-v cedit /etc/config/firewall <<'EOF' || firewall_restart=true
-config redirect
- option name ssh
- option src wan
- option src_dport 22
- option dest_ip 192.168.1.8
- option dest lan
-config rule
- option src wan
- option target ACCEPT
- option dest_port 22
-
-config redirect
- option name sshalt
- option src wan
- option src_dport 2222
- option dest_port 22
- option dest_ip 192.168.1.3
- option dest lan
-config rule
- option src wan
- option target ACCEPT
- option dest_port 2222
-
-config redirect
- option src wan
- option src_dport 443
- option dest lan
- option dest_ip 192.168.1.8
- option proto tcp
-config rule
- option src wan
- option target ACCEPT
- option dest_port 443
- option proto tcp
-
-config redirect
- option src wan
- option src_dport 1196
- option dest lan
- option dest_ip 192.168.1.8
- option proto udp
-config rule
- option src wan
- option target ACCEPT
- option dest_port 1196
- option proto udp
-
-
-config redirect
- option src wan
- option src_dport 80
- option dest lan
- option dest_ip 192.168.1.8
- option proto tcp
-config rule
- option src wan
- option target ACCEPT
- option dest_port 80
- option proto tcp
-
-config redirect
- option name syncthing
- option src wan
- option src_dport 22001
- option dest_ip 192.168.1.8
- option dest lan
-config rule
- option src wan
- option target ACCEPT
- option dest_port 22001
-
-
-
-EOF
-
-
-
-
-dnsmasq_restart=false
-mail_host=$(grep -F mail.iankelling.org /etc/hosts | awk '{print $1}')
-v cedit /etc/hosts <<EOF || dnsmasq_restart=true
-127.0.1.1 wrt
-192.168.1.1 wrt
-192.168.1.2 treetowl
-192.168.1.3 frodo
-192.168.1.4 htpc
-192.168.1.5 x2
-192.168.1.6 demohost
-#192.168.1.7 faiserver
-192.168.1.8 tp faiserver b8.nz
-192.168.1.9 n5
-192.168.1.10 kw
-192.168.1.11 kww
-192.168.1.12 fz
-72.14.176.105 li
-45.33.9.11 lj
-138.68.10.24 dopub
-# netns creation looks for next free subnet starting at 10.173, but I only
-# use one, and I would keep this one as the first created.
-10.173.0.2 transmission
-EOF
-
-# if [[ $mail_host ]]; then
-# sed -i '/^$mail_host/a mail.iankelling.org' /etc/hosts
-# fi
-
-
-# avoid using the dns servers that my isp tells me about.
-if [[ $(uci get dhcp.@dnsmasq[0].resolvfile) ]]; then
- # default is '/tmp/resolv.conf.auto', we switch to the dnsmasq default of
- # /etc/resolv.conf. not sure why I did this.
- v uci delete dhcp.@dnsmasq[0].resolvfile
- uci commit dhcp
- dnsmasq_restart=true
-fi
-
-if [[ $(uci get dhcp.@dnsmasq[0].domain) != b8.nz ]]; then
- v uci set dhcp.@dnsmasq[0].domain=b8.nz
- uci commit dhcp
- dnsmasq_restart=true
-fi
-if [[ $(uci get dhcp.@dnsmasq[0].local) != b8.nz ]]; then
- v uci set dhcp.@dnsmasq[0].local=/b8.nz/
- uci commit dhcp
- dnsmasq_restart=true
-fi
-
-if [[ $(uci get system.@system[0].hostname) != wrt ]]; then
- v uci set system.@system[0].hostname=wrt
- uci commit system
-fi
-
-
-# useful: http://wiki.openwrt.org/doc/howto/dhcp.dnsmasq
-
-# sometimes /mnt/usb fails, cuz it's just a flash drive,
-# so make sure we have this dir or else dnsmasq will fail
-# to start.
-mkdir -p /mnt/usb/tftpboot
-v cedit /etc/dnsmasq.conf <<'EOF' || dnsmasq_restart=true
-
-############ updating dns servers ###################3
-
-
-# this says the ip of default gateway and dns server,
-# but I think they are unneded and default
-#dhcp-option=3,192.168.1.1
-#dhcp-option=6,192.168.1.1
-
-
-
-# results from googling around dnsmasq optimizations
-# about 50k in memory. router has 62 megs.
-# in a browsing session, I probably won't ever do 5000 lookups
-# before the ttl expiration or whatever does expiration.
-cache-size=10000
-
-# ask all servers, use the one which responds first.
-# http://ma.ttwagner.com/make-dns-fly-with-dnsmasq-all-servers/
-all-servers
-
-# namebench benchmarks dns servers. google's dns was only
-# slightly less fast than some others, and I trust it more
-# to give accurate results, stay relatively fast, and
-# not do anythin too malicious, so just use that.
-# download namebench and run it like this:
-# for x in all regional isp global preferred nearby; do ./namebench.py -s $x -c US -i firefox -m weighted -J 10 -w; echo $x; hr; done
-# google
-server=8.8.4.4
-server=8.8.8.8
-server=2001:4860:4860::8888
-server=2001:4860:4860::8844
-