[Fork] FreshTomato-MIPS

Discussion in 'Tomato Firmware' started by kille72, Apr 26, 2018.

  1. pedro311

    pedro311 Networkin' Nut Member

    All WL drivers in MIPS are the same as on V140 by Shibby.
    pharma likes this.
  2. Beast

    Beast Network Guru Member

    I have been thinking that i noticed the devices not dropping from the list, was about the same time the changes to the quality calulations where changed. Also observed the same thing with quality being 85-100. And before the changes every connection was very low indeed, somewhere around 28 to 40.
  3. danielhaden

    danielhaden Network Guru Member

    Shibby, Feburary 2018: https://openlinksys.info/forum/view...24&highlight=krack+141&pid=167137#post_167137

    Option: I just found Toastman 2017 builds https://www.4shared.com/folder/rnihHn43/Toastman_Firmware.html I had to use chrome and ublock adblocker during downloads, but then it worked. The typical Toastman build is non-multiwan and can support a multitude of clients, including mine. Let's hope the source code hasn't been lost.

    Edit: I didn't manage an accurate comparison, because I loaded the RT instead of the RTN build. The 2.4ghz wifi throughput is 28% higher and 5 barz, to most rooms. Atf is not present.

    News: The phone issue is gone after clicking "measure" to measure the background noise. This resets the graph to reasonable figures. The phone is not associated ~19 seconds after it is powered off. If Toastman's source code can be found, the fix is in it.
    Last edited: Oct 5, 2018
  4. glehel

    glehel Reformed Router Member


    my AC66U run v1.28.0511 MIPSR2Toastman-RT-AC K26AC USB VPN
    can you update the latest freshtomato keeping the settings?
    unfortunately I do not have time to re-configure.
  5. Feliciano

    Feliciano Connected Client Member

    From one branch to the other, and sometimes from one build to the next, variables are added and removed, and/or renamed. Therefore you are advised to not do so.

    To save me time as well, I have a txt file with all the configurations of my router, then I copy and paste as needed when upgrading/downgrading or doing a reset to default.
    glehel likes this.
  6. kernel-panic69

    kernel-panic69 Connected Client Member

    I forgot to specify that this is where I found Toastman's and other Tomato source code when I posted originally

    Last edited: Oct 14, 2018
  7. tbrautaset

    tbrautaset Connected Client Member

    Know it's a little too late now, but on my TomatoUSB
    Model Asus RT-AC3200
    Chipset ARMv7 Processor Rev 0 (v7l)
    CPU Frequency 1000 MHz (dual-core)
    Flash size 128 MB

    Captive Portal Management has worked perfectly :), upgraded to the next version as usual, but not this time for 2018.4 everything was constantly looping:oops: and now I understand why. Captive Portal has been removed:(!

    Possibly I'm the only one who likes to have a nice welcome page for guests and others?


    Is it possible to get this implemented again? Or do I have to look for other third-party firmware that has this feature?
    Last edited: Oct 7, 2018
  8. pedro311

    pedro311 Networkin' Nut Member

    Well, I'll consider adding this feature again, then.
    rs232 and tbrautaset like this.
  9. tbrautaset

    tbrautaset Connected Client Member

    It would have been great if you do, thank you in advance @pedro311[​IMG]
  10. kernel-panic69

    kernel-panic69 Connected Client Member

    I guess you could possibly try nodogsplash, but nocatsplash / nocatauth may not work correctly without some patching, I think because the required dependencies break http/https redirect badly?
    tbrautaset likes this.
  11. Sean B.

    Sean B. Network Guru Member

    Optware/Entware have captive portal packages, such as chillispot.
    tbrautaset likes this.
  12. FredericM

    FredericM Network Newbie Member

    I also tried your suggestion but it doesn't seem to be a success on my router. I clicked measure and the noise floor changed to -92 dbm (eth1) and -90 dbm (eth2) from -99 dbm.
  13. Sean B.

    Sean B. Network Guru Member

    Out of curiosity, try Tools->Wireless Survey and click refresh.
  14. tbrautaset

    tbrautaset Connected Client Member

    It's possible there were weaknesses with the built-in solution up to 2018.3, but for me it worked perfectly.

    Got a great welcome page, user authentication with forwarding where i would without error in any way, bandwidth limiter for default class LAN1 (br1) also worked, what more could you wish for?

    Things can always be better, and the way you do it can certainly also be safer, but for me that's all right!
    kernel-panic69 likes this.
  15. FredericM

    FredericM Network Newbie Member

    After executing the survey, my phone had no rssi and and quality value anymore in the client list.
    Also all other wireless client have reconnected to the router.
  16. CroRoby

    CroRoby New Member Member


    For Tenda N60 router the "freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta-TendaN60.zip" was the latest firmware I could flash due to file size. It is working very well, but I would like to upgrade to latest freshtomato releases if it is possible to repair.

    The error message during the upgrade process is:

    " File is too big to fit in MTD "

    Thank you for your hard work!
  17. pedro311

    pedro311 Networkin' Nut Member

    @up: I'll remove minidlna (as always) from the image and add dnscrypt-proxy and JFFS (as ie. in a/r2a targets). It should fit then.
    Will upload in "test" folder ASAP.

    //EDIT: uploaded, as "freshtomato-K26USB_RT-N5x-MIPSR2-2018.5.020-beta-TendaN60", enjoy.
    Last edited: Oct 8, 2018
    Monk E. Boy and CroRoby like this.
  18. AndreDVJ

    AndreDVJ LI Guru Member

    As NoCatSplash in TomatoUSB stands, it has a big problem: It doesn't intercept HTTPS.
    • If you try https://www.google.com, it won't work. The browser hangs and you won't even get into splash page.
    • If you try this forum http://linksysinfo.org, it works. You'll see the splash page and will redirect properly.
    This is not acceptable. It doesn't qualify as "works perfectly" in any way. I have no idea of any other security implications of that. That's the main reason why Captive Portal feature needs to be retired.

