[Fork] FreshTomato-ARM

Discussion in 'Tomato Firmware' started by kille72, Apr 15, 2018.

  1. AndreDVJ

    AndreDVJ LI Guru Member

    @Onee-chan In an Entware-ish style like what's been done for AsusWRT, it should be possible. Integrated with the firmware, it's yet another binary blob and a huge one, so for God's sake let's forget about it.

    Anything that needs a GUI change, along with further coding at ~/router/rc/ (most initialization code is there), it's a major PITA to deal with.

    You can potentially spend 1 day figuring out how to do a "small change" without breaking anything else. Anything within ~/router/rc/ is a high impact change.
     
  2. WildFireSG

    WildFireSG Addicted to LI Member

    @cobrax2 While I didn't exactly have this issue when accessing my local Tomato GUI via https, I renamed cert8.db and cert9.db via the method you shared and the rest of my Internet https surfing has been *noticeably* faster. I had noticed that TLS handshakes were taking longer than they should have. Never 30 seconds for me, but 5-10 seconds on average when it should be ms. Thanks for the PSA!
     
  3. Onee-chan

    Onee-chan Network Newbie Member

    Adblock Lists Updated

    Thanks to WaLLy3K and thelonelycoder for having all the lists sorted.
    https://firebog.net/WaLLy3K Website
    https://www.ab-solution.info/use/hosts-files.htmlthelonelycoder Website

    These are the lists that work without problems in Tomato:
    [​IMG]

    : Lists bulleted with a tick are least likely to interfere with browsing, where no one will be whitelisting falsely blocked sites
    : Lists bulleted with a For when someone is usually around to whitelist falsely blocked sites.
    !: Lists bulleted with a Exclamation mark has several Host Lists combined (There are only 2 in "Advertising Lists" #5 & #6)
    x: Lists bulleted with a cross block multiple useful sites (e.g: Amazon, Netflix, Social networks)
    *: Lists bulleted with a asterisk are the ones that I recommend to activate (But you can activate them all if you want)


    01. Suspicious Lists
    Code:
    ✓:
    https://hosts-file.net/grm.txt  |  * Suspicious #1 (529 Hosts)
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts  |  * Suspicious #2 (1,304)
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts  |  * Suspicious #3 (78)
    
    
    ►:
    http://winhelp2002.mvps.org/hosts.txt  |  * Suspicious #4 (12,617)
    http://someonewhocares.org/hosts/zero/hosts  |  * Suspicious #5 (13,535)
    http://sysctl.org/cameleon/hosts  |  Suspicious #6 (20,568)
    https://raw.githubusercontent.com/CHEF-KOCH/BarbBlock-filter-list/master/HOSTS.txt  |  Suspicious #7 (204)
    https://hostsfile.org/Downloads/hosts.txt  |  Suspicious #8 (25,264)
    https://raw.githubusercontent.com/vokins/yhosts/master/hosts  |  Suspicious #9 (6,675)
    
    x:
    https://hostsfile.mine.nu/hosts0.txt  |  Suspicious #10 (105,819)


    02. Advertising Lists
    Code:
    ✓:
    https://adaway.org/hosts.txt  |  * Advertising #1 (410 Hosts)
    https://hosts-file.net/ad_servers.txt  |  * Advertising #2 (45,744)
    http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext  |  * Advertising #3 (2,623)
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/UncheckyAds/hosts  |  * Advertising #4 (11)
    
    ►:
    https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts  |  *! Advertising #5 (60,859)
    https://raw.githubusercontent.com/notracking/hosts-blocklists/master/hostnames.txt  |  ! Advertising #6 (36,191)
    https://raw.githubusercontent.com/CHEF-KOCH/CKs-FilterList/master/HOSTS/CK's-Spotify-HOSTS-FilterList.txt  |  Advertising #7 (791)


    03. Tracking & Telemetry Lists
    Code:
    ✓:
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.2o7Net/hosts  |  * Track & Telem. #1 (1,111 Hosts)
    https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt  |  * Track. & Telem. #2 (378)
    https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hosts  |  * Track. & Telem. #3 (105)
    
    ►:
    https://raw.githubusercontent.com/CHEF-KOCH/Canvas-Font-Fingerprinting-pages/master/Canvas.txt  |  Track. & Telem. #4 (3,250)
    https://raw.githubusercontent.com/CHEF-KOCH/WebRTC-tracking/master/WebRTC.txt  |  Track. & Telem. #5 (706)
    https://raw.githubusercontent.com/CHEF-KOCH/Audio-fingerprint-pages/master/AudioFp.txt  |  Track. & Telem. #6 (382)
    https://raw.githubusercontent.com/CHEF-KOCH/Canvas-fingerprinting-pages/master/Canvas.txt  |  Track. & Telem. #7 (14,371)


    04. Malicious Lists
    Code:
    ✓:
    https://www.malwaredomainlist.com/hostslist/hosts.txt  |  * Malicious #1 (1,132 Hosts)
    https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Risk/hosts  |  * Malicious #2 (3,035)
    https://hosts-file.net/mmt.txt  |  * Malicious #3 (4,091)
    https://hosts-file.net/exp.txt  |  * Malicious #4 (1,157)
    https://hosts-file.net/emd.txt  |  * Malicious #5 (172,332)
    https://hosts-file.net/psh.txt  |  Malicious #6 (150,083)


    05. Other Lists
    Code:
    ✓:
    https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt  |  * Other #1 (337 Hosts)
    
    ►:
    https://zerodot1.gitlab.io/CoinBlockerLists/hosts  |  * Other #2 (8,844)
    https://raw.githubusercontent.com/Clefspeare13/pornhosts/master/0.0.0.0/hosts  |  * Other #3 (6,150)
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/pornography-hosts  |  * Other #4 (7,193)
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/snuff-hosts  |  * Other #5 (10)
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/gambling-hosts  |  * Other #6 (1,645)
    
    x:
    https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/social-hosts  |  Other #7 (1,161) - Social Media


    Proof that all lists work
    Code:
    Jul 15 09:25:58 RT-AC68P user.info adblock: [1] downloading blacklist - https://hosts-file.net/grm.txt
    Jul 15 09:26:04 RT-AC68P user.info adblock: ... [1] found 538 entries
    Jul 15 09:26:04 RT-AC68P user.info adblock: [2] downloading blacklist - https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts
    Jul 15 09:26:05 RT-AC68P user.info adblock: ... [2] found 1334 entries
    Jul 15 09:26:05 RT-AC68P user.info adblock: [3] downloading blacklist - https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts
    Jul 15 09:26:05 RT-AC68P user.info adblock: ... [3] found 78 entries
    Jul 15 09:26:05 RT-AC68P user.info adblock: [4] downloading blacklist - http://winhelp2002.mvps.org/hosts.txt
    Jul 15 09:26:07 RT-AC68P user.info adblock: ... [4] found 14354 entries
    Jul 15 09:26:07 RT-AC68P user.info adblock: [5] downloading blacklist - http://someonewhocares.org/hosts/zero/hosts
    Jul 15 09:26:09 RT-AC68P user.info adblock: ... [5] found 13869 entries
    Jul 15 09:26:09 RT-AC68P user.info adblock: [6] downloading blacklist - http://sysctl.org/cameleon/hosts
    Jul 15 09:26:13 RT-AC68P user.info adblock: ... [6] found 20569 entries
    Jul 15 09:26:13 RT-AC68P user.info adblock: [7] downloading blacklist - https://raw.githubusercontent.com/CHEF-KOCH/BarbBlock-filter-list/master/HOSTS.txt
    Jul 15 09:26:13 RT-AC68P user.info adblock: ... [7] found 422 entries
    Jul 15 09:26:13 RT-AC68P user.info adblock: [8] downloading blacklist - https://hostsfile.org/Downloads/hosts.txt
    Jul 15 09:26:17 RT-AC68P user.info adblock: ... [8] found 25586 entries
    Jul 15 09:26:18 RT-AC68P user.info adblock: [9] downloading blacklist - https://raw.githubusercontent.com/vokins/yhosts/master/hosts
    Jul 15 09:26:19 RT-AC68P user.info adblock: ... [9] found 6694 entries
    Jul 15 09:26:19 RT-AC68P user.info adblock: [10] downloading blacklist - https://hostsfile.mine.nu/hosts0.txt
    Jul 15 09:26:31 RT-AC68P user.info adblock: ... [10] found 106361 entries
    Jul 15 09:26:31 RT-AC68P user.info adblock: [11] downloading blacklist - https://adaway.org/hosts.txt
    Jul 15 09:26:32 RT-AC68P user.info adblock: ... [11] found 525 entries
    Jul 15 09:26:32 RT-AC68P user.info adblock: [12] downloading blacklist - https://hosts-file.net/ad_servers.txt
    Jul 15 09:26:39 RT-AC68P user.info adblock: ... [12] found 45757 entries
    Jul 15 09:26:39 RT-AC68P user.info adblock: [13] downloading blacklist - http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext
    Jul 15 09:26:40 RT-AC68P user.info adblock: ... [13] found 2636 entries
    Jul 15 09:26:40 RT-AC68P user.info adblock: [14] downloading blacklist - https://raw.githubusercontent.com/StevenBlack/hosts/master/data/UncheckyAds/hosts
    Jul 15 09:26:40 RT-AC68P user.info adblock: ... [14] found 11 entries
    Jul 15 09:26:40 RT-AC68P user.info adblock: [15] downloading blacklist - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
    Jul 15 09:26:47 RT-AC68P user.info adblock: ... [15] found 65642 entries
    Jul 15 09:26:47 RT-AC68P user.info adblock: [16] downloading blacklist - https://raw.githubusercontent.com/notracking/hosts-blocklists/master/hostnames.txt
    Jul 15 09:26:55 RT-AC68P user.info adblock: ... [16] found 72397 entries
    Jul 15 09:26:55 RT-AC68P user.info adblock: [17] downloading blacklist - https://raw.githubusercontent.com/CHEF-KOCH/CKs-FilterList/master/HOSTS/CK's-Spotify-HOSTS-FilterList.txt
    Jul 15 09:26:55 RT-AC68P user.info adblock: ... [17] found 812 entries
    Jul 15 09:26:56 RT-AC68P user.info adblock: [18] downloading blacklist - https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.2o7Net/hosts
    Jul 15 09:26:56 RT-AC68P user.info adblock: ... [18] found 1111 entries
    Jul 15 09:26:56 RT-AC68P user.info adblock: [19] downloading blacklist - https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
    Jul 15 09:26:56 RT-AC68P user.info adblock: ... [19] found 380 entries
    Jul 15 09:26:56 RT-AC68P user.info adblock: [20] downloading blacklist - https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hosts
    Jul 15 09:26:57 RT-AC68P user.info adblock: ... [20] found 109 entries
    Jul 15 09:26:57 RT-AC68P user.info adblock: [21] downloading blacklist - https://raw.githubusercontent.com/CHEF-KOCH/Canvas-Font-Fingerprinting-pages/master/Canvas.txt
    Jul 15 09:26:57 RT-AC68P user.info adblock: ... [21] found 3262 entries
    Jul 15 09:26:57 RT-AC68P user.info adblock: [22] downloading blacklist - https://raw.githubusercontent.com/CHEF-KOCH/WebRTC-tracking/master/WebRTC.txt
    Jul 15 09:26:58 RT-AC68P user.info adblock: ... [22] found 806 entries
    Jul 15 09:26:58 RT-AC68P user.info adblock: [23] downloading blacklist - https://raw.githubusercontent.com/CHEF-KOCH/Audio-fingerprint-pages/master/AudioFp.txt
    Jul 15 09:26:58 RT-AC68P user.info adblock: ... [23] found 591 entries
    Jul 15 09:26:58 RT-AC68P user.info adblock: [24] downloading blacklist - https://raw.githubusercontent.com/CHEF-KOCH/Canvas-fingerprinting-pages/master/Canvas.txt
    Jul 15 09:27:01 RT-AC68P user.info adblock: ... [24] found 19289 entries
    Jul 15 09:27:01 RT-AC68P user.info adblock: [25] downloading blacklist - https://www.malwaredomainlist.com/hostslist/hosts.txt
    Jul 15 09:27:01 RT-AC68P user.info adblock: ... [25] found 1137 entries
    Jul 15 09:27:01 RT-AC68P user.info adblock: [26] downloading blacklist - https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Risk/hosts
    Jul 15 09:27:02 RT-AC68P user.info adblock: ... [26] found 3035 entries
    Jul 15 09:27:02 RT-AC68P user.info adblock: [27] downloading blacklist - https://hosts-file.net/mmt.txt
    Jul 15 09:27:03 RT-AC68P user.info adblock: ... [27] found 4100 entries
    Jul 15 09:27:03 RT-AC68P user.info adblock: [28] downloading blacklist - https://hosts-file.net/exp.txt
    Jul 15 09:27:04 RT-AC68P user.info adblock: ... [28] found 1166 entries
    Jul 15 09:27:04 RT-AC68P user.info adblock: [29] downloading blacklist - https://hosts-file.net/emd.txt
    Jul 15 09:27:27 RT-AC68P user.info adblock: ... [29] found 173091 entries
    Jul 15 09:27:27 RT-AC68P user.info adblock: [30] downloading blacklist - https://hosts-file.net/psh.txt
    Jul 15 09:28:03 RT-AC68P user.info adblock: ... [30] found 150101 entries
    Jul 15 09:28:03 RT-AC68P user.info adblock: [31] downloading blacklist - https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt
    Jul 15 09:28:04 RT-AC68P user.info adblock: ... [31] found 353 entries
    Jul 15 09:28:04 RT-AC68P user.info adblock: [32] downloading blacklist - https://zerodot1.gitlab.io/CoinBlockerLists/hosts
    Jul 15 09:28:06 RT-AC68P user.info adblock: ... [32] found 8851 entries
    Jul 15 09:28:06 RT-AC68P user.info adblock: [33] downloading blacklist - https://raw.githubusercontent.com/Clefspeare13/pornhosts/master/0.0.0.0/hosts
    Jul 15 09:28:08 RT-AC68P user.info adblock: ... [33] found 6166 entries
    Jul 15 09:28:08 RT-AC68P user.info adblock: [34] downloading blacklist - https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/pornography-hosts
    Jul 15 09:28:10 RT-AC68P user.info adblock: ... [34] found 7235 entries
    Jul 15 09:28:10 RT-AC68P user.info adblock: [35] downloading blacklist - https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/snuff-hosts
    Jul 15 09:28:11 RT-AC68P user.info adblock: ... [35] found 12 entries
    Jul 15 09:28:11 RT-AC68P user.info adblock: [36] downloading blacklist - https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/gambling-hosts
    Jul 15 09:28:11 RT-AC68P user.info adblock: ... [36] found 1653 entries
    Jul 15 09:28:11 RT-AC68P user.info adblock: [37] downloading blacklist - https://raw.githubusercontent.com/Sinfonietta/hostfiles/master/social-hosts
    Jul 15 09:28:12 RT-AC68P user.info adblock: ... [37] found 1247 entries
    Jul 15 09:29:30 RT-AC68P user.info adblock: activated - 564669 entries
    Jul 15 09:29:30 RT-AC68P user.info adblock: add cron job
     

    Attached Files:

    Last edited: Jul 15, 2018
  4. cobrax2

    cobrax2 Serious Server Member

    it is only a temporary solution as i see it.
    can't the name of the certificate be changed by the team so it won't interfere with others, in the long term?
     
