Ok, welp, this device runs the 2.4 linksys kernel which apparently has support for the realtek NIC and flash driver as well as the audio device attached to it's PCI bus. It contains 2mb of flash and 16mb of ram. The rootfs is loaded into a ramdisk. It runs the busybox distro with some binaries that are specefic to the network audio driver, binaries like raspplay and raspmonitor. It's settings are stored in nvram in which scripts invoke the nvram binary to parse the variables from nvram to configure the network devices. These values included domain name, wlan config including which operating mode, channel, etc, dhcp or not, etc. It runs Dante's TFTP Server which is a tftpd that takes a file it receives and attempts to flash it if it's valid firmware. Here is what ps aux shows:
# ps aux
PID Uid VmSize Stat Command
1 root 240 S init
2 root SW [keventd]
3 root SWN [ksoftirqd_CPU0]
4 root SW [kswapd]
5 root SW [bdflush]
6 root SW [kupdated]
7 root SW [mtdblockd]
8 root 276 S -sh
480 root 168 S raspmonitor -v v1.09.0.4 -m WMB54G -M Linksys -s 8
483 root 328 S < raspplay -e 0 -s 8 -M Linksys
489 root 132 S sys_monitor
490 root 800 S httpd
752 root 116 S restore_defaultsd
847 root 280 S easyconf
848 root 188 S tftpd
851 root 188 S udhcpc -i br0 -p /etc/udhcpc/udhcpc-br0.pid -s /usr/s
869 root 224 R ps aux
No telnet, ftp, nfs, or samba daemon comes preloaded, so no way to get files to and from the WMB54G. Even if you put files on the filesystem, once you turn off the unit they will be gone because the rootfs is a ram disk, and actual settings are stored via the nvram.
My goals and intentions of this device is to simply put music player daemon and required libs, telnet daemon, ssh daemon, nfs and samba clients, and if possible, mplayer on the device and store configs of samba, nfs, mpd, telnet, and ssh on the nvram as well as network settings if possible. The audio driver seems to be already in the kernel loaded on it, so mpd should work fine without the need for ALSA.
Linksys was kind enough to comply with GPL and provide everything needed to build a firmware image in the downloads section for the WMB54G under GPL code. The programs used for the audio streaming from the PC like raspplay and raspmonitor and some other programs are already prebuilt and no source code or documentation is provided. Seems to be that the source is already in MIPS binary because the source files are .o and you just need to build them into an image. I suppose what will be required is to cross compile mpd, ssh, nfs, samba, telnet, and ftp to MIPS binary and include them in the built image. I'm not sure if I should get rid of the httpd and the linksys web config crap, but since I found the serial port, everything can be done via the serial port. The scripts could be rewritten to configure the network a better way, through the command line or something. The silly prebuilt programs can be removed and thrown to teh wind, as they take up resources.
Now the thing is that I can't code because I don't know how to and doing this might require help of the 3rd party firmware devs for the WRT firmwares. The network, flash, and audio drivers seem to be built into the kernel, so they have to be in there somewhere. I'm not sure what the next step is, but I think that this little device will be one sweet network audio player thats small, fanless, and consumes little power. Again, the serial pinout of J9 on it's PCB is:
1 2
3 4
5 6
7 8
9
2 and 4 are Vcc
6 and 8 are Gnd
1 is TX
7 is RX
And the serial output of first boot is:
UART1 output test ok
Uart init
mfid=000000c2 devid=00002249
Found 1 x 2M flash memory
---RealTek(RTL8186)at 2005.11.08-15:14+0800 version 1.3c [16bit](180MHz)
no sys signature at 00010000!
Jump to image start=0x80300000...
early printk enabled
Determined physical RAM map:
memory: 01000000 @ 00000000 (usable)
Initial ramdisk at: 0x8017d000 (3584000 bytes)
On node 0 totalpages: 4096
zone(0): 4096 pages.
zone(1): 0 pages.
zone(2): 0 pages.
Kernel command line: root=/dev/ram console=0 ramdisk_start=0 single
Calibrating delay loop... 178.99 BogoMIPS
Memory: 10956k/16384k available (1341k kernel code, 5428k reserved, 3616k data,
52k init, 0k highmem)
Dentry-cache hash table entries: 2048 (order: 2, 16384 bytes)
Inode-cache hash table entries: 1024 (order: 1, 8192 bytes)
Mount-cache hash table entries: 512 (order: 0, 4096 bytes)
Buffer-cache hash table entries: 1024 (order: 0, 4096 bytes)
Page-cache hash table entries: 4096 (order: 2, 16384 bytes)
check_wait... unavailable.
POSIX conformance testing by UNIFIX
Probe PCI Bus : There must be one device at the slot.
PCI device exists: slot 0 function 0 VendorID 13f6 DeviceID 111 bd710000
Find Total 1 PCI function
pcibios_fixup_resources IO form 1d500000 to 4f0000
Linux NET4.0 for Linux 2.4
Based upon Swansea University Computer Society NET3.039
Initializing RT netlink socket
Starting kswapd
Serial driver version 6.02 (2003-03-12) with no serial options enabled
ttyS00 at 0x00c3 (irq = 3) is a rtl_uart1
state->flags=00000000
Realtek GPIO Driver for Flash Reload Default
ezWAVE Mini-Driver v1.0.0.8
cpu_clock = 180
vendor=0x13f6, device=0x0111, iobase=0x004f0000
chip version = 055
initialize_chip ok.
block: 64 slots per queue, batch=16
RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize
RealTek E-Flash System Driver. (C) 2002 RealTek Corp.
Found 1 x 2M Byte MXIC MX29LV160AB at 0xbe000000
RTL8185 driver version 1.8 (2005-11-18)
8186NIC Ethernet driver v0.0.2 (Jan 30, 2004)
eth0: RTL8186-NIC at 0xbd200000, 00:01:02:03:04:05, IRQ 4
eth1: RTL8186-NIC at 0xbd300000, 04:05:06:07:08:09, IRQ 5
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP
IP: routing cache hash table of 512 buckets, 4Kbytes
TCP: Hash tables configured (established 1024 bind 2048)
NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
NET4: Ethernet Bridge 008 for NET4.0
RAMDISK: ext2 filesystem found at block 0
RAMDISK: Loading 3500 blocks [1 disk] into ram disk... done.
Freeing initrd memory: 3500k freed
VFS: Mounted root (ext2 filesystem).
Freeing unused kernel memory: 52k freed
mount /proc file system ok!
serial console detected. Disabling virtual terminals.
init started: BusyBox v1.00-pre8 (2005.11.30-07:10+0000) multi-call binary
BusyBox v1.00-pre8 (2005.11.30-07:10+0000) Built-in shell (msh)
Enter 'help' for a list of built-in commands.
rm: cannot remove `/tmp/params': No such file or directory
rm: cannot remove `/tmp/static_flash_params': No such file or directory
killall: restore_defaultsd: no process killed
killall: raspmonitor: no process killed
killall: raspplay: no process killed
killall: wizard: no process killed
Initialize wlan0 interface
killall: syslogd: no process killed
killall: klogd: no process killed
SIOCGIFFLAGS: No such device
bridge br0 doesn't exist; can't delete it
Setup bridge...
device eth0 entered promiscuous mode
eth0
hy is 8201
SIOCDELRT: No such process
device wlan0 entered promiscuous mode
SIOCDELRT: No such process
br0: port 2(wlan0) entering listening state
br0: port 1(eth0) entering listening state
SIOCDELRT: No such process
waiting for bridge initialization...
Usage:: not found
start raspmonitor
raspmonitor 1.09.00.04
raspplay start !Allocate play buffer 262144 bytes
!
----------------> ezmn_open : 1
Allocate play buffer 1048576 bytes
send notify pkt
send notify pkt
br0: port 2(wlan0) entering learning state
br0: port 1(eth0) entering learning state
br0: port 2(wlan0) entering forwarding state
br0: topology change detected, sending tcn bpdu
br0: port 1(eth0) entering forwarding state
br0: topology change detected
send notify pkt
send notify pkt
489
# Osborne in dhcpc.sh going to run udhcpc
Osborne in br0.sh deconfig
Osborne in br0.deconfig 1
SIOCDELRT: No such process
SIOCADDRT: Invalid argument
rm: cannot remove `/tmp/params': No such file or directory
rm: cannot remove `/tmp/static_flash_params': No such file or directory
killall: easyconf: no process killed
killall: tftpd: no process killed
Dante's tiny TFTP Server is ready on port 69
Osborne in br0.sh bound
lan_ipaddr is 192.168.0.101, now setting the NVRAM vars for br0 as a DHCP client
..
deleting routers
SIOCDELRT: No such process
Finished setting NVRAM vars for br0.
