GuruPlug Cheat Sheet
Turning GuruPlug into a bridging WAP
Goal: To turn the plug into a wireless bridge, with one Ethernet interface and the wireless interface on the same (internal) subnet.
First, install bridge-utils.
$ apt-get install bridge-utils
- Inside wired interface is
- Wireless interface is
eth1is connected to the Internet (or some other subnet)
/etc/network/interfaces to define the bridge:
auto lo iface lo inet loopback # up /etc/ip6up auto eth0 iface eth0 inet static address 0.0.0.0 auto uap0 iface uap0 inet static address 0.0.0.0 auto eth1 iface eth1 inet dhcp # When the Internet link comes up, with a DHCP address, I end up # with two default routes, one for the outside link and one for the # inside link. This screws up routing, as one might expect. The # following seems to help: up /sbin/route del default gw 192.168.3.2 auto br0 iface br0 inet static address 192.168.3.1 netmask 255.255.255.0 network 192.168.3.0 broadcast 192.168.3.255 gateway 192.168.3.1 #bridge_stp off bridge_ports uap0 eth0 # # For some reason, uap0 does not end up in the bridge. # Force it. up /usr/sbin/brctl addif br0 uap0
up line at the bottom. This hack was the only way I could force
the bridge to contain the wireless device. If the bridge does not contain
the wireless device, one symptom will be that DHCP requests from wireless
clients won’t be answered (because the DHCP server won’t see them).
If the wireless device doesn’t end up in the bridge, just add it manually:
# /usr/sbin/brctl addif br0 uap0
Configure the DHCP server.
udhcp, be sure the
br0 interface is specified in the
If using the DHCP server in
dnsmasq, be sure the
br0 interface is
specified in the configuration file,
If using the ISC DHCP server, modify
/etc/default/isc-dhcp-server so that
This setting tells
/etc/init.d/isc-dhcp-server to pass
br0 on the
Reproduced from a comment in the
/etc/network/interfaces file, above.
When the Internet link comes up, with a DHCP address, I end up with two default routes, one for the outside link and one for the inside link. This screws up routing, as one might expect. The following fixes the problem:
# /sbin/route del default gw 192.168.3.2
Default root password
All GuruPlugs ship with the same default root password (“nosoup4u”). If you’ve connected the GuruPlug to the Internet and left SSH open to the outside, it’s a good idea to change the root password.
Run the SSH daemon on another port
If connected to the Internet, you should obviously install some firewall
rules. I set things up so that there’s a
firewall.sh script in
/usr/local/sbin, that fires whenever
dhclient(8) gets a new Internet
address from my provider.