grahl/ch

Blocking distractions, when necessary Part 2

In the first part we created a list of things we want to block on occasion. The point of this part is to make it easy to switch from full access to limited access. Enter, OpenWrt.

OpenWrt

A large chunk of wireless routers on the market today can not only run their stock firmware but also OpenWrt. It’s useful for creating wireless mesh networks and all sorts of things but the most common task is just a free-as-in-speech router. There are countless tutorials online for installing it and resources for which devices are supported, so I’m not covering that here. Apart from being able to SSH into your router, OpenWrt now exposes many things such as buttons and LEDs, which you can use in your scripts. These examples have been tested with Kamikaze 8.09.1. In older releases, several things were elsewhere, such as /proc/diag.

Tinyproxy

router with filter

Due to the size limitations on many models and feature limitations on certain solutions I ended up using Tinyproxy. Definitely also install the luci package for Tinyproxy, it makes setup a lot quicker. Due to several smaller bugs in the current releases it’s probably still necessary to move the Busybox web interface from 80 to 8080.

At this point, you should let Tinyproxy listen on your router’s IP on port 80. Also allow access from your subnet and 127.0.0.1. Most often this will be 192.168.1.0/24. Finally upload your filter list and turn your proxy on. Due to the way the current OpenWrt releases works this will not yet router your traffic through the filter. Also, if Tinyproxy doesn’t seem to start properly, make sure the logging directories are also present.

Putting it together

All that’s missing is a script, to run once a button is pushed, let an LED blink as long until it is pushed again and toggle routing the traffic through the proxy. My script is largely based on a howto from the OpenWrt wiki (as is much in this second part). It uses the SES LED and works with a Buffalo router running a 2.4. kernel due to the wireless drivers (otherwise iptables redirect could be used). Placing it into /etc/hotplug.d/button/, for example as 01-nettoggle, should make it work. Though you’ll probably have to adjust LEDs, buttons, and maybe also the router IP. Now have fun with tricking that dumb part of your brain into getting things done, to paraphrase Merlin Mann.