amtm amtm - the Asuswrt-Merlin Terminal Menu

[SMS786]

i know that diversion and skynet coordinate their lists, are not codependent,
and block ads using different methods thus they are not redundant.

but pixelserv is supposed to be included during diversion's install
Use a blocklist: Diversion. Note: This Ad-blocker includes the installation of pixelserv-tls

so is the pixelserv here in amtm's menu for stand alone use only?
but is in actuality already installed because i have the latest diversion running?
or is amtm clearly indicating i somehow did NOT install pixelserv with diversion.

if i still need to install pixelserv with diversion, then how exactly has
diversion NOT been functional, since it seems to be working just fine.
for a while i was running diversion alone, and it clearly blocked ads.

Diversion will take care of ads served by HTTP, while pixelserv handles HTTPS ads (which are becoming more and more common). Diversion completely handles the block lists for both.

Best bet is to do the initial install of pixelserv through the Diversion UI. Then you can update PS through amtm as new beta/stable versions become available.

 

[consorts]

do the initial install of pixelserv through the Diversion.

ok, that's what i wanted to get crystal clear... that amtm was at fault for not reporting
on pixelserv status properly - as clearly i already have it running as part of diversion.

many depend on amtm to report what version of each app is active
so lonelycoder should incorporate that status for pixelserv as well.

 

[L&LD]

ok, that's what i wanted to get crystal clear... that amtm was at fault for not reporting
on pixelserv status properly - as clearly i already have it running as part of diversion.

many depend on amtm to report what version of each app is active
so lonelycoder should incorporate that status in pixelserve as well.

I think you're getting confused or frustrated. amtm is not reporting anything wrong. It is giving you the option to install the latest beta version.

 

[consorts]

amtm is giving you the option to install the latest beta version.

right, but it's NOT telling me that i already have any
version running - thus causing unnecessary confusion.

 

[L&LD]

right, but it's NOT telling me that i already have any
version running - thus causing unnecessary confusion.

It is telling you that exactly. Just in a different part of the menu (Diversion).

 

[visortgw]

I think you're getting confused or frustrated. amtm is not reporting anything wrong. It is giving you the option to install the latest beta version.

Actually, latest release version (i.e., v2.2.1) as pixelserv is not currently in beta. Release history is at https://github.com/kvic-z/pixelserv-tls/releases.

 

[Xentrk]

please help me understand these apps

dnscrypt is equivalent/included in stubby
pixelserv is equivalent/included in diversion

so i really don't need those two, right?

The links below will provide brief descriptions that should answer your questions. Let us know if you still have questions after reading.

https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+-+The+Solutions
https://github.com/kvic-z/pixelserv-tls

 

[L&LD]

Actually, latest release version (i.e., v2.2.1) as pixelserv is not currently in beta. Release history is at https://github.com/kvic-z/pixelserv-tls/releases.

Thank you. I was running the 2.21 beta all this time.

I just updated through the ep option in Diversion. How do I select which install to use (dynamic or statically linked) on an RT-AC3100?

 

[consorts]

How do I select which install to use (dynamic or statically linked) on an RT-AC3100?

same question.
there is no pixelserv upgrade option in diversion
and there is no broadcom cpu option in amtm

 

[Butterfly Bones]

Thank you. I was running the 2.21 beta all this time.

I just updated through the ep option in Diversion. How do I select which install to use (dynamic or statically linked) on an RT-AC3100?

From https://kazoo.ga/pixelserv-tls/
Release 2.2.1 (2018-12-29)
Binary Download for Entware users
Statically linked pixelserv-tls (support TLS 1.0, 1.2 and 1.3)

Regular pixelserv-tls (support TLS 1.0 and 1.2)

 

[visortgw]

Thank you. I was running the 2.21 beta all this time.

I just updated through the ep option in Diversion. How do I select which install to use (dynamic or statically linked) on an RT-AC3100?

Statically linked binaries use a newer version OpenSSL (i.e., 1.1.1a) in order to support TLS 1.3 in addition to TLS 1.0 and 1.2 -- it's your choice.

 

[L&LD]

same question.
there is no pixelserv upgrade option in diversion
and there is no broadcom cpu option in amtm

There is; when in Diversion, type 'ep' and '6' and '3'.

