diff --git a/Dockerfile b/Dockerfile index 5f42b82..5db922e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,7 +12,7 @@ RUN dnf -y install vim bash-completion bzip2 gcc gcc-c++ git make ncurses-devel python3-sqlparse python3-aiosignal python3-charset-normalizer python3-frozenlist \ python3-networkx python3-setuptools luajit2.1-luv libnghttp2-devel \ perl-Time-Piece perl-Test-CPAN-Meta-JSON net-snmp-libs \ - e2fsprogs-libs && dnf clean all + e2fsprogs-libs pam-devel && dnf clean all # To build BPI-R4-MT76-OPENWRT-V21.02 RUN dnf install -y usbutils bison flex openssl-devel \ diff --git a/settings-configs/AX3200-dumb-ap/attendedsysupgrade b/settings-configs/AX3200-dumb-ap/attendedsysupgrade new file mode 100644 index 0000000..72820b4 --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/attendedsysupgrade @@ -0,0 +1,9 @@ + +config server 'server' + option url 'https://sysupgrade.openwrt.org' + +config client 'client' + option upgrade_packages '1' + option auto_search '0' + option advanced_mode '1' + diff --git a/settings-configs/AX3200-dumb-ap/bridger b/settings-configs/AX3200-dumb-ap/bridger new file mode 100644 index 0000000..bad8508 --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/bridger @@ -0,0 +1,7 @@ +config defaults + # handle bridge local rx/tx + option bridge_local_tx 1 + option bridge_local_rx 0 + + # example for blacklisting individual devices or bridges + # list blacklist eth0 diff --git a/settings-configs/AX3200-dumb-ap/collectd b/settings-configs/AX3200-dumb-ap/collectd new file mode 100644 index 0000000..3b2088a --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/collectd @@ -0,0 +1,232 @@ +config globals 'globals' + option alt_config_file "/etc/collectd.conf" +# option BaseDir '/var/run/collectd' +# option Include '/tmp/collectd.d' +# option PIDFile '/var/run/collectd.pid' +# option PluginDir '/usr/lib/collectd' +# option TypesDB '/usr/share/collectd/types.db' +# option Interval '30' +# option ReadThreads '2' +# option WriteThreads '2' +# option WriteQueueLimitLow '0' +# option WriteQueueLimitHigh '0' +# option CollectInternalStats '0' + +#config plugin 'apcups' +# option enable '0' +# option Host 'localhost' +# option Port '3551' + +#config plugin 'conntrack' +# option enable '0' + +#config plugin 'contextswitch' +# option enable '0' + +#config plugin 'cpu' +# option enable '0' + +#config plugin 'cpufreq' +# option enable '0' + +#config plugin 'csv' +# option enable '0' +# option StoreRates '0' +# option DataDir '/tmp' + +#config plugin 'curl' +# option enable '0' + +#config curl_page +# option name 'test' +# option url 'http://finance.google.com/finance?q=NYSE%3AAMD%22' + +#config plugin 'df' +# option enable '0' +# list Device '/dev/mtdblock/4' +# list MountPoint '/jffs' +# list FSType 'tmpfs' +# option IgnoreSelected '0' + +#config plugin 'disk' +# option enable '0' +# list Disk 'hda1' +# list Disk 'hdb' +# option IgnoreSelected '0' + +#config plugin 'dns' +# option enable '0' +# list Interface 'br-lan' +# list IgnoreSource '127.0.0.1' + +#config plugin 'email' +# option enable '0' +# option SocketFile '/var/run/collectd/email.sock' +# option SocketGroup 'nogroup' + +#config plugin 'entropy' +# option enable '0' + +#config plugin 'exec' +# option enable '0' + +#config exec_input +# option cmdline '/usr/bin/stat-dhcpusers' +# option cmduser 'nobody' +# option cmdgroup 'nogroup' + +#config exec_notify +# option cmdline '/usr/bin/stat-dhcpusers' +# option cmduser 'nobody' +# option cmdgroup 'nogroup' + +#config plugin 'interface' +# option enable '1' +# list Interface 'br-lan' +# option IgnoreSelected '0' + +#config plugin 'iptables' +# option enable '1' + +#config iptables_match +# option table 'nat' +# option chain 'zone_wan_postrouting' +# option index '1' +# option name 'WLAN-Clients traffic' + +#config plugin 'irq' +# option enable '0' +# list Irq '2' +# list Irq '3' +# list Irq '4' +# list Irq '7' + +#config plugin 'iwinfo' +# option enable '0' + +#config plugin 'load' +# option enable '0' + +#config plugin 'lua' +# option BasePath '/usr/share/collectd-mod-lua' +# list Script 'script1.lua' +# list Script 'script2.lua + +#config plugin 'memory' +# option enable '0' + +#config plugin 'netlink' +# option enable '0' +# option IgnoreSelected '0' +# list VerboseInterface 'br-lan' +# list QDisc 'br-lan' + +#config plugin 'network' +# option enable '1' +# option TimeToLive '128' +# option Forward '1' +# option CacheFlush '86400' + +#config network_listen +# option host '0.0.0.0' +# option port '25826' + +#config network_server +# option host '1.1.1.1' +# option port '25826' + +#config plugin 'nut' +# option enable '0' +# option UPS 'myupsname' + +#config plugin 'olsrd' +# option enable '0' +# option Port '2006' +# option Host '127.0.0.1' + +#config plugin 'openvpn' +# option enable '0' +# option StatusFile '/var/run/openvpn/openvpn.status' +# option CollectIndividualUsers '1' +# optoin CollectUserCount '1' +# optoin CollectCompression '1' +# option ImprovedNamingSchema '0' + +#config plugin 'ping' +# option enable '0' +# option TTL '127' +# option Interval '30' +# list Host '127.0.0.1' + +#config plugin 'processes' +# option enable '0' +# list Process 'uhttpd' +# list Process 'dnsmasq' +# list Process 'dropbear' + +#config plugin 'rrdtool' +# option enable '0' +# option DataDir '/tmp/rrd' +# option RRARows '100' +# option RRASingle '1' +# list RRATimespan '3600' +# list RRATimespan '86400' +# list RRATimespan '604800' +# list RRATimespan '2678400' +# list RRATimespan '31622400' + +#config plugin 'sensors' +# option enable '0' + +#config plugin 'swap' +# option enable '0' +# option ReportByDevice '1' +# option ValuesAbsolute '1' +# option ValuesPercentage '0' +# option ReportIO '1' +# option ReportBytes '1' + +#config plugin 'tcpconns' +# option enable '0' +# option ListeningPorts '0' +# option AllPortsSummary '0' +# list LocalPort '22' +# list LocalPort '80' + +#config plugin 'thermal' +# option enable '0' +# option IgnoreSelected '0' +# list Device '' + +#config plugin 'ubi' +# option enable '0' +# list Device 'ubi0' +# option IgnoreSelected '0' + +#config plugin 'unixsock' +# option enable '0' +# option SocketFile '/var/run/collectd/query.sock' +# option SocketGroup 'nogroup' + +#config plugin 'uptime' +# option enable '0' + +#config plugin 'vmem' +# option enable '0' +# option Verbose '0' +# +#config plugin 'write_http' +# option enable '0' +# +#config write_http_node +# option name 'foo' +# option URL 'http://example.org/post-collectd' +# +#config plugin 'mqtt' +# option enable '1' +# +#config mqtt_block +# option name 'foo' +# option blocktype 'Subscribe' +# option Host 'localhost' +# option Topic 'collectd/#' diff --git a/settings-configs/AX3200-dumb-ap/irqbalance b/settings-configs/AX3200-dumb-ap/irqbalance new file mode 100644 index 0000000..75a4f2b --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/irqbalance @@ -0,0 +1,4 @@ + +config irqbalance 'irqbalance' + option enabled '1' + diff --git a/settings-configs/AX3200-dumb-ap/luci b/settings-configs/AX3200-dumb-ap/luci new file mode 100644 index 0000000..a9a361c --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/luci @@ -0,0 +1,42 @@ + +config core 'main' + option lang 'pl' + option mediaurlbase '/luci-static/bootstrap' + option resourcebase '/luci-static/resources' + option ubuspath '/ubus/' + +config extern 'flash_keep' + option uci '/etc/config/' + option dropbear '/etc/dropbear/' + option openvpn '/etc/openvpn/' + option passwd '/etc/passwd' + option opkg '/etc/opkg.conf' + option firewall '/etc/firewall.user' + option uploads '/lib/uci/upload/' + +config internal 'languages' + option pl 'Polski (Polish)' + +config internal 'sauth' + option sessionpath '/tmp/luci-sessions' + option sessiontime '3600' + +config internal 'ccache' + option enable '1' + +config internal 'themes' + option Bootstrap '/luci-static/bootstrap' + option BootstrapDark '/luci-static/bootstrap-dark' + option BootstrapLight '/luci-static/bootstrap-light' + +config internal 'apply' + option rollback '90' + option holdoff '4' + option timeout '5' + option display '1.5' + +config internal 'diag' + option dns 'openwrt.org' + option ping 'openwrt.org' + option route 'openwrt.org' + diff --git a/settings-configs/AX3200-dumb-ap/luci_statistics b/settings-configs/AX3200-dumb-ap/luci_statistics new file mode 100644 index 0000000..bea7982 --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/luci_statistics @@ -0,0 +1,213 @@ + +config statistics 'collectd' + option BaseDir '/var/run/collectd' + option PIDFile '/var/run/collectd.pid' + option PluginDir '/usr/lib/collectd' + option TypesDB '/usr/share/collectd/types.db' + option Interval '30' + option ReadThreads '2' + option Include '/etc/collectd/conf.d/*.conf' + +config statistics 'rrdtool' + option default_timespan '2hour' + option image_width '600' + option image_height '150' + option image_path '/tmp/rrdimg' + +config statistics 'collectd_rrdtool' + option enable '1' + option DataDir '/tmp/rrd' + option RRARows '288' + option RRASingle '1' + option backup '1' + list RRATimespans '2hour' + list RRATimespans '1day' + list RRATimespans '1week' + list RRATimespans '1month' + list RRATimespans '1year' + +config statistics 'collectd_csv' + option enable '0' + option StoreRates '0' + option DataDir '/tmp' + +config statistics 'collectd_email' + option enable '0' + option SocketFile '/var/run/collectd/email.sock' + option SocketGroup 'nogroup' + +config statistics 'collectd_logfile' + option enable '0' + option LogLevel 'notice' + option File '/var/log/collectd.log' + option Timestamp '1' + +config statistics 'collectd_network' + +config statistics 'collectd_syslog' + option enable '0' + option LogLevel 'warning' + option NotifyLevel 'WARNING' + +config statistics 'collectd_unixsock' + option enable '0' + option SocketFile '/var/run/collectd/query.sock' + option SocketGroup 'nogroup' + +config statistics 'collectd_apcups' + option enable '0' + option Host 'localhost' + option Port '3551' + +config statistics 'collectd_chrony' + option enable '0' + option Host '127.0.0.1' + option Port '323' + option Timeout '2' + +config statistics 'collectd_conntrack' + option enable '0' + +config statistics 'collectd_contextswitch' + option enable '0' + +config statistics 'collectd_cpu' + option enable '1' + option ReportByCpu '1' + option ReportByState '1' + option ShowIdle '0' + option ValuesPercentage '1' + +config statistics 'collectd_cpufreq' + option enable '0' + +config statistics 'collectd_curl' + option enable '0' + +config statistics 'collectd_df' + option enable '0' + option Devices '/dev/mtdblock/4' + option MountPoints '/overlay' + option FSTypes 'tmpfs' + option IgnoreSelected '0' + option ValuesPercentage '0' + +config statistics 'collectd_dhcpleases' + option enable '0' + option Path '/tmp/dhcp.leases' + +config statistics 'collectd_disk' + option enable '0' + option Disks 'hda1 hdb' + option IgnoreSelected '0' + +config statistics 'collectd_dns' + option enable '1' + list Interfaces 'br-lan' + list IgnoreSources '127.0.0.1' + +config statistics 'collectd_entropy' + option enable '0' + +config statistics 'collectd_exec' + option enable '0' + +config statistics 'collectd_interface' + option enable '1' + option Interfaces 'br-lan' + option IgnoreSelected '0' + +config statistics 'collectd_ipstatistics' + option enable '0' + +config statistics 'collectd_iptables' + option enable '0' + +config collectd_iptables_match + option table 'nat' + option chain 'luci_fw_postrouting' + option target 'MASQUERADE' + option source '192.168.1.0/24' + option outputif 'br-ff' + option name 'LAN-Clients traffic' + +config collectd_iptables_match + option chain 'luci_fw_postrouting' + option table 'nat' + option target 'MASQUERADE' + option source '10.61.230.0/24' + option outputif 'br-ff' + option name 'WLAN-Clients traffic' + +config statistics 'collectd_irq' + option enable '0' + option Irqs '2 3 4 7' + +config statistics 'collectd_iwinfo' + option enable '1' + +config statistics 'collectd_load' + option enable '1' + +config statistics 'collectd_memory' + option enable '1' + option HideFree '0' + option ValuesAbsolute '1' + option ValuesPercentage '0' + +config statistics 'collectd_netlink' + option enable '0' + option IgnoreSelected '0' + option VerboseInterfaces 'br-lan' + option QDiscs 'br-lan' + +config statistics 'collectd_nut' + option enable '0' + list UPS 'myupsname' + +config statistics 'collectd_olsrd' + option enable '0' + option Port '2006' + option Host '127.0.0.1' + +config statistics 'collectd_openvpn' + option enable '0' + +config statistics 'collectd_ping' + option enable '0' + option TTL '127' + option Interval '30' + option Hosts '127.0.0.1' + +config statistics 'collectd_processes' + option enable '0' + option Processes 'uhttpd dnsmasq dropbear' + +config statistics 'collectd_sensors' + option enable '1' + list Sensor 'mt7615_phy0-isa-18000000/temperature-temp1' + list Sensor 'mt7915_phy1-pci-0100/temperature-temp1' + +config statistics 'collectd_snmp6' + option enable '0' + option Interfaces 'br-lan' + option IgnoreSelected '0' + +config statistics 'collectd_splash_leases' + option enable '0' + +config statistics 'collectd_tcpconns' + option enable '0' + option ListeningPorts '0' + list LocalPorts '22' + option AllPortsSummary '0' + +config statistics 'collectd_thermal' + option enable '0' + option IgnoreSelected '0' + +config statistics 'collectd_uptime' + option enable '0' + +config statistics 'collectd_mqtt' + diff --git a/settings-configs/AX3200-dumb-ap/network b/settings-configs/AX3200-dumb-ap/network new file mode 100644 index 0000000..f211057 --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/network @@ -0,0 +1,40 @@ + +config interface 'loopback' + option device 'lo' + option proto 'static' + option ipaddr '127.0.0.1' + option netmask '255.0.0.0' + +config globals 'globals' + option ula_prefix 'fd3a:91fc:a5f6::/48' + option packet_steering '1' + +config device + option name 'br-lan' + option type 'bridge' + list ports 'lan1' + list ports 'lan2' + list ports 'lan3' + +config interface 'lan' + option device 'br-lan' + option proto 'static' + option ipaddr '192.168.88.2' + option netmask '255.255.255.0' + option ip6assign '60' + option gateway '192.168.88.1' + list dns '192.168.88.1' + list dns '1.1.1.1' + +config device + option name 'wan' + option macaddr '5c:02:14:XX:XX:XX' + +config interface 'wan' + option device 'wan' + option proto 'dhcp' + +config interface 'wan6' + option device 'wan' + option proto 'dhcpv6' + diff --git a/settings-configs/AX3200-dumb-ap/system b/settings-configs/AX3200-dumb-ap/system new file mode 100644 index 0000000..231b07a --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/system @@ -0,0 +1,26 @@ + +config system + option hostname 'AX3200' + option timezone 'CET-1CEST,M3.5.0,M10.5.0/3' + option ttylogin '0' + option log_size '64' + option urandom_seed '0' + option compat_version '2.0' + option zonename 'Europe/Warsaw' + option log_proto 'udp' + option conloglevel '8' + option cronloglevel '5' + +config timeserver 'ntp' + list server '0.openwrt.pool.ntp.org' + list server '1.openwrt.pool.ntp.org' + list server '2.openwrt.pool.ntp.org' + list server '3.openwrt.pool.ntp.org' + +config led 'led_wan' + option name 'WAN' + option sysfs 'blue:net' + option trigger 'netdev' + option mode 'link tx rx' + option dev 'wan' + diff --git a/settings-configs/AX3200-dumb-ap/usteer b/settings-configs/AX3200-dumb-ap/usteer new file mode 100644 index 0000000..29e4b49 --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/usteer @@ -0,0 +1,14 @@ + +config usteer + option network 'lan' + option syslog '1' + option local_mode '0' + option ipv6 '0' + option debug_level '2' + list ssid_list 'MYWIFI' + option roam_scan_snr '-70' + option roam_trigger_snr '-75' + option min_snr '-85' + option roam_scan_tries '0' + option max_neighbor_reports '6' + diff --git a/settings-configs/AX3200-dumb-ap/wireless b/settings-configs/AX3200-dumb-ap/wireless new file mode 100644 index 0000000..ec7905b --- /dev/null +++ b/settings-configs/AX3200-dumb-ap/wireless @@ -0,0 +1,62 @@ + +config wifi-device 'radio0' + option type 'mac80211' + option phy 'wl0' + option country 'PL' + option cell_density '0' + option htmode 'HT40' + option band '2g' + option channel '8' + option txpower '20' + option rts '512' + option frag '768' + +config wifi-iface 'default_radio0' + option device 'radio0' + option network 'lan' + option mode 'ap' + option ssid 'MYWIFI_2G' + option encryption 'psk2' + option key 'PASSWORD1234' + option wnm_sleep_mode '1' + option bss_transition '1' + option dtim_period '1' + option skip_inactivity_poll '1' + +config wifi-device 'radio1' + option type 'mac80211' + option phy 'wl1' + option country 'PL' + option cell_density '0' + option htmode 'HE80' + option band '5g' + option channel '36' + option txpower '23' + +config wifi-iface 'default_radio1' + option device 'radio1' + option network 'lan' + option mode 'ap' + option ssid 'MYWIFI' + option encryption 'sae-mixed' + option dtim_period '3' + option key 'PASSWORD1234' + option ieee80211r '1' + option nasid 'ax3200-5' + option mobility_domain 'abab' + option ft_over_ds '1' + option ieee80211k '1' + option time_advertisement '2' + option time_zone 'CET-1CEST,M3.5.0,M10.5.0/3' + option wnm_sleep_mode '1' + option bss_transition '1' + +config wifi-iface 'wifinet2' + option device 'radio1' + option mode 'ap' + option ssid 'MYWIFI_iot' + option encryption 'psk2' + option key 'PASSWORD1234' + option network 'lan' + option hidden '1' + diff --git a/settings-configs/BPI-R4/attendedsysupgrade b/settings-configs/BPI-R4/attendedsysupgrade new file mode 100644 index 0000000..72820b4 --- /dev/null +++ b/settings-configs/BPI-R4/attendedsysupgrade @@ -0,0 +1,9 @@ + +config server 'server' + option url 'https://sysupgrade.openwrt.org' + +config client 'client' + option upgrade_packages '1' + option auto_search '0' + option advanced_mode '1' + diff --git a/settings-configs/BPI-R4/collectd b/settings-configs/BPI-R4/collectd new file mode 100644 index 0000000..3b2088a --- /dev/null +++ b/settings-configs/BPI-R4/collectd @@ -0,0 +1,232 @@ +config globals 'globals' + option alt_config_file "/etc/collectd.conf" +# option BaseDir '/var/run/collectd' +# option Include '/tmp/collectd.d' +# option PIDFile '/var/run/collectd.pid' +# option PluginDir '/usr/lib/collectd' +# option TypesDB '/usr/share/collectd/types.db' +# option Interval '30' +# option ReadThreads '2' +# option WriteThreads '2' +# option WriteQueueLimitLow '0' +# option WriteQueueLimitHigh '0' +# option CollectInternalStats '0' + +#config plugin 'apcups' +# option enable '0' +# option Host 'localhost' +# option Port '3551' + +#config plugin 'conntrack' +# option enable '0' + +#config plugin 'contextswitch' +# option enable '0' + +#config plugin 'cpu' +# option enable '0' + +#config plugin 'cpufreq' +# option enable '0' + +#config plugin 'csv' +# option enable '0' +# option StoreRates '0' +# option DataDir '/tmp' + +#config plugin 'curl' +# option enable '0' + +#config curl_page +# option name 'test' +# option url 'http://finance.google.com/finance?q=NYSE%3AAMD%22' + +#config plugin 'df' +# option enable '0' +# list Device '/dev/mtdblock/4' +# list MountPoint '/jffs' +# list FSType 'tmpfs' +# option IgnoreSelected '0' + +#config plugin 'disk' +# option enable '0' +# list Disk 'hda1' +# list Disk 'hdb' +# option IgnoreSelected '0' + +#config plugin 'dns' +# option enable '0' +# list Interface 'br-lan' +# list IgnoreSource '127.0.0.1' + +#config plugin 'email' +# option enable '0' +# option SocketFile '/var/run/collectd/email.sock' +# option SocketGroup 'nogroup' + +#config plugin 'entropy' +# option enable '0' + +#config plugin 'exec' +# option enable '0' + +#config exec_input +# option cmdline '/usr/bin/stat-dhcpusers' +# option cmduser 'nobody' +# option cmdgroup 'nogroup' + +#config exec_notify +# option cmdline '/usr/bin/stat-dhcpusers' +# option cmduser 'nobody' +# option cmdgroup 'nogroup' + +#config plugin 'interface' +# option enable '1' +# list Interface 'br-lan' +# option IgnoreSelected '0' + +#config plugin 'iptables' +# option enable '1' + +#config iptables_match +# option table 'nat' +# option chain 'zone_wan_postrouting' +# option index '1' +# option name 'WLAN-Clients traffic' + +#config plugin 'irq' +# option enable '0' +# list Irq '2' +# list Irq '3' +# list Irq '4' +# list Irq '7' + +#config plugin 'iwinfo' +# option enable '0' + +#config plugin 'load' +# option enable '0' + +#config plugin 'lua' +# option BasePath '/usr/share/collectd-mod-lua' +# list Script 'script1.lua' +# list Script 'script2.lua + +#config plugin 'memory' +# option enable '0' + +#config plugin 'netlink' +# option enable '0' +# option IgnoreSelected '0' +# list VerboseInterface 'br-lan' +# list QDisc 'br-lan' + +#config plugin 'network' +# option enable '1' +# option TimeToLive '128' +# option Forward '1' +# option CacheFlush '86400' + +#config network_listen +# option host '0.0.0.0' +# option port '25826' + +#config network_server +# option host '1.1.1.1' +# option port '25826' + +#config plugin 'nut' +# option enable '0' +# option UPS 'myupsname' + +#config plugin 'olsrd' +# option enable '0' +# option Port '2006' +# option Host '127.0.0.1' + +#config plugin 'openvpn' +# option enable '0' +# option StatusFile '/var/run/openvpn/openvpn.status' +# option CollectIndividualUsers '1' +# optoin CollectUserCount '1' +# optoin CollectCompression '1' +# option ImprovedNamingSchema '0' + +#config plugin 'ping' +# option enable '0' +# option TTL '127' +# option Interval '30' +# list Host '127.0.0.1' + +#config plugin 'processes' +# option enable '0' +# list Process 'uhttpd' +# list Process 'dnsmasq' +# list Process 'dropbear' + +#config plugin 'rrdtool' +# option enable '0' +# option DataDir '/tmp/rrd' +# option RRARows '100' +# option RRASingle '1' +# list RRATimespan '3600' +# list RRATimespan '86400' +# list RRATimespan '604800' +# list RRATimespan '2678400' +# list RRATimespan '31622400' + +#config plugin 'sensors' +# option enable '0' + +#config plugin 'swap' +# option enable '0' +# option ReportByDevice '1' +# option ValuesAbsolute '1' +# option ValuesPercentage '0' +# option ReportIO '1' +# option ReportBytes '1' + +#config plugin 'tcpconns' +# option enable '0' +# option ListeningPorts '0' +# option AllPortsSummary '0' +# list LocalPort '22' +# list LocalPort '80' + +#config plugin 'thermal' +# option enable '0' +# option IgnoreSelected '0' +# list Device '' + +#config plugin 'ubi' +# option enable '0' +# list Device 'ubi0' +# option IgnoreSelected '0' + +#config plugin 'unixsock' +# option enable '0' +# option SocketFile '/var/run/collectd/query.sock' +# option SocketGroup 'nogroup' + +#config plugin 'uptime' +# option enable '0' + +#config plugin 'vmem' +# option enable '0' +# option Verbose '0' +# +#config plugin 'write_http' +# option enable '0' +# +#config write_http_node +# option name 'foo' +# option URL 'http://example.org/post-collectd' +# +#config plugin 'mqtt' +# option enable '1' +# +#config mqtt_block +# option name 'foo' +# option blocktype 'Subscribe' +# option Host 'localhost' +# option Topic 'collectd/#' diff --git a/settings-configs/BPI-R4/ddns b/settings-configs/BPI-R4/ddns new file mode 100644 index 0000000..0b30cec --- /dev/null +++ b/settings-configs/BPI-R4/ddns @@ -0,0 +1,35 @@ + +config ddns 'global' + option ddns_dateformat '%F %R' + option ddns_loglines '250' + option ddns_rundir '/var/run/ddns' + option ddns_logdir '/var/log/ddns' + option use_curl '1' + +config service 'DOMAIN' + option service_name 'duckdns.org' + option lookup_host 'DOMAIN.duckdns.org' + option enabled '1' + option use_ipv6 '0' + option domain 'DOMAIN.duckdns.org' + option username 'MYUSER@GITHUB.COM' + option password 'MYTOKEN' + option ip_source 'network' + option ip_network 'wan' + option interface 'wan' + option use_syslog '2' + option check_unit 'minutes' + option force_unit 'minutes' + option retry_unit 'seconds' + +config service 'DOMAIN_ipv6' + option service_name 'duckdns.org' + option use_ipv6 '1' + option enabled '1' + option lookup_host 'DOMAIN.duckdns.org' + option domain 'DOMAIN' + option username 'danpawlik@github' + option password 'ff66aa01-0640-493f-a9e4-70561207448b' + option interface 'wan6' + option ip_source 'network' + option ip_network 'wan6' diff --git a/settings-configs/BPI-R4/dhcp b/settings-configs/BPI-R4/dhcp new file mode 100644 index 0000000..a8fc5dd --- /dev/null +++ b/settings-configs/BPI-R4/dhcp @@ -0,0 +1,64 @@ + +config dnsmasq + option domainneeded '1' + option localise_queries '1' + option rebind_protection '1' + option rebind_localhost '1' + option local '/lan/' + option domain 'lan' + option expandhosts '1' + option cachesize '1000' + option authoritative '1' + option readethers '1' + option leasefile '/tmp/dhcp.leases' + option localservice '1' + option ednspacket_max '1232' + list server '/mask.icloud.com/' + list server '/mask-h2.icloud.com/' + list server '/use-application-dns.net/' + list server '127.0.0.1#5053' + list server '127.0.0.1#5054' + option doh_backup_noresolv '-1' + option noresolv '1' + list doh_backup_server '/mask.icloud.com/' + list doh_backup_server '/mask-h2.icloud.com/' + list doh_backup_server '/use-application-dns.net/' + list doh_backup_server '127.0.0.1#5053' + list doh_backup_server '127.0.0.1#5054' + list doh_server '127.0.0.1#5053' + list doh_server '127.0.0.1#5054' + +config dhcp 'lan' + option interface 'lan' + option start '100' + option limit '150' + option leasetime '12h' + option dhcpv4 'server' + option dhcpv6 'server' + option ra 'server' + list ra_flags 'managed-config' + list ra_flags 'other-config' + +config dhcp 'wan' + option interface 'wan' + option ignore '1' + option start '100' + option limit '150' + option leasetime '12h' + +config odhcpd 'odhcpd' + option maindhcp '0' + option leasefile '/tmp/hosts/odhcpd' + option leasetrigger '/usr/sbin/odhcpd-update' + option loglevel '4' + +config host + option name 'Brother99CB93A6' + option ip '192.168.88.11' + list mac '48:5F:99:XX:XX:XX' + +config host + option name 'NAS' + option ip '192.168.88.10' + list mac '90:09:D0:XX:XX:XX' + diff --git a/settings-configs/BPI-R4/dropbear b/settings-configs/BPI-R4/dropbear new file mode 100644 index 0000000..2139ba0 --- /dev/null +++ b/settings-configs/BPI-R4/dropbear @@ -0,0 +1,5 @@ +config dropbear + option PasswordAuth 'on' + option RootPasswordAuth 'on' + option Port '22' +# option BannerFile '/etc/banner' diff --git a/settings-configs/BPI-R4/firewall b/settings-configs/BPI-R4/firewall new file mode 100644 index 0000000..ad3b8f6 --- /dev/null +++ b/settings-configs/BPI-R4/firewall @@ -0,0 +1,130 @@ + +config defaults + option input 'REJECT' + option output 'ACCEPT' + option forward 'REJECT' + option synflood_protect '1' + option flow_offloading '1' + option flow_offloading_hw '1' + +config zone 'lan' + option name 'lan' + option network 'lan wg_lan' + option input 'ACCEPT' + option output 'ACCEPT' + option forward 'ACCEPT' + +config zone 'wan' + option name 'wan' + list network 'wan' + list network 'wan6' + option input 'REJECT' + option output 'ACCEPT' + option forward 'REJECT' + option masq '1' + option mtu_fix '1' + +config forwarding + option src 'lan' + option dest 'wan' + +config rule + option name 'Allow-DHCP-Renew' + option src 'wan' + option proto 'udp' + option dest_port '68' + option target 'ACCEPT' + option family 'ipv4' + +config rule + option name 'Allow-Ping' + option src 'wan' + option proto 'icmp' + option icmp_type 'echo-request' + option family 'ipv4' + option target 'ACCEPT' + +config rule + option name 'Allow-IGMP' + option src 'wan' + option proto 'igmp' + option family 'ipv4' + option target 'ACCEPT' + +config rule + option name 'Allow-DHCPv6' + option src 'wan' + option proto 'udp' + option dest_port '546' + option family 'ipv6' + option target 'ACCEPT' + +config rule + option name 'Allow-MLD' + option src 'wan' + option proto 'icmp' + option src_ip 'fe80::/10' + list icmp_type '130/0' + list icmp_type '131/0' + list icmp_type '132/0' + list icmp_type '143/0' + option family 'ipv6' + option target 'ACCEPT' + +config rule + option name 'Allow-ICMPv6-Input' + option src 'wan' + option proto 'icmp' + list icmp_type 'echo-request' + list icmp_type 'echo-reply' + list icmp_type 'destination-unreachable' + list icmp_type 'packet-too-big' + list icmp_type 'time-exceeded' + list icmp_type 'bad-header' + list icmp_type 'unknown-header-type' + list icmp_type 'router-solicitation' + list icmp_type 'neighbour-solicitation' + list icmp_type 'router-advertisement' + list icmp_type 'neighbour-advertisement' + option limit '1000/sec' + option family 'ipv6' + option target 'ACCEPT' + +config rule + option name 'Allow-ICMPv6-Forward' + option src 'wan' + option dest '*' + option proto 'icmp' + list icmp_type 'echo-request' + list icmp_type 'echo-reply' + list icmp_type 'destination-unreachable' + list icmp_type 'packet-too-big' + list icmp_type 'time-exceeded' + list icmp_type 'bad-header' + list icmp_type 'unknown-header-type' + option limit '1000/sec' + option family 'ipv6' + option target 'ACCEPT' + +config rule + option name 'Allow-IPSec-ESP' + option src 'wan' + option dest 'lan' + option proto 'esp' + option target 'ACCEPT' + +config rule + option name 'Allow-ISAKMP' + option src 'wan' + option dest 'lan' + option dest_port '500' + option proto 'udp' + option target 'ACCEPT' + +config rule 'wg' + option name 'Allow-WireGuard-lan' + option src 'wan' + option dest_port '12345' + option proto 'udp' + option target 'ACCEPT' + diff --git a/settings-configs/BPI-R4/https-dns-proxy b/settings-configs/BPI-R4/https-dns-proxy new file mode 100644 index 0000000..39b807b --- /dev/null +++ b/settings-configs/BPI-R4/https-dns-proxy @@ -0,0 +1,32 @@ +config main 'config' + option canary_domains_icloud '1' + option canary_domains_mozilla '1' + option dnsmasq_config_update '*' + option force_dns '1' + list force_dns_port '53' + list force_dns_port '853' +# ports listed below are used by some +# of the dnscrypt-proxy v1 resolvers +# list force_dns_port '553' +# list force_dns_port '1443' +# list force_dns_port '4343' +# list force_dns_port '4434' +# list force_dns_port '5443' +# list force_dns_port '8443' + option procd_trigger_wan6 '0' + +config https-dns-proxy + option bootstrap_dns '1.1.1.1,1.0.0.1' + option resolver_url 'https://cloudflare-dns.com/dns-query' + option listen_addr '127.0.0.1' + option listen_port '5053' + option user 'nobody' + option group 'nogroup' + +config https-dns-proxy + option bootstrap_dns '8.8.8.8,8.8.4.4' + option resolver_url 'https://dns.google/dns-query' + option listen_addr '127.0.0.1' + option listen_port '5054' + option user 'nobody' + option group 'nogroup' diff --git a/settings-configs/BPI-R4/luci b/settings-configs/BPI-R4/luci new file mode 100644 index 0000000..a9a361c --- /dev/null +++ b/settings-configs/BPI-R4/luci @@ -0,0 +1,42 @@ + +config core 'main' + option lang 'pl' + option mediaurlbase '/luci-static/bootstrap' + option resourcebase '/luci-static/resources' + option ubuspath '/ubus/' + +config extern 'flash_keep' + option uci '/etc/config/' + option dropbear '/etc/dropbear/' + option openvpn '/etc/openvpn/' + option passwd '/etc/passwd' + option opkg '/etc/opkg.conf' + option firewall '/etc/firewall.user' + option uploads '/lib/uci/upload/' + +config internal 'languages' + option pl 'Polski (Polish)' + +config internal 'sauth' + option sessionpath '/tmp/luci-sessions' + option sessiontime '3600' + +config internal 'ccache' + option enable '1' + +config internal 'themes' + option Bootstrap '/luci-static/bootstrap' + option BootstrapDark '/luci-static/bootstrap-dark' + option BootstrapLight '/luci-static/bootstrap-light' + +config internal 'apply' + option rollback '90' + option holdoff '4' + option timeout '5' + option display '1.5' + +config internal 'diag' + option dns 'openwrt.org' + option ping 'openwrt.org' + option route 'openwrt.org' + diff --git a/settings-configs/BPI-R4/luci_statistics b/settings-configs/BPI-R4/luci_statistics new file mode 100644 index 0000000..31512a1 --- /dev/null +++ b/settings-configs/BPI-R4/luci_statistics @@ -0,0 +1,213 @@ + +config statistics 'collectd' + option BaseDir '/var/run/collectd' + option PIDFile '/var/run/collectd.pid' + option PluginDir '/usr/lib/collectd' + option TypesDB '/usr/share/collectd/types.db' + option Interval '30' + option ReadThreads '2' + option Include '/etc/collectd/conf.d/*.conf' + +config statistics 'rrdtool' + option default_timespan '2hour' + option image_width '600' + option image_height '150' + option image_path '/tmp/rrdimg' + +config statistics 'collectd_rrdtool' + option enable '1' + option DataDir '/tmp/rrd' + option RRARows '288' + option RRASingle '1' + option backup '1' + list RRATimespans '2hour' + list RRATimespans '1day' + list RRATimespans '1week' + list RRATimespans '1month' + list RRATimespans '1year' + +config statistics 'collectd_csv' + option enable '0' + option StoreRates '0' + option DataDir '/tmp' + +config statistics 'collectd_email' + option enable '0' + option SocketFile '/var/run/collectd/email.sock' + option SocketGroup 'nogroup' + +config statistics 'collectd_logfile' + option enable '0' + option LogLevel 'notice' + option File '/var/log/collectd.log' + option Timestamp '1' + +config statistics 'collectd_network' + +config statistics 'collectd_syslog' + option enable '0' + option LogLevel 'warning' + option NotifyLevel 'WARNING' + +config statistics 'collectd_unixsock' + option enable '0' + option SocketFile '/var/run/collectd/query.sock' + option SocketGroup 'nogroup' + +config statistics 'collectd_apcups' + option enable '0' + option Host 'localhost' + option Port '3551' + +config statistics 'collectd_chrony' + option enable '0' + option Host '127.0.0.1' + option Port '323' + option Timeout '2' + +config statistics 'collectd_conntrack' + option enable '0' + +config statistics 'collectd_contextswitch' + option enable '0' + +config statistics 'collectd_cpu' + option enable '1' + option ReportByCpu '1' + option ReportByState '1' + option ShowIdle '0' + option ValuesPercentage '1' + +config statistics 'collectd_cpufreq' + option enable '0' + +config statistics 'collectd_curl' + option enable '0' + +config statistics 'collectd_df' + option enable '0' + option Devices '/dev/mtdblock/4' + option MountPoints '/overlay' + option FSTypes 'tmpfs' + option IgnoreSelected '0' + option ValuesPercentage '0' + +config statistics 'collectd_dhcpleases' + option enable '0' + option Path '/tmp/dhcp.leases' + +config statistics 'collectd_disk' + option enable '0' + option Disks 'hda1 hdb' + option IgnoreSelected '0' + +config statistics 'collectd_dns' + option enable '1' + list Interfaces 'br-lan' + list IgnoreSources '127.0.0.1' + +config statistics 'collectd_entropy' + option enable '0' + +config statistics 'collectd_exec' + option enable '0' + +config statistics 'collectd_interface' + option enable '1' + option Interfaces 'br-lan' + option IgnoreSelected '0' + +config statistics 'collectd_ipstatistics' + option enable '0' + +config statistics 'collectd_iptables' + option enable '0' + +config collectd_iptables_match + option table 'nat' + option chain 'luci_fw_postrouting' + option target 'MASQUERADE' + option source '192.168.88.0/24' + option outputif 'br-ff' + option name 'LAN-Clients traffic' + +config collectd_iptables_match + option chain 'luci_fw_postrouting' + option table 'nat' + option target 'MASQUERADE' + option source '10.61.230.0/24' + option outputif 'br-ff' + option name 'WLAN-Clients traffic' + +config statistics 'collectd_irq' + option enable '0' + option Irqs '2 3 4 7' + +config statistics 'collectd_iwinfo' + option enable '1' + option IgnoreSelected '1' + +config statistics 'collectd_load' + option enable '1' + +config statistics 'collectd_memory' + option enable '1' + option HideFree '0' + option ValuesAbsolute '1' + option ValuesPercentage '0' + +config statistics 'collectd_netlink' + option enable '0' + option IgnoreSelected '0' + option VerboseInterfaces 'br-lan' + option QDiscs 'br-lan' + +config statistics 'collectd_nut' + option enable '0' + list UPS 'myupsname' + +config statistics 'collectd_olsrd' + option enable '0' + option Port '2006' + option Host '127.0.0.1' + +config statistics 'collectd_openvpn' + option enable '0' + +config statistics 'collectd_ping' + option enable '0' + option TTL '127' + option Interval '30' + option Hosts '127.0.0.1' + +config statistics 'collectd_processes' + option enable '0' + option Processes 'uhttpd dnsmasq dropbear' + +config statistics 'collectd_sensors' + option enable '1' + option IgnoreSelected '1' + +config statistics 'collectd_snmp6' + option enable '0' + option Interfaces 'br-lan' + option IgnoreSelected '0' + +config statistics 'collectd_splash_leases' + option enable '0' + +config statistics 'collectd_tcpconns' + option enable '0' + option ListeningPorts '0' + list LocalPorts '22' + option AllPortsSummary '0' + +config statistics 'collectd_thermal' + option enable '0' + option IgnoreSelected '0' + +config statistics 'collectd_uptime' + option enable '0' + +config statistics 'collectd_mqtt' + diff --git a/settings-configs/BPI-R4/network b/settings-configs/BPI-R4/network new file mode 100644 index 0000000..06392cb --- /dev/null +++ b/settings-configs/BPI-R4/network @@ -0,0 +1,47 @@ + +config interface 'loopback' + option device 'lo' + option proto 'static' + option ipaddr '127.0.0.1' + option netmask '255.0.0.0' + +config globals 'globals' + option ula_prefix 'fdef:9a04:9f07::/48' + +config device + option name 'br-lan' + option type 'bridge' + list ports 'lan1' + list ports 'lan2' + list ports 'lan3' + list ports 'eth1' + +config interface 'lan' + option device 'br-lan' + option proto 'static' + option ipaddr '192.168.88.1' + option netmask '255.255.255.0' + option ip6assign '60' + +config device + option name 'br-wan' + option type 'bridge' + list ports 'eth2' + list ports 'wan' + option macaddr 'B6:C7:8B:XX:XX:XX' + +config interface 'wan' + option device 'br-wan' + option proto 'dhcp' + +config interface 'wan6' + option device 'br-wan' + option proto 'dhcpv6' + +config device + option name 'eth2' + option macaddr 'B6:C7:8B:XX:XX:XX' + +config device + option name 'wan' + option macaddr 'B6:C7:8B:XX:XX:XX' diff --git a/settings-configs/BPI-R4/sqm b/settings-configs/BPI-R4/sqm new file mode 100644 index 0000000..046a55e --- /dev/null +++ b/settings-configs/BPI-R4/sqm @@ -0,0 +1,18 @@ + +config queue 'eth1' + option enabled '1' + option interface 'br-wan' + option download '850000' + option upload '850000' + option qdisc 'fq_codel' + option script 'piece_of_cake.qos' + option linklayer 'ethernet' + option debug_logging '0' + option verbosity '5' + option overhead '44' + option linklayer_advanced '1' + option tcMTU '2047' + option tcTSIZE '128' + option tcMPU '84' + option linklayer_adaptation_mechanism 'default' + diff --git a/settings-configs/BPI-R4/system b/settings-configs/BPI-R4/system new file mode 100644 index 0000000..c0594ee --- /dev/null +++ b/settings-configs/BPI-R4/system @@ -0,0 +1,46 @@ + +config system + option hostname 'BPI-R4' + option timezone 'CET-1CEST,M3.5.0,M10.5.0/3' + option ttylogin '0' + option log_size '64' + option urandom_seed '0' + option zonename 'Europe/Warsaw' + option log_proto 'udp' + option conloglevel '8' + option cronloglevel '5' + +config timeserver 'ntp' + list server '0.openwrt.pool.ntp.org' + list server '1.openwrt.pool.ntp.org' + list server '2.openwrt.pool.ntp.org' + list server '3.openwrt.pool.ntp.org' + +config led 'led_wan' + option name 'wan' + option sysfs 'mt7530-0:00:green:lan' + option trigger 'netdev' + option mode 'link tx rx' + option dev 'wan' + +config led 'led_lan1' + option name 'lan1' + option sysfs 'mt7530-0:01:green:lan' + option trigger 'netdev' + option mode 'link tx rx' + option dev 'lan1' + +config led 'led_lan2' + option name 'lan2' + option sysfs 'mt7530-0:02:green:lan' + option trigger 'netdev' + option mode 'link tx rx' + option dev 'lan2' + +config led 'led_lan3' + option name 'lan3' + option sysfs 'mt7530-0:03:green:lan' + option trigger 'netdev' + option mode 'link tx rx' + option dev 'lan3' + diff --git a/settings-configs/BPI-R4/usteer b/settings-configs/BPI-R4/usteer new file mode 100644 index 0000000..29e4b49 --- /dev/null +++ b/settings-configs/BPI-R4/usteer @@ -0,0 +1,14 @@ + +config usteer + option network 'lan' + option syslog '1' + option local_mode '0' + option ipv6 '0' + option debug_level '2' + list ssid_list 'MYWIFI' + option roam_scan_snr '-70' + option roam_trigger_snr '-75' + option min_snr '-85' + option roam_scan_tries '0' + option max_neighbor_reports '6' + diff --git a/settings-configs/BPI-R4/vnstat b/settings-configs/BPI-R4/vnstat new file mode 100644 index 0000000..ed18bb7 --- /dev/null +++ b/settings-configs/BPI-R4/vnstat @@ -0,0 +1,6 @@ + +config vnstat + list interface 'br-lan' + list interface 'br-wan' + list interface 'wg_lan' + diff --git a/settings-configs/BPI-R4/wireless b/settings-configs/BPI-R4/wireless new file mode 100644 index 0000000..114044c --- /dev/null +++ b/settings-configs/BPI-R4/wireless @@ -0,0 +1,38 @@ + +config wifi-device 'radio0' + option type 'mac80211' + option path 'soc/11310000.pcie/pci0001:00/0001:00:00.0/0001:01:00.0' + option channel '48' + option band '5g' + option htmode 'HE80' + option txpower '20' + option cell_density '0' + option country 'PL' + +config wifi-iface 'default_radio0' + option device 'radio0' + option network 'lan' + option mode 'ap' + option ssid 'MYWIFI_2G' + option encryption 'psk2' + option key 'PASSWORD1234' + option disabled '1' + +config wifi-iface 'wifinet1' + option device 'radio0' + option mode 'ap' + option ssid 'MYWIFI' + option encryption 'sae-mixed' + option dtim_period '3' + option key 'PASSWORD1234' + option ieee80211r '1' + option nasid '4-5' + option mobility_domain 'abab' + option ft_over_ds '1' + option ieee80211k '1' + option time_advertisement '2' + option time_zone 'CET-1CEST,M3.5.0,M10.5.0/3' + option wnm_sleep_mode '1' + option bss_transition '1' + option network 'lan' +