InitramFS version without firewall

Hi

Would it be possible to get version or images of initramfs kernel without firewall ?

If the AP is located in remote place (high pole, ceiling in warehouse - 10+meters,..) then it's hard to get hands on LAN port and mgmt IP 192.168.1.1 after "upgrade" to OpenWRT . Also Wlan radio is off.

I just need this for installation of OWRT, afterwards i roll my own packages etc via firmware-selector.openwrt.org, but i would rather have fwall disabled then to climb ladders.

Do a custom build where you do the basic configuration as described here.

1 Like

(just in case it is not obvious) the user has not to build from source but can just use the image-builder. Also the user does not have to even provide a custom UCI config, the image-builder can be told to disable certain services, like in this case the firewall. So the default rule set would be present but not active till it gets enabled.

For the firewall, yes. But for enabling WiFi by default?

Yes, of course you are right, I have just missed that.
Yes, to enable/configure WiFi, you have to use a custom UCI script, or provide a complete /etc/config/wireless. But both can be done with the image-builder.

1 Like

It can also be done with the online Firmware Selector:

1 Like

I have no problem using custom-builds for already installed OWRT, but i was hoping for *initramfs-kernel.bin version w/o firewall etc.

guess i have to use my own image-builder ?

need help with .config for image builder

I am using https://openwrt.org/docs/guide-developer/toolchain/use-buildsystem#using_official_build_config

how can i disable firewall/firewall4/nft/luci-firewall to be build and used?

this does not work

CONFIG_DEFAULT_firewall4=n
CONFIG_MODULE_DEFAULT_firewall4=n
CONFIG_DEFAULT_nftables=n
CONFIG_MODULE_DEFAULT_nftables=n

hints? help?

Use PACKAGES to install or remove packages and use DISABLED_SERVICES to disable services...

done building. i just hope that

openwrt-imagebuilder-23.05.0-rc2-ipq40xx-mikrotik.Linux-x86_64/build_dir/target-arm_cortex-a7+neon-vfpv4_musl_eabi/linux-ipq40xx_mikrotik/vmlinux-initramfs
is "the one" :hand_with_index_finger_and_thumb_crossed:

Good luck then :sweat_smile:

no luck here.
i see that file is transfered to mtik...and then nothing. (i don't have serial access).

snapshot version works, but i want version w/o firewall so i can access AP via eth0/wan not via eth1/lan.

But there is also an image builder for current snapshot see https://downloads.openwrt.org/snapshots/targets/

it only builds squashfs (owrt upgrade) images.
Where can i build initramfs (kernel) version ? So i can convert from RouterOS to OpenWrt ?

It's a long time I had to build a snapshot with the image-builder, so I'm not quiet sure if this is by design or an current issue :confused:

You could always build from source. https://openwrt.org/docs/guide-developer/toolchain/use-buildsystem
I would recommend to use a Debian or Ubuntu VM with at least 40 GB of storage and as much RAM as you can assign to it. Same for CPU, the more the better.
Then build a first time without any modifications. Should take 1 to 2 h on moderate hardware. If you have plenty of RAM and can build in a RAM tmpfs then you can get it down to like 15 min...
However, after the first successful build, modify/customize as you need an rebuild. A rebuild is usually quiet fast. (Building the toolchain and stuff the first time takes quiet some time...)

All, to be clear, I realized the OP never actually stated this - it's only been implied:

  • the firewall needs to be off because the WAN port will be used to re setup the OpenWrt (or initially install it)
  • whatever state the device is in, the OP has reset it (or it's in a new state - i.e. WiFi off by default)

What I'm confused at is the need for a IntramFS image. It seem the OP's intention is to do initial installations of OpenWrt on equipment mounted in unaccessible locations.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.