Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Fitz Mutch

    Asus rt-ac3200 merlin flashed kill switch drops express vpn

    When you click Apply in the WebUI, I think it's restarting the network. That's why it's dropping your VPN. You might be able make your own firewall rule to block all network devices from accessing the Internet, while allowing the VPN client tunnel interface.
  2. Fitz Mutch

    Asus rt-ac3200 merlin flashed kill switch drops express vpn

    What is the kill switch supposed to do?
  3. Fitz Mutch

    Block specific ip using iptables

    This tool converts IPv4 range to CIDR. Now you don't need an Internet connection to convert an IP range to CIDR. I was cleaning the cutting room floor. Example: Example # range2cidr.sh 0.0.0.1 255.255.255.255 0.0.0.1/32 0.0.0.2/31 0.0.0.4/30 0.0.0.8/29 0.0.0.16/28 0.0.0.32/27 0.0.0.64/26...
  4. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    You don't need to be afraid of this coming back and interfering with the clock. Normally, the command service start_ntpc, would start both ntp and ntpclient. That's how I tested it.
  5. Fitz Mutch

    How to solve ' UDP Please add the line "net.core.rmem_max = 4194304"'?

    I added this to Asuswrt-Merlin services-start, before my Entware-ng services are started. All appears normal, as far as I can tell. /jffs/scripts/services-start #!/bin/sh # FIX: transmission-daemon # UDP Failed to set receive buffer: requested 4194304, got 245760 (tr-udp.c:84) # UDP Please...
  6. Fitz Mutch

    Port Isolation

    I am sorry, I don't remember writing that. It seems he was just explaining how it works. It was probably my brother Jon.
  7. Fitz Mutch

    Port Isolation

    All these questions you have, can be answered by reading the AsusWRT source code.
  8. Fitz Mutch

    Port Isolation

    0000000001111111 = 0x007F = 127 ASUS QoS and bandwidth limiter 0000000010000000 = 0x0080 = 128 (ISIS) Ethernet Port 1 0000000100000000 = 0x0100 = 256 (ISIS) Ethernet Port 2 0000001000000000 = 0x0200 = 512 (ISIS) Ethernet Port 3 0000010000000000 = 0x0400 = 1024 (ISIS) Ethernet Port...
  9. Fitz Mutch

    Port Isolation

    Here's what I found while doing quick check of AsusWRT. Probably want to avoid stepping on reserved or known packet marks... these are marks that would "bit XOR modify" other marks that are currently in use by the firmware. Asus uses packet marks for guest network QoS, which has not been...
  10. Fitz Mutch

    Port Isolation

    In AsusWRT, netfilter/iptables only sees the bridge interface (br0), not the physical interfaces (vlanX). If you want to filter on the specific vlans, then you need ebtables brouting rules, then you can filter on the physical interfaces (vlanX). Or, have a separate bridge interface (br0, br1...
  11. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    I tried this other way, and it works too. It is more simple. /jffs/scripts/set_ntp_ready.sh #!/bin/sh wait_for_clock_change() { local snooze_secs=2 local detect_secs=10 local t_busybox="$(/bin/date -r /bin/busybox +%s)" while : ; do if [ "$(/usr/sbin/nvram get ntp_ready)" == "1"...
  12. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    The final step is to "mkdir /var/run/ntp.pid" to prevent the Asus NTP service from starting again. The Asus NTP service may default it back to something, but it don't matter.
  13. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    EDIT: You should probably kill the NTP service too. The first killall sends a signal telling the NTP service to do some housekeeping(?), and the second killall terminates the process. Example: # wait for Asus NTP service to start, if the router is booting wait_remaining=120 # seconds...
  14. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    Do you use a NTP drift file?
  15. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    Asus may require you to properly kill their NTP service with a TSTP signal, after your clock has been synchronized: /usr/bin/killall -TSTP ntp OR, the quick+dirty way to fix your WebUI text: /usr/sbin/nvram set svc_ready=1 AND, I refer you to the AsusWRT source code :)...
  16. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    You also need to set the nvram variable ntp_ready, to tell the router that the clock has been set. Here's an example for how you could do, this has not been tested yet. /jffs/scripts/set_ntp_ready.sh #!/bin/sh wait_for_clock_change() { local snooze_secs=2 local detect_secs=10 local...
  17. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    /bin/umount /usr/sbin/ntpclient OR, reboot the router.
  18. Fitz Mutch

    Port Isolation

    DNSMasq/DHCP will create the subnets, based on what interfaces? Each VLAN interface (vlan1.x) or bridge interface (brX)? I would try figure out that piece first.
  19. Fitz Mutch

    Port Isolation

    Will there be any new bridge interfaces? What happens to the current bridge interface (br0)?
  20. Fitz Mutch

    NTP Daemon for ASUSWRT/Merlin

    Here's my general purpose tool to disable almost any program on the router. It's a function, but you could make it a standalone script. deny_access() { local FILEPATH="$1" local FILENAME="$(/usr/bin/basename $FILEPATH)" local FILEEXT="${FILENAME##*.}" if [ "$FILEEXT" == "ko" ]; then...
Top