how to remote syslog using openwrt

Posted on

If you need to keep an eye and history about what is going on on your router enable remote login with this command:

echo “option ‘log_ip’ ‘192.168.1.2’”>> /etc/config/system

Change 192.168.1.2 to your server. Then on your server (linux debian as example) check /etc/default/rsyslog and add “-r” to the default options. you would start getting messages on your system.
Maybe you need to comment it out on this file /etc/rsyslog.conf those options:
# $ModLoad imudp
# $UDPServerRun 514


How to keep P2P users out of your network with openwrt

Posted on

Say that you have a open wireless network connection and you have some users that use P2P programs to download stuff. The main problem with P2P programs is the number o connections that try to open on the ADSL router so the NAT table gets full pretty quickly.

#!/bin/sh
# Ban. Add mac to the forward table if the number of connecions get 100

for ip in $(grep "br-lan" /proc/net/arp | awk '{print $1}'); do

cont=$(grep -c "$ip" /proc/net/ip_conntrack);
mac=$(grep "$ip" /proc/net/arp| awk '{print $4}');

if [ "$cont" -gt "100" ] ;then
echo iptables -A forwarding_rule -m mac --mac-source $mac -j DROP;
fi
logger "$ip $mac $cont";
done

so create a entry on /etc/crontabs/root

# run this script every hour
0,10,20,30,40,50 * * * * /etc/ban > /dev/null
0 * * * * /etc/unban > /dev/null
ban


unable to change config flash write error OpenWrt

Posted on

Just in case you hit a problem if, you are usin 10.03, the router shutdown by an upgrade, power off, whatever… your partition is read only, and you are not able to modify anything on the router. Login on the console and type dmesg. If complains about

Write of 186 bytes at 0x0015a680 failed. returned -30, retlen 0

Just type:
mtd unlock rootfs_data

#7298 (Cannot edit files in /etc/config due to flash write error) – OpenWrt.


Monitor command line output from openwrt backfire using snmp

Posted on

I have been using snmp to monitor Input and Output traffict from my router base on openwrt . but I want to know if if my users have a virus spamer or they use P2P on my network?, how do you find out over the time?. I can run this command any time to find out how many connections there is on the router:
root@OpenWrt:/jffs/etc# cat /proc/net/ip_conntrack | wc -l
1

So far so good, but i want to have historical data that can give me an idea of when the connections go up or down. Here comes the power of SNMP. First we need iptables-snmp – An snmpd plugin to access iptables rules:

opkg install iptables-snmp

Now we need to created the executable, I put files under /etc/snmp but it is a matter of taste :
root@OpenWrt:/etc/snmp# cat conntrack-count

#!/bin/sh
exit `cat /proc/net/ip_conntrack | wc -l`

Now this needs to be called from the snmpd daemon. So I added on the configuration file:
/etc/config/snmpd:

config exec conntrack_count
option execname conntrack_count
option miboid 1.3.6.1.3.19811018.30
option prog ‘/etc/snmp/conntrack-count’

Reload the snmp daemon /etc/init.d/snmpd reload (you did install it did nt you? opkg install snmpd). So now if you call 1.3.6.1.3.19811018.30 from a snmp client, you can see the number of connections, I use MRTG to create the graphic.

Title[router]: ip_conntrack
Target[router]: 1.3.6.1.3.19811018.30.100.1&1.3.6.1.3.19811018.30.100.1:public@your.ip:
MaxBytes[router]: 100

Here is the output:

Before you create an exec you maybe check a ready to go snmp variables in this page: SNMP OIDs for OpenWrt and here 46 SNMP SMIv1 and v2 MIBs ( 10 SMIv1, 36 SMIv2 ) for Linux


QOS under openwrt 10.03

Posted on

Only a few commands are needed to use Quality Of Service (QOS), just login on theconsole as root@ip.of.router and then:

opkg update;
opkg install qos-scripts;
/etc/init.d/qos enable;
/etc/init.d/qos start;

You would find the config file under /etc/config/qos, I mostly only modify the download value so I limit the amount of bandwidth that I share with others so they do not collapse my connection. If you want to check that qos is working just run this command qos-stat