You are here: OpenWrt Wiki » Documentation » HOWTOs » OpenWrt Failsafe

Differences

This shows you the differences between two versions of the page.

--- doc:howto:generic.failsafe [2012/09/25 15:53]
hauke add warning about switch leaking
+++ doc:howto:generic.failsafe [2013/04/18 15:24] (current)
khairilyazit removed unconfirmed information.. telnet does not require currently connected port be it wan or ethernet to be changed
@@ Line 12: / Line 12: @@
     * ...the boot process is able to get as far as required to register the pressing of the button
     * ...the minimal required binaries and the configuration files with some default settings are available (all on SquashFS)
+<html>
+<table class="inline" style="width:70%; margin-left:15%">
+  <tr>
+    <td style="border-left:6px solid #f57900; vertical-align:middle">
+      <img src="/_media/meta/icons/tango/48px-emblem-important.svg.png" alt="" style="float:left; margin-right:0.5em" />
+      <strong>Important Information!</strong><br />
+      You should save this page for offline viewing before you find yourself without internet connection.
+    </td>
+  </tr>
+</table>
+</html>
+<html>
+<table class="inline" style="width:70%; margin-left:15%">
+  <tr>
+    <td style="border-left:6px solid #cd0505; vertical-align:middle">
+      <img src="/_media/meta/icons/tango/48px-dialog-warning.svg.png" alt="" style="float:left; margin-right:0.5em" />
+      <strong>Warning !</strong><br />
+      Do not start Failsafe while the router is connected to any untrusted network. The switch could be automatically configured to forward packages between all ports including the WAN port in failsafe mode. Traffic could travel between the WAN and the LAN bypassing the router's firewall.
+    </td>
+  </tr>
+</table>
+</html>
-<HTML>
-<p style="border:2px dashed green;text-align:center">
-<span style="color:green;font-size:80%;"><b>You should save this page for offline viewing before you find yourself without internet connection.</b></span>
-</p>
-<p style="border:2px dashed red;text-align:center">
-<span style="color:red;font-size:80%;"><b>Warning: Do not start Failsafe while the router is connected to any untrusted network. The switch could be automatically configured to forward packages between all ports including the WAN port in failsafe mode. Traffic could travel between the WAN and the LAN bypassing the router's firewall.</b></span>
-</p>
-</HTML>
 ===== Triggering via Hardware Button (Standard OpenWrt method) =====
-  - Set your computer's IP to ''192.168.1.2'', subnet ''255.255.255.0''
+====  Stage 1 ====
-  - Power cycle the router (turn off and turn on)
+Set your computer's IP to ''192.168.1.2'', subnet ''255.255.255.0''
-  - Listen on UDP port 4919 for a broadcast packages on your computer, the router will send a message when it waits for a button click.
+==== Stage 2 ====
-    * On Linux run ''tcpdump -Ani eth0 port 4919 and udp'' to listen for that message.
+Listen on the  UDP 4919 port for a broadcast packet on the computer.
-    * If you do not receive this message try immediately after the turning the router on, rapidly click and keep clicking the button on the router for about 60 seconds.
+=== Under Linux ===
-      * It may be any button, but if you can't get in failsafe mode with a button try another.
-      * If done right, the ''192.168.1.1'' address will be pingable, and telnettable.
+In a terminal enter the command  <code>tcpdump -Ani eth0 port 4919 and udp</code>
-      * //Note: If your router has a ridiculously long boot time (such as [[toh/d-link/dir-300#with.manual.step.by.step.guide|DIR-300 A]]), then you may do this for a longer time.//
+<html>
-  - Telnet into ''192.168.1.1'' where you will get immediate access to root shell/prompt. Authentication won't be required.
+<table class="inline" style="width:70%; margin-left:15%">
-     * It could be that the router listens just on one Ethernet port, this is the caste at least for brcm47xx before Attitude Adjustment Beta2, also try the WAN port.
+  <tr>
-  - Try out the commands [[doc:howto:generic.failsafe#in.failsafe.mode|below]].
+    <td style="border-left:6px solid #f57900; vertical-align:middle">
+      <img src="/_media/meta/icons/tango/48px-emblem-question.svg.png" alt="" style="float:left; margin-right:0.5em" />
+      <strong>Unverified Information!</strong><br />
+      Up to today (Jan 11, 2013) this page didn't precise on which port to listen. In the case of TL-WR1043ND, it's the WAN port. If you find a contradictory example, it will be necessarry to <a href="?do=edit">remove or adapt </a> this note.
+    </td>
+  </tr>
+</table>
+</html>
+=== Under Windows ===
+You can employ the
+[[http://downloads.openwrt.org/people/florian/recvudp/recvudp-win32.zip|recvudp.exe]] utility software - Launch it. You may also need to temporarily disable firewall.
+==== Stage 3 ====
+Power-cycle the router. The router will deliver a message telling it waits for your click on the button.\\
+=== Message under Linux (only the firt part)===
+{{:doc:howto:linux-failsafe.png|}} \\
+=== Message under Windows (only the first line)===
+{{:media:failsafe2.png|}}
+==== Stage 4 ====
+Click the bouton. It can be any button, if one doesn't work , thy an other.
+==== Stage 5 ====
+Once in failsafe mode, a confirmation message appears (not always, for the TL-WR1043ND no message comes).Sometimes the sys led blinks very quickly.
+Leave the listen command and try to  telnet at 192.168.1.1  \\
+Now go to section [[#In failsafe mode]]
+==== Remarks ====
+   * If you do not receive this message, immediately after turning the router on, rapidly click and keep clicking the button on the router for about 60 seconds.
+   * If your router has a ridiculously long boot time (such as [[toh/d-link/dir-300#with.manual.step.by.step.guide|DIR-300 A]]), then you may do this for a longer time.
+<html>
+<table class="inline" style="width:70%; margin-left:15%">
+  <tr>
+    <td style="border-left:6px solid #f57900; vertical-align:middle">
+      <img src="/_media/meta/icons/tango/48px-emblem-question.svg.png" alt="" style="float:left; margin-right:0.5em" />
+      <strong>Unverified Information!</strong><br />
+      In the previous remarks, we cannot know whether click refers to a brief push (one should repeat) or to a long push. <a href="?do=edit">Remove ou adapt </a> these note if you can.
+    </td>
+  </tr>
+</table>
+</html>
 ===== Triggering via keyboard key combination in a serial console =====
@@ Line 79: / Line 145: @@
   * In case you forgot your password, you need to set a new one. Type:<code>passwd</code>
   * In case you forgot the routers IP address, get it with<code>uci get network.lan.ipaddr</code>
-  * In case you filled up the entire JFFS2 by installing too big/too many packages, clean the entire JFFS2 partition. All settings will be reset and all installed packages are removed. (OpenWrt equivalent of a factory reset)<code>firstboot</code> or <code>mtd -r erase rootfs_data</code> or <code>rm -r /overlay/*</code>
+  * In case you filled up the entire JFFS2 by installing too big/too many packages, clean the entire JFFS2 partition. All settings will be reset and all installed packages are removed. (OpenWrt equivalent of a factory reset)<code>firstboot</code> or (this will reboot the device as part of the process) <code>mtd -r erase rootfs_data</code> or <code>rm -r /overlay/*</code>
 If you are done with failsafe mode use <code>reboot -f</code> to reboot. //Note: Normal ''/sbin/reboot'' will not work, because ''init'' is not running.// Or power cycle the router.

doc/howto/generic.failsafe.1348581226.txt.bz2 · Last modified: 2012/09/25 15:53 by hauke

OpenWrt

Wiki Search

Actions

Donate

Translations

Differences