[Fork] FreshTomato-ARM

Discussion in 'Tomato Firmware' started by kille72, Apr 15, 2018.

  1. kille72

    kille72 LI Guru Member

    [FreshTomato-ARM]
    (Tomato-ARM by @kille72 project changed its name to FreshTomato)

    Forked off from Tomato-ARM by Shibby, builds compiled by FreshTomato team
    FreshTomato team: @kille72 @pedro311

    Latest version: 2018.4 - 2018-09-12
    Source code: https://bitbucket.org/kille72/freshtomato-arm, https://bitbucket.org/pedro311/freshtomato-arm
    Changelog: FreshTomato-ARM
    Downloads: http://freshtomato.org/ or https://exotic.se/freshtomato-arm/

    For the following ARM routers: Asus N18U, AC56S, AC56U/AC56R, AC68U(A1,A2,B1)/R/P, AC3200, Netgear R6250, R6300v2, R6400, R7000, R8000, LinksysEA6300v1/EA6400, EA6500v2, EA6700, EA6900, Tenda AC15, Huawei WS880, Dlink DIR868L, Xiaomi R1D.

    Thanks to @shibby20 @AndreDVJ @Jacky444 @koitsu @M_ars @Vindicator @Sean B. @Toastman @RMerlin @tsynik @tvlz @lancethepants @Elfew @Edrikk and all others who helped me with this project.

    Disclaimer: We are not responsible for any bricked routers, nor do we encourage other people to flash alternative firmwares on their routers. Use at your own risk!

     
    Last edited: Sep 15, 2018 at 11:00 AM
  2. kille72

    kille72 LI Guru Member

    P.S. @Pedro has started working/updating the MIPS branch, he needs to buy any MIPS router that can handle AIO images and preferably 2.4/5GHz WiFi. If you want to support his work please donate. You will find the link in his signature. Thanks in advance!

    I will help him with tests and I have Netgear WNR3500Lv2 MIPS R2 that can handle AIO images.
     
    Last edited: Apr 15, 2018
  3. pomidor1

    pomidor1 Networkin' Nut Member

    Last edited: Apr 15, 2018
    kille72 likes this.
  4. kille72

    kille72 LI Guru Member

    We have links in our signatures ;) Thanks @pomidor1!
     
  5. miroco

    miroco Reformed Router Member

    Is Fresh Tomato a clean slate from the ground up new firmware without any legacy Tomato code?
     
  6. pomidor1

    pomidor1 Networkin' Nut Member

    this is the continuation and development of Shibby work

    in my opinion, the project would be supported by the AdwancedTomato project based on FreshTomato

    for this you need to add n66u and other routers from the mipsel platform
     
  7. cicofz

    cicofz New Member Member

    What a great news for my two N66U! :)

    End of 2017 I switched to Merlin, but I will instantly return if MIPS-Tomato will be refreshed. I spontaneously registered here just to see Pedro's signatur and donate to help getting him a "test machine"...

    I really appreciate the plan to reanimate Tomato for mipsel, many thanks to all involved!
     
    kille72 likes this.
  8. Tomato Mike

    Tomato Mike Network Newbie Member

    Great work! I just have two comments (I want to preference that I cleared NVRAM after upgrading):

    1) Why set "Invert Ports Order" as default on R8000? This makes them backwards. It now thinks that my port 1 (which is labeled in paint on the back of the router) is port 4. I unchecked that, to make it normal.

    2) I've tried enabling a VLAN under the Advanced VLAN tab (making one of my ports bridge to LAN1 (br1), and it caused the router to not be able to connect to the internet at all. I had to do a 30-30-30 reset to get everything back up and running. I tried 4 different times, in different orders (in terms of what order I configure my router settings), with slightly different VLAN options, and it happens each time. I'm wondering if this new bug has something to do with the inverted ports order, of it it's completely unrelated. I never had this problem on any previous Tomato firmware, and I've performed this option enough that I know I'm doing it the same way as always. But now, no matter how I try to enable it (4 different ways, each requiring a 30-30-30 reset), the router becomes unresponsive after enabling it, and the internet doesn't work. Thought you should know right away!

    Also, the bug that I mentioned a few months back still stands, related to "Enabling" the Guest Wifi (Virtual Wireless). If you enable Virtual Wireless on 2.4ghz, the radio will basically not work ever again, until you clear NVRAM. Nothing will legitimately connect to 2.4ghz (on regular or virtual wireless) until NVRAM is cleared. I learned that this bug still exists the hard way.

    Other than that, everything is working beautifully. I'll let you know if I notice anything else.
     
    Last edited: Apr 15, 2018
  9. Umut Özdamar

    Umut Özdamar New Member Member

    Hi I would be a liability if you think you are going to release firmware version for Tenda AC18
     
  10. Sean B.

    Sean B. LI Guru Member

    I have an E3000 I can use for testing MIPS builds, just let me know if needed.
     
    Techie007 and kille72 like this.
  11. encore2097

    encore2097 Network Guru Member

    Would love to help get Tomato working on an TP-LINK Archer C7 v2 [QCA9558 (Scorpion) MIPS 74Kc]
     
  12. José Fernández

    José Fernández Networkin' Nut Member

    Enabling VLAN makes my R7000 unresponsive too. Didn't try to invert the ports order, though.

     
  13. xips_

    xips_ Networkin' Nut Member

    Good stuff!

    R7000 install -> new VLAN renders router inoperable

    edit: untagged VLAN3 set at Port 4 (same config with Shibby v140)

    Thx
     
    Last edited: Apr 16, 2018
  14. txnative

    txnative Networkin' Nut Member

    I have a Linksys E3200 & Belkin F7D4302 that I'd test for these models.
    Will pedro have a mips branch repository to follow as well? Regards, txnative
     
    Last edited: Apr 15, 2018
    kille72 likes this.
  15. My Name

    My Name Networkin' Nut Member

    Used a spare Tenda AC15 to test FreshTomato and as others have reported VLAN also doesn't work on Tenda AC15 either. Appears to really mess up the ports.

    I was able to log back into the router using Wireless and could see that Overview was showing two ports active when I only had one cable plugged in. That particular port was not assigning DHCP addresses either.

    WAN port would light up but was not working since my Wireless connection had no internet.

    Flashed back to the last version of @kille72 to get the router back to working status.

    EDIT: Forgot to mention, I did wipe NVRAM after flashing FreshTomato

    EDIT: Flashed FreshTomato again onto same spare Tenda AC15, wiped NVRAM and tried VLAN again with same basic results. None of the Ethernet ports plus WAN port works after VLAN is saved and committed to NVRAM. As before, wireless works and I can login to the Tenda AC15 and do pretty much everything needed to configure the router, so it is not totally unresponsive (in my case anyway). I used wireless to restore default configuration on two different occasions. The only way to recover was to do Administration, Configuration and Thorough (wipe NVRAM) to get the ports back to a working state. Without NVRAM wipe things were still pretty much messed up on the Ethernet and WAN ports.
     
    Last edited: Apr 16, 2018
    Tony Ramirez and Techie007 like this.
  16. Aardvark

    Aardvark Serious Server Member

  17. Techie007

    Techie007 Serious Server Member

    @kille72: Thank you for your continued support and development of this firmware.

    I had dual-WAN working on the Tenda AC15 a week ago. Yes, the port order is all messed up. Part of the problem is that the Tenda AC15 only has three LAN ports, while Tomato expects four. LAN1-LAN3 map to LAN2-LAN4 in Tomato. Something seemed off with the way the VLAN section behaved, but I did get it working with the WAN and LAN1 ports being my two WAN ports. Something I found out the hard way: Don't use VLAN0, and make sure that the LAN (main) network is VLAN1. I almost lost access to the router, but was able to change my settings via WiFi.
     
  18. AndreDVJ

    AndreDVJ LI Guru Member

    While my R8000 is most of time turned off (and I'm too lazy to lay a cable to a PC), VLAN works fine on my R7000, as I connect WAN port of my R8000 on port 4 of my R7000.

    upload_2018-4-16_0-25-8.png
     
    kille72 likes this.
  19. Techie007

    Techie007 Serious Server Member

    I have a bug report. This bug isn't anything new, probably going back to MultiWAN or even further. Anyway, I have a network using all Tenda AC15 routers (now) running FreshTomato 2018.1 with the following topology:

    DSL bridged modem -> WAN TendaMaster (DNS, DHCP, SAMBA & WINS server)
    LAN1 TendaMaster -> WAN (bridged) TendaA
    LAN1 TendaA -> WAN (bridged) TendaB
    LAN2 TendaA -> WAN (bridged) TendaC

    I have DHCP disabled on the extra routers, and have entered the IP address to TendaMaster into each router's Default Gateway, Static DNS and WINS settings under Basic -> Network. However, only TendaMaster gets NTP time or reports to TomatoAnon. The additional routers are all acting as access points, with WAN Type set to Disabled and Bridge WAN port to primary LAN (br0) enabled. They are working fine as access points, DHCP requests from connected devices make it back to TendaMaster for IP address assignments, and all DNS is going through TendaMaster (and then OpenDNS) as expected. But the other routers seem unable to resolve DNS queries themselves, causing NTP and TomatoAnon to fail. This includes after the fact, when I try to manually refresh either by hitting the [Save] button on those pages or executing ntp manually. So it's not a boot order/readiness issue. Using LAN1 instead of the bridged WAN port doesn't seem to make a difference. Any thoughts on this?
     
  20. Sean B.

    Sean B. LI Guru Member

    On the AP's with DNS issues, In Tools->System commands run:

    Code:
    cat /etc/resolv.conf
    If it returns as file doesn't exist, empty, or has an IP address other than the DNS server you want it using, run:

    Code:
    echo "nameserver X.X.X.X" > /etc/resolv.conf
    Replace X's with the DNS server IP. Test routers DNS abilities
     
    Techie007 and kille72 like this.
  21. kille72

    kille72 LI Guru Member

    We will investigate the problem with VLAN's (not everyone has this problem), we will return as soon as possible. @tvlz, what do you think?
     
  22. M_ars

    M_ars Network Guru Member

  23. The Master

    The Master Network Guru Member

  24. Tomato Mike

    Tomato Mike Network Newbie Member

    Can anybody else confirm the Guest WiFi problem I mentioned above, and in the first kille72 thread? To explain better, if you follow the instructions mentioned on the website below (and obviously ignore the VLAN section, since that’s currently buggy), and enable guest WiFi (I try it on the 2.4ghz channel), does it result in killing your 2.4ghz, to the point where nothing will successfully connect and have internet? You can backup your settings, try it, and restore them to confirm.

    https://learntomato.com/setup-guest-network-guest-wifi-tomato-vlan/
     
  25. M_ars

    M_ars Network Guru Member

    @kille72
    I think that commit does make the VLAN problems. I did a quick test build (RT-N18U) with and without that patch.
    If i try to add/create a new VLAN after reboot nothing is working anymore --> reset to get everything working again.

    Can you or someone else also check? :)

    best regards
    M_ars
     
  26. Magister

    Magister LI Guru Member

    Pretty good!
    Can I dirty install 2018.1 over 2017.3 ? I am not using anything fancy
     
  27. My Name

    My Name Networkin' Nut Member

    I had port 1 on my Tenda AC15 tagged to both BrO and Br1 and it fails so Tagged Vlans may be the culprit. EDIT:Update Post #28 below confirms this to not be the case.

    @Sean B The following is unrelated to FreshTomato and was done on @kille72 2018.1.39 on a Tenda AC15 AP
    returns nameserver 127.0.0.1
    returns /tmp/.xxxxxxxxx: line 5: can't create /etc/resolv.conf: Read-only file system
     
    Last edited: Apr 16, 2018
  28. My Name

    My Name Networkin' Nut Member

    Retested my spare Tenda AC15 with FreshTomato and NVRAM wipe, setup VLANs as before but did not use Port Tagging and it still fails. Wireless still works and I can access things as before. Had to use Administration, Configuration, Wipe NVRAM to get it back to working order again.
     
    Techie007 likes this.
  29. My Name

    My Name Networkin' Nut Member

    Did you check the MAC address of your Guest Network using Advanced, MAC Address? Tomato seems to always duplicate the MAC address of physical Eth1 and wl0.1 as I recall. If so, change wl0.1 to another MAC address. The MAC addresses are in HEX so if eth1 and wl0.1 ends in B for example, change the wlo.1 ending to C, assuming none of the others end in C.
    Now, none of you experts blast me, please. I am doing the best I can on this.:p
     
  30. Tomato Mike

    Tomato Mike Network Newbie Member

    I’ve tried everything related to the MAC addresses. But to reiterate, turning on the guest WiFi will also disable the regular WiFi for whatever radio you link the guest WiFi to. Shutting off the router and disabling guest WiFi won’t fix it. You’ll either have to clear NVRAM or revert back to the saved settings from before you enabled it. It basically “breaks” the radio permanently, no matter what you do, unless you can somehow return the router to a state it had before it ever happened (clearing the NVRAM or re-loading your previously saved settings). There doesn’t seem to be another way to “fix” the radio.
     
  31. tvlz

    tvlz LI Guru Member

    Revert the advanced vlan files, did not work as intended.
    Commit: 98ee718
    If you don't want to wait for @kille72 or @pedro311 to release a fixed build, you can get & install the Advanced vlan file from here.
    Can-vlan-gui-port-order-be-corrected
     
    AndreDVJ, M_ars and kille72 like this.
  32. My Name

    My Name Networkin' Nut Member

    I have a spare E3200 I can donate if needed for testing.
     
  33. kille72

    kille72 LI Guru Member

    Ok guys...version 2018.2 will come tomorrow with VLAN corrections...;) Sorry!
     
    My Name, Elfew and M_ars like this.
  34. ArmsAsuncion

    ArmsAsuncion Network Newbie Member

    I'm experiencing this bug where the network speed is only limited to the speed indicated in Crawl, or whatever your Default class is in QoS, although traffic is tagged correctly as seen in details/classifications. Disabling QoS fixes the issue. Using EA6900 AIO. Thanks!
     
  35. Tomato Mike

    Tomato Mike Network Newbie Member

    Thanks! Can we install right on top of 2018.1, or do we have to clear NVRAM?
     
  36. txnative

    txnative Networkin' Nut Member

    Right and don't use your backup from previous version either.
     
    Tomato Mike likes this.
  37. @kille72, I know you cannot but would you know anyone here would would be talented enough and willing to take a look to see if Client Mode mode could be fixed in your ARM Build? I know you had wanted to take a look at this in the past. Somehow Client Mode became broken when Tomato was ported to the ARM but works fine in the MIPS builds. Hopefully it can easily be fixed. Either that or you might want to completely remove the option in your builds.
     
    kille72 likes this.
  38. Sean B.

    Sean B. LI Guru Member

    That's very odd. /etc is not part of the read only file system, it's part of the tmp read/write section. Telnet or ssh into the router, try the command again and see if it responds the same.
     
  39. Nitin Vaid

    Nitin Vaid Reformed Router Member

    my R7000 is configured in ppoe mode is there any way if connection was not present from provider side the led of internet turns orange?
     
  40. My Name

    My Name Networkin' Nut Member

    @Sean B. , used putty to ssh in to the AP and issued

    echo "nameserver 192.168.1.1" > /etc/resolv.conf

    returned -sh: can't create /etc/resolv.conf: Read-only file system

    FYI, if I do a cd /etc it redirects to tmp/etc and resolv.conf in tmp/etc redirects to rom/etc/resolv.conf
     
    Last edited: Apr 16, 2018
  41. AndreDVJ

    AndreDVJ LI Guru Member

    Must quote myself - Changed VLAN assignment on my R7000 (added port 3 to 2nd VLAN) - and lost WAN, but my router was still accessible (no reset needed), so I restored nvram values from my backups.

    Yes that commit that inverts port order must be reverted. Confirmed on my R8000.

    Normally /etc/resolv.conf is a symlink to /rom/etc/resolv.conf so it's read only.

    Delete that symlink (rm /etc/resolv.conf)`, then rerun echo "nameserver 192.168.1.1" > /etc/resolv.conf

    For now, you need to script your way around gpio 8 and 9. I'm not across where gpio function can be called.
     
    Last edited: Apr 17, 2018
    Tomato Mike likes this.
  42. My Name

    My Name Networkin' Nut Member

    @AndreD & @Sean B

    rm /etc/resolv.conf
    and
    echo "nameserver 192.168.1.1" > /etc/resolv.conf
    worked. Thanks

    EDIT: Update, rebooted router and things had reverted back to before. Does not survive a reboot.
     
    Last edited: Apr 17, 2018
  43. KyleS

    KyleS LI Guru Member

    The filesystem is temporary.
     
  44. Sean B.

    Sean B. LI Guru Member

    Put this in Administration->Scripts under the firewall tab:

    Code:
    #!/bin/sh
    
    if [ "$(cat /etc/resolv.conf | grep 127.0.0.1)" ]
      then
        rm /etc/resolv.conf
        echo "nameserver 192.168.1.1" > /etc/resolv.conf
        logger "Resolv.conf server IP corrected."
    fi
    This will make the change persistant through reboots.
     
  45. My Name

    My Name Networkin' Nut Member

    @Sean B
    To be clear, I am to put this under Scripts, Firewall and not Scripts, Init?
    And, if Scripts, Firewall, do I put it before my existing iptables information that exist there now or after my existing iptables information?
     
  46. koitsu

    koitsu Network Guru Member

    You can put:
    Code:
    rm /etc/resolv.conf
    echo "nameserver 192.168.1.1" > /etc/resolv.conf
    
    Into Scripts -> Init, which means it'll run once when the router reboots and only then. There may be some subsequent operations which could overwrite/change, or revert this. There are many factors. We can't cover them all with the information given (ex. what your router is actually doing; does it have WAN connectivity to an ISP? Do they delegate you DNS via DHCP or PPPoE? Are you using dnsmasq? Etc.). You will need to experiment.

    You can alternately add it to Scripts -> Firewall, which means it'll run every time the firewall is restarted (this includes changes to port forwards, access rules, and sometimes when WAN changes happen).

    I don't think the if [] then ... fi part of the Sean B. script is necessary -- the general script/solution isn't appending to resolv.conf, it's literally removing it + putting new content in place (>). Appends (>>) are a different situation, but that's off-topic.

    Everything under Administration -> Scripts are treated literally as shell scripts, thus (nearly) literal commands as if you had run them yourself manually. Whether or not it needs to come before or after your firewall rules depends on your situation/needs (such as if any of your firewall rules require working DNS lookups at the time they're run).
     
    kille72 likes this.
  47. Sean B.

    Sean B. LI Guru Member

    Yes, firewall. Put it before your iptables rules so the #!/bin/sh is the first line in the box. After the " fi " line at the end you can line all iptables rules as before. Init is not used here because it will only run once, possibly too early for the tmp file structure to retain the file, as init timing is not reliable. Also, the system can cause the resolv.conf file to be re-written again due to events such as saving certain menus in the GUI, dynamic IP change, etc. Firewall ( and WANUP which I would normally prefer, but not applicable in your use case ) scripts will be re-run in the majority of these events as well, reinstating your change.
     
  48. Sean B.

    Sean B. LI Guru Member

    I don't like deleting/writing to router memory ( RAM, NV, flash etc, save USB ) for no reason. The if statement is a simple check to see if any action is even needed. Sense the scripts can be executed by various multiple events on the router. And could cause a massive amount of delete/writes in the event of a connection problem etc that causes the events to constantly cycle.
     
  49. koitsu

    koitsu Network Guru Member

    You don't need #!/bin/sh in things under Administration -> Scripts -- the firmware will do that for you. Proof is in the source code, particularly run_nvscript() (note line 241). NVRAM variables and related calls to this function:

    Code:
    ~/work/tomato/release/src-rt-6.x.4708/router (Toastman-ARM) $ egrep -r 'script_(init|shut|fire|wanup)' .
    ./httpd/tomato.c:       { "script_init",                V_TEXT(0, 4096)         },
    ./httpd/tomato.c:       { "script_shut",                V_TEXT(0, 4096)         },
    ./httpd/tomato.c:       { "script_fire",                V_TEXT(0, 8192)         },
    ./httpd/tomato.c:       { "script_wanup",               V_TEXT(0, 4096)         },
    ./shared/defaults.c:    { "script_init",                ""                              , 0 },
    ./shared/defaults.c:    { "script_shut",                ""                              , 0 },
    ./shared/defaults.c:    { "script_fire",                ""                              , 0 },
    ./shared/defaults.c:    { "script_wanup",               ""                              , 0 },
    ./rc/wan.c:             run_nvscript("script_wanup", NULL, 0);
    ./rc/init.c:                    run_nvscript("script_shut", NULL, 10);
    ./rc/init.c:                    run_nvscript("script_init", NULL, 2);
    ./rc/firewall.c:        run_nvscript("script_fire", NULL, 1);
    ./www/admin-scripts.asp://      <% nvram("script_init,script_shut,script_fire,script_wanup"); %>
    
     
  50. Sean B.

    Sean B. LI Guru Member

    Force of habit.
     
  51. kille72

    kille72 LI Guru Member

    Tomato doesn't support Qualcomm Athero's chipset.
     
  52. kille72

    kille72 LI Guru Member

    Version 2018.2 is ready for download (VLAN problems have been fixed).
     
  53. Tomato Mike

    Tomato Mike Network Newbie Member

    Thanks for confirming! kille72, please turn off the new default “Invert Ports Order” on the R8000. It makes the order backwards.
     
    kille72 likes this.
  54. kille72

    kille72 LI Guru Member

    Ok! We add this to TO-DO list. Thanks!
     
    Tomato Mike likes this.
  55. Dr Strangelove

    Dr Strangelove LI Guru Member

    Downloaded and installed 2018.2 on Linksys EA6900 with basic config and all working well.
    Thanks @kille72
     
    kille72 likes this.
  56. Nitin Vaid

    Nitin Vaid Reformed Router Member

    where i can find the scrypt so that the INTERNET LED OF R7000 Turns Red when there is no internet connection
     
  57. My Name

    My Name Networkin' Nut Member

    @kille72, Flashed FreshTomato 2018.2 to my Tenda AC15 AP that was running kille72 2018.1.3 and being lazy today, did not wipe NVRAM but instead did a dirty flash. May find issues later but so far all is good. Will most likely flash FreshTomato 2018.2 on my spare Tenda AC15, manually configure it and then replace the one that was dirty flashed to be safe.

    @koitsu and @Sean B, this particular Tenda AC15 AP is fed by a VLAN from my main router with WAN disabled. The problem I was having was Basic, Time would not get the time from internet unless I used Custom configuration and entered a couple of Stratum 2 Time Server IP Addresses per @koitsu in another post.

    Put the following in Admin, Scripts, Firewall before my iptables data per @Sean B and @koitsu and so far time now updates correctly using normal US Time Servers and does survive a reboot.
     
    Last edited: Apr 17, 2018
    kille72 and Sean B. like this.
  58. mandepsi

    mandepsi Networkin' Nut Member

    thanks upgraded
    report follows
     
  59. mandepsi

    mandepsi Networkin' Nut Member

    Router Model: Linksys EA6900
    Previous: 2018.1 BETA
    Firmware Version: freshtomato-EA6900-ARM-2018.2-AIO-64K (17.04.2018 10:24)
    CPU Model: Broadcom BCM4708
    Chipset ARMv7 Processor rev 0 (v7l)
    CPU Frequency 1200 MHz (dual-core)
    CPU Features: EDSP
    Flash Size 128MB

    CPU Usage: 1.77%
    CPU Load: (1 / 5 / 15 mins) 0.16 / 0.06 / 0.06
    Total / Free Memory: 249.63 MB / 221.28 MB (88.64%)
    Total / Free NVRAM: 64.00 KB / 29.41 KB (45.95%)

    CPU Temperature: 64°C
    Wireless Temperature: eth1: 2.4G - 50°C eth2: 5G - 55°C

    Current Time: ???
    Uptime: 0 days, 00:29:57

    Mode/Status: WL1: Wireless Ethernet Bridge(AC Only), WL0: AP (NG-Mixed)
    USB/NAS: Enabeld
    Reset: No
    Upgraded over WebGUI

    Issues/Errors:
    Current Time doesn't work.

    to get Current Time
    code:
    echo "nameserver 8.8.8.8" > /etc/resolv.conf
    nslookup yahoo.com
    ping yahoo.com
     
  60. Techie007

    Techie007 Serious Server Member

    Wow...weird! So TendaMaster (which is working) and TendaC (which is not working) both had "nameserver 127.0.0.1" in resolv.conf. The other two were missing that file entirely. On the two missing that file, executing the command above temporarily fixed the NTP and TomatoAnon functions. On TendaC however, I get an error stating that it is a read only file system. Even though it already has the same info as TendaMaster, it does not work. I did see the workaround (to delete the symlink) posted later on in the forum.

    My question: Can't we just fix this bug? Shouldn't resolv.conf either be self (127.0.0.1) if DNSmasq is enabled, or statically set to the address(es) manually entered under Basic -> Static DNS if DNSmasq is disabled? I believe DNSmasq is disabled on my secondary routers due to WAN being set to Bridged and DHCP being set to Disabled in the LAN section.
     
  61. sszpila

    sszpila Serious Server Member

    Asus AC56U, everything works
     
    kille72 likes this.
  62. Cliffield

    Cliffield Network Newbie Member

    I made a first attemp to add stubby, a DNS-over-TLS resolver, to tomato. It seem to work, but I am not a programmer so it probably has some flaws.
    You can find the commits here.

    I have build stubby as static binary because the build process failed otherwise and i could not figure out the cause.

    If in GUI activated
    • stubby listens on port 5453 for dns request
    • and reads in /etc/stubby.yml for configuration
    • 'server=127.0.0.1#5453' and 'no-resolv' are added to /etc/dnsmasq.conf
    Stubby is configured in 'opportunistic mode' without UDP or TCP as transport fallback.
    "In 'Opportunistic' mode Stubby will try to authenticate the nameserver if possible, but will settle for using an unauthenticated, encrypted connection" source

    'Strict mode' (authentication of the upstream is required) would be possible by using ntp2ip like dnscrypt-proxy does to get the correct date/time after a reboot. Without correct date/time a authentication of the upstream servers is not possible.

    I am using 2018.2 AOI with this customisation on my R7000 without problems so far.
    But using dnscrypt-proxy and stubby simultaneously can lead to problems.

    Feel free to use, copy, modify or comment. I am sure here are persons with quite more knowledge I can learn from. ;)

    Many thanks for the ongoing developement of tomato
    Cliffield
     
    AndreDVJ, M_ars, Joe A and 1 other person like this.
  63. Sean B.

    Sean B. LI Guru Member

    It's an issue brought on by MultiWAN, so a fix is more involved than you may think. I don't run builds which incorporate MultiWAN, and avoid getting tangled up in it's code as much as possible.
     
    Techie007 likes this.
  64. kille72

    kille72 LI Guru Member

    Good work! How much bigger became firmware with stubby?
     
  65. Cliffield

    Cliffield Network Newbie Member

    freshtomato-R7000-ARM-2018.2-AIO-64k.trx with stubby has 25,161,728 bytes.
     
    kille72 likes this.
  66. radarga

    radarga Reformed Router Member

    We need to upgrade dnscrypt proxy to version 2.0
    The dnscrypt-proxy 2.0+ supports DoH out of the box. It supports both 1.1.1.1, and other services. It includes more advanced features, such as load balancing and local filtering.
     
  67. koitsu

    koitsu Network Guru Member

    Elfew and kille72 like this.
  68. khorvat

    khorvat New Member Member

    Hi FreshTomato team!

    Sorry if my English is poor.
    I have an Asus AC3200 router, I use it from first time with Tomato. In early time it was Shibby FW and work fine.
    The latest kille72 FW version that is work me: tomato-RT-AC3200-ARM--2017.3-kille72--AIO-64K.
    All kille72 or FreshTomato FW versions in 2018 work me wrong, the mistake is the same I can't mount my 3TB HDD on USB 3.0 port, now the version freshtomato-RT-AC3200-ARM-2018.2-AIO-64K is too.
    Storage 1 WDC WD30 EFRX-68EUZN0
    Partition 'RedBaron' ntfs (2,794.52 GB) is not mounted No
    [ Mount ]
    If I downgrade to 2017.3 kille72 it is works fine!!!
    If you have any time please see and repair this bug, I would like to use the latest fresh tomato FW.

    If you have any help from this HDD mount problem please write me and if I can help.

    Thx, khorvat
     
  69. pomidor1

    pomidor1 Networkin' Nut Member

    You probably use this or a similar way , the entry in the init in the admin tab
    Code:
    sleep 8
    /bin/mount -t ext4 LABEL="data" /nas
    /bin/mount -t ext4 LABEL="opt" /opt
    you must experiment with sleep, with its length : 10, 12 etc.

    because the mounting process does not correlate with disc detection, you just have to extend the sleep

    this is not a tomato error, other processes can start, etc. for someone

    a better way of mounting is through fastab
    this @SteelRAT script recommended by @kille72, auto-mont has to be included in usb tab, has big pluses

    I have never failed
    Adwanced / sript / init past

    Code:
     
    if [ ! -e /var/run/firstrun ]; then
    echo "firstrun" >> /var/run/firstrun
    echo "LABEL=opt /opt ext4 defaults 0 1" >> /etc/fstab
    echo "LABEL=data /nas ext4 defaults 0 1" >> /etc/fstab
    fi
    
    
     
  70. koitsu

    koitsu Network Guru Member

    Speaking generally and not about the specific issue in post #68: I've mentioned this many times over the years, but here's a semi-recent post: a Tomato feature is to use *.autorun files to automatically perform scripted tasks on filesystem mount, and *.autostop files to perform scripted tasks immediately prior to filesystem unmount. These are on the actual USB flash/disk/etc. filesystem itself, thus take up no NVRAM. There is no need for silly "sleep" directives when using this methodology; I've used it for several years with 100% reliability. I don't bother fussing with /etc/fstab since it's not persistent. Notes:

    * Name the files appropriately (ex. mount.autorun, unmount.autostop)
    * Place them in the root directory of the filesystem
    * Make sure the file(s) are executable (chmod 700 or chmod 755)
    * Make sure the first line of the file(s) contains #!/bin/sh
    * Make sure the file(s) are in UNIX file format (lines ending in line-feed only), not Windows/DOS
    * I recommend using ext2 or ext3 filesystems with this, not NTFS, FAT, or FAT32
    * I suggest using a filesystem label as a reference that you can key off of; Tomato will automatically make a correlating entry in /tmp/mnt for that label. This is important because on some routers, the actual device name will vary on boot (sometimes /dev/sda, other times /dev/sdb or /dev/sdc). I've seen this on the RT-N66U for example. You can set a filesystem label during mkfs.ext3 using the -L {label} flag. NTFS/FAT/FAT32 I think offer this through a "Volume Label" but I'm not sure (in post #68 the user is using NTFS and the volume is called "RedBaron"). Name the label something simple, with no special characters or spaces, and preferably in lowercase (UNIX is case-sensitive!).
    * If you plan on using this with Entware-ng (ex. something that auto-creates and /opt bindable point), then you need to add logic in the autorun script to ensure it doesn't happen more than once. The reason for this is that clicking Save in the Tomato GUI can cause a re-mount to happen, which means the autorun script to get run more than once. The logic is pretty simple.

    These are my notes. I have not shared these before (at least not in their entirety), so enjoy. Just make sure you are referring to the correct device (/dev/sda vs. /dev/sdb vs. /dev/sdc) before doing any of this! You've been warned.

    Code:
    # =========================================================================
    # Setting up a USB flash drive for TomatoUSB
    #
    # NOTE: You DO NOT need to partition the drive (i.e. use fdisk
    # and all that nonsense).  Truly/honestly you don't.  If you
    # plan on using a dedicated USB stick for TomatoUSB then don't
    # bother with partitioning -- you can simply make the filesystem
    # right on the raw device.
    #
    # Erasing existing partitions, filesystems, and MBR/GPT:
    #
    # If the USB flash drive you're going to use already has existing
    # filesystems or partitions on it (ex. NTFS, FAT32, etc.), then
    # you need to delete all of that first.  The most important part
    # is that a special ioctl() has to be issued to the kernel to
    # "forget" about previously-cached partition layouts.  The only
    # tool on TomatoUSB (Busybox) that can do this is fdisk (there is
    # no partprobe or hdparm).
    #
    # You might be tempted to use "fdisk /dev/sda" and then delete
    # each partition individually, followed by "w", but I have found
    # that doesn't always work.  It occasionally reports:
    #
    # fdisk: WARNING: rereading partition table failed, kernel still
    # uses old table: Invalid argument
    #
    # ...and the old partitions are still present.
    #
    # The most reliable way I found is to zero the first 1000 LBAs
    # of the drive.  This covers both use of MBR and GPT (we don't
    # care about zeroing the backup GPT because we'll be using the
    # entire drive as a filesystem anyway), as well as drives
    # previously used in the below fashion.
    #
    # dd if=/dev/zero of=/dev/sda count=1000
    # fdisk /dev/sda
    # - Enter the "w" command
    #
    # Now let's create the filesystem and swap file.  We use ext3
    # because it offers journalling, which should allow for a usable
    # filesystem if the router crashes or something bad happens (this
    # doesn't ensure data integrity, only filesystem integrity):
    #
    # /sbin/mkfs.ext3 -L usbflash -O dir_index /dev/sda
    # /sbin/tune2fs -c 0 -i 0 /dev/sda
    # mount /dev/sda /opt
    # dd if=/dev/zero of=/opt/swapfile bs=1M count=256 conv=fsync
    # mkswap /opt/swapfile
    # chmod 600 /opt/swapfile
    # umount /opt
    #
    # NOTE #1: For the dd count value, you should pick the number that
    # correlates with your router's RAM size (ex. 256 = 256MBytes), or
    # if you want to be extra safe, 2x RAM size.  You can get this
    # from "free" (see the "Mem: total" row/column) or by doing
    # "grep MemTotal /proc/meminfo".  Round up to the nearest
    # megabyte (ex. 255756 kB should be 256MBytes, hence count=256).
    #
    # And for those who are technically-inclined: you cannot use a sparse
    # file for a swapfile.  You really do have to "pre-allocate" a file
    # completely with zeros for swapon to work with it.
    #
    # NOTE #2: The mkfs.ext3 and dd take a VERY long time.  Be patient!
    # While mkfs will show you progress (although there are cases where
    # it stalls during "Writing inode tables" and "Creating journal"),
    # dd will not.  This is normal!  The larger the drive, the longer
    # this takes.
    #
    # Now go into the TomatoUSB GUI under "USB and NAS" and click
    # "Refresh", followed by clicking "Mount" on the individual
    # flash drive.  It should mount the drive as /tmp/mnt/usbflash
    # (the GUI will show this, or you can do "df").  If you get an
    # error that says "Failed to mount", and/or see the message
    # "Partition sda1 unknown" (or equivalent) in the Description
    # box, then you need to physically unplug the flash drive, wait
    # 5-10 full seconds, then re-insert it.
    #
    # Setting up the /opt bindable mount:
    #
    # Entware and lots of other programs tend to use /opt as a
    # "base directory" for all of their stuff.  TomatoUSB, however,
    # has a /opt directory that comes as part of the firmware; the
    # root filesystem, e.g. /, is ROM/read-only, therefore we can't
    # make a symlink or anything like that.  But what we *can* do
    # is use a bindable mount (think a hard link but using the
    # filesystem layer instead) so that going forward, /opt points
    # to /tmp/mnt/usbflash.  No symlinks -- all clean/simple.
    #
    # So let's do that, and enable use of the swapfile we created:
    #
    # mount -o bindable /tmp/mnt/usbflash /opt
    # swapon /opt/swapfile
    #
    # You can check that swap is now available using "free" or
    # through "cat /proc/swaps".
    #
    # If you do "df -k" at this point, you'll see the bindable
    # mount in place (note how /dev/sda is mounted twice per se):
    #
    # root@gw:/tmp/home/root# df -k
    # Filesystem           1K-blocks      Used Available Use% Mounted on
    # /dev/root                 6528      6528         0 100% /
    # tmpfs                   127976    103776     24200  81% /tmp
    # devfs                   127976         0    127976   0% /dev
    # /dev/sda              15358952    393640  14172532   3% /tmp/mnt/usbflash
    # /dev/sda              15358952    393640  14172532   3% /opt
    #
    # You're done!  (Aside from autorun and autostop scripts...)
    # =========================================================================
    

    mount.autorun:

    Code:
    #!/bin/sh
    #
    # automount script for USB flash drives
    #
    # Details about automount scripts:
    # http://www.linksysinfo.org/index.php?threads/status-logs-dont-update-correctly.69614/#post-240957
    # http://www.linksysinfo.org/index.php?threads/how-can-i-run-transimission-after-mounting-hdd.70573/#post-252990
    
    # Ensure that only one /opt bindable mount exists.  Repeated /opt
    # mounts can happen (Linux will allow this!) if clicking "Mount"
    # or "Save" in some parts of the Tomato GUI.
    
    fslabel="usbflash"
    swap="/opt/swapfile"
    
    if /bin/grep -q " /opt " /proc/mounts
    then
      /bin/umount /opt
    
      if [[ $? -ne 0 ]]
      then
        echo "umount failed, script not continuing"
        exit 1
      fi
    fi
    
    /bin/mount -o bindable "/tmp/mnt/${fslabel}" /opt
    
    #
    # Add swap
    #
    if /bin/grep -q "${swap}" /proc/swaps
    then
      /sbin/swapoff "${swap}"
    
      if [[ $? -ne 0 ]]
      then
        echo "swapoff failed, bailing..."
        exit 1
      fi
    else
      if [[ -e "${swap}" ]]
      then
        /sbin/swapon "${swap}"
      fi
    fi
    
    #
    # If using Entware-ng, do some stuff.  Otherwise don't bother.
    #
    if [[ -e /opt/etc/init.d ]]
    then
      # Launch daemons we have installed per Entware-ng
      if [[ -e /opt/etc/init.d/rc.unslung ]]
      then
        /opt/etc/init.d/rc.unslung start
      fi
    fi
    
    unmount.autostop:

    Code:
    #!/bin/sh
    #
    # autostop script for USB flash drives
    #
    # Swap will be automatically unmounted by TomatoUSB, regardless if
    # using a swap partition or a swapfile.  Relevant code bits that
    # take care of this for us:
    # - release/src/router/rc/usb.c      umount_partition()
    # - release/src/router/shared/usb.c  findmntents()
    #
    
    #
    # If using Entware-ng, do some stuff.  Otherwise don't bother.
    #
    if [[ -e /opt/etc/init.d ]]
    then
      # Stop daemons we have installed per Entware-ng
      if [[ -e /opt/etc/init.d/rc.unslung ]]
      then
        /opt/etc/init.d/rc.unslung stop
      fi
    fi
    
     
    Last edited: Apr 18, 2018
    bargraaz, M_ars, pomidor1 and 2 others like this.
  71. radarga

    radarga Reformed Router Member

    Why not? I know that in Asus Merlin FW in the snbforums under Discussion in Asuswrt-Merlin' started by DonnyJohnny DNSCrypt is reborn! it work

    https://www.snbforums.com/threads/dnscrypt-is-reborn.43869/


    https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/page-19#post-375531
     
    Last edited: Apr 18, 2018
    srouquette likes this.
  72. Magister

    Magister LI Guru Member

    As far as I remember, in the MIPS build, client mode worked only with "no encryption mode", and it was the same in the time of Zarate's Tomato version, isn't it? Or I remember wrong :confused:
     
  73. kille72

    kille72 LI Guru Member

    Tested and it works, great job! I have some ideas for what we can change:

    1. Description next to "Use Stubby"
    Capture.PNG

    2. Use more DNSoTLS servers, you may be able to pick out the servers that are compatible with the protocol from the dnscrypt v2 list

    3. Prevent Stubby and dnscrypt from being started simultaneously

    Other ideas?
     
    Cliffield, Joe A, AndreDVJ and 3 others like this.
  74. Edrikk

    Edrikk Network Guru Member

    Great job @Cliffield !
    Agree with your thoughts @kille72

    I would personally also recommend including Stubby in both the VPN and also the AIO. It fits the "VPN build" mindset in my opinion.
     
  75. The Master

    The Master Network Guru Member

    @kille72 Stubby + DNSSEC should work together right? Cant wait to test the new FW :) Great work.
     
  76. koitsu

    koitsu Network Guru Member

    Respectfully: you wouldn't ask "why not?" if you read the forum post I linked you to. I answered "why not" in that thread. The reasons are technical. AsusWRT-Merlin is not TomatoUSB. The former firmware is enormous and absolutely chocked full of stuff and is purely Asus-device-specific, because those models of routers have large amounts of flash (128MBytes in some cases) and things like 256MB RAM. TomatoUSB is not Asus-device-specific; not all routers have this kind of capacity. Go tends to be bloated -- again, read the thread.
     
    RogueScholar, Elfew, jerrm and 2 others like this.
  77. txnative

    txnative Networkin' Nut Member

    I agree with your statement koitsu, and add that tomato should be clean a bit and decide if after some changes are truly needed. I'll miss how Toastman had done his builds with less bloat and more to what a router is made for even though some routers have more processing power, ram and flash i'd still would be more to its design to route, firewall, qos, wifi, vpn, traffic monitoring and leave out a few others for sake of placing those into an AIO build, the stability and performance can be achieved even with the mipsel project less bloat for them as well.
     
  78. Tomato Mike

    Tomato Mike Network Newbie Member

    As of today (I upgraded to 2018.2 yesterday - and it was fine all day and night), DNS is having a hard time resolving using "Exclusive" DNS mode on my VPN (it will work for about 10 seconds), and when the VPN is off - I can only get DNS servers like Cloudflare, Quad9, Google, etc... to resolve for a little while, and then the same web pages that were just resolving will suddenly stop for a minute. If I use my ISP's DNS, it works a little better, but the same issue happens. I have an extremely fast internet connection, and never had an issue resolving DNS before. Clearing NVRAM does not solve the problem.

    No matter what settings I choose, DNS will only resolve for 1-5 minutes, and then stop working for a while. Once I change a setting, it immediately starts working again for X amount of minutes. It's almost like a process is hanging somewhere, and me changing a setting is starting it up again - if that makes any sense.

    Also, I'm still trying to wrap my head around "how" these websites have issues resolving after they resolved properly a minute prior. Isn't the point of dnsmasq that it caches the IP addresses, and doesn't require an external DNS server to convert the webpage to the IP, after it happens the first time? Why isn't it resolving these webpages after they resolved properly just before? Between the websites not resolving after some time, and the router all of a sudden not wanting to accept the "Exclusive" DNS mode with my VPN (it works fine on my phone, so I know the VPN isn't "down"), it seems as if something is very wrong with my router's DNS capabilities, all of a sudden.

    (I am using popular webpages like Reddit, Google, YouTube, Netflix, etc... to test, so I know all of these sites did not go down at the same time...)

    EDIT: This problem has seemed to resolve itself today. This isn't the first time that this has happened with Tomato, though (but usually I can fix it by switching from one DNS resolver to another). Very strange. In any case, so happy it's not happening today!!!
     
    Last edited: Apr 19, 2018
  79. radarga

    radarga Reformed Router Member

    Start the script from https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/page-19#post-375531 and it working fine on my AC68U

    It would be possible to add support for Dnscrypt-proxy V2 to routers with more memory like ASUS AC68U and other.
     
    The Master and pomidor1 like this.
  80. eangulus

    eangulus Network Guru Member

    Just want to report a bug with the latest version.

    Running 2018.2 FreshTomato on RT-AC3200

    Did an NVRAM clear and setup from scratch.

    Previously I had a VPN connection using PIA. This was set up in such a way that only one PC in my network would use it, while all other devices had a direct connection. This has worked fine for about 2-3years (ran Shibby then switched to this build a while back now).

    I also have some scripting in Firewall SCripts that blocks the internet to the VPNed PC whenever the VPN dropped.

    As stated, this has worked flawlessly for years and the VPN would just reconnect and the PC would have internet again.

    This part still seems to work OK, but now whenever the VPN is in the process of connecting, all other devices on the network loose internet. I can ping fine directly from the router, but nothing behind it gets internet. The moment the VPN has connected again all devices have internet again, directly as I have also checked the IP from devices that are not supposed to be VPNed. The PC that is behind VPN also works fine once the VPN reconnects and shows the VPN IP.

    It is only the time that it takes to reconnect VPN that is affected. Kinda annoying when watching Netflix or youtube or on the VoIP phone and the VPN drops, then while trying to reconnect we loose internet for around 30-60 sec.

    Also, if I revert back to the last beta, it everything was fine then. I didn't loose internet while VPN reconnected.
     
  81. oby-1k

    oby-1k New Member Member

    Hey @AndreDVJ , I've got issues with your latest build APR17. QOS has just stopped working (very slow speed max 30 kbps). Had to disable it. I reckon the lines removed in commit aa9c80d are the culprit. Thoughts?
     
  82. Cliffield

    Cliffield Network Newbie Member

    @kille72
    Thanks for your feedback and ideas.

    1. Would be '(DNS-over-TLS)' sufficient?

    2. Added some more servers (quad9 and servers running by the getdns/stubby developers) from https://github.com/getdnsapi/stubby/blob/develop/stubby.yml.example
    Dont know if we can use dnscrypt v2 list or can manipulate stubby.yml on router. Will look into it.

    3. done :) Testing right now.

    I also added a form in gui to choose priority like dnscrypt-proxy does (strict-order, no-resolv, none).
    And removed unnecessary installation of libyaml library on router.



    Cliffield
     
    kille72 likes this.
  83. Tomato Mike

    Tomato Mike Network Newbie Member

    Can you add Cloudflare’s 1.1.1.1 (and 1.0.0.1 backup) in addition to Quad9 (which you are already adding)? It works much faster than everything else (at least in North America).
     
  84. kille72

    kille72 LI Guru Member

    The Master and Tomato Mike like this.
  85. Tomato Mike

    Tomato Mike Network Newbie Member

  86. miroco

    miroco Reformed Router Member

  87. AndreDVJ

    AndreDVJ LI Guru Member

    I don't see speed issues with QoS.

    The lines removed, they essentially did the following in my units:
    Code:
    iptables -t mangle -A OUTPUT -o vlan2 -m connmark ! --mark 0 -j CONNMARK --save-mark
    
    iptables -t mangle -A FORWARD -o vlan2 -m connmark ! --mark 0 -j CONNMARK --save-mark
    ip6tables -t mangle -A OUTPUT -o vlan2 -m connmark ! --mark 0 -j CONNMARK --save-mark
    ip6tables -t mangle -A FORWARD -o vlan2 -m connmark ! --mark 0 -j CONNMARK --save-mark
     
  88. oby-1k

    oby-1k New Member Member

    Thanks, saw that as the only change in QoS and tought it was related.

    somehow the units introduced in the fields wan_qos_ibw and wan_qos_obw have changed the scale. With 1650/30000 (kbits/s) I had set before I can only achieve 30-60 kbps with this build.

    I've changed the values to 165000/3000000 and can see my speed returning to normal. Abything that may affected the calculation for max in/out speed?
     
  89. koitsu

    koitsu Network Guru Member

    The problem with this should be apparent: you now have a firmware where Version X of software is used on some router models, and Version Y of software on all others. While it's true that different Tomato firmware types (ex. AIO vs. VPN vs. Mini) contain different features (programs/software), the versions of the software are consistent across all types. This becomes a support nightmare very quickly -- now everyone has to ask "are you on model X/Y/Z?" every time, vs. just "what version of Tomato are you using?"

    My stance (and remember: I'm just one guy with one opinion, mine's no better or worse than anyone elses): if you have a router capable of resources that are "acceptable" for Go (re: disk space, CPU time, memory), then getting this capability via Entware-ng would be strongly preferable. There would not be "native integration" with Tomato (e.g. in GUI, NVRAM, etc.) without making the firmware capable/aware of it -- which historically has not been something Tomato has done (the two projects have no direct connection to one another). I think this is something OpenWRT does better, simply because they have a base set of features and have native packages that can be installed + integrate with the overall system (GUI, etc.). The only "extension" capability Tomato has is to provide the equivalent of CGI scripts (a feature I use constantly, actually!), but those don't work (and can't work) identically to the built-in .asp files used by the custom Tomato webserver. It's not like it uses nginx + Lua or equivalent; last I looked, OpenWRT/LEDE does (uhttpd + LuCI), which makes package-based integration into the GUI possible (they also use config files that are stored on a flash-based R/W filesystem and leave NVRAM alone as much as possible).

    Historic reminder: Tomato was originally designed + built on + intended for WRT54Gv1.0 and v1.1 routers (16MB RAM, 4MB flash), circa 2006, as a fork of HyperWRT. The core parts of what Tomato work -- all home-built / home-coded (ex: rc/init, httpd, cstats, rstats, DDNS client, etc.) -- are still using that same overall design/focus. This is generally a thought process and model that is intended for embedded devices (small RAM, extremely limited disk space/flash); Go was literally never intended for such environments, and TMK, was not considered during its creation. A huge part of Go's focus was building a single static binary that could be copied around between systems (to alleviate shared library dependency/versioning complications).
     
    txnative likes this.
  90. AndreDVJ

    AndreDVJ LI Guru Member

    Please check your wan_qos_ibw and wan_qos_obw values. See mine:

    Code:
    root@R7000:/tmp/home/root# nvram get wan_qos_ibw
    70000
    root@R7000:/tmp/home/root# nvram get wan_qos_obw
    6000
    I have a 70/7mbps connection. ibw should be inbound (how fast you can download) and obw should be outbound (how fast you can upload).

    Also, I tested bandwidth limiter, and together with QoS, outbound breaks up, not limiting anything when uploading.
     
  91. khorvat

    khorvat New Member Member

    Hi!

    I see you have too AC3200 Asus router. Can you see me, that your router with FreshTomato 2018.2 FW, work and mount with a HDD on GPT partiton table and NTFS filesystem?
    Now I try another 1TB HDD with GPT and NTFS after full NVRAM reset, but the result equal don't work, don't mount my NTFS HDD:((

    Thx for all reply for my problem, but I think i will downgrade again to kille 2017.3 FW because it always work fine with NTFS HDD and it is the last working FW for me on AC3200.
     
  92. oby-1k

    oby-1k New Member Member

    Code:
    root@TOMATO:/tmp/home/root# nvram get wan_qos_ibw
    2800000
    root@TOMATO:/tmp/home/root# nvram get wan_qos_obw
    165000
    root@TOMATO:/tmp/home/root#
    The above settings give me the below results:
    upload_2018-4-20_8-59-15.png

    Whereas the following settings:
    Code:
    root@TOMATO:/tmp/home/root# nvram get wan_qos_ibw
    28000
    root@TOMATO:/tmp/home/root# nvram get wan_qos_obw
    16500
    Give me this speed:
    upload_2018-4-20_9-0-46.png

    Do not have any B/W rule in place in my router
     

    Attached Files:

  93. eangulus

    eangulus Network Guru Member

    I too have a similar issue but not too fussed as a router is a router, not a server in my opinion and I don't need storage on the router itself.

    BTW not sure this is the place to report bugs as mine hasn't been commented on so don't know if it was read or acknowledged. Seems this thread is just about the development based on what I keep reading.

    Sent from my Pixel XL using Tapatalk
     
    koitsu likes this.
  94. AndreDVJ

    AndreDVJ LI Guru Member

    @oby-1k Can you provide the output of the following commands:
    Code:
    tc -d class show dev ifb0 | grep root
    tc -d class show dev vlan2 | grep root
    QoS.c calls tc binary to control traffic shapping straight from the linux kernel.

    My values here look correct:
    Code:
    root@R7000:/tmp/etc# tc -d class show dev ifb0 | grep root
    class htb 1:1 root rate 70Mbit ceil 70Mbit linklayer ethernet burst 1583b/8 mpu 0b overhead 0b cburst 1583b/8 mpu 0b overhead 0b level 7
    root@R7000:/tmp/etc# tc -d class show dev vlan2 | grep root
    class htb 1:1 root rate 6Mbit ceil 6Mbit linklayer ethernet burst 1599b/8 mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 7
    The only thing I can suggest if QoS is still acting up, is to backup your rules, reset QoS to default values, then re-enter rules by hand.

    koitsu some time ago, provided a script, http://www.linksysinfo.org/index.ph...rial-and-discussion.28349/page-14#post-285706 , It should get you started.
     
  95. oby-1k

    oby-1k New Member Member

    Here is the output @AndreDVJ :

    Code:
    root@TOMATO:/tmp/home/root# nvram get wan_qos_ibw
    2800000
    root@TOMATO:/tmp/home/root# nvram get wan_qos_obw
    165000
    root@TOMATO:/tmp/home/root# tc -d class show dev ifb0 | grep root
    class htb 1:1 root rate 2800Mbit ceil 2800Mbit linklayer ethernet burst 1050b/8 mpu 0b overhead 0b cburst 1050b/8 mpu 0b overhead 0b level 7
    root@TOMATO:/tmp/home/root# tc -d class show dev vlan2 | grep root
    class htb 1:1 root rate 165Mbit ceil 165Mbit linklayer ethernet burst 1567b/8 mpu 0b overhead 0b cburst 1567b/8 mpu 0b o
    verhead 0b level 7
    I'll give the script a try this weekend and will let you know. Thanks!
     
  96. I think the early versions of the MIPS Tomato had problems with the encryption on Client Mode but the later versions of both Shibby and Toastman had it working. I was able to use both WPA and WPA2.

    Sent from my SM-G965U using Tapatalk
     
  97. apreslin

    apreslin Connected Client Member

    Curiosity question here that I have always wondered about on the various Tomato builds I have used throughout the years. Anyone know why the country/region is set to Singapore by default? Wouldn't it make sense to default to the country with the most amount of users, which according to http://anon.groov.pl/ looks like the United States with 8442 compared to 46 for Singapore.

    Obviously it's not a big deal and simple to change, but it never made sense to me why Singapore was chosen.
     
    NotVeryClever likes this.
  98. kille72

    kille72 LI Guru Member

    I like what I see and it works :)
    2018-04-20_20h46_24.png

    Great job! What would be good to fix is also possibility to choose serves between
    # Cloudflare
    # Quad 9
    # The Surfnet/Sinodun
    # The getdnsapi.net
    from stubby.yml
     
  99. j.m.

    j.m. Network Guru Member

    @kille72, thanks for all the hard work keeping Tomato going. Would you please consider enabling "tee" in the included busybox?
    Currently, it does not get compiled into busybox because in config_base file "# CONFIG_TEE is not set" instead of "CONFIG_TEE=y" as needed to include it. I use some scripts that pipe to "tee' and have had to work around its absence. Wouldn't think it would increase the size of busybox much to include it. Thanks!
     
    kille72, AndreDVJ and koitsu like this.
  100. Jacky444

    Jacky444 LI Guru Member

    Nice work guys =) I've already added your mod to statistics count at left column of quick summary of Tomato Annon counting (basically loads full page, reads all mods (regex) and shows them on the page. Just if you ever wonder =)

    https://advancedtomato.com/statistics
     
    Haldi4803, qbicxz, pedro311 and 6 others like this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice