部分文件,仅供参考,具体使用请参照官方说明:http://luci.subsignal.org/api/luci/modules/luci.model.uci.html
1.batmandconfig batmand general option interface ath0 option announce option gateway_class option originator_interval option preferred_gateway option routing_class option visualisation_srv option policy_routing_script
config service "myddns" option enabled "0" option service_name "dyndns.org" option domain "mypersonaldomain.dyndns.org" option username "myusername" option password "mypassword" option ip_source "network" option ip_network "wan" option force_interval "72" option force_unit "hours" option check_interval "10" option check_unit "minutes" #option ip_source "interface" #option ip_interface "eth0.1" #option ip_source "web" #option ip_url "http://www.whatismyip.com/automation/n09230945.asp" #option update_url "http://[USERNAME]:[PASSWORD]@members.dyndns.org/nic/update?hostname=[DOMAIN]&myip=[IP]"
config dnsmasq option domainneeded 1 option boguspriv 1 option filterwin2k ‘0‘ #enable for dial on demand option localise_queries 1 option local ‘/lan/‘ option domain ‘lan‘ option expandhosts 1 option nonegcache 0 option authoritative 1 option readethers 1 option leasefile ‘/tmp/dhcp.leases‘ option resolvfile ‘/tmp/resolv.conf.auto‘ config dhcp option interface lan option start 100 option limit 150 option leasetime 12h config dhcp option interface wan option ignore 1
config dropbear option PasswordAuth ‘on‘ option Port ‘22‘
config defaults option syn_flood 1 option input DROP option output ACCEPT option forward DROP config zone option name lan option input ACCEPT option output ACCEPT option forward DROP config zone option name wan option input DROP option output ACCEPT option forward DROP option masq 1 config forwarding option src lan option dest wan ### EXAMPLE CONFIG SECTIONS # do not allow a specific ip to access wan #config rule # option src lan # option src_ip 192.168.45.2 # option dest wan # option proto tcp # option target REJECT # block a specific mac on wan #config rule # option dest wan # option src_mac 00:11:22:33:44:66 # option target REJECT # block incoming ICMP traffic on a zone #config rule # option src lan # option proto ICMP # option target DROP # port redirect port coming in on wan to lan #config redirect # option src wan # option src_dport 80 # option dest lan # option dest_ip 192.168.16.235 # option dest_port 80 # option protocol tcp # include a file with users custom iptables rules #config include # option path /etc/firewall.user ### FULL CONFIG SECTIONS #config rule # option src lan # option src_ip 192.168.45.2 # option src_mac 00:11:22:33:44:55 # option src_port 80 # option dest wan # option dest_ip 194.25.2.129 # option dest_port 120 # option proto tcp # option target REJECT #config redirect # option src lan # option src_ip 192.168.45.2 # option src_mac 00:11:22:33:44:55 # option src_port 1024 # option src_dport 80 # option dest_ip 194.25.2.129 # option dest_port 120 # option proto tcp
config mount option target /home option device /dev/sda1 option fstype ext3 option options rw,sync option enabled 0 config swap option device /dev/sda2 option enabled 0
