Save nvram space, compress your firewall script

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Tue Apr 20, 2010 0:56    Post subject: Save nvram space, compress your firewall script Reply with quote
If you're one of the few people running out of nvram space due to huge firewall scripts, I wrote some commands to compress/decompress it. My ~4KB firewall script (custom written QoS) got reduced to ~1KB with it. The compressed data is even smaller but it has to be base64 encoded so that it's safe to store in nvram which makes it ~33% bigger.

Usage:

Run the "Compress Firewall" set of commands to compress your real firewall script and change the firewall script to decompress and execute your compressed firewall script. If you ever want to view/edit your firewall commands then run the "Decompress Firewall" commands to have it decompressed. You can use the "Editing the Firewall" commands to safely edit it before recompressing it.

After running the decompression commands it will tell you how much nvram you have left, if it's negative then stay out of the GUI to avoid committing nvram! Instead use the "Editing the Firewall" commands via telnet/ssh so that you can compress it before committing.

When you're done and you want to save it through reboots then make sure that there is free space left and then run nvram commit.


# Compress Firewall
nvram set pH_fw="`nvram get rc_firewall | gzip | uuencode -m /dev/stdout`"
nvram set rc_firewall="nvram get pH_fw | uudecode -o /tmp/pH_fw.gz;gunzip /tmp/pH_fw.gz;chmod +x /tmp/pH_fw;/tmp/pH_fw"
nvram show >/dev/null

# Decompress Firewall
nvram get pH_fw | uudecode -o /tmp/pH_fw.gz
nvram unset pH_fw
gunzip /tmp/pH_fw.gz
nvram set rc_firewall="`cat /tmp/pH_fw`"
nvram show >/dev/null

# Editing the Firewall
vi /tmp/pH_fw
# finish editing with vi before running the rest
nvram set rc_firewall="`cat /tmp/pH_fw`"
nvram show >/dev/null

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Sponsor
buddee
DD-WRT Guru


Joined: 06 Feb 2010
Posts: 7401
Location: Little Rock

PostPosted: Tue Apr 20, 2010 1:00    Post subject: Reply with quote
This is most excellent! Thanks Very Happy
_________________
Wireless N Config | Linking Routers | DD-WRT Wiki | DD-WRT Builds | Peacock - Broadcom FAQ

Having problems with port forwarding? Check out Port Forward Troubleshooting for more info.
crashfly
DD-WRT Guru


Joined: 24 Feb 2009
Posts: 2026
Location: Sol System > Earth > USA > Arkansas

PostPosted: Tue Apr 20, 2010 4:09    Post subject: Reply with quote
ZOMG, What would we do without your naked body phuzi0n? .... hmmm, we would probably survive like we always have without it .... moving on ...

Good job phuzi0n. I am sure many will find good use for your scripts. I am just curious though ... how long did it take to think up this interesting solution?

_________________
E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]

Try Dropbox for syncing files - get 2.5gb online for free by signing up.

Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Tue Apr 20, 2010 12:59    Post subject: Reply with quote
crashfly wrote:
ZOMG, What would we do without your naked body phuzi0n? .... hmmm, we would probably survive like we always have without it .... moving on ...

Good job phuzi0n. I am sure many will find good use for your scripts. I am just curious though ... how long did it take to think up this interesting solution?

lol Laughing

I've been mulling around the basic idea for many months but this is a compromise that's easy to implement. What I'd really like is to rewrite the nvram app to compress any variables that the CFE itself doesn't use...

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
blackdot
DD-WRT Novice


Joined: 13 Feb 2012
Posts: 9

PostPosted: Sun Jan 04, 2015 12:47    Post subject: Reply with quote
I like this, but in newer releases uudecode/uuencode is missing. Is there any other way how to get it done?

Installing anything using ipkg isn't a way, because on my router, it is not included in ROM. I want to use nvram to save ipkg script there. Ideally compressed. But for that, I need to convert it to ASCII.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum