This is an old revision of the document!
Creating packages for openwrt
requires ipkg-utils and the procedure is debian
style using a control file:
cat >> soft/CONTROL/control <<EOF Package: soft Version 0.1 Architecture: mipsel Maintainer: john <john@mail.com> Section: base Priority: optional Description: the soft package adds nothing Source: http://john.net/soft EOF ipkg-build -o root -g root soft
OpenWrt scripts can add a TAP interface to a bridge on boot, however tap interfaces are usually created on demand rather than persisting across reboots. To make sure that the TAP interface is brought up on boot, create a script at /etc/init.d/createtap
with the following contents:
#!/bin/sh /etc/rc.common START=30 SERVICE_USE_PID=0 TAP=`ifconfig -a | grep tap0 | wc -l start() { if [ $TAP -eq 0 ]; then ip tuntap add mode tap tap0 fi } stop() { if [ $TAP -eq 1 ]; then ip tuntap del mode tap tap0 fi }
and possibly change tap0
to a desired interface name.
In order to activate the script, issue:
/etc/init.d/createtap enable
The interface should now be created on reboot.
Once TAP interfaces are created the MAC address is randomly generated such that unless you are sending a DHCP client ID, the interface will be difficult to track. To set a permanent MAC address for the TAP interface, edit /etc/config/network
and add a MAC address for the TAP interface.
For example, the snippet:
config interface 'tap' option ifname 'tap0' option proto 'dhcp' option macaddr 'ca:36:40:4a:79:5e'
configures a TAP interface tap0
that will retrieve its address via DHCP by sending the MAC address ca:36:40:4a:79:5e
.
The configuration combined with the script above work perfectly well together: the script takes care to create the interface and the OpenWrt network configuration will set the MAC address when the interface is brought up.
If you access OpenWrt from a cygwin shell, you will notice that running ncurses-based programs (for instance, joe
, pico
or nano
editors) will mess up the lines. This is due to cygwin setting the terminal type to cygwin
which is not contained in the terminfo
OpenWrt package.
To resolve the issue, the cygwin
terminal information from C:\cygwin64\usr\share\terminfo\63\cygwin
(assuming the cygwin install root is at C:\cygwin64
) should be copied over to /usr/share/terminfo/c/cygwin
. Note that the terminfo
OpenWrt package does not contain the c
directory under /usr/share/terminfo
such that it will have to be created before copying over the file.
On OpenWrt version 18.06.1
, the Samba template files contains a variable that should be interpolated:
interfaces = |INTERFACES|
unfortunately, the interfaces do not seem to be configurable via LuCi and even using uci
to set the variable samba.@samba[0].interfaces
to some value will only make OpenWrt interpolate an empty string instead of the configured value.
Seeing that the interfaces to listen on cannot be configured via LuCi, removing the interfaces = |INTERFACES|
line and hardcoding the interfaces to listen on seems to be the best option.
Unfortunately for quite a few releases (LEDE), the python setuptools
package seems to be broken such that running depending software may bomb out with:
pkg_resources.DistributionNotFound: The 'setuptools' distribution was not found and is required by
The solution is to install pip
via:
opkg install python-pip
and then reinstall pip
and setuptools
:
pip install -U pip setuptools
TL;DR: old trick, set a lower interface metric for the OpenVPN interface than the default gateway.
Since there does not seem to be an official straightforward answer to route all traffic through OpenVPN "the OpenWrt way"™ the following should be easy to accomplish via the interface:
redirect-gateway def1
,Network
→ Interfaces
and for each WAN interface, click Edit
and then go to Advanced Settings
and set the Interface Metric
to a given value (ie: 10
),Network
→ Interfaces
open up the OpenVPN interface, go to Advanced Settings
and set the Interface Metric
to a value lower than all WAN interfaces from the previous step (ie: 1
).
OpenWrt does not do this automatically even if redirect-gateway def1
is pushed by the server.