mirror of https://github.com/dirtbags/moth.git
44 lines
1.6 KiB
Plaintext
44 lines
1.6 KiB
Plaintext
Using an OpenWRT router
|
|
=======================
|
|
|
|
You can use an off-the-shelf, OpenWRT capable wireless router,
|
|
configuring only through the web interface. The OpenWRT setup is
|
|
intended for smaller contests, wired or non-wired, in which
|
|
participants can be counted on not to launch link level attacks (ARP
|
|
or NDP). Bear in mind that the cheap consumer routers have relatively
|
|
slow CPUs and won't stand up to high volume.
|
|
|
|
The CTF repository includes a "router" package, which will boot a DBTL
|
|
device as a IPv6 router complete with multicast forwarding and up to
|
|
24 tagged VLANs (by using a managed switch). This is a better option
|
|
for larger contests, and can better handle high-speed (Gigabit)
|
|
traffic.
|
|
|
|
Instructions for setting up OpenWRT
|
|
-----------------------------------
|
|
|
|
After installing OpenWRT:
|
|
|
|
* Change the root password
|
|
* Install the following packages:
|
|
ip6tables
|
|
kmod-ip6tables
|
|
kmod-ipv6
|
|
libip6tc
|
|
luci-app-radvd
|
|
radvd
|
|
* Configure the LAN interface as 10.0.0.1/16 and
|
|
fd84:b410:3441::1/64
|
|
* Tell DHCP to begin at 257 after the base IP: this will assure
|
|
all DHCP addresses are after 10.0.1.0
|
|
* Disable router solicitations on LAN
|
|
* Enable WPA2, with the password "correct horse battery staple"
|
|
* Turn on router advertisements (under radvd) on LAN
|
|
* Enable prefix fd84:b410:3441::1/64 under radvd
|
|
|
|
This should be sufficient to bring up the router for running the
|
|
contest. If you want to get fancy, you can scp the files in
|
|
www in this directory, into /www on the router. This will give
|
|
users some guidance if they accidentally browse to the router IP,
|
|
and also disables the default redirection to luci.
|