enhance dnsmasq
This commit is contained in:
garywill
garywill
parent
d13778d47f
commit
9fb6099bca
31
lnxrouter
31
lnxrouter
|
|
@ -68,6 +68,7 @@ usage() {
|
||||||
echo " For an <id> you can put the PID of create_ap or the WiFi interface."
|
echo " For an <id> you can put the PID of create_ap or the WiFi interface."
|
||||||
echo " If virtual WiFi interface was created, then use that one."
|
echo " If virtual WiFi interface was created, then use that one."
|
||||||
echo " You can get them with --list-running"
|
echo " You can get them with --list-running"
|
||||||
|
echo " --log-dns"
|
||||||
echo " --no-dns Disable dnsmasq DNS server"
|
echo " --no-dns Disable dnsmasq DNS server"
|
||||||
echo " --no-dnsmasq Disable dnsmasq server completely"
|
echo " --no-dnsmasq Disable dnsmasq server completely"
|
||||||
echo " -g <gateway> IPv4 Gateway for the Access Point (default: 192.168.18.1)"
|
echo " -g <gateway> IPv4 Gateway for the Access Point (default: 192.168.18.1)"
|
||||||
|
|
@ -629,6 +630,8 @@ SUBNET_IFACE=
|
||||||
|
|
||||||
HAVEGED_WATCHDOG_PID=
|
HAVEGED_WATCHDOG_PID=
|
||||||
|
|
||||||
|
SHOW_DNS_QUERY=0
|
||||||
|
|
||||||
start_nat() {
|
start_nat() {
|
||||||
iptables -w -v -t nat -I POSTROUTING -s ${GATEWAY%.*}.0/24 ! -o ${SUBNET_IFACE} -j MASQUERADE || die
|
iptables -w -v -t nat -I POSTROUTING -s ${GATEWAY%.*}.0/24 ! -o ${SUBNET_IFACE} -j MASQUERADE || die
|
||||||
iptables -w -v -I FORWARD -i ${SUBNET_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT || die
|
iptables -w -v -I FORWARD -i ${SUBNET_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT || die
|
||||||
|
|
@ -1084,6 +1087,10 @@ while [[ -n "$1" ]]; do
|
||||||
PASSPHRASE="$1"
|
PASSPHRASE="$1"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
--log-dns)
|
||||||
|
shift
|
||||||
|
SHOW_DNS_QUERY=1
|
||||||
|
;;
|
||||||
--)
|
--)
|
||||||
shift
|
shift
|
||||||
break
|
break
|
||||||
|
|
@ -1431,6 +1438,8 @@ else
|
||||||
echo "Warning: Wifi is not protected by password" >&2
|
echo "Warning: Wifi is not protected by password" >&2
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
SUBNET_IFACE=${AP_IFACE}
|
||||||
|
|
||||||
if [[ $NO_DNSMASQ -eq 0 ]]; then
|
if [[ $NO_DNSMASQ -eq 0 ]]; then
|
||||||
# dnsmasq config (dhcp + dns)
|
# dnsmasq config (dhcp + dns)
|
||||||
DNSMASQ_VER=$(dnsmasq -v | grep -m1 -oE '[0-9]+(\.[0-9]+)*\.[0-9]+')
|
DNSMASQ_VER=$(dnsmasq -v | grep -m1 -oE '[0-9]+(\.[0-9]+)*\.[0-9]+')
|
||||||
|
|
@ -1443,17 +1452,31 @@ if [[ $NO_DNSMASQ -eq 0 ]]; then
|
||||||
if [[ "$DHCP_DNS" == "gateway" ]]; then
|
if [[ "$DHCP_DNS" == "gateway" ]]; then
|
||||||
DHCP_DNS="$GATEWAY"
|
DHCP_DNS="$GATEWAY"
|
||||||
fi
|
fi
|
||||||
|
if [[ "$NO_DNS" -eq 0 ]]; then
|
||||||
|
dnsmasq_dns_option="dhcp-option-force=option:dns-server,${DHCP_DNS}"
|
||||||
|
else
|
||||||
|
dnsmasq_dns_option="port=0"
|
||||||
|
fi
|
||||||
cat << EOF > $CONFDIR/dnsmasq.conf
|
cat << EOF > $CONFDIR/dnsmasq.conf
|
||||||
|
user=nobody
|
||||||
|
group=nobody
|
||||||
|
$DNSMASQ_BIND
|
||||||
listen-address=${GATEWAY}
|
listen-address=${GATEWAY}
|
||||||
${DNSMASQ_BIND}
|
interface=$SUBNET_IFACE
|
||||||
|
except-interface=*
|
||||||
|
no-dhcp-interface=lo
|
||||||
dhcp-range=${GATEWAY%.*}.1,${GATEWAY%.*}.254,255.255.255.0,24h
|
dhcp-range=${GATEWAY%.*}.1,${GATEWAY%.*}.254,255.255.255.0,24h
|
||||||
dhcp-option-force=option:router,${GATEWAY}
|
dhcp-option-force=option:router,${GATEWAY}
|
||||||
dhcp-option-force=option:dns-server,${DHCP_DNS}
|
${dnsmasq_dns_option}
|
||||||
EOF
|
EOF
|
||||||
MTU=1280 # TODO temporary value. This used to be read from the INTERNET_IFACE
|
MTU=1280 # TODO temporary value. This used to be read from the INTERNET_IFACE
|
||||||
[[ -n "$MTU" ]] && echo "dhcp-option-force=option:mtu,${MTU}" >> $CONFDIR/dnsmasq.conf
|
[[ -n "$MTU" ]] && echo "dhcp-option-force=option:mtu,${MTU}" >> $CONFDIR/dnsmasq.conf
|
||||||
[[ $ETC_HOSTS -eq 0 ]] && echo no-hosts >> $CONFDIR/dnsmasq.conf
|
[[ $ETC_HOSTS -eq 0 ]] && echo no-hosts >> $CONFDIR/dnsmasq.conf
|
||||||
[[ -n "$ADDN_HOSTS" ]] && echo "addn-hosts=${ADDN_HOSTS}" >> $CONFDIR/dnsmasq.conf
|
[[ -n "$ADDN_HOSTS" ]] && echo "addn-hosts=${ADDN_HOSTS}" >> $CONFDIR/dnsmasq.conf
|
||||||
|
if [[ ! "$SHOW_DNS_QUERY" -eq 0 ]]; then
|
||||||
|
echo log-queries=extra >> $CONFDIR/dnsmasq.conf
|
||||||
|
echo log-facility=/dev/stdout >> $CONFDIR/dnsmasq.conf
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# initialize WiFi interface
|
# initialize WiFi interface
|
||||||
|
|
@ -1472,7 +1495,7 @@ fi
|
||||||
ip link set up dev ${AP_IFACE} || die "$VIRTDIEMSG"
|
ip link set up dev ${AP_IFACE} || die "$VIRTDIEMSG"
|
||||||
ip addr add ${GATEWAY}/24 broadcast ${GATEWAY%.*}.255 dev ${AP_IFACE} || die "$VIRTDIEMSG"
|
ip addr add ${GATEWAY}/24 broadcast ${GATEWAY%.*}.255 dev ${AP_IFACE} || die "$VIRTDIEMSG"
|
||||||
|
|
||||||
SUBNET_IFACE=${AP_IFACE}
|
|
||||||
# enable Internet sharing
|
# enable Internet sharing
|
||||||
if [[ "$SHARE_METHOD" != "none" ]]; then
|
if [[ "$SHARE_METHOD" != "none" ]]; then
|
||||||
echo "Sharing Internet using method: $SHARE_METHOD"
|
echo "Sharing Internet using method: $SHARE_METHOD"
|
||||||
|
|
@ -1503,7 +1526,7 @@ if [[ $NO_DNSMASQ -eq 0 ]]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
umask 0033
|
umask 0033
|
||||||
dnsmasq -d -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid -l $CONFDIR/dnsmasq.leases || die &
|
dnsmasq -d -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid -l $CONFDIR/dnsmasq.leases -u nobody -g nobody|| die &
|
||||||
umask $SCRIPT_UMASK
|
umask $SCRIPT_UMASK
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue