ProHoster > Blog > Utongi > Kutarisisa kure uye manejimendi eLinux/OpenWrt/Lede yakavakirwa zvishandiso kuburikidza nechiteshi 80, yakaenderera

Kutarisisa kure uye manejimendi eLinux/OpenWrt/Lede yakavakirwa zvishandiso kuburikidza nechiteshi 80, yakaenderera

Ichi chikamu chekupedzisira chechinyorwa, heino mavambo habr.com/en/post/445568
Nguva yekupedzisira pandakanyora nezve mashandisiro andakaita yekutarisisa mudziyo, ikozvino tichataura nezve manejimendi. Muhurukuro ne "nyanzvi" kudivi reMutengi, ini ndinowanzo sangana nemaonero mashoma ekugona kwemidziyo midiki yakadai (ine yakaderera ndangariro zviwanikwa uye kuita), vazhinji vanotenda kuti "chakanyanya chatinoda kutumira reboot, kune chimwe chinhu. serious totumira team” .
Asi maitiro anoratidza kuti ichi hachisi chokwadi zvachose. Heino runyoro rudiki rwemabasa akajairika:

  1. Network diagnostics uye kugadzirisa matambudziko. Kuseri kwe ethernet port ye router yako kunowanzo kune chimwe chidimbu chehardware ine yayo yemukati IP kero. Dzimwe nguva, iwe unogona (unofanira) "ping" iyo. Kana mugero manejimendi - kana mugero kamwe kamwe usingasimuke pane router inoshanda kuburikidza ne3G modem, asi isu tinogona kuona iyo router pachayo.
  2. Kugadziriswa kwehurongwa. Firmware update, service script upgrade.
  3. Kuenzanisa chiito. Izvi zvinogona kunzi "kutsveyamisa", asi pfungwa ye "equilibrist" se, ini ndinodzokorora, "kugona kwemutambi wekisikisi kuchengetedza chiyero munzvimbo isina kugadzikana yemuviri" - inokwana zvirinani. Mamiriro ezvinhu akadaro anomuka nekuda kwebhajeti shoma yemutengi. Pazasi apa ndakapa mienzaniso miviri, asi... Izvo hazvina hukama zvakananga nemusoro wenyaya, ndinovaisa muzvinyorwa

Wi-Fi monitoringMusoro wefashoni wemakore mashanu apfuura, kunyanya pakati pe federal retail cheni. Uri kufamba wakasununguka nepasi pekutengesa, uye nharembozha yako ine Wi-Fi yakabatidzwa, mukuyedza "kunamatira" kune imwe tambo yetiweki, inogara ichitumira Probe Chikumbiro mapaketi, anogona kuongororwa kuti averenge. iwe: kangani iwe unouya kuchitoro ichi, nezvikonzero zvipi?unofamba nemigwagwa uye zvichingodaro. Ipapo iyo data inounganidzwa, kuongororwa, kupisa mepu inodhirowa, uye mamaneja "anobira" mari kubva kune manejimendi kana vatengesi vemifananidzo yakadaro. Zvakanaka, ikozvino .... "hapana mari, asi iwe unobata ...", uye chigumisiro (chaiye) chatoda kuratidzwa, rwiyo rwekare rwakanaka runotanga: "Hongu, hongu, saka zvechokwadi isu ichaisa iyo cis nezvose zvaunoda, asi ikozvino tinoda kuratidza Mutengi mhedzisiro! Nenzira, takakanganwa kutaura kuti Mutengi akatibvumira kuti tibatanidze midziyo yedu kune hotspot yake kuburikidza neWi-Fi, asi pane zvakajairika, sekunge isu tiri vatengi vaenzi. " Uye saka isu tinofanirwa kugadzira kuenzanisa ma routers - akati wandei eWiFi subinterfaces anosimudzwa, imwe yacho inonamatira kune hotspot, uye yechipiri inotarisisa nharaunda, neshungu kurodha tcpdump mhedzisiro pachayo, yobva yarongedza zvirimo mufaira mudura uye njodzi. kufa ne "kudyisa" kuyedza kupfira zvirimo paFTP server. Hazvishamisi kuti router yekuenzanisa inowanzo "kuputsika" uye neimwe nzira inofanira "kudzorerwa" kure.

nharaundaZviri nyore kutsanangura mamiriro ezvinhu pano nechinhu chakaita seichi chirevo kubva kumutengi: β€œTinoda kuti pave nedecentralized network yemahotspots ayo anoshanda pamidziyo ine mhando isingazivikanwe pachine nguva, kuburikidza nemachaneli, asi izvo zvatisati taziva. O, isu takakanganwa kutaura, isu hatidi chete kuratidza kushambadzira kune vatengi, asi zvakare kuongorora zvese zvakapoteredza nzvimbo iyo hotspot yakaiswa. Kwete, isu hatizive kuti sei parizvino, asi tichazviongorora, usakahadzika, takakwanisa kuunza zano iri. "

Uye isu hatifanire kukanganwa kuti nekuda kweakawanda ezvaimbozivikanwa mamiriro ezvinhu, kutonga kunofanirwa kuitwa mune zvisiri-yakajairwa mamiriro, kana isu tisingakwanise kubatana kune router zvakananga kuburikidza neIP: chiteshi uye vanomanikidzwa kungomirira basa kubva kwairi. Kana tikazvibvisa pachedu, nhaurirano pakati pesevha nerouter inogona kumiririrwa seizvi:

  • Nzira: Mhoro. Ini ndiri akadaro uye akadaro router, pane chero mabasa kwandiri?
  • Server: router zvakati nezvakati, ndakanyoresa iwe, kuti uri mupenyu. Heino dambudziko: ndiratidze mhedzisiro yeifconfig command?
  • Nzira: Mhoro. Ini ndiri akadaro uye akadaro router, nguva yekupedzisira iwe wakumbira kuratidza mhedzisiro yeifconfig, heino. Pane mamwe mabasa endiri here?
  • Server: router zvakati nezvakati, ndakanyoresa iwe, kuti uri mupenyu. Hapana mabasa ako.

Mubvunzo unonyanya kufadza: sei router iri kure inogona kutumira humwe huwandu hwemashoko? Muchikamu chekupedzisira, ndakatsanangura kuti nekuda kwezviwanikwa zvishoma, iyo router ine chete "yakabviswa-pasi" wget, inoshanda chete kuburikidza neGET uye hapana chimwe chinhu; hapana FTP mutengi kana curl. Kunyanya, isu tinoda nzira yepasirese, zvisinei nemamiriro ekusangana kwemifananidzo. Ndakagara pakushandisa wget. Kunyanya, kuti "ndakamira" sei - ini ndakanga ndisina sarudzo :)

Ingori disclaimerYangu manejimendi mhinduro iri kushanda, haina kuganhurirwa zvakanyanya, uye ndine chokwadi kuti yakakombama, kunyangwe inokodzera vazhinji vevatengi vangu. Ungazviita sei nehungwaru - nyora chidiki chinoshandiswa chinotumira POST binary data kuburikidza nechiteshi 80. Isanganise iyo (iyo yekushandisa) muiyo router firmware uye uwane iyo uchishandisa bash. Asi chokwadi ndechekuti: a) tinoda kukurumidza b) isu tinoda kuita zvese pane iripo "zoo ye routers" c) "usakuvadza!" - kana router iri kushanda uye ichiita mamwe mabasa, edza kuita shanduko dzisingazokanganisa maitiro aripo.

Ngatienderere mberi nekuita. Ngatitii mutengi wako anoda kudzoreredza router kubva ku zabbix zviri nyore uye sezvazviri, ne "tinya mbeva." Nhasi tichatanga kutsanangura kushandiswa neZabbix.
Mu "Administration" -> "Scripts" menyu, wedzera chinyorwa chitsva. Tinozviti "Reboot", pinda "php /usr/share/zabbix/reboot.php {HOST.HOST}" semurairo

Kutarisisa kure uye manejimendi eLinux/OpenWrt/Lede yakavakirwa zvishandiso kuburikidza nechiteshi 80, yakaenderera

Tevere: Menyu "Kutarisisa" -> "Yazvino data" -> "Kurudyi-tinya pane yaunoda network node." Izvi ndizvo zvichange zvakaita menyu mushure mekuwedzera script.

Kutarisisa kure uye manejimendi eLinux/OpenWrt/Lede yakavakirwa zvishandiso kuburikidza nechiteshi 80, yakaenderera
Saizvozvowo, tinoisa reboot.php script mu /usr/share/zabbix directory (yako inogona kunge yakasiyana, ndinoshandisa zabbixa root directory).

Safety DisclaimerKuita kuti tsananguro ijekese mune script, ini ndinongoshandisa router id, asi usashandise password. Hazvikurudzirwe kuita izvi mushanduro yekugadzira! Sei ndakaita izvi: nekuti mubvunzo mukuru ndewekuchengetera mapassword emarouter? Mune zabbixe pachayo mu "inventory data"? Kuita nharo. Neimwe nzira: rambidza kupinda kwekunze kune reboot.php faira pachayo

Faira reboot.php

<?php
	// присваиваСм ΠΏΠ°Ρ€Π°ΠΌΠ΅Ρ‚Ρ€Ρ‹ с консоли ΠΏΠ΅Ρ€Π΅ΠΌΠ΅Π½Π½Ρ‹ΠΌ
	$user = $argv[1];
	// Π’ΠΠ˜ΠœΠΠΠ˜Π•. Π’ΠΎΡ‚ здСсь Π² цСлях бСзопасности всС-Ρ‚Π°ΠΊΠΈ ΠΏΡ€ΠΎΠΏΠΈΡΡ‹Π²Π°Ρ‚ΡŒ ΠΏΠ°Ρ€ΠΎΠ»ΡŒ устройства! Но для дСмонстрации ΠΌΡ‹ Π±ΡƒΠ΄Π΅ΠΌ ΠΎΠ±Ρ€Π°Ρ‰Π°Ρ‚ΡŒΡΡ ΠΊ Π±Π°Π·Π΅ Π΄Π°Π½Π½Ρ‹Ρ… Π±Π΅Π· использования пароля. 
	//$password = $argv[2];
		
	$conn=new mysqli("localhost","db_user","db_password","db_name");
	if (mysqli_connect_errno()) {
		exit();
	}
	$conn->set_charset("utf8");
			
	// "ΠžΡ‚ΠΏΡ€Π°Π²Π»ΡΠ΅ΠΌ" ΠΊΠΎΠΌΠ°Π½Π΄Ρƒ reboot Π·Π° счСт измСнСния поля task Ρ‚Π°Π±Π»ΠΈΡ†Ρ‹ users. Π’ ΠΏΠΎΠ»Π΅ task ΠΌΠΎΠΆΠ½ΠΎ ΠΎΡ‚ΠΏΡ€Π°Π²Π»ΡΡ‚ΡŒ Π»ΡŽΠ±ΡƒΡŽ ΠΊΠΎΠΌΠ°Π½Π΄Ρƒ.
	$sql_users=$conn->prepare("UPDATE users SET task='reboot' WHERE id=? AND status='active';");
	$sql_users->bind_param('s', $user);
	$sql_users->execute();
	$sql_users->close();
?>

Ndizvo zvose. Mubvunzo unoramba wakavhurika: "maitirwo ekuwana mhedzisiro yekuita murairo kubva kumushini." Ngatitarisei basa racho tichishandisa ifconfig command semuenzaniso. Uyu murairo unogona kutumirwa kune mudziyo:

message=`ifconfig`; wget "http://xn--80abgfbdwanb2akugdrd3a2e5gsbj.xn--p1ai/a.php?u=user&p=password!&m=$message" -O /tmp/out.txt

kupi:
meseji = `ifconfig` - Isu tinopa mhedzisiro yeifconfig yekuraira kuburitsa kune iyo $message inosiyana
wget "xn--80abgfbdwanb2akugdrd3a2e5gsbj.xn--p1ai/a.php - yedu a.php script inonyoresa ma routers uye inogamuchira mameseji kubva kwavari
u=mushandisi&p=password!&m=$message - zvitupa uye kukosha kwekusiyana kwekukumbira m - inopa zviri mukati meiyo $message inoshanduka
-O /tmp/out.txt - hatidi kuburitsa kufaira /tmp/out.txt mune iyi kesi, asi kana iyi parameter isina kutaurwa, wget haishande

Sei izvi zvisingashande?Nekuti igomba rinogona kuchengetedza. Chikanganiso chisingakuvadzi chinogona kuitika ndechekuti, semuenzaniso, paine "&" hunhu mukubuda kwekuraira kwako. Naizvozvo, zvinodikanwa kusefa zvese zvese zvinotumirwa kubva kune ma router uye zvese zvinouya kune server. Ehe, ndinonyara, chaizvo. Mukuzvidzivirira kwangu, ndinogona kungonyora kuti chinyorwa chose chakatsaurirwa maitiro ekugadzirisa ma routers ane pre-defined firmware uye nzira dzekukurukurirana dzisina kutsanangurwa mberi.

Zvakanaka, kutanga kweramangwana: Ini handisati ndafunga kuti ndingashandisa sei maturusi e zabbix kuratidza mhedzisiro (semuenzaniso, mhedzisiro yekuita murairo) inouya kune server.

Ndinokuyeuchidza kuti ese masosi anogona kuwanikwa kubva kuGit repository pa: github.com/BazDen/iotnet.online.git

Source: www.habr.com

Voeg