公司的内部有线网络使用802.1x认证,自己搞了个DB120刷OpenWrt把无线转发给自己用。安装好OpenWrt后
主要是把wpad-mini卸载换成wpad,mini版本的不支持802.1x认证。其实wpad就是wpa_supplicant和hostapd的集合。
ctrl_interface_group=root
ctrl_interface=/var/run/wpa_supplicant
ap_scan=0
network={
key_mgmt=IEEE8021X
eap=PEAP
phase2=”auth=MSCHAPv2″
identity=”USER”
password=”PASSWORD”
eapol_flags=0
priority=2
}
#!/bin/ash
killall wpa_supplicant 2>/dev/null
wpa_supplicant -B -D wired -i eth0 -c /etc/802.1x.conf
sleep 5
udhcpc -i eth0
其实最好的是wpa_supplicant不以deamon启动,直接看输出显示认证成功后重新获取IP。
2.lan下dhcp时指定内网的DNS服务器
修改一下/etc/config/dhcp配置文件
在config dhcp lan段添加
list ‘dhcp_option’ ‘6,DNS1,DNS2′
6的含义是
root@OpenWrt:/etc/config# dnsmasq –help dhcp
Known DHCP options:
1 netmask
2 time-offset
3 router
6 dns-server
7 log-server
9 lpr-server
13 boot-file-size
15 domain-name
16 swap-server
17 root-path
18 extension-path
19 ip-forward-enable
20 non-local-source-routing
21 policy-filter
22 max-datagram-reassembly
23 default-ttl
26 mtu
27 all-subnets-local
31 router-discovery
32 router-solicitation
33 static-route
34 trailer-encapsulation
35 arp-timeout
36 ethernet-encap
37 tcp-ttl
38 tcp-keepalive
40 nis-domain
41 nis-server
42 ntp-server
44 netbios-ns
45 netbios-dd
46 netbios-nodetype
47 netbios-scope
48 x-windows-fs
49 x-windows-dm
60 vendor-class
64 nis+-domain
65 nis+-server
66 tftp-server
67 bootfile-name
68 mobile-ip-home
69 smtp-server
70 pop3-server
71 nntp-server
74 irc-server
77 user-class
93 client-arch
94 client-interface-id
97 client-machine-id
119 domain-search
120 sip-server
121 classless-static-route
125 vendor-id-encap
255 server-ip-address