Changeset b60358c in freewrt

Timestamp:

Aug 17, 2025, 6:00:59 PM (4 months ago)

Author:

Waldemar Brodkorb <wbx@…>

Branches:

freewrt_2_0

Children:

a04fe5e

Parents:

78cc191

Message:

handbook: update to reflect 2.0

Location:

docs/handbook

Files:

• devel/kbuild/Config.in-structure.txt (deleted)
• user/cover.tex (modified) (2 diffs)
• user/handbook.tex (modified) (41 diffs)

docs/handbook/user/cover.tex

@@ -18 +18 @@
 \\
 \rightline{%
-Revision 1.0.3, \svnInfoRevision}
+Revision 2.0, \svnInfoRevision}
 \\
 \rightline{%
@@ -32 +32 @@
 \renewcommand{\baselinestretch}{1.0}
 \normalfont \footnotesize
-\textbf{Waldemar Brodkorb} \texttt{<wbx@freewrt.org>}
+\textbf{Waldemar Brodkorb} \texttt{<wbx@freewrt.de>}
 \\
-\textbf{Phil Richard Sutter} \texttt{<n0-1@freewrt.org>}
+\textbf{Phil Richard Sutter}
 \\
-\textbf{Dirk Nehring} \texttt{<dnehring@freewrt.org>}
+\textbf{Dirk Nehring}
 \\
-\textbf{Markus Wigge} \texttt{<markus@freewrt.org>}
+\textbf{Markus Wigge}
 \\
-\textbf{Michael Schwab} \texttt{<ms@freewrt.org>}
+\textbf{Michael Schwab}
 \\
 \vspace{.1cm}

docs/handbook/user/handbook.tex

@@ -57 +57 @@
 
 \begin{document}
-\svnInfo $Id: handbook.tex 3807 2008-10-07 18:08:46Z n0-1 $
+% \svnInfo $Id: handbook.tex 3807 2008-10-07 18:08:46Z n0-1 $
 \setlength{\marginparwidth}{10mm}
 
@@ -101 +101 @@
 
 Welcome to FreeWRT! This handbook covers the building, installation and usage
-aspects of the FreeWRT 1.0 Linux distribution.  FreeWRT is a portable, secure
+aspects of the FreeWRT 2.0 Linux distribution.  FreeWRT is a portable, secure
 and functional Linux distribution for embedded systems. As FreeWRT is a source
 code distribution, it does not provide any pre-compiled firmware for embedded
 systems. The latest version of this document is always available at the FreeWRT
 website. If you have any comments, criticism or found some wrong description,
-please send us an e-mail to
-\href{mailto:freewrt-handbook@freewrt.org}{freewrt-handbook@freewrt.org}, we
-are always happy about getting feedback to this document, and will try to
+please send me an e-mail to
+\href{mailto:wbx@freewrt.de}{wbx@freewrt.de}, I
+am always happy about getting feedback to this document, and will try to
 update or correct the issues mentioned by you.
 
@@ -119 +119 @@
 management and update mechanism. The last chapter,
 \nameref{ch:troubleshooting}, helps troubleshooting problems and recovering a
-bad firmware installation.  The appendix contains board specific information.
-For FreeWRT 1.0 these are only Broadcom based embedded systems.
+bad firmware installation.  
 
 The intended audience for this handbook are advanced users with basic knowledge
@@ -145 +144 @@
 \end{Verbatim}
 
-%\chapter{Web Interface Builder (WIB)}\label{ch:WIB}
-%
-%FIXME It is named later in the text, but not explained what it is.  Probably
-%this chapter can be joined with the chapter about ADK
-
 \chapter{Appliance Development Kit (ADK)}\label{ch:ADK}
 
 The ADK is the core of FreeWRT and contains all scripts and sources to create
-firmware images for every supported embedded system. FreeWRT 1.0 supports the
-following embedded systems:
+firmware images for every supported embedded system. FreeWRT 2.0 supports the
+following WLAN routers:
 
 \begin{itemize}
@@ -173 +167 @@
 \end{itemize}
 
-In this release we only support the Linux 2.4 kernel. The ADK contains over 600
+In this release we only support the Linux 6.12.x kernel. The ADK contains over 320
 software packages.
 
@@ -191 +185 @@
         \item Ubuntu GNU/Linux
         \item Fedora Core
-        \item OpenBSD (partial support)
-                \footnote{some addon packages does not compile}
-        \item MirOS BSD (partial support)
-                \footnote{some addon packages does not compile}
 \end{itemize}
 
@@ -204 +194 @@
 
 \begin{itemize}
-        \item gcc3 or higher
+        \item gcc
         \item g++
         \item binutils
@@ -211 +201 @@
         \item bzip2
         \item unzip
+        \item xz
         \item flex
         \item bison
@@ -216 +207 @@
         \item zlib (+headers)
         \item ncurses (+headers)
+        \item zstd (+headers)
         \item (g)libc headers
         \item perl
@@ -235 +227 @@
 
 To get the latest stable FreeWRT ADK try one of these commands:
-\begin{Verbatim}[label=Check out an 1.0.x revision of FreeWRT ADK via HTTP protocol]
-$ svn co http://www.freewrt.org/svn/tags/freewrt_1_0_x freewrt
-\end{Verbatim}
-\begin{Verbatim}[label=Check out the 1.0-stable branch of FreeWRT ADK via HTTP protocol]
-$ svn co http://www.freewrt.org/svn/branches/freewrt_1_0 freewrt
-\end{Verbatim}
-
-The value $x$ is a place holder for the latest minor release number.  Take a
-look at our project page to find out which minor release number is the latest
-one.
+\begin{Verbatim}[label=Check out FreeWRT ADK via HTTPS protocol]
+$ git clone https://git.freewrt.de/git/freewrt
+\end{Verbatim}
 
 After successfully downloading, enter the directory:
@@ -285 +270 @@
 \end{itemize}
 
-Then quit saving changes. If you forgot that, just run \command{make} again,
+Then quit saving changes. If you forgot that, just run \command{make menuconfig} again,
 redo your changes, then save.
 
@@ -308 +293 @@
 
 \begin{enumerate}
-        \item Get and prepare the Kernel and C~library headers of your target system
         \item Compile the binutils package for your target
         \item Compile a static C~compiler for your target
+        \item Get and prepare the Kernel and C~library headers of your target system
         \item Compile and install a C~library for your target
         \item Compile and install a full C/C++~compiler
@@ -325 +310 @@
 compiler directly (e.g. compiling a MIPS Little Endian application):
 \begin{Verbatim}[label=compile a simple application with the cross-compiler]
-./staging_dir_mipsel/bin/mipsel-linux-uclibc-gcc -o myapp myapp.c
+./staging_dir_mipsel/bin/mipsel-freewrt-uclibc-gcc -o myapp myapp.c
 \end{Verbatim}
 
@@ -343 +328 @@
 
 When selecting packages, \code{<*>} means it will be inserted into the firmware
-images and \code{<M>} means it will be build as an addon package which can be
-installed later at runtime.
+image and \code{<M>} means it will be build as an addon package which can be
+installed later at runtime (only if you use read-write jffs2 root filesystem).
 
 The target device and filesystem should already been chosen by you to the right
@@ -381 +366 @@
 will find a firmware image in the top level directory. Check the size of the
 binary image file to see if it is small enough to fit into flash memory of your
-embedded system. Furthermore there is a directory \file{package/}, which
+WLAN router. Furthermore there is a directory \file{package/}, which
 contains all base and add--on packages.
 
@@ -399 +384 @@
    GNU make 3.80 too old.
    Please install GNU make 3.81 or higher to continue.
-   You can override this check, see http://www.freewrt.org/faq for details.
+   You can override this check, see http://www.freewrt.de for details.
    It is suggested to upgrade your copy of bison to
    GNU Bison 2.3 because of its bug fixes.
@@ -412 +397 @@
 
 If you encounter any compilation errors, then first try to reproduce the error.
-First update your ADK tree via \command{svn update}, to be sure that the error
-is not already fixed in the subversion repository. After that do a
+First update your ADK tree via \command{git pull}, to be sure that the error
+is not already fixed in the GIT repository. After that do a
 \command{make clean \&\& make}, to reproduce your problem.
 
@@ -456 +441 @@
         \item the router has to be powered on
         \item your computer needs to be connected to one of the LAN ports
-                (using IP address \file{192.168.1.2})
+                (using IP address \file{192.168.1.2/24})
 \end{itemize}
 
@@ -483 +468 @@
 
 When everything went well, you can login using \app{ssh}. The default username
-is "\code{admin}". The default password for images created via WIB or ADK is
+is "\code{admin}". The default password for images created via ADK is
 "\code{FreeWRT}". It is possible to change this password in the ADK, before
 image creation.
@@ -522 +507 @@
 has to be done to write the firmware to flash:
 \begin{Verbatim}[label=write a previously downloaded new firmware-file into flash]
-# mtd -e linux -r write freewrt.bin linux &
+# mtd -e firmware -r write freewrt.bin firmware &
 \end{Verbatim}
 Or via wget pipe:
 \begin{Verbatim}[label=download and write a new firmware-file into flash]
-# wget -O - http://www.yourserver.com/freewrt.bin | mtd -e linux -r write - linux &
+# wget -O - http://www.yourserver.com/freewrt.bin | mtd -e firmware -r write - firmware &
 \end{Verbatim}
 The parameters explained in detail:
 \begin{description}
-        \item[\command{-e linux}] erase existing data in flash
+        \item[\command{-e firmware}] erase existing data in flash
         \item[\command{-r}] trigger rebooting right after finishing work
         \item[\command{write}] write the firmware image contained in the file
@@ -536 +521 @@
         \item[\command{freewrt.bin}] the actual image to write -- ignore the
                 suffix, it is detected at runtime
-        \item[\command{linux}] this is an abstract identifier for a certain
+        \item[\command{firmware}] this is an abstract identifier for a certain
                 partition in flash, so don't change this
         \item[\command{\&}] put the process into background, to prevent
@@ -546 +531 @@
 All supported target devices are shipped with a builtin bootloader, comparable
 to the BIOS of \term{x86} machines. This bootloader is used to bootstrap the
-system until it can boot a regular operating system. Besides the ability to
+system until it can boot an regular operating system. Besides the ability to
 load the executable code from flash, it can be received from another node in
 the local area network via the famous TFTP protocol.
@@ -559 +544 @@
 \end{itemize}
 
-Most of the hardware supported by FreeWRT 1.0 uses the second method.  Only the
+Most of the hardware supported by FreeWRT 2.0 uses the second method.  Only the
 device \term{Netgear WGT634u} is using the first method, the bootloader
 provides a DHCP/TFTP client. Though this may be a little confusing to people
@@ -610 +595 @@
 FreeWRT is managed via \app{Busybox}'s \app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip}
 command configures the network interfaces. There is no \app{ifconfig} or \app{route}, you can activate
-it in the ADK menue, if you like.
+it in the ADK menu, if you like.
 
 To show all configured network interfaces use:
@@ -653 +638 @@
 
 \subsection{Switch/VLAN}
-The switch built-in into the most routers is capable of separating each port
+The switch built-in into the most WLAN routers is capable of separating each port
 using VLAN tagging. You can configure the switch by simply adding the interface
-to the config file and giving the desired switch-ports:
+to the config file and giving the desired switch-ports (FIXME):
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
 auto eth0.0
@@ -751 +736 @@
 auto eth0.1
 iface eth0.1 inet dhcp
-    switch-ports  0 5
+    switch-ports 0 5
 \end{Verbatim}
 Typically this configures the WAN-Port to start a DHCP request on bootup.
@@ -757 +742 @@
 \subsection{WLAN}
 A router containing a WLAN interface has an additional ethernet device
-representing it. On Broad\-com-based hardware it is typically \code{eth1}
-(\term{Linksys}),\code{eth2} (\term{Asus WL500gP}) or on \term{Netgear WGT634u}
-which has a Madwifi WLAN chip, it is \code{ath0}, \code{ath1}, etc. You can use
-these interfaces standalone or bridged with other devices, e.g. the internal
+representing it. On Broad\-com-based hardware it is typically \code{wlan0}
+or on \term{Netgear WGT634u} which has a Madwifi WLAN chip, it is \code{ath0}, \code{ath1}, etc. 
+You can use these interfaces standalone or bridged with other devices, e.g. the internal
 LAN.
 
-\subsubsection{Basic Settings}
-
-Mandatory options and default parameters are in bold font.
-
-\begin{tabular}{l|l|p{10cm}}
-\strong{Option} & \strong{Parameter} & \strong{Description} \\
-\hline\hline
-\code{\strong{type}} & \code{broadcom} & Broadcom based card \\
-                     & \code{atheros}  & Madwifi driver \\
-\hline
-\code{\strong{mode}} & \code{ap}       & Access point mode \\
-                     & \code{sta}      & Client mode \\
-                     & \code{adhoc}    & Ad-Hoc mode \\
-                     & \code{wds}      & WDS point-to-point link over wireless\\
-                     & \code{monitor}  & The node acts as a passive monitor and
-                                         only receives packets \\
-\hline
-\code{\strong{ssid}} & \code{<String>} & Set the SSID (Network Name) \\
-\hline
-\code{country}       & \code{\{ALL|DE|JP|US|\ldots\}} & The country code used
-                                                        to determine the
-                                                        regulatory settings. \\
-\hline
-\end{tabular}
-
-\subsubsection{Security Settings}
-\begin{longtable}{l|l|p{10cm}}
-\strong{Option} & \strong{Parameter} & \strong{Description} \\
-\hline\hline
-\code{\strong{security}} & \code{none}    & No authorization \\
-                         & \code{wep}     & WEP key \\
-                         & \code{wpa-psk} & WPA with preshared key \\
-                         & \code{8021x}   & IEEE 802.1X authentication \\
-\hline
-\code{\strong{authorization}} &                 & \strong{wpa-psk} \\
-                              & \code{psk}      & WPA PSK \\
-                              & \code{psk2}     & WPA2 PSK \\
-                              & \code{psk psk2} & WPA PSK and WPA2 PSK \\
-                              &                 & \strong{8021x} \\
-                              & \code{wpa}      & WPA with RADIUS \\
-                              & \code{wpa2}     & WPA2 with RADIUS \\
-                              & \code{wpa wpa2} & WPA and WPA2 \\
-\hline
-\code{\strong{encryption}} &                 & \strong{wep} \\
-                           & ---             & not needed, automatically by key size \\
-                           &                 & \strong{wpa-psk} \\
-                           & \code{tkip}     & RC4 encryption \\
-                           & \code{aes}      & AES encryption \\
-                           & \code{aes+tkip} & support both \\
-                           &                 & \strong{8021x} \\
-                           & \code{wep}      & RC4 encryption (static) \\
-                           & \code{tkip}     & RC4 encryption \\
-                           & \code{aes}      & AES encryption \\
-                           & \code{aes+tkip} & support both \\
-\hline
-\code{eap-type} &                     & \strong{8021x} \\
-                & \code{\strong{tls}} & Transport Layer Security \\
-                & \code{ttls}         & Tunnelled TLS \\
-                & \code{peap}         & Protected EAP \\
-                & \code{leap}         & Cisco Wireless \\
-\hline
-\code{key} &                            & \strong{wep} \\
-           &\code{\{\strong{1}|2|3|4\}} & Select WEP key to use. \\
-\hline
-\code{key[1..4]} &                 & \strong{wep} \\
-                 & \code{<String>} & WEP key.  The key must be 5, 13 or 16
-                                     bytes long, or 10, 26, 32, or 64 hex
-                                     digits long.  The encryption algorithm is
-                                     automatically selected based on the key
-                                     size. key1 is the key for WEP client mode.
-                                     \\
-\hline
-\code{wpa-key} &          & \strong{wpa-psk} \\
-               & <String> & Password to use with WPA/WPA2 PSK (at least 8, up
-                            to 63 chars) \\
-\hline
-\code{wpa-gtk-rekey} &                              & \strong{wpa-psk},
-                                                      \strong{8021x} \\
-                     & \code{<Int>} (\strong{3600}) & Rekeying interval in
-                                                      seconds. \\
-\hline
-\code{\strong{radius-ipaddr}} &                  & \strong{8021x} \\
-                              & \code{<a.b.c.d>} & IP to connect. \\
-\hline
-\code{radius-port} &                              & \strong{8021x} \\
-                   & \code{<Int>} (\strong{1812}) & RADIUS-Port no. to connect
-                                                    \\
-\hline
-\strong{radius-key} &                 & \strong{8021x} \\
-                    & \code{<String>} & Shared Secret for connection to the
-                                        Radius server \\
-\hline
-\end{longtable}
-
-\subsubsection{MAC filter}
-\begin{tabular}{l|l|p{10cm}}
-\strong{Option} & \strong{Parameter} & \strong{Description} \\
-\hline\hline
-\code{macmode} & \code{\{0|1|2\}} & 0: Disable MAC address matching. \\
-               &                  & 1: Deny association to stations on the MAC
-                                       list. \\
-               &                  & 2: Allow association to stations on the MAC
-                                       list. \\
-\hline
-\code{maclist} & \code{<MAC1> \ldots <MACn>} & List of space separated mac
-                                               addresses to allow/deny
-                                               according to \code{macmode}.
-                                               Addresses should be entered with
-                                               colons, e.g.:
-                                               "\code{00:02:2D:08:E2:1D
-                                               00:03:3E:05:E1:1B}"\\
-\end{tabular}
-
-\subsubsection{Wireless Distribution System (WDS)}
-\begin{tabular}{l|l|p{10cm}}
-\strong{Option}       & \strong{Parameter}          & \strong{Description} \\
-\hline\hline
-\code{lazywds}        & \code{\{0|1\}}              & Accept WDS connections
-                                                      from anyone \\
-\hline
-\code{wds-bridge}     & \code{br\{X\}}              & Add WDS peers to bridge
-                                                      brX \\
-\hline
-\code{wds-security}   & \code{\{wpa-psk\}}          & secure the wds bridge
-                                                      with WPA (optional)\\
-\hline
-\code{wds-encryption} & \code{\{aes|tkip\}}         & Use AES or TKIP as
-                                                      cipher\\
-\hline
-\code{wds-wpa-key}    & \code{<String>}             & Password to use with WPA
-                                                      PSK (at least 8, up to 63
-                                                      chars) \\
-\hline
-\code{wds}            & \code{<MAC1> \ldots <MACn>} & List of WDS peer mac
-                                                      addresses
-                                                      (\code{xx:xx:xx:xx:xx:xx},
-                                                      space separated) \\
-\hline
-\end{tabular}
-
-\subsubsection{Miscellaneous}
-\begin{longtable}{l|l|p{10cm}}
-\strong{Option} & \strong{Parameter} & \strong{Description} \\
-\hline\hline
-\code{channel}  & \code{\{1--14\}}  & The wifi channel \\
-\hline
-\code{maxassoc} & \code{\{1--255\}} & Maximum number of associated clients \\
-\hline
-% TODO: add descriptions to the different gmode settings
-\code{gmode} &                      & Set the 54g Mode \\
-             & \code{\strong{Auto}} & default \\
-             & \code{LegacyB}       & \\
-             & \code{GOnly}         & \\
-             & \code{BDeferred}     & \\
-             & \code{Performance}   & \\
-             & \code{LRS}           & \\
-\hline
-\code{frameburst} & \code{\{\strong{0}|1\}} & Disable/Enable frameburst mode. \\
-\hline
-\code{txpower} & \code{\{0--255|\strong{$-1$}\}} & Set the transmit power in dBm \\
-\hline
-\code{rate} & \code{<Int> (\strong{$-1$})} & force a fixed rate \\
-            &                              & valid values for 802.11a are (6,
-                                             9, 12, 18, 24, 36, 48, 54) \\
-            &                              & valid values for 802.11b are (1,
-                                             2, 5.5, 11) \\
-            &                              & valid values for 802.11g are (1,
-                                             2, 5.5, 6, 9, 11, 12, 18, 24, 36,
-                                             48, 54) \\
-            &                              & $-1$ means automatically determine
-                                             the best rate \\
-\hline
-\code{rts}          & \code{\{0-2347\}}       & Set the RTS threshhold. \\
-\hline
-\code{frag}         & \code{\{256-2346\}}     & Set the fragmentation
-                                                threshhold. \\
-\hline
-\code{afterburner}  & \code{\{\strong{0}|1\}} & Enable Afterburner capability
-                                                \\
-\hline
-\code{isolate}      & \code{\{\strong{0}|1\}} & Hide Clients from each other \\
-\hline
-\code{bridge-if}    & \code{\{br0..brX\}}     & The bridge interface (optional)
-                                                \\
-\hline
-\end{longtable}
-
-\subsubsection{Examples for wireless configuration}
-
-\paragraph{WLAN with WPA1/WPA2 AES+TKIP}
-
-This combination works with any kind of WPA client implementation.
-
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto eth1
-iface eth1 inet static
-        address 192.168.10.1
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode ap
-        wireless-ssid FreeWRT
-        wireless-security wpa-psk
-        wireless-authorization psk psk2
-        wireless-encryption aes+tkip
-        wireless-wpa-key 12345678
-        wireless-channel 11
-\end{Verbatim}
-
-If you want to do MAC filtering, add the following to the sample above:
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-        wireless-macmode 2
-        wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b
-\end{Verbatim}
-this enables the filter and defines the list to contain addresses that should be allowed.
-
-\paragraph{WLAN without encryption}
-
-If you already use VPN to secure your connection, you can just use an unencrypted setup
-and setup the firewall on your embedded device.
-
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto eth1
-iface eth1 inet static
-        address 192.168.10.1
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode ap
-        wireless-ssid FreeWRT
-        wireless-security none
-        wireless-channel 11
-\end{Verbatim}
-
-\paragraph{WLAN client with WPA2 (AES)}
-
-This can only be used in routing mode, you can not bridge it with LAN or WAN interfaces.
-
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto eth1
-iface eth1 inet static
-        address 192.168.10.1
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode sta
-        wireless-ssid FreeWRT
-        wireless-security wpa-psk
-        wireless-authorization psk2
-        wireless-encryption aes
-        wireless-wpa-key 12345678
-\end{Verbatim}
-
-WLAN with WDS nodes, the WDS nodes need to have the same
-SSID, channel and encryption parameters. The WDS connection is separetely
-secured via WPA1 and AES. WPA2 for WDS connection security is \_not\_ working.
-
-WDS node 1 (MAC of Wireless \code{06:05:04:03:02:01})
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto br0
-iface br0 inet static
-        bridge-ifaces eth1
-        address 192.168.10.1
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode wds
-        wireless-ssid FreeWRT-WDS
-        wireless-security wpa-psk
-        wireless-authorization psk psk2
-        wireless-encryption aes+tkip
-        wireless-wpa-key apkey
-        wireless-lazywds 1
-        wireless-wds-security wpa-psk
-        wireless-wds-encryption aes
-        wireless-wds-wpa-key wdskey
-        wireless-wds 01:02:03:04:05:06
-        wireless-wds-bridge br0
-\end{Verbatim}
-WDS node 2 (MAC of Wireless \code{01:02:03:04:05:06})
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto br0
-iface br0 inet static
-        bridge-ifaces eth1
-        address 192.168.10.2
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode wds
-        wireless-ssid FreeWRT-WDS
-        wireless-security wpa-psk
-        wireless-authorization psk psk2
-        wireless-encryption aes+tkip
-        wireless-wpa-key apkey
-        wireless-lazywds 1
-        wireless-wds-security wpa-psk
-        wireless-wds-encryption aes
-        wireless-wds-wpa-key wdskey
-        wireless-wds 06:05:04:03:02:01
-        wireless-wds-bridge br0
-\end{Verbatim}
-
-\paragraph{Peer-to-Peer/AdHoc mode (no encryption, IP must be static)}
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto eth1
-iface eth1 inet static
-        address 192.168.10.1
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode adhoc
-        wireless-ssid FreeWRT
-        wireless-security none
-        wireless-channel 11
-\end{Verbatim}
-
-\subsection{Bridging}
-
-This is mostly needed to combine LAN and WLAN to a homogeneous network.
-Be sure you have installed the package \app{bridge-utils}.
-See the example for a bridging setup, WLAN is secured via WPA/WPA2.
-
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto eth0.0
-iface eth0.0 inet manual
-        switch-ports 1 2 3 4 5*
-
-auto eth1
-iface eth1 inet manual
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode ap
-        wireless-ssid FreeWRT
-        wireless-channel 11
-        wireless-security wpa-psk
-        wireless-authorization psk psk2
-        wireless-encryption aes+tkip
-        wireless-wpa-key MyWlanSecret
-        wireless-bridge-if br0
-
-auto br0
-iface br0 inet static
-        bridge-ifaces eth0.0 eth1
-        address 192.168.1.1
-        netmask 255.255.255.0
-        broadcast +
-\end{Verbatim}
-
-This creates a new bridging interface \code{br0} which combines the VLAN
-interface \code{eth0.0} (representing the LAN-ports 1--4) and the WLAN interface
-\code{eth1} (on some devices like \term{Asus WL500gP} this might be \code{eth2}).
-The bridge interface needs always be the last one, otherwise it can not find
-the interfaces in \code{bridge-ifaces}.
+For AP mode and WEP/WPA/WPA2/WPA3 you need to select, configure and run hostapd.
 
