Good morning.
Quick question: if I'm using my Archer C7 V2 as an AP and I'm building my own firmware, is it possible to build it without including firewall, dnsmasq, and odhcpd? Will it cause any problems?
As part of the instructions on setting OpenWrt as an AP, it is recommended to disable and stop these three services. I just wonder if not including them in a custom build would work...or will it cause more problems than it solves?
Just wondering. Thanks in advance.
The only time you can deselect firewall in the configuration is if you don't have luci, otherwise it's a required dependency
Got it. Thanks.
If I recall correctly it's a dependency if you select one of the options in luci > collections while doing make menuconfig. You can however not select anything there, but add the required packages for luci manually without needing to add the firewall. It does obviously mean finding and selecting each package rather than just selecting one option though.
Iirc you need luci-base, luci-mod-network, luci-mod-status, luci-mod-system and at least one luci-theme-XXX with luci-theme-bootstrap being the default.
You can also include luci-app-opkg if you want to manage packages via the UI.
It appears that I cannot unselect firewall or luci-app-firewall. I'm guessing that the menuconfig tool will not allow me to do so.
So, I will just build with these settings on and deactivate upon flashing.
Firewall is a dependency of luci-app-firewall which is a dependency of the luci meta-packages. If you want to build without firewall then you can't select any of the options for luci from luci > collections in the menuconfig. You then have to manually select the relevant luci packages if you still want luci in your image.
Hi - this actually looks a lot like what I have tried to do to get OpenWrt 19.0.7.3 running on my TL WA801NDv3.
I've posted about it here, but long story short it definitely is possible to remove firewall, dnsmasq and odhcpd.
Rules of the game - you can't use luci package, you must use the individual packages, and you have to not include luci-app-firewall (despite what all the docs say). I did this to make sure I had enough space for the full wpad rather than the default wpad-mini for my tiny target device. Seven plus days uptime and everything seems to be working fine.
Hey Tim.
Thank you for your reply. I do have a question: if I remove the LuCI package and install only the needed individual packages, am I still able to access the web GUI or will I only be able to set things up via command line?
Thanks.
If you add the correct packages you'll still be able to use LuCi. It just won't have things like the firewall pages.
As @krazeh says, you can install the correct packages to get a "cut down" luci, which still gives you a GUI for the bits you've installed.
There are several pages outlining what you can do:
My list of packages for luci was:
uhttpd uhttpd-mod-ubus libiwinfo-lua luci-base luci-mod-admin-full luci-theme-bootstrap
Note that it doesn't include luci-app-firewall
Thank you @krazehand and @timothyjward for your input. I was able to build a firmware that doesn't have firewall, dnsmasq and odhcpd. I can see those entries gone from the Startup tab in LuCI.
Thank you for your help. This helped answer my question.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.