    And to make matters worse, enabling QoS will completely break NoCatSplash, and will completely break all web browsing. They don't co-exist unless someone have a look on how iptables rules are generated, though I have no desire in looking into it.
    pharma, Sean B., kille72 and 2 others like this.
  19. tbrautaset

    tbrautaset Connected Client Member

    For my use at home, I do not see the need for a ssl based welcome page under the authentication of my guests, have set a limit of 20Mbps both ways and when authorized, everything works, so it depends on the use I guess:). As long as there are no built-in options that provide what you want when it comes to intercept / redirecting to https://? This alternative is better than discontinuing it. Well thats my two cents;).
  20. maurer

    maurer Network Guru Member

    I believe you're the one of the very few still using Captive Portal
    I don't think it worth keeping this functionality only for some very few users.
    You can basically compile it yourself (adding the captive portal) - just open a new thread
    pharma likes this.
  21. kernel-panic69

    kernel-panic69 Connected Client Member

    Kinda figured the thing with Captive Portal is what it is. Not sure about the difference in Tomato and routers, but I had a working NoCatAuth authentication gateway working on OBSD and Linux 2.4 on x86 hardware forever ago. Never had an issue with https redirects that I recall off the top of my head, but I've slept since then.
  22. CroRoby

    CroRoby New Member Member

    Thank you for the fast reply.

    Yesterday I downloaded and flashed it. Now it is running for 10 hours wihout errors.
  23. danielhaden

    danielhaden Network Guru Member

    I noticed that Victek had "speedtest" version for RT-N16, E3000, E4200...
    Does that mean Vectored Interrupt Support?
  24. kiki64

    kiki64 New Member Member

    Hello everyone, thank you all for helping this project and continuing to support this firmware.

    I have been having some issues with 2018.4 fresh tomato while I have had 60+ days of uptime with advanced tomato.

    Router Model: Asus RT-AC66W (RT-AC66U)
    Chipset: Broadcom BCM5300 chip rev 1
    Flash Size: 128MB
    NVRAM: 64KB
    Fresh Tomato Firmware: freshtomato-mips 2018.4/K26RT-AC/freshtomato-RT-AC66U_RT-AC6x-2018.4-AIO-64K.zip
    Advanced Tomato Firmware: tomato-RT-AC66U_AT-RT-AC6x-3.5-140-AIO-64K.trx (latest)

    Modem: ARRIS TM1602AP2 (Spectrum supplied)
    Secondary Router: D-Link DIR-655 A 1.37
    Country: United States

    My enviornment is 1 modem, 2 routers, 3 wired machines, multiple wireless machines. Both routers are enabled with one supporting 192.168.1.X /24, the other 192.168.2.X /24, and both WANs using DHCP.

    My issue has been with the WAN port. Once I plug in the WAN port it will configure itself and within ~3 mins it seems to reset the entire device over and over again. If I do not plug in a cable to the WAN port the router seems stable. This happens when the router's WAN is plugged directly into the modem and also when it is plugged into the other router's LAN which has it's WAN plugged into the modem.

    The firmware that I mentioned above is the only Fresh Tomato Firmware that I have tried thus far. When flashing I checked the clear NVRAM checkbox. I also had to Administration > Configuration > Restore Default Configuration > "Erase all data in NVRAM memory (through)" and reboot immediately to get the 5GHz band to appear.

    As far as the settings I changed once the router is live: time, the basic wireless settings, the wireless country for both bands, admin access settings. I leave all of the default settings for WAN and IPv6. (also tried to match with advanced tomato) Usually I would configure things much more but I am trying to pin down the issue while still having internet. I have also noticed that when I disable 2.4GHz on the ASUS, save, and when the router resets that it enables the 2.4GHz band again. Not sure if that is normal or not.

    When looking in the logs, the only thing that was listed was a SIGTERM at the time of the reset. If there is more log information that I can enable and how to make it survive a reset I would like to know so I can post my logs.

    This router usually needs to be in use so it will take time to go through the network permutations and firmware bisects that I haven't tried yet. Thanks for any help you can provide.
  25. tbrautaset

    tbrautaset Connected Client Member

    Like this ?
  26. Feliciano

    Feliciano Connected Client Member

    Log to an external server, and select all the debug information you think it might be related.
  27. Radojevic

    Radojevic Network Newbie Member

    Maybe it's the 'WAN Port Speed' setting, which is 'Auto', by default.

    It's here:
    Advanced -> Miscellaneous -> WAN Port Speed
    Set it to '100Mb Full'.

    This should narrow down the problem.
  28. txnative

    txnative Addicted to LI Member

    Have you changed the IP address of the Router? The Arris ip is you should change yours. Only use one router as a gateway the other router is whatever you want it to be other wise you'll have a Double NAT using both wan ports Asus & D-link. I'm not sure if you are familiar with Spectrum modems, you need to reboot the modem and router so they sync together, usually I'd wait after a minute and half before rebooting your router, you know after the Arris has started cycling then they'll be insync doesn't matter if it's not perfect just so that the Arris is waiting for your router to finish it's cycle is fine. How you configure your network is up to you afterwards.
  29. koitsu

    koitsu Network Guru Member

    Arris cable modems (i.e. bridges) are usually, not -- note the last two octets. The TM1602AP2 appears to be just a modem.

