Author Topic: NEW TL - WR1043N V5  (Read 760 times)

Offline JoRo79

  • Full Member
  • ***
  • Posts: 26
NEW TL - WR1043N V5
« on: April 04, 2018, 09:37:28 am »
Any news when there will be a working build ?
« Last Edit: April 04, 2018, 10:02:20 am by JoRo79 »

Offline WorldSpot

  • Administrator
  • Hero Member
  • *****
  • Posts: 2474
Re: NEW TL - WR1043N V5
« Reply #1 on: April 04, 2018, 09:48:42 pm »
Yes. New build has been made, and should be working.

Please confirm.
http://dl.worldspot.net/wsbeta/lede-trunk-20180402/ar71xx-full/targets/ar71xx/generic/openwrt-ar71xx-generic-tl-wr1043n-v5-squashfs-factory.bin

Archer c59 has been tested ok.

Offline JoRo79

  • Full Member
  • ***
  • Posts: 26
Re: NEW TL - WR1043N V5
« Reply #2 on: April 05, 2018, 11:38:11 am »
Have bought the old (second hand) router TL-WR1043ND V2. Therefore cannot confirm if mentioned firmware works on V5.

Apart from that i have a "problem" on v2.

All clients of public network (unsecured) can ping/ssh  all clients/routers of the private network. I consider this a security issue and wanted to add

/etc/chilli/ipup.sh containing (optionally called by up.sh)

iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I FORWARD 1 -i tun0 -s 10.1.0.0/24 -d 192.168.0.0/24 -j REJECT
iptables -I INPUT 1 -i tun0 -s 10.1.0.0/24 -p 22 -j REJECT

but everytime the router is rebooted the file ipup.sh is gone.


Firmware: Barrier Breaker (14.07-20160229-1) ...full
« Last Edit: April 05, 2018, 12:55:40 pm by JoRo79 »

Offline JoRo79

  • Full Member
  • ***
  • Posts: 26
Re: NEW TL - WR1043N V5
« Reply #3 on: April 05, 2018, 03:07:53 pm »
Found the solution

overlay was not properly mounted...did a "firstboot" and "reboot" and now configuration is restored after reboot

Offline WorldSpot

  • Administrator
  • Hero Member
  • *****
  • Posts: 2474
Re: NEW TL - WR1043N V5
« Reply #4 on: April 07, 2018, 01:38:55 pm »
Hello

Are your iptables entries working?
I could include them in the firmware, except that the WAN ip subnet is not known. Maybe use the br-wan interface instead in the FORWARD rule.

Another solution would be to use the private network, for your lan.

 

anything