1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tomato Shibby's Releases

Discussion in 'Tomato Firmware' started by shibby20, Feb 26, 2011.

  1. Malakai

    Malakai Serious Server Member

    Thank you for your response.

    Do you know where I could find such a script that would work with tomato, because I'm not a programmer and I wouldn't know how to write it.
     
  2. leandroong

    leandroong Addicted to LI Member

    Something like this:
    Code:
    #!/bin/sh
     
    pidof : grep mpd >/tmp/mpd_run_status
    if [ -s /tmp/mpd_run_status ]; then
      killall -kill mpd
      break
    fi
    mpd /opt/etc/mpd.conf
    note: mpd is the optware application that i'm checking if running.

    You just need to add script to the scheduler, and specify desire checking interval.
     
  3. Malakai

    Malakai Serious Server Member

    I need it for asterisk so I believe the code would be:

    Code:
    #!/bin/sh
     
    pidof : grep asterisk >/tmp/asterisk_run_status
    if [ -s /tmp/asterisk_run_status ]; then
      killall -kill asterisk
      break
    fi
    asterisk -cvvv
     
    
    But I don't seem to understand:
    First it checks the PID of the program and puts it in the file /tmp/asterisk_run_status
    If the file exists (this meaning the program is running) then it kills the program? What is the -s for? I surely don't read it wright so if you could please tell me what it does.
     
  4. leandroong

    leandroong Addicted to LI Member

    you can further simplify the coding. -s is checking if file is not empty, meaning, it is running. don't forget to erase asterisk_run_status afterwards, no more usage.
     
  5. Malakai

    Malakai Serious Server Member

    Another problem that I have is that when I start asterisk from the command line "asterisk -vvv", I have like 20 instances that start, and I don't understand why. How can I start only one instance?
     
  6. kthaddock

    kthaddock Network Guru Member

    @Shibby
    Have you seen ASUS have new wifi driver in new relese, 3.0.0.4.372.1393, that should fix issue with 5Ghz band and intel problem cards.
    kthaddock
     
  7. RMerlin

    RMerlin Network Guru Member


    They released it today, but the GPL code for it (with the binary blobs) isn't available yet. Personally, I would stick with the 5.100 driver for now, and wait for more user feedback on this fixed 5.110 driver before making the switch to it.

    BTW that changelog line was probably a mistake (copy/paste job from RT-AC66U). The actual changelog entry with build 1393 is:

     
  8. kthaddock

    kthaddock Network Guru Member

    Thanks missed that.....................:(
     
  9. kthaddock

    kthaddock Network Guru Member

    Now they seem to use new driver........ :rolleyes:
     
  10. RMerlin

    RMerlin Network Guru Member


    That build is a dud. It didn't resolve the issue.

    BTW, the intended fix didn't lie in the driver (unless they forgot to also update the driver) but in a wireless interface setting change that Asus did with 1393:

    Code:
    eval("wl", "-i", ifname, "ampdu_density", "6");          // resolve IOT with Intel STA for BRCM SDK 5.110.27.20012
    
    Unfortunately it still doesn't work, so we have to stick with the 5.100 driver for now until a working fix comes up.
     
    shibby20, Elfew and Monk E. Boy like this.
  11. shibby20

    shibby20 Network Guru Member

    [RELEASE] v111 is ready to download.

    Please read changelog first.
    Best Regards :)
     
    Cyberian75 and eahm like this.
  12. leandroong

    leandroong Addicted to LI Member

    Shibby20, Thanks again. Done updating without any problems.

    Tomato Firmware 1.28.0000 MIPSR1-111 K26 USB AIO
     
  13. PetervdM

    PetervdM Network Guru Member

    thx, installed and works fine on E4200. any chance we see a New Driver version one of these days?
     
  14. lefty

    lefty Networkin' Nut Member

    Thanks for new build shibby, 111 RT-N working fine on my E1550 and E2000. :)
     
  15. kthaddock

    kthaddock Network Guru Member

    @Shibby
    Is it possible to get 111-AIO with new driver? Thank you too new builds

    tomato-K26USB-1.28.RT-N5x-MIPSR2-111-ND-AIO

    Thank you
    kthaddock
     
  16. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Serious Server Member

    Using v111 on Belkin Play Max / N600 HD (F7D4301/F7D8301) v1.
    The connection LED (the only one) is acting bad, it's green when NOT connected and amber when connected! It always, even on official firmware was exactly inverse!
    It must be a change in the new v111.

    Also Atheros AR9285 sometimes doesn't see the router on any band at least v108 -v111, but sees any adjacent network, I updated the drivers for win7 and will get back to you in some time! The only fix is to restart the network card or remove the battery! restarting computer doesn't work.
     
  17. leandroong

    leandroong Addicted to LI Member

    Shibby20, possible to enhance wireless filter to have check boxes to limit among listed who have access on wireless router ?
     
  18. justinbeaird

    justinbeaird Serious Server Member

    .
     
    Last edited: Jun 10, 2015
  19. Cyberian75

    Cyberian75 Network Guru Member

    Thanks for the release. However, the power LED turns off when I enable Access Restrictions which has a bug related to ip6tables.

    RT-N66U 64k
     
  20. shibby20

    shibby20 Network Guru Member

    Cyberian75 - you are right. String module for ip6tables is missing. I will make this module and re-compile v111 once again.
    Best Regards.
     
  21. shibby20

    shibby20 Network Guru Member

    string module for ipv6 ready

    Before:
    With new module:
     
  22. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Serious Server Member

    So we have to wait vor 111 V2?
    Also shibby, VPN connection still gets intrerupted by saving settings in BT-Gui for example... If anyone could state otherwise please say, as I never erased NVRAM as there are A LOT of settings to reapply!
     
  23. kthaddock

    kthaddock Network Guru Member

    Well the first I should try is just to erase NVRAM before and after new program update, Just to make sure all NEW setings and OLD is on right place. Do NOT use old config file, reconfigure by hand or do a script to take care of that. (se my sign (resoring config)).
     
  24. Mihai Olimpiu-Cristian

    Mihai Olimpiu-Cristian Serious Server Member

    I'll do that just so I really know these "Bugs" are real!
     
  25. shibby20

    shibby20 Network Guru Member

    v111 has 2 bugs:
    1) IPv6 + access restriction = ip6tables error
    2) on K24 does not work dhcpc (WAN DHCP cannot get ip address)

    Well if you are using ipv6 or K24 with wan dhcp, please wait with upgrade. I will release v112 (bugfix) for few days.

    @Mihai - i have not any problems with openvpn GUI.
    Best Regards.
     
    theirongiant and Fredrik like this.
  26. shibby20

    shibby20 Network Guru Member

    both bugs are fixed. I`m starting compile of v112. For 2-3 days i will release new version.
     
    Elfew, ceckin, theirongiant and 4 others like this.
  27. leandroong

    leandroong Addicted to LI Member

    Shibby20, I think there is problem with using wired ethernet, losing connection with main router. I don't have this issue on FW110. Setting I made on this current FW, is changing local access from "HTTP & HTTPS" to "HTTPS"
     
  28. theirongiant

    theirongiant Serious Server Member

    If you just upgraded to v111, wait a few days and try v112.
     
  29. leandroong

    leandroong Addicted to LI Member

    It seems that my observation is wrong, my laptop is connected today 4 hrs with no ethernet disconnection from router.
     
  30. shibby20

    shibby20 Network Guru Member

    [RELEASE] v112 (bugfix) is now available

    Best Regards.
     
  31. occamsrazor

    occamsrazor Network Guru Member

    Thanks for your ongoing great work Shibby, especially getting 5Ghz working (at least at 40mhz) on the RT-AC66U - I think I'll be buying one shortly based on this.
     
  32. leandroong

    leandroong Addicted to LI Member

    Shibby20, thanks again.
     
  33. PGalati

    PGalati Network Guru Member

    Shibby 112 VPN on WRT54GL. WAN still unable to obtain IP address. Performed 30-30-30 and nvram reset from Config module. Still no luck.
     
  34. theirongiant

    theirongiant Serious Server Member

    Were you able to keep your existing settings during the upgrade?
     
  35. PGalati

    PGalati Network Guru Member

    I initially performed the upgrade in place and noticed that the WAN status was stuck on renewing. After a couple different things I decided to 30-30-30 reset the router which reverted everything to defaults. Still the WAN port says renewing and never obtains an IP address from the network.
     
  36. ceckin

    ceckin LI Guru Member

    btw can someone with WRT54GL confirm if the dnsmasq bug is fixed:

    Code:
    daemon.info dnsmasq[XXXX]: exiting on receipt of SIGTERM
    This are spawned on random forcing dnsmasq to restart and sometimes cause DNS timeouts
     
  37. shibby20

    shibby20 Network Guru Member

    K24 DHCP WAN problem confirmed :/ I will recompile K24 today. For now K24 was removed from server.
     
    ceckin likes this.
  38. kthaddock

    kthaddock Network Guru Member

    @Shibby
    Thank you for new builds :D , is it possible to have 112-newdriver-builds ?

    kthaddock
     
  39. shibby20

    shibby20 Network Guru Member

    it`s compiling at the moment. Should finish today.
     
  40. kthaddock

    kthaddock Network Guru Member

    THANK YOU !!! :D
     
  41. shibby20

    shibby20 Network Guru Member

    Done. Please download new firmware and re-flash yuor router.
    Best Regards.
     
    gschnasl likes this.
  42. leandroong

    leandroong Addicted to LI Member

    Shibby20, there is GUI https access error !!! Router is still running with internet but cannot access. Pls. view attached capture image.

    Note: I set main router GUI access using https only.
    FW: 112 k26usb-mipsr1-aio

    Remedy:
    1. close browser and open, no access
    2. reset notebook, no access
    3. reset router is the only solution.

    This problem is not immediately observed, it takes sometime before access failure show up. Will temporary set local access to "http and https" to avoid access issue error.
     

    Attached Files:

  43. shibby20

    shibby20 Network Guru Member

    I checked:
    - Tomato 112 K24 USB VPN on WL500GP v1
    - Tomato 112 K26 USB R1 Big-VPN on WL500GP v1
    - Tomato 112 K26 USB R2 AIO on RT-N16
    - Tomato 112 K26RT-N USB R2 AIO 64k on RT-N66U

    On all 4 https works correct.
     
  44. ceckin

    ceckin LI Guru Member

    shibby, I've just tried 112 on my WRT54GL, even after NVRAM erase the DHCP bug is still present, i can't get an ip. I've looked through the logs and there's nothing to indicate a problem.
     
  45. shibby20

    shibby20 Network Guru Member

    when did you download image? Yesterday at 10:30 AM i was push re-compiled K24 images. Please re-download and re-flash your router once again.
     
  46. Elfew

    Elfew Addicted to LI Member

    Shibby20 - this problem with HTTPS access was fixed by Victek some time ago... I reported it to Victek and he fixed this... I had same problem in your build (108 I think) - you have to manualy write https:// before the IP adress or specific port for working GUI
     
  47. leandroong

    leandroong Addicted to LI Member

    Shibby20, will try to observe what triggers on https access failure. Definitely, no issue with lan access using "HTTP & HTTPS", only with HTTPS.
    Note: I started using lan access of HTTPS on FW 110.
     
  48. PetervdM

    PetervdM Network Guru Member

    shibby, kthaddock and i requested a 112 ND version before, would that be possible please?
    with non-nd versions i experience an occasional lockup of the 5GHz radio, i still have connection but no traffic. there is nothing i can do to remediate, except rebooting my E4200.
    it dit not occur with previous ND versions, but i am afraid i tested not long enough to be completely sure.
    my laptop has a broadcom based abgn wlan card.

    TIA
     
  49. ghoffman

    ghoffman Addicted to LI Member

    just upgraded a e4200v1 to shibby E4200-k26usbnvram60k-nocat-vpn-r112, and i've got more problems with intermittent disconnect/reconnect. see this from the logs, which shows recurretn dhcp activity during any active session. thank can't be right.
    any ideas? thanks


    Aug 2 12:00:56 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:00:56 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:08:56 pc1 daemon.info dnsmasq-dhcp[582]: DHCPREQUEST(br0) 192.168.1.110 7c:11:be:6b:b4:5a

    Aug 2 12:08:56 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.110 7c:11:be:6b:b4:5a nrh-iphone4

    Aug 2 12:09:32 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:09:32 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:10:52 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:10:52 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:12:51 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:12:51 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:21:01 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:21:01 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:22:53 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:22:53 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:25:24 pc1 daemon.info dnsmasq-dhcp[582]: DHCPREQUEST(br0) 192.168.1.110 7c:11:be:6b:b4:5a

    Aug 2 12:25:24 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.110 7c:11:be:6b:b4:5a nrh-iphone4

    Aug 2 12:31:04 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:31:04 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:32:56 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:32:56 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:39:34 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

    Aug 2 12:39:34 pc1 daemon.info dnsmasq-dhcp[582]: DHCPACK(br0) 192.168.1.185 00:1a:a0:e2:69:19 pc-main

    Aug 2 12:40:54 pc1 daemon.info dnsmasq-dhcp[582]: DHCPINFORM(br0) 192.168.1.185 00:1a:a0:e2:69:19

     
  50. PGalati

    PGalati Network Guru Member

    Installed the rereleased 112VPN K24 on a WRT54GL on top of 110 and for me the WAN DHCP is working properly once again. Running time is maybe 30 minutes, so far so good. Will report back if any issues surface.

    Thanks Shibby.
     
  51. kthaddock

    kthaddock Network Guru Member

    http://www.linksysinfo.org/index.php?threads/get-rid-if-dhcp-inform.68792/
     
  52. ghoffman

    ghoffman Addicted to LI Member

    @kthaddock:
    thnak you for hte dhcp-quiet syggestion. the logs are very quiert, but the disconnects continue. is it normal to attempt reconnection every 30-90 seconds?
     
  53. kthaddock

    kthaddock Network Guru Member

    Well I didn't suggested "dhcp-quiet" that is a bad solution. If you have read whole tree then you have noticed this option:
    Good luck
    kthaddock
     
  54. leandroong

    leandroong Addicted to LI Member

    Shibby20, it seems that my https access intermittent issue not related to FW bug. I think this is due to loose connection on my usb harddisk attached. After that, no more lan access of https error.
     
  55. kthaddock

    kthaddock Network Guru Member

    Is't any plan to relese it soon ?
    Thank you
    kthaddock
     
  56. Cynsick

    Cynsick Addicted to LI Member

    :( So I have your "older" 112 installed, what is different on the "newer" 112? If I flash to it, I presume I do NVRAM erase, even though just going from old 112 to new 112? Should I move to the "newer" 112?
     
  57. Vindicator

    Vindicator LI Guru Member

    @Shibby

    First of all, thanks for you hard work updating and keeping tomato what it is :)

    Now, the problem, I just flashed v112 AIO 64k on my RT-N66U that was previously still running v108 (AIO 64k).

    With this new version I noticed that whenever I create an access restriction rule that blocks all network traffic except for a few whitelisted MAC addresses, the router ceases to update its date and time through ntp.

    When checking the iptables configuration I saw that the culprit was the following line added to the input chain (/tmp/etc/iptables):
    Code:
    -I INPUT 1 -p udp --dport 53 -j restrict
    This line gets inserted before all other rules in the input chain, blocking all DNS traffic originated by the router itself (through the loopback interface). As a consequence, the NTP service can't resolve its ntp pool FQDN, leaving the router time and date unsynchronized. Probably, any other internal service that needs to resolve an DNS FQDN will have the same problem.

    As a workaround I added a firewall-script to modify this line, restricting it to the br0 interface (LAN):
    Code:
    (...) -i br0 -p udp --dport 53 -j restrict
    Another possible workaround would be to place this line after the one that accepts all loopback traffic.

    Version 108 was OK, but as I skipped a few versions and just flashed v112, I don't know in which version this new iptables line appeared.

    Thanks!

    Update: This line was added on commit 757b8de78297a5e31bcd3a10175b14a4691340c6:

    Code:
    diff --git a/release/src/router/rc/restrict.c b/release/src/router/rc/restrict.c
    index 21d00a0..1534955 100644 (file)
    --- a/release/src/router/rc/restrict.c
    +++ b/release/src/router/rc/restrict.c
    @@ -280,41 +280,15 @@ void ipt_restrictions(void)
                                                      wanfaces.iface[n].name);
                                    }
                            }
    -              }
    +              // Only mess with DNS requests that are coming in on INPUT
    +              ip46t_write("-I INPUT 1 -p udp --dport 53 -j restrict\n");
    +      }
    Edit: Fixed typo
     
  58. shibby20

    shibby20 Network Guru Member

    already available in K26RT-N -> testing directory :)

    old 112 to new 112 has only one diffence: added missing udhcpc :) udhcpc is a DHCP client used in WAN DHCP mode. Well you have to upgrade firmware to "new" v112 :)
     
  59. kthaddock

    kthaddock Network Guru Member

    Thank you !!! :D

    kthaddock
     
  60. shibby20

    shibby20 Network Guru Member

    I want to know, is NEWDRIVER better than regular K26RT-N?
    Is anyone here with wireless problem using NEWDRIVER?
     
  61. kthaddock

    kthaddock Network Guru Member

    Hold your horses :D I gone testing soon, now I'm curious new ND's ?
    Coming back when I have tested.

    kthaddock
     
  62. Elfew

    Elfew Addicted to LI Member

    ND has problems with intel cards... Maybe better performance but with this issue it is useles
     
  63. GhaladReam

    GhaladReam Network Guru Member

    Shibby,

    I was using your NEWDRIVER version until recently, I switched back to the old driver because my XBOX360 was trying to connect at 5Ghz (802.11a) every time, and it could never connect. Switched back to your old driver and problems are gone.
     
  64. crandy2

    crandy2 LI Guru Member

    I tried to use a ND version with a RT-N16 , and it wasn't stable. Never could get WDS to work, and the router kept crashing. I guess it was because my slave router was a RT-N12, and there wasn't an ND version for that. I did clear nvram.

    I went back to the regular drivers (both on 110) and all is well now.
     
  65. kthaddock

    kthaddock Network Guru Member

    Well guy's Shibby probably mean if you have tried 112-NEWDRIVER not some old 109, 110 one.
    maby some tuning in 112-ND one. :rolleyes:
     
  66. shibby20

    shibby20 Network Guru Member

    no tuning there :) I wanted know is NEWDRIVER stable because i wanted pusha new driver to regular builds in next version. Because i see there are problems with newdriver well ok, i will not do this :) Thats all.

    @Elfew - true, on asus firmware but no one confirm this problem on tomato :)
     
  67. kthaddock

    kthaddock Network Guru Member

    I have used newdriver from version 109 and never have any problem but I have only my RT-N16 2,4Ghz to test with. What I know problem is on 5Ghz band and some Intel wifi cards. I can not test that. On my tested router, RT-N16 there is big difference in speed.
     
  68. Elfew

    Elfew Addicted to LI Member

    @shibby20 - no problems in Tomato?! And what about the posts before yours? ;)
     
  69. shibby20

    shibby20 Network Guru Member

    @Elfew - i mean problems with intel cards :) No one confirm this problem in Tomato. I have Intel 5100 in my netbook i 5GHz 40Mhz band works correct and without any problems with tomato-newdriver.
     
  70. Aaron

    Aaron Networkin' Nut Member

    I just flashed E4200-112-ND over E4200-110-ND, but the about page says Wireless Driver 5.100.138.20, is this correct? I remember the version number being different.
     
  71. shibby20

    shibby20 Network Guru Member

    my fault. Driver is new (run "wl ver" over ssh andyou will see). Only in about page is wrong.
     
  72. Aaron

    Aaron Networkin' Nut Member

    Thanks!

    root@E4200:/tmp/home/root# wl ver
    5.100 RC138.20
    wl0: Jan 23 2013 14:32:57 version 5.110.27.20012
     
  73. Mangix

    Mangix Networkin' Nut Member

    I say push the new driver. The performance improvements are worth it.
     
  74. RMerlin

    RMerlin Network Guru Member


    The performance improvement of some versus the complete inability to connect for others? Bad call.

    Even Asus is still updating their old 2xx code branch until the time they can actually fix it, and resume pushing updates from the 3xx branch.
     
  75. digiblur

    digiblur Networkin' Nut Member

    Same here, I had to go back to the regular driver due to XBox360 issues and one laptop kept disconnecting as well.
     
  76. attaw

    attaw Reformed Router Member

  77. jerrm

    jerrm Network Guru Member

    Shibby ---

    Any chance we can get OpenSSL version and s_client back for VPN, or at least AIO builds?

    On a VPN build it impacts the image size by about 30K to add these two back.
     
  78. shibby20

    shibby20 Network Guru Member

    @jerrm - it`s difficurt to make :/ If i will find a "friendly" solution i will do this.
     
  79. leandroong

    leandroong Addicted to LI Member

    Shibby20, how can I make default telnet directory to "/tmp" instead of "/tmp/home/root" ? Curious, if it can be done
     
  80. lancethepants

    lancethepants Network Guru Member

    You could put the following in the Firewall or Wanup.
    Code:
    sed -i 's,\/root,\/tmp,g' /etc/passwd
    
    This seems to mess up public/private keys if you use that.
    I tried setting up a sym link using the following, but that didn't work. Maybe not an issue for you if you're not using public/private keys
    Code:
    ln -s /tmp/home/root/.ssh/ /tmp/.ssh
    
     
  81. leandroong

    leandroong Addicted to LI Member

     
  82. koitsu

    koitsu Network Guru Member

    The proper command (and I have verified it works) should be:

    Code:
    /bin/sed -i 's,/root,/tmp' /etc/passwd
    
    This should be used from Init, not Firewall or WAN Up -- this is something you want run only once per reboot, not when the firewall layer is reloaded (happens during some Save operations) or when the WAN interface goes down and comes back up.

    Also, you do not want the /g modifier on that sed command -- you only want to change user root's home directory from /root to /tmp, and thus you only want to do the replacement once because the root user should be the first line in the file. Do not assume that people haven't tinkered with passwd in other ways -- I have seen many people on this forum doing such.
     
  83. leandroong

    leandroong Addicted to LI Member

    root@BTRouter2:/tmp/home/root# /bin/sed -i 's,/root,/tmp' /etc/passwd
    sed: unmatched ','
     
  84. leandroong

    leandroong Addicted to LI Member

    Sorry, I didnt reboot the router. I tested it using putty.
     
  85. lancethepants

    lancethepants Network Guru Member

    Running the script from Init may or may not work. I understand this is something that you only want to run once, but in tomato it needs to happen later in boot. Depending on what services you've got running, the /etc/shadow and /etc/passwd files can be recreated several times because of different services starting up. It's certainly something that wouldn't hurt to run more than once anyway. If nothing matches, than nothing will be changed.
     
  86. lancethepants

    lancethepants Network Guru Member

    Getting the same thing here too.

    edit: Mine however is working for me. I log in and and I am automatically in /tmp.
     
  87. ntest7

    ntest7 Network Guru Member

    Looks as if the trailing comma got dropped when you pasted this. I'm sure what you meant was:

    Code:
    /bin/sed -i 's,/root,/tmp,' /etc/passwd
    regards...
     
    koitsu likes this.
  88. leandroong

    leandroong Addicted to LI Member

    I placed it on script->wanup, reboot router, this is what I get, still error
    Code:
    Tomato v1.28.0000 MIPSR1-112 K26 USB AIO
    root@BTRouter2:~# cat /etc/passwd
    root:x:0:0:root:/tmp:/bin/sh
    nas:x:100:100:nas:/dev/null:/dev/null
    nobody:x:65534:65534:nobody:/dev/null:/dev/null
    root@BTRouter2:~#
     
    
     
  89. koitsu

    koitsu Network Guru Member

    Yep sorry about that -- wasn't a copy-paste error. (I generally do not copy-paste things (really!), so any typos I make are manual mistakes while posting on the forum.)
     
  90. koitsu

    koitsu Network Guru Member

    Looks like it works to me. Look very closely at these two lines. Before the sed:

    Code:
    root:x:0:0:root:/root:/bin/sh
    
    After the sed:

    Code:
    root:x:0:0:root:/tmp:/bin/sh
    
    Edit: and verified:

    Window #1:
    Code:
    root@gw:/tmp# sed -i 's,/root,/tmp,' /etc/passwd
    root@gw:~#
    
    (Note the prompt changed)

    Window #2 (new telnet session):
    Code:
    $ telnet gw
    Trying 192.168.1.1...
    Connected to gw.home.lan.
    Escape character is '^]'.
    gw login: root
    Password:
    
    
    Tomato v1.28.0502 MIPSR2Toastman-RT-N K26 USB Ext
    root@gw:~# pwd
    /tmp
    
     
  91. leandroong

    leandroong Addicted to LI Member

    Thanks for a lot. Only disadvantage, I need to enter router password everytime using putty
     
  92. lancethepants

    lancethepants Network Guru Member

    Yeah, I'm not sure why this isn't working with public/private keys. I do nearly the same thing, but I have my home directory set to /opt using OpenSSH. Probably a dropbear specific issue.

    Here's a link to a tutorial of setting up OpenSSH. This was to setup Google Two-Factor Authentication, but you could just skip that portion of the tutorial.
    This is using my own compiled version of OpenSSH, for which I needed Pam. Not sure if Entware's OpenSSH has Pam support, but you don't need it for a simple public/private key setup. You could just then install Entware's OpenSSH then if you wanted, and take a look at my configs for an example. If you go that route, just change 'UsePam no'. Then try sym linking /tmp/.ssh to /root/.ssh in an Init script to get your keys setup, since /tmp will die every reboot.

    I wouldn't disable Tomato's SSH server to run this, just for reliability issues. You can run them side by side on different ports. If it's just for convenience, perhaps a viable option.

    http://linksysinfo.org/index.php?threads/google-two-factor-authentication-on-tomato.68831/

    edit :It's the symbolic linking it doesn't like, will do more research and will report.
     
  93. lancethepants

    lancethepants Network Guru Member

    There is just something about /tmp that will not work.
    You can change it to /opt and it works. I even mounted it to /tmp/blah just fine with public/private keys.

    I tried both making copies of .ssh, and symlinking in their respective home directories to /root/.ssh. All situation and locations work but /tmp. Maybe something to do with the way mounting work with ram.

    Just curious, why do you want to auto mount /tmp?

    edit: FYI both openssh and dropbear fail to use public/priv keys with /tmp as home directory. Also, Dropbear will follow symlinks, OpenSSH will not, though nothing works as far as I can see in /tmp.
     
  94. leandroong

    leandroong Addicted to LI Member

    Code:
    Just curious, why do you want to auto mount /tmp?
    I thought "/tmp/home/root#" is write protected. Since, I managed to write test file here, will just use this as working folder for compiled transmission optware transmission. Thanks again
     
  95. attaw

    attaw Reformed Router Member

    never mind :D
     
    Last edited: Aug 10, 2013
  96. attaw

    attaw Reformed Router Member

    Hi Shibby
    may I request?
    pls build BT-Nocat version for Catchtech CW-5358U?
    i didn't use VPN...
    thanks
     
  97. chchia

    chchia LI Guru Member

    Dear Shibby, first of all thank you for your hard effort to provide such nice tomato firmware, the best i used so far.

    but there is some bug with iptables and built in PPTP VPN, kindly refer to following post:
    http : / / tomatousb.org / forum / t-649104
    what bluefox find out is true and it is affecting your version of tomato too.

    i have to add following code in the WAN-UP so that the VPN can work.

    Code:
    #!/bin/sh
    sleep 30
    iptables -D INPUT -p tcp --dport 1723 -j ACCEPT
    iptables -D INPUT -p 47 -j ACCEPT
    sleep 40
    iptables -I INPUT -p tcp --dport 1723 -j ACCEPT
    iptables -I INPUT -p 47 -j ACCEPT
    is there anyway to fix this in your next version of firmware?

    thank you.
     
  98. konax

    konax Reformed Router Member

    Hi! excellent firmware, the best i've tested

    I have a little issue. When DMZ is enabled the remote access not working.The check button Leave Remote Access (Redirect remote access ports for SSH and HTTP(s) to router) is marked but the remote access continues not working
    When DMZ is disabled the remote access works like a charm.
    Any Idea?? thanks! :D
     
  99. shibby20

    shibby20 Network Guru Member

    should works. I will check it. Thank for info.
     
  100. callous

    callous Network Guru Member

    How do I tftp flash shibby's firmware onto the router? Everytime I use tftp command the router refuses to take the firmware
     

Share This Page