Slashdot Mirror
Linux Distro For Linksys WRT54G
scubacuda writes "Here is a tiny Linux distro for the Linksys wrt54g (d/l the distro here). In just a few seconds, you can give your access point's ramdisk syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc."
Interesting -- "The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it."
does it still function as an AP properly?
This comes with vi and NOT emacs, as 95% of all distributions don't come with emacs!
yeah i was looking and i hit refresh and his counter jumped about 200 hits in a couple seconds so heres the article in case slashdot kills another site:
/var/modules/ in the following order : sunrpc.o, lockd.o, nfs.o then mount your disk.
/var/bin/snort -c /var/etc/snort.conf &
/var/log/snort
Jim Buzbee
September 05 2003
Mini wrt54g distribution Version 0.1
This is a mini Linux distribution for the Linksys wrt54g. In about 20 seconds, you can install a small set of Linux tools to your access point's ramdisk.
Upon completion of the installation, you will have a system with basic tools such as syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc.
To install, modify the script wrt54g.sh for your ip address and password. By default the script uses Java to move files to the wrt54g. If you would prefer wget, uncomment the wget lines in the script. I had a problem with older version of wget translating escaped characters before passing the URL on to the server. Your mileage may vary.
The distribution has been tested on firmware version v1.30.7, Jul. 8, 2003. The installation has been tested on Linux and OSX
The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it.
Upon successful execution of the script, you will be able to telnet to your box and start exploring its capabilities. Note that there is no login prompt, you telnet directly in as root. Be careful.
An alternate web server is installed on port 8000 of the box.
The nfs drivers are not loaded by default If you would like to mount a nfs disk, insmod the drivers from
To run snort, execute the following command on the box :
The snort configuration file should be changed for your network configuration and needs. Snort logs will be written to
If you wish to change the files sent to the box, untar distro.tar and add or subtract files. Normally you should not run the install script more than once for a power-cycle of the box. i.e. if you want to run the install again, reset the wrt54g first.
I have attempted to limit all changes to the ram disk, but there are no guarantees that you will not damage your unit by using these tools.
Download the distribution
Visit my wrt54g snort page
Thanks to Ross Jordan, C. J. Collier, Ben Grech and others who did the heavy lifting in figuring out how to get new code on the box
Jim Buzbee jbuzbee@nyx.net
consolevision roxors!
For us that buying a linksys router is even more preferable. For a personal user to any business criteria the advantage over having full source to this hardware is incredible. Certainly its going to ensure that they stay high on our prefered supplier list provising we can access the boxes and code. incidentally we install WiFi in Public spots for the UK which is being kinda slow to take this up.
And thats why Firecrackers and kittens don't mix.
Why not SSHD? Nobody in his right mind uses telnet nowadays.
http://blog.astyran.sg
None of them support Rendezous (AKA zeroconf), at least not on the level of Apple's airport base stations. That's a hack I'd really like to see.
---If you can't trust a nerd, who can you trust?
not terribly practical? Running snort on a wireless router isn't practical?
Slow? 125mhz MIPS is slow?
Might want to better explain what you mean.
OK, this Linksys has only been out for like a few weeks or something, and they've got a linux distro for it... Yet my Toastmaster 5000xdr Quad-port (with FG-200R bagel attachment) STILL isn't supported!
I mean, the linksys probably works fine out-of-box... But my Toastmaster STILL can't check with my Mr.Refrigeration Model XII to see if I'm out of butter and order more online. Sheesh, technology SUCKS!
I was going to post "But Does it RUN LINUX!?" but then I RTFA. Grr....
It's quite useful. You can turn it into a VPN server, have it serve DHCP, put your network's access control mechanism on it, and have a one box solution to a whole range of wireless networking problems.
125 Mhz MIPS CPU is fast enough to do some interesting things, but the box only has 16 Mb of RAM, and no local disk for paging. That's going to be the limiting factor for most of the fun things you'd like to do with this box.
Could this be used to establish ssh tunneling from clients to the AP? That would, in my eyes, be far preferable to the somewhat lacking link security that 802.11 offers today.
Trust the Computer. The Computer is your friend.
Snort logs will be written to /var/log/snort
Ramdisk based snort logs aren't too enticing to me.
Another HTTP server on 8000 doesn't do anything for me either, especially when the one on port 80 is already like molases running up hill in winter.
