dokucama

User Tools

Site Tools

Trace: frr vpn_troubleshooting cryptocurrencies
network_stuff:openwrt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
network_stuff:openwrt [2020/04/18 17:00] jotasandokunetwork_stuff:openwrt [2023/11/02 14:38] (current) – external edit 127.0.0.1
Line 11: Line 11:
   opkg install tcpdump   opkg install tcpdump
   logread (-f) # for system logs   logread (-f) # for system logs
 +  ssh root@router tcpdump -i eth0 -U -s0 -w - 'not port 22' | wireshark -k -i - # To pull live traces from home router <<<
  
   * Debug wifi!: [[https://medium.com/openwrt-iot/openwrt-debugging-your-wireless-fac83a6fdc44]]   * Debug wifi!: [[https://medium.com/openwrt-iot/openwrt-debugging-your-wireless-fac83a6fdc44]]
Line 20: Line 21:
   logread -f | grep ': query'   logread -f | grep ': query'
      
 +For remote syslog: 
 +  ~In client-router 
 +  ~ /etc/config/system 
 +  config system                                                                                         
 +          option hostname 'OpenWrt'                                                                     
 +          option ttylogin '0'                                                                           
 +          option log_size '256'                                                                         
 +          option log_file '/var/log/messages'                                                           
 +          option urandom_seed '0'                                                                       
 +          option zonename 'UTC'                                                                         
 +          option timezone 'GMT0'                                                                        
 +          option log_proto 'udp'                                                                        
 +          option conloglevel '8'                                                                        
 +          option cronloglevel '8'                                                                       
 +          option log_ip 192.168.0.112                                                                   
 +          option log_port 514                                                                           
 +          option log_proto udp     
 +  /etc/init.d/system restart 
 +  ~ In server rpi: 
 +  ~ /etc/rsyslog.conf 
 +  module(load="imudp"
 +  input(type="imudp" port="514"
 +  module(load="imtcp"
 +  input(type="imtcp" port="514"
 +  $AllowedSender UDP, 127.0.0.1, 192.168.0.0/24 
 +   
 +  if $fromhost-ip == '192.168.0.1' then /var/log/openwrt_r7800.log 
 +  & ~
 ---- ----
  
Line 30: Line 58:
   * file for configuration and pointers to the ca and crt. From ver 19 we can use ovpn file   * file for configuration and pointers to the ca and crt. From ver 19 we can use ovpn file
   * Don'f forget to: add the tun interface ; create the zone for the interface and configure the zone policies. See this link: [[https://www.vpnunlimitedapp.com/en/info/manuals/openwrt-on-asus]]   * Don'f forget to: add the tun interface ; create the zone for the interface and configure the zone policies. See this link: [[https://www.vpnunlimitedapp.com/en/info/manuals/openwrt-on-asus]]
 +  * file for configuration and pointers to the ca and crt : /etc/config/openvpn
 +  * [[https://wiki.turris.cz/doc/en/howto/openvpn]]
  
 ---- ----
- 
  
 unified configuration interface. configuration is split into several files located in the **/etc/config/** directory. \\ unified configuration interface. configuration is split into several files located in the **/etc/config/** directory. \\
-You can edit the configuration files with a text editor or modify them with the command line utility program uci. [[https://openwrt.org/docs/guide-user/network/ucicheatsheet]] +You can edit the configuration files with a text editor or modify them with the command line utility program uci. [[https://openwrt.org/docs/guide-user/network/ucicheatsheet]]\\
- +
- +
-----+
  
   opkg list-installed | grep vpn # to see installed packets   opkg list-installed | grep vpn # to see installed packets
Line 53: Line 79:
      
  
----- 
- 
-**OPENVPN**\\ 
-  * file for configuration and pointers to the ca and crt : /etc/config/openvpn 
-  * [[https://wiki.turris.cz/doc/en/howto/openvpn]] 
  
 ---- ----
Line 156: Line 177:
 LAN6 configuration. We use dhcpv6 Stateless ( check this [[https://panda314159.duckdns.org/doku.php?id=network_stuff:transit&s[]=ipv6&s[]=notes&s[]=best&s[]=practises|Link]] ):\\ LAN6 configuration. We use dhcpv6 Stateless ( check this [[https://panda314159.duckdns.org/doku.php?id=network_stuff:transit&s[]=ipv6&s[]=notes&s[]=best&s[]=practises|Link]] ):\\
  
 +odhcpd - RA & DHCPv6 Server \\
 +
 +  * Interfaces » LAN 
 +    * Router Advertisement-Service > Stateless
 +\\
 +
 +This, in a linux box, this is the dhcpv6-sl ipv6 assigbed to a linux box:
 +
 +  ip -6 a
 +
 +  3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
 +    inet6 2001:470:1aa1:0:d737:6ea5:8f65:79f8/64 scope global noprefixroute 
 +       valid_lft forever preferred_lft forever
 +
 +And we can see is pingable from internet!:
 +[[http://www.ipv6now.com.au/pingme.php]]
 +\\
 +while we capture the icmp 
 +  tcpdump -nni any "icmp6 && ip6[40] == 128"
 +
 +
 +----
 +
 +FIREWALL:\\
 +  /etc/config/firewall  # edit this file. also for port redirects (note redirects and on 'this device' therefore don't need rule to open the hole
 +  fw3 reload
 +
 +----
 +
 +UPGRADE:\\
 +  * [[https://openwrt.org/docs/guide-user/installation/generic.sysupgrade]]
 +  * [[https://openwrt.org/toh/hwdata/netgear/netgear_r7800]]
 +
 +  * [[https://downloads.openwrt.org/releases/22.03.5/targets/ipq806x/generic/openwrt-22.03.5-ipq806x-generic-netgear_r7800-squashfs-sysupgrade.bin]]
 +    * abc52ff1248f6ec415776f6f23e9229cdadc1eccfa459d018d79ae5645ce972c
 +  * [[https://downloads.openwrt.org/releases/22.03.5/targets/ipq806x/generic/openwrt-22.03.5-ipq806x-generic-netgear_r7800-squashfs-sysupgrade.bin]]
 +
 +
 +----
 +
 +LIST CURRENT CONNECTIONS:\\
 +  cat /proc/net/nf_conntrack | grep sport=9307 | awk '{print $7}' | sed "s/dst=//g"
 +  
 +
 +----
 +__CONFIGURE DYNAMIC DNS DDNS IN OPENWRT__\\
 +Use preferably the web UI for the config:
 +
 +  cat /etc/config/ddns
 +  
 +  config ddns 'global'
 +  option ddns_dateformat '%F %R'
 +  option ddns_loglines '250'
 +  option upd_privateip '0'
 +  
 +  config service 'myddns_ipv4'
 +  option interface 'wan'
 +  option ip_source 'network'
 +  option ip_network 'wan'
 +  option service_name 'google.com'
 +  option lookup_host 'domains.google.com'
 +  option domain 'panda314159.net'
 +  option username 'from-google-domains-site'
 +  option password 'from-google-domains-site'
 +  option use_https '1'
 +  option enabled '1'
network_stuff/openwrt.1587229257.txt.gz · Last modified: (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki