Run script every time swconfig is executed

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
6u6uka
DD-WRT Novice


Joined: 16 Jul 2024
Posts: 10

PostPosted: Sat Jul 20, 2024 1:55    Post subject: Run script every time swconfig is executed Reply with quote
Hello,

I'm running home network with multiple VLANs, opnsense as a main router, and several APs.

One of APs is a R7000P, running dd-wrt 56941, which I configured with trunk ports, several VLANs and several WAP/VAP.

For the sake of argument on swconfig page I have all ports for VLANs and Tagged ticked.

This produces following for VLAN1:
Code:
VLAN 1:
   ports: 0t 1t 2t 3t 4t 5t

, i.e. this does not work for trunk ports.

My understanding is that I can't mix tagged and untagged VLANs through GUI, so I run swconfig command for VLAN1:

Quote:

swconfig dev switch0 vlan 1 set ports "0 1 2 3 4 5t"
swconfig dev switch0 set apply


Here's relevant snippet of "swconfig show"; it all works after that:

Code:
VLAN 1:
   ports: 0 1 2 3 4 5t
VLAN 10:
   ports: 0t 1t 2t 3t 4t 5t



The problem is that every time I reboot or apply *some* of the changes (e.g. for WiFi) VLAN1 changes back to

Code:
VLAN 1:
   ports: 0t 1t 2t 3t 4t 5t

, I assume this is b/c swconfig was executed in the background.

To mitigate startup issue I have a startup script which runs swconfig commands above at startup. It all works.

What would be the best way to run the same commands every time swconfig is executed by the Apply script, or, in general, after system executes swconfig ?

Thanks,
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9357

PostPosted: Sat Jul 20, 2024 4:32    Post subject: Reply with quote
Here's a trick that might work for you.

1. Copy the executable to /tmp.
2. Create a script that calls the copied executable, adding any other actions you'd like to take in response to that executable being called.
3. Bind the script to the original executable so the system calls your script rather than the original executable.

The following is a basic outline. You'd have to refine it according to your specific needs.

Code:
#!/bin/sh

OLD_EXE="$(which swconfig)"
NEW_EXE="/tmp/$(basename $OLD_EXE)"
SCRIPT="/tmp/_$(basename $OLD_EXE)"

umount $OLD_EXE 2>/dev/null

cp $OLD_EXE $NEW_EXE

cat << 'EOF' > $SCRIPT
#!/bin/sh
echo '### your code can go before … ###'
$NEW_EXE "$@"
echo '### … and/or after the original executable ###'
EOF
chmod +x $SCRIPT
sed -i "s:\$NEW_EXE:$NEW_EXE:g" $SCRIPT

mount --bind $SCRIPT $OLD_EXE


Ideally this would execute as early as possible in the startup script.

You can use the same code/technique w/ any other executable you might want to intercept. That's why the script is generalized except for the first line, where I specify the executable.

Using this technique, you're always aware of when the executable is being called because the system always calls your script in its place. Of course, you have to make sure to complete the call to the original executable to satisfy its requirements (although I have used this technique to *prevent* calls too). You're free to add code before or after, or even manipulate the command-line arguments as you see fit. The reason it works is because even though the original executable is typically read-only, the system always gives priority to anything bound via mounting over anything discovered via the PATH.

_________________
ddwrt-bind-static-routes-to-wan.sh (UPDATED! 11/12/24) * ddwrt-blacklist-domains.sh * ddwrt-dns-monitor.sh * ddwrt-ovpn-client-backup.sh * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-server-watchdog.sh * ddwrt-ovpn-split-advanced.sh * ddwrt-ovpn-split-basic.sh * ddwrt-mount-usb-drives.sh * ddwrt-wol-port-forward.sh
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 3377
Location: Germany

PostPosted: Sat Jul 20, 2024 7:02    Post subject: Reply with quote
Then you have to deactivate VLANs support in the “Switch config tab” and configure your VLANs manually.
It is logical that both together lead to conflicts.

Quote:
, i.e. this does not work for trunk ports.


Of course this is not true, it is not written anywhere that a trunk must provide a untagged VLAN.

Basically, this is also nonsense because you have to connect devices that are capable of IEEE 802.1Q to a trunk port anyway in order to be able to use the tagged VLANs.
And if the device understands 1 tagged VLAN then it also understands 1000.

Incidentally, you can also simply configure your opnsense properly so that all VLANs are tagged on the trunk.

_________________
Quickstart guides:
use Pi-Hole as simple DNS-Server with DD-WRT
VLAN configuration via GUI - 1 CPU port
VLAN configuration via GUI - 2 CPU ports (R7800, EA8500 etc)

Routers
Marvell OCTEON TX2 - QHora-322 - OpenWrt 23.05.3 - Gateway
Qualcomm IPQ8065 - R7800 - DD-WRT - WAP
6u6uka
DD-WRT Novice


Joined: 16 Jul 2024
Posts: 10

PostPosted: Sat Jul 20, 2024 8:17    Post subject: Reply with quote
eibgrad wrote:
Here's a trick that might work for you.
...


Thanks for suggestions, I might try it.
6u6uka
DD-WRT Novice


Joined: 16 Jul 2024
Posts: 10

PostPosted: Sat Jul 20, 2024 8:35    Post subject: Reply with quote
ho1Aetoo wrote:
Then you have to deactivate VLANs support in the “Switch config tab” and configure your VLANs manually.


Thanks, this is a good suggestion! I was not sure if there is anything else triggered when I enable VLAN on Switch Config page. If I can just disable it and configure it manually this should solve the problem. Anybody can confirm this should work? Thanks!


ho1Aetoo wrote:

It is logical that both together lead to conflicts.


There is no fundamental problem per se - I have Cisco managed switch and FreshTomato working OK in this configuration. The problem is that dd-wrt's Switch Config GUI does not support it, and there is an earlier thread with discussion and GUI mockups on how to enable it - thread is somewhat old, not sure if there was any folloup.

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329141&postdays=0&postorder=asc&start=45

ho1Aetoo wrote:

Incidentally, you can also simply configure your opnsense properly so that all VLANs are tagged on the trunk.


that's correct.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 13439
Location: Netherlands

PostPosted: Sat Jul 20, 2024 9:36    Post subject: Reply with quote
Simply use the GUI switch config tab to setup and that should do the trick.

The only thing DDWRT does not support is having one untagged and one or more tagged vlans on the trunk.
Theoretically that is possible but not all network equipment can deal with that so it is not recommended to do, just tag everything.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 3377
Location: Germany

PostPosted: Sat Jul 20, 2024 11:11    Post subject: Reply with quote
6u6uka wrote:
Anybody can confirm this should work? Thanks!


I am the VLAN man here, if I say it works then it works

_________________
Quickstart guides:
use Pi-Hole as simple DNS-Server with DD-WRT
VLAN configuration via GUI - 1 CPU port
VLAN configuration via GUI - 2 CPU ports (R7800, EA8500 etc)

Routers
Marvell OCTEON TX2 - QHora-322 - OpenWrt 23.05.3 - Gateway
Qualcomm IPQ8065 - R7800 - DD-WRT - WAP
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 13439
Location: Netherlands

PostPosted: Sat Jul 20, 2024 11:27    Post subject: Reply with quote
👍😉
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6701
Location: UK, London, just across the river..

PostPosted: Sat Jul 20, 2024 14:39    Post subject: Reply with quote
ho1Aetoo wrote:
6u6uka wrote:
Anybody can confirm this should work? Thanks!


I am the VLAN man here, if I say it works then it works


he is the VLANMAN indeed Cool
+1

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
6u6uka
DD-WRT Novice


Joined: 16 Jul 2024
Posts: 10

PostPosted: Sat Jul 20, 2024 18:03    Post subject: Reply with quote
ho1Aetoo wrote:
6u6uka wrote:
Anybody can confirm this should work? Thanks!


I am the VLAN man here, if I say it works then it works


Great, thanks!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum