Why would I use a PC/Laptop as a router & why not a dedicated hardware router?
PC/Laptop hardware is often more powerful than an SoC (System-on-Chip) in a router, has much memory available, and many people have older PCs lying around that can be put to use as a router/firewall. Moreover we can overcome proprietary hardware dependency with this. To use PC/Laptop as a router we have many options available in the market, one of them is OpenWrt.
What is OpenWrt & why to use it on PC/Laptop?
OpenWrt is an embedded operating system based on the Linux kernel, mostly used to route network traffic, so it can be used as a router.
OpenWrt has 3500 optional software packages available which allows us a lot of customization through the use of packages to suit our needs, but with other options available in the market custom configuration is a hustle.
With OpenWrt router on a pc we can have the flexibility of upgrading the hardware & more software features can be added to the setup on a PC/Laptop as we can have the flexibility of more memory.
So let’s see how can we setup an OpenWrt Wifi Router on a PC/Laptop.
Installation Of OpenWrt
As of writing this post the latest OpenWrt release is “chaos calmer 15.0x”
|
1 |
$ wget https://downloads.openwrt.org/chaos_calmer/15.05/x86/generic/openwrt-15.05-x86-generic-combined-ext4.img.gz |
|
1 |
$ gunzip openwrt-15.05-x86-generic-combined-ext4.img.gz |
Boot into the laptop using a live linux OS like Ubuntu Live DVD and issue following command
|
1 |
$ dd if=openwrt-15.05-x86-generic-combined-ext4.img of=/dev/sda |
Increase Root Partition Size
To increase root partition use same live linux OS like Ubuntu Live DVD that we have used in the above step, boot into your OpenWRT installed Laptop using it and then use “gparted” to increase the root partition size, make sure to have a backup of your existing OpenWRT installation if needed.
Note: To increase the root partition size you need to have free space after that partition.
Power Off and start the system after removing live OS
Configuration of interfaces
I’m using my inbuilt interfaces eth0 & wlan0, my interfaces layout is:-
Interface eth0: by default it is connected to bridge “br-lan” & I’ve configured it to be part of my internal network
Interface wlan0: I’m using it for dhcp server and Wifi Access-Point
There are multiple ways to choose the layout of interfaces, instead of using bridges, we can also work things out using uci.
|
1 |
$ vi /etc/config/network |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth0' option type 'bridge' option proto 'static' option ipaddr '172.16.20.200' option netmask '255.255.255.0' option gateway '172.16.20.1' option dns '8.8.8.8' option ip6assign '60' config interface 'wlan' option ifname 'wlan0' option type 'bridge' option force_link '1' option bridge_empty '1' option proto 'static' option ipaddr '192.168.1.2' option netmask '255.255.255.0' option gateway '172.16.20.1' option dns '8.8.8.8' config interface 'wan6' option ifname 'eth1' option proto 'dhcpv6' config globals 'globals' option ula_prefix 'fd56:0fec:1164::/48' |
|
1 2 |
$ /etc/init.d/network restart $ opkg update |
For Web Interface
|
1 |
$ opkg install apache |
Install any other packages if required, especially drivers if needed.
Configuration Of DHCP Server
|
1 |
$ vi /etc/config/dhcp |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
config dnsmasq option domainneeded '1' option boguspriv '1' option filterwin2k '0' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option nonegcache '0' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' option localservice '1' config dhcp 'lan' option interface 'lan' option ignore '1' # option start '100' # option limit '150' # option leasetime '12h' # option dhcpv6 'server' # option ra 'server' config dhcp 'wlan' option interface 'wlan' # option ignore '1' option 'start' '100' option 'limit' '150' option 'leasetime' '12h' option ra server list 'dhcp_option' '3,192.168.1.2' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' |
Configuration Of WiFi Router/Access-Point
The wireless UCI configuration is found in /etc/config/wireless.
Note: By default the wireless is OFF. You can turn it on in the /etc/config/wireless by changing disabled 1 to disabled 0
In UCI CLI you do this with:
|
1 |
$ uci set wireless.@wifi-device[0].disabled=0; uci commit wireless; wifi |
Regenerate Configuration
To rebuild the configuration file, e.g. after installing a new wireless driver, remove the existing wireless configuration (if any) and use the wifi detect command with stdout redirected to the /etc/config/wireless file.
|
1 2 |
$ rm -f /etc/config/wireless $ wifi detect > /etc/config/wireless |
Wifi detect gives UCI configuration entries for all installed interfaces that do not have UCI entries in /etc/config/wireless. So you can remove /etc/config/wireless and run the above again to reset your wifi configuration.
|
1 2 3 |
$ brctl addbr br-wlan $ brctl show $ brctl addif br-wlan wlan0 |
|
1 |
$ vi /etc/config/wireless |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
config wifi-device 'radio0' option type 'mac80211' option channel '11' option hwmode '11g' option path 'pci0000:00/0000:00:14.0/usb1/1-2/1-2:1.0' option htmode 'HT20' option disabled '0' option txpower '20' option country 'CN' config wifi-iface option device 'radio0' option network 'wlan' option mode 'ap' option ssid 'Access-Point-Name' option encryption 'psk2' option key 'wifi-password' |
|
1 |
$ /etc/init.d/network restart |
|
1 2 3 4 |
$ iptables -I FORWARD -j ACCEPT $ iptables -t nat -I POSTROUTING -o br-lan -j MASQUERADE $ iptables-save $ wifi |
Note: These iptables rules are not permanent, in case of restart they’re lost. We can put them in “/etc/firewall.user” they’ll get executed with each firewall (re-)start.
We can do many more things with this OpenWrt laptop-router like:
- Wireless bridge, Wireless repeater, Wireless security: Packet injection
- IPS (Intrusion Prevention System) with Snort
- Stateful firewall, NAT and port forwarding through netfilter
- IP tunneling, Network Monitoring and statistics through e.g. collectd, nagios, zabbix etc.
Pingback: Using a Commodity PC/Laptop as a WiFi router with OpenWrt | zenpwning
Pingback: Using a Commodity PC/Laptop as a WiFi router with OpenWrt – experience@imaginea – Router