Tomato features requests

Discussion in 'Tomato Firmware' started by eahm, Feb 10, 2013.

  1. eahm

    eahm LI Guru Member

    Tomato is really good but after many many years of use and programming I can see it lacks of some really basic features that even some cheap router have.

    • VLAN BW Limiter: only Shibby's build has a proper limiter for each br*. I agree with Toastman that QoS is very useful but I yet have to see how to limit for each br like Shibby's build does.
    • NoCat Login Password: when the Splash Screen appears we need to see a login password. Giving the WiFi Password to EVERY SINGLE customer, specially on public places is just not practical and time wasting.
    • Guest SSID Login Password: customer/friend connects to unprotected VLANd Guest SSID and a login password appears. Better than WiFi password IMO, different security and more practical for everyone who visits/who is a guest. To be used even on public places instead of NoCat.
    • Gbps WAN: I've noticed that on Miscellaneous only 100mbps is allowed as max WAN speed. This is no longer useful and it must be changed. Many many people have >100mbps WAN. Please explain if this option doesn't limit >100mbps WANs. Confirmed working on Auto (
    • Non Broadcom chipset: I've read somewhere that it's not possible because of how the core of Tomato is built. Come on, everything's possible. Please explain or link to an article that tells why it's not possible.
    • Cleaner website with Changelog (Toastman is the cleanest), Build name features (Shibby is the cleanest) and clean download option (I feel it's better to kill myself every time I have to find which Victek build to use). Let's crete a standard template?
    • Checksum for every firmware file. Comparison of non corrupted file after download (Shibby has this).
    • Test, test, test. At least once. Please don't release versions without working features and let us wait weeks, months before fixing them (Shibby's K24 OpenVPN for example).
    • Contacts. #tomato on some IRC network? Skype? Anything to keep in touch faster than the forum.
    • Donation page. PayPal, flattr, whatever. SMBs owners like myself use Tomato all the time for work, people like FlashRouters take the firmware, overcharge the routers and make a living with it. Developers (Victek, Toastman, shibby20, Teaman, etc.) please make some money with it. I am down for a monthly donation.
    I understand Tomato is freeware and open source but you must contribute to make it better (you already do? Must contribute more!). DD-WRT is frozen, OpenWRT is to unpractical and hard to configure and use and I understand "there is life outside of Tomato" (Victek) but let's make this firmware the best one, better than it already is.

  2. RMerlin

    RMerlin Network Guru Member

    Asuswrt is an example of how much work is involved in supporting non-Broadcom chipsets. Asuswrt was originally forked from Tomato-RT, and Asus added support for their Ralink routers. Basically: it requires a *LOT* of additional code. The whole code for initializing the router and accessing the radio has to be completely rewritten. Such a project would probably take weeks, if not months of fulltime work from a dedicated developer. Not to mention having to maintain both versions of the code. Whenever you change something that is Broadcom-specific (for example, if you implement a webui page to display the details of wirelessly connected clients), you have to rewrite the vast majority of that code a second time to work with the other platform.

    Now imagine if in addition to Broadcom they were trying to support Ralink, Atheros and Mediatek... It would take a small team of dedicated developers to achieve that. Probably highly unlikely to occur at this point. Right now, Tomato developers lack even the time to add one single new Broadcom router (the RT-AC66U) because of its HW differences versus more traditional Broadcom devices. I can't imagine them finding the resources to add a whole new hardware platform.

    So the actual reason isn't that it's not possible, it's that it would require a LOT of work, both to implement and to maintain.

    I mean no offense, but asking others to do more is easy. What more have YOU done yourself? :)
  3. Bird333

    Bird333 Network Guru Member

    Repeater and Repeater bridge modes. (See DD-WRT for examples)
  4. eahm

    eahm LI Guru Member

    RMerlin, we consumers do more than anyone else. We keep the community alive, keep suggesting features, keep testing and breaking routers, wasting money on new hardware allowing ASUS, Cisco and others to make new models, we make donations. Trust me, if Tomato stops tomorrow and I can no longer use it I will find an alternative in about 10 minutes.

    I love the Tomato community, the developers, how they listen, their knowledge of networking, the firmware, the non-hunger of money they have etc. (you included, not just Tomato).

    There is a thing though, someone needs to push, the world moves because of business, progress and money. We keep changing little things, breaking others, usually being slower than the REAL competition to fix simple things etc. I understand developers don't have time to do EVERYTHING but when I commit on doing something I spend 24/7 to make it perfect. Unfortunately I never learned to program, I can't and probably will never make my build, but I can push and I can try make people angry for more. If time and money will allow I can build a team of developers that will program a universal firmware based on Tomato...who knows, now I am dreaming but it's not really that far of what I'd really like to do.

    The attitude that it's always enough will not bring anything better, just little updates.

    Please don't think I am rude, let's progress, let's push forward together. I ask, I pretend nothing to be easy and I am ready to pay to move forward.
  5. jerrm

    jerrm Network Guru Member

    Testing is the job of the community for a project like this. The developers have all done basic testing and do not release anything they know is broken - but I don't want Toastman, Shibby, or Victec testing every feature in every permutation. It's a virtually impossible task. There are better uses of their time.

    Any release should be considered a beta/test release. Early adopters of a release do so at their own risk. Rarely is there anything so pressing in a new release it it can't wait to be pushed into production until the reviews are in.
  6. jerrm

    jerrm Network Guru Member

    There is no real competition. This is not a commercial undertaking. For all the talk of community and all, the handful of developers for Tomato are largely doing it for their own personal reasons. For some it may just be a hobby, for others it is work related, most probably a combination of both. When Tomato is no longer relevant to them, they will move on.

    One thing about software projects is they are never "finished" and never "perfect." They get to the point you can stop working and send them out the door. As a developer sometimes you are happy where they are at, sometimes not, but there is alway more that can be done.
  7. Elfew

    Elfew Network Guru Member

    • NoCat Login Password: when the Splash Screen appears we need to see a login password. Giving the WiFi Password to EVERY SINGLE customer, specially on public places is just not practical and time wasting.
    You can set it without a password or make your own nocat splash screen
    • Guest SSID Login Password: customer/friend connects to unprotected VLANd Guest SSID and a login password appears. Better than WiFi password IMO, different security and more practical for everyone who visits/who is a guest. To be used even on public places instead of NoCat.
    Guest SSID is already in Tomato FW... up to 5 guest wifi sites you can set.
    • Non Broadcom chipset: I've read somewhere that it's not possible because of how the core of Tomato is built. Come on, everything's possible. Please explain or link to an article that tells why it's not possible.
    Waste of time, I think Tomato is really good and stable... stock asus fw has same wifi speeds like tomato shibby (tested, same driver... toastman and others have different older driver)
    • Cleaner website with Changelog (Toastman is the cleanest), Build name features (Shibby is the cleanest) and clean download option (I feel it's better to kill myself every time I have to find which Victek build to use). Let's crete a standard template?
    Pointless... Shibby has nice website - changelog, news, info about versions etc
    • Test, test, test. At least once. Please don't release versions without working features and let us wait weeks, months before fixing them (Shibby's K24 OpenVPN for example).
    Open source project, users are the testers! :))
    • Contacts. #tomato on some IRC network? Skype? Anything to keep in touch faster than the forum.
    I agree with you, but many people just spam and post useless topics because they are lazy to search and read... so NO!
    • Donation page. PayPal, flattr, whatever. SMBs owners like myself use Tomato all the time for work, people like FlashRouters take the firmware, overcharge the routers and make a living with it. Developers (Victek, Toastman, shibby20, Teaman, etc.) please make some money with it. I am down for a monthly donation.
    Already in about page - paypal link
    My features request:
    1) make device list more user friendly - add info - how many clients are connected, connected devices, speed and interface (port)
    2) add new driver from ASUS for transfering files - it takes so long
    3) DualWAN
    4) add temperature info to the main page

    And last the big one - please Shibby, Toastman, Victek, Teddy and others coders - please cooperate and make this firmware together -> more features, more stability, higher speed of development! Thats the answer!
  8. Pentangle

    Pentangle Serious Server Member

    Here are the developments I'd love to see implemented:

    - An automated bandwidth limiter, based on bandwidth graph info and able to dynamically increase or decrease headroom based on whether packet drops are occurring before the artificial limit (maybe also augmented with a daily bandwidth speed test to see what's possible that day). Basically to avoid missing out on bandwidth by being too conservative with the limiter (or having to revisit customers when their ISP upgrades their line).

    - Some way (and yes I understand it's been discussed tons of times) to have a standard config template that can be applied across tomato versions and different routers of the same make.

    - I agree with the guest SSID setup request above

    - I also know that IPSec is being worked on, and would say it needs to be integrated into the GUI and firmware (rather than optionware).

  9. eahm

    eahm LI Guru Member

    I don't care about the rest of the comments since they are just opinions but talking about the Guest SSID, I didn't ask about the Guest SSID a VLAN MultiSSID firmware can already do or a Guest SSID with a password/passphrase protected SSID, I was talking about a login page with a password to enter to be able to login not just a login button to click.

