OpenWRT - embedded Linux for wireless routers

Similar documents
Linux on Soho-Router

Evaluation guide. Vyatta Quick Evaluation Guide

Hacking. Aims. Naming, Acronyms, etc. Sources

An Embedded Wireless Mini-Server with Database Support

Knowledgebase Solution

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Installation of the On Site Server (OSS)

Broadband Phone Gateway BPG510 Technical Users Guide

Firewall VPN Router. Quick Installation Guide M73-APO09-380

GregSowell.com. Mikrotik Basics

BROADBAND INTERNET ROUTER USER S MANUAL. Version Page 1 of 13 -

LAN TCP/IP and DHCP Setup

EZblue BusinessServer The All - In - One Server For Your Home And Business

Edgewater Routers User Guide

Chapter 1 Personal Computer Hardware hours

Lab Organizing CCENT Objectives by OSI Layer

Linux Embedded devices with PicoDebian Martin Noha

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Edgewater Routers User Guide

Perimeter Firewalls. Brandon Napier Rick Archibald Pete Jamison HAL PC & HLUG 09/22/2007. brought to you by: in association with

Multi-Homing Dual WAN Firewall Router

Essential Curriculum Computer Networking 1. PC Systems Fundamentals 35 hours teaching time

Setting up pfsense as a Stateful Bridging Firewall.

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

Broadband Router ESG-103. User s Guide

SSL-VPN 200 Getting Started Guide

Chapter 6 Using Network Monitoring Tools

EZblue BusinessServer The All - In - One Server For Your Home And Business

User Manual. SIP Analog Telephone Adaptor SIP-GW2. Sedna Advanced Electronics Ltd.

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Savvius Insight Initial Configuration

Hands-on MESH Network Exercise Workbook

Lab Configuring Access Policies and DMZ Settings

DRO-210i LOAD BALANCING ROUTER. Review Package Contents

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX

DSL-G604T Install Guides

User Manual. Page 2 of 38

Barracuda Link Balancer Administrator s Guide

Digi Connect Wan 3G Application Guide Update the firmware, backup and restore the configuration of a Digi Connect Wan 3G using a USB flash drive.

Dramatically simplifying voice and data networking HOW-TO GUIDE. Bundle Quick Start Guide

ASUS WL-5XX Series Wireless Router Internet Configuration. User s Guide

Configuring a customer owned router to function as a switch with Ultra TV

SSVP SIP School VoIP Professional Certification

Broadband Router ALL1294B

First Installation Guide

Basic IPv6 WAN and LAN Configuration

Load Balancer LB-2. User s Guide

How To Check If Your Router Is Working Properly On A Nr854T Router (Wnr854) On A Pc Or Mac) On Your Computer Or Ipad (Netbook) On An Ipad Or Ipa (Networking

Enabling NAT and Routing in DGW v2.0 June 6, 2012

WorldSkills Hong Kong Competition Test Project IT Network Systems Administration (Linux Module) English Version only 只 提 供 英 文 版 本

Chapter 1 Configuring Basic Connectivity

Chapter 6 Using Network Monitoring Tools

OS Installation Guide Red Hat Linux 9.0

BR Load Balancing Router. Manual

How To Configure A Vyatta As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net (Dspv) On A Network With A D

ALOHA Load Balancer Quickstart guide

University of Hawaii at Manoa Professor: Kazuo Sugihara

Chapter 1 Overview. JetBox Industrial Communication Computer

I N S T A L L A T I O N M A N U A L

How to Guide: StorageCraft Cloud Services VPN

OpenWRT. Khalid Baheyeldin Kitchener Waterloo Linux Users Group. August 2014

Penetration Testing LAB Setup Guide

Chapter 2 Preparing Your Network

Protecting the Home Network (Firewall)

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

The Billion 8800NL - All-In-One Bridge modem solution for the UK For use with a dedicated firewall

Innominate mguard Version 6

TW100-BRV204 VPN Firewall Router

AP6511 First Time Configuration Procedure

Load Balancing Router. User s Guide

Definition of firewall

Cloud.com CloudStack Community Edition 2.1 Beta Installation Guide

Digi Connect WAN Application Guide Using the Digi Connect WAN and Digi Connect VPN with a Wireless Router/Access Point

Configuring Routers and Their Settings

*** Release Notes for Broadband-Hamnet *** (Please Read and Consider Updating Soon)

Defeating Firewalls : Sneaking Into Office Computers From Home

HOW TO CONFIGURE CISCO FIREWALL PART I

Configuring PPP And SIP

Quick Installation Guide

PFSENSE Load Balance with Fail Over From Version Beta3

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

How To Check If Your Router Is Working Properly

1. Hardware Installation

Meraki MX50 Hardware Installation Guide

DT01 WiFi/3G VoIP PBX / ATA User Manual

Digi Connect WAN Application Helper Configuring and Testing the Digi Connect WAN GSM

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

TimeIPS Server. IPS256T Virtual Machine. Installation Guide

Configuring WAN Failover & Load-Balancing

Advanced Diploma In Hardware, Networking & Server Configuration

MN-700 Base Station Configuration Guide

Configuration Management: Best Practices White Paper

Table of Contents. Cisco How to Download a Software Image to a Cisco 2600 through TFTP Using the tftpdnld ROMmon Command

IP Address and Pre-configuration Information

WISP 101. The DO s and DON T s of becoming a Wireless ISP

WhatsUpGold. v3.0. WhatsConnected User Guide

Chapter 7 Troubleshooting

NOC PS manual. Copyright Maxnet All rights reserved. Page 1/45 NOC-PS Manuel EN version 1.3

WEB CONFIGURATION. Configuring and monitoring your VIP-101T from web browser. PLANET VIP-101T Web Configuration Guide

WS 2000 Wireless Switch. System Reference

Transcription:

OpenWRT - embedded Linux for wireless routers Ted Faber USC/ISI USC Viterbi School of Engineering 22 Mar 2007

Outline ISO 1131/IBM 001 Disclaimer: Not an OpenWRT designer or developer There s more than one way to do it Outline Big Picture OpenWRT Linksys WRT54GL networking Practical Stuff buying flashing what you get how to get more Example: my home network

Role of the Router 30,000 foot view workstation Internet your router IP your netmask WRT54GL 192.168.1.0 255.255.255.0 workstation workstation Default OpenWRT setup router does address translation for hosts can forward service requests to servers allocates local IP answers DNS queries

OpenWRT I ve called you all here... Embedded Linux for wireless routers Full command-line environment, but lean Appropriate device drivers WWW interface for simple configuration Why screw around with flash on my router?? Tweak the service configuration firewall local DNS DHCP Get more out of the hardware signal strength afterburner VLAN switch - DMZ

Linksys WRT54GL Let s talk about hardware... CPU/Filesystem resources Broadcom 5352 200Mhz RAM 16 MB Flash 4 MB Networking Wireless interface (including "afterburner") Ethernet bridge (bridges to wireless) VLAN switch Other Hardware: http://wiki.openwrt.org/tableofhardware

Important Safety Tip The L is very important The WRT54G (not GL) is much less capable: 2 MB RAM 8 MB flash VxWorks OS very brickable New from Amazon WRT54G: $49.99 WRT54GL: $64.99 WRT54GS: $69.99 WRST54GS: $99.99 - USB!

The Innards of the WRT54GL Mmmmm. Block diagram Image from http://wiki.openwrt.org/openwrtdocs/networkinterfaces

VLANs and a DMZ What are VLANs for? Image from http://wiki.openwrt.org/openwrtdocs/networkinterfaces

Network setup don t burn any bridges... Internet workstation 192.168.1.0 255.255.255.0 WRT54GL Router lives on 192.168.1.1 Firewall rules to router open Hooked to Internet for packages

Flashing the Firmware (WRT54GL) it s this easy Default webserver on 192.168.1.1:80 user: admin password: admin Download the right firmware http://downloads.openwrt.org/whiterussian/newest/ WRT54GL: default/openwrt-wrt54g-squashfs.bin WRT54G: micro/openwrt-wrt54g-squashfs.bin upgrade: openwrt-brcm-2.4-squashfs.trx Choose "the update the firmware" option from the web server take a short walk - do not disturb Other choices: TFTP, JTAG...

After the flash initial housekeeping Telnet (!) in and set a root password initial install - no password later boots will disable telnet Ssh server in place add ssh2 keys into /etc/dropbear/authorized hosts Set boot_wait for safety Can config a lot from the web server including all this

What comes with the default install out of the box Linux 2.4.30 kernel Utilities busybox telnet (but make sure it s off) dropbear (ssh server) iptables (firewalling, NAT configuration) dnsmasq (DNS and DHCP on the 192.168.1.0 subnet, LAN port) udhcpc (busybox, WAN port)

Extensions a little nuts on your vanilla Extra packages: ipkg tool (std install) http://downloads.openwrt.org/whiterussian/packages/ probably need http proxy Compliling OpenWRT or packages http://wiki.openwrt.org/buildingpackageshowto debian environment cross compile FreeBSD ports/gentoo packages style

Linux on the OpenWRT Filesystems tech weenie stuff /rom - read only files /tmp - memory file system /jffs2 - journalling flash file system mini_fo mitigates between jffs and rom (firstboot restores orig) NVRAM (last 64K of flash) configuration options scripts commands hardware config (VLANs & interfaces) nvram command manipulates this

Example: My Home Network where the heart is workstation Internet 192.0.2.0 255.255.255.252 server DNS,DHCP firewall 192.0.2.4 255.255.255.252 workstation workstation Server a choke point/my desktop Wasted addresses in firewall ISP believes we re 1 happy subnet (proxy arp) 192.0.2.0 is the example subnet from RFC 3330, not my home net

A Better Tomorrow openwrt to the rescue server Internet 192.0.2.0 255.255.255.248 WRT54GL DNS,DHCP firewall 192.0.2.0 255.255.255.248 workstation workstation Non-servers work if server down Extra IP address ISP believes we re 1 happy subnet (proxy arp) Plan - disable everything and build back up

Step 1: addresses and routing getting packets in place http://www.sjdjweis.com/linux/proxyarp/ Doing it Set addresses of WAN and LAN (WEP as well) using nvram Set proxy ARP on for ISP side (kernel feature!) iproute2 install with ipkg set up routing with same address on 2 interfaces Put it all (except nvram) into /etc/init.d/s80bridge

Step 2: Firewall protecting the home front http://wiki.openwrt.org/openwrtdocs/iptables Edits to /etc/user.firewall disable host masquerading (NAT) add rules to allow local services on WRT54GL NTP DNS add rules for services on server default allows connections out

Step 3: DHCP and DNS 2 features, 1 program (dnsmasq) http://wiki.openwrt.org/openwrtdocs/dnsmasq DHCP override standard script completely too helpful set to hand out my local addresses timeouts, addresses, default routes, DNS servers, domain DNS front end to my DNS and ISP DNS Edits are to /etc/dnsmasq.conf

Step 4: Time Setting just to be a weenie http://wiki.openwrt.org/openwrtdocs/configuration Get ntpclient using ipkg Write script to call default setup failed due to my topology Add cron call

That s it! fun, fast, easy http://wiki.openwrt.org/ http://www.openwrt.org/ Docs are good Any time you touch firmware be patient Fun little box that lets you explore networking

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information