[OpenWrt-Devel] Change OpenWrt Wifi default settings

John kerry kerry9842 at gmail.com
Tue Aug 4 01:27:08 EDT 2015


Hi,

Its working, i am able to access internet but there is one problem,

When i scan the wireless devices, its gives the list of devices are there
nearby, then i connect anyone device, it will connect but my board wifi0
SSID name will change to that router which i connected. I mean LAN side
SSID should not change after connecting to WAN SSID.



On Tue, Aug 4, 2015 at 12:42 PM, John kerry <kerry9842 at gmail.com> wrote:

> Hi
> This is my firewall file:
>
> config defaults
>         option syn_flood '1'
>         option input 'ACCEPT'
>         option output 'ACCEPT'
>         option forward 'REJECT'
>
> config zone
>         option name 'lan'
>         option network 'lan'
>         option input 'ACCEPT'
>         option output 'ACCEPT'
>         option forward 'REJECT'
>
> config zone
>         option name 'wan'
>         option network 'wan'
>         option input 'REJECT'
>         option output 'ACCEPT'
>         option forward 'REJECT'
>         option masq '1'
>         option mtu_fix '1'
>
> config forwarding
>         option src 'lan'
>         option dest 'wan'
>
> config rule
>         option name 'Allow-DHCP-Renew'
>         option src 'wan'
>         option proto 'udp'
>         option dest_port '68'
>         option target 'ACCEPT'
>         option family 'ipv4'
>
> config rule
>         option name 'Allow-Ping'
>         option src 'wan'
>         option proto 'icmp'
>         option icmp_type 'echo-request'
>         option family 'ipv4'
>         option target 'ACCEPT'
>
> config rule
>         option name 'Allow-DHCPv6'
>         option src 'wan'
>         option proto 'udp'
>         option src_ip 'fe80::/10'
>         option src_port '547'
>         option dest_ip 'fe80::/10'
>         option dest_port '546'
>         option family 'ipv6'
>         option target 'ACCEPT'
>
> config rule
>         option name 'Allow-ICMPv6-Input'
>         option src 'wan'
>         option proto 'icmp'
>         list icmp_type 'echo-request'
>         list icmp_type 'echo-reply'
>         list icmp_type 'destination-unreachable'
>         list icmp_type 'packet-too-big'
>         list icmp_type 'time-exceeded'
>         list icmp_type 'bad-header'
>         list icmp_type 'unknown-header-type'
>         list icmp_type 'router-solicitation'
>         list icmp_type 'neighbour-solicitation'
>         list icmp_type 'router-advertisement'
>         list icmp_type 'neighbour-advertisement'
>         option limit '1000/sec'
>         option family 'ipv6'
>         option target 'ACCEPT'
>
> config rule
>         option name 'Allow-ICMPv6-Forward'
>         option src 'wan'
>         option dest '*'
>         option proto 'icmp'
>         list icmp_type 'echo-request'
>         list icmp_type 'echo-reply'
>         list icmp_type 'destination-unreachable'
>         list icmp_type 'packet-too-big'
>         list icmp_type 'time-exceeded'
>         list icmp_type 'bad-header'
>         list icmp_type 'unknown-header-type'
>         option limit '1000/sec'
>         option family 'ipv6'
>         option target 'ACCEPT'
>
> config include
>         option path '/etc/firewall.user'
>
> config include 'miniupnpd'
>         option type 'script'
>         option path '/usr/share/miniupnpd/firewall.include'
>         option family 'IPv4'
>         option reload '1'
>
> On Tue, Aug 4, 2015 at 12:38 PM, Weedy <weedy2887 at gmail.com> wrote:
>
>> Is there something wrong with the default rules for your use case?
>>
>> Your WiFi interfaces are tagged LAN, things should just work.
>> On 4 Aug 2015 00:07, "John kerry" <kerry9842 at gmail.com> wrote:
>>
>>> Hi,
>>>
>>> below is the /etc/config/network and /etc/config/wireless changes.
>>>
>>> */etc/config/network:*
>>> config interface 'loopback'
>>>         option ifname 'lo'
>>>         option proto 'static'
>>>         option ipaddr '127.0.0.1'
>>>         option netmask '255.0.0.0'
>>>
>>> config interface 'lan'
>>>         option ifname 'eth0.1 eth1'
>>>         option type 'bridge'
>>>         option proto 'static'
>>>         option ipaddr '192.168.1.5'
>>>         option netmask '255.255.255.0'
>>>
>>> config interface 'wan'
>>>         option ifname 'eth0.2'
>>>         option proto 'dhcp'
>>>
>>> config switch
>>>         option name 'eth0'
>>>         option reset '1'
>>>         option enable_vlan '1'
>>>
>>> config switch_vlan
>>>         option device 'eth0'
>>>         option vlan '1'
>>>         option ports '0t 2 3 4 5'
>>>
>>> config switch_vlan
>>>         option device 'eth0'
>>>         option vlan '2'
>>>         option ports '0t 1'
>>>
>>> config switch
>>>         option name 'eth1'
>>>         option reset '1'
>>>         option enable_vlan '1'
>>>
>>> config switch_vlan
>>>         option device 'eth1'
>>>         option vlan '1'
>>>         option ports '0 1 2 3 4 5'
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> */etc/config/wireless:config wifi-device 'wifi0'        option type
>>> 'qcawifi'        option channel 'auto'        option macaddr
>>> '00:03:7f:42:06:61'        option hwmode '11ng'        option txpower
>>> '19'        option htmode 'HT20'config wifi-iface        option device
>>> 'wifi0'        option network 'lan'        option mode 'ap'        option
>>> encryption 'psk2'        option ssid 'Test_ap_1'        option key *
>>> *'Test_ap_1'*
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> *config wifi-device 'wifi1'        option type 'qcawifi'        option
>>> channel 'auto'        option macaddr '00:03:7f:42:06:62'        option
>>> hwmode '11na'        option txpower '23'        option htmode 'HT20'config
>>> wifi-iface        option device 'wifi1'        option network 'lan'
>>> option mode 'ap'        option ssid 'Test_ap_2'        option encryption
>>> 'psk2'        option key 'test_ap_2''*
>>>
>>>
>>> *Thanks,*
>>>
>>> On Tue, Aug 4, 2015 at 11:56 AM, David Lang <david at lang.hm> wrote:
>>>
>>>> can you connect via a wired port?
>>>>
>>>> given that you've been changing /etc/config/network and
>>>> /etc/config/wireless, could you show us what you ended up with there?
>>>>
>>>> David Lang
>>>>
>>>>
>>>> On Tue, 4 Aug 2015, John kerry wrote:
>>>>
>>>> Hi,
>>>>>
>>>>> I am using ar71xx OpenWrt. I have connected internet connection to WAN
>>>>> port
>>>>> and my PC to LAN. I have enabled the WiFi0. The LAN port static IP i am
>>>>> able to open GUI and even my mobile i connected to Wifi AP and able to
>>>>> open
>>>>> GUI in mobile. But I am not able to access internet on mobile which is
>>>>> connected to wifi0 AP.
>>>>>
>>>>> I have added below script under /etc/firewall.user file.
>>>>> iptables ...flush
>>>>> iptables --table nat --flush
>>>>> iptables --delete-chain
>>>>> iptables --table nat --delete-chain
>>>>> iptables -A FORWARD -j ACCEPT -i br-lan -o eth0.2 -m state --state NEW
>>>>> iptables -A FORWARD -m state --state ESTABLISHED,RELATED  -j ACCEPT
>>>>> iptables -A POSTROUTING -t nat -o eth0.2 -j MASQUERADE
>>>>> echo 1 >  /proc/sys/net/ipv4/ip_forward
>>>>>
>>>>> #where br-lan = LAN
>>>>>       eth0.2 = WAN
>>>>>
>>>>> Could anyone help me to write the proper NAT rules so that able to
>>>>> access
>>>>> the internet.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> On Mon, Aug 3, 2015 at 11:29 AM, John kerry <kerry9842 at gmail.com>
>>>>> wrote:
>>>>>
>>>>> Hello Guys,
>>>>>>
>>>>>> It's working. Thanks a lot to all of you :)
>>>>>>
>>>>>> On Mon, Aug 3, 2015 at 10:43 AM, David Lang <david at lang.hm> wrote:
>>>>>>
>>>>>> The way to do this is to first forget about the factory reset problem
>>>>>>> and
>>>>>>> configure the AP to do what you want (including any encryption)
>>>>>>>
>>>>>>> then you can take the resulting file and put it into the build
>>>>>>> system so
>>>>>>> that it becomes the 'factory default' settings.
>>>>>>>
>>>>>>> Since you are not understanding how to configure the files from the
>>>>>>> documentation, configure them from the GUI and then look at the
>>>>>>> resulting
>>>>>>> files.
>>>>>>>
>>>>>>> David Lang
>>>>>>>
>>>>>>>
>>>>>>> On Mon, 3 Aug 2015, John kerry wrote:
>>>>>>>
>>>>>>> Hi All,
>>>>>>>
>>>>>>>>
>>>>>>>> I created separate files directory and added network and wireless
>>>>>>>> files
>>>>>>>> and
>>>>>>>> its working everything but still i am not able to use encryption
>>>>>>>> wpa2.
>>>>>>>> Below is the my script.
>>>>>>>> config wifi-device  wifi0
>>>>>>>>        option type     qcawifi
>>>>>>>>        option channel  auto
>>>>>>>>        option macaddr  00:03:7f:42:06:61
>>>>>>>>        option hwmode   11ng
>>>>>>>>        # REMOVE THIS LINE TO ENABLE WIFI:
>>>>>>>>        option disabled 0
>>>>>>>>
>>>>>>>> config wifi-iface
>>>>>>>>        option device   wifi0
>>>>>>>>        option network  lan
>>>>>>>>        option mode     ap
>>>>>>>>        option ssid     CD-1
>>>>>>>>        option encryption psk2
>>>>>>>>        option key      CD-1
>>>>>>>>
>>>>>>>> M I doing anything wrong?
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>> On Mon, Aug 3, 2015 at 6:40 AM, David Lang <david at lang.hm> wrote:
>>>>>>>>
>>>>>>>> to make the config be there after a factory reset, you need to put
>>>>>>>> the
>>>>>>>>
>>>>>>>>> changes into the image that you build.
>>>>>>>>>
>>>>>>>>> you already did this for /etc/config/network, do the same thing for
>>>>>>>>> /etc/config/wireless
>>>>>>>>>
>>>>>>>>> David Lang
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sun, 2 Aug 2015, John kerry wrote:
>>>>>>>>>
>>>>>>>>> Hi Leiten,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> I have one issue, after upgrading this firmware it will load
>>>>>>>>>> wireless
>>>>>>>>>> configuration with this changes, actually it should load when i do
>>>>>>>>>> factory
>>>>>>>>>> reset.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>>
>>>>>>>>>> On Sun, Aug 2, 2015 at 3:45 PM, John kerry <kerry9842 at gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi Leiten,
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> Thank you so much, Its working :)
>>>>>>>>>>>
>>>>>>>>>>> On Sun, Aug 2, 2015 at 3:12 PM, N.Leiten <nickleiten at gmail.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> Don't answer to my e-mail only, you need to add openwrt-devel
>>>>>>>>>>>> maillist
>>>>>>>>>>>> to
>>>>>>>>>>>> CC or just answer to CC, in each case I'll receive message but
>>>>>>>>>>>> also
>>>>>>>>>>>> everyone could see all discussion.
>>>>>>>>>>>>
>>>>>>>>>>>> In email dated Воскресенье - 02 августа 2015 12:54:32 user John
>>>>>>>>>>>> kerry
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Hi Leiten,
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> I have added new files under and written below :
>>>>>>>>>>>>> vi target/linux/ar71xx/base-files/etc/uci-defaults/wireless
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Use index in prefix of filename to set order of execution, so
>>>>>>>>>>>> it'll
>>>>>>>>>>>> be
>>>>>>>>>>>> like '99-wireless'.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> #!/bin/sh
>>>>>>>>>>>>
>>>>>>>>>>>>> #
>>>>>>>>>>>>> # Copyright (c) 2013 The Linux Foundation. All rights reserved.
>>>>>>>>>>>>> # Copyright (C) 2011 OpenWrt.org
>>>>>>>>>>>>> #
>>>>>>>>>>>>>
>>>>>>>>>>>>> [ -e /etc/config/wireless ] && exit 0
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Here is the problem. When uci-defaults invoke scripts there's
>>>>>>>>>>>> already
>>>>>>>>>>>> preconfiguration done and /etc/config/wireless already exists,
>>>>>>>>>>>> so
>>>>>>>>>>>> your
>>>>>>>>>>>> script just exit at this point. Remove this line.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> touch /etc/config/wireless
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> uci set wireless. at wifi-device[0].disabled=0;
>>>>>>>>>>>>> uci set system. at system[0].hostname=test_ap
>>>>>>>>>>>>> uci set wireless. at wifi-iface[0].mode=ap
>>>>>>>>>>>>> uci set wireless. at wifi-iface[0].ssid=CD-2.4D
>>>>>>>>>>>>> uci set wireless. at wifi-iface[0].encryption=none
>>>>>>>>>>>>> uci set wireless. at wifi-iface[0].wds=1
>>>>>>>>>>>>> uci set wireless.radio0.disabled=0
>>>>>>>>>>>>>
>>>>>>>>>>>>> uci commit wireless
>>>>>>>>>>>>>
>>>>>>>>>>>>> exit 0
>>>>>>>>>>>>>
>>>>>>>>>>>>> and compile the source code using make V=s but still not
>>>>>>>>>>>>> changed
>>>>>>>>>>>>> default
>>>>>>>>>>>>> settings.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Please help me to make it works.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Sat, Aug 1, 2015 at 4:38 PM, N.Leiten <nickleiten at gmail.com
>>>>>>>>>>>>> >
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> You can also use uci-defaults mechanism for your purpose. Just
>>>>>>>>>>>>> put
>>>>>>>>>>>>>
>>>>>>>>>>>>> script in base-files/etc/uci-defaults and set your preferrable
>>>>>>>>>>>>>> parameters with uci and don't forget to 'exit 0' at the end of
>>>>>>>>>>>>>> script,
>>>>>>>>>>>>>> in elsecase it'll be run every time at boot ruining changes.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2015-07-31 12:08 GMT+03:00 John kerry <kerry9842 at gmail.com>:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I am working on Ar71xx openWRT Luci project. By default the
>>>>>>>>>>>>>>> Wi-Fi
>>>>>>>>>>>>>>> is
>>>>>>>>>>>>>>> disabled and SSID is OpenWrt. I need to change the default
>>>>>>>>>>>>>>> settings.
>>>>>>>>>>>>>>> Could anyone help me to change the default settings.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Best Regards,
>>>>>>>>>>>>>>> John
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>> openwrt-devel mailing list
>>>>>>>>>>>>>>> openwrt-devel at lists.openwrt.org
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> openwrt-devel mailing list
>>>>>>>>>>>>>> openwrt-devel at lists.openwrt.org
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> openwrt-devel mailing list
>>>>>>>>>>>>>
>>>>>>>>>>>> openwrt-devel at lists.openwrt.org
>>>>>>>>>>>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>
>>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20150804/e8c40a33/attachment.htm>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list