What's new

Asuswrt-Merlin 384.8 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Trust buy verify. What is the output of these commands?
Code:
netstat -anp | grep :22 | grep LISTEN

iptables -L INPUT -v

From the first command, you're looking for something like this with just your router LAN IP listed:
Code:
netstat -anp | grep :22 | grep LISTEN
tcp        0      0 192.168.1.1:22          0.0.0.0:*               LISTEN      24074/dropbear

From the second command, just looking for any unusual lines and to make sure there are no extra rules to ACCEPT ssh. I ran ShieldsUp! and watched the last line (DROP) increase as it worked its way through the ports.
 
No problem for me on that port

GRC Port Authority Report created on UTC: 2018-12-19 at 22:08:43

Results from scan of ports: 0-1055

0 Ports Open
4 Ports Closed
1052 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be CLOSED were: 135, 137, 138, 445

Other than what is listed above, all ports are STEALTH.


Our ISP blocks some ports

Blocked ports by Virgin media
TCP & UDP ports 135, 137, 138, 139
TCP & UDP port 445
 
Trust buy verify. What is the output of these commands?
Code:
netstat -anp | grep :22 | grep LISTEN

iptables -L INPUT -v

From the first command, you're looking for something like this with just your router LAN IP listed:
Code:
netstat -anp | grep :22 | grep LISTEN
tcp        0      0 192.168.1.1:22          0.0.0.0:*               LISTEN      24074/dropbear

From the second command, just looking for any unusual lines and to make sure there are no extra rules to ACCEPT ssh. I ran ShieldsUp! and watched the last line (DROP) increase as it worked its way through the ports.

Code:
admin@odyssey:/tmp/home/root# netstat -anp | grep :22 | grep LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN                                  319/dropbear
tcp        0      0 :::22                   :::*                    LISTEN
 
Code:
admin@odyssey:/tmp/home/root# netstat -anp | grep :22 | grep LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN                                  319/dropbear
tcp        0      0 :::22                   :::*                    LISTEN
Double check the SSH setting for LAN. It shouldn’t be listening on 0.0.0.0 if it’s truly LAN only. Or restart sshd in case the router didn’t do it.
Code:
service restart_sshd
And do you use IPv6?
 
Double check the SSH setting for LAN. It shouldn’t be listening on 0.0.0.0 if it’s truly LAN only. Or restart sshd in case the router didn’t do it.
Code:
service restart_sshd
And do you use IPv6?

yes i do use ipv6


admin@aurora:/tmp/home/root# service restart_sshd

Done.

1.png


2.jpg


still a closed port
 
Last edited:
yes i do use ipv6


admin@aurora:/tmp/home/root# service restart_sshd

Done.

still a closed port
Just have to ask: in your earlier post your router was called “odyssey” at the terminal prompt. In this post it’s named “aurora”. Did you rename it between posts or are you dealing with multiple devices?
 
doesnt matter forgot i compiled the master branch on the 17th
just compiled the latest and its all stealth now
 
Just have to ask: in your earlier post your router was called “odyssey” at the terminal prompt. In this post it’s named “aurora”. Did you rename it between posts or are you dealing with multiple devices?

odyssey is an rt-ac88u in ap mode
aurora is an rt-ac88u in router mode

and yes your right i checked the wrong router earlier :p
 
Last edited:
so damn annoyed today - i had to use a different linksys router off my fios ont to run a test
(i've done this back and forth before when i was using 384.7_2 and 384.8 without issue)
and when i switched back to the asus 384.8_2 router the internet would not clamp on back
nothing i tried worked - i left the linksys running and will revert back to 384.8 and uninstall
diversion and stubby to see if i can at least get the asus router clamping onto internet again.
nothing is more aggravating than having something you thought you could count on - fail :(
thank my cynical stars i keep a decent spare router up on a shelf just for such eventualities.
i'll update tomorrow with what worked - i got a house full of wifi users to contend with.

one weird thing i noticed while 384.8_2 was on my fios ont unable to clamp is;
both cores of the cpu would fluctuate between 10% and 90% every 30 seconds
even though i only had one wired pc on doing nothing and wifi turned off, so
i have no idea what the router was stuck thinking about.

UPDATE: i honestly don't know what's wrong. maybe it's because i did dirty firmware updates instead of factory resetting and inputting all my setting manually, i donno, but regardless a factory reset was the only way i could clamp back my fios internet. this is really frustrating because it takes me an hour of data entry work to get all my setting back in (lots of static lan ip and lan qos), and what's worse is restoring .CFG files with older settings has NEVER worked correctly for me, so this just means the next time merlin has a firmware update, i may ignore the blinking "!" from now on. I just can't have to factory reset and then update firmware every time there's an update, sorry. this mis-alignment between firmware versions and .CFG files such that dirty updates and save/restore of .CFG files not working - is extremely annoying and unreliable, so once i get everything working again, i'm not going to change a thing - life's too short to dick around with this every month with a house full of people crying why is the wifi down again... sorry guys, just venting - i'm of course grateful for all your hard work here.
 
Last edited:
I’m a bit stuck with my OpenVPN server, I can’t get it going.
I just keep getting the same error ‘Failed to import profile’
Would anyone have any suggestions?
 
Hello there,
I was facing a problem since many merlin updates on my RT-AC68U (more than 1 year).
I was unable to connect to Battlenet or on my email web portal (TLS handshake forever), I think it's a problem on DNS.
To solve my problems I'd setup a vpn and I can connect on Battlenet or read my mails by web portal.
This mode of operation did not suit me, so today I flashed the router with the ASUS official firmware and everything is back in order, I do not have to go through a vpn to connect to different services.
This is my setup fiber ONT and RT-AC68U directly connected on. RT-AC68U as Wireless Router and Firmware Version:3.0.0.4.384_45149
 
Any plans to support CloudFlare dynamic DNS updates via their API?

For now I'm using custom `/jffs/scripts/wan-start` but having this function in web UI may be just better.
 
Here are my results. When not using the PIA VPN, all my ports are Green meaning completely Stealthy!! But when I enable the VPN, I get this.

VPN Not Stealth.JPG


[FONT=Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif][FONT=courier new,courier]GRC Port Authority Report created on UTC: 2018-12-20 at 16:10:41

Results from scan of ports: 0-1055

23 Ports Open
1033 Ports Closed
0 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be STEALTH.

Ports found to be OPEN were: 22, 53, 80, 110, 443, 500, 501,
502, 600, 601, 602, 603, 604, 605,
606, 607, 608, 609, 610, 611, 612,
613, 614

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.[/FONT][/FONT]


Should the ports while on VPN be just as stealthy as when not on the VPN? If yes, what do I do about it? I'm using OpenVPN to connect to PIA.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top