| 1 |
\documentclass[12pt,a4paper,openany,smallheadings, |
\documentclass[12pt,a4paper,openany,smallheadings,headinclude,headsepline,final]{scrreprt} |
| 2 |
headinclude,headsepline,final]{scrreprt} |
%\usepackage{ucs} % Unicode support |
| 3 |
\usepackage[utf8]{inputenc} |
\usepackage[utf8]{inputenc} % UTF-8 characters as input are allowed |
| 4 |
\usepackage{amsmath} |
%\usepackage{amsmath} |
| 5 |
\usepackage{amsfonts} |
%\usepackage{amsfonts} |
| 6 |
\usepackage{amssymb} |
%\usepackage{amssymb} |
| 7 |
\usepackage{caption2} |
%\usepackage{caption2} |
| 8 |
\usepackage[canadian]{babel} |
\usepackage[english]{babel} % Sets the layout to English style |
| 9 |
\usepackage{varioref} |
\usepackage{varioref} % Intelligent page references |
| 10 |
\usepackage{txfonts} |
%\usepackage{txfonts} |
| 11 |
\usepackage[pdftex]{graphicx} |
\usepackage[pdftex]{color} % Colour control for LaTeX documents |
| 12 |
|
\usepackage[pdftex]{graphicx} % Enhanced support for graphics |
| 13 |
%\usepackage{listings} |
%\usepackage{listings} |
| 14 |
\usepackage{makeidx} |
\usepackage{makeidx} % Standard LaTeX package for creating indexes |
| 15 |
\usepackage[T1]{fontenc} |
\usepackage{longtable} % Allow tables to flow over page boundaries |
| 16 |
|
\usepackage[T1]{fontenc} % T1-fonts |
| 17 |
|
\usepackage{fancyvrb} % Sophisticated verbatim text |
| 18 |
|
\usepackage[a4paper,rmargin=2cm,lmargin=2cm,tmargin=2.5cm,bmargin=3.5cm]{geometry} % Flexible and complete interface to document dimensions |
| 19 |
|
\usepackage{fixltx2e, mparhack} % Patches for LaTeX; A workaround for a LaTeX bug in marginpars |
| 20 |
|
\usepackage[nofancy]{svninfo} % Typeset Subversion Keywords |
| 21 |
|
\usepackage{float} % Improved interface for floating objects |
| 22 |
|
\usepackage{hyperref} % Extensive support for hypertext in LaTeX |
| 23 |
|
|
|
% fancy verbatim enables changing of font, fontsize, etc. in verbatim code |
|
|
% also set smaller font and a frame as default |
|
|
\usepackage{fancyvrb} |
|
|
\fvset{fontsize=\small, frame=single} |
|
| 24 |
|
|
| 25 |
% marvosym macht Pfeil kaputt, also sichern |
% marvosym macht Pfeil kaputt, also sichern |
| 26 |
% line 28, /usr/share/texmf/tex/latex/marvosym/marvosym.sty |
% line 28, /usr/share/texmf/tex/latex/marvosym/marvosym.sty |
| 27 |
\let\RescueRightarrow=\Rightarrow |
%\let\RescueRightarrow=\Rightarrow |
| 28 |
\usepackage{marvosym} |
%\usepackage{marvosym} |
| 29 |
\renewcommand{\Rightarrow}{\RescueRightarrow} |
%\renewcommand{\Rightarrow}{\RescueRightarrow} |
| 30 |
|
|
|
\usepackage[pdftex]{color} |
|
| 31 |
\definecolor{skyblue}{rgb}{0,0.3323,0.5720} |
\definecolor{skyblue}{rgb}{0,0.3323,0.5720} |
| 32 |
\usepackage[% |
\restylefloat{figure} |
| 33 |
colorlinks=true,anchorcolor=red, |
\hypersetup{ |
| 34 |
breaklinks=true,linkcolor=blue,urlcolor=red, |
colorlinks=true,anchorcolor=red, |
| 35 |
citecolor=skyblue, |
breaklinks=true,linkcolor=blue,urlcolor=red, |
| 36 |
pdfauthor={The FreeWRT Team}, |
citecolor=skyblue, |
| 37 |
pdftitle={FreeWRT User Handbook}, |
pdfauthor={The FreeWRT Team}, |
| 38 |
pdfcreator={tetex and VIM}, |
pdftitle={FreeWRT User Handbook}, |
| 39 |
pdfsubject={Open Source}, |
pdfcreator={tetex and VIM}, |
| 40 |
pdfview=FitV, |
pdfsubject={Open Source}, |
| 41 |
pdfstartview=FitV, |
pdfview=FitV, |
| 42 |
pdfstartpage={1}, |
pdfstartview=FitV, |
| 43 |
pdfpagelayout=SinglePage, |
pdfstartpage={1}, |
| 44 |
pdfpagemode=None, |
pdfpagelayout=SinglePage, |
| 45 |
pdfkeywords={FreeWRT}]{hyperref} |
pdfpagemode=None, |
| 46 |
\usepackage{cancel} |
pdfkeywords={FreeWRT} |
| 47 |
|
} |
| 48 |
|
\fvset{fontsize=\small, frame=single} % fancyvrb: set small font size and enable frames |
| 49 |
|
%\usepackage{cancel} |
| 50 |
%\usepackage[final, activate, verbose=true]{microtype} |
%\usepackage[final, activate, verbose=true]{microtype} |
| 51 |
\usepackage{ngerman} |
%\usepackage{ngerman} |
| 52 |
%\usepackage{bookman} |
%\usepackage{bookman} |
| 53 |
%\usepackage[a4paper,twoside,rmargin=2cm,lmargin=2cm,tmargin=2.5cm]{geometry} |
%\usepackage[a4paper,twoside,rmargin=2cm,lmargin=2cm,tmargin=2.5cm]{geometry} |
| 54 |
\usepackage[a4paper,rmargin=2cm,lmargin=2cm,tmargin=2.5cm,bmargin=3.5cm]{geometry} |
%\usepackage[a4paper,rmargin=2cm,lmargin=2cm,tmargin=2.5cm,bmargin=3.5cm]{geometry} |
| 55 |
%\usepackage{ncntrsbk} |
%\usepackage{ncntrsbk} |
| 56 |
\usepackage{float} |
%\usepackage{float} |
| 57 |
\restylefloat{figure} |
%\restylefloat{figure} |
| 58 |
%\bibliographystyle{alphadin} |
%\bibliographystyle{alphadin} |
| 59 |
\bibliographystyle{alpha} |
%\bibliographystyle{alpha} |
|
|
|
|
% Change Section, Chapter Layout |
|
|
% http://www.mackichan.com/index.html?techtalk/518.htm~mainFrame |
|
|
%\usepackage{sectsty} |
|
|
%\allsectionsfont{\raggedleft} |
|
|
%\chapterfont{\raggedleft} |
|
|
|
|
|
% BEGIN Fancy Header Extensions |
|
|
% Save Graphics in Latex box |
|
|
%\renewcommand{\headheight}{30pt} %Make height wider so picture is ok |
|
|
%\renewcommand{\footskip}{45pt} %Make height wider so picture is ok |
|
|
|
|
|
\usepackage{fixltx2e, mparhack} |
|
| 60 |
|
|
| 61 |
% Generate index in preamble |
% Generate index in preamble |
| 62 |
\makeindex |
\makeindex |
| 63 |
|
|
| 64 |
\begin{document} |
\begin{document} |
| 65 |
|
\svnInfo $Id$ |
| 66 |
\setlength{\marginparwidth}{10mm} |
\setlength{\marginparwidth}{10mm} |
| 67 |
|
|
| 68 |
\include{cover} |
\include{cover} |
| 69 |
|
|
| 70 |
\renewcommand{\thepage}{\roman{page}} |
\renewcommand{\thepage}{\roman{page}} |
| 71 |
\tableofcontents |
\tableofcontents |
| 72 |
%Set Arabic Numbering 1,2,3,... |
%Set Arabic Numbering 1,2,3,... |
| 81 |
\markboth{\large \thechapter.\ \normalsize \scshape #1}{}} |
\markboth{\large \thechapter.\ \normalsize \scshape #1}{}} |
| 82 |
\renewcommand{\sectionmark}[1]{\markright{\thesection.\ \scshape #1}} |
\renewcommand{\sectionmark}[1]{\markright{\thesection.\ \scshape #1}} |
| 83 |
|
|
|
%Bilitz |
|
|
%\newcommand{\blitz}{ \mbox{\Huge \Lightning} } |
|
|
\newcommand{\blitz}{ \Lightning } |
|
|
\newcommand{\entspr}{\stackrel{\wedge}{=}} |
|
| 84 |
|
|
| 85 |
|
% Create some new commands for designing the text |
| 86 |
|
% applications |
| 87 |
|
\newcommand{\app}[1]{% |
| 88 |
|
\textsf{\textit{#1}}} |
| 89 |
|
% terminology, vendor or product names |
| 90 |
|
\newcommand{\term}[1]{% |
| 91 |
|
\textsc{#1}} |
| 92 |
|
% filenames and directories |
| 93 |
|
\newcommand{\file}[1]{% |
| 94 |
|
\textsf{#1}} |
| 95 |
|
% user input |
| 96 |
|
\newcommand{\command}[1]{% |
| 97 |
|
\texttt{\textbf{#1}}} |
| 98 |
|
% example code, output of applications |
| 99 |
|
\newcommand{\code}[1]{% |
| 100 |
|
\texttt{#1}} |
| 101 |
|
% emphasized text (nicer than \emph{}) |
| 102 |
|
\newcommand{\strong}[1]{% |
| 103 |
|
\textbf{#1}} |
| 104 |
|
|
| 105 |
|
|
| 106 |
\chapter{Introduction} |
\chapter{Introduction} |
| 111 |
code distribution, it does not provide any pre-compiled firmware for embedded |
code distribution, it does not provide any pre-compiled firmware for embedded |
| 112 |
systems. The latest version of this document is always available at the |
systems. The latest version of this document is always available at the |
| 113 |
FreeWRT website. If you have any comments, criticism or found some wrong |
FreeWRT website. If you have any comments, criticism or found some wrong |
| 114 |
description, please send us an e-mail to freewrt-handbook@freewrt.org, we are |
description, please send us an e-mail to |
| 115 |
|
\href{mailto:freewrt-handbook@freewrt.org}{freewrt-handbook@freewrt.org}, we are |
| 116 |
always happy about getting feedback to this document, and will try to update |
always happy about getting feedback to this document, and will try to update |
| 117 |
or correct the issues mentioned by you. |
or correct the issues mentioned by you. |
| 118 |
|
|
| 119 |
The FreeWRT User handbook is split into five distinct sections. Appliance |
The FreeWRT User handbook is split into several distinct chapters. |
| 120 |
Development Kit covers the building of FreeWRT firmware images. The second |
\nameref{ch:ADK} covers the building of FreeWRT firmware images. |
| 121 |
section, Installing FreeWRT, covers all aspects regarding the installation and |
In \autoref{ch:installing}, \nameref{ch:installing}, all aspects regarding the |
| 122 |
deinstallation of FreeWRT firmware images. The third section is a detailed |
installation and deinstallation of FreeWRT firmware images are covered. The |
| 123 |
description of the startup process of FreeWRT. The fourth section, Using FreeWRT, |
next chapter, \nameref{ch:administration}, covers administrational tasks, such |
| 124 |
covers administrational tasks, such as network configuration, the FreeWRT |
as network configuration, the FreeWRT configuration filesystem, package |
| 125 |
configuration filesystem, package management and update mechanism. The last |
management and update mechanism. The last chapter, \nameref{ch:troubleshooting}, |
| 126 |
section helps troubleshooting problems and recovering a bad firmware installation. |
helps troubleshooting problems and recovering a bad firmware installation. The |
| 127 |
The appendix contains board specific information. For FreeWRT 1.0 these are only |
appendix contains board specific information. For FreeWRT 1.0 these are only |
| 128 |
Broadcom based embedded systems. |
Broadcom based embedded systems. |
| 129 |
|
|
| 130 |
The intended audience for this handbook are advanced users with basic |
The intended audience for this handbook are advanced users with basic |
| 135 |
|
|
| 136 |
\section{Typographic Conventions} |
\section{Typographic Conventions} |
| 137 |
|
|
| 138 |
Examples starting with \# indicate a command that must be invoked as super |
Examples starting with \code{\#} indicate a command that must be invoked as super |
| 139 |
user. You can use su to gain super user privileges. |
user. You can use \command{su} to gain super user privileges. |
| 140 |
|
|
| 141 |
\begin{Verbatim} |
\begin{Verbatim}[label=example for a command line with super user privileges] |
| 142 |
# fwcf commit |
# fwcf commit |
| 143 |
\end{Verbatim} |
\end{Verbatim} |
| 144 |
|
|
| 145 |
Examples starting with \$ indicate a command that can be invoked as a normal |
Examples starting with \code{\$} indicate a command that can be invoked as a |
| 146 |
user. The default user account on a freshly installed FreeWRT system is |
normal user. The default user account on a freshly installed FreeWRT system is |
| 147 |
,,admin'', the password ,,FreeWRT''. |
"\code{admin}", the password "\code{FreeWRT}". |
| 148 |
|
|
| 149 |
\begin{Verbatim} |
\begin{Verbatim}[label=example for a command line as non-privileged user] |
| 150 |
$ cat /etc/banner |
$ cat /etc/banner |
| 151 |
\end{Verbatim} |
\end{Verbatim} |
| 152 |
|
|
| 153 |
\chapter{Appliance Development Kit (ADK)} |
%\chapter{Web Interface Builder (WIB)}\label{ch:WIB} |
| 154 |
|
% |
| 155 |
|
%FIXME It is named later in the text, but not explained what it is. Probably |
| 156 |
|
%this chapter can be joined with the chapter about ADK |
| 157 |
|
|
| 158 |
|
\chapter{Appliance Development Kit (ADK)}\label{ch:ADK} |
| 159 |
|
|
| 160 |
The ADK is the core of FreeWRT and contains all scripts and sources to create |
The ADK is the core of FreeWRT and contains all scripts and sources to create |
| 161 |
firmware images for every supported embedded system. FreeWRT 1.0 supports the |
firmware images for every supported embedded system. FreeWRT 1.0 supports the |
| 162 |
following embedded systems: |
following embedded systems: |
| 163 |
|
|
| 164 |
\begin{itemize} |
\begin{itemize} |
| 165 |
\item Asus WL500g |
\item Asus WL500g |
| 166 |
\item Asus WL500g deluxe |
\item Asus WL500g deluxe |
| 167 |
\item Asus WL500g premium |
\item Asus WL500g premium |
| 168 |
\item Linksys WRT54G v2.0 |
\item Linksys WRT54G v2.0 |
| 169 |
\item Linksys WRT54G v2.2 |
\item Linksys WRT54G v2.2 |
| 170 |
\item Linksys WRT54G v3.0 |
\item Linksys WRT54G v3.0 |
| 171 |
\item Linksys WRT54G v3.1 |
\item Linksys WRT54G v3.1 |
| 172 |
\item Linksys WRT54G v4.0 |
\item Linksys WRT54G v4.0 |
| 173 |
\item Linksys WRT54GS v1.0 |
\item Linksys WRT54GS v1.0 |
| 174 |
\item Linksys WRT54GS v1.1 |
\item Linksys WRT54GS v1.1 |
| 175 |
\item Linksys WRT54GS v4 |
\item Linksys WRT54GS v4 |
| 176 |
\item Linksys WRT54G3G |
\item Linksys WRT54G3G |
| 177 |
\item Linksys WRT54GL |
\item Linksys WRT54GL |
| 178 |
\item Netgear WGT634u |
\item Netgear WGT634u |
| 179 |
\end{itemize} |
\end{itemize} |
| 180 |
|
|
| 181 |
In this release we only support the Linux 2.4 kernel. The ADK contains over |
In this release we only support the Linux 2.4 kernel. The ADK contains over |
| 189 |
The list of supported GNU/Linux build systems is not an exclusive one, these are just the ones tested and verified. The other millions of linux distributions are very likely to work, too. |
