| 610 |
|
|
| 611 |
\section{Network Configuration} |
\section{Network Configuration} |
| 612 |
|
|
| 613 |
|
<<<<<<< .mine |
| 614 |
|
The device names for real network interfaces in Linux are named \code{ethx} (\code{x} is |
| 615 |
|
\code{0--9}). If the device has a switch, the different ports are separated via VLAN |
| 616 |
|
technology. The vlan interfaces are named \code{ethx.y}. The network configuration in |
| 617 |
|
FreeWRT is managed via \app{Busybox}'s \app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip} |
| 618 |
|
command configures the network interfaces. There is no \app{ifconfig} or \app{route}, you can activate |
| 619 |
|
it in the ADK menue, if you like. |
| 620 |
|
|
| 621 |
|
======= |
| 622 |
The device names for real network interfaces in Linux are named \code{ethx} |
The device names for real network interfaces in Linux are named \code{ethx} |
| 623 |
(\code{x} is \code{0--9}). If the device has a switch, the different ports are |
(\code{x} is \code{0--9}). If the device has a switch, the different ports are |
| 624 |
separated via VLAN technology. The vlan interfaces are named \code{ethx.y}. |
separated via VLAN technology. The vlan interfaces are named \code{ethx.y}. |
| 625 |
The network configuration in FreeWRT is managed via \app{Busybox}'s |
The network configuration in FreeWRT is managed via \app{Busybox}'s |
| 626 |
\app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip} command |
\app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip} command |
| 627 |
configures the network interfaces. There is no \app{ifconfig} or \app{route}. |
configures the network interfaces. There is no \app{ifconfig} or \app{route}. |
| 628 |
|
>>>>>>> .r2546 |
| 629 |
To show all configured network interfaces use: |
To show all configured network interfaces use: |
| 630 |
\begin{Verbatim}[label=show IP address] |
\begin{Verbatim}[label=show IP address] |
| 631 |
$ ip addr show |
$ ip addr show |
| 645 |
<option-z> <value> |
<option-z> <value> |
| 646 |
\end{Verbatim} |
\end{Verbatim} |
| 647 |
|
|
| 648 |
|
<<<<<<< .mine |
| 649 |
|
<b>ATTENTION: Be sure you have no whitespaces at the and of any value!</b> |
| 650 |
|
|
| 651 |
|
\code{auto <iface-name>} is optional and, if set, tells the \app{ifup} script to |
| 652 |
|
start this interface automatically on bootup. |
| 653 |
|
======= |
| 654 |
\code{auto <iface-name>} is optional and, if set, tells the \app{ifup} script |
\code{auto <iface-name>} is optional and, if set, tells the \app{ifup} script |
| 655 |
to start this interface automatically on bootup. |
to start this interface automatically on bootup. |
| 656 |
|
>>>>>>> .r2546 |
| 657 |
|
|
| 658 |
Each interface needs a unique name which, depending on the method, represents |
Each interface needs a unique name which, depending on the method, represents |
| 659 |
either a physical interface or a logical interface name like \code{eth0.1} for |
either a physical interface or a logical interface name like \code{eth0.1} for |
| 774 |
\end{Verbatim} |
\end{Verbatim} |
| 775 |
Typically this configures the WAN-Port to start a DHCP request on bootup. |
Typically this configures the WAN-Port to start a DHCP request on bootup. |
| 776 |
|
|
|
\subsection{Bridging} |
|
|
|
|
|
This is mostly needed to combine LAN and WLAN to a homogeneous network. Be |
|
|
sure you have installed the package \app{bridge-utils}. |
|
|
|
|
|
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
|
|
auto eth0.0 |
|
|
iface eth0.0 inet manual |
|
|
switch-ports 1 2 3 4 5* |
|
|
|
|
|
auto eth1 |
|
|
iface eth1 inet manual |
|
|
wireless-bridge-if br0 |
|
|
[... other wifi-settings, see below ...] |
|
|
|
|
|
auto br0 |
|
|
iface br0 inet static |
|
|
bridge-ifaces eth0.0 eth1 |
|
|
address 192.168.1.1 |
|
|
netmask 255.255.255.0 |
|
|
broadcast + |
|
|
\end{Verbatim} |
|
|
|
|
|
This creates a new bridging interface \code{br0} which combines the VLAN |
|
|
interface \code{eth0.0} (representing the LAN-ports 1--4) and the WLAN |
|
|
interface \code{eth1} (on some devices like \term{Asus WL500gP} this might be |
|
|
\code{eth2}). The bridge interface needs always be the last one, otherwise it |
|
|
can not find the interfaces in \code{bridge-ifaces}. |
|
|
|
|
| 777 |
\subsection{WLAN} |
\subsection{WLAN} |
| 778 |
A router containing a WLAN interface has an additional ethernet device |
A router containing a WLAN interface has an additional ethernet device |
| 779 |
representing it. On Broad\-com-based hardware it is typically \code{eth1} |
representing it. On Broad\-com-based hardware it is typically \code{eth1} |
| 969 |
\hline |
\hline |
| 970 |
\end{longtable} |
\end{longtable} |
| 971 |
|
|
| 972 |
\subsubsection{Examples} |
\subsubsection{Examples for wireless configuration} |
| 973 |
\paragraph{WLAN with WEP128} |
|
| 974 |
|
\paragraph{WLAN with WPA1/WPA2 AES+TKIP} |
| 975 |
|
|
| 976 |
|
This combination works with any kind of WPA client implementation. |
| 977 |
|
|
| 978 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 979 |
|
auto eth1 |
| 980 |
iface eth1 inet static |
iface eth1 inet static |
| 981 |
address 192.168.10.1 |
address 192.168.10.1 |
| 982 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 985 |
wireless-country DE |
wireless-country DE |
| 986 |
wireless-mode ap |
wireless-mode ap |
| 987 |
wireless-ssid FreeWRT |
wireless-ssid FreeWRT |
| 988 |
wireless-security wep |
wireless-security wpa-psk |
| 989 |
wireless-key1 11223344556677889900112233 |
wireless-authorization psk psk2 |
| 990 |
|
wireless-encryption aes+tkip |
| 991 |
|
wireless-wpa-key 12345678 |
| 992 |
wireless-channel 11 |
wireless-channel 11 |
| 993 |
\end{Verbatim} |
\end{Verbatim} |
| 994 |
|
|
| 995 |
\paragraph{WLAN without encryption} |
If you want to do MAC filtering, add the following to the sample above: |
| 996 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 997 |
iface eth1 inet static |
wireless-macmode 2 |
| 998 |
address 192.168.10.1 |
wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b |
|
netmask 255.255.255.0 |
|
|
broadcast + |
|
|
wireless-type broadcom |
|
|
wireless-country DE |
|
|
wireless-mode ap |
|
|
wireless-ssid FreeWRT |
|
|
wireless-security none |
|
|
wireless-channel 11 |
|
| 999 |
\end{Verbatim} |
\end{Verbatim} |
| 1000 |
|
this enables the filter and defines the list to contain addresses that should be allowed. |
| 1001 |
|
|
| 1002 |
|
\paragraph{WLAN without encryption} |
| 1003 |
|
|
| 1004 |
|
If you already use VPN to secure your connection, you can just use an unencrypted setup |
| 1005 |
|
and setup the firewall on your embedded device. |
| 1006 |
|
|
|
\paragraph{WLAN with WPA2 (AES)} |
|
| 1007 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1008 |
|
auto eth1 |
| 1009 |
iface eth1 inet static |
iface eth1 inet static |
| 1010 |
address 192.168.10.1 |
address 192.168.10.1 |
| 1011 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 1014 |
wireless-country DE |
wireless-country DE |
| 1015 |
wireless-mode ap |
wireless-mode ap |
| 1016 |
wireless-ssid FreeWRT |
wireless-ssid FreeWRT |
| 1017 |
wireless-security wpa-psk |
wireless-security none |
|
wireless-authorization psk2 |
|
|
wireless-encryption aes |
|
|
wireless-wpa-key 12345678 |
|
| 1018 |
wireless-channel 11 |
wireless-channel 11 |
| 1019 |
\end{Verbatim} |
\end{Verbatim} |
| 1020 |
|
|
| 1021 |
If you want to do MAC filtering, add the following to the sample above: |
\paragraph{WLAN client with WPA2 (AES)} |
|
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
|
|
wireless-macmode 2 |
|
|
wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b |
|
|
\end{Verbatim} |
|
|
this enables the filter and defines the list to contain addresses that should |
|
|
be allowed. |
|
| 1022 |
|
|
| 1023 |
To enhance wireless performance, you can enable some flags like Broadcom's |
This can only be used in routing mode, you can not bridge it with LAN or WAN interfaces. |
|
SpeedBooster. Normally, these flags are not dangerous: |
|
|
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
|
|
wireless-gmode performance |
|
|
wireless-frameburst 1 |
|
|
wireless-afterburner 1 |
|
|
\end{Verbatim} |
|
| 1024 |
|
|
|
\paragraph{WLAN client with WPA2 (AES) (\strong{untested})} |
|
| 1025 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1026 |
|
auto eth1 |
| 1027 |
iface eth1 inet static |
iface eth1 inet static |
| 1028 |
address 192.168.10.1 |
address 192.168.10.1 |
| 1029 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 1038 |
wireless-wpa-key 12345678 |
wireless-wpa-key 12345678 |
| 1039 |
\end{Verbatim} |
\end{Verbatim} |
| 1040 |
|
|
|
\paragraph{WLAN client with WEP128} |
|
|
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
|
|
iface eth1 inet dhcp |
|
|
wireless-type broadcom |
|
|
wireless-country DE |
|
|
wireless-mode sta |
|
|
wireless-ssid FreeWRT |
|
|
wireless-security wep |
|
|
wireless-key1 11223344556677889900112233 |
|
|
\end{Verbatim} |
|
|
|
|
| 1041 |
WLAN with WDS nodes, the WDS nodes need to have the same |
WLAN with WDS nodes, the WDS nodes need to have the same |
| 1042 |
SSID, channel and encryption parameters. |
SSID, channel and encryption parameters. The WDS connection is separetely |
| 1043 |
|
secured via WPA1 and AES. WPA2 for WDS connection security is \_not\_ working. |
| 1044 |
|
|
| 1045 |
WDS node 1 (MAC of Wireless \code{06:05:04:03:02:01}) |
WDS node 1 (MAC of Wireless \code{06:05:04:03:02:01}) |
| 1046 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1047 |
|
auto br0 |
| 1048 |
iface br0 inet static |
iface br0 inet static |
| 1049 |
bridge-ifaces eth1 |
bridge-ifaces eth1 |
| 1050 |
address 192.168.10.1 |
address 192.168.10.1 |
| 1054 |
wireless-country DE |
wireless-country DE |
| 1055 |
wireless-mode wds |
wireless-mode wds |
| 1056 |
wireless-ssid FreeWRT-WDS |
wireless-ssid FreeWRT-WDS |
| 1057 |
wireless-security none |
wireless-security wpa-psk |
| 1058 |
wireless-lazywds 0 |
wireless-authorization psk psk2 |
| 1059 |
|
wireless-encryption aes+tkip |
| 1060 |
|
wireless-wpa-key apkey |
| 1061 |
|
wireless-lazywds 1 |
| 1062 |
|
wireless-wds-security wpa-psk |
| 1063 |
|
wireless-wds-encryption aes |
| 1064 |
|
wireless-wds-wpa-key wdskey |
| 1065 |
wireless-wds 01:02:03:04:05:06 |
wireless-wds 01:02:03:04:05:06 |
| 1066 |
wireless-wds-bridge br0 |
wireless-wds-bridge br0 |
| 1067 |
\end{Verbatim} |
\end{Verbatim} |
| 1068 |
WDS node 2 (MAC of Wireless \code{01:02:03:04:05:06}) |
WDS node 2 (MAC of Wireless \code{01:02:03:04:05:06}) |
| 1069 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1070 |
|
auto br0 |
| 1071 |
iface br0 inet static |
iface br0 inet static |
| 1072 |
bridge-ifaces eth1 |
bridge-ifaces eth1 |
| 1073 |
address 192.168.10.2 |
address 192.168.10.2 |
| 1077 |
wireless-country DE |
wireless-country DE |
| 1078 |
wireless-mode wds |
wireless-mode wds |
| 1079 |
wireless-ssid FreeWRT-WDS |
wireless-ssid FreeWRT-WDS |
| 1080 |
wireless-security none |
wireless-security wpa-psk |
| 1081 |
wireless-lazywds 0 |
wireless-authorization psk psk2 |
| 1082 |
|
wireless-encryption aes+tkip |
| 1083 |
|
wireless-wpa-key apkey |
| 1084 |
|
wireless-lazywds 1 |
| 1085 |
|
wireless-wds-security wpa-psk |
| 1086 |
|
wireless-wds-encryption aes |
| 1087 |
|
wireless-wds-wpa-key wdskey |
| 1088 |
wireless-wds 06:05:04:03:02:01 |
wireless-wds 06:05:04:03:02:01 |
| 1089 |
wireless-wds-bridge br0 |
wireless-wds-bridge br0 |
| 1090 |
\end{Verbatim} |
\end{Verbatim} |
| 1091 |
|
|
| 1092 |
\paragraph{Peer-to-Peer mode (no encryption, IP must be static)} |
\paragraph{Peer-to-Peer/AdHoc mode (no encryption, IP must be static)} |
| 1093 |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1094 |
|
auto eth1 |
| 1095 |
iface eth1 inet static |
iface eth1 inet static |
| 1096 |
address 192.168.10.1 |
address 192.168.10.1 |
| 1097 |
netmask 255.255.255.0 |
netmask 255.255.255.0 |
| 1104 |
wireless-channel 11 |
wireless-channel 11 |
| 1105 |
\end{Verbatim} |
\end{Verbatim} |
| 1106 |
|
|
| 1107 |
|
\subsection{Bridging} |
| 1108 |
|
|
| 1109 |
|
This is mostly needed to combine LAN and WLAN to a homogeneous network. |
| 1110 |
|
Be sure you have installed the package \app{bridge-utils}. |
| 1111 |
|
See the example for a bridging setup, WLAN is secured via WPA/WPA2. |
| 1112 |
|
|
| 1113 |
|
\begin{Verbatim}[label=\file{/etc/network/interfaces}] |
| 1114 |
|
auto eth0.0 |
| 1115 |
|
iface eth0.0 inet manual |
| 1116 |
|
switch-ports 1 2 3 4 5* |
| 1117 |
|
|
| 1118 |
|
auto eth1 |
| 1119 |
|
iface eth1 inet manual |
| 1120 |
|
wireless-type broadcom |
| 1121 |
|
wireless-country DE |
| 1122 |
|
wireless-mode ap |
| 1123 |
|
wireless-ssid FreeWRT |
| 1124 |
|
wireless-channel 11 |
| 1125 |
|
wireless-security wpa-psk |
| 1126 |
|
wireless-authorization psk psk2 |
| 1127 |
|
wireless-encryption aes+tkip |
| 1128 |
|
wireless-wpa-key MyWlanSecret |
| 1129 |
|
wireless-bridge-if br0 |
| 1130 |
|
|
| 1131 |
|
auto br0 |
| 1132 |
|
iface br0 inet static |
| 1133 |
|
bridge-ifaces eth0.0 eth1 |
| 1134 |
|
address 192.168.1.1 |
| 1135 |
|
netmask 255.255.255.0 |
| 1136 |
|
broadcast + |
| 1137 |
|
\end{Verbatim} |
| 1138 |
|
|
| 1139 |
|
This creates a new bridging interface \code{br0} which combines the VLAN |
| 1140 |
|
interface \code{eth0.0} (representing the LAN-ports 1--4) and the WLAN interface |
| 1141 |
|
\code{eth1} (on some devices like \term{Asus WL500gP} this might be \code{eth2}). |
| 1142 |
|
The bridge interface needs always be the last one, otherwise it can not find |
| 1143 |
|
the interfaces in \code{bridge-ifaces}. |
| 1144 |
|
|
| 1145 |
\subsection{PPP} |
\subsection{PPP} |
| 1146 |
|
|
| 1147 |
PPP comes in various flavours for different situations, the most commonly |
PPP comes in various flavours for different situations, the most commonly |
Parent Directory
| 
Revision Log
| 
Patch
