28 January 2013

328. Liberate your router: dd-wrt on Netgear WGT624 v4

UPDATE 1 Feb 2013: I haven't had any explicit problems with my router since flashing it. Everything is apparently working well and my network connection is reliable and fine (if only subjectively a bit slower than before --  running a speed test shows that it's as fast as ever so not sure what's happening). HOWEVER, I've suddenly started having issues with ECCE and submitting jobs via a frontendMachine -- I kept getting "cannot 'cd' to run directory" errors, but the ECCE log contains no errors messages at all. This wouldn't happen for very small NWChem input files, and it would happen ca 80% of the time. Normally I wouldn't suspect this was a router issue, but changing back to my (unflashed) AR430W resolved the issues immediately. Somehow I suspect this is a router version of this http://verahill.blogspot.com.au/2012/09/briefly-packet-corrupt-during-ssh.html, but then I should see error messages in the ECCE log...

Other than that I'm really happy with dd-wrt (no sarcasm intended -- I've had no other issues and I love the power dd-wrt gives me over my hardware).

Finally, there's the old adage about correlation vs causuality. We'll see if the errors start popping up again while using my AR430W.

Original post:

I've been using Tomato with my WRT54G for a couple of years now, and I'm incredibly happy with it. Since I have a couple of old routers (airlink 1010 ar430w and netgear wgt624 v4) with stock firmware lying around I figured it was time to turn them into something useful. So here's how to flash the netgear router. If it stands up to sustained use I'll be writing an AR430W guide later.


dd-wrt


Lengthy preamble
The stock firmware basically does nothing for me -- it's clunky, slow, and there's no terminal access. In particular, I want busybox/ssh, Tomato does all that for me, but it doesn't support a particularly wide range of routers (I reckon that Tomato is the reason why Linksys WRT54GL still costs $90 in Australia, in spite of being old as sin -- those who doubt the value of opening up their hardware may want to consider the RoI on that one)

In addition to Tomato, there's also DD-WRT (supported devices) and OpenWRT (supported devices). DD-WRT support a huge number of routers, but it appears to be a whole lot more complicated to install than Tomato. Maybe this varies according to the router as well.

For instructions you're referred via the database to the dd-wrt forum thread about your router. The problem with this is that you'll be facing 30-odd pages with instructions, problems, dead-ends etc. Some threads end with a step-by-step summary on how to install dd-wrt, but not all do.

Anyway, here's my best attempt at writing a simple and complete step-by-step guide to replacing the stock firmware on Netgear WGT24 v4 with DD-WRT on Debian Testing/Wheezy. I'm basically just following this blog post: http://lauriaus.no-ip.org/blog/?p=90 , but hopefully I've added enough detail to make it possible for just about anyone to follow this guide.

Please consult http://www.dd-wrt.com/site/support/router-database to see what files you need. NOTE: the files below only apply to v4 of Netgear WGT624. Installing them on any other router may brick it.



On your linux computer:

Get the files:
sudo apt-get install atftpd tftp putty
cd /tmp
mkdir ftpdboot
cd ftpdboot/
wget http://www.dd-wrt.com/dd-wrtv2/downloads/others/redboot_collection/images_default/redboot_ap61_16M_4M_admtek.rom
wget http://www.dd-wrt.com/routerdb/de/download/Netgear/WGT624/v4/linux.bin/3614 -O linux.bin
wget http://www.dd-wrt.com/routerdb/de/download/Netgear/WGT624/v4/wgt624v4-firmware.bin/3613 -O wgt624v4-firmware.bin

Edit /etc/default/atftpd:
USE_INETD=false #true OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /tmp/ftpdboot"

Edit /etc/inetd.conf
32 tftp dgram udp4 wait nobody /usr/sbin/tcpd /usr/sbin/in.tftpd --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /tmp/ftpdboot
and do
sudo /etc/init.d/openbsd-inetd reload

for good luck. If you don't have openbsd-inetd you may have xinetd or inetutils-inetd installed instead (I think openbsd-inetd is default on debian). Edit the command as necessary.

Edit your /etc/network/interfaces file:
auto eth0 iface eth0 inet static address 192.168.1.155 gateway 192.168.1.1 netmask 255.255.255.0

and run
sudo service networking restart

Make sure that your card came up ok (do e.g. ip addr)
2: eth0: broadcast mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:26:9e:27:9b:20 brd ff:ff:ff:ff:ff:ff inet 192.168.1.155/24 brd 192.168.1.255 scope global eth0
Continue.

Prepare two terminals, side by side (or start a screen session with two tabs open). In one, type
echo "^C"> end.txt
putty telnet 192.168.1.1:9000 -m end.txt

But don't hit enter after the second command.

In the other terminal, type
ping 192.168.1.1

but don't hit enter.

Connect the ethernet port on your computer to one of the ethernet LAN ports (not WAN/Internet) on your router.

You are next going to unplug the power from the router, and hit enter after the ping command. Immediately when you get ping replies:
64 bytes from 192.168.1.1: icmp_req=4 ttl=64 time=0.371 ms
you hit enter after the putty command in the other window. If nothing good happens, then redo (i.e. unplug the router, hit enter after the ping command etc. Don't start the ping until you're re-plugged the router).

Ready? GO!
ping 192.168.1.1
64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=0.371 ms
putty telnet 192.168.1.1:9000 -m end.txt

And you should get

Before you continue make sure that you've opened up your firewall e.g. if you're not connected to the internet you can go crazy like this:
sudo iptables -P INPUT ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD ACCEPT

And don't forget to restore your firewall once you're done.
Time to get dangerous.

RedBoot> fis init
About to initialize [format] FLASH image system - continue (y/n)? Y *** Initialize FLASH Image System ... Erase from 0xbffe0000-0xbfff0000: . ... Program from 0x80ff0000-0x81000000 at 0xbffe0000: . RedBoot> ip_address -h 192.168.1.155 IP: 192.168.1.1/255.255.255.0, Gateway: 192.168.1.254 Default server: 192.168.1.155
RedBoot> load -r -b %{FREEMEMLO} redboot_ap61_16M_4M_admtek.rom
Using default protocol (TFTP) TFTP timed out 1/15 Can't load 'redboot_ap61_16M_4M_admtek.rom': operation timed out
Try again:
RedBoot> load -r -b %{FREEMEMLO} redboot_ap61_16M_4M_admtek.rom
Using default protocol (TFTP) Raw file loaded 0x80040c00-0x8005007f, assumed entry at 0x80040c00
RedBoot> fis create -l 0x30000 -e 0xbfc00000 RedBoot fis create -l 0x30000 -e 0xbfc00000 RedBoot An image named 'RedBoot' exists - continue (y/n)? y ... Erase from 0xbfc00000-0xbfc30000: ... ... Program from 0x80040c00-0x80050080 at 0xbfc00000: . ... Erase from 0xbffe0000-0xbfff0000: . ... Program from 0x80ff0000-0x81000000 at 0xbffe0000: .
RedBoot> reset

You'll see a couple of flashing lights on the router as the only indication that something just happened. Kill your current putty connection and start a new one.
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.01.28 20:29:38 =~=~=~=~=~=~=~ ^C
RedBoot> fis init
About to initialize [format] FLASH image system - continue (y/n)? y *** Initialize FLASH Image System ... Erase from 0xbffe0000-0xbfff0000: . ... Program from 0x80ff0000-0x81000000 at 0xbffe0000: .
RedBoot> ip_address -h 192.168.1.155
IP: 192.168.1.1, Default server: 192.168.1.155
RedBoot> load -r -b 0x80041000 linux.bin
Using default protocol (TFTP) Raw file loaded 0x80041000-0x803ecfff, assumed entry at 0x80041000
RedBoot> fis create linux

Be patient -- this step takes a long time: 19 minutes in my case (some routers take an hour). Write down the time when it starts and WAIT at least 20 minutes.
... Erase from 0xbfc10000-0xbffbc000: ........................................................... ... Program from 0x80041000-0x803ed000 at 0xbfc10000: ........................................................... ... Erase from 0xbffe0000-0xbfff0000: . ... Program from 0x80ff0000-0x81000000 at 0xbffe0000: .
RedBoot> fconfig
Run script at boot: true Boot script: .. fis load -l kernel .. go Enter script, terminate with empty line
>> fis load -l linux >> exec >> Boot script timeout (1000ms resolution): 12 Use BOOTP for network configuration: false bootp_my_gateway_ip: 192.168.1.254 Local IP address: 192.168.1.1 bootp_my_ip_mask: 255.255.255.0 Default server IP address: 192.168.1.55 Console baud rate: 9600 GDB connection port: 9000 Force console for special debug messages: false net_debug: false Update RedBoot non-volatile configuration - continue (y/n)? y ... Erase from 0xbffe0000-0xbfff0000: . ... Program from 0x80ff0000-0x81000000 at 0xbffe0000: . RedBoot> reset

Done!

You can now navigate to 192.168.1.1 in your router, but unplug, replug the router for good luck.
Success!


I created a user called admin and set a password i.e. there's no pw or username you need to know a priori.
click on services


check sshd

Don't trust important infrastructure with passwords. Use keys.




And finally
ssh root@192.168.1.1

and hopefully you're in.

First impressions:
The busybox ('linux') version is a bit too sparse for my liking -- no netstat command...but it's still obviously a major step up from the stock firmware. dd-wrt is different from tomato -- if you're used to one you're not necessarily going to feel comfortable with the other. Luckily, dd-wrt is widely used and there are plenty of resource online. In addition, there's a demo ( http://www.dd-wrt.com/demo/ ) so you can try it out before installing it.

How to set up 'static' dhcp (i.e. make sure that some computers always have the same IP address while still running a dhcp server) wasn't completely obvious either, but this post helped: http://www.dd-wrt.com/wiki/index.php/Static_DHCP


14 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. This comment has been removed by the author.

    ReplyDelete
    Replies
    1. For the first two errors, you need to make sure that openbsd-inetd is installed.

      For the last error, install ifupdown

      Delete
    2. Ok cool, I got to the part where you type this

      Connect the ethernet port on your computer to one of the ethernet LAN ports (not WAN/Internet) on your router.

      You are next going to unplug the power from the router, and hit enter after the ping command. Immediately when you get ping replies:

      64 bytes from 192.168.1.1: icmp_req=4 ttl=64 time=0.371 ms

      you hit enter after the putty command in the other window. If nothing good happens, then redo (i.e. unplug the router, hit enter after the ping command etc. Don't start the ping until you're re-plugged the router).

      I did this but dont understand how it will search for the ip when you say" Unplug router first then hit enter on Ip.. It just tells me, "Network no found" or something like that

      Delete
    3. Your computer ethernet card should be connected to the router via one of the standard router ports (i.e. not the WAN one, but the LAN ones).

      The idea is that you upload the firmware to the router from the computer using trivial ftp (tftp).

      What did the ip addr command give you?

      Delete
    4. This comment has been removed by the author.

      Delete
    5. Connect your computer's ethernet card to a LAN(switch) port on the router.
      Turn off your router (i.e. unplug it from the power source). Make sure that you're ready. Then plug in the power again to your router and GO.

      Delete
    6. Unless you actually managed to upload anything it's impossible that this in any way can have bricked your router.

      Delete
    7. As for other blogs, this is the one I based my post on:
      https://web.archive.org/web/20130422052952/http://lauriaus.no-ip.org

      There'll be no video as I don't have the time to re-flash my router. In addition, my acting chops are awful.

      Delete
  4. Ok I got to the part where I have 2 terminals open with open 192.168.1.1 ready and putty telnet 192.168.1.1:9000 -m end.txt on the other.. then when I plug in the router I press enter for open 192.168.1.1 and then putty telent 192.168.1.1 -m end.txt and putty comes up with windows saying " Unable to open connection to telnet: Name of service not known" Ive tried over and over same result

    ReplyDelete
    Replies
    1. ok I got a redboot connection but after I type RedBoot> load -r -b %{FREEMEMLO} redboot_ap61_16M_4M_admtek.rom
      Using default protocol (TFTP) It give me network connection error and so sorry for all of the responses..

      Delete
    2. Ok. I got the DD WRT onto router, But I used this link http://www.dd-wrt.com/phpBB2/viewtopic.php?p=455673#455673 The reason why it wasnt working was because when i tried to load the firmware it was in the right place.. I'm new to linux so I had hard time finding the files. But I followed your Reboot commands. :) Thanks for everything,, You can delete all of my posts if you want. But I would suggest making a how to for window users following that links instructions.

      Delete
    3. Don't delete your comments -- the reason for having this blog is so that other people can find help. And the same goes for me replying to the comments -- if the responses solve your problems, they will probably solve other people's problems too.

      Delete