adding dns 71.250.0.12
adding dns 151.197.0.30
rm: cannot remove `/tmp/params': No such file or directory
rm: cannot remove `/tmp/static_flash_params': No such file or directory
Dante's tiny TFTP Server is ready on port 69
Osborne in dhcpc.sh running udhcpc GOOD
# ps aux
PID Uid VmSize Stat Command
1 root 240 S init
2 root SW [keventd]
3 root SWN [ksoftirqd_CPU0]
4 root SW [kswapd]
5 root SW [bdflush]
6 root SW [kupdated]
7 root SW [mtdblockd]
8 root 276 S -sh
480 root 168 S raspmonitor -v v1.09.0.4 -m WMB54G -M Linksys -s 8
483 root 328 S < raspplay -e 0 -s 8 -M Linksys
489 root 132 S sys_monitor
490 root 800 S httpd
752 root 116 S restore_defaultsd
847 root 280 S easyconf
848 root 188 S tftpd
851 root 188 S udhcpc -i br0 -p /etc/udhcpc/udhcpc-br0.pid -s /usr/s
869 root 224 R ps aux
No telnet, ftp, nfs, or samba daemon comes preloaded, so no way to get files to and from the WMB54G. Even if you put files on the filesystem, once you turn off the unit they will be gone because the rootfs is a ram disk, and actual settings are stored via the nvram.
My goals and intentions of this device is to simply put music player daemon and required libs, telnet daemon, ssh daemon, nfs and samba clients, and if possible, mplayer on the device and store configs of samba, nfs, mpd, telnet, and ssh on the nvram as well as network settings if possible. The audio driver seems to be already in the kernel loaded on it, so mpd should work fine without the need for ALSA.
Linksys was kind enough to comply with GPL and provide everything needed to build a firmware image in the downloads section for the WMB54G under GPL code. The programs used for the audio streaming from the PC like raspplay and raspmonitor and some other programs are already prebuilt and no source code or documentation is provided. Seems to be that the source is already in MIPS binary because the source files are .o and you just need to build them into an image. I suppose what will be required is to cross compile mpd, ssh, nfs, samba, telnet, and ftp to MIPS binary and include them in the built image. I'm not sure if I should get rid of the httpd and the linksys web config crap, but since I found the serial port, everything can be done via the serial port. The scripts could be rewritten to configure the network a better way, through the command line or something. The silly prebuilt programs can be removed and thrown to teh wind, as they take up resources.
Now the thing is that I can't code because I don't know how to and doing this might require help of the 3rd party firmware devs for the WRT firmwares. The network, flash, and audio drivers seem to be built into the kernel, so they have to be in there somewhere. I'm not sure what the next step is, but I think that this little device will be one sweet network audio player thats small, fanless, and consumes little power. Again, the serial pinout of J9 on it's PCB is:
1 2
3 4
5 6
7 8
9
2 and 4 are Vcc
6 and 8 are Gnd
1 is TX
7 is RX
And the serial output of first boot is:
UART1 output test ok
Uart init
mfid=000000c2 devid=00002249
Found 1 x 2M flash memory
---RealTek(RTL8186)at 2005.11.08-15:14+0800 version 1.3c [16bit](180MHz)
no sys signature at 00010000!
Jump to image start=0x80300000...
early printk enabled
Determined physical RAM map:
memory: 01000000 @ 00000000 (usable)
Initial ramdisk at: 0x8017d000 (3584000 bytes)
On node 0 totalpages: 4096
zone(0): 4096 pages.
zone(1): 0 pages.
zone(2): 0 pages.
Kernel command line: root=/dev/ram console=0 ramdisk_start=0 single
Calibrating delay loop... 178.99 BogoMIPS
Memory: 10956k/16384k available (1341k kernel code, 5428k reserved, 3616k data,
52k init, 0k highmem)
Dentry-cache hash table entries: 2048 (order: 2, 16384 bytes)
Inode-cache hash table entries: 1024 (order: 1, 8192 bytes)
Mount-cache hash table entries: 512 (order: 0, 4096 bytes)
Buffer-cache hash table entries: 1024 (order: 0, 4096 bytes)
Page-cache hash table entries: 4096 (order: 2, 16384 bytes)
check_wait... unavailable.
POSIX conformance testing by UNIFIX
Probe PCI Bus : There must be one device at the slot.
PCI device exists: slot 0 function 0 VendorID 13f6 DeviceID 111 bd710000
Find Total 1 PCI function
pcibios_fixup_resources IO form 1d500000 to 4f0000
Linux NET4.0 for Linux 2.4
Based upon Swansea University Computer Society NET3.039
Initializing RT netlink socket
Starting kswapd
Serial driver version 6.02 (2003-03-12) with no serial options enabled
ttyS00 at 0x00c3 (irq = 3) is a rtl_uart1
state->flags=00000000
Realtek GPIO Driver for Flash Reload Default
ezWAVE Mini-Driver v1.0.0.8
cpu_clock = 180
vendor=0x13f6, device=0x0111, iobase=0x004f0000
chip version = 055
initialize_chip ok.
block: 64 slots per queue, batch=16
RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize
RealTek E-Flash System Driver. (C) 2002 RealTek Corp.
Found 1 x 2M Byte MXIC MX29LV160AB at 0xbe000000
RTL8185 driver version 1.8 (2005-11-18)
8186NIC Ethernet driver v0.0.2 (Jan 30, 2004)
eth0: RTL8186-NIC at 0xbd200000, 00:01:02:03:04:05, IRQ 4
eth1: RTL8186-NIC at 0xbd300000, 04:05:06:07:08:09, IRQ 5
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP
IP: routing cache hash table of 512 buckets, 4Kbytes
TCP: Hash tables configured (established 1024 bind 2048)
NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
NET4: Ethernet Bridge 008 for NET4.0
RAMDISK: ext2 filesystem found at block 0
RAMDISK: Loading 3500 blocks [1 disk] into ram disk... done.
Freeing initrd memory: 3500k freed
VFS: Mounted root (ext2 filesystem).
Freeing unused kernel memory: 52k freed
mount /proc file system ok!
serial console detected. Disabling virtual terminals.
init started: BusyBox v1.00-pre8 (2005.11.30-07:10+0000) multi-call binary
BusyBox v1.00-pre8 (2005.11.30-07:10+0000) Built-in shell (msh)
Enter 'help' for a list of built-in commands.
rm: cannot remove `/tmp/params': No such file or directory
rm: cannot remove `/tmp/static_flash_params': No such file or directory
killall: restore_defaultsd: no process killed
killall: raspmonitor: no process killed
killall: raspplay: no process killed
killall: wizard: no process killed
Initialize wlan0 interface
killall: syslogd: no process killed
killall: klogd: no process killed
SIOCGIFFLAGS: No such device
bridge br0 doesn't exist; can't delete it
Setup bridge...
device eth0 entered promiscuous mode
eth0
hy is 8201SIOCDELRT: No such process
device wlan0 entered promiscuous mode
SIOCDELRT: No such process
br0: port 2(wlan0) entering listening state
br0: port 1(eth0) entering listening state
SIOCDELRT: No such process
waiting for bridge initialization...
Usage:: not found
start raspmonitor
raspmonitor 1.09.00.04
raspplay start !Allocate play buffer 262144 bytes
!
----------------> ezmn_open : 1
Allocate play buffer 1048576 bytes
send notify pkt
send notify pkt
br0: port 2(wlan0) entering learning state
br0: port 1(eth0) entering learning state
br0: port 2(wlan0) entering forwarding state
br0: topology change detected, sending tcn bpdu
br0: port 1(eth0) entering forwarding state
br0: topology change detected
send notify pkt
send notify pkt
489
# Osborne in dhcpc.sh going to run udhcpc
Osborne in br0.sh deconfig
Osborne in br0.deconfig 1
SIOCDELRT: No such process
SIOCADDRT: Invalid argument
rm: cannot remove `/tmp/params': No such file or directory
rm: cannot remove `/tmp/static_flash_params': No such file or directory
killall: easyconf: no process killed
killall: tftpd: no process killed
Dante's tiny TFTP Server is ready on port 69
Osborne in br0.sh bound
lan_ipaddr is 192.168.0.101, now setting the NVRAM vars for br0 as a DHCP client
..
deleting routers
SIOCDELRT: No such process
Finished setting NVRAM vars for br0.
adding dns 71.250.0.12
adding dns 151.197.0.30
rm: cannot remove `/tmp/params': No such file or directory
rm: cannot remove `/tmp/static_flash_params': No such file or directory
Dante's tiny TFTP Server is ready on port 69
Osborne in dhcpc.sh running udhcpc GOOD
