OpenWrt Forum Archive

Topic: Update on Linksys WRT1900AC support

The content of this topic has been archived between 16 Sep 2014 and 7 May 2018. Unfortunately there are posts – most likely complete pages – missing.

Post #13176
hancor
15 Sep 2016, 06:05

Newbie here, I tried Chaos Charmer 15.05 last fall but had little to no success and reverted back to the OEM firmware. Couldn't log on to internut, but was able to poke around and mess a little with the LuCI interface.

Last night I decided to go back to the OpenWrt well and attempted Chaos Calmer 15.05.1
Result: SUCCESS!

Managed the firmware flash uneventfully. Tried to log on via 192.168.1.1 but no joy. So powered down the cable modem and Linksys WRT1900AC V1 router and rebooted. Still no joy on the log on. Got annoyed, and hit the red reset button for about 30 sec and booted up the router again.

Finally, success and logged on to change password and do the very basic newbie setup with password, timecode, region code, security initialization on WiFi radios with password. Also got the printer setup.  Did a little wifi analysis to avoid channel crowding on the 2.4Ghz frequency and was the only kid on the block with 5Ghz channels, so I have no competition in my neighbourhood for now.

Did a backup and flashed up to Kaloz build to kernel version :  3.18.36, reconfigured and it runs like a finely tuned top.

But it appears we have a number of third party builds, which I'm willing to give a whirl. Which 3rd party build is the most stable for a relative newcomer...?

I read through the descriptions and it would appear that the davidc502

Customized Development [DD] Build (Released September 5th, 2016)
Based on kernel version 4.4.19 claims to be the most stable offering both LEDE and OpenWRT versions. Which of the two is the most Keep It Simple Stupid (KISS) version for a relative newbie?

Also, if I make a backup config file on the 3.18.36 kernel will those settings work on the 4.4.19 kernel or is that a manual setup again?

Cheers

Post #13177
tapper
15 Sep 2016, 07:25
hancor wrote:

Newbie here, I tried Chaos Charmer 15.05 last fall but had little to no success and reverted back to the OEM firmware. Couldn't log on to internut, but was able to poke around and mess a little with the LuCI interface.

Last night I decided to go back to the OpenWrt well and attempted Chaos Calmer 15.05.1
Result: SUCCESS!

Managed the firmware flash uneventfully. Tried to log on via 192.168.1.1 but no joy. So powered down the cable modem and Linksys WRT1900AC V1 router and rebooted. Still no joy on the log on. Got annoyed, and hit the red reset button for about 30 sec and booted up the router again.

Finally, success and logged on to change password and do the very basic newbie setup with password, timecode, region code, security initialization on WiFi radios with password. Also got the printer setup.  Did a little wifi analysis to avoid channel crowding on the 2.4Ghz frequency and was the only kid on the block with 5Ghz channels, so I have no competition in my neighbourhood for now.

Did a backup and flashed up to Kaloz build to kernel version :  3.18.36, reconfigured and it runs like a finely tuned top.

But it appears we have a number of third party builds, which I'm willing to give a whirl. Which 3rd party build is the most stable for a relative newcomer...?

I read through the descriptions and it would appear that the davidc502

Customized Development [DD] Build (Released September 5th, 2016)
Based on kernel version 4.4.19 claims to be the most stable offering both LEDE and OpenWRT versions. Which of the two is the most Keep It Simple Stupid (KISS) version for a relative newbie?

Also, if I make a backup config file on the 3.18.36 kernel will those settings work on the 4.4.19 kernel or is that a manual setup again?

Cheers

Hi there mate you have the most of it rite, that is indeed a good build to try out. About the backup config file pleas don't flash a old backup config file as you mite really mess things up. I have dun this and it's a pane in the ass. The davidc502 build mite have a small change in it that will not like a setting in the backup and then will throw it all off. smile

Post #13178
JW0914
15 Sep 2016, 13:40

@hancor You're issue with accessing LuCI after a flash is likely due to browser cache... clearing it should solve the issue if it occurs again. 

