Openwrt: Difference between revisions

From chaoswiki
Jump to navigation Jump to search
 
(13 intermediate revisions by the same user not shown)
Line 4: Line 4:
NVRAM is the EEPROM of the wrt54g. The Settings stored in the NVRAM is used by openwrt to configure the network interfaces and other settings like timezone and so on.
NVRAM is the EEPROM of the wrt54g. The Settings stored in the NVRAM is used by openwrt to configure the network interfaces and other settings like timezone and so on.


[http://openwrt.org/OpenWrtNVRAM INfo's about NVRAM settings]
[http://openwrt.org/OpenWrtNVRAM Info's about NVRAM settings]


==== OLSR ====
==== OLSR ====
Line 18: Line 18:
=== Installing the software ===
=== Installing the software ===
==== Installing the openwrt firmware ====
==== Installing the openwrt firmware ====

I use [https://aachen.uni-dsl.de/download/wrt/Snapshots/rev121/buildroot-rev121/takeover this script] to takeover the wrt54g. Get your [http://downloads.openwrt.org/whiterussian/ firmware] and copy it to the same directory as the takeover script.

Whether to use jffs2 or sqashfs is a philosophical question.

Plug in your wrt54g to you linux box. Configure your box in side 192.168.1.0/24 (not 192.168.1.1!)

{{Box Code|Installing openwrt on the Linksys wrt54g|
<pre>
wget http://downloads.openwrt.org/whiterussian/rc2/bin/openwrt-wrt54g-jffs2.bin
wget http://aachen.uni-dsl.de/download/wrt/Snapshots/rev121/buildroot-rev121/takeover
chmod +x takeover
cp openwrt-wrt54g-jffs2.bin openwrt-g-code.bin
./takeover
</pre>
}}

Wait about 5 minutes. If openwrt is booting the DMZ LED should lightning.

{{Box Code|Configure the network|
<pre>
nvram set lan_ifname=vlan0
nvram set lan_proto=static
nvram set lan_ipaddr=192.168.1.1
nvram set lan_netmask=255.255.255.0

nvram set wifi_ifname=eth1
nvram set wifi_proto=static
nvram set wifi_ipaddr=10.1.1.1
nvram set wifi_netmask=255.0.0.0

nvram set wan_ifname=vlan1
nvram set wan_proto=dhcp

nvram set wl0_mode=sta
nvram set wl0_infra=0
nvram set wl0_ssid=any-ssid
nvram set wl0_channel=1

nvram commit
</pre>
}}

==== Installing openvpn ====
==== Installing openvpn ====

{{Box Code|Installing openvpn|
<pre>
ipkg update
ipkg install openvpn
</pre>
}}

{{Box Code|/etc/init.d/S60openvpn|
<pre>
#!/bin/sh
# load Bridging-Module
#modprobe bridge
openvpn --mktun --dev tap0

# configure bridge
brctl addbr br1
brctl stp br1 off
brctl setfd br1 0

brctl addif br1 vlan0
brctl addif br1 tap0
ifconfig vlan0 0.0.0.0 promisc up
ifconfig tap0 0.0.0.0 promisc up

ifconfig br1 192.168.25.172 netmask 0xffffff00 broadcast 192.168.25.255
echo 1 > /proc/sys/net/ipv4/conf/br1/forwarding

openvpn --config /etc/openvpn/server.conf &
</pre>
}}


{{Box Code|/etc/openvpn/server.conf|
<pre>
port 1194
proto tcp-server
dev tap0
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem

#this will assign connecting clients address between the range of 10 and 50
#openwrt IP is 192.168.25.172
server-bridge 192.168.25.172 255.255.255.0 192.168.25.10 192.168.25.50

#this will allow for people to get the same IP address after a reconnect
ifconfig-pool-persist /etc/openvpn/ipp.txt

push "dhcp-option DNS 192.168.25.179"
keepalive 10 120
max-clients 10
persist-key
persist-tun
</pre>
}}

{{Box Code|/etc/openvpn/server.conf|
<pre>
#the ip address of the openwrt box
remote 10.7.0.1
float
proto tcp-client
dev tap
persist-tun

redirect-gateway

#to set /etc/resolv.conf if necessary
up /etc/openvpn/wlan/client.up
down /etc/openvpn/wlan/client.down

pull
tls-client
cert /etc/openvpn/wlan/keys/client1.crt
ca /etc/openvpn/wlan/keys/ca.crt
key /etc/openvpn/wlan/keys/client1.key
</pre>
}}

You now need to make the keys. You can use the easy-rsa script from the openvpn package. Get it from [http://openvpn.net/release/openvpn-2.0.2.tar.gz the homepage].

==== Installing olsrd ====
==== Installing olsrd ====

=== Configuring the wrt54g ===
{{Box Code|Installing olsrd|
==== Configuring the network ====
<pre>
==== Configuring openvpn ====
==== Configuring olsrd ====
ipkg install olsrd
</pre>
}}

{{Box Code|/etc/olsrd.conf|
<pre>
[...]
Hna4
{
#The Network which the dhcp server is responsable for
10.7.0.0 255.255.255.0
# Setting only on the box which has direct Internet Access
0.0.0.0 0.0.0.0
}
[...]
Interface "eth1"
{
# Hello interval in seconds(float)
HelloInterval 10.0
# HELLO validity time
HelloValidityTime 200.0
# TC interval in seconds(float)
TcInterval 25.0
# TC validity time
TcValidityTime 500.0
# MID interval in seconds(float)
MidInterval 25.0
# MID validity time
MidValidityTime 500.0
# HNA interval in seconds(float)
HnaInterval 25.0
# HNA validity time
HnaValidityTime 500.0
}
</pre>
}}

Append a '&' to 'olsrd $OPTIONS' in /etc/init.d/olsrd so it look like:

olsrd $OPTIONS &


{{Box Code|Starting olsrd|
<pre>
mv /etc/init.d/olsrd /etc/init.d/S60olsrd
/etc/init.d/S60olsrd start
</pre>
}}

==== Configuring dhcp ====

{{Box Code|Installing olsrd|
<pre>
dhcp-authoritative
dhcp-range=eth1,10.1.1.20,10.1.1.200,255.0.0.0,12h
dhcp-leasefile=/tmp/dhcp.leases
dhcp-option=3,10.1.1.1
dhcp-option=6,10.1.1.1
</pre>
}}

=== Finish your configuration ===

Now you just need to setup your personal preferences like iptables shaper etc.


Good Luck, have fun!

Latest revision as of 21:44, 23 October 2005

Openwrt knowledge

NVRAM

NVRAM is the EEPROM of the wrt54g. The Settings stored in the NVRAM is used by openwrt to configure the network interfaces and other settings like timezone and so on.

Info's about NVRAM settings

OLSR

OLSR means Optimized Link State Routing protocol.

OLSR is a routing protocol for mobile ad-hoc networks. The protocol is pro-active, table driven and utilizes a technique called multipoint relaying for message flooding. You can configure multiple openwrt routers to talk to each other to find the best route from point A to point B.

WDS

WDS (Wireless Distribution System) can be used to mae a special tunnel between two openwrt's. It is also supported by many other Accesspoints. I didn't bring it to work so i had been looking for another solution. MESH networks soltuions can do that. OLSR is one implementation for that. AODV is another one.

Installing the software

Installing the openwrt firmware

I use this script to takeover the wrt54g. Get your firmware and copy it to the same directory as the takeover script.

Whether to use jffs2 or sqashfs is a philosophical question.

Plug in your wrt54g to you linux box. Configure your box in side 192.168.1.0/24 (not 192.168.1.1!)

Code: Installing openwrt on the Linksys wrt54g
wget http://downloads.openwrt.org/whiterussian/rc2/bin/openwrt-wrt54g-jffs2.bin
wget http://aachen.uni-dsl.de/download/wrt/Snapshots/rev121/buildroot-rev121/takeover
chmod +x takeover
cp openwrt-wrt54g-jffs2.bin  openwrt-g-code.bin
./takeover

Wait about 5 minutes. If openwrt is booting the DMZ LED should lightning.

