Ubnt ER-X 安装配置
基础安装配置
初始化
网线接入第一个网口(只能第一个网口),通过浏览器访问控制台,初始化配置
开启硬件NAT
开启NAT需要使用SSH登陆,帐户为在初始化设置的管理员账户
show ubnt offload
configure
set system offload hwnat enable
commit
save
sudo reboot
高级配置
UPNP
UPNP可以让你的设备点对点通信,以及自动的NAT穿透
以下配置仅适配PPPOE模式,不适配DHCP模式
show ubnt offload
sudo su
configure
set service upnp2 wan pppoe0
set service upnp2 listen-on switch0
set service upnp2 nat-pmp enable
set service upnp2 secure-mode enable
commit
save
exit
sudo reboot
DDNS
配置DDNS
vi /config/scripts/aliddns/aliddns_erx.sh
#!/bin/sh
aliddns_ak=ak #ak
aliddns_sk=sk #sk
aliddns_name=home
aliddns_domain=xxx.online
aliddns_type=A
aliddns_dns=223.5.5.5
aliddns_record_id=""
aliddns_ttl=600
aliddns_version=1.0
now=`date`
die () {
echo $1
}
file_name="/tmp/aliddns_$aliddns_name.$aliddns_domain.$aliddns_type.id";
if [ -f "$file_name" ];then
aliddns_record_id=`cat $file_name`;
else
aliddns_record_id=""
fi
ip=`ip addr show dev pppoe0 |awk -F" " 'NR==3 {print $2}'`
current_ip=`host $aliddns_name.$aliddns_domain $aliddns_dns |grep 'has address' 2>&1`
echo "curl_ip: $ip dns_ip:$current_ip"
if [ "$?" -eq "0" ]
then
current_ip=`echo "$current_ip" | tail -n1|awk -F ' ' '{print $4}'`
echo "dns_ip:$current_ip"
if [ "$ip" = "$current_ip" ]
then
echo "skipping"
exit 0
fi
fi
timestamp=`date -u "+%Y-%m-%dT%H%%3A%M%%3A%SZ"`
urlencode() {
# urlencode <string>
out=""
while read -n1 c
do
case $c in
[a-zA-Z0-9._-]) out="$out$c" ;;
*) out="$out`printf '%%%02X' "'$c"`" ;;
esac
done
echo -n $out
}
enc() {
echo -n "$1" | urlencode
}
send_request() {
local args="AccessKeyId=$aliddns_ak&Action=$1&Format=json&$2&Version=2015-01-09"
local hash=$(echo -n "GET&%2F&$(enc "$args")" | openssl dgst -sha1 -hmac "$aliddns_sk&" -binary | openssl base64)
#echo "http://alidns.aliyuncs.com/?$args&Signature=$(enc "$hash")"
curl -s "http://alidns.aliyuncs.com/?$args&Signature=$(enc "$hash")"
}
get_recordid() {
grep -Eo '"RecordId":"[0-9]+"' | cut -d':' -f2 | tr -d '"'
}
query_recordid() {
send_request "DescribeSubDomainRecords" "SignatureMethod=HMAC-SHA1&SignatureNonce=$timestamp&SignatureVersion=1.0&SubDomain=$aliddns_name.$aliddns_domain&Timestamp=$timestamp&Type=$aliddns_type"
}
update_record() {
send_request "UpdateDomainRecord" "RR=$aliddns_name&RecordId=$1&SignatureMethod=HMAC-SHA1&SignatureNonce=$timestamp&SignatureVersion=1.0&TTL=$aliddns_ttl&Timestamp=$timestamp&Type=$aliddns_type&Value=$(enc "$ip")"
}
add_record() {
send_request "AddDomainRecord&DomainName=$aliddns_domain" "RR=$aliddns_name&SignatureMethod=HMAC-SHA1&SignatureNonce=$timestamp&SignatureVersion=1.0&TTL=$aliddns_ttl&Timestamp=$timestamp&Type=$aliddns_type&Value=$(enc "$ip")"
}
if [ "$aliddns_record_id" = "" ]
then
aliddns_record_id=`query_recordid | get_recordid`
fi
if [ "$aliddns_record_id" = "" ]
then
aliddns_record_id=`add_record | get_recordid`
echo "added record $aliddns_record_id"
else
update_record $aliddns_record_id
echo "updated record $aliddns_record_id"
fi
# save to file
if [ "$aliddns_record_id" = "" ]; then
# failed
echo "aliddns_record_id null"
else
#dbus ram aliddns_record_id=$aliddns_record_id
echo $aliddns_record_id > $file_name
配置计划任务
sudo crontab -e
*/10 * * * * sh /config/scripts/aliddns/aliddns_erx.sh