Skip to content

How to best run pixelserv tls on Asuswrt Merlin

Jump to bottom Edit New page
kvic-z edited this page Sep 12, 2016 · 2 revisions

Background

Asus made a change in recent firmware (circa early 2016) that its WebUI will only listen on the router's IP address. This sets free a whole lot of possibilities in applications. Certainly good news for pixelserv-tls users on Asuswrt-Merlin. This tutorial will go through using the new freedom and run pixelserv-tls on its own IP address while WebUI continues to run on HTTP port 80.

Assumptions

The tutorial assumes your LAN is on 192.168.1.0/24 subnet. Your router is on 192.168.1.1. We'll assign 192.168.1.3 for sole use by pixelserv-tls. Adjust the IP addresses in this tutorial accordingly for your own LAN setup.

The tutorial also assumes you're using Entware-ng's distribution of pixelserv-tls.

IP address pool on your LAN

We will do static IP address assignment to pixelserv-tls. Hence, we first make sure having a small number of IP addresses for such purpose. These IP addresses must be outside the IP pool managed by your router's DHCP Server for automatic assignment to devices on your LAN. To accomplish the task, go to WebUI > LAN > DHCP Server page, and adjust "IP Pool Starting Address."

By default, AsusWRT has 192.168.1.2 for starting address and 192.168.1.254 for ending address. Let's change IP Pool Starting Address to 192.168.1.10.

After the change, we have 192.168.1.1 to .9 for static assignment where AsusWRT already assigns .1 to your router. And we'll assign .3 to pixelserv-tls.

Virtual Interface

Next we create a virtual interface with 192.168.1.3. This need to be performed on every boot (or more precisely every time the WAN interface comes up). Hence, append the following two lines to your /jffs/scripts/wan-start:

ifconfig br0:pixelserv 192.168.1.3 up
logger -t $(basename $0) "br0:pixelserv 192.168.1.3 created."

Change pixelserv-tls to listen on its own IP address

Entware-ng launches pixelserv-tls with the script, /opt/etc/init.d/S80pixelserv-tls. Let's change the IP address to 192.168.1.3 so that pixelserv-tls listens on the new address when next run.

#!/bin/sh

ENABLED=yes
PROCS=pixelserv-tls
ARGS="192.168.1.3"
PREARGS=""
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

. /opt/etc/init.d/rc.func

ARGS="192.168.1.3" is the line we changed.

Bonus to make pixelserv-tls perform better

While you're editing /opt/etc/init.d/S80pixelserv-tls, here are the bonus for better performance. Prepend export TZ=$(cat /etc/TZ) at the front. This will ensure pixelserv-tls' messages in syslog stamped in correct timezone. Next insert PRECMD="ulimit -s 64 in the middle. pixelserv-tls will run with tighter memory resource with this change.

Your file after these two changes shall look like below:

#!/bin/sh
export TZ=$(cat /etc/TZ)
ENABLED=yes
PROCS=pixelserv-tls
ARGS=""
PREARGS=""
PRECMD="ulimit -s 64"
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

. /opt/etc/init.d/rc.func

Restart your router to make the changes effective. Good luck and enjoy.

Add a custom footer
Add a custom sidebar
Clone this wiki locally