openwrt

reset

firstboot

opkg

root@LEDE:~# opkg install ip
Installing ip-full (4.4.0-9) to root...
Downloading http://downloads.lede-project.org/releases/17.01.2/packages/mipsel_24kc/base/ip-full_4.4.0-9_mipsel_24kc.ipk
Configuring ip-full.

root@LEDE:~# opkg list -A ip-*
ip-bridge - 4.4.0-9 - Bridge configuration utility from iproute2
ip-full - 4.4.0-9 - Routing control utility (Full)
ip-tiny - 4.4.0-9 - Routing control utility (Minimal)

root@LEDE:~# opkg list ip-*
ip-bridge - 4.4.0-9 - Bridge configuration utility from iproute2
ip-full - 4.4.0-9 - Routing control utility (Full)
ip-tiny - 4.4.0-9 - Routing control utility (Minimal)

root@LEDE:~# opkg find ip-*
ip-bridge - 4.4.0-9 - Bridge configuration utility from iproute2
ip-full - 4.4.0-9 - Routing control utility (Full)
ip-tiny - 4.4.0-9 - Routing control utility (Minimal)

root@LEDE:~# opkg info ip-full
Package: ip-full
Version: 4.4.0-9
Depends: libc, libnl-tiny
Provides: ip
Status: install user installed
Section: net
Architecture: mipsel_24kc
Size: 112843
Filename: ip-full_4.4.0-9_mipsel_24kc.ipk
Description: Routing control utility (Full)
Installed-Time: 1506002529

root@LEDE:~# opkg files ip
Package ip-full (4.4.0-9) is installed on root and has the following files:
/usr/sbin/ip

root@LEDE:~# opkg files ip-full
Package ip-full (4.4.0-9) is installed on root and has the following files:
/usr/sbin/ip

root@LEDE:~# opkg files shadowsocks-libev
Package shadowsocks-libev (3.1.0-1) is installed on root and has the following files:
/usr/bin/ss-local
/usr/bin/ss-redir
/usr/bin/ss-tunnel

root@LEDE:~# opkg search /usr/bin/ss-redir
shadowsocks-libev - 3.1.0-1

WIFI

OpenWrt 路由器 WIFI 开启 13 信道 2015-12-20

减少 WIFI 信号相互干扰的方法之一是使用不同的信道 2.4GHz 频段可以分为 14 个信道,但是大部分国家规定只能使用 1-13 信道,在日本可以用 1-14 信道,而在美国只能用 1-11 信道

TP Link WR703N

TP Link WR703N 刷好 openwrt 需要配置:

  • 默认 没有启用 无线 WIFI
  • 默认为 AP 模式 需要改为 路由模式

failsafe

开机 等待 指示灯开始 闪烁 ( 大约通电后 10s ) 立即 按住 reset 键 3s 指示灯变为 快速闪烁

default

设置 root 密码:

$ telnet 192.168.1.1

Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
 === IMPORTANT ============================
  Use 'passwd' to set your login password
  this will disable telnet and enable SSH
 ------------------------------------------

BusyBox v1.23.2 (2016-01-02 18:01:44 CET) built-in shell (ash)
  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 CHAOS CALMER (15.05.1, r48532)
 -----------------------------------------------------
  * 1 1/2 oz Gin            Shake with a glassful
  * 1/4 oz Triple Sec       of broken ice and pour
  * 3/4 oz Lime Juice       unstrained into a goblet.
  * 1 1/2 oz Orange Juice
  * 1 tsp. Grenadine Syrup
 -----------------------------------------------------
root@OpenWrt:/# passwd
Changing password for root
New password:
Retype password:
Password for root changed by root

默认 ROM 占用:

root@OpenWrt:/# df -hT
Filesystem           Type            Size      Used Available Use% Mounted on
rootfs               rootfs         12.5M    472.0K     12.0M   4% /
/dev/root            squashfs        2.3M      2.3M         0 100% /rom
tmpfs                tmpfs          29.8M    300.0K     29.5M   1% /tmp
tmpfs                tmpfs          29.8M     44.0K     29.8M   0% /tmp/root
tmpfs                tmpfs         512.0K         0    512.0K   0% /dev
/dev/mtdblock3       jffs2          12.5M    472.0K     12.0M   4% /overlay
overlayfs:/overlay   overlay        12.5M    472.0K     12.0M   4% /

init

  • 配置 WIFI 无线
  • 删除 网桥 添加 WAN

wireless

WIFI 默认配置:

root@OpenWrt:/# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.channel='11'
wireless.radio0.hwmode='11g'
wireless.radio0.path='platform/ar933x_wmac'
wireless.radio0.htmode='HT20'
wireless.radio0.disabled='1'
wireless.@wifi-iface[0]=wifi-iface
wireless.@wifi-iface[0].device='radio0'
wireless.@wifi-iface[0].network='lan'
wireless.@wifi-iface[0].mode='ap'
wireless.@wifi-iface[0].ssid='OpenWrt'
wireless.@wifi-iface[0].encryption='none'

root@OpenWrt:/# cat /etc/config/wireless
config wifi-device  radio0
        option type     mac80211
        option channel  11
        option hwmode   11g
        option path     'platform/ar933x_wmac'
        option htmode   HT20
        # REMOVE THIS LINE TO ENABLE WIFI:
        option disabled 1

config wifi-iface
        option device   radio0
        option network  lan
        option mode     ap
        option ssid     OpenWrt
        option encryption none

root@OpenWrt:/# wifi
'radio0' is disabled
'radio0' is disabled

root@OpenWrt:/# wifi status
{
  "radio0": {
    "up": false,
    "pending": false,
    "autostart": true,
    "disabled": true,
    "config": {
      "channel": "11",
      "hwmode": "11g",
      "path": "platform\/ar933x_wmac",
      "htmode": "HT20",
      "disabled": true
    },
    "interfaces": [
      {
        "section": "@wifi-iface[0]",
        "config": {
          "mode": "ap",
          "ssid": "OpenWrt",
          "encryption": "none",
          "network": [
            "lan"
          ],
          "mode": "ap"
        }
      }
    ]
  }
}

UCI 配置 WIFI 命令:

## wireless
uci set wireless.@wifi-iface[0].ssid=FUCK_GFW
uci set wireless.@wifi-iface[0].encryption=psk2
uci set wireless.@wifi-iface[0].key=v_v.fuckgfw
uci set wireless.radio0.disabled=0
uci changes
uci commit

实例:

root@OpenWrt:/# uci set wireless.@wifi-iface[0].ssid=FUCK_GFW
root@OpenWrt:/# uci set wireless.@wifi-iface[0].encryption=psk2
root@OpenWrt:/# uci set wireless.@wifi-iface[0].key=v_v.fuckgfw
root@OpenWrt:/# uci set wireless.radio0.disabled=0

root@OpenWrt:/# uci changes
wireless.cfg033579.ssid='FUCK_GFW'
wireless.cfg033579.encryption='psk2'
wireless.cfg033579.key='v_v.fuckgfw'
wireless.radio0.disabled='0'

root@OpenWrt:/# uci commit
root@OpenWrt:/# uci changes

root@OpenWrt:/# cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/ar933x_wmac'
        option htmode 'HT20'
        option disabled '0'

config wifi-iface
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'FUCK_GFW'
        option encryption 'psk2'
        option key 'v_v.fuckgfw'

使用 wifi 命令 启用 WIFI :

root@OpenWrt:/# wifi

root@OpenWrt:/# wifi status
{
  "radio0": {
    "up": true,
    "pending": false,
    "autostart": true,
    "disabled": false,
    "config": {
      "channel": "11",
      "hwmode": "11g",
      "path": "platform\/ar933x_wmac",
      "htmode": "HT20",
      "disabled": false
    },
    "interfaces": [
      {
        "section": "@wifi-iface[0]",
        "ifname": "wlan0",
        "config": {
          "mode": "ap",
          "ssid": "FUCK_GFW",
          "encryption": "psk2",
          "key": "v_v.fuckgfw",
          "network": [
            "lan"
          ],
          "mode": "ap"
        }
      }
    ]
  }
}

https://wiki.openwrt.org/zh-cn/doc/uci/wireless

Openwrt 使用 wifi 命令 启用、重启、关闭 无线接口:

  • 启动 WIFI 不带参数,直接运行 wifi 命令
  • 修改无线配置 重启 WIFI 使配置生效,同样也是不带参数,直接运行 wifi 命令
  • 关闭 WIFI 加上 down 参数使用 wifi down

network

桥接 默认 配置:

root@OpenWrt:~# brctl show
bridge name     bridge id               STP enabled     interfaces
br-lan          7fff.c8e7d8d4b54e       no              eth0
                                                        wlan0
root@OpenWrt:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr C8:E7:D8:D4:B5:4E
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::cae7:d8ff:fed4:b54e/64 Scope:Link
          inet6 addr: fdd9:add4:d5f5::1/60 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:345 errors:0 dropped:0 overruns:0 frame:0
          TX packets:327 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:37843 (36.9 KiB)  TX bytes:31467 (30.7 KiB)

eth0      Link encap:Ethernet  HWaddr C8:E7:D8:D4:B5:4E
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:3678 (3.5 KiB)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3264 (3.1 KiB)  TX bytes:3264 (3.1 KiB)

wlan0     Link encap:Ethernet  HWaddr C8:E7:D8:D4:B5:4E
          inet6 addr: fe80::cae7:d8ff:fed4:b54e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:344 errors:0 dropped:0 overruns:0 frame:0
          TX packets:343 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:42653 (41.6 KiB)  TX bytes:40587 (39.6 KiB)

root@OpenWrt:/# cat /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdf5:87ce:25a3::/48'

config interface 'lan'
        option ifname 'eth0'
        option force_link '1'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

AP 模式 改为 路由模式 :删除 网桥 添加 WAN 设备

## unbridge LAN
uci delete network.lan.type
uci delete network.lan.ifname
uci set network.lan._orig_bridge=false
uci set network.lan._orig_ifname=eth0
uci set network.lan.ipaddr=192.168.12.1
uci set dhcp.lan.ra_management=1

## create WAN
uci set network.wan=interface
uci set network.wan.ifname=eth0
uci set network.wan.proto=dhcp
uci set network.wan.peerdns=0           ## NOT use upstream DNS as /etc/resolv.conf

实例:

root@OpenWrt:/# uci delete network.lan.type
root@OpenWrt:/# uci delete network.lan.ifname
root@OpenWrt:/# uci set network.lan._orig_bridge=false
root@OpenWrt:/# uci set network.lan._orig_ifname=eth0
root@OpenWrt:/# uci set network.lan.ipaddr=192.168.12.1
root@OpenWrt:/#
root@OpenWrt:/# uci set dhcp.lan.ra_management=1
root@OpenWrt:/# uci set network.wan=interface
root@OpenWrt:/# uci set network.wan.ifname=eth0
root@OpenWrt:/# uci set network.wan.proto=dhcp
root@OpenWrt:/# uci set network.wan.peerdns=0

root@OpenWrt:/# uci changes
dhcp.lan.ra_management='1'
-network.lan.type
-network.lan.ifname
network.lan._orig_bridge='false'
network.lan._orig_ifname='eth0'
network.lan.ipaddr='192.168.12.1'
network.wan='interface'
network.wan.ifname='eth0'
network.wan.proto='dhcp'
network.wan.peerdns='0'

https://wiki.openwrt.org/doc/techref/odhcpd

ra_management RA management mode

value mean
0 no M-Flag but A-Flag
1 both M and A
2 M but not A

重启网络服务

root@OpenWrt:/# /etc/init.d/network restart

连接 WIFI 使用 新 IP 登录:ssh root@192.168.12.1

root@OpenWrt:~# brctl show
bridge name     bridge id               STP enabled     interfaces

root@OpenWrt:~# ifconfig
eth0      Link encap:Ethernet  HWaddr C8:E7:D8:D4:B5:4E
          inet addr:192.168.8.178  Bcast:192.168.8.255  Mask:255.255.255.0
          inet6 addr: fe80::cae7:d8ff:fed4:b54e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:257 errors:0 dropped:0 overruns:0 frame:0
          TX packets:220 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:43320 (42.3 KiB)  TX bytes:32401 (31.6 KiB)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:17 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3511 (3.4 KiB)  TX bytes:3511 (3.4 KiB)

wlan0     Link encap:Ethernet  HWaddr C8:E7:D8:D4:B5:4E
          inet addr:192.168.12.1  Bcast:192.168.12.255  Mask:255.255.255.0
          inet6 addr: fe80::cae7:d8ff:fed4:b54e/64 Scope:Link
          inet6 addr: fdd9:add4:d5f5::1/60 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:261 errors:0 dropped:0 overruns:0 frame:0
          TX packets:250 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:38999 (38.0 KiB)  TX bytes:51107 (49.9 KiB)

DHCP

DHCP 默认 配置 (后续配置 ChinaDNS 时再修改 DHCP 配置) :

root@OpenWrt:/# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].filterwin2k='0'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].nonegcache='0'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'

root@OpenWrt:/# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'

root@OpenWrt:/# cat /var/etc/dnsmasq.conf
# auto-generated config file from /etc/config/dhcp
conf-file=/etc/dnsmasq.conf
dhcp-authoritative
domain-needed
localise-queries
read-ethers
bogus-priv
expand-hosts
local-service
domain=lan
server=/lan/
dhcp-leasefile=/tmp/dhcp.leases
resolv-file=/tmp/resolv.conf.auto
addn-hosts=/tmp/hosts
conf-dir=/tmp/dnsmasq.d
stop-dns-rebind
rebind-localhost-ok
dhcp-broadcast=tag:needs-broadcast

dhcp-range=lan,192.168.1.100,192.168.1.249,255.255.255.0,12h

Image Generator

ImageBuilder Create custom Images without compiling in the build system

https://wiki.openwrt.org/doc/howto/obtain.firmware.generate

https://wiki.openwrt.org/zh-cn/doc/howto/obtain.firmware.generate

如果不想要下载一个 预编译 好的镜像文件,或者想要尝试 整个编译 过程, 替代方案是使用 镜像生成器 (Image Generator) (以前被叫做 Image Builder)。 这是一个 预编译 好的 OpenWrt 编译环境,适用于在 无需编译 的条件下 创建自定义镜像

OpenWrt build system – Usage https://wiki.openwrt.org/doc/howto/build

Do everything as non-root user

参考:

使用 Image Builder 编译自动翻墙 OpenWrt 固件

https://softwaredownload.gitbooks.io/openwrt-fanqiang/content/ebook/04.3.html

https://github.com/softwaredownload/openwrt-fanqiang

https://github.com/softwaredownload/openwrt-fanqiang/blob/master/openwrt/default/etc/uci-defaults/defaults

download

下载 TP Link WR703N 对应的 ImageBuilder 打包文件:

https://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/

mkdir -pv ~/openwrt
cd ~/openwrt

$ time wget -nv https://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64.tar.bz2
2017-08-27 20:23:34 URL:https://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64.tar.bz2
[143921369/143921369] -> "OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64.tar.bz2" [1]

real    0m7.381s
user    0m0.379s
sys     0m2.345s

$ time tar xf OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64.tar.bz2

real    0m24.645s
user    0m22.718s
sys     0m1.357s

$ ll
total 138M
-rw-r--r-- 1 i    i    138M | 2016-03-16 01:48 | OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64.tar.bz2
drwxr-xr-x 8 i    i    4.0K | 2016-02-01 01:45 | OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/

config

配置 软件源 :修改 repositories.conf 文件,增加 openwrt-dist (shadowsocks) 源

$ cat repositories.conf
## Place your custom repositories here, they must match the architecture and version.
# src/gz chaos_calmer http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages
# src custom file:///usr/src/openwrt/bin/ar71xx/packages

