From Wikibooks, the open-content textbooks collection

Current revision (unreviewed)

A Wikibookian suggests that this page be broken into several subpages
Smaller pages are easier to read and edit. See best practices for more information.
You can ask for help in the projects reading room.

Wikipedia has related information at
Tomato (firmware)

Wikimedia Commons has media related to:

Tomato (firmware)

Contents

[edit] Introduction

Tomato is a partially free open source Linux-based firmware for several Broadcom-based Wi-Fi routers, including the Linksys WRT54G. The major emphasis of Tomato is on stability, speed and efficiency. It is maintained by Jonathan Zarate^[1], who also developed HyperWRT +tofu. Tomato is notable for its web-based user interface that includes several types of bandwidth usage charts, advanced QoS access restriction features, raised connection limits which enables P2P networking, and support for 125 High Speed Mode (marketed by Linksys as "SpeedBooster").

This wikibook serves as the documentation for the Tomato firmware and its variations, documenting features, installation, configuration and use of the firmware.

[edit] Features

The following features implemented in the Tomato base firmware over typical OEM firmware and open alternatives such as DD-WRT and OpenWRT:

Dynamic interactive GUI using Ajax (a technique for creating interactive web pages that update without reloading), SVG (scalable vector graphics that provide quality graphics within a browser) and CSS-based color schemes (allowing you to change the look and feel of the router configuration screens).
CLI (using BusyBox) with access via TELNET or SSH (using Dropbear)
DHCP server (using Dnsmasq) with dynamic and static DHCP leases
DNS forwarder (using Dnsmasq) with local hostnames, local domain names, and caching of internet addresses
Netfilter/iptables with customizable settings, IPP2P and l7-filter
Wake-on-LAN
Advanced QoS: 10 unique QoS classes defined, real-time pie graph display of prioritized traffic with drilldown into class details
Bandwidth graphing/statistics: real-time, last 5 hours, daily, monthly
Wireless modes: access point (AP), wireless client station (STA), wireless ethernet (WET) bridge, wireless distribution system (WDS aka wireless bridging), simultaneous AP and WDS (aka wireless repeating)
Dynamic DNS service with ezUpdate and services extended for more providers
Syslog viewable through the GUI (also downloadable)
SES button control
JFFS2
CIFS client
Adjustment of transmit power of wireless LAN, antenna selection, and 14 wireless channels
'Boot wait' protection (increase the time slot for uploading firmware via the boot loader)
Advanced port forwarding, redirection, and triggering with UPnP page to view and delete UPnP forwarded port mappings
Advanced access restrictions
Init, Shutdown, Firewall, and WAN Up scripts
Uptime, load average, and free memory status
Reboot ability, although almost no configuration changes require a reboot
Wireless survey page to view other networks in your neighborhood
Known bugs in Broadcom-based Linksys firmware fixed

[edit] Distributions

The Tomato firmware distribution is maintained, primarily by Jonathan Zarate at Polar Cloud^[1] as a derivation of LinkSys's open-source code. Tomato is built in two flavors, a standard version that should run on all routers and the "New Driver" (ND) version for newer routers.

Loading an ND version on an unsupported router could brick the router.

As such, others have further derived new distributions (named by the authors' usernames in the http://www.linksysinfo.org/forums^[2].

[edit] Feature comparison

Mod Name	Base Tomato Version	Min Flash MB	Max Connections	SpeedMod	SFTP	VPN Client	VPN Server	SNMP	SD Card Support	USB Support	VLANs
Tomato	1.25	4MB	4096	No	No	No	No	No	No	No	No
Tomato ND	1.25	4MB	4096	No	No	No	No	No	No	No	No
hardc0re	1.25	4MB	4000+	Yes	No	No	No	No	No	No	No
jyavenard	1.23		?			PPTP		Yes			No
Neorouter	1.25^***		?			proprietary	proprietary				Yes
roadkill	1.21		?		Yes	OpenVPN	OpenVPN		SD, MMC		No
SgtPepperKSU	1.25^***		?			OpenVPN	OpenVPN				No
slodki	1.25^*	4MB	4096	No	No	OpenVPN	OpenVPN	No	SDHC, MMC	No	No
Teddy Bear	1.25^**	4MB/8MB	?	Yes	Yes	No	No	No	SDHC, MMC	Print, NAS	No
Thor	1.25^**	8MB	8192	Yes	FTP only	OpenVPN	OpenVPN	Yes	SDHC, MMC	NAS	No
Trzepako	1.21	4MB	?	Yes		No	No	No	No		No
Victek	1.25^***	4MB	8192	Yes	No	No	No	No	No		No

^*	Tomato standard only
^**	Tomato ND (New Driver) only
^***	Tomato standard and ND

[edit] hardc0re Mod

Latest version: 10 jul 2009^[3] (as of 08/2009)

Based on Tomato 1.25
aims to improve the router's performance under high load (many connections, more than 4000 or so).
Tuned route cache and conntrack hash sizes.
Tuned route cache parameters.
Updated conntrack and netfilter components to later versions.
Modified hash function to a newer one.

[edit] jyavenard Mod

Latest version: 14 dec 2008^[4] (as of 08/2009)

Based on Tomato 1.23
has been modified to include a PPTP client (PPTP server included but not active, can be compiled)
and an SNMP server.

[edit] Neorouter Mod

Latest version: 0.9.8, 12 oct 2009[1] (as of 10/2009)

Based on Tomato 1.25
Cross-platform zero-config VPN solution that connects computers into a virtual LAN.

[edit] roadkill Mod

Latest version: 16 oct 2008^[5] (as of 08/2009)

TomatoMod 1.21 *TEST VERSION 5* - This is a new test version it is only half baked for those who want to try.

LZO 2.03
OpenVPN v2.1rc13 + Management
VPN GUI Interface
SD/MMC GUI Interface with switchable gpio
SFTP-Server
QoS Limit
App Limit
Arp Binding
IPID Adjust

[edit] slodki Mod

Latest version: 02 Nov 2009^[6] (as of 11/2009)

Tomato firmware ver. 1.25
Optimized SDHC/MMC driver ver. 2.0.1 - this adds up to 32GB build-in storage on flash memory
Higher transfers then previous mmc driver ver. 1.3.5 - +40% writing, +10% reading
GPIO pins parametres selectable via GUI
Detailed card ID data avaiable via GUI
Support for mounting ext2, ext3 and vfat partitions
OpenVPN

[edit] SgtPepperKSU Mod

Latest version: 01 jun 2009^[7] (as of 08/2009)

Based on Tomato 1.25 (ND also available)
OpenVPN 2.1rc16 is compiled in and fully integrated as a system service.
LZO 2.0.3 is compiled in for VPN compression option
Two separately configurable instances of each clients and servers can be configured in the GUI
TLS (optionally with static key HMAC authentication) and static-key encryption is supported
Custom configuration field is added to the end of the dynamically generated config file
UDP and TCP protocols supported
TAP and TUN style tunnels supported
Site-to-site tunnels without any custom configuration
Status tabs displaying connected clients, VPN routes, and/or statistics.
Sets up and tears down (including module insertion/removal) interfaces as appropriate to save memory
Automatically adds and removes firewall rules as needed.
Option to automatically start server/client with router
Option to redirect Internet traffic over tunnel
Options to accept/push DNS options.
Encryption cipher settings are available.
Client address allocation is handled via GUI.
Added capability to use hostnames in the access restrictions page (unrelated to VPN, but I wanted it)
and more...

[edit] Teddy Bear Mod

Latest version: 18 aug 2009^[8] (as of 08/2009)

Currently based off of the 1.25 build of Tomato, this is the list of changes made to official Tomato ND (New Driver):

Support for USB 1.1 (OHCI and UHCI) and USB 2.0, configurable via Tomato GUI.
USB storage (Ext2/Ext3 and FAT/FAT32 filesystems) and USB printing support.
Auto-mounting for USB drives (added in v05). When this feature is activated in the GUI, and USB drive is plugged in, all mountable partitions will be automatically mounted to a directory under /mnt. If you want to override default mount point, mount your partition manually in the satrtup, wanup, or hotplug script, i.e.: mount -o noatime,nodev /dev/discs/disc0/part1 /opt, or by using /etc/fstab file and "mount -a" command. If you mount the partition manually, it will not be re-mounted to a default mount point. If after mounting the drive you want to execute some additional scripts - to run the programs etc - it's a good idea to add several seconds sleep before doing so.
Support for /ets/fstab, and mounting by label and UUID.
Network File Sharing using built-in Samba server 2.0.10. Please check this post if you're experiencing problems copying files to Samba shares, and this post if you have issues with authenticated access to Samba shares.
Printer server (p910nd) is included and started automatically if you enable printing support. Bidirectional copying can be disabled via GUI if it causes problems with your printer. Only one instance of printer server is started automatically, and listens on port 9100. If you need to support more than 1 printer, add commands to run additional instances of p910nd to your startup script. Follow these directions to set up your printer in Windows.
USB Hotplug script - it can be useful for configuring USB devices after connecting them to the router or on boot-up, for example loading firmware into HP1018 or similar printer (there're some posts on page 11 of this thread with more details about HP1018 printer).
Fixed slow running clock problem on Asus WL-520GU. After flashing this firmware you have to reboot the router at least once for clock to get fixed (this fix is included into official Tomato releases starting from Tomato 1.24).
Fixed WLAN LED on Asus WL-520GU, SES button and WLAN led on Asus WL500gP v1 and Buffalo WBR2-G54 (these fixes are included into official Tomato releases starting from Tomato 1.24).
Built-in FTP server daemon (vsftpd) with GUI.
L7 filter patterns are updated to the latest official version (2009-05-28), removed experimental rtp-2 pattern.
Added CGI scripts support to HTTP daemon - you can place your CGI scripts into "/www/ext/cgi-bin" folder, and they will be executed when you access them via http://<router_ip>/ext/cgi-bin/my_script_name.
Included SpeedMod by Rodney H.
Added new "NAT Target" setting to "Advanced -> Firewall" (SNAT or MASQUERADE).
Upgraded Broadcom Wireless driver to version 4.158.4.0.
UPnP daemon is replaced with MiniUPnPd with NAT-PMP support (MiniUPnPd is included into official Tomato releases starting from Tomato 1.24. This mod however adds additional GUI settings for UPnP). UPnP is disabled by default, NAT-PMP is enabled by default.
Added new "Regulatory Mode" setting (off|g|h) and "Country/Region" setting to "Advanced -> Wireless".
Added wireless auto channel selection.
Changed to use passive mode for wireless scan (generally should pick up more APs).
Replaced JFFS2 filesystem driver by JFFS ver 1.3 from ray123 to provide more available JFFS space.
Replaced ramfs by tmpfs.
Updated busybox and dnsmasq.

The mod (starting from build 20) comes in 4 different flavours:

Standard: all standard features described above; ~180KB JFFS space (3 blocks) available on 4MB flash routers;
Extras: all features of Standard plus Linux Ext2/Ext3 and FAT32 filesystem utilities (fdisk, e2fsck, mke2fs, mkswap, mkdosfs), built-in loop device support, additional color schemes. ~60KB JFFS space (1 block) available on 4MB flash. This version is for people who don't really need JFFS space, or have 8MB flash routers, and would like to be able to partition/format drives in Linux native Ext2/Ext3 format or in FAT32 format directly on the router without installing any additional tools.
Lite: all features of Standard but no Samba; some very minor features are stripped out of Busybox, about 540KB JFFS space (9 blocks) available on 4MB flash routers;
No CIFS: all features of Standard but no CIFS Network filesystem support, about 300KB JFFS space (5 blocks) available on 4MB flash routers;

[edit] Thor Mod

Latest version; 27 jul 2009^[9] (as of 08/2009)

Tomato_RAF_1.25.8515 ND USB .8 v3

Based on Tomato 1.25
ND only
recent versions need more than 4 MB
includes USB / NAS / FTP / VPN / SNMP
includes all the updates and changes up till now (15/07/2009)
Based on Victek's sources so it has all his features
Wrt54 Skin based on absolon
tomato-FS-patches 27062009
net-snmp 5.0.9 & Interface
OpenVPN 2.1rc13 & Inteface(Keith Moyer's implementation)
Optware options under USB
NTFS support with RW

[edit] Trzepako Mod

Latest version: 03 aug 2008^[10] (as of 08/2009)

Based off the Tomato 1.21 build, this modification adds:

conanxu mod 1.5 (IP/MAC Bandwidth, pps, connection limiter, SPEEDMOD and so on...)
ipt_ROUTE & ipt_random

[edit] Victek Mod. Tomato RAF

Latest version^[11]: updated with each last Official Tomato release.

This modification has two branches; Standard Version (A) & ND (New Driver) Version (B).

(A) Common in both versions (and not included in Official Tomato version):

BusyBox 1.14.2
ip_conntrack version 2.1 (16384 buckets, 8192 connection max)
DNSMasq 2.49
Dropbear 0.51 extended RWIN cli command
Extended static DHCP / MAC restriction (up to 140 clients)
IP/MAC Bandwidth Limiter (up to 140 clients)
ARP Binding (up to 140 clients)
Extended miniupnpd
Extended themes (18 themes)
CPU Freq. Display & Overclock (125-300MHz)
Previous WAN IP
ISP Concentrator ID
Two additional button script windows
System command window built into GUI (Tools-System)
ARP command included
Extended command in BusyBox; chown, hostname ..

(B) Additionally in ND version:

Wireless & Ethernet driver 4.158.4.0
Added new "Regulatory Mode" setting (off|d|h) and "Country/Region" setting to "Advanced -> Wireless" in ND version
Added wireless auto channel selection.
Wireless Scan 'passive mode' (shows more AP's if they exist in the neighborhood).

[edit] Supported devices and revisions

Linksys WRT54G (v1-v4 only), WRT54GS (v1-v4 only), WRT54GL (v1 & v1.1), WRTSL54GS (no USB support)
Buffalo WHR-G54S, WHR-HP-G54, WZR-G54, WZR-HP-G54, WZR-RS-G54, WZR-RS-G54HP, WBR-G54, WBR2-G54, WVR-G54-NF, WHR2-A54-G54, WHR3-AG54 (WHR-G125 Supported in the ND version of Tomato)
ASUS WL-500g Premium (no USB support), WL-500g Premium v2 (use the ND version), WL500GE, WL520GU (1.22 and above, see FAQ, no USB support)
Microsoft MN-700 can work with v1.14 perfectly except the "Buttons and LED" function are not supported.
SparkLAN WX6615GT
Fuji RT390W
Dell TrueMobile 2300

[edit] Linksys

Wikipedia has related information at
Linksys WRT54G series

[edit] Linksys WRT54G

Version	CPU speed	RAM	Flash memory	S/N Prefix	Notes
1.0	125 MHz	16 MB	4 MB	CDF0 CDF1	20 front panel LEDs (including link/activity, collision detection and speed rating indicators for each RJ-45 port). Wireless capability was provided by a Mini PCI card attached to the router motherboard
1.1	125 MHz	16 MB	4 MB	CDF2 CDF3	Front panel LEDs reduced to eight (one link/activity LED per port, plus one each for power, wireless, DMZ and WAN/Internet connectivity). Wireless chipset is integrated onto motherboard.
2.0	200 MHz	16 MB	4 MB	CDF5	Same as 1.1 with a CPU upgrade and greater wireless transmitter integration (fewer transmitter parts). Some of these have 32 MB of RAM but are locked to 16 MB in the firmware
2.1	216 MHz	16 MB	4 MB	CDF6	Same physical appearance as 1.1 and 2.0 models. Some of these models have 32 MB of RAM installed but have been locked to 16 MB by the manufacturer. Some models have two 16 MB MIRA P2V28S40BTP memory chips.
2.2	216 MHz	16 MB	4 MB	CDF7	Same physical appearance as 1.1 and 2.0 models. Switching chipset from ADMtek 6996L to Broadcom BCM5325EKQM. Some of these models have 32 MB of RAM installed but have been locked to 16 MB by the manufacturer. Some models have 16 MB Hynix HY5DU28162ET-J memory chips.
3.0	216 MHz	16 MB	4 MB	CDF8	Identical to 1.1 and later models, except for the CPU speed and an undocumented switch behind left front panel intended for use with a feature called "SecureEasySetup".
3.1	216 MHz	16 MB	4 MB	CDF9	The Version 3.1 hardware is essentially the same as the Version 3.0 hardware. Adds "SecureEasySetup" button.
4.0	200 MHz	16 MB	4 MB	CDFA	Broadcom BCM5352EKPB Chipset
TM	200 MHz	32 MB	8 MB	CO61	Use dd-wrt Tornado CFE updater (or JTAG) and cross-over to Tomato using Web upgrade