The list of supported GNU/Linux build systems is not an exclusive one, these are just the ones tested and verified. The other millions of linux distributions are very likely to work, too. |
| 190 |
|
|
| 191 |
\begin{itemize} |
\begin{itemize} |
| 192 |
\item Debian GNU/Linux |
\item Debian GNU/Linux |
| 193 |
\item Gentoo Linux |
\item Gentoo Linux |
| 194 |
\item OpenSuSE |
\item OpenSuSE |
| 195 |
\item Ubuntu GNU/Linux |
\item Ubuntu GNU/Linux |
| 196 |
\item Fedora Core |
\item Fedora Core |
| 197 |
\item OpenBSD (partial support)\footnote{some addon packages does not compile} |
\item OpenBSD (partial support)\footnote{some addon packages does not compile} |
| 198 |
\item MirOS BSD (partial support)\footnote{some addon packages does not compile} |
\item MirOS BSD (partial support)\footnote{some addon packages does not compile} |
| 199 |
\end{itemize} |
\end{itemize} |
| 200 |
|
|
| 201 |
Please install the following software, which is needed to build a basic |
Please install the following software, which is needed to build a basic |
| 204 |
compile a specific package. Here is a list of the required software: |
compile a specific package. Here is a list of the required software: |
| 205 |
|
|
| 206 |
\begin{itemize} |
\begin{itemize} |
| 207 |
\item gcc3 or higher |
\item gcc3 or higher |
| 208 |
\item g++ |
\item g++ |
| 209 |
\item binutils |
\item binutils |
| 210 |
\item patch |
\item patch |
| 211 |
\item gzip |
\item gzip |
| 212 |
\item bzip2 |
\item bzip2 |
| 213 |
\item unzip |
\item unzip |
| 214 |
\item flex |
\item flex |
| 215 |
\item bison |
\item bison |
| 216 |
\item GNU make |
\item GNU make |
| 217 |
\item zlib (+headers) |
\item zlib (+headers) |
| 218 |
\item ncurses (+headers) |
\item ncurses (+headers) |
| 219 |
\item (g)libc headers |
\item (g)libc headers |
| 220 |
\item perl |
\item perl |
| 221 |
\end{itemize} |
\end{itemize} |
| 222 |
|
|
| 223 |
The ADK scripts will check for the required versions of these tools in advance. |
The ADK scripts will check for the required versions of these tools in advance. |
| 230 |
\section{Getting the source} |
\section{Getting the source} |
| 231 |
|
|
| 232 |
Now go to a directory where you want to build the firmware. Depending on the |
Now go to a directory where you want to build the firmware. Depending on the |
| 233 |
features you select you will need about 2.5-5 GB free disk space. This |
features you select you will need about 2.5--5 GB free disk space. This |
| 234 |
includes the ADK itself, any source archives which will be downloaded |
includes the ADK itself, any source archives which will be downloaded |
| 235 |
and their extracted copies (for compiling). |
and their extracted copies (for compiling). |
| 236 |
|
|
| 237 |
To get the latest stable FreeWRT ADK try one of these commands: |
To get the latest stable FreeWRT ADK try one of these commands: |
| 238 |
Via HTTP protocol: |
\begin{Verbatim}[label=Check out the 1.0-branch of FreeWRT ADK via HTTP protocol] |
|
\begin{verbatim} |
|
| 239 |
$ svn co http://www.freewrt.org/svn/tags/freewrt_1_0_x freewrt |
$ svn co http://www.freewrt.org/svn/tags/freewrt_1_0_x freewrt |
| 240 |
\end{verbatim} |
\end{Verbatim} |
| 241 |
Via subversion protocol: |
\begin{Verbatim}[label=Check out the 1.0-branch of FreeWRT ADK via subversion protocol] |
|
\begin{verbatim} |
|
| 242 |
$ svn co svn://www.freewrt.org/itags/freewrt_1_0_x freewrt |
$ svn co svn://www.freewrt.org/itags/freewrt_1_0_x freewrt |
| 243 |
\end{verbatim} |
\end{Verbatim} |
| 244 |
|
|
| 245 |
The value \dq{}x\dq{} is a place holder for the latest minor release number. |
The value $x$ is a place holder for the latest minor release number. |
| 246 |
Take a look at our project page to find out which minor release number is the latest one. |
Take a look at our project page to find out which minor release number is the latest one. |
| 247 |
|
|
| 248 |
After successfully downloading, enter the directory: |
After successfully downloading, enter the directory: |
| 256 |
\section{Some Theory First} |
\section{Some Theory First} |
| 257 |
|
|
| 258 |
Building a FreeWRT firmware image is just like building a new Linux kernel, |
Building a FreeWRT firmware image is just like building a new Linux kernel, |
| 259 |
but a little more complex. There is a ncurses-based configuration menu at the |
but a little more complex. There is a \app{ncurses}-based configuration menu at the |
| 260 |
beginning, the changes made are saved into a file named ,,.config'' in the ADK |
beginning, the changes made are saved into a file named \file{.config} in the ADK |
| 261 |
root. The build is done by the various Makefiles, compiling and linking the |
root. The build is done by the various Makefiles, compiling and linking the |
| 262 |
sources together accordingly to the symbols defined in ,,.config''. |
sources together accordingly to the symbols defined in \file{.config}. |
| 263 |
|
|
| 264 |
Unlike kernel compilation, FreeWRT needs to be cross-compiled. This |
Unlike kernel compilation, FreeWRT needs to be cross-compiled. This |
| 265 |
leads to special premises, as most of the tools need to be specially build. |
leads to special premises, as most of the tools need to be specially build. |
| 266 |
But no panic, FreeWRT will do this all for you. In fact, this is done at the |
But no panic, FreeWRT will do this all for you. In fact, this is done at the |
| 267 |
second run of \texttt{make} (the first one opens the configuration), and |
second run of \command{make} (the first one opens the configuration), and |
| 268 |
therefore can be seen as part of the first firmware build. For clarity |
therefore can be seen as part of the first firmware build. For clarity |
| 269 |
though, we will discuss these two things separately. |
though, we will discuss these two things separately. |
| 270 |
|
|
| 274 |
building of firmware images (for explanations see the chapter above). |
building of firmware images (for explanations see the chapter above). |
| 275 |
|
|
| 276 |
\subsection{Creating A Configuration} |
\subsection{Creating A Configuration} |
| 277 |
The first step is to run \texttt{make}. After checking some prerequisites (see |
|
| 278 |
,,Troubleshooting'' below for aid in problems), a console based configuration |
The first step is to run \command{make}. After checking some prerequisites (see |
| 279 |
|
\nameref{ch:troubleshooting} below for aid in problems), a console based configuration |
| 280 |
menu should start. Theoretically no choices have to be made, but it's proven |
menu should start. Theoretically no choices have to be made, but it's proven |
| 281 |
useful to at least: |
useful to at least: |
| 282 |
\begin{itemize} |
\begin{itemize} |
| 283 |
\item select a target (menu: ,,Embedded System'') |
\item select a target (menu: \code{Embedded System}) |
| 284 |
\item select the root filesystem type (menu: ,,Target Firmware type'') |
\item select the root filesystem type (menu: \code{Target Firmware type}) |
| 285 |
\end{itemize} |
\end{itemize} |
| 286 |
|
|
| 287 |
Then quit saving changes. If you forgot that, just run \texttt{make} again, redo |
Then quit saving changes. If you forgot that, just run \command{make} again, redo |
| 288 |
your changes, then save. |
your changes, then save. |
| 289 |
|
|
| 290 |
\subsection{Building ADK} |
\subsection{Building ADK} |
| 291 |
|
|
| 292 |
Now that you have a first minimal configuration, it is time to build the toolchain |
Now that you have a first minimal configuration, it is time to build the toolchain |
| 293 |
for cross-compiling. To do this, just enter {{{make}}} again. The build starts |
for cross-compiling. To do this, just enter \command{make} again. The build starts |
| 294 |
downloading and compiling each needed part of the toolchain, and later continues |
downloading and compiling each needed part of the toolchain, and later continues |
| 295 |
with building the first firmware image. Later one can be taken as proof of a |
with building the first firmware image. Later one can be taken as proof of a |
| 296 |
working ADK. |
working ADK. |
| 297 |
|
|
| 298 |
Already experienced in compiling gcc? Then you know... If not, better be told |
Already experienced in compiling \app{gcc}? Then you know\dots If not, better be told |
| 299 |
that it takes \underline{really long} to finish. In the meantime I suggest reading the |
that it takes \underline{really long} to finish. In the meantime I suggest reading the |
| 300 |
next chapter dealing with internals about cross-compiling. |
next chapter dealing with internals about cross-compiling. |
| 301 |
|
|
| 302 |
\section{Details Of Cross-Compiling} |
\section{Details Of Cross-Compiling} |
| 303 |
|
|
| 304 |
A cross-compile toolchain exists of a set of tools: a compiler, linker, assembler, |
A cross-compile toolchain exists of a set of tools: a compiler, linker, assembler, |
| 305 |
debugger and a c library. A cross-compile toolchain runs on your host system and |
debugger and a C~library. A cross-compile toolchain runs on your host system and |
| 306 |
creates native binaries for your target system. A cross-compile toolchain is |
creates native binaries for your target system. A cross-compile toolchain is |
| 307 |
basically created in six steps: |
basically created in six steps: |
| 308 |
|
|
| 309 |
\begin{enumerate} |
\begin{enumerate} |
| 310 |
\item Get and prepare the Kernel and C Library headers of your target system |
\item Get and prepare the Kernel and C~library headers of your target system |
| 311 |
\item Compile the binutils package for your target |
\item Compile the binutils package for your target |
| 312 |
\item Compile a static C compiler for your target |
\item Compile a static C~compiler for your target |
| 313 |
\item Compile and install a C library for your target |
\item Compile and install a C~library for your target |
| 314 |
\item Compile and install a full C/C++ compiler |
\item Compile and install a full C/C++~compiler |
| 315 |
\item Compile and install the GNU debugger |
\item Compile and install the GNU debugger |
| 316 |
\end{enumerate} |
\end{enumerate} |
| 317 |
|
|
| 318 |
The cross-compile toolchain is created in |
The cross-compile toolchain is created in |
| 319 |
,,staging\_dir\_\$(cpu\_arch)''\footnote{f.e. mipsel, which stands for MIPS Little |
\file{staging\_dir\_\$(cpu\_arch)}\footnote{e.g. mipsel, which stands for MIPS |
| 320 |
Endian)}. All the tools running on the host, but used to create, analyze or debug |
Little Endian}. All the tools running on the host, but used to create, analyze or debug |
| 321 |
for the target are kept in this directory. All addon headers and libraries |
for the target are kept in this directory. All addon headers and libraries |
| 322 |
are installed to this directory. |
are installed to this directory. |
| 323 |
|
|
| 324 |
If you want to compile a simple application without using the ADK, just use the |
If you want to compile a simple application without using the ADK, just use the |
| 325 |
compiler directly (f.e. compiling a MIPS Little Endian application): |
compiler directly (e.g. compiling a MIPS Little Endian application): |
| 326 |
\begin{verbatim} |
\begin{Verbatim}[label=compile a simple application with the cross-compiler] |
| 327 |
./staging_dir_mipsel/bin/mipsel-linux-uclibc-gcc -o myapp myapp.c |
./staging_dir_mipsel/bin/mipsel-linux-uclibc-gcc -o myapp myapp.c |
| 328 |
\end{verbatim} |
\end{Verbatim} |
| 329 |
|
|
| 330 |
Check with ,,file'' if you got a MIPS binary: |
Check with the tool \app{file} if you got a MIPS binary: |
| 331 |
\begin{verbatim} |
\begin{Verbatim}[label=check the binary with \app{file}] |
| 332 |
$ file myapp |
$ file myapp |
| 333 |
myapp: ELF 32-bit LSB MIPS-I executable, MIPS, version 1 (SYSV), dynamically |
myapp: ELF 32-bit LSB MIPS-I executable, MIPS, version 1 (SYSV), dynamically |
| 334 |
linked (uses shared libs), not stripped |
linked (uses shared libs), not stripped |
| 335 |
\end{verbatim} |
\end{Verbatim} |
| 336 |
|
|
| 337 |
\section{Building A FreeWRT Firmware Image} |
\section{Building A FreeWRT Firmware Image} |
| 338 |
|
|
| 339 |
Your local copy of the FreeWRT ADK should now be prepared for building firmware |
Your local copy of the FreeWRT ADK should now be prepared for building firmware |
| 340 |
images. The next step is to do an extensive configuration for the image you |
images. The next step is to do an extensive configuration for the image you |
| 341 |
want to create. To start the configuration menu, type ,,\texttt{make menuconfig}''. |
want to create. To start the configuration menu, type \command{make menuconfig}. |
| 342 |
|
|
| 343 |
When selecting packages, \texttt{<*>} means it will be inserted into the firmware |
When selecting packages, \code{<*>} means it will be inserted into the firmware |
| 344 |
images and \texttt{<M>} means it will be build as an addon package which can be |
