Uptime Robot ratio (30 days)      
v2019.10.139
 11

☕ OpenWrt with latest NodeJs for Linksys WRT

Info 

The main reason is to be able to use the latest NodeJs for Linksys WRT (the default NodeJs is old) and the crypto accelerator.

Also, a docker container with all the firmwares and packages are in /build/source/bin @
https://hub.docker.com/r/patrikx3/openwrt-insomnia

For building, for Docker, the host should be Debian, as I had issues with building on Ubuntu host and Docker Debian container.

Crypto accelerator 

Since OpenWrt 19, the crypto accelerator is enabled by default. This speeds up for example OpenVPN a lot.

https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators

To enable, you have to append to the /etc/ssl/openssl.cnf, this text:

[default]
openssl_conf=openssl_def

[openssl_def]
# this is the main library configuration section
engines=engine_section

[engine_section]
# this is the engine configuration section, where the engines are listed
devcrypto=devcrypto_section

[devcrypto_section]
# this is the section where the devcrypto engine commands are used
CIPHERS=ALL
DIGESTS=NONE

You can verify 

Not enabled:

root@hawk:~# openssl engine -t -c
(dynamic) Dynamic engine loading support
     [ unavailable ]

Enabled:

root@hawk:~# openssl engine -t -c
(dynamic) Dynamic engine loading support
     [ unavailable ]
(devcrypto) /dev/crypto engine
 [DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192-CBC, AES-256-CBC, AES-128-ECB, AES-192-ECB, AES-256-ECB]
     [ available ]

There are at least about 7500 packages built for Linksys WRT.

  • Enabled Apache HTTP2
  • Enabled NGINX HTTP2
  • NodeJs latest version and many pre-built packages (including binaries)

See what is in create from scratch.

Routers pre-built 

If you want to install right away with LUCI: https://cdn.corifeus.com/openwrt/

The release 

  • Linksys WRT1900ACS / Linksys WRT3200ACM / Linksys WRT32X
    • For Linksys the firmwares that start with insomnia worth trying, because you can use latest NodeJs.
    • https://cdn.corifeus.com/openwrt/ or specific version eg. https://cdn.corifeus.com/openwrt/19.07.0-rc1/targets/mvebu/cortexa9/
      • If you get the error The uploaded image file does not contain a supported format. Make sure that you choose the generic image format for your platform., you have to do it via SSH with sysupgrade -F FIRMWARE, then it works.
      • If you have a bricked firmware, you need a USB-TTL. Linksys USB-TTL.
      • Error code: 18005
        • When trying to install a firmware image, I get the following error:
          • Error code: 18005, Upgrade unsuccessfully because the version of the upgraded file was incorrect. Please check the file name.
        • Solution: Rename the firmware image to something short, like e.g. factory.bin

If you want some of the packages 

/cgi-bin/luci/admin/system/packages/ipkg

Linksys WRT or compatible alike mvebu / arm 9 (arm_cortex-a9_vfpv3) 

What is very useful is (many NodeJs built packages as well as binary builds):

src/gz openwrt_node http://cdn.corifeus.com/openwrt/19.07.0-rc1/packages/arm_cortex-a9_vfpv3/node

The rest, you can find on OpenWrt as well, so you do not need it:

src/gz openwrt_core http://cdn.corifeus.com/openwrt/19.07.0-rc1/targets/mvebu/cortexa9/packages
src/gz openwrt_base http://cdn.corifeus.com/openwrt/19.07.0-rc1/packages/arm_cortex-a9_vfpv3/base
src/gz openwrt_luci http://cdn.corifeus.com/openwrt/19.07.0-rc1/packages/arm_cortex-a9_vfpv3/luci
src/gz openwrt_packages http://cdn.corifeus.com/openwrt/19.07.0-rc1/packages/arm_cortex-a9_vfpv3/packages
src/gz openwrt_routing http://cdn.corifeus.com/openwrt/19.07.0-rc1/packages/arm_cortex-a9_vfpv3/routing
src/gz openwrt_telephony http://cdn.corifeus.com/openwrt/19.07.0-rc1/packages/arm_cortex-a9_vfpv3/telephony

Signatures 

If you do not want to have the hassle, there are multiple solutions below. 

If you use an insomnia firmware, then you are done, but if you want one or more feeds from a non insomnia firmware, your router still needs a verified signature.

If you just use one or a few feeds non insomnia firmware, your router needs a signature 

You can enable foreign keys from this directory:
https://github.com/patrikx3/openwrt-insomnia/tree/master/image-builder-files/etc/opkg/keys to

 /etc/opkg/keys

Option 2 

The easiest solution I know is via LUCI :
http://192.168.1.1/cgi-bin/luci/admin/system/packages/ipkg

In the Configuration tab, comment like this:
#option check_signature 1

Option 3 manual with SSH 

You can also set it up via SSH as:

root@digi:~# cat /etc/opkg.conf
dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /overlay
#option check_signature 1

Just edit there, nano is installed, just comment the option check_signature 1 as it shows above.

Ext-root issue 

Based on the OpenWrt forum discussions, after sysupgrade, the ext-root has to be re-built, no other solution.

Wifi and WPS Issue 

It is only working, if only these are built in the firmware: hostapd-common wpad-mini, nothing other like that. If not, it will not work. WPS info.

Docker 

Requirements 

Docker CE

For your workstation you don't really NodeJs, but my Travis, Scrutinizer and my auto generated web sites are required...

This is a OpenWrt Docker builder and a living Docker repo as well, ready to build, a lot already built. (A big image / full firmware, the most important packages are built. Ready to use.)

Changing the firmware pre-built, so the build will be fast!!! 

All the latest stable OpenWrt versions.

  • docker pull patrikx3/openwrt-insomnia:linksys-wrt
  • RAW
    • docker pull patrikx3/openwrt-insomnia:latest

You run them, but these here, the built is in: http://cdn.corifeus.com/openwrt/19.07.0-rc1 , all the built packages and firmwares in /build/source/bin, you move to a host, install the firmware and you are done, because in the insomnia firmwares there is a lot in, but this is the default, so you need to change your own hostname here: http://192.168.1.1/cgi-bin/luci/admin/system/packages/ipkg at Configuration tab. If you do not want to build at all you can choose to your host

All built packages and firmwares including the insomnia firmwares are in /build/source/bin.

README about how I build the firmwares in order

My repos 

https://hub.docker.com/r/patrikx3/openwrt-insomnia/tags/

https://cdn.corifeus.com/openwrt/

Linksys WRT Radar Detection 

Tested on WRT1900ACSv2 and WRT3200ACM, works.
README

Ext-Root 

README

README

Docker commands 

README

Create packages, not neeed anymore 

My first package

Use Fail2Ban on your router 

Fail2Ban though is for DDWRT, but it is the same to set it up with OpenWrt with some changes, if you need info, I can give you, just it is mine private git server because of passwords.

Create from scratch 

README

Copy configs 

README

Firmware sizes 

README

WPS 

README

Packages and patches 

README

Linksys WRT 3200ACM 160 Mhz 

README

Linksys USB-TTL 

README

Linksys WRT 3200ACM / WRT32X 

For some reason it needs this:

# based on this https://truica-victor.com/dhcp-packet-received-eth0-2-address/
echo "except-interface=eth1.2" >> /etc/dnsmasq.conf
openwrt Insomnia
onenoteGithub onenoteredis-uiGithub redis-uiangular-compileGithub angular-compilegitlistGithub gitlistramdiskGithub ramdiskfreenomGithub freenomopenwrt-insomniaGithub openwrt-insomniadocker-debian-testing-mongodb-stableGithub docker-debian-testing-mongodb-stableredis-ui-serverGithub redis-ui-serversystemd-managerGithub systemd-managerverdaccio-cliGithub verdaccio-clicorifeusGithub corifeuscorifeus-app-web-pagesGithub corifeus-app-web-pagesredis-ui-materialGithub redis-ui-materialcorifeus-web-materialGithub corifeus-web-materialhtml-pdfGithub html-pdfgrunt-p3x-expressGithub grunt-p3x-expressxml2jsonGithub xml2jsoncorifeus-app-server-patrikx3Github corifeus-app-server-patrikx3corifeus-builderGithub corifeus-buildercorifeus-builder-angularGithub corifeus-builder-angularcorifeus-utilsGithub corifeus-utilscorifeus-webGithub corifeus-webfortune-cookieGithub fortune-cookietoolsGithub tools