User Tools

Site Tools


router_setup_instructions

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
router_setup_instructions [2009/05/29 09:42]
127.0.0.1 external edit
router_setup_instructions [2013/09/28 16:06] (current)
Line 1: Line 1:
-====== Linksys WRT54G setup with WiFi Dog instructions ====== ​x+====== Linksys WRT54G setup with WiFi Dog instructions ====== ​
  
   - make sure you have the supported version of OpenWRT -- get it here:   - make sure you have the supported version of OpenWRT -- get it here:
Line 222: Line 222:
 </​code>​ </​code>​
  
 +===== preventing wifi users from accessing the local LAN =====
 +
 +add to the end of /​etc/​firewall.user:​
 +
 +<​code>​
 +### secure the LAN
 +iptables -A forwarding_rule -s 192.168.1.0/​24 -d 172.18.92.0/​24 -j DROP
 +iptables -A input_rule -s 192.168.1.0/​24 -d 172.18.92.0/​24 -j DROP
 +</​code>​
 +
 +where 192.168.17.0 is the wired LAN.  you won't be able to ping 192.168.17.1,​ but traffic will still flow through it
 +
 +===== separating wifi & wired networks ("​breaking the bridge"​) =====
 +
 +You'd want to do this if you want wifi users to authenticate to wifidog, but for computers plugged into the ethernet ports to not have to authenticate.
 +
 +The original config on the router is probably:<​code>​
 +lan_ifname="​br0"​
 +lan_proto=static
 +lan_ipaddr=192.168.1.1
 +lan_netmask=255.255.255.0
 +wifi_ifname=""​
 +wifi_proto=""​
 +wifi_ipaddr=""​
 +wifi_netmask=""​
 +lan_ifnames="​vlan0 eth1 eth2"
 +</​code>​
 +
 +Run these commands:<​code>​
 +nvram set lan_ifname=vlan0
 +nvram set lan_proto=static
 +nvram set lan_ipaddr=192.168.2.1
 +nvram set lan_netmask=255.255.255.0
 +nvram set wifi_ifname=eth1
 +nvram set wifi_proto=static
 +nvram set wifi_ipaddr=192.168.1.1
 +nvram set wifi_netmask=255.255.255.0
 +nvram set lan_ifnames=vlan0
 +nvram commit
 +</​code>​
 +
 +Edit /​etc/​dnsmasq.conf,​ adding these lines:<​code>​
 +dhcp-range=eth1,​192.168.1.100,​192.168.1.250,​255.255.255.0,​12h
 +dhcp-range=vlan0,​192.168.2.100,​192.168.2.250,​255.255.255.0,​12h
 +</​code>​
 +
 +Edit /​etc/​wifidog.conf,​ and change "​GatewayInterface"​ to eth1
 +
 +Reboot
 +
 +(Done!)
router_setup_instructions.1243608128.txt.gz ยท Last modified: 2013/09/28 16:06 (external edit)