images and \code{<M>} means it will be build as an addon package which can be |
| 345 |
installed later at runtime. |
installed later at runtime. |
| 346 |
|
|
| 347 |
The target device and filesystem should already been chosen by you to the right |
The target device and filesystem should already been chosen by you to the right |
| 348 |
value, if not you will have to issue a ,,\texttt{make clean}'' before actually |
value, if not you will have to issue a \command{make clean} before actually |
| 349 |
building the firmware image. Otherwise things get messed up. A smooth |
building the firmware image. Otherwise things get messed up. A smooth |
| 350 |
rebuild is a missing feature in the current ADK. For the packages, if unsure, you |
rebuild is a missing feature in the current ADK. For the packages, if unsure, you |
| 351 |
can just select one of the package collections. After that, you can still manually |
can just select one of the package collections. After that, you can still manually |
| 352 |
check the choices made by the collection and correct them if appropriate. Do not |
check the choices made by the collection and correct them if appropriate. Do not |
| 353 |
forget to save your configuration when leaving! |
forget to save your configuration when leaving! |
| 354 |
|
|
| 355 |
After leaving the menubased configuration, type ,,\texttt{make}'' again to build |
After leaving the menubased configuration, type \command{make} again to build |
| 356 |
the new FreeWRT firmware image. Depending on your package selections and |
the new FreeWRT firmware image. Depending on your package selections and |
| 357 |
underlying hardware, this will take different amounts of time. For your spare time |
underlying hardware, this will take different amounts of time. For your spare time |
| 358 |
there is the following chapter giving some explanation about what is done at this |
there is the following chapter giving some explanation about what is done at this |
| 361 |
\section{Firmware Build Process In Detail} |
\section{Firmware Build Process In Detail} |
| 362 |
|
|
| 363 |
Just like when building the ADK's toolchain, the sources for the selected |
Just like when building the ADK's toolchain, the sources for the selected |
| 364 |
packages are downloaded from the internet first, then build using the |
packages are downloaded from the internet first, then built using the |
| 365 |
cross-compiler and libraries of the ADK. |
cross-compiler and libraries of the ADK. |
| 366 |
|
|
| 367 |
The detailed order of firmware image building is: |
The detailed order of firmware image building is: |
| 368 |
|
|
| 369 |
\begin{itemize} |
\begin{itemize} |
| 370 |
\item compile the Linux kernel and all supported kernel modules |
\item compile the Linux kernel and all supported kernel modules |
| 371 |
\item compile all selected packages |
\item compile all selected packages |
| 372 |
\item clean the target root directory |
\item clean the target root directory |
| 373 |
\item install all packages to the target root directory |
\item install all packages to the target root directory |
| 374 |
\item create the root filesystem image |
\item create the root filesystem image |
| 375 |
\item create the firmware image (bootloader, kernel and root filesystem) |
\item create the firmware image (bootloader, kernel and root filesystem) |
| 376 |
\end{itemize} |
\end{itemize} |
| 377 |
|
|
| 378 |
The result of the build process is created in the ,,bin'' directory. |
The result of the build process is created in the directory \file{bin/}. |
| 379 |
You will find a firmware image in the top level directory. Check the size of |
You will find a firmware image in the top level directory. Check the size of |
| 380 |
the bin-file to see if it is small enough to fit into flash memory of |
the binary image file to see if it is small enough to fit into flash memory of |
| 381 |
your embedded system. Furthermore there is a ,,package'' directory, which |
your embedded system. Furthermore there is a directory \file{package/}, which |
| 382 |
contains all base and addon packages. |
contains all base and add--on packages. |
| 383 |
|
|
| 384 |
\section{Troubleshooting} |
\section{Troubleshooting} |
| 385 |
|
|
| 386 |
This section deals with various tips for problems with the ADK installation. |
This section deals with various tips for problems with the ADK installation. |
| 387 |
|
|
| 388 |
\subsection{Errors During Prerequisites Check} |
\subsection{Errors During Prerequisites Check} |
| 389 |
To re-issue the checks, use ,,make prereq''. |
|
| 390 |
|
To re-issue the checks, use \command{make prereq}. |
| 391 |
|
|
| 392 |
\begin{itemize} |
\begin{itemize} |
| 393 |
\item GNU make 3.80 too old |
\item GNU make 3.80 too old \\ |
| 394 |
On a Fedora Core 4 hostsystem the first you'll get is |
On a Fedora Core 4 hostsystem the first you'll get is |
| 395 |
\begin{verbatim} |
\begin{Verbatim}[label=error message with too old GNU make] |
| 396 |
$ make |
$ make |
| 397 |
GNU make 3.80 too old. |
GNU make 3.80 too old. |
| 398 |
Please install GNU make 3.81 or higher to continue. |
Please install GNU make 3.81 or higher to continue. |
| 400 |
It is suggested to upgrade your copy of bison to |
It is suggested to upgrade your copy of bison to |
| 401 |
GNU Bison 2.3 because of its bug fixes. |
GNU Bison 2.3 because of its bug fixes. |
| 402 |
make: *** [.prereq_done] Error 1 |
make: *** [.prereq_done] Error 1 |
| 403 |
\end{verbatim} |
\end{Verbatim} |
|
|
|
| 404 |
it is quite a nice error that tells you to use more up to date software, but we can |
it is quite a nice error that tells you to use more up to date software, but we can |
| 405 |
anyhow give this hostsystem a try and tell make to ignore those errors/warnings: |
anyhow give this hostsystem a try and tell make to ignore those |
| 406 |
\begin{verbatim} |
errors/warnings running \command{make prereq-noerror}. |
|
make prereq-noerror |
|
|
\end{verbatim} |
|
| 407 |
\end{itemize} |
\end{itemize} |
| 408 |
|
|
| 409 |
\subsection{Compilation errors} |
\subsection{Compilation errors} |
| 410 |
|
|
| 411 |
If you encounter any compilation errors, then first try to reproduce the error. |
If you encounter any compilation errors, then first try to reproduce the error. |
| 412 |
First update your ADK tree via ,,svn update'', to be sure that the error is not |
First update your ADK tree via \command{svn update}, to be sure that the error is not |
| 413 |
already fixed in the subversion repository. After that do a ,,make clean \&\& |
already fixed in the subversion repository. After that do a \command{make clean |
| 414 |
make'', to reproduce your problem. |
\&\& make}, to reproduce your problem. |
| 415 |
|
|
| 416 |
If you can reproduce the problem, please file a bug report. Please always |
If you can reproduce the problem, please file a bug report. Please always |
| 417 |
report following information: |
report following information: |
| 418 |
\begin{itemize} |
\begin{itemize} |
| 419 |
\item Operating system type and version |
\item Operating system type and version |
| 420 |
\item GCC and Binutils versions of your host system |
\item GCC and Binutils versions of your host system |
| 421 |
\item complete error message, not only the last 4 lines |
\item complete error message, not only the last 4 lines |
| 422 |
\end{itemize} |
\end{itemize} |
| 423 |
|
|
| 424 |
\chapter{Installing FreeWRT Firmware Images} |
\chapter{Installing FreeWRT Firmware Images}\label{ch:installing} |
| 425 |
|
|
| 426 |
The FreeWRT ADK produces a single image holding both kernel and root |
The FreeWRT ADK produces a single image holding both kernel and root |
| 427 |
filesystem. This image can be written into your hardware's builtin flash memory |
filesystem. This image can be written into your hardware's builtin flash memory |
| 428 |
on serveral ways (ordered by needed skills, increasing downwards): |
on serveral ways (ordered by needed skills, increasing downwards): |
| 429 |
\begin{itemize} % TODO: insert \ref's to jump to the appropriate section? |
\begin{itemize} |
| 430 |
\item via the original firmware's web interface |
\item via the original firmware's web interface |
| 431 |
\item via \texttt{mtd} when reflashing or migrating from another third party distribution |
(\autoref{sec:webinterface}) |
| 432 |
\item via network using a TFTP client |
\item via \texttt{mtd} when reflashing or migrating from another third |
| 433 |
|
party distribution (\autoref{sec:mtd}) |
| 434 |
|
\item via network using a TFTP client (\autoref{sec:tftp}) |
| 435 |
\end{itemize} |
\end{itemize} |
| 436 |
|
|
| 437 |
\section{Flashing The Firmware} |
\section{Flashing The Firmware} |
| 438 |
|
|
| 439 |
\subsection{Web Interface Method} |
\subsection{Web Interface Method}\label{sec:webinterface} |
| 440 |
|
|
| 441 |
The following text describes how to use the original firmware's web interface |
The following text describes how to use the original firmware's web interface |
| 442 |
to flash FreeWRT. The object of demonstration is an Asus WL500gP, but this |
to flash FreeWRT. The object of demonstration is an \term{Asus WL500gP}, but this |
| 443 |
guide should fit more or less fine for other systems, too. |
guide should fit more or less fine for other systems, too. |
| 444 |
|
|
| 445 |
If you flash a router from Linksys, we strongly suggest to use the popular |
If you flash a router from \term{Linksys}, we strongly suggest to use the popular |
| 446 |
\textbf{ping exploit} to allow recovery, if your image is broken or the flash |
\term{ping exploit} to allow recovery, if your image is broken or the flash |
| 447 |
process was interrupted by a power shortage. |
process was interrupted by a power shortage. |
| 448 |
|
|
| 449 |
There are some things that you should have done previously: |
There are some things that you should have done previously: |
| 450 |
\begin{itemize} |
\begin{itemize} |
| 451 |
\item read the special documentation page about your hardware in our wiki, some |
\item read the special documentation page about your hardware in our wiki, some |
| 452 |
systems need special precaution before flashing |
systems need special precaution before flashing |
| 453 |
\item a firmware image has to be built (matching the used hardware, of course) |
\item a firmware image has to be built (matching the used hardware, of course) |
| 454 |
\item the router has to be powered on |
\item the router has to be powered on |
| 455 |
\item your computer needs to be connected to one of the LAN ports (using IP |
\item your computer needs to be connected to one of the LAN ports |
| 456 |
address 192.168.1.2) |
(using IP address \file{192.168.1.2}) |
| 457 |
\end{itemize} |
\end{itemize} |
| 458 |
|
|
| 459 |
\parbox{17em}{ |
\parbox{17em}{ |
| 460 |
After preparation is complete, open your favourite browser and type |
After preparation is complete, open your favourite browser and type |
| 461 |
\texttt{192.168.1.1} into the address bar. You should reach the web interface's |
\command{192.168.1.1} into the address bar. You should reach the web interface's |
| 462 |
startup page: |
startup page: |
| 463 |
}\hfill\parbox{20em}{\includegraphics[width=20em]{pics/asus-startup.png}} \\ [1em] |
}\hfill\parbox{20em}{\includegraphics[width=20em]{pics/asus-startup.png}} \\ [1em] |
| 464 |
\parbox{17em}{ |
\parbox{17em}{ |
| 465 |
Then click \textit{System Setup}: |
Then click on \code{System Setup}: |
| 466 |
}\hfill\parbox{20em}{\includegraphics[width=20em]{pics/asus-system_setup.png}} \\ [1em] |
}\hfill\parbox{20em}{\includegraphics[width=20em]{pics/asus-system_setup.png}} \\ [1em] |
| 467 |
\parbox{17em}{ |
\parbox{17em}{ |
| 468 |
Then click \textit{Firmware Upgrade}, and enter the name of your firmware image |
In the new menu click on \code{Firmware Upgrade}, and enter the name of your firmware image |
| 469 |
into the appropriate field: |
into the appropriate field: |
| 470 |
}\hfill\parbox{20em}{\includegraphics[width=20em]{pics/asus-fw_upgrade.png}} \\ [1em] |
}\hfill\parbox{20em}{\includegraphics[width=20em]{pics/asus-fw_upgrade.png}} \\ [1em] |
| 471 |
Finally click \textit{Upload}. As the whole process of writing the image to |
Finally click on \code{Upload}. As the whole process of writing the image to |
| 472 |
flash and rebooting (don't forget that it creates ssh hostkeys on first boot) |
flash and rebooting (don't forget that it creates \app{ssh} hostkeys on first boot) |
| 473 |
takes quite long, better go and get a coffee or tea. |
takes quite long (yes, a couple of minutes). Better go and get a coffee or tea. |
| 474 |
|
|
| 475 |
When everything went good, you can login using ssh. The default username is |
When everything went well, you can login using \app{ssh}. The default username is |
| 476 |
\dq{}admin\dq{}. The default password for images created via WIB or ADK is |
"\code{admin}". The default password for images created via WIB or ADK is |
| 477 |
\dq{}FreeWRT\dq{}. It is possible to change this password in the ADK, before image |
"\code{FreeWRT}". It is possible to change this password in the ADK, |
| 478 |
creation. |
before image creation. |
| 479 |
|
|
| 480 |
\subsection{\texttt{mtd} -- The Flash Utility} |
\subsection{\texttt{mtd} -- The Flash Utility}\label{sec:mtd} |
| 481 |
|
|
| 482 |
For this method to work, you need to copy the file containing the firmware |
For this method to work, you need to copy the file containing the firmware |
| 483 |
image to the router, preferably into /tmp, the memory filesystem should be |
image to the router, preferably into \file{/tmp/}, the memory filesystem should be |
| 484 |
big enough to hold the full image. If not, use wget to get the image |
big enough to hold the full image. If not, use \app{wget} to get the image |
| 485 |
via http or ftp and pipe the result into \texttt{mtd}. |
via http or ftp and pipe the result into \app{mtd}. |
| 486 |
|
|
| 487 |
Then the image is written to flash using |
Then the image is written to flash using \app{mtd}, optionally giving |
| 488 |
\texttt{mtd}, optionally giving additional options (see below). |
additional options (see below). |
| 489 |
|
|
| 490 |
The \texttt{mtd} utility was written with simplicity and code size in mind. |
The \app{mtd} utility was written with simplicity and code size in mind. |
| 491 |
It's features were derived from the mtd-utils, %TODO: insert \ref to homepage |
It's features were derived from the |
| 492 |
|
\href{http://sources.redhat.com/jffs2/}{\app{mtd-utils}}, |
| 493 |
combining the needed parts into a single small tool providing all the |
combining the needed parts into a single small tool providing all the |
| 494 |
functionality necessary for FreeWRT, and leaving everything out that's not. |
functionality necessary for FreeWRT, and leaving everything out that's not. |
| 495 |
|
|
| 496 |
\texttt{mtd} provides the following features: |
\app{mtd} provides the following features: |
| 497 |
\begin{description} |
\begin{description} |
| 498 |
\item[unlock] some chips need unlocking before they can be written to |
\item[unlock] some chips need unlocking before they can be written to |
| 499 |
\item[erase] this is a filesystem independent method to delete all contents on |
\item[erase] this is a filesystem independent method to delete all contents on |
| 500 |
the flash. Basically this is like \texttt{format} in MS--DOS. |
the flash. Basically this is like \app{format} in MS--DOS. |
| 501 |
\item[write] this is generally the same functionality as using |
\item[write] this is generally the same functionality as using |
| 502 |
\texttt{dd} or \texttt{rawrite}, but \texttt{mtd} takes care of the quirks |
\app{dd} or \app{rawrite}, but \app{mtd} takes care of the quirks |
| 503 |
that have to be paid attention to for correctly handling the type of flash |
that have to be paid attention to for correctly handling the type of flash |
| 504 |
in use |
in use |
| 505 |
\end{description} |
\end{description} |
| 506 |
|
|
| 507 |
Further it can request your system to reboot. Some of the features mentioned here can |
Further it can request your system to reboot. Some of the features mentioned here can |
| 510 |
|
|
| 511 |
Mostly, similar to the sample usage shown in the help output should be all that has to be |
Mostly, similar to the sample usage shown in the help output should be all that has to be |
| 512 |
done to write the firmware to flash: |
done to write the firmware to flash: |
| 513 |
\begin{Verbatim} |
\begin{Verbatim}[label=write a previously downloaded new firmware-file into flash] |
| 514 |
# mtd -e linux -r write freewrt.bin linux & |
# mtd -e linux -r write freewrt.bin linux & |
| 515 |
\end{Verbatim} |
\end{Verbatim} |
| 516 |
Or via wget pipe: |
Or via wget pipe: |
| 517 |
\begin{Verbatim} |
\begin{Verbatim}[label=download and write a new firmware-file into flash] |
| 518 |
# wget -O - http://www.yourserver.com/freewrt.bin | mtd -e linux -r write - linux & |
# wget -O - http://www.yourserver.com/freewrt.bin | mtd -e linux -r write - linux & |
| 519 |
\end{Verbatim} |
\end{Verbatim} |
| 520 |
The parameters explained in detail: \\ |
The parameters explained in detail: |
| 521 |
\begin{tabular}{l|l} |
\begin{description} |
| 522 |
-e linux & erase existing data in flash\\ |
\item[\command{-e linux}] erase existing data in flash |
| 523 |
-r & trigger rebooting right after finishing work\\ |
\item[\command{-r}] trigger rebooting right after finishing work |
| 524 |
write & write the firmware image contained in the file given as next parameter |
\item[\command{write}] write the firmware image contained in the file given as |
| 525 |
to flash\\ |
next parameter to flash |
| 526 |
freewrt.bin & the actual image to write - ignore the suffix, it is detected at |
\item[\command{freewrt.bin}] the actual image to write -- ignore the suffix, |
| 527 |
runtime\\ |
it is detected at runtime |
| 528 |
linux & this is an abstract identifier for a certain partition in flash, so |
\item[\command{linux}] this is an abstract identifier for a certain partition |
| 529 |
don't change this\\ |
in flash, so don't change this |
| 530 |
\& & put the process into background, to prevent accidentally stopping\\ |
\item[\command{\&}] put the process into background, to prevent accidentally |
| 531 |
\end{tabular} |
stopping |
| 532 |
|
\end{description} |
| 533 |
|
|
| 534 |
\subsection{Installation using TFTP} |
\subsection{Installation using TFTP}\label{sec:tftp} |
| 535 |
|
|
| 536 |
All supported target devices are shipped with a builtin bootloader, comparable to |
All supported target devices are shipped with a builtin bootloader, comparable to |
| 537 |
the BIOS of x86--machines. This bootloader is used to bootstrap the system until |
the BIOS of \term{x86} machines. This bootloader is used to bootstrap the system until |
| 538 |
it can boot a regular operating system. Besides the ability to load |
it can boot a regular operating system. Besides the ability to load |
| 539 |
the executable code from flash, it can be received from another node in the |
the executable code from flash, it can be received from another node in the |
| 540 |
local area network via the famous TFTP protocol. |
local area network via the famous TFTP protocol. |
| 541 |
|
|
| 542 |
For doing this, there are two ways: \\ |
For doing this, there are two ways: |
| 543 |
\begin{itemize} |
\begin{itemize} |
| 544 |
\item the device acts as a client, asks the local dhcpd for a lease, the |
\item the device acts as a client, asks the local \app{dhcpd} for a lease, the |
| 545 |
address of the next tftpd and the filename to download |
address of the next \app{tftpd} and the filename to download |
| 546 |
\item the device acts as a server, having a known IP address and waiting for |
\item the device acts as a server, having a known IP address and waiting for |
| 547 |
any TFTP client to connect and send the file |
any TFTP client to connect and send the file |
| 548 |
\end{itemize} |
\end{itemize} |
| 549 |
|
|
| 550 |
Most of the hardware supported by FreeWRT 1.0 uses the second method. Only the |
Most of the hardware supported by FreeWRT 1.0 uses the second method. Only the |
| 551 |
device Netgear WGT634u is using the first method, the bootloader provides a |
device \term{Netgear WGT634u} is using the first method, the bootloader provides a |
| 552 |
DHCP/TFTP client. Though this may be a little confusing to people being familiar |
DHCP/TFTP client. Though this may be a little confusing to people being familiar |
| 553 |
with netboot technologies, it is definitely the easier way of doing it. Otherwise |
with netboot technologies, it is definitely the easier way of doing it. Otherwise |
| 554 |
one had to setup both DHCP and TFTP servers and configure them right. |
one had to setup both DHCP and TFTP servers and configure them right. |
| 556 |
The even quite simple task of sending the flash image to the target device is |
The even quite simple task of sending the flash image to the target device is |
| 557 |
made even more easy by providing a little shell script for the job. Invocation |
made even more easy by providing a little shell script for the job. Invocation |
| 558 |
is as follows: |
is as follows: |
| 559 |
\begin{Verbatim} |
\begin{Verbatim}[label=sending the new firmware via TFTP] |
| 560 |
$ ./scripts/flash.sh firmware.bin [address] |
$ ./scripts/flash.sh firmware.bin [address] |
| 561 |
\end{Verbatim} |
\end{Verbatim} |
| 562 |
The second Parameter \textit{address} is used to specify a different IP address |
The second Parameter \code{address} is used to specify a different IP address |
| 563 |
of the target device than the default \textit{192.168.1.1}. |
of the target device than the default \file{192.168.1.1}. |
| 564 |
|
|
| 565 |
\textbf{Beware:} do not rename the firmware image before flashing it using the |
\strong{Beware:} do not rename the firmware image before flashing it using the |
| 566 |
script as the original name is parsed to guess what hardware is to be flashed. |
script as the original name is parsed to guess what hardware is to be flashed. |
| 567 |
|
|
| 568 |
To actually being able to flash the device, it has to wait for a tftp |
To actually being able to flash the device, it has to wait for a tftp |
| 570 |
images and to improve bootup time, of course, this feature is disabled by |
images and to improve bootup time, of course, this feature is disabled by |
| 571 |
default. The following list shows what has to be done for a certain device to |
default. The following list shows what has to be done for a certain device to |
| 572 |
get it to wait at boot: \\ |
get it to wait at boot: \\ |
| 573 |
\begin{center}\begin{tabular}{l|l|l} % TODO: fill this table |
\begin{center} |
| 574 |
\textbf{Target Device} & \textbf{Action to be taken} & \textbf{Comments} \\ |
\begin{tabular}{l|l|p{7cm}} % TODO: fill this table |
| 575 |
\hline |
\strong{Target Device} & \strong{Action to be taken} & \strong{Comments} \\ |
| 576 |
All supported Linksys models & Ping Exploit & nvram variable boot\_wait needs to be on \\ |
\hline |
| 577 |
All supported Asus models & Recovery mode & power off, push and hold the |
All supported Linksys models & Ping Exploit & nvram variable \code{boot\_wait} needs to be on \\ |
| 578 |
reset button, power on, power led is flashing\\ |
All supported Asus models & Recovery mode & power off |
| 579 |
\end{tabular}\end{center} |
$\rightarrow$ push and hold the reset button |
| 580 |
|
$\rightarrow$ power on |
| 581 |
|
$\rightarrow$ power led is flashing\\ |
| 582 |
|
\end{tabular} |
| 583 |
|
\end{center} |
| 584 |
|
|
| 585 |
\chapter{FreeWRT Administration} |
\chapter{FreeWRT Administration}\label{ch:administration} |
| 586 |
|
|
| 587 |
After the FreeWRT firmware image has been built by the ADK and later flashed |
After the FreeWRT firmware image has been built by the ADK and later flashed |
| 588 |
onto the hardware, the resulting operating system has to be configured. This |
onto the hardware, the resulting operating system has to be configured. This |
| 591 |
|
|
| 592 |
\section{Network Configuration} |
\section{Network Configuration} |
| 593 |
|
|
| 594 |
The device names for real network interfaces in Linux are named ethx (x is |
The device names for real network interfaces in Linux are named \code{ethx} (\code{x} is |
| 595 |
0-9). If the device has a switch, the different ports are separated via VLAN |
\code{0--9}). If the device has a switch, the different ports are separated via VLAN |
| 596 |
technology. The vlan interfaces are named ethx.y. The network configuration in |
technology. The vlan interfaces are named \code{ethx.y}. The network configuration in |
| 597 |
FreeWRT is managed via Busybox's ifupdown implementation. Busybox's ip builtin |
FreeWRT is managed via \app{Busybox}'s \app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip} |
| 598 |
command configures the network interfaces. There is no \texttt{ifconfig} or \texttt{route}. |
command configures the network interfaces. There is no \app{ifconfig} or \app{route}. |
| 599 |
To show all configured network interfaces use: |
To show all configured network interfaces use: |
| 600 |
\begin{Verbatim} |
\begin{Verbatim}[label=show IP address] |
| 601 |
$ ip addr show |
$ ip addr show |
| 602 |
\end{Verbatim} |
\end{Verbatim} |
| 603 |
To show the kernel routing table use: |
To show the kernel routing table use: |
| 604 |
\begin{Verbatim} |
\begin{Verbatim}[label=show routing table] |
| 605 |
$ ip route show |
$ ip route show |
| 606 |
\end{Verbatim} |
\end{Verbatim} |
| 607 |
|
|
| 608 |
All available network settings can be found in \texttt{/etc/network/interfaces} |
All available network settings can be found in \file{/etc/network/interfaces} |
| 609 |
which has the common form: |
which has the common form: |
| 610 |
\begin{Verbatim}[label=/etc/network/interfaces] |
\begin{Verbatim}[label=common form of \file{/etc/network/interfaces}] |
| 611 |
auto <iface-name> |
auto <iface-name> |
| 612 |
iface <iface-name> inet <method> |
iface <iface-name> inet <method> |
| 613 |
<option-x> <value> |
<option-x> <value> |
| 615 |
<option-z> <value> |
<option-z> <value> |
| 616 |
\end{Verbatim} |
\end{Verbatim} |
| 617 |
|
|
| 618 |
\texttt{auto <iface-name>} is optional and, if set, tells the "ifup" script to |
\code{auto <iface-name>} is optional and, if set, tells the \app{ifup} script to |
| 619 |
start this interface automatically on bootup. |
start this interface automatically on bootup. |
| 620 |
|
|
| 621 |
Each interface needs a unique name which, depending on the method, represents |
Each interface needs a unique name which, depending on the method, represents |
| 622 |
either a physical interface or a logical interface name like "eth0.1" for a |
either a physical interface or a logical interface name like \code{eth0.1} for a |
| 623 |
physical VLAN or "umts" as a logical name for a PPP interface. |
physical VLAN or \code{umts} as a logical name for a PPP interface. |
| 624 |
|
|
| 625 |
Possible methods are: |
Possible methods are: |
| 626 |
\begin{description} |
\begin{description} |
| 627 |
\item[static] use the given options to configure the interface statically |
\item[static] use the given options to configure the interface statically |
| 628 |
\item[dhcp] just start a dhcp client using the interface \texttt{iface-name} |
\item[dhcp] just start a dhcp client using the interface \code{iface-name} |
| 629 |
\item[manual] don't configure the interface but start pre-up.d hook scripts |
\item[manual] don't configure the interface but start \code{pre-up.d} hook scripts |
| 630 |
\item[ppp] run \texttt{pon <provider>} where \texttt{<provider>} is given as an interface option |
\item[ppp] run \code{pon <provider>} where \code{<provider>} is given as an interface option |
| 631 |
\end{description} |
\end{description} |
| 632 |
|
|
| 633 |
\subsection{Switch/VLAN} |
\subsection{Switch/VLAN} |
| 634 |
The switch built-in into the most routers is capable of separating each port |
The switch built-in into the most routers is capable of separating each port |
| 635 |
using VLAN tagging. You can configure the switch by simply adding the interface |
using VLAN tagging. You can configure the switch by simply adding the interface |
| 636 |
to the config file and giving the desired switch-ports: |
to the config file and giving the desired switch-ports: |
| 637 |
\begin{Verbatim}[label=/etc/network/interfaces] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 638 |
auto eth0.0 |
auto eth0.0 |
| 639 |
iface eth0.0 inet static |
iface eth0.0 inet static |
| 640 |
switch-ports 1 2 5* |
switch-ports 1 2 5* |
| 655 |
gateway 172.16.1.1 |
gateway 172.16.1.1 |
| 656 |
\end{Verbatim} |
\end{Verbatim} |
| 657 |
|
|
| 658 |
This configures three VLAN interfaces \texttt{eth0.0} on ports 1 and 2, |
This configures three VLAN interfaces \code{eth0.0} on ports 1 and 2, |
| 659 |
\texttt{eth0.1} on port 3 and 4 and \texttt{eth0.2} on port 0. |
\code{eth0.1} on port 3 and 4 and \code{eth0.2} on port 0. |
| 660 |
|
|
| 661 |
|
|
| 662 |
If you need to do some advanced settings, because you have for example |
If you need to do some advanced settings, because you have for example |
| 663 |
a powerful switch with a VLAN trunking port connected to one of your switch |
a powerful switch with a VLAN trunking port connected to one of your switch |
| 664 |
ports, the configuration would look like this: |
ports, the configuration would look like this: |
| 665 |
|
|
| 666 |
\begin{Verbatim}[label=/etc/network/interfaces] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 667 |
auto eth0.1 |
auto eth0.1 |
| 668 |
iface eth0.1 inet static |
iface eth0.1 inet static |
| 669 |
switch-ports 2 3 4 5* |
switch-ports 2 3 4 5* |
| 693 |
|
|
| 694 |
\end{Verbatim} |
\end{Verbatim} |
| 695 |
|
|
| 696 |
This configures four VLAN interfaces, \texttt{eth0.1} on physical ports 2, 3 and 4. |
This configures four VLAN interfaces, \code{eth0.1} on physical ports 2, 3 and 4. |
| 697 |
The interfaces \texttt{eth0.2}, \texttt{eth0.3} and \texttt{eth0.4} are three |
The interfaces \code{eth0.2}, \code{eth0.3} and \code{eth0.4} are three |
| 698 |
different networks with VLAN ID 2-4. The physical port 1 needs to be connected |
different networks with VLAN ID 2--4. The physical port 1 needs to be connected |
| 699 |
to a VLAN trunking port on a switch with knows the same VLAN IDs. |
to a VLAN trunking port on a switch with knows the same VLAN IDs. |
| 700 |
|
|
| 701 |
|
|
| 702 |
Explanation: |
Explanation: |
| 703 |
\begin{description} |
\begin{description} |
| 704 |
\item[port 0] this is typically the port labeled as WAN |
\item[port 0] this is typically the port labeled as WAN |
| 705 |
\item[port 1-4] these are typically the ports labeled as LAN |
\item[port 1--4] these are typically the ports labeled as LAN |
| 706 |
\item[port 5] this special port represents the port where the router-board is |
\item[port 5] this special port represents the port where the router--board is |
| 707 |
connected to the switch |
connected to the switch |
| 708 |
\item[*] one interface always need an asterisk behind port 5 which means it is |
\item[*] one interface always need an asterisk behind port 5 which means it is |
| 709 |
the default interface and gets all the packages with unknown tags. |
the default interface and gets all the packages with unknown tags. |
| 710 |
\end{description} |
\end{description} |
| 711 |
|
|
| 712 |
\subsection{Static IP configuration} |
\subsection{Static IP configuration} |
| 713 |
As you can see in the VLAN example three interfaces were configured with static |
As you can see in the VLAN example three interfaces were configured with static |
| 714 |
IP settings, so these are the commonly used options: |
IP settings, so these are the commonly used options: |
| 715 |
\begin{description} |
\begin{description} |
| 716 |
\item[address] the IP address - required |
\item[address] the IP address --- required |
| 717 |
\item[netmask] the netmask - required |
\item[netmask] the netmask --- required |
| 718 |
\item[broadcast] broadcast address - only required for legacy applications (if using +, it will calculated automatically by the kernel) |
\item[broadcast] broadcast address --- only required for legacy |
| 719 |
\item[gateway] an IP address added as default gateway if present |
applications (if using \code{+}, it will be calculated automatically by the kernel) |
| 720 |
\item[mac-address] if you need to change your MAC address (required for some DSL providers) |
\item[gateway] an IP address added as default gateway if present |
| 721 |
|
\item[mac-address] if you need to change your MAC address (required for some DSL providers) |
| 722 |
\end{description} |
\end{description} |
| 723 |
|
|
| 724 |
\subsection{DHCP} |
\subsection{DHCP} |
| 725 |
That's just as simple as: |
That's just as simple as: |
| 726 |
\begin{Verbatim}[label=/etc/network/interfaces] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 727 |
auto eth0.1 |
auto eth0.1 |
| 728 |
iface eth0.1 inet dhcp |
iface eth0.1 inet dhcp |
| 729 |
switch-ports 0 5 |
switch-ports 0 5 |
| 733 |
\subsection{Bridging} |
\subsection{Bridging} |
| 734 |
|
|
| 735 |
This is mostly needed to combine LAN and WLAN to a homogeneous network. |
This is mostly needed to combine LAN and WLAN to a homogeneous network. |
| 736 |
Be sure you have installed the package \texttt{bridge-utils}. |
Be sure you have installed the package \app{bridge-utils}. |
| 737 |
|
|
| 738 |
\begin{Verbatim}[label=/etc/network/interfaces] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 739 |
auto eth0.0 |
auto eth0.0 |
| 740 |
iface eth0.0 inet manual |
iface eth0.0 inet manual |
| 741 |
switch-ports 1 2 3 4 5* |
switch-ports 1 2 3 4 5* |
| 753 |
broadcast + |
broadcast + |
| 754 |
\end{Verbatim} |
\end{Verbatim} |
| 755 |
|
|
| 756 |
This creates a new bridging interface \texttt{br0} which combines the VLAN |
This creates a new bridging interface \code{br0} which combines the VLAN |
| 757 |
interface \texttt{eth0.0} (representing the LAN-ports 1-4) and the WLAN interface |
interface \code{eth0.0} (representing the LAN-ports 1--4) and the WLAN interface |
| 758 |
\texttt{eth1} (on some devices like Asus WL500gP this might be \texttt{eth2}). |
\code{eth1} (on some devices like \term{Asus WL500gP} this might be \code{eth2}). |
| 759 |
The bridge interface needs always be the last one, otherwise it can not find |
The bridge interface needs always be the last one, otherwise it can not find |
| 760 |
the interfaces in bridge-ifaces. |
the interfaces in \code{bridge-ifaces}. |
| 761 |
|
|
| 762 |
\subsection{WLAN} |
\subsection{WLAN} |
| 763 |
A router containing a WLAN interface has an additional ethernet device |
A router containing a WLAN interface has an additional ethernet device |
| 764 |
representing it. On Broadcom-based hardware it is typically \texttt{eth1} |
representing it. On Broad\-com-based hardware it is typically \code{eth1} |
| 765 |
(Linksys),\texttt{eth2} (Asus WL500gP) or on Netgear WGT634u which has a Madwifi |
(\term{Linksys}),\code{eth2} (\term{Asus WL500gP}) or on \term{Netgear WGT634u} which has a Madwifi |
| 766 |
WLAN chip, it is \texttt{ath0}, \texttt{ath1}, etc. You can use these interfaces |
WLAN chip, it is \code{ath0}, \code{ath1}, etc. You can use these interfaces |
| 767 |
standalone or bridged with other devices, e.g. the internal LAN. |
standalone or bridged with other devices, e.g. the internal LAN. |
| 768 |
|
|
| 769 |
\subsubsection{Basic Settings} |
\subsubsection{Basic Settings} |
| 770 |
|
|
| 771 |
Mandatory options and default parameters are in bold font. |
Mandatory options and default parameters are in bold font. |
| 772 |
|
|
| 773 |
\begin{tabular}{l|l|l} |
\begin{tabular}{l|l|p{10cm}} |
| 774 |
\textbf{Option} & \textbf{Parameter} & \textbf{Description} \\ |
\strong{Option} & \strong{Parameter} & \strong{Description} \\ |
| 775 |
|
\hline\hline |
| 776 |
|
\code{\strong{type}} & \code{broadcom} & Broadcom based card \\ |
| 777 |
|
& \code{atheros} & Madwifi driver \\ |
| 778 |
|
\hline |
| 779 |
|
\code{\strong{mode}} & \code{ap} & Access point mode \\ |
| 780 |
|
& \code{sta} & Client mode \\ |
| 781 |
|
& \code{adhoc} & Ad-Hoc mode \\ |
| 782 |
|
& \code{wds} & WDS point-to-point link over wireless\\ |
| 783 |
|
& \code{monitor} & The node acts as a passive monitor and only receives packets \\ |
| 784 |
|
\hline |
| 785 |
|
\code{\strong{ssid}} & \code{<String>} & Set the SSID (Network Name) \\ |
| 786 |
|
\hline |
| 787 |
|
\code{country} & \code{\{ALL|DE|JP|US|\ldots\}} & The country code used to determine the regulatory settings. \\ |
| 788 |
\hline |
\hline |
|
\textbf{type}& broadcom & Broadcom based card \\ |
|
|
& atheros & Madwifi driver \\ |
|
|
\textbf{mode}& ap & Access point mode \\ |
|
|
& sta & Client mode \\ |
|
|
& adhoc & Ad-Hoc mode \\ |
|
|
& wds & WDS point-to-point link over wireless\\ |
|
|
& monitor & The node acts as a passive monitor and only receives packets \\ |
|
|
\textbf{ssid}& <String> & Set the SSID (Network Name) \\ |
|
|
country & {ALL|DE|JP|US|...} & The country code used to determine the regulatory settings. \\ |
|
| 789 |
\end{tabular} |
\end{tabular} |
| 790 |
|
|
| 791 |
\subsubsection{Security Settings} |
\subsubsection{Security Settings} |
| 792 |
\begin{tabular}{l|l|l} |
\begin{longtable}{l|l|p{10cm}} |
| 793 |
\textbf{Option} & \textbf{Parameter} & \textbf{Description} \\ |
\strong{Option} & \strong{Parameter} & \strong{Description} \\ |
| 794 |
|
\hline\hline |
| 795 |
|
\code{\strong{security}} & \code{none} & No authorization \\ |
| 796 |
|
& \code{wep} & WEP key \\ |
| 797 |
|
& \code{wpa-psk} & WPA with preshared key \\ |
| 798 |
|
& \code{8021x} & IEEE 802.1X authentication \\ |
| 799 |
\hline |
\hline |
| 800 |
\textbf{security}& none & No authorization \\ |
\code{\strong{authorization}} & & \strong{wpa-psk} \\ |
| 801 |
& wep & WEP key \\ |
& \code{psk} & WPA PSK \\ |
| 802 |
& wpa-psk & WPA with preshared key \\ |
& \code{psk2} & WPA2 PSK \\ |
| 803 |
& 8021x & IEEE 802.1X authentication \\ |
& \code{psk psk2} & WPA PSK and WPA2 PSK \\ |
| 804 |
\textbf{authorization}& & \textbf{wpa-psk} \\ |
& & \strong{8021x} \\ |
| 805 |
& psk & WPA PSK \\ |
& \code{wpa} & WPA with RADIUS \\ |
| 806 |
& psk2 & WPA2 PSK \\ |
& \code{wpa2} & WPA2 with RADIUS \\ |
| 807 |
& psk psk2 & WPA PSK and WPA2 PSK \\ |
& \code{wpa wpa2} & WPA and WPA2 \\ |
| 808 |
& & \textbf{8021x} \\ |
\hline |
| 809 |
& wpa & WPA with RADIUS \\ |
\code{\strong{encryption}} & & \strong{wep} \\ |
| 810 |
& wpa2 & WPA2 with RADIUS \\ |
