|
|
| Line 1: |
Line 1: |
| {{Colored_box|Text='''Test version only - No commerial product!'''
| | This page has been removed. |
| | |
| Please reach out to [mailto:consulting@sima.gmbh consulting@sima.gmbh] for the requirements to license and use Bondix on our own OpenWRT router platform!}}
| |
| | |
| The client can be installed manually on nearly any OpenWRT based router following the [[Client|client installation guide]]. Things to notice:
| |
| | |
| = Configuration Location =
| |
| * You should create your configuration at <code>/etc/config/saneclient.json</code>
| |
| = init.d Script (etc/init.d/bondix) =
| |
| <nowiki>
| |
| #!/bin/sh /etc/rc.common
| |
| | |
| START=90
| |
| STOP=15
| |
| | |
| start() {
| |
| /opt/bondix/client/saneclient --daemon --flags disableHash useMMSG bondingProxy /etc/config/saneclient.json
| |
| }
| |
| | |
| stop() {
| |
| /opt/bondix/client/bndutil shutdown
| |
| sleep 1
| |
| }
| |
| </nowiki>
| |
| | |
| Use <code>/etc/init.d/bondix enable</code> to automatically start the client
| |
| = UCI integration =
| |
| * You should create an interface in UCI. protocol=none, interface => sane's virtual interface (tun0), firewall zone => wan
| |
| * make sure to set a custom public DNS server
| |
| | |
| = Installation Script (WIP) =
| |
| == Code ==
| |
| <nowiki>#!/bin/sh
| |
| # SANE Configuration:
| |
| TUNNEL="TUNNELNAME"
| |
| TUNNELPASSWORD="TUNNELPASSWORD"
| |
| ENDPOINT="127.0.0.2"
| |
| | |
| # -------------------------------------------------------------------------------
| |
| | |
| # install directory
| |
| INSTALLDIR="/opt/bondix"
| |
| | |
| # version to download
| |
| CURRENTVERSION="https://releases.bondix.dev/files/saneclient-armv7-20210616-b7f5cab8.tar.gz"
| |
| | |
| # location of saneclient config
| |
| CONFIGLOCATION="/etc/config/saneclient.json"
| |
| | |
| set -e
| |
| | |
| echo Downloading \& Installing...
| |
| echo ---------------------------
| |
| | |
| mkdir -p $INSTALLDIR
| |
| cd $INSTALLDIR
| |
| curl -o sane.tar.gz $CURRENTVERSION
| |
| tar -xvzf sane.tar.gz
| |
| rm sane.tar.gz
| |
| | |
| echo
| |
| echo Creating start Script
| |
| echo ---------------------
| |
| | |
| cat <<EOT >> /etc/init.d/bondix
| |
| #!/bin/sh /etc/rc.common
| |
| | |
| START=90
| |
| STOP=15
| |
| | |
| start() {
| |
| /opt/bondix/client/saneclient --daemon --flags disableHash useMMSG bondingProxy $CONFIGLOCATION
| |
| }
| |
| | |
| stop() {
| |
| /opt/bondix/client/bndutil shutdown
| |
| sleep 1
| |
| }
| |
| EOT
| |
| chmod a+x /etc/init.d/bondix
| |
| #/etc/init.d/bondix enable
| |
| | |
| if [ ! -f $CONFIGLOCATION ]; then
| |
| echo
| |
| echo Creating SANE configuration
| |
| echo ---------------------------
| |
| cat <<EOT >> $CONFIGLOCATION
| |
| [
| |
| {"action": "create", "target": "tunnel", "name": "$TUNNEL", "password": "$TUNNELPASSWORD"},
| |
| {"action": "add-server", "target": "tunnel", "host": "$ENDPOINT", "port": "443"},
| |
| {"action": "create-interfaces", "target": "tunnel", "interfaces": {
| |
| "eth1": "mobile",
| |
| "qmimux0": "mobile",
| |
| "qmimux8": "mobile"
| |
| }},
| |
| {"target": "tunnel", "action": "set-preset", "preset": "bonding"},
| |
| {"target": "tunnel", "action": "set", "values": {"advancedSettings": {"maxFlowCount": 16, "maxFlowQueueLength": 30000, "buffers": {"packetCacheSize": 35000}}}},
| |
| {"target": "tunnel", "action": "enable-proxy", "host": "0.0.0.0", "port": "18080"},
| |
| {"target": "system", "action": "set-webinterface", "host": "0.0.0.0", "port": "8088"}
| |
| ]
| |
| EOT
| |
| fi
| |
| | |
| cat <<EOT >> $INSTALLDIR/enable-bondingproxy.sh
| |
| #!/bin/sh
| |
| iptables -t nat -N BONDIX
| |
| iptables -t nat -A BONDIX -d 0.0.0.0/8 -j RETURN
| |
| iptables -t nat -A BONDIX -d 10.0.0.0/8 -j RETURN
| |
| iptables -t nat -A BONDIX -d 100.64.0.0/10 -j RETURN
| |
| iptables -t nat -A BONDIX -d 127.0.0.0/8 -j RETURN
| |
| iptables -t nat -A BONDIX -d 169.254.0.0/16 -j RETURN
| |
| iptables -t nat -A BONDIX -d 172.16.0.0/12 -j RETURN
| |
| iptables -t nat -A BONDIX -d 192.168.0.0/16 -j RETURN
| |
| iptables -t nat -A BONDIX -d 198.18.0.0/15 -j RETURN
| |
| iptables -t nat -A BONDIX -d 224.0.0.0/4 -j RETURN
| |
| iptables -t nat -A BONDIX -d 240.0.0.0/4 -j RETURN
| |
| iptables -t nat -A BONDIX -p tcp -j REDIRECT --to-ports 18080
| |
| iptables -t nat -A PREROUTING --in-interface br-lan -p tcp -j BONDIX
| |
| EOT
| |
| chmod a+x $INSTALLDIR/enable-bondingproxy.sh
| |
| | |
| | |
| /etc/init.d/bondix start
| |
| | |
| echo
| |
| echo Done! 👍</nowiki>
| |
| == ToDo ==
| |
| * UCI Interface Creation
| |
| * Firewall Adjustments
| |
