海运的博客

N1盒子的存储设备是emmc，为了延长emmc的使用寿命尽可能的将读写文件在内存中完成。
修改systemd journald日志存放目录为内存，也就是/run/log目录，限制最大使用内存空间64MB：

sed -i 's/#Storage=auto/Storage=volatile/' /etc/systemd/journald.conf
sed -i 's/#RuntimeMaxUse=/RuntimeMaxUse=64M/' /etc/systemd/journald.conf

然后重新启动systemd-journald服务：

systemctl restart systemd-journald

修改rsyslog日志存放目录为/run/log：

sed -i 's/\/var\/log/\/run\/log/g' /etc/rsyslog.d/50-default.conf

修改rsyslog运行用户为root，不然/run/log没写入权限：

sed 's/PrivDropToUser syslog/PrivDropToUser root/' /etc/rsyslog.conf  
sed 's/PrivDropToUser syslog/PrivDropToGroup root/' /etc/rsyslog.conf 

然后重启rsyslog即可：

systemctl restart rsyslog

修改nginx日志目录：

sed -i 's/\/var\/log/\/run\/log/g' /etc/nginx/nginx.conf
mkdir /run/log/nginx
systemctl restart nginx

修改php-fpm日志目录：

sed -i 's/\/var\/log/\/run\/log/g' /etc/php/7.2/fpm/php-fpm.conf
systemctl restart php7.2-fpm

cups修改日志目录：

sed -i 's/\/var\/log/\/run\/log/g' /etc/cups/cups-files.conf
mkdir /run/log/cups
systemctl restart cups

samba修改配置文件日志目录：

log file = /run/log/samba/log.%m
max log size = 50 

mkdir /run/log/samba
systemctl restart smbd

添加个开机启动脚本在启动时创建/run/log目录下nginx cups samba目录。

cat /lib/systemd/system/mklogdir.service
[Unit]
Description=mklogdir
Before=network.target

[Service]
Type=oneshot
ExecStart=/usr/bin/mklogdir.sh

[Install]
WantedBy=multi-user.target

修改日志轮询logrotate：

sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/cups-daemon 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/nginx 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/php7.2-fpm 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/rsyslog 
sed -i 's/\/var\/log/\/run\/log/g' /etc/logrotate.d/samba 

tincvpn
ZeroTier
n2n
tailscale
nebula
VpnCloud

git clone https://github.com/yedf/handy.git
yum install make gcc-c++ -y
cd handy/
./build_config 
make && make install

服务端执行：

#启动1个进程监听端口10000到20000，管理端口20001
ulimit -SHn 65535
./10m/10m-svr 10000 20000 1 20001

客户端执行：

#启动1个进程在100秒内发起10000连接，远程端口10000到20000，每10秒发送心跳包64字节。
ulimit -SHn 65535
./10m/10m-cli www.haiyun.me 10000 20000 10000 100 1 10 64 20001

过一段时间后在服务端查看connected数和closed数，客户端查看connected和retry：

客户端：
pid: 405390 connected  10000 retry      0 sended 743275 recved 743075
服务器端：
pid:  25222 connected  10002 closed:    7 recved 413675

参考：
https://zhuanlan.zhihu.com/p/21378825

telnet账号：root密码：Zte521
通过telnet登录输入以下命令查看：

sendcmd 1 DB p DevAuthInfo
#sendcmd 1 DB p UserInfo

超级用户登录地址：http://192.168.1.1/cu.html
Openwrt路由下访问光猫web：https://www.haiyun.me/archives/openwrt-modem-web.html

