learningbydeveloping.com

 

Learning by developing

...because practice teaches you

Basic configuration files:

 

In this section we will explain the basic configuration of a device.

 

 

Configuring eth0 to use 192.168.4.1 instead of another network address:

 

I explain this because sometimes we want to configure our openwrt router through another router and a lot of routers have by default defined the address 192.168.1.1. In order to avoid problems we will set the address to, for instance, 192.168.4.1.

 

This task is really easy. The file /etc/config/network contains some lines for configuring it. This is the one used by default:

 

config ‘interface’ ‘loopback’

option ‘ifname’ ‘lo’

option ‘proto’ ‘static’

option ‘ipaddr’ ‘127.0.0.1’

option ‘netmask’ ‘255.0.0.0’

 

config ‘interface’ ‘lan’

option ‘ifname’ ‘eth0′

option ‘type’ ‘bridge’

option ‘proto’ ‘static’

option ‘ipaddr’ ‘192.168.1.1’

option ‘netmask’ ‘255.255.255.0’

 

config ‘interface’ ‘wan’

option ‘ifname’ ‘eth1′

option ‘proto’ ‘dhcp’

 

config ‘switch’

option ‘name’ ‘eth0′

option ‘reset’ ‘1’

option ‘enable_vlan’ ‘1’

 

config ‘switch_vlan’

option ‘device’ ‘eth0′

option ‘vlan’ ‘1’

option ‘ports’ ‘0 1 2 3 4′

 

This file can be edited and changed the address of “config ‘interface’ ‘lan’ , the option ‘ipaddr’ to ‘192.168.4.1’ or it can also be done through the use of UCI:

 

You can check the network configurations:

 

$uci show network

network.loopback=interface

network.loopback.ifname=lo

network.loopback.proto=static

network.loopback.ipaddr=127.0.0.1

network.loopback.netmask=255.0.0.0

network.lan=interface

network.lan.ifname=eth0

network.lan.type=bridge

network.lan.proto=static

network.lan.ipaddr=192.168.1.1

network.lan.netmask=255.255.255.0

network.wan=interface

network.wan.ifname=eth1

network.wan.proto=dhcp

network.@switch[0]=switch

network.@switch[0].name=eth0

network.@switch[0].reset=1

network.@switch[0].enable_vlan=1

network.@switch_vlan[0]=switch_vlan

network.@switch_vlan[0].device=eth0

network.@switch_vlan[0].vlan=1

network.@switch_vlan[0].ports=0 1 2 3 4

 

The line we are interested would be: “network.lan.ipaddr=192.168.1.1”

 

Then we change the address to 192.168.4.1 or the one we decide:

$ uci set network.lan.ipaddr=192.168.4.1

 

And finally commit the changes:

$ uci commit

 

The changes will be already in /etc/config/network. Then just restart the router and you will have that ip.

 

Activating WiFi through command line:

 

Check the actual configuration:

root@OpenWrt:/etc/config# uci show wireless | grep disabled

wireless.radio0.disabled=1

 

 

Change it to enable:

# uci set wireless.radio0.disabled=0

root@OpenWrt:/etc/config# uci commit

 

Restart network:

root@OpenWrt:/etc/config# /etc/init.d/network restart

Configuration file: /var/run/hostapd-phy0.conf

Using interface wlan0 with hwaddr f8:d1:11:50:3b:16 and ssid ‘OpenWrt’

 

Changing the wireless interface to non-AP:

 

First let’s take a look to the values that uci has: “$ uci show wireless.radio0”. Note: this radio0 we found beforehand while doing “$ uci show wireless”.

root@OpenWrt:/etc/config# uci show wireless.radio0

wireless.radio0=wifi-device

wireless.radio0.type=mac80211

wireless.radio0.channel=11

wireless.radio0.macaddr=ff:ff:ff:ff:ff:ff:ff

wireless.radio0.hwmode=11ng

wireless.radio0.htmode=HT20

wireless.radio0.ht_capab=SHORT-GI-20 SHORT-GI-40 TX-STBC RX-STBC1 DSSS_CCK-40

wireless.radio0.disabled=0

 

To avoid having an AP automatically configured through command line:

 

1st. First check the wifi interface associated to your radio. Note: I don’t paste all the output but only the important part:

$ uci show wireless

wireless.@wifi-iface[0]=wifi-iface

wireless.@wifi-iface[0].device=radio0

wireless.@wifi-iface[0].network=lan

wireless.@wifi-iface[0].mode=ap

wireless.@wifi-iface[0].ssid=OpenWrt

wireless.@wifi-iface[0].encryption=none

 

 

2nd.Change some parameters:

 

 

2.1.            $ uci set wireless.@wifi-iface[0].mode=sta

2.2.            $ uci set wireless.@wifi-iface[0].ssid=

2.3.            $ uci set wireless.@wifi-iface[0].encryption=

2.4.            $ uci commit

 

 

Output:

root@OpenWrt:/etc/config# uci set wireless.@wifi-iface[0].mode=sta

root@OpenWrt:/etc/config# uci set wireless.@wifi-iface[0].ssid=

root@OpenWrt:/etc/config# uci set wireless.@wifi-iface[0].encryption=

root@OpenWrt:/etc/config# uci commit

root@OpenWrt:/etc/config#uci show wireless.@wifi-iface[0]

wireless.cfg033579=wifi-iface

wireless.cfg033579.device=radio0

wireless.cfg033579.network=lan

wireless.cfg033579.mode=sta

 

Now if you reset the network interfaces or reboot the device you will be able to check that your device is not configured as an access point anymore: $ /etc/init.d/network

Note: you will see, if you execute the network restart that it says “enable_mac80211(radio0): Failed to set up wpa_supplicant for interface wlan0”. I didn’t solve this problem since it was not critical for me, but please, feel free to send comments if you solve it so that I can publish the solution here as well.

 

root@OpenWrt:/etc/config# /etc/init.d/network restart

wpa_supplicant_setup_vif(wlan0): Refusing to bridge sta mode interface

enable_mac80211(radio0): Failed to set up wpa_supplicant for interface wlan0

root@OpenWrt:/etc/config# ifconfig wlan0

wlan0     Link encap:Ethernet  HWaddr FF:FF:FF:FF:FF

BROADCAST MULTICAST  MTU:1500  Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:32

RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

 

root@OpenWrt:/etc/config# iwconfig wlan0

wlan0     IEEE 802.11bgn  ESSID:off/any

Mode:Managed  Access Point: Not-Associated   Tx-Power=18 dBm

RTS thr:off   Fragment thr:off

Encryption key:off

Power Management:off

 

 

Basic scripts and rc.levels in Linux/Openwrt:

 

There are multiple configuration files in Openwrt routers and it is not my intention to give a full explanation about all the configuration tricks available in it.

 

One of the first files we might want to take a look is /etc/init.d/boot. Here some configuration files and logs are loaded, as well as the timezone(defined in the UCI entry system.@system[0].timezone= and in /etc/config/system). This file might be used, for instance, to disable the logs in the system(if we want to use a usb drive we might want to decrease to the maximum the amount of writings on it). In order to do that we should comment (with “#” without quotes) the commands we do not want to execute. For instance, if we want to avoid /sbin/syslogd and /sbin/klogd to be executed, we would comment this code out of the file:

        if [ -x /sbin/syslogd ]; then

local args log_ip log_size log_port log_type log_file

config_get log_ip “$cfg” log_ip

config_get log_size “$cfg” log_size 16

config_get log_port “$cfg” log_port 514

config_get log_type “$cfg” log_type circular

config_get log_file “$cfg” log_file “/var/log/messages”

args=”${log_ip:+-L -R ${log_ip}:${log_port}} ${conloglevel:+-l $

if [ “$log_type” = “file” ]; then

args=”$args -s $log_size -O $log_file -S”

else

args=”$args -C${log_size}”

fi

service_start /sbin/syslogd $args

fi

if [ -x /sbin/klogd ]; then

config_get klogconloglevel “$cfg” klogconloglevel

args=”${klogconloglevel:+-c $klogconloglevel}”

service_start /sbin/klogd $args

fi

 

About other configuration files, most of them are placed in /etc/config. I would recommend not to edit these files by hand but to use UCI instead, but I encourage you to take a look to it.

 

That was everything I wanted to write about configuration files, but let’s not concentrate in the runtime levels. It is not my objective to describe all of them and so I would just give you the link to Wikipedia, where you can start reading about it and go through its references: http://en.wikipedia.org/wiki/Runlevel

 

First of all, if we want to add new applications to be executed when our system boots, then we can set a script in /etc/rc.d. In my case I like more using /etc/rc.local for some startup instructions after the system is up. This file accepts commands (interpreted line by line) and allows us to do some troubleshooting or carry some other tasks out when the system runs.

 

Configuring SSH/Dropbear to listen into eth1:

 

Dropbear is a lightweight version of SSH and SSHd used in embedded Linux. Its configuration file is placed in /etc/config/dropbear. By default the content is similar to this:

 

root@OpenWrt:/etc/config# cat dropbear

config dropbear

option PasswordAuth ‘on’

option RootPasswordAuth ‘on’

option Port         ’22’

option Interface    ‘lan’

 

In that configuration we can see that Dropbear will be listening for incoming connections in the port 22 of the ‘lan’ interface.

Note: Another option to change the timezone is to modify the timezone to the one you need in /etc/config/system:

→ option ‘timezone’ ‘VALUE’

 

 

If we want Dropbear to listen also in the ‘wan’ interface(it might be that you have your openwrt router connected to some other router  and getting connection from there so that you do not have direct access to its ‘lan’ ports), we have to configure this connection.

This configuration can be carried out in two different ways:

 

1st. Change the configuration in /etc/config/dropbear and add the following to the file(leave the other lines as they are):

 

config ‘dropbear’

option ‘Port’ ’22’

option ‘PasswordAuth’ ‘on’

option RootPasswordAuth ‘on’

option ‘Interface’ ‘wan’

 

If, at some point, you want to change the configuration, you can also use UCI:

root@OpenWrt:/etc/config# uci show dropbear

dropbear.@dropbear[0]=dropbear

dropbear.@dropbear[0].PasswordAuth=on

dropbear.@dropbear[0].RootPasswordAuth=on

dropbear.@dropbear[0].Port=22

dropbear.@dropbear[0].Interface=lan

dropbear.@dropbear[1]=dropbear

dropbear.@dropbear[1].Port=22

dropbear.@dropbear[1].PasswordAuth=on

dropbear.@dropbear[1].RootPasswordAuth=on

dropbear.@dropbear[1].Interface=wan

 

Then just use “uci set dropbear@dropbear[1].option=Value” to change the value of that option and then “uci commit” to commit the changes.

 

Now we just have to check the firewall (/etc/config/firewall or UCI) and see that the following rule is defined:

config rule

option src wan

option proto tcp

option dest_port 22

option target ACCEPT

 

Then just restart the firewall and Dropbear(or reboot the router). That should make the router to load the changes.

 

I will be waiting for your comments!

 

Have a nice week!

 

David.

Leave a Reply