| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Fixes CVE-2022-47522
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Mikrotik R11e-LTE6 modem is similar to ZTE MF286R modem, added
earlier: it has a Marvel chip, able to work in ACM+RNDIS mode, knows ZTE
specific commands, runs OpenWrt Barrier Breaker fork.
While the modem is able to offer IPv6 address, the RNDIS setup is unable
to complete if there is an IPv6 adress.
While it works in ACM+RNDIS mode, the user experience isn't as good as
with "proto 3g": the modem happily serves a local IP (192.168.1.xxx)
without internet access. Of course, if the modem has enough time
(for example at the second dialup), it will serve a public IP.
Modifing the DHCP Lease (to a short interval before connect and back to
default while finalizing) is a workaround to get a public IP at the
first try.
A safe workaround for this is to excercise an offline script of the
pingcheck program: simply restart (ifdown - ifup) the connection.
Another pitfall is that the modem writes a few messages at startup,
which confuses the manufacturer detection algorithm and got disabled.
daemon.notice netifd: Interface 'mikrotik' is setting up now
daemon.notice netifd: mikrotik (2366): Failed to parse message data
daemon.notice netifd: mikrotik (2366): WARNING: Variable 'ok' does not exist or is not an array/object
daemon.notice netifd: mikrotik (2366): Unsupported modem
daemon.notice netifd: mikrotik (2426): Stopping network mikrotik
daemon.notice netifd: mikrotik (2426): Failed to parse message data
daemon.notice netifd: mikrotik (2426): WARNING: Variable '*simdetec:1,sim' does not exist or is not an array/object
daemon.notice netifd: mikrotik (2426): Unsupported modem
daemon.notice netifd: Interface 'mikrotik' is now down
A workaround for this is to use the "delay" option in the interface
configuration.
I want to thank Forum members dchard (in topic Adding support for
MikroTik hAP ac3 LTE6 kit (D53GR_5HacD2HnD)) [1]
and mrhaav (in topic OpenWrt X86_64 + Mikrotik R11e-LTE6) [2]
for sharing their experiments and works.
Another information page was found at eko.one.pl [3].
[1]: https://forum.openwrt.org/t/137555
[2]: https://forum.openwrt.org/t/151743
[3]: https://eko.one.pl/?p=modem-r11elte
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The MikroTik R11e-LTE6 modem goes into flight mode (CFUN=4) at startup
and the radio is off (*RADIOPOWER: 0):
AT+RESET
OK
OK
*SIMDETEC:2,NOS
*SIMDETEC:1,SIM
*ICCID: 8936500119010596302
*EUICC: 1
+MSTK: 11, D025....74F3
*ADMINDATA: 0, 2, 0
+CPIN: READY
*EUICC: 1
*ECCLIST: 5, 0, 112, 0, 000, 0, 08, 0, 118, 0, 911
+CREG: 0
$CREG: 0
+CESQ: 99,99,255,255,255,255
*CESQ: 99,99,255,255,255,255,0
+CGREG: 0
+CEREG: 0
+CESQ: 99,99,255,255,255,255
*CESQ: 99,99,255,255,255,255,0
*RADIOPOWER: 0
+MMSG: 0, 0
+MMSG: 0, 0
+MMSG: 1, 0
+MPBK: 1
While the chat script is able to establish the PPP connection,
it's closed instantly by the modem: LCP terminated by peer.
local2.info chat[7000]: send (ATD*99***1#^M)
local2.info chat[7000]: expect (CONNECT)
local2.info chat[7000]: ^M
local2.info chat[7000]: ATD*99***1#^M^M
local2.info chat[7000]: CONNECT
local2.info chat[7000]: -- got it
local2.info chat[7000]: send ( ^M)
daemon.info pppd[6997]: Serial connection established.
kern.info kernel: [ 453.659146] 3g-mikrotik: renamed from ppp0
daemon.info pppd[6997]: Renamed interface ppp0 to 3g-mikrotik
daemon.info pppd[6997]: Using interface 3g-mikrotik
daemon.notice pppd[6997]: Connect: 3g-mikrotik <--> /dev/ttyACM0
daemon.info pppd[6997]: LCP terminated by peer
daemon.notice pppd[6997]: Connection terminated.
daemon.notice pppd[6997]: Modem hangup
daemon.info pppd[6997]: Exit.
daemon.notice netifd: Interface 'mikrotik' is now down
Sending "AT+CFUN=1" to modem deactivates the flight mode and
solves the issue:
daemon.notice netifd: Interface 'mikrotik' is setting up now
daemon.notice netifd: mikrotik (7051): sending -> AT+CFUN=1
daemon.notice pppd[7137]: pppd 2.4.9 started by root, uid 0
local2.info chat[7140]: abort on (BUSY)
local2.info chat[7140]: abort on (NO CARRIER)
local2.info chat[7140]: abort on (ERROR)
local2.info chat[7140]: report (CONNECT)
local2.info chat[7140]: timeout set to 10 seconds
local2.info chat[7140]: send (AT&F^M)
local2.info chat[7140]: expect (OK)
local2.info chat[7140]: ^M
local2.info chat[7140]: +CESQ: 99,99,255,255,255,255^M
local2.info chat[7140]: ^M
local2.info chat[7140]: *CESQ: 99,99,255,255,255,255,0^M
local2.info chat[7140]: AT&F^MAT&F^M^M
local2.info chat[7140]: OK
local2.info chat[7140]: -- got it
...
local2.info chat[7140]: send (ATD*99***1#^M)
local2.info chat[7140]: expect (CONNECT)
local2.info chat[7140]: ^M
local2.info chat[7140]: ATD*99***1#^M^M
local2.info chat[7140]: CONNECT
local2.info chat[7140]: -- got it
local2.info chat[7140]: send ( ^M)
daemon.info pppd[7137]: Serial connection established.
kern.info kernel: [ 463.094254] 3g-mikrotik: renamed from ppp0
daemon.info pppd[7137]: Renamed interface ppp0 to 3g-mikrotik
daemon.info pppd[7137]: Using interface 3g-mikrotik
daemon.notice pppd[7137]: Connect: 3g-mikrotik <--> /dev/ttyACM0
daemon.warn pppd[7137]: Could not determine remote IP address: defaulting to 10.64.64.64
daemon.notice pppd[7137]: local IP address 100.112.63.62
daemon.notice pppd[7137]: remote IP address 10.64.64.64
daemon.notice pppd[7137]: primary DNS address 185.29.83.64
daemon.notice pppd[7137]: secondary DNS address 185.62.131.64
daemon.notice netifd: Network device '3g-mikrotik' link is up
daemon.notice netifd: Interface 'mikrotik' is now up
To send this AT command to the modem the "runcommand.gcom" script
dependency is moved from comgt-ncm to comgt.
As the comgt-ncm package depends on comgt already, this change
is a NOOP from that point of view.
But from the modem's point it is a low hanging fruit as the modem
is usable with installing comgt and kmod-usb-ncm packages.
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch solves the problem of receiving "error" responses when
initially calling gcom. This avoids unnecessary NO_DEVICE failures.
A retry loop retries the call after an "error" response within the
specified delay. A successful response will continue with the connection
immediately without waiting for max specified delay, bringing the
interface up sooner.
Signed-off-by: Mike Wilson <mikewse@hotmail.com>
|
| |
|
|
|
|
|
|
| |
ccd7e46 ipq40xx: add support for Wallystech DR40x9
2ce60e1 Revert "ipq40xx: add support for Wallystech DR40x9"
ea962ca ipq40xx: add Emplus WAP551 BDF
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
General specification:
SoC Type: MediaTek MT7620N (580MHz)
ROM: 8 MB SPI-NOR (W25Q64FV)
RAM: 64 MB DDR (EM6AB160TSD-5G)
Switch: MediaTek MT7530
Ethernet: 5 ports - 5×100MbE (WAN, LAN1-4)
Wireless: 2.4 GHz (MediaTek RT5390): b/g/n
Buttons: 3 button (POWER, RESET, WPS)
Slide switch: 4 position (BASE, ADAPTER, BOOSTER, ACCESS POINT)
Bootloader: U-Boot 1.1.3
Power: 9 VDC, 0.6 A
MAC in stock:
|- + |
| LAN | RF-EEPROM + 0x04 |
| WLAN | RF-EEPROM + 0x04 |
| WAN | RF-EEPROM + 0x28 |
OEM easy installation
1. Use a PC to browse to http://my.keenetic.net.
2. Go to the System section and open the Files tab.
3. Under the Files tab, there will be a list of system
files. Click on the Firmware file.
4. When a modal window appears, click on the Choose File
button and upload the firmware image.
5. Wait for the router to flash and reboot.
OEM installation using the TFTP method
1. Download the latest firmware image and rename it to
klite3_recovery.bin.
2. Set up a Tftp server on a PC (e.g. Tftpd32) and place the
firmware image to the root directory of the server.
3. Power off the router and use a twisted pair cable to connect
the PC to any of the router's LAN ports.
4. Configure the network adapter of the PC to use IP address
192.168.1.2 and subnet mask 255.255.255.0.
5. Power up the router while holding the reset button pressed.
6. Wait approximately for 5 seconds and then release the
reset button.
7. The router should download the firmware via TFTP and
complete flashing in a few minutes.
After flashing is complete, use the PC to browse to
http://192.168.1.1 or ssh to proceed with the configuration.
Signed-off-by: Alexey Bartenev <41exey@proton.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This board is very similar to the Aruba AP-105, but is
outdoor-first. It is very similar to the MSR2000 (though certain
MSR2000 models have a different PHY[^1]).
A U-Boot replacement is required to install OpenWrt on these
devices[^2].
Specifications
--------------
* Device: Aruba AP-175
* SoC: Atheros AR7161 680 MHz MIPS
* RAM: 128MB - 2x Mira P3S12D40ETP
* Flash: 16MB MXIC MX25L12845EMI-10G (SPI-NOR)
* WiFi: 2 x DNMA-H92 Atheros AR9220-AC1A 802.11abgn
* ETH: IC+ IP1001 Gigabit + PoE PHY
* LED: 2x int., plus 12 ext. on TCA6416 GPIO expander
* Console: CP210X linking USB-A Port to CPU console @ 115200
* RTC: DS1374C, with internal battery
* Temp: LM75 temperature sensor
Factory installation:
- Needs a u-boot replacement. The process is almost identical to that
of the AP105, except that the case is easier to open, and that you
need to compile u-boot from a slightly different branch:
https://github.com/Hurricos/u-boot-ap105/tree/ap175
The instructions for performing an in-circuit reflash with an
SPI-Flasher like a CH314A can be found on the OpenWrt Wiki
(https://openwrt.org/toh/aruba/ap-105); in addition a detailed guide
may be found on YouTube[^3].
- Once u-boot has been replaced, a USB-A-to-A cable may be used to
connect your PC to the CP210X inside the AP at 115200 baud; at this
point, the normal u-boot serial flashing procedure will work (set up
networking; tftpboot and boot an OpenWrt initramfs; sysupgrade to
OpenWrt proper.)
- There is no built-in functionality to revert back to stock firmware,
because the AP-175 has been declared by the vendor[^4] end-of-life
as of 31 Jul 2020. If for some reason you wish to return to stock
firmware, take a backup of the 16MiB flash before flashing u-boot.
[^1]: https://github.com/shalzz/aruba-ap-310/blob/master/platform/bootloader/apboot-11n/include/configs/msr2k.h#L186
[^2]: https://github.com/Hurricos/u-boot-ap105/tree/ap175
[^3]: https://www.youtube.com/watch?v=Vof__dPiprs
[^4]: https://www.arubanetworks.com/support-services/end-of-life/#product=access-points&version=0
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
|
| |
|
|
|
|
|
|
| |
When forwarding is set to 0, frames are typically sent with ttl=1.
Move the ttl decrement check below the check for local receive in order to
fix packet drops.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
I found use for this in my scripts; I noticed that it is already
compiled with util-linux - there just isn't package for it -
let's package it then.
Description:
The rev utility copies the specified files to the standard output,
reversing the order of characters in everyline.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
|
| |
|
|
|
|
| |
Potentially fixes some driver data structure corruption issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
| |
39e8c70957c7 fw4: fix handling the ipset "comment" option
e6e82a55206c fw4: add further symbolic ICMP type declarations
ce9a37829a76 tests: add testcase for automatic includes
30ee17a9c65d fw4: fix syntax errors in ICMP type declarations
1ecfadd52291 fw4: remove accidentally committed .orig and .rej file
04a06bd70b98 fw4: enable flowtable counters
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
29c934d config: recheck have_link_local on interface reload if already init
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
| |
flows
Will be enabled by an upcoming mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ruckus ZoneFlex 7363 is a dual-band, dual-radio 802.11n 2x2 MIMO enterprise
access point. ZoneFlex 7343 is the single band variant of 7363
restricted to 2.4GHz, and ZoneFlex 7341 is 7343 minus two Fast Ethernet
ports.
Hardware highligts:
- CPU: Atheros AR7161 SoC at 680 MHz
- RAM: 64MB DDR
- Flash: 16MB SPI-NOR
- Wi-Fi 2.4GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Wi-Fi 5GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Ethernet 1: single Gigabit Ethernet port through Marvell 88E1116R gigabit PHY
- Ethernet 2: two Fast Ethernet ports through Realtek RTL8363S switch,
connected with Fast Ethernet link to CPU.
- PoE: input through Gigabit port
- Standalone 12V/1A power input
- USB: optional single USB 2.0 host port on the -U variants.
Serial console: 115200-8-N-1 on internal H1 header.
Pinout:
H1 ----------
|1|x3|4|5|
----------
Pin 1 is near the "H1" marking.
1 - RX
x - no pin
3 - VCC (3.3V)
4 - GND
5 - TX
Installation:
- Using serial console - requires some disassembly, 3.3V USB-Serial
adapter, TFTP server, and removing a single PH1 screw.
0. Connect serial console to H1 header. Ensure the serial converter
does not back-power the board, otherwise it will fail to boot.
1. Power-on the board. Then quickly connect serial converter to PC and
hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
you'll enter U-boot shell. Then skip to point 3.
Connection parameters are 115200-8-N-1.
2. Allow the board to boot. Press the reset button, so the board
reboots into U-boot again and go back to point 1.
3. Set the "bootcmd" variable to disable the dual-boot feature of the
system and ensure that uImage is loaded. This is critical step, and
needs to be done only on initial installation.
> setenv bootcmd "bootm 0xbf040000"
> saveenv
4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed.
Use the Gigabit interface, Fast Ethernet ports are not supported
under U-boot:
> setenv serverip 192.168.1.2
> setenv ipaddr 192.168.1.1
> tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7363-initramfs-kernel.bin
> bootm 0x81000000
5. Optional, but highly recommended: back up contents of "firmware" partition:
$ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7363_fw_backup.bin
6. Copy over sysupgrade image, and perform actual installation. OpenWrt
shall boot from flash afterwards:
$ ssh root@192.168.1.1
# sysupgrade -n openwrt-ath79-generic-ruckus_zf7363-squashfs-sysupgrade.bin
After unit boots, it should be available at the usual 192.168.1.1/24.
Return to factory firmware:
1. Copy over the backup to /tmp, for example using scp
2. Unset the "bootcmd" variable:
fw_setenv bootcmd ""
3. Use sysupgrade with force to restore the backup:
sysupgrade -F ruckus_zf7363_backup.bin
4. System will reboot.
Quirks and known issues:
- Fast Ethernet ports on ZF7363 and ZF7343 are supported, but management
features of the RTL8363S switch aren't implemented yet, though the
switch is visible over MDIO0 bus. This is a gigabit-capable switch, so
link establishment with a gigabit link partner may take a longer time
because RTL8363S advertises gigabit, and the port magnetics don't
support it, so a downshift needs to occur. Both ports are accessible
at eth1 interface, which - strangely - runs only at 100Mbps itself.
