OpenWRT

Network > Firewall > Custom Rules

root
grep root /etc/shadow 
   1 root::0:0:99999:7:::

   1 passwd

   1 opkg update
   2 opkg install tmux htop diffutils \
   3         ethtool iputils-arping iputils-tracepath

/etc/profile.local
   1 ### IF TMUX DOES NOT DISPLAY UTF-8 CHARS CORRECTLY
   2 LC_ALL=UTF-8
   3 
   4 ### CUSTOM ALIASES
   5 alias l='ls -l'
   6 alias la='ls -la'
   7 alias ..='cd ..' 

/etc/profile
   1 [ -e /etc/profile.local ] && source /etc/profile.local

logread
dmesg
   1 logread -f

   1 opkg update
   2 opkg install luci

   1 opkg update
   2 opkg install luci-ssl luci-app-uhttpd
   3 /etc/init.d/uhttpd restart
   4 4+0 records in
   5 4+0 records out
   6 Generating RSA private key, 2048 bit long modulus
   7 Generating selfsigned certificate with subject 'C=ZZ,ST=Somewhere,L=Unknown,O=OpenWrtcbba6ded,CN=OpenWrt,' and validity 20210315195149-20230315195149

max-width
/www/luci-static/bootstrap/cascade.css
   1 .container {
   2         width: 100%;
   3         //max-width: 940px;
   4         //max-width: 1280px;
   5         max-width: 1440px;
   6         margin-left: auto;
   7         margin-right: auto;
   8         zoom: 1;
   9 }

   1 .table .th, .table .td {
   2         display: table-cell;
   3         vertical-align: middle;
   4         //padding: 10px 10px 9px;
   5         padding: 10px 3px 9px;
   6         line-height: 18px;
   7         text-align: left;
   8 }

   1 opkg list |grep shadow-

   1 opkg update
   2 opkg install shadow-useradd
   3 ### SHOW DEFAULTS
   4 useradd -D
   5 GROUP=100
   6 HOME=/home
   7 INACTIVE=-1
   8 EXPIRE=
   9 SHELL=
  10 SKEL=/etc/skel
  11 CREATE_MAIL_SPOOL=no
  12 mkdir /home

   1 UNAME=user_name
   2 useradd -mU -s /bin/ash -c "First Last,,," "$UNAME"

   1 opkg update
   2 opkg install kmod-usb-storage blkid block-mount kmod-fs-ext4 luci-app-hd-idle

   1 opkg install e2fsprogs gdisk

   1 swapon -s
   2 DEVICE="/dev/sda1"
   3 #mkswap -L swap1 "$DEVICE"
   4 eval $(blkid "$DEVICE" |cut -f2 -d:)
   5 uci set fstab.swap1="swap"
   6 uci set fstab.swap1.uuid="$PARTUUID"
   7 uci commit fstab
   8 swapon -a
   9 swapon -s

   1 mkdir /mnt/mtdblock4
   2 DEVICE="$(sed -n -e "/\s\/overlay\s.*$/s///p" /etc/mtab)"
   3 uci set fstab.mtdblock4="mount"
   4 uci set fstab.mtdblock4.device="$DEVICE"
   5 uci set fstab.mtdblock4.target="/mnt/mtdblock4"
   6 uci commit fstab

   1 DEVICE="/dev/sda2"
   2 TARGET="/mnt/rootfs"
   3 [ -d "$TARGET" ] || mkdir "$TARGET"
   4 mount "$DEVICE" "$TARGET"
   5 cp -f -a /overlay/. /mnt/rootfs/

   1 DEVICE="/dev/sda2"
   2 eval $(blkid "$DEVICE" |cut -f2 -d:)
   3 uci set fstab.overlay="mount"
   4 uci set fstab.overlay.uuid="$UUID"
   5 uci set fstab.overlay.target="/overlay"
   6 uci commit fstab

reboot
   1 root@openwrt:~# df -h
   2 Filesystem                Size      Used Available Use% Mounted on
   3 /dev/root                 2.5M      2.5M         0 100% /rom
   4 tmpfs                    60.8M     76.0K     60.7M   0% /tmp
   5 /dev/sda2                 3.1G      7.1M      3.0G   0% /overlay
   6 overlayfs:/overlay        3.1G      7.1M      3.0G   0% /
   7 tmpfs                   512.0K         0    512.0K   0% /dev
   8 /dev/mtdblock4            3.9M      3.0M    856.0K  78% /mnt/mtdblock4

   1 opkg list |grep package

   1 opkg remove --autoremove package

   1 opkg remove --force-removal-of-dependent-packages package

opkg remove --force-removal-of-dependent-packages libopenssl1.1
opkg install failed-package
opkg remove --autoremove failed-package
opkg install top-level-packages that pulled libopenssl1.1
/sbin/opkg_remove_partly_installed_packages.sh
   1 #!/bin/sh
   2 # takes one argument/parameter: the name of the package
   3 # which didn't install correctly and
   4 # should be removed along with its dependencies
   5 # example: opkg_remove_partly_installed_packages.sh pulseaudio-daemon
   6 
   7 if [ -z "$1" ]; then
   8         echo "Please specify one or more packages".
   9         exit 1
  10 fi
  11 
  12 opkg update
  13 
  14 #get list of all packages that would be installed along with package x
  15 PACKAGES="$(opkg --force-space --noaction install $@ \
  16         |grep "http:" \
  17         |cut -f 2 -d ' ' \
  18         |sed 's/\.$//')"
  19 
  20 echo "Following packages will be destroyed."
  21 echo "$PACKAGES"
  22 
  23 read -p"Check and confirm with 'yes': " CONFIR_INPUT
  24 if test "$CONFIR_INPUT" = "yes"; then
  25         echo "Confirmed. Exterminating packages_"
  26 else
  27         echo "Not confirmed - aborting."
  28         exit 0
  29 fi
  30 
  31 for i in $PACKAGES
  32 do
  33         LIST="$(wget -qO- $i \
  34                 |tar -Oxz ./data.tar.gz \
  35                 |tar -tz \
  36                 |sort -r \
  37                 |sed 's/^./\/overlay\/upper/')"
  38         for f in $LIST; do
  39                 if [ -f "$f" ]; then
  40                         echo "Removing file $f"
  41                         rm -f "$f"
  42                 fi
  43                 if [ -d "$f" ];then
  44                         cat <<-EOF
  45                                 Trying to remove directory '$f'
  46                                 (will only work on empty directories)
  47                         EOF
  48                         rmdir "$f"
  49                 fi
  50         done
  51 done
  52 
  53 echo "You may need to reboot for the free space to become visible."

tmux
   1 ### INSTALL AND START tmux IF YOU HAVEN'T
   2 opkg update
   3 opkg install tmux
   4 tmux
   5 
   6 ### UPGRADE
   7 PACKAGES="$(opkg list-upgradable \
   8         |grep -v '^Not selecting' \
   9         |awk '{print $1}')"
  10 [ "$PACKAGES" ] && opkg upgrade $PACKAGES

netifd
/usr/local/sbin/opkg_upgrade
   1 #!/bin/sh
   2 
   3 PACKAGES="$(opkg list-upgradable \
   4         |grep -v '^Not selecting' \
   5         |awk '{print $1}')"
   6 
   7 if test "$PACKAGES"; then
   8         echo -e "Packages to be upgraded:\n$PACKAGES"
   9         read -p"Check and confirm with 'yes': " CONFIR_INPUT
  10         if test "$CONFIR_INPUT" = "yes"; then
  11                 echo "Confirmed performing upgrade"
  12                 opkg upgrade $PACKAGES
  13         else
  14                 echo "Input invalid - aborting."
  15         fi
  16 else
  17         echo -e "No packages to be upgraded."
  18         echo "Nothing to do - exiting ..."
  19 fi

   1 chmod u+x /usr/local/sbin/opkg_upgrade

tmux
   1 ### INSTALL AND START tmux IF YOU HAVEN'T
   2 opkg update
   3 opkg install tmux
   4 tmux
   5 ### UPGRADE
   6 opkg_upgrade

netifd
crontab -e
   1 0 2 * * *       echo yes |/usr/local/sbin/opkg_upgrade

/etc/sysupgrade.conf
   1 ## This file contains files and directories that should
   2 ## be preserved during an upgrade.
   3 
   4 # /etc/example.conf
   5 # /etc/openvpn/
   6 
   7 ### docu
   8 /etc/user_installed_pkg.list
   9 /etc/sysbackup.tar.gz
  10 
  11 ### daemons
  12 /etc/samba/
  13 /etc/dropbear/
  14 /etc/dnsmasq.hosts
  15 /etc/collectd.conf
  16 /etc/fwknop/
  17 /etc/vsftpd/
  18 /etc/vsftpd.conf
  19 /etc/config/ahcpd
  20 /etc/dnsmasq.conf
  21 /etc/ppp/
  22 
  23 ### configs
  24 /etc/screenrc
  25 
  26 ### login data 
  27 /etc/group
  28 /etc/group-
  29 /etc/passwd
  30 /etc/passwd-
  31 /etc/profile
  32 /etc/profile.local
  33 /etc/shadow
  34 /etc/shadow-
  35 /etc/login.defs
  36 
  37 ### system
  38 /etc/config/
  39 /etc/crontabs
  40 /etc/dropbear/dropbear_rsa_host_key
  41 /etc/exports
  42 /etc/firewall.user
  43 /etc/kresd/custom.conf
  44 /etc/inittab
  45 /etc/lvm/
  46 #/etc/opkg
  47 /etc/opkg/customfeeds.conf
  48 /etc/opkg.conf
  49 /etc/rc.local
  50 /etc/sysctl.conf
  51 /etc/sysctl.d/local.conf
  52 /etc/sysupgrade.conf
  53 
  54 ### databases
  55 /etc/ethers
  56 /etc/hosts
  57 /etc/protocols
  58 /etc/services
  59 /etc/shells
  60 
  61 ### scripts
  62 /etc/listlinkedpkg.sh
  63 /etc/listuserpackages.sh
  64 /etc/opkg_color.sh
  65 /sbin/opkg_upgrade
  66 /sbin/opkg_remove_partly_installed_packages.sh

   1 sysupgrade -l
   2 ### OR WITH SHELL
   3 grep -v -e '^$' -e '^#' /etc/sysupgrade.conf \
   4      |while read LINE; do
   5             ls -d "$LINE" 2>/dev/null;
   6 done

   1 umask go=
   2 DIR_BACKUP="/root/backup"
   3 [ -d "$DIR_BACKUP" ] || mkdir "$DIR_BACKUP"
   4 sysupgrade -k -b "$DIR_BACKUP/backup-${HOSTNAME}-$(date +%F_+%H%M%S).tar.gz"
   5 ls -l "$DIR_BACKUP"/backup-*.tar.gz

%H%M%S
%T
:
   1 scp 'root@192.168.1.1:/root/backup/backup-*.tar.gz' .
   2 scp 'root@openwrt.lan:/root/backup/backup-*.tar.gz' .

   1 # Upload backup
   2 scp backup-*.tar.gz root@openwrt.lan:/root
   3  
   4 # Restore backup
   5 ls /root/backup-*.tar.gz
   6 sysupgrade -r /root/backup-your_specific_point_in_time.tar.gz

   1 sysupgrade -v /root/img-bin

   1 apt install atftpd tftp

tcpd
   1 LANG=C netstat -tulpen |grep -e '^Proto' -e ':69' 
   2 Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name    
   3 udp        0      0 0.0.0.0:69              0.0.0.0:*                           0          49344      2415/rlinetd        
   4 udp6       0      0 :::69                   :::*                                0          49345      2415/rlinetd        

/etc/rlinetd.conf
   1 # look for further configuration files elsewhere (ignore editor backup files)
   2 
   3 directory "/etc/rlinetd.d" "" "(~|\.bak|\.swp|\.ucf-.*|\.dpkg-.*)$";
   4 
   5 # set up some reasonable defaults
   6 
   7 defaults {
   8   instances 5;
   9   # only making services available to your inside network?
  10   # interface 192.168.1.1;
  11 }

/etc/rlinetd.d/tftp_udp
   1 # This file was automatically generated by inetd2rlinetd
   2 
   3 # Generated from: tftp          dgram   udp     wait    nobody /usr/sbin/tcpd /usr/sbin/in.tftpd --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /srv/tftp
   4 service "tftp_udp" {
   5         enabled yes;
   6         protocol udp;
   7         port "tftp";
   8         user "nobody";
   9         exec "/usr/sbin/in.tftpd --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /srv/tftp";
  10         server "/usr/sbin/tcpd";
  11         wait yes;
  12 }

/srv/tftp
   1 addgroup --system tftp
   2 adduser tobias tftp
   3 install -o root -g tftp -m 2775 -d /srv/tftp

id
   1 sudo install -o tobias -g tftp -m 2775 -d /srv/tftp/homehub_v5a
   2 cd /srv/tftp/homehub_v5a
   3 wget "https://github.com/mkresin/BTHH5a-installimage/releases/download/v1.0/lede-lantiq-bthomehubv5a_ram-u-boot.asc"
   4 wget "https://github.com/mkresin/BTHH5a-installimage/releases/download/v1.0/lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin"
   5 wget "https://downloads.openwrt.org/snapshots/targets/lantiq/xrx200/openwrt-lantiq-xrx200-bt_homehub-v5a-squashfs-sysupgrade.bin"
   6 ln -s /srv/tftp/homehub_v5a/lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin \
   7         /srv/tftp/lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin
   8 ls -l /srv/tftp/homehub_v5a 
   9 insgesamt 18612
  10 -rw-r--r-- 1 tobias tftp   853647  3. Nov 2017  lede-lantiq-bthomehubv5a_ram-u-boot.asc
  11 -rw-r--r-- 1 tobias tftp 11387322  3. Nov 2017  lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin
  12 -rw-r--r-- 1 tobias tftp  6810208  1. Sep 02:01 openwrt-lantiq-xrx200-bt_homehub-v5a-squashfs-sysupgrade.bin

   1 tobias@libertas ~ % tftp 192.168.1.10
   2 tftp> ?   
   3 Commands may be abbreviated.  Commands are:
   4 
   5 connect         connect to remote tftp
   6 mode            set file transfer mode
   7 put             send file
   8 get             receive file
   9 quit            exit tftp
  10 verbose         toggle verbose mode
  11 trace           toggle packet tracing
  12 status          show current status
  13 binary          set mode to octet
  14 ascii           set mode to netascii
  15 rexmt           set per-packet retransmission timeout
  16 timeout         set total retransmission timeout
  17 ?               print help information
  18 tftp> get lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin
  19 Transfer timed out.
  20 
  21 ### LOG SHOWED TCPD WAS MISSING
  22 tftp> get lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin
  23 Received 11460682 bytes in 1.0 seconds

   1 sudo adduser tobias dialout

   1 ls -l /dev/ttyUSB*
   2 crw-rw---- 1 root dialout 188, 0 27. Aug 11:22 /dev/ttyUSB0
   3 minicom -c on -b 115200 -8 -D /dev/ttyUSB0

   1 Willkommen zu minicom 2.8
   2 
   3 Optionen: I18n 
   4 Port /dev/ttyUSB0, 08:56:49
   5 
   6 Drücken Sie CTRL-A  Z für Hilfe zu speziellen Tasten
   7 
   8 ROM VER: 1.1.4
   9 CFG 06
  10 NAND
  11 NAND Read OK
  12 
  13 DDR autotuning Rev 0.3d
  14 DDR size from 0xa0000000 - 0xa7ffffff
  15 DDR check ok... start booting...
  16 
  17 
  18 
  19 U-Boot 2010.06-LANTIQ-v-2.2.46 (Dec 06 2013 - 02:39:45 on tester@clean-machine)
  20 
  21 CLOCK CPU 500M RAM 250M
  22 secure boot
  23 DRAM:  125 MiB
  24 NAND:  ONFI flash detected
  25 ONFI param page 0 valid
  26 NAND device: Manufacturer ID: 0x01, Chip ID: 0xf1 (AMD S34ML01G1)
  27 128 MiB
  28 Bad block table found at page 65472, version 0x01
  29 Bad block table found at page 65408, version 0x01
  30 In:    serial
  31 Out:   serial
  32 Err:   serial
  33 Net:   Internal phy(GE) firmware version: 0x841b
  34 vr9 Switch
  35 
  36 Type "run flash_nfs" to mount root filesystem over NFS
  37 
  38 Hit any key to stop autoboot:  0 
  39 Creating 1 MTD partitions on "nand0":
  40 0x000000100000-0x000007f80000 : "mtd=0"
  41 UBI: attaching mtd1 to ubi0
  42 UBI: physical eraseblock size:   131072 bytes (128 KiB)
  43 UBI: logical eraseblock size:    129024 bytes
  44 UBI: smallest flash I/O unit:    2048
  45 UBI: sub-page size:              512
  46 UBI: VID header offset:          512 (aligned 512)
  47 UBI: data offset:                2048
  48 UBI: attached mtd1 to ubi0
  49 UBI: MTD device name:            "mtd=0"
  50 UBI: MTD device size:            126 MiB
  51 UBI: number of good PEBs:        1012
  52 UBI: number of bad PEBs:         0
  53 UBI: max. allowed volumes:       128
  54 UBI: wear-leveling threshold:    4096
  55 UBI: number of internal volumes: 1
  56 UBI: number of user volumes:     1
  57 UBI: available PEBs:             997
  58 UBI: total number of reserved PEBs: 15
  59 UBI: number of PEBs reserved for bad PEB handling: 10
  60 UBI: max/mean erase counter: 400/282
  61 kernel volume not found
  62 Wrong Image Format for bootm command
  63 ERROR: can't get kernel image!
  64 VR9 # 
  65 

   1 VR9 # help
   2 ?       - alias for 'help'
   3 base    - print or set address offset
   4 bootm   - boot application image from memory
   5 bootp   - boot image via network using BOOTP/TFTP protocol
   6 chpart  - change active partition
   7 cmp     - memory compare
   8 cp      - memory copy
   9 crc32   - checksum calculation
  10 dualimage- dualimage - sets openrg_start and openrg_size according to the current active image.
  11 
  12 echo    - echo args to console
  13 go      - start application at address 'addr'
  14 help    - print command description/usage
  15 loop    - infinite loop on address range
  16 md      - memory display
  17 mm      - memory modify (auto-incrementing address)
  18 mtdparts- define flash/nand partitions
  19 mtest   - simple RAM read/write test
  20 mw      - memory write (fill)
  21 nand    - NAND sub-system
  22 nboot   - boot from NAND device
  23 nm      - memory modify (constant address)
  24 printenv- print environment variables
  25 rarpboot- boot image via network using RARP/TFTP protocol
  26 reset   - Perform RESET of the CPU
  27 run     - run commands in an environment variable
  28 saveenv - save environment variables to persistent storage
  29 setenv  - set environment variables
  30 signverify- signverify - verify the active image signature and decryption if needed.
  31 
  32 tftpboot- boot image via network using TFTP protocol
  33 ubi     - ubi commands
  34 upgrade - upgrade - forward/backward copy memory to pre-defined flash location
  35 
  36 version - print monitor version
  37 VR9 # 
  38 

   1 VR9 # version   
   2 
   3 U-Boot 2010.06-LANTIQ-v-2.2.46 (Dec 06 2013 - 02:39:45 on tester@clean-machine)

   1 VR9 # printenv  
   2 bootdelay=1
   3 baudrate=115200
   4 preboot=echo;echo Type \"run flash_nfs\" to mount root filesystem over NFS;echo
   5 bootfile="openrg.img"
   6 cert=-----BEGIN CERTIFICATE-----
   7 MIICtjCCAZ4CCQCCD6si8HRyjDANBgkqhkiG9w0BAQUFADAdMQswCQYDVQQGEwJV
   8 UzEOMAwGA1UEAxMFSnVuZ28wHhcNMTMxMjA1MjIzNjU0WhcNMzMxMjA1MjIzNjU0
   9 WjAdMQswCQYDVQQGEwJVUzEOMAwGA1UEAxMFSnVuZ28wggEiMA0GCSqGSIb3DQEB
  10 AQUAA4IBDwAwggEKAoIBAQDQupk1RFBIK7J980ya9oDpV1g+bg+g6tWW0GHX2sof
  11 xW5sF2NOvI73Y1hPDmfSfVeZSx8wWamb5Ihknm5hjP1fjrvXJ6iRoC9lbXgqYAV1
  12 Rc1JVpV69ZLFDQLhT9+4VFAMMRyVFcd0TqlPyhlg8QEbzzczSznpphlnI4ZnYiqn
  13 NNq1ZYNd4LIo7+W9is1ECi9oo02sPQN+k9NJWuM9BTSL8XfiAresYSSOZfiOnT3p
  14 w9ZDJMiXCT1sa80LRsIJpPceAJ5OzHiN598ERgApsk8uMCr5QFndtDW/d0QRVANJ
  15 EmjDtMcqg+JSdcMUgji6msE+0XFjFO+QnbxQPM+n53Q7AgMBAAEwDQYJKoZIhvcN
  16 AQEFBQADggEBABTmjDTqZMGNEBsvVWo8ZW3X4FLx3uOgIZG9zc5ZiaU08c9UExeo
  17 Tvei/mrHTLoxSI+nXDpP54FuKi6KIk87OWH/kS1HyXxoD9zmgXAbpqYMh//LzyKc
  18 +gwxBpS/XQJLxnl0YLDfk5SR1BZsPWegc3V8TmS0U5CdxsJ5SDalvTbJrJMwlV3y
  19 Z9xBPrtF5RGXwPDQICkX40u2vcvd8NkNa6OYb0Gcp7PfdwSmhmXXUY2btjjxORlF
  20 1eT7mGL1PkmhEsMoviroWT5gNRJbxQszVqNiwH3tcMvrVo2/IODgtFVNIsjFj36G
  21 YappoROYOJqf4JNcnSYUoR6tNyThYD7giNA=
  22 -----END CERTIFICATE-----
  23 -----BEGIN CERTIFICATE-----
  24 MIIE7jCCA9agAwIBAgIJAJ/y7ShWD/6pMA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD
  25 VQQGEwJVSzEQMA4GA1UECBMHU3VmZm9sazEQMA4GA1UEBxMHSXBzd2ljaDEnMCUG
  26 A1UEChMeQnJpdGlzaCBUZWxlY29tbXVuaWNhdGlvbnMgcGxjMRUwEwYDVQQLEwxD
  27 UEUgUGxhdGZvcm0xEzARBgNVBAMTCkRhdmUgSmFtZXMxIjAgBgkqhkiG9w0BCQEW
  28 E2RhdmUuZS5qYW1lc0BidC5jb20wHhcNMTMwMjAxMTE1MDQ2WhcNMzMwMjAxMTE1
  29 MDQ2WjCBqjELMAkGA1UEBhMCVUsxEDAOBgNVBAgTB1N1ZmZvbGsxEDAOBgNVBAcT
  30 B0lwc3dpY2gxJzAlBgNVBAoTHkJyaXRpc2ggVGVsZWNvbW11bmljYXRpb25zIHBs
  31 YzEVMBMGA1UECxMMQ1BFIFBsYXRmb3JtMRMwEQYDVQQDEwpEYXZlIEphbWVzMSIw
  32 IAYJKoZIhvcNAQkBFhNkYXZlLmUuamFtZXNAYnQuY29tMIIBIjANBgkqhkiG9w0B
  33 AQEFAAOCAQ8AMIIBCgKCAQEAwFjjDbl9/PIunU8BHu/5wg24DParZe5SnPWxG+aF
  34 51EWdhK0KamLU4ADxkdfRWLAufJsrt2b+AoG4qWwVjbE3HqPwXsrJNZoc6YBC0bB
  35 Hfy7/u4jo/kd3iTQwgkhTmHRjJdTp4CL8WKPKCDe5qO3SuERp8wglHHzA+Ea7dH2
  36 4KkEPK4wD8HAkX9wWhPipmxYIKG+YwjmQfeVggI6HgJ4gVHlol17ZjXiWFSoUTka
  37 ziYbYf/i8f+ayM8mNV27zJ0LjhY5E50EhzI5QXFIoDBYNNfQJYWNT/NDGx9mr4G4
  38 439XwK62yiG2CmNn6bjYlASqnMu0NHd6JcM7ASttVV4JiQIDAQABo4IBEzCCAQ8w
  39 HQYDVR0OBBYEFGAe/bZoesow/+DWuRz9gManNE/SMIHfBgNVHSMEgdcwgdSAFGAe
  40 /bZoesow/+DWuRz9gManNE/SoYGwpIGtMIGqMQswCQYDVQQGEwJVSzEQMA4GA1UE
  41 CBMHU3VmZm9sazEQMA4GA1UEBxMHSXBzd2ljaDEnMCUGA1UEChMeQnJpdGlzaCBU
  42 ZWxlY29tbXVuaWNhdGlvbnMgcGxjMRUwEwYDVQQLEwxDUEUgUGxhdGZvcm0xEzAR
  43 BgNVBAMTCkRhdmUgSmFtZXMxIjAgBgkqhkiG9w0BCQEWE2RhdmUuZS5qYW1lc0Bi
  44 dC5jb22CCQCf8u0oVg/+qTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IB
  45 AQCFzVvT9EH8h+xM2xg/85SLaNIAAPrPN3tTknLix4+/NseGczl788bdFehdEGy2
  46 2w27mBTxFIorGwM5z1etfr5a5AP5zEUbpRvJDZ47v5skQ0j7a73CxAiYD8NtqAZ8
  47 kcxxIGmqisOy9wIcgzXB8Ezap0+erxBYwFaz11VWoo0yjEvxYS66vq0u/2YlZJOj
  48 UkjRuycd+bz8hma3lP8TmOajxYyeVfUOd+x49Q/J2D5IEbyFhFjlS2Zs4VR6mR0R
  49 P7N4ZJptV+OLGKra7rnhtz20FEUfd0Ju0OoWd9h0DPN1M/h/OFdtrTKijEsGab2I
  50 VHKbpEVM7ObIIHGxmt6kWZho
  51 -----END CERTIFICATE-----
  52 
  53 mem=127M
  54 phym=128M
  55 ethaddr=00:E0:92:00:01:40
  56 netdev=eth0
  57 console=ttyS0
  58 tftppath=
  59 loadaddr=0x80800000
  60 rootpath=/mnt/full_fs
  61 rootfsmtd=/dev/mtdblock2
  62 nfsargs= setenv bootargs root=/dev/nfs rw nfsroot=$(serverip):$(rootpath)
  63 ramargs=setenv bootargs root=/dev/ram rw
  64 addip=setenv bootargs $(bootargs) ip=$(ipaddr):$(serverip):$(gatewayip):$(netmask):$(hostname):$(netdev):on
  65 addmisc=setenv bootargs $(bootargs) console=$(console),$(baudrate) ethaddr=$(ethaddr) phym=$(phym) mem=$(mem) panic=1 mtdparts=$(mtdparts) vpe1 
  66 flash_nfs=run nfsargs addip addmisc;bootm $(kernel_addr)
  67 net_nfs=tftp $(loadaddr) $(tftppath)$(bootfile);run nfsargs addip addmisc;bootm
  68 net_flash=tftp $(loadaddr) $(tftppath)$(bootfile); run flashargs addip addmisc; bootm
  69 net_ram=tftp $(loadaddr) $(tftppath)$(bootfile); bootm
  70 u-boot=u-boot.lq
  71 rootfs=rootfs.img
  72 firmware=firmware.img
  73 fullimage=fullimage.img
  74 totalimage=totalimage.img
  75 load=tftp $(loadaddr) $(u-boot)
  76 update=protect off 1:0-2;era 1:0-2;cp.b $(loadaddr) B0000000 $(filesize)
  77 flashargs=setenv bootargs root=$(rootfsmtd) ro rootfstype=squashfs init=/etc/preinit
  78 flash_flash=run flashargs addip addmisc; bootm $(kernel_addr)
  79 update_nandboot=tftp $(loadaddr) $(tftppath)u-boot-nand.bin; nand erase 0 0x100000; nand write.partial $(loadaddr) 0 $(filesize); reset
  80 ubi_init=setenv kernel_vol kernel;setenv rootfs_vol rootfs;setenv firmware_vol firmware;setenv kernel_id 0;setenv rootfs_id 1;setenv firmware_iw
  81 update_kernel=tftpboot $(loadaddr) $(tftppath)$(bootfile);upgrade $(loadaddr) $(filesize)
  82 update_bootloader=update_uboot;update gphyfirmware
  83 update_rootfs=tftpboot $(loadaddr) $(tftppath)$(rootfs); upgrade $(loadaddr) $(filesize)
  84 update_firmware=tftpboot $(loadaddr) $(tftppath)$(firmware);upgrade $(loadaddr) $(filesize)
  85 update_fullimage=tftpboot $(loadaddr) $(tftppath)$(fullimage);upgrade $(loadaddr) $(filesize)
  86 update_totalimage=tftpboot $(loadaddr) $(tftppath)$(totalimage);upgrade $(loadaddr) $(filesize)
  87 reset_uboot_config=nand write.partial 80400000 $(f_ubootconfig_addr) $(f_ubootconfig_size)
  88 reset_ddr_config=nand write.partial 80400000 $(f_ddrconfig_addr) $(f_ddrconfig_size)
  89 mtdparts=mtdparts=nand0:0x07e80000@0x100000(UBI)
  90 mtdids=nand0=nand0
  91 part0_begin=0x00000000
  92 part1_begin=0x00040000
  93 part2_begin=0x000C0000
  94 part3_begin=0x002C0000
  95 part4_begin=0x06C40000
  96 part5_begin=0x07040000
  97 part6_begin=0x07080000
  98 total_part=7
  99 flash_end=0x07FFFFFF
 100 data_block0=uboot
 101 data_block1=firmware
 102 data_block2=kernel
 103 data_block3=rootfs
 104 data_block4=sysconfig
 105 data_block5=ubootconfig
 106 data_block6=dectconfig
 107 total_db=7
 108 f_uboot_addr=0x00000000
 109 f_uboot_size=0
 110 f_ubootconfig_addr=0xA0000
 111 f_ubootconfig_size=0x20000
 112 f_ubootconfig_end=0x0704FFFF
 113 f_gphy_firmware_addr=IFX_CFG_FLASH_GPHY_FIRMWARE_IMAGE_START_ADDR
 114 f_gphy_firmware_size=IFX_CFG_FLASH_GPHY_FIRMWARE_IMAGE_SIZE
 115 f_gphy_firmware_end=IFX_CFG_FLASH_GPHY_FIRMWARE_IMAGE_END_ADDR
 116 f_kernel_addr=0x000C0000
 117 f_kernel_size=0
 118 f_kernel_end=IFX_CFG_FLASH_KERNEL_IMAGE_END_ADDR
 119 f_rootfs_addr=0x002C0000
 120 f_rootfs_size=0x6980000
 121 f_rootfs_end=IFX_CFG_FLASH_ROOTFS_IMAGE_END_ADDR
 122 f_firmware_addr=0x00040000
 123 f_firmware_size=0
 124 f_fwdiag_addr=IFX_CFG_FLASH_FIRMWARE_DIAG_START_ADDR
 125 f_fwdiag_size=IFX_CFG_FLASH_FIRMWARE_DIAG_SIZE
 126 f_sysconfig_addr=0x06C40000
 127 f_sysconfig_size=0x400000
 128 f_dectconfig_addr=0x07080000
 129 f_dectconfig_size=0x40000
 130 f_wlanconfig_addr= IFX_CFG_FLASH_WLAN_CFG_START_ADDR
 131 f_wlanconfig_size=IFX_CFG_FLASH_WLAN_CFG_SIZE
 132 f_ddrconfig_addr=0x000057E8
 133 f_ddrconfig_size=24
 134 f_ddrconfig_end=0x000057FF
 135 ethact=vr9 Switch
 136 ipaddr=192.168.1.1
 137 serverip=192.168.1.10
 138 bootcmd_openrg=ubi part UBI; dualimage; bootm $(openrg_start)
 139 bootcmd=ubi part UBI; ubi read $(loadaddr) kernel; bootm $(loadaddr)
 140 stdin=serial
 141 stdout=serial
 142 stderr=serial
 143 ver=U-Boot 2010.06-LANTIQ-v-2.2.46 (Dec 06 2013 - 02:39:45 on tester@clean-machine)
 144 partition=nand0,0
 145 mtddevnum=0
 146 mtddevname=UBI
 147 
 148 Environment size: 6831/131068 bytes

   1 sudo ip a add 192.168.1.10/24 dev bridge

   1 VR9 # tftpboot 0x81000000 lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin; bootm 0x81000000
   2 Using vr9 Switch device
   3 TFTP from server 192.168.1.10; our IP address is 192.168.1.1
   4 Filename 'lede-lantiq-xrx200-BTHOMEHUBV5A-installimage.bin'.
   5 Load address: 0x81000000
   6 Loading: #################################################################
   7          #################################################################
   8          #################################################################
   9          #################################################################
  10          #################################################################
  11          #################################################################
  12          #################################################################
  13          #################################################################
  14          #################################################################
  15          #################################################################
  16          #################################################################
  17          #############################################################
  18 done
  19 Bytes transferred = 11387322 (adc1ba hex)
  20 ## Booting kernel from Legacy Image at 81000000 ...
  21    Image Name:   MIPS LEDE Linux-4.4.92
  22    Created:      2017-10-17  17:46:20 UTC
  23    Image Type:   MIPS Linux Kernel Image (uncompressed)
  24    Data Size:    11387258 Bytes = 10.9 MiB
  25    Load Address: 80002000
  26    Entry Point:  80002000
  27    Verifying Checksum ... OK
  28    Loading Kernel Image ... OK
  29 OK
  30 
  31 Starting kernel ...
  32 
  33 [    0.000000] Linux version 4.4.92 (mkresin@desktop) (gcc version 5.4.0 (LEDE GCC 5.4.0 r3560-79f57e422d) ) #0 Tue Oct 17 17:46:20 2017
  34 [    0.000000] SoC: xRX200 rev 1.2
  35 [    0.000000] bootconsole [early0] enabled
  36 [    0.000000] CPU0 revision is: 00019556 (MIPS 34Kc)
  37 [    0.000000] MIPS: machine is BTHOMEHUBV5A - BT Home Hub 5A
  38 [    0.000000] Determined physical RAM map:
  39 [    0.000000]  memory: 08000000 @ 00000000 (usable)
  40 [    0.000000] Initrd not found or empty - disabling initrd
  41 [    0.000000] Zone ranges:
  42 [    0.000000]   Normal   [mem 0x0000000000000000-0x0000000007ffffff]
  43 [    0.000000] Movable zone start for each node
  44 [    0.000000] Early memory node ranges
  45 [    0.000000]   node   0: [mem 0x0000000000000000-0x0000000007ffffff]
  46 [    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000007ffffff]
  47 [    0.000000] Primary instruction cache 32kB, VIPT, 4-way, linesize 32 bytes.
  48 [    0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
  49 [    0.000000] Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 32512
  50 [    0.000000] Kernel command line: console=ttyLTQ0,115200
  51 [    0.000000] PID hash table entries: 512 (order: -1, 2048 bytes)
  52 [    0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes)
  53 [    0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes)
  54 [    0.000000] Writing ErrCtl register=00048046
  55 [    0.000000] Readback ErrCtl register=00048046
  56 [    0.000000] Memory: 117460K/131072K available (3778K kernel code, 162K rwdata, 792K rodata, 7412K init, 210K bss, 13612K reserved, 0K cma-re)
  57 [    0.000000] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
  58 [    0.000000] NR_IRQS:256
  59 [    0.000000] Setting up vectored interrupts
  60 [    0.000000] CPU Clock: 500MHz
  61 [    0.000000] clocksource: MIPS: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041786 ns
  62 [    0.000010] sched_clock: 32 bits at 250MHz, resolution 4ns, wraps every 8589934590ns
  63 [    0.007856] Calibrating delay loop... 332.54 BogoMIPS (lpj=665088)
  64 [    0.042316] pid_max: default: 32768 minimum: 301
  65 [    0.047157] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
  66 [    0.053723] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
  67 [    0.066632] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
  68 [    0.076277] futex hash table entries: 256 (order: -1, 3072 bytes)
  69 [    0.082481] pinctrl core: initialized pinctrl subsystem
  70 [    0.088323] NET: Registered protocol family 16
  71 [    0.097144] pinctrl-xway 1e100b10.pinmux: Init done
  72 [    0.102666] dma-xway 1e104100.dma: Init done - hw rev: 7, ports: 7, channels: 28
  73 [    0.212595] dcdc-xrx200 1f106a00.dcdc: Core Voltage : 1016 mV
  74 [    0.218341] Can't analyze schedule() prologue at 80008f30
  75 [    0.232232] PCI host bridge /fpi@10000000/pci@E105400 ranges:
  76 [    0.237840]  MEM 0x0000000018000000..0x0000000019ffffff
  77 [    0.243126]   IO 0x000000001ae00000..0x000000001affffff
  78 [    0.366187] PCI host bridge /fpi@10000000/pcie@d900000 ranges:
  79 [    0.385197] usbcore: registered new interface driver usbfs
  80 [    0.390684] usbcore: registered new interface driver hub
  81 [    0.396050] usbcore: registered new device driver usb
  82 [    0.401470] PCI host bridge to bus 0000:00
  83 [    0.405461] pci_bus 0000:00: root bus resource [mem 0x18000000-0x19ffffff]
  84 [    0.412368] pci_bus 0000:00: root bus resource [io  0x1ae00000-0x1affffff]
  85 [    0.419312] pci_bus 0000:00: root bus resource [??? 0x00000000 flags 0x0]
  86 [    0.426168] pci_bus 0000:00: No busn resource found for root bus, will use [bus 00-ff]
  87 [    0.434684] pci 0000:00:0e.0: BAR 0: assigned [mem 0x18000000-0x1800ffff]
  88 [    0.441566] PCI host bridge to bus 0000:01
  89 [    0.445549] pci_bus 0000:01: root bus resource [mem 0x1c000000-0x1cffffff]
  90 [    0.452462] pci_bus 0000:01: root bus resource [io  0x1d800000-0x1d8fffff]
  91 [    0.459406] pci_bus 0000:01: root bus resource [??? 0x00000000 flags 0x0]
  92 [    0.466262] pci_bus 0000:01: No busn resource found for root bus, will use [bus 01-ff]
  93 [    0.474325] ifx_pcie_rc_class_early_fixup: fixed pcie host bridge to pci-pci bridge
  94 [    0.492363] pci 0000:01:00.0: bridge configuration invalid ([bus 02-00]), reconfiguring
  95 [    0.501131] pci 0000:01:00.0: BAR 8: assigned [mem 0x1c000000-0x1c1fffff]
  96 [    0.507810] pci 0000:01:00.0: BAR 9: assigned [mem 0x1c200000-0x1c2fffff pref]
  97 [    0.515079] pci 0000:02:00.0: BAR 0: assigned [mem 0x1c000000-0x1c1fffff 64bit]
  98 [    0.522477] pci 0000:02:00.0: BAR 6: assigned [mem 0x1c200000-0x1c20ffff pref]
  99 [    0.529742] pci 0000:01:00.0: PCI bridge to [bus 02]
 100 [    0.534778] pci 0000:01:00.0:   bridge window [mem 0x1c000000-0x1c1fffff]
 101 [    0.541635] pci 0000:01:00.0:   bridge window [mem 0x1c200000-0x1c2fffff pref]
 102 [    0.549001] ifx_pcie_bios_map_irq port 0 dev 0000:01:00.0 slot 0 pin 1 
 103 [    0.555606] ifx_pcie_bios_map_irq dev 0000:01:00.0 irq 144 assigned
 104 [    0.561948] ifx_pcie_bios_map_irq port 0 dev 0000:02:00.0 slot 0 pin 1 
 105 [    0.568614] ifx_pcie_bios_map_irq dev 0000:02:00.0 irq 144 assigned
 106 [    0.575753] clocksource: Switched to clocksource MIPS
 107 [    0.581994] NET: Registered protocol family 2
 108 [    0.587124] TCP established hash table entries: 1024 (order: 0, 4096 bytes)
 109 [    0.594010] TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
 110 [    0.600392] TCP: Hash tables configured (established 1024 bind 1024)
 111 [    0.606896] UDP hash table entries: 256 (order: 0, 4096 bytes)
 112 [    0.612741] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
 113 [    0.619289] NET: Registered protocol family 1
 114 [    0.750226] gptu: totally 6 16-bit timers/counters
 115 [    0.755062] gptu: misc_register on minor 63
 116 [    0.759156] gptu: succeeded to request irq 126
 117 [    0.763645] gptu: succeeded to request irq 127
 118 [    0.768160] gptu: succeeded to request irq 128
 119 [    0.772672] gptu: succeeded to request irq 129
 120 [    0.777185] gptu: succeeded to request irq 130
 121 [    0.781699] gptu: succeeded to request irq 131
 122 [    0.786527] phy-xrx200 gphy-xrx200: requesting lantiq/vr9_phy11g_a2x.bin
 123 [    0.793849] phy-xrx200 gphy-xrx200: booting GPHY0 firmware at 7DA0000
 124 [    0.800179] phy-xrx200 gphy-xrx200: booting GPHY1 firmware at 7DA0000
 125 [    0.906906] No VPEs reserved for AP/SP, not initialize VPE loader
 126 [    0.906906] Pass maxvpes=<n> argument as kernel argument
 127 [    0.918258] No TCs reserved for AP/SP, not initializing RTLX.
 128 [    0.918258] Pass maxtcs=<n> argument as kernel argument
 129 [    0.930094] Crashlog allocated RAM at address 0x3f00000
 130 [    0.954224] squashfs: version 4.0 (2009/01/31) Phillip Lougher
 131 [    0.959950] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
 132 [    0.973688] io scheduler noop registered
 133 [    0.977494] io scheduler deadline registered (default)
 134 [    0.983297] 1e100c00.serial: ttyLTQ0 at MMIO 0x1e100c00 (irq = 112, base_baud = 0) is a lantiq,asc
 135 [    0.992189] console [ttyLTQ0] enabled
 136 [    0.992189] console [ttyLTQ0] enabled
 137 [    0.999517] bootconsole [early0] disabled
 138 [    0.999517] bootconsole [early0] disabled
 139 [    1.010669] nand: device found, Manufacturer ID: 0x01, Chip ID: 0xf1
 140 [    1.015623] nand: AMD/Spansion S34ML01G1
 141 [    1.019510] nand: 128 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 64
 142 [    1.027561] Bad block table found at page 65472, version 0x01
 143 [    1.033473] Bad block table found at page 65408, version 0x01
 144 [    1.038787] 5 ofpart partitions found on MTD device 14000000.nand-parts
 145 [    1.045220] Creating 5 MTD partitions on "14000000.nand-parts":
 146 [    1.051116] 0x000000000000-0x0000000a0000 : "u-boot"
 147 [    1.057847] 0x0000000a0000-0x0000000c0000 : "uboot-env"
 148 [    1.063686] 0x0000000c0000-0x000000100000 : "unused"
 149 [    1.069343] 0x000000100000-0x000007f80000 : "ubi"
 150 [    1.074999] 0x000000000000-0x000008000000 : "nand_chip"
 151 [    1.184128] libphy: lantiq,xrx200-mdio: probed
 152 [    1.195818] net-xrx200: invalid MAC, using random
 153 [    1.260483] eth0: attached PHY [Lantiq XWAY PEF7071] (phy_addr=0:00, irq=-1)
 154 [    1.328455] eth0: attached PHY [Lantiq XWAY PEF7071] (phy_addr=0:01, irq=-1)
 155 [    1.396440] eth0: attached PHY [Lantiq XWAY VR9 GPHY 11G v1.4] (phy_addr=0:11, irq=-1)
 156 [    1.464439] eth0: attached PHY [Lantiq XWAY VR9 GPHY 11G v1.4] (phy_addr=0:13, irq=-1)
 157 [    1.532456] eth0: attached PHY [Lantiq XWAY PEF7071] (phy_addr=0:05, irq=-1)
 158 [    1.639789] ltq-cputemp cputemp@0: Current CPU die temperature: 46.0 °C
 159 [    1.645314] wdt 1f8803f0.watchdog: Init done
 160 [    1.652748] NET: Registered protocol family 10
 161 [    1.661748] NET: Registered protocol family 17
 162 [    1.664886] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this.
 163 [    1.677400] 8021q: 802.1Q VLAN Support v1.8
 164 [    1.685693] UBI: auto-attach mtd3
 165 [    1.687374] ubi0: attaching mtd3
 166 [    1.853790] ubi0: scanning is finished
 167 [    1.867628] ubi0: attached mtd3 (name "ubi", size 126 MiB)
 168 [    1.871709] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 129024 bytes
 169 [    1.878554] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 512
 170 [    1.885255] ubi0: VID header offset: 512 (aligned 512), data offset: 2048
 171 [    1.892043] ubi0: good PEBs: 1012, bad PEBs: 0, corrupted PEBs: 0
 172 [    1.898136] ubi0: user volume: 1, internal volumes: 1, max. volumes count: 128
 173 [    1.905364] ubi0: max/mean erase counter: 400/282, WL threshold: 4096, image sequence number: 1019015774
 174 [    1.914849] ubi0: available PEBs: 987, total reserved PEBs: 25, PEBs reserved for bad PEB handling: 20
 175 [    1.924692] ubi0: background thread "ubi_bgt0d" start[    1.952404] Freeing unused kernel memory: 7412K
 176 [    1.970683] init: Console is alive
 177 [    1.972972] init: - watchdog -
 178 [    1.984852] kmodloader: loading kernel modules from /etc/modules-boot.d/*
 179 [    1.996418] exFAT: Version 1.2.9
 180 [    2.032042] SCSI subsystem initialized
 181 [    2.041817] dwc2 1e101000.ifxhcd: requested GPIO 495
 182 [    2.899940] dwc2 1e101000.ifxhcd: DWC OTG Controller
 183 [    2.903534] dwc2 1e101000.ifxhcd: new USB bus registered, assigned bus number 1
 184 [    2.910860] dwc2 1e101000.ifxhcd: irq 62, io mem 0x00000000
 185 [    2.916379] dwc2 1e101000.ifxhcd: Hardware does not support descriptor DMA mode -
 186 [    2.923819] dwc2 1e101000.ifxhcd: falling back to buffer DMA mode.
 187 [    2.931284] hub 1-0:1.0: USB hub found
 188 [    2.934268] hub 1-0:1.0: 1 port detected
 189 [    2.941753] usbcore: registered new interface driver usb-storage
 190 [    2.947205] kmodloader: done loading kernel modules from /etc/modules-boot.d/*
 191 [    2.956808] init: - preinit -
 192 [    3.126232] random: procd: uninitialized urandom read (4 bytes read, 13 bits of entropy available)
 193 Press the [f] key and hit [enter] to enter failsafe mode
 194 Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level
 195 [    4.463898] eth0: port 4 got link
 196 [    6.281305] procd: - early -
 197 [    6.282899] procd: - watchdog -
 198 [    6.463781] eth0: port 4 lost link
 199 [    6.847919] procd: - watchdog -
 200 [    6.850063] procd: - ubus -
 201 [    6.902798] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 202 [    6.910897] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 203 [    6.919431] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 204 [    6.928723] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 205 [    6.937403] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 206 [    6.946544] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 207 [    6.955513] random: ubusd: uninitialized urandom read (4 bytes read, 28 bits of entropy available)
 208 [    6.964726] procd: - init -
 209 Please press Enter to activate this console.
 210 [    7.143513] kmodloader: loading kernel modules from /etc/modules.d/*
 211 [    7.164503] kmodloader: done loading kernel modules from /etc/modules.d/*
 212 [    8.349749] random: jshn: uninitialized urandom read (4 bytes read, 34 bits of entropy available)
 213 [    8.415682] random: jshn: uninitialized urandom read (4 bytes read, 34 bits of entropy available)
 214 [   11.990047] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
 215 [   12.013700] device eth0 entered promiscuous mode
 216 [   12.049481] device eth0.1 entered promiscuous mode
 217 [   12.066598] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
 218 [   12.468012] eth0: port 4 got link
 219 [   12.470049] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
 220 [   12.487896] br-lan: port 1(eth0.1) entered forwarding state
 221 [   12.492134] br-lan: port 1(eth0.1) entered forwarding state
 222 [   12.523801] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
 223 [   14.495761] br-lan: port 1(eth0.1) entered forwarding state
 224 [   32.031805] random: nonblocking pool is initialized
 225 
 226 
 227 
 228 BusyBox v1.25.1 () built-in shell (ash)
 229 
 230 *******************************************************************************
 231 *        Guide for installing LEDE onto a BT Home Hub 5 Type A & clones       *
 232 *******************************************************************************
 233 
 234 You need an USB flash drive with at least 512MB free capacity, formatted as
 235 FAT32, exFAT or ext2/3/4, attached to the Hub. The attached flash drive will be
 236 accessible at /tmp/mounts/<directory>.
 237 
 238 To install LEDE, the USB flash drive must have a copy of the file:
 239   lede-17.01.4-lantiq-xrx200-BTHOMEHUBV5A-squashfs-sysupgrade.bin
 240 
 241 To restore the stock Firmware, the USB flash drive must have a copy of the
 242 nanddump backup file (hh5a.nanddump) containing the stock Firmware.
 243 
 244 LIST OF COMMANDS
 245 
 246   To create a backup of the installed firmware (Take care to not overwrite
 247   any previously made backup):
 248       nanddump --file /tmp/mounts/<directory>/hh5a.nanddump /dev/mtd4
 249 
 250   To install LEDE:
 251       prepare
 252 
 253   To restore stock firmware:
 254       restore
 255 
 256 TO UPGRADE FROM OpenWrt OR LEDE PRIOR TO r2363-0e34459e6b:
 257 
 258   Restore the stock firmware and do a fresh install of LEDE.
 259 
 260 If you don't have a backup of the stock firmware from your Hub, use the
 261 experimental 'migrate' script. It is offered with no guarantee of success. 
 262 You are strongly advised to restore the stock firmware.
 263 
 264 Please scroll back to view ALL of the above instructions.
 265 
 266 root@LEDE:/# 
 267 root@LEDE:/# df -h
 268 Filesystem                Size      Used Available Use% Mounted on
 269 rootfs                   57.4M      7.1M     50.2M  12% /
 270 tmpfs                    61.0M     56.0K     60.9M   0% /tmp
 271 tmpfs                   512.0K         0    512.0K   0% /dev
 272 root@LEDE:/# cat /etc/openwrt_release 
 273 DISTRIB_ID='LEDE'
 274 DISTRIB_RELEASE='17.01.4'
 275 DISTRIB_REVISION='r3560-79f57e422d'
 276 DISTRIB_CODENAME='reboot'
 277 DISTRIB_TARGET='lantiq/xrx200'
 278 DISTRIB_ARCH='mips_24kc'
 279 DISTRIB_DESCRIPTION='LEDE Reboot 17.01.4 r3560-79f57e422d'
 280 DISTRIB_TAINTS='no-all'

ipaddr=192.168.1.1
   1 cd /srv/tftp
   2 https://downloads.openwrt.org/snapshots/targets/lantiq/xrx200/openwrt-lantiq-xrx200-bt_homehub-v5a-squashfs-sysupgrade.bin
   3 scp -o "KexAlgorithms +diffie-hellman-group14-sha1" \
   4         /srv/tftp/homehub_v5a/openwrt-lantiq-xrx200-bt_homehub-v5a-squashfs-sysupgrade.bin \
   5         192.168.1.1:/tmp

   1 root@LEDE:/# sysupgrade /tmp/openwrt-lantiq-xrx200-bt_homehub-v5a-squashfs-sysupgrade.bin 
   2 Device BTHOMEHUBV5A not supported by this image
   3 Supported devices: bt,homehub-v5a BTHOMEHUBV5A - Image version mismatch: image 1.1, device 1.0. Please wipe config during upgrade (force required) or reinstall. Reason: Config cannot be migrated from swconfig to DSA
   4 Image check 'fwtool_check_image' failed.

   1 root@LEDE:/# sysupgrade -v -F -n /tmp/openwrt-lantiq-xrx200-bt_homehub-v5a-squashfs-sysupgrade.bin 
   2 Device BTHOMEHUBV5A not supported by this image
   3 Supported devices: bt,homehub-v5a BTHOMEHUBV5A - Image version mismatch: image 1.1, device 1.0. Please wipe config during upgrade (force required) or reinstall. Reason: Config cannot be migrated from swconfig to DSA
   4 Image check 'fwtool_check_image' failed but --force given - will update anyway!
   5 killall: watchdog: no process killed
   6 Watchdog handover: fd=3
   7 - watchdog -
   8 killall: telnetd: no process killed
   9 Sending TERM to remaining processes ... ubusd logd netifd odhcpd mountd ntpd dnsmasq 
  10 Sending KILL to remaining processes ... 
  11 Volume ID 0, size 21 LEBs (2709504 bytes, 2.6 MiB), LEB size 129024 bytes (126.0 KiB), dynamic, name "kernel", alignment 1
  12 Volume ID 1, size 33 LEBs (4257792 bytes, 4.1 MiB), LEB size 129024 bytes (126.0 KiB), dynamic, name "rootfs", alignment 1
  13 Set volume size to 120379392
  14 Volume ID 2, size 933 LEBs (120379392 bytes, 114.8 MiB), LEB size 129024 bytes (126.0 KiB), dynamic, name "rootfs_data", alignment 1
  15 sysupgrade successful
  16 umount: can't unmount /dev: Resource busy
  17 umount: can't unmount /tmp: Resource busy
  18 umount: can't unmoun[ 3161.612532] reboot: Re�
  19 ROM VER: 1.1.4
  20 CFG 06
  21 NAND
  22 NAND Read OK
  23 
  24 DDR autotuning Rev 0.3d
  25 DDR size from 0xa0000000 - 0xa7ffffff
  26 DDR check ok... start booting...
  27 
  28 
  29 
  30 U-Boot 2010.06-LANTIQ-v-2.2.46 (Dec 06 2013 - 02:39:45 on tester@clean-machine)
  31 
  32 CLOCK CPU 500M RAM 250M
  33 secure boot
  34 DRAM:  125 MiB
  35 NAND:  ONFI flash detected
  36 ONFI param page 0 valid
  37 NAND device: Manufacturer ID: 0x01, Chip ID: 0xf1 (AMD S34ML01G1)
  38 128 MiB
  39 Bad block table found at page 65472, version 0x01
  40 Bad block table found at page 65408, version 0x01
  41 In:    serial
  42 Out:   serial
  43 Err:   serial
  44 Net:   Internal phy(GE) firmware version: 0x841b
  45 vr9 Switch
  46 
  47 Type "run flash_nfs" to mount root filesystem over NFS
  48 …

/etc/config/network
   1 config interface 'lan'
   2         option device 'br-lan'
   3         option proto 'dhcp'
   4         #option proto 'static'
   5         #option ipaddr '192.168.1.1'
   6         #option netmask '255.255.255.0'
   7         #option ip6assign '60'
   8 

   1 /etc/init.d/network restart

/etc/config/dhcp
   1 config dhcp 'lan'
   2         option ignore '1'
   3         option interface 'lan'
   4         option start '100'
   5         option limit '150'
   6         option leasetime '12h'
   7         option dhcpv4 'server'
   8         option dhcpv6 'server'
   9         option ra 'server'
  10         option ra_slaac '1'
  11         list ra_flags 'managed-config'
  12         list ra_flags 'other-config'

   1 /etc/init.d/odhcpd restart

6,192.168.2.1,6,192.168.3.1
121,192.168.2.0/24,192.168.1.1
42,192.168.182.1
119,lan,foo
66,192.168.182.16
67,pxelinux.0
209,pxelinux.cfg
/etc/config/dhcp
   1 config dhcp 'lan'
   2         option interface 'lan'
   3         option start '100'
   4         option limit '150'
   5         option leasetime '12h'
   6         option dhcpv4 'server'
   7         list ra_flags 'none'
   8         list dhcp_option '6,192.168.2.1,192.168.3.1'
   9         list dhcp_option '121,192.168.2.0/24,192.168.1.1'
  10         # ADDITIONAL OPTIONS OMITTED
  11 

/etc/config/dhcp
/var/etc/dnsmasq.conf.cfg*
man dnsmasq
dnsmasq -C /var/etc/dnsmasq.conf.cfg* --test
pgrep dnsmasq |xargs -n1 kill -HUP
pgrep dnsmasq |xargs -n1 kill -USR1
   1 log-queries=extra
   2 ### LOG TO FILE
   3 #log-facility=/var/log/dnsmasq.log
   4 ### LOG TO STDOUT
   5 log-facility=-

   1 tail -f /var/log/dnsmasq.log

   1 /etc/init.d/dnsmasq stop;
   2 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid

CTRL + ALTgr + \
--strict-order
filterwin2k
man dnsmasq
   1        -f, --filterwin2k
   2               Later versions of windows make periodic DNS  requests
   3               which  don't get sensible answers from the public DNS
   4               and can cause problems by  triggering  dial-on-demand
   5               links.  This  flag  turns on an option to filter such
   6               requests. The requests blocked  are  for  records  of
   7               types  SOA  and SRV, and type ANY where the requested
   8               name has underscores, to catch LDAP requests.

/etc/config/dhcp
   1 config dnsmasq
   2         option filterwin2k '0'

/
//
   1 opkg update
   2 ### EITHER WITH CURL
   3 opkg install luci-app-ddns bind-host curl ca-bundle
   4 ### OR WITH WGET
   5 opkg install luci-app-ddns bind-host wget ca-certificates

bind-host
error: 8
curl
/etc/config/ddns
   1 config service "ipv4ddns"
   2     option enabled "1"
   3     option interface "wan"
   4     option use_syslog "1"
   5 
   6     option update_url "http://[USERNAME]:[PASSWORD]@ipv4.nsupdate.rockstable.it/nic/update?hostname=[DOMAIN]&myip=[IP]"
   7     option ip_source "web"
   8     option ip_url "http://ipv4.nsupdate.rockstable.it/myip"
   9 
  10     option domain "blubb.dyna.rockstable.org"
  11     option username "blubb.dyna.rockstable.org"
  12     option password "strong_long_pass"
  13 
  14     # for https support, first install wget with ssl support and
  15     # a current (and working) bundle of CA certificates:
  16     # opkg install wget
  17     # mkdir -p /etc/ssl/certs
  18     # wget -P /etc/ssl/certs http://curl.haxx.se/ca/cacert.pem
  19     option use_https "1"
  20     option cacert "/etc/ssl/certs/cacert.pem"
  21     #option cacert "/etc/ssl/certs/ca-certificates.crt"
  22 

   1 opkg install luci-app-adblock uclient-fetch libustream-openssl

/etc/config/adblock
   1 config adblock 'global'
   2         option adb_dns 'dnsmasq'
   3         option adb_fetchutil 'uclient-fetch'
   4         option adb_trigger 'wan'
   5         option adb_debug '0'
   6         option adb_whitelist '/etc/adblock/adblock.whitelist'
   7         option adb_whitelist_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\"^\"\$1\"\\\|[.]\"\$1)}'
   8         option adb_backup '0'
   9         option adb_backupdir '/mnt'
  10         option adb_enabled '1'
  11 
  12 config adblock 'extra'
  13         option adb_debug '0'
  14         option adb_nice '0'
  15         option adb_whitelist '/etc/adblock/adblock.whitelist'
  16         option adb_maxqueue '16'
  17         option adb_forcedns '0'
  18         option adb_forcesrt '1'
  19 
  20 ### LIST SPECIFIC CONFIG OMITTED
  21 

adb_dnsflush = '1'
   1 opkg install luci-app-wol

   1 ### ON OLDER SYSTEMS
   2 #opkg install luci-app-samba
   3 ### ON CURRENT SYSTEMS
   4 opkg install luci-app-samba4

/srv
   1 groupadd --system samba
   2 [ -d /srv/samba ] && mkdir /srv/samba
   3 ### EXAMPLES
   4 ### DIRECTORY FOR YOUR MUSIC COLLECTION
   5 [ -d /srv/samba/music ] && mkdir /srv/samba/music
   6 chgrp samba /srv/samba/music
   7 ### SET SETGID BIT,
   8 ### SO EVERY DIRECTORY AND FILE THAT IS CREATED BELOW
   9 ### BELONGS TO GROUP SAMBA
  10 ### AND GROUP SAMBA IS ALWAYS ALLOWED
  11 ### TO READ AND WRITE BY THE CREATION MASK IN SAMBA
  12 chmod 2775 /srv/samba/music
  13 
  14 ### DIRECTORY FOR TEMPORARY NETWORK STORAGE
  15 [ -d /srv/samba/tmp ] && mkdir /srv/samba/tmp
  16 chgrp samba /srv/samba/tmp
  17 ### LETS SEE IF SETGID (2) AND STICKY BIT (1) WORKOUT WELL
  18 chmod 3750 /srv/samba/tmp

   1 useradd -c 'Printer Gargantua,,,' \
   2         --system -s /bin/false \
   3         -d /srv/samba/gargantua -m \
   4         gargantua

   1 ### HOME DIRECTORIES
   2 [ -d /srv/home ] && mkdir /srv/home
   3 ln -s /srv/home /home
   4 ### CREATE A USER AND ITS GROUP,
   5 ### MAKE THE USER ADDITIONALLY MEMBER OF GROUP SAMBA,
   6 ### DISALLOW A SYSTEM LOGIN AND
   7 ### CREATE ITS HOME-DIRECTORY
   8 useradd -c 'Tobias Stein,,,' -G samba -s /bin/false -m tobias
   9 ### IF YOU WANT TO REMOVE THE USER
  10 userdel -r tobias

   1 smbpasswd -a tobias
   2 smbpasswd -e tobias
   3 smbpasswd -a gargantua
   4 smbpasswd -e gargantua
   5 #…
   6 

   1 service samba4 enable

   1 opkg install luci-app-wireguard qrencode

wg0
Wireguard-VPN
udp/51820
VPN
Input
Output
Forward
VPN
WAN
LAN
GUEST
wan
udp/51820
wg0
ADD
/etc/network/config
   1 config interface 'wg0'
   2         option proto 'wireguard'
   3         ### SERVER PRIVATE KEY
   4         option private_key '2C/6rN9Tj5thhJZY6kkvUVyc1BQ12kOgSGEkN6757XY='
   5         list addresses '10.255.255.1/24'
   6         option listen_port '51820'
   7 
   8 config wireguard_wg0
   9         option description 'test'
  10         ### CLIENT PUBLIC KEY
  11         option public_key 'HR4MQkH/+pMVdXyvLC/iUcTgpCo674CSU+4IDAGgahs='
  12         option preshared_key '4MlwfdGzVo3FfTMEERMhYxu/hzNIA3i0RXuFYkIKTZg='
  13         list allowed_ips '10.255.255.254'
  14         option route_allowed_ips '1'

/etc/network/firewall
   1 config rule
   2         option target 'ACCEPT'
   3         option src 'wan'
   4         option proto 'udp'
   5         option name 'Allow-WireGuard-VPN'
   6         option dest_port '51820'
   7 
   8 config zone
   9         option input 'ACCEPT'
  10         option output 'ACCEPT'
  11         option name 'vpn'
  12         option forward 'ACCEPT'
  13         option network 'wg0'
  14 
  15 config forwarding
  16         option dest 'guest'
  17         option src 'vpn'
  18 
  19 config forwarding
  20         option dest 'lan'
  21         option src 'vpn'
  22 
  23 config forwarding
  24         option dest 'wan'
  25         option src 'vpn'

   1 uci commit network
   2 uci commit firewall

man -P "less -p 'NETMAP'" iptables-extensions
   1 opkg install iptables-mod-nat-extra kmod-ipt-nat-extra

   1 iptables -t nat -A zone_vpn_postrouting -s 192.168.1.0/24 -d 192.168.182.0/24 -j NETMAP --to 192.168.191.0/24
   2 iptables -t nat -A zone_vpn_prerouting -s 192.168.182.0/24 -d 192.168.191.0/24 -j NETMAP --to 192.168.1.0/24

   1 iptables -t nat -vnxL zone_vpn_postrouting
   2 iptables -t nat -vnxL zone_vpn_prerouting

   1 tcpdump -ni wg0 'not port ssh'
   2 while sleep 1; do ping -c4 -W2 192.168.191.1; done

/etc/firewall.user
   1 # This file is interpreted as shell script.
   2 # Put your custom iptables rules here, they will
   3 # be executed with each firewall (re-)start.
   4 
   5 # Internal uci firewall chains are flushed and recreated on reload, so
   6 # put custom rules into the root chains e.g. INPUT or FORWARD or into the
   7 # special user chains, e.g. input_wan_rule or postrouting_lan_rule.
   8 iptables -t nat -A zone_vpn_postrouting -s 192.168.1.0/24 -d 192.168.182.0/24 -j NETMAP --to 192.168.191.0/24
   9 iptables -t nat -A zone_vpn_prerouting -s 192.168.182.0/24 -d 192.168.191.0/24 -j NETMAP --to 192.168.1.0/24

/etc/init.d/firewall restart
reboot
wg0
/etc/samba/smb.conf.template
   1 [global]
   2         netbios name = |NAME| 
   3         #interfaces = |INTERFACES|
   4         interfaces = br-lan 10.255.255.1/24
   5         server string = |DESCRIPTION|
   6         unix charset = |CHARSET|
   7         workgroup = |WORKGROUP|
   8 
   9         #…

   1 opkg update
   2 opkg list '*openvpn*'
   3 opkg install luci-app-openvpn
   4 opkg install openvpn-openssl openvpn-easy-rsa

/etc/openvpn/openvpn_defaults.sh
   1 # Configuration parameters
   2 OVPN_DIR="/etc/openvpn"
   3 OVPN_PKI="/etc/easy-rsa/pki"
   4 OVPN_PORT="1194"
   5 OVPN_PROTO="udp"
   6 OVPN_POOL="192.168.100.0 255.255.255.0"
   7 OVPN_DNS="${OVPN_POOL%.* *}.1"
   8 OVPN_DOMAIN="$(uci get dhcp.@dnsmasq[0].domain)"
   9 OVPN_SERV_MANUAL="false"
  10 #OVPN_SERV_MANUAL="IP.ADD.RE.SS"
  11 
  12 # Fetch WAN IP address
  13 . /lib/functions/network.sh
  14 network_flush_cache
  15 network_find_wan NET_IF
  16 network_get_ipaddr NET_ADDR "${NET_IF}"
  17 OVPN_SERV="${NET_ADDR}"
  18 
  19 # Fetch FQDN from DDNS client
  20 NET_FQDN="$(uci -q get ddns.@service[0].lookup_host)"
  21 if [ -n "${NET_FQDN}" ]
  22 then OVPN_SERV="${NET_FQDN}"
  23 fi
  24 
  25 # Override server address manually
  26 if [ "${OVPN_SERV_MANUAL}" != "false" ] \
  27 && [ -n "${OVPN_SERV_MANUAL}" ]
  28 then OVPN_SERV="OVPN_SERV_MANUAL"
  29 fi

/sbin/openvpn_pki.sh
   1 # Configuration parameters
   2 export EASYRSA_PKI="${OVPN_PKI}"
   3 export EASYRSA_REQ_CN="ovpnca"
   4 export EASYRSA_BATCH="1"
   5 
   6 # Remove and re-initialize PKI directory
   7 easyrsa init-pki
   8 
   9 # Generate DH parameters
  10 easyrsa gen-dh
  11 
  12 # Create a new CA
  13 easyrsa build-ca nopass
  14 
  15 # Generate server keys and certificate
  16 easyrsa build-server-full server nopass
  17 openvpn --genkey tls-crypt-v2-server ${EASYRSA_PKI}/private/server.pem
  18 
  19 # Create OVPN_DIR
  20 if [ ! -d "$OVPN_DIR" ]; then
  21 UMASK_OLD="$(umask)"
  22 umask go=
  23 mkdir "$OVPN_DIR"
  24 umask "$UMASK_OLD"
  25 fi
  26 
  27 # Generate ta.key
  28 if [ ! -f "$OVPN_DIR/ta.key" ]
  29 UMASK_OLD="$(umask)"
  30 then openvpn --genkey --secret "$OVPN_DIR/ta.key"
  31 umask "$UMASK_OLD"
  32 fi

   1 CLIENT=username
   2 easyrsa build-client-full client nopass
   3 openvpn --tls-crypt-v2 ${EASYRSA_PKI}/private/server.pem \
   4         --genkey tls-crypt-v2-client \
   5         ${EASYRSA_PKI}/private/client.pem

   1 

   1 uci rename firewall.@zone[0]="lan"
   2 uci rename firewall.@zone[1]="wan"
   3 uci del_list firewall.lan.device="tun+"
   4 uci add_list firewall.lan.device="tun+"
   5 uci -q delete firewall.ovpn
   6 uci set firewall.ovpn="rule"
   7 uci set firewall.ovpn.name="Allow-OpenVPN"
   8 uci set firewall.ovpn.src="wan"
   9 uci set firewall.ovpn.dest_port="${OVPN_PORT}"
  10 uci set firewall.ovpn.proto="${OVPN_PROTO}"
  11 uci set firewall.ovpn.target="ACCEPT"
  12 uci commit firewall
  13 /etc/init.d/firewall restart

/sbin/openvpn_configure
   1 #!/bin/sh
   2 umask go=
   3 OVPN_DH="$(cat ${OVPN_PKI}/dh.pem)"
   4 OVPN_CA="$(openssl x509 -in ${OVPN_PKI}/ca.crt)"
   5 ls ${OVPN_PKI}/issued \
   6         |sed -e "s/\.\w*$//" \
   7         |while read -r OVPN_ID
   8 do
   9 OVPN_TC="$(cat ${OVPN_PKI}/private/${OVPN_ID}.pem)"
  10 OVPN_KEY="$(cat ${OVPN_PKI}/private/${OVPN_ID}.key)"
  11 OVPN_CERT="$(openssl x509 -in ${OVPN_PKI}/issued/${OVPN_ID}.crt)"
  12 OVPN_EKU="$(echo "${OVPN_CERT}" | openssl x509 -noout -purpose)"
  13 case ${OVPN_EKU} in
  14 (*"SSL server : Yes"*)
  15 OVPN_CONF="${OVPN_DIR}/${OVPN_ID}.conf"
  16 cat << EOF > ${OVPN_CONF} ;;
  17 user nobody
  18 group nogroup
  19 dev tun
  20 port ${OVPN_PORT}
  21 proto ${OVPN_PROTO}
  22 server ${OVPN_POOL}
  23 topology subnet
  24 client-to-client
  25 keepalive 10 60
  26 persist-tun
  27 persist-key
  28 push "dhcp-option DNS ${OVPN_DNS}"
  29 push "dhcp-option DOMAIN ${OVPN_DOMAIN}"
  30 push "redirect-gateway def1"
  31 push "persist-tun"
  32 push "persist-key"
  33 <dh>
  34 ${OVPN_DH}
  35 </dh>
  36 EOF
  37 (*"SSL client : Yes"*)
  38 OVPN_CONF="${OVPN_DIR}/${OVPN_ID}.ovpn"
  39 cat << EOF > ${OVPN_CONF} ;;
  40 user nobody
  41 group nogroup
  42 dev tun
  43 nobind
  44 client
  45 remote ${OVPN_SERV} ${OVPN_PORT} ${OVPN_PROTO}
  46 auth-nocache
  47 remote-cert-tls server
  48 EOF
  49 esac
  50 cat << EOF >> ${OVPN_CONF}
  51 <tls-crypt-v2>
  52 ${OVPN_TC}
  53 </tls-crypt-v2>
  54 <key>
  55 ${OVPN_KEY}
  56 </key>
  57 <cert>
  58 ${OVPN_CERT}
  59 </cert>
  60 <ca>
  61 ${OVPN_CA}
  62 </ca>
  63 EOF
  64 done
  65 /etc/init.d/openvpn restart
  66 ls ${OVPN_DIR}/*.ovpn

   1 % sudo apt install miniupnpc
   2 % # QUERY STATUS
   3 % upnpc -s
   4 upnpc : miniupnpc library test client, version 2.1.
   5  (c) 2005-2018 Thomas Bernard.
   6 Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
   7 for more information.
   8 No IGD UPnP Device found on the network !

