Wireless AP and OpenWRT

Getting the wireless access point (AP) up and running looks to be a painless task. By default for my WRT160Nv2, OpenWRT provided the following settings in /etc/config/wireless (dumped via the UCI tool).

root@OpenWrt:~# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type=mac80211
wireless.radio0.channel=11
wireless.radio0.hwmode=11ng
wireless.radio0.path=platform/rt2800_wmac.0
wireless.radio0.htmode=HT20
wireless.radio0.ht_capab=GF SHORT-GI-20 SHORT-GI-40 TX-STBC RX-STBC12
wireless.radio0.disabled=1
wireless.@wifi-iface[0]=wifi-iface
wireless.@wifi-iface[0].device=radio0
wireless.@wifi-iface[0].network=lan
wireless.@wifi-iface[0].mode=ap
wireless.@wifi-iface[0].ssid=OpenWrt
wireless.@wifi-iface[0].encryption=none

I want to create a custom SSID, ‘Armadillo’, and also set a WPA2 key for accessing the router. Furthermore, I want to make sure that my wireless radio in the router is configured for proper use in the United States.

root@OpenWrt:~# uci set wireless.@wifi-iface[0].ssid='Armadillo'
root@OpenWrt:~# uci set wireless.@wifi-iface[0].encryption='psk2'
root@OpenWrt:~# uci set wireless.@wifi-iface[0].key='****************'
root@OpenWrt:~# uci set wireless.radio0.channel=6
root@OpenWrt:~# uci set wireless.radio0.country=US
root@OpenWrt:~# uci set wireless.radio0.disabled=0
root@OpenWrt:~# uci commit

With the configuration written to /etc/config/wireless, issue the wifi command to start the wireless service:

root@OpenWrt:~# wifi
Configuration file: /var/run/hostapd-phy0.conf
wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
Using interface wlan0 with hwaddr 00:0c:43:28:80:e8 and ssid "Armadillo"
wlan0: interface state COUNTRY_UPDATE->ENABLED
wlan0: AP-ENABLED

To verify the access point is up and running, look at the available wireless networks. In my case, ‘Armadillo’ is available and after entering the WPA2 key I have access to the device.

Success!

Advertisements

WAN Port DHCP and OpenWRT

Last weekend I installed OpenWRT (v12 Attitude Adjustment) on my WRT160Nv2 router device. Out of the “box”, the internal LAN is setup as 192.168.1.1, and I can ssh into the router for configuration. I plan to plug this router into another router device, so I would like to configure it for the following:

  • DHCP on the WAN port: If I take this to a hotel or hook it up to a another router device, I want it to automatically obtain an IP address on the WAN port
  • Private network on the LAN ports: 192.168.2.x addresses
  • [Optional] Enable wireless access so that I don’t have to plug my laptop computer into this router via Ethernet cable each time I access it.

WAN port configuration

To modify settings, one can either edit /etc/config/network directly, or use the unified configuration interface (UCI) to issue commands from the shell. I chose to do the latter. Of course you can also use the web interface if you have a normal router and not a WRT160Nv2.

The commands below modify the wan port to use DHCP to obtain an IP address and DNS settings, and then bring up the WAN interface.

uci set network.wan.proto=dhcp
uci commit network
ifup wan

To verify that the WAN port has an IP address, issue the ifconfig command and look for the IP address used from the DHCP server, in this the router device issued to me by my ISP.

ifconfig

As shown below, the WAN port is given the IP address 192.168.1.10.

eth0.2    Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7135 errors:0 dropped:406 overruns:0 frame:0
          TX packets:4675 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4727515 (4.5 MiB)  TX bytes:745096 (727.6 KiB)

LAN IP address re-assignment

The DHCP server on my network is running on the private network 192.168.1.x, and that conflicts with the default configuration from the OpenWRT installation. The WRT160Nv2’s LAN ports need to be moved to another network. I decided to move them to 192.168.2.x.

uci set network.lan.ipaddr=192.168.2.1
uci commit network
reboot

Rebooting closes the SSH session, so reconnect to the router, but remember the address is now 192.168.2.1 for the router device!

Testing Internet access

After logging into the machine, I issued a ping command to http://www.google.com:

testdns

Success!

OpenWRT for an old Linksys WRT160Nv2

Background

Back in 2009 I purchased a Linksys WRT160Nv2 wireless router for my home. I did not do much homework at the time because I was busy with a new job, a baby, and just wanted to get wireless connectivity at home. I stopped using the device when I moved again in 2012 as Verizon provides me a router device to connect to their FIOS service.

For my home “lab”, if you can even call it that, I am looking to hook up some old devices and machines.  At first I was pricing out some small home router/switch combos, but in digging through a box of old equipment, I found the WRT160Nv2, and thought I might be able to repurpose it with OpenWRT, DD-WRT or some other open-source software on the device.

After some initial research, it turns out this router/switch device is a bit of kludge. The WRT160Nv1 and WRT160Nv3 of this series of device had decent hardware, but for WRT160Nv2 it looks like Linksys tried to cut costs by using Ralink chipset and not putting enough memory in the device. As such, both OpenWRT and DD-WRT do not support the hardware. Furthermore, the vendor abandoned the platform and the factory firmware has known vulnerabilities and bugs.

In searching the OpenWRT forums, I uncovered a topic leading to a project on GitHub called OpenWrt Leitec. It is a modified build of the OpenWRT software for Ralink RA2880 routers. The WRT160Nv2 has limited support for this build due to the fact the router only has 16 MB of memory.  I am going to give that a try because I don’t plan to use this device as a wireless router, but just as an Ethernet switch. Hopefully I can disable much of that functionality once I get OpenWRT installed on the device!

Building the OpenWRT Firmware

Note to self: Your stupid Windows computer went to sleep, and VMWare Desktop Pro couldn’t handle that and starting thrashing the disk.  It took the system 10 minutes to recover after wake-up. Turn off the PC sleep settings and just let the monitor go to sleep!

Building the firmware is rather straightforward.  I have a Windows 8.1 desktop computer with VMWare Desktop Pro. Within that I have a simple Linux VM that I used for building the firmware. Note that OpenWRT does not support Windows for building the firmware, one needs Linux, BSD, or Mac OS X.  The command sequence is as follows:

mkdir projects; cd projects
git clone https://github.com/leitec/openwrt-leitec.git
cd openwrt-leiteic
make menuconfig

The make menuconfig build command brings up a console-based UI for customized the firmware build. One needs to select the RA288x target and subtargets in order to build for the Ralink chipset.

MakeMenuConfig

The graphic above shows the target/subtarget already selected, but one would select the Target System option and go into the Target system submenu, shown below.

Target

For the WRT160Nv2, which is based on the RT2880 chipset, select the Ralink RT288x option and return. From the main menu, then go into the Subtarget submenu.

Subtarget

Select the RT288x based boards options and return to the main menu. From the main menu, navigate to the “Exit” option at the bottom of the screen. This will bring up a save prompt as shown below:

SaveConfig

Save the configuration and you should be returned to the system shell.  From here, one can begin building the OpenWRT firmware.  Start the makefile!

make

The build process begins by compiling all of the tools necessary for the target chipset, such as m4, xz, autoconf, gdb, gcc, et cetera. These tools are needed for cross-compilation for the target platform; the default tools on most systems are for x86_64 based software and not the embedded chipset on the router devices.

Build Errors

I was able to successfull build all of the tools, but during the toolchain build for “toolchain/gcc/final” compile stage, I encoutered build errors. To get the error messages, re-run the build script with the “V=s” option.

make V=s 2>&1 > build_log.txt

There were a few warnings and notes thrown out, but the first error I encountered was as follows:

cnfs.gperf:101:1: error: 'gnu_inline' attribute present on 'libc_name_p'
cnfs.gperf:26:14: error: but not here

A bit of google searching turned up a simple patch one can make to the source code. After modifying the code with that patch, the build process moved along happily. At the end of the build process, in the bin/ramips directory are all of the firmware images.

image_files

 

The firmware file to be flashed to the device is openwrt-ramips-rt288x-wrt160nv2-squashfs-factory-code.bin.

Firmware Installation

I had not powered on this device for over three years, and after navigating to the admin website (192.168.1.1) after plugging it into my Ethernet port, I released I had forgotten the admin password for the router.  Luckily, Linksys makes it easy to reset the router to a default factory configuration.

 

 

WRT_factory_reset

It should be noted that after flashing the firmware from the proprietary Linksys firmware to the OpenWRT firmware, this option will no longer be available.  However, OpenWRT has options for recovery and re-programming with the original factory firmware. In the factory setting, there is no username for the Linksys router webpage, and the password is ‘admin’.

I followed the directions to upgrading firmware from the Linksys website, which essentially tells one to navigate to the Linksys router’s webpage, login, and then navigate to the Administration tab. In the Administration section, select the Firmware Upgrade sub-tab. The resulting webpage is easy to navigate–simply select the OpenWRT .bin firmware image from the build press, and then press the Start Upgrade button.

During my install, the progress bar went to 50%, and then jumped to a page stating that the firmware was successfully written to the device. I was apprehensive at first because I thought there must have been an error, why would it jump to complete at only 50%? Then again, progress bars hugely unreliable indicators of progress with software tasks…

I open up Tera Term and processed to connect to the device at 192.168.1.1 using the telnet protocol…

WRT_Telnet

Success! OpenWRT was installed and is running on the router! To enable ssh, simply setup a root password by running the ‘passwd’ command. After setting a password and logging out, the router is now accessible with ssh and the telnet daemon is disabled. Next I fired up Putty, my preferred Windows SSH client…

WRT_ssh

Success!!! The router is now ready for configuration of capabilities.  It is a good idea to review the limitations of the WRT160Nv2 once more as the limited memory on the router prohibits it from running the web GUI interface as well as software such as OpenVPN.

It is my intention to use this device as a wired router device for now. Perhaps in future I will also look at enabling the 802.11 features too.

Conclusion

My take away from this little project is as follows:

  1. Always do your homework before purchasing technology, I knew better than just buying something from the store, but I was lazy and just bought the medium grade device from the local store. Now today I have a device that is so crippled that it is hardly supported by open source software.
  2. Open source software is perfect for re-purposing old hardware and giving it new life after the manufacturer has long abandoned the product.
  3. Or just make sure you have a lot of money for your technology! I would love to put a Juniper EX2200 in my lab instead, but I don’t have that type of cash to burn on a hobby lab.