OpenVPN on TPLink 941 running DD-WRT

So as you may remember from a previous post, I wanted to run my VPN on the router, but had trouble finding one that had native support for OpenVPN in the DD-WRT firmware build. Although it can’t be installed in the firmware, it turns out you can still enable the functionality by loading the libraries and scripts into RAM and running them from there.

As I said, I closely followed the advice of the DD-WRT forum user that goes by “jnjn”. This link is the key forum discussion on the subject.

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=541541#541541

That being said, I made some changes to the script. Below are the actual scripts I used to setup my router.

The biggest change to “jnjn’s” original code was putting in a wait for “udhcpc” process to be up and running before going on to grab files from the FTP server. Before I added that to the scripts, I had very unpredictable and unproductive startups of the router. When I tried running all the same scripts from the telnet command line, there was no such behavior. I don’t have any evidence of what was going on, but I’ve had none of the problems since putting that wait into the script.

The other thing that’s missing is the “ovpn” config file. I downloaded a ZIP file from Astrill based on my MAC address for my router. You can do the same, or you can write your own file for a different service or for other purposes.

—————————————————————–

Startup script (entered into the “commands” window under the Administration tab in DD-WRT web management interface)

—

#!/bin/sh
 echo "#!/bin/sh
 rm -f /tmp/openvpn/client/foobar.ovpn
 echo Removed foobar file
while ! ps | grep -q \"udhcpc\"; do
 sleep 1
 done
while ! ls /tmp/openvpn/client | grep -q \"foobar\"; do
 killall -9 wget
 killall -9 gzip
 killall -9 tar
 echo finished kill sequence
 cd /tmp
 rm -f ./openvpn_pack.tar.gz
 rm -f ./openvpn_pack.tar
 rm -r -f ./openvpn
 echo Removed the old files
 wget ftp://ftpuser:userpw@yourFTPserver/openvpn_pack.tar.gz
 gzip -d ./openvpn_pack.tar.gz
 tar -xf ./openvpn_pack.tar
 rm ./openvpn_pack.tar
 echo Finished unpacking the TAR ball
 wget ftp://ftpuser:userpw@yourFTPserver/YourConfigFile.ovpn -O /tmp/openvpn/client/YourConfigFile.ovpn
 echo \"foobar\" > /tmp/openvpn/client/foobar.ovpn
 echo Finished with the OVPN files
 wget ftp://ftpuser:userpw@yourFTPserver/executeScript.sh -O /tmp/openvpn/runit.sh
 chmod +x /tmp/openvpn/runit.sh
 if ls /tmp/openvpn/client | grep -q \"foobar\"; then
 echo starting the runit script
 /tmp/openvpn/runit.sh > /tmp/var/log/runit.log &
 fi
 done
 echo done with getting the stuff
 " > /tmp/get_openvpn.sh
 chmod +x /tmp/get_openvpn.sh
 /tmp/get_openvpn.sh > /tmp/var/log/openvpn_script.log &

————————

executeScript.sh

—

#!/bin/sh
 cd /tmp/openvpn
 export LD_LIBRARY_PATH=/lib:/usr/lib:/jffs/lib:/jffs/usr/lib:/jffs/usr/local/lib:/mmc/lib:/mmc/usr/lib:/opt/lib:/opt/usr/lib:/tmp/openvpn/lib
 cd /tmp/openvpn
 #./start_openvpn.sh &
 killall -9 openvpn
 sleep 2
 killall -9 openvpn
 /tmp/openvpn/bin/openvpn --config /tmp/openvpn/client/YourConfigFile.ovpn --daemon
 echo Started the daemon
echo Starting loop to update the routing
 tunup=0
 while [ $tunup ]
 do
 sleep 1
 if ifconfig tun0
 then
 iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
 tunup=1
 echo Set the routing tables to use the vpn
 break
 fi
 done

——————————————

Contents of openvpn_pack.tar.gz

—

openvpn:
 drwxr-xr-x 2 root root 0 Feb 4 11:31 bin
 drwxr-xr-x 2 root root 0 Feb 4 11:31 client
 drwxr-xr-x 2 root root 0 Feb 4 11:31 lib

openvpn/bin:
-rwxr-xr-x 1 root root 365844 Feb 17 2011 openvpn

openvpn/client:

openvpn/client:openvpn/lib:
-rw-r--r-- 1 root root 1075336 Feb 17 2011 libcrypto.so.0.9.8
 -rw-r--r-- 1 root root 234240 Feb 17 2011 libssl.so.0.9.8

Posted by shanghaipolack on February 4, 2012

https://shanghaipolack.wordpress.com/2012/02/04/openvpn-on-tplink-941-running-dd-wrt/