Itus Networks Owners Forum - Re: Need Help testing.

Itus Networks Owners Forum › Technical Discussion

Re: Need Help testing.

Posted by Roadrunnere42 on Apr 15, 2020; 7:58am
URL: https://itus.accessinnov.com/FIRMWARE-Itus-Networks-Shield-Firmware-Upgrade-WIP-tp1726p1944.html

Great work

can't wait for new build.

On Wed, 15 Apr 2020 at 06:46, Grommish [via Itus Networks Owners Forum] <[hidden email]> wrote:

Ok, so.. I think I finally have a grip on this.. OpenWrt has MANY cool systems when you're building from scratch, but they are just a huge pain to find.

I found reference to the /etc/uci-defaults directory, which will run a file on the first boot, then delete it. This allows me to do selective settings via the uci!

I have abandoned using ClamAV in the image. It's huge and resource heavy, and not really useful given what would have to be given up for it (like.. Snort..or Adblock..) ClamAV has an 800MB RAM footprint! So.. Ah well.

# Common Settings between three modes
# Network Settings
uci set network.loopback=interface
uci set network.loopback.ifname="lo"
uci set network.loopback.proto="static"
uci set network.loopback.ipaddr="127.0.0.1"
uci set network.loopback.netmask="255.0.0.0"
uci set network.globals=globals
uci set network.globals.ula_prefix="fd18:0640:804c::/48"

# Setup networking defaults based on mode
case "${SHIELD_MODE}" in
"Router" | "Gateway")
# Network Setup
uci set network.wan=interface
uci set network.wan.ifname='eth0'
uci set network.wan.proto='dhcp'

uci set network.lan=interface
uci set network.lan.ifname='eth1 eth2'
uci set network.lan.force_link='1'
uci set network.lan.proto='static'
uci set network.lan.type='bridge'
uci set network.lan.ipaddr='10.10.10.10'
uci set network.lan.netmask='255.255.255.0'
uci set network.lan.ip6assign='60'

uci set network.wan6=interface
uci set network.wan6.ifname='eth0'
uci set network.wan6.proto='dhcpv6'
uci commit network

# DHCP/DNS Setup
uci set dhcp.@dnsmasq[0]=dnsmasq
uci set dhcp.@dnsmasq[0].domainneeded='1'
uci set dhcp.@dnsmasq[0].boguspriv='1'
uci set dhcp.@dnsmasq[0].filterwin2k='0'
uci set dhcp.@dnsmasq[0].localise_queries='1'
uci set dhcp.@dnsmasq[0].rebind_protection='1'
uci set dhcp.@dnsmasq[0].rebind_localhost='1'
uci set dhcp.@dnsmasq[0].local='/lan/'
uci set dhcp.@dnsmasq[0].domain='lan'
uci set dhcp.@dnsmasq[0].expandhosts='1'
uci set dhcp.@dnsmasq[0].nonegcache='0'
uci set dhcp.@dnsmasq[0].authoritative='1'
uci set dhcp.@dnsmasq[0].readethers='1'
uci set dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
uci set dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
uci set dhcp.@dnsmasq[0].nonwildcard='1'
uci set dhcp.@dnsmasq[0].localservice='1'

uci set dhcp.lan=dhcp
uci set dhcp.lan.interface='lan'
uci set dhcp.lan.start='100'
uci set dhcp.lan.limit='150'
uci set dhcp.lan.leasetime='12h'
uci set dhcp.lan.dhcpv6='server'
uci set dhcp.lan.ra='server'
uci set dhcp.lan.ra_slaac='1'
uci set dhcp.lan.ra_flags='managed-config' 'other-config'

uci set dhcp.wan=dhcp
uci set dhcp.wan.interface='wan'
uci set dhcp.wan.ignore='1'

uci set dhcp.odhcpd=odhcpd
uci set dhcp.odhcpd.maindhcp='0'
uci set dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
uci set dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
uci set dhcp.odhcpd.loglevel='4'
uci commit dhcp

# Adblock Setup
uci set adblock.global=adblock
uci set adblock.global.adb_enabled='1'
uci set adblock.global.adb_debug='0'
uci set adblock.global.adb_forcedns='0'
uci set adblock.global.adb_safesearch='0'
uci set adblock.global.adb_mail='0'
uci set adblock.global.adb_maxqueue='4'
uci set adblock.global.adb_dns='dnsmasq'
uci set adblock.global.adb_trigger='wan'
uci set adblock.global.adb_report='1'
uci set adblock.global.adb_repiface='br-lan'
uci set adblock.global.adb_backup='0'
uci set adblock.global.adb_dnsfilereset='1'
uci set adblock.global.adb_dnsflush='1'
uci add_list adblock.global.adb_sources='adaway'
uci add_list adblock.global.adb_sources='adguard'
uci add_list adblock.global.adb_sources='disconnect'
uci add_list adblock.global.adb_sources='oisd_nl'
uci add_list adblock.global.adb_sources='youtube'
uci add_list adblock.global.adb_sources='yoyo'
uci set adblock.global.adb_fetchutil='uclient-fetch'
uci commit adblock

# uhttpd Setup
uci set uhttpd.main=uhttpd
uci set uhttpd.main.listen_http='10.10.10.10:80'
uci set uhttpd.main.listen_https='10.10.10.10:443'
uci set uhttpd.main.redirect_https='1'
uci set uhttpd.main.home='/www'
uci set uhttpd.main.rfc1918_filter='1'
uci set uhttpd.main.max_requests='3'
uci set uhttpd.main.max_connections='100'
uci set uhttpd.main.cert='/etc/uhttpd.crt'
uci set uhttpd.main.key='/etc/uhttpd.key'
uci set uhttpd.main.cgi_prefix='/cgi-bin'
uci set uhttpd.main.lua_prefix='/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua'
uci set uhttpd.main.script_timeout='60'
uci set uhttpd.main.network_timeout='30'
uci set uhttpd.main.http_keepalive='20'
uci set uhttpd.main.tcp_keepalive='1'
uci set uhttpd.main.ubus_prefix='/ubus'
uci set uhttpd.defaults=cert
uci set uhttpd.defaults.days='730'
uci set uhttpd.defaults.bits='2048'
uci set uhttpd.defaults.country='ZZ'
uci set uhttpd.defaults.state='Somewhere'
uci set uhttpd.defaults.location='Unknown'
uci set uhttpd.defaults.commonname='OpenWrt'
;;
"Bridge")
;;
esac

Running Itus Shield v2 Firmware

If you reply to this email, your message will be added to the discussion below:
http://itus.accessinnov.com/FIRMWARE-Itus-Networks-Shield-Firmware-Upgrade-WIP-tp1726p1942.html

To start a new topic under Technical Discussion, email [hidden email]
To unsubscribe from Itus Networks Owners Forum, click here.
NAML