Howto openwrt: Difference between revisions
Mandulete1 (talk | contribs) |
|||
(145 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
= download image = | = download image = | ||
download openwrt image for x86: | download openwrt image for x86: | ||
https://downloads.openwrt.org/releases/ | wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz | ||
decompress image: | decompress image: | ||
gzip -d openwrt- | gzip -d openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz | ||
copy image to pendrive: | copy image to pendrive: | ||
dd if=openwrt- | dd if=openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img of=/dev/sdd status=progress | ||
= upgrade = | |||
download upgrade image: | |||
wget https://mirror-03.infra.openwrt.org/releases/23.05.4/targets/x86/legacy/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz | |||
upgrade from terminal: | |||
sysupgrade -v /tmp/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz | |||
= soekris net6501 = | = soekris net6501 = | ||
install e1000e driver for intel 82574L: | install e1000e driver for intel 82574L: | ||
mkdir | mkdir openwrt/packages/23.05.4-x86 -p | ||
cd | cd openwrt/packages/23.05.4-x86 | ||
wget https://downloads.openwrt.org/releases/23.05. | wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/kmod-e1000e_5.15.162-1_i386_pentium-mmx.ipk | ||
wget https://downloads.openwrt.org/releases/23.05. | wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/kmod-ptp_5.15.162-1_i386_pentium-mmx.ipk | ||
wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/libc_1.2.4-4_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libsmartcols1_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/losetup_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/bash_5.2.15-1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libreadline8_8.2-1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libncurses6_6.4-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/blockdev_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/libparted_3.6-1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/parted_3.6-1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/lsblk_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/terminfo_6.4-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libmount1_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libblkid1_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libfdisk1_2.39-2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/fdisk_2.39-2_i386_pentium-mmx.ipk | |||
opkg install *.ipk | opkg install *.ipk | ||
= resize squashfs = | |||
download the following scripts: | |||
wget https://raw.githubusercontent.com/vidalinux/openwrt/main/resizefs.sh | |||
wget https://raw.githubusercontent.com/vidalinux/openwrt/main/expand.sh | |||
execute the script to resize your root partition: | |||
bash resizefs.sh | |||
execute the script to expand your partition: | |||
bash expand.sh | |||
then reboot: | |||
reboot | |||
= configure network = | = configure network = | ||
edit /etc/config/network: | edit /etc/config/network: | ||
config interface 'loopback' | config interface 'loopback' | ||
option device 'lo' | |||
option proto 'static' | |||
option ipaddr '127.0.0.1' | |||
option netmask '255.0.0.0' | |||
config globals 'globals' | config globals 'globals' | ||
option ula_prefix 'fd5c:aa60:b3ab::/48' | option ula_prefix 'fd5c:aa60:b3ab::/48' | ||
config device | config device 'lan_br' | ||
option name 'br-lan' | option name 'br-lan' | ||
option type 'bridge' | option type 'bridge' | ||
list ports ' | list ports 'eth1' | ||
list ports 'eth2' | |||
list ports 'eth3' | |||
config device 'eth1' | |||
option name 'eth1' | |||
config device 'eth2' | |||
option name 'eth2' | |||
config device 'eth3' | |||
option name 'eth3' | |||
config interface 'lan' | config interface 'lan' | ||
option device 'br-lan' | option device 'br-lan' | ||
option proto 'static' | option proto 'static' | ||
option netmask '255.255.255.0' | option netmask '255.255.255.0' | ||
option | option ipaddr '192.168.99.1' | ||
config interface 'wan' | |||
option device 'eth0' | |||
option proto 'dhcp' | |||
start network: | start network: | ||
service network | service network restart | ||
= install packages = | = install packages = | ||
update repo: | update repo: | ||
opkg update | opkg update | ||
install packages: | install packages: | ||
opkg install bash parted fdisk lsblk nano wireless-tools kmod-iwlwifi pciutils | opkg install bash curl parted fdisk lsblk nano hostapd wireless-tools wpa-supplicant kmod-iwlwifi pciutils blockdev mount-utils losetup resize2fs openssh-sftp-server iperf3 | ||
drivers for intel ax210 wireless module: | |||
opkg install iwlwifi-firmware-ax200 iwlwifi-firmware-ax210 | |||
= configure wireless = | |||
edit /etc/config/wireless: | |||
config wifi-device 'radio0' | |||
option type 'mac80211' | |||
option path 'pci0000:00/0000:00:1a.0/0000:0d:00.0' | |||
option channel '11' | |||
option band '2g' | |||
option htmode 'HE80' | |||
option cell_density '1' | |||
option txpower '11' | |||
option country 'US' | |||
config wifi-iface 'wifinet0' | |||
option device 'radio0' | |||
option mode 'ap' | |||
option ssid 'mierdero' | |||
option encryption 'psk2+tkip+ccmp' | |||
option key 'livinglavidalinux' | |||
option network 'wifi2' | |||
option ifname 'wlan0' | |||
add wlan0 interface to /etc/config/network: | |||
config interface 'wifi2' | |||
option proto 'static' | |||
option device 'wlan0' | |||
option ipaddr '172.16.164.254' | |||
option netmask '255.255.255.0' | |||
start network: | |||
service network restart | |||
= configure dhcp server = | |||
edit /etc/config/dhcp: | |||
config dnsmasq | |||
option domainneeded '1' | |||
option boguspriv '1' | |||
option filterwin2k '0' | |||
option localise_queries '1' | |||
option rebind_protection '1' | |||
option rebind_localhost '1' | |||
option local '/lan/' | |||
option domain 'lan.ovox.local' | |||
option expandhosts '1' | |||
option nonegcache '0' | |||
option cachesize '1000' | |||
option authoritative '1' | |||
option readethers '1' | |||
option leasefile '/tmp/dhcp.leases' | |||
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' | |||
option nonwildcard '1' | |||
option localservice '1' | |||
option ednspacket_max '1232' | |||
option filter_aaaa '0' | |||
option filter_a '0' | |||
list server '4.2.2.1' | |||
list server '4.2.2.2' | |||
config dhcp 'lan' | |||
option interface 'lan' | |||
option start '100' | |||
option limit '150' | |||
option leasetime '12h' | |||
option dhcpv4 'server' | |||
option ra 'server' | |||
option ra_slaac '1' | |||
list ra_flags 'managed-config' | |||
list ra_flags 'other-config' | |||
config dhcp 'wan' | |||
option interface 'wan' | |||
option ignore '1' | |||
config odhcpd 'odhcpd' | |||
option maindhcp '0' | |||
option leasefile '/tmp/hosts/odhcpd' | |||
option leasetrigger '/usr/sbin/odhcpd-update' | |||
option loglevel '4' | |||
config dhcp 'wifi2' | |||
option interface 'wifi2' | |||
option start '240' | |||
option leasetime '2m' | |||
option limit '14' | |||
restart dhcp service: | |||
service dnsmasq restart | |||
= configure firewall = | |||
edit /etc/config/firewall: | |||
config defaults | |||
option syn_flood 1 | |||
option input REJECT | |||
option output ACCEPT | |||
option forward REJECT | |||
config zone | |||
option name lan | |||
list network 'lan' | |||
option input ACCEPT | |||
option output ACCEPT | |||
option forward ACCEPT | |||
config zone | |||
option name wan | |||
list network 'wan' | |||
option input REJECT | |||
option output ACCEPT | |||
option forward REJECT | |||
option masq 1 | |||
option mtu_fix 1 | |||
config zone | |||
option name wifi2 | |||
list network 'wifi2' | |||
option input ACCEPT | |||
option output ACCEPT | |||
option forward ACCEPT | |||
option masq 1 | |||
option mtu_fix 1 | |||
config forwarding | |||
option src lan | |||
option dest wan | |||
config forwarding | |||
option src wifi2 | |||
option dest wan | |||
# We need to accept udp packets on port 68, | |||
# see https://dev.openwrt.org/ticket/4108 | |||
config rule | |||
option name Allow-DHCP-Renew | |||
option src wan | |||
option proto udp | |||
option dest_port 68 | |||
option target ACCEPT | |||
option family ipv4 | |||
# Allow IPv4 ping | |||
config rule | |||
option name Allow-Ping | |||
option src wan | |||
option proto icmp | |||
option icmp_type echo-request | |||
option family ipv4 | |||
option target ACCEPT | |||
config rule | |||
option name Allow-IGMP | |||
option src wan | |||
option proto igmp | |||
option family ipv4 | |||
option target ACCEPT | |||
# Allow IPSec | |||
config rule | |||
option name Allow-IPSec-ESP | |||
option src wan | |||
option dest lan | |||
option proto esp | |||
option target ACCEPT | |||
config rule | |||
option name Allow-ISAKMP | |||
option src wan | |||
option dest lan | |||
option dest_port 500 | |||
option proto udp | |||
option target ACCEPT | |||
dnat rule example: | |||
config redirect | |||
option src wan | |||
option src_dip 192.168.24.45 | |||
option dest lan | |||
option dest_ip 192.168.99.208 | |||
option target DNAT | |||
option name DNAT-IP-WAN-LAN | |||
option enabled | |||
snat rule example: | |||
config redirect | |||
option target SNAT | |||
option src lan | |||
option dest wan | |||
option src_ip 192.168.99.208 | |||
option src_dip 192.168.24.45 | |||
option enabled 1 | |||
option name SNAT-IP-LAN-WAN | |||
restart firewall: | |||
service firewall restart | |||
= configure 4g modem = | |||
install packages: | |||
opkg update | |||
opkg install qmi-utils lib-qmi luci-proto-qmi kmod-usb-net-qmi-wwan uqmi kmod-usb-net kmod-usb-net-cdc-ether kmod-usb-serial-wwan kmod-usb-serial-option kmod-usb-serial picocom | |||
configure network interface: | |||
config interface 'wwan' | |||
option ifname 'wwan0' | |||
option service 'fdd_lte' | |||
option apn 'fast.t-mobile.com' | |||
option proto 'qmi' | |||
option device '/dev/cdc-wdm0' | |||
option metric '40' | |||
option auth 'none' | |||
option pdptype 'ipv4' | |||
add the following rules to /etc/config/firewall: | |||
config dhcp 'wwan' | |||
option interface 'wwan' | |||
option ignore '1' | |||
config zone | |||
option name wwan | |||
list network 'wwan' | |||
option input REJECT | |||
option output ACCEPT | |||
option forward REJECT | |||
option masq 1 | |||
option mtu_fix 1 | |||
config forwarding | |||
option src lan | |||
option dest wwan | |||
reboot system: | |||
reboot | |||
check connection status: | |||
uqmi -d /dev/cdc-wdm0 --get-data-status | |||
check sim card status: | |||
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --uim-get-card-status | |||
= install luci = | |||
install packages: | |||
opkg install luci-compat | |||
opkg install luci-lib-ipkg | |||
install luci modules: | |||
opkg install luci-mod-rpc luci-mod-dashboard luci-mod-network luci-mod-system luci-mod-status luci-app-opkg | |||
download theme ipk: | |||
wget --no-check-certificate https://github.com/jerrykuku/luci-theme-argon/releases/download/v2.3.1/luci-theme-argon_2.3.1_all.ipk -O luci-theme-argon_2.3.1_all.ipk | |||
opkg install luci-theme-argon_2.3.1_all.ipk | |||
restart http server: | |||
service uhttpd restart | |||
enter web interface: | |||
https://192.168.99.1 | |||
= configure grub = | |||
set grub boot loader timeout edit /boot/grub/grub.cfg: | |||
set timeout="0" | |||
= mediatek 7916 = | |||
install the following packages: | |||
opkg install kmod-mt7915e kmod-mt7915-firmware kmod-mt7916-firmware kmod-mt7921-common kmod-mt7921-firmware kmod-mt7921e kmod-mt792x-common mt7986-wo-firmware | |||
= mediatek 7925 = | |||
download latest snapshot: | |||
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/openwrt-x86-legacy-generic-squashfs-combined.img.gz | |||
download packages: | |||
mkdir openwrt/snapshot-$(date +%F)/packages/ -p | |||
cd openwrt/snapshot-$(date +%F)/packages/ | |||
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-e1000e_6.6.51-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-pptp_6.6.51-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-gre_6.6.51-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-iptunnel_6.6.51-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/libc_1.2.5-r4_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libsmartcols1_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/losetup_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/bash_5.2.32-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libreadline8_8.2-r2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libncurses6_6.4-r2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/blockdev_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/libparted_3.6-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/parted_3.6-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/lsblk_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/terminfo_6.4-r2_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libmount1_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libblkid1_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libfdisk1_2.40.2-r1_i386_pentium-mmx.ipk | |||
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/fdisk_2.40.2-r1_i386_pentium-mmx.ipk | |||
opkg install *.ipk | |||
install mt7925 kernel module: | |||
opkg update | |||
opkg install kmod-mt7925e | |||
install firmware: | |||
mkdir -p /lib/firmware/mediatek/mt7925 && cd /lib/firmware/mediatek/mt7925 | |||
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/BT_RAM_CODE_MT7925_1_1_hdr.bin | |||
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/WIFI_MT7925_PATCH_MCU_1_1_hdr.bin | |||
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/WIFI_RAM_CODE_MT7925_1_1.bin | |||
load kernel module: | |||
modprobe mt7925e | |||
watch kernel for errors: | |||
dmesg |grep mt7925 | |||
install hostapd-ssl: | |||
opkg update | |||
opkg remove hostapd | |||
opkg install hostapd-openssl | |||
enable wifi: | |||
uci set wireless.radio0.disabled=0 | |||
wifi up | |||
add the following to /etc/rc.local: | |||
modprobe mt7925e | |||
uci set wireless.radio0.disabled=0 | |||
wifi up | |||
configure /etc/config/wireless: | |||
config wifi-device 'radio0' | |||
option type 'mac80211' | |||
option path 'pci0000:00/0000:00:1a.0/0000:0d:00.0' | |||
option band '6g' | |||
option channel '1' | |||
option htmode 'HE160' | |||
option disabled '0' | |||
option cell_density '0' | |||
option country 'DE' | |||
config wifi-iface 'default_radio0' | |||
option device 'radio0' | |||
option network 'lan' | |||
option mode 'ap' | |||
option ssid 'OpenWrt' | |||
option encryption 'sae' | |||
option key 'testtest' | |||
option ieee80211k '1' | |||
option ieee80211d '1' | |||
option ieee80211w '2' | |||
option ieee80211h '1' | |||
option ieee80211ax '1' | |||
configure /etc/config/network: | |||
config device | |||
option name 'phy0-ap0' | |||
reboot system: | |||
reboot | |||
= wifi pineapple nano = | |||
to flash the device continue holding the reset button for 10 seconds, then release: | |||
the blue led will remain solid | |||
set ip address to your usb ethernet interface: | |||
ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up | |||
download openwrt firmware image: | |||
wget https://mirror-03.infra.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-hak5_lan-turtle-squashfs-sysupgrade.bin | |||
browse to the following address to flash the device with new firmware: | |||
http://192.168.1.1 | |||
share internet with pineapple nano: | |||
cat > /usr/local/bin/sharenetwlan << EOF | |||
#!/bin/bash | |||
echo "1" > /proc/sys/net/ipv4/ip_forward | |||
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT | |||
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT | |||
iptables -t nat -I POSTROUTING -o wlan0 -j MASQUERADE | |||
EOF | |||
fix permissions and run script: | |||
chmod +x /usr/local/bin/sharenetwlan | |||
/usr/local/bin/sharenetwlan | |||
access pineapple nano via ssh: | |||
ssh root@192.168.1.1 | |||
fix nameservers: | |||
cat > /etc/resolv.conf << EOF | |||
nameserver 4.2.2.1 | |||
nameserver 4.2.2.2 | |||
EOF | |||
install wireless drivers: | |||
opkg install kmod-ath9k-htc kmod-ath9k-common ath9k-htc-firmware hostapd wireless-tools wpa-supplicant | |||
install support por sdcard: | |||
opkg install block-mount kmod-fs-ext4 e2fsprogs parted kmod-usb-storage kmod-mmc kmod-sdhci | |||
default hak5 pineapple nano image: | |||
https://downloads.hak5.org/api/devices/wifipineapplenano/firmwares/recovery | |||
= references = | |||
* http://www.soekris.com/products/net6501-1.html | |||
* http://www.soekris.com/media/manuals/net6501_manual.pdf | |||
* https://openwrt.org/toh/start | |||
* https://mirror-03.infra.openwrt.org/releases/23.05.3/targets | |||
* https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_nat | |||
* https://forum.openwrt.org/t/x86-64-build-mt7975-kmod-module/171529/5 | |||
* https://openwrt.org/docs/guide-user/network/wan/wwan/ltedongle | |||
* https://openwrt.org/docs/guide-user/additional-software/extroot_configuration | |||
* https://docs.hak5.org/wifi-pineapple-6th-gen-nano-tetra/faq-troubleshooting/firmware-recovery | |||
* https://asiarf.com/product/wi-fi-6e-mini-pcie-module-mt7916-aw7916-npd/ | |||
* https://firmware-selector.openwrt.org | |||
* https://aur.archlinux.org/packages/iwlwifi-lar-disable-dkms |
Latest revision as of 18:42, 16 September 2024
download image
download openwrt image for x86:
wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz
decompress image:
gzip -d openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz
copy image to pendrive:
dd if=openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img of=/dev/sdd status=progress
upgrade
download upgrade image:
wget https://mirror-03.infra.openwrt.org/releases/23.05.4/targets/x86/legacy/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz
upgrade from terminal:
sysupgrade -v /tmp/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz
soekris net6501
install e1000e driver for intel 82574L:
mkdir openwrt/packages/23.05.4-x86 -p cd openwrt/packages/23.05.4-x86 wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/kmod-e1000e_5.15.162-1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/kmod-ptp_5.15.162-1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/libc_1.2.4-4_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libsmartcols1_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/losetup_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/bash_5.2.15-1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libreadline8_8.2-1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libncurses6_6.4-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/blockdev_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/libparted_3.6-1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/parted_3.6-1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/lsblk_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/terminfo_6.4-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libmount1_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libblkid1_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libfdisk1_2.39-2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/fdisk_2.39-2_i386_pentium-mmx.ipk opkg install *.ipk
resize squashfs
download the following scripts:
wget https://raw.githubusercontent.com/vidalinux/openwrt/main/resizefs.sh wget https://raw.githubusercontent.com/vidalinux/openwrt/main/expand.sh
execute the script to resize your root partition:
bash resizefs.sh
execute the script to expand your partition:
bash expand.sh
then reboot:
reboot
configure network
edit /etc/config/network:
config interface 'loopback' option device 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fd5c:aa60:b3ab::/48' config device 'lan_br' option name 'br-lan' option type 'bridge' list ports 'eth1' list ports 'eth2' list ports 'eth3' config device 'eth1' option name 'eth1' config device 'eth2' option name 'eth2' config device 'eth3' option name 'eth3' config interface 'lan' option device 'br-lan' option proto 'static' option netmask '255.255.255.0' option ipaddr '192.168.99.1' config interface 'wan' option device 'eth0' option proto 'dhcp'
start network:
service network restart
install packages
update repo:
opkg update
install packages:
opkg install bash curl parted fdisk lsblk nano hostapd wireless-tools wpa-supplicant kmod-iwlwifi pciutils blockdev mount-utils losetup resize2fs openssh-sftp-server iperf3
drivers for intel ax210 wireless module:
opkg install iwlwifi-firmware-ax200 iwlwifi-firmware-ax210
configure wireless
edit /etc/config/wireless:
config wifi-device 'radio0' option type 'mac80211' option path 'pci0000:00/0000:00:1a.0/0000:0d:00.0' option channel '11' option band '2g' option htmode 'HE80' option cell_density '1' option txpower '11' option country 'US' config wifi-iface 'wifinet0' option device 'radio0' option mode 'ap' option ssid 'mierdero' option encryption 'psk2+tkip+ccmp' option key 'livinglavidalinux' option network 'wifi2' option ifname 'wlan0'
add wlan0 interface to /etc/config/network:
config interface 'wifi2' option proto 'static' option device 'wlan0' option ipaddr '172.16.164.254' option netmask '255.255.255.0'
start network:
service network restart
configure dhcp server
edit /etc/config/dhcp:
config dnsmasq option domainneeded '1' option boguspriv '1' option filterwin2k '0' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan.ovox.local' option expandhosts '1' option nonegcache '0' option cachesize '1000' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' option nonwildcard '1' option localservice '1' option ednspacket_max '1232' option filter_aaaa '0' option filter_a '0' list server '4.2.2.1' list server '4.2.2.2' config dhcp 'lan' option interface 'lan' option start '100' option limit '150' option leasetime '12h' option dhcpv4 'server' option ra 'server' option ra_slaac '1' list ra_flags 'managed-config' list ra_flags 'other-config' config dhcp 'wan' option interface 'wan' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' option loglevel '4' config dhcp 'wifi2' option interface 'wifi2' option start '240' option leasetime '2m' option limit '14'
restart dhcp service:
service dnsmasq restart
configure firewall
edit /etc/config/firewall:
config defaults option syn_flood 1 option input REJECT option output ACCEPT option forward REJECT config zone option name lan list network 'lan' option input ACCEPT option output ACCEPT option forward ACCEPT config zone option name wan list network 'wan' option input REJECT option output ACCEPT option forward REJECT option masq 1 option mtu_fix 1 config zone option name wifi2 list network 'wifi2' option input ACCEPT option output ACCEPT option forward ACCEPT option masq 1 option mtu_fix 1 config forwarding option src lan option dest wan config forwarding option src wifi2 option dest wan # We need to accept udp packets on port 68, # see https://dev.openwrt.org/ticket/4108 config rule option name Allow-DHCP-Renew option src wan option proto udp option dest_port 68 option target ACCEPT option family ipv4 # Allow IPv4 ping config rule option name Allow-Ping option src wan option proto icmp option icmp_type echo-request option family ipv4 option target ACCEPT config rule option name Allow-IGMP option src wan option proto igmp option family ipv4 option target ACCEPT # Allow IPSec config rule option name Allow-IPSec-ESP option src wan option dest lan option proto esp option target ACCEPT config rule option name Allow-ISAKMP option src wan option dest lan option dest_port 500 option proto udp option target ACCEPT
dnat rule example:
config redirect option src wan option src_dip 192.168.24.45 option dest lan option dest_ip 192.168.99.208 option target DNAT option name DNAT-IP-WAN-LAN option enabled
snat rule example:
config redirect option target SNAT option src lan option dest wan option src_ip 192.168.99.208 option src_dip 192.168.24.45 option enabled 1 option name SNAT-IP-LAN-WAN
restart firewall:
service firewall restart
configure 4g modem
install packages:
opkg update opkg install qmi-utils lib-qmi luci-proto-qmi kmod-usb-net-qmi-wwan uqmi kmod-usb-net kmod-usb-net-cdc-ether kmod-usb-serial-wwan kmod-usb-serial-option kmod-usb-serial picocom
configure network interface:
config interface 'wwan' option ifname 'wwan0' option service 'fdd_lte' option apn 'fast.t-mobile.com' option proto 'qmi' option device '/dev/cdc-wdm0' option metric '40' option auth 'none' option pdptype 'ipv4'
add the following rules to /etc/config/firewall:
config dhcp 'wwan' option interface 'wwan' option ignore '1' config zone option name wwan list network 'wwan' option input REJECT option output ACCEPT option forward REJECT option masq 1 option mtu_fix 1 config forwarding option src lan option dest wwan
reboot system:
reboot
check connection status:
uqmi -d /dev/cdc-wdm0 --get-data-status
check sim card status:
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --uim-get-card-status
install luci
install packages:
opkg install luci-compat opkg install luci-lib-ipkg
install luci modules:
opkg install luci-mod-rpc luci-mod-dashboard luci-mod-network luci-mod-system luci-mod-status luci-app-opkg
download theme ipk:
wget --no-check-certificate https://github.com/jerrykuku/luci-theme-argon/releases/download/v2.3.1/luci-theme-argon_2.3.1_all.ipk -O luci-theme-argon_2.3.1_all.ipk opkg install luci-theme-argon_2.3.1_all.ipk
restart http server:
service uhttpd restart
enter web interface:
https://192.168.99.1
configure grub
set grub boot loader timeout edit /boot/grub/grub.cfg:
set timeout="0"
mediatek 7916
install the following packages:
opkg install kmod-mt7915e kmod-mt7915-firmware kmod-mt7916-firmware kmod-mt7921-common kmod-mt7921-firmware kmod-mt7921e kmod-mt792x-common mt7986-wo-firmware
mediatek 7925
download latest snapshot:
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/openwrt-x86-legacy-generic-squashfs-combined.img.gz
download packages:
mkdir openwrt/snapshot-$(date +%F)/packages/ -p cd openwrt/snapshot-$(date +%F)/packages/ wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-e1000e_6.6.51-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-pptp_6.6.51-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-gre_6.6.51-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-iptunnel_6.6.51-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/libc_1.2.5-r4_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libsmartcols1_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/losetup_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/bash_5.2.32-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libreadline8_8.2-r2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libncurses6_6.4-r2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/blockdev_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/libparted_3.6-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/parted_3.6-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/lsblk_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/terminfo_6.4-r2_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libmount1_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libblkid1_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libfdisk1_2.40.2-r1_i386_pentium-mmx.ipk wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/fdisk_2.40.2-r1_i386_pentium-mmx.ipk opkg install *.ipk
install mt7925 kernel module:
opkg update opkg install kmod-mt7925e
install firmware:
mkdir -p /lib/firmware/mediatek/mt7925 && cd /lib/firmware/mediatek/mt7925 wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/BT_RAM_CODE_MT7925_1_1_hdr.bin wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/WIFI_MT7925_PATCH_MCU_1_1_hdr.bin wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/WIFI_RAM_CODE_MT7925_1_1.bin
load kernel module:
modprobe mt7925e
watch kernel for errors:
dmesg |grep mt7925
install hostapd-ssl:
opkg update opkg remove hostapd opkg install hostapd-openssl
enable wifi:
uci set wireless.radio0.disabled=0 wifi up
add the following to /etc/rc.local:
modprobe mt7925e uci set wireless.radio0.disabled=0 wifi up
configure /etc/config/wireless:
config wifi-device 'radio0' option type 'mac80211' option path 'pci0000:00/0000:00:1a.0/0000:0d:00.0' option band '6g' option channel '1' option htmode 'HE160' option disabled '0' option cell_density '0' option country 'DE' config wifi-iface 'default_radio0' option device 'radio0' option network 'lan' option mode 'ap' option ssid 'OpenWrt' option encryption 'sae' option key 'testtest' option ieee80211k '1' option ieee80211d '1' option ieee80211w '2' option ieee80211h '1' option ieee80211ax '1'
configure /etc/config/network:
config device option name 'phy0-ap0'
reboot system:
reboot
wifi pineapple nano
to flash the device continue holding the reset button for 10 seconds, then release:
the blue led will remain solid
set ip address to your usb ethernet interface:
ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up
download openwrt firmware image:
wget https://mirror-03.infra.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-hak5_lan-turtle-squashfs-sysupgrade.bin
browse to the following address to flash the device with new firmware:
http://192.168.1.1
share internet with pineapple nano:
cat > /usr/local/bin/sharenetwlan << EOF #!/bin/bash echo "1" > /proc/sys/net/ipv4/ip_forward iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -t nat -I POSTROUTING -o wlan0 -j MASQUERADE EOF
fix permissions and run script:
chmod +x /usr/local/bin/sharenetwlan /usr/local/bin/sharenetwlan
access pineapple nano via ssh:
ssh root@192.168.1.1
fix nameservers:
cat > /etc/resolv.conf << EOF nameserver 4.2.2.1 nameserver 4.2.2.2 EOF
install wireless drivers:
opkg install kmod-ath9k-htc kmod-ath9k-common ath9k-htc-firmware hostapd wireless-tools wpa-supplicant
install support por sdcard:
opkg install block-mount kmod-fs-ext4 e2fsprogs parted kmod-usb-storage kmod-mmc kmod-sdhci
default hak5 pineapple nano image:
https://downloads.hak5.org/api/devices/wifipineapplenano/firmwares/recovery
references
- http://www.soekris.com/products/net6501-1.html
- http://www.soekris.com/media/manuals/net6501_manual.pdf
- https://openwrt.org/toh/start
- https://mirror-03.infra.openwrt.org/releases/23.05.3/targets
- https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_nat
- https://forum.openwrt.org/t/x86-64-build-mt7975-kmod-module/171529/5
- https://openwrt.org/docs/guide-user/network/wan/wwan/ltedongle
- https://openwrt.org/docs/guide-user/additional-software/extroot_configuration
- https://docs.hak5.org/wifi-pineapple-6th-gen-nano-tetra/faq-troubleshooting/firmware-recovery
- https://asiarf.com/product/wi-fi-6e-mini-pcie-module-mt7916-aw7916-npd/
- https://firmware-selector.openwrt.org
- https://aur.archlinux.org/packages/iwlwifi-lar-disable-dkms