What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I saw an article a couple days ago that DNS over TLS was being added to another firmware project, and that it was a big deal. Those of us using this build or Fresh Tomato have had DNS over TLS for 9 or 10 months already and knew it was a big deal last year! John's fork has been one of the early adopters of this functionality. Given the recent DNS hacks that affected some well known DNS servers, I appreciate even more having DoT on my routers.
 
Any experience here with DoT and the CF test? Does DoT work on other than CF and it's app? For me it always says no to DoT unless I use CF.
 
Yes. I have used other DNS providers than Cloudfare. I have used Quad9 and Google as well and they work fine with DoT. I have used DNS Leak Test to verify DNS but to my knowledge only Cloudfare has a handy dandy web site to test DoT functionality (when using their resolvers). Others can comment about validating DoT with other resolvers.
 
Any experience here with DoT and the CF test? Does DoT work on other than CF and it's app? For me it always says no to DoT unless I use CF.
The CF test only tells you if you're using their servers, not other people's.
 
Next release has been posted to pick up a few new fixes...nothing critical. I'm going to be tied up for the next couple of weeks, so decided to post up my current working level.

LATEST RELEASE: Update-39E3/39L3
17-April-2019
Merlin fork 374.43_39E3j9527
Download http://bit.ly/1YdgUcP
============================

Key Changes:
  • Backported fixes for two buffer overrun exposures from Merlin 384
  • Custom scripts now post a log message if they are not marked as executable
  • Fix a case where the JFFS syslog copy may not be updated

SHA256
Code:
(Default Build - All supported routers)
1da9783719ba049db983d951f2bf1d2e491eb54da536f6c37b91f83382570b41  RT-N16_374.43_39E3j9527.trx
7ff2550da6a757f989d0e826a65ad564882d9b964bc59be4ea70b85216705d21  RT-AC66U_374.43_39E3j9527.trx
79375da7d3f55626b9cd24aec5b13fb9871e86014f26959b70b32b16fae7fb64  RT-N66U_374.43_39E3j9527.trx
8e21b418e7df90d01b574e1fda08a6be5a8720ac9896a45cf1c8cba01c9dff0f  RT-AC68U_374.43_39E3j9527.trx
0bb8364fda5740a1314115dbc1d9acc1f39f92498df55d1f2622ba7d6b0d48d3  RT-AC56U_374.43_39E3j9527.trx

(Legacy Only Builds)
fbba5033a87c5fbed9b3f83a2960838a5d53b717075d1aadc5c0d0ddfe54e4eb  RT-AC68U_3.0.0.4_374.43_2-39L3j9527.trx
92faa3693ffc2cbef324fad7ff510d302628c57d977d5597e374e534fb04690b  RT-AC56U_3.0.0.4_374.43_2-39L3j9527.trx
545927719c46e359a0db6bf9dcb348f99c0f3d8786725780cb182994c61b19be  RT-N16_3.0.0.4_374.43_2-39L3j9527.trx
5e9c82a5b250097172fe3867667149dfa46ed792782cc9f7d11959c44957c2f5  RT-AC66U_3.0.0.4_374.43_2-39L3j9527.trx
9aa05ea06237b4ebec4619c43d9b7ad221c2565a4667971d172a6d857d1bac88  RT-N66U_3.0.0.4_374.43_2-39L3j9527.trx
 
Hi,

I have an RT-AC66U on 39E1. I just changed the log level from debug to notification, and after the usual waiting time I'm not able to login any more? Username and password just not accepted.

This has happened to me once before. That time I had to reset the router but don't feel like doing that again. Any ideas what's happening?

Edit: Router seems to work as usual, just not able to login to the admin interface.
 
Hi,

I have an RT-AC66U on 39E1. I just changed the log level from debug to notification, and after the usual waiting time I'm not able to login any more? Username and password just not accepted.

This has happened to me once before. That time I had to reset the router but don't feel like doing that again. Any ideas what's happening?

Edit: Router seems to work as usual, just not able to login to the admin interface.

Reboot the router and see if that solves it. :)

Otherwise; update to the latest firmware (see post above yours), recommended. How long ago did you need to reset it? From which firmware version did you flash to 39E1? You may not feel like it, but it may be necessary if it is more than 3 versions ago. ;)
 
Hi,

I have an RT-AC66U on 39E1. I just changed the log level from debug to notification, and after the usual waiting time I'm not able to login any more? Username and password just not accepted.

This has happened to me once before. That time I had to reset the router but don't feel like doing that again. Any ideas what's happening?

Edit: Router seems to work as usual, just not able to login to the admin interface.
Just tried flipping the log-level a couple of times and everything worked fine. Can't think of why loglevel would effect logging in.

Can you connect via SSH? If you, you can manually reset the loglevel to the default Info via

nvram set log_level=7
nvram commit
service reboot

Are you running any addons such as Skynet or Diversion? Only SWAG I can come up with is that some addon which tries to clean the syslog is looking for some log entry which isn't there with Notification level and spinning.....
 
Thanks john9527 and L&LD for quick responses. I have rebooted :) SSH login not enabled unfortunately. Last reset was not that long ago, 2 versions perhaps. Not sure how to update the firmware if I'm not able to login? Can I use the ASUS Firmware restoration tool perhaps? And will that cause me to lose all settings?

Some more info: Not running SSL, OpenVPN server running, otherwise pretty default setup.

Last time this happened I was also just doing a minor change. I'm thinking it's time to replace the old AC66u perhaps..
 
Update and wtf: Tried replacing my username with the default 'admin' now, it worked! With the password set for my username. So it seems my user was renamed from what I've set to 'admin'...

Thinking maybe Lastpass or a form filler changed the login name on the Admin page where I changed log level before I hit save...
 
Next release has been posted to pick up a few new fixes...nothing critical. I'm going to be tied up for the next couple of weeks, so decided to post up my current working level.

LATEST RELEASE: Update-39E3/39L3
17-April-2019
Merlin fork 374.43_39E3j9527
Download http://bit.ly/1YdgUcP
============================

Key Changes:
  • Backported fixes for two buffer overrun exposures from Merlin 384
  • Custom scripts now post a log message if they are not marked as executable
  • Fix a case where the JFFS syslog copy may not be updated

SHA256
Code:
(Default Build - All supported routers)
1da9783719ba049db983d951f2bf1d2e491eb54da536f6c37b91f83382570b41  RT-N16_374.43_39E3j9527.trx
7ff2550da6a757f989d0e826a65ad564882d9b964bc59be4ea70b85216705d21  RT-AC66U_374.43_39E3j9527.trx
79375da7d3f55626b9cd24aec5b13fb9871e86014f26959b70b32b16fae7fb64  RT-N66U_374.43_39E3j9527.trx
8e21b418e7df90d01b574e1fda08a6be5a8720ac9896a45cf1c8cba01c9dff0f  RT-AC68U_374.43_39E3j9527.trx
0bb8364fda5740a1314115dbc1d9acc1f39f92498df55d1f2622ba7d6b0d48d3  RT-AC56U_374.43_39E3j9527.trx

(Legacy Only Builds)
fbba5033a87c5fbed9b3f83a2960838a5d53b717075d1aadc5c0d0ddfe54e4eb  RT-AC68U_3.0.0.4_374.43_2-39L3j9527.trx
92faa3693ffc2cbef324fad7ff510d302628c57d977d5597e374e534fb04690b  RT-AC56U_3.0.0.4_374.43_2-39L3j9527.trx
545927719c46e359a0db6bf9dcb348f99c0f3d8786725780cb182994c61b19be  RT-N16_3.0.0.4_374.43_2-39L3j9527.trx
5e9c82a5b250097172fe3867667149dfa46ed792782cc9f7d11959c44957c2f5  RT-AC66U_3.0.0.4_374.43_2-39L3j9527.trx
9aa05ea06237b4ebec4619c43d9b7ad221c2565a4667971d172a6d857d1bac88  RT-N66U_3.0.0.4_374.43_2-39L3j9527.trx
I saw a fork in the router so I took it! :D
 
Just a minor usability report for the Stubby interface. I enabled the DoT radio button to yes, and still had old DoT servers selected from a while back. I chose 2 new ones (Quad9) and before hitting Apply I enabled DNSSEC support since it’s the topic du jour. However, when I hit the DNSSEC radio button, the DoT server selection reverted to my previous entries. All this is done without yet hitting Apply.

So it seems I would need to always press apply after changing DoT servers, but before changing any other radio buttons on the WAN page.

Is this fixable?

Edit: I see in the code this is part of refreshing the server list to only show those supporting DNSSEC. But ideally it wouldn’t forget my new selections if they were still on the re-filtered list.
 
Last edited:
However, when I hit the DNSSEC radio button, the DoT server selection reverted to my previous entries. All this is done without yet hitting Apply.
Agreed, this is not optimal. I'll take a look (have to remember if there was a reason I did it that way or if it's a just a byproduct of using a common subroutine :) )
 
Agreed, this is not optimal. I'll take a look (have to remember if there was a reason I did it that way or if it's a just a byproduct of using a common subroutine :) )
I was confused when I saw 2 functions with the same update_resolverlist name, but one was for dnscrypt and one for stubby.
 
I was confused when I saw 2 functions with the same update_resolverlist name, but one was for dnscrypt and one for stubby.
Yes....I left the dnscrypt code in just in case instead of deleting it. It's actually a conditional compile based on selected options as to which one is included. (the ability to do conditional compile within the gui code is something I ported over from Tomato).
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top