 \subsection{PPP}
@@ -1235 +861 @@
 Same semantics as above.
 
-
-\section{Traffic Control}
-
-To aid in setting up Quality of Service and Traffic Shaping, FreeWRT provides a
-configurable script via the \app{fwrtc} package. Though this package will allow
-you to choose between different implementations of Queueing Disciplines, for
-now there exists only a single implementation using HTB.
-
-\subsection{Concept}
-
-In general, \app{fwrtc} allows classifying of network traffic into three classes:
-\begin{description}
-        \item[REAL] high priority, mid bandwidth \\
-                use this for low delay applications like \app{SSH}, \app{VoIP}
-                or \app{DNS}
-        \item[BULK] mid priority, high bandwidth \\
-                this is a generic class for everything that doesn't fit above
-                or below
-        \item[P2P] low priority, low bandwidth \\
-                use this class for all unwanted traffic disturbing normal use
-                of the internet connection (\app{P2P} and other parasites)
-\end{description}
-
-\paragraph{Note} that fwrtc does not actually classify the traffic, it just
-provides the classes above and allows comfortable configuration of the
-necessary values. For classifying traffic, use \app{iptables} (see below for
-more details).
-
-\subsection{Installation}
-
-This is done just like with any other FreeWRT package, so using the ADK to
-integrate it into the firmware image right from the start or by installing it
-afterwards using \app{ipkg}.
-
-\subsection{Configuration}
-
-\app{fwrtc} basically exists of two files:
-\begin{itemize}
-        \item the script itself \file{/etc/hotplug.d/net/10-fwrtc}
-        \item a configuration file \file{/etc/fwrtc.conf}
-\end{itemize}
-It should not be necessary to touch the hotplug script, so adjusting the
-configuration values should be enough to complete the first part of the setup
-process.
-
-The second part consists of defining \app{iptables} rules for classifying
-traffic. \app{fwrtc} provides three \app{tc}-filters (one for each class),
-matching different firewall marks (see the \code{MARK} target of
-\app{iptables}).
-
-See the example below to gather some inspiration on how to actually
-implementing the rules:
-
-\begin{Verbatim}[label=sample set of iptables rules for fwrtc]
-iptables -t mangle -A POSTROUTING -o eth0 -j tc
-
-### match ip tos Minimum-Delay
-iptables -t mangle -A tc -m tos --tos 0x10 -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m tos --tos 0x10 -j RETURN
-
-## fish out tcp syn, syn-ack and ack packets (no piggyback!)
-iptables -t mangle -A tc -p tcp -m length --length 44:84 \
-        --tcp-flags SYN,FIN,RST SYN -j MARK --set-mark 0x1
-iptables -t mangle -A tc -p tcp -m length --length 44:84 \
-        --tcp-flags SYN,FIN,RST SYN -j RETURN
-iptables -t mangle -A tc -p tcp -m length --length 44:84 \
-        --tcp-flags SYN,ACK,FIN,RST ACK -j MARK --set-mark 0x1
-iptables -t mangle -A tc -p tcp -m length --length 44:84 \
-        --tcp-flags SYN,ACK,FIN,RST ACK -j RETURN
-
-### prioritize icmp packets
-iptables -t mangle -A tc -p icmp -j MARK --set-mark 0x1
-iptables -t mangle -A tc -p icmp -j RETURN
-
-### dns traffic
-iptables -t mangle -A tc -p tcp --dport 53 -j MARK --set-mark 0x1
-iptables -t mangle -A tc -p tcp --dport 53 -j RETURN
-iptables -t mangle -A tc -p udp --dport 53 -j MARK --set-mark 0x1
-iptables -t mangle -A tc -p udp --dport 53 -j RETURN
-
-### games
-iptables -t mangle -A tc -m layer7 --l7proto quake-halflife -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m layer7 --l7proto quake-halflife -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto battlefield1942 -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m layer7 --l7proto battlefield1942 -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto battlefield2 -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m layer7 --l7proto battlefield2 -j RETURN
-
-### voip
-iptables -t mangle -A tc -m layer7 --l7proto sip -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m layer7 --l7proto sip -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto rtp -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m layer7 --l7proto rtp -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto skypetoskype -j MARK --set-mark 0x1
-iptables -t mangle -A tc -m layer7 --l7proto skypetoskype -j RETURN
-
-### crappy p2p traffic
-iptables -t mangle -A tc -m layer7 --l7proto bittorrent -j MARK --set-mark 0x3
-iptables -t mangle -A tc -m layer7 --l7proto bittorrent -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto edonkey -j MARK --set-mark 0x3
-iptables -t mangle -A tc -m layer7 --l7proto edonkey -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto fasttrack -j MARK --set-mark 0x3
-iptables -t mangle -A tc -m layer7 --l7proto fasttrack -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto gnutella -j MARK --set-mark 0x3
-iptables -t mangle -A tc -m layer7 --l7proto gnutella -j RETURN
-iptables -t mangle -A tc -m layer7 --l7proto napster -j MARK --set-mark 0x3
-iptables -t mangle -A tc -m layer7 --l7proto napster -j RETURN
-\end{Verbatim}
-
 \section{FWCF - FreeWRT Configuration Filesystem}
 
@@ -1350 +867 @@
 system or to commit changes to the fwcf partition.
 
-On bootup the script \file{/sbin/mount\_root} is executed, which calls
+On bootup a script is executed, which calls
 \command{fwcf setup} to setup \file{/etc/} as memory filesystem and overlay the
 changes committed to the fwcf partition.
@@ -1357 +874 @@
 required to execute \command{fwcf commit}. This will compress all changed or
 new files in \file{/etc/} and write the result into the fwcf partition.  The
-fwcf partition is 128 Kb in size. This size is not changeable at the moment.
-
-If you need more detailed information, please read the specification of FWCF,
-which can be found at
-\url{http://www.freewrt.org/trac/wiki/Documentation/Specs/FwCf}
+fwcf partition is 256 Kb in size. This size is not changeable at the moment.
+
+If you need more detailed information, please read the specification of FWCF.
 
 If you want to remove all your changes and start your configuration from
@@ -1376 +891 @@
 
 IPKG uses a configuration file similar to \file{/etc/apt/sources.list}, which
-contains a list of software repositories available via HTTP or FTP.  The
-configuration file \file{/etc/ipkg.conf} contains the official FreeWRT 1.0
-repository for your board and kernel version.
+contains a list of software repositories available via HTTP or FTP.  
 
 To update the list of available packages execute following command as root:
@@ -1387 +900 @@
 This command requires a working internet connection, because it will fetch a
 package list from every repository declared in \file{/etc/ipkg.conf}.
+It is also only working for JFFS2 based root filesystem. For squashfs root filesystem
+embed your application and reflash.
 
 To install a new package use following command:
@@ -1394 +909 @@
 
 This will install the package \app{tcpdump} and all dependencies onto the
-flash.  Where the data is saved depends on the root filesystem you decided to
-use while installing FreeWRT. If you use jffs2 as root filesystem, then the
-package is installed on the big linux partition. If you use squashfs-overlay,
-then the package is installed on the mini-fo overlay filesystem which writes
-its data to the jffs2 data partition. If you use a squashfs-symlinks
-filesystem, then the package data is directly install into the jffs2 data
-partition, containing symlinks to the read-only squashfs partition.
+flash. 
 
 You can also remove packages, but this is only useful if you are using jffs2 as
@@ -1411 +920 @@
 \app{libpcap} is still installed after executing this command.  On jffs2 root
 filesystem you should never remove any essential packages like \app{busybox},
-\app{fwcf} or \app{uclibc}, otherwise you make the embedded system unusable.
+\app{fwcf} or \app{uclibc}, otherwise you make the WLAN router unusable.
 
 Nearly the same as for removing packages, counts for \command{ipkg upgrade}.
-Please \strong{never ever} use \command{ipkg upgrade} to update your embedded
-system.  This command is only useful to upgrade single packages on a jffs2
-rootfilesystem or data partition.
+Please \strong{never ever} use \command{ipkg upgrade} to update your WLAN
+router. This command is only useful to upgrade single packages on a jffs2
+rootfile system.
 
 \section{Startup scripts}
@@ -1471 +980 @@
 Having this policy helps you to configure your FreeWRT embedded system without
 shooting yourself in the foot. For example if you try to realize a firewall
-system and trying to set the rules in \file{/etc/firewall.user}, which is read
+system and trying to set the rules in \file{/etc/firewall.conf}, which is read
 by \file{/etc/init.d/S45firewall}, if the iptables package is installed. You
 can just reload the changed ruleset via \code{/etc/init.d/S45firewall restart}.
@@ -1542 +1051 @@
 \section{Failsafe Mode}
 
-Failsafe mode is very useful if you misconfigured your embedded system, so that
+Failsafe mode is very useful if you misconfigured your WLAN router, so that
 you can not access it anymore. E.g. if you accidentially disabled secure shell
 or misconfigured the firewall, so that you can not login any more.
 
 When in failsafe mode, the device won't interpret any networking setup files.
-It stops even before the root filesystem gets mounted read--write, and fwcf is
-set up. It will just set the LAN interface up and give it the IP address
+It stops even before fwcf is set up. It will just set the LAN interface up and give it the IP address
 \file{192.168.1.1} and netmask \file{255.255.255.0}. Then it will start a
 \app{telnet} daemon, so you get straight access (without depending on the
@@ -1566 +1074 @@
 \end{Verbatim}
 
-For some operating systems we provide ready to go binaries of failsafe.
-Take a look at \url{http://www.freewrt.org/downloads/tools/failsafe}
-
 The tool just opens a network socket and waits for a special UDP packet
-from the embedded device. FreeWRT sends the UDP packet via the first
+from the WLAN router. FreeWRT sends the UDP packet via the first
 recognized network interface (eth0).
 
 \subsection{Enabling Failsafe Mode}
 
-Connect your computer to the embedded system via direct or crossed network
+Connect your computer to the WLAN router via direct or crossed network
 cable. Use the failsafe port (in most cases one of the LAN ports), see the
 device specific page for the exact network port.
@@ -1587 +1092 @@
 \end{Verbatim}
 
-After that power on your embedded system and wait for the following message in
+After that power on your WLAN router and wait for the following message in
 your failsafe application running on your computer:
 
@@ -1595 +1100 @@
 
 As soon as this message is displayed you should push the reset button of
-your embedded system. You have 2 seconds time to push the button. If you
+your WLAN router. You have 2 seconds time to push the button. If you
 successfully enabled the failsafe mode, following message will be displayed:
 
@@ -1602 +1107 @@
 \end{Verbatim}
 
-Now you should be able to login to your embedded system via a telnet
+Now you should be able to login to your WLAN router via a telnet
 application. Just use:
 
@@ -1612 +1117 @@
 
 If you want to repair your configuration, you first need to mount the root
-filesystem read--writeable. This is best done via:
+filesystem. This is best done via:
 
 \begin{Verbatim}