OpenWrt Forum Archive

Topic: TP-Link TL-WR841N(D) Extended Build [all versions] LEDE Reboot

The content of this topic has been archived between 29 Mar 2018 and 15 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
amq
4 Dec 2016, 17:28

http://i.imgur.com/3xdOmT1.png

Sharing a custom build I've created for my own use:

  • LEDE Reboot

  • LuCI with https

  • IPv6 and PPPoE

  • MiniUPnP

  • OpenVPN with mbed TLS

  • QoS

  • DDNS

  • Wget with https

  • Reghack (WiFi channels 12 and 13)

  • Minified LuCI's CSS and JS

  • Compiled with GCC 6.3

  • Removed kernel debugging

  • Nothing else has been touched. Basically, it is a 'make defconfig' + profile + the mentioned above

  • Free ROM: 76 KB

  • OpenVPN AES-128-CBC speed: 12Mbs/12Mbs (measured on v8 downloading ubuntu via a torrent)

Download firmware:
dropbox

Build script:
github

Supported devices:
tl-wr841n-v1.5
tl-wr841n-v3
tl-wr841n-v5
tl-wr841n-v7
tl-wr841n-v8
tl-wr841n-v9
tl-wr841n-v10
tl-wr841n-v11

Changelog:

2017-02-25
- r3218-bf53a83 (17.01 branch)
- Added https for LuCI

2017-01-31
- r3198-74ea99b
- Added DDNS
- Added libustream-mbedtls (https support for wget)

2016-12-25
- r2672-9998bc5
- Added QoS
- Upgraded mbed TLS from 1.x to 2.x
- Compiled with GCC 6.3 instead of 5.4
- Increased squashfs4 block size from 256 to 1024
- Disabled debugfs
- Enabled sstrip to further reduce the size

2016-12-04
- r2400-abedd71
- Initial release

How to achieve the same build with the 'menu makeconfig' interface

1. rm .config .config.old
2. make defconfig
3. make menuconfig
(use space to select, make sure you see a star after a selection, not an M; use esc to go back)

_Target Profile - TP-LINK TL-WR841N/ND

Enable:
_LuCI - Collections - luci
_LuCI - Applications - luci-app-upnp
_LuCI - Applications - luci-app-openvpn
_LuCI - Applications - luci-app-qos
_Network - VPN - openvpn-mbedtls
_Advanced configuration options (for developers) - Toolchain options - GCC compiler Version - gcc 6.x
_Global build settings - Strip unnecessary exports from the kernel image, Strip unnecessary functions from libraries

Disable:
_Global build settings - Enable support for printk, Crash logging, Support for paging of anonymous memory (swap), Compile the kernel with debug filesystem enabled, Compile the kernel with symbol tables information, Compile the kernel with debug information, Compile the kernel with SysRq support, Enable printk timestamps
_Kernel modules - Wireless Drivers - kmod-ath9k - Support for Ubiquiti Unify Outdoor+
_Kernel modules - Wireless Drivers - kmod-mac80211 - Export mac80211 internals in DebugFS
_Kernel modules - Wireless Drivers - kmod-ath - Force Atheros drivers to respect the user's regdomain settings

OpenVPN setup guides:
https://blog.ipredator.se/howto/openwrt … enwrt.html
https://www.robertkehoe.com/2015/08/set … g-openwrt/

(Last edited by amq on 25 Feb 2017, 02:21)

Post #2
marco_silva85
4 Dec 2016, 18:34

Stable? Which are the main differences from the OpenWRT build?

Post #3
amq
4 Dec 2016, 19:00

marco_silva85, the only functional difference compared to my latest OpenWRT build is the removed DNSCrypt package (not enough space).

Everything else is the same, you can even upgrade while keeping your settings.

So far it is completely stable for me.

(Last edited by amq on 4 Dec 2016, 19:02)

Post #4
stangri
4 Dec 2016, 22:57
amq wrote:

Sharing a custom build I've created for my own use:

  • OpenVPN with mbed TLS

How did you achieve this? I've been interested in OpenVPN-mbedtls for a while.

Post #5
amq
5 Dec 2016, 16:18

OpenVPN with mbed TLS = openvpn-polarssl

Post #6
stangri
5 Dec 2016, 22:12
amq wrote:

OpenVPN with mbed TLS = openvpn-polarssl

Uhm, no. There's a difference between mbedtls and polarssl.

Post #7
slh
5 Dec 2016, 22:58

mbedtls is the successor (== a newer (major-) version) of polarssl, as such polarssl needs to be phased out naturally, due to API changes, this will take a while until completion.

(Last edited by slh on 5 Dec 2016, 22:59)

Post #8
stangri
6 Dec 2016, 02:59
slh wrote:

mbedtls is the successor (== a newer (major-) version) of polarssl

I'm perfectly aware of that. That's why I said mbedtls != polarssl. You should correct your original post.

Post #9
amq
6 Dec 2016, 11:35 
PKG_NAME:=polarssl
SRC_PKG_NAME:=mbedtls
PKG_VERSION:=1.3.18

https://github.com/lede-project/source/ … l/Makefile

So it *is* mbed TLS, just a previous branch (1.x vs the latest 2.x). There is no such thing as PolarSSL anymore.

OpenVPN seems to support 2.x already, so a package in OpenWRT / LEDE is probably not far away.

Post #10
julianocs
8 Dec 2016, 11:29

Thanks a lot, amq.

Installed yesterday on all my routers and everything is working.

Post #11
julianocs
8 Dec 2016, 15:21

Hi amq.

It´s possible include SQM on your release?
Or there isn´t enough space on the router?

Thanks.

(Last edited by julianocs on 8 Dec 2016, 15:22)

Post #12
amq
10 Dec 2016, 16:52

julianocs, there is not enough space for sqm or qos.

Post #13
julianocs
11 Dec 2016, 21:03

Hum, ok amq...

Another question: Do you know if i uninstall VPN, there will be enough space to install SQM or QoS?
Or it will be necessary to recompile a new "clean" build?

Thanks.
Juliano

Post #14
amq
12 Dec 2016, 12:34

You need to recompile the image to remove packages.

Post #15
deuteragenie
20 Dec 2016, 16:21

Very nice!

Maybe you could have a look at the GCC initify plugin.
Also, GCC - Os might be helpful, as well as switching to GCC 6.x

I am not sure what parameters are used for squashfs.
lzma2 with block size of 1024 kb appear to be giving the best compression ratio.
Edit: I checked the LEDE source code and it recently switched to lzma2 - the patch seems to be trivial to apply.

Would love to see QoS back smile

(Last edited by deuteragenie on 22 Dec 2016, 12:27)

Post #16
KREAT0R
23 Dec 2016, 19:29
deuteragenie wrote:

Would love to see QoS back smile

+1

vpn is useless for me.

Post #17
amq
25 Dec 2016, 17:27

New build is up, includes QoS smile

Post #18
julianocs
26 Dec 2016, 07:21

Thanks a lot amq !

Installed now and everything is working 100% !
Can you tell me if it is possible to include or install luci ddns client in your build?

Regards.

(Last edited by julianocs on 26 Dec 2016, 07:21)

Post #19
julianocs
26 Dec 2016, 18:14

Hi.

Tried to install now using luci, not enough space. sad

Amq, I'm being much boring if i request to you include ddns in your next build? smile Or help-me how to install? 

Regards.

(Last edited by julianocs on 26 Dec 2016, 21:54)

Post #20
evgeneys
5 Feb 2017, 16:07

Hi guys. You will see the firmware version of the 841 to change the memory up to 8 mb? Preferably with USB support? Maybe someone will make it? Thanks.

Post #21
amq
25 Feb 2017, 02:21

New build is up. 17.01 stable branch + https for LuCI

Post #22
evgeneys
25 Feb 2017, 13:48

OPKG dont work? In the original version LEDE, at tl-841 v5, opkg do not install the packages.

Post #23
KREAT0R
26 Feb 2017, 13:02

My 841nd v5 bricked with 2017-02-25 (sysupgrade) from 2017-01-31 (without "Keep settings")

=(

EDIT: unbricked via Serial console with RS232 TTL

i.imgur.com/Qpg70LP.png

EDIT2: im use 2017-02-25 factory.bin (from TPLINK firmware) and all ok.

(Last edited by KREAT0R on 27 Feb 2017, 22:56)

Post #24
isaak.78
19 Mar 2017, 01:52

841nd v9 bricked on sysupgrade with "Keep settings"
unbricked via firmware transfer in TFTP

upgrade r3218 squashfs-factory and all ok.

Thanks

Post #25
jpricacho27
11 Jul 2017, 13:33

May I know how did you manage to add ht tp-proxy-option EXT1 in OpenVPN config? Other OpenVPN packages i've used does not support that option I am getting a Bad ht tp-proxy-option or missing parameter error. Thank you