RAX3000M 修改配置文件,刷 u-boot 及 openwrt 固件

发表于 更新于 分类于

流程导图内容简述
更新,有想刷固件的也可以联系我

刷机有风险,执行需谨慎。仅供参考。

设备备份,及使能 ssh

导出编辑配置文件

  • 路由器网线连接电脑,登录路由器界面,在管理页面导出配置文件,解密解压。
1
openssl aes-256-cbc -d -pbkdf2 -k $CmDc#RaX30O0M@\!$ -in cfg_export_config_file.conf -out - | tar -zxvf -
  • vi etc/shadow
    第一行root::之间的删掉(加密的密码)
1
2
3
4
5
6
7
8
9
10
# etc/shadow
root::19179:0:99999:7:::
daemon:*:0:0:99999:7:::
ftp:*:0:0:99999:7:::
network:*:0:0:99999:7:::
nobody:*:0:0:99999:7:::
ntp:x:0:0:99999:7:::
dnsmasq:x:0:0:99999:7:::
logd:x:0:0:99999:7:::
ubus:x:0:0:99999:7:::
  • vi etc/config/dropbear使能 ssh
    option enable 设为 1
1
2
3
4
5
6
7
# etc/config/dropbear
config dropbear
	option enable '1'
	option PasswordAuth 'on'
	option RootPasswordAuth 'on'
	option Port         '22'
#	option BannerFile   '/etc/banner'
  • 加密压缩成配置文件
1
tar -zcvf - etc | openssl aes-256-cbc -pbkdf2 -k $CmDc#RaX30O0M@\!$ -out cfg_export_config_file_new.conf

报错:tar: Exiting with failure status due to previous errors
原因:tar: etc/wireless/mediatek/DBDC_card0.dat: Cannot open: Permission denied权限问题
执行:chmod 751 etc/wireless/mediatek/DBDC_card0.dat

备份

查看分区

1
2
3
4
5
6
7
8
9
10
11
root@RAX3000M:~# cat /proc/mtd
dev:    size   erasesize  name
mtd0: 08000000 00020000 "spi0.0"
mtd1: 00100000 00020000 "BL2"
mtd2: 00080000 00020000 "u-boot-env"
mtd3: 00200000 00020000 "Factory"
mtd4: 00200000 00020000 "FIP"
mtd5: 03d00000 00020000 "ubi"
mtd6: 02500000 00020000 "plugins"
mtd7: 00800000 00020000 "fwk"
mtd8: 00800000 00020000 "fwk2"

备份分区

1
2
3
4
5
6
7
8
9
dd if=/dev/mtd0 | gzip >/tmp/mtd0_spi0.0.bin.gz
dd if=/dev/mtd1 of=/tmp/mtd1_BL2.bin
dd if=/dev/mtd2 of=/tmp/mtd2_u-boot-env.bin
dd if=/dev/mtd3 of=/tmp/mtd3_Factory.bin
dd if=/dev/mtd4 of=/tmp/mtd4_mtd4_FIP.bin
dd if=/dev/mtd5 of=/tmp/mtd5_ubi.bin
dd if=/dev/mtd6 of=/tmp/mtd6_plugins.bin
dd if=/dev/mtd7 of=/tmp/mtd7_fwk.bin
dd if=/dev/mtd8 of=/tmp/mtd8_fwk2.bin

备份完成,浏览器路由器界面恢复刚修改的配置文件

设备刷写

使用 ssh 工具登录路由器
用户名:root
密码:空

下载文件

mtd-rw.zip:文件用来擦除 BL2 驱动
https://firmware-selector.openwrt.org/?version=23.05.3&target=mediatek%2Ffilogic&id=cmcc_rax3000m

1
2
3
4
5
6
openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip
openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin
mtd-rw.ko

openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
openwrt-mediatek-filogic-cmcc_rax3000m-squashfs-sysupgrade.itb

上传uboot文件 /tmp

使用工具将3个文件openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip
openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin
mtd-rw.ko上传到路由器 /tmp 目录

