• TP-Link WR703N OpenWrt post installation tips

    TP-Link WR703N OpenWrt post installation tips

    In this post I’ll write down a few thigs I think are worth doing right after flashing your WR703N. The flashing itself is not covered in this post. For that, check out my How to flash TP-Link WR703N with OpenWrt post.

     Setting up a static IP address

    The first thing you should do is to assign a static IP address of your choice to your WR703N. There are three main reasons for doing this:

    1. Since your home router probably already uses 192.168.1.1, you will avoid having problems caused by conflicting IP addresses
    2. You will always know what the IP of your WR703N is and you will be able to connect to it from inside your network very fast
    3. Lastly, you will be able to make it work with DynDNS and port forwarding to connect to it from anywhere on the Internet

    Connect your WR703N directly to your PC using ethernet cable, telnet to it (telnet 192.168.1.1) and then edit /etc/config/network (Vi editor comes installed with OpenWrt, so you can use that). For example, to set the IP to 192.168.1.100 (assuming your network uses 192.168.1.X range and your home router is at 192.168.1.1), your lan interface section should look like this (do not change/remove the loopback interface part):

    1
    2
    3
    4
    5
    6
    7
    8
    config interface 'lan'
       option ifname 'eth0'
       option type 'bridge'
       option proto 'static'
       option ipaddr '192.168.1.100'
       option netmask '255.255.255.0'
       option gateway '192.168.1.1'
       option dns '192.168.1.1'

    Now run this command:

    1
    /etc/init.d/network restart

    And after that, feel free to disconnect the WR703N from your computer and connect it to your router/switch (you will be able to access it on the IP address that you just set up).

    Enabling SSH / disabling telnet (setting up password)

    Setting up the account password (using “passwd” command) will automatically disable telnet and enable Dropbear SSH daemon on port 22. Dropbear is an OpenSSH replacement designed for environments with low memory and processor resources (such as WR703N) and on OpenWrt it is installed by default instead of OpenSSH. You can easily replace Dropbear with OpenSSH if you want, but don’t do it before setting up extroot (see the next subsection) or else you will run out of free space.

    Extroot – extending your memory with an external USB device

    Extroot will allow you to use an external USB device to extend your internal memory which will enable you to install more packages onto your device (WR703N only has 4MB of flash memory which really isn’t much). Since this is a bit more tricky and it depends on which version of OpenWrt you have installed as well as on what kind of USB stick you have, I believe it is bettter for you to go to extroot wiki page and follow the steps provided there than for me to just copy all that stuff here.

    Installing GNU Screen and Vim

    GNU Screen will allow you to have multiple screens (you can view them as tabs or virtual terminals) so you won’t have to log in multiple times to have several terminals at once which is really, really handy. Vim is simply Vi improved. If you prefer another terminal editor (nano, joe..), go ahead and install that one.

    1
    2
    opkg update
    opkg install vim screen

    If you’re not familiar with screen, here are some basics.

    Installing the web interface

    You might want to install the OpenWrt web interface – LuCI (you need to have extroot set up for this or you will run out of free space):

    1
    2
    opkg update
    opkg install luci

    You will have to enable and start uhttpd daemon afterwards:

    1
    2
    /etc/init.d/uhttpd enable
    /etc/init.d/uhttpd start

    Then you will be able to access the web interface by typing your WR703N’s IP into your browser’s URL bar.

    Switching to Bash / setting up .bashrc

    OpenWrt comes with Ash shell. If you would like to use Bash instead, here is how you can switch and add some nice colouring to it. Install Bash by issuing the following:

    1
    2
    opkg update
    opkg install bash

    Then edit /etc/passwd and change the root user line to this:

    1
    root:x:0:0:root:/root:/bin/bash

    After that, run this command (which will create /root/.bash_profile and put “. $HOME/.bashrc” in it):

    1
    echo ". $HOME/.bashrc" > /root/.bash_profile

    Then you can either use your own .bashrc or download the one that I use (I got it from Arch wiki a few years ago) and put it in your root directory like this (if you would like to use your own .bashrc, make sure to put it in /root as well):

    1
    wget -P /root/ http://cmikavac.net/download/.bashrc

    Now log out, and log in again and you should have a brand new prompt.

     SSH public key authentication

    To enable SSH public key authentication on Dropbear you will first have to copy your public key to your WR703N’s tmp directory by issuing the following command from your Linux machine (change YOUR_KEY with your actual public key file name, and WR703N_IP with the IP address of your device):

    1
    scp ~/.ssh/YOUR_KEY.pub [email protected]_IP:/tmp

    Then log in to your WR703N and copy your public key to authorized_keys file:

    1
    2
    cat /tmp/YOUR_KEY.pub >> /etc/dropbear/authorized_keys
    chmod 0600 authorized_keys

    I couldn’t make make OpenSSH work with SSH public key authentication because apparently there is a bug in OpenWrt’s OpenSSH package (I read that somewhere on OpenWrt forums while I was trying to make it work some time ago, but I can’t find that post now… if I find it, I’ll put the link here).

    If you don’t use SSH public key authentication already, go here and read why you should and how to use it.

    For MS Windows users.

     Using DynDNS / setting up port forwarding on your router

    If your router supports DynDNS, or a similar service, you can make your WR703N accessible from anywhere on the internet (this is useful because you will be able to use your WR703N to tunnel your traffic to protect yourself while you are connected to an unsecured network somewhere). The explanation will be a bit more generic, but it will give you a rough idea on what you have to do to make it work:

    1. Register an account on DynDNS webpage
    2. Enter your DynDNS credentials into your router (find them somewhere in your router’s options)
    3. Forward a high TCP port (something above port 1024) to your WR703N (for example – if your WR703N is on 192.168.1.100, and Dropbear is running on port 22, then forward 8822 TCP to 192.168.1.100 port 22)

    Now you should be able to SSH into your WR703N by issuing the following command inside your terminal:

    1
    ssh -p 8822 [email protected]

    This might help you set up port forwarding on your router.

     Reflashing

    If you for any reason ever want/need to reflash your WR703N with a fresh instance of OpenWrt do the following (wget will download the latest snapshot of OpenWrt for WR703N, and mtd command will flash it to your device):

    1
    2
    3
    cd /tmp
    wget http://downloads.openwrt.org/snapshots/trunk/ar71xx/openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin
    mtd -r write openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin firmware

     

     Other

    OPKG Wiki 
    OpenWrt WR703N Wiki
    MiniPwner
    PirateBox

     

    Hope this helps. If you find out that something I wrote is wrong and is not working, please drop a comment bellow and I’ll fix it. Thanks. =)

  • GEdit FTP browsing / editing under KDE
    (using GNOME bookmarks without Nautilus)

    Problem with using GEdit (v2.30.4 in the moment of writing this post) for FTP browsing/editing under KDE (if you don’t have Nautilus installed in your KDE) is that since it is a GNOME app – you need a way to somehow manage your connections which is usualy done through Nautilus by using GNOME bookmarks (the ones you would create by going to Places -> Connect to Server) and at the moment there is no way to create this bookmarks from within GEdit.

    Anyway, you can do the same thing by editing .gtk-bookmarks file located in your home folder even if you don’t have Nautilus installed. Here’s a few examples of what you can put inside:

    1
    2
    3
    4
    5
    ftp://[email protected]/ bookmark_name
    ftp://[email protected]/:3322 bookmark_name
    ftp://username%[email protected]/ bookmark_name
    ftp://[email protected]/folder_path_option/ bookmark_name
    sftp://[email protected]/ bookmark_name

    The first one is just a regular FTP login bookmark. The second one uses a different port than the default one. The third one is for usernames containing @ (like in the image below) which you have to replace with %40 to differentiate them from @ for domain association. The fourth one uses the folder_path_option like in picture below and the fifth one is for using sFTP. Of course, you can combine all this together depending on your needs…

    Browsing/editing directly from GEdit is much faster than using Filezilla which prompts for uploading every time after you edit and save the file which is kinda annoying, or for example using Krusader which works well with FTP, but if you use sFTP – then it edits files localy instead of online so you have to save them as a new file and upload them again… You get the drift.

  • Thomson SpeedTouch 780WL – port forwarding to broadcast address

    For your home network to be able to wake-on-lan a computer from the Internet so that you could later remotely access it, you need to forward a port to your broadcast address. This way you can broadcast a magic packet to all the computers in your network and then wake only one of them using its MAC address.

    If you are reading this, you probably already tried forwarding a port to 255.255.255.255 but to no avail. That is because ST780 just drops anything forwarded to the broadcast address.

    So, what you should do is choose one unused IP address in your subnet and make it appear like it’s a broadcast address, and later do the port forwarding to that IP. How to do that? Telnet into your router, and assign a hardware (MAC) address of FF:FF:FF:FF:FF:FF (when translated to IP, that MAC address makes 255.255.255.255) to the chosen IP address. This is the basic idea behind this tutorial and a way to trick the router into doing the port forwardng to a (fake) broadcast address. So, do the following:

    1
    telnet <router_ip_address>

    enter your superadmin username and password and execute the following two commands:

    1
    2
    :ip arpadd intf=LocalNetwork ip=192.168.1.xxx hwaddr=FF:FF:FF:FF:FF:FF
    :saveall

    where xxx is the last octet of your chosen IP address (make sure that the chosen IP is not already in use, and that it’s not 192.168.1.255).

    Now go to your routers webinterface and create an application with UDP port 9 (to make it a little bit more secure, I recommend you choose a port above 1024, and then translate it into 9). Assign the created application to a newly created IP address (192.168.1.xxx) and voila, you got it.

    Now you can try and use wol (for Linux) or this one (for Windows) to remotely turn on your computer. For this you will need your routers public address (I recommend using DynDns for that), and the MAC address of the computer you want to wake up.

    cheers =)

  • Using irssi as proxy for pidgin

    If you would like to use irssi on a remote server so that it works as proxy for pidgin, you should already have ‘server’ and ‘network’ parameters set up in your ~/.irssi/config . If you don’t know what I’m talking about, take a look here and also examine the config file. You should figure it out pretty fast how to configure irssi to do basic stuff it is supposed to do.

    What you will also need is GNU screen installed on the remote server. So, what is screen? “Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells.” Basically what you can do with it is that you can run certain processes and put them into the background (detach from them), and than later see them again (attach to them) when you want to. If you don’t know how to use screen, take a look here, or use google to find a tutorial on using screen. There is plenty of them out there. You will need screen to put the running irssi into the background on your server so that you may disconnect from the remote server after you set irrsi up.

    So, after you have got your irssi configured and running under screen, you will have to load the proxy plugin for irssi, set a password for your future pidgin-to-irssi connection and bind one free port to irssi for sharing server connection. Here is how to do it:

    1
    2
    3
    /LOAD proxy
    /SET irssiproxy_password <password>
    /SET irssiproxy_ports <network>=<port>

    where the parameter is a network name you configured earlier, and

    is the port number you want to bind irssi to.

    The final step is to configure your pidgin client to connect to your remote server. In pidgin, go to accounts -> manage accounts and then add a new IRC account. Fill the following parameters:

    1
    2
    3
    4
    Username: <network name from your config file>
    Server: <IP address or hostname of your server>
    Password: <password you set for irssiproxy>
    Port: <port number you used for binding>

    Keep in mind that you should have your irssi running all the time on your remote server under screen for this connection to work… and, that’s all folks!

    cheers

Back to top