D客户端(中兴802.1X) For OpenWrt

学校用的是中兴802.1X认证,只有通过认证的客户端才能上内网和外网。外网登录天翼校园网才能上网。而官方的中兴802.1X客户端,只能运行在Window平台上,并且不能共享WIFI。因此下决心开发了个OpenWrt版的中兴802.1X客户端,这个客户端不同的是专门为我校写的,所以还带了登录天翼校园网的功能。

源码说明

源码地址:https://gitee.com/zeyes/dclient.git

  • dclient
    D客户端主要代码
  • luci-app-dclient
    D客户端LUCI设置界面
  • po2lmo
    多语言支持(英文+中文)

认证过程

  1. 初始化并读取配置
  2. 进行802.1X认证
  3. 等待获取IP地址
  4. 进行天翼校园网认证
  5. 认证成功后维持登录状态

编译准备

操作系统:Ubuntu 14.04
OpenWrt SDK: OpenWrt SDK 15.05

安装依赖

不同系统,OpenWrt所需的依赖不一样,可在OpenWrt官网找到,我这里给出Ubuntu 14.04的

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
sudo apt-get update
sudo apt-get install git
sudo apt-get install asciidoc bash bc binutils bzip2
sudo apt-get install fastjar flex git-core g++
sudo apt-get install build-essential util-linux gawk
sudo apt-get install libgtk2.0-dev intltool jikespg
sudo apt-get install zlib1g-dev genisoimage genisoimage
sudo apt-get install libncurses5-dev libssl-dev patch
sudo apt-get install perl-modules python2.7-dev rsync ruby sdcc
sudo apt-get install unzip wget gettext xsltproc libboost-dev libboost-tools-dev
sudo apt-get install libxml-parser-perl libusb-dev bin86
sudo apt-get install bcc ecj sharutils openjdk-8-jdk subversion
sudo apt-get install gcc-multilib quilt libglib2.0-dev gperf
sudo apt-get install ccache
sudo apt-get install libcurl4-openssl-dev libpcap-dev
sudo apt-get install libjpeg-dev glibc-doc manpages-posix-dev

安装OpenWrt SDK

SDK的安装其实就是解压,将SDK解压的home目录就可以了,建议将SDK文件夹重命名为openwrt。

更新Feeds

这一步可能容易出错,建议忽略,如果忽略,则编译的时候不会生成依赖ipk,但是依赖ipk可以从如下网址找到:http://archive.openwrt.org/chaos_calmer/15.05.1/ramips/mt7620/packages/

1
2
3
4
5
6
cd openwrt/
./scripts/feeds update -a
./scripts/feeds install -a
# 检查编译环境是否完整
make defconfig
make prereq

将源码放入 OpenWrt

下载源码,并将dclient和luci-app-dclient文件夹放入SDK目录的package文件夹下,如果如果SDK目录是openwrt,那么应该放入openwrt/package文件夹下面。

编译安装po2lmo

1
2
cd po2lmo
sudo make && make install

编译

在SDK根目录下(注意位置),执行命令

1
2
make package/dclient/complie V=s
make package/luci-app-dclient/compile V=s

如果没有出错,那么可以在SDK的bin目录下找到dclient_xxx.ipk和luci-app-dclient_xxx.ipk,将其复制出来。

下载IPK依赖

安装的时候,提示什么就下载什么。
依赖ipk可以从如下网址找到:http://archive.openwrt.org/chaos_calmer/15.05.1/ramips/mt7620/packages/

安装ipk

1
2
3
4
# 安装
opkg install xxx.ipk
# 卸载
opkg remove xxx.ipk

一键安装脚本

百度网盘下载:https://pan.baidu.com/s/1ouBo-FWumKIROtYk2fUhyg 密码:emzl
此脚本是为K2 Pandorabox写的,仅供参考。
将ipk文件夹和k2.sh上传到/tmp目录下,直接执行/tmp/k2.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/bin/sh

export PATH="/usr/bin:/usr/sbin:/bin:/sbin"
. /lib/functions.sh
. /lib/config/uci.sh

