|
本帖最后由 HeiSha_ 于 2024-4-20 20:13 编辑
1. 前提:不想访客亲友访问到内网设备。
2. 配置访客网络(备注:以下所有操作均在SSH中操作):
- 修改/etc/config/wireless,添加以下内容:
- config wifi-iface 'wifinet4'
- option device 'radio0'
- option mode 'ap'
- option ssid 'HelloWorld'
- option encryption 'psk-mixed'
- option key 'G5idIGSHUZ'
- option network 'guest'
- option disabled '0'
复制代码 以上代码添加一个名为"HelloWorld"的2.4GWiFi热点,需注意config wifi-iface 'wifinet4'中的'wifinet4'不要和现用的WiFi热点重名,如果已有该名称,可更改为'wifinet5'等,对应:网线-->无线;
- 修改/etc/config/network,添加以下内容:
- config interface 'guest'
- option proto 'static'
- option ipaddr '172.17.1.1'
- option netmask '255.255.255.0'
复制代码 以上代码添加guest接口,并指定内网IP段: '172.17.1.1',对应:网络-->接口;
- 修改/etc/config/dhcp,添加以下内容:
- config dhcp 'guest'
- option interface 'guest'
- option start '100'
- option limit '150'
- option leasetime '12h'
复制代码
- 修改/etc/config/firewall,添加以下内容:
- config zone
- option name 'guest'
- option input 'ACCEPT'
- option output 'ACCEPT'
- option forward 'ACCEPT'
- list network 'guest'
- config rule
- option name 'Allow-Guest-DNS'
- option src 'guest'
- option src_port '53'
- option target 'ACCEPT'
- config rule
- option name 'Allow-Guest-DHCP'
- option src 'guest'
- option src_port '67-68'
- option target 'ACCEPT'
- config rule
- option name 'Deny-Guest-ssh'
- option src 'guest'
- option dest_port '22 80 443'
- option target 'DROP'
- config rule
- option name 'Deny-Guest-lan'
- option src 'guest'
- option dest 'lan'
- option target 'DROP'
- config forwarding
- option src 'guest'
- option dest 'wan'
复制代码 以上代码添加防火墙配置,对应:网络-->防火墙-->常规设置-->区域,网络-->防火墙-->通信规则。
通过以上操作,我们就建立了访客WiFi热点,并创捷了访客网络,并为访客网络创建了防火墙规则,以限制访客访问内网设备,但又达到访问互联网的需求。
3. 创建扫码查看WiFi密码脚本,并做到一定时间后能自动关闭访客WiFi的需求,且开启状态时扫码延长开启有效期、每次开启访客WiFi时重设密码
- opkg update
- opkg install at
- /etc/init.d/atd enable
复制代码- 在/www/cgi-bin目录下创建文件wifion
- /www/cgi-bin/wifion添加以下内容:
- #!/bin/sh
- DISABLE_SSID="HelloWorld" #修改为访客WiFi SSID
- DISABLE_PERIOD=5 #自动关闭访客WiFi时间,单位:小时
- echo "Content-type: text/html; charset=utf-8"
- echo ""
- echo '<html lang="en">'
- echo '<head>'
- echo ' <meta charset="UTF-8">'
- echo ' <meta name="viewport" content="width=device-width, initial-scale=1.0">'
- echo ' <title>My WiFi</title>'
- echo ' <style>'
- echo ' html, body {'
- echo ' height: 100%;'
- echo ' margin: 0;'
- echo ' padding: 0;'
- echo ' }'
- echo ' .container {'
- echo ' display: flex;'
- echo ' align-items: center; /* 垂直居中 */'
- echo ' justify-content: center; /* 水平居中 */'
- echo ' height: 100%;'
- echo ' background: linear-gradient(to bottom, #03AEE2 65%, #33FCFF 100%);'
- echo ' flex-direction: column; /* 子元素垂直排列 */'
- echo ' }'
- echo ' .container img {'
- echo ' max-width: 100%;'
- echo ' max-height: 80vh; /* 图片最大高度为视窗高度的 80% */'
- echo ' -webkit-filter: drop-shadow(10px 10px 10px rgba(0,0,0,.5));'
- echo ' filter: drop-shadow(10px 10px 10px rgba(0,0,0,.5));'
- echo ' }'
- echo ' .text {'
- echo ' text-align: center; /* 文本居中对齐 */'
- echo ' }'
- echo ' .text p {'
- echo ' font-family: Helvetica, 'Hiragino Sans GB', 'Microsoft Yahei', '微软雅黑', Arial, sans-serif;'
- echo ' font-size: 18px;'
- echo ' color: white; /* 将字体颜色改为白色 */'
- echo ' text-shadow: 0em .08em .15em hsla(220, 100%, 30%, .6);'
- echo ' }'
- echo ' .text p span {'
- echo ' color: #D8E70B;'
- echo ' text-decoration: underline; /* 文字下划线 */'
- echo ' }'
- echo ' .button {'
- echo ' box-shadow: 0px 1px 0px 0px #f0f7fa;'
- echo ' background: linear-gradient(to bottom, #45BCE0 5%, #019ad2 100%);'
- echo ' background-color: #33bdef;'
- echo ' border-radius: 4px;'
- echo ' border: 1px solid #057fd0;'
- echo ' display: inline-block;'
- echo ' cursor: pointer;'
- echo ' color: #ffffff;'
- echo ' padding: 5px 10px 3px 10px;'
- echo ' text-decoration: none;/'
- echo ' text-shadow: 0px -1px 0px #5b6178;'
- echo ' font-family: Helvetica, 'Hiragino Sans GB', 'Microsoft Yahei', '微软雅黑', Arial, sans-serif;'
- echo ' }'
- echo ' .button:hover {'
- echo ' background: linear-gradient(to bottom, #019ad2 5%, #45BCE0 100%);'
- echo ' background-color: #019ad2;'
- echo ' }'
- echo ' .myButton:active {'
- echo ' position: relative;'
- echo ' top: 1px;'
- echo ' }'
- echo ' </style>'
- echo '</head>'
- echo '<body>'
- echo ' <div class="container">'
- echo ' <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMgAAADICAMAAACahl6sAAAC7lBMVEUAAAD/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////jtXoAAAA+XRSTlMAAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdX2BiZWZnaGlqa2xtbm9wcXN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f68eH41AAAAAWJLR0T5TGRX8AAAC49JREFUGBntwX1804WBB+Bv0pQWgdZ6irwUhlBBbjLefAOKOnQwT5wwPJxustNTj8kcnts5T8c4N4uoKOAbyBiT8t5BWwRaWqC05aXQF9r0LU3St5A26XsT0ib5/nce2yG0+b3lrelneR6EhYWFhYWFhYWFhYWFhYX9I1HfNmXu0lVJW5KTD6akHDuWknIwOfnzpFVL5k65VY3BICLhsV9vTz9dom+w2OmB3dKgLzmd/qfXFyWoEaJGPZaUml/d7KQszuaqM6lJPxyFkBI1LymjtLGXivU2lGYkzYtCKIhe/JdcXRd90KXL/cviaAyou9ZkltvoBw5Dznt3YWCoH91TbKEfWYr3PKpGkKkf3FHSQb/rKktbqkHwzEwu62KAdJUlz0RQxLySbWFAteT97hYEWuJerZMB59KnPoQA0rxwro1B0nb+3zUIjBFrLl1hEPVoP4qD/43ZXu1ikLmqt4+Gf43cpueAqNsxEv7zT59Uc8AYv7od/hHziY4DSrd5BHyn/pXWzQHmrnpNDR89mGdjCLBfWARfxKdYGSJasifCW5p3a+kbR2dzs7n+G+bm5k4HfVP7Rw28ck+Bg16xNVZfyE5Nfn/10/Nn3znxjrhv3DHxztnzn37tg+TU7AvVjTZ6xVEwG8pFf2qiYra6ouPbn39gNESNnvPCn48X1dmomOnTaCj0aImTirgaS46snRsD2WIT1x4pMbmoiLPkESih2WymEqaCXc+NhRfiV+wuuEwlzJs0kC3hXA9l66o4tjoePhj/nxkV3ZSt5+wkyLSyhnJ1aff9IAI+0yzar+2mXMaVkGNEagfluaLdtzACfhKxaL/2CuVpPzQckqYWuymLOfe5SPhV5M+yGiiLu/guSHjWQDlsJRvjEQDjNpfYKIf+GYhRrbNQhrbClyIQIOqnc1opg/VzNQTFZtoprTFzHgJqXnotpTmyYiBgfBGl1e/+DgJuwt56SisaB49mVlGSKT0BQTF+j4mSdPfDgyVGSjEfSkDQTEkzU4rxR+jnlUZK6My9B0F1b04HJTS+hj6SWijOWboCQfdvpU6Ks76LG2xspzjje1EYAEM/rKW49o9xnc0dFNWVNwXKRE9d8ur63amZ2bn5eYWFefm52Zmpu9b/8smp0VBm4sluiurcgv+n2tZNUdWvqyBb3CN/TM25ZLS66YHbaijJOfSHBTdDvhdqKMq2U4WrVDttFNP+9e2QRzPnvYyiOgclXakrylh3vwbyjDrSQTG2nWr8ny/tFGNYCTlU931ysqqTCnRWndx0rwpyvGKgmCtf4hv/0UIRvRcmQdqw5QdKWumFTu3Bn9wEaZPyeyiibSUwopIizBs1kDJk+dGaHnqtp+brpyIhRbPZTBEVw7HeRWHViyAlcVeZjT5y1KTMh5THdRTmWoezFOQsmABxw1bnW+kXbRdevwni4gucFHQGdRTSsTcKohK+qnTRb5yVX02CqOh9HRRSh3YKMP0XRE0/WEc/Mx2ZDlFvmCigDb30zPgkxMw/ZmYAWE4lQswSIz3rQSs9qrwPIqYdtzJArBnfhYiZVfSoBUZ6UjgOwsbuMTGAzOljIGx8ET0xIo/9uXJiISh6k5EBZtgYDUGxp13sLxdvOdmXM3soBD1R4mLAuUqXQdDQbCf76n0TUaXsw3k8CkLG7LMyKFqzvwMhUcec7OPSEGC5mTfo/XoIhKzWM2j0r0LIkCO9vIF5Gb6xto3XsR/UQMDIox0Moq5TYyBAc9DO67StxVW/bOA1zR+qIODn1Qyy6hUQoPrYwmvqV+Hv7j52mVe15D8EAVE7Wxl0rV9购物cDDZ1p41eWjd+NbE9ekn8w5vGEahNxx3knF7JY6nbai8OLFwnKtrs5qp2LO8xMgZNrHh3NOHH7rDijxTA2VsNcWZqWsf2bu5DhcEzdl7rPrU7ILa+1UQvev8KMPLJTLbSpK//1DMRAU+/Dv04tMbsrVvA7+MuRAN+VpLz34QjxkiH/xUFk75enaOwR+cUuuk3K0FHx2nwqyqe//rMBKOZw5cfCDiZcoQ3fJtulQbMafLnVThksT4LN/rqC0ppNL1PCK+kfHGimtaip8dE81pbirv5wAH0zYVu2mlOpZ8EmijhJcNR/GwEex72udlKBPhA/mGSnOXblmKPzgprWVboozzIHXZugprv6LGPhJ7GcGijPOgJemVFNUS9oY+NHY9BaKqpoCr4zTUozz0mL42eMXeiimchy8EHmWYho/GgK/i9poopizGij3cS+FOYsfQEDMLXZRWO9HUOxmHYVZt0UjQIZut1JYdSyUWuOmIP2zCKDn9BTkfgtKZVKIu3gSFBkxAooknHNSyFEoVUwB3X+NggyqiYvfOZCRW1Ru0NfW6g3lRbkZ+9cunqiCDNGHbBRQBKXK6VnLRypIGfbklhPlTU7242yqyN7y5E2QolpnoWdaKKWlRw0vQ8LkD0/pHRThqDn1/p2QsLKRHpVBqXx60rAMosavP2umDNaiTeMg6ol6epILpfbRA8MCiFAvy2qkbA1ZP1ZDxKNGerAbSi3oYD8190NY1BslNirSXfybKAibU8N+Oh6EUqrz7Ms4B4KGvqPtpWK9Zf8TDUGJRvZ1TgXFEpt4o/qFEKJ+pdRJr7gqfqGGkEV1vFHTPHjh7TZer+EpCFlwwU6v2QsehpCnGni9tv+GV5Ka+C39QgiI3dFEnzTtjoGAfzHyW+Z34aXFJVf4N21ZkyFgWQV95S5fCgGTT7Tzb+zFC+G1iOczymsbDcX7HoGAqM8t9APLn6Mg4Pv7i/T1taUZK9TwzbAxkRA0+aKTfuG8kABBUbcOR2D9UEe/qVmKAbPmMv3o8hoMDNUX7fSrzq0qDICIXd30M9uBSARd5JFe+l3PYQ2CLCLFwQDoPaxBUKlSHAwIx34VgulTO+W4Uq8tzM8+evREfqG23kE57J8giF5rpaTG84fWLojDNXEL3jl03kRJrb9C0DxuojiX4eSb8fBg3FunDC6KMz2GIBldQVG24t/EQFDsr891UlTVKASFJpdiLDnLVBClXn7aQjG5EQiGDQ4Ks59LhAzzz9spzLEBQTDeQGE1b0dAFtWqKjcF1U1A4O2loLY9N0O2uL1tFLQLARehpRDDy1DkJSOFlEUg0Ga00TN38d1QaFqxm561TkOgPUPPnJnDoNjwTCc9ci9DoK2iRz2HI+GFyMM99OglBNqP6UlPmgZeiUhx0JMnEGhTreyv90AEvBSR4mR/likIuFL2lxcJr0Xmsb8SBN5W9lM5Ej4YqWU/WxB4txvYR/0D8MkDdexDfyuCYHUHb9DyMsSM/d6cOd8bCzEvWniD9lcRFNu7eJ2ODRAy9OndZ6pMbTZbm6nyzO7lQyFkXSev07UNQbK+idfUvgkBs/5a1cvr9FYdmA4BbzTwGvN7CJrEPAuvasiaDM9mZDezn+bj0+DZrEwzr2o6fS+CafqGYznZh94ZA8+iv2ykR41fRMGzO9cczs5J+yABoWTqRScFuIrvwqCx0EAR+kcwSDxVT1H1SzEoPFhHCfULMAjE6yipajRCXkQ+ZTitRqj7nYMyXPktQtyoGsqiuw2hbQdl2oKQdksNZdLFIZS97aZM7t8ilJ2lbPkIYaMaKVv9bQhdz7som+vnCF27qUAyQlcWFTiO0FVABc4jdJVQgWKErgoqUI7QVUYFShG6CqnARYSuXCpwGqErjQocQuj6AxVYi9A1q42ytU5D6FJrKVuZCiFsF2XbgVA220qZrDMR0k5TphMIbYtaKYv1+whxRyhLGkJdfA1l0I1GyFvRQkktP8Ug8KmNEro3YTBQ7XNQlGOvCoNCRHIXRdj2aTBYrDdT0OUkDCKPad30yKX9AQaV4Vvr6EHd58Mw2IzbqXPxBk7dzngMRiNWZVV28O86Ko//YjgGLc3sF7empKWlbH1xlgZhYWFhYWFhYWFhYWFhYWH/gP4X7ZEI1tiPpcUAAAAASUVORK5CYII=" alt="Your Image">'
- echo ' <div class="text">'
- # 获取 wifinet4 的配置
- wifinet4=$(uci show wireless | grep "$DISABLE_SSID" | cut -f 1-2 -d'.')
- # 检查 wifinet4 是否存在
- if [ -n "$wifinet4" ]; then
- # 获取 wifinet4 的状态
- disabled=$(uci -q get $wifinet4.disabled)
-
- # 检查 wifinet4 是否为禁用状态
- if [ "$disabled" -eq 1 ]; then
- random_password=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 10 ; echo '')
- uci -q set $wifinet4.disabled=0
- uci -q set $wifinet4.key="$random_password"
- uci commit wireless
- wifi reload
- current_password=$random_password
- else
- current_password=$(uci get $wifinet4.key)
- fi
- # 删除任务
- atq | cut -f 1 | xargs -n 1 atrm
- # 获取x个小时后的时间,并格式化为所需的字符串形式
- current_time=$(date +%s)
- two_hours_in_seconds=$(($DISABLE_PERIOD * 3600))
- expiration_time=$((current_time + two_hours_in_seconds))
- expiration_time_formatted=$(date -d "@$expiration_time" "+%Y-%m-%d %H:%M")
- # 调度一个任务,在x个小时后禁用该 SSID
- at now + $DISABLE_PERIOD hours <<EOF
- # 在任务注释中添加标识
- # SSID_HelloWorld
- uci -q set $wifinet4.disabled=1
- uci commit wireless
- wifi reload
- EOF
- echo " <p>WiFi网络名称:<span class='ssid'>HelloWorld</span></p>"
- echo " <p>WiFi密码:<span class='password' id='password'>$current_password</span> <button class="button" onclick="copyPassword()">复制密码</button></p>"
- echo " <p>该网络将为您开启<span class='time'>$DISABLE_PERIOD小时</span>至 $expiration_time_formatted</p>"
- echo " <p>如需延时使用,请再次扫码</p>"
- echo " <p>您的登录信息已记录,请遵守国家规定,文明上网!</p>"
- echo " <div id="copyMessage" style="display: none;">密码已复制</div>"
- else
- echo " <p>SSID '$DISABLE_SSID' not found in configuration.</p>"
- fi
- echo " </div>"
- echo " </div>"
- echo " <script>"
- echo " function copyPassword() {"
- echo " var passwordElement = document.getElementById('password');"
- echo " var tempInput = document.createElement('input');"
- echo " tempInput.value = passwordElement.textContent;"
- echo " document.body.appendChild(tempInput);"
- echo " tempInput.select();"
- echo " tempInput.setSelectionRange(0, 99999);"
- echo " document.execCommand('copy');"
- echo " document.body.removeChild(tempInput);"
- echo " document.getElementById('copyMessage').style.display = 'block';"
- echo " document.getElementById('copyMessage').style.color = '#FFFFFF';"
- echo " setTimeout(function() {"
- echo " document.getElementById('copyMessage').style.display = 'none';"
- echo " }, 1500);"
- echo " }"
- echo " </script>"
- echo "</body>"
- echo "</html>"
复制代码
- 修改/www/cgi-bin/wifion的执行权限
- chmod +x /www/cgi-bin/wifion
复制代码
注意,该脚本会使用at命令,会在每次执行时删除所有at任务并创建新任务,如果你本来就在使用at命令创建一次性任务,那么请不要使用该脚本。当然你可以修改成使用cron任务。
你需要将DISABLE_SSID改为/etc/config/wireless中你创建的WiFi热点名称,DISABLE_PERIOD改为需要该WiFi热点自动关闭的时间
4. 访问 http://你的路由器IP/cgi-bin/wifion 看下是否成功,如图:
5. 端口转发中添加端口转发规则,相信这是最基础的OpenWRT操作了
- 修改/etc/config/firewall,添加以下内容:
- config redirect
- option dest 'lan'
- option target 'DNAT'
- option name 'Login'
- option src 'wan'
- option src_dport '18000'
- option dest_ip '192.168.1.1'
- option dest_port '80'
复制代码 其中,option src_dport '18000'为外部端口,option dest_ip '192.168.1.1'为你的路由器管理地址
6. 访问 http://你的外网IP:外部端口/cgi-bin/wifion 看下是否成功
7. 去二维码生成平台生成你的二维码,可以使用DDNS将你的外网IP替换为你的网址
- http://你的外网IP:外部端口/cgi-bin/wifion
复制代码
请不要胡乱输入以及粘贴、复制等方式灌水
请尊重作者、并共同维护网站的正常阅读,否则账户将会被限制发帖、回帖,并且积分可能会被清零,站内短信以及阅读权限等都会受到影响,谢谢。
具体限制方式:https://www.right.com.cn/forum/thread-8307840-1-1.html
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
×
|