OpenWrt 22.03 released: Linux operating system targeting embedded devices

The OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned. In 2016, the LEDE project was founded as a spin-off of the OpenWrt project and shared many of the same goals. The project aimed at building an embedded Linux distribution that makes it easy for developers, system administrators or other Linux enthusiasts to build and customize software for embedded devices, especially wireless routers. The name LEDE stood for Linux Embedded Development Environment.

OpenWrt

People install LEDE because they believe it works better than the stock firmware from their vendor. They find it is more stable, offers more features, is more secure and has better support.

  • Extensibility: LEDE provides many capabilities found only in high-end devices. Its 3000+ application packages are standardized, so you can easily replicate the same setup on any supported device, including two (or even five) year old routers. More…
  • Security: LEDE’s standard installation is secure by default, with Wi-Fi disabled, no poor passwords or backdoors. LEDE’s software components are kept up-to-date, so vulnerabilities get closed shortly after they are discovered. More…
  • Performance and Stability: LEDE firmware is made of standardized modules used in all supported devices. This means each module will likely receive more testing and bug fixing than stock firmware which can be tweaked for each product line and never touched again. More…
  • Strong Community Support: LEDE team members are regular participants on the LEDE ForumLEDE Developer and LEDE Admin mailing lists, and LEDE’s IRC channels. You can interact directly with developers, volunteers managing the software modules and with other long-time LEDE users, drastically increasing the chances you will solve the issue at hand. More…
  • Research: Many teams use LEDE as a platform for their research into network performance. This means that the improvements of their successful experiments will be available in LEDE first, well before it gets incorporated into mainline, vendor firmware. More…
  • Open Source/No additional cost: LEDE is provided without any monetary cost. It has been entirely created by a team of volunteers: developers and maintainers, individuals and companies. If you enjoy using LEDE, consider contributing some effort to help us improve it for others! All of the above is possible because LEDE is part of the Open Source community, and powered by the Linux kernel. Get the source code…

openwrt 22.03 release.

Changelog

Firewall4 is used by default, superseding the iptables-based firewall3 implementation in the OpenWrt default images. Firewall4 uses nftables instead of iptables to configure the Linux netfilter ruleset.

Firewall4 keeps the same the UCI firewall configuration syntax and should work as a drop-in replacement for fw3 with most common setups, emitting nftables rules instead of iptables ones.

Including custom firewall rules through /etc/firewall.user still works, but requires marking the file as compatible first, otherwise it is ignored. Firewall4 additionally allows to include nftables snippets. The firewall documentation explains how to include custom firewall rules with firewall4. Some community packages that add firewall rules might not work for now, and will need to be adapted to fw4: this will happen gradually throughout the lifetime of the 22.03 release series.

The legacy iptables utilities are not included in the default images anymore, but can be added back using opkg or the Image Builder if needed. The transitional packages iptables-nftarptables-nftebtables-nft and xtables-nft can be used to create nftables rules using the old iptables command line syntax.

OpenWrt 22.03 supports over 1580 devices. Support for over 180 new devices was added in addition to the device support by OpenWrt 21.02. OpenWrt 22.03 supports more than 15 devices capable of Wifi 6 (IEEE 802.11ax) using the MediaTek MT7915 wifi chip.

The following targets or boards were migrated from swconfig to DSA with OpenWrt 22.03 in addition to the systems already migrated with OpenWrt 21.02:

  • bcm53xx: All board using this target were converted to DSA
  • lantiq: All boards using the xrx200 / vr9 SoC
  • sunxi: Bananapi Lamobo R1 (only sunxi board with switch)

The LuCI bootstrap design supports a dark mode. The default design activates dark mode depending on the browser settings. Change it manually at “System” → “System” → “Language and Style”.

OpenWrt 22.03 uses musl 1.2.x, which changed the time_t type from 32 bit to 64 bit on 32 bit systems, on 64 bit system it was always 64 bit long. When a Unix time stamp is stored in a signed 32 bit integer it will overflow on 19 January 2038. With the change to 64 bit this will happen 292 billion years later. This is a change of the musl libc ABI and needs a recompilation of all user space applications linked against musl libc. For 64 bit systems this was done when the ABI was defined many years ago, the glibc ARC ABI already has a 64 bit time_t.

Core components have the following versions in 22.03.0-rc6:

  • Updated toolchain:
    • musl libc 1.2.3
    • glibc 2.34
    • gcc 11.2.0
    • binutils 2.37
  • Updated Linux kernel
    • 5.10.138 for all targets
  • Network:
    • hostapd 2.10, dnsmasq 2.86, dropbear 2022.82
    • cfg80211/mac80211 from kernel 5.15.58
  • System userland:
    • busybox 1.35.0

Download