[HowTo] Install and configure Oleg's firmware

[TheCrow]

i found this solution, is ok???

Increasing the table size
The maximum number of connections tracked can be found by:

Code:

cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
4096

Time to double to number of connections that the table can track:

Code:

nano /etc/sysctl.conf

and add the line

Code:

 net.ipv4.netfilter.ip_conntrack_max = 131072

reload the sysctl.conf

Code:

sysctl -p

and result:

Code:

 net.ipv4.netfilter.ip_conntrack_max = 131072

[al37919]

you can edit this value from the web-interface in the firewall -> basic config

I'd suggest you to research this topic more seriously, because this conntrack table takes RAM. For such device with pretty limited memory 128K imho is too huge table

[adrianio]

Where have you found this firmware?
Last "original" oleg is WL500gp-1.9.2.7-10.trx

Try this.

Thank you, Kaizen!
I have installed this firmware and it seems to be a stable version. It is just enough for what I need. And wireless driver perform very well. Next week I will test it with lot of optware packages. I want to stop services and start'em when I need with xinetd to keep RAM memory free.
By the way, does anybody knows command line switches to start web interface and pass them to xinetd?

[adrianio]

I think that's good for OLEG firmware to have an motd login (as OpenWRT and DD-WRT does).
And motd should be like so. So put file motd (without the extension ".txt") in /etc folder, edit /usr/local/.files and add "/etc/motd", save flash with "flashfs save && flashfs commit && flashfs enable && reboot". When log with dropbear, after login, logo will apear in console window.
To put the file on the router, I recommend using WinSCP (is freeware and "a must use" )

So, "OLEG powered WL"

[al37919]

By the way, does anybody knows command line switches to start web interface and pass them to xinetd?

it's impossible, and to kill it either

[cMcd01]

if you enable samba in the web-interface then /etc/smb.conf is automatically generated based on the settings in it every time you start router. So if you wish to customize smb.conf --- disable samba in web-interface and run from post-boot something like:

PHP Code:

/usr/sbin/smbd -d
/usr/sbin/nmbd -d 


I added the 2 lines to post-boot (but it's "smbd -D" and "nmbd -D" as lowercase "-d" is for debug level) and disabled samba in the webinterface. Did the flashfs commit save reboot thing but samba didn't load on reboot - those processes didn't appear in the list from ps axf. But, if I manually run post-boot from the command line, samba is loaded and runs fine.

It seems post-boot isn't running after the boot - is that possible? Since I can run post-boot from the command line, it seems it's executable. The only difference from straight wengi tut is I have the swap on USB stick on disc1 and USB HDD for shared storage on disc0.

Any ideas?

[DrChair]

put it in post-mount

it probably starts from post-boot, but exits directly cause it's missing the harddisk

[al37919]

thanks for the correction

you can make sure that post-boot is executed by adding to it:

PHP Code:

logger -t post-boot "$* started." 


afterwards you can check presence of this line in the syslog.

I'm not sure if the storage should be mounted to run samba (when post-boot is executed possibly it is not running yet). So, try to put it in the post-mount

If post mount could be executed multiple times better approach could be:

PHP Code:

killall smbd && /usr/sbin/smbd -D 


DrChair: you was faster than me

[cMcd01]

put it in post-mount

it probably starts from post-boot, but exits directly cause it's missing the harddisk

This worked, thanks.

al37919, I didn't add the extra code you suggested, I don't understand what it tries to do - but it seems just having smbd -D and nmbd -D in post-mount does what I need. Is there a reason I need that additional code?

Also, I stuck the logger code in both post-boot and post-mount. post-mount wrote to the syslog, but post-boot did not!? It seems like I have an issue with post-boot running, right? Any ideas on how to troubleshoot this/fix?

Thank you for your help and responsiveness!

[madace]

hi! my provider has changed connection from pptp to ppoe and after that transmission stoped transers. it accesable wia web interface but shows 0 transers. what can be the source of the problem?

Code:

 PID TTY      STAT   TIME COMMAND
    1 ?        S      0:01 /sbin/init
    2 ?        S      0:00 [keventd]
    3 ?        SN     0:00 [ksoftirqd_CPU0]
    4 ?        S      0:00 [kswapd]
    5 ?        S      0:00 [bdflush]
    6 ?        S      0:00 [kupdated]
    7 ?        S      0:00 [mtdblockd]
   57 ?        S      0:00 telnetd
   62 ?        S      0:01 httpd vlan1
   68 ?        S      0:00 klogd
   71 ?        Ss     0:01 nas /tmp/nas.lan.conf /tmp/nas.lan.pid lan
   73 ?        S      0:00 [dnsmasq]
   75 ?        S      0:00 [khubd]
   84 ?        Ss     0:00 lpd
   86 ?        Ss     0:00 p9100d -f /dev/usb/lp0 0
   89 ?        Ss     0:00 waveservermain
   91 ?        Ss     0:00 rcamdmain
   95 ?        S      0:00 [usb-storage-0]
   96 ?        S      0:00 [scsi_eh_0]
  103 ?        S      0:00 [portmap]
  105 ?        Ss     0:00 /usr/sbin/statd
  107 ?        S      0:00 [nfsd]
  108 ?        S      0:00 [lockd]
  109 ?        S      0:00  \_ [rpciod]
  111 ?        Ss     0:00 /usr/sbin/mountd
  126 ?        S      0:00 udhcpc -i vlan1 -p /var/run/udhcpc0.pid -s /tmp/udhcp
  127 ?        Ss     0:00 pppd file /tmp/ppp/options.wan0
  129 ?        Ss     0:00 infosvr br0
  130 ?        Ss     0:00 watchdog
  133 ?        Ss     0:00  \_ ntp
  147 ?        S      0:00 dropbear
  238 ?        Ss     0:00  \_ dropbear
  239 pts/1    Ss     0:00      \_ -sh
  243 pts/1    R+     0:00          \_ ps axf
  156 ?        S      0:01 upnp -D -L br0 -W ppp0
  172 ?        S      0:00 [kjournald]
  173 ?        S      0:00 [kjournald]
  201 ?        S      0:00 /sbin/syslogd -m 0 -O /opt/var/log/syslog.log -S -l 7
  207 ?        Ss     0:00 /opt/sbin/cron
  232 ?        S      0:08 /opt/bin/transmission-daemon -g /tmp/harddisk/transmi
  233 ?        S      0:00  \_ /opt/bin/transmission-daemon -g /tmp/harddisk/tra
  234 ?        S      0:20      \_ /opt/bin/transmission-daemon -g /tmp/harddisk
  237 ?        R     19:19 vi /opt/etc/init.d/S05syslogd

[adrianio]

Where have you found this firmware?

Try this.

I installed from your link WL500gpv2-1.9.2.7-d-r160.trx
That's OK. I see in this firmware lot of good things:
- kernel update to "Linux version 2.4.37";
- SSH configuration from webif;
- firewall configuration for "brute force attacks" from webif (although when I "iptables-save > /opt/tmp/iptables" - I cannot see rules installed )

Big problem:
I test swap working with "ipkg remove perl" + "ipkg install perl" and give in another putty window command "watch -n 1 free". So, swap memory does not entered working state (it is showed up, but not used). In time of perl installation free memory decrease till 500kb!
The same test I do with "WL500gpv2-1.9.2.7-10.7.trx" and in time of installation process swap begins swapping.

I see in log file some brute force attacks for SSH and FTP servers and trying to limit FTP logon incoming connections:

Code:

iptables -I INPUT 1 -p tcp -m tcp --dport 21 -m state --state NEW -m recent  --set
iptables -I INPUT 2 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --update --seconds 180 --hitcount 5 -j DROP

But in both firmware versions it seems that we have no support:

Code:

iptables: No chain/target/match by that name

[adrianio]

I'll answer to myself:
So, there is iptables module to insert to make these commands available: ipt_recent.o

[al37919]

in 1.9.2.7-d this module should be loaded automatically and rules added to INPUT chain if wan access to ssh or ftp server is enabled in the web-interface and corresponding bruteforce protection option is selected

[jakoob]

First,
thanks for really great HOW TO, it helped me, because I'm linux beginner.

Anyway now I stucked on problem with samba. It showes me that my shares are only 20MB big, although my 3rd partition is 450GB big. I really don't know how to solve it. I searched nearly the whole internet

Help will be greatly appreciated.

Thanks Jakub

[adrianio]

Reading log file I found that:

Code:

Mar 17 01:38:44 pure-ftpd: (?@115.168.51.137) [INFO] New connection from 115.168.51.137
Mar 17 01:38:45 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:38:49 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:38:57 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:08 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:21 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:37 pure-ftpd: (?@115.168.51.137) [ERROR] Too many authentication failures
Mar 17 01:39:41 pure-ftpd: (?@115.168.51.137) [INFO] New connection from 115.168.51.137
Mar 17 01:39:42 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:47 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:39:55 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:40:06 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:40:21 pure-ftpd: (?@115.168.51.137) [WARNING] Authentication failed for user [oracle]
Mar 17 01:40:38 pure-ftpd: (?@115.168.51.137) [ERROR] Too many authentication failures

And these tryies are listing for about an hour, every second (they tryied user mysql,apache and test too)!!!
But I have inserted correct rules in /usr/local/sbin/post-firewall:

Code:

iptables -I INPUT 1 -p tcp -m tcp --dport 21 -m state --state NEW -m recent  --set
iptables -I INPUT 2 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --update --seconds 160 --hitcount 8 -j DROP

These rules, I find'em too when do "iptables -nL INPUT". The same rules.

Code:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
           tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:21 state NEW recent: SET name: DEFAULT side: source
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:21 state NEW recent: UPDATE seconds: 160 hit_count: 8 name: DEFAULT side: source
ACCEPT     tcp  --  0.0.0.0/0            192.168.1.1        tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            192.168.1.1        tcp dpt:21
ACCEPT     tcp  --  0.0.0.0/0            192.168.1.1        tcp dpts:65100:65150

BUT.....SURPRISE when I do "iptables-save /opt/tmp/iptables" and read the file I found:

Code:

-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -m recent recent: seconds: 1701970168 hit_count: 1953391971 name:  side: source 
-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -m recent recent: seconds: 1701970168 hit_count: 1953391971 name:  side: source -j DROP

And I saved this firewall after powering on the router (so the router had some hours to rest and clear memory)!!!!

What's that????