Tomato Toastman's Releases

Discussion in 'Tomato Firmware' started by Toastman, Dec 18, 2011.

  1. biatche

    biatche Network Guru Member

    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    1.00 KB    0.00 KB    1.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    1.00 KB    0.00 KB    1.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    10,765,162.00 KB    686,799.00 KB    11,451,961.00 KB
    2013-06-02    168,736.00 KB    802,398.00 KB    971,134.00 KB
    2013-06-02    3,376.00 KB    4,023.00 KB    7,399.00 KB
    2013-06-02    0.00 KB    0.00 KB    0.00 KB
    2013-06-02    8,418.00 KB    526.00 KB    8,944.00 KB
    Total    (26 hosts)    10,945,694.00 KB    1,493,746.00 KB    12,439,440.00 KB
    7503.7 or something (latest ver)... and i've reset the data file many times. (stored on CIFS)

    It's been on for days...... WAN bandwidth is empty...


    IPTRAFFIC bandwidth is as above... theres data for just the current day.

    What's wrong?
  2. LanceMoreland

    LanceMoreland Network Guru Member


    Could I trouble you to make ver. 502.1 available again. I will download it and save it for future use. Ver. 502.1 has some important fixes to me and I am reluctant to try the beta versions without having ver. 502.1 to go back to. You might recall that ver 502.1 has all of the IPv6 fixes for Comcast and none of the other versions have worked since and the previous versions did not work without WAN Up scripts.. Thank you.
  3. mscrivo

    mscrivo Reformed Router Member

  4. bagu

    bagu Network Guru Member

    A small question...

    I have br0 -> vlan1 and br1 -> vlan3.
    On my vlan1, i have a web server.
    But when i try to browse websites wich are on vlan1, i have no access.

    When i ping the website, i get my external ip.

    So, there is no loopback allowed if vlans are separated ?

    Is there a solution to keep vlan1 and vlan3 separated, but to allow web browsing (and ftp, and smtp/ fact, every services wich want to connect my router from outside) using loopback ?
  5. xcysm

    xcysm Reformed Router Member

    The missing OpenSSL bug that I discovered and posted about on April 27/28, 2013 here was fixed in the betas shortly after. However, the bug has returned in Tomato Firmware v1.28.7502 MIPSR2Toastman-RT K26 Mini (Asus RT-N12)

    root@unknown:/tmp/home/root# openssl
    openssl: can't load library ''
    root@unknown:/tmp/home/root# ldd openssl
   => not found
   => /usr/lib/ (0x2aabf000)
   => /lib/ (0x2abac000)
   => /lib/ (0x2abbf000)
   => /lib/ (0x2abde000)
   => /lib/ (0x2aaa8000)
    No more local or remote administration via HTTPS :mad:
  6. Phoenix54c

    Phoenix54c Networkin' Nut Member

    Hello everyone and especially you Toastman,

    I am receiving an ASUS RT-N66U on Monday, but am unclear which firmware version to flash it with. I am assuming I need a K26, R2 build in the RT-N folder, but it looks like some files do not specify the NVRAM amount.

    Moreover, it seems like there is some ambiguity about how much NVRAM these routers ship with (, see bottom). I obviously dont' want to brick mine and that post has me quite frightened :)

    Can you advise me on which I should flash the router with or tell me how I can find out myself? Thanks!
  7. Lorenceo

    Lorenceo Networkin' Nut Member

    Have just flashed tomato-K26USB-1.28.7502.8MIPSR2Toastman-RT-VLAN-VPN-NOCAT. IPv6 connectivity via DHCP with PD does not work at all. The router obtains its v6 address, but cannot ping any v6 hosts. There are no router advertisements being sent out from the router to the LAN. This is after erasing the NVRAM. Back to 7501.3 :x
  8. bagu

    bagu Network Guru Member

    I use 1.28.0502 MIPSR2Toastman-RT-N K26 USB VLAN-Ext 64K for mine.
    Faraway64d likes this.
  9. Faraway64d

    Faraway64d Networkin' Nut Member

    Thanks guys,

    I appreciate it! I will try the .0502 64k build.

    After a little more research, I founds some information that I hope helps others with this router. It looks like all versions of this router may have shipped with 64K, but it looks like there may have been a firmware problem that caused the router to report less. My information is gotten from here and here, which in turn was gotten from ASUS direct

    So excited about this router. My faithful e3000's radios seem to be dying after an overzealous Tx power tweak. Poor little guy... :(

    On a separate note to xcysm, whose issue I did not want to overtalk...

    Yes, I just tried to install a script on tomatousb that pulls files from a secure website, and I too got the openssl error. This is on this build on my e3000:

  10. pharma

    pharma Network Guru Member

    Congrats on your new RT-N66U!
    I currently use Toastman's "tomato-K26USB-NVRAM64K-1.28.0502.7MIPSR2Toastman-RT-N-VPN.trx" on my RT-N66U. I don't have any current need for VLAN, but I believe this contains everything except NOCAT for the non-VLAN firmware versions.
  11. Toastman

    Toastman Super Moderator Staff Member Member

    June 9 2013 - 1.28.7502.8 and variants

    • manual 6RD gui - fix for typo tomato.c ipv6_6rd_prefix_length, some other small changes
    • cookies expire much less frequently
    • Implement quiet-dhcp, quiet-dhcpv6, quiet-ra options & GUI
    • fix escaping of ` in nvram --set mode
    • Future proof ipt_account.c for newer kernels (thanks rmerlin)
    • include iptables-save & ip6tables-save in router image
    • DHCPv6-PD listen to WAN RA as per RFC 3633. Otherwise no default route set
    • Allow WAN RA to be disabled in DHCPv6-PD case
    (After talking to a UK ISP it isn't necesarily the case that
    DHCPv6-PD ISPs will also do RA)
    • update to dnsmasq 2.67cs7
    • Don't enable IPv6 on eth0, eth1, vlan1 - IPv6 will live on the bridged instances
    (So 'all' is disabled but default has ipv6 enable so *new* interfaces will get
    IPv6 - This simplifies the routing table)
    • quiet-dhcp,dhcp6,ra options now use single nvram var dnsmasq_q
    • more cstats fixes - don't treat empty file as failure
    • jffs2: Ensure we do write back the cleared flag - thanks to RMerlin
    Thanks Kevin Darbyshire-Bryant for the work he is doing, and thanks also to everyone for the feedback!

    Monk E. Boy, Elfew and eahm like this.
  12. pharma

    pharma Network Guru Member

    Flashed Tomato-K26USB-NVRAM64K-1.28.0502.8MIPSR2Toastman-RT-N-VPN ... the problem I had with CIFS Client in 1.28.7502.7 is fixed. Everything seems to be running well and no issues to report. :)

  13. pharma

    pharma Network Guru Member

    Flashed the "0502.8 Standard" version of Tomato. Should the following "vlan" messages appear in the logs? I have IPv6 disabled.

    Jun  9 06:05:58 BBS kernel: br0: port 3(eth2) entering disabled state
    Jun  9 06:05:58 BBS kernel: br0: port 2(eth1) entering disabled state
    Jun  9 06:05:58 BBS kernel: br0: port 1(vlan1) entering disabled state
    Jun  9 06:05:58 BBS kernel: vlan1: dev_set_promiscuity(master, 1)
    Jun  9 06:05:58 BBS kernel: vlan1: dev_set_allmulti(master, 1)
    Jun  9 06:05:58 BBS user.debug kernel: vlan1: del 01:00:5e:00:00:01 mcast address from vlan interface
    Jun  9 06:05:58 BBS user.debug kernel: vlan1: del 01:00:5e:00:00:01 mcast address from master interface
    Jun  9 06:05:58 BBS user.debug kernel: vlan1: del 33:33:00:00:00:01 mcast address from vlan interface
    Jun  9 06:05:58 BBS user.debug kernel: vlan1: del 33:33:00:00:00:01 mcast address from master interface
    Edit: Aside from the "vlan messages" log question, everything seems to be working fine after 24 hours.

    Thank you,
  14. LanceMoreland

    LanceMoreland Network Guru Member

    Anyone know if this version is working with Comcast's IPv6 prefix delegation? None of the others since 502.1 have.

    Edit: Well I just tried it and I am happy to report that this latest version works fine with Comcast's IPv6 prefix delegation.

    Question: Should I have Accept RA from WAN or LAN or both checked? Currently I have WAN checked but my devices are not receiving a stateful address. Not sure if it is related. Everything is receiving stateless addresses.
  15. leshan

    leshan Network Guru Member

    same here, thank you Toastman.
  16. mailliw

    mailliw Reformed Router Member

    Has anyone managed to get 7502.8 working on an Asus RT-N66U? I've tried several, without luck; it just sits there with the power light on, unresponsive to ping. I put it into recovery mode and successfully flashed an earlier version, so it's still alive...but doesn't like .8. I notice there aren't any 64k compiles - might that be why?

    If anyone's willing to test it on the N66U I'd be grateful.


  17. bagu

    bagu Network Guru Member

  18. mailliw

    mailliw Reformed Router Member

    Thanks, but isn't that 0502.8?
  19. Monk E. Boy

    Monk E. Boy Network Guru Member

    Have you tried putting it into recovery mode and then erased NVRAM from the recovery website (

    It may boot/reboot a couple times after you erase but that seems to be normal behavior.
  20. mailliw

    mailliw Reformed Router Member

    Pretty sure I have, yeah. Problem is, I can't get to the recovery page after the .trx is updated.

    Ho hum. It's beta, after all :) Toastman, shout if you need me to test anything for you
  21. Monk E. Boy

    Monk E. Boy Network Guru Member

    You have to manually assign an IP address to your NIC ( to get to the site. I assume you were using the recovery utility to recover the firmware? That will work with a self-assigned address, but the website won't.

    The recovery website lives in the CFE, it's highly unlikely that any firmware (which the CFE is responsible for loading) will affect it.
  22. mailliw

    mailliw Reformed Router Member

    I've been flashing from the recovery site in the CFE; there's no recovery utility for OS X. So, IPs are fine. An older 0502 version flashes absolutely fine, but 7502.8 does not (either from Tomato's "upgrade" in the gui, or the CFE site). Have you got 7502.8 working on this router, Monk?
  23. bagu

    bagu Network Guru Member

    Yes, because you must use RT-N branch for your RT-N66U
    So 1.28.0502.8 is the 1.28.7502.8 for RT-N66U.

    If i'm wrong, say me, but these informations come for docs on 4shared ;)
  24. mailliw

    mailliw Reformed Router Member

    Bagu. So, I'm an idiot. 0502.8 is the same as 7502.8? 4shared is truly horrendously laid out! Thanks for correcting me.
  25. Monk E. Boy

    Monk E. Boy Network Guru Member

    Oh crud, I missed that . Yup, you have to use RT-N builds (0xxx) not RT builds (7xxx) on a RT-N66.

    The RT-N16 can use both (I guess I thought you were using one), but the N66 can only use RT-N.
  26. gs44

    gs44 Addicted to LI Member

    Hi Toastman!!

    Version xxxx.8 seems to be ok with HE tunnel Ipv6.. So nothing broke there
  27. Magister

    Magister LI Guru Member

    Hi Toastman, I am using the original Tomato version on my Linksys WRT160N (previous version of E1000) and I need a Mini version with VPN, however all the version I tried from you are "standard VPN" and it always says the file is too big for the MTD.

    Is it possible to compile a K2.6 RT "VS" build for next release and put it in the 4shared folder?

    Great works you did BTW, my Tomato is years old and I would like the latest bug fix and all :)
  28. ordi_

    ordi_ Reformed Router Member

    Hey, I'm a newbie with this tomato firmware and have a question that hopefully can be answered easily.

    I'm looking at getting MLPPP for internet, found out I need a router that will support tomato or DD-WRT. I have a Linksys E1200 that I was able to finally install Tomato Firmware v1.28.0501 MIPSR2Toastman-RT-N K26 Mini. my question is will this version support 2 line mlppp? It does show a check box for single line mlppp in the basic / WAN - internet under PPPoE, but nothing for multi line.

    if so how do I determine that? where can I finf more info on this firmware


  29. Toastman

    Toastman Super Moderator Staff Member Member

    There is a version of Tomato that will do what you require, search the forum or google for Tomato MLPP.
  30. bagu

    bagu Network Guru Member


    Since i use tomato vlan1.28.0502.8, smb shares which are on the router can only be accessed by vlan1 (br0)
    vlan3 (br1) can ping, but can't access smb shares.

    No problem with 1.28.0502.7
  31. ordi_

    ordi_ Reformed Router Member


    First, thanks for such a quick response. I have been looking in forums and google for the last 4 days, with no luck. I can find lots on the WRT54xx variations, but they don't work on the Linksys E1200. if there is a specific place you can direct me, I would really appreciated.

    Thanks in advance,
  32. Toastman

    Toastman Super Moderator Staff Member Member

    Probably not then, unless you can persuade the developers to update it. We all have single line MLPP only.
  33. ordi_

    ordi_ Reformed Router Member

    Is this difficult to do? what do i need to compile the .bin file and get the source. i take it SSH and HTTPS are not required on the router itself, as the computers will do that part. the other thing I need to consider, is that my wife NEEDS VPN to connect to her work. I suspect that the .BIN file would again be too big.
  34. Mangix

    Mangix Networkin' Nut Member

    no it is not easy.

    OpenVPN or PPTP on the firmware would indeed be quite big. You'd probably want to use dd-wrt if you need the router to be a PPTP client.
  35. Malitiacurt

    Malitiacurt Networkin' Nut Member

    Is a router really needed for a laptop to connect to a work vpn?

    Usually when you connect to corporate VPN servers for work, you only need your laptop and maybe a desktop. Not your other miscellaneous mobile devices like smartphones and tablets. So just install the vpn clients individually on each computer.
  36. motocrossmann

    motocrossmann Network Guru Member

    Anyone know if the new Toastman builds support "Peer Name Resolution Protocol" (PNRP)? I've been googling away and can't seem to figure it out. I don't see it in my settings anywhere. The protocol is used by MS Easy Connect to get remote assistance sessions going. Right now Easy Connect is failing for me reporting an error with my router or network. It looks like DDWRT supports it, but even that answer is spotty.
  37. shredhead

    shredhead Addicted to LI Member

    I just updated today to tomato-K26USB-1.28.7502.1MIPSR2Toastman-RT-VLAN-Ext and following the upgrade the web gui will not come up.

    I'm stumped... "nvram find http" tells me http is enabled. I've restarted httpd a few times, rebooted a few times, not sure what to do next. The internet access is working including wireless, the web page for Transmission comes up fine, I can SSH fine, just no web gui for Tomato itself (I tried https too which is turned on, and also my dyndns from an ipad not on my wifi).

    Any tips? I think this happened last time but it was a while ago and I don't remember how I fixed it.
  38. darkfader

    darkfader Reformed Router Member

    Had the same problem. I noticed that the router advertisement checkbox has gone. I had it disabled. Going back temporarily to enable it seem to have worked. Perhaps some nvram command will enable it too.
  39. Morac

    Morac Network Guru Member

    I upgraded to 1.28.7502.8 today and enabled DHCPv6, which seems to be working, but at some point the following appeared in my logs:

    user.warn kernel: printk: 11 messages suppressed
    user.warn kernel: Neighbor table overflow.

    The second line repeated 9 times followed by 17 suppressed messages and another neighbor table overflow message, for a total of about 30 overflow messages.

    Is it bad that the Neighbor table is overflowing?
  40. LanceMoreland

    LanceMoreland Network Guru Member

    Here is a script that Koitsu wrote for me that will eliminate the Neighbor table overflow errors. Just add it to the init script section of tomato:

    # Increase ARP cache sizes and GC thresholds; may alleviate "Neighbour table
    # overflow" warnings that some users are seeing. Do this for both IPv4 and
    # IPv6.
    echo 256 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
    echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
    echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
    echo 256 > /proc/sys/net/ipv6/neigh/default/gc_thresh1
    echo 1024 > /proc/sys/net/ipv6/neigh/default/gc_thresh2
    echo 2048 > /proc/sys/net/ipv6/neigh/default/gc_thresh3
    Morac, Monk E. Boy and koitsu like this.
  41. Morac

    Morac Network Guru Member

    Thanks, I'll try that. If it works, maybe it should be incorporated in the firmware.
  42. tvcat

    tvcat Networkin' Nut Member

    Hi, will this firmware support vlan vid 500 & 600 in the future? thanks.
    im using Asus RT-N12C1.
  43. RixNox

    RixNox Serious Server Member

    Running my RT-N16 with Tomato Firmware v1.28.7501 MIPSR2Toastman-RT K26 USB VPN.
    Is it possible to flash the latest version retaining previous settings?
  44. darksky

    darksky Addicted to LI Member

    Running what release? 1.28.7501.1? And you want to go to what release? 1.28.7501.8? I have done this before without a memory clear. I recommend that you use some screencapture util to record while going through all of the important tabs in the router's web gui. You can then save a single text file containing any scripts, passwords, ssids, etc. etc. you don't want to type again. Then flash to the new version. If you end up needed to clear the settings, you can refer to the video + text file to do so.

    See the following for screencapture on linux. No idea about windows.
  45. RixNox

    RixNox Serious Server Member

    Nonsense to perform a minor upgrade?
  46. darksky

    darksky Addicted to LI Member

    No, read toastman's change log. Lots of shit has changed from .1 to .8.
  47. RixNox

    RixNox Serious Server Member

    Ok I'll cap all the important screens.
  48. Monk E. Boy

    Monk E. Boy Network Guru Member

    Actually he'd be jumping from 7501.1 to 7502.8 so it would represent a major jump.

    Even so I always long erase NVRAM even when making minor jumps in firmware. Just create a text file that lists all the changes you've made to settings on each page. It only takes 20 minutes or so right out of the gate, assuming you make judicious use of copy & paste. Separate sections and subsections and settings using tab indenting, which Notepad++ (or TextWrangler on OSX) makes easy. Not so easy to show in the forum, but easy to put into a real text editor (Notepad/TextEdit won't honor tab intending, starting each line over at character 0, which is why they're a pain in the *** to work with).
  49. RixNox

    RixNox Serious Server Member

    Basically I feel pretty good with current release, I would only make the switch if any leak in the firmware is found (security breach)
  50. Python46

    Python46 Networkin' Nut Member

    Toastman, have you made a version of your firmware yet that takes into account the flash chip changes in the new RT-N66U's? I have a new RT-N66U coming and I would like the option of using your builds.
    TIA :)
  51. koitsu

    koitsu Network Guru Member

  52. phykris

    phykris LI Guru Member

    I've tried the RT-N build 0502.8 on my linksys E3000, as soon as I get traffic from several clients, the router reboots at random times. I don't need to wait long to reproduce this. It happens within 10 seconds.
    I switched back to the RT build 7502.1 on the same router and the problem disappears.

    A problem that appears on both builds is that I can't removed the example rule from the access restrictions list. Also, if I add a new rule to the access restrictions list, I can't remove that rule anymore.
  53. Drinyth

    Drinyth Reformed Router Member

    First time poster, but long time user of the Toastman firmware. I've been having some problems with the most recent build though with my RT-N16. I first tried upgrading from 1.28.7501.3 STD to the 1.28.7502.1 STD firmware but that particular version was causing my router to randomly reboot after a few days of usage.

    More recently, I tried 1.28.7502.8 STD (BETA) and while it stayed up and running for a week or so, my connection eventually dropped and refused to reconnect again. The router itself didn't reboot this time, but it wouldn't reconnect. Seeing that the router did stay up and running this time, I rebooted my DSL modem and was able to get back online. I've never had to power cycle my DSL modem when being disconnected with previous versions of the Toastman firmware so I'm not sure if it's a result of the newer firmware or merely a coincidence?

    In any case, I'll try 7502.8 again for a few days and see what happens the next time I disconnect. If next time it disconnects and unable to reconnect on its own without a power cycle of the router or DSL modem, I may end up going back to 7501.3. I'll report back in either case.
  54. Toastman

    Toastman Super Moderator Staff Member Member

    I have never had this release reboot or do anything unexpected. If it was fixed by your restarting the DSL modem, then it does point to the modem losing sync or otherwise going pear shaped.
  55. Drinyth

    Drinyth Reformed Router Member

    I've had 7502.1 reboot on me several times out of the blue which is why I went to 7502.8 BETA to see if there was something in the BETA release that fixed this issue? The router itself is on UPS power and all the other devices on that UPS stayed up and running, which left me thinking it wasn't related to power.

    Likewise, I've never had to reboot my DSL modem in 7501.3 or prior releases when my DSL line disconnects - it just reconnected automatically. The lights on the DSL modem itself looked normal in that it showed that it was sync'ed and had ethernet connectivity to the router. It would just refuse to connect. The logs during that time show:

    Aug 11 15:10:02 rt-n16 pppd[31852]: Plugin loaded.
    Aug 11 15:10:02 rt-n16 pppd[31852]: RP-PPPoE plugin version 3.10 compiled against pppd 2.4.5
    Aug 11 15:10:02 rt-n16 redial[31854]: Started. Time: 30
    Aug 11 15:10:02 rt-n16 daemon.notice pppd[31853]: pppd 2.4.5 started by root, uid 0
    Aug 11 15:10:37 rt-n16 daemon.err pppd[31853]: Timeout waiting for PADO packets
    Aug 11 15:10:42 rt-n16 redial[31854]: WAN down. Reconnecting...

    Over and over again. Again, I'm not chalking that up to being a problem with tomato, per se... I'm just saying I never saw that behavior in your previous releases. In any case, I'm going to continue running 7502.8 BETA and see if the next time my connection drops if the router automatically reconnects or if it gets hung up like last time. If it does get stuck again, I'll probably downgrade back to 7501.3 and see if that doesn't resolve the problem.

    Thanks for all your hard work with tomato and keeping things current!
  56. gs44

    gs44 Addicted to LI Member

    Strange seeing peeps report reboot issues. My E2000 and E3000 has not rebooted on its own due to firmware in 6 months or more and that's with every version update in that time period by Toastman. Heck I honestly can say it has been more than a year at least since I have seen a reboot do to firmware issues and I generally upgrade to every new version beta or not. Sometimes I wonder if peeps get lazy and don't clear nvram after every flash as instructed or is it just a fluke with hardware and diff use issues.
  57. DJarvis1

    DJarvis1 Networkin' Nut Member

    hi... just looking through the web and setting up parental controls via Opendns..

    under web usage section in tomato (toastman version for the e2000), does the 'recent searches' visible to the I. S. P or just a internal router logging thing? .... or is it just the 'sites visited' in upper section that appear to the I. S. P. ?... or both..
    Sent from my HTC One using tapatalk
  58. velvetfog

    velvetfog Reformed Router Member

    Please forgive my newbie questions, this is my first post in this forum.

    I have an Asus RT-N16 router with a 1 TB hard drive attached.
    It is currently running the Tomato Firmware v1.28.7501 MIPSR2Toastman-RT K26 USB VLAN-VPN-NOCAT firmware.
    It has been running steady for 208 days (its on a UPS).
    I am not using IPv6 or the DHCP server.
    I am using 802.11n, the USB port, Samba and the DLNA server.

    Should I upgrade to a newer version?
    Do I really need to upgrade to a newer version?
    If so, where do I find the current image files?
    What has been changed/improved since the v1.28.7501 that I'm running?
  59. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Any machine your data passes through on the way to its destination, and the destination machine itself has the potential for your data to be accessed and stored by a third party. This is the concern in countries with tight regulations, such as China. This is the concern with the NSA's activities. This is a potential concern with any dishonest person with access to any machine through which your data flows. That's one of the reasons people use VPN and other techniques to protect themselves online. Every bit of data flowing from your computer out to the internet has the potential to be read by others - web searches, sites visited, files downloaded, forum posts... Anonymity and privacy are hard to attain.

    With the default settings in your router, the ISP cannot access your router's web GUI or the logs.

    Not sure if that answers your question, but I had to rant.
  60. JohnO

    JohnO Networkin' Nut Member

    Generally speaking, I would upgrade only if something was not working, or if there were new features mentioned in the release notes that you wanted to try. I'm running the same version you are running, and have had no real issues, so I'm in no hurry to upgrade. There comes a point where you may not want to be too far behind a current release, so that would be another reason to upgrade. I'm not sure when that point is crossed.

    As to where to find the software, it is on 4Shared.

    (You can also get to this link by following the "About Toastman" likes from your running router software.

    Here are the current release notes from your version to the present version. Read through to determine if there is something that you feel warrants the time and effort to do an upgrade:

  61. RonV

    RonV Network Guru Member

    If it's stable for you and doing what its supposed to do leave it at that version. One of my old buffalo routers was up and running for over a year and the only thing that nocked it down was the UPS ran out of power in a power outage.
  62. fraak

    fraak Reformed Router Member

    Have 2 issues. Not sure if my isp is to blame or a mis-configured router. While trying to setup ipv6 with my isp I noticed using wireshark that in 7502.1 I receive RA on the LAN. If I'm using tomato-K26USB-1.28.7502.8MIPSR2Toastman-ext I will not receive any RA out to the LAN. I have enabled the RA to Lan in advanced dns/dhcp settings. Are RA handled differently in 7502.8?

    Besides the lack of RA, I'm having the same issue as this user in regards to my ISP rollout of ipv6

    we use pppoe and we are able to get an ip on the wan but nothing is communicated to the Lan. The isp is giving us a /64 to use dynamically but using native or dhcpv6-pd will not allow the lan. Could a mtu on the Lan be the issue?
  63. koitsu

    koitsu Network Guru Member

    Yes. For IPv6 it's generally recommended to stick with an older release, as there were massive (and I do stress the word) changes to how IPv6 RAs were handled (specifically attempting to use dnsmasq for them, rather than radvd). There is a very long/thorough thread about this which I can't be bothered to look up right now.

    I can't help with the other issue.
  64. Lorenceo

    Lorenceo Networkin' Nut Member

    I cannot get IPv6 to work on the newer post radvd versions at all. That said it doesn't work on v1.28.7501 out of the box either, but after a bit of messing around it becomes relatively stable.
  65. koitsu

    koitsu Network Guru Member

  66. eahm

    eahm LI Guru Member

    Toastman, is there a reason why 0502.8 doesn't open UPnP for eMule (only testing it, not actually using it :)) but Victek and Shibby are fine with it?

    Spoke too early, Victek z doesn't work either.
  67. Victek

    Victek Network Guru Member

    and previous beta version? ;) .. emule upgraded? same version? ...try shibby version (should fail also) ... and then go back to original firmware :)
  68. Toastman

    Toastman Super Moderator Staff Member Member

    I don't know why. But if you google for the problem you will see that emule is known to have this uPnP problem, and it has been addressed in other "emule-lookalikes" ... it isn't a tomato-specific issue. But it is strange they didn't fix it, or are you using an older version of emule?
  69. dzenvondnovnezd

    dzenvondnovnezd Reformed Router Member

    I get this issue with Comcast with the newer builds. Are you on Comcast as well?

    I think it might be something with Comcast's IPv6 implementation.
  70. Lorenceo

    Lorenceo Networkin' Nut Member

    No, I am not a Comcast customer, nor do I live in the US.
    My ISP gives out IPv6 prefixes via DHCP-PD. They use PPPoE (1492 MTU) tagged as VLAN 10 for authentication.

    Ever since Tomato moved to using DNSMASQ for IPv6 I have been unable to get IPv6 to work.
    On an older version of Tomato (7501.3 Toastman VLAN) I start radvd manually with a custom config, and run a script every few minutes to check if it is still running.
    I've described the set up here for anyone interested:

    It's a shame that v6 doesn't work at all on the newer builds. I bought an N66U to replace my N16 which has been rebooting randomly (may be a bug with Tomato running out of PIDs; random reboots are less frequent when scheduled scripts are set to run less frequently).
    While I can get v4 working with the shibby 112 build on the N66U, I have no v6, so am still using my less than reliable N16.

    FWIW the IPv6 implementation on the stock Asus firmware (and the Merlin build) seems to work a lot better, almost perfectly.
    Setting it to DHCP-PD announces the correct prefix, MTU and DNS to the LAN. Traffic is routed between the LAN and WAN. The only problem with it is it gives out a /64, regardless of what your ISP actually gives you.
  71. Victek

    Victek Network Guru Member

    Try RAF version with latest dnsmasq patches to check if problem is solved, then Toastman can update his branch.
    koitsu likes this.
  72. Lorenceo

    Lorenceo Networkin' Nut Member

    Just tried tomato-RT-N66-1.28.9013MIPSR2-RAF-V1.2.trx on my B1 N66u.
    It obtained a v6 address on its WAN port, but reported all v6 hosts as unreachable.
    It could resolve the v6 IP when trying to ping, but reported network is unreachable.
    No router advertisements were sent to the LAN.
  73. Victek

    Victek Network Guru Member

    Ok, I'll do one change for the coming beta, thanks for the info, I know what is missing now...
  74. Lorenceo

    Lorenceo Networkin' Nut Member

    Can Dnsmasq be set to send the correct MTU in its router advertisements? In one of the shibby builds it was announcing 1500 MTU (when it should be 1492 as that is the max MTU of the WAN), but even then none of the clients on the LAN could connect to any v6 hosts.
  75. Victek

    Victek Network Guru Member

    What's in your /etc/dnsmasq.conf file? ... if not you can edit... dhcp-option=option:mtu,1492
  76. Lorenceo

    Lorenceo Networkin' Nut Member

    dnsmasq.conf from tomato-RT-N66-1.28.9013MIPSR2-RAF-V1.2.trx:
    That MTU option sounds promising. However as it is right now, no router advertisements are sent from the router at all. That and the router itself can't contact any v6 addresses.
  77. DJarvis1

    DJarvis1 Networkin' Nut Member

    hi gonna use q. o. s soon but wanna make sure i got latest fw possible.

    currently i have:
    Tomato Firmware v1.28.9054 MIPSR2-beta E2000 vpn3.6
    Linux kernel and Broadcom Wireless Driver updates.

    in dowloads I`m looking at 'RTN NVRAM 60K MIPS2 1.28.7500.2 std.'

    Is that one as up-to-date as i get for the e2000 ?....i see mentions of certain ppls `tweaks etc` inthe q. o. s. thread occasionally and wanna make sure i update to latest possible...


    Sent from my HTC One using tapatalk
  78. Drinyth

    Drinyth Reformed Router Member

    I can't speak for the current 7502.1 STD firmware and the problems that I had with that version rebooting, but I have been running 7502.8 STD (BETA) for a while now and haven't had any subsequent issues with the router failing to reconnect upon disconnection again like I was before. So I'll call it a one time issue that just happened to coincide with upgrading to that particular version.

    I just wanted to follow up and say that everything has been running smooth as silk for me now at version 7502.8. Thanks for the continued work on this project, Toastman!
  79. ksergey2012

    ksergey2012 Serious Server Member

    Dear Toastman, I would like to ask, and you will do the firmware for the router Asus RT-AC66U? When I was a Asus RT-N16, use your firmware, which left only positive emotions. Sorry for the google translation.
  80. phgghy

    phgghy Reformed Router Member

    Is anyone else experiencing problems with the built-in FTP server on Toastman Build 1.28.7502.1 STD.

    I can login with user account I made, but I cannot write to the server. I'm not sure if this is a bug or if it's just me. Thanks for your time.
  81. gs44

    gs44 Addicted to LI Member

    Djarvis1 You will want to use the one with your router name (E2000) specifically in the title
  82. gehx75

    gehx75 Reformed Router Member

    I just flashed "tomato-K26-1.28.7502.8MIPSR2Toastman-RT-Mini.trx" on my router and enabled SSH but when i try to ssh to the box it times out. Also in the web config page when i click Start Now in the SSH Daemon section it doesn't stick, it just reloads the page and the still says start now. Is the ssh daemon included in this build?

    thank you.
  83. Mangix

    Mangix Networkin' Nut Member

    it is not.
  84. gehx75

    gehx75 Reformed Router Member

  85. though

    though Network Guru Member

    not sure if mr toastman can use anything from this, but a new firmware was just released by Asus for the RT-N66U:

    Description ASUS RT-N66U Firmware Version
    Please note: This version add many new features, please press the reset button more than 5 seconds to reset the RT-N66U after firmware upgraded to prevent unexpected problem.

    AiCloud 2.0 released
    1.All new web interface
    2. Support video subtitles (.srt format) For better video compatibility, windows user need to update VLC to v2.0.8 or later
    3. File/ folder can be shared to Facebook(router must have public IP)
    4. Supported mobile version web interface
    5. Supported router to router sync
    Please refer to video via:
    6. Fixed smartsync related issues.

    1. Repeater mode( in Administration --> Operation mode)
    2. Dual WAN (in WAN -> Dual WAN)
    3. Unmount all disks with 1-click
    4. Disk scan feature. It is in external USB disk status tab in network map.
    5. Support Sandisk Cruzer flash drive with both CD-ROM and flash disk interface.
    6. Auto adjust time zone in internet setup wizard process.
    7. PPTP VPN server status GUI
    8. Recognized .rmvb files as video format in media server.
    9. Show more detail information in USB application install process.

    1. Upgraded to SDK6 driver to fix 5GHz connection issue.
    2. Fixed HK ISP DHCP connection issue.
    3. Fixed USB application update related issues.
    4. Reduced the redundant packets when used 3G/4G dongle as WAN and opened web browser.
    5. Fixed the traffic monitor related issues when used 3G/4G dongle as WAN,
    6. Fixed client duplicated issue in network map
    7. removed modem setting button in AP mode
    8. Fixed IE related parental control issue.
    9. Disabled the Broadcom ACSD service to prevent buffer overflow vulnerabilities.
    10. Fixed AiCloud vulnerability related bugs.
    11. Underline "_" can now be acceptable in device name and computer name.
    12. Hide Broadcast option in PPTP VPN server when it is disabled.
    13. Fixed multicast IPTV related issues in PPPoE/PPTP/L2TP connection.
    14 .Fixed parental control offset issue in IE.
    15. Fixed 3G dongle related issue.
    16. Hide ASUS DDNS description when selecting 3rd party service.
    17. Fixed script error 'invalid argument on IE'
    18. Fixed smart sync JS error
    19. Fixed JST time zone issue.

    1. Fixed PPP IPv6 global address retrieval
    2. added DHCP-PD option
    3. Added LAN DHCPv6 server
    4. Added network status GUI.
    5. Added option domain name if available

    3G/4G dongles
    1. Support Yota LTE dongle LU150
    2. Support ZTE LTE dongle MF821
    3. Support 3G dongle Q110
    4. Support Huawei EC306

    update 2013.09.11
  86. Toastman

    Toastman Super Moderator Staff Member Member

    Very little time to do anything lately, but here is a new release to keep up to date.

    There is a new update to dnsmasq, please note, Vic has noticed an issue with DHCP-DNS and is looking into it. Keep your eye on it!

    It's still labelled BETA because of the experimental ipv6 using dnsmasq. there have also been some changes to the ipv6 handling in dnsmasq. Hopefully for the better ... :p
    though likes this.
  87. Toastman

    Toastman Super Moderator Staff Member Member

    September 17 2013 - 1.28.7503 and variants - BETA

    - add pairNIC DDNS service
    - Implement ipt_account fixes for Kernel 2.6.36
    - added "String" module for ip6tables
    - bridge: avoid ethtool on non running interface - bridge: respect RFC2863 operational state.
    - Access Restriction: Check chain blank before delete - patch from EasyTomato trunk.
    - Added extrarules to iptables to get UDP request - ( EasyTomato patches
    - Busybox: Upgrade to 1.21.1
    - SSID: Respect ASCII character label
    - Correct access restrictions save/delete bug with some browsers
    - ipt_webmon_info has different define in kernel and iptables.
    - dnsmasq: Update Sept 13, 2013 to v2.67test14 - (ipv6 experimental)
    - VLAN: Correct mapping Netgear 3500L V2

    Thanks, as usual, to all of the other devs and contributors !

    koitsu, Riddlah, eahm and 1 other person like this.
  88. eahm

    eahm LI Guru Member

    Thanks for the update.
    Last edited: Sep 18, 2013
  89. Beast

    Beast Network Guru Member

    Did not nvram clear but dnsmasq will not run after reboot
    RT-N16 router

    Asus RT-N16: Tomato 1.28.7503 MIPSR2Toastman-RT K26 USB VLAN-VPN
    BeastNet user.debug init[1]: dnsmasq terminated unexpectedly, restarting.
    BeastNet user.debug init[1]: 182: pptp peerdns disabled
    BeastNet user.debug init[1]: dnsmasq terminated unexpectedly, restarting.
    BeastNet user.notice root: ADBLOCK ERROR: restarting dnsmasq...
    Last edited: Sep 18, 2013
  90. kthaddock

    kthaddock Network Guru Member

    @Beast please format you text it's impossible to read that.
  91. Victek

    Victek Network Guru Member

    @Beast I saw in the complete log some services running in background.. could you add more details? thanks
  92. Beast

    Beast Network Guru Member

    Last edited: Sep 18, 2013
  93. Victek

    Victek Network Guru Member

    Too many services running, I don't know what service reinitializes dnsmasq, would you disable some services, ftp for example..
  94. Beast

    Beast Network Guru Member

    Ok working on it... Right now its working. I did tick marked the clear nvram after flash and now running only the bare bones. But getting this old fault again...
    BeastNet dnsmasq[558]: started, version UNKNOWN cachesize 1500

    was known in 502.8

    ok as soone as I added this without brackets (quiet-dhcp) to the custom section for dnsmasq the error happens.

    Sep 18 16:30:18 BeastNet user.debug init[1]: dnsmasq terminated unexpectedly, restarting.
    Sep 18 16:30:19 BeastNet user.debug init[1]: dnsmasq terminated unexpectedly, restarting.
    Sep 18 16:30:19 BeastNet user.debug init[1]: dnsmasq terminated unexpectedly, restarting.

    I reinstalled ADDBLOCK 3.9e again, which sets dnsmasq messages to 25 and cache size to 8k
    from its defaults. Also since i am not using FTP, I disabled the script from uploading block list to USB stick. And all is still working fine.

    Sep 18 16:55:21 BeastNet user.notice root: ADBLOCK: dnsmasq is running

    Just so you know I use copy and paste for the custom entry and for all others as well.

    Ok I just confirmed adding the quiet-dhcp to custom section will cause the error again.
    But (strict-order) does not cause errors. Its my understanding the (quite-dhcp) switch was
    added by John, not sure if that requires something to be compiled into dnsmasq or something else to make it work.....But work is what it has been doing for years.
    Last edited: Sep 18, 2013
  95. gs44

    gs44 Addicted to LI Member


    latest version up and running in E3000 and E2000.. All seems ok so far.

    Speeds seem normal and IPV6 via HE Tunnel is working as it should :)
  96. koitsu

    koitsu Network Guru Member

    The problem with quiet-dhcp is probably that the option itself was a Tomato-specific (Teddybear, I think) "patch" that was never officially handed to the dnsmasq author.

    The reason your log is filled with complains about the daemon exiting unexpectedly is an indication that dnsmasq (the daemon) will not start, almost certainly because it does not understand the quiet-dhcp parameter you've added to the Custom Configuration section.

    This means one of two things:

    a) The quiet-dhcp patch was not backported to the version of the firmware you're using, which you did not disclose in this post. Specifically I want the filename of the firmware you're using. Therefore, the person who built the firmware did not backport the patch, or,

    b) The quiet-dhcp patch was in fact given to the dnsmasq author and thus is in dnsmasq today, however the configuration option/name may have changed (it's up to the author to decide that).

    The official dnsmasq documentation still does not mention quiet-dhcp, so I am inclined to believe the "patch" still has to be manually backported to dnsmasq every single time dnsmasq is updated. I have discussed this in the past (read the rest of the thread past that post -- do not skim it, READ IT! -- and you'll understand).

    So if you want your dnsmasq to work, remove the quiet-dhcp directive from the Custom Configuration section for the time, disclose the filename of the firmware you're using, and let the developers here hash out the issue. It honestly sounds like to me that the firmware you're using did not have the quiet-dhcp patch applied to its dnsmasq.

    Otherwise if you want this feature added to dnsmasq officially, because this is an open-source volunteer project, I urge you to get in contact with the dnsmasq author and make it happen. His contact information is easily available, and he's a very friendly fellow. It's up to you (or anyone else) to take the initiative.
  97. Beast

    Beast Network Guru Member

    Indeed the firmware i am using was identified in a post or two up, but it is....
    Asus RT-N16: Tomato 1.28.7503 MIPSR2Toastman-RT K26 USB VLAN-VPN

    I understand the problem with the quiet switch. And confirmed it for myself a couple of posts up.
    Victek was asking me to narrow down the problem. I did remove it, and everything seems to be

    I play Diablo III, and since the update to this firmware I have a lot of lag. But not sure at this point
    if its Blizzar's servers or me thats causing the problem. Seems to me even normal web surfing is a bit
    laggy. I'll do an speed-test and see how that turns out.

    I will do better at putting needed info in my future posts...
  98. koitsu

    koitsu Network Guru Member

    FYI: A speed test (done through sites like will not reflect latency/issues you have to a gaming provider like Blizzard. The Internet and packet routing does not work like that. So if you have issues with Diablo 3 and network lag, but your results to some place close to you are fine (please try other locations as well), then the issue is almost certainly not with your router or the firmware.

    You need to be aware of this reality: the Internet is broken 24x7x365. If you think I'm exaggerating, please know that I'm not. Portions of Internet routing are broken on a daily basis, and I can tell you (for example) during the past 2-3 weeks there have been repeated issues with multiple backbone providers throughout the Internet in general. If you want validation, go look at NANOG and mailing list archives; you'll find, particularly in the last week, numerous issues with Level 3 (who is a major backbone provider) where increased packet loss and latency were seen in varied geographic locations. Please do not think a backbone issue in (for example) Wichita KS does not apply to you because you live in (for example) New York; if your packets are going to somewhere in California, they may in fact traverse a router in Wichita -- or possibly the return path packets (which you cannot determine/see, ever) may take that (broken) path. This is as much as I'm willing to go into Internet routing/troubleshooting here on this forum -- I actually do this type of thing professionally, and it's not as simple as "just run a traceroute to somewhere", it's a lot more involved than that.

    Furthermore, if you're wirelessly connected to your router and playing games, you should know that wireless issues happen almost constantly (it is not a reliable transport; packet loss almost always occurs) to some degree. Please do your testing via a wired Ethernet connection only.

    Next, if you are using some form of QoS on the router, I recommend you disable it as a test. The QoS "stuff" in Tomato can often cause strange/weird problems (usually the result of misconfiguration/misunderstanding on the user's part, but sometimes are problems with the QoS method in Tomato), so ruling that out is always good.

    Two final things:

    1. I asked you for the filename of the firmware you're using, not the "version on the About page" (which is sometimes not sufficient). In this case I can sort of work out what it is -- it's probably tomato-K26-1.28.7503MIPSR2Toastman-RT-VLAN-VPN.trx (or possibly the USB version (K26USB)), which leads me to...

    2. Most relevant of all: it sounds like 1.28.7503 for the 2.6 kernel may lack the quiet-dhcp patch for dnsmasq. I run the RT-N branch on my RT-N16 (specifically I use tomato-K26USB-1.28.0502.8MIPSR2Toastman-RT-N-Ext.trx at this present time), so that is the only version I could test to determine if quiet-dhcp works or not. In that case, it's pretty easy: Toastman disclosed in his firmware announcement post that dnsmasq was updated to version 2.67test14. He may have forgotten to backport the quiet-dhcp patch, in which case you have a couple choices:

    a) Backport the patch yourself + build the firmware yourself,
    b) Pick an older firmware (ex. 1.28.7502.8),
    c) Remove quiet-dhcp from the Custom Configuration settings and wait for a future build.

    I finally want to say that what I said about the quiet-dhcp patch not being backported is speculative; I have not gone and done a git pull to update my git repo source to determine if it's there or not for the 1.28.7503 RT branches. I could do that, but I have 5 or 6 IRL things I'm dealing with (finding a job, dealing with lawyers/a court case, dentist appointments, and doctors visits) combined with not getting enough sleep.

    That's the nature of the Tomato firmwares -- they're open-source, and they need as much help/attention as possible from folks who can dive in and help track down issues like this + provide patches if at all possible. Problem reports are always good, especially when the issue can be reproduced reliably.
    Last edited: Sep 19, 2013
  99. Toastman

    Toastman Super Moderator Staff Member Member

    It looks like dhcp-quiet is the problem. It should have been preserved but quite possibly was something I overlooked. Thanks guys! And Koitsu, looks like you have enough on your plate at this time, good health and thanks for taking part in the forum!
  100. Beast

    Beast Network Guru Member

    Thanks koitsu for all the advice. I always read your posts no matter if your answer one of my questions or some other person. You are by far one of the most knowledgeable individuals here. I have learned quite a bit from just reading your posts. They are very informative and give good advice, that can be of use by anyone taking the time to read them. Most of your posts are the size of a tech

    And hey Toastman or koitsu. Why is dnsmasq VERSION known and then not, by the firmware. How does your firmware determine the version ??? I know its not a show stopper, but I am really curious to know.

    And while I am thinking about it. (NOTE I have not checked this version of firmware), but for the last few revisions I have had to add permissions to the custom section of the FTP server, {allow uploads} to the built in FTP server. This used to not be required. ADBLOCK script (V3.9e) uploads the block list to the FTP server. As talked about in this post back in April 2013.

    The exact custom entries:

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice