[SOLVED]Question about building custom image



  • Thank you @WereCatf !

    I'll try to have a look at it this week. If I'm able to enable WiFi I will stick to my image as GPIO's are working perfectly.



  • Excuse me for the double post, I add these lines to /etc/config/wireless

    config wifi-iface
        option device 'radio0'
        option network 'wwan'
        option mode 'sta'
        option ssid 'myssid'
        option encryption 'psk2'
        option key 'mykey'
        option disabled '0'
    

    Then I do wifi up and it''s not working. I can connect to the Omega2+ but not the other way round.

    Thank you.



  • @Iker You're only configuring how the wireless-device connects to the WiFi-network, but you're not configuring the network itself on the Omega2. Make sure you have the following in /etc/config/network:

    config interface 'wwan'
            option proto 'dhcp'
    

    And edit /etc/config/firewall:

    config zone
            option name 'lan'
            option input 'ACCEPT'
            option output 'ACCEPT'
            option forward 'ACCEPT'
            option network 'lan wwan'
    


  • Thank you @WereCatf

    Added the line to /etc/config/network

    Also edited /etc/config/firewall

    Restarted both network and firewall, not working. Rebooted, not working.



  • @Iker In /etc/config/wireless, do you have channel as auto? It needs to be specified, auto doesn't seem to work. It's a bug in the driver.



  • Edit: it's working!

    The last time was just the hotspot was not properly created. Thank you @WereCatf !

    In case anyone wants to try: http://www74.zippyshare.com/v/v8arpumN/file.html

    Both Omega2-ctrl and fast-gpio working. It's a bit heavy, I think, due to having nano installed (I prefer it to vi) I will update with how to config WiFi, even though it's explained along the topic.

    Just for the Omega2 plus!



  • @Iker Hi, I am looking into the same issue. I am not getting the Wifi up on the self built LEDE Firmware! Do you have the steps? I got all the settings configured as described in this post but seems to not getting anywhere.

    If I define "rao" and doing "wifi up" I get:
    ra0(ralink): Interface type not supported
    'radio0' is disabled
    ra0(ralink): Interface type not supported
    'radio0' is disabled

    If I change to "radio0" I get:
    'radio0' is disabled
    'radio0' is disabled

    But I am not sure I know if I do any of this right. Any help would be much appreciated!



  • Hi @michael-westberg let's see if we're able to make it work.

    First edit /etc/config/wireless. Don't change/delete anything, just add this

    config wifi-iface
        option device 'radio0'
        option network 'wwan'
        option mode 'sta'
        option ssid 'myssid'
        option encryption 'psk2'
        option key 'mykey'
        option disabled '0'
    

    Now be sure that you have this, or add it, to /etc/config/network:

    config interface 'wwan'
            option proto 'dhcp'
    

    Finally, add this to /etc/config/firewall:

    config zone
            option name 'lan'
            option input 'ACCEPT'
            option output 'ACCEPT'
            option forward 'ACCEPT'
            option network 'lan wwan'
    


  • @Michael-Westberg There is no ra0 in a custom image, ra0 specifically refers to the proprietary WiFi-driver. In custom-images it's wlan0.



  • @Iker , @WereCatf : Thanks for the answers! I added the details you suggested, and I got further. I can see the MAC address on my router of the Omega2 but it is not given an IPv4 address. When using the Firmware coming with the Omega 2, I get an IP address right away. The Omega seems to keep scanning but at least "wifi up" did not produce an error now.

    WereCatf: So do I call the option device 'radio0' or 'wlan0'??



  • @Iker , @WereCatf : Here is my full isting of my settings, the SSID and Key are of course set to mine specific.

    cat /etc/config/wireless

    config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/10300000.wmac'
        option htmode 'HT20'
        option disabled '0'
    
    config wifi-iface
        option device 'radio0'
        option network 'wwan'
        option mode 'sta'
        option ssid 'myssid'
        option encryption 'psk2'
        option key 'mykey'
        option disabled '0'
    

    cat /etc/config/network

    	config interface 'loopback'
            option ifname 'lo'
        	option proto 'static'
            option ipaddr '127.0.0.1'
            option netmask '255.0.0.0'
    
    config globals 'globals'
        	option ula_prefix 'fd1d:48c4:7633::/48'
    
    config interface 'wlan'
            option type 'bridge'
            option ifname 'eth0.1'
            option proto 'static'
            option ipaddr '192.168.3.1'
            option netmask '255.255.255.0'
            option ip6assign '60'
    
    config interface 'wan'
    	option ifname 'eth0'
        	option proto 'dhcp'
    
    config interface 'wwan'
        	option ifname 'apcli0'
        	option proto 'dhcp'
    

    cat /etc/config/firewall

    config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option disable_ipv6 '1'
    
    config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan wlan'
    
    config zone
        option name 'wan'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wwan'
        option input 'ACCEPT'
    
    config forwarding
        option src 'lan'
        option dest 'wan'
    
    config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'
    
    config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'
    
    config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'
    
    config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'
    
    config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'
    
    config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'
    
    config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'
    
    config include
        option path '/etc/firewall.user'
    
    config rule
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'
    
    config rule
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
    option target 'ACCEPT'


  • @Iker , @WereCatf šŸ’Æ
    Here is my ifconfig:

    root@Omega-8AE3:/# ifconfig

          br-wlan   Link encap:Ethernet  HWaddr 40:A3:6B:C0:8A:E5
          inet addr:192.168.3.1  Bcast:192.168.3.255  Mask:255.255.255.0
          inet6 addr: fd1d:48c4:7633::1/60 Scope:Global
          inet6 addr: fe80::42a3:6bff:fec0:8ae5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:85 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:14518 (14.1 KiB)
    
          eth0      Link encap:Ethernet  HWaddr 40:A3:6B:C0:8A:E5
          inet6 addr: fe80::42a3:6bff:fec0:8ae5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:39805 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:13596679 (12.9 MiB)
          Interrupt:5
    
          eth0.1    Link encap:Ethernet  HWaddr 40:A3:6B:C0:8A:E5
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:85 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:14518 (14.1 KiB)
    
          lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:95360 errors:0 dropped:0 overruns:0 frame:0
          TX packets:95360 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:6198472 (5.9 MiB)  TX bytes:6198472 (5.9 MiB)
    
          wlan0     Link encap:Ethernet  HWaddr 40:A3:6B:C0:8A:E3
          inet6 addr: fe80::42a3:6bff:fec0:8ae3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1084 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:155531 (151.8 KiB)  TX bytes:1486 (1.4 KiB)


  • Hi @michael-westberg

    At first sight I can see that you have some differences on your firewall config, but you also define different networks that I don't have. If you want you can make a backup of your files and I upload my config files in a two-three hours. Then you can use mines, just changing SSID and key to check if it works.

    Excuse me for not being so helpful but I'm not really good at networks.

    Edit: if anyone else wants to use it, will be available for 30 days. If deleted, ask me for it. Probably should create a repo when playing more with the Omega2+

    https://ufile.io/b90db



  • @Iker Thanks. The file is supposed to be 2.5kB but when downloading I get an executable (exe) and is 778kB. I never used that site for downloads but that smells like a virus...! Do you mind posting your actual content of the files here? If your config is that small, if you cat the files you shouldn't have much to post. Thanks!



  • @Iker Yeap, the first download from that site is a virus! Be careful using that because I assume that is not your virus... šŸ˜‰ Second time trying the download, it gave me the file. Not a secure place!



  • I feel really sorry. Some days ago I think on another post, someone reported zippyshare (what I used for casual file sharing) as being blocked by the browser, that's why I changed this time to this service I had never used before.

    I feel really ashamed, please don't think I'm trying to spread any kind of virus. However, I tried to donwload the file and just got the file. Anyway, I'll start a repo or something and host everything there.



  • @Iker Hey, not accusing you! Sites sometimes add things to your uploaded files without your knowledge. No Worries!



  • @Iker, @WereCatf Still having troubles though! I get the wifi up now. I can ping FROM the Onion (using the serial connection) to www.google.com. However, I cannot reach it form the outside. So I cannot ping it from the outside and when I start my server on it, it is not reachable. Same code as I ran on the official Onion Firmware and works.
    The Ethernet devices looks a bit weird though, I get 192.168.0.9 and 192.168.0.21. And I get TWO wlan0 devices.

    Maybe @WereCatf has some ideas, she seems to have a grasp on a lot of things with Onion! Do you see anything in the below:

    root@Omega-8AE3:/# ifconfig
    br-lan    Link encap:Ethernet  HWaddr 40:A3:6B:C0:AD:30
          inet addr:192.168.0.9  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fd51:27a7:6905::1/60 Scope:Global
          inet6 addr: fe80::42a3:6bff:fec0:ad30/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:521 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:22442 (21.9 KiB)
    
    eth0      Link encap:Ethernet  HWaddr 40:A3:6B:C0:AD:30
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:528 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:23993 (23.4 KiB)
          Interrupt:5
    
    lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:70 errors:0 dropped:0 overruns:0 frame:0
          TX packets:70 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:6477 (6.3 KiB)  TX bytes:6477 (6.3 KiB)
    
    wlan0     Link encap:Ethernet  HWaddr 40:A3:6B:C0:8A:E3
          inet addr:192.168.0.21  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::42a3:6bff:fec0:8ae3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:217905 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1696 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:35867693 (34.2 MiB)  TX bytes:283192 (276.5 KiB)
    
    wlan0-1   Link encap:Ethernet  HWaddr 42:A3:6B:C0:8A:E3
          inet6 addr: fe80::40a3:6bff:fec0:8ae3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:479 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:29212 (28.5 KiB)


  • @Michael-Westberg said in [SOLVED]Question about building custom image:

    @Iker, @WereCatf Still having troubles though! I get the wifi up now. I can ping FROM the Onion (using the serial connection) to www.google.com. However, I cannot reach it form the outside. So I cannot ping it from the outside and when I start my server on it, it is not reachable. Same code as I ran on the official Onion Firmware and works.

    Sounds like you didn't set up your firewall correctly. Make sure the network you have your WiFi-devices is in 'LAN' firewall-zone.



  • @Michael-westberg I know that you're not accusing šŸ™‚ just felt I should apologise. By the way, if you wait till the free download count goes to 0 and then click, you won't get any .exe.

    I agree with @WereCatf that should be something firewall related. On the Onion2+ my config, the one that he's using now is

    config defaults
    	option syn_flood	1
    	option input		ACCEPT
    	option output		ACCEPT
    	option forward		REJECT
    # Uncomment this line to disable ipv6 rules
    #	option disable_ipv6	1
    
    config zone
    	option name		lan
    	list   network		'lan wwan'
    	option input		ACCEPT
    	option output		ACCEPT
    	option forward		ACCEPT
    	option network 		'lan wwan'
    
    config zone
    	option name		wan
    	list   network		'wan'
    	list   network		'wan6'
    	option input		REJECT
    	option output		ACCEPT
    	option forward		REJECT
    	option masq		1
    	option mtu_fix		1
    
    config forwarding
    	option src		lan
    	option dest		wan
    
    # We need to accept udp packets on port 68,
    # see https://dev.openwrt.org/ticket/4108
    config rule
    	option name		Allow-DHCP-Renew
    	option src		wan
    	option proto		udp
    	option dest_port	68
    	option target		ACCEPT
    	option family		ipv4
    
    # Allow IPv4 ping
    config rule
    	option name		Allow-Ping
    	option src		wan
    	option proto		icmp
    	option icmp_type	echo-request
    	option family		ipv4
    	option target		ACCEPT
    
    config rule
    	option name		Allow-IGMP
    	option src		wan
    	option proto		igmp
    	option family		ipv4
    	option target		ACCEPT
    
    # Allow DHCPv6 replies
    # see https://dev.openwrt.org/ticket/10381
    config rule
    	option name		Allow-DHCPv6
    	option src		wan
    	option proto		udp
    	option src_ip		fc00::/6
    	option dest_ip		fc00::/6
    	option dest_port	546
    	option family		ipv6
    	option target		ACCEPT
    
    config rule
    	option name		Allow-MLD
    	option src		wan
    	option proto		icmp
    	option src_ip		fe80::/10
    	list icmp_type		'130/0'
    	list icmp_type		'131/0'
    	list icmp_type		'132/0'
    	list icmp_type		'143/0'
    	option family		ipv6
    	option target		ACCEPT
    
    # Allow essential incoming IPv6 ICMP traffic
    config rule
    	option name		Allow-ICMPv6-Input
    	option src		wan
    	option proto	icmp
    	list icmp_type		echo-request
    	list icmp_type		echo-reply
    	list icmp_type		destination-unreachable
    	list icmp_type		packet-too-big
    	list icmp_type		time-exceeded
    	list icmp_type		bad-header
    	list icmp_type		unknown-header-type
    	list icmp_type		router-solicitation
    	list icmp_type		neighbour-solicitation
    	list icmp_type		router-advertisement
    	list icmp_type		neighbour-advertisement
    	option limit		1000/sec
    	option family		ipv6
    	option target		ACCEPT
    
    # Allow essential forwarded IPv6 ICMP traffic
    config rule
    	option name		Allow-ICMPv6-Forward
    	option src		wan
    	option dest		*
    	option proto		icmp
    	list icmp_type		echo-request
    	list icmp_type		echo-reply
    	list icmp_type		destination-unreachable
    	list icmp_type		packet-too-big
    	list icmp_type		time-exceeded
    	list icmp_type		bad-header
    	list icmp_type		unknown-header-type
    	option limit		1000/sec
    	option family		ipv6
    	option target		ACCEPT
    
    # include a file with users custom iptables rules
    config include
    	option path /etc/firewall.user
    
    # allow IPsec/ESP and ISAKMP passthrough
    config rule
    	option src		wan
    	option dest		lan
    	option proto		esp
    	option target		ACCEPT
    
    config rule
    	option src		wan
    	option dest		lan
    	option dest_port	500
    	option proto		udp
    	option target		ACCEPT
    

    There's a reject on wan interface, but that shouldn't affect as the one being used is wwan, correct? Still learning.


Log in to reply
 

Looks like your connection to Community was lost, please wait while we try to reconnect.