Linksys XAC1900 / EA6900 w XVortex CFE Android Tether r51140

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
baboeska
DD-WRT Novice


Joined: 22 Jun 2011
Posts: 48

PostPosted: Sat Mar 25, 2023 23:55    Post subject: Linksys XAC1900 / EA6900 w XVortex CFE Android Tether r51140 Reply with quote
Hi all,
Just a brief note about some success with a Linksys XAC1900 ADSL2+ router/ap initially turned into a DD-WRT EA6900, and then later Fresh Tomato (doesn't support easy android tethering) and r51140 DD-WRT + XVortex CFE to get around the nvram bug.
I was overclocking but noticed connection issues so now have it on stock speeds.
It was quite tricky and I didn't record it all, but it's doable, here are a few scattered notes and scripts.
The initial install was very easy.
The power modem functionality will not work with DD-WRT. The XAC1900 with power modem might have something different for Mac addresses that makes it impossible to get totally right, or, this second hand one might have been previously glitched.
Get the Mac addresses right in the CFE guides, it's a bit confusing. My 2.4 and LAN mac's are the same though everything appears to be working.
Start with the earliest EA6900 DD-WRT build you can find, flash that, clear memory, flash a later build, install ssl entware, 'opkg install vitetris zork', yay Smile

angband ca-bundle ca-certificates cavezofphear crawl dnscrypt-proxy-resolvers dnscrypt-proxy2_nohf entware-opt entware-release entware-upgrade gnuchess grep haveged iperf3 librt librtlsdr libusb-1.0 lscpu lynx nano netcat nethack nmap rng-tools rtl-sdr superstartrek tor
tor-gencert tor-geoip tor-resolve tty-solitaire vitetris wget-ssl zork wget

USB3 issues on r51140 with both stock and xvortex cfe mean you'll only be using 1 usb port with android tethered phone, and probably won't overclock or want to run squid.

For Fresh Tomato, and DD-WRT updates it needs command line mtd install to linux partition, be careful with mtd stuff, flash to linux partition ie "mtd write xyz.bin linux" and Fresh Tomato doesn't easily support Android tether so it's an avenue that may be more hassle than it's worth.
It's debatable whether it's better to have qos or ctf+fa, I guess, up to about 80mb down for this model, qos might be better, for faster than that, or integration with say Quest 2, you'd want ctf+fa instead.
Keeping nvram under 32kb is wise, stability issues may happen somewhere over 32kb.

Overclocking by command line (admin/admin, root/admin), probably don't bother except perhaps for a light ram overclock - stability is core.

nvram get clkfreq
nvram set clkfreq=800,666
nvram set overclocking=800
nvram commit

###Startup script with nvram clearing, simple adblocking, entware on jffs (squid http 3128, tor socks, dns crypt2 nohf) and android tethering, a bit buggy;

Startup
#This bit clears empty nvram variables, may not mix well with wireshark vpn
for line in `nvram show | grep =$ `; do var=${line%*=}; nvram unset $var; done

#after jffs is enabled in admin options, this mounts it to opt
mount /jffs /opt

#entware ssl essential for curl>wget
echo 'export PATH="/opt/bin-override:/opt/sbin-override:$PATH"' >>/tmp/root/.profile
chmod +x /tmp/root/.profile

insmod usbnet.ko
insmod cdc_ether.ko
insmod rndis_host.ko
ifconfig usb0 up
udhcpc -i usb0
ifconfig ip6tun up

_rogue=0.0.0.0
echo -e "n=1\nwhile ! wget -q -O /tmp/hsts http://sbc.io/hosts/hosts ; do\n\t[ \$n -gt 5 ] && break\n\tlet n+=1\n\tsleep 60\ndone\ngrep \"^0.0.0.0\" /tmp/hsts | grep \"^0.0.0.0\" | grep -v localhost | awk '{print \"$_rogue\\\t\"\$2}' | tr -d '\\\015' >/tmp/dlhosts\nrm /tmp/hsts\nkillall -HUP dnsmasq" >/tmp/wh
sh /tmp/wh &


# Useful for privilege de-escalation
grep -q ^nobody /etc/group || echo "nobody:x:99:" >> /etc/group
grep -q ^nobody /etc/passwd || echo "nobody:*:99:99:nobody:/var:/bin/false" >> /etc/passwd
/opt/etc/init.d/rc.unslung start


Shutdown
/opt/etc/init.d/rc.unslung stop

dnsmasq
addn-hosts=/tmp/dlhosts
server=127.0.0.1#30

#Firewall - these may be hazardous to router connectivity
iptables -t nat -A POSTROUTING -o usb0 -j MASQUERADE
iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i br0 -j ACCEPT
iptables -A FORWARD -i usb0 -o br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i usb0 -o usb0 -j REJECT
iptables -A INPUT -i lo -j ACCEPT

USB Script
/opt/etc/init.d/rc.unslung start

### Cron

0 12 * * * root /tmp/.rc_startup


Last edited by baboeska on Sat Apr 08, 2023 15:05; edited 10 times in total
Sponsor
baboeska
DD-WRT Novice


Joined: 22 Jun 2011
Posts: 48

PostPosted: Wed Apr 05, 2023 4:39    Post subject: Reply with quote
Useful links;
https://github.com/Lanchon/ddwrt-secure-entware
https://wiki.dd-wrt.com/wiki/index.php/Tor_on_R7000 (This needs a bit of updating?)
https://forum.dd-wrt.com/wiki/index.php/Advanced_wireless_settings#Basic_Rate This guide is possibly better than the Broadcom specific locked thread in this forum.
https://www.spikefishsolutions.com/post/turn-a-raspberry-pi-into-a-cell-phone-router has some interesting IP table rules, and with a little bit of mucking about shows the basis for pi phone router.
https://openwrt.org/docs/guide-user/network/wan/smartphone.usb.tethering

Gonna chuck a fair bit of my startup and other routines here as a backup. This is partly working.
Flaky usb means that either the thumb drive or the android tether fails, so I tend to prefer android tether as internet is more important than frills. I believe there may be a fix linked in the EA6900 install guide.
Not sure what the issue is with flaky usb it seems tied to using squid as an http cache with tens of gigs of cache space.
Good guides; Asus R7000 TOR guide, there's a guide to do re sslbump and squid, in this built of entware, squid is missing a bit of the certificate stuff.

Firmware: DD-WRT v3.0-r51140 std (12/31/22)

Basic
Autoconfig/DHCP
Auto
SFE
CTF+FA
STP Disable
DHCP
Use dnsmnasq Y
DHCP-AUTH Y
Unbound X
Forced DNS Redirect Y
FDNSR DOT Y
NTP Client enabled, correct timezone set

IPv6 (make sure clients are ipv6 enabled if desired)
6in4 HE get values from their website
DHCP Client daemon disabled
DHCP Server daemon disabled
RADVD enabled, custom config

interface br0 {
AdvSendAdvert on;
prefix hereitgoes/64
{
AdvOnLink on;
AdvAutonomous on;
};
};

Switch config
All ethernet/wan ports on same switch config #

Wireless
tx power 30/30
short
Only enable frame bursting per radio if intending to run only one client per frequency.

Services
DNSMasq
addn-hosts=/tmp/dlhosts
server=127.0.0.1#30
Enable dns masq, encrypt adblockipv6, validate, check, no rebind
SSH enabled

Firewall enabled

Administration

cron
0 12 * * * root /tmp/.rc_startup

USB Core support enabled
JFFS enabled



Startup (Entware SSL)
echo 'export PATH="/opt/bin-override:/opt/sbin-override:$PATH"' >>/tmp/root/.profile
chmod +x /tmp/root/.profile

insmod usbnet.ko
insmod cdc_ether.ko
insmod rndis_host.ko
ifconfig usb0 up
ifcong ip6tun up
udhcpc -i usb0
sleep 5

for line in `nvram show | grep =$ `; do var=${line%*=}; nvram unset $var; done

mount /jffs /opt

_rogue=0.0.0.0
echo -e "n=1\nwhile ! wget -q -O /tmp/hsts http://sbc.io/hosts/hosts ; do\n\t[ \$n -gt 5 ] && break\n\tlet n+=1\n\tsleep 60\ndone\ngrep \"^0.0.0.0\" /tmp/hsts | grep \"^0.0.0.0\" | grep -v localhost | awk '{print \"$_rogue\\\t\"\$2}' | tr -d '\\\015' >/tmp/dlhosts\nrm /tmp/hsts\nkillall -HUP dnsmasq" >/tmp/wh
sh /tmp/wh &

/opt/etc/init.d/rc.unslung start


Shutdown
/opt/etc/init.d/rc.unslung stop


Firewall
iptables -t nat -A POSTROUTING -o usb0 -j MASQUERADE
iptables -A FORWARD -i br0 -j ACCEPT
iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu


USB Script
/opt/etc/init.d/rc.unslung start


Last edited by baboeska on Thu May 11, 2023 13:32; edited 4 times in total
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Wed Apr 05, 2023 5:56    Post subject: Reply with quote
To use the xvortex CFE with EA6900 DDWRT has an Install guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=291230

There is also outlined how you should setup the MAC addresses.

You can easily redo it it with the right MAC addresses.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
baboeska
DD-WRT Novice


Joined: 22 Jun 2011
Posts: 48

PostPosted: Wed Apr 05, 2023 9:20    Post subject: Reply with quote
egc wrote:
To use the xvortex CFE with EA6900 DDWRT has an Install guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=291230

There is also outlined how you should setup the MAC addresses.

You can easily redo it it with the right MAC addresses.


Thanks, yah I will need to do that properly some time.
I'm a bit confused as to what the +two and hex numbers should mean but will give it a go. Does it affect stability in general? Do you have any advice re usb stability? I've turned off usb storage due to the extreme instability of the usb3 port - usb two port is currently in use as the tether.
There is a guide on page seventeen of a thread somewhere that seems to no longer work for a flash drive partitioned as ext two /opt, /swap, /jffs, data
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Wed Apr 05, 2023 9:50    Post subject: Reply with quote
Having the same MAC address can be problematic if the MAC addresses are on the same subnet e.g. with bridge setups.
Normally the interfaces are on different subnets so no problem.

You better do not use USB3 port with the xvortex CFE as it is not very stable.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
baboeska
DD-WRT Novice


Joined: 22 Jun 2011
Posts: 48

PostPosted: Thu Apr 06, 2023 4:12    Post subject: Reply with quote
egc wrote:
Having the same MAC address can be problematic if the MAC addresses are on the same subnet e.g. with bridge setups.
Normally the interfaces are on different subnets so no problem.

You better do not use USB3 port with the xvortex CFE as it is not very stable.


Well I gave re-doing it a go.
I think I may have missed something on the order.
Had to roll back to a far earlier DD-WRT release for the mtd write command, went +2/+4 on the og mac address.
LAN and 2.4 WAN are identical, LAN and 5 WAN are different. Not sure if I should be worried or not.
Re usb3, yeah, I've disabled usb storage support for usb3, am running ssl entware on /jffs mounted as /opt.
USB2 port seems pretty reliable, I wonder if there are reliable hubs...
baboeska
DD-WRT Novice


Joined: 22 Jun 2011
Posts: 48

PostPosted: Thu Apr 06, 2023 22:37    Post subject: Reply with quote
Also, interestingly...
I followed the " Sticky: BCM Best Wifi Settings" guide pinned in this forum.
My router really didn't like those values, it seems that changing half of those values tends to really reduce wifi performance and stability for the 4708A0 Broadcom Northstar Prototype's, at least my one...
Is it time to unlock that thread for user feedback? It'd be interesting to know the exact chip that guide is built for.
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6856
Location: Romerike, Norway

PostPosted: Fri Apr 07, 2023 8:11    Post subject: Reply with quote
The frequencies generated by USB3 can interfere with 2.4Ghz wifi. The USB port may not be properly shielded. USB2 does not have this problem.
baboeska
DD-WRT Novice


Joined: 22 Jun 2011
Posts: 48

PostPosted: Sat Apr 08, 2023 2:51    Post subject: Reply with quote
Mucked about with Fresh Tomato.
It doesn't support the android tether without finding custom modules outside of the aio install.
I don't recommend FT unless you are running XVortexCFE.
If it bricks, "ping 192.168.1.1 -t" and "tftp -i 192.168.1.1 put anappropriateversionofddwrt.bin" and lots of resets via reset button and or wps button will get it back alive with any luck if it responds to ping, after setting a static ip.
Linksys TFTP didn't work, neither did Asus recovery tool without XVortexCFE.

root@DD-WRT:/tmp# cat /proc/mtd
dev: size erasesize name
mtd0: 00080000 00020000 "boot"
mtd1: 00100000 00020000 "nvram"
mtd2: 02100000 00020000 "linux"
mtd3: 01fa0000 00020000 "rootfs"
mtd4: 01d00000 00020000 "linux2"
mtd5: 00100000 00020000 "rootfs"
mtd6: 04000000 00020000 "ddwrt"

Partition table went to this after a few reboots, on 2x r51140, have disabled /jffs and am just using ram currently;

root@DD-WRT:~# df -h
Filesystem Size Used Available Use% Mounted on
/dev/root 24.3M 24.3M 0 100% /
none 512.0K 0 512.0K 0% /dev
/dev/root 24.3M 24.3M 0 100% /opt
root@DD-WRT:~# cat /proc/mtd
dev: size erasesize name
mtd0: 00080000 00020000 "boot"
mtd1: 00100000 00020000 "nvram"
mtd2: 03e00000 00020000 "linux"
mtd3: 03c20000 00020000 "rootfs"
mtd4: 04000000 00020000 "ddwrt"
root@DD-WRT:~#
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum