Closed cybersyx closed 2 months ago
go to modgui modal and install specific package
@FrancYescO can you elaborate on that?
@cybersyx I had same issue. This is due to this problem https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/
I went with Workaround 1. Now I have issue with Cloudflare itself. Why the heck to put it behind it and not just to github?
root@OpenWrt:/# wget -v https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz --2023-07-18 12:30:52-- https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz Resolving repository.ilpuntotecnico.com... 2606:4700:3030::6815:1488, 104.21.20.136, 172.67.192.239 Connecting to repository.ilpuntotecnico.com|2606:4700:3030::6815:1488|:443... failed: Operation not permitted. Connecting to repository.ilpuntotecnico.com|104.21.20.136|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2023-07-18 12:30:52 ERROR 403: Forbidden.
and
` Invoke-WebRequest -Uri https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz -OutFile Packages.gz -UseBasicParsing Invoke-WebRequest:
Just a moment...
Enable JavaScript and cookies to continue
(function(){
window._cf_chl_opt={
cvId: '2',
cZone: 'repository.ilpuntotecnico.com',
cType: 'non-interactive',
cNounce: '53588',
cRay: '7e89ca03ecb1380d',
cHash: '091ee1cfa3f69da',
cUPMDTk: "\/files\/roleo\/public\/agtef\/brcm63xx-tch\/packages\/base\/Packages.gz?__cf_chl_tk=R3kIjc.ZNW7tHTP_nAZFQEHN4nz3_hyvLOTP7y38bM4-1689673498-0-gaNycGzNC6U",
cFPWv: 'b',
cTTimeMs: '1000',
cMTimeMs: '60000',
cTplV: 5,
cTplB: 'cf',
cK: "",
cRq: {
ru: 'aHR0cHM6Ly9yZXBvc2l0b3J5LmlscHVudG90ZWNuaWNvLmNvbS9maWxlcy9yb2xlby9wdWJsaWMvYWd0ZWYvYnJjbTYzeHgtdGNoL3BhY2thZ2VzL2Jhc2UvUGFja2FnZXMuZ3o=',
ra: 'TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgTWljcm9zb2Z0IFdpbmRvd3MgMTAuMC4yMjAwMDsgcnUtUlUpIFBvd2VyU2hlbGwvNy4zLjU=',
rm: 'R0VU',
d: '1cYb4np0emjmDc0lCDUzBU+vHOCjzfblaD3ZauTQX5WAtp7Wuj5PF+kvj62J1K5M+N64OrzZNlGWUfHR3OtMFxHCWOUDTao6+WDMe2Qb2/1lTTO1/NGQJJ6jKMool+h5qBHBF0vNPRHbbk3EakoShXGR/OODkS9yqvRRmTpPKWHr/DhqvfhYTB4iz3iiID6s0q/vg3bansJ+NZmkbwsQcxAhaYbni88GG2JHVbKx/F5pEs2SglCE/izxLxGJVS70fQnW+yxe9q/JB4f9W+EKOk4n6OQXJ8+wQIG/OvB21yqs9a4tAX6iZKUH2TYfL03ErV/6UBP2atuKufC6YgqdE0rHOLsiLqpwhV3gFu9YDj5fB+Ump0wmwGuL5mYklI8GEKUhXrenhKPaCicGFa4nsvWfqlh7H2x5FUcofPwho1VGO/T+F34fWYFkfeQBOX7EJju4V7h/mxcUKJdY5S+k28Q8nvFcdVDFc7CQ8Y02PjLS51siWqib4QqxmycmpKuvW/ceYDoOpEjQ1qmxv159OI/4LIYPPp64jeAa23kUU6E=',
t: 'MTY4OTY3MzQ5OC4yMzMwMDA=',
cT: Math.floor(Date.now() / 1000),
m: 'ITD4XB2xt9YpmWb8OmiFRb6nWbahIkn0BKOt75FsfP0=',
i1: 'ivUQgPNsrZquURf1IDXO8Q==',
i2: 'Q21GUksD+zOoad3H4ody6w==',
zh: 'Vbf972ckUdera2FyICt08axmBJ3zGEP5tB2hTlDVR/w=',
uh: '+LAitOxdSyaXD2Ftms9iKRSVC0qJnRppjZfUjvxwHFE=',
hh: 'I04VqKY2nbX9e7mC6SwoBHei7zCOowKpFSZWAR+yfjY=',
}
};
var cpo = document.createElement('script');
cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7e89ca03ecb1380d';
window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, location.href.length - window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
if (window.history && window.history.replaceState) {
var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
history.replaceState(null, null, "\/files\/roleo\/public\/agtef\/brcm63xx-tch\/packages\/base\/Packages.gz?__cf_chl_rt_tk=R3kIjc.ZNW7tHTP_nAZFQEHN4nz3_hyvLOTP7y38bM4-1689673498-0-gaNycGzNC6U" + window._cf_chl_opt.cOgUHash);
cpo.onload = function() {
history.replaceState(null, null, ogU);
};
}
document.getElementsByTagName('head')[0].appendChild(cpo);
}());
`
If you installed the gui without a working internet connection, opening the second card, you should see a message that will guide you to install specific package that should fix the issue.
I installed it with working connection. And I see a ton of people had issues with repository.ilpuntotecnico.com, Just fork damn thing to github!
Issue is not the repository but the old packages and certificates installed on these router. Issue was already solved and I'm pretty sure is still the correct solution. If you want to fork the repo is up to you, you will probably get the same issue.
Post a screenshot of your second modal opened.
You are wrong. You clearly do not understand what Cloudflare can do and doing in this case. First of all let me ask you - do you understand difference between
Connecting to repository.ilpuntotecnico.com|172.67.192.239|:443... connected. ERROR: cannot verify repository.ilpuntotecnico.com's certificate, issued by 'CN=E1,O=Let's Encrypt,C=US': Issued certificate has expired.
and
Connecting to repository.ilpuntotecnico.com|104.21.20.136|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2023-07-18 12:30:52 ERROR 403: Forbidden.
?
Second, PowerShell command Invoke-WebRequest -Uri https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz -OutFile Packages.gz -UseBasicParsing runs under Windows wich has 0 issues with any certificates whatsoever. So issue IS IN Cloudflare. If you want to educate yourself - you can read it here https://community.cloudflare.com/t/site-is-fine-via-browser-but-403-accessed-programmatically/337991 . Whoever configured repository.ilpuntotecnico.com did a very sloppy job.
do you understand how a WAF work? until now we got no issue about the fact the repository.ilpuntotecnico.com is behind CF, and all packages are correctly downloaded through opkg, and i'm pretty sure this is happening right now (unfortunately no DGA device online for tests..), so if you are getting a 403 from CF, you just messed up your public IP during your PS&co tests and CF is clearly refusing you, so just stop bothering about CF WAF picking random post from community.
about the root CA expiry notification, you can be right, the certificate on the repo got renewed on Tuesday, 4 July 2023, and got it from Let's Encrypt E1 instead of the previous R3 actually we included the 1.0.2t-1 version of openssl that is pretty old and maybe does not have the new E1 chain CA, also in some of newest firmware tch, if i'm not wrong, removed all root CAs.
that said, pull requests are open.
Is this problem been fixed? I'm still waiting for the fix for the DGA4132 because when i try to install LuCI i get Unknown app install script for 19.4 armv7l
Downloading https://repository.macoers.com/homeware/19/brcm6xxx-tch/VANTW/luci/luci_git-21.217.07088-5294ba2-1_all.ipk
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies for luci:
* libiwinfo20181126
* libiwinfo-lua
* libiwinfo20181126
* libiwinfo-lua
* opkg_install_cmd: Cannot install package luci.
DGA4132 - 19.4 ARMV7L - GUI version: 9.6.97-7e66e3cc
This is the error that blocks LuCI from installing
i have install homeware/18 feed using this guide https://www.macoers.com/blog/antonio-macolino/repository_openwrt_homeware_18_brcm63xx_tch. But this is the result, i have try commad opkg update in ssh too.
Collected errors:
I am getting the same issue on DGA4132 using both latest Dev 9.6.99 and stable 9.6.65
With 2.2.1 AGTHP (Homeware 18) I managed to install LUCI.
With 2.3 and newer (even 2.4) (Homeware 19), I can't install LUCI neither using Homeware 18 or 19 repos. I am getting this issue:
check_data_file_clashes: Package libubox20191228 wants to install file /lib/libubox.so But that file is already provided by package * libubox20170601
Does someone know how to fix it?
Putting 18.x repos on 19.x firmwares should be enough to fix the issue
If someone have time to test..this is the commit to revert (just modify the opkg list locally..)
https://github.com/Ansuel/tch-nginx-gui/commit/7e66e3cc76f232a94c2b814b24fb17b775b10b95
Putting 18.x repos on 19.x firmwares should be enough to fix the issue
I have reinstalled 2.3.4 with latest DEV Gui and i was able to install LUCI from terminal (opkg install luci) with Homeware 18 repos. The problem is that i don't know how to access it. If I go to 192.168.1.1 I see the Ansuel GUI, if I go to 192.168.1.1:9080 nothing opens.
you should not used opkg directly.
Install from the GUI after putting the 18.x repos
Install from the GUI after putting the 18.x repos
Uninstalled from opkg with --autoremove. Now I am trying installing from the GUI. This is where it get stuck (Requested....) :
Installing libuci-lua (2019-05-17-f199b961-1) to root...
Downloading https://repository.macoers.com/homeware/18/brcm63xx-tch/VANTW/base/libuci-lua_2019-05-17-f199b961-1_arm_cortex-a9_neon.ipk
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Installing luci (git-20.155.55668-a972bdb-1) to root...
Downloading https://repository.macoers.com/homeware/18/brcm63xx-tch/VANTW/luci/luci_git-20.155.55668-a972bdb-1_all.ipk
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (librt and librt) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (libpthread and libpthread) providing same name marked HOLD or PREFER. Using latest.
Installing uhttpd (2018-11-28-cdfc902a-3) to root...
Downloading https://repository.macoers.com/homeware/18/brcm63xx-tch/VANTW/base/uhttpd_2018-11-28-cdfc902a-3_arm_cortex-a9_neon.ipk
Installing luci-lib-nixio (git-20.155.55668-a972bdb-1) to root...
Downloading https://repository.macoers.com/homeware/18/brcm63xx-tch/VANTW/luci/luci-lib-nixio_git-20.155.55668-a972bdb-1_arm_c
Do not used macoers 18 feeds, but what is used the in the script
Try also uninstall ad reinstall ever from the gui
Do not used macoers 18 feeds, but what is used the in the script
Can you send me the repo that I should use. If you can, contact me on telegram user: Supermitic
Do not used macoers 18 feeds, but what is used the in the script
Can you send me the repo that I should use.
Hi, i've a a little issue. When i try to install luci from gui i get this error:
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/packages/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/packages/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/luci/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/luci/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/routing/Packages.gz *** Failed to download the package list from https://repository.ilpCollected errors:
When i perform an opkg update from shell:
root@OpenWrt:/tmp# opkg update Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/base/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/packages/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/packages/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/luci/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/luci/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/routing/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/routing/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/telephony/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/telephony/Packages.gz
Downloading https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/management/Packages.gz *** Failed to download the package list from https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/management/Packages.gz
Collected errors:
if i try to download the package with wget:
root@OpenWrt:/tmp# wget https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/management/Pa ckages.gz --2023-05-08 23:10:17-- https://repository.ilpuntotecnico.com/files/roleo/public/agtef/brcm63xx-tch/packages/management/Packages.gz Resolving repository.ilpuntotecnico.com... 2606:4700:3036::ac43:c0ef, 172.67.192.239, 104.21.20.136 Connecting to repository.ilpuntotecnico.com|2606:4700:3036::ac43:c0ef|:443... failed: Operation not permitted. Connecting to repository.ilpuntotecnico.com|172.67.192.239|:443... connected. ERROR: cannot verify repository.ilpuntotecnico.com's certificate, issued by 'CN=E1,O=Let\'s Encrypt,C=US': Issued certificate has expired. To connect to repository.ilpuntotecnico.com insecurely, use `--no-check-certificate'.
Gui version: 9.6.97-7e66e3cc