Differences

This shows you the differences between two versions of the page.

--- lwc:hardware:wm02_nano_router [2020/11/26 18:05] – created John Harrison
+++ lwc:hardware:wm02_nano_router [2021/08/30 15:20] (current) – [Loading new images] John Harrison
@@ Line 6: / Line 6: @@
 ==== Commands: ====
-Enable wireless:
+  * Enable wireless: ''uci set wireless.@wifi-device[0].disabled=0; uci commit wireless; wifi''
+  * Reset to factory defaults:
+    * mount_root
+    * mtd -r erase rootfs_data
+    * reboot -f
-<HTML><blockquote>
+   * 1to see see iptables rules generated:  use fw3 print
-<HTML><blockquote>
+   * with a "deny all" rules the below rules would allow LAN to access snappykids.cc IP only
-uci set wireless.@wifi-device[0].disabled=0; uci commit wireless; wifi
+     * iptables -t filter -I zone_wan_output -p tcp -d 173.236.164.109/255.255.255.255 -m comment --comment "!fw3: allow-SnappyKids" -j zone_wan_dest_ACCEPT
-</blockquote></HTML></blockquote></HTML>
+     * iptables -t filter -I zone_wan_output -p udp -d 173.236.164.109/255.255.255.255 -m comment --comment "!fw3: allow-SnappyKids" -j zone_wan_dest_ACCEPT
-Reset to factory defaults:
-  * mount_root
-  * mtd -r erase rootfs_data
-  * reboot -f
+   * sysupgrade from cmd line: sysupgrade -v /tmp/filename-of-downloaded-sysupgrade.bin
+    * Use flag -n if configuration flags should not be kept
+   * to monitor packets being transmitted use tcpdump. It only catches packets that are actually transmitted tho maybe and not stuff blocked by iptables?
-to see see iptables rules generated:  use fw3 print
+   * use logread not dmsg to see messages from startup
-with a "deny all" rules the below rules would allow LAN to access snappykids.cc IP only
+   * enable init script with /etc/init.d/script enable
-  * iptables -t filter -I zone_wan_output -p tcp -d 173.236.164.109/255.255.255.255 -m comment --comment "!fw3: allow-SnappyKids" -j zone_wan_dest_ACCEPT
+   * get the MAC address of the router:  arp -n | grep `route -n | awk '/UG/{1print $2}'` | awk '{print $4}'
-  * iptables -t filter -I zone_wan_output -p udp -d 173.236.164.109/255.255.255.255 -m comment --comment "!fw3: allow-SnappyKids" -j zone_wan_dest_ACCEPT
+     * "B" has 00:00:00:04:6d:b3
+     * on 8-Mar-2018 "B" has 50:6a:03:a5:4a:1a (?)
-sysupgrade from cmd line: sysupgrade -v /tmp/filename-of-downloaded-sysupgrade.bin
+       * eth0, eth0.1, br-lan, wlan0 has 00:0A:EB:38:0D:4D
-  * Use flag -n if configuration flags should not be kept
+       * eth0.2 has 02:0A:EB:38:0D:4E
+     * stock: 78:20:08:00:97:5B
-to monitor packets being transmitted use tcpdump. It only catches packets that are actually transmitted tho maybe and not stuff blocked by iptables?
+     * stock labeled "standard": 78:20:08:00:97:5f
-use logread not dmsg to see messages from startup
+   * log example: logger testLog "Blah1" # testlog writes "Blah1"
-enable init script with /etc/init.d/script enable
+   * to get sshfs to work do an opkg update then opkg install openssh-sftp-server
-get the MAC address of the router:  arp -n | grep `route -n | awk '/UG/{1print $2}'` | awk '{print $4}'
+   * hexdump -C shows you file contents with hex
-"B" has 00:00:00:04:6d:b3
+   * mount example for fat32 read only: mount -t vfat /dev/sdc2 /mnt/share -o ro
-on 8-Mar-2018 "B" has 50:6a:03:a5:4a:1a (?)
+   * using opkg:
-  * eth0, eth0.1, br-lan, wlan0 has 00:0A:EB:38:0D:4D
+     * use --force-depends if the kernel version doesn't match.
-  * eth0.2 has 02:0A:EB:38:0D:4E
+   * get link status of ethernet port:  dmesg | tail | grep "link changed" | tail -c 3 | head -c 1
+   * memory usage by process: cat /proc/meminfo
-stock: 78:20:08:00:97:5B
-stock labeled "standard": 78:20:08:00:97:5f
-log example: logger testLog "Blah1" # testlog writes "Blah1"
-to get sshfs to work do an opkg update then opkg install openssh-sftp-server
-hexdump -C shows you file contents with hex
-mount example for fat32 read only: mount -t vfat /dev/sdc2 /mnt/share -o ro
-using opkg:
-  * * use --force-depends if the kernel version doesn't match.
-get link status of ethernet port:  dmesg | tail | grep "link changed" | tail -c 3 | head -c 1
-memory usage by process: cat /proc/meminfo
 ==== Host Machine ====
@@ Line 56: / Line 45: @@
 ==== SSH in: ====
-must ssh in as root. The magical incantation is:  ssh -i /path/to/nano1_rsa root@<IP ADDRESS>
+  * must ssh in as root. The magical incantation is:  ssh -i /path/to/nano1_rsa root@<IP ADDRESS>
-if the certificate fails, make sure PubkeyAuthentication no is commented out in /etc/ssh/ssh_config
+  * if the certificate fails, make sure PubkeyAuthentication no is commented out in /etc/ssh/ssh_config
-  * it may be necessary to restart the ssh service after making this change: sudo systemctl reload ssh.service
+    * it may be necessary to restart the ssh service after making this change: sudo systemctl reload ssh.service
 ==== OpenWRT and firmware ====
-[[https://github.com/hynnet/openwrt-mt7620|openWRT-mt7620]] - an openWRT build that include ralink-utils which has ated and friends
+  * [[https://github.com/hynnet/openwrt-mt7620|openWRT-mt7620]] - an openWRT build that include ralink-utils which has ated and friends
-[[https://www.gargoyle-router.com/old-openwrt-coding.html|compiling a simple program for openWRT]]
+  * [[https://www.gargoyle-router.com/old-openwrt-coding.html|compiling a simple program for openWRT]]
-[[https://watchmysys.com/blog/2015/10/build-package-your-software-for-openwrt/|building and packaging your own software for openWRT]]
+  * [[https://watchmysys.com/blog/2015/10/build-package-your-software-for-openwrt/|building and packaging your own software for openWRT]]
-  * [[https://wiki.openwrt.org/doc/howtobuild/single.package|how to build a single package]]
+    * [[https://wiki.openwrt.org/doc/howtobuild/single.package|how to build a single package]]
 ==== RT5350 SDK Firmware ====
   * [[https://github.com/noblepepper/ralink_sdk|RT5350 SDK]]
 ===== NTP server =====
@@ Line 77: / Line 64: @@
   * add into /etc/config/dhcp in the lan area: list dhcp_option '42,192.168.53.1' (assuming 192.168.53.1 is the address of the nano router itself on the lan)
   * not sure if it matters or not but in /etc/config/system we have
+<code>
-<HTML><blockquote>
-<HTML><blockquote>
 config timeserver 'ntp'
-</blockquote></HTML>
-<HTML><blockquote>
         option enabled '1'
-</blockquote></HTML>
-<HTML><blockquote>
         option enable_server '1'
+</code>
-</blockquote></HTML></blockquote></HTML>
   * not sure why but ESP8266 isn't always getting it
@@ Line 98: / Line 74: @@
 (based on https://openwrt.org/docs/guide-user/network/wifi/dumbap)
-\\
 Change /etc/config/network to read:
+<code>
-<HTML><blockquote>
 config interface 'loopback'
         option ifname 'lo'
         option proto 'static'
         option ipaddr '127.0.0.1'
         option netmask '255.0.0.0'
-\\
-config globals 'globals'
+config globals 'globals'
         option ula_prefix 'fd38:6ad4:9ddd::/48'
-\\
-config interface 'lan'
-        option type 'bridge'
-        option ifname 'eth0.1'
+config interface 'lan'
+        option type 'bridge'
+        option ifname 'eth0.1'
         option proto 'dhcp'
-\\
-config device 'lan_dev'
+config device 'lan_dev'
         option name 'eth0.1'
-\\
-config switch
-        option name 'rt305x'
-        option reset '1'
+config switch
+        option name 'rt305x'
+        option reset '1'
         option enable_vlan '1'
-\\
 config switch_vlan
+        option device 'rt305x'
+        option vlan '1'
-        option device 'rt305x'
-        option vlan '1'
         option ports '0 1 2 3 4 6t'
+</code>
-</blockquote></HTML>
-\\
 Disable DHCP server, DHCP6 server, firewall, acceptions:
-<HTML><blockquote>
+<code>
 /etc/init.d/dnsmasq disable
 /etc/init.d/dnsmasq stop
 /etc/init.d/odhcpd disable
 /etc/init.d/odhcpd stop
 /etc/init.d/firewall disable
+/etc/init.d/firewall stop
+/etc/init.d/acceptions disable
+/etc/init.d/acceptions stop
+</code>
+Restart network:''/etc/init.d/network reload''
-/etc/init.d/firewall stop\\
-/etc/init.d/acceptions disable\\
-</blockquote></HTML>
-> /etc/init.d/acceptions stop
-<HTML><blockquote>
-<HTML><blockquote>
-\\
-</blockquote></HTML></blockquote></HTML>
-Restart network:
-<HTML><blockquote>
-/etc/init.d/network reload
-</blockquote></HTML>
 ==== Links: ====
@@ Line 270: / Line 141: @@
   * sudo apt install  tftpd-hpa
+  * set serial baud rate to 57600
   * choose option "2" in bootloader
   * firmware goes in /var/lib/tftpboot
@@ Line 280: / Line 152: @@
 ==== Memory Layout: ====
+<code>
-<HTML><blockquote>
 dev:    size   erasesize  name
 mtd0: 00030000 00001000 "u-boot"
 mtd1: 00010000 00001000 "u-boot-env"
 mtd2: 00010000 00001000 "factory"
 mtd3: 003b0000 00001000 "firmware"
 mtd4: 00126852 00001000 "kernel"
 mtd5: 002897ae 00001000 "rootfs"
 mtd6: 000c0000 00001000 "rootfs_data"
-\\
 x00000000-0x00800000 : "ALL"
 x00000000-0x00030000 : "Bootloader"
 x00030000-0x00040000 : "Config"
 x00040000-0x00050000 : "Factory"
 x00050000-0x01000000 : "Kernel"
+</code>
-\\
-\\
 from the stock:
+<code>
 /proc/mtd# cat /proc/mtd
 dev:    size   erasesize  name
 mtd0: 00800000 00010000 "ALL"
 mtd1: 00030000 00010000 "Bootloader"
 mtd2: 00010000 00010000 "Config"
 mtd3: 00010000 00010000 "Factory"
 mtd4: 007b0000 00010000 "Kernel"
+</code>
-</blockquote></HTML>
 ==== Todo: ====
   * check the allow dns rule
@@ Line 417: / Line 188: @@
 //Attached: latest mpr-a1 LEDE firmware with bitbucket customizations//
+{{ :lwc:hardware:wm02_nano_router:openwrt-ramips-rt305x-vmlinux.bin |}}
+{{ :lwc:hardware:wm02_nano_router:lede-ramips-rt305x-mpr-a1-squashfs-sysupgrade.bin |}}