Introduction
Unknown to many, the official Netgear WNDR4300 firmware is based on OpenWrt. The procedure described here involves making use of the OpenWrt repos to have openvpn up and running. It also involves recompiling the official firmware. So, this is certainly not for the faint hearted and expects you to have a good knowledge of Linux.
Stock Firmware Info
From the file /etc/banner on the router (I will tell later how you can telnet to the router), it is clear that stock firmware is based on OpenWrt kamikaze (bleeding edge, r18571). Based on http://wiki.openwrt.org/about/history, the closest available stable release is Kamikaze 8.09.2 r18801, released in 2010 January. Also, as there is a file /lib/ar71xx.sh in the stock firmware, it indicates that the arch is ar71xx.
Stock Firmware Compilation And Installation
- For stock firmware source compilation, it is recommended to use Ubuntu 10.04 (server edition) as the official firmware binary has been compiled on Ubuntu 10.04.1 (Server) with gcc 4.1.3. So, download and install Ubuntu 10.04 (you can use a VM as it is more convenient).
- After installing Ubuntu 10.04 for building the firmware, install build dependencies.
$ sudo apt-get install gcc-4.1 g++-4.1 libncurses-dev zlib1g-dev gawk flex $ cd /usr/bin $ sudo ln -s gcc-4.1 gcc $ sudo ln -s g++-4.1 g++ $ sudo ln -s gcc cc
- Netgear stock firmwares can be downloaded from http://kb.netgear.com/app/answers/detail/a_id/2649. Download and extract WNDR4300-V1.0.1.42_gpl_src.zip. You will also need WNDR4300-V1.0.1.30_gpl_src.zip for the toolchain.
$ unzip /path/to/WNDR4300-V1.0.1.42_gpl_src.zip $ bunzip2 WNDR4300-V1.0.1.42_gpl_src.tar.bz2 $ tar -xvf WNDR4300-V1.0.1.42_gpl_src.tar $ ls README.build wndr4300-GPL.git wndr4300_gpl_source_list.txt WNDR4300-V1.0.1.42_gpl_src.tar
- Add init script wndr4300-GPL.git/target/linux/wndr4300/base-files/etc/init.d/startup with below content:
#!/bin/sh /etc/rc.common START=99 start() { if [ -x /jffs/startup.sh ]; then /jffs/startup.sh fi }Also make the init script executable
$ chmod +x wndr4300-GPL.git/target/linux/wndr4300/base-files/etc/init.d/startup
Now, you can write any commands in /jffs/startup.sh and they will be executed whenever the router boots up.
- Follow remaining instructions in README.build to finish the build.
- The final image is “bin/WNDR4300-V1.0.1.42.img”. Go to the Router Upgrade Page and upgrade to this newly built firmware.
Logging in to the router (using Telnet)
You can use the software at https://code.google.com/p/netgear-telnetenable/ to telnet to the router. The instructions for doing this are pretty straight forward.
OpenWrt wiki page http://wiki.openwrt.org/toh/netgear/telnet.console also mentions other ways of accessing the telnet console but I haven’t tried them as netgear-telnetenable worked like a charm.
Setting up ipkg
- wget, which is used by ipkg for downloading packages, is broken in the stock firmware. So, we need to download wget and dependent packages from http://downloads.openwrt.org/kamikaze/8.09.2/ar71xx/packages and install them. However, as wget is broken, I didn’t know how to download the packages directly to the router. So, I downloaded them to my laptop, started a tftp server on my laptop, logged into the router, and using the tftp client transferred and installed the packages.
Setting up tftp server is out of the scope of this tutorial, but it is quite easy and you will find many tutorials on-line on how to do it.$ python telnetenable.py <IP> <MAC> <Username> <Password> BusyBox v1.4.2 (2013-12-26 18:08:07 UTC) Built-in shell (ash) Enter 'help' for a list of built-in commands. _______ ________ __ | |.-----.-----.-----.| | | |.----.| |_ | - || _ | -__| || | | || _|| _| |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M KAMIKAZE (bleeding edge, unknown) ------------------ * 10 oz Vodka Shake well with ice and strain * 10 oz Triple sec mixture into 10 shot glasses. * 10 oz lime juice Salute! --------------------------------------------------- root@WNDR4300:~# tftp -g -r libopenssl_0.9.8i-3.2_mips.ipkroot@WNDR4300:~# ipkg install libopenssl_0.9.8i-3.2_mips.ipk root@WNDR4300:~# tftp -g -r libopenssl_0.9.8i-3.2_mips.ipk root@WNDR4300:~# ipkg install wget_1.11.4-1_mips.ipk - Create /etc/ipkg.conf and update ipkg list.
root@WNDR4300:~# echo -e "dest root /jffs\nsrc openwrt http://downloads.openwrt.org/kamikaze/8.09.2/ar71xx/packages" > /etc/ipkg root@WNDR4300:~# export PATH=/jffs/bin:/jffs/sbin:/jffs/usr/bin:/jffs/usr/sbin:$PATH root@WNDR4300:~# ipkg update
Installing SSH
- Now, you can install SSH from OpenWrt Kamikaze repos.
root@WNDR4300:~# ipkg install openssh-server
As a matter of fact, you can install any of the packages in http://downloads.openwrt.org/kamikaze/8.09.2/ar71xx/packages/ and they should most probably work.
- Kindly note that the binaries and libraries are installed to /jffs partition and not /, as we we have configured the same in /etc/ipkg.conf (dest root /jffs). We did this so that the files persist when we reboot the router. So, to accommodate this, you will have to modify /jffs/etc/init.d/sshd accordingly. Here is the modified script.
#!/bin/sh /etc/rc.common # Copyright (C) 2006 OpenWrt.org START=50 start() { for type in rsa dsa; do { # check for keys key=/jffs/etc/ssh/ssh_host_${type}_key [ ! -f $key ] && { # generate missing keys [ -x /jffs/usr/bin/ssh-keygen ] && { /jffs/usr/bin/ssh-keygen -N '' -t $type -f $key 2>&- >&- && exec /etc/rc.common "$initscript" start } & exit 0 } }; done mkdir -p /var/empty chmod 0700 /var/empty /jffs/usr/sbin/sshd -f /jffs/etc/ssh/sshd_config } stop() { killall sshd } - To start OpenSSH server:
root@WNDR4300:~# /jffs/etc/init.d/sshd start
Installing OpenVPN
- Install OpenVPN using ipkg
root@WNDR4300:~# ipkg install openvpn
- Dump your config file (ex. amaram.vpn.conf) in /jffs/etc/openvpn/ directory.
- For OpenVPN, I preferred to start it directly and avoid calling the openvpn init.d script.
root@WNDR4300:~# LD_LIBRARY_PATH=/jffs/usr/lib /jffs/usr/sbin/openvpn --daemon --cd /jffs/etc/openvpn --config amaram.vpn.conf --log /tmp/openvpn.log
- You might need to modify iptables rules whenever openvpn starts. This can be achieved by passing the –route-up option to the openvpn binary with argument as path to the script containing the firewall rules to be executed whenever a tunnel is established.
Configuring the launch script
We finally have to write the /jffs/startup.sh script to automate setting up of ipkg and starting ssh and openvpn servers whenever the router reboots. Here is the content of /jffs/startup.sh script that I am using:
# Set PATH echo "export PATH=/jffs/bin:/jffs/sbin:/jffs/usr/bin:/jffs/usr/sbin:\$PATH" >> /etc/profile # Set LD_LIBRARY_PATH echo "export LD_LIBRARY_PATH=/jffs/usr/lib" >> /etc/profile # Setup ipkg echo -e "dest root /jffs\nsrc openwrt http://downloads.openwrt.org/kamikaze/8.09.2/ar71xx/packages" > /etc/ipkg.conf # SSH authorized_keys mkdir -p /tmp/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6emYnBS1NLG1j1HsuMb3X6nI0+jWrpRvjhBSuB9q4lOO4NpxNdgCiDd7+qoYGLd4fE7hy/GYN1TvXXuDtDZPnuIOg8XaRxZg5wSDZV0nRsDNKGH8NikGzvxGEI9KeqBNrl+iRLS/ipl0QRmLpNScwXWOW6h9eP+S7GaL6Y56YyL+uwuUg14ow2nA2YFYQKLRXM20EiEm4C419XknYHsIG16ix2AamrH1CGJrQCo0m6f1Kf5OUjX8gSQvaToaD2J5NFbdGfaykW/RvmQH+37PlVnfE24SVrZ0ylRHvnqMTgSE1ZQ54U/zAbRpwB3vpEQCdW/kNz/gLwzbUHW0yzEw+w== rahul@rahul-laptop" > /tmp/.ssh/authorized_keys # Start SSH /jffs/etc/init.d/sshd start # Start openvpn LD_LIBRARY_PATH=/jffs/usr/lib /jffs/usr/sbin/openvpn --daemon --cd /jffs/etc/openvpn --config amaram.vpn.conf --log /tmp/openvpn.log
Leave a Reply