Assuming OpenWRT operates with a LAN and WAN zone a filter in the FORWARDING chain that rejects packets is enough. ASN lists could be used to block large numbers of IPs belonging to certain companies. This section will focus on option 4 using a wireless interface mac-filter property to deny access for a list of MACs. This is a simple. Base MAC Address: aa:bb:cc:dd:ee:ff. (acd1@acd1-VirtualBox) (gcc version 5.3.0 (OpenWrt GCC 5.3.0 r49264) ) #2 Sat Apr 30 08:45:52 UTC 2016 0.000000 Detected.
- Openwrt Mac Address Whitelist
- Openwrt Clone Mac
- Openwrt Format Usb
- Openwrt Block Mac Address
- Openwrt Format Usb Drive
- Openwrt For Mac Os
Some time ago I had to connect a device to my network that could be only connected via network wire. Unfortunately there was no access to a switch or something similar nearby. But my network (of course) has a wifi access point that my device could connect to if it would have a wifi adapter.
So how could I connect my device to the network as if it was connected by wire? It should behave just like a normal network client and for example get an ip address via DHCP, have the ability to connect to other LAN clients etc.
Solution is easy & very cheap. A (almost) transparent LAN/WLAN bridge!
Config host option ip 192.168.1.22 option mac 00:11:22:33:44:55 option name mydesktop. Add a fixed IPv4 address 192.168.1.23, IPv6 interface identifier (address suffix) 23 and name mylaptop for a machine with the MAC address 11:22:33:44:55:66 or aa:bb:cc:dd:ee:ff and DUID 000100004fd454041c6f65d26f43. I am trying to change the MAC address of my OpenWRT router. But when I look at the wireless MAC that is broadcast with the SSID I see the original MAC. I have luci and I go to Network-Interfaces-Edit-Advanced Settings-Override MAC Address. I put in a MAC and I save it. How can I do MAC filtering in the web GUI. Posted by 4 months ago. For building custom images from my target's imagebuilder so I never upgrade packages and for the most part want my OpenWRT systems to be throw-away; I build new images to update. However I've had a hard time getting sysupgrade to keep /only/ the SSH host key.
Read on to see how you could setup such a bridge easily using a GUI (LuCI).
Notes
What we setup here is basically a routed client as described here: https://wiki.openwrt.org/doc/recipes/relayclient. It is called a pseudobridge in the article because technically it is a router pimped by some software to act like a bridge.
Whenever I refer to the ‘router’ I mean the TP-Link TL-WR841N device we are working on and not some router that may exist in your network.
Hardware
For my solution I use the very cheap and simple router TP-Link TL-WR841N. On this device you can easily install the custom firmware that we will need.
The TL-WR841N I am using here works pretty well for this setup but is not recommended by OpenWrt anymore due to low flash/ram. So in case you want to upgrade to a newer version of OpenWrt in the future choose a device with more flash/ram.
Prerequisites
In order to be able to do the setup you need a few things:
- A working access point that has access to the internet
- A desktop/notebook with an SSH client (e.g. PuTTY)
- A network cable to connect desktop/notebook to the router
1. Install custom firmware (OpenWrt) on router
There are many very good tutorials how to install the custom firmware OpenWrt on a TL-WR841N. Therefore I am not describing this step.
I recommend sticking with the install instructions on the OpenWrt-Website, which in my case was: https://openwrt.org/toh/tp-link/tl-wr841nd#installation
I recommend sticking with the install instructions on the OpenWrt-Website, which in my case was: https://openwrt.org/toh/tp-link/tl-wr841nd#installation
For this tutorial I used release 18.06.04 of OpenWrt.
2. Reset (optional)
If you just installed the custom firmware you may ommit this step. But if you already twiddled with it or need to reset because you messed something up, just do this:
- Power off the device
- Remove all cables (except the power cable of course)
- Press the reset button and keep it pressed
- Power on the device (keep the reset button pressed)
- Watch the status LEDs (keep the reset button pressed)
- The lock LED turns on (keep the reset button pressed)
- The lock LED turns off (keep the reset button pressed)
- The lock LED starts blinking (keep the reset button pressed)
- The lock LED starts to illuminate constantly
- Immediately release the reset button
- The device now resets to OpenWrt default configuration. During this process all LEDs may blink
- Wait till the lock LED illuminates constantly again
Now your device is reset to OpenWrt defaults and we can start to configure our LAN/WLAN bridge.
3. First steps
- Connect your desktop/laptop via network cable to the router using port 1
- Ensure, that your computer isn’t connected to any other network, e.g. via WLAN
- On your computer enable DHCP for your ethernet device
- On your computer open a browser window and visit http://192.168.1.1 which is the GUI/frontend of your OpenWrt router
- Initially there is no password set, so be sure there is no password in the password field and click Login
4. Set your password
- In the menu go to System/Adminstration
- Choose a password and enter it in the fields Password and Confirmation
- At the bottom of the page press Save & Apply
5. Set the ip address of your router
Your router needs to have an ip address that is outside of your LAN. Otherwise the bridging will not work. This will also be the address you have to use when you need to configure your router. So just choose an ip address that you normally never would use and you are save ?
I chose 192.168.15.1 for my router as the whole subnet 192.168.15.0/24 isn’t yet used. If you choose another address remember to replace 192.168.15.1 in every part of this guide.
I chose 192.168.15.1 for my router as the whole subnet 192.168.15.0/24 isn’t yet used. If you choose another address remember to replace 192.168.15.1 in every part of this guide.
- In the menu go to Network/Interfaces
- For the interface LAN click on action Edit
- In the field IPv4 address enter your new ip address, in my case 192.168.15.1
- Because the bridge should be transparent, we have to disable the DHCP server. Therefore find the DHCP section and check the Ignore Interface option
- Click Save & Apply
- In current versions of OpenWrt you get a “Configuration has been rolled back!” alert which is because of the changed ip address your browser and the router cannot communicate anymore. This is perfectly normal. Please just click Apply unchecked and wait till the (also normal) “Device unreachable” message appears.
From now on your router is reachable with its new address 192.168.15.1. Because we disabled the DHCP server your computer will not get a new ip address automatically. You have to set it manually now:
- Give your computer a new ip address that belongs to the new subnet. I gave the ethernet adapter of my notebook the ip address 192.168.15.2 and netmask 255.255.255.0
To resume configuration you have to reconnect to the router now.
- In your web browser go to http://192.168.15.1 which is the new URL of the router frontend
- Login in with username root and your password
6. Remove unneeded wireless connection
As we don’t want the router to work as an access point we have to delete the automatically generated wireless connection.
- In the menu go to Network/Wireless
- Find the connection with SSID “OpenWrt” and mode “Master”.
- Click Remove
- Confirm removal in the popped up dialog
7. Connect router to your WLAN
- In the menu go to Network/Wireless
- Click Scan in the upper right
- When the scan is finished choose the network you want to join and click Join Network
- In the appearing dialog enter the passphrase of the WLAN you want to join
- Click Submit
- Click Save & Apply
If everything went well, your router should now be connected to your network and have access to the internet. This can be checked easily:
- Go to Network/Diagnostics
- Click on Ping
If the ping was successful it should result in something like shown on the right.
8. Install relayd on router
![Openwrt For Mac Openwrt For Mac](/uploads/1/3/4/7/134719233/936482635.jpg)
- With the SSH client of your choice (e.g. PuTTY) connect to your router using ip address 192.168.15.1. Rember to connect as user root. In linux for example you would have to connect like
- Enter the password you set for OpenWrt in step 4
- Do an pkg update:
- Install relayd
- Install relayd protocol for LuCI
- Activate relayd:
- End SSH session:
9. Configure bridge via web GUI
- Open your browser and visit http://192.168.15.1 again.
- Login in with username root and your password
- In the menu go to Network/Interfaces
- Click Add new interface
- In the Name of the new interface field enter stabridge
- In the Protocol of the new interface dropdown choose Relay bridge
- Click Submit
- In the Relay between networks section check lan: and wwan:
- Click Save & Apply
10. Adjusting firewall rules
- In the menu go to Network/Firewall
- In the Zones section Add
- In the Name field enter bridgezone
- In the Forward dropdown choose accept
- In the Covered networks section check lan: and wwan:
- Anything else stays unchanged
- Click Save & Apply
11. Restart router and test
- In the menu go to System/Reboot
- Click Perform reboot
Your setup is now finished. Any device that is connected to a port of the router (except the WAN port) should now behave like it would be directly connected to the LAN by wire.
To test this with my notebook I did the following steps:
- Disabled my wifi adapter
- Set my ethernet connection back to DHCP
The result is that my central DHCP server gave me a new ip address and I have full access to the internet and all devices in my local network.
Exactly what I wanted. This way I can extend my network to wire-only devices even when there is no network socket available.
Mission complete ?
Closing remarks
Remember that the configured router has the static ip address 192.168.15.1 which is very likely not reachable in the local network, e.g. because it has subnet 192.168.1.0/24. If you want to access the router itself, e.g. to make changes to the configuration like connecting to a different wifi network you would have to set the ip of your computer to 192.168.15.2 so it would be able to connect to 192.168.15.1. Additionally the router is configured to ask for an own ip address via DHCP (via interface WWAN). So you may lookup the address and connect to that ip. This works from any device in the network but the ones that are connected directly to the ports of the router.
Was this article helpful?
Openwrt Mac Address Whitelist
Consider buying me a coffee to keep my brain fueled ?
Tagged with: bridge, LuCI, network, OpenWrt, WLAN
Opened 11 years ago
Closed 11 years ago
Last modified 4 years ago
#1014closedenhancement (fixed)
Reported by: | Owned by: | developers | |
---|---|---|---|
Priority: | normal | Milestone: | Barrier Breaker 14.07 |
Component: | base system | Version: | |
Keywords: | Cc: |
Attachments (1)
Openwrt Clone Mac
- config.sh.patch (188 bytes) - added by MMCM11 years ago.
Download all attachments as: .zip
Exe mac free download - Youtube EXE, Exe to Msi Converter Free, FardaSaz EXE to SWF, and many more programs. Exe mac free download - WinZip Mac, Avast Free Mac Security, AVG AntiVirus for Mac, and many more programs. ![Mac](http://www.wikihow.com/images/a/a7/Open-Exe-Files-on-Mac-Step-20-Version-3.jpg)
![Mac](http://www.wikihow.com/images/a/a7/Open-Exe-Files-on-Mac-Step-20-Version-3.jpg)
Change History (8)
Changed 11 years ago by MMCM
- Attachmentconfig.sh.patch added
comment:2 Changed 11 years ago by nbd
- Resolution set to fixed
- Status changed from new to closed
comment:3 Changed 11 years ago by MMCM
Openwrt Format Usb
- Resolutionfixed deleted
- Status changed from closed to reopened
comment:5 Changed 11 years ago by MMCM
comment:6 Changed 11 years ago by nbd
Openwrt Block Mac Address
- Resolution set to fixed
- Status changed from reopened to closed
Openwrt Format Usb Drive
comment:7 Changed 4 years ago by jow
Openwrt For Mac Os
- Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07