Slashdot Mirror
Linux Distro For Linksys WRT54G
scubacuda writes "Here is a tiny Linux distro for the Linksys wrt54g (d/l the distro here). In just a few seconds, you can give your access point's ramdisk syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc."
Interesting -- "The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it."
does it still function as an AP properly?
Slow as hell and not terribly practical. But, still very cool.
This comes with vi and NOT emacs, as 95% of all distributions don't come with emacs!
yeah i was looking and i hit refresh and his counter jumped about 200 hits in a couple seconds so heres the article in case slashdot kills another site:
/var/modules/ in the following order : sunrpc.o, lockd.o, nfs.o then mount your disk.
/var/bin/snort -c /var/etc/snort.conf &
/var/log/snort
Jim Buzbee
September 05 2003
Mini wrt54g distribution Version 0.1
This is a mini Linux distribution for the Linksys wrt54g. In about 20 seconds, you can install a small set of Linux tools to your access point's ramdisk.
Upon completion of the installation, you will have a system with basic tools such as syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc.
To install, modify the script wrt54g.sh for your ip address and password. By default the script uses Java to move files to the wrt54g. If you would prefer wget, uncomment the wget lines in the script. I had a problem with older version of wget translating escaped characters before passing the URL on to the server. Your mileage may vary.
The distribution has been tested on firmware version v1.30.7, Jul. 8, 2003. The installation has been tested on Linux and OSX
The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it.
Upon successful execution of the script, you will be able to telnet to your box and start exploring its capabilities. Note that there is no login prompt, you telnet directly in as root. Be careful.
An alternate web server is installed on port 8000 of the box.
The nfs drivers are not loaded by default If you would like to mount a nfs disk, insmod the drivers from
To run snort, execute the following command on the box :
The snort configuration file should be changed for your network configuration and needs. Snort logs will be written to
If you wish to change the files sent to the box, untar distro.tar and add or subtract files. Normally you should not run the install script more than once for a power-cycle of the box. i.e. if you want to run the install again, reset the wrt54g first.
I have attempted to limit all changes to the ram disk, but there are no guarantees that you will not damage your unit by using these tools.
Download the distribution
Visit my wrt54g snort page
Thanks to Ross Jordan, C. J. Collier, Ben Grech and others who did the heavy lifting in figuring out how to get new code on the box
Jim Buzbee jbuzbee@nyx.net
consolevision roxors!
For us that buying a linksys router is even more preferable. For a personal user to any business criteria the advantage over having full source to this hardware is incredible. Certainly its going to ensure that they stay high on our prefered supplier list provising we can access the boxes and code. incidentally we install WiFi in Public spots for the UK which is being kinda slow to take this up.
And thats why Firecrackers and kittens don't mix.
Why not SSHD? Nobody in his right mind uses telnet nowadays.
http://blog.astyran.sg
None of them support Rendezous (AKA zeroconf), at least not on the level of Apple's airport base stations. That's a hack I'd really like to see.
---If you can't trust a nerd, who can you trust?
OK, this Linksys has only been out for like a few weeks or something, and they've got a linux distro for it... Yet my Toastmaster 5000xdr Quad-port (with FG-200R bagel attachment) STILL isn't supported!
I mean, the linksys probably works fine out-of-box... But my Toastmaster STILL can't check with my Mr.Refrigeration Model XII to see if I'm out of butter and order more online. Sheesh, technology SUCKS!
Some might say Hammurabi or Nebuchadnezzar, but it's not certain that either of them ever actually went to Ur, even though Babylon often claimed lordship over Ur, Nineveh, and many other Mesopatamian cities.
I'm really not trying to be a troll, this is a serious question. What does making an access point into linux box atually do? Will it still retain all of its normal functions? Will this increase its functionality in any way? Being able to telnet into something as root automatically doesn't seem the safest thing to do for whatever this is, either.
I was going to post "But Does it RUN LINUX!?" but then I RTFA. Grr....
Well, I can't answer for the rest of them, but the dna game-playing computer one has already been posted to /.: World's First Game-Playing DNA Computer
A Minesweeper clone that doesn't suck
First, the GSM story was posted in another form, a few days ago.
/. story. Shut up and deal with it. If you don't like what gets accepted, well, too fucking bad.
Second, shut up. You obviously had this whole troll written out, just waiting for a chance to stick it near the top of a new
Also, you copy/pasted whole paragraphs from the stories you link to. How fucking insightful is that?
If you don't like what gets posted here, then keep finding your news elsewhere. You obviously have done so already, why do you need to bitch about it to the rest of us?
125 Mhz MIPS CPU is fast enough to do some interesting things, but the box only has 16 Mb of RAM, and no local disk for paging. That's going to be the limiting factor for most of the fun things you'd like to do with this box.
Well done, Mr. Buzbee.
Carousel is a lie!
Could this be used to establish ssh tunneling from clients to the AP? That would, in my eyes, be far preferable to the somewhat lacking link security that 802.11 offers today.
Trust the Computer. The Computer is your friend.
The nfs drivers are not loaded by default If you would like to mount a nfs disk, insmod the drivers from /var/modules/ in the following order : sunrpc.o, lockd.o, nfs.o then mount your disk.
But still no linux driver for the corresponding WPC54G PCMCIA card?
Just to let people know, i have already applied this to my university and gotten into the new wireless network that is expanding beyond control. All hubs have the same password, and are very easy to find.
Tomorrow: implement peer-to-peer network using my own protocol that will send chills down the RIAA's backs!
Next day: mirror web sites that get the slashdot effect with a virtual server setup.
All this equals a fun week.
(and yes, I am an Anonymous Coward).
Funny that this is posted so close to this Ask Slashdot. This does not fall under the category of secure solutions I take it. Why take something where security is already a concern and make it wide open to the world? Granted putting linux on this could be useful and provide more functions that you could use but at least add some semblance of security.
Check out my life
ssh tunnels are very bad performance. what you want is a VPN.
unfortunately you can't replace the kernel on the box with one that supports cool things because of the proprietary broadcom driver.
(here's to whoever takes the time to write a thunking layer for the linksys 2.4.5 broadcom driver to let it work with modern 2.4.22+ kernels!)
Is to put a small desktop on it, such as *box, with a few tools such as xterm, dillo, abiword and linuxconf on it, atatch a usb hub to it so I can plug in a usb keyboard, mouse, and monitor and have a cheap linux boxen for administation.
Please please please please please!
That embarrassing begging display aside, I would really love if somebody would figure out how to add extra functionality to the SMC Barricade wireless routers. At the very least, something to push the logs to a machine elsewhere in the network, as its current archival options are very limited. This is something my old Linksys router was able to do.
Pedro
----
The Insomniac Coder
Has anyone tried this on a Linksys router other than the WRT54G? My BEFSR41 4 port cable/dsl router is still running strong, and I would love to have telnetd and the such on running on it!
Thanks!
- Cary
wrt54g.tar.gz (1.07MB) mirrors
:)
Posted anon, I'm no whore.
www.sk3tch.com/wrt54g.tar.gz
www2.sk3tch.com/wrt54g.tar.gz
www3.sk3tch.com/wrt54g.tar.gz
The article has already been posted, if the file becomes unavailible due to the /. effect a temporary mirror of the file is availible at: http://lightntrax.com/ben/wrt54g.tar.tar
It can't help you with picking a wireless lan or getting you the encryption key, and dhcp already provides a valid IP and routing/dns information...
Hey I live in the attic. Get it right!
Well, all the modifications to the kernel are available to us since anything less would be a violation of GPL. It should be possible to build a kernel that can coexist with the binary Broadcom module.
The "ssh tunnels are very bad performance" statement may be elaborated a bit more on this page titled "Why TCP Over TCP Is A Bad Idea".
for my Linksys IOS!
"Give away the stone, let the oceans take and transmutate this cold and faded anchor." - Maynard James Keenan
Was wondering since the wrt54g sold there seem to be different from the US ones...
(they're using different drivers, and linksys' website claims flashing an EU model with a US firmware will destroy it...)
Anyone tried yet? (don't want to have to buy another one hehe)
i tried going to your gnutoast.org site to try out your distro on my toastmaster, but my browser kept on saying that it couldn't find it. i did a whois on gnutoast.org and it said your site doesn't even exist! wtf?
Interesting -- "The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it."
Does this also mean that as soon as a power outage occurs, I will lose *all* logfiles, packet captures and even the distro?
We should be fighting this not supporting it.
transmission_err
What would be slick would be a working NoCatAuth http://nocat.net/ solution on this bugger.
You'd need the router's password, and to be on the local network, too...
..That's all great in all, but can I run a counter-strike server on it?
Did bitching about it help get it through?
1. AirSnort, already working.
8 /29/232022 8
2. Something like the MIT rootnet.
http://slashdot.org/article.pl?sid=03/0
By having the routing in the AP, it would participate in the roofnet without a server. Servers use more electricity and are noisy.
3. Security for open accesspoints.
You might leave our accesspoints open to share it with others. But you might want some extra security:
a) Block port 25 for others so they don't send spam and get you blacklistet.
b) Some VPN/SSH tunnels for privacy.
c)Traffic shaping. You would like to reserve some bandwidth for yourself.
I'm interested in using it as a small embedded linux box at remote sites.
Does anyone have pointers to how to upload the distro to firmware? I saw mention in the intro to the distro that it was possible...
Putting this sort of stuff in that device is a cool hack but totally the wrong thing.
It should run a little file server, serving something like 9p whihc would allow you to read/write settings and stream off the full data packets read for snorting.
fools.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
It would be cool if linksys realized there was a market for this and started selling them preinstalled (with the distro in firmware). They would have to work out some of the issues, like auto telnet in as root. Or they could fix the bug that allows this and set up passworded access to install 3rd party software.
This is my sig, there are many like it, but this one is mine...
(Full Disclosure: I designed part of OpenSSH's tunnelling subsystem.)
TCP over TCP has issues when both stacks attempt to respond to the same error conditions. This happens very commonly with PPP over SSH. However, TCP port forwards in OpenSSH actually terminate at the daemon, which extracts the payloads, repacks them into completely independent streams, and sends them on their way.
In other words, an error condition on the routerexternal_site link doesn't show up on the clientrouter link.
OpenSSH tunnels have surprisingly high performance (it certainly beats most proxy implementation hands down). Easy to set up, too: Simply SSH into your host of choice with the -D option(say, ssh -D1080 user@host), set the SOCKS4 proxy in your application to 127.0.0.1:1080, and you're done. It's really quite simple.
--Dan
would this let me use the router as a wireless ethernet bridge? I would like to avoid paying 129$ for a bridge when I can get an access point for 50$.
is sitting in the corner, dead for no reason
linksys cable router
linksys 10/100 hub
are the first two that come to mind, there could be others...
plug them in and no power, they just turned off one day and didn't turn back on, and to top that off when the cable router was working it blocked many Well Known Ports and when linksys support was repeatedly contacted asking for a reason or a firmware update I was ignored every time...
maybe they've improved in the last year or so since i bought any of their shit but i doubt it... what good is linux on a doorstop
Yes, so if we could teach the upper layer PPP to detect duplicate packets (like a hash table of payload hashes for the last thousand), and drop them because the underlying layer is reliable, although sometimes slow, then we would enjoy tunneling through braindead NAT's of every hotspot.
I own one of these little guys and I must say it's a neat little box. However, please be aware of the following issues that you might run into with it:
1) it runs quite hot. make sure it gets plenty of air. we had ours sitting on the carpet with the DSL modem on top and it would frequently over heat. Moving the modem off and setting the wrt54g on a board seemed to fix this.
2) it requires that you have good wiring. you may be shocked to know this, but if you live in an old house (like many college students) your wiring has a good chance of being miswired. The wrt54g will not work with wiring faults (even though many devices work just fine). the solution is to put a good surge protector or UPS between the device and the outlet. this seems to fix everything.
3) the dhcp implementation is a little funky and sometimes seems to reply with a DHCP NAK on an address request when it otherwise shouldn't.
All that aside, it's a great little box. It works well with my 802.11b card in the laptop and manages the wired stuff just fine. I can't comment on 802.11g because there aren't any cards with linux support out there (except maybe the minipci card in the wrt54g, but that's a binary driver).
I've gotten some interesting stuff to run on it, mainly some simple home automation stuff for a pervasive computing environment that was part of my research, but it's nice having everything together. Although, truthfully you're probably still better off with an EPIA board and a 256 meg stick of ram.
My Slashdot account is old enough to drink...
I just bought this box today, completely un-aware of its ability to run Linux.
Maybe this is God's way of telling me to move away from The One True OS, Windows, and move to Linux...
So in your view, Linux sucks. In most of the rest of the world's view, MicroSoft sucks.
Methinks you are obviously just another MicroSoft plant, sowing FUD. Imagine-- the 'x' in Linux makes it communistic. I suppose the same goes for Unix, and maybe even Mac OS X?
Jeesh!
Hi,
There was a deal (price mistake?) on these a while back at amazon.com. I got in on it and am selling these cheap on eBay.
http://tinyurl.com/lfk6
Thanks,
Kris
...with running a connection through a tool like stunnel? Both are doing encryption, SSH likes keys, stunnel/SSL likes certificates, but after that I'm somewhat ignorant.
I've been tunnelling all kinds of stuff through OpenSSH for years, and while I've heard of stunnel, I only just recently started using it (encrypting an IMAP connection because IMAPS isn't supported).
I'm not asking for an hour-long briefing on /. or anything, but if you know of any web pages, pointers would be appreciated.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
You forgot the part about "wearing a furry suit".
HTH.
You would have to already own the thing. Why bother when there are so many Windoze boxes behind it you can own so much easier? Security fails at it's weakest link.
Friends don't help friends install M$ junk.
Hey folks, I'm the guy who wrote the cross-compiler build script he used to compile the drivers, busybox, and snort. In case anyone needs to do something similar with other devices in the future, it's quite likely that ptxdist will be able to do it out-of-the-box. It already builds busybox for you, and I have a feeling it'll also build snort for you pretty soon. ptxdist is THE distro for embedded devices that use glibc, IMHO. It doesn't support many apps yet, but it's very cross-compile friendly, and I plan on using it for all my embedded development needs in the future.
i wonder what would happen if i ran the installer on my wap11 :D
slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
actually i found parent to be "funny" not "offtopic" (although yeah, strictly speaking it WAS offtopic, but...)
I have owned many, many pieces of Linksys gear, and while they may not be the "performance leaders", I have never seen one just die. I can't help but to wonder about the power situation in your home.
I would suggest getting some better UPS protection for your routers and switches. You would be surprised at how bad typical electrical service is, and routers and switches tend to stay on 24/7, thus pretty vulnerable. I run everything on UPS. Monitor, routers, hubs, everything. I live in the country (terrible for spikes and brownouts) and have all kinds of gear that is old beyond usefullness, but still works. Even an old UPS that doesn't hold a charge is better than none, since most spikes/brownouts only need about 5 to 10 seconds of power before returning to normal.
This doesn't change the fact that they may be more delicate that you care for, but my guess is you have a power problem.
Tequila: It's not just for breakfast anymore!
There's not a SINGLE "Imagine a beowulf cluster of these" comment yet? What the hell is going on here???
Will running Linux on this router allow you to use iptables? If so, then perhaps this could be used as a 'real' firewall with stateful packet inspection, rather than just NAT.
Of course, I'd prefer that this Linux OS be changed so it accepts a root password, but other than that, this could be a a great alternative to the default Linksys software.
It's more than that - I've used it to bridge several remote locations (1800 ft+) with external antennae.
Very reliable.is that you can add functionality to it. Someone already mentioned snort. (shrug)
What would be very cool to do with it would be to enable to turn it into a gateway for NoCat, rather like what Sputnik has done with ActionTec AP they've hacked to act as a gateway for their "Sputnik Central Control" software.
Lowest price search results from pricegrabber.com. Lowest I could find on Pricewatch was $103 + shipping.
Amazon has it for $100 after rebate with free shipping.
There was a new firmware put out about 6 weeks ago. Here's the details.
Bad boys rape our young girls but Violet gives willingly.
The broadcom driver is a KLM, why would that stop you from upgrading the kernel?
(It's not the driver that's a problem; it's the fact that if you don't have a development version of the board that is easy to re-flash, and you flash it with something that doesn't boot perfectly, then you can't flash it via software any longer.)
i don't have any trouble with my 5 computers 2 routers and switch or anything else running in my house lal the time
my openbsd box has an 80 day uptime and the last time it went down was when the power went out; i used to have a UPS, an old one, but it died too.
Actually, several folks DID post such comments...
The moderators used all their points pushing them down. Yours went up for some reason.
What? You think the subject needs more explaination?
Sorry. Just lashing out at people who type like morons. Don't mind me.
As for the paper, it seems mainly concerned with packet loss and retransmission. The fact is that although we're glad TCP/IP can handle reordering and retransmission, it usually doesn't have to. Not even on wireless, since 802.11 does its own retransmissions without bothering TCP/IP. And as for the possibility of different packets taking different routes and arriving out of order, its true... in theory.
Friend, are you tired of your old toaster?
Burnt toast, uneven toast, and just too much bother and hassle?
Well, you have to try Intellitoast!
Thanks to years of research, our scientists have harnessed the power of "Internet" inside your toaster!!!
Toast, toast, TOAST! the perfect slice every time, at the office, on the go, or in the comfort of your own Home!
You like your new Mac more than you like me, don't you, Dave? Dave? I asked...She said Yes.
Did you buy all your Linksys gear from the same place or at about the same time? Maybe you got a bad batch or something.
(I've personally had no experience with Linksys, but a friend of mine has had a simple Linksys router for several years now and it's still chugging away.)
Furry cows moo and decompress.
At last you got your article in the frontpage...
__
Sig: Marine Stock Photos
Another wireless access point that runs Linux is Netgear WG602. You can find some very limited information about it here.
Is anyone working on something similar for this device?
Blog Ho
Ok, what we really need now is a bridging distro.
I want my OpenBSD-like functionality to firewall and secure wireless connections without an IP address.
Since the Dynamic DNS client that comes with the router is essentially worthless, how about including that in this distro. Now that's a completely good use of a hack.
"Failure is not an option. It comes bundled with any Microsoft Product."
> The broadcom driver is a KLM, why would that stop you from upgrading the kernel?
The interface to the KLM changed enough to cause the binary-only driver to not load correctly. You need to be able to rebuild at least its kernel wrapper layer from source a la' an NVidia driver.
same place.. best buy i think
a couple years apart.. the linksys hub actually lasted abotu 3 years before it broke but in hub time that is nothing.. the only moving part is a fan as far as i know so i don't understand how one day it jus thas no power, same with the router..
Who wants a muffin? A crimpet? A teacake? Some toast? I don't want any smegging toast! (Red Dwarf)
Offtopic: Still in Philly?
Hey, don't forget about Xenix, that had two Xs in it!
Oh, wait... Xenix was a Microsoft product, wasn't it?
Never mind...
That is very odd. I have no good, plausible answer ready. (Unless maybe little kids are involved somehow.)
:-)
Perhaps you have gremlins.
Furry cows moo and decompress.