Feb 13, 2016

OpenWrt 15.05 for NuCom R5010UNv2

I had two NuCom R5010UNv2 routers laying around for a year, I never had enough time to port OpenWrt to them until a few weeks ago.

I had it almost ready when I stumbled around Danitool patch in Trunk. So, the wise thing to do is just backport it to OpenWrt 15.05 (Chaos Calmer).

These commands would suffice to apply the patch and rebuild it yourself

git clone git://git.openwrt.org/15.05/openwrt.git
cd openwrt
git apply nucom06.gitdiff

The weird thing I noticed is one of the two routers gave me a ton of SquashFS read/write errors. I spent many hours trying to figure out the issue until I stumbled around this forum post. It was the CFE (bootloader). I replaced it with Danitool's newer CFE build and everything worked afterwards.

I compiled many revisions and here I share the last one I made.

Built from OpenWrt 15.05 r48666 (Feb 8, 2016) with the following:

  • Hardening options turned on mainly:
    • GCC format-security
    • Regular User+Kernel space Stack-Smashing Protection
    • Aggressive buffer-overflows detection
    • Full RELRO protection
    • Regular Stack Protector buffer overflow detection
  • LuCi with SSL support
  • Full 3G/4G usb modems support
  • WiFi N capable usb dongle support (Atheros/Ralink/Broadcom/Realtek)
  • Samba / Transmission (torrent) / Vsftpd-tls
  • QoS / VnStat / WonderShaper / DDNS / RelayD
  • OpenVPN / SSH Tunnel
  • Ext4 / FAT32 / NTFS 3g support + utilities
  • Dnsmasq with full support (DHCPv6 / DNSSec / Autho DNS / IPSet) + DNSCrypt
  • Richer Busybox
  • TCPDump / NMAP / NCat / cURL / wget all with SSL support
  • picocom + X/Y/Z-modem support + USB FTDI support
  • iperf / iftop / tmux
  • some tweaks in /etc/rc.local to harden TCP/IP stack
Most of the resource hungry services (Samba/Transmission/etc..) come disabled by default. Re-enabling them is easy when needed.

  • OpenWrt 15.05 r48666 with everything mentioned above.
  • OpenWrt 15.05 r48666 with everything mentioned above except that it comes with LuCi instead of LuCi-SSL.
  • OpenWrt 15.05 r48666 with 3G/4G support + RelayD + OpenVPN + VnStat + QoS + wShaper + DDNS.

Keep on hacking ;-)

Dec 18, 2015

Hardened Builds of Chaos Calmer (15.05) Stable Branch for Yacom Arv4518pw R01A & Yacom Arv7518pw

The other day I suspected one of my routers got messed up in a suspicious way. I couldn't find any proof of an attack but there was no explanation to why the jffs2 partition got corrupted in that way either. I used OpenWrt for years now, not a single incident happened. But this time I've got the feeling that perhaps because I ran something of interest to the guys who tap the network here so maybe someone tried to fiddle with it. Again no proof just suspicions.

Well, alright, time to mount up some defenses.

I wanted to share these hardened builds of Chaos Calmer (15.05) Stable Branch for Yacom Arv4518pw R01A & Yacom Arv7518pw. These builds were built with just the essential parts mainly LuCi & DNSCrypt. I had to remove IPv6 support and Swap Support for Arv4518pw R01A because its flash size is 4MB.

These builds were generated with a focus on security and therefore would be in most cases incompatible with most apps in OpenWrt software repository.

I tried a couple of times building them with grsecurity but no luck. The effort to backport patches from the latest release of grsecurity (currently kernel 4.3.3) to OpenWrt 15.05 kernel 3.18.x is just too much. I'll wait till OpenWrt Trunk and grsecurity coincide then I'll give it another try.

After flashing consider hardening TCP/IP via systctl options and be strict in your firewall config and follow OpenWrt security recommendations and set up DNSCrypt.

I'll probably update this post later for newer Chaos Calmer builds.

