From 81fd1dc20e42a620acee90febb5302073bfa06b7 Mon Sep 17 00:00:00 2001 From: Augusto Bott Date: Sat, 9 Jul 2011 19:36:59 -0300 Subject: [PATCH] MultiLAN GUI, very first version (up to 4 LAN bridges, each with it's own settings for IP/DHCP/STP/...) --- release/src/router/httpd/tomato.c | 51 +++- release/src/router/rc/firewall.c | 129 ++++++++- release/src/router/rc/network.c | 306 ++++++++++++--------- release/src/router/rc/services.c | 273 +++++++++++++------ release/src/router/rc/wan.c | 6 + release/src/router/www/advanced-routing.asp | 12 +- release/src/router/www/advanced-vlan.asp | 114 ++++++-- release/src/router/www/basic-network.asp | 406 +++++++++++++++++++++++++--- 8 files changed, 996 insertions(+), 301 deletions(-) diff --git a/release/src/router/httpd/tomato.c b/release/src/router/httpd/tomato.c index 93697803db..c1935238e6 100644 --- a/release/src/router/httpd/tomato.c +++ b/release/src/router/httpd/tomato.c @@ -542,13 +542,52 @@ static const nvset_t nvset_list[] = { { "lan_gateway", V_IP }, { "wan_dns", V_LENGTH(0, 50) }, // ip ip ip { "lan_proto", V_WORD }, // static, dhcp - { "dhcp_start", V_RANGE(1, 254) }, // remove ! - { "dhcp_num", V_RANGE(1, 255) }, // remove ! - { "dhcpd_startip", V_IP }, - { "dhcpd_endip", V_IP }, - { "dhcp_lease", V_RANGE(1, 10080) }, + { "dhcp_start", V_LENGTH(0, 15) }, // remove ! + { "dhcp_num", V_LENGTH(0, 4) }, // remove ! + { "dhcpd_startip", V_LENGTH(0, 15) }, + { "dhcpd_endip", V_LENGTH(0, 15) }, + { "dhcp_lease", V_LENGTH(0, 5) }, { "wan_wins", V_IP }, + // LAN networks + { "lan_ifname", V_LENGTH(0, 5) }, + + { "lan1_ifname", V_LENGTH(0, 5) }, + { "lan1_ifnames", V_TEXT(0,64) }, + { "lan1_ipaddr", V_LENGTH(0, 15) }, + { "lan1_netmask", V_LENGTH(0, 15) }, + { "lan1_proto", V_LENGTH(0, 6) }, + { "lan1_stp", V_LENGTH(0, 1) }, + { "dhcp1_start", V_LENGTH(0, 15) }, + { "dhcp1_num", V_LENGTH(0, 4) }, + { "dhcpd1_startip", V_LENGTH(0, 15) }, + { "dhcpd1_endip", V_LENGTH(0, 15) }, + { "dhcp1_lease", V_LENGTH(0, 5) }, + + { "lan2_ifname", V_LENGTH(0, 5) }, + { "lan2_ifnames", V_TEXT(0,64) }, + { "lan2_ipaddr", V_LENGTH(0, 15) }, + { "lan2_netmask", V_LENGTH(0, 15) }, + { "lan2_proto", V_LENGTH(0, 6) }, + { "lan2_stp", V_LENGTH(0, 1) }, + { "dhcp2_start", V_LENGTH(0, 15) }, + { "dhcp2_num", V_LENGTH(0, 4) }, + { "dhcpd2_startip", V_LENGTH(0, 15) }, + { "dhcpd2_endip", V_LENGTH(0, 15) }, + { "dhcp2_lease", V_LENGTH(0, 5) }, + + { "lan3_ifname", V_LENGTH(0, 5) }, + { "lan3_ifnames", V_TEXT(0,64) }, + { "lan3_ipaddr", V_LENGTH(0, 15) }, + { "lan3_netmask", V_LENGTH(0, 15) }, + { "lan3_proto", V_LENGTH(0, 6) }, + { "lan3_stp", V_LENGTH(0, 1) }, + { "dhcp3_start", V_LENGTH(0, 15) }, + { "dhcp3_num", V_LENGTH(0, 4) }, + { "dhcpd3_startip", V_LENGTH(0, 15) }, + { "dhcpd3_endip", V_LENGTH(0, 15) }, + { "dhcp3_lease", V_LENGTH(0, 5) }, + // wireless { "wl_radio", V_01 }, { "wl_mode", V_LENGTH(2, 3) }, // ap, sta, wet, wds @@ -698,7 +737,7 @@ static const nvset_t nvset_list[] = { { "wan_ifnameX", V_TEXT(0,8) }, { "lan_ifnames", V_TEXT(0,64) }, { "manual_boot_nv", V_01 }, - { "trunk_vlan_support_override",V_01 }, + { "trunk_vlan_so",V_01 }, // advanced-mac { "mac_wan", V_LENGTH(0, 17) }, diff --git a/release/src/router/rc/firewall.c b/release/src/router/rc/firewall.c index f1e738e1e1..67d2b8a2e4 100644 --- a/release/src/router/rc/firewall.c +++ b/release/src/router/rc/firewall.c @@ -31,10 +31,16 @@ wanface_list_t wanfaces; char lanface[IFNAMSIZ + 1]; +char lan1face[IFNAMSIZ + 1]; +char lan2face[IFNAMSIZ + 1]; +char lan3face[IFNAMSIZ + 1]; #ifdef TCONFIG_IPV6 char wan6face[IFNAMSIZ + 1]; #endif char lan_cclass[sizeof("xxx.xxx.xxx.") + 1]; +//char lan1_cclass[sizeof("xxx.xxx.xxx.") + 1]; +//char lan2_cclass[sizeof("xxx.xxx.xxx.") + 1]; +//char lan3_cclass[sizeof("xxx.xxx.xxx.") + 1]; #ifdef DEBUG_IPTFILE static int debug_only = 0; @@ -480,6 +486,12 @@ static void nat_table(void) { char lanaddr[32]; char lanmask[32]; + char lan1addr[32]; + char lan1mask[32]; + char lan2addr[32]; + char lan2mask[32]; + char lan3addr[32]; + char lan3mask[32]; char dst[64]; char src[64]; char t[512]; @@ -496,6 +508,13 @@ static void nat_table(void) if (gateway_mode) { strlcpy(lanaddr, nvram_safe_get("lan_ipaddr"), sizeof(lanaddr)); strlcpy(lanmask, nvram_safe_get("lan_netmask"), sizeof(lanmask)); + strlcpy(lan1addr, nvram_safe_get("lan1_ipaddr"), sizeof(lan1addr)); + strlcpy(lan1mask, nvram_safe_get("lan1_netmask"), sizeof(lan1mask)); + strlcpy(lan2addr, nvram_safe_get("lan2_ipaddr"), sizeof(lan2addr)); + strlcpy(lan2mask, nvram_safe_get("lan2_netmask"), sizeof(lan2mask)); + strlcpy(lan3addr, nvram_safe_get("lan3_ipaddr"), sizeof(lan3addr)); + strlcpy(lan3mask, nvram_safe_get("lan3_netmask"), sizeof(lan3mask)); + for (i = 0; i < wanfaces.count; ++i) { if (*(wanfaces.iface[i].name)) { @@ -508,6 +527,18 @@ static void nat_table(void) ipt_write("-A PREROUTING -i %s -d %s/%s -j DROP\n", wanfaces.iface[i].name, lanaddr, lanmask); // note: ipt will correct lanaddr + if(strcmp(lan1addr,"")!=0) + ipt_write("-A PREROUTING -i %s -d %s/%s -j DROP\n", + wanfaces.iface[i].name, + lan1addr, lan1mask); + if(strcmp(lan2addr,"")!=0) + ipt_write("-A PREROUTING -i %s -d %s/%s -j DROP\n", + wanfaces.iface[i].name, + lan2addr, lan2mask); + if(strcmp(lan3addr,"")!=0) + ipt_write("-A PREROUTING -i %s -d %s/%s -j DROP\n", + wanfaces.iface[i].name, + lan3addr, lan3mask); } } @@ -517,6 +548,21 @@ static void nat_table(void) lanaddr, lanmask, lanaddr, lanmask, lanaddr); + if(strcmp(lan1addr,"")!=0) + ipt_write("-A PREROUTING -p udp -s %s/%s ! -d %s/%s --dport 53 -j DNAT --to-destination %s\n", + lan1addr, lan1mask, + lan1addr, lan1mask, + lan1addr); + if(strcmp(lan2addr,"")!=0) + ipt_write("-A PREROUTING -p udp -s %s/%s ! -d %s/%s --dport 53 -j DNAT --to-destination %s\n", + lan2addr, lan2mask, + lan2addr, lan2mask, + lan2addr); + if(strcmp(lan3addr,"")!=0) + ipt_write("-A PREROUTING -p udp -s %s/%s ! -d %s/%s --dport 53 -j DNAT --to-destination %s\n", + lan3addr, lan3mask, + lan3addr, lan3mask, + lan3addr); } // ICMP packets are always redirected to INPUT chains @@ -584,6 +630,24 @@ static void nat_table(void) lanaddr, lanmask, lanaddr, lanmask, lanaddr); + if (strcmp(lan1face,"")!=0) + ipt_write("-A POSTROUTING -o %s -s %s/%s -d %s/%s -j SNAT --to-source %s\n", + lan1face, + lan1addr, lan1mask, + lan1addr, lan1mask, + lan1addr); + if (strcmp(lan2face,"")!=0) + ipt_write("-A POSTROUTING -o %s -s %s/%s -d %s/%s -j SNAT --to-source %s\n", + lan2face, + lan2addr, lan2mask, + lan2addr, lan2mask, + lan2addr); + if (strcmp(lan3face,"")!=0) + ipt_write("-A POSTROUTING -o %s -s %s/%s -d %s/%s -j SNAT --to-source %s\n", + lan3face, + lan3addr, lan3mask, + lan3addr, lan3mask, + lan3addr); break; } } @@ -608,6 +672,12 @@ static void filter_input(void) for (n = 0; n < wanfaces.count; ++n) { if (*(wanfaces.iface[n].name)) { ipt_write("-A INPUT -i %s -d %s -j DROP\n", lanface, wanfaces.iface[n].ip); + if (strcmp(lan1face,"")!=0) + ipt_write("-A INPUT -i %s -d %s -j DROP\n", lan1face, wanfaces.iface[n].ip); + if (strcmp(lan2face,"")!=0) + ipt_write("-A INPUT -i %s -d %s -j DROP\n", lan2face, wanfaces.iface[n].ip); + if (strcmp(lan3face,"")!=0) + ipt_write("-A INPUT -i %s -d %s -j DROP\n", lan3face, wanfaces.iface[n].ip); } } } @@ -665,9 +735,21 @@ static void filter_input(void) #endif ipt_write( - "-A INPUT -i %s -j ACCEPT\n" - "-A INPUT -i lo -j ACCEPT\n", + "-A INPUT -i lo -j ACCEPT\n" + "-A INPUT -i %s -j ACCEPT\n", lanface); + if (strcmp(lan1face,"")!=0) + ipt_write( + "-A INPUT -i %s -j ACCEPT\n", + lan1face); + if (strcmp(lan2face,"")!=0) + ipt_write( + "-A INPUT -i %s -j ACCEPT\n", + lan2face); + if (strcmp(lan3face,"")!=0) + ipt_write( + "-A INPUT -i %s -j ACCEPT\n", + lan3face); #ifdef TCONFIG_IPV6 switch (get_ipv6_service()) { @@ -779,9 +861,23 @@ static void filter_forward(void) int i; ipt_write( - "-A FORWARD -i %s -o %s -j ACCEPT\n" // accept all lan to lan - "-A FORWARD -m state --state INVALID -j DROP\n", // drop if INVALID state + "-A FORWARD -i %s -o %s -j ACCEPT\n", // accept all lan to lan +// "-A FORWARD -m state --state INVALID -j DROP\n", // drop if INVALID state lanface, lanface); + if (strcmp(lan1face,"")!=0) + ipt_write( + "-A FORWARD -i %s -o %s -j ACCEPT\n", + lan1face, lan1face); + if (strcmp(lan2face,"")!=0) + ipt_write( + "-A FORWARD -i %s -o %s -j ACCEPT\n", + lan2face, lan2face); + if (strcmp(lan3face,"")!=0) + ipt_write( + "-A FORWARD -i %s -o %s -j ACCEPT\n", + lan3face, lan3face); + ipt_write( + "-A FORWARD -m state --state INVALID -j DROP\n"); // drop if INVALID state // clamp tcp mss to pmtu clampmss(); @@ -809,6 +905,15 @@ static void filter_forward(void) ipt_write("-A FORWARD -i %s -j %s\n", // from lan lanface, chain_out_accept); + if (strcmp(lan1face,"")!=0) + ipt_write("-A FORWARD -i %s -j %s\n", // from lan + lan1face, chain_out_accept); + if (strcmp(lan2face,"")!=0) + ipt_write("-A FORWARD -i %s -j %s\n", // from lan + lan2face, chain_out_accept); + if (strcmp(lan3face,"")!=0) + ipt_write("-A FORWARD -i %s -j %s\n", // from lan + lan3face, chain_out_accept); if (nvram_get_int("upnp_enable") & 3) { ipt_write(":upnp - [0:0]\n"); @@ -1167,6 +1272,9 @@ int start_firewall(void) // if (nvram_match("nf_drop_reset", "1")) chain_out_drop = chain_out_reject; strlcpy(lanface, nvram_safe_get("lan_ifname"), IFNAMSIZ); + strlcpy(lan1face, nvram_safe_get("lan1_ifname"), IFNAMSIZ); + strlcpy(lan2face, nvram_safe_get("lan2_ifname"), IFNAMSIZ); + strlcpy(lan3face, nvram_safe_get("lan3_ifname"), IFNAMSIZ); memcpy(&wanfaces, get_wanfaces(), sizeof(wanfaces)); wanface = wanfaces.iface[0].name; @@ -1177,6 +1285,19 @@ int start_firewall(void) strlcpy(s, nvram_safe_get("lan_ipaddr"), sizeof(s)); if ((c = strrchr(s, '.')) != NULL) *(c + 1) = 0; strlcpy(lan_cclass, s, sizeof(lan_cclass)); +/* + strlcpy(s, nvram_safe_get("lan1_ipaddr"), sizeof(s)); + if ((c = strrchr(s, '.')) != NULL) *(c + 1) = 0; + strlcpy(lan1_cclass, s, sizeof(lan1_cclass)); + + strlcpy(s, nvram_safe_get("lan2_ipaddr"), sizeof(s)); + if ((c = strrchr(s, '.')) != NULL) *(c + 1) = 0; + strlcpy(lan2_cclass, s, sizeof(lan2_cclass)); + + strlcpy(s, nvram_safe_get("lan3_ipaddr"), sizeof(s)); + if ((c = strrchr(s, '.')) != NULL) *(c + 1) = 0; + strlcpy(lan3_cclass, s, sizeof(lan3_cclass)); +*/ /* block obviously spoofed IP addresses diff --git a/release/src/router/rc/network.c b/release/src/router/rc/network.c index a71888dac4..96791a3633 100644 --- a/release/src/router/rc/network.c +++ b/release/src/router/rc/network.c @@ -427,6 +427,9 @@ void start_lan(void) int unit, subunit, sta; int hwaddrset; char eabuf[32]; + char tmp[32]; + char tmp2[32]; + char br; foreach_wif(1, NULL, set_wlmac); check_afterburner(); @@ -435,144 +438,172 @@ void start_lan(void) #endif if ((sfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) return; + for(br=0 ; br<4 ; br++) { + char bridge[2] = "0"; + if (br!=0) + bridge[0]+=br; + else + strcpy(bridge, ""); + +// lan_ifname = strdup(nvram_safe_get("lan_ifname")); + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ifname"); + lan_ifname = strdup(nvram_safe_get(tmp)); - lan_ifname = strdup(nvram_safe_get("lan_ifname")); - if (strncmp(lan_ifname, "br", 2) == 0) { - _dprintf("%s: setting up the bridge %s\n", __FUNCTION__, lan_ifname); + if (strncmp(lan_ifname, "br", 2) == 0) { + _dprintf("%s: setting up the bridge %s\n", __FUNCTION__, lan_ifname); - eval("brctl", "addbr", lan_ifname); - eval("brctl", "setfd", lan_ifname, "0"); - eval("brctl", "stp", lan_ifname, nvram_safe_get("lan_stp")); + eval("brctl", "addbr", lan_ifname); + eval("brctl", "setfd", lan_ifname, "0"); + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_stp"); + eval("brctl", "stp", lan_ifname, nvram_safe_get(tmp)); #ifdef TCONFIG_EMF - if (nvram_get_int("emf_enable")) { - eval("emf", "add", "bridge", lan_ifname); - eval("igs", "add", "bridge", lan_ifname); - } + if (nvram_get_int("emf_enable")) { + eval("emf", "add", "bridge", lan_ifname); + eval("igs", "add", "bridge", lan_ifname); + } #endif - inet_aton(nvram_safe_get("lan_ipaddr"), (struct in_addr *)&ip); - - hwaddrset = 0; - sta = 0; - if ((lan_ifnames = strdup(nvram_safe_get("lan_ifnames"))) != NULL) { - p = lan_ifnames; - while ((ifname = strsep(&p, " ")) != NULL) { - while (*ifname == ' ') ++ifname; - if (*ifname == 0) break; - - unit = -1; subunit = -1; - - // ignore disabled wl vifs - if (strncmp(ifname, "wl", 2) == 0 && strchr(ifname, '.')) { - char nv[64]; - - snprintf(nv, sizeof(nv) - 1, "%s_bss_enabled", ifname); - if (!nvram_get_int(nv)) - continue; - if (get_ifname_unit(ifname, &unit, &subunit) < 0) - continue; - } - else - wl_ioctl(ifname, WLC_GET_INSTANCE, &unit, sizeof(unit)); - - // bring up interface - if (ifconfig(ifname, IFUP|IFF_ALLMULTI, NULL, NULL) != 0) continue; - - // set the logical bridge address to that of the first interface - strlcpy(ifr.ifr_name, lan_ifname, IFNAMSIZ); - if ((!hwaddrset) || - (ioctl(sfd, SIOCGIFHWADDR, &ifr) == 0 && - memcmp(ifr.ifr_hwaddr.sa_data, "\0\0\0\0\0\0", ETHER_ADDR_LEN) == 0)) { - strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); - if (ioctl(sfd, SIOCGIFHWADDR, &ifr) == 0) { - strlcpy(ifr.ifr_name, lan_ifname, IFNAMSIZ); - ifr.ifr_hwaddr.sa_family = ARPHRD_ETHER; - _dprintf("%s: setting MAC of %s bridge to %s\n", __FUNCTION__, - ifr.ifr_name, ether_etoa(ifr.ifr_hwaddr.sa_data, eabuf)); - ioctl(sfd, SIOCSIFHWADDR, &ifr); - hwaddrset = 1; + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ipaddr"); + inet_aton(nvram_safe_get(tmp), (struct in_addr *)&ip); + + hwaddrset = 0; + sta = 0; + + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ifnames"); + if ((lan_ifnames = strdup(nvram_safe_get(tmp))) != NULL) { + p = lan_ifnames; + while ((ifname = strsep(&p, " ")) != NULL) { + while (*ifname == ' ') ++ifname; + if (*ifname == 0) break; + + unit = -1; subunit = -1; + + // ignore disabled wl vifs + if (strncmp(ifname, "wl", 2) == 0 && strchr(ifname, '.')) { + char nv[64]; + + snprintf(nv, sizeof(nv) - 1, "%s_bss_enabled", ifname); + if (!nvram_get_int(nv)) + continue; + if (get_ifname_unit(ifname, &unit, &subunit) < 0) + continue; + } + else + wl_ioctl(ifname, WLC_GET_INSTANCE, &unit, sizeof(unit)); + + // bring up interface + if (ifconfig(ifname, IFUP|IFF_ALLMULTI, NULL, NULL) != 0) continue; + + // set the logical bridge address to that of the first interface + strlcpy(ifr.ifr_name, lan_ifname, IFNAMSIZ); + if ((!hwaddrset) || + (ioctl(sfd, SIOCGIFHWADDR, &ifr) == 0 && + memcmp(ifr.ifr_hwaddr.sa_data, "\0\0\0\0\0\0", ETHER_ADDR_LEN) == 0)) { + strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); + if (ioctl(sfd, SIOCGIFHWADDR, &ifr) == 0) { + strlcpy(ifr.ifr_name, lan_ifname, IFNAMSIZ); + ifr.ifr_hwaddr.sa_family = ARPHRD_ETHER; + _dprintf("%s: setting MAC of %s bridge to %s\n", __FUNCTION__, + ifr.ifr_name, ether_etoa(ifr.ifr_hwaddr.sa_data, eabuf)); + ioctl(sfd, SIOCSIFHWADDR, &ifr); + hwaddrset = 1; + } } - } - if (wlconf(ifname, unit, subunit) == 0) { - const char *mode = nvram_safe_get(wl_nvname("mode", unit, subunit)); + if (wlconf(ifname, unit, subunit) == 0) { + const char *mode = nvram_safe_get(wl_nvname("mode", unit, subunit)); - if (strcmp(mode, "wet") == 0) { - // Enable host DHCP relay - if (nvram_get_int("dhcp_relay")) { - wl_iovar_set(ifname, "wet_host_mac", ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN); - wl_iovar_setint(ifname, "wet_host_ipv4", ip); + if (strcmp(mode, "wet") == 0) { + // Enable host DHCP relay + if (nvram_get_int("dhcp_relay")) { + wl_iovar_set(ifname, "wet_host_mac", ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN); + wl_iovar_setint(ifname, "wet_host_ipv4", ip); + } } - } - sta |= (strcmp(mode, "sta") == 0); - if ((strcmp(mode, "ap") != 0) && (strcmp(mode, "wet") != 0)) continue; - } - eval("brctl", "addif", lan_ifname, ifname); + sta |= (strcmp(mode, "sta") == 0); + if ((strcmp(mode, "ap") != 0) && (strcmp(mode, "wet") != 0)) continue; + } + eval("brctl", "addif", lan_ifname, ifname); #ifdef TCONFIG_EMF - if (nvram_get_int("emf_enable")) - eval("emf", "add", "iface", lan_ifname, ifname); + if (nvram_get_int("emf_enable")) + eval("emf", "add", "iface", lan_ifname, ifname); #endif - } + } - if ((nvram_get_int("wan_islan")) && - ((get_wan_proto() == WP_DISABLED) || (sta))) { - ifname = nvram_get("wan_ifnameX"); - if (ifconfig(ifname, IFUP, NULL, NULL) == 0) - eval("brctl", "addif", lan_ifname, ifname); - } + if ((nvram_get_int("wan_islan")) && (br==0) && + ((get_wan_proto() == WP_DISABLED) || (sta))) { + ifname = nvram_get("wan_ifnameX"); + if (ifconfig(ifname, IFUP, NULL, NULL) == 0) + eval("brctl", "addif", lan_ifname, ifname); + } - free(lan_ifnames); + free(lan_ifnames); + } + } + // --- this shouldn't happen --- + else if (*lan_ifname) { + ifconfig(lan_ifname, IFUP, NULL, NULL); + wlconf(lan_ifname, -1, -1); + } + else { + close(sfd); + free(lan_ifname); + return; } - } - // --- this shouldn't happen --- - else if (*lan_ifname) { - ifconfig(lan_ifname, IFUP, NULL, NULL); - wlconf(lan_ifname, -1, -1); - } - else { - close(sfd); - free(lan_ifname); - return; - } - - // Get current LAN hardware address - strlcpy(ifr.ifr_name, lan_ifname, IFNAMSIZ); - if (ioctl(sfd, SIOCGIFHWADDR, &ifr) == 0) nvram_set("lan_hwaddr", ether_etoa(ifr.ifr_hwaddr.sa_data, eabuf)); - - // Set initial QoS mode for LAN ports - set_et_qos_mode(sfd); - - close(sfd); - // bring up and configure LAN interface - ifconfig(lan_ifname, IFUP, nvram_safe_get("lan_ipaddr"), nvram_safe_get("lan_netmask")); + // Get current LAN hardware address + strlcpy(ifr.ifr_name, lan_ifname, IFNAMSIZ); + if (ioctl(sfd, SIOCGIFHWADDR, &ifr) == 0) nvram_set("lan_hwaddr", ether_etoa(ifr.ifr_hwaddr.sa_data, eabuf)); - config_loopback(); - do_static_routes(1); + // Set initial QoS mode for LAN ports + set_et_qos_mode(sfd); - set_lan_hostname(nvram_safe_get("wan_hostname")); + close(sfd); - if (get_wan_proto() == WP_DISABLED) { - char *gateway = nvram_safe_get("lan_gateway") ; - if ((*gateway) && (strcmp(gateway, "0.0.0.0") != 0)) { - int tries = 5; - while ((route_add(lan_ifname, 0, "0.0.0.0", gateway, "0.0.0.0") != 0) && (tries-- > 0)) sleep(1); - _dprintf("%s: add gateway=%s tries=%d\n", __FUNCTION__, gateway, tries); + // bring up and configure LAN interface + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ipaddr"); + strcpy(tmp2,"lan"); + strcat(tmp2,bridge); + strcat(tmp2, "_netmask"); + ifconfig(lan_ifname, IFUP, nvram_safe_get(tmp), nvram_safe_get(tmp2)); + + config_loopback(); + do_static_routes(1); + + if(br==0) + set_lan_hostname(nvram_safe_get("wan_hostname")); + + if ((get_wan_proto() == WP_DISABLED) && (br==0)) { + char *gateway = nvram_safe_get("lan_gateway") ; + if ((*gateway) && (strcmp(gateway, "0.0.0.0") != 0)) { + int tries = 5; + while ((route_add(lan_ifname, 0, "0.0.0.0", gateway, "0.0.0.0") != 0) && (tries-- > 0)) sleep(1); + _dprintf("%s: add gateway=%s tries=%d\n", __FUNCTION__, gateway, tries); + } } - } #ifdef TCONFIG_IPV6 - start_ipv6(); + start_ipv6(); #endif #ifdef TCONFIG_EMF - if (nvram_get_int("emf_enable")) start_emf(lan_ifname); + if (nvram_get_int("emf_enable")) start_emf(lan_ifname); #endif - free(lan_ifname); - + free(lan_ifname); + } _dprintf("%s %d\n", __FUNCTION__, __LINE__); } @@ -582,35 +613,50 @@ void stop_lan(void) char *lan_ifname; char *lan_ifnames, *p, *ifname; - - lan_ifname = nvram_safe_get("lan_ifname"); - ifconfig(lan_ifname, 0, NULL, NULL); + char tmp[32]; + char br; + + for(br=0 ; br<4 ; br++) { + char bridge[2] = "0"; + if (br!=0) + bridge[0]+=br; + else + strcpy(bridge, ""); + + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ifname"); + lan_ifname = nvram_safe_get(tmp); + ifconfig(lan_ifname, 0, NULL, NULL); #ifdef TCONFIG_IPV6 - stop_ipv6(); + stop_ipv6(); #endif - if (strncmp(lan_ifname, "br", 2) == 0) { + if (strncmp(lan_ifname, "br", 2) == 0) { #ifdef TCONFIG_EMF - stop_emf(lan_ifname); + stop_emf(lan_ifname); #endif - if ((lan_ifnames = strdup(nvram_safe_get("lan_ifnames"))) != NULL) { - p = lan_ifnames; - while ((ifname = strsep(&p, " ")) != NULL) { - while (*ifname == ' ') ++ifname; - if (*ifname == 0) break; - eval("wlconf", ifname, "down"); - ifconfig(ifname, 0, NULL, NULL); - eval("brctl", "delif", lan_ifname, ifname); + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ifnames"); + if ((lan_ifnames = strdup(nvram_safe_get(tmp))) != NULL) { + p = lan_ifnames; + while ((ifname = strsep(&p, " ")) != NULL) { + while (*ifname == ' ') ++ifname; + if (*ifname == 0) break; + eval("wlconf", ifname, "down"); + ifconfig(ifname, 0, NULL, NULL); + eval("brctl", "delif", lan_ifname, ifname); + } + free(lan_ifnames); } - free(lan_ifnames); + eval("brctl", "delbr", lan_ifname); + } + else if (*lan_ifname) { + eval("wlconf", lan_ifname, "down"); } - eval("brctl", "delbr", lan_ifname); - } - else if (*lan_ifname) { - eval("wlconf", lan_ifname, "down"); } - _dprintf("%s %d\n", __FUNCTION__, __LINE__); } diff --git a/release/src/router/rc/services.c b/release/src/router/rc/services.c index f3118a0126..eff64ef329 100644 --- a/release/src/router/rc/services.c +++ b/release/src/router/rc/services.c @@ -72,7 +72,7 @@ void start_dnsmasq() char buf[512]; char lan[24]; const char *router_ip; - const char *lan_ifname; +// const char *lan_ifname; char sdhcp_lease[32]; char *e; int n; @@ -100,15 +100,15 @@ void start_dnsmasq() if ((f = fopen("/etc/dnsmasq.conf", "w")) == NULL) return; - lan_ifname = nvram_safe_get("lan_ifname"); +// lan_ifname = nvram_safe_get("lan_ifname"); router_ip = nvram_safe_get("lan_ipaddr"); - strlcpy(lan, router_ip, sizeof(lan)); - if ((p = strrchr(lan, '.')) != NULL) *(p + 1) = 0; +// strlcpy(lan, router_ip, sizeof(lan)); +// if ((p = strrchr(lan, '.')) != NULL) *(p + 1) = 0; fprintf(f, - "pid-file=/var/run/dnsmasq.pid\n" - "interface=%s\n", - lan_ifname); + "pid-file=/var/run/dnsmasq.pid\n"); +// "interface=%s\n", +// lan_ifname); if (((nv = nvram_get("wan_domain")) != NULL) || ((nv = nvram_get("wan_get_domain")) != NULL)) { if (*nv) fprintf(f, "domain=%s\n", nv); } @@ -153,80 +153,146 @@ void start_dnsmasq() } // dhcp - do_dhcpd = nvram_match("lan_proto", "dhcp"); - if (do_dhcpd) { - dhcp_lease = nvram_get_int("dhcp_lease"); - if (dhcp_lease <= 0) dhcp_lease = 1440; - - if ((e = nvram_get("dhcpd_slt")) != NULL) n = atoi(e); else n = 0; - if (n < 0) strcpy(sdhcp_lease, "infinite"); - else sprintf(sdhcp_lease, "%dm", (n > 0) ? n : dhcp_lease); - - if (!do_dns) { - // if not using dnsmasq for dns - - if ((dns->count == 0) && (nvram_get_int("dhcpd_llndns"))) { - // no DNS might be temporary. use a low lease time to force clients to update. - dhcp_lease = 2; - strcpy(sdhcp_lease, "2m"); - do_dns = 1; - } - else { - // pass the dns directly - buf[0] = 0; - for (n = 0 ; n < dns->count; ++n) { - if (dns->dns[n].port == 53) { // check: option 6 doesn't seem to support other ports - sprintf(buf + strlen(buf), ",%s", inet_ntoa(dns->dns[n].addr)); + char tmp[32]; + char tmp2[32]; + char tmp3[32]; + char br; + for(br=0 ; br<4 ; br++) { + char bridge[2] = "0"; + if (br!=0) + bridge[0]+=br; + else + strcpy(bridge, ""); + + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_proto"); + do_dhcpd = nvram_match(tmp, "dhcp"); +// do_dhcpd = nvram_match("lan_proto", "dhcp"); + if (do_dhcpd) { + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ipaddr"); + router_ip = nvram_safe_get(tmp); + strlcpy(lan, router_ip, sizeof(lan)); + if ((p = strrchr(lan, '.')) != NULL) *(p + 1) = 0; + + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ifname"); + + fprintf(f, + "interface=%s\n", + nvram_safe_get(tmp)); + + strcpy(tmp,"dhcp"); + strcat(tmp,bridge); + strcat(tmp, "_lease"); +// dhcp_lease = nvram_get_int("dhcp_lease"); + dhcp_lease = nvram_get_int(tmp); + if (dhcp_lease <= 0) dhcp_lease = 1440; + + if ((e = nvram_get("dhcpd_slt")) != NULL) n = atoi(e); else n = 0; + if (n < 0) strcpy(sdhcp_lease, "infinite"); + else sprintf(sdhcp_lease, "%dm", (n > 0) ? n : dhcp_lease); + + if (!do_dns) { + // if not using dnsmasq for dns + + if ((dns->count == 0) && (nvram_get_int("dhcpd_llndns"))) { + // no DNS might be temporary. use a low lease time to force clients to update. + dhcp_lease = 2; + strcpy(sdhcp_lease, "2m"); + do_dns = 1; + } + else { + // pass the dns directly + buf[0] = 0; + for (n = 0 ; n < dns->count; ++n) { + if (dns->dns[n].port == 53) { // check: option 6 doesn't seem to support other ports + sprintf(buf + strlen(buf), ",%s", inet_ntoa(dns->dns[n].addr)); + } } + fprintf(f, "dhcp-option=6%s\n", buf); } - fprintf(f, "dhcp-option=6%s\n", buf); } - } - if ((p = nvram_get("dhcpd_startip")) && (*p) && (e = nvram_get("dhcpd_endip")) && (*e)) { - fprintf(f, "dhcp-range=%s,%s,%s,%dm\n", p, e, nvram_safe_get("lan_netmask"), dhcp_lease); - } - else { - // for compatibility - dhcp_start = nvram_get_int("dhcp_start"); - dhcp_count = nvram_get_int("dhcp_num"); - fprintf(f, "dhcp-range=%s%d,%s%d,%s,%dm\n", - lan, dhcp_start, lan, dhcp_start + dhcp_count - 1, nvram_safe_get("lan_netmask"), dhcp_lease); - } + strcpy(tmp,"dhcpd"); + strcat(tmp,bridge); + strcat(tmp, "_startip"); + strcpy(tmp2,"dhcpd"); + strcat(tmp2,bridge); + strcat(tmp2, "_endip"); + strcpy(tmp3,"lan"); + strcat(tmp3,bridge); + strcat(tmp3, "_netmask"); +// if ((p = nvram_get("dhcpd_startip")) && (*p) && (e = nvram_get("dhcpd_endip")) && (*e)) { +// fprintf(f, "dhcp-range=%s,%s,%s,%dm\n", p, e, nvram_safe_get("lan_netmask"), dhcp_lease); + if ((p = nvram_get(tmp)) && (*p) && (e = nvram_get(tmp2)) && (*e)) { + fprintf(f, "dhcp-range=%s,%s,%s,%dm\n", p, e, nvram_safe_get(tmp3), dhcp_lease); + } + else { + // for compatibility +// dhcp_start = nvram_get_int("dhcp_start"); +// dhcp_count = nvram_get_int("dhcp_num"); + strcpy(tmp,"dhcp"); + strcat(tmp,bridge); + strcat(tmp, "_start"); + strcpy(tmp2,"dhcp"); + strcat(tmp2,bridge); + strcat(tmp2, "_num"); + strcpy(tmp3,"lan"); + strcat(tmp3,bridge); + strcat(tmp3, "_netmask"); + dhcp_start = nvram_get_int(tmp); + dhcp_count = nvram_get_int(tmp2); + fprintf(f, "dhcp-range=%s%d,%s%d,%s,%dm\n", +// lan, dhcp_start, lan, dhcp_start + dhcp_count - 1, nvram_safe_get("lan_netmask"), dhcp_lease); + lan, dhcp_start, lan, dhcp_start + dhcp_count - 1, nvram_safe_get(tmp3), dhcp_lease); + } - nv = router_ip; - if ((nvram_get_int("dhcpd_gwmode") == 1) && (get_wan_proto() == WP_DISABLED)) { - p = nvram_safe_get("lan_gateway"); - if ((*p) && (strcmp(p, "0.0.0.0") != 0)) nv = p; - } + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ipaddr"); + nv = nvram_safe_get(tmp); +// nv = router_ip; + if ((nvram_get_int("dhcpd_gwmode") == 1) && (get_wan_proto() == WP_DISABLED)) { + p = nvram_safe_get("lan_gateway"); + if ((*p) && (strcmp(p, "0.0.0.0") != 0)) nv = p; + } - n = nvram_get_int("dhcpd_lmax"); - fprintf(f, - "dhcp-option=3,%s\n" // gateway - "dhcp-lease-max=%d\n", - nv, - (n > 0) ? n : 255); + n = nvram_get_int("dhcpd_lmax"); + fprintf(f, + "dhcp-option=3,%s\n" // gateway + "dhcp-lease-max=%d\n", + nv, + (n > 0) ? n : 255); - if (nvram_get_int("dhcpd_auth") >= 0) { - fprintf(f, "dhcp-authoritative\n"); - } + if (nvram_get_int("dhcpd_auth") >= 0) { + fprintf(f, "dhcp-authoritative\n"); + } - if (((nv = nvram_get("wan_wins")) != NULL) && (*nv) && (strcmp(nv, "0.0.0.0") != 0)) { - fprintf(f, "dhcp-option=44,%s\n", nv); - } + if (((nv = nvram_get("wan_wins")) != NULL) && (*nv) && (strcmp(nv, "0.0.0.0") != 0)) { + fprintf(f, "dhcp-option=44,%s\n", nv); + } #ifdef TCONFIG_SAMBASRV - else if (nvram_get_int("smbd_enable") && nvram_invmatch("lan_hostname", "") && nvram_get_int("smbd_wins")) { - if ((nv == NULL) || (*nv == 0) || (strcmp(nv, "0.0.0.0") == 0)) { - // Samba will serve as a WINS server - fprintf(f, "dhcp-option=44,0.0.0.0\n"); + else if (nvram_get_int("smbd_enable") && nvram_invmatch("lan_hostname", "") && nvram_get_int("smbd_wins")) { + if ((nv == NULL) || (*nv == 0) || (strcmp(nv, "0.0.0.0") == 0)) { + // Samba will serve as a WINS server + fprintf(f, "dhcp-option=44,0.0.0.0\n"); + } } - } #endif +// } + } else { + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ifname"); +// fprintf(f, "no-dhcp-interface=%s\n", lan_ifname); + if (strcmp(nvram_safe_get(tmp),"")!