If I enter that directly into the shell, I see the /tmp/test file and everything updates fine (of course, I filled in the actual string values for the test). Now, if I go and enter that into Administration/Commands and try to run it from there, I never see /tmp/test show up, and no update happens. Why will this command run in the shell but not from the GUI? Anyone? Thanks!
Chalk this up to my first time solving a problem and providing an answer here! Simply replace the double quotes with single quotes and it works. Since the nvram scripts are encased in double quotes in the firmware, when it hits that first double quote before the http, it interprets it as an end-of-script. Now, I have not yet been able to get strings defined, but for now I at least have the wget working from the web interface!
Posted: Sun Jan 23, 2011 22:45 Post subject: update to ac1115's script.
I did some updates that allowed ac1115's script to work with my setup. I am just posting this here in the hope it might help someone else who had problems.
Cron job:
Code:
* 4 * * * root /tmp/ipv6_reload.sh
This script can be run at the command line (via ssh or telnet) by executing: /tmp/ipv6_reload.sh
I found it much easier to edit the script directly from the command line with vi or upload it each time through the webpage and then run it from the command line. This was the only way I caught some of the errors (through stdout).
Code:
$ nvram get rc_startup > /tmp/ipv6_debugscript.sh
$ sh /tmp/ipv6_debugscript.sh
As ac1115 wrote:
Installation steps:
1. Change the settings in the beginning of the above script to your settings.
2. Copy personalized script into Administration > Commands. Save as startup script
3. Go into Administration > Management
4. enable IPv6 and radvd. Leave the config box empty
5. (Optional) enable cron and enter above into "Additional Cron Jobs"
The above line will auto update the endpoint daily at 4am. Change to personal taste
6. Apply settings, wait for reboot
7. goto http://ipv6.google.com
One final note: THIS HAS NOT BEEN TESTED EXTENSIVELY AND IS PROBABLY BROKEN, USE AS A GUIDE.
Code:
###############################################################################
# v1.1 Jan 23, 2011 DAVE_SPAM VERSION (original by ac1115)
# HURRICANE ELECTRIC IPv6 TUNNEL SCRIPT
#******************************************************************************
# USE THE LATEST VERSION OF DD-WRT, ie 15962
# see: ftp://dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/12-24-10-r15962/
# tested with DD-WRT 15962 voip version on WRT610nv2 with PPPoE WAN connection
#
#
#
#******************************************************************************
#Settings start here
#******************************************************************************
#### basic connection settings FROM http://www.tunnelbroker.net/tunnel_detail.php?tunnelid=NNNNNN
SERVER_IP4_ADDR="enter ip here"
CLIENT_IPV6_ADDR="enter ip here"
ROUTED_64_ADDR="enter ip here"
#### account info to auto update endpoint FROM http://www.tunnelbroker.net/main.php
USERID="enter the long hex code - NOT text username"
PASSWD="plain text password"
TUNNELID="your numeric GLOBAL tunnel id"
#####Optional/Advanced Settings######
#logging settings (set to /dev/null for no logging)
STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
CRON_STATUS_LOG_FILE="/tmp/ipv6_lastHEUpdate.log"
#******************************************************************************
#Settings end here
#******************************************************************************
echo "HE IPv6 Script started" > $STARTUP_SCRIPT_LOG_FILE
date >> $STARTUP_SCRIPT_LOG_FILE
insmod ipv6
#maybe needs to be incresed for slow boxes.
sleep 1.5
#get a hash of the plaintext password
MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`
echo "" >> $STARTUP_SCRIPT_LOG_FILE
#cut out the "/64" if user typed it in
ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE
#do HE update
echo "Do HE Update" >> $STARTUP_SCRIPT_LOG_FILE
wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O - >> $STARTUP_SCRIPT_LOG_FILE
#get wan ip for our own use from internal variable
WANIP=$(nvram get wan_ipaddr);
echo " External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
echo " External IP detected as:" $WANIP
if [ -n $WANIP ]
then
echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE
echo "configuring tunnel"
### create/update tunnel code
#fixes ioctl: No buffer space available ERROR
ip tunnel del he-ipv6
# The following commands are from HE's website
ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
ip link set he-ipv6 up
ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr
TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`
# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $TEMP_ADDR/64 dev br0
ip route add 2000::/3 dev he-ipv6
#create cron script to run this all later
# take this file from memory and put it into shell script file, so cron job can run it.
echo "nvram get rc_startup > $SCRIPT_FILE" >$CRON_JOB_FILE
echo "chmod +x $SCRIPT_FILE" >>$CRON_JOB_FILE
echo "$SCRIPT_FILE" >> $CRON_JOB_FILE
chmod +x $CRON_JOB_FILE
echo "Cron script created" >> $STARTUP_SCRIPT_LOG_FILE
echo "HE IPv6 Script finished" >> $STARTUP_SCRIPT_LOG_FILE
fi
Posted: Sat Feb 12, 2011 21:43 Post subject: Re: update to ac1115's script.
RussianNeuroMancer wrote:
dave_spam wrote:
Code:
WANIP=$(nvram get wan_ipaddr);
Thank you! Clever idea!
Can someone add it to script in wiki?
I'd also like to commend you for this little fix. I was beating my head against the wall trying to figure out what was up.
I could see the tunnel established on HE.net and the router was passing out correct ipv6 addresses. All routing was getting blocked at the router. I could even ping in, but not out. Finally I saw on HE.net
Quote:
*NOTE* When behind a firewall appliance that passes protocol41, instead of using the IPv4 endpoint you provided to our broker, use the IPv4 address you get from your appliance's DHCP service.
So if your modem is giving a NAT ip you need to route to that and not your external ip.
Posted: Fri Mar 04, 2011 9:32 Post subject: Re: Sharing my IPv6 script for Hurricane Electric Tunnel Bro
Thanks for sharing, just a few comments which I encountered during configuration (in bold below quoted).
For reference my setup:
WRT320N v1
build 14929 (v24-sp2) STD USB NAS
ac1115 wrote:
My setup for reference.
Optimum Online Cable ISP
WRT610Nv2
v24-sp2 (Aug 12, 2010)
build 14929 STD / Big / Mega?
You should have an account and tunnel created on the website. This post will not cover that. Install steps are below the script.
code wrote:
#***************************
#Settings start here
#***************************
#basic connection settings
SERVER_IP4_ADDR="enter ip here"
CLIENT_IPV6_ADDR="enter ip here"
ROUTED_64_ADDR="enter ip here"
# note that you have different subnets for ROUTED_64_ADDR and CLIENT_IPV6_ADDR
#account info to auto update endpoint
USERID="enter the long hex code - NOT text username"
PASSWD="plain text password"
TUNNELID="your numeric GLOBAL tunnel id"
#####Optional/Advanced Settings######
#logging settings (set to /dev/null for no logging)
STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"
#***************************
#Settings end here
#***************************
insmod ipv6
sleep 10
#get a hash of the plaintext password
MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`
# you can also generate the hash once and replace above line with something like:
# MD5PASSWD=yourmd5hash
#cut out the "/64" if user typed it in
ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
echo "External IP:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
if [ -n $WANIP ]
then
echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE
# The following commands are straight from HE's website
# modprobe ipv6
#modprobe is replaced by insmod ipv6 so doesn't work/ isn't needed anymore
ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
ip link set he-ipv6 up
ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
#ip -f inet6 addr
# no need to print
TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`
# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $TEMP_ADDR/64 dev br0
ip route add 2000::/3 dev he-ipv6
#radvd -C $RADVD_CONFIG &
# when you moved the output this can be replaced by: radvd -C /tmp/radvd.conf &
fi
Installation steps:
1. Change the settings in the beginning of the above script to your settings.
2. Copy personalized script into Administration > Commands. Save as startup script
3. Go into Administration > Management
4. enable IPv6 and radvd. Leave the config box empty > ignore when you've moved your radvd config from the script
5. (Optional) enable cron and enter this into "Additional Cron Jobs"
Posted: Sun Mar 20, 2011 13:59 Post subject: Don't work
hello,
I've tried the script but it doesn't work.
My dd-wrt version is Firmware: DD-WRT v24-sp1 (2008-07-31 14:52) std+
When i sent this by putty :
root@DD-WRT-1:~# ip -6 route show
I have this :
2001:470:1f08:16dd::/64 via :: dev he-ipv6 metric 256 mtu 1480 advmss 1420
2001:470:1f09:16dd::/64 dev br0 metric 256 mtu 1500 advmss 1440
2000::/3 dev he-ipv6 metric 1024 mtu 1480 advmss 1420
fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev eth1 metric 256 mtu 1500 advmss 1440
fe80::/64 dev vlan0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev wds0.1 metric 256 mtu 1500 advmss 1440
fe80::/64 dev br0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev vlan1 metric 256 mtu 1500 advmss 1440
fe80::/64 via :: dev he-ipv6 metric 256 mtu 1480 advmss 1420
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev eth1 metric 256 mtu 1500 advmss 1440
ff00::/8 dev vlan0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev wds0.1 metric 256 mtu 1500 advmss 1440
ff00::/8 dev br0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev vlan1 metric 256 mtu 1500 advmss 1440
ff00::/8 dev he-ipv6 metric 256 mtu 1480 advmss 1420
default dev he-ipv6 metric 1024 mtu 1480 advmss 1420
But my windows xp cant ping ipv6.google.com
AN idea, please.
Thanks and excuse my language, I'm french
odd, the "watch for replies" didn't notify me of the past several posts.
anyway. windows xp's ipv6 stack is disabled by default, and isn't even complete.
http://ipv6int.net/systems/windows_xp-ipv6.html is some information on enabling it, but you're best off upgrading to vista or windows 7 if you can. I believe they both have completely functioning ipv6 stacks. But I don't use windows at all so I can't really speak on that.
and yeah I like getting the wan ip from nvram. And afaik, anyone is able to edit the wiki. All it takes is to make an account on it.
And I'm using the "mega" build, currently build 16214. Works great still on this newer build, uptime 28 days
Posted: Sun Mar 27, 2011 13:41 Post subject: Yes, It was Windows XP problem
"http://ipv6int.net/systems/windows_xp-ipv6.html is some information on enabling it, but you're best off upgrading to vista or windows 7 if you can. I believe they both have completely functioning ipv6 stacks. But I don't use windows at all so I can't really speak on that. "
It is the real good answer. When i activate IpV6 on Windows 7, the IPV6 address is "visible" by myipv6.org.
#***************************
#Settings start here
#***************************
#basic connection settings
SERVER_IP4_ADDR="216.66.80.30"
CLIENT_IPV6_ADDR="2001:470:1f0a:34::2"
ROUTED_64_ADDR="2001:470:1f0b:34::"
# note that you have different subnets for ROUTED_64_ADDR and CLIENT_IPV6_ADDR
#account info to auto update endpoint
USERID="tb4d99ebf10f65b0.39764160"
PASSWD="BLABLAPASSWD"
TUNNELID="107012"
#####Optional/Advanced Settings######
#logging settings (set to /dev/null for no logging)
STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"
#***************************
#Settings end here
#***************************
insmod ipv6
sleep 10
#get a hash of the plaintext password
MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`
#cut out the "/64" if user typed it in
ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
echo "External IP:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
if [ -n $WANIP ]
then
echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE
# The following commands are straight from HE's website
# modprobe ipv6
#modprobe is replaced by insmod ipv6 so doesn't work/ isn't needed anymore
ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
ip link set he-ipv6 up
ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
#ip -f inet6 addr
# no need to print
TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`
# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $TEMP_ADDR/64 dev br0
ip route add 2000::/3 dev he-ipv6
External IP: 89.79.***.***
configuring tunnel
starting radvd
killing any old versions of radvd
starting radvd
Quote:
root@DD-WRT:~# ip -6 route show
2001:470:1f0a:34::/64 via :: dev he-ipv6 metric 256 mtu 1480 advmss 1420
2001:470:1f0b:34::/64 dev br0 metric 256 mtu 1500 advmss 1440
2000::/3 dev he-ipv6 metric 1024 mtu 1480 advmss 1420
fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev br0 metric 256 mtu 1500 advmss 1440
fe80::/64 via :: dev he-ipv6 metric 256 mtu 1480 advmss 1420
fe80::/64 dev vlan0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev eth1 metric 256 mtu 1500 advmss 1440
fe80::/64 dev vlan1 metric 256 mtu 1500 advmss 1440
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev br0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev he-ipv6 metric 256 mtu 1480 advmss 1420
ff00::/8 dev vlan0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev eth1 metric 256 mtu 1500 advmss 1440
ff00::/8 dev vlan1 metric 256 mtu 1500 advmss 1440
default dev he-ipv6 metric 1024 mtu 1480 advmss 1420
on my laptop:
ip -6 addr
Quote:
4: wlan0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2001:470:1f0b:34:21f:3cff:fe05:b60d/64 scope global dynamic
valid_lft 86397sec preferred_lft 14397sec
inet6 fe80::21f:3cff:fe05:b60d/64 scope link
valid_lft forever preferred_lft forever
Quote:
alek-laptop# traceroute6 ipv6.google.com
traceroute to ipv6.l.google.com (2a00:1450:8003::67) from 2001:470:1f0b:34:21f:3cff:fe05:b60d, 30 hops max, 24 byte packets
1 2001:470:1f0b:34::1 (2001:470:1f0b:34::1) 3.071 ms 0.976 ms 0.965 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
Quote:
alek-laptop# ip -6 route show
2001:470:1f0b:34::/64 dev wlan0 proto kernel metric 256 expires 86157sec mtu 1500 advmss 1440 hoplimit 0
fe80::/64 dev wlan0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
ff00::/8 dev wlan0 metric 256 mtu 1500 advmss 1440 hoplimit 0
default via fe80::6a7f:74ff:feb2:22e8 dev wlan0 proto kernel metric 1024 expires 1570sec mtu 1500 advmss 1440 hoplimit 64
1. what os are you running?
2. what router/fw?
3. I see two line breaks in the "updating endpoint" section. those aren't in the actual script, right?
4. check the HE site and see if the endpoint is right. update it manually on the website anyway
5. check the addresses again in the script.
6. try the original script. see if that works for you.
1. what os are you running?
2. what router/fw?
3. I see two line breaks in the "updating endpoint" section. those aren't in the actual script, right?
4. check the HE site and see if the endpoint is right. update it manually on the website anyway
5. check the addresses again in the script.
6. try the original script. see if that works for you.
AD1. Gentoo Linux
AD2. Linksys WRT54GL, dd-wrt v24-sp2 voip edition
AD3. ???? I can see there only soft breaks because of lack of horizontal space
AD4. Endpoint is right.
AD5. Checked
6. Ive tried. Nothing happend.
Hop Limit. 8 bits unsigned.
For each router that forwards the packet, the hop limit is decremented by 1. When the hop limit field reaches zero, the packet is discarded. This replaces the TTL field in the IPv4 header that was originally intended to be used as a time based hop limit.
So with a zero hoplimit I believe no packets will be forwarded, they will all be dropped. Which should account for the lack of ipv6 connectivity
These two are examples from my own working network.
router> ip -6 route show:
Quote:
Code:
2001:470:XXXX:bfc::/64 via :: dev he-ipv6 metric 256 expires -36sec mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:XXXX:bfc::/64 dev br0 metric 256 expires -38084sec mtu 1500 advmss 1440 hoplimit 4294967295
2000::/3 dev he-ipv6 metric 1024 expires -35sec mtu 1480 advmss 1420 hoplimit 4294967295
fe80::/64 dev eth0 metric 256 expires -38296sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev vlan1 metric 256 expires -38291sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1 metric 256 expires -38290sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth2 metric 256 expires -38286sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev br0 metric 256 expires -38286sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev vlan2 metric 256 expires -38285sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6 metric 256 expires -35sec mtu 1480 advmss 1420 hoplimit 4294967295
ff00::/8 dev eth0 metric 256 expires -38296sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev vlan1 metric 256 expires -38291sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth1 metric 256 expires -38290sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth2 metric 256 expires -38286sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev br0 metric 256 expires -38286sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev vlan2 metric 256 expires -38285sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev he-ipv6 metric 256 expires -35sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6 metric 1024 expires -35sec mtu 1480 advmss 1420 hoplimit 4294967295
client ip -6 route show:
Quote:
Code:
root@ubuntu:~# ip -6 route show
2001:470:XXXX:bfc::/64 dev eth0 proto kernel metric 256 expires 86392sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::6a7f:74ff:fe0a:e998 dev eth0 proto kernel metric 1024 expires 1792sec mtu 1500 advmss 1440 hoplimit 64
You can see from these two working examples that the hoplimit is either 64, or a very large number.
Your router doesn't show the hoplimit in the output and your client (laptop) says zero for the global (external) ipv6 address.
Now I never had to change any advanced settings in either to work. IPv6 autoconfigured itself correctly w/o issue on all of my computers. On my network I use Mac OSX, fedora, opensuse, and ubuntu. Do you have another os/distro to try this out? Maybe with a ubuntu live cd, since I can vouch for it's ipv6 autoconfiguration out of box.
I never used gentoo btw.
You can also try rerunning the script w/o reboot.
Code:
nvram get rc_startup > /tmp/startupscript.sh
sh /tmp/startupscript.sh
-ERROR: IP is not ICMP pingable. Please make sure ICMP is not blocked. If you are blocking ICMP, please allow 66.220.2.74 through your firewall.
configuring tunnel
creating radvd conf
starting radvd
I use OTRW with asiablock, stophack and stophammer (not sure if this affects this), how do I allow 66.220.2.74 in DD-WRT?
I tried adding:
Code:
iptables -I INPUT -d 66.220.2.74 -j ACCEPT
To firewall script, obviously I am still doing something wrong as this does not work.
