[GCC 7.2 BUILD] Optimized TP-Link Archer C7 V2 AC1750 LEDE Firmware

gu3d3s · August 22, 2017, 1:59am

Hello,
Finally reached my Archer C7 V2, I can not wait to install this vs the LEDE, but before by security and avoid what happens with another router my a C50, that brick and I had not made a backup of the entire flash chip and ended up getting Without the original MAC.

I have to help my friends how to do a backup of the original F/W to TP-LINK before installing LEDE, I tried to get into SSH but it was not possible, so I would like guidance and / or a tutorial on how to do it These procedures. Reminding me that I use a Macbook to edit these files

Thank you all for the help.

LinuxfarmerHH · August 22, 2017, 4:33pm

TP-Link Archer C7 v2
LEDE Reboot SNAPSHOT r4684-0b7f7606dd / LuCI Master (git-17.220.63907-bbcf73f)

Just for information, found out that with enabled sqm-qos my C2 crush down on the switch to 1/10 wan speed by nearby 100% CPU. There are threads in the TP-Link forum where the C2 seems to do the same with their firmware and sqm-qos.
So i switched to the old qos model that run a bit more friendly, have the same throughput like my backup WDR3600/Lede.

kyledawg92 · August 23, 2017, 12:20am

Any chance of getting this build with dissent1's sfe patch? Maybe someone has one compiled already?

gu3d3s · August 23, 2017, 3:13pm

How do you get access via SSH with the factory firmware, is it possible?

CyclopSW · August 24, 2017, 2:35am

After flashing the factory us firmware, it looks like some packages are missing, namely the kmod-gpio-button-hotplug needed to access the failsafe and reset. I have tried installing it separately, but getting Cannot Specify Dependencies.

shunjou · August 25, 2017, 6:42am

I ran my own custom build based on this firmware with the new patch and sqm is working nicely. Repo is here.

LinuxfarmerHH · August 26, 2017, 12:04pm

Did a sysupgrade to the latest nightly build, here are suggestions for next builds.

Include the dnsmasq-dhcp6 as base, because using IPv6 got a problem when the IPv4 only version is the base version.
Don't include a qos module, to save a bit of space, so the user can choose. Here the old qos performs much nicer that the sqm-qos that mangle the switch throughput below 100mbit.

node · August 26, 2017, 5:27pm

Hey gu3d3;

Let me try and help you get back any router. You require.

1). UART-Serial adapter ( A must have when dealing with any Linux base router).

2). Download Putty & TFTP ( On a MAC you can use Terminal)

3). Any firmware for your router does not matter once it is for your router.

You will need to open your and solder the Serial Adapter wires to the serial points on your router. I will highly recommend you leave the wires there and for future use.

The wire you need to be solder to the TX / RX / GRD of the Serial console points in the router.

Now connect your Serial adapter to your PC / MAC and make sure it is recognized and note the Com port the PC / MAC has it on set it to. Set /115200 baud / none / none /1 / some routers communicate at 57600 baud.

Start putty and set up the serial communication as above and save the connection.

Now connect the RX of your Serial adapter to the TX from the router and the TX of the Serial Adapter to the RX of the Router GRD to GRD.

Connect a cat cable to your LAN on your PC / MAC.

With putty started power on your router you will see a heap of text scrolling by. If you notice in all that text something telling you press 1 or any key do it that is the easy brick to get out off the boot will stop just type firstboot, then reboot you will see the router back up.

If the router is in a constant loop at anytime type tpl tpl tpl till it stop the loop. Once the loop has stopped,

Next type tftpboot it will try and download a file hit CTRL-C to stop it.

Now look carefully at the text on the screen you will see TFTP Server and an IP address like 192.168.1.100 our IP is blah blah.
and most important a Firmware like '6F01F....img'

You now need to set this IP on your LAN as a fix IP / subnet / and GW set it to 192.168.1.1

Next fine the .bin you have for your router and rename with this file name and save it.

Start the TFTP program make sure the server address is pointing to the LAN fix IP you set and point the TFTP server to the directory that contain this renamed file.

Now go back to Putty and type
tftpboot
the firmware will load into the router

After the firmware is loaded you will see in Putty something like (fd0000 hex)

now at putty prompt type
erase 0x96f020000 +fd0000 ( whatever that hex number you got)
Look at the right side of putty screen you will see some numbers counting up, wait till it is finished.
You will see erase some number sectors.

Next type
cp.b 0x81000000 0x9f020000 0xfd0000 ( Again whatever number you got).

when you see Done. type reset.

You will see your router reboot normally and you are in to your router again.

Remember to reset you LAN properties, close the TFTP server.

I hope this will help you and others to get out of a Brick state. This should work with almost every router.

gu3d3s · August 26, 2017, 6:25pm

@node

Thanks for the step by step, I'm waiting to receive serial / TTL and instructions are going to be of great help

Thanks for the help

node · August 27, 2017, 9:33pm

r00t

Will your built be upgraded to the latest Kernel 4.4.83-1? Also, is it possible to include iptables-mod-tproxy and knod-ipt-tproxy ; kernel-modules>netfilter-extensions.

Thanks Much.

Leverbush · August 28, 2017, 6:26am

Any luck with that? I couldn't find anything.

node · August 31, 2017, 4:26am

Tried sysupgrade Aug 29th Kernel went to 4.4.83 but loss all the configuration and the service tap, even Luci had to be reloaded. Went back down to .4.4.79

DjiPi · August 31, 2017, 3:05pm

This is the expected behavior on sysupgrade. Only basic configuration is preserved and you need to reinstall all your manually installed packages.

https://lede-project.org/docs/user-guide/sysupgrade.cli#post-upgrade_steps:

Reinstall user-installed packages...

node · August 31, 2017, 3:27pm

Thanks JP, I mover to the Nightly built since r00T built is still at 4.4.79. run the sysupgrade.bin all was updated fine with the kernel I wanted. Just cannot get iptables-mod-tproxy to load normally do not want to force load it, shadowsocks-server still not seeing it if I do.

rowanalex · September 1, 2017, 7:07pm

I'm trying to setup iptables to block repeated attacks of ssh ports from wan on the latest build - r4684-0b7f7606dd. But, the conntrack state module seems to be broken or atleast I can get it to work.

Installed iptables-mod-conntrack-extra
Marked wan zone with option conntrack '1' in firewall conf
firewall.user has ->
iptables -w -I zone_wan_input 2 -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 300 --hitcount 3 --name ATTACKER_SSH --rsource -j DROP

I know the rule works fine if we remove the -m recent and just drop traffic on 443.

Is there a way to enable hit count tracking on the Archer C7?

dacarrs · September 1, 2017, 7:57pm

Take a look at this [GCC 7.2 BUILD] Optimized TP-Link Archer C7 V2 AC1750 LEDE Firmware I think it can be related, I had a similar problem.

rowanalex · September 2, 2017, 4:50am

I started with -m state as well and fixed it to -m conntrack --ctstate NEW after seeing your post. So, that's already taken care of. Still no dice

node · September 5, 2017, 8:27am

hobbsAU
Can you run a iperf test on the latest nightly build please? Also your repo, do you have any plans of dating it?

jackiechun · September 10, 2017, 10:11pm

Just noticed the 2017-09-10 release. Will flash it when there's an opportunity to in the house. Thank you @r00t!

jhracham · September 15, 2017, 5:36am

@r00t
Can you please also build this firmware version for the Archer C7 V2 IL version?

Thanks for this great build.