- Flash layout is changed from the factory, to use both firmware image
partitions for storage using mtd-concat, and uImage format is used to
actually boot the system, which rules out the dual-boot capability.
- Both radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
OpenWrt by choice.
It is controlled by data in the top 64kB of RAM which is unmapped,
to avoid the interference in the boot process and accidental
switch to the inactive image, although boot script presence in
form of "bootcmd" variable should prevent this entirely.
- On some versions of stock firmware, it is possible to obtain root shell,
however not much is available in terms of debugging facitilies.
1. Login to the rkscli
2. Execute hidden command "Ruckus"
3. Copy and paste ";/bin/sh;" including quotes. This is required only
once, the payload will be stored in writable filesystem.
4. Execute hidden command "!v54!". Press Enter leaving empty reply for
"What's your chow?" prompt.
5. Busybox shell shall open.
Source: https://alephsecurity.com/vulns/aleph-2019014
- There is second method to achieve root shell, using command injection
in the web interface:
1. Login to web administration interface
2. Go to Administration > Diagnostics
3. Enter |telnetd${IFS}-p${IFS}204${IFS}-l${IFS}/bin/sh into "ping"
field
4. Press "Run test"
5. Telnet to the device IP at port 204
6. Busybox shell shall open.
Source: https://github.com/chk-jxcn/ruckusremoteshell
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ruckus ZoneFlex 7351 is a dual-band, dual-radio 802.11n 2x2 MIMO enterprise
access point.
Hardware highligts:
- CPU: Atheros AR7161 SoC at 680 MHz
- RAM: 64MB DDR
- Flash: 16MB SPI-NOR
- Wi-Fi 2.4GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Wi-Fi 5GHz: AR9280 PCI 2x2 MIMO radio with external beamforming
- Ethernet: single Gigabit Ethernet port through Marvell 88E1116R gigabit PHY
- Standalone 12V/1A power input
- USB: optional single USB 2.0 host port on the 7351-U variant.
Serial console: 115200-8-N-1 on internal H1 header.
Pinout:
H1 ----------
|1|x3|4|5|
----------
Pin 1 is near the "H1" marking.
1 - RX
x - no pin
3 - VCC (3.3V)
4 - GND
5 - TX
Installation:
- Using serial console - requires some disassembly, 3.3V USB-Serial
adapter, TFTP server, and removing a single T10 screw.
0. Connect serial console to H1 header. Ensure the serial converter
does not back-power the board, otherwise it will fail to boot.
1. Power-on the board. Then quickly connect serial converter to PC and
hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
you'll enter U-boot shell. Then skip to point 3.
Connection parameters are 115200-8-N-1.
2. Allow the board to boot. Press the reset button, so the board
reboots into U-boot again and go back to point 1.
3. Set the "bootcmd" variable to disable the dual-boot feature of the
system and ensure that uImage is loaded. This is critical step, and
needs to be done only on initial installation.
> setenv bootcmd "bootm 0xbf040000"
> saveenv
4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed:
> setenv serverip 192.168.1.2
> setenv ipaddr 192.168.1.1
> tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7351-initramfs-kernel.bin
> bootm 0x81000000
5. Optional, but highly recommended: back up contents of "firmware" partition:
$ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7351_fw_backup.bin
6. Copy over sysupgrade image, and perform actual installation. OpenWrt
shall boot from flash afterwards:
$ ssh root@192.168.1.1
# sysupgrade -n openwrt-ath79-generic-ruckus_zf7351-squashfs-sysupgrade.bin
After unit boots, it should be available at the usual 192.168.1.1/24.
Return to factory firmware:
1. Copy over the backup to /tmp, for example using scp
2. Unset the "bootcmd" variable:
fw_setenv bootcmd ""
3. Use sysupgrade with force to restore the backup:
sysupgrade -F ruckus_zf7351_backup.bin
4. System will reboot.
Quirks and known issues:
- Flash layout is changed from the factory, to use both firmware image
partitions for storage using mtd-concat, and uImage format is used to
actually boot the system, which rules out the dual-boot capability.
- Both radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
OpenWrt by choice.
It is controlled by data in the top 64kB of RAM which is unmapped,
to avoid the interference in the boot process and accidental
switch to the inactive image, although boot script presence in
form of "bootcmd" variable should prevent this entirely.
- On some versions of stock firmware, it is possible to obtain root shell,
however not much is available in terms of debugging facitilies.
1. Login to the rkscli
2. Execute hidden command "Ruckus"
3. Copy and paste ";/bin/sh;" including quotes. This is required only
once, the payload will be stored in writable filesystem.
4. Execute hidden command "!v54!". Press Enter leaving empty reply for
"What's your chow?" prompt.
5. Busybox shell shall open.
Source: https://alephsecurity.com/vulns/aleph-2019014
- There is second method to achieve root shell, using command injection
in the web interface:
1. Login to web administration interface
2. Go to Administration > Diagnostics
3. Enter |telnetd${IFS}-p${IFS}204${IFS}-l${IFS}/bin/sh into "ping"
field
4. Press "Run test"
5. Telnet to the device IP at port 204
6. Busybox shell shall open.
Source: https://github.com/chk-jxcn/ruckusremoteshell
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
7c0f603 router: skip RA and wait for LINK-LOCAL to be assigned
ba30afc config: skip interface setup if interface not IFF_RUNNING
06b111e Revert "odhcpd: Reduce error messages"
90d6cc9 odhcpd: Reduce error messages
Also drop AUTORELEASE since it got deprecated.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
SSDK is doing everything custom, so trying to use mold and/or LTO
fails, so lets opt-out of using both of them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
[a.heider: split and switch to PKG_BUILD_FLAGS]
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
| |
|
|
|
|
| |
These fail to build with LTO enabled or packages depending on them do.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reduces open coding and allows to easily add a knob to enable
it treewide, where chosen packages can still opt-out via "no-lto".
Some packages used LTO, but not the linker plugin. This unifies 'em
all to attempt to produce better code.
Quoting man gcc(1):
"This improves the quality of optimization by exposing more code to the
link-time optimizer."
Also use -flto=auto instead of -flto=jobserver, as it's not guaranteed
that every buildsystem uses +$(MAKE) correctly.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reduces open coding and allows to easily add a knob to
enable it treewide, where chosen packages can still opt-out via
"no-gc-sections".
Note: libnl, mbedtls and opkg only used the CFLAGS part without the
LDFLAGS counterpart. That doesn't help at all if the goal is to produce
smaller binaries. I consider that an accident, and this fixes it.
Note: there are also packages using only the LDFLAGS part. I didn't
touch those, as gc might have been disabled via CFLAGS intentionally.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
| |
|
|
|
|
|
| |
Keep backwards compatibility via PKG_USE_MIPS16 for now, as this is
used in all package feeds.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds support for the Wallys DR40x9 series boards.
They come in IPQ4019 and IPQ4029 versions.
IPQ4019/4029 only differ in that that IPQ4029 is the industrial version that is rated to higher temperatures.
Specifications are:
* CPU: Qualcomm IPQ40x9 (4x ARMv7A Cortex A7) at 716 MHz
* RAM: 512 MB
* Storage: 2MB of SPI-NOR, 128 MB of parallel NAND
* USB 3.0 TypeA port for users
* MiniPCI-E with PCI-E 2.0 link
* MiniPCI-E for LTE modems with only USB2.0 link
* 2 SIM card slots that are selected via GPIO11
* MicroSD card slot
* Ethernet: 2x GBe with 24~48V passive POE
* SFP port (Does not work, I2C and GPIO's not connected on hardware)
* DC Jack
* UART header
* WLAN: In-SoC 2x2 802.11b/g/n and 2x2 802.11a/n/ac
* 4x MMCX connectors for WLAN
* Reset button
* 8x LED-s
Installation instructions:
Connect to UART, pins are like this:
-> 3.3V | TX | RX | GND
Settings are 115200 8n1
Boot initramfs from TFTP:
tftpboot 0x84000000 openwrt-ipq40xx-generic-wallys_dr40x9-initramfs-fit-uImage.itb
bootm
Then copy the sysupgrade image to the /tmp folder and execute sysupgrade -n <image_name>
The board file binary was provided from Wallystech on March 14th 2023
including full permission to use and distribute.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
|
| |
|
|
|
|
| |
f9cece0 ipq40xx: add support for Wallystech DR40x9
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
588dd07 qat: update licence text
a03713d rtl_bt: Update RTL8822C BT USB firmware to 0x0CC6_D2E3
63dac62 rtl_bt: Update RTL8822C BT UART firmware to 0x05C6_D2E3
5adebcf WHENCE: remove duplicate File entries
d32de23 WHENCE: remove trailing white space
24c9df9 linux-firmware: add fw for qat_4xxx
b568bbc Fix symlinks for Intel firmware
f49c572 linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
db6e357 linux-firmware: update firmware for MT7921 WiFi device
4309412 iwlwifi: update core69 and core72 firmwares for Ty device
4cc3eda rtlwifi: Add firmware v16.0 for RTL8710BU aka RTL8188GU
76ad275 brcm: Add nvram for the Lenovo Yoga Book X90F / X90L convertible
1bc8afb brcm: Fix Xiaomi Inc Mipad2 nvram/.txt file macaddr
d02d58a brcm: Add nvram for the Advantech MICA-071 tablet
c51488f rtl_bt: Update RTL8852C BT USB firmware to 0xD7B8_FABF
3653d69 rtl_bt: Add firmware and config files for RTL8821CS
7375bcf rtw89: 8852b: update fw to v0.29.29.0
5148670 rtw89: 8852b: update fw to v0.29.26.0
c600840 liquidio: remove lio_23xx_vsw.bin
23afbfe intel: avs: Add AudioDSP base firmware for CNL-based platforms
284e55d intel: avs: Add AudioDSP base firmware for APL-based platforms
289e3a9 intel: avs: Add AudioDSP base firmware for SKL-based platforms
c7a57ef ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.23
6a4e7f6 ath11k: WCN6855 hw2.0: update board-2.bin
0e2486b ath11k: WCN6750 hw1.0: update board-2.bin
f48fbe4 ath11k: IPQ5018 hw1.0: add to WLAN.HK.2.6.0.1-00861-QCAHKSWPL_SILICONZ-1
9dacec6 ath11k: IPQ5018 hw1.0: add board-2.bin
15054af ath10k: QCA6174 hw3.0: update firmware-sdio-6.bin to version WLAN.RMH.4.4.1-00174
024cc5e ath10k: WCN3990 hw1.0: update board-2.bin
a253a37 cnm: update chips&media wave521c firmware.