    See screenshots:

    This would be awesome for business and friends visiting. I think it's just something to integrate in the Guest SSID login webpage.

    Talking about your features
    1) I think this is more than fine. You can find all the info you need, in a very simple way. Negotiation speed can also be added but do you really care?
    2) Shibby has new drivers already? He was talking about this. I think he uses the very latest ones.
    3) Kinda nice yes. The DualWAN developer hasn't released the source code Toastman was saying. China has problem with sharing.
    4) Absolutely not. I don't care at all about this. Better if it's disabled by default if added.

    I also find a really bad idea to make a unique build with the three main developers together. It's just a feeling, since Tomato is not a business and no one likes or cares to consider it like it I don't think one unique build will work. They can't even talk together, how do you think they will work together?
  10. Elfew

    Elfew Network Guru Member

    Maybe every dev should take one thing which is missing in tomato fw and focus on it... so do not do ten things at once but one by one... but I think it is impossible...

    I dont follow you with multi SSID - you can set guest wifi, isolate it from intranet and ake it public - only internet access... but I dont follow you idea about passwords?

    edit: ok you are talking about nocat login page... it is simple, just google it. I have seen modified splash page with login server etc some time ago for tomato.

    about drivers - no wireless but driver which control FTP, transffering files from USB devices etc. - tomato uses opensource drivers which are not good for devices which has low speed CPU, so transfer speeds are really low compared to stock asus FW which uses different one... I think that Shibby is working on it... maybe next FW build, who knows :)

    check this link:

    srry about my English, not my native language
    eahm likes this.
  11. vlads

    vlads Networkin' Nut Member

    At the top of my list are stable and highly optimized OpenVPN builds.

    Icing on the cake would be multi OpenVPN client builds with GUI based route selection (ie mapping specific IPs/MACs to either bypass active tunnels and go straight out to the internet or route them through a specific tunnel).
  12. Xenus

    Xenus Serious Server Member

    Shibby: BW limiter by MAC, DNScrypt
    Victek: busybox 1.20, web server new feature
    like to see working Jumbo frames (if possible), better changlelogs, any limits noted on BW, any other routers that can be supported?

    My old WRT54G can't do better than 30 Mbs on DD-WRT maxed out CPU (poor thing). Would any Tomato flavour do better?

    I'm very impressed with all the improvements from all the contributors so far.
    eahm likes this.
  13. gfunkdave

    gfunkdave LI Guru Member

    Re: difficulty of porting to non-Broadcom

    Given that DD-WRT has done this, would it be possible to use some of their code for supporting, say, Atheros or Ralink?
  14. RMerlin

    RMerlin Network Guru Member

    Their architecture is probably far too different from Tomato. Ralink could be ported from Asuswrt provided some devs had a few weeks to spend on it. Atheros would be probably quite challenging.
  15. Mangix

    Mangix Networkin' Nut Member

    dd-wrt with atheros is quite interesting. To keep the codebase simple, it creates its own nvram partition and stores/manages all the settings there instead of using the normal one.

    forget tomato on atheros. if you want a good atheros firmware, get gargoyle.
  16. Elfew

    Elfew Network Guru Member

    What is the reason to use different driver? Bettter stability or speed?
  17. akimoto

    akimoto Networkin' Nut Member

    Repeater and Repeater bridge modes. (See DD-WRT for examples). too!
  18. rs232

    rs232 Network Guru Member

    My feature request is:
    Support for usb wireless Nic. I don't expect all the drivers to be there but if we could manage to have some basic well known e.g. the rtl8187 (the one used by alfa devices per say) we could finally have a wireless client AND access point on the same device. I know this is already possible with dual frequency devices but how about 2.4G only? Using an external nic as wclient would do
  19. Elfew

    Elfew Network Guru Member

    windozer, CBR900 and eahm like this.
  20. Monk E. Boy

    Monk E. Boy Network Guru Member

    Default 2.4Ghz radios to 20Mhz channels instead of 40Mhz channels.
    eahm likes this.
  21. Bird333

    Bird333 Network Guru Member

  22. kthaddock

    kthaddock Network Guru Member

    Elfew likes this.
  23. Elfew

    Elfew Network Guru Member

    I hope that devs dont sleep ;) too much work :(
  24. Mangix

    Mangix Networkin' Nut Member

    Most of this won't happen. Too many users, not enough developers :\.
  25. heebo1974

    heebo1974 Serious Server Member

    All-u-need ad bloking script with gui and integrated pixelserver. :)
  26. Frequenzy

    Frequenzy Networkin' Nut Member

    i would like this integrated

    another is the universal repeater mode :)
  27. eahm

    eahm LI Guru Member

    I don't agree with this one. Actually the best script I've used is the following:
    cat > /tmp/whitelist <<EOF
    if [ ! -s /tmp/dlhosts ] ; then
    echo -e "#!/bin/sh\n(wget -O - ; wget -O - | grep | grep -Fvf /tmp/whitelist | sed -e '2,\$s/' -e 's/[[:space:]]*#.*$//' > /etc/blkhosts\nlogger 'DOWNLOADED ADBLOCK HOSTS FILE(s)'\nkillall -1 dnsmasq" > /tmp/dlhosts
    chmod 777 /tmp/dlhosts
    sleep 120
    cru a GethostsFriAM "23 3 * * 2 /tmp/dlhosts"
    plus (Advanced -> DHCP/DNS -> dnsmasq custom configuration):
  28. phuque99

    phuque99 LI Guru Member

    Can that be simplified to the following? Dnsmasq will auto check for /etc/dnsmasq/hosts/* for files to use.

    if [ ! -f /etc/dnsmasq/hosts/blkhosts ]; then
    wget -qO- | tr -d '\r' | grep "^" | grep -v localhost | awk '{print "  " $2}' >/etc/dnsmasq/hosts/blkhosts
    service dnsmasq restart
  29. eahm

    eahm LI Guru Member

    phuque99, it's working wonderfully.

    1) Can we add the/an other URL as backup?

    2) One day of the week auto update?

    3) Tools -> System -> /tmp/dlhosts no longer works to reload the script, what do I use for this new one?

    4) Whitelist?

    See, you made it simpler but it does 1/5 of the work :)

  30. phuque99

    phuque99 LI Guru Member

    1. You can add multiple wget lines for multiple URL source. Note the >> for line 2 onwards to append instead of overwrite:
    wget -qO- | tr -d '\r' | grep "^" | grep -v localhost | awk '{print "  " $2}' >/etc/dnsmasq/hosts/blkhosts
    wget -qO- | tr -d '\r' | grep "^" | grep -v localhost | awk '{print "  " $2}' >>/etc/dnsmasq/hosts/blkhosts
    2. If you're using it in the script section, they are saved in a file in /etc. Can't recall the name of the file but you'll find it. Create a schedule to execute the file. You'll need to add a command to erase /etc/dnsmasq/hosts/blkhosts if you plan to run this periodically.

    3. Save it in script section and it will run when the router is booted up.

    4. If you have a couple of IP addresses, you can pipe additional | grep -v "<white list IP>" to each of the wget file.
  31. eahm

    eahm LI Guru Member

    3) I've already talked and fixed this, I don't want to reopen the issue but, sometimes the script unloads itself when some settings are saved. With the one listed before I just go on Tools -> System and run the command "/tmp/dlhosts" so I don't need to restart the router every time. Is there a similar way to reload yours?
  32. phuque99

    phuque99 LI Guru Member

    I save mine in the wanup script, so it gets executed only when WAN connection is established. Again like I mentioned, all "scripts" in tomato is actually saved in a file in the tmpfs folders. Find it and "run" it like your noamlly do if you want to use Tools -> System to execute it again.
  33. windozer

    windozer LI Guru Member

    +1 the script auto-updates (if required) and sorts duplicates - perfect addition - a router should be running for weeks and months.
  34. windozer

    windozer LI Guru Member

    It always impresses me when I recollect that Tomato QoS can accept IP address list and/or ranges, port list with commas, port range. Also reminds me why I stick to it............
    Anyway, a fellow member has posted a great script that'll bypass OpenVPN by your choice of specific port and/or IP addresses/range - looks like a ready to use feature.

    ## Uncomment and set value(s) as needed to customize your rules
    # IP addresses, contiguous range AND/OR individual.
    # Specific destination websites ip range - Spotify , Netflix...
    #  List Contents by line number
    # iptables -L PREROUTING -t mangle -n --line-numbers
    #  Delete rules from mangle by line number
    # iptables -D PREROUTING type-line-number-here -t mangle
    #  To list the current rules on the router, issue the command:
    #      iptables -t mangle -L PREROUTING
    #  Flush/reset all the rules to default by issuing the command:
    #      iptables -t mangle -F PREROUTING
    # First it is necessary to disable Reverse Path Filtering on all
    # current and future network interfaces:
    for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
      echo 0 > $i
    # Delete table 100 and flush any existing rules if they exist.
    ip route flush table 100
    ip route del default table 100
    ip rule del fwmark 1 table 100
    ip route flush cache
    iptables -t mangle -F PREROUTING
    # Let's find out the tunnel interface
    iface_lst=`route | awk ' {print $8}'`
    for tun_if in $iface_lst; do
        if [ $tun_if == "tun11" ] || [ $tun_if == "tun12" ]; then
    # Copy all non-default and non-VPN related routes from the main table into table 100.
    # Then configure table 100 to route all traffic out the WAN gateway and assign it mark "1"
    ip route show table main | grep -Ev ^default | grep -Ev $tun_if \
      | while read ROUTE ; do
          ip route add table 100 $ROUTE
    ip route add default table 100 via $(nvram get wan_gateway)
    ip rule add fwmark 1 table 100
    ip route flush cache
    #  All LAN traffic will bypass the VPN (Useful to put this rule first,
    #  so all traffic bypasses the VPN and you can configure exceptions afterwards)
    #    iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
    #  Ports 80 and 443 will bypass the VPN
    #    iptables -t mangle -A PREROUTING -i br0 -p tcp -m multiport --dport 80,443 -j MARK --set-mark 1
    #  All traffic from a particular computer on the LAN will use the VPN
    #    iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range -j MARK --set-mark 0
    #  All traffic to a specific Internet IP address will use the VPN
    #    iptables -t mangle -A PREROUTING -i br0 -m iprange --dst-range -j MARK --set-mark 0
    #  All UDP and ICMP traffic will bypass the VPN
    #    iptables -t mangle -A PREROUTING -i br0 -p udp -j MARK --set-mark 1
    #    iptables -t mangle -A PREROUTING -i br0 -p icmp -j MARK --set-mark 1
    # By default all traffic bypasses the VPN
    iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
    for ip_addrs in $ip_addrs_lst ; do
      iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range $ip_addrs -j MARK --set-mark 0
    for web_dst_range in $web_range_lst ; do
      iptables -t mangle -A PREROUTING -i br0 -m iprange --dst-range $web_dst_range -j MARK --set-mark 0
    Any way to bypass VPN selectively? | Page 2 |
  35. lord_rel

    lord_rel Networkin' Nut Member

    failover to usb 3g dongle would be a nice feature
    crashnburn likes this.
  36. lord_rel

    lord_rel Networkin' Nut Member

    a kickstarter to unify and improve the firmware by funding a developer for a years work
    crashnburn likes this.
  37. eahm

    eahm LI Guru Member

    Good idea, I like Indiegogo better though.
    crashnburn likes this.
  38. WRD - EasyTomato

    WRD - EasyTomato Networkin' Nut Member

    With all due respect (I don't think you're trying to be rude), this is a ridiculous post and I actually think it's somewhat harmful. The consumers do not do more than anyone else. Developers like Jonathan Zarate, Teddy Bear, Toastman, Shibby, and other coders are the reason the project is even around.

    Part of the reason we don't have more developers is this attitude. A number of developers have left the project simply because of the demands coming out of the forums and to take a quote right from Toastman's website

    People who work on the Tomato aren't code robots, they are real people with real jobs and lives. They are doing it for fun and we're lucky to be able to benefit from what they do!

    As both Toastman and Shibby have paypal donate buttons on their websites, use them!!! I think Toastman said something about having only a handful of donations for over 100,000 downloads!!

    I'm not complaining or saying we shouldn't discuss what features would be useful, but just asking everyone think about how much they get from the Tomato project vs how much they give back (money or code).

    Since you're all already using these guys firmware, it would be nice to donation to Toastman or Shibby more features or not!

    Make the developers feel loved, because I can tell you they don't for the most part :)
    crashnburn likes this.
  39. eahm

    eahm LI Guru Member

    WRD, I don't want to piss anyone off. Do you know how many things I do for free? It doesn't matter if they are free or not, once you start a project people will expect more and more...for free. One of my thing is managing a company that makes iOS apps, we make free ones as well and users continuously ask for more and more without even caring the apps are free, they want more features, they want us to die developing for free and you know what? I knew it before I started, it's fun to give and make people happy.

    All these features I asked are more for myself to hear why and when something is possible to integrate, don't really care if they do it now or in two years or maybe never if they think they're not necessary.

    Again, stay happy and do whatever you want. I will try to organize monthly donations.

    Thanks for your reply :)
  40. windozer

    windozer LI Guru Member

    If only there was a single VictekTeamanToastmanTeddybearShibbySnowmanYettiTomato, I wouldn't have to try so hard to choose who to donate to. I want to show my love, in a monetary way of course.
    Elfew likes this.
  41. Jason Jordan

    Jason Jordan Networkin' Nut Member

    I'm only familiar with the feature set of my few Linksys wired and wireless routers, so forgive me if this is a previously answered question, but here goes. I'm curious if there any any stock features that happen to be missing from the various Tomato firmwares? Should those features be included as well.

    Also, I'm a fan of the idea of one single, fully supported Tomato version that all of our favorite devs work on together. I'd even pay money for it.
  42. Max3D

    Max3D Serious Server Member

    Asus has something called ´multiple SSID and access control´ so you can allocate bandwidth on a per SSID basis. Is something like this possible with any of the Tomato builds? If not control over individual users of BW would be on my wishlist.

  43. RMerlin

    RMerlin Network Guru Member

    MultipleSSIDs have nothing to do with bandwidth. It's only to let you configure multiple SSIDs, with different security settings, so you can share them with other people.
  44. bmupton

    bmupton Networkin' Nut Member

    True, but I think he wants to limit bandwidth per SSID. This is possibly in Shibby's builds with the bandwidth limiter.
  45. Max3D

    Max3D Serious Server Member

    I quoted this from the Asus claimfor the older RN-12 RMerlin. Full text states:
    Easy Bandwidth and Access Control

    Multiple SSID 4-Network-in-1
    The administrator can allocate bandwidth and access control to other users in the network. A high-bandwidth, private network can be set up for upper management; a middle-bandwidth, private network for staff; and a low-bandwidth, Internet-access only network for friends and guests. It's the best choice for SOHO wireless networking.
  46. Elfew

    Elfew Network Guru Member

    you can set bw limiter for every br in shibby mod - so you can set download/upload bandwidth for your guest wifi
  47. eahm

    eahm LI Guru Member

    Shibby has it, it's on my wishlist for Toastman.
  48. RMerlin

    RMerlin Network Guru Member

    The RT-N12 runs a different firmware from all recent Asus routers. The only thing you can control there is whether you want guests to have Intranet access or not.
  49. EGOvoruhk

    EGOvoruhk Serious Server Member

    • Wireless LAN Controller (WLC): This would no doubt be a huge undertaking, and is very much a pipe dream, but I'd love it if there was a built in WLC. I'd like to be able to set up one of my routers as the master, and do all my configs from there, and have any other Tomato-based router on my network be able to be set up as a slave access points, taking all the configs from the master. Though the number one feature from WLCs I'd be using is load balancing between the APs
    I would throw down some good money for this
  50. Max3D

    Max3D Serious Server Member

    Thanks Eahm; I don´t have an Asus router as yet so I couldn´t check myself. I will order the RT.N16 then and use the Shibby fork.

    Elfew, so it´s limited to one other SSID setting (Guest)? Sorry for the stupid questions but I don´t know what a BR is. Google didnt help.
  51. Monk E. Boy

    Monk E. Boy Network Guru Member

    Load balancing have to integrate with the client, and can't just be a function of APs. Hell, I'd solve a good chunk of my wireless problems if wireless clients would simply choose the strongest AP within range, instead of choosing them seemingly at random.
  52. EGOvoruhk

    EGOvoruhk Serious Server Member

    Wrong, it doesn't need to integrate with a client at all. You just need the AP to be in lightweight mode versus autonomous (Cisco terminology), so it can be controlled by a separate device, the Wireless LAN Controller. That device will be the one rejecting one AP and accepting another, not the client. But there's no reason the WLC needs to be an external device like Cisco uses, it can very well be built into the AP itself, like Xirrus does with their wireless arrays

    But really, load balancing isn't about selecting an AP with the best range (your client really should already be doing that), it's about spreading your clients evenly between APs so you don't overload them with traffic and bring one to a crawl while another has only a few clients
  53. Bird333

    Bird333 Network Guru Member

  54. crashnburn

    crashnburn Network Guru Member

    Auto redirect/ force HTTPS - option for Admin Login?

    There was this one time I configured the Web Admin for HTTPS login only and forgot that I had done that - For security.

    I kept trying to login using HTTP and spent the next few nights wondering why my Admin Login page would not even show up and the Router was working fine.

    It had just stopped listening over HTTP. Maybe when the SECURE HTTPS option is enabled, we could redirect HTTP / Port 80 and force an HTTPS connection - Over same port or a redirected port?

    Pointed below and linked to the thread where I posted about it.

    So, if an Admin sets it up for HTTPS and by mistake tries to access via HTTP, the Router redirects and forces it to the HTTPS version of the URL with Login Page for Secure Login.

    Should be a small, simple one, but I think it would be a no brainer :)
  55. crashnburn

    crashnburn Network Guru Member

    Just a thought -

    One of the reasons that iOS apps sold big time was that there were a lot of them at a Low Buy-in price. $ 1, 2, 3, 4, etc.

    Maybe once we have an organized list, we can have members contribute / bid ahead of time for features they want. More like encouragement with small amounts. Crowd Source/ Crowd Fund the FEATURE.

    e.g. Feature 1 - 1$, 2$, 3$, etc upto $10. etc.

    We can figure out some ways to take that feature amount and give it as donation to the developer who works on that and releases it.

    So, even if some people did not donate to a specific developer, just like small iOS fart apps, they would push some small crowd sourced $$$ to the certain FEATURES they would like to ENCOURAGE the developers to work on.

    Again, this is a quick stab and a vague abstract, I am sure someone could come up with a better
  56. Monk E. Boy

    Monk E. Boy Network Guru Member

    Actually I implement redirects like that in HTML, and the redirect page is measured in bytes (as in well under 1KB). The dynamic nature of Tomato, which can be placed on any IP address, probably would require slightly more elaborate code but it should be possible. There are some more caveats (e.g. probably need a separate instance of the web server running, one pointing to Tomato, the other pointing to the redirect "site"), but compared to some of the requests in this thread it's within the realm of possibility (though, for safety's sake, this should only affect LAN/WLAN connection attempts).
  57. RMerlin

    RMerlin Network Guru Member

    One big difference here:

    iOS developers selling apps often do it for the money.
    Most of us FW developers do it for fun, as a hobby, or for our own needs.

    Myself, money would never be an incentive to develop a specific feature if I felt it didn't belong in the firmware. I have a strong feeling that is also Toastman's position, based on his recent posts about his motivation behind working on Tomato.

    Now, if someone would be motivated by money to start a new fork and work mostly out of bounties, sure. I just don't think bounties would drive any of the current active developers/maintainers however.
    crashnburn and WRD - EasyTomato like this.
  58. WRD - EasyTomato

    WRD - EasyTomato Networkin' Nut Member

    The folks at EasyTomato are in the same boat as Merlin, and while I can't speak for them, I would think Shibby and Toastman are as well. Glad people are excited about Tomato development, but I agree that the current devs are not going to change their work schedules or feature listed based on money.

    That being said even a small donation to those guys shows you care and value their work!
    crashnburn likes this.
  59. Golden

    Golden Serious Server Member

    Ipsec vpn client in the future ?Some enterprises use Cisco IPsec vpn.
  60. eahm

    eahm LI Guru Member

    Shibby has IPSec, also enterprises don't use Tomato.
  61. mito

    mito Network Guru Member

    @ WRD # 38, great, i agree 100 %
  62. crashnburn

    crashnburn Network Guru Member

    I was not trying to make this a money motivator. It could just be something like this
    e.g. Toastman has 3 features pending on his "To Do" list which he is thinking, which one first or which is more important.
    Let's say he is undecided and may ask the audience here for opinions. Free feedback.

    If you had some kind of Donation $ component to it to push weight behind one of the features Toastman already likes/ wants to do.

    Again - I am just thinking/ brainstorming for some kind of link between - What Toastman might already want to do and the Free Feedback people already give into a bit of INCENTIVE "Donation".

    Again - As I said, it was just a cross-connected thought between the Donation Thread and This one. No offense.
  63. terrorfrog

    terrorfrog Reformed Router Member

    Well first i want to say most people dont even know what they have in tomatoe and shibbys builds

    I do a lot of work with routers, i think i know most of the useable models availble in the last 3 year, i know all the stocks, and many mods.

    well most of them are unstable at best, lack of features at best. dont work at all for many more sophisticaded features many times.

    lets look at dd-wrt which manage to get their software on buffalos - well i dont get it really.
    compare it to shibbys tomatoe you will see 2 things

    1. dd-wrt has way mroe features, hot spot technlogy and so on, it support atheros (more or less)
    2. but when it comes to use features above wifi and basics youll see very fast tomatoe seems to be the only really solid and working firmware. well less features (most of em useless anyway) but they work.

    no bugged interface - clean methods todo stuff, easy WORKING scripting (not script and pray) fast and responsive interface.Well i know even tomatoe has some bugs sometimes, but really other mods and of course almost all stocks are almost unuseable because of massive basics bugs

    So really many thanks for that.

    My Personal whichlist.
    1. Keep it going the way it is - meaning one features one by one, clean built in, working gui. its simply nice to have ti (that the gui is not everyones taste well another story but doenst really matter - more important you click where you save it you know its saved, if needed the device will reboot if not it will not, not like ddwrt where you have to guess when to make a hard reboot because the gui is showing nonsense or nothing at all)

    2. bevore crying for new features think about 2 things,
    is it really nessesary btw does it makes sense (for example on ddwrt a kerberus which is susally used for a bit more users would overload on those small devices so why should a small slow broadcom router serves as an fluu blown enterprise auth server)

    second think about that there is not enough space on those devices.

    basic features a router needs.

    does a router really need to be a full blown fileserver while it cannot beat a real NAS (or a real server) every because of hardware limitations. i dont see much sense havong every networkdevice ability of beeing a fileserver - sorry i really dont see it - yea i know some people dont wanna buy a nas and just a router but really they dont need this ability most of the time if a router can serve em as well as a nas would do.
    so such features just serve the invetion of the weel#999 having 10 devices on the net doing a nas job but none a real routers job :)))

    I think that all started with manufacturers trying to sell their stuff so they integrated more or less working additional features like beeing a print server, beeing a nas, beeing a client for xxx, and so on)

    we should look at what average consumer things already doing by default and not redo the same things on a custom rom. like printers already going cloud overing printserver builtin by default even cloud printing from anywhere. theres no new printer above 90 bucks without its own network interface - printserver? no point that was in the 90s and it was expensive but 2013??? more surprised seeing that "feature" in asus firmware by default but seeing their failover feature non working in stock lol

    so now what i try to say is features repeaing basic features of other devices makes no sense specially if very cheap specialisec hardware already brings it with em
    maybe thinking about features to integrate certain devices into the network

    also focus more on real network related things because its a dam router even with a usb port and i know its linux running so you COULD do almost anything - questions is - SHOULD you?

    So for me all things realted to vlans , qos, multiwan, failovers, hell a killer features would be clustering that thingy.

    think about a HA solution with asus rt-n66u with multiwan (loadbalanced) and additional failovers
    or better firewalling option - i know i can enter whatever i want - but for complex setups you need a gui driven firewallsetup (i use firebuilder)

    so just my personal whish, i would love to see tomatoe/Ushibbys going more into that direction. it could open a semiprof market which could bring more support and devs to the projects.
    alöso because i think it would just make sense working on network features on a router as working on nas, printserver, authserver, torrentclients and so on.

    just my 2 cents

    ps: i dont think support other than broadcom is a good idea. actually it could be the worst idea ever and maybe the reason why ddwrt is stuck into bugmode forever

    1. atheros does not support to split the switchports - so you can only use tagged vlans not port based ones which makes dual wan impossible - the result is that you have different builts of EVERY tomato mod - only to end up with some routers will have features some not.
    better having a smal fine router list which can do all features.
    better having more actual routers (look at dd and tell me which modern Gbit router is supported - you will find mostly non broadcom - so no dual wan, no advanced features - the supirioir asus isnt supported - not really)

    2. as many already stated it would take a lot of work. but even worse more routers you support slower new realeses comming out. ending up with hundreds of different releases with different bugs

    i think staying at one chipset is fine, broadcom well isnt really good, and atheors might be a bit finer when it comes to wlan but hey even broadcom gets better and the little suspected benefit of atheros is not worth it.

    and one last word about the "customers" doing the most work
    this is BS, bit BS
    yes enduser are testing, sometiems bricking their devices and do their part in the project.
    but they do it because they dont want buy enterprise ready products which would come with same set of features (ok be honest mroe features just depending on your budged) and they work

    ok i dont blame anyone, i dont get the budged myself everytime i want to have it, and the real good stuff is real expensive, i agree, very expensive.

    but without shibby, toastman and all others (no offense i dont write your name here iam just fkn bad with names sorry) we would have fkn nothing at all.
    we would have the choice between barley working shit stock firmware which is usally a very bad joke - even features in big letters on the box dont work inside the software - or forced to buy very expensive enterprise hardware - take your pik.

    those guys do a lot of very sophisticated work, not everyone can do, and be honest - i can train almsot anyone to be a tester and a router bricker :)) but i cannot train them to be a tomato dev

    so be greatful, open sour eyes and see what you got - if you dont see revert back to stock fiormware and start testing EVERY features - make a list how many of them really work, how many sometimes and how many not at all - comapare it, then go on your knees and let your toung search for the shoes of all those great guys giving their brain and time, part or their life, for your befenit god dammit,...

    really customer do the most work - worst joke ever wtf
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice