-
Notifications
You must be signed in to change notification settings - Fork 17
ancistrus core package
opkg update && opkg install ancistrus-core
Packages included: nvram
nvram variable settings: many (see next).
ancistrus-core (core) anc multi-binary is a bridge between original firmware and work modifications.
It is compound by:
-
Web GUI interface;
-
Dsl Tweaking module to integrate dsl driver configuration settings;
-
Service Inhibitions to inhibit some services from running;
-
Schedule Events to add/remove cronjobs;
-
Personal Instructions pre/post service commands, runlevel kill/startup module, to integrate the above fw module and all the router services with these firmware modifications;
-
Wake on Lan to wake up local ethernet devices.
-
Utilities with useful stuffs.
-
all the nvram settings treatments included into modified libscnvram.so and some useful conversion tools;
-
firewall creation rules module integrating with internal firewall service to enable remote services or else;
Use anc nvram < option > for generic setting manipulation and permanent storage.
Type anc nvram for nvram detailed help.
See the related usage help next.
Typical example is setting up qos-sqm package var settings.
All settings can be setup at once with:
anc nvram set qos_enable 1 qos_uplink_rate 400 qos_dwlink_rate 15000 ... VARN VALN
Finally, settings must be stored permanently with:
anc nvram commit or nvram commit .
They can also be setup singularly with:
anc nvram set qos_enable 1
anc nvram set qos_uplink_rate 400
anc nvram set qos_dwlink_rate 15000
...
anc nvram set VARN VALN
anc nvram commit .
To empty a setting, reverting it to its default value, type:
anc nvram set VARN ""
anc nvram commit .
Or as well, to remove a setting completely, reverting it to its default value, type:
anc nvram unset VARN
anc nvram commit .
If you wanna look for previously stored value, type:
anc nvram get qos_enable qos_uplink_rate qos_dwlink_rate ... VARN
or singularly with
anc nvram get qos_enable
anc nvram get qos_uplink_rate
anc nvram get qos_dwlink_rate
...
anc nvram get VARN .
libscnvram has been updated with more internal options making setting treatment easier & more flexible.
Nvram settings are included into a binary file ( /tmp/nvram ) containing a list of var=value separated by NULL endofstring (\0) char.
This file is loaded from a dedicated flash partition (mounted in /config/nvram ) by nvram init and then mounted into ram ( /tmp ).
At the end of the nvram file there's another NULL (so last 2 chars are NULLNULL).
var1=val1NULLvar2=val2NULL...NULLqos_dwlink_rate=15000NULLqos_disc=fq_codelNULLqos_llam=tc_stabNULLqos_ignore_dscp_ingress=1NULLNULL
Each nvram var can also be compound of subvars.
Each subvar is separated by \1 char (separator) at the end: first subval doesn't start with \1 and the last doesn't finish with \1.
So a var with a single subvar is equivalent to a simple var.
varlist=var1\1var2\1var3\1...varn
The volatile settings /tmp/nvram are saved permanently into its flash partition by nvram commit .
There is also another nvram file, volatile only, called /tmp/nvram.bcm dedicated to broadcom settings: generally not needed for this usage.
Some other nvram temporary files are located in /tmp/nv/ and they are referred to internal system usage (firewall, wan connection, web interface ... ).
anc nvram show: nvram name=value list & status.
anc nvram get var1 var2 ... varn: get a var series: output is var1=val1 var2=val2 ... varn=valn
anc nvram dget var1 def1 var2 def2 ... varn defn: get a var series with default value: output is var1=val1 var2=val2 ... varn=valn. If val1 val2 ... valn is void/empty/missed, output is the default value def1 def2 ... defn .
anc nvram rget var1: get the value of a single var: output is val1 (without var1=) .
anc nvram drget var1 def1: get the value of a single var: output is val1 (without var1=) . If val1 is void/empty/missed, output is def1 .
anc nvram set var1 val1 var2 val2 ... varn valn: set vars.
anc nvram unset var1 var2 ... varn: unset vars.
anc nvram add varlist subval1 subval2 .. subvaln: append subvars at the end of the queue: if var not existing, create it, if val already existing shift at last.
anc nvram append varlist subval1 subval2 .. subvaln: same as anc nvram add .
anc nvram delete varlist subval1 subval2 .. subvaln: delete a subvar: if not existing, do nothing.
anc nvram insert varlist subval1 subval2 .. subvaln: insert a subvar at the beginning of the queue: if varlist not existing, create it, if subval already existing, shift as first.
anc nvram change varlist subval1 subval2 ... subvalm subvaln: make a substitution of a subval1 with a new one subval2: if varlist or subval1 not existing or subval1==subval2, do nothing.
anc nvram reset: reset to default settings.
anc nvram init: load nvram from flash: use with caution, will delete all settings not already committed.
anc nvram commit: save settings permanently to flash (equivalent of nvram commit).
Virtual server rules & port translation for host machines can already be done with the original web GUI so no need for this.
Add/delete an inbound firewall ruleset redirected to the router itself with the command:
anc fw <router|remote> <add|del> <ls|pf> <chainname> <udp|tcp|tcp/udp> <remport> <locport> .
Explanation:
<router|remote> : router for no inbound restriction, remote to follow the Remote Management web GUI page restrictions: in this case, go to the web interface Remote Management page and choose one of the Allow Remote Access By selection modes: single ip range ip list ip (fill the empty fields) or choose Everyone (default). Then Apply.
<add|del> : add or remove the ruleset.
<ls|pf> : local service or port forwarding (generally only the first is used).
<chainname> : name of the iptables chains you want to give (max 32 chars): typically the name of the service to be created.
<udp|tcp|tcp/udp> : the connection protocol: tcp, udp or both tcp/udp
<remport> : the remote port range connection in the form: startport-endport . If the port is single startport is equal to endport.
<locport> : the internal local port range connection in the form: startport-endport . If the port is single startport is equal to endport. This portrange can be equal to remport range if no port translation is needed or same port is required.
Save rules permanently typing:
anc nvram add anc_fwup_opt "<rule>"
Delete a previously inserted rule typing:
anc nvram del anc_fwup_opt "<rule>"
Empty rules typing:
anc nvram unset anc_fwup_opt
Example:
Create a ruleset for an inbound ssh connection to the router (Note: openssh package does already this):
Create the ruleset typing:
anc fw remote add ls SSH tcp 8222 22
Save rule with:
anc nvram add anc_fwup_opt "anc fw remote add ls SSH tcp 8222 22"
nvram commit