netWRT Documentation

1. Description

2. Installation

2.1 Requirements
2.2 Download
2.3 Setup
2.4 SSH

3.1 First configuration
3.2 Configure your Router
3.3 Tranfer new configuration to router
3.4 Set dependses and conflicts
3.5 Adding Variables/Groups/Routers

1. Description

Netwrt is a PHP based Interface to configure Routers wich are equiped with an OpenWrt Firmware. We recommend, that only Network-admins and persons which "know what they do" use this Tool, because you can brick your router if you use the wrong Settings. After this warning we want to explain the capabilities of netWRT. Netwrt uses a mysql database to save all NVRAM variables of the configured routers. These variables can be changed via a PHP-based webinterface. The problem and one of the reasons to build this interface is, that you have dependencies between variables. Our system saves these dependencies and checks if you try to use any conflicting settings. Additionally, it unsets unused variables which might have been previously in the router's nvram and might cause conflicts. With netWRT you can configure a nearly infinite number of routers. You have to install netWRT on one server and you can access all routers which are reachable via SSH. To establish a connection from the server to a router we use an ssh-connection, which is why you have to copy one ssh key to all routers, but you can read this in the section installation.

2.1 Requirements

netWRT requires the following packages:

dfdf

any Webserver with PHP support (tested with Apache 1.3.x and PHP 4.3/safe_mode disabled)

MySQL (> 3.22.x)

SSH

expect (requires TCL 8.3)

openWRT-based systems (tested with Linksys WRT54GS)

2.2 Download

Check available downloads in the files section

2.3 Setup

Either untar the tarball into your web-directory or use an ftp program to upload the files to your site. Please direct your browser to http://yourserver/path-to-netwrt/setup.php and follow the instructions. The setup script will check the requirements, ensure that correct file permissions are set and prepare the MySQL database.

2.4 SSH

netWRT uses SSH Keys to establish a secure connections between the web-interface and the target router. In order to set this up properly you need to run ssh-keygen (or putty-keygen for the ones how live in an windows environment) to create a pair of keys (public and private, without a passphrase).
A possible command (inside the netwrt directory) could look like ssh-keygen -t dsa -f ./htkey - netWRT expects the private key to be stored in a file named '.htkey' inside its top folder. In default configuration, apache refuses to serve any files beginning with '.ht' - that should give us at least some security. However, NEVER store your private key on a public web server!
The public key has to be transfered to each target router respectively (the procedure depends on the version of openWRT - in RC4 you have to add the key to /etc/dropbear/authorized_keys, in earlier versions you might have to create a home for the root user first, change /etc/passwd accordingly and add the public key to /root/.ssh/authorized_keys - check the OpenWRT Wiki for more information.
But keep in mind that the private key is created with 0600 file mode which means that the user under which the web server runs usually does not have the permission to read the keyfile (and therefore will fail to connect). The easiest solution is to chown the file to nobody/nogroup or www-data/www-group (depending on your configuration).
Currently netWRT only supports one pair of keys for all configured devices - this might change in future releases.

3.1 Add Routers

Click on the Router-Link in the menu on the left side.
You can use the form at the bottom of the page to add a new router to netWRT.
Please remember that netWRT does not automatically update the HOST/IP setting when you change a router's address via the configuration interface (e.g. from static to dhcp).

3.2 Changing the configuration of a router

For the next steps we assume that you used the setup script and that your database is filled with the sample data for variables and configuration-groups. If that is the case, you should see a list of available groups at the top of the page (e.g. 'LAN', 'WAN').
Please use the links on the left side to select a router from the list and click on one of the group links (the selected router will always be highlighted with an underline).
The next page will show you all variables assigned to the selected configuration group. But be aware that none of the variables shown will actually be set if the whole group is disabled!.

3.3 Tranfer new configuration to router

Once you are done with the configuration click on Commit Changes, select a router from the list and click the Go!-Button.
Important: everytime you commit your changes, the whole configuration gets rewritten on the router - not just single groups that have been altered since the last transfer! Unless there is an error during the process of storing the new configuration on the router, it reboots itself automatically to apply the changes which have been made.

3.4 Set Depencies and Conflicts

Before the Config will be transfered to the router netWRT check Dependses and Conflicts. The basic Depends and Conflict are set by us, but you can change it. I recommend, that you know what you are doing if you change these Depends and Conflicts. If you want to change these settings you have to click on Variables, search for the right and then click Dependencies behined the Variable. Now you can change the Dependses and Conflicts. After changeing you have to confim your new settings with the Button Apply Changes.

3.5 Adding Variables/Groups/Routers

It is possible, that you need a Variable or Group, which is not defined by us. If you want to create one of this do it like adding a new Router. Click the matching button on left, scroll at the end of the list, fill out the boxes and click add. Now, the new one will be available.

netWRT is developed by Rudolph Bott and Carsten Groth
Contact:open@megabit.net