分类: 嵌入式
2018-01-24 16:29:39
原文地址:OpenWRT-Document中文 作者:Kernel的makefile
Kamikaze 中的网络配置信息储存在 /etc/config/network 文件中,并且各个接口都有自己的配置。每个接口的配置直接关联到一个eth或者wifi接口(eth0, wl0, ..) ,或者桥接到多个接口。像下面这样:
ifname定义了特殊的Linux接口。如果你想桥接到一个或者多个接口,设置 ifname 为一个接口列表,并添加:
可以通过简单的加入VLAN ID号标记来使用VLAN,例如eth0.1。这样就可以了。
这里对eth0.proto有一个简单的静态配置来描述该接口所使用的协议,默认的Image中通常会提供'none' 'static','dhcp'和'pppoe'方式。其他方式,可以通过加载包来安装其他协议。
像例子中这样使用'static'方法时,ipaddr和netmask是强制的,gateway和dns是可选的。你可以指定不止一个的DNS server,用空格分开。
DHCP目前只可以设置ipaddr(希望从server请求的IP地址)和hostname(客户端主机名标签),两者都是可选的。PPP协议族接受如下选项:
基于PPP 的协议(pppoe, pptp, ...) 接受下列选项:
对于所有类型的协议,都可以通过设置mtu选项来设置MTU。
设置静态路由Setting up static routes你可以给特定的接口设置静态路由,它将在该接口被配置以后显示出效果。
像下面这样简单的加入:
config route foo
option interface lan
option target 1.1.1.0
option netmask 255.255.255.0
option gateway 192.168.1.1
route段中的name是可选的,interface,target和gateway选项是强制的。不使用netmask选项将会使该route设置成host route。
The name for the route section is 可选的, the interface, targetand gateway options are mandatory. Leaving out the netmaskoption will turn the route into a host route.
交换设置需要加入'switch'设置段。例如:
The switch configuration is set by adding a 'switch'config section. 例子:
在Broadcom的硬件上,段名称需要是eth0,所以交换驱动不能识别其他物理交换设备。每个vlan选项都要有个名字vlan,是交换驱动中使用的VLAN序号。这些值可以取如下后缀:
VLANOn Broadcom hardware the section name needs to be eth0, as the switch driver does not detect the switch on any other physical device. Every vlan option needs to have the name vlan where is the VLAN number as used in the switch driver. As value it takes a list of ports with these 可选的 suffixes:
CPU的端口默认是标记的,其他所有端口为非标记。在Broadcom硬件上,CPU端口永远是5。其他端口可能会因不同的硬件而异。
The CPU port defaults to tagged, all other ports to untagged. On Broadcom hardware the CPU port is always 5. The other ports may vary with different hardware.
例如,如果你希望有3个vlan,3个端口用于交换,1个端口是DMZ(隔离区),另外一个端口是WAN口,可以使用如下配置:
For instance, if you wish to have 3 vlans, like one 3-port switch, 1 port in a DMZ, and another one as your WAN interface, use the following configuration :
交换层将会自动建立3个接口:eth0.0(vlan0), eth0.1(vlan1) and eth0.2(vlan2)。
Three interfaces will be automatically created using this switch layout : eth0.0(vlan0), eth0.1(vlan1) andeth0.2(vlan2). You can then assign those interfaces to a custom network configuration name like lan, wanordmzfor instance.
OpenWrt supports IPv6 connectivity using PPP, Tunnel brokers or static assignment.
If you use PPP, IPv6 will be setup using IP6CP and there is nothing to configure.
To setup an IPv6 tunnel to a tunnel broker, you can install the 6scriptspackage and edit the/etc/config/6tunnelfile and change the settings accordingly :
Using the same package you can also setup an IPv6 bridged connection :
By default the script bridges the WAN interface with the LAN interface and uses ebtables to filter anything that is not IPv6 on the bridge.
IPv6 static addressing is also supported using a similar setup as IPv4 but with the ip6prefixing (when applicable).
WiFi设置储存在/etc/config/wireless中(目前支持Broadcom, Atheros 和mac80211)。当第一次启动路由器时,将会自动检测你的卡并且创建简单的配置文件。默认情况下 'option network lan' 是被注释掉的。它提供了一个非安全的无线网络共享。
The WiFi settings are configured in the file /etc/config/wireless(currently supported on Broadcom, Atheros and mac80211). When booting the router for the first time it should detect your card and create a sample configuration file. By default 'option network lan' is commented. This prevents unsecured sharing of the network over the wireless interface.
每一个无线驱动都有自己的配置脚本/lib/wifi/driver_name.sh ,用来处理驱动选项和配置。这个脚本也调用特殊二进制,例如Broadcom的w1c,或者atheros的hostapd 和wpa_supplicant 。
Each wireless driver has its own configuration script in /lib/wifi/driver_name.sh which handles driver specific options and configurations. This script is also calling driver specific binaries like wlc for Broadcom, or hostapd and wpa_supplicant for atheros.
使用不同的架构配置是因为不同的驱动配置。
The reason for using such architecture, is that it abstracts the driver configuration.
标准的Broadcom无线配置: Generic Broadcom wireless config:
标准的Atheros无线配置: Generic Atheros wireless config:
标准的mac80211无线配置: Generic mac80211 wireless config:
标准的多播Atheros无线配置: Generic multi-radio Atheros wireless config:
这个文件里有两个类型的配置段。wifi-device针对物理wifi接口,wifi-iface配置了一个在wifi-device之上的虚拟接口(需要被驱动支持)。
There are two types of config sections in this file. The 'wifi-device' refers to the physical wifi interface and 'wifi-iface' configures a virtual interface on top of that (if supported by the driver).
无线配置全概括:A full outline of the wireless configuration file with description of each field:
wifi-device的配置项: Options for the wifi-device :
wifi-iface的配置: Options for the wifi-iface :
WDS( Wireless Distribution System )是非标准模式,用来互联两个Broadcom设备,而不能连接一个Broadcom和一个Atheros设备。
Wireless Distribution System WDS is a non-standard mode which will be working between two Broadcom devices for instance but not between a Broadcom and Atheros device.
非加密WDS连接。这个配置例程展示了你如何去设置一个非加密的WD连接。我们假定节点已经配置了BSSID ca:fe:ba:be:00:01 和远程WDS 节点ca:fe:ba:be:00:02 (option bssid field Unencrypted WDS) connections
This configuration 例子 shows you how to setup unencrypted WDS connections. We assume that the peer configured as below as the BSSID ca:fe:ba:be:00:01 and the remote WDS endpoint ca:fe:ba:be:00:02 (option bssid field).
加密的WDS连接。支持加密的WDS连接,支持psk, psk2and psk+psk2模式。下面是使用AES算法的Pre-Shared-Keys 的例子。
Encrypted WDS connections It is also possible to encrypt WDS connections. psk, psk2andpsk+psk2modes are supported. Configuration below is an 例子 configuration using Pre-Shared-Keys with AES algorithm.
802.1x configurations OpenWrt supports both 802.1x client and Access Point configurations. 802.1x client is only working with Atheros or mac80211 drivers. Configuration only supports EAP types TLS, TTLS or PEAP.
EAP-TLS
EAP-PEAP
限制:在选择模式的时候有一些限制。只支持如下的模式组合: Limitations: There are certain limitations when combining modes. Only the following mode combinations are supported:
WDS links can only be used in pure AP mode and cannot use WEP (except when sharing the settings with the master interface, which is done automatically).
N is the maximum number of VAPs that the module allows, it defaults to 4, but can be changed by loading the module with the maxvaps=N parameter.
加入新的驱动配置。因为我们目前只支持Broadcom, Atheros and mac80211三种不同的无线驱动,你可能对加入其它驱动感兴趣,比如Ralink RT2x00, Texas Instruments ACX100/111。
Adding a new driver configuration Since we currently only support thread different wireless drivers : Broadcom, Atheros and mac80211, you might be interested in adding support for another driver like Ralink RT2x00, Texas Instruments ACX100/111.
这些驱动的特定脚本要放在/lib/wifi/.脚本必须包括以下几个方法:
The driver specific script should be placed in /lib/wifi/.shand has to include several functions providing :
每个驱动都应该附加到全局变量DRIVERS 中:
Each driver script should append the driver to a global DRIVERS variable :
scan_ ,这个方法将会分析/etc/config/wireless并且保证没有不兼容的配置,例如在ad-hoc模式下隐藏了SSIDS。如果你的设备支持很多配置选项,将是一件非常麻烦的事。 scan_ This function will parse the/etc/config/wireless and make sure there are no configuration incompatibilities, like enabling hidden SSIDS with ad-hoc mode for instance. This can be more complex if your driver supports a lof of configuration options. It does not change the state of the interface.
例子:
enable_ ,这个方法将会启动wifi设备,并且可以建立特定的配置文件,例如针对WPA鉴别者或者提供者。
enable_ This function will bring up the wifi device and 可选的ly create application specific configuration files, e.g. for the WPA authenticator or supplicant.
例子:
disable_ ,这个方法将会关闭wifi设备和它的所有虚拟接口。
disable_ This function will bring down the wifi device and all its virtual interfaces (if supported).