   1 opkg install luci-app-upnp

   1 % upnpc -s
   2 upnpc : miniupnpc library test client, version 2.1.
   3  (c) 2005-2018 Thomas Bernard.
   4 Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
   5 for more information.
   6 List of UPNP devices found on the network :
   7  desc: http://192.168.182.1:5000/rootDesc.xml
   8  st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
   9 
  10  desc: http://[fd93:56fb:daf7::1]:5000/rootDesc.xml
  11  st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
  12 
  13 Found valid IGD : http://192.168.179.1:5000/ctl/IPConn
  14 Local LAN ip address : fd93:2709:de35:0:fc16:acff:fe54:157e
  15 Connection Type : IP_Routed
  16 Status : Connected, uptime=451723s, LastConnectionError : ERROR_NONE
  17   Time started : Fri Apr  3 08:07:49 2020
  18 MaxBitRateDown : 33554432 bps (33.5 Mbps)   MaxBitRateUp 4194304 bps (4.1 Mbps)
  19 ExternalIPAddress = ww.xx.yy.zz
  20 Bytes:   Sent: 2283027815       Recv: 2695217145
  21 Packets: Sent: 12678549 Recv: 80009359

   1 /usr/bin/external-ip

   1 opkg install luci-app-sqm

   1 # ethtool eth0
   2 Settings for eth0:
   3         Supported ports: [ ]
   4         Supported link modes:   1000baseT/Full 
   5         Supported pause frame use: No
   6         Supports auto-negotiation: No
   7         Supported FEC modes: Not reported
   8         Advertised link modes:  1000baseT/Full 
   9         Advertised pause frame use: No
  10         Advertised auto-negotiation: No
  11         Advertised FEC modes: Not reported
  12         Speed: 1000Mb/s
  13         Duplex: Full
  14         Port: MII
  15         PHYAD: 0
  16         Transceiver: external
  17         Auto-negotiation: on
  18         Current message level: 0x000000ff (255)
  19                                drv probe link timer ifdown ifup rx_err tx_err
  20         Link detected: yes

/etc/config/network
   1 config device                             
   2         option name 'dsl0' 
   3         option macaddr '54:64:d9:aa:bb:cc'

/etc/config/network
   1 config interface 'wan'
   2         option proto 'pppoe'        ### POINT-TO-POINT OVER ETHERNET
   3         option device 'dsl0.7'      ### VLAN 7 ON DEVICE dsl0
   4         option username 'username'  ### PAP/CHAP USERNAME
   5         option password 'password'  ### PAP/CHAP PASSWORD
   6         option ipv6 'auto'
   7         ### BRING UP ON BOOT
   8         option auto '1'             ### DEFAULT - BRING UP
   9         option auto '0'
  10         ### ACCESS CONCENTRATOR
  11         #option ac 'STRING'
  12         ### SERVICE NAME
  13         #option service 'STRING'
  14         ### USE DEFAULT GATEWAY
  15         option defaultroute '1'     ### DEFAULT - INSTALL ROUTE
  16         option defaultroute '0'
  17         ### OVERRIDE MTU
  18         option mtu '1492'           ### DEFAULT 1500 BYTE
  19         ### USE DNS SERVERS ADVERTISED BY PEER
  20         option peerdns '1'          ### DEFAULT - USE DNS SERVERS
  21         option peerdns '0'
  22         ### USE CUSTOM DNS SERVERS (QUAD9)
  23         list dns '9.9.9.9'
  24         list dns '149.112.112.112'
  25         #…TONS OF OTHER OPTIONS
  26 
  27 config interface 'wan6'
  28         option device '@wan'
  29         option proto 'dhcpv6'

/etc/config/network
   1 config dsl 'dsl'
   2         ### ANNEX
   3         option annex 'a'     ### ANNEX A + L + M (all)
   4         option annex 'b'     ### ANNEX B (all)
   5         option annex 'j'     ### ANNEX J (all) GERMAN TELEKOM
   6         option annex 'm'     ### ANNEX M (all)
   7         option annex 'bdmt'  ### ANNEX B G.992.1
   8         option annex 'b2'    ### ANNEX B G.992.3
   9         option annex 'b2p'   ### ANNEX B G.992.5
  10         option annex 'at1'   ### ANSI T1.413
  11         option annex 'admt'  ### ANNEX A G.992.1
  12         option annex 'alite' ### ANNEX A G.992.2
  13         option annex 'a2'    ### ANNEX A G.992.3
  14         option annex 'a2'    ### ANNEX A G.992.5
  15         option annex 'l'     ### ANNEX L G.992.3 POTS 1
  16         option annex 'm2'    ### ANNEX M G.992.3
  17         option annex 'm2p'    ### ANNEX M G.992.5
  18         ### TONE
  19         option tone 'a'   ### A43C + J43 + A43
  20         option tone 'av'  ### A43C + J43 + A43 + V43
  21         option tone 'b'   ### B43 + B43C
  22         option tone 'bv'  ### B43 + B43C + V43
  23         ### ENCPASULATION MODE
  24         option xfer_mode 'ptm'
  25         option xfer_mode 'atm'
  26         ### DSL LINE MODE
  27         option line_mode 'vdsl'
  28         option line_mode 'adsl'
  29         ### DOWNSTREAM SNR (SIGNAL TO NOISE) OFFSET
  30         option ds_snr_offset '-100' ### -10.0dB
  31         option ds_snr_offset '0'    ###   0.0dB
  32         option ds_snr_offset '100'  ### +10.0dB
  33         ### FIRMWARE FILE
  34         #option firmware '/lib/firmware/vr9-B-dsl.bin'
  35 

/etc/config/network
   1 ### WITH ATM (ANSYNCHRONOUS TRANSFER MODE) ENCAPSULATION
   2 config atm-bridge 'atm'
   3         ### ATM VIRTUAL PATH IDENTIFIER (VPI)
   4         option vpi '1'
   5         ### ATM VIRTUAL CHANNEL IDENTIFIER (VCI)
   6         option vci '32'
   7         ### ENCPASULATION MODE
   8         option encaps 'llc'
   9         option encaps 'vc'     ### VC-mux
  10         ### FORWARDING MODE
  11         option payload 'bridged'
  12         option payload 'routed'
  13         ### DEVICE NAME PREFIX ???
  14         option nameprefix 'dsl'
  15         ### ATM DEVICE NUMBER
  16         option atmdev '12345'
  17         ### BRIDGE UNIT NUMBER
  18         option unit '12345'

/etc/init.d/dsl_control
   1 Syntax: /etc/init.d/dsl_control [command]
   2 
   3 Available commands:
   4         start           Start the service
   5         stop            Stop the service
   6         restart         Restart the service
   7         reload          Reload configuration files (or restart if service does not implement reload)
   8         enable          Enable service autostart
   9         disable         Disable service autostart
  10         enabled         Check if service is started on boot
  11         dslstat         Get DSL status information
  12         running         Check if service is running
  13         status          Service status
  14         trace           Start with syscall trace

   1 while sleep 1; do
   2         clear;
   3         /etc/init.d/dsl_control dslstat;
   4 done

   1 {
   2         "api_version": "4.17.18.6",
   3         "firmware_version": "5.8.1.8.1.6",
   4         "chipset": "Lantiq-VRX200",
   5         "driver_version": "1.5.17.6",
   6         "state": "Silent",
   7         "state_num": 3,
   8         "up": false,
   9         "uptime": 0,
  10         "atu_c": {
  11 
  12         },
  13         "power_state": "L3 - No power",
  14         "power_state_num": 3,
  15         "upstream": {
  16 
  17         },
  18         "downstream": {
  19 
  20         },
  21         "errors": {
  22                 "near": {
  23                         "es": 0,
  24                         "ses": 0,
  25                         "loss": 0,
  26                         "uas": 55793624,
  27                         "lofs": 0,
  28                         "fecs": 0,
  29                         "hec": 0,
  30                         "ibe": 0,
  31                         "crc_p": 0,
  32                         "crcp_p": 0,
  33                         "cv_p": 0,
  34                         "cvp_p": 0
  35                 },
  36                 "far": {
  37                         "es": 0,
  38                         "ses": 0,
  39                         "loss": 0,
  40                         "uas": 55793623,
  41                         "lofs": 0,
  42                         "fecs": 0,
  43                         "hec": 0,
  44                         "ibe": 0,
  45                         "crc_p": 0,
  46                         "crcp_p": 0,
  47                         "cv_p": 0,
  48                         "cvp_p": 0
  49                 }
  50         }
  51 }

Ein
Aus
   1 cd /boot
   2 ln -sf armada-385-turris-omnia-sfp.dtb dtb
   3 ll /boot
   4 drwxr-xr-x    1 root     root           158 Sep  9 13:03 ./
   5 drwxr-xr-x    1 root     root           142 Sep  9 11:45 ../
   6 -rw-r--r--    1 root     root         18834 Aug 26 01:49 armada-385-turris-omnia-phy.dtb
   7 -rw-r--r--    1 root     root         18870 Aug 26 01:49 armada-385-turris-omnia-sfp.dtb
   8 -rw-r--r--    1 root     root          1199 Aug 26 01:49 boot.scr
   9 lrwxrwxrwx    1 root     root            31 Sep  9 13:03 dtb -> armada-385-turris-omnia-sfp.dtb
  10 -rwxr-xr-x    1 root     root       3359368 Aug 26 01:49 zImage*

logread |grep sfp
   1 Oct 12 17:55:14 antares kernel: [   10.711350] sfp sfp: module ALLNET           ALL4781          rev V3.4 sn 0000000FC91BA95D dc 16-04-21
   2 Oct 12 17:55:14 antares kernel: [   10.720684] sfp sfp:   unknown connector, encoding 8b10b, nominal bitrate 1.3Gbps +0% -0%
   3 Oct 12 17:55:14 antares kernel: [   10.728961] sfp sfp:   1000BaseSX+ 1000BaseLX- 1000BaseCX- 1000BaseT- 100BaseTLX- 1000BaseFX- BaseBX10- BasePX-
   4 Oct 12 17:55:14 antares kernel: [   10.739078] sfp sfp:   10GBaseSR- 10GBaseLR- 10GBaseLRM- 10GBaseER-
   5 Oct 12 17:55:14 antares kernel: [   10.745361] sfp sfp:   Wavelength 0nm, fiber lengths:
   6 Oct 12 17:55:14 antares kernel: [   10.750423] sfp sfp:     9µm SM    : unsupported
   7 Oct 12 17:55:14 antares kernel: [   10.755139] sfp sfp:  62.5µm MM OM1: unsupported/unspecified
   8 Oct 12 17:55:14 antares kernel: [   10.760897] sfp sfp:    50µm MM OM2: unsupported/unspecified
   9 Oct 12 17:55:14 antares kernel: [   10.766657] sfp sfp:    50µm MM OM3: unsupported/unspecified
  10 Oct 12 17:55:14 antares kernel: [   10.772419] sfp sfp:    50µm MM OM4: 2.540km
  11 Oct 12 17:55:14 antares kernel: [   10.776785] sfp sfp:   Options: retimer
  12 Oct 12 17:55:14 antares kernel: [   10.780628] sfp sfp:   Diagnostics: 
  13 Oct 12 17:55:14 antares kernel: [   16.741379] sfp sfp: module transmit fault indicated
  14 Oct 12 17:55:14 antares kernel: [   19.431401] sfp sfp: module transmit fault recovered
  15 Oct 12 17:55:14 antares kernel: [   19.801394] sfp sfp: module transmit fault indicated
  16 Oct 12 17:55:14 antares kernel: [   22.541597] sfp sfp: module persistently indicates fault, disabling

   1 root@turris:~# ethtool eth2                                                                       
   2 Settings for eth2:                                                                                
   3         Supported ports: [ TP ]                                                                   
   4         Supported link modes:   1000baseX/Full                                                    
   5         Supported pause frame use: Symmetric                                                      
   6         Supports auto-negotiation: Yes                                                            
   7         Supported FEC modes: Not reported                                                         
   8         Advertised link modes:  1000baseX/Full                                                    
   9         Advertised pause frame use: Symmetric                                                     
  10         Advertised auto-negotiation: Yes                                                          
  11         Advertised FEC modes: Not reported                                                        
  12         Speed: 1000Mb/s                                                                           
  13         Duplex: Full                                                                              
  14         Port: Twisted Pair                                                                        
  15         PHYAD: 0                                                                                  
  16         Transceiver: internal                                                                     
  17         Auto-negotiation: on                                                                      
  18         MDI-X: Unknown                                                                            
  19         Supports Wake-on: d                                                                       
  20         Wake-on: d                                                                                
  21         Link detected: yes  
  22 root@turris:~# ethtool -m eth2           
  23         Identifier                                : 0x03 (SFP)
  24         Extended identifier                       : 0x04 (GBIC/SFP defined by 2-wire interface ID)
  25         Connector                                 : 0x22 (RJ45)
  26         Transceiver codes                         : 0x00 0x00 0x00 0x01 0x00 0x00 0x00 0x00 0x00
  27         Transceiver type                          : Ethernet: 1000BASE-SX
  28         Encoding                                  : 0x01 (8B/10B) 
  29         BR, Nominal                               : 1300MBd
  30         Rate identifier                           : 0x00 (unspecified)
  31         Length (SMF,km)                           : 0km
  32         Length (SMF)                              : 0m
  33         Length (50um)                             : 0m
  34         Length (62.5um)                           : 0m
  35         Length (Copper)                           : 255m
  36         Length (OM3)                              : 0m
  37         Laser wavelength                          : 0nm
  38         Vendor name                               : ALLNET
  39         Vendor OUI                                : 00:0f:c9
  40         Vendor PN                                 : ALL4781
  41         Vendor rev                                : V3.4
  42         Option values                             : 0x08 0x00
  43         Option                                    : Retimer or CDR implemented
  44         BR margin, max                            : 0%
  45         BR margin, min                            : 0%
  46         Vendor SN                                 : 0000000FC91BA95D
  47         Date code                                 : 210416__
  48 root@turris:~# ethtool -m eth2 raw on |hexdump -C                             
  49 00000000  03 04 22 00 00 00 01 00  00 00 00 01 0d 00 00 00  |..".............|
  50 00000010  00 00 ff 00 41 4c 4c 4e  45 54 20 20 20 20 20 20  |....ALLNET      |
  51 00000020  20 20 20 20 00 00 0f c9  41 4c 4c 34 37 38 31 20  |    ....ALL4781 |
  52 00000030  20 20 20 20 20 20 20 20  56 33 2e 34 00 00 00 c7  |        V3.4....|
  53 00000040  08 00 00 00 30 30 30 30  30 30 30 46 43 39 31 42  |....0000000FC91B|
  54 00000050  41 39 35 44 32 31 30 34  31 36 00 00 00 00 00 ae  |A95D210416......|
  55 00000060  30 30 30 46 43 39 31 42  41 39 35 44 20 20 20 20  |000FC91BA95D    |
  56 00000070  20 20 20 20 20 20 20 20  45 44 4c 31 36 43 56 31  |        EDL16CV1|
  57 00000080  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
  58 *                                                                             
  59 00000100                                                                      
  60 root@turris:~# ethtool -k eth2 
  61 Features for eth2:
  62 rx-checksumming: off [fixed]
  63 tx-checksumming: on
  64         tx-checksum-ipv4: on
  65         tx-checksum-ip-generic: off [fixed]
  66         tx-checksum-ipv6: on
  67         tx-checksum-fcoe-crc: off [fixed]
  68         tx-checksum-sctp: off [fixed]          
  69 scatter-gather: on                             
  70         tx-scatter-gather: on                  
  71         tx-scatter-gather-fraglist: off [fixed]
  72 tcp-segmentation-offload: on                   
  73         tx-tcp-segmentation: on                
  74         tx-tcp-ecn-segmentation: off [fixed]   
  75         tx-tcp-mangleid-segmentation: off      
  76         tx-tcp6-segmentation: off [fixed]
  77 generic-segmentation-offload: on
  78 generic-receive-offload: on
  79 large-receive-offload: off [fixed]
  80 rx-vlan-offload: off [fixed]
  81 tx-vlan-offload: off [fixed]
  82 ntuple-filters: off [fixed]
  83 receive-hashing: off [fixed]
  84 highdma: off [fixed]
  85 rx-vlan-filter: off [fixed]
  86 vlan-challenged: off [fixed]
  87 tx-lockless: off [fixed]
  88 netns-local: off [fixed]
  89 tx-gso-robust: off [fixed]
  90 tx-fcoe-segmentation: off [fixed]
  91 tx-gre-segmentation: off [fixed]
  92 tx-gre-csum-segmentation: off [fixed]
  93 tx-ipxip4-segmentation: off [fixed]
  94 tx-ipxip6-segmentation: off [fixed]
  95 tx-udp_tnl-segmentation: off [fixed]
  96 tx-udp_tnl-csum-segmentation: off [fixed]
  97 tx-gso-partial: off [fixed]
  98 tx-sctp-segmentation: off [fixed]
  99 tx-esp-segmentation: off [fixed]
 100 fcoe-mtu: off [fixed]
 101 tx-nocache-copy: off
 102 loopback: off [fixed]
 103 rx-fcs: off [fixed]
 104 rx-all: off [fixed]
 105 tx-vlan-stag-hw-insert: off [fixed]
 106 rx-vlan-stag-hw-parse: off [fixed]
 107 rx-vlan-stag-filter: off [fixed]
 108 l2-fwd-offload: off [fixed]
 109 hw-tc-offload: off [fixed]
 110 esp-hw-offload: off [fixed]
 111 esp-tx-csum-hw-offload: off [fixed]
 112 rx-udp_tunnel-port-offload: off [fixed]
 113 

/etc/firewall.user
firewall
/etc/firewall.user
crontab -e
   1 ### CRONTAB OF THE USER ROOT
   2 @reboot sleep 30 && /etc/init.d/firewall restart

   1 socat - /tmp/kresd/control/$(pgrep kresd)
   2 > cache.clear()
   3 {
   4     ['count'] = 538,
   5 }
   6 > quit()

/usr/sbin/kresd_clear_cache.sh
   1 #!/bin/sh
   2 
   3 socat - /tmp/kresd/control/$(pgrep kresd) << EOF
   4 cache.clear()
   5 quit()
   6 EOF

   1 chmod u+x /usr/sbin/kresd_clear_cache.sh
   2 ### CLEAR CACHE EASILY
   3 kresd_clear_cache.sh

   1 echo 'cache.stats()' |socat - /tmp/kresd/control/$(pgrep kresd)

/etc/config/resolver
   1 config resolver 'common'
   2         ###option msg_cache_size '10M'
   3         option msg_cache_size '128M'
   4 …

kresd
   1 /etc/init.d/resolver restart
   2 echo cache.current_size |socat - /tmp/kresd/control/$(pgrep kresd)
   3 134217728

   1 socat - /tmp/kresd/control/$(pgrep kresd)
   2 > log_target('syslog')
   3 'syslog'
   4 > log_level('debug')
   5 'debug'
   6 > quit()
   7 
   8 logread -f

/etc/config/resolver
   1 config resolver 'kresd'
   2         option rundir '/tmp/kresd'
   3         option log_stderr '1'
   4         option log_stdout '1'
   5         option keep_cache '1'
   6         list rpz_file '/etc/kresd/adb_list.overall'
   7         option include_config '/etc/kresd/custom.conf'

   1 uci commit resolver
   2 /etc/init.d/resolver restart

/etc/kresd/custom.conf
   1 -- Forward resolver settings
   2 policy.add(policy.suffix(
   3         policy.FORWARD('172.16.0.1'),
   4         {todname('sub.domain.tld.')}
   5 ))

/etc/kresd/custom.conf
   1 -- Disable DNSsec for list of domains
   2 trust_anchors.set_insecure({'sub.domain.tld.'})

/etc/kresd/custom.conf
   1 -- Performance optimizations
   2 -- DEFAULT: 1232
   3 net.bufsize(4096)

/etc/kresd/custom.conf
   1 -- Increase timeout to allow slow DNSsec validation
   2 -- DEFAULT: 1000
   3 cache.ns_tout(2000)

Model            TP-Link Archer C7 v5
Architecture     Qualcomm Atheros QCA9560 802.11bgn ver 1 rev 0
                 Qualcomm Atheros QCA9880 802.11nac
Target Platform  ath79/generic
Firmware Version OpenWrt 21.02.2 r16495-bf0c965af0 / LuCI openwrt-21.02 branch git-22.046.85957-59c3392
Kernel Version   5.4.179
ethtool
ksoftirqd: ~80%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.183.127 port 53496 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.0943 sec   383 MBytes   318 Mbits/sec

ksoftirqd: ~80%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.183.127 port 53488 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.0799 sec   392 MBytes   326 Mbits/sec

   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.183.110 port 36576 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.0238 sec  1.07 GBytes   918 Mbits/sec

   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.183.110 port 36578 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.0210 sec  1.07 GBytes   917 Mbits/sec

ksoftirqd: ~80%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.111.111 port 51764 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.1084 sec   245 MBytes   203 Mbits/sec
   9 ------------------------------------------------------------

ksoftirqd: ~80%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.111.111 port 51760 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.1564 sec   203 MBytes   168 Mbits/sec

ksoftirqd: ~90%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.111.127 port 33552 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.0391 sec   760 MBytes   635 Mbits/sec

ksoftirqd: ~85%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size: 85.0 KByte (default)
   5 ------------------------------------------------------------
   6 [  1] local 192.168.111.127 port 33556 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  1] 0.0000-10.1120 sec   231 MBytes   192 Mbits/sec

iperf: ~72%
ksoftirqd: ~10%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size:  262 KByte (default)
   5 ------------------------------------------------------------
   6 [  3] local 192.168.183.238 port 56182 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  3]  0.0-10.0 sec   292 MBytes   245 Mbits/sec

iperf: ~71%
ksoftirqd: ~11%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size:  175 KByte (default)
   5 ------------------------------------------------------------
   6 [  3] local 192.168.183.238 port 56184 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  3]  0.0-10.0 sec   294 MBytes   247 Mbits/sec

iperf: ~75%
ksoftirqd: ~8%
   1 iperf -c 192.168.183.1
   2 ------------------------------------------------------------
   3 Client connecting to 192.168.183.1, TCP port 5001
   4 TCP window size:  131 KByte (default)
   5 ------------------------------------------------------------
   6 [  3] local 192.168.183.238 port 56188 connected with 192.168.183.1 port 5001
   7 [ ID] Interval       Transfer     Bandwidth
   8 [  3]  0.0-10.0 sec   314 MBytes   263 Mbits/sec

Device	Function	Description
eth0	LAN PHY 1	LAN switch ports 0,1
eth1	LAN PHY 2	LAN switch ports 2,3
eth2	WAN PHY/SFP	WAN port (RJ-45/SFP) and LAN switch port 4

LED	Interval	Status
green	blinking	xDSL synchonizing
green	continuously	xDSL in sync
green	off	no xDSL
yellow	continuously	SFP power
yellow	off	SFP without power

OpenWRT

About

Basics

Fallback behaviour

Set a password

Essential packages

Shell profile

Logging

LUCI

HTTPs

LUCI CSS

Add user

USB storage

Swap

Extroot

opkg

Freeing up space

opkg manual upgrade

opkg_upgrade

Automatic opkg_upgrade

System upgrades

Configure your backup

Create backup

Restore backup

Perform the upgrade

System recovery

TFTP

Prepare TFTPD

TCPD

Directory structure

Prepare device specific files

Test the connection

Create serial connection

Das U-Boot

Switch to dhcp (intermediate)

DHCP options

DNS with dnsmasq

DNSmasq on Omnia Turris

Investigation

Strict order

No SRV records

Local DNS resolution

Dynamic DNS

Adblock

Wake on LAN

Windows shares

VPN

Wireguard

Wireguard Remote-Access VPN

Wireguard site-to-site

Samba on the wireguard interface

OpenVPN

Install OpenVPN

Prepare shell environment

Initialize EasyRSA-PKI

Configure firewall

Configure VPN service and generate client profiles

UPnP

Software Flow Offloading

SQM (Smart Queue Management)

Trouble Shooting

Slow Routing/NAT throughput

Wrong Link Speed

DSL

DSL optimization

DOCSIS 3.1

Technicolor TC4400-EU

Vodafone Station

Normal Mode

Bridge Mode

Status

Vorbereitungen

Aktivierung

Omnia Turris

About

Devices

Change WAN interface from RJ-45 to SFP

Possible SFPs

ALLNET ALL4781-VDSL2-SFP

Status