AdvancedTomato - Flat/Material designed web GUI (Shibby base)

Discussion in 'Tomato Firmware' started by Jacky444, Jul 23, 2014.

  1. remlei

    remlei Networkin' Nut Member

    yep, people should respect other decision what they want to do, if they dont like it, just gtfo, no ones forcing you to use it, there's still the wonderful shibby firmware and toastman firmware that you can still use, if you still dont like those, just use openwrt/lede or dd-wrt (assuming your router suppots it). If youre still crazy about the security stuff, well no ones stopping you the enterprise grade routers.
    azdps likes this.
  2. Frequenzy

    Frequenzy Addicted to LI Member

    looks it's the end of AT, sad to see it end abruptly.
  3. Jacky444

    Jacky444 LI Guru Member

    After some thought and good look at statistics, I've decided that I wont let down 5200 people. Not yet. This was long term project and I still have many ideas how to improve it. I just hope there will be more help in future for both Firmware and GUI. I do feel offended by some comments though, also with some of mails that are coming in every day. But guess that's life of an open source developer.
    IcyTexx, Xander86, tarund and 8 others like this.
  4. The Master

    The Master Network Guru Member

    What??!! NOOOO.... We all love AT....

    i understand both sides from the ssl and login perspective but why stop someone who is taking all his/her spare time to build a new projekt...

    We would be apes again if not one ape stand up and walk...:D
  5. srouquette

    srouquette Network Guru Member

  6. kille72

    kille72 LI Guru Member

  7. The Master

    The Master Network Guru Member

    Fake Statistic :) I have disabled Anon :)
  8. Jacky444

    Jacky444 LI Guru Member

    Not exactly "fake" just not accurate. Though Downloads counters are based on firmware downloads and can't be "disabled" since they work on web site it self :).

    Also enabling anon gives devs like me opportunity to get more interest in the project, you know we love to see big numbers :).
    Haldi4803 and The Master like this.
  9. azdps

    azdps LI Guru Member

    We need to donate specific routers to the main 3 active tomato developers. Jacky444 is in need of a newer secondary based router since his Netgear router keeping on bricking and he has to keep unbricking it during testing. This has cost him hours of development time. Both shibby and toastman could probably use the newest arm based routers as well to play with. I don't have the time today but would like to setup a 3 separate donation pools for them. I'll have to find out from each of them what their most desired router is at this time. The donations will go specifically to router purchases. I'm thinking Jacky444 is due for an Asus router asap.
    koitsu and Jacky444 like this.
  10. azdps

    azdps LI Guru Member

    I started a fund for Jacky at

    Edit: I spoke with Jacky about the campaign today. The campaign for Jacky at has been deleted and the sole donor and myself have been refunded. The charges for gofundme (5%) along with their required WePay (2.9% + $0.30 for every donation) payment processing was ridiculous. There were other complications as well.

    If you would like to donate to Jacky please donate to him via PayPal.
    Last edited: Dec 6, 2016
    Jacky444 and koitsu like this.
  11. Jacky444

    Jacky444 LI Guru Member

    -- DELETED --
  12. The Master

    The Master Network Guru Member

    Jacky444 likes this.
  13. Jacky444

    Jacky444 LI Guru Member

    Its been long time since new AT release, so hopefully this will make your start of the weekend a little nicer! Version 3.4-138 is now available. There has been some fixes and improvements nothing "Huge". Sadly I have no time for "HUGE" at the moment.

    Change Log

    Update 3.4 (GUI):
    - Fixed System UI alignment of the CPU, RAM, SWAP and WAN description/values
    - Fixed issue where Virtual Wireless interfaces showed enable/disable on the overview page
    - Fixed the Advanced VLAN pages on all firmwares (hopefully) for good now
    - Fixed miss align on IP Traffic graphs where percentage did not properly align with other details in row
    - Fixed issue "Error reading file" when restoring IP Traffic and Bandwidth data
    - Fixed invalid redirection after uploading custom Captive Portal Splash page
    - Fixed weird gold color on some of default alert boxes like on unsupported feature message at admin buttons page
    - Improved SVG rendering anti-aliasing because it was horrible before (Graphs, Charts, etc...)
    - Greatly Improved browser caching which was previously a JOKE in Tomato's HTTPD handler (120s to 12h for CSS/JS)
    - Added new authorization page which currently have no point but to wait for a propriate HTTPD (Firmware) changes
    - Added ability to retry AJAX connections on fail up to 8x (when router doesn't respond with 200 (HTTP OK))
    - Added different error message when restoring too big IP Traffic or Bandwidth data
    Quick Tip: Simply start writing your router name anywhere on page, the page should filter downloads automatically.
  14. koitsu

    koitsu Network Guru Member

    I need to know about this. I'm staring at the commit history from between August and present, yet I don't see any commit that immediately stands out. Can you provide the associated commit ID?

    Edit: Never mind, I found it (commit ID 79c49af9c5f975046dabbc6a5abc72cf50521cee).

