help setting static ARP ??

[loadyo]

I have and asus RT-N66U running merlin which I have openvpn setup via which I turn on my server using the routers WOL once I have the VPN connected, this works flawlessly everytime remotely, however, it seems to time out if the server is not switched on for sometime and having had a read around on this matter I'm drawn to the conclusion that I need to setup a static ARP, unfortunately I have no idea how to do this or even what it really is, when the server is on and I can see it in my client list, if I click it, it tells me that MAC address binding is on but I don't think this the problem, I also read this elsewhere...

"
So I solved the problem, I have an ASUS router that has an SSH feature that supports wol. So I acquired HandySSH on my android and created a shortcut that sends the command, "ether - wake -b -i br0 [ mac ]"

So thank ASUS to provide some type of functionality, and of course Asuswrt - Merlin to make it better.

I'm sure getting an static arp would work, but I read that port scanners can trigger the wol command, so rather not do that, not a big problem. But still."

Can somebody please guide me through exactly what I need to do.

Many thanks.

 

[GSpock]

https://www.snbforums.com/threads/wake-on-lan-works-at-most-1-time.37526/#post-308890

 

[loady]

the problem I am having is, I think, the MAC address of my server getting flushed from ARP tables, I'm learning this as I go along. So far I have got to this >>>"? (192.168.11.122) at 00:24:1D:C9:C05 [ether] PERM on br0", now the problem will be that when the router is powered off at night and/or I don't turn server on for a few days I cant WOL anymore unless the server is starting up manually and starts talking to the router, I am now trying to work out how/where to put a script that will perfrom this job everytime it boots therefore the MAC is always in the ARP table and I can connect

 

[ColinTaylor]

How about putting the following command in /jffs/scripts/services-start:

arp -s 192.168.11.122 00:24:1D:C9:C0:D5

https://github.com/RMerl/asuswrt-merlin/wiki/User-scripts

 

[sfx2000]

I'm sure getting an static arp would work, but I read that port scanners can trigger the wol command, so rather not do that, not a big problem. But still."

I'm not a big fan of static ARP's - it works, but it's not elegant...

The security concern here is that MAC addresses can be spoofed...

 

[RMerlin]

I'm not a big fan of static ARP's - it works, but it's not elegant...

The security concern here is that MAC addresses can be spoofed...

When the goal is simply to have working WOL within your LAN then there is no security issue with that.

Sent from my P027 using Tapatalk

 

[loady]

How about putting the following command in /jffs/scripts/services-start:

arp -s 192.168.11.122 00:24:1D:C9:C0:D5

https://github.com/RMerl/asuswrt-merlin/wiki/User-scripts

i think I have done that but possibly not where you say...I did the following..

[QUOTE="
Install Download Master on the Asus Router like he said (you must have a usb drive in the router).
Telnet to your router's ip. Login with your router username and pass. (My preferred telnet program is MobaXterm or Putty).
Type cd /opt
Type vi .asusrouter
Use the down arrow to go all the way to the bottom of the text. And then the right arrow to get to the end of the line.
Hit the A button. (Allows you to append text).
Hit the enter button to go to the next line.
Type arp -s 1.2.3.4 aa:bb:cc:dd:ee:ff (obviously replace 1.2.3.4 with your IP and aa:bb... with your mac address),
Hit the colon button.
Type wq[/QUOTE]

However, when the router has rebooted it no longer has PERM status so I would say the script is not running ?, but I can still see the line in .asusrouter.

 

[loady]

ASUSWRT-Merlin RT-N66U 380.64-2 Sun Jan 8 00:18:10 UTC 2017
classcomputers@RT-N66U-6018:/tmp/home/root# arp
android-b6e064c8fb009d1d (192.168.11.115) at 802:1D:11:BE:9B [ether] on br0
Olivia (192.168.11.135) at <incomplete> on br0
? (192.168.11.197) at 7C:2F:80:33:2A:85 [ether] on br0
? (192.168.11.4) at <incomplete> on br0
? (192.168.11.125) at <incomplete> on br0
familys-iPhone (192.168.11.107) at C4:B3:01:35:12:AF [ether] on br0
? (192.168.11.175) at <incomplete> on br0
? (192.168.11.85) at <incomplete> on br0
? (192.168.11.2) at BC:EE:7B:97:C9:8A [ether] on br0
android-c3c194f310d13cfe (192.168.11.68) at 802:1D:36:5A:97 [ether] on br0
cpc121156-nmal24-2-0-gw.19-2.cable.virginm.net (77.100.149.1) at 00:A2:891:C8:1A [ether] on eth0
? (192.168.11.122) at 00:24:1D:C9:C05 [ether] on br0
? (192.168.11.24) at <incomplete> on br0
Ambers-iPhone (192.168.11.249) at 00:88:65:A0:E9:38 [ether] on br0
swap_count=`expr $SWAP_SIZE / 1000 - 1`
echo "dd if=/dev/zero of=$APPS_INSTALL_PATH/$SWAP_FILE bs=1M count=$swap_count"
dd if=/dev/zero of=$APPS_INSTALL_PATH/$SWAP_FILE bs=1M count=$swap_count
echo "mkswap $APPS_INSTALL_PATH/$SWAP_FILE"
mkswap $APPS_INSTALL_PATH/$SWAP_FILE
echo "swapon $APPS_INSTALL_PATH/$SWAP_FILE"
swapon $APPS_INSTALL_PATH/$SWAP_FILE
else
echo "No enough partition size!"
nvram set apps_state_error=3
exit 1
fi
fi
fi

nvram set apps_state_autorun=3 # EXECUTING
link_internet=`nvram get link_internet`
if [ "$link_internet" == "1" ]; then
app_update.sh &
fi
# run all APPs by order.
app_init_run.sh allpkg start

nvram set apps_state_autorun=4 # FINISHED
arp -s 192.168.11.122 00:24:1D:C9:C05
- .asusrouter 110/110 100%

 

[loady]

When the goal is simply to have working WOL within your LAN then there is no security issue with that.

Sent from my P027 using Tapatalk

I think that's what I do given that I VPN into router remotely to initiate WOL, its just that I need it to run itself when the router is switched on in the morning, I can go several days without switching the server on.

 

[ColinTaylor]

i think I have done that but possibly not where you say...I did the following..

If it works, fine. If not then I suggest you do it the way I suggested because it's much simpler and not reliant on the whole optware installation working properly.

 

[loadyo]

If it works, fine. If not then I suggest you do it the way I suggested because it's much simpler and not reliant on the whole optware installation working properly.

Ok, just so i am clear, telnet into router then type cd /jffs/scripts, then vi services-start: and add in the arp -s command ??

Not really sure if i am creating this script or editing whats already there and unsure of how to edit it, i just read on the wiki...

"services-start
After all other system services have been started at boot. This is the best place to stop one of these services, and restart it with a different configuration, for example (be aware that any time the service gets manually restarted it will revert back to the original setup however)."

Is that saying the script need to be written again when the router is rebooted ?

 

[ColinTaylor]

Is that saying the script need to be written again when the router is rebooted ?

No. That statement is referring to existing router services (like DNS, VPN, Samba, etc.) that might be restarted manually through the GUI. You're not doing that, so it's not relevant.

Your services-start script should end up looking like this (assuming there isn't already an existing script):

#!/bin/sh
arp -s 192.168.11.122 00:24:1D:C9:C0:D5

Remember to make it executable afterwards:

chmod a+rx /jffs/scripts/*

 

[loadyo]

No. That statement is referring to existing router services (like DNS, VPN, Samba, etc.) that might be restarted manually through the GUI. You're not doing that, so it's not relevant.

Your services-start script should end up looking like this (assuming there isn't already an existing script):

#!/bin/sh
arp -s 192.168.11.122 00:24:1D:C9:C0:D5

Remember to make it executable afterwards:

chmod a+rx /jffs/scripts/*

Not sure if i am seeing the script already there or i am making it when i type vi services-start
i see this..


~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
- .services-start 1/1 100%

 

[ColinTaylor]

Looks like you're creating a new one (which is good).

 

[ColinTaylor]

- .services-start 1/1 100%

Make sure your script is called services-start and not .services-start

 

[loadyo]

Think i was being confused with the vi command, it opens named file if it exists or if it doesnt it creates it ?

Anyway, have rebooted the router and typed arp and it came back with this..

? (192.168.11.122) at 00:24:1D:C9:C05 [ether] PERM on br0

So i am going to assume its worked and will run it eveytime the router restarts, the result i hope, will be that if i have not used the server for a number of days i can still wake it with WOL.

Thanks for the guidance, i have learnt another little snippet of linux.

 

[ColinTaylor]

Looks good.

P.S. Make sure you have made a DHCP reservation (LAN > DHCP Server > Manually Assigned IP...) of 192.168.11.122 for your server. Even if your server isn't a DHCP client you need to ensure that IP address isn't given out to another device.

 

[loadyo]

Manually Assigned IP around the DHCP list (Max Limit : 128)
MAC address IP Address Hostname Add / Delete

WARPTOWER 00:24:1D:C9:C05 192.168.11.122

Like that

 

[ColinTaylor]

Exactly. Oh, and "Enable Manual Assignment" must of course be set to Yes.

Let us know how you get on.

 

[Meilke]

Following on trying to get Wol working, router won’t save/add arp when rebooting.
Attempted the short script listed above, script file named

services-start.sh

script is located in jffs/scripts#

All it contains is,

#!/bin/sh
arp -s 192.168.11.122 00:24:1D:C9:C05

Using my own ip, MAC address and it has been made executable.

I can manually add arp and wol over internet works but arp isn’t being re added after router reboot. I know very little about scripts but thought this would do it.
Shows up as “services-start.sh” in green when “ls” is used in the scripts directory.
Using SSH and Poppy
ASUS RT-AC88U with Merlin

First time in forum,
Thank you for any help.