Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
TP-Link TL-WR902AC v3 OpenWRT Setup
#!/bin/sh
# /etc/hotplug.d/button/buttons
# This file uses the slider to disable the client wireless network- this lets the AP network come up if it cannot connect to the one where it is the client.
logger the button was $BUTTON and the action was $ACTION
if [ "$BUTTON" = "BTN_0" ]; then
if [ "$ACTION" = "pressed" ]; then
uci set wireless.default_radio0.disabled=0
logger wificlient enabled
elif [ "$ACTION" = "released" ]; then
uci set wireless.default_radio0.disabled=1
logger wificlient disabled
fi
fi
uci commit wireless
wifi
# /etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan wlan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option network 'wan'
option forward 'ACCEPT'
option masq '1'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'ap'
option forward 'ACCEPT'
option network 'ap'
option masq '1'
option mtu_fix '1'
config forwarding
option dest 'wan'
option src 'ap'

Important Links:

Flash instruction:

The only way to flash LEDE image in TL-WR902AC v3 is to use tftp recovery mode in U-Boot:

  1. Configure PC with static IP 192.168.0.66/24 and tftp server.
  2. Rename "openwrt-ramips-mt76x8-tplink_tl-wr902ac-v3-squashfs-tftp-recovery.bin" to "tp_recovery.bin" and place it in tftp server directory.
  3. Connect PC with the LAN port, press the reset button, power up the router and keep button pressed for around 6-7 seconds, until device starts downloading the file.
  4. Router will download file from server, write it to flash and reboot.
  5. Router has wifi disabled by default, thus ethernet is needed to setup. Luci also isn't installed with snapshot images
#!/bin/sh /etc/rc.common
# This is the script that starts the wanled script. It needs to be enabled witth /etc/init.d/wanled enable
# Location /etc/init.d/initwanled with execute permission
START=99
STOP=1
start(){
/usr/bin/wanled &
}
stop(){
killall -9 wanled
}
# /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf6:1775:a6b4::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.0.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device 'lan_dev'
option name 'eth0.1'
option macaddr 'b0:4e:26:33:23:38'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '4 6t'
config interface 'wan'
option proto 'dhcp'
config interface 'ap'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
option gateway '192.168.2.1'
option dns '1.1.1.1 1.0.0.1 9.9.9.9 8.8.8.8'

Bugs:

  • Buttons script is not ideal as it restarts the network twice when ever the slider slides
  • 5Ghz is not working- as detailed here. This is due to a driver issue.
  • The pachage slider-switch package does not work for V3: Issue
#!/bin/sh wanled
# This is a script that pings 1.1.1.1 to check for internet connections and changes the LED accourdingly.
# Location /usr/bin with execute permission
while [ true ]; do
ping -c 1 1.1.1.1
rc=$?
if [[ $rc -eq 0 ]] ; then
echo "1" > /sys/devices/platform/gpio-leds/leds/tl-wr902ac-v3\:green\:wan/brightness
else
echo "0" > /sys/devices/platform/gpio-leds/leds/tl-wr902ac-v3\:green\:wan/brightness
fi
sleep 10
done
# /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'platform/10300000.wmac'
option htmode 'HT20'
option country '00'
option legacy_rates '1'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'sta'
option encryption 'psk2'
option key 'xxx'
option network 'wan'
option ssid 'ClientAPName'
option disabled '0'
config wifi-iface
option device 'radio0'
option mode 'ap'
option network 'ap'
option encryption 'psk2'
option key 'xxx'
option ssid 'APName'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment