init

openwrt/rootFS/etc/config/6relayd

@@ -0,0 +1,29 @@
+config server default
+	option master	wan6
+	list network	lan
+	option rd	server
+	option dhcpv6	server
+	option fallback_relay	'rd dhcpv6 ndp'
+	option management_level 1
+	option compat_ula 1
+
+
+# Example #1: Create a relay for several networks in proxy mode
+# This can be used to proxy Router Discovery, DHCPv6 and NDP.
+
+#config server examplerelay
+#	option master	'wan'
+#	option network	'lan'
+#	option rd	'relay'
+#	option dhcpv6	'relay'
+#	option ndp	'relay'
+
+
+# Example #2: Provide Router Discovery and stateless DHCPv6 in server mode
+# This can be used as a small radvd and stateless DHCPv6-server replacement.
+
+#config server exampleserver
+#	option network	'lan'
+#	option rd	'server'
+#	option dhcpv6	'server'
+

openwrt/rootFS/etc/config/dhcp

@@ -0,0 +1,32 @@
+config dnsmasq
+	option domainneeded	1
+	option boguspriv	1
+	option filterwin2k	0  # enable for dial on demand
+	option localise_queries	1
+	option rebind_protection 1  # disable if upstream must serve RFC1918 addresses
+	option rebind_localhost 1  # enable for RBL checking and similar services
+	#list rebind_domain example.lan  # whitelist RFC1918 responses for domains
+	option local	'/lan/'
+	option domain	'lan'
+	option expandhosts	1
+	option nonegcache	0
+	option authoritative	1
+	option readethers	1
+	option leasefile	'/tmp/dhcp.leases'
+	option resolvfile	'/tmp/resolv.conf.auto'
+	#list server		'/mycompany.local/1.2.3.4'
+	#option nonwildcard	1
+	#list interface		br-lan
+	#list notinterface	lo
+	#list bogusnxdomain     '64.94.110.11'
+
+config dhcp lan
+	option interface	lan
+	option start 	100
+	option limit	150
+	option leasetime	12h
+	option ignore 	1
+
+config dhcp wan
+	option interface	wan
+	option ignore	1

openwrt/rootFS/etc/config/dropbear

@@ -0,0 +1,5 @@
+config dropbear
+	option PasswordAuth 'on'
+	option RootPasswordAuth 'on'
+	option Port         '22'
+#	option BannerFile   '/etc/banner'

openwrt/rootFS/etc/config/firewall

@@ -0,0 +1,177 @@
+config defaults
+	option syn_flood	1
+	option input		ACCEPT
+	option output		ACCEPT
+	option forward		REJECT
+# Uncomment this line to disable ipv6 rules
+#	option disable_ipv6	1
+
+config zone
+	option name		lan
+	list   network		'lan'
+	option input		ACCEPT
+	option output		ACCEPT
+	option forward		ACCEPT
+
+config zone
+	option name		wan
+	list   network		'wan'
+	list   network		'wan6'
+	option input		REJECT
+	option output		ACCEPT
+	option forward		REJECT
+	option masq		1
+	option mtu_fix		1
+
+config forwarding
+	option src		lan
+	option dest		wan
+
+# We need to accept udp packets on port 68,
+# see https://dev.openwrt.org/ticket/4108
+config rule
+	option name		Allow-DHCP-Renew
+	option src		wan
+	option proto		udp
+	option dest_port	68
+	option target		ACCEPT
+	option family		ipv4
+
+# Allow IPv4 ping
+config rule
+	option name		Allow-Ping
+	option src		wan
+	option proto		icmp
+	option icmp_type	echo-request
+	option family		ipv4
+	option target		ACCEPT
+
+# Allow DHCPv6 replies
+# see https://dev.openwrt.org/ticket/10381
+config rule
+	option name		Allow-DHCPv6
+	option src		wan
+	option proto		udp
+	option src_ip		fe80::/10
+	option src_port		547
+	option dest_ip		fe80::/10
+	option dest_port	546
+	option family		ipv6
+	option target		ACCEPT
+
+# Allow essential incoming IPv6 ICMP traffic
+config rule
+	option name		Allow-ICMPv6-Input
+	option src		wan
+	option proto	icmp
+	list icmp_type		echo-request
+	list icmp_type		echo-reply
+	list icmp_type		destination-unreachable
+	list icmp_type		packet-too-big
+	list icmp_type		time-exceeded
+	list icmp_type		bad-header
+	list icmp_type		unknown-header-type
+	list icmp_type		router-solicitation
+	list icmp_type		neighbour-solicitation
+	list icmp_type		router-advertisement
+	list icmp_type		neighbour-advertisement
+	option limit		1000/sec
+	option family		ipv6
+	option target		ACCEPT
+
+# Allow essential forwarded IPv6 ICMP traffic
+config rule
+	option name		Allow-ICMPv6-Forward
+	option src		wan
+	option dest		*
+	option proto		icmp
+	list icmp_type		echo-request
+	list icmp_type		echo-reply
+	list icmp_type		destination-unreachable
+	list icmp_type		packet-too-big
+	list icmp_type		time-exceeded
+	list icmp_type		bad-header
+	list icmp_type		unknown-header-type
+	option limit		1000/sec
+	option family		ipv6
+	option target		ACCEPT
+
+# include a file with users custom iptables rules
+config include
+	option path /etc/firewall.user
+
+
+### EXAMPLE CONFIG SECTIONS
+# do not allow a specific ip to access wan
+#config rule
+#	option src		lan
+#	option src_ip	192.168.45.2
+#	option dest		wan
+#	option proto	tcp
+#	option target	REJECT
+
+# block a specific mac on wan
+#config rule
+#	option dest		wan
+#	option src_mac	00:11:22:33:44:66
+#	option target	REJECT
+
+# block incoming ICMP traffic on a zone
+#config rule
+#	option src		lan
+#	option proto	ICMP
+#	option target	DROP
+
+# port redirect port coming in on wan to lan
+#config redirect
+#	option src			wan
+#	option src_dport	80
+#	option dest			lan
+#	option dest_ip		192.168.16.235
+#	option dest_port	80
+#	option proto		tcp
+
+# port redirect of remapped ssh port (22001) on wan
+#config redirect
+#	option src		wan
+#	option src_dport	22001
+#	option dest		lan
+#	option dest_port	22
+#	option proto		tcp
+
+# allow IPsec/ESP and ISAKMP passthrough
+#config rule
+#	option src		wan
+#	option dest		lan
+#	option protocol		esp
+#	option target		ACCEPT
+
+#config rule
+#	option src		wan
+#	option dest		lan
+#	option src_port		500
+#	option dest_port	500
+#	option proto		udp
+#	option target		ACCEPT
+
+### FULL CONFIG SECTIONS
+#config rule
+#	option src		lan
+#	option src_ip	192.168.45.2
+#	option src_mac	00:11:22:33:44:55
+#	option src_port	80
+#	option dest		wan
+#	option dest_ip	194.25.2.129
+#	option dest_port	120
+#	option proto	tcp
+#	option target	REJECT
+
+#config redirect
+#	option src		lan
+#	option src_ip	192.168.45.2
+#	option src_mac	00:11:22:33:44:55
+#	option src_port		1024
+#	option src_dport	80
+#	option dest_ip	194.25.2.129
+#	option dest_port	120
+#	option proto	tcp

openwrt/rootFS/etc/config/fstab

@@ -0,0 +1,15 @@
+config 'global'
+	option	anon_swap	'0'
+	option	anon_mount	'0'
+	option	auto_swap	'1'
+	option	auto_mount	'1'
+	option	delay_root	'5'
+	option	check_fs	'0'
+
+config 'mount'
+	option	target	'/mnt/sda1'
+	option	uuid	'e68b2987-b05f-45b7-9f32-c8afdd06d409'
+        option  fstype  'ext3'
+	option  options ''
+	option	enabled	'1'
+

openwrt/rootFS/etc/config/network

@@ -0,0 +1,38 @@
+
+config interface 'loopback'
+	option ifname 'lo'
+	option proto 'static'
+	option ipaddr '127.0.0.1'
+	option netmask '255.0.0.0'
+
+config globals 'globals'
+	option ula_prefix 'fdbd:0022:366a::/48'
+
+config interface 'lan'
+	option ifname 'eth0'
+	option type 'bridge'
+	option proto 'static'
+	option ipaddr '192.168.1.56'
+	option netmask '255.255.255.0'
+	option gateway '192.168.1.1'
+	option dns '192.168.1.1'
+	option ip6assign '60'
+
+config interface 'wan'
+	option ifname 'eth1'
+	option proto 'dhcp'
+
+config interface 'wan6'
+	option ifname '@wan'
+	option proto 'dhcpv6'
+
+config switch
+	option name 'switch0'
+	option reset '1'
+	option enable_vlan '1'
+
+config switch_vlan
+	option device 'switch0'
+	option vlan '1'
+	option ports '0 1 2 3 4 5'
+

openwrt/rootFS/etc/config/ntpclient

@@ -0,0 +1,23 @@
+config ntpserver
+	option hostname '0.openwrt.pool.ntp.org'
+	option port     '123'
+
+config ntpserver
+	option hostname '1.openwrt.pool.ntp.org'
+	option port     '123'
+
+config ntpserver
+	option hostname '2.openwrt.pool.ntp.org'
+	option port     '123'
+
+config ntpserver
+	option hostname '3.openwrt.pool.ntp.org'
+	option port     '123'
+
+config ntpdrift
+	option freq     '0'
+
+config ntpclient
+	option interval	600
+	#option count	10
+	#option interface wan

openwrt/rootFS/etc/config/system

@@ -0,0 +1,17 @@
+
+config system
+	option hostname 'sg1'
+	option timezone 'Europe/Berlin'
+
+config timeserver 'ntp'
+	list server '0.openwrt.pool.ntp.org'
+	list server '1.openwrt.pool.ntp.org'
+	list server '2.openwrt.pool.ntp.org'
+	list server '3.openwrt.pool.ntp.org'
+	option enable_server '0'
+
+config led 'led_wlan'
+	option name 'WLAN'
+	option sysfs 'wrt160nl:blue:wlan'
+	option trigger 'phy0tpt'
+

openwrt/rootFS/etc/config/wireless

@@ -0,0 +1,36 @@
+config wifi-device  radio0
+	option type     mac80211
+	option channel  1
+	option country	DE
+	option hwmode	11ng
+	option macaddr	00:23:69:f9:62:17
+	option htmode	HT20
+	list ht_capab	SHORT-GI-40
+	list ht_capab	DSSSi_CCK-40
+	list ht_capab	HT40+
+	list ht_capab	HT40-
+	# option noscan	1
+	# REMOVE THIS LINE TO ENABLE WIFI:
+	option disabled 1
+
+config wifi-iface
+	option device   radio0
+	option network  lan
+	option ifname 	wlan0
+#	option mode     monitor
+	option mode	ap
+	option ssid     superglue
+	option encryption psk2
+	option key	5upr3w3b
+#	option encryption none
+
+#config wifi-iface
+#	option device   radio0
+#	option network  lan
+#	option ifname   wlan1
+#	option mode     ap
+#	option ssid     PublicWireless
+#	option encryption psk2
+#	option key	asda_666
+#	option encryption none
+                                       

openwrt/rootFS/etc/mime.conf

@@ -0,0 +1,77 @@
+#######################################################################
+##
+##  MimeType handling
+## -------------------
+##
+## http://www.lighttpd.net/documentation/configuration.html#mimetypes
+##
+## Use the "Content-Type" extended attribute to obtain mime type if
+## possible
+##
+mimetype.use-xattr        = "disable"
+
+##
+## mimetype mapping
+##
+mimetype.assign             = (
+  ".pdf"          =>      "application/pdf",
+  ".sig"          =>      "application/pgp-signature",
+  ".spl"          =>      "application/futuresplash",
+  ".class"        =>      "application/octet-stream",
+  ".ps"           =>      "application/postscript",
+  ".torrent"      =>      "application/x-bittorrent",
+  ".dvi"          =>      "application/x-dvi",
+  ".gz"           =>      "application/x-gzip",
+  ".pac"          =>      "application/x-ns-proxy-autoconfig",
+  ".swf"          =>      "application/x-shockwave-flash",
+  ".tar.gz"       =>      "application/x-tgz",
+  ".tgz"          =>      "application/x-tgz",
+  ".tar"          =>      "application/x-tar",
+  ".zip"          =>      "application/zip",
+  ".mp3"          =>      "audio/mpeg",
+  ".m3u"          =>      "audio/x-mpegurl",
+  ".wma"          =>      "audio/x-ms-wma",
+  ".wax"          =>      "audio/x-ms-wax",
+  ".ogg"          =>      "application/ogg",
+  ".wav"          =>      "audio/x-wav",
+  ".gif"          =>      "image/gif",
+  ".jpg"          =>      "image/jpeg",
+  ".jpeg"         =>      "image/jpeg",
+  ".png"          =>      "image/png",
+  ".xbm"          =>      "image/x-xbitmap",
+  ".xpm"          =>      "image/x-xpixmap",
+  ".xwd"          =>      "image/x-xwindowdump",
+  ".css"          =>      "text/css",
+  ".html"         =>      "text/html",
+  ".htm"          =>      "text/html",
+  ".js"           =>      "text/javascript",
+  ".asc"          =>      "text/plain",
+  ".c"            =>      "text/plain",
+  ".cpp"          =>      "text/plain",
+  ".log"          =>      "text/plain",
+  ".conf"         =>      "text/plain",
+  ".text"         =>      "text/plain",
+  ".txt"          =>      "text/plain",
+  ".spec"         =>      "text/plain",
+  ".dtd"          =>      "text/xml",
+  ".xml"          =>      "text/xml",
+  ".mpeg"         =>      "video/mpeg",
+  ".mpg"          =>      "video/mpeg",
+  ".mov"          =>      "video/quicktime",
+  ".qt"           =>      "video/quicktime",
+  ".avi"          =>      "video/x-msvideo",
+  ".asf"          =>      "video/x-ms-asf",
+  ".asx"          =>      "video/x-ms-asf",
+  ".wmv"          =>      "video/x-ms-wmv",
+  ".bz2"          =>      "application/x-bzip",
+  ".tbz"          =>      "application/x-bzip-compressed-tar",
+  ".tar.bz2"      =>      "application/x-bzip-compressed-tar",
+  ".rpm"          =>      "application/x-rpm",
+  # make the default mime type application/octet-stream.
+  ""              =>      "application/octet-stream",
+ )
+
+
+#
+#######################################################################
+

openwrt/rootFS/etc/opkg.conf

@@ -0,0 +1,6 @@
+src/gz barrier_breaker http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages
+dest root /
+dest ram /tmp
+dest opt /opt/root
+lists_dir ext /var/opkg-lists
+option overlay_root /overlay

openwrt/rootFS/mnt/sda1-dist/htdigest.user

@@ -0,0 +1 @@
+testglue:superglue test:44d79ae6b6a089c43fd7b7ef59bc39b9

openwrt/rootFS/mnt/sda1-dist/opkg-link

@@ -0,0 +1,58 @@
+#!/bin/sh
+#
+# Create symbolic links from all files in
+# alternative opkg destinations
+#
+# By Stefan Tomanek <stefan@pico.ruhr.de>
+
+# readlink might not be installed, so we probably
+# cannot detect whether a link points to a specific target
+if which readlink >/dev/null; then
+    points_to() {
+        local DST
+        local SRC
+        DST="$1"
+        SRC="$2"
+        [ `readlink "$DST"` = "$SRC" ]
+    }
+else
+    # we cannot determine the target of the link,
+    # so we return false to be on the safe side
+    false
+fi
+
+# find out the installation directories
+awk '$1 == "dest" && $3 != "/" { print $2, $3 }' /etc/opkg.conf | \
+while read DEST DDIR; do
+    echo "Processing destination $DEST..." >&2
+    # if the direktory does not exist, continue
+    [ -d "$DDIR" ] || continue
+
+    for LIST in "$DDIR/usr/lib/opkg/info"/*.list; do
+        [ -e "$LIST" ] || continue;
+        PKG=${LIST##*/}
+        PKG=${PKG%.list}
+        echo "  Linking package ${PKG} from $DEST..." >&2
+        while read FSRC; do
+            FDST=${FSRC#$DDIR}
+            
+            FDSTDIR=${FDST%/*}/
+            [ ! -d "$FDSTDIR" ] && {
+                echo "   Creating directory $FDSTDIR..." >&2
+                mkdir -p "$FDSTDIR"
+            }
+            if [ ! -e "$FDST" ] || [ -L "$FDST" ]; then
+                # do not rewrite every link
+                if [ -L "$FDST" ] && [ `readlink "$FDST"` = "$FSRC" ]; then
+                    :
+                    #echo "   $FDST already linked." >&2
+                else
+                    echo "   linking $FSRC -> $FDST" >&2
+                    ln -sf "$FSRC" "$FDST" 
+                fi
+            else
+                echo "   Not replacing existing file $FDST!" >&2
+            fi
+        done < "$LIST"
+  done
+done

openwrt/rootFS/mnt/sda1-dist/opkg-link-clean

@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# Find dangling symlinks that point into
+# opkg destination
+#
+# this script must be called with an pkg destination as first
+# argument
+#
+# By Stefan Tomanek <stefan@pico.ruhr.de>
+
+DEST=$1
+
+DDIR=`awk -vDEST=$DEST '$1 == "dest" && $2 == DEST { print $3 }' /etc/opkg.conf`
+
+[ -z "$DDIR" ] && exit 1
+
+find / -xdev -type l | while read L; do
+    readlink $L
+done | grep "^${DDIR}" | while read T; do
+    [ ! -e "$T" ] && echo ${T#$DDIR}
+done

openwrt/rootFS/root/pull-serverside-repo.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+## fetch and update contents of /www/ from git.superglue.it
+
+_PWD=$(pwd)
+_USER='httpd'
+_WWW='/www'
+_URL='http://git.superglue.it/superglue/serverside/repository/archive.tar.gz'
+_ARC=$(curl -Is $_URL | awk -F\" '/serverside/ { print $2 }')
+
+cd /tmp
+
+if [[ -z "$_ARC" ]]; then
+  echo 'error fetching archive version'
+  exit 1
+fi
+
+if [[ ! -e "$_ARC" ]]; then
+  echo -n "$(date): fetching $_ARC "
+  curl -OJs "$_URL" || exit 1
+  echo "OK"
+else exit 0
+fi
+
+_DIR=($(tar xvzf $_ARC 2>/dev/null))
+
+if [[ -z "$_DIR" ]]; then
+ echo 'error extracting archive'
+ exit 1
+fi
+
+cp -Rf "$_DIR"/* $_WWW/ &&
+chown -R $_USER $_WWW/* &&
+echo -n "$(date): update OK"
+
+## remove old archives and unpacked directory
+for i in $(ls -1d serverside* | grep -v "$_ARC"); do rm -Rf "$i"; done 
+
+cd $_PWD
+
+exit 0
+