The fact is that this might be useful in troubleshootingsomething on the router but, for production use it isn't terribly practical. But, then again who's going to rely on this router for any real production use. This is after all, a home or small office device.
But still no linux driver for the corresponding WPC54G PCMCIA card?
ssh tunnels are very bad performance. what you want is a VPN.
unfortunately you can't replace the kernel on the box with one that supports cool things because of the proprietary broadcom driver.
(here's to whoever takes the time to write a thunking layer for the linksys 2.4.5 broadcom driver to let it work with modern 2.4.22+ kernels!)
Has anyone tried this on a Linksys router other than the WRT54G? My BEFSR41 4 port cable/dsl router is still running strong, and I would love to have telnetd and the such on running on it!
Thanks!
- Cary
wrt54g.tar.gz (1.07MB) mirrors
:)
Posted anon, I'm no whore.
www.sk3tch.com/wrt54g.tar.gz
www2.sk3tch.com/wrt54g.tar.gz
www3.sk3tch.com/wrt54g.tar.gz
The article has already been posted, if the file becomes unavailible due to the /. effect a temporary mirror of the file is availible at: http://lightntrax.com/ben/wrt54g.tar.tar
The "ssh tunnels are very bad performance" statement may be elaborated a bit more on this page titled "Why TCP Over TCP Is A Bad Idea".
We should be fighting this not supporting it.
transmission_err
(Full Disclosure: I designed part of OpenSSH's tunnelling subsystem.)
TCP over TCP has issues when both stacks attempt to respond to the same error conditions. This happens very commonly with PPP over SSH. However, TCP port forwards in OpenSSH actually terminate at the daemon, which extracts the payloads, repacks them into completely independent streams, and sends them on their way.
In other words, an error condition on the routerexternal_site link doesn't show up on the clientrouter link.
OpenSSH tunnels have surprisingly high performance (it certainly beats most proxy implementation hands down). Easy to set up, too: Simply SSH into your host of choice with the -D option(say, ssh -D1080 user@host), set the SOCKS4 proxy in your application to 127.0.0.1:1080, and you're done. It's really quite simple.
--Dan
I own one of these little guys and I must say it's a neat little box. However, please be aware of the following issues that you might run into with it:
1) it runs quite hot. make sure it gets plenty of air. we had ours sitting on the carpet with the DSL modem on top and it would frequently over heat. Moving the modem off and setting the wrt54g on a board seemed to fix this.
2) it requires that you have good wiring. you may be shocked to know this, but if you live in an old house (like many college students) your wiring has a good chance of being miswired. The wrt54g will not work with wiring faults (even though many devices work just fine). the solution is to put a good surge protector or UPS between the device and the outlet. this seems to fix everything.
3) the dhcp implementation is a little funky and sometimes seems to reply with a DHCP NAK on an address request when it otherwise shouldn't.
All that aside, it's a great little box. It works well with my 802.11b card in the laptop and manages the wired stuff just fine. I can't comment on 802.11g because there aren't any cards with linux support out there (except maybe the minipci card in the wrt54g, but that's a binary driver).
I've gotten some interesting stuff to run on it, mainly some simple home automation stuff for a pervasive computing environment that was part of my research, but it's nice having everything together. Although, truthfully you're probably still better off with an EPIA board and a 256 meg stick of ram.
My Slashdot account is old enough to drink...
I have owned many, many pieces of Linksys gear, and while they may not be the "performance leaders", I have never seen one just die. I can't help but to wonder about the power situation in your home.
I would suggest getting some better UPS protection for your routers and switches. You would be surprised at how bad typical electrical service is, and routers and switches tend to stay on 24/7, thus pretty vulnerable. I run everything on UPS. Monitor, routers, hubs, everything. I live in the country (terrible for spikes and brownouts) and have all kinds of gear that is old beyond usefullness, but still works. Even an old UPS that doesn't hold a charge is better than none, since most spikes/brownouts only need about 5 to 10 seconds of power before returning to normal.
This doesn't change the fact that they may be more delicate that you care for, but my guess is you have a power problem.
Tequila: It's not just for breakfast anymore!
There's not a SINGLE "Imagine a beowulf cluster of these" comment yet? What the hell is going on here???
Lowest price search results from pricegrabber.com. Lowest I could find on Pricewatch was $103 + shipping.
Amazon has it for $100 after rebate with free shipping.
There was a new firmware put out about 6 weeks ago. Here's the details.
Bad boys rape our young girls but Violet gives willingly.