Study of OpenWRT and It’s Application for Port

Forwarding and Wireless Repeater

By:
9324-9680 / Travis Wright

there are many other features, which could

Abstract:
OpenWRT is an open source project that in
2009 joined the “Software in the Public
Interest” domain. This unique status gives
it more organizational structure and shows
the maturity of its development. The
distinction also allows it to work in concert
with many other projects that have similar
interests such as Debian, PostgreSQL,
OpenOffice and MadWifi. This project will
explore just some of the many unique
aspects that OpenWRT can improve over
the current commercially available router
software in the marketplace today.
Specifically OpenWRT’s Port Forwarding
and Wireless Repeater capabilities will be
explored.
During the project certain technical issues
meant I was not able to implement the Port
Forwarding and Wireless Repeater
functions myself. The issues will be
discussed in this paper.
Keywords: OpenWRT, Port Forwarding,
Wireless Repeater
I.
Introduction

OpenWRT is a Linux based firmware
designed for embedded devices such as a
personal wireless router that has become
ubiquitous in the modern world for both the
home and commercial applications. These
wireless routers are so integrated into our
daily lives that the majority of people no
longer give a second thought to their
capabilities and simply use them for their
plug and play features. While these initial
default capabilities are well implemented
be very useful to the general public that are
not implemented. This project will explore
how to implement two of those additional
features with OpenWRT:
1. Simplified port forwarding
2. Configuration of wireless repeater
These capabilities will also be discussed as
to how they can be leveraged with the recent
developments in smartphone technology
which have driven the need for better and
better networks.
With new 4G technology attempting to
handle the loads of these new smartphones
one possible solution that is actibly being
pursued by companies is to use wireless
internet to relieve the load off these
networks for data and allow them to handle
voice only. By improving the ability of
wireless routers already in place with a
firmware upgrade this could greatly help to
improve current networks.
Both commercial and private individuals
would benefit from this advance as it would
allow an existing infrastructure to handle
even greater loads. The use of OpenWRT
itself may not bring about this ultimate
advance, but it can be a stepping stone for
development which as an open source
development project that is its main focus.
II. Preliminary Investigation
I began my research at the OpenWRT.org
official website. This gave me an idea of the
history and purpose of OpenWRT. The
design is based around a Linux firmware
structure for embedded devices such as such
as the common household internet router.
This firmware is designed with hooks to
allow further development and
customization to implement a wide range of
abilities for a router. In my case I chose to
focus on the port forwarding and wireless
repeater aspect.
Other aspects of OpenWRT are: firewall and
router configurations, Quality of Service
(QoS) for various applications such as VoIP,
mesh networking, and a fully writable file
system which allows integration of new
software without the need to rebuild the
firmware image [1].
I chose Port Forwarding because I was
interested in using my wireless router
instead of having to hook up via a wired
LAN connection every time I wanted to
perform functions with the class project
using Asterisk and Kamailio. I attempted
port forwarding with my current Linksys
router software, but was unable to make a
connection during the first half of the
semester so wanted to attempt the same feat
with OpenWRT instead.
I also started researching the wireless
repeater capability because I have
previously investigated WiMAX for other
classes and am interested in the ability of
wireless devices to be turned into repeaters
that could effectively increase the range of
all nearby wireless devices. This would also
lead into mesh networks but that scope
would be to much for me to take on in the
course of this semester.
III. OpenWRT Conversion
For my Interim Report I discussed the
general process for conversion of a Linksys
wireless router WRT54GL series. When I
was reading through the literature on various
websites (included at the end of this report
[6] [7]) discussing how to complete the
conversion I focused on the software sites
and commands. I was aware the conversion
required a serial connection to the router, but
did not understand that the serial port was
not already included on the wireless router.
The conversion requires purchase of various
parts and soldering of them that I was not
prepared for (serial connector). The parts
are listed below [7]:
1. AD233BK 233A CTS RTS
adapter kit
2. DB9M Serial Connector
3. DB9F serial connector
4. 10 pin IDC male PCB-mount
head
5. 10 pin IDC female cable-mount
head
6. Soldering iron
If I had been able to complete the hardware
conversion the process for installing the
software was laid out on the OpenWRT.org
website and the basic steps are listed here
[6]:
1. Physically open the device you are
going to install the OpenWRT on.
A list of supported devices are
available at
http://oldwiki.openwrt.org/TableOf
Hardware.html.
2. Solder a serial connection port using
the parts listed above to the J1
connector of the electronics board.
3. Install OpenWRT using one of the
following methods
a. Online GUI provided by the
vendor. This is the easiest
way but not always the best
as there is no way to go
back if something goes
wrong.
b. Using TFTP which if there
is an error you can reload
the original files and restore
the function of your device.
4. Configure WAN for internet access
a. DHCP for the Cable internet
access
b. PPPoE
c. QoS
d. Dynamic DNS
5. Enable WiFi
After realizing I could not perform the
conversion I chose to focus on the research
aspect of my project for port forwarding and
wireless repeater capabilities of OpenWRT.
I will refer to the OpenWRT “Kamikaze”
version throughout the rest of this report.
I was also planning on using Kamailio as a
basis for my PBX as we had in class on my
machine, but after many attempts and
discussions with both the TA and professor I
was unable to properly configure Kamailio.
I have previously documented these efforts
in Homework #3. It is located at
http://5718wiki.gatorfone.com/wikka.php?w
akka=TravisWrightKamailioProblems.
IV. General Port Forwarding
Port Forwarding is the process of forwarding
packets to a specific port on a machine
located behind a gateway in another
network. The forwarding is necessary
because the wireless router (gateway) masks
the private network from the Internet and
without the forwarding rules established the
packet has nowhere to go once it enters the
private network space.
Figure 1
A. Linksys Port Forwarding
For the Linksys default interface, port
forwarding is done from a Graphic User
Interface (GUI) with certain available
customizations, shown in Figure 1. You can
choose a range of ports to forward to and the
private ip address of that computer. You
can also specify the protocol to use for the
forwarding. This feature ensures the
information is forwarded using the correct
protocol to the destination computer. If the
wrong protocol is used the computer will not
be able to understand the message and the
forwarding will be useless.
For the Linksys router in in figure 1 all the
ip addresses will begin with 192.168.1.xx
because those are reserved private addresses
that the router is able to use for its private
network. Other routers may use other
addresses.
B. OpenWRT Port Forwarding
For OpenWRT there is no GUI and all
inputs will be done from the command line
which can give us more control of the port
forwarding process. An example of
OpenWRT manual port forwarding would
be:
iptables
­t
nat
­A
prerouting_rule
­i

