Rpi4 < $(community_build)

as mentioned in the notes... i'm not confident with opkg... so, nothing at the moment can be considered 'stable'...

imagebuilder was giving me size mismatches, then upon install packages were not available ( via online install )... i've since seen that part ( most ) of that is due to php failing to compile...

so unless people use these 'testing / unstable' builds we will never know if things are ok or not... leaving old builds up there without very good reason just means i'm the only one testing... and progress becomes slow...

  • the default package list changed alot recently
  • bugs and fixes to sysupgrade / init.d / *.sock were implemented recently
  • newer package restore logic was implemented recently

as mentioned proliferating older builds impedes testing / progress exponentially.... and while i'm not confident enough in the current build to 'promote' it... the only known issues ( which would also effect older builds by the way ) is the inability to install php...

I agree with you about old builds, it was lazy of me.
Thank you then, I'll use this build to reinstall. I did use php... but I can live without it.

1 Like

yeah... I could have been clearer... but when I uploaded it 10 hours ago... I seriously thought there was an issue with opkg itself...

and there was potential that it could effect older builds aswell...

so my wording was pretty tentative...

the more;

  • master settles down
  • the package list propogates out / gets more refined...
  • some of the core features are better tested / refined

...it becomes much easier to provide several build variants...

well then... it would seem you have a

i've uploaded a recent-ish build I 'think' has php... ( but several online 'pecl' packages are not available )

