Tomato 04 Released

Discussion in 'Tomato Firmware' started by Reiper, Sep 18, 2006.

  1. Reiper

    Reiper LI Guru Member

    Tomato Version 04 Released...

    Version 0.04

    * Fixed a problem with wireless clients not being displayed in device list if no encryption was used.
    * Fixed a problem that could cause dnsmasq not to read resolv file if time hasn't been updated yet and if using certain time zones.
    * Fixed potential problems if erasing JFFS2 and when rebooting if JFFS2 is mounted.
    * Fixed several more UI errors.
    * Fixed how some nvram keys are unset and reset to make sure they don't unnecessarily trigger an nvram commit at startup.
    * Changed behavior of reset button back so it's simplier and consistent with the standard Linksys firmware: Just hold it for at least 3 seconds.
    * When upgrading, a check is now performed to make sure JFFS2 is not mounted.
    * Minor changes, code cleanups.

    Get it here
  2. frode3

    frode3 Network Guru Member

    super trying it right now under port forwarding how do i set a port range like 27000-27015 for dod?
  3. bokh

    bokh Network Guru Member

    Has anyone upgraded from 0.03 to 0.04 yet? And if yes: HOW? Through the web-UI --> Administration --> Upgrade?
    I'm not sure if this will work in my GL because of the memory. "Tomato" states: Free Memory: 2,324.00 KB.
    Any clues? TIA!
  4. KaHooli

    KaHooli Network Guru Member

    DDNS support for

    You have done an excellent job of your firmware. I have used most of the ones available out there (inc OpenWRT, DD-WRT & Sveasoft) and kept going back to Thirbors release of HyperWRT until now. Your Tomato firmware is excellent, and I can't believe how stable it is.

    The only thing I would like is added to the DDNS list. You have added lots already and I know it will be next to impossible to add them all, I am no programmer but I believe this addition of this DDNS provider to your firmware would me a minor task.

    More information on can be found here and here.
  5. Reiper

    Reiper LI Guru Member

    Reset/clear nvram, upgrade through the web interface, clear nvram and reboot, re-key settings and you should be good to go.
  6. redcow

    redcow LI Guru Member

    worked for me without nvram reset, of course its not recommended but it works for me ;)
  7. mescator

    mescator LI Guru Member

    the port forward triggering

    Hello. I loaded 0.3 yesterday and 0.4 just now. I wonder why port forward triggering require entering IP address. Shouldn't it be IP independent?
  8. mescator

    mescator LI Guru Member

    One more note. The WOL GUI does not work. When a device is pressed (left-button) the Wake button grays-out for a while and gets back active, but no packet is being sent over the network. If a MAC is put into the entry next to the wake button, then a packet goes out the router and wakes the machine.
  9. lwf-

    lwf- Network Guru Member

    Just changed from thibor 15c and everything seems to work ok. :) Good job!
  10. bigl2

    bigl2 Network Guru Member

    Just like you wrote - "27000-27015" :)
  11. bigl2

    bigl2 Network Guru Member

    I know - it's not recomended. Bt enough is to do reboot - freshly after reboot there is about 4MB of RAM free and you can do upgrade.
  12. bigl2

    bigl2 Network Guru Member

    Independent? So how should router know traffic from which IP should enable triggering?
  13. frode3

    frode3 Network Guru Member

    hehe okay thanks
  14. bigl2

    bigl2 Network Guru Member

    Have you tried it with 0.04 version or with earlier versions?
  15. mescator

    mescator LI Guru Member

    guessing 27000:27015 ...
  16. LAGMonkey

    LAGMonkey Network Guru Member

    L7 for MSN messenger will not work. It can not recognise msn video or audio and therefore wont assign the correct service.
  17. myersw

    myersw Network Guru Member

    Upgraded from .03 to .04 of Tomato on my wrt54gs v4. Everything went fine and now have a router running the latest and soon to be best firmware, at least IMHO. Just upgraded thru the GUI, Did not even require a reset. YES I know you should clear out nvram and power cycle after, but I say if its working why bother? Of course if I encounter a problem the first thing is reset nvram and power cycle.
    Looking good, Tofu.
  18. NateHoy

    NateHoy Network Guru Member

    Normal port triggering should see that a given IP address is generating traffic on a specified port, and automatically start forwarding the set port back to that IP address. So, in a standard port triggering setup, you would not specify an IP address - the router would figure that out based on which IP address the request came from.

    Port forwarding requires an IP address to be set up in the router, and a specific port or list of ports. This is because the assumption is that ALL unsolicited packets from the Internet on those ports should go to that device.

    Port triggering only requires a triggering port and the ports to forward. When a device within the network makes an outbound request on the "triggering port", the router forwards all unsolicited packets on any of the "ports to forward" to the device that made the original request on the "triggering port". The router knows which IP address to forward to, since it knows the IP address of the device that sent the request on the "triggering port". This IP address does not need to be pre-arranged.
  19. The_Unknown

    The_Unknown Network Guru Member

    Restart script

    Having problems running a startup script that used to work in Thibor 15c

    echo "50 7 * * * root /sbin/reboot" > /etc/cron.d/restart

    Copied it to init, rebooted but it doesn't work. The time on the router is correct.

    Anything wrong with this?
  20. bigl2

    bigl2 Network Guru Member

    Maybe there is no cron in this FW?
  21. bigl2

    bigl2 Network Guru Member

    No - normal triggering needs IP in LAN and port from this IP to know which traffic (from which IP on which port) should enable triggering. It also needs external port number to know which external port to forward. Tak a look here:

    So as you see first is traffic from internal IP on specified port to router. Then router recognises that traffic with such parameters (internal IP and port) should enable triggering and does it. So you need:

    1. Internal IP & port which enables triggering

    2. external port to be forwarded

    Maybe you think about port forwarding but use word "triggering"? ;)
  22. The_Unknown

    The_Unknown Network Guru Member

    Yeah, just checked it out by telnet :\
  23. bokh

    bokh Network Guru Member

    Which is odd, because "ps" on the router reveals a process called "crond".
    So there is a crontab-daemon, but it seems to be just sitting there. It can't be fed with tabs...
  24. mescator

    mescator LI Guru Member

    tomato: port triggering / port forwarding

    I just checked what terminology is used by Linksys regarding the two subjects. What I meant as "Port Forward Triggering" is called in the L manuals simply "port triggering", while full-spec forwarding is called "Port Forwarding". Anyway, both functions lead to port forwarding but different condition must be met to enable it. For triggering, outgoing traffic on a preconfigured port enables the forwarding and forwarded data goes to the opener, while in full "port forwarding" the destination of forward is defined in configuration. I check the GUI on original WRT54G firmware and it matches my understanding.

    This is why I pointed out that in Tomato 0.3 and 0.4 the IP field is either a mistake or additional filter and maybe can be filled with to match any NAT-ed machine to trigger the forwarding.

    Tell me how it really is with Tomato....
  25. mescator

    mescator LI Guru Member

    WOL on tomato

    Yes I did. I checked with IE and Firefox just to be sure that this is not a wrong interpretation of scripts behind, but sorry none works.
  26. NateHoy

    NateHoy Network Guru Member

    No, but maybe none of the routers I've ever worked with have implemented what you refer to as "normal" port triggering.

    As I understand triggering, which may be an incorrect understanding, the router is supposed to figure out the LAN IP based on which IP made the request. This is how port triggering is implemented in HyperWRT Thibor and in the various Tofu builds.

    So, for example, you'd set up a port trigger on port 5060 (outbound) to forward inbound ports 10,000-15,000. When computer makes an outbound request on 5060, ports 10,000-15,000 are automatically forwarded to If, an hour later, computer makes an outbound request on port 5060, ports 10,000-15,000 are now forwarded to that machine instead.

    If you have to pre-arrange what machine the triggering is going to go to, then what's the point of triggering (except maybe a small incremental increas in security, since the port trigger will eventually time out)? You might as well set up a port forward instead.

    I apologize that I cannot read the article you referenced, my ISP has a circular route problem that has blocked off a good chunk of the Internet to me at the moment. :(

    However, I did find a Google cached version of the same page, and it has a comment that appears to contradict what you are trying to say:

    Another thing to note, is that most port triggering setups do not require you to enter an internal ip address to forward the incoming ports to. This means that any computer on the network can use your port triggering setup. If two computers try to use the port triggering setup at the same time you will run into problems.

    I strongly suspect we are disagreeing on specific implementations of port triggering rather than the overall concept. It may be possible that some implementations of port triggering do require a prearranged LAN IP, but based on my knowledge of port triggering, that is a more limited implementation than I would ever want to use. The whole point is that any computer on my network can "autoforward" an inbound port simply by talking on a prearranged outbound port.

    At the end of the day, though, I prefer UPnP. :thumbup:
  27. tofu

    tofu Network Guru Member

    Triggering & IP... It's a UI bug. The IP field is not supposed to be there and it doesn't really do anything. It's one of those things I don't normally use, so I didn't even notice it. Sorry for the confusion. Ignore that field for now and it should work anyway.

    Cron is there, but it's busybox's cron so it's slightly different. The easiest way to use it is to just use a helper script called cru:

    cru a bootme "50 7 * * * reboot" (add)
    cru d bootme (delete)
    cru l (list)

    Where "bootme" is any unique id.

    You can still upgrade even though the memory is smaller than the firmware size. The advantage of having enough memory is you can buffer the entire firmware in ram before anything is written. If there is a problem during upload or if the CRC doesn't match, it will fail before anything is flashed.

