Use an OLSR node as a default gateway to Internet

If using a cube, we use the default 802.11b card (wlan0) for OLSR, and the internet uplink is on the ethernet port (eth0). The mesh IP is 10.0.CB.ID (as explained in [new]]) on the mesh-cube WiFi network. Finally, as this cube will be directly accessible via the Internet, one has to set up a non-trivial root password.

:!:A small script and set of files have been gathered to ease the configuration of the Cubes, refer to the specific section in the 4G Cube setup guide.:!:

Currently, an old Dell OptiPlex GX1 does the job: imara-olsr-gw.inria.fr, the login to use on this box for administrative purposes is olsr as root logins are (voluntarily) disabled.

Deprecated method kept for reference

IP Configuration

/etc/network/interfaces:

auto lo eth0 wlan0

iface lo inet loopback

iface eth0 inet dhcp
    alias conf 192.168.0.250

iface wlan0 inet static
    address 10.0.CB.ID
    netmask 255.255.0.0
    wireless_channel 11
    wireless_essid cube-mesh
    wireless_mode ad-hoc

Comment out the dhcp-range line in /etc/dnsmasq.conf to disable the DHCP service.

Finally, make room for the DHCP-obtained resolv.conf file.

# rm /etc/resolv.conf
# touch /etc/resolv.conf

Firewall configuration

Nylon (4G Cubes' Linux distribution)

/etc/firewall/firewall.conf (only the relevant parts):

FW_ENABLE="yes"
FW_MNG_IF="eth0 ath0 wlan0"
FW_EXT_IF="eth0"
FW_INT_IF="wlan0 ath0"
FW_NAT="yes"
FW_NAT_IF="eth0"
FW_ALLOW_ALL="no"
FW_OLSR="yes"

We want some services provided by the plugins to be accessible from outside. A simple firewall script has to be added to do so, /etc/init.d/zzplugins-firewal:

#!/bin/bash
 
function plugins-fw_start() {
        iptables -A INPUT -p tcp --dport 2004 -j ACCEPT
        iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
}
 
# Stopping the service may generate an error if the tables have already been flushed
# This can safely been ignored.
function plugins-fw_stop() {
        iptables -D INPUT -p tcp --dport 2004 -j ACCEPT
        iptables -D INPUT -p tcp --dport 8080 -j ACCEPT
}
 
case $1 in
        start)
                plugins-fw_start
                ;;
        stop)
                plugins-fw_stop
                ;;
        restart)
                plugins-fw_stop
                plugins-fw_start
                ;;
esac

Regular Linux

A ready to used firewalling script is available in the LaRA-com SVN repository.

The installation is quite easy:

# cp olsr-gw-firewall.sh /etc/init.d
# update-rc.d olsr-gw-firewall.sh defaults 20
  /etc/rc2.d/S20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh
  /etc/rc3.d/S20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh
  /etc/rc4.d/S20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh
  /etc/rc5.d/S20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh
  /etc/rc0.d/K20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh
  /etc/rc1.d/K20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh
  /etc/rc6.d/K20olsr-gw-firewall.sh -> ../init.d/olsr-gw-firewall.sh

:!: Don't forget to install and run DNSMASQ.

OLSR configuration

/etc/olsrd.conf (only the relevant parts):

Hna4
{
        0.0.0.0 0.0.0.0
}
LoadPlugin "olsrd_nameservice.so.0.2"
{
        PlParam "name" "imara-cube-CBID"
        #PlParam "dns-server" "" #FIXME: try and see if it works, it should
        PlParam "dns-server" "10.0.CB.ID"
}
 
imara/platforms/hardware/communications/4gcube/defaulthna.txt · Last modified: 2011/02/05 15:52 by Paulo RESENDE
Recent changes · Show pagesource · Login