Customizing your home router with OpenWrt
If you need to manage OpenWrt in an untrusted LAN environment, it makes sense to install the SSL extension, which you can access via System. To install, click the Install Matrix Tunnel button. Because of the restricted memory space, you should carefully consider which packages you need before installing. If not, you might run out of space for critical extensions at a later stage.
The comprehensive WLAN configuration options, which by far outclass the original firmware, are some of the most interesting aspects for many users. To access the basic settings, press Network | Wireless, where you can specify the operating mode for the wireless network. Options include Client, Ad Hoc, and Access Point. The latter is the default, which is typically the right choice for most application scenarios.
When you boot a WLAN client, it first broadcasts a message to discover reachable access points. Setting ESSID Broadcast to Hide makes your router invisible to the rest of the world.
OpenWrt also gives you various encryption options for protection against unauthorized use; you are strongly advised to enable them. Your options include 48- and 128-bit WEP encryption and WPA, version 1 or 2, which is far more secure. To use WPA, you must install add-on software via the Install NAS Package option.
The advanced WLAN configuration is accessible via Advanced Wireless. The Restrict access (MAC address) filter lets you restrict access to the router to specific MAC addresses. If the router and client are further apart, you can modify the transmitter output below Transmit Power (in mw).
OpenWrt offers far more statistical options than the original software, and it will help you analyze various events on the device. The Graphs link in the top menu bar takes you to the graphical processor and network load display (Figure 5); the software updates this every second, giving you a real-time view of the device's health state.
Clicking the Status link opens up a submenu in which you can query various system parameters, starting with the loaded modules, the connected clients, and the current network status. This screen gives you a comprehensive overview of almost any critical system status metric. The Processes entry takes you to a list of all active processes, which is refreshed at 20-second intervals. Clicking Stop Refreshing stops the refresh and displays a pull-down menu next to the process names.
From the pull-down menu, you can kill individual processes by sending the SIGHUP, SIGKILL, or SIGTERM signals. Status | Wireless displays the connected WLAN clients and also acts as a WLAN scanner to discover other WLAN devices. Currently, the device lacks a function for disconnecting connected clients.
Clicking on Log opens a system log configuration window that lets you write logfiles to an external machine (log server). The submenu also lets you access the system and kernel logs and the firewall protocol. Filtering options are restricted to searching for keywords.
The Raspberry Pi Foundation has announced an even smaller version of the tiny computer that will fit into a DIMM slot.
A new class of problems lets a malicious app pre-configure an invisible privilege update.
New Hack language adds static typing and other conveniences.
New crypto policy system will offer easier configuration and more uniform security.
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
Vulnerability affects many Linux web servers
The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open source groupware solution.
Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.
Donors will get to vote on new features for the free video editor.
Debian project puts init out to pasture and says no to Ubuntu's Upstart.