  5. rgnldo

    rgnldo Networkin' Nut Member


    interesting as it organizes the blocklist. I'd rather simplify two efficient blocklists that total more than 98,301 domains:
    AdsBlocking
    http://sbc.io/hosts/hosts
    https://raw.githubusercontent.com/notracking/hosts-blocklists/master/hostnames.txt

    NXDOMAIN List:

    https://raw.githubusercontent.com/oznu/dns-zone-blacklist/master/dnsmasq/dnsmasq-server.blacklist

    Currently I use Unbound server in FreshTomato and I configure the blacklist and whitelist in the Unbound configuration file, with the INCLUDE option. I do not use FreshTomato Adblock.

    https://raw.githubusercontent.com/oznu/dns-zone-blacklist/master/unbound/unbound.blacklist
    https://raw.githubusercontent.com/oznu/dns-zone-blacklist/master/unbound/unbound-nxdomain.blacklist
     
  6. ababaazz

    ababaazz Reformed Router Member

  7. beyondgrave

    beyondgrave New Member Member

    Is there a trick to enabling/mounting JFFS on AC3200? I always get "Stopped" when trying the "Format/Erase" button.

    Looked through the thread but didn't see an answer/solution. Sorry, if I overlooked it.
     
  8. pomidor1

    pomidor1 Networkin' Nut Member

    actually there is a problem with it, think about whether you need it, the have tomato is tab Administration / Script and you have there init etc.
    You can enter many things from the etnware / opetware guides here.
    there is an after mont tab in the usb section.

    And the entries themselves can be kept on the mounted, for example, the opt, nas directory
     
  9. bjlockie

    bjlockie Network Guru Member

    If you have spaces in the label (hostname) on the static IP page, the name gets truncated at the space on the Device List page. Either don't allow spaces to be entered and saved on the static page or better yet, don't truncate on the Device List page.
     
    koitsu likes this.
  10. Onee-chan

    Onee-chan Network Newbie Member

    So if you have the knowledge to make it possible, why do not challenge yourself and overcome it? (change your way of thinking)

    More satisfaction comes when you finish a challenge that was difficult, even if it did not give you the results you wanted, but at least you try and give the best of you.

    That's why Tomato is stuck, because nobody wants to challenge to try new things, the only one that always tried harder and challenged himself was @shibby20 (until he knew sex and abandoned everything for his penis).

    Thanks to @pedro311 and @kille72 for updating the packages and fix some bugs in Tomato.
     
    Last edited: Jul 12, 2018
  11. WildFireSG

    WildFireSG Addicted to LI Member

    @bjlockie If the field you mentioned was actually called "Label", your comment may apply. However, the field is called "Hostname" and as such a space is not a valid character in a Hostname via RFC 952 and subsequently updated in RFC 1153 which remains in place today.

    While the fields may allow for spaces, they are invalid for hostnames and should be avoided.

    "The Internet standards (Requests for Comments) for protocols mandate that component hostname labels may contain only the ASCII letters 'a' through 'z' (in a case-insensitive manner), the digits '0' through '9', and the minus sign ('-'). The original specification of hostnames in RFC 952, mandated that labels could not start with a digit or with a minus sign, and must not end with a minus sign. However, a subsequent specification (RFC 1123) permitted hostname labels to start with digits. No other symbols, punctuation characters, or white space are permitted."
     
    Techie007 and koitsu like this.
  12. WildFireSG

    WildFireSG Addicted to LI Member

    @Onee-chan Are you seriously complaining to one of the contributors (@AndreDVJ) about not challenging himself for the satisfaction of providing *you* with something else for free? Tomato is open source, and well, open for you to do all the things you are being so disgustingly disrespectful about. As for Shibby, and anyone else for that matter, he is free to do whatever he pleases.
     
  13. ruggerof

    ruggerof Network Guru Member

    Following the same principle you could embrace the challenge of installing it as already posted or even a much bigger challenge of learning how to code and contribute. Change the way you think.
     
  14. cobrax2

    cobrax2 Serious Server Member

    @kille72 please, can you tell me if it will be done at some point? sorry for being pushy, i just need to know if i should wait for it or not
    thanks again for the great work guys!
     
  15. AndreDVJ

    AndreDVJ LI Guru Member

    If you're talking about the adblock feature included, after figuring out the syntax it's literally a one-liner change at defaults.c for value adblock_blacklist. However, 32KB routers wouldn't like that list by default.

    Certain challenges to overcome don't exclusively depend on yourself. You need resources, such as:
    • Time
    • Hardware
    • Health
    Compiling images take forever. An AIO image takes about 25 minutes to build, because Make is a slowpoke.

    Well... I have many other challenges in my life, that obviously must take priority. I'm 30 years old already, working graveyards, responsible for very critical IT systems that affects ordinary lives like yours and mine.

    The price we pay for messing around with TomatoUSB source code, is seeing your unit like this:
    IMG_20160514_161941690.jpg
     
    peyton, Elfew, txnative and 10 others like this.
  16. rgnldo

    rgnldo Networkin' Nut Member

    Good to know about the behind the scenes compilations Tomato, its developers. My sincere thanks to you @AndreDVJ
     
    tripper22 likes this.
  17. rgnldo

    rgnldo Networkin' Nut Member

    :) very good
     
  18. bjlockie

    bjlockie Network Guru Member

    Then don't allow whitespace to be entered.
    My opinion is that is used as a label and not a hostname so it should not be truncated.
     
  19. koitsu

    koitsu Network Guru Member

    1. It's a hostname, not a comment/description/label. And it must remain a hostname. This is important, it has to stay that way; the NVRAM variables cannot be repurposed without completely breaking backwards-compatibility (it would cause major, and I do mean MAJOR, problems for anyone who upgraded). If you want to talk about the "why", or the internals, I'd be happy to.

    2. The UI for that field should not allow non-RFC-1123-compliant characters. That's absolutely a bug and definitely needs to get fixed. I'm in complete agreement with you!

    Some details:

    Allowed characters in a hostname in this scenario are well-established per RFC 1123 and general use: ASCII alphanumeric (a through z, and 0 through 9), and hyphen/dash/minus (but cannot start or end with it). No other characters should be are allowed, and that includes underscore (these are DHCP hostnames (i.e. computers), not DNS service records (e.g. SRV)!). Capitals/uppercase are allowed -- people like to sometimes name their machines "BobsLaptop" for clarity/legibility -- and DNS is case-insensitive so this is good. There is also a 63-character limit. Tomato does not support IDN for DHCP/etc. (dnsmasq is built with no-IDN).

    Also while here, because this still comes up occasionally in 2018): a hostname refers to the host portion of an FQDN, i.e. if the FQDN is "snakes.in-the-grass.org", the hostname is "snakes". The FQDN is limited to 253 characters.

    Mainly for devs etc. -- no I am not delegating work, I am simply stating this for archival purposes so if someone wishes to do the work, they know some details:

    There are already some Tomato Javascript functions that handle this, I believe. I'd have to dig through it to verify, but as we all know, the Tomato JS is some pretty awful/horrific code. There should be a function that at least inhibits whitespace, which would be better than nothing. A regex of [0-9A-Za-z-]+ would be sufficient, followed by an if() to ensure there is no starting or trailing hyphen.
     
  20. BusyBoxer

    BusyBoxer Networkin' Nut Member

    I think what I thought was a bug might be but not with the freshtomato-arm but with the software being used. I will do better testing and re-post if I can see the issue reliably. Mods feel free to delete this post if it will help keep things clean.
     
