As I started testing LEDE/OpenWrt in ARV7510PW22 for the first time I noticed it overheats more than accepatble and its WIFI for some reason gets stuck and sometimes gets disabled after a few minutes of usage. At first, I suspected its RaLink Wifi chip but after a few tests it turned out an overheating issue.
With this digital thermometer its CPU reached more than 52°C and was still climbing up.
I grabbed a PC fan rated 12v / 0.13A.
Made an opening in router's back. Glued the fan.
Then I made a power connector with male in one side and female in the other. I didn't want to solder the fan directly in the router's power input.
This router needs 15v / 1.20A. The charger I use is rated 15v / 1.66A. The fan is rated for 12v / 0.13A. So it's better to step down that 15v for the fan and make it 12v.
Ohm's Law to the rescue: (15v - 12v) / 0.13A = 23 Ohms.
However, with 12v it's a bit noisy, so I needed more resistance. I combined a 22 Ohm + 47 Ohm resistor in serial.
And that's all. I'm using it and stressing it under heavy load. So far so good ;)
Jul 8, 2016
May 28, 2016
How to flash ARV7519RW22 with LEDE/OpenWRT
This is a complete howto to use LEDE/OpenWRT on ARV7519RW22
Pre-requirements:
* Pay attention to details. Don't rush up in copying/pasting + some steps are case sensitive !
* UART-to-TTL usb cable.
* Basic soldering skills (you need to do it once)
* GNU/Linux machine (I use Arch Linux) and basic skills using it.
* Usb memory stick formatted with FAT16/FAT32
* Install these packages:
tftp-hpa : tftp server
picocom : terminal emulation program
lrzsz : xmodem, ymodem and zmodem file transfer protocols
to install them in Arch: pacman -Sy tftp-hpa picocom lrzsz
First of all, many thanks to the first OpenWRT/LEDE explorers who have dealt with this router.
You need to solder these pins
Most UART cables come with four connector. Don't connect the one named VCC or 5v.
Only connect GND, RX and TX !!
If not sure, use a multimeter to identify the 5v/VCC connector in your UART cable.
Download these:
uboot.bin - this is the bootloader
lede-arv7519rw22.bin - this is the LEDE (OpenWRT) firmware built May, 27 2016.
lede-arv7519rw22.bin - this is the LEDE (OpenWRT) firmware built June, 20 2016 (rev 750)
lede-arv7519rw22.bin - this is the LEDE (OpenWRT) firmware built July, 03 2016 (rev 865)
After you have soldered those pins, installed required packages and connected the UART usb cable to your Linux machine, open Terminal and issue this command.
I - Making backup of the original firmware
picocom -b 115200 /dev/ttyUSB0
Note: if it tells you you don't have permissions to access /dev/ttyUSB0 then use sudo or associate your user account with the group uucp.
1. Copy this password (ctrl+c or ctrl+shift+c): Oh!123Go
2. As soon as you power up the router quickly hit space bar 3 times
3. When asked for the key/password paste the previously copied password (ctrl+v or ctrl+shift+v)
4. Press !
5. Press j and wait till it finishes booting up
6. Connect a Fat16/32 formatted usb memory stick and wait a few seconds till it gets detected and mounted automatically
7. Type in these instructions one by one followed by enter
cat /dev/mtd0 > /tmp/usb/a1/mtd0.bin
sync
cat /dev/mtd1 > /tmp/usb/a1/mtd1.bin
sync
cat /dev/mtd2 > /tmp/usb/a1/mtd2.bin
sync
cat /dev/mtd3 > /tmp/usb/a1/mtd3.bin
sync
cat /dev/mtd4 > /tmp/usb/a1/mtd4.bin
sync
cat /dev/mtd5 > /tmp/usb/a1/mtd5.bin
sync
cat /dev/mtd6 > /tmp/usb/a1/mtd6.bin
sync
cat /dev/mtd7 > /tmp/usb/a1/mtd7.bin
sync
cat /dev/mtd8 > /tmp/usb/a1/mtd8.bin
sync
cat /dev/mtd9 > /tmp/usb/a1/mtd9.bin
sync
cat /dev/mtd0 > /tmp/usb/a1/mtd0a.bin
sync
cat /dev/mtd1 > /tmp/usb/a1/mtd1a.bin
sync
cat /dev/mtd2 > /tmp/usb/a1/mtd2a.bin
sync
cat /dev/mtd3 > /tmp/usb/a1/mtd3a.bin
sync
cat /dev/mtd4 > /tmp/usb/a1/mtd4a.bin
sync
cat /dev/mtd5 > /tmp/usb/a1/mtd5a.bin
sync
cat /dev/mtd6 > /tmp/usb/a1/mtd6a.bin
sync
cat /dev/mtd7 > /tmp/usb/a1/mtd7a.bin
sync
cat /dev/mtd8 > /tmp/usb/a1/mtd8a.bin
sync
cat /dev/mtd9 > /tmp/usb/a1/mtd9a.bin
sync
8. Now check the signature of the mtd files
md5sum /tmp/usb/a1/mtd*
Every mtdX.bin must have the same signature as mtdXa.bin . Ex: mtd0.bin == mtd0a.bin
if not redo the operation of backing up the original firmware.
After a few seconds, you should get something like:
ltq_phy: addr 0, link 0, speed 10, duplex 0
ltq_phy: addr 17, link 1, speed 100, duplex 1
ltq_phy: addr 18, link 0, speed 10, duplex 0
ltq_phy: addr 19, link 0, speed 10, duplex 0
ltq_phy: addr 20, link 0, speed 10, duplex 0
Using ltq-eth device
TFTP from server 192.168.1.2; our IP address is 192.168.1.1
Filename 'lede-arv7519rw22.bin'.
Load address: 0x81000000
Loading: T #################################################################
#################################################################
#################################################################
#################################################################
#################################################################
#################################################################
#################################################################
##########
1.1 MiB/s
done
Bytes transferred = 6815748 (680004 hex)
..................................................... done
Un-Protected 53 sectors
..................................................... done
Erased 53 sectors
Copy to Flash... 10....9....8....7....6....5....4....3....2....1....done
arv7519rw #
Now power off and power on your router or type reset . You are done ;)
Your router should boot up. Wait till it finish up (it takes 190 seconds the first time, afterwards only 35/45 seconds).
Hit enter to login into LEDE console or browse 192.168.1.1 to do web based config.
IV - Restoring original firmware
What if (for whatever reason) you wanted to return to the original firmware?
As I explained above you should have copied all those mtdX.bin files to a folder and run:
Now that you have that dump.bin
Copy it to the TFTP server folder:
sudo cp -iv dump.bin /srv/tftp/
sudo chmod 644 /srv/tftp/dump.bin
ls -l /srv/tftp/
Set up your wired connection as explained above:
ip link
sudo ip link set enp2s0 down
sudo ip link set enp2s0 up
sudo ip addr flush dev enp2s0
sudo ip addr add 192.168.1.2/24 broadcast 192.168.255.255 dev enp2s0
ip addr show enp2s0
Connect an ethernet cable between you linux machine and the arv7519rw22 router
Connect the UART cable too.
Open a picocom terminal like:
picocom -b 115200 /dev/ttyUSB0
On it type (line by line followed by enter)
tftpboot dump.bin
run write-uboot-nor
reset
That's all !
Pre-requirements:
* Pay attention to details. Don't rush up in copying/pasting + some steps are case sensitive !
* UART-to-TTL usb cable.
* Basic soldering skills (you need to do it once)
* GNU/Linux machine (I use Arch Linux) and basic skills using it.
* Usb memory stick formatted with FAT16/FAT32
* Install these packages:
tftp-hpa : tftp server
picocom : terminal emulation program
lrzsz : xmodem, ymodem and zmodem file transfer protocols
to install them in Arch: pacman -Sy tftp-hpa picocom lrzsz
First of all, many thanks to the first OpenWRT/LEDE explorers who have dealt with this router.
You need to solder these pins
Most UART cables come with four connector. Don't connect the one named VCC or 5v.
Only connect GND, RX and TX !!
If not sure, use a multimeter to identify the 5v/VCC connector in your UART cable.
Download these:
uboot.bin - this is the bootloader
lede-arv7519rw22.bin - this is the LEDE (OpenWRT) firmware built July, 03 2016 (rev 865)
After you have soldered those pins, installed required packages and connected the UART usb cable to your Linux machine, open Terminal and issue this command.
I - Making backup of the original firmware
picocom -b 115200 /dev/ttyUSB0
Note: if it tells you you don't have permissions to access /dev/ttyUSB0 then use sudo or associate your user account with the group uucp.
1. Copy this password (ctrl+c or ctrl+shift+c): Oh!123Go
2. As soon as you power up the router quickly hit space bar 3 times
3. When asked for the key/password paste the previously copied password (ctrl+v or ctrl+shift+v)
4. Press !
5. Press j and wait till it finishes booting up
6. Connect a Fat16/32 formatted usb memory stick and wait a few seconds till it gets detected and mounted automatically
7. Type in these instructions one by one followed by enter
cat /dev/mtd0 > /tmp/usb/a1/mtd0.bin
sync
cat /dev/mtd1 > /tmp/usb/a1/mtd1.bin
sync
cat /dev/mtd2 > /tmp/usb/a1/mtd2.bin
sync
cat /dev/mtd3 > /tmp/usb/a1/mtd3.bin
sync
cat /dev/mtd4 > /tmp/usb/a1/mtd4.bin
sync
cat /dev/mtd5 > /tmp/usb/a1/mtd5.bin
sync
cat /dev/mtd6 > /tmp/usb/a1/mtd6.bin
sync
cat /dev/mtd7 > /tmp/usb/a1/mtd7.bin
sync
cat /dev/mtd8 > /tmp/usb/a1/mtd8.bin
sync
cat /dev/mtd9 > /tmp/usb/a1/mtd9.bin
sync
cat /dev/mtd0 > /tmp/usb/a1/mtd0a.bin
sync
cat /dev/mtd1 > /tmp/usb/a1/mtd1a.bin
sync
cat /dev/mtd2 > /tmp/usb/a1/mtd2a.bin
sync
cat /dev/mtd3 > /tmp/usb/a1/mtd3a.bin
sync
cat /dev/mtd4 > /tmp/usb/a1/mtd4a.bin
sync
cat /dev/mtd5 > /tmp/usb/a1/mtd5a.bin
sync
cat /dev/mtd6 > /tmp/usb/a1/mtd6a.bin
sync
cat /dev/mtd7 > /tmp/usb/a1/mtd7a.bin
sync
cat /dev/mtd8 > /tmp/usb/a1/mtd8a.bin
sync
cat /dev/mtd9 > /tmp/usb/a1/mtd9a.bin
sync
8. Now check the signature of the mtd files
md5sum /tmp/usb/a1/mtd*
Every mtdX.bin must have the same signature as mtdXa.bin . Ex: mtd0.bin == mtd0a.bin
if not redo the operation of backing up the original firmware.
9. Unmount and remove the usb afterwards
umount /tmp/usb/a1
Later, you can generate a full dump from those mtd files in case you want to restore the original firmware.
To do that copy them in a folder on your machine, open Terminal from that folder and run this:
cat mtd0.bin mtd1.bin mtd2.bin mtd3.bin mtd4.bin mtd5.bin mtd6.bin mtd7.bin mtd8.bin mtd9.bin > dump.bin
10. Power down you router and press ctrl+a followed by ctrl+q to quit picocom
II - Replacing the bootloader with U-Boot
! Pay attention to case sensitivity !
1. On your Linux machine, put the uboot.bin file in a folder and start Terminal from that folder.
2. run picocom with Xmodem support like this:
picocom -b 115200 /dev/ttyUSB0 --send-cmd "sx -vv"
3. Copy this password (ctrl+c or ctrl+shift+c): Oh!123Go
as soon as you power up the router quickly hit space bar 3 times
4. When asked for the key/password paste the previously copied password (ctrl+v or ctrl+shift+v)
5. Press !
6. Press U
That's a capital u
7. Press 0
That's a zero
8. Press Y
That's a capital y
9. Then press ctrl+a followed by ctrl+s and write down uboot.bin as filename and hit enter to start sending it
The process will take 2 to 3 mins to complete. Don't interrupt the process !
At the end of it you will get something like this
Xmodem sectors/kbytes sent: 2533/316kRetry 0: NAK on sector
Retry 0: NAK on sector
Retry 0: No ACK on EOT
Transfer incomplete
*** exit status: 128 ***
erase from location B0020000 done
erase from location B0040000 done
Starting to write flash ...write length 0x0004F300
0123456789abcdefghij
Start checking: flash area 0 length 324352 ...Done.
Note: If you are not sure it went well, don't reboot or power off the router, just redo the flashing steps starting from ! as explained above.
10. Now that you probably have flashed the new u-boot, power off then power on your router.
You should get something like:
U-Boot 2014.01-openwrt1 (May 16 2014 - 00:08:52) arv7519rw
Board: Lantiq ARV7519RW VRX200 Family Board
SoC: Lantiq VRX288 v1.2
CPU: 500 MHz
IO: 250 MHz
BUS: 250 MHz
BOOT: NOR
DRAM: 128 MiB
Flash: 32 MiB
*** Warning - bad CRC, using default environment
In: serial
Out: serial
Err: serial
Net: ltq-eth
Hit any key to stop autoboot: 0
Wrong Image Format for bootm command
ERROR: can't get kernel image!
11. Type in this command
printenv
You should get something like this:
addconsole=setenv bootargs $bootargs console=$consoledev,$baudrate
addeth=setenv bootargs $bootargs ethaddr=$ethaddr
addip=setenv bootargs $bootargs ip=$ipaddr:$serverip::::$netdev:off
addmachtype=setenv bootargs $bootargs machtype=arv7519rw
baudrate=115200
bootcmd=bootm ${kernel_addr}
bootdelay=2
consoledev=ttyLTQ1
ethact=ltq-eth
ethaddr=00:01:02:03:04:05
ipaddr=192.168.1.1
load-uboot-nor=tftpboot u-boot.bin
load-uboot-norspl=tftpboot u-boot.ltq.norspl
load-uboot-norspl-lzma=tftpboot u-boot.ltq.lzma.norspl
load-uboot-norspl-lzo=tftpboot u-boot.ltq.lzo.norspl
loadaddr=0x81000000
netdev=eth0
serverip=192.168.1.2
stderr=serial
stdin=serial
stdout=serial
update-uboot-nor=run load-uboot-norspl-lzo write-uboot-nor
write-uboot-nor=protect off 0xB0000000 +$filesize && erase 0xB0000000 +$filesize && cp.b $fileaddr 0xB0000000 $filesize
Environment size: 886/8188 bytes
Keep this picocom terminal open for now and carry on with the below steps.
III - Flashing LEDE firmware
1. Copy lede-arv7519rw22.bin to your tftp server folder:
on Arch:
sudo cp -iv lede-arv7519rw22.bin /srv/tftp/
sudo chmod 644 /srv/tftp/lede-arv7519rw22.bin
ls -l /srv/tftp/
2. Start/restart the tftp server
on Arch or any systemd Linux distro:
sudo systemctl restart tftpd.socket
3. (a boring part)
Connect an ethernet cable between your linux machine and your arv7519rw22 router.
On your linux machine type in terminal:
ip link
you should get something like
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp2s0: mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 00:26:18:36:e0:c3 brd ff:ff:ff:ff:ff:ff
Let's assume enp2s0 is your ethernet card. If not, adjust its name in the following commands.
Setting up a wired connection:
sudo ip link set enp2s0 down
sudo ip link set enp2s0 up
sudo ip addr flush dev enp2s0
sudo ip addr add 192.168.1.2/24 broadcast 192.168.255.255 dev enp2s0
ip addr show enp2s0
Now back to the picocom terminal, copy/paste these lines one by one. Hit enter after each line to validate.
setenv write-openwrt 'tftpboot lede-arv7519rw22.bin && protect off 0xB0080000 +$filesize && erase 0xB0080000 +$filesize && cp.b $fileaddr 0xB0080000 $filesize'
setenv kernel_addr 0xB0080000
saveenv
run write-openwrt
After a few seconds, you should get something like:
ltq_phy: addr 0, link 0, speed 10, duplex 0
ltq_phy: addr 17, link 1, speed 100, duplex 1
ltq_phy: addr 18, link 0, speed 10, duplex 0
ltq_phy: addr 19, link 0, speed 10, duplex 0
ltq_phy: addr 20, link 0, speed 10, duplex 0
Using ltq-eth device
TFTP from server 192.168.1.2; our IP address is 192.168.1.1
Filename 'lede-arv7519rw22.bin'.
Load address: 0x81000000
Loading: T #################################################################
#################################################################
#################################################################
#################################################################
#################################################################
#################################################################
#################################################################
##########
1.1 MiB/s
done
Bytes transferred = 6815748 (680004 hex)
..................................................... done
Un-Protected 53 sectors
..................................................... done
Erased 53 sectors
Copy to Flash... 10....9....8....7....6....5....4....3....2....1....done
arv7519rw #
Now power off and power on your router or type reset . You are done ;)
Your router should boot up. Wait till it finish up (it takes 190 seconds the first time, afterwards only 35/45 seconds).
Hit enter to login into LEDE console or browse 192.168.1.1 to do web based config.
IV - Restoring original firmware
What if (for whatever reason) you wanted to return to the original firmware?
As I explained above you should have copied all those mtdX.bin files to a folder and run:
cat mtd0.bin mtd1.bin mtd2.bin mtd3.bin mtd4.bin mtd5.bin mtd6.bin mtd7.bin mtd8.bin mtd9.bin > dump.bin
Now that you have that dump.bin
Copy it to the TFTP server folder:
sudo cp -iv dump.bin /srv/tftp/
sudo chmod 644 /srv/tftp/dump.bin
ls -l /srv/tftp/
Set up your wired connection as explained above:
ip link
sudo ip link set enp2s0 down
sudo ip link set enp2s0 up
sudo ip addr flush dev enp2s0
sudo ip addr add 192.168.1.2/24 broadcast 192.168.255.255 dev enp2s0
ip addr show enp2s0
Connect an ethernet cable between you linux machine and the arv7519rw22 router
Connect the UART cable too.
Open a picocom terminal like:
picocom -b 115200 /dev/ttyUSB0
On it type (line by line followed by enter)
tftpboot dump.bin
run write-uboot-nor
reset
That's all !
May 27, 2016
LEDE DD for Orange LiveBox 2.1 Arcadyan ARV7519RW22
I started moving and testing LEDE (aka OpenWRT Reboot) as soon as it was announced.
So I started testing some Lantiq routers, one of them is ARV7519RW22.
While ARV7519RW22 is a quite capable router, I started building firmwares for front-facing routers with just the essentials while enabling hardening options at compile time.
This builds have:
* Stack-Smashing Protection enabled (strong)
* Buffer-overflows detection enabled (aggressive)
* RELRO protection enabled (full)
* a few security tweaks here and there
* FPU Emulation enabled
* Dnsmasq with full support (DNSSec)
* Dnscrypt
* LuCi (English & Spanish)
* LuCi QoS
* Curl
* Wifi drivers for Wifi USB dongles (only those supporting N mode: kmod-ath9k-htc, kmod-brcmfmac, kmod-carl9170, kmod-mt7601u, kmod-rt2800-usb, kmod-rtl8192cu)
Download:
So I started testing some Lantiq routers, one of them is ARV7519RW22.
While ARV7519RW22 is a quite capable router, I started building firmwares for front-facing routers with just the essentials while enabling hardening options at compile time.
This builds have:
* Stack-Smashing Protection enabled (strong)
* Buffer-overflows detection enabled (aggressive)
* RELRO protection enabled (full)
* a few security tweaks here and there
* FPU Emulation enabled
* Dnsmasq with full support (DNSSec)
* Dnscrypt
* LuCi (English & Spanish)
* LuCi QoS
* Curl
* Wifi drivers for Wifi USB dongles (only those supporting N mode: kmod-ath9k-htc, kmod-brcmfmac, kmod-carl9170, kmod-mt7601u, kmod-rt2800-usb, kmod-rtl8192cu)
Download:
- r412 (May-26-2016)
Feb 13, 2016
OpenWrt 15.05 for NuCom R5010UNv2
I had two NuCom R5010UNv2 routers laying around for a year, I never had enough time to port OpenWrt to them until a few weeks ago.
I had it almost ready when I stumbled around Danitool patch in Trunk. So, the wise thing to do is just backport it to OpenWrt 15.05 (Chaos Calmer).
These commands would suffice to apply the patch and rebuild it yourself
The weird thing I noticed is one of the two routers gave me a ton of SquashFS read/write errors. I spent many hours trying to figure out the issue until I stumbled around this forum post. It was the CFE (bootloader). I replaced it with Danitool's newer CFE build and everything worked afterwards.
I compiled many revisions and here I share the last one I made.
Built from OpenWrt 15.05 r48666 (Feb 8, 2016) with the following:
Download:
Keep on hacking ;-)
I had it almost ready when I stumbled around Danitool patch in Trunk. So, the wise thing to do is just backport it to OpenWrt 15.05 (Chaos Calmer).
These commands would suffice to apply the patch and rebuild it yourself
git clone git://git.openwrt.org/15.05/openwrt.git cd openwrt git apply nucom06.gitdiff
The weird thing I noticed is one of the two routers gave me a ton of SquashFS read/write errors. I spent many hours trying to figure out the issue until I stumbled around this forum post. It was the CFE (bootloader). I replaced it with Danitool's newer CFE build and everything worked afterwards.
I compiled many revisions and here I share the last one I made.
Built from OpenWrt 15.05 r48666 (Feb 8, 2016) with the following:
- Hardening options turned on mainly:
- GCC format-security
- Regular User+Kernel space Stack-Smashing Protection
- Aggressive buffer-overflows detection
- Full RELRO protection
- Regular Stack Protector buffer overflow detection
- LuCi with SSL support
- Full 3G/4G usb modems support
- WiFi N capable usb dongle support (Atheros/Ralink/Broadcom/Realtek)
- Samba / Transmission (torrent) / Vsftpd-tls
- QoS / VnStat / WonderShaper / DDNS / RelayD
- OpenVPN / SSH Tunnel
- Ext4 / FAT32 / NTFS 3g support + utilities
- Dnsmasq with full support (DHCPv6 / DNSSec / Autho DNS / IPSet) + DNSCrypt
- Richer Busybox
- TCPDump / NMAP / NCat / cURL / wget all with SSL support
- picocom + X/Y/Z-modem support + USB FTDI support
- iperf / iftop / tmux
- some tweaks in /etc/rc.local to harden TCP/IP stack
Download:
- OpenWrt 15.05 r48666 with everything mentioned above.
- OpenWrt 15.05 r48666 with everything mentioned above except that it comes with LuCi instead of LuCi-SSL.
- OpenWrt 15.05 r48666 with 3G/4G support + RelayD + OpenVPN + VnStat + QoS + wShaper + DDNS.
Keep on hacking ;-)
Subscribe to:
Posts (Atom)