[edit] Linksys WRT54GS

Version	CPU speed	RAM	Flash memory	S/N Prefix	Notes
1.0	200 MHz	32 MB	8 MB	CGN0 CGN1	Broadcom BCM4712KPB and ADMtek 6996L switch. Added SpeedBooster technology (Broadcom Afterburner technology), claims to boost the throughput of 802.11g by 30% (for maximum boost needs SpeedBooster technology on the other side, but will boost standard 802.11g as well)
1.1	200 MHz	32 MB	8 MB	CGN2	Chipset changed to Broadcom BCM4712LKFB and BCM5325EKQM switch.
2.0	216 MHz	32 MB	8 MB	CGN3	10 LED Front Panel (two new ones behind Cisco logo button). Also capable of SecureEasySetup, but use of the logo button and lighting of the new LEDs behind it requires firmware upgrade. Broadcom BCM4712 chip REV1 or REV 2
2.1	216 MHz	32 MB	8 MB	CGN4	Radio chip is changed from BCM2050 to BCM2050KML.
3.0	200 MHz	32 MB	8 MB	CGN5	Use System-on-Chip: processor, MAC, and switching are handled by Broadcom BCM5352EKBP.
4.0	200 MHz	16 MB	4 MB	CGN6	Notes: Reduced RAM & Flash (a Very Rare Few Have 32MB/8MB)

[edit] Linksys WRT54GL

Version	CPU speed	RAM	Flash memory	S/N Prefix	Notes
1.0	200 MHz	16 MB	4 MB	CL7A	New model line, released after the version 5 WRT54G, which returns to a Linux-based OS as opposed to the VxWorks firmware. SpeedBooster is not enabled in stock firmware, however third-party firmware will enable the feature. The hardware is essentially the same as the WRT54G version 4.0. One alteration is that the internal numbering scheme of the 4-port switch changed in this model, from 1 2 3 4, to 3 2 1 0.
1.1	200 MHz	16 MB	4 MB	CL7B CL7C	As of May 8, 2008, this version was shipping with firmware revision 4.30.11. This pre-loaded firmware allows the user to upload a 4MB firmware image, whereas the pre-loaded firmware on version 1.0 limited the image to 3MB. Firmware version 4.30.12 is now available for both hardware versions. Fully supported by Tomato

[edit] Linksys WRTSL54GS

Version	CPU speed	RAM	Flash memory	S/N Prefix	Notes
1.0	264 MHz	32 MB	8 MB	CJK0	Released after the WRT54GS and WRT54GL. Uses Linux-based OS. Includes SpeedBooster support, additional firmware features, and an external USB 2.0 port (StorageLink) for network storage. Uses 8 MB of Intel TE28F640 flash with a Broadcom BCM4704KPB processor and Broadcom BCM5325FKQM Ethernet switch.
1.1	264 MHz	32 MB	8 MB	CJK11	Change from BCM4704 rev 8 to BCM4704 rev 9 unconfirmed

[edit] Asus

Wikipedia has related information at
Asus routers

Model	CPU speed	RAM	Flash memory	S/N Prefix	Notes
WL-500g	Broadcom 4710 @ 125MHz	16	4	?	?
WL-500gE	?	?	?	?	?
WL-500gP Premium V1	BCM94704 @ 266 Mhz	32	8	?	First Flash via TFTP
WL-500gP Premium V2	BCM5354 CPU @ 240 Mhz	32	8	?	Requires ND version as of 1.23, stock firmware has no USB support (See Teddy Bear Mod)
WL-500W	Broadcom 4704 @ 264 Mhz	32	8	?	Unconfirmed but same chipset as Buffalo WZR-HP-G54,WZR-RS-G54,WZR-RS-G54HP,WHR3-AG54 as well as the Linksys WRTSL54GS. 802.11n feature is not supported. Reports that the Mimo driver from OpenWRT also works at 11/g.
WL-520gU	BCM5354 CPU @ 240 Mhz	16	4	?	Requires ND version as of 1.23, stock firmware has no USB support (See Teddy Bear Mod)

[edit] Buffalo

Wikipedia has related information at
Buffalo AirStation

Model	CPU speed	RAM	Flash memory	S/N Prefix	Notes
WHR-G54S	Broadcom 5352 @ 200MHz	16	4	?	?
WHR-HP-G54	Broadcom 5352 @ 200MHz	16	4	?	?
WZR-G54	?	?	?	?	?
WZR-HP-G54	Broadcom 4704 @ 264MHz	64	4	?	?
WZR-RS-G54	Broadcom 4704 @ 264MHz	64	8	?	?
WZR-RS-G54HP	Broadcom 4704 @ 266MHz	64	8	?	?
WBR-G54	Broadcom 4710 @ 125MHz	16	4	?	?
WBR2-G54	Broadcom 4712 @ 200MHz	16	4	?	?
WVR-G54-NF	?	?	?	?	?
WHR2-A54-G54	?	64	?	?	?
WHR3-AG54	Broadcom 4704 @ 264MHz	64	4	?	?
WHR-G125	Broadcom 5354 @ 240MHz	16	4	?	Must use the ND version of Tomato on this Router.

[edit] Dell

Model	CPU speed	RAM	Flash memory	S/N Prefix	Notes
TrueMobile 2300	Broadcom BCM94710 @ 125MHz	16	4	?	?

[edit] Fuji

[edit] Microsoft

Model	CPU speed	RAM	Flash memory	S/N Prefix	Notes
MN-700	Broadcom 4710 @ 125MHz	16	4	?	?

[edit] Netgear

[edit] Sparklan

[edit] Licensing

While the core source code is licensed under GPLv2, the source code for the user interface is under a more restrictive license which forbids use without the author's permission.

[edit] Support

Tomato (eng) — Official Tomato firmware web site

Tomato FAQ (eng) — The basic facts about the Tomato foundation

Tomato (Firmware) — Tomato (Firmware) Documentation (this book)
Tomato (Firmware) — Tomato (Firmware) - German (deutsches) Wikibook

Linksys (eng) — Forums for the grand-daddy at LinkSys.

Linksysinfo (eng)

Openlinksys (pol)

[edit] Weblinks

Screenshots

45 Screenshots of Tomato 1.17

Wikipedia

[edit] References

↑ ^a ^b Polar Cloud — Tomato Firmware offical web page.
↑ List of Tomato mods
↑ hardc0re release announcement.
↑ jyavenard release announcement.
↑ roadkill release announcement.
↑ slodki release announcement.
↑ SgtPepperKSU release announcement.
↑ Teddy Bear Mod release announcement.
↑ Thor release announcement.
↑ Trzepako release announcement.
↑ Victek Mod. Tomato RAF release announcement.

[polarcloud-0] Polar Cloud — Tomato Firmware offical web page.

[1] List of Tomato mods

[2] rdc0re release announcement.

[3] yavenard release announcement.

[4] roadkill release announcement.

[5] slodki release announcement.

[6] SgtPepperKSU release announcement.

[7] Teddy Bear Mod release announcement.

[8] Thor release announcement.

[9] Trzepako release announcement.

[10] Victek Mod. Tomato RAF release announcement.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

Tomato (firmware)