# here is the output from that command:
Image metadata not found
Image check 'fwtool_check_image' failed but --force given - will update anyway!
Commencing upgrade. Closing all shell sessions.
Connection to 192.168.1.1 closed by remote host.
Connection to 192.168.1.1 closed.
And same as Bob, the router goes into light breathing mode forever.
Are there any MTD expert here that could tell me how to dump my working partition firmware for fbradyirl and Bobcamo? Maybe they can restore my firmware dump after.
(I do not have serial access)
Partition 1: offset 0x200000, size 0x1a00000, name "kernel1"
Partition 2: offset 0x1c00000, size 0x1a00000, name "kernel2"
what do you mean? using the 18.06.1 if that's what your asking.
@fbradyirl
oh thank god i'm not the only one... sucks... but yeah lol.
also, that is the exact command line that shows when i hit enter. but also pops that.disconnect windows
I do believe they'll need certain information regarding board and certain params also that are related to their model. They would need to do a serial connection too, and edit a compatible mtd partition very dangerous if you don't know what your doing.
Edited: Has anyone tried the dd command on the linksys.img image then using the sysupgrade technique?
I believe that these information are stored in another partition than the kernel partition (I assume you are referring to MAC and board info).
I still believe that it doesn't require serial since we would be writing to another inactive partition. Maybe MTD is not the right tool, dd the mounted partition might be the way.
I also just tried installing the "non-cloud" firmware and get the same results.
root@OpenWrt:/tmp# sysupgrade -F -n FW_E4200_2.0.37.131047.SSA
Image metadata not found
Image check 'fwtool_check_image' failed but --force given - will update anyway!
Commencing upgrade. Closing all shell sessions.
Connection to 192.168.1.1 closed by remote host.
Connection to 192.168.1.1 closed.
Can you tell me what partitions are mounted on your router (I don't have access to my E4200 right now)? There should be "kernel" and maybe something like "alt_kernel".
Yes. I will try to dd my Linksys partition tonight and create a dump. Then I think you'll be able to write this dump using mtd or sysupgrade. I'll check to see if it matches the .IMG file too.
Investigation with binwalk shows the "factory" OpenWrt and the official firmware are direct images of the flash, but the OpenWrt .sysupgrade (despite being named .bin instead of .tar) is a tarfile with the kernel and rootfs separate.
The problem here is that it is NAND flash. If there are any bad blocks involved you can't just blast it into the mtd partition.
So if it were my router (and for some bizarre reason I really wanted to go back to stock), I would try deconstructing the factory image then rebuilding it as a sysupgrade compatible tarfile.
mtd0: 00080000 00020000 "u-boot"
mtd1: 00020000 00020000 "u_env"
mtd2: 00020000 00020000 "s_env"
mtd3: 002a0000 00020000 "kernel1"
mtd4: 01760000 00020000 "rootfs1"
mtd5: 002a0000 00020000 "kernel2"
mtd6: 01760000 00020000 "ubi"
mtd7: 04a00000 00020000 "syscfg"
mtd8: 00140000 00020000 "unused"
difference in mine is rootfs1 as I'm seeing rootfs2 the previous posts.
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt SNAPSHOT, r9360-f948aa4d4f
