On Sun, 2007-03-11 at 16:19 -0400, Ben Scott wrote: > Hi everybody! > > I was asked off-list about my experience with OpenWRT. I asked if > an on-list message was okay, and it was. So: > > I have a LinkSys WRT54G, Hardware Version 2, at home. As many know, > these boxes run Linux internally, and third-party firmware has been > developed to greatly extend their feature set. Llyod Kvam recently > spoke at the Nashua chapter [1] about doing this for his own purposes, > and that's what gave me the impetus to finally try it out. > > Picking a Project > ----------------- > > There are several different third-party firmware projects. OpenWRT, > DD-WRT, HyperWRT, Sveasoft, and others. I did a little Googling, > trying to figure out which was best for my purposes. I eventually got > the impression that OpenWRT was well-supported and very "modular" -- > it's built around the idea of a small base system plus optional > packages, just like a "regular" Linux distribution. So I went that > way.
I was in a hurry when I picked OpenWRT. A quick read indicated that it would do the firewall job I was tackling. I also noticed that they were targeting a fairly large list of devices. > > Installation > ------------ > > Installation was ludicrously simple. I went to the OpenWRT home > page (http://openwrt.org/), clicked "Download", downloaded the release > for my box, and uploaded it using the LinkSys stock web UI. The box > rebooted, and was now running the OpenWRT firmware. It even preserved > my old configuration! I glossed over the installation because it was so simple. The configuration based on "magic" nvram variables is extremely simple. OpenWRT clearly stuck with the basic Linksys approach. My config was based on bridging the Internet to the LAN rather than routing with NAT. I split the 4 port LAN into an Internet side and a LAN side. For general use as a bridging filter, it would be better to discard the WAN routing and bridge the Internet port to the LAN ports with the appropriate filters. That would have required more extensive changes to the startup scripts. However the labels on the box ports would have reflected the real processing going on. > > Well, okay, I read some documentation first, because that's the kind > of guy I am. But that was the conclusion I reached. The only > tricky part was picking which firmware was what. > > Picking the Firmware > -------------------- > > Short version: Go to the OpenWRT home page, click "Download", click > "Default", find the file name that matches your model name, and grab > that. > > Long version: > > There are multiple base images, with different functionality > included. This is apparently done mainly for the newer LinkSys boxes > (V5 and later), which don't have enough marbles for a complete kit. > If you've got a V4 or or older WRT54G, or a WRT54GL, you can just use > the "default" (I guess sometimes called "bin") base image. > > There are two firmware file formats, TRX and BIN. These days, I > gather you can just use the BIN provided for your model. (I guess it > used to matter more, but things have improved, and now it doesn't.) > > There was also mention of JFFS vs SquashFS images. I gather this is > also obsolete these days. At the least, the pre-built images are all > just "squashfs". > > There's also all this stuff about version numbers and mixed drinks. > Just use "whiterussion/0.9", which is the current stable release. > (The mixed drinks are tags for the release milestones.) > > Configuration > ------------- > > There is no stock password. To set the password, you telnet to the > box. It automatically logs you in to a root shell prompt. You then > run "passwd" like you normally would. In addition to setting the > password, this also disables Telnet and enables SSH. The default > firewall *does* block everything coming in from the WAN/Internet side, > so you at least need to be on the LAN in order to do this. > > As I mentioned above, OpenWRT preserved the configuration I had > created with the stock LinkSys firmware. Apparently, OpenWRT > understands and uses the same NVRAM syntax as LinkSys. So > configuration was already largely "done". > > More Installation > ----------------- > > The OpenWRT web interface ("webif") had some, but not all, of the > basic configuration elements of the LinkSys web UI. But I quickly > found reference to something called X-WRT and Webif² (Webif^2). X-WRT > is an overlay distribution (think atrpms, rpmforge, etc.) for OpenWRT. > Webif² is a *much* more powerful web UI. To install it, you just > issue this command at the OpenWRT root prompt: > > ipkg install http://ftp.berlios.de/pub/xwrt/webif_latest_stable.ipk > > One auto-reboot later (they did warn of this), and I was presented > with the new-and-improved Webif² UI. > > The web UI does provide a menu-driven list of available packages, > with options to install them, so even keyboard-phobics may be okay. > > More Configuration > ------------------ > > The Webif² UI looks pretty capable, while still being accessible to > newbies (and I'm still a newbie to OpenWRT). There are many options, > but they are divided into categories and subcategories that made > immediate sense to me. There are links for "More information" all > over the place. When a function needs some optional packages to make > it work, there were widgets right there in the UI to click to install > them. I installed and configured NTP easily in this way. The only issue I faced with installing packages was that the ebtables modules were not automatically loaded (insmod) with the kernel. The fancier package managers always took care of this for me. I solved this by grepping through the the startup scripts looking for where the iptables modules got loaded (/etc/modules.d/40-ipt-nat-extra) and then added the ebtables modules to the list. > > Conclusion > ---------- > > That's about as far as I've gotten so far. There's a lot for me to > learn, but the docs on the OpenWRT site seem to have lots of info to > at least get me started. The documentation is very helpful, and quite detailed. Also notice that the (my) list of nvram variables is only 537 lines. Most of configuration choices boil down to setting a small number of variables to a consistent set of values. This can get mapped into a GUI interface pretty effectively. > > All in all, given that this involved replacing the entire OS of an > embedded device with third-party software designed by and for Linux > geeks, this was about as easy and accessible a project as I can > imagine. No configuring a kernel, no opening the case and installing > extra connectors, no cross-compiling. It was point-and-click. > > Footnotes > --------- > > [1] http://mail.gnhlug.org/pipermail/gnhlug-announce/2007-February/000383.html > http://permalink.gmane.org/gmane.org.user-groups.linux.gnhlug/8833 > > _______________________________________________ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ -- Lloyd Kvam Venix Corp. 1 Court Street, Suite 378 Lebanon, NH 03766-1358 voice: 603-653-8139 fax: 320-210-3409 _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
