Fortinet FortiGate 30E (FG-30E) is a UTM, based on Armada 385 (88F6820).
Specification:
- SoC : Marvell Armada 385 88F6820
- RAM : DDR3 1 GiB (4x Micron MT41K256M8DA-125, "D9PSH")
- Flash : SPI-NOR 128 MiB (Macronix MX66L1G45GMI-10G)
- Ethernet : 5x 10/100/1000 Mbps
- Switch : Marvell 88E6176
- LEDs/Keys : 16x/1x
- UART : "CONSOLE" port (RJ-45, RS-232C level)
- port : ttyS0
- settings : 9600bps 8n1
- assignment : 1:NC , 2:NC , 3:TXD, 4:GND,
5:GND, 6:RXD, 7:NC , 8:NC
- note : compatible with Cisco console cable
- HW Monitoring: nuvoTon NCT7802Y
- Power : 12 VDC, 2 A
- plug : Modex 5557-02R
Flash instruction using initramfs image:
1. Power on FG-30E and interrupt to show bootmenu
2. Call "[I]: System information." -> "[S]: Set serial port baudrate."
and set baudrate to 9600 bps
3. Call "[R]: Review TFTP parameters.", check TFTP parameters and
connect computer to "Image download port" in the parameters
4. Prepare TFTP server with the parameters obtained above
5. Rename OpenWrt initramfs image to "image.out" and put to TFTP
directory
6. Call "[T]: Initiate TFTP firmware transfer." to download initramfs
image from TFTP server
7. Type "r" key when the following message is showed, to boot initramfs
image without flashing to spi-nor flash
"Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]?"
8. On initramfs image, backup mtd if needed
minimum:
- "firmware-info"
- "kernel"
- "rootfs"
9. On initramfs image, upload sysupgrade image to the device and perform
sysupgrade
10. Wait ~200 seconds to complete flashing and rebooting.
If the device is booted with stock firmware, login to bootmenu and
call "[B]: Boot with backup firmware and set as default." to set the
first OS image as default and boot it.
Notes:
- Both colors of Bi-color LEDs on the front panel cannot be turned on at
the same time.
- "PWR" and "Logo" LEDs are connected to power source directly.
- The following partitions are added for OpenWrt.
These partitions are contained in "uboot" partition (0x0-0x1fffff) on
stock firmware.
- "firmware-info"
- "dtb"
- "u-boot-env"
- "board-info"
Image header for bootmenu tftp:
0x0 - 0xf : ?
0x10 - 0x2f : Image Name
0x30 - 0x17f: ?
0x180 - 0x183: Kernel Offset*
0x184 - 0x187: Kernel Length*
0x188 - 0x18b: RootFS Offset (ext2)*
0x18c - 0x18f: RootFS Length (ext2)*
0x190 - 0x193: DTB Offset
0x194 - 0x197: DTB Length
0x198 - 0x19b: Data Offset (jffs2)
0x19c - 0x19f: Data Length (jffs2)
0x1a0 - 0x1ff: ?
*: required for initramfs image
MAC addresses:
(eth0): 70:4C:A5:xx:xx:CE (board-info, 0xd880 (hex))
WAN : 70:4C:A5:xx:xx:CF
LAN 1 : 70:4C:A5:xx:xx:D0
LAN 2 : 70:4C:A5:xx:xx:D1
LAN 3 : 70:4C:A5:xx:xx:D2
LAN 4 : 70:4C:A5:xx:xx:D3
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Fix the building issue setting CC to KERNEL_CC in kernel.mk. The
kernel backports by default uses CC to compile kconf. A new patch is
added to mac80211 to compile kconf with host gcc.
Signed-off-by: Zeyu Dong <dzy201415@gmail.com>
[ refresh patches ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Kernel module packages compiling is not cached (e.g. mac80211)
even with CONFIG_CCACHE on.
CC should be set to KERNEL_CC in KERNEL_MAKE_FLAGS at kernel.mk
to allow kernel module packages using ccache.
Signed-off-by: Zeyu Dong <dzy201415@gmail.com>
d8118f6 config: make sure timer is not on the timeouts list before freeing
4bbc6e7 add hostsfile output in addition to statefile
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Commit 572ea68070 ("uboot-mediatek: add patches for MT7988 and
builds for RFB") renamed HSGMII to 2500basex, but forgot to update
the dts of Redmi Router AX6000, makes the network unusable.
This patch makes the network usable again.
Fixes: #13724
Fixes: 572ea68070 ("uboot-mediatek: add patches for MT7988 and builds for RFB")
Signed-off-by: Furong Xu <xfr@outlook.com>
```
Specifications:
* CPU: Qualcomm IPQ8074A, SoC Version: 2.0, Quad core 1651 MHz
* RAM: 1 GiB of DDR3 466 MHz
* Flash: NAND 512 MiB (Winbond W29N04GZ)
* 6 RGB LEDs: Power, LAN1, LAN2, 2.4GHz, 5GHz H and 5GHz L
* UART: One 4-pin populated header next to the heatsink and a chip.
GND RXD TXD, beginning from the external antennas. 115200n8.
Lan:
* One 100/1000/2.5GBASE-T Gigabit Ethernet 802.3bt/at
* One 100/1000 Gigabit Ethernet
Wlan:
* 4x4 in 2.4GHz : 802.11b/g/n/ax
* 4x4 in 5.0GHz L: 802.11a/n/ac/ax
* 4x4 in 5.0GHz H: 802.11a/n/ac/ax
* OFDM and OFDMA
* Bidir and MU-MIMO
* Internal antenna 2.86/4.41/4.98 dBi (2.4GHz/5GHz L/5GHz H)
Power:
* 802.3bt/at 30.1W
* DC 12V/3.5A
Mounting: Wall and ceiling
```
```
1. Download the OpenWrt initramfs image. Copy the image to a TFTP server
2. Connect to the console on the AP, and connect the LAN port to your LAN
3. Stop auto boot to get to U-boot shell, interrupt the autoboot process by pressing '0' when prompted
4. Set active_fw in env
4. Set active_fw in env
# setenv active_fw 1
5. Transfer the initramfs image with TFTP
# setenv serverip 192.168.1.10 (IP of TFTP server host)
# setenv ipaddr 192.168.1.1 (IP used by the router for getting the image, must be in the same subnet as the TFTP host)
# tftpboot openwrt-qualcommax-ipq807x-netgear_wax630-initramfs-uImage.itb
6. Reboot and load the image
# bootm
7. SCP factory image to the AP
# scp openwrt-qualcommax-ipq807x-netgear_wax630-squashfs-factory.ubi root@192.168.1.1:/tmp/
8. Connect to device using SSH (use the LAN port)
9. Flash squashfs-factory.ubi from within the initramfs instance of OpenWRT
Before you flash, please check your mtd partitions where mtdX is the right mtd rootfs partition.
# cat /proc/mtd (To check MTD partitions)
# ubiformat /dev/mtd18 -y -f /tmp/openwrt-qualcommax-ipq807x-netgear_wax630-squashfs-factory.ubi
10. Set active_fw to 0
# /usr/sbin/fw_setenv active_fw 0
11. Reboot the AP and your done
# reboot
```
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Contains the following update:
52a1c29 ipq8074: add Netgear WAX630 Board file for Netgear WAX630. Extracted from stock (WAX630_BDF.bin) firmware and repacked.
e7701b8 ipq8074: update RegDB in new submitted BDF
cd04ab7 qcn9074: update RegDB in new submitted BDF
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
As requested by the maintainers, the order for the WAX family
should be alphabetically. WAX620 is now after WAX218.
Files changed:
+ipq807x.mk
+01_leds
No changes to the content.
Signed-off-by: Kristian Skramstad <kristian+github@83.no>
Hardware specification:
SoC: MediaTek MT7981B 2x A53
Flash: 64GB eMMC or 128 MB SPI-NAND
RAM: 512MB
Ethernet: 4x 10/100/1000 Mbps
Switch: MediaTek MT7531AE
WiFi: MediaTek MT7976C
Button: Reset, Mesh
Power: DC 12V 1A
- UART: 3.3v, 115200n8
--------------------------
| Layout |
| ----------------- |
| 4 | GND TX VCC RX | <= |
| ----------------- |
--------------------------
Gain SSH access:
1. Login into web interface, and download the configuration.
2. Enter fakeroot, decompress the configuration:
tar -zxf cfg_export_config_file.conf
3. Edit 'etc/config/dropbear', set 'enable' to '1'.
4. Edit 'etc/shadow', update (remove) root password:
'root::19523:0:99999:7:::'
5. Repack 'etc' directory:
tar -zcf cfg_export_config_file.conf etc/
* If you find an error about 'etc/wireless/mediatek/DBDC_card0.dat',
just ignore it.
6. Upload new configuration via web interface, now you can SSH to RAX3000M.
Check stroage type:
Check the label on the back of the device:
"CH EC CMIIT ID: xxxx" is eMMC version
"CH CMIIT ID: xxxx" is NAND version
eMMC Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'factory' part.
('data' partition can be ignored, it's useless.)
2. Write new GPT table:
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
echo 0 > /sys/block/mmcblk0boot0/force_ro
dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
IP 192.168.1.254, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync
NAND Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'Factory' part.
2. Erase and write new BL2:
mtd erase BL2
mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
3. Erase and write new FIP:
mtd erase FIP
mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
4. Set static IP on your PC:
IP 192.168.1.254, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, erase UBI volumes:
ubidetach -p /dev/mtd0
ubiformat -y /dev/mtd0
ubiattach -p /dev/mtd0
8. Create new ubootenv volumes:
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Additionally, if you want to have NAND recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
ubimkvol /dev/ubi0 -n 2 -N recovery -s 20MiB
ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
10. Perform sysupgrade.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
The OEM U-Boot uses dual boot and signature verification which does not
support by OpenWrt. So add a custom U-Boot build for OpenWrt.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Allwinner H6 needs this driver to enable DVFS support.
May also be used with H616/H618 SoC in the future.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Kernel 5.15 already supports the NanoPi R1 and NanoPi R1S H5,
and they use new LED bindings that do not match the existing
settings in 01_leds. Update led settings to fixes that.
List the led node on NanoPi R1S H5:
root@OpenWrt:~# ls /sys/class/leds/
green:lan green:wan red:status
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Remove ABI version, since its format is not accepted by the linker.
Enable rpath to avoid clash with system libraries
Signed-off-by: Felix Fietkau <nbd@nbd.name>
CONFIG_USB_AUDIO is a "USB Audio Gadget" driver, not a usb device driver
CONFIG_USB_AUDIO is "USB Audio support" before linux 2.6
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
Expose the temperature sensors as hwmon, it improves the overall
user experience since on tiny boards the nvme can become a substantial
source of heat.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Reviewed-by: Robert Marko <robimarko@gmail.com>
This will help switching to newer 5.15 kernels. This backport required
rebasing Northstar's USB host patch.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
c8c9f10 uim: fix help formatting
aac0776 uqmi: add APN profile commands
ffc5eea uim: support SIM card power-up/down
d6c963d uim: add application state to SIM status
Signed-off-by: David Bauer <mail@david-bauer.net>
The IXP4xx crypto module must be loaded after the rootfs is
up as it depends on loading some NPE microcode from the file
system.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This resurrects the support for IXP4xx using device tree
rather than the old (deleted) board files. The final pieces
of IXP4xx board files were deleted in Linux v5.19.
Ext4 root filesystems on CF and USB are supported by the
default config.
We support these three initial targets:
- The Gateworks Avila GW2348 reference design has 64MB of RAM
and 32MB of flash and also supports USB and CompactFlash.
- The Gateworks Cambria GW2358 reference design has 128MB of
RAM and 32MB of flash and also supports USB and CompactFlash.
- The old and stable Linksys NSLU2 works fine as well, albeit
it only has 32MB of RAM so it has been marked as non-default.
The 8MB of flash can only fit the kernel, so it has been
patched to boot from exteral media on USB. I have used
it successfully as a NAS with ksmbd and LUCI web API, see:
https://dflund.se/~triad/krad/ixp4xx/
Signed-off-by: Howard Harte <hharte@magicandroidapps.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Tomasz Maciej Nowak <tmn505@gmail.com>
The firmware package for the IXP4xx microcode was deleted but
the source files are still in the file cache so we can easily
resurrect it.
The firmware either supports ethernet (the most common) or
WAN (less common), image targets select the firmware they
want depending on usecase.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This is a backport of the patch to support the Altima AMI101L
PHY which is merged for the v6.7 kernel. This PHY is used in the
IXP4xx-based USRobotics USR8200.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
This is a backport of the patch for byte addressed IO to the
Epson RTC7301 driver. This is used by the IXP4xx-based
USRobotics USR8200.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Among other changes this commit makes Linux use correct switch ports
again.
Fixes: a4792d79e8 ("bcm53xx: backport DT changes from v6.5")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Sometimes it's useful to be able to prepend to a variable as
well, such as when dealing with domain names, e.g.
prepend fdqn "$subdomain" "."
will result in:
fqdn="$subdomain.$fqdn"
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This backports patches
leds: turris-omnia: convert to use dev_groups
leds: turris-omnia: Use sysfs_emit() instead of sprintf()
leds: turris-omnia: Drop unnecessary mutex locking
leds: turris-omnia: Do not use SMBUS calls
leds: turris-omnia: Make set_brightness() more efficient
leds: turris-omnia: Support HW controlled mode via private trigger
leds: turris-omnia: Add support for enabling/disabling HW gamma correction
leds: turris-omnia: Fix brightness setting and trigger activating
into backport-5.15.
The above patches replace:
leds: turris-omnia: support HW controlled mode via private trigger
leds: turris-omnia: initialize multi-intensity to full
leds: turris-omnia: change max brightness from 255 to 1
from mvebu/patches-5.15.
Signed-off-by: Marek Behún <kabel@kernel.org>
This reverts commit 0c117e1f6c.
Activate the lantiq/xrx200 target again.
There are still some problems with the GSWIP, but it is not leaking
packets to the wrong bridge in normal operations.
It shows some error messages at configuration like these:
[ 54.308861] gswip 1e108000.switch: port 5 failed to add ce:9d:84:d1:81:f0 vid 1 to fdb: -22
[ 54.325633] gswip 1e108000.switch: port 5 failed to add e8🇩🇪27:95:c1:b4 vid 0 to fdb: -22
[ 54.351242] gswip 1e108000.switch: port 5 failed to add e8🇩🇪27:95:c1:b4 vid 1 to fdb: -22
[ 54.358311] gswip 1e108000.switch: port 5 failed to delete ce:9d:84:d1:81:f0 vid 1 from fdb: -2
The problems are described in this pull request:
https://github.com/openwrt/openwrt/pull/13200
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
With patch 101-03-spi-mtk_spim-get-spi-clk-rate-only-once.patch
a new system to calculate the SPI clocks has been added.
Unfortunately, the do_div macro overrides the global
priv->pll_clk_rate field. This will cause to have a reduced
clock rate on each subsequent SPI call.
Signed-off-by: Valerio 'ftp21' Mancini <ftp21@ftp21.eu>
Signed-off-by: Nicolò Veronese <nicveronese@gmail.com>
Some packages (like wavemon >= 0.9.4) depend on libnl-cli. Add support
for this part of the lib. libnl-cli itself depends on libnl-genl and
libnl-nf. On MIPS, this component adds 81kB.
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
(punctuation correction and reorganisation of commit message)
Signed-off-by: Nick Hainke <vincent@systemli.org>
1) clear nvram partialboots upon successful boot
This behavior is already defined for EA9500; enabled for EA9200 too.
2) fix MAC address in board.d/02_network
Use the correct nvram variable to derive lan/wan MAC address.
Signed-off-by: Rani Hod <rani.hod@gmail.com>
Set correct GPIO (10) for the WPS button. This matches GPIO settings in
vendor GPL sources. Note that GPL sources also mention a USB indicator
LED (GPIO 13) but the device has neither an external USB port nor a USB LED.
In addition, prefixes (button-, led-) are added to relevant DT entries,
as well as color and function specifications for LEDs.
Closes: #13736
Reported-by: Waldemar Czabaj <kaball@wp.pl>
Signed-off-by: Rani Hod <rani.hod@gmail.com>
(added led mitigations for wifi leds)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>