GuruPlug Cheat Sheet

Table of Contents

*This cheat sheet concerns the GuruPlug plug computing device, a 5-watt ARM device that, by default, runs Debian. In general, it also applies to the DreamPlug.

Turning GuruPlug into a bridging WAP

Goal: To turn the plug into a wireless bridge, with one Ethernet interface and the wireless interface on the same (internal) subnet.

bridge-utils

First, install bridge-utils.

$ apt-get install bridge-utils

Assumptions:

Inside wired interface is eth0
Wireless interface is uap0
eth1 is connected to the Internet (or some other subnet)

Create bridge

Edit /etc/network/interfaces to define the bridge:

auto lo
iface lo inet loopback
       # up /etc/ip6up

auto eth0
iface eth0 inet static
address 0.0.0.0

auto uap0
iface uap0 inet static
address 0.0.0.0

auto eth1
iface eth1 inet dhcp
    # When the Internet link comes up, with a DHCP address, I end up
    # with two default routes, one for the outside link and one for the
    # inside link. This screws up routing, as one might expect. The
    # following seems to help:
    up /sbin/route del default gw 192.168.3.2

auto br0
iface br0 inet static
        address 192.168.3.1
        netmask 255.255.255.0
        network 192.168.3.0
        broadcast 192.168.3.255
        gateway 192.168.3.1
        #bridge_stp off
        bridge_ports uap0 eth0
        # 
        # For some reason, uap0 does not end up in the bridge.
        # Force it.
        up /usr/sbin/brctl addif br0 uap0

Note the up line at the bottom. This hack was the only way I could force the bridge to contain the wireless device. If the bridge does not contain the wireless device, one symptom will be that DHCP requests from wireless clients won’t be answered (because the DHCP server won’t see them).

If the wireless device doesn’t end up in the bridge, just add it manually:

# /usr/sbin/brctl addif br0 uap0

Configure the DHCP server.

`udhcpd`

If using udhcp, be sure the br0 interface is specified in the configuration file, /etc/udhcpd.conf:

interface br0

`dnsmasq`

If using the DHCP server in dnsmasq, be sure the br0 interface is specified in the configuration file, /etc/dnsmasq.conf:

bind-interfaces br0

ISC DHCPD

If using the ISC DHCP server, modify /etc/default/isc-dhcp-server so that INTERFACES contains br0:

INTERFACES="br0"

This setting tells /etc/init.d/isc-dhcp-server to pass br0 on the command line.

Routing issues

Reproduced from a comment in the /etc/network/interfaces file, above.

When the Internet link comes up, with a DHCP address, I end up with two default routes, one for the outside link and one for the inside link. This screws up routing, as one might expect. The following fixes the problem:

# /sbin/route del default gw 192.168.3.2

Default root password

All GuruPlugs ship with the same default root password (“nosoup4u”). If you’ve connected the GuruPlug to the Internet and left SSH open to the outside, it’s a good idea to change the root password.

Run the SSH daemon on another port

While this is just security through obscurity, generally a fail, it’s still not a bad idea. Edit /etc/ssh/sshd_config and change the Port line to something else, e.g.:

Port 10022

Firewall

If connected to the Internet, you should obviously install some firewall rules. I set things up so that there’s a firewall.sh script in /usr/local/sbin, that fires whenever dhclient(8) gets a new Internet address from my provider.

Sample: firewall.sh