|
#!/bin/ash
|
|
# Alvaro Lopez Antelo
|
|
# OpenWRT script to configure a BATMAN-ADV gateway node on TP-LINK WDR-3600
|
|
# Firmware compiled with all necessary packages and Batman-ADV Version 5 on Chaos Calmer Release
|
|
|
|
# Router hostname
|
|
export hostname='gateway'
|
|
|
|
# Global variables
|
|
# Default mesh interface names and radio channels. Customize them at will.
|
|
export interface_name='mesh'
|
|
export interface_mesh_name='bat0'
|
|
export interface_ifname0='adhoc0'
|
|
export interface_ifname1='adhoc1'
|
|
export mesh_channel_radio0='9'
|
|
export mesh_channel_radio1='149'
|
|
# Mesh SSID and BSSID. Must be the same for this particular mesh deployment
|
|
export mesh_ssid='02_CA_FE_CA_00_10'
|
|
export mesh_bssid='02:CA:FE:CA:00:10'
|
|
# WPA-2 key hash derived with the following tool
|
|
# https://www.wireshark.org/tools/wpa-psk.html - WPA PSK Calculator
|
|
export ap_ssid='mesh'
|
|
export ap_key='92c013cfff68a59a38a2a77da861a8cbc676e916c0446ff7b3e8d1649f3a51fe'
|
|
# Management SNMP station IPv4 address
|
|
export management_station_ip='10.61.33.1'
|
|
# Only the gateway node has a DHCP server and local IPv4 address on LAN interface
|
|
export br_lan_ip='10.61.33.254'
|
|
export br_lan_netmask='255.255.255.0'
|
|
# Mesh internal DHCP range, excluding gateway and monitoring addresses
|
|
export start_ip_dhcp='2'
|
|
export end_ip_dhcp='251'
|
|
# internal domain name, for mesh nodes
|
|
export local_domain='mesh.lan'
|
|
# External backhaul link supplied DNS server to be passed along to mesh nodes and clients
|
|
export external_dns_ip='8.8.8.8'
|
|
|
|
# Set hostname on router and dhcp interfaces, set Brasil timezone
|
|
uci set system.@system[0].hostname=$hostname
|
|
uci set system.@system[0].timezone=BRT3BRST,M10.3.0/0,M2.3.0/0
|
|
uci set system.@system[0].zonename='America/Sao Paulo'
|
|
uci set network.lan.hostname=$hostname
|
|
uci set network.wan.hostname=$hostname
|
|
uci commit system
|
|
uci commit network
|
|
|
|
# Start with a clean wireless config - generate brand new one and delete preexisting interfaces
|
|
rm /etc/config/wireless
|
|
wifi detect >>/etc/config/wireless
|
|
( for i in `seq 0 9` ; do echo "delete wireless.@wifi-iface[]" ; done ) | uci batch -q
|
|
uci commit wireless
|
|
|
|
# Disable radio0 @ 2.4Ghz
|
|
uci set wireless.radio0.disabled='1'
|
|
uci set wireless.radio0.channel=$mesh_channel_radio0
|
|
uci set wireless.radio0.hwmode='11g'
|
|
uci set wireless.radio0.htmode='HT20'
|
|
uci set wireless.radio0.noscan='1'
|
|
uci set wireless.radio0.txpower='21'
|
|
uci set wireless.radio0.country='00'
|
|
uci commit wireless
|
|
|
|
# enable adhoc mesh, on radio1 @ 5Ghz
|
|
uci set wireless.radio1.disabled='0'
|
|
uci set wireless.radio1.channel=$mesh_channel_radio1
|
|
uci set wireless.radio1.hwmode='11a'
|
|
uci set wireless.radio1.htmode='HT40'
|
|
uci set wireless.radio1.noscan='1'
|
|
uci set wireless.radio1.txpower='19'
|
|
uci set wireless.radio1.country='00'
|
|
uci add wireless wifi-iface
|
|
uci set wireless.@wifi-iface[0].device=radio1
|
|
uci set wireless.@wifi-iface[0].mode=adhoc
|
|
uci set wireless.@wifi-iface[0].ssid=$mesh_ssid
|
|
uci set wireless.@wifi-iface[0].bssid=$mesh_bssid
|
|
uci set wireless.@wifi-iface[0].mcast_rate=18000
|
|
uci set wireless.@wifi-iface[0].ifname=$interface_ifname1
|
|
uci set wireless.@wifi-iface[0].network=$interface_name
|
|
uci set wireless.@wifi-iface[0].hidden='1'
|
|
uci commit wireless
|
|
|
|
# create batman-adv network interface with increased MTU and associate it with mesh
|
|
uci set network.$interface_name=interface
|
|
uci set network.$interface_name.mesh=$interface_mesh_name
|
|
uci set network.$interface_name.proto=batadv
|
|
uci set network.$interface_name.mtu=1560
|
|
uci commit network
|
|
|
|
# create batman-adv network interface with increased MTU and associate it with ETH0.3
|
|
# This wired interface can extend the mesh network to a monitoring station
|
|
uci set network.wired_mesh=interface
|
|
uci set network.wired_mesh.ifname='eth0.3'
|
|
uci set network.wired_mesh.mtu=1560
|
|
uci set network.wired_mesh.proto='none'
|
|
uci commit network
|
|
|
|
# In order to increase MTU of eth0.3 we need to bump main interface ETH0 to 1560 bytes
|
|
uci set network.eth0=interface
|
|
uci set network.eth0.ifname='eth0'
|
|
uci set network.eth0.mtu=1560
|
|
uci commit network
|
|
|
|
# Add VLAN 3 to switch0 and assign it as an untagged interface to port 3
|
|
# Port 3 need to be removed from VLAN 1 (LAN)
|
|
# This will be naturally connected subinterface eth0.3 created above
|
|
# And will be a batman-adv speaking interface to extend this mesh via cable
|
|
uci set network.@switch_vlan[0].vlan='1'
|
|
uci set network.@switch_vlan[0].ports='0t 2 4 5'
|
|
uci set network.@switch_vlan[1].vlan='2'
|
|
uci set network.@switch_vlan[1].ports='0t 1'
|
|
uci add network switch_vlan
|
|
uci set network.@switch_vlan[2]=switch_vlan
|
|
uci set network.@switch_vlan[2].device='switch0'
|
|
uci set network.@switch_vlan[2].vlan='3'
|
|
uci set network.@switch_vlan[2].ports='0t 3'
|
|
uci commit network
|
|
|
|
# Set WAN interface protocol and IP
|
|
uci set network.wan.proto='dhcp'
|
|
uci set network.wan.mtu=1500
|
|
#uci set network.wan.proto='static'
|
|
#uci set network.wan.ipaddr='10.7.162.130'
|
|
#uci set network.wan.netmask='255.255.255.248'
|
|
#uci set network.wan.gateway='10.7.162.129'
|
|
uci commit network
|
|
|
|
# Disable NAT on WAN but mantain firewall
|
|
#uci set firewall.@zone[1].conntrack='1'
|
|
#uci set firewall.@zone[1].masq='0'
|
|
#uci commit firewall
|
|
|
|
# Set IPv4 static address on br-lan bridge
|
|
uci set network.lan.proto='static'
|
|
uci set network.lan.ipaddr=$br_lan_ip
|
|
uci set network.lan.netmask=$br_lan_netmask
|
|
uci set network.lan.mtu='1500'
|
|
uci commit network
|
|
|
|
# Enable DHCP server on LAN
|
|
uci add_list dhcp.lan.dhcp_option='6,'$br_lan_ip,$external_dns_ip
|
|
uci set dhcp.lan.start=$start_ip_dhcp
|
|
uci set dhcp.lan.limit=$end_ip_dhcp
|
|
uci set dhcp.lan.leasetime='1h'
|
|
uci set dhcp.@dnsmasq[0].domain=$local_domain
|
|
uci set dhcp.@dnsmasq[0].localservice='0'
|
|
uci set dhcp.@dnsmasq[0].resolvfile='/etc/resolv.conf'
|
|
uci set dhcp.lan.ignore='0'
|
|
uci commit dhcp
|
|
|
|
# Use external DNS server
|
|
rm /etc/resolv.conf
|
|
echo "nameserver 127.0.0.1" > /etc/resolv.conf
|
|
echo "nameserver " $external_dns_ip >> /etc/resolv.conf
|
|
echo "search "$local_domain >> /etc/resolv.conf
|
|
|
|
# create batman-adv config file and configure it
|
|
uci import -m batman-adv </dev/null
|
|
uci set batman-adv.$interface_mesh_name='mesh'
|
|
uci set batman-adv.$interface_mesh_name.interfaces=$interface_ifname0
