引言#
众所周知,WHU 的校园网限制三台设备,并且晚上七点之后会直接限速到 20Mbps。
所以如果寝室有网口,并且此网口能够正常上网的话,那么外接一个搭载 OpenWrt 设备的路由器,简直可以让体验翻倍。它不仅能够让你的寝室共用一个账号来分摊网费…… 以及连接老校友的米家设备,还能在晚上七点之后别人限速时,自己畅游网络世界,简直爽歪歪!
目前已知网口能用的宿舍,基本都是新建的,比如信部 18 舍,其余宿舍需要自行探索。先用电脑测试一下网口能不能使用,如果可以用的话,再弄一台设备进行安装即可。
安装准备#
想采取此方案的话,你需要做好以下准备:
- 一台搭载 OpenWrt 系统的路由器 / 软路由
- 认证脚本
- SSH 软件(最好带有 sftp)
本文采用喵二酱编译的 CatWrt 为示例,在系统方面基本上没要求。
脚本需要依赖 bash 以及 curl 如果你是原版 OpenWrt 的话需需要自行检查组件是否已经安装,另外建议预装了 curl 就别再装了以免出现问题。
网络认证的脚本在 Github 上是开源的,项目链接:https://github.com/7Ji/auto-whu-standard
这里我们直接使用其中的 auto-whu.sh 进行一些小小的修改即可使用。
脚本如下:
#!/bin/bash
# Online check
check_online() {
ping -w1 -W1 -c 1 baidu.com 1>/dev/null 2>&1
[[ $? = 0 ]] && echo "Network is already up" && return 0
return 1
}
# Check online and immediately exit if is running by systemd
check_online && [[ $? = 0 ]] && [[ ! -z "$INVOCATION_ID" ]] && exit
echo "Warning: running auto-whu when already online is dangerous, you may get your account banned for too many login requests. Use systemd and the bundled service and timer file to manage auto-whu instead. Check the repo for more info: https://github.com/7Ji/auto-whu-standard"
# Help message
help () {
echo "Usage: $0 -u [username] -p [password] -n [network] -m [manual network] -u [url] -c [config file] -f -s -h"
echo " -u username, should be a number of 13 digits"
echo " -p password, any value not empty"
echo " -n network, single-digit number from 0 to 3, 0 for CERNET, 1 for China Telcom, 2 for China Unicom, 3 for China Mobile"
echo " -m a manually specified network name, replace the -n option"
echo " -c config file, path to the configuration file"
echo " -a eportal authorization URL, DO NOT SET IT unless you totally understand it"
echo " -f foreground mode, ignore the systemd check"
echo " -s skip check for sanity for username, password and network"
echo " -h print this message"
echo " *notice that all other arguments will overwrite the value provided by the config file"
}
# Check arguments
[[ $# = 0 ]] && help && exit
while [[ $# -ge 1 ]]; do
if [[ "$1" = '-u' ]]; then
ARG_USERNAME="$2"
shift
elif [[ "$1" = '-p' ]]; then
ARG_PASSWORD="$2"
shift
elif [[ "$1" = '-n' ]]; then
ARG_NETWORK="$2"
shift
elif [[ "$1" = '-m' ]]; then
ARG_NETWORK_MANUAL="$2"
shift
elif [[ "$1" = '-a' ]]; then
ARG_URL="$2"
shift
elif [[ "$1" = '-c' ]]; then
ARG_CONFIG="$2"
shift
elif [[ "$1" = '-f' ]]; then
ARG_IGNORE_SYSTEMD='1'
elif [[ "$1" = '-s' ]]; then
ARG_IGNORE_SANITY='1'
elif [[ "$1" = '-h' ]]; then
help && exit
fi
shift
done
# Check and read configuration file if neccessary
if [[ ! -z "$ARG_CONFIG" ]]; then
[[ ! -f "$ARG_CONFIG" ]] && echo "ERROR: The configuration file '$ARG_CONFIG' you've provided does not exist."