OpenWrt 15.05.1 (Chaos Calmer) r49231 (April-26-2016)

OpenWrt 15.05.1 (Chaos Calmer) r49053 (March-20-2016)

OpenWrt 15.05 (Chaos Calmer) r48220 (Jan-12-2016)

OpenWrt 15.05 (Chaos Calmer) r48186 (Jan-10-2016)

OpenWrt 15.05 (Chaos Calmer) r47895 (Dec-18-2015)

Nov 21, 2015

OpenWrt 15.05 for Orange LiveBox 2.1 Arcadyan ARV7519RW22

I managed to generate a OpenWrt 15.05 image for Orange LiveBox 2.1 (Arcadyan ARV7519RW22) because the official one gives a kernel panic due to flash partitioning bugs.

This router supports both VDSL & ADSL and is quite powerful. Full specs here:

  • Synced with Chaos Calmer 15.05 Final (LuCI git-15.248.30277-3836b45)
  • Includes LuCi & default packages as the standard OpenWrt release.
  • Includes VDSL.bin firmware
  • added patches to fix:  VFS kernel panic / VLans switch, Led names/colors, secondary usb.
  • Enabled FPU Emulation

Here you can download it: (Works for both hardware versions R01 VR9 1.1 and R02 VR9 1.2

Note: This image come with VDSL support enabled by default. If you want to use this router with a ADSL line then:

  1. Edit this file:    /etc/config/network
  2. and look for this line   option xfer_mode 'ptm'     and  change it to     option xfer_mode 'atm'


Nov 19, 2015

OpenWrt 15.05 for Yacom Arcadyan ARV4518PW

I managed to generate a OpenWrt 15.05 image for ARV4518PW because the official one gives a kernel panic due to lack of space. The idea here is to get it running while stripping things that can be installed later with Extroot:

I had to do these steps to fit OpenWrt in less than 4 MB of that router total flash memory :

  • Synced with Chaos Calmer 15.05 Final (LuCI git-15.248.30277-3836b45)
  • Disabled IPv6 support (can be restored by installing IPv6 packages mainly luci-proto-ipv6 + odhcp6c)
  • Removed swconfig package (because VLANs support is somehow still buggy. Wiki refs: 1, 2)
  • Removed debugging (useless anyway if you're not a developer)
  • Optimized compiling for size
  • Enabled FPU Emulation
  • Included LuCi
  • Added : USB2 support + Ext4 Filesystem for Extroot + block-mount

The result is an image that fits well in ARV4518PW with 108 KB of free flash space.

Here you can download it (Pay attention to your router hardware version in its back: either R01A or R01):


Note: if you get a VFS not syncing kernel panic then check your router's MTD partitions size and probably you need to reflash a 64kb u-boot with the propre environment parameters.

what follows is just some details as a reference:

