SSL Extension

If you need to manage OpenWrt in an untrusted LAN environment, it makes sense to install the SSL extension, which you can access via System. To install, click the Install Matrix Tunnel button. Because of the restricted memory space, you should carefully consider which packages you need before installing. If not, you might run out of space for critical extensions at a later stage.

WLAN

The comprehensive WLAN configuration options, which by far outclass the original firmware, are some of the most interesting aspects for many users. To access the basic settings, press Network | Wireless, where you can specify the operating mode for the wireless network. Options include Client, Ad Hoc, and Access Point. The latter is the default, which is typically the right choice for most application scenarios.

When you boot a WLAN client, it first broadcasts a message to discover reachable access points. Setting ESSID Broadcast to Hide makes your router invisible to the rest of the world.

OpenWrt also gives you various encryption options for protection against unauthorized use; you are strongly advised to enable them. Your options include 48- and 128-bit WEP encryption and WPA, version 1 or 2, which is far more secure. To use WPA, you must install add-on software via the Install NAS Package option.

The advanced WLAN configuration is accessible via Advanced Wireless. The Restrict access (MAC address) filter lets you restrict access to the router to specific MAC addresses. If the router and client are further apart, you can modify the transmitter output below Transmit Power (in mw).

Analysis

OpenWrt offers far more statistical options than the original software, and it will help you analyze various events on the device. The Graphs link in the top menu bar takes you to the graphical processor and network load display (Figure 5); the software updates this every second, giving you a real-time view of the device's health state.

Figure 5: Graphical analysis of various parameters, such as processor load and network traffic, in real time.

Clicking the Status link opens up a submenu in which you can query various system parameters, starting with the loaded modules, the connected clients, and the current network status. This screen gives you a comprehensive overview of almost any critical system status metric. The Processes entry takes you to a list of all active processes, which is refreshed at 20-second intervals. Clicking Stop Refreshing stops the refresh and displays a pull-down menu next to the process names.

From the pull-down menu, you can kill individual processes by sending the SIGHUP, SIGKILL, or SIGTERM signals. Status | Wireless displays the connected WLAN clients and also acts as a WLAN scanner to discover other WLAN devices. Currently, the device lacks a function for disconnecting connected clients.

Clicking on Log opens a system log configuration window that lets you write logfiles to an external machine (log server). The submenu also lets you access the system and kernel logs and the firewall protocol. Filtering options are restricted to searching for keywords.