Howto openwrt: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
Line 371: Line 371:
  wifi up
  wifi up
= wifi pineapple nano =
= wifi pineapple nano =
continue holding the reset button for 10 seconds, then release:
to flash the device continue holding the reset button for 10 seconds, then release:
  the blue led will remain solid
  the blue led will remain solid
set ip address to your usb ethernet interface:
set ip address to your usb ethernet interface:

Revision as of 23:48, 9 August 2024

download image

download openwrt image for x86:

wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz

decompress image:

gzip -d openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img.gz

copy image to pendrive:

dd if=openwrt-23.05.4-x86-legacy-generic-squashfs-combined.img of=/dev/sdd status=progress

soekris net6501

install e1000e driver for intel 82574L:

mkdir openwrt/packages/23.05.4-x86 -p
cd openwrt/packages/23.05.4-x86
wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/kmod-e1000e_5.15.162-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/kmod-ptp_5.15.162-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/targets/x86/legacy/packages/libc_1.2.4-4_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libsmartcols1_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/losetup_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/bash_5.2.15-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libreadline8_8.2-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libncurses6_6.4-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/blockdev_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/libparted_3.6-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/packages/parted_3.6-1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/lsblk_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/terminfo_6.4-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libmount1_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libblkid1_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/libfdisk1_2.39-2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/releases/23.05.4/packages/i386_pentium-mmx/base/fdisk_2.39-2_i386_pentium-mmx.ipk
opkg install *.ipk

resize squashfs

download the following scripts:

wget https://raw.githubusercontent.com/vidalinux/openwrt/main/resizefs.sh
wget https://raw.githubusercontent.com/vidalinux/openwrt/main/expand.sh 

execute the script to resize your root partition:

bash resizefs.sh

execute the script to expand your partition:

bash expand.sh

then reboot:

reboot

configure network

edit /etc/config/network:

config interface 'loopback'
    option device 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config globals 'globals'
    option ula_prefix 'fd5c:aa60:b3ab::/48'

config device 'lan_br'
    option name 'br-lan'
    option type 'bridge'
    list ports 'eth1'
    list ports 'eth2'
    list ports 'eth3'

config device 'eth1'
    option name 'eth1'

config device 'eth2'
    option name 'eth2'

config device 'eth3'
    option name 'eth3'

config interface 'lan'
    option device 'br-lan'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.99.1'

config interface 'wan'
    option device 'eth0'
    option proto 'dhcp'

start network:

service network restart

install packages

update repo:

opkg update

install packages:

opkg install bash curl parted fdisk lsblk nano hostapd wireless-tools wpa-supplicant kmod-iwlwifi pciutils iwlwifi-firmware-ax200 iwlwifi-firmware-ax210 blockdev mount-utils losetup resize2fs openssh-sftp-server

configure wireless

edit /etc/config/wireless:

config wifi-device 'radio0'
    option type 'mac80211'
    option path 'pci0000:00/0000:00:1a.0/0000:0d:00.0'
    option channel '11'
    option band '2g'
    option htmode 'HE80'
    option cell_density '1'
    option txpower '11'
    option country 'US'

config wifi-iface 'wifinet0'
    option device 'radio0'
    option mode 'ap'
    option ssid 'mierdero'
    option encryption 'psk2+tkip+ccmp'
    option key 'livinglavidalinux'
    option network 'wifi2'
    option ifname 'wlan0'

add wlan0 interface to /etc/config/network:

config interface 'wifi2'
    option proto 'static'
    option device 'wlan0'
    option ipaddr '172.16.164.254'
    option netmask '255.255.255.0'

start network:

service network restart

configure dhcp server

edit /etc/config/dhcp:

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option filterwin2k '0'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan.ovox.local'
    option expandhosts '1'
    option nonegcache '0'
    option cachesize '1000'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
    option nonwildcard '1'
    option localservice '1'
    option ednspacket_max '1232'
    option filter_aaaa '0'
    option filter_a '0'
    list server '4.2.2.1'
    list server '4.2.2.2'

config dhcp 'lan'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option dhcpv4 'server'
    option ra 'server'
    option ra_slaac '1'
    list ra_flags 'managed-config'
    list ra_flags 'other-config' 

config dhcp 'wan'
    option interface 'wan'
    option ignore '1' 

config odhcpd 'odhcpd'
    option maindhcp '0'
    option leasefile '/tmp/hosts/odhcpd'
    option leasetrigger '/usr/sbin/odhcpd-update'
    option loglevel '4'  

config dhcp 'wifi2'
    option interface 'wifi2'
    option start '240'
    option leasetime '2m'
    option limit '14'

restart dhcp service:

service dnsmasq restart

configure firewall

edit /etc/config/firewall:

config defaults
    option syn_flood    1
    option input     REJECT
    option output    ACCEPT
    option forward   REJECT

config zone
    option name     lan
    list   network  'lan'
    option input    ACCEPT
    option output   ACCEPT
    option forward  ACCEPT

config zone
   option name     wan
   list   network  'wan'
   option input    REJECT
   option output   ACCEPT
   option forward  REJECT
   option masq     1
   option mtu_fix  1

config zone
   option name     wifi2
   list   network  'wifi2'
   option input    ACCEPT
   option output   ACCEPT
   option forward  ACCEPT
   option masq     1
   option mtu_fix  1

config forwarding
   option src     lan
   option dest    wan

config forwarding
   option src     wifi2
   option dest    wan

# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
   option name       Allow-DHCP-Renew
   option src        wan
   option proto      udp
   option dest_port  68
   option target     ACCEPT
   option family     ipv4

# Allow IPv4 ping
config rule
   option name       Allow-Ping
   option src        wan
   option proto      icmp
   option icmp_type  echo-request
   option family     ipv4
   option target     ACCEPT

config rule
   option name       Allow-IGMP
   option src        wan
   option proto      igmp
   option family     ipv4
   option target     ACCEPT

# Allow IPSec
config rule
   option name       Allow-IPSec-ESP
   option src        wan
   option dest       lan
   option proto      esp
   option target     ACCEPT

config rule
   option name       Allow-ISAKMP
   option src        wan
   option dest       lan
   option dest_port  500
   option proto      udp
   option target     ACCEPT

dnat rule example:

config redirect
       option src      wan
       option src_dip  192.168.24.45
       option dest     lan
       option dest_ip  192.168.99.208
       option target   DNAT
       option name     DNAT-IP-WAN-LAN
       option enabled

snat rule example:

config redirect
       option target           SNAT
       option src              lan
       option dest             wan
       option src_ip           192.168.99.208
       option src_dip          192.168.24.45
       option enabled          1
       option name             SNAT-IP-LAN-WAN

restart firewall:

service firewall restart

configure 4g modem

install packages:

opkg update 
opkg install qmi-utils lib-qmi luci-proto-qmi kmod-usb-net-qmi-wwan uqmi kmod-usb-net kmod-usb-net-cdc-ether kmod-usb-serial-wwan kmod-usb-serial-option kmod-usb-serial picocom

configure network interface:

config interface 'wwan'
    option ifname 'wwan0'
    option service 'fdd_lte'
    option apn 'fast.t-mobile.com'
    option proto 'qmi'
    option device '/dev/cdc-wdm0'
    option metric '40'
    option auth 'none'
    option pdptype 'ipv4'

add the following rules to /etc/config/firewall:

config dhcp 'wwan'
    option interface 'wwan'
    option ignore '1' 

config zone
   option name     wwan
   list   network  'wwan'
   option input    REJECT
   option output   ACCEPT
   option forward  REJECT
   option masq     1
   option mtu_fix  1

config forwarding
   option src     lan
   option dest    wwan

reboot system:

reboot

check connection status:

uqmi -d /dev/cdc-wdm0 --get-data-status

check sim card status:

qmicli --device=/dev/cdc-wdm0 --device-open-proxy --uim-get-card-status

install luci

install packages:

opkg install luci-compat
opkg install luci-lib-ipkg

install luci modules:

opkg install luci-mod-rpc luci-mod-dashboard luci-mod-network luci-mod-system luci-mod-status luci-app-opkg

download theme ipk:

wget --no-check-certificate https://github.com/jerrykuku/luci-theme-argon/releases/download/v2.3.1/luci-theme-argon_2.3.1_all.ipk -O luci-theme-argon_2.3.1_all.ipk
opkg install luci-theme-argon_2.3.1_all.ipk

restart http server:

service uhttpd restart

enter web interface:

https://192.168.99.1

configure grub

set grub boot loader timeout edit /boot/grub/grub.cfg:

set timeout="0"

mediatek 7925

download latest snapshot:

wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/openwrt-x86-legacy-generic-squashfs-combined.img.gz

download packages:

mkdir openwrt/snapshot-$(date +%F)/packages/ -p
cd openwrt/snapshot-$(date +%F)/packages/
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-e1000e_6.6.44-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-pptp_6.6.44-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-gre_6.6.44-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/kmod-iptunnel_6.6.44-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/targets/x86/legacy/packages/libc_1.2.5-r4_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libsmartcols1_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/losetup_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/bash_5.2.21-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libreadline8_8.2-r2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libncurses6_6.4-r2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/blockdev_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/libparted_3.6-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/packages/parted_3.6-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/lsblk_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/terminfo_6.4-r2_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libmount1_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libblkid1_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/libfdisk1_2.40.2-r1_i386_pentium-mmx.ipk
wget https://downloads.openwrt.org/snapshots/packages/i386_pentium-mmx/base/fdisk_2.40.2-r1_i386_pentium-mmx.ipk
opkg install *.ipk

install mt7925 kernel module:

opkg update 
opkg install kmod-mt7925e

install firmware:

mkdir -p /lib/firmware/mediatek/mt7925 && cd /lib/firmware/mediatek/mt7925
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/BT_RAM_CODE_MT7925_1_1_hdr.bin
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/WIFI_MT7925_PATCH_MCU_1_1_hdr.bin
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/mediatek/mt7925/WIFI_RAM_CODE_MT7925_1_1.bin

load kernel module:

modprobe mt7925e

watch kernel for errors:

dmesg |grep mt7925

enable wifi:

uci set wireless.radio0.disabled=0
wifi up

add the following to /etc/rc.local:

modprobe mt7925e
uci set wireless.radio0.disabled=0
wifi up

wifi pineapple nano

to flash the device continue holding the reset button for 10 seconds, then release:

the blue led will remain solid

set ip address to your usb ethernet interface:

ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up

download openwrt firmware image:

wget https://mirror-03.infra.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-hak5_lan-turtle-squashfs-sysupgrade.bin

browse to the following address to flash the device with new firmware:

http://192.168.1.1

share internet with pineapple nano:

cat > /usr/local/bin/sharenetwlan << EOF
#!/bin/bash
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD  -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -I POSTROUTING -o wlan0 -j MASQUERADE
EOF

fix permissions and run script:

chmod +x /usr/local/bin/sharenetwlan
/usr/local/bin/sharenetwlan

access pineapple nano via ssh:

ssh root@192.168.1.1

fix nameservers:

cat > /etc/resolv.conf << EOF
nameserver 4.2.2.1
nameserver 4.2.2.2
EOF

install wireless drivers:

opkg install kmod-ath9k-htc kmod-ath9k-common ath9k-htc-firmware hostapd wireless-tools wpa-supplicant

install support por sdcard:

opkg install block-mount kmod-fs-ext4 e2fsprogs parted kmod-usb-storage kmod-mmc kmod-sdhci

default hak5 pineapple nano image:

https://downloads.hak5.org/api/devices/wifipineapplenano/firmwares/recovery

references