There is no 'broadcom' cpu that I know of. The RT-AC3100 we have is the arm7...

 

[Therion87]

There is; when in Diversion, type 'ep' and '6' and '3'.

There is no 'broadcom' cpu that I know of. The RT-AC3100 we have is the arm7...

It’s a boardcom CPU built on ARM architecture

https://wikidevi.com/wiki/ASUS_RT-AC3100

 

[consorts]

ac3100; It’s a boardcom CPU built on ARM architecture

thanks, but amtm does not have an A9 entry either,
so what do we do to get pixelserv 2.2.1 safely ?

CPU: Broadcom BCM47094 @1.4GHz (ARM Cortex A9)

 

[L&LD]

thanks, but amtm does not have an A9 entry either,
so what do we do to get pixelserv 2.2.1 safely ?

CPU: Broadcom BCM47094 @1.4GHz (ARM Cortex A9)

Not sure where you got your RT-AC3100.

In the RMerlin 'Tools' section I show "ARMv7 Processor rev 0 (v7l) (Cores: 2)" running at 1.4GHz.

Edit: I see we are talking about the same processor! lol... It is the ARMv7 option we need as I've repeated above.

 

[Butterfly Bones]

thanks, but amtm does not have an A9 entry either,
so what do we do to get pixelserv 2.2.1 safely ?

CPU: Broadcom BCM47094 @1.4GHz (ARM Cortex A9)

You are confusing CPU Model with CPU Architecture.
https://en.wikipedia.org/wiki/ARM_architecture

All ASUS routers are ARMv7 architecture with the exception of the HND platform (GT-AC5300 and RT-AC86U) which are aarch64, usually referred to as ARMv8 for Entware and in pixelserv-tls updates.
https://www.snbforums.com/threads/e...-rt-ac86u-with-asuswrt-merlin-firmware.44393/

 

[Mutzli]

You are confusing CPU Model with CPU Architecture.
https://en.wikipedia.org/wiki/ARM_architecture

All ASUS routers are ARMv7 architecture with the exception of the HND platform (GT-AC5300 and RT-AC86U) which are aarch64, usually referred to as ARMv8 for Entware and in pixelserv-tls updates.
https://www.snbforums.com/threads/e...-rt-ac86u-with-asuswrt-merlin-firmware.44393/

and RT-AX88U

 

[Zonkd]

Oh how life would be sweeter if AMTM gave a shortcut to check that DNSSEC is working @thelonelycoder.

It would need to install entware and bind-dig and run command:

dig cloudflare.com @1.1.1.1

If output contains the ad flag then inform user DNSSEC is working.

; <<>> DiG 9.11.5 <<>> cloudflare.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21357
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

Global DNS Filter or Stubby may prevent using 1.1.1.1 so I considered using router itself in command but it results in ad flag not appearing next time around meaning the user couldn't run the test again:

dig cloudflare.com @router.asus.com

Previously I relied on my Mac to run the check. Now I get by with an alias in /jffs/configs/profile.add

 

[elorimer]

The whole last two pages about pixelserv-tls have gone so horribly off the rails that now I am confused.

The version of pixelserv-tls in Entware is 2.2.0-1, and that is what Diversion installs (I think--it's been a long time now since I ran that).

amtm gives you the ability to install the newest release of pixelserv-tls, installed outside the Entware opkg method. There were a series of beta releases available that way, and now we are at 2.2.1. They are "beta" because they are not in the Entware method, but the newest is utterly stable. There is no reason not to do this. amtm also gives the ability to rollback. This is what amtm does marvelously well, gathering together and simplifying further extensions to the system.

The newest release comes in several versions, depending on your router model. It also comes in a version using the Entware openssl dependencies, and a version that combines both its own 1.1.1 openssl static library and a memory optimization flag. That increases the package size a lot and decreases the running memory a lot, and gives you TLS 1.3 and 0rt. @kvic executed this brilliantly. Both of those are hard for Entware to do natively, I think, because the large number of packages out there are not necessarily all compatible. For my money, there's no reason not to do this pixelserv-tls version.

 

[Makaveli]

lol you guys made something so simple super confusing with those post.