c0a0bc2 amdgpu: Update GC 11.0.1 firmware
4296b7a intel: catpt: Add AudioDSP base firmware for BDW platforms
f79e4ba linux-firmware: Update AMD cpu microcode
1fd4c55 brcm: revert firmware files for Cypress devices
5aa0b27 brcm: restore previous firmware file for BCM4329 device
c3f3baa rtw88: 8822c: Update normal firmware to v9.9.14
c1181ae i915: Add DMC v2.11 for MTL
2fd61bc linux-firmware: Add firmware for Cirrus CS35L41 on UM3402 ASUS Laptop
a60d908 linux-firmware: Add missing tuning files for HP Laptops using Cirrus Amps
a5046f4 i915: Add DMC v2.18 for ADLP
5c11a37 amdgpu: Add VCN 4.0.2 firmware
5fe2d73 amdgpu: Add PSP 13.0.4 firmware
a3332f8 amdgpu: Add SDMA 6.0.1 fimware
4535de6 amdgpu: Add GC 11.0.1 firmware
2e93e4c amdgpu: Add DCN 3.1.4 firmware
3435843 iwlwifi: remove old intermediate 5.15+ firmwares
494389c iwlwifi: remove 5.10 and 5.15 intermediate old firmwares
177c593 iwlwifi: remove 5.4 and 5.10 intermediate old firmwares
fa3a6d5 iwlwifi: remove 4.19 and 5.4 intermediate old firmwares
d11eb6f iwlwifi: remove old unsupported older than 4.14 LTS
bb2d42d linux-firmware: update firmware for MT7921 WiFi device
3f0f338 linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
f88f1f8 amdgpu: update vangogh firmware
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Netgear WAX218 is a 802.11ax AP claiming AX3600 support. It is wall
or ceiling mountable. It can be powered via PoE, or a 12 V adapter.
The board has footprints for 2.54mm UART headers. They're difficult to
solder because the GND is connected to a large copper plane. Only try
soldering if you are very skilled. Otherwise, use pogo pins.
Specifications:
---------------
* CPU: Qualcomm IPQ8072A Quad core Cortex-A53 2.2GHz
* RAM: 366 MB of RAM available to OS, not sure of total amount
* Storage: Macronix MX30UF2G18AC 256MB NAND
* Ethernet:
* 2.5G RJ45 port (QCA8081) with PoE input
* WLAN:
* 2.4GHz/5GHz with 8 antennas
* LEDs:
* Power (Amber)
* LAN (Blue)
* 2G WLAN (Blue)
* 5G WLAN (Blue)
* Buttons:
* 1x Factory reset
* Power: 12V DC Jack
* UART: Two 4-pin unpopulated headers near the LEDs
* "J2 UART" is the CPU UART, 3.3 V level
Installation:
=============
Web UI method
-------------
Flashing OpenWRT using the vendor's Web UI is problematic on this
device. The u-boot mechanism for communicating the active rootfs is
antiquated and unreliable. Instead of setting the kernel commandline,
it relies on patching the DTS partitions of the nand node. The way
partitions are patched is incompatible with newer kernels.
Newer kernels use the SMEM partition table, which puts "rootfs" on
mtd12. The vendor's Web UI will flash to either mtd12 or mtd14. One
reliable way to boot from mtd14 and avoid boot loops is to use an
initramfs image.
1. In the factory web UI, navigate to System Manager -> Firmware.
2. In the "Local Firmware Upgrade" section, click Browse
3. Navigate and select the 'web-ui-factory.fit' image
4. Click "Upload"
5. On the following page, click on "Proceed"
The flash proceeds at this point and the system will reboot
automatically to OpenWRT.
6. Flash the 'nand-sysupgrade.bin' using Luci or the commandline
SSH method
----------
Enable SSH using the CLI or Web UI. The root account is locked out to
ssh, and the admin account defaults to Netgear's CLI application.
So we need to get creative:
First, make sure the device boots from the second firmware partition:
ssh -okexalgorithms=diffie-hellman-group14-sha1 admin@<ipaddr> \
/usr/sbin/fw_setenv active_fw 1
Then reboot the device, and run the update:
scp -O -o kexalgorithms=diffie-hellman-group14-sha1 \
-o hostkeyalgorithms=ssh-rsa \
netgear_wax218-squashfs-nand-factory.ubi \
admin@<ipaddr>:/tmp/openwrt.ubi
ssh -okexalgorithms=diffie-hellman-group14-sha1 admin@<ipaddr> \
/usr/sbin/ubiformat /dev/mtd12 -f /tmp/openwrt.ubi
ssh -okexalgorithms=diffie-hellman-group14-sha1 admin@<ipaddr> \
/usr/sbin/fw_setenv active_fw 0
Now reboot the device, and it should boot into a ready-to-use OpenWRT.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Francisco G Luna <frangonlun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Synchronize the ath11k backports with the current ath-next tree.
This brings in actually setting the MU-MIMO parameters in HW and 6GHz
regulatory support along with some minor resource handling fixes.
This allows to easily backport further fixes as cherry picking them has
started requiring manual conflict resolution.
Signed-off-by: Robert Marko <robimarko@gmail.com>
|
| |
|
|
|
|
| |
Add kernel tags to the patches that got accepted upstream.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
| |
31ff96d ipq806x: add support for Nokia Airscale AC400i
1af1df2 ath11k: ipq8074: add Netgear WAX218
Signed-off-by: Kristjan Krušič <kristjan.krusic@krusic22.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hardware
--------
SoC: Qualcomm IPQ8065
RAM: 512 MB DDR3
Flash: 256 MB NAND (Macronix MX30UF2G18AC) (split into 2x128MB)
4 MB SPI-NOR (Macronix MX25U3235F)
WLAN: Qualcomm Atheros QCA9984 - 2.4Ghz
Qualcomm Atheros QCA9984 - 5Ghz
ETH: eth0 - POE (100Mbps in U-Boot, 1000Mbps in OpenWrt)
eth1 - (1000Mbps in both)
Auto-negotiation broken on both.
USB: USB 2.0
LED: 5G, 2.4G, ETH1, ETH2, CTRL, PWR (All support green and red)
BTN: Reset
Other: SD card slot (non-functional)
Serial: 115200bps, near the Ethernet transformers, labeled 9X.
Connections from the arrow to the 9X text:
[NC] - [TXD] - [GND] - [RXD] - [NC]
Installation
------------
0. Connect to the device
Plug your computer into LAN2 (1000Mbps connection required).
If you use the LAN1/POE port, set your computer to force a 100Mbps link.
Connect to the device via TTL (Serial) 115200n8.
Locate the header (or solder pads) labeled 9X,
near the Ethernet jacks/transformers.
There should be an arrow on the other side of the header marking.
The connections should go like this:
(from the arrow to the 9X text): NC - TXD - GND - RXD - NC
1. Prepare for installation
While the AP is powering up, interrupt the startup process.
MAKE SURE TO CHECK YOUR CURRENT PARTITION!
If you see: "Current Partition is : partB" or
"Need to switch partition from partA to partB",
you have to force the device into partA mode, before continuing.
This can be done by changing the PKRstCnt to 5 and resetting the device.
setenv PKRstCnt 5
saveenv
reset
After you interrupt the startup process again,
you should see: Need to switch partition from partB to partA
You can now continue to the next step.
If you see: "Current Partition is : partA",
you can continue to the next step.
2. Prevent partition switching.
To prevent the device from switching partitions,
we are going to modify the startup command.
set bootcmd "setenv PKRstCnt 0; saveenv; bootipq"
setenv
3. First boot
Now, we have to boot the OpenWrt intifs.
The easiest way to do this is by using Tiny PXE.
You can also use the normal U-Boot tftp method.
Run "bootp" this will get an IP from the DHCP server
and possibly the firmware image.
If it doesn't download the firmware image, run "tftpboot".
Now run "bootm" to run the image.
You might see:
"ERROR: new format image overwritten - must RESET the board to recover"
this means that the image you are trying to load is too big.
Use a smaller image for the initial boot.
4. Install OpenWrt from initfs
Once you are booted into OpenWrt,
transfer the OpenWrt upgrade image and
use sysupgrade to install OpenWrt to the device.
Signed-off-by: Kristjan Krušič <kristjan.krusic@krusic22.com>
|
| |
|
|
|
|
|
| |
Release Notes:
https://marc.info/?l=netfilter-devel&m=167873533214563&w=2
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
| |
Upstream switched to "tar.xz".
Release Notes:
https://www.spinics.net/lists/netfilter/msg61016.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
| |
86180c4 ath10k-firmware: IPQ4019 hw1.0: Rename variant to ZTE MF18A specific BDF
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
| |
1f35a8c ath10k-firmware: IPQ4019 hw1.0: Add variant to Teltonika RUTX10 specific BDF
a49672f ath10k-firmware: QCA99X0 hw2.0: Add variant to ZTE MF18A specific BDF
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
| |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/sched?h=v5.15.100&id=7c183dc0af472dec33d2c0786a5e356baa8cad19
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This splits the code in 4 files:
- uencrypt.h
- uencrypt.c - main program
- uencrypt-openssl.c - OpenSSL/wolfSSL implementation
- uencrypt-mbedtls - mbedTLS implementation
Other changes, accounting for ~400 bytes increase in ipk size:
- more error condition checking and reporting,
- hide key and iv command line arguments
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit includes some additional changes:
- better handling of iv and keys in openssl/wolfssl variants
- fix compiler warnings and whitespace
- build all 3 variants as separate packages
- adjust the new package name in targets' DEVICE_PACKAGES
- remove PKG_FLAGS:=nonshared
[Beeline SmartBox Flash - OK]
Tested-by: Mikhail Zhilkin <csharper2005@gmail.com>
[after test: replaced a hardcoded IV size of 16 by cipher_info->iv_size]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
2dae618 ipq-wifi: update 8devices Jalapeno BDF
08e92db ipq-wifi: update 8devices Habanero BDF
Signed-off-by: Mantas Pucka <mantas@8devices.com>
[ split ipq40xx changes in separate commit ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
d978830 rc: add option to get info for a single script in list method
632b4fc rc: add option to skip running check for list method
5577db9 rc: add support for scanning USE_PROCD and skip running if not supported
4de3f02 rc: fix and improve script scanning START and STOP
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
| |
Source BDF files out of project dedicated repository and drop local file
from openwrt main repository.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
odhcp6c logs messages related to its activity when invoked with -v, but
there is no way to configure this from within OpenWrt. This adds a UCI
option to turn on odhcp6c logging, disabled by default. To enable, set,
for example, network.wan6.verbose = 1.
Signed-off-by: Mark Mentovai <mark@mentovai.com>
|
| |
|
|
|
|
|
|
|
|
| |
Release Notes:
https://sourceware.org/pipermail/elfutils-devel/2023q1/006023.html
Refresh patch:
- 003-libintl-compatibility.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
| |
Release Notes:
https://github.com/strace/strace/releases/tag/v6.2
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
| |
This fixes a build problem on some targets.
Fixes: 3e9005546a ("kernel: modules: package Microchip LAN743x PCIe gigE driver")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Deactivate the msgpack option. The binutils build might detect the
libmsgpackc.so.2 library and will try to link against it, if it is not
explicitly deactivated.
This prevents the following build errors seen in the build bots.
Package binutils is missing dependencies for the following libraries:
libmsgpackc.so.2
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
| |
Fixes: 3e9005546a ("kernel: modules: package Microchip LAN743x PCIe gigE driver")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
|
|
| |
Package the Microchip LAN743x PCIe gigE driver
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SNR-CPE-ME2-SFP is a wireless router with SFP cage manufactured by SNR/NAG company.
Specification:
- SoC: MediaTek MT7621A
- CPU: 880MHz
- Flash: 16 MB (GD25Q127CSIG)
- RAM: 256 MB
- WLAN: 2.4 GHz, 5 GHz (MediaTek MT7615DN)
- Ethernet: 4x 10/100/1000 Mbps
- SFP cage (using RTL8211FS-CG)
- USB 3.0 port
- Power: 12 VDC, 2 A
Flash instruction via TFTP:
1. Boot SNR-CPE-ME2 to recovery mode
(press reset button and power on device, hold button for ~10 seconds)
2. Send firmware via TFTP client:
TFTP Server address: 192.168.1.1
TFTP Client address: 192.168.1.131
3. Wait ~120 seconds to complete flashing
4. Do sysupgrade using web-interface
MAC Addresses(stock)
--------------------
+----------+------------------+-------------------+
| use | address | example |
+----------+------------------+-------------------+
| Device | label | 6A:C4:DD:xx:xx:28 |
| Ethernet | + 1 | 6A:C4:DD:xx:xx:29 |
| 2g | + 2 | 6A:C4:DD:xx:xx:2A |
| 5g | + 3 | 6A:C4:DD:xx:xx:2B |
+----------+------------------+-------------------+
Notes:
- Reading sfp eeprom is not supported [1] (driver issue). Stock image has the same situation.
References:
1. https://forum.openwrt.org/t/mt7621-and-reading-sfp-eeprom/152249
Signed-off-by: Aleksey Nasibulin <alealexpro100@ya.ru>
|
| |
|
|
|
|
|
|
|
| |
ca4509cf84d2 bpf: switch to using bpf_skb_utils.h
d064439009d0 qosify-bpf: skip unnecessary flow lookups
9c625ae96f2d map: fix deleting port based rules
9a47ea4b683d map: fix return code check for bpf_map_get_next_key calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hardware
--------
SoC: Freescale P1010
RAM: 512MB
FLASH: 1 MB SPI-NOR
512 MB NAND
ETH: 3x Gigabite Ethernet (Atheros AR8033)
SERIAL: Cisco RJ-45 (115200 8N1)
RTC: Battery-Backed RTC (I2C)
Installation
------------
1. Patch U-Boot by dumping the content of the SPI-Flash using a SPI
programmer. The SHA1 hash for the U-Boot password is currently
unknown.
A tool for patching U-Boot is available at
https://github.com/blocktrron/t10-uboot-patcher/
You can also patch the unknown password yourself. The SHA1 hash is
E597301A1D89FF3F6D318DBF4DBA0A5ABC5ECBEA
2. Interrupt the bootmenu by pressing CTRL+C. A password prompt appears.
The patched password is '1234' (without quotation marks)
3. Download the OpenWrt initramfs image. Copy it to a TFTP server
reachable at 10.0.1.13/24 and rename it to uImage.
4. Connect the TFTP server to ethernet port 0 of the Watchguard T10.
5. Download and boot the initramfs image by entering "tftpboot; bootm;"
in U-Boot.
6. After OpenWrt booted, create a UBI volume on the old data partition.
The "ubi" mtd partition should be mtd7, check this using
$ cat /proc/mtd
Create a UBI partition by executing
$ ubiformat /dev/mtd7 -y
7. Increase the loadable kernel-size of U-Boot by executing
$ fw_setenv SysAKernSize 800000
8. Transfer the OpenWrt sysupgrade image to the Watchguard T10 using
scp. Install the image by using sysupgrade:
$ sysupgrade -n <path-to-sysupgrade>
Note: The LAN ports of the T10 are 1 & 2 while 0 is WAN. You might
have to change the ethernet-port.
9. OpenWrt should now boot from the internal NAND. Enjoy.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
| |
This is useful in combination with the built-in eap server support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
