hi mincaeuro, I dont use AdGuard, but i can instal it. Can you please write me how can I block those China addresses: * .API.MIWIFI.com, BAIDU.com and TAOBAO.com or where i can find it in the program and block.
I have both the Xiaomi and Redmi ax1800 routers, and keep replacing them with eachother when I get tired of the problems of the actually used one. Now I just feel having enough of both of them.
Living in 2022 March, is there any best buy around? I mean actual openwrt in sight, enough RAM, whatever? I don't insist purchasing Xiaomi/Redmi, though I have no illusions about the quality of stock firmware of other vendors, either.
Also, could you explain in more details "The AX6S seems to be getting oficial support"? Isn't it the same crap with 256MB RAM, like the ones in this topic?
Thank you
It a completely different platform and uses an open source wireless driver/firmware.
Yes, that I do agree.
That part is really the same (e.g. both drivers being open source and their firmware being closed source). Actually, at least for ath10k we even have a third party (Candelatech) which does have access to the firmware sources and provides a somewhat more open source friendly integration.
That said, I do agree, that, luckily, the MediaTek stuff just works somewhat better right now while ath11k still requires more integration work.
1 Like
hi mincaeuro,I understand from your statement that there is nothing to worry about with this sending data to China by router AX1800?
you can have the same question about you iPhone sending data to US gov, what's the difference ?
2 Likes
The difference is probably a court order, where the latter isn't required in the Xiaomi case.
The thread where the download links for the Chinese and Global version are is down, do you have another link? I have a global AX1800 and want to flash the chinese firmware to enable ssh.
Thank you so much for your help, bellcow. Don't know why i couldn't view the thread.
If I wanted to flash Blaze's patched FW on Windows on a virgin AX1800 router all I have to do is follow these steps below, right?:
- Flash any vulnerable and original (signed) Chinese AX1800 FW from the WEB UI.
- Get temporal SSH access with the STOK token method
- Log in into the router via SCP using WinSCP and copy the patched global FW and xqflash to the /temp folder inside the router.
- Connect through SSH using PuTTy and run the second-step commands from Blaze's post to flash the custom FW.
- Hard-reset the router pressing the button at the back with a clip.
Or do I need to first get on a Linux machine and manually flash Blaze's FW using ubiformat after the third step in my post?
Thank you all and you, Blaze.
I'm sorry for being sceptical, but can you verify shasums of the firmware you posted and upload it somewhere else?
Your account is new, and with what's happening here in Europe right now, I don't think anyone should download anything from russian-based filehosts. Especially if it's a firmware that someone will be running on firewall that has full WAN access.
1 Like
You can download the latest vulnerable stock firmware directly from Xiaomi: https://cdn.cnbj1.fds.api.mi-img.com/xiaoqiang/rom/rm1800/miwifi_rm1800_firmware_ed621_1.0.378.bin
My recommendation, install that firmware, get root access, edit the bdata partition to enable permanent telnet: https://forum.openwrt.org/t/adding-openwrt-support-for-xiaomi-redmi-router-ax6s-xiaomi-router-ax3200/111085/93?u=cliobrando and here Adding OpenWrt support for Xiaomi "Redmi Router AX6S"/"Xiaomi Router AX3200" - #83 by cliobrando , with this way you can update to the latest official version and keep telnet enabled, so if someday an official Openwrt build appears to this device you can update without problems.
If you want to remove all the xiaomi services and software from the official firmware you can use xqrepaq to generate a mostly clean image.
Alternative: If you don't want to mod the bdata partition, you can flash the 1.0.378 image, get root, and use xqrepack to mod and flash the latest official firmware, and enable telnet and ssh but it's not permanent.
1 Like
Xiaomi firmwares are RSA signed. You can't install unsigned or modified firmware.
1 Like
I know that you can download chinese FW from xiaomi.
xqrepack doesn't work on newer firmwares. It successfully repacks the firmware, but WiFi firmware doesn't initialise while trying to boot xqrepacked firmware.
I don't trust xiaomi's firmware either - which is why I turned this router into dumb AP + managed switch, as well as blocked any traffic from that host (static IP assigned in /etc/config/network) in my firewall.
I simply mentioned that for someone who would flash this firmware and use it as a gateway. I'll be getting rid of that router anyway as soon as I'll get my hands on AP-capable 802.11ax mPCIe card (AW7915-NP1 looks promising, BPI-R3 looks "dope").
The chinese firmware is Xiaomi's official firmware, unmodified, otherwise you wouldn't be able to install it from the web gui. The other one is a global firmware dump and you could be way of that one; you need to have SSH access to be able to flash it because it's unsigned.
I didn't know xqrepack doesn't work with newer firmwares, that sucks. It does seem to work with the global firmware dump somenoe posted, seeing other people have already installed Blaze's firmware, which I guess it's repackaged from a dump of the global firmware.
Which is why I would be wary 
Just to be clear, I'm thankful for the dump. Even if I won't use it, you can extract files from the dump and copy LuCI language files onto chinese ROM. It's just that I would be vary since it's been uploaded to yandex.ru.
Best idea would be to download it and compare with global using diff for example on extracted images.
Aside from that, I suggest people to mod this router by slapping a fan onto it or add beefier heatsink. Recently I've bought an M1 MacBook Air and noticed that it got so hot it thermal throttled while transferring files between MBA and my Gentoo KVM/ZFS host.
I've found random heatsink from an old GPU, slapped some thermal paste between the two and glued it using epoxy. It still gets quite hot, but at least it doesn't throttle so that's fine imo. Constant 1Gb/s over WiFi is quite mindblowing.
4 Likes
It's not a dump. It's a stock firmware not available for public for installation through web interface.
1 Like