Davidc502- wrt1200ac wrt1900acx wrt3200acm wrt32x builds

mindwolf · March 22, 2020, 12:22am

@David502,

Would you add IMQ to your todo list, or point me in the right direction of someone who can?

ParanoidZoid · March 22, 2020, 1:39am

You'd need to:

Copy the patches for iptables here. Gargoyle FW is a derivative of OpenWrt, and I believe the patch has been refreshed for iptables-1.8.3.
Copy the kernel patch for your current version of Linux here: https://github.com/imq/linuximq/tree/master/kernel, and it'd be best to put it as the last patch being applied in hack-4.14, hack-4.19, or hack-5.4. You will then need to refresh the kernel patches and make any necessary modifications.
You will then need to expose the modules/features in the menuconfig. I believe that the patch in Gargoyle already does this:

--- a/package/kernel/linux/modules/netfilter.mk
+++ b/package/kernel/linux/modules/netfilter.mk
@@ -515,6 +515,27 @@
 
 $(eval $(call KernelPackage,ipt-nat-extra))
 
+define KernelPackage/ipt-imq
+  TITLE:=Intermediate Queueing support
+  KCONFIG:= \
+	CONFIG_IMQ \
+	CONFIG_IMQ_BEHAVIOR_BA=y \
+	CONFIG_IMQ_NUM_DEVS=2 \
+	CONFIG_NETFILTER_XT_TARGET_IMQ
+  FILES:= \
+	$(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
+	$(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
+  $(call AddDepends/ipt)
+endef
+
+define KernelPackage/ipt-imq/description
+ Kernel support for Intermediate Queueing devices
+endef
+
+$(eval $(call KernelPackage,ipt-imq))
+
+
+
 
 define KernelPackage/nf-nathelper
   SUBMENU:=$(NF_MENU)
--- a/package/network/utils/iptables/Makefile
+++ b/package/network/utils/iptables/Makefile
@@ -170,6 +170,21 @@
 
 endef
 
+
+define Package/iptables-mod-imq
+$(call Package/iptables/Module, +kmod-ipt-imq)
+  TITLE:=IMQ support
+endef
+
+define Package/iptables-mod-imq/description
+iptables extension for IMQ support.
+
+ Targets:
+  - IMQ
+
+endef
+
+
 define Package/iptables-mod-ipopt
 $(call Package/iptables/Module, +kmod-ipt-ipopt)
   TITLE:=IP/Packet option extensions
@@ -679,6 +694,7 @@
 $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
 $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m)))
 $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
+$(eval $(call BuildPlugin,iptables-mod-imq,$(IPT_IMQ-m)))
 $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
 $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
 $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
--- a/include/netfilter.mk
+++ b/include/netfilter.mk
@@ -110,6 +110,13 @@
 $(eval $(call nf_add,IPT_FILTER,CONFIG_NETFILTER_XT_MATCH_BPF, $(P_XT)xt_bpf))
 
 
+# imq
+
+$(eval $(call nf_add,IPT_IMQ,CONFIG_IP_NF_TARGET_IMQ, $(P_V4)ipt_IMQ))
+$(eval $(call nf_add,IPT_IMQ,CONFIG_NETFILTER_XT_TARGET_IMQ, $(P_XT)xt_IMQ))
+
+

Wish I had the time to do that myself, but I don't anymore

rainkinz · March 22, 2020, 1:56am

Sorry for the spam. I'm not sure what I did, but it's working fine now.

davidc502 · March 22, 2020, 2:16am

Sorry, at this time I'm not adding any more packages to the build until I hear from V1 and V2 owners.

I need to know how much room is left in root and overlay.

solidus1983 · March 22, 2020, 3:14am

I take it you're talking about the Cobra and Caimen?

80MB Split into mtd5/6 in to 40mb with 6mb for kernel and 34mb for the rest of the firmware.

If so with the packages you have covered as of late i would say your pretty much near limit to be honest, which means an ext partition will be needed for any more.

BigRon · March 22, 2020, 7:11pm

I will chime in as well. Unless lesser used packages are being replaced by those more in demand, for example one day, let's say more are using WireGuard than OpenVPN, then this makes sense. Not sure the community is there yet...

For those that want a package on their build, they can opkg update and opkg install <your preferred software here>, or use the System > Software functions available in LUCI. Thanks for all you do David!

Layer8 · March 23, 2020, 12:28am

Is there a reason for the default blacklist for dnscrypt-proxy2 being filled with entries on your build? Was confused on why certain domains never resolved regardless of dnscrypt/adblock settings until i thought to check the blacklist file.

As for available storage, this is on a 1200ac v1 with no additonal packages installed

Filesystem                Size      Used Available Use% Mounted on
/dev/root                20.3M     20.3M         0 100% /rom
tmpfs                   249.5M      6.7M    242.8M   3% /tmp
/dev/ubi0_1               7.4M    156.0K      6.8M   2% /overlay
overlayfs:/overlay        7.4M    156.0K      6.8M   2% /
ubi1:syscfg              29.6M    352.0K     27.7M   1% /tmp/syscfg
tmpfs                   512.0K         0    512.0K   0% /dev

davidc502 · March 23, 2020, 12:51am

(the configuration) is all default with Zero blacklists on first time use.

Thanks for the information about the file system. Still waiting to hear how those v1 and v2 owners are doing.

Layer8 · March 23, 2020, 2:37am

On r12121 the file in /etc/dnscrypt-proxy/blacklist.txt contains the following after a factory reset. Clearing it fixed the issues i was having, just wanna make sure doing so wont cause any problems.

###########################
#        Blacklist        #
###########################

## Rules for name-based query blocking, one per line
##
## Example of valid patterns:
##
## ads.*         | matches anything with an "ads." prefix
## *.example.com | matches example.com and all names within that zone such as www.example.com
## example.com   | identical to the above
## =example.com  | block example.com but not *.example.com
## *sex*         | matches any name containing that substring
## ads[0-9]*     | matches "ads" followed by one or more digits
## ads*.example* | *, ? and [] can be used anywhere, but prefixes/suffixes are faster

ad.*
ads.*
banner.*
banners.*
creatives.*
oas.*
oascentral.*
stats.*
tag.*
telemetry.*
tracker.*
*.local
eth0.me
*.workgroup

*.test
*.onion
*.localhost
*.local
*.invalid
*.bind
*.lan
*.internal
*.intranet
*.private
*.workgroup

*.10.in-addr.arpa
*.16.172.in-addr.arpa
*.168.192.in-addr.arpa
*.254.169.in-addr.arpa
*.d.f.ip6.arpa

## Time-based rules

# *.youtube.*  @time-to-sleep
# facebook.com @work

directnupe · March 23, 2020, 12:57pm

Dear YummyHamster,
Hello and I hope that you and yours are safe and well during this world health crisis. I am wondering if OpenWRT Linux Kernel Version 5.4.24 will be available on Dave's next Build or will he be offering a test Linux Kernel Version 5.4.24Build. In lieu of that happening, I am wondering if you ( YummyHamster ) would provide a link to your 5.4.24 test build as I also have a WRT 1900acs v2 ? Anyway, if any and all can point me a working OpenWRT Linux Kernel Version 5.4.24 for mvebu-cortexa9 targets ; I will be most appreciative. I have every mvebu-cortexa9 router except for OpenWrt Cobra wrt1900ac Version 2
and OpenWrt Mamba wrt1900ac Version 1 - Excuse my penchant and wont for being an early adopter

Peace

Jruuu · March 24, 2020, 2:58pm

Can someone confirm that the reason I can't add a guest wifi network, is because multi-ssid is no longer supported in the WRT3200ACM?

solidus1983 · March 24, 2020, 5:11pm

Not sure why, however if your talking of more then 2 SSID's per radio, i even have the same issue. Not sure why all i know is once a 3rd SSID is added the phy file will fail to be created or become corrupted.

This is on the WRT32X be it on David's build or my own firmware.

Jruuu · March 24, 2020, 5:19pm

Hello,

Yes, this is the issue. I noticed the problem started on all of the davidc releases after the one I am on (OpenWrt SNAPSHOT r10899-1c0290c5cc / LuCI Master (git-19.241.65047-dffe9ca). Thanks for confirming.

davidc502 · March 24, 2020, 6:17pm

The wifi driver has not changed, but the firmware blob was updated to what Linksys put out Late January. I'm not sure if that change is what is causing this issue, but what you can do is save the firmware off of r10899, and install the latest build, and replace the firmware with the old one you saved, and see if it works.

rickmv · March 24, 2020, 11:39pm

Might consider reverting wifi firmware. Many issues with the new one from the beginning of this year: 2.4GHz getting clients disconnected after an idle time, other quirks with 5GHz clients since r12235, virtual wifi breaks the interface. No real benefits from the new firmware, only drawbacks. DD-WRT is also going back to previous long time tested and stable wifi firmware.

WildByDesign · March 25, 2020, 1:50am

Thank you for sharing these details. I've been having some odd/random quirks with wireless connectivity since upgrading that firmware near the start of this year as well. Like you, I'm considering reverting as well.

Do you have a DD-WRT commit or post regarding this revert in wifi firmware that you can link to? I would appreciate it, for sure. That will also help with my decision to revert too.

solidus1983 · March 25, 2020, 2:31am

It might be to do with hostap and not the firmware of the wireless or driver.
as the file(s) that that make the ap's or sta's are made by hostap. Just a thought.

robocide · March 28, 2020, 11:10pm

hey guys , i've done super dumb mistake in my both partitions i configured my firewall to Input drop
now i cant connect to the admin dashboard of router ... though i'm still connected to it and it gives me internet ... i have no way to export of my existing configuration from it :((((( anyone has some clue if there is a way to export it ? (i know i can reset everything but i have a lot of configuration i wish i could keep...)

robocide · March 28, 2020, 11:47pm

ok this king made my day :

openWrts · March 29, 2020, 1:33am

Hello everybody.
I would like to ask: Is it possible to limit the "wrong password retries" to 3times/minute for the SSH Wan-side server if it's enabled ? (Just like ddwrt)
Thank you.