SSid federez on vlan12

Please enter the commit message for your changes. Lines starting

.gitignore

@@ -3,7 +3,6 @@
 .*.swp
 /env
 /dl
-/.config
 /.config.old
 /bin
 /build_dir
@@ -12,7 +11,6 @@
 /logs
 /feeds
 /feeds.conf
-/files
 /package/feeds
 /package/openwrt-packages
 *.orig
@@ -22,4 +20,4 @@
 *#
 .emacs.desktop*
 TAGS*~
-git-src
+git-src

READMECR@NS

@@ -0,0 +1,15 @@
+Important :
+Vous avez importé le dépot git modifié par les soins du Cr@ns pour son réseau.
+
+Ce depot est presque pret pour compiler une image de borne.
+Avant, vous ne devez cependant pas oublier :
+- D'upgrader la source des feeds.
+- D'installer manuellement les packets non contenus dans ce depot, qui sont :
+	-monit
+        -syslogng-3
+
+En réalité, la liste complète de ces packets est : attr  glib2  libffi  monit  pcre  tcp_wrappers
+Ensuite, faire un make menuconfig, vérifier que tout est en ordre, puis make,
+et enjoy!
+
+L'ensemble du travail sur ce projet a été efféctué par Daniel Stan, Lucas Serrano et Gabriel Détraz

files/etc/config/dhcp

@@ -0,0 +1,17 @@
+config 'dnsmasq'
+        option domainneeded      1
+        option boguspriv         1
+        option filterwin2k       0
+        option localise_queries  1
+        option rebind_protection 1
+        option rebind_localhost  0
+        option local             '/lan/'
+        option domain            'lan'
+        option expandhosts       1
+        option nonegcache        0
+#       option authoritative     1
+        option readethers        1
+#       option leasefile         '/tmp/dhcp.leases'
+        option resolvfile        '/tmp/resolv.conf.auto'
+        option interface         lo
+

files/etc/config/network

@@ -0,0 +1,56 @@
+
+config interface 'loopback'
+	option ifname 'lo'
+	option proto 'static'
+	option ipaddr '127.0.0.1'
+	option netmask '255.0.0.0'
+
+# utiliser des interfaces de la forme "vlan$n". Ceci produit des bridges de la
+# forme br-vlan$n ce qui correspond à la convention employée par hostapd
+config interface vlan3
+	option ifname	eth0.3
+	option type 	bridge
+        option ipv6	1
+	option proto	dhcpv6
+     
+#config interface vlan3six
+#        option ifname "br-vlan3"
+#        option proto     dhcpv6
+
+# v6only
+config interface vlan6
+    option ifname   eth0.6
+    option type     bridge
+    option proto    none
+
+# isolement
+config interface vlan9
+    option ifname   eth0.9
+    option type     bridge
+    option proto    none
+
+# event
+config interface vlan10
+	option ifname	eth0.10
+	option type 	bridge
+    # Change to dhcp if installed
+	option proto	none
+
+# accueil
+config interface vlan7
+    option ifname   eth0.7
+    option type     bridge
+    option proto    none
+
+# federez
+config interface vlan12
+    option ifname   eth0.12
+    option type     bridge
+    option proto    none
+
+# appts
+config interface vlan21
+    option ifname   eth0.21
+    option type     bridge
+    option proto    none
+

files/etc/config/system

@@ -0,0 +1,11 @@
+config system
+	option hostname	OpenWrt
+	option timezone	CET-1CEST
+    option log_type file
+# thot.crans.org
+    option log_ip  'fda8:5d34:a228:c04:7379:736c:6f67:3031'
+    option log_file /dev/null
+
+config timeserver ntp
+	option enable_server 0
+	list server	ntp.v6.crans.org

files/etc/dropbear/authorized_keys

@@ -0,0 +1,2 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoByWN7RvH9ICpbqLbm8kd/JLDpPMLNYMHSOXNncImhNVQWKjdIpaosRXkN/KmiVZcHQJpKX7Sj5J3+TnrbZHwafgSS319eNdcGdHyQlYl9gbtMs4b4LC9YgJm7Tz3xxk/RXrITrix7J85b1q7hvzvcNCrnqDbeyvggOxQxmsLLD2cpWVw/TXfv+9wRSgEsHYawqDRXgmcmIXufrnmFAkU6efGi3cfs4BQawylnmRM9BQ5evOMRj8OMmR2Dlp4OvCIV5Rut0NXrLphLRUPxxW38aeSguE8lXz76FKdrg8KKRBlPeekPj4YcN6b9Z0FfREZzVeQbZhiYlL/bhCSnTzB apprentis
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCuEDiPDYBcCa5AxeCA+D4DH6C8EeZcJb8Xy/7mm+2nxr7SbnNR8PgiEdHmeTbm6eSHqPsM40aXMbEd97IJ91TDPxghtZHxCVHZp6Tipbpqkj/+gJCSA0Svsf3FZNtCip6aoJlWs5HVz4wmLjs8Y8U1OJ2gAa5LPtc0UFMlyIYk2L2hD7Y9Z+0Ow6F3oDO8cki+MQCN7S/FNdEqIO8dlFN/gbxF0pn9uFNPsQBZHKckX7mhzY7rrD6PoV3h4Byht5s+CNT6kwlE+gWKcnLd/FwXCmKAHcXPZOTgHo4qFJwezwEtWhuIGvIQD7r/Pyuzl3UjS71L8wLZnoPVd2Gmu1lntDgZPgOqFIZsgytswqtlF5JDu/ayhF0Qwtnk7bOrvFVw4fOIvecNxl1MzwcrRjN5I4FFHMCDDZLuUikIh+Y4wGSYkZE40kuvTjDkturO8e7DgjlQZx776gLyVK92oiHcfYclYoMcf/aVxyh2EaKP1pU0o1pLw2QOJjuNetVa7z3gsNfekR+ZJkJlBwfh/Vh4eAuonlJokJup62NHUiTll4jlLL+uI0KURVSPvCbNEwVc5Hv5Wacg6OoQjBjLuPdM40piAJoHH2+UhOWUk2ctoRd2JWLvdgcvMYSWZf8SUegKJ50+juaBEUiOSXBWm/36lKXW5NpE+90pOTF9/gFWHQ== clefwifinew

files/etc/init.d/monit

@@ -0,0 +1,17 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2006-2012 OpenWrt.org
+
+START=60
+
+SERVICE_USE_PID=1
+
+start() {
+	[ -f /etc/monitrc ] || return 1
+	ls -l /etc/monitrc | grep -q '^-rw-------'
+    [ $? -eq 0 ] || chmod 0700 /etc/monitrc
+	service_start /usr/bin/monit
+}
+
+stop() {
+	service_stop /usr/bin/monit
+}

files/etc/monitrc

@@ -0,0 +1,52 @@
+###############################################################################
+## Monit Cr@ns Config !
+###############################################################################
+##
+## Start Monit in the background (run as a daemon):
+#
+set daemon  60              # check services at 1-minute intervals
+    with start delay 30     # optional: delay the first check by 4-minutes (by 
+#                           # default Monit check immediately after Monit start)
+
+set logfile syslog facility log_daemon                       
+#set logfile /tmp/monit_log  # Test logging
+#
+## Set the location of the Monit id file which stores the unique id for the
+## Monit instance. The id is generated and stored on first Monit start. By 
+## default the file is placed in $HOME/.monit.id.
+#
+set idfile /var/.monit.id
+
+# Bind and authorize only to localhost:
+set httpd port 2812 and
+    use address localhost
+    allow localhost
+
+#
+## Set the location of the Monit state file which saves monitoring states
+## on each cycle. By default the file is placed in $HOME/.monit.state. If
+## the state file is stored on a persistent filesystem, Monit will recover
+## the monitoring state across reboots. If it is on temporary filesystem, the
+## state will be lost on reboot which may be convenient in some situations.
+#
+set statefile /var/.monit.state
+
+## Check hostapd
+check process hostapd with pidfile /var/run/wifi-phy0.pid
+	start program = "/usr/sbin/hostapd -P /var/run/wifi-phy0.pid -B /var/run/hostapd-phy0.conf" with timeout 60 seconds
+	stop program = "/usr/bin/killall hostapd"
+	if 5 restarts within 5 cycles then timeout
+
+check process sshd with pidfile /var/run/dropbear.1.pid
+    start program  "/etc/init.d/dropbear start"
+    stop program  "/etc/init.d/dropbear stop"
+    if failed port 22 protocol ssh then restart
+    if 5 restarts within 5 cycles then timeout
+
+check program watch_net with path "/usr/share/watch_net/watch_net.sh"
+       if status != 0 then alert
+
+check process logread with pidfile /var/run/logread.2.pid
+    start program  "/etc/init.d start"                                                                                   
+    stop program  "/etc/init.d stop"                                   
+    if 5 restarts within 5 cycles then timeout    