As far as 3rd Party builds go, it's recommended you visit the website links to each build, of which will allow a comparison of the differences between each.  As @tapper, mentioned It's not recommended to flash backups between different builds, however, you can make the process easier by opening the backup tar and copying text from the backup configs to the router's config files via ssh.

If choosing a build below kernel 4.4.14, ensure it contains the NAND timeout patch, which, if included, should be listed on each applicable build info page


MatiasG wrote:

You know if it is possible to disconnect a wireless connection? That is, if a phone connect to my wifi network is possible disconnect from the router?

There's a couple of ways to deal with that scenario.

  1. Ensure you read the first two paragraphs under Flashing Firmware in the wiki, particularly ensuring you visit the link WiFi Security under Flashing Firmware. 

    • Provided you follow the recommendations under WiFi Security, no one should be able to crack your password.

  2. If you're concerned about someone who was previously given your wifi password connecting without permission:

    • You can configure MAC Filtering under Network > Wireless > Edit - Interface Configuration - MAC Filter

      • Change MAC-Address Filter to Allow Listed Only, then add the MAC addresses of the WiFi devices you want to allow to connect to the specified network

  3. I always recommend configuring a guest network to allow individuals not living within the household access to the internet, but which firewalls your LAN from their access.  Guest vLANs are mentioned in numerous OpenWrt Wikis [wiki site: wiki.openwrt.org], being discussed briefly under WiFi Access within the WiFi security wiki above, as well as under this wiki.


Guest vLAN firewall rules would be similar to:

etc/config/firewall

config zone
    option  name            guest
    option  network         guest
    option  input           REJECT
    option  forward         REJECT
    option  output          ACCEPT
    option  conntrack       1
    option  log             1

config forwarding
    option  dest            wan
    option  src             guest

config rule
    option  target          ACCEPT
    option  proto           'tcp udp'
    option  dest_port       53
    option  src             guest
    option  name            'Allow Guest -> WRT1200ac (DNS Queries)'

config rule
    option  target          ACCEPT
    option  proto           udp
    option  src_port        '67-68'
    option  dest_port       '67-68'
    option  src             guest
    option  name            'Allow Guest -> WRT1200ac (DHCP Requests)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       22
    option  name            'Deny Guest -> WRT1200ac (SSH)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       23
    option  name            'Deny Guest -> WRT1200ac (Telnet)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       135
    option  name            'Deny Guest -> WRT1200ac (RPC)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       137
    option  name            'Deny Guest -> WRT1200ac (NETBIOS Name Service)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       138
    option  name            'Deny Guest -> WRT1200ac (NETBIOS Datagram Service)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       139
    option  name            'Deny Guest -> WRT1200ac (NETBIOS Session Service)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       445
    option  name            'Deny Guest -> WRT1200ac (CIFS)'

config rule
    option  target          DROP
    option  src             guest
    option  dest            *
    option  proto           any
    option  dest_port       1194
    option  name            'Deny Guest -> WRT1200ac (OpenVPN)'

config rule
    option  target          ACCEPT
    option  src             guest
    option  dest            wan
    option  proto           'tcp udp'
    option  name            'Allow Guest -> WAN'

config rule
    option  target          DROP
    option  src             guest
    option  dest            lan
    option  proto           all
    option  name            'Deny Guest -> LAN'

(Last edited by JW0914 on 15 Sep 2016, 13:41)

Post #13179
northbound
15 Sep 2016, 14:15

Anyone building the darkside trunk. 4.4.21 is out on kernel.org all that needed done was.
/target/linux/generic/patches-4.4 it looks like the 051* can be deleted since it is fixed in the new kernel.
By
commit 2f949da9c0203bb8b309daddcf532593d019fc2b
commit 708cb42fcaef0874a81100b461833096564db6cf
commit d57a6c748059eb1f90cde4b40091f57617b72609
commit 48fd20d7237bfefd18750b1b38f426c7e210462d
Will find out for sure after I get home from work and flash.

Post #13180
thelakesclub
15 Sep 2016, 14:28
northbound wrote:

Anyone building the darkside trunk. 4.4.21 is out on kernel.org all that needed done was.
/target/linux/generic/patches-4.4 it looks like the 051* can be deleted since it is fixed in the new kernel.
By
commit 2f949da9c0203bb8b309daddcf532593d019fc2b
commit 708cb42fcaef0874a81100b461833096564db6cf
commit d57a6c748059eb1f90cde4b40091f57617b72609
commit 48fd20d7237bfefd18750b1b38f426c7e210462d
Will find out for sure after I get home from work and flash.

Just tested. Confirmed! Like you said remove the 051* patches and it compiles successfully. smile

Edit: Successfully flashed and working. smile

(Last edited by thelakesclub on 15 Sep 2016, 15:34)

Post #13181
Villeneuve
15 Sep 2016, 20:49

@northbound, While the 4 patches you indicated explicitly have been up-streamed, I see no indication the following have been:

target/linux/generic/patches-4.4/051-0001-ovl-rename-is_merge-to-is_lowest.patch
target/linux/generic/patches-4.4/051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch
target/linux/generic/patches-4.4/051-0005-ovl-proper-cleanup-of-workdir.patch

to your statement 051* can be deleted.

(Last edited by Villeneuve on 15 Sep 2016, 20:50)

Post #13182
kirkgbr
15 Sep 2016, 21:56

While we're on the subject, how do we associate those commits northbound provided to specific patches?  In other words, how do we know which patch to delete?  Is there some magic or do we need to read code?

(Last edited by kirkgbr on 15 Sep 2016, 21:59)

Post #13183
JW0914
15 Sep 2016, 22:03

Does OpenWrt offer a package that allows one to block network access during certain times of the day?  If not, is there some other way to implement this?

Post #13184
anomeome
15 Sep 2016, 22:19

@kirkgbr, In this case, as @northbound provided target/linux/generic/patches-4.4/051* could be deleted, listing those and checking the commit # provided against the changelog @ kernel.org would get you there.

Post #13185
kirkgbr
15 Sep 2016, 22:38
anomeome wrote:

@kirkgbr, In this case, as @northbound provided target/linux/generic/patches-4.4/051* could be deleted, listing those and checking the commit # provided against the changelog @ kernel.org would get you there.


Thanks for the reply.  I guess I've been out of it for too long.  So I must be missing something or overthinking things.

There are 7 patches:

target/linux/generic/patches-4.4/051-0001-ovl-rename-is_merge-to-is_lowest.patch
target/linux/generic/patches-4.4/051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch
target/linux/generic/patches-4.4/051-0003-ovl-don-t-copy-up-opaqueness.patch
target/linux/generic/patches-4.4/051-0004-ovl-remove-posix_acl_default-from-workdir.patch
target/linux/generic/patches-4.4/051-0005-ovl-proper-cleanup-of-workdir.patch
target/linux/generic/patches-4.4/051-0006-ovl-listxattr-use-strnlen.patch
target/linux/generic/patches-4.4/051-0007-ovl-fix-workdir-creation.patch

But only 4 commits.

Post #13186
anomeome
15 Sep 2016, 22:44

Right, which goes to the earlier post that not all had been up-streamed; namely the 3 listed.

Post #13187
northbound
15 Sep 2016, 23:10

@Villeneuve
Good point. Maybe they are needed. But it built fine and flashed. So far I have seen no issues.
Guess I will wait till the dark side catches up and see if they include any of the deleted patches.  smile
Edit: Not knocking their kernel updates they keep it moving. smile

(Last edited by northbound on 16 Sep 2016, 01:25)

Post #13188
tapper
15 Sep 2016, 23:36
JW0914 wrote:

Does OpenWrt offer a package that allows one to block network access during certain times of the day?  If not, is there some other way to implement this?

gargoyle is the best way of doing this kind of thing IMO. The WiFi scheduling for Gargoyle plugin is cool as!
Here are the builds for the wrt1900AC_http://www.lantisproject.com/gargoyle_mvebu/newgui/

Post #13189
mojolacerator
16 Sep 2016, 00:55

I've been running Gargoyle on my WRT1900ACv2 for about 6wks. Absolutely fantastic !

Post #13190
kirkgbr
16 Sep 2016, 03:35
anomeome wrote:

Right, which goes to the earlier post that not all had been up-streamed; namely the 3 listed.

Thanks anomeome.    That helps me better understand.

And I want to say that in no way do I disrespect northbound or his contribution.  I was just trying to understand it all.

Post #13191
sera
16 Sep 2016, 07:14
Villeneuve wrote:

@sera,Feedback on your last patch-set. I did a 4.8-rc6 build on a new tree and flashed UBI image to mamba device; no change to build, I simply copied across my .config. My intent was to let that run on the off chance I might catch some useful output on the console when it failed. In the meantime I planned on creating a modified build to start looking for the mwlwifi commit causing the grief on previous builds. More than 24 hours later the build is still running and I have not experienced a reboot. Did a quick browse @ kernel.org for any commits as likely candidate for change, but nothing leaps out.

This is ... unexpected. Nothing comes to mind as a likely candidate. The most intrusive changes were my musl "fixes". Thanks for letting me know tho.

-----

About 051-*, this was long standing bug that got fixed in 4.8-rc5 and marked for stable. Still was backported to lede. Then a regression introduced by the series got fixed in 4.8-rc6. Now it obviously got backported by upstream. I suggest to delete them all. Adding them in the first place was a pointless exercise.

----

*  Almost certainly ubifs with overlayfs becomes legal combination in 4.9, so the squashfs based images won't be broken by default any longer. https://lkml.org/lkml/2016/9/13/426

Post #13192
sera
16 Sep 2016, 07:17
JW0914 wrote:

Does OpenWrt offer a package that allows one to block network access during certain times of the day?  If not, is there some other way to implement this?

There exists a patch for iptables to add time based rules. Another simple approach is cron. If it's not supposed to be a poor man solution look into radius accounting.

Post #13193
gsustek
16 Sep 2016, 09:40

@InkblotAdmirer
what LEDE revision do you run which is stable and makes you happy:-)?

(Last edited by gsustek on 16 Sep 2016, 09:41)

Post #13194
Villeneuve
16 Sep 2016, 15:01
northbound wrote:

@Villeneuve
Edit: Not knocking their kernel updates they keep it moving. smile

You certainly can say that again.

Post #13195
InkblotAdmirer
16 Sep 2016, 15:33
gsustek wrote:

@InkblotAdmirer
what LEDE revision do you run which is stable and makes you happy:-)?

My latest build is as of this commit:

https://git.lede-project.org/?p=source. … 9e36289d6c

I'm not sure it's in LEDE trunk or not but I'm pulling the latest mwlwifi driver as well.  As of today, still getting excellent bi-directional file transfers on the 5G link.

Post #13197
JW0914
17 Sep 2016, 13:36

@sera  I'm going to try and carve out some time this week to work on the wiki, and one of my big priorities is to get serial flashing via USB added.  I think I may have accidentally deleted the flagged message where you mentioned where to look to find information on that... could you post again where I should look to research how to do so?


@All  Also, I've only used IRC chat once [sad, I know lol]... how do I access the OpenWrt IRC channel, as I also want to get the steps added for bootloader recovery for the Aramada 385 and need to speak with nitroshift to get a few clarifications on the steps.

(Last edited by JW0914 on 17 Sep 2016, 13:41)

Post #13198
kirkgbr
17 Sep 2016, 14:56
JW0914 wrote:

@All  Also, I've only used IRC chat once [sad, I know lol]... how do I access the OpenWrt IRC channel, as I also want to get the steps added for bootloader recovery for the Aramada 385 and need to speak with nitroshift to get a few clarifications on the steps.

Wish it were simple steps but every IRC client is different how it is configured and manipulated.  Basically startup the client and search for #Openwrt and/or #lede-dev.   

Just fyi, it is truly a great place to get answers quickly.

(Last edited by kirkgbr on 17 Sep 2016, 14:57)

Post #13199
nitroshift
17 Sep 2016, 20:37

@JW0914

Get an iRC client. Connect to freenode server and join #openwrt. Mission accomplished. You can find me Mondays to Fridays between 7AM and 3PM CET time.

nitroshift

Post #13200
JW0914
17 Sep 2016, 21:27

@kirkgbr @nitroshift Thanks for breaking it down =]

Sorry, posts 13201 to 13200 are missing from our archive.