Mar 21

Linksys EA6900 刷 FreshTomato,opkg 装 openssh-server (其实是想装 openssh-sftp-server)重启后 SSH 连接不能。telnet 上去发现 dropbear 未启动,手动启动出错:

dropbear -F -E
Early exit: Bad buf_getptr

搞了几个小时,定位问题在 dropbear 的密匙文件,把其它路由器上正常的文件覆盖此路由器 /etc/dropbear/ 下三个文件,则 dropbear 能正常启动。最终解决办法:

nvram unset sshd_hostkey
nvram unset sshd_ecdsakey
nvram unset sshd_dsskey
nvram commit
reboot

原理:这三个密匙都是生成后保存在 nvram 中的,启动时如果没有这三个文件,系统会重新生成。

参考:

https://www.linksysinfo.org/index.php?threads/how-can-i-save-etc-dropbear-during-a-reboot.30485/
http://tomatousb.org/forum/t-311630/how-do-you-change-the-dropbear-host-key-files
https://www.linksysinfo.org/index.php?threads/struggling-to-set-up-ssh-on-shibby.73096/

:twisted: :twisted: :twisted:


Jun 21

这个脚本可以批量删除 NVRAM 中以某些字符串开头的内容:

#/bin/sh
#scriptname: nvram_unset_pro
for _TEMPVAR in `nvram show 2>/dev/null|grep "^$1"|cut -d'=' -f1`;
	do nvram unset $_TEMPVAR;
done

用法:

nvram_unset_pro bt_

这样就删除了所有 bt_ 开头的设置项。

记得删除完成后用

nvram commit

提交,否则路由器重启后又会生成。

Tags:

May 29

2015.07.03 更新,更好的支持 Tomato ARM 版本:

#!/bin/sh

#USE AT YOUR OWN RISK.
#THIS SCRIPT DOES NOT COME WITH ANY WARRANTY WHATSOEVER.
#
#Backs up selected nvram variables in "nvram export --set" format.
#
#Correctly handles multi-line entries.
#
#Thanks to ryzhov_al for basic approach.
#
#Should work equally well with both MIPS and ARM builds.
#
#Looks for a list of items to export in $etc/scriptname.ini
#OR enter items to grep for below.
#
#The items list is a list of regular expressions to match against the
#nvram variable names.
#
#Script assumes all entries are at beginning of line(prefixed with ^).
#
#Leave items list blank to backup up all of nvram.  Resulting in essentially
#the same output as MIPS "nvram export --set"
#
#The items list below is only intended as example and is not complete or
#comprehensive. Customize for your own use.
#

#Edit list below if not using .ini file, it is ignored if .ini file is found
items='
DSCP_
atm_overhead
cifs[1-2]
ctf_
ct_
dhcp_
dhcpd_
ddnsx[0-2]
dnsmasq_
dns_
https_
http_enable
http_lanport
http_wanport
http_passwd
lan_hostname
lan_ipaddr
lan_proto
modem_ipaddr
ne_
new_qoslimit_
nf_
ntp_
portforward
ppp_
pppoe_
qos_
qosl_
router_name
rrule[0-9]
cstats_
rstats_
script_
smbd_
sch_
sshd_eas
sshd_forwarding
sshd_motd
sshd_pass
sshd_port
sshd_remote
sshd_rport
tm_
tomatoanon_
usb_
upnp_
wan_dns
wan_proto
wan_hostname
wan_domain
wan_hwaddr
wan_mtu
web_css
web_mx
wl[0-9]_security_mode
wl[0-9]_ssid
wl[0-9]_wpa_psk
'

etc=/opt/etc
base=${0##*/}; base=${base%.*}
config=$etc/$base.ini

#file to output - default to stdout
filename="$1"
curr_date=$(date +"%Y-%m-%d")
if [ $# -eq 0 -o "$filename" = "" ]; then
    backupfile="/opt/etc/init.d/nvram_backup-${curr_date}.txt"
else
    backupfile="/opt/etc/init.d/${filename}-${curr_date}.txt"
fi

grepstr=$( { [ -r $config ] && cat $config || echo "$items" ; } | sed -e 's/[t ]//g;/^$/d' | sed ':a;N;$!ba;s/n/\|^/g')

{
echo "#Exporting $grepstr"
for item in $(nvram show 2>/dev/null | grep "^.*=" | grep "$grepstr" | grep -v "hwaddr" | awk -F= "{print $1}" | sort -u)
do
  item_value="$(nvram get $item | sed 's!([$\"`])!\1!g'; echo nvgetwasnull)"
  case $item_value in
  nvgetwasnull) ;;
  *) echo "nvram set ${item}=\"${item_value%
nvgetwasnull}\"" ;;
  esac
done
}>"$backupfile"

比较完美的解决了多行文本框内容的备份,例如脚本等处。

#!/bin/sh

#
#USE AT YOUR OWN RISK.
#THIS SCRIPT DOES NOT COME WITH ANY WARRANTY WHATSOEVER.
#

#file to output
backupfile='/mnt/optware/opt/etc/init.d/nvram_restore.sh'

#Enter strings to grep for here.
#
#Use heredocs to build grep from one entry per
#line for ease of maintenance.
#
#Could easily be changed to read external config file.
#
#sed is not my best skill - there may well be cleaner syntax, and
#admittedly this is some quick cut and paste from another script
grepstr=$(cat << EOF |  sed -e 's/[t ]//g;/^$/d' | sed ':a;N;$!ba;s/n/\|/g'
^dhcp_
^dhcpd_
^ddnsx
^dnsmasq
^dns_
^https_
^http_passwd
^lan_hostname
^lan_ipaddr
^wan_dns
^wan_proto
^wan_hostname
^wan_domain
^wan_hwaddr
^router_name
^modem_ipaddr
^rrule1
^cstats_
^rstats_
^qos
^new_qoslimit_
^ctf_
^ct_
^bt_
^ne_
^nf_
^ntp_
^smbd_
^usb_
^upnp_
^script_
^wl[0-9]_security_mode
^wl[0-9]_ssid
^wl[0-9]_wpa_psk
^cifs[0-9]
EOF
)

#uncomment next line if you want to see what above creates
#echo $grepstr
[ -e $backupfile ] && rm $backupfile

echo "echo Restoring NVRAM settings" > $backupfile
echo "echo Note: This will overwrite your current NVRAM settings in NVRAM," >> $backupfile
echo "echo but they will not be permanent unless you do a 'nvram commit'" >> $backupfile

echo "echo Restore NVRAM rules..." >> $backupfile
echo Exporting NVRAM rules to $backupfile

#Below mostly from ryzhov_al
#sed to escape chars is mine, may not be complete.

for item in $(nvram show | grep "$grepstr"  | awk -F= "{print $1}")
do
    item_value=$(nvram get ${item} | sed 's!([$\"`])!\1!g')
    echo "nvram set ${item}=\"$item_value\"" >> $backupfile
done

echo "echo Restore of NVRAM settings complete" >> $backupfile
echo "echo To make them permanent, do: nvram commit" >> $backupfile

chmod +x $backupfile

echo NVRAM settings have been exported to $backupfile
echo Now feel free to try new settings
echo To restore from backup, type: $backupfile

感谢 linksysinfo 的高手们!


Apr 03

ASUS RT-N16 可谓好玩又不容易死的一款路由,内存大闪存大就是 NVRAM 尺寸太小,才 32k 。(新的 Linksys 路由器都是 64k)

我的16还加了 5G 网卡,又多了一堆设置,开机就剩余 8k 不到,这样的话,多写几个脚本,加多几个静态 IP 就不够用,G 了一下,DD-WRT Wiki 有答案,随意改一下 Tomato 就能用:

test -f /tmp/nvramshow && rm /tmp/nvramshow
nvram show >> /tmp/nvramshow
i=0
while read -r line; do
val=${line#*=}
var=${line%*=}
if [[ "$val" == "" ]] && [[ "$var" != "wl_wpa_psk" ]]; then
nvram unset $var
fi
i=`expr $i + 1`
if [[ $i == 50 ]]; then
sleep 2
i=0
fi
done < /tmp/nvramshow
exit 0

原理就是把 NVRAM 设置里面那些值为空的全部删掉,这样大约能节省出 3-5k 出来~ :mrgreen:

简化版:(会丢失无线密码,请重设!)

for line in $(nvram show | grep =$); do var=${line%*=}; nvram unset $var;
done
nvram commit