config ‘httpd‘ option ‘port‘ ‘80‘ option ‘home‘ ‘/www‘
config ‘core‘ ‘main‘ option ‘lang‘ ‘auto‘ option ‘resourcebase‘ ‘/luci-static/resources‘ option ‘_niuinit‘ ‘1‘ option ‘mediaurlbase‘ ‘/luci-static/Todaair‘ config ‘extern‘ ‘flash_keep‘ option ‘uci‘ ‘/etc/config/‘ option ‘dropbear‘ ‘/etc/dropbear/‘ option ‘openvpn‘ ‘/etc/openvpn/‘ option ‘passwd‘ ‘/etc/passwd‘ option ‘opkg‘ ‘/etc/opkg.conf‘ option ‘firewall‘ ‘/etc/firewall.user‘ option ‘uploads‘ ‘/lib/uci/upload/‘ config ‘internal‘ ‘languages‘ option ‘pt_br‘ ‘Português (Brasil)‘ option ‘de‘ ‘Deutsch‘ option ‘fr‘ ‘Fran?ais‘ option ‘he‘ ‘????????‘ option ‘es‘ ‘Espa?ol‘ option ‘ro‘ ‘Roman?‘ option ‘it‘ ‘Italiano‘ option ‘pt‘ ‘Português‘ option ‘no‘ ‘Norsk‘ option ‘ru‘ ‘Русский‘ option ‘ms‘ ‘Bahasa Melayu‘ option ‘ja‘ ‘日本語‘ option ‘ca‘ ‘Català‘ option ‘el‘ ‘Ελληνικ?‘ option ‘vi‘ ‘Ti?ng Vi?t‘ option ‘en‘ ‘English‘ option ‘zh_cn‘ ‘chinese‘ config ‘internal‘ ‘sauth‘ option ‘sessionpath‘ ‘/tmp/luci-sessions‘ option ‘sessiontime‘ ‘3600‘ config ‘internal‘ ‘ccache‘ option ‘enable‘ ‘1‘ config ‘internal‘ ‘themes‘ option ‘Fledermaus‘ ‘/luci-static/fledermaus‘ option ‘Todaair‘ ‘/luci-static/Todaair‘ option ‘Freifunk_BNO‘ ‘/luci-static/freifunk-bno‘ option ‘OpenWrt‘ ‘/luci-static/openwrt.org‘ option ‘Freifunk‘ ‘/luci-static/freifunk‘ option ‘MyTheme‘ ‘/luci-static/Todaair‘ option ‘Freifunk_Hannover‘ ‘/luci-static/freifunk-hannover‘ option ‘Freifunk_Generic‘ ‘/luci-static/freifunk-generic‘ option ‘OpenWrtOxygen‘ ‘/luci-static/openwrt.org-oxygen‘ option ‘Oxygen‘ ‘/luci-static/oxygen‘
config lucid main
option pollinterval 15000
option daemon 1
option debug 1
list supports tcpserver
list supports server
config DirectoryPublisher webroot
option name ‘Webserver Share‘
option physical host/www
option virtual ‘‘
option domain ‘‘
config LuciWebPublisher luciweb
option name ‘LuCI Webapplication‘
option physical ‘‘
list virtual /luci
option domain ‘‘
option home 1
config RPCPublisher mainrpc
option namespace ‘luci.lucid.rpc‘
list export system
list export ruci
list exec ‘:lo‘
list exec ‘root‘
config tcpserver httpd
option entrypoint "luci.lucid.http"
list supports DirectoryPublisher
list supports LuciWebPublisher
config tcpserver rpcd
option entrypoint "luci.lucid.rpc"
list supports RPCPublisher
config daemon http
option slave httpd
list address 8080
list publisher webroot
list publisher luciweb
option enabled 1
config daemon https
option slave httpd
list address 4443
list publisher webroot
list publisher luciweb
option enabled 1
option encryption enable
option tls sdk_tls
config tls sdk_tls
option generate 1
option key /tmp/lucid-tls.key
option cert /tmp/lucid-tls.cert
option type asn1
config daemon rpc
option slave rpcd
list address 12900
list publisher mainrpc
option enabled 1
config ‘daemon‘ ‘splashr‘
option ‘slave‘ ‘httpd‘
list ‘address‘ ‘8082‘
list ‘publisher‘ ‘splashredir‘
option ‘enabled‘ ‘1‘
config ‘Redirector‘ ‘splashredir‘
option ‘name‘ ‘Splashd‘
option ‘virtual‘ ‘/‘
option ‘physical‘ ‘:80/luci/splash‘config ‘smap_scannet‘ ‘SIP_LAN‘
option ‘enable‘ ‘0‘
option ‘interface‘ ‘lan‘
option ‘subnet‘ ‘192.168.99.0/24‘
option ‘ports‘ ‘5060‘
option ‘timeout‘ ‘10‘
option ‘repeat_count‘ ‘1‘
option ‘sleepreq‘ ‘100‘
config ‘smap_scannet‘ ‘SIP_WAN‘
option ‘enable‘ ‘0‘
option ‘interface‘ ‘wan‘
option ‘subnet‘ ‘216.218.0.0/16‘
config ‘netdiscover_scannet‘ ‘SCAN_LAN‘
option ‘enable‘ ‘0‘
option ‘interface‘ ‘lan‘
option ‘subnet‘ ‘192.168.99.0/24‘
config ‘netdiscover_scannet‘ ‘SCAN_WAN‘
option ‘enable‘ ‘0‘
option ‘interface‘ ‘wan‘
option ‘subnet‘ ‘216.218.0.0/16‘
option ‘ports‘ ‘5060‘
option ‘timeout‘ ‘10‘
option ‘repeat_count‘ ‘1‘
option ‘sleepreq‘ ‘100‘config ‘olsr‘ ‘general‘ option ‘resolve‘ ‘1‘
config core general option leasetime 1
config ‘statistics‘ ‘rrdtool‘
option ‘default_timespan‘ ‘1hour‘
option ‘image_width‘ ‘600‘
option ‘image_path‘ ‘/tmp/rrdimg‘
config ‘statistics‘ ‘collectd‘
option ‘BaseDir‘ ‘/var/run/collectd‘
option ‘Include‘ ‘/etc/collectd/conf.d‘
option ‘PIDFile‘ ‘/var/run/collectd.pid‘
option ‘PluginDir‘ ‘/usr/lib/collectd‘
option ‘TypesDB‘ ‘/usr/share/collectd/types.db‘
option ‘Interval‘ ‘30‘
option ‘ReadThreads‘ ‘2‘
config ‘statistics‘ ‘collectd_ping‘
option ‘enable‘ ‘0‘
option ‘TTL‘ ‘127‘
option ‘Interval‘ ‘30‘
option ‘Hosts‘ ‘127.0.0.1‘
config ‘statistics‘ ‘collectd_csv‘
option ‘enable‘ ‘0‘
option ‘StoreRates‘ ‘0‘
option ‘DataDir‘ ‘/tmp‘
config ‘statistics‘ ‘collectd_df‘
option ‘enable‘ ‘0‘
option ‘Devices‘ ‘/dev/mtdblock/4‘
option ‘MountPoints‘ ‘/jffs‘
option ‘FSTypes‘ ‘tmpfs‘
option ‘IgnoreSelected‘ ‘0‘
config ‘statistics‘ ‘collectd_disk‘
option ‘enable‘ ‘0‘
option ‘Disks‘ ‘hda1 hdb‘
option ‘IgnoreSelected‘ ‘0‘
config ‘statistics‘ ‘collectd_dns‘
option ‘enable‘ ‘0‘
option ‘Interfaces‘ ‘ffdhcp ff br-lan‘
option ‘IgnoreSources‘ ‘127.0.0.1‘
config ‘statistics‘ ‘collectd_email‘
option ‘enable‘ ‘0‘
option ‘SocketFile‘ ‘/var/run/collectd/email.sock‘
option ‘SocketGroup‘ ‘nogroup‘
config ‘statistics‘ ‘collectd_exec‘
option ‘enable‘ ‘1‘
config ‘collectd_exec_input‘
option ‘cmdline‘ ‘/usr/bin/stat-input-olsr‘
config ‘collectd_exec_notify‘
option ‘cmdline‘ ‘/usr/bin/stat-output-syslog‘
config ‘statistics‘ ‘collectd_interface‘
option ‘enable‘ ‘1‘
option ‘Interfaces‘ ‘br-lan br-ff‘
option ‘IgnoreSelected‘ ‘0‘
config ‘statistics‘ ‘collectd_iptables‘
option ‘enable‘ ‘1‘
config ‘collectd_iptables_match‘
option ‘table‘ ‘nat‘
option ‘chain‘ ‘luci_fw_postrouting‘
option ‘target‘ ‘MASQUERADE‘
option ‘source‘ ‘192.168.1.0/24‘
option ‘outputif‘ ‘br-ff‘
option ‘name‘ ‘Verkehr LAN-Clients‘
config ‘collectd_iptables_match‘
option ‘chain‘ ‘luci_fw_postrouting‘
option ‘table‘ ‘nat‘
option ‘target‘ ‘MASQUERADE‘
option ‘source‘ ‘10.61.230.0/24‘
option ‘outputif‘ ‘br-ff‘
option ‘name‘ ‘Verkehr WLAN-Clients‘
config ‘statistics‘ ‘collectd_irq‘
option ‘enable‘ ‘0‘
option ‘Irqs‘ ‘2 3 4 7‘
config ‘statistics‘ ‘collectd_load‘
option ‘enable‘ ‘1‘
config ‘statistics‘ ‘collectd_logfile‘
option ‘enable‘ ‘0‘
option ‘LogLevel‘ ‘notice‘
option ‘File‘ ‘/var/log/collectd.log‘
option ‘Timestamp‘ ‘1‘
config ‘statistics‘ ‘collectd_netlink‘
option ‘enable‘ ‘0‘
option ‘IgnoreSelected‘ ‘0‘
option ‘VerboseInterfaces‘ ‘br-lan br-ff‘
option ‘QDiscs‘ ‘br-lan br-ff‘
config ‘statistics‘ ‘collectd_network‘
option ‘enable‘ ‘0‘
config ‘collectd_network_listen‘
option ‘host‘ ‘0.0.0.0‘
config ‘collectd_network_server‘
option ‘host‘ ‘0.0.0.0‘
config ‘statistics‘ ‘collectd_processes‘
option ‘enable‘ ‘1‘
config ‘statistics‘ ‘collectd_tcpconns‘
option ‘enable‘ ‘1‘
option ‘ListeningPorts‘ ‘0‘
option ‘LocalPorts‘ ‘22 80‘
config ‘statistics‘ ‘collectd_unixsock‘
option ‘enable‘ ‘0‘
option ‘SocketFile‘ ‘/var/run/collectd/query.sock‘
option ‘SocketGroup‘ ‘nogroup‘
config ‘statistics‘ ‘collectd_wireless‘
option ‘enable‘ ‘1‘
config ‘statistics‘ ‘collectd_cpu‘
option ‘enable‘ ‘1‘
config ‘statistics‘ ‘collectd_rrdtool‘
option ‘enable‘ ‘1‘
option ‘DataDir‘ ‘/tmp‘
option ‘RRARows‘ ‘100‘
option ‘RRASingle‘ ‘1‘
option ‘RRATimespans‘ ‘10min 1hour 1day 1week 1month 1year‘config ‘mactodevinfo‘ option ‘maclow‘ ‘00:19:15:00:00:00‘ option ‘machigh‘ ‘00:19:15:ff:ff:ff‘ option ‘vendor‘ ‘Vertical Communications‘ option ‘devtype‘ ‘SIP devices‘ option ‘model‘ ‘varies‘ option ‘ouiowneroverride‘ ‘Some company‘ option ‘name‘ ‘Vertical XIP and Phones‘
#### VLAN configuration config switch eth0 option vlan0 "0 1 2 3 5*" option vlan1 "4 5" #### Loopback configuration config interface loopback option ifname "lo" option proto static option ipaddr 127.0.0.1 option netmask 255.0.0.0 #### LAN configuration config interface lan option type bridge option ifname "eth0" option proto static option ipaddr 192.168.1.1 option netmask 255.255.255.0 #### WAN configuration config interface wan option ifname "wlan0" option proto dhcp
config ntpserver option hostname ‘0.openwrt.pool.ntp.org‘ option port ‘123‘ config ntpserver option hostname ‘1.openwrt.pool.ntp.org‘ option port ‘123‘ config ntpserver option hostname ‘2.openwrt.pool.ntp.org‘ option port ‘123‘ config ntpserver option hostname ‘3.openwrt.pool.ntp.org‘ option port ‘123‘ config ntpdrift option freq ‘0‘ config ntpclient option interval 60 #option count 10
#
# Routed point-to-point server
#
config openvpn_recipe server_tun_ptp
option _description "Simple server configuration for a routed point-to-point VPN"
option _role "server"
option dev "tun"
option ifconfig "10.0.0.1 10.0.0.2"
option secret "shared-secret.key"
option keepalive "10 60"
option comp_lzo "1"
option verb "3"
option mssfix "1420"
option management "127.0.0.1 31194"
#
# Routed point-to-point client
#
config openvpn_recipe client_tun_ptp
option _description "Simple client configuration for a routed point-to-point VPN"
option _role "client"
option dev "tun"
list remote "vpnserver.example.org"
option ifconfig "10.0.0.2 10.0.0.1"
option secret "shared-secret.key"
option nobind "1"
option comp_lzo "1"
option verb "3"
option management "127.0.0.1 31194"
#
# Routed multi-client server
#
config openvpn_recipe server_tun
option _description "Server configuration for a routed multi-client VPN"
option _role "server"
option dev "tun"
option server "10.0.100.0 255.255.255.0"
option ca "ca.crt"
option cert "server.crt"
option key "server.key"
option dh "dh1024.pem"
option keepalive "10 60"
option comp_lzo "1"
option verb "3"
option mssfix "1420"
option management "127.0.0.1 31194"
#
# Routed client
#
config openvpn_recipe client_tun
option _description "Client configuration for a routed multi-client VPN"
option _role "client"
option client "1"
option dev "tun"
list remote "vpnserver.example.org"
option pkcs12 "my_client.p12"
option remote_cert_tls "server"
option comp_lzo "1"
option nobind "1"
option persist_key "1"
option persist_tun "1"
option verb "3"
option reneg_sec "0"
option float "1"
option management "127.0.0.1 31194"
#
# Multi-client ethernet bridge server
#
config openvpn_recipe server_tap_bridge
option _description "Server configuration for an ethernet bridge VPN"
option _role "server"
option dev "tap"
option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
option ca "ca.crt"
option cert "server.crt"
option key "server.key"
option dh "dh1024.pem"
option keepalive "10 60"
option comp_lzo "1"
option verb "3"
option mssfix "1420"
option management "127.0.0.1 31194"
#
# Ethernet bridge client
#
config openvpn_recipe client_tap_bridge
option _description "Client configuration for an ethernet bridge VPN"
option _role "client"
option client "1"
option dev "tap"
list remote "vpnserver.example.org"
option ca "ca.crt"
option cert "my_client.crt"
option key "my_client.key"
option dh "dh1024.pem"
option remote_cert_tls "server"
option comp_lzo "1"
option nobind "1"
option persist_key "1"
option verb "3"
option reneg_sec "0"
option float "1"
option management "127.0.0.1 31194"config ‘main‘ ‘connection_status‘
config ‘settings‘ ‘advanced‘
option ‘useragent‘ ‘PBX‘
option ‘ringtime‘ ‘30‘
option ‘rtpstart‘ ‘19850‘
option ‘rtpend‘ ‘19900‘config ‘call_routing‘ ‘outgoing_calls‘ config ‘call_routing‘ ‘incoming_calls‘ config ‘call_routing‘ ‘providers_user_can_use‘ config ‘call_routing‘ ‘blacklisting‘
21.pbx-google
config ‘user‘ ‘server‘
config ‘voicemail‘ ‘global_voicemail‘ config ‘voicemail‘ ‘voicemail_smtp‘ config ‘voicemail‘ ‘voicemail_log‘
23.pbx-voip
# QoS configuration for OpenWrt # INTERFACES: config interface wan option classgroup "Default" option enabled 1 option overhead 1 option upload 128 option download 1024 # RULES: config classify option target "Bulk" option ipp2p "all" config classify option target "Bulk" option layer7 "edonkey" config classify option target "Bulk" option layer7 "bittorrent" config classify option target "Priority" option ports "22,53" config classify option target "Normal" option proto "tcp" option ports "20,21,25,80,110,443,993,995" config classify option target "Express" option ports "5190" config default option target "Express" option proto "udp" option pktsize "-500" config reclassify option target "Priority" option proto "icmp" config default option target "Bulk" option portrange "1024-65535" config reclassify option target "Priority" option proto "tcp" option pktsize "-128" option mark "!Bulk" option tcpflags "SYN" config reclassify option target "Priority" option proto "tcp" option pktsize "-128" option mark "!Bulk" option tcpflags "ACK" # Don‘t change the stuff below unless you # really know what it means :) config classgroup "Default" option classes "Priority Express Normal Bulk" option default "Normal" config class "Priority" option packetsize 400 option maxsize 400 option avgrate 10 option priority 20 config class "Priority_down" option packetsize 1000 option avgrate 10 config class "Express" option packetsize 1000 option maxsize 800 option avgrate 50 option priority 10 config class "Normal" option packetsize 1500 option packetdelay 100 option avgrate 10 option priority 5 config class "Normal_down" option avgrate 20 config class "Bulk" option avgrate 1 option packetdelay 200
config siit ipv4 option pool "77.87.52.0/22" option netsize "29" config siit ipv6 option ula_prefix "fd00::" option ula_global "00ca:ffee:babe::" option ula_subnet "0000:0000:0000:dada::" option siit_prefix "::ffff:0000:0000" config siit wifi option essid "6mesh.freifunk.net" option bssid "02:25:c3:ca:ff:ee" option channel "1"
config ‘system‘ option ‘hostname‘ ‘OpenWrt‘ option ‘zonename‘ ‘UTC‘ option ‘timezone‘ ‘GMT0‘ option ‘conloglevel‘ ‘8‘ option ‘cronloglevel‘ ‘8‘
config ‘network‘ option ‘init‘ ‘network‘ list ‘affects‘ ‘dhcp‘ list ‘affects‘ ‘radvd‘ config ‘wireless‘ list ‘affects‘ ‘network‘ config ‘firewall‘ option ‘init‘ ‘firewall‘ list ‘affects‘ ‘luci-splash‘ list ‘affects‘ ‘qos‘ list ‘affects‘ ‘miniupnpd‘ config ‘olsr‘ option ‘init‘ ‘olsrd‘ config ‘dhcp‘ option ‘init‘ ‘dnsmasq‘ config ‘dropbear‘ option ‘init‘ ‘dropbear‘ config ‘httpd‘ option ‘init‘ ‘httpd‘ config ‘fstab‘ option ‘init‘ ‘fstab‘ config ‘qos‘ option ‘init‘ ‘qos‘ config ‘system‘ option ‘init‘ ‘led‘ list ‘affects‘ ‘luci_statistics‘ config ‘luci_splash‘ option ‘init‘ ‘luci_splash‘ config ‘upnpd‘ option ‘init‘ ‘miniupnpd‘ config ‘ntpclient‘ option ‘init‘ ‘ntpclient‘ config ‘samba‘ option ‘init‘ ‘samba‘ config ‘tinyproxy‘ option ‘init‘ ‘tinyproxy‘ config ‘meshwizard‘ ‘meshwizard‘ option ‘exec‘ ‘/etc/init.d/wizard boot‘ config ‘p910nd‘ option ‘init‘ ‘p910nd‘ config ‘radvd‘ option ‘init‘ ‘radvd‘ config ‘freifunk_p2pblock‘ option ‘init‘ ‘freifunk-p2pblock‘ config ‘luci_statistics‘ option ‘init‘ ‘luci_statistics‘ config ‘ushare‘ option ‘init‘ ‘ushare‘ config ‘olsrd‘ option ‘init‘ ‘olsrd‘ config ‘vnstat‘ option ‘init‘ ‘vnstat‘ config ‘mmc_over_gpio‘ option ‘init‘ ‘mmc_over_gpio‘ config ‘polipo‘ option ‘init‘ ‘polipo‘ config ‘ahcpd‘ option ‘init‘ ‘ahcpd‘ config ‘hd-idle‘ option ‘init‘ ‘hd-idle‘ config ‘wshaper‘ ‘wshaper‘ option ‘exec‘ ‘/etc/init.d/wshaper start‘
config upnpd config option log_output 0 option download 1024 option upload 512
config wifi-device wifi0 option type atheros option channel auto option disabled 0 config wifi-iface option device wifi0 option network lan option mode ap option ssid OpenWrt option encryption none # Fake active wifi option ifname ath0 option up 1
原文:http://blog.csdn.net/xing634325131/article/details/22622105