Philipp Klaus's Computing Blog

Success is about speed and efficiency

OpenWrt on a TP-Link TL-WR1043ND Gigabit Router

About the Hardware

The TP-Link TL-WR1043ND contains a great set of hardware for its price:

CPU Ram Flash Network Gigabit USB Serial JTag
Atheros AR9132@400MHz (MIPS) 32MB 8MB 4+1 Yes 1 x 2.0 Yes Yes

Please refer to http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd#hardware for further details on the hardware.

My hardware version is (DE)v1.0.

Initial Installation of OpenWrt

(I personally used to use older stable versions, the trunk version r29557 2011-12-18, the stable 12.09, and now I'm using 14.07 on the device.)

Load the .bin image file using the Firmware Upgrade on the OEM firmware. After the upgrade the webinterface status page used to look like this (with the really old backfire relase – now it looks very different!):

TP-Link TL-WR1043ND: OpenWrt → System → General

More information (as accessed by some functions in the LuCI web interface) about the hardware:

If you want to get an idea of how to install a custom build of OpenWrt, have a look at this forum post.

Factory Reset of OpenWrt

http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd#failsafe.mode

Power up your router. When the SYS light starts to blink, press and hold the QSS button in the front-right until the blinking gets faster. Now open a telnet session to 192.168.1.1. No user name or password required. From there you can mount rootfs_data user space to fix things or just erase it using

mtd -r erase rootfs_data

Basic Configuration

http://wiki.openwrt.org/doc/howto/basic.config

First Login

http://wiki.openwrt.org/doc/howto/firstlogin

The basic setup of OpenWrt is:

  • IP address on the internal interface: 192.168.1.1/24
  • dnsmasq (DHCP daemon) running and allocating IP addresses in the range of 192.168.1.100–250
  • telnet daemon running on standard port (23)
  • dropbear (SSH daemon) not running

At first, OpenWrt has no SSH server running. So for the first time, we connect via telnet: telnet 192.168.1.1:

# Set a root password:
passwd

Now disconnect (press Ctrl-D or enter exit) and you will be able to login via SSH (ssh root@192.168.1.1) and HTTPS will be available on the WebUI.

Install required modules for WiFi

opkg update
opkg install kmod-ath9k wpad-mini

Reboot and you are ready to use WiFi!

Configuration Files

http://wiki.openwrt.org/doc/uci
Example configuration file: https://forum.openwrt.org/viewtopic.php?pid=128345#p128345.

The good thing about the configuration system in OpenWRT is that you can change the configuration using the web interface and the changes will be reflected on the command line and vice versa. So you can choose whatever you like more and change your mind later without regretting your previous choice.

Set up the Internet Connection

http://wiki.openwrt.org/doc/uci/network#protocol.static

In my case I have to set up the router with a static IP (on my 100Mbit Internet WAN connection).

telnet 192.168.1.1
vi /etc/config/network

and change it to this static IP:

config 'interface' 'wan'
 option 'proto' 'static'
 option 'ifname' 'eth0.2'
 option 'ipaddr'    'ww.xx.yy.zz'
 option 'netmask'   '255.255.255.0'
 option 'gateway'   'aa.bb.cc.dd'
 #option 'broadcast' ''
 #option 'ip6addr'   ''
 #option 'ip6gw'     ''
 option 'dns'       '208.67.222.222'  # which is the OpenDNS server
 #option 'metric'    '0'

To check if the syntax of your configuration file is OK, run:

uci show network.wan

If it is not OK, it will print something like uci: Parse error (invalid command) at line 19, byte 1.

To query the interface status of the WAN port run:

uci -P/var/state show network.wan

PPPoE / T-Online Internet / VDSL / T-Home Entertain

Here is how you set up a regular DSL connection using T-Online PPPoE:

http://wiki.openwrt.org/doc/uci/network#protocol.pppoe.ppp.over.ethernet

opkg update
opkg install ppp-mod-pppoe

T-Online FAQ on the PPPoE Login Information

Set the wan interface in your /etc/config/network to the following:

config 'interface' 'wan'
        option 'proto'     'pppoe'
        option 'ifname'    'eth0.2'
        option 'username'  '<ANSCHLUSSKENNUNG><T-ONLINE-NR>#0001@t-online.de'
        option 'password'  '<INTERNET-PASSWORT>'
        option 'timeout'   '10'

And start the daemon:

/sbin/ifup.pppoe wan

If you want to use T-Home (VDSL) Entertain, have a look at this excellent German HowTo by Lappen: http://www.computerhilfen.de/hilfen-22-389919-0.html And have a look at my config settings to set up my Buffalo WZR-HP-AG300H router for T-Home Entertain.

WiFi / Wireless configuration

http://wiki.openwrt.org/doc/uci/wireless

When you configure your TL-WR1043ND as an access point with the name yourSSID and the WPA2 passphrase thisisprivate, your /etc/config/wireless should look like this:

config 'wifi-device' 'radio0'
        option 'type' 'mac80211'
        option 'macaddr' '54:e6:aa:bb:cc:dd'
        option 'hwmode' '11ng'
        option 'htmode' 'HT20'
        list 'ht_capab' 'SHORT-GI-40'
        list 'ht_capab' 'DSSS_CCK-40'
        option 'disabled' '0'
        option 'channel' '2'

config 'wifi-iface'
        option 'device' 'radio0'
        option 'network' 'lan'
        option 'mode' 'ap'
        option 'ssid' 'yourSSID'
        option 'encryption' 'psk2'
        option 'key' 'thisisprivate'

If you want to set the transmit power, you have to give the value in dBm. See Convert between Power and dBm for more information.

Web User Interface LuCI

http://wiki.openwrt.org/doc/howto/luci.essentials

You get an idea of all the settings you can configure using LuCI when looking at the LuCI applications.

If you want to make the LuCI web interface faster, you can install the package luci-sgi-uhttpd and make some minor changes to the configuration.

Advanced Information

http://wiki.openwrt.org/doc/howto/user.advanced

Print currently active connections

I found the hint in the function luci.sys.net.conntrack() in the file sys.lua of the LuCI code:

Connect to the OpenWrt router (via Telnet / SSH) and run:

cat /proc/net/nf_conntrack

QoS / Quality of Service

QoS via qos-scripts in the OpenWrt Wiki | Traffic Control - tc - in the OpenWrt Wiki | also nice: Tomato Tut

The qos-scripts that I'm describing here are basically just a wrapper for tc. Install qos-scripts and its web interface module like this:

opkg update
opkg install luci-app-qos

This basically installs the module luci-app-qos to configure the QoS module qos-scripts via the web interface. (The following dependent modules are going to be installed automatically too: luci-app-qos qos-scripts kmod-textsearch kmod-ipt-imq kmod-ipt-filter kmod-sched tc iptables-mod-filter kmod-ipt-ipopt iptables-mod-ipopt kmod-ipt-conntrack-extra iptables-mod-conntrack-extra iptables-mod-imq)

The LuCI module luci-app-qos actually changes the configuration file /etc/config/qos as mapped in qos.lua.

After the installation reboot the device (I pulled the plug and reconnected it).

Then open the LuCi configuration interface and go to Network → QoS: Prioritization and add an entry:

Priority Source Target Service Protocol Ports Bytes sent
priority all all all all 5060,10000

The ports are the ones used for my VoIP calls via Sipgate.

You can test the QoS rules by running your application and checking the output of the following command executed on your router at the same time:

cat /proc/net/nf_conntrack | grep -v mark=0

It should contain tracked connections where the mark is different from 0 (and are thus identified and classified packages, also see this).

It is also possible to apply QoS on VLANs: http://www.mail-archive.com/lartc@mailman.ds9a.nl/msg17009.html

Testing as proposed on http://wireless.kernel.org/en/developers/Documentation/mac80211/queues:

  1. Use ping ( with -Q option, see manpage )
  2. use iperf: iperf -S 0xE0 -c <IP>
  3. Use iptables. Example session with 2 iperf streams:
    iptables -t mangle -A OUTPUT -p tcp –dport 5000 -j DSCP –set-dscp-class "EF"
    iptables -t mangle -A OUTPUT -p tcp –dport 5001 -j DSCP –set-dscp-class "BE"

Setting up a Private DNS Server

By default, there is dnsmasq installed on OpenWrt.

I still have to figure out how to get a DNS server up and running on OpenWrt that includes master/slave functionality. This will most probably be Bind9 (as dnsmasq and MaraDNS have no such or limited slave capability).
If I'll have a look at Bind9 some day I'm going to have another look at my other post Get your own DNS server up and running with Bind9 on Ubuntu or Debian and probably at this tutorial: http://www.mysql-apache-php.com/dns-server-tutorial.htm. More sites to consider: http://www.petri.co.il/forums/showthread.php?t=24933 http://www.knowplace.org/pages/howtos/split_view_with_bind_9_howto.php

A really good howto to set up your own TLD for local use: Authoritative only BIND nameserver for local domain (I verified it works ;-).

VPN software

http://wiki.openwrt.org/doc/howto/vpn.overview

tinc – Full Mesh Routing VPN

I described the setup of a tinc vpn in another post: VPN with tinc and IPv6 (Using OpenWrt Routers).

OpenVPN

The way to go with OpenVPN is described on http://wiki.openwrt.org/oldwiki/vpn.server.openvpn.tun and in German on http://michael.stapelberg.de/Artikel/openwrt_vpn (scroll to the heading OpenVPN. Also interesting (/etc/init.d/openvpn): https://bugs.archlinux.org/task/11146?getfile=2847.

IPv6 using an AYIYA tunnel

This sections documents and describes how to get IPv6 working with an ayiya tunnel to SixXS using OpenWRT on the TL-WR1043ND. If you want to know more about IPv6 tunneling incl. a static tunnel on OpenWRT please scroll to the end of this section section for a list of useful links.
Usually a router running OpenWRT stays at the same physical location. If it has a static IPv4 you don't need an AYIYA tunnel by SixXS because a static 6to4 tunnel would be fine. But for dial up connections with changing IPv4 addresses or if your static IP is behind a firewall, you might want to configure an AYIYA tunnel instead.

To use IPv6, we need the following modules:

  • IPv6 kernel module (always)
  • IPv6 routing software (always, to configure IPv6 routing)
  • ip6tables kernel modules (optional, if you need an IPv6 firewall)
  • ip6tables command-line tool (optional, to configure the IPv6 firewall)

So to install them all, do:

opkg update
opkg install kmod-ipv6 radvd ip kmod-ip6tables ip6tables

In addition we need some software for the dynamic tunnel with aiccu:

opkg install ip kmod-tun aiccu ntpclient

Change the order of startup scripts (so that aiccu is run after the clock has been set):

cd /etc/hotplug.d/iface
mv 40-rdate 30-rdate
mv 30-aiccu 80-aiccu

Change /etc/config/aiccu to

config aiccu
       option username         'ABC1-SIXXS'
       option password         '1234'
       option protocol         'tic'
       option server           'tic.sixxs.net'
       option interface        'sixxs'
       option tunnel_id        'T12345'
       option requiretls       '0'
       option defaultroute     '1'
       option nat              '1'
       option heartbeat        '1'

You can start it by running /etc/init.d/aiccu start and enable it to be run at startup using /etc/init.d/aiccu enable.

To check if it's working hava look on the logfiles using logread or directly check a IPv6 ping: (ping6 sixxs.net or ping6 ipv6.google.com). When the ping is working you may reboot the box in order to make the dropbear ssh daemon listen for incoming IPv6 connections (might be that a /etc/init.d/dropbear restart is enough).

Routing via IPv6 for clients on the network

For routing IPv6 on your local network, you need to request a subnet and wait for approval. You cannot follow the steps below before you have done so (see http://www.sixxs.net/wiki/Aiccu/Installing_on_OpenWRT#Routing_2: When using a SixXS tunnel, only ::1 (the PoP) and ::2 (your endpoint) can be used as the rest is not routed!).

OK, now let's assume you were given the subnet 2001:1234:567::/48. Then you may define any /64 thereof for your network behind the router. In this example, we pick 2001:1234:567:a000::/64 but 2001:1234:567::/64 would be fine as well.

The first thing to do is to assign the first address of your subnet to the lan interface of the router (named br-lan for the ip and ifconfig tools and lan for the uci configuration file /etc/config/network). You can do this instantaneously using

ip -6 addr add 2001:1234:567:a000::1/64 dev br-lan

To make it permanent, add the option ip6addr to the lan interface in /etc/config/network:

config 'interface' 'lan'
    [...]
    option 'ip6addr' '2001:1234:567:a000::1/64'

The second step is to configure your router to forward IPv6 traffic. To do so, edit /etc/sysctl.conf and uncomment the line # net.ipv6.conf.all.forwarding=1. Afterwards restart sysctl to apply the new setting using /etc/init.d/sysctl restart.

Now its time for the third step: configure the Linux IPv6 Router Advertisement Daemon - radvd. Open the file /etc/config/radvd and change some values to make it look like this:

config interface
        option interface        'lan'
        option AdvSendAdvert    1
        option AdvManagedFlag   0
        option AdvOtherConfigFlag 0
        ## the following is not needed for AYIYA tunnels:
        #option AdvLinkMTU       1280
        option ignore           0

config prefix
        option interface        'lan'
        # If not specified, a non-link-local prefix of the interface is used:
        option prefix           '2001:1234:567:a000::1/64'
        option AdvOnLink        1
        option AdvAutonomous    1
        option AdvRouterAddr    0
        option ignore           0

config rdnss
        option interface        'lan'
        # If not specified, the link-local address of the interface is used
        option addr             ''
        option ignore           1

What has been changes:

  • option ignore 0 in the the sections interface and prefix.
  • prefix set: option prefix '2001:1234:567:a000::1/64'

This configuration is sufficient to enable radvd on the router, and broadcast auto-configuration announces to the clients on LAN. You may now restart radvd using /etc/init.d/radvd restart.
Don't forget to enable radvd at boot. You can do this on the terminal using /etc/init.d/radvd enable or in the LuCI web interface at Administration → Services → Initscripts (look for radvd and check whether it is enabled).

The last thing you would do now is to configure the firewall ip6tables http://www.sixxs.net/wiki/IPv6_Firewalling.

For further information on IPv6 tunnels on OpenWRT please refer to the following sites:

Wireless Configuration Using iw

http://linuxwireless.org/en/users/Documentation/iw#Getting_station_statistics
Print statistics about the wireless interface card (not sure all of these reveal useful information):

iw dev wlan0 station dump
iw dev wlan0 survey dump
iw dev wlan0 mpath dump

Web Servers

uHTTPd

http://wiki.openwrt.org/doc/howto/lamp#uhttpd
http://wiki.openwrt.org/doc/uci/uhttpd

uci set uhttpd.custom=uhttpd
uci set uhttpd.custom.listen_http=[2001:ad0:ff00:725::2]:80
uci set uhttpd.custom.home=/www1
uci commit uhttpd

Restart uHTTPd:

/etc/init.d/uhttpd restart

lighttpd

http://wiki.openwrt.org/doc/howto/http.lighttpd

opkg update
opkg install lighttpd

Change /etc/lighttpd/lighttpd.conf to set the server.document-root to something different from /www/.

You might want to set the server.bind directive to listen to an IPv6 address (http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config). Unfortunately this is not supported on the shipped version of lighttpd on OpenWRT as it is built without IPv6 support (as lighttpd -V reveals).

Start on boot:

To enable/disable start on boot run /etc/init.d/lighttpd enable which creates a symlink /etc/rc.d/S90umurmur → /etc/init.d/umurmur. /etc/init.d/lighttpd disable removes the symlink again.

To start the server, run /etc/init.d/lighttpd start. To stop the server again: /etc/init.d/lighttpd stop.

Network Monitoring

Some links first:

Using Munin (MuninLite as node software on OpenWrt)

https://blog.luukhendriks.eu/2011/05/05/openwrt-on-a-tp-link-1043nd-running-munin-munin-lite

Munin is a networked resource monitoring tool that can help analyze resource trends and "what just happened to kill our performance?" problems. It is designed to be very plug and play. A default installation provides a lot of graphs with almost no work.

On OpenWRT you can use MuninLite which is a single Bourne Shell script that implements the Munin protocoll as well as some Linux specific plugins. (The motivation for developing MuninLite was to provide a simple Munin Node, using inetd on systems without a full featured Perl.):

opkg update
opkg install muninlite ethtool

A howto for Munin (on a Debian PC) can be found on http://www.howtoforge.org/server_monitoring_monit_munin.

Using SNMP

I didn't set this up yet but here are some link I found:

Installation is something like this:

opkg update
opkg install snmpd-static

(Automatic) startup:

# Start snmpd
/etc/init.d/snmpd start
# Enable it on system startup
/etc/init.d/snmpd enable

The configuration is located in /etc/config/snmpd. Unfortunately it's not documented at all yet: http://wiki.openwrt.org/doc/uci/snmpd.

Via NetFlows with fprobe

On the OpenWRT install and run the libpcap-based fprobe tool:

opkg install fprobe
fprobe -ibr-lan 192.168.1.6:2055

Where 192.168.1.6 is the machine to which you want to send the information.

Can be displayed via ntop using the NetFlow plugin http://www.ntop.org/netflow.html.

Jumbo Frames (MTU > 1500)

The built in switch is a RealTek RTL8366RB 5-port Gigabit switch. The Realtek 8366RB in general supports Jumbo Frames but the SoC (processor) does not !

Unfortunately the existing patch to make the switch accept larger MTUs has not been applied to the driver file rtl8366rb.c in mainline yet. If it had been, the router could connect devices that use larger MTUs (but the jumbo frames – extra large IP packets – still couldn't pass the router via WAN).

Controlling the Switch

http://wiki.openwrt.org/doc/techref/swconfig

The switch configuration tool swconfig can be used to control information such as the speed, the port status, (full/half duplex mode etc. of the physical switch ports (as ethtool for normal network interfaces) and much more.

Usage examples:

  • LEDs:
    swconfig dev rtl8366s port 0 set led 2
  • Show current configuration swconfig dev rtl8366rb show

Also check this (invalid) bug report about VLAN trunking and bridging (and also check the the solutions being discussed in the comments): https://dev.openwrt.org/ticket/8701.

Here are some more commands to check the status of the switch chip:

swconfig dev rtl8366rb vlan 1 show
swconfig dev rtl8366rb vlan 1 get info
swconfig dev rtl8366rb vlan 1 get ports
swconfig dev rtl8366rb port 1 show
swconfig dev rtl8366rb port 1 get link
swconfig dev rtl8366rb port 1 get led
swconfig dev rtl8366rb port 0 get mib
swconfig dev rtl8366rb port 1 get pvid
# or for kernel VLAN info:
ls /proc/net/vlan
cat /proc/net/vlan/config
cat /proc/net/vlan/eth0.1

More VLAN configuration options for the switch can be found in this Polish blog post: http://rpc.one.pl/index.php/lista-artykulow/34-openwrt/81-konfiguracja-switch-vlan-na-podstawie-swconfig-w-routerze-wr1043nd-pod-openwrt

If you want to use VLAN IDs bigger than 15 you have to enable 4K VLAN on the switch:

swconfig dev rtl8366rb set enable_vlan4k 1

If you want to set the 4K VLAN enable flag permanently, add option enable_vlan4k '1' to your /etc/config/network section concerning the switch:

config switch
    option name 'rtl8366rb'
    option reset '1'
    option enable_vlan '1'
    option enable_vlan4k '1'

Some project related to that switch: http://wiki.freebsd.org/StefanBethke/EtherSwitch.

Since this changeset, the switch supports port mirroring. It can be configured with in /etc/config/network in the switch section by setting the following properties: enable_mirror_rx, enable_mirror_tx, enable_monitor_isolation, enable_mirror_pause_frames, mirror_monitor_port, and mirror_source_port; also see this for a configuration example. Since this commit, luci (the webgui) supports port mirroring settings. More on the port mirroring settings to be found here.

VLANs over WiFi

As I understand it, VLAN trunking is not supported via WiFi. But you basically don't need it because you can create multiple wireless networks with different SSIDs and bridge them with the VLANs configured in your router. A good resource is the OpenWrt forum post VLAN trunk over WIFI.

If you want to set up a guest VLAN, read http://wiki.openwrt.org/doc/recipes/guest-wlan.

hostapd has some support for dynamic VLANs. Read more about it for use on OpenWrt on Dynamic VLAN OpenWrt using hostapd (Polish blog post).

Multi-WAN

Read http://wiki.openwrt.org/doc/uci/multiwan for information on how to set up multi- or dual-wan on OpenWrt.

A nice new package for multi-wan, read the OpenWrt forum thread New package: mwan2.

For the regular Multi-WAN you need the following packages:

opkg update && opkg install multiwan luci-app-multiwan

Switch external device using the GPIO pins of the SoC

You can use the general purpose input/output pins of the SoC to switch external devices. The use of GPIO 5 and 20 is shown for a I2C connection on http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd#i.c.gpio.mod.

Syslog: Send Log Messages To Remote Machine

It's really simple: just set the log_ip option in the section config 'system' in your /etc/config/system:

config system
        option hostname 'OpenWrt'
        option timezone 'UTC'
        option log_ip '192.168.1.200'

If you want to know how to set up a remote host to receive the log messages, read my blog post Setting Up A Log Host for Syslog.

Fixing Bogus NXDOMAIN queries

In the case that the DNS servers you chose returns web pages when you browse to a nonexistent page, you can use dnsmasq.conf to block the bogus pages.

echo "bogus-nxdomain=1.2.3.4" >> /etc/dnsmasq.conf
/etc/init.d/dnsmasq restart

Where 1.2.3.4 is the domain being revealed when you try to resolve a non-existing domain name (like al12as.com ) using a tool such as dig or host.
See the dnsmasq man page or its FAQ for more information ( → search page for bogus-nxdomain).

Wake on LAN / WoWLAN

  • etherwake
    opkg description: You can wake up WOL compliant Computers which have been powered down to sleep mode or start WOL compliant Computers with a BIOS feature. WOL is an abbreviation for Wake-on-LAN. It is a standard that allows you to turn on a computer from another location over a network connection. ether-wake also supports WOL passwords.
  • wol
    opkg description: wol implements Wake On LAN functionality in a small program. It wakes up hardware that is Magic Packet compliant.

This section on wake on lan is still work in progress.

WoWLAN:
http://revolutionwifi.blogspot.com/2010/11/wake-on-wireless-lan.html
http://linuxwireless.org/en/users/Documentation/WoWLAN
WOL using Python: http://code.activestate.com/recipes/358449-wake-on-lan/

Apple: Wake on WiFi / Wake on Demand
https://dev.openwrt.org/ticket/5793
https://dev.openwrt.org/browser/packages/net/mdnsresponder
http://en.wikipedia.org/wiki/Wake-on-LAN#Mac_hardware_.28OS_X.29
http://en.wikipedia.org/wiki/Sleep_Proxy_Service

Other usefull OpenWrt packages

  • iodined
    iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where Internet access is firewalled, but DNS queries are allowed. More information on http://code.kryo.se/iodine/.
  • updatedd
    opkg description: Updatedd is a small tool that will update one of many dynamic dns services on boot. Please look at the /etc/init.d/ddns script for more info.
  • aoetools
    opkg description: The aoetools are programs for users of the ATA over Ethernet (AoE) network storage protocol, a simple protocol for using storage over an ethernet LAN. The vblade program (storage target) exports a block device using AoE.
  • tcpdump
    opkg description: Network monitoring and data acquisition tool
  • iperf
    opkg description: Iperf is a modern alternative for measuring TCP and UDP bandwidth performance, allowing the tuning of various parameters and characteristics. This package is built with single thread support.
  • dsniff
    opkg description: A collection of tools for network auditing and penetration testing. See http://www.enterprisenetworkingplanet.com/netos/article.php/3564471 fore more information.
  • iptraf
    IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts.

More on bandwith monitoring can be found in OpenWrt's wiki article on Bandwidth Monitoring (for example bandwidthd).

Extend the root file system size

opkg update && opkg install block-mount kmod-usb-core kmod-usb2 kmod-usb-ohci kmod-usb-storage kmod-fs-ext4

The USB drive was recognized as /dev/sda:

mkfs.ext4 /dev/sda1
mount /dev/sda1 /mnt
mkdir /tmp/cproot
mount --bind / /tmp/cproot
tar -C /tmp/cproot -cvf - . | tar -C /mnt -xvf -
sync ; umount /mnt
umount /tmp/cproot

Now add the new USB stick root file system to your /etc/config/fstab:

config mount
        option target /
        option device /dev/sda1
        option fstype ext4
        option options rw,sync
        option enabled 1
        option enabled_fsck 0

And enable and restart fstab / activate the new mounts:

/etc/init.d/fstab enable && /etc/init.d/fstab start

Mount a USB Pen Drive – USB Storage

Attention!! If you already enabled extroot (see section above) you have to use a different partition of your USB pen drive or a different USB port (which the TL-WR1043ND doen't have) for another pen drive to use as USB storage!

http://wiki.openwrt.org/doc/howto/usb.storage
The recommended file systems for usb drives are ext2, ext3, or ext4. I prefer ext4 as it is the latest one but very mature at the same time. I was formatting the pen drive on an Ubuntu based computer using gparted but you can also do it on the router.

Now get the requirements and mount the partition /dev/sda of a USB pen drive to /mnt/sticky:

opkg update && opkg install kmod-usb-storage block-mount kmod-fs-ext4
mkdir -p /mnt/sticky && mount -t ext4 /dev/sda1 /mnt/sticky -o rw,sync

You can add this to the UCI interface of the fstab file system mount configuration file:

config 'mount'
    option 'device'       '/dev/sda1'
    option 'options'      'rw,sync'
    option 'enabled_fsck' '0'
    option 'enabled'      '1'
    option 'target'       '/mnt/share'

And enable and restart fstab / activate the new mounts:

/etc/init.d/fstab enable && /etc/init.d/fstab start

Firefly Media Server – mt-daapd

mt-daapd is a nice media server for iTunes. Installing it is as easy as:

opkg update && opkg install mt-daapd

The configuration file is /etc/mt-daapd.conf (no UCI config file). Enable and start it using /etc/init.d/mt-daapd enable && /etc/init.d/mt-daapd start. I wrote more about the configuration options on this blog post.

Start in debugging mode using

/usr/sbin/mt-daapd -f -d 9 -c /etc/mt-daapd.conf

An alternative: forked-daapd.

vnStat traffic counter

Official Website: http://humdi.net/vnstat/
Howto for OpenWrt: http://wiki.openwrt.org/doc/howto/vnstat

Installation and setup:

opkg update
opkg install vnstat
mkdir -p /var/lib/vnstat

Then either configure everything using OpenWrt's uci and startup system:

Check your /etc/config/vnstat. It should look something like this (where br-lan is your local network and 3g-wan a 3G wan connection):

config vnstat
        list interface 'br-lan'
        list interface '3g-wan'

This is the configuration for the vnstatd daemon started by /etc/init.d/vnstat. The config file for vnstat itself is /etc/vnstat.conf. Enable the data capture and start the service:

# enable automatic start at boot time
/etc/init.d/vnstat enable
# and start now:
/etc/init.d/vnstat start

Or configure everything manually:

# get the name of your WAN interface (in my case it is eth0.2):
uci -P/var/state show network.wan.ifname

# Start watching the WAN interface eth0.2 and the internal bridge: br-lan
vnstat -u -i eth0.2
vnstat -u -i br-lan
# If you are watching more than one interfaces as done above, you also have to
# set a sensible value for the default interface in the config file /etc/vnstat.conf:
#  Interface "br-lan"

# Add the command to update the vnstat db to cron:
echo "*/5 * * * * vnstat -u" >> /etc/crontabs/root
/etc/init.d/cron enable && /etc/init.d/cron restart

Now to display the stats, simply run vnstats (but before that you may need to have some traffic first and run vnstat -u if cron didn't already do so).
For the daily statistics for the WAN interface run:

vnstat --days -i eth0.2

You may also be interested in darkstat (its OpenWrt package )

USB Audio Support

You may read the Wiki article USB Audio Support.

opkg update && opkg install kmod-usb-audio kmod-sound-core alsa-utils librt
## opkg refused to install kmod-usb-audio:
## > Not downgrading package kernel on root from 3.2.5-1-1372605cf58ad19e8d6ed5efaef392b1 to 3.2.5-1-052105d28b13fe66fa50bc364414616f.
## So I forced it to:
opkg install kmod-usb-audio --force-downgrade

Sound works perfectly with my Behringer U-Control UCA202 USB sound card.

A nice and easy way to play mp3 streams from the internet:

wget -O - http://64.236.34.97:80/stream/1014 | madplay -

If you're using Linux computers you may want to use the router as a PulseAudio Server: PulseAudio in the OpenWrt Wiki.

Install the Music Player Daemon – MPD

opkg install mpd
vi /etc/mpd.conf

Use mpd with radio stations on the internet: mpd with curl and m3u lists of mp3 online radio stations.

Saving a Backup of the List of Your Installed Packages

WHEN=$(date +"%Y-%m-%d_%H-%M")
FILE=/etc/package-list_$WHEN.txt
opkg list-installed > $FILE
echo "Package List saved to $FILE"

Transfer it to your computer:

scp root@192.168.1.1:/etc/package-list_2012-03-12_18-01.txt ./

If you want to strip the version information from the package names in each line, pipe the file through | awk '{print $1}'.

Creating a Backup of your Configuration Folder /etc/

Just adopt this to your router's IP and run it on your local computer:

HOST=192.168.1.1 # ← your router's IP
WHEN=$(date +"%Y-%m-%d_%H-%M")
FILE=/tmp/etc-backup_$WHEN.tar.gz
ssh root@$HOST "tar -zcvf $FILE /etc"
read -p "Created the backup file on the router. Press [Enter] to transfer it to your local machine."
scp root@$HOST:$FILE ./
echo "Created backup file $(basename $FILE). It contains the files found in the configuration folder /etc on the router $HOST."

Webcam Streaming

Installing mjpg-streamer on OpenWrt is easy:

opkg install kmod-video-uvc mjpg-streamer
ls /dev/video*
# test it:
mjpg_streamer -i "input_uvc.so -d /dev/video0 -y" -o "output_http.so"
# change the configuration:
vi /etc/conf/mjpg-streamer
# ^ I changed the settings to enabled: 1, resolution: 960x720, fps: 15
# start on boot:
/etc/init.d/mjpg-streamer enable
# start mjpg-streamer right now:
/etc/init.d/mjpg-streamer start

Now you can open the stream on:

More info on mjpg streamer in my other blog post.

Resources