10 | log_on_failure += USERID 11 | server = /usr/sbin/dropbear 12 | server_args = -i 13 | flags = IPV6 14 | } 15 | 16 | -------------------------------------------------------------------------------- /infra/etc/init/xvfb.conf: -------------------------------------------------------------------------------- 1 | # Xvfb - Xvfb virtual X windows 2 | 3 | description "Xvfb server" 4 | 5 | start on runlevel [2345] 6 | stop on runlevel [!2345] 7 | 8 | respawn 9 | respawn limit 10 5 10 | umask 022 11 | 12 | exec /usr/bin/Xvfb :0 -screen 0 1024x768x24 13 | -------------------------------------------------------------------------------- /infra/repositories.conf: -------------------------------------------------------------------------------- 1 | src/gz bufferbloat http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.10.50-1/packages 2 | src/gz barrier_breaker_base http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/base 3 | src/gz barrier_breaker_luci http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/luci 4 | src/gz barrier_breaker_management http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/management 5 | src/gz barrier_breaker_oldpackages http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/oldpackages 6 | src/gz barrier_breaker_packages http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/packages 7 | src/gz barrier_breaker_routing http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/routing 8 | src/gz barrier_breaker_telephony http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/telephony 9 | 10 | ## This is the local package repository, do not remove! 11 | src imagebuilder file:packages 12 | -------------------------------------------------------------------------------- /install-dev-dependencies.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | # On Ubuntu and similar systems, install packages that are necessary and/or 3 | # useful to build and debug OpenWireless. 4 | 5 | set -o nounset 6 | 7 | INSTALL_XVFB="" 8 | ACCEPT_INSTALL_PROMPTS="" 9 | 10 | while getopts "xa" ARG; do 11 | case $ARG in 12 | x) 13 | INSTALL_XVFB=true 14 | ;; 15 | a) 16 | ACCEPT_INSTALL_PROMPTS=--assume-yes 17 | ;; 18 | \?) 19 | cat < $ETC/uci.json 31 | cp local-lighttpd.pem $ETC/lighttpd.pem 32 | 33 | $REPO_DIR/scripts/template $LIGHTTPD_CONF_TEMPLATE > $ETC/lighttpd.conf < $ETC/conf.d/local-test-server.conf < var.CWD, 50 | "OVERRIDE_PATH" => var.CWD + "/..", 51 | "OVERRIDE_VAR" => var.CWD + "/../port-$HTTP_PORT-var" 52 | ) 53 | EOS 54 | cd $ETC 55 | echo "Access the web UI on http://localhost:$HTTP_PORT/" 56 | exec lighttpd -D -f $ETC/lighttpd.conf "$@" 57 | -------------------------------------------------------------------------------- /local-lighttpd/run-lots.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd $(dirname $0) 3 | DIR=$(pwd) 4 | REPO_DIR=`cd $DIR/.. && pwd` 5 | ./changeReleaseDate 6 | 7 | cd $(dirname $0) 8 | killall lighttpd 9 | for n in `seq 8000 8020` ; do 10 | export HTTP_PORT=$n 11 | ./run-local-lighttpd.sh $HTTP_PORT & 12 | done 13 | -------------------------------------------------------------------------------- /local-lighttpd/run.py: -------------------------------------------------------------------------------- 1 | """ 2 | Mock out run.py, which is a thin wrapper around subprocess.check_output. 3 | """ 4 | import random 5 | import time 6 | 7 | def check_output(arg_list): 8 | if arg_list[:3] == ['/usr/bin/sudo', '/usr/sbin/iptaccount', '-l']: 9 | return """ 10 | 11 | libxt_ACCOUNT_cl userspace accounting tool v1.3 12 | 13 | Showing table: total-wan 14 | Run #0 - 1 item found 15 | IP: 0.0.0.0 SRC packets: 13965 bytes: %ld DST packets: 0 bytes: 0 16 | Finished. 17 | """ % int(time.time() * 100000 + random.uniform(0, 40000)) 18 | elif arg_list == ['/usr/bin/sudo', '/bin/ping', '-c1', 'eff.org']: 19 | return """ 20 | PING eff.org (69.50.225.155): 56 data bytes 21 | 64 bytes from 69.50.225.155: seq=0 ttl=49 time=91.893 ms 22 | 23 | --- eff.org ping statistics --- 24 | 1 packets transmitted, 1 packets received, 0% packet loss 25 | round-trip min/avg/max = 91.893/91.893/91.893 ms 26 | """ 27 | else: 28 | return "Didn't recognize command" 29 | -------------------------------------------------------------------------------- /local-lighttpd/uci.py: -------------------------------------------------------------------------------- 1 | """ 2 | Override implementation for routerapi/uci.py when running local-lighttpd. 3 | Instead of calling out to /sbin/uci, which probably doesn't exist, store 4 | name-value pairs in a JSON file in OVERRIDE_ETC. 5 | """ 6 | import json 7 | import os 8 | 9 | import common 10 | 11 | uci_path = os.path.join(common.get_etc(), 'uci.json') 12 | try: 13 | with open(uci_path) as f: 14 | data = json.loads(f.read()) 15 | except IOError: 16 | data = {} 17 | 18 | def get(name): 19 | validate(name) 20 | return data.get(name) 21 | 22 | def set(name, value): 23 | validate(name) 24 | validate(value) 25 | data[name] = value 26 | 27 | def commit(namespace): 28 | with open(uci_path, 'w') as f: 29 | f.write(json.dumps(data)) 30 | 31 | def validate(string): 32 | if len(string) > 200: 33 | raise Exception('String input to UCI too long.') 34 | if string.find('\00') != -1: 35 | raise Exception('Invalid input: contains null bytes.') 36 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "OpenWireless", 3 | "repository": { 4 | "type": "git", 5 | "url": "git://github.com/EFForg/OpenWireless.git" 6 | }, 7 | "version": "0.0.0", 8 | "description": "", 9 | "scripts": { 10 | "test": "js -e \"require('grunt').tasks(['test']);\"" 11 | }, 12 | "author": "Kevin Wilson", 13 | "devDependencies": { 14 | "phantomjs": "*", 15 | "karma-script-launcher": "~0.1.0", 16 | "karma-chrome-launcher": "~0.1.2", 17 | "karma-firefox-launcher": "~0.1.3", 18 | "karma-ie-launcher": "~0.1", 19 | "karma-jasmine": "~0.1.5", 20 | "karma-phantomjs-launcher": "~0.1.2", 21 | "karma": "~0.10.9", 22 | "karma-story-reporter": "~0.2.2", 23 | "grunt-karma": "~0.6.2", 24 | "grunt": "", 25 | "karma-sauce-launcher": "~0.1.8", 26 | "handlebars": "1.3.0" 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /release-testing.txt: -------------------------------------------------------------------------------- 1 | Testing tasks before releasing a new firmware: 2 | 3 | 1. ./run-tests.sh 4 | 2. Install on router, run through setup process (set password, set SSID) 5 | 3. Log out of web UI, visit https://gw.home.lan/dashboard.html. Verify redirects 6 | to login page. 7 | 4. Log in again, verify goes to dashboard and dashboard shows reasonable numbers 8 | and refreshes periodically. 9 | 5. Install SSH key, log in via SSH. 10 | 6. Access the openwireless.org network, load a web site. Make sure the admin website is 11 | not accesible from openwireless.org. 12 | 7. Click the circular "Check for update" button at bottom of dashboard page and verify 13 | that pop up box appears. The last checked time should auto update if router was 14 | connected to internet. 15 | 8. On settings page change upload/download speeds, openwireless.org limits. Refresh 16 | settings page and check the changes are retained. 17 | 9. Turn off and on openwireless.org network. Verify SSID disappears and reappears. 18 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | mock==1.0.1 2 | selenium==2.44.0 3 | -------------------------------------------------------------------------------- /routerapi/accumulate_bytes: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | 3 | import datetime 4 | import time 5 | import uci 6 | import common 7 | from subprocess import check_output 8 | from get_bytecounts import get_device_and_byte_counts 9 | 10 | 11 | def update_network_availability(): 12 | current_use = float(uci.get("openwireless.use_since_last_ui_reset")) 13 | max_use = float(uci.get("openwireless.maxmonthlybandwidth"))*1000000 14 | current_state = uci.get("wireless.@wifi-iface[1].disabled") 15 | new_state = "1" if current_use > max_use else "0" 16 | if current_state != new_state: 17 | uci.set("wireless.@wifi-iface[1].disabled", new_state) 18 | uci.commit("wireless") 19 | common.reset_wifi() 20 | 21 | def update_openwireless_usage(): 22 | [x, upload_usage, download_usage] = get_device_and_byte_counts("open-wifi",True) #get count and flush 23 | additional_use = download_usage + upload_usage 24 | use = int(uci.get("openwireless.use_since_last_ui_reset")) 25 | new_use = str(use + additional_use) 26 | uci.set("openwireless.use_since_last_ui_reset", new_use) 27 | 28 | def main(): 29 | if uci.get("openwireless.activatedatacap") == "Yes": 30 | update_openwireless_usage() 31 | update_network_availability() 32 | uci.commit("openwireless") 33 | 34 | if __name__ == '__main__': 35 | main() 36 | -------------------------------------------------------------------------------- /routerapi/accumulate_bytes.py: -------------------------------------------------------------------------------- 1 | accumulate_bytes -------------------------------------------------------------------------------- /routerapi/audit.py: -------------------------------------------------------------------------------- 1 | from datetime import datetime 2 | 3 | import uci 4 | 5 | def key(suffix): 6 | return "openwireless.audit.%s" % suffix 7 | 8 | previous_login_ip = key('previous_login_ip') 9 | last_login_ip = key('last_login_ip') 10 | last_login_timestamp = key('last_login_timestamp') 11 | previous_login_timestamp = key('previous_login_timestamp') 12 | 13 | def last_login(): 14 | address = uci.get(last_login_ip) 15 | timestamp = _get_date(last_login_timestamp) 16 | return _build_login(address, timestamp) 17 | 18 | def previous_login(): 19 | address = uci.get(previous_login_ip) 20 | timestamp = _get_date(previous_login_timestamp) 21 | return _build_login(address, timestamp) 22 | 23 | def record_login(address, timestamp = None): 24 | if not timestamp: 25 | timestamp = datetime.utcnow() 26 | if last_login(): 27 | uci.set(previous_login_ip, uci.get(last_login_ip)) 28 | uci.set(previous_login_timestamp, uci.get(last_login_timestamp)) 29 | uci.set(last_login_timestamp, timestamp.strftime('%Y-%m-%dT%H:%M:%S')) 30 | uci.set(last_login_ip, address) 31 | 32 | uci.commit("openwireless") 33 | 34 | def _get_date(key): 35 | date_string = uci.get(key) 36 | return date_string and datetime.strptime(date_string, '%Y-%m-%dT%H:%M:%S') 37 | 38 | def _build_login(address, timestamp): 39 | if address and timestamp: 40 | return {'address': address, 'timestamp': timestamp} 41 | -------------------------------------------------------------------------------- /routerapi/bytecount.py: -------------------------------------------------------------------------------- 1 | bytecount -------------------------------------------------------------------------------- /routerapi/change_password: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import json 3 | import os 4 | import sys 5 | 6 | import auth 7 | import common 8 | 9 | def jsonrpc_change_password(): 10 | """Accept a JSONRPC-style change password, with parameters like so: 11 | 12 | {"jsonrpc":"2.0","method":"use.setpassword","params":["username","password", "oldpassword"],"id":1} 13 | 14 | On successful login, set two cookies: The auth cookie, used for primary 15 | authentication, is HttpOnly so JS cannot access it in case of an XSS. The 16 | CSRF token, used to validate that POSTs come from the same origin, is 17 | accessible to JS so it can be included in
's. 18 | """ 19 | data = json.loads(sys.stdin.read()) 20 | try: 21 | params = data["params"] 22 | username = params[0] 23 | new_password = params[1] 24 | old_password = params[2] 25 | except KeyError, e: 26 | common.render_error(e.__str__()) 27 | except IndexError, e: 28 | common.render_error(e.__str__()) 29 | 30 | a = auth.Auth() 31 | if a.is_password(old_password): 32 | if not a.save_password(new_password): 33 | common.render_error("Invalid password supplied.") 34 | remote_address = os.environ.get('REMOTE_ADDR') 35 | tokens = a.authenticate(new_password, remote_address) 36 | print "Content-Type: application/json" 37 | print a.login_headers(tokens) 38 | print 39 | print "{}" 40 | else: 41 | common.render_error("Old password is incorrect.") 42 | 43 | jsonrpc_change_password() 44 | -------------------------------------------------------------------------------- /routerapi/change_password.py: -------------------------------------------------------------------------------- 1 | change_password -------------------------------------------------------------------------------- /routerapi/change_password_first_time: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import json 3 | import os 4 | import sys 5 | 6 | import auth 7 | import common 8 | import uci 9 | 10 | def jsonrpc_change_password_first_time(auth_path): 11 | """Accept a JSONRPC-style change password, with parameters like so: 12 | 13 | {"jsonrpc":"2.0","method":"setpassword","params":["username","password"],"id":1} 14 | 15 | This endpoint does not require the user to provide their existing password, 16 | but it can only be used when setting the administrator password for the first 17 | time. If a password is already set, this endpoint will return 403. 18 | 19 | This needs to be a separate endpoint from change_password because it is 20 | listed in auth.py as not requiring authentication cookies. 21 | """ 22 | data = json.loads(sys.stdin.read()) 23 | try: 24 | params = data["params"] 25 | username = params[0] 26 | new_password = params[1] 27 | except KeyError, e: 28 | common.render_error(e.__str__()) 29 | except IndexError, e: 30 | common.render_error(e.__str__()) 31 | 32 | a = auth.Auth(auth_path) 33 | if a.password_exists(): 34 | common.render_error('Administrator password has already been set.') 35 | else: 36 | if not a.save_password(new_password): 37 | common.render_error("Invalid password supplied.") 38 | remote_address = os.environ.get('REMOTE_ADDR') 39 | tokens = a.authenticate(new_password, remote_address) 40 | uci.set('openwireless.setup_state', 'setup-private-net') 41 | uci.commit('openwireless') 42 | print "Content-Type: application/json" 43 | print a.login_headers(tokens) 44 | print 45 | print "{}" 46 | 47 | if __name__ == '__main__': 48 | jsonrpc_change_password_first_time(auth.default_path()) 49 | -------------------------------------------------------------------------------- /routerapi/change_password_first_time.py: -------------------------------------------------------------------------------- 1 | change_password_first_time -------------------------------------------------------------------------------- /routerapi/check_interface_connection.py: -------------------------------------------------------------------------------- 1 | import common 2 | import uci 3 | 4 | def enabled(index): 5 | return uci.get("wireless.@wifi-iface[%d].disabled" % index) != "1" 6 | -------------------------------------------------------------------------------- /routerapi/check_updates: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import cgi 3 | import json 4 | import subprocess 5 | import common 6 | 7 | update_check_file = "/etc/last_update_check" 8 | 9 | nullfile = open("/dev/null","w") 10 | ret = "error-calling-update" 11 | last_update_check = None 12 | 13 | try: 14 | exitcode=subprocess.call(["/usr/bin/sudo", "/lib/update/update.py", "check"], stdout=nullfile) 15 | if exitcode == 0: 16 | ret = "not-up-to-date" 17 | elif exitcode == 1: 18 | ret = "up-to-date" 19 | elif exitcode == 2: 20 | raise IOError(errno.ENETDOWN, 'Network is down') 21 | elif exitcode == 3: 22 | ret = "system-busy-try-again" 23 | else: #exit codes 4 or higher 24 | ret = "system-error-check-router-log" 25 | except OSError: 26 | # catch call-errors and return error message 27 | pass 28 | finally: 29 | nullfile.close() 30 | with open(update_check_file, "r") as f: 31 | last_update_check = int(float(f.read().split(' ')[0])) 32 | 33 | result = { 34 | "result": { 35 | "status": ret, 36 | "last_update_check": last_update_check 37 | } 38 | } 39 | common.render_success(result) 40 | -------------------------------------------------------------------------------- /routerapi/check_updates.py: -------------------------------------------------------------------------------- 1 | check_updates -------------------------------------------------------------------------------- /routerapi/dashboard.py: -------------------------------------------------------------------------------- 1 | dashboard -------------------------------------------------------------------------------- /routerapi/get_bytecounts.py: -------------------------------------------------------------------------------- 1 | import run 2 | import re 3 | import subprocess 4 | 5 | parser_pattern = re.compile('SRC packets: \d+ bytes: (\d+) DST packets: \d+ bytes: (\d+)') 6 | 7 | def addcount(a,b): 8 | return map(sum, zip(map(int,a),map(int,b))) 9 | 10 | def get_device_and_byte_counts(network_name,flush=False): 11 | try: 12 | ipt_output = run.check_output(['/usr/bin/sudo', '/usr/sbin/iptaccount', '-l', network_name]) 13 | if flush: 14 | run.check_output(['/usr/bin/sudo', '/usr/sbin/iptaccount', '-f', '-l', network_name]) 15 | network_data = parser_pattern.findall(ipt_output) 16 | device_count = len(network_data) 17 | if device_count == 0: 18 | return [0, 0, 0] 19 | else: 20 | return [device_count] + map(int, list(reduce(addcount, network_data))) 21 | except subprocess.CalledProcessError: 22 | return [0, 0, 0] 23 | -------------------------------------------------------------------------------- /routerapi/ip_address_retriever.py: -------------------------------------------------------------------------------- 1 | import fcntl 2 | import socket 3 | import struct 4 | import subprocess 5 | 6 | def get_internal_ip_address(interface_name): 7 | s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) 8 | try: 9 | return socket.inet_ntoa(fcntl.ioctl( 10 | s.fileno(), 11 | 0x8915, 12 | struct.pack('256s', interface_name[:15]) 13 | )[20:24]) 14 | except IOError: 15 | return '?.?.?.?' 16 | 17 | def get_external_ip_address(): 18 | try: 19 | return subprocess.check_output(["/usr/bin/wget", "-qO-", "myexternalip.com/raw"]) 20 | except subprocess.CalledProcessError: 21 | return '?.?.?.?' 22 | -------------------------------------------------------------------------------- /routerapi/login: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import json 3 | import os 4 | import sys 5 | 6 | import auth 7 | import common 8 | 9 | def jsonrpc_login(): 10 | """Accept a JSONRPC-style login, with parameters like so: 11 | 12 | {"jsonrpc":"2.0","method":"login","params":["username","password"],"id":1} 13 | """ 14 | data = json.loads(sys.stdin.read()) 15 | try: 16 | params = data["params"] 17 | username = params[0] 18 | password = params[1] 19 | except KeyError, e: 20 | common.render_error(e.__str__()) 21 | a = auth.Auth() 22 | remote_address = os.environ.get('REMOTE_ADDR') 23 | tokens = a.authenticate(password, remote_address) 24 | if tokens: 25 | print "Content-Type: application/json" 26 | print a.login_headers(tokens) 27 | print 28 | print "{}" 29 | else: 30 | common.render_error("Bad password.") 31 | 32 | jsonrpc_login() 33 | -------------------------------------------------------------------------------- /routerapi/login.py: -------------------------------------------------------------------------------- 1 | login -------------------------------------------------------------------------------- /routerapi/logout: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | """ 3 | Logout endpoint. 4 | """ 5 | import auth 6 | 7 | a = auth.Auth() 8 | print "Content-Type: application/json" 9 | print a.logout_headers() 10 | print 11 | print "{}" 12 | -------------------------------------------------------------------------------- /routerapi/reset_usage: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | 3 | import json 4 | import os 5 | import common 6 | import sys 7 | import uci 8 | 9 | max_use = float(uci.get("openwireless.maxmonthlybandwidth"))*1000000 10 | uci.set("openwireless.use_since_last_ui_reset", "0") 11 | uci.commit("openwireless") 12 | 13 | current_state = uci.get("wireless.@wifi-iface[1].disabled") 14 | new_state = "0" if max_use > 0 else "1" 15 | if current_state != new_state: 16 | uci.set("wireless.@wifi-iface[1].disabled", new_state) 17 | uci.commit("wireless") 18 | common.reset_wifi() 19 | 20 | response = {} 21 | 22 | common.render_success(response) -------------------------------------------------------------------------------- /routerapi/run.py: -------------------------------------------------------------------------------- 1 | """ 2 | A thin wrapper around subprocess.check_output. This makes it easy to mock out 3 | command execution when running with local lighttpd. 4 | """ 5 | import subprocess 6 | 7 | def check_output(arg_list): 8 | return subprocess.check_output(arg_list) 9 | -------------------------------------------------------------------------------- /routerapi/set_private_ssid: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import json 3 | import os 4 | import subprocess 5 | import sys 6 | import time 7 | 8 | import common 9 | import uci 10 | 11 | def jsonrpc_set_private_ssid(): 12 | data = json.loads(sys.stdin.read()) 13 | try: 14 | (name, passphrase) = data['params'] 15 | except KeyError, e: 16 | common.render_error(e.__str__()) 17 | except ValueError, e: 18 | common.render_error(e.__str__()) 19 | if len(passphrase) < 8: 20 | common.render_error("Passphrase must contain at least 8 characters.") 21 | # TODO: filter input 22 | uci.set('wireless.@wifi-iface[2].ssid', name) 23 | uci.set('wireless.@wifi-iface[2].key', passphrase) 24 | uci.set('wireless.@wifi-iface[2].encryption', 'psk2+ccmp') 25 | uci.set('wireless.@wifi-iface[2].disabled', '0') 26 | uci.commit('wireless') 27 | # We render the response but don't exit, because we still need to run 28 | # `wifi reload', and if we run that before rendering, the response might not 29 | # reach the client. 30 | if os.fork() != 0: 31 | common.render_success({'ssid': name}) 32 | else: 33 | sys.stdout.close() 34 | time.sleep(20) 35 | # Indicate that setup is complete and the user should be sent straight 36 | # to the dashboard in the future. 37 | uci.set('openwireless.setup_state', 'complete') 38 | uci.commit('openwireless') 39 | common.reset_wifi() 40 | sys.exit(0) 41 | 42 | if __name__ == '__main__': 43 | jsonrpc_set_private_ssid() 44 | -------------------------------------------------------------------------------- /routerapi/set_private_ssid.py: -------------------------------------------------------------------------------- 1 | set_private_ssid -------------------------------------------------------------------------------- /routerapi/set_timezone: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import json 3 | import os 4 | import sys 5 | 6 | import common 7 | from tz_info import tz_info 8 | 9 | def jsonrpc_set_timezone(etc=common.get_etc()): 10 | """Accept an olson-style set timezone, with parameters like so: 11 | 12 | {"jsonrpc":"2.0","method":"set_timezone","params":["timezonestring"],"id":1} 13 | 14 | Set the local timezone on the router by looking up and placing the POSIX compatible timezone string 15 | in the /etc/TZ file. 16 | """ 17 | 18 | data = json.loads(sys.stdin.read()) 19 | try: 20 | params = data["params"] 21 | tz_string = tz_info[params[0]] 22 | except KeyError, e: 23 | common.render_error(e.__str__()) 24 | except IndexError, e: 25 | common.render_error(e.__str__()) 26 | 27 | with open(os.path.join(etc, 'TZ'), "w") as tz_file: 28 | tz_file.write(tz_string) 29 | common.render_success({}) 30 | return true 31 | 32 | if __name__ == '__main__': 33 | jsonrpc_set_timezone() 34 | -------------------------------------------------------------------------------- /routerapi/set_timezone.py: -------------------------------------------------------------------------------- 1 | set_timezone -------------------------------------------------------------------------------- /routerapi/settings.py: -------------------------------------------------------------------------------- 1 | settings -------------------------------------------------------------------------------- /routerapi/setup_state: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | """ 3 | Setup state. 4 | 5 | During initial setup, the router can be in one of these states: 6 | set-password 7 | setup-private-net 8 | setup-public-net 9 | complete 10 | 11 | When requested via GET, this endpoint will return a JSON object containing 12 | the current state: 13 | 14 | { 'state': 'set-password'} 15 | """ 16 | 17 | import os 18 | 19 | import common 20 | 21 | import uci 22 | 23 | VALID_SETUP_STATES = [ 24 | 'set-password', 25 | 'setup-private-net', 26 | 'setup-public-net', 27 | 'complete' 28 | ] 29 | 30 | def get_setup_state(): 31 | state = uci.get('openwireless.setup_state') 32 | if not state: 33 | state = 'set-password' 34 | 35 | if state in VALID_SETUP_STATES: 36 | common.render_success({'state': state}) 37 | else: 38 | common.render_error('Invalid setup state') 39 | 40 | get_setup_state() 41 | -------------------------------------------------------------------------------- /routerapi/setup_state.py: -------------------------------------------------------------------------------- 1 | setup_state -------------------------------------------------------------------------------- /routerapi/speed_data.py: -------------------------------------------------------------------------------- 1 | import datetime 2 | 3 | import common 4 | 5 | def getSpeed(data, recency): 6 | if data == {} : 7 | return "N/A" 8 | filtered = dict((key,value) for key, value in data.iteritems() if key > datetime.datetime.now() - datetime.timedelta(seconds=recency)) 9 | if filtered == {} : 10 | return "N/A" 11 | data_points = filtered.values() 12 | return reduce(lambda x, y: x + y, data_points) / len(data_points) 13 | -------------------------------------------------------------------------------- /routerapi/ssh_key.py: -------------------------------------------------------------------------------- 1 | ssh_key -------------------------------------------------------------------------------- /routerapi/toggle_interface: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import json 3 | import os 4 | import sys 5 | 6 | import check_interface_connection 7 | import common 8 | import uci 9 | 10 | response = {} 11 | 12 | interface_dictionary = {"Openwireless.org": 1, "Private WiFi": 2} 13 | 14 | def toggle_wireless_status(interface_index): 15 | config_variable = "wireless.