Rpi4 < $(community_build)

Oops, maybe I've included them in package.txt. Here are my contents:


Probably other packages make sense, but these are the basic ones.

1 Like

ok... not too big... looks like under 1-2M-ish... looks pretty dormant too...

you will probably need ENABLEDSERVICES="nut-server ..." ... we will test it out on the next build...

1 Like

I'm also using mosquitto, it works great in your build.

1 Like

new tab for rate? I don't remember seeing it before. status > Realtime graph

but it is stuck at collecting data, need to config it?

1 Like

yeah... it's pretty cool... ( just also noticed this the other day )

seems to be added/augmented by nft-qos... but as that app is a little problematic right now... not worth investigating/trying-to-test for a few weeks...

probably populated by the nft-qos monitor feature...

edit: i've semi-fixed/modded this up for you on the next build (3.5.61-11+);

  • enable and start nft-qos to populate...
  • (hardcoded for br-lan)
  • won't pickup new static ip's without a manual restart
  • does not handle ipv6 (gui limitation)

can I install this package?

[OpenWrt Wiki] SNORT

sure... it's very hard to setup... tho'... (without a linux background, easier than radius, voip, captive portals tho', plenty of online docs...)

I used to include snort3 (even harder) with some sample setup config... but results were a bit mixed and did not use it for several months so I recently removed it (about 1.5 months ago)...

would be nice to include some sample configs for snort2 if I/anyone gets around to it one day...

in todays ssl world... it has become a little less relevant... still great for medium/large networks to detect(initially) common nasties... but not quite powerfull enough compared to commercial L6+ dpi solutions...

it was good when I ran it for a day or two tho'... gave really good insight with IOT/dns chatter... but probably not something i'd use everyday without a dedicated device for it... even considering the rpi4 resources...

tc-(or switchport) mirroring to a full distro would probably be a better way to go...

1 Like

then it is not for me. I just wanted to test it.

any other such package with luci gui?


not sure if it has a (luci... I think it's web based for small installs) gui... but the most relevant thing to come along of late is below, but it's very commercially orientated...

maybe they offer a trial...

Open Source DPI and Network Intelligence Engine (Beta) - #39 by pbaldwin

probably more accessible / practical / promising... is this crowdsec PR from @erdoukki ...

which i'll take a look at integrating if/once it's functional/pushed...

not too sure about a gui tho'...

(he also recently pushed fail2ban which is in a similar category)


They do...
Pretty WebUI in the cloud, but the costs are too high for home users...
A small LuCI interface can be developed, as have be done for PFSense version of Netifyd !

A standard but mostly linux advanced users only !

A Fail2Ban alternative with centralized bad IP freely shared to any clients.
A lot of features to go...
Very promising !

Still waiting for the merge, it is already validated and functional...
You can already tests packages from the CI build -> https://github.com/openwrt/packages/actions/runs/1265111620 (look down to artifacts...) :wink:

The GUI is only available in CrowdSec WebSite :
It is very simple for now but also very effective...


thanks for all the extra info / nicely answered and summarized :+1: (saves alot of research/time!)

cool! had no idea you can test directly from those... :vulcan_salute:

1 Like

Getting RPCError flag when in LuCI Status -> Wireguard. Looks like the config is stuffed after latest update. Worked well on every update prior.

1 Like
  • do you mean 'current'/devel/3.5.61(r17625)?
  • are you saying that something changed your config?

thanks the report... suspected several things to be not quite right (as in RELEASE_NOTES )... so good to know what they are... will update the notes... (edit: they already had a note about this)

  • downgrade and if you are game test the next major/current to see if the issues persist... ( current is pretty much for this purpose... i have 'testing' but nobody would use that )
  • we may be looking at several iterations


I was incorrect. It's just the status page that seems unavailable. Wireguard still works.

Will keep upgrading and see how we go!

1 Like

sweet... i'm not using wireguard right now... so it's great to get the feedback / have a few people who use it testing 'current'...

should be a newer build to test within the next day or two.... ( r1763x+ )

it also possible to upgrade components

rpi4-official-opkg.sh upgrade luci-app-wireguard
1 Like

Hello Sam, hope you are well. I am new to Openwrt and recently installed it in my spare RPi4B. I am planning to create VLANs like Guest, IOT and LAN. At the moment, I am using with the basic functionality like the onboard eth0 as LAN and USB Ethernet as WAN which is connected to my broadband router. Unfortunately, I don't have an option to put my ISP router in bridge mode so had to deal with double nating. As of now, I have disabled all the security features, DHCP etc in my ISP router except DMZ allowing my RPi4B to handle it all for my network. All is working now (LAN setup) as I have connected a dump access point to my RPi4B router eth0 port. I would like to understand on how we can expand it like I mentioned initially on what I am trying to achieve. Thank you in advance.

I'll save 'sam' the awkwardness...;

  1. RPI VLANS - See links at the bottom of this page https://github.com/wulfy23/rpi4/blob/master/HARDWARE.md
  2. AP VLANS - See openwrt wiki 1 2
    that wiki guide(1) is probably not the best example...

as you seem to have similar needs to 2 above;


best to continue the discussion there if needed ( not build related ), if/when you do... you will need to say what AP/OS you have running...

1 Like

Apologies and thank you wulfy23 for sharing the details. Let me go through them and try to fit it to my needs. Appreciate your work with regards to the openwrt build for RPi4B.

1 Like

Hey there wulfy!

Back again here with a seemingly odd issue, it appears I'm unable to upgrade to latest stable branch due to problems mounting the backup partition, rpi-sysup-upgrade.sh is getting stuck on saving config files every time I attempt to upgrade.

Is there anywhere I should be looking to diagnose the issue?

I'll attach current output in the meantime.

[root@RPi-OpenWRT /]# /bin/rpi-sysup-online.sh -R stable
   stable [newer-major] 3.5.56-3(3.5.7-2)
image@tmp: /tmp/rpi4.64-snapshot-26757-3.5.56-3-r17530-ext4-sys.img.gz
Wed Sep 29 01:22:04 CDT 2021 upgrade: validate-good c0deddb19dd737be /etc/opkg/keys[ok] /etc/custom/keys[ok]
Wed Sep 29 01:22:05 CDT 2021 upgrade: Reading partition table from bootdisk...
Wed Sep 29 01:22:05 CDT 2021 upgrade: Reading partition table from image...
Wed Sep 29 01:22:05 CDT 2021 upgrade:  disk:> 1  8192  786432 > 2 802816 123932672
Wed Sep 29 01:22:05 CDT 2021 upgrade: image:> 1  8192  786432 > 2 802816 1966080
Wed Sep 29 01:22:05 CDT 2021 upgrade: Layout changed writing full image...
mount: /etc/backup: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
Cannot mount '/etc/backup' as tmpfs to avoid touching disk while saving the list of installed packages.
Wed Sep 29 01:22:38 CDT 2021 upgrade: AUTORESTORE [ok] add[127] rem[1]
Wed Sep 29 01:22:38 CDT 2021 upgrade: Saving config files...
Failed to create the configuration backup.
1 Like
sysupgrade -b /tmp/test.tar.gz
ls -lah /tmp/test.tar.gz
df -h