OpenWrt Forum Archive

Topic: Howto: Access DSL modem in Bridge Mode for PPPoE users

The content of this topic has been archived on 28 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
evilghost
31 May 2007, 15:07

Preface:
While this topic has been covered several times in the forum I have been unable to successfully find a clear and concise configuration for PPPoE users .  The below is an attempt to clearly define the steps necessary for PPPoE DSL users.  Should any of this information be misleading or incorrect please feel free to make corrections.  I've successfully used this script/configuration with my Buffalo WHR-G54S.

Introduction:
The following configuration script will allow you to access your DSL modem's status page without having to disconnect it from the WAN port and move it to a LAN port.

Directions:
Create a new file called /etc/init.d/S52modemroute pasting the below code (modify as needed) into the file. Then, chmod +x /etc/init.d/S52modemroute, and finally execute it by typing /etc/init.d/S52modemroute. Upon reboot the changes will be activated so it's not necessary to run the command manually after every reboot.

If all goes well you should be able to access the modem's webpage/status page from any WLAN/LAN client using the IP address you selected for MODEM_IP.

#!/bin/sh
 
#IP Address of the modem, must be a different network from your local LAN.
#If you use 192.168.x.x for LAN then use 10.0.0.x for modem, etc (basically, pick a free IANA reserved range)
#Obviously you need to configure the actual DSL modem to use the address you select in MODEM_IP.
MODEM_IP="10.0.0.1"
 
#IP address that will be bound to vlan1, usually safe to just increment MODEM_IP by 1.
VLAN_IP="10.0.0.2"
 
#Setup network interface and firewall rules.
ifconfig vlan1 $VLAN_IP netmask 255.255.255.0
iptables -A forwarding_rule -d $MODEM_IP -j ACCEPT
iptables -t nat -A POSTROUTING -d $MODEM_IP -j MASQUERADE
Post #2
plouj
4 Apr 2009, 04:07

Is it possible and reasonable to implement this kind of setup just by modifying the /etc/config/ scripts in Kamikaze 8.09? It seems like uci is the now-preferred configuration approach and I would feel more confident in its forward compatibility than in yet another cryptic script. I feel it would be easier to remember what is my custom configuration and know what to backup on future upgrades.

Post #3
Nilfred
3 Sep 2009, 22:58

I got it temporary working until ppp0 (PPPOE) interface change IP, because wan:1 get lost too.
First some info:

# cat /proc/version
Linux version 2.6.30.5 (buildbot@localhost.localdomain) (gcc version 4.1.2) #5 Fri Aug 28 11:26:22 CDT 2009
# uci get webif.general.firmware_name
OpenWrt Kamikaze
# uci get webif.general.firmware_version
bleeding edge, r17427
# echo `ifconfig br-lan | awk '/inet addr/ {split ($2,A,":"); print A[2]}'`
192.168.1.1

MODEM_IP="192.168.0.2"
So this code works for me:

ifconfig wan:1 192.168.0.5 netmask 255.255.255.0 broadcast 192.168.0.255
iptables -I forwarding_rule -d 192.168.0.2 -j ACCEPT
iptables -t nat -I POSTROUTING -d 192.168.0.2 -j MASQUERADE

I do -Insert instead of -Add because I like to turn it off:

iptables -t nat -D POSTROUTING 1
iptables -D forwarding_rule 1
ifconfig wan:1 down

So almost always is the rule 1 I have to -Delete.

Post #4
DeerHunter
25 Nov 2009, 08:53

a complete script big_smile  (GPL code , made in bandaancha.eu tongue )

MODEM_IP="192.168.2.1"
BCAST_L="192.168.2.255"
MASK="255.255.255.0"
VLAN_IP="192.168.2.2"

DEV_WAN="eth0.1"

_stat() {
ifconfig $DEV_WAN:1 $VLAN_IP netmask $MASK broadcast $BCAST_L;
iptables -I forwarding_rule -d $MODEM_IP -j ACCEPT;
iptables -t nat -I POSTROUTING -d $MODEM_IP -j MASQUERADE;
}

_stat_down() {
iptables -t nat -D POSTROUTING 1
iptables -D forwarding_rule 1
ifconfig $DEV_WAN:1 down
}

#
case "$1" in
#
        on)
#
                _stat
#
                ;;  
#
        off)
#
                _stat_down
#
                ;;
#
        *)
#
                echo "Sintaxis: $0 [on|off]"
#
                ;;
#
esac

(Last edited by DeerHunter on 25 Nov 2009, 08:54)

Post #5
Nilfred
28 Nov 2009, 00:39
plouj wrote:

Is it possible and reasonable to implement this kind of setup just by modifying the /etc/config/ scripts in Kamikaze 8.09? It seems like uci is the now-preferred configuration approach

Well, I got it half-done:

ifconfig wan:1 192.168.0.5 netmask 255.255.255.0 broadcast 192.168.0.255

Translates to:

uci add network alias
uci set network.@alias[-1].interface=wan
uci set network.@alias[-1].proto=static
uci set network.@alias[-1].ipaddr=192.168.0.5
uci set network.@alias[-1].netmask=255.255.255.0
uci commit network

Don't know how to use uci for iptables so the rest goes direct to /etc/init.d/custom-user-startup

iptables -I forwarding_rule -d 192.168.0.2 -j ACCEPT
iptables -t nat -I postrouting_rule -d 192.168.0.2 -j MASQUERADE

Off course, this is done once, survives network restart and reboot.

Post #6
plouj
6 Jan 2010, 01:51

I got this config down to:

/etc/firewall.user

#!/bin/sh
# create a connection to the SpeedTouch modem

MODEMIP=192.168.1.254                                                                   
MODEM_NET=`echo $MODEMIP | cut -d "." -f 1-3`                                           
ROUTER_WAN_PORT_IP=$MODEM_NET.253                                                       
WAN_PORT=eth0.1                                                                         
# eth0.1 is the WAN port                                                                
# eth0.0 is my LAN                                                                      
# see http://wiki.openwrt.org/OpenWrtDocs/NetworkInterfaces                             
                                                                                        
ifconfig $WAN_PORT $ROUTER_WAN_PORT_IP netmask 255.255.255.0 broadcast $MODEM_NET.255   
iptables -A forwarding_rule -d $MODEMIP -j ACCEPT                                       
iptables -t nat -A postrouting_rule -d $MODEMIP -o $WAN_PORT -j MASQUERADE

This works every time you re-start your router or just the firewall since by default the firewall rules include /etc/firewall.user.

Post #7
Nilfred
7 Jan 2010, 16:01

Modem has the ability to lease IP, so:

# udhcpc -nqo -i wan:1
udhcpc (v1.13.4) started
ifconfig: SIOCSIFFLAGS: Cannot assign requested address
Sending discover...
Sending select for 192.168.0.130...
Lease of 192.168.0.130 obtained, lease time 259200
udhcpc: ifconfig wan:1 192.168.0.130 netmask 255.255.255.0 broadcast +
udhcpc: setting default routers: 192.168.0.2
udhcpc: setting dns servers: 192.168.0.2

# ifconfig wan:1
wan:1     Link encap:Ethernet  HWaddr ...
          inet addr:192.168.0.130  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

Then I have most variables filled except $WAN_PORT

The discussion might have continued from here.