T440做服务器笔记(二)openwrt
简介:
由于T440无法硬件直通无线网卡到虚拟机,所以无线网卡做了管理接口。使用USB 8153网卡作为WAN接入。
首次启动脚本:
最简单的定制openwrt,用在线编译来做一个不怕恢复出厂设置的rom - 上官飞鸿 - 博客园
#!/bin/sh #中文支持包:kmod-usb-net-rtl8152 luci-i18n-base-zh-cn luci-i18n-package-manager-zh-cn luci-i18n-firewall-zh-cn ############################################# # OpenWRT首次启动配置脚本 - PXE版本 # 功能: # 1. 设置LAN IP为192.168.250.1/24 # 2. 设置WAN IP为192.168.137.2/24,网关192.168.137.1 # 3. 设置时区为中国 # 4. 允许WAN口访问22, 80, 443端口 # 5. 配置DHCP服务以支持PXE引导,使用外部WDS服务器(192.168.250.10) ############################################# # 定义日志文件 LOG_FILE="/tmp/uci-defaults-pxe.log" # 日志输出函数 log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$LOG_FILE" } # 同时输出到控制台和日志(如果可能) echo_log() { log "$1" echo "$1" 2>/dev/null || true } log "========== OpenWRT PXE配置脚本开始执行 ==========" echo_log "开始配置OpenWRT系统..." # 1. 设置LAN IP为192.168.250.1/24 echo_log "设置LAN IP为192.168.250.1/24..." uci set network.lan.ipaddr='192.168.250.1' uci set network.lan.netmask='255.255.255.0' uci set network.lan.proto='static' # 2. 设置WAN IP为192.168.137.2/24,网关192.168.137.1 echo_log "设置WAN IP为192.168.137.2/24,网关192.168.137.1..." uci set network.wan.proto='static' uci set network.wan.ipaddr='192.168.137.2' uci set network.wan.netmask='255.255.255.0' uci set network.wan.gateway='192.168.137.1' uci set network.wan.dns='8.8.8.8 8.8.4.4' # 3. 设置时区为中国 echo_log "设置时区为中国..." uci set system.@system[0].timezone='CST-8' uci set system.@system[0].zonename='Asia/Shanghai' uci set system.@system[0].hostname='OpenWRT-PXE' # 4. 允许WAN口访问22, 80, 443端口 echo_log "配置防火墙,允许WAN口访问22, 80, 443端口..." # 注意:OpenWRT 默认配置中通常已经有 wan 区域,不需要创建 # 如果确实需要创建,应该检查是否存在名为 'wan' 的 zone(无论是命名还是匿名) # 这里我们假设默认配置已存在 wan 区域,只添加规则 # 添加端口规则(允许WAN口访问SSH、HTTP、HTTPS) uci add firewall rule uci set firewall.@rule[-1].name='Allow-WAN-Services' uci set firewall.@rule[-1].src='wan' uci set firewall.@rule[-1].proto='tcp' uci add_list firewall.@rule[-1].dest_port='22' uci add_list firewall.@rule[-1].dest_port='80' uci add_list firewall.@rule[-1].dest_port='443' uci set firewall.@rule[-1].target='ACCEPT' uci set firewall.@rule[-1].enabled='1' # 5. PXE配置 - 使用外部WDS服务器 echo_log "配置DHCP和PXE支持..." # 启用DHCP日志 uci set dhcp.@dnsmasq[0].logdhcp='1' # 创建匹配规则来匹配不同架构的PXE客户端 echo_log "创建PXE客户端匹配规则..." # BIOS x86/x64 (Arch:00000) uci add dhcp match uci set dhcp.@match[-1].networkid='bios' uci set dhcp.@match[-1].match='60,PXEClient:Arch:00000' # UEFI x86 (Arch:00006) uci add dhcp match uci set dhcp.@match[-1].networkid='efi32' uci set dhcp.@match[-1].match='60,PXEClient:Arch:00006' # UEFI x64 (Arch:00007) uci add dhcp match uci set dhcp.@match[-1].networkid='efi64' uci set dhcp.@match[-1].match='60,PXEClient:Arch:00007' # UEFI x64 备用 (Arch:00009) uci add dhcp match uci set dhcp.@match[-1].networkid='efi64' uci set dhcp.@match[-1].match='60,PXEClient:Arch:00009' # 为每个架构设置不同的启动配置 echo_log "设置不同架构的PXE启动文件..." # BIOS x86/x64 启动配置 uci add dhcp boot uci set dhcp.@boot[-1].networkid='bios' uci set dhcp.@boot[-1].filename='tag:bios,boot\\x64\\wdsnbp.com' uci set dhcp.@boot[-1].serveraddress='192.168.250.10' uci set dhcp.@boot[-1].servername='192.168.250.10' # UEFI x64 启动配置 (Arch:00007) uci add dhcp boot uci set dhcp.@boot[-1].networkid='efi64' uci set dhcp.@boot[-1].filename='tag:efi64,boot\\x64\\wdsmgfw.efi' uci set dhcp.@boot[-1].serveraddress='192.168.250.10' uci set dhcp.@boot[-1].servername='192.168.250.10' # UEFI x86 启动配置 uci add dhcp boot uci set dhcp.@boot[-1].networkid='efi32' uci set dhcp.@boot[-1].filename='tag:efi32,boot\\x86\\wdsmgfw.efi' uci set dhcp.@boot[-1].serveraddress='192.168.250.10' uci set dhcp.@boot[-1].servername='192.168.250.10' # 配置静态主机(MAC 地址绑定) echo_log "配置静态主机绑定..." uci add dhcp host uci set dhcp.@host[-1].name='WIN-2019' uci set dhcp.@host[-1].ip='192.168.250.10' uci add_list dhcp.@host[-1].mac='BC:24:11:75:40:3C' # 部署自定义 PXE boot 配置(dhcp-boot 和 dhcp-option) echo_log "部署自定义 PXE boot 配置文件..." # 尝试获取 dnsmasq 配置目录 DNSMASQ_CONF_DIR="" # 方法1: 从 /var/etc/dnsmasq.conf.* 查找(如果 dnsmasq 已启动) if [ -d /var/etc ]; then DNSMASQ_CONF_DIR=$(grep 'conf-dir=' /var/etc/dnsmasq.conf.* 2>/dev/null | head -1 | cut -d'=' -f2 | tr -d ' ') fi # 方法2: 查找 /tmp/dnsmasq.cfg* 目录 if [ -z "$DNSMASQ_CONF_DIR" ] && [ -d /tmp ]; then DNSMASQ_CONF_DIR=$(ls -d /tmp/dnsmasq.cfg* 2>/dev/null | head -1) fi # 方法3: 使用默认目录模式 if [ -z "$DNSMASQ_CONF_DIR" ]; then DNSMASQ_CONF_DIR="/tmp/dnsmasq.cfg01411c.d" fi # 创建配置目录并部署 pxe-boot.conf if [ -n "$DNSMASQ_CONF_DIR" ]; then mkdir -p "$DNSMASQ_CONF_DIR" if [ -f /etc/pxe-boot.conf ]; then cp /etc/pxe-boot.conf "$DNSMASQ_CONF_DIR/pxe-boot.conf" 2>/dev/null || true fi fi # 提交所有配置更改 echo_log "提交配置更改..." uci commit network 2>&1 | while read line; do log "uci commit network: $line"; done uci commit system 2>&1 | while read line; do log "uci commit system: $line"; done uci commit firewall 2>&1 | while read line; do log "uci commit firewall: $line"; done uci commit dhcp 2>&1 | while read line; do log "uci commit dhcp: $line"; done # 验证配置并记录到日志 log "" log "========== 验证PXE配置 ==========" # 显示匹配规则 log "PXE匹配规则:" uci show dhcp.@match 2>&1 | while read line; do log " $line"; done # 显示启动配置 log "" log "PXE启动配置:" uci show dhcp.@boot 2>&1 | while read line; do log " $line"; done # 显示配置摘要 log "" log "========== 配置完成 ==========" log "系统信息:" log " - 主机名: $(uci get system.@system[0].hostname 2>/dev/null || echo 'N/A')" log " - 时区: $(uci get system.@system[0].zonename 2>/dev/null || echo 'N/A')" log "" log "网络配置:" log " - LAN IP: $(uci get network.lan.ipaddr 2>/dev/null || echo 'N/A')/24" log " - WAN IP: $(uci get network.wan.ipaddr 2>/dev/null || echo 'N/A')/24" log " - 网关: $(uci get network.wan.gateway 2>/dev/null || echo 'N/A')" log "" log "PXE配置:" log " - TFTP服务器: 192.168.250.10" log " - 支持的PXE客户端架构:" log " 1. BIOS x86/x64 (Arch:00000): boot\\x64\\wdsnbp.com" log " 2. UEFI x86 (Arch:00006): boot\\x86\\wdsmgfw.efi" log " 3. UEFI x64 (Arch:00007): boot\\x64\\wdsmgfw.efi" log " 4. UEFI x64备用 (Arch:00009): boot\\x64\\wdsmgfw.efi" log "" log "防火墙:" log " - WAN口开放端口: 22(SSH), 80(HTTP), 443(HTTPS)" log "" log "注意:" log " 1. 确保WDS服务器(192.168.250.10)已正确配置TFTP服务" log " 2. 确保WDS服务器上的启动文件路径正确" log " 3. IPv6配置保持系统默认设置" log " 4. 在Luci界面中,可以在'Network -> DHCP and DNS -> Special PXE boot options'中查看配置" log " 5. 查看完整日志: cat $LOG_FILE" log "==================================================" log "脚本执行完成!日志文件: $LOG_FILE" # 返回成功状态(uci-defaults 脚本成功时应返回 0) exit 0
直通USB网卡
添加--USB设备
使用USB供应商/设备ID
我这是surface网卡,选microsoft这个就可以了
详细配置:
浙公网安备 33010602011771号