OpenWRT replacement....
Richie Jarvis
For those that don't know, I have been pushing Ian to move over to a
OpenWRT based solution for a while now - all we need is the appropriate
firmware.
Part of the reason that I lost faith in the MeshAP solution was the lack
of openness about the solution - basing everything on open source, and
then not following open source principals.
Anyway, enough said about that - I currently have 2 OpenWRT's on my
workbench at the moment, and am about to start getting them to mesh -
anyone else interested? My thoughts here are that we can produce our
own system based upon OpenWRT, and then incorporate all the features we
wish, including (over time) remote management, etc. Oh, and all those
old PC's won't go to waste either, as OpenWRT has now been ported back
to x86, so we should be able to run in that environment as well.
Does anyone else want to join in with the development?
Cheers,
Richie
Phil Thompson
> Part of the reason that I lost faith in the MeshAP solution was the lack
> of openness about the solution - basing everything on open source, and
> then not following open source principals.
>
> Anyway, enough said about that - I currently have 2 OpenWRT's on my
> workbench at the moment, and am about to start getting them to mesh -
> anyone else interested?
yes, interested.
Bit confused because OpenWRT *is* a firmware so presumably you're
referring to some hardware ?
While I'm being pedantic, can we try to be clear what we mean with words
like "mesh". I don't personally fully understand how two LW MeshAP nodes
talk to each other (explanations welcome !) but I'm aware of
alternatives like WDS that interconnects access points at the MAC layer
or ad-hoc mode where 802.11 devices chat to as many other devices as
they can see.
So one can build a "mesh network" of interconnecting wireless nodes with
at least two methods and probably three of making the peer-peer
interconnects.
With that in place you need a routing arrangement to get the traffic
around the network and off to the outside world at one or more points,
which is where routing protocols and techniques get added in.
MeshAP uses AODV (ad-hoc on-demand distance vector) routing, Freifunk
uses OLSR (Optimized Link State Routing) - any others around ?
Phil
Richie Jarvis
hardware, as it doesn't actually matter what the underlying box is, as
long as it supports the OpenWRT firmware. So, to clarify, what I am
talking about is a series of boxes running the OpenWRT firmware, be
these WRT54GS/GL, x86 boxes, or any other piece of hardware.
On the subject of meshing protocols, I am of the opinion that using a
dynamic routing protocol such as AODV or OLSR is not the right way to
go. Our mesh is a static environment, and from what I can tell, most
others are as well, therefore, allowing the network to define its own
routes leaves alot to be desired - it adds traffic overhead, and quite
often (certainly on MeshAP) gets itself tied in knots.
Consequently, I think the way to go is to use a static routing protocol,
such as OSPF, and define primary, secondary and tertiary routes around
the mesh. However, I am curious to see whether using OLSR instead will
allow better defined routes than AODV - comments anyone?
Our network in SussexNetShare is currently made up of about 120 nodes -
these nodes are spread out over quite a wide area - some mesh with each
other (as here in Chailey where Ian and I live), and some are out on
their own. Here in Chailey we have 4 gateways providing access for the
rest of the village, which is covered by 15 nodes (including the
gateways.) The end goal for me at least is to replace the existing
MeshAP hardware with OpenWRT capable hardware - preferable in a
watertight box on the masthead, fed by power-over-ethernet.
Right now, I've got 2 OpenWRT boxes here configured as standalone
hotspots - authenticating against a central RADIUS DB via Chillispot -
the next stage in the battle is to decide and implement a routing
methodology, and add a third box to truely create a mesh. Once I've got
this working, we can begin rolling these out in the village as a
testbed. Then the work can begin on a central system to manage these
devices remotely.
On the alternatives out there at the moment, I don't see anyone (except
Meraki) who have managed to produce such a system - please speak up if
you know of any!
Thanks,
Richie
Richard B
way I would like to see things go. Richie, can you tell us which
OpenWRT version you are using? Kamikaze? Have you got Open-WRT working
on a traditional LW type box or an old PC?
Regards,
Richard B.
Nick halln@clannet.co.uk
Cut and paste from http://swarmhotspots.com/faq.html
Has anyone done this and like to share experience?Tom how far have you
got?
This is a LONG LONG way from a integrated solution we are used too!!!
A howto for DD-WRT, Chillispot and FreeRadius.
********Warning ********
Following these instructions will invalidate your Linksys warranty.
You do so at your own risk. These instructions assume that you have an
understanding of Linux, PHP MySQL and Apache. If you brick your AP you
might get it back by holding down the reset pin for 20 seconds, unplug
the power while still holding down the reset button for another 20
seconds and then plugging the power back in while still keeping the
reset button held in for a further 20 seconds. This should bring it
back to the defaults of whatever firmware you have installed. You
should be able to login to 192.168.1.1
*******End of Warning********
Feel free to copy or use this information in any way you like.
What you will need:-
a) DD-WRT
Download the latest version here http://brainslayer.braincontrol.org/dd-wrt.v22.zip
b) FreeRadius
Download the latest version here ftp://ftp.freeradius.org/pub/radius/old/freeradius.1.0.3.tar.gz
c) phpMyPrepaid
Download the latest version here http://jabali.net/~carl/phpMyPrepaid.0.1.3RC2.tar
also download the radiusd.conf file from http://jabali.net/~carl/
d) Linsys WRT54G AP
e) You will also need PHP, Apache, MySQL amd MySql Delopment Modules,
(These need to be setup first.) some patience, plenty of beer and
cigarettes.
Step 1 DD-WRT/Chillispot Configuration
Configure the WRT-54G with the standard Linksys software and the use
the upgrade firmware module to install the dd-wrt package on the AP.
*******IMPORTANT******* Use your cable connection to do the upgrade.
NOT the wireless connection
Reboot the AP and login to your new firmare.
Set Dynamic configuration DHCP
Disable DHCP (Chillispot will manage DHCP for your clients.)
Change the Local IP of the AP to 192.168.10.1.
Set your gateway and DNS addresses.
Update changes and log back in to the new IP address.
Go to the administration page.
Enable Chillispot
Enter the IP address of your Radius server
Enter the DNS
Enter the redirect URL eg HTTPS://123.123.123.123/cgi-bin/hotspotlogin.cgi/
(MAke sure that the address ends in / and is https.)
Enter a shared key. (This can be anything you like, but keep a note of
it you will need it later.)
Set DHCP Interface to Lan+Wlan
Enter a NAS id (Your name for your AP)
Enter a UAM secret (This is the password that Chilli will use to talk
to hotspotlogin.cgi)
Save your settings and reboot the AP. Please give the AP about 10
minutes to reboot and initialise all the new services.
Step 2 FreeRadius Configuration.
Untar the FreeRadius tar file and enter its directory.
Type ./configure --with-experimental-modules
make
login as root and type make install
When this is finished copy the radiusd.conf file that you downloaded
earlier to /usr/local/etc/raddb/
You should not need to edit radiusd.conf
Edit /usr/local/etc/raddb/sql.conf and in the SQL section make these
changes
# Database type
# Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
# rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
driver = "rlm_sql_mysql"
# Connect info
server = "localhost"
login = "yourlogin"
password = "your password"
# Database table configuration
radius_db = "radius"
Edit the /usr/local/etc/raddb/clients.conf file and enter the details
of your NAS (AP)
client xxx.xxx.xxx.xxx { (This is the address of your NAS or WRT54G )
secret = xxxxxxx (The secret you entered in the Chilli Config)
shortname = private-network-9 (This can be any name)
nastype = other
( If you want to set up several AP's with one secret the IP address
above should be 0.0.0.0/0 )
}
Step 3 hotspotlogin.cgi
Copy hotspotlogin.cgi from http://chillispot.org to /var/www/cgi-bin
Edit the file and change the secret to the UAM secret that you entered
in the Chillispot configuration on the WRT54G
Step 4 phpMyPrepaid and MySQL
Extract the phpMyPrepaid file to a directory on your webserver eg /var/
www/html/myprepaid
Create a MySQL database called radius and create a user and password
for it. Use a script called db_mysql.db that you will find in the
phpMyPrepaid download to create the database tables.
Edit the dbconnect.php file in the phpMyPrepaid directory and enter
the username and password for your MySQL radius database. IMPORTANT
Save this file behind your web directory or your passwords will be
easy to hack.
Edit config.inc.php and change the line that points to dbconnect to
wherever you have saved dbconnect.php
In your web browser got to http://yoursite.com/whereveryouputphpmyprepaid/
and create some tickets. Check your database to see if the users have
been setup in radcheck. Launch FreeRadius as root with this command
radiusd -xxyx -l stdout. Pick a user and password from your database
and try to login from a wireless client. If you can then it is time
for step 5. If not go back to step 1 and check everything.
Step 5 Have a cup of coffee and unwind. If all is well you have
finished. I'll keep an eye on this post and do my best to help anyone
with problems
> > Richie- Hide quoted text -
>
> - Show quoted text -
Phil Thompson
> Has anyone done this and like to share experience?
had oneof those Chillispot setups running for a while, in my house as it happens. Largely did
what it says on the tin, we had it configured to use MACs in the RADIUS database so that the
splashscreen didn't appear, using the DDWRT ability to send the MAC as a login parameter
(this was broken in DD-WRT's Chillispot for a long time).
One gateway router could handle the authentication for a WDS or other distribution system
providing the MACs were transmitted or the user / pass approach was acceptable.
Phil
Tom Anderson
Look at the below as three separate steps.
Step 1 buy a gadjet and flash with dd-wrt.
Play with it and get to know how it works.
This can be for as long as you like adding more dd-wrts as you go.
Integrate with wiana for authentication and captive portal.
Been doing this for 2 years plus.
Step2 download freeradius.org for linux or freeradius.net for windows
If you don't have a handy linux server use the freeradius.net package.
Download and install then set to run as a windows service.
Two files to add settings to.
Radius Clients.conf
and users
Job done.
Step3 Chillispot ,Wi Fi dog , Sputnik or another captive portal solution.
Play with them then choose which you prefer.
No MySQL or other database set up is required unless you know how and I don't.
Host your walled garden on any webserver you have handy , ours is in Germany.
Step4 after step1 download rflow from dd-wrt and run on the windows machine you will use for freeradius.
Your desktop now shows you exactly whats going on plus all the traffic etc.
All centrallised.
All manageable locally or remotely via http https or ssh
The whole lot could go to a database when and if you need to record all sites visited etc by users.
By then I might quarter understand MySQL.
Help is at hand for the faint hearted.
Tom
Nick halln@clannet.co.uk
Step 1: OK I have a ddwrt on a meshbox(X86 version v24) up and
running on my network. Cant see my radio, what cards does it
recognise anyone prism or atheros?
Step 2: Free radius loaded and producing error messages. Any idiot
guides for freeradius?
Nick
> > Cut and paste fromhttp://swarmhotspots.com/faq.html
> > Has anyone done this and like to share experience?Tom how far have you
> > got?
> > This is a LONG LONG way from a integrated solution we are used too!!!
>
> > A howto for DD-WRT, Chillispot and FreeRadius.
>
> > ********Warning ********
>
> > Following these instructions will invalidate your Linksys warranty.
> > You do so at your own risk. These instructions assume that you have an
> > understanding of Linux, PHP MySQL and Apache. If you brick your AP you
> > might get it back by holding down the reset pin for 20 seconds, unplug
> > the power while still holding down the reset button for another 20
> > seconds and then plugging the power back in while still keeping the
> > reset button held in for a further 20 seconds. This should bring it
> > back to the defaults of whatever firmware you have installed. You
> > should be able to login to 192.168.1.1
>
> > *******End of Warning********
>
> > Feel free to copy or use this information in any way you like.
>
> > What you will need:-
>
> > a) DD-WRT
>
> > Download the latest version herehttp://brainslayer.braincontrol.org/dd-wrt.v22.zip
>
> > b) FreeRadius
>
> > Download the latest version hereftp://ftp.freeradius.org/pub/radius/old/freeradius.1.0.3.tar.gz
>
> > c) phpMyPrepaid
>
> > Download the latest version herehttp://jabali.net/~carl/phpMyPrepaid.0.1.3RC2.tar
> > also download the radiusd.conf file fromhttp://jabali.net/~carl/
> > Copy hotspotlogin.cgi fromhttp://chillispot.orgto /var/www/cgi-bin
> > Edit the file and change the secret to the UAM secret that you entered
> > in the Chillispot configuration on the WRT54G
>
> > Step 4 phpMyPrepaid and MySQL
>
> > Extract the phpMyPrepaid file to a directory on your webserver eg /var/
> > www/html/myprepaid
> > Create a MySQL database called radius and create a user and password
> > for it. Use a script called db_mysql.db that you will find in the
> > phpMyPrepaid download to create the database tables.
> > Edit the dbconnect.php file in the phpMyPrepaid directory and enter
> > the username and password for your MySQL radius database. IMPORTANT
> > Save this file behind your web directory or your passwords will be
> > easy to hack.
> > Edit config.inc.php and change the line that points to dbconnect to
> > wherever you have saved dbconnect.php
> > In your web browser got tohttp://yoursite.com/whereveryouputphpmyprepaid/
> ...
>
> read more »- Hide quoted text -
Phil Thompson
> Step 1: OK I have a ddwrt on a meshbox(X86 version v24) up and
> running on my network. Cant see my radio, what cards does it
> recognise anyone prism or atheros?
>
> Step 2: Free radius loaded and producing error messages. Any idiot
> guides for freeradius?
http://www.freeradius.org/ has a wiki and there is a mailing list. I think the project leader also
wrote a book. Which OS are you using ?
RADIUS is not for idiots and the mailing list can be a bit "robust".
Phil
Tom Anderson
atheros cards
Step 2 which version , linux or windows ???
Richard B
open source and will cost you on a per-machine basis. Possibly some
non-open drivers are required but I think it is more to do with making
a living. Looks rather like the way Locust World went to me. I am not
sure of the legality of what is being done in either case but I would
prefer to go in the OpenWRT direction personally. See OpenWRT (and
also X-WRT) via the Links page: http://groups.google.com/group/meshap/web/links?hl=en
Open-WRT is "behind" DD-WRT in many respects - but it IS open.
On Oct 11, 9:26 am, Tom Anderson <t...@swbb.us> wrote:
> Step1 x86 dd-wrt doesn't do wireless until it is activated...some euro's
> required.
> atheros cards
>
> ........
Helen Anderson
--
www.wireless.southwitham.net
Skype:helenander
8442...@voiptalk.org
Richie Jarvis
> Open-WRT is "behind" DD-WRT in many respects - but it IS open.
>
DD-WRT is very good for a single user AP - it does a great job, and
brainslayer should be complimented for his work.
DD-WRT is meant to be a fully built, ready to go router with bells and
whistles, and everything configurable via a UI. OpenWRT is the
foundation - its what DD-WRT and all of the variants are built upon.
Incidentally, thats exactly why DD-WRT is bad for a Meshing system -
there is too much additional crap in there - such as Samba for example.
Sure, it has some nice features, but do you really need to cram the
memory chock full with things you aren't going to use, and have to turn
off everytime you want a new node? DD-WRT also comes with telnet turned
on by default, and SSH off.
Thats exactly where we are heading with the OpenSourceMesh project -
produce JUST a node, without anything 'extra' on it. And make it
cross-compile to x86. OpenWRT already cross-compiles to x86, so
producing an x86 AND a Atheros version shouldn't take much extra effort.
Cheers,
Richie
Nick halln@clannet.co.uk
Thanks for the boutiful amout of help!!! I wish we had that when we
were starting out with LW 4 years ago from the LW list!
As a beginner; feeling my way, I think I ought to stick to the 'easy'
ddwrt UI and get my head around all the other stuff first. I need to
walk first!
I have free radius installed on XP but trying to load the config files
from menu produces 'could not execute menu item internal
error ..blah... blah ..a device attached to the system is not
functioning'
Any ideas what that is?
Phil is not wrong about theFree radius documentation being 'robust'
is blinkin pointless hard work! I only want to add a few users and
know a bit about setting it up.
We have to try to make this stuff simple for any hope of community
take up.
Similarly we need a zero configuration node similar to 'Robin' or LW
MeshAP
Nick
Richie Jarvis
The Freeradius stuff you will find alot easier to setup under Linux btw
- there is a very good guide for setting it up for Chillispot auth here:
http://gentoo-wiki.com/HOWTO_Chillispot_with_FreeRadius_and_MySQL
I've got Chillispot running fine against this with OpenWRT on the
Linksys WRT54GL router and I expect Wifidog will be easy as well.
In the meantime, walk with DD-WRT - when your done, one of the splinter
groups should have something working I hope!
Cheers,
Richie
Tom Anderson
Hi Nick,
radius first.
In edit radius clients.config
scroll down to
#client 192.168.0.0/24 {
# secret = testing123-1
# shortname = private-network-1
#}
#
client 192.168.0.0/16 {
secret = testing123
shortname = private-network-1
}
client 172.16.0.0/16 {
secret = testing123
shortname = private-network-2
}
client 10.0.0.0/8 {
secret = testing123
shortname = private-network-3
}client ip address its comming from{
secret = whatever you decide on
shortname = whatever you decide on
}
Make sure you use the correct {}'s
Tom Anderson
access files by right clicking on the system tray icon and choosing
which to edit.
Nick halln@clannet.co.uk
Thanks for your patience with me.
When I right click to open a config file to edit is when I get teh
error 'could not execute menu item internal
error ..blah... blah ..a device attached to the system is not
functioning'
Any ideas what that is? bad install?
Nick
Tom Anderson
Nick halln@clannet.co.uk
Hi Tom
Sorted that bit! Config files load into notepad
However, I reckon ritchie is right, notepad and windows is not the
correct way to edit this stuff I am going to add formatting characters
and bugger it up.
I would be better off on linux with a native editor like VI
Ordered my Buffalo router in frustration.
Best regards
Nick
Adrian (ADR Communications)
http://paginas.terra.com.br/informatica/php_editor/index_en.html
Adrian
Best regards
Nick
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.6/1060 - Release Date: 09/10/2007
16:43
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.488 / Virus Database: 269.14.6/1060 - Release Date: 09/10/2007
16:43