Need to Move Your Router’s Existing DHCP IP Reservations to A New Router ? Try Uproot – a Static Lease Conversion Utility

I just released a new open source project on github called Uproot.

What is Uproot ?

Uproot (command uprt) is a multi-platform (Windows, Linux, MAC) command line utility that converts your router’s static lease mappings from one format to another. It currently supports the following formats:

  • DD-WRT
  • Mikrotik RouterOS
  • OPNSense
  • OpenWrt
  • pfSense
  • json
  • csv

I decided to build Uproot after purchasing a Mikrotik router and faced the daunting task of transferring many static leases over to the new router from my old DD-Wrt router.

Download Uprt

Download

All feedback is welcome.

Usage

I spent a lot of time documenting usage. Because the information for exporting and importing static leases for all the various formats was hard to come by, I also wrote up detailed walk-throughs with screenshots and videos of exporting and importing all the router formats. Now this information is all in one place.

The actual usage of Uproot for a straight conversion is very simple:

For a full list of options, simply type

Demo Converting Static Lease in CSV Format into 6 formats Using Uprt

Using pfSense on VirtualBox for Windows using only One Virtual Machine

Network Router by thomas jensen on unsplash

pfSense on VirtualBox

I’ve been experimenting with pfSense (firewall software you can use for DIY routers). Following this guide by Get Labs Done, I was able to install pfSense in a Virtualbox virtual machine in Windows 10 (with hypervisor disabled). If you do this, keep in mind this should be done purely for development/testing purposes and not to use as your network’s gateway.

Setting up Two Networks on VirtualBox

Essentially, you install pfSense as a virtual machine with two network cards, the first being a bridge to your physical network, and the second being internal.

When booted pfSense will detect both cards, the “WAN” side (side facing the internet) will be your actual physical network (i.e., behind my home physical router, so something like 192.168.X.X), while the “Lan Side” will be a Vlan (in the example 10.1.1.1/24) where you can connect clients. You then install a second virtual machine and set that up as having a gateway as being the pfSense virtual router 10.1.1.1 on that network. You run both virtual machines simultaneously which can be a load on your host PC.

SSH and Browser Access to pfSense From Windows Host

What stumped me was how to SSH into the box from my Windows host machine or even to access from the host the pfSense web interface. The Get Labs Done tutorial has you accessing pfSense VM through the browser on the second VM using the 10.1.1.1 network.

After opening up the SSH port through the command line on the pfSense box using “ufw allow 22”, ssh was still blocked. I then realized pfSense itself must be blocking it.

Disable the pfSense Private Network Block

The secret to enabling SSH from your host to pfSense is to disable pfSense’s blocked private network firewall rule (I’m sure there are security reasons for this rule, but as mentioned above, do this only on a development setup not if you are actually using the pfSense install for a network gateway):

  1. After setting up pfSense using this guide, log into pfSense using the browser in the second VM you setup using the guide which is on the Lan 10.1.1.1 sdie of the network:

  2. Select Interfaces->Wan

  3. Scroll down to “Reserved Networks” and uncheck “Block Private Networks and Loopback Addresses”. Save.

  4. That’s it. You should now be able to ssh into the WAN Side (i.e., 192.168.X.X) at the ip address shown in the pfSense menu:

  5. In addition, on your Windows host, you can go to the same address using your browser (https://192.168.0.19 in my case) and logging into pfsense.
  6. After setting this up, I was able to make my first pfSense VM instance headless, and shutdown my second VM instance to lighten the load on my PC, while still having full access to pfSense using my browser and ssh.

Simplest Wireguard Setup Ever

Wireguard - wired network pic by jordan-harrison-40XgDxBfYXM-unsplash-

Wireguard - wired network pic by jordan-harrison-40XgDxBfYXM-unsplash-

Wireguard

Wireguard is the newest way to setup a VPN for your home servers. What will this do for you ? It allows you to access your Raspberry Pi or other local servers located at home behind your router (or even your router itself) from outside your network by simply using a Wireguard client (either on a mobile phone or using a computer). You then access your local servers with the same ip addresses you do at home. For example, if my router is 192.168.1.1., I can be half way around the world and type in “192.168.1.1” and get my router control panel.

A recent podcast of Linux Unplugged “Back to the Freedom Dimension” had some really useful information on Wireguard and some interesting use cases. Paraphrasing one of the hosts, Wireguard is like having a very long ethernet cable into your home router.

The simplest method I have found to install Wireguard on Raspberry Pi is to use Docker following this post from The Digital Life.

Here is the somewhat modified docker compose file I use:

Wireguard Docker Compose file

Now it’s just a matter of typing “docker-compose up -d” and you have a running wireguard instance. Set up the clients as described in The Digital Life post.