    I wouldn't call this "a joke", but yes, the default Cache-Control max-age parameter was set to cache*60, where cache was the value passed into send_header() (last argument). You've changed that to cache*3600. All manual send_header() calls in Tomato use a value of 0 -- except for handle_request(), which iterates over all the entries in the mime_handlers array for matches (based on URL), and for any which have a non-NULL MIME type or function/handler, use that value. I did the heavy lifting through some awk fun, and came up with this list: match string, MIME type, cache value*60 (original Tomato), and cache value*3600 (yours):

    "debug.js",         mime_javascript,    300     18000
    "**.css",           "text/css",         120     7200
    "**.htm|**.html",   mime_html,          120     7200
    "**.gif",           "image/gif",        300     18000
    "**.jpg",           "image/jpeg",       300     18000
    "**.png",           "image/png",        300     18000
    "**.js",            mime_javascript,    120     7200
    "**.svg",           "image/svg+xml",    120     7200
    "**.txt",           mime_plain,         120     7200
    "favicon.ico",      NULL,               300     18000
    So now we know, definitively, what the values are (post-calculated).

    I would really need to sit down and examine the effects of your change. I think overall it's a positive and worthy goal, but I worry about some edge cases. I'd need to examine HTTP client and server headers to see if this is beneficial or potentially problematic. I need to look into if IMS checks are being used, ETags, or what, and how the client ends up deciding what to cache as a result. My concern is for people who actually serve up some static content using Tomato httpd (I never advise using Tomato httpd for this, but people ARE doing it, I've seen recent threads about it). My concern lies in what the behaviour is if, say, someone makes a bind mount to override a specific file (ex. a developer working on /www/tomato.css) -- rather than wait 120 seconds, this would be 7200 with your change, and may cause the developer to have to clear the cache in his entire browser). As I said: I'd need to investigate this thoroughly.

    What caught my eye in the process was the favicon.ico entry, which appears to have a minor bug: its MIME type is NULL, which means Cache-Control will end up getting set to no-cache, no-store, must-revalidate, private (and I confirmed this is the case). We should really change that from NULL to "image/x-icon" (not "image/" -- this is hard to understand, so best read the entire SO thread and the reference materials cited -- really!), then it'd get cached. This also allows removal of the wo_favicon() function (in the mime_handlers array we can just use resulting function do_file) (you may get a kick out of what wo_favicon does, header-wise). I'll actually work on a commit for that (easy enough).

    Next: your commit is... well... I'll just cover it like this:

    1) You've encompassed too many changes in a single commit. Each of the things changed should have been done in separate commits. This can't always be done (obviously!), but in this case, all of these things were independent from one another so they could have each been done in separate commits. This makes cherry-picking commits (important for other firmware forks and even git branches!) easer, narrowing down a problem to a specific commit easier, and makes for a more clear commit history. You've harped on me about "old ways hindering progress", so I'll point you to what present-day developers recommend when it comes to general software dev and good Git practises (here are some more). You'll find that the advice I give on this item is pretty universal across all developers (old or young), and is extremely important in collaborative projects. I don't always adhere to all of these, but they are worth reading/considering anyway.

    2) With regards to this entry:

    - Added new authorization page which currently have no point but to wait for a propriate HTTPD (Firmware) changes
    IMO, this shouldn't have gotten added/pushed yet. This isn't trying to disparage you, honest: it's about good Git practises. This task (doing away with HTTP basic auth and instead using HTTP sessions and all that comes with it) should end up in its own branch. You'll see this approach mentioned in some of the above links, re: use git branches regularly. Once you get that done + finished, you can merge it all into master (or whatever master is -- you know what I mean). It's also part of the "Agile development mindset" -- not a mindset I particularly agree with ~90% of the time, but there are some small parts of it I do agree with.

    3) It doesn't reflect well on you to put "disparaging" comments in a ChangeLog or git commit message in a public open-source project. I'm actually an easily irritated/annoyed guy myself, and a harsh judge of quality, so I too would be pretty quick to vocalise something like "Are you kidding me? These cache values are f***ing horrible!" -- but I wouldn't convey that in a ChangeLog or commit message. I'm referring to:

    - Improved SVG rendering anti-aliasing because it was horrible before (Graphs, Charts, etc...)
    - Greatly Improved browser caching which was previously a JOKE in Tomato's HTTPD handler (120s to 12h for CSS/JS)
    Something like what you put in your git commit message is a lot more professional:

    - Make browser caching much longer. Previously most assets were cached only for some minutes, now we cache them for hours.
    P.S. -- The "Heavily increase caching of static assets like CSS, SVG, GIF, PNG, JPG, etc..." commit message is redundant; you could have covered both in one item. :)

    P.P.S. -- I can't find the commit relevant to "Improved SVG rendering of anti-aliasing". I'm thinking a CSS or raw <svg> attribute change (shape-rendering?), but I don't see it in the commit history.

    Thanks for your work on all this!
    Last edited: Dec 5, 2016
  15. kille72

    kille72 LI Guru Member

  16. Jacky444

    Jacky444 LI Guru Member

    As experienced web developer, I can say that caching in Tomato is a JOKE. The cache for CSS and other assets (Images, Fonts, html files that never change, etc...) is recommended to be over a week. Tomato was using 120s which is 2min. Cache is there not just for 1 session you do on router.

    The cache is browser based not firmware it self. So a developer working on sytlesheets can easily use something like Google Chrome's F12 console which allows you to disable cache while working on the design. There is many reasons why this isn't really important. Cache must be there to avoid hundreds of useless requests to a router. I agree regarding favicon, I left it there because I simply didn't have time to go through all code to see why favicon would even be implemented that way. Its kind of stupid since its just an image file.

    I did make separate commits. But due to not knowing how to actually merge ARM git and Github I've done all commits into one (again I'm busy man, I can't afford spending hours on GIT).

    I do agree about the rest. I will use better language and git management in future. I really need to learn how Shibby can merge changes between RT/AC/ARM branches so easily, problem is that each branch has files in its own folder. If I would want to merge ARM into RT-N it woldn't work cause src-rt / src-rt-6.x.4708 parents.

    Generally, it has been almost 4 months since last release and time allowed me to do so small amount of contribution till today. I really wish I had more time :(.
    crusher9 and The Master like this.
  17. koitsu

    koitsu Network Guru Member

    crusher9 and Jacky444 like this.
  18. DracoMilesX

    DracoMilesX Networkin' Nut Member

    Thanks for the update. My VLAN page is working as well (RT-N66U).

    Auto refresh on device list seems not really working or just bugged for me atm not the first time.

    And just a small question with my limited knowledge. Why does device list for example show an Iphone on br3 and an android/laptop on wl0.1/wl1.1? (they are all on wifi) Not that important but just found it strange.

    edit: guess it was just a small bug at the moment now it shows wl instead of br
    Last edited: Dec 6, 2016
  19. ruggerof

    ruggerof Network Guru Member

    Do you have another router as an AP only? If so, it means that the wireless client is connected to the AP and the main router sees it as part of the LAN.
  20. DracoMilesX

    DracoMilesX Networkin' Nut Member

    I have but that one is offline and the router is on my room so no one beside me has access to LAN (rest uses wifi only anyway)
  21. vr33595

    vr33595 New Member Member

    Is it only me who finds the checkboxes to enable various features almost invisible? like this:

    Whenever I want to enable something, if I'm at just at a little wrong angle to the monitor, I literally have to drag the mouse horizontally from the description watching the cursor until it changes.
    slodki likes this.
  22. DracoMilesX

    DracoMilesX Networkin' Nut Member

    @vr33595 mine shows a bit better might be because of the brightness but yeah might be a bit better if it it's more visable.
  23. AndreDVJ

    AndreDVJ LI Guru Member

    AT 3.4 GUI loads and performs almost as fast as Tomato's stock GUI. I wish my WNR3500Lv2 hadn't died so I could test it on MIPS.

    Good work, you nailed it :)
    Jacky444 likes this.
  24. Jacky444

    Jacky444 LI Guru Member

    Honestly I'm not sure what you mean almost as fast :D it should be the same/faster due to ajax usage. I never noticed any performance differences? Maybe its just me?

    AT Did however have animation between page changes (when page is loaded the old is faded out and new is faded in) which may cause feeling that UI is slightly slower which was removed unintentionally (some sort of issue with latest SASS compilation)
  25. Rangaistus

    Rangaistus Reformed Router Member

    i saw an issue on my RT-N66u with the AdBlock not loading any entries. maybe unrelated to the AT release, but since it happened under 3.4-138 i am documenting it here.

    Dec  5 02:14:34 Router adblock: prepare to download ...
    Dec  5 02:14:35 Router adblock: skip disabled blacklist -
    Dec  5 02:14:35 Router adblock: skip disabled blacklist -
    Dec  5 02:14:35 Router adblock: skip disabled blacklist -
    Dec  5 02:14:35 Router adblock: skip disabled blacklist -
    Dec  5 02:14:36 Router adblock: skip disabled blacklist -
    Dec  5 02:14:36 Router adblock: skip disabled blacklist -
    Dec  5 02:14:37 Router adblock: skip disabled blacklist -
    Dec  5 02:14:37 Router adblock: skip disabled blacklist -
    Dec  5 02:14:38 Router adblock: skip disabled blacklist -
    Dec  5 02:14:38 Router adblock: [1] downloading blacklist - http://localnas/hostfinal.txt
    Dec  5 02:14:39 Router adblock: ... [1] found 75361 entries
    Dec  5 02:14:40 Router adblock: skip disabled blacklist -
    Dec  5 02:14:40 Router adblock: add custom hosts to blacklist
    Dec  5 02:14:45 Router adblock: activated - 2529 entries
    Dec  5 02:14:58 Router adblock: activated - 0 entries
    after restarting the adblock service, the problem was not observed:
    Dec  5 02:32:15 Router adblock: stopped
    Dec  5 02:32:15 Router adblock: remove cron job
    Dec  5 02:32:52 Router adblock: prepare to download ...
    Dec  5 02:32:52 Router adblock: stopped
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: skip disabled blacklist -
    Dec  5 02:32:52 Router adblock: [1] downloading blacklist - http://localnas/hostfinal.txt
    Dec  5 02:32:53 Router adblock: ... [1] found 75361 entries
    Dec  5 02:32:53 Router adblock: skip disabled blacklist -
    Dec  5 02:32:53 Router adblock: add custom hosts to blacklist
    Dec  5 02:33:29 Router adblock: activated - 75425 entries
    Dec  5 02:33:29 Router adblock: add cron job
    in both instances 75361 entries are found.
    where it failed:
    Dec 5 02:14:45 ... activated - 2529 entries
    Dec 5 02:14:58 ... activated - 0 entries

    compared to when it succeeded:
    Dec 5 02:33:29 ... activated - 75425 entries

    EDIT: seen it twice more in regular shibby RT-N66U_RT-AC6x--138-AIO-64K
    Last edited: Dec 15, 2016
  26. cloneman

    cloneman LI Guru Member

    Anyone know if its possible to capture the realtime bw values on the qos-graphs.asp , but in CLI instead of webgui?
  27. koitsu

    koitsu Network Guru Member

    There is no way to do this at present. The math/segregation/etc. is mostly done in JavaScript. Do you wish to create a solution (read: program one, probably in a PL like Perl or similar)? If so, then I can take the time to explain where the data comes from and "how/where" it gets mangled/blah blah.
  28. cloneman

    cloneman LI Guru Member

    Thanks for the offer; however I don't have the required skillset or motivation at this time. I'm only interested in capturing realtime transfer speed for 1 class of traffic as a potential method for detecting the presence of a certain type of traffic e.g., a voip call.
  29. koitsu

    koitsu Network Guru Member

    For where the data comes from -- but not what the ending data ends up being (because the JavaScript does a lot of math to turn it into something human-friendly) -- see asp_qrate() in release/src/router/httpd/ctnf.c. The function retrieveRatesFromTc() is what parses tc -s class ls dev XXX output (where XXX is an interface name -- see asp_qrate() for what interfaces are relevant) and feeds it back into the relevant objects/arrays in JavaScript (variables qrates_out and qrates_in). I didn't look close enough at what/where nfmarks comes from. I don't use QoS so I can't even tell you what the above command output looks like.

    But the bottom line is, no, there is no CLI program that comes with Tomato that gives you the web-based output in a "CLI fashion". I'm not aware of any third-party ones either.
    cloneman likes this.
  30. cloneman

    cloneman LI Guru Member

    koitsu likes this.
  31. vr33595

    vr33595 New Member Member

  32. DracoMilesX

    DracoMilesX Networkin' Nut Member

  33. Jacky444

    Jacky444 LI Guru Member

    You can install that on your router using external drive and AIO image without a problem. To add this to firmware it self is way too bulky.
  34. lubmar

    lubmar Connected Client Member

    (newbie here) just started with advance tomato (latest ver.) on the R6300v2 , looks great ... thanks to all involved

    and of course I have a questions
    - how to change speed displayed in "real time traffic monitor" from Kbps to Mbps ?
    - also are there any adjustment possible ? like "__ minute window, __ second interval " in "Real Time IP Traffic" and "24h IP Traffic History" ... also with "2 minute interval" the "Peak" values are very much off ...

  35. steve23094

    steve23094 New Member Member

    Enjoying the firmware, I hope it continues to be updated for as long as possible.

    I'm having problems with the bandwidth limiter. I'm running 1.28.0000 MIPSR2-3.4-138 K26AC USB AIO-64K on an Asus RT-AC66U. I'm trying to use bandwidth limiting for my guest network on br1. The thing is as soon as I enable the bandwidth limiter my internet access drops out. I can still access the router and disabling the B/W limiter brings me back online.

    Has anybody got B/W working on this version of AdvanceTomato? Any ideas what might be going wrong and how to fix it?

  36. teerekt

    teerekt New Member Member

    I just switched my router from a Asus RT-AC3200 to a Netgear Nighthawk 6700 (which I upgraded to a 7000!) and flashed advanced tomato. I've been using pi-hole on my pi zero the past few weeks and everything worked like a charm. On my Asus router I set my Lan DNS to my pi hole IP, turned off DHCP and let my Pi handle everything. On the latest version of advanced tomato I only have the option to change my Wan DNS. There is no option to change my Lan DNS. Is something wrong? I log into the router admin page, go to Basic Settings > Network but it is not there. Here is a screenshot of what I see, I've used Chrome and Edge and Internet Explorer.


    Any thoughts? Using latest firmware.
  37. DracoMilesX

    DracoMilesX Networkin' Nut Member

    You can change the as well by clicking on it just like you disabled DHCP believe this is the only way to do it. Else it would be through commands.

    Ok thanks Jacky will check it out then.
  38. steve23094

    steve23094 New Member Member

    Just thought I would point out...

    I changed to Toastman's Tomato and it doesn't exhibit this behaviour. There must be a bug in Shibby's version, and therefore by extension AdvancedTomato.
    Last edited by a moderator: Feb 24, 2017
  39. GoodKarma

    GoodKarma LI Guru Member

    I'm having problems getting my Asus RT-AC68U router running the latest AdvancedTomato firmware 3.4-138 K26ARM USB AIO-64K to recognize my USB hard drive attached to the router's USB 3.0 port. The hard drive (Seagate 5TB Backup Plus Hub) works just fine when attached directly to my Windows 7 computer.

    I think I have the USB support setting correct (picture attached). USB core support, 3.0 support, and 2.0 support are checked. USB storage support, all file system support, and automount are checked. I have tried both the Open NTFS and Tuxedo drivers. I have hit save on the bottom of the screen after changes and restarted the router. The check settings are persistent (i.e., they are properly saved and don't disappear). Despite all of this, the HDD is not recognized as an attached device and that section is blank in the GUI.

    Are there additional settings I need to enable to make this work? I saw a reference to a bug in the 3.3 version re the USB settings. Any chance this is related? Are there any command line options I can try to force a connection to ensure I don't have a faulty USB port? Any other thoughts?

    Thanks for the assistance.


    Attached Files:

  40. Frequenzy

    Frequenzy Addicted to LI Member

    one issue i think is because its 5TB, that is why it's not recognized. Do you have other hds that is lower than 2TB and try?

    i'm using a Seagate 1TB connected to ac68u and no issues.
  41. GoodKarma

    GoodKarma LI Guru Member

    Thanks for the reply.

    I was a bit worried about the size of the HDD but hoped the ntfs driver would alleviate any issues. I don't have any smaller USB hard drives, but I may try plugging in an old USB flash stick to test the port. If that works I may get a smaller HDD or large flash stick and just use that.
  42. cyan

    cyan Addicted to LI Member

    edit: sorry my mistake.. turn out shibby also have same problem.
    I'll ask there. Thank you
    Last edited: Mar 2, 2017
  43. wholeeo

    wholeeo Network Newbie Member

    I have a Seagate 8 TB Expansion Drive plugged into my R7000 converted from a 6700 with no issues at all.

    Made the switch from DDWRT and Vortex and am loving the smooth GUI experience. Wish there was a phone app.

    Sent from my Nexus 6P using Tapatalk
  44. azdps

    azdps LI Guru Member

    To narrow down the hard drive issue, I think it would be a good idea for those of you who are providing feedback to provide at a minimum the hard drive file system (ntfs, ext3 etc) their hard drive is using.
  45. wholeeo

    wholeeo Network Newbie Member

    I'm using NTFS.
  46. AndreDVJ

    AndreDVJ LI Guru Member

    I bought today a 4TB external drive (WD My Passport Ultra) and it's recognized without any issue.
    root@R7000:/tmp/home/root# /bin/df -h /dev/sdb1
    Filesystem                Size      Used Available Use% Mounted on
    /dev/sdb1                 3.6T    262.0G      3.4T   7% /tmp/mnt/My_Passport
  47. lednik

    lednik Reformed Router Member

    Don't quit Jacky. AT is an awesome GUI. I've upgraded from Tenda N6 to Asus RT-AC68U, and guess what... Right now I'm using AdvancedTomato on the Asus router just like I did with the Tenda router. :)
  48. lednik

    lednik Reformed Router Member

    After a few days of tinkering around with Tomato on RT-AC68U, I've come to the conclusion that many things are borked or not functioning at all. Bandwidth monitoring does not work for instance. Enabling functionality for buttons on the router is a drag. There's other things as well. I've definitely decided to move on to Merlin's Asuswrt with RT-AC68U, at least until there's a better functioning Tomato build for ARM based routers (preferably a specialized build for Asus routers)... For my old Tenda N6 router Tomato is a perfect firmware (everything just worked), but for this Asus not so much...
  49. Jacky444

    Jacky444 LI Guru Member

    Great share...
  50. AndreDVJ

    AndreDVJ LI Guru Member

    Very well... I am working on retrofitting cstats/rstats patches scattered around in Toastman's thread to Shibby-ARM. There's a function which I will need nikk gitanes to review because I'm no good handling all Multi-WAN stuff. I used a parameter and declared a variable which most made sense to me, coming from wanuptime code.

    What I know it doesn't work for AC68U are USB LED's and I am pretty sure it is fixable... But I gave up requesting hardware addresses. I fixed USB LED's for R7000 myself (almost, LED's does not work with 1.1 devices, but who bothers with 1.1?). Well the foundation leading to the final fix is available.

    I don't have an AC68U to test, and it's pretty expensive where I live, so I (and many others) rely on some feedback to get things working.

    Finally, AsusWRT-RMerlin is the firmware of choice for Asus routers, no question about it.
    kille72 likes this.
  51. lednik

    lednik Reformed Router Member

    What I did not mention in in my previos post, is that, apart from the things that obviously do not function well, or at all on Tomato, my RT-AC68U performed really well with it. The download and upload speeds were according to spec. when I did some fine-tuning of wireless settings (I only use it as a wifi router. There is no ethernet cables apart from the one that connects the EMTA to the router). USB devices performed well etc. I was able to configure a lot of advanced stuff and it worked. The temperatures were about the same as with AsusWRT-RMerlin with AdvancedTomato GUI (I did not play with the stock GUI that much so I can't say much about it). Anyways. It would be a pitty to see Tomato fade into obscurity because of lack of following. I'm not a programmer so so I cannot help with the further development of the project, but Tomato has grown on me over the years, and I would be sad if it got abandoned by developers. Did I say that it is a great firmware. :D
  52. Elfew

    Elfew Network Guru Member

    Use v132 or Toastman builds - they dont support MultiWAN but are stable and almost without known bugs. I hope there will be v139 from @shibby20 really soon - it could containts many fixes merged from Toastman and others developers which fixes a lot of things and make Tomato even better.

    About Tomato vs Merlin fw - both are great, it is up to you. I would like to use Merlin fw but he doesnt support my asus arm router (rt18). Anyway Tomato fw offers better GUI and some advanced features, speeds and performance is same, maybe better stability with Tomato.
  53. lednik

    lednik Reformed Router Member

    It's not about the bugs (there are always bugs even with the best enterprise class devices). It's about having a "fully functioning device" as the manufacturer intended for it be used. My Asus RT-AC68U was stable even with the multiWAN Tomato v138 (read post above), but this Asus is not an ordinary generic router, like my previous one (Tenda N6). It's got buttons (WPS, LEDs on/off, WI-FI on/off, various combos of buttons). The point is that without that extra functionality, there is no point making a generic box out of a router that provides those extra few functions with the provided buttons, and + various modules within the firmware are borked, which is not, as I understand, localised to Shibby's builds, but is a global problem with ARM-based routers and Tomato no matter whose build is in question.
  54. Elfew

    Elfew Network Guru Member

    @lednik - it is up to you man ;) would be nice to share what bugs did you find and make Tomato better. For me, ARM builds are working fine without any serious bug, what feature is not working for you? BW monitor/Stats are wroking fine on Toastman (ARM)
    pomidor1 likes this.
  55. lednik

    lednik Reformed Router Member

    Well I thought that stats/BW monitor part was buggy for all ARM builds. If Toastman's build does not have the bug that's great. Someone should really work to get the best parts of all the existing builds and merge them in one ultimate build that has all the best parts of the existing builds... My other serious rant was about adding original button functionality, so I can turn the wi-fi off and on by pressing the adequate button on the device, turn the LEDs off and on, get into recovery mode, clear nvram etc. Then it'd be a firmware that I'd want to flash and use on my RT-AC68U...
  56. Elfew

    Elfew Network Guru Member

    You can set whatever you want for the device button, only what you need is to configure it over GUI and add any script or whatever you need.

    About one "ultimate" build - it is not necessary, if you need only one WAN use Toastman; if you need MultiWAN then use shibby's builds (v132 - stable, singleWAN; v138 - latest MultiWAN). Build v139 is on the way, should be released sooner than later with all fixes from Toastman's repo and many more...
  57. lednik

    lednik Reformed Router Member

    OK then. I'll wait for 139 multiWAN... But before I make any decisions, whether to flash Tomato or not, I'll look for feedback on this board.
  58. AlterEgo

    AlterEgo LI Guru Member

    Thanks for sharing. My A-RT-AC68U is on the way, so wouldn't waste time on experimenting with Advanced Tomato first, would directly go to Merlin.

    Sent from my SM-N915F using Tapatalk
  59. AndreDVJ

    AndreDVJ LI Guru Member

    Inconsistencies, rants, thoughts, assumptions... What the hell is going on these days?

    Quoting my own post from few posts back....
    You guys should expect no less than full functionality from AsusWRT. Tomato in order hand is a custom-firmware and open-source, so I guess Custom-firmware terminology implies it won't work as intended by the manufacturer on its own.

    If you want your Asus device to work as intended by the manufacturer, stick with OFW, or RMerlin which is as close as AsusWRT as you can get.

    You can run scripts, further extend functionality with Entware, and many more as long as you're confortable with Linux and command line.

    Whatever you see from Tomato, is a community effort. The bandwidth monitor and IP traffic issues, I ported fixes from Toastman repo by myself, per example. So far I don't see issues and it is working as intended.
    maurer and M_ars like this.
  60. M_ars

    M_ars Network Guru Member

    your port (patch collection) looks good :)
    You even decleared the function prototyp for "check_wanup_time()" - i missed that :rolleyes: ,thx
    So far, i have not heard about any new problems with IP Traffic and Bandwidth Monitor

    best regards
    kille72 and AndreDVJ like this.
  61. AndreDVJ

    AndreDVJ LI Guru Member

    The end result, specially regarding getting rid of dozens of bogus IP addresses on IP Traffic, was very welcome =)
    M_ars and kille72 like this.
  62. Jacky444

    Jacky444 LI Guru Member

    Last edited: May 5, 2017
    elytron, kille72, newprouser and 5 others like this.
  63. shibby20

    shibby20 Network Guru Member

  64. Jacky444

    Jacky444 LI Guru Member

    Thank you Shibby! For every thing! I'm sure I can speak for all, you and your updates were missed!
  65. Jacky444

    Jacky444 LI Guru Member

    After 5 months, I'm proud to present AdvancedTomato V3.4-140. I want to thank all other developers who participated in latest 140 release by Shibby! Sadly I don't have all the names of the developers and I don't want to leave some one out from credits, so I won't write down names!

    The update is huge, NVRAM clearing is highly recommended.

    Change Log
    Update 3.4-140 (GUI):
    - Synchronized changes with Shibby's 140 builds
    - Added customized scrollbars to the navigation and content container
    - Updated adminer to version 4.3.1
    - Fixed/Improved some cosmetics across all pages
    - Improved amount of numbers you can enter on QOS Settings page (Inbound/Outbound limits input)
    All versions (Shibby):
    – Allow to enable/disable APCUPSD daemon (disabled by default)
    – Updated mymotd script
    – kernel: (backport) fix reuse-after-free in DCCP
    – Collection of patches from M_ars to hopefully correct IPTraffic/Bandwidth monitor
    – Add -N flag to httpd (always send no-cache)
    – Allow to change listen interface for MiniDLNA
    – Add support for user-defined interfaces for Samba
    – libcurl: Add CA bundle support but only for AIO targets
    – AdBlock: improvements
    – samba, CVE-2015-5252; Subject: Insufficient symlink verification in smbd
    – samba, CVE-2012-0870; Subject: Remote code execution vulnerability in smbd
    – samba, Patch – Denial of service – CPU loop and memory allocation
    – Fix lack of BWM stats for WAN when using PPPoE
    – Fix some display issues in wireless rates
    – Add generation/use of ECDSA keys for SSH/Dropbear
    – Fix VLAN resetting to default
    – dropbear: disable MD5 support, for security reasons
    – Make bandwidth limiter work with IPv6
    – Fix /etc/shadow file. Fix authentication issue for CUPS
    – use for OUI lookup
    – nginx: updated to 1.10.3
    – nano: Updated to 2.8.0
    – sqlite: Updated to 3.18.0
    – tinc: update to 1.1pre14
    – OpenVPN: updated to 2.4.1
    – OpenVPN: upgrade bundled LZ4 library to 1.7.5
    – dnsmasq: Many changes ported from upstream up to March 17th, 2017
    – libsodium: Updated to 1.0.12
    – xl2tpd: Updated to 1.3.9
    – tor: Updated to
    – libcurl: Updated to 7.53.1
    – e2fsprogs: Updated to 1.43.4
    – libiconv: Updated to 1.15
    – libjson-c: Updated to 0.12.1
    – zlib: Updated to 1.2.11
    – sqlite: Updated to 3.17.0
    – usb_modeswitch: updated to 2.50 and data package to 20170205 (2017-02-05)
    – pcre: updated to 8.40
    – dnscrypt: updated to 1.9.4
    – openssl: Updated to 1.0.2k
    – gmp: updated to 6.1.2
    – nettle: updated to 3.3
    – busybox: update to 1.25.1
    – libnfsidmap: updated to 0.26
    – minidlna: Updated to 1.1.6
    ARM only (Shibby):
    – Add support of Asus RT-AC56S (Single-core clone of RT-AC56U)
    – R1D: Turn off USB 3.0 option
    – stealthMode and optware no longer to be installed
    – ipset: Updated to 6.32
    – Use kernel ext4 driver for all ext2/3/4 filesystems
    – Fix several ARM nvram utility bugs
    – kernel-arm: Patched all 2.6.36 kernel against CVE-2016-5195
    – kernel-arm: Disable router anycast address for /127 and /128 prefixes
    Last edited: May 9, 2017
    aelfinn, IcyTexx, cybrnook and 10 others like this.
  66. ramblefish

