Only that we ended up getting three in 24 hours. I still suspect that Comcast may not keep these around for seven to eight months as they used to. Time to host my few pages (principally Quantian) elsewhere? Suggestions welcome.
while true; do cat <<END | atftp --tftp-timeout 1; verbose trace connect 192.168.1.1 put openwrt-g-code.bin END sleep 1; doneThis assumes that you have a Linux box plugged into the box with a
tftp
client pushing the binary image to the wrt54g which will
read it thanks to the ping trick described User Guide
mtd erase nvram; reboot
dnsmasq.conf
as per
Using and
here.
nvram set lan_ipaddr=192.168.2.1; nvram
committ
' and editing of /etc/dnsmasq.conf
followed by
reboot
ipkg update
works as well, ipkg install
dropbear
gets ssh
so that telnet
can be
disabled.
ssh
from outside / forward
ssh
from outside
a la Section 6 and 7 of GettingStartedTips.
Same for http. -s a.b.c.d
option to allow ssh only from given
address a.b.c.d
nvram set wl0_wep=on nvram set wl0_wep_bit=128 nvram set wl0_key1=DEADBEEF12345DEADBEEF12345Also set the
wl0_ssid
, and define a specific list of MAC
addresses we talk too:
nvram set wl0_maclist='XX:XX:XX:XX:XX YY:YY:YY:YY:YY:YY' nvram set wl0_macmode=allow
nvram set lan_ipaddr=192.168.1.x
/etc/dnsmasq.conf
accordingly/etc/init.d/S45firewall
/
partition.
But then it didn't matter. In December, I had finally bought what Cringely so aptly called a disruptive technology: one of those inexpensive Linksys WRT54G. Somewhat procrastingly, I had started to both configure the box using the admirable OpenWRT Linux operation system one can load onto it, and migrate essentially all services of the old gateway. So today and yesterday I finished the setup, which worked well enough. Now it is the new gateway, redirecting http to the bigger server in the basement, same for ssh from less than a handful addresses, rejecting the rest and is otherwise NATing away. Luckily, in the interim I had the older Speedstream 801.11b gateway I had once bough along with a Speedstream 801.11b card that turned out to be a piece of crap. Still, it was easy to cover the basics with it for a day to not be off the net, but it doesn't of course offer the magic of iptables needed for the finer-grained firewalling and access control, which I intend to add soon and the host of other Linux goodies that are available for OpenWRT thanks to Linux networking.