diff --git a/image/hostapd_manager.sh b/image/hostapd_manager.sh index 607bf48d..6faa5d9e 100644 --- a/image/hostapd_manager.sh +++ b/image/hostapd_manager.sh @@ -3,8 +3,22 @@ # STRATUX HOSTAPD MANAGER # ###################################################################### -#Set Script Name variable +#Logging Function SCRIPT=`basename ${BASH_SOURCE[0]}` +STX_LOG="/var/log/stratux.log" +function wLog () { + echo "$(date +"%Y/%m/%d %H:%m:%S") - $SCRIPT - $1" >> $STX_LOG +} +wLog "Running Hostapd Manager Script." + +# files to edit +HOSTAPD=('/etc/hostapd/hostapd.user') + +# values to be added to hostapd.user for security. +HOSTAPD_SECURE_VALUES_DELETE=('auth_algs=1' 'wpa=3' 'wpa_passphrase=' 'wpa_key_mgmt=WPA-PSK' 'wpa_pairwise=TKIP' 'rsn_pairwise=CCMP') + +# 'wpa_passphrase=' was left out of this to set it with the $wifiPass. I assume you can not evaluate a variable from within an array variable +HOSTAPD_SECURE_VALUES_WRITE=('auth_algs=1' 'wpa=3' 'wpa_key_mgmt=WPA-PSK' 'wpa_pairwise=TKIP' 'rsn_pairwise=CCMP') #Initialize variables to default values. OPT_S=false @@ -12,8 +26,7 @@ OPT_C=false OPT_E=false OPT_O=false OPT_P=false -OPT_Q=false -defaultPass="SquawkDirtyToMe!" +wifiPass="SquawkDirtyToMe!" parm="*" err="####" @@ -40,15 +53,14 @@ function HELP { echo "${REV}-s${NORM} --Sets the SSID to ${BOLD}ssid${NORM}. \"-s stratux\"" echo "${REV}-c${NORM} --Sets the channel to ${BOLD}chan${NORM}. \"-c 1\"" echo "${REV}-o${NORM} --Turns off encryption and sets network to open. Cannot be used with -e or -p." - echo "${REV}-e${NORM} --Turns on encryption with passphrase ${BOLD}$defaultPass{NORM}. Cannot be used with -o or -p" + echo "${REV}-e${NORM} --Turns on encryption with passphrase ${BOLD}$wifiPass${NORM}. Cannot be used with -o or -p" echo "${REV}-p${NORM} --Turns on encryption with your chosen passphrase ${BOLD}pass${NORM}. 8-63 Printable Characters(ascii 32-126). Cannot be used with -o or -e. \"-p password!\"" - echo "${REV}-q${NORM} --Run silently. Still a work in progress, but quieter." echo -e "${REV}-h${NORM} --Displays this help message. No further functions are performed."\\n echo -e "Example: ${BOLD}$SCRIPT -s Stratux-N3558D -c 5 -p SquawkDirty!${NORM}"\\n exit 1 } -confirm() { +function confirm() { # call with a prompt string or use a default read -r -p "$1 " response case "$response" in @@ -61,31 +73,40 @@ confirm() { esac } +function cleanhostapd () { + wLog "Cleaning hostapd config at $1" + for j in "${HOSTAPD_SECURE_VALUES_DELETE[@]}" + do + sed -i "/$j/ d" ${1} + done + sed -i '/^\s*$/d' ${1} +} + +function writehostapd () { + wLog "Writing hostapd config at $1" + sed -i '/^\s*$/d' ${1} + echo "" >> ${1} + for j in "${HOSTAPD_SECURE_VALUES_WRITE[@]}" + do + echo "${j}" >> ${1} + done + echo "wpa_passphrase=$wifiPass" >> ${1} +} #apply settings and restart all processes -function APPLYSETTINGSLOUD { +function APPLYSETTINGS { + wLog "Restarting all wifi settings." echo "${RED}${BOLD} $att At this time the script will restart your WiFi services.${WHITE}${NORMAL}" echo "If you are connected to Stratux through the ${BOLD}192.168.10.1${NORMAL} interface then you will be disconnected" - echo "Please wait 1 min and look for the new SSID on your wireless device." + echo "Please wait up to 1 min and look for the new SSID on your wireless device." sleep 3 echo "${YELLOW}$att Restarting Stratux WiFi Services... $att ${WHITE}" - echo "${YELLOW}$att SSH will now disconnect if connected to http://192.168.1.10 ... $att ${WHITE}" - echo "Killing hostapd..." - sleep 2 - /usr/bin/killall -9 hostapd hostapd-edimax - echo "Killed..." - echo "" - echo "Killing DHCP Server..." - echo "" - /usr/sbin/service isc-dhcp-server stop - sleep 0.5 - echo "Killed..." - echo "" + echo "${YELLOW}$att SSH will now disconnect if connected to http://192.168.10.1 ... $att ${WHITE}" echo "ifdown wlan0..." ifdown wlan0 sleep 0.5 echo "ifup wlan0..." - echo "Calling Stratux WiFI Start Script(stratux-wifi.sh)..." + echo "Calling Stratux WiFI Start Script(stratux-wifi.sh) via ifup wlan0..." ifup wlan0 sleep 0.5 echo "" @@ -93,18 +114,6 @@ function APPLYSETTINGSLOUD { echo "All systems should be up and running and you should see your new SSID!" } -function APPLYSETTINGSQUIET { - sleep 2 - /usr/bin/killall -9 hostapd hostapd-edimax - sleep 1 - /usr/sbin/service isc-dhcp-server stop - sleep 0.5 - ifdown wlan0 - sleep 0.5 - ifup wlan0 - sleep 0.5 -} - clear echo "" @@ -112,7 +121,7 @@ echo "#### Stratux HOSTAPD Settings ####" echo "" if [ $(whoami) != 'root' ]; then - echo "${BOLD}${RED}This script must be executed as root, exiting...${WHITE}${NORMAL}" + echo "${BOLD}${RED}This script must be executed as root, Exiting...${WHITE}${NORMAL}" echo "${BOLD}${RED}USAGE${WHITE}${NORMAL}" exit 1 fi @@ -129,13 +138,14 @@ fi #If an option should be followed by an argument, it should be followed by a ":". #Notice there is no ":" after "eoqh". The leading ":" suppresses error messages from #getopts. This is required to get my unrecognized option code to work. -options=':s:c:p:eoqh' +options=':s:c:p:eoh' #options=':s:c:h' while getopts $options option; do case $option in s) #set option "s" if [[ -z "${OPTARG}" || "${OPTARG}" == *[[:space:]]* || "${OPTARG}" == -* ]]; then - echo "${BOLD}${RED}$err No SSID for -s, exiting...${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err No SSID for -s, Exiting...${WHITE}${NORMAL}" + wLog "No SSID for -s, Exiting..." exit 1 else OPT_S=$OPTARG @@ -145,7 +155,8 @@ while getopts $options option; do ;; c) #set option "c" if [[ -z "${OPTARG}" || "${OPTARG}" == *[[:space:]]* || "${OPTARG}" == -* ]]; then - echo "${BOLD}${RED}$err Channel option(-c) used without value, exiting... ${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Channel option(-c) used without value, Exiting... ${WHITE}${NORMAL}" + wLog "Channel option(-c) used without value, Exiting..." exit 1 else OPT_C=$OPTARG @@ -153,7 +164,8 @@ while getopts $options option; do if [[ "$OPT_C" =~ ^[0-9]+$ ]] && [ "$OPT_C" -ge 1 -a "$OPT_C" -le 13 ]; then echo "${GREEN} Channel will now be set to ${BOLD}${UNDR}$OPT_C${WHITE}${NORMAL}." else - echo "${BOLD}${RED}$err Channel is not within acceptable values, exiting...${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Channel is not within acceptable values, Exiting...${WHITE}${NORMAL}" + wLog "Channel is not within acceptable values, Exiting..." exit 1 fi fi @@ -161,26 +173,30 @@ while getopts $options option; do e) #set option "e" with default passphrase if [[ -z "${OPTARG}" || "${OPTARG}" == *[[:space:]]* || "${OPTARG}" == -* ]]; then echo "$parm Encrypted WiFI Option -e used." - OPT_E=$defaultPass + OPT_E=$wifiPass echo "${GREEN} WiFi will be encrypted using ${BOLD}${UNDR}$OPT_E${NORMAL}${GREEN} as the passphrase!${WHITE}${NORMAL}" else - echo "${BOLD}${RED}$err Option -e does not require argument.${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Option -e does not require argument. Exiting...${WHITE}${NORMAL}" + wLog "Option -e does not require argument." exit 1 fi ;; p) #set encryption with user specified passphrase if [[ -z "${OPTARG}" || "${OPTARG}" =~ ^[[:space:]]*$ || "${OPTARG}" == -* ]]; then echo "${BOLD}${RED}$err Encryption option(-p) used without passphrase!${WHITE}${NORMAL}" - echo "${BOLD}${RED}$err Encryption option(-p) required an argument \"-p passphrase\" ${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Encryption option(-p) required an argument \"-p passphrase\". Exiting...${WHITE}${NORMAL}" + wLog "Encryption option(-p) used without passphrase!" else OPT_P=$OPTARG + wifiPass=$OPTARG fi echo "$parm Encryption option -p used:" - if [ -z `echo $OPT_P | tr -d "[:print:]"` ] && [ ${#OPT_P} -ge 8 ] && [ ${#OPT_P} -le 63 ]; then + if [ -z `echo $OPT_P| tr -d "[:print:]"` ] && [ ${#OPT_P} -ge 8 ] && [ ${#OPT_P} -le 63 ]; then echo "${GREEN} WiFi will be encrypted using ${BOLD}${UNDR}$OPT_P${NORMAL}${GREEN} as the passphrase!${WHITE}${NORMAL}" - else - echo "${BOLD}${RED}$err Invalid PASSWORD: 8 - 63 printable characters, exiting...${WHITE}${NORMAL}" - exit 1 + else + echo "${BOLD}${RED}$err Invalid PASSWORD: 8 - 63 printable characters, Exiting...${WHITE}${NORMAL}" + wLog "Invalid PASSWORD: 8 - 63 printable characters, Exiting..." + exit 1 fi ;; o) #set option "o" @@ -189,13 +205,11 @@ while getopts $options option; do echo "${GREEN} WiFi will be set to ${BOLD}${UNDR}OPEN${NORMAL}${GREEN} or ${BOLD}${UNDR}UNSECURE${WHITE}${NORMAL}" OPT_O=true else - echo "${BOLD}${RED}$err Option -o does not require arguement.${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Option -o does not require argument. Exiting...${WHITE}${NORMAL}" + wLog "Option -o does not require argument. Exiting..." exit 1 fi ;; - q) #set Quiet mode - OPT_Q=true - ;; h) #show help HELP ;; @@ -229,25 +243,22 @@ shift $((OPTIND-1)) #This tells getopts to move on to the next argument. #file processing tasks within the while-do loop. if [[ $OPT_O == true && ( $OPT_E != false || $OPT_P != false ) ]]; then - echo "${BOLD}${RED}$err Option -e , -p and -o cannot be used simultaneously ${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Option -e , -p and -o cannot be used simultaneously. Exiting... ${WHITE}${NORMAL}" + wLog "Option -e , -p and -o cannot be used simultaneously." exit 1 fi if [ $OPT_P != false ] && [ $OPT_E != false ]; then - echo "${BOLD}${RED}$err Option -e and -p cannot be used simultaneously ${WHITE}${NORMAL}" + echo "${BOLD}${RED}$err Option -e and -p cannot be used simultaneously. Exiting... ${WHITE}${NORMAL}" + wLog "Option -e and -p cannot be used simultaneously." exit 1 fi echo "" -echo "${BOLD}No errors found. Continuning...${NORMAL}" +echo "${BOLD}No errors found. Continuing...${NORMAL}" echo "" -if [ $OPT_Q == false ]; then - confirm "Are you ready to apply these settings? [y/n]" -fi - -# files to edit -HOSTAPD=('/etc/hostapd/hostapd.user') +confirm "Are you ready to apply these settings? [y/n]" #### #### File modification loop @@ -256,7 +267,9 @@ for i in "${HOSTAPD[@]}" do if [ -f ${i} ]; then echo "Working on $i..." - if [ $OPT_S != false ]; then + wLog "Working on $i..." + if [ $OPT_S != false ]; then + wLog "Writing SSID $OPT_S to file $i" echo "${MAGENTA}Setting ${YELLOW}SSID${MAGENTA} to ${YELLOW}$OPT_S ${MAGENTA}in $i...${WHITE}" if grep -q "^ssid=" ${HOSTAPD[$x]}; then sed -i "s/^ssid=.*/ssid=${OPT_S}/" ${i} @@ -266,6 +279,7 @@ do fi if [ $OPT_C != false ]; then + wLog "Writing channel $OPT_C to file $i" echo "${MAGENTA}Setting ${YELLOW}Channel${MAGENTA} to ${YELLOW}$OPT_C ${MAGENTA}in $i...${WHITE}" if grep -q "^channel=" ${i}; then sed -i "s/^channel=.*/channel=${OPT_C}/" ${i} @@ -274,69 +288,23 @@ do fi fi - if [ $OPT_E != false ]; then - echo "${MAGENTA}Adding WPA encryption with passphrase: ${YELLOW}$OPT_E ${MAGENTA}to $i...${WHITE}" - if grep -q "^#auth_algs=" ${i}; then - #echo "uncommenting wpa" - sed -i "s/^#auth_algs=.*/auth_algs=1/" ${i} - sed -i "s/^#wpa=.*/wpa=3/" ${i} - sed -i "s/^#wpa_passphrase=.*/wpa_passphrase=$OPT_E/" ${i} - sed -i "s/^#wpa_key_mgmt=.*/wpa_key_mgmt=WPA-PSK/" ${i} - sed -i "s/^#wpa_pairwise=.*/wpa_pairwise=TKIP/" ${i} - sed -i "s/^#rsn_pairwise=.*/rsn_pairwise=CCMP/" ${i} - elif grep -q "^auth_algs=" ${i}; then - #echo "rewriting existing wpa" - sed -i "s/^auth_algs=.*/auth_algs=1/" ${i} - sed -i "s/^wpa=.*/wpa=3/" ${i} - sed -i "s/^wpa_passphrase=.*/wpa_passphrase=$OPT_E/" ${i} - sed -i "s/^wpa_key_mgmt=.*/wpa_key_mgmt=WPA-PSK/" ${i} - sed -i "s/^wpa_pairwise=.*/wpa_pairwise=TKIP/" ${i} - sed -i "s/^rsn_pairwise=.*/rsn_pairwise=CCMP/" ${i} - else -# #echo "adding wpa" - echo "" >> ${i} - echo "auth_algs=1" >> ${i} - echo "wpa=3" >> ${i} - echo "wpa_passphrase=$OPT_E" >> ${i} - echo "wpa_key_mgmt=WPA-PSK" >> ${i} - echo "wpa_pairwise=TKIP" >> ${i} - echo "rsn_pairwise=CCMP" >> ${i} - fi + if [ $OPT_E != false ] || [ $OPT_P != false ]; then + wLog "Writing security and setting passphrase to $wifiPass to file $i" + echo "${MAGENTA}Adding WPA encryption with passphrase: ${YELLOW}$wifiPass ${MAGENTA}to $i...${WHITE}" + cleanhostapd $i + writehostapd $i fi + if [ $OPT_O != false ]; then - echo "${MAGENTA}Removing WPA encryption in $i...${WHITE}" - if grep -q "^auth_algs=" ${i}; then - #echo "commenting out wpa" - sed -i "s/^auth_algs=.*/#auth_algs=1/" ${i} - sed -i "s/^wpa=.*/#wpa=3/" ${i} - sed -i "s/^wpa_passphrase=.*/#wpa_passphrase=$defaultPass/" ${i} - sed -i "s/^wpa_key_mgmt=.*/#wpa_key_mgmt=WPA-PSK/" ${i} - sed -i "s/^wpa_pairwise=.*/#wpa_pairwise=TKIP/" ${i} - sed -i "s/^rsn_pairwise=.*/#rsn_pairwise=CCMP/" ${i} - elif grep -q "^#auth_algs=" ${i}; then - #echo "rewriting commented out wpa" - sed -i "s/^#auth_algs=.*/#auth_algs=1/" ${i} - sed -i "s/^#wpa=.*/#wpa=3/" ${i} - sed -i "s/^#wpa_passphrase=.*/#wpa_passphrase=$defaultPass/" ${i} - sed -i "s/^#wpa_key_mgmt=.*/#wpa_key_mgmt=WPA-PSK/" ${i} - sed -i "s/^#wpa_pairwise=.*/#wpa_pairwise=TKIP/" ${i} - sed -i "s/^#rsn_pairwise=.*/#rsn_pairwise=CCMP/" ${i} - else - #echo "adding commented out WPA" - echo "" >> ${i} - echo "#auth_algs=1" >> ${i} - echo "#wpa=3" >> ${i} - echo "#wpa_passphrase=$defaultPass" >> ${i} - echo "#wpa_key_mgmt=WPA-PSK" >> ${i} - echo "#wpa_pairwise=TKIP" >> ${i} - echo "#rsn_pairwise=CCMP" >> ${i} - fi + wLog "Removing WiFi security in file $i" + echo "${MAGENTA}Removing WPA encryption in $i...${WHITE}" + cleanhostapd $i fi echo "${GREEN}Modified ${i}...done${WHITE}" echo "" else - echo "${MAGENTA}No ${i} file found...${WHITE}${NORMAL}" + echo "${MAGENTA}No ${i} file found...${WHITE}${NORMAL}" echo "" fi done @@ -346,11 +314,6 @@ done ### End main loop ### ### Apply Settings and restart all services - -if [ $OPT_Q == false ]; then - APPLYSETTINGSLOUD -else - APPLYSETTINGSQUIET -fi +APPLYSETTINGS exit 0 diff --git a/image/mkimg.sh b/image/mkimg.sh index b8ec6e33..15b3c58f 100755 --- a/image/mkimg.sh +++ b/image/mkimg.sh @@ -43,8 +43,6 @@ cp -f hostapd-edimax.conf mnt/etc/hostapd/hostapd-edimax.conf #hostapd manager script cp -f hostapd_manager.sh mnt/usr/sbin/hostapd_manager.sh chmod 755 mnt/usr/sbin/hostapd_manager.sh -cp -f hostapd_manager_quiet.sh mnt/usr/sbin/hostapd_manager_quiet.sh -chmod 755 mnt/usr/sbin/hostapd_manager_quiet.sh #hostapd cp -f hostapd-edimax mnt/usr/sbin/hostapd-edimax chmod 755 mnt/usr/sbin/hostapd-edimax diff --git a/image/stratux-wifi.sh b/image/stratux-wifi.sh index 5ea6dc5c..c5c67f18 100755 --- a/image/stratux-wifi.sh +++ b/image/stratux-wifi.sh @@ -10,6 +10,13 @@ # common variables DAEMON_USER_PREF=/etc/hostapd/hostapd.user +#Logging Function +SCRIPT=`basename ${BASH_SOURCE[0]}` +STX_LOG="/var/log/stratux.log" +function wLog () { + echo "$(date +"%Y/%m/%d %H:%m:%S") - $SCRIPT - $1" >> ${STX_LOG} +} +wLog "Running Stratux WiFI Script." ##### Function for setting up new file structure for hostapd settings ##### Look for hostapd.user and if found do nothing. @@ -19,8 +26,8 @@ function hostapd-upgrade { DAEMON_CONF=/etc/hostapd/hostapd.conf DAEMON_CONF_EDIMAX=/etc/hostapd/hostapd-edimax.conf HOSTAPD_VALUES=('ssid=' 'channel=' 'auth_algs=' 'wpa=' 'wpa_passphrase=' 'wpa_key_mgmt=' 'wpa_pairwise=' 'rsn_pairwise=') - HOSTAPD_VALUES_RM=('#auth_algs=' '#wpa=' '#wpa_passphrase=' '#wpa_key_mgmt=' '#wpa_pairwise=' '#rsn_pairwise=') + wLog "Moving existing values from $DAEMON_CONF to $DAEMON_USER_PREF if found" for i in "${HOSTAPD_VALUES[@]}" do if grep -q "^$i" $DAEMON_CONF @@ -30,18 +37,12 @@ function hostapd-upgrade { sed -i '/^'"$i"'/d' $DAEMON_CONF_EDIMAX fi done - for i in "${HOSTAPD_VALUES_RM[@]}" - do - if grep -q "^$i" $DAEMON_CONF - then - sed -i '/^'"$i"'/d' $DAEMON_CONF - sed -i '/^'"$i"'/d' $DAEMON_CONF_EDIMAX - fi - done sleep 1 #make sure there is time to get the file written before checking for it again # If once the code above runs and there is still no hostapd.user file then something is wrong and we will just create the file with basic settings. # Any more then this they somebody was messing with things and its not our fault things are this bad + wLog "Rechecking if $DAEMON_USER_PREF exists after moving files." if [ ! -f $DAEMON_USER_PREF ]; then + wLog "File not found. Creating default file. " echo "ssid=stratux" > $DAEMON_USER_PREF echo "channel=1" >> $DAEMON_USER_PREF fi @@ -52,7 +53,9 @@ function hostapd-upgrade { function ap-start { # Preliminaries. Kill off old services. - /usr/bin/killall -9 hostapd hostapd-edimax hostapd-edimax-alt hostapd-edimax-newest + wLog "Killing Hostapd services " + /usr/bin/killall -9 hostapd hostapd-edimax + wLog "Stopping DHCP services " /usr/sbin/service isc-dhcp-server stop #EDIMAX Mac Addresses from http://www.adminsub.net/mac-address-finder/edimax @@ -74,8 +77,9 @@ function ap-start { # Is there an Edimax Mac Address at wlan0 if [[ ${edimaxMac[*]} =~ "$wlan0mac" ]]; then - DAEMON_CONF=/etc/hostapd/hostapd-edimax.conf - DAEMON_SBIN=/usr/sbin/hostapd-edimax + DAEMON_CONF=/etc/hostapd/hostapd-edimax.conf + DAEMON_SBIN=/usr/sbin/hostapd-edimax + wLog "Edimax Dongle found at WLAN0. Using Edimad conf files $DAEMON_SBIN : $DAEMON_CONF" fi #Make a new hostapd or hostapd-edimax conf file based on logic above @@ -83,14 +87,18 @@ function ap-start { ${DAEMON_SBIN} -B ${DAEMON_TMP} - sleep 3 + sleep 2 + + wLog "Restarting DHCP services" /usr/sbin/service isc-dhcp-server start } ##### End Hostapd driver check function ##### #Do we need to upgrade the hostapd configuration files +wLog "Checking if $DAEMON_USER_PREF file exists" if [ ! -f $DAEMON_USER_PREF ]; then + wLog "File not found. Upgrading to new file structure." hostapd-upgrade fi