Have been using OpenWRT to power my home adsl connection for the past month. Running Kamikaze on a Netgear DG834 v2, as detailed in my last post, and it has neen solid!

08:11:03 up 20 days, 3:39, load average: 0.00, 0.03, 0.08

Here is what I have done since then:

Connection

Modify /etc/init.d/network and remove all the /sbin/wifi up lines (I don’t have Wifi). Also have /sbin/ifup wan under the boot section of /etc/init.d/network to get ppp to come up after booting.

ppp will automatically reconnect if it drops out. I also placed a script under /etc/ppp/ip-up.d/log_ppp_up that will log when my last connection

#!/bin/sh
pubip=$(ip route show dev ppp0 | awk '{ print $7 }')
uptime > /www/ppp-status.html
echo " wan ip: $pubadd" >> /www/ppp-status.html

Cron

Openwrt has cron, run crontab -e (same as vim /etc/crontabs/root) to setup jobs. There is however a bug in Busybox that makes cron leave an error message in your syslog everytime a task executes (other than the cron.err it seems to work fine).

syslog

Use the logread command to view the syslog, and logger “some message” to write to it. To forward the system log to another machine in /etc/config/system under config ‘system’ add:

option 'log_ip' '192.168.1.10'
option 'log_port' '514'
option 'log_size' '16'
option 'log_type' 'circular'

Packages

The opkg package manager, http://code.google.com/p/opkg/, an actively developed fork of ipkg, is installed with OpenWRT. Before installing new packages I usually have to run the update command first.

Somewhat worrying watching space shrink on my jffs parition when I install packages. Made the mistake of maxing out my disk once, the router segfaulted and after a reboot it was luckily all okay.

Realtime bandwidth monitoring with ifstat package:

root@OpenWrt:~# opkg intsall ifstat
root@OpenWrt:~# ifstat -S
Time eth0 br-lan imq0 ppp0
HH:MM:SS KB/s in KB/s out KB/s in KB/s out KB/s in KB/s out KB/s in KB/s out
12:38:45 3.75 112.54 2.87 112.54 117.19 111.33 117.19 2.46

ntp time

Install the ntpclient to keep time on the device as there is no bios battery to keep time. Configure settings (ntpclient –hep) in /etc/config/ntpclient after install:

root@OpenWrt:~# opkg intsall ntpclient

Be sure to set the correct time zone in /etc/config/system

Network traffic monitoring

It’s very handy having tcpdump on your router :-)

root@OpenWrt:~# opkg intsall tcpdump

Transparent proxy

For forwarding of all outgoing http traffic through a proxy on the LAN, add this to /etc/config/firewall

config redirect
option src_dport 80
option proto tcp
option src lan
option dest_ip 192.168.1.100
option dest_port 8080

Read more of firewall documentation for other examples http://wiki.openwrt.org/doc/uci/firewall

LEDS

OpenWRT does not fully support the leds on this model of router yet. The leds on the network swtich work fine, but there is no indication of WAN status out of the box. I found this script on pitt-pladdy.com.

root@OpenWrt:~# cd /etc/init.d/
root@OpenWrt:/etc/init.d# wget http://192.168.1.11/local-adsl-led
root@OpenWrt:/etc/init.d# ./local-adsl-led enable
root@OpenWrt:/etc/init.d# ./local-adsl-led start

The 3 front leds are now: (power) (cpu?) (wan up/wan down)

Further securing

Install ssh keys for dropbear and remove Telnet

root@OpenWrt:~# vim /etc/dropbear/authorized_keys
root@OpenWrt:~# chmod 0600 /etc/dropbear/authorized_keys
root@OpenWrt:~# rm /etc/init.d/telnet