HOWTO Batbox a WRT54G v4 hardware (and safely turn boot_wait=on)

HOWTO Batbox a WRT54G v4 hardware (and safely turn boot_wait=on)

First off, here's the standard disclaimer. Anything you do here is at
your own risk & peril. This is for your education from my personal
experience.

Before all the WRT54G v4 boxes leave the shelves (to be replace the
same physical insides but re-branded WRT54GL) I headed over to Wally
World and grabbed another for $50. Don't forget make sure the serial
number on the box bottom does NOT start with CDFB* (v5 hardware).

Now having 2 stock WRT54G v4, I thought I should provide a HOWTO Batbox
your WRT54G v4 and post some related reference articles for those
tinkering with their WRT54G. Unfortunately, the BB is not letting me
attach them as text or even zipped up. I'll try posting them again
shortly.

Reference: WRT54G v4 stock NVRAM Settings
Reference: WRT54G v4 stock file listings

First of all. Even if you decide not to apply any 3rd party firmware
.... Please consider running the Batbox distro and set your
"boot_wait=on". This will CYA from other issues you can't even dream
of, like static discharge scrambling, etc. It's really silly Linksys
didn't turn this on by default for its customers. Read on for the
simple details on how to do this.

I titled this "(and safely turn boot_wait=on)" because to enable this
feature, other 3rd party firmware overwrite your existing firmware
which violates your warranty. Personally, I'm cautionary. Doing my
research and not quite ready to potentially brick my first WRT54G v4,
I've decide to use the Batbox distro. It is strictly RAM based. If you
loose power or updated with Official firmware, you have to re-run the
wrt54g.sh - every time. A small inconvenience for safety.

There should be plenty of info the Batbox distro being one of the
oldest. This is straight walk-thru for those using Cygwin. Those using
a *nix (including Mac OS X), your mileage should be similar - make the
Cygwin parts relative to your needs.

BTW, there is a couple of Cygwin requirements. You need to install ttcp
and wget (curl could also replace wget).

1. Go download the Batbox from http://www.batbox.org/wrt54g-0.6.tar.gz
If you want a bit of detail, read over
http://www.batbox.org/wrt54g-linux.html.

2. Expand the wrt54g-0.6.tar.gz

3. Optional, but recommended, read the README, INSTALL and the FAQ.txt
- particularly those using a *nix or Mac box.

4. We have to make two edits to the wrt54g.sh. One for using
Cygwin/*nix to use wget. The other for using a WRT54G v4 since the WAN
& LAN assignments have changed. (If you aren't using 192.168.1.1, you
should also edit line 5)

4.a. Uncomment line 64 & 65. (If using curl, uncomment 68 & 69. I
didn't use curl so reply to the is post to help out others):
###
PROGRAM="wget --quiet --http-user=$USER --http-passwd=$PASSWORD"
EXTRA=""
###
4.b. Now edit the wrt54g.sh for the WRT54G v4. Make a backup before you
edit. NOTE: eth0 is now the WAN

4.b.1. copy line 257 twice ( # iptables -A INPUT -j DROP -i eth1
--protocol tcp --destination-port 23 )
4.b.2. uncomment the new lines and change "-i eth1" to "-i eth0" in
both
4.b.3. change one of the lines so the --destination-port from "23" to
"8000". NOTE: Batbox will start a httpd on port 8000 that is without
any security or SSL layer. To stop that you either need to drop or
reject port 8000 on eth0.

It should look like this:
###
# iptables -A INPUT -j DROP -i eth1 --protocol tcp --destination-port
23
iptables -A INPUT -j DROP -i eth0 --protocol tcp --destination-port 23
iptables -A INPUT -j DROP -i eth0 --protocol tcp --destination-port
8000
###

4.b.4. If you will be using the Batbox telnet and http access over the
wireless connection, you'll need to comment out ( ie. "#") what was
lines 260 through 264 as WLAN is not part of the LAN group. Also, to
settle your nerves, the -j REJECT lines are not needed since your two
new lines -j DROP anything for those ports - so I commented them out
anyway.

5. We're around half way done. All the work to this point is just
making everything custom for your box.

6. Plug in all the network cabling. It's best to do it wired the first
time. Also, your WRT54G must first have had a WAN connection before the
BatBox load will work. It doesn't matter how; it just needs to be
"active".

7. Open a Cygwin terminal.
8. Copy the /bin/ttcp.exe to your directory with your wrt54g.sh custom
script.
9. Run your copy of the wrt54g.sh script: ./wrt54g.sh adminpassword

REMEMBER: It must first have had a WAN connection before the BatBox
load will work. Otherwise you get the
###
ttcp-t: connect: Connection refused
errno=111
ttcp error, status is 1
###
10. If successful, you should see this:
###
$ ./wrt54g.sh
Router Password? admin

Installing to 192.168.1.1
Making copy of receive tool
Starting receive tool
Sending bootstrap
ttcp-t: socket
ttcp-t: connect
Sending busybox
ttcp-t: socket
ttcp-t: connect
Sending distro.tar
ttcp-t: socket
ttcp-t: connect
Complete

You may now telnet to 192.168.1.1
You can connect a browser to http://192.168.1.1:8000/
###

NOTE: If you change your settings to disable via HTTP (and only use
HTTPS) it could kill the busybox webserver.

11. Telnet in to 192.168.1.1. It's time to protect ourselves by turning
on boot_wait. Issue the following commands to validate you have
boot_wait turned on. Without out it, any freak accident or firmware
hacking you do could "brick" your WRT54G:
===
nvram get boot_wait
#( if OFF, continue the following steps )
nvram set boot_wait=on
nvram get boot_wait
#( it should be set ON now )
nvram commit
nvram get boot_wait
#( one more time for comfort)

12. Sit back, look around, and "Have a coke and a smile" - for yourself
& Richard Pryor (We'll be missing you.)

Now you can start thinking of ways to enhance or mod your Batbox
distro. Things like busybox/hush shell CGI scripts.

Maybe you may want to read:
The docs on how to upload dropbear for SSH/SFTP and others found in the
wrt54g-0.6/options directory of the archive.
http://www.batbox.org/wrt54g.html - using Snort for Batbox
http://nocat.net/~rob/wrt54g/ - offers NoCatSplash for Batbox

Over the holiday break, I'm hoping to get started on gathering several
open source distro's sources for similar devices, and building
additional utils for my WRT54G Batbox. I don't want to cram the world
in it, just the tools I need on demand. BTW, it was mentioned in the
Batbox docs & site somewhere that NFS is currently broken. A mountable
remote filesystem is one of the first goals that should be achieved.

Later, Markus.

(E-Mail Removed) wrote in
news:(E-Mail Removed) oups.com:

> HOWTO Batbox a WRT54G v4 hardware (and safely turn boot_wait=on)
>
> First off, here's the standard disclaimer. Anything you do here
> is at your own risk & peril. This is for your education from my
> personal experience.
>
> Before all the WRT54G v4 boxes leave the shelves (to be replace
> the same physical insides but re-branded WRT54GL) I headed over
> to Wally World and grabbed another for $50. Don't forget make
> sure the serial number on the box bottom does NOT start with
> CDFB* (v5 hardware).
>
> Now having 2 stock WRT54G v4, I thought I should provide a HOWTO
> Batbox your WRT54G v4 and post some related reference articles
> for those tinkering with their WRT54G. Unfortunately, the BB is
> not letting me attach them as text or even zipped up. I'll try
> posting them again shortly.
>
> Reference: WRT54G v4 stock NVRAM Settings
> Reference: WRT54G v4 stock file listings
>
> First of all. Even if you decide not to apply any 3rd party
> firmware ... Please consider running the Batbox distro and set
> your "boot_wait=on". This will CYA from other issues you can't
> even dream of, like static discharge scrambling, etc. It's
> really silly Linksys didn't turn this on by default for its
> customers. Read on for the simple details on how to do this.
>
> I titled this "(and safely turn boot_wait=on)" because to enable
> this feature, other 3rd party firmware overwrite your existing
> firmware which violates your warranty. Personally, I'm
> cautionary. Doing my research and not quite ready to potentially
> brick my first WRT54G v4, I've decide to use the Batbox distro.
> It is strictly RAM based. If you loose power or updated with
> Official firmware, you have to re-run the wrt54g.sh - every
> time. A small inconvenience for safety.
>
> There should be plenty of info the Batbox distro being one of
> the oldest. This is straight walk-thru for those using Cygwin.
> Those using a *nix (including Mac OS X), your mileage should be
> similar - make the Cygwin parts relative to your needs.
>
> BTW, there is a couple of Cygwin requirements. You need to
> install ttcp and wget (curl could also replace wget).
>
> 1. Go download the Batbox from
> http://www.batbox.org/wrt54g-0.6.tar.gz If you want a bit of
> detail, read over http://www.batbox.org/wrt54g-linux.html.
>
> 2. Expand the wrt54g-0.6.tar.gz
>
> 3. Optional, but recommended, read the README, INSTALL and the
> FAQ.txt - particularly those using a *nix or Mac box.
>
> 4. We have to make two edits to the wrt54g.sh. One for using
> Cygwin/*nix to use wget. The other for using a WRT54G v4 since
> the WAN & LAN assignments have changed. (If you aren't using
> 192.168.1.1, you should also edit line 5)
>
> 4.a. Uncomment line 64 & 65. (If using curl, uncomment 68 & 69.
> I didn't use curl so reply to the is post to help out others):
> ###
> PROGRAM="wget --quiet --http-user=$USER --http-passwd=$PASSWORD"
> EXTRA=""
> ###
> 4.b. Now edit the wrt54g.sh for the WRT54G v4. Make a backup
> before you edit. NOTE: eth0 is now the WAN
>
> 4.b.1. copy line 257 twice ( # iptables -A INPUT -j DROP -i eth1
> --protocol tcp --destination-port 23 )
> 4.b.2. uncomment the new lines and change "-i eth1" to "-i eth0"
> in both
> 4.b.3. change one of the lines so the --destination-port from
> "23" to "8000". NOTE: Batbox will start a httpd on port 8000
> that is without any security or SSL layer. To stop that you
> either need to drop or reject port 8000 on eth0.
>
> It should look like this:
> ###
> # iptables -A INPUT -j DROP -i eth1 --protocol tcp
> --destination-port 23
> iptables -A INPUT -j DROP -i eth0 --protocol tcp
> --destination-port 23 iptables -A INPUT -j DROP -i eth0
> --protocol tcp --destination-port 8000
> ###
>
> 4.b.4. If you will be using the Batbox telnet and http access
> over the wireless connection, you'll need to comment out ( ie.
> "#") what was lines 260 through 264 as WLAN is not part of the
> LAN group. Also, to settle your nerves, the -j REJECT lines are
> not needed since your two new lines -j DROP anything for those
> ports - so I commented them out anyway.
>
> 5. We're around half way done. All the work to this point is
> just making everything custom for your box.
>
> 6. Plug in all the network cabling. It's best to do it wired the
> first time. Also, your WRT54G must first have had a WAN
> connection before the BatBox load will work. It doesn't matter
> how; it just needs to be "active".
>
> 7. Open a Cygwin terminal.
> 8. Copy the /bin/ttcp.exe to your directory with your wrt54g.sh
> custom script.
> 9. Run your copy of the wrt54g.sh script: ./wrt54g.sh
> adminpassword
>
> REMEMBER: It must first have had a WAN connection before the
> BatBox load will work. Otherwise you get the
> ###
> ttcp-t: connect: Connection refused
> errno=111
> ttcp error, status is 1
> ###
> 10. If successful, you should see this:
> ###
> $ ./wrt54g.sh
> Router Password? admin
>
> Installing to 192.168.1.1
> Making copy of receive tool
> Starting receive tool
> Sending bootstrap
> ttcp-t: socket
> ttcp-t: connect
> Sending busybox
> ttcp-t: socket
> ttcp-t: connect
> Sending distro.tar
> ttcp-t: socket
> ttcp-t: connect
> Complete
>
> You may now telnet to 192.168.1.1
> You can connect a browser to http://192.168.1.1:8000/
> ###
>
> NOTE: If you change your settings to disable via HTTP (and only
> use HTTPS) it could kill the busybox webserver.
>
> 11. Telnet in to 192.168.1.1. It's time to protect ourselves by
> turning on boot_wait. Issue the following commands to validate
> you have boot_wait turned on. Without out it, any freak accident
> or firmware hacking you do could "brick" your WRT54G:
> ===
> nvram get boot_wait
> #( if OFF, continue the following steps )
> nvram set boot_wait=on
> nvram get boot_wait
> #( it should be set ON now )
> nvram commit
> nvram get boot_wait
> #( one more time for comfort)
>
> 12. Sit back, look around, and "Have a coke and a smile" - for
> yourself & Richard Pryor (We'll be missing you.)
>
> Now you can start thinking of ways to enhance or mod your Batbox
> distro. Things like busybox/hush shell CGI scripts.
>
> Maybe you may want to read:
> The docs on how to upload dropbear for SSH/SFTP and others found
> in the wrt54g-0.6/options directory of the archive.
> http://www.batbox.org/wrt54g.html - using Snort for Batbox
> http://nocat.net/~rob/wrt54g/ - offers NoCatSplash for Batbox
>
> Over the holiday break, I'm hoping to get started on gathering
> several open source distro's sources for similar devices, and
> building additional utils for my WRT54G Batbox. I don't want to
> cram the world in it, just the tools I need on demand. BTW, it
> was mentioned in the Batbox docs & site somewhere that NFS is
> currently broken. A mountable remote filesystem is one of the
> first goals that should be achieved.
>
> Later, Markus.
>

Errm, yeah right.
Thanks for sharing that.
BTW: Which planet are you calling from?

"Frazer Jolly Goodfellow" <no-(E-Mail Removed)> wrote in message
news:Xns972A1BAD8889frz@80.5.182.99...
>>
>> Over the holiday break, I'm hoping to get started on gathering
>> several open source distro's sources for similar devices, and
>> building additional utils for my WRT54G Batbox. I don't want to
>> cram the world in it, just the tools I need on demand. BTW, it
>> was mentioned in the Batbox docs & site somewhere that NFS is
>> currently broken. A mountable remote filesystem is one of the
>> first goals that should be achieved.
>>
>> Later, Markus.
>>
>
> Errm, yeah right.
> Thanks for sharing that.
> BTW: Which planet are you calling from?

One where they snip long posts?

;-)

On Mon, 12 Dec 2005, Shawk wrote:
...
>> Errm, yeah right.
>> Thanks for sharing that.
>> BTW: Which planet are you calling from?
>
> One where they snip long posts?
>
> ;-)


Actually, I wish he'd shared this long ago (if I'm following the
implications). I'm using an Asus WL-330g as a wireless, 802.11b, wi-fi
ethernet adapter. Sure, I can connect the WL-330g into a switch, and then
several computers into that switch and everything works fine -- providing
it's a pure windows environment.

The Linksys device is comparably priced with better capabilities, once
hacked. Of course, the Linksys one is a bit heavier and clunkier, but
superior all around.


-Thufir