===== Installing OpenWRT on the router for the first time =====
Go to the [[https://firmware-selector.openwrt.org/|OpenWRT firmware selector]]. Select your device. Download the "factory" firmware and install it to your router as described on the device's OpenWRT wiki page. (e.g. [[https://openwrt.org/toh/ubiquiti/edgerouter_x_er-x_ka]])
===== Generating the funkfeuer firmware image =====
- Go to the [[https://firmware-selector.openwrt.org/|OpenWRT firmware selector]].
- Select your device.
- Click on "Customize installed packages and/or first boot script".
- Add the following packages to the list
curl mtr iperf3 tcpdump olsrd olsrd-mod-jsoninfo luci-app-olsr ethtool ipip kmod-ipip
- Copy the following script and paste it to "Script to run on first boot (uci-defaults)" on the image builder website
- Replace xxx in the first line with your location's name
- (optional) change LAN_IP and LAN_NET
The script contains some default values that make configuration easier.
#openwrt config script for funkfeuer graz
#written by gabor
export FF_HOSTNAME="xxx.graz.funkfeuer.at"
export LAN_IP="192.168.10.1/24"
export LAN_NET="192.168.10.0/24"
#check if already configured. prevents overwriting settings when upgrading openwrt
[ "$(uci -q get system.@system[0].hostname)" = "$FF_HOSTNAME" ] && exit 0
#disable olsrd6 (not used in ffgraz)
/etc/init.d/olsrd6 stop
/etc/init.d/olsrd6 disable
# /etc/config/dhcp
uci del dhcp.@dnsmasq[0].server
uci del dhcp.@dnsmasq[0].address
uci del dhcp.@dnsmasq[0].filterwin2k
uci del dhcp.@dnsmasq[0].nonegcache
uci del dhcp.@dnsmasq[0].nonwildcard
uci del dhcp.@dnsmasq[0].filter_aaaa
uci del dhcp.@dnsmasq[0].filter_a
#set dns resolver to 10.12.0.10
uci add_list dhcp.@dnsmasq[0].server='10.12.0.10'
#enable reverse dns lookup for 10.12.xxx.xxx addresses
uci add_list dhcp.@dnsmasq[0].address='/.12.10.in-addr.arpa/10.12.0.10'
uci set dhcp.@dnsmasq[0].boguspriv='0'
uci del dhcp.free
uci set dhcp.free=dhcp
uci set dhcp.free.interface='free'
uci set dhcp.free.start='10'
uci set dhcp.free.limit='254'
uci set dhcp.free.leasetime='1h'
uci add_list dhcp.free.dhcp_option='6,10.12.0.10'
# /etc/config/firewall
while uci -q delete firewall.@zone[0]; do :; done
while uci -q delete firewall.@forwarding[0]; do :; done
while uci -q delete firewall.@nat[0]; do :; done
while uci -q delete firewall.@rule[0]; do :; done
uci set firewall.cfg01e63d.synflood_protect='1'
uci add firewall zone # =cfg0edc81
uci set firewall.@zone[-1].name='ff'
uci set firewall.@zone[-1].input='DROP'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='ACCEPT'
uci add_list firewall.@zone[-1].network='ffeth'
uci add_list firewall.@zone[-1].network='ffwifimesh'
uci add firewall zone
uci set firewall.@zone[-1].name='lan'
uci set firewall.@zone[-1].input='ACCEPT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='DROP'
uci add_list firewall.@zone[-1].network='lan'
uci add firewall rule # =cfg0f92bd
uci set firewall.@rule[-1].name='ssh'
uci add_list firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].src='ff'
uci set firewall.@rule[-1].dest_port='22'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].name='ssh ff'
uci add firewall rule # =cfg1092bd
uci set firewall.@rule[-1].name='olsrd'
uci add_list firewall.@rule[-1].proto='udp'
uci set firewall.@rule[-1].src='ff'
uci set firewall.@rule[-1].dest_port='698'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].name='olsrd ff'
uci add firewall zone # =cfg11dc81
uci set firewall.@zone[-1].name='free'
uci set firewall.@zone[-1].input='DROP'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='DROP'
uci add_list firewall.@zone[-1].network='free'
uci add firewall forwarding # =cfg13ad58
uci set firewall.@forwarding[-1].src='lan'
uci set firewall.@forwarding[-1].dest='ff'
uci add firewall forwarding # =cfg12ad58
uci set firewall.@forwarding[-1].src='free'
uci set firewall.@forwarding[-1].dest='ff'
uci add firewall nat # =cfg1393c8
uci set firewall.@nat[-1].name='nat free wifi to ff'
uci add_list firewall.@nat[-1].proto='all'
uci set firewall.@nat[-1].src='ff'
uci set firewall.@nat[-1].src_ip='10.14.0.0/24'
uci set firewall.@nat[-1].target='MASQUERADE'
uci add firewall nat # =cfg1393c8
uci set firewall.@nat[-1].name='nat lan to ff'
uci add_list firewall.@nat[-1].proto='all'
uci set firewall.@nat[-1].src='ff'
uci set firewall.@nat[-1].src_ip="$LAN_NET"
uci set firewall.@nat[-1].target='MASQUERADE'
uci add firewall rule # =cfg1492bd
uci set firewall.@rule[-1].name='web'
uci add_list firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].src='ff'
uci set firewall.@rule[-1].dest_port='80'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].name='web ff'
uci add firewall rule # =cfg1592bd
uci set firewall.@rule[-1].name='ssh free'
uci add_list firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].src='free'
uci set firewall.@rule[-1].dest_port='22'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule # =cfg1692bd
uci set firewall.@rule[-1].name='icmp ff'
uci add_list firewall.@rule[-1].proto='icmp'
uci set firewall.@rule[-1].src='ff'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule # =cfg1792bd
uci set firewall.@rule[-1].name='icmp free'
uci add_list firewall.@rule[-1].proto='icmp'
uci set firewall.@rule[-1].src='free'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule # =cfg0c92bd
uci set firewall.@rule[-1].name='dhcp free'
uci add_list firewall.@rule[-1].proto='udp'
uci set firewall.@rule[-1].src='free'
uci set firewall.@rule[-1].src_port='68'
uci set firewall.@rule[-1].dest_port='67'
uci set firewall.@rule[-1].target='ACCEPT'
# /etc/config/network
uci del network.wan
uci del network.wan6
uci del network.lan.netmask
uci del network.lan.ipaddr
uci add_list network.lan.ipaddr="$LAN_IP"
uci del network.globals.ula_prefix
uci set network.globals.packet_steering='1'
uci add network device # =cfg080f15
uci set network.@device[-1].type='bridge'
uci set network.@device[-1].name='br-free'
uci set network.@device[-1].bridge_empty='1'
uci del network.free
uci set network.free=interface
uci set network.free.device='br-free'
uci set network.free.proto='static'
uci add_list network.free.ipaddr='10.14.0.1/24'
# /etc/config/wireless
i=0
while uci -q get "wireless.radio$i"
do
uci set wireless.wifinetfree$i=wifi-iface
uci set wireless.wifinetfree$i.device=radio$i
uci set wireless.wifinetfree$i.mode='ap'
uci set wireless.wifinetfree$i.ssid='Free WiFi - graz.funkfeuer.at'
uci set wireless.wifinetfree$i.encryption='none'
uci set wireless.wifinetfree$i.network='free'
uci set wireless.wifinetfree$i.disabled='1'
i=$(( $i + 1 ))
done
# /etc/config/system
uci del system.ntp.enabled
uci del system.ntp.enable_server
uci set system.cfg01e48a.hostname=$FF_HOSTNAME
uci set system.cfg01e48a.zonename='Europe/Vienna'
uci set system.cfg01e48a.timezone='CET-1CEST,M3.5.0,M10.5.0/3'
uci set system.cfg01e48a.log_proto='udp'
uci set system.cfg01e48a.conloglevel='8'
uci set system.cfg01e48a.cronloglevel='5'
# /etc/config/wireless
while uci -q delete olsrd.@Interface[0]; do :; done
uci set olsrd.@LoadPlugin[-1].ignore='0'
uci set olsrd.@LoadPlugin[-1].library='olsrd_jsoninfo'
while uci -q delete olsrd.@InterfaceDefaults[0]; do :; done
uci add olsrd InterfaceDefaults
uci set olsrd.@InterfaceDefaults[-1].Mode='ether'
uci set olsrd.@InterfaceDefaults[-1].Ip4Broadcast='255.255.255.255'
- Click on "Request Build" and wait for the build to complete.
- Download the newly built custom sysupgrade image
- Log in to your router using the web interface ([[http://192.168.1.1|http://192.168.1.1]])
- Go to "System->Backup/Flash Firmware"
- Click on "Flash image" and select your newly downloaded sysupgrade image.
- Untick the box "Keep settings and retain the current configuration"
- Click "Continue"
===== Accessing the router =====
After the installation has completed the router should be reachable by connecting to it LAN port using the configured LAN_IP (192.168.10.1 as default).
===== TODO: add interfaces for olsrd, setup olsrd, setup wifi, setup free wifi =====
==== diverse ergaenzungen und configs, noch zu pruefen (w 20260228) ====
* ''%%vim /etc/crontabs/root%%''
*/5 * * * * killall -HUP dnsmasq # keine ahnung warum - zu pruefen
*/5 * * * * /usr/sbin/ff_olsr_watchdog # keine ahnung warum - zu pruefen
###
#05 3 * * 6 /sbin/reboot # zur sicherheit einmal in der woche reboot oder
05 3 * * * /bin/sleep 65m ; /sbin/reboot # reboot zur sicherheit einmal am tag; der sleep fuer den fall das die rtc-batterie leer und timeserver nicht sofort erreichbar ist
#10 * * * * /usr/bin/iwinfo radio0 scan # initialisiert das wlan, bei schlechten verbindungen - zu pruefen
###
* ''%%vim /etc/config/wireless%%''
* 2,4ghz
### info: achtung, bei aenderungen uebers webinterface werden die kommentare geloescht!
config wifi-device 'radio0'
option type 'mac80211'
### nicht mehr unterstuetzt?
#option hwmode '11g'
### nicht mehr unterstuetzt?
#option path 'platform/ar934x_wmac'
option path 'platform/ahb/18100000.wmac'
### neue option - ab welcher openwrt-version gueltig?
option band '2g'
option country 'AT'
option htmode 'HT20'
### frag:
### Set Fragmentation Threshold value between 800 . 1500
### Available Settings: range from 256 to 2346 (?) 2346 recomended
option frag '512'
### rts:
### set RTS Threshold value between 1800 . 2300
### Available Settings: range from 0 to 2347, Default + Recommended Setting: 2347
option rts '250'
### txpower: 20 max!, aber so niedrig wie moeglich
option txpower '3'
### distace: tatsaechliche entfernung in meter
option distance '1000'
#option channel '1'
#option channel '3'
#option channel '5'
#option channel '7'
#option channel '9'
#option channel '11'
option channel '13'
### zum testen 20170521
#option disabled '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'wlan'
option encryption 'none'
option mode 'adhoc'
#option ssid 'http://graz.funkfeuer.at/v1'
#option bssid 'CA:00:24:00:C0:01'
#option ssid 'http://graz.funkfeuer.at/v3'
#option bssid 'CA:00:24:00:C0:03'
#option ssid 'http://graz.funkfeuer.at/v5'
#option bssid 'CA:00:24:00:C0:05'
#option ssid 'http://graz.funkfeuer.at/v7'
#option bssid 'CA:00:24:00:C0:07'
#option ssid 'http://graz.funkfeuer.at/v9'
#option bssid 'CA:00:24:00:C0:09'
#option ssid 'http://graz.funkfeuer.at/v11'
#option bssid 'CA:00:24:00:C0:11'
option ssid 'http://graz.funkfeuer.at/v13'
option bssid 'CA:00:24:00:C0:13'
* 5,6ghz
### info: achtung, bei aenderungen uebers webinterface werden die kommentare geloescht!
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11a'
option path 'platform/ar934x_wmac'
option country 'AT'
option htmode 'HT20'
### frag:
### Set Fragmentation Threshold value between 800 . 1500
### Available Settings: range from 256 to 2346 (?) 2346 recomended
### frag: fuer 5,6ghz bei grosser entfernung / schlechten empfang -> 800
option frag '800'
### rts:
### set RTS Threshold value between 1800 . 2300
### Available Settings: range from 0 to 2347, Default + Recommended Setting: 2347
### rts: fuer 5,6ghz bei grosser entfernung / schlechten empfang -> 2300
option rts '2300'
### txpower: 20 max!
### keine txpower bei 5,6 - zu pruefen
#option txpower '3'
### distace: tatsaechliche entfernung in meter
option distance '1000'
#option channel '36'
#option channel '40'
#option channel '44'
#option channel '48'
#option channel '100'
#option channel '104'
#option channel '108'
#option channel '112'
#option channel '116'
#option channel '120'
#option channel '124'
#option channel '128'
#option channel '136'
option channel '140'
### keine ahnung warum, ist aber gut ;)
option beacon_int '5000'
### zum testen 20170521
#option disabled '1'
config wifi-iface
option device 'radio0'
option network 'wlan'
### haben wir einen accesspoint 'ap' oder eine 'station'?
#option mode 'ap'
option mode 'sta'
option encryption 'none'
### bitte nodebezeichnung ergaenzen: aktueller standort xxx1, gegenseite xxx2
option ssid 'xxx1-xxx2.ffgraz.net'
#option ssid 'OpenWrt'
### https://forum.openwrt.org/viewtopic.php?id=43188
option disassoc_low_ack '0'