pkgdiff
vert@zr:/fs/sdd1/openwrt/RTNGext/cache/rpi4/builds$ diff rpi-4_snapshot_2.3.73-12_r14863_php/*ani* rpi-4_snapshot_2.3.135-45_r14870_unstable/*ani*
10c10
< base-files - 235-r14863-4a976beff4
---
> base-files - 235-r14870-93adba4597
26a27
> bzip2 - 1.0.8-1
27a29
> ca-certificates - 20200601-1
49a52,53
> coreutils-chroot - 8.32-5
> coreutils-sha1sum - 8.32-5
59a64
> debootstrap - 1.0.123-1
73a79
> flock - 2.36-2
76a83
> getopt - 2.36-2
100a108
> iputils-arping - 20200821-1
110a119,124
> kmod-crypto-acompress - 5.4.74-1
> kmod-crypto-aead - 5.4.74-1
> kmod-crypto-authenc - 5.4.74-1
> kmod-crypto-cbc - 5.4.74-1
> kmod-crypto-ccm - 5.4.74-1
> kmod-crypto-cmac - 5.4.74-1
111a126,130
> kmod-crypto-ctr - 5.4.74-1
> kmod-crypto-des - 5.4.74-1
> kmod-crypto-gcm - 5.4.74-1
> kmod-crypto-gf128 - 5.4.74-1
> kmod-crypto-ghash - 5.4.74-1
112a132,143
> kmod-crypto-hmac - 5.4.74-1
> kmod-crypto-manager - 5.4.74-1
> kmod-crypto-md5 - 5.4.74-1
> kmod-crypto-null - 5.4.74-1
> kmod-crypto-pcompress - 5.4.74-1
> kmod-crypto-rng - 5.4.74-1
> kmod-crypto-seqiv - 5.4.74-1
> kmod-crypto-sha1 - 5.4.74-1
> kmod-crypto-sha256 - 5.4.74-1
> kmod-crypto-sha512 - 5.4.74-1
> kmod-crypto-user - 5.4.74-1
> kmod-cryptodev - 5.4.74+1.10-bcm27xx-2
121a153
> kmod-ikconfig - 5.4.74-1
181a214
> kmod-scsi-core - 5.4.74-1
190a224
> kmod-usb-ehci - 5.4.74-1
205a240
> kmod-usb-ohci - 5.4.74-1
210a246,248
> kmod-usb-storage - 5.4.74-1
> kmod-usb-storage-extras - 5.4.74-1
> kmod-usb-uhci - 5.4.74-1
211a250
> kmod-usb2 - 5.4.74-1
220a260
> libcap - 2.43-1
236c276
< libgpg-error - 1.37-1
---
> libgpg-error - 1.37-2
248a289
> liblxc - 4.0.2-4
270d310
< libpcre2 - 10.35-2
277a318
> libseccomp - 2.4.3-1
280a322
> libsysfs2 - 2.1.0-3
293d334
< libxml2 - 2.9.10-2
299,340c340,392
< luci - git-20.309.25915-d8c1366
< luci-app-acme - git-20.309.25915-d8c1366
< luci-app-adblock - git-20.309.25915-d8c1366
< luci-app-banip - git-20.309.25915-d8c1366
< luci-app-commands - git-20.309.25915-d8c1366
< luci-app-ddns - git-20.309.25915-d8c1366
< luci-app-firewall - git-20.309.25915-d8c1366
< luci-app-https-dns-proxy - git-20.309.25915-d8c1366
< luci-app-ledtrig-rssi - git-20.309.25915-d8c1366
< luci-app-ledtrig-usbport - git-20.309.25915-d8c1366
< luci-app-mwan3 - git-20.309.25915-d8c1366
< luci-app-nlbwmon - git-20.309.25915-d8c1366
< luci-app-openvpn - git-20.309.25915-d8c1366
< luci-app-opkg - git-20.309.25915-d8c1366
< luci-app-sqm - git-20.309.25915-d8c1366
< luci-app-statistics - git-20.309.25915-d8c1366
< luci-app-travelmate - git-20.309.25915-d8c1366
< luci-app-uhttpd - git-20.309.25915-d8c1366
< luci-app-vpn-policy-routing - git-20.309.25915-d8c1366
< luci-app-watchcat - git-20.309.25915-d8c1366
< luci-app-wireguard - git-20.309.25915-d8c1366
< luci-app-wol - git-20.309.25915-d8c1366
< luci-base - git-20.309.25915-d8c1366
< luci-compat - git-20.309.25915-d8c1366
< luci-lib-base - git-20.309.25915-d8c1366
< luci-lib-ip - git-20.309.25915-d8c1366
< luci-lib-ipkg - git-20.309.25915-d8c1366
< luci-lib-jsonc - git-20.309.25915-d8c1366
< luci-lib-nixio - git-20.309.25915-d8c1366
< luci-mod-admin-full - git-20.309.25915-d8c1366
< luci-mod-network - git-20.309.25915-d8c1366
< luci-mod-status - git-20.309.25915-d8c1366
< luci-mod-system - git-20.309.25915-d8c1366
< luci-proto-ipv6 - git-20.309.25915-d8c1366
< luci-proto-modemmanager - git-20.309.25915-d8c1366
< luci-proto-ncm - git-20.309.25915-d8c1366
< luci-proto-ppp - git-20.309.25915-d8c1366
< luci-proto-qmi - git-20.309.25915-d8c1366
< luci-proto-wireguard - git-20.309.25915-d8c1366
< luci-theme-bootstrap - git-20.309.25915-d8c1366
< luci-theme-material - git-20.309.25915-d8c1366
< luci-theme-openwrt - git-20.309.25915-d8c1366
---
> luasocket - 2019-04-21-733af884-1
> luci - git-20.311.85590-5c5b134
> luci-app-acme - git-20.311.85590-5c5b134
> luci-app-adblock - git-20.311.85590-5c5b134
> luci-app-banip - git-20.311.85590-5c5b134
> luci-app-commands - git-20.311.85590-5c5b134
> luci-app-ddns - git-20.311.85590-5c5b134
> luci-app-firewall - git-20.311.85590-5c5b134
> luci-app-https-dns-proxy - git-20.311.85590-5c5b134
> luci-app-ledtrig-rssi - git-20.311.85590-5c5b134
> luci-app-ledtrig-usbport - git-20.311.85590-5c5b134
> luci-app-lxc - git-20.311.85590-5c5b134
> luci-app-mwan3 - git-20.311.85590-5c5b134
> luci-app-nlbwmon - git-20.311.85590-5c5b134
> luci-app-openvpn - git-20.311.85590-5c5b134
> luci-app-opkg - git-20.311.85590-5c5b134
> luci-app-snmpd - git-20.311.85590-5c5b134
> luci-app-sqm - git-20.311.85590-5c5b134
> luci-app-statistics - git-20.311.85590-5c5b134
> luci-app-travelmate - git-20.311.85590-5c5b134
> luci-app-uhttpd - git-20.311.85590-5c5b134
> luci-app-vpn-policy-routing - git-20.311.85590-5c5b134
> luci-app-watchcat - git-20.311.85590-5c5b134
> luci-app-wireguard - git-20.311.85590-5c5b134
> luci-app-wol - git-20.311.85590-5c5b134
> luci-base - git-20.311.85590-5c5b134
> luci-compat - git-20.311.85590-5c5b134
> luci-lib-base - git-20.311.85590-5c5b134
> luci-lib-ip - git-20.311.85590-5c5b134
> luci-lib-ipkg - git-20.311.85590-5c5b134
> luci-lib-jsonc - git-20.311.85590-5c5b134
> luci-lib-nixio - git-20.311.85590-5c5b134
> luci-mod-admin-full - git-20.311.85590-5c5b134
> luci-mod-network - git-20.311.85590-5c5b134
> luci-mod-status - git-20.311.85590-5c5b134
> luci-mod-system - git-20.311.85590-5c5b134
> luci-proto-ipv6 - git-20.311.85590-5c5b134
> luci-proto-modemmanager - git-20.311.85590-5c5b134
> luci-proto-ncm - git-20.311.85590-5c5b134
> luci-proto-ppp - git-20.311.85590-5c5b134
> luci-proto-qmi - git-20.311.85590-5c5b134
> luci-proto-wireguard - git-20.311.85590-5c5b134
> luci-theme-bootstrap - git-20.311.85590-5c5b134
> luci-theme-material - git-20.311.85590-5c5b134
> luci-theme-openwrt - git-20.311.85590-5c5b134
> lxc - 4.0.2-4
> lxc-attach - 4.0.2-4
> lxc-common - 4.0.2-4
> lxc-configs - 4.0.2-4
> lxc-console - 4.0.2-4
> lxc-create - 4.0.2-4
> lxc-hooks - 4.0.2-4
> lxc-templates - 4.0.2-4
345a398
> mtr - 0.93-1
366,373c419,440
< php7 - 7.4.12-1
< php7-cgi - 7.4.12-1
< php7-cli - 7.4.12-1
< php7-mod-fileinfo - 7.4.12-1
< php7-mod-iconv - 7.4.12-1
< php7-mod-session - 7.4.12-1
< php7-mod-sockets - 7.4.12-1
< php7-mod-sysvmsg - 7.4.12-1
---
> perl - 5.28.1-4
> perlbase-base - 5.28.1-4
> perlbase-bytes - 5.28.1-4
> perlbase-class - 5.28.1-4
> perlbase-config - 5.28.1-4
> perlbase-dynaloader - 5.28.1-4
> perlbase-errno - 5.28.1-4
> perlbase-essential - 5.28.1-4
> perlbase-fcntl - 5.28.1-4
> perlbase-filehandle - 5.28.1-4
> perlbase-getopt - 5.28.1-4
> perlbase-io - 5.28.1-4
> perlbase-list - 5.28.1-4
> perlbase-net - 5.28.1-4
> perlbase-posix - 5.28.1-4
> perlbase-scalar - 5.28.1-4
> perlbase-selectsaver - 5.28.1-4
> perlbase-socket - 5.28.1-4
> perlbase-symbol - 5.28.1-4
> perlbase-tie - 5.28.1-4
> perlbase-time - 5.28.1-4
> perlbase-xsloader - 5.28.1-4
376c443,444
< procd - 2020-10-25-33b799b9-1
---
> ppp-mod-pppol2tp - 2.4.8.git-2020-10-03-2
> procd - 2020-11-06-b0de8948-1
377a446
> px5g-standalone - 9
388a458
> rng-tools - 6.10-1
392a463
> rpcd-mod-lxc - 20171206
400a472
> speedtest-netperf - 1.0.0-1
403a476
> tar - 1.32-3
407c480
< tmux - 3.1b-1
---
> tmux - 3.1c-1

