Blog |Follow Nick on Twitter| About

I'm in the process of trying to see if I can get DNS over HTTPS working, my forum post didn't provide a direct answer therefore I'm going to document the build/compile/install process, at time of writing I'm not 100% sure if the package is going to work or meet my requirements but there's little infomation avilable on this topic that I figure this post will help someone!

Some comments on the Teltonika RUT240

The RUT240 is a niftly little box, 2x Ethernet Ports, 2.4Ghz WiFi and 4G.
The marketing material describes the Operating system as: "RutOS (OpenWrt based Linux OS)". Which is accurate, but there's a little detail, the verion of OpenWRT that RutOS is based on is 15.05.1 "Chaos Calmer" released in 2015 and last updated in 2016, so although the RUT240 featurelist is very impressive, under the hood there's some old tech.
Some googling suggests that you can re-flash some Teltonika boxes with the latest OpenWRT however you are flash/storage dependent, the RUT240 doesn't have enough storage space to do this.

A word of Warning!

Back in the day, I used to build RPM packages from sourse for RHEL and this process can quickly become dependency hell, be mindful of effort Vs reward as this packaging lark can be a bit of a rabbit hole!


Given that I haven't gotten DOH working yet, I'm going to document a simple example and upgrade curl & ca-bundle (the version of wget that comes with Rutos is compiled without HTTPS so this is going to be useful!)

To get started you need Ubuntu 16.04, one option is to build yourself a virtal machine, I'm going to use docker:

$ docker run -it ubuntu:16.04
[email protected]:/# cd
[email protected]:~#

Note: Docker by default starts the shell in / type cd to do everything in the $HOME directory (/root)

Ubuntu isn't ready to build stuff, install the developer packages with these commands:

apt-get update; apt install subversion g++ zlib1g-dev build-essential git python python3 libncurses5-dev gawk gettext unzip file libssl-dev wget libelf-dev ecj fastjar java-propose-classpath rsync swig time python3-setuptools libncursesw5-dev ccache xsltproc vim tree

At this point, you can download the Chaos Calmer source code:

git clone

This will create a chaos_calmer folder in /root that will be your build environment.

To update curl, I'm going to step up one version of firmware from 15.05.1 to 17.01 Lede; the reason I'm not going to latest & greatest is to reduce the risk that curl has a dependenciy that needs updating, and so-one and so-forth.

Curl is part of the firmware, i.e. not in packages repo so download the older branch:

git clone -b lede-17.01; mv openwrt lede-17.01-openwrt

Then replace the old package like so:

rm -fr ~/chaos_calmer/package/network/utils/curl
cp -av ~/lede-17.01-openwrt/package/network/utils/curl ~/chaos_calmer/package/network/utils/

To build ca-bundle I could clone the whole lede packages repo and copy the files, however this package includes certificates which are date bound, so I'm going to be forced to go latest & greatest, and looking at looking at the package we only need one file, so let's just update that:

cd chaos_calmer/package/system/ca-certificates/  
rm Makefile
cd ~/chaos_calmer

Before building, according Teltonika you need to update the Makefile of your package and add in some RUTOS specifics...

vi package/network/utils/curl/Makefile

Somewhere near the top of the file, insert this..


NOTE: If you're running later firmware, update as applicable.

And again for ca-certificates

vi package/system/ca-certificates/Makefile

Update lie this...


Next step, is to run make menuconfig

... and select your package (press spacebar to make an M appear), if you don't do this you'll have issue with later commands:

Base sytem -> CA Certificates

Network -> File Transfer -> Curl

Exit and save the config. You are ready to build & setup the enrviornment, be warned this will take a long time to run!

make tools/install
make toolchain/install

If all has gone well, you'll be back at the prompt and it's time to start building your packages, start with your depnedencies:

make package/ca-certificates/compile
make package/ca-certificates/install
make package/curl/compile
make package/curl/install

IF that finished without error, then the packages should be built in your bin directory...

[email protected]:~/chaos_calmer# tree bin/
`-- ar71xx
    `-- packages
        |-- base
        |   |-- ca-bundle_20200601-1_all.ipk
        |   |-- libcurl_7.52.1-10_ar71xx.ipk

Copy & Install

Now all that's left is to copy & install the files. Since we built them in a docker container, step 1 is to get them out. First find your container ID:

$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
40e297a4fa8d        ubuntu:16.04        "/bin/bash"         16 hours ago        Up 16 hours                             serene_leakey

My ID is 40e297a4fa8d so that's the name of the server in the docker cp command, which looks like this...

$ docker cp 40e297a4fa8d:/root/chaos_calmer/bin/ar71xx/packages/base/ca-bundle_20200601-1_all.ipk .

Rename the file as recommended by Teltonika...

$ mv ca-bundle_20200601-1_all.ipk tlt_custom_pkg_ca-bundle_20200601-1_all.ipk

And then do a simple SSH Copy (SCP) to your router...

$ scp tlt_custom_pkg_ca-bundle_20200601-1_all.ipk [email protected]:~/
tlt_custom_pkg_ca-bundle_20200601-1_all.ipk                                                                                                                               100%  114KB 113.1KB/s   00:01    

Finally, SSH onto your router and install with: opkg install ./tlt_custom_pkg_ca-bundle_20200601-1_all.ipk for the ca-bundle and repeat for Curl!


This may or may not be the official Teltonika way of doing things so your milage may vary!




Nick Bettison ©