Wireless setup
-
@Luciano-S. Finding where I configured it, is impossible, as stated in my reply I never configured any file to carry the name "br-lan"
As for trying to change the firewall configuration file from any setting carrying the "lan" name to "br-lan" hmm seems kind of arbitrary,
but will done none the less.
There are a couple of places where this shows up in the firewall configuration file as show below using
<----change to br-lan to indicate where I changed in the firewall config file as you suggested.Below see notes where I changed "lan" to "br-lan" assuming that is what you meant. After which will post results. Fingers crossed.
root@Omega-xxxx:/etc/config# cat firewall config defaults option syn_flood 1 option input ACCEPT option output ACCEPT option forward REJECT # Uncomment this line to disable ipv6 rules option disable_ipv6 1 config zone option name lan <----change to br-lan list network 'wlan' list network 'lan' <----change to br-lan option input ACCEPT option output ACCEPT option forward ACCEPT config zone option name wan list network 'wwan' list network 'wan' #list network 'wan6' option input ACCEPT option output ACCEPT option forward ACCEPT option masq 1 option mtu_fix 1 config forwarding option src lan <----change to br-lan option dest wan # We need to accept udp packets on port 68, # see https://dev.openwrt.org/ticket/4108 config rule option name Allow-DHCP-Renew option src wan option proto udp option dest_port 68 option target ACCEPT option family ipv4 # Allow IPv4 ping config rule option name Allow-Ping option src wan option proto icmp option icmp_type echo-request option family ipv4 option target ACCEPT # Allow DHCPv6 replies # see https://dev.openwrt.org/ticket/10381 config rule option name Allow-DHCPv6 option src wan option proto udp option src_ip fe80::/10 option src_port 547 option dest_ip fe80::/10 option dest_port 546 option family ipv6 option target ACCEPT # Allow essential incoming IPv6 ICMP traffic config rule option name Allow-ICMPv6-Input option src wan option proto icmp list icmp_type echo-request list icmp_type echo-reply list icmp_type destination-unreachable list icmp_type packet-too-big list icmp_type time-exceeded list icmp_type bad-header list icmp_type unknown-header-type list icmp_type router-solicitation list icmp_type neighbour-solicitation list icmp_type router-advertisement list icmp_type neighbour-advertisement option limit 1000/sec option family ipv6 option target ACCEPT # Allow essential forwarded IPv6 ICMP traffic config rule option name Allow-ICMPv6-Forward option src wan option dest * option proto icmp list icmp_type echo-request list icmp_type echo-reply list icmp_type destination-unreachable list icmp_type packet-too-big list icmp_type time-exceeded list icmp_type bad-header list icmp_type unknown-header-type option limit 1000/sec option family ipv6 option target ACCEPT # include a file with users custom iptables rules config include option path /etc/firewall.user ### EXAMPLE CONFIG SECTIONS # do not allow a specific ip to access wan #config rule # option src lan # option src_ip 192.168.45.2 # option dest wan # option proto tcp # option target REJECT # block a specific mac on wan #config rule # option dest wan # option src_mac 00:11:22:33:44:66 # option target REJECT # block incoming ICMP traffic on a zone #config rule # option src lan # option proto ICMP # option target DROP # port redirect port coming in on wan to lan #config redirect # option src wan # option src_dport 80 # option dest lan # option dest_ip 192.168.16.235 # option dest_port 80 # option proto tcp # port redirect of remapped ssh port (22001) on wan #config redirect # option src wan # option src_dport 22001 # option dest lan # option dest_port 22 # option proto tcp # allow IPsec/ESP and ISAKMP passthrough #config rule # option src wan # option dest lan # option protocol esp # option target ACCEPT #config rule # option src wan # option dest lan # option src_port 500 # option dest_port 500 # option proto udp # option target ACCEPT ### FULL CONFIG SECTIONS #config rule # option src lan # option src_ip 192.168.45.2 # option src_mac 00:11:22:33:44:55 # option src_port 80 # option dest wan # option dest_ip 194.25.2.129 # option dest_port 120 # option proto tcp # option target REJECT #config redirect # option src lan # option src_ip 192.168.45.2 # option src_mac 00:11:22:33:44:55 # option src_port 1024 # option src_dport 80 # option dest_ip 194.25.2.129 # option dest_port 120 # option proto tcp
-
@Luciano-S tried and no success thanks for the ideas, though.
-
@administrators Have decided to continue to experiment with this setup attempting to make it function. Have one last request before I do and that is could you post the network, wireless and firewall files used in the working session you have completed.
Thank you.
-
Never mind got it working.
-
@Guest said:
Never mind got it working.
Would be nice if you share your learning curve with other newbies, in the spirit of open-source!
-
Now for the cleaning up of the procedure, more to come.
-
Hi @Guest,
I have done the Ethernet Bridge Tutorial (https://wiki.onion.io/Tutorials/Using-Omega-As-Wifi-Ethernet-Bridge) and enabled Internet access on my laptop (with its wireless radios turned off) via an Ethernet cable and the Ethernet Expansion. I am actually using the forum and writing this post using only said Ethernet connection. This procedure takes about 5 minutes.
Full example
/etc/config/network
and/etc/config/firewall
files are available in their modified and "ready" state here: https://gist.github.com/gbo-actual/ac79e9345a477b0024b368b292d4492b. The link to these files have been added to the tutorial above.Once you have updated the files, run the two commands in this specific order (or reboot the Omega):
/etc/init.d/firewall restart /etc/init.d/network restart
And wait until it has finished (the command prompt will reappear). You can now plug in an Ethernet-capable device to the Omega (if it's your computer, disconnect from any wireless networks first).
When acting as an Ethernet bridge, this disables the Omega's WiFi AP.
Gabe
-
@Gabriel-Ongpauco Thank you Gab, dropped your configuration files over mine (rebooted) and the connection continued to function. Would you post the wireless configuration file?
Held off posting my solution due to one problem. When connecting laptop all works fine no problems can be found.
But when I connect my Mole camera as the only device entering the ethernet expansion port it does not work.
The Mole camera functions fine when I bypass the Omega and connect directly in my LAN switch.
One test involved turning off the firewall but still no go.Agreed concerning turning off the wireless radio on laptop so to avoid alternative wifi connection screwing up the testing. Only using the hardwired ethernet connection on the laptop. As a test I unplug to make sure I am not getting signal from wifi as opposed to hardwired ethernet.
-
@Guest said in Wireless setup:
But when I connect my Mole camera as the only device entering the ethernet expansion port it does not work.
Does the cam not have a fix ip in a other range than the Omega?? If yes change it to something like 192.168.3.xx (xx) means a number outside of your DHCP range. Otherwise you can get difficulties when you have duplicated IP's.
-
My laptop automatically receives all the settings needed to connect via DHCP setting on the laptop. The same settings were configured on the camera as stated before it handled the DHCP connection flawlessly while bypassing the Omega, connected to my LAN. So no, it does not have a fixed or static IP address.
-
The wireless file (I assume you mean
/etc/config/wireless
) was not changed during the tutorial and it should be fine to use from a factory reset if you need a fresh one. This is also where wifi login info is stored, so I cannot post mine.I suggest playing around more with your camera's setup and settings since as far as we can tell, the Omega is providing network access through the Ethernet Expansion and functioning normally.
-
@Gabriel-Ongpauco Your assumption was correct the /etc/config/wireless file. FYI if you are stating your 'login info' is exposed I just comment over the top of it like:
And one last request could you post the results from ifconfig -a from your setup? Thank you appreciate your help.config wifi-device 'radio0' option type 'mac80211' option hwmode '11g' option path 'platform/ar933x_wmac' option htmode 'HT20' option disabled '0' option channel '9' option txpower '30' option country 'US' config wifi-iface option device 'radio0' option network 'wlan' option mode 'ap' option ssid 'Omega-1234' option encryption 'psk2' option key 'just comment over it' option disabled '0' config wifi-iface option device 'radio0' option ssid 'mine' option encryption 'psk2' option network 'wwan' option mode 'sta' option key 'not shown' option disabled '0'
-
@None-None With little or no knowledge dicided to try verbatim your suggestion.
Started with a FACTORY RESET Omega.
Then checked out the names of the interfaces which would be needed with the brctl command.Ran the ifconfig -a command and got the following:
/# ifconfig -a eth0 Link encap:Ethernet HWaddr 40:A3:6B:C1:17:0B BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:6 errors:0 dropped:3 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:583 (583.0 B) TX bytes:0 (0.0 B) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:144 errors:0 dropped:0 overruns:0 frame:0 TX packets:144 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9792 (9.5 KiB) TX bytes:9792 (9.5 KiB) wlan0 Link encap:Ethernet HWaddr 40:A3:6B:C1:17:0C inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 inet6 addr: fe80::42a3:6bff:fec1:170c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:43 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:9272 (9.0 KiB)
Then ran ….
# brctl addbr br-lan # brctl addif br-lan eth0 wlan0 [ 485.950000] device eth0 entered promiscuous mode brctl: invalid argument 'wlan0' to 'brctl'
config -a after running the brctl command:
# ifconfig -a br-lan Link encap:Ethernet HWaddr 40:A3:6B:C1:17:0B BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) eth0 Link encap:Ethernet HWaddr 40:A3:6B:C1:17:0B BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:6 errors:0 dropped:3 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:583 (583.0 B) TX bytes:0 (0.0 B) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:2064 errors:0 dropped:0 overruns:0 frame:0 TX packets:2064 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:140352 (137.0 KiB) TX bytes:140352 (137.0 KiB) wlan0 Link encap:Ethernet HWaddr 40:A3:6B:C1:17:0C inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 inet6 addr: fe80::42a3:6bff:fec1:170c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:43 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:9272 (9.0 KiB)
Seems like the wlan is not the correct entry, maybe at this point you can see what it is leading me astray?
-
This post is deleted!
-
@Guest Hi, Thanks for explaining in detail. Is your tutorial will work for:
Changing network priority between Ethernet and WIFI.
- Ethernet need to be at 1st priority.
- WIFI needed just as fallback network, If ethernet not working then search for WIFI connectivity