The independent technical support site for all things networking!


Post a new topicPost a reply Page 1 of 1   [ 15 posts ]
Author Message
 Post subject: Actiontec GT701-WG and openvpn, need help.
PostPosted: Fri Oct 22, 2010 12:50 pm 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
Hello!
Some time ago I had Dlink DSL-500T router. I flashed it with ar7rd-1port-adam2 2.94 Routertech firmware and configured openvpn as client with static key. I created mtd5 partition, put openvpn config, keys and certs to "/nvram/ovpn" dir, wrote startup.sh and onconnect.sh scripts for openvpn, where I added route to my openvn server and created iptables rule for masquerading tun0 interface.
It all works perfect.

Now I have Actiontec GT701-WG. I flashed it with ar7wrd-1port-adam2 2.94 and trying to set up openvpn with the same way as previously. Unfortunately, the router freezes (no webpanel, no telnet, no led activity) when at least one transit IP packet passing through the openvpn.

Here my openvpn files in /nvram/ovpn/
Code:
start.sh
onconnect.sh
openvpn.ovpn
openvpn.key

start.sh
Code:
#!/bin/sh


OVPN_TGTPATH=/var/tmp/openvpn
mkdir -p ${OVPN_TGTPATH}

# mknod
MKNOD=/bin/mknod
[ ! -f "$MKNOD" ] && MKNOD=$OVPN_TGTPATH/mknod

# The device name
TUNDEV=tun

# The device directory
TUNDEVPATH=/var/tmp

# The complete file name of the device
TUNDEVFILE=${TUNDEVPATH}/${TUNDEV}

# Start
echo "initializing module ethertap and tun"
modprobe -v -k ethertap
modprobe -v -k tun

echo "creating device node $TUNDEVFILE"
mkdir -p ${TUNDEVPATH}
$MKNOD -m 0644 ${TUNDEVFILE} c 10 200

cp -af /nvram/ovpn/*.crt "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.key "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.pem "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.ovpn "$OVPN_TGTPATH"

echo "calling openvpn"
sleep 2

# Log file.
OVPN_LOG=/var/log/ovpn.log
OVPN_STAT=/var/log/ovpn.stat

# start OpenVPN
/usr/local/bin/openvpn --cd ${OVPN_TGTPATH} --dev-node ${TUNDEVFILE} --config ${OVPN_TGTPATH}/openvpn.ovpn --log ${OVPN_LOG} --status $OVPN_STAT 5 &
sleep 2
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
echo /nvram/ovpn/onconnect.sh >> /var/tmp/onconnectWAN


onconnect.sh
Code:
#!/bin/sh

# my openvpn server
route add -host 80.81.82.83 dev ppp0

# default gateway
route del default
route add default dev tun0


When openvpn started, I have these interfaces:
Code:
/var # ifconfig
br0       Link encap:Ethernet  HWaddr 00:15:15:15:15:74
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16926 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23040 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2327141 (2.2 MiB)  TX bytes:19576463 (18.6 MiB)

br1       Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

br2       Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 00:15:15:15:15:74
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16926 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23043 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2564105 (2.4 MiB)  TX bytes:19576589 (18.6 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

nas0      Link encap:Ethernet  HWaddr 00:15:15:15:15:76
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:20280 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15318 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:18040327 (17.2 MiB)  TX bytes:3523751 (3.3 MiB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:178.95.19.26  P-t-P:95.58.76.80  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:20184 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15223 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:17874409 (17.0 MiB)  TX bytes:3032764 (2.8 MiB)

tun0      Link encap:Point-to-Point Protocol
          inet addr:10.12.0.2  P-t-P:10.12.0.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:16889 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12954 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:13885255 (13.2 MiB)  TX bytes:1813620 (1.7 MiB)


Tunnel works, I can ping endpoint:
Code:
/var # ping 10.12.0.1
PING 10.12.0.1 (10.12.0.1): 56 data bytes
64 bytes from 10.12.0.1: seq=0 ttl=64 time=160.000 ms
64 bytes from 10.12.0.1: seq=1 ttl=64 time=150.000 ms
64 bytes from 10.12.0.1: seq=2 ttl=64 time=150.000 ms
64 bytes from 10.12.0.1: seq=3 ttl=64 time=150.000 ms


NAT table:
Code:
/var # iptables -t nat -v -L
Chain PREROUTING (policy ACCEPT 245 packets, 24271 bytes)
 pkts bytes target     prot opt in     out     source               destination


Chain POSTROUTING (policy ACCEPT 30 packets, 2244 bytes)
 pkts bytes target     prot opt in     out     source               destination

    4   280 MASQUERADE  all  --  any    ppp0    anywhere             anywhere
    0     0 MASQUERADE  all  --  any    tun0    anywhere             anywhere

Chain OUTPUT (policy ACCEPT 35 packets, 2742 bytes)
 pkts bytes target     prot opt in     out     source               destination


I think free memory is enough:
Code:
/var # free
              total         used         free       shared      buffers
  Mem:        14228        12620         1608            0         1152
 Swap:            0            0            0
Total:        14228        12620         1608


The most interesting thing is that when I flash router partially with kernel image from ar7rd-1port-adam2 firmware and filesystem image from ar7wrd-1port-adam2 - it works, and openvpn working too! No freezing! But wireless, of course, not working :(

It can be the kernel problem or something else? I have no idea. :( Would be grateful for any help. Thanks.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Sat Oct 23, 2010 12:06 am 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
Post the system diagnostics.

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Sat Oct 23, 2010 5:38 am 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
Code:
ROUTERTECH SYSTEM DIAGNOSTICS

Operating system version
Linux version 2.4.17_mvl21-malta-mips_fp_le (developers@RouterTech.Org) #1 Wed Aug 18 11:08:46 BST 2010

Firmware version information
BUILD=RouterTech_3.6.0D_20100818_2.94
VERSION=3.6.0D-RouterTech-Adam2
BOARD=AR7WRD
TARGET=Adam2_1-Port
FSSTAMP=20100818111250

PSP version information

Linux OS DSL-PSPOhioL version 4.5.0.5 Best and Final on BasePSP Version 5.7.6.12  Aug 18 2010 11:09:46
Avalanche SOC Version: 0x260005 operating in cached, write back, write allocate mode
Cpu Frequency:150 MHZ
System Bus frequency: 125 MHZ


Driver version information
Core Logic version: 3.6.0D
Texas Instruments CPMAC driver version: 1.5
Texas Instruments CPMAC HAL version: CPMAC 01.07.08 Aug 18 2010 11:08:57
ATM Driver version:[7.05.01.00]
DSL HAL version: [7.05.01.00]
DSP Datapump version: [7.05.01.00] Annex A
SAR HAL version: [01.07.2c]
PDSP Firmware version:[0.54]
Chipset ID: [7300/7300A]

Modem Modulation Information
NO_MODE         0x0
ADSL_G.dmt         0x3
ADSL_G.lite         0x4
ADSL_G.dmt.bis         0x8
ADSL_G.dmt.bis_DELT         0x9
ADSL_2plus         0x10
ADSL_2plus_DELT         0x11
ADSL_re-adsl         0x20
ADSL_re-adsl_DELT         0x21
ADSL_ANSI_T1.413         0x2
MULTI_MODE         0x1
ADSL_G.dmt.bis_AnxI         0x0
ADSL_G.dmt.bis_AnxJ         0x0
ADSL_G.dmt.bis_AnxM         0x400
ADSL_2plus_AnxI         0x0
ADSL_2plus_AnxJ         0x0
ADSL_2plus_AnxM         0x2000
G.shdsl         0x0
IDSL         0x0
HDSL         0x0
SDSL         0x0
VDSL         0x0

System environment (/proc/sys/dev/adam2/environment)

AEIBootVersion   0.9i
autoload   1
autoload_timeout   8
bootloaderVersion   0.22.02
bootserport   tty0
connection1   0x9d1b
cpufrequency   150000000
DSL_FEATURE_CNTL_0   0x00110000
DSL_PHY_CNTL_0   0x00006700
enable_margin_retrain   0
firstfreeaddress   0x9401d5a8
flashsize   0x00400000
HWA_HRNDIS   00:E0:00:00:00:E1
HWA_RNDIS   00:E0:00:00:00:EB
HWRevision   2A+
led_conf   led.gt701wg
maca   00:15:00:00:00:74
macb   00:15:00:00:00:75
macc   00:15:00:00:00:76
mac_ap   00:15:00:00:00:77
memsize   0x01000000
modetty0   38400,n,8,1,hw
modetty1   38400,n,8,1,hw
modulation   0x1
mtd0   0x90090000,0x903d0000
mtd1   0x90010000,0x90090000
mtd2   0x90000000,0x90010000
mtd3   0x903f0000,0x90400000
mtd4   0x90010000,0x903d0000
mtd5   0x903d0000,0x903f0000
my_ipaddress   192.168.1.1
ProductID   GT701-WG
prompt   Adam2_AR7RD
req_fullrate_freq   125000000
RT_cmd_1   /nvram/ovpn/start.sh
RT_init_nvram   mount -t minix /dev/mtdblock/5 /nvram/
SerialNumber   none
StaticBuffer   120
sysfrequency   125000000
usb_board_mac   00:15:00:00:00:78
usb_man   Actiontec Electronics, Inc.
usb_pid   0x6010
usb_prod   Actiontec Gateway
usb_rndis_mac   00:15:00:00:00:79
usb_vid   0x1668
vcc_encaps0   0.0
vcc_encaps1   0.0
vcc_encaps2   0.0
vcc_encaps3   0.0
vcc_encaps4   0.0
vcc_encaps5   0.0
vcc_encaps6   0.0
vcc_encaps7   0.0

CPU information
processor      : 0
cpu model      : MIPS 4KEc V4.8
BogoMIPS      : 149.91
wait instruction   : no
microsecond timers   : yes
extra interrupt vector   : yes
hardware watchpoint   : yes
VCED exceptions      : not available
VCEI exceptions      : not available

Memory (RAM) information
        total:    used:    free:  shared: buffers:  cached:
Mem:  14553088 12902400  1650688        0  1757184  5795840
Swap:        0        0        0
MemTotal:        14212 kB
MemFree:          1612 kB
MemShared:           0 kB
Buffers:          1716 kB
Cached:           5660 kB
SwapCached:          0 kB
Active:           1896 kB
Inactive:         7372 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:        14212 kB
LowFree:          1612 kB
SwapTotal:           0 kB
SwapFree:            0 kB

Flash memory (chip) information
Flash type: AMD; Manufacturer=MACRONIX (AMD-compat).
Manufacturer_ID=0x00C2; Chip_ID=0x00A8; Chip_Size=0x400000; Erase_Regions=0x0002

Mount points
/dev/mtdblock/0 / squashfs ro 0 0
none /dev devfs rw 0 0
proc /proc proc rw 0 0
ramfs /var ramfs rw 0 0
/dev/mtdblock/5 /nvram minix rw 0 0

Filesystems
nodev   rootfs
nodev   bdev
nodev   proc
nodev   sockfs
nodev   tmpfs
nodev   shm
nodev   pipefs
nodev   ramfs
   minix
nodev   devfs
   squashfs

MTD
dev:    size   erasesize  name
mtd0: 00340000 00010000 "mtd0"
mtd1: 00080000 00010000 "mtd1"
mtd2: 00010000 00002000 "mtd2"
mtd3: 00010000 00010000 "mtd3"
mtd4: 003c0000 00010000 "mtd4"
mtd5: 00020000 00010000 "mtd5"

Kernel modules
tun                     4984   3 (autoclean)
ethertap                3720   0 (autoclean) (unused)
tiatm                 138672   1

Interrupts
  7:    21011   R4000 timer/counter [MIPS interrupt]
  8:        0   unified secondary [hw0 (Avalanche Primary)]
 15:      383   serial [hw0 (Avalanche Primary)]
 23:      335 + SAR  [hw0 (Avalanche Primary)]
 27:     3199 + Cpmac Driver [hw0 (Avalanche Primary)]
 29:        0   vlynq0 [hw0 (Avalanche Primary)]
 47:       51 + DSL  [hw0 (Avalanche Primary)]

Devices
Character devices:
  1 mem
  2 pty/m%d
  3 pty/s%d
  4 tts/%d
  5 cua/%d
 10 misc
108 ppp
128 ptm
136 pts/%d
162 raw

