#!/bin/bash
# 软路由配置脚本
# 作者: 自动生成
# 描述: 将Ubuntu配置为软路由,提供DHCP和DNS服务
set -e
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 日志函数
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[SUCCESS]${NC} $1"
}
log_warning() {
echo -e "${YELLOW}[WARNING]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# 检查root权限
check_root() {
if [[ $EUID -ne 0 ]]; then
log_error "此脚本需要root权限,请使用sudo运行"
exit 1
fi
}
# 显示当前网络接口
show_interfaces() {
log_info "当前网络接口列表:"
ip link show | grep -E '^[0-9]+:' | awk -F: '{print $2}' | tr -d ' '
}
# 安装必要软件
install_packages() {
log_info "安装必要软件包..."
apt update
# 检查并安装软件包
local packages=("dnsmasq" "iptables-persistent" "netfilter-persistent")
for pkg in "${packages[@]}"; do
if ! dpkg -l | grep -q "^ii $pkg "; then
apt install -y "$pkg"
else
log_info "$pkg 已安装"
fi
done
}
# 配置网络接口
configure_interfaces() {
local wan_if="$1"
local lan_if="$2"
log_info "配置网络接口..."
# 备份原始配置文件
if [[ -f /etc/netplan/01-netcfg.yaml ]]; then
cp /etc/netplan/01-netcfg.yaml /etc/netplan/01-netcfg.yaml.backup
fi
# 创建netplan配置
cat > /etc/netplan/99-soft-router.yaml << EOF
network:
version: 2
renderer: networkd
ethernets:
${wan_if}:
dhcp4: true
optional: true
${lan_if}:
addresses: [192.168.100.1/24]
dhcp4: no
dhcp6: no
EOF
# 应用网络配置
netplan apply
log_success "网络接口配置完成"
}
# 配置DHCP和DNS服务
configure_dnsmasq() {
local lan_if="$1"
log_info "配置dnsmasq服务..."
# 备份原始配置
cp /etc/dnsmasq.conf /etc/dnsmasq.conf.backup 2>/dev/null || true
# 创建dnsmasq配置
cat > /etc/dnsmasq.conf << EOF
# 基本配置
interface=${lan_if}
bind-interfaces
# DHCP配置
dhcp-range=192.168.100.100,192.168.100.200,255.255.255.0,24h
dhcp-option=3,192.168.100.1
dhcp-option=6,192.168.100.1
# DNS配置
cache-size=1000
local=/lan/
domain=lan
# 其他配置
log-dhcp
log-queries
EOF
# 重启dnsmasq服务
systemctl enable dnsmasq
systemctl restart dnsmasq
log_success "dnsmasq配置完成"
}
# 配置IP转发和NAT
configure_nat() {
local wan_if="$1"
local lan_if="$2"
log_info "配置IP转发和NAT..."
# 启用IP转发
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
sysctl -p
# 清除现有规则
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -X
# 设置默认策略
iptables -P INPUT ACCEPT
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# 允许已建立的连接
iptables -A FORWARD -i ${wan_if} -o ${lan_if} -m state --state RELATED,ESTABLISHED -j ACCEPT
# 允许LAN到WAN的转发
iptables -A FORWARD -i ${lan_if} -o ${wan_if} -j ACCEPT
# 设置NAT
iptables -t nat -A POSTROUTING -o ${wan_if} -j MASQUERADE
# 保存iptables规则
netfilter-persistent save
log_success "NAT和IP转发配置完成"
}
# 显示配置信息
show_config() {
local wan_if="$1"
local lan_if="$2"
echo
log_success "软路由配置完成!"
echo "=========================================="
log_info "WAN口 (校园网): ${wan_if}"
log_info "LAN口 (路由器): ${lan_if}"
log_info "LAN网段: 192.168.100.0/24"
log_info "网关地址: 192.168.100.1"
log_info "DHCP范围: 192.168.100.100-192.168.100.200"
echo "=========================================="
echo
log_info "当前网络状态:"
ip addr show ${wan_if}
echo
ip addr show ${lan_if}
echo
log_info "检查服务状态: systemctl status dnsmasq"
}
# 主函数
main() {
clear
echo "=========================================="
echo " Ubuntu 软路由配置脚本"
echo "=========================================="
echo
check_root
# 显示可用接口
show_interfaces
echo
# 获取用户输入
read -p "请输入连接校园网的接口名称 (WAN口): " wan_interface
read -p "请输入连接路由器的接口名称 (LAN口): " lan_interface
# 验证接口是否存在
if ! ip link show "$wan_interface" &>/dev/null; then
log_error "接口 $wan_interface 不存在!"
