I'm in the process of trying to see if I can get DNS over HTTPS working, my forum post didn't provide a direct answer therefore I'm going to document the build/compile/install process, at time of writing I'm not 100% sure if the package is going to work or meet my requirements but there's little infomation avilable on this topic that I figure this post will help someone!
Some comments on the Teltonika RUT240
The RUT240 is a niftly little box, 2x Ethernet Ports, 2.4Ghz WiFi and 4G.
The marketing material describes the Operating system as: "RutOS (OpenWrt based Linux OS)". Which is accurate, but there's a little detail, the verion of OpenWRT that RutOS is based on is 15.05.1 "Chaos Calmer" released in 2015 and last updated in 2016, so although the RUT240 featurelist is very impressive, under the hood there's some old tech.
Some googling suggests that you can re-flash some Teltonika boxes with the latest OpenWRT however you are flash/storage dependent, the RUT240 doesn't have enough storage space to do this.
A word of Warning!
Back in the day, I used to build RPM packages from sourse for RHEL and this process can quickly become dependency hell, be mindful of effort Vs reward as this packaging lark can be a bit of a rabbit hole!
Building
Given that I haven't gotten DOH working yet, I'm going to document a simple example and upgrade curl & ca-bundle (the version of wget that comes with Rutos is compiled without HTTPS so this is going to be useful!)
To get started you need Ubuntu 16.04, one option is to build yourself a virtal machine, I'm going to use docker:
$ docker run -it ubuntu:16.04
root@17da442b8e85:/# cd
root@7f2c92d1ed06:~#
Note: Docker by default starts the shell in
/typecdto do everything in the$HOMEdirectory (/root)
Ubuntu isn't ready to build stuff, install the developer packages with these commands:
apt-get update; apt install subversion g++ zlib1g-dev build-essential git python python3 libncurses5-dev gawk gettext unzip file libssl-dev wget libelf-dev ecj fastjar java-propose-classpath rsync swig time python3-setuptools libncursesw5-dev ccache xsltproc vim tree
At this point, you can download the Chaos Calmer source code:
git clone https://github.com/openwrt/chaos_calmer.git
This will create a chaos_calmer folder in /root that will be your build environment.
To update curl, I'm going to step up one version of firmware from 15.05.1 to 17.01 Lede; the reason I'm not going to latest & greatest is to reduce the risk that curl has a dependenciy that needs updating, and so-one and so-forth.
Curl is part of the firmware, i.e. not in packages repo so download the older branch:
git clone -b lede-17.01 https://github.com/openwrt/openwrt.git; mv openwrt lede-17.01-openwrt
Then replace the old package like so:
rm -fr ~/chaos_calmer/package/network/utils/curl
cp -av ~/lede-17.01-openwrt/package/network/utils/curl ~/chaos_calmer/package/network/utils/
To build ca-bundle I could clone the whole lede packages repo and copy the files, however this package includes certificates which are date bound, so I'm going to be forced to go latest & greatest, and looking at looking at the package we only need one file, so let's just update that:
cd chaos_calmer/package/system/ca-certificates/
rm Makefile
wget https://raw.githubusercontent.com/openwrt/openwrt/master/package/system/ca-certificates/Makefile
cd ~/chaos_calmer
Before building, according Teltonika you need to update the Makefile of your package and add in some RUTOS specifics...
vi package/network/utils/curl/Makefile
Somewhere near the top of the file, insert this..
PKG_ROUTER:=RUT240
PKG_FIRMWARE:=01.12.3
PKG_TLT_NAME:=curl
PKG_VERSION_PM:=1.0
NOTE: If you're running later firmware, update as applicable.
And again for ca-certificates
vi package/system/ca-certificates/Makefile
Update lie this...
PKG_ROUTER:=RUT240
PKG_FIRMWARE:=01.12.3
PKG_TLT_NAME:=ca-certificates
PKG_VERSION_PM:=1.0
Next step, is to run make menuconfig
... and select your package (press spacebar to make an M appear), if you don't do this you'll have issue with later commands:
Base sytem -> CA Certificates
Network -> File Transfer -> Curl
Exit and save the config. You are ready to build & setup the enrviornment, be warned this will take a long time to run!
make tools/install
make toolchain/install
If all has gone well, you'll be back at the prompt and it's time to start building your packages, start with your depnedencies:
make package/ca-certificates/compile
make package/ca-certificates/install
make package/curl/compile
make package/curl/install
IF that finished without error, then the packages should be built in your bin directory...
root@40e297a4fa8d:~/chaos_calmer# tree bin/
bin/
`-- ar71xx
`-- packages
|-- base
| |-- ca-bundle_20200601-1_all.ipk
| |-- libcurl_7.52.1-10_ar71xx.ipk
Copy & Install
Now all that's left is to copy & install the files. Since we built them in a docker container, step 1 is to get them out. First find your container ID:
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
40e297a4fa8d ubuntu:16.04 "/bin/bash" 16 hours ago Up 16 hours serene_leakey
$
My ID is 40e297a4fa8d so that's the name of the server in the docker cp command, which looks like this...
$ docker cp 40e297a4fa8d:/root/chaos_calmer/bin/ar71xx/packages/base/ca-bundle_20200601-1_all.ipk .
Rename the file as recommended by Teltonika...
$ mv ca-bundle_20200601-1_all.ipk tlt_custom_pkg_ca-bundle_20200601-1_all.ipk
And then do a simple SSH Copy (SCP) to your router...
$ scp tlt_custom_pkg_ca-bundle_20200601-1_all.ipk [email protected]:~/
tlt_custom_pkg_ca-bundle_20200601-1_all.ipk 100% 114KB 113.1KB/s 00:01
$
Finally, SSH onto your router and install with: opkg install ./tlt_custom_pkg_ca-bundle_20200601-1_all.ipk for the ca-bundle and repeat for Curl!
End
This may or may not be the official Teltonika way of doing things so your milage may vary!
References:
- https://wiki.teltonika-networks.com/view/RUT240_Package_Manager#Custom_package_upload
- https://openwrt.org/docs/guide-developer/single.package