OpenWrt Shell Script

Hi,

I'm currently using an OpenWrt LoRaWAN gateway, and I've set up VPN access to connect to it via SSH or the web UI. However, I'm encountering an issue where the gateway occasionally loses its Wi-Fi connection, and the only way I've been able to restore connectivity is by rebooting it using the terminal or the physical reboot button.

I'm looking for a simple and effective solution to reset the network interface or perform a similar task to regain connectivity without having to reboot the entire gateway. I'd like to create a shell script for this purpose.

Has anyone faced a similar situation, and do you have any smart solutions or sample scripts that could help me achieve this?
Thanks !

you can post a diagram of your network

example

and ....

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
1 Like
root@RAK7268CV2:~# ubus call system board
{
	"kernel": "3.18.45",
	"hostname": "RAK7268CV2",
	"system": "MediaTek MT7628AN ver:1 eco:2",
	"model": "Mediatek MT7628AN RAK636 board",
	"release": {
		"version": "2.1.7_RAK",
		"revision": "b106",
		"target": "ramips"
	}
}

root@RAK7268CV2:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr 'xxxxx'
	option netmask '255.0.0.0'

config interface 'lan'
	option ifname 'eth0.1'
	option force_link '1'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.xxx.xxx'
	option netmask '255.255.255.0'
	option ip6assign '60'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'
	option metric '30'

config interface 'wwan'
	option ifname 'wwan0'
	option proto 'dhcp'
	option metric '20'

config interface 'wan0'
	option proto 'dhcp'
	option ifname 'apcli0'
	option peerdns '1'
	option metric '10'

config interface 'alias'
	option ifname 'eth0.2'
	option proto 'static'
	option ipaddr '169.xxx.xxx.xxx'
	option netmask '255.255.0.0'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0 6t'

config interface 'wan06'
	option proto 'dhcpv6'
	option ifname 'apcli0'
	option metric '200'

config interface 'wan6'
	option proto 'dhcpv6'
	option ifname 'eth0.2'
	option metric '100'

config interface 'wwan6'
	option proto 'dhcpv6'
	option ifname 'wwan0'
	option metric '300'

config globals 'globals'
	option ula_prefix 'fdca:742d:7839::/48'

config wireguard_vpn 'wgserver'
	option endpoint_host '127.143.xxx.xxx'
	option endpoint_port '22'
	option public_key 'xxx'  # Redacted
	option route_all_traffic '1'
	list allowed_ips 'xxxxxx'
	list allowed_ips 'xxxxxxx'
	option persistent_keepalive '60'
	option route_allowed_ips '1'
	option preshared_key 'xxx'  # Redacted

config interface 'vpn'
	option private_key 'xxx'  # Redacted
	option public_key 'xxx'  # Redacted
	list addresses '192.168.xxx.xxx/22'  # Redacted
	option proto 'wireguard'
	list dns '1.1.1.1'
	list dns '1.0.0.1'
	option disabled '0'

root@RAK7268CV2:~# cat /etc/config/wireless

config wifi-device 'radio0'
	option type 'ralink'
	option variant 'mt7628'
	option country 'TW'
	option hwmode '11g'
	option htmode 'HT20'
	option channel 'auto'
	option disabled '0'
	option linkit_mode 'apsta'

config wifi-iface 'ap'
	option device 'radio0'
	option mode 'ap'
	option network 'lan'
	option ifname 'ra0'
	option ssid 'RAK7268CV2_E4EF'
	option encryption 'none'

config wifi-iface 'sta'
	option device 'radio0'
	option mode 'sta'
	option network 'wan0'
	option ifname 'apcli0'
	option led 'mediatek:orange:wifi'
	option encryption 'psk2'
	option ssid 'Technoperia'
	option key 'xxx'  # Redacted

root@RAK7268CV2:~# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'

root@RAK7268CV2:~# cat /etc/config/firewall

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone 'lan'
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone 'wan'
	option name 'wan'
	list network 'wan'
	list network 'wan0'
	list network 'wwan'
	list network 'alias'
	list network 'wan06'
	list network 'wan6'
	list network 'wwan6'
	list network 'wan06'
	list network 'wan6'
	list network 'wwan6'
	list network 'vpn'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list device 'tun+'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-http'
	option src 'wan'
	option proto 'tcp'
	option dest_port '80'
	option target 'ACCEPT'

config rule
	option name 'Allow-https'
	option src 'wan'
	option proto 'tcp'
	option dest_port '443'
	option target 'ACCEPT'

config rule
	option name 'Allow-mqtt'
	option src 'wan'
	option proto 'tcp'
	option dest_port '1883'
	option target 'ACCEPT'

config rule
	option name 'Allow-ssh'
	option src 'wan'
	option proto 'tcp'
	option dest_port '22'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

config rule
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option family 'ipv6'
	option limit '1000/sec'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option family 'ipv6'
	option limit '1000/sec'
	option target 'ACCEPT'

root@RAK7268CV2:~#

I hope this details configuration will be useful !

Therefore:

RAK7268CV2

it connects via wifi to another router

if so you have to find the disconnection problem on the other router, not on this one....

/etc/init.d/network reload
wifi help
Usage: /sbin/wifi [config|up|down|reconf|reload|status|isup]
enables (default), disables or configures devices not yet configured.

wifi reload
1 Like

Okay I understood, but when the other Outdoor gateway the same os will be in sim card LTE operating mode in the filed(production).Does the OS will face the same problem with sim?

question if I have a smartphone connected to a wifi router and suddenly it loses connection (unless I have gone out of its range) is the problem on the smartphone or on the wifi router?
:smiley:

:sweat_smile: Nice one, thanks for the information

A piece of advice, connect them together via ethernet and live more peacefully

if no ethernet port ....

1 Like

Yeah I was thinking about that, but there is a bit problem beacuse there would be not even electricity for power, can you imagine about ethernet options.


Something like this....

ok

wifi only

distance between the two devices type of wifi connection ....

you need to understand why the connection loses, not how to mitigate the problem....

1 Like

Yes now its clear, but the way i was thinking the script would be adaptable for all the network interface....
We are going with the IoT sim card operation mode and also free vpn integration is being part of the service.
So now I will just manage to restart the interface to get back the connection, if something unexpected happens !

if the two devices are very distant and you have money to spend...

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.