例子:
detect_ ,这个方法寻找驱动可用的接口。为新设备编写的配置模版应该输出到stdout。还必须在建立新模板时,检查是否已经存在属于该接口的配置段。
detect_ This function looks for interfaces that are usable with the driver. Template config sections for new devices should be written to stdout. Must check for already existing config sections belonging to the interfaces before creating new templates.
例子:
这个配置文件被分为段和选项/值两部分。
The config files are divided into sections and options/values.
每一个段都有一个类型,但是不需要都有名字。每个选项都有一个名字和一个值并且分配到一个段中。
Every section has a type, but does not necessarily have a name. Every option has a name and a value and is assigned to the section it was written under.
语法 Syntax:
每个参数都必须是一个单独的字符串,并且被格式化为shell方法的参数。
Every parameter needs to be a single string and is formatted exactly like a parameter for a shell function. The same rules for Quoting and special characters also apply, as it is parsed by the shell.
为了能够加载配置文件,你需要include通用方法:
To be able to load configuration files, you need to include the common functions with:
这样你就可以使用config_load 来加载配置文件。这个函数首先检查的文件名,然后从 /etc/config中调用它。Then you can use config_load to load config files. The function first checks for as absolute filename and falls back to loading it from /etc/config (which is the most common way of using it).
如果你希望使用特殊的回调函数来调用段或者选项,在使用config_load前你需要首先定义你的shell方法(在including /etc/functions.sh之后),如下。
If you want to use special callbacks for sections and/or options, you need to define the following shell functions before running config_load(after including /etc/functions.sh):
你还可以从You can also alter option_cbfrom config_cbbased on the section type. This allows you to process every single config section based on its type individually.
config_cb在每个新段开始后都会运行(在选项被处理之前)。可以通过CONFIG_SECTION变量查看最后的配置段。在config_load完成之后也会调用config_cb(不需要新的配置段)。这就可以再所有选项被处理之前或者之后处理配置段。
config_cbis run every time a new section starts (before options are being processed). You can access the last section through the CONFIG_SECTIONvariable. Also an extra call to config_cb(without a new section) is generated after config_loadis done. That allows you to process sections both before and after all options were processed.
Another way of iterating on config sections is using the config_foreach command.
语法Syntax:
This command will run the supplied function for every single config section in the currently loaded config. The section name will be passed to the function as argument 1. If the section type is added to the command line, the function will only be called for sections of the given type.
You can access already processed options with the config_getcommand Syntax:
In busybox ash the three-option config_getis faster, because it does not result in an extra fork, so it is the preferred way.
Additionally you can also modify or add options to sections by using the config_set command.
Syntax:
If a config section is unnamed, an automatically generated name will be assigned internally, e.g. cfg1, cfg2, ...
While it is possible, using unnamed sections through these autogenerated names is strongly discouraged. Use callbacks orconfig_foreachinstead.
因为OpenWRT使用它自己的初始化脚本系统,所有其他初始化脚本必须安装在/etc/init.d/ name,使用/etc/rc.common作为封装。
Because OpenWrt uses its own init script system, all init scripts must be installed as /etc/init.d/ nameuse/etc/rc.commonas a wrapper.
例子: /etc/init.d/httpd
正如你所看到的,这个脚本并不实际分析命令行参数。这些都是/etc/rc.common来完成的。
as you can see, the script does not actually parse the command line arguments itself. This is done by the wrapper script/etc/rc.common.
start()and stop()是基本的方法,几乎所有的初始化脚本都需要提供。start()将会在用户执行/etc/init.d/httpd start或者在系统启动的时候(如果该脚本使能了并且没有)执行。
start()and stop()are the basic functions, which almost any init script should provide. start()is called when the user runs/etc/init.d/httpd startor (if the script is enabled and does not override this behavior) at system boot time.
使能和禁用初始化脚本是通过/etc/init.d/ name enableor /etc/init.d/ name disable。实际上是在/etc/rc.d中建立或撤销连接,它在启动的时候由/etc/init.d/rcS来处理。
Enabling and disabling init scripts is done by running /etc/init.d/ name enableor /etc/init.d/ name disable. This creates or removes symbolic links to the init script in /etc/rc.d, which is processed by /etc/init.d/rcSat boot time.
这些脚本的默认启动顺序在初始化脚本的START变量中。改变它需要重新该脚本的运行/etc/init.d/ name enable。
The order in which these scripts are run is defined in the variable STARTin the init script. Changing it requires running/etc/init.d/ name enable again.
你还可以重写这些标准的初始化脚本函数:You can also override these standard init script functions:
你也可以通过建立适当的函数并且在EXTRA_COMMANDS变量里声明他们来自定义命令。帮助文档加在EXTRA_HELP里。
You can also add custom commands by creating the appropriate functions and referencing them in theEXTRA_COMMANDSvariable. Helptext is added in EXTRA_HELP.
例子: