[Fork] FreshTomato-MIPS

Discussion in 'Tomato Firmware' started by kille72, Apr 26, 2018.

  1. kille72

    kille72 LI Guru Member


    Forked off from Tomato-MIPS by Shibby, builds compiled by FreshTomato team
    FreshTomato team: @kille72 @pedro311

    Latest version: 2018.1.066-beta - 2018-04-27
    Source code: https://bitbucket.org/pedro311/freshtomato-mips
    Downloads: https://mega.nz/#F!QywknIpa!5JwWNIfEwCOKXqXG0AOh4w

    For the following MIPSR1 and MIPSR2 routers: Asus WL500GP, N10U, N12B1/C1/D1, N15U, N16, N53, N66U, AC66U Netgear WNR3500LV1, WNR3500LV2, R6300V1, WNDR4500V1, WNDR4500V2 Linksys WRT54 series, E800, E900, E1000v2/v2.1, E1200V1, E1200V2, E1500, E2000, E2500, E3000, E3200, E4200 Tenda W1800R, N80 Dlink DIR-320.

    Thanks to @shibby20 @AndreDVJ @Jacky444 @koitsu @M_ars @Vindicator @Sean B. @Toastman @RMerlin @tsynik@tvlz @lancethepants @Elfew @Edrikk and all others who helped me with this project.

    Disclaimer: We are not responsible for any bricked routers, nor do we encourage other people to flash alternative firmwares on their routers. Use at your own risk!

    Last edited: Apr 28, 2018
    pegasus123, pharma, Elfew and 4 others like this.
  2. eangulus

    eangulus Network Guru Member

    Are there plans to add MIPSR2?

    Sent from my Pixel XL using Tapatalk
  3. koitsu

    koitsu Network Guru Member

    It appears both MIPSR1 and MIPSR2 are supported. Please see https://bitbucket.org/pedro311/freshtomato-mips file README.md (or at the bottom of the page), text starting with "For the following MIPS routers". The RT-N16 is listed, which is MIPSR2. Likewise, WRT54 series consists mainly of MIPSR1, and its listed as well.

    README.md should really say "For the following MIPSR1 and MIPSR2 routers".
    pharma and kille72 like this.
  4. pomidor1

    pomidor1 Networkin' Nut Member


    WL500GP, N10U, N12B1/C1/D1, N15U, N16, N53, N66U, AC66U Netgear WNR3500LV1, WNR3500LV2, R6300V1, WNDR4500V1, WNDR4500V2 LinksysWRT54 series, E800, E900, E1000v2/v2.1, E1200V1, E1200V2, E1500, E2000, E2500, E3000, E3200, E4200 Tenda W1800R, N80 Dlink DIR-320.

    FreshTomato-MIPS+ E1550+E2500v3+WNDR3700v3+Tenda N6 and FreshTomato-ARM + Dir868L =Adwanced Tomato ? ;-)?
  5. eangulus

    eangulus Network Guru Member

    I've looked at the downloads and all folders are currently empty. The other day there was only mipsr1 and I couldnt see MIPSR2.

    Hence why I asked.

    Sent from my Pixel XL using Tapatalk
  6. koitsu

    koitsu Network Guru Member

    Well RT-N16 is MIPSR2, so maybe they just haven't built all the firmwares yet? It can take a VERY long time considering all the variances. Just look at Toastman's directories sometimes, esp. the older ND (MIPSR1) and RT (MIPSR2) and RT-N (MIPSR2) dirs -- packed full. Gotta do a complete fresh rebuild for each and every one of those. I wouldn't be surprised if doing all the variances took literally a few days.
  7. eangulus

    eangulus Network Guru Member

    Not too worried about timeframe, I'm patient. Was just wondering that seeing MIPS was being built for,that weather R2 and therefore the rt-n16 was going to be supported.

    Now to just wait and keep checking.

    Sent from my Pixel XL using Tapatalk
  8. somms

    somms Network Guru Member

    No joy flashing with the E2000 betas uploaded:(

    Even after flushing the NVRAM, the smallest sized E2000 freshtomato firmware build 'freshtomato-E2000USB-NVRAM60K_RT-N5x-MIPSR2-2018.1.066-beta-VPN.bin' fails to flash up from Shibby's build tomato-E2000-NVRAM60K-1.28.RT-MIPSR2-140-IPv6-VPN.bin with the following message:

    The firmware file size difference between the E2000 Shibby build and the smallest two E2000 freshtomato builds shown above is too big!?
  9. txnative

    txnative Networkin' Nut Member

    I've installed the freshtomato-F7D4302_RT-N5x-MIPSR2-2018.1.066-beta-Mini.bin, using the belkin ofw gui, I suppose I didn't have to as to using the cfe or tomato gui. I won't be able to do any testing as of yet, I'm running Andre's build for netgear r6300v2 as he had done recently for qos and bwl issues, but I should be able to connect it to my network tomorrow as gateway, ap, routing, qos, bwl. I don't have vpn or anything to intense on my network. I for one do like mini builds, i'm pretty sure everyone has their own preference although I would like to see some in circulation. (My thoughts)
  10. ghoffman

    ghoffman LI Guru Member

    thank you for these bui;lds - a lot more happy routers.
    on yuour next build, could you possibly include a k26-MIPSR1 build for old wrt150/wrt300 type routers (also within the 4mb flsh size)?
  11. txnative

    txnative Networkin' Nut Member

    I did some reasonable test but since it's not able to handle my current bandwidth, i was unable to fully do some testing using Qos, however wifi was very responsive using some default settings and for the 2.4, changing transmit pwr as me 28, apsd mode to enable, interference mitigation to wlan auto and noise reduction, i had pretty decent performance after switching channels. 5ghz settings were of the same except for interference mode I used wlan manual. Performance was great for the belkin, no issues on initial setting up and typical web browsing. Unfortunately my belkin doesn't have gigabit ports and more effective cpu, however if users are using bandwidth that is under 75/75 and lower this router would do the job except maybe using vpn with it but I don't have vpn to test it that either.
  12. pedro311

    pedro311 Serious Server Member

    You compare different versions: my beta with USB support (branch K26RT-N) and Shibby version without it (branch RT).
    Check "K26" sub-folder for that one you need.
  13. pedro311

    pedro311 Serious Server Member

    Guys, at last all files uploaded.
    Happy testing! ;)
    Goggy, Elfew, M_ars and 4 others like this.
  14. txnative

    txnative Networkin' Nut Member

    Will bcm_nat be included for K26RT-N, remember when shibby introduced it a few yrs back as I'm unsure if had been til now? I have a E3200 to install some of your updates and the question reflects to the K26RT-N, however it isn't a deal breaker, but congratulations on pushing out the MIPS. Happy Sunday to ya, pedro regards txnative
  15. pharma

    pharma Network Guru Member

    No problems using FreshTomato Firmware 2018.1.066 MIPSR2-beta K26 USB AIO-64K on a RT-N66U.
    Thanks Pedro311, Kille72 and other devs involved in the project.
  16. Aardvark

    Aardvark Reformed Router Member

    Do the Bandwidth and IP Traffic graphs work for you? I've tried the freshtomato-RT-N66U_RT-AC6x-2018.1.066-beta-AIO-64K and VPN versions, as well as freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta-AIO-64K. The graph area is mostly blank, as can be seen in the screenshot. I've tried a number of different browsers, a different computer, and yes, I cleared the browser caches.

    Attached Files:

    • BW.png
      File size:
      8.4 KB
    Last edited: Apr 30, 2018
  17. alcuin

    alcuin Network Newbie Member

    Hi, thank you for trying to build for Belkin F9K1102. Unfortunately, when trying to flash, I get an error "File is too big to fit in MTD". According to wikidevi for Belkin_F9K1102_v1, the proper mtd sizes are:

    # cat /proc/mtd
    dev: size erasesize name
    mtd0: 00030000 00010000 "boot"
    mtd1: 007c0000 00010000 "linux"
    mtd2: 00643250 00010000 "rootfs"
    mtd3: 00010000 00010000 "nvram"

    I am currently running tomato-K26USB-1.28.20180226MIPSR2jethrogb-F9K1102-64K.trx which is 8,097,792 bytes. Let me know if you need any other logs, thanks.
  18. Goggy

    Goggy Network Guru Member

    Hi - thank you for your work on the mips-branch. Flashed an WRT54G v2 and ... its working :)
    Booting after flash or clearing nvram takes a lot longer - thought i bricked it after the initial flash ...
    Is it possible that at least some of the builds are named wrong? Tried "freshtomato-K26_RT-MIPSR1-2018.1.066-beta-Mini.zip" (3,8mb) first but it doesnt fit in flash. "freshtomato-K26_RT-MIPSR1-2018.1.066-beta-MiniIPv6.zip" is smaller (3,5mb) and this one worked.
  19. Goggy

    Goggy Network Guru Member

    Nope, same here.
  20. pedro311

    pedro311 Serious Server Member

    Ok, I will try to understand why it's not working. Thanks for testing.
  21. pharma

    pharma Network Guru Member

    I looked and the Bandwidth tables work (which I use) while the graphs do not.
  22. Aardvark

    Aardvark Reformed Router Member

    Thank you for confirming. Good to know it wasn't due to my stupidity for once. ;) Thanks @pedro311 and @kille72 for bringing new life to our old routers.
    Last edited: May 1, 2018
  23. JohnInCu

    JohnInCu New Member Member

    I tried out the 2018.1.066-beta on my Asus RT-N66U and reverted to Shibby 1.28.0000 MIPSR2-140 K26 USB AIO-64K when I found that IPv6 was not working for devices on my network. The router itself got an IPv6 address and could connect to IPv6 services from the shell on the router but all my network devices lost IPv6 connectivity.
  24. pedro311

    pedro311 Serious Server Member

    Can someone else confirm that?
  25. sszpila

    sszpila Serious Server Member

    Can't confirm. I use hurricane electric 6to4 tunnel and this is from my mobile phone connected to rt-n15u :

    Wysłane z mojego Redmi 4X przy użyciu Tapatalka
  26. sszpila

    sszpila Serious Server Member

    There is a problem with pppoe reconnecting. When pppoe session ends, it can't be automatically reconnect.
    May 2 15:10:03 Solniczka daemon.info pppd[588]: LCP terminated by peer
    May 2 15:10:03 Solniczka daemon.info pppd[588]: Connect time 1440.0 minutes.
    May 2 15:10:03 Solniczka daemon.info pppd[588]: Sent 308927832 bytes, received 3477328151 bytes.
    May 2 15:10:03 Solniczka daemon.err miniupnpd[1228]: Failed to get IP for interface ppp0
    May 2 15:10:03 Solniczka daemon.warn miniupnpd[1228]: SendNATPMPPublicAddressChangeNotification: cannot get public IP address, stopping
    May 2 15:10:06 Solniczka daemon.notice pppd[588]: Connection terminated.
    May 2 15:10:06 Solniczka daemon.notice pppd[588]: Modem hangup
    May 2 15:10:16 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:10:26 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:10:36 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:10:46 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:10:56 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:11:06 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:11:16 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:11:26 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:11:36 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:11:46 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:11:56 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device 
    May 2 15:12:06 Solniczka daemon.err pppd[588]: Can't get MTU for ˜‰J: No such device
    Wysłane z mojego Redmi 4X przy użyciu Tapatalka
    Last edited: May 2, 2018
  27. pedro311

    pedro311 Serious Server Member

    That's right, there are no (yet) patches of @tsynik and mine in this beta, which fix it.

    You can try to correct it by setting "Check connections every" to e.g. 2 minutes.
    kille72 and pharma like this.
  28. kyrios

    kyrios Networkin' Nut Member

    Is modprobe bcm_nat implemented on this build?
  29. pedro311

    pedro311 Serious Server Member

    See the changelog...
    pharma, Monk E. Boy and kille72 like this.
  30. Sean B.

    Sean B. LI Guru Member

    Anyone have a list of the build packages for MIPS? I forgot which versions are needed, too used to ARM now.
  31. koitsu

    koitsu Network Guru Member

    The packages needed (for Debian 9 64-bit) are in the README.md. They're spread across several steps. Your distro may vary.
    Sean B. likes this.
  32. Sean B.

    Sean B. LI Guru Member

    @koitsu , I recall you started a thread on some of the issues you ran into building this fork ( perhaps the ARM fork instead ) but haven't been able to spot it. Was this one of them by chance?

    config.status: executing depfiles commands
    config.status: executing libtool commands
    touch libogg/stamp-h1
    make[6]: Entering directory `/home/sean/git/freshtomato-mips/release/src/router/libogg'
    CDPATH="${ZSH_VERSION+.}:" && cd . && /bin/bash /home/sean/git/freshtomato-mips/release/src/router/libogg/missing aclocal-1.15
    configure.ac:20: warning: macro 'AM_PROG_LIBTOOL' not found in library
    CDPATH="${ZSH_VERSION+.}:" && cd . && /bin/bash /home/sean/git/freshtomato-mips/release/src/router/libogg/missing autoconf
     cd . && /bin/bash /home/sean/git/freshtomato-mips/release/src/router/libogg/missing automake-1.15 --foreign
    configure.ac:20: error: possibly undefined macro: AM_PROG_LIBTOOL
          If this token and others are legitimate, please use m4_pattern_allow.
          See the Autoconf documentation.
    make[6]: *** [configure] Error 1
    make[6]: *** Waiting for unfinished jobs....
    src/Makefile.am:5: error: Libtool library used but 'LIBTOOL' is undefined
    src/Makefile.am:5:   The usual way to define 'LIBTOOL' is to add 'LT_INIT'
    src/Makefile.am:5:   to 'configure.ac' and run 'aclocal' and 'autoconf' again.
    src/Makefile.am:5:   If 'LT_INIT' is in 'configure.ac', make sure
    src/Makefile.am:5:   its definition is in aclocal's search path.
    make[6]: *** [Makefile.in] Error 1
    make[6]: Leaving directory `/home/sean/git/freshtomato-mips/release/src/router/libogg'
  33. koitsu

    koitsu Network Guru Member

    I haven't tried building MIPS, only ARM, which does not contain the exact identical versions of software as MIPS. I didn't run into any complications with libogg, but it was ARM and a different version (2018.2; the date matters in reference to what I say below).

    That looks like some uncomfortable GNU autotools/libtool problem that needs further investigation. Odds are someone needs to change some configure arguments, add some environment variables to the configure line in router/Makefile, or add some patches to configure.in/configure.ac to make libtool detection happy. It's probably a result of GNU autotools versioning differences. I sound like a broken record talking about how bad the GNU autotools/libtool are about compatibility/etc., but this may be another one of those cases. We FreeBSD people loathe the GNU autotools/libtool for this exact reason.

    It looks like commit b61bfd5 (note the date) might be contributing to this, but I can't say for sure. That was from April 20th.

    One thing that I do see happening: a configure script is committed to the repo, but router/Makefile is inducing autoreconf to rebuild everything. This is normally good/proper (kudos!), but it doesn't mean that the version of the GNU autotools/libtool on the system match what configure.ac, Makefile.am, or Makefile.in expect -- resulting in breakage. See my above mini-rant, as it's not without merit.

    In situations like this, sometimes the stock-from-source configure script provided actually does the right thing, while rebuilding it with one's own autoconf causes problems. In other cases, the opposite is true. So in short, I don't know what the solution is aside from really digging in to configure.ac + Makefile.am + Makefile.in and see what's going on and fix it through a patch.

    I looked at the libogg 1.3.3 source code: it does come with a pre-generated configure script. So, you might try hacking router/Makefile to not call autoreconf -fsi and see if that helps. You will need to try this on a fresh repo checkout (since autoconf regenerated the file), so you may need to cd ~/git/freshtomato-mips && git reset --hard && git clean -dxf to "restore" the repo back to what it was originally during the last clone/pull (use git status to verify), then modify router/Makefile and see what happens after that.

    Whether or not this is the correct fix, however, is undetermined (i.e. don't just go blindly committing this if it works). It may be the result of Linux distro variance, if not building on Debian 9.x 64-bit, specifically versions or unique patches/quirks applied to autotools/libtool for that distro that others might not have.
  34. txnative

    txnative Networkin' Nut Member

    could be the automake version, which do you have looks like automake-1.15 and do you have the earlier version of 1.13 and maybe you have the later version of bison installed also?
    Last edited: May 6, 2018
  35. txnative

    txnative Networkin' Nut Member

    I have installed the freshtomato-E3200USB-NVRAM32K_RT-N5x-MIPSR2-2018.1.066-beta-Mega-VPN.bin and see that the lan,wan and wifi macaddr are not the same as linksys unfortunately i didn't copy as what they were something like 00:16:B6. Qos seem to be enabled as i was able to access it and make changes without having to enabling with a check. The
    5.110 RC27.20012 wl0: Jan 23 2013 14:32:57 version is the same as Toastman-vpn version that I have reinstalled, I had cleared nvram before and after the install. Were the wifi drivers supposed to have been KRACK fixed? Either way I'll look for the next beta test build.
  36. Sean B.

    Sean B. LI Guru Member

    I tried 1.15 and 1.14. There are no versions provided in the readme for the majority of packages, so it's quite the guessing game.
  37. koitsu

    koitsu Network Guru Member

    I think it's much more likely it's autoconf, not automake. Really have to look closely at the output.
  38. txnative

    txnative Networkin' Nut Member

    That's interesting, you tried automake-1.15 & automake-1.14 but not automake-1-13? Its just that error when I see the automake-1.15 involved kinda brings back having to use 1.13 if 1.14 didn't work.
  39. txnative

    txnative Networkin' Nut Member

    For some reason can't edit my reply? Anyway I usually used these instructions from this old link https://bitbucket.org/pl_shibby/tomato-arm/issues/15/compilation-libjson-c-fails#comment-23001476 and incorporate the ideal of what i read into building from the old http://repo.or.cz/w/tomato.git packages I'm sure you may have done the same also. Are you building from pedro mips sources?
  40. Sean B.

    Sean B. LI Guru Member

    Autoconf is certainly the one that's throwing the error. But not sure if it's a cause or a symptom. Been trying to determine at what version AM_PROG_LIBTOOL was deprecated for LT_INIT, but it seems to go back quite far.
  41. Sean B.

    Sean B. LI Guru Member

    Tried 1.13 earlier as well. Also tried a few versions of autoconf and friends.. with no luck. Packages are different in both versions and some packages all together compared to what I'm used to in ARM.
  42. M_ars

    M_ars Network Guru Member

    Hi sean,
    I can/did bulid the vpn target with Mint17.3x64. I will post the packages i have installed in the evening.

    Sean B. likes this.
  43. txnative

    txnative Networkin' Nut Member

    I was having problems as you were, what distro were you using? I was using debian 8 amd64, but since i had already have debian stretch on my notebook i was able to compile a K26USB_RT-MIPSR2-2018.1-miniVPN.trx for my F7D4302 without any issues 20mins. Jessie for some reason doesn't have a automake-1.15. It was a guessing game while i was on Jessie as I thought it was just something mixed up and make clean or make distclean wasn't catching something or wrong path, or user being tired? Packages seem to be the almost the same as for ARMs, as Koitsu stated it's in the README.md freshtomato-mips.
  44. M_ars

    M_ars Network Guru Member

    @Sean B.

    I use Mint 17.3x64 with the following packages

    sudo apt-get install autoconf autogen make automake automake1.9 automake1.11
    sudo apt-get install autopoint binutils bison bzip2 flex gawk xsltproc libxml-parser-perl gcc gcc-multilib
    sudo apt-get install gettext gperf g++ g++-4.4-multilib libc6 libncurses5 libncurses5-dev libstdc++6-4.4-dev
    sudo apt-get install libtool libssl-dev libxml2-dev libelf1 meld mtd-utils m4 mercurial bzr ecj cvs
    sudo apt-get install patch pkg-config shtool sqlite zlib1g-dev re2c texinfo libltdl-dev
    one little patch is missing to make the mips-branch work (sorry i missed/forgot that somehow :rolleyes: )

    I asked @pedro311 to add it :)

    --> vpn targets are working, for exampel "v2e" for WNR3500Lv2 (just testet)

    ARM does also work with that setup
  45. Sean B.

    Sean B. LI Guru Member

    At first glance I see automake1.9 and libltdl-dev are ones not listed in the source readme. Perhaps already installed in Debian9.x? I'll give it a try after work, thanks.
    M_ars likes this.
  46. Sean B.

    Sean B. LI Guru Member

    Welp, after adding the couple of missing packages and fetching the latest repo commits, MIPS has built successfully. Thanks @M_ars for the package info.

    I was going to give it a test on my old E3000 that's been stuffed away for quite awhile. However, it appears to be pissed off about the whole replaced and stuffed away thing, as it's power light blinks and connections "refused" from web, ssh, telnet etc.
    M_ars likes this.
  47. M_ars

    M_ars Network Guru Member

    cool :)
  48. dc361

    dc361 Network Guru Member

    Sean.. try plugging in the adapter before you plug it into the E3000. I had a couple of old linksys units that just flashed lights unless you plugged the wall adapter in first.
  49. Sean B.

    Sean B. LI Guru Member

    Thanks for the suggestion, but no change. I had the power toggle switch off, plugged the adapter into the wall, then the barrel jack into the router, then switched it on. Same blinky blinky. I can ping it, so something's alive. Haven't had any luck trying to catch it with a tftp flash at boot though. May have to break out the ol' USB<->Serial adapter and see what can be determined.
  50. alcuin

    alcuin Network Newbie Member

    Hi, I have a netgear wndr4000. I was running DDWRT r35916, and wanted to see if freshtomato would work. I flashed freshtomato-K26USB_RT-MIPSR2-2018.1.066-beta-VPN.trx, and everything seems to be ok, wifi works. The only thing is under the status, it says for the model that it thinks it's a Netgear WNR3500L/U/v2. What logs do you need to identify the proper model? Thanks.
  51. Sean B.

    Sean B. LI Guru Member

    I only see the WNR3500L/U/v2 and WNR2000 v2 listed in the code. So I'd assume the WNR4000 isn't officially support by Tomato. Or are you asking how to identify the board? If so:

    nvram show | grep board
    Will show you the related variables of which identify the specific board used in the router.
  52. alcuin

    alcuin Network Newbie Member

    Thank you. Yes you're correct, it's not officially supported. The wndr4000 is supported with the generic DDWRT mips mega, so I figured I'd try out the generic Tomato and give it a go. I can always tftp back if I get a soft brick. The Tomato mega is actually too big, so I tried the next biggest fw which was the vpn. Anyhow, here are my nvram values.

    size: 29835 bytes (35701 left)
  53. Sean B.

    Sean B. LI Guru Member

    Out of curiosity, have you confirmed the USB port is still functional?
  54. EpsilonX

    EpsilonX LI Guru Member

    @kille72 @pedro311
    Is it possible to edit the Makefile to MULTIWAN=n, and still have a working firmware..?
  55. pedro311

    pedro311 Serious Server Member

    Just try and let us know! ;)
    kille72 likes this.
  56. EpsilonX

    EpsilonX LI Guru Member

    Trust me I would...
    It's just I've tried the default Makefile, the modified Makefile...
    Both completed compile, and yet both bricked my RT-N15U... :D
    I'm actually confused why it completed compiling with the default, but still bricked my router...
    Any experience like that..? :rolleyes:
  57. alcuin

    alcuin Network Newbie Member

    It is functional under ddwrt r35916, but I did not try usb under tomato.

    Diskspace /tmp/mnt/sda_part1
    3.6G / 3.6G

    --- /dev/sda
    Block device, size 7.216 GiB (7748222976 bytes)
    DOS/MBR partition map
    Partition 1: 7.215 GiB (7747174400 bytes, 15131200 sectors from 2048, bootable)
    Type 0x07 (NTFS/HPFS)
    Windows BOOTMGR boot loader
    NTFS file system
    Volume size 7.215 GiB (7747173888 bytes, 15131199 sectors)
    Status: Mounted on /mnt
  58. bookreader

    bookreader Reformed Router Member

    Belkin Play Max / N600 HD (F7D4301/F7D8301) v1 the issue since the mutliwan builds has caused the port order to be not accurate. With VLAN 201 needing to be tagged for the WAN, the router can not be used on CenturyLink. http://www.linksysinfo.org/index.php?threads/can-vlan-gui-port-order-be-corrected.70160/page-2

    I tested with the current build; same issue. Not sure if this will be fixed?

    nvram show | grep vlan1ports
    vlan1ports=3 2 1 0 8*

    nvram show | grep version
    os_version=2018.1.066 MIPSR2-beta K26 USB miniVPN
  59. Pess0g

    Pess0g Serious Server Member

    Thank you for the firmware and bug fix.
    2018.1.066-beta RT-N NVRAM64K Max Flashed on RT-N12B1.
    With manual configured (other) IPv6 it couldn't get to know the gateway sending ra and create the default routing but worked after those was added by hand.

    With the same ta.key,client crt,server.crt,etc,openvpn failed to handshake with the server due to tls-crypt error.(The client daemon was started by command line and GUI of openvpn was untouched.)

    I didn't like to redo all my work and flashed back to shibby as nvram was cleaned up after the power was cut suddenly.
    Last edited: May 18, 2018 at 9:03 AM
  60. kernel

    kernel New Member Member

    Hi guys. I'm trying to port kernel 3.x from dd-wrt to this new fork of Tomato. Succesfully tested kernel through CFE console. But after kernel boot there are errors with nvram, which is /i guess/ not found by rc. Is there any way how to test whole firmware (trx file) right from CFE like vmlinus kernel (boot -addr=xxxx When I edit & compile 'rc' there must be better way to test it in router than flashing whole firmware.
  61. pedro311

    pedro311 Serious Server Member

    I'm not sure of the IPv6 itself (can't test it by myself) - some claim that it works, others say that it doesn't. I'm in dead end...

    There were many changes on OpenVPN client's page: you should clear browser's cache and specially take a look at this commit:
    Pess0g likes this.
  62. Pess0g

    Pess0g Serious Server Member

    This RT-N12 is a client in dev br0 rather than the gateway of my network. I set it with static IPv6 address but it needs to get the address of the gateway by RA. It can also works without doubt if I do everything by hand, putting them in the script. Anyway it should do by itself after receiving the RA packets. I am sorry I forget to take a look at iptables before flashing it back. The gateway is always working as required so the other clients in br0 can get IPv6 prefix.

    I compiled static Openvpn binary of lastest version by myself and deploys it on shibby firmware where openvpn is always being booted by my script instead of GUI and its configuration is set in file instead of nvram. So are the certificates and keys. After upgrading, I just copy all of them onto FreshTomato.
    I don't love set them via GUI since it couldn't make openvpn work properly.For example, the server daemon starts prior to pppoe so that firewall would be reloaded after the server is up.(Firewall restarts as soon as wan is bought up).It is certain all will work just after openvpn server tunnel device gets up again.If sshd_key or passwd or anything about access is changed via GUI,Firewall is reloaded but any openvpn daemon,as long as started by GUI,won't restart. That means any firewall rules set by openvpn up-script would disappear.

    Hope any openvpn user could share his experience to help confirm.
    Last edited: May 18, 2018 at 2:55 PM
  63. koitsu

    koitsu Network Guru Member

    I have tried to do this for quite some time on Asus routers and have never gotten it to work. Ever. The interactive CFE has usage syntaxes that don't match reality, and the behaviour also doesn't match reality. Pretty sure I found bugs as well (ex. attempting to load something off the network, the CFE would say it was trying, but packet captures on the physical switch on the other end showed literally NOTHING coming out of the device). I ended up digging through some Broadcom docs to try and figure out what's what, but there were differences there vs. the CFE in Asus as well (maybe it's just a different version vs. the document I was reading).

    So unless someone like @RMerlin has some ideas, the answer is: you really do have to flash the things to test them. Time consuming and very wasteful, I know.
  64. RMerlin

    RMerlin Network Guru Member

    No idea if Asus's CFE supports remote booting. I always did all my tests either by flashing, or by doing a binding mount (when testing things like httpd or one of the other, non-rc, services).
  65. koitsu

    koitsu Network Guru Member

    The CFE load command is what looks most promising, except it doesn't work. I'll explain:

        Load an executable file into memory without executing it
        load [-options] host:filename|dev:filename
        This command loads an executable file into memory, but does not
        execute it.  It can be used for loading data files, overlays or
        other programs needed before the 'boot' command is used.  By
        default, 'load' will load a raw binary at virtual address 0x20000000.
        -elf         Load the file as an ELF executable
        -srec        Load the file as ASCII S-records
        -raw         Load the file as a raw binary
        -z           Load compessed file
        -loader=*    Specify CFE loader name
        -tftp        Load the file using the TFTP protocol
        -fatfs       Load the file from a FAT file system
        -rawfs       Load the file from an unformatted file system
        -fs=*        Specify CFE file system name
        -max=*       Specify the maximum number of bytes to load (raw only)
        -addr=*      Specify the load address (hex) (raw only)
    I remember trying to get this to work so that I could potentially load a firmware off the network via TFTP and then boot it with boot (manual equivalent of PXE booting on PCs). But I could not get load to behave sanely. IIRC, the TFTP method did not work: it would claim to be doing network I/O but literally did nothing (no network traffic seen). Yet, the flash command would work just fine. More on that in a moment.

    I also tried playing with -z for compression ("compessed" -- nice typo, Broadcom) and that didn't seem to work either in other regards. I think I got some other very strange error, almost implying that the CFE couldn't handle compressed data.

    On the flip side, the flash command did work, except that, of course, this downloads a firmware off the network and also flashes it to flash, resulting in excess wear/tear when trying to test firmwares. Ex: flash -noheader flash0 did in fact TFTP transfer the firmware and do what one would expect.

        Update a flash memory device
        flash [options] filename [flashdevice]
        Copies data from a source file name or device to a flash memory device.
        The source device can be a disk file (FAT filesystem), a remote file
        (TFTP) or a flash device.  The destination device may be a flash or eeprom.
        If the destination device is your boot flash (usually flash0), the flash
        command will restart the firmware after the flash update is complete
        -noerase     Don't erase flash before writing
        -offset=*    Begin programming at this offset in the flash device
        -size=*      Size of source device when programming from flash to flash
        -ctheader    Check header of CyberTAN
        -noheader    Override header verification, flash binary without checking
    What I took away from this experience: the CFE is likely buggy as hell. Broadcom sure releases a lot of junk. For a company that acts like such a jerk about intellectual property and has such a stronghold on the industry, their software sure is "meh".
  66. RMerlin

    RMerlin Network Guru Member

    Try doing an "nvram show" while any vars value is longer than 1000 chars. Router will freeze. Apparently, boundary validation is not something BCM programmers believe in...

    I fixed one or two buffer overruns over the years in Broadcom's own code...
  67. Sean B.

    Sean B. LI Guru Member

    I know there's MIPS/ARM VM's available unable QEMU and likely VirtualBox. What would be involved in tailoring something, at least bare bones, enough to check these firmwares can boot etc under a VM?
  68. RMerlin

    RMerlin Network Guru Member

    Not even remotely possible. You'd need to emulate all the proprietary hardware, the flash mapping including the nvram partition, etc...
    Sean B. and koitsu like this.
  69. koitsu

    koitsu Network Guru Member

    Correct. If there was such a thing, it'd be something written by Broadcom (or potentially the device manufacturer relying on something Broadcom gave them) for that exact purpose. Just because a device contains a particular CPU architecture doesn't mean an emulator for that CPU architecture can magically emulate all the rest of the hardware, not to mention implementation quirks or variances (the device manufacturer (ex. Asus, Netgear, Tenda, Cisco/Linksys, etc.) is responsible for that).
  70. kernel

    kernel New Member Member

    Thanks for interesting infos. I'm digging through kernel boot procedure since yesterday and I think that there can be a way how to test eg. rc binary right from CFE. Kernel supports something like initramfs, which is cpio archive directly attached to the kernel binary. Kernel after boot extracts this attached cpio archive to ramfs/tmpfs and runs /init. More info can you see in kernels Documentation/filesystems/ramfs-rootfs-initramfs.txt.
  71. koitsu

    koitsu Network Guru Member

    I'm familiar with initramfs / initrd (it's been used on normal Linux distros for decades). I would be very, very surprised if this worked on embedded routers, given their lack of bootloader (CFE is not quite the same as GRUB).

    I would suggest you read up on how the kernel is actually started on a Linux distro using initramfs/initrd vs. an embedded Broadcom router. On the latter, the root filesystem argument is hard-coded (IIRC) to something like /dev/mtdblockXX. Things like GRUB and what you're used to seeing on a standard Linux distro running on a PC are not involved. Take a peek at dmesg | grep -i "command line" sometime on a router vs. a normal Linux distro (and preferably a very old distro -- say from 6-7 years ago. No I'm not kidding). Here's what you'll find on routers:

    Kernel command line: root=/dev/mtdblock2 console=ttyS0,115200 init=/sbin/preinit earlyprintk debug
    And here's the flash partitioning so that you have some idea of what's magical about /dev/mtdblock2:

    root@gw:/tmp/home/root# cat /proc/mtd
    dev:    size   erasesize  name
    mtd0: 00080000 00020000 "boot"
    mtd1: 00180000 00020000 "nvram"
    mtd2: 01e00000 00020000 "linux"
    mtd3: 01c5dc14 00020000 "rootfs"
    mtd4: 06000000 00020000 "brcmnand"
    mtd5: 04000000 00020000 "jffs2"
    On Linux distros for PCs, GRUB is used to pass these to the kernel, as well as select a list of kernels (you've probably seen this) (and that list is not "dynamically obtained": every time you make a new kernel on a Linux distro, you have to update the bootloader so that it knows of it, which also includes what LBA it starts at, etc. -- if you forget to update the bootloader, you literally brick your system from booting :) ). This isn't how it's done on embedded devices.

    I would suggest seeing maybe how OpenWRT/LEDE does it or how DD-WRT does it. IIRC, they do it the same way as all the other embedded devices do, but I bet it depends on the router/device too. Here's an example:

    [ 0.000000] Kernel command line: board=WNDR3700 mtdparts=spi0.0:320k(u-boot)ro,128k(u-boot-env)ro,15872k(firmware),64k(art)ro console=ttyS0,115200 rootfstype=squashfs,jffs2 noinitrd
    And the related flash partitioning for that:

    [    0.505477] 0x000000000000-0x000000030000 : "uboot"
    [    0.512242] 0x000000030000-0x000000040000 : "uboot_env"
    [    0.518030] 0x000000040000-0x0000007f0000 : "firmware"
    [    0.563673] 0x000000040000-0x0000001c906c : "kernel"
    [    0.570525] 0x0000001c906c-0x0000007f0000 : "rootfs"
    [    0.586168] 0x000000720000-0x0000007f0000 : "rootfs_data"
    [    0.639581] 0x0000007f0000-0x000000800000 : "board_config"
    It's important to understand that OpenWRT/LEDE does this VERY differently than Tomato. Notice how there's no NVRAM partition?

    They use something called u-boot, which looks like it might be what you're wanting. OpenWRT's docs indicate that u-boot can actually be configured to do a TFTP transfer of a firmware on start-up, etc.. No idea if it flashes it or just loads it into memory space (I see no reason why it couldn't do the latter):


    Just keep in mind that the NVRAM partition on Tomato routers is important. NVRAM on OpenWRT is avoided/left alone because they (rightfully so) prefer to leave those settings managed by the manufacturer and CFE. A good example of why they do this is is stuff like PCI configuration values used to initialise WiFi chips and so on -- something that Tomato has suffered from dealing with (people's WiFi being extremely bad on some devices turned out to be some missing or badly-set NVRAM variables, IIRC. Been a while...).

    Regardless, I look forward to hearing about your efforts. Good luck!
  72. kernel

    kernel New Member Member

    Thanks for big response @koitsu . I'm very glad for that.

    I now /a little/ about differences of booting kernel on desktop vs. embedded device. I'm not saying that there is a chance to boot whole firmware from initramfs. There isn't enough initialized memory by CFE for this, I think. From my point of view, when I have kernel with initramfs /which contains libc, libshared, libnvram and rc binary renamed/linked to /init/ kernel should be able to extract it and run. I don't need anything else for now. Only modify and test rc and reading from nvram, without needs of full reflash.

    Kernel command line is not important for me at least for now. Initramfs doesn't need anything in cmd line, don't it? Just "hey kernel, you have initramfs support and cpio archive in yours binary, so do the all magic".

    About NVRAM problem:
    My kernel boots (over LAN by TFTP), takes everything up, mounts squashfs root from flash and runs /sbin/rc, which should init rest. Current problem is, that I don't have initialized /dev/nvram device by kernel /it should be right? at least on Tomato/, it simply doesn't exists. Kernel log says:
    startup nvram driver
    found nvram
    max nvram space = 65536
    VFS: Mounted root (squashfs filesystem) readonly on device 31:2.
    Freeing unused kernel memory: 268K
    Interesting, isn't it? Dd-wrt creates this dev during rc init phase (sysinit-broadcom.c) by
    mknod("/dev/nvram", S_IFCHR | 0644, makedev(229, 0));
    So they somehow emulates it? Even if I create this dev before rc calls for any nvram value by libnvram, it didn't work. So there can be some incompatibilities between Tomato and Dd-wrt. I need to dig deeper in it. That's the reason why I'm seeking for any way how to test code after kernel boots without need of flashing fw.

    Statement: I now that I'm not skilled enterprise developer and have terrible writting in English. So some of my ideas can be unreal or not very well described.

    Edit: I don't want to steal thread so it will be good to start a new one.
    Last edited: May 19, 2018 at 3:20 PM
    Sean B. likes this.
  73. NyNe

    NyNe Networkin' Nut Member

    Just wanted to report that I tried out freshtomato-RT-AC66U_RT-AC6x-2018.1.066-beta-AIO-64K on my RT-AC66U last night and I had no problems getting it to flash, and then doing a 30/30/30 and then additional reboot without issue. I saw both 2.4 and 5 GHz WiFi in the router interface and I could see them when looking for available networks on my laptop and cell phone, but when I tried to connect to either band the router would reboot. I confirmed the router stayed stable if no wireless connection were attempted, but the moment I tried to connect to WiFi the router would reboot.

    I had come from Merlin's firmware (i think 380.69_2 if it matters) and used the router's recovery web interface to flash freshtomato. After redownloading and reflashing and wiping nvram and doing multiple 30/30/30 resets I eventually gave up and went with advancedtomato RT-AC66U_AT-RT-AC6x-3.5-140-AIO-64K and only had to clear nvram from the web interface and reboot once to get everything working.

    I'll keep an eye on this project as it seems very promising and I'd like to give it another try in the future.
    Last edited: May 19, 2018 at 4:18 PM
  74. pedro311

    pedro311 Serious Server Member

    Thanks for testing.

    Can anyone else confirm that behaviour on RT-AC66U (on RT-N66U everything's fine)?
  75. Pess0g

    Pess0g Serious Server Member

    I am sorry "tls-crypt" error didn't be caused by the firmware
  76. grugboro

    grugboro New Member Member


    I checked the changelog at the top of the post and it doesn't note anything about bcm, bcm_nat, NAT acceleration or CTF. Does this mean that FreshTomato will top out at ~120mbits downlink? I really like Tomato, but this would mean I'd cut my 400mbit downlink into a third..
  77. pomidor1

    pomidor1 Networkin' Nut Member

    Last edited: May 19, 2018 at 9:14 PM
  78. pomidor1

    pomidor1 Networkin' Nut Member

  79. Sean B.

    Sean B. LI Guru Member

    Figured it was harder than it sounds, as someone would have done it already. Thanks.
  80. Sean B.

    Sean B. LI Guru Member

    Hense why I asked.
  81. LastSilmaril

    LastSilmaril Addicted to LI Member

    This is a minor point but, upon installation, the usual update text notification informs me that v2018.2 is out, though it doesn't actually seem to be for MIPS, only for ARM. The link also leads to shibby's site, instead of e.g. to this thread.
  82. GhaladReam

    GhaladReam Network Guru Member

    Running FreshTomato Firmware 2018.1.066 MIPSR2-beta K26AC USB AIO-64K on my RT-N66U and I noticed the extra options that were added in the ARM build for Wireless filter lists is not present in the MIPS build. Could it be added?

  83. pedro311

    pedro311 Serious Server Member

  84. Onee-chan

    Onee-chan Network Newbie Member

    When you release the final version, I will test it with pleasure.

    Thanks for your efforts to the developers and the beta testers (Rats)
  85. tvlz

    tvlz LI Guru Member

    The Netgear wndr4000 was supported but it looks like there was a problem with it.
    "this commit also remove image for WNDR4000. For some reason image won`t correctly boot on this router. Don't have idea why."

    I made a updated version(4/16/2018) of the Advanced-vlan(advanced-vlan.asp.rt_) file for RT branch routers restoring VID Offset, as those routers can't add VIDs over 16 directly.


    I did send @pedro311 a PM after I updated it to see if he would update to the latest version.
    Onee-chan likes this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice