DD-WRT
Encyclopedia
DD-WRT is a Linux
-based firmware
for several wireless router
s, most notably the Linksys
WRT54G (including the WRT54GL and WRT54GS). Like other similar projects, DD-WRT is third-party firmware designed to replace the firmware that ships pre-installed on many commercial routers. This is done for a variety of reasons including the addition of features which are not typically included in a manufacturer's router firmware.
DD-WRT includes such features as support for the Kai network
, daemon
-based services, IPv6
, Wireless Distribution System
, RADIUS
, advanced quality of service
, radio output power control, overclocking
capability, and software support for a Secure Digital Card
hardware modification.
Buffalo Technology
and other companies have shipped routers pre-installed with a customized version of DD-WRT.
kernel, which started as Linksys-based firmware but was later changed to its own build framework. All of the firmware is based on Linux, as are OpenWrt and Alchemy.
DD-WRT v23 Service Pack 1 (SP1) was released on May 16, 2006. Much of the code was overhauled and rewritten during the development of this release, and many new features were added.
DD-WRT v23 Service Pack 2 (SP2) was released on September 14, 2006. The interface was overhauled, and some new features were added. Some additional router models are supported, with more planned.
DD-WRT v24 was released on May 18, 2008. It allows up to 16 virtual interfaces with different SSIDs and encryption protocols. There is support for some PowerPC
, IXP425-based router boards, Atheros WiSOC and X86 based systems. There is also limited support for routers with low flash memory (ex. WRT54Gv8 or WRT54GSv7).
DD-WRT v24 Service Pack 1 (SP1) was released on July 26, 2008. Urgent DNS security issue fixed for dnsmasq
, Site Survey security fixes, longer passwords, and flexible OpenVPN configurations. New hardware supported, including WRT300 v1.1, WRT310N, WRT600N, Tonze AP42X Pronghorn SBC, Ubiquiti LSX and Netgear, Belkin and USR devices.
DD-WRT v24 Service Pack 2 (SP2) is in development at the time of this writing (23:47, 21 August 2010 74.132.217.73).
In July 2006, the DD-WRT Shop started offering a commercial version of the router firmware built with additional, non-open source code. It includes increased functionality such as per-user bandwidth
control. Also around that time, the license text was changed to specify that some software components were not licensed under the GPL.
The person who released the proprietary version wrote a response to these allegations in his blog and stated that the source code was in fact available.
The license text was reverted back to the unmodified GPL license.
. However, all prior DD-WRT versions (before build 12533 of V24 preSP2) remain vulnerable to this exploit.
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
-based firmware
Firmware
In electronic systems and computing, firmware is a term often used to denote the fixed, usually rather small, programs and/or data structures that internally control various electronic devices...
for several wireless router
Wireless router
A Wireless router is a device that performs the functions of a router but also includes the functions of a wireless access point and a network switch. They are commonly used to allow access to the Internet or a computer network without the need for a cabled connection. It can function in a wired...
s, most notably the Linksys
Linksys
Linksys by Cisco, commonly known as Linksys, is a brand of home and small office networking products now produced by Cisco Systems, though once a separate company founded in 1995 before being acquired by Cisco in 2003...
WRT54G (including the WRT54GL and WRT54GS). Like other similar projects, DD-WRT is third-party firmware designed to replace the firmware that ships pre-installed on many commercial routers. This is done for a variety of reasons including the addition of features which are not typically included in a manufacturer's router firmware.
DD-WRT includes such features as support for the Kai network
XLink Kai
XLink Kai is a method developed by Team-XLink for online play of certain compatible console games.It enables players on the Xbox 360, Xbox, Playstation 3, PlayStation 2, PlayStation Portable and Nintendo GameCube to play games across the Internet using a network configuration that simulates a...
, daemon
Daemon (computer software)
In Unix and other multitasking computer operating systems, a daemon is a computer program that runs as a background process, rather than being under the direct control of an interactive user...
-based services, IPv6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
, Wireless Distribution System
Wireless Distribution System
A wireless distribution system is a system enabling the wireless interconnection of access points in an IEEE 802.11 network. It allows a wireless network to be expanded using multiple access points without the traditional requirement for a wired backbone to link them...
, RADIUS
RADIUS
Remote Authentication Dial In User Service is a networking protocol that provides centralized Authentication, Authorization, and Accounting management for computers to connect and use a network service...
, advanced quality of service
Quality of service
The quality of service refers to several related aspects of telephony and computer networks that allow the transport of traffic with special requirements...
, radio output power control, overclocking
Overclocking
Overclocking is the process of operating a computer component at a higher clock rate than it was designed for or was specified by the manufacturer, but some manufacturers purposely underclock their components to improve battery life. Many people just overclock or 'rightclock' their hardware to...
capability, and software support for a Secure Digital Card
Secure Digital
Secure Digital is a non-volatile memory card format developed by the SD Card Association for use in portable devices. The SD technology is used by more than 400 brands across dozens of product categories and more than 8,000 models, and is considered the de-facto industry standard.Secure Digital...
hardware modification.
Buffalo Technology
Melco
Melco Holdings Inc. is a family business founded by Makoto Maki in 1975. The name stands for Maki Engineering Laboratory COmpany...
and other companies have shipped routers pre-installed with a customized version of DD-WRT.
Code development
DD-WRT versions up to v22 were based on the Alchemy firmware from Sveasoft, which in turn is based on the original Linksys firmware. DD-WRT versions from v23 onwards, however, are almost completely rewritten. The Linux kernel part is based on the OpenWrtOpenWrt
OpenWrt is a Linux distribution primarily targeted at routing on embedded devices. It comprises a set of about 2000 software packages, installed and uninstalled via the opkg package management system. OpenWrt can be configured using the command-line interface of BusyBox ash, or the web interface...
kernel, which started as Linksys-based firmware but was later changed to its own build framework. All of the firmware is based on Linux, as are OpenWrt and Alchemy.
Releases
The major releases to date include:DD-WRT v23 Service Pack 1 (SP1) was released on May 16, 2006. Much of the code was overhauled and rewritten during the development of this release, and many new features were added.
DD-WRT v23 Service Pack 2 (SP2) was released on September 14, 2006. The interface was overhauled, and some new features were added. Some additional router models are supported, with more planned.
DD-WRT v24 was released on May 18, 2008. It allows up to 16 virtual interfaces with different SSIDs and encryption protocols. There is support for some PowerPC
PowerPC
PowerPC is a RISC architecture created by the 1991 Apple–IBM–Motorola alliance, known as AIM...
, IXP425-based router boards, Atheros WiSOC and X86 based systems. There is also limited support for routers with low flash memory (ex. WRT54Gv8 or WRT54GSv7).
DD-WRT v24 Service Pack 1 (SP1) was released on July 26, 2008. Urgent DNS security issue fixed for dnsmasq
Dnsmasq
The homepage describes dnsmasq as a lightweight, easy to configure, DNS forwarder, DHCP and TFTP server, designed to provide DNS services to a small-scale network. It can serve the names of local machines which are not in the global DNS...
, Site Survey security fixes, longer passwords, and flexible OpenVPN configurations. New hardware supported, including WRT300 v1.1, WRT310N, WRT600N, Tonze AP42X Pronghorn SBC, Ubiquiti LSX and Netgear, Belkin and USR devices.
DD-WRT v24 Service Pack 2 (SP2) is in development at the time of this writing (23:47, 21 August 2010 74.132.217.73).
Features
List of features in all versions Micro (2 MB) |
Mini | Nokaid | Standard | VOIP | VPN* | Mega** (8 MB) |
|
---|---|---|---|---|---|---|---|
Access Restrictions | |||||||
AnchorFree | |||||||
Bandwidth Monitoring | |||||||
ChilliSpot Chillispot ChilliSpot is an open source captive portal or wireless LAN access point controller. It is used for authenticating users of a wireless LAN. It supports web based login, which is today's standard for public HotSpots, WISP "smart-client" authentication, and it supports Wi-Fi Protected Access... |
|||||||
Dynamic DNS Dynamic DNS Dynamic DNS or DDNS is a term used for the updating in real time of Internet Domain Name System name servers to keep up to date the active DNS configuration of their configured hostnames, addresses and other information.... |
|||||||
HTTPS Support for Web Management | |||||||
IPv6 IPv6 Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4... *** |
|||||||
JFFS2 JFFS2 Journalling Flash File System version 2 or JFFS2 is a log-structured file system for use with flash memory devices. It is the successor to JFFS. JFFS2 has been included in the Linux kernel since the 2.4.10 release. JFFS2 is also available for a couple of bootloaders like Das U-Boot, Open... * |
|||||||
XLink Kai (kaid) XLink Kai XLink Kai is a method developed by Team-XLink for online play of certain compatible console games.It enables players on the Xbox 360, Xbox, Playstation 3, PlayStation 2, PlayStation Portable and Nintendo GameCube to play games across the Internet using a network configuration that simulates a... |
|||||||
MMC MultiMediaCard The MultiMediaCard is a flash memory memory card standard. Unveiled in 1997 by Siemens AG and SanDisk, it is based on Toshiba's NAND-based flash memory, and is therefore much smaller than earlier systems based on Intel NOR-based memory such as CompactFlash. MMC is about the size of a postage... /SD Card Secure Digital Secure Digital is a non-volatile memory card format developed by the SD Card Association for use in portable devices. The SD technology is used by more than 400 brands across dozens of product categories and more than 8,000 models, and is considered the de-facto industry standard.Secure Digital... Support |
|||||||
NoCat | |||||||
OpenVPN OpenVPN OpenVPN is a free and open source software application that implements virtual private network techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for... |
|||||||
PPTP/PPTP Client Point-to-point tunneling protocol The Point-to-Point Tunneling Protocol is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.... |
|||||||
Quality of Service Quality of service The quality of service refers to several related aspects of telephony and computer networks that allow the transport of traffic with special requirements... |
|||||||
IPv6 Router Advertisement Daemon (radvd Radvd The Router Advertisement Daemon is an open-source software product that implements link-local advertisements of IPv6 router addresses and IPv6 routing prefixes using the Neighbor Discovery Protocol as specified in RFC 2461... ) |
|||||||
Linking Routers/Repeater Wireless Repeater When two or more hosts ought to be connected with one another over the IEEE 802.11 protocol and the distance is too long for a direct connection to be established, a wireless repeater is used to bridge the gap. It can be a specialized stand alone computer networking device. Also, some WNICs... /mBSSID |
|||||||
RFlow (Traffic Information) | |||||||
Samba/CIFS client Samba (software) Samba is a free software re-implementation, originally developed by Andrew Tridgell, of the SMB/CIFS networking protocol. As of version 3, Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain... |
|||||||
Milkfish SIP Session Initiation Protocol The Session Initiation Protocol is an IETF-defined signaling protocol widely used for controlling communication sessions such as voice and video calls over Internet Protocol . The protocol can be used for creating, modifying and terminating two-party or multiparty sessions... Router |
|||||||
SNMP Simple Network Management Protocol Simple Network Management Protocol is an "Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more." It is used mostly in network management systems to monitor... |
|||||||
SPI Firewall Stateful firewall In computing, a stateful firewall is a firewall that keeps track of the state of network connections traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections... /IPtables Iptables iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores... |
|||||||
SSH Secure Shell Secure Shell is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client... d |
|||||||
Telnet TELNET Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection... d |
|||||||
Transmit (Tx Transmission (telecommunications) Transmission, in telecommunications, is the process of sending, propagating and receiving an analogue or digital information signal over a physical point-to-point or point-to-multipoint transmission medium, either wired, optical fiber or wireless... ) power adjust |
|||||||
UPnP Universal Plug and Play Universal Plug and Play is a set of networking protocols for primarily residential networks without enterprise class devices that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence... |
|||||||
Wake On LAN Wake-on-LAN Wake-on-LAN is an Ethernet computer networking standard that allows a computer to be turned on or woken up by a network message.... |
|||||||
WPA/WPA2 Personal/Enterprise Wi-Fi Protected Access Wi-Fi Protected Access and Wi-Fi Protected Access II are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks... |
|||||||
Wiviz |
* | Smaller VPN JFFS builds are available for 4MB units: downloads/others/eko |
** | Only on DD-WRT v24 (8MB+ flash required) |
*** | IPv6-related features do not work by default in DD-WRT v24. |
Note: | It is possible to build your own custom firmware package with the feature-set you want, working within the limitations of available ROM |
ROM Requirements: | • All versions require 4 MB of flash unless noted otherwise |
• Micro+ requires 2 MB of flash + 128K CFE |
Controversy
DD-WRT describes itself as third-party-developed firmware released under the terms of the GPL. However, some of DD-WRT's firmware include components that are not licensed under the GPL.In July 2006, the DD-WRT Shop started offering a commercial version of the router firmware built with additional, non-open source code. It includes increased functionality such as per-user bandwidth
Bandwidth (computing)
In computer networking and computer science, bandwidth, network bandwidth, data bandwidth, or digital bandwidth is a measure of available or consumed data communication resources expressed in bits/second or multiples of it .Note that in textbooks on wireless communications, modem data transmission,...
control. Also around that time, the license text was changed to specify that some software components were not licensed under the GPL.
The person who released the proprietary version wrote a response to these allegations in his blog and stated that the source code was in fact available.
The license text was reverted back to the unmodified GPL license.
Security issues
A Remote Command Execution vulnerability in DD-WRT's HTTPd server was found by a Bulgarian hacker on July 21, 2009 and was patched within a few hours after being documented on milw0rmMilw0rm
milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre in Mumbai, the primary nuclear research facility of India, on June 3, 1998...
. However, all prior DD-WRT versions (before build 12533 of V24 preSP2) remain vulnerable to this exploit.