OpenWrt Explained
OpenWrt is a Linux-based operating system primarily used for embedded devices such as routers. Unlike traditional router firmware, it provides a fully writable file system with package management. This allows users to customize their router's functionality by installing specific application packages, freeing them from vendor limitations. OpenWrt also typically supports devices longer than the original firmware and offers a large, helpful community.
Here are some key aspects of OpenWrt:
Installation and Basic Configuration¶
- Hardware Requirements: When selecting a new router for OpenWrt, it is recommended to look for devices with "more than 8MB of flash and more than 64MB of RAM" to ensure full functionality of the operating system and GUI.
- Firmware Selection: It is crucial to choose the correct firmware file for the specific model and hardware version of the router (e.g., "WR841N" hardware version "8"), as using the wrong file may "brick" the device. The correct firmware file will end with "factory.bin".
- Flashing Process: Flashing is done through the router's web interface, and users should connect using an Ethernet cable and navigate to the "System Tools" -> "Firmware Upgrade" page.
- Initial Access: After installation, access OpenWrt through the router's IP address (usually 192.168.1.1) via the LuCI web interface.
- Security Hardening: The first step after installation should be to set the root password for enhanced security and configure the device as a Wi-Fi access point.
- Wireless Settings: By default, wireless is turned off, and it must be manually enabled in the LuCI interface for the wireless access point functionality to work properly.
- Basic Network Configuration: OpenWrt allows configuration of DHCP leases, network interfaces, and port forwarding settings.
- Changing LAN IP Address: This tutorial demonstrates how to change the router's default LAN IP address (e.g., changing to 192.168.9.1). However, DHCP settings must be manually edited to prevent conflicts.
Advanced Configuration and Features¶
- Wireless Client Mode (AP Client): OpenWrt can be configured as a wireless client to connect to an existing network and then redistribute that connection to devices on the LAN, which is useful for extending existing network coverage.
- System Logs: OpenWrt stores comprehensive logs that provide real-time information about network operations, such as which devices have received IP addresses and general activity. These logs provide a good overview of the current network configuration.
- LuCI Application: This tutorial introduces the installation of luci-app-statistics, which provides a good view of "router historical data charts," such as CPU, RAM, ping times, and system uptime.
- Configuration Files: OpenWrt's configuration files use a section and option/value structure and are located in /etc/config/.
- The general syntax is config
[" "] for sections, option " " for options. These files are parsed by the shell.
- The general syntax is config
- Network Configuration: Network interface configurations are stored in /etc/config/network. These can be set to "none," "static," "dhcp," or "pppoe" protocols. When using the static method, the ipaddr and netmask options are mandatory.
- Switch Configuration: OpenWrt supports switch configuration for setting up VLANs.
- Switch configurations are stored in /etc/config/network.
- On Broadcom hardware, the section name needs to be eth0.
- Each VLAN needs to have a name vlan
, where n is the VLAN number. These values can include: * (for setting the default VLAN), u (untagged), and t (tagged). The CPU port on Broadcom hardware is port 5.
- Wireless Configuration: WiFi settings are configured in /etc/config/wireless, and each wireless driver has a configuration file in /lib/wifi/
.sh. - Some options you can set for wifi devices include: distance, mode, diversity, rxantenna, txantenna, txpower.
- Options for wifi interfaces include: network, device, mode, ssid, and bssid.
- Supported modes include: access point, client, ad-hoc, monitor, and WDS point-to-point.
- 802.1x Authentication: OpenWrt supports 802.1x authentication (client and access point configuration), with EAP types being TLS, TTLS, or PEAP.
Development and Customization¶
- Build System: The OpenWrt build system allows developers to create custom firmware images using a cross-compilation process.
- Source Code: OpenWrt is available through a Subversion repository. Major directories include tools, toolchain, package, and target.
- Building Images: The command make menuconfig is used to configure the build process, including selecting platforms, toolchains, and required packages.
- Packages: Almost everything in OpenWrt firmware is a package (.ipk). These packages can be added to the firmware to provide new features or removed to save space.
- Build Environment: OpenWrt provides a method to build images for multiple configurations using the command ./scripts/env.
- Creating Packages: To create a package, create a makefile that will automatically show up in the menu the next time make menuconfig is run.
- Some options you can configure include: PKG_NAME, PKG_VERSION, PKG_RELEASE, PKG_SOURCE, PKG_SOURCE_URL, PKG_MD5SUM, PKG_CAT, PKG_BUILD_DIR.
- You can also add information such as DEPENDS, BUILDONLY Package/
/conffiles. - You will also need to define Build/Compile, Build/Install, and Package/
/install options.
- Creating Kernel Module Packages: You can create packages for modules provided with the mainline kernel as well as external kernel modules by defining a KernelPackage section.
- Configurable options include TITLE, DESCRIPTION, SUBMENU, KCONFIG, FILES, and AUTOLOAD.
- Troubleshooting: The command TOPDIR=$PWD make -C package/
DUMP=1 V=99 can help diagnose whether a package is correctly displayed in menuconfig. You can also use commands like make package/ /clean V=99 or make package/ /install V=99 to clean or install specific packages. - Adding Platform Support: Many devices run Linux operating systems, even if the firmware is not open to consumers. OpenWrt can be ported to these devices by discovering whether they already run Linux and looking for developer toolkits.
- Useful techniques for this include: operating system fingerprinting, port scanning, analyzing binary firmware images, checking flash amounts, and inserting serial ports.
- Once a developer toolkit is found, kernel patches and binary drivers can be adjusted for OpenWrt, and new flash mapping drivers and firmware build tools can be developed.
- Reporting Bugs: OpenWrt uses a Trac system for bug reporting.
- Reporters can open tickets for bugs, new packages, or feature requests.
- Developers can close, accept, and fix tickets.
Other Information¶
- SSH: Command-line access to OpenWrt is typically done using SSH.
- Text Editors: vi and vim can be used to edit text files in the command line. Common shortcuts can be found in the FAQ.
- Windows Management Tools: Tools like cmder, SmarTTY, PuTTY, and WinSCP can be used to manage OpenWrt from Windows.
- WAN and WAN6 Interfaces: WAN and WAN6 interfaces are used for upstream IPv4 and IPv6 connections, respectively. The LAN interface handles downstream IPv4 and IPv6, eliminating the need for a separate LAN6 interface.
- Hotplug: OpenWrt can be dynamically configured based on events using hotplug, which is configured using scripts.
- Init Scripts: All init scripts need to be installed as /etc/init.d/name and wrapped using /etc/rc.common. These scripts are used to start system services.
- Network Scripts: Network scripts can be accessed by including /lib/network. These scripts help manage interfaces and have functions like find_config and setup_interface.