List of included packages    
$ opkg list-installed
atm-esi - 2.5.2-5
base-files - 157-r46767
block-mount - 2015-05-24-09027fc86babc3986027a0e677aca1b6999a9e14
br2684ctl - 2.5.2-5
busybox - 1.23.2-1
dnsmasq - 2.73-1
dropbear - 2015.67-1
firewall - 2015-07-27
fstools - 2015-05-24-09027fc86babc3986027a0e677aca1b6999a9e14
hostapd-common - 2015-03-25-1
iptables - 1.4.21-1
iw - 3.17-1
iwinfo - 2015-06-01-ade8b1b299cbd5748db1acf80dd3e9f567938371
jshn - 2015-06-14-d1c66ef1131d14f0ed197b368d03f71b964e45f8
jsonfilter - 2014-06-19-cdc760c58077f44fc40adbbe41e1556a67c1b9a9
kernel - 3.18.20-1-794b781336c70a9d477a86c93fdb83d7
kmod-ath - 3.18.20+2015-03-09-3
kmod-ath5k - 3.18.20+2015-03-09-3
kmod-atm - 3.18.20-1
kmod-cfg80211 - 3.18.20+2015-03-09-3
kmod-crypto-aes - 3.18.20-1
kmod-crypto-arc4 - 3.18.20-1
kmod-crypto-core - 3.18.20-1
kmod-crypto-hash - 3.18.20-1
kmod-fs-ext4 - 3.18.20-1
kmod-gpio-button-hotplug - 3.18.20-1
kmod-ipt-conntrack - 3.18.20-1
kmod-ipt-core - 3.18.20-1
kmod-ipt-nat - 3.18.20-1
kmod-leds-gpio - 3.18.20-1
kmod-ledtrig-usbdev - 3.18.20-1
kmod-lib-crc-ccitt - 3.18.20-1
kmod-lib-crc16 - 3.18.20-1
kmod-ltq-adsl-danube - 3.18.20+
kmod-ltq-adsl-danube-fw-a - 0.1-1
kmod-ltq-adsl-danube-mei - 3.18.20-1
kmod-ltq-atm-danube - 3.18.20-1
kmod-ltq-hcd-danube - 3.18.20-1
kmod-mac80211 - 3.18.20+2015-03-09-3
kmod-nf-conntrack - 3.18.20-1
kmod-nf-ipt - 3.18.20-1
kmod-nf-nat - 3.18.20-1
kmod-nf-nathelper - 3.18.20-1
kmod-nls-base - 3.18.20-1
kmod-ppp - 3.18.20-1
kmod-pppoa - 3.18.20-1
kmod-pppoe - 3.18.20-1
kmod-pppox - 3.18.20-1
kmod-scsi-core - 3.18.20-1
kmod-slhc - 3.18.20-1
kmod-usb-core - 3.18.20-1
kmod-usb-storage - 3.18.20-1
kmod-usb2 - 3.18.20-1
libblobmsg-json - 2015-06-14-d1c66ef1131d14f0ed197b368d03f71b964e45f8
libc -
libgcc - 4.8-linaro-1
libip4tc - 1.4.21-1
libip6tc - 1.4.21-1
libiwinfo - 2015-06-01-ade8b1b299cbd5748db1acf80dd3e9f567938371
libiwinfo-lua - 2015-06-01-ade8b1b299cbd5748db1acf80dd3e9f567938371
libjson-c - 0.12-1
libjson-script - 2015-06-14-d1c66ef1131d14f0ed197b368d03f71b964e45f8
liblua - 5.1.5-1
libnl-tiny - 0.1-4
libpthread -
libubox - 2015-06-14-d1c66ef1131d14f0ed197b368d03f71b964e45f8
libubus - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
libubus-lua - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
libuci - 2015-04-09.1-1
libuci-lua - 2015-04-09.1-1
libxtables - 1.4.21-1
linux-atm - 2.5.2-5
ltq-adsl-app -
lua - 5.1.5-1
luci - git-15.248.30277-3836b45-1
luci-app-firewall - git-15.248.30277-3836b45-1
luci-base - git-15.248.30277-3836b45-1
luci-i18n-base-en - git-15.248.30277-3836b45-1
luci-i18n-firewall-en - git-15.248.30277-3836b45-1
luci-lib-ip - git-15.248.30277-3836b45-1
luci-lib-nixio - git-15.248.30277-3836b45-1
luci-mod-admin-full - git-15.248.30277-3836b45-1
luci-proto-ppp - git-15.248.30277-3836b45-1
luci-theme-bootstrap - git-15.248.30277-3836b45-1
mtd - 21
netifd - 2015-06-08-8795f9ef89626cd658f615c78c6a17e990c0dcaa
odhcpd - 2015-05-21-2ebf6c8216287983779c8ec6597d30893b914a7c
opkg - 9c97d5ecd795709c8584e972bfdf3aee3a5b846d-7
ppp - 2.4.7-6
ppp-mod-pppoa - 2.4.7-6
ppp-mod-pppoe - 2.4.7-6
procd - 2015-08-16-0da5bf2ff222d1a499172a6e09507388676b5a08
procd-nand - 2015-08-16-0da5bf2ff222d1a499172a6e09507388676b5a08
rpcd - 2015-05-17-3d655417ab44d93aad56a6d4a668daf24b127b84
ubi-utils - 1.5.1-2
ubox - 2015-07-14-907d046c8929fb74e5a3502a9498198695e62ad8
ubus - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
ubusd - 2015-05-25-f361bfa5fcb2daadf3b160583ce665024f8d108e
uci - 2015-04-09.1-1
uhttpd - 2015-08-17-f91788b809d9726126e9cf4384fedbbb0c5b8a73
uhttpd-mod-ubus - 2015-08-17-f91788b809d9726126e9cf4384fedbbb0c5b8a73
usign - 2015-05-08-cf8dcdb8a4e874c77f3e9a8e9b643e8c17b19131
wpad-mini - 2015-03-25-1


$ df -h
Filesystem                Size      Used Available Use% Mounted on
rootfs                  320.0K    212.0K    108.0K  66% /
/dev/root                 3.0M      3.0M         0 100% /rom
tmpfs                    29.9M    308.0K     29.6M   1% /tmp
/dev/mtdblock5          320.0K    212.0K    108.0K  66% /overlay
overlayfs:/overlay      320.0K    212.0K    108.0K  66% /
tmpfs                   512.0K         0    512.0K   0% /dev
$ cat /proc/mtd 
dev:    size   erasesize  name
mtd0: 00010000 00002000 "uboot"
mtd1: 00010000 00010000 "uboot_env"
mtd2: 003d0000 00010000 "firmware"
mtd3: 001165fb 00010000 "kernel"
mtd4: 002b9a05 00010000 "rootfs"
mtd5: 00050000 00010000 "rootfs_data"
mtd6: 00010000 00010000 "boardconfig"


Mar 1, 2015

Flashing Yacom Arcadyan ARV4518PW with OpenWRT 14.07 / 12.09

Arcadyan ARV4518PW Router also known as SMC-7908-ISP is one of the few routers with Lantiq SoC capable of connecting to the Internet with their integrated xDSL modem.

There are guides and HowTos explaining how to flash this router with OpenWRT. A UART USB-to-TTL cable is a must to flashing.

Here is a recap for all the steps.
1. backup your routers original firmware and wifi calibaration data.
2. flash the bootloader u-boot.
3. from u-boot, we will issue commands to download and install OpenWRT into the flash.


1. Backup your router's firmware & WiFi calibration data

You will need a Serial Communication software like Putty, CuteCom or Screen installed on Linux.

Then need to get BrnDumper from here. (Works reliably on a 32bits Linux)

Connect your UART cable.

Open Terminal and issue:

screen /dev/ttyUSB0 115200

Power up your router

when text starts showing up on Terminal, hit spacebar 3 times

then hit  !  and quit  screen

now open another Terminal Tab/Window and run brndumper as follow:

sudo ./brndumper --port=/dev/ttyUSB0

and do a full dump and a Wifi calib data dump.
from  $b0000000  to  $b0400000 -> full dump
from  $b03F0000  to  $b0400000 -> wifi calib data dump

it's going to take approx 30mins.

2. flash the bootloader u-boot

when it finishes, power off the router. Start CuteCom or a Serial Comm software capable of sending files using XModem and change its Input Mode to "No Line End".

Power on the router. When the text starts showing up hit spacebar 3 times then hit respectively:


Then send u-boot file via XModem

When it's done restart the router

3. Installing OpenWRT from u-boot

Install a TFTP Server. Download either of these OpenWRT images, rename it to ARV4518PW-squashfs.image and put it into tftp folder.

Note: these images are custom compiled and patched to fix Wifi on 12.09 and let them fit well on the 4MB of flash while having extra drivers (USB2, Ext4, USB Storage) and still have enough free space to do other things.

Connect a network cable to the router, set a static ip like, i.e:

ifconfig eth0 netmask up

the ip address came from the output values of  printenv  which you can issue from CuteCom.

From CuteCom issue:

setenv kernel_addr 0xb0020000


run update_openwrt

when it finish, issue:



Feb 28, 2015

Flashing Movistar Zyxel P870HNU-51B with OpenWRT 14.07

With enough coffee I managed to compile OpenWRT 14.07 for Zyxel P870HNU-51B distributed by Movistar.

It was the first time I ported a new router to OpenWRT. I learned a lot. Here are some references:
This router is the successor of ZyXEL P-870HW-51a and have almost the same hardware specs as ZyXEL P-870HN-5xb but with a 16MB of flash memory instead of 8MB. It's a VDSL-Only router.

  • Original Movistar Firmware (.bin file) or if needed, the original installable assistant (.exe) which includes that .bin file in its installation folder)
  • OpenWRT 14.07 (r42625) with LuCI, 3G Modems Support, RelayD, IPv6, NTFS-3G, vFat, Ext4, USB v2, USB 1.1 OHCI, usb-storage-extras, block-mout, fdisk, Kernel with FPU +  Drivers for USB Wifi Cards (ath9k-htc, brcmfmac, carl9170, libertas-usb, zd1201, zd1211rw, p54-usb, rt2500-usb, rt2800-usb, rt73-usb, rtl8187, rtl8192ce/cu/de/se)
  • A lighter OpenWRT 14.07 (r42625) with LuCI, 3G Modems Support, RelayD, IPv6, NTFS-3G, vFat, Ext4, USB v2, USB 1.1 OHCI, usb-storage-extras, block-mout, fdisk, Kernel with FPU. [WITHOUT] the extra USB Wifi cards support
  • A patch for Barrier Breaker if you need to compile it yourself.
  • OEM Bootlog if needed
  • OEM extra info if needed
  • OpenWRT Bootlog if needed

Flashing either from:
  • Router's web interface: Maintenance > Tools > Firmware
  • CFE (powering up the router while pressing the reset button a few seconds then access CFE web interface  your OS needs a static network config)
  • Serial UART (USB-to-TTL) from CFE Bootloader. issue ATUR. Then send the firmware via XModem
  • tftp from telnet. login with 1234/1234. then issue sh to get a busybox shell, then: tftp -g -t i -f zz112BKW0b11.bin    or   tftp -g -t i -f openwrt-P870HNU-51b-squashfs-cfe.bin  (but you need to have a tftp server set up first)

The router is stable and running well. However:
  • This router's WIFI works only with b43 or with the proprietary driver, not with brcmsmac.
  • LEDs are working except for USB. I couldn't find its GPIO. Also, Lan LEDs  become on only if the cables were already attached when the router was booting up.

Enjoy it. 

Feb 18, 2015

Flashing DLink DSL-524T and DSL-G624T with OpenWRT 14.07

DLink DSL-524T my first experience with a router that was able to connect to the Internet using OpenWRT. Its integrated DSL modem is fully support under OpenWRT. Later I bought DLink DSL-G624T which has the same hardware spec as DSL-524 but with an integrated wireless mini-pci card which is while supported offers no WPA/WPA2 encryption, only WEP which is insecure.

Both work great under OpenWRT 10.03.1 but not under 12.09 which feels slower and not under 14.07 which while feels snappier consumes all the 4MB of flash memory.

Well, today I've got some time to build a lightweight OpenWRT 14.07 for both DSL-524T and DSL-G624T.

The installation steps are documented for both.

As reference, these are the steps I did.
# under root or using sudo

echo 0 > /proc/sys/net/ipv4/tcp_frto

# just a second or two after the router is powered up

ftp -n

user adam2

# adam2 as a password also

quote "SETENV mtd1,0x90010000,0x903f0000"




put "openwrt-ar7-generic-squashfs.bin" "openwrt-ar7-generic-squashfs.bin mtd1"

quote REBOOT


Notes: While both DSL-524T and DSL-G624T ran OK under 14.07 you should go easy with LuCi as 16MB of ram is really the minimum requirement. After setting things up consider disabling LuCi for better performance. A /etc/init.d/luci disable would suffice.

A USB-to-UART (USB-to-TTL) cable is not necessary but  would be helpful in case you want to know what happens while flashing it or setting it up.

Red is GND, Green is RX and White is TX

Usually you need to setup CuteCom or Putty to 38400 baud, 8 bit, no parity, 1 stop bit. Serial (/dev/ttyUSB0)

Jan 30, 2015

Flashing Movistar Zyxel P870HW-51Av2 with OpenWRT 14.07

Movistar Zyxel P870HW-51Av2 is a VDSL only router which isn't good for where I live but has a good CPU (BCM4350 V3.1 / 400MHz) and an acceptable amount of RAM (32MB) but with a limited flash space (4MB). However, it can get flashed with OpenWRT 14.07.

This router has CFE bootloader which makes flashing OpenWRT very easy using just a web browser. However, I wasn't able to trigger it by pressing Reset button for a few seconds during power on.

The trick to trigger CFE it is by flashing Zyxel unbranded firmware first using web admin console at

After it finishes, flash this corrupted firmware like above to brick it and get CFE prompt afterwards.

When it get bricked you have to set a static IP for your PC (i.e: / and then access

Get openwrt-P870HW-51a_v2-squashfs-cfe.bin from here and flash it. That's all

Just as a reference, I flashed the wrong firmware by accident and it became stuck in a boot loop. I had to try to unbrick it using a USB-to-TTL.

Red is GND ; Green is RX ; White is TX

This was the first time I interact with Zyxel ZLD command prompt. Unbricking was easy. just:




then I sent this file via XModem (using CuteCom under GNU-Linux or TeraTerm under Windows)

Sep 24, 2008

How To Install PostgreSQL And phpPgAdmin Support In XAMPP

!! This article was written years ago and probably irrelevant today !!

XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl, plus many additional modules. The whole package is well integrated and can save a lot of time and hassle for the inexperienced web developer. It's available on four platforms Windows, GNU/Linux, Mac OS X and Solaris which gives a lot practical benefit to those who use it.

PostgreSQL is a well known database that may be more suitable for some tasks or workloads than others. phpPgAdmin is a web-based administration tool for PostgreSQL, exactly as phpMyAdmin for MySQL.

1. Install PostgreSQL and phpPgAdmin in Windows :

1.1 Install PostgreSQL
Assuming you have already download and installed XAMPP into c:\XAMPP, go and get the latest version of PostgreSQL for Windows. Download the version with the installer, not the one with only binaries.

Usually, it's a .zip package, extract it and install Microsoft Visual C++ 2005 redistributable vcredist_x86.exe first!

Now, double-click postgresql-8.3.msi, choose your install language, then have a look at installation notes as you may find useful info there.

Change the default install folder to c:\xampp\pgsql
The default install options in the following step are OK, but select everything you are unsure.

Enter a password for the user account "postgres" and leave everything as is in Service Configuration, then proceed to the next step. (You will need that password for future upgrades)

In Initialize Database Cluster:
  • Enable "Accept connections on all addresses, not just localhost" if you want.
  • Choose a different Encoding for both Server and Client (i.e: UTF8 for unicode support)
  • Enter a password for the DB administrator account "postgres".
Proceed as PL/pgsql is enabled by default in Procedural Langauges, then select Contrib Modules you want (select everything if you are unsure). Click on Install.

1.2 Install phpPgAdmin
Go and get the latest phpPgAdmin zip package and extract it into C:\xampp\phpPgAdmin\ . Make sure the files and folders extracted are in that folder, not within another sub-folder.

Then open "config.inc.php" found in C:\xampp\phpPgAdmin\conf\ and set "extra_login_security" to false
$conf['extra_login_security'] = false;

Now, open c:\xampp\php\php.ini and make sure "extension=php_pgsql.dll" is uncommented

Finally, open c:\xampp\apache\conf\extra\httpd-xampp.conf and in section <IfModule mime_module> add
Alias /phppgadmin "c:/xampp/phpPgAdmin/"
<Directory "c:/xampp/phpPgAdmin">
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all

That's all, you can now access phpPgAdmin from your web browser with http://localhost/phppgadmin/

  • For more info about PostgreSQL Installer visit http://pginstaller.projects.postgresql.org/FAQ_windows.html
  • You may use Stack Builder shipped with PostgreSQL to add new functionalities.
  • Visit the phpPgAdmin FAQ for any further info http://phppgadmin.sourceforge.net/?page=faq

For Ubuntu Linux users I recommend this article.