Linux Distro For Linksys WRT54G 227
scubacuda writes "Here is a tiny Linux distro for the Linksys wrt54g (d/l the distro here). In just a few seconds, you can give your access point's ramdisk syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc."
Interesting -- "The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it."
does it still function as an AP (Score:5, Insightful)
Re:does it still function as an AP (Score:5, Informative)
Re:does it still function as an AP (Score:2)
Better yet, what's the point? Has this guy ever had a gf or got laid? What's the infatuation of runnign linux on everything?
Umm...this device ships from the manufacturer with linux on it.
This guy is just adding more functionality to it.
It would be really neat to see somone setup something like hogwash on one of these.
That's cool. (Score:2)
Re:That's cool. (Score:4, Insightful)
Slow? 125mhz MIPS is slow?
Might want to better explain what you mean.
More constrained by memory (Score:5, Insightful)
Re:More constrained by memory (Score:4, Funny)
More seriously, you can do a hell of a lot with 16MByte of RAM and 125MHz. My old Amiga was happily connected to the internet for years with less than that.
Stick FORTH on any box and (assuming you know FORTH, of course), you can make most any computer jump through hoops, devoid of the efficiency problems that bloated tarbaby languages like C++ introduce.
Re:More constrained by memory (Score:5, Funny)
Up hill both ways, too!
Re:More constrained by memory (Score:2, Insightful)
"Yes grandson, there was once a time where chips weren't able to and didn't need to run Linux and Java."
Re:More constrained by memory (Score:2)
Re:More constrained by memory (Score:2)
Re:More constrained by memory (Score:5, Informative)
Re:More constrained by memory (Score:2)
Was the NFS mount over the wireless or the ethernet port? Is the ethernet port 10Base-T or 100Base-T? It seems like this should work... What were your nfs params? Maybe the linux network file system would work better? I'm actually interested in doing this for the playstation 2,
Re:More constrained by memory (Score:2)
Re:More constrained by memory (Score:3, Interesting)
I'm not sure what the point would be... if you have another box, why not just run your services on it... but they nifty value is significant.
Re:More constrained by memory (Score:2, Informative)
Re:More constrained by memory (Score:2)
Re:More constrained by memory (Score:2)
"Upon completion of the installation, you will have a system with basic tools such as syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc."
I imagine insmod is there so you can extend the kernel without flashing anything. I really have no idea what can be a module, but there's at least some freedom there.
Re:More constrained by memory (Score:2)
Re:That's cool. (Score:5, Interesting)
Ramdisk based snort logs aren't too enticing to me.
Another HTTP server on 8000 doesn't do anything for me either, especially when the one on port 80 is already like molases running up hill in winter.
The fact is that this might be useful in troubleshootingsomething on the router but, for production use it isn't terribly practical. But, then again who's going to rely on this router for any real production use. This is after all, a home or small office device.
Re:That's cool. (Score:2, Interesting)
How about a bind [isc.org] caching server ? How about a blackhole ad removal [schooner.com] server? How about a time server? How about pushing the logs to another machine? While it may be slow these things do not have to be lightning fast, just fast enough. It is afterall just a simple router. Its not meant for 300 machines
More than SOHO (Score:2, Interesting)
It's more than that - I've used it to bridge several remote locations (1800 ft+) with external antennae.
Very reliable.Take that emacs zealots! (Score:3, Funny)
Re:Take that emacs zealots! (Score:5, Funny)
Re:Take that emacs zealots! (Score:2, Funny)
Re:Take that emacs zealots! (Score:5, Funny)
Re:Take that emacs zealots! (Score:2)
It just had to be something like that!
Re:Take that emacs zealots! (Score:2)
Re:Take that emacs zealots! (Score:2)
Re:Take that emacs zealots! (Score:2, Funny)
Re:Take that emacs zealots! (Score:2)
Re:Take that emacs zealots! (Score:3, Funny)
I'm patiently waiting for the Emacs distro that runs Linux in a VM.
article in case of slashdotting... (Score:5, Informative)
Jim Buzbee
September 05 2003
Mini wrt54g distribution Version 0.1
This is a mini Linux distribution for the Linksys wrt54g. In about 20 seconds, you can install a small set of Linux tools to your access point's ramdisk.
Upon completion of the installation, you will have a system with basic tools such as syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, etc.
To install, modify the script wrt54g.sh for your ip address and password. By default the script uses Java to move files to the wrt54g. If you would prefer wget, uncomment the wget lines in the script. I had a problem with older version of wget translating escaped characters before passing the URL on to the server. Your mileage may vary.
The distribution has been tested on firmware version v1.30.7, Jul. 8, 2003. The installation has been tested on Linux and OSX
The script installs strictly to the ram disk of the box. No permanent changes are made. If you mess something up, power-cycle it.
Upon successful execution of the script, you will be able to telnet to your box and start exploring its capabilities. Note that there is no login prompt, you telnet directly in as root. Be careful.
An alternate web server is installed on port 8000 of the box.
The nfs drivers are not loaded by default If you would like to mount a nfs disk, insmod the drivers from
To run snort, execute the following command on the box :
The snort configuration file should be changed for your network configuration and needs. Snort logs will be written to
If you wish to change the files sent to the box, untar distro.tar and add or subtract files. Normally you should not run the install script more than once for a power-cycle of the box. i.e. if you want to run the install again, reset the wrt54g first.
I have attempted to limit all changes to the ram disk, but there are no guarantees that you will not damage your unit by using these tools.
Download the distribution
Visit my wrt54g snort page
Thanks to Ross Jordan, C. J. Collier, Ben Grech and others who did the heavy lifting in figuring out how to get new code on the box
Jim Buzbee jbuzbee@nyx.net
consolevision roxors!
Re:article in case of slashdotting... (Score:3, Interesting)
I've got a copy of the file itself if they go down, too.
Well this means... (Score:5, Insightful)
Re:Well this means... (Score:3, Informative)
Every piece of Linksys Hardware I've ever bought (Score:2)
linksys cable router
linksys 10/100 hub
are the first two that come to mind, there could be others...
plug them in and no power, they just turned off one day and didn't turn back on, and to top that off when the cable router was working it blocked many Well Known Ports and when linksys support was repeatedly contacted asking for a reason or a firmware update I was ignored every time...
maybe they've improved in the last year or so since i bought any of their shit b
Re:Every piece of Linksys Hardware I've ever bough (Score:4, Informative)
I would suggest getting some better UPS protection for your routers and switches. You would be surprised at how bad typical electrical service is, and routers and switches tend to stay on 24/7, thus pretty vulnerable. I run everything on UPS. Monitor, routers, hubs, everything. I live in the country (terrible for spikes and brownouts) and have all kinds of gear that is old beyond usefullness, but still works. Even an old UPS that doesn't hold a charge is better than none, since most spikes/brownouts only need about 5 to 10 seconds of power before returning to normal.
This doesn't change the fact that they may be more delicate that you care for, but my guess is you have a power problem.
Re:Every piece of Linksys Hardware I've ever bough (Score:2)
my openbsd box has an 80 day uptime and the last time it went down was when the power went out; i used to have a UPS, an old one, but it died too.
Re:Well this means... (Score:4, Informative)
Re:Well this means... (Score:3, Informative)
In fact, some of the sources they link to aren't even GPL.
Re:Well this means... (Score:3, Insightful)
If everyone released source happily, the GPL wouldn't be necessary in the first place. The point of the GPL is, in fact, to compel unwilling participants who recognize the value of the available GPL code to participate in Free Software. The instances where the difference between the
telnetd? (Score:5, Interesting)
Re:telnetd? (Score:5, Informative)
ssh/telnet isn't an issue, in this case. It's silly to encrypt something when anyone can get root on it.
Re:telnetd? (Score:2)
Re:telnetd? (Score:2)
Re:telnetd? (Score:3, Insightful)
Re:telnetd? (Score:5, Insightful)
Why yes it is, in the same way as your browser is "horribly insecure" when you login to slashdot.
It sends the data unencrypted, that is all. Granted, your server is probably more important than your
If you never would use telnet for anything, then you'd never surf without https either.
Re:telnetd? (Score:2)
They seem to be missing that point. As the article states, telnet is not available on the WAN side of the router (ie: available for the 192.168.*.1/255.255.255.0 network only) but it doesn't matter because the code is considered experimental anyway. The whole purpose is to allow you to log in as root and experiment, NOT to use it in a corporate/production environment.
Amazing what you learn when you actually READ the article.
Would this work with other Linksys routers? (Score:5, Interesting)
Priorities are all wrong (Score:5, Funny)
I mean, the linksys probably works fine out-of-box... But my Toastmaster STILL can't check with my Mr.Refrigeration Model XII to see if I'm out of butter and order more online. Sheesh, technology SUCKS!
Re:Priorities are all wrong (Score:5, Funny)
> weeks or something, and they've got a linux distro
> for it... Yet my Toastmaster 5000xdr Quad-port
> (with FG-200R bagel attachment) STILL isn't
> supported!
OK, to reply to those that say I should roll my own distro for my Toastmaster, I have been working on a little something. Currently, there is no support for the bagel attachment, and it has some trouble with the more exotic breads (ie, non-white bread). And it occasionally pops them out at dangerous velocities. And you have to first separate the bread and crust using my 'decrust.sh' script, and reassemble them after toasting using 'recrust.sh'.
But otherwise, it's coming along nicely. I did have ONE little bug where instead of ordering more bread, it ordered an industrial bread-machine and hired a staff of 12 to run it. They all seemed so disappointed when I told them they were only hired because of a bug. But I'm sure they get that a lot.
So check it out, gnutoast.org... I think it's the future of toasting, possibly even the future of grilling too.
Re:Priorities are all wrong (Score:2)
What is this for? (Score:2, Interesting)
Re:What is this for? (Score:5, Insightful)
Re:What is this for? (Score:2, Insightful)
Re:What is this for? (Score:2)
Doesn't do the VPN function, though.
Re:What is this for? (Score:2)
Re:What is this for? (Score:3, Interesting)
Re:What is this for? (Score:2)
I would want to be able to firewall off an Internet-accessible box from the rest of my network while forwarding one or more inbound ports to that box. That would be better t
Crap... (Score:5, Funny)
Re:Crap... (Score:5, Funny)
Re:Crap... (Score:2)
But can it play Ogg Vorbis??
ssh tunneling? (Score:5, Interesting)
Re:ssh tunneling? bad idea use VPN (Score:3, Informative)
unfortunately you can't replace the kernel on the box with one that supports cool things because of the proprietary broadcom driver.
(here's to whoever takes the time to write a thunking layer for the linksys 2.4.5 broadcom driver to let it work with modern 2.4.22+ kernels!)
Re:ssh tunneling? bad idea use VPN (Score:5, Informative)
TCP over TCP is fine when payloads are unpacked (Score:5, Insightful)
TCP over TCP has issues when both stacks attempt to respond to the same error conditions. This happens very commonly with PPP over SSH. However, TCP port forwards in OpenSSH actually terminate at the daemon, which extracts the payloads, repacks them into completely independent streams, and sends them on their way.
In other words, an error condition on the routerexternal_site link doesn't show up on the clientrouter link.
OpenSSH tunnels have surprisingly high performance (it certainly beats most proxy implementation hands down). Easy to set up, too: Simply SSH into your host of choice with the -D option(say, ssh -D1080 user@host), set the SOCKS4 proxy in your application to 127.0.0.1:1080, and you're done. It's really quite simple.
--Dan
How does this compare... (Score:3, Interesting)
...with running a connection through a tool like stunnel? Both are doing encryption, SSH likes keys, stunnel/SSL likes certificates, but after that I'm somewhat ignorant.
I've been tunnelling all kinds of stuff through OpenSSH for years, and while I've heard of stunnel, I only just recently started using it (encrypting an IMAP connection because IMAPS isn't supported).
I'm not asking for an hour-long briefing on /. or anything, but if you know of any web pages, pointers would be appreciated.
Re:How does this compare... (Score:2)
Re:How does this compare... (Score:2)
Blessed are the prime
Re:How does this compare... (Score:3, Interesting)
1) SSL has theoretically better key management, which is actually not theoretical for browsers (it's the only successful deployment of certificates in history), but stunnel by default barely checks SSL certificates. So, unfortunately, you're very vulnerable to a MITM attack (but you probably were anyway, since even if
Re:ssh tunneling? bad idea use VPN (Score:2)
Re:ssh tunneling? bad idea use VPN (Score:2)
(It's not the driver that's a problem; it's the fact that if you don't have a development version of the board that is easy to re-flash, and you flash it with something that doesn't boot perfectly, then you can't flash it via software any longer.)
Re:ssh tunneling? (Score:2)
Good observation though, but also if you're transferring sensitive data, you'll want encrypted communication end-to-end because you can just as easily be snooped on anywhere on the net
Sigh (Score:4, Informative)
Re:Sigh (Score:3, Insightful)
When there is a "lack" of code, drivers, support, etc. in the Linux community, 99.999% of the time, it is due to lack of vendor support. Talk to them first. Ask them for the documentation. Ask them for the code. For the drivers. If they say buzz off, then you have your answer.
Companies that make it hard or impossible to get their hardware working with Linux, make it hard to want to get it working with Linux. There are other vendors who do support and embrace Li
Re:Sigh (Score:3, Insightful)
Re:Sigh (Score:2, Informative)
Port it to SMC Barricade? (Score:2, Offtopic)
That embarrassing begging display aside, I would really love if somebody would figure out how to add extra functionality to the SMC Barricade wireless routers. At the very least, something to push the logs to a machine elsewhere in the network, as its current archival options are very limited. This is something my old Linksys router was able to do.
Re:Port it to SMC Barricade? (Score:2)
Yeah, but does it work with the BEFSR41? (Score:3, Interesting)
Thanks!
- Cary
Re:Yeah, but does it work with the BEFSR41? (Score:2)
Re:Yeah, but does it work with the BEFSR41? (Score:2)
Re:Yeah, but does it work with the BEFSR41? (Score:2)
wrt54g.tar.gz Mirrors (posted Anon) (Score:3, Informative)
Posted anon, I'm no whore.
www.sk3tch.com/wrt54g.tar.gz [sk3tch.com]
www2.sk3tch.com/wrt54g.tar.gz [sk3tch.com]
www3.sk3tch.com/wrt54g.tar.gz [sk3tch.com]
Link to file (Score:3, Informative)
worried (Score:3, Interesting)
We should be fighting this not supporting it.
in other words, (Score:2)
You would have to already own the thing. Why bother when there are so many Windoze boxes behind it you can own so much easier? Security fails at it's weakest link.
Uses: (Score:2, Informative)
2. Something like the MIT rootnet.
http://slashdot.org/article.pl?sid=03/0 8
By having the routing in the AP, it would participate in the roofnet without a server. Servers use more electricity and are noisy.
3. Security for open accesspoints.
You might leave our accesspoints open to share it with others. But you might want some extra security:
a) Block port 25 for others so they don't send spam and get you blacklistet.
b) Some VPN/SSH tunnels for privacy.
c)Traffic shapin
wrong wrong wrong (Score:3, Insightful)
It should run a little file server, serving something like 9p [bell-labs.com] whihc would allow you to read/write settings and stream off the full data packets read for snorting.
fools.
Words of Caution about the WRT54G (Score:5, Informative)
1) it runs quite hot. make sure it gets plenty of air. we had ours sitting on the carpet with the DSL modem on top and it would frequently over heat. Moving the modem off and setting the wrt54g on a board seemed to fix this.
2) it requires that you have good wiring. you may be shocked to know this, but if you live in an old house (like many college students) your wiring has a good chance of being miswired. The wrt54g will not work with wiring faults (even though many devices work just fine). the solution is to put a good surge protector or UPS between the device and the outlet. this seems to fix everything.
3) the dhcp implementation is a little funky and sometimes seems to reply with a DHCP NAK on an address request when it otherwise shouldn't.
All that aside, it's a great little box. It works well with my 802.11b card in the laptop and manages the wired stuff just fine. I can't comment on 802.11g because there aren't any cards with linux support out there (except maybe the minipci card in the wrt54g, but that's a binary driver).
I've gotten some interesting stuff to run on it, mainly some simple home automation stuff for a pervasive computing environment that was part of my research, but it's nice having everything together. Although, truthfully you're probably still better off with an EPIA board and a 256 meg stick of ram.
wap11 (Score:3, Interesting)
I can't believe nobody has said it... (Score:4, Funny)
iptables? (Score:2, Informative)
Of course, I'd prefer that this Linux OS be changed so it accepts a root password, but other than that, this could be a a great alternative to the default Linksys software.
Prices (Score:4, Informative)
Amazon has it for $100 [amazon.com] after rebate with free shipping.
There was a new firmware [linksys.com] put out about 6 weeks ago. Here's the details. [linksys.com]
Re:Secure? (Score:3, Interesting)
From the article:
Yes, un-authenticated open telnet as root seems really dumb to me too, but you could always remove telnetd and add SSH w SSH2 RSA only authentication.
Re:My review: (Score:2, Funny)
Methinks you are obviously just another MicroSoft plant, sowing FUD. Imagine-- the 'x' in Linux makes it communistic. I suppose the same goes for Unix, and maybe even Mac OS X?
Jeesh!
Re:Does it run on European versions? (Score:2)
Re:I'm still waiting... (Score:2, Interesting)
We're testing the AP 1200 802.11 a/b dual-mode
Re:use it as an ehternet bridge? (Score:2)