& --- & not needed, automatically by key size \\ |
| 811 |
& wpa wpa2 & WPA and WPA2 \\ |
& & \strong{wpa-psk} \\ |
| 812 |
\textbf{encryption}& & \textbf{wep} \\ |
& \code{tkip} & RC4 encryption \\ |
| 813 |
& - & not needed, automatically by key size \\ |
& \code{aes} & AES encryption \\ |
| 814 |
& & \textbf{wpa-psk} \\ |
& \code{aes+tkip} & support both \\ |
| 815 |
& tkip & RC4 encryption \\ |
& & \strong{8021x} \\ |
| 816 |
& aes & AES encryption \\ |
& \code{wep} & RC4 encryption (static) \\ |
| 817 |
& aes+tkip & support both \\ |
& \code{tkip} & RC4 encryption \\ |
| 818 |
& & \textbf{8021x} \\ |
& \code{aes} & AES encryption \\ |
| 819 |
& wep & RC4 encryption (static) \\ |
& \code{aes+tkip} & support both \\ |
| 820 |
& tkip & RC4 encryption \\ |
\hline |
| 821 |
& aes & AES encryption \\ |
\code{eap-type} & & \strong{8021x} \\ |
| 822 |
& aes+tkip & support both \\ |
& \code{\strong{tls}} & Transport Layer Security \\ |
| 823 |
eap-type & & \textbf{8021x} \\ |
& \code{ttls} & Tunnelled TLS \\ |
| 824 |
& \textbf{tls} & Transport Layer Security \\ |
& \code{peap} & Protected EAP \\ |
| 825 |
& ttls & Tunnelled TLS \\ |
& \code{leap} & Cisco Wireless \\ |
| 826 |
& peap & Protected EAP \\ |
\hline |
| 827 |
& leap & Cisco Wireless \\ |
\code{key} & & \strong{wep} \\ |
| 828 |
key & & \textbf{wep} \\ |
&\code{\{\strong{1}|2|3|4\}} & Select WEP key to use. \\ |
| 829 |
&\{\textbf{1}|2|3|4\}& Select WEP key to use. \\ |
\hline |
| 830 |
key[1..4] & & \textbf{wep} \\ |
\code{key[1..4]} & & \strong{wep} \\ |
| 831 |
& <String> & WEP key. The key must be 5, 13 or 16 bytes |
& \code{<String>} & WEP key. The key must be 5, 13 or 16 bytes |
| 832 |
long, or 10, 26, 32, or 64 hex digits long. The encryption |
long, or 10, 26, 32, or 64 hex digits long. The encryption |
| 833 |
algorithm is automatically selected based on the key size. key1 is |
algorithm is automatically selected based on the key size. key1 is |
| 834 |
the key for WEP client mode. \\ |
the key for WEP client mode. \\ |
| 835 |
wpa-key & & \textbf{wpa-psk} \\ |
\hline |
| 836 |
& <String> & Password to use with WPA/WPA2 PSK (at least 8, |
\code{wpa-key} & & \strong{wpa-psk} \\ |
| 837 |
up to 63 chars) \\ |
& <String> & Password to use with WPA/WPA2 PSK (at least 8, up to 63 chars) \\ |
| 838 |
wpa-gtk-rekey & & \textbf{wpa-psk}, \textbf{8021x} \\ |
\hline |
| 839 |
& <Int> (\textbf{3600}) & Rekeying interval in seconds. \\ |
\code{wpa-gtk-rekey} & & \strong{wpa-psk}, \strong{8021x} \\ |
| 840 |
\textbf{radius-ipaddr}& & \textbf{8021x} \\ |
& \code{<Int>} (\strong{3600}) & Rekeying interval in seconds. \\ |
| 841 |
& <a.b.c.d> & IP to connect. \\ |
\hline |
| 842 |
radius-port & & \textbf{8021x} \\ |
\code{\strong{radius-ipaddr}} & & \strong{8021x} \\ |
| 843 |
& <Int> (\textbf{1812}) & RADIUS-Port no. to connect \\ |
& \code{<a.b.c.d>} & IP to connect. \\ |
| 844 |
\textbf{radius-key}& & \textbf{8021x} \\ |
\hline |
| 845 |
& <String> & Shared Secret for connection to the Radius server \\ |
\code{radius-port} & & \strong{8021x} \\ |
| 846 |
\end{tabular} |
& \code{<Int>} (\strong{1812}) & RADIUS-Port no. to connect \\ |
| 847 |
|
\hline |
| 848 |
|
\strong{radius-key} & & \strong{8021x} \\ |
| 849 |
|
& \code{<String>} & Shared Secret for connection to the Radius server \\ |
| 850 |
|
\hline |
| 851 |
|
\end{longtable} |
| 852 |
|
|
| 853 |
\subsubsection{MAC filter} |
\subsubsection{MAC filter} |
| 854 |
\begin{tabular}{l|l|l} |
\begin{tabular}{l|l|p{10cm}} |
| 855 |
\textbf{Option} & \textbf{Parameter} & \textbf{Description} \\ |
\strong{Option} & \strong{Parameter} & \strong{Description} \\ |
| 856 |
macmode & {0|1|2} & 0 - Disable MAC address matching. \\ |
\hline\hline |
| 857 |
& & 1 - Deny association to stations on the MAC list. \\ |
\code{macmode} & \code{\{0|1|2\}} & 0: Disable MAC address matching. \\ |
| 858 |
& & 2 - Allow association to stations on the MAC list. \\ |
& & 1: Deny association to stations on the MAC list. \\ |
| 859 |
maclist & <MAC1> ... <MACn> & List of space separated mac addresses to |
& & 2: Allow association to stations on the MAC list. \\ |
| 860 |
allow/deny according to ''macmode''. Addresses should be entered with colons, |
\hline |
| 861 |
e.g.: 00:02:2D:08:E2:1D 00:03:3E:05:E1:1B\\ |
\code{maclist} & \code{<MAC1> \ldots <MACn>} & List of space separated mac addresses to |
| 862 |
|
allow/deny according to \code{macmode}. Addresses should be entered with colons, |
| 863 |
|
e.g.: "\code{00:02:2D:08:E2:1D 00:03:3E:05:E1:1B}"\\ |
| 864 |
\end{tabular} |
\end{tabular} |
| 865 |
|
|
| 866 |
\subsubsection{Wireless Distribution System (WDS)} |
\subsubsection{Wireless Distribution System (WDS)} |
| 867 |
\begin{tabular}{l|l|l} |
\begin{tabular}{l|l|p{10cm}} |
| 868 |
\texttt{Option} & \texttt{Parameter} & \texttt{Description} \\ |
\strong{Option} & \strong{Parameter} & \strong{Description} \\ |
| 869 |
lazywds & {0|1} & Accept WDS connections from anyone \\ |
\hline\hline |
| 870 |
wds-bridge & {brX} & Add WDS peers to bridge brX \\ |
\code{lazywds} & \code{\{0|1\}} & Accept WDS connections from anyone \\ |
| 871 |
wds-security & {wpa-psk} & secure the wds bridge with WPA (optional)\\ |
\hline |
| 872 |
wds-encryption & {aes|tkip} & Use AES or TKIP as cipher\\ |
\code{wds-bridge} & \code{br\{X\}} & Add WDS peers to bridge brX \\ |
| 873 |
wds-wpa-key & <String> & Password to use with WPA PSK (at least 8, up to 63 chars) \\ |
\hline |
| 874 |
wds & <MAC1> ... <MACn> & List of WDS peer mac addresses (xx:xx:xx:xx:xx:xx, space separated) \\ |
\code{wds-security} & \code{\{wpa-psk\}} & secure the wds bridge with WPA (optional)\\ |
| 875 |
|
\hline |
| 876 |
|
\code{wds-encryption} & \code{\{aes|tkip\}} & Use AES or TKIP as cipher\\ |
| 877 |
|
\hline |
| 878 |
|
\code{wds-wpa-key} & \code{<String>} & Password to use with WPA PSK (at least 8, up to 63 chars) \\ |
| 879 |
|
\hline |
| 880 |
|
\code{wds} & \code{<MAC1> \ldots <MACn>} & List of WDS peer mac addresses (\code{xx:xx:xx:xx:xx:xx}, space separated) \\ |
| 881 |
|
\hline |
| 882 |
\end{tabular} |
\end{tabular} |
| 883 |
|
|
| 884 |
\subsubsection{Miscellaneous} |
\subsubsection{Miscellaneous} |
| 885 |
\begin{tabular}{l|l|l} |
\begin{longtable}{l|l|p{10cm}} |
| 886 |
\textbf{Option} & \textbf{Parameter} & \textbf{Description} \\ |
\strong{Option} & \strong{Parameter} & \strong{Description} \\ |
| 887 |
channel & \{1-14\} & The wifi channel \\ |
\hline\hline |
| 888 |
maxassoc & \{1-255\} & Maximum number of associated clients \\ |
\code{channel} & \code{\{1--14\}} & The wifi channel \\ |
| 889 |
gmode & \{LegacyB| \textbf{Auto}| GOnly| BDeferred| Performance| LRS\} & Set the 54g Mode \\ |
\hline |
| 890 |
frameburst & \{\textbf{0}|1\} & Disable/Enable frameburst mode. \\ |
\code{maxassoc} & \code{\{1--255\}} & Maximum number of associated clients \\ |
| 891 |
txpower & \{0-255|\textbf{-1}\} & Set the transmit power in dBm \\ |
\hline |
| 892 |
rate & <Int> (\textbf{-1}) & force a fixed rate \\ |
% TODO: add descriptions to the different gmode settings |
| 893 |
& & valid values for 802.11a are (6, 9, 12, 18, 24, 36, 48, 54) \\ |
\code{gmode} & & Set the 54g Mode \\ |
| 894 |
& & valid values for 802.11b are (1, 2, 5.5, 11) \\ |
& \code{\strong{Auto}} & default \\ |
| 895 |
& & valid values for 802.11g are (1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54) \\ |
& \code{LegacyB} & \\ |
| 896 |
& &-1 means automatically determine the best rate \\ |
& \code{GOnly} & \\ |
| 897 |
rts & \{0-2347\} & Set the RTS threshhold. \\ |
& \code{BDeferred} & \\ |
| 898 |
frag & \{256-2346\} & Set the fragmentation threshhold. \\ |
& \code{Performance} & \\ |
| 899 |
afterburner & \{\textbf{0}|1\} & Enable Afterburner capability \\ |
& \code{LRS} & \\ |
| 900 |
isolate & \{\textbf{0}|1\} & Hide Clients from each other \\ |
\hline |
| 901 |
bridge-if & \{br0...brX\} & The bridge interface (optional) |
\code{frameburst} & \code{\{\strong{0}|1\}} & Disable/Enable frameburst mode. \\ |
| 902 |
\end{tabular} |
\hline |
| 903 |
|
\code{txpower} & \code{\{0--255|\strong{$-1$}\}} & Set the transmit power in dBm \\ |
| 904 |
|
\hline |
| 905 |
|
\code{rate} & \code{<Int> (\strong{$-1$})} & force a fixed rate \\ |
| 906 |
|
& & valid values for 802.11a are (6, 9, 12, 18, 24, 36, 48, 54) \\ |
| 907 |
|
& & valid values for 802.11b are (1, 2, 5.5, 11) \\ |
| 908 |
|
& & valid values for 802.11g are (1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54) \\ |
| 909 |
|
& & $-1$ means automatically determine the best rate \\ |
| 910 |
|
\hline |
| 911 |
|
\code{rts} & \code{\{0-2347\}} & Set the RTS threshhold. \\ |
| 912 |
|
\hline |
| 913 |
|
\code{frag} & \code{\{256-2346\}} & Set the fragmentation threshhold. \\ |
| 914 |
|
\hline |
| 915 |
|
\code{afterburner} & \code{\{\strong{0}|1\}} & Enable Afterburner capability \\ |
| 916 |
|
\hline |
| 917 |
|
\code{isolate} & \code{\{\strong{0}|1\}} & Hide Clients from each other \\ |
| 918 |
|
\hline |
| 919 |
|
\code{bridge-if} & \code{\{br0..brX\}} & The bridge interface (optional) \\ |
| 920 |
|
\hline |
| 921 |
|
\end{longtable} |
| 922 |
|
|
| 923 |
\subsubsection{Examples} |
\subsubsection{Examples} |
| 924 |
WLAN with WEP128 |
\paragraph{WLAN with WEP128} |
| 925 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 926 |
iface eth1 inet static |
iface eth1 inet static |
| 927 |
address 192.168.10.1 |
address 192.168.10.1 |
| 928 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 936 |
wireless-channel 11 |
wireless-channel 11 |
| 937 |
\end{Verbatim} |
\end{Verbatim} |
| 938 |
|
|
| 939 |
WLAN without encryption |
\paragraph{WLAN without encryption} |
| 940 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 941 |
iface eth1 inet static |
iface eth1 inet static |
| 942 |
address 192.168.10.1 |
address 192.168.10.1 |
| 943 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 950 |
wireless-channel 11 |
wireless-channel 11 |
| 951 |
\end{Verbatim} |
\end{Verbatim} |
| 952 |
|
|
| 953 |
WLAN with WPA2 (AES) |
\paragraph{WLAN with WPA2 (AES)} |
| 954 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 955 |
iface eth1 inet static |
iface eth1 inet static |
| 956 |
address 192.168.10.1 |
address 192.168.10.1 |
| 957 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 968 |
\end{Verbatim} |
\end{Verbatim} |
| 969 |
|
|
| 970 |
If you want to do MAC filtering, add the following to the sample above: |
If you want to do MAC filtering, add the following to the sample above: |
| 971 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 972 |
wireless-macmode 2 |
wireless-macmode 2 |
| 973 |
wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b |
wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b |
| 974 |
\end{Verbatim} |
\end{Verbatim} |
| 975 |
this enables the filter and defines the list to contain addresses that should be allowed. |
this enables the filter and defines the list to contain addresses that should be allowed. |
| 976 |
|
|
| 977 |
To enhance wireless performance, you can enable some flags like Broadcom's SpeedBooster. Normally, these flags are not dangerous: |
To enhance wireless performance, you can enable some flags like Broadcom's SpeedBooster. Normally, these flags are not dangerous: |
| 978 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 979 |
wireless-gmode performance |
wireless-gmode performance |
| 980 |
wireless-frameburst 1 |
wireless-frameburst 1 |
| 981 |
wireless-afterburner 1 |
wireless-afterburner 1 |
| 982 |
\end{Verbatim} |
\end{Verbatim} |
| 983 |
|
|
| 984 |
WLAN client with WPA2 (AES) (''untested'') |
\paragraph{WLAN client with WPA2 (AES) (\strong{untested})} |
| 985 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 986 |
iface eth1 inet static |
iface eth1 inet static |
| 987 |
address 192.168.10.1 |
address 192.168.10.1 |
| 988 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 997 |
wireless-wpa-key 12345678 |
wireless-wpa-key 12345678 |
| 998 |
\end{Verbatim} |
\end{Verbatim} |
| 999 |
|
|
| 1000 |
WLAN client with WEP128 |
\paragraph{WLAN client with WEP128} |
| 1001 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1002 |
iface eth1 inet dhcp |
iface eth1 inet dhcp |
| 1003 |
wireless-type broadcom |
wireless-type broadcom |
| 1004 |
wireless-country DE |
wireless-country DE |
| 1011 |
WLAN with WDS nodes, the WDS nodes need to have the same |
WLAN with WDS nodes, the WDS nodes need to have the same |
| 1012 |
SSID, channel and encryption parameters. |
SSID, channel and encryption parameters. |
| 1013 |
|
|
| 1014 |
WDS node 1 (MAC of Wireless 06:05:04:03:02:01) |
WDS node 1 (MAC of Wireless \code{06:05:04:03:02:01}) |
| 1015 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1016 |
iface br0 inet static |
iface br0 inet static |
| 1017 |
bridge-ifaces eth1 |
bridge-ifaces eth1 |
| 1018 |
address 192.168.10.1 |
address 192.168.10.1 |
| 1027 |
wireless-wds 01:02:03:04:05:06 |
wireless-wds 01:02:03:04:05:06 |
| 1028 |
wireless-wds-bridge br0 |
wireless-wds-bridge br0 |
| 1029 |
\end{Verbatim} |
\end{Verbatim} |
| 1030 |
WDS node 2 (MAC of Wireless 01:02:03:04:05:06) |
WDS node 2 (MAC of Wireless \code{01:02:03:04:05:06}) |
| 1031 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1032 |
iface br0 inet static |
iface br0 inet static |
| 1033 |
bridge-ifaces eth1 |
bridge-ifaces eth1 |
| 1034 |
address 192.168.10.2 |
address 192.168.10.2 |
| 1044 |
wireless-wds-bridge br0 |
wireless-wds-bridge br0 |
| 1045 |
\end{Verbatim} |
\end{Verbatim} |
| 1046 |
|
|
| 1047 |
Peer-to-Peer mode (no encryption, IP must be static) |
\paragraph{Peer-to-Peer mode (no encryption, IP must be static)} |
| 1048 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1049 |
iface eth1 inet static |
iface eth1 inet static |
| 1050 |
address 192.168.10.1 |
address 192.168.10.1 |
| 1051 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 1061 |
\subsection{PPP} |
\subsection{PPP} |
| 1062 |
|
|
| 1063 |
PPP comes in various flavours for different situations, the most commonly |
PPP comes in various flavours for different situations, the most commonly |
| 1064 |
needed will likely be DSL and for WRT54G3G users UMTS. So there exists a |
needed will likely be DSL and for \term{WRT54G3G} users UMTS. So there exists a |
| 1065 |
hook-script that evaluates a "use-template" option and generates a ppp-peer. |
hook-script that evaluates a \code{use-template} option and generates a ppp-peer. |
| 1066 |
This way everything needed so far can be configured within the |
This way everything needed so far can be configured within the |
| 1067 |
\texttt{interfaces} file. Be sure you have installed the packages |
\code{interfaces} file. Be sure you have installed the packages |
| 1068 |
\texttt{kmod-ppp}, \texttt{ppp} and \texttt{ppp-mod-pppoe}. For providers |
\app{kmod-ppp}, \app{ppp} and \app{ppp-mod-pppoe}. For providers |
| 1069 |
using PPTP for authentication, instead of PPPoE, you need to install \texttt{pptp}. |
using PPTP for authentication, instead of PPPoE, you need to install \app{pptp}. |
| 1070 |
|
|
| 1071 |
\subsubsection{DSL with PPPoE} |
\subsubsection{DSL with PPPoE} |
| 1072 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1073 |
auto ppp0 |
auto ppp0 |
| 1074 |
iface ppp0 inet ppp |
iface ppp0 inet ppp |
| 1075 |
use-template dsl |
use-template dsl |
| 1079 |
ppp-device eth0.1 |
ppp-device eth0.1 |
| 1080 |
\end{Verbatim} |
\end{Verbatim} |
| 1081 |
|
|
| 1082 |
Now your DSL connection will be started on boot (\texttt{auto ppp0}) |
Now your DSL connection will be started on boot (\code{auto ppp0}) |
| 1083 |
and you can manually shut it down with \texttt{ifdown ppp0} or start it up with |
and you can manually shut it down with \command{ifdown ppp0} or start it up with |
| 1084 |
\texttt{ifup ppp0}. |
\command{ifup ppp0}. |
| 1085 |
The template \texttt{dsl} will configure a typical PPPoE peer for you. |
The template \code{dsl} will configure a typical PPPoE peer for you. |
| 1086 |
|
|
| 1087 |
\subsubsection{DSL with PPTP} |
\subsubsection{DSL with PPTP} |
| 1088 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1089 |
auto ppp0 |
auto ppp0 |
| 1090 |
iface ppp0 inet ppp |
iface ppp0 inet ppp |
| 1091 |
use-template pptp |
use-template pptp |
| 1092 |
provider foobar |
provider foobar |
| 1093 |
ppp-username foo |
ppp-username foo |
| 1094 |
ppp-password bar |
ppp-password bar |
| 1095 |
ppp-modemip 10.0.0.1 |
ppp-modemip 10.0.0.1 |
| 1096 |
ppp-mtu 1480 |
ppp-mtu 1480 |
| 1097 |
ppp-device eth0.1 |
ppp-device eth0.1 |
| 1098 |
\end{Verbatim} |
\end{Verbatim} |
| 1099 |
|
|
| 1100 |
Now your DSL connection will be started on boot (\texttt{auto ppp0}) |
Now your DSL connection will be started on boot (\code{auto ppp0}) |
| 1101 |
and you can manually shut it down with \texttt{ifdown ppp0} or start it up with |
and you can manually shut it down with \command{ifdown ppp0} or start it up with |
| 1102 |
\texttt{ifup ppp0}. |
\command{ifup ppp0}. |
| 1103 |
The template \texttt{pptp} will configure a typical PPTP peer for you. |
The template \code{pptp} will configure a typical PPTP peer for you. |
| 1104 |
|
|
| 1105 |
\subsubsection{UMTS} |
\subsubsection{UMTS} |
| 1106 |
Same footprint different template and some specific options. That is all that |
Same footprint different template and some specific options. That is all that |
| 1107 |
is needed for an UMTS connection to Vodafone as it can be seen in this example. |
is needed for an UMTS connection to Vodafone as it can be seen in this example. |
| 1108 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1109 |
iface ppp0 inet ppp |
iface ppp0 inet ppp |
| 1110 |
use-template umts |
use-template umts |
| 1111 |
provider umts |
provider umts |
| 1116 |
umts-pincode 1234 |
umts-pincode 1234 |
| 1117 |
umts-mode umts_first |
umts-mode umts_first |
| 1118 |
\end{Verbatim} |
\end{Verbatim} |
| 1119 |
As you can see: unneeded options like \texttt{ppp-username} or |
As you can see: unneeded options like \code{ppp-username} or |
| 1120 |
\texttt{ppp-password} can just be removed or commented out. Don't leave them |
\code{ppp-password} can just be removed or commented out. Don't leave them |
| 1121 |
without a value as that causes a failure in \texttt{ipup}. It does work if you |
without a value as that causes a failure in \app{ipup}. It does work if you |
| 1122 |
give empty double quotes as value like "". |
give empty double quotes as value like \code{""}. |
| 1123 |
|
|
| 1124 |
Note that you have to set the correct APN, username and password for your provider! |
Note that you have to set the correct APN, username and password for your provider! |
| 1125 |
|
|
| 1126 |
You may also remove the pin from your SIM-card and the configuration if you like. |
You may also remove the pin from your SIM-card and the configuration if you like. |
| 1127 |
|
|
| 1128 |
For Linksys WRT54G3G a package called \texttt{broadcom-watchbutton} will be |
For \term{Linksys WRT54G3G} a package called \app{broadcom-watchbutton} will be |
| 1129 |
installed, this is a small daemon that monitors the UMTS-button of the router |
installed, this is a small daemon that monitors the UMTS-button of the router |
| 1130 |
and executes \texttt{ifup umts} or \texttt{ifdown umts} on a button press. |
and executes \command{ifup umts} or \command{ifdown umts} on a button press. |
| 1131 |
You have to set \texttt{watchbutton=YES} in /etc/rc.conf to have it start automatically. |
You have to set \code{watchbutton=YES} in /etc/rc.conf to have it start automatically. |
| 1132 |
|
|
| 1133 |
This is totally independent from the \texttt{auto umts} setting. Even if you |
This is totally independent from the \code{auto umts} setting. Even if you |
| 1134 |
start the connection on bootup you can shut it down again with a button press. |
start the connection on bootup you can shut it down again with a button press. |
| 1135 |
|
|
| 1136 |
\subsection{custom interface hooks} |
\subsection{custom interface hooks} |
| 1137 |
\subsubsection{per interface} |
\subsubsection{per interface} |
| 1138 |
You can execute various commands on interface startup or shutdown with special option: |
You can execute various commands on interface startup or shutdown with special option: |
| 1139 |
\begin{Verbatim} |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1140 |
iface foobar inet static |
iface foobar inet static |
| 1141 |
[...] |
[...] |
| 1142 |
pre-up <command> |
pre-up <command> |
| 1148 |
|
|
| 1149 |
You can give each option multiple times and their commands will be executed in given order. |
You can give each option multiple times and their commands will be executed in given order. |
| 1150 |
\begin{description} |
\begin{description} |
| 1151 |
\item[pre-up] before the interface will be started |
\item[pre-up] before the interface will be started |
| 1152 |
\item[up] after the interface was started successfully |
\item[up] after the interface was started successfully |
| 1153 |
\item[down] before the interface goes down |
\item[down] before the interface goes down |
| 1154 |
\item[post-down] after the interface shut down |
\item[post-down] after the interface shut down |
| 1155 |
\end{description} |
\end{description} |
| 1156 |
|
|
| 1157 |
\subsubsection{general hooks} |
\subsubsection{general hooks} |
| 1158 |
Additionally you can write scripts executed for each interface if you put them in |
Additionally you can write scripts executed for each interface if you put them in |
| 1159 |
\begin{itemize} |
\begin{itemize} |
| 1160 |
\item \texttt{/etc/network/if-pre-up.d} |
\item \texttt{/etc/network/if-pre-up.d} |
| 1161 |
\item \texttt{/etc/network/if-up.d} |
\item \texttt{/etc/network/if-up.d} |
| 1162 |
\item \texttt{/etc/network/if-down.d} |
\item \texttt{/etc/network/if-down.d} |
| 1163 |
\item \texttt{/etc/network/if-post-down.d} |
\item \texttt{/etc/network/if-post-down.d} |
| 1164 |
\end{itemize} |
\end{itemize} |
| 1165 |
Same semantics as above. |
Same semantics as above. |
| 1166 |
|
|
| 1167 |
\section{FWCF - FreeWRT Configuration Filesystem} |
\section{FWCF - FreeWRT Configuration Filesystem} |
| 1168 |
|
|
| 1169 |
FWCF is a separate flash partition for all changes made to the /etc directory. |
FWCF is a separate flash partition for all changes made to the \file{/etc/} directory. |
| 1170 |
There is a small tool named \texttt{fwcf}, which is used to setup the system or |
There is a small tool named \app{fwcf}, which is used to setup the system or |
| 1171 |
to commit changes to the fwcf partition. |
to commit changes to the fwcf partition. |
| 1172 |
|
|
| 1173 |
On bootup the script \texttt{/sbin/mount\_root} is executed, which calls \dq{}fwcf |
On bootup the script \file{/sbin/mount\_root} is executed, which calls |
| 1174 |
setup\dq{} to setup /etc as memory filesystem and overlay the changes committed |
\command{fwcf setup} to setup \file{/etc/} as memory filesystem and overlay the changes committed |
| 1175 |
to the fwcf partition. |
to the fwcf partition. |
| 1176 |
|
|
| 1177 |
If you change anything in /etc and like to keep the change, it is required to |
If you change anything in \file{/etc/} and like to keep the change, it is required to |
| 1178 |
execute \dq{}fwcf commit\dq{}. This will compress all changed or new files in /etc |
execute \command{fwcf commit}. This will compress all changed or new files in |
| 1179 |
and write the result into the fwcf partition. The fwcf partition is 128 Kb in |
\file{/etc/} and write the result into the fwcf partition. The fwcf partition is 128 Kb in |
| 1180 |
size. This size is not changeable at the moment. |
size. This size is not changeable at the moment. |
| 1181 |
|
|
| 1182 |
If you need more detailed information, please read the specification of FWCF, |
If you need more detailed information, please read the specification of FWCF, |
| 1183 |
which can be found |
which can be found |
| 1184 |
here \url{http://www.freewrt.org/trac/wiki/Documentation/Specs/FwCf} |
at \url{http://www.freewrt.org/trac/wiki/Documentation/Specs/FwCf} |
| 1185 |
|
|
| 1186 |
If you want to remove all your changes and start your configuration from scratch, |
If you want to remove all your changes and start your configuration from scratch, |
| 1187 |
use \dq{}fwcf erase\dq{}. This is also required if you switch between compression |
use \command{fwcf erase}. This is also required if you switch between compression |
| 1188 |
plugins. Right now LZO plugin is default. |
plugins. Right now LZO plugin is default. |
| 1189 |
|
|
| 1190 |
\section{IPKG - Packagemanagement} |
\section{IPKG - Packagemanagement} |
| 1191 |
|
|
| 1192 |
All software for FreeWRT is available as a IPKG package. IPKG is a package manager |
All software for FreeWRT is available as a IPKG package. IPKG is a package manager |
| 1193 |
very similar to Debian's dpkg/apt-get utilities. It is specially designed for |
very similar to Debian's \app{dpkg/apt-get} utilities. It is specially designed for |
| 1194 |
embedded systems and is widely used. The FreeWRT project use a special version, |
embedded systems and is widely used. The FreeWRT project use a special version, |
| 1195 |
which is embedded to the busybox binary. Normally the command line tool |
which is embedded to the busybox binary. Normally the command line tool |
| 1196 |
\texttt{ipkg} is pre-installed. |
\app{ipkg} is pre-installed. |
| 1197 |
|
|
| 1198 |
IPKG uses a configuration file similar to /etc/apt/sources.list, which |
IPKG uses a configuration file similar to \file{/etc/apt/sources.list}, which |
| 1199 |
contains a list of software repositories available via HTTP or FTP. |
contains a list of software repositories available via HTTP or FTP. |
| 1200 |
The configuration file \texttt{/etc/ipkg.conf} contains the official |
The configuration file \file{/etc/ipkg.conf} contains the official |
| 1201 |
