What's new

[Beta] Asuswrt-Merlin 380.66 Beta is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.

RMerlin

Asuswrt-Merlin dev
Staff member
Asuswrt-Merlin 380.66 Beta 1 is now available for all supported models. This new version includes various minor tweaks and fixes.

  • Merged with Asus GPL 380_7378 (with some models using 380_7266 binary components). Main changes are the ability to chose the source IP address for a port forward, and a couple of security fixes.
  • Regular DNS-based probes for Internet status can now be disabled under Tools -> Other Settings.
  • Improvements to the .ovpn config file import
  • Updated components: Tor, nano and OpenVPN.
  • OpenVPN NCP support is now fully disabled when set as such on the webui.
  • SSL certificates generated for the webui SSL access now include AlternateNames for the router's IP, its hostname and a few other addresses.
  • Security fix related to CVE-2016-10229 was applied
  • A couple of fixes related to device names with single quotes in them
Beta 2 changes (27-April-2017):
Code:
7682479 Revert "openvpn: only copy rules related to the intended tunnel when creating a separate policy routing table"
2d2870c build: Added new script which I use to merge binary blobs from new GPL releases into my working repository
eb8a352 Updated documentation
5c263fe Merge RT-AC56U and RT-AC66U binary blobs from GPL 7378
b3d7b03 Bumped revision to 380.66 beta 2
c5c4e39 Merge RT-AC3100 and RT-AC88U binary blobs from GPL 7378
bde7e5e Merge RT-AC5300 binary blobs from GPL 7378
416556f mssl: disable all 3DES ciphers (Qualys' SSLTest was still reporting RSA-3DES_EDE_CBC_SHA as being supported)

Beta 3 changes (1-May-2017):
Code:
eb129ac webui: implement help popup for OpenVPN's Internet Redirection options
b5e7b94 Bumped revision to beta 3
bec8038 openvpn: re-implemented code to only copy rules related to the intended tunnel, but as a new Internet routing mode called "Policy Rules (strict)".
0b1aa1c openvpn: use the defined max number of openvpn clients as defined in shared.h where appropriate
6e777ac webui: fix incorrect variable names in the rangeFloat method (bug in upstream code)
f0bfb69 Updated documentation

Beta 4 changes (5-May-2017):
Code:
200863d Hyperlinked SNBForums in README.md page
4cc25ae Reformatted README.md using wiki encoding
dca898f Trying to deal with Github's (lack of) formatting.
342b52d Put warning sign about not using Github's issue tracker for support requests
2c39804 rc: use get_lan_hwaddr() for miniupnpd and mdns, since that function already takes care of dealing with gmac3
7575f4b Merge branch 'master' of github.com:RMerl/asuswrt-merlin
4fb815d minidlna: fix previous commit (missing function, typo, and also point out this is for minidlna, not miniupnpd)"
64de67a miniupnpd: fix previous commit (missing function and typo)"
62d7471 miniupnpd: always use the same UUID, based on LAN MAC (based on a patch by john9527)
2f0f9d2 webui: switch hyperlink on Asuswrt-Merlin logo to use https
d4ca551 Bumped revision to beta 4
d559528 shared: replace GMAC3 fix from 662c84514dacb4d4c27ec7ef26b0650179972b39 with Asus's fix backported from GPL 382
35f0b68 webui: define a default value for validator.rangeFloat(), or else the field gets filled with "undefined" on invalid values without a passed default
2c21869 webui: Also accept float values between 0.0 and 1.0 on the QoS bandwidth fields
76ed342 miniupnpd: enable support for portinuse check
c0f73de miniupnpd: process postrouting rules created by the daemon in the nat table.
830ceb7 openvpn: Fix vpn routing mode not being properly detected
8510171 Updated documentation

Beta 5 Changes (9-May-2017)
Code:
ca1347a openvpn: Also copy LAN routes to the ovpn client table when in strict mode
fccc157 Updated documentation
d985708 network: disable bridge multicast_snooping by default, as this can interfere with various functionalities.  Added Tweak setting to allow users to re-enable it, just in case.
9cfc6ea Bumped revision to beta 5
e35915f webui: Fix syntax error on OpenVPN Client page; better report issues on ovpn file import
2f48b2c webui: make cipher and digest checks non case-sensitive on OpenVPN client, to handle ovpn import with casing different from our list of supported algorithms
62c2493 openvpn: implement importing of reneg-sec parameter from ovpn file
cfc4d9a openvpn: fix syntax error in updown.sh related to the check for Internet redirection mode


Please read the changelog for more details.

If you are experiencing wifi stability issues, try disabling Airtime Fairness support, as this fixed it for most users who were experiencing issues.

Things that need to be tested:


  • New Policy Rules (strict) mode for OpenVPN clients.
  • HTTPS access to the webui (it's still a bit quirky with Chrome, but at this point I suspect the issue is more with Chrome itself as it works fine with all other browsers)
Please keep discussions in this thread specific to the 380.66 beta releases.

Downloads are here.
Changelog is here.
 
Last edited:
Asuswrt-Merlin 380.66 Beta 1 is now available for all supported models. This new version includes various minor tweaks and fixes.

  • Merged with Asus GPL 380_7378 (with some models using 380_7266 binary components). Main changes are the ability to chose the source IP address for a port forward, and a couple of security fixes.
  • Regular DNS-based probes for Internet status can now be disabled under Tools -> Other Settings.
  • Improvements to the .ovpn config file import
  • Updated components: Tor, nano and OpenVPN.
  • Enhancements to the OpenVPN policy-based routing
  • OpenVPN NCP support is now fully disabled when set as such on the webui.
  • SSL certificates generated for the webui SSL access now include AlternateNames for the router's IP, its hostname and a few other addresses.
  • Security fix related to CVE-2016-10229 was applied
  • A couple of fixes related to device names with single quotes in them

Please read the changelog for more details.

If you are experiencing wifi stability issues, try disabling Airtime Fairness support, as this fixed it for most users who were experiencing issues.

Things that need to be tested:

  • Policy-based routing for OpenVPN clients. The routing table will now only use routes that specifically target the tunnel, which should reduce the risk of accidental leaks if you router had additional static routes defined.
  • HTTPS access to the webui (it's still a bit quirky with Chrome, but at this point I suspect the issue is more with Chrome itself as it works fine with all other browsers)

Please keep discussions in this thread specific to the 380.66 beta releases.

Downloads are here.
Changelog is here.
Look forward to giving this a spin later on today.

Sent from my SM-G955F using Tapatalk
 
The AlternateNames issue was triggered here with the release of Chrome 58. I had to patch my own selfsigned certificate to get the error away. With the adding of the Alternate names it all works again.
 
Seems to work fine on RT-AC1900P. OpenVPN client is working. One new warning in log:

WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
I removed that flag (had both) from the config, and the message is gone. I will continue to test.
 
I had to hard reset the router because of some setting changes I made while experimenting and discovered that this version of the firmware will come back up and go to the second wan which really threw me off as I desperately tried to access the gui. Once I took a look at my network settings and saw att I figured it out and unplugged the line to it. I can chalk this one up to lessons learned so next time I will unplug that cable before attempting anything lol.
 
Is this the same as Alpha4? Or are there any changes between them? I've hade one issue with 3 of the alpha releases of .66 (A1, A2 & A4), except alpha 3, and that was that my Harmony Hub doesn't manage to connect. Even after full HW reset. Airtime Fairness is off.
 
I'm hoping that my back to back hard resets cleared out any rogue settings in the nvram that might have been causing me issues. The stock firmware is definitely lacking in features that Merlin graciously provides to us and I appreciate his hard work on our behalf.
 
Last edited:
Have you read this: https://www.snbforums.com/threads/beta-asuswrt-merlin-380-66-beta-1-is-now-available.38718/
and this: Please read the changelog for more details. :rolleyes:

The only difference between 380.66A4 and 380.66B1 is: "Updated OpenVPN to 2.4.1" and "SSL certificate generated for httpds will now contain SANs for hostname, router.asus.com, IP and DDNS hostname.".

Wierdly those changes helped my HarmonyHyb connecting to B1, even without HW reset.

EDIT: A1 on the image should ofc. read A4 for obvious reasons...

YT6r6Zr.jpg
 
Is this the same as Alpha4?

The SSL changes were added between alpha4 and beta1.

Code:
147d88b Bumped revision to 380.66 Beta 1
8a87a90 Updated documentation
7b22cbf httpd: insert router's IP with a DNS attribute in the SSL cert, in addition to an IP attribute, as IE has trouble with that attribute
3cbd177 httpd: Add the Organization attribute to the self-generated SSL certificate, and use the OS name for that field
3d9b5f3 httpd: openssl already uses urandom in its PRNG, no point in specifying a RANDFILE pointing to it
5f03d86 httpd: rewrote gencert.sh to insert SANs into the generated SSL certificate
807e056 Updated documentation

The OpenVPN 2.4.1 was simply missing from the changelog, that update occurred in an earlier alpha build.
 
I've noticed something very minor in that the temps on the tools-sysinfo tab show celcius and on the admin-performance tuning tab I have them set to F. In the alpha series when the temp unit was changed on the admin-performance tuning page it also reflected the same setting on the tools-sysinfo page.

I'm monitoring the wireless signal with my laptop's intel ac7260 and again the 2.4ghz signal is far superior to that generated by the stock firmware and the 380.65x firmware. It's much flatter with less spikes than I saw with the previous firmware versions and 5ghz is flatline strong.
 
All good on my RT-AC5300. On beta 4 I had to reboot the router in order to get back my ipv6. Upgraded to beta 1 and no problem with ipv6. (Time Warner.... oops... Spectrum)
 
A few minutes ago I lost IPv6 on my computer, however upon checking the router gui it stated that it still had it. I tried resetting my winsocks and when that didn't change things I rebooted the router. Once it finished my access was restored and traffic began flowing smoothly again. I'm really starting to wonder if my hardware is at fault here and I've already suggested to customer loyalty that this unit be replaced as its barely a month old.
 
Status
Not open for further replies.

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top