What's new

Voxel Custom firmware build for Orbi RBK50/RBK53 (RBR50, RBS50) v. 9.2.5.2.18SF-HW & v. 9.2.5.2.18.1SF-HW

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Voxel

Part of the Furniture
Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-orbi-rbk50-v-2-5-0-42sf-hw.60308/
. . .
https://www.snbforums.com/threads/c...-rbk53-rbr50-rbs50-v-9-2-5-1-13-1sf-hw.62987/
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-1-17sf-hw.63554/

New version of my custom firmware build: 9.2.5.1.18SF-HW.

Changes (vs 9.2.5.1.17SF-HW):

1. net-wall script is fixed for ppp0 connection and modifyed to provide more safety (OpenVPN/WireGuard client, thanks to R. Gerrits).
2. DNSCrypt Proxy v.2 init script is fixed (time synchronization, thanks to kamoj).
3. Support of custom SAMBA config is added (see QuickStart.txt).
4. Automatic custom script execution after reboot is added (for ORBI RBK V2 owners, no USB port, see QuickStart.txt).
5. wireguard package is upgraded 1.0.20200413->1.0.20200520.
6. wireguard-tools package is upgraded 1.0.20200319->1.0.20200513.
7. ipset package is upgraded 7.4->7.6+ [2020-03-09].
8. iptables package is upgraded 1.4.21->1.8.4.
9. curl package is upgraded 7.69.1->7.70.0.
10. dbus package is upgraded 1.12.12->1.13.12.
11. unbound package (used in stubby) is upgraded 1.9.6->1.10.1.
12. yaml package (used in stubby) is upgraded 0.2.2->0.2.4.
13. util-linux package is upgraded 2.35.1->2.35.2.
14. libreadline package is upgraded 6.3->8.0.
15. nano package is upgraded 4.9.2->4.9.3.
16. Toolchain: Go is upgraded 1.14.1->1.14.3.
17. Host tools (findutils): is upgraded to 4.7.0.

[Updated]

9.2.5.2.18.1SF-HW.

Changes (vs 9.2.5.2.18SF-HW):


1. "Reset to factory settings" option is temporary disabled in WebGUI.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 
Last edited:
4. Automatic custom script execution after reboot is added (for ORBI RBK V2 owners, no USB port, see QuickStart.txt).
Great Voxel! Thank you! Now I'll start doing some playing with Entware without losing all on reboot :)

Is only necessary to put my own script on /mnt/ntgr/rc.user? No nvram parameter needed?

Oh, I almost forgot to ask: will this script be wiped on new firmware flash?
 
Thanks for this firmware!

A request: could we have the ability to push custom DNS servers to clients via DHCP? This is currently not possible, as DHCP pushes the router's IP as DNS to all clients.

Thanks
 
is it possible if you release a new update the firmware will tell us a new update is available like with stock firmware?
 
A request: could we have the ability to push custom DNS servers to clients via DHCP? This is currently not possible, as DHCP pushes the router's IP as DNS to all clients.

It should be possible right now. There was a thread

https://www.snbforums.com/threads/selective-parental-control-in-my-build-of-firmware.54815/

for R7800/R9000. But the same should work with Orbi. Just custom iptables rules. Above thread is using redirection of DNS port 53 only for concrete MAC addresses but you can redirect all devices...

Voxel.
 
Hi

I've installed this on my satellites and router and all looks good apart from dropbear wasn't set in nvram so SSH didn't work, I just set it manually be using nvram set dropbear=1 and then nvram commit.

I'am also trying to get Wireguard to work but am having some issues, I wonder if anyone could help.

I've created the wireguard.conf file as below,(Note: I've replaced the actual Endpoint, Private and Public key) -

EndPoint="YYYYYYYYY"
LocalIP="192.168.1.1"
PrivateKey="XXXXXXXXXXXXXXXXXXXXXXX"
PublicKey="XXXXXXXXXXXXXXXXXXXXXXX"
Port="51821"

I've then done nvram set wg-client=1 and nvram commit and rebooted. However the router can't then connect to the Internet. When I look in to the wireguard-client.log in /var/log I only see the below -

Start WireGuard client. Please wait.
IP of EndPoint XXXXXXXX XXX.XXX.XXX.XXX.
Restart firewall to apply iptables rules for WireGuard client.
Generating Rules...
Done!
Starting Firewall...
Done!

Have I missed something out, is there somewhere I can get more details or more logging? I'm also not sure what the LocalIP should be set to, should it be the IP of the router, or should it be a different IP on the same subnet or even on a different subnet?

Thanks for any help you can give.
 
I've created the wireguard.conf file as below,(Note: I've replaced the actual Endpoint, Private and Public key) -

EndPoint="YYYYYYYYY"
LocalIP="192.168.1.1"
PrivateKey="XXXXXXXXXXXXXXXXXXXXXXX"
PublicKey="XXXXXXXXXXXXXXXXXXXXXXX"
Port="51821"

Have you replaced LocalIP as well? It looks as wrong (192.168.1.1). It should be taken from config of your provider, it is not IP of your ORBI.

Check this post (WireGuard client, example).

https://www.snbforums.com/threads/custom-firmware-build-for-r9000-r8900-v-1-0-4-38hf.61402/

Voxel.
 
Last edited:
Have you replaced LocalIP as well? It looks as wrong (192.168.1.1). It should be taken from config of your provider, it is not IP if your ORBI.

Check this post (WireGuard client, example).

https://www.snbforums.com/threads/custom-firmware-build-for-r9000-r8900-v-1-0-4-38hf.61402/

Voxel.


Oops thanks Voxel, I replaced it with the one from the provider and it's working perfectly now, I'm going to run some tests for speed etc and I'll let you know how I get on.

And thanks fr all your hard work making the firmware.
 
Just curious if the reset button/Erase function in this version of FW works like stock FW or do we still have to TFTP or revert back to stock FW to do a factory reset?
 
Just curious if the reset button/Erase function in this version of FW works like stock FW or do we still have to TFTP or revert back to stock FW to do a factory reset?

You can flash stock firmware normally through the web admin. You only need to TFTP if it gets soft bricked.
 
I'm seeing this error in the log after a clean flash of .18 from a stock factory reset:

[2020-05-29 07:03:04] [DNSCRYPT] 11171: 60.26: DNSCrypt-Proxy-2 is not enabled in nvram. Exit.

Is anyone else that has flashed .18 seeing this? If I'm not using DNSCrypt-Proxy-2 is there a way to disable it to prevent this error?

This perhaps?

nvram set dnscrypt2=0; nvram commit
 
Last edited:
Hey all

@Voxel thanks for the great work, would love to have this working on my setup :(

Unfortunately still have the same issues I had with previous build
Ethernet devices (ie connected to my ISP router work fine), but all devices connected to wifi cannot load websites

"Unable to establish secured connection" (translated from French)
When I try to consult the certificate used it points to the routerlogin.net certificate (NG's I presume ?)

I do not use the router mode of the Orbi, need to use my ISP router to get TV and phone

Here is what I did :
  • Factory reset and Complete re-setup from latest official firmware
  • Installation of Voxel's latest firmware Satellite then Router
  • Waited for full reboot and settle down (everything is green)
  • Rebooted my ISP router
  • Forgot wifi network on iPhone and iPad, reselected it
  • Cannot load any website via safari and apps (tested with reddit, outlook,...)
  • Same on all WiFi connected devices
https://imgur.com/a/w5y0eRD
https://imgur.com/a/r9pJXlY

Any suggestion highly appreciated :D
Thanks
 
1. Set your Orbi to AP mode and reboot the Orbi network.

2. Forget the network on your wifi device. Reboot the device.

3. Reconnect and try again.
 
1. Set your Orbi to AP mode and reboot the Orbi network.

2. Forget the network on your wifi device. Reboot the device.

3. Reconnect and try again.

Thanks for you message
1- As stated I can only use in AP mode... router mode has never been activated
2/3 - already tried that ont 3 devices (all iOS)
 
It should be possible right now. There was a thread

https://www.snbforums.com/threads/selective-parental-control-in-my-build-of-firmware.54815/

for R7800/R9000. But the same should work with Orbi. Just custom iptables rules. Above thread is using redirection of DNS port 53 only for concrete MAC addresses but you can redirect all devices...

Voxel.
This is what I do: in file /etc/net-lan replace the line with
Code:
option dns $($CONFIG get lan_ipaddr)
with your own DNS, you can also put a second DNS external just in case
Code:
option dns 192.168.x.x
option dns 8.8.8.8
. You can make a copy of this file, and overwrite it on every reboot with an script.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top