Getting access to the nifty CUWiN web interface

Troubleshooting CUWIN installations

OK, so you have your CUWiN Metrix box and are working to get everything up and happy, but you can't connect to it with a wireless connection and can't seem to get it to do.....well.....anything.

That is where we were a week ago, but there IS hope!

First off, the CUWiN box isn't a wireless router. Huh? It IS NOT A WIRELESS ROUTER as far as we have been able to tell you CANNOT connect to a CUWiN node with anything but another CUWiN node. If you want to connect to it you need to do it on the wired interface.

OK, so I want to connect to it using the wired interface, how do I do that?

You can't. SSH is set up to deny remote logins by default. To access to box and set it up, you need to do it throught the serial port. Log in using the default password and go to /etc/rc.d

Now figure out what the WIRED IP address is, type:

ifconfig sip0

You see the first line begining inet? you see the IP Address right after it? Mine is 10.218.211.254

OK write down the IP address and type:

vi /etc/thttpd.conf

you see the line that says: host=127.0.0.1?

scroll to the 127.0.0.1 entry and hit x until you have deleted it, now hit i and type the IP address you just wrote down, so now it looks like:
host=10.218.211.254

now hit esc
type :wq! and press return

now type /etc/rc.d/thttpd restart

Now hook your laptop or desktop to the CUWiN box, you can use a switched cable or a hub, be sure you don't have a dhcp server running on the network. pump your laptop configuration or ipconig /renew it if you are using windows. You should now get an IP address from the CUWiN box. Mine assigned 10.218.211.253

Open up a web browser and type: http://

You should now have the web interface, reset your settings as appropriate.

Next week: how to add a second card and set your CUWiN box up as an access point, or, if the damn cards are too expensive, how to hook a D-Link DWL-G810 up and use it to replicate the ethernet signal to a couple dozen local users.

login to post comments | 6608 reads
bney
Accessing the nifty website.
Submitted by bney on Thu, 2005-06-09 02:43.

Your comments were very instructive. The next question is
how do we get the changes to survive across a reboot since
we are working in the memory image. The firmware copy can
be accessed but is read only and so far I havent been able to identify
the file/special to mount rw. Of course it's nearly 2AM here and I am pretty fried at this point.

login to post comments
bcomisky
ssh + web interface + persistent changes
Submitted by bcomisky on Thu, 2005-06-16 14:39.

ssh logins
I'm not sure what CUWiN version you are using, but recent CUWiN versions do allow you to login via ssh, using:

user: guest
password: guest

user: root
password: changeme

GUI access
Also, if you are plugged into the wired interface of the CUWiN node and have received an IP address via DHCP, you should be able to access the GUI interface in your browser at this address:

http://192.168.0.1

without any configuration. This address gets NAT'd to 127.0.0.1 on the CUWiN node. If you are not connected to the wired interface, you can always tunnel port 80 through to localhost on the node using ssh.

persistent changes
If you want to make persistent changes to the filesystem you have to first remount it read-write. Use the 'mount' command to do this and also check the status of root filesytem. Furthermore, to make the changes permanent they must be copied to /permanent/*. For example, to change the default password and make it permanent:


# mount | head -1
/dev/wd0a on / type ffs (read-only, local)
# mount -u -w /
# mount | head -1
/dev/wd0a on / type ffs (local)
# passwd
Changing local password for root.
New password:
Retype new password:
# cp /etc/master.passwd /permanent/etc
# cp /etc/spwd.db /permanent/etc
# cp /permanent/etc/spwd.db /permanent/etc/garbage
# mount -u -r /
# mount | head -1
/dev/wd0a on / type ffs (read-only, local)
# reboot

The copying to the "garbage" file is a workaround for a bug writing to flash media; I'm not sure if it's still necessary, see this explanation for more details.

Also the changes made through the GUI at:

http://192.168.0.1/config.cgi

are permanent as well.

login to post comments
oojoshua
Thanks for the tips...
Submitted by oojoshua on Sat, 2005-06-18 00:24.

Thanks for the tips, will keep in mind the 192.168.0.1 alias.

I do have several questions thought......

1. If SSH only runs on the local NIC, how does an admin handle multiple CUWiN boxes on a network? Without the SSH connection, they can't be controlled from a central location.

2. Can the box be set up to ignore DHCP requests? If you are deploying the tech into an insecure environment, allowing a local user to set up a DHCP box, kick over the hub and start assigning IPs onto the local wireless lan could be bad, he or she could do all kinds of nasty, nasty things if they set up, say a sniffer and a DNS server.

3. Instead of bringing the signal down to the location via CAT-5 can the ID of the ethernet device be disabled and a second wireless card added? Say you want to run a mesh backbone on 802.11a and provide local service on 802.11g? This is our plan here in Lawrence, but we haven't hacked on the CUWiN boxes for a while (setting up basic LDAP, DNS, DHCP, SMTP, FW, etc at the moment). Is this possible and if so do you want changes pumped back into the source.

At $500 or so each, the Metrix boxes aren't an ideal solution if you have to put one on each service point. We are looking at 25,000 users in Lawrence and most would be unwilling to put up this much cash. If we can set up the mesh as the backbone, however, and use cheap hardened D-Link G810s on the homes, a city wide network becomes possible.

What is the team's outlook on getting this packed down to a size appropriate for a Linksys image hack?

____________________________
Lawrence Freenet Project
Lawrence, KS
http://www.lawrencefreenet.org

login to post comments
bcomisky
ssh + AP + miniaturization
Submitted by bcomisky on Fri, 2005-06-24 16:14.

oojoshua wrote on Sat, 2005-06-18 01:24:

Thanks for the tips, will keep in mind the 192.168.0.1 alias.

I do have several questions thought......

1. If SSH only runs on the local NIC, how does an admin handle multiple CUWiN boxes on a network? Without the SSH connection, they can't be controlled from a central location.

The ssh server listens on the wireless interfaces too. I was just saying the 192.168.0.1 alias will only resolve to localhost (the node you are receiving a DHCP address from via the wired interface). If you want to access the web interface of some other node you can:

ssh -L 8000:localhost:80 guest@10.x.x.x

and then open your browser to http://localhost:8000

2. Can the box be set up to ignore DHCP requests? If you are deploying the tech into an insecure environment, allowing a local user to set up a DHCP box, kick over the hub and start assigning IPs onto the local wireless lan could be bad, he or she could do all kinds of nasty, nasty things if they set up, say a sniffer and a DNS server.

I'm not sure quite what you are describing with respect to "assigning IPs onto the local wireless lan". The CUWiN box will only assign DHCP addresses to things connected through it's wired interface. Anything assigned a DHCP will be routable on the network. You could put another router, firewall, access point, whatever behind the CUWiN box to address any security concerns.

3. Instead of bringing the signal down to the location via CAT-5 can the ID of the ethernet device be disabled and a second wireless card added? Say you want to run a mesh backbone on 802.11a and provide local service on 802.11g? This is our plan here in Lawrence, but we haven't hacked on the CUWiN boxes for a while (setting up basic LDAP, DNS, DHCP, SMTP, FW, etc at the moment). Is this possible and if so do you want changes pumped back into the source.

This has been talked about several times on the CUWiN development list (you can subscribe and check out the archives, see the Development lists here)

From what I remember the developers thought this was a doable (with maybe a couple weeks of work) and desirable thing to do, but just wasn't high on the priority list for them. I'm sure they'd be happy to accept patches to implement inclusion of an access point on a 2nd wireless interface. The development list (see above) is the place to ask about this sort of thing.

At $500 or so each, the Metrix boxes aren't an ideal solution if you have to put one on each service point. We are looking at 25,000 users in Lawrence and most would be unwilling to put up this much cash. If we can set up the mesh as the backbone, however, and use cheap hardened D-Link G810s on the homes, a city wide network becomes possible.

What is the team's outlook on getting this packed down to a size appropriate for a Linksys image hack?

~$500 would get you a Mark II that has two wireless cards and 2 N connector ports. If you just want backhaul, the Mark I will suffice at about $275 (-10% for non-profit partners). With antenna, mounting hardware, etc, that takes you to probably $325. It may be worthwhile to investigate wrapbox as an alternative.

I know "miniaturization" to get the install image down to a size practical for AP flash rom type installs is a long term goal. You'll get better info from the developers on the dev mailing list about how easy this will be to do. Though the target platform has to have a supported wireless chipset.. I think linksys might be out of the question because of the lack of open drivers (broadcom), but I don't know about the DLink you mentioned.

Bill

--
Bill Comisky
bcomisky@pobox.com

login to post comments
psybot
Continue continue
Submitted by psybot on Wed, 2005-06-29 23:25.

Please continue with your explanation of how to add that second card and set it up as an access point. Much appreciated thanks!!

login to post comments
Wind
CUWiN as node & access point
Submitted by Wind on Mon, 2005-07-11 13:44.

A second card is cheaper then the access point, by the time you get the enclosure, power injector, cabling and mounting hardware. Also, the 200mw prism cards are more powerful then the cheap access points (50-100mw).

I'm looking forward to this next article, as I believe people really want a mesh node that is also a wired/wireless access point. With the Metrix Kit Mark II, all you would need is a small low-gain omni that can be installed upside down (electrical "uptilt"?).

login to post comments