海运的博客

rsync使用参数：

-v #详细输出
-i #显示差异
-n/--dry-run #仅测试，配合-i对比目录差异
-a #相当于-rlptgoD，-D相当于--devices和--specials
-r #递归目录
-l #链接文件
-p #同步文件权限
-t #同步修改时间
-g #同步所有者
-o #同步用户组
--devices #同步设备文件
--specials #同步特殊文件，如socket
--delete #删除目标目录在源目录不存在的文件，相当于mirror。
--progress #显示进度和速度
--ignore-existing #不同步目标已存在的文件
--preallocate #预先分配空间，减少碎片
-c #通过文件校验判断差异，默认使用文件大小和修改时间判断差异

对比目录差异：

rsync -n -a -i -v src/ dst/

仅使用文件大小对比差异：

rsync -n -r -i -v --size-only src/ dst/

rsync显示差异格式解读：
https://stackoverflow.com/questions/4493525/what-does-f-mean-in-rsync-logs
https://stackoverflow.com/questions/1113948/rsync-output
https://download.samba.org/pub/rsync/rsync.1

使用rclone同步及比较目录差异：

#默认使用时间和大小对比
rclone sync --dry-run src/ dst/ 
--checksum #使用文件hash对比

#默认使用文件大小和hash对比
rclone check src/ dst/
--size-only #仅使用文件大小对比

https://forum.rclone.org/t/how-to-utilize-mod-time-and-size-instead-checksums-during-sync-and-check/14020/10

当samba遇到windows上不能作为文件名的字符时会将文件名转换为8.3 format，可以禁用文件名转换并将不合适的字符转换为windows可用的文件名。

#可查看ASCII码表hex值
catia:mappings = 0x22:0xa8,0x2a:0xa4,0x2f:0xf8,0x3a:0xf7,0x3c:0xab,0x3e:0xbb,0x3f:0xbf,0x5c:0xff,0x7c:0xa6
mangled names = no
vfs objects = catia

参考：
https://www.oreilly.com/openbook/samba/book/ch05_04.html
https://unix.stackexchange.com/questions/299130/samba-how-to-display-files-with-colon-in-their-names
https://www.samba.org/samba/docs/current/man-html/vfs_catia.8.html
https://lwp.interglacial.com/appf_01.htm

为了安全将物联网设备单独使用一个网段和本地网络隔离，这样基于mdns协议的发现应用就不能使用了，如电视投屏、打印机等，可以使用mDNS Reflector来中继两个网段的mdns。
编译方法参考：k2p交叉编译smartdns/openssl

/usr/local/bin/mdns-reflector -n br-lan br-robot br-guest

路由配置iptables防火墙允许udp 5353入，并允许本地网络访问电视所在的网络：

iptables -A INPUT -i br-robot -p udp --dport 5353 -j ACCEPT
iptables -A FORWARD -i br-lan -j ACCEPT
iptables -A FORWARD -i robot -o br-lan -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

有一应用需动态更新目标的ip和端口，使用nginx/openresty tcp/udp端口转发配合lua扩展很方便实现。

stream {
    lua_shared_dict ups_dict 1m;
    lua_shared_dict ups_list 1m;
    lua_add_variable $ups_name;
    #当nginx启动或reload时读取配置文件内upstream列表到lua_shared_dict，更新后端的时候判断是否有效
    init_by_lua_block {
       ngx.shared.ups_list:flush_all()
       local file = "/etc/nginx/stream.conf"
       local f = io.open(file, "r")
       local content = f:read("*a")
       f:close()
       for substr in string.gmatch(content, "upstream%s+([%w-_]+)%s+%{") do
           ngx.log(ngx.WARN, substr)
           ngx.shared.ups_list:set(substr, 1)
       end
    }
  
    log_format main '$remote_addr [$time_local] '
                    '$protocol $status $bytes_sent $bytes_received '
                    '$session_time "$upstream_addr" '
                    '"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
    access_log /run/log/nginx/dns_access.log main;
    error_log  /run/log/nginx/dns_error.log error;
    #log level: debug, info, notice, warn, error (default), crit, alert, and emerg.

    upstream default_tcp {
        server 127.0.0.1:53;
        server 127.0.0.1:55;
    }
    upstream default_udp {
        server 10.0.1.1:53;
        server 10.0.2.1:53;
    }
    upstream default_udp2 {
        server 10.0.3.1:53;
        server 10.0.3.2:53;
    }
    upstream test1_tcp {
        server 127.0.0.1:53;
    }
    upstream test1_udp {
        server 10.0.1.1:53;
    }
    upstream test1_udp2 {
        server 10.0.3.2:53;
    }
    upstream test2_tcp {
        server 127.0.0.1:55;
    }
    upstream test2_udp {
        server 10.0.2.1:53;
    }
    upstream test2_udp2 {
        server 10.0.3.1:53;
    }

    server {
        listen     53000 udp;
        preread_by_lua_block {
            assert(not ngx.var.ups_name)
            local ups = ngx.shared.ups_dict:get("ups_name")
            if ups ~= nil then
                ngx.log(ngx.WARN, "udp 53000 use " .. ups .. " upstream")
                ngx.var.ups_name = ups .. "_udp"
            else
                ngx.log(ngx.WARN, "udp 53000 use default upstream")
                ngx.var.ups_name = "default_udp"
            end
        }
        proxy_pass $ups_name;
        proxy_responses 1; #当返回一个udp数据包时就关闭连接，或proxy_timeout时间内无数据关闭连接
        proxy_connect_timeout 1s;
        proxy_timeout 5s;
    }
    server {
        listen     53000;
        preread_by_lua_block {
            assert(not ngx.var.ups_name)
            local ups = ngx.shared.ups_dict:get("ups_name")
            if ups ~= nil then
                ngx.log(ngx.WARN, "tcp 53000 use " .. ups .. " upstream")
                ngx.var.ups_name = ups .. "_tcp"
            else
                ngx.log(ngx.WARN, "tcp 53000 use default upstream")
                ngx.var.ups_name = "default_tcp"
            end
        }
        proxy_pass $ups_name;
        #proxy_responses 1; #当返回一个udp数据包时就关闭连接，或proxy_timeout时间内无数据关闭连接
        proxy_connect_timeout 1s;
        proxy_timeout 5s;
    }
    server {
        listen     53001 udp;
        preread_by_lua_block {
            assert(not ngx.var.ups_name)
            local ups = ngx.shared.ups_dict:get("ups_name")
            if ups ~= nil then
                ngx.log(ngx.WARN, "udp 53001 use " .. ups .. " upstream")
                ngx.var.ups_name = ups .. "_udp2"
            else
                ngx.log(ngx.WARN, "udp 53001 use default upstream")
                ngx.var.ups_name = "default_udp2"
            end
        }
        proxy_pass $ups_name;
        proxy_responses 1; #当返回一个udp数据包时就关闭连接，或proxy_timeout时间内无数据关闭连接
        proxy_connect_timeout 1s;
        proxy_timeout 5s;
    }


    server {
        listen 53001;

        content_by_lua_block {
            local sock = assert(ngx.req.socket(true))
            local data = sock:receive()
            local args, err = ngx.decode_args(data, 0)
            if err == nil then
                for k,v in pairs(args) do
                    --ngx.say(v)
                    ip = v:match("(%d+%.%d+%.%d+%.%d+%:%d+)")
                    if ip ~= nil then
                        local sus, err = ngx.shared.ups_dict:set(k, ip)
                        if sus then
                            ngx.say("set upstream sus: " .. k .. "=" .. ip)
                        else
                            ngx.say(err)
                        end
                    end
                end
            end
        }
        access_log off;
    }
    server {
        listen 53002;

        content_by_lua_block {
            local sock = assert(ngx.req.socket(true))
            local data = sock:receive()
            if data then
                local args, err = ngx.decode_args(data, 0)
                if err == nil then
                    for k,v in pairs(args) do
                        --ngx.say(v)
                        --if k == "name" and type(v) == "string" and v:find("dns") then
                        if k == "name" and type(v) == "string" and ngx.shared.ups_list:get(v .. "_udp")  then
                            local sus, err = ngx.shared.ups_dict:set("ups_name", v)
                            if sus then
                                ngx.say("set upstream sus: " .. k .. "=" .. v)
                                ngx.log(ngx.WARN, "set upstream sus: " .. k .. "=" .. v)
                            else
                                ngx.say(err)
                            end
                        end
                    end
                end
            end
        }
        access_log off;
    }
}

使用nc测试设置nginx转发使用的后端upstream名称：

nc 127.0.0.1 53002
name=test1
set upstream sus: name=test1

也可通过53001端口设置目标ip:port，然后proxy_pass即可。
参考：
https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/balancer.md
https://xiangxianzui.github.io/2017/11/nginx-lua%E5%8A%A8%E6%80%81%E6%94%B9%E5%8F%98upstream/

先在配置文件内禁用ipv6 dhcp服务：

/etc/config/dhcp 
config dhcp 'lan'
        option interface 'lan'
        option start '150'
        option limit '100'
        option leasetime '12h'
        option ra 'disabled'
        option dhcpv6 'disabled'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

关闭odhcpd:

/etc/init.d/odhcpd stop
/etc/init.d/odhcpd disable

修改dnsmasq配置文件开启ra服务：

/etc/dnsmasq.conf 
enable-ra
dhcp-range=::,constructor:br-lan,ra-only
#其它slaac ra-stateless等参考man文档

只想通过ipv4查询dns，下面patch让dnsmasq无状态分配ip时候不包含RDNSS，这样客户端只配置ipv4 dns而不配置ipv6 dns。

diff -urN dnsmasq-2.86/src/radv.c dnsmasq-2.86-bak/src/radv.c
--- dnsmasq-2.86/src/radv.c     2021-09-09 04:21:22.000000000 +0800
+++ dnsmasq-2.86-bak/src/radv.c 2022-01-23 11:57:01.818963642 +0800
@@ -507,7 +507,7 @@
        }
     }
 
-  if (daemon->port == NAMESERVER_PORT && !done_dns && parm.link_pref_time != 0)
+  if ( 0 && daemon->port == NAMESERVER_PORT && !done_dns && parm.link_pref_time != 0)
     {
       /* default == us, as long as we are supplying DNS service. */
       put_opt6_char(ICMP6_OPT_RDNSS);

odhcpd新版本参数dns_service也可实现此需求，不使用dhcpv6可尝试使用ra_dns参数关闭ra dns？
再次开启ipv6 dns服务，如果有配置dhcp6 dns服务器，dnsmasq会将其设置为RDNSS:

dhcp-option=option6:dns-server,[xxxx:xxxx:xxxx:xxxx::1]