It’s been a while since I tried to do anything additionally funky with my dd-wrt router but I thought that it was about time.
The router is a Linksys E3000 device with the following firmware: DD-WRT v24-sp2 (08/12/10) mega – build 14929, what I wanted to do was to create a squid proxy server and a time machine. I had been using the device to run optware with asterisk on a single USB drive but I wanted to have some additional storage on mulitple USB devices.
The first thing that I found was that additional devices were all mounted in the same location – this has been identified as a problem with the compilation of the kernel (item scsi_mod max_scsi_luns=8) in this thread http://www.dd-wrt.com/phpBB2/viewtopic.php?t=62270&sid=95c20d22d2ea66b7962cb9c86e0faa73
There are a number of ways to rectify this, the “proper” way would be to recompile the kernel but given that the option is set to M, we can overwrite the settings if we can run a startup script.
There is a startup script in /jffs but I found that the filesystem is mounted as ro – there is a way to change this by going to the web frontend -> Administration -> Management -> [*] JFFS2 Enable -> [*] CLEAN JFFS2. Reboot.
root@fleb:~# mkdir -p /jffs/etc/config
root@fleb:~# vi /jffs/etc/config/mount_drives.startup
#!/bin/sh
# from: http://www.dd-wrt.com/phpBB2/viewtopic.php?p=632239
/sbin/rmmod scsi_wait_scan
/sbin/rmmod sd_mod
/sbin/rmmod usb-storage
/sbin/rmmod scsi_mod
/sbin/insmod /lib/modules/`uname -r`/scsi_mod.o
# make the magic happen
/bin/echo 8 > /sys/module/scsi_mod/parameters/max_luns
/sbin/insmod /lib/modules/`/bin/uname -r`/sd_mod.o
/sbin/insmod /lib/modules/`/bin/uname -r`/scsi_wait_scan.o
/sbin/insmod /lib/modules/`/bin/uname -r`/usb-storage.o
/sbin/insmod /lib/modules/`/bin/uname -r`/mbcache.o
/sbin/insmod /lib/modules/`/bin/uname -r`/jbd.o
/sbin/insmod /lib/modules/`/bin/uname -r`/ext3.o
#now the modules are loaded, time to mount as needed…
/bin/umount -a -f
mount /dev/discs/disc0/part1 /opt
# Mount as per:
# http://www.cyberciti.biz/faq/rhel-centos-debian-fedora-mount-partition-label/
mount -L timemachine /jffs/mnt/timemachine
mount -L SQUID /jffs/mnt/SQUID
root@fleb:~# chmod +x /jffs/etc/config/mount_drives.startup
——–
Problems with mounting disks solved here: http://www.dd-wrt.com/phpBB2/viewtopic.php?p=501369
root@fleb:~# mount /dev/sda3 /jffs/mnt/apps/
root@fleb:~# df -h
Filesystem Size Used Available Use% Mounted on
/dev/root 5.6M 5.6M 0 100% /
/dev/mtdblock/4 832.0K 220.0K 612.0K 26% /jffs
/dev/discs/disc0/part1
388.8M 214.6M 170.2M 56% /opt
/dev/discs/disc0/part3
388.8M 214.6M 170.2M 56% /opt
/dev/discs/disc1/part1
388.8M 214.6M 170.2M 56% /opt
/dev/discs/disc0/part1
388.8M 214.6M 170.2M 56% /opt
/dev/sdb1 916.9G 71.6M 907.5G 0% /jffs/mnt/timemachine
/dev/sdc1 6.9G 15.7M 6.8G 0% /jffs/mnt/SQUID
/dev/sdb1 916.9G 71.6M 907.5G 0% /tmp/e
/dev/sdc1 6.9G 15.7M 6.8G 0% /tmp/d
/dev/sda3 3.0G 72.6M 2.9G 2% /jffs/mnt/apps
root@fleb:~# service automount start
Start service “automount” (/opt/etc/init.d/S35automount)
service: Start service: “automount” (/opt/etc/init.d/S35automount)
S35automount: Mount ext2 partition “/dev/sda3″ on /tmp/c with mount
mount: /dev/sda3 already mounted or /tmp/c busy
mount: according to mtab, /dev/sda3 is mounted on /jffs/mnt/apps
S35automount: Failed to automount 177c9295-4e2d-4a91-845b-2cf7efd778b1 to /tmp/c
root@fleb:~# df -h
Filesystem Size Used Available Use% Mounted on
/dev/root 5.6M 5.6M 0 100% /
/dev/mtdblock/4 832.0K 220.0K 612.0K 26% /jffs
/dev/discs/disc0/part1
388.8M 214.6M 170.2M 56% /opt
/dev/discs/disc0/part3
388.8M 214.6M 170.2M 56% /opt
/dev/discs/disc1/part1
388.8M 214.6M 170.2M 56% /opt
/dev/discs/disc0/part1
388.8M 214.6M 170.2M 56% /opt
/dev/sdb1 916.9G 71.6M 907.5G 0% /jffs/mnt/timemachine
/dev/sdc1 6.9G 15.7M 6.8G 0% /jffs/mnt/SQUID
/dev/sdb1 916.9G 71.6M 907.5G 0% /tmp/e
/dev/sdc1 6.9G 15.7M 6.8G 0% /tmp/d
/dev/sda3 3.0G 72.6M 2.9G 2% /jffs/mnt/apps
Now, give timemachine the correct permissions to the share –
root@fleb:/opt/etc/netatalk# chmod -R 777 /jffs/mnt/timemachine
I had some problems with the ipkg version of netatalk (turns out the problem was with permissions on the fileshare) so I used the version available: .
Now, configure the settings that are required for setting up time machine (the majority of the settings are as per the above link).
root@fleb:/opt/etc/netatalk# vi /opt/etc/netatalk/AppleVolumes.default
# The line below sets some DEFAULT, starting with Netatalk 2.1.
EFAULT: options:upriv,usedots
/jffs/mnt/timemachine “TimeMachine” cnidscheme:cdb options:tm
root@fleb:/opt/etc/netatalk# vi /opt/etc/netatalk/afpd.conf
- -transall -nouservol -setuplog “default log_info /var/log/afpd.log” -defaultvol /opt/etc/netatalk/AppleVolumes.default -systemvol /opt/etc/netatalk/AppleVolumes.system -passwdfile /opt/etc/netatalk/afppasswd -uamlist uams_clrtxt.so,uams_guest.so,uams_randnum.so,uams_dhx.so,uams_dhx2.so -nosavepassword -advertise_ssh
root@fleb:/opt/etc/netatalk# vi /opt/etc/netatalk/netatalk.conf
# Appletalk configuration
# Change this to increase the maximum number of clients that can connect:
AFPD_MAX_CLIENTS=50
# Change this to set the machine’s atalk name and zone, the latter containing
# the ‘@’ sign as first character — compare with nbp_name(3) if in doubt
#
# NOTE: If Netatalk should register AppleTalk services in the standard zone
# then you need not to specify a zone name here.
#
# If your zone has spaces in it, you’re better off specifying
# it in afpd.conf if you realize that your distribution doesn’t
# handle spaces correctly in the startup script. Remember to use
# quotes here if the zone name contains spaces.
#
#ATALK_ZONE=”@some zone”
ATALK_NAME=`echo ${HOSTNAME}|cut -d. -f1`
# specify the Mac and unix charsets to be used
ATALK_MAC_CHARSET=’MAC_ROMAN’
ATALK_UNIX_CHARSET=’LOCALE’
# specify this if you don’t want dhx and dhx2
# available options: uams_guest.so, uams_clrtxt.so,
# uams_dhx.so, uams_dhx2.so,
# uams_randnum.so
#AFPD_UAMLIST=”-U uams_dhx.so,uams_dhx2.so”
# Change this to set the id of the guest user
AFPD_GUEST=nobody
# Set which daemons to run (papd is dependent upon atalkd):
ATALKD_RUN=no
PAPD_RUN=no
CNID_METAD_RUN=yes
AFPD_RUN=yes
TIMELORD_RUN=no
A2BOOT_RUN=no
# Control whether the daemons are started in the background
ATALK_BGROUND=no
# export the charsets, read form ENV by apps
export ATALK_MAC_CHARSET
export ATALK_UNIX_CHARSET
root@fleb:/opt/etc/netatalk# vi /opt/etc/avahi/avahi-daemon.conf
# This file is part of avahi.
#
# avahi is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# avahi is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with avahi; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA.
# See avahi-daemon.conf(5) for more information on this configuration
# file!
[server]
host-name=fleb
#domain-name=local
# browse-domains=0pointer.de, zeroconf.org
use-ipv4=yes
use-ipv6=yes
##allow-interfaces=br0
#deny-interfaces=eth1
#check-response-ttl=no
#use-iff-running=no
enable-dbus=no
#disallow-other-stacks=no
#allow-point-to-point=no
#cache-entries-max=4096
#clients-max=4096
#objects-per-client-max=1024
#entries-per-entry-group-max=32
ratelimit-interval-usec=1000000
ratelimit-burst=1000
[wide-area]
enable-wide-area=yes
[publish]
#disable-publishing=no
#disable-user-service-publishing=no
#add-service-cookie=no
#publish-addresses=yes
#publish-hinfo=yes
#publish-workstation=yes
#publish-domain=yes
#publish-dns-servers=192.168.50.1, 192.168.50.2
#publish-resolv-conf-dns-servers=yes
#publish-aaaa-on-ipv4=yes
#publish-a-on-ipv6=no
[reflector]
#enable-reflector=no
#reflect-ipv=no
[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3
root@fleb:/opt/etc/netatalk# vi /opt/etc/avahi/services/afpd.service
root@fleb:/opt/etc/netatalk# vi /opt/etc/init.d/S55avahi
#!/bin/sh
#start avahi-daemon
#rm /tmp/dbus.pid
#addgroup netdev
#dbus-daemon –system
adduser avahi
/opt/sbin/avahi-daemon -D
return 1
root@fleb:/opt/etc/netatalk# chmod +x /opt/etc/init.d/S55avahi
root@fleb:/opt/etc/netatalk# vi /opt/etc/init.d/S80afpd
#!/bin/sh
# Start afpd
/opt/sbin/afpd
return 1
root@fleb:/opt/etc/netatalk# chmod +x /opt/etc/init.d/S80afpd
That’s pretty much all the configuration that I needed to do over a two day period. Most of this is documented elsewhere on the web but this is just incase I need to rebuild the system for myself. I know that the security is open to all, however given that the router has no open access I’m not too worried by this – but you will need to evaluate the risk for yourselves.