    ramblefish New Member Member

    I need your help in solving - How to organize PPPoE Relay in the firmware of TomatoUSB? For example for LAN 4.
  67. lubmar

    lubmar Connected Client Member

    THANKS !
  68. cajorys

    cajorys New Member Member

    Can i update directly from user interface from version 3.4-138 to 3.4-140? Just select a box to clear NVRAM after update?
  69. gffmac

    gffmac Networkin' Nut Member

    Yes that would work fine.

    Sent from my HTC 10 using Tapatalk
  70. lubmar

    lubmar Connected Client Member

    I just did the 140-VPN on my R6300v2 last night , so far no hiccups ... Thanks to all involved in making the firmware ...
  71. DracoMilesX

    DracoMilesX Networkin' Nut Member

    Ugh upgraded to the latest version with a NVRAM reset and now I am having the issue again that the original 2 VLAN's return after a reboot.

    Have now restored a back-up config that I created to be safe and it appears to be working.

    Even going into the terminal and adding the vlan through it with nvram set then nvram commit and a reboot returns the default original 2 VLAN's.

    Beside that the rest appears to be working great so far.
    Last edited: May 11, 2017
    misuercarriere likes this.
  72. misuercarriere

    misuercarriere Reformed Router Member

    Similar thing happens for me as well even after NVRAM reset. On my RT-N66U within the UI I cannot configure VLANs without the first 2 resting after reboot, but I can via SSH.
  73. DracoMilesX

    DracoMilesX Networkin' Nut Member

    Which way did you do it through SSH? with nvram set or another command?
  74. misuercarriere

    misuercarriere Reformed Router Member

    I used nvram set. I'm not super great with this stuff so I used this as a reference.
  75. DracoMilesX

    DracoMilesX Networkin' Nut Member

    Oke thanks I didn't do the nvram set manual boot part so that explains why it didn't stay for me.
  76. YanofMind

    YanofMind New Member Member

    AdvancedTomato V3.4-140
    Working well on my Asus RT-AC66U ...
  77. NanoG6

    NanoG6 Network Newbie Member

    Hi, does VPN build have torrent client built in?
    Currently I'm running AIO
  78. SJMarty

    SJMarty Serious Server Member

    Until yesterday, I had never heard of AdvancedTomato. I have been running the Shibby builds on both of my RT-AC66R routers for years. I was scouring the internet for a solution to what ended up being a non-problem. In my search results, I kept seeing "AdvancedTomato" show up so I decided to check it out.

    Let me just say this...WOW! This interface is NICE! I really like it and it's a welcome refresh. I get the best of both worlds - Shibby's builds with a beautiful interface.

    I wanted to take the time to thank the author and encourage anyone that is running one of Shibby's builds to check it out. I have no affiliation with the author. I'm just a Tomato user that appreciates the work he's done and is now an AdvancedTomato user. If you find yourself an AdvancedTomato user as well, the author has humbly put a "donate" button at the bottom of his page.

    Great job. Thanks Jacky!
  79. Jacky444

    Jacky444 LI Guru Member

    aelfinn, M_ars, Elfew and 5 others like this.
  80. Jacky444

    Jacky444 LI Guru Member

    I can't figure out GUI differences between ARM7 and ARM branches, so I compiled firmware as it is. I did some extra optimizations to the GUI files (little smaller size) but that's it. Routers will appear soon :)
    Elfew, Xstar13 and The Master like this.
  81. dingmel

    dingmel LI Guru Member

    Hey fellas. Has anyone managed to get dualwan working on the latest release? I've been having problems getting the VLAN's to stick after a reboot. SSH fixes it partially, as whenever it is set to 2 WANs, the 2nd WAN will not get an IP address, despite DHCP being enabled. I think its an existing issue, not sure if anyone had a workaround. I'm on an ASUS AC66U
  82. Jacky444

    Jacky444 LI Guru Member

    Preview for the new dark color scheme (many people asked for this):
    screencapture-192-168-1-1-444-1510275192156.png screencapture-192-168-1-1-444-1510275379819.png
    crashnburn, Xstar13, olavrb and 8 others like this.
  83. AndreDVJ

    AndreDVJ LI Guru Member

    Testing dark color scheme, looks awesome!
    Jacky444 and kille72 like this.
  84. Jacky444

    Jacky444 LI Guru Member

    Thanks! I'm also working on some other visual changes =)
    Last edited: Nov 12, 2017
  85. Edrikk

    Edrikk Network Guru Member

    Any thoughts about how challenging to do a PR into @kille72 or @pedro311 repos?
    Meaning would it be as simple as pulling the pages or do “core” files also have to be updated?

    Thinking whether with the all new Devs, if it makes sense to make this Tomato’s default (modern) theme for all... After all, even though the current theme and and tech for it was modern 20 years ago, well, that was 20 years ago...
    The Master likes this.
  86. Jacky444

    Jacky444 LI Guru Member

    I'm not sure. In general there is not much core changes required to make GUI work with other Tomato forks. But then it also depends on changes they did and so on. So there is no easy answer. Kille72 did try going with AT interface at first, but he changed his mind later. Why I don't know and honestly don't really care. I have my own fork only because no one else wanted to work with my interface.
    The Master likes this.
  87. The Master

    The Master Network Guru Member

    Tomato should make your GUI as Default.
    Jacky444, Severus and Edrikk like this.
  88. Edrikk

    Edrikk Network Guru Member

    The easiest way to do this might be to either just share a repo amongst Pedro, Kille, and Jacky (if they all agree), or make sure that all Pedro/Kille changes are in AT, and then refork from AT.

    People who think Tomato is defined by it UI are missing the point/fact that basically nothing in Tomato is the same (beyond the UI) compared to 20 years ago.
    Jacky444, Mercjoe and kille72 like this.
  89. Jacky444

    Jacky444 LI Guru Member

    After 6 months, I'm proud to present AdvancedTomato V3.5-140! This is GUI only update, so unless you want changes bellow you do not have to update your router at all.

    Change Log
    Update 3.5-140 (GUI):
    - Made default Bandwidth/IPTraffic color schemes the same (color combo)
    - Added GUI Changes for the VLAN pages thx to @tvlz
    - Static IPv6 configuration changes and improvements thx to @tvlz
    - Latest jQuery version for the GUI
    - Updated GUI optimization tools to make it smaller (little changes)
    - Don't call escape as base for CGI thx @Brian Bolton
    - Added missing custom MINIUPNP configuration box
    - Ajax requests timeout changed from 3 to 6 seconds
    - New Dark GUI Color scheme
    - Fixed timezones for Moscow and Kaliningrad
    - Other minor fixes and improvements to the graphical interface
    Goggy, aelfinn, szpunk and 5 others like this.
  90. IcyTexx

    IcyTexx Networkin' Nut Member

    Hvala susjed.

    Thanks! :D
  91. pomidor1

    pomidor1 Networkin' Nut Member

    thank you

    but now AdwancedTomato≠ Tomato by Shibby

    it is new different fork
  92. The Master

    The Master Network Guru Member

    Is this correct that this Version is based on Vanilla Shibby 140? Thanks for the Info.
  93. ah1465

    ah1465 Reformed Router Member

    @Jacky444 The website is not displaying correctly. Unable to get to download page for R7000.
  94. Jacky444

    Jacky444 LI Guru Member

    There are 2 links, one is invalid, fixing that now. Correct one is this:

    Please read FAQ on the page.

    Still same fork. Based on Tomato by Shibby. The update is GUI only.
  95. pegasus123

    pegasus123 Addicted to LI Member

    any chance to build AT interface for kille72 tomato?
    The Master likes this.
  96. aelfinn

    aelfinn New Member Member

    So this doesn’t include fixes for the KRACK WPA2 vulnerability? Would that have to come from upstream Tomato?
  97. Jacky444

    Jacky444 LI Guru Member

    Well not from me. I'm building all sorts of routers and Kille72 only supports ARM for now.

    NO! I'm tired of answering this f*** question.
    aelfinn and pegasus123 like this.
  98. Monk E. Boy

    Monk E. Boy Network Guru Member

    KRACK's only router-based vulnerability is 802.11r, AKA Fast Transition (FT). Everything else in KRACK is client-based.The only "fix" for KRACK router-side for non-802.11r (aka client) operations is to effectively break 802.11 operations that typically occur in areas with high interference (e.g. multidwelling homes, like apartments, townhouses, or tightly packed subdivisions) or if you're some distance from the router. Breaking 802.11 isn't a "fix" in my book.

    We should all just do it the right way and update our clients to not be vulnerable.
    kille72 and aelfinn like this.
  99. aelfinn

    aelfinn New Member Member

    I’m sorry you get this question more often than you’d like. I’m not an expert, and what I got from the “KRACK vulnerability in TomatoUSB?“ thread is that opinion is divided; ASUS themselves apparently think that they needed to patch a KRACK vulnerability in their routers.
  100. Jacky444

    Jacky444 LI Guru Member

    Its not about that at all. Takes 5min to check issues tracker or check forums a little and it becomes clear in few minutes that KRACK in Tomato CAN NOT BE FIXED.

    Every one is mailing me and annoying me with this question without even trying to search online. Do I look like Tech Support of a giant company like Asus? Is that really so similar? Are we all developers teamed up in bunch of groups/companies/teams? NO. We're ALONE. Trying to release something for free. And this sort of questioning makes all of this annoying. Meaning to me, it annoys the crap out of me and makes me delete the project. Makes sense?

    P.S.: The amount of time I'd spend to respond to all questions I'm getting, would result into more than 100 hours this year spent on support. My salary is about 20-30€ per hour that makes 2000-3000€ wasted for a job I NEVER applied. Just to explain things to bit more details.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice