Setting up my Portable Router (RP-WD009) with OpenWRT

Published on Sep 19, 2023

Setting up my Portable Router (RP-WD009) with OpenWRT

Here I’ll be taking notes about everything I do to modify the default configurations in the stock openwrt image of my portable router (RP-WD009). I’ll document my efforts to the future, if I need somehow to do them again.

First things first

Every time I boot openwrt for the first time, I do two things: set a root password and change some system settings. I do it via SSH, so the command to make the connection is:

ssh root@192.168.1.1

After this, I’d like to set some environment variables. Every guide I write, I do this to help me change configurations if needed in the future:

export MY_TIMEZONE="<-03>3" #america/fortaleza
export NTP_SERVER_A="a.ntp.br"
export NTP_SERVER_B="b.ntp.br"
export NTP_SERVER_C="c.ntp.br"
read -p "MY_HOSTNAME: " MY_HOSTNAME ;\
read -p "WWAN_WIFI_NAME: " WWAN_WIFI_NAME ;\
read -p "WWAN_WIFI_PASSWORD: " WWAN_WIFI_PASSWORD ;\
read -p "MAIN_WIFI_NAME: " MAIN_WIFI_NAME ;\
read -p "MAIN_WIFI_PASSWORD: " MAIN_WIFI_PASSWORD ;\
read -p "GUEST_WIFI_NAME: " GUEST_WIFI_NAME ;\
read -p "GUEST_WIFI_PASSWORD: " GUEST_WIFI_PASSWORD

psst: if you need to get timezone “codes” go here.

Set password for root:

passwd

Set system name, timezone and ntp servers:

uci delete system.ntp.server
uci set system.@system[0].hostname="$MY_HOSTNAME"
uci set system.@system[0].timezone="$MY_TIMEZONE"
uci add_list system.ntp.server="$NTP_SERVER_A"
uci add_list system.ntp.server="$NTP_SERVER_B"
uci add_list system.ntp.server="$NTP_SERVER_C"

Apply changes:

/etc/init.d/system restart

This router, as many of the current generation of routers, have two wireless devices: one running in the 2.4GHz frequency and another one in the 5GHz frequency. The main wifi is set for these two radios:

uci delete wireless.default_radio0
uci delete wireless.default_radio1
# 2G
uci set wireless.default_radio0=wifi-iface
uci set wireless.default_radio0.device='radio0'
uci set wireless.default_radio0.network='lan'
uci set wireless.default_radio0.mode='ap'
uci set wireless.default_radio0.ssid=$MAIN_WIFI_NAME
uci set wireless.default_radio0.encryption='sae-mixed'
uci set wireless.default_radio0.ieee80211w='1'
uci set wireless.default_radio0.key=$MAIN_WIFI_PASSWORD
# 5G
uci set wireless.default_radio1=wifi-iface
uci set wireless.default_radio1.device='radio1'
uci set wireless.default_radio1.network='lan'
uci set wireless.default_radio1.mode='ap'
uci set wireless.default_radio1.ssid=$MAIN_WIFI_NAME-5g
uci set wireless.default_radio1.encryption='sae-mixed'
uci set wireless.default_radio1.ieee80211w='1'
uci set wireless.default_radio1.key=$MAIN_WIFI_PASSWORD

If you want to enable wifi now:

uci set wireless.radio0.disabled='0'
uci set wireless.radio1.disabled='0'
uci set wireless.radio0.enabled='1'
uci set wireless.radio1.enabled='1'
uci set wireless.default_radio0.disabled='0'
uci set wireless.default_radio1.disabled='0'
uci set wireless.default_radio0.enabled='1'
uci set wireless.default_radio1.enabled='1'
wifi

If your 5G wifi is not showing, and your 5G led is off, try:

  • Check iwinfo: iwinfo phy1 info
  • Check if wlan1 is showing under ip command: ip a
  • Check if wlan1 link is up: ip link set wlan1 up
  • Check if country code is enabled: uci show wireless.radio1.country
  • If needed to set country code: uci set wireless.radio1.country='BR'

Enable Guest Wifi

The official OpenWRT guide has already an excelent script that sets everything related to guest wifi for you. Here I make three adaptations: use my variables, set the password (the original script does not set any password) and make the wifi disabled by default (we enable it afterwards, like we did before with the main wifi).

# Configuration parameters
WIFI_DEV="$(uci get wireless.@wifi-iface[0].device)"
WIFI_DEV_5G="$(uci get wireless.@wifi-iface[3].device)"

# Set up guest WLAN
uci delete network.guest_dev
uci set network.guest_dev=device
uci set network.guest_dev.type=bridge
uci set network.guest_dev.name=br-guest
uci delete network.guest
uci set network.guest=interface
uci set network.guest.proto=static
uci set network.guest.device=br-guest
uci set network.guest.ipaddr=192.10.11.1
uci set network.guest.netmask=255.255.255.0
uci commit network
# 2G
uci delete wireless.guest
uci set wireless.guest=wifi-iface
uci set wireless.guest.device=$WIFI_DEV
uci set wireless.guest.mode=ap
uci set wireless.guest.network=guest
uci set wireless.guest.ssid=$GUEST_WIFI_NAME
uci set wireless.guest.key=$GUEST_WIFI_PASSWORD
uci set wireless.guest.encryption=psk2
uci set wireless.guest.disabled=1
# 5G
uci delete wireless.guest5g
uci set wireless.guest5g=wifi-iface
uci set wireless.guest5g.device=$WIFI_DEV_5G
uci set wireless.guest5g.mode=ap
uci set wireless.guest5g.network=guest
uci set wireless.guest5g.ssid=$GUEST_WIFI_NAME-5G
uci set wireless.guest5g.key=$GUEST_WIFI_PASSWORD
uci set wireless.guest5g.encryption=psk2
uci set wireless.guest5g.disabled=1
uci commit wireless
uci delete dhcp.guest
uci set dhcp.guest=dhcp
uci set dhcp.guest.interface=guest
uci set dhcp.guest.start=100
uci set dhcp.guest.limit=150
uci set dhcp.guest.leasetime=12h
uci commit dhcp
uci delete firewall.guest
uci set firewall.guest=zone
uci set firewall.guest.name=guest
uci set firewall.guest.network=guest
uci set firewall.guest.input=REJECT
uci set firewall.guest.output=ACCEPT
uci set firewall.guest.forward=REJECT
uci delete firewall.guest_wan
uci set firewall.guest_wan=forwarding
uci set firewall.guest_wan.src=guest
uci set firewall.guest_wan.dest=wan
uci delete firewall.guest_dns
uci set firewall.guest_dns=rule
uci set firewall.guest_dns.name=Allow-DNS-guest
uci set firewall.guest_dns.src=guest
uci set firewall.guest_dns.dest_port=53
uci add_list firewall.guest_dns.proto=tcp
uci add_list firewall.guest_dns.proto=udp
uci set firewall.guest_dns.target=ACCEPT
uci delete firewall.guest_dhcp
uci set firewall.guest_dhcp=rule
uci set firewall.guest_dhcp.name=Allow-DHCP-guest
uci set firewall.guest_dhcp.src=guest
uci set firewall.guest_dhcp.dest_port=67
uci set firewall.guest_dhcp.proto=udp
uci set firewall.guest_dhcp.family=ipv4
uci set firewall.guest_dhcp.target=ACCEPT
uci commit firewall
/etc/init.d/network reload
/etc/init.d/dnsmasq restart
/etc/init.d/firewall restart

If you want to enable the guest wifi now:

uci set wireless.guest.disabled=0
uci set wireless.guest5g.disabled=0
wifi

If your 5G wifi is not showing, and your 5G led is off, try:

  • Check iwinfo: iwinfo phy1 info
  • Check if wlan1 is showing under ip command: ip a
  • Check if wlan1 link is up: ip link set wlan1 up
  • Check if country code is enabled: uci show wireless.radio1.country
  • If in need to set country code: uci set wireless.radio1.country='BR'

Travelmate

I’m going to install travelmate because it really helps the portable router owner. It creates a custom WWAN interface and, in the past, I’ve tried to modify this interface’s name, but I never fully understood how travelmate set up its configurations and couldn’t modify to make it work. But the advantages this little guy gives us, like auto switching multiple hotspots or even reconnecting if the connection fails, are priceless.

To install it, though, I need first to set up a wwan interface manually, this is what I do here:

uci delete wireless.wwan_radio0
uci set wireless.wwan_radio0=wifi-iface
uci set wireless.wwan_radio0.device='radio0'
uci set wireless.wwan_radio0.network='wwan'
uci set wireless.wwan_radio0.mode='sta'
uci set wireless.wwan_radio0.ssid="$WWAN_WIFI_NAME"
uci set wireless.wwan_radio0.encryption='psk2'
uci set wireless.wwan_radio0.key="$WWAN_WIFI_PASSWORD"
uci delete network.wwan
uci set network.wwan=interface
uci set network.wwan.device=wlan0
uci set network.wwan.proto=dhcp
uci add_list firewall.@zone[1].network='wwan'

Enable it:

uci set wireless.wwan_radio0.enabled=1
uci set wireless.radio0.disabled=0
/etc/init.d/network restart
/etc/init.d/firewall restart
wifi

Test if it worked:

ping 8.8.8.8 -c 3

If the answer was something like:

PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=118 time=55.201 ms
64 bytes from 8.8.8.8: seq=1 ttl=118 time=54.984 ms
64 bytes from 8.8.8.8: seq=2 ttl=118 time=55.824 ms
                                                  
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 54.984/55.336/55.824 ms

IT WORKED!

If it didn’t work, check if the radio is connected:

iwinfo

Also, check your LAN IP address and see if it doesn’t have any conflict with WWAN IP:

#check each route IP
ip route
/etc/init.d/network restart

To change you router LAN IP run this (you’ll lose SSH connection):

uci set network.lan.ipaddr='YOUR.IP'
/etc/init.d/network restart

IF (and only if) you were able to connect again to your router, commit the changes:

uci commit

Now we can proceed and install travelmate:

opkg update
opkg install luci-app-travelmate

Now let’s undo our wwan interface, so we can let travelmate do it’s stuff:

uci delete wireless.wwan_radio0
uci delete network.wwan
/etc/init.d/network restart
/etc/init.d/firewall restart
wifi

We go now to the web interface, so we can start the travelmate setup;

  • Go to your router IP;
  • Login with root and your password;
  • Go to Services -> Travelmate;
  • Click on Interface Wizard;
  • Leave everything as default and click on Save;
  • Tick “Enabled”;
  • On “Radio Selection” choose “use first radio only (radio0)”
  • Scroll down and click “Save & Apply”;
  • Now go to the tab “Wireless Stations”;
  • Click on the “Scan on radio0”;
  • Select your wifi, put the password (and the ssid if it’s hidden);
  • Leave everything else as default and click “Save”;
  • When back, click “Save & Apply” again;
  • Go to the first tab again (Overview);
  • Click on “Restart Interface”;
  • Wait until Status / Version gets to “connected”, then you’re good to go.

To test if everything is working, do the ping command again (on the ssh session):

ping 8.8.8.8 -c 3

Result should be:

PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=118 time=55.201 ms
64 bytes from 8.8.8.8: seq=1 ttl=118 time=54.984 ms
64 bytes from 8.8.8.8: seq=2 ttl=118 time=55.824 ms
                                                  
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 54.984/55.336/55.824 ms

This ends this section.

Updating the firmware

To update the firmware, we can first check the latest stable release of OpenWRT:

curl -s "https://downloads.openwrt.org/releases/" | grep href | grep -v '(root)' | grep -v KeyCDN | grep -v faillogs | grep -v 'packages-' | sed s/'<\/a>.*'/''/ | sed s/'<tr><td class="n">'/''/ | cut -d'>' -f2 | grep -v '\-rc' | sort | tail -n1

Then compare to the installed version:

cat /etc/banner

If they are different, let’s download the latest firmware:

export LATEST_VERSION=$(curl -s "https://downloads.openwrt.org/releases/" | grep href | grep -v '(root)' | grep -v KeyCDN | grep -v faillogs | grep -v 'packages-' | sed s/'<\/a>.*'/''/ | sed s/'<tr><td class="n">'/''/ | cut -d'>' -f2 | grep -v '\-rc' | sort | tail -n1)
)
wget -O /tmp/firmware.bin https://downloads.openwrt.org/releases/$LATEST_VERSION/targets/ramips/mt76x8/openwrt-$LATEST_VERSION-ramips-mt76x8-ravpower_rp-wd009-squashfs-sysupgrade.bin

WARNING: proceed only if you are sure to continue, since upgrades can make you lose all the configuration/installed packages.

To install the update keeping the configuration, run this command:

sysupgrade -v /tmp/firmware.bin

PS.: After running this command I had to reinstall travelmate. Luckily, trm_wwan was still enabled and I was able to opkg update and opkg install travelmate again.

Ethernet USB

Maybe it’s a driver issue, maybe it’s just the driver itself. The thing is: RP-WD009 (at least in openwrt) won’t work properly if the ethernet port is set to be WAN instead of LAN. The device simply won’t get any IP from upstream DHCP, so even if I tried multiple times this wouldn’t work.

But! I got a plan B, which would be to use an Ethernet USB.

The USB adapter a usually carry with me (to use with my Macbook Air) is the TP-Link UE300. According to this link the package of this driver should be kmod-usb-net-rtl8152. To install it, we can proceed like this:

opkg update
opkg install kmod-usb-net-rtl8152

After the installation is complete, connect the adapter in the USB port and it should be shown as eth1:

ip a s dev eth1

Then we can proceed to create a br-wan bridge and use it as a wan interface:

uci set network.wan_bridge=device
uci set network.wan_bridge.type='bridge'
uci set network.wan_bridge.name='br-wan'

Now create the interface:

uci set network.wan=interface
uci set network.wan.proto='dhcp'
uci set network.wan.device='br-wan'

Now add the device to the br-wan bridge:

uci set network.wan_bridge.ports='eth1'

Apply changes:

uci commit
/etc/init.d/network restart

The travelmate button

This is one of the advantages of using linux based systems on our devices: RIDICULOUSLY HIGH CUSTOMIZATION LEVELS. The RP-WD009 router comes with two push buttons. The objective here is to set one of them to enable or disable travelmate.

As this openwrt guide shows we should start by testing which button we want. But as this documentation of mine is specific to the rp-wd009, I already know which button I want to use. OpenWRT shows it under the “rfkill” label. So we are going to use it.

First of all, we need a script to enable/disable travelmate and it’s interface when called. This is the one:

cat <<"EOF" > /usr/sbin/travelmate_onoff.sh
#!/bin/ash

disable() {
    #stop travelmate
    logger "Stopping travelmate"
    /etc/init.d/travelmate stop
}

enable() {
    #start travelmate
    logger "Starting travelmate"
    /etc/init.d/travelmate start 
}

main() {
    #Check if travelmate is enabled:
    if [ -f /tmp/trm_runtime.json ] && [ -s /tmp/trm_runtime.json ] ; then
        logger "travelmate is enabled, disabling it"
        disable
    else
        logger "travelmate is disabled, enabling it"
        enable
    fi
}

main

EOF

Make this script executable:

chmod +x /usr/sbin/travelmate_onoff.sh

Now we set this script to be used by the wifikill-button. The system already has one script (/etc/rc.button/rfkill) that it invoked when wifikill is pressed, so we first get it out of the way (backing it up, of course):

mv /etc/rc.button/rfkill /etc/rc.button/rfkill.bak

To make our script work, we ask to hotplug.button, to run it. To do this we export the following code to the /etc/hotplug.d/button/buttons:

mkdir -p /etc/hotplug.d/button
cat << "EOF" >> /etc/hotplug.d/button/buttons
if [[ "${BUTTON}" == "rfkill" ]] && [[ "${ACTION}" == "released" ]] ; then
    /usr/sbin/travelmate_onoff.sh
fi
EOF

Make it executable:

chmod +x /etc/hotplug.d/button/buttons

To test it, take a look at logread. You should see the sentences like “Travelmate enabled. disabling it”:

#run this and try to press the button
logread -f -e "abled"

This should do for the wifikill-button. ;)

Battery indicator

So, to finish this, let’s just install something to show the battery percentage in Luci’s web ui:

opkg update
opkg install luci-mod-battstatus

Finishing

Finally, after two years of coming back to this post, I can finally release it. VPN connection will be on a new chapter of this. WE’RE DONE!!!