Code: Configure the network
nvram set lan_ifname=vlan0
nvram set lan_proto=static
nvram set lan_ipaddr=192.168.1.1
nvram set lan_netmask=255.255.255.0

nvram set wifi_ifname=eth1
nvram set wifi_proto=static
nvram set wifi_ipaddr=10.1.1.1
nvram set wifi_netmask=255.0.0.0

nvram set wan_ifname=vlan1
nvram set wan_proto=dhcp

nvram set wl0_mode=sta
nvram set wl0_infra=0
nvram set wl0_ssid=any-ssid
nvram set wl0_channel=1

nvram commit

Installing openvpn

Code: Installing openvpn
ipkg update
ipkg install openvpn
Code: /etc/init.d/S60openvpn
#!/bin/sh
# load Bridging-Module
#modprobe bridge      
openvpn --mktun --dev tap0

# configure bridge
brctl addbr br1   
brctl stp   br1 off
brctl setfd br1 0  

brctl addif br1 vlan0
brctl addif br1 tap0 
                    
ifconfig vlan0 0.0.0.0 promisc up
ifconfig tap0 0.0.0.0 promisc up 

ifconfig br1 192.168.25.172 netmask 0xffffff00 broadcast 192.168.25.255
echo 1 >  /proc/sys/net/ipv4/conf/br1/forwarding

openvpn --config /etc/openvpn/server.conf &


Code: /etc/openvpn/server.conf
port 1194
proto tcp-server
dev tap0
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key  # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem

#this will assign connecting clients address between the range of 10 and 50
#openwrt IP is 192.168.25.172
server-bridge 192.168.25.172 255.255.255.0 192.168.25.10 192.168.25.50

#this will allow for people to get the same IP address after a reconnect
ifconfig-pool-persist /etc/openvpn/ipp.txt

push "dhcp-option DNS 192.168.25.179"
keepalive 10 120
max-clients 10
persist-key
persist-tun
Code: /etc/openvpn/server.conf
#the ip address of the openwrt box
remote 10.7.0.1
float
proto tcp-client
dev tap
persist-tun

redirect-gateway

#to set /etc/resolv.conf if necessary
up /etc/openvpn/wlan/client.up
down /etc/openvpn/wlan/client.down

pull
tls-client
cert /etc/openvpn/wlan/keys/client1.crt
ca /etc/openvpn/wlan/keys/ca.crt
key /etc/openvpn/wlan/keys/client1.key

You now need to make the keys. You can use the easy-rsa script from the openvpn package. Get it from the homepage.

Installing olsrd

Code: Installing olsrd
ipkg install olsrd
Code: /etc/olsrd.conf
[...]
Hna4
{
#The Network which the dhcp server is responsable for
10.7.0.0 255.255.255.0   
# Setting only on the box which has direct Internet Access 
0.0.0.0 0.0.0.0
}
[...]
Interface "eth1"
{
# Hello interval in seconds(float)
HelloInterval 10.0
# HELLO validity time
HelloValidityTime 200.0
# TC interval in seconds(float)
TcInterval 25.0
# TC validity time
TcValidityTime 500.0
# MID interval in seconds(float)
MidInterval 25.0
# MID validity time
MidValidityTime 500.0
# HNA interval in seconds(float)
HnaInterval 25.0
# HNA validity time
HnaValidityTime 500.0       
}

Append a '&' to 'olsrd $OPTIONS' in /etc/init.d/olsrd so it look like:

       olsrd $OPTIONS &


Code: Starting olsrd
mv /etc/init.d/olsrd /etc/init.d/S60olsrd
/etc/init.d/S60olsrd start

Configuring dhcp

Code: Installing olsrd
dhcp-authoritative
dhcp-range=eth1,10.1.1.20,10.1.1.200,255.0.0.0,12h
dhcp-leasefile=/tmp/dhcp.leases
dhcp-option=3,10.1.1.1
dhcp-option=6,10.1.1.1

Finish your configuration

Now you just need to setup your personal preferences like iptables shaper etc.


Good Luck, have fun!