Tasty Tomato firmware for routers

Breathe new functionality into your router with Tomato third-party firmware for popular models of Broadcom-based routers, including popular models manufactured by Linksys.

Most consumers and users don’t know the code for Linksys firmware is entirely open source and based on Linux. That allows developers to create customized firmware that extends the functionality of the router through a plethora of new features. Tomato provides a robust set of advanced features that outperform the default Linksys firmware, and rival other open source firmware such as DD-WRT in terms of functionality. Many different routers support Tomato, including models from Asus, Buffalo, and Linksys; a full compatibility listing can be found on Wikipedia or in the developer FAQ.

Installing Tomato on a Linksys router is simple. If the router is Linux-based and compatible with Tomato, access the router’s Web interface and click on the Administration tab. From there, select the Firmware Upgrade option. Upload the right firmware for your router and log back in. Restore the router defaults by clicking on the Administration tab and selecting Configuration -> Restore Default Configuration. Make sure you select “Erase all data in NVRAM (thorough).” Log back into the router to use Tomato. You can find installation directions for other routers in a text file in the firmware download package.

Once it is installed on the router you can access the Tomato firmware interface via the Web, SSH, and Telnet. Because it provides command-line support, you can access and administer the router remotely without using a Web browser or graphical interface, thanks to its use of BusyBox, which provides a standard set of Unix tools similar to the GNU Core Utilities package, and Dropbear, which provides a Secure Shell-compatible interface for low memory environments. The command-line interface is especially useful when coupled with the native support for Dynamic DNS, the technology that binds a dynamic IP address to a static domain name (a URL like kurtsrouter.dynamicdnsservice.com). The router supports a variety of third-party dynamic DNS services, such as DynDNS and No-IP. If you do choose to use the Web interface, you can apply most of the settings using AJAX to avoid the need for a page refresh after each change. You can customize the interface appearance by editing stylesheets.

Tomato supports a variety of advanced features that make it easy to administer and control the network. Wake-on-LAN allows you to power on computers on your network by sending a special packet to the router. This is useful if you want to access a computer remotely that isn’t powered on.

The router firmware has a firewall administered through iptables, an application used to configure rules for accepting and blocking network packets. Tomato expands the router’s Quality of Service settings to allow for more rules and filters. QoS allows you to prioritize data based on protocol, user, or application, so that preferred traffic can move through the network more quickly than less important data. This is especially useful for gaming traffic when you have other services such as BitTorrent and instant messaging are also running.

Port forwarding, the process by which data coming through a specific port is directed to the correct network device, supports a few advanced options, such as Universal Plug and Play (UPnP) and a Demilitarized Zone (DMZ). UPnP support allows devices on the network to set up their own port forwarding information automatically, making it easier to get a device externally accessible — but also making the network more vulnerable to UPnP-aware trojans. A DMZ setting directs the router to send data packets to a specified machine on the network that is not behind a locked-down firewall. Obviously, you shouldn’t use this unless you are confident that the machine is secure.

Tomato also features a slew of access protection settings to block out machines, protocols, and users. This is nice for users in a university setting who don’t want to allow file-sharing or other potentially unwanted connections to their wireless routers.

The wireless options in Tomato let you easily turn the router into an Ethernet bridge. The bridge setting strengthens the signal of another wireless network in the area, improving connectability and coverage. The firmware supports both 802.11b and b wireless types. The Afterburner setting can improve speeds on the g protocol to as high as 125Mbps while still remaining compatibility with almost all wireless devices (this is the same as g+ on some routers).

In addition to adding router functionality, by using the firmware’s graphical interface you can create bandwidth charts for a variety of different timeframes in the scalable vector graphics format. SVG support is provided by default in Mozilla Firefox and Apple Safari, but Internet Explorer requires a plugin to display the bandwidth charts. Users can analyze the last 10 minutes of network usage, updated in two second intervals, or see the last 24 hours of activity, or expand that timeframe to daily or monthly intervals. The built-in Common Internet File System client can mount a Windows or Samba share to store the bandwidth logs to disk.

Tomato is great way to upgrade your router without buying new equipment. Though it doesn’t work on all routers, it illustrates the flexibility of Linux on embedded devices.