Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision |
devices:wndr3800_openwrt [2020/02/24 08:01] – Sean Rhone | devices:wndr3800_openwrt [2021/09/09 02:26] – Sean Rhone |
---|
====== Information ====== | ====== Information ====== |
| |
* NETGEAR WNDR3800 ((https://www.netgear.com/support/product/WNDR3800.aspx)) | * [[https://www.netgear.com/support/product/WNDR3800.aspx|NETGEAR WNDR3800]] |
* OpenWrt ((https://openwrt.org)) ((https://openwrt.org/toh/netgear/wndr3800)) | * [[https://openwrt.org|OpenWrt]] |
| * [[https://openwrt.org/toh/netgear/wndr3800|OpenWrt Device Page]] |
| * [[https://openwrt.org/releases/snapshot|Snapshot]] |
| |
====== Notes ====== | ====== Snapshot ====== |
| |
* :!: Using ''sysupgrade'' with ''factory'' images **will** soft-brick the router ((see [[#recovery|Recovery]] to fix)) | ==== Links ==== |
| |
====== Stable ====== | |
| |
===== Version Check ===== | |
| |
* Latest known version: ''19.07.1'' | |
| |
* https://downloads.openwrt.org/releases/ | |
| |
===== Download ===== | |
| |
* ''19.07.1'' | |
* ''ath79'' | * ''ath79'' |
| |
ssh 'root'@'192.168.1.1' | * [[https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-factory.img|factory.bin]] |
| * [[https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-sysupgrade.bin|sysupgrade.bin]] |
rm -f '/tmp/openwrt-stable-ath79-wndr3800-sysupgrade.bin' && wget -O '/tmp/openwrt-stable-ath79-wndr3800-sysupgrade.bin' 'https://downloads.openwrt.org/releases/19.07.1/targets/ath79/generic/openwrt-19.07.1-ath79-generic-netgear_wndr3800-squashfs-sysupgrade.bin' | |
| |
===== Install ===== | ==== sysupgrade ==== |
| |
* ''-n'' doesn't save old config | * This downloads the latest ''sysupgrade.bin'' and installs it |
* ''--force'' forces the flash | |
* ''-v'' more verbose | |
| |
ssh 'root'@'192.168.1.1' | ssh 'root'@'192.168.1.1' |
| |
sysupgrade --force -n -v '/tmp/openwrt-stable-ath79-wndr3800-sysupgrade.bin' | rm -f '/tmp/sysupgrade.img' && sync && sysupgrade --force -n -v 'https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-sysupgrade.bin' |
| |
===== Configure ===== | rm -Rf ~/'.ssh' && ping '192.168.1.1' |
| |
* https://192.168.1.1 | ===== Packages ===== |
| |
==== DNS ==== | * [[https://openwrt.org/docs/guide-user/luci/luci.essentials|LuCI]] ((snapshot images don't include LuCI, so it needs installed on **every** clean snapshot install)) |
| |
* https://my.nextdns.io | ssh 'root'@'192.168.1.1' |
| |
==== Blocks ==== | sync && passwd |
| |
* http://192.168.1.1/cgi-bin/luci/admin/network/firewall/rules | opkg update && opkg install luci && sync |
* Network -> Firewall -> Traffic Rules | |
| |
=== Google DNS === | ====== LuCI ====== |
| |
* Some devices hard-code Google DNS, and this bypasses NextDNS and the blocklists set there | * http://192.168.1.1 |
* So the solution to this is to block any requests to Google DNS | |
| |
* Name: Google DNS | * :!: Configuration below assumes this is being used as a Wireless Access Point ((Dumb AP)) |
* Protocol: Any | * https://openwrt.org/docs/guide-user/network/wifi/dumbap |
* Source zone: lan | * :!: Configuration below is TODO |
* Source address: -- Add IP -- (leave at default) | |
* Destination zone: wan wan6 | |
* Action: reject | |
| |
* Destination address | ===== 1.1.1.1 DNS ===== |
| |
8.8.8.8 | * https://1.1.1.1/dns/ |
| * See [[notes:dns_servers|DNS servers]] for other DNS servers |
| |
8.8.4.4 | <code>2606:4700:4700::1111</code> |
| <code>2606:4700:4700::1001</code> |
| <code>1.1.1.1</code> |
| <code>1.0.0.1</code> |
| |
2001:4860:4860::8888 | ===== Wireless ===== |
| |
2001:4860:4860::8844 | ==== 2.4GHz ==== |
| |
====== Snapshot ====== | * Country Code: US |
| * Channel: 11 |
| * Width: 40 MHz |
| * Encryption: WPA2-PSK CCMP AES |
| * :!: 802.11w Management Frame Protection: Disabled |
| |
===== Date Check ===== | <code>The Crossroads (2.4GHz)</code> |
| |
* https://downloads.openwrt.org/snapshots/targets/ath79/generic/ | ==== 5GHz ==== |
| |
===== Download ===== | * Country Code: US |
| * :!: Channel: 153 |
| * Width: 80 MHz |
| * Encryption: WPA2-PSK CCMP AES |
| * :!: 802.11w Management Frame Protection: Disabled |
| |
* ''ath79'' | <code>Highgate (5GHz)</code> |
| |
rm -f '/tmp/openwrt-snapshot-ath79-wndr3800-sysupgrade.bin' && wget -O '/tmp/openwrt-snapshot-ath79-wndr3800-sysupgrade.bin' 'https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-sysupgrade.bin' | ===== Firewall ===== |
| |
==== non-HTTPS ==== | * Forward ports ''80'' and ''443'' |
| |
* ''ath79'' | ====== Recovery ====== |
* May be necessary if ''wget'' complains about lack-of SSL support | |
| |
rm -f '/tmp/openwrt-snapshot-ath79-wndr3800-sysupgrade.bin' && wget -O '/tmp/openwrt-snapshot-ath79-wndr3800-sysupgrade.bin' 'http://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-sysupgrade.bin' | ===== TFTP ===== |
| |
===== Install ===== | ==== Notes ==== |
| |
* ''-n'' doesn't save old config | |
* ''--force'' forces the flash | |
* ''-v'' more verbose | |
| |
ssh 'root'@'192.168.1.1' | |
| |
sysupgrade --force -n -v '/tmp/openwrt-snapshot-ath79-wndr3800-sysupgrade.bin' | |
| |
===== LuCI ===== | |
| |
* https://openwrt.org/docs/guide-user/luci/luci.essentials | |
* :!: Snapshot images don't include LuCI, and need it to be installed seemingly after every snapshot install/update | |
| |
ssh 'root'@'192.168.1.1' | |
| |
opkg update && opkg install 'luci' && opkg install 'luci-ssl-nginx' | |
| |
===== Configure ===== | |
| |
* https://192.168.1.1 | |
| |
* https://blog.uncensoreddns.org/ | |
| |
====== Recovery ====== | |
| |
===== Notes ===== | |
| |
* Can seemingly still use ''tftp'' even if you can't ping the router | * Can seemingly still use ''tftp'' even if you can't ping the router |
| |
===== Image ===== | ==== Image ==== |
| |
* Pick one | * Pick one |
* :!: The stable image URL will need updated if there's a newer version available | * :!: The stable image URL will need updated if there's a newer version available |
| |
wget -O ~/'f.img' 'https://downloads.openwrt.org/releases/18.06.4/targets/ar71xx/generic/openwrt-18.06.4-ar71xx-generic-wndr3800-squashfs-factory.img' | wget -O ~/'f.img' 'https://downloads.openwrt.org/releases/19.07.6/targets/ath79/generic/openwrt-19.07.6-ath79-generic-netgear_wndr3800-squashfs-factory.img' |
| |
wget -O ~/'f.img' 'https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-factory.img' | wget -O ~/'f.img' 'https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-factory.img' |
| |
===== TFTP ===== | ==== TFTP ==== |
| |
sudo dnf install 'tftp' -y && sync | sudo dnf install 'tftp' -y && sync |
| |
sudo dnf remove 'tftp' -y && sync | sudo dnf remove 'tftp' -y && sync |
| |
| ===== nmrpflash ===== |
| |
| ==== Images ==== |
| |
| * :!: If using an OpenWRT image, use the ''factory'' image |
| |
| * [[https://downloads.openwrt.org/snapshots/targets/ath79/generic/openwrt-ath79-generic-netgear_wndr3800-squashfs-factory.img|OpenWRT Snapshot]] |
| * [[https://downloads.openwrt.org/releases/19.07.6/targets/ath79/generic/openwrt-19.07.6-ath79-generic-netgear_wndr3800-squashfs-factory.img|OpenWRT 19.07.6]] |
| * [[https://www.netgear.com/support/product/WNDR3800.aspx#download|NETGEAR Stock Firmware]] |
| |
| ==== nmrpflash ==== |
| |
| * [[https://github.com/jclehner/nmrpflash|jclehner/nmrpflash GitHub]] |
| * Reason for the ''libpcap'' command: https://github.com/jclehner/nmrpflash/issues/27 |
| |
| sudo ln -sv 'libpcap.so.1' '/usr/lib64/libpcap.so.0.8' |
| |
| sudo ~/'Downloads/nmrpflash-0.9.15-linux/nmrpflash' -L |
| |
| sudo ~/'Downloads/nmrpflash-0.9.15-linux/nmrpflash' -i 'enp5s0' -f ~/'Downloads/openwrt-ath79-generic-netgear_wndr3800-squashfs-factory.img' |
| |
| sudo ~/'Downloads/nmrpflash-0.9.15-linux/nmrpflash' -i 'enp5s0' -f ~/'Downloads/openwrt-19.07.6-ath79-generic-netgear_wndr3800-squashfs-factory.img' |
| |
| sudo ~/'Downloads/nmrpflash-0.9.15-linux/nmrpflash' -i 'enp5s0' -f ~/'Downloads/WNDR3800-V1.0.0.52/WNDR3800-V1.0.0.52.img' |
| |