From 5a7bb6379b54757a02bea2b01913c8d3a28db099 Mon Sep 17 00:00:00 2001 From: rtrimana Date: Fri, 16 Jun 2017 15:28:03 -0700 Subject: [PATCH] Improving scripts and setups --- sentinel_setup/rc.local | 16 ++++++++++++++++ sentinel_setup/setup/clean | 4 ++-- sentinel_setup/setup/show | 2 ++ sentinel_setup/setup/startup.sh | 6 +++--- 4 files changed, 23 insertions(+), 5 deletions(-) create mode 100644 sentinel_setup/rc.local diff --git a/sentinel_setup/rc.local b/sentinel_setup/rc.local new file mode 100644 index 0000000000..bc39028786 --- /dev/null +++ b/sentinel_setup/rc.local @@ -0,0 +1,16 @@ +# Put your custom commands here that should be executed once +# the system init finished. By default this file does nothing. + +#!/bin/sh -e +# Put your custom commands here that should be executed once +# the system init finished. By default this file does nothing. + +exec 2> /tmp/rc.local.log # send stderr from rc.local to a log file +exec 1>&2 # send stdout to the same log file +set -x # tell sh to display commands before execution + +# Sleep and run brctl on the background +sleep 20 && /usr/sbin/brctl hairpin br-wifi wlan0 on && /usr/sbin/brctl hairpin br-wifi wlan1 on & +sleep 20 && /root/setup/startup.sh & + +exit 0 diff --git a/sentinel_setup/setup/clean b/sentinel_setup/setup/clean index 99641e2734..0c3fb63dfb 100755 --- a/sentinel_setup/setup/clean +++ b/sentinel_setup/setup/clean @@ -2,6 +2,6 @@ iptables -t filter -F iptables -t filter -X iptables -t nat -F iptables -t nat -X -iptables -t raw -F -iptables -t raw -X +#iptables -t raw -F +#iptables -t raw -X diff --git a/sentinel_setup/setup/show b/sentinel_setup/setup/show index 42a25ae96c..f1e3ea4802 100755 --- a/sentinel_setup/setup/show +++ b/sentinel_setup/setup/show @@ -2,3 +2,5 @@ #iptables -vL -t nat #iptables -vL -t mangle iptables -L +iptables -t nat -L +iptables -t mangle -L diff --git a/sentinel_setup/setup/startup.sh b/sentinel_setup/setup/startup.sh index fee2e028f2..2c0813950c 100755 --- a/sentinel_setup/setup/startup.sh +++ b/sentinel_setup/setup/startup.sh @@ -4,9 +4,9 @@ iptables -A POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM --checksum-fill # Do block ARP from ESP8266 to itself to avoid DHCPDECLINE -arptables -A INPUT -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72 -arptables -A OUTPUT -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72 -arptables -A FORWARD -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72 +#arptables -A INPUT -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72 +#arptables -A OUTPUT -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72 +#arptables -A FORWARD -j DROP --source-mac 18:fe:34:db:59:72 --destination-mac 18:fe:34:db:59:72 # block everything except ssh, icmp, http, and dhcp # Configure NAT -- 2.34.1