Jul 30
支持 SOCKS5 代理的:DNS2SOCKS
http://sourceforge.net/projects/dns2socks/
支持 HTTPS (HTTP CONNECT)代理的: DESPROXY-DNS
http://desproxy.sourceforge.net/
能用在什么场合,想用的人自然知道,不多说了。 
发布于Router分类中的文章
Jun 21
这个脚本可以批量删除 NVRAM 中以某些字符串开头的内容:
#/bin/sh #scriptname: nvram_unset_pro for _TEMPVAR in `nvram show 2>/dev/null|grep "^$1"|cut -d'=' -f1`; do nvram unset $_TEMPVAR; done
用法:
nvram_unset_pro bt_
这样就删除了所有 bt_ 开头的设置项。
记得删除完成后用
nvram commit
提交,否则路由器重启后又会生成。
Nov 07
一、下载源程序
git clone https://github.com/semigodking/redsocks.git
二、编译
cd redsocks-master make
会出错:
parser.c: In function 'vp_in_addr': parser.c:306: error: 'AI_ADDRCONFIG' undeclared (first use in this function) parser.c:306: error: (Each undeclared identifier is reported only once parser.c:306: error: for each function it appears in.) make: *** [parser.o] Error 1
三、解决,在parser.c文件的第32行插入如下代码:
#ifndef AI_ADDRCONFIG #define AI_ADDRCONFIG 0x0020 #endif
Aug 14
网上的都要用到 find -mtime,这个参数默认的 busybox 是不支持的,当然你可以下 findunti ,我这个脚本无需额外的程序支持:
#!/bin/sh
# optware backup
# Sun Feb 19 00:34:42 CST 2012
# by Punk
keep=3 #保留历史备份数
backup_source="opt" #需要备份的目录,不可有/开头
backup_dest="/cifs2/hdtv/!opt_bak/" #备份文件存储目录
date=`date +%Y-%m-%d`
hostname=$(hostname -s)
prename="$hostname-optware"
filename="$prename-$date.tgz"
delete_old() {
echo Deleting old backup of Optware...
totalline=`find "$backup_dest" -name "$prename*.tgz" | wc -l`
if [ $totalline -ge $keep ];then
dell=$(($totalline-$keep))
find "$backup_dest" -name "$prename-*.tgz" | sort | head -n $dell | xargs rm -rf
fi
echo Deleting old backup of Optware Finished!
}
backup() {
echo "Backing Up Your Optware System..."
tar czf $backup_dest/$filename -C / $backup_source
echo "Optware Backup Finished!"
}
backup
delete_old
Jun 03
1478 for PPPoA/VC-MUX 1470 for PPPoA/LLC 1446 for PPPoE over ATM/LLC
May 29
2015.07.03 更新,更好的支持 Tomato ARM 版本:
#!/bin/sh #USE AT YOUR OWN RISK. #THIS SCRIPT DOES NOT COME WITH ANY WARRANTY WHATSOEVER. # #Backs up selected nvram variables in "nvram export --set" format. # #Correctly handles multi-line entries. # #Thanks to ryzhov_al for basic approach. # #Should work equally well with both MIPS and ARM builds. # #Looks for a list of items to export in $etc/scriptname.ini #OR enter items to grep for below. # #The items list is a list of regular expressions to match against the #nvram variable names. # #Script assumes all entries are at beginning of line(prefixed with ^). # #Leave items list blank to backup up all of nvram. Resulting in essentially #the same output as MIPS "nvram export --set" # #The items list below is only intended as example and is not complete or #comprehensive. Customize for your own use. # #Edit list below if not using .ini file, it is ignored if .ini file is found items=' DSCP_ atm_overhead cifs[1-2] ctf_ ct_ dhcp_ dhcpd_ ddnsx[0-2] dnsmasq_ dns_ https_ http_enable http_lanport http_wanport http_passwd lan_hostname lan_ipaddr lan_proto modem_ipaddr ne_ new_qoslimit_ nf_ ntp_ portforward ppp_ pppoe_ qos_ qosl_ router_name rrule[0-9] cstats_ rstats_ script_ smbd_ sch_ sshd_eas sshd_forwarding sshd_motd sshd_pass sshd_port sshd_remote sshd_rport tm_ tomatoanon_ usb_ upnp_ wan_dns wan_proto wan_hostname wan_domain wan_hwaddr wan_mtu web_css web_mx wl[0-9]_security_mode wl[0-9]_ssid wl[0-9]_wpa_psk ' etc=/opt/etc base=${0##*/}; base=${base%.*} config=$etc/$base.ini #file to output - default to stdout filename="$1" curr_date=$(date +"%Y-%m-%d") if [ $# -eq 0 -o "$filename" = "" ]; then backupfile="/opt/etc/init.d/nvram_backup-${curr_date}.txt" else backupfile="/opt/etc/init.d/${filename}-${curr_date}.txt" fi grepstr=$( { [ -r $config ] && cat $config || echo "$items" ; } | sed -e 's/[t ]//g;/^$/d' | sed ':a;N;$!ba;s/n/\|^/g') { echo "#Exporting $grepstr" for item in $(nvram show 2>/dev/null | grep "^.*=" | grep "$grepstr" | grep -v "hwaddr" | awk -F= "{print $1}" | sort -u) do item_value="$(nvram get $item | sed 's!([$\"`])!\1!g'; echo nvgetwasnull)" case $item_value in nvgetwasnull) ;; *) echo "nvram set ${item}=\"${item_value% nvgetwasnull}\"" ;; esac done }>"$backupfile"
比较完美的解决了多行文本框内容的备份,例如脚本等处。
#!/bin/sh
#
#USE AT YOUR OWN RISK.
#THIS SCRIPT DOES NOT COME WITH ANY WARRANTY WHATSOEVER.
#
#file to output
backupfile='/mnt/optware/opt/etc/init.d/nvram_restore.sh'
#Enter strings to grep for here.
#
#Use heredocs to build grep from one entry per
#line for ease of maintenance.
#
#Could easily be changed to read external config file.
#
#sed is not my best skill - there may well be cleaner syntax, and
#admittedly this is some quick cut and paste from another script
grepstr=$(cat << EOF | sed -e 's/[t ]//g;/^$/d' | sed ':a;N;$!ba;s/n/\|/g'
^dhcp_
^dhcpd_
^ddnsx
^dnsmasq
^dns_
^https_
^http_passwd
^lan_hostname
^lan_ipaddr
^wan_dns
^wan_proto
^wan_hostname
^wan_domain
^wan_hwaddr
^router_name
^modem_ipaddr
^rrule1
^cstats_
^rstats_
^qos
^new_qoslimit_
^ctf_
^ct_
^bt_
^ne_
^nf_
^ntp_
^smbd_
^usb_
^upnp_
^script_
^wl[0-9]_security_mode
^wl[0-9]_ssid
^wl[0-9]_wpa_psk
^cifs[0-9]
EOF
)
#uncomment next line if you want to see what above creates
#echo $grepstr
[ -e $backupfile ] && rm $backupfile
echo "echo Restoring NVRAM settings" > $backupfile
echo "echo Note: This will overwrite your current NVRAM settings in NVRAM," >> $backupfile
echo "echo but they will not be permanent unless you do a 'nvram commit'" >> $backupfile
echo "echo Restore NVRAM rules..." >> $backupfile
echo Exporting NVRAM rules to $backupfile
#Below mostly from ryzhov_al
#sed to escape chars is mine, may not be complete.
for item in $(nvram show | grep "$grepstr" | awk -F= "{print $1}")
do
item_value=$(nvram get ${item} | sed 's!([$\"`])!\1!g')
echo "nvram set ${item}=\"$item_value\"" >> $backupfile
done
echo "echo Restore of NVRAM settings complete" >> $backupfile
echo "echo To make them permanent, do: nvram commit" >> $backupfile
chmod +x $backupfile
echo NVRAM settings have been exported to $backupfile
echo Now feel free to try new settings
echo To restore from backup, type: $backupfile
感谢 linksysinfo 的高手们!
Apr 03
ASUS RT-N16 可谓好玩又不容易死的一款路由,内存大闪存大就是 NVRAM 尺寸太小,才 32k 。(新的 Linksys 路由器都是 64k)
我的16还加了 5G 网卡,又多了一堆设置,开机就剩余 8k 不到,这样的话,多写几个脚本,加多几个静态 IP 就不够用,G 了一下,DD-WRT Wiki 有答案,随意改一下 Tomato 就能用:
test -f /tmp/nvramshow && rm /tmp/nvramshow
nvram show >> /tmp/nvramshow
i=0
while read -r line; do
val=${line#*=}
var=${line%*=}
if [[ "$val" == "" ]] && [[ "$var" != "wl_wpa_psk" ]]; then
nvram unset $var
fi
i=`expr $i + 1`
if [[ $i == 50 ]]; then
sleep 2
i=0
fi
done < /tmp/nvramshow
exit 0
原理就是把 NVRAM 设置里面那些值为空的全部删掉,这样大约能节省出 3-5k 出来~ 
简化版:(会丢失无线密码,请重设!)
for line in $(nvram show | grep =$); do var=${line%*=}; nvram unset $var;
done
nvram commit
Aug 12
iptables -N dnsfilter -t mangle
iptables -t mangle -I dnsfilter -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x042442b2,0x0807c62d,0x253d369e,0x2e52ae44,0x3b1803ad,0x402158a1,0x4021632f,0x4042a3fb,0x4168cafc,0x41a0db71" -j DROP
iptables -t mangle -I dnsfilter -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x422dfced,0x480ecd63,0x480ecd68,0x4e10310f,0x5d2e0859,0x80797e8b,0x9f6a794b,0xa9840d67,0xc043c606,0xca6a0102" -j DROP
iptables -t mangle -I dnsfilter -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xcab50755,0xcb620741,0xcba1e6ab,0xcf0c5862,0xd0381f2b,0xd1244921,0xd1913632,0xd1dc1eae,0xd35e4293,0xd5a9fb23" -j DROP
iptables -t mangle -I dnsfilter -p udp -m udp -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xd8ddbcb6,0xd8eab30d,0xf3b9bb27,0x4a7d7f66,0x4a7d9b66,0x4a7d2771,0x4a7d2766,0xd155e58a" -j DROP
iptables -t mangle -I PREROUTING -m udp -p udp --sport 53 -j dnsfilter
适用于基于 Linux 系统的路由器,Tomato,DD-WRT,OpenWRT 等,把脚本丢到路由器启动脚本里面即可。
Aug 09
家中或者公司使用了 Tomato 或者 DD-WRT 固件路由器的同学可能想分享他们的“私密” Hosts 文件,但是又不方便拷贝到每台机器,那么把这个 Hosts 文件内容放到路由器上是最方便的,不过 DNSMasq 的 Hosts 文件与 Windows 的 Hosts 文件格式不同,需要做一个转换,于是有了下面这个 HTML 文件,其实就是一个简单的 Javascript 转换。复制所有内容,存为任意命名的 HTML 文件,用浏览器打开,然后点击转换按钮,把转换后的数据贴到路由器 DNS 设置界面就行了。
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Hosts2DNSMasq</title>
<script type="text/javascript">
//类似 PHP 中的 trim
function trim(str) {
var str = str.replace(/^\s\s*/, ''),
ws = /\s/,
i = str.length;
while (ws.test(str.charAt(--i)));
return str.slice(0, i + 1);
}
//转换 Hosts 文件格式到 DNSMasq 的格式
function htol(el) {
var i;
var localz = new Array();
var hosts = document.getElementById(el).value;
var localzs='';
hostdomain = hosts.split("\n");
for (i=0;i<hostdomain.length;i++) {
if (trim(hostdomain[i]) != '') {
localz[i] = hostdomain[i].split("\t");
if (localz[i][1] != undefined && localz[i][0].indexOf("#") == -1) {
localzs += 'address=/'+localz[i][1]+'/'+localz[i][0]+'\n';
} else {
localzs += hostdomain[i]+'\n';
}
}
}
document.getElementById(el).value = localzs;
}
</script>
</head>
<body>
<div style="width:1024px; margin:0 auto;">
<h2>HOSTS</h2>
<div style="margin: 5px auto; display: block;">
<button type="button" id="hosttolocal" onclick="htol('hostsMap');">ConventerToDNSMASQ</button>
</div>
<textarea id="hostsMap" onclick="this.focus();this.select()" style="width:98%;height:550px;margin:0;padding:3px;display:block;"></textarea>
</div>
</body>
</html>
例如以下的 Hosts 数据:
203.208.45.200 base0.googlehosted.com
203.208.45.200 base1.googlehosted.com
203.208.45.200 base2.googlehosted.com
203.208.45.200 base3.googlehosted.com
203.208.45.200 base4.googlehosted.com
203.208.45.200 base5.googlehosted.com
203.208.45.200 bks0.books.google.com
203.208.45.200 bks1.books.google.com
会被转换成:
address=/base0.googlehosted.com/203.208.45.200
address=/base1.googlehosted.com/203.208.45.200
address=/base2.googlehosted.com/203.208.45.200
address=/base3.googlehosted.com/203.208.45.200
address=/base4.googlehosted.com/203.208.45.200
address=/base5.googlehosted.com/203.208.45.200
address=/bks0.books.google.com/203.208.45.200
address=/bks1.books.google.com/203.208.45.200
注意,只是做了简单的格式转换,没有利用 DNSMasq 的(泛域名)特性优化。 
Jul 23
Samba 支持的 NTLM 版本低,nt6 系统要求支持 NTLMv2 。
运行里输入secpol.msc,进入-本地策略-安全选项里,选中:网络安全:LAN管理器身份验证级别,选择:发送LM和NTLM,如果已协商,使用ntlmv2回话,立即生效。
