Discussion in 'Tomato Firmware' started by Toastman, Dec 18, 2011.

  chunter2

    chunter2 Network Guru Member

    I get this on my WRT160N
    Kernel command line: root=/dev/mtdblock2 noinitrd console=ttyS0,115200
    Creating 5 MTD partitions on "sflash":
    0x00000000-0x00040000 : "pmon"
    0x00040000-0x003f0000 : "linux"
    0x0011d000-0x003c0000 : "rootfs"
    0x003c0000-0x003f0000 : "jffs2"
    0x003f0000-0x00400000 : "nvram"
    dev:    size  erasesize  name
    mtd0: 00040000 00010000 "pmon"
    mtd1: 003b0000 00010000 "linux"
    mtd2: 002a3000 00010000 "rootfs"
    mtd3: 00030000 00010000 "jffs2"
    mtd4: 00010000 00010000 "nvram"
  Planiwa

    Planiwa Network Guru Member

    printf "%d\n" 0x003b0000
    Maybe wc is confused. ;-)

    EDIT: The problem was that wc expects a character device. So, we can send it through dd first:

    dd </dev/mtdblock1 | wc -c

    (Thanks, chunter2.)
  chunter2

    chunter2 Network Guru Member

    I guess so. I've got a Netgear WNR2000 that looks like this.
    Kernel command line: root=/dev/mtdblock2 noinitrd console=ttyS0,115200
    Creating 6 MTD partitions on "sflash":
    0x00000000-0x00040000 : "pmon"
    0x00040000-0x00390000 : "linux"
    0x00111000-0x00390000 : "rootfs"
    0x00390000-0x003e0000 : "jffs2"
    0x003f0000-0x00400000 : "nvram"
    0x003e0000-0x003f0000 : "board_data"
    dev:    size  erasesize  name
    mtd0: 00040000 00010000 "pmon"
    mtd1: 00350000 00010000 "linux"
    mtd2: 0027f000 00010000 "rootfs"
    mtd3: 00050000 00010000 "jffs2"
    mtd4: 00010000 00010000 "nvram"
    mtd5: 00010000 00010000 "board_data"
    printf "%d\n" 0x00350000
    I guess not all 4MB flash routers are set up the same. It'd be nice if the standard would fit the 3866624 and the mini would fit the 3473408. But I guess we're the ones asking for all these other features.
  LastSilmaril

    LastSilmaril Addicted to LI Member

    I'm sorry if this has been previously answered, but we haven't got simultaneous dual-band up with either Toastman's or any other build, right? Pls correct me if I'm wrong. Router should be coming in tomorrow and will post my experiences once they get in.
  jsmiddleton4

    jsmiddleton4 Network Guru Member

    Dual band fine. Which router?
  Toastman

    Toastman Super Moderator Staff Member Member

    chunter, I've removed SNMP from that std version and uploaded it, you should find it fits now.
  chunter2

    chunter2 Network Guru Member

    Works great on my WRT160N's. Thanks a lot. :)

    Now I just need to sort out IP Traffic stats. A couple of my devices that are on but idle show huge stats per day. I'm wondering if it has to do with not clearing NVRAM after my initial upgrade from the standard TomatoUSB load to the Toastman load.
  gfunkdave

    gfunkdave LI Guru Member

    Hey Toastman, thanks again for the firmware. I run it on my home router (E3000) and the new RT-N16 I got for my parents. I'm so glad people are keeping Tomato alive.

    I'm experiencing a problem with both routers, however. I'm not quite sure how to describe it, so here goes.

    Some changes to Tomato seem to require Tomato to do more than just show the "Settings Saved. Some services are being restarted..." message. For example, clicking Save on the Admin Access screen causes Tomato to blank the page and display "Please Wait..." with a countdown from 10. On that event - when I save something that requires Tomato to display "Please Wait..." - both routers seem to kill the SSH daemon, and I can't reconnect remotely until I power cycle the router.

    Any idea what might be happening?

    Both routers are running Tomato v1.28.7494 MIPSR2-Toastman-RT K26 USB VPN, and the E3000 is of course running the Toastman flavor for the E3000.


    Edit: I had my dad look at the RT-N16 locally. Even while it was refusing my remote SSH connection, he could browse the internet fine. I had him go to the Admin screen on the router. The SSH Daemon showed a "Stop Now" button, so the router thought it was on. I had him Stop, then Start the daemon - but I still couldn't connect remotely. I had him click Reboot, and I was finally able to connect after the router rebooted.

    Edit 2: Just got home and checked things out on the E3000. Everything works fine except for SSH from WAN on the remote port. I can SSH to port 22 on the LAN side just fine. But I get Connection Refused on the WAN SSH port.

    Edit 3: Happens in 7494.2 as well.
  LastSilmaril

    LastSilmaril Addicted to LI Member

  jsmiddleton4

    jsmiddleton4 Network Guru Member

    Dual band with E3000's is great. Use the proper version for your router is all. Do not need the RT-N versions. In fact on the E3000 the RT version are more stable. At least at this time.
  LastSilmaril

    LastSilmaril Addicted to LI Member

    OK great! Thanks for the info...
  jsmiddleton4

    jsmiddleton4 Network Guru Member

    What got updated in xx94.2 version?
  ralph_irving

    ralph_irving Addicted to LI Member

    Hi Toastman,

    I've been running Tomato v1.28.7493 MIPSR2-Toastman-RT K26 USB VPN for the last couple weeks on my wrt610nv2 and it's been rock solid. I noticed a broken link for /usr/sbin/udpxrec that I thought I should mention. It's currently linked to /root/tomato/release/src-rt/router/mipsel-uclibc/install/udpxy/usr/sbin/udpxy in this build. I haven't checked 7494 as I'm happy with the current build I'm running, so you may have already found and fixed the problem.

    Thanks for all your efforts maintaining the toastman tomato firmware.

  Alex Simpson

    Alex Simpson Networkin' Nut Member

    hi. thanks for awesome firmware.
    any chance you`ll get timezone updates into it? :)
    we (Russian Moscow time) got changes in Daylight Saving policy half year ago, so it is now permanently GMT+4
    its not big problem to choose other timezone (e.g Armenia), but still would be awesome if you`ll decide to upgrade time zones.
    thanks for your time and sorry for bad english :)
  teaman

    teaman LI Guru Member

    Apparently, this symlink issue has been there for a while (most likely, ever since the very few versions/attempts to include udpxy).
    Thanks for bringing this up!
  Toastman

    Toastman Super Moderator Staff Member Member

    Alex, you mention changing to Armenia, that would be a simple matter of deleting Moscow's present entry in basic-time.asp and adding it to the same line as Armenia, but I don't think that's the right thing to do. I'm thinking of this entry instead ?

    ['UTC-4','UTC+04.00 Moscow'],​
  chunter2

    chunter2 Network Guru Member

    I'm having issues with IP Traffic data. I thought it was a problem with the data itself but now I'm wondering if it's the lists. If I set the daily page to KB and sort the Total by the largest I get something like this.
    2012-01-19          325,863.00 KB    18,091.00 KB    343,954.00 KB
    2012-01-19          264,746.00 KB    12,375.00 KB    277,121.00 KB
    2012-01-19           71,831.00 KB     3,207.00 KB     75,038.00 KB
    2012-01-19           39,016.00 KB    11,520.00 KB     50,536.00 KB
    2012-01-19           28,301.00 KB     2,787.00 KB     31,088.00 KB
    2012-01-19           20,750.00 KB     2,219.00 KB     22,969.00 KB
    2012-01-19       11,145,168.00 KB 1,046,193.00 KB 12,191,361.00 KB
    2012-01-19            8,234.00 KB     2,107.00 KB     10,341.00 KB
    2012-01-19            6,501.00 KB       739.00 KB      7,240.00 KB
    2012-01-19            3,992.00 KB       869.00 KB      4,861.00 KB
    2012-01-19            2,012.00 KB       803.00 KB      2,815.00 KB
    2012-01-19            1,969.00 KB       207.00 KB      2,176.00 KB
    2012-01-19              868.00 KB       647.00 KB      1,515.00 KB
    2012-01-19        1,056,419.00 KB    37,380.00 KB  1,093,799.00 KB
    2012-01-19        1,024,888.00 KB    26,476.00 KB  1,051,364.00 KB
    2012-01-19              658.00 KB        59.00 KB        717.00 KB
    2012-01-19              323.00 KB       195.00 KB        518.00 KB
    2012-01-19              244.00 KB       151.00 KB        395.00 KB
    2012-01-19              238.00 KB       155.00 KB        393.00 KB
    2012-01-19              234.00 KB       147.00 KB        381.00 KB
    2012-01-19              236.00 KB       135.00 KB        371.00 KB
    2012-01-19              142.00 KB        12.00 KB        154.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    2012-01-19                0.00 KB         0.00 KB          0.00 KB
    Total (35 hosts) 14,002,633.00 KB 1,166,474.00 KB 15,169,107.00 KB
    I've removed the IP column. The numbers that seem to be in the wrong order seem way too large for what those devices actually do but if you remove three digits they look like they're in the right order and the amount of data seems to be more reasonable to me. Any ideas?
  Alex Simpson

    Alex Simpson Networkin' Nut Member

    i`m new to editing stuff on my router firmware. i logged on by ssh, but cant find that file. i missed some manual here on forum maybe?
  teaman

    teaman LI Guru Member

    Righto... so I guess we should be talking about two different/possible issues, right?

    a) visual/sorting problems on the web UI
    b) incorrect amount of network traffic/data gathered for some IPs

    About (a): well, it seems commit 15e3dc9b2ad05887167bddfd8dcb339f4db5fd73 didn't quite fix the whole thing as intended...

    Still, I may have a hunch about what might be wrong: can you please check/test if this sorting/ordering error also happens if/when you select 'MB' for 'Scale' instead of 'KB'?

    About (b): not a clue :(
    But sill - keep in mind IP Traffic data/stats are about traffic being /forwarded/ throught the router... so this might be interesting/helpful:
  chunter2

    chunter2 Network Guru Member

    For (a) I just tried MB and GB and they both order correctly assuming the data is right.

    For (b) I guess I've got a fair bit of reading and understanding to do. The ones out of order in the KB list seemed more reasonable in their out of order place, that's why I mentioned it.

    Edit: Just checked the "Last 24-hours" page for the IP's that look way off and they don't look like they correspond with the same IP in the Daily list at all. The "Last 24-hours" page actually looks correct.
  Frankie

    Frankie Addicted to LI Member

    Hey Toastman,

    I have WRT54GL v 1.1

    What version of tomato would you recommend me for ipv6 and FULL SPEED (i work a lot with torrents)

    Thank you
  Toastman

    Toastman Super Moderator Staff Member Member

    IPv6 isn't properly supported by Kernel 2.4 and I personally wouldn't recommend 2.6 on a WRT54.
  teaman

    teaman LI Guru Member

    Do you have any other services (such as https) also trying to listen/bind on port 443 on the WAN interface/IP? Have you tried changing the SSH port on WAN to something higher?

    Also, I'm not exactly sure about what you mean with Edit 2, but I wonder what you might have set under advanced/firewall/nat/nat loopback (all? none?).

    Hope this is helpful - best of luck!
  eahm

    eahm LI Guru Member

    WRT54G/GL with 2.6 is very stable.
  gfunkdave

    gfunkdave LI Guru Member

    Hey there...nope, there are no other services listening on 443 on the WAN interface. Remote HTTP/S is disabled. I have not tried changing the WAN SSH port to something higher.

    Edit 2 means that, when connected to my local wireless network, I can open Putty and SSH into the router via its LAN interface - the SSH daemon runs on port 22 on the LAN interface. But if I connect to a remote server (an Ubuntu Linux box at my dad's office), and then issue the command

    ssh -p 443 root@<my name>

    I just get a Connection Refused. So the NAT loopback setting shouldn't matter, since this appears to the router as a new connection from an outside IP. This behavior persists until I reboot the router, at which point it works fine again.

    As a further update, I just downgraded from Toastman to vanilla TomatoUSB for the E3000, and can once again SSH in on the WAN port after clicking Save on the Admin screen. So it definitely is something introduced in the Toastman builds.

    Edit: Figured it out! It is a bug - just not the bug I had thought. You were on to it when you asked if anything else was running on port 443. I had LAN management set to HTTP & HTTPS - running HTTPS on the LAN port 443 was throwing it off. For some reason, that interferes with port 443 on the WAN side - setting it to accept LAN management on port 443 messes up the SSH daemon running on port 443 of the WAN. It shouldn't do this - remote web access is set to Disabled. But if I disable HTTPS LAN management, or set it to a different port besides 443, everything works fine.

    Hey, Toastman - is this something that is easy to fix?

    Thanks for the insight!
  Toastman

    Toastman Super Moderator Staff Member Member

    eahm - In that case, then I'd recommend he tries it :)
  boreas

    boreas Networkin' Nut Member

    I have an E4200 with last build. My problem is: after a couple of hours I have no traffic on ipv4, the traffic is only on ipv6. After a router restart, everything is OK.
    How can I fix it?
    Thank you!
  Toastman

    Toastman Super Moderator Staff Member Member

    No idea on that one! Something seems to be screwed up. I'd recommend an NVRAM erase and reconfigure from scratch.
  Alex Simpson

    Alex Simpson Networkin' Nut Member

    can i mount / as rw somehow? all commands i was able to google dont work
    wonna edit that basic-time.asp file :)
  jsmiddleton4

    jsmiddleton4 Network Guru Member

    "WRT54G/GL with 2.6 is very stable."

    It can be stable. But not across the board for all folks with "older" routers. Certainly folks can try it but need to know it may or may not be reliable for their equipment. There is no way to tell if it will or won't be reliable and stable unless you try it.
  Toastman

    Toastman Super Moderator Staff Member Member

    Alex, what router and build are you using at the moment?
  Alex Simpson

    Alex Simpson Networkin' Nut Member

    Asus RT-N16
    v1.28.7494 MIPSR2-Toastman-RT K26 USB VPN
  moscito

    moscito Networkin' Nut Member

    Hello, can someone help me to get the pptp vpn client running?
    The log says:
    Jan 20 18:30:56 unknown pptp[734]: Using interface ppp1
    Jan 20 18:30:56 unknown daemon.notice pptp[734]: Connect: ppp1 <--> pptp (

    But if i test my ip adress i have my own ip adress and not the vpn server.
    Do ih have to add an iptable command?

  V.Y.K

    V.Y.K Addicted to LI Member

    Backup functions on the "/administration/IP Traffic Monitoring" page downloads the wrong file (empty file). The "link" button on the same page has the correct file and works.

    Can you please fix it in the next release?


  kthaddock

    kthaddock Network Guru Member

    It's working here with custome path!:rolleyes:
  V.Y.K

    V.Y.K Addicted to LI Member

    My apologies wrong version, it does not work in tomato-K26USB-1.28.4494MIPSR2-Toastman-VLAN-RT-VPN-NOCAT.
    Just upgraded to tomato-K26USB-1.28.7494.2MIPSR2-Toastman-VLAN-RT-VPN-NOCAT and it works.
  Bidouleroux

    Bidouleroux Networkin' Nut Member


    I just flashed the 1.28.7494.2 MIPSR2-Toastman-VLAN-RT K26 USB VPN-NOCAT firmware on a new E3000. It works fine, but I noticed two things (bugs?) about the bandwidth limiter:

    First, after creating a third VLAN and setting the DHCP, etc., the bandwidth limiter GUI gives me a "IP address outside of LAN" error when I try to enter an IP from that VLAN. Even though it will let me save the rule, it has no effect. Otherwise, rules with IPs from the default VLAN work as intended.

    Second, the "Default Class rate/ceiling for unlisted IP's" seems to be out of whack. When I limit the number of TCP connections to 1, every connection from any IP, unlisted or not, to the WAN or to the router, times out. LAN connections between PCs seem fine though. Now, I could understand connections from unlisted IPs timing out, since that's want I want them to do. But that's not what happens. It's like every IP is unlisted as far as the number of TCP connections go. Also, it doesn't register unlisted IPs on the non-default VLAN (not too important here since access restriction works on them).
  teaman

    teaman LI Guru Member

    I'm not a specialist on the BW limiter myself, but as the author of the VLAN GUI, I can tell you for sure that: any features not specifically mentioned as 'multiLAN-aware' will only work on/for the primary LAN bridge (br0). These sorta 'restriction' thingie still applies to many different features in Tomato, such as (but not limited to): IPv6, OpenVPN tunnels/bridges/routes, QoS classification/rules, QoS BW limiter, Access Restriction rules, DMZ, TCP/UDP port forwarding rules (i.e. it's might be working, but hasn't been tested on anything but hosts sitting on the primary LAN bridge/br0 - but still: uPnP/NAT-PMP is multiLAN-aware and should work when properly configured), etc...

    Still, your point is still relevant: trying to include that rule referencing an IP outside the range of the primary LAN bridge should have thrown an error, not a warning (and should not have been accepted). Thanks for bringing that up.

  Toastman

    Toastman Super Moderator Staff Member Member

    A new build:

    January 21 2012 - 1.28.7632.2 and variants, K2.4 v 1.28.7632.2

    - add RTMPT filter (rtmp over http) - thanks to Porter

    - increase HTB prios, missed in previous commit

    - route modem IP for more WAN connections

    - fix K2.4 makefile for WRT54 builds

    - update Russian time zones


  ipitythefool

    ipitythefool Networkin' Nut Member

    hello everyone, i just signed up a few minutes ago... i am trying to run openvpn as a client on the "v1.28.7632 -Toastman-VLAN-IPT-ND ND VPN" version with the following settings:
    -static key
    -compression enabled
    -connection-retry 30 secs (default)
    but openvpn wouldn't start and complained:
    Jan 22 01:01:11 wrt4 daemon.err openvpn[555]: Options error: Parameter renegotiate_seconds can only be specified in TLS-mode, i.e. where --tls-server or --tls-client is also specified.

    what am i doing wrong? appreciate your help! =)
  kthaddock

    kthaddock Network Guru Member
  LanceMoreland

    LanceMoreland Network Guru Member

    First change UDP to TCP. Also make sure all of the correct keys that you generate with OpenVPN are pasted in the correct place in the GUI or it will not start. Here is another tutorial:
  ipitythefool

    ipitythefool Networkin' Nut Member

    thanks for the quick response. =) i am familiar with how to set up a tomato vpn in TLS-mode. what i was trying to do here was deliberately using a static key. it seems to me that the web interface passes the renegotiate_seconds option on to openvpn, even when the static key mode is selected and (according to the openvpn log line i posted) must be omitted.

    possibly a bug?


    @LanceMoreland: nice pics! =)
  darksamus

    darksamus Networkin' Nut Member


    I see you just released 1.28.0494.3, does it have cpu overclock speed for asus rt-n66u and correctly showing the data rate for 5ghz?
  Mercjoe

    Mercjoe Network Guru Member

    I was not aware that the QOS rules did not work on br1 etc. I opted for the VLAN build to make a totally isolated network for my wife for security reasons. So QOS /BW limiter does not apply to her, it only applies to me and my kids who happen to be on br0.

    Interesting.. it actually explains a lot. I guess I should have done more reading.

    I guess I need to go back to the non-VLAN builds and re-think her network isolation & security.
  LanceMoreland

    LanceMoreland Network Guru Member

    I replaced my Netgear 3500L's with Cisco E4200's yesterday. Toastman's latest builds are working great on them. I am using the VPN build on the main router and the Ext build on the wired in access point (non-vlan builds). Signal quality is easily double that of the 3500L's. Signal quality is so good that I was able to eliminate one access point and replace it with a switch. I have the 5 GHz bands all to myself. All clients can take my entire allotted bandwidth of 36 Mbps with no problem on both 2.4 GHz and 5 GHz channels.
  Cumulonimbus

    Cumulonimbus Networkin' Nut Member


    installed Firmware on my E4200v1:

    If i enable the Bandwidth-Limiter, my E4200 reboots in an endless lopp. Only if i do reset the router, i can access him again via LAN.
  pharma

    pharma Network Guru Member

    I have Bandwidth limiter enabled with no problems.

    I believe if you ALSO enable "Default Class rate/ceiling for unlisted IP's" it will start your problem with rebooting. Is this correct?

  Cumulonimbus

    Cumulonimbus Networkin' Nut Member

    Nope. "Default Class rate/ceiling for unlisted IP's" is disabled.
  pharma

    pharma Network Guru Member

    I'm currently using the Bandwidth limiter with no-reboots or issues. Try reflashing with the firmware in my signature that was released yesterday. Also after flashing check the CPU speed and adjust as required.
  Cumulonimbus

    Cumulonimbus Networkin' Nut Member

    Hi Pharma,
    now installed: tomato-E4200USB-NVRAM60K-1.28.0494.3MIPSR2-Toastman-VLAN-RT-N-Ext.bin

    I do a 30-30-30 reset before and after flashing 0494.3. This solves not the Problem. If Bandwidth Limiter are enabled and i produce Traffic on assigned IP, the Router chrashes shortly and go in endlees reboot loop.
  pharma

    pharma Network Guru Member

    Do you have any special settings? It might be having problems with some of the settings used. Try to give "relaxed settings" to DL Rate, DL Ceiling, UL Rate, UL Ceiling, Priority, TCP Limit and UDP Limit. My settings are as follows for one of the "remote clients" downloading torrents: -- 2000kbps, 2000kbps, 500kbps, 500kbps, Low, 60, 1/s. My max download is set to 24000 kbit/s, and upload is 4000 kbit/s.

    Play with the settings initially relaxed and gradually lower to see where problem occurs.

    Edit: Noticed you tried VLAN version. May not make any difference but try Non-Vlan Tomato-E4200USB-NVRAM60K-1.28.0494.3MIPSR2-Toastman-RT-N-VPN.
  Cumulonimbus

    Cumulonimbus Networkin' Nut Member

    1 am on a 100/6 Mbit Cable Connection.

    I also have now testet with lower speed, no chancges.

