Safest way to upgrade from 22.03 rc4 to 22.03.0

What's the safest way to upgrade from 22.03 rc4 to 22.03.0 and get it to work, on Linksys E8450?

I've tried upgrading 3 times, and all ended up in failure.
I'm currently using iptables, and I have miniupnp, watchcat, ddns, dnscrypt-proxy and sqm installed.
After upgrading, miniupnp doesn't work, and I can't ping from my computer connected to the router.

When I say miniupnp doesn't work, it appears to be due to a lack of a routing table/zone in the firewall that I've no idea how to fix and the fix appears to be just adding a table/zone.

When I say I can't ping, I can't ping IPv4, and can't ping IPv6, as well as can't surf the internet.

I suspect this is due to firewall issues.
Is there anyway I can install packages to convert from iptables to firewall4 on rc4, ensure the firewall and miniupnp is working, before I perform an upgrade?
If so, how do I do this?

Can someone advise?

Thank you.


Do you know if you run OpenWrt with UBI or non-UBI layout?

How did you try to upgrade 3 times?
OEM-boot loader, CLI or web-GUI?
It depends on if the device runs with UBI layout or not.


Do you have a firewall.custom or any other scripts that call iptables directly?

If everything in the firewall is implemented with UCI fw3 / fw4 blocks in /etc/config/firewall, it should migrate.

Yes, and all it does is block a few IPs.

Here's what I currently have in /etc/firewall.user:

iptables -I FORWARD -p tcp -s -j DROP
iptables -I FORWARD -p tcp -s -j DROP
iptables -I FORWARD -p tcp -s -j DROP
iptables -I FORWARD -p tcp -s -j DROP
iptables -I FORWARD -p tcp -s -j DROP
iptables -I FORWARD -p tcp -s -j DROP
iptables -I FORWARD -p tcp -s -j DROP

I'm running with UBI.

System -> Backup/Flash firmware -> Click Flash image button, choose image downloaded from


Normally there should be no problem upgrading from OpenWrt 22.03-rc4 to 22.03.0
What is the error message you get when trying to upgrade? (screenshots?)
And always check the SHA of used file.
After upgrade you have to check and manual add/check the rules from firewall.user from the old config, the web-GUI option for firewall.user is no longer available.

You are able to make OpenWrt builds (even with some extra packages) @ Download OpenWrt Firmware for your Device.

If you click the triangle just before Customize installed packages your able to edit this :wink:
And make sure you have the right version selected at the right.
It will take some time then you can download your (own) build.



How to check and add manually?

There are no errors shown when upgrading.


On your question:

I did struggle too, to get my rule(s) converted, as I don't have enough firewall knowledge.

That's weird, as you start this thread with:

What is/was the failure?
If the router does not automatically reboot after the upgrade, what is written in logread and dmesg?


The "upgrade" was a failure because I couldn't access the Internet after it was completed.

I tried again today, to capture the error messages and it turned out it was the firewall which was the issue, because of conversion from iptables(firewall3?) to nftables/firewall4

So, what I did, I deleted /etc/config/firewall, and tried upgrading again. After upgrading, I can access the Internet, but I lost all my firewall rules, so I just reconfigured them manually again.

Thank you for your help, @DGdodo . Much appreciated.

1 Like