This is expected of all snapshots. LuCI is not installed by default in snapshot images.
Have you tried connecting the wan of this device to the lan of another router? We need to understand if this is an issue with your ISP not issuing a DHCP lease, or if the problem is related to the image itself.
That is what I've come to understand, however Luci is listed as one of the snapshot packags (see screenshot) - is there something I am not understanding? Even so, as I can't get WAN connection, I can't install Luci from CLI
WAN port:
*Upstream is another router.
*DHCP works fine - confirmed with that one working firmware image, and working with my computer. Not sure how upstream hardware and config could be an issue when everything works as expected after flashing that FW from Github?:
Did you click the "Request Build" button at the bottom? If you simply download the standard build, it will not include LuCI. If you request the custom build, it should include it.
Sorry, maybe I wasn't clear (or I'm not interpreting your comment properly).
Does the wan of this device get an address when it is plugged into an upstream router's lan port?
Oh ok thanks, that's good to know re request build! Weird, it said "installed packages" with that prepopulated list so I thought they would all be there already.
The WAN of this device does not get an IP after flashing any of the snapshots (but I can SSH to it).
WAN does get an IP after flashing this firmware.
FYI, you can always look at the logs after the build has finished to verify your package was included/installed.
Hope that helps in the future when making firmware.
With the latest snapshot installed (from the OpenWrt firmware selector page), let's see your config:
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
Thanks, waiting for a build now then I'll post in here.
In the meantime - any thoughts on why I can't use root:[routerSerial] to login any more? What could change this behavior?
Well, once OpenWrt is installed, the credentials for logging in are
username: root
password: (blank by default) or <your-password-once-set>
And the default IP address of an OpenWrt device is 192.168.1.1
Sorry, yes I understand that - this is the uboot password (at least I think that is the correct terminolofy). If you check out this short guide here, it's that initial login that allows you to get into a linux shell (not uboot hush shell) and then create ./open.sh and paste the text in there (this all goes via serial) - so it's the "pre-OpenWRT".
I just downloaded the build request and I noticed it's significantly smaller (~1MB or more) from the 22r2 image I am using from that Github.
I imagine this is because there are fewer packages - do you know if there is any way to inspect a FW .bin to see what pkgs are in it and potentially what uci default scripts might be in there as well? This could potentially set me up for clarifying should this latest flash not work.
You also mentioned that logs are viewable after installation - would this log be different from the system and kernel logs? Like a specific installation log?
Thanks!
Just making sure you saw this post expounding your your question.
thanks, i did see this - for inspecting system log after installation. after flashing FW that "work", i go to look at the log in luci (system log, kernel log), and they are both blank.
Since it sounds like there isn't any option that comes to mind to check out a FW's included pkgs and uci scripts - If there is another way to compare pre-installed packages in FW A with FW B, I am all ears!
I think there's some confusion, there is.
I mean in the Firmware Selector. I'll provide a screenshot from the Firmware Selector's log.This example shows an error for easy identification. A successful build is BLUE:
STDOUT provides a list of included packages:
If this is what you meant, my apologies - the "after installation" remark confused me.
OK, I just flashed to the latest snapshot with Luci embedded, it worked.
As expected, there is no WAN connection.
I ran all those commands during the working config, as well as during this one that does not work. I also backed up a config archive .tar from the previous firmware so i could potentially restore it to this one if needs be, as i still can't figure out how to determine what the package and uci script differences are (log is empty).
strangely, despite unchecking "keep config" (so as to have a 100% clean flash), after flashing the wifi networks will still visible in Luci console.
The warning re: legacy firewall rules has finally disappeared - I will finally take the win on that front.
I left out /etc/config/wireless as this issue is limited to WAN connectivity after firmware upgrade.
root@OpenWrt:~# ubus call system board
{
"kernel": "6.6.30",
"hostname": "OpenWrt",
"system": "ARMv8 Processor rev 4",
"model": "Spectrum SAX1V1K",
"board_name": "spectrum,sax1v1k",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "SNAPSHOT",
"revision": "r26307-0868268c9f",
"target": "qualcommax/ipq807x",
"description": "OpenWrt SNAPSHOT r26307-0868268c9f"
}
}
------------
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
---------------
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option syn_flood 1
option input REJECT
option output ACCEPT
option forward REJECT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
config zone
option name lan
list network 'lan'
option input ACCEPT
option output ACCEPT
option forward ACCEPT
config zone
option name wan
list network 'wan'
list network 'wan6'
option input REJECT
option output ACCEPT
option forward REJECT
option masq 1
option mtu_fix 1
config forwarding
option src lan
option dest wan
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
option name Allow-DHCP-Renew
option src wan
option proto udp
option dest_port 68
option target ACCEPT
option family ipv4
# Allow IPv4 ping
config rule
option name Allow-Ping
option src wan
option proto icmp
option icmp_type echo-request
option family ipv4
option target ACCEPT
config rule
option name Allow-IGMP
option src wan
option proto igmp
option family ipv4
option target ACCEPT
# Allow DHCPv6 replies
# see https://github.com/openwrt/openwrt/issues/5066
config rule
option name Allow-DHCPv6
option src wan
option proto udp
option dest_port 546
option family ipv6
option target ACCEPT
config rule
option name Allow-MLD
option src wan
option proto icmp
option src_ip fe80::/10
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family ipv6
option target ACCEPT
# Allow essential incoming IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Input
option src wan
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
list icmp_type router-solicitation
list icmp_type neighbour-solicitation
list icmp_type router-advertisement
list icmp_type neighbour-advertisement
option limit 1000/sec
option family ipv6
option target ACCEPT
# Allow essential forwarded IPv6 ICMP traffic
config rule
option name Allow-ICMPv6-Forward
option src wan
option dest *
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
option limit 1000/sec
option family ipv6
option target ACCEPT
config rule
option name Allow-IPSec-ESP
option src wan
option dest lan
option proto esp
option target ACCEPT
config rule
option name Allow-ISAKMP
option src wan
option dest lan
option dest_port 500
option proto udp
option target ACCEPT
### EXAMPLE CONFIG SECTIONS
# do not allow a specific ip to access wan
#config rule
# option src lan
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:66
# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option proto tcp
# port redirect of remapped ssh port (22001) on wan
#config redirect
# option src wan
# option src_dport 22001
# option dest lan
# option dest_port 22
# option proto tcp
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
what about the /etc/config/network file?
haha sorry - my language is not superclear either. I'll clarfiy.
I have some firmware from here. When flashing to this firmware, two things happen:
Upgrading to the latest OpenWRT, I lose WAN access. Also, the official OpenWRT FW (even with the prepopulated list of buncled opkgs) is a bit smaller.
So I am looking for a way to see what is in that already-downloaded firmware on Github (as well as what uci scripts might be running after installatioin), so I can pt
You need to inquire at the location and GitHub user were you got the firmware.
This means that you're running unofficial firmware. We may not be able to provide answers here.
oops, sorry!
Appears to be exactly the same as the config/network file in the working firmware ( I queried the configs when it was working)
Additional information that may or may not be useful:
Here is the config/net output (as I mentioned, same as when it was working FW):
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd3:9347:3508::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
what is the wan connected to?
What is the output of:
logread -e udhcpc
ifstatus wan
I did send a message, waiting to hear back.
I agree re: needing to use official firmware - which is why I am trying to flash to official firmware (this thread is about not being able to get an active WAN link when using the official firmware on openwrt.org, and how there must be some additional packages installed or some uci scripts to bring the router online)
No change - I am still connecting the WAN to the router upstream, which provides internet access.
This connection works when using the old custom firmware on Github, and when plugging in any other device. It is only when using the official firmware that the WAN port does not receive an IP address from the upstream router.
No results from the logread with that filter, I can post the whole logread here but its a bit too long - maybe I can send?
I flashed back to the working firmware for now - I can get the wan status when i flash back to the official one to debug some more in a bit. Are there any other useful commands?
BTW the one that works is ip807x generic, this one is qualcomm, but AFAIK its the atheros chip so it should work (also the openWRT firmware repository lists this modem by name).
Just reported and issue in the OpenWRT Github, fingers crossed!
Thank you for your help, happy to follow up with more info if you can think of anything useful I should provide.