[[ ! -r "$ARG_CONFIG" ]] && echo "ERROR: Not allowed to read the configuration file '$ARG_CONFIG', check your permission"
source "$ARG_CONFIG"
fi
[[ ! -z "$ARG_USERNAME" ]] && USERNAME=$ARG_USERNAME
[[ ! -z "$ARG_PASSWORD" ]] && PASSWORD=$ARG_PASSWORD
[[ ! -z "$ARG_NETWORK" ]] && NETWORK=$ARG_NETWORK
[[ ! -z "$ARG_NETWORK_MANUAL" ]] && NETWORK_MANUAL=$ARG_NETWORK_MANUAL
[[ ! -z "$ARG_URL" ]] && URL=$ARG_URL
[[ ! -z "$ARG_IGNORE_SYSTEMD" ]] && IGNORE_SYSTEMD='1'
[[ ! -z "$ARG_IGNORE_SANITY" ]] && IGNORE_SANITY='1'
# Default value downgrading
[[ -z "$NETWORK" && -z "$NETWORK_MANUAL" ]] && NETWORK='0' && echo "Neither network number nor manual network name was set, defaulting network to 0(CERNET)"
[[ -z "$URL" ]] && URL='http://172.19.1.9:8080/eportal/InterFace.do?method=login' && echo "Using default eportial authorization URL 'http://172.19.1.9:8080/eportal/InterFace.do?method=login'"
# Check systemd
if [[ -z "$INVOCATION_ID" && "$IGNORE_SYSTEMD" != 1 ]]; then
echo "You are running this script manually or in a non-systemd environment, it's better to manage this script with systemd."
echo "Check the github repo to learn how to use this script properly: https://github.com/7Ji/auto-whu-standard"
echo "You can set IGNORE_SYSTEMD='1' in the config file or use the argument -f to ignore this check"
fi
# Check intergrity or sanity. return code 1 for insanity.
if [[ "$IGNORE_SANITY" != 1 ]]; then
echo "Starting sanity check for username, password and network, you can set IGNORE_SANITY='1' in config file, or use argument -n to ignore this check."
[[ ! "$USERNAME" =~ ^[0-9]{13}$ ]] && echo "ERROR:The username '$USERNAME' you provided is not a number of 13 digits" && exit 1
[[ -z "$PASSWORD" ]] && echo "ERROR:You've specified an empty password" && exit 1
[[ ! "$NETWORK" =~ ^[0-3]$ && -z "$NETWORK_MANUAL" ]] && echo "ERROR:You've specified a network number not supported, only 0-3 is supported, 0 for CERNET(default), 1 for China Telcom, 2 for China Unicom, 3 for China Mobile" && exit 1
echo "Sanity check pass."
fi
# Network number conversion
if [[ -z "$NETWORK_MANUAL" ]]; then
if [[ "$NETWORK" = 0 ]]; then
NETWORK_STRING=Internet
elif [[ "$NETWORK" = 1 ]]; then
NETWORK_STRING=dianxin
elif [[ "$NETWORK" = 2 ]]; then
NETWORK_STRING=liantong
else
NETWORK_STRING=yidong
fi
else
NETWORK_STRING=$NETWORK_MANUAL
fi
# Authorization
echo "Trying to authorize..."
curl -d "userId=$USERNAME&password=$PASSWORD&service=$NETWORK_STRING&queryString=`curl baidu.com | grep -oP "(?<=\?).*(?=\')" | sed 's/&/%2526/g' | sed 's/=/%253D/g'`&operatorPwd=&operatorUserId=&validcode=&passwordEncrypt=false" $URL 1>/dev/null 2>&1
check_online && [[ $? = 0 ]] && exit
echo "Failed to authorize, you may need to check your account info and credit and network connection"
食用方法#
你可以新建一个脚本,自己命名即可,我这里统一使用auto-whu.sh名字,然后把脚本内容复制进去。
通过 sftp 的工具把此脚本上传到 Catwrt 的 /usr/sbin/目录下,并且使用
chmod 777 /usr/sbin/auto-whu.sh
将脚本赋予可执行权限。
这里我们可以使用 Termius 等带有 sftp 文件传输的 SSH 客户端,当然你喜欢的话也可以 vi vim nano 另外复制在编辑器的终端。
测试命令#
直接通过在命令行运行
/usr/sbin/auto-whu.sh -u your_student_account -p your_password -n 0 -f
来进行认证了。
运行命令之后,如果设备成功上线,会输出:
root@CatWrt:~# /usr/sbin/auto-whu.sh -u your_student_account -p your_password -n 0 -f
Warning: running auto-whu when already online is dangerous, you may get your account banned for too many login requests. Use systemd and the bundled service and timer file to manage auto-whu instead. Check the repo for more info: https://github.com/7Ji/auto-whu-standard
Using default eportial authorization URL 'http://172.19.1.9:8080/eportal/InterFace.do?method=login'
Starting sanity check for username, password and network, you can set IGNORE_SANITY='1' in config file, or use argument -n to ignore this check.
Sanity check pass.
Trying to authorize...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 521 100 521 0 0 130k 0 --:--:-- --:--:-- --:--:-- 254k
Failed to authorize, you may need to check your account info and credit and network connection
如果设备已经在线,重复认证会输出:
root@CatWrt:~# /usr/sbin/auto-whu.sh -u your_student_account -p your_password -n 0 -f
Network is already up
Warning: running auto-whu when already online is dangerous, you may get your account banned for too many login requests. Use systemd and the bundled service and timer file to manage auto-whu instead. Check the repo for more info: https://github.com/7Ji/auto-whu-standard
Using default eportial authorization URL 'http://172.19.1.9:8080/eportal/InterFace.do?method=login'
Starting sanity check for username, password and network, you can set IGNORE_SANITY='1' in config file, or use argument -n to ignore this check.
Sanity check pass.
Trying to authorize...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (52) Empty reply from server
Network is already up
此方法在设备重启之后,会自动退出认证并且占用一个校园网账号的设备数,开关无感认证对此情况无影响。因此每次重启之后都需要把之前的设备踢掉,再进入设备后台执行命令。
添加自启#
在测试完成确认无误后,添加一个开机自启任务,这样的话每次重启只需要把之前的设备踢掉,路由器会自己进行认证。操作方法如下:
打开 系统 - 启动项
拉到最下面,在 exit0 前面添加一行 /usr/sbin/auto-whu.sh -u your_student_account -p your_password -n 0 -f
这样的话,脚本命令就会随着设备启动而执行了。
总结#
经过上述操作之后,你就可以在 WHU 的宿舍愉快使用校园网了。当然,最好还是一个账号哦。
脚本参数 - 附录#
-u [username] 声明登录用户名,应为 13 位数字
-p [password] 声明密码,不应为空字段
-n [network] 声明登陆网络类型,0-3 的整数,0 为教育网(默认),1 为电信,2 为联通,3 为移动
-m [network_manual] 手动声明网络名称,会覆盖 -n 参数,例如教育网在此处为 -m Internet,除非后期网络情况有变,或你计划把 auto-whu 使用在非武大校园网的环境中,否则不应该使用此参数
-c [config file] 配置文件路径,将会从中读取用户名、密码、网络类型、手动网络名称、验证 URL、是否检测 systemd、各变量合法性等,这些选项将会被命令行提供的参数覆盖(例如,-u 会覆盖配置文件中的USERNAME项)
-a [authorization URL] eportal 的验证 URL,只推荐非武大校园网环境的用户声明此项。如果你自行抓包发现武大校园网的验证方法有变动,你应当 fork 本 repo 后修改并提出 pull request。
-f 开启前台模式,将会禁用 systemd 检测
-s 跳过参数合法性检查,包括禁用 13 位数字用户名检查,非空密码检查,0-3 整数网络编号检查
-h 打印帮助文本
例如,一位用户名为 2024300000000 的用户,他的密码是 123456 ,
/usr/sbin/auto-whu.sh -u 2024300000000 -p 123456-n 0 -f
希望登录 电信 网络,他应该使用下面这条命令 (-f 可以省略):
/usr/sbin/auto-whu.sh -u 2017300000000 -p 123456 -m dianxin -f
参考#
Auto WHU for standard linux distributions i.e. Arch Linux, Ubuntu, etc. With systemd in mind, this version is much more concise than the openwrt version.
此文由 Mix Space 同步更新至 xLog
原始链接为 https://www.miaoer.net/posts/network/whu-openwrt-authentication