Meraki - Builtin OpenWRT


Introduction

The Meraki runs on a version of OpenWRT, and is supposed to come with a great deal of software installed including a ruby interpreter. You will have to determine whether Meraki's version of OpenWRT is sufficient for your needs.

Accessing The Meraki

The simplest way to work with the Meraki is to plug it directly into an ethernet port on your computer. You will need to have DHCP running to access the Meraki. If you want to make sure the Meraki is working, open up a browser and enter the IP address your DHCP server assigned it. The default Meraki network setup page should appear.

ssh is the usual method of accessing the Meraki. To ssh to the Meraki, type at a shell prompt ssh meraki@123.456.789.012 (IP address assigned by the DHCP server). The password is the serial number (including the dashes) printed on the back of the Meraki. Once you login as meraki, you can temporarily change the password of the root account. Yes, I said temporary and root. The passwd command without an arg will change the password to root, and it is temporary since /etc/passwd is not a part of permanent storage (/storage). If you wish to temporarily change the password for the account meraki, enter passwd meraki at the shell prompt. A way to work around this problem is addressed below.

Issuing a reboot will reboot the Meraki, reset all the passwords and start the process all over again.

A personal FYI, I had some problems accessing the Meraki using my Windows-based PC. It may be something as simple as choosing the correct authentication method in ssh.


About The Meraki

Basic Configuration Information

/storage is the only non-volatile area and isn't that large.
        Filesystem                Size      Used Available Use% Mounted on
        /dev/mtdblock2            1.0M    204.0k    820.0k  20% /storage
        none                     14.4M    228.0k     14.2M   2% /tmp

Just as in any other version of Linux, the /etc/init.d/ directory contains the startup scripts. S10dropbear starts the ssh server and S50httpd starts a light-weight http server.
        # ls -l /etc/init.d/
        -rwxr-xr-x    1 root     root         3529 Jan  1 00:00 S10boot
        -rwxr-xr-x    1 root     root          429 Jan  1 00:00 S50dropbear
        -rwxr-xr-x    1 root     root          283 Jan  1 00:00 S50httpd
        -rwxr-xr-x    1 root     root          634 Jan  1 00:00 S80meraki
        -rwxr-xr-x    1 root     root          105 Jan  1 00:00 S99done
        -rwxr-xr-x    1 root     root           85 Jan  1 00:00 rcS

In the S10boot script, there is a portion of the script that looks inside of /storage for a script called early-init.sh and a directory called early-startup. This is one location where we can place our startup scripts.
        if [ -x /storage/early-init.sh ]; then
            . /storage/early-init.sh
        fi

        if [ -d /storage/early-startup ]; then
            for i in /storage/early-startup/*; do
                [ -x $i ] && $i
            done
        fi

In the S80meraki script, there is a portion of the script that gives us one last chance to run some initialization scripts. It will look inside of /storage once more looking for a script called late-init.sh and a directory called late-startup. This is where I placed the script that overwrites the default /etc/passwd file with our updated passwords.
        if [ -f /storage/late-init.sh ]; then
            . /storage/late-init.sh
        fi

        if [ -d /storage/late-startup ]; then
            for i in /storage/late-startup/*; do
                [ -x $i ] && $i
            done
        fi

Available Commands

The Meraki uses busybox which has many of the basic UNIX commands. A complete list of busybox commands and their website can be found here. The Meraki also comes with the click package installed.


Commands on The Meraki

A list of the various commands available in /bin on the Meraki is listed below:
        ash      dd       grep     mkdir    nice     rmdir    true
        cat      df       gunzip   mktemp   pidof    sed      umount
        chgrp    dmesg    gzip     more     ping     sh       uname
        chmod    echo     ipcalc   mount    ping6    sleep    usleep
        chown    egrep    kill     mv       ps       sync     vi 
        cp       false    ln       netmsg   pwd      tar      zcat
        date     fgrep    ls       netstat  rm       touch

Available in /usr/bin. The commands in bold are not a symlink to busybox.
        [                    find                 mtunnel_client       tee
        [[                   free                 nc                   telnet
        arping               freeze               nslookup             test
        awk                  get_board_config.rb  passwd               test_merakilib
        basename             harvest              printf               test_tcp_client
        brain                harvestd             reset                test_tcp_server
        bunzip2              head                 ruby                 time
        bzcat                hexdump              runmax               top
        check_bootreason     hostid               save_random_seed     tproxy
        checkpart            id                   scp                  tr
        clear                ipkg                 seq                  traceroute
        config_updater       killall              serial_number.sh     uniq
        crc                  killall5             set_boot_time        uptime
        crontab              led_blink            shalsum              wc
        cut                  led_off              sort                 wget
        dbclient             led_on               spawn-fcgi           which
        dirname              length               ssh                  xargs
        dropearkey           logger               start_mtunnel        yes
        du                   md5sum               strings
        env                  meraki_watchdog      sync_log
        expr                 mesg                 sync_log_d
        fastcgi              mkfifo               tail

Available in /sbin. The commands in bold are not a symlink to busybox.
        halt        ifup        logread     reboot      syslogd
        hotplug     init        lsmod       rmmod       udhcpc
        ifconfig    insmod      mtd         route       vconfig
        ifdown      klogd       pivot_root  sysctl      watchdog

Available in /usr/sbin. The commands in bold are not a symlink to busybox.
        80211associate  brctl           ip              iwspy
        80211debug      chroot          iptables        lighttpd
        athchans        crond           iwconfig        madwifi_multi
        athctrl         dnsmasq         iwgetid         rdate
        athdebug        dropbear        iwlist          wlanconfig
        athkey          hostapd         iwpriv

  This material is based upon work supported by the National Science Foundation under grants #0435454 and #0454432, and the NSF Graduate Research Fellowship Program. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.