Arnoštovo Doupě

u: root
p: admin

Try switching the wireless mode on your access point to „N Only“.

By the way, does anyone know if there is a workaround to get N-Only to work?

EDIT: Nevermind. I figured it out. Switched to mixed N and G mode, 40mhz wide, and AES WPA algorithms. Now connected at 300Mbps!

https://tools.ietf.org/html/bcp38

Když jádro dostane paket, podívá se, jestli by odpověď poslalo tam, odkud paket přišel, tedy jestli routa pro zdrojovou IP adresu míří na příchozí rozhraní. Pokud ne, tak paket zamítne. Stačí mít potom správně nastavené routování, ale to je potřeba už jen proto, aby ta síť vůbec fungovala.

Starý způsob (funguje jen pro IPv4) je zapnout RP Filter v /etc/sysctl­.conf:

net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

nebo runtime

# echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
# echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter

Nový způsob (Linux ≥ 3.3, iptables ≥ 1.4.13) fungující i pro IPv6 je použít match rpfilter:

# iptables -A PREROUTING -t raw -m rpfilter --invert -j DROP
# ip6tables -A PREROUTING -t raw -p icmpv6 --icmpv6-type=router-advertisement -j ACCEPT
# ip6tables -A PREROUTING -t raw -m rpfilter --invert -j DROP

http://www.dd-wrt.com/wiki/index.php/Access_To_Modem_Configuration

1. set modem and router to different subnets
2. dd-wrt Admin → commands

ifconfig `nvram get wan_ifname`:0 10.0.0.2 netmask 255.255.255.0

click Save to startup 10.0.0.2 is router' s address in modem' s subnet [ here is modem 10.0.0.1 ]

1. dd-wrt Admin → commands

iptables -t nat -I POSTROUTING -o `nvram get wan_ifname` -j MASQUERADE

click Save to firewall

from Peacock thread [ http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486 ] 1. DO A HARD RESET *BEFORE AND AFTER* YOU CHANGE DD-WRT FIRMWARE VERSIONS. This does not mean hitting the reset button and saying you are done. This means doing the 30-30-30 reset. To do a 30-30-30 reset you must push the reset button with your router powered on. Hold it for 30 seconds with the router powered on. STILL holding it, pull the power cord for 30 seconds. Still holding it, plug the power back into your router and continue to hold the reset button for 30 more seconds. You will have held the button for a full 90 seconds without releasing it.

After you have done this WHEN DD-WRT IS INSTALLED, if you haven't been asked to change your password by the dd-wrt webgui when you try to login to the router at 192.168.1.1,(presuming you are doing a hard reset on a dd-wrt build newer than 9707, June 14, 2008, when the auto reconfig password was introduced) you haven't done the hard reset properly.

Failing to do a hard reset and failing to wait after flashing are the two most common NOOB errors that lead them to a world of unnecessary dd-wrt pain! This is not a minor optional step. The firmware writes information to the Nvram. This step clears that information. If you don't clear it properly, parts of the old information be present with the new firmware, which can make it not operate properly. Don't cut corners. Doing it before you upgrade can be very important; a hard reset is not just for after upgrades.

The proper process for flashing when upgrading EXISTING dd-wrt firmware is:

a.Set your computer to a static IP of 192.168.1.8. (or to whatever subnet the router is on) Disable all firewalls and security. Disable wireless on your computer and only have the router connected to the flashing computer by the ethernet cable between the two. b. Hard reset prior to flashing. Wait. Check for password page on re-login and change password. c. Flash firmware. You should use the dd-wrt webgui upgrade page except if you have a belkin router. (For belkin use tftp.exe to flash) d. Wait…at least three minutes. Lights should return to normal. See important2, below. Failing to wait is how most people brick their routers. e. Do a power cycle of the router. (Unplug the cord, count to 30 and plug it back in.) f. Wait for the lights to return to normal usually about 2 minutes. g. HARD reset again. Wait. Check for the password page and re-login to change the password. Then you can reconfigure your settings manually. h. Once configured set your computer back to autoIP and autoDNS.

Important: This 30-30-30 hard reset works fine for Asus router, but you do have to power cycle after the reset….however, the RT-N16 model you do the 30/30/30 using the WPS button instead of the Restore button.

Important2: After you flash the firmware, and before you do the hard reset, the router will be building some nvram settings. YOU MUST WAIT FOR THIS TO FINISH PRIOR TO DOING ANYTHING WITH THE ROUTER INCLUDING A HARD RESET. Usually, you can tell when this process is completed by the WLAN light coming on, but it does take several minutes. Go have a beer. There are starting to be more and more people who BRICK their routers by not waiting until the nvram is rebuilt, PRIOR to doing a hard reset. YOU NEED TO WAIT!

If you have done a hard reset on the router, and received the change password screen, make sure you mention this in your post if you still have a problem….otherwise everyone will be telling you to do a hard reset.

2. You CANNOT install old configuration files made on one svn build on any other firmware without risking large problems. Don't do it. Restoring backups after changing builds can brick your router! Delete your old configuration files once you are sure the newer firmware is stable.

# nvram show [ | grep httpd_enable ]
# nvram get httpd_enable
# nvram set httpd_enable=1
# nvram set http_enable=1
# nvram commit

you can just reboot, or start httpd from the commandline

# httpd -p 80

DD-WRT started using the vulnerable code [ http://svn.dd-wrt.com/log/src/router/openssl/ssl/d1_both.c ] on 2012/04/29. Any DD-WRT build after (and including) 19163 has the flaw, and any build after (and including) 23882 has the fix.

Hi chenshaoju,

I bricked my TL-WR1043ND too a few times and recovered it successfully every time. You can find the way to recover your unit on the OpenWRT site.

Here are the steps:

1. Download modified original firmware that has first 0x20200 cut off, or use firmware attached below.
2. Gain access to the serial port and hook it up to your computer using RS-232 / USB –> TTL adapter.
3. Install Putty, setup Serial connection, set COM port appropiately to your adapter in step 2 and do not click Open yet
4. set networkcard of computer to ip address: 192.168.0.5 , subnetmask 255.255.255.0 and no gateway
5. Install TFTP32 server (google it) on your computer, connect computer with ethernet cable to LAN switch port on router.
6. Make sure the „Current Directory“ in TFTP32 is set to folder with modified original firmware renamed to „code.bin“
7. In Putty, click open and plug in Power cord to router… you should see bootloader coming up now…
8. You will see something like this:

No valid address in Flash. Using fixed address
: cfg1 0xf cfg2 0x7114
eth0 up
eth0
Autobooting in 1 seconds## Booting image bf0200000...

Then type following fast: tpl

Now you will get into the command prompt and you're able to execute commands.

1. Erase the firmware before writing it again using following command: erase 0xbf020000 +7c0000
2. Download new modified original firmware from computer to the router: tftpboot 0x81000000 code.bin
3. Write the downloaded firmware to flash using: cp.b 0x81000000 0xbf020000 0x7c0000
4. Boot the original firmware again: bootm 0xbf020000

Your router should be unbricked again!