想整两台小主机,异地组网,结果硬件价格越来越贵,目标转向路由器。

难点

焊接ttl to usb模块

闪存坏块

使用breed刷入固件时报错

breed> mt7621-nfi.0: Skip bad block at 0x00920000 (BA 0x49).
mt7621-nfi.0: Skip bad block at 0x00b20000 (BA 0x59).
mt7621-nfi.0: Skip bad block at 0x00920000 (BA 0x49).
mt7621-nfi.0: Skip bad block at 0x00b20000 (BA 0x59).
mt7621-nfi.0: Skip bad block at 0x00920000 (BA 0x49).
Error: erase operation failed at 0x00140000, size 0xe40000
校验失败,请重试!

解决办法:

  1. PB-boot
  2. 先刷小体积固件,再使用内置升级工具升级

遇到的坑

重启丢配置

解决方法:看看自己用的固件是不是initramfs-kernel,此类版本基本用于测试,重启丢配置。

可尝试刷入squashfs-factorysquashfs-sysupgrade

但是我在刷入squashfs-factory时提示坏块,大概是因为这个固件体积稍大。迫不得已,只能先刷入initramfs-kernel,之后ssh链接此路由器,执行sysupgrade -p squashfs-sysupgrade固件的名字.bin解决重启丢配置的问题。此处感谢网友@theNew0rder

opkg之ssl安装死循环

安装luci-app-clash时提示已经存在 libustream-wolfssl20201210,不能安装libustream-openssl

就报错。

遂卸载libustream-wolfssl20201210,重新安装luci-app-clash,但是报错本机没有ssl包

wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
Collected errors:
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/base/libustream-openssl20201210_2020-12-10-68d09243-1_mipsel_24kc.ipk, wget returned 1
 * opkg_install_pkg: Failed to download libustream-openssl20201210. Perhaps you need to run 'opkg update'?
 * opkg_install_cmd: Cannot install package luci-app-clash.

根据提示,更新缓存,又报错

root@ZTE-E8820S-1:/tmp# opkg update 
Downloading https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/targets/ramips/mt7621/packages/Packages.gz
wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
*** Failed to download the package list from https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/targets/ramips/mt7621/packages/Packages.gz

Downloading https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/base/Packages.gz
wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
*** Failed to download the package list from https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/base/Packages.gz

Downloading https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/luci/Packages.gz
wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
*** Failed to download the package list from https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/luci/Packages.gz

Downloading https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/packages/Packages.gz
wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
*** Failed to download the package list from https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/packages/Packages.gz

Downloading https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/routing/Packages.gz
wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
*** Failed to download the package list from https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/routing/Packages.gz

Downloading https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/telephony/Packages.gz
wget: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
*** Failed to download the package list from https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/telephony/Packages.gz

Collected errors:
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/targets/ramips/mt7621/packages/Packages.gz, wget returned 1.
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/base/Packages.gz, wget returned 1.
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/luci/Packages.gz, wget returned 1.
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/packages/Packages.gz, wget returned 1.
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/routing/Packages.gz, wget returned 1.
 * opkg_download: Failed to download https://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/21.02.0-rc4/packages/mipsel_24kc/telephony/Packages.gz, wget returned 1.

好在修改连接协议httpshttp解决

动态DNS

修改完配置,记得点击保存并应用。

网络防火墙

不能直接service iptables save。只能将iptables命令保存在/etc/firewall.user

使用lan口对外提供服务,设置较严格的过滤规则。

但记得要同时允许DHCP流量进入。

时间总是自动跑偏