Monday, July 23, 2012

Use gmail on your router (Tomato firmware)

In my previous post I talked about the advantages of port knocking. Securing your network is important, but what if someone does break in. You can't monitor the log file 24/7. Wouldn't it be great if the router could email important lines from the log file. This is a slightly involved process, so I'm going to break it up into two posts.

Router: Asus RT-N16 (newegg)
Firmware: Tomato-Toastman (version: tomato-K26USB-1.28.7500.2MIPSR2Toastman-RT-VPN.trx)
Note: TomatoUSB or any mod running kernel 2.6 should work. Iptables in kernel 2.4 requires some tweaks (see below).




First we need to make the router send to a gmail account. Here is what you need to do:
  1. Take a thumb-drive and format it with one partition as a 512MB Linux swap (name it "SWAP") and the remaining of the thumb-drive as a Ex3 (name it "OPTWARE"). I'm using CentOS for this step. I recommend using another thumb drive to create a LiveCD and boot from it if you are a Windows user. When done formatting, plug the thumb drive into one of the router's USB ports.
  2. Log in to the TomatoUSB admin page and USB and NAS -> USB Support.
      • Enable "Core USB Support"
        • USB 2.0 Support = checked
          • File Systems Support = Ext2/Ex3
            • Automatically mount all partitions to sub-directories in /mnt = checked 
          • In the "Run after mounting", copy and paste:
            led usb on
            
            In the "Run before mounting", copy and paste:
            # Unmount Opt from flash drive
            umount /swap
            umount /opt
            sleep 10
            led usb off
            
            Save the settings.

          • Open up your favorite ssh client (putty works well) and log in as root on your router.
          • Type:
            vi /etc/fstab
            i
            Paste the following lines:
            #device Mountpoint FStype Options Dump Pass#
            LABEL=SWAP none swap sw 0 0
            LABEL=OPTWARE /opt ext3 rw,noatime 1 1
            Now press esc twice, and type:
            :x 
            Back in your ssh shell type (to commit the fstab changes):
            nvram setfile2nvram /etc/fstab
            nvram commit
            reboot
          • Once your router reboots, log into the TomatoUSB admin page and you should see SWAP and OPT mounted (see picture in step #3).
          • Now, we need install optware. This requires installing ipkg and Uclib. Using putty, log into your router as root and type:
            wget http://tomatousb.org/local--files/tut:optware-installation/optware-install.sh -O - | tr -d '\r' > /tmp/optware-install.sh
            chmod +x /tmp/optware-install.sh
            sh /tmp/optware-install.sh
            sleep 5
            ipkg update
            sleep 5
          • Once optware installation is complete, its time to install python. Type:
            ipkg install python27
          • Download mail.py and mail_message.py and place them in  /opt/scripts/ directory.
            You need to edit the mail.py file and change the highlighted lines with your gmail user and password.
            import os
            import smtplib
            import mimetypes
            from email.MIMEMultipart import MIMEMultipart
            from email.MIMEBase import MIMEBase
            from email.MIMEText import MIMEText
            from email.MIMEAudio import MIMEAudio
            from email.MIMEImage import MIMEImage
            from email.Encoders import encode_base64
            
            def sendMail(subject, text, *attachmentFilePaths):
              gmailUser = 'someone@gmail.com'
              gmailPassword = 'password'
              recipient = 'someone@gmail.com'
          Still using putty and logged in as root on your router you should be able to test this by typing:
          /opt/bin/python2.7 "/opt/scripts/mail_message.py" "This is a test"
          

          Credit where credit is due. I simplified the optware install.
          Original Instructions: http://www.linksysinfo.org/index.php?threads/openvpn-connection-email-notifications.36633/

          No comments:

          Post a Comment