OPENWRT相关汇总

adguard无法启动

保存/应用 时提示error!bin path is a dir

原因：执行文件路径没有填写正确或者没有下载核心

解决：点击更新核心或者执行

sh -x /usr/share/AdGuardHome/update_core.sh下载核心文件

填写执行文件路径

/usr/bin/AdGuardHome/AdGuardHome

NAT6，校园网ipv6

在宿舍搞了个Openwrt的软路由，但无论怎样设置都没能让其下设备有IPv6。检查发现openwrt是可以正常获取的，这说明校园网网口仅会分配一个v6地址，不具备分发的功能。而手上另一个路由器（自带nat6功能）却能正常分发（转发？）使用，这确信了openwrt开启nat6也能实现。

浏览个近10篇教程后，终于在恩山论坛找到解决方法，记录一下。

更新软件源并安装ip6tables和kmod-ipt-nat6

opkg update

opkg install ip6tables

opkg install kmod-ipt-nat6

将 IPv6 LAN 内网地址由 fd 开头变成 dd 开头

uci set network.globals.ula_prefix="$(uci get network.globals.ula_prefix | sed 's/^./d/')"

uci commit network

让DHCP服务器总是通告默认路由

uci set dhcp.lan.ra_default='1'

uci commit dhcp

创建 /etc/init.d/nat6 文件

> /etc/init.d/nat6

vi /etc/init.d/nat6

按i进入编辑模式，右键粘贴。按Esc退出编辑，执行:w和:q保存退出

脚本内容：

#!/bin/sh /etc/rc.common
# NAT6 init script for OpenWrt // Depends on package: kmod-ipt-nat6

# edited by Sad Pencil at 2020-02-09
# replace route command with ip command to solve issues on new OpenWRT


# edited by Sad Pencil at 2021-11-29
# update line WAN6_INTERFACE=$(uci get "network.$WAN6_NAME.device" || uci get "network.$WAN6_NAME.ifname")


START=55
 
# Options
# -------
 
# Use temporary addresses (IPv6 privacy extensions) for outgoing connections? Yes: 1 / No: 0
PRIVACY=1
 
# Maximum number of attempts before this script will stop in case no IPv6 route is available
# This limits the execution time of the IPv6 route lookup to (MAX_TRIES+1)*(MAX_TRIES/2) seconds. The default (15) equals 120 seconds.
MAX_TRIES=15
 
# An initial delay (in seconds) helps to avoid looking for the IPv6 network too early. Ideally, the first probe is successful.
# This would be the case if the time passed between the system log messages "Probing IPv6 route" and "Setting up NAT6" is 1 second.
DELAY=5
 
# Logical interface name of outbound IPv6 connection
# There should be no need to modify this, unless you changed the default network interface names
# Edit by Vincent: I never changed my default network interface names, but still I have to change the WAN6_NAME to "wan" instead of "wan6"
WAN6_NAME="wan6"
 
# ---------------------------------------------------
# Options end here - no need to change anything below
 
boot() {
        [ $DELAY -gt 0 ] && sleep $DELAY
        WAN6_INTERFACE=$(uci get "network.$WAN6_NAME.device" || uci get "network.$WAN6_NAME.ifname")
        logger -t NAT6 "Probing IPv6 route"
        PROBE=0
        COUNT=1
        while [ $PROBE -eq 0 ]
        do
                if [ $COUNT -gt $MAX_TRIES ]
                then
                        logger -t NAT6 "Fatal error: No IPv6 route found (reached retry limit)" && exit 1
                fi
                sleep $COUNT
                COUNT=$((COUNT+1))
                PROBE=$(ip -6 route | grep -i '^default.*via' | grep -i -F "dev $WAN6_INTERFACE" | grep -i -o 'via.*' | wc -l)
        done
 
        logger -t NAT6 "Setting up NAT6"
 
        if [ -z "$WAN6_INTERFACE" ] || [ ! -e "/sys/class/net/$WAN6_INTERFACE/" ] ; then
                logger -t NAT6 "Fatal error: Lookup of $WAN6_NAME interface failed. Were the default interface names changed?" && exit 1
        fi
        WAN6_GATEWAY=$(ip -6 route | grep -i '^default.*via' | grep -i -F "dev $WAN6_INTERFACE" | grep -i -o 'via.*' | cut -d ' ' -f 2 | head -n 1)
        if [ -z "$WAN6_GATEWAY" ] ; then
                logger -t NAT6 "Fatal error: No IPv6 gateway for $WAN6_INTERFACE found" && exit 1
        fi
        LAN_ULA_PREFIX=$(uci get network.globals.ula_prefix)
        if [ $(echo "$LAN_ULA_PREFIX" | grep -c -E "^([0-9a-fA-F]{4}):([0-9a-fA-F]{0,4}):") -ne 1 ] ; then
                logger -t NAT6 "Fatal error: IPv6 ULA prefix $LAN_ULA_PREFIX seems invalid. Please verify that a prefix is set and valid." && exit 1
        fi
 
        ip6tables -t nat -I POSTROUTING -s "$LAN_ULA_PREFIX" -o "$WAN6_INTERFACE" -j MASQUERADE
        if [ $? -eq 0 ] ; then
                logger -t NAT6 "Added IPv6 masquerading rule to the firewall (Src: $LAN_ULA_PREFIX - Dst: $WAN6_INTERFACE)"
        else
                logger -t NAT6 "Fatal error: Failed to add IPv6 masquerading rule to the firewall (Src: $LAN_ULA_PREFIX - Dst: $WAN6_INTERFACE)" && exit 1
        fi
 
        ip -6 route add 2000::/3 via "$WAN6_GATEWAY" dev "$WAN6_INTERFACE"
        if [ $? -eq 0 ] ; then
                logger -t NAT6 "Added $WAN6_GATEWAY to routing table as gateway on $WAN6_INTERFACE for outgoing connections"
        else
                logger -t NAT6 "Error: Failed to add $WAN6_GATEWAY to routing table as gateway on $WAN6_INTERFACE for outgoing connections"
        fi
 
        if [ $PRIVACY -eq 1 ] ; then
                echo 2 > "/proc/sys/net/ipv6/conf/$WAN6_INTERFACE/accept_ra"
                if [ $? -eq 0 ] ; then
                        logger -t NAT6 "Accepting router advertisements on $WAN6_INTERFACE even if forwarding is enabled (required for temporary addresses)"
                else
                        logger -t NAT6 "Error: Failed to change router advertisements accept policy on $WAN6_INTERFACE (required for temporary addresses)"
                fi
                echo 2 > "/proc/sys/net/ipv6/conf/$WAN6_INTERFACE/use_tempaddr"
                if [ $? -eq 0 ] ; then
                        logger -t NAT6 "Using temporary addresses for outgoing connections on interface $WAN6_INTERFACE"
                else
                        logger -t NAT6 "Error: Failed to enable temporary addresses for outgoing connections on interface $WAN6_INTERFACE"
                fi
        fi
 
        exit 0
}

让nat6脚本开机启动

chmod +x /etc/init.d/nat6

/etc/init.d/nat6 enable

修改 /etc/sysctl.conf 文件

net.ipv6.conf.default.forwarding=2

net.ipv6.conf.all.forwarding=2

net.ipv6.conf.default.accept_ra=2

net.ipv6.conf.all.accept_ra=2

在防火墙中添加自定义规则

ip6tables -t nat -I POSTROUTING -s uci get network.globals.ula_prefix -j MASQUERADE

重启防火墙，重启路由器

来源：恩山无线论坛@伤心的笔 https://www.right.com.cn/forum/forum.php?mod=viewthread&tid=2661027&highlight=nat6

参考：https://zhuanlan.zhihu.com/p/492774540?utm_id=0

https://blog.csdn.net/wherelse/article/details/107666578

添加无线驱动

查询缺失驱动

dmesg|grep -i wifi

若是pcie网卡可 lspci 查看是否读取到设备

根据提示下载相关驱动

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree

将.ucode的驱动文件上传到/lib/firmware/

smaba添加用户和密码

在openwrt中添加用户，在smaba中设置密码并启用

vim /etc/passwd添加

yourname:x:0:0:yourname:/yourname:/bin/ash  

yourname为用户名

添加用户后设置访问samba 密码。

smbpasswd -a yourname 

输入两次密码
New SMB password:
Retype SMB password:

vim /etc/samba/smb.conf.template文件中注释掉
invalid users =root

也可以在web界面中-->编辑模板中注释
保存文件后去重启下samba服务

旁路由

网上看了很多教程设置旁路由都是把旁路由当做拨号的路由，又或者把旁路由和主路由的dns互相设置指向对方。这不是脱裤子放屁自找麻烦吗？这样设置只要其中一个设备有小问题就都断网了。私以为旁路由绝不影响主路由及其下设备的使用。主路由dhcp，旁路由固定ip，需要流量经由它时将终端网关指向它即可。

关闭DHCP，设置Ip与主路由在同一网段，如主路由192.168.1.1，旁路由为192.168.1.x。

子网掩码与上级路由一致，网关为主路由ip

物理设置-->选中唯一的接口eth0

防火墙-->自定义规则 添加

iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE

新版openwrt自带nat规则，在界面中设置一下即可

还有，主路由路由表中添加旁路由ip，使wan口流量通旁路由

以上，旁路由设置完成。在软路由上运行代理软件，需要用到时在手机or电脑上将网关和dns设置为旁路由ip