    Last edited: Jul 14, 2018
  21. lukychan

    lukychan New Member Member

    Hi, come across bug in freshtomato 2018.3 on DLINK-868L. Seems like smbd/nmbd deamons are not working because they have dependency on libz.so which is not on the system
     
  22. cliffcc

    cliffcc New Member Member

    When both upnp and NAT-pmp are enable. None of them are working. Is that a bug?
     
  23. Onee-chan

    Onee-chan Network Newbie Member

    I was not talking about Adblock, I was talking about DNSCrypt v2:

    @bigeyes0x0 To make DNSCrypt v2 work in Asuswrt-Merlin, he did the following:
    Can not you do the same and make DNSCrypt v2 work in Tomato?


     
    Last edited: Jul 15, 2018
  24. aerogems

    aerogems New Member Member

    Sorry to post such a simple question, but I've been been absent from the router firmware world for a while. I'm currently running the Shibby v140 build, or more specifically the AdvancedTomato 3.5 version of it, on an R7000. Would I be fine just flashing the 2018.3 AIO build the same way I would a new version of the Shibby/AdvancedTomato or is there something else I'd need to do?

    Again, sorry to ask such a pedestrian question, but money's a bit tight at the moment so really can't afford to just go out and get a new router if I happen to brick this one.
     
  25. Wizardknight

    Wizardknight Serious Server Member

    You will probably be fine. I have been dirty upgrading or reusing my backup file on my R6300v2 since Shibby v138 I think.
     
    masster likes this.
  26. txnative

    txnative Addicted to LI Member

    Maybe specify make and model, firmware version? I may not have your make/model, but I've been testing on my R6300v2 for both VPN & AIO freshtomato-arm and advancedtomato-arm, have not seen a problem using upnp/nat-pmp when using my playstation or xbox. Have you done a clean install?

    Another quich note; I never used the Tor project and as for today, I just enabled it set the Selected Ports and in no time my traffic was being transferred over tor network, my location was different location for my lan computer and laptop were in two separate locations and ip's. However it seem to work just though let the group know.
     
  27. Onee-chan

    Onee-chan Network Newbie Member

    Adblock Lists Updated - Link
    Today I updated the Adblock List adding hosts to Block Porn in the section "05. Other Lists" and update the recommended hosts with the same recommended in Pi-Hole and AB-Solution (Screenshot)


    Other:
    As DNScrypt v2 is not possible to install on Tomato to use DNS over HTTPS (DoH) with Cloudflare DNS, then I am using DNScrypt v1 that is installed on Tomato with AdGuard DNS to try to block the maximum possible of Advertising and works excellent, together to Adblock feature in Tomato.

    DNScrypt Settings:
    [​IMG]
     
    Last edited: Jul 15, 2018
    nodnarb91 likes this.
  28. cliffcc

    cliffcc New Member Member

    My setup is Netgear R7000 with 2018.3
    Clean install.
    If I Enable either upnp or NAT-PMP alone it will work.
    The issue is if I enabled both of them, none of them will work.
     
  29. Wizardknight

    Wizardknight Serious Server Member

    Does anyone know the command to disable the white netgear led lit logo on a R6300v2?
     
  30. txnative

    txnative Addicted to LI Member

    I see when both are enabled and your using r7000, but these two supported models are built the same as far as fresh tomato firmware is concerned, however you seem to be using 2018.3 while I'm on 2018.4 and as I remembered some instances where I had to click refresh or apply the settings, when I ran a connection test on the playstation to get the unpnp to be recognized I did one or the other but the problem seem to had went away, I'm on 2018.4 version now as both VPN, AIO upnp-nat-pmp don't fail when both enabled, my daughter is the only one with apple devices that don't seem to have a problem with nat-pmp as I don't seem to notice or have something to test the nat-pmp. I don't now if this helps or not as I'm just doing testing on AIO and some it's features since I just mainly use VPN builds, but as of now upnp and nat-pmp when both are enabled upnp functions as normal while using 2018.4 K26ARM USB AIO-64K.
     
  31. txnative

    txnative Addicted to LI Member

    I guess your r6300v2 is not like mine as mine doesn't light up it's a charter model.
     
  32. bjlockie

    bjlockie Network Guru Member

    I did that, no problems here.
     
  33. WildFireSG

    WildFireSG Addicted to LI Member

    An alternative is to initiate the following command...

    [​IMG]
     
  34. Looking in the dd-wrt forum, I found that the command "gpio disable 1" from either telnet prompt or as a startup script will disable the Netgear LED. I had to do this when I had an R6250 which is very similar to the R6300v2 and it worked. In both dd-wrt and tomato, I had it run as startup command.
     
    Wizardknight likes this.
  35. ruggerof

    ruggerof Network Guru Member

    This is the command I use in one of the LEDs of my AC66U.
     
  36. Aardvark

    Aardvark Serious Server Member

    I have used this command also. However, I found that if I reverted the command too many times, the command would no longer stick.
     
    BusyBoxer, ruggerof and WildFireSG like this.
  37. Wizardknight

    Wizardknight Serious Server Member

    Thank you. That worked.
     
  38. aerogems

    aerogems New Member Member

    So, unless I'm just missing something blindingly obvious... would it maybe be possible to add a "check for update" function in a future version? Ideally it could send you an email or something when there's a new update, and you could download and install the new version from the upgrade page, but even if it just took you to the download mirror, I'd consider it a big win.
     
  39. Edrikk

    Edrikk Network Guru Member

    @kille72 @pedro311

    Was going through the netfilter (mostly _core.c) changes in Kernel and found a number that hadn't been ported over. Compiled and running fine here. There's a decent chance that the last one ( 806afef ) might be related to the "kern.warn kernel: nf_conntrack: table full, dropping packet." error... at least by the words of the commit log it might be one of the reasons why it happens.

    • ae2bc2b Fixing the `uname -r` issue in readme
    • 85a3738 mac80211: fix conn_mon_timer running after disassociate Low level driver could pass rx frames to us after disassociate, what can lead to run conn_mon_timer by ieee80211_sta_rx_notify(). That is obviously wrong, but nothing happens until we unload modules and resources are used after free. Per upstream: https://git.kernel.org/pub/scm/linu.../?id=05e7c99136554789e4cc060a63334ccaa08ad62d
    • ca79167 netfilter: nf_conntrack: fix event flooding in GRE protocol tracker GRE connections cause ctnetlink event flood because the ASSURED event is set for every packet received. Per upstream: https://git.kernel.org/pub/scm/linu.../?id=98d9ae841ad620045d653fb05764e4a899f42dbd
    • f10493f netfilter: nf_conntrack: fix ct refcount leak in l4proto->error() Tomato doesn't have icmp module, but this fix is still relevant. This patch fixes a refcount leak of ct objects that may
    • c7eed6f netfilter: nf_conntrack: fix early_drop with reliable event delivery If reliable event delivery is enabled and ctnetlink fails to deliver the destroy event in early_drop, the conntrack subsystem cannot drop any the candidate flow that was planned to be evicted. Per upstream: https://git.kernel.org/pub/scm/linu.../?id=741385119706d4370eb7899c5ca96ad125c520e5
    • 1660f84 netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT The TCP tracking code has a special case that allows to return NF_REPEAT if we receive a new SYN packet while in TIME_WAIT state. In this situation, the TCP tracking code destroys the existing conntrack to start a new clean session. [DESTROY] tcp 6 src=192.168.0.2 dst=192.168.1.2 sport=38925 dport=8000 src=192.168.1.2 dst=192.168.1.100 sport=8000 dport=38925 [ASSURED] [NEW] tcp 6 120 SYN_SENT src=…
    • 806afef netfilter: nf_conntrack: fix count leak in error path of __nf_conntrack_alloc We have to decrement the conntrack counter if we fail to access the zone extension. Per upstream: http








     
    tripper22, kille72, NeverMore and 4 others like this.
  40. pedro311

    pedro311 Networkin' Nut Member

    NeverMore likes this.
  41. Edrikk

    Edrikk Network Guru Member

    :)
    Yeah.. Had some time... So backported a few more...
    Done for now. :)
    • 2c084b1
      ext2: Fix error handling on inode bitmap corruption When insert_inode_locked() fails in ext2_new_inode() it most likely means inode bitmap got corrupted and we allocated again
    • 99dd327
      ext3: Fix error handling on inode bitmap corruption When insert_inode_locked() fails in ext3_new_inode() it most likely means inode bitmap got corrupted and we allocated again inode which is already in use. Also doing unlock_new_inode() during error recovery is wrong since inode does not have I_NEW set. Fix the problem by jumping to fail: (instead of fail_drop) which declares filesystem error and does not call unlock_new_inode(). Per upstream: h…
    • aac5e50
      ARM: 6891/1: prevent heap corruption in OABI semtimedop When CONFIG_OABI_COMPAT is set, the wrapper for semtimedop does not bound the nsops argument. A sufficien
    • 5e22a86
      cifs: fix possible memory corruption in CIFSFindNext The name_len variable in CIFSFindNext is a signed int that gets set to the resume_name_len in the cifs_search_info. The resume_name_len however is unsigned and for some infolevels is populated directly from a 32 bit value sent by the server. If the server sends a very large value for this, then that value could look negative when converted to a signed int. That would make that value pass the PATH…
    • e6fe613
      using smatch. Per Upstream: https://git.kernel.org/pub/scm/linu.../?id=934eed395d201bf0901ca0c0cc3703b18729d0ce"> logfs: Prevent memory corruption This is a bad one. I wonder whether we were so far protected by no_free_segments(sb) usually being smaller than LOGFS_NO_AREAS. Found b
    • 2d63610
      netfilter: ebtables: fix wrong name length while copying to user-space user-space ebtables expects 32 bytes-long names, but xt_match names use 29 bytes. We have to copy less 29 bytes and then, make sure we fill the remaining bytes with zeroes. Per upstream: https://git.kernel.org/pub/scm/linu.../?id=848edc69192a38bf9d261032f248b14f47e6af8b
    • e0b9833
      netfilter: ipset: dumping error triggered removing references twice If there was a dumping error in the middle, the set-specific variable was not zeroed out and thus the 'done' function of the dumping wrongly tried to release the already released reference of the set. The already released reference was caught by __ip_set_put and triggered a kernel BUG message. Per upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=be94db9dda…
    • d913e06
      netfilter: ip6 ip_queue: Fix small leak in ipq_build_packet_message() Per upstream: https://git.kernel.org/pub/scm/linu.../?id=91c66c6893a3e2bb8a88a30cb76007d5d49d32c9
    • 40fec6e
      netfilter: ip4 ip_queue: Fix small leak in ipq_build_packet_message() Per upstream: https://git.kernel.org/pub/scm/linu.../?id=91c66c6893a3e2bb8a88a30cb76007d5d49d32c9

    • 548b6e8
      netfilter: ip6_route_output() never returns NULL. ip6_route_output() never returns NULL, so it is wrong to check if the return value is NULL. Per upstream: https://git.kernel.org/pub/scm/linu.../?id=5d38b1f8cf8798d4df7809b3f3e38fad4d923e85
     
    Techie007, tripper22, Joe A and 6 others like this.
  42. lepa71

    lepa71 Networkin' Nut Member

    Hi all

    I'm wondering if this is a known issues/bug. I have LinksysEA6300v1 with 2018.3 installed. I only some channels when I use 80 Channel bandwidth. Like 149 on lower or 157 and 161 on upper.

    Does anybody have a similar issue? I already try to switch to US.

    Thanks
     
  43. monoton

    monoton Serious Server Member

  44. woody99

    woody99 Reformed Router Member

    I'd like to setup an Entware/FreeRadius Server from the (few) guides available on the net.

    Before I start, Is WPA2-Enterprise functional in the FreshTomato builds?

    Thanks.
     
  45. bjlockie

    bjlockie Network Guru Member

    How do I rename tomato_cstats_40167e6c8420.gz?
    I want to call it "ip_usage_stats.gz" on the router?
    Same question for rstats.
    I want the router to store it as "bandwidth_stats.gz".
     
  46. bjlockie

    bjlockie Network Guru Member

    I think the "IP Traffic" page should display the hostnames instead (or in addition to the IPs).
    I gave all my devices static IPs and it would be nice to have the IP->hostname association reflected on the graphs.
     
  47. Aardvark

    Aardvark Serious Server Member

     

    Attached Files:

    • IPT.png
      IPT.png
      File size:
      55 KB
      Views:
      44
  48. bjlockie

    bjlockie Network Guru Member

    Mine is set to display hostnames and IPs BUT it only shows IPs on the graphs.
    It does show both on everything else.
     
  49. bjlockie

    bjlockie Network Guru Member

    I have the save history location custom path set to /mnt/tmp/sdb1/ and the save frequency set to every hour but I am not seeing any new file.
     
  50. bjlockie

    bjlockie Network Guru Member

    I figured it out. :)
    Give it a file name instead of a path for the custom path.
     
  51. The Pro Flasher

    The Pro Flasher Serious Server Member

    Hi just wondering out of the following routers which ones are protected against VPNFilter and KRACK:

    Netgear:

    R6300v2
    R6400
    R7000
    R8000

    Asus:
    AC68U
    AC3200

    Much appreciated.
     
  52. Combat619

    Combat619 Connected Client Member

    They are or were vulnerable by VPN filter netgear are ok but they take their sweet time to release updates for their devices Asus is better you can install pretty much any third parties firmware
    Sent from my SAMSUNG-SM-G920AZ using Tapatalk
     
  53. lepa71

    lepa71 Networkin' Nut Member

  54. galex111

    galex111 LI Guru Member

    Hi guys, can someone using Netgear R7000 with FreshTomato-ARM (and may be not only Netgear but Asus also) share here the results of Read/Write speed of USB2/USB3 drive connected to the router ?
     
    Last edited: Jul 22, 2018
  55. The Pro Flasher

    The Pro Flasher Serious Server Member

    Thank you for that response but I was wondering about those routers specifically using Fresh Tomato firmware.

    Protected against VPNFilter and KRACK?

    Netgear:

    R6300v2
    R6400
    R7000
    R8000

    Asus:
    AC68U
    AC3200
     
  56. galex111

    galex111 LI Guru Member

    Hi guys, can someone using Netgear R7000 with FreshTomato-ARM (and may be not only Netgear but Asus also) share here the results of Read/Write speed of USB2/USB3 drive connected to the router ?

    As to me on 2018.3 I only got the following (W is faster than R, strange ...):
    USB2: R ~12MB, W ~18Mb
    USB3: R ~17MB, W ~32Mb <- I tested few times !

    With the same time on original Shibby (v.140) I had another results (W is a little bit slower than R):
    USB2: R ~19MB, W ~18Mb
    USB3: R ~27MB, W ~23Mb

    And on original Netgear's FW I've got more "reasonable" speed (R is faster than W):
    USB2: R ~20MB, W ~15Mb
    USB3: R ~40MB, W ~30Mb <- the best results I had !

    Why speed on 2018.3 is different from original Shibby's ? Any comments, ideas .... ?
     
    Wizardknight likes this.
  57. Combat619

    Combat619 Connected Client Member

    Most of VPN filter leakage is affecting stock firmware I haven't hear of any infections on a third party firmware you download symantec to check if your device is or not infected
    Sent from my SAMSUNG-SM-G920AZ using Tapatalk
     
  58. Mercjoe

    Mercjoe Network Guru Member


    Against KRACK? None of them are protected.

    VPN filter? Your guess is as good as anyone's as they have not released the infection threat vector yet, Nobody knows.
     
  59. Mercjoe

    Mercjoe Network Guru Member

    Nope. You are reading correctly based on the config you are showing.
     
  60. pedro311

    pedro311 Networkin' Nut Member

    AC3200 and R8000 on Freshtomato have WL driver patched already against KRACK.
    The rest - we're working on it.
     
  61. WildFireSG

    WildFireSG Addicted to LI Member

    @kille72 @pedro311

    Can someone please explain again why the Cloudfare servers (1.1.1.1) are not available via the dnscrypt-proxy in 2018.3 and will they be included in 2018.4? I'm a little confused about it. They are showing on https://dnscrypt.info/public-servers/ but the dropdown on the router skips right over them. Perhaps they were not on the list at the time 2018.3 was built? Thanks in advance.
     
  62. pedro311

    pedro311 Networkin' Nut Member

    Look closer. CF servers are only using DNSoTLS, not dnscrypt-proxy v1 protocol.
     
    WildFireSG likes this.
  63. WildFireSG

    WildFireSG Addicted to LI Member

    @pedro311 Thank you.
     
  64. roberthuang

    roberthuang Serious Server Member

    Can someone confirm if the 2.4GHz performance issue on R6250/R6300v2/R6400 has been fixed by Fresh-Tomato or not? Thank you very much.
     
  65. Starbuck99

    Starbuck99 Network Newbie Member

    Linksys EA6700 and EA6900 OpenVPN loosing of 2.4gHz wifi after a while.

    I don't know why, but I tested it with VPN as well as AIO freshtomato firmwares latest build 2018.3

    When activating OpenVPN, after a few hours the 2.4gHz wifi just drops the connection - you can see the SSID, however the password is not accepted and no clients can connect to the 2.4gHz signal.

    The 5gHz signal still works fine.

    Maybe a buffer overrun, corrupting some of the variables?

    Your attention to this little problem is greatly appreciated!

    Thanks.
     
  66. theredmoose

    theredmoose Networkin' Nut Member

    Firstly, thank you for bringing tomato back. I thought it was going to die out on us for awhile.

    I was wondering if anyone might know why I would be getting slower download speeds than upload speeds.

    I have a 1GB down and up connection from Bell Canada and I have an Asus AC68 running the latest fresh tomato build. However when running speed tests I can only get 80 mbps down and 200 up. I do have CTF enabled.

    When I run the same test directly to the Bell Wifi my speeds are around 300/350 mbps, respectively.

    Any ideas would be appreciated.
     
  67. russwmc

    russwmc Network Guru Member

    Really glad to see Tomato updates! I've been using Shibby 140 on a number of routers for a while but had a problem with wireless client on the Netgear platform. On E4200, and others, it works great for wireless WAN but on the R6250 and R7000 it does not. The client will not get a DHCP address from the primary router. Was hoping it would on FreshTomato but it has the same problem, won't connect. Has anyone else made it work on the R6250, R6300V2, R7000 platforms? Client works on the Linksys E and EA platforms just not Netgear (ARM at least). TIA.
     
    Last edited: Jul 25, 2018
  68. Jose C

    Jose C Serious Server Member

    Quick question, on R7000 running the latest FW from Netgear, to flash freshtomato, I just go to initial and then current version right?
    I’m asking because I had one previously bricked while going from stock to initial (flash it by mistake while Wireless rather than wired)


    Sent from my iPhone using Tapatalk
     
  69. russwmc

    russwmc Network Guru Member

    You should reset the R7000 to default settings on the factory firmware. Then load the .chk FreshTomato firmware with reset NVRAM. Then load theFreshTomato .trx firmware, I'd also reset NVRAM on that load too. Should be 192.168.1.1 and username admin, password admin. YMMV
     
    Last edited: Jul 25, 2018
    Jose C likes this.
  70. BusyBoxer

    BusyBoxer Networkin' Nut Member

    try setting the security type (on the tomato acting as the client) to WPA/WPA2 instead of just wpa2... not sure if this is the issue you are having but I have had to do it this way for shibby/tom for every version I can remember.
     
  71. russwmc

    russwmc Network Guru Member

    It's not an option to choose WPA2, forces the WPA/WPA2 option. Also have tried AES, AES/TKIP option (it's AES). You're giving me hope if you've made it work on a Netgear Rxxxx router! I haven't yet, Even my EA6900 has worked, just not a Netgear. WOAH! I just made it work with an unencrypted connection, thought I tried that earlier but obviously not!, ok, now to try other stuff... I will report shortly
     
    Last edited: Jul 25, 2018
  72. russwmc

    russwmc Network Guru Member

    Definitely an encryption problem. Works unencrypted. Tried WEP just for fun, doesn't work. Needless to say no encryption is not an option... :) Thanks for replying, got me testing further, so it works on 2.4 and 5 GHz without encryption. As soon as I put any encryption on the wifi connection it won't work on the N6xxx and N7xxx platform. It does work on E4200, E6900 and E3200. Also, I tried a static IP for the WAN connection, it also doesn't work with encryption, the overview page will say connected but it isn't. It does work without encryption and a static address... Need to emphasize the problem is only with Wireless Client mode for WAN connection, the access point works fine.
    EDIT: Hadn't needed this on the R7000 before, discovered this has been a bug for years. Hopefully it will get fixed with FreshTomato. Glad Tomato is still being worked on!
     
    Last edited: Jul 26, 2018
  73. galex111

    galex111 LI Guru Member

    No any comments or own USB2/USB3 speedtest results which you can share here ?
     
  74. ruggerof

    ruggerof Network Guru Member

    A few years ago I was only able to flash my R7000 with the initial .chk after I downgraded the R7000 Netgear firmware.
     
  75. tripper22

    tripper22 Serious Server Member

    My R6300V2 2.4GHz performance suffers with FreshTomato. Others here have had no problems with 2.4GHz on the same model. Maybe there was some kind of unlisted hardware revision at some point. I used Kong's DD-WRT 2018-05-31 build and everything works great on my router. I wish FreshTomato was running on it but I tried everything and the 2.4GHz still suffered. First world problems. Thanks again to the FreshTomato team!!
     
    Last edited: Jul 25, 2018
  76. Joe A

    Joe A Networkin' Nut Member

    Is this only available in the AIO build? I don't see it in the VPN build. Or is it an extra package to install?
     
  77. lepa71

    lepa71 Networkin' Nut Member

    Can somebody confirm how many channels they see when sttingis 80? Please

    Thanks
     
  78. tripper22

    tripper22 Serious Server Member

    Netgear R7000 Set to United States: Auto, 40 and 153. And If I change the country like monoton says below me I have the same options as he does
     
    Last edited: Jul 26, 2018
  79. monoton

    monoton Serious Server Member

    I have Linksys EA6400, EA6700 and EA6900.

    With BOTSWANA (BW), LIBERIA (LR), SAUDI ARABIA (SA), UGANDA (UG) and SAMOA (WS) I have six 80MHz channels.

    With AUSTRALIA (AU), CHRISTMAS ISLAND (CX) and KIRIBATI (KI) I have five 80MHz channels.
     

    Attached Files:

  80. lepa71

    lepa71 Networkin' Nut Member

    So Is this a bug or there is a config file that can be changed to have all channels present? Thanks
     
  81. Mercjoe

    Mercjoe Network Guru Member

    It is not a bug.

    Different geographical areas have different rules on the what frequencies can be used. We are fortunate that we retain the ability to change the region in our settings as it allows us to access some frequencies that would otherwise be out of bounds.

    The firmware will adjust the options such as signal strength and channel availability based on the geographic locations you define.
     
    koitsu likes this.
  82. Monk E. Boy

    Monk E. Boy Network Guru Member

    One thing that may be worth mentioning is that if you're living in the US and set your router to use a frequency that isn't allowed in the US, you are unlikely to be able to connect clients to that router unless they are also set to the region you specified.

    For a time some people were enabling channel 14 on 802.11b/g routers and using that to avoid interference since it's completely free of interference from 11. However they couldn't just pick up their cell phone and connect it, they had to root the phone and force it to run in a different region and only then could it connect. And be sure you chose a region that also included 1-11 because otherwise your client would have trouble connecting to other WiFi networks.

    Its best to just play by the rules and not try to game the system. It's not just easier you also don't run the risk of receiving a fine (or worse).
     
    Tony Ramirez likes this.
  83. lepa71

    lepa71 Networkin' Nut Member

    How is it not a bug? My router is set to US for both 2.4 and 5 band. I'm missing standard channels that should be there but they are not.
     
  84. fakedbatman

    fakedbatman Serious Server Member

  85. Yim Sonny

    Yim Sonny Serious Server Member

    That guide has an exceptionally large amount of extra steps. Let me simplify it for you.
    1 - Clear NVram thorough.
    2 - perform steps 1,2 and 3 of that guide.
    In step one, also check the box that says "bridge WAN port to primary LAN"
    In step 2 do not change the IP address to 192.168.1.77 or any other IP address in your subnet.
    If your main router is 192.168.1.1 then give the access point a LAN IP that is in a new subnet. Something like 192.168.33.8 will be fine. The router is now an access point. It bridges packets from the wireless interface to the wired LAN interface ( at layer two ) and does not need to be on the same subnet to accomplish that.

    Reboot and be sure the access point is connected to your network with a network cable. The WAN port is now part of the LAN so you can stick the cable into any one of the 5 holes on the back of the box. Connect to the default wireless SSID with a wireless client and you will obtain an IP address from the main router and will be able to browse the web or connect to other devices or printers on your LAN network.

    Now assign an IP address to one of your LAN computers that is in the 192.168.33.x subnet. Log into your access point at the address of 192.168.33.8 that you gave it in step two. Set the wireless channel and encryption to your liking. Write the address 192.168.33.8 on a piece of paper along with the user name "root" and password "admin". Tape that piece of paper to the bottom of the access point even though you prolly will not need to log into it for about 4 years when it is worn out and ready to be replaced. Set you computer back to DHCP if you use DHCP for that device.
     
  86. user17600

    user17600 Reformed Router Member

    Quick question - will the next version include a fix for the 10 device limitation on 2.4gHz found on the SDK6 versions (specifically the R7000 in my case)?
     
    Last edited: Jul 29, 2018
  87. Mercjoe

    Mercjoe Network Guru Member

    Once again: For the 5 GHz band, in your screen capture with 80 MHz channels with the upper/lower band controls you defined, you have the channels that are available to a US defined geographical location.

    If you want access to more channels then lower your channel width to 40 MHz . Drop it to 20 MHz if you want access to all the channels.
     
  88. KyleS

    KyleS LI Guru Member

    Care to include some lineage on this?
     
  89. user17600

    user17600 Reformed Router Member

    Sure.

    - https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-6#post-298071
    - https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-6#post-298084
    - https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-6#post-298103

    What I don't know is if the commit is for SDK6 or 7, or both.

    (I didn't realize I was even having this problem until it surfaced here. I kept getting drops of certain 2.4gHz devices and I thought it was the device, when in fact it was the competition for 2.4gHz DHCP slots. Once I moved as many devices as I could over to 5gHz, some of the drops went away. But I had to move all my IoT devices to a separate AP - and I would like to get them all back on my R7000. They are all 2.4gHz only - thus the question.)

    Cheers,
     
  90. thomaz

    thomaz Networkin' Nut Member

    I have the same problem.
    A dvbviewer tv stream (acer w500, atheros chipset) with ~1,5 mbyte/s drops every 10-30 minutes down to ~800 kbytes on my R7000 (Singapore, all other is default).
     
  91. lepa71

    lepa71 Networkin' Nut Member

    I still don't understand why dropping to 20 MHz would have all channels and 80 MHz wouldn't. Are you saying that there is no difference between 20 and 80 Mhz in settings? I just don't get it that every other firmware( OEM or aftermarket) except Tomato shows all channels and it is still not a bug or configuration issue.
    This is how other Asus router shows and I expect that this is how it would look like in Tomato. The similar look would be from TP-Link, Netgear and Linksys routers I have and set up for friends and family members over the years. I don't remember exactly but I think I didn't have to drop to 20 from 40 when I was using E2500 with Shibby's firmware on 5 GHz band.

    upload_2018-7-29_10-47-54.png
     
  92. Wizardknight

    Wizardknight Serious Server Member

    Though I am not a dev, I suspect that you are only seeing a limited number of channels due to bonding.
    Rather than letting you pick the channel you want, and bonding the next two they have preselected these channels and not shown the next 1 or 2 assuming they will be reserved for bonding purposes on 40 and 80 MHz.
     
  93. apreslin

    apreslin Connected Client Member

    I know that Shibby versions didn't show DFS channels for me on my RT-AC3200. There was a bug report here about it: https://bitbucket.org/pl_shibby/tomato-arm/issues/119/channel-selection-5ghz-ac-80mhz This is not the case on FreshTomato for me, I see all channels including DFS with my region set to US.

    In the US, DFS channels are 52, 56, 60, 64, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, and 144. Reference: https://www.networkcomputing.com/wi...cy-selection-part-3-channel-dilemma/438580919

    graphic-80211-acChannels-all.jpg

    In the US, DFS excluded channels are 36, 40, 44, 48 / 149, 153, 157, 161, 165. Each of those channels are 20MHz, so if you're using 80MHz, that gives you only 2 80MHz channels that are not DFS.

    graphic-80211-acChannelAvailability.jpg

    If you are setting a 80MHz channel, you are actually using 1 20MHz control channel with 3 20MHz extension channels, but it will not list out all those 4 channels in Tomato. You can only see all the channels when you have it set to 20MHz channels. Personally, when I've messed around with DFS channels, it doesn't seem worth using them even though they are not being used by people nearby. Certain devices that I had would not see DFS channels and the nature of DFS turning off the channel if it detects radar for a period of time also doesn't seem worth it because I live in a city near 2 airports. Decent article to read about DFS: https://www.adriangranados.com/blog/practical-intro-dfs

    On FreshTomato in my setup, I can set all the channels including DFS, but I don't touch the DFS channels because of the caveats of using them. The main show stopper for me is that not all end user devices support DFS channels.

    If you are in a different country and have it set to that and are trying to figure out what channels should be available, both regular and DFS, I would try to analyze the table on https://en.wikipedia.org/wiki/List_of_WLAN_channels#5_GHz_(802.11a/h/j/n/ac/ax)

    80MHz, Lower Sideband, RT-AC3200, FreshTomato Version 2018.4, Country = US:
    FreshTomato80MHzChannelsLowerSideband.png

    80MHz, Upper Sideband, RT-AC3200, FreshTomato Version 2018.4, Country = US:
    FreshTomato80MHzChannelsUpperSideband.png
     
    Last edited: Jul 31, 2018
    nodnarb91, Mercjoe, cyber062 and 5 others like this.
  94. Magister

    Magister LI Guru Member

    In Administration/TomatoAnon you can enable it, at least when there is an update, every time you will go on your router page (like 192.168.1.1) you will have a top banner saying "There is an update!" when there is an update :)
     
    kille72 likes this.
  95. apreslin

    apreslin Connected Client Member

    The request might be for a method that notifies you without having to login to the router UI, such as an alert email or the like. The developer of Asuswrt-Merlin sends out tweets like https://twitter.com/RMerlinDev/status/1022263384241315840 for new versions which seems to be an effective notification method when paired with configured mobile push notifications to the handle in the Twitter app.
     
    Last edited: Jul 30, 2018
  96. lepa71

    lepa71 Networkin' Nut Member

    Where did you get 2018.4? Is it a beta? Do you still select 80 or 40 MGz than? I was reading the same websites and this is the reason I asked if it was a configuration "issue" or a "bug". It feels more like chosen configuration by Tomato dev in this case.
     
    Techie007 likes this.
  97. apreslin

    apreslin Connected Client Member

    It's a test version that was compiled by @pedro311 and @kille72 to overcome an issue where devices connected to 2.4GHz had a limit of 10 devices max. See https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-6#post-298084 and for a little background on that see https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-6#post-298071 and some other posts around that time.

    Test version can be downloaded here: https://exotic.se/freshtomato-arm/test/ but it's only for the RT-AC3200 and RT-AC56U. I'm not positive if the version for RT-AC56U addresses the exact same thing, but you should be able to backtrack in this thread and figure it out. At least for the RT-AC3200, it includes "WL: update wireless driver for SDK7 to GPL 382.50470" as shown here: https://bitbucket.org/kille72/freshtomato-arm/commits/e84c5920b60735d509ad8272129c3194bdb61ed6

    I don't recall if the channel selection changed with that updated version with the updated wireless driver since I didn't pay much attention because I don't care about using DFS channels.

    As far as what I select, I use a 80MHz channel. It doesn't appear to be a configuration issue, it's just the way that Tomato has always done it AFAIK. Just like the default country being set to Singapore. Not sure why someone in the past made the decision to default it to Singapore (seems like a very small use case http://anon.groov.pl/index.php?country=Singapore), but it's been that way for as long as I can remember. Maybe it's the most compatible across countries. Decisions like these may go all the way back to the original dev Jonathan Zarate: https://en.wikipedia.org/wiki/Tomato_(firmware) and haven't been changed since with the devs that have are in the Shibby / FreshTomato forks that are influencing the experience here. I'm not sure of the behavior on other Tomato mods. In essence, FreshTomato and many of the other mods do not have dramatic changes in the UI since the original Tomato http://www.polarcloud.com/tomato

    Also, as far as control channels vs extension channels, Googling their purposes and behavior can be read about a bit in sources like this: http://goughlui.com/2018/06/04/note-choosing-5ghz-wi-fi-channels-for-802-11ac-in-au/ "The first wave of 802.11ac did exactly the same thing again, broadening the transmission mode to 80Mhz. As a result, one control and three extension channels are nominated in a contiguous block. Many routers still offer selection by 802.11a-style channel numbers and determine the appropriate extension channels automatically where possible. So in the 802.11ac case of Ch 36, this would mean using Ch 36 as control and Ch 40, 44 and 48 as extension. This could be denoted as Ch 42 (80Mhz), or Ch 36-Ceee." The underlined part in the italicized quoted text above seems most relevant to your question, I think. In that example, you can set the control channel to either 36 or 40 in FreshTomato, but in either case the 80MHz channel being used will encompass 36, 40, 44, and 48. One 20MHz control channel and three extension 20MHz extension channels giving you a total of 80MHz. Why you can't change the control channel to 44 or 48 regarding this example in Tomato, I am not sure. It lets you do Ceee, eCee, but not eeCe and eeeC (where "e" is extension channel and "C" is control channel)

    Actually, I just checked, and I have a router running DD-WRT, you can set the control channel to any of the 4 channels because you are able to select lower lower, lower uppper, upper lower, and upper upper for the extension channels:
    DD-WRT.png

    So maybe there is an opportunity for FreshTomato to improve and implement the ability to allow changing the control channel to any of the 4 channels in the 80MHz range. Actually, the more I think about it, what I suspect is that the Tomato design may be a legacy thing because that control sideband toggle was implemented with 40MHz channels and was never updated when 802.11ac 80MHz channel ability came along.

    DD-WRT 2.png
     
    Last edited: Jul 30, 2018
  98. JoeDirte

    JoeDirte Networkin' Nut Member

    I currently have an R7000 running 2018.3 with 21 devices on my 2.4GHz channel. I think I had about 25 yesterday but my houseguests have departed. I'm not experiencing the 10 device limit. However, 20 of the devices have static mappings although they are still acquiring the addresses via DHCP. Perhaps people facing this issue can use static mappings to get around this? My static IP mappings are outside the DHCP IP scope as is standard practice. Router is in gateway mode and WAN is PPPoE via bridged DSL modem.
     
    Last edited: Jul 30, 2018
    M_ars likes this.
  99. lepa71

    lepa71 Networkin' Nut Member

    This is what meant as configuration.
     
  100. apreslin

    apreslin Connected Client Member

    Yes, I didn't understand that Tomato was missing the ability to set the control channel for either of two higher channels like DD-WRT seems to be able to do. As you can see, I took a bunch of time deep diving, researching, and thinking back of the evolution of Tomato and 80MHz channels.

    So that's the behavior now. Maybe someone can figure out a patch and implement it in the future, not sure if the devs or any users here with the ability to come up with one are interested in pursuing it or not.

    It may be negligible if there is any performance gain if we were able to change it to the two uppermost ones, but I am not positive on that. You would still be using the same 80MHz channel. Maybe in certain environments it would. From my understanding from Googling around, the control channel is used the most, and the extension channels are used when needed if the bandwidth exceeds what the control channel can provide. It would probably be difficult to determine which would be the optimal control channel unless you could see utilization on each channel, and that would probably require a 5GHz harware spectrum analyzer to make an intelligent decision. Although, I did find WifiInfoView https://www.nirsoft.net/utils/wifi_information_view.html which has a column for channel utilization, but I am not sure how accurate it is. It also shows a single channel for 80MHz channels, so that might actually be the control channel for those networks. You may also get benefit by identifying people that are using 20MHz or 40MHz channels and avoid those by choosing the control channel away from those.

    5GHz signals don't penetrate walls and have as much distance as 2.4GHz signals, so interference from neighboring networks is kinda minimized in that regard.

    For what it's worth, you seem to be able to change the channel in NVRAM:
    root@unknown:/tmp/home/root# nvram show | grep wl1_channel
    wl1_channel=40
    size: 43790 bytes (21746 left)
    root@unknown:/tmp/home/root# nvram set wl1_channel=48
    root@unknown:/tmp/home/root# nvram show | grep wl1_channel
    wl1_channel=48
    size: 43790 bytes (21746 left)


    I also see the parameter "wl0_nctrlsb=lower" which sounds like like part of the puzzle, well at least corresponding to what the fields in the GUI for control sideband are actually setting.

    I am not sure if that's actually changing the control channel or not. I tried it and followed it with a "nvram commit" I rebooted too, the NVRAM parameter was still set, but the GUI status overview page still reports it as the original channel that was there before I changed it. Found this source talking about how to set and commit NVRAM parameters: http://www.linksysinfo.org/index.php?threads/nvram-commit-not-working-help-please.23119/ I can't find a WiFi analyzer type program that shows which channels are being used for the control channel versus the extension channels. If it is actually changing the control channel by just manipulating the NVRAM parameter, then it might be pretty easy for someone to develop a patch to allow you to set that in the Tomato GUI.
     
    Last edited: Jul 31, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice