download image

download openwrt image for x86:

https://downloads.openwrt.org/releases/22.03.0/targets/x86/legacy/openwrt-22.03.0-x86-legacy-generic-squashfs-combined.img.gz

decompress image:

gzip -d openwrt-22.03.0-x86-legacy-generic-squashfs-combined.img.gz

copy image to pendrive:

dd if=openwrt-22.03.0-x86-legacy-generic-squashfs-combined.img of=/dev/sdd status=progress

soekris net6501

install e1000e driver for intel 82574L:

mkdir openwtr/23.05.3 -p
cd openwtr/23.05.3
wget https://downloads.openwrt.org/releases/23.05.3/targets/x86/legacy/packages/kmod-e1000e_5.15.150-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.3/targets/x86/legacy/packages/kmod-ptp_5.15.150-1_i386_pentium-mmx.ipk
opkg install *.ipk

load kernel module:

modprobe e1000e

configure network

edit /etc/config/network:

config interface 'loopback'
    option device 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config globals 'globals'
    option ula_prefix 'fd5c:aa60:b3ab::/48'

config device 'lan_br'
    option name 'br-lan'
    option type 'bridge'
    list ports 'eth1'
    list ports 'eth2'
    list ports 'eth3'

config device 'eth1'
    option name 'eth1'

config device 'eth2'
    option name 'eth2'

config device 'eth3'
    option name 'eth3'

config interface 'lan'
    option device 'br-lan'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.99.1'

config interface 'wan'
    option device 'eth0'
    option proto 'dhcp'
 
config interface 'wifi2'
    option proto 'static'
    option device 'wlan0'
    option ipaddr '172.16.164.254'
    option netmask '255.255.255.0'

edit /etc/config/wireless:

config wifi-device 'radio0'
    option type 'mac80211'
    option path 'pci0000:00/0000:00:1a.0/0000:0d:00.0'
    option channel '11'
    option band '2g'
    option htmode 'HE80'
    option cell_density '1'
    option txpower '11'
    option country 'US'

config wifi-iface 'wifinet0'
    option device 'radio0'
    option mode 'ap'
    option ssid 'mierdero'
    option encryption 'psk2+tkip+ccmp'
    option key 'livinglavidalinux'
    option network 'wifi2'
    option ifname 'wlan0'

start network:

service network start

install packages

update repo:

opkg update

install packages:

opkg install bash curl parted fdisk lsblk nano hostapd wireless-tools wpa-supplicant kmod-iwlwifi pciutils iwlwifi-firmware-ax200 iwlwifi-firmware-ax210

configure dhcp server

edit /etc/config/dhcp:

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option filterwin2k '0'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan.ovox.local'
    option expandhosts '1'
    option nonegcache '0'
    option cachesize '1000'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
    option nonwildcard '1'
    option localservice '1'
    option ednspacket_max '1232'
    option filter_aaaa '0'
    option filter_a '0'
    list server '4.2.2.1'
    list server '4.2.2.2'

config dhcp 'lan'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option dhcpv4 'server'
    option ra 'server'
    option ra_slaac '1'
    list ra_flags 'managed-config'
    list ra_flags 'other-config' 

config dhcp 'wan'
    option interface 'wan'
    option ignore '1' 

config odhcpd 'odhcpd'
    option maindhcp '0'
    option leasefile '/tmp/hosts/odhcpd'
    option leasetrigger '/usr/sbin/odhcpd-update'
    option loglevel '4'  

config dhcp 'wifi2'
    option interface 'wifi2'
    option start '240'
    option leasetime '2m'
    option limit '14'

restart dhcp service:

service dnsmasq restart

configure firewall

edit /etc/config/firewall:

config defaults
    option syn_flood    1
    option input     REJECT
    option output    ACCEPT
    option forward   REJECT

config zone
    option name     lan
    list   network  'lan'
    option input    ACCEPT
    option output   ACCEPT
    option forward  ACCEPT

config zone
   option name     wan
   list   network  'wan'
   option input    REJECT
   option output   ACCEPT
   option forward  REJECT
   option masq     1
   option mtu_fix  1

config zone
   option name     wifi2
   list   network  'wifi2'
   option input    ACCEPT
   option output   ACCEPT
   option forward  ACCEPT
   option masq     1
   option mtu_fix  1

config forwarding
   option src     lan
   option dest    wan

config forwarding
   option src     wifi2
   option dest    wan

# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
   option name       Allow-DHCP-Renew
   option src        wan
   option proto      udp
   option dest_port  68
   option target     ACCEPT
   option family     ipv4

# Allow IPv4 ping
config rule
   option name       Allow-Ping
   option src        wan
   option proto      icmp
   option icmp_type  echo-request
   option family     ipv4
   option target     ACCEPT

config rule
   option name       Allow-IGMP
   option src        wan
   option proto      igmp
   option family     ipv4
   option target     ACCEPT

# Allow IPSec
config rule
   option name       Allow-IPSec-ESP
   option src        wan
   option dest       lan
   option proto      esp
   option target     ACCEPT

config rule
   option name       Allow-ISAKMP
   option src        wan
   option dest       lan
   option dest_port  500
   option proto      udp
   option target     ACCEPT

restart firewall:

service firewall restart

install luci theme

install packages:

opkg install luci-compat
opkg install luci-lib-ipkg
wget --no-check-certificate https://github.com/jerrykuku/luci-theme-argon/releases/download/v2.3.1/luci-theme-argon_2.3.1_all.ipk
opkg install luci-theme-argon_2.3.1_all.ipk