General NAS-Central Forums

Welcome to the NAS community
It is currently Tue Nov 21, 2017 4:09 am

All times are UTC




Post new topic Reply to topic  [ 17 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: Toolchain and 'optware'
PostPosted: Tue Mar 31, 2015 7:31 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
Update 2015-12-05: This software is only intended for firmware 5.0x. The newer 5.10 and up firmware is not compatible.


ZyXEL provided me a toolchain for the '540, and I managed to build a native toolchain with it. To test the toolchain, I compiled a few packages, and a package manager, opkg.

To install it, login on your NAS540 over ssh or telnet as root, and execute
Code:
wget http://downloads.zyxel.nas-central.org/Users/Mijzelf/NAS-540/optware/optware_installer.sh
sh optware_installer.sh install
Now logoff, and login again.
To get the toolchain now execute
Code:
opkg update
opkg install toolchain
(And don't forget to have a look in 'opkg list' to see other goodies)

For most packages the toolchain worked fine, but the firmware libraries are installed in /usr/lib, while the corresponding headers are in /opt/include. Some packages had problems with that. For instance, to configure the kernel, I had to run
Code:
LIBRARY_PATH=/usr/lib make menuconfig
('make menuconfig' wants to link libncurses, which it couldn't find), and for Midnight commander I had also to specify some libs:
Code:
./configure --prefix=/opt \
GLIB_CFLAGS=-I/opt/include GLIB_LIBS="-L/usr/lib -lglib-2.0" \
LIBSSH_CFLAGS=-I/opt/include LIBSSH_LIBS="-L/opt/lib -lssh2" \
--with-screen=ncurses \
--without-x \
--enable-vfs-sftp \
--enable-vfs-sfs \
--enable-vfs-smb
while for instance htop and nano (which also uses ncurses) compiled right away. Weird.

I didn't intensively test all packages, but so far I didn't find any problems.

Have fun!

Note:
  • To get the man pages working you have to install groff.
  • There is no uninstaller. If you want to uninstall, just delete /i-data/sysvol/optware.
  • As usual I'm not responsible when you NAS explodes.


Top
 Profile  
 
PostPosted: Wed Apr 08, 2015 9:03 pm 
Offline

Joined: Wed Oct 23, 2013 6:23 pm
Posts: 115
Location: The Netherlands
Can you also try to build OpenPKG? It will probably fail as it did on the NSA325v2.


Top
 Profile  
 
PostPosted: Thu Apr 09, 2015 4:39 pm 
Offline

Joined: Sat Jun 08, 2013 9:02 am
Posts: 116
Nice job :) . But unfortunately it broke my SSHD config. I have to modify my startup script to copy the files to /opt/home/root/.ssh/ ...

_________________
Zyxel NSA325 [4.71(AAAJ.0) + FFP, retired]
Zyxel NAS540 [V5.20(AATB.0)]


Top
 Profile  
 
PostPosted: Sat Apr 11, 2015 2:22 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
@jagdtigger: You don't need that script anymore. /opt/home/root is persistent.

@ariek: Yes, it compiled. (Well, it needed 2 hacks, I had to mount something on /tmp, as the installer script didn't want to run with the 'default /tmp', and I had to put liblzo2.so in /usr/lib, as for some reason it couldn't link to /opt/lib/liblzo2.so. The runtime seems to use /opt/lib/libzlo2.so, however).

I uploaded the generated installer here. There is still some work to do. To install it, execute
Code:
opkg install shadow_4.2.1-1_armv7l.opk
mkdir -p /etc/rc2.d
sh openpkg-4.8.6-20150302.armv7l-linux3.2-openpkg.sh --prefix=/opt/openpkg
ln -s /opt/openpkg /openpkg
Now there is a startscript in /etc/init.d. Copy that to /opt/etc/init.d. Some lines are added to /etc/passwd and /etc/shadow. You have to preserve them and re-add them after a reboot. The /openpkg symlink also has to be added after a reboot.
I didn't test the functionality any further.

A quick look with ldd in the /openpkg/lib/bin dir shows there are some dependencies on /opt files, so maybe you have to install some packages.

Maybe you'd better uninstall shadow after installing openpkg. It behaves badly on the NAS. I only added it because the openpkg installed needs it.


Top
 Profile  
 
PostPosted: Wed Apr 15, 2015 5:52 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
Howto use the NAS540 as OpenVPN gateway.

Because it's not possible to install NAT tables on the box, I'll use ethernet bridging. I used this tutorial.

Install optware. Then execute
Code:
opkg update
opkg install openvpn bridge-utils
Now you have all needed software. You have to create keys:
Code:
cd /opt/share/openvpn/easy-rsa
# set environment:
. vars
# reset:
./clean-all
# Build your own root certificate authority (CA) certificate/key:
./build-ca
# Build Diffie-Hellman parameters (necessary for the server end of a SSL/TLS connection):
./build-dh
# Build the keys:
# Choose a name for  your certificate such as your computer name.  In my example I will use "NAS540".
./build-key-server NAS540
# You can ignore most of the fields, but set "Common Name" to something unique such as your computer's host name.
# In most cases it's not recommended to set a password.
The serverside keys are ready. Copy NAS540.crt, NAS540.key, dh2048.pem and ca.crt from ./keys to /opt/etc/openvpn/.

You need a server configuration:
Code:
port 1194
proto udp
dev tap
ca /opt/etc/openvpn/ca.crt
cert /opt/etc/openvpn/NAS540.crt
key /opt/etc/openvpn/NAS540.key  # This file should be kept secret
dh /opt/etc/openvpn/dh2048.pem
server-bridge 192.168.1.4 255.255.255.0 192.168.1.5 192.168.1.15
keepalive 10 120
comp-lzo adaptive
persist-key
persist-tun
verb 3
Save this as NAS540.ovpn in /opt/etc/openvpn/. (If you need an editor, you can install nano and/or mc). The fields after 'server-bridge' are the IP of the local VPN interface, the netmask, and the address pool for the clients. This addresses need to be in your local network, and outside the DHCP pool.
You can also omit these values, in that case the client has to request an IP address for it's local VPN interface. On a linux box that is something like 'dhclient tap0'. On a Windows box, I don't know. Maybe you can simply manage the interface after building the tunnel.

Now you can run
Code:
sh /opt/etc/init.d/90_OpenVpn start
Using ifconfig and brctl you can see that a bridge (brOpenVpn) is made from your network adapter (egiga0, egiga1 or bond0) and tap0, the virtual interface. (When running 'sh /opt/etc/init.d/90_OpenVpn stop' the tap device is destroyed, but the bridge persists.)
You can find logs in /var/log/openvpn/NAS540.log

Now the client side. Go back to /opt/share/openvpn/easy-rsa, and execute
Code:
. vars
./build-key Client1
Copy ca.crt, Client1.crt and Client1.key to your client device. Create a file Client1.ovpn:
Code:
client
dev tap
proto udp
remote <ip-of-NAS> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /path/to/ca.crt
cert /path/to/Client1.crt
key /path/to/Client1.key
remote-cert-tls server
comp-lzo no
verb 3
<ip-of-NAS> is the IP address of the NAS. If you are outside your network, it's your public IP (or (dyndns) domain), and you'll need to forward port 1194 UDP to your NAS. On a Windows box /path/to/ is something like C:\Users\User\Openvpn\

Now you can start the client side with 'openvpn Client1.ovpn'. Do the DHCP request, if needed, and you should have an extra network interface with an IP in your home network. If your client is in your home network, you won't be able to access anything, until you close the tunnel.

For documentation on the .ovpn files I refer you to the samples in /opt/share/openvpn/sample-config-files.

