Get the most out of your router with OpenWrt: wireless freedom

openwrt.org // #openwrt@Freenode

OpenWrt is a distribution GNU / Linux based on Debian GNU / Linux that allows us to take advantage of the technical characteristics of our router to the maximum beyond the use that we could give it with the firmware that the manufacturer installed.

If we look for OpenWrt in the Wikipedia We can read:

«OpenWrt is a firmware-based GNU / Linux distribution used for embedded devices such as personal routers.
Support was originally limited to the Linksys WRT54G, but since its rapid expansion, support for other manufacturers and devices has been included, including the Netgear, D-Link, ASUS, and a few others. The most popular router is still the Linksys WRT54G and the ASUS WL500G. OpenWrt It primarily uses a command line interface, but also has an ever-improving WEB interface. Technical support is provided as in most Free Software projects, through forums and its IRC channel.

The development of OpenWrt It was initially promoted thanks to the GPL license, which forced all those manufacturers who modified and improved the code, to release it and contribute more and more to the project in general.

Little by little, the software has been growing and there are implemented features that many other manufacturers of commercial devices for the non-professional sector do not have, such as QoS, VPN and other features that provide OpenWrt of a really powerful and versatile device, suitable to use the hardware where it runs OpenWrt not just for use as routers, but as file servers, P2P nodes, WEBcam servers, firewalls or VPN gateways. »

OpenWrt and dd-wrt

In addition to OpenWrt There are dd-wrt which is a third party fork of OpenWrt with the aim of offering a commercial product; this way you can buy routers with the firmware dd-wrt already embedded and also paid support for maintenance and incidents in them.

The main difference between OpenWrt y dd-wrt is that the latter does not have a console for shell access, does not support the installation of new software and is basically a commercial version of OpenWrt which is much closer to the firmware that the different commercial routers can bring from the factory but with more powerful characteristics.

Some of the points in which it stands out dd-wrt is in its user interface as it is much more attractive than that of OpenWrt with more polished applications geared towards end users and not sysadmins or hobbyists.

Another important difference is that generally the firmware of dd-wrt is on the same line as the 'stable' firmware of OpenWrt and therefore somewhat behind the development version which, to be fair, is doing incredibly well and for the moment rock solid, I never had any problems.

Although at first glance dd-wrt not seem as interesting as OpenWrt it is good to keep this in mind for those cases where there is no firmware OpenWrt for our device or we want to have a more elegant interface suitable for the average user.

Both projects, OpenWrt y dd-wrt They have a large community each one that maintains both projects in continuous development, which guarantees us to have support for a long time. These communities are open and friendly, although before making a query, the user is asked to read the appropriate documentation and review the wiki and forums, since it is certain that his query has already been made and answered previously.

Of course, queries like "I installed openwrt and nothing is wrong, what do I do?" Are not welcome and will possibly cause more than one, at least, to explain that everything is solved with a sudo rm -rf / and entering your password> = D

Characteristics OpenWrt

The advantages of using OpenWrt they are multiple:

1. is a fully functional mini distro, "mini" here means that:

a) has a limited number of packages available
b) It is designed to be as small as possible and that we can install it in small storage spaces (as much as 2mb!) and that it also works with MIPS CPUs of only 300mhz.

1. Wifi modules are optimized so using OpenWrt We will make better use of our router since it will have a better signal: it will be more powerful and clearer than with the stock firmware that it came with from the factory.
2. although high-end, processor-intensive applications such as PHPWe do have an interesting variety of software to install depending on the technical qualities of our device.
3. . If we have the space and the appropriate calculation capacity, we can have the desired web server running alongside:

a) a file server - NFS y SMB / CIFS
b) a client IRC (in my case weechat) with the client for instant messaging BitlBee coupled. In this way and as long as we do not turn off or boot the router we will be 100% online. Attention: IRC logs, especially if we are connected to several channels (in my case at the moment there are 31) can take up a lot of space very quickly. If we are going to run an IRC client on the router, I recommend connecting an external storage unit and saving the logs there.
c) create or be part of an Open Mesh network or mesh wireless networks, also known as BATMAN
d) web servers like uhttp y
e) infinity of security applications such as Kismet, aircrack-ng, arpwatch and macchanger among others; the possibilities are limitless! For example: suppose that for X reason they need to access a certain Wi-Fi network but of course they do not know their pwd or the MAC addresses allowed to connect, theoretically they could use a simple router to which they install OpenWrt with the necessary applications and configure it to sniff wireless traffic, search for passwords, obtain registered MAC addresses, connect to networks and send you an email advising you that they are within said network, with the necessary data so that you can. connect from wherever they are. Once this is done, all they have to do is find a place where they can hide the device connected to the electrical network, as close as possible to the networks in which they are interested and let it do its magic ;-D
(Tom Cruise is a bean next to us and as El Indio said before selling himself, «The future came a time ago")
f) print server, time server (NTP), Etc.
g) Being a distro designed by geeks and for geeks obviously we will be able to access via ssh and in fact we must do it like this at the beginning to install the graphical interface and configure it: isn't it beautiful !?
h) possibility to create a virtually unlimited number (only limited by the HW itself) of Wifi networks =)
i) all the power of the best firewall in the world, iptables at our service both from the console and from the graphical interface.
j) applications like tmux are at hand, just do a # opkg update && opkg install tmux so that working in the console within our router is a pleasure
k) As you may have noticed, the package manager uses a syntax similar to the package manager Debian GNU / Linux Yes why opkg it is based on the old ipkg which in turn took dpkg / apt as a reference. Be careful, don't get any illusions about this package manager, it is not nearly as powerful or flexible as its older brothers, but it does its job very well.
l) We have several Web interfaces so that we can choose depending on our personal taste and preferences. For my part and after trying them all I was left with Lights since it is the lightest and allows me to access a wide range of functions of OpenWrt. That it is light is not a minor data since my home router is a humble TP-Link TL-WR2573ND and the available flashable space is only 8mb, therefore the less space I use in trivia like a loaded and pretty web interface the more space I will have to load applications.
m) among other functions has full support of Jumbo Frames and VLANS!
n) Other features include those that most home / SOHO routers come out of the box such as ARP binding, static routing, hostnames, DHCP binding, time access control, ability to use multiple DNS for each network, etc.
o) Being a GNU / Linux distro we will have full access to the system logs, kernel logs, daemons that we want to run at startup, etc., all the same as with the distro they are using.
p) It includes nice -and useful- hacks to make the router lights respond to specific actions, in this way, we can configure them to flash in a certain way depending on how we are using the device (wired, wireless network, such as router, switch, etc.), when we access USB devices connected to the router such as an external hard drive or a printer, etc.
q) among other applications we can install VPN manager, Nagios, Munin (an improved and Free Nagios), install an MTD (Mail Transport Delivery) and turn it into an email server, install mc (Midnight commander), an Avahi / Bonjour / Zeroconf server, if we have an external HD connected to our music collection we can run the demon of the mpd in the router which will allow us to connect them to it from any machine that connects to the router regardless of whether they are on different networks, etc.
r) There are hundreds of more packages of all kinds so that you can do practically what you want with your router, not to mention if you have a fucking device. As always with GNU / Linux, the only limit is the user's imagination

Ultimately, OpenWrt is the kid's dream come true = D

Recovery mode / FAILSAFE

It is important to note that it is very possible that the first times we have installed this fabulous firmware we will be left out of the router for configuring something wrongly or for deleting or renaming something that we should not have touched - but that our curious nature pushes us to do it xD

In fact, the editor who signs this note, I mean, had the great idea of ​​deleting the network interfaces to reconfigure them effectively staying outside the router and not being able to access it since although the embedded system was working wonders there was no network interface enabled - yeah, I'm a genius, bad! BOLUDO !!!

The developers of OpenWrt have foreseen such cases and provide an interface for safe boot mode -fail safe- so that we can make an emergency access and reset the system.

It is important to take this into account because with the firmware of OpenWrt It is almost certain that the reset button of your routers will not work as expected, that is to say that you restore the configuration of the same to the factory settings. In fact, the button is used in mode fail safe de OpenWrt but only to send a signal to the equipment at a certain time and that we can access the device again through telnet or ssh.

It can also happen to them bricking the router if they install an image that is not appropriate for it, in that case the recovery of the device is somewhat more complicated in that the procedure involves opening it to access the integrated, soldering an electronic device to which we are going to feed through a USB cable connected to our machine and then connect to the router via serial console, activate an FTP server -Tftp- very primitive to copy the correct firmware, reset the new image, etc., nothing too complex although if we do not do it carefully we run the risk of burning the router.

Screenshots

Here are some images of the BusyBox shell and Luci web interface:

So far the introduction to OpenWrt, later I will write a succinct installation guide, more than anything the typical situations that can be found especially so that the hours of research that I invested are saved reading tons of documentation and exchanging ideas on IRC until I leave my router running as I have it today.