Archiv:Freifunk Firmware/FFF (English)
- Hinweis: Eine deutsche Version gibt es unter Freifunk Firmware/FFF.
This is a description of version 1.0 of the Freifunk Firmware.
This page is historical
The firmware described here is unmaintained since 2010. To the new firmware (OpenWRT Kamikaze).
All required files can be downloaded from http://download.berlin.freifunk.net/ipkg - Backup. A ChangeLog is also available. Recent changes (from 0.6.8 on):
- LZMA compression for kernel and squasfs: leaves more space for installable packages (ca. 1.4 Mb for the firmware which is smaller than the original OpenWrt)
- MTD update for compatibility to Linksys WAP54G-Ver2.0 with 2 Mb Flash. With this update the router does not block if large files are stored or if the read/write partition has "disk full".
- Improved Dyn-GW for automatic announcement of an Internet gateway. Realised with IPRoute2 (http://lartc.org/howto/ , http://snafu.freedom.org/linux2.2/iproute-notes.html).
- Improved Web-UI: Software install page, Client/ Master/ Ad-Hoc/ Bridged-Mode, Enhanced status page, Firmware download from the router itself possible.
- Added Mcast Route to kernel, disabled BBC, speedup SSH (rev. DNS), added software-watchdog for stability, olsrd-nameservice, olsrd-httpinfo, TFTP client for flashing neighbour devices.
- Lots of bugfixes.
Note: A brief configuration description is available under [Konfiguration Freifunk Firmware].
Wishlist for 1.1
- Shrink this list ;-)
- Chillispot or other captive portal with authentication
- In Status / Overview: a separate menu (Button): Ad-hoc Scan, which shows Signal + Noise for each Ad-hoc (OLSR)-Node-IP. Example:
|_____IP:1____MAC:x______Signal: + Noise
|_____IP:2____MAC:y______Signal: + Noise - In Status / WLAN Scan: sort the list by Channels or SNR.
- In Status: Query with GET instead of POST to make the browser back button work.
- Webinterface for changing / viewing firewall rules
- Modifiable Timezone and NTPClient that connects to pool.ntp.org (rdate uses the time protocol, see RFC868)
- OpenVPN 2.0 for the creation of VPN tunnels
- Automatic updating of configured firmware for better maintenance of entire networks
- OLSR plugin for creating a dynamic list of reachable Web servers
- Network traffic summaries with pmacct / web page
- SIP Router for VoIP Applications (OpenWrt-Version from sip-router.org/ser/)
- Publish contact info (incl. GPS coordinates) as RDF via HTTP
- Configuration of time- and bandwidth-dependent internet gateways (e.g.: saturday 12:00pm till sunday 00:00am Internet offered with 200 KB/s max.)
- Add support for ubiquiti routerstation pro and other ubiquiti boards
Overview
The Freifunk Firmware can be installed a wireless router to set up a typical OLSR node quickly and easily. The firmware runs on Linksys WRT54G-V2.0, WRT54G-V2.2, WRT54GS-V2.0, WAP54G-V2.0 (4Mb Flash), WAP54G-V2.0 (2 Mb Flash) and on AllNet 0277 devices. Several people have posted positive feedback for WRT54G-V1.1 and WRT54GS-V1.1 also. Steps to install an OLSR node:
- Obtain a WRT54G at your favourite store. The more expensive WRT54GS is needed only, if a lot of additional packets or a bigger web site is planned.
- In the original web interface, find the Firmware Update button.
- Upload the firmware file "openwrt-g-freifunk-x.y.z-en.bin".
- On the new web admin pages, configure the OLSR IP address.
- The default HTTP password is "admin", this should be changed ...
Tip: When using the Freifunk Web interface it does not matter whether the G, GS or TRX versions of the firmware is used. However, when using the original Linksys Web interface or the TFTP you must use the corresponding file for the device: openwrt-g-.bin for WRT54G, openwrt-gs-.bin for WRT54GS, .trx for WAP54G and openwrt-allnet-.bin for All0277.
Basically, Freifunk Firmware is a preconfigured OpenWrt/Stable with a web interface. The following packages are preinstalled: "freifunk-webadmin-en", "freifunk-olsrd", "freifunk-upload", "wl", "dropbear" and "iproute2".
After the installation of the Freifunk Firmware, telnet is deactivated and the SSH server "dropbear" is started using the Web password. Web password and SSH password are always the same and default to "root" (user) and "admin" (password). A new firewall configuration protects the local 192.168.x.x network from the "evil" 104.x.x.x OLSR Freifunk network (or more accurately: everything outside of 192.168.x.x). Internet surfing via OLSR is possible using NAT (Network Address Translation) provided there is a working HNA4 (another station announcing internet access) within range.
The Web interface is divided into two parts: a public area and a password protected administration area. The public area allows visitors to view information about the current routing table and a scan of WLAN base stations in the vicinity. There is also the possibility of creating your own dynamic webpages with the Freifunk layout. An explanation on creating dynamic content for WinXP and Linux is also included.
The administration webpages can also be installed on a normal OpenWrt installation. Only the extended restart functions (Admin --> Restart) and the firmware upgrade (Admin --> Firmware) functions are not usable. To install, do the following:
- Add the "src freifunk http://download.berlin.freifunk.net/ipkg" line to /etc/ipkg.conf
- ipkg update
- ipkg install freifunk-webadmin-en
Notes
All configuration settings have an online help. With FireFox or Mozilla use ![F1] to display the help information (both are incapable of displaying multiple line tooltips).
Version G2.2 / GS1.1 / G3.0
Since spring 2005 mostly newer versions of the Linksys devices are sold. These devices have another Ethernet chip, so the original OpenWrt/Stable will not run. The Freifunk Firmware already includes the newer Ethernet driver and should run on all available versions. I expect the firmware will also run on the WRT54G-Ver 3.0 (unconfirmed).
The Freifunk Firmware actually is based on OpenWrt/Stable. A conversion/upgrade to OpenWrt/Experimental is not to be expected before summer 2005.
WAP54G
This device is available with 3 versions. An older version exists which will not run Freifunk Firmware or OpenWrt. The WAP54G-Ver 2.0 exists with 4 Mb AMD flash memory, 16 Mb RAM and 7 LEDs in front panel. There is another version 2.0 with only 2 Mb Intel flash memory, 8 Mb RAM and 3 LEDs in the front panel. Only upload Freifunk Firmware on devices with the reset switch located left of the Ethernet Jack! Unfortunately the Freifunk Firmware cannot be uploaded with the Web UI of the original WAP54G firmware. An error message stating "Cannot downgrade" will be shown - this is caused by the LZMA bootloader. To enable the "boot_wait" setting for TFTP uploads, upload first a prepared original firmware (download: http://styx.commando.de/sven-ola/wap54gv2.2.06-with-boot_wait-on.trx). Then execute the "Reset to Factory Defaults" function to enable "boot_wait".
With only 2 Mb flash memory, nearly no additional software can be installed. Because several people asked already: There is a minimal version of the firmware available in the download directory without Freifunk addons.
Errors during Firmware Flash
The first action of the running firmware is to set the configuration variable "boot_wait" to "on". The following explanation is for emergency cases, e.g. loss of the power during the flash procedure.
When the device is restarted, it listens (for approximately 5 seconds) on the IP address 192.168.1.1 for a TFTP (Trivial File Transfer Protocol) transfer of the firmware. If the firmware transfer via the web interface failed then the device listens permanently for a TFTP transfer (recognisable by the blinking DMZ LED which will be on for 15 seconds and then off for 15 seconds and so on).
If the firmware on the device does not function, then the device can be rescued via the TFTP mechanism. Connect your PC to the device using one of the four network adapters ![1-4] on the device. You can either use a crosslink or normal TCP/IP cable.
- Windows XP
- : Login as Administrator on the PC.
- In the Network Connection' window, open the **properties window of the LAN Connection. Change the properties for the Internet protocol TCP/IP**.'
- Configure the IP address to be
192.168.1.2
. Accept the default network mask of255.255.255.0
. All other settings do not need to be changed. - Under Start --> Programs --> Extras, start the Prompt window (or by entering
cmd
into the Start --> Run dialog). With the commandcd
, change into the directory containing the desired firmware.
For example: typecd /d x:\download\firmware
and press the Enter key. - Enter the TFTP upload command but do not press Enter.
For example:tftp -i 192.168.1.1 put openwrt-g-freifunk-%VERSION%-en.bin
Now jump to the section [#fwtrs Firmware Upload] below and continue from there. - Linux
- : Start a shell with root privileges.
- Change directories using the
cd
command to the directory containing the desired firmware.
Example: typecd /tmp/download/firmware
and press the Enter key. - Configure the required network interface. Example:
ifconfig eth0 192.168.1.2
- Start the tftp program: enter
tftp 192.168.1.1
and press Enter. TFTP needs to be configured to correctly to transfer the firmware: in the tftp shell enterbinary
and press Enter, follow this withrexmt 1
and press Enter - Enter the TFTP upload command but do not press Enter.
Example:put openwrt-g-freifunk-%VERSION%-en.bin
- Firmware Upload
- The network socket of the PC normally has an LED to indicate whether a connection exists. This LED lights up as soon as a network connection is established. After switching on the device, this LED should light up after a couple of seconds. Similarly, one of the four LEDs on the device should also light up. By power-cycling the device this behaviour can be checked. To check this, do the following:
- Remove the power supply to the device.
- Reconnect the power supply to the device.
- Wait approximately 2 seconds until the network LEDs light up.
- Wait a further 1-2 seconds.
- Press enter to confirm the TFTP transfer of the firmware. The upload should be completed error free after 5 seconds. The power LED of the device blinks to indicate the update is being done. The update takes at most 2 minutes. The device will automatically start the new firmware.
Tip: If two WRT devices are connected with Ethernet and you are SSH-connected via WLAN, the running firmware can be transferred with TFTP also. Enter /etc/init.d/S45firewall stop
and ifconfig br0 192.168.1.2
to configure the Ethernet interface. Then enter cd /tmp
and /www/cgi-bin/freifunk-upload -g /dev/mtd/1ro>g.bin
to extract the firmware file. Start the transmission with the tftp -l g.bin 192.168.1.1
command.
Boot_Wait
There is no reason to manually activate the NVRAM boot_wait
option when using the Freifunk Firmware. If the update via the web interface succeeds, then the first thing the Freifunk Firmware does is to activate the boot_wait
(i.e. value is set to on
) option. If something goes wrong, then the device will not boot but will have an active TFTP server. The device remains in this state until an TFTP connection is made and a valid firmware is uploaded.
SSH Shell
The Freifunk Firmware also has a shell interface. In failsafe mode, the shell can be accessed directly by telnet"ing to 192.168.1.1. There is no password and the IP address is hardcoded. If the device starts normally, then no telnet is possible and access is only available using SSH. The username is root and the password is the same as the password for the administration pages of the Web interface. Tip: Windows user can use the Freeware program PuTTY as SSH/telnet client.
Commands are entered at the prompt and confirmed with the Enter key. Some of the more useful commands are: ls
, cd
, cp
, rm
and vi
. Many commands also have a short help accessible via the -h
option, for example cp -h
. In order to modify a configuration file (e.g. /etc/local.dnsmasq.conf), do the following:
- Type the command
cd /etc
and confirm with ![Enter]. - The command
ls -l loc*
to view the contents of the directory. - Enter the command
vi local.dnsmasq.conf
to view and edit. To make life easier, use the ![Tab] key to automatically complete the filename, e.g. entervi local.d
and complete by pressing ![Tab]. - Use the cursor keys to move to the location where you need to make the modification.
- Use the ![i] key to enter the insert mode. Now the text may be modified or entered. Use the ![Esc] key to exit the insert mode and return to the command mode.
- In the command mode, use ![d] ![d] to delete an entire line.
- Using ![:] ![w] ![q] ![Enter] you can save your changes and exit the editor.
- With ![:] ![q] ![!] ![Enter] you leave the editor without storing you modifications.
Note: Many of the configuration files are links to the read-only ROM partition. To modify these files, you need to remove the link first (rm /etc/sample.conf
). Then copy the current file from the ROM partion (cp /rom/etc/sample.conf /etc
).
Using DHCP with an OLSR Network
With Freifunk Firmware it is possible to automatically assign IPs to computers via DHCP (e.g. laptops) in the vicinity. Provided the PC is in the vicinity of the WRT54G then it is also possible to surf the internet. In order to use DHCP, you need to reserve a block of IP addresses: at least the block of address you want to offer as DHCP. Using this "basic configuration", it is not necessary for a laptop to have an OLSR daemon. The WRT54G becomes the default gateway for the laptop and is responsible for translating the network traffic from the laptop.
Example:
WRT-IP=104.17.50.17 (reserved is 104.17.50.16/28, that is 104.17.50.16-104.17.50.32) DHCP=104.17.50.24/29 (upper half is DHCP, that is 104.17.50.24-104.17.50.31) Network mask for DHCP=255.255.255.240 (this mask fits the 16 IPs) The configuration is then: 104.17.50.24/29,255.255.255.240
Net Adr. | WRT | free | free | free | free | free | Brc Adr. | Net Adr. | Reserve | DHCP | DHCP | DHCP | DHCP | DHCP | Brc Adr. |
.16 | .17 | .18 | .19 | .20 | .21 | .22 | .23 | .24 | .25 | .26 | .27 | .28 | .29 | .30 | .31 |
IPs without NAT | IPs with NAT | ||||||||||||||
Because of the network mask is this IP range directly accessible by DHCP clients. |
The network mask is set in such a way that a DHCP client can access the IP range 104.17.50.16-104.17.50.32 directly. Other IP addresses (i.e. internet) can only be reached indirectly via the default gateway. Of course the default gateway (in this case 104.17.50.17) is directly accessible from the DHCP clients. Furthermore, not all available IPs are available via DHCP, this case only the range 104.17.50.26-104.17.50.30. The WRT54G is also reserved one IP number (in this case 104.17.50.17), this is particularly important if the reserved block of IPs the same is as the block of IPs that are available via DHCP. The first and last IP of a network range is always reserved as network address and broadcast address respectively.
For more information please read IP Grundwissen.
Providing Internet Access...
...is really easy! Connect the internet router to the internet adapter of the WRT54G. The WRT54G automatically receives a default gateway via DHCP and announces a HNA4 so that other OLSR clients may access the internet connection. This done by the "dyn-gw" OLSR plugin. The connection to the default gateway is continually checked using "arping". If the connection disappears, then the HNA4 announcement is discontinued. This is an extension of the OLSR daemon.
Note: The command "arping" is as it waits a maximum of 1 seconds for a reply if no link is available ("ping" waits up to a maximum of 10 seconds). This is a problem as the OLSR daemon is suspended during this connection check.
PPPoE User
It is possible to install PPPoE to make use of a xDSL connection. An web interface and the corresponding tools are available in the "freifunk-pppoecd-en" package. This is the first package which, when installed, also contains Web pages for its management. In the future it is planned to have more such management pages installed with packages. At the moment there are still no Web management pages for the management of software packages. To install the package, do the following:
Connect to the device using the SSH client (e.g. using PuTTY). Type:ipkg update
and press Enter. This updates the list of available software packages Type:ipkg install freifunk-pppoecd-en
and press Enter. This command downloads and installs the software package. Configure the xDSL connection using the Web page Admin --> PPPoE.
Tip: The device, in order to install the package, requires an active internet connection. Alternatively the IPK file can be retrieved from http://styx.commando.de/sven-ola/ipkg and stored on an internal FTP or Web server (e.g. using the Cerberus FTP-Server). The IPK file can the then be downloaded onto the device using the command cd /tmp;wget ftp://your-local-ftp-server/freifunk-pppoecd-en.ipk
. The installation can then be done using the file directly: ipkg install /tmp/freifunk-pppoecd-en.ipk
.
Feature not available?
There is always something missing. Whiners are directed to /dev/null or SveaSoft! Everybody else is reminded that Freifunk Firmware is nothing else than an extension of the OpenWrt and as such, you are able to install and configure packages yourself. In order to do this, locate the desired package repository (these contain the Packages
file). The URL for the repository can be added to the /etc/ipkg.conf
(see [#fwconf Firmware Configure] for more details). To install the package, first update the list of available packages (ipkg update
), then make sure the desired package is available (ipkg list
) and finally install the package: ipkg install package-name
. To development Freifunk Firmware Web pages for the management of software packages, retrieve the file ff-devel.tgz
from http://styx.commando.de/sven-ola/ipkg/webpak/. The archive contains an example configuration pages, the matching IPK package and a README
file.
What to expect
The Freifunk Firmware Web pages can be viewed on the Internet before installing the firmware. Using these "dummy" pages does not do anything but they do provide an impression of what to expect: