- 論壇徽章:
- 0
|
[color="#0000ff"]WRT開(kāi)源無(wú)線路由用JTAG刷CFE過(guò)程
在之前的一篇《
關(guān)于開(kāi)源無(wú)線路由器的資料
》文章中�,我簡(jiǎn)單介紹了WRT開(kāi)源無(wú)線路由的情況,同時(shí)我也從恩山淘寶店買(mǎi)了一個(gè)WRT300N V1.1的裸板無(wú)線路由���,自己玩一下���。對(duì)于一個(gè)開(kāi)發(fā)板來(lái)講,最重要的就是刷不死����,一拿到手,第一件事就是將其中的UART調(diào)試口和JTAG口接出來(lái)�,并試著刷機(jī)看看。
[color="#0000ff"]硬件連接
我在恩山的論壇上搜索到了硬件連接的資料(
JTAG 接點(diǎn)圖大全
)�����,拿來(lái)工具就開(kāi)工了,我沒(méi)有夠買(mǎi)恩山網(wǎng)上的所謂TTL線和JTAG線����,因?yàn)槲矣鞋F(xiàn)成的板子,只要稍加修改就可以實(shí)現(xiàn)相同的功能�����。至于具體的接線我就不講了�����,不同的板子有不同的接法�,看資料吧����。以下是我的連接照片:
![]()
![]()
![]()
![]()
一切都連接好以后,就可以通過(guò)我的本本連接路由板的串口和JTAG�,與他通信刷機(jī)了。
[color="#0000ff"]串口通信
在“暈到死”系統(tǒng)下���,可以用
PuTTY
連接相應(yīng)的串口�����,只要路由板子一上電�����,就會(huì)從串口輸出很多信息:
Start to blink diag led ...
CFE version 1.0.37 for BCM947XX (32bit,SP,LE)
Build Date: Tue Feb 27 19:35:53 CST 2007 (root@localhost.localdomain)
Copyright (C) 2000,2001,2002,2003 Broadcom Corporation.
Initializing Arena
Initializing PCI. [normal]
PCI bus 0 slot 0/0: vendor 0x14e4 product 0x0800 (flash memory, rev 0x02)
PCI bus 0 slot 1/0: vendor 0x14e4 product 0x471f (ethernet network, rev 0x02)
PCI bus 0 slot 2/0: vendor 0x14e4 product 0x471a (USB serial bus, interface 0x10, rev 0x02)
PCI bus 0 slot 2/1: vendor 0x14e4 product 0x471a (USB serial bus, interface 0x20, rev 0x02)
PCI bus 0 slot 3/0: vendor 0x14e4 product 0x471b (USB serial bus, rev 0x02)
PCI bus 0 slot 4/0: vendor 0x14e4 product 0x0804 (PCI bridge, rev 0x02)
PCI bus 0 slot 5/0: vendor 0x14e4 product 0x0816 (MIPS processor, rev 0x02)
PCI bus 0 slot 6/0: vendor 0x14e4 product 0x471d (IDE mass storage, rev 0x02)
PCI bus 0 slot 7/0: vendor 0x14e4 product 0x4718 (network/computing crypto, rev 0x02)
PCI bus 0 slot 8/0: vendor 0x14e4 product 0x080f (RAM memory, rev 0x02)
PCI bus 0 slot 9/0: vendor 0x14e4 product 0x471e (class 0xfe, subclass 0x00, rev 0x02)
Initializing Devices.
No DPN
This is a Parallel Flash
Partition information:
boot #00 00000000 -> 0003FFFF (262144)
trx #01 00040000 -> 0004001B (28)
os #02 0004001C -> 007F7FFF (8093668)
nvram #03 007F8000 -> 007FFFFF (32768)
Partition information:
boot #00 00000000 -> 0003FFFF (262144)
trx #01 00040000 -> 007F7FFF (8093696)
nvram #02 007F8000 -> 007FFFFF (32768)
Reset switch via GPIO 8 ...
PCI bus 0 slot 1/0: pci_map_mem: attempt to map 64-bit region tag=0x800 @ addr=18010004
PCI bus 0 slot 1/0: pci_map_mem: addr=0x18010004 pa=0x18010000
ge0: BCM5750 Ethernet at 0x18010000
CPU type 0x2901A: 300MHz
Total memory: 131072 KBytes
Total memory used by CFE: 0x80600000 - 0x806A1900 (661760)
Initialized Data: 0x80636C40 - 0x80639BE0 (12192)
BSS Area: 0x80639BE0 - 0x8063B900 (7456)
Local Heap: 0x8063B900 - 0x8069F900 (409600)
Stack Area: 0x8069F900 - 0x806A1900 (8192)
Text (code) segment: 0x80600000 - 0x80636C40 (224320)
Boot area (physical): 0x006A2000 - 0x006E2000
Relocation Factor: I:00000000 - D:00000000
Boot version: v4.4
The boot is CFE
mac_init(): Find mac [00:XX:XX:XX:XX:XX] in location 0
Nothing...
CMD: [ifconfig eth0 -addr=192.168.1.1 -mask=255.255.255.0]
eth0: Link speed: 100BaseT FDX
Device eth0: hwaddr 00-XX-XX-XX-XX-XX, ipaddr 192.168.1.1, mask 255.255.255.0
gateway not set, nameserver not set
CMD: [go;]
Check CRC of image1
Len: 0x5C0000 (6029312) (0xBC040000)
Offset0: 0x1C (28) (0xBC04001C)
Offset1: 0x9D0 (2512) (0xBC0409D0)
Offset2: 0xE2C00 (928768) (0xBC122C00)
Header CRC: 0xE2BCDDD9
Calculate CRC: 0xE2BCDDD9
Image 1 is OK
Try to load image 1.
Waiting for 5 seconds to upgrade ...
CMD: [load -raw -addr=0x806a1900 -max=0xf70000 :]
Loader:raw Filesys:tftp Dev:eth0 File:: Options:(null)
Loading: _tftpd_open(): retries=0/5
Failed.
Could not load :: Interrupted
Stop to blink diag led ...CFE>
CMD: []
CFE>
[color="#0000ff"]一開(kāi)始輸出的是bootloader(CFE)的信息����,一開(kāi)機(jī)在終端中按下CTRL+C,就可以進(jìn)入CFE的命令行模式下����。否則會(huì)自動(dòng)進(jìn)入Linux系統(tǒng)。
進(jìn)入Linux系統(tǒng)后就可以登錄了:
DD-WRT v24-sp2 mega (c) 2009 NewMedia-NET GmbH
Release: 04/02/09 (SVN revision: 11805)
ÿ
Tekkaman WRT login: root
Password:
==========================================================
____ ___ __ ______ _____ ____ _ _
| _ \| _ \ \ \ / / _ \_ _| __ _|___ \| || |
|| | || ||____\ \ /\ / /| |_) || | \ \ / / __) | || |_
||_| ||_||_____\ V V / | _ | | \ V / / __/|__ _|
|___/|___/ \_/\_/ |_| \_\|_| \_/ |_____| |_|
DD-WRT v24-sp2
http://www.dd-wrt.com
==========================================================
Jan 1 00:00:38 login[562]: root login on 'console'
BusyBox v1.13.3 (2009-04-02 16:01:41 CEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.
root@Tekkaman WRT:~#
[color="#0000ff"]JTAG刷機(jī)(“暈到死”系統(tǒng)下)
使用JTAG通信除了硬件上的連接以外�,還需要兩個(gè)軟件:
(1)
GiveIO
(2)brjtag.exe (你可以在恩山論壇上下載最新的)
這里提供1.8b的下載:
![]()
文件:
brjtag18b.rar
大小:
60KB
下載:
下載
[color="#0000ff"]刷機(jī)步驟:
(1)加載GiveIO驅(qū)動(dòng),參考
GiveIO下載網(wǎng)站
的步驟!(注意:“痿死他”和“暈氣”系統(tǒng)下運(yùn)行LoadDrv�,請(qǐng)用右鍵:使用管理員權(quán)限運(yùn)行)
(2)到brjtag.exe程序目錄下,通過(guò)命令行運(yùn)行:
brjtag.exe -probeonly
以探測(cè)連接的芯片和flash�����。
見(jiàn)下圖:
![]()
如果你是用臺(tái)式機(jī)的并口����,就不需要后面的/port:XXXX ,用默認(rèn)的并口地址就好了�,我使用的是Express 卡轉(zhuǎn)并口�����,所以要定義端口地址�����,具體的情況見(jiàn)上圖�。
(3)刷新CFE���,運(yùn)行:
brjtag.exe -flash:cfe /port:XXXX
brjtag.exe程序就先擦除CFE分區(qū),并會(huì)在當(dāng)前目錄下找名為CFE.BIN的文件��,并將它燒寫(xiě)到CFE分區(qū)��。
brjtag.exe還有許多其他的功能����,需要看幫助信息的話(huà),請(qǐng)直接運(yùn)行brjtag.exe���!
對(duì)于新買(mǎi)來(lái)的路由��,最好先運(yùn)行:
brjtag.exe -backup:cfe /port:XXXX
來(lái)備份CFE,以備不時(shí)之需���。如果沒(méi)有CEF的bin文件��,你可以到恩山論壇上搜索��,或者下載恩山上的:
CFE大全
��。
本文來(lái)自ChinaUnix博客�,如果查看原文請(qǐng)點(diǎn):http://blog.chinaunix.net/u1/34474/showart_2089433.html |
|
免費(fèi)注冊(cè)
發(fā)表于 2009-11-09 00:30