Since none of the dd-wrt releases include ip6tables support, I added it myself. The standard kernel does support module loading, so you can simply add additional kernel features without reflashing the device. You do need some writable storage. I use the remaining 4MB of flash using JFFS, but using an external storage (USB, network, …) is also possible.
Since you can’t run a complete build environment on the router itself, you’ll have to set up a cross-compiling environment on your own machine. As I found out, this isn’t always very easy to do…
Since there are some requirements on the development host (64bit host, case-sensitive filesystem), I used a clean Ubuntu-64bit 10.04 install in a virtual machine.
Preparations
Start by getting the sources for the 2.6.24.111 kernel:
# svn checkout svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux-2.6.23 -r 14929 # head -n5 linux-2.6.23/Makefile VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 24 EXTRAVERSION = .111 NAME = Arr Matey! A Hairy Bilge Rat!
See, I told you it’s 2.6.24.111!
Next we’ll get the cross-compiling toolchain:
# cd /opt # wget http://www.dd-wrt.com/dd-wrtv2/downloads/others/sourcecode/toolchains/current-toolchains.tar.bz2 # tar jxvf current-toolchains.tar.bz2
Configuring the kernel
First some cleanup to do: I don’t need the madwifi drivers, so I remove their reference. The config.h file is a broken softlink, so I remove that as well. For some reason, jhash2.h is not included (presumably because jhash.h is included first). This causes JHASH_GOLDEN_RATIO not to be defined. There are probably nicer ways to solve this, but I just redefine the constant outside of the #ifndef‘s
# grep -v madwifi drivers/net/wireless/Kconfig > drivers/net/wireless/Kconfig.new
# mv drivers/net/wireless/Kconfig{.new,}
#
# rm include/linux/config.h
#
# echo "#define JHASH_GOLDEN_RATIO 0x9e3779b9" >> include/linux/jhash2.h
Next configure the options you want, starting from dd-wrt’s default:
# cp .config_std .config # make menuconfig # PATH=$PATH:/opt/toolchain-mipsel_gcc4.1.2/bin make modules
Stripping the modules
Now just cherry-pick the modules you want. If you really want to squeeze out every last byte, you can strip each individual module:
# /opt/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-strip --strip-unneeded ipv6.ko
Then copy these modules onto your router and insmod them, probably in a script.
bv says:
Did you see this error when trying to run the “make” command…
[root@F14VMCORE linux-2.6.23]# make menuconfig
Makefile:443: *** mixed implicit and normal rules. Stop.
[root@F14VMCORE linux-2.6.23]# PATH=$PATH:/opt/toolchain-mipsel_gcc4.1.2/bin make modules
2010-12-05, 3:51Makefile:1501: *** mixed implicit and normal rules. Stop.
Niobos says:
No, my build went without a glitch… Where did you get your sources?
2010-12-05, 18:49bv says:
I ran the same commands you did.
# svn checkout svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux-2.6.23 -r 14929
I’m running on Fedora 14 x86_64
All I really want is to compile a tun.ko module!
Thanks,
2010-12-05, 22:54Niobos says:
The error message you get seems to indicate that your version of Make is confused by some rule in the Makefile. So either the sources are different from mine, or your Make is different.
I use GNU Make 3.81, the standard Ubuntu 10.04 x86_64 version. My Makefile MD5s to d910fbbac759ac4892ccc5959f3e518d. Hopefully you can pinpoint your problem with this info.
2010-12-06, 10:41bv says:
Thanks for the reply. I finally got is working by doing what you did; installing a Ubuntu VM. But now I have a new problem, I compile the tun.ko fine but when I “try” to load it with insmod /mnt/tun.ko I get this error in dmesg …
root@Zation1:~# insmod /mnt/tun.ko
insmod: cannot insert ‘/mnt/tun.ko’: Success
#Dmesg output.
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky
tun: Can’t register misc device 200
Any ideas?
2010-12-07, 5:12Niobos says:
I have no experience with the TUN driver, but maybe it has dependencies on other modules? Does /dev/tun already exist? Is the module loaded, even after the confusing “cannot insert: success”?
2010-12-07, 14:03bv says:
I know! that “cannot insert: success” is confusing.
No, /dev/tun doesn’t exist, and the module doesn’t load.
I’ll start looking for deps.
Thanks,
BV
2010-12-09, 1:42Daniël van Eeden says:
I’ve compiled the modules for ipv6 netfilter but I can’t get ip6tables to work…
root@DD-WRT:~# uname -a
Linux DD-WRT 2.6.24.111 #2823 Sun Dec 19 18:13:40 CET 2010 mips unknown
root@DD-WRT:~# lsmod
Module Size Used by
nf_conntrack_ipv6 16384 0
ip6table_filter 4096 0
ip6t_rt 4096 0
ip6t_ipv6header 4096 0
ip6t_REJECT 4096 0
ip6t_LOG 8192 0
ip6_tables 12288 4 ip6table_filter,ip6t_rt,ip6t_ipv6header,ip6t_LOG
nf_nat_pptp 4096 0
nf_conntrack_pptp 4096 1 nf_nat_pptp
nf_nat_proto_gre 4096 1 nf_nat_pptp
nf_conntrack_proto_gre 4096 1 nf_conntrack_pptp
etherip 8192 0
sit 12288 0
ipv6 266240 21 nf_conntrack_ipv6,ip6t_REJECT,sit
jffs2 86016 1
switch_robo 8192 0
switch_core 8192 1 switch_robo
bcm57xx 110592 0
root@DD-WRT:~# ip6tables -A INPUT -i lo -j ACCEPT
ip6tables v1.4.0: Couldn’t load target `standard’:File not found
Try `ip6tables -h’ or ‘ip6tables –help’ for more information.
2010-12-29, 15:25Niobos says:
Daniël, did you copy the libxt_standard.so file as I described in my IPv6 post?
2010-12-30, 21:48harry says:
Hi
I want to edit the dd-wrt firmware to have ipv6 capabilities. I am new to linux. Can you help me where to start and road map to do this.
I found your blog very useful for me.
Also is there no way to compile the dd-wrt on 32 bit machine?
I know how lo load the firmware into router but arises here that whether i need to compile the dd-wrt as mentioned in link (http://blog.dest-unreach.be/2010/12/01/compiling-custom-dd-wrt-kernel-modules) and then move the module to router through some protocol ?
any help will be appreciated
2011-07-25, 10:18Niobos says:
Hi Harry,
If you are new to linux, are you sure that the first thing you want to do is fiddle with kernel modules on an embedded platform? It’s like being new to cars and wanting to tune a race-car engine…
dd-wrt can no doubt be compiled on a 32bit machine. However, the toolchain provided by the dd-wrt devs only works on 64bit, so you’ll need to set up your own cross-compile toolchain to do that.
As for moving the modules, you can use whatever protocol you like: SCP, FTP, HTTP; I usually use SCP, since it’s the easiest in my workflow.
Niobos
2011-07-25, 10:38BobLfoot says:
MY LOG of FAILURE — Submitted to ridicule and review — after all I barely understand what I am doing.
Compiling dd-wrt ipv6 modules for V24sp2 build 14929
1. Working through – http://www.dd-wrt.com/wiki/index.php/IPv6#Prerequisites bring you to a howto for building ipv6 modules.
2012-01-03, 6:042. Used Website http://blog.dest-unreach.be/2010/12/01/compiling-custom-dd-wrt-kernel-modules proports to have instructions which worked at the time with Ubuntu 10.
working as root
3. Used Development Platform was Centos 6.2.x86_64 current updated 2012-01-02 and with make 3.81 same as the recorded ubuntu 10.
A. Basic 200 package text mode install
B. Group Install Development Tools
C. Add ncurses package
D. Add mlocate package
E. Add tree package
4. # mkdir /dev-env
5. # cd /dev-env
6. # svn checkout svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux-2.6.23 -r 14929
7. # head -n5 linux-2.6.23/Makefile
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 24
EXTRAVERSION = .111
NAME = Arr Matey! A Hairy Bilge Rat!
8. # cd /opt
9. # wget http://www.dd-wrt.com/dd-wrtv2/downloads/others/sourcecode/toolchains/current-toolchains.tar.bz2 ##NOTE## file is 986MB so will take some download time
10. # tar jxvf current-toolchains.tar.bz2
11. # cd /dev-env/linux-2.6.23/
12. # # grep -v madwifi drivers/net/wireless/Kconfig > drivers/net/wireless/Kconfig.new
13. # mv drivers/net/wireless/Kconfig{.new,}
14. # rm include/linux/config.h
15. # echo “#define JHASH_GOLDEN_RATIO 0x9e3779b9” >> include/linux/jhash2.h
16. # cp .config_std .config
17. # make menuconfig ##NOTE## I took the defaults on my first pass attempt
18. # PATH=$PATH:/opt/toolchain-mipsel_gcc4.1.2/bin make modules
19. # updatedb
20. # locate .ko — ##NOTE## the only 2.6.23 ko that I could find was ipv6.ko none of the other mentioned ko’s existed on my system
21. # PATH=$PATH:/opt/toolchain-mipsel_gcc4.1.2/bin make all ##NOTE## tried this hoping for different results
22. still no luck — this is crashed – guess I’ll have to trust lazytom for now.
Niobos says:
BobLfoot,
Some ideas that might help you further
2012-01-03, 10:23* Instead of steps 19-20 (updatedb & locate), use the
findcommand:find . -name '*.ko'* What does the output of the
make modulescommand give? Does it says it’s compiling the right modules?* What module are you exactly looking for? Is that particular module enabled in the config?
BobLfoot says:
I am trying to build modules ip6_tables.ko, ip6table_filter.ko and nf_conntrack_ipv6.ko. for use on my linksys-wrt300v1.1 running build 14929 of dd-wrt.
As far as I can tell every networking module is enabled that can be enabled.
make modules says a bunch of stuff and generates no errors.
2012-01-03, 20:56BobLfoot says:
big light bulb went off — I am compiling 2.4.37 stuff now and it worked. Turns out I didn’t need the 2.6 stuff.
2012-01-04, 3:38Harish says:
I did as same, what you told but at the time of make module it give this error and stop.
make module
/bin/sh: /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: not found
/bin/sh: /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: not found
make: /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: Command not found
make: *** No rule to make target `module’. Stop.
PATH is already set. I am using Ubuntu 64 bit 11.10.
Is there any help
Thanks
2012-02-03, 13:38Harish says:
I got the solution. Thanks again….
2012-02-03, 14:37tony says:
I have default firmware in my wifi station. i want to change this to dd-wrt. But i am new bie to dd wrt. Please guide me.
What i have to do?
Is this need to follow all above step and done.?
2012-02-03, 16:14Niobos says:
tony,
You’d better look at my previous post. This one is to modify the dd-wrt kernel.
Niobos
2012-02-04, 9:17tony says:
Thanks niobos.
sorry for again asking …
How to make .bin file. In your blog its showing for default created .bin file.
Can i make from your above process…
Thanks again
2012-02-04, 10:02Niobos says:
tony,
No, the above post is for making custom kernel modules, not for making custom firmware images. Since you indicated you are a newbie to dd-wrt, I would recommend to start with pre-built firmwares.
Niobos
2012-02-06, 9:44goctala says:
Hi Niobos,
I tried using your method in order to make a tun.o module. However in the step when I try to make the modules with:
PATH=$PATH:/opt/toolchain-mipsel_gcc4.1.2/bin make modules
I get the following errors:
root@goctala:/home/user/Desktop/dd-wrt_m# PATH=$PATH:/opt/toolchain-mipsel_gcc4.1.2/bin make modules
make -C arch/mips/tools CFLAGS=”-D__KERNEL__ -I/home/user/Desktop/dd-wrt_m/include -Wall -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fno-builtin-strpbrk -fno-builtin-sprintf -DBCMDRIVER -DBCMVISTAROUTER -DBCM5354 -DBCMWPA2 -fomit-frame-pointer -I /home/user/Desktop/dd-wrt_m/include/asm/gcc -G 0 -mno-abicalls -fno-pic -pipe -DBCMGPIO2 -O2 -mtune=r4600 -mips2 -Wa,–trap -DMODULE -mlong-calls -fno-common” MAKING_MODULES=1 modules
make[1]: Entering directory `/home/user/Desktop/dd-wrt_m/arch/mips/tools’
make[1]: Nothing to be done for `modules’.
make[1]: Leaving directory `/home/user/Desktop/dd-wrt_m/arch/mips/tools’
make -C kernel CFLAGS=”-D__KERNEL__ -I/home/user/Desktop/dd-wrt_m/include -Wall -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fno-builtin-strpbrk -fno-builtin-sprintf -DBCMDRIVER -DBCMVISTAROUTER -DBCM5354 -DBCMWPA2 -fomit-frame-pointer -I /home/user/Desktop/dd-wrt_m/include/asm/gcc -G 0 -mno-abicalls -fno-pic -pipe -DBCMGPIO2 -O2 -mtune=r4600 -mips2 -Wa,–trap -DMODULE -mlong-calls -fno-common” MAKING_MODULES=1 modules
make[1]: Entering directory `/home/user/Desktop/dd-wrt_m/kernel’
make[1]: Nothing to be done for `modules’.
make[1]: Leaving directory `/home/user/Desktop/dd-wrt_m/kernel’
make -C drivers CFLAGS=”-D__KERNEL__ -I/home/user/Desktop/dd-wrt_m/include -Wall -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fno-builtin-strpbrk -fno-builtin-sprintf -DBCMDRIVER -DBCMVISTAROUTER -DBCM5354 -DBCMWPA2 -fomit-frame-pointer -I /home/user/Desktop/dd-wrt_m/include/asm/gcc -G 0 -mno-abicalls -fno-pic -pipe -DBCMGPIO2 -O2 -mtune=r4600 -mips2 -Wa,–trap -DMODULE -mlong-calls -fno-common” MAKING_MODULES=1 modules
make[1]: Entering directory `/home/user/Desktop/dd-wrt_m/drivers’
make -C block modules
make[2]: Entering directory `/home/user/Desktop/dd-wrt_m/drivers/block’
make[2]: Nothing to be done for `modules’.
make[2]: Leaving directory `/home/user/Desktop/dd-wrt_m/drivers/block’
make -C cdrom modules
make[2]: Entering directory `/home/user/Desktop/dd-wrt_m/drivers/cdrom’
/opt/3.3.6/bin/mipsel-linux-uclibc-gcc -D__KERNEL__ -I/home/user/Desktop/dd-wrt_m/include -Wall -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fno-builtin-strpbrk -fno-builtin-sprintf -DBCMDRIVER -DBCMVISTAROUTER -DBCM5354 -DBCMWPA2 -fomit-frame-pointer -I /home/user/Desktop/dd-wrt_m/include/asm/gcc -G 0 -mno-abicalls -fno-pic -pipe -DBCMGPIO2 -O2 -mtune=r4600 -mips2 -Wa,–trap -DMODULE -mlong-calls -fno-common -nostdinc -iwithprefix include -DKBUILD_BASENAME=cdrom -DEXPORT_SYMTAB -c cdrom.c
make[2]: /opt/3.3.6/bin/mipsel-linux-uclibc-gcc: Command not found
make[2]: *** [cdrom.o] Error 127
make[2]: Leaving directory `/home/user/Desktop/dd-wrt_m/drivers/cdrom’
make[1]: *** [_modsubdir_cdrom] Error 2
make[1]: Leaving directory `/home/user/Desktop/dd-wrt_m/drivers’
make: *** [_mod_drivers] Error 2
/goctala
2012-02-06, 13:59Harish says:
hi goctala,
make[2]: /opt/3.3.6/bin/mipsel-linux-uclibc-gcc: Command not found
make[2]: *** [cdrom.o] Error 127
make[2]: Leaving directory `/home/user/Desktop/dd-wrt_m/drivers/cdrom’
make[1]: *** [_modsubdir_cdrom] Error 2
make[1]: Leaving directory `/home/user/Desktop/dd-wrt_m/drivers’
make: *** [_mod_drivers] Error 2
you need to set path in make file. Its hard coded there. Search and change it.
2012-02-06, 14:12goctala says:
Thank you Harish, After I fixed the path I have another error:
cifs_debug.c: In function ‘cifsFYI_write’:
2012-02-06, 22:15cifs_debug.c:430: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:430: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:430: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:430: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘oplockEnabled_write’:
cifs_debug.c:469: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:469: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:469: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:469: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘quotaEnabled_write’:
cifs_debug.c:509: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:509: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:509: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:509: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘linuxExtensionsEnabled_write’:
cifs_debug.c:549: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:549: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:549: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:549: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘lookupFlag_write’:
cifs_debug.c:589: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:589: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:589: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:589: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘traceSMB_write’:
cifs_debug.c:627: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:627: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:627: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:627: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘multiuser_mount_write’:
cifs_debug.c:666: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:666: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:666: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:666: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘extended_security_write’:
cifs_debug.c:705: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:705: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:705: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:705: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘ntlmv2_enabled_write’:
cifs_debug.c:744: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:744: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:744: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:744: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c: In function ‘packet_signing_enabled_write’:
cifs_debug.c:783: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:783: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:783: error: read-only variable ‘__gu_val’ used as ‘asm’ output
cifs_debug.c:783: error: read-only variable ‘__gu_val’ used as ‘asm’ output
make[2]: *** [cifs_debug.o] Error 1
make[2]: Leaving directory `/home/user/Desktop/dd-wrt_m/fs/cifs’
make[1]: *** [_modsubdir_cifs] Error 2
make[1]: Leaving directory `/home/user/Desktop/dd-wrt_m/fs’
make: *** [_mod_fs] Error 2
Niobos says:
what version of gcc are you using? It seems like you’re running a “too recent” version.
2012-02-14, 15:54rick says:
hi~ Niobos.
2012-10-28, 5:05thanks for your support to all newbies include me. haha~
I got the following errors after run make. have you any idea about that? waiting for you reply.
——————————————————————————————————-
/home/xxx/tools/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: 1: Syntax error: “(” unexpected
/home/xxx/tools/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: 1: Syntax error: “(” unexpected
/home/xxx/tools/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: 1: Syntax error: “(” unexpected
CHK include/linux/version.h
CHK include/linux/utsrelease.h
CC arch/mips/kernel/asm-offsets.s
/home/xxx/tools/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc: 1: Syntax error: “(” unexpected
make[1]: *** [arch/mips/kernel/asm-offsets.s] Error 2
make: *** [prepare0] Error 2
——————————————————————————————————-
Niobos says:
Hi rick,
2012-10-28, 9:34what system are you running this on? Is it a clean ubuntu install? What version?
rick says:
Hi Niobos, Thank’s for your response.
I just solution that problem yesterday and now i will share that.
my system is Ubuntu.10 32 bit and that’s the key point which cause that problem.
some body in ddwrt forum said that toolchains must be running under 64 bit system. so I installed a Ubuntu 10 64 bit, and install all software:
sudo apt-get install bison flex build-essential patch libncurses5-dev
then set PATH
….
everything works perfect now~
2012-10-30, 4:14hope some one who have this problem can get this information from your website.
Stan says:
Hi guys,
I have compiled the kernel and modules without a problem but when I try to insert the modules to the dd wrt I am getting the below error:
Jul 31 16:03:48 DD-WRT kern.warn kernel: ip_gre: Unknown symbol __secpath_destroy
Jul 31 15:45:59 DD-WRT kern.warn kernel: xfrm4_mode_transport: Unknown symbol xfrm_unregister_mode
Any ideas?
2013-08-01, 1:10Thanks in advance!
Niobos says:
Hi Stan,
How do you try to insert the module? Using `insmod`, or using `modprobe`? If using `insmod`, you need to take care yourself that all dependencies are loaded.
However, I see that an xfrm-symbol is not found. What modules are you trying to build? According to this forum post, the kernel is NOT build with CONFIG_XFRM, and that can’t be added as a module.
Niobos
2013-08-01, 15:32Stan says:
Hi Niobos,
thanks very much for your response! I am trying to load the IPSEC and GRE modules. I would like to run the openswan or the strongswan with gre (gre over ipsec) which requires these modules. I am trying to load it with insmod. I have built the kernel with all of the required modules for ipsec and gre and I have copied the “xfrm.ko” and ip_gre.ko modules to my opt dir (usb) but they do not load. Apparently I am missing something..
If you have any ideas I will appreciate it.
Thanks in advance!
2013-08-01, 19:59Niobos says:
Stan,
I’ve also tried to get IPsec in dd-wrt, but the problem is that the kernel itself is missing support for XFRM. Even when xfrm.ko is a module, there are still some things in the kernel itself that change, so you can’t add xfrm.so afterwards. The forum-link that I posted in my previous comment is precisely about this issue.
If you really want IPsec support, you need to recompile the whole kernel, build a new image with that kernel, and re-flash the device.
Why do you need IPsec? Is OpenVPN an alternative?
Niobos
2013-08-01, 20:36Stan says:
Thanks Niobos, you`ve answered my question. I read the post for ipsec support above. It seems that they will eventually implement it and it will be a paid service.
I will use the openvpn for now.
Thanks again!
2013-08-02, 1:26