1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tomato and default wireless off

Discussion in 'Tomato Firmware' started by schroeder, Apr 4, 2008.

  1. schroeder

    schroeder LI Guru Member

    Hi,

    Thanks for taking the time to read my question.

    I'm wondering how I make tomato reboot into wireless off mode while maintaining the ability for me to simply switch the wireless on with a push of the magic "cisco" button on my WRT54GL. Setting the button to toggle wireless off and on is easy (and, I might add, darn cool!) but, of course, every time I reboot the router, WLAN comes back on by default. I'd like it to be off by default, but still readily toggle-able.

    If you have any input into this, I'd be appreciative! Thanks for your help!

    Christian
     
  2. LLigetfa

    LLigetfa LI Guru Member

    Would a script do or does it have to persist through a hard reset to factory defaults? I have suggested before that a hard reset should leave wireless disabled since the reset disables the wireless security but so far it has fallen on deaf ears.
     
  3. nvtweak

    nvtweak LI Guru Member

    Most of the SOHO wireless routers I've purchased have had wireless enabled and open by default. While insecure, it does seem to be standard practice. It's probably why many firmware developers are not disabling it.
     
  4. TexasFlood

    TexasFlood Network Guru Member

    Seems the reset button has be able to get you back to a known good state so you can recover when things get hosed up. Whether this state is open or with a known encrypted configuration, you're vulnerable either way. Probably need a custom build just for you to get around that. If you're close enough to press a reset button, you're close enough to plug in a wire and bypass security in either case. You could rig up some physical barriers that would make it more difficult to mess with the device and show signs of tampering, by rigging up something to cover at least the reset button if not the screws and Ethernet ports. For my needs, it's OK as it is but I can imagine situations where it wouldn't be.
     
  5. LLigetfa

    LLigetfa LI Guru Member

    I understand both arguements. The first one Bill Gates used in justifying defaulting to most features rather than most secure. It took a lot of pressure over a long period of time to change. I hear some routers now ship with WPA by default with the key printed on the box.

    The second arguement I've heard from Cisco and their reset password recovery. In the case of an AP, plugging in a wire means you have to be there but if some moron removes wireless security, the guy in the parking lot can get access.

    IMHO a hard reset should default the radio off. Also, it should just open a short window of opportunity to logon without password and not clear the password permanently allowing anyone to logon from anywhere.
     
  6. nvtweak

    nvtweak LI Guru Member

    UPNP should be disabled by default as well.
     
  7. TexasFlood

    TexasFlood Network Guru Member

    Well, now that I think about it, I guess radio off is a known state, and yes I have to agree that would be the secure configuration. If I were a vendor, I might think that the security exposure is small and not worth the potential for increased support calls from novice users. Heck some vendors don't even give you an Ethernet cable and more might be headed that way and not everyone has Ethernet cables laying all over the place like I do. Call me cynical, but I think that something like a scandal, threat of lawsuit, bad press lowering market share is much more likely to sway a vendor to do the right thing than general principle. Maybe Micro$soft has influenced my opinions too much, :-D
     
  8. LLigetfa

    LLigetfa LI Guru Member

    As I said before, I uderstand both sides of the arguement and can see why the manufacturer would default it to on. The clientelle that chooses Tomato however is more sophisticated and should be able to cope with default off behavior. It's not like they will be overwhelming the 1-800-CALL-JON phone lines.

    Anyway... nuff said. The OP has a request that could be satisfied by turning off the radio with the WL command in a script just like can be done by pushing the button. Lots of good examples over at the DD-WRT Wiki.
    http://www.dd-wrt.com/wiki/index.php/Index:Scripting
     
  9. TexasFlood

    TexasFlood Network Guru Member

    It's hard to contain my cynical side at times but you convinced me...
     
  10. LLigetfa

    LLigetfa LI Guru Member

  11. cage_

    cage_ Guest

    I use the following to remember my wireless state on reboot when using the SESS button. I'm pretty sure I found it off here awhile ago. Hope this solves your problem.

    Administration->Buttons/LED->Custom Script:
    Code:
    wlstate=$(nvram get wl_radio)
    
    if [ $wlstate = "0" ] ; then
       nvram set wl_radio=1
       wl radio on
       led white on
       onstate=$(nvram get wl_radio)
       logger wireless is now ON and wl_radio is $onstate
       nvram commit
       kill -HUP 1
       elif [ $wlstate = "1" ] ; then
            nvram set wl_radio=0
            wl radio off
            led white off
            offstate=$(nvram get wl_radio)
            logger wireless is now OFF and wl_radio is $offstate
            nvram commit
            kill -HUP 1
    fi
    
    Administration->Scripts->Init:
    Code:
    sleep 10
    
    # set sess light on reboot to show if wireless is on or off
    wlstate=$(nvram get wl_radio)
    
    if [ $wlstate = "0" ] ; then
       led white off
       elif [ $wlstate = "1" ] ; then
            led white on
    fi
    
    If you just want it to be off after a reboot, just stick "wl radio off" in your init and that will solve your problem
     
  12. schroeder

    schroeder LI Guru Member

    Phew! Seems I've opened up a little can of worms!

    Thanks for all your replies; they're insightful. I will study what you've posted. I really like the auto-to-off after inactivity script! Cool!

    Thanks again!

    Christian
     

Share This Page