|
|
uci set batman-adv.$interface_mesh_name.aggregated_ogms='1'
|
|
uci set batman-adv.$interface_mesh_name.ap_isolation='0'
|
|
uci set batman-adv.$interface_mesh_name.bonding='0'
|
|
uci set batman-adv.$interface_mesh_name.fragmentation='0'
|
|
uci set batman-adv.$interface_mesh_name.gw_bandwidth=
|
|
uci set batman-adv.$interface_mesh_name.gw_mode='server'
|
|
uci set batman-adv.$interface_mesh_name.gw_sel_class='20'
|
|
uci set batman-adv.$interface_mesh_name.log_level=
|
|
uci set batman-adv.$interface_mesh_name.orig_interval='1000'
|
|
uci set batman-adv.$interface_mesh_name.vis_mode='1'
|
|
uci set batman-adv.$interface_mesh_name.bridge_loop_avoidance='1'
|
|
uci set batman-adv.$interface_mesh_name.distributed_arp_table='1'
|
|
uci set batman-adv.$interface_mesh_name.multicast_mode='1'
|
|
uci set batman-adv.$interface_mesh_name.network_coding=
|
|
uci set batman-adv.$interface_mesh_name.hop_penalty='15'
|
|
uci set batman-adv.$interface_mesh_name.isolation_mark=
|
|
uci set batman-adv.$interface_mesh_name.routing_algo='BATMAN_V'
|
|
uci commit batman-adv
|
|
|
|
# bridge br-lan with AP and batman mesh interface
|
|
uci set network.lan._orig_ifname='eth0.1'
|
|
uci set network.lan._orig_bridge='true'
|
|
uci set network.lan.ifname='bat0 eth0.1'
|
|
uci commit network
|
|
|
|
# Configure SNMP daemon local coordinates and contacts
|
|
uci set snmpd.@system[-1].sysLocation='[-22.9785166,-43.1908759]'
|
|
uci set snmpd.@system[-1].sysContact='alvaro.antelo@gmail.com'
|
|
uci set snmpd.@system[-1].sysName=$(uci get system.@system[0].hostname)
|
|
uci commit snmpd
|
|
|
|
# Script for MTU adjustment and adhoc interfaces association to batman
|
|
# Insert on rc.local for execution at the final boot phase
|
|
# allow 20 seconds for adhoc interfaces to stabilize
|
|
export TAB="$(printf '\t')"
|
|
cat <<EOF > /etc/rc.local
|
|
/bin/sleep 20
|
|
# Set MTU 1560 on wireless adhoc interfaces as a requirement for batman-adv
|
|
ip link set mtu 1560 dev adhoc1
|
|
/usr/bin/logger 'ADHOC1 MTU increased'
|
|
/bin/echo 'BATMAN_V' > /sys/module/batman_adv/parameters/routing_algo
|
|
/usr/bin/logger 'Selecting BATMAN_V as routing algorithm'
|
|
/usr/sbin/batctl if del adhoc1
|
|
/bin/sleep 1
|
|
/usr/sbin/batctl if del eth0.3
|
|
/bin/sleep 1
|
|
/usr/sbin/batctl if add adhoc1
|
|
/bin/sleep 1
|
|
/usr/sbin/batctl if add eth0.3
|
|
/sbin/ifconfig bat0 up
|
|
exit 0
|
|
EOF
|
|
|
|
# Redirect syslog to management station
|
|
uci set system.@system[0].log_ip=$management_station_ip
|
|
uci set system.@system[0].conloglevel=7
|
|
uci commit
|
|
|
|
# Configure alfred as a slave node, master will be the monitoring station
|
|
uci set alfred.alfred.mode='slave'
|
|
uci set alfred.alfred.start_vis='1'
|
|
uci set alfred.alfred.disabled='0'
|
|
uci commit alfred
|
|
|
|
# Enable SSH from wan
|
|
uci set firewall.openssh_server=rule
|
|
uci set firewall.openssh_server.name='ssh from wan to lan'
|
|
uci set firewall.openssh_server.src='wan'
|
|
uci set firewall.openssh_server.target='ACCEPT'
|
|
uci set firewall.openssh_server.proto='tcp'
|
|
uci set firewall.openssh_server.dest_port='22'
|
|
uci commit firewall
|
|
/etc/init.d/firewall restart
|
|
|
|
# generate ssh password on router, disabling telnet and enabling dropbear ssh server
|
|
passwd
|
|
|
|
reboot
|