-
Notifications
You must be signed in to change notification settings - Fork 0
Commandline administration
On this page you can find various commands to manage your gluon based node using the command line. You can access the command line remotely using SSH if you've added keys or defined a password in the configuration wizzard. All nodes should be accessible using their IPv6 addresses. If in doubt ask your local community on how to find your devices IPv6.
reboot
uci set gluon-setup-mode.@setup_mode[0].enabled='1'
uci commit gluon-setup-mode
reboot
cd /tmp/
wget [FIRMWAREURL]
echo 3 > /proc/sys/vm/drop_caches
sysupgrade [NAMEOFFIRMWAREFILE]
As an alternative to wget you can push the firmware file from your client using scp
SSH_KEY="ssh-rsa ..."
touch /etc/dropbear/authorized_keys
sed -i "1i$SSH_KEY" /etc/dropbear/authorized_keys
grep -cEo "\[.*W.*\]+" /sys/kernel/debug/batman_adv/bat0/transtable_local
# With vendor and hardware version (example: "tp-link-tl-wdr4300-v1")
lua -e 'print(require("platform_info").get_image_name())'
# With vendor and hardware version (human readable, example: "TP-Link TL-WDR4300 v1")
lua -e 'print(require("platform_info").get_model())'
# Only type of router (example: "tl-wdr4300")
lua -e 'print(require("platform_info").get_board_name())'
# Gluon version (example: "v2016.1.5")
cat /lib/gluon/gluon-version
# Build version (example: "2016.1.5-stable-2016-06.05")
cat /lib/gluon/release
uci set autoupdater.settings.enabled=1
uci set autoupdater.settings.branch=stable
uci set autoupdater.stable.good_signatures='1' # workaround for manual update / August 2016
uci commit autoupdater
autoupdater -f
Only helpful on targets (eg. x86, kvm) that have a direct keyboard interface (usb/ps2 etc.). Gluon being OpenWrt based by default only sports the US keyboard layout which makes using eg. a German keyboard a tedious task.
For this to work you have to explicitely enable the busybox applet loadkmap during gluon build time. You can do that eg. in GLUON_DIR/include/config or more target specific in GLUON_DIR/target/<profile>/config (if you don't want the applet in all profiles). add
CONFIG_BUSYBOX_CONFIG_LOADKMAP=y
If the loadkmap executable is available in your Gluon build you can load keymaps like this
loadkmap < /usr/share/keymaps/i386/qwertz/de-latin1-nodeadkeys.bmap
A readymade package of binary keymaps (the format expected by busybox, converted from the Debian keymaps package) can be downloaded here . The whole package is 1.1MB in size, so you might want to copy only selected maps to your box if you are constrained for space. Placing the maps into /usr/share/keymaps/ would be good style but is not necessarily needed.
##Setting location
uci set gluon-node-info.@location[0].latitude=53.834470
uci set gluon-node-info.@location[0].longitude=10.702518
uci set gluon-node-info.@location[0].altitude=11.51
uci set gluon-node-info.@location[0].share_location=1
uci commit gluon-node-info
###Check settings
uci show gluon-node-info
gluon-node-info.@location[0]=location
gluon-node-info.@location[0].share_location=1
gluon-node-info.@location[0].latitude=53.834470
gluon-node-info.@location[0].longitude=10.702518
gluon-node-info.@location[0].altitude=11.51
uci get gluon-node-info.@owner[0] || uci add gluon-node-info owner
uci set gluon-node-info.@owner[0][email protected]
uci commit gluon-node-info
# uci show gluon-node-info
....
gluon-node-info.@owner[0]=owner
gluon-node-info.@owner[0][email protected]
# uci set system.@system[0].hostname='newname'
# uci commit system
# /etc/init.d/system reload
# uci show system
....
system.@system[0].hostname='newname'
# uci set fastd.mesh_vpn.enabled=1
# uci commit fastd
# /etc/init.d/fastd generate_key mesh_vpn
18fa75d1808692f04770bedf30c42dac24585d331560c545d70dd27f22a05648
# /etc/init.d/fastd stop
# uci set fastd.mesh_vpn.enabled=0
# uci commit fastd
Note: "/etc/init.d/fastd stop" won't stop fastd process if enabled=0.
# uci del_list fastd.mesh_vpn.method=salsa2012+umac
# uci add_list fastd.mesh_vpn.method=null
# uci add_list fastd.mesh_vpn.method=salsa2012+umac
# uci commit fastd
# /etc/init.d/fastd restart
Note: Your community's servers need to support unencrypted connections.
# /etc/init.d/fastd show_key mesh_vpn
18fa75d1808692f04770bedf30c42dac24585d331560c545d70dd27f22a05648
uci set fastd.mesh_vpn.enabled=1
uci set fastd.mesh_vpn.secret=18fa75d1808692f04770bedf30c42dac24585d331560c545d70dd27f22a05648
uci commit fastd
Depending on the setup your community uses this can be helpful to avoid reregistration of your node due to new fastd keys
uci set gluon-simple-tc.mesh_vpn.limit_egress=800 # upload 0.8 Mbit/s
uci set gluon-simple-tc.mesh_vpn.limit_ingress=5000 # download 5.0 Mbit/s
uci set gluon-simple-tc.mesh_vpn.enabled=1
uci commit gluon-simple-tc
/etc/init.d/fastd restart
Note: It is not a good idea to set the upload Bandwidth below 200 (or below 500 in large meshes)
uci set simple-tc.mesh_vpn.limit_egress=800 # upload 0.8 Mbit/s
uci set simple-tc.mesh_vpn.limit_ingress=5000 # download 5.0 Mbit/s
uci set simple-tc.mesh_vpn.enabled=1
uci commit simple-tc
/etc/init.d/fastd restart
Note: It is not a good idea to set the upload Bandwidth below 200 (or below 500 in large meshes)
# uci set network.wan.proto=static
# uci set network.wan.ipaddr=XXX.XXX.XXX.XXX
# uci set network.wan.netmask=XXX.XXX.XXX.XXX
# uci set network.wan.gateway=XXX.XXX.XXX.XXX
# uci commit network
# /etc/init.d/network restart
# uci add_list gluon-wan-dnsmasq.@static[0].server=XXX.XXX.XXX.XXX
# uci commit gluon-wan-dnsmasq
# /etc/init.d/dnsmasq restart
# uci set network.wan.proto=dhcp
# uci commit network
This will activate mesh on all LAN ports (usually yellow on TP-Link devices).
uci set network.client.ifname="bat0"
uci set network.mesh_lan.auto=1
uci commit network
/etc/init.d/network restart
uci set network.client.ifname="bat0 $(cat /lib/gluon/core/sysconfig/lan_ifname)"
uci set network.mesh_lan.auto=0
uci commit network
/etc/init.d/network restart
uci set network.mesh_lan.auto=1
for ifname in $(cat /lib/gluon/core/sysconfig/lan_ifname); do
uci del_list network.client.ifname=$ifname
done
uci commit network
/etc/init.d/network restart
uci set network.mesh_lan.auto=0
for ifname in $(cat /lib/gluon/core/sysconfig/lan_ifname); do
uci add_list network.client.ifname=$ifname
done
uci commit network
/etc/init.d/network restart
This will change the behaviour of the WAN port (on most devices the blue port) so you can directly connect other nodes on the WAN port that also have enabled any of Mesh-on-WAN or Mesh-on-LAN.
uci set network.mesh_wan.auto=1
uci commit network
/etc/init.d/network restart
Note:
- If you now connect your WAN port to your Home Router too and don't configure some additional VLAN, the whole mesh traffic will also be pushed into your local network, which might cause problems.
- Be sure to have VPN disabled, otherwise this connection would build up another fastd tunnel inside the Freifunk net.
uci set network.mesh_wan.auto=0
uci commit network
/etc/init.d/network restart
(tested & valid for Gluon 2014.4)
Simultaneous configuration of Mesh-on-WAN and a private WiFi network (bridged to your local network on the WAN port) is not usually possible - in Mesh-on-WAN mode B.A.T.M.A.N. consumes the WAN interface completely, no other traffic should use that interface anymore. A private WiFi would not have access to your LAN in this case.
While making only minimal changes to the network configuration of the node, you can achieve both by using a VLAN on your local network (or a second port & cable if you're so inclined and have more than one port available, which isn't covered in this example). Let the node do Mesh-on-WAN directly on the WAN interface, while seperating your private network with a VLAN tag from that interface (mixed untagged/tagged mode). Tagging the mesh traffic is possible too, but needs additional configuration (REORDER_HDR) and isn't covered in this example.
This example is designed to keep as much of the upper level network layout consistent with the default state, in particular the interface br-wan still is the interface which handles local network traffic (Ethernet & WiFi), which is used e.g. by the firewall.
This example uses VLAN id 42. The necessary VLAN configuration of your local network will not be explained.
This example was used on a TP-Link TL-WR841Nv9 which features an additional integrated VLAN aware ethernet switch. This switch and its ports were not used, keeping it available for other tasks and configurations. This also means that this example does work on devices with only one ethernet port.
# uci set network.mesh_wan.auto=1
# uci set network.mesh_wan.ifname=$(cat /lib/gluon/core/sysconfig/wan_ifname)
# uci set network.wan_vlan=device
# uci set network.wan_vlan.type=8021q
# uci set network.wan_vlan.vid=42
# uci set network.wan_vlan.ifname=$(cat /lib/gluon/core/sysconfig/wan_ifname)
# uci set network.wan_vlan.name=vlan-wan
# uci set network.wan.ifname=vlan-wan
Then configure your private WiFi like you usually would:
# uci set wireless.wan_radio0=wifi-iface
# uci set wireless.wan_radio0.device=radio0
# uci set wireless.wan_radio0.network=wan
# uci set wireless.wan_radio0.mode=ap
# uci set wireless.wan_radio0.encryption=psk2
# uci set wireless.wan_radio0.ssid="privates WLAN"
# uci set wireless.wan_radio0.key="geheime Passphrase für mein WLAN"
# uci set wireless.wan_radio0.disabled=0
And finish it all up:
# uci commit
# reboot
If you can't reach your node on the WAN port after it has rebooted, you're in the wrong VLAN.
If you don't need Freifunk on LAN but do need more network ports of your local private network, you can user your router as switch.
uci set network.client.ifname=bat0
uci set network.wan.ifname='eth0 eth1'
uci commit network
All tasks are per radio. If you've got only a single radio (2.4GHz only or 5GHz only) it is usually named radio0. On dualband devices you have to apply the setting to each radio. On dual-band devices the radios are usually named radio0 for 2.4GHz and radio1 for 5GHz. If in doubt check using uci show wireless - each radio should display a value "hwmode" - 11g or 11ng are 2.4GHz, 11a or 11na are 5GHz. The following examples are radio0 only.
This will disable the client network while the mesh network stays active:
uci set wireless.client_radio0.disabled=1
uci commit wireless
wifi
uci set wireless.client_radio0.disabled=0
uci commit wireless
wifi
uci set wireless.ibss_radio0.disabled=1
uci commit wireless
wifi
uci set wireless.ibss_radio0.disabled=0
uci commit wireless
wifi
uci set wireless.mesh_radio0.disabled=1
# uci set wireless.mesh_radio1.disabled=1 #On 5GHz nodes
uci commit wireless
wifi
uci set wireless.mesh_radio0.disabled=0
uci commit wireless
wifi
uci set wireless.mesh_radio0.disabled=1
uci commit wireless
wifi
uci set wireless.mesh_radio0.disabled=0
uci commit wireless
wifi
uci set wireless.radio0.channel=X
uci commit wireless
wifi
Please keep in mind changing the channel can prevent nearby devices from meshing with your router.
Execute the following commands to enable PoE passthrough, or add to /etc/rc.local to
automatically enable on boot.
# Uncomment one of these three:
#GPIO=20 # TP-LINK CPE210/510
#GPIO=8 # Ubiquiti Nanostation M2/M5 (XM)
#GPIO=2 # Ubiquiti Nanostation M2/M5 (XW)
echo $GPIO > /sys/class/gpio/export
echo out > /sys/class/gpio/gpio$GPIO/direction
echo 1 > /sys/class/gpio/gpio$GPIO/value
To prevent the /etc/rc.local to be overwritten during a sysupgrade add the filename as one line into /etc/sysupgrade.conf
uci set network.client.ifname='bat0' // remove eth0.2 from client net
uci delete network.@switch_vlan[1] // delete VLAN 2
uci set network.@switch_vlan[0].ports='0t 4 5' // set VLAN 1 to Port 4 (LAN)
uci commit network
/etc/init.d/network restart
There is a bug in the current (2015/01) OpenWRT Barrier Breaker which prevents to factor in the antenna gain for transmission power setting. This is still existant in Chaos Calmer (Gluon 2016.1). Therefore your device will actually transmit with higher power than advertised in the web-UI. This is a) usually illegal and b) while clients may receive a great signal they will most likely be unable to answer. To prevent this we lower the power manually.
uci set wireless.radio0.txpower=9
uci commit
wifi
you can check the currently set transmit power with:
iwinfo radio0 txpower
Warning: Starting with Gluon 2015.1 dive names and transmit power mapping have been changed. If you are on <2015.1 the correct command would be
uci set wireless.radio0.txpower=8
uci commit
wifi
uci set wireless.radio0.txpower=12
uci commit
wifi
you can check the currently set transmit power with:
iwinfo client0 txpower
The NanoStation and other Point-to-Point accesspoints usually have only one network interface. If you use these PtP links for batman-adv traffic, you lose the ability to access the web interface .
WARNING: If you connect two Gluon Routers with VLAN10 on br-client using WAN you'll get a loop. You have been warned...
Tha WAN Interface must not be behind a vswitch
If
cat /lib/gluon/core/sysconfig/wan_ifname
shows for example eth1.4 VLAN tagging is not possible
Settings for Nanostation: here
uci set network.client.ifname="$(cat /lib/gluon/core/sysconfig/lan_ifname) bat0 $(cat /lib/gluon/core/sysconfig/wan_ifname).10"
uci commit network
/etc/init.d/network restart
- A German reference can be found at freifunk.net