Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. R

    TCP 42443 opened in R7800 firewall

    R7800 running Voxel V1.0.2.86SF Today I noticed in iptables firewall that TCP 42443 was opened between the router and the internet, in both directions. a bit of google showed that that port was used by the kwilt software that was optionally on the router. But I have disabled kwilt both directly...
  2. R

    Kamoj Kamoj Add-on Beta testing II

    I'm very curious. I do worry though that it might not fully work with some of my setup. Because I have my MacBook go directly to internet, but a Window VM on top of that MacBook I want to route via VPN. The issue: both have the same MAC-address (because the VM is bridged onto the WiFi). And...
  3. R

    Kamoj Kamoj Add-on Beta testing II

    also just spotted a minor thing that could mess up the statistics: if you have kill-switch enabled, then firewall-start-openvpnkillswitch.sh or firewall-start-wireguard_killswitch.sh is executed after firewall-start-bwusage.sh. If you also have the option "No Killswitch for Bypass devices"...
  4. R

    Is the limit of VPN Client 39? on Kamoj

    fyi, I discovered a small omission in my examples for manually doing some vpn-bypassing
  5. R

    Kamoj Kamoj Add-on Beta testing II

    Netgear (and Voxel) firmware use udhcpd for DHCP and that doesn't support the tagging features. a workaround you could use: If the devices that need to use a different DNS have a fixed IP-address, then you could use iptables rules to force them to use a different DNS. iptables -w -t nat -A...
  6. R

    Is the limit of VPN Client 39? on Kamoj

    as a workaround, you could try executing this before you use nano: export TERM=xterm
  7. R

    Kamoj Kamoj Add-on Beta testing II

    question of course is which version of kamoj you are running. and to diagnose, the output of Kamoj Addon -> VPN Bypassing -> ip rule show would be useful.
  8. R

    Voxel Custom firmware build for R7800 v. 1.0.2.86SF

    the R7800 has a firewall that mostly only blocks inbound traffic, but blocks no outbound traffic. I.e. all devices on your network can connect to any destination on internet. Aegis adds a rules to that firewall so that also a lot of outbound traffic is blocked, to addresses that are considered...
  9. R

    Is the limit of VPN Client 39? on Kamoj

    you apparently can already ssh or telnet into the router, because you managed to install kamoj addon. then just do nano /usr/bin/addon_bypassvpnip.sh then scroll down to the last "ip route flush cache" and copy + paste the desired lines just above that line. do crtl+x and choose yes to save...
  10. R

    Is the limit of VPN Client 39? on Kamoj

    I don't know about the 39 limit, but I have a similar situation, where I only want a few fixed IP-address to always use the VPN. so my solution was to edit /usr/bin/addon_bypassvpnip.sh and then add these lines somewhere just above the last "ip route flush cache" [ "$(ip rule list | grep -c...
  11. R

    Best and most optimal settings (Voxel & Kamoj)

    overlay-fs = overlay filesystem. i.e. the files in /overlay are "layed over" the readonly filesystem that is in the firmware. and if you modify a file that is in the readonly fs, then it automatically stores the modified version in the overlay. in orbi that /overlay is in memory, thus lost at...
  12. R

    Best and most optimal settings (Voxel & Kamoj)

    I guess it depends which router you have. With R7800 or R9000 you don't need a pen-drive. With Orbi I think you do, if you want the changes to survive a reboot. do the folders already exist? if not then first do a mkdir -p /overlay/opt/scripts (or just do vi /opt/scripts/firewall-start.sh and...
  13. R

    Keep DNSCrypt setting and Kamoj addon after update

    if you have an USB disk constantly plugged in, you could add some logic to the postmount script, to detect if addon is installed and if not install it from USB + reboot. (And if you'd make it really fancy, you could have always install the newest version that is stored on the USB disk. This way...
  14. R

    Voxel Custom firmware build for R7800 v. 1.0.2.85SF

    probably the last attempt you used http://192.168.1.1 instead of https://192.168.1.1 (or you used a different browser with less strict certificate validation settings)
  15. R

    Kamoj Kamoj Add-on Beta testing II

    afaik, DNSCrypt only supports DNSCrypt afaik, DNSCrypt doesn't support DoT. As for DoH, it only supports ODoH. So I guess you then need stubby. and from their configuration document (so untested by me): In Strict Privacy mode, at least one of the following is required for each nameserver...
  16. R

    R7800 VPN Service

    yep, known issue. Potential causes: If you use IP-address in your VPN config, or if you configured a static DNS entry, then: Traffic towards your VPN server is sent directly via your ISP, but return traffic is sent via VPN provider thus never can be matched to the original request and is...
  17. R

    Help with IGMP Snooping and DLNA

    Without IGMP snooping, the DNLA multicast traffic is sent to all devices, instead of only the DNLA clients that are active. That additional unwanted traffic could be the reason for that slowdown. If that is the case, then probably an unmanaged switch will not solve the slowdown. (as that will...
  18. R

    R7800: understanding some packets emitted from router to APIPA address

    Could it be that this communication is between your router and your ISP modem? i.e. that during DHCP renewal temporary APIPA adresses are configured? perhaps run a tcpdump on filtering on these IP-addresses. Perhaps then you also see mac-addresses ?
  19. R

    Kamoj Kamoj Add-on Beta testing II

    Afaik the only way to get accurate Bandwidth monitoring is to disable the hardware acceleration, for instance via kamoj setting: Disable NSS Network SubSystem Acceleration. And then it is a matter of testing whether the router is still fast enough, or else decide what is more important, speed...
  20. R

    Kamoj Kamoj Add-on Beta testing II

    With the current implementation of both Wireguard and OpenVPN, the router will still use the DNS servers that are configured on the internet settings page. -> By default this has the DNS servers from your ISP. In this case, depending on your VPN provider, your ISP might still get the DNS...
Top