Thursday, December 13, 2012

Locked yourself out of your WNDR3800 on OpenWRT? Here's how you recover

Oops...

This week, I made a mistake when editing my network-bridge configuration on OpenWRT's LuCi web interface. After I pressed "Save and Apply", it occurred to me that things were taking quite a bit longer than usual. Then, I had no more internet connectivity from my backend machines, and I realized that I had made a mistake.

This was no cause for panic, since routers and firmwares usually have a recovery option: I would just look up how to do that on the intern... oh, wait... :(

Fortunately, I could enable WiFi tethering on my Android phone (that has a mobile data package), so I could use a laptop to look up the solution on the internet.

Solving the problem

Actually, the solution is quite easy: OpenWRT has a built-in recovery mode that you can enable by pressing the correct button at the correct time during the boot procedure. To that end, set up a backend machine to the static IP 192.168.1.2, and start a tcpdump:

# tcpdump -Ani eth0 port 4919 and udp

Now switch the router off and back on. After some 10-15 seconds, your tcpdump will show a message saying (amount of a lot of dots): "Please press button now to enter failsafe". At that point, on the WNDR3800, press the lowermost button (the one that is normally used for WPS auto-setup). The power LED will then start blinking very rapidly. Now, wait another ~30 seconds, and telnet into the router from your backend machine:

$ telnet 192.168.1.1

This will drop you straight to a root shell. You will want to remount the root filesystem read-write, on the OpenWRT:

# mount -o remount,rw /

You can now fix the problem (in the files under /etc/config) and reboot.