vlan1
­p
tcp
­­dport
80
­j
DNAT
­­to

192.168.1.150

iptables

 

 

 

 ­A
 forwarding_rule
 ­i

vlan1
 ­p
 tcp
 ­­dport
 80
 ­d

192.168.1.150
­j
ACCEPT



The two lines of code provide the
commands necessary to forward port 80 to
the internal IP address 192.168.1.150 using
TCP. As discussed in class TCP is a reliable
connection oriented transfer protocol so the
message will be received. The Protocol can
be changed to whatever is appropriate for
the task though. In addition this code is
actually updating the iptables of the
OpenWRT firmware to allow for the port
forwarding.

While researching the full implementation
of port forwarding for the newest version of
OpenWRT, Kamikaze, I found
documentation very lacking from the official
OpenWRT website. I was able to cross-
reference various pages to find the proper
course for implementing the port forwarding
option though.
The file that code needs to be placed in is
the ‘firewall’ file. This file will update the
code to allow access through your
OpenWRT firewall to the machines on the
internal network. The first step is to update This will allow port 25 access through your
the file /etc/config/firewall with: OpenWRT firewall which would otherwise
block it from your private network. It
“config defaults redirects the incoming port 25 to the specific
option syn_flood 1 ip address 192.168.1.5 on port 25. You can
option input ACCEPT substitute your ip address as appropriate.
option output ACCEPT
option forward REJECT The previous coding will allow forwarding
of any WAN port to a LAN port. This is
config zone very useful because now you can forward
option name lan information to only one machine on your
option input ACCEPT LAN, but that is only half of the objective.
option output ACCEPT
option forward REJECT It is also desirable to have a LAN port
forwarded to a WAN port. This is a slightly
config zone more complicated task as most port
option name wan forwarding is done from WAN to LAN.
option input REJECT This is also referred to as Loopback Port
option output ACCEPT Forwarding because you are looping back on
option forward REJECT top of yourself to send information back to
option masq 1 the source.

config forwarding In the firewall.user file enter the following

option src lan
option dest wan
option mtu_fix 1” [11]
option path /etc/firewall.user
This code will enable port forwarding
commands for your router. The next step is
to setup your ports to forward with the
following code in the same firewall file.
“config 'redirect'
option 'src' 'wan'
option 'proto' 'tcp'
option 'src_ip' ''
option 'src_dport' '25'
option 'dest_ip' '192.168.1.5'
option 'dest_port' '25'
lines of code:
“iptables -t nat -A prerouting_rule -
d “public IP address here”0 -p tcp -
-dport 80 -j DNAT --to “LAN IP
here”
iptables -A forwarding_rule -p tcp --
dport 80 -d “LAN IP here” -j
ACCEPT
iptables -t nat -A postrouting_rule -s
“CIDR Notation of LAN” -p tcp --
dport 80 -d “LAN IP here” -j
MASQUERADE” [12]
With this last piece of code you can now
restart your firewall to enable the
portforwarding and loopback abilities
“>/etc/init.d/firewall”.

config 'rule' The OpenWRT router will now be capable

option 'src' 'wan'
option 'proto' 'tcp'
option 'src_ip' ''
option 'dest_ip' ''
option 'dest_port' '25'
option 'target' 'ACCEPT'”[11]
of completing communication to and from a
WAN machine because the router has
information for both sending and receiving
information on the specified port.
 V. General Wireless Repeater option ssid
HostSSIDHere
Wireless repeaters are used in circumstances option encryption none [1]
where due to obstacles, signal attenuation, or
other factors cause the loss of a signal of
over the air transmissions. For this papers Add to file /etc/config/network: [1]
application we focus on a wireless internet
repeater. This would be useful in large config switch eth0
block houses where the signal farther away option vlan0 "1 2 3 4 5*"
from the access point and router is degraded option vlan1 "0 5"
so much that speed and accessibility are a
problem. config interface loopback
option ifname "lo"
This function has been implemented in the option proto static
Linksys router discussed in this paper and option ipaddr 127.0.0.1
option netmask 255.0.0.0
can be activated by a few simple steps in its
proprietary GUI, refer to reference [14].
This paper will focus and explore the config interface lan
OpenWRT wireless repeater functions option type bridge
though. option ifname "eth0.0"
option proto 'static'
VI. OpenWRT Wireless Repeater option ipaddr '10.0.0.1'
option netmask
From the OpenWRT website the code is '255.255.255.0'
available to enable wireless repeater option gateway ''
functions in OpenWRT. Add the following option dns ''
code to the file /etc/config/wireless:
config interface wan
config wifi-device wl0 option ifname "wl0"
option type broadcom option proto dhcp
option channel 5
# disable radio to prevent an open This will enable the router to act as a
repeater now instead of just an access point.
ap after reflashing:
option disabled 0 This is possible because the wireless card of
the router actually has two wireless
config wifi-iface interfaces that can be configured separately.
option device wl0 Now one of the interfaces acts as the base
option network lan station to access the WAN or internet while
option mode ap the other is configured as a wireless repeater
option ssid and can send and receive information from
YourSSIDHere another wireless repeater.
option hidden 0
With this you can connect multiple routers
option encryption wep
option key '1' together in a chain to connect a larger area
option key1 through the same WAN Base Station. As
'XXXXXXXXXXXXXXXXXX shown in figure 2.
XXXXXXXX'

config wifi-iface
option device wl0
option mode sta

Figure 2 [14]
The figure illustrates a wired connection,
between the Access Point (AP) and WAN,
but this could just as easily be a wireless
connection. The flexibility of the wireless
repeater gives a lot more capabilities than
the wired infrastructure in the home and
commercial application because the AP can
be moved to wherever it is needed much
more easily than a wire connection.
This code to enable the wireless router also
offers great flexibility in the protocol usage
and netmask choices to configure your
router that can affect speed and reliability.
VII. Conclusion
The OpenWRT implementation for port
forwarding and wireless repeater both offer
the advantages of customization to the user
for use with the personal computers and
networks. Through these customizations the
user can allow applications to run faster and
more efficiently in their home over a
wireless LAN if they desire.
I was able to find the process for
implementing both of these capabilities for
the OpenWRT enabled router, but was not
able to enact them due to the issues
discussed in this paper.
While I focused on the implementation of
these capabilities on a wireless home router
that does not mean it is their only
application. Both can be used for other
applications and the principles are the same.
For instance cell phones are all connected on
a large scale wireless network and if each
cell phone could be turned in to a wireless
repeater it would effectively increase the
range of every cell phone tower because
they now have thousands of mini repeaters
out their relaying information back to the
tower that it would not normally have
received. Many researchers and students are
already working on this problem and
OpenWRT may be a possible solution or
stepping stone on the way to that solution.
While I did not achieve my original goal of
implementing OpenWRT on my home
router I was able to find out that it was
possible and given the write tools could
complete it. I was able to complete my goal
of researching the port forwarding and
wireless repeater abilities of OpenWRT and
see how they are implemented in a
commercial device.
With OpenWRT’s past success and its new
classification as Software in the public
interest its capabilities will continue to
improve and develop. Its abilities can be
levereaged in the future to expand all
wireless communication and perhaps a
devlopment first implemented in OpenWRT
can be used in the commercial world to
extend coverage to places it has never been.
VIII. Reference list
[1] “OpenWRT” Wikipedia,
<http://en.wikipedia.org/wiki/OpenWRT>
[2] “Open WRT wireless freedom”.
<http://nuwiki.openwrt.org/oldwiki/OpenWr
tDocs/Hardware/Linksys/WRT54GL>
[3] “Tutorials for OpenWRT”
<http://www.macsat.com/oldguides/>
[4] “Linksys WRT54GL v1.1 english”
<http://www.hendlsofen.de/WRT54GL/eng/
WRT54GL_main.html>

[5] “OpenWRT Nears Primetime”

<http://www.linux.com/archive/feature/1141
15>

[6] “OpenWRT”
<http://oldwiki.openwrt.org/OpenWrtDocs(
2f)Hardware(2f)Linksys(2f)WRT54GL.html
#head-
d34b409c6c22cd8b5b10f3215f99eeac6c846
0d8>

[7] “Rod Whiteby”

<http://www.rwhitby.net/projects/wrt54gs>

[8] “Port Forwarding with OpenWRT” <

http://www.nowhere.dk/articles/port-
forwarding-with-openwrt-kamikaze>
[9] “port forwarding”
http://portforward.com/help/portforwarding.
htm

[10] “Nyetwork Wiki”

http://www.nyetwork.org/wiki/OpenWrt

[11] “Small Business Tech Solutions” <

http://www.sbtechsolutions.biz/more-
complicated-instructions/openwrt/setting-
up-port-forwarding-and-dealing-with-
loopbacks-on-openwrt-kamikaze-8.09.1>

[12] “PixelChef” <

http://pixelchef.net/content/how-setup-
loopback-port-forwarding-openwrt-
kamikaze>

[13] “Wireless Communications” Second

Edition. Prentice Hall. Theodore Rappaport.
2002.

[14] Cisco Systems.

http://www.cisco.com/en/US/docs/routers/ac
cess/800/860-880-
890/software/configuration/guide/wireless_o
verview.html