summaryrefslogtreecommitdiff
path: root/recipes-core/ocg-scripts/ocg-scripts-1.0
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-core/ocg-scripts/ocg-scripts-1.0')
-rwxr-xr-xrecipes-core/ocg-scripts/ocg-scripts-1.0/ocg-cell-router147
-rwxr-xr-xrecipes-core/ocg-scripts/ocg-scripts-1.0/ocg-dhcpd65
-rwxr-xr-xrecipes-core/ocg-scripts/ocg-scripts-1.0/ocg-set-apn40
-rwxr-xr-xrecipes-core/ocg-scripts/ocg-scripts-1.0/ocg-wifi-ap165
4 files changed, 417 insertions, 0 deletions
diff --git a/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-cell-router b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-cell-router
new file mode 100755
index 0000000..1607c32
--- /dev/null
+++ b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-cell-router
@@ -0,0 +1,147 @@
+#!/usr/bin/env bash
+
+# Copyright (C) 2014 Multi-Tech Systems
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+set -e
+
+do_start() {
+ lan_interfaces=$(echo "$lan" | sed "s/,/ /g")
+
+ echo "Configuring firewall rules..."
+ # Flush all the tables first
+ iptables -t filter -F
+ iptables -t nat -F
+ iptables -t mangle -F
+
+ # Drop all incoming packets by default
+ iptables -t filter -P INPUT DROP
+ # Accept all on local loopback
+ iptables -t filter -A INPUT -i lo -j ACCEPT
+ # Allow packets in for existing socket connections
+ iptables -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+
+ # Accept all from LAN interfaces
+ for i in $lan_interfaces; do
+ iptables -t filter -A INPUT -i $i -j ACCEPT
+
+ # Accept ssh from the LAN (Wired)
+ #iptables -t filter -A INPUT -i $i -p tcp --dport 22 -j ACCEPT
+ # Accept http from the LAN (Wired)
+ #iptables -t filter -A INPUT -i $i -p tcp --dport 80 -j ACCEPT
+ # Accept tftp from the LAN (Wired)
+ #iptables -t filter -A INPUT -i $i -p udp --dport 69 -j ACCEPT
+ done
+
+ # Accept ssh from the WAN (Wireless)
+ #iptables -t filter -A INPUT -i $wan -p tcp --dport 22 -j ACCEPT
+ # Accept http from the WAN (Wireless)
+ #iptables -t filter -A INPUT -i $wan -p tcp --dport 80 -j ACCEPT
+
+ # Allow packet fowarding from LAN interfaces to WAN (cell router)
+ iptables -t filter -P FORWARD DROP
+ iptables -t filter -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
+ for i in $lan_interfaces; do
+ iptables -t filter -A FORWARD -i $i -o $wan -j ACCEPT
+ done
+
+ # Allow all output packets
+ iptables -t filter -P OUTPUT ACCEPT
+
+ # enable NAT for cell router
+ iptables -t nat -A POSTROUTING -o $wan -j MASQUERADE
+
+ echo "Enabling packet forwarding..."
+ # turn on packet forwarding last
+ echo 1 > /proc/sys/net/ipv4/ip_forward
+ echo "Done"
+}
+
+do_stop() {
+ echo "Clearing firewall rules..."
+ # clear all tables
+ iptables -t filter -F
+ iptables -t nat -F
+ iptables -t mangle -F
+ # reset policies to ACCEPT
+ iptables -t filter -P INPUT ACCEPT
+ iptables -t filter -P OUTPUT ACCEPT
+ iptables -t filter -P FORWARD ACCEPT
+
+ # turn off packet forwarding
+ echo "Disabling packet forwarding..."
+ echo 0 > /proc/sys/net/ipv4/ip_forward
+ echo "Done"
+}
+
+usage() {
+ echo "Usage: $(basename $0) start|stop [options]"
+ echo " options:"
+ echo " -l <lan-interfaces> LAN interfaces to allow, comma-separated (defaults to \"eth0\")"
+ echo " -w <wan-interface> WAN interface to route out (defaults to \"ppp0\")"
+ exit 1
+}
+
+# main
+if [[ $# < 1 ]]; then
+ usage
+fi
+
+cmd=$1
+shift
+
+while getopts "l:w:h" opt; do
+ case "$opt" in
+ l)
+ l=$OPTARG
+ ;;
+ w)
+ w=$OPTARG
+ ;;
+ h)
+ usage
+ ;;
+ *)
+ usage
+ ;;
+ esac
+done
+
+# default lan to eth0 if not specified
+lan=${l-eth0}
+# default wan to ppp0 if not specified
+wan=${w-ppp0}
+
+case $cmd in
+ start)
+ echo "LAN: $lan"
+ echo "WAN: $wan"
+ do_start
+ ;;
+ stop)
+ do_stop
+ ;;
+ *)
+ usage
+ ;;
+esac
+
+exit 0
+
diff --git a/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-dhcpd b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-dhcpd
new file mode 100755
index 0000000..976b138
--- /dev/null
+++ b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-dhcpd
@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# Copyright (C) 2014 Multi-Tech Systems
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+do_start() {
+ echo "starting dhcp daemon"
+ udhcpd -S /etc/udhcpd.conf
+}
+
+do_stop() {
+ echo "stopping dhcp daemon"
+ killall udhcpd
+}
+
+usage() {
+ echo "Usage: $(basename $0) start|stop|restart"
+ exit 1
+}
+
+# main
+if [[ $# != 1 ]]; then
+ usage
+fi
+
+case $1 in
+ start)
+ if [[ ! -f "/etc/udhcpd.conf" ]]
+ then
+ echo "/etc/udhcpd.conf does not exist"
+ exit 1
+ fi
+ do_start
+ ;;
+ stop)
+ do_stop
+ ;;
+ restart)
+ do_stop
+ sleep 1
+ do_start
+ ;;
+ *)
+ usage
+ ;;
+esac
+
+exit 0
diff --git a/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-set-apn b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-set-apn
new file mode 100755
index 0000000..371ba7e
--- /dev/null
+++ b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-set-apn
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Copyright (C) 2014 Multi-Tech Systems
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+if [[ $# != 1 ]]; then
+ echo "Usage: $(basename $0) APN"
+ exit 1
+fi
+
+apn=$1
+chat_file=/etc/ppp/peers/gsm_chat
+
+sed -r -i "s/^OK\s+'AT\+CGDCONT=1,\"IP\",\"[^\"]*\"'$/OK 'AT\+CGDCONT=1,\"IP\",\"${apn}\"'/" $chat_file
+
+if [[ $? != 0 ]]; then
+ echo "Failed to change APN"
+ exit 1
+else
+ echo "Set APN to \"${apn}\" in $chat_file"
+fi
+
+exit 0
diff --git a/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-wifi-ap b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-wifi-ap
new file mode 100755
index 0000000..b0bc7ec
--- /dev/null
+++ b/recipes-core/ocg-scripts/ocg-scripts-1.0/ocg-wifi-ap
@@ -0,0 +1,165 @@
+#!/bin/bash
+
+# Copyright (C) 2014 Multi-Tech Systems
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+dhcpd_file=/etc/udhcpd.conf
+hostapd_file=/etc/hostapd.conf
+interface=wlan0
+bridge_mode=0
+
+do_start() {
+ if [ "$bridge_mode" = 1 ]; then
+ interface=$b
+ if ! grep -E -q "^bridge=$interface\s*$" $hostapd_file; then
+ echo "Enabling bridge=br0 in $hostapd_file"
+ sed -r -i "s/^#?bridge=.*$/bridge=$interface/" $hostapd_file
+ fi
+ else
+ if grep -E -q "^bridge=.*$" $hostapd_file; then
+ echo "Disabling bridge in $hostapd_file"
+ sed -r -i "s/^bridge=/#bridge=/" $hostapd_file
+ fi
+ fi
+
+ echo "Starting hostap daemon"
+ /etc/init.d/hostapd start
+
+ if [ "$bridge_mode" != 1 ]; then
+ echo "Setting IP address to $ip"
+ ifconfig $interface $ip
+ # strip off end of IP address to get subnet
+ # assumes subnet of /24
+ subnet=${ip%.*}
+ # escape periods for regex
+ subnet_regex=${subnet//./\\.}
+ ip_regex=${ip//./\\.}
+ # set default address range for dhcpd
+ addr_start=100
+ addr_end=254
+ if ! grep -E -q "^start\s+$subnet_regex\." $dhcpd_file; then
+ echo "Changing dhcpd start to $subnet.$addr_start"
+ sed -r -i "s/^start\s+.*$/start $subnet.$addr_start/" $dhcpd_file
+ fi
+ if ! grep -E -q "^end\s+$subnet_regex\." $dhcpd_file; then
+ echo "Changing dhcpd end to $subnet.$addr_end"
+ sed -r -i "s/^end\s+.*$/end $subnet.$addr_end/" $dhcpd_file
+ fi
+ # update dhcpd addresses if needed
+ if ! grep -E -q "^option\s+router\s+$ip_regex" $dhcpd_file; then
+ echo "Changing dhcpd router to $ip"
+ sed -r -i "s/^option\s+router\s+.*$/option router $ip/" $dhcpd_file
+ fi
+ else
+ # unset ip address for bridge mode
+ ifconfig wlan0 0.0.0.0
+ fi
+
+ if ! grep -E -q "^interface\s+$interface" $dhcpd_file; then
+ echo "Changing dhcpd interface to $interface"
+ sed -r -i "s/^interface\s+.*$/interface $interface/" $dhcpd_file
+ fi
+ ocg-dhcpd start
+}
+
+do_stop() {
+ echo "Stopping hostap daemon"
+ /etc/init.d/hostapd stop
+ ocg-dhcpd stop
+}
+
+usage() {
+ echo "Usage: $(basename $0) start|stop|restart [options]"
+ echo " options:"
+ echo " -a <address> Sets AP IP address (defaults to 192.168.3.1)"
+ echo " -b <interface> Add AP to specified bridge interface (conflicts with -a)"
+ exit 1
+}
+
+# main
+if [[ $# < 1 ]]; then
+ usage
+fi
+
+cmd=$1
+shift
+
+while getopts "a:b:h" opt; do
+ case "$opt" in
+ a)
+ a=$OPTARG
+ ;;
+ b)
+ b=$OPTARG
+ bridge_mode=1
+ ;;
+ h)
+ usage
+ ;;
+ *)
+ usage
+ ;;
+ esac
+done
+
+# can't specify both address and bridge mode
+if [ -n "$a" ] && [ -n "$b" ]; then
+ usage
+fi
+
+if [ -n "$a" ]; then
+ ret=1
+ if [[ $a =~ ^([0-9]{1,3}\.){3,3}[0-9]{1,3}$ ]]
+ then
+ OIFS=$IFS
+ IFS='.'
+ ip=($a)
+ IFS=$OFIS
+ [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
+ ret=$?
+ fi
+ if [[ ret -ne 0 ]]
+ then
+ echo "invalid IP address"
+ exit 1
+ fi
+ ip=$a
+else
+ ip="192.168.3.1"
+fi
+
+case $cmd in
+ start)
+ do_start
+ ;;
+ stop)
+ do_stop
+ ;;
+ restart)
+ do_stop
+ sleep 1
+ do_start
+ ;;
+ *)
+ usage
+ ;;
+esac
+
+exit 0