SMOOTHWALL FOR USB MODEM 3G HSDPA



As mentioned before in Next G over LAN my phone line has a high signal attenuation, too high for me to get ADSL. Essentially this means there is too much copper cable between the exchange and my house. I need some form of broadband at home so I turned to wireless. The 3G HSDPA networks provide the speed I need, and the UTMS 850Mhz network from Telstra (i.e. Next G) has coverage for where I live. So I’m using Next G for home internet.
Recently there have been several questions how I got this working. This post goes through the steps in more detail. In fact I reinstalled SmoothWall myself last night to upgrade to the official version 3.0 release so I wrote this as I went.

UPDATE JUNE 2009: See comments about using the “Option Driver” instead of Airprime – Airprime is, since 2.6.27, deprecated. The Option Driver does not require patching.

At home Prue and I have two laptops, a media server, and a few other random computers that I sometimes use. In any given time at least two computers will want access to the internet. With a typical Ethernet router this wouldn’t matter the router would NAT both computers and let them share the connection. With a USB modem only one computer can be connected at a time, because the modem can only be attached to one computer at a time. Unfortunately the only modems Telstra/Bigpond supply have USB connections.


SmoothWall is a custom Linux distribution that, in very basic terms, does the job of the Ethernet router. SmoothWall comes in two forms; a) the Express edition which is free; and b) a commercial version which is not. I am using the Express edition in this how-to. Using SmoothWall I can dial up my Next G connection and SmoothWall will perform NAT for all computers on the LAN. All that remains is to successfully configure SmoothWall to actually dial out over the USB modem.
Can it be done? Yes. Does it work out of the box? Sort of. As explained on http://quozl.netrek.org/bp3-usb/ the modem works with the usbserial kernel module but only at speeds of up to 60Kbps (kilobits) which is not much better than dial up. However the modem also works, and at full speed, with a patched version of the airprime module. There’s a catch: firstly the airprime module is not compiled into the SmoothWall kernel by default so the kernel must be recompiled, and even if it was, to patch the airprime module you would need to recompile your kernel. Compiling a kernel can be somewhat of a daunting prospect.
But, it certainly works. And for me speed wise; on average from a reliable server we get down speeds of 275KB/s (kilobytes) which is faster than standard 1.5Mbps ADSL and the E1 (2Mbps) link at work. With a recent firmware upgrade theoretical speeds should approach 3Mbps (~385Kbps) but I haven’t done the firmware upgrade so I can’t verify that. These figures of course will depend on the signal strength and the server you are accessing – the same can, generally, be said for ADSL.
Note: SmoothWall also has other features such as POP3 virus scanning, Intrusion Detection and a few other fancy bits and bobs. You can look at them in your own time.
On with the show: How to setup SmoothWall
What you need:
  • A computer to run SmoothWall on: I am using an old P3 866 however, in the past, I have used P2 400′s and even 486 machines for LAN gateways. Keep in mind that for USB modems you need a USB port so a 486 might not be so great. You will also need a 5GB or greater hard drive that you are willing to format.
  • A Maxon USB Modem: There are two options (see photos). Personally I use the blue powered device as it was slightly cheaper to buy, and from memory offered better plans. However we have several of the orange USB stick devices at work. They both work the same.
  • SmoothWall Express 3.0 Developer Edition. You must get the Developer Edition – you need some of the tools that come with it.
  • A copy of the Linux kernel source code (get the tar.bz2 it’s smaller).
  • Some experience with the Linux command line.
  • I use vi for editing, SmoothWall doesn’t have anything else installed. I suggest learning the basics of vi now.
  • Time and Patience! Work through this at a comfortable pace. Ignoring the kernel compile (which takes a long time on older computers) I can setup a box in a little under 40 minutes. Don’t try and match my pace, learn what you are doing.
  • Read some of the quick introductions to SmoothWall. Pay close attention to what GREEN (safe), PURPLE (untrusted/wireless), ORANGE (dmz), and RED (internet/unsafe) networks are.
  • A working internet connection is also useful.
Step 0: Preparation
  1. Download SmoothWall Express 3.0 Developer Edition.
  2. Burn the ISO as an image to a CD.
  3. Put the burnt CD into your intended SmoothWall computer and power it up.
  4. Note: You need to tell your computer to boot from CD; this is a bios setting.
Step 1a: Installing
  1. A welcome screen will be displayed, hit enter/return to begin the install.
  2. You should receive a few warning messages that your hard drive will be formatted. Press the OK buttons.
  3. You will see a message about the drive being partitioned and then some file systems being created. Wait.
  4. Once the file systems have been created SmoothWall will begin installing files. Once again: Wait.
  5. When the Congratulations screen is displayed you can remove the CD and click OK. I’m assuming most people don’t have back up settings, as this is a first install, but if you do enter the disk and let SmoothWall do its thing. Otherwise select No.
Step 1b: Configuration
  1. You keyboard layout is up to you, but I chose US; if you have a pound symbol UK is also an option.
  2. Your machines Hostname is the name you want your SmoothWall computer to have on the LAN. I use smoothwall (the default) because that’s what best describes the machine, at least IMO.
  3. I use an Open default security policy. Once again, choose something appropriate to your needs.
  4. At the Network configuration menu choose: Network configuration type. Select “GREEN (RED is modem/ISDN)” unless you have a non-basic LAN, in which case you should have an idea which choice to make. For example: If you have an open wireless access point you may choose “GREEN + PURPLE (RED is modem/ISDN)” and make the PURPLE component be your wireless clients.
  5. At the Network configuration menu choose: Drivers and card assignments. Select probe. When each card is detected assign it to a network interface (i.e. GREEN or PURPLE or ORANGE). I have one network card in my SmoothWall box which I assign as the GREEN interface.
  6. At the Network configuration menu choose: Address settings. Configure the GREEN interface appropriately for your network. I use IP Address 192.168.1.5 with a Network Mask of 255.255.255.0.
  7. If you chose a multiple network type (i.e. GREEN + PURPLE) repeat the above for each other interface. You may also need to manually probe for the extra network device using the Drivers and card assignments menu item. Don’t worry about DNS and Gateway settings. Next G essentially amounts to dial up – so these are provided/set at connection.
  8. At the Section menu the only option we are concerned with is the DHCP server configuration. If you are running another DHCP server on your LAN (I am using my Ethernet router as a LAN switch it has a DHCP server) I recommend disabling it and using SmoothWall’s DHCP server. Or reconfigure your DHCP server to set clients default gateway to your SmoothWall IP.
  9. In the DHCP server configuration check Enabled and then enter your desired values. If you have a small network the defaults should be fine.
When you’re ready select Finished.
Step 1c: Passwords
  1. Select sensible passwords: a combination of upper and lower case, numbers, and punctuation is recommended. Of course the letter q will also work.
  2. Don’t use the same password for the admin and root users. The admin password will be sent as plain text over your network when using the standard web interface (you can use ssl to mitigate this if you need/want).
Press OK to reboot the machine and watch while SmoothWall boots.
Step 2: The Hard Stuff
  1. Get a copy of the Linux kernel source onto your SmoothWall computer. WinSCP is useful if you downloaded on a Windows machine, or plain scp if on a *nix OS. SCP uses SSH to transfer files across a network – so first you will need to enable SSH. Visit http://:81 in your browser login with your admin user name and password. Under Services->Remote Access check SSH and click save. Now you can access the box as root over ssh/scp. Note: The SSH port is 222 by default. If you wish to change that edit /usr/etc/sshd_config. I have changed mine with no ill effects but … I have no idea if that will break something.
  2. Login as the root user.
  3. Extract the kernel source: cd /usr/src tar xjf /path/to/linux-2.6.22.9.tar.bz2 # replace with the appropriate version
  4. Patch the kernel source: vi linux-2.6.22.9/drivers/usb/serial/airprime.c # replace with the appropriate version
    1. Quick word on vi: to insert text press i then type your text, when done hit esc. To save and exit: ZZ or :wq
    2. You want to add the line starting with a + (roughly line 22) { USB_DEVICE(0x0c88, 0x17da) }, /* Kyocera Wireless KPC650/Passport */ { USB_DEVICE(0x1410, 0x1110) }, /* Novatel Wireless Merlin CDMA */ + { USB_DEVICE(0x16d8, 0x6280) }, /* Maxon BP3-USB 3G Bigpond Telstra */ { },
  5. Configure the kernel cd linux-2.6.22.9 # replace with appropriate version make menuconfig
    • Configuring a kernel is documented in many places I’m not going to duplicate that here.
    • There are a few things you definitely need to set though:
      • Networking->Networking Options->Network packet filtering framework (Netfilter)
        1. Say YES to everything under Core and IP Netfilter Configuration.
        2. It might not all be necessary but it saves working out what is.
      • Networking->Networking Options
        1. Say YES to IP: advanced router
        2. Say YES to IP: tunneling
        3. Say YES to IP: TCP syncookie support
      • Device Drivers->Network device support
        1. Make sure your device is selected.
        2. Say YES to PPP (point-to-point) support
        3. Say YES to everything that shows up below PPP support
      • Device Drivers->USB Support->USB Serial Converter support
        1. Say YES to USB Serial Converter support
        2. Say YES to USB AirPrime CDMA Wireless Driver
      • Optional: Under General give a local version append “nextg”
      • Optional: Turn off CPU Frequency Scaling if not supported/needed
    • There are many other kernel options you may want to investigate, but that should get you started.
    • You might want to consider making some parts into kernel modules (hit M instead of Y).
  1. Save the config in a file called “.config” (without the quotes) and then compile. Note this will take some time: make make modules_install
  2. When the kernel has finished compiling cp  arch/i386/boot/bzImage /boot/vmlinuz-2.6.22.9-nextg vi /etc/lilo.conf
    • You need to change the line default=SmoothWall to default=SW-NextG
    • Add the following two lines at the end (note the second should be intended i.e. hit the tab key) image=/boot/vmlinuz-2.6.22.9-nextg label=SW-NextG
    • Save and run: lilo
  • You MUST run: lilo – THIS IS IMPORTANT – Don’t reboot until lilo runs and exits without any errors.
  • Reboot the computer: reboot
  • On boot up you should see your new kernel selected in the boot menu (i.e. LILO’s menu). If something goes wrong and the kernel does not boot properly, hit the reset button and choose the old kernel from the boot menu. Once booted reconfigure your new kernel to resolve the problem(s) and try again. Remember each time you change the kernel image or /etc/lilo.conf you should run: lilo.
Step 3: Device Testing
  • Once your new kernel is running login as root and run: dmesg | tail
  • Plug in your USB modem and re-run the above, all going well you should see something like usb 1-2: new full speed USB device using uhci_hcd and address 2 usb 1-2: configuration #1 chosen from 1 choice usbcore: registered new interface driver usbserial drivers/usb/serial/usb-serial.c: USB Serial support registered for generic usbcore: registered new interface driver usbserial_generic drivers/usb/serial/usb-serial.c: USB Serial Driver core drivers/usb/serial/usb-serial.c: USB Serial support registered for airprime airprime 1-2:1.0: airprime converter detected usb 1-2: airprime converter now attached to ttyUSB0 usb 1-2: airprime converter now attached to ttyUSB1 usb 1-2: airprime converter now attached to ttyUSB2 airprime 1-2:1.1: airprime converter detected usb 1-2: airprime converter now attached to ttyUSB3 usb 1-2: airprime converter now attached to ttyUSB4 usb 1-2: airprime converter now attached to ttyUSB5 airprime 1-2:1.2: airprime converter detected usb 1-2: airprime converter now attached to ttyUSB6 usb 1-2: airprime converter now attached to ttyUSB7 usb 1-2: airprime converter now attached to ttyUSB8 usbcore: registered new interface driver airprime
  • If you don’t get something like this make sure you patched properly and that you did select AirPrime when configuring the kernel. If still no luck after that then Google and email are your friends. I know, I know. That is indicative of Linux how-to material. However, I have, deliberately, left some big holes, big enough to drive a barn through, in the kernel compile section; there could be any number of reasons something went wrong.
Step 4: Patching SmoothWall Web Interface
  • SmoothWall doesn’t really know about /dev/ttyUSB* devices, so we need to add them manually so we can configure through the web interface.
  • There are two files I want to change: /httpd/cgi-bin/pppsetup.cgi and /usr/bin/smoothwall/writedhcp.pl. The first controls the PPP settings page. The second generates a DHCP config file. If you are not running DHCP Server on your SmoothWall computer then you can ignore the second file.
  • Note: Don’t actually write the +/- characters: + is add this line; – is remove/replace this line
  • vi /http/cgi-bin/pppsetup.cgi
    • Search (hint: hit / and then type the search string) for ttyS3
    • Change this line: - unless ($pppsettings{'COMPORT'} =~ /^(ttyS0|ttyS1|ttyS2|ttyS3|isdn1|isdn2|pppoe|adsl)$/) { + unless ($pppsettings{'COMPORT'} =~ /^(ttyS0|ttyS1|ttyS2|ttyS3|ttyUSB3|isdn1|isdn2|pppoe|adsl)$/) {
    • Add a line after this: selected{'COMPORT'}{'ttyS3'} = ''; + selected{'COMPORT'}{'ttyUSB3'} = '';
    • Add a line after this: <option VALUE='ttyS3' $selected{'COMPORT'}{'ttyS3'}>$tr{'modem on com4'} + <option VALUE='ttyUSB3' $selected{'COMPORT'}{'ttyUSB3'}>NextG Wireless
  • vi /usr/bin/smoothwall/writedhcp.pl
    • Search for max-lease-time and add after this: print FILE "\tmax-lease-time $maxleasetime;\n"; + print FILE "\tauthoritative;\n";
Reboot the computer again.
Step 5: Configuring the Next G Dialer
  1. Login to the web interface as admin again.
  2. Under Services->Time check the Timezone and Time are correct.
  3. Under the Maintenance menu select Passwords: Specify a password for the dial user. The dial user can connect / disconnect but not configure SmoothWall.
  4. Create a new connecton: Networking->PPP Name: NextG Interface: NextG Wireles Number: *99# Username: YOUR USERNAME Password: YOUR PASSWORD Method: PAP or CHAP
  5. Do a test dial.
  6. Fingers crossed after 5 seconds SmoothWall should come back saying you are connected.
All Done You should now have a working SmoothWall Express Next G Gateway for your LAN. If something is not working I suggest adding the following to to /etc/ppp/options and then running tail -f /var/log/messages and watch what happens when you try and connect. I’ll try my best to respond to email queries but some problems can’t be solved without sitting down at the machine. # Add to /etc/ppp/options to increase log file output debug dump
I hope this has been helpful.
(From : Andrew Bevitt)

No comments :

Post a Comment

Silahkan tulis komentar, saran dan advis Anda. Terima kasih sudah beratensi di blog ini. (Admin)

Subscribe to: Post Comments ( Atom )