Hi guys,

I would like to share with you the firmware image for the TL-WR703 in which I have been working during the last weeks.

It includes almost all the default features plus usb storage support to use it as a nas, with FTP and SFTP access, Transmission bittorrent with web interface and dynamicDNS support.

I had to remove ppp support and swap-utils to fit everything in the 4MB rom and leave the necessary free space for the jffs partition.
All the other default features are included.

Actually after installation you still have around 100Kb of free space, so you can install again swap-utils if you need them, or some other small packages.
You can also do extroot and install bigger packages in the usb drive.

I have predefined it to work in 2 different network modes which can be easily switched:
    - AP mode: the ethernet port acts as a wan. Just connectet a network cable with internet access and it will be shared over a wifi network
                This is the predefined mode after installation.
                The router IP address is 192.168.2.1
                The wifi network is called "OpenWrt" and the psk2 password is "administrator"
    - Client+AP mode: in this mode you can connect to an existing wifi network which acts as a wan and it is shared over the ethernet port.
                In this mode you can easily access the router through the ethernet port. The router IP addess is 192.168.2.1
                In this mode you can also create an additional serving wifi network which is bridged with the lan.

There is an additional user in the system which is used for FTP/SFTP access and bittorrent web interface access.
This secondary user is called "usbdrive". You can define the password for it after the first boot.

The usb storage is mounted by default in the folder "/usbdrive"

The Transmission bittorrent process is configured to start only when a usb drive is connected to the router and it is stopped automatically when you disconnect the usb drive.
The web interface for Transmission can be accessed in this address: http://192.168.2.1:9091/  when you are connected to the router, or in your wan address in the port 9091.

DynamicDNS is included in the firmware. You will need to enable it yourself and add your servicename, domain, user and password in the "/etc/config/ddns" file. Reboot the router after the changes.

There was no space left for a web interface like Luci but I have added several useful commands to control most of the features in the easiest way possible.
Here is the help file I have included in the router which explains all the commands I have added:

PREDEFINED COMMANDS FOR THIS OPENWRT ROUTER:
--------------------------------------------

?                Run to show this help.

conf_wifi_ap     Run to configure the ssid name and password
                 of the serving (AP) WIFI network.
                 Encryption is always set to WPA2-PSK. Check openwrt.org
                 for instructions to set other encryption methods.

conf_wifi_client Run and follow the on-screen instructions to
                 select an available WIFI network and connect to it.
                 Command only valid in Client+AP_mode.

disable_ap_wifi  Run to disable the serving WIFI network (AP).

enable_ap_wifi   Run to enable the serving WIFI network (AP).
                 Configure the WIFI properties with: "conf_wifi_ap"

mode_ap          Run to configure the router in AP mode (access point).
                 Connect an internet cable in router LAN port.
                 WIFI network is created automatically.
                 Configure the WIFI properties with: "conf_wifi_ap"

mode_clap        Run to configure the router as Client+AP.
                 Router connects to existing wifi network
                 and shares it through the LAN port.
                 Make sure to run "conf_wifi_client" to select
                 the network to connect.
                 In this mode it is also possible to create
                 a serving AP WIFI network with: "enable_ap_wifi"
                 Configure the AP WIFI properties with: "conf_wifi_ap"
                 Warning: AP WIFI doesn't work unless Client WIFI is
                 succesfully connected to another serving WIFI. You can
                 use a LAN cable to access the router in this mode.

removeusb        Run before unplug the usbdrive for extract safely.
                 This command also stops the bittorrent transmission.

usbpass          Run and follow the on-screen instructions to
                 change the password for usbdrive FTP/SFTP access and
                 bittorrent web interface access (http://<ip>:9091).

usbspace         Run to check the free/used space in the usbdrive.



(Ctrl+C to exit this help)

These commands are designed to make everything extremely easy for the user. For example the "conf_wifi_client" will show you a list with the available wifi networks and you just need to select one and input the password to connect to it. I posted more information about this script in another topic: https://forum.openwrt.org/viewtopic.php?pid=178731

For FTP/SFTP access I can recommend some PC and MacOS software which mounts the FTP/SFTP server as a system drive so you can use it with any application.
    - For windows you can use SFTP Net Drive or NetDrive, they are both free for single users
    - For MacOS you can use Osxfuse (install it with macfuse compatibility) combined with Macfusion , they are also free.
I have also tried an iPhone/iPad app called iFiles which supports FTP/SFTP and works pretty well; and some media players like Oplayer can load files from FTP servers.
For Android ES File Explorer has very good FTP/SFTP support.

In my case I use FTP when I am at home in my LAN network because it is a bit faster than SFTP. And I use SFTP, which is safer, when I am away from home via internet (with my dynamicDNS name)

You can download the firmware bin file from here:

http://db.tt/shdpF9XG

After installing the firmware you need to access the router for the first time via telnet and set a password for the root user with "passwd" and for the usbdrive user with "usbpass".
Then you can close the telnet session and connect to the router with SSH (ssh only allowed with root user).
You can show the help at anytime by running "?"

As a last word I will say that I don't held any responsibility of any problems or damage you can get by using this firmware. I have been working on it and testing for several weeks but use it under your own risk.
I also want to remark that even though a firewall is included, it is configured to allow all the connections from both lan and wan. You will need to change the configuration yourself if you need more security.

There is no space to include more packages in the firmware file but any other improvement suggestions are welcome.

I hope you find this firmware useful and enjoy it as much as I did preparing it.

Cheers!

EDIT:  As requested by a forum member here is another version where the transmission bittorrent client has been removed and replaced by the openvpn and openvpn-easy-rsa packages. You will need to follow the instructions from the wiki for the openvpn configuration. Here is the link for the firmware with openvpn: http://db.tt/UMWvngiJ

(Last edited by griguolcomerranas on 9 Nov 2012, 04:23)

Great job!

Hi,

i'm trying to do something similar, please can you post or send me the configuration files? or the bin file in a way i can see it?

Thanks in advance

I guess you just need the configuration files related with networking. There are nothing special, just usual configurations.

There are different network and wireless configuration files for each network mode.

Here are the ones for the AP mode:

#AP_mode
config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'wan'
        option proto 'dhcp'
        option ifname 'eth0'

config interface 'lan'
        option proto 'static'
        option ipaddr '192.168.2.1'
        option netmask '255.255.255.0'

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '1'
        option phy 'phy0'
        option hwmode '11ng'
        option htmode 'HT20'
        list ht_capab 'SHORT-GI-20'
        list ht_capab 'SHORT-GI-40'
        list ht_capab 'RX-STBC1'
        list ht_capab 'DSSS_CCK-40'
        option txpower '27'
        option country 'US'

config wifi-iface 'wifiap'
        option device 'radio0'
        option mode 'ap'
        option network 'lan'
        option encryption 'psk2'
        option ssid 'OpenWrt'
        option key 'administrator'

And here the ones for Client+AP mode:

#Client+AP_mode
config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'wan'
        option proto 'dhcp'

config interface 'lan'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.2.1'
        option netmask '255.255.255.0'
        option type 'bridge'
        option _orig_ifname 'eth0 wlan0'
        option _orig_bridge 'true'

config wifi-device 'radio0'
        option type 'mac80211'
        option phy 'phy0'
        option hwmode '11ng'
        option htmode 'HT20'
        list ht_capab 'SHORT-GI-20'
        list ht_capab 'SHORT-GI-40'
        list ht_capab 'RX-STBC1'
        list ht_capab 'DSSS_CCK-40'
        option txpower '27'
        option country 'US'
        option channel '1'

config wifi-iface 'wificlient'
        option device 'radio0'
        option mode 'sta'
        option network 'wan'
        option encryption 'psk2'
        option ssid 'Serving_Wifi'
        option key 'serving_password'

config wifi-iface 'wifiap'
        option device 'radio0'
        option mode 'ap'
        option network 'lan'
        option encryption 'psk2'
        option ssid 'OpenWrt'
        option key 'administrator'
        option disabled '1'

The dchp and firewall config files are the same for both modes:

config dnsmasq
    option domainneeded    1
    option boguspriv    1
    option filterwin2k    0  # enable for dial on demand
    option localise_queries    1
    option rebind_protection 1  # disable if upstream must serve RFC1918 addresses
    option rebind_localhost 1  # enable for RBL checking and similar services
    #list rebind_domain example.lan  # whitelist RFC1918 responses for domains
    option local    '/lan/'
    option domain    'lan'
    option expandhosts    1
    option nonegcache    0
    option authoritative    1
    option readethers    1
    option leasefile    '/tmp/dhcp.leases'
    option resolvfile    '/tmp/resolv.conf.auto'
    #list server        '/mycompany.local/1.2.3.4'
    #option nonwildcard    1
    #list interface        br-lan
    #list notinterface    lo
    #list bogusnxdomain     '64.94.110.11'

config dhcp wan
    option interface    wan
    option ignore    1

config dhcp lan
    option interface    lan
    option start    100
    option limit    150
    option leasetime    12h
    option force '1'

config defaults
    option syn_flood    1
    option input        ACCEPT
    option output        ACCEPT
    option forward        REJECT
# Uncomment this line to disable ipv6 rules
#    option disable_ipv6    1

config zone
    option name        wan
    option network        'wan'
    option input        ACCEPT
    option output        ACCEPT
    option forward        REJECT
    option masq        1
    option mtu_fix        1
    
config zone
    option name        lan
    option input        ACCEPT
    option output        ACCEPT
    option forward        REJECT

config forwarding
    option src        lan
    option dest        wan
    
config forwarding
    option src        wan
    option dest        lan
    

# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
config rule
    option name        Allow-DHCP-Renew
    option src        wan
    option proto        udp
    option dest_port    68
    option target        ACCEPT
    option family        ipv4

# Allow IPv4 ping
config rule
    option name        Allow-Ping
    option src        wan
    option proto        icmp
    option icmp_type    echo-request
    option family        ipv4
    option target        ACCEPT

# Allow DHCPv6 replies
# see https://dev.openwrt.org/ticket/10381
config rule
    option name        Allow-DHCPv6
    option src        wan
    option proto        udp
    option src_ip        fe80::/10
    option src_port        547
    option dest_ip        fe80::/10
    option dest_port    546
    option family        ipv6
    option target        ACCEPT

# Allow essential incoming IPv6 ICMP traffic
config rule
    option name        Allow-ICMPv6-Input
    option src        wan
    option proto    icmp
    list icmp_type        echo-request
    list icmp_type        echo-reply
    list icmp_type        destination-unreachable
    list icmp_type        packet-too-big
    list icmp_type        time-exceeded
    list icmp_type        bad-header
    list icmp_type        unknown-header-type
    list icmp_type        router-solicitation
    list icmp_type        neighbour-solicitation
    list icmp_type        router-advertisement
    list icmp_type        neighbour-advertisement
    option limit        1000/sec
    option family        ipv6
    option target        ACCEPT

# Allow essential forwarded IPv6 ICMP traffic
config rule
    option name        Allow-ICMPv6-Forward
    option src        wan
    option dest        *
    option proto        icmp
    list icmp_type        echo-request
    list icmp_type        echo-reply
    list icmp_type        destination-unreachable
    list icmp_type        packet-too-big
    list icmp_type        time-exceeded
    list icmp_type        bad-header
    list icmp_type        unknown-header-type
    option limit        1000/sec
    option family        ipv6
    option target        ACCEPT

# include a file with users custom iptables rules
config include
    option path /etc/firewall.user

(Last edited by griguolcomerranas on 24 Sep 2012, 04:13)

thx for you hard work!

Can you release a version to support an 8M filesystem?

In the new versions of OpenWrt there is no need to modify the firmware to make it work with 8MB flash. It will just detect the size of your chip and work accordingly.

Actually I have just upgraded my 703n last weekend with a 8MB flash chip and I am using this same firmware without any problems.

If someone is interested in the 8MB upgrade I followed the method from BizonGod which I further clarified here:
https://forum.openwrt.org/viewtopic.php … 69#p179169

With 4M uboot, you can only tftp 4M firmware.  However, once you have it working, you can upgrade to 8M firmware on the luci interface.
Yes, the 4M firmware can install opkg packages to fully utilize the 8M space.  The only reason you might want 8M firmware is if you are tight of the flash space.  If you compile the squashfs with the packages preinstalled, it will take less space if you add them through opkg.

root@OpenWrt:/bin# mode_clap
command failed: Device or resource busy (-16)
Successfully initialized wpa_supplicant
command failed: Device or resource busy (-16)
Successfully initialized wpa_supplicant

root@OpenWrt:/bin# conf_wifi_client
killall: wpa_supplicant: no process killed
Available WIFI networks:
    1 : "x1" (secure)
    2 : "x2" (secure)
    3 : "x3" (secure)
    4 : "x4" (secure)
    5 : "x5" (secure)
    6 : "x6" (secure)
Enter the numeric option for your selected network: 2
Enter password of the selected WIFI network: xxxxx


Trying to connect to WIFI network.
(Wait a few seconds and check status with: iwconfig )


command failed: Device or resource busy (-16)
Successfully initialized wpa_supplicant

root@OpenWrt:/bin# iwconfig
lo        no wireless extensions.

wlan0     IEEE 802.11bgn  ESSID:"x2"
          Mode:Managed  Frequency:2.412 GHz  Access Point: xx:xx:xx:xx:xx:xx
          Bit Rate=27 Mb/s   Tx-Power=18 dBm
          RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=70/70  Signal level=-31 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:5   Missed beacon:0

eth0      no wireless extensions.

br-lan    no wireless extensions.

It's "command failed: Device or resource busy (-16)" normal? Or how to fix it?

Also I can't connect to it with ethernet cable in mode_ap only in mode_clap that's normal? I'm newbie in OpenWrt:)

(Last edited by Antoan on 7 Oct 2012, 18:35)

Hi, will it work on TP-Link TL-MR3420 v1.3?
Now i have This one http://downloads.openwrt.org/attitude_a … actory.bin
Thanks.

Hi, yes. If everything else is working you don't need to worry about the "device or resource busy" message. It may happen when trying to enable the wifi interface.

It is also normal that you cannot connect to the router in mode_ap with an ethernet cable because the ethernet port is configured as a wan and it doesn't have any predifined ip address, it is expecting to receive one via dchp.

In mode_clap you can connect easily because the ethernet port is part of the lan network and it has a dchp server itself.

This build is specific for the tplink 703n. I don't think it is a good idea to try it in a different router.

Thanks for this.  I finally managed to flash it on to my TL-WR703n, and it seems to be working fine as an AP.  Next week I hope to put it to the test in various hotels as a Wifi repeater.  At first sight, DDNS and the Bittorrent server seem unnecessary, but mounting an USB stick and an FTP server might be useful.

Instead, you may want to enquire the external IP once and put it in in the welcome banner when you log in over SSH along with the other interfaces.   Also, I would be very interested in having an OpenVPN client for added security in hotels without having to configure each end device (mobile phone, tablet, laptop) separately.  Also configuration over Wifi would be useful.

Nevertheless, thanks very much and I am looking forward to a more stable connection over my old travel router

(Last edited by Horst_Tappert on 4 Nov 2012, 15:34)

Glad you like it!

Regarding your suggestions, the DDNS packages it is extremely useful for many people and it is barely 7kb, it is not worthy to remove it. If you don't need it don't use it. And the purpose of it is not knowing the external IP, it is to be able to reach the router when you are away by using a DNS host name instead of an IP address.

If you want to know the external IP you can just run "ifconfig" but the address you see with this command might not be the external address. For example if you are in a hotel you will probably see a private address which is provided by the hotel main router.

Regarding the OpenVPN, may be I could include it instead of the Bittorrent client. But when I made this firmware I was not thinking in a router for traveling but in a router to be stationary at home connected to a usb hard drive that's why I included the bittorrent client and not OpenVPN..
Anyway, if I have time during the next week may be I can try to build a version with OpenVPN instead.

Finally, what do you mean with configuration over Wifi? You can do ssh and configure the router from any interface. Just make sure you are using the right IP address to connect to it.

(Last edited by griguolcomerranas on 5 Nov 2012, 02:38)

Hi again.

Here you have an alternative version where the bittorrent client has been removed and replaced by the openvpn package:
http://db.tt/UMWvngiJ

You will need to follow the instruction on the wiki for the openvpn configuration.

First of all, sorry for my bad english

I'd like to try your version, but how to get back to another version and reinstall another bin without LUCI?

Zorg

Just upload your firmware_file.bin to the /tmp folder using SCP tranfer and then run a command like this:

   mtd -r write /tmp/file.bin firmware

First of all I want to thank you for this version of software! I tested as AP and repeater and it works very well !

Can I send my firmware by SCP in a directory of the USB drive because there will never be enough space on the TP link? Then change the order depending on the command path ? Sorry I started in tp link

And another small question:

I do not need DynamicDNS and bittorrent, how to uninstall cleanly without disturbing your scripts including mounting and umounting usb key

Best regards

Zorg

hi,

Small problem :

I installed my own wifi settings with conf_wifi_ap, but when I run the command "mode_clap"
TP-Link wireless configuration comes with default SSID openwrt and old password "administrator"

Regards

Zorg

I answer to myself!
In fact it should be set in two modes and it remembers

Great job griguolcomerranas!

Im finishing a project with this firmware and everything is working 100%

This is the schematic of the network:
Home Router LAN Cable -> Router 1 Wifi -> Router 2 LAN Cable -> Router 3 (Home 2 Router) Wifi AP

The objective is to extend Internet signal to another near house using wifi instead of wires.

I have two questions:
1. "I also want to remark that even though a firewall is included, it is configured to allow all the connections from both lan and wan." Do i need to make any changes or is it like any other default router configuration, i mean, is it safe enough?

2. On Router 1 and 2 i don't need openvpn or bittorrents or dynamicDNS, i actually installed the openvpn version of the firmware, can someone provide me with the location of every file of openvpn and dynamicDNS? I just what to be sure that i can install luci so i can see stats and other infos. Hope i can install luci and the configurations remain the same.

Regards

Hi, i flashed the last owrt trunk on my Wr703n and i've tried to use transmission daemon with extroot and a swap partition on the external HDD. Is it normal that the system becomes very very slow to respond to the services' request as ssh or transmission remote?

(Last edited by toketin on 17 Mar 2013, 16:26)

Yes, this is normal.

How slow is it?  Can you give some benchmark numbers?

If i try to connect to ssh or transmission remote the router respons very very slow. It takes also a minute or more to give me the service i asked for.

(Last edited by toketin on 17 Mar 2013, 17:47)