部分文件,仅供参考,具体使用请参照官方说明:http://luci.subsignal.org/api/luci/modules/luci.model.uci.html
1.batmandconfig batmand general
option interface ath0
option announce
option gateway_class
option originator_interval
option preferred_gateway
option routing_class
option visualisation_srv
option policy_routing_script
2.ddns
config service "myddns"
option enabled "0"
option service_name "dyndns.org"
option domain "mypersonaldomain.dyndns.org"
option username "myusername"
option password "mypassword"
option ip_source "network"
option ip_network "wan"
option force_interval "72"
option force_unit "hours"
option check_interval "10"
option check_unit "minutes"
#option ip_source "interface"
#option ip_interface "eth0.1"
#option ip_source "web"
#option ip_url "http://www.whatismyip.com/automation/n09230945.asp"
#option update_url "http://[USERNAME]:[PASSWORD]@members.dyndns.org/nic/update?hostname=[DOMAIN]&myip=[IP]"
3.dhcp
config dnsmasq
option domainneeded 1
option boguspriv 1
option filterwin2k '0' #enable for dial on demand
option localise_queries 1
option local '/lan/'
option domain 'lan'
option expandhosts 1
option nonegcache 0
option authoritative 1
option readethers 1
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
config dhcp
option interface lan
option start 100
option limit 150
option leasetime 12h
config dhcp
option interface wan
option ignore 1
4.dropbear
config dropbear
option PasswordAuth 'on'
option Port '22'
5.firewall
config defaults
option syn_flood 1
option input DROP
option output ACCEPT
option forward DROP
config zone
option name lan
option input ACCEPT
option output ACCEPT
option forward DROP
config zone
option name wan
option input DROP
option output ACCEPT
option forward DROP
option masq 1
config forwarding
option src lan
option dest wan
### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
# option src lan
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:66
# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option protocol tcp
# include a file with users custom iptables rules
#config include
# option path /etc/firewall.user
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
6.fatab
config mount
option target /home
option device /dev/sda1
option fstype ext3
option options rw,sync
option enabled 0
config swap
option device /dev/sda2
option enabled 0
7.httpd
config 'httpd'
option 'port' '80'
option 'home' '/www'
8.luci
config 'core' 'main'
option 'lang' 'auto'
option 'resourcebase' '/luci-static/resources'
option '_niuinit' '1'
option 'mediaurlbase' '/luci-static/Todaair'
config 'extern' 'flash_keep'
option 'uci' '/etc/config/'
option 'dropbear' '/etc/dropbear/'
option 'openvpn' '/etc/openvpn/'
option 'passwd' '/etc/passwd'
option 'opkg' '/etc/opkg.conf'
option 'firewall' '/etc/firewall.user'
option 'uploads' '/lib/uci/upload/'
config 'internal' 'languages'
option 'pt_br' 'Português (Brasil)'
option 'de' 'Deutsch'
option 'fr' 'Français'
option 'he' 'עִבְרִית'
option 'es' 'Español'
option 'ro' 'Română'
option 'it' 'Italiano'
option 'pt' 'Português'
option 'no' 'Norsk'
option 'ru' 'Русский'
option 'ms' 'Bahasa Melayu'
option 'ja' '日本語'
option 'ca' 'Català'
option 'el' 'Ελληνικά'
option 'vi' 'Tiếng Việt'
option 'en' 'English'
option 'zh_cn' 'chinese'
config 'internal' 'sauth'
option 'sessionpath' '/tmp/luci-sessions'
option 'sessiontime' '3600'
config 'internal' 'ccache'
option 'enable' '1'
config 'internal' 'themes'
option 'Fledermaus' '/luci-static/fledermaus'
option 'Todaair' '/luci-static/Todaair'
option 'Freifunk_BNO' '/luci-static/freifunk-bno'
option 'OpenWrt' '/luci-static/openwrt.org'
option 'Freifunk' '/luci-static/freifunk'
option 'MyTheme' '/luci-static/Todaair'
option 'Freifunk_Hannover' '/luci-static/freifunk-hannover'
option 'Freifunk_Generic' '/luci-static/freifunk-generic'
option 'OpenWrtOxygen' '/luci-static/openwrt.org-oxygen'
option 'Oxygen' '/luci-static/oxygen'
9.lucid
config lucid main
option pollinterval 15000
option daemon 1
option debug 1
list supports tcpserver
list supports server
config DirectoryPublisher webroot
option name 'Webserver Share'
option physical host/www
option virtual ''
option domain ''
config LuciWebPublisher luciweb
option name 'LuCI Webapplication'
option physical ''
list virtual /luci
option domain ''
option home 1
config RPCPublisher mainrpc
option namespace 'luci.lucid.rpc'
list export system
list export ruci
list exec ':lo'
list exec 'root'
config tcpserver httpd
option entrypoint "luci.lucid.http"
list supports DirectoryPublisher
list supports LuciWebPublisher
config tcpserver rpcd
option entrypoint "luci.lucid.rpc"
list supports RPCPublisher
config daemon http
option slave httpd
list address 8080
list publisher webroot
list publisher luciweb
option enabled 1
config daemon https
option slave httpd
list address 4443
list publisher webroot
list publisher luciweb
option enabled 1
option encryption enable
option tls sdk_tls
config tls sdk_tls
option generate 1
option key /tmp/lucid-tls.key
option cert /tmp/lucid-tls.cert
option type asn1
config daemon rpc
option slave rpcd
list address 12900
list publisher mainrpc
option enabled 1
config 'daemon' 'splashr'
option 'slave' 'httpd'
list 'address' '8082'
list 'publisher' 'splashredir'
option 'enabled' '1'
config 'Redirector' 'splashredir'
option 'name' 'Splashd'
option 'virtual' '/'
option 'physical' ':80/luci/splash'
10.luci_devinfo
config 'smap_scannet' 'SIP_LAN'
option 'enable' '0'
option 'interface' 'lan'
option 'subnet' '192.168.99.0/24'
option 'ports' '5060'
option 'timeout' '10'
option 'repeat_count' '1'
option 'sleepreq' '100'
config 'smap_scannet' 'SIP_WAN'
option 'enable' '0'
option 'interface' 'wan'
option 'subnet' '216.218.0.0/16'
config 'netdiscover_scannet' 'SCAN_LAN'
option 'enable' '0'
option 'interface' 'lan'
option 'subnet' '192.168.99.0/24'
config 'netdiscover_scannet' 'SCAN_WAN'
option 'enable' '0'
option 'interface' 'wan'
option 'subnet' '216.218.0.0/16'
option 'ports' '5060'
option 'timeout' '10'
option 'repeat_count' '1'
option 'sleepreq' '100'
11.luci_olsr
config 'olsr' 'general'
option 'resolve' '1'
12.luci_splash
config core general
option leasetime 1
13.luci_statistics
config 'statistics' 'rrdtool'
option 'default_timespan' '1hour'
option 'image_width' '600'
option 'image_path' '/tmp/rrdimg'
config 'statistics' 'collectd'
option 'BaseDir' '/var/run/collectd'
option 'Include' '/etc/collectd/conf.d'
option 'PIDFile' '/var/run/collectd.pid'
option 'PluginDir' '/usr/lib/collectd'
option 'TypesDB' '/usr/share/collectd/types.db'
option 'Interval' '30'
option 'ReadThreads' '2'
config 'statistics' 'collectd_ping'
option 'enable' '0'
option 'TTL' '127'
option 'Interval' '30'
option 'Hosts' '127.0.0.1'
config 'statistics' 'collectd_csv'
option 'enable' '0'
option 'StoreRates' '0'
option 'DataDir' '/tmp'
config 'statistics' 'collectd_df'
option 'enable' '0'
option 'Devices' '/dev/mtdblock/4'
option 'MountPoints' '/jffs'
option 'FSTypes' 'tmpfs'
option 'IgnoreSelected' '0'
config 'statistics' 'collectd_disk'
option 'enable' '0'
option 'Disks' 'hda1 hdb'
option 'IgnoreSelected' '0'
config 'statistics' 'collectd_dns'
option 'enable' '0'
option 'Interfaces' 'ffdhcp ff br-lan'
option 'IgnoreSources' '127.0.0.1'
config 'statistics' 'collectd_email'
option 'enable' '0'
option 'SocketFile' '/var/run/collectd/email.sock'
option 'SocketGroup' 'nogroup'
config 'statistics' 'collectd_exec'
option 'enable' '1'
config 'collectd_exec_input'
option 'cmdline' '/usr/bin/stat-input-olsr'
config 'collectd_exec_notify'
option 'cmdline' '/usr/bin/stat-output-syslog'
config 'statistics' 'collectd_interface'
option 'enable' '1'
option 'Interfaces' 'br-lan br-ff'
option 'IgnoreSelected' '0'
config 'statistics' 'collectd_iptables'
option 'enable' '1'
config 'collectd_iptables_match'
option 'table' 'nat'
option 'chain' 'luci_fw_postrouting'
option 'target' 'MASQUERADE'
option 'source' '192.168.1.0/24'
option 'outputif' 'br-ff'
option 'name' 'Verkehr LAN-Clients'
config 'collectd_iptables_match'
option 'chain' 'luci_fw_postrouting'
option 'table' 'nat'
option 'target' 'MASQUERADE'
option 'source' '10.61.230.0/24'
option 'outputif' 'br-ff'
option 'name' 'Verkehr WLAN-Clients'
config 'statistics' 'collectd_irq'
option 'enable' '0'
option 'Irqs' '2 3 4 7'
config 'statistics' 'collectd_load'
option 'enable' '1'
config 'statistics' 'collectd_logfile'
option 'enable' '0'
option 'LogLevel' 'notice'
option 'File' '/var/log/collectd.log'
option 'Timestamp' '1'
config 'statistics' 'collectd_netlink'
option 'enable' '0'
option 'IgnoreSelected' '0'
option 'VerboseInterfaces' 'br-lan br-ff'
option 'QDiscs' 'br-lan br-ff'
config 'statistics' 'collectd_network'
option 'enable' '0'
config 'collectd_network_listen'
option 'host' '0.0.0.0'
config 'collectd_network_server'
option 'host' '0.0.0.0'
config 'statistics' 'collectd_processes'
option 'enable' '1'
config 'statistics' 'collectd_tcpconns'
option 'enable' '1'
option 'ListeningPorts' '0'
option 'LocalPorts' '22 80'
config 'statistics' 'collectd_unixsock'
option 'enable' '0'
option 'SocketFile' '/var/run/collectd/query.sock'
option 'SocketGroup' 'nogroup'
config 'statistics' 'collectd_wireless'
option 'enable' '1'
config 'statistics' 'collectd_cpu'
option 'enable' '1'
config 'statistics' 'collectd_rrdtool'
option 'enable' '1'
option 'DataDir' '/tmp'
option 'RRARows' '100'
option 'RRASingle' '1'
option 'RRATimespans' '10min 1hour 1day 1week 1month 1year'
14.mactodevinfo
config 'mactodevinfo'
option 'maclow' '00:19:15:00:00:00'
option 'machigh' '00:19:15:ff:ff:ff'
option 'vendor' 'Vertical Communications'
option 'devtype' 'SIP devices'
option 'model' 'varies'
option 'ouiowneroverride' 'Some company'
option 'name' 'Vertical XIP and Phones'
15.network
#### VLAN configuration
config switch eth0
option vlan0 "0 1 2 3 5*"
option vlan1 "4 5"
#### Loopback configuration
config interface loopback
option ifname "lo"
option proto static
option ipaddr 127.0.0.1
option netmask 255.0.0.0
#### LAN configuration
config interface lan
option type bridge
option ifname "eth0"
option proto static
option ipaddr 192.168.1.1
option netmask 255.255.255.0
#### WAN configuration
config interface wan
option ifname "wlan0"
option proto dhcp
16.ntpclient
config ntpserver
option hostname '0.openwrt.pool.ntp.org'
option port '123'
config ntpserver
option hostname '1.openwrt.pool.ntp.org'
option port '123'
config ntpserver
option hostname '2.openwrt.pool.ntp.org'
option port '123'
config ntpserver
option hostname '3.openwrt.pool.ntp.org'
option port '123'
config ntpdrift
option freq '0'
config ntpclient
option interval 60
#option count 10
17.openvpn_recipes
#
# Routed point-to-point server
#
config openvpn_recipe server_tun_ptp
option _description "Simple server configuration for a routed point-to-point VPN"
option _role "server"
option dev "tun"
option ifconfig "10.0.0.1 10.0.0.2"
option secret "shared-secret.key"
option keepalive "10 60"
option comp_lzo "1"
option verb "3"
option mssfix "1420"
option management "127.0.0.1 31194"
#
# Routed point-to-point client
#
config openvpn_recipe client_tun_ptp
option _description "Simple client configuration for a routed point-to-point VPN"
option _role "client"
option dev "tun"
list remote "vpnserver.example.org"
option ifconfig "10.0.0.2 10.0.0.1"
option secret "shared-secret.key"
option nobind "1"
option comp_lzo "1"
option verb "3"
option management "127.0.0.1 31194"
#
# Routed multi-client server
#
config openvpn_recipe server_tun
option _description "Server configuration for a routed multi-client VPN"
option _role "server"
option dev "tun"
option server "10.0.100.0 255.255.255.0"
option ca "ca.crt"
option cert "server.crt"
option key "server.key"
option dh "dh1024.pem"
option keepalive "10 60"
option comp_lzo "1"
option verb "3"
option mssfix "1420"
option management "127.0.0.1 31194"
#
# Routed client
#
config openvpn_recipe client_tun
option _description "Client configuration for a routed multi-client VPN"
option _role "client"
option client "1"
option dev "tun"
list remote "vpnserver.example.org"
option pkcs12 "my_client.p12"
option remote_cert_tls "server"
option comp_lzo "1"
option nobind "1"
option persist_key "1"
option persist_tun "1"
option verb "3"
option reneg_sec "0"
option float "1"
option management "127.0.0.1 31194"
#
# Multi-client ethernet bridge server
#
config openvpn_recipe server_tap_bridge
option _description "Server configuration for an ethernet bridge VPN"
option _role "server"
option dev "tap"
option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
option ca "ca.crt"
option cert "server.crt"
option key "server.key"
option dh "dh1024.pem"
option keepalive "10 60"
option comp_lzo "1"
option verb "3"
option mssfix "1420"
option management "127.0.0.1 31194"
#
# Ethernet bridge client
#
config openvpn_recipe client_tap_bridge
option _description "Client configuration for an ethernet bridge VPN"
option _role "client"
option client "1"
option dev "tap"
list remote "vpnserver.example.org"
option ca "ca.crt"
option cert "my_client.crt"
option key "my_client.key"
option dh "dh1024.pem"
option remote_cert_tls "server"
option comp_lzo "1"
option nobind "1"
option persist_key "1"
option verb "3"
option reneg_sec "0"
option float "1"
option management "127.0.0.1 31194"
18.pbx
config 'main' 'connection_status'
19.pbx-advanced
config 'settings' 'advanced'
option 'useragent' 'PBX'
option 'ringtime' '30'
option 'rtpstart' '19850'
option 'rtpend' '19900'
20.pbx-calls
config 'call_routing' 'outgoing_calls'
config 'call_routing' 'incoming_calls'
config 'call_routing' 'providers_user_can_use'
config 'call_routing' 'blacklisting'
21.pbx-google
config 'user' 'server'
22.pbx-voicemail
config 'voicemail' 'global_voicemail'
config 'voicemail' 'voicemail_smtp'
config 'voicemail' 'voicemail_log'
23.pbx-voip
# QoS configuration for OpenWrt
# INTERFACES:
config interface wan
option classgroup "Default"
option enabled 1
option overhead 1
option upload 128
option download 1024
# RULES:
config classify
option target "Bulk"
option ipp2p "all"
config classify
option target "Bulk"
option layer7 "edonkey"
config classify
option target "Bulk"
option layer7 "bittorrent"
config classify
option target "Priority"
option ports "22,53"
config classify
option target "Normal"
option proto "tcp"
option ports "20,21,25,80,110,443,993,995"
config classify
option target "Express"
option ports "5190"
config default
option target "Express"
option proto "udp"
option pktsize "-500"
config reclassify
option target "Priority"
option proto "icmp"
config default
option target "Bulk"
option portrange "1024-65535"
config reclassify
option target "Priority"
option proto "tcp"
option pktsize "-128"
option mark "!Bulk"
option tcpflags "SYN"
config reclassify
option target "Priority"
option proto "tcp"
option pktsize "-128"
option mark "!Bulk"
option tcpflags "ACK"
# Don't change the stuff below unless you
# really know what it means :)
config classgroup "Default"
option classes "Priority Express Normal Bulk"
option default "Normal"
config class "Priority"
option packetsize 400
option maxsize 400
option avgrate 10
option priority 20
config class "Priority_down"
option packetsize 1000
option avgrate 10
config class "Express"
option packetsize 1000
option maxsize 800
option avgrate 50
option priority 10
config class "Normal"
option packetsize 1500
option packetdelay 100
option avgrate 10
option priority 5
config class "Normal_down"
option avgrate 20
config class "Bulk"
option avgrate 1
option packetdelay 200
25.siit
config siit ipv4
option pool "77.87.52.0/22"
option netsize "29"
config siit ipv6
option ula_prefix "fd00::"
option ula_global "00ca:ffee:babe::"
option ula_subnet "0000:0000:0000:dada::"
option siit_prefix "::ffff:0000:0000"
config siit wifi
option essid "6mesh.freifunk.net"
option bssid "02:25:c3:ca:ff:ee"
option channel "1"
26.system
config 'system'
option 'hostname' 'OpenWrt'
option 'zonename' 'UTC'
option 'timezone' 'GMT0'
option 'conloglevel' '8'
option 'cronloglevel' '8'
27.ucitrack
config 'network'
option 'init' 'network'
list 'affects' 'dhcp'
list 'affects' 'radvd'
config 'wireless'
list 'affects' 'network'
config 'firewall'
option 'init' 'firewall'
list 'affects' 'luci-splash'
list 'affects' 'qos'
list 'affects' 'miniupnpd'
config 'olsr'
option 'init' 'olsrd'
config 'dhcp'
option 'init' 'dnsmasq'
config 'dropbear'
option 'init' 'dropbear'
config 'httpd'
option 'init' 'httpd'
config 'fstab'
option 'init' 'fstab'
config 'qos'
option 'init' 'qos'
config 'system'
option 'init' 'led'
list 'affects' 'luci_statistics'
config 'luci_splash'
option 'init' 'luci_splash'
config 'upnpd'
option 'init' 'miniupnpd'
config 'ntpclient'
option 'init' 'ntpclient'
config 'samba'
option 'init' 'samba'
config 'tinyproxy'
option 'init' 'tinyproxy'
config 'meshwizard' 'meshwizard'
option 'exec' '/etc/init.d/wizard boot'
config 'p910nd'
option 'init' 'p910nd'
config 'radvd'
option 'init' 'radvd'
config 'freifunk_p2pblock'
option 'init' 'freifunk-p2pblock'
config 'luci_statistics'
option 'init' 'luci_statistics'
config 'ushare'
option 'init' 'ushare'
config 'olsrd'
option 'init' 'olsrd'
config 'vnstat'
option 'init' 'vnstat'
config 'mmc_over_gpio'
option 'init' 'mmc_over_gpio'
config 'polipo'
option 'init' 'polipo'
config 'ahcpd'
option 'init' 'ahcpd'
config 'hd-idle'
option 'init' 'hd-idle'
config 'wshaper' 'wshaper'
option 'exec' '/etc/init.d/wshaper start'
28.upnpd
config upnpd config
option log_output 0
option download 1024
option upload 512
29.wireless
config wifi-device wifi0
option type atheros
option channel auto
option disabled 0
config wifi-iface
option device wifi0
option network lan
option mode ap
option ssid OpenWrt
option encryption none
# Fake active wifi
option ifname ath0
option up 1