I have done the following install steps to a linksys router:

1. Loaded your flash program

2. Accesses the router using 172.27.0.1:8080

3. Made changes to the desktop. ie added my call sign to the name

4. Saved changes. I have not been able to access the router after the reboot.

5. I am using a separate nic card for the router it has an address of 172.27.0.2

6. I can see the Hammnet-Broadband-v1 ssid from a wireless connection on another system. I can connect to the wireless link but I am not able to access the router using either wireless or wired connections

Windows firewall is disabled, do I need to disable any other security or anti virus programs?

comments please

KK6IVW

Peter

Can you please elaborate as to what you would be looking for in "basic security is needed." ?

Basic can have many different opinions (such as changing the olsrd code as noted above) or any other number of items so if you could provide a bit more details it would be appreciated.

I would really be interested in knowing how your remote control project is advancing.  I am attempting to do something similar, but I want to remote control a computer that is running 2meter packet.  Got the TNC on the way, and the mesh is working, just have to load a newer version of Teamspeak.  Thanks for what you have posted so far.

KC4OJS

VE3PLF-100 went operational today at 43 deg, 03 min, 04 sec N,,079 deg 18 min 00 sec W at the 100 foot mark of our repeater tower. Any reports on copying this node would be greatly appreciated!

You really should not have to erase the whole flash chip in order to get the router working. There is another parameter you can change in the CFE before flashing that back over. You want to enable boot_wait by changing the flag from a 0 to a 1. This will always allow you to easily tftp firmware to the router in case of any bad flash that may occur. Do not forget to put back on the router the same CFE you backed up. Without the CFE, the router is 100% useless.

Actually I've upgraded to the correct sized helmet now. hah

So to update where I am on this. I bought a jtag cable, and removed the CFE, NVRAM etc per numberous instructions. Unless I'm missing something I can't get this to flash. The only thing I can think of is I have to edit the CFE with a mac address?

Owen - KK4URZ

When loading this unit how does one find it as I try to SSH into it and cannnot find it on the default IP address.

At the moment, the version that went out to beta does not expose the setting via the user interface.

The key will be able to be changed by either ssh or telnet into the node and editing a file, or by using a SCP client to copy the file that has the key into place.

http://broadband-hamnet.org/download/backfire/10.03.1/ar71xx/packages/

Would someone would point me to a downloadable package repository for v1.01?  Can't access the mesh and the net at the same time to populate it via the GUI.

Thanks!

Joe W3JY

This afternoon I ran a benchmark test from my Fallbrook home to the top of Mt. Palomar.  The following configuration resulted in a LQ of 100% with a 20 dB SNR.  The path is 34.5 km (21.4 miles).

My FJ Cruiser (on Mt. Palomar):

NanoBridge M2 (23 dBm, 18 dBi self-contained antenna)

-94 Rec sensitivity spec

 

My backyard (Fallbrook):

Bullet M2 (28 dBm, 25 dBi BBQ grill antenna)

-83 Rec sensitivity spec

 

The SNR likely could have been improved upon, as I has holding the NanoBridge dish and pointing it based on my wife reading Link Quality numbers. Unfortunately I didn't have a Telnet or Putty client on my dash-mounted PC, so I couldn't use the "Aimer" program.

 

I personally would like to see OLSRD Secure Module  as an available BBHN option.  Preferably with an interface that would allow the node owner to easily upload the key file.

I know the next firmware release will be rolling out soon.  If someone in the know could comment as to whether or not this will be in the mix, the data point would be appreciated.

Bob, KO2F

for the NW-Mesh group I believe you are referring to the OLSRD Secure Module

We actually used this module in versions prior to 1.0.0.

See BBHN->ticket:37 for more details on it being restored back in the next release of BBHN.

If you use the normal default code, than any person can join the network if they have a default build.  The advantage in this case of the code existing is you can at least argue at that point that you took measures to protect your node from speaking to non hams.

If you decide to change the code for a region to take more control than the nodes will become more like a 'closed repeater' where everyone has to have the same code (just like on voice you have to have the correct PL tone)

It doesn't fully secure a node in itself but it does provide some (in my opinion) basis to argue that the node was attempting to not be accessible to non-hams.

When the does don't match a node just throws away the packet without responding to it.

There are still some openings, but the attack surface does get decreased.

You may also want to read:

www.broadband-hamnet.org/hsmm-mesh-forums/view-postlist/forum-1-general/topic-809-what-if-anything-keeps-the-bad-guys-out.html

And as i said once in the past (I believe in that same topic ) "the more people who speak up on about access control features the more likely it is to be worked on sooner"

Hello Everyone,

What prevents a technically competent non-ham from loading a used Linksys router and joining a local BBHN mesh?

As I understand it, the NW-MESH community uses a distributed credential to digitally sign the routing table, thus constraining network access.  [The adequacy of this is another topic...]

Is there something built in to BBHN that addresses this topic?

If this has been discussed elsewhere, please point me in the right direction.

Bob

KO2F