• Buspirate (for serial console)
• Fonera FON2100A/B/C

Download the OpenWRT Backfire installation files:

• openwrt-atheros-vmlinux.lzma
• openwrt-atheros-root.squashfs

Setup atftpd or dnsmasq TFTP and put the above files on there.

Pinout of the Fonera Serial Port:

,-----------,-------------------------------------//---
| power     |    +3.3V  o o  -> Buspirate GND
| connector |      n/a  o o  n/a
|-----------'      n/a  o o  -> Buspirate MISO
|                  n/a  o o  -> Buspirate MOSI
|                  n/a  o o  n/a
|

Setup Buspirate in transparent UART bridge mode 9600 8N1 HiZ and connect to it via gtkterm or similar.

Boot Fonera and hit ^C to enter RedBoot console.

Connect Fonera via Ethernet to host computer and configure the hosts IP to be 192.168.1.2. Then execute the following commands on the serial console (note: flashing takes a long time… several minutes):

RedBoot> ip_address -l 192.168.1.1/24 -h 192.168.1.2
RedBoot> load -r -b %{FREEMEMLO} openwrt-atheros-vmlinux.lzma
RedBoot> fis init
RedBoot> fis create -e 0x80041000 -r 0x80041000 vmlinux.bin.l7
RedBoot> load -r -b %{FREEMEMLO} openwrt-atheros-root.squashfs
RedBoot> fis create rootfs
RedBoot> reset

Wait until Fonera rebooted, once that's done hit ENTER to get a shell. Now set a password which should also start dropbear sshd to allow you to login via ssh.

OpenWRT#> passwd

• Enable DHCP on br-lan interface so you can simply plug it into your network.
• Enable WiFi

Edit /etc/config/dhcp and set the ignore option on the following block to disable DHCP entirely (this is done because there's already a DHCP server in the shackspace network).

config dhcp lan
	option interface	lan
	option ignore	1

Now make sure that you are connected to something that has internet access and DHCP running. Reboot the Fonera and verify you can ping outside hosts.

# opkg update
# opkg install kmod-mmc-over-gpio
# opkg install luci-app-mmc-over-gpio

http://wiki.openwrt.org/doc/howto/mmc_over_gpio

GPIO Pin Mapping (via LuCI web-interface or „uci set“):

Pinout of the SW1 connector on the Fonera:

.-----------,-------,-----------,---//---
| power     |       | serial    |
| connector |       | connector |
|-----------'       '-----------'
|
| o  SW1.1, GPIO3 -> SD/MMC MISO
| o  SW1.2, GPIO4 -> SD/MMC SCK
| o  SW1.3, n/a
| o  SW1.4, +3.3V -> SD/MMC VCC
| o  SW1.5, GPIO1 -> SD/MMC MOSI
| o  SW1.6, GPIO7 -> SD/MMC /CS
| 
| o   o     GND   -> SD/MMC GND (either of the 5 pins is okay)
|   o
| o   o
'------------//----

Note: GPIO3 and GPIO1 could be switched but the connection to the SD card is labeled correctly.

# opkg update
# opkg install coreutils-stty

On systems without persistent storage (like the old dd-wrt version used with portal 1.0) this script can be used to setup the environment at boot time. On the current system which does have a persistent overlay filesystem, the init.sh script can be used to do most of the initial setup.

TODO: check if serial port configuration (stty) is persistent across reboots.

Put the root SSH public key into /etc/dropbear/authorized_keys. This is done by init.sh.

Once SSH keys are setup and deployed, disable PasswordAuth in /etc/config/dropbear.

• remove wlan0 from the 'lan' bridge
• create new zone 'portalwlan'
  • enable DHCP server
  • iface static 192.168.1.1/24
• leave 'lan' zone as-is
  • no DHCP server
  • iface static 192.168.0.1/24

Disable LuCI web-interface

# /etc/init.d/uhttpd disable
# /etc/init.d/uhttpd stop   

Disable password-based logins in /etc/config/dropbear

option PasswordAuth 'off'

• open/close users must have UID != 0
  Make sure the UID of the open/close users is different from '0'. Otherwise dropbear will expect your keyfile to be /etc/dropbear/authorized_keys. For UIDs other than '0' you can use ~/.ssh/authorized_keys.
  This is taken care of by by init.sh.