Gargoyle shaping on only wlan possible?

[drrignell]

thanks for a very nice firmware! I am in the process of setting up a shared net with some neighbours, after many years of having a fully open one.

Basically I want one subnet for my lan and one for wlan, serving nodogsplash to unapproved wlan-users, and of course keeping track of their usage.

I have worked with standard/X-wrt Kamikaze 8.09.2 in combination with bandwidthd and nodogsplash. It works solid after some trickery.

There is one functionality missing though. Quotas, we wanna shape cheap skates who wont join in the cooperative, but without shutting them out totally. Enter wonderful Gargoyle.

TL;DR My question is, can I employ all the nice functions of Gargoyle on only my wlan-interface (or both wlan and lan) without rewriting half of the *.js and *.sh ?

I am not looking for a complete instruction here, just a pointer in the directions I need to take or a "Stop, dont sweat it, you wont succeed". I am comfortable with a strictly CLI solution if that's the necessary path.


For reference; With a standard install over my old config I can connect via both lan and wlan, get an ip in respective subnet (10.23.5.0/24 & 192.168.2.0/24) but only lan interface routes me to internet, which is obvious when you look at iptables. There are no forward chains for the wifi-interface.

Relevant parts of 'uci show:

Code: Select all

dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded=1
dhcp.@dnsmasq[0].boguspriv=1
dhcp.@dnsmasq[0].filterwin2k=0
dhcp.@dnsmasq[0].localise_queries=1
dhcp.@dnsmasq[0].local=/lan/
dhcp.@dnsmasq[0].domain=lan
dhcp.@dnsmasq[0].expandhosts=1
dhcp.@dnsmasq[0].nonegcache=0
dhcp.@dnsmasq[0].cachelocal=1
dhcp.@dnsmasq[0].authoritative=1
dhcp.@dnsmasq[0].readethers=1
dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
dhcp.@dnsmasq[0].leasefile=/tmp/dhcp.leases
dhcp.lan=dhcp
dhcp.lan.interface=lan
dhcp.lan.start=100
dhcp.lan.limit=150
dhcp.lan.leasetime=720m
dhcp.lan.ignore=0
dhcp.wan=dhcp
dhcp.wan.interface=wan
dhcp.wan.ignore=1
dhcp.wan.start=
dhcp.wan.limit=
dhcp.wan.leasetime=
dhcp.wifi=dhcp
dhcp.wifi.interface=wifi
dhcp.wifi.start=100
dhcp.wifi.limit=150
dhcp.wifi.leasetime=720m
dhcp.wifi.ignore=0
network.eth0=switch
network.eth0.vlan0=1 2 3 4 5*
network.eth0.vlan1=0 5
network.loopback=interface
network.loopback.ifname=lo
network.loopback.proto=static
network.loopback.ipaddr=127.0.0.1
network.loopback.netmask=255.0.0.0
network.lan=interface
network.lan.type=bridge
network.lan.ifname=eth0.0
network.lan.proto=static
network.lan.ipaddr=10.23.5.1
network.lan.netmask=255.255.255.0
network.lan.dns=8.8.8.8 8.8.4.4
network.wan=interface
network.wan.ifname=eth0.1
network.wan.proto=dhcp
network.wifi=interface
network.wifi.ifname=eth1.0
network.wifi.proto=static
network.wifi.ipaddr=192.168.2.1
network.wifi.netmask=255.255.255.0

[DoesItMatter]

I hate complicated... Life is already too complicated.

Rather than trying to do everything with 1 router, use more!

I would setup something like this.

1 wired router - no wireless, that provides internet access to
2 other wireless routers.

1 Wireless router for personal/your own subnet

1 Wireless router for QoS/monitoring/nosplash, etc

You would save yourself a LOT of hassles, and much easier
to organize and maintain the seperate subnets.

You could use different wireless channels with different
security keys - enhancing the security.

Myself - I would NOT try this with just 1 router, you will
be suffering a lot of time, maintenance, etc...

[drrignell]

I love complicated. My life is very simple.

To the issue at hand, I live in situations where I wont afford buying or running many routers and where there are no open networks. I have more motivations to this aswell, but I leave them for now.

Now, get technical pls. I know many here can give me pointers =)

I am gonna get a virtualized* Gargoyle running today and take a look at the firewall/tc/quota-scripts. Those should be replicable to a more clean openwrt-install, right?

* I had to revert my router, as my open net was down.

[Eric]

Th easiest way to do what you want to do is to assign all the wired computers static IPs that are outside the range assigned by the DHCP server. Then set a quota that applies to the IP range associated with wireless network. If you need each individual wireless host to have a quota, assign the wired IP range a daily quota of 500GB or some ridiculously huge number number that you won't ever reach. Then set up "all other individuals", which will ignore the huge quota you just set up for the wired IP range.

That's the easy way... if that's not good enough, and you need dynamic IP assignment on the wired network it's going to get very,very messy. It's not impossible, but you will have to go in and do a lot of hard-core hacking on the source code. If that's the route you want to go, I can give you a few pointers to get you started -- let me know if that's what you want to do. But I'm warning you up front, it will get ugly.

[drrignell]

Thanks Eric, I'll try that path.

My wired network is naturally not very dynamic (i hope!).

[drrignell]

I did not manage to make it work.

Instead I bought a TL-WR1043ND, some very cheap and promising hardware.