You have to start the server manually. Of course that can easily be automated (chmod a+x /opt/etc/init.d/90_OpenVpn), but I discourage you to do that too soon. First start it a few times manually (after reboot), to see if the bridge is correctly build. You can easily lock yourself out when the bridge is build wrong. If you didn't bond your network interfaces, you can get in by simply putting the network cable in the other NIC. Else you have to reboot and hope the bridge will be build right, this time.
It has not failed on me, yet, but of course I have only one setup.


Top
 Profile  
 
PostPosted: Sun Apr 19, 2015 12:02 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
How to edit configuration files in the read-only /usr directory.

There are several ways to achieve this.
1) The most straight-forward way is to remove the read-only flag of the /usr directory, by creating a file /firmware/mnt/sysdisk/mount.sda1.rw.flag. But for some reason that no longer works on the '540, like it did on older boxes.
2) You can create the file outside the /usr directory, and bindmount it on the current file, e.g.
Code:
mount --bind /path/to/my/twonkyserver.ini /usr/local/dmsf/conf/twonkyserver.ini
3) You can create a unionfs:
Code:
opkg update
opkg install unionfs-fuse

sh /opt/etc/init.d/90_WritableUsr start
Now the 'old' /usr and the directory /opt/var/overlay/<firmware-version>/usr are joined, and all files in /opt/var/overlay/<firmware-version>/usr behave as if they exist in /usr. So you can provide newer versions of existing files, or add files and directories. /usr is still read-only, but it's content can be edited elsewhere.
To edit the same twonky file:
Code:
mkdir -p /opt/var/overlay/<firmware-version>/usr/local/dmsf/conf/
cp /usr/local/dmsf/conf/twonkyserver.ini /opt/var/overlay/<firmware-version>/usr/local/dmsf/conf/

nano /opt/var/overlay/<firmware-version>/usr/local/dmsf/conf/twonkyserver.ini

When you update the firmware, a new <firmware-version> directory will be made, to prevent firmware incompatibilities.

Theoretically the unionfs-fuse package could also put /opt/var/overlay/... as a read-write layer over /usr, but in my tests it turned out to be instable. After a few minutes half of the subdirectories in /usr were deleted. So either there is a bug in unionfs-fuse (google didn't find others having this problem, but of course this is a unique setup) or some daemon deletes that directories. On a readonly /usr you wouldn't notice, but as soon as it's rw you are in trouble.


Top
 Profile  
 
PostPosted: Thu Apr 30, 2015 5:49 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
How to install Tweaks
Code:
opkg update
opkg install Tweaks
Now you can access the webgui at http://nas540/r46282,/adv,/pkg/Tweaks/. (For firmware 5.03. Other versions will have a different revision number.)


Top
 Profile  
 
PostPosted: Thu May 07, 2015 7:45 am 
Offline

Joined: Thu May 07, 2015 7:38 am
Posts: 14
Hi, I'm newbiee :-)

I have a nsa540 zyxel, I install phpmyadmin, create www share and publish in web, i can go with my browser in the share, i see the list of files, but the php script won't execute... I see the code script but he won't execute, for exemple i will install dokuwiki, and when i go to the page where is the install.php file, i'can't continue, i only see the code of the file...

I have make many procedure but I think ffp-stick is not working for this NAS540, right ? I see in many forum that my probleme can resolve with install lightppd, but impossible to have this with FFP because he won't run...

My question is : CAN OPTWARE solve my problem ? If yes (I hope), what do I have to make for that ?

Many thanks you in advance for your reply and your help :-)

P.S. : Sorry for my bad english, I'm swiss and normally I speak french, I hope you can understand my demand :-)


Top
 Profile  
 
PostPosted: Sat May 09, 2015 6:47 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
How to use the firmware webserver for own purposes (Updated 2015 05 17)
Code:
opkg update
opkg install firmware-httpd

/opt/etc/init.d/90_httpd start
This basically starts (a copy of) the firmware webserver (Apache 2.2.27) with custom configuration.

By default it listens on port 5004 (http) and 5005 (https). It serves two directories, /opt/var/www/catchall/ as catchall, and /opt/var/www/nas540/ when invoked as nas540 (virtual host).

You can change this in /opt/etc/apache2/sites-enabled. If you have a (dyndns) domain, you can forward port 80 on your router to port 5004 on your NAS, add your domain as virtual host, and serve your page.

When you have installed the php5 package or the PHP-MySQL zypkg, the server also supports PHP. (The php5 package is first choice, in case of both).

Note: There are a lot of modules available in /opt/etc/apache2/mods-available. Yet I don't know if they all exist on the 540. The /opt/etc/apache2 directory is copied from a Debian package.


Top
 Profile  
 
PostPosted: Sun May 10, 2015 3:00 pm 
Offline

Joined: Thu May 07, 2015 7:38 am
Posts: 14
Hi Mizself,

You are definitely a god for me :-) Your helping is very useful.

I tested this with optware, that's ok !!!

I have only a additionnal info, when a restart the NAS540 i make only a :
# mount --bind /i-data/sysvol/www/ /opt/var/www/catchall to make an alias from my share www, and it's all right !!! That's the best way for me !!!

In additionnal of my question here (viewtopic.php?f=303&t=16973), the solution is find by you, I can connect now to my website from anywhere, anytime !!!

VERY THANKS YOU for your helping !!!!!!!!!!
Fred :-)


Top
 Profile  
 
PostPosted: Tue Aug 18, 2015 10:37 am 
Offline

Joined: Tue Aug 18, 2015 10:04 am
Posts: 1
Hello Mijzelf.

I have been using your unisonfs script to make /usr writable, but there seems to be a problem with the startup script. It fails to start automatically on a normal boot.

When I launch the script manually I get the following output:

Code:
mount: wrong fs type, bad option, bad superblock on /usr/bin/python,
       missing codepage or helper program, or other error

       In some cases useful info is found in syslog - try
       dmesg | tail or so.

The same thing happens when i stop the script. Despite these errors the overlay filesystem works when launched manually.

I have discovered that i may have something to do with the blocking of daemons through the Tweaks addon. The error disappears when i disable the blocking of daemons.

Do you have any clues how to fix this?


Top
 Profile  
 
PostPosted: Sun Aug 23, 2015 6:41 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
To disable one or more of the deamons a script is mounted on /usr/bin/python, which checks it's exact commandline and executes /ram_bin/usr/bin/python, or does something totally different.
I guess it's impossible to mount a file on a unisonfs file. So you have to rename the scripts in /opt/etc/init.d, to reverse the order in which the 2 scripts are executed. They are executed in alphabetical order. (The order you see when executing 'ls /opt/etc/init.d/')


Top
 Profile  
 
PostPosted: Thu Sep 10, 2015 10:47 am 
Offline

Joined: Tue Sep 08, 2015 10:27 pm
Posts: 4
Hi, i'm new here - and somewhat of a newbie regarding NAS.

I've gotten a NAS540, and are a little frustrated that the FFP dosen't seem to work with NAS540.

I would be nice to know if it is possible to install Couchpotato and sickbeard on my nas.

Like NAS setup (2.1) in this guide:
http://blog.nadnerb.co.uk/?p=15

If anyone would make a guide :) or just tell me if it is possible to make the same setup on my NAS540?

And also - is it impossible to install Plex on my NAS?


Top
 Profile  
 
PostPosted: Thu Sep 10, 2015 9:35 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6072
At the moment nothing works on the 540, except software compiled especially for that box.

But with firmware 5.10 (October?) the kernel will be replaced by a 'normal' 4k pagesize kernel, and then ffp will work. I think Plex will also work, but haven't tested it.
http://zyxel.nas-central.org/wiki/FFP-stick#2015-09-03


Top
 Profile  
 
PostPosted: Fri Sep 11, 2015 7:07 am 
Offline

Joined: Tue Sep 08, 2015 10:27 pm
Posts: 4
Okay thanks. Then there's nothing to do but wait..

I've gotten Couchpotato and Sickbeard working, sort of - but a lot of functions aren't working properly.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 17 posts ]  Go to page 1, 2  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group