Openwrt Failsafe mode & tcpdump TP-Link WDR4300

After restoring saved configuration could not connect to the router. Tried to enter fail safe and could not do this.
When I did some reset I decided to learn at what time I should press Reset button to enter failsafe mode.

I have: OpenWrt 18.06.1, r7258-5eb055306f

What I did:

Did a check if failsafe can be done

root@OpenWrt:~# grep squash /proc/mounts
/dev/root /rom squashfs ro,relatime 0 0

Opened firewall rule for 4919

sudo ufw status
[sudo] password for john: 
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
4919/udp                   ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
4919/udp (v6)              ALLOW       Anywhere (v6)

Started tcpdump

sudo tcpdump -Ani enp5s0 port 4919 and udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp5s0, link-type EN10MB (Ethernet), capture size 262144 bytes

Then started the router and nothing has happened.

Initially I had WAN connected to ISP optic router. Lan1 port was connected to my additional 1Ghz TPLink switch and my pc was connected to that switch.
When I did not capture any packets. I brought router into the room where PC is and tried next:

  1. PC Connected to switch and the router connected to switch using 1st LAN
  2. PC Connected to switch and the router connected to switch using WAN
  3. PC Connected directly to the 1st LAN of the router
  4. PC Connected directly to the WAN of the router

Nothing worked. What did I do wrong?

Not sure what you are trying to do here. Generally one would run tcpdump on the router to monitor one of its interfaces, then connect your PC to the tcpdump instance on the router (port 4919) to have it send the monitored packets to your PC for display and analysis.

This should not require opening the firewall on the PC since it is a connection initiated outgoing from the PC.

An unmanaged switch will automatically work to forward on everything that comes over the cable, you do not need to configure anything to make it work.

1 Like

I was trying to enter failsafe mode as it is described here

Wait (with a packet sniffer) for a special broadcast packet and press a button. The packet will be sent to destination address port UDP 4919. The packet contains the text “ Please press button now to enter failsafe ”. So for example, in a terminal and using tcpdump, with the router connected to port eth0, you would enter the command

tcpdump -Ani eth0 port 4919 and udp

I was waiting and received noting. So I do not clearly understand when I need to press the button as this is

Wait for a flashing LED and press a button. This is usually the easiest method once you figure out the correct moment.

completely not clear when to press. I wanted to go the other way around, wanted to get the packet and having recorded video understand when I need to press the button. This way even if I forget I would have a video.

The 4300 should support the LED method. The "system" LED is the one to watch. It is next to the power LED on the left side and is a "gear" icon.

Plug in the power and watch the router boot up (don't press any buttons yet). When the "gear" LED starts flashing rapidly, press and release the reset button repeatedly. If you were successful, the "gear" LED will start flashing even faster. OpenWrt is now in failsafe mode.

Yes, that's right TP-Link WDR-4300 supports LED exactly as you described, I just entered failsafe state.


Thanks for your feedback on the documentation -- I tried to clarify the generic failsafe instructions to point out that the LED method is a good one for most users and provide more information on the flash rates to expect.

Brought back some button-smashing memories of my WDR4300 with now-ancient releases of OpenWrt :slightly_frowning_face: I had completely forgotten about netmsg and the broadcast packet!