FreeWRT 1.0 repository for your board and kernel version. |
FreeWRT 1.0 repository for your board and kernel version. |
| 1202 |
|
|
| 1203 |
To update the list of available packages execute following command as root: |
To update the list of available packages execute following command as root: |
| 1204 |
\begin{verbatim} |
\begin{Verbatim}[label=update list of available packages] |
| 1205 |
# ipkg update |
# ipkg update |
| 1206 |
\end{verbatim} |
\end{Verbatim} |
| 1207 |
|
|
| 1208 |
This command requires a working internet connection, because it will fetch a |
This command requires a working internet connection, because it will fetch a |
| 1209 |
package list from every repository declared in /etc/ipkg.conf. |
package list from every repository declared in \file{/etc/ipkg.conf}. |
| 1210 |
|
|
| 1211 |
To install a new package use following command: |
To install a new package use following command: |
| 1212 |
\begin{verbatim} |
\begin{Verbatim}[label=example installation of \app{tcpdump}] |
| 1213 |
# ipkg install tcpdump |
# ipkg install tcpdump |
| 1214 |
\end{verbatim} |
\end{Verbatim} |
| 1215 |
|
|
| 1216 |
This will install the package tcpdump and all dependencies onto the flash. |
This will install the package \app{tcpdump} and all dependencies onto the flash. |
| 1217 |
Where the data is saved depends on the root filesystem you decided to use while |
Where the data is saved depends on the root filesystem you decided to use while |
| 1218 |
installing FreeWRT. If you use jffs2 as root filesystem, then the package is |
installing FreeWRT. If you use jffs2 as root filesystem, then the package is |
| 1219 |
installed on the big linux partition. If you use squashfs-overlay, then the |
installed on the big linux partition. If you use squashfs-overlay, then the |
| 1222 |
package data is directly install into the jffs2 data partition, containing |
package data is directly install into the jffs2 data partition, containing |
| 1223 |
symlinks to the read-only squashfs partition. |
symlinks to the read-only squashfs partition. |
| 1224 |
|
|
| 1225 |
You can also remove packages, but this is only useful if you are using JFFS2 |
You can also remove packages, but this is only useful if you are using jffs2 |
| 1226 |
as root filesystem: |
as root filesystem: |
| 1227 |
\begin{verbatim} |
\begin{Verbatim}[label=example removal of \app{tcpdump}] |
| 1228 |
# ipkg remove tcpdump |
# ipkg remove tcpdump |
| 1229 |
\end{verbatim} |
\end{Verbatim} |
| 1230 |
|
|
| 1231 |
This will not remove any dependencies, installed earlier. For example, libpcap |
This will not remove any dependencies, installed earlier. For example, |
| 1232 |
is still installed after executing this command. |
\app{libpcap} is still installed after executing this command. |
| 1233 |
On jffs2 root filesystem you should never remove any essential packages like |
On jffs2 root filesystem you should never remove any essential packages like |
| 1234 |
busybox, fwcf or uclibc, otherwise you make the embedded system unusable. |
\app{busybox}, \app{fwcf} or \app{uclibc}, otherwise you make the embedded system unusable. |
| 1235 |
|
|
| 1236 |
Nearly the same as for removing packages, counts for ipkg upgrade. Please |
Nearly the same as for removing packages, counts for \command{ipkg upgrade}. Please |
| 1237 |
\textbf{never ever} use ipkg upgrade to update your embedded system. This command |
\strong{never ever} use \command{ipkg upgrade} to update your embedded system. This command |
| 1238 |
is only useful to upgrade single packages on a jffs2 rootfilesystem or data |
is only useful to upgrade single packages on a jffs2 rootfilesystem or data |
| 1239 |
partition. |
partition. |
| 1240 |
|
|
| 1242 |
|
|
| 1243 |
Some of the available packages containing software which start services at boot |
Some of the available packages containing software which start services at boot |
| 1244 |
time. For that we provide simple startup scripts, which are installed into the |
time. For that we provide simple startup scripts, which are installed into the |
| 1245 |
directory \texttt{/etc/init.d}. See following example for |
directory \file{/etc/init.d}. See following example for |
| 1246 |
the package \texttt{dnsmasq}, a combined dns and dhcp |
the package \app{dnsmasq}, a combined dns and dhcp |
| 1247 |
server daemon: |
server daemon: |
| 1248 |
|
|
| 1249 |
\begin{verbatim} |
\begin{Verbatim}[label=\file{/etc/init.d/S50dnsmasq}] |
| 1250 |
#!/bin/sh |
#!/bin/sh |
| 1251 |
|
|
| 1252 |
. /etc/rc.conf |
. /etc/rc.conf |
| 1272 |
;; |
;; |
| 1273 |
esac |
esac |
| 1274 |
exit 0 |
exit 0 |
| 1275 |
\end{verbatim} |
\end{Verbatim} |
| 1276 |
|
|
| 1277 |
After installation the package postinst script will add all needed changes to the |
After installation the package postinst script will add all needed changes to the |
| 1278 |
/etc directory. For example packages can add new user and groups, add new |
\file{/etc/} directory. For example packages can add new user and groups, add new |
| 1279 |
variables to /etc/rc.conf or just add new values to existing files as |
variables to \file{/etc/rc.conf} or just add new values to existing files as |
| 1280 |
/etc/services. It is FreeWRT policy to do not start any services after |
\file{/etc/services}. It is FreeWRT policy not to start any services after |
| 1281 |
installation or in case of a new boot. To start services on bootup you need to set |
installation or in case of a new boot. To start services on bootup you need to set |
| 1282 |
\$servicename=YES in /etc/rc.conf and commit your changes via \dq{}fwcf |
\code{\$servicename=YES} in \file{/etc/rc.conf} and commit your changes via |
| 1283 |
commit\dq{}. For every policy exist a exception, we start all essential services |
\command{fwcf commit}. For every policy exists an exception, we start all essential services |
| 1284 |
by default, like ssh daemon, syslog and network initialisation. |
by default, like ssh daemon, syslog and network initialisation. |
| 1285 |
|
|
| 1286 |
For some services you can control the startup behavior by modifying |
For some services you can control the startup behaviour by modifying |
| 1287 |
the services\_flags variable in /etc/rc.conf. |
the \code{\$servicename\_flags} variable in \file{/etc/rc.conf}. |
| 1288 |
|
|
| 1289 |
For example the variable \$ssh\_opts is provided as argument to the dropbear |
For example the variable \code{\$ssh\_opts} is provided as an argument to the dropbear |
| 1290 |
ssh daemon to control its behavior. |
ssh daemon to control its behaviour. |
| 1291 |
|
|
| 1292 |
Having this policy helps you to configure your FreeWRT embedded system without |
Having this policy helps you to configure your FreeWRT embedded system without |
| 1293 |
shooting yourself in the foot. For example if you try to realize a firewall system |
shooting yourself in the foot. For example if you try to realize a firewall system |
| 1294 |
and trying to set the rules in /etc/firewall.user, which is read by |
and trying to set the rules in \file{/etc/firewall.user}, which is read by |
| 1295 |
/etc/init.d/S45firewall, if the iptables package is installed. You can just |
\file{/etc/init.d/S45firewall}, if the iptables package is installed. You can just |
| 1296 |
reload the changed ruleset via /etc/init.d/S45firewall restart. If you managed |
reload the changed ruleset via \code{/etc/init.d/S45firewall restart}. If you managed |
| 1297 |
to kick you out of the system, you can just reboot the system and you gain access |
to kick you out of the system, you can just reboot the system and you gain access |
| 1298 |
again. As soon as your are ready with the firewall configuration and you decide |
again. As soon as your are ready with the firewall configuration and you decide |
| 1299 |
to activate the firewall rules on bootup, you set \$firewall=YES in /etc/rc.conf, |
to activate the firewall rules on bootup, you set \code{firewall=YES} in |
| 1300 |
commit your changes via \dq{}fwcf commit\dq{} and reboot. Now the firewall |
\file{/etc/rc.conf}, |
| 1301 |
|
commit your changes via \command{fwcf commit} and reboot. Now the firewall |
| 1302 |
rules will be activated on bootup. |
rules will be activated on bootup. |
| 1303 |
|
|
| 1304 |
|
|
| 1305 |
\chapter{Troubleshooting} |
\chapter{Troubleshooting}\label{ch:troubleshooting} |
| 1306 |
|
|
| 1307 |
\section{Failsafe Mode} |
\section{Failsafe Mode} |
| 1308 |
|
|
| 1314 |
When in failsafe mode, the device won't interpret any networking setup files. |
When in failsafe mode, the device won't interpret any networking setup files. |
| 1315 |
It stops even before the root filesystem gets mounted read--write, and fwcf is |
It stops even before the root filesystem gets mounted read--write, and fwcf is |
| 1316 |
set up. It will just set the LAN interface up and give it the IP address |
set up. It will just set the LAN interface up and give it the IP address |
| 1317 |
192.168.1.1 and netmask 255.255.255.0. Then it will start a telnet daemon, so |
\file{192.168.1.1} and netmask \file{255.255.255.0}. Then it will start a |
| 1318 |
you get straight access (without depending on the installed SSH--daemon). |
\app{telnet} daemon, so you get straight access (without depending on the installed SSH daemon). |
| 1319 |
|
|
| 1320 |
\subsection{How It Works} |
\subsection{How It Works} |
| 1321 |
|
|
| 1322 |
To get FreeWRT into failsafe mode you need physical access to the device and |
To get FreeWRT into failsafe mode you need physical access to the device and |
| 1323 |
the failsafe utility. The failsafe utility is built inside our ADK and |
the failsafe utility. The failsafe utility is built inside our ADK and |
| 1324 |
is available in the directory bin/ after a successful build. |
is available in the directory \file{bin/} after a successful build. |
| 1325 |
|
|
| 1326 |
If you just want to compile the tool and not a complete firmware image, |
If you just want to compile the tool and not a complete firmware image, |
| 1327 |
use following command: |
use following command: |
| 1328 |
|
|
| 1329 |
\begin{Verbatim} |
\begin{Verbatim}[label=building the failsafe utility for the host system] |
| 1330 |
$ make subdir=tools/failsafe install |
$ make subdir=tools/failsafe install |
| 1331 |
\end{Verbatim} |
\end{Verbatim} |
| 1332 |
|
|
| 1333 |
For some operating systems we provide ready to go binaries of failsafe. |
For some operating systems we provide ready to go binaries of failsafe. |
| 1334 |
Take a look at http://www.freewrt.org/downloads/tools/failsafe |
Take a look at \url{http://www.freewrt.org/downloads/tools/failsafe} |
| 1335 |
|
|
| 1336 |
The tool just opens a network socket and waits for a special UDP packet |
The tool just opens a network socket and waits for a special UDP packet |
| 1337 |
from the embedded device. FreeWRT sends the UDP packet via the first |
from the embedded device. FreeWRT sends the UDP packet via the first |
| 1343 |
cable. Use the failsafe port (in most cases one of the LAN ports), |
cable. Use the failsafe port (in most cases one of the LAN ports), |
| 1344 |
see the device specific page for the exact network port. |
see the device specific page for the exact network port. |
| 1345 |
|
|
| 1346 |
Configure your network interface to the IP address 192.168.1.2 with network |
Configure your network interface to the IP address \file{192.168.1.2} with network |
| 1347 |
mask 255.255.255.0. Now start the failsafe utility on your computer. |
mask \file{255.255.255.0}. Now start the failsafe utility on your computer. |
| 1348 |
|
|
| 1349 |
\begin{Verbatim} |
\begin{Verbatim} |
| 1350 |
$ ./failsafe |
$ ./failsafe |
| 1387 |
# fwcf setup |
# fwcf setup |
| 1388 |
\end{Verbatim} |
\end{Verbatim} |
| 1389 |
|
|
| 1390 |
Now you can change files in /etc and repair your broken configuration. |
Now you can change files in \file{/etc/} and repair your broken configuration. |
| 1391 |
Do not forget to commit your changes afterwards. |
Do not forget to commit your changes afterwards. |
| 1392 |
|
|
| 1393 |
\begin{Verbatim} |
\begin{Verbatim} |
| 1394 |
# fwcf commit |
# fwcf commit |
| 1395 |
\end{Verbatim} |
\end{Verbatim} |
| 1396 |
|
|
| 1397 |
If you want to start over with the default /etc directory, just remove the fwcf |
If you want to start over with the default \file{/etc/} directory, just remove the fwcf |
| 1398 |
partition content with following command: |
partition content with following command: |
| 1399 |
|
|
| 1400 |
\begin{Verbatim} |
\begin{Verbatim} |
| 1401 |
mtd erase fwcf |
mtd erase fwcf |
| 1402 |
\end{Verbatim} |
\end{Verbatim} |
| 1403 |
|
|
| 1404 |
You can either use "reboot -f" or "-r" for mtd to reboot the system. |
You can either use \command{reboot -f} or the option \command{-r} for \app{mtd} to reboot the system. |
| 1405 |
|
|
| 1406 |
%\section{Serial Console} |
%\section{Serial Console} |
| 1407 |
|
|