I use OpenWrt because my network at home is my privacy.
The web interface LuCI is used to configure OpenWrt.
Configuration files are stored in the directory /etc/config/
.
These files can also be edited with an editor over SSH.
Select Interfaces under Network to edit the WAN interface.
Protocols like PPPoE (for VDSL) or DHCP work out of the box.
Support for other protocols can be added by installing additional packages.
To use a custom DNS server (like Google Public DNS) for name resolution,
edit /etc/config/network
:
config interface 'wan' #... option peerdns '0' option dns '8.8.8.8'
Select System to set the local time and the timezone of the system.
On a fresh installation of OpenWrt, the wireless access point is disabled.
Select Wireless under Network to setup the SSID,
configure the encryption and enable the access point.
Additional software can be installed using the web interface or
using the command line via SSH.
The web interface LuCI provides a convenient way of managing software packages.
Select Software under System to install additional packages.
Click Update lists... to update the list of available packages.
The command line tool opkg
is used as package manager.
opkg install <pkg>
installs a package.
opkg update
updates the list of available packages.
To allow SSH access from the WAN interface, the firewall needs to be configured.
Select Firewall under Network to add a custom rule.
Custom firewall rules are stored in /etc/firewall.user
:
iptables -A input_wan_rule -p tcp --dport 22 -m conntrack --ctstate NEW \ -m recent --set --name SSH iptables -A input_wan_rule -p tcp --dport 22 -m conntrack --ctstate NEW \ -m recent --update --seconds 60 --hitcount 8 --rttl --name SSH -j DROP iptables -A input_wan_rule -p tcp --dport 22 -j ACCEPT