history of 'OpenWrtHowTo'
- !!Get OpenWRT here : http://downloads.openwrt.org/whiterussian/rc2/bin/ %%%
+ !!Get OpenWRT here : http://downloads.openwrt.org/whiterussian/ %%%
|
- [WRT54CLIENT-REVFWWAN]
- [WRT54CLIENT-REVFWWL] Put the WRT into client mode, break the bridge and reverse the firewall onto WAN.
+ [WRT54CLIENT-REVFWWL] Put the WRT into client mode, break the bridge and firewall wireless.%%%
- !!AP Mode and reversing the firewall
- [WRT54AP-REVFWWAN] WRT in AP connected to a AP in client mode, with wifi and lan on the bridge - wan interface firewalled. i.e. 2x WRT54G Repeater firewalled from your private network )
+ !!AP Mode and reversing the firewall to WAN
+ [WRT54AP-REVFWWAN] WRT is AP with wifi and lan on the bridge. WAN interface connected to your private network firewalled from LAN and Wireless. (Don't break the bridge)
|
- !! Getting started
+ !! Getting started%%%
+ !!Get OpenWRT here : http://downloads.openwrt.org/whiterussian/rc2/bin/ %%%
+ Use squashfs if this is your first attempt at loading something new on the WRT54. %%%
- if you bugger up your firewall severely and can't get in, or perhaps do something even dumber... who knows, have no fear, openwrt built in a failsafe boot, that boots with your existing nvram settings, but does not load firewall, and some other extras, allowing you to go in, and modify the nvram to a stable state!
+ %%%
+ %%%
+ If you bugger up your firewall severely and can't get in, or perhaps do something even dumber... who knows, have no fear, openwrt built in a failsafe boot, that boots with your existing nvram settings, but does not load firewall, and some other extras, allowing you to go in, and modify the nvram to a stable state!
- [WRT54CLIENT-REVFWWAN] Put the WRT into client mode, break the bridge and reverse the firewall onto WAN.
+ !!Client Mode ( break the bridge ) with firewalled wireless interface
+ [WRT54CLIENT-REVFWWAN]
+ [WRT54CLIENT-REVFWWL] Put the WRT into client mode, break the bridge and reverse the firewall onto WAN.
|
- !! Client Mode wifi and lan separated ( break the bridge mode ) ie firewalled wireless interface
- nvram set boot_wait=on %%%
- nvram set lan_ifname=vlan0 %%%
- nvram set wifi_ifname=eth1 %%%
+ [WRT54CLIENT-REVFWWAN] Put the WRT into client mode, break the bridge and reverse the firewall onto WAN.
- nvram set wl0_ssid=AP_requd_to_connect_to %%%
- nvram set wl0_channel=6 %%%
- nvram set lan_proto=static %%%
- nvram set lan_ipaddr=192.168.2.x %%%
- nvram set wifi_proto=static %%%
- nvram set wifi_ipaddr=172.16.255.x %%%
- %%%
- #the next few lines vary based on your configs and might not be reuired in all cases%%%
- #nvram set wifi_gateway=172.16.255.x %%%
- #nvram set wifi_dns=172.16.255.x%%%
- %%%
- Ensure /etc/init.d/S45firewall is modified accordingly so that the line reading %%%
- WAN=$(nvram get wan_ifname)%%%
- becomes%%%
- WAN=$(nvram get wifi_ifname)%%%
- MAKE SURE TO DO THE FIREWALL BEFORE REBOOTING WRT, IF THIS IS NOT DONE, YOU RUN THE RISK OF BEING LOCKED OUT OF THE AP.%%%
- don't forget to nvram commit
- Well done, you have just setup wrt to be a client to another network, and firewalled your local network, by setting a route to the subnet of the wireless network, you can NAT out of your LAN to the wireless users IP segment, and to allow wireless users access to services on your LAN, add the appropriate lines %%%
- To forward http traffic to a locak web server, add lines %%%
- %%%
- iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 80 -j DNAT --to 192.168.2.2:80 %%%
- iptables -A forwarding_rule -i $WAN -p tcp --dport 80 -d 192.168.2.2 -j ACCEPT %%%
|
+ [WRT54AP-WDS] Connect multiple AP's together wirelessly using WDS, so you don't need to put the AP into client mode. i.e. one WRT54 = AP + Client = Repeater. Tested working!
|
+ Remember the basics, before doing anything, do the following %%%
+ nvram set boot_wait=on "#This enables boot_wait, the ability to tftp firmware across if things go bad" %%%
+ if you bugger up your firewall severely and can't get in, or perhaps do something even dumber... who knows, have no fear, openwrt built in a failsafe boot, that boots with your existing nvram settings, but does not load firewall, and some other extras, allowing you to go in, and modify the nvram to a stable state!
+ to boot failsafe,
+ #unplug the power
+ #plug back in
+ #as soon as the dmz light pops on,
+ #hit the reset button for 1 second (or until dmz light starts flashing)
+ #go in and fix your mess!
- Hold down (or get someone else to help) the reset button on the back of the WRT. Now plug in the Power, but dont let go of the reset button! %%%
- Now hit enter on the tftp "put" command. %%%
- It should take a few seconds, and then you'll see it start the actual upload, things will scroll quite fast (you can let go of the reset button once it has started) %%%
+ Now plug in the Power %%%
+ about 2 seconds later%%%
+ (if you aren't sure when its ok to hit enter on put command, have another terminal running with a ping on 192.168.1.1, as soon as a response comes, hit enter on put!)
+ hit enter on the tftp "put" command. %%%
+ It should take a few seconds, and then you'll see it start the actual upload, things will scroll quite fast %%%
|
- !! Client Mode wifi and lan separated ( break the bridge mode )
+ !! Client Mode wifi and lan separated ( break the bridge mode ) ie firewalled wireless interface
- #For Dynamic IP assignment%%%
- #nvram set wifi_proto=dhcp%%%
+ WAN=$(nvram get wan_ifname)%%%
+ becomes%%%
- #WAN=$(nvram get wan_ifname)%%%
+ MAKE SURE TO DO THE FIREWALL BEFORE REBOOTING WRT, IF THIS IS NOT DONE, YOU RUN THE RISK OF BEING LOCKED OUT OF THE AP.%%%
+ don't forget to nvram commit
+ Well done, you have just setup wrt to be a client to another network, and firewalled your local network, by setting a route to the subnet of the wireless network, you can NAT out of your LAN to the wireless users IP segment, and to allow wireless users access to services on your LAN, add the appropriate lines %%%
+ To forward http traffic to a locak web server, add lines %%%
+ iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 80 -j DNAT --to 192.168.2.2:80 %%%
+ iptables -A forwarding_rule -i $WAN -p tcp --dport 80 -d 192.168.2.2 -j ACCEPT %%%
+ !! AP Mode wifi and lan separated ( break the bridge mode ) ie firewalled wireless interface
+ Follow Howto for client mode, but where it says %%%
+ replace it with %%%
+ nvram set wl0_mode=ap %%%
+ and set your ap name and channel with %%%
+ nvram set wl0_ssid=my_AP_NAME
+ nvram set wl0_channel=my_AP_chan
+ do firewalling as in clientmode
|
- !![WRT54AP-REVFWWAN] WRT in AP connected to a AP in client mode, with wifi and lan on the bridge - wan interface firewalled. i.e. 2x WRT54G Repeater firewalled from your private network )
+ !!AP Mode and reversing the firewall
+ [WRT54AP-REVFWWAN] WRT in AP connected to a AP in client mode, with wifi and lan on the bridge - wan interface firewalled. i.e. 2x WRT54G Repeater firewalled from your private network )
|
- [WRT54AP-REVFWWAN] WRT in AP connected to a AP in client mode, with wifi and lan on the bridge - wan interface firewalled. i.e. 2x WRT54G Repeater firewalled from your private network )
+ !![WRT54AP-REVFWWAN] WRT in AP connected to a AP in client mode, with wifi and lan on the bridge - wan interface firewalled. i.e. 2x WRT54G Repeater firewalled from your private network )
|
- [WRT54AP-REVFWWAN]Client mode with switch and wifi on the bridge - wan interface firewalled.Good for hooking up a Client and AP together and connecting the WAN interface to a private network ( i.e. Create a Repeater with 2 WRT54G thats connected to your network )
+ [WRT54AP-REVFWWAN] WRT in AP connected to a AP in client mode, with wifi and lan on the bridge - wan interface firewalled. i.e. 2x WRT54G Repeater firewalled from your private network )
|
+ On Windows XP and Server 2003 ( comes standard )
+ Start -> Run ... -> type cmd
+ In the command prompt window type : tftp -i 192.168.1.1 put fwimage.bin
|
- [WRT54-LWCLIENT]Client mode with switch and wifi on the bridge - wan interface firewalled.Good for hooking up a Client and AP together and connecting the WAN interface to a private network ( i.e. Create a Repeater with 2 WRT54G thats connected to your network )
+ [WRT54AP-REVFWWAN]Client mode with switch and wifi on the bridge - wan interface firewalled.Good for hooking up a Client and AP together and connecting the WAN interface to a private network ( i.e. Create a Repeater with 2 WRT54G thats connected to your network )
|
- !! Client Mode
+ !! Client Mode wifi and lan separated ( break the bridge mode )
+ [WRT54-LWCLIENT]Client mode with switch and wifi on the bridge - wan interface firewalled.Good for hooking up a Client and AP together and connecting the WAN interface to a private network ( i.e. Create a Repeater with 2 WRT54G thats connected to your network )
|
+ The basic procedure for uploading/recovering is outlined below. %%%
+ You will need: %%%
+ Linux machine with tftp %%%
+ Image that you want to upload %%%
+ A network cable directly to the WRT %%%
+ Your PC set to an IP in the 192.168.1.0/24 network (eg: 192.168.1.2) Not .1! %%%
+ Heres how %%%
+ First, unplug the power from your WRT. %%
+ Then, execute these commands on your linux machine %%%
+ <code>
+ tftp 192.168.1.1
+ > binary
+ > trace
+ > rexmt 1
+ > put openwrt-g-code.bin
+ </code>
+ Dont press enter on the "put" just yet! %%%
+ Hold down (or get someone else to help) the reset button on the back of the WRT. Now plug in the Power, but dont let go of the reset button! %%%
+ Now hit enter on the tftp "put" command. %%%
+ It should take a few seconds, and then you'll see it start the actual upload, things will scroll quite fast (you can let go of the reset button once it has started) %%%
+ Now wait a few minutes for it to complete the boot, and try pinging it.
|
- [.#OLSR]
+ !! OLSR
- !! [#OLSR,"OLSR"]
|
+ [OLSR]
- !! OLSR
+ !! [#OLSR,"OLSR"]
|
+ nvram set boot_wait=on %%%
+ nvram set lan_ifname=vlan0 %%%
+ nvram set wifi_ifname=eth1 %%%
+ nvram set wl0_mode=sta %%%
+ nvram set wl0_ssid=AP_requd_to_connect_to %%%
+ nvram set wl0_channel=6 %%%
+ nvram set lan_proto=static %%%
+ nvram set lan_ipaddr=192.168.2.x %%%
+ nvram set wifi_proto=static %%%
+ nvram set wifi_ipaddr=172.16.255.x %%%
+ %%%
+ #the next few lines vary based on your configs and might not be reuired in all cases%%%
+ #nvram set wifi_gateway=172.16.255.x %%%
+ #nvram set wifi_dns=172.16.255.x%%%
+ %%%
+ #For Dynamic IP assignment%%%
+ #nvram set wifi_proto=dhcp%%%
+ %%%
+ Ensure /etc/init.d/S45firewall is modified accordingly so that the line reading %%%
+ #WAN=$(nvram get wan_ifname)%%%
+ WAN=$(nvram get wifi_ifname)%%%
|
(previous content completely removed)
+ !! Getting started
+ !! Client Mode
+ !! WDS
+ !! OLSR
+ !! TFTP Uploading
|
- | ["getting started" openwrt-getstarted] |
- | ["clent-mode" openwrt-client-mode-howto] |
- | ["WDS" openwrt-wds-howto] |
- | ["OLSR" openwrt-OLSR-howto ] |
- | ["tftp uploading" openwrt-tftp-howto] |
+ | ["getting started" OpenWrtHowTo-getstarted] |
+ | ["clent-mode" OpenWrtHowTo-client-mode-howto] |
+ | ["WDS" OpenWrtHowTo-wds-howto] |
+ | ["OLSR" OpenWrtHowTo-OLSR-howto ] |
+ | ["tftp uploading" OpenWrtHowTo-tftp-howto] |
|
- | [openwrt-client-mode-howto] |
- | [openwrt-wds-howto] |
- | [openwrt-OLSR-howto ] |
+ | ["getting started" openwrt-getstarted] |
+ | ["clent-mode" openwrt-client-mode-howto] |
+ | ["WDS" openwrt-wds-howto] |
+ | ["OLSR" openwrt-OLSR-howto ] |
+ | ["tftp uploading" openwrt-tftp-howto] |
|
JAWUG