挂载驱动,擦除分区,写入分区

1
2
3
4
5
insmod /tmp/mtd-rw.ko i_want_a_brick=1
mtd erase BL2
mtd write /tmp/openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
mtd erase FIP
mtd write /tmp/openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
1
2
3
4
5
6
7
8
9
10
11
opkg update
opkg install kmod-mtd-rw
insmod mtd-rw i_want_a_brick=1

192.168.1.254
2

mtd write /tmp/openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin bl2
mtd verify /tmp/openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin bl2
mtd write /tmp/openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip fip
mtd verify /tmp/openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip fip

tftp

tftpd64.464.zip
文件传输openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb首次安装或恢复使用

更新固件

上步完成在 openwrt web界面更新openwrt-mediatek-filogic-cmcc_rax3000m-squashfs-sysupgrade.itb

官方在线固件

原版固件在线编译

Packages

已包含 openclash 所需的依赖,只需刷好固件后,将 openclash 的 ipk 文件上传安装即可。
最新openclash ipk下载

1
2
3
4
5
6
7
8
base-files busybox ca-bundle dnsmasq dropbear e2fsprogs f2fsck firewall4 fstools kmod-crypto-hw-safexcel kmod-gpio-button-hotplug kmod-leds-gpio kmod-mt7915e kmod-mt7981-firmware kmod-nft-offload kmod-phy-aquantia kmod-usb3 libc libgcc libustream-mbedtls logd luci mkf2fs mt7981-wo-firmware mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail uboot-envtools uci uclient-fetch urandom-seed urngd wpad-basic-mbedtls

-dnsmasq

luci-i18n-base-zh-cn luci-i18n-firewall-zh-cn luci-i18n-opkg-zh-cn luci-i18n-ddns-zh-cn luci-i18n-ttyd-zh-cn
coreutils-nohup bash dnsmasq-full curl ca-certificates ipset ip-full libcap libcap-bin ruby ruby-yaml kmod-tun kmod-inet-diag unzip kmod-nft-tproxy luci-compat luci luci-base


uci-defaults

简单自定义几项参数,其它定义可参考:
OpenWrt在线编译(官方网址)及自定义(openclash,设备名,密码等等)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
cat << "EOF" > /etc/uci-defaults/99-custom

# Beware! This script will be in /rom/etc/uci-defaults/ as part of the image.
# Uncomment lines to apply:

##########################################################
###################私人配置,分享要改#######################
# 密码
root_password="***************"
# wan 拨号 pppoe 协议
pppoe_username="0000000000000"
pppoe_password="000000000"
# openclash 订阅地址
clash_rules="http://****************"
# ddns
ddns_host='*************'
ddns_username='**************'
ddns_password='*************'
# wifi 名称及密码
#wlan_name="************"
#wlan_password="************"
##########################################################

# log potential errors
exec >/etc/1setup.log 2>&1

#sed -i 's/ash/bash/' /etc/passwd
#re_boot=yes
#shopt -s extglob

# Test: 配置测试用(lan wan自定义无效);Used: 日常使用
CHOICE=Test
#CHOICE=Used

# 主机名,时区
host_name="OpenWrt-3000M"
zone_name="Asia/Shanghai"

# lan 静态协议地址
lan_ip_address="10.0.0.1"
lan_netmask="255.255.255.0"

# lan 其它协议
#lan_proto="dhcp"

# wan 其它协议
#wan_proto="dhcp"

# 终端自动登录
ttyd_login="/bin/login -f root"

# 文件共享
k_smbd=yes

# 磁盘分区:
# yes(格式化已有 free 分区)
# no (不格式化已有 free 分区)
# new(空盘写入后格式化出 free 分区)
#format_disk='no'
#
# 磁盘挂载 (可单独设置分区,单独挂载不生效。根目录(/)x86 不能使用)
# 1: /mnt
# 2: /overlay
# 3: /
#mnt_disk="2"
#
# disk_nub 为分区后,磁盘名称编号
disk_nub=99

# 端口转发
#echo -e "
#config redirect
#        option dest 'lan'
#        option target 'DNAT'
#        option name 'alist'
#        option src 'wan'
#        option src_dport '5678'
#        option dest_ip '$lan_ip_address'
#        option dest_port '5678'" >> firewall_port_Forwards

# ddns
echo -e "
config service 'ddns'
        option service_name 'google.com'
        option use_ipv6 '0'
        option enabled '1'
        option lookup_host '$ddns_host'
        option domain '$ddns_host'
        option username '$ddns_username'
        option password '$ddns_password'
        option ip_source 'interface'
        option interface 'pppoe-wan'
        option use_syslog '2'
        option check_unit 'minutes'
        option force_unit 'minutes'
        option retry_unit 'seconds'
        option ip_interface 'pppoe-wan'" >> d_dns

funRax3000m(){
  # LAN 静态协议
  # More options: https://openwrt.org/docs/guide-user/base-system/basic-networking
  if [ -n "$lan_ip_address" ]; then
    uci set network.lan.proto='static'
    uci set network.lan.ipaddr="$lan_ip_address"
    uci set network.lan.netmask="$lan_netmask"
    uci commit network
    else echo "区域未执行: lan_ip_address"
  fi

  # LAN 其它协议
  # More options: https://openwrt.org/docs/guide-user/base-system/basic-networking
  if [ -n "$lan_proto" ]; then
    uci set network.lan.proto="$lan_proto"
    uci commit network
    else echo "区域未执行: lan_proto"
  fi

  # Wan pppoe 协议
  # More options: https://openwrt.org/docs/guide-user/network/wan/wan_interface_protocols#protocol_pppoe_ppp_over_ethernet
  if [ -n "$pppoe_username" -a "$pppoe_password" ]; then
    uci set network.wan.proto=pppoe
    uci set network.wan.username="$pppoe_username"
    uci set network.wan.password="$pppoe_password"
    uci delete network.wan6
    uci commit network
    else echo "区域未执行: pppoe_username"
  fi

  # WAN 其它协议
  if [ -n "$wan_proto" ]; then
    uci set network.wan.proto="$wan_proto"
    uci commit network
    else echo "区域未执行: wan_proto"
  fi

  # 主机名
  if [ -n "$host_name" ]; then
    uci set system.@system[0].hostname="$host_name"
    uci commit system
    uci set luci.languages.zh_cn='简体中文 (Chinese Simplified)'
    uci set luci.main.lang='zh_cn'
    uci commit luci
    else echo "区域未执行: host_name"
  fi

  # 时区
  if [ -n "$zone_name" ]; then
    uci set system.@system[0].zonename="$zone_name"
    uci set system.@system[0].timezone='UTC-8'
    uci commit system
    /etc/init.d/system reload
    else echo "区域未执行: zone_name"
  fi

  # root密码
  if [ -n "$root_password" ]; then
    (echo "$root_password"; sleep 1; echo "$root_password") | passwd > /dev/null
    else echo "区域未执行: root_password"
  fi

  ## WLAN
  ## More options: https://openwrt.org/docs/guide-user/network/wifi/basic#wi-fi_interfaces
  #if [ -n "$wlan_name" -a -n "$wlan_password" -a ${#wlan_password} -ge 8 ]; then
  #  uci set wireless.@wifi-device[0].disabled='0'
  #  uci set wireless.@wifi-iface[0].disabled='0'
  #  uci set wireless.@wifi-iface[0].encryption='psk2'
  #  uci set wireless.@wifi-iface[0].ssid="$wlan_name"
  #  uci set wireless.@wifi-iface[0].key="$wlan_password"
  #  uci commit wireless
  #  else echo "区域未执行: wlan_name"
  #fi

  # 终端自动登录
  if [ -n "$ttyd_login" ]; then
    uci set ttyd.@ttyd[0].command="$ttyd_login"
    uci delete ttyd.@ttyd[0].interface
    uci commit ttyd
    else echo "区域未执行: ttyd_login"
  fi

  # ddns
  if [ -n "$ddns_host" ]; then
    cat d_dns >> /etc/config/ddns
    uci commit ddns
    rm d_dns
    else echo "区域未执行: ddns_host"
  fi

  # 端口转发
  if [ -f firewall_port_Forwards ]; then
    cat firewall_port_Forwards >> /etc/config/firewall
    rm firewall_port_Forwards
    uci commit firewall
    else echo "区域未执行: firewall_port_Forwards"
  fi

  if [ -n "$clash_rules" ]; then
    #openclash
    #uci set openclash.config.enable='1'
    #uci set openclash.config.dashboard_password='OpenClash8517'
    ###uci set openclash.@authentication[0].password='OpenClash8517'
    #uci commit openclash
    #/etc/init.d/openclash reload
    uci add openclash config_subscribe
    uci set openclash.@config_subscribe[-1]=config_subscribe
    uci set openclash.@config_subscribe[-1].enabled='1'
    uci set openclash.@config_subscribe[-1].name='clash-rules'
    uci set openclash.@config_subscribe[-1].address="$clash_rules"
    uci set openclash.@config_subscribe[-1].sub_ua='Clash'
    uci set openclash.@config_subscribe[-1].sub_convert='0'
    uci commit openclash
    /etc/init.d/openclash reload
    else echo "区域未执行: clash_rules"
  fi

  # 文件共享 磁盘管理
  # 格式化format
  #uuid=$(blkid -s UUID -o value $dev_device)
  #dev_device=$(blkid -U $uuid)
  #mnt_device=$(echo $(blkid -U $uuid) | sed 's/dev/mnt/')
  disk_name=$(lsblk -Sno NAME;lsblk -Nno NAME)
  partn=$(lsblk -no PARTN | grep -v "1\|2\|128\|^$" | awk '{sub(/^ */, "");sub(/ *$/, "")}1')
  if [ "$partn" != '99' -a -n "$partn" ]; then
    disk_nub=$partn
    echo "分区序号不是 99 且不为空"
    else echo "区域未执行: partn"
  fi
  case $disk_name in
      *"nvme"*)
        p_disk_nub="p$disk_nub"
        dev_device="/dev/$disk_name$p_disk_nub"
        mnt_device=$(echo $dev_device | sed 's/dev/mnt/')
        ;;
      "sda")
        dev_device="/dev/$disk_name$disk_nub"
        mnt_device=$(echo $dev_device | sed 's/dev/mnt/')
        ;;
      *)
        format_disk='no'
        ;;
  esac

  # dockerd/共享 根目录路径
  directory_path="$mnt_disk"
  case $directory_path in
    "1")
      dockerd_dir="$mnt_device/opt/docker"
      #匹配替换整行
      sed -i "/data_root/c\	option data_root \'$dockerd_dir\'" /etc/config/dockerd
      #sed -i 's/opt\/docker/$dockerd_dir/' /etc/config/dockerd
      uci commit dockerd
      ksmbd_dir="$mnt_device"
      ;;
    "2")
      dockerd_dir="/overlay/opt/docker"
      sed -i "/data_root/c\	option data_root \'$dockerd_dir\'" /etc/config/dockerd
      uci commit dockerd
      ksmbd_dir="/overlay"
      ;;
    "3")
      dockerd_dir="/opt/docker"
      sed -i "/data_root/c\	option data_root \'$dockerd_dir\'" /etc/config/dockerd
      uci commit dockerd
      ksmbd_dir="/opt"
      ;;
    *)
      ksmbd_dir='/tmp'
  esac

  # 文件共享
  if [ -n "$k_smbd" ]; then
    uci set ksmbd.@globals[0].interface='lan wan'
    uci add ksmbd share
    uci set ksmbd.@share[-1]=share
    uci set ksmbd.@share[-1].name='x86_mnt'
    uci set ksmbd.@share[-1].path="$ksmbd_dir"
    uci set ksmbd.@share[-1].force_root='1'
    uci set ksmbd.@share[-1].read_only='no'
    uci set ksmbd.@share[-1].guest_ok='yes'
    uci set ksmbd.@share[-1].create_mask='0666'
    uci set ksmbd.@share[-1].dir_mask='0777'
    uci add ksmbd share
    uci set ksmbd.@share[-1]=share
    uci set ksmbd.@share[-1].name='x86_etc'
    uci set ksmbd.@share[-1].path='/etc'
    uci set ksmbd.@share[-1].force_root='1'
    uci set ksmbd.@share[-1].read_only='no'
    uci set ksmbd.@share[-1].guest_ok='yes'
    uci set ksmbd.@share[-1].create_mask='0666'
    uci set ksmbd.@share[-1].dir_mask='0777'
    uci commit ksmbd
    else echo "区域未执行: k_smbd"
  fi

  # 磁盘格式化/挂载
  case $format_disk in
    "yes")
      #echo -e "d\n$disk_nub\nn\n$disk_nub\n\n\nw" | fdisk /dev/$disk_name
      echo "y" | mkfs.ext4 $dev_device
      ;;
    "no")
      echo 'no 格式化'

      if [ -e "$dev_device" ]; then
        mkdir -p $mnt_device
        mount $dev_device $mnt_device
        cd $mnt_device
        ls | grep -v opt | awk  '{system("rm -rf "$1)}'
        cd -
        umount $mnt_device
        rm -r $mnt_device
      fi
      ;;
    "new")
      echo -e "n\n$disk_nub\n\n\nw" | fdisk /dev/$disk_name
      echo "y" | mkfs.ext4 $dev_device
  esac

  if [ -e "$dev_device" ]; then
    block detect > /etc/config/fstab
    uci show fstab > nub
    nub=$(cat nub | grep "$disk_name")
    nub=${nub#*'['}
    nub=${nub%']'*}
    case $mnt_disk in
      "1")
        uci set fstab.@mount["$nub"].enabled='1'
        uci commit fstab
        /etc/init.d/fstab reload
        ;;
      "2")
        uci set fstab.@mount["$nub"].target='/overlay'
        uci set fstab.@mount["$nub"].enabled='1'
        uci commit fstab
        /etc/init.d/fstab reload
        reboot
        ;;
      "3")
        mkdir -p /tmp/introot
        mkdir -p /tmp/extroot
        mount --bind / /tmp/introot
        mount "$dev_device" /tmp/extroot
        tar -C /tmp/introot -cvf - . | tar -C /tmp/extroot -xf -
        wait
        #umount /tmp/introot
        #umount /tmp/extroot

        uci set fstab.@mount["$nub"].target="/"
        uci set fstab.@mount["$nub"].enabled='1'
        uci commit fstab
        /etc/init.d/fstab reload
        #reboot
        ;;
      *)
        echo "没有选择挂载"
    esac
    else echo "不存在 $dev_device 设备。区域未执行: 磁盘格式化/挂载"
  fi
}

main(){
  funRax3000m
}
main "$@"

EOF

刷机完成后

  • 执行一下重启,自定义文件才能生效。

  • 执行opkg update报错

1
2
Wget returned 5
Wget returned 1

配置 opkg 中,将 https 改为 http。

版本 23.05.3 目前是5.15内核

5.15内核

快照版本已更新到 6.6 内核

6.6

视频或文章链接

bili 视频 OpenWrt在线编译(官方网址)及自定义

路由器cmcc-cr8808(8818)取消运营商限制,开启 telnet,ssh

openclash 自定义的本地节点转换(subconverter)

OpenWrt在线编译(官方网址)及自定义(openclash,设备名,密码等等)

openwrt 默认配置编译(密码 语言 IP))

自用的节点商,对于非常高清的视频没有需求可以试试,关键便宜,一个月十几块。
闪电

文件下载

暂无,有网络找不到文件可以联系我

Q群:290979342(聚焦单车交流群)

Q群:977922094(聚焦 openwrt 路由器交流)