Raspberry Pi : OpenWrt

相對原廠韌體而言，OpenWrt不是一個單一、靜態的韌體，而是提供了一個可添加軟體包的可寫的檔案系統。這使使用者可以自由的選擇應用程式和組態，而不必受裝置提供商的限制，並且可以使用一些適合某方面應用的軟體包來客製化你的裝置。對於開發者來說，OpenWrt是一個框架，開發者不必麻煩地構建整個韌體就能得到想要的應用程式；對於使用者來說，這意味著完全客製化的能力，與以往不同的方式使用裝置，OPKG包含超過3500個軟體。OpenWrt本身未帶任何UI，需要通過LuCI，webif等各種延伸介面，LuCI介面是使用率最高的Web管理介面。 預設使用LuCI作為web互動介面。

Building a router with a Raspberry Pi B+ and OpenWRT

Hardware Highlights

• model
Raspberry Pi B+
• SoC
Broadcom BCM2835, 700 Mhz
• RAM
512 MB
• Flash interface
microSD
• Ethernet
100 Mbits
• USB
4x 2.0

Software

Download the "Firmware OpenWrt": openwrt-19.07.0-brcm2708-bcm2708-rpi-ext4-factory.img.gz.

Then, to flash OpenWrt to an SD card: (on Linux)

• Find the SD card's device name
After your SD card is plugged in the Linux laptop, run 'dmesg":

[19420.394560] mmcblk0: mmc0:aaaa SL16G 14.8 GiB 
[19420.408276]  mmcblk0: p1 p2 < p5 p6 p7 >

• Decompress the downloaded file and flash it to the SD card

$ gunzip openwrt-19.07.0-brcm2708-bcm2708-rpi-ext4-factory.img.gz
$ sudo dd if=openwrt-19.07.0-brcm2708-bcm2708-rpi-ext4-factory.img of=/dev/mmcblk0 bs=2M conv=fsync
[sudo] password for jerry: 
142+0 records in
142+0 records out
297795584 bytes (298 MB, 284 MiB) copied, 32.946 s, 9.0 MB/s

On a Windows desktop, use Win32DiskImager to copy the img file to your SD card's drive.

Configure

After having flashed OpenWrt ,

• Connect via Ethernet
By default, the IP address is configured as static 192.168.1.1.

 br-lan:  mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether b8:27:eb:d1:9d:c3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fd5b:e0a4:d18a::1/60 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::ba27:ebff:fed1:9dc3/64 scope link 
       valid_lft forever preferred_lft forever

You can reach the OpenWrt via Ethernet by using the IP address 192.168.1.1:

$ ssh root@192.168.1.1
BusyBox v1.30.1 () built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 19.07.0, r10860-a3ffeb413b
 -----------------------------------------------------
=== WARNING! =====================================
There is no root password defined on this device!
Use the "passwd" command to set up a new password
in order to prevent unauthorized SSH logins.
--------------------------------------------------

• Configure the Network and Firewall Settings
• /etc/config/network
Change this file to avoid the conflict with your internet router:

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.0.11'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.0.1'
        option dns '192.168.0.1'

config interface 'wan'
        option proto 'dhcp'
        option ifname 'eth0'

• /etc/config/firewall

config zone
        option name             lan
        list   network          'lan'
        option input            ACCEPT
        option output           ACCEPT
        option forward          ACCEPT

Reboot, then log in the changed IP 192.168.0.11.
• Install the WiFi driver
Make sure Pi can connect the Internet via Ethernet. Run

# opkg update 
# opkg install usbutils
# lsusb
Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. SMSC9512/9514 Fast Ethernet Adapter
Bus 001 Device 004: ID 13fe:3d00 Kingston Technology Company Inc. 
Bus 001 Device 005: ID 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]

# opkg install kmod-rtl8192cu

After the driver is installed, there is a file "/etc/config/wireless" generated. You can log in the luci configuration to enable the WiFi radio and configure the encryption method. The final setting for WPA2-PSK will be:

config wifi-device 'radio0'
 option type 'mac80211'
 option channel '11'
 option hwmode '11g'
 option path 'platform/soc/20980000.usb/usb1/1-1/1-1.5/1-1.5:1.0'
 option htmode 'HT20'

config wifi-iface 'default_radio0'
 option device 'radio0'
 option network 'lan'
 option mode 'ap'
 option ssid 'OpenWrt'
 option key '12345678'
 option encryption 'psk2'

Documentation

Router vs Switch vs Gateway and why NAT influences this decision

                       Upstream         Downstream
network infrastructure -------- OpenWrt ---------- home client devices 

Network devices can operate in 3 different modes:

• client Device
Connecting the device to an existing network.

  LAN --- Ethernet port, WiFi --- WLAN

• wireless repeater (wifi ↔ wifi switch)
• wireless access point (wifi ↔ wired switch)
• wire ↔ wire switch
• router device
OpenWrt runs in its default router configuration, where the device routes traffic between LAN port and the WAN port(commonly a ethernet port).

  WAN --- Ethernet port , WiFi --- WLAN

• gateway device
The device also behaves as router and its WAN port that needs one of the following protocols for proper operation: DHCP, PPPoE, ...

Base system

Basic Configuration

There is The UCI(Unified Configuration Interface) System to store and manipulate all its configuration.
UCI is the successor to the NVRAM-based configuration.
Applications are made UCI-compatible by simply writing the original configuration file (which is read by the program) according to the chosen settings in the corresponding UCI file.This is done upon running the initialization scripts in /etc/init.d/.
For ex., in the case of Samba/CIFS, the file /etc/samba/smb.conf is overwritten with UCI settings from the UCI configuration file /etc/config/samba when running /etc/init.d/samba start.
Some system configuration are not handled by UCI.

OpenWrt's central configuration is split into several files located in the /etc/config/ directory.
You can edit the configuration files with a text editor or modify them with the command line utility program uci:

Usage: uci [<options>] <command> [<arguments>]

Commands:
 batch
 export     [<config>]
 import     [<config>]
 changes    [<config>]
 commit     [<config>]
 add        <config> <section-type>
 add_list   <config>.<section>.<option>=<string>
 del_list   <config>.<section>.<option>=<string>
 show       [<config>[.<section>[.<option>]]]
 get        <config>.<section>[.<option>]
 set        <config>.<section>[.<option>]=<value>
 delete     <config>[.<section>[[.<option>][=<id>]]]
 rename     <config>.<section>[.<option>]=<name>
 revert     <config>[.<section>[.<option>]]
 reorder    <config>.<section>=<position>

Options:
 -c <path>  set the search path for config files (default: /etc/config)
 -d <str>   set the delimiter for list values in uci show
 -f <file>  use <file> as input instead of stdin
 -m         when importing, merge data into an existing package
 -n         name unnamed sections on export (default)
 -N         don't name unnamed sections
 -p <path>  add a search path for config change files
 -P <path>  add a search path for config change files and use as default
 -q         quiet mode (don't print error messages)
 -s         force strict mode (stop on parser errors, default)
 -S         disable strict mode
 -X         do not use extended syntax on 'show'

UCI configuration files are also modifiable through various programming APIs (like Shell, Lua and C), which is also how web interfaces like LuCI make changes to the UCI files.
File syntax used in the UCI configuration files:

• #
A # begins comments
• Elements
The elements in UCI model are:
• config
main configuration groups like network, system, firewall. Each configuration group has it's own file in /etc/config
• sections
config is divided into sections. A section can either be named or unnamed.
• types
a section can have a type. E.g in the network config we typically have 4 sections of the type “interface”. The sections are “lan”, “wan”, “loopback” and “wan6”
• options
each section have some options where you set your configuration values
• values
value of option

How init.d scripts work?

# ls /etc/init.d
boot          done          gpio_switch   network       sysctl        system        umount
cron          dropbear      led           odhcpd        sysfixtime    ucitrack      urandom_seed
dnsmasq       firewall      log           rpcd          sysntpd       uhttpd        urngd

# ls -l /etc/rc.d
lrwxrwxrwx    1 root     root            21 Jan  6 16:47 K10gpio_switch -> ../init.d/gpio_switch
lrwxrwxrwx    1 root     root            18 Jan  6 16:47 K50dropbear -> ../init.d/dropbear
lrwxrwxrwx    1 root     root            16 Jan  6 16:47 K85odhcpd -> ../init.d/odhcpd
lrwxrwxrwx    1 root     root            13 Jan  6 16:47 K89log -> ../init.d/log
lrwxrwxrwx    1 root     root            14 Jan  6 16:47 K90boot -> ../init.d/boot
lrwxrwxrwx    1 root     root            17 Jan  6 16:47 K90network -> ../init.d/network
lrwxrwxrwx    1 root     root            20 Jan  6 16:47 K90sysfixtime -> ../init.d/sysfixtime
lrwxrwxrwx    1 root     root            16 Jan  6 16:47 K90umount -> ../init.d/umount
lrwxrwxrwx    1 root     root            20 Jan  6 16:47 S00sysfixtime -> ../init.d/sysfixtime
lrwxrwxrwx    1 root     root            15 Jan  6 16:47 S00urngd -> ../init.d/urngd
lrwxrwxrwx    1 root     root            14 Jan  6 16:47 S10boot -> ../init.d/boot
lrwxrwxrwx    1 root     root            16 Jan  6 16:47 S10system -> ../init.d/system
lrwxrwxrwx    1 root     root            16 Jan  6 16:47 S11sysctl -> ../init.d/sysctl
lrwxrwxrwx    1 root     root            13 Jan  6 16:47 S12log -> ../init.d/log
lrwxrwxrwx    1 root     root            14 Jan  6 16:47 S12rpcd -> ../init.d/rpcd
lrwxrwxrwx    1 root     root            17 Jan  6 16:47 S19dnsmasq -> ../init.d/dnsmasq
lrwxrwxrwx    1 root     root            18 Jan  6 16:47 S19dropbear -> ../init.d/dropbear
lrwxrwxrwx    1 root     root            18 Jan  6 16:47 S19firewall -> ../init.d/firewall
lrwxrwxrwx    1 root     root            17 Jan  6 16:47 S20network -> ../init.d/network
lrwxrwxrwx    1 root     root            16 Jan  6 16:47 S35odhcpd -> ../init.d/odhcpd
lrwxrwxrwx    1 root     root            14 Jan  6 16:47 S50cron -> ../init.d/cron
lrwxrwxrwx    1 root     root            16 Jan  6 16:47 S50uhttpd -> ../init.d/uhttpd
lrwxrwxrwx    1 root     root            18 Jan  6 16:47 S80ucitrack -> ../init.d/ucitrack
lrwxrwxrwx    1 root     root            21 Jan  6 16:47 S94gpio_switch -> ../init.d/gpio_switch
lrwxrwxrwx    1 root     root            14 Jan  6 16:47 S95done -> ../init.d/done
lrwxrwxrwx    1 root     root            13 Jan  6 16:47 S96led -> ../init.d/led
lrwxrwxrwx    1 root     root            17 Jan  6 16:47 S98sysntpd -> ../init.d/sysntpd
lrwxrwxrwx    1 root     root            22 Jan  6 16:47 S99urandom_seed -> ../init.d/urandom_seed

• At boot time init just starts executing scripts it finds in /etc/rc.d according to the ordering by their file names.
As as /etc/init.d/odhcpd an ex.,

#!/bin/sh /etc/rc.common
START=35
STOP=85
USE_PROCD=1

start_service() {
 procd_open_instance
 procd_set_param command /usr/sbin/odhcpd
 procd_set_param respawn
 procd_close_instance
}

reload_service() {
 procd_send_signal odhcpd
}

service_triggers()
{
 procd_add_reload_trigger "dhcp"
}

• This script implemented 3 functions wrapped by /etc/rc.common.
• The START= and STOP= lines determine the order executed.
START=35 means the file will be symlinked as /etc/rc.d/S35odhcpd; STOP=85 means the file will be symlinked as /etc/rc.d/K85odhcpd .
For things that need to be done on boot, but not every time the program it calls has to restart, implement the work in the boot() function of the script.
• Custom commands can be supported by using the EXTRA_COMMANDS variable, and provide help for those commands with the EXTRA_HELP variable

On recent versions of OpenWrt, the build system will attempt to “enable” and/or “disable” init scripts during package install and removal by itself. To check if an init script is enabled or not,

/etc/init.d/example enabled && echo on

Clarifying the term "Interface"

Command-line interpreter

Cron and crontab

DNS and DHCP configuration /etc/config/dhcp

DNS and DHCP configuration examples

DNS configuration

Dnsmasq

Dropbear Configuration

Dynamic DNS Client configuration

Hotplug

LED configuration /etc/config/system

Managing services

Network basics /etc/config/network

Runtime Logging in OpenWrt

System configuration /etc/config/system

System configuration not handled by UCI

The UCI system

User Configuration

Web Server Configuration