Setting up a gateway on OpenWRT: Difference between revisions
Jump to navigation
Jump to search
Line 8: | Line 8: | ||
* ip-full | * ip-full | ||
* [[ampr-ripd]] to '''/etc/config/''' (always run [[RIP]]44 software in console mode FIRST after installation to verify execution and obtain the password, the execution of the file is commented-out below) | * [[ampr-ripd]] to '''/etc/config/''' (always run [[RIP]]44 software in console mode FIRST after installation to verify execution and obtain the password, the execution of the file is commented-out below) | ||
* the following to '''Firewall > Custom Rules:''' | * the following to '''Firewall > Custom Rules:''' | ||
Line 25: | Line 23: | ||
ip rule add to 44.0.0.0/8 dev tunl0 table 7777 priority 7777 | ip rule add to 44.0.0.0/8 dev tunl0 table 7777 priority 7777 | ||
* '''reboot''' | |||
* a bridge interface to tunl0 and a new VLAN, adding it to its own firewall zone (assign an IP from your allocation to this interface) | |||
* the VLAN to any switch/trunk ports (as desired) | |||
* create any forwarding rules | * create any forwarding rules | ||
* test ampr-ripd in console | |||
* add password to Custom Rule and uncomment ampr-ripd line | |||
* '''reboot''' |
Revision as of 13:54, 15 August 2015
ampr-ripd has been compiled for Atheros 71xx
Summary
Install:
- kmod-ipip
- ip-full
- ampr-ripd to /etc/config/ (always run RIP44 software in console mode FIRST after installation to verify execution and obtain the password, the execution of the file is commented-out below)
- the following to Firewall > Custom Rules:
# (eth0.2 in this case is the Public-facing WAN (to allow IPENCAP traffic), read your OpenWRT hardware Wiki for your specific model ifconfig tunl0 mtu 1480 up iptables -t filter -I INPUT -p 4 -i eth0.2 -j ACCEPT # ./etc/config/ampr-ripd -p <PASSWORD> -t 44 -a <44.xxx.xxx.xxx/xx> ip route add default dev tunl0 via <AMPRGW> onlink table 44 ip rule add to <44.xxx.xxx.xxx/xx> table main priority 44 #OPTIONAL LAN ### ip rule add from <44.xxx.xxx.xxx/xx> to <192.168.xxx.xxx/16> table main priority 45 ip rule add from 44.0.0.0/8 table 44 priority 46 ### CREATE A BLACKHOLE ON TABLE 7777 ### ip route add default dev lo src 127.0.0.1 table 7777 ### BLACKHOLE ALL REMAINING AMPR TRAFFIC ON TUNNEL ### ip rule add to 44.0.0.0/8 dev tunl0 table 7777 priority 7777
- reboot
- a bridge interface to tunl0 and a new VLAN, adding it to its own firewall zone (assign an IP from your allocation to this interface)
- the VLAN to any switch/trunk ports (as desired)
- create any forwarding rules
- test ampr-ripd in console
- add password to Custom Rule and uncomment ampr-ripd line
- reboot