Wive firmware on DLink DWL-G700AP

Tagged:

Some notes on transforming WiFi access point DLink DWL-G700AP to router using Wive firmware.

Intro

In fact the only reason I’ve started with it was my mistake when reading DWL-G700AP description on DLink product page … What I’ve needed was a WiFi router with single Ethernet WAN port, but from the fact that G700AP was able to run DHCP both on WLAN and LAN ports I’ve concluded that it should also be able to do that simultaneously and act as router, effectively treating LAN as WAN and running SNAT on it - which appeared to be not the case.

Fortunately, it appeared that there are some alternative firmwares, Wive being one of the best developed and known among them. Therefore, I’ve set up Wive on G700AP and got the needed functionality. As I required some things missing in standard Wive firmware, I had to recompile it, including into image the needed components.

In the rest of the article I list some things I found to be comparably tricky in this process, as Wive documentation currently is quite scarse, to say the least.

Here should go all that rubbish about “do it at your own risk” and so on, but I assume those who read it are the clever ones and understand that themselves. Still I’d like to give one warning: personally I found the process to be quite more difficult than working with custom OpenWrt firmwares, for instance, so I would not recommend attempting this unless you have at least some experience with embedded systems, or at least with other router firmwares.

Compilation

Currently the latest available version of Wive is 0.6.0, though it seems that version 0.6.1 is going to be released soon. All subsequent text discusses 0.6.0 version only, things may be quite different in other versions as interval between releases is large.

Strictly speaking, Wive “sources” distribution is in fact “semi-SDK”, as it contains some binary-only tools & programs, also it requires using binary-only toolchain, which can be downloaded at the same sourcefoge.net page where the Wive itself is located. I haven’t tried very hard, but I wasn’t able to find sources for toolchain. Binary tools are compiled for x86, for running them on Gentoo amd64 I had to install app-emulation/emul-linux-x86-baselibs.

There are some hard-coded paths to toolchain in SDK: while they can be changed to wherever you want, most likely you will have to modify some invocation options of compiler / linker in build scripts, as when I tried to relocate toolchain to another directory all binaries during firmware building were linked statically - hardly the thing you’d like to have on device with 2 Mb of flash Therefore, I recomend to stick to hard-coded paths by creating appropriate symlink to actual toolchain localtion.

As I had no ramdisk support compiled into kernel on host PC I also had troubles with the step of mkimg that prepares ramdisk; the solution there was just to mount directly the temporary image on file using -o loop rather than on /dev/ram, I wonder why it isn’t done like that in original script, as anyway it’s later re-mounted exactly in the same way.

You’ll also need to adjust packages names in APP/Makefile as they seem to be out of sync with the rest of distribution.

Due to small size of the flash you’re severely limited on space & and number/size of packages you can include: as far as I understood total size of image should be less than smth like 2Mb - 128Kb (used to store changes to FS), most likely also minus bootloader size. The image size is not controlled during build, but you will notice that you’ve hit the limit after flashing if after storing changes to filesystem you cannot boot anymore and bootloader complains in serial console on checksums mismatches.

Last but not least, it looks like default memory kernel configuration options are not OK for G700AP: after compiling with default options the kernel assumed to have 16Mb of RAM, which is not the case for G700AP. I didn’t bother to investigate what config and what options are faulty, but switching CONFIG_NINO_16MB to CONFIG_NINO_8MB in all source tree, as well as switching off CONFIG_NINO_EDIMAXMEM did the trick.

Then here are some notes on compilation of specific packages:

iptables

I’ve tried using versions 1.3.5 through 1.3.8, but there were two problems:

  1. All of them do not compile from the scratch: some patching has to be done for compilation to succeed, such as commenting out some of uncompileable targets.
  2. The resulting binaries do not work properly: binaries built with NO_SHARED_LIBS, i.e. everything compiled into iptables binary, segfaulted. When compiled with shared extensions, the binary seems to run OK, but resulting rules in the kernel are wrong, looks like all parameters passed to rules are discarded at some stage.

Therefore I had to stick with 1.2.8 iptables provided in the distribution and it worked OK.

dropbear

As dropbear key is pre-packaged on file system, it looks like dropbearkey executable may be omitted from firmware, this will save you some space.

tc

AFAIR by default tc utility is included into filesystem stub image, but if you do not need it you can remove it to have more space.

dnsmasq

dnsmasq is not included by default, however adding it to firmware was extremely easy, just unpack to APP directory, include the appropriate package name in APP/Makefile and modify mkimg.

Flashing

The procedure is explained multiple times on forums referenced from rtl8186.sourceforge.net: it’s usual TFTP procedure, nothing complicated, the IP is 192.168.1.6 WARNING: do not attempt to flash firmware from DLink native web interface, I haven’t tried that but others claim it will brick the router!

You should use “rev_a” or “rev_b” image depending on version of your hardware specified at the bottom or router case.

In the case of troubles with firmware you may find heplful to debug it via COM interface: for exact settings see, for example, this post, there it’s explained for Ovis 5460, but works for DLink DWL-G700AP also, though on my hardware the respective connector is marked as J2. To determine the correct connector layout find GND pin first: it is easily recognized by the special form of hole. As usual, DO NOT connect to PC’s COM interface as it will damage the router!

Configuration

The /etc part of file system is stored on ramdisk, so to make your changes survive reboot you should store them using fs save command.

In fact, configuration is more or less easy except WPA part: it is not explained anywhere and requires some non-standard steps.

First of all you will need the following two binaries: auth and iwcontrol. One possible source for them is official DLink sourcecode tarball for G700AP, for example found here, or search for them in INet or on forums listed at rtl8186.sourceforge.net. Also binaries from compatible firmwares (such as firmwares for some models of Edimax) are reported to work.

Put these binaries into firmware image and make sure they are started before wlan0 interface goes up; quick-and-dirty way of doing this is including their invocation into /etc/network/wifi/wep file, such as

...
iwpriv wlan0 set_mib encmode=2

killall auth
killall iwcontrol

auth wlan0 eth0 auth /etc/network/wifi/auth.conf
iwcontrol wlan0
...

Please note you will have to change in this file also encmode to 2 for WPA to work.

The auth.conf file content should be similar to the one listed in this topic.

My file for WPA-PSK is as follows:

encryption = 2
ssid = "Wive"
enable1x = 0
enableMacAuth = 0
supportNonWpaClient = 0
wepKey = 1
wepGroupKey = ""
authentication = 2
unicastCipher = 1
wpa2UnicastCipher = 2
enablePreAuth = 0
usePassphrase = 1
psk = "your-passphrase"
groupRekeyTime = 86400
rsPort = 1812
rsIP = 192.168.1.51
rsPassword = ""
rsMaxReq = 3
rsAWhile = 5
accountRsEnabled = 0
accountRsPort = 1813
accountRsIP = 0.0.0.0
accountRsPassword = ""
accountRsUpdateEnabled = 0
accountRsUpdateTime = 60
accountRsMaxReq = 3
accountRsAWhile = 5

In original DLink firmware this file is auto-generated from web interface, so you may get some additional info by studying DLink firmware sources.

Conclusion

So far everything seems to work OK, the only problem is that maximum 802.11g connection speed I saw so far was 24MBit/s, but I do not know yet whether this is the problem of firmware or in local environment as I have also another production WiFi router working in the same room.

Update: in another environment the tests have shown the speed of 54MBit/s with one WiFi card and 24MBit/s with the other one, so now I tend to think this may depend on client WiFi card type also.

In the end I wouldn’t recommend choosing DWL-G700AP as router for anything more than simple routing in the network with a couple of PCs: the hardware seems to run almost “on the edge” of its capabilities as CPU is not that fast and RAM/flash are severely limited: you’re unlikely to successfully setup and run there anything really “advanced”.

Comment viewing options

ndl@home is currently in maintenance. During this maintenance it is not possible to change site content (like comments, pages and users).
Select your preferred way to display the comments and click "Save settings" to activate your changes.

To have recompiled Wive, you

To have recompiled Wive, you must have some serious skills. I gave up on it a while back because I found I couldn't work with it so I just found ways around it. As you say, it tends to be missing too many components - which I found frustrating. Great article, you've clearly put in a ton of work.

Client mode?

Hi, have you ever tried getting wive working in client mode?

Wive-ng 3.18 successful flash with client mode


Hi to all, today I successfully flash the firmware of G700ap access point to wive-ng firmware, before I already done it but with no success for bridge or client mode.. after failing to flash in aprouter firmware and c3 firmware, I flashed it back again to wive-ng 3.17, I remember that Ive download a latest version of wive-ng version 3.18 firmware last 2 weeks ago, I immediately flash my radio to 3.18 and configure using the menu command at shell prompt.. guest what??? I connected it to my neighbors AP using this router with a simple configuration and using the "wl scangraph" I see that I was connected, and after that I change my wired lan card to dhcp, successful the IP of the AP that ive connected became my gateway and dns server... email me at erwin_husana@yahoo.com if you wanna know how I do it.. gud luck for other brickers out there.. LOL

Client mode?

NDL's picture

Hi,

Do you mean connecting G700AP to some other access point via WiFi as a client?

No, I haven’t tried that and while I think it should be possible, I do not see too much point in doing that: considering that G700AP has only one Ethernet port, that mode would convert it to overpriced WiFi adapter

Client mode?

Technically yes its a WiFi adapter but I was trying to use that one Ethernet port to bridge a wired lan since wive has routing capabilities.

problem with wive 0.6.0

Hello every body. I try compile firmware wive of version 0.6.0. Compile process is OK but if I flash it to my device (Dlink G700AP), I can't ping it (ssh or telnet connections have timeout of course). I tried flash my device with precompiled wive 0.6.0 but with the same result. Is any problem with this wive version. I tried precompiled wive version 0.6.1 and it work fine. Can you give me some advice where is problem?

Please answer.

Re: problem with wive 0.6.0

NDL's picture

I tried precompiled wive version 0.6.1 and it work fine.

Why not use 0.6.1 then?

Can you give me some advice where is problem?

Unfortunately not, there’s not enough information for that in your post. I recommend attaching cable via COM interface and examining boot sequence to understand where the problem is - that’s in the case if you need to use 0.6.0 version indeed.

One point, though: I assume you’ve read the article carefully, noted the memory problem description and already tried to apply the solution described there, right?

Re: Re: problem with wive 0.6.0

Thank you for your answer.
I need use self compiled wive because I want add one experimental application to wive firmware. This application has approximately 400KB and precompiled wive doesn't have enough space for this. I need use changed version of wive and remove some useless apps.
I tried advice with disable edimax option but without success and I try contact some developers of wive but still without success too.
If you can help me, can we comunicate through email? If I was successful, I write in this forum solution of this problem.

Thank you for help.

Re: problem with wive 0.6.0

NDL's picture

I need use self compiled wive because I want add one experimental application to wive firmware.

Ok, but you aren’t forced to use exactly 0.6.0 version for that, right? You can try to contact firmware author to get sources for 0.6.1 version, as well as you can try some other packages, such as wive-ng - I personally haven’t tried it, but it might be worth looking at.

I tried advice with disable edimax option but without success

Have you also replaced CONFIG_NINO_16MB to CONFIG_NINO_8MB?

If you can help me, can we comunicate through email?

I’m afraid there’s just nothing else I can suggest you without diving deeper into it, such as looking in detail at build logs/console output of booting firmware (for which you will need to attach COM cable), and, considering that nor I worked with Wive recently, neither I monitor their progress/current situation - you’d better asking for help on Wive support forums.

Great article! I successfully

Great article! I successfully flashed my DWL-G700AP with Wive firmware. I also downloaded auth and iwcontrol utilities, but... how can I add those to the box? Thank you!

Adding files to the firmware

NDL's picture

Well, you can do it in at least several ways - the easiest one is, probably, just to put the binaries in wive/src/ro_fs_stub/bin directory and rebuild the firmware.

A bit more “clean” way is to put binaries somewhere in APP directory (f.e. wive/src/APP/WPA) and then modify “mkimg” script in wive/src so that it conditionally includes these binaries to the firmware image: you can define INCLUDE_WPA variable there and if it is set - copy those binaries to the RO_ROOT, the changes that need to be done to the “mkimg” are as follows:

...
# Packages
...
INCLUDE_WPA="YES"
...
# ------------------------------------------------------------------------- #
#                       Application & libraries
# ------------------------------------------------------------------------- #
...
#WPA
if [ "$INCLUDE_WPA" = "YES" ]; then
  cp $APP_PATH/WPA/* $RO_ROOT/bin
fi

Thank you! In the meanwhile,

Thank you! In the meanwhile, I added those files directly on the AP with `wget', placed them in /usr/bin and then did a `fs save'. Now I get a working WPA-PSK authentication, but what I need is WPA-EAP with a RADIUS server. I tried with this auth.conf:

encryption = 2
ssid = "Telperion-RTL8186"
enable1x = 1
enableMacAuth = 0
supportNonWpaClient = 0
wepKey = 1
wepGroupKey = ""
authentication = 2
unicastCipher = 1
wpa2UnicastCipher = 2
enablePreAuth = 0
usePassphrase = 0
psk = ""
groupRekeyTime = 86400
rsPort = 1812
rsIP = 192.168.10.16
rsPassword = "xxxx"
rsMaxReq = 3
rsAWhile = 5
accountRsEnabled = 1
accountRsPort = 1813
accountRsIP = 192.168.10.16
accountRsPassword = "xxxx"
accountRsUpdateEnabled = 1
accountRsUpdateTime = 60
accountRsMaxReq = 3
accountRsAWhile = 5

But my notebook detect always a WPA-PSK encryption and not a WPA-EAP... Maybe I could look at the sources of the original D-Link firmware? Where can I find them? I tried at ftp.dlink.com/GPL but G700AP sources seem to not be available!

WPA-EAP with a RADIUS

NDL's picture

Now I get a working WPA-PSK authentication, but what I need is WPA-EAP with a RADIUS server.

Unfortunately I haven’t ever setup it in this configuration, so I cannot really help you with that

What you might need to check is whether some other parameters have to be adjusted besides just setting radius-related values, such as encryption/authentication parameters in auth.conf and, probably, also some parameters in other config files in /etc/network/wifi.

Maybe I could look at the sources of the original D-Link firmware? Where can I find them?

In fact the link is in the article Though, probably, not presented that prominently, so here it is once more.

Thank you very much! The key

Thank you very much! The key that seems to enable RADIUS authentication is "authentication = 1", now the correct encryption is detected... but does not work: no communication with RADIUS. I will investigate on the sources of the original firmware and let you know!

Post new comment

ndl@home is currently in maintenance. During this maintenance it is not possible to change site content (like comments, pages and users).
Syndicate content