A portable router to use on the go, based on OpenWrt and Raspberry Pi 5.
Network adapters:
- D-Link DUB 1312 USB 3.0 Gigabit Ethernet Adapter
- Wi-Pi 11n 150 Mbps Wi-Fi USB Adapter
Change Wireless LAN country code and update EEPROM from inside Raspberry Pi OS (see this).
Download OpenWrt FACTORY (SQUASHFS) snapshot image. Flash the image, insert the microSD card into Raspberry Pi and power on.
Change password for root
after first boot.
uci set system.@system[0].hostname='rocinante.lan'
uci set system.@system[0].description='When in Rome'
uci set system.@system[0].zonename='Europe/Bucharest'
uci set system.@system[0].timezone='EET-2EEST,M3.5.0/3,M10.5.0/4'
uci delete system.ntp.server
uci add_list system.ntp.server='0.pool.ntp.org'
uci add_list system.ntp.server='1.pool.ntp.org'
uci add_list system.ntp.server='2.pool.ntp.org'
uci add_list system.ntp.server='3.pool.ntp.org'
uci commit system
echo -e "\nexport router_lan_ip=172.24.42.65\nexport router_lan_bitmask=27" >> ~/.profile
source ~/.profile
uci delete network.lan.netmask
uci set network.lan.ipaddr="${router_lan_ip}/${router_lan_bitmask}"
uci set network.lan.force_link=1
uci set network.wan=interface
uci set network.wan.proto='dhcp'
uci set network.wan.peerdns='0'
uci set network.wan.dns='1.1.1.3 1.0.0.3'
uci add network device
uci set network.@device[1].name='phy0-sta0'
uci commit network
Update DHCP range:
uci set dhcp.lan.start='67'
uci set dhcp.lan.limit='93'
uci commit dhcp
uci set wireless.radio0.channel='auto'
uci set wireless.radio0.htmode='HT20'
uci set wireless.radio0.disabled='0'
uci set wireless.radio0.country='RO'
uci rename wireless.default_radio0='sta0'
uci set wireless.sta0.mode='sta'
uci set wireless.sta0.network='wan'
uci set wireless.sta0.ssid='Tycho Station'
uci set wireless.sta0.encryption='psk2'
uci set wireless.sta0.key=', so long as you are on the right side.'
uci commit wireless
wifi
Both phy0-sta0
and br-lan
interfaces should now have IPs assigned from an existing Wi-Fi router (the one broadcasting the ssid
configured above) and from the lan
configuration, respectively.
Test internet connection on the router:
opkg update
opkg update
opkg install luci-ssl-nginx
Existing private and public key files:
/etc/nginx/conf.d/_lan.key
/etc/nginx/conf.d/_lan.crt
uci set nginx._lan.uci_manage_ssl='no' # do not allow LuCI to manage certificates
uci set nginx._lan.server_name=$(uname -n)
uci -q delete nginx._lan.listen
uci -q delete nginx._redirect2ssl.listen
uci add_list nginx._lan.listen="${router_lan_ip}:443 ssl"
uci add_list nginx._redirect2ssl.listen="${router_lan_ip}:80"
uci commit nginx
reboot
Check configured IP and ports:
root@rocinante:/# netstat -tln | grep -E ':80|:443'
tcp 0 0 172.24.42.65:443 0.0.0.0:* LISTEN
tcp 0 0 172.24.42.65:80 0.0.0.0:* LISTEN
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NEE5AAAAIMd7CmaALG3anehAM8" > /etc/dropbear/authorized_keys
uci set dropbear.@dropbear[0].Interface='lan'
uci set dropbear.@dropbear[0].PasswordAuth='off'
uci set dropbear.@dropbear[0].RootPasswordAuth='off'
uci commit dropbear
service dropbear restart
Check configured IP and port:
root@rocinante:/# netstat -tln | grep :22
tcp 0 0 172.24.42.65:22 0.0.0.0:* LISTEN
The router will be configured with the internal Wi-Fi in mode sta
- the device providing the internet -, and an external Wi-Fi adapter connected via USB in mode ap
- the device external clients will connect to. It will use the built-in Raspberry Pi ethernet adapter (eth0
) as a WAN connection and delegate its LAN membership to the USB ethernet adapter.
The sta
device configuration will change whenever location changes, the ap
device configuration will remain the same.
opkg update
opkg install kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openssl-util lm-sensors
opkg update
opkg install kmod-usb-net-asix-ax88179
Change the LAN bridge br-lan
to include eth1
instead of eth0
:
uci set network.@device[0].ports='eth1'
uci commit network
service network restart
Connect the adapter and check https://rocinante.lan
.
uci set network.wan.ports='eth0'
uci commit network
service network restart
opkg update
opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb
Add device:
uci add network device
uci set network.@device[2].name='phy1-ap0'
uci commit network
service network restart
Connect the adapter; its details should automatically be added in /etc/config/wireless
.
Configure the AP:
uci rename wireless.radio2='radio1'
uci rename wireless.default_radio2='ap0'
uci set wireless.radio1.disabled='0'
uci set wireless.ap0.device='radio1'
uci set wireless.ap0.ssid='Rocinante'
uci set wireless.ap0.encryption='psk2'
uci set wireless.ap0.key='Do 3 what 3 Romans 0 Do 1'
uci commit wireless
wifi
Connect a client device to the ssid
specified above, you should be able to reach the internet.
uci set network.globals.packet_steering='2'
uci set network.globals.steering_flows='128'
uci commit network
service network restart
Install required packages:
opkg update
opkg install cfdisk losetup resize2fs squashfs-tools-unsquashfs
Check DEVICE
and PARTITION
are correct.
DEVICE="/dev/mmcblk0" # SD card
cfdisk "$DEVICE" # resize, then write
PARTITION="${DEVICE}p2" # should be the Linux (83) partition
FS_SIZE="$(unsquashfs -s "$PARTITION" | grep -o 'Filesystem size [0-9]* bytes' | grep -o '[0-9][0-9]*')"
FS_OFFSET="$(expr '(' "$FS_SIZE" + 65535 ')' / 65536 '*' 65536)"
LOOP_DEVICE="$(losetup -f --show -o "$FS_OFFSET" "$PARTITION")"
# fsck, resize, fsck
e2fsck "$LOOP_DEVICE"
# e2fsck 1.47.0 (5-Feb-2023)
# rootfs_data: recovering journal
# rootfs_data primary superblock features different from backup, check forced.
# Pass 1: Checking inodes, blocks, and sizes
# Pass 2: Checking directory structure
# Pass 3: Checking directory connectivity
# /lost+found not found. Create<y>? no
# Pass 4: Checking reference counts
# Pass 5: Checking group summary information
# Feature orphan_present is set but orphan file is clean.
# Clear<y>? yes
# rootfs_data: ***** FILE SYSTEM WAS MODIFIED *****
# rootfs_data: 880/25376 files (0.5% non-contiguous), 31938/101696 blocks
resize2fs $LOOP_DEVICE
# resize2fs 1.47.0 (5-Feb-2023)
# Resizing the filesystem on /dev/loop1 to 31088448 (1k) blocks.
# The filesystem on /dev/loop1 is now 31088448 (1k) blocks long.
e2fsck $LOOP_DEVICE
# e2fsck 1.47.0 (5-Feb-2023)
# rootfs_data: clean, 880/7407840 files, 1888214/31088448 blocks
reboot
*) When using SquashFS only.
kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb
kmod-ath9k-htc