Customizing your home router with OpenWrt
Learn how to take control of your home routing device with OpenWrt.
The OpenWrt project calls itself "a Linux distribution for embedded devices." Beyond this simple introduction, OpenWrt  is a framework for creating custom firmware to install on devices such as home routers and firewalls.
Versions of OpenWrt are available for a variety of devices, including the trusty Linksys WRT54GL residential firewall/router , a low-budget SOHO router you probably recognize from browsing the aisles of computer shops (Figure 1).
The pre-installed firmware that comes with a device such as the WRT54GL is intended for easy configuration in a one-size-fits-all environment. This prepackaged solution is good for many basic uses, but it doesn't begin to exploit the device's true potential.
OpenWrt lets you adapt the router to your own needs. To monitor traffic, you can build in security tools, such as Snort and tcpdump. Also, you can configure custom logging, scripts, or alerts. OpenWrt can also save you money by letting you adapt an inexpensive router, such as the WRT54GL, to perform the functions of a more expensive tool.
Of course, hacking the home router is not exactly an activity for the novice. OpenWrt provides a variety of powerful and interesting features, but you need to be ready to experiment.
Although OpenWrt implements various security mechanisms to help you restore the system, use of the OpenWrt software can alter the device in a way that could make it impossible to return to the original configuration.
Installing third-party software on a device such as a home router also usually voids your warranty.
OpenWrt is available for several router models, including devices by Linksys, Netgear, Allnet, or Asus. The OpenWrt system was originally designed to operate from the command line, but the recent X-Wrt  front end provides a GUI environment for router configuration. Because X-Wrt does not fully support the current OpenWrt release (code name "Kamikaze"), it makes more sense to use the previous version ("White Russian") if you plan to use the X-Wrt front end. X-Wrt is available for download either as an operating system/GUI bundle or as a web GUI standalone for various router models .
To replace the original WRT54GL router software with OpenWrt and X-Wrt, open the web interface (the address defaults to http://192.168.1.1), type admin as the username and password, and then click Administration | Firmware Upgrade (Figure 2). Then click the folder icon next to the input box and select the image file in the file browser. To launch the process, click the Upgrade button.
Note that the network connection must be up while you are installing the image. To avoid irreparable damage to the device, do not attempt this step via WLAN. After about a minute, the X-Wrt GUI appears without any further intervention. The new operating system assimilates the original configuration files.
To prepare the system for use, you first need to set up the network. OpenWrt is simply a core installation. Localizations, add-on modules, or updates are downloaded off the Internet. Watch out for the following quirk whenever you change the router's settings: To apply changes, first click the Save Changes button, and then click on the Apply text link – only then will the system actually store the changes.
Clicking Network in the top menu bar takes you to a submenu where you can select the first entry, WAN-LAN, to go to the basic setup.
To use the router to connect to the Internet via a DSL or conventional modem, select PPPoE as your Connection Type (Figure 3). In the Redial Policy, specify whether the router will dial up the Internet connection when it receives a request (Connect on Demand) or keep the connection alive (Keep Alive). Add the access data for your dial-up account in the Username and Password fields. Note that the router does not support POTS or ISDN.
Updates and Add-on Modules
To update the router software to the latest version, select Info in the menu, and then click the Check For Webif Update button. If you check the box next to Include daily builds when checking for update to webif, the updater will check for the daily builds, which could be buggy. To install the update, click Install Webif.
As mentioned previously, OpenWrt is simply a core installation that you customize by installing add-on programs. This approach lets developers keep the basic system small, which is a good idea because a device such as the WRT54GL has only 2,112KB of flash memory, which restricts the number of tools you can install. To query the memory status, click Status. The value queried is the free space in /dev/mtdblock/4.
For some menu items, such as UPnP or SNMP, the underlying programs are not installed by default.
To download the programs, click Install in the appropriate online repository section then continue to install. X-Wrt has a configuration dialog for any programs that install in this way, and the dialog is automatically enabled after you complete the installation.
The System | Packages section (Figure 4) features a list of hundreds of Available packages, which you can install by clicking the Install item next to the package description.
Unfortunately, most of these packages lack a graphical user interface, and configuration requires a detour to the console (see the box titled "Command Line"). Besides displaying installed and installable packages, the website also offers a nearly complete package management system that is reminiscent of DPKG and supports repository management. On top of this, the Install Package from URL also supports the installation of selected online packages.
OpenWrt supports comprehensive configuration via the console, which you can access via SSH. Use root as the username with the admin password that you have set. Thanks to BusyBox, you can access almost any system tools that you are familiar with from Linux.
The lightweight ipkg package manager, based on Debian's dpkg, is available for installing and uninstalling packages. The command ipkg install package_name installs the specified package and automatically resolves any dependencies. ipkg update and ipkg upgrade upgrade your system to the latest version.
Buy this article as PDF
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.