files/lib/upgrade/erase_all.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Customisation Cr@ns : on ne garde que les clefs ssh lors d'un sysupgrade
+# le reste de la configuration est géré dans l'image ou via l'initscript
+# de first boot (hostname via dhcp par ex)
+
+# Surcharge de la fonction add_uci_conffiles de /sbin/sysupgrade
+add_uci_conffiles() {
+        local file="$1"
+       	( cat <<EOF
+/etc/dropbear/dropbear_rsa_host_key
+/etc/dropbear/dropbear_dss_host_key
+EOF
+) > $file
+        return 0
+}

files/usr/share/watch_net/watch_net.sh

@@ -0,0 +1,91 @@
+#!/bin/sh
+
+# Watch the different broadcast networks and hide them if they
+# are considered unusable.
+# A new entry in wifi-iface sections of wireless config has been added
+# test_connect can contain a shell command giving the state of the
+# network:
+# for a bridged wifi network (without IP on APs side), this could be:
+# option 'test_connect' 'arping -I br-$(net) $(routeur_ip) -c 4'
+# for wpa2 networks, test_connect can be ommited and connectivity
+# to the radius serveur will be checked.
+# In case of lack of connectivity, the corresponding SSID won't be
+# broadcast anymore, preveting new clients from connecting.
+# Currently, the scripts uses SIGHUP signal to hostapd process which
+# ends up in loosing anyway all associated clients on the >>radio<<
+# (hope this will be fixed)
+
+CONF=/var/run/hostapd-phy0.conf
+PID=/var/run/wifi-phy0.pid
+CTRL=/var/run/hostapd/
+
+. /lib/functions.sh
+
+# Numbered of changed statuses
+changed=0
+
+
+get_dev_of_ssid() {
+  for dev in `ls $CTRL`; do
+    hostapd_cli -p$CTRL -i$dev get_config | grep "^ssid=$1$" -q && {
+      echo $dev; return;
+    }
+
+  done
+}
+
+set_ignore_broadcast_ssid() {
+  dev=`get_dev_of_ssid $1`
+  echo "ssid $1 in $dev"
+  old=`sed -e "/^\(interface\|bss\)=$dev$/,/^bss=/ s/^ignore_broadcast_ssid=\(.*\)$/\1/; t; d" $CONF`
+  [ -z "$old" ] && { echo "Old value not found. Skipping"; return; }
+  echo "Set to $2 (old=$old)"
+  [ "$old" -eq $2 ] && {
+    echo "...Unchanged !"
+  } || {
+    sed -e "/^\(interface\|bss\)=$dev$/,/^bss=/ s/^ignore_broadcast_ssid=.*$/ignore_broadcast_ssid=$2/; " -i $CONF
+    changed=$(($changed+1))
+  }
+}
+
+check_ssid() {
+  local iface="$1"
+  config_get ssid $iface ssid default
+  config_get test_connect $iface test_connect
+  config_get disabled $iface disabled 0
+  [ $disabled -ne 0 ] && {
+    echo "$ssid: skipped (disabled)"
+    return
+  }
+  [ -z "$test_connect" ] && {
+    config_get server $iface server
+    [ -z "$server" ] && {
+       test_connect="true"
+    } || {
+       test_connect="ping -c 4 $server"
+    }
+  }
+  echo "$ssid: $test_connect ..."
+  $test_connect &> /dev/null
+  [ 0 -eq $? ] && set_ignore_broadcast_ssid "$ssid" 0 \
+               || set_ignore_broadcast_ssid "$ssid" 1
+ 
+}
+
+# TODO: find out why this causes all clients to be disconnected on the radio
+# maybe we should try reload the configuration using "hostapd_cli reconfigure"
+# however we should figure out first what happened to that command
+# (http://lists.shmoo.com/pipermail/hostap/2011-July/023520.html ?)
+reload_hostapd() {
+  echo "reload config"
+  kill -1 `cat $PID`
+}
+
+config_load wireless
+cp $CONF $CONF.bak
+config_foreach check_ssid wifi-iface
+[ 0 -ne "$changed" ] && {
+  reload_hostapd
+}
+
+exit $changed

package/base-files/files/etc/banner

@@ -1,13 +1,15 @@
-  _______                     ________        __
+  _______                     ________        __
  |       |.-----.-----.-----.|  |  |  |.----.|  |_
  |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
  |_______||   __|_____|__|__||________||__|  |____|
-          |__| W I R E L E S S   F R E E D O M
+          |__| W I R E L E S S   F R E E D O M
  -----------------------------------------------------
- BARRIER BREAKER (%C, %R)
+ %C  (CR@NS edition -  wifi.crans.org, %R )
  -----------------------------------------------------
   * 1/2 oz Galliano         Pour all ingredients into
   * 4 oz cold Coffee        an irish coffee mug filled
   * 1 1/2 oz Dark Rum       with crushed ice. Stir.
   * 2 tsp. Creme de Cacao
- -----------------------------------------------------
+ ----------------------------------------------------
+ Camille Dumas est dans le gymnase !
+ ----------------------------------------------------

package/kernel/mac80211/files/lib/wifi/mac80211.sh

@@ -97,20 +97,63 @@ detect_mac80211() {
 
 		cat <<EOF
 config wifi-device  radio$devidx
-	option type     mac80211
-	option channel  ${channel}
-	option hwmode	11${mode_band}
+    option type     mac80211
+    option channel  ${channel}
+    option hwmode   11${mode_band}
 $dev_id
 $ht_capab
-	# REMOVE THIS LINE TO ENABLE WIFI:
-	option disabled 1
+    # REMOVE THIS LINE TO ENABLE WIFI:
+    #option disabled 1
+    option country FR
 
 config wifi-iface
-	option device   radio$devidx
-	option network  lan
-	option mode     ap
-	option ssid     OpenWrt
-	option encryption none
+    option device   radio$devidx
+    option network  vlan3
+    option mode     ap
+    option isolate  0
+    option wmm      1
+    option ssid     Cr@ns-test
+    option encryption wpa2
+    # Serveur radius de prod:
+    option server     fda8:5d34:a228:c04:7261:6469:7573:3031
+    option key        fill_it
+    option disabled 1
+    option dynamic_vlan 1
+
+config wifi-iface
+    option device   radio$devidx
+    option network  vlan12
+    option mode     ap
+    option isolate  0
+    option wmm      1
+    option ssid     Federez
+    option encryption wpa2
+    # Serveur radius de prod:
+    option server     fda8:5d34:a228:c04:7261:6469:7573:3031
+    option key        fill_it
+    option disabled 1
+    option dynamic_vlan 1
+
+config wifi-iface
+   option device   radio$devidx
+   option network  vlan10
+   option mode     ap
+   option isolate  0
+   option wmm      1
+   option ssid     Cr@ns-Install
+   option encryption none
+   option disabled 1
+
+
+config 'wifi-iface'
+        option 'device' 'radio$devidx'
+        option 'network' 'vlan7'
+        option 'mode' 'ap'
+        option 'ssid' 'Cr@ns-accueil'
+        option 'encryption' 'none'
+        option 'test_connect' 'arping -I br-vlan7 10.51.0.10 -c 4'
+    option isolate  1
+    option wmm      1
 
 EOF
 	devidx=$(($devidx + 1))

package/network/config/netifd/files/lib/netifd/dhcp.script

@@ -74,7 +74,16 @@ setup_interface () {
 	# [ -n "$ntpsrv" ] && 	change_state network "$ifc" lease_ntpsrv "$ntpsrv"
 	# [ -n "$timesvr" ] && 	change_state network "$ifc" lease_timesrv "$timesvr"
 	# [ -n "$hostname" ] &&	change_state network "$ifc" lease_hostname "$hostname"
+
 	# [ -n "$timezone" ] && 	change_state network "$ifc" lease_timezone "$timezone"
+    # Cr@ns: hostname fournit par dhcp
+    config_get old_host system hostname OpenWrt
+    [ "$old_host" == "OpenWrt" ] && {
+        /sbin/uci set system.@system[0].hostname="$hostname"
+        /sbin/uci commit system
+        echo "$hostname" > /proc/sys/kernel/hostname
+    }
+
 }
 
 deconfig_interface() {

package/network/services/hostapd/files/hostapd-full.config

@@ -170,3 +170,7 @@ CONFIG_FULL_DYNAMIC_VLAN=y
 CONFIG_ACS=y
 
 CONFIG_UBUS=y
+
+# Allow use of *sta commands from hostapd_cli
+CONFIG_CTRL_IFACE_MIB=y
+

package/network/services/hostapd/files/hostapd.sh

@@ -2,6 +2,7 @@ hostapd_set_bss_options() {
 	local var="$1"
 	local vif="$2"
 	local enc wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wps_possible
+    local vlan_enable ifname vlan_interface vlan_file vlan_naming
 
 	config_get enc "$vif" encryption "none"
 	config_get wep_rekey        "$vif" wep_rekey        # 300
@@ -71,6 +72,23 @@ hostapd_set_bss_options() {
 		*ng:TKIP|*na:TKIP) crypto="CCMP TKIP";;
 	esac
 
+       config_get vlan_enable "$vif" vlan_enable 0
+       case "$vlan_enable" in
+               1|2)
+                       append "$var" "dynamic_vlan=$vlan_enable" "$N"
+                       config_get ifname "$vif" ifname
+                       config_get vlan_file "$vif" vlan_file "/var/run/hostapd.${ifname}.vlan"
+                       [ "$vlan_file" = "/var/run/hostapd.${ifname}.vlan" ] && {
+                               echo "* ${ifname}.#" > "$vlan_file"
+                       }
+                       append "$var" "vlan_file=$vlan_file" "$N"
+                       config_get vlan_interface "$vif" vlan_interface ""
+                       [ -n "$vlan_interface" ] && append "$var" "vlan_tagged_interface=$vlan_interface" "$N"
+                       config_get vlan_naming "$vif" vlan_naming 1
+                       append "$var" "vlan_naming=$vlan_naming" "$N"
+               ;;
+       esac
+
 	# use crypto/auth settings for building the hostapd config
 	case "$enc" in
 		none)

package/network/services/hostapd/files/netifd.sh

@@ -259,6 +259,7 @@ hostapd_set_bss_options() {
 			[ -n "$dynamic_vlan" ] && {
 				append bss_conf "dynamic_vlan=$dynamic_vlan" "$N"
 				append bss_conf "vlan_naming=$vlan_naming" "$N"
+				append bss_conf "vlan_bridge=br-vlan" "$N"
 				[ -n "$vlan_tagged_interface" ] && \
 					append bss_conf "vlan_tagged_interface=$vlan_tagged_interface" "$N"
 			}