Installing Fun Plug on ZyXEL NSA310


Overview:

If you follow the guide below this should get Fonz Fun Plug (FFP for short) installed and configured on your ZyXEL NSA310 which allows you to install numerous packages such as SABnzbd and SickBeard (One of our favorite combinations of packages)

Before you proceed please note:

FFP is originally designed for the D-Link DNS-323/Conceptronic CH3SNAS. It contains some tools which are for use in those boxes only, like /ffp/sbin/store-passwd.sh, (There is a small list of scripts which are automatically deleted in function CleanUp() in after_booting.sh), and Fonz’ package dns323-utils-nnn.tgz. It’s generally not a good idea to run those scripts on your NAS. Unless you’re following this guide for a DNS-323 or other D-Link DNS NAS in which case why are you reading this guide?!

What you need:

  • FFP zip file found here
  • PuTTY (Telnet and SSH client) available here
  • A USB Stick of at least 128MB
  • An I.Q. greater than 7
  • Obviously (we hope) an ZyXEL NSA310 (NSA-310)

How to setup and get ready to install FFP:

Extract the FFP zip file you should have already downloaded above if not once again you can get it here and copy it onto your USB stick of at least 128MB (64MB for FFP 0.5), having only one partition (unpartitioned space is no problem), formatted in the FAT filesystem. Plug it in the NAS and reboot. During install the NAS needs to have internet access, as it will download the ffp base package from http://ffp.inreto.de. The stick will be repartitioned and reformatted, so except the contents of the zipfile, all data on the stick will be lost. In a few minutes a telnet daemon will be started and that’s it for the beginning part.

So now that you’re booted up with FFP enabled what now?

First you need to telnet into the unit it’s self. So open up PuTTY, set the connection type to telnet and then type in the IP address of the router. Now can enable and start sshd, which is a more secure and powerful shell:

chmod a+x /ffp/start/sshd.sh
/ffp/start/sshd.sh start

There are two predefined logins: user with password user, and root with password root. Of course you should change those default passwords (using the command ‘passwd [<username>]) before exposing this interface to the big evil web.

When the ssh server is started, and you are able to login via ssh, you can stop and disable telnet:

/ffp/start/telnetd.sh stop
chmod a-x /ffp/start/telnetd.sh

Note: FFP will run all executable in /ffp/start, on startup. So toggling the executable bit selects which daemons to start.

Other packages:

Unfortunately the packages for 0.5, 0.6, 0.7/arm and 0.7/oarm are not interchangeable.

0.5

Fonz has a large number of packages available, and even more. There are also third party packages.

0.6

Fonz’ packages for 0.6 can be found here. So far I’m not aware of 3rd party packages.

0.7

Fonz’ packages for 0.7 can be found here. There are also 3th party packages here and here.

To download

wget url_of_package.tgz

To install

funpkg -i package.tgz

On FFP 0.7 a new tool ‘slacker’ is available. Try ‘slacker -Ui’

Here is a nice tutorial for building your own packages. Afaik this covers 0.5, 0.6 and 0.7. Only creating redistributal packages is different. For 0.5:

tar czf package.tgz ffp

For 0.6 and 0.7:

tar cf package.txz --xz ffp

Installing FFP on the harddisk:

usb_key_func.sh will test all mountpoint for the existance of a executable ffproot/after_booting.sh, and execute the first found. So when you want to install FFP on the harddisk, create a share ffproot, and put after_booting.sh and rootfs.tgz in it. The script has to be executable:

chmod a+x /i-data/md0/ffproot/after_booting.sh

and remove the executable flag from the sample on stick:

chmod a-x /after_booting.sh

Then reboot the box. FFP will be installed on harddisk (the NAS needs to have internet access). Of course you can also copy your existing FFP installation to harddisk.
You will still need to have the stick plugged in on each reboot, as the usb_key_func.sh script is needed to launch FFP.

Anatomy of the FFP stick

An FFP stick has two (primary) partitions, the first has a FAT (vfat) filesystem, the second one ext3. Both partitions show up in the webinterface.