## Remote package repositories
src/gz chaos_calmer_base http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages/base
src/gz chaos_calmer_luci http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages/luci
src/gz chaos_calmer_packages http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages/packages
src/gz chaos_calmer_routing http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages/routing
src/gz chaos_calmer_telephony http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages/telephony
src/gz chaos_calmer_management http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/packages/management

## openwrt-dist for shadowsocks
src/gz openwrt_dist http://openwrt-dist.sourceforge.net/packages/OpenWrt/base/ar71xx
src/gz openwrt_dist_luci http://openwrt-dist.sourceforge.net/packages/OpenWrt/luci

## This is the local package repository, do not remove!
src imagebuilder file:packages

移除软件包:

upnpd
ipv6
ppp*
luci*
uhttpd

files

/etc/uci-defaults/

/etc/uci-defaults/ 目录下的 脚本 用于 openwrt 固件 初始化

openwrt network 初始化 2014-11-12

/bin/config_generate

Openwrt 14.07 中在 /etc/init.d/boot 脚本会在开机时逐一执行 /etc/uci-deafults/ 目录下的脚本, 执行完之后再删除它。这就保证了该目录下的脚本 只会被执行一次,以后再重启也不会执行到了。 除非恢复初厂设置

对应脚本执行代码:

# grep -A7 uci-defaults /etc/init.d/boot
        cd /etc/uci-defaults || return 0
        files="$(ls)"
        [ -z "$files" ] && return 0
        mkdir -p /tmp/.uci
        for file in $files; do
                ( . "./$(basename $file)" ) && rm -f "$file"
        done
        uci commit

示例:https://github.com/softwaredownload/openwrt-fanqiang/blob/master/openwrt/wndr4300/etc/uci-defaults/defaults

uci set network.wan.proto='pppoe'
uci set network.wan.username='wan-username'
uci set network.wan.password='wan-password'
uci set network.wan.peerdns=0
uci commit network

uci set wireless.@wifi-device[0].channel=11
uci set wireless.@wifi-device[0].txpower=17
uci set wireless.@wifi-device[0].disabled=0
uci set wireless.@wifi-device[0].country='CN'
uci set wireless.@wifi-iface[0].mode='ap'
uci set wireless.@wifi-iface[0].ssid='eastking-fanqiang'
uci set wireless.@wifi-iface[0].encryption='psk2'
uci set wireless.@wifi-iface[0].key='icanfly9876'
uci commit wireless
wifi

uci set dropbear.@dropbear[0].GatewayPorts='on'
uci commit dropbear
/etc/init.d/dropbear restart

uci set system.@system[0].hostname='eastking' #设置主机名
uci set system.@system[0].zonename='Asia/Shanghai'
uci set system.@system[0].timezone='CST-8'
uci commit system
/etc/init.d/system restart

#change root password
echo -e "fanqiang\nfanqiang" | (passwd $USER)

/etc/init.d/shadowsocks enable
/etc/init.d/network restart

/etc/uci-defaults/defaults 初始化脚本:

## WIFI
uci set wireless.@wifi-device[0].disabled='0'
uci set wireless.@wifi-device[0].country='CN'
uci set wireless.@wifi-device[0].channel='auto'
uci set wireless.@wifi-device[0].txpower='17'

uci set wireless.@wifi-iface[0]='wifi-iface'
uci set wireless.@wifi-iface[0].device='radio0'
uci set wireless.@wifi-iface[0].network='lan'
uci set wireless.@wifi-iface[0].mode='ap'
uci set wireless.@wifi-iface[0].ssid='703'
uci set wireless.@wifi-iface[0].encryption='psk2'
uci set wireless.@wifi-iface[0].key='v_v.fuckgfw'
uci set wireless.@wifi-iface[0].hidden='0'
uci commit wireless

## start WIFI
wifi

## unbridge LAN
uci delete network.lan.type
uci delete network.lan.ifname
uci set network.lan._orig_bridge='false'
uci set network.lan._orig_ifname='eth0'
uci set network.lan.ipaddr='192.168.3.1'
## create WAN
uci set network.wan='interface'
uci set network.wan.ifname='eth0'
uci set network.wan.proto='dhcp'
uci commit network

uci set dhcp.lan.ra_management='1'
uci set dhcp.@dnsmasq[0].nohosts='1'
uci set dhcp.@dnsmasq[0].noresolv='1'
uci set dhcp.@dnsmasq[0].local='127.0.0.1#5353'
uci commit dhcp

## restart 'network' and 'DNSmasq' service
/etc/init.d/network restart
/etc/init.d/dnsmasq restart

uci set system.@system[0].hostname='wr703n'
uci set system.@system[0].zonename='Asia/Shanghai'
uci set system.@system[0].timezone='CST-8'
uci commit system
/etc/init.d/system restart

uci set dropbear.@dropbear[0].GatewayPorts='on'
uci set dropbear.@dropbear[0].Port='2222'
uci commit dropbear
/etc/init.d/dropbear restart

## change root passwd
echo -e "V_VL.Fuck.GFW\nV_VL.Fuck.GFW" | (passwd $USER)

## SS
uci set shadowsocks.@general[0]=general
uci set shadowsocks.@general[0].startup_delay='0'

uci set shadowsocks.@servers[0]=servers
uci set shadowsocks.@servers[0].alias='sample'
uci set shadowsocks.@servers[0].fast_open='0'
uci set shadowsocks.@servers[0].timeout='60'
uci set shadowsocks.@servers[0].encrypt_method='rc4-md5'
uci set shadowsocks.@servers[0].server='45.67.89.10'
uci set shadowsocks.@servers[0].server_port='12345'
uci set shadowsocks.@servers[0].password='SS_SRV_PASS'

uci set shadowsocks.@transparent_proxy[0]=transparent_proxy
uci set shadowsocks.@transparent_proxy[0].udp_relay_server='nil'
uci set shadowsocks.@transparent_proxy[0].local_port='1234'

SS_CFGID=$(uci show shadowsocks.@servers[0].alias|awk -F '.' '{print $2}')
uci set shadowsocks.@transparent_proxy[0].main_server="$SS_CFGID"

uci set shadowsocks.@socks5_proxy[0]=socks5_proxy
uci set shadowsocks.@socks5_proxy[0].server='nil'
uci set shadowsocks.@socks5_proxy[0].local_port='1080'

uci set shadowsocks.@port_forward[0]=port_forward
uci set shadowsocks.@port_forward[0].server='nil'
uci set shadowsocks.@port_forward[0].local_port='5300'
uci set shadowsocks.@port_forward[0].destination='8.8.4.4:53'

uci set shadowsocks.@access_control[0]=access_control
uci set shadowsocks.@access_control[0].self_proxy='1'
uci set shadowsocks.@access_control[0].lan_target='SS_SPEC_WAN_AC'
uci set shadowsocks.@access_control[0].wan_bp_list='/etc/chinadns_chnroute.txt'

uci commit shadowsocks
/etc/init.d/shadowsocks enable
/etc/init.d/shadowsocks start

uci set dns-forwarder.@dns-forwarder[0]=dns-forwarder
uci set dns-forwarder.@dns-forwarder[0].listen_addr='0.0.0.0'
uci set dns-forwarder.@dns-forwarder[0].listen_port='5300'
uci set dns-forwarder.@dns-forwarder[0].dns_servers='8.8.8.8'
uci set dns-forwarder.@dns-forwarder[0].enable='1'

uci commit dns-forwarder
/etc/init.d/dns-forwarder enable
/etc/init.d/dns-forwarder start

uci set chinadns.@chinadns[0]=chinadns
uci set chinadns.@chinadns[0].bidirectional='0'
uci set chinadns.@chinadns[0].chnroute='/etc/chinadns_chnroute.txt'
uci set chinadns.@chinadns[0].port='5353'
uci set chinadns.@chinadns[0].enable='1'
uci set chinadns.@chinadns[0].server='223.5.5.5,127.0.0.1:5300'

uci commit chinadns
/etc/init.d/chinadns enable
/etc/init.d/chinadns start

https://wiki.openwrt.org/doc/uci

Sections naming

Sections deserve some extra explanation in regards to naming. A section can be named or unnamed. Unnamed sections will get an autogenerated ID/CFGID (like cfg073777) and be presented with an anonymous-name (like @switch[0])

# uci show wireless.@wifi-device[0]
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.channel='11'
wireless.radio0.hwmode='11g'
wireless.radio0.path='platform/ar933x_wmac'
wireless.radio0.htmode='HT20'
wireless.radio0.disabled='0'
wireless.radio0.txpower='18'
wireless.radio0.country='CN'

openwrt-dist 源中的 shadowsocks-libev 软件包只有 `/bin

$ git clone https://github.com/shadowsocks/luci-app-shadowsocks.git
Cloning into 'luci-app-shadowsocks'...
remote: Counting objects: 1086, done.
remote: Total 1086 (delta 0), reused 0 (delta 0), pack-reused 1086
Receiving objects: 100% (1086/1086), 262.73 KiB | 0 bytes/s, done.
Resolving deltas: 100% (402/402), done.

$ tree luci-app-shadowsocks/files/root/
luci-app-shadowsocks/files/root/
├── etc
│   ├── config
│   │   └── shadowsocks
│   ├── init.d
│   │   └── shadowsocks
│   └── uci-defaults
│       └── luci-shadowsocks
└── usr
    └── bin
        ├── ss-rules
        └── ss-rules-without-ipset

6 directories, 5 files

$ rsync -avP  luci-app-shadowsocks/files/root/
sending incremental file list
drwxrwxr-x        4096 2017/08/29 00:03:54 .
drwxrwxr-x        4096 2017/08/29 00:03:54 etc
drwxrwxr-x        4096 2017/08/29 00:03:54 etc/config
-rw-rw-r--         556 2017/08/29 00:03:54 etc/config/shadowsocks
drwxrwxr-x        4096 2017/08/29 00:03:54 etc/init.d
-rw-rw-r--        5062 2017/08/29 00:03:54 etc/init.d/shadowsocks
drwxrwxr-x        4096 2017/08/29 00:03:54 etc/uci-defaults
-rw-rw-r--         962 2017/08/29 00:03:54 etc/uci-defaults/luci-shadowsocks
drwxrwxr-x        4096 2017/08/29 00:03:54 usr
drwxrwxr-x        4096 2017/08/29 00:03:54 usr/bin
-rw-rw-r--        6699 2017/08/29 00:03:54 usr/bin/ss-rules
-rw-rw-r--        6101 2017/08/29 00:03:54 usr/bin/ss-rules-without-ipset

$ cat luci-app-shadowsocks/files/root/etc/uci-defaults/luci-shadowsocks
#!/bin/sh
uci get shadowsocks.@general[-1] >/dev/null 2>&1 || \
        uci add shadowsocks general >/dev/null 2>&1
uci get shadowsocks.@transparent_proxy[-1] >/dev/null 2>&1 || \
        uci add shadowsocks transparent_proxy >/dev/null 2>&1
uci get shadowsocks.@socks5_proxy[-1] >/dev/null 2>&1 || \
        uci add shadowsocks socks5_proxy >/dev/null 2>&1
uci get shadowsocks.@port_forward[-1] >/dev/null 2>&1 || \
        uci add shadowsocks port_forward >/dev/null 2>&1
uci get shadowsocks.@access_control[-1] >/dev/null 2>&1 || \
        uci add shadowsocks access_control >/dev/null 2>&1
uci commit shadowsocks
uci -q batch <<-EOF >/dev/null
        delete ucitrack.@shadowsocks[-1]
        add ucitrack shadowsocks
        set ucitrack.@shadowsocks[-1].init=shadowsocks
        commit ucitrack
        delete firewall.shadowsocks
        set firewall.shadowsocks=include
        set firewall.shadowsocks.type=script
        set firewall.shadowsocks.path=/var/etc/shadowsocks.include
        set firewall.shadowsocks.reload=1
        commit firewall
EOF
exit 0

sent 268 bytes  received 18 bytes  572.00 bytes/sec
total size is 19380  speedup is 67.76

$ rsync -avP --exclude=uci-defaults  luci-app-shadowsocks/files/root/
sending incremental file list
drwxrwxr-x        4096 2017/08/29 00:03:54 .
drwxrwxr-x        4096 2017/08/29 00:03:54 etc
drwxrwxr-x        4096 2017/08/29 00:03:54 etc/config
-rw-rw-r--         556 2017/08/29 00:03:54 etc/config/shadowsocks
drwxrwxr-x        4096 2017/08/29 00:03:54 etc/init.d
-rw-rw-r--        5062 2017/08/29 00:03:54 etc/init.d/shadowsocks
drwxrwxr-x        4096 2017/08/29 00:03:54 usr
drwxrwxr-x        4096 2017/08/29 00:03:54 usr/bin
-rw-rw-r--        6699 2017/08/29 00:03:54 usr/bin/ss-rules
-rw-rw-r--        6101 2017/08/29 00:03:54 usr/bin/ss-rules-without-ipset

sent 211 bytes  received 17 bytes  456.00 bytes/sec
total size is 18418  speedup is 80.78

$ rsync -avP --exclude=uci-defaults luci-app-shadowsocks/files/root/ ~/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/files/
sending incremental file list
./
etc/
etc/config/
etc/config/shadowsocks
         556 100%    0.00kB/s    0:00:00 (xfer#1, to-check=4/10)
etc/init.d/
etc/init.d/shadowsocks
        5062 100%    4.83MB/s    0:00:00 (xfer#2, to-check=3/10)
usr/
usr/bin/
usr/bin/ss-rules
        6699 100%    6.39MB/s    0:00:00 (xfer#3, to-check=1/10)
usr/bin/ss-rules-without-ipset
        6101 100%    5.82MB/s    0:00:00 (xfer#4, to-check=0/10)

sent 18819 bytes  received 111 bytes  37860.00 bytes/sec
total size is 18418  speedup is 0.97

$ tree ~/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/files/
/home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/files/
├── etc
│   ├── config
│   │   └── shadowsocks
│   ├── init.d
│   │   └── shadowsocks
│   ├── opkg.conf
│   └── uci-defaults
│       └── defaults
└── usr
    └── bin
        ├── ss-rules
        └── ss-rules-without-ipset

6 directories, 6 files

$ chmod 755 files/usr/bin/* files/etc/init.d/*

$ ll files/usr/bin/* files/etc/init.d/*
-rwxr-xr-x 1 i i 6.6K | 2017-08-29 00:03 | files/usr/bin/ss-rules*
-rwxr-xr-x 1 i i 6.0K | 2017-08-29 00:03 | files/usr/bin/ss-rules-without-ipset*
-rwxr-xr-x 1 i i 5.0K | 2017-08-29 00:03 | files/etc/init.d/shadowsocks*

PROFILE 配置:

$ make info|grep -C1 WR703N
TLWR703:
        TP-LINK TL-WR703N
        Packages: kmod-usb-core kmod-usb2

PACkAGES 软件包:

time make image PROFILE=TLWR703 FILES=files/ PACKAGES="dnsmasq-full ip ipset iptables-mod-tproxy iptables-mod-nat-extra ChinaDNS dns-forwarder shadowsocks-libev -luci* -dnsmasq -kmod-ipv6 -libip6tc -odhcp6c -firewall -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -kmod-nf-conntrack6 -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox"

time make image PROFILE=TLWR703 FILES=files/ PACKAGES="ChinaDNS dns-forwarder shadowsocks-libev ip ipset iptables-mod-tproxy iptables-mod-nat-extra dnsmasq-full -dnsmasq -kmod-ipv6 -libip6tc -odhcp6c -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -kmod-nf-conntrack6 -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox -luci*"

real    1m28.885s
user    0m15.822s
sys     0m16.358s

FILES_REMOVE 手动删除文件:

https://wiki.openwrt.org/doc/howto/obtain.firmware.generate#remove_useless_files_from_firmware

root@wr703n:~# opkg list-installed|awk '{print $1}'|grep 6
kmod-ip6tables
kmod-ipv6
kmod-nf-conntrack6
kmod-nf-ipt6
libip6tc

root@wr703n:~# for pkg in `opkg list-installed|awk '{print $1}'|grep 6`
> do
> opkg files $pkg
> done
Package kmod-ip6tables (3.18.23-1) is installed on root and has the following files:
/etc/modules.d/42-ip6tables
/lib/modules/3.18.23/ip6table_mangle.ko
/lib/modules/3.18.23/ip6table_filter.ko
/lib/modules/3.18.23/nf_reject_ipv6.ko
/lib/modules/3.18.23/ip6table_raw.ko
/lib/modules/3.18.23/nf_log_ipv6.ko
/lib/modules/3.18.23/ip6t_REJECT.ko
Package kmod-ipv6 (3.18.23-1) is installed on root and has the following files:
/etc/modules.d/20-ipv6
/lib/modules/3.18.23/ipv6.ko
Package kmod-nf-conntrack6 (3.18.23-1) is installed on root and has the following files:
/etc/modules.d/nf-conntrack6
/lib/modules/3.18.23/nf_defrag_ipv6.ko
/lib/modules/3.18.23/nf_conntrack_ipv6.ko
Package kmod-nf-ipt6 (3.18.23-1) is installed on root and has the following files:
/lib/modules/3.18.23/ip6_tables.ko
/etc/modules.d/nf-ipt6
Package libip6tc (1.4.21-1) is installed on root and has the following files:
/usr/lib/libiptext6.so
/usr/lib/libip6tc.so
/usr/lib/libip6tc.so.0.1.0
/usr/lib/libip6tc.so.0

root@wr703n:~# for pkg in `opkg list-installed|awk '{print $1}'|grep 6`; do opkg files $pkg; done|grep '/'
/etc/modules.d/42-ip6tables
/lib/modules/3.18.23/ip6table_mangle.ko
/lib/modules/3.18.23/ip6table_filter.ko
/lib/modules/3.18.23/nf_reject_ipv6.ko
/lib/modules/3.18.23/ip6table_raw.ko
/lib/modules/3.18.23/nf_log_ipv6.ko
/lib/modules/3.18.23/ip6t_REJECT.ko
/etc/modules.d/20-ipv6
/lib/modules/3.18.23/ipv6.ko
/etc/modules.d/nf-conntrack6
/lib/modules/3.18.23/nf_defrag_ipv6.ko
/lib/modules/3.18.23/nf_conntrack_ipv6.ko
/lib/modules/3.18.23/ip6_tables.ko
/etc/modules.d/nf-ipt6
/usr/lib/libiptext6.so
/usr/lib/libip6tc.so
/usr/lib/libip6tc.so.0.1.0
/usr/lib/libip6tc.so.0

root@wr703n:~# for pkg in `opkg list-installed|awk '{print $1}'|grep 6`; do opkg files $pkg; done|grep '/'|xargs ls -lh
-rw-r--r--    1 root     root           5 Feb  1  2016 /etc/modules.d/20-ipv6
-rw-r--r--    1 root     root          84 Feb  1  2016 /etc/modules.d/42-ip6tables
-rw-r--r--    1 root     root          33 Feb  1  2016 /etc/modules.d/nf-conntrack6
-rw-r--r--    1 root     root          11 Feb  1  2016 /etc/modules.d/nf-ipt6
-rw-r--r--    1 root     root       14.8K Feb  1  2016 /lib/modules/3.18.23/ip6_tables.ko
-rw-r--r--    1 root     root        3.2K Feb  1  2016 /lib/modules/3.18.23/ip6t_REJECT.ko
-rw-r--r--    1 root     root        3.0K Feb  1  2016 /lib/modules/3.18.23/ip6table_filter.ko
-rw-r--r--    1 root     root        3.4K Feb  1  2016 /lib/modules/3.18.23/ip6table_mangle.ko
-rw-r--r--    1 root     root        2.8K Feb  1  2016 /lib/modules/3.18.23/ip6table_raw.ko
-rw-r--r--    1 root     root      366.4K Feb  1  2016 /lib/modules/3.18.23/ipv6.ko
-rw-r--r--    1 root     root       11.3K Feb  1  2016 /lib/modules/3.18.23/nf_conntrack_ipv6.ko
-rw-r--r--    1 root     root        9.2K Feb  1  2016 /lib/modules/3.18.23/nf_defrag_ipv6.ko
-rw-r--r--    1 root     root        7.2K Feb  1  2016 /lib/modules/3.18.23/nf_log_ipv6.ko
-rw-r--r--    1 root     root        3.9K Feb  1  2016 /lib/modules/3.18.23/nf_reject_ipv6.ko
lrwxrwxrwx    1 root     root          17 Aug 29 00:45 /usr/lib/libip6tc.so -> libip6tc.so.0.1.0
lrwxrwxrwx    1 root     root          17 Aug 29 00:45 /usr/lib/libip6tc.so.0 -> libip6tc.so.0.1.0
-rwxr-xr-x    1 root     root       17.4K Feb  1  2016 /usr/lib/libip6tc.so.0.1.0
-rwxr-xr-x    1 root     root       18.2K Feb  1  2016 /usr/lib/libiptext6.so

$ cp Makefile{,.bak}
‘Makefile’ -> ‘Makefile.bak’

$ diff Makefile*
116,125d115
<
< ifneq ($(FILES_REMOVE),)
<       @echo
<       @echo Remove useless files
<
<       while read filename; do                         \
<           rm -rfv "$(TARGET_DIR)$$filename";  \
<       done < $(FILES_REMOVE);
< endif
<

kmod-usb2
kmod-usb-core
kmod-nls-base
kmod-nf-nathelper
kmod-gpio-button-hotplug

没有集成 bind-dig 不然 ROM 会超过 4M 打包失败:

[ -f /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tl-wr703n-v1-kernel.bin -a -f /home/i/openwrt/OpenWrt-ImageBuilder-15.0
5.1-ar71xx-generic.Linux-x86_64/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/root.squashfs ]
dd if=/home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/root.squashfs  >> /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-
generic.Linux-x86_64/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp/openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
7526+1 records in
7526+1 records out
3853562 bytes (3.9 MB) copied, 0.0327387 s, 118 MB/s

/home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/staging_dir/host/bin/mktplinkfw -H 0x07030101 -W 0x1 -F 4Mlzma -N OpenWrt -V r48532 -k /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-g
eneric.Linux-x86_64/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tl-wr703n-v1-kernel.bin -r /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/build_dir/target-mips_34kc_uC
libc-0.9.33.2/linux-ar71xx_generic/tmp/openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin -o /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/build_dir/target-mips_34kc_uCl
ibc-0.9.33.2/linux-ar71xx_generic/tmp/openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin.new -j -X 0x40000 -a 0x4 -s && mv /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/
build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp/openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin.new /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/
build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp/openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin || rm -f /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x8
6_64/build_dir/target-mips_34kc_uClibc-0.9.33.2/linux-ar71xx_generic/tmp/openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
[mktplinkfw] kernel length aligned to 1176540
[mktplinkfw] *** error: images are too big      ## <--

成功编译完成后:

$ ll /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/bin/ar71xx/
total 26M
-rw-rw-r-- 1 i i  960 | 2017-08-28 01:16 | md5sums
-rw-rw-r-- 1 i i 1.5K | 2017-08-28 01:16 | sha256sums
-rw-rw-r-- 1 i i 3.8M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin
-rw-rw-r-- 1 i i 3.4M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
-rw-rw-r-- 1 i i 1.6M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-uImage-gzip.bin
-rw-rw-r-- 1 i i 1.2M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-uImage-lzma.bin
-rwxr-xr-x 1 i i 3.4M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-vmlinux.bin*
-rwxr-xr-x 1 i i 3.4M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-vmlinux.elf*
-rwxr-xr-x 1 i i 1.2M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-vmlinux-lzma.elf*
-rw-rw-r-- 1 i i 1.6M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-vmlinux.gz
-rw-rw-r-- 1 i i 1.2M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-vmlinux.lzma
-rw-rw-r-- 1 i i 2.4M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-root.squashfs
-rw-r--r-- 1 i i 2.3M | 2017-08-28 01:16 | openwrt-15.05.1-ar71xx-generic-root.squashfs-64k

默认 openwrt 安装软件包:

root@OpenWrt:/etc# opkg list-installed|awk '{print $1}'
ChinaDNS
base-files
bind-dig
bind-libs
busybox
curl
dns-forwarder
dnsmasq
dropbear
firewall
fstools
hostapd-common
ip
ip6tables
ipset
iptables
iptables-mod-tproxy
iw
jshn
jsonfilter
kernel
kmod-ath
kmod-ath9k
kmod-ath9k-common
kmod-cfg80211
kmod-crypto-aes
kmod-crypto-arc4
kmod-crypto-core
kmod-gpio-button-hotplug
kmod-ip6tables
kmod-ipt-conntrack
kmod-ipt-core
kmod-ipt-ipset
kmod-ipt-nat
kmod-ipt-tproxy
kmod-ipv6
kmod-lib-crc-ccitt
kmod-mac80211
kmod-nf-conntrack
kmod-nf-conntrack6
kmod-nf-ipt
kmod-nf-ipt6
kmod-nf-nat
kmod-nf-nathelper
kmod-nfnetlink
kmod-nls-base
kmod-ppp
kmod-pppoe
kmod-pppox
kmod-slhc
kmod-usb-core
kmod-usb2
libblobmsg-json
libc
libcurl
libev
libgcc
libip4tc
libip6tc
libiwinfo
libiwinfo-lua
libjson-c
libjson-script
liblua
libmbedtls
libmnl
libnl-tiny
libopenssl
libpcre
libpolarssl
libpthread
libsodium
libubox
libubus
libubus-lua
libuci
libuci-lua
libudns
libxtables
lua
luci
luci-app-chinadns
luci-app-dns-forwarder
luci-app-firewall
luci-app-shadowsocks
luci-base
luci-lib-ip
luci-lib-nixio
luci-mod-admin-full
luci-proto-ipv6
luci-proto-ppp
luci-theme-bootstrap
mtd
netifd
odhcp6c
odhcpd
opkg
ppp
ppp-mod-pppoe
procd
rpcd
shadowsocks-libev
swconfig
uboot-envtools
ubox
ubus
ubusd
uci
uhttpd
uhttpd-mod-ubus
usign
wpad-mini
zlib

删除 IPv6 、PPP 、LuCI 相关软件包:

# opkg list-installed|awk '{print $1}'|grep 6
ip6tables
kmod-ip6tables
kmod-ipv6
kmod-nf-conntrack6
kmod-nf-ipt6
libip6tc
luci-proto-ipv6
odhcp6c

root@OpenWrt:/etc# opkg list-installed|awk '{print $1}'|grep ppp
kmod-ppp
kmod-pppoe
kmod-pppox
luci-proto-ppp
ppp
ppp-mod-pppoe

root@OpenWrt:/etc# opkg list-installed|awk '{print $1}'|grep luci
luci
luci-app-chinadns
luci-app-dns-forwarder
luci-app-firewall
luci-app-shadowsocks
luci-base
luci-lib-ip
luci-lib-nixio
luci-mod-admin-full
luci-proto-ipv6
luci-proto-ppp
luci-theme-bootstrap

root@OpenWrt:/etc# opkg find kmod-pppox
kmod-pppox - 3.18.23-1 - Kernel helper module for PPPoE and PPTP support

root@OpenWrt:/etc# opkg find kmod-nf-ipt6
kmod-nf-ipt6 - 3.18.23-1 - Ip6tables core

root@OpenWrt:/etc# opkg find odhcp6c
odhcp6c - 2015-07-13-024525798c5f6aba3af9b2ef7b3af2f3c14f1db8 - Embedded DHCPv6-client for OpenWrt

-kmod-ipv6 -libip6tc -odhcp6c -luci-proto-ipv6 -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox -luci-proto-ppp

ADD 'ipset' package

$ time make image PROFILE=TLWR703 FILES=files/ PACKAGES="ChinaDNS dns-forwarder shadowsocks-libev ipset ip iptables-mod-tproxy -kmod-ipv6 -libip6tc -odhcp6c -ip6tables -kmod-ip6tables -kmod-nf-ipt6 -kmod-nf-conntrack6 -ppp -ppp-mod-pppoe -kmod-ppp -kmod-pppoe -kmod-pppox -luci*"

$ ll /home/i/openwrt/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64/bin/ar71xx/total 26M
-rw-rw-r-- 1 i i  960 | 2017-08-29 00:45 | md5sums
-rw-rw-r-- 1 i i 1.5K | 2017-08-29 00:45 | sha256sums
-rw-rw-r-- 1 i i 3.8M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin
-rw-rw-r-- 1 i i 3.6M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
-rw-rw-r-- 1 i i 1.6M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-uImage-gzip.bin
-rw-rw-r-- 1 i i 1.2M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-uImage-lzma.bin
-rwxr-xr-x 1 i i 3.4M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-vmlinux.bin*
-rwxr-xr-x 1 i i 3.4M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-vmlinux.elf*
-rwxr-xr-x 1 i i 1.2M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-vmlinux-lzma.elf*
-rw-rw-r-- 1 i i 1.6M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-vmlinux.gz
-rw-rw-r-- 1 i i 1.2M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-vmlinux.lzma
-rw-rw-r-- 1 i i 2.7M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-root.squashfs
-rw-r--r-- 1 i i 2.4M | 2017-08-29 00:45 | openwrt-15.05.1-ar71xx-generic-root.squashfs-64k


$ scp openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin root@192.168.3.1:/tmp

root@wr703n:/tmp# sysupgrade -v openwrt-15.05.1-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin

reference

使用 Image Builder 编译自动翻墙 OpenWrt 固件

OpenWrt 固件安装的软件包:

conf_url=http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/config
echo $(wget -qO - "$conf_url" | sed -ne 's/^CONFIG_PACKAGE_\([a-z0-9-]*\)=y/\1/ip')

使用 OpenWrt Image Generator 为 WR703N 路由器定制固件 2015-11-05

有两个命令可以升级固件:

sysupgrade -n -v /tmp/firmware.bin
mtd -r write /tmp/firmware.bin firmware

-n 不保存配置
-v 输出详细信息

Openwrt 无法解析内网地址

UCI 修改配置选项:dhcp.@dnsmasq[0].rebind_protection=0

root@LEDE:~# uci set dhcp.@dnsmasq[0].rebind_protection=0
root@LEDE:~# uci commit
root@LEDE:~# /etc/init.d/dnsmasq restart
root@LEDE:~# pgrep -lf dns
1013 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg02411c -k -x /var/run/dnsmasq/dnsmasq.cfg02411c.pid

解决 DNSMASQ 内网地址无法解析 No address (A) records available 2015-03-20

原来 DNSMASQ 有个的 Prevent DNS-rebind attacks 的安全配置,这个配置参数和描述如下:

–stop-dns-rebind

Reject (and log) addresses from upstream nameservers which are in the private IP ranges.
This blocks an attack where a browser behind a firewall is used to probe machines on the local network.

