This wiki documents my experimentation with the Yoggie Open Firewall SOHO, a small firewall device:
General info
- QuickStart Guide
- User Guide
- Forum
- SDK, instructions
- Linux kernel
- drivers
- Debug board spec
- TXLAB: Stanislav Sinyagin's Blog
Accessing the Yoggie over Ethernet
You do not need to install any USB drivers on your PC to access the Yoggie and start hacking:
Use a standard LAN cable to connect your PC to Yoggie's RJ-45 ethernet port (the one marked with "PC").
Configure your PC to use DHCP or give it an IP address in the 192.168.4.0/24 range.
Use SSH to get a console session on the Yoggie (IP: 192.168.4.1, user: root, password: yoggie).
$ ssh root@192.168.4.1
root@192.168.4.1's password: yoggie
Welcome to YPSG!
#
The web GUI is available at https://192.168.4.1:8443 but Yoggie's firewall only seems to allow UDP packets for this port. Entering the following on Yoggie's comand line adds a rule to allow TCP as well:
# iptables -I INPUT 3 -s 192.168.4.0/24 -d 192.168.4.1 -p tcp --dport 8443 -j ACCEPT
Then point your PC's web browser at https://192.168.4.1:8443 and login as "admin" with password "yoggie".
LEDs
Turning the SD card LED on and off:
# echo 0=1 > /proc/driver/leds # On
# echo 0=0 > /proc/driver/leds # Off
Turning the "!" LED on and off:
# echo 1=1 > /proc/driver/leds # On
# echo 1=0 > /proc/driver/leds # Off
Collecting support information
There is a special shell script that will collect lots of information about your device and store it as an encrypted tar.gz archive. If you need support from Yoggie, this might be helpful to them.
# /usr/local/bin/yoggie/collect_support_info.sh
This will create an archive /var/www/supportinfo.dat
The contents of this archive are available in the directory /tmp/supportinfo
Here is how to decrypt the .dat file and view the contents:
# cp /var/www/supportinfo.dat /tmp/
# ccrypt -d -K yskey /tmp/supportinfo.dat
# more /tmp/supportinfo.dat
IRC channel
Channel #yoggie on Freenode.
You can use http://mibbit.com/chat to join without having to install an IRC client.
Emulator
JTAG
The following is untested:
Overview
Adapter
- Yoggie Debug board spec
- Olimex: ARM-JTAG, ARM-USB-tiny, ARM-USB-OCD
- Amontec: JTAGkey-tiny
- embdedded-projects Shop
- OpenOCD list
- SEGGER: J-Link ARM
- Hubert Hoegl's JTAG interface
Software:
- OpenOCD: homepage, Thesis (PDF), forum, tutorial
- YAGARTO
- sdk4arm
- H-JTAG
- CrossWorks for ARM
Compiling and installing a new Linux kernel
I have just recompiled the Linux kernel 2.6.16.16 and installed it on my SOHO.
Here's what I did (everything without guarantee - errors could brick your device):
ubuntu# ./make_kernel_openfw.sh menuconfig # (no changes made)
ubuntu# ./make_kernel_openfw.sh
Install the kernel modules to the chroot environment and copy them to the Yoggie:
ubuntu# ./make_kernel_openfw.sh modules_install
ubuntu# cd /lib/modules
ubuntu# tar cfz newmodules.tar.gz 2.6.16.16
ubuntu# scp newmodules.tar.gz root@192.168.4.1:/lib/modules
Copy the new kernel and the tools to the Yoggie:
ubuntu# scp vmlinux_soho.img root@192.168.4.1:/tmp
ubuntu# scp YOGGIE_TOOLS/* root@192.168.4.1:/tmp
On the Yoggie, backup the old modules and extract the new ones:
yoggie# cd /lib/modules
yoggie# mv 2.6.16.16 2.6.16.16-old
yoggie# tar xfz newmodules.tar.gz
Now flash the new kernel:
yoggie# cd /tmp
yoggie# ./burn_kernel.sh vmlinux_soho.img
<wait>
yoggie# reboot
The SOHO rebooted successfully and I could still SSH to it.
In a second try I added ethernet bridging support (as a module). After cross-compiling and installing bridge-utils, "brctl addbr", "brctl addif" and "brctl show" now work as well. I'll do further testing tomorrow.
Kudos to the Yoggie team for sharing the kernel source.
