Howto OpenWRT: Unterschied zwischen den Versionen

Aus wireless.subsignal.org
Wechseln zu: Navigation, Suche
(+kat)
 
Zeile 1: Zeile 1:
 +
{{Vorlage:Löschen}}
 +
 
[[Category:Howto]]
 
[[Category:Howto]]
  

Aktuelle Version vom 6. April 2014, 05:34 Uhr

Loeschkandidat gnome trash full.png
Diese Seite wurde zur Löschung vorgeschlagen.
  • Wenn du mit diesem Vorschlag nicht einverstanden bist, beteilige dich bitte an der Löschdiskussion.
  • Wenn du den Artikel verbessern willst, entferne den Löschvorschlag und vermerke dies in der Löschdiskussion. Bei eigenen Artikeln bitte den Löschvorschlag nicht selbst entfernen.
  • Vor dem Entfernen ist sicherzustellen, dass kein anderer Artikel hierhin zeigt. Die Versionsgeschichte ist davor auf gravierenden Veränderungen zu überprüfen.

Howto install the OpenWRT-Firmware on a Linksys WRT54g

Introduction

OpenWRT is a highly configurable firmware for the WRT54G. It provides different packages for diverse functionalities. This howto will cover the basic installation of the firmware, as well as some specific configurations.

Other Sources

There are several howtos for OpenWRT on the net:

  1. OpenWRT userguide
  2. Howto on funkfeuer.at, vienna wireless

Basic Install

The basic installation is documented on the OpenWRT homepage, in the userguide section. In most cases you can skip the part about compiling from source.

  1. Grab a snapshot of a pre-compiled firmware
  2. Follow the instructions from here

Connect to the Linksys via telnet

OpenWRT by default installs telnet on the Linksys. To access it you need a telnet client, which is installed on most Operating Systems by default. Connect your computer to one of the LAN-Ports on the back of the Linksys. To open a telnet-connection:

  • on Windows: -->Startmenu-->Ausf�?¼hren--> telnet 192.168.1.1
  • on MacOSX: Programme -> Dienstprogramme -> Terminal.app ausf�?¼hren. telnet 192.168.1.1
  • on Linux: telnet 192.168.1.1

There is no login/pass on telnet. You can now start to configure the linksys to your demands. To close the connection do "CTRL-D"

Networkconfiguration

Before you can install new software on the linksys, you will need to connect it to the internet. For this howto we will assume that you have access to the internet via a LAN. Connect the WAN-interface of the Linksys with a cable to the network. To configure the WAN-interface of the router, issue the following commands:

  nvram get wan_ifname  (this will print the name of the WAN interface)
  ifconfig <name-of-WAN-interface> xxx.xxx.xxx.xxx (put in an ip used on the LAN)
  route add default gw xxx.xxx.xxx.xxx (put in the ip of the gateway)
  echo "nameserver 141.54.1.1" >> /etc/resolv.conf  (this configures the nameservers)
  ping subsignal.org (to test if it works, abort with CTRL-C)

Install ssh (dropbear)

Telnet is by design very insecure, a far better way of configuring the router is ssh. there is a ssh-server for OpenWRT available, its name is dropbear. you can use the "ipkg" tool to install it. login to the linksys using telnet and issue the following commands:

 ipkg update
 ipkg install dropbear

The first command will get a currenty list of available software from the internet and the second command installs the dropbear-ssh-server.

Now you need to set the root-password:

  passwd

After restarting the router you can login via ssh.

  • on linux: ssh 192.168.1.1
  • MacOSX: open a console, and type "ssh -l root 192.168.1.1"
  • On Windows you will need a seperate ssh-client, putty is a good one. Type 192.168.1.1 into the address field, select ssh as protocol and press connect.

Login with username: root and pass: whatever you chose as root-password. If this works, you can now safely stop the insecure telnet service:

  rm /etc/init.d/S41Telnet

Configuring the network

In terms of hardware, the linksys (v2) has only two interfaces called eth0 and eth1. The eth0 interface is split up via so called vlan tagging which results in two additional interfaces seen by the network stack vlan0 and vlan1 so you end up having three configurable interfaces which serve different purposes. eth1:   The wireless network
vlan0:  The four-port switch
vlan1:  The "WAN" link, which is per default used for the internet uplink

In the standard configuration, the vlan0 and eth1 interfaces are bound together in a so called bridge (seen as br0), that is: they are seen by the upper software layers as one physical interface with one IP address. Consequently, you cannot seperate your wired network and what is connected through the wireless interface which is something you would really apreciate from a security point of view.

I'll try to show you, how you can change this and finally have two seperate interfaces with two seperate networks for which all sort of rules to shape and control network traffic can be applied.

Many options for the linksys are controlled by simple attribute=value pairs. The tool you use is called "nvram" which can be called as follows:

nvram show  shows all variables set.

nvram get <attribute name>  shows the value of the attribute

nvram set <name>=<value>  sets the attribute <name> to the new value <value>

nvram commit  writes changes to the flash disk

That said, let's split up the networks: ->nvram show | grep lan_ifnames will show all devices currently in the bridge, removing eth1 will do the trick e.g. ->nvram set lan_ifnames="eth0 vlan0"

Ad-hoc networking

Accesspoint (AP)

AP-Client

Further Resources

.. to be continued