通过dnspod api实现动态ddns更新ip，ipv4和ipv6支持，shell脚本如下：

#!/bin/bash
token="www.haiyun.me"
domain="haiyun.me"
if which jq > /dev/null; then
  json="jq"
elif which jsonfilter > /dev/null; then
  json="jsonfilter"
else
  echo 'please install jq or jsonfilter'
  exit
fi
if ! which curl > /dev/null || ! which curl > /dev/null; then
  echo 'please install curl and grep'
  exit
fi
if [[ $1 == "list" ]]; then
  curl -s -d "login_token=$token&format=json&domain=$domain" "https://dnsapi.cn/Record.List" | jq -r -M '.records[]|.name + "\t\t " + .type + "\t\t " + .value'
  exit
fi
if [[ $1 == "delete" ]]; then
  if [[ ! $3 || ! $2 ]]; then
    echo 'use ddns.sh delete name type'
    exit
  fi
  id=$(curl -s -d "login_token=$token&format=json&domain=$domain" "https://dnsapi.cn/Record.List" | jq -r -e ".records | .[] | select(.name == \"$2\" and .type == \"${3^^}\")|.id")
  if [[ $id ]]; then
    if curl -s -d "login_token=$token&format=json&domain=$domain&record_id=$id" https://dnsapi.cn/Record.Remove | grep -q '"code":"1"'; then
      echo "sus"
    fi
  else
    echo 'no record'
  fi
  exit
fi
if [[ ! $1 || ! $2 ]]; then
  echo 'use ddns.sh name ip'
  echo 'use ddns.sh list'
  echo 'use ddns.sh delete name type'
  exit
fi
name=$1
new_ip=$2
if [[ $new_ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
  #sleep 10
  #curl http://192.168.168.6/announce.php --silent --output /dev/null
  record_type='A'
  echo 'ipv4'
elif [[ $new_ip =~ ^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$ ]]; then
  echo 'ipv6'
  record_type='AAAA'
else
  echo "invalid IP address $new_ip"
  #logger -t ddns "invalid IP address $new_ip"
  exit
fi
curl -s -d "login_token=$token&format=json&domain=$domain" "https://dnsapi.cn/Record.List" -o /tmp/dns.txt
if ! grep -q '"code":"1"' /tmp/dns.txt; then
  echo 'get record list error'
  exit
fi

if [[ $record_type == "AAAA" ]]; then
  if [[ $json == "jq" ]]; then
    id=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"AAAA\")|.id" /tmp/dns.txt)
    ip=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"AAAA\")|.value" /tmp/dns.txt)
  else
    ip=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='AAAA'].value")
    id=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='AAAA'].id")
  fi
elif [[ $record_type == "A" ]]; then
  if [[ $json == "jq" ]]; then
    id=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"A\")|.id" /tmp/dns.txt)
    ip=$(jq -r -e ".records | .[] | select(.name == \"$name\" and .type == \"A\")|.value" /tmp/dns.txt)
  else
    ip=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='A'].value")
    id=$(jsonfilter -i /tmp/dns.txt -e "@.records[@.name='$name'&&@.type='A'].id")
  fi
fi
#echo $name;
#echo $id;
#echo $ip;
#echo $new_ip;
if [[ $ip == $new_ip ]]; then
  echo 'no update needed'
  exit
fi
if [[ $id ]]; then
  echo "mod ip"
  if curl -s -d "login_token=$token&format=json&domain=$domain&record_id=$id&value=$new_ip&record_type=$record_type&record_line_id=0&sub_domain=$name" https://dnsapi.cn/Record.Modify | grep -q '"code":"1"'; then
    echo "sus"
  fi
else
  echo "add ip"
  if curl -s -d "login_token=$token&format=json&domain=$domain&sub_domain=$name&record_type=$record_type&record_line_id=0&value=$new_ip" https://dnsapi.cn/Record.Create | grep -q '"code":"1"'; then
    echo "sus"
  fi
fi

在/lib/netifd/ppp-up文件内调用上面的脚本，当pppoe网络连接成功时会执行此文件，$4变量为pppoe连接的本地IP。

/usr/bin/update-ip.sh name $4 > /dev/null 2>&1 &

pppoe只能传递公网ipv4，使用ifstatus可获取pppoe接口ipv6地址和分配内网的ipv6前缀，根据mac生成的ipv6后缀可为内网其它机器做ddns。

ifstatus wan_6
ifstatus wan
ubus call network.interface dump
jsonfilter -i /tmp/wan6.txt -e '@["ipv6-prefix"][0].address'
jsonfilter -i /tmp/wan6.txt -e '@["ipv6-address"][0].address' 

PHP版本：
https://www.haiyun.me/archives/1186.html