Install()
{
local basepath=$(cd `dirname $0`; pwd)
local config_path="/etc/config/dclient"
local dir="${basepath}/ipk/"
local libpolarssl="libpolarssl_*.ipk"
local libcurl="libcurl_*.ipk"
local libpthread="libpthread_*.ipk"
local libstdcpp="libstdcpp_*.ipk"
local libjpeg="libjpeg_*.ipk"
local libpcap="libpcap_*.ipk"
local dclient="dclient_*.ipk"
local luci_app_dclient="luci-app-dclient_*.ipk"
local running
local ipk_conf
local backup_conf

if [ ! -d "$dir" ]; then
echo "安装文件不存在..."
return -1
fi

ipk_conf=$(cat "/etc/opkg.conf" | grep "mispel_24kec")
backup_conf=$(cat "/etc/sysupgrade.conf" | grep "/overlay")

if [ -z "$ipk_conf" ]; then
echo "正在注入ipk配置..."
cat ${dir}arch.txt >> /etc/opkg.conf
fi
if [ -z "$backup_conf" ]; then
echo "正在注入备份配置..."
echo "/overlay" >> /etc/sysupgrade.conf
fi

echo "正在安装依赖文件..."
opkg install ${dir}${libpolarssl}
opkg install ${dir}${libcurl}
opkg install ${dir}${libpthread}
opkg install ${dir}${libstdcpp}
opkg install ${dir}${libjpeg}
opkg install ${dir}${libpcap}


if [ -f $config_path ]; then
echo "正在备份配置文件..."
cp $config_path /tmp/dclient.bak
fi

running=$( ps | grep "dclient -u" | grep -v "grep" )

if [ -n "$running" ]; then
echo "正在停止dclient客户端..."
/etc/init.d/dclient stop
fi

echo "正在安装主程序..."
opkg install ${dir}${dclient}
echo "正在升级客户端界面..."
opkg install ${dir}${luci_app_dclient}


if [ -f "/tmp/dclient.bak" ]; then
echo "正在恢复备份配置文件..."
cp /tmp/dclient.bak $config_path
fi

echo "正在设置定时任务..."
cp -f ${dir}/rm_dclient_log.sh /usr/bin/rm_dclient_log.sh
chmod 755 /usr/bin/rm_dclient_log.sh
sed -i '/rm_dclient_log.sh/d' /etc/crontabs/root
echo "50 5 * * 3,6 sh /usr/bin/rm_dclient_log.sh &" >> /etc/crontabs/root
/etc/init.d/cron reload

echo "正在启动dclient客户端..."
/etc/init.d/dclient start

echo "正在设置硬件加速..."
if [ -f "/etc/config/hwacc" ]; then
rm -f /etc/config/hwacc
fi
touch /etc/config/hwacc
uci add hwacc 'hwnat'
uci set hwacc.@hwnat[0]=hwnat
uci set hwacc.@hwnat[0].enabled='1'
uci set hwacc.@hwnat[0].tcp_offload='1'
uci set hwacc.@hwnat[0].udp_offload='1'
uci set hwacc.@hwnat[0].ipv6_offload='1'
uci set hwacc.@hwnat[0].wifi_offload='1'
uci commit hwacc


# 修复城院二期网络dhcp需要发送mac作为clientid才能获取ip地址的问题
echo "正在修改/lib/netifd/proto/dhcp.sh文件"
sed -i 's/ || clientid="-C"//' /lib/netifd/proto/dhcp.sh

echo "正在修改版本号..."
if [ -f "/etc/openwrt_release" ]; then
rm -f /etc/openwrt_release
touch /etc/openwrt_release
fi
echo -e "DISTRIB_ID=\"DotTimes\"\nDISTRIB_RELEASE=\"17.01\"" >> /etc/openwrt_release
echo -e "DISTRIB_REVISION=\"${ls_date}\"\nDISTRIB_CODENAME=\"17.01\"" >> /etc/openwrt_release
echo "DISTRIB_TARGET=\"ralink/mt7620\"" >> /etc/openwrt_release
echo "DISTRIB_DESCRIPTION=\"DotTimes ${ls_date} (PandoraBox 17.01)\"" >> /etc/openwrt_release
echo "DISTRIB_TAINTS=\"no-all busybox\"" >> /etc/openwrt_release

echo "${ls_date}" > /etc/openwrt_version

return 0
}

echo "start...."
Install
echo "end."
echo "Copyright @2017 Zeyes(lixize8888@qq.com)"

相关固件(已经内置插件):

  1. 斐讯K2固件下载以及配置教程
    固件下载链接:https://pan.baidu.com/s/1tQ2Q9NSxOo_qgJNnLi_NpA 密码:ddo7
    配置教程:https://mp.weixin.qq.com/s/SbD90w2VxaS0uZAYNk-qxg

  2. 斐讯K2P_A1版中兴802.1X固件(内附教程)
    百度网盘:https://pan.baidu.com/s/1qYPuVXa 密码: xti9

  3. 极路由系列
    教程1:http://tieba.baidu.com/p/5335066340
    教程2:https://mp.weixin.qq.com/s/QkRwB4l-1vSyd8OcyWwzHA

  4. 其他
    http://www.right.com.cn/forum/forum.php?mod=viewthread&tid=217137

相关公众号

凌点时代

坚持原创技术分享,您的支持将鼓励我继续创作!