on the plus side... the newer builds also perform dtbo sysupgrade migration...

so anyone who uses custom /boot/overlay/*.dtbo @ dtoverlay= in config.txt no longer has to manually recreate and reboot each upgrade

I finally finished configuring all the services I want on my Rpi4 openwrt.
Also I noticed now there's squashfs images, that's a lot better for me, since in any problem I can reset to factory defaults in case of problem.You have made my life a lot easier.
However... you shouldn't have added php support... I could live without it, but now that I have it I want more.
Is there a way to install php7-mod-curl and php7-mod-json? I think those are the only 2 packages missing from all my requirements.

As a sidenote, it's amazing how such a little device can do so many things... I have it as a NAS server, vpn server (via zerotier), backup and sync server (via syncthing), ftp server, 10 internal and external web servers (most with php functions and all over https with let's encrypt certificates), torrent box, ip camera video transcoding and soon it will also route 1Gbps of traffic...

1 Like

if you cannot see them in opkg... keep an eye on the buildbot faillogs when php no longer fails to build they should become installable once again...

small update
following https://forum.openwrt.org/t/ppp-daemon-keeps-losing-ip-when-ipv6-is-enabled/73757/7

I disabled IPv6, and the PPoE disconnections under load seems to be gone...
As I don't really need IPv6 atm, I'll keep that as a workaround..
tx again

1 Like

do you have any plan to add shadowsocks ?

1 Like

2 posts were split to a new topic: Can not install luci-ssl-nginx on RPi4

php is building again if you still need to add it...

yes I do. thanks for the heads-up.

1 Like

came across @poodad s work of art hope you dont mind me sharing it...



and in stark contrast... my butchered behemoth!

community frankencase showdown! :wink:

2 Likes

i think one or two of you are using uqmi/qmi? no idea what it is really ( some sort of modem signalling protocol )... anyways... one or two noteworthy patches in 996+ specifically;

uqmi: wait forever registration if timeout set to 0
Give possibility to wait forever the registration by setting timeout
option to 0.

No timeout can be useful if the interface starts whereas no network is
available, because at the end of timeout the interface will be stopped
and never restarted.

also... the wireless seems a bit better/different with the current release/build... something must have changed...

edit: as is usually the case when poking around in iptables... I think this is probably a misinterpretation...

hmmm... wonder why my router is rejecting isp-v6-dns?;

6nat stuff... ? edit: the log seems to show two of these then a neighbour||solicit then two of these... etc. etc.... so maybe these are just 'sporadic-state' unreachables... and there is traffic getting through most of the time... funny how ip6 only has one conntrack per server... then again... there is no nat for v6, so that would make sense...

next step... log all ipv6 53... and see of these are the only queries...

nf-ipt6-maybe
[root@dca632 /usbstick 54°]# opkg list-installed | grep 6 | grep ip
ip6tables - 1.8.4-1
ip6tables-extra - 1.8.4-1
ip6tables-mod-nat - 1.8.4-1
ipset - 7.6-1
kmod-ip6-tunnel - 5.4.77-1
kmod-ip6tables - 5.4.77-1
kmod-ip6tables-extra - 5.4.77-1
kmod-ipt-nat6 - 5.4.77-1
kmod-ipt-raw6 - 5.4.77-1
kmod-iptunnel6 - 5.4.77-1
kmod-nf-ipt6 - 5.4.77-1
libip6tc2 - 1.8.4-1
libipset13 - 7.6-1
libjson-script - 2020-08-06-9e52171d-1
luci-app-banip - git-20.110.55046-74da73b
luci-lib-ip - git-20.250.76529-62505bd
luci-lib-ipkg - git-18.318.71164-4bbe325
luci-proto-ipip - git-19.307.61018-284918b
luci-proto-ipv6 - git-20.247.70930-f94958e
odhcpd-ipv6only - 2020-11-15-fb55e803-1
sqm-scripts-extra - 2016-06-08-1
dbg
### CONNTRACK

udp      17 12 src=2403:5800:ME:935c dst=2403:ISPDNS1:5::242 sport=34691 dport=53 packets=0 bytes=0 src=2403:ISPDNS1:5::242 dst=2403:5800:ME:935c sport=53 dport=34691 packets=0 bytes=0 mark=0 use=1

udp      17 12 src=2403:5800:ME:935c dst=2403:ISPDNS2:1::142 sport=34691 dport=53 packets=0 bytes=0 src=2403:ISPDNS2:1::142 dst=2403:5800:ME:935c sport=53 dport=34691 packets=0 bytes=0 mark=0 use=1


### TCPDUMP

16:07:51.111083 00:11:32:96:42:ME > 00:a2:00:b2:00:GW, ethertype IPv6 (0x86dd), length 286: (flowlabel 0x5dc4d, hlim 64, next-header ICMPv6 (58) payload length: 232) 2403:ME:935c > 2403:ISPDNS2:1::142: [icmp6 sum ok] ICMP6, destination unreachable, unreachable port, 2403:5800:ME:935c udp port 34691

16:07:51.119210 00:11:32:96:42:ME > 00:a2:00:b2:00:GW, ethertype IPv6 (0x86dd), length 286: (flowlabel 0x2d748, hlim 64, next-header ICMPv6 (58) payload length: 232) 2403:5800:ME:935c > 2403:ISPDNS1:5::242: [icmp6 sum ok] ICMP6, destination unreachable, unreachable port, 2403:5800:ME:935c udp port 34691

### that was before trying to add some ACCEPT rules but still happens :*

[root@dca632 /usbstick 55°]# ip6tables-save -c | grep -v '0:0' | grep -E '(2403|WAN|wan)'


[976:82307] -A FORWARD -o eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
[1051:84032] -A FORWARD -i eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: Zone wan MTU fixing" -j TCPMSS --clamp-mss-to-pmtu
[40:7975] -A INPUT -s 2403:5800:1:5::242/128 -j ACCEPT
[41:8198] -A INPUT -s 2403:5800:100:1::142/128 -j ACCEPT
[788:191978] -A INPUT -i eth1 -m comment --comment "!fw3" -j zone_wan_input
[12:2077] -A FORWARD -i eth1 -m comment --comment "!fw3" -j zone_wan_forward
[77:13282] -A OUTPUT -d 2403:5800:1:5::242/128 -j ACCEPT
[78:13429] -A OUTPUT -d 2403:5800:100:1::142/128 -j ACCEPT
[1313:242070] -A OUTPUT -o eth1 -m comment --comment "!fw3" -j zone_wan_output
[1242:297410] -A zone_lan_forward -m comment --comment "!fw3: Zone lan to wan forwarding policy" -j zone_wan_dest_ACCEPT
[79:6132] -A zone_wan_dest_ACCEPT -o eth1 -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
[2476:533348] -A zone_wan_dest_ACCEPT -o eth1 -m comment --comment "!fw3" -j ACCEPT
[12:2077] -A zone_wan_forward -m comment --comment "!fw3: Custom wan forwarding rule chain" -j forwarding_wan_rule
[12:2077] -A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
[788:191978] -A zone_wan_input -m comment --comment "!fw3: Custom wan input rule chain" -j input_wan_rule
[11:2530] -A zone_wan_input -s fc00::/6 -d fc00::/6 -p udp -m udp --dport 546 -m comment --comment "!fw3: Allow-DHCPv6" -j ACCEPT
[1:72] -A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
[64:4608] -A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 134 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
[327:23544] -A zone_wan_input -p ipv6-icmp -m icmp6 --icmpv6-type 136 -m limit --limit 1000/sec -m comment --comment "!fw3: Allow-ICMPv6-Input" -j ACCEPT
[385:161224] -A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
[1313:242070] -A zone_wan_output -m comment --comment "!fw3: Custom wan output rule chain" -j output_wan_rule
[1313:242070] -A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
[385:161224] -A zone_wan_src_REJECT -i eth1 -m comment --comment "!fw3" -j reject

Yup, one of the available protocols for the mobile broadband modems. I am using NCM though.

1 Like

hi i cant seem to make sqm work. it gets stuck at loading with an error "resource not found"

/etc/init.d/sqm enabled && echo ok
grep localversion /etc/custom/buildinfo.txt
uci show sqm
ifconfig  | grep '^[a-z]' | awk '{print $1}'

have you enabled the service?

Sorry, this is my first time using openwrt. How do you enable service? I tried the codes, sqm still not showing. s

2 Likes

go to system > startup > click disabled next to sqm if it is the first button then click start
go to network > sqmqos > tick enabled
click save and apply...

never seen that luci message before... ( something to fix :slight_smile: ) if/when you run a normal-release... you don't need the [startup] step...

1 Like

I can see it now. Thank you!

1 Like