    Maybe off-topic, if so sorry: cable modems also have a weird form of layer 3 monitoring for their LAN or Ethernet side (read: not coax). They do in fact monitor packets destined to their particular IP address ( in most cases, but it varies per modem brand and sometimes per model), even if your own LAN network isn't in space. Yes really! Tomato has a feature that helps work with this as well (the "Route Modem IP" field in Basic -> Networking), or if you're using older Tomato where this GUI field isn't present you can add the appropriate IP routing rules yourself. Other brands/models actually require your LAN network to live within the same network the modem expects -- which really sucks for live troubleshooting (I had an RCA/Thompson modem back in the early 2000s that worked that way. Awful product in general).
    pharma likes this.
  30. txnative

    txnative Addicted to LI Member

    oops on the ip address and yes the arris is a teleophony modem and phone line, that is what I use to have before switching out for a technicolor and phone line no bridging involved when using these devices. It is just that if you use your own router and pending on your plan you'll most likely receive one of these telephone modems or end up using a all in one router/modem. For some ISP that may require some specific I image if you are with a particular setup that will require some more than usual setup for your network as you were explaining to use the feature in tomato basic network setup. Mainly the issues I had was not the modem(arris) it was more on the tier station problem and once they resolve it now everything is normal now.
  31. kernel-panic69

    kernel-panic69 Connected Client Member

    X2 on the "Route Modem IP". You have to either enter the actual IP or, if I remember right. Otherwise, things get a little screwy.
  32. kiki64

    kiki64 New Member Member

    Thanks for the responses everyone, I got a chance to setup a logging server and test the router.

    I attempted to change this setting and on the status page of the router the WAN port speed didn't change. I'm guessing I can't change it from auto negotiation on this router.
    I saw no real change to the stability of the router even with half duplex set.

    You are correct that this modem's internal ip address is set to

    Now for what I tried so far,
    I attempted to remove everything from the network. The devices remaining were: modem, router, desktop, and raspberry pi for log collecting. This time I only changed the logging server (enabled all checkboxes), time, and wireless country. I didn't reconfigure the wireless settings to stop my phone and other devices we have from connecting. The router still had some issues resetting but I was able to watch a 25 minute youtube video without disconnecting during the video but once the video was over the router reset.

    My phone: Nexus 5x Android 8.1.0 (October 5 2018)

    After this I configured the wireless settings to let just my phone connect to the wifi and the constant resetting started to happen. By looking at the logs, it looks like the phone keeps trying to configure itself with DHCP but it must fail and keeps trying. I compared the logs to advanced tomato and it is missing a log line while the phone is connecting.

    I have scrubbed logs of the host / device parts of the unique addresses. Any identifiers (IP / MAC) that have the same network / manufacturer address parts are the same devices through out. Neither the raspberry pi or my desktop ever showed up in the logs sent to the raspberry pi. My guess is that they got the setting they needed and don't retry unless the address lease expires or something. Only my phone was ever listed in the logs by the router.

    Fresh tomato 2018.4:

    Advanced tomato:
    Oct 15 04:39:38 unknown daemon.info dnsmasq-dhcp[2529]: DHCPDISCOVER(br0) 64:bc:0c:xx:xx:16
    Oct 15 04:39:38 unknown daemon.info dnsmasq-dhcp[2529]: DHCPOFFER(br0) 64:bc:0c:xx:xx:16
    Oct 15 04:39:38 unknown daemon.info dnsmasq-dhcp[2529]: DHCPREQUEST(br0) 64:bc:0c:xx:xx:16
    Oct 15 04:39:38 unknown daemon.info dnsmasq-dhcp[2529]: DHCPACK(br0) 64:bc:0c:xx:xx:16
    Oct 15 04:39:39 unknown daemon.info dnsmasq-dhcp[2529]: RTR-SOLICIT(br0) 64:bc:0c:xx:xx:16
    I was hoping for more verbose logs on what is sending the terminate but not sure how to turn that on or if that is a thing. Thanks again for any help.
    Last edited: Oct 16, 2018
  33. kernel-panic69

    kernel-panic69 Connected Client Member

    The dnsmasq is dhcp for the LAN side. Only thing I know that sends a sigterm to it is the large adblock lists, wound up disabling adblock because of it. That shouldn't affect WAN side, but it may cause a reboot. There are fixes in 2.80test7 and 2.80test8, I believe 2.80test7 is merged in the latest commits, so some of the issues may have to wait until next build unless you compile yourself.
  34. tomatoboy

    tomatoboy New Member Member


    I'm currently running the below version of Tomato & Router:

    Model Asus RT-AC66U
    Chipset Broadcom BCM5300 chip rev 1
    Tomato Firmware 1.28.0000 MIPSR2-140 K26AC USB AIO-64K

    I was considering to upgrade to the following version which I believe is the correct one for my purposes:


    My questions before doing so are as follows. I hope someone can confirm.

    1. Are there any major features that have been eliminated in this new version that my existing Tomato Firmware currently has? I understand this may be a rather broad question but I am using VLAN's that I would be dead in the water if they were no longer an option to reconfigure after the update.

    2. I see mention in the ChangeLog of the new version that mentions "Preliminary support for stubby". Can someone clarify this a bit? Does this mean that DNS over TLS or HTTPS should be functional in this version? If so, are there any known parts of that functionality that do not work and are still being ironed out or should I expect it will fully work in its current state? Does it support Cloudflare &

    3. Lastly, its been awhile since I last did a Firmware update on this router. If I perform the update via the MiniCFE website will the Admin password of the router be reset or will my old password still be present? If its reset to something can anyone offer up what the default user/pass will be after being flashed?

    Thank You for any assistance/info you can provide
  35. txnative

    txnative Addicted to LI Member

    Could describe this a bit better to clarify the order of operation, Modem(arris)- is then connected to which port of which router- connected to which port on second device? If you have this problem fixed please disregard this request of information.
  36. ctrlesc

    ctrlesc New Member Member

    To the devs, I just wanted to say thanks for continuing this project. There is a lot of capable aging hardware which would be abandoned if not for your efforts. Again, thank you.

    I Just swtiched over from Shibby 140 to 2018.4 on an E3000 which is used for DHCP, DNS, WAP with WAN disabled. Without clearing the config, I noticed name resolution was failing because "resolv.dnsmasq" was an empty (0 byte) file. I cleared nvram and re-setup with the same results. Looking at the code, rc/services.c: start_dnsmasq(), there is a check to see if the the WAN is inactive and not using one of the following: PPTP, L2TP, or PPP on demand. If this is the case, it will not update "resolv.dnsmasq". It follows then that if the WAN is set to disabled this condition will never be satisfied. The patch below fixes the case where dnsmasq is utilized and WAN is disabled:

    diff --git a/release/src/router/rc/services.c b/release/src/router/rc/services.c
    index fd87450..ce5b7da 100644
    --- a/release/src/router/rc/services.c
    +++ b/release/src/router/rc/services.c
    @@ -698,7 +698,7 @@ void dns_to_resolv(void)
                    if ((check_wanup(wan_prefix) == 0) &&
                            !(get_wanx_proto(wan_prefix) == WP_PPTP || get_wanx_proto(wan_prefix) == WP_L2TP || nvram_get_int(strcat_r(wan_prefix, "_ppp_dema
    -               if (    (check_wanup(wan_prefix) == 0) &&
    +               if (get_wanx_proto(wan_prefix) != WP_DISABLED && (check_wanup(wan_prefix) == 0) &&
                            get_wanx_proto(wan_prefix) != WP_PPTP &&
                            get_wanx_proto(wan_prefix) != WP_L2TP &&
                            !nvram_get_int(strcat_r(wan_prefix, "_ppp_demand", tmp)))
    Last edited: Oct 22, 2018
    RBoy1, Techie007, Justio and 8 others like this.
  37. maurer

    maurer Network Guru Member

  38. rs232

    rs232 Network Guru Member

    I just want to say thank you. It's too easy for users (me included) to just go and ask the two people maintaining the release to go and fix things themselves. Yes reporting an issue is important but your approach to pick an issue and take the time to look at the code is really great. I would encourage you (since you have the skills) to step into helping the development even more. There's plenty of things to fix :rolleyes:

    Once again well done and keep up the good work!
  39. kernel-panic69

    kernel-panic69 Connected Client Member

    @ctrlesc & @rs232 : Having the ability to have DHCP/DNS, etc. on an AP-only, WAN disabled, non-gateway device would be awesome, nice find and patch! I may compare some things and see if I can apply this elsewhere, if I may. I can safely say that it is much easier working with the folks here.

    @pedro311, that usb issue I mentioned to you is most likely in the kernel config(s), at least in the config_base file(s) in the repository. I'm still looking at it and will get back to you.
  40. pedro311

    pedro311 Networkin' Nut Member

  41. vangelos

    vangelos New Member Member

    Thank you very much for what you are doing!
    I am using freshtomato-K26_RT-MIPSR2-2018.4-Max

    I wanted to ask: will there ever be support added for DNS-over-TLS using stubby or unbound? This could be enabled instead of dnscrypt.
    Last edited: Oct 25, 2018
  42. youmax

    youmax Network Newbie Member

    Hi! ,I have had trouble using the PPPOE option. the WAN link is "renewing" and does not connect, I have an adsl router in bridge configuration. some clue?

    I tried the last three versions of freshtomato-K26_RT-MIPSR2-beta-Max.zip
    Techie007 likes this.
  43. Techie007

    Techie007 Networkin' Nut Member

    Hey, I have the same problem at a customer location using a PPPoE WAN connection. Linksys E1500 router. I thought it was an issue with the ISP. It just sits there saying "Renewing..." forever. Eventually an IP address shows up and it gains Internet connectivity, but the WAN section still says "Renewing..." and the IP address keeps changing every couple hours.
  44. minos

    minos Networkin' Nut Member

    Hey! Thx for this release.
    But I got CIFS client not connecting to a SMB share on the same LAN.
    I has already happens with Shibby before, when I've upgraded the NAS Debian version... then samba version...
    Everybody on the LAN is nice with, but not the e1000 linksys :'(

  45. B Tung

    B Tung New Member Member

    32k miniipv6 MIPS r2
    Rt-n12 d

    Can only run on dhcp
    If I play with vid setting, the port numbers will get mixed up and reversing them doesn't help, pppoe can't find the wan port
  46. golf247

    golf247 Network Newbie Member

    FIXED: Thanks pedro311. Yes it was cache...stupid me...Incognito mode removed the issue.

    IGNORE below but keeping as reference:
    Here's an odd bug report.
    Asus RT-N12 D1
    FreshTomato Firmware 2018.4 MIPSR2 K26 MiniVPN. I saw the same on error on the MAX version also.
    I came off of Shibby K26-1.28.RT-N5x-MIPSR2-138-Max.

    What I'm seeing is when I change the router ip address to, I can't save any changes on the Basic/Network page. Also the wifi channel width empties on that page. These all seemed to work x.99, x.200, x.254, x.1, x.10.254, x.10.101.
    When I click save, I get, "The field "wl_nbw_cap" is invalid. Please report this problem." and nothing saves. It seems like I'm still able to use tools "Nvram set" and then "commit" to change variables, but seems like this is some type of a bug. I had come off of a NVRAM reset and started from scratch, manually configuring it.
    Last edited: Nov 3, 2018
  47. pedro311

    pedro311 Networkin' Nut Member

    Clean browser's cache or use Ctrl+F5
    Techie007 and golf247 like this.
  48. napopa

    napopa New Member Member

    I have a similar issue. Around 3mins after I connect the router (AC66U) to the modem via the WAN port, the router enters into a reboot loop that only stops by unplugging the cable from the wan port.
  49. terrorbunny

    terrorbunny New Member Member

    Hello, ive another issue.

    Router AC66U
    Defautl Factory sttings, testes with the latest 3 Versions of freshtomato

    THe moment a device connects with Wireless Lan the Router crashes.
    This happens only when DHCP is enabled.
    The Device will recieve an IP but almost instantly after the router crash and reboot.

    The Device is on default settings, cleared NVRAM prior and after install.
    traed to celar and reflash again,.. still no joy
    ofc tryed without authentication, checked existence of the resolv.conf file... still no joy

    my current solution is to install an dhcp on one of my windows server vms :)

    oh btw thanks for the radius fix, finally proper wlan auth :)
  50. golf247

    golf247 Network Newbie Member

    Passing my gratitude to the folks that continue Torching the Tomato. (carrying the torch for this project).
    I was able to update a few routers, some have not been fully tested as they are backups, but the AC68's seem to be working great.
    Some notes for others in case it's helpful:
    • All are ASUS, WPS button for ~30sec during power up clears NVRAM for all of them.
    • ALSO, this is firmware work...be wired...especially for the CFE stuff on AC1900RT
    • This is only important if you have a lot of complicated settings (access restrictions, QOS rules, VPN?, static DHCP, port fowarding). Prior to getting rid of old setting: I used Tools/SysCommands and Nvram Show to copy all my variables to txt file and also did this to the barefoot config (clear NVRAM). Then I was able to paste into excel both columns, do a compare to find modified variables, and then concatenate to make it like this: NVRAM SET Name=".." Then when I was done it was fairly easy to run groups of these and nvram commit on the new firmware builds. (I came from tomato to a new tomato, this may not always work as sometimes syntax and variable names can change between versions...do at your own risk).
    1. RT-N10P A1 (2 of them, mostly dust collecting)
      Old was Shibby K26-1.28.RT-N5x-MIPSR2-140-Max.
      NEW All three seemed to work fine. K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.4-Max or K26_RT-N5x-MIPSR2-2018.4-Max or K26_RT-N5x-MIPSR2-2018.4-MiniVPN
      I left MiniVPN on as I mainly wanted to see the difference between the builds. Biggest I noticed was the Max vs mini drops the captive portal (EDIT 11/9/18 also these are gone in mini: IPV6,TorSettings,CIFS,JFFS,NFS Server,SNMP,CaptivePortal)
      I probably could have just used the web interface to upload, but I initially chose the incorrect freshtomato versions and ended up using the TFTP method from recovery mode outlined at the end of this post.

    2. RT-N12/D1 (2 of them, mostly dust collecting)
      Old was Shibby K26-1.28.RT-N5x-MIPSR2-138-Max.
      NEW K26_RT-N5x-MIPSR2-2018.4-MiniVPN
      Used TFTP method mentioned at end of post. Probably could have updated from web interface of Shibby.

    3. TM-AC1900RT to RT-AC68U (2 of them, 1 as AP, 1 main router)
      Old was Shibby RT-AC68U-ARM--140-AIO-64
      NEW RT-AC68U-ARM-2018.4-AIO-64K
      I had already converted to Shibby a couple years ago but wanted to inject the latest AImesh CFE. NOTE: I'm not an expert here, and some of these 'backward' steps, may not be needed, but they worked well and didn't take long (30 min total). Generally followed the Bay Tech Pros guide. Backed up config and using nvram show, cleared NVRAM using WPS 30sec power on, backed up barefoot config and nvram show, loaded the TM firmware x1703 using web interface, rebooted, cleared NVRAM, did CFE injections, updated to firmware x3626 using the mtd-write2 method, SSH'd MTD5 away, cleared NVRAM, loaded freshtomato image using web interface, rebooted, cleared NVRAM, saved barefoot config and nvram show variables. A this point I was good and started reconfiguring routers (I used the NVRAM set method for a lot of larger variables as mentioned at the start).
    Recovery for N10 and N12: set manual IP at, Hold reset, plug in power. Power light starts blinking slowly after 12sec.
    WPS button 30/30/30 is NVRAM clear.
    TFTP method: (FYI in win10, have to turn TFTP client on) Start CMD in folder that holds new firmware file. get ready to CMD "tftp -i put newN10p.trx", go into recovery mode,hit enter. Wait about 30 sec and it will complete. Wait another 5 mins to allow firmware to install (no indications on leds) and then power off/on. Let router do it's boot up for a few mins. Then power off/on and do WPS NVRAM clear.
    Last edited: Nov 10, 2018
    pharma, pedro311 and kille72 like this.
  51. txnative

    txnative Addicted to LI Member

    Now I've never experience that before, for what my experience is the modem is just a box that doesn't do any routing, dhcp, wifi, Spectrum my hand out certain type of modem in my case is telephony modem, meaning has telephone ports and allows any type of router to be used that is using dhcp on the wan, as opposed to modem/router combo that is already handling dhcp, routing through it's built in router, phone port(optional) What is the tomato wan port set on? Even though I put any router either it being tomato-dd-wrt-openwrt/lede/oem using dhcp on the wan is going to work, since i do testing using tomato and modem supplied by Spectrum I never experience that boot loop. I hope this info assist you.
  52. golf247

    golf247 Network Newbie Member

    On the boot loop...any chance the default lan IP of the router is the same subnet as the modem DHCP ip address?
    In other words...change your default IP range before plugging wan into the modem (from to or something). I've seen weird things caused by that in the past.
  53. txnative

    txnative Addicted to LI Member

    Yes change the tomato ip and range to something other than the modem ip. Example, Spectrum modem ip is, as you should the change ip to something different, for example the range you mentioned, use DHCP, you can use whatever dns or use your providers your choice, if you choose to do manual save all your settings, go to advanced-dhcp/dns deselect the default settings and select Use received DNS with user-entered DNS save your settings. You should now be able to reboot the modem wait for 1 min and reboot the router to sync up both modem and router. A different scenario if this was a modem/router combo almost the same with exception to bridging the combo unit. Hope this helps
  54. icecold2018

    icecold2018 New Member Member

    Signed up here just to say thanks to the folks who're keeping our routers alive :).
    I have a Belkin f7d7301 - really old N router but with a Gb switch and two usb ports - stuff that's hard to find on low end routers even now! I was on Shibby 140 and this router was a secondary router on the lan. I set it up as a print server with cupsd and avahi - however, when I was connected to the main router, printer auto discovery was flaky. I finally traced it down to multicast dns being flaky on shibby which causes it to drop/filter packets after a while.
    In any case, I tried putting DD-wrt and it was disaster - bricked my router and finally managed to recover it via serial console.
    And then I came across this thread - thought there was nothing to lose and flashed it. Not only does it work well, it also solved the original problem I had with printer sharing!

    Thanks folks.

    Also one question - currently I'm using optware-ng from github. Entware wasn't an option since they don't have mipsel packages. I saw the post in this thread about someone who's compiled entware packages for mipsel - but I'm wary of depending on something that might not last.
    Is there a good guide somewhere on setting up optwareng for tomato that's recent?

    Thanks again!
  55. napopa

    napopa New Member Member

    The wan port is set to PPPOE (if this is what you mean) and connected to the modem which is a SMARTRG modem/router combo set to bridged mode (i.e. routing functions disabled).

    I thought this could be the problem too, but the modem subnet is and the router subnet is . Unfortunately, as soon as i connect the wan port, the router enters into this weird bootloop.

    Just a remark that the exact same configuration works fine with the latest Adavanced Tomato. When I try to replicate the same setup with this version, this problem arises.
  56. kernel-panic69

    kernel-panic69 Connected Client Member

    Wondering if this will fix the problem with the boot loop:


    Fixes a race condition on wan_up in adblock. Try disabling adblock in the current build and see if that resolves the issue. If it does, that could explain things related to the issue I had. Didn't quite make it to a reboot loop, but dnsmasq kept crashing and restarting on my E4200v1.

    At least I don't *think* it's anything to do with rp-ppoe. My WAN port is set for DHCP, but I can test re-enabling adblock minus the non-default lists that caused me issues and see.
  57. txnative

    txnative Addicted to LI Member

    Do you have freshtomato version installed, if so which one or are you using an earlier shibby version? If using an earlier version either way go ahead and update and try again, I'm not sure in the early freshtomato stages if there was some problems with pppoe, but not sure as of yet? The modem/router would seem correct to work in bridge mode and only you can confirm you are using pppoe and not dhcp, make sue your setup for pppoe as I'm sure know. If you are pppoe could you show your logs that would probably show type error.
  58. golf247

    golf247 Network Newbie Member

    Potential bug but it's a special use case, thus not sure most will be repeating it. Mainly putting it on here for helpfulness. I've got two TM-AC1900s converted to RT-AC68U. One is main router with br1 Vlan3 setup for guest wifi assignment. 2nd is setup as access point, wired to main router (lan to lan connection). 2nd router is setup identically as main router for guest wifi and br1 Vlan3. using port tagging on the lan to lan connection.
    The issue I saw was that the 2nd router could not get DNS, thus it wouldn't update time. This only affected the router, not any devices that connected to or through the 2nd router.
    Easy solution for me was to add the line "server=xx.xx.xx.xx" to the dnsmasq custom configuration in the advanced DHCP section (where xx is the main router ip). This resolved any issues I was having for getting the 2nd router time updated.
    I'm not expecting any fixes but I'm suspecting it's something with the WAN not being active on the 2nd router and thus the DNS doesn't get updated for it.
    Search words for the google bots....access point ntp time server not updating dns.
  59. Aardvark

    Aardvark Serious Server Member

    This has already been fixed: https://bitbucket.org/pedro311/freshtomato-mips/commits/6fa12c098565b63b66a87e155d907cc1837189bf
    golf247 and Monk E. Boy like this.
  60. marcus13

    marcus13 Networkin' Nut Member

    My sincere thanks goes out to everyone contributing to this project! It seems like quite a few bugs have been fixed since the last release. Is there any plan to put another set of binaries out this year?
    kernel-panic69, pedro311 and kille72 like this.
  61. kille72

    kille72 LI Guru Member

  62. kernel-panic69

    kernel-panic69 Connected Client Member

    I'm currently running a test build on my E4200v1 of the last commit/merge to the RT-AC branch. Compiling your own isn't too difficult... except, of course, your not 100% sync'ed with the main repository (Thanks git....).... er, I meant, thanks for the tip, @pedro311 ;-)
  63. MongooseProXC

    MongooseProXC Connected Client Member

    Just curious. Is Stubby implemented in the ARM branch and not MIPS? I'm not seeing an option for dns over tls.
  64. phuklok1

    phuklok1 Network Guru Member

    Hello, first off, thanks for all the hard work in keeping perfectly usable MIPS devices chugging along, relevant and out of the landfill! :)

    I have 2018.4 MIPSR2 K26 USB AIO on an rt-n16. I've noticed a sporadic issue when using smb to transfer files from a windows PC to a 64GB USB flash drive attached to the router (I know the drive has no issue). Large file transfers may randomly fail without reason. Small files uploades to the router seem to work consistently, but when I try for example a file that is over 400 hundred MB in size, it may randomly fail to transfer (looks like it times out or something from the windows end) and leaves a corrupt file of the correct size on the flash drive -- but strangely a few tries later on and it will work fine (no reboot, or anything). Has anyone else run into this?
    Last edited: Nov 19, 2018
  65. kernel-panic69

    kernel-panic69 Connected Client Member

  66. Amuro

    Amuro LI Guru Member

    Interesting project. My thanks to the maintainers / developers.

    I will have to dust off a RT-N16 to try it. Any quirks with this particular model?

    @phuklok1 - just wondering if you tried with a hard drive and get the same results.
  67. MongooseProXC

    MongooseProXC Connected Client Member

  68. txnative

    txnative Addicted to LI Member

    Pedro hasn't built the images yet, give him some time he has not uploaded to his mega account yet, as of now.
  69. kernel-panic69

    kernel-panic69 Connected Client Member

    There were images uploaded this morning, not all of them, though - but they were pulled, from what I saw just a bit ago. And the last commit was removed from the repository, or my mind is playing tricks on me lol. I'm running a test build I compiled at the most recent merge (yesterday) between master and RT-AC branches.
  70. txnative

    txnative Addicted to LI Member

    no worries,
    the compilation should go without a hitch
  71. ooznerol

    ooznerol New Member Member

    Hi all,
    Exactly the same for me on the same Router.
    If I connect the cable to WAN port the router enters in reboot loop. And also when I connect to wifi.......
    No problem with AdvancedTomato

    Anyway thanks to try to keep this project alive
  72. txnative

    txnative Addicted to LI Member

    Been seeing this issue a few times now. Just want to make sure the information is correct to what is happening.
    The wan is set to pppoe?
    Freshtomato-mips pppoe issue but not with advancedtomato is that correct?
    Could someone post the log for when this happens on the freshtomato build so the dev can look at and compare commits, thank you.
  73. ooznerol

    ooznerol New Member Member

    I have no PPOE.
    Only set WAN to static address. I have try also with DHCP.
    IF I plug the cable on WAN port, i enter in the reboot loop.
    Same thing if I try to connect to wifi, I enter also in reboot loop.
    With advancedTomato and same settings , all is working fine.

    I don't know if it will be possible to have some log. I think reset will erase log isnt' it?. Maybe i can try to catch log before reset but not easy.
  74. filipedonato

    filipedonato Connected Client Member

    In Tomato 2018.5 you could add the Belkin f9k1102 V3?
  75. kernel-panic69

    kernel-panic69 Connected Client Member

    AFAIK, the F9K1102 build supports both V1 and V3 devices as they are both Broadcom and hardware identical. The V2 is the only one that is a Realtek chipset. I am not entirely sure that it identifies one as a V1 and the other as a V3, though.
  76. Feliciano

    Feliciano Connected Client Member

    With the router working, set up an external log server. It could be on the WAN or on the LAN side (with an static IP address), maybe on the LAN would be more effective for your case.
  77. filipedonato

    filipedonato Connected Client Member

    Yes friend, they are "almost" identical. It changes only one letter in the name, you can check it by looking at the specifications. However, I tested here, and unfortunately the router keeps restarting, sometimes every 2 hours, sometimes every 4 hours, sometimes every 12 hours. Then it restarts and erases the torrent program installed on it. I think this error is only related to the small difference between the hardware.
  78. pedro311

    pedro311 Networkin' Nut Member

    2018.5.083-beta MIPS is ready for download - enjoy!

    And as always, donations are very welcome ;)

    More information in the first post.
    Last edited: Nov 25, 2018
    Elfew, maurer, rgnldo and 3 others like this.
  79. kernel-panic69

    kernel-panic69 Connected Client Member



    I'm failing to see a significant difference between the v1 and v3 that would cause that problem. The tor package has been updated since 2018.4, there have been a lot of things worked on. Without syslogs and/or serial console logs, it's a guessing game as to what is wrong with your device (or the firmware). I would suggest trying the new build (2018.5.083-beta), clearing the nvram completely and re-configuring from scratch and see. Also would be a good suggestion to use a remote syslog server of some sort to see what is happening that triggers the restarts.
  80. txnative

    txnative Addicted to LI Member

    The only thing different from advancdtomato is the code my not have been updated or my be using an older build(i don't know)and the freshtomato, is a current build? If not go ahead and update as this may have been fixed. I apologize since I can't do any testing, I have no pppoe connection to test with. If pppoe is the protocol then trying dhcp will not work as you may have noticed, are you flashing back and forth between builds? If you are make sure to clear the nvram to rule that out, but if you are on a dhcp connection and on a current freshtomato, I don't see why there is a looping when attempting to connecting the wan. Did you reboot the provided modem and wait till the lights were sync up and power up the router while the wan port was connected?
  81. duren11

    duren11 Network Newbie Member

    I decided to try this today as well, N66U, coming from Shibby 140 and a long stable uptime. As soon as WAN was initialized, I also hit a bootloop.

    - I tried both stable and beta versions of freshtomato
    - Did a thorough clean of NVRAM each time.
    - Syslog out to see what was happening and there were no specific lines of interest
    - Modem is not on same subnet as router

    - I did notice a SIGTERM somewhere in there, so I wonder if it's the adblock that is causing this issue.
  82. AsusN66U

    AsusN66U New Member Member

    I was also facing the bootloop with N66U, when trying the K26RT-AC version of the firmware. When I tried the K26RT-N version found here [1], it was more stable.
    When I was using Shibby's firmware years back, AC firmware was working fine with the N66U hardware, I also remember reading that AC version might have newer drivers, and so I was using it. But AC firmware is causing bootloop in freshtomato, if you read 2 or 3 pages back in this thread, someone else also mentioned this same issue, anyways the RT-N version is working fine, so go ahead with it.
    [1] - mega[dot]nz/#F!QywknIpa!5JwWNIfEwCOKXqXG0AOh4w!MvARnISS
    since this is my first post, I am not able to create a link, correct the above link.
  83. txnative

    txnative Addicted to LI Member

    Has anyone updated to any newer version and still face this problem, to help determine which version is affected with a signal termination error and to confirm what is being used is pppoe protocol? Please read the how to report a bug, it takes guess work out, thank you.
  84. filipedonato

    filipedonato Connected Client Member

    Tomato 2018.5.083-beta
    The only Logs I get are these, because as I said, when the router restarts it erases any settings made in the TMP folder and pretty much everything stays there.

    Syslog1 - is the log when I connect a cable to the LAN4 port and the router restarts by restoring all Tomato settings.
    Syslog2 - is the log when the router restarts for no apparent reason. In this case the settings remain (like wifi password and pppoe for example) but the contents of the TMP folder is also deleted (transmission torrent for example)

  85. txnative

    txnative Addicted to LI Member

    Your logs indicate that your using the Belkin N600 BD as this should help to correcting the code for it, the other models as some users have indicated as to be experiencing some loop, maybe different but until someone provides some type of log as you have may help to correcting the code for pppoe, dns usage or just a pppoe problem. Also could you copy paste the cat /proc/mtd to make to rule out partition issue, the log showed something different, Thank you
  86. Beast

    Beast Network Guru Member

    Updated to freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.5.083-beta-Mega-VPN.zip

    Cleared NVRAM and configured from scratch. Using DHCP for connection. Router Asus RT-N16.

    The [save button] would not work on the wireless setup page untill i changed the encryption AES to something different and than back.

    Also I use the EXTERNAL Adblock + pixelserve and get this error now:

    ADBLOCK[1311]: Skip adding tomato link, could not find insertion point in tomato.js

    Thanks for all the hard work.....
  87. boulder

    boulder Network Newbie Member

    2018.5.083 MIPSR2-beta K26 is just working fine on Linksys E2000, many thanks, people!
    txnative, pedro311 and kille72 like this.
  88. jimjimminy

    jimjimminy New Member Member

    New to Fresh Tomato not new to Tomato. I downloaded 2018.5.083 RT-Ac66u AIO and installed on RT-AC66U and did 30-30-30 reset but it only shows config for 2.4GHz band and nothing for 5GHz.
    I also tried with VPN image and same problem. Any one else experiencing the same problem?

    Coming from Merlin firmware on this particular device and flashed with CFE recovery method.
  89. ruggerof

    ruggerof Network Guru Member

    Try the reset button in the back. It was the case with my AC66U and Toastman firmware.
    txnative likes this.
  90. pedro311

    pedro311 Networkin' Nut Member

    Clear browser cache and/or use Ctrl+F5.

    Why use external Adblock if it's already compiled in the software (working)?
  91. Beast

    Beast Network Guru Member

    Because i don't know how to configure the built in version to work with pixelserve. I would still like to figure out why the external one cant find the injetion location in (tomato.js).

    Thank you for keeping this firmware alive...


    rmtomatolink() {
    if grep -q "/www/tomato.js" /proc/mounts ; then
    if [ -f "$jsflag" ]; then
    umount /www/tomato.js
    elog "tomatos.js was mounted by something else"
    rm -f "$jsfile"
    rm -f "$jsflag"

    addtomatolink() {
    if [ "$tomatolink" = "1" ]; then
    if [ "$web_dir" != "" ] && [ "$web_dir" != "default" ]; then
    elog "Skip adding tomato link, non default web_dir($web_dir)"
    elif ! grep -q "'log.asp'] ] ],$" /www/tomato.js ; then
    elog "Skip adding tomato link, could not find insertion point in tomato.js" <----------ERROR----------
    if [ "$mountjs" = "1" ]; then
    elog "Adding tomato menu item"
    sed "/'log.asp'] ] ],$/ a ['Adblock', '${weblink#*/www/}\" target=\"adblock\"']," /www/tomato.js > "$jsfile"
    mount -o bind "$jsfile" /www/tomato.js
    touch "$jsflag"
    phuklok1 likes this.
  92. jimjimminy

    jimjimminy New Member Member

    I reflashed and reset 30/30/30 again and it worked this time. I see 5GHz settings now. Thanks. Now I can explore this firmware version further.
  93. jimjimminy

    jimjimminy New Member Member

    I have a reboot loop problem with the latest 2018.5.083 AC66U AIO image on my AC66U device. It seemed fine when configuring everything else without a WAN connection but no joy once connected to the fibre ONT.
  94. txnative

    txnative Addicted to LI Member

    The fiber connection ONT = DHCP as i remembered with Frontier for me, a year ago. Now are you using a dhcp as well? If so i can test it but if it's a pppoe then I cannot. Looking for your feedback. Regards
  95. AsusN66U

    AsusN66U New Member Member

    My N66U with AC firmware was facing the boot loop issue, with both 2018.3 and .4 versions, didn't try the latest .5 AC version.
    Also my WAN connection uses pppoe, so may be the issue is related to that.
  96. jimjimminy

    jimjimminy New Member Member

    Yes. DHCP.
  97. ghoffman

    ghoffman Network Guru Member

    f7d3301 was unstable on 2018.5 with a dhcp wan connection. wifi connections dropped. was able to access the router without rebooting via the WAN connection (!!) , and have reverted to 2018.4. bacck to stability for the last 4 days.
  98. txnative

    txnative Addicted to LI Member

    I don't have an asus model to utilize but as I'm sure you know how to reset the nvram on this model before and after flashing tomato and that you are not using a backup of a previous backup from previous build, but did it manually? Perhaps installing the newest version that just came out may have address these bugs your feedback would be helpful. Regards
  99. txnative

    txnative Addicted to LI Member

    I don't have Fios now but that shouldn't make a difference, the isp i have now, uses a dhcp protocol as well, but giving the newest build a go to see that would still occur is needed feedback as well as I'll flash my E3200 Linksys with the latest build as I'll check for any anomalies after connecting to the modem of course I'll know and I send my feedback as well to test the latest beta, thank you for your response. Regards
  100. MongooseProXC

    MongooseProXC Connected Client Member

    Maybe I'm not familiar with how Stubby and DNS over TLS works, but I noticed something strange. After enabling Stubby and manually entering and as the DNS servers, there appears to be traffic going to IP over port 853. It happens whether "Strict-Order", "No-Resolv", or "None" is selected. A quick Google search says this IP points to "getdns!" Does anybody know if this a DNS leak or is this normal behavior for Stubby?
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice