51

(13 odpowiedzi, napisanych Oprogramowanie / Software)

Cześć.

Dziś mój Ojciec zakończył umowę na internet na firmę i podpisał nową na siebie (z przyczyn ekonomicznych).

Minusem tego rozwiązania jest dynamiczne IP zewnętrzne.

Udało mi się skonfigurować już pakiet ddns - poprawnie.

Problem jest taki, że po poprawieniu u klienta adresu IP zew. na nazwę domeny z ovh (DynHost), nie chce się połączyć z serwerem Wierguard na OpenWRT.
W logach na androidzie nie ma nic specjalnego (wycinek)

10-26 16:13:24.695 25300 25300 D InputMethodManagerUtils: startInputInner - Id : 0
10-26 16:13:24.695 25300 25300 I InputMethodManager: startInputInner - IInputMethodManagerGlobalInvoker.startInputOrWindowGainedFocus
10-26 16:13:24.700 25300 25309 D InputTransport: Input channel destroyed: 'ClientS', fd=144
10-26 16:13:24.711 25300 25300 I wm_on_idle_called: {com.wireguard.android/com.wireguard.android.activity.LogViewerActivity}
10-26 16:13:24.711 25300 25300 I InsetsSourceConsumer: applyRequestedVisibilityToControl: visible=false, type=ime, host=com.wireguard.android/com.wireguard.android.activity.LogViewerActivity
10-26 16:13:24.752 25300 25309 D InputTransport: Input channel destroyed: 'ClientS', fd=152
10-26 16:13:24.836 25300 28041 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Handshake did not complete after 5 seconds, retrying (try 2)
10-26 16:13:24.836 25300 28041 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:27.317 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:27.400 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:27.601 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:28.089 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:28.199 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:28.311 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:29.842 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Handshake did not complete after 5 seconds, retrying (try 2)
10-26 16:13:29.842 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:32.224 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:32.312 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:32.405 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:33.074 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:33.162 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:33.220 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:33.872 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:33.977 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:34.036 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:34.622 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:34.743 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:34.784 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:34.972 25300 28041 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Handshake did not complete after 5 seconds, retrying (try 2)
10-26 16:13:34.973 25300 28041 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:36.011 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:36.110 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:36.458 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:40.016 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:40.307 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:40.393 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:40.453 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:41.806 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:41.934 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:42.001 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:42.888 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:43.007 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:43.041 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:43.893 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:43.989 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:44.006 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:44.826 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:44.938 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:44.972 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:45.293 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Handshake did not complete after 5 seconds, retrying (try 2)
10-26 16:13:45.293 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:47.948 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:48.037 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:48.060 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:49.304 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:49.417 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:49.451 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:50.005 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:50.116 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:50.150 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:50.497 25300 28041 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Handshake did not complete after 5 seconds, retrying (try 2)
10-26 16:13:50.497 25300 28041 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:50.719 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:50.823 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:50.857 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:51.467 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:51.581 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:51.598 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:55.175 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:55.253 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:55.302 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:55.590 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Handshake did not complete after 5 seconds, retrying (try 2)
10-26 16:13:55.590 25300 25389 D WireGuard/GoBackend/DOM: peer(WFSC…rOXY) - Sending handshake initiation
10-26 16:13:56.113 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:56.193 25300 25300 D InputEventReceiver_DOT: IER.scheduleInputVsync
10-26 16:13:56.211 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:59.165 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 0
10-26 16:13:59.215 25300 25300 I ViewRootImpl@a065e26[LogViewerActivity]: ViewPostIme pointer 1
10-26 16:13:59.224 25300 25300 I menu_item_selected: [0,Wyeksportuj plik logu]

52

(24 odpowiedzi, napisanych Oprogramowanie / Software)

Cezary napisał/a:

Tzn co chcesz osiągnąć?

Napisać jakąś regułę w firewall, która udostępni jakiś konkretny adres IP, do którego się odwołuje urządzenie IoT np lodówka, gdzie ma odpowiedź, że jest połączenie z internetem, bądź przekierować ten IP na swój własny WWW lub coś podobnego.

MiG25 napisał/a:

To trzeba głębiej posprawdzać, jak to IoT rozpoznaje brak tego internetu...

Proponujesz szukać przez Wireshark ?

53

(6 odpowiedzi, napisanych Sprzęt / Hardware)

https://www.cnx-software.com/2024/07/09 … pi-r4-sbc/

54

(24 odpowiedzi, napisanych Oprogramowanie / Software)

Pytanie z odnośnie urządzeń IoT.

Czy da się dla urządzenia IoT, "symulować" połączenie z Internetem ? Ale jednocześnie by nie wysyłał nic dalej ?

Jakieś przykłady reguł w firewall ?

55

(24 odpowiedzi, napisanych Oprogramowanie / Software)

A więc miałem opisać jak obecnie mam zrobione vlan-y:

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fde6:70f7:26c4::/48'

config interface 'lan'
        option proto 'static'
        option ip6assign '60'
        option ip6ifaceif 'eui64'
        list ipaddr '10.25.10.1/24'
        option device 'br-lan.10'

config interface 'wan'
        option device 'eth0'
        option proto 'dhcp'
        option auto '0'
        option hostname 'XXXXXXXXXXXXX'

config device
        option name 'eth0'
        option macaddr 'XX:XX:XX:XX:XX:XX'

config interface 'pppoe0'
        option proto 'pppoe'
        option device 'eth0'
        option username 'XXXXXX'
        option password 'XXXXXXXX'
        option service 'XXXXXXXXXXXXX'
        option ipv6 'auto'
        option peerdns '0'
        list dns '1.1.1.1'
        list dns '1.0.0.1'
        list dns '8.8.8.8'

config device 'br_lan'
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1'
        list ports 'eth2'
        list ports 'eth3'
        list ports 'eth4'
        list ports 'eth5'

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option listen_port '55055'
        list addresses '10.0.0.1/24'

config wireguard_wg0
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        option persistent_keepalive '25'
        option description 'openwrt'
        list allowed_ips '10.0.0.2/32'

config wireguard_wg0
        option description 'SamsungS24'
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option private_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        option endpoint_port '55055'
        list allowed_ips '10.0.0.3/32'
        option persistent_keepalive '25'

config wireguard_wg0
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        option persistent_keepalive '25'
        option description 'windows'
        list allowed_ips '10.0.0.4/32'

config wireguard_wg0
        option description 'Note9'
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option private_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        list allowed_ips '10.0.0.5/24'
        option endpoint_port '55055'
        option disabled '1'

config interface 'guest'
        option enabled '1'
        option proto 'static'
        list ipaddr '10.25.30.1/24'
        option device 'br-lan.30'

config interface 'iot'
        option enabled '1'
        option proto 'static'
        list ipaddr '10.25.20.1/24'
        option device 'br-lan.20'

config interface 'proxmox'
        option enabled '1'
        option proto 'static'
        list ipaddr '10.25.40.1/24'
        option device 'br-lan.40'

config bridge-vlan
        option device 'br-lan'
        option vlan '10'
        list ports 'eth1:t'
        list ports 'eth2'
        list ports 'eth3'
        list ports 'eth4'

config bridge-vlan
        option device 'br-lan'
        option vlan '20'
        list ports 'eth1:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '30'
        list ports 'eth1:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '40'
        list ports 'eth5'
root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'
        list rebind_domain 'free.aero2.net.pl'
        option sequential_ip '1'
        option port '5353'
        list notinterface 'wan'
        list notinterface 'wan6'
        list interface 'guest'
        list interface 'lan'
        list interface 'iot'
        list interface 'proxmox'

config dhcp 'lan'
        option interface 'lan'
        option dhcpv4 'server'
        option start '10'
        option limit '100'
        option leasetime '43200'
        list dhcp_option '3,10.25.10.1'
        list dhcp_option '6,10.25.10.1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config dhcp 'iot'
        option interface 'iot'
        option dhcpv4 'server'
        option start '10'
        option limit '100'
        option leasetime '3600'
        list dhcp_option '3,10.25.20.1'
        list dhcp_option '6,10.25.20.1'

config dhcp 'guest'
        option interface 'guest'
        option dhcpv4 'server'
        option start '10'
        option limit '100'
        option leasetime '3600'
        list dhcp_option '6,10.25.30.1'
        list dhcp_option '3,10.25.30.1'

config dhcp 'pppoe0'
        option interface 'pppoe0'
        option ignore '1'

config dhcp 'proxmox'
        option interface 'proxmox'
        option dhcpv4 'server'
        option start '10'
        option limit '20'
        option leasetime '86400'
        list dhcp_option '3,10.25.40.1'
        list dhcp_option '6,10.25.40.1'
root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'pppoe0'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'
        
config zone
        option name 'proxmox'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'proxmox'

config forwarding
        option src 'proxmox'
        option dest 'wan'

config rule
        option name 'Adguard_Home_block_3001'
        option src 'wan'
        option src_port '3001'
        option dest '*'
        option dest_port '3001'
        option target 'REJECT'
        option enabled '0'

config rule
        option src 'wan'
        option target 'ACCEPT'
        option proto 'udp'
        option dest_port '55055'
        option name 'wireguard'

config zone
        option name 'wg'
        option input 'ACCEPT'
        option forward 'ACCEPT'
        option output 'ACCEPT'
        option masq '1'
        list network 'wg0'

config forwarding
        option src 'wg'
        option dest 'wan'

config forwarding
        option src 'wan'
        option dest 'wg'

config forwarding
        option src 'wg'
        option dest 'lan'

config forwarding
        option src 'lan'
        option dest 'wg'

config zone 'guest'
        option enabled '1'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option name 'guest'
        list network 'guest'

config forwarding 'guest_forward_wan'
        option enabled '1'
        option name 'guest to wan forward'
        option dest 'wan'
        option src 'guest'

config rule 'guest_dns_rule'
        option name 'guest dns rule'
        option dest_port '53'
        option target 'ACCEPT'
        option src 'guest'
        list proto 'tcp'
        list proto 'udp'

config rule 'guest_dhcp_rule'
        option name 'guest dhcp rule'
        option proto 'udp'
        option src_port '67-68'
        option dest_port '67-68'
        option target 'ACCEPT'
        option src 'guest'

config rule 'guest_Allow_DHCPv6'
        option proto 'udp'
        option src_ip 'fe80::/10'
        option src_port '546-547'
        option dest_ip 'fe80::/10'
        option dest_port '546-547'
        option family 'ipv6'
        option target 'ACCEPT'
        option src 'guest'

config rule 'guest_Allow_MLD'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        option family 'ipv6'
        option target 'ACCEPT'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option src 'guest'

config rule 'guest_Allow_ICMPv6_Input'
        option proto 'icmp'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option src 'guest'

config zone
        option name 'iot'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'iot'

config forwarding
        option dest 'iot'
        option src 'lan'

config forwarding
        option src 'lan'
        option dest 'proxmox'

Najczęstszym problemem, przez co nie działało, pobieranie adresów IP, był brak wpisu w pliku /etc/config/dhcp:

        list interface 'guest'
        list interface 'lan'
        list interface 'iot'
        list interface 'proxmox'

Mam wrażenie, że zabrakło tej informacji w poradnikach, czy to na YouTube, czy na forum.

56

(3 odpowiedzi, napisanych Oprogramowanie / Software)

Cezary napisał/a:

Przywróć tego drugiego do ustawień domyślnych bo coś mu się zepsuło i pyta się o co kilka sekund o nowy adres IP. No chyba że ustawiłeś sobie taką krótką dzierżawę w serwerze DHCP.

Też o tym pomyślałem, było ustawione na 12h, nadpisałem dodatkowo już na 24h.

57

(3 odpowiedzi, napisanych Oprogramowanie / Software)

Dzień dobry.

Ostatnio zauważyłem, że mój jeden WAX220, coś się "przycina", czyli długi czas odpowiedzi w webgui. Próbuje zdiagnozować problem, ten AP jest jeszcze na oryginalnym firmware. Resetowałem już ustawienia do domyślnych i ponownie konfigurowałem sieci WiFi. Ale problem się powtarza. Urządzenia podłączone do tego AP też czasem mają problem z połączeniem z internetem.

W logach na głównym routerze widzę cały czas:

Wed Jun 26 07:13:42 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:13:42 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:13:42 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:13:42 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:13:42 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:13:42 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:13:55 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:13:55 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:13:55 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:13:55 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:13:55 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:13:55 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:14:08 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:14:08 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:14:08 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:14:08 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:14:08 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:14:08 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:14:48 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:14:48 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:14:48 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:14:48 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:14:48 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:14:48 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:15:06 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:06 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:06 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:06 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:15:06 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:15:06 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:15:32 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:32 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:32 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:32 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:15:32 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:15:32 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:15:52 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:52 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:52 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:15:52 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:15:52 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:15:52 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:16:05 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:16:05 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:16:05 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:16:05 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:16:05 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:16:05 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:16:49 2024 daemon.info dnsmasq-dhcp[1]: DHCPDISCOVER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:16:49 2024 daemon.info dnsmasq-dhcp[1]: DHCPOFFER(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:16:49 2024 daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan.10) 10.25.10.3 94:18:65:43:6a:63
Wed Jun 26 07:16:49 2024 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan.10) 10.25.10.3 94:18:65:43:6a:63 AP-PARTER
Wed Jun 26 07:16:49 2024 user.notice nft-qos-monitor: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER
Wed Jun 26 07:16:49 2024 user.notice nft-qos-dynamic: ACTION=update, MACADDR=94:18:65:43:6a:63, IPADDR=10.25.10.3, HOSTNAME=AP-PARTER

Czy to jest jakaś wina od strony AP, czy jakiś problem od routera (OpenWrt)_?

Dobra zmieniłem w takim wypadku działanie tych diod na inne, jednak siłę sygnału nie potrzebuję, bo będzie jak zwykłe AP działać.

config led
        option name 'WiFi_5GHz'
        option sysfs 'green:rssilow'
        option trigger 'netdev'
        option dev 'phy1-ap0'
        list mode 'rx'

config led
        option name 'WiFi_2.4GHz'
        option sysfs 'green:rssihigh'
        option trigger 'netdev'
        option dev 'phy0-ap0'
        list mode 'rx'

config led
        option name 'INTERNET'
        option sysfs 'green:rssimedium'
        option trigger 'netdev'
        option dev 'lan'
        list mode 'tx'
        list mode 'rx'

Cześć.

Zakupiłem AP jak w temacie. Wgrałem Cezary Twojego OpenWrt LuCi (najnowszy).
Wszystko działa, oprócz tych led-ów. Na jakiej zasadzie domyślna konfiguracja działa ?

config rssid 'rssid_wlan1'
        option dev 'wlan1'
        option refresh '200000'
        option threshold '1'

config led 'led_rssilow'
        option sysfs 'orange:rssilow'
        option trigger 'rssi'
        option iface 'rssid_wlan1'
        option minq '1'
        option maxq '25'
        option offset '0'
        option factor '1'

config led 'led_rssimediumlow'
        option sysfs 'green:rssilow'
        option trigger 'rssi'
        option iface 'rssid_wlan1'
        option minq '26'
        option maxq '100'
        option offset '0'
        option factor '1'

config led 'led_rssimediumhigh'
        option sysfs 'green:rssimedium'
        option trigger 'rssi'
        option iface 'rssid_wlan1'
        option minq '51'
        option maxq '100'
        option offset '0'
        option factor '1'

config led 'led_rssihigh'
        option sysfs 'green:rssihigh'
        option trigger 'rssi'
        option iface 'rssid_wlan1'
        option minq '76'
        option maxq '100'
        option offset '0'
        option factor '1' 

60

(4,539 odpowiedzi, napisanych Oprogramowanie / Software)

Hej. Możecie mi podać listę polecanych AP ? Takie budżetowe. Muszę kupić coś znajomemu, do domu jednorodzinnego.

61

(860 odpowiedzi, napisanych Oprogramowanie / Software)

Cezary napisał/a:
DarioX7 napisał/a:

@Cezary, co to za nowa zmiana dla wydania x86/64 ?

Skrypt? Od dość dawna jest w obrazach, do powiększenia roofs na cały dysk.

Mogłem sprecyzować, chodziło o nośniki nvme.

62

(860 odpowiedzi, napisanych Oprogramowanie / Software)

@Cezary, co to za nowa zmiana dla wydania x86/64 ?

63

(24 odpowiedzi, napisanych Oprogramowanie / Software)

Cezary napisał/a:

Co masz na turrisie? Bo jak ich soft to on jest trochę "inny"(...)

Tak zgadza się, jedyny plus tego firmware, że się sam aktualizuję smile i jakieś tam dodatki.

Cezary napisał/a:

(...) wiec jak chcesz to robić to od razu próbuj na x86.

OK, więc do roboty ...

64

(24 odpowiedzi, napisanych Oprogramowanie / Software)

Cześć ponownie.

Długo nad tym siedziałem i doszedłem do ładu i składu. Na testy zrobiłem sobie całą konfigurację na Turris Omnia, oraz w switchu PoE.
Docelowo przeniosę ustawienia do x86.

Praktycznie wszystko działa na fizycznym sprzęcie (turris), ale mam powtarzające się logi:

Jun  1 10:25:49 turris kernel: [43175.583105] mv88e6085 f1072004.mdio-mii:10: VTU member violation for vid 1, source port 4
Jun  1 10:25:51 turris kernel: [43177.582937] mv88e6085 f1072004.mdio-mii:10: VTU member violation for vid 1, source port 4
Jun  1 10:25:53 turris kernel: [43179.582832] mv88e6085 f1072004.mdio-mii:10: VTU member violation for vid 1, source port 4
Jun  1 10:25:55 turris kernel: [43181.582675] mv88e6085 f1072004.mdio-mii:10: VTU member violation for vid 1, source port 4
Jun  1 10:25:56 turris kernel: [43182.802499] mv88e6085 f1072004.mdio-mii:10: VTU member violation for vid 1, source port 4

Czy może być dalej jakiś błąd, czy to już chip switcha w Omnia Turris ma jakieś swoje "widzimisię" ?

Praktycznie wszędzie usunołem domyślny VID 1 (VLAN1).

root@turris:~# bridge vlan
port              vlan-id
lan0              10 PVID Egress Untagged
lan1              20 PVID Egress Untagged
lan2              30 PVID Egress Untagged
lan3              10 PVID Egress Untagged
lan4              10
                  20
                  30
br-lan            10
                  20
                  30
wlan0             30 PVID Egress Untagged
wlan1             20 PVID Egress Untagged

Jak się z tym uporam, to przedstawię ogólną konfigurację i gdzie prawdopodobnie są najczęstsze błędy, jakie ja miałem i dlaczego nie działało.

Focus napisał/a:
DarioX7 napisał/a:

I najważniejsze, to by każdy AP miał inne kanały na radiach 2.4GHz i 5 GHz. Nie będą się zakłócać nawzajem.

To wcale nie jest najważniejsze i nie ma żadnego znaczenia, że kanały będą się nakładać w tej samej sieci.

Wiesz, pisze z własnego doświadczenia, dołożyłem sobie na taras dodatkowy AP, skopiowałem ustawienia z innego AP, ale zapomniałem zmienić kanałów. Czego efektem było to, że stojąc na dworze, smartphon łączył się bardziej z AP w domu niż na tarasie.

66

(24 odpowiedzi, napisanych Oprogramowanie / Software)

Cezary napisał/a:

Czyli jednym słowem ten adguard w ogóle nie słucha na tych interfejsach albo odmawia rozwiązywania nazw z tych adresów. Patrz w logach adguarda.

Ale przy uruchomieniu widać, że widzi te inne sieci.

Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.428335 [info] Received signal "terminated"
Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.428349 [info] stopping AdGuard Home
Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.428351 [info] stopping http server...
Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.428442 [info] stopped http server
Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.428462 [info] dnsproxy: stopping dns proxy server
Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.428491 [info] dnsproxy: stopped dns proxy server
Sun May 26 19:42:32 2024 daemon.err AdGuardHome[9071]: 2024/05/26 17:42:32.483583 [info] stopped
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.467761 [info] AdGuard Home, version v0.107.36
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.468670 [info] tls: using default ciphers
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.469894 [info] safesearch default: disabled
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.476266 [info] Initializing auth module: /tmp/adguardhome/data/sessions.db
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.476313 [info] auth: initialized.  users:1  sessions:1
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.476325 [info] AdGuard Home updates are disabled
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.476327 [info] web: initializing
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.499972 [info] dnsproxy: cache: enabled, size 4096 b
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.499983 [info] dnsproxy: max goroutines is set to 300
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.500584 [info] AdGuard Home is available at the following addresses:
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.501714 [info] clients: processing addresses
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502641 [info] go to http://127.0.0.1:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502652 [info] go to http://[::1]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502654 [info] go to http://[fe80::da58:d7ff:fe00:33df%eth0]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502656 [info] go to http://10.25.25.64:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502658 [info] go to http://[fe80::be24:11ff:fec2:f461%br-lan]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502659 [info] go to http://10.25.25.1:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502661 [info] go to http://[2001:67c:618:2254::1]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502662 [info] go to http://[fde6:70f7:26c4::1]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502663 [info] go to http://[fe80::be24:11ff:fec2:f461%br-lan.1]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502665 [info] go to http://10.25.25.192:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502666 [info] go to http://[fe80::be24:11ff:fec2:f461%br-lan.192]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502667 [info] go to http://10.25.25.128:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502669 [info] go to http://[fe80::be24:11ff:fec2:f461%br-lan.128]:3001
Sun May 26 19:42:48 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:48.502670 [info] go to http://10.0.0.1:3001
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191624 [info] dnsproxy: starting dns proxy server
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191712 [info] Ratelimit is enabled and set to 20 rps
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191739 [info] The server is configured to refuse ANY requests
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191762 [info] dnsproxy: cache: enabled, size 4194304 b
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191789 [info] dnsproxy: max goroutines is set to 300
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191816 [info] dnsproxy: creating udp server socket 0.0.0.0:53
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191871 [info] dnsproxy: listening to udp://[::]:53
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191901 [info] dnsproxy: creating tcp server socket 0.0.0.0:53
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191936 [info] dnsproxy: listening to tcp://[::]:53
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.191985 [info] dnsproxy: entering udp listener loop on [::]:53
Sun May 26 19:42:49 2024 daemon.err AdGuardHome[9221]: 2024/05/26 17:42:49.192025 [info] dnsproxy: entering tcp listener loop on [::]:53

Czy może jest podobny przypadek do mojego ?

https://forum.openwrt.org/t/adguard-hom … s/161786/5

I najważniejsze, to by każdy AP miał inne kanały na radiach 2.4GHz i 5 GHz. Nie będą się zakłócać nawzajem.

68

(24 odpowiedzi, napisanych Oprogramowanie / Software)

OK, więc przedstawie co zrobiłem, a potem napiszę z czym mam problem:

OpenWrt (VM bez WiFi):

Dodam na wstępie, że używam AdGuard Home, który jest zainstalowany w OpenWrt

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fde6:70f7:26c4::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1'
        list ports 'eth2'
        list ports 'eth3'
        list ports 'eth5'

config interface 'lan'
        option device 'br-lan.1'
        option proto 'static'
        option ip6assign '60'
        list ipaddr '10.25.25.1/26'
        option delegate '0'

config interface 'wan'
        option device 'eth0'
        option proto 'dhcp'
        option auto '0'
        option hostname 'XXXXXXXXXXX'

config interface 'pppoe0'
        option proto 'pppoe'
        option device 'eth0'
        option username 'XXXXXXX'
        option password 'XXXXXXXX'
        option service 'XXXXXXXXXXX'
        option ipv6 'auto'
        option peerdns '0'
        list dns '1.1.1.1'
        list dns '1.0.0.1'
        list dns '8.8.8.8'

config device
        option name 'eth0'
        option macaddr 'XX:XX:XX:XX:XX:XX'

config interface 'proxmox'
        option proto 'static'
        option device 'eth4'
        list ipaddr '10.25.25.64/26'
        list dns '8.8.8.8'
        list dns '1.1.1.1'

config device
        option name 'eth4'
        option ipv6 '0'

config rule
        option in 'proxmox'
        option src '10.25.25.65/26'
        option out 'lan'
        option dest '10.25.25.10/26'
        option lookup 'main'
        option disabled '1'

config rule
        option in 'lan'
        option src '10.25.25.10/26'
        option out 'proxmox'
        option dest '10.25.25.65/26'
        option lookup 'main'
        option disabled '1'

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option listen_port '55055'
        list addresses '10.0.0.1/24'

config wireguard_wg0
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        list allowed_ips '10.0.0.2/24'
        option persistent_keepalive '25'
        option description 'openwrt'

config wireguard_wg0
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        list allowed_ips '10.0.0.3/24'
        option persistent_keepalive '25'
        option description 'android'

config wireguard_wg0
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        list allowed_ips '10.0.0.4/24'
        option persistent_keepalive '25'
        option description 'windows'

config wireguard_wg0
        option description 'Note9'
        option public_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option private_key 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
        option route_allowed_ips '1'
        list allowed_ips '10.0.0.5/24'
        option endpoint_port '55055'

config interface 'guest'
        option device 'br-lan.192'
        option proto 'static'
        list ipaddr '10.25.25.192/26'
        list dns '10.25.25.1'

config device
        option name 'br-guest'
        option type 'bridge'
        option bridge_empty '1'

config interface 'iot'
        option device 'br-lan.128'
        option proto 'static'
        list ipaddr '10.25.25.128/26'
        list dns '10.25.25.1'

config device
        option name 'br-iot'
        option type 'bridge'
        option bridge_empty '1'

config bridge-vlan
        option device 'br-lan'
        option vlan '1'
        list ports 'eth1'
        list ports 'eth2:u*'
        list ports 'eth3:u*'
        list ports 'eth5:u*'

config bridge-vlan
        option device 'br-lan'
        option vlan '192'
        list ports 'eth1:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '128'
        list ports 'eth1:t'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'
        list rebind_domain 'free.aero2.net.pl'
        option sequential_ip '1'
        option port '5353'

config dhcp 'lan'
        option interface 'lan'
        option start '10'
        option limit '52'
        option leasetime '12h'
        option dhcpv4 'server'
        list dhcp_option '6,10.25.25.1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config host
        option name 'MS510TXPP'
        option mac 'XX:XX:XX:XX:XX:XX'
        option ip '10.25.25.2'
        option leasetime '12h'
        option dns '1'

config host
        option name 'AP-PARTER'
        option mac 'XX:XX:XX:XX:XX:XX'
        option ip '10.25.25.3'
        option leasetime '12h'
        option dns '1'

config host
        option name 'AP-PIETRO1'
        option mac 'XX:XX:XX:XX:XX:XX'
        option ip '10.25.25.4'
        option leasetime '12h'
        option dns '1'

config host
        option name 'AP-TARAS'
        option ip '10.25.25.5'
        option mac 'XX:XX:XX:XX:XX:XX'
        option dns '1'
        option leasetime '24h'

config dhcp 'pppoe0'
        option interface 'pppoe0'
        option ignore '1'

config dhcp 'proxmox'
        option interface 'proxmox'
        option start '66'
        option limit '52'
        option leasetime '12h'
        option ignore '1'
        list dhcp_option '6,10.25.25.64'

config dhcp 'guest'
        option start '194'
        option limit '60'
        option leasetime '2h'
        option interface 'guest'
        list dhcp_option '6,10.25.25.192'
        list dhcp_option '3,10.25.25.192'

config dhcp 'iot'
        option start '130'
        option limit '60'
        option leasetime '2h'
        option interface 'iot'
        list dhcp_option '6,10.25.25.128'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'pppoe0'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'rTorrentPRO_56895'
        option family 'ipv4'
        option src 'wan'
        list proto 'tcp'
        list proto 'udp'
        option src_dport '56895'
        option dest_ip '10.25.25.10'
        option dest_port '56895'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'rTorrentPRO_6881'
        option src 'wan'
        option src_dport '6881'
        option dest_ip '10.25.25.10'
        option dest_port '6881'
        list proto 'udp'

config rule
        option name 'rTorrentPRO_56895'
        option src 'wan'
        option src_port '56895'
        option dest 'lan'
        list dest_ip '10.25.25.10'
        option dest_port '56895'
        option target 'ACCEPT'
        option enabled '0'

config rule
        option name 'rTorrentPRO_6881'
        option src 'wan'
        option dest_port '6881'
        option target 'ACCEPT'
        option enabled '0'

config zone
        option name 'proxmox'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'proxmox'

config forwarding
        option src 'proxmox'
        option dest 'wan'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'TEST-80'
        option family 'ipv4'
        option src 'wan'
        option src_dport '80'
        option dest_port '80'
        list proto 'tcp'
        list proto 'udp'
        option dest_ip '10.25.25.30'
        option enabled '0'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'TEST8080'
        option family 'ipv4'
        option src 'wan'
        option src_dport '8080'
        option dest_ip '10.25.25.29'
        option dest_port '8080'
        option enabled '0'

config rule
        option name 'PROXMOX-do-NAS'
        option src 'proxmox'
        list src_ip '10.25.25.65'
        option dest 'lan'
        list dest_ip '10.25.25.10'
        option target 'ACCEPT'
        list proto 'tcp'
        list proto 'udp'
        list proto 'icmp'

config rule
        option name 'NAS-do-PROXMOX'
        list proto 'tcp'
        list proto 'udp'
        list proto 'icmp'
        option src 'lan'
        list src_ip '10.25.25.10'
        option dest 'proxmox'
        list dest_ip '10.25.25.65'
        option target 'ACCEPT'

config rule
        option name 'Adguard_Home_block_3001'
        option src 'wan'
        option src_port '3001'
        option dest '*'
        option dest_port '3001'
        option target 'REJECT'
        option enabled '0'

config rule
        option src 'wan'
        option target 'ACCEPT'
        option proto 'udp'
        option dest_port '55055'
        option name 'wireguard'

config zone
        option name 'wg'
        option input 'ACCEPT'
        option forward 'ACCEPT'
        option output 'ACCEPT'
        option masq '1'
        list network 'wg0'

config forwarding
        option src 'wg'
        option dest 'wan'

config forwarding
        option src 'wan'
        option dest 'wg'

config forwarding
        option src 'wg'
        option dest 'lan'

config forwarding
        option src 'lan'
        option dest 'wg'

config rule
        option name 'PROXMOX-do-LAN2'
        option src 'proxmox'
        list src_ip '10.25.25.65'
        option dest 'lan'
        option target 'ACCEPT'
        list proto 'tcp'
        list proto 'udp'
        list proto 'icmp'
        list dest_ip '10.25.25.23'

config rule
        option name 'LAN2-do-PROXMOX'
        option src 'lan'
        option dest 'proxmox'
        list dest_ip '10.25.25.65'
        option target 'ACCEPT'
        list proto 'tcp'
        list proto 'udp'
        list proto 'icmp'
        list src_ip '10.25.25.23'

config zone
        option name 'guest_zone'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'guest'

config zone
        option name 'iot_zone'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'iot'

config forwarding
        option src 'guest_zone'
        option dest 'wan'

config forwarding
        option src 'lan'
        option dest 'iot_zone'

config rule
        option name 'Guest DNS'
        option src 'guest_zone'
        option dest_port '53'
        option proto 'tcpudp'
        option target 'ACCEPT'

config rule
        option name 'Guest DHCP'
        option src 'guest_zone'
        option src_port '67-68'
        option dest_port '67-68'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Guest WAN HTTP access'
        option target 'ACCEPT'
        option src 'guest_zone'
        option dest 'wan'
        option proto 'tcp'
        option dest_port '80'

config rule
        option name 'Guest WAN HTTPS access'
        option target 'ACCEPT'
        option src 'guest_zone'
        option dest 'wan'
        option proto 'tcp'
        option dest_port '443'

Wykonałem takie VLANy:
vlan

Idąc dalej wykorzystałem port eth1 i podłaczyłem go do switcha PoE, a w nim:
https://i.postimg.cc/v13Jy1Mh/MS510-TXPP-001.jpg

https://i.postimg.cc/d7qbgRMD/MS510-TXPP-002.jpg

https://i.postimg.cc/9R0vQWQh/MS510-TXPP-003.jpg

https://i.postimg.cc/0bS1S2d5/MS510-TXPP-004.jpg

https://i.postimg.cc/4YTkQkB6/MS510-TXPP-005.jpg

https://i.postimg.cc/YvfcXnsJ/MS510-TXPP-006.jpg
Wykonałem tagowanie dla portów 5,6,7 i 8 z czego port 5 jest UPLINK-iem.

A w samym AP (WAX220)

https://i.postimg.cc/t7wH7V6m/WAX220-001.jpg

Reasumując - łacze się z siecią dla gości, przydziela mi IP, ale nie chce rozwiazywać zapytań DNS - czyli brak dostępu do internetu.

Cześć.

Chciałem zrobić na VM OpenWrt, VLANy i wydzielić sieci IoT, Gości, LAB etc.
Używam MINI PC, który nie ma chipu od switch-a, tylko każdy interfejs ethernet jest osobną kartą sieciową.
Chciałem zrobić według poradnika:
https://www.youtube.com/watch?v=qeuZqRqH-ug
Ale, zastanawiam się, czy powinienem wykorzystać jeden port np LAN3 i na nim tworzyć kilka VLAN (802.1q) ? Czy może zrobić jak w poradniku na br-lan wykonać Filtrowanie mostu VLAN

Jeśli ktoś używa OpenWrt x86 i ma coś takiego zrobione, to poprosiłbym o wasze przykłady.

MiG25 napisał/a:

No tak ,ale konsola nmrpflash na kompie pewnie Ci napisała ,żebyś wyłączył i włączył router , bo się wgrywanie zakończyło.

Ciekawe co będzie po ponownym włączeniu zasilania .

Udało sie w końcu big_smile

Poniżej link do OEM bootlog.

https://pastebin.com/x8isTN8t

MiG25 napisał/a:

Tak , ale pewnie jak po komendzie tftpboot wpiszesz nazwę pliku , to właśnie ją będzie chciał ściągać , a nie domyślną...

Tam na samym początku też jest opcja "6. Load image" , tym bym spróbował też.

To jest, to samo co Cezary zaproponował, tylko prowadzi cię za "rękę".
Fakt udało mi się w końcu załadować obraz — ten firewall od Windows 10 działa mi na nerwy.

Wykonałem ponownie polecenia:

root@OpenWrt:/# ubirmvol /dev/ubi0 -N kernel_backup
root@OpenWrt:/# ubirmvol /dev/ubi0 -N rootfs_backup
ubirmvol: error!: cannot find UBI volume "rootfs_backup"
          error 2 (No such file or directory)
root@OpenWrt:/# ubirename /dev/ubi0 rootfs_data rootfs_backup

EDIT:

Wgrało się ładnie, co ciekawe po wgraniu, samoczynnie się nie resetuje, jest w stanie "zawieszonym".

BusyBox v1.36.1 (2023-11-15 10:00:19 UTC) built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------------------------------
 |                                                                           |
 | OpenWrt 23.05-SNAPSHOT, r23861-447eef2063                                 |
 |                                                                           |
 | Build time: 2024-05-12 09:50 CEST                                         |
 | Cezary Jackiewicz, https://eko.one.pl                                     |
 |                                                                           |
 -----------------------------------------------------------------------------
 | Machine: Netgear WAX220                                                   |
 | Uptime: 0d, 00:00:29                                                      |
 | Load: 0.06 0.02 0.00                                                      |
 | Flash:                                                                    |
 | Memory: total: 989.1MB, free: 917.2MB, used: 7%                           |
 | Leases: 0                                                                 |
 | lan: static, 192.168.1.1                                                  |
 -----------------------------------------------------------------------------
 === WARNING! ================================================================
 There is no root password defined on this device!
 Use the "passwd" command to set up a new password
 in order to prevent unauthorized SSH logins.
 -----------------------------------------------------------------------------
root@OpenWrt:/# pwd
/
root@OpenWrt:/# ubirmvol /dev/ubi0 -N kernel_backup
root@OpenWrt:/# ubirmvol /dev/ubi0 -N rootfs_backup
ubirmvol: error!: cannot find UBI volume "rootfs_backup"
          error 2 (No such file or directory)
root@OpenWrt:/# ubirename /dev/ubi0 rootfs_data rootfs_backup
root@OpenWrt:/# reboot
root@OpenWrt:/# [  475.422566] br-lan: port 1(eth0) entered disabled state
[  475.428228] device eth0 left promiscuous mode
[  475.432645] br-lan: port 1(eth0) entered disabled state
[  475.487821] mtk_soc_eth 15100000.ethernet eth0: Link is Down
[  479.778940] reboot: Restarting system

F0: 102B 0000
FA: 1040 0000
FA: 1040 0000 [0200]
F9: 0000 0000
V0: 0000 0000 [0001]
00: 0000 0000
BP: 2400 0041 [0000]
G0: 1190 0000
EC: 0000 0000 [1000]
T0: 0000 021E [010F]
Jump to BL

NOTICE:  BL2: v2.6(release):660fb615
NOTICE:  BL2: Built : 18:31:23, Jun 10 2022
NOTICE:  WDT: disabled
NOTICE:  CPU: MT7986 (2000MHz)
NOTICE:  EMI: Using DDR4 settings
NOTICE:  EMI: Detected DRAM size: 1024MB
NOTICE:  EMI: complex R/W mem test passed
NOTICE:  SPI_NAND parses attributes from parameter page.
NOTICE:  SPI_NAND Detected ID 0xef
NOTICE:  Page size 2048, Block size 131072, size 134217728
NOTICE:  Initializing NMBM ...
NOTICE:  Signature found at block 1023 [0x07fe0000]
NOTICE:  First info table with writecount 0 found in block 960
NOTICE:  Second info table with writecount 0 found in block 963
NOTICE:  NMBM has been successfully attached in read-only mode
NOTICE:  BL2: Booting BL31
NOTICE:  BL31: v2.6(release):64c0c710d-dirty
NOTICE:  BL31: Built : 11:38:50, Sep  7 2022


U-Boot 2022.01-rc4 (Sep 07 2022 - 11:38:20 +0800)

CPU:   MediaTek MT7986
Model: mt7986-rfb
DRAM:  1 GiB

Initializing NMBM ...
spi-nand: spi_nand spi_nand@1: Winbond SPI NAND was found.
spi-nand: spi_nand spi_nand@1: 128 MiB, block size: 128 KiB, page size: 2048, OOB size: 64
Could not find a valid device for nmbm0
Signature found at block 1023 [0x07fe0000]
First info table with writecount 0 found in block 960
Second info table with writecount 0 found in block 963
NMBM has been successfully attached

MMC:   mmc@11230000: 0
Loading Environment from MTD... OK
In:    serial@11002000
Out:   serial@11002000
Err:   serial@11002000
Net:   eth0: ethernet@15100000
nmrp activated
nmrp configing
option ip[10.164.183.253] subnet:255.255.255.0
Recv FW-UP option
No ST-UP option
Using ethernet@15100000 device
Listening for TFTP transfer on 10.164.183.253
Load address: 0x46000000
Loading: #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #########################################################
         1.1 MiB/s
done
Bytes transferred = 24249688 (1720558 hex)
nmrp tftp upload complete.
write firmware...

*** Upgrading Firmware ***


*** Loaded 24249688 (0x1720558) bytes at 0x46000000 ***

Image is encrypted
model: WAX220
region: US
version: V1.0.3.3
dateTime: Thu Dec 14 01:13:11 2023
size: 0x172033f
block size: 0x80
checksum: 0xd3e74bdd
Decrypt image...
Decrypt finish
ubi0: attaching mtd6
ubi0: scanning is finished
ubi0: attached mtd6 (name "ubi", size 81 MiB)
ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096
ubi0: good PEBs: 650, bad PEBs: 0, corrupted PEBs: 0
ubi0: user volume: 4, internal volumes: 1, max. volumes count: 128
ubi0: max/mean erase counter: 16/10, WL threshold: 4096, image sequence number: 1664355062
ubi0: available PEBs: 42, total reserved PEBs: 608, PEBs reserved for bad PEB handling: 19
Updating volume 'kernel' from 0x46000800, size 0x34e9f0 ... OK
Updating volume 'rootfs' from 0x4634f400, size 0x13d0000 ... OK
ubi0: detaching mtd6
ubi0: mtd6 is detached

*** Firmware upgrade completed! ***
upgrade firmeare success.
Saving Environment to MTD... Erasing on MTD device 'nmbm0'... OK
Writing to MTD device 'nmbm0'... OK
OK
reset config default succes.
nmrp closing...
nmrp closed.
Cezary napisał/a:

Ew - uruchom z bootloadera openwrt z initramfs, skasuj z jego poziomu voluminy i znów wgraj oryginalny obraz.

Za pomocą polecenia tftpboot ?

Jeśli tak to wymaga zmiany nazwy pliku:

MT7986> tftpboot
*** Warning: no boot file name; using 'C0A80101.img'
Using ethernet@15100000 device
TFTP from server 192.168.1.2; our IP address is 192.168.1.1
Filename 'C0A80101.img'.
Load address: 0x46000000
Loading: *

A twój obraz initramfs ma rozszerzenie pliku *.itp



MT7986> help
?         - alias for 'help'
base      - print or set address offset
bdinfo    - print Board Info structure
blkcache  - block cache diagnostics and control
boot      - boot default, i.e., run 'bootcmd'
bootd     - boot default, i.e., run 'bootcmd'
booti     - boot Linux kernel 'Image' format from memory
bootm     - boot application image from memory
bootmenu  - ANSI terminal bootmenu
bootp     - boot image via network using BOOTP/TFTP protocol
cmp       - memory compare
coninfo   - print console devices and information
cp        - memory copy
crc32     - checksum calculation
dm        - Driver model low level access
echo      - echo args to console
editenv   - edit environment variable
env       - environment handling commands
fdt       - flattened device tree utility commands
go        - start application at address 'addr'
gpio      - query and control gpio pins
gzwrite   - unzip and write memory to block device
help      - print command description/usage
iminfo    - print header information for application image
imxtract  - extract a part of a multi-image
itest     - return true/false on integer compare
led       - manage LEDs
loadb     - load binary file over serial line (kermit mode)
loads     - load S-Record file over serial line
loadx     - load binary file over serial line (xmodem mode)
loady     - load binary file over serial line (ymodem mode)
loop      - infinite loop on address range
lzmadec   - lzma uncompress a memory region
md        - memory display
mm        - memory modify (auto-incrementing address)
mmc       - MMC sub system
mmcinfo   - display MMC info
mtd       - MTD utils
mtest     - simple RAM read/write test
mtkautoboot- Display MediaTek bootmenu
mtkboardboot- Boot MTK firmware
mtkload   - MTK image loading utility
mtkupgrade- MTK firmware/bootloader upgrading utility
mw        - memory write (fill)
nand      - NAND utility
net       - NET sub-system
nfs       - boot image via network using NFS protocol
nm        - memory modify (constant address)
nmbm      - NMBM utility commands
nmrp      - netgear nmrp tools
panic     - Panic with optional message
pci       - list and access PCI Configuration Space
ping      - send ICMP ECHO_REQUEST to network host
pinmux    - show pin-controller muxing
printenv  - print environment variables
pwm       - control pwm channels
random    - fill memory with random pattern
reset     - Perform RESET of the CPU
run       - run commands in an environment variable
saveenv   - save environment variables to persistent storage
setenv    - set environment variables
setexpr   - set environment variable as the result of eval expression
sleep     - delay execution for some time
smc       - Issue a Secure Monitor Call
source    - run script from memory
tftpboot  - boot image via network using TFTP protocol
tftpsrv   - act as a TFTP server and boot the first received file
ubi       - ubi commands
ubifsload - load file from an UBIFS filesystem
ubifsls   - list files in a directory
ubifsmount- mount UBIFS volume
ubifsumount- unmount UBIFS volume
unlz4     - lz4 uncompress a memory region
unzip     - unzip a memory region
version   - print monitor, compiler and linker version
MiG25 napisał/a:

A skasowałeś te woluminy z poziomu openwrt ,zanim zacząłeś używać nmrpflash ? (tak jak to napisali na openwrt wiki )

Oczywiście, za każdym razem jak mi się nie udawało wszczelić z połączeniem z nmrpflash. Aż w pewnym momencie zwróciło mi informacje że nie odnajduje tych woluminów do usunięcia.
Po robocie, po południu będę walczyć dalej.

Podlutowałem się pod złącze COM.

F0: 102B 0000
FA: 1040 0000
FA: 1040 0000 [0200]
F9: 0000 0000
V0: 0000 0000 [0001]
00: 0000 0000
BP: 2400 0041 [0000]
G0: 1190 0000
EC: 0000 0000 [1000]
T0: 0000 021E [010F]
Jump to BL

NOTICE:  BL2: v2.6(release):660fb615
NOTICE:  BL2: Built : 18:31:23, Jun 10 2022
NOTICE:  WDT: disabled
NOTICE:  CPU: MT7986 (2000MHz)
NOTICE:  EMI: Using DDR4 settings
NOTICE:  EMI: Detected DRAM size: 1024MB
NOTICE:  EMI: complex R/W mem test passed
NOTICE:  SPI_NAND parses attributes from parameter page.
NOTICE:  SPI_NAND Detected ID 0xef
NOTICE:  Page size 2048, Block size 131072, size 134217728
NOTICE:  Initializing NMBM ...
NOTICE:  Signature found at block 1023 [0x07fe0000]
NOTICE:  First info table with writecount 0 found in block 960
NOTICE:  Second info table with writecount 0 found in block 963
NOTICE:  NMBM has been successfully attached in read-only mode
NOTICE:  BL2: Booting BL31
NOTICE:  BL31: v2.6(release):64c0c710d-dirty
NOTICE:  BL31: Built : 11:38:50, Sep  7 2022


U-Boot 2022.01-rc4 (Sep 07 2022 - 11:38:20 +0800)

CPU:   MediaTek MT7986
Model: mt7986-rfb
DRAM:  1 GiB

Initializing NMBM ...
spi-nand: spi_nand spi_nand@1: Winbond SPI NAND was found.
spi-nand: spi_nand spi_nand@1: 128 MiB, block size: 128 KiB, page size: 2048, OOB size: 64
Could not find a valid device for nmbm0
Signature found at block 1023 [0x07fe0000]
First info table with writecount 0 found in block 960
Second info table with writecount 0 found in block 963
NMBM has been successfully attached

MMC:   mmc@11230000: 0
Loading Environment from MTD... OK
In:    serial@11002000
Out:   serial@11002000
Err:   serial@11002000
Net:   eth0: ethernet@15100000
nmrp activated
nmrp listen timeout.
nmrp Nmrp_cleanup.

  *** U-Boot Boot Menu ***

     1. Startup system (Default)
     2. Upgrade firmware
     3. Upgrade ATF BL2
     4. Upgrade ATF FIP
     5. Upgrade single image
     6. Load image
     0. U-Boot console


  Press UP/DOWN to move, ENTER to select, ESC/CTRL+C to quit
ubi0: attaching mtd6
ubi0: scanning is finished
ubi0: attached mtd6 (name "ubi", size 81 MiB)
ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096
ubi0: good PEBs: 650, bad PEBs: 0, corrupted PEBs: 0
ubi0: user volume: 5, internal volumes: 1, max. volumes count: 128
ubi0: max/mean erase counter: 16/10, WL threshold: 4096, image sequence number: 1664355062
ubi0: available PEBs: 14, total reserved PEBs: 636, PEBs reserved for bad PEB handling: 19
Reading from volume 'kernel' to 0x46000000, size 0x0 ... OK
*** Start update image to backup ***
Reading from volume 'rootfs' to 0x46364000, size 0x0 ... OK
Updating volume 'kernel_backup' from 0x46000000, size 0x364000 ... OK
Updating volume 'rootfs_backup' from 0x46364000, size 0x13bd000 ... ubi0 error: ubi_create_volume: not enough PEBs, only 14 available
ubi0 error: ubi_create_volume: cannot create volume 3, error -28
*** Failed to create volume 'rootfs_backup', err = -28 ***
ubi0: detaching mtd6
ubi0: mtd6 is detached
Hit any key to stop autoboot:  0
MT7986> [B

Wgrałem nawet najstarszą wersję, ale cham nie chce wstać.
W logach DHCP na OpenWrt x86 mam:

Tue May 14 23:17:16 2024 daemon.info dnsmasq-dhcp[1]: BOOTP(br-lan) 94:18:65:43:5f:ef no address configured

I się resetuje co chwilę.

Jak wyłączę firewall na Windows 10, ładnie wskakuje wgrywanie firmware.

F:\nmrpflash-0.9.22-win32>nmrpflash.exe -i net7 -f WAX220-V1.0.2.1.img
Advertising NMRP server on net7 ... \
Received configuration request from 94:18:65:43:5f:ef.
Sending configuration: 10.164.183.253/24.
Received upload request: filename 'firmware'.
Uploading WAX220-V1.0.2.1.img ... OK (24044888 b)
Waiting for remote to respond.
Received keep-alive request (1).
Remote finished. Closing connection.
Reboot your device now.