这项安全设置是拒绝解析包含私有 IP 地址的域名,这些 IP 地址包括如下私有地址范围:

IP range
A : 10.0.0.0~10.255.255.255 10.0.0.0/8
B : 172.16.0.0~172.31.255.255 172.16.0.0/12
C : 192.168.0.0~192.168.255.255 192.168.0.0/16

而其初衷是要防止类似上游 DNS 服务器故意将某些域名解析成特定私有内网 IP 而劫持用户这样的安全攻击。

了解了这个选项配置的作用,接下来我介绍两个解决的办法:

  1. 直接在配置文件中取消 stop-dns-rebind 配置项从而禁用该功能。

这个方法确实可以一劳永逸的解决解析内网 IP 地址的问题,但是我们也失去了这项安全保护的特性,所以在这里我不推荐这个办法。

  1. 使用 rebind-domain-ok 进行特定配置,顾名思义该配置项可以有选择的忽略域名的 rebind 行为

其具体官方描述如下:

–rebind-domain-ok=[<domain>]|[[/<domain>/[<domain>/]

Do not detect and block dns-rebind on queries to these domains. The argument may be either a single domain, or multiple domains surrounded by ‘/’, like the –server syntax, eg. –rebind-domain-ok=/domain1/domain2/domain3/

当然如果某个域名下的包含内网地址的子域名特别多,可以使用 通配 的方法:

rebind-domain-ok=/.example.com/

注意 .example.com 前面的 .

这样任何属于 example.com子域 名将均不接受 rebind 攻击检测了,所有的关于 example.com 子域名的私有内网 IP 都能正常解析。

dnsmasq 的 rebind_protection 引发的问题 2013-02-27

root@LEDE:~# cat /var/etc/dnsmasq.conf.cfg02411c

# auto-generated config file from /etc/config/dhcp              # auto-generated config file from /etc/config/dhcp
conf-file=/etc/dnsmasq.conf                                     conf-file=/etc/dnsmasq.conf
dhcp-authoritative                                              dhcp-authoritative
domain-needed                                                   domain-needed
localise-queries                                                localise-queries
read-ethers                                                     read-ethers
bogus-priv                                                      bogus-priv
expand-hosts                                                    expand-hosts
local-service                                                   local-service
domain=lan                                                      domain=lan
server=/lan/                                                    server=/lan/
dhcp-leasefile=/tmp/dhcp.leases                                 dhcp-leasefile=/tmp/dhcp.leases
resolv-file=/tmp/resolv.conf.auto                               resolv-file=/tmp/resolv.conf.auto
stop-dns-rebind                                               <
rebind-localhost-ok                                           <
dhcp-broadcast=tag:needs-broadcast                              dhcp-broadcast=tag:needs-broadcast
addn-hosts=/tmp/hosts                                           addn-hosts=/tmp/hosts
conf-dir=/tmp/dnsmasq.d                                         conf-dir=/tmp/dnsmasq.d
user=dnsmasq                                                    user=dnsmasq
group=dnsmasq                                                   group=dnsmasq
dhcp-range=lan,192.168.7.100,192.168.7.249,255.255.255.0,12h    dhcp-range=lan,192.168.7.100,192.168.7.249,255.255.255.0,12h
no-dhcp-interface=eth0                                          no-dhcp-interface=eth0

如果自建 ChinaDNS 需要 内网 DNS 解析 内网域名 ,在 dnsmasq 中添加 内网域名 对应的 内网 DNS 配置:

root@LEDE:~# uci add_list dhcp.@dnsmasq[0].server='/private-inc.com/10.60.8.11'

root@LEDE:~# uci changes
dhcp.cfg02411c.server+='/private-inc.com/10.60.8.11'

root@LEDE:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].nohosts='1'
dhcp.@dnsmasq[0].noresolv='1'
dhcp.@dnsmasq[0].local='127.0.0.1#5353'
dhcp.@dnsmasq[0].server='/private.com/10.60.8.11' '/private-inc.com/10.60.8.11'
dhcp.@dnsmasq[0].nonwildcard='0'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'

LuCI 添加:

root@LEDE:~# uci changes
dhcp.cfg02411c.server='/private.com/10.60.8.11'
dhcp.cfg02411c.server+='/private-inc.com/10.60.8.11'

root@LEDE:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].nohosts='1'
dhcp.@dnsmasq[0].noresolv='1'
dhcp.@dnsmasq[0].local='127.0.0.1#5353'
dhcp.@dnsmasq[0].nonwildcard='0'
dhcp.@dnsmasq[0].server='/private.com/10.60.8.11' '/private-inc.com/10.60.8.11'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'

LuCI 配置:

root@LEDE:~# uci changes
dhcp.cfg02411c.rebind_domain='private.com'
dhcp.cfg02411c.rebind_domain+='private-inc.com'

root@LEDE:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].nohosts='1'
dhcp.@dnsmasq[0].noresolv='1'
dhcp.@dnsmasq[0].local='127.0.0.1#5353'
dhcp.@dnsmasq[0].server='/private.com/10.60.8.11' '/private-inc.com/10.60.8.11'
dhcp.@dnsmasq[0].nonwildcard='0'
dhcp.@dnsmasq[0].rebind_domain='private.com' 'private-inc.com'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'

openwrt 深入学习指南:https://github.com/robbie-cao/kb-openwrt

[Solved] Reboot automatically after executing uci-defaults script?

#!/bin/sh

test -f /root/wakeup.sh && exit 0

uci batch <<EOF
    set system.@system[0].hostname='WR703N'
    set system.@system[0].conloglevel=8
    set system.@system[0].cronloglevel=8
    set system.@system[0].timezone=HKT-8
    set system.@system[0].zonename='Asia/Hong Kong'
    delete system.ntp.server
    add_list system.ntp.server='0.asia.pool.ntp.org'
    add_list system.ntp.server='time.asia.apple.com'
    add_list system.ntp.server='time.windows.com'
    commit system
EOF

uci batch <<EOF
    # set dropbear.@dropbear[0].Interface=lan
    set dropbear.@dropbear[0].Port=22
    set dropbear.@dropbear[0].PasswordAuth=off
    set dropbear.@dropbear[0].RootPasswordAuth=off
    set dropbear.@dropbear[0].GatewayPorts=on
    commit dropbear
EOF
/etc/init.d/dropbear start
/etc/init.d/dropbear enable

uci batch <<EOF
    add firewall rule
    set firewall.@rule[-1].name='Allow-SSH'
    set firewall.@rule[-1].src=wan
    set firewall.@rule[-1].target=ACCEPT
    set firewall.@rule[-1].proto=tcp
    set firewall.@rule[-1].dest_port=22
    commit firewall
EOF
/etc/init.d/firewall restart

uci batch <<EOF
    set wireless.radio0.disabled=0
    set wireless.radio0.channel=6
    set wireless.radio0.hwmode=11g
    set wireless.radio0.htmode=HT20
    set wireless.radio0.txpower=20
    set wireless.radio0.country=HK
    set wireless.@wifi-iface[0].disabled=0
    set wireless.@wifi-iface[0].network=lan
    set wireless.@wifi-iface[0].mode=ap
    set wireless.@wifi-iface[0].ssid=myssid
    set wireless.@wifi-iface[0].encryption='psk2+ccmp'
    set wireless.@wifi-iface[0].key='mypassword'
    # set wireless.@wifi-iface[0].macfilter=allow
    # add_list wireless.@wifi-iface[0].maclist=AA:BB:CC:DD:EE:FF
    # set wireless.@wifi-iface[0].hidden=1
    commit wireless
EOF

uci batch <<EOF
    set dhcp.lan.leasetime=12h
    set dhcp.lan.start=101
    set dhcp.lan.limit=99
    set dhcp.lan.ra_management=1
    add dhcp host
    set dhcp.@host[0]=host
    set dhcp.@host[0].name=Evan-PC
    set dhcp.@host[0].mac=11:11:11:11:11:11
    set dhcp.@host[0].ip=192.168.128.2
    add dhcp host
    set dhcp.@host[1]=host
    set dhcp.@host[1].name=Evan-phone
    set dhcp.@host[1].mac=22:22:22:22:22:22
    set dhcp.@host[1].ip=192.168.128.3
    commit dhcp
EOF
/etc/init.d/dnsmasq restart

uci batch <<EOF
    delete network.globals
    set network.lan=interface
    delete network.lan.ifname
    delete network.lan.type
    set network.lan.proto=static
    set network.lan.ipaddr=192.168.128.1
    set network.lan.netmask=255.255.255.0
    set network.wan=interface
    set network.wan.ifname=eth0
    set network.wan.proto=dhcp
    set network.wan.macaddr=01:23:45:67:89:AB
    set network.wan6=interface
    set network.wan6.proto=6to4
    commit network
EOF
wifi
/etc/init.d/network restart

uci batch <<EOF
    set ddns.myddns_ipv4.enabled=1
    set ddns.myddns_ipv4.service_name='No-IP.com'
    set ddns.myddns_ipv4.username=myusername
    set ddns.myddns_ipv4.password=mypassword
    set ddns.myddns_ipv4.domain='mydomain.ddns.net'
    set ddns.myddns_ipv4.ip_source=network
    set ddns.myddns_ipv4.force_interval=24
    set ddns.myddns_ipv4.force_unit=hours
    set ddns.myddns_ipv4.check_interval=10
    set ddns.myddns_ipv4.check_unit=minutes
    commit ddns
EOF
/etc/init.d/ddns start
/etc/init.d/ddns enable

cat <<'EOF' >/root/wakeup.sh
#!/bin/sh

/usr/bin/etherwake -D -i "eth0.2" "12:34:56:78:90:AB"

EOF

chmod +x /root/wakeup.sh

(crontab -l ; echo '30 6 * * * reboot')| crontab -
/etc/init.d/cron start
/etc/init.d/cron enable

(sleep 10 ; reboot )&
exit 0

TFTP

tftpd32/64 软件下载:http://tftpd32.jounin.net/tftpd32_download.html

youtube Tp-Link 841n v13 upgrade Openwrt (Lede) + Luci GUI

How to Unbrick TP-Link TL-WR740N WiFi Router Easily

How to recovery the router when you bricked it ?

How to use firmware recovery function of Pharos CPE

rename the firmware as recovery.bin

192.168.0.100/255.255.255.0

TP Link WDR3600 recovery without serial

tcpdump_TFTP_request

1, Change your PC/Laptop ip address to 192.168.0.66 2, Connect you computer to one of the LAN ports on the router (WAN port won't work for this) 2, Setup a tftp server on your machine (I use solarwinds tftp server) 3, Put the desired firmware in your tftp folder and rename it to wdr3600v1_tp_recovery.bin 4, Start the tftp server 5, Hold down the WPS/Reset button on the router 6, Power on the router 7, After approximately 7 seconds release the reset button 8, The router will now download the firmware from your server and upgrade

TFTP from server 192.168.0.66; our IP address is 192.168.0.86
Filename 'wdr3600v1_tp_recovery.bin'.
Load address: 0x80060000

Install and Recover with TFTP (Win/Linux/Mac)

Run a TFTP Server for Network Device Setups on Mac OS X or macOS

Using the Built in TFTP Server on OS X El Capitan

# launchctl load -F /System/Library/LaunchDaemons/tftp.plist
# launchctl start com.apple.tftpd

# netstat -nav|fgrep '*.69'
udp4       0      0   *.69     *.*     196724   9216      1      0
udp6       0      0   *.69     *.*     196724   9216      1      0

# lsof -nP -i4:69
COMMAND PID USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
launchd   1 root   38u  IPv4 0x3555d0e95f3847d7      0t0  UDP *:69
launchd   1 root   45u  IPv4 0x3555d0e95f3847d7      0t0  UDP *:69

TP-Link W841ND v9

tftpd32_bind_IP_address

Installing Amplespot firmware on TP-Link CPE210/220/510/520

set the Server Interface to 192.168.0.100

Rename file to recovery.bin (VERY IMPORTANT!)

TP-WDR4300 back to Firmware - Bricked now ?

the static IP address of the router is always 192.168.0.86 and your laptop's static IP address must always be 192.168.0.66.

IP 192.168.0.86.1540 > Sandra-PC.69: 44 RRQ "wdr4300v1_tp_recovery.bin" octet timeout 5

img_IP_address

img_tftpd_file

TP-Link TL-WR802N - double speed to classical TL-WR702N

$ binwalk openwrt-15.05-ar71xx-generic-tl-wr841n-v9-squashfs-factory.bin

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
512           0x200           LZMA compressed data, properties: 0x6D, dictionary size: 8388608 bytes, uncompressed size: 3391996 bytes
1099100       0x10C55C        Squashfs filesystem, little endian, version 4.0, compression:xz, size: 2187934 bytes, 1098 inodes, blocksize: 262144 bytes, created: 2015-09-11 16:03:37

$ binwalk TL-WR802N_V1_150717/wr802nv1_en_3_16_9_up_boot\(150717\).bin

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             TP-Link firmware header, firmware version: 0.-16753.3, image version: "", product ID: 0x0, product version: 134348801, kernel load address: 0x0, kernel entry point: 0x80002000, kernel offset: 4063744, kernel length: 512, rootfs offset: 721952, rootfs length: 1048576, bootloader offset: 2883584, bootloader length: 0
13424         0x3470          U-Boot version string, "U-Boot 1.1.4 (Jul 17 2015 - 13:21:28)"
13472         0x34A0          CRC32 polynomial table, big endian
14756         0x39A4          uImage header, header size: 64 bytes, header CRC: 0xB3D299CF, created: 2015-07-17 05:21:29, image size: 34475 bytes, Data Address: 0x80010000, Entry Point: 0x80010000, data CRC: 0x9383ACE7, OS: Linux, CPU: MIPS, image type: Firmware Image, compression type: lzma, image name: "u-boot image"
14820         0x39E4          LZMA compressed data, properties: 0x5D, dictionary size: 33554432 bytes, uncompressed size: 90088 bytes
131584        0x20200         TP-Link firmware header, firmware version: 0.0.3, image version: "", product ID: 0x0, product version: 134348801, kernel load address: 0x0, kernel entry point: 0x80002000, kernel offset: 3932160, kernel length: 512, rootfs offset: 721952, rootfs length: 1048576, bootloader offset: 2883584, bootloader length: 0
132096        0x20400         LZMA compressed data, properties: 0x5D, dictionary size: 33554432 bytes, uncompressed size: 2103472 bytes
1180160       0x120200        Squashfs filesystem, little endian, version 4.0, compression:lzma, size: 2542608 bytes, 583 inodes, blocksize: 131072 bytes, created: 2015-07-17 05:37:08

Recover bricked TL-MR3020 via serial console

Hacking the TP-Link TL-WR703N – Part 2: Bring it back from the dead (How to unbrick it)

TP-LINK TL-WR703N Configuration & Hack