Änderungen

Zur Navigation springen Zur Suche springen
4.619 Bytes hinzugefügt ,  18:08, 11. Apr. 2021
K
Bot: {{Vorlage:LinksReparieren}} hinzugefügt
Zeile 1: Zeile 1:  +
{{Vorlage:LinksReparieren}}
 +
{{Vorlage:Löschen}}
 +
 
<h2>Howto install the OpenWRT-Firmware on a Linksys WRT54g</h2>
 
<h2>Howto install the OpenWRT-Firmware on a Linksys WRT54g</h2>
   Zeile 13: Zeile 16:  
#Grab a [http://openwrt.org/downloads/snapshots/ snapshot] of a pre-compiled firmware
 
#Grab a [http://openwrt.org/downloads/snapshots/ snapshot] of a pre-compiled firmware
 
#Follow the instructions from [http://openwrt.org/userguide.html#before_you_flash here]
 
#Follow the instructions from [http://openwrt.org/userguide.html#before_you_flash here]
 +
 +
===Connect to the Linksys via telnet===
 +
OpenWRT by default installs telnet on the Linksys. To access it you need a telnet client, which is installed on most Operating Systems by default. Connect your computer to one of the LAN-Ports on the back of the Linksys. To open a telnet-connection:
 +
 +
*on Windows: -->Startmenu-->Ausf�?¼hren--> telnet 192.168.1.1
 +
*on MacOSX: Programme -> Dienstprogramme -> Terminal.app ausf�?¼hren. telnet 192.168.1.1
 +
*on Linux: telnet 192.168.1.1
 +
 +
There is no login/pass on telnet. You can now start to configure the linksys to your demands. To close the connection do "CTRL-D"
 +
 +
===Networkconfiguration===
 +
Before you can install new software on the linksys, you will need to connect it to the internet. For this howto we will assume that you have access to the internet via a LAN.
 +
Connect the WAN-interface of the Linksys with a cable to the network. To configure the WAN-interface of the router, issue the following commands:
 +
 +
  '''nvram get wan_ifname'''  (this will print the name of the WAN interface)
 +
  '''ifconfig <name-of-WAN-interface> xxx.xxx.xxx.xxx''' (put in an ip used on the LAN)
 +
  '''route add default gw xxx.xxx.xxx.xxx''' (put in the ip of the gateway)
 +
  '''echo "nameserver 141.54.1.1" >> /etc/resolv.conf'''  (this configures the nameservers)
 +
  '''ping subsignal.org''' (to test if it works, abort with CTRL-C)
    
===Install ssh (dropbear)===
 
===Install ssh (dropbear)===
 +
Telnet is by design very insecure, a far better way of configuring the router is ssh. there is a ssh-server for OpenWRT available, its name is dropbear. you can use the "ipkg" tool to install it. login to the linksys using telnet and issue the following commands:
 +
 +
  '''ipkg update'''
 +
  '''ipkg install dropbear'''
 +
The first command will get a currenty list of available software from the internet and the second command installs the dropbear-ssh-server.
 +
 +
Now you need to set the root-password:
 +
  '''passwd'''
 +
 +
After restarting the router you can login via ssh.
 +
* on linux: ssh 192.168.1.1
 +
* MacOSX: open a console, and type "ssh -l root 192.168.1.1"
 +
* On Windows you will need a seperate ssh-client, [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html putty] is a good one. Type 192.168.1.1 into the address field, select ssh as protocol and press connect.
 +
 +
Login with username: root and pass: whatever you chose as root-password. If this works, you can now safely stop the insecure telnet service:
 +
 +
  '''rm /etc/init.d/S41Telnet'''
    
==Configuring the network==
 
==Configuring the network==
 +
<p stype="font-family: geneva helvetica arial sans-serif">In terms of hardware, the linksys (v2) has only two interfaces called eth0 and eth1. The eth0 interface is split up via so called vlan tagging which results in two additional interfaces seen by the network stack vlan0 and vlan1 so you end up  having three configurable interfaces which serve different purposes.
 +
 +
eth1:&nbsp;&nbsp;&nbsp;The wireless network<br>
 +
vlan0:&nbsp;&nbsp;The four-port switch<br>
 +
vlan1:&nbsp;&nbsp;The "WAN" link, which is per default used for the internet uplink<br><br>
 +
 +
In the standard configuration, the vlan0 and eth1 interfaces are bound together in a so called bridge (seen as br0), that is: they are seen by the upper software layers as one physical interface with one IP address. Consequently, you cannot seperate your wired network and what is connected through the wireless interface which is something you would really apreciate from a security point of view.<br><br>
 +
 +
I'll try to show you, how you can change this and finally have two seperate interfaces with two seperate networks for which all sort of rules to shape and control network traffic can be applied.<br><br>
 +
 +
Many options for the linksys are controlled by simple attribute=value pairs. The tool you use is called "nvram" which can be called as follows:<br><br>
 +
 +
'''nvram show'''&nbsp;&nbsp;shows all variables set.<br><br>
 +
'''nvram get <attribute name>&nbsp;&nbsp;shows the value of the attribute<br><br>
 +
'''nvram set <name>=<value>&nbsp;&nbsp;sets the attribute <name> to the new value <value><br><br>
 +
'''nvram commit'''&nbsp;&nbsp;writes changes to the flash disk<br><br>
    +
That said, let's split up the networks:
 +
->'''nvram show | grep lan_ifnames''' will show all devices currently in the bridge, removing eth1 will do the trick e.g. ->'''nvram set lan_ifnames="eth0 vlan0"'''
 
===Ad-hoc networking===
 
===Ad-hoc networking===
   Zeile 24: Zeile 81:  
===AP-Client===
 
===AP-Client===
    +
==Further Resources==
 +
*[http://www.ramereth.net/openwrt/src/ How to build OpenWRT packages]
 +
*[http://download.intrinsyc.com/supported/os/linux/distribution/i-linux-4.1/i-packages-1.1/src/hello-world/HOWTO-ipkg  introduction to building ipkg's]
    
.. to be continued
 
.. to be continued
 +
 +
[[Kategorie:Howto]]
 +
[[Kategorie:Firmware]]
 +
[[Kategorie:ToteLinks]]
121

Bearbeitungen

Navigationsmenü