OpenWrt Forum Archive

Topic: TP-Link TL-WR841N(D) Extended Build [v3,v5,v7,v8,v9]

The content of this topic has been archived between 30 Mar 2018 and 27 Apr 2018. Unfortunately there are posts – most likely complete pages – missing.

http://i.imgur.com/TIl4ExN.png

Decided to share a custom build I've created for my own use:

  • Chaos Calmer

  • LuCI with IPv6

  • MiniUPnP

  • OpenVPN with mbed TLS

  • DNSCrypt

  • ipset-dns

  • Reghack (WiFi channels 12 and 13)

  • Minified LuCI's CSS and JS

  • Removed kernel debugging and USB support

  • Nothing else has been touched. Basically, it is a 'make defconfig' + profile + the mentioned above.

  • Free ROM: 150 KB

  • Total available RAM: 15000 KB

  • OpenVPN BF-CBC speed: 12Mbs/12Mbs (measured on v8 downloading ubuntu via torrent)

Download firmware:
dropbox

Build script:
https://gist.github.com/amq/71a7c1ab521fb3c2aca6
Kudos to Aegisu

Supported devices:
tl-wr841nd-v3
tl-wr841nd-v5
tl-wr841nd-v7
tl-wr841n-v8
tl-wr841n-v9
tl-wr847n-v8

Changelog:

2015-09-13
- Chaos Calmer 15.05 (r46849)
- Removed QoS
- Added dnscrypt-proxy
- Added ipset-dns
- Added luci-app-openvpn

2015-04-21
- r45545
- Added QoS
- Added Reghack
- Removed kernel debugging and USB support

2015-01-22
- r44077
- Included patch for PolarSSL CVE-2015-1182

2014-12-19
- r43751
- Compiled with GCC 4.9

2014-12-16
- r43720
- Initial release

How to achieve the same build with the 'menu makeconfig' interface

1. rm .config .config.old
2. make defconfig
3. make menuconfig
(use space to select, make sure you see a star after a selection, not an M; use esc to go back)

_Target Profile - TP-LINK TL-WR841N/ND

Enable:
_LuCI - Collections - luci
_LuCI - Applications - luci-app-upnp
_LuCI - Applications - luci-app-openvpn
_Network - VPN - openvpn-polarssl
_Network - ipset-dns
_Network - IP addresses and Names - dnscrypt-proxy

Disable:
_Global build settings - Enable support for printk, Crash logging, Support for paging of anonymous memory (swap), Compile the kernel with symbol tables information, Compile the kernel with debug information, Compile the kernel with SysRq support, Enable printk timestamps
_Advanced configuration options (for developers) - Toolchain options - GCC compiler Version - gcc 4.9
_Kernel modules - USB Support - everything

OpenVPN setup guides:
https://blog.ipredator.se/howto/openwrt … enwrt.html
https://www.robertkehoe.com/2015/08/set … g-openwrt/

(Last edited by amq on 4 Dec 2016, 18:33)

Recompiled with GCC 4.9.2 compared to 4.8.2 in the initial release, this should fix a bunch of regressions.

Just an update on stability: I currently have 20d uptime and counting on my v8, while openvpn and torrents are always on. Haven't experienced any wifi dropouts either (n mode).

(Last edited by amq on 22 Jan 2015, 14:18)

2015-01-22
- r44077
- Includes patch for PolarSSL CVE-2015-1182

Hi amq.

First, thanks for your release...
A feedback...

The release TP-Link TL-WR841N - CC - r43751 was very unstable to me. A lot of drops.
My config is: 1 main router (running Gargoyle) + 6 routers in WDS mode.

This last release is working great...

Juliano

Hey, I am new here, and new to Openwrt in general, and just wanted to say thank you very much for uploading this. Everything is working great after updating to your build on my wr841n v9. This is exactly what I was looking for, a working build with openvpn. I just have a couple questions. After installing this and logging into Luci it says I'm running  OpenWrt Chaos Calmer r44077 / LuCI Master (git-15.022.39965-4b2d2e3) . Is that the latest/greatest version of Luci for this router? Is it possible to configure OpenVPN through Luci or do I need to do that via the terminal? Please forgive my ignorance, I understand this site is run mostly by vulenteers.

Also, prior to finding this build, I was using someone else's firmware that I downloaded via a plain http connection, and no md5sum was available. I knew that was a bad idea, but I just really needed my router to work at the time. Should I reinstall all of the packages to make sue that no malicious code is present on my system? Or would the sysupgrade have taken care of that already?

After configuring the opkg sources correctly, I was finally able to run opkg update successfully. Is there a way to verify all of the packages on the system through opkg, like running "apt-get check" on a debian system?

Thanks again. Good work.

OpenEverything, when I build my firmware I always clone https://github.com/openwrt-mirror/openwrt, ensuring that every package including Luci is the newest possible version. You can configure most of the stuff in Luci, but for example OpenVPN has to be configured manually (/etc/config/openvpn).

sysupgrade is everything you need, especially if you have chosen not to save the old configuration (if you did you don't have to reflash, you can simply reset to defaults).

Thank you very much for the answer. I will do a reset just to be safe than. I may try building it myself once I feel more confident doing so. Currently this is the only router I have that will run OpenWRT and I do not want to accidentally brick it.

Hi amq, I've been using your builds for a while and they work great!

I have a problem though, I'm trying to install luci-qos and since your last build is a bit old I'm not able to (shows a error about kernel version).

I've tried building myself using your script but I can't manage it to work, could you please make an updated build so that I can install luci-qos? (or maybe add that module yourself if you could)

Thanks!

pl3x, okay, I will include QoS in the next build (in about a week).

I'm using TL-WR841N v9 as a WiFi repeater. My main router is TL-WR3600. Every day, when I'm playing PS3 (LAN via TL-WR841N v9) WiFi on repeater goes down, and I have to reset device. Is anyone using TL-WR841N v9 as a bridged WiFi repeater with any success? Unfortunately I can't connect main router and repeater via LAN cable.

I have Gargoyle 1.7 on repeater and 1.6 on main router.

Regarding QoS, there is not enough space. I don't think it's worth messing arround with library striping or cutting out stuff from the profile.

OK, so I use your build on my TL-WR841n v9 and it work great. I establish relayd wifi bridge with my main router 4 days ago, and since than I have played PS3 twice and WiFi never goes down.

Could you include relayd in your next release, cause opkg update lists are not working?

To make OPKG work change the configuration to:

dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /overlay
src/gz chaos_calmer_base http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/base
src/gz chaos_calmer_luci http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/luci
src/gz chaos_calmer_management http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/management
src/gz chaos_calmer_packages http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/packages
src/gz chaos_calmer_routing http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/routing
src/gz chaos_calmer_telephony http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/packages/telephony

(Last edited by amq on 20 Feb 2015, 23:53)

I will make this changes. Thanks for advice.

Any updates on next release?

I have a request... I don't know if this is possible, but a killer feature would be to include an NFS package so that we can network mount the router to a local network server, as a pseudo-memory upgrade. I think if that functionality was added, we could install whatever packages we wanted! Is that doable?

OpenVPN is still broken in trunk.

My current release is proven stable and there have been no super-signifficant changes in trunk, so I won't hurry things up until we get a build which I would use myself.

BTW, I've made over 8 builds in the meantime and each time reverted to the 44077.

Here we go smile

2015-04-21
- r45545
- Added QoS
- Added Reghack
- Removed kernel debugging and USB support

Many thanks for your efforts amq - definitely the best release I have found for this router.

this image is really nice, also bittorrent started to work for me in this version smile

is it possible to add ppp-mod-pptp support?
in no ways I want to push it over you since this release is already awesome, but can you try at least to add it on the script so I can compile it myself? all my efforts have been fruitless (image exceeds size)

marco_silva85, PPTP has been compromised and even Microsoft (the author itself) suggests to move to L2TP, IKEv2, or SSTP
https://technet.microsoft.com/en-us/lib … ty/2743314

You can find the build script in the first post. You will have to install the packages as listed here: http://wiki.openwrt.org/doc/howto/buildroot.exigence. You will also need to additionally install default-jre-headless, java-wrappers, libjargs-java (on ubuntu) to use yuicompressor and closure-compiler.

Everyone: please do not be silent if you find some issue or want to include something that many others would appreciate smile

amq is really nice that you have the concern for security but I know about it. I need PPTP because it's the vpn provided for me so I have no choice.
Do you think it will fit in the remaining 132kB?

btw I tried to install it (ppp-mod-pptp) using Software Management, but it says:

Collected errors:
 * satisfy_dependencies_for: Cannot satisfy the following dependencies for ppp-mod-pptp:
 *     kernel (= 3.18.11-1-317527fb328b694536ee00c07026c22c)
 *     kernel (= 3.18.11-1-317527fb328b694536ee00c07026c22c)
(...) it states this for 10 times total
 *     kernel (= 3.18.11-1-317527fb328b694536ee00c07026c22c)
 * 
 * opkg_install_cmd: Cannot install package ppp-mod-pptp.

Thanks for the directions wink

(Last edited by marco_silva85 on 27 Apr 2015, 17:10)