下载地址:http://enduser.subsignal.org/~trondah/
来自:https://forum.openwrt.org/viewtopic.php?id=50914
Barrier Breaker build, complete and tweaked for performance. As with my previous build I'm going for an out of the box experience with no setup needed after flashing. - Overclocked to 760MHz (there's 800MHz builds available in download dir)
- Compiled with -march=24kc -mtune=24kc
- Default SSID OpenWRT (pw: changeme)
- Default root password (pw: changeme)
- jow reghack automatically installed (country set to 00 for access to all channels)
- miniupnpd
- WPS/RADIO/RESET button support
- OpenVPN out of the box (built from git, linked with PolarSSL)
* configured with static key (no need for certs, limited to one client)
* lzo/lz4/snappy compression support (default lzo for compatibility)
* udp port 1194 (udp 443 is also allowed through a redirect)
* a client config is generated during first boot at /etc/openvpn/OpenWRT.ovpn (complete with static key included, just copy to your client and import)
* tested with Tunnelblick for Mac and "OpenVPN for Android" (official version does not support static key configuration)
- Multicast routed over VPN (i.e. use UPnP/DLNA apps on your phone/pad over the VPN)
- Enabled utmp/wtmp login records (for last/who applets)
- Busybox saves ash history, enabled reverse search
- Increased log size to 64kb and made some services more quiet to make the log readable
- Dynamic DNS support
- IPv6 support (native/6in4/6to4/6rd)
- LuCI web interface
- USB storage support
- SFTP server
- Jumbo frames (passthrough enabled by default)
- Adblocking through mvps.org hosts file
- SSH brute force protection (max 4 new connections pr minute, ban after 10 failed login attempts with dropBrute.sh)
- QoS traffic shaping
- Some handy tools (tcpdump-mini, etherwake, wassup.lua) Diffs and config available in release dir. Recommended installation method is TFTP or sysupgrade -n. http://enduser.subsignal.org/~trondah Changelog: r41302:
- FIXED: UPnP has been kind of broken since r41098 (affects Call of Duty Ghosts and probably many more apps/games)
- FIXED: Missing } in smcroute hotplug script prevented shutdown when tun0 went down
- CHANGED: Back to default 192.168.1.x for LAN, 10.1.1.x for OpenVPN  r41293:
- CHANGED: Added the float option to generated .ovpn file for connecting with WAN IP from LAN
- FIXED: Include /etc/config/network file with "vpn" interface, smcroute needs this to start up correctly through hotplug r41283:
- CHANGED: Default IP is now 10.1.1.1
- CHANGED: OpenVPN IP's are now 192.168.100.1 for the router and 192.168.200.2 for the client r41281:
- ADDED: dropBrute SSH brute force prevention (similar to fail2ban)
- ADDED: smcroute (replaces igmpproxy for multicast routing across VPN)
- CHANGED: OpenVPN is now started from an interface hotplug script when WAN comes up
- CHANGED: OpenVPN addresses are now on a different subnet (lets you connect from LAN) r41196:
- ADDED: Default root password is now changeme
- FIXED: OpenVPN was restarting because of the keepalive option, removed that
- CHANGED: OpenVPN default port is now UDP 1194 which is the standard
- CHANGED: Allow OpenVPN clients to connect to UDP 443 via redirect rule r41181:
- REMOVED: luci-app-openvpn (not very usable) r41180:
- ADDED: Jumbo frames support
- ADDED: luci-app-openvpn (with patch from luci ticket 489) r41173:
- ADDED: SFTP server
- ADDED: USB storage support with automount enabled
- ADDED: qos-scripts and luci-app-qos
- ADDED: kmod-fs-ext4
- ADDED: sfdisk
- CHANGED: opkg.conf is written by build script and not by rc.local any more
- CHANGED: enable SSH brute force protection by default r41172:
- ADDED: luci-app-wol
- FIXED: Missing /etc/config/luci issue r41156:
- UPDATED: mvps.org hosts file from June
- ADDED: Logic in rc.local to add the package feed from enduser (should let you install kernel modules from my build without any hassle) r41150:
- ADDED: IPv6 tunnel support (6in4,6to4,6rd) and needed kernel modules
- ADDED: Most of the network support and kmod-ipt* modules are now built and available in the packages dir r41098:
- ADDED: iptables-mod-conntrack-extra and kmod-ipt-conntrack-extra
- ADDED: A commented out example to redirect port 222 from WAN to the local SSH port
- ADDED: A commented out example in /etc/firewall.user to stop SSH brute force attacks (max 4 new connections pr minute) r41055:
- ADDED: Filesystems EXT4, JFS, NFS, VFAT, NTFS and FUSE available in package directory
- ADDED: wassup.lua for scanning nearby access points
- ADDED: kmod-8021q for VLAN support r40995:
- ADDED: Adblock through mvps.org hosts file
- FIXED: miniupnpd wasn't starting by default in previous release r40993
- ADDED: luci-ssl collection with ddns/upnp app
| 
/1 
