Posted by: Josh | October 26, 2008

Unlocking your router’s potential with open source firmware

It’s common to just take it out of the box, hook it into your network, and never touch it again. Remember that routers are miniature computers too! If you have the right hardware and a bit of spare time, you can make these little boxes do more than just share your Internet connection.

Unlocking your router's potential - not like this.

Some common uses include:

  • increase signal strength above factory settings
  • managing your network from the Internet
  • synchronizing a dynaminc dns address
  • additional layer of firewall protection and parental control
  • turn on your computers remotely
  • using it to access a wireless network/increase its range

Interested? There are countless other uses as well.  But how are these features possible, and why aren’t they all available when you buy your router?

These features can be made possible by the hard work of several groups of developers who have written custom firmware (a sort-of operating system) for routers. Instead of using the default factory firmware used out-of-the-box, you put in place a copy of their firmware. They have spent more time than the manufacturer to provide you all these neat features. In a sense, this is to routers as “jailbreaking” is to the iPhone/iPod touch.

The most popular firmware developer groups are:

  • DD-WRT – powerful, available in micro, mini, full packages depending on available router memory
  • OpenWRT – customizable for adding/removing functionality modules
  • Tomato – basic, lightweight, simple GUI

So how do start? First of all, you will need to make sure your router is supported. Perhaps the most commonly used router is the Linksys WRT 54G , but most Broadcom-based devices will work. Follow the links above to determine if your router is compatable, and how to install the firmware.

I have DD-WRT v24 micro SP1 installed. Here’s are a couple of features I found useful:

Dynamic DNS Daemon

You can refer to my previous post about Dynamic DNS , and instead of running a software client to keep your IP synchronized, you can use your router.

This is a good time to point out that you may also permit the router to authenticate you into the admin panel from the Internet – which means you can configure your router (or trigger wake-on LAN signals) anywhere. Since Dynamic DNS maps your IP, you can use it to access the router or any configured client connected to it. It’s up to you to set up which computers will be accessible and on which ports by port forwarding.

Example:connect to an SSH server (port 22) on computer A (internal IP Forward  from port 22 (externally) to port 22 (internally) and access it from an SSH client using your dynamic DNS address on port 22.

Internet Access Restriction

You can set up a number of policies to control how and when computers connected to the router can access the Internet connection. Seen here is the most useful configuration I’ve done, called “radio silence” which blocks Internet access between 9:30 to 11 pm Mon-Thurs for all clients. It gives me a distraction-free textbook study period. There are also options to schedule the wireless radio on and off.

Real Time Bandwith Monitor

More of a novelty, these graphs update in real-time in your browser. They monitor LAN (Intranet), WAN (Internet) and WWAN (wireless Intranet) usage. There’s also a graph which will display your daily upload/download usage.

Wake-on LAN

This is a neat one – Wake-on LAN (WOL) technology. If your computer is connected by ethernet cable and the technology is enabled (turned on from within the BIOS), it can be powered on from a completely powered-down state. Combine this with a remote desktop client like VNC and you have a personal on-demand server.

The examples I gave above is just the tip of the iceberg – there are settings to configure wireless range, use another wired/wireless router’s Internet connection, or set up user-based authentication via a RADIUS server.


  1. I am looking into setting up a device to control power usage in small retail stores. The device links to a router and is accessible via a browser.

    I need to access the device from outside the stores’ LANs in addition to within their LANs.

    What is the best way to set this up?
    1. set up a computer at each store and use or ? Or can I find a router that will do with without the need for a computer?

  2. @parker: dd-wrt, among other firmwares, can run a dynamic IP client for such a service like You could follow the instructions here to set that up, and port forward to that device’s LAN IP/listening port.

    As an alternative to a dedicated device, you could try power management by:
    1. auto power on the computer via its BIOS settings
    2. auto power off the device as a scheduled task/cron job
    3. use dd-wrt’s wake-on LAN (WOL) function to force a device to power on

  3. Josh,

    Thanks for the reply. I apologize for my late response. Do you know of anyone in or near Boston with networking experience that that may be interested in working with me?

    I am probably not describing the task well, since I am not technical at all.

    I need someone who can talk customers through connecting a dumb device to their LAN and opening a port to provide external access to the LAN.

  4. You really make it appear really easy with your presentation but I to
    find this topic to be actually something which I think I would never understand.
    It sort of feels too complex and extremely extensive for me.
    I’m having a look ahead to your next post, I will attempt to get the hold of it!

  5. It is the best time to make some plans for the future and it is time to be happy.
    I’ve read this post and if I could I wish to suggest you some interesting things or advice. Perhaps you could write next articles referring to this article. I desire to read more things about it!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: