Openwrt Config Twicks

Openwrt, even if a wonderfull toy comming out the box, is needing a few usefull configuration addings.

This page sums up a few tricks we use here to enhence the basic configuration.

Cron

Setting cron for wrt is cleary detailled here

Reboot when ppp fails

If your wrt is using a ppp connexion, you certainly need to make sure the connexion remains active. We noticed that, when the ppp connexion is lost, pppd get lost. Restarting network service is not efficient. Our tar archive provides a shell script (/usr/bin/link_status_monitor) to monitor the conenxion with a regular ping to a remote server. Default is to ping the log server found in the nvram variable log_ipaddr (could be a FQDN or a IP adress). From mai 14 2009 the script also monitors external (wan) ip change.

Dyndns

This section is incomplete we need hardware whith more memory to experiment

Adding dyndns requires quite a lot of available memory. With our firmware, we presently do not have enought available flash to install the required packages.

Based on : dynamic ns update example(but incomplete)

Step by steps:

Install packages:
ipkg install libopenssl
ipkg install zlib
cd /tmp/
wget http://openwrt.razvi.ro/bind-client_9.4.1-1_mipsel.ipk
wget http://openwrt.razvi.ro/bind-libs_9.4.1-1_mipsel.ipk
ipkg install bind-client_9.4.1-1_mipsel.ipk bind-libs_9.4.1-1_mipsel.ipk

Get packages .... To be terminated

Open ports for wifidog captive portal

First install latest csf-wifidog-webif and base_file csf pkgs you can get here.

There is a usefull hidden script to manage ports.

One can access this scrit using the following path on the portal web management interface:

/cgi-bin/webif/wifidog-advanced.sh

You can then define extra tcp or udp ports to open for authenticated users (known_users) and avoid TrustedMACList to authenticate (restricted acces without authentication) and event give OwnerMACList of owner machines that won't suffer any restriction at all (full access).

If you want to allow http, imap and pop (+secure versions) you can open the following tcp ports like this: 

wifidog_tcp_known_users="53 67 110 995 143 993 220 443"
wifidog_udp_known_users="67"
wifidog_tcp_member_users="53 67 80 110 995 143 993 220 443 22"
wifidog_udp_member_users="53 67"

You also certainly want to isolate clients, setting wl0_ap_isolate=1 to avoid many trouble.

Get and install our tar archive

Our tar archive provides the files to set up cron as described above and these extra scripts:

Get our latest tar archive here:
archloss-openwrt-twicks-latest.tgz

And install it on your openwrt as follows: 

cd /tmp/
wget http://www.archloss.fr/src/wrt/archloss-openwrt-twicks-latest.tgz
tar -C / -xzf archloss-openwrt-twicks-latest.tgz
/sbin/reboot

Links (some might be in french)

embedded_linux_managing_memory
memory technology device
petaramesh structure and memry size
Optimisations toulouse sans fil

Quick config

#!/bin/ash
 nvram set wifidog_tcp_known_users="53 67 110 995 143 993 220 443"
 nvram set wifidog_udp_known_users="67"
 nvram set wifidog_tcp_member_users="53 67 80 110 995 143 993 220 443 22"
 nvram set wifidog_udp_member_users="53 67"
 nvram set wl0_ap_isolate=1
 nvram set lm_logfile="/etc/lm.log"
 nvram set ws_logfile="/etc/ws.log"
 nvram set log_ipaddr="syslog.wireless-fr.org"
 nvram set log_ipaddr=212.51.173.30
 nvram set lm_extipcgi="http://www.archloss.fr/cgi-bin/client-ip"

nvram commit

cd /tmp/
wget http://www.archloss.fr/src/wrt/archloss-openwrt-twicks-latest.tgz
tar -C / -xzf archloss-openwrt-twicks-latest.tgz
wget http://depot.caensansfil.org/Paquets%20IPK/actuel/base-files_10-csf_12_mipsel.ipk
ipkg install base-files_10-csf_12_mipsel.ipk
wget http://depot.caensansfil.org/Paquets%20IPK/actuel/csf-wifidog-webif_0.2-6_mipsel.ipk
ipkg install csf-wifidog-webif_0.2-6_mipsel.ipk

#/sbin/reboot
Last modified: Sept. 09 2010