dolphs

I compiled a small HOWTO to get this going with kernel 5.16 on a Rockpi4+ sudo su - apt update && apt -y install git build-essential swig4.0 python3-dev libnode-dev cmake libjson-c-dev Grab "user overlay" from radxa: mkdir -p /boot/overlay-user cd /boot/overlay-user curl -sL https://rock.sh/rockpi-poe-dtbo -o rockpi-poe.dtbo nano /boot/armbianEnv.txt user_overlays=rockpi-poe exit Compile mraa packages cd /home/[user] git clone https://github.com/eclipse/mraa mkdir mraa/build cd mraa/build cmake .. make -j7 #depends on cores available+1 sudo make install Install PoE package and enable its service sudo su #view /etc/ld.so.conf.d/libc.conf ldconfig # add /usr/local/lib libraries to " LD_LIBRARY_PATH " cd /tmp wget https://cos.setq.me/rockpi/deb/rockpi-poe-0.13.deb dpkg -i rockpi-poe-0.13.deb systemctl enable rockpi-poe.service reboot After reboot the fan should spin up like mad and after little while it slows down ( off ) : root@rockpi-4a:~# systemctl status rockpi-poe.service ● rockpi-poe.service - Rockpi PoE-FAN Loaded: loaded (/lib/systemd/system/rockpi-poe.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2022-03-22 11:19:06 UTC; 11min ago Main PID: 659 (python3) Tasks: 1 (limit: 4464) Memory: 11.7M CPU: 264ms CGroup: /system.slice/rockpi-poe.service └─659 /usr/bin/python3 /usr/bin/rockpi-poe.py start Mar 22 11:19:06 rockpi-4a systemd[1]: Started Rockpi PoE-FAN. Mar 22 11:19:08 rockpi-4a libmraa[659]: libmraa version v2.2.0-11-gd7ae171 initialised by user 'root' with EUID 0 Mar 22 11:19:08 rockpi-4a libmraa[659]: gpio: platform doesn't support chardev, falling back to sysfs Mar 22 11:19:08 rockpi-4a libmraa[659]: libmraa initialised for platform 'ROCK Pi 4' of type 20

Hi, Based on this topic it should be possible to open PWM0 and PWM1 on a RockpiS, Yet I like to do the same thing on a Rockpi4A+ ( fdtfile=rockchip/rk3399-rock-pi-4a-plus.dtb ), in order to enable the fan on a PoE HAT Without any overlay it shows: root@rockpi-4a:/sys/class/pwm# ls /sys/class/pwm/ -la total 0 drwxr-xr-x 2 root root 0 Mar 19 05:20 . drwxr-xr-x 71 root root 0 Mar 19 05:20 .. lrwxrwxrwx 1 root root 0 Mar 19 05:20 pwmchip0 -> ../../devices/platform/ff420020.pwm/pwm/pwmchip0 I tried some of radxa's suggestions using their " rockpi-poe.dtbo " overlay ( user_overlays=rockpi-poe ) and indeed that makes the fan spinning up like crazy, but alas unable to control the fan, due to missing libmraa. However the overlay mentioned does seem to open two additional PWM's, thus PWM0 till 2. root@rockpi-4a:~# ls /sys/class/pwm/ -la total 0 drwxr-xr-x 2 root root 0 Mar 19 05:36 . drwxr-xr-x 71 root root 0 Mar 19 05:36 .. lrwxrwxrwx 1 root root 0 Mar 19 05:36 pwmchip0 -> ../../devices/platform/ff420000.pwm/pwm/pwmchip0 lrwxrwxrwx 1 root root 0 Mar 19 05:36 pwmchip1 -> ../../devices/platform/ff420010.pwm/pwm/pwmchip1 lrwxrwxrwx 1 root root 0 Mar 19 05:36 pwmchip2 -> ../../devices/platform/ff420020.pwm/pwm/pwmchip2 I was wondering if this is WIP, or should is it possible already to enable pwm with a built-in armbian overlay, was unable to retrieve anything in that direction from: /boot/dtb/rockchip/overlays except for " overlays=w1-gpio " but perhaps there is another way? [ 6.207083] OF: /onewire@0: could not get #gpio-cells for /vop@ff900000/port/endpoint@1 [ 6.207102] w1-gpio onewire@0: gpio_request_one (ext_pullup_enable_pin) failed [ 6.207105] w1-gpio: probe of onewire@0 failed with error -22 PS I am not demandig anything, just asking about PoE HAT status ( controllable fan ) in current armbian ( edge, kernel 5.16.x ) and if this is WIP? thanks!

Hello, I noticed things have been updated since I have been gone , thanks very much for that and I was able to compile 5.16.15 just now for my rockpi-4a+ ! However it seems to run at 1,8GHz , while I was expecting with " rk3399-rock-pi-4a-plus.dtb " it should run at 2GHz, also because previous overlay "rk3399-opp-2ghz " vanished ? Suppose this is WIP,. Thanks a million for your efforts getting all this done as I found out it has been hard to take out all hurdles as posted back in January already !!! UPDATE - this helped instead of using "overlays" option: fdtfile=rockchip/rk3399-rock-pi-4a-plus.dtb

Hi, I managed to compile 5.16.1 for my Rockpi4 board, I did not flash it yet as I try to polish things before I flash things. Also awaiting my 4A+ ( with POE HAT ) but first things first. Could one please update the edge entry to " 5.16.y " # /config/sources/families/include/ rockchip64_common.inc Also imho for rockpi4a(+) all bluetooth and WiFi entries should be removed from the kernel .config: - bluetooth-rtl8822cs-hci_ver-0x8.patch - Bluetooth-hci_h5-Add-power-reset-via-gpio-in-h5_btrt.patch - kali-wifi-injection-*.patch - wireless-*.patch - general-bluetooth-add-new-quirk.patch - board-pbp-fix-wonky-wifi-bt.patch - wifi-hf-lps170-bl602-kconfig-makefile.patch - wifi-hf-lps170-bl602.patch To build 5.16.y following patches have been removed : - board-rockpi4-0005-arm64-dts-enable-es8316-audio.patch ? general-fix-es8316-kernel-panic.patch # did not remove but should be imho ? - bootsplash-5.10.y-0003-Revert-fbcon-remove-soft-scrollback-code.patch - 0001-bootsplash.patch - 0006-bootsplash.patch - 0007-bootsplash.patch - 0008-bootsplash.patch - 0009-bootsplash.patch ./compile.sh BOARD=rockpi-4a BRANCH=edge RELEASE=bullseye BUILD_MINIMAL=yes BUILD_DESKTOP=no KERNEL_ONLY=no KERNEL_CONFIGURE=yes EXPERT=YES EXTRAWIFI=no This way it built ( with WARNINGS : which is to be polished ) at least 5.16, Armbian_22.02.0-trunk_Rockpi-4a_bullseye_edge_5.16.1_minimal.img. However patches removed either need to be revised ( and come back in ) or in most happy scenario indeed simply can be removed ( like for ess audio ) Also I would be happy to see an "lsmod" from rockpi4a+ which can be compared with rockpi4a. Perhaps also radxa image and armbian image need to be put side by side so a proper ".config" can be created for 5.16.y edge kernels. Hopefully we ( community ) can spend some effort coming months ( years :-) ) getting the 4a+ stable as I assume there are loose ends with this 'new' OP1 board. Meanwhile like to do some trial and error on its .config next few days, but won't expect my 4a+ in before February 2022... If appreciated I can post my current compilation and other output logs, I attached " compilation.log " and rgd WARNINGS: - Bootsplashes fail due to removal patches ( missing dependencies ) - Bluetooth can be ignored for rockpi4a/4a+ These need to be looked in to ( as well bootsplashes ): [ warn ] * [l][c] board-pbp-setup-USB-type-c-port-as-dual-dat.patch [ failed ] [ warn ] * [l][c] board-rockpis-0008-thermal-rockchip-add-tsadc-support-for-rk3308.patch [ failed ] [ warn ] * [l][c] board-rockpis-0016-ASoC-rockchip-add-support-for-rockchip-i2s-tdm-contr.patch [ failed ] [ warn ] * [l][c] general-add-panel-simple-dsi.patch [ failed ] Yup most likely there is some rework required... compilation.zip

Hello gents, I have been out of the loop for quite some time... Therefore did not update my armbian dev env either for quite a while, was a bit "surprised" after a " git pull " most boards went to CSC, but read the story why... Anyway I was wondering rgd the "new" OP1 Rockpi4+ boards, if same image can be used for these boards ? Most likely a new entry to compile, armbian building script, will appear sooner or later. Also noticed current kernel 5.16 holds commits for 4A+ and 4B+ : Rockchip ... Add RK3399 ROCK Pi 4A+ board commit Add RK3399 ROCK Pi 4B+ board commit ... In +/- two months like to start a PoE ROCK Pi 4A+ board project , checking current status I most likely should start building for "rockpi-4a" and change kernel config a bit. Hopefully by then a "Bleeding edge" ( 5.16 kernel ) can be compiled for these boards ... Currently compilation.log shows ( see below ) and suspecting these patches : Displaying message: * [\e[32ml\e[0m][\e[32mc\e[0m] board-rockpi4-0005-arm64-dts-enable-es8316-audio.patch info Displaying message: * [\e[32ml\e[0m][\e[32mc\e[0m] general-fix-es8316-kernel-panic.patch info Grtz!

@Werner splendid! cheers for that

Hmmm why moving to 11 already, better wait till bullseye hit the streets imho... Perhaps you ae better off with backports? I do similar for unbound ( wireguard-tools )? eg: Last, but not least, dont know if you have emmc installed but you might test bullseye from sdcard? Compiling with EXPERT=yes, eg for rockpi-4a ( my scenario ):

looks like this helped in the end: " rockpi-4a:~:# vnstat -i wg0 --update "

Just flashed rockpi-4a current buster image and it looks like I hit " Error: Unable to read database "/var/lib/vnstat/wg0": No such file or directory Merge "eth0+wg0" failed. ", which can be shown here Also have been checking vnstat to merge wg0 but did not succeed, perhaps one can give me a hand please? TiA! These are the adapters present:

.

bumped my OpiOnePlus H6 boards to kernel 5.12 and surprise surprise , BBR is working as it should again ... I really wonder what was causing this as in kernel 5.10 and 11 I had to use westwood ( with cake )... net.core.default_qdisc = fq net.ipv4.tcp_congestion_control = bbr shows 250Mbit ( meanwhile line upgraded which is max upload speed ) root@vpn01:~# iperf3 -4 -c 192.168.10.2 -t 300 -b0 -P1 Connecting to host 192.168.10.2, port 5201 [ 5] local 192.168.20.2 port 47462 connected to 192.168.10.2 port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-1.00 sec 28.4 MBytes 238 Mbits/sec 0 7.71 MBytes [ 5] 1.00-2.00 sec 35.0 MBytes 294 Mbits/sec 1789 1.81 MBytes [ 5] 2.00-3.00 sec 26.2 MBytes 220 Mbits/sec 3780 1.96 MBytes [ 5] 3.00-4.00 sec 30.0 MBytes 252 Mbits/sec 3389 1.66 MBytes [ 5] 4.00-5.00 sec 27.5 MBytes 231 Mbits/sec 4158 2.27 MBytes [ 5] 5.00-6.00 sec 28.8 MBytes 241 Mbits/sec 2252 5.84 MBytes [ 5] 6.00-7.00 sec 30.0 MBytes 252 Mbits/sec 2507 5.85 MBytes [ 5] 7.00-8.00 sec 26.2 MBytes 220 Mbits/sec 3921 2.12 MBytes [ 5] 8.00-9.00 sec 30.0 MBytes 252 Mbits/sec 2773 5.94 MBytes [ 5] 9.00-10.00 sec 27.4 MBytes 230 Mbits/sec 3675 2.02 MBytes [ 5] 10.00-11.00 sec 28.8 MBytes 241 Mbits/sec 3512 1.88 MBytes ^C[ 5] 11.00-11.22 sec 7.50 MBytes 289 Mbits/sec 319 2.68 MBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-11.22 sec 326 MBytes 244 Mbits/sec 32075 sender

5.11 to be buried, is EOL ( already ). imho the non LTS kernels could be buried once mainline kernel hits .1 release. Thus eg. when 5.13.1 will be released bump edge kernel asap so 5.12 can be buried ( and forgotten ) ( needless to say , but "currents" should stay on LTS )

Hello to you all, Haven't read 2825 yet, will do after this but did a quick checkout and built both for H6 (opioneplus) and H616( zero2 ), : git pull sed -i 's/orange-pi-5.11/orange-pi-5.12/g' config/sources/families/include/sunxi64_common.inc ./compile.sh EXPERT=yes EXTRAWIFI=no USEALLCORES=yes compilation.log shows --- grep error output/debug/*.log output/debug/compilation.log:drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c:152:27: error: redefinition of ‘sun50i_h616_r_ccu_clks’ output/debug/compilation.log:drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c:178:9: error: ‘CLK_NUMBER_H616’ undeclared here (not in a function); did you mean ‘CLK_NUMBER’? output/debug/compilation.log:drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c:194:35: error: redefinition of ‘sun50i_h616_r_hw_clks’ output/debug/compilation.log:drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c:226:29: error: redefinition of ‘sun50i_h616_r_ccu_resets’ output/debug/compilation.log:drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c:252:36: error: redefinition of ‘sun50i_h616_r_ccu_desc’ Suppose once that packaging issue is solved edge will be bumped , so sed no longer needed. cheers chaps! compilation.log

cheers for your response. eth0, eth1 solved by " extraargs=net.ifnames=0 " as @Igor pointed out in this topic I cut down iptables script to the basics as shown below , allowing SSH on eth1 only and outbound traffic goes over eth0. #!/bin/sh # Delete all existing iptables rules iptables -F # Set default chain policies to DROP all iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Allow SSH on eth1 iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth1 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth1 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth1 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT # Allow all outbound traffic eth0 iptables -I OUTPUT -o eth0 -d 0.0.0.0/0 -j ACCEPT iptables -I INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT Next part would be to update routing accordingly so outbound won't check for eth1 and go straight to eth0, etc etc

Hi, Idea is to run a wireguard server having two ethernet devices, therefore added an USB3 adapter "ASIX AX88179" to my rockpi4a. I like to allow incoming traffic, incl SSH, on "eth1". Instead, outgoing, on eth0 ( RTL8211E ) I wrote following ( preps, nmcli, iptables ) up - but perhaps there is an easier approach and I am sure I am missing other (routing) stuff, for sure the forwarding part. Anyway perhaps there is one to guide me a bit, TiA! 1/ preparations apt update && apt -y upgrade && apt -y install firmware-realtek nano /boot/armbianEnv.txt # add extraargs=net.ifnames=0 reboot 2/ nmcli stuff nmcli c mod "Wired connection 2" connection.id realtek nmcli c mod "Wired connection 1" connection.id asix nmcli c mod asix ipv6.method ignore nmcli c mod realtek ipv6.method ignore nmcli c mod asix ipv4.never-default true nmcli c up asix nmcli c up realtek 3/ iptables "hardening" # 1. Delete all existing rules iptables -F # 2. Set default chain policies to DROP all both eth0 and eth1 iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # 3. Allow SSH on eth1 iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth1 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth1 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth1 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT # 4. Allow incoming Wireguard on eth1 iptables -A INPUT -i eth1 -p udp --dport 51820 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth1 -p udp --sport 51820 -m state --state ESTABLISHED -j ACCEPT FORWARD? ( wg0 ) # 5. Allow outbound Wireguard on eth0 iptables -A OUTPUT -o eth0 -p udp --dport 51820 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p udp --sport 51820 -m state --state ESTABLISHED -j ACCEPT FORWARD? ( wg0 ) # 6. Allow outbound http(s) on eth0 ( eg updates ) iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 80,443 -m conntrack --ctstate ESTABLISHED -j ACCEPT # iperf3 excluded for now # 7. Accept all traffic on loopback interface iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT