OpenWrt
/
OpenWrt_x86-r2s-r4s-r5s-N1
cermin dari https://github.com/kiddin9/OpenWrt_x86-r2s-r4s-r5s-N1.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221
							#!/bin/sh

[[ "$(df | grep overlay)" && ! "$(df | grep /rom/overlay)" ]] && firstboot

version=`uci -q get base_config.@status[0].version`

. /etc/openwrt_release
test -n "${DISTRIB_ID}" || DISTRIB_ID=OpenWrt
DISTRIB_ID=`echo -n $DISTRIB_ID | tr a-z A-Z`

if [ "$(uci -q get dhcp.@dnsmasq[0].port)" != "53" ]; then
	uci -q set dhcp.@dnsmasq[0].port='53'
	uci commit dhcp
fi

uci set dockerd.firewall.extra_iptables_args='--match conntrack ! --ctstate RELATED,ESTABLISHED'
uci commit dockerd

sed -i '/profile.d/d' /lib/upgrade/keep.d/base-files

echo $(uci -q get uhttpd.main.index_page) | grep -q "cgi-bin/luci" ||
	uci -q add_list uhttpd.main.index_page='cgi-bin/luci' && uci commit uhttpd

/etc/init.d/wizard disable

[ -f /usr/bin/wget ] && 	
	ln -s /usr/bin/wget /usr/bin/wget-ssl

sed -i "s/git-.*-\(.*\)/git-\1/g" /usr/lib/lua/luci/version.lua

[[ "$(echo "$(/sbin/cpuinfo 2>/dev/null)" | grep -i "MHz")" ]] || sed -i "s/_('CPU Info'),cpuinfo.cpufreq,//" /www/luci-static/resources/view/status/include/10_system.js

grep -q op.supes.top /etc/bypass/white.list ||
		echo "op.supes.top" >> /etc/bypass/white.list

processor=`cat /proc/cpuinfo | grep 'processor' | wc -l`
test -n "$processor" || processor=3
sed -i "/^threads =/c\threads = $processor" /etc/uwsgi/vassals/luci-webui.ini
test $version -lt 1 && {
	uci -q set luci.main.lang='auto'
	uci -q set luci.main.mediaurlbase=/luci-static/edge
	uci commit luci
	
	uci -q set dropbear.@dropbear[0].Interface='lan'
	uci commit dropbear
	
	uci -q get system.@system[0] >/dev/null 2>&1 && {
		uci -q set system.@system[0].hostname="${DISTRIB_ID}"
		uci -q set system.@system[0].zonename='Asia/Shanghai'
		uci -q set system.@system[0].timezone='CST-8'
		uci -q del system.ntp.server
		uci -q add_list system.ntp.server='ntp.aliyun.com'
		uci -q add_list system.ntp.server='0.openwrt.pool.ntp.org'
		uci commit system
	}

	uci -q set uhttpd.main.rfc1918_filter=0
	uci -q set uhttpd.main.redirect_https=0
	uci -q set uhttpd.main.script_timeout='120'
	uci commit uhttpd
	
	wifi_setup_radio(){
	local radio=$1
	uci -q get wireless.${radio} >/dev/null 2>&1 && {
		uci -q batch <<-EOT
			set -q wireless.${radio}.disabled='0'
		EOT
		
		if [ "$(uci -q get wireless.${radio}.hwmode)" = "11a" ]; then
			uci -q set wireless.${radio}.htmode='VHT80'
		else
			uci -q set wireless.${radio}.htmode='VHT40'
		fi

		obj=`uci -q add wireless wifi-iface`
		test -n "$obj" && {
			uci -q set wireless.$obj.device="${radio}"
			uci -q set wireless.$obj.network='lan'
			uci -q set wireless.$obj.mode='ap'
			if [ "$(uci -q get wireless.${radio}.hwmode)" == "11a" ]; then
				uci -q set wireless.$obj.ssid="${SSID}_5G"
			else
				uci -q set wireless.$obj.ssid="${SSID}_2.4G"
			fi
			if [ "${SSID_PASSWD}" ]; then
				uci -q set wireless.$obj.encryption='psk2'
				uci -q set wireless.$obj.key="${SSID_PASSWD}"
			else
				uci -q set wireless.$obj.encryption='none'
			fi
			}
		}
	}

	[ -f /etc/config/wireless ] && {
		SSID=${DISTRIB_ID}
		SSID_PASSWD=""
		while uci delete wireless.@wifi-iface[0] >/dev/null 2>&1; do :; done
		for radio in radio0 radio1 radio2 radio3 wifi0 wifi1 wifi2 wifi3; do
			wifi_setup_radio ${radio}
		done
		uci commit wireless
	}
	
	uci -q set upnpd.config.enabled='1'
	uci commit upnpd
	
	grep -q log-facility /etc/dnsmasq.conf ||
		echo "log-facility=/dev/null" >> /etc/dnsmasq.conf

	grep -q /etc/dnsmasq.d /etc/dnsmasq.conf ||
		echo "conf-dir=/etc/dnsmasq.d" >> /etc/dnsmasq.conf

	uci -q set firewall.@defaults[0].fullcone='1'
	uci commit firewall

	uci -q set fstab.@global[0].anon_mount=1
	uci commit fstab
 
	uci -q set network.lan.ipaddr="10.0.0.1"
	uci -q set network.@globals[0].packet_steering=1
	uci commit network
  
	uci -q set dhcp.@dnsmasq[0].dns_redirect='1'
	uci -q set dhcp.@dnsmasq[0].allservers='1'
	uci -q del dhcp.@dnsmasq[0].noresolv
	uci -q set dhcp.@dnsmasq[0].cachesize='1500'
	uci -q set dhcp.@dnsmasq[0].min_ttl='3600'
	uci -q set dhcp.lan.force='1'
	uci -q set dhcp.lan.ra='hybrid'
	uci -q set dhcp.lan.ndp='hybrid'
	uci -q set dhcp.lan.dhcpv6='hybrid'
	uci -q set dhcp.lan.force='1'
	uci commit dhcp

	uci -q set nft-qos.default.limit_enable='0'
	uci commit nft-qos

	uci -q set system.@system[0].conloglevel='4'
	uci -q set system.@system[0].cronloglevel='8'
	uci commit system
}

# kB
memtotal=`grep MemTotal /proc/meminfo | awk '{print $2}'`
if test $memtotal -ge 1048576; then
	# > 1024M
	cachesize=10000
	dnsforwardmax=10000
	nf_conntrack_max=262144
elif test $memtotal -ge 524288; then
	# <= 1024M
	cachesize=10000
	dnsforwardmax=10000
	nf_conntrack_max=131072
elif test $memtotal -ge 262144; then
	# <= 512M
	cachesize=8192
	dnsforwardmax=8192
	nf_conntrack_max=65536
elif test $memtotal -ge 131072; then
	# <= 256M
	cachesize=4096
	dnsforwardmax=4096
	nf_conntrack_max=65536
elif test $memtotal -ge 65536; then
	# <= 128M
	cachesize=2048
	dnsforwardmax=2048
	nf_conntrack_max=32768
else
	# < 64M
	cachesize=1024
	dnsforwardmax=1024
	nf_conntrack_max=16384
fi

test $version -lt 1 && {
	uci -q get dhcp.@dnsmasq[0] || uci -q add dhcp dnsmasq
	uci -q set dhcp.@dnsmasq[0].cachesize="$cachesize"
	uci -q set dhcp.@dnsmasq[0].dnsforwardmax="$dnsforwardmax"
	uci -q set dhcp.@dnsmasq[0].localservice='0'
	uci -q set dhcp.@dnsmasq[0].localise_queries='1'
	uci -q set dhcp.@dnsmasq[0].rebind_protection='0'
	uci -q set dhcp.@dnsmasq[0].rebind_localhost='1'
	uci commit dhcp
	uci -q set system.@system[0].zram_comp_algo='zstd'
	uci -q set system.@system[0].zram_size_mb="$(expr $memtotal / 1024 / 3)"
	uci commit system
	version=1
}

# sysctl overwrite
SYSCTL_LOCAL=/etc/sysctl.d/50-local.conf
mkdir -p /etc/sysctl.d
echo -n >$SYSCTL_LOCAL
echo net.nf_conntrack_max=$nf_conntrack_max >>$SYSCTL_LOCAL
echo net.ipv4.ip_early_demux=0 >>$SYSCTL_LOCAL
echo net.bridge.bridge-nf-call-iptables=0 >>$SYSCTL_LOCAL
echo net.ipv4.fib_multipath_hash_policy=1 >>$SYSCTL_LOCAL
echo net.ipv4.tcp_congestion_control=cubic >>$SYSCTL_LOCAL
echo net.netfilter.nf_conntrack_helper=1 >>$SYSCTL_LOCAL
echo kernel.msgmax = 65536 >>$SYSCTL_LOCAL
echo kernel.msgmnb = 65536 >>$SYSCTL_LOCAL
echo vm.swappiness=0 >>$SYSCTL_LOCAL

cp -pR /www/cgi-bin/* /www/
rm -rf /tmp/luci-*

uci -q set base_config.@status[0].version=$version
uci commit base_config

(
[[ -f "/bin/coremark" && ! -f "/etc/bench.log" && "$(uci -q get wizard.default.coremark)" == '1' ]] && {
		sleep 30
		/bin/coremark >/tmp/coremark.log
		cat /tmp/coremark.log | grep "CoreMark 1.0" | cut -d "/" -f 1 | cut -d "." -f -2 >/etc/bench.log
		sed -i 's/CoreMark 1.0/(CpuMark/g' /etc/bench.log
		echo " Scores)" >>/etc/bench.log
}
) &