=0) + fprintf(f, "no-dhcp-interface=%s\n", nvram_safe_get(tmp)); + } } - else { - fprintf(f, "no-dhcp-interface=%s\n", lan_ifname); - } - // write static lease entries & create hosts file if ((hf = fopen(dmhosts, "w")) != NULL) { @@ -596,12 +662,12 @@ void start_upnp(void) upnp_port = nvram_get_int("upnp_port"); if ((upnp_port < 0) || (upnp_port >= 0xFFFF)) upnp_port = 0; - char *lanip = nvram_safe_get("lan_ipaddr"); - char *lanmask = nvram_safe_get("lan_netmask"); +// char *lanip = nvram_safe_get("lan_ipaddr"); +// char *lanmask = nvram_safe_get("lan_netmask"); fprintf(f, "ext_ifname=%s\n" - "listening_ip=%s/%s\n" +// "listening_ip=%s/%s\n" "port=%d\n" "enable_upnp=%s\n" "enable_natpmp=%s\n" @@ -613,7 +679,7 @@ void start_upnp(void) "\n" , get_wanface(), - lanip, lanmask, +// lanip, lanmask, upnp_port, (enable & 1) ? "yes" : "no", // upnp enable (enable & 2) ? "yes" : "no", // natpmp enable @@ -637,7 +703,8 @@ void start_upnp(void) if (nvram_match("upnp_mnp", "1")) { int https = nvram_get_int("https_enable"); fprintf(f, "presentation_url=http%s://%s:%s/forward-upnp.asp\n", - https ? "s" : "", lanip, +// https ? "s" : "", lanip, + https ? "s" : "", nvram_safe_get("lan_ipaddr"), nvram_safe_get(https ? "https_lanport" : "http_lanport")); } else { @@ -649,21 +716,49 @@ void start_upnp(void) f_read_string("/proc/sys/kernel/random/uuid", uuid, sizeof(uuid)); fprintf(f, "uuid=%s\n", uuid); - int ports[4]; - if ((ports[0] = nvram_get_int("upnp_min_port_int")) > 0 && - (ports[1] = nvram_get_int("upnp_max_port_int")) > 0 && - (ports[2] = nvram_get_int("upnp_min_port_ext")) > 0 && - (ports[3] = nvram_get_int("upnp_max_port_ext")) > 0) { - fprintf(f, - "allow %d-%d %s/%s %d-%d\n", - ports[0], ports[1], - lanip, lanmask, - ports[2], ports[3] - ); - } - else { - // by default allow only redirection of ports above 1024 - fprintf(f, "allow 1024-65535 %s/%s 1024-65535\n", lanip, lanmask); + char tmp[32]; + char tmp2[32]; + char br; + + for(br=0 ; br<4 ; br++) { + char bridge[2] = "0"; + if (br!=0) + bridge[0]+=br; + else + strcpy(bridge, ""); + + strcpy(tmp,"lan"); + strcat(tmp,bridge); + strcat(tmp, "_ipaddr"); + strcpy(tmp2,"lan"); + strcat(tmp2,bridge); + strcat(tmp2, "_netmask"); + + char *lanip = nvram_safe_get(tmp); + char *lanmask = nvram_safe_get(tmp2); + + if(strcmp(lanip,"")!=0) { + fprintf(f, + "listening_ip=%s/%s\n", + lanip, lanmask); + + int ports[4]; + if ((ports[0] = nvram_get_int("upnp_min_port_int")) > 0 && + (ports[1] = nvram_get_int("upnp_max_port_int")) > 0 && + (ports[2] = nvram_get_int("upnp_min_port_ext")) > 0 && + (ports[3] = nvram_get_int("upnp_max_port_ext")) > 0) { + fprintf(f, + "allow %d-%d %s/%s %d-%d\n", + ports[0], ports[1], + lanip, lanmask, + ports[2], ports[3] + ); + } + else { + // by default allow only redirection of ports above 1024 + fprintf(f, "allow 1024-65535 %s/%s 1024-65535\n", lanip, lanmask); + } + } } fappend(f, "/etc/upnp/config.custom"); diff --git a/release/src/router/rc/wan.c b/release/src/router/rc/wan.c index 4fd4cf7e4f..ba49b42ce9 100644 --- a/release/src/router/rc/wan.c +++ b/release/src/router/rc/wan.c @@ -893,6 +893,12 @@ void start_wan_done(char *wan_ifname) if (check_hw_type() == HW_BCM4702) { eval("brctl", "stp", nvram_safe_get("lan_ifname"), "0"); if (nvram_match("lan_stp", "1")) eval("brctl", "stp", nvram_safe_get("lan_ifname"), "1"); + eval("brctl", "stp", nvram_safe_get("lan1_ifname"), "0"); + if (nvram_match("lan1_stp", "1")) eval("brctl", "stp", nvram_safe_get("lan1_ifname"), "1"); + eval("brctl", "stp", nvram_safe_get("lan2_ifname"), "0"); + if (nvram_match("lan2_stp", "1")) eval("brctl", "stp", nvram_safe_get("lan2_ifname"), "1"); + eval("brctl", "stp", nvram_safe_get("lan3_ifname"), "0"); + if (nvram_match("lan3_stp", "1")) eval("brctl", "stp", nvram_safe_get("lan3_ifname"), "1"); } if (wanup) diff --git a/release/src/router/www/advanced-routing.asp b/release/src/router/www/advanced-routing.asp index d916206a57..c213124e05 100644 --- a/release/src/router/www/advanced-routing.asp +++ b/release/src/router/www/advanced-routing.asp @@ -13,7 +13,7 @@ [<% ident(); %>] Advanced: Routing - +<% css(); %> @@ -45,7 +45,7 @@ diff --git a/release/src/router/www/advanced-vlan.asp b/release/src/router/www/advanced-vlan.asp index b299e6c3ef..6a8fe4b960 100644 --- a/release/src/router/www/advanced-vlan.asp +++ b/release/src/router/www/advanced-vlan.asp @@ -36,7 +36,7 @@ } @@ -619,9 +674,12 @@ function earlyInit() - - + + + + +