Differences

This shows you the differences between two versions of the page.

--- network_stuff:openwrt [2020/03/22 19:14] – jotasandoku
+++ network_stuff:openwrt [2023/11/02 14:38] (current) – external edit 127.0.0.1
@@ Line 11: / Line 11: @@
   opkg install tcpdump
   logread (-f) # for system logs
+  ssh root@router tcpdump -i eth0 -U -s0 -w - 'not port 22' | wireshark -k -i - # To pull live traces from home router <<<
   * Debug wifi!: [[https://medium.com/openwrt-iot/openwrt-debugging-your-wireless-fac83a6fdc44]]
@@ Line 20: / Line 21: @@
   logread -f | grep ': query'
+For remote syslog:
+  ~In client-router
+  ~ /etc/config/system
+  config system
+          option hostname 'OpenWrt'
+          option ttylogin '0'
+          option log_size '256'
+          option log_file '/var/log/messages'
+          option urandom_seed '0'
+          option zonename 'UTC'
+          option timezone 'GMT0'
+          option log_proto 'udp'
+          option conloglevel '8'
+          option cronloglevel '8'
+          option log_ip 192.168.0.112
+          option log_port 514
+          option log_proto udp
+  /etc/init.d/system restart
+  ~ In server rpi:
+  ~ /etc/rsyslog.conf
+  module(load="imudp")
+  input(type="imudp" port="514")
+  module(load="imtcp")
+  input(type="imtcp" port="514")
+  $AllowedSender UDP, 127.0.0.1, 192.168.0.0/24
+  if $fromhost-ip == '192.168.0.1' then /var/log/openwrt_r7800.log
+  & ~
 ----
@@ Line 30: / Line 58: @@
   * file for configuration and pointers to the ca and crt. From ver 19 we can use ovpn file
   * Don'f forget to: add the tun interface ; create the zone for the interface and configure the zone policies. See this link: [[https://www.vpnunlimitedapp.com/en/info/manuals/openwrt-on-asus]]
+  * file for configuration and pointers to the ca and crt : /etc/config/openvpn
+  * [[https://wiki.turris.cz/doc/en/howto/openvpn]]
 ----
 unified configuration interface. configuration is split into several files located in the **/etc/config/** directory. \\
-You can edit the configuration files with a text editor or modify them with the command line utility program uci. [[https://openwrt.org/docs/guide-user/network/ucicheatsheet]]
+You can edit the configuration files with a text editor or modify them with the command line utility program uci. [[https://openwrt.org/docs/guide-user/network/ucicheatsheet]]\\
-----
   opkg list-installed | grep vpn # to see installed packets
@@ Line 53: / Line 79: @@
-----
-**OPENVPN**\\
-  * file for configuration and pointers to the ca and crt : /etc/config/openvpn
-  * [[https://wiki.turris.cz/doc/en/howto/openvpn]]
 ----
@@ Line 120: / Line 141: @@
   pip install speedtest-cli
   speedtest-cli
+----
+IPV6 IN THE WAN (VIA IPV6 BROKER)
+Register in https://tunnelbroker.net/
+Create tunnel (with your current ipv4)
+Enable automatic ipv4 update (for dynamic ipv4 endpoints)
+click Assign /48
+In openwrt cli:
+  opkg update
+  opkg install 6in4
+  opkg install kmod-ipv6 ip6tables radvd ip 6to4
+  opkg install luci-proto-ipv6
+  uci set network.henet=interface
+  uci set network.henet.proto=6in4
+  uci set network.henet.peeraddr=my-ipv4-public-ip
+  uci set network.henet.ip6addr='2001:470:1f1c:576::2/64'
+  uci set network.henet.ip6prefix='2001:470:1aa1::/48'
+  uci set network.henet.tunnelid=tunnel-id
+  uci set network.henet.username=jotsan
+  uci set network.henet.password='password'
+  uci commit network
+  uci set firewall.@zone[1].network='wan henet'
+  uci commit firewall
+  /etc/init.d/network restart
+  /etc/init.d/firewall reload
+LAN6 configuration. We use dhcpv6 Stateless ( check this [[https://panda314159.duckdns.org/doku.php?id=network_stuff:transit&s[]=ipv6&s[]=notes&s[]=best&s[]=practises|Link]] ):\\
+odhcpd - RA & DHCPv6 Server \\
+  * Interfaces » LAN
+    * Router Advertisement-Service > Stateless
+\\
+This, in a linux box, this is the dhcpv6-sl ipv6 assigbed to a linux box:
+  ip -6 a
+: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
+    inet6 2001:470:1aa1:0:d737:6ea5:8f65:79f8/64 scope global noprefixroute
+       valid_lft forever preferred_lft forever
+And we can see is pingable from internet!:
+[[http://www.ipv6now.com.au/pingme.php]]
+\\
+while we capture the icmp
+  tcpdump -nni any "icmp6 && ip6[40] == 128"
+----
+FIREWALL:\\
+  /etc/config/firewall  # edit this file. also for port redirects (note redirects and on 'this device' therefore don't need rule to open the hole
+  fw3 reload
+----
+UPGRADE:\\
+  * [[https://openwrt.org/docs/guide-user/installation/generic.sysupgrade]]
+  * [[https://openwrt.org/toh/hwdata/netgear/netgear_r7800]]
+  * [[https://downloads.openwrt.org/releases/22.03.5/targets/ipq806x/generic/openwrt-22.03.5-ipq806x-generic-netgear_r7800-squashfs-sysupgrade.bin]]
+    * abc52ff1248f6ec415776f6f23e9229cdadc1eccfa459d018d79ae5645ce972c
+  * [[https://downloads.openwrt.org/releases/22.03.5/targets/ipq806x/generic/openwrt-22.03.5-ipq806x-generic-netgear_r7800-squashfs-sysupgrade.bin]]
+----
+LIST CURRENT CONNECTIONS:\\
+  cat /proc/net/nf_conntrack | grep sport=9307 | awk '{print $7}' | sed "s/dst=//g"
+----
+__CONFIGURE DYNAMIC DNS DDNS IN OPENWRT__\\
+Use preferably the web UI for the config:
+  cat /etc/config/ddns
+  config ddns 'global'
+  	option ddns_dateformat '%F %R'
+  	option ddns_loglines '250'
+  	option upd_privateip '0'
+  config service 'myddns_ipv4'
+  	option interface 'wan'
+  	option ip_source 'network'
+  	option ip_network 'wan'
+  	option service_name 'google.com'
+  	option lookup_host 'domains.google.com'
+  	option domain 'panda314159.net'
+  	option username 'from-google-domains-site'
+  	option password 'from-google-domains-site'
+  	option use_https '1'
+  	option enabled '1'

dokucama

User Tools

Site Tools

Differences

Page Tools