Using outdated version of OpenWrt...?

I have a rather old D-link DIR601 router that I'd like to get working, since its factory firmware is extremely old. Unfortunately, I considered installing OpenWRT long after its support was dropped (due to its small ROM size).

I consider an old-ish version of OpenWRT to be better than ancient factory firmware, but I am unable to get Chaos or Barrier to compile. As you can see, it is missing a large number of packages, even if I can download the firmware pack and update the feeds.

It fails the moment I use "feeds install" even though it clearly just downloaded something during "feeds update". Furthermore, I have git installed, but it won't find it.

What do I do?

rdragonrydr@rdragonrydr:~$ cd Desktop/chaos_calmer-15.05.1/
rdragonrydr@rdragonrydr:~/Desktop/chaos_calmer-15.05.1$ ls
BSDmakefile  docs                LICENSE   README    target
config       feeds.conf.default  Makefile  rules.mk  toolchain
Config.in    include             package   scripts   tools
rdragonrydr@rdragonrydr:~/Desktop/chaos_calmer-15.05.1$ ./scripts/feeds update luci
Updating feed 'luci' from 'https://github.com/openwrt/luci.git;for-15.05' ...
Cloning into './feeds/luci'...
remote: Enumerating objects: 4136, done.
remote: Counting objects: 100% (4136/4136), done.
remote: Compressing objects: 100% (2231/2231), done.
remote: Total 4136 (delta 968), reused 2935 (delta 484), pack-reused 0
Receiving objects: 100% (4136/4136), 3.67 MiB | 5.23 MiB/s, done.
Resolving deltas: 100% (968/968), done.
Create index file './feeds/luci.index' 
Collecting package info: done
Collecting target info: done
rdragonrydr@rdragonrydr:~/Desktop/chaos_calmer-15.05.1$ ./scripts/feeds install luci
Checking 'working-make'... ok.
Checking 'case-sensitive-fs'... ok.
Checking 'gcc'... ok.
Checking 'working-gcc'... ok.
Checking 'g++'... ok.
Checking 'working-g++'... ok.
Checking 'ncurses'... ok.
Checking 'zlib'... ok.
Checking 'libssl'... ok.
Checking 'tar'... ok.
Checking 'find'... ok.
Checking 'bash'... ok.
Checking 'patch'... ok.
Checking 'diff'... ok.
Checking 'cp'... ok.
Checking 'seq'... ok.
Checking 'awk'... ok.
Checking 'grep'... ok.
Checking 'getopt'... ok.
Checking 'stat'... ok.
Checking 'md5sum'... ok.
Checking 'unzip'... ok.
Checking 'bzip2'... ok.
Checking 'wget'... ok.
Checking 'perl'... ok.
Checking 'python'... ok.
Checking 'svn'... ok.
Checking 'git'... failed.
Checking 'file'... ok.
Checking 'openssl'... ok.
Checking 'ldconfig-stub'... ok.

Build dependency: Please install Git (git-core) >= 1.6.5

/home/rdragonrydr/Desktop/chaos_calmer-15.05.1/include/prereq.mk:12: recipe for target 'prereq' failed
Prerequisite check failed. Use FORCE=1 to override.
/home/rdragonrydr/Desktop/chaos_calmer-15.05.1/include/toplevel.mk:140: recipe for target 'staging_dir/host/.prereq-build' failed
make[1]: *** [staging_dir/host/.prereq-build] Error 1
/home/rdragonrydr/Desktop/chaos_calmer-15.05.1/include/toplevel.mk:69: recipe for target 'prepare-tmpinfo' failed
make: *** [prepare-tmpinfo] Error 2
Cannot open './tmp/.packageinfo': No such file or directory
Can't open file './tmp/.targetinfo': No such file or directory
Ignoring feed 'packages' - index missing
Ignoring feed 'routing' - index missing
Ignoring feed 'telephony' - index missing
Ignoring feed 'management' - index missing
Installing package 'luci'
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'uhttpd' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'uhttpd-mod-ubus' found, maybe it's already part of the standard packages?
Installing package 'luci-mod-admin-full'
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
Installing package 'luci-base'
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libuci-lua' found, maybe it's already part of the standard packages?
Installing package 'luci-lib-nixio'
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
--snip--
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
Installing package 'luci-proto-ppp'
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libiwinfo-lua' found, maybe it's already part of the standard packages?
Installing package 'luci-proto-ipv6'
WARNING: No feed for package 'libc' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libssp' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'librt' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'libpthread' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
WARNING: No feed for package 'lua' found, maybe it's already part of the standard packages?
rdragonrydr@rdragonrydr:~/Desktop/chaos_calmer-15.05.1$ 

For security reasons it is really essential to run a current/ supported version on network connected devices, even more for the gateway securing your LAN against external attackers and botnets.

Chaos Calmer hasn't been maintained for over 2.5 years by now and contains a couple of serious security issues, which means it really shouldn't be used anymore. If your hardware can't cope with current versions anymore (given the hardware specs it's very tight, but might still chug along if you're o.k. with sacrificing some default features (e.g. the webinterface)), it may be time for a hardware upgrade after 7 years as well.

If you try 17.01.6 or 18.06.1 instead you'll get security fixes, instructions on how to build it, list of what you can remove to save space and working feeds. 17 is slightly smaller than 18. Both can be made to fit 4 MB, but it's easier with 17.

17.01.x will cease to be maintained in january.

That doesn't matter much until there are unfixed security problems that can affect a particular setup, and then it will require a new build and reflash no matter which version he chooses.

Pitch it and buy a new router. An old "N150 device" isn't doing you any favors even if you could get moderately secure and operation firmware on it. There are budget options available for under US$20 that are likely to have good support for several years to come if you're not ready or willing to go for the "enthusiast" all-in-one routers or a router + dedicated AP setup.

Very long thread, many opinions and suggestions:

What @jeff said, it's more or less not worth spending (wasting) time on.

It still works, and would primarily be used for non-permanent operation ("Hey, we need a temp AP over here..."). I know that it's crap, especially now, and I am hoping to get a replacement soon. Still, it would be useful for me to know how to get older routers working (especially in the near future if the requirements increase again).

When using the imagebuilder, I don't have the option to create a full device image (eg, sysupgrade). How would I do that for a modern version of the software?

I actually just tried (the reason for the long wait) and got this as the listing for the compiled softwares:

config.seed                                   
openwrt-ar71xx-tiny-vmlinux.bin       
openwrt-imagebuilder-ar71xx-tiny.Linux-x86_64.tar.xz
openwrt-ar71xx-tiny-device-dir601a1.manifest  
openwrt-ar71xx-tiny-vmlinux.elf       
packages
openwrt-ar71xx-tiny-root.squashfs             
openwrt-ar71xx-tiny-vmlinux.lzma      
sha256sums
openwrt-ar71xx-tiny-uImage-lzma.bin           
openwrt-ar71xx-tiny-vmlinux-lzma.elf

What are these files and how would I use them? I can't find a normal "sysupgrade" image in there at all.

"sysupgrade" images are device specific and in another directory. They also have a habit of not appearing at all when they can't be built, such as not enough space on the target device.

Best way to try to shoehorn more into less is with a from-source build, stripping out everything you absolutely don't need, and stripping out all possible debug that you can. The full build environment isn't much more complicated to install than the image builder and is an order of magnitude more flexible, even before tweaking source or build options.

That build was from source, actually. I'm not sure how I'd shrink it down further; I got errors every time I tried removing the ipv6 packages, for instance (I've never had much luck with that, even though I tried the setup shown in the wiki).

Where is the other build directory? I tried bin/targets/arch/tiny, and it wasn't there. The equivalent path has the sysupgrade file when building for other targets.

Try building with V=s (I think I got the capitalization right on those). I'll bet you see the image fail as being too large.

Can't remove IPv6 in any reasonable way, nor should it make a lot of difference any more as IPv6 is pretty much baked into the kernel and networking stack. There are applications that will fail without it, as they bind to the IPv6 loopback.

Turn off symbol table generation, debugging, ..., make sure -Os is selected, make sure xz compression at "max" is used for the image, get rid of every package you can, remove all kernel modules you aren't using (PPPOE, PPP, ... ), pray hard.

Then hope that once you've gotten it into ROM, you don't run out of RAM.

Turn off symbol table generation, debugging, ..., make sure -Os is selected, make sure xz compression at "max" is used for the image, get rid of every package you can, remove all kernel modules you aren't using (PPPOE, PPP, ... ), pray hard.

I've never had to do those. How would I set that up?

Yeah, I've had that last one. Older version of the firmware mis-configured the RAM size in the configs for my device, and I had a rather interesting time getting a new one on there since any attempts made it crash, and I hadn't added a serial modem...

If you just want to disable IPv6:

Use  `make menuconfig`
Go to  `Global Build Settings`
Disable  `Enable IPv6 support in packages`

And comile again

Wade through make menuconfig for anything interesting, such as:

• Global build settings
• Advanced configuration options (for developers)
• Target Images
• Kernel modules

You've got to get, as I recall, three erase blocks left in the JFFS file system for it to work.

I have an DIR-600 A1 device (DIR-601 and DIR-600 A1 can use the same image), and it got troubles before getting build images, any image lager that 3.5mb won't generate factory and sysupgrade images. Disabling ppp, kmod-ppp, removing opkg, enabling sstrip (kernel and libraries) and using squashfs blocksize 1024KiB, the build environment generate images for this device. Currenly I'm using trunk builds for my device

In case that it helps you, here is my build config, (change the config in the menuconfig your DIR-601 device)

CONFIG_TARGET_ar71xx=y
CONFIG_TARGET_ar71xx_tiny=y
CONFIG_TARGET_MULTI_PROFILE=y
CONFIG_TARGET_DEVICE_ar71xx_tiny_DEVICE_DIR600A1=y
CONFIG_BUILD_PATENTED=y
CONFIG_CLEAN_IPKG=y
CONFIG_KERNEL_COREDUMP=y
CONFIG_KERNEL_DEBUG_INFO=y
CONFIG_KERNEL_DEBUG_KERNEL=y
CONFIG_KERNEL_ELF_CORE=y
CONFIG_KERNEL_KALLSYMS=y
CONFIG_KERNEL_SWAP=y
CONFIG_PACKAGE_kmod-nls-base=y
# CONFIG_PACKAGE_kmod-ppp is not set
CONFIG_PACKAGE_libiwinfo-lua=y
CONFIG_PACKAGE_liblua=y
CONFIG_PACKAGE_liblucihttp=y
CONFIG_PACKAGE_liblucihttp-lua=y
CONFIG_PACKAGE_libubus-lua=y
CONFIG_PACKAGE_lua=y
CONFIG_PACKAGE_luci=y
CONFIG_PACKAGE_luci-app-firewall=y
CONFIG_PACKAGE_luci-base=y
CONFIG_PACKAGE_luci-lib-ip=y
CONFIG_PACKAGE_luci-lib-jsonc=y
CONFIG_PACKAGE_luci-lib-nixio=y
CONFIG_PACKAGE_luci-mod-admin-full=y
CONFIG_PACKAGE_luci-mod-network=y
CONFIG_PACKAGE_luci-mod-status=y
CONFIG_PACKAGE_luci-mod-system=y
CONFIG_PACKAGE_luci-proto-ipv6=y
CONFIG_PACKAGE_luci-proto-ppp=y
CONFIG_PACKAGE_luci-theme-bootstrap=y
# CONFIG_PACKAGE_opkg is not set
# CONFIG_PACKAGE_ppp is not set
CONFIG_PACKAGE_rpcd=y
CONFIG_PACKAGE_rpcd-mod-rrdns=y
CONFIG_PACKAGE_uhttpd=y
CONFIG_STRIP_KERNEL_EXPORTS=y
CONFIG_USE_MKLIBS=y
CONFIG_PACKAGE_kmod-lib-crc-ccitt=y
CONFIG_PACKAGE_libpthread=y

You can use it to generate you build images if you want in lede 17.0x builds (old but with more free ram, but soon will be discontinued) or with openwrt 18.0x builds (current version stable and secure).

Hope it helps you

Thanks. That does seem to have helped. Assuming it's not corrupted, the image is only 3.4 MB. I'm checking to see if I can squeeze in a few more items.

Still, is there any way to make an archive of the builder (source OR precompiled) that won't error out down the line once the current one's out of date (perhaps a version with all the package sources or binaries downloaded already)? I'd like to be able to keep the hardware working past a change that really breaks support or prevents me from using the packages I need, even if it's less secure (after all, it's still an improvement over factory, and I might need to rebuild to add something later).

This part might go off topic, but I especially refer to my battery-operated one with only 32M of RAM. Losing that would greatly upset me, since that subtype is rare and it already has more specs than most, and it will eventually have the same type of problems (worse, since RAM issues can't be found before installing!).

@Mynzer You could disable some of the debugging stuff (KALLSYMS e.g.) that should give you some more headroom. Some of these debugging settings are disabled in stable builds by default.

@Borromini, Many thanks, I will try your suggestions, I was searching how to squeeze this image a little bit more

@callmesteve, , seem strange that after you made those changes, you still can't get your build images for your device, I don't know if you run in your build environment a make dirclean then make menuconfig (remove your packages or features) and then make V=s every time that you remove packages in menuconfig, I had troubles before when I remove packages and try to generate smaller build images when I don't run make dirclean

Sorry, but I do not see it as tragic as you say... I am stuck to Chaos Calmer for simple reason that it is the best I can have. It is not true that the newest software is the best. On ChCalmer all interfaces work super and I implemented SoftEther.org on OrangePiZero, A5V11 and Ubuntu PC. All understand each other. OPIz and A5V11 run on OpenWrt Chaos Calmer 15.05.1.
What is the risk I can experience? I use one OPiz as VPN SoftEther with local bridge back to internet, so I can connect to public WIFI anywhere without risk. So OPIz encapsulates internet into internet How could one connect to my WIFI when it is WPA protected? If not connected can not do any harm, right?

I'm not sure if this is an honest belief or a well-crafted bit of sarcasm. I'll go with the first.

First off, your loss of data and security, is your choice.

However, a compromised router can be a jump-point for further attacks, a source of DDoS attacks, or part of a C3 network used in other attacks. Your poor choices impact everyone.

The WiFi protocols have been cracked and deemed insecure since Chaos Calmer was released. They are known insecure.

No application-layer software protects against kernel or device compromises. Your VPN only protects in-flight packets between hosts. It basically does nothing about the data flowing through the device. Nor does it prevent problems with DNS spoofing or other data redirection that are trivial to accomplish with privileged access to the device.

Your VPN does nothing to prevent attacks on your router directly. "Specially crafted packets" from anywhere on the Internet can compromise the device through well-known vulnerabilities in the kernel, libraries, or application software. Your firewall rules may not stop these attacks, especially if the problem is within the TCP/IP stack itself. The kernel used in Chaos Calmer is unsupported upstream, and is unsupportable as a result.

This should scare you -- https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/version_id-194138/Linux-Linux-Kernel-3.18.23.html

Your router running Chaos Calmer is a poster child for