最近遇到比较烦恼的事情是隔壁需要借助自家Wifi,但是对方老是不小心将手机上的东西投射到我家的电视上,很是烦恼。
萌生了隔离网段的想法,上网淘资料。
在命令行下执行以下脚本。
以下脚本在openwrt路由器上创建一个SSID为Guest-WIFI的访客网络,该网不设置安全检查,能访问外网,但不能访问家庭网络上的资源。
- ## Add a guest network
- uci set network.guest=interface
- uci set network.guest.type=bridge
- uci set network.guest.proto=static
- uci set network.guest.ipaddr=192.168.11.1 //你设置的网段,不要与当前网络同一段
- uci set network.guest.netmask=255.255.255.0
- ## Set DHCP for guest network
- uci set dhcp.guest=dhcp
- uci set dhcp.guest.interface=guest
- uci set dhcp.guest.start=100
- uci set dhcp.guest.limit=150
- uci set dhcp.guest.leasetime=12h
- ## Add a Guest AP
- uci add wireless wifi-iface
- uci set wireless.@wifi-iface[1].network=guest
- uci set wireless.@wifi-iface[1].device=radio0 //此处不同的路由器会不一样,注意区分,写错会生成失败。
- uci set wireless.@wifi-iface[1].mode=ap
- uci set wireless.@wifi-iface[1].encryption=none
- uci set wireless.@wifi-iface[1].ssid=Guest-WIFI //可以自己定义
- ## Add a guest zone
- uci set firewall.guest=zone
- uci set firewall.guest.name=guest
- uci set firewall.guest.network=guest
- uci set firewall.guest.input=ACCEPT
- uci set firewall.guest.output=ACCEPT
- uci set firewall.guest.forward=ACCEPT
- ## Allow forwarding from guest to wan
- uci set firewall.guest2wan=forwarding
- uci set firewall.guest2wan.src=guest
- uci set firewall.guest2wan.dest=wan
- ## Allow forwarding from lan to guest
- uci set firewall.lan2guest=forwarding
- uci set firewall.lan2guest.src=lan
- uci set firewall.lan2guest.dest=guest
- ## Apply changes
- uci commit //保存应用
- /etc/init.d/network restart //重启路由
0 条评论
沙发空缺中,还不快抢~