[心得] 在DD-WRT上建立Fon_AP

看板MOD_AP (無線基地台韌體)作者earlreco (Reco)時間17年前 (2007/04/27 02:25)推噓4(4推 0噓 1→)

留言5則, 2人參與討論串1/7 (看更多)

原文: http://www.geek-pages.com/articles/latest/dd-wrt_-_multiple_ ssids_-_1_for_fon_-_1_for_private_network.html 打從V24版開始，就有了虛擬的SSID，於是我們終於可以一邊盡義務，一邊使用DD-WRT。我們先從之前的教學安裝了DD-WRT-V24之後，進入Wireless 這一頁，加入一個新的Virtual Interfaces，叫做Fon_AP，將AP Isolation與 set the Network Configuration調整至Unbridged之後: IP 設為:192.168.181.1 遮罩設為:255.255.255.0 按Save Settings建立ath0.1，就是Fon_AP。轉到Administration這一頁，將Info Site Password Protection打開之後Save Settings。 Hotspot這一頁的Chillispot就關了吧，我們要自已寫一個Script。我們在Commands這一頁，寫入以下的Shell Script: ------------------- 請Copy以下內容 ------------------- #!/bin/sh ## # The following lines create /tmp/chilli.conf echo -n ' dhcpif ath0.1 radiusserver1 radius01.fon.com radiusserver2 radius02.fon.com macauth radiussecret garrafon uamserver https://login.fon.com/cp/index.php uamsecret garrafon uamallowed www.fon.com,acceso.fon.com,en.fon.com,es.fon.com uamallowed www.paypal.com,www.paypalobjects.com uamanydns net 192.168.182.0/24 dynip 192.168.182.0/24 ' > /tmp/chilli.conf echo -n "radiusnasid `nvram get wl0_hwaddr|sed -e s/:/-/g`" >>/tmp/chilli.conf # We need to wait 5 seconds to make sure we have our WAN DHCP lease and DNS info. sleep 5 echo `nvram get wan_get_dns` | sed -e 's/[0-9]/=&/' -e 's/ /%/' -e 's/=/\ndns1 /' -e 's/%/\ndns2 /' >> /tmp/chilli.conf #The following statement adds a statement to cron.d that runs a heartbeat to fon each night at 2am. echo '00 02 * * * root /usr/bin/wget "http://download.fon.com/heartbeat.php?mac=`nvram get wl0_hwaddr|sed s/:/-/g`" -O /tmp/inet.html' > /tmp/cron.d/heartbeat # Runs the heartbeat to fon at startup. /usr/bin/wget "http://download.fon.com/heartbeat.php?mac=`nvram get wl0_hwaddr|sed s/:/-/g`" sleep 15 # Execute chillispot /usr/sbin/chilli --conf /tmp/chilli.conf ------------- 以上內容剪下至Commands ----------- 貼好之後，按Save Startup。另外建立防火牆的Script ------------------- 請Copy以下內容 ------------------- #!/bin/sh ## iptables -I INPUT -i tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o vlan1 -m state --state NEW -j ACCEPT iptables -I FORWARD -i tun0 -o ppp0 -m state --state NEW -j ACCEPT iptables -I FORWARD -i br0 -o tun0 -j logdrop iptables -A FORWARD -i tun0 -j DROP; iptables -t nat -I PREROUTING -i tun0 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -j DROP DEV="tun0" DOWNLINK="1024" UPLINK="256" tc qdisc del dev $DEV root tc qdisc del dev $DEV ingress # limit download tc qdisc add dev $DEV root handle 1: htb tc class add dev $DEV parent 1: classid 1:1 htb rate ${DOWNLINK}kbit burst 6k tc filter add dev $DEV parent 1: protocol ip prio 16 u32 match ip dst 192.168.182.1/24 flowid 1:1 # limit upload tc qdisc add dev $DEV ingress handle ffff: tc filter add dev $DEV parent ffff: protocol ip u32 match ip src 0.0.0.0/0 police rate ${UPLINK}kbit burst 10k drop flowid :1 ------------- 以上內容剪下至Firewall ----------- 之後，按"Save Firewall"存到防火牆的Script，重新啟動之後，如果這台已經有註冊，就可以像Fon一樣使用公眾SSID。但是筆者搞了那麼半天，雖然兩個SSID都出現了，但是連線過程就沒有連上Fon 總部了，這個也希望大家能指教出一個新的方案。 -- 「吃飯聞到米香，睡覺呼呼作響，眼睛睜開忽然一想，阿彌陀佛，身體健康。」－民歌手王城 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 220.132.152.13