jeka/openwrt-auto-extroot-gw-elmash
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add tplink_archer-c7-v5

Browse Source
This commit is contained in:
jeka
2023-12-15 22:53:35 +05:00
parent 1b57777156
commit b39795c16e
4 changed files with 1210 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
image-extras/tplink_archer-c7-v5/etc/uci-defaults/99defaults Normal file
View File

@@ -0,0 +1,115 @@
# Beware! This script will be in /rom/etc/uci-defaults/ as part of the image.
# Uncomment lines to apply:
wlan_name="office"
wlan_password="fuckingwep"
root_password="AsD7fg"
lan_ip_address="192.168.77.4"
hostname="gw-elmash"
# dhcp server 1 disable, 0 enable
dhcpsrv="1"
# log potential errors
exec >/tmp/setup.log 2>&1
if [ -n "$root_password" ]; then
(echo "$root_password"; sleep 1; echo "$root_password") | passwd > /dev/null
fi
# Configure LAN
# More options: https://openwrt.org/docs/guide-user/base-system/basic-networking
if [ -n "$lan_ip_address" ]; then
uci set network.lan.ipaddr="$lan_ip_address"
uci commit network
fi
# Configure WLAN
# More options: https://openwrt.org/docs/guide-user/network/wifi/basic#wi-fi_interfaces
if [ -n "$wlan_name" -a -n "$wlan_password" -a ${#wlan_password} -ge 8 ]; then
uci set wireless.@wifi-device[0].disabled='0'
uci set wireless.@wifi-device[0].channel='11'
uci set wireless.@wifi-device[0].txpower='15'
uci set wireless.@wifi-device[0].disabled='0'
uci set wireless.@wifi-device[0].country='RU'
uci set wireless.@wifi-iface[0].mode='ap'
uci set wireless.@wifi-iface[0].encryption='psk2'
uci set wireless.@wifi-iface[0].ssid="$wlan_name"
uci set wireless.@wifi-iface[0].key="$wlan_password"
#uci set wireless.@wifi-iface[0].macfilter='allow'
#uci add_list wireless.@wifi-iface[0].maclist=''
uci commit wireless
fi
# Configure system
uci set system.@system[0].hostname="$hostname"
uci set system.@system[0].timezone='<+05>-5'
uci set system.ntp.enable_server='1'
uci set system.ntp.interface='lan'
uci set system.@system[0].zonename='Asia/Yekaterinburg
commit system
/etc/init.d/system restart
# Configure ssh dropbear
USER_NAME="admin"
USER_SSHPUB="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSZsnOKXMTO7GTdrDUzuemE2h+SAIwMBbsrLVtx/CFoYidtT5qQ4ukAJG5JvRIkmZUl0t2C69z0nEEZXInTycsqQW7IlYpiy9yTlImd9QmyckZcHptTtEzyNdcCDOXOcW2Q0YEykpOoccTCkk2PHa3Xufel67jTwXfaqAVzaN5fXy6uO2I1ab5HHwCFX8zTuagBXKSYDMlHxrz9friu8ipuiPsEgl5n1LOvasypnZkpjhb5XnJi7tyRHfbzx+X+DIZc/ZW21BPtcExSXn+mmVhTD0vQh9MGG/hnfdvCXGPSKGGHMPiZEL9vzN3PvBYVchp/8DDSKtRZtJnBpNhdtl+8LjGsOgDPN51otOxcDtIQgOiMGbgX6fzMB7EN642b3f8tlFp3aVswtH3isBz6AgeVO+qqI/nW6Io7mayNXrDXVIULh0Ol4TKTZ61KGLCUhX/ZL9ifXdXWlTVeXzidaxIZ7BGF5SaTRlHJhRfqVc8fZI9BBaPFFSqxBYzybYkGzU= jeka@x220"
USER_SHELL="/bin/ash"
SUDO_USER="root"
SUDO_GROUP="sudo"
groupadd -r "${SUDO_GROUP}"
useradd -m -G "${SUDO_GROUP}" -s "${USER_SHELL}" "${USER_NAME}"
passwd -l "${SUDO_USER}"
cat << EOI > /etc/sudoers.d/00-custom
%${SUDO_GROUP} ALL=(ALL) ALL
EOI
USER_HOME="$(eval echo ~"${USER_NAME}")"
mkdir -p "${USER_HOME}"/.ssh
cat << EOI > "${USER_HOME}"/.ssh/authorized_keys
${USER_SSHPUB}
EOI
uci set dropbear.@dropbear[0].PasswordAuth="1"
uci set dropbear.@dropbear[0].RootPasswordAuth="1"
uci set dropbear.@dropbear[0].GatewayPorts='on'
uci commit dropbear
/etc/init.d/dropbear restart
# Configure uhttpd
uci set uhttpd.main.listen_http='0.0.0.0:8080'
uci set uhttpd.main.listen_https='0.0.0.0:4431'
commit uhttpd
/etc/init.d/uhttpd restart
# DHCP server on/off
uci set dhcp.lan.ignore="$dhcpsrv"
uci add host
uci set dhcp.@host[-1].name='jeka-office'
uci set dhcp.@host[-1].mac='4c:cc:6a:01:5d:30'
uci set dhcp.@host[-1].ip='192.168.77.35'
uci add host
uci set dhcp.@host[-1].name='fs1370dn'
uci set dhcp.@host[-1].mac='00:C0:EE:9E:01:55'
uci set dhcp.@host[-1].ip='192.168.77.33'
uci add host
uci set dhcp.@host[-1].name='kyoceraigor'
uci set dhcp.@host[-1].mac='00:17:C8:21:A7:F2'
uci set dhcp.@host[-1].ip='192.168.77.30'
uci add host
uci set dhcp.@host[-1].name='kyocerascanner'
uci set dhcp.@host[-1].mac='00:C0:EE:BB:85:2C'
uci set dhcp.@host[-1].ip='192.168.77.31'
uci add host
uci set dhcp.@host[-1].name='natasha-office'
uci set dhcp.@host[-1].mac='50:46:5D:09:D0:69'
uci set dhcp.@host[-1].ip='192.168.77.36'
uci add host
uci set dhcp.@host[-1].name='klipper'
uci set dhcp.@host[-1].mac='B8:27:EB:B9:82:6D'
uci set dhcp.@host[-1].ip='192.168.77.44'
uci commit dhcp
/etc/init.d/dnsmasq restart
# Configure network
/etc/init.d/network restart
# Configure firewall
/etc/init.d/firewall restart
echo "All done!"

496
image-extras/tplink_archer-c7-v5/usr/bin/getdomains-check.sh Normal file
View File

@@ -0,0 +1,496 @@
#!/bin/sh
HIRKN=/etc/init.d/hirkn
GETDOMAINS=/etc/init.d/getdomains
DUMP=/tmp/dump.txt
checkpoint_true() {
printf "\033[32;1m[\342\234\223] $1\033[0m\n"
}
checkpoint_false() {
printf "\033[31;1m[x] $1\033[0m\n"
}
output_21() {
if [ "$VERSION_ID" -eq 21 ]; then
echo "You are using OpenWrt 21.02. This check does not support it"
fi
}
# System Details
MODEL=$(grep machine /proc/cpuinfo | cut -d ':' -f 2)
RELEASE=$(grep OPENWRT_RELEASE /etc/os-release | awk -F '"' '{print $2}')
printf "\033[34;1mModel:$MODEL\033[0m\n"
printf "\033[34;1mVersion: $RELEASE\033[0m\n"
VERSION_ID=$(grep VERSION_ID /etc/os-release | awk -F '"' '{print $2}' | awk -F. '{print $1}')
RAM=$(free -m | grep Mem: | awk '{print $2}')
if [[ "$VERSION_ID" -ge 22 && "$RAM" -lt 150000 ]]
then
echo "Your router has less than 256MB of RAM. I recommend using only the vpn_domains list"
fi
# Check packages
CURL=$(opkg list-installed | grep -c curl)
if [ $CURL -eq 2 ]; then
checkpoint_true "Curl package"
else
checkpoint_false "Curl package"
echo "Install: opkg install curl"
fi
DNSMASQ=$(opkg list-installed | grep dnsmasq-full | awk -F "-" '{print $3}' | tr -d '.' )
if [ $DNSMASQ -ge 287 ]; then
checkpoint_true "Dnsmasq-full package"
else
checkpoint_false "Dnsmasq-full package"
echo "If you don't use vpn_domains set, it's OK"
echo "Check version: opkg list-installed | grep dnsmasq-full"
echo "Required version >= 2.87. For openwrt 22.03 follow manual: https://t.me/itdoginfo/12"
if [ "$VERSION_ID" -eq 21 ]; then
echo "You are using OpenWrt 21.02. This check does not support it"
echo "Manual for openwrt 21.02: https://t.me/itdoginfo/8"
fi
fi
# Chek xray package
if opkg list-installed | grep -q xray-core; then
checkpoint_false "Xray-core package detected"
fi
if opkg list-installed | grep -q luci-app-xray; then
checkpoint_false "luci-app-xray package detected. Not compatible. For delete: opkg remove luci-app-xray --force-removal-of-dependent-packages"
fi
# Check dnsmasq
DNSMASQ_RUN=$(service dnsmasq status | grep -c 'running')
if [ $DNSMASQ_RUN -eq 1 ]; then
checkpoint_true "Dnsmasq service"
else
checkpoint_false "Dnsmasq service"
echo "Check config /etc/config/dhcp"
output_21
fi
# Check internet connection
if curl -Is https://community.antifilter.download/ | grep -q 200; then
checkpoint_true "Check Internet"
else
checkpoint_false "Check Internet"
if [ $CURL -lt 2 ]; then
echo "Install curl: opkg install curl"
else
echo "Check internet connection. If ok, check date on router. Details: https://cli.co/2EaW4rO"
echo "For more info run: curl -Is https://community.antifilter.download/"
fi
fi
# Check IPv6
if curl -6 -s https://ifconfig.io | egrep -q "(::)?[0-9a-fA-F]{1,4}(::?[0-9a-fA-F]{1,4}){1,7}(::)?"; then
checkpoint_false "IPv6 detected. This script does not currently work with IPv6"
fi
# Tunnels
WIREGUARD=$(opkg list-installed | grep -c wireguard-tools )
if [ $WIREGUARD -eq 1 ]; then
checkpoint_true "Wireguard-tools package"
WG=true
else
checkpoint_false "Wireguard-tools package"
echo "If you don't use WG it's OK"
fi
if [ "$WG" == true ]; then
WG_PING=$(ping -c 1 -q -I wg0 itdog.info | grep -c "1 packets received")
if [ $WG_PING -eq 1 ]; then
checkpoint_true "Wireguard"
else
checkpoint_false "Wireguard"
WG_TRACE=$(traceroute -i wg0 itdog.info -m 1 | grep ms | awk '{print $2}' | grep -c -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ $WG_TRACE -eq 1 ]; then
echo "Tunnel to wg server is work, but routing to internet doesn't work. Check server configuration. Details: https://cli.co/RSCvOxI"
else
echo "Bad news: WG tunnel isn't work, check your WG configuration. Details: https://cli.co/hGUUXDs"
echo "If you don't use WG, but OpenVPN for example, it's OK"
fi
fi
# Check WG route_allowed_ips
if uci show network | grep -q ".route_allowed_ips='1'"; then
checkpoint_false "Wireguard route_allowed_ips"
echo "All traffic goes into the tunnel. Read more at: https://cli.co/SaxBzH7"
else
checkpoint_true "Wireguard route_allowed_ips"
fi
# Check route table
ROUTE_TABLE=$(ip route show table vpn | grep -c "default dev wg0 scope link" )
if [ $ROUTE_TABLE -eq 1 ]; then
checkpoint_true "Route table WG"
else
checkpoint_false "Route table VPN"
echo "Details: https://cli.co/Atxr6U3"
fi
fi
if opkg list-installed | grep -q openvpn; then
checkpoint_true "OpenVPN package"
OVPN=true
else
checkpoint_false "OpenVPN package"
echo "If you don't use OpenVPN it's OK"
fi
# Check OpenVPN
if [ "$OVPN" == true ]; then
if ping -c 1 -q -I tun0 itdog.info | grep -q "1 packets received"; then
checkpoint_true "OpenVPN"
else
checkpoint_false "OpenVPN"
if traceroute -i tun0 itdog.info -m 1 | grep ms | awk '{print $2}' | grep -c -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; then
echo "Tunnel to OpenVPN server is work, but routing to internet doesn't work. Check server configuration."
else
echo "Bad news: OpenVPN tunnel isn't work, check your OpenVPN configuration."
fi
fi
# Check OpenVPN redirect-gateway
if grep -q redirect-gateway /etc/openvpn/*; then
checkpoint_false "OpenVPN redirect-gateway"
echo "All traffic goes into the tunnel. Read more at: https://cli.co/vzTNq_3"
else
checkpoint_true "OpenVPN redirect-gateway"
fi
# Check route table
if ip route show table vpn | grep -q "default dev tun0 scope link"; then
checkpoint_true "Route table OpenVPN"
else
checkpoint_false "Route table OpenVPN"
echo "Details: https://cli.co/Atxr6U3"
fi
fi
if opkg list-installed | grep -q sing-box; then
checkpoint_true "Sing-box package"
# Check route table
if ip route show table vpn | grep -q "default dev tun0 scope link"; then
checkpoint_true "Route table Sing-box"
else
checkpoint_false "Route table Sing-box. Try service network restart. Details: https://cli.co/n7xAbc1"
fi
IP_EXTERNAL=$(curl -s ifconfig.me)
IFCONFIG=$(nslookup -type=a ifconfig.me | awk '/^Address: / {print $2}')
ip route add $IFCONFIG via 172.19.0.1 dev tun0
IP_VPN=$(curl -s ifconfig.me)
ip route del $IFCONFIG via 172.19.0.1 dev tun0
if [ "$IP_EXTERNAL" != $IP_VPN ]; then
checkpoint_true "Sing-box. VPN IP: $IP_VPN"
else
checkpoint_false "Sing-box. Check config: https://cli.co/Badmn3K"
fi
else
checkpoint_false "Sing-box package"
echo "If you don't use sing-box it's OK"
fi
if which tun2socks | grep -q tun2socks; then
checkpoint_true "tun2socks package"
# Check route table
if ip route show table vpn | grep -q "default dev tun0 scope link"; then
checkpoint_true "Route table tun2socks"
else
checkpoint_false "Route table tun2socks. Try service network restart. Details: https://cli.co/n7xAbc1"
fi
IP_EXTERNAL=$(curl -s ifconfig.me)
IFCONFIG=$(nslookup -type=a ifconfig.me | awk '/^Address: / {print $2}')
ip route add $IFCONFIG via 172.16.250.1 dev tun0
IP_VPN=$(curl -s ifconfig.me)
ip route del $IFCONFIG via 172.16.250.1 dev tun0
if [ "$IP_EXTERNAL" != $IP_VPN ]; then
checkpoint_true "tun2socks. VPN IP: $IP_VPN"
else
checkpoint_false "tun2socks. Check config: https://cli.co/VNZISEM"
fi
else
checkpoint_false "tun2socks package"
echo "If you don't use tun2socks it's OK"
fi
# Check sets
# vpn_domains set
vpn_domain_ipset_id=$(uci show firewall | grep -E '@ipset.*vpn_domains' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_domain_ipset_string=$(uci show firewall.@ipset[$vpn_domain_ipset_id] | grep -c "name='vpn_domains'\|match='dst_net'")
vpn_domain_rule_id=$(uci show firewall | grep -E '@rule.*vpn_domains' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_domain_rule_string=$(uci show firewall.@rule[$vpn_domain_rule_id] | grep -c "name='mark_domains'\|src='lan'\|dest='*'\|proto='all'\|ipset='vpn_domains'\|set_mark='0x1'\|target='MARK'\|family='ipv4'")
if [ $((vpn_domain_ipset_string + vpn_domain_rule_string)) -eq 10 ]; then
checkpoint_true "vpn_domains set"
# force resolve for vpn_domains. All list
nslookup terraform.io 127.0.0.1 > /dev/null
nslookup pochta.ru 127.0.0.1 > /dev/null
nslookup 2gis.ru 127.0.0.1 > /dev/null
VPN_DOMAINS_IP=$(nft list ruleset | grep -A 10 vpn_domains | grep -c -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ $VPN_DOMAINS_IP -ge 1 ]; then
checkpoint_true "IPs in vpn_domains"
else
checkpoint_false "IPs in vpn_domains"
echo "If you don't use vpn_domains, it's OK"
echo "But if you want use, check configs"
output_21
fi
else
checkpoint_false "vpn_domains set"
echo "If you don't use vpn_domains set, it's OK"
echo "But if you want use, check config: https://cli.co/AwUGeM6"
fi
# vpn_ip set
vpn_ip_ipset_id=$(uci show firewall | grep -E '@ipset.*vpn_ip' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_ip_ipset_string=$(uci show firewall.@ipset[$vpn_ip_ipset_id] | grep -c "name='vpn_ip'\|match='dst_net'\|loadfile='/tmp/lst/ip.lst'")
vpn_ip_rule_id=$(uci show firewall | grep -E '@rule.*vpn_ip' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_ip_rule_string=$(uci show firewall.@rule[$vpn_ip_rule_id] | grep -c "name='mark_ip'\|src='lan'\|dest='*'\|proto='all'\|ipset='vpn_ip'\|set_mark='0x1'\|target='MARK'\|family='ipv4'")
if [ $((vpn_ip_ipset_string + vpn_ip_rule_string)) -eq 11 ]; then
checkpoint_true "vpn_ip set"
VPN_IP_IP=$(nft list ruleset | grep -A 10 vpn_ip | grep -c -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ $VPN_IP_IP -ge 1 ]; then
checkpoint_true "IPs in vpn_ip"
else
checkpoint_false "IPs in vpn_ip"
echo "But if you want use, check configs"
output_21
fi
else
checkpoint_false "vpn_ip set"
echo "If you don't use vpn_ip set, it's OK"
echo "But if you want use, check config: https://cli.co/AwUGeM6"
fi
# vpn_subnet set
vpn_subnet_ipset_id=$(uci show firewall | grep -E '@ipset.*vpn_subnet' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_subnet_ipset_string=$(uci show firewall.@ipset[$vpn_subnet_ipset_id] | grep -c "name='vpn_subnets'\|match='dst_net'\|loadfile='/tmp/lst/subnet.lst'")
vpn_subnet_rule_id=$(uci show firewall | grep -E '@rule.*vpn_subnet' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_subnet_rule_string=$(uci show firewall.@rule[$vpn_subnet_rule_id] | grep -c "name='mark_subnet'\|src='lan'\|dest='*'\|proto='all'\|ipset='vpn_subnets'\|set_mark='0x1'\|target='MARK'\|family='ipv4'")
if [ $((vpn_subnet_ipset_string + vpn_subnet_rule_string)) -eq 11 ]; then
checkpoint_true "vpn_subnet set"
VPN_IP_SUBNET=$(nft list ruleset | grep -A 10 vpn_subnet | grep -c -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ $VPN_IP_SUBNET -ge 1 ]; then
checkpoint_true "IPs in vpn_subnet"
else
checkpoint_false "IPs in vpn_subnet"
echo "But if you want use, check configs"
output_21
fi
else
checkpoint_false "vpn_subnet set"
echo "If you don't use vpn_subnet set, it's OK"
echo "But if you want use, check config: https://cli.co/AwUGeM6"
fi
# vpn_community set
vpn_community_ipset_id=$(uci show firewall | grep -E '@ipset.*vpn_community' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_community_ipset_string=$(uci show firewall.@ipset[$vpn_community_ipset_id] | grep -c "name='vpn_community'\|match='dst_net'\|loadfile='/tmp/lst/community.lst'")
vpn_community_rule_id=$(uci show firewall | grep -E '@rule.*vpn_community' | awk -F '[][{}]' '{print $2}' | head -n 1)
vpn_community_rule_string=$(uci show firewall.@rule[$vpn_community_rule_id] | grep -c "name='mark_community'\|src='lan'\|dest='*'\|proto='all'\|ipset='vpn_community'\|set_mark='0x1'\|target='MARK'\|family='ipv4'")
if [ $((vpn_community_ipset_string + vpn_community_rule_string)) -eq 11 ]; then
checkpoint_true "vpn_community set"
VPN_COMMUNITY_IP=$(nft list ruleset | grep -A 10 vpn_community | grep -c -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
if [ $VPN_COMMUNITY_IP -ge 1 ]; then
checkpoint_true "IPs in vpn_community"
else
checkpoint_false "IPs in vpn_community"
echo "But if you want use, check configs"
output_21
fi
else
checkpoint_false "vpn_community set"
echo "If you don't use vpn_community set, it's OK"
echo "But if you want use, check config: https://cli.co/AwUGeM6"
output_21
fi
# hirkn script
if [ -s "$HIRKN" ]; then
checkpoint_true "Script hirkn"
if crontab -l | grep -q $HIRKN; then
checkpoint_true "Script hirkn in crontab"
else
checkpoint_false "Script hirkn in crontab"
echo "Script is not enabled in crontab. Check: crontab -l"
fi
else
checkpoint_false "Script hirkn"
echo "Script don't exists in $HIRKN. If you don't use old hirkn script, it's OK"
fi
# getdomains script
if [ -s "$GETDOMAINS" ]; then
checkpoint_true "Script getdomains"
if crontab -l | grep -q $GETDOMAINS; then
checkpoint_true "Script getdomains in crontab"
else
checkpoint_false "Script getdomains in crontab"
echo "Script is not enabled in crontab. Check: crontab -l"
fi
else
checkpoint_false "Script getdomains"
echo "Script don't exists in $GETDOMAINS. If you don't use getdomains, it's OK"
fi
# DNS
# DNSCrypt
if opkg list-installed | grep -q dnscrypt-proxy2; then
checkpoint_true "Dnscrypt-proxy2 package"
if service dnscrypt-proxy status | grep -q 'running'; then
checkpoint_true "DNSCrypt service"
else
checkpoint_false "DNSCrypt service"
echo "Check config: https://cli.co/wN-tc_S"
output_21
fi
DNSMASQ_STRING=$(uci show dhcp.@dnsmasq[0] | grep -c "127.0.0.53#53\|noresolv='1'")
if [ $DNSMASQ_STRING -eq 2 ]; then
checkpoint_true "Dnsmasq config for DNSCrypt"
else
checkpoint_false "Dnsmasq config for DNSCrypt"
echo "Check config: https://cli.co/rooc0uz"
fi
else
checkpoint_false "Dnscrypt-proxy2 package"
echo "If you don't use Dnscrypt, it's OK"
fi
# Stubby
if opkg list-installed | grep -q stubby; then
checkpoint_true "Stubby package"
if service stubby status | grep -q 'running'; then
checkpoint_true "Stubby service"
else
checkpoint_false "Stubby service"
echo "Check config: https://cli.co/HbDBT2V"
output_21
fi
STUBBY_STRING=$(uci show dhcp.@dnsmasq[0] | grep -c "127.0.0.1#5453\|noresolv='1'")
if [ $STUBBY_STRING -eq 2 ]; then
checkpoint_true "Dnsmasq config for Stubby"
else
checkpoint_false "Dnsmasq config for Stubby"
echo "Check config: https://cli.co/HbDBT2V"
fi
else
checkpoint_false "Stubby package"
echo "If you don't use Stubby, it's OK"
fi
# Create dump
if [[ "$1" == dump ]]; then
printf "\033[36;1mCreate dump without private variables\033[0m\n"
date > $DUMP
$HIRKN start >> $DUMP 2>&1
$GETDOMAINS start >> $DUMP 2>&1
uci show firewall >> $DUMP
uci show network | sed -r 's/(.*private_key=|.*preshared_key=|.*public_key=|.*endpoint_host=|.*wan.ipaddr=|.*wan.netmask=|.*wan.gateway=|.*wan.dns|.*.macaddr=).*/\1REMOVED/' >> $DUMP
echo "Dump is here: $DUMP"
echo "For download Linux/Mac use:"
echo "scp root@IP_ROUTER:$DUMP ."
echo "For Windows use PSCP or WSL"
fi
# Check DNS
if [[ "$1" == dns ]]; then
printf "\033[36;1mCheck DNS servers\033[0m\n"
DNS_SERVERS="1.1.1.1 8.8.8.8 8.8.4.4"
DOH_DNS_SERVERS="cloudflare-dns.com 1.1.1.1 mozilla.cloudflare-dns.com security.cloudflare-dns.com"
DOMAINS="instagram.com facebook.com"
echo "1. Block DNS traffic (Port 53/udp is available)"
for i in $DNS_SERVERS;
do
if nslookup -type=a -timeout=2 -retry=1 itdog.info $i | grep -q "timed out"; then
checkpoint_false "$i"
else
checkpoint_true "$i"
fi
done
echo "2. DoH available"
for i in $DOH_DNS_SERVERS;
do
if curl --connect-timeout 5 -s -H "accept: application/dns-json" "https://$i/dns-query?name=itdog.info&type=A" | awk -F"data\":\"" '/data":"/{print $2}' | grep -q -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; then
checkpoint_true "$i"
else
checkpoint_false "$i"
fi
done
echo "3. The response not contains an address from 127.0.0.0/8"
for i in $DOMAINS;
do
if nslookup -type=a -timeout=2 -retry=1 $i | awk '/^Address: / {print $2}' | grep -q -E '127\.[0-9]{1,3}\.'; then
checkpoint_false "$i"
else
checkpoint_true "$i"
fi
done
echo "4. One IP for two different domains"
FIRSTIP=$(nslookup -type=a instagram.com | awk '/^Address: / {print $2}')
SECONDIP=$(nslookup -type=a facebook.com | awk '/^Address: / {print $2}')
if [ "$FIRSTIP" = "$SECONDIP" ] ; then
checkpoint_false "IP addresses are the same"
else
checkpoint_true "Different IP addresses"
fi
echo "5. The response is not blank"
for i in $DOMAINS;
do
if nslookup -type=a -timeout=2 -retry=1 $i | awk '/^Address: / {print $2}' | grep -q -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; then
checkpoint_true "$i"
else
checkpoint_false "$i"
fi
done
echo "6. Сomparing response from unencrypted DNS and DoH (DNS poisoning)"
DOHIP=$(curl -s -H "accept: application/dns-json" "https://1.1.1.1/dns-query?name=facebook.com&type=A" | awk -F"data\":\"" '/data":"/{print $2}' | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')
OPENIP=$(nslookup -type=a -timeout=2 facebook.com 1.1.1.1 | awk '/^Address: / {print $2}')
if [ "$DOHIP" = "$OPENIP" ]; then
checkpoint_true "IPs match"
else
checkpoint_false "IPs not match"
fi
fi
# Info
echo -e "\nTelegram channel: https://t.me/itdoginfo"
echo "Telegram chat: https://t.me/itdogchat"

596
image-extras/tplink_archer-c7-v5/usr/bin/getdomains-install.sh Normal file
View File

@@ -0,0 +1,596 @@
#!/bin/sh
#set -x
check_repo() {
printf "\033[32;1mChecking OpenWrt repo availability...\033[0m\n"
opkg update | grep -q "Failed to download" && printf "\033[32;1mopkg failed. Check internet or date. Command for force ntp sync: ntpd -p ptbtime1.ptb.de\033[0m\n" && exit 1
}
route_vpn () {
if [ "$TUNNEL" == wg ]; then
cat << EOF > /etc/hotplug.d/iface/30-rknroute
#!/bin/sh
ip route add table vpn default dev wg0
EOF
elif [ "$TUNNEL" == singbox ] || [ "$TUNNEL" == ovpn ] || [ "$TUNNEL" == tun2socks ]; then
cat << EOF > /etc/hotplug.d/iface/30-rknroute
#!/bin/sh
sleep 5
ip route add table vpn default dev tun0
EOF
fi
}
add_mark() {
grep -q "99 vpn" /etc/iproute2/rt_tables || echo '99 vpn' >> /etc/iproute2/rt_tables
if ! uci show network | grep -q mark0x1; then
printf "\033[32;1mConfigure mark rule\033[0m\n"
uci add network rule
uci set network.@rule[-1].name='mark0x1'
uci set network.@rule[-1].mark='0x1'
uci set network.@rule[-1].priority='100'
uci set network.@rule[-1].lookup='vpn'
uci commit
fi
}
add_tunnel() {
echo "We can automatically configure only Wireguard. OpenVPN, Sing-box(Shadowsocks2022, VMess, VLESS, etc) and tun2socks will need to be configured manually"
echo "Select a tunnel:"
echo "1) WireGuard"
echo "2) OpenVPN"
echo "3) Sing-box"
echo "4) tun2socks"
echo "5) Skip this step"
while true; do
read -r -p '' TUNNEL
case $TUNNEL in
1)
TUNNEL=wg
break
;;
2)
TUNNEL=ovpn
break
;;
3)
TUNNEL=singbox
break
;;
4)
TUNNEL=tun2socks
break
;;
5)
echo "Skip"
TUNNEL=0
break
;;
*)
echo "Choose from the following options"
;;
esac
done
if [ "$TUNNEL" == 'wg' ]; then
printf "\033[32;1mConfigure WireGuard\033[0m\n"
if opkg list-installed | grep -q wireguard-tools; then
echo "Wireguard already installed"
else
echo "Installed wg..."
opkg install wireguard-tools
fi
route_vpn
read -r -p "Enter the private key (from [Interface]):"$'\n' WG_PRIVATE_KEY
while true; do
read -r -p "Enter internal IP address with subnet, example 192.168.100.5/24 (from [Interface]):"$'\n' WG_IP
if echo "$WG_IP" | egrep -oq '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]+$'; then
break
else
echo "This IP is not valid. Please repeat"
fi
done
read -r -p "Enter the public key (from [Peer]):"$'\n' WG_PUBLIC_KEY
read -r -p "If use PresharedKey, Enter this (from [Peer]). If your don't use leave blank:"$'\n' WG_PRESHARED_KEY
read -r -p "Enter Enpoint host without port (Domain or IP) (from [Peer]):"$'\n' WG_ENDPOINT
read -r -p "Enter Enpoint host port (from [Peer]) [51820]:"$'\n' WG_ENDPOINT_PORT
WG_ENDPOINT_PORT=${WG_ENDPOINT_PORT:-51820}
if [ "$WG_ENDPOINT_PORT" = '51820' ]; then
echo $WG_ENDPOINT_PORT
fi
uci set network.wg0=interface
uci set network.wg0.proto='wireguard'
uci set network.wg0.private_key=$WG_PRIVATE_KEY
uci set network.wg0.listen_port='51820'
uci set network.wg0.addresses=$WG_IP
if ! uci show network | grep -q wireguard_wg0; then
uci add network wireguard_wg0
fi
uci set network.@wireguard_wg0[0]=wireguard_wg0
uci set network.@wireguard_wg0[0].name='wg0_client'
uci set network.@wireguard_wg0[0].public_key=$WG_PUBLIC_KEY
uci set network.@wireguard_wg0[0].preshared_key=$WG_PRESHARED_KEY
uci set network.@wireguard_wg0[0].route_allowed_ips='0'
uci set network.@wireguard_wg0[0].persistent_keepalive='25'
uci set network.@wireguard_wg0[0].endpoint_host=$WG_ENDPOINT
uci set network.@wireguard_wg0[0].allowed_ips='0.0.0.0/0'
uci set network.@wireguard_wg0[0].endpoint_port=$WG_ENDPOINT_PORT
uci commit
fi
if [ "$TUNNEL" == 'ovpn' ]; then
if opkg list-installed | grep -q openvpn-openssl; then
echo "OpenVPN already installed"
else
echo "Installed openvpn"
opkg install openvpn-openssl
fi
printf "\033[32;1mConfigure route for OpenVPN\033[0m\n"
route_vpn
fi
if [ "$TUNNEL" == 'singbox' ]; then
if opkg list-installed | grep -q sing-box; then
echo "Sing-box already installed"
else
AVAILABLE_SPACE=$(df / | awk 'NR>1 { print $4 }')
if [[ "$AVAILABLE_SPACE" -gt 2000 ]]; then
echo "Installed sing-box"
opkg install sing-box
else
printf "\033[31;1mNo free space for a sing-box. Sing-box is not installed.\033[0m\n"
exit 1
fi
fi
if grep -q "option enabled '0'" /etc/config/sing-box; then
sed -i "s/ option enabled \'0\'/ option enabled \'1\'/" /etc/config/sing-box
fi
if grep -q "option user 'sing-box'" /etc/config/sing-box; then
sed -i "s/ option user \'sing-box\'/ option user \'root\'/" /etc/config/sing-box
fi
if grep -q "tun0" /etc/sing-box/config.json; then
printf "\033[32;1mConfig /etc/sing-box/config.json already exists\033[0m\n"
else
cat << 'EOF' > /etc/sing-box/config.json
{
"log": {
"level": "debug"
},
"inbounds": [
{
"type": "tun",
"interface_name": "tun0",
"domain_strategy": "ipv4_only",
"inet4_address": "172.16.250.1/30",
"auto_route": false,
"strict_route": false,
"sniff": true
}
],
"outbounds": [
{
"type": "$TYPE",
"server": "$HOST",
"server_port": $PORT,
"method": "$METHOD",
"password": "$PASS"
}
],
"route": {
"auto_detect_interface": true
}
}
EOF
printf "\033[32;1mCreate template config in /etc/sing-box/config.json. Edit it manually. Official doc: https://sing-box.sagernet.org/configuration/outbound/\033[0m\n"
printf "\033[32;1mOfficial doc: https://sing-box.sagernet.org/configuration/outbound/\033[0m\n"
printf "\033[32;1mManual with example SS: https://cli.co/Badmn3K \033[0m\n"
fi
printf "\033[32;1mConfigure route for Sing-box\033[0m\n"
route_vpn
fi
}
dnsmasqfull() {
if opkg list-installed | grep -q dnsmasq-full; then
printf "\033[32;1mdnsmasq-full already installed\033[0m\n"
else
printf "\033[32;1mInstalled dnsmasq-full\033[0m\n"
cd /tmp/ && opkg download dnsmasq-full
opkg remove dnsmasq && opkg install dnsmasq-full --cache /tmp/
[ -f /etc/config/dhcp-opkg ] && cp /etc/config/dhcp /etc/config/dhcp-old && mv /etc/config/dhcp-opkg /etc/config/dhcp
fi
}
remove_forwarding() {
if [ ! -z "$forward_id" ]; then
while uci -q delete firewall.@forwarding[$forward_id]; do :; done
fi
}
add_zone() {
if [ "$TUNNEL" == 0 ]; then
printf "\033[32;1mZone setting skipped\033[0m\n"
elif uci show firewall | grep -q "@zone.*name='$TUNNEL'"; then
printf "\033[32;1mZone already exist\033[0m\n"
else
printf "\033[32;1mCreate zone\033[0m\n"
# Delete exists zone
zone_tun_id=$(uci show firewall | grep -E '@zone.*tun0' | awk -F '[][{}]' '{print $2}' | head -n 1)
if [ "$zone_tun_id" == 0 ] || [ "$zone_tun_id" == 1 ]; then
printf "\033[32;1mtun0 zone has an identifier of 0 or 1. That's not ok. Fix your firewall. lan and wan zones should have identifiers 0 and 1. \033[0m\n"
exit 1
fi
if [ ! -z "$zone_tun_id" ]; then
while uci -q delete firewall.@zone[$zone_tun_id]; do :; done
fi
zone_wg_id=$(uci show firewall | grep -E '@zone.*wg0' | awk -F '[][{}]' '{print $2}' | head -n 1)
if [ "$zone_wg_id" == 0 ] || [ "$zone_wg_id" == 1 ]; then
printf "\033[32;1mwg0 zone has an identifier of 0 or 1. That's not ok. Fix your firewall. lan and wan zones should have identifiers 0 and 1. \033[0m\n"
exit 1
fi
if [ ! -z "$zone_wg_id" ]; then
while uci -q delete firewall.@zone[$zone_wg_id]; do :; done
fi
uci add firewall zone
uci set firewall.@zone[-1].name="$TUNNEL"
if [ "$TUNNEL" == wg ]; then
uci set firewall.@zone[-1].network='wg0'
elif [ "$TUNNEL" == singbox ] || [ "$TUNNEL" == ovpn ] || [ "$TUNNEL" == tun2socks ]; then
uci set firewall.@zone[-1].device='tun0'
fi
if [ "$TUNNEL" == wg ] || [ "$TUNNEL" == ovpn ] || [ "$TUNNEL" == tun2socks ]; then
uci set firewall.@zone[-1].forward='REJECT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].input='REJECT'
elif [ "$TUNNEL" == singbox ]; then
uci set firewall.@zone[-1].forward='ACCEPT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].input='ACCEPT'
fi
uci set firewall.@zone[-1].masq='1'
uci set firewall.@zone[-1].mtu_fix='1'
uci set firewall.@zone[-1].family='ipv4'
uci commit firewall
fi
if [ "$TUNNEL" == 0 ]; then
printf "\033[32;1mForwarding setting skipped\033[0m\n"
elif uci show firewall | grep -q "@forwarding.*name='$TUNNEL-lan'"; then
printf "\033[32;1mForwarding already configured\033[0m\n"
else
printf "\033[32;1mConfigured forwarding\033[0m\n"
# Delete exists forwarding
if [[ $TUNNEL != "wg" ]]; then
forward_id=$(uci show firewall | grep -E "@forwarding.*dest='wg'" | awk -F '[][{}]' '{print $2}' | head -n 1)
remove_forwarding
fi
if [[ $TUNNEL != "ovpn" ]]; then
forward_id=$(uci show firewall | grep -E "@forwarding.*dest='ovpn'" | awk -F '[][{}]' '{print $2}' | head -n 1)
remove_forwarding
fi
if [[ $TUNNEL != "singbox" ]]; then
forward_id=$(uci show firewall | grep -E "@forwarding.*dest='singbox'" | awk -F '[][{}]' '{print $2}' | head -n 1)
remove_forwarding
fi
if [[ $TUNNEL != "tun2socks" ]]; then
forward_id=$(uci show firewall | grep -E "@forwarding.*dest='tun2socks'" | awk -F '[][{}]' '{print $2}' | head -n 1)
remove_forwarding
fi
uci add firewall forwarding
uci set firewall.@forwarding[-1]=forwarding
uci set firewall.@forwarding[-1].name="$TUNNEL-lan"
uci set firewall.@forwarding[-1].dest="$TUNNEL"
uci set firewall.@forwarding[-1].src='lan'
uci set firewall.@forwarding[-1].family='ipv4'
uci commit firewall
fi
}
show_manual() {
if [ "$TUNNEL" == tun2socks ]; then
printf "\033[42;1mZone for tun2socks cofigured. But you need to set up the tunnel yourself.\033[0m\n"
echo "Use this manual: https://cli.co/VNZISEM"
elif [ "$TUNNEL" == ovpn ]; then
printf "\033[42;1mZone for OpenVPN cofigured. But you need to set up the tunnel yourself.\033[0m\n"
echo "Use this manual: https://itdog.info/nastrojka-klienta-openvpn-na-openwrt/"
fi
}
add_set() {
if uci show firewall | grep -q "@ipset.*name='vpn_domains'"; then
printf "\033[32;1mSet already exist\033[0m\n"
else
printf "\033[32;1mCreate set\033[0m\n"
uci add firewall ipset
uci set firewall.@ipset[-1].name='vpn_domains'
uci set firewall.@ipset[-1].match='dst_net'
uci commit
fi
if uci show firewall | grep -q "@rule.*name='mark_domains'"; then
printf "\033[32;1mRule for set already exist\033[0m\n"
else
printf "\033[32;1mCreate rule set\033[0m\n"
uci add firewall rule
uci set firewall.@rule[-1]=rule
uci set firewall.@rule[-1].name='mark_domains'
uci set firewall.@rule[-1].src='lan'
uci set firewall.@rule[-1].dest='*'
uci set firewall.@rule[-1].proto='all'
uci set firewall.@rule[-1].ipset='vpn_domains'
uci set firewall.@rule[-1].set_mark='0x1'
uci set firewall.@rule[-1].target='MARK'
uci set firewall.@rule[-1].family='ipv4'
uci commit
fi
}
add_dns_resolver() {
echo "Configure DNSCrypt2 or Stubby? It does matter if your ISP is spoofing DNS requests"
DISK=$(df -m / | awk 'NR==2{ print $2 }')
if [[ "$DISK" -lt 32 ]]; then
printf "\033[31;1mYour router a disk have less than 32MB. It is not recommended to install DNSCrypt, it takes 10MB\033[0m\n"
fi
echo "Select:"
echo "1) No [Default]"
echo "2) DNSCrypt2 (10.7M)"
echo "3) Stubby (36K)"
while true; do
read -r -p '' DNS_RESOLVER
case $DNS_RESOLVER in
1)
echo "Skiped"
break
;;
2)
DNS_RESOLVER=DNSCRYPT
break
;;
3)
DNS_RESOLVER=STUBBY
break
;;
*)
echo "Choose from the following options"
;;
esac
done
if [ "$DNS_RESOLVER" == 'DNSCRYPT' ]; then
if opkg list-installed | grep -q dnscrypt-proxy2; then
printf "\033[32;1mDNSCrypt2 already installed\033[0m\n"
else
printf "\033[32;1mInstalled dnscrypt-proxy2\033[0m\n"
opkg install dnscrypt-proxy2
if grep -q "# server_names" /etc/dnscrypt-proxy2/dnscrypt-proxy.toml; then
sed -i "s/^# server_names =.*/server_names = [\'google\', \'cloudflare\', \'scaleway-fr\', \'yandex\']/g" /etc/dnscrypt-proxy2/dnscrypt-proxy.toml
fi
printf "\033[32;1mDNSCrypt restart\033[0m\n"
service dnscrypt-proxy restart
printf "\033[32;1mDNSCrypt needs to load the relays list. Please wait\033[0m\n"
sleep 30
if [ -f /etc/dnscrypt-proxy2/relays.md ]; then
uci set dhcp.@dnsmasq[0].noresolv="1"
uci -q delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server="127.0.0.53#53"
uci add_list dhcp.@dnsmasq[0].server='/use-application-dns.net/'
uci commit dhcp
printf "\033[32;1mDnsmasq restart\033[0m\n"
/etc/init.d/dnsmasq restart
else
printf "\033[31;1mDNSCrypt not download list on /etc/dnscrypt-proxy2. Repeat install DNSCrypt by script.\033[0m\n"
fi
fi
fi
if [ "$DNS_RESOLVER" == 'STUBBY' ]; then
printf "\033[32;1mConfigure Stubby\033[0m\n"
if opkg list-installed | grep -q stubby; then
printf "\033[32;1mStubby already installed\033[0m\n"
else
printf "\033[32;1mInstalled stubby\033[0m\n"
opkg install stubby
printf "\033[32;1mConfigure Dnsmasq for Stubby\033[0m\n"
uci set dhcp.@dnsmasq[0].noresolv="1"
uci -q delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server="127.0.0.1#5453"
uci add_list dhcp.@dnsmasq[0].server='/use-application-dns.net/'
uci commit dhcp
printf "\033[32;1mDnsmasq restart\033[0m\n"
/etc/init.d/dnsmasq restart
fi
fi
}
add_packages() {
if opkg list-installed | grep -q "curl -"; then
printf "\033[32;1mCurl already installed\033[0m\n"
else
printf "\033[32;1mInstall curl\033[0m\n"
opkg install curl
fi
if opkg list-installed | grep -q nano; then
printf "\033[32;1mNano already installed\033[0m\n"
else
printf "\033[32;1mInstall nano\033[0m\n"
opkg install nano
fi
}
add_getdomains() {
echo "Choose you country"
echo "Select:"
echo "1) Russia inside. You are inside Russia"
echo "2) Russia outside. You are outside of Russia, but you need access to Russian resources"
echo "3) Ukraine. uablacklist.net list"
echo "4) Skip script creation"
while true; do
read -r -p '' COUNTRY
case $COUNTRY in
1)
COUNTRY=russia_inside
break
;;
2)
COUNTRY=russia_outside
break
;;
3)
COUNTRY=ukraine
break
;;
4)
echo "Skiped"
COUNTRY=0
break
;;
*)
echo "Choose from the following options"
;;
esac
done
if [ "$COUNTRY" == 'russia_inside' ]; then
EOF_DOMAINS=DOMAINS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Russia/inside-dnsmasq-nfset.lst
elif [ "$COUNTRY" == 'russia_outside' ]; then
EOF_DOMAINS=DOMAINS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Russia/outside-dnsmasq-nfset.lst
elif [ "$COUNTRY" == 'ukraine' ]; then
EOF_DOMAINS=DOMAINS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Ukraine/inside-dnsmasq-nfset.lst
fi
if [ "$COUNTRY" != '0' ]; then
printf "\033[32;1mCreate script /etc/init.d/getdomains\033[0m\n"
cat << EOF > /etc/init.d/getdomains
#!/bin/sh /etc/rc.common
START=99
start () {
$EOF_DOMAINS
EOF
cat << 'EOF' >> /etc/init.d/getdomains
count=0
while true; do
if curl -m 3 github.com; then
curl -f $DOMAINS --output /tmp/dnsmasq.d/domains.lst
break
else
echo "GitHub is not available. Check the internet availability [$count]"
count=$((count+1))
fi
done
if dnsmasq --conf-file=/tmp/dnsmasq.d/domains.lst --test 2>&1 | grep -q "syntax check OK"; then
/etc/init.d/dnsmasq restart
fi
}
EOF
chmod +x /etc/init.d/getdomains
/etc/init.d/getdomains enable
if crontab -l | grep -q /etc/init.d/getdomains; then
printf "\033[32;1mCrontab already configured\033[0m\n"
else
crontab -l | { cat; echo "0 */8 * * * /etc/init.d/getdomains start"; } | crontab -
printf "\033[32;1mIgnore this error. This is normal for a new installation\033[0m\n"
/etc/init.d/cron restart
fi
printf "\033[32;1mStart script\033[0m\n"
/etc/init.d/getdomains start
fi
}
# System Details
MODEL=$(grep machine /proc/cpuinfo | cut -d ':' -f 2)
RELEASE=$(grep OPENWRT_RELEASE /etc/os-release | awk -F '"' '{print $2}')
printf "\033[34;1mModel:$MODEL\033[0m\n"
printf "\033[34;1mVersion: $RELEASE\033[0m\n"
VERSION_ID=$(grep VERSION_ID /etc/os-release | awk -F '"' '{print $2}' | awk -F. '{print $1}')
if [ "$VERSION_ID" -ne 23 ]; then
printf "\033[31;1mScript only support OpenWrt 23.05\033[0m\n"
echo "For OpenWrt 21.02 and 22.03 you can:"
echo "1) Use ansible https://github.com/itdoginfo/ansible-openwrt-hirkn"
echo "2) Configure manually. Old manual: https://itdog.info/tochechnyj-obhod-blokirovok-rkn-na-routere-s-openwrt-s-pomoshhyu-wireguard-i-dnscrypt/"
exit 1
fi
printf "\033[31;1mAll actions performed here cannot be rolled back automatically.\033[0m\n"
check_repo
add_packages
add_tunnel
add_mark
add_zone
show_manual
add_set
dnsmasqfull
add_dns_resolver
add_getdomains
printf "\033[32;1mRestart network\033[0m\n"
/etc/init.d/network restart
printf "\033[32;1mDone\033[0m\n"

3
tplink_archer-c7-v5.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/usr/bin/env bash
./build.sh ath79 generic tplink_archer-c7-v5