Wireless setup

Lazar Demin

@Guest Yes I figured your laptop can connect to your network just fine without the Omega...

What I was saying is using your Omega Ethernet Bridge with another laptop or computer. So we can find out if the problem is your laptop or the Omega!

Guest

@Lazar-Demin First computer tested was my laptop running windows vista it fails.
Second computer tested was my laptop Macbook it failed.

I do see this on the omega terminal window:

[ 8393.870000] eth0: link up (100Mbps/Full duplex)
[ 8393.870000] br-lan: port 1(eth0) entered forwarding state
[ 8393.880000] br-lan: port 1(eth0) entered forwarding state
[ 8395.880000] br-lan: port 1(eth0) entered forwarding state

But no connection can be made.

Luciano S.

I remember to read in one of the Tutorials about using the Omega as router, you have to give access between the wireless and the network over the network adapter. But don't ask me in witch one!

Guest

@Luciano-S. Sorry Luciano but not sure what you are saying, so this my best guess.

The LAN and WLAN could be bridged on the omega in order for this to work and as per tutorial this is were he points out doing the following which I have incorporated into the configuration but still does not work.

CONFIGURE FIREWALL FILE
Step 3: Connect the Two Interfaces via Firewall Configuration
At this point you are asked to modify the /etc/config/firewall file as follows:
add;
line list network 'lan' to the firewall configuration file which I completed.

config zone
    option name     lan
    list   network      'wlan'
    list   network      'lan'    
    option input        ACCEPT
    option output       ACCEPT
    option forward      ACCEPT
	
	
REBOOT

Luciano S.

Yes something like this I had in mind. You could do a ifconfig on the omega and post here.

At least the lan IP from the Omega should be in the same range as your Home-lan. I could imagine if this is not the same, you will not reach the DHCP Server from your network.

On a windows computer you can see the IP with ipconfig /all in terminal (cmd).

@Guest if you really need this so much ... you probably should think to hire someone who does this config for you.

Guest

@Luciano-S.
After running ifconfig -a on the omega configured as per tutorial: Using the Omega as a WiFi Ethernet Bridge
Here is what I got.

root@Omega-xxxx:/# ifconfig -a
br-lan    Link encap:Ethernet  HWaddr 40:A3:6B:C1:17:0B
          inet addr:192.168.3.1  Bcast:192.168.3.255  Mask:255.255.255.0
          inet6 addr: fe80::42a3:6bff:fec1:170b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:157 errors:0 dropped:0 overruns:0 frame:0
          TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:20802 (20.3 KiB)  TX bytes:5884 (5.7 KiB)

eth0      Link encap:Ethernet  HWaddr 40:A3:6B:C1:17:0B
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:242 errors:0 dropped:12 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:38638 (37.7 KiB)  TX bytes:10088 (9.8 KiB)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3264 (3.1 KiB)  TX bytes:3264 (3.1 KiB)

wlan0     Link encap:Ethernet  HWaddr 40:A3:6B:C1:17:0C
          inet6 addr: fe80::42a3:6bff:fec1:170c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:4353 (4.2 KiB)

As for the IP from the Omega being in the same range as my home-lan that has occurred to me and thought as you did this was stopping the DHCP server from seeing the Omega. Tested this by changing the IP address in this section of the /etc/config/network file.

config interface 'lan'
   option ifname 'eth0'
   option type 'bridge'
   option proto 'static'
   option ipaddr '192.168.1.98'
   option netmask '255.255.255.0'
   option ip6assign '60'



The results from  running ifconfig -a:

root@Omega-170B:/# ifconfig -a
br-lan    Link encap:Ethernet  HWaddr 40:A3:6B:C1:17:0B
          inet addr:192.168.1.98  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::42a3:6bff:fec1:170b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:190 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:23763 (23.2 KiB)  TX bytes:6088 (5.9 KiB)

eth0      Link encap:Ethernet  HWaddr 40:A3:6B:C1:17:0B
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:306 errors:0 dropped:11 overruns:0 frame:0
          TX packets:65 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:45989 (44.9 KiB)  TX bytes:15250 (14.8 KiB)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:144 errors:0 dropped:0 overruns:0 frame:0
          TX packets:144 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:9792 (9.5 KiB)  TX bytes:9792 (9.5 KiB)

wlan0     Link encap:Ethernet  HWaddr 40:A3:6B:C1:17:0C
          inet6 addr: fe80::42a3:6bff:fec1:170c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:4301 (4.2 KiB)

The output from the ipconfig /all file did not show DHCP assigned address indicating it is not seeing the LAN side of the Omega.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-1D-72-FA-0A-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::15c5:7634:3aff:347c%10(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.52.124(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 218111346
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-51-1E-DE-00-1D-72-FA-0A-B9
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

As shown above DHCP is configured but the laptop is not getting assigned IP address.

As for needing this so much ....everyone loves a challenge and this is mine. Have been working on this a while keeping one eye on this board to see if anyone has figured out how to make this work and the other continuing to
test and experiment.

Luciano S.

@Guest you have to be more attentive. If you went trough the tutorial 5 or 6 times you have to go trough again and do what is written there.

For example, in your ifconfig from the Omega, you have a br-lan. In the tutorial i dont see a br-lan?! You have to be consequent with the naming. Otherwise it will never work.
Why not? Because you named the lan "br-lan" and in the config of the Firewall it is named just "lan" !! Find the config file on the Omega and change it to the name as in the tutorial.

@Guest said:

As for needing this so much ....everyone loves a challenge and this is mine.

Yes learning by doing is a good way to get further. But keep in mind that almost everyone is helping here for free and this without an obligation. So, for missing knowledge you have to give your self more time and should not force to much.

Guest

@Luciano-S. Going to review the steps in " Using the Omega as a WiFi Ethernet Bridge" verbatim, see if I can find your noted "br-lan" naming convention.
It would be appreciated if you posted your files when you went through the tutorial allowing me to see your results compared to the files I posted.
The focal point will be on the area you point out, I am interested as you are as to what created the "br-lan" section of the ifconfig -a report shown in my reply above.
Till then thank you and onward with the experimentation.

Showering accolades and kudos aplenty upon thee.

Guest

This was very interesting you pointed out I named the “lan” as “br-lan” as seen in the ifconfig -a report I posted earlier.

@Luciano-S said: For example, in your ifconfig from the Omega, you have a br-lan. In the tutorial i dont see a br-lan?! You have to be consequent with the naming. Otherwise it will never work.
Why not?
Because you named the lan "br-lan" and in the config of the Firewall it is named just "lan" !! Find the config file on the Omega and change it to the name as in the tutorial.

There is nowhere in the tutorial, as you point out, where you are instructed to name a
section “br-lan” and as a result nowhere did I do so. It is my theory this only appears as a function of the config -a command and not in any configuration files, whether it be network or firewall files.

Luciano S.

To quote me you have to write

@luciano said:
> my quotes ... 

then it appears like that:
@luciano said:

my quotes ...

Luciano S.

If you don't find where you configured it the "br-lan", try in the firewall section to use "br-lan" !!

By the way, I don't have all the equipment to do the tutorial ... but just from reading here i get chicken skin

Guest

@Luciano-S. Finding where I configured it, is impossible, as stated in my reply I never configured any file to carry the name "br-lan"
As for trying to change the firewall configuration file from any setting carrying the "lan" name to "br-lan" hmm seems kind of arbitrary,
but will done none the less.
There are a couple of places where this shows up in the firewall configuration file as show below using
<----change to br-lan to indicate where I changed in the firewall config file as you suggested.

Below see notes where I changed "lan" to "br-lan" assuming that is what you meant. After which will post results. Fingers crossed.

root@Omega-xxxx:/etc/config# cat firewall
config defaults
    option syn_flood    1
    option input        ACCEPT
    option output       ACCEPT
    option forward      REJECT
# Uncomment this line to disable ipv6 rules
    option disable_ipv6 1

config zone
    option name     lan      <----change to br-lan
    list   network      'wlan'
    list   network      'lan'  <----change to br-lan 
    option input        ACCEPT
    option output       ACCEPT
    option forward      ACCEPT

config zone
    option name     wan
    list   network      'wwan'
    list   network      'wan'
    #list   network     'wan6'
    option input        ACCEPT
    option output       ACCEPT
    option forward      ACCEPT
    option masq     1
    option mtu_fix      1

config forwarding
    option src      lan      <----change to br-lan
    option dest     wan

# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
    option name     Allow-DHCP-Renew
    option src      wan
    option proto        udp
    option dest_port    68
    option target       ACCEPT
    option family       ipv4

# Allow IPv4 ping
config rule
    option name     Allow-Ping
    option src      wan
    option proto        icmp
    option icmp_type    echo-request
    option family       ipv4
    option target       ACCEPT

# Allow DHCPv6 replies
# see https://dev.openwrt.org/ticket/10381
config rule
    option name     Allow-DHCPv6
    option src      wan
    option proto        udp
    option src_ip       fe80::/10
    option src_port     547
    option dest_ip      fe80::/10
    option dest_port    546
    option family       ipv6
    option target       ACCEPT

# Allow essential incoming IPv6 ICMP traffic
config rule
    option name     Allow-ICMPv6-Input
    option src      wan
    option proto    icmp
    list icmp_type      echo-request
    list icmp_type      echo-reply
    list icmp_type      destination-unreachable
    list icmp_type      packet-too-big
    list icmp_type      time-exceeded
    list icmp_type      bad-header
    list icmp_type      unknown-header-type
    list icmp_type      router-solicitation
    list icmp_type      neighbour-solicitation
    list icmp_type      router-advertisement
    list icmp_type      neighbour-advertisement
    option limit        1000/sec
    option family       ipv6
    option target       ACCEPT

# Allow essential forwarded IPv6 ICMP traffic
config rule
    option name     Allow-ICMPv6-Forward
    option src      wan
    option dest     *
    option proto        icmp
    list icmp_type      echo-request
    list icmp_type      echo-reply
    list icmp_type      destination-unreachable
    list icmp_type      packet-too-big
    list icmp_type      time-exceeded
    list icmp_type      bad-header
    list icmp_type      unknown-header-type
    option limit        1000/sec
    option family       ipv6
    option target       ACCEPT

# include a file with users custom iptables rules
config include
    option path /etc/firewall.user


### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
#   option src      lan
#   option src_ip   192.168.45.2
#   option dest     wan
#   option proto    tcp
#   option target   REJECT

# block a specific mac on wan
#config rule
#   option dest     wan
#   option src_mac  00:11:22:33:44:66
#   option target   REJECT

# block incoming ICMP traffic on a zone
#config rule
#   option src      lan
#   option proto    ICMP
#   option target   DROP

# port redirect port coming in on wan to lan
#config redirect
#   option src          wan
#   option src_dport    80
#   option dest         lan
#   option dest_ip      192.168.16.235
#   option dest_port    80
#   option proto        tcp

# port redirect of remapped ssh port (22001) on wan
#config redirect
#   option src      wan
#   option src_dport    22001
#   option dest     lan
#   option dest_port    22
#   option proto        tcp

# allow IPsec/ESP and ISAKMP passthrough
#config rule
#   option src      wan
#   option dest     lan
#   option protocol     esp
#   option target       ACCEPT

#config rule
#   option src      wan
#   option dest     lan
#   option src_port     500
#   option dest_port    500
#   option proto        udp
#   option target       ACCEPT

### FULL CONFIG SECTIONS
#config rule
#   option src      lan
#   option src_ip   192.168.45.2
#   option src_mac  00:11:22:33:44:55
#   option src_port 80
#   option dest     wan
#   option dest_ip  194.25.2.129
#   option dest_port    120
#   option proto    tcp
#   option target   REJECT

#config redirect
#   option src      lan
#   option src_ip   192.168.45.2
#   option src_mac  00:11:22:33:44:55
#   option src_port     1024
#   option src_dport    80
#   option dest_ip  194.25.2.129
#   option dest_port    120
#   option proto    tcp

Guest

@Luciano-S tried and no success thanks for the ideas, though.

Guest

@administrators Have decided to continue to experiment with this setup attempting to make it function. Have one last request before I do and that is could you post the network, wireless and firewall files used in the working session you have completed.

Thank you.

Guest

Never mind got it working.

Luciano S.

@Guest said:

Never mind got it working.

Would be nice if you share your learning curve with other newbies, in the spirit of open-source!

Guest

Now for the cleaning up of the procedure, more to come.

Gabriel Ongpauco

Hi @Guest,

I have done the Ethernet Bridge Tutorial (https://wiki.onion.io/Tutorials/Using-Omega-As-Wifi-Ethernet-Bridge) and enabled Internet access on my laptop (with its wireless radios turned off) via an Ethernet cable and the Ethernet Expansion. I am actually using the forum and writing this post using only said Ethernet connection. This procedure takes about 5 minutes.

Full example /etc/config/network and /etc/config/firewall files are available in their modified and "ready" state here: https://gist.github.com/gbo-actual/ac79e9345a477b0024b368b292d4492b. The link to these files have been added to the tutorial above.

Once you have updated the files, run the two commands in this specific order (or reboot the Omega):

/etc/init.d/firewall restart
/etc/init.d/network restart

And wait until it has finished (the command prompt will reappear). You can now plug in an Ethernet-capable device to the Omega (if it's your computer, disconnect from any wireless networks first).

When acting as an Ethernet bridge, this disables the Omega's WiFi AP.

Gabe

Guest

@Gabriel-Ongpauco Thank you Gab, dropped your configuration files over mine (rebooted) and the connection continued to function. Would you post the wireless configuration file?
Held off posting my solution due to one problem. When connecting laptop all works fine no problems can be found.
But when I connect my Mole camera as the only device entering the ethernet expansion port it does not work.
The Mole camera functions fine when I bypass the Omega and connect directly in my LAN switch.
One test involved turning off the firewall but still no go.

Agreed concerning turning off the wireless radio on laptop so to avoid alternative wifi connection screwing up the testing. Only using the hardwired ethernet connection on the laptop. As a test I unplug to make sure I am not getting signal from wifi as opposed to hardwired ethernet.

Luciano S.

@Guest said in Wireless setup:

But when I connect my Mole camera as the only device entering the ethernet expansion port it does not work.

Does the cam not have a fix ip in a other range than the Omega?? If yes change it to something like 192.168.3.xx (xx) means a number outside of your DHCP range. Otherwise you can get difficulties when you have duplicated IP's.