@wifi-iface[%d].disabled" % interface_index 16 | if not check_interface_connection.enabled(interface_index): 17 | uci.set(config_variable, "0") 18 | uci.commit("wireless") 19 | common.reset_wifi() 20 | return "on" 21 | else: 22 | uci.set(config_variable, "1") 23 | uci.commit("wireless") 24 | common.reset_wifi() 25 | return "off" 26 | 27 | if os.environ.get('REQUEST_METHOD') == 'POST': 28 | json_body = json.loads(sys.stdin.read()) 29 | interface_index = interface_dictionary[json_body["name"]] 30 | response["name"] = json_body["name"] 31 | response["new_state"] = toggle_wireless_status(interface_index) 32 | else: 33 | common.render_error('Received GET request. Requires POST.') 34 | 35 | common.render_success(response) 36 | -------------------------------------------------------------------------------- /routerapi/toggle_interface.py: -------------------------------------------------------------------------------- 1 | toggle_interface -------------------------------------------------------------------------------- /routerapi/uci.py: -------------------------------------------------------------------------------- 1 | """ 2 | Store and retrieve values from the router's UCI config system. 3 | """ 4 | import subprocess 5 | 6 | import common 7 | 8 | uci_path = '/sbin/uci' 9 | 10 | def get(name): 11 | try: 12 | return run(['get', name]) 13 | except subprocess.CalledProcessError, e: 14 | return None 15 | 16 | def set(name, value): 17 | return run(['set', '%s=%s' % (name, value)]) 18 | 19 | def commit(namespace): 20 | return run(['commit', namespace]) 21 | 22 | def validate(string): 23 | if len(string) > 200: 24 | raise Exception('String input to UCI too long.') 25 | if string.find('\00') != -1: 26 | raise Exception('Invalid input: contains null bytes.') 27 | 28 | def run(args_list): 29 | args_list.insert(0, uci_path) 30 | args_list.insert(0, '/usr/bin/sudo') 31 | map(validate, args_list) 32 | return subprocess.check_output(args_list).strip() 33 | -------------------------------------------------------------------------------- /routerapi/update: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import cgi 3 | import json 4 | import subprocess 5 | import common 6 | 7 | nullfile = open("/dev/null","w") 8 | ret = "error-calling-update" 9 | 10 | try: 11 | if subprocess.call(["/usr/bin/sudo", "/lib/update/update.py"], stdout=nullfile) == 0: 12 | ret = "update-success" # Should never reach this line of code 13 | else: 14 | ret = "update-failure" 15 | except OSError: 16 | # catch call-errors and return error message 17 | pass 18 | finally: 19 | nullfile.close() 20 | 21 | result = { 22 | "result": { 23 | "status": ret 24 | } 25 | } 26 | 27 | common.render_success(result) 28 | 29 | -------------------------------------------------------------------------------- /routerapi/update.py: -------------------------------------------------------------------------------- 1 | update -------------------------------------------------------------------------------- /routerapi/update_setting.py: -------------------------------------------------------------------------------- 1 | update_setting -------------------------------------------------------------------------------- /run-selenium-tests.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | python -m unittest discover -s selenium/ -p '*_test.py' 4 | -------------------------------------------------------------------------------- /run-tests.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # Run the tests for OpenWireless. We highly recommend that you 4 | # make this a git pre-push hook like so: 5 | # 6 | # ln -s ../../run-tests.sh .git/hooks/pre-push 7 | # 8 | 9 | # Install required packages 10 | npm install 11 | if [ -z "$VIRTUAL_ENV" ] ; then 12 | USER=--user 13 | else 14 | USER= 15 | fi 16 | pip install $USER -qr requirements.txt 17 | 18 | if ! make assert_templates_js_up_to_date ; then 19 | echo 'Error: templates.js out-of-date. Run `make app/js/templates.js`' 20 | exit 1 21 | fi 22 | 23 | scripts/unit 24 | if which nodejs ; then 25 | NODEJS=nodejs 26 | else 27 | NODEJS=node 28 | fi 29 | 30 | $NODEJS -e "require('grunt').tasks(['test']);" 31 | -------------------------------------------------------------------------------- /scripts/pre-commit: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -ex 4 | 5 | ROOT=`pwd` 6 | USE_VAGRANT=`ls .vagrant &> /dev/null && test $(whoami) != "vagrant"; echo $?` 7 | COMMAND="./run-tests.sh" 8 | 9 | if [ "$USE_VAGRANT" -eq "0" ]; then 10 | vagrant ssh -c "cd /vagrant && $COMMAND" 11 | else 12 | $COMMAND 13 | fi 14 | -------------------------------------------------------------------------------- /scripts/template: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | 3 | import sys 4 | 5 | replacements = dict(i.strip().split('=') for i in sys.stdin.readlines()) 6 | 7 | filename = sys.argv[1] 8 | 9 | with open(filename) as template: 10 | print template.read() % replacements 11 | -------------------------------------------------------------------------------- /scripts/unit: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | 5 | /usr/bin/env python2.7 -m unittest discover -s test/ -p '*_test.py' 6 | -------------------------------------------------------------------------------- /selenium/first_time_login_screen_test.py: -------------------------------------------------------------------------------- 1 | import unittest 2 | from selenium import webdriver 3 | from selenium.webdriver.common.by import By 4 | from selenium.webdriver.common.keys import Keys 5 | from selenium.webdriver.support.ui import WebDriverWait 6 | from selenium.webdriver.support import expected_conditions as EC 7 | 8 | class SecondTimeChangePasswordAttempt (unittest.TestCase): 9 | 10 | def setUp(self): 11 | self.driver = webdriver.Firefox() 12 | 13 | def test_second_attempt_yields_error(self): 14 | driver = self.driver 15 | driver.get("http://gw.home.lan/changePassword.html?first_time=true") 16 | 17 | pass_field = driver.find_element_by_id("newPassword") 18 | pass_field.send_keys("asdf1234") 19 | 20 | pass_conf_field = driver.find_element_by_id("retypePassword") 21 | pass_conf_field.send_keys("asdf1234") 22 | 23 | submit_button = driver.find_element_by_css_selector('#outerContainer > div > form > input[type="submit"]:nth-child(11)') 24 | submit_button.click() 25 | 26 | error_message = "Server Error: Administrator password has already been set." 27 | error_field = WebDriverWait(driver, 5).until( 28 | EC.text_to_be_present_in_element((By.ID, "genericError"), error_message) 29 | ) 30 | 31 | self.assertNotEqual(error_field, None) 32 | 33 | def tearDown(self): 34 | self.driver.close() 35 | 36 | if __name__ == "__main__": 37 | unittest.main() 38 | 39 | -------------------------------------------------------------------------------- /selenium/login_test.py: -------------------------------------------------------------------------------- 1 | import unittest 2 | from selenium import webdriver 3 | from selenium.webdriver.common.by import By 4 | from selenium.webdriver.common.keys import Keys 5 | from selenium.webdriver.support.ui import WebDriverWait 6 | from selenium.webdriver.support import expected_conditions as EC 7 | 8 | class Login (unittest.TestCase): 9 | 10 | def setUp(self): 11 | self.driver = webdriver.Firefox() 12 | 13 | def test_login_redirects_to_dashboard (self): 14 | driver = self.driver 15 | driver.get("http://gw.home.lan/login.html") 16 | 17 | pass_field = driver.find_element_by_id("password") 18 | pass_field.send_keys("asdf1234") 19 | 20 | submit_button = driver.find_element_by_id('submit') 21 | submit_button.click() 22 | 23 | successful_redirect = WebDriverWait(driver, 5).until( 24 | EC.text_to_be_present_in_element((By.CSS_SELECTOR, "body > div > header > h1"), "Dashboard") 25 | ) 26 | 27 | def tearDown(self): 28 | self.driver.close() 29 | 30 | if __name__ == "__main__": 31 | unittest.main() 32 | 33 | -------------------------------------------------------------------------------- /sendAppToRouter: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd $(dirname $0) 3 | 4 | TARGET=root@gw.home.lan 5 | sync() { 6 | make app/js/templates.js && \ 7 | rsync -au --no-owner --no-group app/ $TARGET:/www/ && \ 8 | rsync -au --no-owner --no-group routerapi/ $TARGET:/www/cgi-bin/routerapi/ && \ 9 | rsync -au --no-owner --no-group lib/update/ $TARGET:/lib/update/ && \ 10 | date +"%Y-%m-%d %H:%M:%S synced" 11 | } 12 | 13 | if [ "$1" == "--continuous" ]; then 14 | grep -q ControlMaster ~/.ssh/config || echo "Install recommended ssh-config." 15 | ssh -Nf $TARGET 16 | sync 17 | inotifywait -rm -e close_write --format '%w%f' app routerapi lib etc |\ 18 | while read line; do 19 | sleep 0.2 20 | sync 21 | done 22 | else 23 | sync 24 | fi 25 | -------------------------------------------------------------------------------- /sendToBuild: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | cd $(dirname $0) 3 | 4 | echo "remove openwrt/files directory in build ..." 5 | rm -rf openwrt/files 6 | 7 | echo "create openwrt/files directory in build" 8 | mkdir -p openwrt/files 9 | 10 | echo "change DISTRIB_RELEASE_DATE in openwrt_release ..." 11 | ./changeReleaseDate 12 | 13 | echo "push etc to build" 14 | cp -rp etc openwrt/files/ 15 | 16 | echo "push lib to build" 17 | cp -rp lib openwrt/files/ 18 | 19 | echo "make www directory in build..." 20 | mkdir openwrt/files/www 21 | 22 | echo "pushing frontend to build..." 23 | cp -rp app/* openwrt/files/www/ 24 | 25 | echo "make cgi-bin directory in build..." 26 | mkdir openwrt/files/www/cgi-bin 27 | 28 | echo "pushing routerapi to build..." 29 | cp -rp routerapi openwrt/files/www/cgi-bin/ 30 | 31 | echo "building lighttpd config..." 32 | cat lighttpd/router.properties | scripts/template lighttpd/lighttpd.conf.template > openwrt/files/etc/lighttpd/lighttpd.conf 33 | -------------------------------------------------------------------------------- /spec/integration/requestSpec.js: -------------------------------------------------------------------------------- 1 | describe("Request Module", function(){ 2 | it("should submit request with proper URL", function() { 3 | spyOn($, "ajax"); 4 | var loginData = {"jsonrpc": "2.0"}; 5 | requestModule.submitRequest({'data':loginData, url:"http://192.168.1.1/cgi-bin/luci/rpc/auth", 'successCallback': {}, 'errorCallback': {}}); 6 | expect($.ajax.mostRecentCall.args[0]["url"]).toEqual("http://192.168.1.1/cgi-bin/luci/rpc/auth"); 7 | expect($.ajax.mostRecentCall.args[0]["data"]).toEqual(JSON.stringify(loginData)); 8 | }); 9 | }); 10 | -------------------------------------------------------------------------------- /spec/unit/helperSpec.js: -------------------------------------------------------------------------------- 1 | describe("Helper Functions", function() { 2 | 3 | describe("Is Empty", function(){ 4 | it("should return false if there is a value", function(){ 5 | expect(helperModule.isEmpty("value")).toBeFalsy(); 6 | }); 7 | 8 | it("should return true if the value is null", function(){ 9 | expect(helperModule.isEmpty(null)).toBeTruthy(); 10 | }); 11 | 12 | it("should return true if the value is empty spaces", function(){ 13 | expect(helperModule.isEmpty(" ")).toBeTruthy(); 14 | }); 15 | 16 | it("should return true if the value is empty string", function(){ 17 | expect(helperModule.isEmpty("")).toBeTruthy(); 18 | }); 19 | }); 20 | 21 | describe("Check password Library", function() { 22 | 23 | beforeEach(function() { 24 | window.alert = jasmine.createSpy().andCallFake(function (message) {return}); 25 | }); 26 | 27 | describe("CheckPassword", function() { 28 | }); 29 | 30 | describe("CheckForm", function() { 31 | }); 32 | 33 | describe("Chage Password Success Redirect", function() { 34 | }); 35 | }); 36 | 37 | 38 | }); 39 | -------------------------------------------------------------------------------- /spikes/dashboard/images/antenna-off.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/antenna-off.png -------------------------------------------------------------------------------- /spikes/dashboard/images/antenna-on.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/antenna-on.png -------------------------------------------------------------------------------- /spikes/dashboard/images/city-tile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/city-tile.png -------------------------------------------------------------------------------- /spikes/dashboard/images/devices.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/devices.png -------------------------------------------------------------------------------- /spikes/dashboard/images/lan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/lan.png -------------------------------------------------------------------------------- /spikes/dashboard/images/router.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/router.png -------------------------------------------------------------------------------- /spikes/dashboard/images/settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/settings.png -------------------------------------------------------------------------------- /spikes/dashboard/images/stars.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/stars.png -------------------------------------------------------------------------------- /spikes/dashboard/images/update.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EFForg/OpenWireless/9a93f9ed6033751d121c6851e86375b2b4912ab2/spikes/dashboard/images/update.png -------------------------------------------------------------------------------- /spikes/sendSpikeToOpenWrtVM: -------------------------------------------------------------------------------- 1 | scp -P 2200 spike.html spike.js root@localhost:/www/ 2 | -------------------------------------------------------------------------------- /spikes/spike.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Username:
11 | Password:
12 | 13 |

14 | Token: 15 |

16 |
17 | Library:
18 | Method:
19 | param:
20 | 21 |
22 | RESULT:
23 |

24 |
25 | SSID: 26 |
27 | Clicking submit will create the new network (SSID).
28 | You will then be required to reconnect any wireless devices
29 | You had previously connected to the router.
30 |

31 |
32 | 33 |
34 | Status: 35 | 36 | 37 | -------------------------------------------------------------------------------- /sqm: -------------------------------------------------------------------------------- 1 | config queue 'ge00' 2 | option interface 'ge00' 3 | option qdisc 'fq_codel' 4 | option script 'simple.qos' 5 | option qdisc_advanced '0' 6 | option linklayer 'none' 7 | option enabled '1' 8 | option download '5000' 9 | option upload '1500' 10 | 11 | config queue 'gw00' 12 | option interface 'gw00' 13 | option qdisc 'fq_codel' 14 | option script 'simplest.qos' 15 | option qdisc_advanced '0' 16 | option linklayer 'none' 17 | option enabled '1' 18 | option download '0' 19 | option upload '2000' 20 | -------------------------------------------------------------------------------- /ssh-config: -------------------------------------------------------------------------------- 1 | # Suggested SSH config for use with the router. 2 | # Append this to ~/.ssh/config. 3 | # This allows you to skip typing `root@' with your SSH commands. 4 | # It also uses a persistent connection to multiplex new connections. 5 | # So you can run `ssh -Nf gw.home.lan' once during a work session, 6 | # and all subsequent ssh's into gw.home.lan will finish much more quickly. 7 | Host gw.home.lan 8 | User root 9 | ControlMaster auto 10 | ControlPath /tmp/%h-%p-%r 11 | -------------------------------------------------------------------------------- /test/fake_uci.py: -------------------------------------------------------------------------------- 1 | class FakeUci: 2 | def __init__(self, data={}): 3 | self.data = data 4 | self.tmp = {} 5 | 6 | def get(self, name): 7 | return self.data.get(name) 8 | 9 | def set(self, name, value): 10 | if value == None: 11 | raise ValueError("value can not be None.") 12 | self.tmp[name] = value 13 | 14 | def commit(self, section): 15 | match = lambda x: x[0].startswith(section + ".") 16 | tmp_section_items = [i for i in self.tmp.items() if match(i)] 17 | non_tmp_section_items = [i for i in self.tmp.items() if not match(i)] 18 | 19 | self.data = dict(self.data.items() + tmp_section_items) 20 | self.tmp = dict(non_tmp_section_items) 21 | -------------------------------------------------------------------------------- /test/fake_uci_test.py: -------------------------------------------------------------------------------- 1 | import unittest 2 | 3 | from fake_uci import FakeUci 4 | 5 | class FakeUciTest(unittest.TestCase): 6 | def test_get_when_key_exists(self): 7 | uci = FakeUci(data = {'section.key': 1}) 8 | 9 | self.assertEquals(1, uci.get('section.key')) 10 | 11 | def test_get_when_key_missing(self): 12 | uci = FakeUci(data = {}) 13 | 14 | self.assertEquals(None, uci.get('section.key')) 15 | 16 | def test_set_without_commit(self): 17 | uci = FakeUci() 18 | 19 | uci.set('section.key', 1) 20 | 21 | self.assertEquals(None, uci.get('section.key')) 22 | 23 | def test_set_with_commit(self): 24 | uci = FakeUci() 25 | 26 | uci.set('section.key', 1) 27 | uci.commit('section') 28 | 29 | self.assertEquals(1, uci.get('section.key')) 30 | 31 | def test_set_with_commit_on_different_section(self): 32 | uci = FakeUci() 33 | 34 | uci.set('section.key', 1) 35 | uci.commit('section1') 36 | 37 | self.assertEquals(None, uci.get('section.key')) 38 | 39 | def test_set_with_commit_on_section_after_commit_on_different_section(self): 40 | uci = FakeUci() 41 | 42 | uci.set('section.key', 1) 43 | uci.commit('section1') 44 | uci.commit('section') 45 | 46 | self.assertEquals(1, uci.get('section.key')) 47 | 48 | def test_set_with_none_throws_exception(self): 49 | uci = FakeUci() 50 | 51 | self.assertRaises(ValueError, uci.set, 'foo', None) 52 | -------------------------------------------------------------------------------- /test/gen_tz_dictionary_test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | 3 | import unittest, sys, os 4 | 5 | sys.path.insert(0, os.path.join( 6 | os.path.dirname(os.path.realpath(__file__)), 7 | "..", "routerapi")) 8 | 9 | import gen_tz_dictionary 10 | 11 | class genTzDictionaryTest(unittest.TestCase): 12 | 13 | def test_get_zone_info(self): 14 | tzd = gen_tz_dictionary.get_zone_info() 15 | self.assertTrue(type(tzd) is dict) 16 | self.assertTrue(len(tzd) > 1) 17 | self.assertEqual(tzd["America/Los_Angeles"], "PST8PDT,M3.2.0,M11.1.0") 18 | 19 | self.assertFalse(gen_tz_dictionary.get_zone_info("/does/not/exist")) 20 | 21 | 22 | def test_read_posix_zone(self): 23 | posix_zone = gen_tz_dictionary.read_posix_zone("America/Los_Angeles") 24 | self.assertEqual(posix_zone, "PST8PDT,M3.2.0,M11.1.0") 25 | 26 | with self.assertRaises(EnvironmentError): 27 | gen_tz_dictionary.read_posix_zone("Fake/Zone") 28 | 29 | 30 | if __name__ == '__main__': 31 | unittest.main() 32 | 33 | -------------------------------------------------------------------------------- /test/set_timezone_test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | 3 | import unittest, sys, os 4 | import StringIO 5 | 6 | sys.path.insert(0, os.path.join( 7 | os.path.dirname(os.path.realpath(__file__)), 8 | "..", "routerapi")) 9 | 10 | from set_timezone import jsonrpc_set_timezone 11 | 12 | # TODO: Use mktemp rather than storing in current dir. 13 | TZ_PATH = "./TZ" 14 | 15 | def setInput(input): 16 | sys.stdin.write(input) 17 | sys.stdin.seek(0) 18 | 19 | class SetTimezoneTest(unittest.TestCase): 20 | def setUp(self): 21 | open(TZ_PATH, "w").close() 22 | # Send stdout/stdin to a buffer so we can check output 23 | self.saved_stdout, sys.stdout = sys.stdout, StringIO.StringIO() 24 | self.saved_stdin, sys.stdin = sys.stdin, StringIO.StringIO() 25 | 26 | def tearDown(self): 27 | os.remove(TZ_PATH) 28 | sys.stdout = self.saved_stdout 29 | sys.stdin = self.saved_stdin 30 | 31 | def test_set_timezone(self): 32 | setInput('{"jsonrpc":"2.0","method":"set_timezone","params":["America/Los_Angeles"],"id":1}') 33 | 34 | with self.assertRaises(SystemExit): 35 | jsonrpc_set_timezone(".") 36 | 37 | with open(TZ_PATH, "r") as tz_file: 38 | tz_data = tz_file.read() 39 | 40 | self.assertEqual(tz_data, "PST8PDT,M3.2.0,M11.1.0") 41 | 42 | if __name__ == '__main__': 43 | unittest.main() 44 | 45 | -------------------------------------------------------------------------------- /test/speed_data_test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | 3 | import unittest, datetime, sys, os 4 | sys.path.insert(0, os.path.join( 5 | os.path.dirname(os.path.realpath(__file__)), 6 | "..", "routerapi")) 7 | 8 | from speed_data import getSpeed 9 | 10 | class SpeedDataTest(unittest.TestCase): 11 | def setUp(self): 12 | self.start_time = datetime.datetime.fromtimestamp(1403896884) 13 | self.start_time = datetime.datetime.now() 14 | 15 | def test_result(self): 16 | sample_data = { 17 | self.start_time : 10, 18 | self.start_time - datetime.timedelta(seconds=3) : 10, 19 | self.start_time - datetime.timedelta(microseconds=15) : 20, 20 | self.start_time - datetime.timedelta(milliseconds=15) : 20, 21 | self.start_time - datetime.timedelta(minutes=15) : 21.5, 22 | self.start_time - datetime.timedelta(minutes=5) : 27.5, 23 | self.start_time - datetime.timedelta(minutes=15) : 33.5 24 | } 25 | 26 | avg_speed = getSpeed(sample_data, 5) 27 | self.assertEqual(avg_speed, 15) 28 | 29 | def test_empty_result(self): 30 | sample_data = {} 31 | avg_speed = getSpeed(sample_data, 5) 32 | self.assertEqual(avg_speed, "N/A") 33 | 34 | def test_obsolete_result(self): 35 | sample_data = { 36 | self.start_time - datetime.timedelta(minutes=15) : 21.5, 37 | self.start_time - datetime.timedelta(minutes=5) : 27.5, 38 | self.start_time - datetime.timedelta(minutes=15) : 33.5 39 | } 40 | avg_speed = getSpeed(sample_data, 5) 41 | self.assertEqual(avg_speed, "N/A") 42 | 43 | if __name__ == '__main__': 44 | unittest.main() 45 | 46 | -------------------------------------------------------------------------------- /test/syntax_test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2.7 2 | import unittest 3 | import os 4 | import sys 5 | 6 | 7 | routerapi = os.path.join( 8 | os.path.dirname(os.path.realpath(__file__)), 9 | '..', 'routerapi') 10 | 11 | js = os.path.join( 12 | os.path.dirname(os.path.realpath(__file__)), 13 | '..', 'app/js') 14 | 15 | class TestCompiles(unittest.TestCase): 16 | """Verify that every Python file in routerapi compiles.""" 17 | def test_compile(self): 18 | for filename in os.listdir(routerapi): 19 | # Exclude dotfiles (e.g. Vim swap files) and *c (e.g. .pyc, or 20 | # fooc for script foo. 21 | if (not filename.startswith('.') and not filename.endswith('c') 22 | and not os.path.isdir(os.path.join(routerapi, filename))): 23 | with open(os.path.join(routerapi, filename), 'r') as f: 24 | contents = f.read() 25 | compile(contents, filename, 'exec') 26 | self.assertFalse('\t' in contents, 27 | msg = 'Tab found in %s, use spaces instead.' % filename) 28 | 29 | def test_notabs_js(self): 30 | for filename in os.listdir(js): 31 | if not filename.startswith('.') and not filename == 'templates.js': 32 | with open(os.path.join(js, filename), 'r') as f: 33 | self.assertFalse('\t' in f.read(), 34 | msg = 'Tab found in %s, use spaces instead.' % filename) 35 | 36 | if __name__ == '__main__': 37 | unittest.main() 38 | -------------------------------------------------------------------------------- /test/update_setting_test.py: -------------------------------------------------------------------------------- 1 | import unittest 2 | import sys 3 | import os 4 | import mock 5 | from fake_uci import FakeUci 6 | 7 | sys.path.insert(0, os.path.join( 8 | os.path.dirname(os.path.realpath(__file__)), 9 | "..", "routerapi")) 10 | 11 | import update_setting 12 | 13 | class TestUpdateSetting(unittest.TestCase): 14 | @mock.patch('accumulate_bytes.update_network_availability') 15 | @mock.patch('update_setting.uci', new_callable = FakeUci) 16 | def test_update_network_availability_after_monthly_data_limit_change(self, _, update_network_availability): 17 | update_setting.check_openwireless_monthly_data('500') 18 | update_network_availability.assert_called_with() 19 | 20 | @mock.patch('accumulate_bytes.update_network_availability') 21 | @mock.patch('update_setting.uci', new_callable = FakeUci) 22 | def test_update_openwireless_monthly_data(self, uci, _): 23 | update_setting.check_openwireless_monthly_data('500') 24 | 25 | bandwidth = uci.get("openwireless.maxmonthlybandwidth") 26 | self.assertEquals(bandwidth, '500') 27 | 28 | -------------------------------------------------------------------------------- /var/dhcp.leases: -------------------------------------------------------------------------------- 1 | 1427386177 11:22:33:44:55:66 172.30.42.113 android 2 | -------------------------------------------------------------------------------- /wireless: -------------------------------------------------------------------------------- 1 | config wifi-device 'radio0' 2 | option type 'mac80211' 3 | option hwmode '11g' 4 | option path 'pci0000:00/0000:00:11.0' 5 | option htmode 'HT20' 6 | option txpower '30' 7 | option country 'US' 8 | option channel 'auto' 9 | 10 | config wifi-iface 11 | option network 'sw00' 12 | option ifname 'sw00' 13 | option mode 'ap' 14 | option ssid 'fancypants3' 15 | option key 'Openwireless' 16 | option encryption 'psk2' 17 | option disabled '0' 18 | option device 'radio1' 19 | 20 | config wifi-iface 21 | option device 'radio0' 22 | option network 'gw00' 23 | option mode 'ap' 24 | option ifname 'gw00' 25 | option ssid 'CEROwrt-guest' 26 | option encryption 'none' 27 | 28 | config wifi-device 'radio1' 29 | option type 'mac80211' 30 | option channel '36' 31 | option hwmode '11a' 32 | option path 'pci0000:00/0000:00:12.0' 33 | option htmode 'HT20' 34 | --------------------------------------------------------------------------------