Tag Archive: OpenWrt


My new $43 network

Filed Under: networking
Sep.06, 2010

I’ve been working on a lot of virused computers lately.  Typically I haven’t had much concern for other devices on my network but then I ran into a recent rash of viruses that are much more sophisticated than usual.  One of them was silently doing “click fraud” in the background at the rate of 1000 clicks per minute or so.  This got me a little spooked about the rest of my network.  Even though my main computers are macs, I do think that cross platform or mac viruses will become a more regular occurrence.  This is why I decided to rebuild my network.

I have been hitting a lot of thrift stores lately.  It’s unbelievable what people are throwing out in my area.  Some stuff I can understand like the network hub for instance but other stuff like the wrt54g’s are a bit of a surprise.  The routers I have found range from WRT54Gv1’s to WRT54G-TM’s and routers as new as WRT54Gv6’s.  The prices have been as low as $7 up to about $13.  Sometimes I get the power supply with them, other times I pick up extras somewhere else.

In the matter of 2-3 months or so, I’ve managed to snag about 10 of them at bargain basement prices.  Personally, I don’t see the need for 802.11N for everything.  If I want to go REALLY fast, I’ll just plug in a wire, that’s always going to be faster than wireless anyways.  Whatever the case, their loss is my gain.  I’ve flashed these routers with DD-WRT for now since I don’t have a good grasp on OpenWrt quite yet and don’t need the extra functionality for the moment but I plan to start experimenting with OpenWrt a bit more at a later date.

Here’s how my network is laid out now:

DSL MODEM
^
OUTSIDE ROUTER(WIFI DISABLED)
^
HUB  <–>  Network sniffer
^
SWITCH  <–>  Guest access point(802.11B, WEP devices) & virused systems
^
INSIDE ROUTER(WPA enabled) <–> Most protected systems

I had a couple of goals with this layout.  First, I wanted to provide a single point where I could sniff ALL traffic going in or out of my network.  The hub provides me this because all of the traffic is spewed across all of the ports.  When I only have 2 devices plugged into the hub, there should not be a performance hit from this. One caveat however is a switch labeled as a hub.  I was unfortunate to purchase such a device but at least it was only a few bucks.  Another challenge is actually finding a 10/100 hub.  Most of them on the used market seem to be 10mbit.

My next goal was having a place to isolate guests and hook up older, insecure devices that only work with WEP and/or 802.11B.  One of my next steps will be adding another dedicated guest router for 802.11G devices but that’s not a huge priority.  Most importantly, I wanted to segment virused PC’s off of my network.

Hopefully this new setup will allow me to research odd malware behavior and keep my good systems a bit safer in the process.

Tags: , , ,
read more

OpenWrt on Avila: How to mount your cf card

Filed Under: embedded devices
Aug.13, 2010

There is not a lot of documentation out there about running OpenWrt on the Gateworks platform.  Specifically the gw2348-4 board that I’ve been playing with.  Mounting the CF card is not hard but there are a few prerequisites.  First I’ll assume that you have some form of network connection running.  After that, you’ll need to start with:

root@OpenWrt:# opkg update

After you’ve updated the list of packages, you’ll need to install some packages:

root@OpenWrt:# opkg install kmod-ata-ixp4xx-cf kmod-fs-ext3 e2fstools

Those will install a few dependencies as well.  After all of that is installed, you might want to reset for good measure.  When it comes back up, you should be able to see the CF card as /dev/sda.  Try formatting it as ext3 with the following command:

root@OpenWrt:# mke2fs -j /dev/sda1

That is assuming that you already had a partition on there of some sort.  After that is completed, you should be able to mount it:

root@OpenWrt:# mkdir /mnt/cf
root@OpenWrt:# mount /dev/sda1 /mnt/cf
root@OpenWrt:# df -h

You should get something like this:

Having a CompactFlash card in this router is a great advantage over the WRT54G series.  I know those can be hacked with an SD card but I’ve messed around with some of those quite a bit and not had very good luck with it.  This board is made for this specifically and worked right away without any screwing around.  If you prefer vfat partitions instead of ext3, do a little grepping and searching the opackages for vfat and dostools.  That should be enough to get you started.

Tags: , , ,
read more

How to install OpenWRT on a Gateworks gw2348-4

Filed Under: embedded devices
Aug.12, 2010

Not that I needed another project but I recently picked up a Gateworks gw2348-4 from Aliosa27.  He was selling a few of them off after a dev project that he finished.  I wouldn’t have bothered but I looked at the specs and noticed that the board seems to be sort of a souped up version of a WRT54G.  Like WAY souped up.  Here is a short list of the items that caught my eye:

  • Intel XScale IXP425 533MHz Processor
  • 64Mbytes SDRAM
  • 16Mbytes Flash
  • Four Type III Mini-PCI Slots
  • Compact Flash Socket
  • Two RS-232 Serial Ports
  • Passive Power Over Ethernet
  • Optional Dual Type A USB Host Ports

On top of all of that, OpenWrt supports it.  That’s good enough for me.  The ONLY disadvantages that I can see so far is that it only has 2 Ethernet ports and you have to add your own wifi card but in the end adding your own wifi card is actually an advantage.  That will give me an opportunity to mess with some Atheros-based cards.  Luckily I happen to have one of those on hand now along with an Realtek RTL8185L card that I picked up at a local computer recycler for $2.

First off, I tried just plugging it in and hooking it up to Minicom.  I used the settings that seem to work with everything else I have which are 115,200,8,n,1 with no flow control.  I ended up with a RedBoot prompt and a non-loading zImage left over from the previous owner.  This is a used board so I didn’t expect much in this regard.

I see another few advantages to this hardware already.  For one, this thing has a boot loader with a command prompt and console access.  Already that blows away the WRT54G hardware.  On top of that, if you flash a bad firmware, you probably won’t brick the device.  I imagine you can just reflash it with the correct image and continue on your path.

Time to go to the OpenWrt site and grab the correct image.  I’m going to use the Backfire 10.03.1-rc1 avila image.   From the RedBoot prompt, I’ll clear out the flash memory:

RedBoot> fis init

Next I need to set up a tftp.  For this I used tftpd32.  I checked the ip addresses that were expected on the Gateworks device:

RedBoot> ip_address

This spit back that I needed to use 192.168.1.102 as the server so I plugged that into my network settings and tftp server on the Windows laptop I’m using.  After some rudimentry setup on the Windows laptop, I ran the following command on the Gateworks board to pull the file down:

RedBoot> load -r -v -b 0x00800000 openwrt-avila-zImage

After that one returns a favorable result, next is:

RedBoot> fis create linux

Checked my free space with:

RedBoot> fis free

Now I need to grab the file for the rootfs on the Windows box and then tftp it from the Gateworks device:

load -r -v -b 0x00800000 openwrt-ixp4xx-generic-squashfs.img

Then I whipped out the calc app on my mac and changed it to programmer mode to calculate my free space.  In my case it was 0xE80000 so I create the root file system.

RedBoot> fis create -l 0xE80000 rootfs

Finally, I run through the fconfig program from the RedBoot> prompt and then reset.  My settings may differ slightly from what you will see on a brand new Gateworks board.  I’m posting a screen shot for simplicity sake:

For more clarification of my instructions, visit this link.  I think this board will make an excellent snort box or maybe something even better.  Who knows?

Tags: , , , ,
read more

How to manually set network settings in Linux

Filed Under: Unix tricks
Jul.25, 2010

I’ve been messing around with my stack of WRT54G routers this weekend.  So far I have serial modded two out of the five that I have sitting here.  The neat thing about the serial mod is that it’s so easy to grab a console off of it without worrying about network parameters.  The bad thing is that your router may or may not be connected to the internet when you are on that console.  It’s pretty easy to hook up to another wireless router in client mode from the console.  I couldn’t find the following information all in one place so I’m going to hash out the quick version here:

iwconfig wlan0 essid router_name

iwconfig wlan0 key 0123456789 (I have a wep router handy for connecting older devices)

ifconfig wlan0 10.10.10.40 netmask 255.255.255.0 (no dhcp client on my router by default)

ifconfig wlan0 up

route add default gw 10.10.10.1

ifconfig wlan0 up

and finally add a known dns server (like 8.8.8.8) to your /etc/resolv.conf with vi

For advanced Unix users, none of this is anything new but hopefully this will help someone else out there who is struggling through an OpenWrt or Gentoo install or can’t figure out how to configure wireless on your Zipit after you’ve put an aftermarket root fs on it.  All of these settings will disappear when you reboot your device aside from editing the resolv.conf although if you are using a WRT54G series router, your edits to the resolv.conf will also disappear.

Tags: , , , , ,
read more
Powered by WordPress. Theme: Motion by 85ideas.