exit 1
fi
if ! ip link show "$lan_interface" &>/dev/null; then
log_error "接口 $lan_interface 不存在!"
exit 1
fi
if [[ "$wan_interface" == "$lan_interface" ]]; then
log_error "WAN口和LAN口不能相同!"
exit 1
fi
log_warning "此操作将修改网络配置,继续吗? (y/N)"
read -r confirm
if [[ ! $confirm =~ ^[Yy]$ ]]; then
log_info "操作已取消"
exit 0
fi
# 执行配置步骤
install_packages
configure_interfaces "$wan_interface" "$lan_interface"
configure_dnsmasq "$lan_interface"
configure_nat "$wan_interface" "$lan_interface"
show_config "$wan_interface" "$lan_interface"
log_success "配置完成! 请将路由器的WAN口连接到 $lan_interface"
log_info "注意: 校园网可能需要额外的认证步骤"
}
# 帮助信息
show_help() {
echo "使用说明:"
echo " $0 # 交互式配置"
echo " $0 --help # 显示此帮助信息"
echo
echo "配置前请确保:"
echo "1. 校园网接口已连接校园网"
echo "2. 路由器已设置为AP模式"
echo "3. 路由器WAN口连接到指定的LAN接口"
echo "4. 有root权限执行此脚本"
}
# 参数处理
case "${1:-}" in
-h|--help)
show_help
exit 0
;;
*)
main
;;
esac
我用的系统是Ubuntu-2204
首先你要开启内核的ipv4转发,这个问下ai,我没有记录,随后以下脚本进行运行
#!/bin/bash
# quick-setup-softrouter.sh - 快速配置脚本
set -e
# 配置参数 - 在这里修改接口名称!
WAN_INTERFACE="enp1s0" # 修改为连接校园网的接口
LAN_INTERFACE="enp3s0" # 修改为连接路由器的接口
echo "开始配置软路由..."
echo "WAN口: $WAN_INTERFACE"
echo "LAN口: $LAN_INTERFACE"
# 下载主脚本(如果还没有的话)
if [[ ! -f netset.sh ]]; then
echo "请确保主脚本 setup-softrouter.sh 存在"
exit 1
fi
# 执行配置
sudo ./netset.sh <<EOF
$WAN_INTERFACE
$LAN_INTERFACE
y
EOF记得改网卡名称
如果你的工控机有多个网口想多拓展几个就用一下
#!/bin/bash
# ==========================================
# 软路由修复与双LAN口配置脚本
# 功能: 修复 dnsmasq 报错,配置 LAN1(100.x) 和 LAN2(101.x)
# ==========================================
set -e
# --- 颜色定义 ---
GREEN='\033[0;32m'
BLUE='\033[0;34m'
RED='\033[0;31m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
# 1. 检查 Root
if [[ $EUID -ne 0 ]]; then
log_error "请使用 sudo 运行此脚本"
exit 1
fi
# 2. 显示接口信息
clear
echo "------------------------------------------"
echo "正在扫描可用网络接口..."
ip link show | grep -E '^[0-9]+:' | awk -F: '{print $2}' | tr -d ' ' | grep -v "lo" | xargs echo "系统发现接口:"
echo "------------------------------------------"
echo "请根据你的实际连线输入接口名称:"
echo
# 3. 获取用户输入
read -p "请输入 WAN 口 (连外网/校园网): " wan_if
read -p "请输入 LAN1 口 (连无线路由器): " lan1_if
read -p "请输入 LAN2 口 (连你的电脑): " lan2_if
# 简单的防呆检查
if [[ -z "$wan_if" || -z "$lan1_if" || -z "$lan2_if" ]]; then
log_error "接口名称不能为空!"
exit 1
fi
if [[ "$wan_if" == "$lan1_if" || "$wan_if" == "$lan2_if" || "$lan1_if" == "$lan2_if" ]]; then
log_error "接口名称不能重复!"
exit 1
fi
# 4. 生成 Netplan 配置 (修复网络层)
log_info "正在重写 Netplan 配置 (删除错误的 bridge)..."
# 清理旧的配置文件,防止冲突
rm -f /etc/netplan/*.yaml
rm -f /etc/netplan/*.yml
cat > /etc/netplan/99-soft-router.yaml << EOF
network:
version: 2
renderer: networkd
ethernets:
${wan_if}:
dhcp4: true
optional: true
${lan1_if}:
addresses: [192.168.100.1/24]
dhcp4: no
dhcp6: no
${lan2_if}:
addresses: [192.168.101.1/24]
dhcp4: no
dhcp6: no
EOF
chmod 600 /etc/netplan/99-soft-router.yaml
log_info "应用网络配置..."
netplan apply
log_success "网络接口已重新配置。"
# 5. 生成 Dnsmasq 配置 (修复服务层)
log_info "正在重写 Dnsmasq 配置..."
cat > /etc/dnsmasq.conf << EOF
# --- 监听接口 (双LAN) ---
interface=${lan1_if}
interface=${lan2_if}
bind-interfaces
# --- LAN1 (路由器) 192.168.100.x ---
dhcp-range=interface:${lan1_if},192.168.100.100,192.168.100.200,255.255.255.0,24h
dhcp-option=interface:${lan1_if},3,192.168.100.1
dhcp-option=interface:${lan1_if},6,192.168.100.1
# --- LAN2 (电脑) 192.168.101.x ---
dhcp-range=interface:${lan2_if},192.168.101.100,192.168.101.200,255.255.255.0,24h
dhcp-option=interface:${lan2_if},3,192.168.101.1
dhcp-option=interface:${lan2_if},6,192.168.101.1
# --- 通用优化 ---
cache-size=10000
no-resolv
server=223.5.5.5
server=114.114.114.114
local=/lan/
domain=lan
EOF
log_info "重启 Dnsmasq 服务..."
systemctl restart dnsmasq
# 检查服务状态
if systemctl is-active --quiet dnsmasq; then
log_success "Dnsmasq 服务修复成功,正在运行!"
else
log_error "Dnsmasq 启动失败,请检查配置文件。"
systemctl status dnsmasq --no-pager
exit 1
fi
# 6. 更新防火墙规则 (确保两个口都能上网)
log_info "更新防火墙转发规则..."
# 清除旧规则 (防止规则打架)
iptables -F
iptables -t nat -F
iptables -P FORWARD DROP
# 允许 WAN 伪装 (NAT)
iptables -t nat -A POSTROUTING -o ${wan_if} -j MASQUERADE
# 允许 LAN1 -> WAN
iptables -A FORWARD -i ${lan1_if} -o ${wan_if} -j ACCEPT
# 允许 LAN2 -> WAN
iptables -A FORWARD -i ${lan2_if} -o ${wan_if} -j ACCEPT
# 允许 WAN -> LAN (已建立连接)
iptables -A FORWARD -i ${wan_if} -o ${lan1_if} -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i ${wan_if} -o ${lan2_if} -m state --state RELATED,ESTABLISHED -j ACCEPT
# 允许 LAN1 <-> LAN2 互访 (可选,方便你管理路由器)
iptables -A FORWARD -i ${lan1_if} -o ${lan2_if} -j ACCEPT
iptables -A FORWARD -i ${lan2_if} -o ${lan1_if} -j ACCEPT
# 保存规则
netfilter-persistent save
echo
echo "=========================================="
log_success "修复并配置完成!"
echo "=========================================="
echo "LAN1 (${lan1_if}): 接无线路由器 -> IP段 192.168.100.x"
echo "LAN2 (${lan2_if}): 接你的电脑 -> IP段 192.168.101.x"
echo "WAN (${wan_if}): 接校园网"
echo "=========================================="
echo "提示: 请拔插一下电脑网线以获取新的 IP (192.168.101.x)"