Block devices:
  7 loop
 31 mtdblock

Processes
  PID USER       VSZ STAT COMMAND
    1 root      1056 S    init
    2 root         0 SW   [keventd]
    3 root         0 SWN  [ksoftirqd_CPU0]
    4 root         0 SW   [kswapd]
    5 root         0 SW   [bdflush]
    6 root         0 SW   [kupdated]
    7 root         0 SW   [mtdblockd]
  365 root      1180 S    /usr/sbin/thttpd -d /usr/www -u root -p 80 -c /cgi-b
  368 root      2156 S    /usr/bin/cm_pc
  369 root      3660 S    /usr/bin/cm_logic -m /dev/ticfg -c /etc/config.xml
  403 root       744 S    /sbin/dproxy -c /etc/resolv.conf -d
  476 root      1056 S    init
  514 root      2136 S    /usr/local/bin/openvpn --cd /var/tmp/openvpn --dev-n
  635 root      2396 S    /usr/sbin/pppd plugin pppoe nas0 user ispuser password 6
  741 root       920 S    /sbin/msntp -r 2 -t 5 -p 30 -s wwv.nist.gov ntp2b.mc
  742 root       684 S    /usr/sbin/udhcpd /var/tmp/udhcpd.conf
 1218 root      1044 S    /sbin/iptables -I INPUT 1 -p tcp --dport 80 -s 00,03
 1223 root      1064 S N  /bin/sh diagnostics.cgi
 1224 root      1180 S    /usr/sbin/thttpd -d /usr/www -u root -p 80 -c /cgi-b
 1228 root       628 S N  /usr/local/bin/diagnostics
 1229 root      1060 S N  sh -c /usr/local/bin/diagnostics.sh
 1230 root      1064 S N  /bin/sh /usr/local/bin/diagnostics.sh
 1254 root      1056 R N  /bin/ps

ADSL Modem information

AR7 DSL Modem Statistics:
--------------------------------
[DSL Modem Stats]
   US Connection Rate:   896   DS Connection Rate:   2368
   DS Line Attenuation:   16   DS Margin:      31
   US Line Attenuation:   9   US Margin:      14
   US Payload :      22992   DS Payload:      29040
   US Superframe Cnt :   10049   DS Superframe Cnt:   10049
   US Transmit Power :   12   DS Transmit Power:   -5
   LOS errors:      0   SEF errors:      0
   Errored Seconds:   0   Severely Err Secs:   0
   Frame mode:      3   Max Frame mode:      0
   Trained Path:      1   US Peak Cell Rate:   2113
   Trained Mode:      3   Selected Mode:      1
   ATUC Vendor Code:   54535443   ATUC Revision:   1
   Hybrid Selected:   1   Trellis:      1
   Showtime Count:      1   DS Max Attainable Bit Rate: 11840 kbps
   BitSwap:      1   US Max Attainable Bit Rate:   n/a
   Annex:          AnxA   psd_mask_qualifier: 0x0000
   ATUC ghsVid:  b5 00 54 53 54 43 00 00
   T1413Vid: 00 00      T1413Rev: 00      VendorRev: 00
   ATUR ghsVid:  b5 00 54 53 54 43 00 00
   T1413Vid: 00 00   T1413Rev: 00   VendorRev: 00

   [Upstream (TX) Interleave path]
   CRC:    1   FEC:    0   NCD:    0
   LCD:    0   HEC:    0

   [Downstream (RX) Interleave path]
   CRC:    0   FEC:    0   NCD:    0
   LCD:    0   HEC:    0

   [Upstream (TX) Fast path]
   CRC:    0   FEC:    0   NCD:    1
   LCD:    0   HEC:    0

   [Downstream (RX) Fast path]
   CRC:    0   FEC:    0   NCD:    0
   LCD:    0   HEC:    0

[ATM Stats]
   [Upstream/TX]
   Good Cell Cnt:   479
   Idle Cell Cnt:   360526


   [Downstream/RX)]
   Good Cell Cnt:   605
   Idle Cell Cnt:   953428
   Bad Hec Cell Cnt:   0
   Overflow Dropped Cell Cnt:   0

[SAR AAL5 Stats]
   Tx PDU's:   160
   Rx PDU's:   161
   Tx Total Bytes:   15708
   Rx Total Bytes:   23273
   Tx Total Error Counts:   0
   Rx Total Error Counts:   0


[OAM Stats]
   Near End F5 Loop Back Count:   0
   Near End F4 Loop Back Count:   0
   Far End F5 Loop Back Count:   0
   Far End F4 Loop Back Count:   0
   SAR OAM Ping Response Drop Count=15

Trained modulation:
ADSL_G.dmt

Path mode:
Interleaved

Network statistics
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 0.0.0.0:www             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:domain          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:ftp             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:telnet          0.0.0.0:*               LISTEN     
tcp        0      0 mygateway1.AR7WRD:www   192.168.1.2:3033        ESTABLISHED
tcp        0      0 mygateway1.AR7WRD:www   192.168.1.2:3027        TIME_WAIT   
tcp        0      0 mygateway1.AR7WRD:telnet 192.168.1.2:3028        TIME_WAIT   
udp        0      0 0.0.0.0:2048            0.0.0.0:*                           
udp        0      0 0.0.0.0:domain          0.0.0.0:*                           
udp        0      0 0.0.0.0:bootps          0.0.0.0:*                           
udp        0      0 0.0.0.0:tftp            0.0.0.0:*                           
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  5      [ ]         DGRAM                       446 /dev/log
unix  2      [ ]         DGRAM                       448 /dev/klog
unix  2      [ ]         DGRAM                       419 /var/tmp/cm_pc.ctl
unix  2      [ ]         DGRAM                       433 /var/tmp/cm_logic.ctl
unix  2      [ ]         DGRAM                      1102
unix  2      [ ]         DGRAM                      1052
unix  2      [ ]         DGRAM                      1026
unix  2      [ ]         STREAM                      405
unix  2      [ ]         DGRAM                       404
unix  2      [ ]         DGRAM                        25

Iptables chains
Chain INPUT (policy ACCEPT 1243 packets, 98034 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  219 27026 ACCEPT     all  --  ppp0   any     anywhere             anywhere           state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           icmp fragmentation-needed
    0     0 DROP       icmp -f  any    any     anywhere             anywhere           
    0     0 DROP       all  --  ppp0   any     anywhere             anywhere           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  ppp0   any     anywhere             anywhere           state RELATED,ESTABLISHED
    0     0 TCPMSS     tcp  --  any    ppp0    anywhere             anywhere           tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           icmp fragmentation-needed
    0     0 DROP       all  --  ppp0   any     anywhere             anywhere           

Chain OUTPUT (policy ACCEPT 2320 packets, 1629K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           icmp fragmentation-needed
    0     0 DROP       icmp --  any    ppp0    anywhere             anywhere           icmp destination-unreachable
    0     0 DROP       icmp --  any    ppp0    anywhere             anywhere           state INVALID

Network interface details
br0       Link encap:Ethernet  HWaddr 00:15:00:00:00:74 
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1240 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:121917 (119.0 KiB)  TX bytes:1644588 (1.5 MiB)

br1       Link encap:Ethernet  HWaddr 00:00:00:00:00:00 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

br2       Link encap:Ethernet  HWaddr 00:00:00:00:00:00 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 00:15:05:36:70:74 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1240 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:121917 (119.0 KiB)  TX bytes:1644588 (1.5 MiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

nas0      Link encap:Ethernet  HWaddr 00:15:05:36:70:76 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:237 errors:0 dropped:0 overruns:0 frame:0
          TX packets:236 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:29836 (29.1 KiB)  TX bytes:23237 (22.6 KiB)

ppp0      Link encap:Point-to-Point Protocol 
          inet addr:89.208.200.13  P-t-P:95.50.170.80  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:222 errors:0 dropped:0 overruns:0 frame:0
          TX packets:221 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:27140 (26.5 KiB)  TX bytes:15338 (14.9 KiB)

tun0      Link encap:Point-to-Point Protocol 
          inet addr:10.12.0.2  P-t-P:10.12.0.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:516 (516.0 B)  TX bytes:380 (380.0 B)


System Log
Aug 18 11:12:12 | AP is disabled
Aug 18 11:12:12 | Valid Configuration Tree
Aug 18 11:12:12 | NTP Polling Timer for DHCP Started succesfully.
Aug 18 11:12:12 | DSL Polling Timer Started succesfully.
Aug 18 11:12:12 | PSP Boot environment  Modem Modulation Change: 0x1
Aug 18 11:12:12 | Firewall NAT service started
Aug 18 11:12:13 | Bridge Created: br0
Aug 18 11:12:15 | Bridge VLAN0 add eth0
Aug 18 11:12:15 | Bridge VLAN AUTO OFF.
Aug 18 11:12:15 | Bridge VLAN0 add eth1
Aug 18 11:12:15 | Bridge VLAN AUTO OFF.
Aug 18 11:12:15 | Bridge VLAN0 add eth2
Aug 18 11:12:15 | Bridge VLAN AUTO OFF.
Aug 18 11:12:15 | Bridge VLAN0 add eth3
Aug 18 11:12:15 | Bridge VLAN AUTO OFF.
Aug 18 11:12:15 | Bridge Created: br1
Aug 18 11:12:16 | Bridge Created: br2
Aug 18 11:12:18 | USB is disabled 
Aug 18 11:12:18 | Bridge Interface Added: eth0
Aug 18 11:12:20 | Add Bridge Iface Error: 1
Aug 18 11:12:21 | Add Bridge Iface Error: 1
Aug 18 11:12:21 | Add Bridge Iface Error: 1
Aug 18 11:12:22 | DSL Carrier is down
Aug 18 11:12:23 | rcS not stopped by init. Stopping it ... 
Aug 18 11:12:32 | DSL Carrier is up
Aug 18 11:12:32 | sar read trained mode (1)(ADSL_G.dmt)
Aug 18 11:12:33 | ---}}} Start of connection delayed for 7 sec
Aug 18 11:12:40 | PPPoE Launch after conn delay timeout ...
Aug 18 11:12:41 | pppd 2.4.4 started by root, uid 0
Aug 18 11:12:41 | Unexpected packet: Ether addr: 00:90:1a:a3:34:82  (PPPOE Discovery)  PPPoE hdr: ver=0x1 type=0x1 code=0x07 sid=0x0000 length=0x0037 (PADO)  PPPoE tag: type=0102 length=0013 (AC Name) data (UTF-8): Megaline-mkkg-bng-1 PPPoE tag: type=0103 length=0004 (Host
Aug 18 11:13:48 | New PPP_ID: 0x9d1b 
Aug 18 11:13:48 | Got connection: 9d1b
Aug 18 11:13:48 | Saved Session ID: 0
Aug 18 11:13:48 | AC MAC address: 00-90-1a-a2-96-51
Aug 18 11:13:48 | Connect: ppp0 {--} nas0
Aug 18 11:13:49 | PAP authentication succeeded
Aug 18 11:13:49 | local  IP address 89.208.200.13 
Aug 18 11:13:49 | remote IP address 95.50.170.80
Aug 18 11:13:49 | primary   DNS address 212.154.163.162
Aug 18 11:13:49 | secondary DNS address 95.56.237.24
Aug 18 11:13:49 | PPPoE Connect with IP Address 89.208.200.13   
Aug 18 11:13:49 | PPPoE Connection Successfully Established 
Aug 18 11:13:49 | Renew PPPoE Session ID: 0x9d1b 
Aug 18 11:13:49 | PPPoE Connect with Gateway IP Address: 95.50.170.80 
Aug 18 12:14:10 | onconnectWAN: cron has been disabled in the bootloader environment. 

Miscellaneous information
RouterTech firmware release: 2.94
Linux version 2.4.17_mvl21-malta-mips_fp_le (developers@RouterTech.Org) #1 Wed Aug 18 11:08:46 BST 2010
BUILD=RouterTech_3.6.0D_20100818_2.94
VERSION=3.6.0D-RouterTech-Adam2
BOARD=AR7WRD
TARGET=Adam2_1-Port
FSSTAMP=20100818111250
Ethernet ports: 1
Core logic version: 3.6.0D
Boot Loader: Adam2 v0.22.02
ATM Driver version:[7.05.01.00]
DSL HAL version: [7.05.01.00]
DSP Datapump version: [7.05.01.00] Annex A
SAR HAL version: [01.07.2c]
PDSP Firmware version:[0.54]
Chipset ID: [7300/7300A]
Upstream rate (kbps):  896
Downstream rate (kbps):  2368
Trained Modulation: ADSL_G.dmt
Path Mode: Interleaved
System uptime: 0 hr 3 min - 0 day(s), 0 hour(s), 3 minute(s), and 46 second(s) (system 70% idle)
WAN uptime: 0hr 1min 45sec
WAN IP address: 89.208.200.13
Bandwidth usage:
   Downloads : 0.0341 MB
   Uploads   : 0.0224 MB
Line attenuation:
   DS Line Attenuation:   16   DS Margin:      31
   US Line Attenuation:   9   US Margin:      14
Memory usage:
   In active use : 37% of 14212 kb
   Available     : 63% (8972 kb) of 14212 kb (of which 7408 kb is marked as "Inactive" and 1564 kb is free)
Environment fragmentation:
   Fragmentation level is "1" (out of 54 records). The threshold is "30".
Connection information: connection1


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Sat Oct 23, 2010 9:21 am 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
It seems that something is not right with your startup script. Use the built-in startup scripts (openvpn.sh et al) and post the result.

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Sat Oct 23, 2010 10:34 am 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
I need use OpenVPN in "P2P-static-key" (point-to-point) mode.
Built-in startup script does not allow run openvpn in this mode (as well like as client).


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Sat Oct 23, 2010 10:43 am 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
digrobot wrote:
I need use OpenVPN in "P2P-static-key" (point-to-point) mode.
Built-in startup script does not allow run openvpn in this mode (as well like as client).
I see. Unfortunately, that is beyond me, so I can't offer any assistance here.

PS: have you tried using pptpd ?

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Thu Oct 28, 2010 12:01 pm 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
pptpd does not suit me because it used fixed TCP port which I can not change. Also pptpd does not support UDP as transport layer.

Last days I playing with Routertech firmware sources, downloaded from this site. I built two kernel images with default supplied configs for AR7RD and AR7WRD boards. They both work on my router, but not with openvpn (still freezing).

So, the only kernel that works with openvpn, is kernel from ar7rd-1port-adam2 package. Is it possible to look at .config for this firmware? I tend to think that tweaking some kernel options may solve my problem.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Thu Oct 28, 2010 1:31 pm 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
digrobot wrote:
So, the only kernel that works with openvpn, is kernel from ar7rd-1port-adam2 package. Is it possible to look at .config for this firmware? I tend to think that tweaking some kernel options may solve my problem.
If you have the sources, then the relevant .config is already there.

Edit: are you talking about the 2mb-flash or 4mb-flash version of ar7rd-1port-adam2 ?

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Thu Oct 28, 2010 4:53 pm 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
What is in your openvpn.ovpn and client ovpn files? Are you certain that they both refer to tun and not to tap?

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Thu Oct 28, 2010 5:15 pm 
RouterTech Team
RouterTech Team

Joined: Wed Jan 10, 2007 11:54 pm
Posts: 3700
One kernel difference you may want to explore is the Ti optimization TI_SLOW_PATH, this hides interfaces from DarkStat, but couldn't be disabled in the wireless firmware because it was required by the binary wireless driver.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Thu Oct 28, 2010 6:00 pm 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
Quote:
If you have the sources, then the relevant .config is already there.

I downloaded routertech-v2.94-GPL-firmware-sources.tar.bz2.tar file from this topic: viewtopic.php?f=23&t=3555
There are only old reference TI configs (NSP_AR7*...) in tools/configs, and three Acorp configs.
Acorp configs seems to be much newer, but have disabled some features, that Routertech kernels have (e.g. minix fs, tun device... ). So I thought that there is no actual .config in distributed sources. If I wrong, please tell me.

Quote:
are you talking about the 2mb-flash or 4mb-flash version of ar7rd-1port-adam2

4mb-flash ar7rd-1port-adam2

Quote:
What is in your openvpn.ovpn and client ovpn files? Are you certain that they both refer to tun and not to tap?

here is my openvpn.ovpn
Code:
nobind
remote remoteserver port
ifconfig 10.12.0.2 10.12.0.1
verb 2
mute 0
secret openvpn.key
proto udp
dev tun
keepalive 10 120
#comp-lzo
mssfix 1200
persist-key
persist-tun

Also I point openvpn to tun device in start.sh
Code:
# The device directory
TUNDEVPATH=/dev/net
# The device name
TUNDEV=tun
# The complete file name of the device
TUNDEVFILE=${TUNDEVPATH}/${TUNDEV}
/usr/local/bin/openvpn --cd ${OVPN_TGTPATH} --dev-node ${TUNDEVFILE} --config ${OVPN_TGTPATH}/openvpn.ovpn --log ${OVPN_LOG} --status $OVPN_STAT 5 &

Quote:
One kernel difference you may want to explore is the Ti optimization TI_SLOW_PATH, this hides interfaces from DarkStat, but couldn't be disabled in the wireless firmware because it was required by the binary wireless driver.

Thanks, I'll try to change this option


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Thu Oct 28, 2010 6:21 pm 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
digrobot wrote:
... and three Acorp configs.
Those are the .configs (e.g., Acorp_LAN120.config, in the PROFILE/ directory tree).
digrobot wrote:
Acorp configs seems to be much newer, but have disabled some features, that Routertech kernels have (e.g. minix fs, tun device... ). So I thought that there is no actual .config in distributed sources. If I wrong, please tell me.
See above. You can add these to them
Code:
CONFIG_FSCK_MINIX=y
CONFIG_MKFS_MINIX=y
CONFIG_MINIX_FS=y
CONFIG_TUN=m
CONFIG_ETHERTAP=m
You can also try
Code:
TI_SLOW_PATH=y
But that will crash the wireless AP driver if you ever try to run Darkstat (or anything that uses tcpdump).

Note also that some things are actually in Busybox 1.17.x.

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Sun Oct 31, 2010 5:55 pm 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
I almost broke my brain whith it :)

Firstly, I noticed that the router freezes only when openvpn tunnel is up.
Therefore I decided log and catch packets, returning from other side of openvpn tunnel. I have set up remote system log, and set the trap at router:
Code:
cat /proc/kmsg | logger &
iptables -t mangle -A POSTROUTING -s 10.12.0.1 -j LOG --log-level=5
iptables -t mangle -A POSTROUTING -s 10.12.0.1 -j DROP

Then I doing ping remote side of openvpn tunnel (10.12.0.1) from my PC (192.168.1.2). No problem, There are echos:
Code:
31.10.2010,10:10:36,192.168.1.1,???,USER,NOTICE, root: Aug 18 12:28:21 | {5}IN= OUT=br0 SRC=10.12.0.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=55437 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=34818 
31.10.2010,10:10:41,192.168.1.1,???,USER,NOTICE, root: Aug 18 12:28:27 | {5}IN= OUT=br0 SRC=10.12.0.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=55438 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=35074 
31.10.2010,10:10:46,192.168.1.1,???,USER,NOTICE, root: Aug 18 12:28:32 | {5}IN= OUT=br0 SRC=10.12.0.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=55439 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=35330

Set the trap at next step:
Code:
iptables -t mangle -F POSTROUTING
iptables -t nat -I POSTROUTING -s 10.12.0.1 -j DROP
iptables -t nat -I POSTROUTING -s 10.12.0.1 -j LOG --log-level=5

Now the router crashes at first response packet from 10.12.0.1 :(

So, the problem may be lying in netfilter (rather NAT), in my honest opinion. I tried to built kernel with three netfilters from the RouterTech sources (asus patched, old, and nsp340), but with no success (still freezes).
Also I built the kernel with TI_SLOW_PATH option. It seems to be working (the leds shows DSL up and WAN connecting), but I can't connect to the router to any way (ethernet broken).


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Mon Nov 01, 2010 11:17 am 
Newbie
Newbie

Joined: Sun Aug 29, 2010 11:50 am
Posts: 7
Location: Kazakhstan
When I compiled kernel with TI_SLOW_PATH option, ethernet was not working.
When I compiled without TI_SLOW_PATH option, ethernet was working, but router freezes with openvpn.

Then I patched Avalanche CPMAC driver (drivers/net/avalanche_cpmac/cpmac.c), forcing TI_SLOW_PATH in this file always off, and compiled the kernel with TI_SLOW_PATH on.

Not sure, that is right way, but now there is no problem with openvpn - all working as I expect :)
Thanks a lot for your advices, happy-end!


Top
 Profile  
 
 Post subject: Re: Actiontec GT701-WG and openvpn, need help.
PostPosted: Mon Nov 01, 2010 11:26 am 
RouterTech Team
RouterTech Team
User avatar

Joined: Wed Feb 01, 2006 10:22 pm
Posts: 11876
Location: England, the Centre of Africa
digrobot wrote:
Then I patched Avalanche CPMAC driver (drivers/net/avalanche_cpmac/cpmac.c), forcing TI_SLOW_PATH in this file always off, and compiled the kernel with TI_SLOW_PATH on.

Not sure, that is right way, but now there is no problem with openvpn - all working as I expect :)
Thanks a lot for your advices, happy-end!
If it works and does not produce any unwanted side effects, then it is the "right" way. ;)

However, you need to know that TI_SLOW_PATH will crash the wireless driver if you try to run darkstat. It may of course be possible to fix that problem if one knows where to turn TI_SLOW_PATH off selectively.

_________________
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post a new topicPost a reply Page 1 of 1   [ 15 posts ]


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB & WordPress     Hosted by Kieran O'Shea     Site Code © 2005-2011 Kieran O'Shea     All site contents © 2005-2011 RouterTech - All rights reserved     Valid HTML     Valid CSS     Graphics by Neo