    The others, I'll have to look into them later...
  28. hopser2000

    hopser2000 Network Guru Member

    I just upgraded from the original Linksys firmware to tomato 0.4. Upgrade went fine the GUI said. But now I cannot login. The readme says the default login and password is "admin." for the gui and "root." / "admin." for telnet. None of them work. What can I do? Please help
  29. fareal

    fareal LI Guru Member

    I think I had similar trouble logging in after the upgrade on one of the routers I installed it on. I'm not sure how I eventually got in but it was confusing me because I wasn't sure if I was accidentally trying to logon to my neighbors wide open "linksys" wireless or mine.. I probably held down the reset button for 13 seconds (count the flashes on the DMZ light) which resets and clears NVRAm. Then close and reopen your browser and try logging in.
  30. u3gyxap

    u3gyxap Network Guru Member

    I am trying to forward ports 65101-65200 on the WAN side to ports 65101-65200 to a host, say
    It looks like I can forward all the port range to a single port on a loca host, but not to a range of ports? The rule looks like:
    65101:65200 -> 65101 on :(
    I need it to be:
    65101:65200 - > 65101:65200 on
    Also, I cannot seem to be able to allow only specific computers to access the internet in the Access Restrictions. I can block the internet on a few, or on the all, but I cannot block all and allow it on few?
    Not sure if these are bugs or features :)
  31. fareal

    fareal LI Guru Member

    make the rule look like..

    65101:65200 -> EMPTY_PORT_FIELD on :)

    EDIT: actually i'm not sure if both colons and hyphens work .. i used a hyphen .. 65101-65200
  32. hopser2000

    hopser2000 Network Guru Member

    Thanks. Resetting the router worked for me. Looks very nice the tomato. I will give it a try.
  33. bigl2

    bigl2 Network Guru Member

    Yes - you have higher security since ports are not always forwarded. Like this article says: Port Triggering is a little more secure than port forwarding, because the incoming ports are not open all the time. They are only open when a program is actively using the trigger port.
    It's not a contradction - it's additional info which clears that we both can have right. You allways had routers which have triggering without specifying internal IP. I used both of them but my knowledge is that "normal state" is that you specify internal IP to have clear sitution which IP has the right to have forwarded port. Setup without specified internal IP is more flexible but makes problems (mentioned in the article) when 2 computers start to use triggering at the same time. It's also security concern - just imagine that you have internal web server set with port triggering so it's vsible as your homepage. When there is no traffic for some time any other web server on LAN can use triggering to be visible as your homepage. Maybe it's not so usual in your home LAN but in "not so friendly LAN" it's quite possible.

    Anyway now we see our points, see differences and I hope it clarifies all. :)
  34. bigl2

    bigl2 Network Guru Member

    As I understand it whole idea in Tomato is that net access is enabled for all. So you can only create when to block access, whom and to which content. It's not good or bad - it's the idea implemented by Tofu here.
  35. u3gyxap

    u3gyxap Network Guru Member

    Thanks. I do use hyphens, but after I save it, it shows colons. Anyway, the trick with the empty field was the solution. Thanks a lot.

    That explains it. I thought it was me doing something wrong.
    Mr Tofu, please, if possible, consider adding the exact opposite idea to the Access Restrictions.
    In other words - to be able to allow only specific computers to have internet connection.
  36. seper

    seper LI Guru Member

    Hey, im trying Tomato 0.04 and im getting no Bandwidth Graphics in the Current tab, anyone had this problem too? Im using it on a WRT54G V2.

  37. fareal

    fareal LI Guru Member

    If you're using Internet Explorer you need this plugin..

    With Firefox it seems to work without the plugin.
  38. seper

    seper LI Guru Member

  39. VirtuaDZ

    VirtuaDZ LI Guru Member


    I am using Tomato 0.04. So far it is working very well. I have just one point:
    I would like to add the DDNS provider I use. Can somebody help me how to do this. I have access with SSH on the router (WRT54-GS v1)
    The DDNS Provider is The Update-URL is
    Thibor, if you could add this provider in the next release, it would be really nice. Thank you!
    An other good idea would be, if you would add an option, where everybody can add his own provider by himself. So there should only be one more field, where we would have to insert the structure/url of the specific provider, which is then used for the IP-updates.

    I have solved this by adding the following line to Administration > Scripts > WAN Up:
    wget -O - ""
  40. purephase

    purephase Network Guru Member

    Tomato is Tofu's project, not Thibor. Thibor is the developer for the HyperWRT fork (which Tofu was as well). Just so you know.
  41. VirtuaDZ

    VirtuaDZ LI Guru Member

    Oh, O.K. Sorry for that. I want to thank both for their great work.


    Tofu added a custom URL-based DDNS service support in the 0.05 release. It works perfect! THANK YOU!
  42. bokh

    bokh Network Guru Member

    Is there still any need in keeping this particular thread sticky..?!
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice