Belkin RT3200/Linksys E8450 WiFi AX discussion

yes exactly put the patch in ruleset.uc

then on the internet look at your ipv4 for example by typing myipv4 it is the wan address of the ISP and not of the router

then option external_ip 'xx.XX.XX.XX'

{% let flowtable_devices = fw4.resolve_offload_devices(); -%}

table inet fw4
flush table inet fw4
{% if (fw4.check_flowtable()): %}
delete flowtable inet fw4 ft
{% endif %}

table inet fw4 {
{% if (length(flowtable_devices) > 0): %}
	#
	# Flowtable
	#

	flowtable ft {
		hook ingress priority 0;
		devices = {{ fw4.set(flowtable_devices, true) }};
{% if (fw4.default_option("flow_offloading_hw")): %}
		flags offload;
{% endif %}
	}

{% endif %}
	#
	# Set definitions
	#

{% for (let set in fw4.ipsets()): %}
	set {{ set.name }} {
		type {{ fw4.concat(set.types) }}
{%  if (set.maxelem > 0): %}
		size {{ set.maxelem }}
{%  endif %}
{%  if (set.timeout >= 0): %}
		timeout {{ set.timeout }}s
{% endif %}
{%  if (set.interval): %}
		flags interval
		auto-merge
{%  endif %}
{%  fw4.print_setentries(set) %}
	}

{% endfor %}

	#
	# Defines
	#

{% for (let zone in fw4.zones()): %}
{%  if (length(zone.match_devices)): %}
	define {{ zone.name }}_devices = {{ fw4.set(zone.match_devices, true) }}
{%  endif %}
{%  if (length(zone.match_subnets)): %}
	define {{ zone.name }}_subnets = {{ fw4.set(zone.match_subnets, true) }}
{%  endif %}
{% endfor %}

	#
	# User includes
	#

	include "/etc/nftables.d/*.nft"


	#
	# Filter rules
	#

	chain input {
		type filter hook input priority filter; policy {{ fw4.input_policy(true) }};

		iifname "lo" accept comment "!fw4: Accept traffic from loopback"

		ct state established,related accept comment "!fw4: Allow inbound established and related flows"
{% if (fw4.default_option("drop_invalid")): %}
		ct state invalid drop comment "!fw4: Drop flows with invalid conntrack state"
{% endif %}
{% if (fw4.default_option("synflood_protect") && fw4.default_option("synflood_rate")): %}
		tcp flags & (fin | syn | rst | ack) == syn jump syn_flood comment "!fw4: Rate limit TCP syn packets"
{% endif %}
{% for (let rule in fw4.rules("input")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "input" }) %}
{% endfor; endfor %}
{% if (fw4.input_policy() == "reject"): %}
		jump handle_reject
{% endif %}
	}

	chain forward {
		type filter hook forward priority filter; policy {{ fw4.forward_policy(true) }};

{% if (length(flowtable_devices) > 0): %}
		meta l4proto { tcp, udp } flow offload @ft;
{% endif %}
		ct state established,related accept comment "!fw4: Allow forwarded established and related flows"
{% if (fw4.default_option("drop_invalid")): %}
		ct state invalid drop comment "!fw4: Drop flows with invalid conntrack state"
{% endif %}
{% for (let rule in fw4.rules("forward")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "forward" }) %}
{% endfor; endfor %}
{% if (fw4.forward_policy() == "reject"): %}
		jump handle_reject
{% endif %}
	}

	chain output {
		type filter hook output priority filter; policy {{ fw4.output_policy(true) }};

		oifname "lo" accept comment "!fw4: Accept traffic towards loopback"

		ct state established,related accept comment "!fw4: Allow outbound established and related flows"
{% if (fw4.default_option("drop_invalid")): %}
		ct state invalid drop comment "!fw4: Drop flows with invalid conntrack state"
{% endif %}
{% for (let rule in fw4.rules("output")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "output" }) %}
{% endfor; endfor %}
{% if (fw4.output_policy() == "reject"): %}
		jump handle_reject
{% endif %}
	}

	chain handle_reject {
		meta l4proto tcp reject with {{
			(fw4.default_option("tcp_reject_code") != "tcp-reset")
				? "icmpx type " + fw4.default_option("tcp_reject_code")
				: "tcp reset"
		}} comment "!fw4: Reject TCP traffic"
		reject with {{
			(fw4.default_option("any_reject_code") != "tcp-reset")
				? "icmpx type " + fw4.default_option("any_reject_code")
				: "tcp reset"
		}} comment "!fw4: Reject any other traffic"
	}

{% if (fw4.default_option("synflood_protect") && fw4.default_option("synflood_rate")):
	let r = fw4.default_option("synflood_rate");
	let b = fw4.default_option("synflood_burst");
%}
	chain syn_flood {
		limit rate {{ r.rate }}/{{ r.unit }}
		{%- if (b): %} burst {{ b }} packets{% endif %} return comment "!fw4: Accept SYN packets below rate-limit"
		drop comment "!fw4: Drop excess packets"
	}

{% endif %}
{% for (let zone in fw4.zones()): %}
	chain input_{{ zone.name }} {
{%  for (let rule in fw4.rules("input_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{%  endfor %}

		ct status dnat accept comment "!fw4: Accept port redirections"

		jump {{ zone.input }}_from_{{ zone.name }}
	}

	chain output_{{ zone.name }} {
{%  for (let rule in fw4.rules("output_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{%  endfor %}
		jump {{ zone.output }}_to_{{ zone.name }}
	}

	chain forward_{{ zone.name }} {
{%  for (let rule in fw4.rules("forward_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{%  endfor %}

		ct status dnat accept comment "!fw4: Accept port forwards"

		jump {{ zone.forward }}_to_{{ zone.name }}
	}

{%  for (let verdict in ["accept", "reject", "drop"]): %}
{%   if (zone.sflags[verdict]): %}
	chain {{ verdict }}_from_{{ zone.name }} {
{%    for (let rule in zone.match_rules): %}
		{%+ include("zone-verdict.uc", { fw4, zone, rule, egress: false, verdict }) %}
{%    endfor %}
	}

{%   endif %}
{%   if (zone.dflags[verdict]): %}
	chain {{ verdict }}_to_{{ zone.name }} {
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-verdict.uc", { fw4, zone, rule, egress: true, verdict }) %}
{%   endfor %}
	}

{%   endif %}
{%  endfor %}
{% endfor %}

	#
	# NAT rules
	#

	chain dstnat {
		type nat hook prerouting priority dstnat; policy accept;
{% for (let zone in fw4.zones()): %}
{%  if (zone.dflags.dnat): %}
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "dstnat" }) %}
{%   endfor %}
{%  endif %}
{% endfor %}
	}

	chain srcnat {
		type nat hook postrouting priority srcnat; policy accept;
{% for (let redirect in fw4.redirects("srcnat")): %}
		{%+ include("redirect.uc", { fw4, redirect }) %}
{% endfor %}
{% for (let zone in fw4.zones()): %}
{%  if (zone.dflags.snat): %}
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "srcnat" }) %}
{%   endfor %}
{%  endif %}
{% endfor %}
	}

{% for (let zone in fw4.zones()): %}
{%  if (zone.dflags.dnat): %}
	chain dstnat_{{ zone.name }} {
{%   for (let redirect in fw4.redirects("dstnat_"+zone.name)): %}
		{%+ include("redirect.uc", { fw4, redirect }) %}
{%   endfor %}
	}

{%  endif %}
{%  if (zone.dflags.snat): %}
	chain srcnat_{{ zone.name }} {
{%   for (let redirect in fw4.redirects("srcnat_"+zone.name)): %}
		{%+ include("redirect.uc", { fw4, redirect }) %}
{%   endfor %}
{%   if (zone.masq): %}
{%    for (let saddrs in zone.masq4_src_subnets): %}
{%     for (let daddrs in zone.masq4_dest_subnets): %}
		{%+ include("zone-masq.uc", { fw4, zone, family: 4, saddrs, daddrs }) %}
{%     endfor %}
{%    endfor %}
{%   endif %}
{%   if (zone.masq6): %}
{%    for (let saddrs in zone.masq6_src_subnets): %}
{%     for (let daddrs in zone.masq6_dest_subnets): %}
		{%+ include("zone-masq.uc", { fw4, zone, family: 6, saddrs, daddrs }) %}
{%     endfor %}
{%    endfor %}
{%   endif %}
	}

{%  endif %}
{% endfor %}

	#
	# Raw rules (notrack & helper)
	#

	chain raw_prerouting {
		type filter hook prerouting priority raw; policy accept;
{% for (let target in ["helper", "notrack"]): %}
{%  for (let zone in fw4.zones()): %}
{%   if (zone.dflags[target]): %}
{%    for (let rule in zone.match_rules): %}
{%     let devices_pos = fw4.filter_loopback_devs(rule.devices_pos, false); %}
{%     let subnets_pos = fw4.filter_loopback_addrs(rule.subnets_pos, false); %}
{%     if (rule.devices_neg || rule.subnets_neg || devices_pos || subnets_pos): %}
		{%+ if (rule.family): -%}
			meta nfproto {{ fw4.nfproto(rule.family) }} {%+ endif -%}
		{%+ include("zone-match.uc", { fw4, egress: false, rule: { ...rule, devices_pos, subnets_pos } }) -%}
		jump {{ target }}_{{ zone.name }} comment "!fw4: {{ zone.name }} {{ fw4.nfproto(rule.family, true) }} {{
			(target == "helper") ? "CT helper assignment" : "CT bypass"
		}}"
{%     endif %}
{%    endfor %}
{%   endif %}
{%  endfor %}
{% endfor %}
	}

	chain raw_output {
		type filter hook output priority raw; policy accept;
{% for (let target in ["helper", "notrack"]): %}
{%  for (let zone in fw4.zones()): %}
{%   if (zone.dflags[target]): %}
{%    for (let rule in zone.match_rules): %}
{%     let devices_pos = fw4.filter_loopback_devs(rule.devices_pos, true); %}
{%     let subnets_pos = fw4.filter_loopback_addrs(rule.subnets_pos, true); %}
{%     if (devices_pos || subnets_pos): %}
		{%+ if (rule.family): -%}
			meta nfproto {{ fw4.nfproto(rule.family) }} {%+ endif -%}
		{%+ include("zone-match.uc", { fw4, egress: false, rule: { ...rule, devices_pos, subnets_pos } }) -%}
		jump {{ target }}_{{ zone.name }} comment "!fw4: {{ zone.name }} {{ fw4.nfproto(rule.family, true) }} {{
			(target == "helper") ? "CT helper assignment" : "CT bypass"
		}}"
{%     endif %}
{%    endfor %}
{%   endif %}
{%  endfor %}
{% endfor %}
	}

{% for (let helper in fw4.helpers()): %}
{%  if (helper.available): %}
{%   for (let proto in helper.proto): %}
	ct helper {{ helper.name }} {
		type {{ fw4.quote(helper.name, true) }} protocol {{ proto.name }};
	}

{%   endfor %}
{%  endif %}
{% endfor %}
{% for (let target in ["helper", "notrack"]): %}
{%  for (let zone in fw4.zones()): %}
{%   if (zone.dflags[target]): %}
	chain {{ target }}_{{ zone.name }} {
{% for (let rule in fw4.rules(target+"_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

{%   endif %}
{%  endfor %}
{% endfor %}

	#
	# Mangle rules
	#

	chain mangle_prerouting {
		type filter hook prerouting priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_prerouting")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_postrouting {
		type filter hook postrouting priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_postrouting")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_input {
		type filter hook input priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_input")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_output {
		type filter hook output priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_output")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_forward {
		type filter hook forward priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_forward")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): %}
{%  if (zone.mtu_fix): %}
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-mssfix.uc", { fw4, zone, rule, egress: false }) %}
		{%+ include("zone-mssfix.uc", { fw4, zone, rule, egress: true }) %}
{%   endfor %}
{%  endif %}
{% endfor %}
	}
}

1 Like

I followed all the steps and unfortunately my Nintendo Switch still gets Nat Type B :frowning: I am not sure what I am doing wrong. And I did put the patch to the ruleset.uc

Update: Can you share your miniupnp settings? Also, are you in the RC1 build? Thanks!

1 Like

config upnpd 'config'
	option download '1024'
	option upload '512'
	option internal_iface 'lan'
	option external_ip 'MYIPWANOFFAI'
	option port '5000'
	option upnp_lease_file '/var/run/miniupnpd.leases'
	option igdv1 '1'
	option enabled '1'
	option uuid 'XXXXXXXXXXXX'

config perm_rule
	option action 'allow'
	option ext_ports '1024-65535'
	option int_addr '0.0.0.0/0'
	option int_ports '1024-65535'
	option comment 'Allow high ports'

config perm_rule
	option action 'deny'
	option ext_ports '0-65535'
	option int_addr '0.0.0.0/0'
	option int_ports '0-65535'
	option comment 'Default deny'

stun doesn't work for the moment

yes i'm on rc1

how to enable wps button wireless in rt3200 i don't see

i has remove wolf ssl and wpad ssl and install openssl but always not thanks

after reboot is ok :stuck_out_tongue:

I encountered a problem with rt3200 I could only connect one console per lan (ps5) the secondary ps4 was not recognized and it marked nolan connects a person have you already tried to connect 2 consoles? I am on 22.03.0 rc1 thank you @daniel

Hello, I'm trying to upgrade to RC1 but it says two packages are not in the remote list. The packages are iptables and ip6tables. Am I doing something wrong?

root@OpenWrt:~# auc -n -b 22.03 -B 22.03.0-rc1
auc (0.2.4-4)
Server:    https://sysupgrade.openwrt.org
Running:   SNAPSHOT r18125-b764cb9e5b on mediatek/mt7622 (linksys,e8450-ubi)
Available: 22.03.0-rc1 r19302-df622768da
Requesting package lists...
 kmod-usb-storage: 5.10.80-1 -> 5.10.111-1
 iwinfo: 2021-07-11-a0a0e02d-1 -> 2022-04-24-a479b9b0-1
 liblucihttp: 2021-06-11-3dc89af4-1 -> 2022-02-13-cc851838-1
 libjson-script: 2021-11-04-c86a894e-2 -> 2021-11-20-cce5e351-1
 kmod-crypto-gf128: 5.10.80-1 -> 5.10.111-1
 opkg: 2021-06-13-1bf042dd-3 -> 2022-01-09-2edcfad1-1
 kmod-usb-core: 5.10.80-1 -> 5.10.111-1
 luci-app-opkg: git-21.312.69814-02398a3 -> git-22.043.53495-1e6f630
 kmod-usb-storage-uas: 5.10.80-1 -> 5.10.111-1
 ubus: 2021-08-09-a72457b6-2 -> 2022-02-28-584f56a2-2
 iw: 5.9-8fab0c9e-1 -> 5.16-1
 kmod-crypto-manager: 5.10.80-1 -> 5.10.111-1
 rpcd: 2021-11-04-d11ffe93-2 -> 2022-02-07-909f2a04-1
 busybox: 1.34.1-1 -> 1.35.0-3
 kmod-crypto-ctr: 5.10.80-1 -> 5.10.111-1
 libubus-lua: 2021-08-09-a72457b6-2 -> 2022-02-28-584f56a2-2
 kmod-crypto-hash: 5.10.80-1 -> 5.10.111-1
 kmod-nf-reject6: 5.10.80-1 -> 5.10.111-1
 kmod-crypto-aead: 5.10.80-1 -> 5.10.111-1
 libiwinfo-lua: 2021-07-11-a0a0e02d-1 -> 2022-04-24-a479b9b0-1
 luci-mod-system: git-21.304.77266-fceabd7 -> git-22.102.44406-0c0cf78
 openssl-util: 1.1.1l-1 -> 1.1.1n-1
 kmod-nf-flow: 5.10.80-1 -> 5.10.111-1
 libnl-tiny: 2020-08-05-c291088f-2 -> 2021-11-21-8e0555fb-1
 kmod-lib-crc-ccitt: 5.10.80-1 -> 5.10.111-1
 libustream-openssl: 2020-12-10-68d09243-2 -> 2022-01-16-868fd881-1
 luci-theme-bootstrap: git-21.322.37656-7f26e86 -> git-22.084.39030-f187425
 kmod-pppoe: 5.10.80-1 -> 5.10.111-1
 kmod-pppox: 5.10.80-1 -> 5.10.111-1
 kmod-ipt-conntrack: 5.10.80-1 -> 5.10.111-1
 kmod-nf-reject: 5.10.80-1 -> 5.10.111-1
 procd-ujail: 2021-11-11-9d1431e1-1 -> 2022-04-13-eb03f031-1
 base-files: 1459-r18125-b764cb9e5b -> 1475-r19302-df622768da
 kmod-lib-crc16: 5.10.80-1 -> 5.10.111-1
 kmod-nf-nat: 5.10.80-1 -> 5.10.111-1
 kmod-crypto-crc32c: 5.10.80-1 -> 5.10.111-1
 kmod-mt7615e: 5.10.80+2021-10-23.1-f6bde7ba-4 -> 5.10.111+2022-03-15-053668ac-4
 netifd: 2021-10-30-8f82742c-1 -> 2022-02-20-136006b8-1
 libubus: 2021-08-09-a72457b6-2 -> 2022-02-28-584f56a2-2
 uboot-envtools: 2021.01-46 -> 2022.01-22
 dnsmasq: 2.86-10 -> 2.86-12
 kmod-usb-xhci-hcd: 5.10.80-1 -> 5.10.111-1
 procd: 2021-11-11-9d1431e1-1 -> 2022-04-13-eb03f031-1
 kmod-crypto-hmac: 5.10.80-1 -> 5.10.111-1
 kmod-crypto-sha256: 5.10.80-1 -> 5.10.111-1
 kmod-mt7615-common: 5.10.80+2021-10-23.1-f6bde7ba-4 -> 5.10.111+2022-03-15-053668ac-4
 ubusd: 2021-08-09-a72457b6-2 -> 2022-02-28-584f56a2-2
 libblobmsg-json: 2021-11-04-c86a894e-2 -> 2021-11-20-cce5e351-1
 luci-mod-status: git-21.301.45987-0ad54e4 -> git-22.089.68955-66d9387
 libxtables: 1.8.7-1 -> 1.8.7-6
 kmod-mt76-connac: 5.10.80+2021-10-23.1-f6bde7ba-4 -> 5.10.111+2022-03-15-053668ac-4
 block-mount: 2021-10-01-d3907445-1 -> 2021-11-16-77c02889-1
 kmod-crypto-seqiv: 5.10.80-1 -> 5.10.111-1
 kmod-fs-vfat: 5.10.80-1 -> 5.10.111-1
 kmod-usb3: 5.10.80-1 -> 5.10.111-1
 kmod-fs-exfat: 5.10.80-1 -> 5.10.111-1
 firewall: 2021-08-14-40e5f6a2-1 -> 2022-01-10-0f16ea5f-2
 luci-app-firewall: git-21.315.43250-0b4b638 -> git-22.089.67563-7e3c1b4
 kmod-thermal: 5.10.80-1 -> 5.10.111-1
 kmod-nf-ipt: 5.10.80-1 -> 5.10.111-1
 wpad-openssl: 2021-05-22-b102f19b-47 -> 2022-01-16-cff80b4f-8
 ubi-utils: 2.1.2-1 -> 2.1.4-1
 kmod-ip6tables: 5.10.80-1 -> 5.10.111-1
 odhcp6c: 2021-07-14-94adc8bb-18 -> 2021-12-05-39b584bc-18
 fstools: 2021-10-01-d3907445-1 -> 2021-11-16-77c02889-1
 kmod-crypto-ghash: 5.10.80-1 -> 5.10.111-1
 lua: 5.1.5-9 -> 5.1.5-10
 kmod-fs-ext4: 5.10.80-1 -> 5.10.111-1
 libip4tc: 1.8.7-1 -> 1.8.7-6
 dropbear: 2020.81-2 -> 2022.82-1
 kmod-hwmon-core: 5.10.80-1 -> 5.10.111-1
 kmod-nls-utf8: 5.10.80-1 -> 5.10.111-1
 luci-theme-openwrt-2020: git-21.279.05595-c8d9819 -> git-21.343.57805-13949cb
 libubox: 2021-11-04-c86a894e-2 -> 2021-11-20-cce5e351-1
 kmod-nls-cp437: 5.10.80-1 -> 5.10.111-1
 rpcd-mod-file: 2021-11-04-d11ffe93-2 -> 2022-02-07-909f2a04-1
 procd-seccomp: 2021-11-11-9d1431e1-1 -> 2022-04-13-eb03f031-1
 libiwinfo-data: 2021-07-11-a0a0e02d-1 -> 2022-04-24-a479b9b0-1
 kmod-mt7915e: 5.10.80+2021-10-23.1-f6bde7ba-4 -> 5.10.111+2022-03-15-053668ac-4
 kmod-crypto-ccm: 5.10.80-1 -> 5.10.111-1
 blockd: 2021-10-01-d3907445-1 -> 2021-11-16-77c02889-1
 luci-base: git-21.322.38385-6507b1f -> git-22.083.69105-af8e91c
 kmod-leds-gpio: 5.10.80-1 -> 5.10.111-1
 kmod-gpio-button-hotplug: 5.10.80-3 -> 5.10.111-3
 kmod-mac80211: 5.10.80+5.15-rc6-1-1 -> 5.10.111+5.15.33-1-1
 libopenssl: 1.1.1l-1 -> 1.1.1n-1
 libip6tc: 1.8.7-1 -> 1.8.7-6
installed package iptables cannot be found in remote list!
 openwrt-keyring: 2021-02-20-49283916-2 -> 2022-03-25-62471e69-3
 luci-app-attendedsysupgrade: git-21.258.26848-0d0fcb3 -> git-22.068.37885-65266c4
 jshn: 2021-11-04-c86a894e-2 -> 2021-11-20-cce5e351-1
 kmod-ipt-core: 5.10.80-1 -> 5.10.111-1
 kmod-ppp: 5.10.80-1 -> 5.10.111-1
 libopenssl-conf: 1.1.1l-1 -> 1.1.1n-1
 kmod-fs-f2fs: 5.10.80-1 -> 5.10.111-1
 kmod-crypto-null: 5.10.80-1 -> 5.10.111-1
 libiwinfo: 2021-07-11-a0a0e02d-1 -> 2022-04-24-a479b9b0-1
 kmod-mt7615-firmware: 5.10.80+2021-10-23.1-f6bde7ba-4 -> 5.10.111+2022-03-15-053668ac-4
 auc: 0.2.4-4 -> 0.2.5-2
 uhttpd: 2021-03-21-15346de8-3 -> 2022-02-07-2f8b1360-1
 kmod-nf-conntrack: 5.10.80-1 -> 5.10.111-1
installed package ip6tables cannot be found in remote list!
 liblua: 5.1.5-9 -> 5.1.5-10
 kmod-nf-ipt6: 5.10.80-1 -> 5.10.111-1
 kmod-crypto-gcm: 5.10.80-1 -> 5.10.111-1
 kmod-fs-autofs4: 5.10.80-1 -> 5.10.111-1
 rpcd-mod-rpcsys: 2021-11-04-d11ffe93-2 -> 2022-02-07-909f2a04-1
 ca-bundle: 20210119-1 -> 20211016-1
 liblucihttp-lua: 2021-06-11-3dc89af4-1 -> 2022-02-13-cc851838-1
 kmod-nls-iso8859-1: 5.10.80-1 -> 5.10.111-1
 kmod-crypto-cmac: 5.10.80-1 -> 5.10.111-1
 luci-lib-jsonc: git-19.317.29469-8da8f38 -> git-22.097.61921-7513345
 kmod-crypto-rng: 5.10.80-1 -> 5.10.111-1
 kmod-nf-conntrack6: 5.10.80-1 -> 5.10.111-1
 libgcc: 11.2.0-3 -> 11.2.0-4
 kmod-mt76-core: 5.10.80+2021-10-23.1-f6bde7ba-4 -> 5.10.111+2022-03-15-053668ac-4
 kmod-crypto-crc32: 5.10.80-1 -> 5.10.111-1
 rpcd-mod-iwinfo: 2021-11-04-d11ffe93-2 -> 2022-02-07-909f2a04-1
 luci-mod-network: git-21.315.43250-849772d -> git-22.089.68955-66d9387
 kmod-nls-base: 5.10.80-1 -> 5.10.111-1
 uhttpd-mod-ubus: 2021-03-21-15346de8-3 -> 2022-02-07-2f8b1360-1
 hostapd-common: 2021-05-22-b102f19b-47 -> 2022-01-16-cff80b4f-8
 kmod-ipt-offload: 5.10.80-1 -> 5.10.111-1
 wireless-regdb: 2021.08.28-1 -> 2022.02.18-1
 kmod-scsi-core: 5.10.80-1 -> 5.10.111-1
 kmod-slhc: 5.10.80-1 -> 5.10.111-1
 kmod-cfg80211: 5.10.80+5.15-rc6-1-1 -> 5.10.111+5.15.33-1-1
 kmod-ipt-nat: 5.10.80-1 -> 5.10.111-1
Not all installed packages found in remote lists. Use '-f' to force.
State not recoverable (131)

So I can run this command:

auc -b 22.03 -B 22.03.0-rc1

Will it handle migrating/upgrading from fw3 to fw4?

If not, how should I migrate fw3 to fw4, ie, from iptables to nftables?

1 Like

I would suggest to skip auc for this step of moving from fw3/ iptables to fw4/ nftables, package interdependencies are difficult - and this shows its limits.

I used the advanced mode of the LuCi attended sysupgrade process to remove the old packages and included the new ones (I forget names). That worked.

And then the command above would work.

I have been playing around with the mt7530 switch driver for my E8450 (and I believe it will be the same for mt7621 based router using mt753x switches), and it looks like we may need to probably revamp the way VLANs are configured.

One issue I found is that when I configured one of the switch port to egress tagged frames (e.g. VLAN1) it does not only accept VLAN1 ingress frames, it also accept untagged ingress frames and automatically assign the frame to VLAN1.

And due to the way DSA allows ports to be configured as both tagged and untagged (at least from what I understand), the mt7530 switch driver may have to keep track of all the ports VLAN configurations to handle such a situation. Else switch ports may be switching between tag and untagged states and result in indeterminate final state, rendering the switch port in-operable.

And from Mediatek's documentation, if we are to configure VLAN for the ports, we have to set the port into VLAN secure mode. The existing switch driver only does that when VLAN filtering is turned on, but DSA will configure VLAN for the ports regardless of whether VLAN filtering is enabled, at least for the driver as of kernel 5.10.112.

I would think the same situation will exists for all DSA switch drivers.

Anyone with knowledge of the DSA framework and the mt7530 switch would like to comment?

2 Likes

Hello everyone. I've read that the Belkin RT3200 doesn't have a real strong signal running OpenWRT, but I've also read the signal is good with the stock firmware. Does this have anything to do with OpenWRT vs the stock firmware? What are everyone's thoughts on the range running OpenWRT? Thanks in advance. :slight_smile:

Another MT7622 device

1 Like

Thanks! Is there a manual workaround to fix it or do we need to wait on an official fix from the developers?

Have not compared Stock vs OpenWRT. I feel like the R7800 I had before it had a bit more reach but I do not have hard data to back that up. Throughput is fine as-is so I found something else to obsess over.

1 Like

These are so cheap. Buy one and if it doesn't cut it for your house then buy another one or two and tether via WDS and enable fast roaming.

1 Like

I pretty much have done this, although one is just for home automation/IoT devices too.

In hindsight, I should have picked up more way back when. Walmart had a whole endcap of them last year.

1 Like

Looks like Mediaktek commits for 5.15.x have landed in master. I tried a new build with my current config (not a fresh install) and I couldn't get the WAN port to do anything. Everything else worked. Once I'm done with work, I'll set it up the right way with 'firstboot'/etc.

Other than that issue, everything worked.

Update: Clean install is all happy. I can't make it hiccup so far on 5.15. I know A LOT of ARM updates landed between .10 and .15 so it'll be interesting to see if performance is a little better. Seems better supported.

hi everybody if you want upnp work you will do apply this patch @JimmyValentine @segal_72

{% let flowtable_devices = fw4.resolve_offload_devices(); -%}

table inet fw4
flush table inet fw4
{% if (fw4.check_flowtable()): %}
delete flowtable inet fw4 ft
{% endif %}

table inet fw4 {
{% if (length(flowtable_devices) > 0): %}
	#
	# Flowtable
	#

	flowtable ft {
		hook ingress priority 0;
		devices = {{ fw4.set(flowtable_devices, true) }};
{% if (fw4.default_option("flow_offloading_hw")): %}
		flags offload;
{% endif %}
	}

{% endif %}
	#
	# Set definitions
	#

{% for (let set in fw4.ipsets()): %}
	set {{ set.name }} {
		type {{ fw4.concat(set.types) }}
{%  if (set.maxelem > 0): %}
		size {{ set.maxelem }}
{%  endif %}
{%  if (set.timeout >= 0): %}
		timeout {{ set.timeout }}s
{% endif %}
{%  if (set.interval): %}
		flags interval
		auto-merge
{%  endif %}
{%  fw4.print_setentries(set) %}
	}

{% endfor %}

	#
	# Defines
	#

{% for (let zone in fw4.zones()): %}
{%  if (length(zone.match_devices)): %}
	define {{ zone.name }}_devices = {{ fw4.set(zone.match_devices, true) }}
{%  endif %}
{%  if (length(zone.match_subnets)): %}
	define {{ zone.name }}_subnets = {{ fw4.set(zone.match_subnets, true) }}
{%  endif %}
{% endfor %}

	#
	# User includes
	#

	include "/etc/nftables.d/*.nft"


	#
	# Filter rules
	#

	chain input {
		type filter hook input priority filter; policy {{ fw4.input_policy(true) }};

		iifname "lo" accept comment "!fw4: Accept traffic from loopback"

		ct state established,related accept comment "!fw4: Allow inbound established and related flows"
{% if (fw4.default_option("drop_invalid")): %}
		ct state invalid drop comment "!fw4: Drop flows with invalid conntrack state"
{% endif %}
{% if (fw4.default_option("synflood_protect") && fw4.default_option("synflood_rate")): %}
		tcp flags & (fin | syn | rst | ack) == syn jump syn_flood comment "!fw4: Rate limit TCP syn packets"
{% endif %}
{% for (let rule in fw4.rules("input")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "input" }) %}
{% endfor; endfor %}
{% if (fw4.input_policy() == "reject"): %}
		jump handle_reject
{% endif %}
	}

	chain forward {
		type filter hook forward priority filter; policy {{ fw4.forward_policy(true) }};

{% if (length(flowtable_devices) > 0): %}
		meta l4proto { tcp, udp } flow offload @ft;
{% endif %}
		ct state established,related accept comment "!fw4: Allow forwarded established and related flows"
{% if (fw4.default_option("drop_invalid")): %}
		ct state invalid drop comment "!fw4: Drop flows with invalid conntrack state"
{% endif %}
{% for (let rule in fw4.rules("forward")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "forward" }) %}
{% endfor; endfor %}
{% if (fw4.forward_policy() == "reject"): %}
		jump handle_reject
{% endif %}
	}

	chain output {
		type filter hook output priority filter; policy {{ fw4.output_policy(true) }};

		oifname "lo" accept comment "!fw4: Accept traffic towards loopback"

		ct state established,related accept comment "!fw4: Allow outbound established and related flows"
{% if (fw4.default_option("drop_invalid")): %}
		ct state invalid drop comment "!fw4: Drop flows with invalid conntrack state"
{% endif %}
{% for (let rule in fw4.rules("output")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "output" }) %}
{% endfor; endfor %}
{% if (fw4.output_policy() == "reject"): %}
		jump handle_reject
{% endif %}
	}

	chain handle_reject {
		meta l4proto tcp reject with {{
			(fw4.default_option("tcp_reject_code") != "tcp-reset")
				? "icmpx type " + fw4.default_option("tcp_reject_code")
				: "tcp reset"
		}} comment "!fw4: Reject TCP traffic"
		reject with {{
			(fw4.default_option("any_reject_code") != "tcp-reset")
				? "icmpx type " + fw4.default_option("any_reject_code")
				: "tcp reset"
		}} comment "!fw4: Reject any other traffic"
	}

{% if (fw4.default_option("synflood_protect") && fw4.default_option("synflood_rate")):
	let r = fw4.default_option("synflood_rate");
	let b = fw4.default_option("synflood_burst");
%}
	chain syn_flood {
		limit rate {{ r.rate }}/{{ r.unit }}
		{%- if (b): %} burst {{ b }} packets{% endif %} return comment "!fw4: Accept SYN packets below rate-limit"
		drop comment "!fw4: Drop excess packets"
	}

{% endif %}
{% for (let zone in fw4.zones()): %}
	chain input_{{ zone.name }} {
{%  for (let rule in fw4.rules("input_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{%  endfor %}

		ct status dnat accept comment "!fw4: Accept port redirections"

		jump {{ zone.input }}_from_{{ zone.name }}
	}

	chain output_{{ zone.name }} {
{%  for (let rule in fw4.rules("output_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{%  endfor %}
		jump {{ zone.output }}_to_{{ zone.name }}
	}

	chain forward_{{ zone.name }} {
{%  for (let rule in fw4.rules("forward_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{%  endfor %}

		ct status dnat accept comment "!fw4: Accept port forwards"

		jump {{ zone.forward }}_to_{{ zone.name }}
	}

{%  for (let verdict in ["accept", "reject", "drop"]): %}
{%   if (zone.sflags[verdict]): %}
	chain {{ verdict }}_from_{{ zone.name }} {
{%    for (let rule in zone.match_rules): %}
		{%+ include("zone-verdict.uc", { fw4, zone, rule, egress: false, verdict }) %}
{%    endfor %}
	}

{%   endif %}
{%   if (zone.dflags[verdict]): %}
	chain {{ verdict }}_to_{{ zone.name }} {
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-verdict.uc", { fw4, zone, rule, egress: true, verdict }) %}
{%   endfor %}
	}

{%   endif %}
{%  endfor %}
{% endfor %}

	#
	# NAT rules
	#

	chain dstnat {
		type nat hook prerouting priority dstnat; policy accept;
{% for (let zone in fw4.zones()): %}
{%  if (zone.dflags.dnat): %}
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "dstnat" }) %}
{%   endfor %}
{%  endif %}
{% endfor %}
	}

	chain srcnat {
		type nat hook postrouting priority srcnat; policy accept;
{% for (let redirect in fw4.redirects("srcnat")): %}
		{%+ include("redirect.uc", { fw4, redirect }) %}
{% endfor %}
{% for (let zone in fw4.zones()): %}
{%  if (zone.dflags.snat): %}
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-jump.uc", { fw4, zone, rule, direction: "srcnat" }) %}
{%   endfor %}
{%  endif %}
{% endfor %}
	}

{% for (let zone in fw4.zones()): %}
{%  if (zone.dflags.dnat): %}
	chain dstnat_{{ zone.name }} {
{%   for (let redirect in fw4.redirects("dstnat_"+zone.name)): %}
		{%+ include("redirect.uc", { fw4, redirect }) %}
{%   endfor %}
	}

{%  endif %}
{%  if (zone.dflags.snat): %}
	chain srcnat_{{ zone.name }} {
{%   for (let redirect in fw4.redirects("srcnat_"+zone.name)): %}
		{%+ include("redirect.uc", { fw4, redirect }) %}
{%   endfor %}
{%   if (zone.masq): %}
{%    for (let saddrs in zone.masq4_src_subnets): %}
{%     for (let daddrs in zone.masq4_dest_subnets): %}
		{%+ include("zone-masq.uc", { fw4, zone, family: 4, saddrs, daddrs }) %}
{%     endfor %}
{%    endfor %}
{%   endif %}
{%   if (zone.masq6): %}
{%    for (let saddrs in zone.masq6_src_subnets): %}
{%     for (let daddrs in zone.masq6_dest_subnets): %}
		{%+ include("zone-masq.uc", { fw4, zone, family: 6, saddrs, daddrs }) %}
{%     endfor %}
{%    endfor %}
{%   endif %}
	}

{%  endif %}
{% endfor %}

	#
	# Raw rules (notrack & helper)
	#

	chain raw_prerouting {
		type filter hook prerouting priority raw; policy accept;
{% for (let target in ["helper", "notrack"]): %}
{%  for (let zone in fw4.zones()): %}
{%   if (zone.dflags[target]): %}
{%    for (let rule in zone.match_rules): %}
{%     let devices_pos = fw4.filter_loopback_devs(rule.devices_pos, false); %}
{%     let subnets_pos = fw4.filter_loopback_addrs(rule.subnets_pos, false); %}
{%     if (rule.devices_neg || rule.subnets_neg || devices_pos || subnets_pos): %}
		{%+ if (rule.family): -%}
			meta nfproto {{ fw4.nfproto(rule.family) }} {%+ endif -%}
		{%+ include("zone-match.uc", { fw4, egress: false, rule: { ...rule, devices_pos, subnets_pos } }) -%}
		jump {{ target }}_{{ zone.name }} comment "!fw4: {{ zone.name }} {{ fw4.nfproto(rule.family, true) }} {{
			(target == "helper") ? "CT helper assignment" : "CT bypass"
		}}"
{%     endif %}
{%    endfor %}
{%   endif %}
{%  endfor %}
{% endfor %}
	}

	chain raw_output {
		type filter hook output priority raw; policy accept;
{% for (let target in ["helper", "notrack"]): %}
{%  for (let zone in fw4.zones()): %}
{%   if (zone.dflags[target]): %}
{%    for (let rule in zone.match_rules): %}
{%     let devices_pos = fw4.filter_loopback_devs(rule.devices_pos, true); %}
{%     let subnets_pos = fw4.filter_loopback_addrs(rule.subnets_pos, true); %}
{%     if (devices_pos || subnets_pos): %}
		{%+ if (rule.family): -%}
			meta nfproto {{ fw4.nfproto(rule.family) }} {%+ endif -%}
		{%+ include("zone-match.uc", { fw4, egress: false, rule: { ...rule, devices_pos, subnets_pos } }) -%}
		jump {{ target }}_{{ zone.name }} comment "!fw4: {{ zone.name }} {{ fw4.nfproto(rule.family, true) }} {{
			(target == "helper") ? "CT helper assignment" : "CT bypass"
		}}"
{%     endif %}
{%    endfor %}
{%   endif %}
{%  endfor %}
{% endfor %}
	}

{% for (let helper in fw4.helpers()): %}
{%  if (helper.available): %}
{%   for (let proto in helper.proto): %}
	ct helper {{ helper.name }} {
		type {{ fw4.quote(helper.name, true) }} protocol {{ proto.name }};
	}

{%   endfor %}
{%  endif %}
{% endfor %}
{% for (let target in ["helper", "notrack"]): %}
{%  for (let zone in fw4.zones()): %}
{%   if (zone.dflags[target]): %}
	chain {{ target }}_{{ zone.name }} {
{% for (let rule in fw4.rules(target+"_"+zone.name)): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

{%   endif %}
{%  endfor %}
{% endfor %}

	#
	# Mangle rules
	#

	chain mangle_prerouting {
		type filter hook prerouting priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_prerouting")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_postrouting {
		type filter hook postrouting priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_postrouting")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_input {
		type filter hook input priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_input")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_output {
		type filter hook output priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_output")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
	}

	chain mangle_forward {
		type filter hook forward priority mangle; policy accept;
{% for (let rule in fw4.rules("mangle_forward")): %}
		{%+ include("rule.uc", { fw4, rule }) %}
{% endfor %}
{% for (let zone in fw4.zones()): %}
{%  if (zone.mtu_fix): %}
{%   for (let rule in zone.match_rules): %}
		{%+ include("zone-mssfix.uc", { fw4, zone, rule, egress: false }) %}
		{%+ include("zone-mssfix.uc", { fw4, zone, rule, egress: true }) %}
{%   endfor %}
{%  endif %}
{% endfor %}
	}
}

2 Likes

Hi Guys. I keep getting the following error when upgrading to RC1 via AUC

Signature check passed.
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/root-mediatek/etc/init.d/usteer: line 10: /lib/functions/network.sh: No such file or directory
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/root-mediatek/etc/init.d/usteer: line 11: /usr/share/libubox/jshn.sh: No such file or directory
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/root-mediatek/etc/init.d/usteer: line 12: /lib/functions.sh: No such file or directory
./etc/init.d/usteer: line 10: /lib/functions/network.sh: No such file or directory
./etc/init.d/usteer: line 11: /usr/share/libubox/jshn.sh: No such file or directory./etc/init.d/usteer: line 12: /lib/functions.sh: No such file or directory
Pseudo file "/dev" exists in source filesystem "/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/root-mediatek/dev".
Ignoring, exclude it (-e/-ef) to override.
9910+1 records in
9910+1 records out
5074275 bytes (5.1 MB, 4.8 MiB) copied, 0.131019 s, 38.7 MB/s
1781+1 records in
1782+0 records out
7299072 bytes (7.3 MB, 7.0 MiB) copied, 0.0725606 s, 101 MB/s
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7622/tmp/openwrt-22.03.0-rc1-3bb64b2dd339-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb.its:17.11-19.6: Warning (unit_address_vs_reg): /images/kernel-1/hash@1: node has a unit name, but no reg or ranges property
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7622/tmp/openwrt-22.03.0-rc1-3bb64b2dd339-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb.its:20.11-22.6: Warning (unit_address_vs_reg): /images/kernel-1/hash@2: node has a unit name, but no reg or ranges property
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7622/tmp/openwrt-22.03.0-rc1-3bb64b2dd339-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb.its:34.11-36.6: Warning (unit_address_vs_reg): /images/fdt-1/hash@1: node has a unit name, but no reg or ranges property
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7622/tmp/openwrt-22.03.0-rc1-3bb64b2dd339-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb.its:37.11-39.6: Warning (unit_address_vs_reg): /images/fdt-1/hash@2: node has a unit name, but no reg or ranges property
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7622/tmp/openwrt-22.03.0-rc1-3bb64b2dd339-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb.its:51.11-53.6: Warning (unit_address_vs_reg): /images/rootfs-1/hash@1: node has a unit name, but no reg or ranges property
/home/debian/metrics/worker1/cache/22.03.0-rc1/mediatek/mt7622/build_dir/target-aarch64_cortex-a53_musl/linux-mediatek_mt7622/tmp/openwrt-22.03.0-rc1-3bb64b2dd339-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb.its:54.11-56.6: Warning (unit_address_vs_reg): /images/rootfs-1/hash@2: node has a unit name, but no reg or ranges property
done
Invalid argument (22)

Things mostly work well on this device for me running master snapshots, but it seems like enabling software flow offload frequently wreaks havoc on the wired network (either LAN and/or WAN ports). Created https://github.com/openwrt/openwrt/issues/9717 .

My brand new RT3200 needs some expert assistance.
I am new to OpenWrt so I am sorry in advance for my inexperience...

I followed dangowrt's guide on GitHub and successfully flashed the prebuilt recovery-installer and then the sysupgrade. So far so good. I followed the post-install tips and entered the CPU freq and scheduling parameters.

After reboot (but without entering recovery mode) I tried flashing newest UBI snapshot sysupgrade.

And it was just stuck forever. I gave up after maybe 15 min. Now i can't boot the device normally and can only access LuCI if I hold the reset button on powerup. It looks like this:

I tried holding down reset button for 10 seconds but nothing changes.
It obviously failed to flash the latest snapshot.
Not sure what to do now or if there is something I can do to restore it and update properly.

I don't have serial access equipment so hoping there is a fix for my brand new RT3200...