openwrt - 入门( uHTTPd, opkg, uci, luci, mtd等)

最新推荐文章于 2025-06-22 18:02:40 发布

bytxl

最新推荐文章于 2025-06-22 18:02:40 发布

阅读量8.2k

点赞数

分类专栏： openwrt

openwrt 专栏收录该内容

22 篇文章

订阅专栏

本文档详细介绍了OpenWRT固件的安装步骤、首次登录设置、UCI配置工具的使用方法、SSH服务配置、OPKG软件包管理器操作、故障排除技巧以及系统升级流程等关键内容。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

介紹

主頁: https://openwrt.org/

目錄:

安裝
Download
First Login
UCI (Unified Configuration Interface)
SSH(Dropbear)
uHTTPd
OPKG(Package Manager)
救機(password reset)
系統升級
mtd (Memory Technology Device)
LuCI
version

安裝

如果 Hardware 的版本與 firmware 版本不同, 千萬不要硬上 !!

因為變磚了就煩了 ..

查看 Hardware 的版本:

Download

下載: http://downloads.openwrt.org/snapshots/trunk/ar71xx/

openwrt-<CPU 名稱>-generic-<Router 名稱>-<硬件版本>-<格式>-<用圖>

Example:

openwrt-ar71xx-generic-tl-wr740n-v1-squashfs-factory.bin
openwrt-ar71xx-generic-tl-wr740n-v1-jffs2-factory.bin
openwrt-ar71xx-generic-tl-wr740n-v1-squashfs-sysupgrade.bin
openwrt-ar71xx-generic-tl-wr740n-v1-jffs2-sysupgrade.bin

Firmware 常見的3種格式 TRX, TRX2, BIN

First Login:

當 router 安裝完 openwrt 後, 它只有 telnet 被啟動,

只有設置好root 的 pw 後, 我們才可以 ssh 它 ~

首先我們要 telnet 入去 router

telnet 192.168.1.1

設定它的 password

passwd

UCI (Unified Configuration Interface)

uci 是 openwrt 的中央設定工具, 我們可以透過它設定 router 上的一切一切

Default 是有安裝的, 除非人手刪了~

所需的packages:

uci(/sbin/uci)
libuci(/lib/libuci.so )

所有設定值保存放在

/etc/config/xxx

常用 config file:

/etc/config/dhcp
/etc/config/dropbear
/etc/config/firewall
/etc/config/network
/etc/config/system
/etc/config/timeserver
/etc/config/wireless

格式:

package 'example'

config 'example' 'test'
        option   'string'      'some value'
        option   'boolean'     '1'
        list     'collection'  'first item'
        list     'collection'  'second item'

Usage: uci <command> [arguments]

command:

commit 把修改設定值寫入 flash, 並且套用(包括 uci 及人手修改)

show [<config>[.<section>[.<option>]]] <-- 查看設定 (compressed notation)

get <-- 查看某個設定值 (compressed notation)

changes [config]

set <config>.<section>[.<option>]=<value>

add_list <config>.<section>.<option>=<string>

delete <config>[.<section[.<option>]]

revert <config>[.<section>[.<option>]] <-- 一日未 commit, 一日都可以 revert

export [config] <--- 匯出某"設定" (UCI syntax)

import [config]

Example:

uci set dhcp.lan.leasetime=4h
uci set dhcp.lan.leasetime=24h

uci get dhcp.lan.leasetime

24h

uci show dhcp

.................
dhcp.lan=dhcp
dhcp.lan.interface=lan
dhcp.lan.start=100
dhcp.lan.limit=150
dhcp.lan.leasetime=24h
.................

uci changes

dhcp.lan.leasetime=1
dhcp.lan.leasetime=24h

uci revert dhcp
uci get dhcp.lan.leasetime

12h

uci commit

系統現在的狀態:

uci -P /var/state show network.wan

-P <path> add a search path for config change files and use as default

次序

某些設定是有次序之分的, 比如 firewall 的 rule

所以它們有另一種格式

@rule[-1]

[-1] 代表最尾

root@OpenWrt:~# uci add firewall rule
root@OpenWrt:~# uci set firewall.@rule[-1].src=wan
root@OpenWrt:~# uci set firewall.@rule[-1].target=ACCEPT
root@OpenWrt:~# uci set firewall.@rule[-1].proto=tcp
root@OpenWrt:~# uci set firewall.@rule[-1].dest_port=22
root@OpenWrt:~# uci commit firewall
root@OpenWrt:~# /etc/init.d/firewall restart

/etc/init.d/xxx

/etc/init.d/crond ???

start 是次啟動
enable 每次 boot 機啟用 !!

詳見: http://wiki.openwrt.org/doc/uci

SSH(Dropbear)

設定檔:

/etc/config/dropbear

enable <-- on
BannerFile <-- /etc/banner
Port <-- 22
GatewayPorts <--- tunnel port
Interface <-- 0.0.0.0
RootLogin <-- default: on
RootPasswordAuth <-- default: on

SSH From Wan:

/etc/config/firewall

..........................................
#Allow SSH
config rule
        option src              wan
        option proto            tcp
        option dest_port        ssh
        option target           ACCEPT

OPKG(Package Manager)

網上可用的 package:

http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages

注意：这个地址要根据自己的型号来选。比如mt7620则为：

http://downloads.openwrt.org/snapshots/trunk/ramips/mt7620/packages/packages

設定檔:

/etc/opkg.conf

src/gz  snapshots  http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages <-- 下載 Packages.gz
dest root /
dest  ram /tmp
lists_dir   ext   /var/opkg-lists      <--- /var/opkg-lists/snapshots
option   overlay_root    /overlay
arch all 100
# package優先次序

lock檔:

/usr/lib/opkg/lock

usage:

opkg [options...] [arguments...]

update <-- 下載可用的 package 資料(/var/opkg-lists/snapshots)

install <pkgs>

remove <pkgs>

flag <flag> <pkgs>

hold, noprune, user, ok, installed, unpacked

configure <pkgs>

upgrade <pkgs> <-- (找出 pkgs opkg list-upgradable)
# 不建議在 SquashFS partition 上使用

download <pkg> <-- 下載某 package (並沒有下載所要的依賴 package)

資訊:

status [pkg|regexp]
info [pkg|regexp]
list [pkg|regexp] List available packages
list-installed List installed packages
files <pkg> <-- 這 <pkg> 有什麼 files
search <file|regexp> <-- 這 file 是屬於什麼 package

destination for any package installation.

dest root /
dest ram /tmp
dest mnt /mnt

opkg install somepackage -d destination_name

Example:
-d ram

有用 options:

--cache <directory>

--nodeps

Example:

用 winscp 上載所需的 package 到 /tmp/package

opkg install *

查看依賴性:

opkg depends muninlite

muninlite depends on:
        xinetd

Troubleshoot:

rm /usr/lib/opkg/lock

救機(password reset)

以下過程只適用於使用 SquashFS 的 openwrt router

原因是squashfs 才有 failsafe mode

Step1:

把 PC 的 network 設置為 192.168.1.2

Step2:

長 ping 192.168.1.1, 會見到以下情況

ping -t 192.168.1.1

Ping 192.168.1.1 (使用 32 位元組的資料):
回覆自 192.168.1.101: 目的地主機無法連線。
要求等候逾時。
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
要求等候逾時。
要求等候逾時。
要求等候逾時。
要求等候逾時。
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
回覆自 192.168.1.1: 位元組=32 time<1ms TTL=64
.....................

Step3:

在前段 4 次ping 到的期間按 reset 制, 之後會見到系統的 LED 狂閃

Step4:

當成功 ping 到 router 時,就可以 telnet 它 !!

此時不用 Password Login

Step5:

由於系統是在 Read-only file system, 所以要 mount_root 它 r/w

之後才可以

reset password

passwd

刪除一切設定:

mtd -r erase rootfs_data <-- 相當於 firstboot 指令
OR
firstboot <-- all settings will be reseted

Step6:

reboot -f <--- Force reboot (initis not running)

P.S.

不在 rescuse mode 用 firstboot 是會出事的 !!

系統升級

我們可以用官方工具去升級router: sysupgrade

sysupgrade [options] <image>

options:

-f <config> restore configuration from .tar.gz (file or url) <--- 整個 overlayfs 來
-n           do not save configuration over reflash
-v           more verbose
-c           保留系統設定 <--- 根據 /lib/upgrade/keep.d 來保留

base-files
firewall
base-files-essential
uhttpd

自己要保留的設定就放在 /etc/sysupgrade.conf

檢查檔案的原整性:

md5sum -c md5sums

-c Check sums against list in FILEs

md5sums:

86c3f5da10a7f7350391c0fd191cd9b4 *openwrt-ar71xx-generic-tl-wr740n-v4-squashfs-sysupgrade.bin

Example:

md5sum -c md5sums.txt

openwrt-ar71xx-generic-tl-wr740n-v4-squashfs-sysupgrade.bin: OK

# 檢查一次 image 的完整性再 upgrade 會好 D !!

升級:

Example

sysupgrade -v openwrt-ar71xx-generic-tl-wr740n-v3-squashfs-sysupgrade.bin

Saving config files...
etc/sysctl.conf
etc/shells
etc/rc.local
etc/profile
etc/passwd
etc/inittab
etc/hosts
etc/group
etc/firewall.user
etc/dropbear/dropbear_rsa_host_key
etc/dropbear/dropbear_dss_host_key
etc/config/wireless
etc/config/timeserver
etc/config/system
etc/config/network
etc/config/firewall
etc/config/dropbear
etc/config/dhcp
Switching to ramdisk...
Performing system upgrade...
Unlocking firmware ...

Writing from <stdin> to firmware ...
Appending jffs2 data from /tmp/sysupgrade.tgz to firmware...TRX header not found
Error fixing up TRX header
Upgrade completed
Rebooting system...

基本上是不會升級錯的 ~

Invalid image, hardware ID mismatch, hw:07400001 image:07400003.
Image check 'platform_check_image' failed.

Error: Firmware upgrade is not implemented for this platform.

sysupgrade openwrt-ar71xx-generic-tl-wr740n-v4-squashfs-factory.bin

Firmware upgrade is not implemented for this platform.

root@ns8-fw:/tmp# sysupgrade openwrt-ar71xx-generic-tl-wr740n-v4-squashfs-sysupgrade.bin

Firmware upgrade is not implemented for this platform.

解決:

mtd write openwrt-ar71xx-generic-tl-wr740n-v4-squashfs-sysupgrade.bin firmware

mtd (Memory Technology Device)

mtd 是一個類似 dd 的工具來,

mtd [option] <command> <device / label>

command:

erase <dev> erase all data on device
write <imagefile>|- write <imagefile> (use - for stdin) to device

查看:

cat /proc/mtd

dev:    size   erasesize  name
mtd0: 00020000 00010000 "u-boot" <-- boot loader
mtd1: 000e5e00 00010000 "kernel" <-- firmware
mtd2: 002ea200 00010000 "rootfs" <-- firmware
mtd3: 00170000 00010000 "rootfs_data"
mtd4: 00010000 00010000 "art"
mtd5: 003d0000 00010000 "firmware"

裝置檔:

/dev/mtdX

Backup方式:

dd if=/dev/mtd0 of=/tmp/boot.backup

還原:

mtd -r write /tmp/original_firmware.bin firmware

LuCI

主頁: http://luci.subsignal.org/trac

介紹:

web user interface
Lua programming language
use object-oriented libraries
use templating
MVC-Webframework

安裝:

opkg install luci

packages:

luci <-- Meta package 來, 它是一大堆 depends

uhttpd, luci-mod-admin-full, luci-theme-openwrt, luci-app-firewall,

luci-proto-core, luci-proto-ppp, libiwinfo-lua

luci-ssl <-- https

luci-theme-openwrt

luci-i18n-*

luci-app-*

luci-app-firewall
luci-app-ddns
luci-app-ahcp
luci-app-freifunk-policyrouting
luci-app-multiwan
luci-app-ntpc
luci-app-openvpn
luci-app-qos
luci-app-statistics
luci-app-samba
luci-app-tinyproxy
luci-app-vnstat
luci-app-wol
luci-app-wshaper

luci-proto-ppp <--- PPPoE

luci-proto-pptp

pptp
- ppp
- kmod-gre
- resolveip

啟用:

/etc/init.d/uhttpd enable <-- started at every boot
/etc/init.d/uhttpd start

Tips:

Hostnames:

tim-pc.lan <-- 要配合 domain 使用

Unsaved Change:

Version

BarrierBreaker 14.07

* Linux kernel updated to version 3.10
* Procd: new preinit, init, hotplug and event system written in C

Networking improvements:

* Added support for dynamic firewall rules and zones
* Added reworked event support to allow obsoleting network hotplug-scripts
* Netifd now handles setup and configuration reload of wireless interfaces

UCI configuration improvements:

* Support for testing configuration and rollback to working last working state
* Unified change trigger system to restart services on-demand
* Added a data validation layer
* Configuration support for GRE tunnels

Filesystem improvements:

* Added support for filesystem snapshot and rollback
* Rewritten mounting system in C for rootfs and block devices

USB:

* Support for QMI-based 3g/4g modems

Service:

* Support for DNSSEC validation

Attitude Adjustment12.09

* Kernel 3.3

OS:

Switched to shadow passwords
Support for external overlay filesystems in release images

Network:

New netifd implementation to replace the old script based network configuration system
Support for bridge firewalling in release images