FAQ:OpenWRT

From Leurent
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Perso

Install basic packages

opkg update
opkg install diffutils lsof usbutils htop screen

# Install SNMP
opkg install snmpd luci-app-snmpd

# Be able to mound USB drivers
opkg install mount-utils block-mount kmod-usb-storage kmod-fs-ext4 kmod-fs-vfat kmod-fs-exfat kmod-fs-ntfs kmod-usb-storage-uas kmod-fs-hfs kmod-fs-hfsplus 

# Install samba4
opkg install luci-app-samba4 samba4-server samba4-utils

opkg install dnsmasq-full
# Go in http://10.146.199.1/cgi-bin/luci/admin/network/dhcp Advanced Settings and enable both DNSSEC option

List overlay installed packages

root@OpenWrt:~# find /usr/lib/opkg/info -name "*.control" \( \
         \( -exec test -f /rom/{} \; -exec echo {} rom \; \) -o \
         \( -exec test -f /overlay/upper/{} \; -exec echo {} overlay \; \) -o \
         \( -exec echo {} unknown \; \) \
         \) | sed -e 's,.*/,,;s/\.control /\t/' | grep overlay | awk '{print $1}' | tr "\n" " " | xargs echo opkg install 

opkg install librt libcap libncurses6 libuv1 libpopt0 kmod-nls-utf8 libopenssl1.1 libsmartcols1 libusb-1.0-0 bind-client samba4-server libavahi-dbus-support ddns-scripts libpcap1 libattr luci-app-ddns terminfo diffutils libexpat ddns-scripts-nsupdate libtirpc attr libdbus hostapd-utils block-mount kmod-fs-hfs libavahi-client libgnutls zlib dbus lsof samba4-utils kmod-usb-storage kmod-fs-exfat libnettle7 vim kmod-fs-hfsplus libuuid1 kmod-fs-vfat libpci mount-utils avahi-dbus-daemon libtasn1 kmod-fs-ntfs snmpd kmod-scsi-core kmod-usb-storage-uas tcpdump usbutils libpam luci-compat libdaemon htop libgmp10 kmod-nls-cp437 luci-lib-ipkg libreadline8 kmod-fs-ext4 libmount1 kmod-nls-iso8859-1 libblkid1 wpad kmod-crypto-crc32c libatomic1 samba4-libs libnetsnmp luci-app-samba4 luci-app-snmpd bind-libs screen

DDNS

Install ddns-scripts-nsupdate

  • On the server that will generate Kopenwrt.+157+55429.key and Kopenwrt.+157+55429.private files
dnssec-keygen -a HMAC-md5 -b 512 -n USER openwrt
  • In the /etc/bind9/named.conf.local, update section like this one
key openwrt {
        algorithm HMAC-MD5;
        secret "ADDTHEKEYFROM_openwrt_PRIVATE_FILE";
};

zone "leurent.eu" {
        type master;
        notify yes;
        file "/etc/bind/leurent/leurent.eu.db";
        update-policy { grant openwrt name openwrt.leurent.eu A; };
        ...
};


  • On openwrt box, you can install ddns-scripts-nsupdate + LUCI Interface and have a look at /usr/lib/ddns/update_nsupdate.sh to see how it works
opkg install ddns-scripts-nsupdate luci-app-ddns
  1. Now you can go in LUCI Services / Dynamic DNS section
  2. Use the bind-nsupdate client
    1.  In Basic Settings
      1. Set Lookup Hostname = openwrt.leurent.eu
      2. Set DDNS Service provider [IPv4] = bind-nsupdate
      3. Set Domain = openwrt.leurent.eu
      4.  Set Username = openwrt
      5. Set Password = For the password copy the "secret" of the HMAC-MD5 key
    2. In Advanced Settings
      1.  Set DNS-Server = ns1.leurent.eu

System Commands

Upgrade all packages

screen
opkg update
opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade

cf https://lede-project.org/docs/user-guide/opkg


Use a Huawei USB LTE HiLink Modem as 4G Backup on my OpenWRT Router


  • Install usb-modeswitch and kmod-usb-net-rndis to switch the LTE stick from USB storage to USB LTE Modem
opkg update
opkg install kmod-usb-net-rndis usb-modeswitch
  • Verify the mode did switch, otherwise insert back the key or reboot
root@LEDE:~# lsusb | grep LTE
Bus 002 Device 003: ID 12d1:14dc Huawei Technologies Co., Ltd. E33372 LTE/UMTS/GSM HiLink Modem/Networkcard
  • Verify that you have a new network interface (eth2 in my case)
root@LEDE:~# dmesg | grep cdc_ether
[   16.075790] usbcore: registered new interface driver cdc_ether
[   19.232911] cdc_ether 2-1:1.0 eth2: register 'cdc_ether' at usb-f10f8000.usb3-1, CDC Ethernet Device, 0c:5b:8f:xx:xx:xx
  • Setup a new wwan interface with eth2 + DHCP mode
uci set network.wwan=interface
uci set network.wwan.ifname='eth2'
uci set network.wwan.proto='dhcp'
uci commit
  • Enable firewall on wwan
uci add_list firewall.@zone[1].network='wwan'
uci commit
  • Restart Router
reboot
  • Go in LUCI Interfaces / Network / Interfaces - WWAN / Advanced Configuration / Set Use gateway metric = 10. So you can see afterwards that the route via WWAN interface is used as backup if the default route goes down
root@OpenWrt:~# ip route
default via 212.147.11.76 dev pppoe-wan 
default via 192.168.8.1 dev eth2  src 192.168.8.100  metric 10 
10.146.199.0/24 dev br-lan scope link  src 10.146.199.1 
192.168.8.0/24 dev eth2 scope link  metric 10 
212.147.11.76 dev pppoe-wan scope link  src 83.228.247.238