如何让外网访问小米路由器的硬盘文件

解决只能lan口访问,不能wan口访问硬盘资源的问题。

1、小米路由器要开启ssh
2、ssh到小米路由器,编辑/etc/samba/smb.conf.template 文件,将其中的interfaces那一行改为
[code]interfaces = br-lan eth0.2[/code]
3、编辑/etc/config/firewall文件,在文件最后添加以下内容:
[code]
config rule ‘samba_udp’
option src ‘wan’
option dest_port ‘137 138’
option proto ‘udp’
option target ‘ACCEPT’
option name ‘samba_incoming_udp’

config rule ‘samba_tcp’
option src ‘wan’
option dest_port ‘139 445’
option proto ‘tcp’
option target ‘ACCEPT’
option name ‘samba_incoming_tcp’
[/code]
4、执行/etc/init.d/samba restart命令重启samba服务
5、执行/etc/init.d/firewall restart命令重启防火墙

用\\xxx.xxx.xxx.xxx 访问试试。xxx是小米路由器的wan ip地址

nginx日志按天切割的脚本

本脚本原版来自 lnmp.org,修改如下:
不需要写每个日志文件,除了error日志,其他的都自动切割
不按照年月分目录,放在一个目录,这样好处理点。
用法就是放在服务器上 chmod +x,然后加到crontab里

[code lang=”bash”]cat /root/bin/cut_nginx_logs.sh
#!/bin/bash
#function:cut nginx log files for lnmp
#author: http://lnmp.org
#modified by http://www.juyimeng.com/lnmp-nginx-log-cut-per-day-rotation.html

#set the path to nginx log files
log_files_path="/home/wwwlogs/"
#log_files_dir=${log_files_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")
log_files_dir=${log_files_path}bak/
#set nginx log files you want to cut
#get log files list,exclude error.log
log_files_name=($(/bin/find $log_files_path -maxdepth 1 -name "*.log" |grep -v error| awk -F/ ‘{ print $NF }’))
#set the path to nginx.
nginx_sbin="/usr/local/nginx/sbin/nginx"
#Set how long you want to save
save_days=15
############################################
#Please do not modify the following script #
############################################
mkdir -p $log_files_dir
log_files_num=${#log_files_name[@]}

#cut nginx log files
for((i=0;i<$log_files_num;i++));do
mv ${log_files_path}${log_files_name[i]} ${log_files_dir}$(date -d "yesterday" +"%Y%m%d_%s")_${log_files_name[i]}
done
#delete $save_days ago nginx log files
find $log_files_path -mtime +$save_days -exec rm -rf {} \;
#reload nginx
$nginx_sbin -s reload
[/code]

openwrt shadowsocks chinadns 自动脚本

k2定时脚本
[code]root@K2:~# crontab -l
0 1 * * * /etc/shadowsocks/update.sh >> /var/log/shadowsocks_watchdog.log 2>&1
*/10 * * * * /etc/shadowsocks/checknet.sh >> /var/log/shadowsocks_watchdog.log 2>&1
0 1 * * 7 echo “” > /var/log/shadowsocks_watchdog.log[/code]
更新ip地址
[code]
root@K2:~# cat /etc/shadowsocks/update.sh
wget -O- ‘http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest’ | awk -F\| ‘/CN\|ipv4/ \
{ printf(“%s/%d\n”, $4, 32-log($5)/log(2)) }’ > /etc/chinadns_chnroute.txt \
&& /etc/init.d/shadowsocks restart && /etc/init.d/chinadns restart
root@K2:~#[/code]
[code]
检查网络状态,发现有问题就重启
root@K2:~# cat /etc/shadowsocks/checknet.sh
#!/bin/sh

LOGTIME=$(date “+%Y-%m-%d %H:%M:%S”)
wget –spider –quiet –tries=1 –timeout=10 www.google.co.jp
if [ “$?” == “0” ]; then
echo ‘[‘$LOGTIME’] No Problem.’
exit 0
else
wget –spider –quiet –tries=1 –timeout=10 www.baidu.com
if [ “$?” == “0” ]; then
echo ‘[‘$LOGTIME’] Problem decteted, restarting shadowsocks.’
/etc/init.d/shadowsocks restart
/etc/init.d/chinadns restart
else
echo ‘[‘$LOGTIME’] Network Problem. Do nothing.’
fi
fi
root@K2:~#[/code]

advanced tomato

root@tmt-e3200:/tmp/home/root# entware-install.sh
[code]Info: Creating folders…
mkdir: can’t create directory ‘/opt/bin’: Read-only file system
mkdir: can’t create directory ‘/opt/etc/’: Read-only file system
mkdir: can’t create directory ‘/opt/lib/’: Read-only file system
mkdir: can’t create directory ‘/opt/sbin’: Read-only file system
mkdir: can’t create directory ‘/opt/share’: Read-only file system
mkdir: can’t create directory ‘/opt/tmp’: Read-only file system
mkdir: can’t create directory ‘/opt/usr’: Read-only file system
mkdir: can’t create directory ‘/opt/var/’: Read-only file system
mkdir: can’t create directory ‘/opt/var/’: Read-only file system
mkdir: can’t create directory ‘/opt/var/’: Read-only file system
Info: Deploying opkg package manager…
Downloading /opt/bin/opkg… wget: can’t open ‘/opt/bin/opkg’: No such file or directory
failed!

cd /jffs
mkdir opt
cd ../
mount -o bind /jffs/opt /opt[/code]

openwrt shadowsocks chinadns

搭配可以使用的软件
ChinaDNS 1.3.2-3
luci-app-chinadns 1.4.0-1
luci-app-shadowsocks 1.3.7-1
shadowsocks-libev 2.5.6-1

原来的源不行,要修改

src/gz designated_driver_base http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/base
src/gz designated_driver_kernel http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/kernel
src/gz designated_driver_telephony http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/telephony
src/gz designated_driver_packages http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/packages
src/gz designated_driver_routing http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/routing
src/gz designated_driver_luci http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/luci
src/gz designated_driver_management http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/management
# src/gz designated_driver_targets http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/targets

为:
src/gz chaos_calmer_base http://openwrt.proxy.ustclug.org/chaos_calmer/15.05//ramips/mt7620/packages/base
src/gz chaos_calmer_luci http://openwrt.proxy.ustclug.org/chaos_calmer/15.05//ramips/mt7620/packages/luci
src/gz chaos_calmer_management http://openwrt.proxy.ustclug.org/chaos_calmer/15.05//ramips/mt7620/packages/management
src/gz chaos_calmer_packages http://openwrt.proxy.ustclug.org/chaos_calmer/15.05//ramips/mt7620/packages/packages
src/gz chaos_calmer_routing http://openwrt.proxy.ustclug.org/chaos_calmer/15.05//ramips/mt7620/packages/routing
src/gz chaos_calmer_telephony http://openwrt.proxy.ustclug.org/chaos_calmer/15.05//ramips/mt7620/packages/telephony

升级出错可能是wget不支持ssl,更新可以http的源后,即可。

相关配置文件

mkdir /etc/shadowsocks
wget -O- ‘http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest’ | awk -F\| ‘/CN\|ipv4/ { printf(“%s/%d\n”, $4, 32-log($5)/log(2)) }’ > /etc/shadowsocks/ignore.list
wget -O- ‘http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest’ | awk -F\| ‘/CN\|ipv4/ { printf(“%s/%d\n”, $4, 32-log($5)/log(2)) }’ > /etc/chinadns_chnroute.txt

路由器配置

CPU: MT7620N,580MHz。
RAM:32MB
FLASH: 16MB
USB:2.0接口,一个
有线网口:1个RJ45网口,用作 WAN 口。
无线:802.11bgn,2T2R。

linux使用iptables做端口转发

把本机,ip1.1.1.1,端口9002,转发到 2.2.2.2的8080

echo “1” > /proc/sys/net/ipv4/ip_forward
sysctl -p
iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp –dport 9002 -j DNAT –to-destination 2.2.2.2:8080
iptables -t nat -A POSTROUTING -d 2.2.2.2 -p tcp –dport 8080 -j SNAT –to-source 1.1.1.1