FAT partition

The FAT partition is mounted by the NAS at boot, and contains usb_key_func.sh, which does the rest. Further the logfile is written here.

ext3 partition

The ext3 partition contains a directory ffproot, which contains a number of empty directories (bin,sbin,var,usr,proc,…) a etc and a ffp directory, and the script after_booting.sh. When the firmware automounts the ext3 partition, this is detected by a helper script running in background, which calls after_booting.sh. This script builds the FFP environment. On the Medion P89626/P89630 this partition is ext2, because the build-in mke2fs doesn’t support ext3.

NSA 210, 220, 221

The firmware partitions are bindmounted on these empty directories, and FFP is chrooted on ffproot.

NSA 310, 320, Medion P89626/P89630

On the 3×0 the rootfs is a cpio archive which is compiled in the kernel. For some reason it’s not possible to bindmount directories from such a fs on another directory. So another strategy is used.
The rootfs is doubled in /tmp/bindroot, using hardlinks and bindmounts. Symlinks to ffproot/ffp and ffproot/etc are created, and FFP is chrooted on /tmp/bindroot.

/etc and /log

On the 3×0/Medion /etc gets a special treatment. Because it should be able to edit those files from the FFP shell, hardlinks cannot be used. (Editing a file could break the link, leaving two copies, one inside the chroot, and one (unchanged) outside). So a tmpfs is created, in which the contents of /etc is copied (to /tmp/bindroot/tmp/.etc), and which is bindmounted both on /etc and /tmp/bindroot/etc/original. Samba (which already runs) doesn’t like this /etc hijacking, and is restarted for that reason. /log is hijacked for the same reason. The firmware changes the logs, to hardlinks should break.

The chroot

The reason for using a chroot is that it’s not automatically safe to share the /etc directory between FFP and the firmware. They both use /etc/password. This problem is bypassed by chrooting. To be able to examine (and change) the firmware /etc directory, it’s bindmounted on /etc/original.

Uninstalling

Unless you have installed FFP on harddisk, removing the stick and rebooting will remove every trace of the FFP-stick from your NAS.
When you did install on harddisk, remove the stick, reboot, and remove the ffproot share.

Firmware upgrade

Before upgrading the firmware, first switch off the box, and remove the FFP-stick. The firmware updater could interfere with FFP. BTW, updating the firmware could break your FFP-stick. It has happened twice:

  • 2.30. The initial mountpoint of the stick changed from /mnt to /mnt/parnerkey. The file nsa220_check_key (the NSA220 was the only ZyXEL NAS at that time) had to be changed.
  • 3.24. The mount options ‘iocharset=utf8,shortname=mixed’ were added to the initial mount of the stick, effectively restricting the filesystem to FAT only. A major modification of usb_key_func.sh was needed to solve that. FFP cannot run from a FAT filesystem, so the repartitioning part had to be added.

Known issues

  • Both partitions of the stick will show up twice in the webinterface. (It might be three times for the 3×0/Medion)
  • User quota might not work. It’s not working on the Medion P89626/P89630

Options (switches) in after_booting.sh

There are a few option which can be switched on by uncommenting one or more lines.

Create a /ffp symlink in rootfs

Uncomment FFPSYMLINK=1
This will work only when the rootfs is writable. It’s useful to use FFP-tool in php scripts. For instance imagemagick

Do not chroot FFP

Uncomment NOCHROOT=1
When you have a /ffp symlink, it’s not necessary anymore to chroot. This has big advantages, but, when FFP is not chrooted, it means it will share the firmware /etc directory. FFP packages are supposed to use /ffp/etc for their configuration files, but at least the login uses /etc/passwd. The default telnet login is login-less, so that’s not an issue, but ssh can give problems.
FFP commands will not work unless you change the PATH, or supply the full path.
I wrote a workaround for the passwd issue:

Change the root password when not chrooted

Uncomment CHANGEROOTPASSWORD=1
after_booting.sh can change the root password (and other passwords). By default it will change the password of root to ‘root’, and add a user ‘user’ with password ‘user’.
BTW, by default there will be no home directories.

NSA3x0, firmware 4.20+

The root password seems not to be an issue anymore. It’s the same as the admin password you supplied.

 

2 Comments

  1. PhilM says:

    Have you successfully installed SABnzbd and SickBeard on the NSA310??

  2. JDoe says:

    Is this procedure compatible with the Zyxel NSA320 too?

Leave a Comment