    My Settings: 85000kbps / 90000kbps | 5000kbps / 6000kbps - High / nolimit / nolimit 10000kbps / 15000kbps | 1000kbps / 1500kbps - Low / nolimit / nolimit
  pharma

    pharma Network Guru Member

    I'm trying to understand your settings ... why have a limit at all based on your settings?
    If you just want to see if it works, try changing your first DL Rate, DL Ceiling to much less ... like 2000 kbps/2000 kbps and UL Rate, UL Ceiling to 1000/1000 and set limit TCP connections and UDP connections to min. instead of unlimited. Also how you have your QOS settings will also affect the result.

    Edit: Only put the ip of the client you want to restrict... I don't think you need to restrict
  Cumulonimbus

    Cumulonimbus Networkin' Nut Member


    my workstation behind the router must be prioritize all traffc, so the prioritiy must be set to high and low to the devices

    After some test, i have found out where the problem could be. If i disable afterburner and frameburst, the problem is solved, temporary. at moment i cant say, if its afterburner oder frameburst i dont understand the technical facts, why both settings can produce problems.

    Edit: One Question: Are only LAN 1 (br0) useabel for QOS / Bandwidth Limiter?

    Edit: Problem not solved. Router crashed sometimes in this reboot loop. I think, it's a Bandwidth Issue. I try now to limit only max. a half of 100Mbit
  Alex Simpson

    Alex Simpson Networkin' Nut Member

    i have strange latency increase last couple days.
    1k ping in 2-3 mins after wan is up
    i tryed several versions with nvram clear (30-30-30 method), still nothing

    i thought its my providers modem first, but there`s no latency if i plug directly into modem + everything is ok with stock RT-N16 firmware
    tryed 1.28.7494.3, 1.28.7494.2, 1.28.7493
    everything was fine for last 2 month

    any ideas maybe? :(
  scsiii

    scsiii Network Guru Member

    I am having similar problems, see my post #149 in this thread. I got no reply. I have tried several current version from Toastman and Shibby I get huge ping loss on wan port with all of them. Currently I test my RT-N16 with DD-WRT v24-sp2 (12/20/11) mega (SVN revision 18024) without ping loss problems. I hope that this problem will be soon resolved in tomato.

  kthaddock

    kthaddock Network Guru Member

    You get fast answere on your first 5 ping's after that every 1 sek. (If I remember right)
  Alex Simpson

    Alex Simpson Networkin' Nut Member

    i resolved mine:
    Flashed stock fw -> 30-30-30 reset -> flashed dd-wrt -> 30-30-30 reset -> latest tomato -> 30-30-30 reset
    3 hours online and no latency atm
  scsiii

    scsiii Network Guru Member

    So if I understand you correctly this is a (performance/security?) feature in tomato and not a bug? Because I have setup monitoring of my router via SmokePing (20 ICMP pings every 60s) and get very consistent ping loss regardless of the load... Is there a way I can turn this feature off?

  LastSilmaril

    LastSilmaril Addicted to LI Member

    Everything is up and running almost without issue! Windows Media Center connections on an Xbox behind a switch is not working. If it doesn't work without the switch then I'll begin to be concerned
  brainz

    brainz Networkin' Nut Member

    Great work you are doing, Toastman.
    I've been using Tomato on my Netgear WNR3500v2 for over a year.

    I'm currently running tomato-K26-1.28.7487MIPSR2-Toastman-RT-Mini.trx, which is 3,328KB.
    The latest few versions of 3,396KB do not fit, however. I get "File is too big to fit in MTD".
    Would you be needing to make a Micro version to get around this or maybe compact the Mini version even more?

    Also, I have a tiny instability problem: the router crashes and auto-reboots sometimes (it stays stable between 1 to 10 days), when using Wifi channel width @ 20 MHz. I have been having this issue since the old TomatoUSB versions. 40 MHz is 100% stable, but I need to run 20 MHz, because recently I set up WDS with my E2000 also running Toastman, which breaks when using 40 MHz.
    I tried Transmit Power 42-70 mW and different Interference Mitigation settings. STP is enabled on both routers.

    I needed to disable "Prevent DNS-rebind attacks" on the E2000 (WDS 'slave'), because it was giving warnings in the log.
  Toastman

    Toastman Super Moderator Staff Member Member

    The "ping loss' is not a bug. It is an intended feature of the firewall. To cure the problem, avoid using smokeping.... LOL
  _NemO_

    _NemO_ Networkin' Nut Member

    Hello all!
    I have native ipv6 address from IPS.
    Could you help me to setup ipv6 on Tomato Firmware v1.28.0494 MIPSR2-Toastman-VLAN-RT-N K26 USB VPN
    What and where should I insert?
  darksamus

    darksamus Networkin' Nut Member

    Who is your isp?
  _NemO_

    _NemO_ Networkin' Nut Member

    Triolan (Ukraine, Kiev) (sorry, no EN version)
  jas0npc

    jas0npc Networkin' Nut Member

    Does the qos only work if my wrt54gs 1.4 (I think, too early to go and look at the bottom of the router), is plugged into an adsl modem, At the min i have it plugged lan to lan to extended my wireless network, At the min its like this INTERNET-SAGEM F@ST 2404-LAN CABLE-WRT54GS, My boys connect to the wrt54gs via wifi for their laptops and this was the reason I wanted to be able to use the qos, but all the traffic goes through as unclasified. hope you can help many thanks, forgot to say im on the latest Tomato Firmware v1.28.7632 -Toastman-IPT-ND ND Mini.

    is it possible to go from the lan port on my forst modem/router into the wan port on the wrt54gs?
    incase qos only works on the wan side
    many thanks
  Cumulonimbus

    Cumulonimbus Networkin' Nut Member

    One basic Question: B/W-Limiter only working on LAN1-Port (Bro), QOS only has effect on WAN-Port?
  pharma

    pharma Network Guru Member

  _NemO_

    _NemO_ Networkin' Nut Member

    Can someone help me to setup native ipv6?
  boreas

    boreas Networkin' Nut Member

    @ _NemO_ : in Basic/Network: use PPPoE, set your username, password and service name.
    in Basic/ipv6: use DHCPv6 with prefix delegation, and set Accept RA from WAN.
    Done :)
  _NemO_

    _NemO_ Networkin' Nut Member

    @ boreas
    I have static IPv4 and static native IPv6.
    I don't understand where to set GW for IPv6.
    8 posts above there are 2 screenshots: 1-st - with my IPv6 settings from IPS, 2-d Tomato IPv6 settings window.
    When I set 2a03:7380:300:8000:1 to Router IP Address, br0 (LAN bridge) obtain this address and not vlan2 (WAN).
    GW and DNS not respond to ping from router and from LAN PC.
  whatsinaname

    whatsinaname Addicted to LI Member

    Hello, loving the e4200 with toastmans build, I have a small issue that probably isn't a big deal, but every 30 seconds I get
    the following entry in my logs, (I put the x's in just to obscure)
    I guess I am just not sure what to look for. I am guessing one of my devices is acting up? any help would be appreciated.
    It really fills up my logs :)

    Jan 26 05:53:36 unknown dnsmasq-dhcp[1261]: BOOTP(br0) xx:xx:xx:xx:40:9c no address configured

    Ok, I found out it is an HP all in one wireless printer. hmmm will see if configuring it different will stop the error.
  FlyingHorse

    FlyingHorse Networkin' Nut Member


    So far I'm really enjoying the Toastman build for my E4200v1. Using the latest build (tomato-E4200USB-NVRAM60K-1.28.0494.3MIPSR2-Toastman-RT-N-VPN) I've found one issue that I can't resolve. I'm using cifs to store the Syslog on my main workstation. All is working as it should with the exception of rotations. When Syslog reached its Max size it just stopped, no new log was created. I've named the file syslog.log, given it a max size of 512KB, and number of rotations to keep as 20. Can anybody see a problem with this? Is anyone else having rotation problems with Syslog?
  Toastman

    Toastman Super Moderator Staff Member Member

    Horse - I've just checked mine and found it set to keep only 1 - so no use. I have changed it to 20 and let's see what it does here.

    Quick replies to many posts:

    To all of the people posting here and by PM - there aren't enough hours in the day to reply to all your questions about why you can't get QOS working when you are not using the WAN port! You really do need to do a little basic research on the subject. :confused:

    To those who are surrounded by 3,000 other routers, half of them running 40MHz "N" systems, please stop asking why you don't get good throughput. It's obvious. Move to Siberia.

    To those who can't get 100% ping responses from the WAN, the answer has been published many times - it's perfectly normal behavior and it is due to the firewall settings. (And no, we aren't going to change the firewall settings to make your pings look better).

    To those who want UPnP to open ports under 1024, there's a good reason why the firmware doesn't allow this. Think about it. If you really need to do it, use port forwarding. If you need to do it in spite of all the advice, use a script to change upnp default settings. To those who want to forward ports that may be already be used by the router, think about why it might not be such a good idea. If you need to do it in spite of all the advice, use a script.

    To those who run someone's firmware for several weeks and then suddenly have something unusual happen, it's a pretty good sign that the firmware might not be the cause. Erase nvram and reconfigure by hand, to be sure. If the problem remains, start looking for something that has changed elsewhere before posting for help.

    To everyone with his pet project such as adding a Photoshop plugin or some means to remote control your electric kettle using the router, get a life. This is a router, not a circus carousel. It isn't a Sandybridge processor running at 4GHZ with unlimited resources either :)

    To those who complain they can't start their car after upgrading the router's firmware, please blame God. It's not my fault.

    brainz - 3396 doesn't fit? OMG. There'll be nothing left but bones soon. I'll take a look to see what else can be removed.
  Dent

    Dent Network Guru Member

    Hello Toastman, I am using your release v1.28.0494 MIPSR2-Toastman-RT-N K26 Std on a newly purchased Linksys E4200. I noticed that the default transmit power for both radios is now equal to 0 which is supposed to translate to the hardware default. Was this default transmit power changed recently? I thought I had read that previously it was 17. Also had read that DD-WRT's default was 100. Now with the default at 0, I actually get very good signal strength (as measured by inSSIDer). With this new toastman revision, in my quick tests measuring the 2.4 GHz band (I was also monitoring the 5 GHz band but it seemed to hit a wall much sooner), I tried various transmit power levels including 17, 60, 100, and 150. Previously I believe you had recommended a max level of 60 saying that going higher did not seem to increase the power level. I seem to be able to notice an increase in power at 100 and even higher at 150. But I also notice an even slightly better or stable power level at a setting of 0. Have you revisited any of your transmit power level tests with your newest revisions with a E4200? Was there a reason for making the default level equal to 0 (is this being the best default the reason for the change)?
  Toastman

    Toastman Super Moderator Staff Member Member

    I see no increase in power from a setting of 60 when set to zero (= auto, or rather, the wireless driver's default) on my RT-N16's. But the signal does seem to be more stable and the graph is flatter, very few big jumps in strength. Also, clearly if there is a difference between the hardwares on the market, the wireless driver will (hopefully) be able to change to accommodate the hardware. That's why I changed it. We don't actually know what this "default" setting actually is. In my opinion it is probably not a fixed level, it can be varied by the wireless driver according to some internal algorithm according to circumstances, country, wireless clients, power saving, and so on. It's probably quite conservative and "safe".

    As far as throughput is concerned I haven't actually seen any difference here on the RT-N16's with any of my wireless clients. I don't generally get any wireless dropouts here and never did. I have not tested 5GHz. I haven't tested WDS and so on.

    There doesn't appear to be any common consensus on what is best, this is just my attempt to find some better default settings. This may also be highly dependent on the country. I set Singapore, you'll notice. It may not always give the same result with other countries. I reran the tests several times and sometimes found the results were completely different after a reboot. This annoys me somewhat. It should be repeatable every time.

    I quickly reran the tests I did before and found with all of the recent wireless drivers the maximum strength was still reached with a manual setting of around 60 or so. (It might well be 70 as it is right at the top of the curve and not easy to tell because of jitter). You will occasionally see the strength peak higher than this but then stabilize as the power amplifier is adjusted by the firmware to remain linear. But TBH we don't really have the right tools to be sure of any of this. Unfortunately, InSSIDer is not a spectrum analyzer. I never found DD-WRT to be any stronger, by the way.

    Your tests are interesting, if you get a chance to repeat them do so on a router at least 25m distant, and repeat each measurement a minimum of around 20 times. Ignore obvious "scatter" readings and then average the remainder. I plot this once going up in power in steps of 10 and then 50 once over 100, occasionally resetting to 10 to check the path hasn't changed. I then plot it again coming back down in power, which really does confirm that the transmit path conditions have not changed during the course of the measurements. If there's a difference, then you have to start again.

    If you do find that more than 60 gives a real increase on the E4200, that would be useful to know.

    Feedback so far has been minimal, but there haven't been any adverse comments yet on the "0" default.
  ithrowpicks

    ithrowpicks Networkin' Nut Member

    I'm sure Toastman will chime in here but I don't think he has an E4200 to test with. I think he bases those numbers on testing done with the E3000 which has similar hardware.

    Also the default transmit power from Cisco for the E4200 is 100 mW based on posts here and dd-wrt forums, however if you set 100 in the gui and telnet to the router, execute 'wl txpwr1' you will see these results
    TxPower is 80 qdbm, 20.0 dbm, 100 mW Override is Off

    If you use transmit power 0 for hardware default you get this... this doesn't look safe for extended periods but I have never tried to push it.
    TxPower is 127 qdbm, 31.75 dbm, 1496 mW Override is Off

    I keep both of mine at 100 and they seem to working well but it's winter time here so not sure if that success will continue when the weather gets warmer
  Toastman

    Toastman Super Moderator Staff Member Member

    Yep. I long ago decided that all of these figures mean nothing in the real world. The RT-N16 gives the same readout when set to "0". e.g - 1496mW ??? - err ..., excuse me .... the P.A. chip in the RT-N16 and most of the current routers is only rated at 250mW, so this is obviously nonsense. Just ignore it.

    [A possible explanation is that the firmware can also run on another router which has high power amplifiers, and this setting somehow is still in this firmware. Maybe this driver was swiped from such firmware originally. But ignore what it says, you can't get 1.5 watts out of a chip whose maximum is 0.25 watts. You can't get a gallon of beer out of a pint mug either, sadly.]

    "Override is off" - probably means that if we try to exceed some nominal figure (defined in the driver) then it will be limited by the driver - i.e the driver's settings have priority. Long ago, it was possible to turn this override ON and you could manually adjust the power to whatever you wished. Teddy Bear found that you can't do that now. Whatever we do is probably being modified by the driver. And we have no control over the driver, which is a closed-source blob from Broadcom.
  Noxolos

    Noxolos LI Guru Member

    Hi Toastman,
    thx for your Firmware development.
    Actually I bought two Linksys E4200 v1 to build a wireless bridge based on the 5GHz radios.
    I will write down my results. I hope I'll get something near to 300 MBit or even more.
    One of those will be placed in my bedroom. Is there a way to disable the Cisco LED on top?

    EDIT: Just read about the 30-30-30 reset. Is it also necessary for Tomato? I flashed the first device a week ago directly from linksys firmware to tomato-E4200USB-NVRAM60K-1.28.0494.2MIPSR2-Toastman-VLAN-RT-N-Ext.bin. After flashing I erased NVRAM (Administration => Configuration => Restore Default Configuration). Would it be better or safer to do this 30-30-30 reset?
  Toastman

    Toastman Super Moderator Staff Member Member

    Tick the "erase after flashing" box is good if you remember to do it, otherwise use the erase nvram (thorough) option. Then reconfigure from scratch, and don't restore any older config files. This method can make it easier:

    Read through the many posts from jsmiddleton4 for guidance with your wireless bridge etc. on 5GHz. Start a new thread if you need help.
  Sptw

    Sptw Networkin' Nut Member

    Hi there,

    My first time here, so congratulations and thanks for your hard work Toastman.
    I just download your last firmware for my cisco linksys E3000, tomato-E3000USB-NVRAM60K-1.28.0494.3MIPSR2-Toastman-RT-N-VPN.bin.I could see a change on cpu frequency related to the latest one 1.28.0494.2, that is 600/300/150 option.Since i know you own the same router, my question is: did you get your router to work with this setting?I have been using 532/266/133 working like a charm...No problem at all, not even running warm, very cool indeed.Using 600/300/150 after reboot, the router continue to show 480/240/120.When change back the option to 532, it show the correct number on cpu frequency after the reboot process.

    BTW here is a simple mod that i made to my e3000 stay cool :)

    Attached Files:

  Toastman

    Toastman Super Moderator Staff Member Member

    The E3000 will not run at this frequency.

    600/300/150 is for the RT-N66U which has a faster processor. If the router somehow starts up at the wrong speed this would allow people to set it back to the correct frequency.
  Sptw

    Sptw Networkin' Nut Member

    Thanks for the fast reply.
  Toastman

    Toastman Super Moderator Staff Member Member

  Noxolos

    Noxolos LI Guru Member

    Ok, I will use the other thread for the wireless stuff.
    But I have still the question about the Cisco LED, is there a chance to disable the LED with a telnet command?
    (I hope I don't bother you with this)
  Toastman

    Toastman Super Moderator Staff Member Member

    January 29 2012 - 1.28.7495 and variants

    This is quite likely to have bugs - please regard VLAN builds as experimental!


    • add 600Mhz cpu freq (for RT-N66U)
    • route modem IP - fix missed changes
    • change default QOS rules
    • rc/firewall: reorg ipt_account rules creation (revert)
    • WebUI: bugfix on forward/upnp page
      • Couldn't select any LAN bridges without first enabling "Inactive Rules Cleaning" first.
    • Static ARP: minor improvement in the code
    • IGMPProxy: ignore non-primary addresses on upstream VIF
      • Prevents issues when "Route Modem IP" is enabled and WAN is set to DHCP, etc...
    • UDPxy: fixed symlink for udpxrec
    • Updated some timezones
    EXPERIMENTAL Web UI for multiple virtual/guest WLANs


    Look at Teaman's site:

    • Added EXPERIMENTAL Web UI for multiple virtual/guest WLANs
    • MultiSSID: small web UI fix (only Access Point mode supported for non-primary VIFs)
    • MultiSSID: up to 4 WL VIFs per physical interface allowed on WebUI
    • MultiSSID: web UI improvements
      • bugfix on the VIF table/list (max 4 VIFs per physical wireless interface)
      • commented out some debugging code left still in place
      • user can only hit the 'save' button from the 'overview' tab (helps improving validation of fields on other tabs)
      • revised 'notes' section
    • Fixed non-VLAN build errors introduced on recent merges from Teaman-ND
    • Tools/System bugfix: command output was hidden inside the 'Notes' section'
    • dnsmasq: fix DNS/hostname resolution on LAN bridges with DHCP disabled
      • dnsmasq should respond to DNS queries on all internal/LAN interfaces, even if DHCP is disabled on some of them
    cost21 and though like this.
  gutsman7

    gutsman7 Networkin' Nut Member

    Thnx Toastman for the update im currently running tomato-K26-1.28.7495MIPSR2-Toastman-RT-Mini.trx as a wireless ethernet bridge and all is well on my wrt310n v2. My main router is running tomato-K26-1.28.7494.3MIPSR2-Toastman-RT-Mini.trx cant update it just yet, network is very bussy at the this time. Oh and I love the classic theme. THNX so much.
  brainz

    brainz Networkin' Nut Member

    Toastman, please include a build that fits on my Netgear WNR3500v2.
    I'm currently running tomato-K26-1.28.7487MIPSR2-Toastman-RT-Mini.trx, which is 3,328KB.
    The latest few versions of 3,396KB do not fit, however. I get "File is too big to fit in MTD".
  streetwolf

    streetwolf Networkin' Nut Member

    RE: Tomato Firmware v1.28.7495 MIPSR2-Toastman-RT K26 USB Ext

    Changing the CPU frequency doesn't work again. While it is correct on the screen where you change it, the status screen shows the default frequency. I did a reboot but to no avail.
  jsmiddleton4

    jsmiddleton4 Network Guru Member

    I just checked and it is as street noted. Can change in the Misc section but display in Status area stays at default.

    Still no luck on getting time to set itself in slave when in wireless bridge mode.
  Toastman

    Toastman Super Moderator Staff Member Member

    Just checked it here, frequency display works for me. Changed, saved, rebooted, 4 different frequencies. Nothing has changed in the code as far as I can see.

  Toastman

    Toastman Super Moderator Staff Member Member

    brainz - look for the "Tiny" build - it also has JFFS removed.
  Cumulonimbus

    Cumulonimbus Networkin' Nut Member

    Sure, that 600 Mhz working on E4200v1 in long time period?
  Toastman

    Toastman Super Moderator Staff Member Member

    Aarggh - that's a typo. I meant to say the RT-N66U. I'll change it !

    RT-N66U uses the RT-N build, with the "special" wireless driver.
  though

    though Network Guru Member

    hey toastman-

    thanks for the new build. does the RT-N66U take the RT-N or RT like the N16?
  Noxolos

    Noxolos LI Guru Member

    My Wireless Bridge with the two E4200 is working very well :) (wired LAN > wireless bridge > wired LAN: around 20MB/s)
    Thx again for your work Toastman!

    The E4200 in my bedroom makes a great lightshow in the night, does anybody know the correct commands to disable all LEDs?
  pharma

    pharma Network Guru Member

    If the lightshow is really bothering you, use paper and tape to cover.
  Yobo

    Yobo Addicted to LI Member


    led diag off; led white on

    turns off the main main light.
  kthaddock

    kthaddock Network Guru Member

    Need som help with this:

    How to setup dnsmasq "Ignore DHCP requests from unknown devices" that gives "dhcp-ignore=tag:!known" in config file and block ALL DHCP-requests even from own LAN side. I want to block client-DHCP from my other subnet, It's conected with openvpn TAP and TCP.

    I have tried this but still give DHCP to subnet: dhcp-host=00:20:e0:3b:13:af,ignore, other subnets LAN-MAC address.

    I have looked here but I can't find any solution:

    Maby Teaman have some tips ?

