[Fork] Tomato-ARM by @kille72

Discussion in 'Tomato Firmware' started by kille72, Mar 24, 2017.

  1. The Master

    The Master Network Guru Member

    Seams ok :)
    Code:
    Feb 18 18:48:36 CS-AP-01 user.notice switch4g[1177]: 4G MODEM Current Mode: LTE
    Feb 18 18:48:36 CS-AP-01 user.notice switch4g[1177]: 4G MODEM Signal Strength: RSSI -66 dBm, RSRP -92 dBm, RSRQ -8.5 dB, SINR 17.2 dB, CQI1 32639, CQI2 32639
    Feb 18 18:48:36 CS-AP-01 user.notice switch4g[1177]: 4G MODEM Carrier: B1 (2100 MHz), Downlink FQ 2149.7 MHz, Uplink FQ 1959.7 MHz, Downlink BW 10 MHz, Uplink BW 10 MHz
    Feb 18 18:48:36 CS-AP-01 user.notice switch4g[1177]: 4G MODEM BTS: MCCMNC 23205, LAC 0x27E3 (10211), CID 0xFF (255), Cell ID 0x18C6164 (25977188)
     
  2. Sean B.

    Sean B. LI Guru Member

    kille72 likes this.
  3. joew333

    joew333 LI Guru Member

    kille72 likes this.
  4. PetervdM

    PetervdM Network Guru Member

    i loaded this beta on an R8000, cleared nvram and made a minimal setup. all seems to work ok, but the log gets flooded with kernel warnings, 65 lines in 10 seconds. i don't trust this enough to continue testing, went back to 2017.3
     

    Attached Files:

  5. The Master

    The Master Network Guru Member

    Strange no Flood on R7000 :(
     
  6. kille72

    kille72 LI Guru Member

    WL msg debugging level is ON in new Asus binary driver for SDK7 (Fixed KRACK vulnerability):
    https://bitbucket.org/kille72/tomato-arm-kille72/commits/1621e714224ee8b59a2352ef13d3e6a0279728d3

    To mute debugging errors in this version and all previous ones, just add to firewall script:
    Code:
    dhd -i ethX msglevel 0x0000
    where X is your active wireless (1,2,3, etc)

    @PetervdM, no log flood in 2017.3 with older driver?
    Do you have the same problem @RMerlin?
     
    Last edited: Feb 18, 2018
  7. RMerlin

    RMerlin Network Guru Member

    I used to, Asus fixed it with 384_10007.
     
    kille72 likes this.
  8. Wizardknight

    Wizardknight Connected Client Member

    I can confirm that the last beta resolved bug where the Wan FTP was only working with port 21.
     
    rkantos and kille72 like this.
  9. kille72

    kille72 LI Guru Member

    Has Asus released the source code to 384_10007?
     
  10. RMerlin

    RMerlin Network Guru Member

    For SDK7.14, the latest is 384_20379. SDK7.x is 382_50010, no idea if it contains the same fix or not, I've done only basic testing on the RT-AC3200. 382_50010 is very close to 384_20379, both branches are developed in parallel. 384 is for AiMesh models, 382 is for the others.

    Both should be on their website by now. They're also merged on my own repo, so you can grab the binary blobs/kernel changes from there if needed.
     
  11. kille72

    kille72 LI Guru Member

    @pedro311 used GPL 382.50010 with this "error" that log gets flooded:
    https://bitbucket.org/kille72/tomato-arm-kille72/commits/1621e714224ee8b59a2352ef13d3e6a0279728d3
     
  12. PetervdM

    PetervdM Network Guru Member

    @kille72
    i have had no log flooding in 2017.3 on r8000. i looked into a recent log, i had 30 lines of dhd related entries, and i have had them for months now. this excerpt of 30 lines is from a log of 1639 lines spanning 19 hours and 34 minutes, giving one line per 40 minutes approx., see attached file.
    i will give 2018.1.025 a try once more
     

    Attached Files:

  13. kille72

    kille72 LI Guru Member

    Give it a try :)

    To mute debugging errors in this version and all previous ones, just add to firewall script:
    Code:
    dhd -i ethX msglevel 0x0000
    where X is your active wireless (1,2,3, etc)
     
    Last edited: Feb 19, 2018
  14. joew333

    joew333 LI Guru Member

    I have done some speed testing on the 2.4GHz and 5GHz bands. I have confirmed (I believe) what other users have commented on the forum. The 5GHz band has the expected throughput but the 2.4GHz band does not. The 2.4GHz band's throughput is only 2-6 MB/S (I have a 110 MB Internet connection and connect from my PC to the router at 300 MB/S speed). I loaded XWRT to do a comparo and with their wireless driver 6.37.14.126 (r561982), I can get 38-40 MB/S on the 2.4GHz band from the same PC. On both XWRT and Tomato, I have similar wireless settings and NAT acceleration enabled. So, something is going on with the 2.4GHz wireless throughput.... What are your thoughts on this? Any way to use the same wireless driver as XWRT?
     
  15. kille72

    kille72 LI Guru Member

    On R7000?
     
  16. pomidor1

    pomidor1 Networkin' Nut Member

    @kille72 does not have a Netger router, @AndreDVJ uses R7000 and R8000

    I had R6400 and R7000

    on the R7000 is not perfect but it's ok according to me with wifi 2.4 GHZ
    worse with R6250, R6400 and R6300v2.
    Unfortunately, the driver open by Asus does not allow you to use the hardware capabilities of these routers, I do not remember but the downside is probably half-way, up is ok.
    No one including Shibby has found a cure for it, and open Asus's radio drivers are hard to find.

    AndreDVJ, as once said, tried to move the Netgear drivers to the tomato, but it caused the router , bricked.

    Developers are addicted to Asus and this is the Achilles' heel of the Tomato project
     
    kille72 likes this.
  17. joew333

    joew333 LI Guru Member

    Yes Netgear R7000.
     
  18. kille72

    kille72 LI Guru Member

    Can you please test 2.4 GHz at 2018.1.x vs 2017.2 on R7000?
     
  19. txnative

    txnative Networkin' Nut Member

    So the actual asus models are ok with how the wl driver performs but for the netgear models, the asus driver needs some tweaking or just not that compatible? If I was to install the AIO 2018 for my r6300v2 then most likely I'd see the same results as other netgear arm models R7000, R6400 etc. The miniupnpd congratulations on getting that pushed through to working, kille72, I'd have to do my install and do some investigation as well even though what will become evident with 2.4 but I know from the 2017v3 it still did have excellent connection and even though the through put was half it was still stable, just not what anyone would like it to be at.
     
  20. joew333

    joew333 LI Guru Member

    Well said. Kille Tomato is stable. The WL driver is just an old one. The ASUS driver is used today with the Netgear R7000 in a distro called XWRT on http://xvtx.ru/xwrt/about.htm The XWRT distribution ported the Asuswrt-Merlin firmware for several Netgear routers. The XWRT WL driver is 6.37.14.126 (r561982) The original Asuswrt-Merlin hub is here: https://github.com/RMerl/asuswrt-merlin.ng with all the source files.....
     
  21. pomidor1

    pomidor1 Networkin' Nut Member

    In Xvrt it is the same as in RMerlin - according to my knowledge - means the same as in OFW Asus
    these are not open drivers so the tomato developers can not compile them even if they could, they need a special open pre compiled
    let's be honest, XVRT is illegal software
     
  22. joew333

    joew333 LI Guru Member

  23. pomidor1

    pomidor1 Networkin' Nut Member

  24. AndreDVJ

    AndreDVJ LI Guru Member

    I achieved 11MB/s on 2.4Ghz, and it's pretty saturated here.

    I lost interest on Wifi drivers. My R7000 works well enough.

    About upnpd, flooding no longer occurs.
     
    kille72 likes this.
  25. Cliffield

    Cliffield Network Newbie Member

    I did some wifi tests with my R700 and i would like to share my results.

    Setup
    Router
    Netgear R7000

    Notebook connected with wifi to the router.
    Intel(R) Centrino(R) Advanced-N 6200 AGN (dual band; up to 300Mbps)
    Running iperf3 in client mode:
    iperf3 -c 192.168.1.30 -4

    Server
    HP N54L connected with Gigabit Ethernet to the router.
    Running iperf3 in server mode:
    iperf3 -s -4

    I tested following firmware versions (NVRAM was erased after each flashing)
    tomato-R7000-ARM--2017.2-kille72--AIO-64K.trx
    tomato-R7000-ARM--2017.3-kille72--AIO-64K.trx
    tomato-R7000-ARM-2018.1.025-beta-kille72-AIO-64K.trx

    default config was used; no modifications were made:
    2.4 GHz
    Channel 6 - 2.437 GHz
    Channel Width 40 MHz
    Interference Level Acceptable
    Rate 300 Mbps

    5 GHz5 GHz
    Channel 149 - 5.745 GHz
    Channel Width 80 MHz
    Interference Level Acceptable
    Rate 1300 Mbps

    Here are the results:

    ---------2017.2----------2017.3---------2018.1.025
    2.4
    GHz--161 Mbits/sec---156 Mbits/sec---154 Mbits/sec
    5GHz----165 Mbits/sec---160 Mbits/sec---151 Mbits/sec


    There might be a slightly decrease with the latest firmware (2018.1.025).
    But i don't think its significant.
    Not many neighbors here (nearly free 2.4 band) by the way.

    ps: I don't know if this testing method is suitable at all, since only ~200MB were transfered per test run.

    Cliffield
     
    kille72 and Sysop Grace like this.
  26. joew333

    joew333 LI Guru Member

    Pomidor1 has a great icon! Very nice tomato. Thanks AndreDVJ for your Tomato branch; you are a pillar of the Tomato community! I cannot get more than 6 MB/S out of the 2.4 GHz band. The 5GHz band (80Hz) using any of the recent Tomato firmware yields my max capacity of around 110 MB/s. I hadn't checked 2.4 GHz throughput for a long time until I was messaged by a Tomato compatriot on this forum who suggested that the 2.4 GHz had slowed down. I was surprised by that. With Tomato 2.4 GHz (any of the recent releases as I tried all of them), I get 6 MB/S download only but I get my full upload speed of about 11.7 MB/S. Using XWRT with the 2.4 GHz radio, I get almost 60 MB/S download and the same 11.7 MB/S upload. I am set up with WPA2, AES and using channel 1 (40 Hz) on the 2.4 GHz radio. When I scan the neighborhood, there is only 1 other person using channel 1 and it is a weak signal. So I do believe there is something going on, just not sure what it is!
     
  27. joew333

    joew333 LI Guru Member

    New thought here. Asus Merlin is actually based on Tomato. Uses the same Linux version and original Tomato code. So just throwing an idea out.... why would the Asus Merlin WL driver not work in Tomato when Asus Merlin is based on Tomato to begin with? https://github.com/RMerl/asuswrt-merlin
     
  28. Sean B.

    Sean B. LI Guru Member

    Because Merlin's firmware is sanctioned by Asus, and therefor he's allowed to use the driver. Tomato using it would be illegal, such as XWRT's use of it. The drivers are not open source or GPL'd, they are proprietary and require direct licensing.
     
  29. RMerlin

    RMerlin Network Guru Member

    Wireless driver should be legally fine, since the hardware on which you'd be using it would already be licensed for Broadcom's SDK. At least that's how it has been for the many years where Tomato, HyperWRT, the old DD-WRT etc... used to. This is my opinion as an observer tho, not as a lawyer.

    XWRT is a different story, since it also uses unlicensed Trend Micro, Asus and Tuxera components.
     
    Techie007 and kille72 like this.
  30. Sean B.

    Sean B. LI Guru Member

    Ah, I stand corrected. I was unaware the licensing followed the hardware rather than the company of which originally manufactured it. In the sense that Asus would have tailored the code and built the driver specifically for their hardware ( I assume ), so I would think that would then become their intellectual property. With restrictions enforceable on the "who" and "how" of its use, at their discretion. In contrast to a generically compiled driver straight from Broadcom.
     
    kille72 likes this.
  31. joew333

    joew333 LI Guru Member

    I don't think there is much customization in this space. Everyone is using off the shelf chip sets with mostly closed source drivers (meaning updated by Broadcom only, not updated or maintained by Asus). Asus does not manufacture chip sets. For their routers they design circuit boards, cases and their router interface SW; and much of that SW (due to Linux base) is already in the public domain and posted with a GPL. About the only manufacturer of kit that designs & makes their own chips these days is Samsung. I am also not a lawyer, but what RMerlin is saying makes sense. From AsusWRT GPL "The GPL source is created for ASUS wireless router related products. Please visit the ASUS support site (http://support.asus.com) to get the latest GPL tarball. It has a lot in common with many wireless router open source projects, including Oleg/Tomato/DD-WRT/OpenWRT. Thanks the developers of those projects for making the source code available." Are the drivers from AsusWRT open or closed? What is the next step to try to integrate the later WL drivers from AsusWRT into Tomato?
     
  32. RMerlin

    RMerlin Network Guru Member

    They're all proprietary and closed source, be it for their Broadcom, Qualcomm or other models.
     
    kille72 likes this.
  33. RMerlin

    RMerlin Network Guru Member

    There's more to it than just the driver. You also need the rest of the SDK that comes with it (acsd channel selector daemon, ctf, etc...), as well as kernel configuration, the wireless configuration/initialization code (which is closed source), etc... And some of thees have been customized for Asus's other components, such as the Trend Micro engine, so they're not always really portable.
     
    kille72 likes this.
  34. Sean B.

    Sean B. LI Guru Member

    However grey area things may be with regards to legality, in the end there's a lot more than just importing a driver. It's a lot to take on even if one had full access to the SDK, let alone piecing things together from binary blobs and patched misc sources.
     
    kille72 likes this.
  35. lubmar

    lubmar Connected Client Member

    yep , I tried a few old firmwares down to "138" and have this 2.4GHz problem (on my R6300v2) ...
     
  36. pomidor1

    pomidor1 Networkin' Nut Member

  37. txnative

    txnative Networkin' Nut Member

    I to as well experience the 2.4 issue as lubmar, joew33 and others that have use the beta, and notice similar to previous versions. I only tested on the channel width 20 most all channels in the spectrum are available 1,6,11 since my neighbors and i as spread a part by 20 meters, and i was within my radius for a excellent connection. Is there a reason the driver use such high mw on default? There really isn't that must interference at all in my home that wouldn't keep a routers signal as when I was testing. I couldn't test the updated miniupnpd my monitor took a turn for the worst and is dead so no gaming as of yet with my playstation. 5ghz worked fine with no issues, hopefully with the community, beta testers and advice from friendly developers, tomato will get over these bumps to a more stable firmware. Forgot add my make model is the netgear r6300v2, using wireless card intel agn 5100, don't have a ac card to test anything high on the VHT80
     
  38. joew333

    joew333 LI Guru Member

    I re-flashed Netgear firmware V1.0.4.30_1.1.67, which is the last good one before they really crapped it up. On this version, I get 27 MB/S download and 11 MB/S upload on the 2.4 GHz band. So as a baseline this is what would be awesome to achieve if possible in Tomato. I currently get 1/8 to 1/4 of this download speed w/any of the Tomato versions. What is the temperature of the group to try to integrate the WL drivers from ASUSWRT back into Tomato?
     
  39. lubmar

    lubmar Connected Client Member

    well after testing a few different "tomatos" (they did not improve the 2.4 speed :() I did change the firmware to a some "Chinese clone" (suggested by pomidor) ... now I have a steady full 30/5 speed :) , no matter the channel, congestion and what not (also the 5ghz signal looks stronger) .
    I am not sure if I will keep the "clone" firmware , probably will try the original netgear firm. before settling down ...
    I just wish that tomato could improve those drivers ...
     
    pomidor1 likes this.
  40. joew333

    joew333 LI Guru Member

    Ditto on that. Tomato has a great interface, lots of functionality, IPV6 and CTF. I have been a Tomato since the days when the Linksys WRT54GL was cool. The WL drivers are less than what Tomato should have. What is the "clone" firmware? Link?
     
  41. pomidor1

    pomidor1 Networkin' Nut Member

  42. hkdrj01

    hkdrj01 Network Newbie Member

    Few days ago I updated my AC3200 from 2017.3 to 2017-12-18, but did not clear nvram since I don´t had time to do the setup again at that moment. My internet link it´s 40Mb donwload, and I was getting 1.5Mb tops at 2.4Ghz wifi, the same thing as in 2017.3. On 5Ghz I always get the max speed. I live in a very saturated 2.4Ghz area, with high level of interference.

    Yesterday night I had some time, so I cleared nvram and setup things again from zero. Now I have 22Mb download at 2.4Ghz. So this version solved the 2.4Ghz problem for me at least. Today I´ll do a more thorough test, with download and upload speed if I had time.

    Now, a problem I had in 2017.3 and still had on the new version. The Wifi from the second 5Ghz (eth3) doesn´t show up, neither the original one nor any virtual wireless from that interface. Everything shows fine in Tomato, but no wifi it´s broadcasted. So I want to install OFW to see if it works there, and be sure it´s not a hardware problem. If I do that, once I return to Tomato, can I load the setup, since it´ll be for the same version or I have to set it up manually again ?
     
    Last edited: Feb 22, 2018
  43. txnative

    txnative Networkin' Nut Member

    Sure as long as you are placing the config from 2017.3 to the 2017.3, it won't work if you are trying to use the same backup to anything else for example 2017.1 or the current beta. The current problem with the 5ghz did you reboot or check if shows up in the tomato gui under basic or overview? Always do a clear nvram ram before and after a new install even if your not using tomato firmware.
     
  44. hkdrj01

    hkdrj01 Network Newbie Member

    I rebooted the router already but that doesn't solve the problem. The 5Ghz WiFi shows up in both overview and Basic. Same for the virtual wireless. It's enabled and with broadcast ticked. In the gui it's like everything it's fine, but the network doesn't show in the notebook or phone.
     
  45. lubmar

    lubmar Connected Client Member

    did do you check the channel of the 5ghz , if its on auto it may be on a channel that your devices don't see ... try to change the region and/or choose the channel manualy ....
     
  46. txnative

    txnative Networkin' Nut Member

    Your wireless adapter supports 5ghz, right?(Just checking) I heard of people in dd-wrt having issues with a similar problem with 5ghz not working, maybe not related? Has anyone here in tomato who has a asus had the same problem, have you searched the forum for this problem yet?
     
  47. joew333

    joew333 LI Guru Member

    Yes. 5GHz is supported. It works well, range on R7000 is slightly less with Tomato than Netgear firmware. The 2.4Ghz signal is equally strong with Tomato as Netgear firmware, but throughput is less with Tomato. Tomato is stable with great interface and features.
     
  48. lubmar

    lubmar Connected Client Member

    agree , tomato is my favorite ! ... it is just my "lack" that the R6300v2 has problem with 2.4ghz on tomato :(...
     
    Last edited: Feb 23, 2018
    Wizardknight likes this.
  49. joew333

    joew333 LI Guru Member

    Hopefully there will be some momentum to try an update of the wireless drivers!
     
  50. hkdrj01

    hkdrj01 Network Newbie Member

    Yes. AC3200 has two 5Ghz bands (eht0 and eth3) and one 2.4Ghz band (eth2). The first 5Gzh band (eth0) it´s working without any problem, and I can connect to it from my phone or notebook. Problem it´s in the second 5Ghz band (eth3). The wifi network from these band doesn't show in the notebook or phone.
    Problem solved ! I found this post:

    https://www.linksysinfo.org/index.p...-supported-by-tomato.71878/page-2#post-292491

    Since I selected Brazil in the country list my frequencies are diferent, but the problem it´s the same. Apparently there are more channels in the GUI than it should. I selected frequencies one by one until I found one where the second 5Ghz band it´s working. Later I´ll check what other frequencies are working and keep note of it.

    Now I have both 5Ghz bands working. Thansk everyone for the help.
     
  51. Darkbing

    Darkbing Connected Client Member

    Hi, is the multiwan + qos already functional? Thanks!
     
  52. txnative

    txnative Networkin' Nut Member

    Great that you found a solution in the one of the threads, I know I remember reading something about asus model ac3200. Nice you got it, congrats regards.
     
  53. txnative

    txnative Networkin' Nut Member

    kille have you looked into the wl driver that currently in use with tomato-arm builds, there maybe something that can be done to at least get the MCS working past what seems to be stuck in B mode. On the current modulation coding scheme MCS it only works on level 3 which is 19 to 21 mbps, also the driver seems to be lacking to do some automated processes to to move and recognize auto with antennas, interference settings also. Just running some scenarios using the cli in which it froze the radio or driver, but I was able to jump to the 5 ghz radio and get the radio back online to continue troubleshooting the way the driver is handling itself on the current beta but for me I'm using a R6300v2 and I do know the drivers, firmware from dd-wrt and OFW work as intended for my router in other words the hardware on my R6300v2 is in normal operating specs. You can look at this chart mcsindex.com and see at which in the cli or in tools, system command line and run wl -i eth1 nrate mcs index 3 stf mode 2 auto and on the chart gives a certain rate for which is allowing while not auto negotiating to anything higher, as mentioned it wouldn't let me customize it a bit to something workable, but in order to figure that out if it could play nice is to go back to dd and do some testing, but I only have this router and my family are all here this weekend. Maybe someone else could do it for now?
     
  54. txnative

    txnative Networkin' Nut Member

    You could ask your question in Qos Toastman discussions thread on page 2, but I personally don't use multiwan qos but you do a search in on top of the page that could have been asked in some previous thread in the past timeline and if you find a solution then if you could place a solved to your post here. regards
     
    Darkbing likes this.
  55. AndreDVJ

    AndreDVJ LI Guru Member

    Wireless driver has additional dependencies such as DPSTA (DualBand Proxy STA?!?!), which Tomato build system is missing. I think we're still fine with the toolchain though.

    From what I tried so far, I believe Tomato's SDK needs to be converted to something aligned with AsusWRT in its entirety, because binary blobs such as CTF, DPSTA, HND, etc are looking for hardcoded directories (e.g; ~/src-rt-6.x.4708/router/). I haven't checked the remaining others, like NAS.

    Tomato and programming isn't really my best skill (it's my "way" to learn Linux stuff), so I'd need a good chunk of time to keep trying (first assembling back my Skylake build, my current Ryzen won't cut it) and 30 days away from my real-life job, which won't happen until at least September.
     
    kille72 likes this.
  56. joew333

    joew333 LI Guru Member

    Congrats on the job!!! Appreciate your expertise and insights on this. If you feel like it could be done without eons of work, that would be cool. If it turns into a big time waster, ditch it.
     
  57. tvlz

    tvlz LI Guru Member

    NO, nobody has worked on it.

    @hkdrj01
    The AC3200 as with any router with multiple 5GHz radios, one uses the low 5GHz channels and the other uses the 5GHZ high channels to prevent interference. The GUI should be changed to only show the channel available to that radio.
     
  58. tvlz

    tvlz LI Guru Member

    Last edited: Feb 24, 2018
  59. txnative

    txnative Networkin' Nut Member

    My thoughts were on Asus driver, but that makes sense, if reports are true and the r7000 2.4 works why not the in the rest of the tomato-arm r-series. Just needs to be redone, but by who?
     
    Wizardknight likes this.
  60. AndreDVJ

    AndreDVJ LI Guru Member

    pomidor1, kille72 and Wizardknight like this.
  61. Wizardknight

    Wizardknight Connected Client Member

    kille72 likes this.
  62. AndreDVJ

    AndreDVJ LI Guru Member

    Genie is actually the official firmware. Netgear doesn't have their ducks in order when they call Genie as well their bunch of useless apps, but it's the official name unfortunately.

    Well a nvram dump coming from these builds from the chinese folks, perhaps they help.
     
  63. Sean B.

    Sean B. LI Guru Member

    Any possibility there's plain text values readable via hex editing the firmware binary?
     
  64. tvlz

    tvlz LI Guru Member

    Why do you guys make it so complicated, just use the same values that DD-WRT does any that are not there will use the values from the CFE. The main thing is to separate the routers from each other and give them the proper radio params.
     
    kille72 likes this.
  65. txnative

    txnative Networkin' Nut Member

    Thank you for the tip tvlz, that is a logical step to getting it something started. I'm not a developer but I'm learning a lot from being here, like most of us we'd like tomato to stay around.
     
  66. Sean B.

    Sean B. LI Guru Member

    If that's the case, and the CFE has not been modified by Tomato configuration, why not have someone unset all related variables in their NVRAM+commit then reboot? They should then be properly configured with ease.
     
    kille72 likes this.
  67. lubmar

    lubmar Connected Client Member

    I am using the " R6300V2_380.67_X7.6-818.trx" on my R6300v2 from pomidor link , if you need me to "dump" something from "nvram" let me know , just pls. include the "how to" instructions for dummies :D ...
    it may take me a bit since working two jobs , but should manage on weekend ...
     
  68. pomidor1

    pomidor1 Networkin' Nut Member

    https://translate.googleusercontent.com/translate_c?act=url&depth=1&hl=pl&ie=UTF8&prev=_t&rurl=translate.google.pl&sl=pl&sp=nmt4&tl=en&u=https://openlinksys.info/forum/viewthread.php?thread_id=20276&rowstart=40&xid=17259,15700021,15700043,15700105,15700124,15700149,15700168,15700173,15700201&usg=ALkJrhgKavbs2Nfp-8RbTDbio0z3pF_Jfw#post_159088

    post nr 49


    "Now the question to @Shibby, what will happen as it changes in Tomato variables on the value of DD-WRT, maybe it's a friend's help?

    Shibby:
    Always test. Upload new variables to Tomato. If you actually improve the wifi signal then I will add these variables to the tomato.

    Remember also that I use the wifi driver from Asus. Netgear has a different one, and ddwrt already compiles its own driver on its own and on a higher kernel. Thus, these values may be good (or required) for their controller and the tomato may not necessarily have a positive effect."
     
    AndreDVJ likes this.
  69. AndreDVJ

    AndreDVJ LI Guru Member

    Output from these commands should suffice:
    • nvram show | grep "pci/1"
    • nvram show | grep "pci/2"
     
  70. txnative

    txnative Networkin' Nut Member

    Sorry for the interrupt, I had done some comparisons the other day of dd-wrt, asuswrt, along with kille72beta. They dd-wrt doesn't really have a reference to any of the pci/1 or 2 rxgains2g, since we building off of asuswrt rt-ac68u, the rxgains2g are not the same in numbering, example in the rt-ac68u.nvram.txt there are references towards bcm94708r boardtype=0x0646, but at the bottom starting at 4320 2g nvram i notice they are different from what I get from the the follow cmd nvram show | grep rxgains2g and so for as i checked through them all. I image if someone with more expertise and knowledgeable might be able to sort it out and tune it properly? Again I using R6300v2 and I can help with getting more data as I'm using the beta 2018 AIO,

    You can look at the information in the release/cfe/build/broadcom/bcm947xx/compress rt-ac68u_nvram.txt and rt-ac87u-nvram.tx/V2_5023_nvram.txt/v2_85402_nvram.txt is for boardtype=0x0665 r7000
     
  71. chchia

    chchia LI Guru Member

    I installed 2018.1.025, and now my syslog is flooded with this message

    https://github.com/miniupnp/miniupnp/issues/272
     
  72. kille72

    kille72 LI Guru Member

  73. chchia

    chchia LI Guru Member

    thanks kille72, i will try that!
     
    kille72 likes this.
  74. chchia

    chchia LI Guru Member

    @kille72 after updated to 2018.1.028, my transmission now do not set the UDP port forwarding rule automatically with UPNP. although TCP still added to UPNP correctly. is it just me or known issues?

    i had tried restarted the router, PC with Transmission and it is same.


    update: after another attempt to power off both router and PC at same time, it is now back to normal. thank you Kille72!
     
    Last edited: Feb 27, 2018
    kille72 likes this.
  75. lubmar

    lubmar Connected Client Member

    so what should I type the "pci/1" doesn't do anything
    if I type the "nvram show | grep "pci/1"" doesn't do anything
    if I type the "nvram show" it poops to much to copy and paste here ...

    pls. include the "how to" instructions for dummies :D ...
     
  76. Sean B.

    Sean B. LI Guru Member

    Try:

    Code:
    nvram show | grep pci
     
  77. lubmar

    lubmar Connected Client Member

    ok , I will try to try it tonight when get home ...
     
  78. pomidor1

    pomidor1 Networkin' Nut Member

    for china Rmerlin
    R6400 pci i wl

    Code:
    s@NETGEAR-338F:/tmp/home/root# nvram show | grep "pci/1"
    pci/1/1/pa2gw1a0=0x1950
    pci/1/1/pa2gw1a1=0x18f7
    pci/1/1/pa2gw1a2=0x192c
    pci/1/1/ledbh12=11
    pci/1/1/rxgainerr2ga0=12
    pci/1/1/rxgainerr2ga1=-1
    pci/1/1/rxgainerr2ga2=-1
    pci/1/1/legofdmbw202gpo=0x64200000
    pci/1/1/ag0=0
    pci/1/1/ag1=0
    pci/1/1/ag2=0
    pci/1/1/legofdmbw20ul2gpo=0x64200000
    pci/1/1/rxchain=7
    pci/1/1/cckbw202gpo=0
    pci/1/1/mcsbw20ul2gpo=0x86522222
    pci/1/1/pa2gw0a0=0xfe8c
    pci/1/1/pa2gw0a1=0xfea3
    pci/1/1/pa2gw0a2=0xfe94
    pci/1/1/boardflags=0x80003200
    pci/1/1/tempoffset=0
    pci/1/1/boardvendor=0x14e4
    pci/1/1/triso2g=3
    pci/1/1/sromrev=9
    pci/1/1/extpagain2g=1
    pci/1/1/venid=0x14e4
    pci/1/1/rpcal2g=0xCF8
    pci/1/1/watchdog=3000
    pci/1/1/maxp2ga0=0x60
    pci/1/1/maxp2ga1=0x60
    pci/1/1/maxp2ga2=0x60
    pci/1/1/boardflags2=0x4100000
    pci/1/1/tssipos2g=1
    pci/1/1/ledbh0=11
    pci/1/1/ledbh1=11
    pci/1/1/ledbh2=11
    pci/1/1/ledbh3=11
    pci/1/1/mcs32po=0x8
    pci/1/1/legofdm40duppo=0x0
    pci/1/1/antswctl2g=0
    pci/1/1/txchain=7
    pci/1/1/elna2g=2
    pci/1/1/antswitch=0
    pci/1/1/aa2g=7
    pci/1/1/cckbw20ul2gpo=0
    pci/1/1/leddc=0xFFFF
    pci/1/1/pa2gw2a0=0xf9f1
    pci/1/1/pa2gw2a1=0xfa2c
    pci/1/1/pa2gw2a2=0xfa17
    pci/1/1/xtalfreq=20000
    pci/1/1/ccode=#a
    pci/1/1/pdetrange2g=3
    size: 49339 bytes (16197 left)
    pci/1/1/regrev=0
    pci/1/1/eu_edthresh1g=-62
    pci/1/1/devid=0x4332
    pci/1/1/tempthresh=120
    pci/1/1/mcsbw402gpo=0xEEEEEEEE
    pci/1/1/macaddr=10:da:43:84:33:8f
    pci/1/1/mcsbw202gpo=0x86522222
    js@NETGEAR-338F:/tmp/home/root#
    


    Code:
    @NETGEAR-338F:/tmp/home/root# nvram show | egrep "^wl0_"
    size: 49339 bytes (16197 left)
    wl0_expire=0
    wl0_wmf_bss_enable=0
    wl0_rxchain_pwrsave_stas_assoc_check=0
    wl0_pspretend_threshold=0
    wl0_mcast_regen_bss_enable=1
    wl0_rifs_advert=auto
    wl0_frameburst=on
    wl0_txbf=1
    wl0_leddc=0x640000
    wl0_bw_cap=3
    wl0_akm=psk2
    wl0_phrase_x=
    wl0_infra=1
    wl0_country_code=#a
    wl0_chlist=1 2 3 4 5 6 7 8 9 10 11 12 13 14
    wl0_acs_boot_only=0
    wl0_bcn_rotate=1
    wl0_atf=1
    wl0_wme_sta_be=15 1023 3 0 0 off off
    wl0_version=6.37.14.126 (r561982)
    wl0_psr_mrpt=0
    wl0_ifname=eth1
    wl0_wme_sta_bk=15 1023 7 0 0 off off
    wl0_rxchain_pwrsave_quiet_time=1800
    wl0_rxstreams=0
    wl0_radio_pwrsave_level=0
    wl0_mrate=0
    wl0_mode=ap
    wl0_nmode_x=0
    wl0_txbf_imp=1
    wl0_user_rssi=0
    wl0_stbc_tx=auto
    wl0_ap_isolate=0
    wl0_rxchain_pwrsave_pps=10
    wl0_gmode=1
    wl0_ampdu=auto
    wl0_wme_no_ack=off
    wl0_dcs_csa_unicast=0
    wl0_acs_dfsr_immediate=300 3
    wl0_nband=2
    wl0_acs_fcs_mode=0
    wl0_pmk_cache=60
    wl0_ssid=Tomato24
    wl0_dtim=3
    wl0_vifnames=wl0.1 wl0.2 wl0.3
    wl0_txpower=50
    wl0_key1=
    wl0_key2=
    wl0_vlan_prio_mode=off
    wl0_key3=
    wl0_key4=
    wl0_wmf_mdata_sendup=1
    wl0_acs_chan_dwell_time=70
    wl0_vifs=
    wl0_rxchain_pwrsave_enable=0
    wl0_acs_dfsr_deferred=604800 5
    wl0_hw_rxchain=7
    wl0_wme_ap_vi=7 15 1 6016 3008 off off
    wl0_noisemitigation=0
    wl0_bss_maxassoc=128
    wl0_ampdu_mpdu=0
    wl0_mfp=0
    wl0_radio_time2_x=00002359
    wl0_wdsapply_x=0
    wl0_closed=0
    wl0_rate=0
    wl0_plcphdr=long
    wl0_turbo_qam=1
    wl0_macmode=disabled
    wl0_assoc_retry_max=3
    wl0_radioids=BCM2059
    wl0_wme_ap_vo=3 7 1 3264 1504 off off
    wl0_phytype=h
    wl0_lazywds=0
    wl0_intfer_period=1
    wl0_antdiv=-1
    wl0_ack_ratio=0
    wl0_radio_time_x=00002359
    wl0_mode_x=0
    wl0_wpa_psk=xxxxxxx
    wl0_acs_excl_chans=0x100c,0x190a,0x100d,0x190b,0x100e,0x190c
    wl0_amsdu=auto
    wl0_country_rev=0
    wl0_acs_pol=-65 40 -1 -100 -100 -1 -100 50 -100 0 1 0
    wl0_mbss=
    wl0_wmf_igmpq_filter=1
    wl0_unit=0
    wl0_bss_enabled=1
    wl0_ampdu_rts=1
    wl0_net_reauth=3600
    wl0_nmode=-1
    wl0_wmf_ucast_upnp=1
    wl0_radio_date_x=1111111
    wl0_acs_dfs=0
    wl0_timesched=0
    wl0_wds=
    wl0_bw=0
    wl0_reg_mode=off
    wl0_igs=0
    wl0_intfer_txfail=5
    wl0_optimizexbox=0
    wl0_auth=0
    wl0_wme=on
    wl0_radius_port=1812
    wl0_wep_x=0
    wl0_wme_bss_disable=0
    wl0_radius_ipaddr=
    wl0_rxchain=7
    wl0_wme_sta_vi=7 15 2 6016 3008 off off
    wl0_acs_ci_scan_timeout=300
    wl0_sched=000000
    wl0_wme_sta_vo=3 7 2 3264 1504 off off
    wl0_wps_reg=enabled
    wl0_maxassoc=128
    wl0_phytypes=h
    wl0_wep=disabled
    wl0_frag=2346
    wl0_txbf_bfe_cap=1
    wl0_intfer_tcptxfail=5
    wl0_btc_mode=0
    wl0_chanspec=0
    wl0_rateset=default
    wl0_ampdu_rr_rtylimit_tid=3 3 3 3 3 3 3 3
    wl0_wme_apsd=on
    wl0_txstreams=0
    wl0_txbf_bfr_cap=1
    wl0_acs_scan_entry_expire=3600
    wl0_auth_mode_x=psk2
    wl0_radio_pwrsave_pps=10
    wl0_radio_pwrsave_stas_assoc_check=0
    wl0_acs_cs_scan_timer=900
    wl0_rts=2347
    wl0_trf_mgmt_rssi_policy=0
    wl0_maclist_x=
    wl0_hw_txchain=7
    wl0_wpa_gtk_rekey=3600
    wl0_sta_retry_time=5
    wl0_key=1
    wl0_acs_dfsr_activity=30 10240
    wl0_intfer_cnt=3
    wl0_radio=1
    wl0_acs_ci_scan_timer=4
    wl0_bcn=100
    wl0_hwaddr=10:DA:43:84:33:8F
    wl0_ampdu_rtylimit_tid=7 7 7 7 7 7 7 7
    wl0_preauth=
    wl0_gmode_protection=auto
    wl0_maclist=
    wl0_obss_coex=1
    wl0_acs_tx_idle_cnt=0
    wl0_radius_key=
    wl0_wps_config_state=0
    wl0_wme_ap_be=15 63 3 0 0 off off
    wl0_corerev=29
    wl0_nmcsidx=-1
    wl0_pspretend_retry_limit=0
    wl0_wdslist=
    wl0_acs_chan_flop_period=70
    wl0_wds_timeout=1
    wl0_wmf_ucigmp_query=1
    wl0_wps_mode=enabled
    wl0_wme_ap_bk=15 1023 7 0 0 off off
    wl0_subunit=-1
    wl0_rx_amsdu_in_ampdu=auto
    wl0_stbc_rx=1
    wl0_radio_pwrsave_quiet_time=1800
    wl0_lanaccess=off
    wl0_auth_mode=none
    wl0_radio_pwrsave_enable=0
    wl0_wet_tunnel=0
    wl0_crypto=aes
    wl0_vreqd=1
    wl0_bss_opmode_cap_reqd=0
    wl0_txchain=7
    wl0_itxbf=1
    wl0_mrate_x=0
     
  79. lubmar

    lubmar Connected Client Member


    "nvram show | grep pci" did not work , only the "nvram show" works ...
     
  80. pomidor1

    pomidor1 Networkin' Nut Member

    nvram show | grep "wl_"
    nvram show | grep "wl0_"
    nvram show | grep "pci/1"
    nvram show | grep "wl1_"
    nvram show | grep "pci/2"

    Radio 2.4 Ghz
    nvram show | grep "wl0_"
    nvram show | grep "pci/1"
     
    Last edited: Feb 28, 2018
  81. koitsu

    koitsu Network Guru Member

    Depending on what model router (specifically CPU architecture) he has, there may not be any PCI NVRAM variables in the manner you hope. For example, on an RT-AC56U (ARM) with TomatoUSB, that is the case:

    Code:
    root@gw:/tmp/home/root# nvram show 2>/dev/null | grep pci
    devpath0=pci/1/1
    devpath1=pci/2/1
    
    However, I do disable both wireless interfaces on my router (I use a dedicated WAP for wireless), but that wouldn't wipe out NVRAM variables on Tomato.

    So, on these units, the NVRAM variables are named something very different I think -- but I'm not sure (someone smarter than me needs to confirm this). I believe they start with a number, followed by a colon. Example (with MACs XXX'd out), where I have lots of NVRAM variables but only ones starting with "0:" (2.4GHz) and "1:" (5GHz) seem like possible wireless chipset bits:

    Code:
    root@gw:/tmp/home/root# nvram show 2>/dev/null | grep '^[01]:' | sort
    0:aa2g=3
    0:ag0=0
    0:ag1=0
    0:antswctl2g=0
    0:antswitch=0
    0:boardflags2=0x00001800
    0:boardflags=0x80001200
    0:bw402gpo=0x0
    0:bwdup2gpo=0x0
    0:cck2gpo=0x1111
    0:ccode=SG
    0:cdd2gpo=0x0
    0:devid=0x43A9
    0:elna2g=2
    0:extpagain2g=3
    0:itt2ga0=0x20
    0:itt2ga1=0x20
    0:ledbh0=11
    0:ledbh1=11
    0:ledbh2=11
    0:ledbh3=7
    0:leddc=0xFFFF
    0:macaddr=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    0:maxp2ga0=0x64
    0:maxp2ga1=0x64
    0:mcs2gpo0=0x3333
    0:mcs2gpo1=0xD954
    0:mcs2gpo2=0x3333
    0:mcs2gpo3=0xD954
    0:mcs2gpo4=0x5555
    0:mcs2gpo5=0xF955
    0:mcs2gpo6=0x5555
    0:mcs2gpo7=0xF955
    0:ofdm2gpo=0x54222222
    0:pa2gw0a0=0xfebe
    0:pa2gw0a1=0xfe85
    0:pa2gw1a0=0x1b18
    0:pa2gw1a1=0x1bb4
    0:pa2gw2a0=0xfa47
    0:pa2gw2a1=0xf9dd
    0:pdetrange2g=3
    0:phycal_tempdelta=0
    0:regrev=10
    0:rxchain=3
    0:sromrev=8
    0:stbc2gpo=0x0
    0:tempoffset=0
    0:temps_hysteresis=5
    0:temps_period=5
    0:tempthresh=120
    0:triso2g=4
    0:tssipos2g=1
    0:txchain=3
    0:venid=0x14E4
    0:xtalfreq=20000
    1:aa5g=3
    1:aga0=0
    1:aga1=0
    1:antswitch=0
    1:boardflags2=0x00300002
    1:boardflags3=0x0
    1:boardflags=0x30000000
    1:ccode=SG
    1:devid=0x43B3
    1:dot11agduphrpo=0
    1:dot11agduplrpo=0
    1:epagain5g=0
    1:femctrl=3
    1:gainctrlsph=0
    1:ledbh0=11
    1:ledbh1=11
    1:ledbh2=11
    1:ledbh3=11
    1:ledbh6=136
    1:leddc=0xFFFF
    1:macaddr=XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    1:maxp5ga0=100,100,100,100
    1:maxp5ga1=100,100,100,100
    1:mcsbw1605ghpo=0
    1:mcsbw1605glpo=0
    1:mcsbw1605gmpo=0
    1:mcsbw205ghpo=0x99753333
    1:mcsbw205glpo=0x99753333
    1:mcsbw205gmpo=0x99753333
    1:mcsbw405ghpo=0x99753333
    1:mcsbw405glpo=0x99753333
    1:mcsbw405gmpo=0x99753333
    1:mcsbw805ghpo=0x99753333
    1:mcsbw805glpo=0x99753333
    1:mcsbw805gmpo=0x99753333
    1:mcslr5ghpo=0
    1:mcslr5glpo=0
    1:mcslr5gmpo=0
    1:pa5ga0=0xff3f,0x1b5d,0xfcb8,0xff3a,0x1ae8,0xfcbf,0xff38,0x1cc2,0xfc8c,0xff46,0x1cc3,0xfca4
    1:pa5ga1=0xff3c,0x1b0f,0xfcbd,0xff3e,0x1c0e,0xfca1,0xff41,0x1c00,0xfca6,0xff48,0x1bb5,0xfcb8
    1:papdcap5g=0
    1:pdgain5g=4
    1:pdoffset40ma0=0x3222
    1:pdoffset40ma1=0x3222
    1:pdoffset80ma0=0x0100
    1:pdoffset80ma1=0x0100
    1:phycal_tempdelta=0
    1:regrev=10
    1:rpcal5gb0=0x0058
    1:rpcal5gb1=0x0057
    1:rpcal5gb2=0x0058
    1:rpcal5gb3=0x0069
    1:rxchain=3
    1:rxgains5gelnagaina0=1
    1:rxgains5gelnagaina1=1
    1:rxgains5gelnagaina2=1
    1:rxgains5ghelnagaina0=2
    1:rxgains5ghelnagaina1=2
    1:rxgains5ghelnagaina2=3
    1:rxgains5ghtrelnabypa0=1
    1:rxgains5ghtrelnabypa1=1
    1:rxgains5ghtrelnabypa2=1
    1:rxgains5ghtrisoa0=5
    1:rxgains5ghtrisoa1=4
    1:rxgains5ghtrisoa2=4
    1:rxgains5gmelnagaina0=2
    1:rxgains5gmelnagaina1=2
    1:rxgains5gmelnagaina2=3
    1:rxgains5gmtrelnabypa0=1
    1:rxgains5gmtrelnabypa1=1
    1:rxgains5gmtrelnabypa2=1
    1:rxgains5gmtrisoa0=5
    1:rxgains5gmtrisoa1=4
    1:rxgains5gmtrisoa2=4
    1:rxgains5gtrelnabypa0=1
    1:rxgains5gtrelnabypa1=1
    1:rxgains5gtrelnabypa2=1
    1:rxgains5gtrisoa0=7
    1:rxgains5gtrisoa1=6
    1:rxgains5gtrisoa2=5
    1:sar2g=18
    1:sar5g=15
    1:sb20in40hrpo=0
    1:sb20in40lrpo=0
    1:sb20in80and160hr5ghpo=0
    1:sb20in80and160hr5glpo=0
    1:sb20in80and160hr5gmpo=0
    1:sb20in80and160lr5ghpo=0
    1:sb20in80and160lr5glpo=0
    1:sb20in80and160lr5gmpo=0
    1:sb40and80hr5ghpo=0
    1:sb40and80hr5glpo=0
    1:sb40and80hr5gmpo=0
    1:sb40and80lr5ghpo=0
    1:sb40and80lr5glpo=0
    1:sb40and80lr5gmpo=0
    1:sromrev=11
    1:subband5gver=4
    1:tempoffset=0
    1:temps_hysteresis=5
    1:temps_period=5
    1:tempthresh=120
    1:tssiposslope5g=1
    1:tworangetssi5g=0
    1:txchain=3
    1:venid=0x14E4
    1:xtalfreq=40000
    
     
  82. tvlz

    tvlz LI Guru Member

    I don't think that would work in this case, as these nvram values are hard-coded in init.c and would be set again when the reboot happens, somebody could try it though.

    What needs to happen is to break-up the model detection and add specific info for each one.
    Code:
        case MODEL_R6250:
    <specific info for r6250>
        case MODEL_R6300v2:
    <specific info for r6300v2>
        case MODEL_R6400:
    <specific info for r6400>
     
    txnative and pomidor1 like this.
  83. pomidor1

    pomidor1 Networkin' Nut Member

    I also do not think it would work, and if it is, then the tomato - RMmerlin
    Tomato is too far ddwrt

    Shibby once said:
    "
    nvram set variable = "value"

    that is, for example:
    nvram set wl0_wme_ap_vi = "7 15 1 6016 3008 off"

    and after adding everyone
    nvram commit

    and router reboot."
     
  84. txnative

    txnative Networkin' Nut Member

    seems like having some board specifics to the r-series might be ideal even though it's being built from the asus rt-ac68u, I seen that it doesn't rely on board specific just a few values, memory and cfe for some specifics to be done with the rest of the setup, but to add some board specifics to bcm94708, boardtype,boardrev and maybe boardflags or boardnum(optional) could maybe help with 2.4 ghz performance.
     
  85. drnorton

    drnorton New Member Member

    Hello kille72

    I have only one question. I use this moment dd-wrt kong build. And I use a OpenVPN server and access restrictions together. It works only when I write a iptables command in Firewall
    iptables -I FORWARD 1 -j lan2wan

    Without this only openvpn works or access restrictions. Both together dont go.
    I like only to know if access restrictions and vpn server work together on your build for my netgear r7000 ?

    I like to block some IP adresses or MAC Adresses. And here only some ports. One example:

    One user comes over OpenVPN (tap mode. With LAN address 192.168.6.42) to the LAN and need this connection to play games, like LOL. Now I like to block the ports for this game. Means: Ports 27000-27050, Ports 8393-8400,Ports 5222-5223, Port 3478 and 8088.
    Both ... TCP and UDP. And this for different times. Not only for one time.

    I looking for a long time to manage this problem.

    Thanks in advanced.

    Greetings
    drnorton
     
  86. user17600

    user17600 Reformed Router Member

    Kille72, will the .029 version with the latest commits be created for other router builds (e.g., R7K)?
     
  87. eangulus

    eangulus Network Guru Member

    I currently run a VPN script that only allows a single IP over the VPN, and I have a list of ports in that script that bypasses the VPN to the same IP. It can be adjusted to have more IP's, to allow or block the IP list or allow or block the port list.

    Let me know if you want the script and I can post it later (at work right now).

    Sent from my Pixel XL using Tapatalk
     
    drnorton likes this.
  88. somms

    somms Network Guru Member

    Heads up to the dev, OpenVPN 2.4.5 was released today...
     
    kille72 likes this.
  89. kille72

    kille72 LI Guru Member

    Beta .031 comes this weekend I hope...
     
    Last edited: Mar 2, 2018
  90. drnorton

    drnorton New Member Member

    Hello ..

    yes will be nice ..Please send the script. I think other are interested too.
    I need 3 Ip adresses over VPN. And this Ip's I like to block some ports. Thanks in advanced.
     
  91. Edrikk

    Edrikk Network Guru Member

    Posting this here in case those much smarter than me in the area of iptables (@pedro311 @KyleS @koitsu @tvlz @Sean B. @AndreDVJ ) can maybe have a look

    Running v2017.3 (but this issue is dating back to start of MultiWAN it seems), I found that if you enable Routing Policy under VPN Client, this results in the IP Traffic not showing any data in any of the categories (realtime, 24 hour, charts, etc etc). Seems that it is only affecting ARM side.

    As soon as you disable Routing Policy (leaving VPN on even), IP Traffic works. BW Monitor doesn't seem impacted by Routing Policy.

    Doing a little bit of research, I did see the following threads on this topic:

    http://linksysinfo.org/index.php?th...ior-of-iproute2-in-shibby-arm-multiwan.72495/
    http://www.linksysinfo.org/index.php?threads/is-shibby-tomato-140-routing-policy-not-working.73745/
    https://github.com/Jackysi/advancedtomato/issues/172

    This shouldn't stop the upcoming release given how long it's been here so long, but if anyone can see WTF the routing policy is doing to mangle the Traffic monitoring it would be awesome!
     
    kille72 likes this.
  92. RMerlin

    RMerlin Network Guru Member

    Can you compare the content of the FORWARD chain with and without policy rules enabled? IPTraffic relies on rules in the FORWARD chain to process traffic. If there's any rule before it that might issue a jump, it might be skipping the iptraffic rules.
     
  93. Edrikk

    Edrikk Network Guru Member

    Thanks @RMerlin! Interestingly enough, I just re-enabled Routing Policy, and IP Traffic is working.
    I'm guessing some event is happening that's causing what you're referring to but don't know what...
    I thought maybe it occurs if you start IP Traffic after Routing Policy, but it seems to not be it either.

    I'll keep an eye on it, but I do want to say there seems to be *something* not interacting well with the IP Traffic rules in combination with Routing Policy... Possibly indirectly/a third condition...
     
  94. Sean B.

    Sean B. LI Guru Member

    Any chance the "Redirect internet traffic" option plays a role?
     
  95. KyleS

    KyleS Addicted to LI Member

    OpenVPN? I remember looking into this and the FORWARD rule is never deleted. If you reboot the router it may resolve the problem, fix obviously being to remove the then martian forward rule in code.
     
  96. Edrikk

    Edrikk Network Guru Member

    Well in my case “Advanced -> Redirect Internet Traffic” never changed (always off).

    Will keep an eye out in case it wonks out again to see what rule changes/stays/is deleted vs when it’s working...
     
    Sean B. likes this.
  97. kille72

    kille72 LI Guru Member

    The new 2018.1.031 ARM beta is ready for testing.

    Downloads: https://exotic.se/tomato-arm/v2018/2018.1.031
    Changelog: https://bitbucket.org/kille72/tomato-arm-kille72/commits/all

    The most important changes vs 2017.3:

    - php: updated to 7.2.3
    - php: 'mysql' option is no longer supported in PHP7, changed to 'mysqli'
    - OpenVPN: updated to 2.4.5
    - miniupnpd: updated to 2.0.20180222
    - miniupnpd: changed the coding to use an interface name instead of an IP/netmask
    - nginx: updated to 1.13.9
    - Adminer: updated to 4.6.2
    - dnsmasq: updated to 2.79rc1
    - dnscrypt-proxy: changed URL of dnscrypt-resolvers
    - libncurses: updated to 6.1
    - nettle: updated to 3.4
    - sqlite: updated to 3.22.0
    - MiniDLNA: updated to 1.2.1
    - New wireless driver for SDK7 (Fixed KRACK vulnerability)
    - e2fsprogs: updated to 1.43.9
    - libcurl: updated to 7.58.0
    - nano: updated to 2.9.3
    - fixed FTP data connection fails from WAN side when port is not 21
    - transmission: updated to 2.93
    - ipset: updated to 6.35
    - libcurl: updated CA certificate bundle as of 2018-01-20
    - usb_modeswitch: updated to 2.52
    - busybox: changed uname
    - rc/wan.c: removed "bump wan state file on connect (don't wait watchdog result)"
    - tor: updated to 0.3.2.9
    - Fixed TOR build on some systems
    - Several kernel patches in SDK6 & SDK7
    - Changed Tomato versioning

    WIP:
    Work on the SDK6 and the new WL driver are in progress, half of the work has already been done by Shibby, but there are problems with creating entries in nvram for WL, WL1 etc. and their aliases wl0.1/2/3 wl1.1/2/3 based on default entries in the router/shared/defaults.c...
     
    Last edited: Mar 3, 2018
  98. joew333

    joew333 LI Guru Member

    The new 2018.1.031 ARM beta release seems STRONG on my Netgear R7000. Thanks Kille72 for something amazing and looking forward toward the collaboration with Shibby on the new WL driver. All functions seem good for the 1st 2 hours of operation on my router. Thank you sirs!
     
    The Master and kille72 like this.
  99. eangulus

    eangulus Network Guru Member


    For those interested, I attached my up and down VPN scripts. Just rename them to .sh

    I also have in my firewall script:

    Code:
    #Block IP from WAN Connection as Default
    #iptables -I FORWARD -i br0 -s 10.1.21.2 -o ppp0 -j REJECT
    iptables -I FORWARD -i br0 -m iprange --src-range 10.1.21.2 -o ppp0 -j REJECT
    
    #Copy QoS details from WAN to VPN
    cp /etc/qos /tmp/qos-tun11
    sed -i 's/ppp0/tun11/g' /tmp/qos-tun11
    sed -i 's/imq0/imq1/g' /tmp/qos-tun11
    chmod +x /tmp/qos-tun11
    /tmp/qos-tun11
    iptables -t mangle -A FORWARD -o tun11 -j QOSO
    iptables -t mangle -A OUTPUT -o tun11 -j QOSO
    iptables -t mangle -A PREROUTING -i tun11 -j CONNMARK --restore-mark --mask 0xff
    iptables -t mangle -A PREROUTING -i tun11 -j IMQ --todev 1
    ifconfig imq1 up
    The above first section blocks any traffic to an IP if the VPN goes down. The second part duplicates my QOS settings to the VPN connection so same rules are applied there.

    With the VPN Client settings please make sure you have Redirect Internet traffic off.

    Now you will have to decipher the scripts, but it is pretty simple. What this setup does is (with the above) lets all traffic over WAN, but forces a single IP over the VPN. Then there is a list of ports (attached to a variable) that will bypass the VPN connection. In my case, these are my WebUI pages, so I can still access them remotely. Any traffic over any other port that is not listed in the scripts is running via the VPN.

    To modify for your own needs, just change the IP and Bypass ports, and it will work in the same way as above.

    If you need to do something a little different, it is just a matter of reversing some of the code. for example:

    Code:
    iptables -t mangle -D PREROUTING -p tcp -s $INT_IP -m multiport --dport $PORTS_ALLOWED -j MARK --set-mark 0
    iptables -t mangle -D PREROUTING -p tcp -s $INT_IP -m multiport --sport $PORTS_ALLOWED -j MARK --set-mark 0
    iptables -t mangle -D PREROUTING -p udp -s $INT_IP -m multiport --dport $PORTS_ALLOWED -j MARK --set-mark 0
    iptables -t mangle -D PREROUTING -p udp -s $INT_IP -m multiport --sport $PORTS_ALLOWED -j MARK --set-mark 0
    
    The above is what sets the port list to be allowed to bypass the VPN on IN and out and TCP and UDP, hence the 4 lines. If you need it to be the opposite, that is the port list forced over the VPN, then set the Mark to 0x88. Anything marked as that is over VPN.
     

    Attached Files:

    drnorton likes this.
  100. My Name

    My Name Networkin' Nut Member

    @kille72 , Downloaded 2018.1.031 ARM beta, Installed, Wiped NVRAM and started setting up my spare TendaAC15.

    Things were going fine until I tried to enter my VPN keys under , VPN, Keys. I can copy and paste Certificate Authority, Server Key, and Diffey Helman and save them with no problems. When I copy and paste the Server Certificate, I briefly see Saving at bottom of screen and then the following error appears immediately in Chrome;

    This page isn’t working
    192.168.1.1 didn’t send any data.

    ERR_EMPTY_RESPONSE

    When using Edge Browser I get a similar error.

    In either case when I refresh the page the Server Certificate is blank and was not saved while the other three keys are still intact.

    All the above keys are working now on my main AC15 router running Toastman-ARM K26ARM USB VPN-64K and were created back in December 2017 using the latest version of EasyRSA at the time.

    Still looking for a solution but thought I would post in case anyone else has experienced this.

    EDIT UPDATE: It seems to have something to do with the size of my Server Certificate. I can eliminate about half of the file when pasting and it will save, won't work obviously but does save. Still looking.

    EDIT UPDATE: Some of the information from my Server Certificate

    Version: 3 (0x2)
    Serial Number: xxxxx
    Signature Algorithm: sha256WithRSAEncryption
    Issuer: CN=xxxxxxxx
    Validity
    Not Before: Dec 25 20:08:14 2017 GMT
    Not After : Dec 23 20:08:14 2027 GMT
    Subject: CN=xxxxx
    Subject Public Key Info:
    Public Key Algorithm: rsaEncryption
    Public-Key: (4096 bit)
     
    Last edited: Mar 4, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice