Fixes for setting ttl
This commit is contained in:
Zach Brown
@@ -379,7 +379,7 @@ install_lighttpd() {
|
|||||||
rm /lib/systemd/system/multi-user.target.wants/simpleadmin_httpd.service
|
rm /lib/systemd/system/multi-user.target.wants/simpleadmin_httpd.service
|
||||||
fi
|
fi
|
||||||
|
|
||||||
/opt/bin/opkg install lighttpd lighttpd-mod-auth lighttpd-mod-authn_file lighttpd-mod-cgi lighttpd-mod-openssl lighttpd-mod-proxy
|
/opt/bin/opkg install sudo lighttpd lighttpd-mod-auth lighttpd-mod-authn_file lighttpd-mod-cgi lighttpd-mod-openssl lighttpd-mod-proxy
|
||||||
# Ensure rc.unslung doesn't try to start it
|
# Ensure rc.unslung doesn't try to start it
|
||||||
# Dynamically find and remove any Lighttpd-related init script
|
# Dynamically find and remove any Lighttpd-related init script
|
||||||
for script in /opt/etc/init.d/*lighttpd*; do
|
for script in /opt/etc/init.d/*lighttpd*; do
|
||||||
@@ -394,6 +394,7 @@ install_lighttpd() {
|
|||||||
wget -O "$SIMPLE_ADMIN_DIR/lighttpd.conf" https://raw.githubusercontent.com/$GITUSER/quectel-rgmii-toolkit/$GITTREE/simpleadmin/lighttpd.conf
|
wget -O "$SIMPLE_ADMIN_DIR/lighttpd.conf" https://raw.githubusercontent.com/$GITUSER/quectel-rgmii-toolkit/$GITTREE/simpleadmin/lighttpd.conf
|
||||||
wget -O "/lib/systemd/system/lighttpd.service" https://raw.githubusercontent.com/$GITUSER/quectel-rgmii-toolkit/$GITTREE/simpleadmin/systemd/lighttpd.service
|
wget -O "/lib/systemd/system/lighttpd.service" https://raw.githubusercontent.com/$GITUSER/quectel-rgmii-toolkit/$GITTREE/simpleadmin/systemd/lighttpd.service
|
||||||
ln -sf "/lib/systemd/system/lighttpd.service" "/lib/systemd/system/multi-user.target.wants/"
|
ln -sf "/lib/systemd/system/lighttpd.service" "/lib/systemd/system/multi-user.target.wants/"
|
||||||
|
echo "www-data ALL = (root) NOPASSWD: /usr/sbin/iptables, /usr/sbin/ip6tables, /usrdata/simplefirewall/ttl-override" > /opt/etc/sudoers.d/www-data
|
||||||
|
|
||||||
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
|
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
|
||||||
-subj "/C=US/ST=MI/L=Romulus/O=RMIITools/CN=localhost" \
|
-subj "/C=US/ST=MI/L=Romulus/O=RMIITools/CN=localhost" \
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ server.modules = (
|
|||||||
"mod_authn_file",
|
"mod_authn_file",
|
||||||
)
|
)
|
||||||
|
|
||||||
server.username = "nobody"
|
server.username = "www-data"
|
||||||
server.groupname = "dialout"
|
server.groupname = "dialout"
|
||||||
|
|
||||||
server.port = 80
|
server.port = 80
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Check iptables for ttlvalue
|
# Check iptables for ttlvalue
|
||||||
ttlvalue=$(iptables -t mangle -vnL | grep TTL | awk '{print $13}')
|
ttlvalue=$(/opt/bin/sudo /usr/sbin/iptables -w 5 -t mangle -vnL | grep TTL | awk '{print $13}' | head -n1)
|
||||||
ttlenabled=true;
|
ttlenabled=true;
|
||||||
|
|
||||||
# Set Variables
|
# Set Variables
|
||||||
@@ -16,4 +16,5 @@ cat <<EOT
|
|||||||
{
|
{
|
||||||
"isEnabled": $ttlenabled,
|
"isEnabled": $ttlenabled,
|
||||||
"ttl": $ttlvalue
|
"ttl": $ttlvalue
|
||||||
}
|
}
|
||||||
|
EOT
|
||||||
|
|||||||
@@ -22,28 +22,28 @@ setTTL=$(printf '%b\n' "${ttlvalue//%/\\x}")
|
|||||||
|
|
||||||
if [ -n "${setTTL}" ]; then
|
if [ -n "${setTTL}" ]; then
|
||||||
# Stop Service To Remove Rules
|
# Stop Service To Remove Rules
|
||||||
/usrdata/simplefirewall/ttl-override stop
|
/opt/bin/sudo /usrdata/simplefirewall/ttl-override stop
|
||||||
|
|
||||||
# Check iptables is still set
|
# Check iptables is still set
|
||||||
ttlcheck=$(iptables -t mangle -vnL | grep TTL | awk '{print $13}')
|
ttlcheck=$(/opt/bin/sudo /usr/sbin/iptables -w 5 -t mangle -vnL | grep TTL | awk '{print $13}')
|
||||||
|
|
||||||
# If TTL is still set manually remove values
|
# If TTL is still set manually remove values
|
||||||
if [ !-z "${ttlcheck}" ]; then
|
if [ !-z "${ttlcheck}" ]; then
|
||||||
iptables -t mangle -D POSTROUTING -o rmnet+ -j TTL --ttl-set ${ttlcheck} &>/dev/null || true
|
/opt/bin/sudo /usr/sbin/iptables -w 5 -t mangle -D POSTROUTING -o rmnet+ -j TTL --ttl-set ${ttlcheck} &>/dev/null || true
|
||||||
ip6tables -t mangle -D POSTROUTING -o rmnet+ -j HL --hl-set ${ttlcheck} &>/dev/null || true
|
/opt/bin/sudo /usr/sbin/ip6tables -w 5 -t mangle -D POSTROUTING -o rmnet+ -j HL --hl-set ${ttlcheck} &>/dev/null || true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Echo TTL to file
|
# Echo TTL to file
|
||||||
echo $setTTL > /usrdata/simplefirewall/ttlvalue
|
echo $setTTL > /usrdata/simplefirewall/ttlvalue
|
||||||
|
|
||||||
# Set Start Service
|
# Set Start Service
|
||||||
/usrdata/simplefirewall/ttl-override start
|
/opt/bin/sudo /usrdata/simplefirewall/ttl-override start
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Check iptables for ttlvalue
|
# Check iptables for ttlvalue
|
||||||
ttlvalue=$(iptables -t mangle -vnL | grep TTL | awk '{print $13}')
|
ttlvalue=$(/opt/bin/sudo /usr/sbin/iptables -w 5 -t mangle -vnL | grep TTL | awk '{print $13}')
|
||||||
ttlenabled=true;
|
ttlenabled=true;
|
||||||
|
|
||||||
# Set Variables
|
# Set Variables
|
||||||
@@ -58,4 +58,5 @@ cat <<EOT
|
|||||||
{
|
{
|
||||||
"isEnabled": $ttlenabled,
|
"isEnabled": $ttlenabled,
|
||||||
"ttl": $ttlvalue
|
"ttl": $ttlvalue
|
||||||
}
|
}
|
||||||
|
EOT
|
||||||
|
|||||||
Reference in New Issue
Block a user