First step towards OpenWRT on a stock (Chinese) WR703N

Source: mostly from this post, that covers openwrt upgrade and tweaks.

The initial OpenWRT file to flash is this one. Make sure to use the a sqhashfs factory firmware after the original chinese firmware or you will brick your device (see here to unbrick it: the good news are you can't kill it completely)!

Flashing the device

Note that all the OpenWRT revisions are found on this page (obviously, consider only wr703n + squashfs firmwares).

Accessing the WR703N for the first time: network configuration

The router is initially configured as http://192.168.1.1 but my PC IP was 192.168.0.100 and my netmask did not allow the 192.168.1.X range. On linux I used the convenient "alias" option to add a secondary IP to my connection:

Running

ifconfig

Gave me:

eth0    Link encap:Ethernet  HWaddr AA:BB:CC:DD:EE:FF  
        inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
        (...)

Just type the following command:

ifconfig eth0:0 192.168.1.6 up
ifconfig

And you'll get an additional IP address compatible with the router:

eth0:0  Link encap:Ethernet  HWaddr 00:23:54:35:8a:cd  
        inet addr:192.168.1.100  Bcast:192.168.1.255  Mask:255.255.255.0
        UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

This time my browser will see the router to be configured, at http://192.168.1.1 (this address is written on the back of the device).

Beside, the above alias will not survive a reboot, so this is a temporary fix that will not mess your network configuration once the router is re-assigned an IP in your own LAN area (192.168.0.X instead of 192.168.1.X).

Flashing the device

Log to the device interface on http://192.168.1.1 with admin and admin for the user credentials. Everything will be chinese, and right clicking in Chrome does not work for Chinese for a reason, so I had to revert to copy/paste in an online translator.

Click on the last option in the left bar (DateTimeCfgRpm.htm) then on the thrid sub-option (SoftwareUpgradeRpm.htm). You shall move your mouse over the options in the left to check the URL it points to. The shown URL is http://192.168.1.1/userRpm/SoftwareUpgradeRpm.htm even though clicking this link directly will not work (probably due to a security policy).

Now select the file to flash and click the button (you first need to unzip it). Click "confirm" on the popup and wait for about 2 minutes. If something goes wrong try again, and in the worst scenario you may have to revert to the serial line hack (soldering required!).

One uploaded, the page will become unavailable. Wait a bit further then reboot the device with the power plug. The led should blink for a short while and then settle on. You should now be able to log to the router with

telnet 192.168.1.1

(note that there is no HTTP server yet at this address, so your browser will not be able to connect to your device at this address)

Configuring the cabled network

Log on your router, either with telnet or with minicom via the hacked serial line. If you cannot remember the IP address of your device, you can scan your entire local area network with this useful command (on linux):

nmap -sP 192.168.0.*

or, e.g.

nmap -sP 192.168.1.*

It will tell you what is alive in your LAN (use the proper submask!)

Once logged on hornet, you may set your password with passwd. This will disable the telnet unsafe access, and you will now have to log in with ssh root@yourrouteripaddress and the password you changed.

Still, note that the serial connection (if you soldered it) stays always valid and without any password. This is very convenient when you fails to configure the network (better always open a second ssh connection and leave it idle somewhere as a fallback for this reason).

Use vi to edit /etc/config/network this way (eg.)

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'lan'
        option ifname 'eth0'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.0.90'
        option netmask '255.255.255.0'
        option 'dns' '8.8.8.8'
        option 'gateway' '192.168.0.2'

The above "yourrouteripaddress" is explicited here as 192.168.0.90 (one free and safe IP in my local network, ie. outside of the DHCP addresses as configured on my local router).

Here I used a google DNS address 8.8.8.8, but you could use your own & closer DNS server address (look on your own computer for example). The gateway is usually your internet box local address. You can also find them out on your own (linux) machine with the following command:

nmcli dev list  | grep 'IP4.*DNS'

Then restart the network with

/etc/init.d/network restart

(if you changed the IP you logged into, you will lose your connection and have to re-connect to the new one of course)

You can double check that your network is properly set up with

ifconfig

From withing the router shell, you should now be able to pass successively the following:

ping 192.168.0.2 # checking if your local area is found (address of the router, or a known and willing local machine)
ping 78.24.191.177 # this is openwrt.org (WAN: outside network), it should answer fine
nslookup example.org # finally, check if the DNS works

Reciprocally, you should see your router this way (cabled network IP address):

ping 192.168.0.90

I also had to reboot sometimes to get it work but sometimes it would never get to the outside world (unknown DNS issue to me, or may be my local router becoming suspicious?).

Actually, if you fail to reach the outside of your local area network, you probably can set the network more easily with Luci (next chapter). What's needed is just a working LAN network for Luci to help you!

Installing Luci: the nice OpenWRT administration webservice

If your network is fine, should should be able to rune these (else check next chapter)

opkg update
opkg install luci
/etc/init.d/uhttpd restart

Note (20170326): you may have to change the source in /etc/opkg.conf from

src/gz barrier_breaker http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages

to:

src/gz barrier breaker http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/packages

The former one is no more available (404).

This makes luci wait for HTTP connection on the router. Check that the service is up with:

netstat -tanp

You should see one line as:

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1660/uhttpd

Note (not really solved yet): Last time I tried it failed, and nothing was started. Running the daemon manually seemed to work:

uhttpd -f -p 80 -h /www

(then Control-Z followed by `bg` to send it background)

I am not sure these are needed:

opkg install uhttpd-mod-lua luci-sgi-uhttpd

Installing Luci without network access to the outside world

Update: did not check but found what seems to be an official documentation for instally Luci offline.

Once I upgraded to OpenWRT "sysupgrade" version (see below), changed my router's hostname and rebooted, Luci disappeared from my router, and I could no more configure the network to reach the outside world. The LAN was OK though. But the WAN is required by opkg to install Luci. Damn.

Update: my failure to resolve domain names was due to router own DHCP server that was started by default, I found it afterward with Luci itself: in the "System / Startup" panel, make sure to stop and disable dnsmasq in the list (see below for a screenshot).

You'll get this failure:

Downloading http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/Packages.gz.
(...time goes by...)
wget: bad address 'downloads.openwrt.org'
Collected errors:
  * opkg_download: Failed to download http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/Packages.gz, wget.  

But no need to fight with vi /etc/config/network when we'll be able to check easier with Luci.

The server required by opkg has the IP address 78.24.191.177 (at the time of writing, and most probably for a while) . You find it out for example on your PC with:

ping downloads.openwrt.org

So let's help our DNS-impaired router:

echo '78.24.191.177 downloads.openwrt.org' > /etc/hosts

Another attempt could be to get opkg work offline. Here it could be made by downloading the file on your own PC first, then put it somewhere you can serve it to the router through tftp or in your apache domain (say, located on adresse 192.168.0.101). Then download it from the router with, eg.

cd /tmp
wget http://192.168.0.101/Packages.gz

Now you can run opkg with the local file (seems it had a bug with no being able to create the directory, so I helped it a bit):

cd /tmp
mkdir -p /tmp/var/lock
opkg --offline-root /tmp update

and so (did not check further)…

Now you should be able to run

opkg update
Downloading http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker.

And finally:

opkg install luci

A lot of packages will be installed, and once finished you should be able to run the service with

/etc/init.d/uhttpd restart

Checking if Luci is running

Check that the service is listening:

netstat -tanp

You should see something like:

tcp   0 0 0.0.0.0:80   0.0.0.0:*   LISTEN   1444/uhttpd

Which means that it's correctly listening on port 80. The uhttpd is the small webserver/daemon that hosts Luci.

Luci: the OpenWRT adminitration web service

See here for Luci on lighttpd webserver for example (recommended anyway).

Point your navigator at the address you configured for your cabled network:

ifconfig|grep 'inet addr'|grep -v 127.0.0.1

In my case it is http://192.168.0.90.

This should open a login screen that asks for your root password.

To enable Luci on each reboot:

/etc/init.d/uhttpd enable
/etc/init.d/uhttpd start

You may check Luci essential, and also the installation and documentation pages.

Note

The last time I installed Luci (2014/04/17) I got the error This webpage has a redirect loop.

Configuring the wireless / wifi network

As a server

As a service, you just can edit /etc/config/wifi and comment out the line

option disabled 1

by prefixing it with dashes:

#option disabled 1

check the remaning of the file for the wifi server configuration.

Then restart the network:

root@OpenWrt:/etc/config# /etc/init.d/network restart
Configuration file: /var/run/hostapd-phy0.conf
Using interface wlan0 with hwaddr 14:cf:92:52:07:de and ssid "OpenWrt"

Using ifconfig lets you check the wifi network is on:

(...)
wlan0  Link encap:Ethernet  HWaddr 14:CF:92:52:07:DE  
       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
       RX packets:0 errors:0 dropped:0 overruns:0 frame:0
       TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
       collisions:0 txqueuelen:32 
       RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
(...)

Warning: this is an open and unsecure connection by default (no policy, no password)! Better use some encryption (see, e.g. here)

As a client

Reciprocally, as a client, the wifi configuration is easier to manage from within Luci web interface. Note that you may have to install wpa-supplicant if your network requires WPA authentication:

opkg update
opkg install wpa-supplicant

Upgrading OpenWRT "factory" to "sysupgrade" from Luci

From Luci you will also be able to upgrade your OpenWRT. Better save the configuration first because Luci will shoots itself in the foot ;)

Now that you installed the "factory" firmware, you can switch to the "sysupgrade" one, such as the one found at openwrt. I made a working copy of openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin.

Make sure to disable the DNS server as it may conflict with your network (which prevents access to domain names and thus to the necessary opkg command later, see the chapter above).

And now to the fun parts

Now that you have OpenWRT on your WR703N with the excellent Luci configuration panel, you'll be able to easily tweak your configuration: hostname, routes, firewalls and so.

And attach services to your box :)

Check some of mines from the main page.

electronics/wr703n/openwrt.txt · Last modified: 2017/03/26 21:28 by jim
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki