19 Oct 08 Linux on a Mikrotik 532a , Part 5 Final – OpenWRT and Custom Scripts

Follow on from: http://www.adamsinfo.com/linux-on-a-mikrotik-532a-part-4-customization-debian-scripts-shaping-firewall-nat-picolcd/

Discuss this article here

I’ve used OpenWrt previously to this project to build some firmwards for the Linksys Router WRT54 range. OpenWrt is an incredibly powerful and small Linux distro. Although debian is probably better suited to the reasonably powerful hardware, I wanted to give OpenWrt a go anyway.

Unless you’re running a MIPS 4Kc processor on your host which I’m guessing you’re not, you’ll either need to cross compile your binaries, or just compile them natively on the device itself. Compiling on the device works fine as long as you have the relevant packages, however if I was going to build a 2.6 kernel, I’d rather do it on an x86 quad core intel host, rather than waiting a week for the device to do it. I also wanted to minimize the writes on the CF card.

OpenWrt comes with a nice buildroot environment which you can read about and download from www.openwrt.org using Subversion.

Here http://downloads.openwrt.org/kamikaze/docs/openwrt.html#x1-310002 is a great HOWTO on getting the build root environment set up on your x86 host.

Also, see: http://wiki.mikrotik.com/wiki/RB500_Linux_SDK – this is a very complete HOWTO, which is why I’ve not covered most of the installation process and just detailed customizations.

You’ll need to select the RB5xx target for the kernel. Also, run:

In your build root top directory, and add USB support (as my one is modded for USB which is not RB5xx default.

While you’re there, browse to the networking options and make sure you have everything you want, specifically the schedulers for traffic shaping.

Here is my precompiled image:

(more…)

Tags: /dev/cfa1, /dev/cfa2, /dev/cfa3, bridge, build root, buildroot, debian, dropbear, ifconfig, iptables, kamikaze, mikrotik, miniupnp, miniupnpd, mips 4kc, multiple isps, multiple providers, ntp, ntp client, openwrt, precompiled image, rb532a, rbxxx, split route, subversion, svn kernel, uplink, usb, usb support, x86

26 May 08 Split access SSH problems

So far everything works flawlessly, all applications, protocols and service with the split access setup, but I have a strange bug with SSH, and it only affects SSH clients built on openssl, such as dropbear and openssh. After authentication, it just hangs, and running in verbose mode shows that it seems to fail upon attempting to resize the tcp window. Only fails occasionally, when it receives no acknowledgement from the server.

After much digging, I only had minimal success getting to the bottom of the issue, but the following hack fixed the issue:
(more…)

Tags: cached routes, dropbear, iproute2, iptables, openssh, openssl, routes, split access, ssh, tcp window