Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wired uplink #12

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Wired uplink #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f1920a5
set firewall rules for wan2
happynet-why Jan 13, 2025
197a256
firewall rule update
happynet-why Jan 13, 2025
49c0c12
Wired-uplink basic setup for c7
happynet-why Jan 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions src/build.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@ for profile in $profiles; do
sed -i "s/option version .*/option version '$release_version'/" "files/etc/config/routro"
sed -i "s/option profile .*/option profile '$profile'/" "files/etc/config/routro"

# Check and copy profile-specific network config if it exists
if [ -f "files/etc/config/network.d/$profile.conf" ]; then
cp "files/etc/config/network.d/$profile.conf" "files/etc/config/network"
fi

IMAGEBUILDER_REPO="openwrt-imagebuilder-$PATH_PART.Linux-x86_64"
cd "$IMAGEBUILDER_REPO"

Expand Down
17 changes: 17 additions & 0 deletions src/files/etc/config/firewall
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,15 @@ config zone 'wwanzone'
option masq '1'
option mtu_fix '1'

config zone 'wan2zone'
option name 'wan2zone'
list network 'wan2'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'

config zone 'wg0zone'
option name 'wg0zone'
list network 'wg0'
Expand All @@ -53,6 +62,10 @@ config forwarding
option src 'lan'
option dest 'wwanzone'

config forwarding
option src 'lan'
option dest 'wan2zone'

config forwarding
option src 'lan'
option dest 'wg0zone'
Expand All @@ -65,6 +78,10 @@ config forwarding
option src 'guest_zone'
option dest 'wwanzone'

config forwarding
option src 'guest_zone'
option dest 'wan2zone'

config forwarding
option src 'guest_zone'
option dest 'wg0zone'
Expand Down
2 changes: 1 addition & 1 deletion src/files/etc/config/pbr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ config pbr 'config'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
list supported_interface "wan wwan wg0"
list supported_interface "wan wan2 wwan wg0"

config policy
option name "IrIp to wan"
Expand Down
6 changes: 5 additions & 1 deletion src/files/etc/rc.local
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,11 @@ uci set routro.remote.accesshost="-"
#################################################################################
#-------------< Network
#################################################################################
# Check if wan2 exists in network configuration
if ! uci -q get network.wan2 > /dev/null; then
# Only apply network settings if wan2 doesn't exist
# Set default lan IP to 151 range
uci set network.lan.ipaddr='192.168.151.1'
uci set network.lan.ipaddr='192.168.151.1'
# Set default wan metric
uci set network.wan.metric='20'
uci set network.wan6.metric='1'
Expand All @@ -60,6 +63,7 @@ uci set network.Guest.proto='static'
uci set network.Guest.ipaddr='192.168.3.1'
uci set network.Guest.netmask='255.255.255.0'
uci set network.Guest.device='brlan-2'
fi


#################################################################################
Expand Down
30 changes: 21 additions & 9 deletions src/files/usr/bin/wg_scripts.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,20 @@ function fix_VPN_route {

if [ ! -z "$WG_HOST_IP" ]; then
# Delete existing route if it exists
ip route del $(ip route | grep "$WG_HOST_IP" | awk '{print $1 " via " $3 " dev " $5}')

WWAN_GW=$(ifstatus wwan | jq -r .data.dhcpserver)
WWAN_DEV=$(ifstatus wwan | jq -r .device)
ip route del $(ip route | grep "$WG_HOST_IP" | awk '{print $1 " via " $3 " dev " $5}') 2>/dev/null

# Try wwan first, then wan2
for INTERFACE in "wwan" "wan2"; do
GATEWAY=$(ifstatus $INTERFACE | jq -r .data.dhcpserver)
DEVICE=$(ifstatus $INTERFACE | jq -r .device)

if [ ! -z "$WWAN_GW" ]; then
ip route add "$WG_HOST_IP" via "$WWAN_GW" dev "$WWAN_DEV" proto static metric 1
# Check if we got valid gateway and device
if [ ! -z "$GATEWAY" ] && [ "$GATEWAY" != "null" ] && \
[ ! -z "$DEVICE" ] && [ "$DEVICE" != "null" ]; then
ip route add "$WG_HOST_IP" via "$GATEWAY" dev "$DEVICE" proto static metric 1
break # Exit the loop once we've found a valid interface
fi
done
else
echo "Failed to resolve WG_HOST ($WG_HOST) to an IP address."
fi
Expand Down Expand Up @@ -87,9 +93,15 @@ elif [ "$1" == "off" ];then
echo "turn of the wireguard"
ifdown wg0

# uci set mwan3.vpn.use_policy='wwan_only'
# uci commit mwan3
uci set pbr.@policy[1].interface='wwan'
# Try wwan first, then wan2
for INTERFACE in "wwan" "wan2"; do
# Check if interface exists and is up
if [ -n "$(ifstatus $INTERFACE | jq -r '.up')" ] && [ "$(ifstatus $INTERFACE | jq -r '.up')" = "true" ]; then
uci set pbr.@policy[1].interface="$INTERFACE"
break # Exit loop once we've found a valid interface
fi
done

uci commit pbr

fix_VPN_route
Expand Down