Custom firmware build for R7800 v. 1.0.2.44SF

[Voxel]

Hi Voxel,

Thanks for another update!

I can report that the slow access to my NAS-directories is NOT present in this version

I think it is corrected because of my changes in avahi (I remember your issue so these my changes were intentional). I suppose you would have the same problems using stock since 1.0.2.36. I.e. 1.0.2.36, 1.0.2.38 and 1.0.2.40.

Voxel.

 

[Voxel]

The OpenVPN speed has now almost doubled since release .38. I now constantly get around 80 Mbps.

You know, you may congratulate yourself: your advises and hints were useful. BTW it was really unexpected for me: such profits of manual playing with affinity. Hand made... Automatics in not always good.

Voxel.

 

[ajp2k14]

It is Xmas Edition

Voxel.

Merry Xmas to you too!

 

[Sizzlechest]

You can restore original net-wall copying it from /rom directory:

cp -p /rom/usr/sbin/net-wall /usr/sbin
rm -f /overlay/usr/sbin/net-wall

Voxel.

Thank you! That worked perfectly.

I haven't tested the new firmware, but I noticed something when stopping and starting net-wall:

root@R7800:~$ net-wall stop && net-wall start
Stopping Firewall...
Done!
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: Bad rule (does a matching rule exist in that chain?).
Starting Firewall...
Done!
root@R7800:~$

I don't think the bad rule messages are due to my firewall-start.sh because if I run it manually, no error gets displayed. I renamed it to something else and the error messages still show. I don't have openvpn enabled.

 

[Voxel]

I haven't tested the new firmware, but I noticed something when stopping and starting net-wall:

I did not dig it in deep (did not perform debugging), but the same messages are in the stock firmware. It is internals of original net-wall. Some inaccuracy in NG's iptables usage. I guess we can just ignore this. It is not a bug in your iptables.

Voxel.

 

[Sizzlechest]

I did not dig it in deep (did not perform debugging), but the same messages are in the stock firmware. It is internals of original net-wall. Some inaccuracy in NG's iptables usage. I guess we can just ignore this. It is not a bug in your iptables.

Voxel.

Phew! I'm glad it's nothing I did. Thanks again! It works perfectly.

 

[Voxel]

150/10 Mbps subscribed net speed. 45/20 Mbps on OpenVPN is not bad at all. The upload is about the same with OpenVPN off. Nice job Voxel.

OK, also you got experience what is always nice .

Regarding your results. Now when your have it working, I'd suggest to tweak your ovpn using kamoj research:

https://www.snbforums.com/threads/custom-firmware-build-for-r9000.40125/page-5#post-339380

it really increases the speed.

Voxel.

 

[cc666]

I would like to try this firmware on my 7800. I am experienced with DDWRT and have been running those builds for years on various routers. With DDWRT you just flash the latest stable build and you are done. Is it the same with the Voxel releases? From what I can see it is not. Can someone please clarify.

CC

 

[Sizzlechest]

I would like to try this firmware on my 7800. I am experienced with DDWRT and have been running those builds for years on various routers. With DDWRT you just flash the latest stable build and you are done. Is it the same with the Voxel releases? From what I can see it is not. Can someone please clarify.

CC

Yes. Your first flash from stock might give a warning that the version is older. Ignore that. Do a factory reset after you first flash Voxel's. Once you are on this firmware, you don't have to factory reset unless he says so.

 

[cc666]

Yes. Your first flash from stock might give a warning that the version is older. Ignore that. Do a factory reset after you first flash Voxel's. Once you are on this firmware, you don't have to factory reset unless he says so.

Sizzlechest,
Thank you for the reply, does this flash then include QOS, VPN etc? Also can you Telnet into the router or
does it have to be SSH? That key thing with the SSH is also a little confusing. If the flash package includes everything in
the stock then I am ready to flash, please advise.

CC

 

[cc666]

Sizzlechest,
Thank you for the reply, does this flash then include QOS, VPN etc? Also can you Telnet into the router or
does it have to be SSH? That key thing with the SSH is also a little confusing. If the flash package includes everything in
the stock then I am ready to flash, please advise.

CC

Forget request just flashed the firmware, running perfectly, QOS still terrible like stock but with 100 mbps down I disabled it.

CC

 

[cc666]

Little info for those who may not know this:

http://routerlogin.net/debug.htm

Put that in your browser and you can then enable telnet if desired.

CC

 

[Sizzlechest]

@CS666 Yes. The docs on Voxel's site make it seem like the only way to get to a shell is by formatting a USB stick as EXT2 and putting a public key on the stick so it gets copied over. In reality, telnet is available and the firmware can read FAT formatted USB sticks.

If you would like assistance setting up your ssh keys, let me know. If you don't have access to a Linux environment, you can do it using Cygwin.

 

[e38BimmerFN]

FYI for those who don't know about Voxels FW, his FW is based on NetGears FW and uses same UI as NetGears OEM FW. Voxel just goes in and helps update behind the scenes code and packages. Seems to help ensure better operation of NG FW on there routers.

A site for this and others:
https://www.myopenrouter.com/forums/r7800-questions-tips-and-guides

Forget request just flashed the firmware, running perfectly, QOS still terrible like stock but with 100 mbps down I disabled it.

CC

 

[kamoj]

Not sure if it's an old problem or just on this firmware but the OpenVPN client seems unable to run without intermittent internet disconnection. If I try to start it, it's says in the log that the TUN function something... & that it may already be running. The only way for me to get internet connection back is to run a stop then start command on telnet. Last night I have to turn the OpenVPN client because of this. I've seen couple of things on error log:

1) keysize is deprecated & will be remove in OpenVPN 2.6
2) current script security setting may allow this config to call user-define scripts
3) RESOLVE: cannot resolve host address: chi-25.ipvanish.com:443
4) Could not determibed IPv4/IPv6 protocol

It seems like your VPN-providers server is not stable.
But they have many servers. I suggest you add a number of other servers.
Edit your .ovpn file:

Find the line:
remote chi-a25.ipvanish.com 443

And after that line you add e.g. the following lines:
remote chi-a01.ipvanish.com 443
remote chi-a02.ipvanish.com 443
remote chi-a03.ipvanish.com 443
remote chi-a04.ipvanish.com 443
server-poll-timeout 20

And finally you delete the whole line:
verify-x509-name chi-a25.ipvanish.com name

 

[Voxel]

@CS666 Yes. The docs on Voxel's site make it seem like the only way to get to a shell is by formatting a USB stick as EXT2 and putting a public key on the stick so it gets copied over. In reality, telnet is available and the firmware can read FAT formatted USB sticks.

Not quite so. See my Appendix A (how to setup SSH):

1. Enable telnet login to your router (select corresponding checkbox in http://routerlogin.net/debug.htm page).

Voxel.

 

[Sizzlechest]

Not quite so. See my Appendix A (how to setup SSH):

1. Enable telnet login to your router (select corresponding checkbox in http://routerlogin.net/debug.htm page).

Voxel.

Section 3: "Setup SSH access to router" step 3 is misleading.

3) Prepare USB stick with ext2 filesystem and untar setssh.tar in the root of stick (keeping +x filemask (!) for autorun/scrips/post-mount.sh script, computer with Linux is recommended).

What previous instruction explained how to create the setssh.tar file? Appendix A describes how to back up the keys already in the root/.ssh folder, not put them there in the first place.

 

[Voxel]

Section 3: "Setup SSH access to router" step 3 is misleading.

3) Prepare USB stick with ext2 filesystem and untar setssh.tar in the root of stick (keeping +x filemask (!) for autorun/scrips/post-mount.sh script, computer with Linux is recommended).

What previous instruction explained how to create the setssh.tar file? Appendix A describes how to back up the keys already in the root/.ssh folder, not put them there in the first place.

setssh.tar (the same as other archives in README and README itself) is available for downloading from my site:

https://www.voxel-firmware.com/Downloads/Voxel/html/browse.html

Merry Christmas,

Voxel.

 

[Sizzlechest]

Would this mean that if anyone used that file, they would have the same public and private ssh keypair as everyone else who downloaded and installed keys using that method?

 

[Voxel]

Would this mean that if anyone used that file, they would have the same public and private ssh keypair as everyone else who downloaded and installed keys using that method?

No. If you download this setssh.tar you could see that authorized_keys in this archive is dummy. You should follow instruction in README:

4) Place your own authorized_keys file (obligatory) and your own server keys (optionally) above generic files you got after untar in the root of stick.​

P.S.
BTW if you are more or less experienced in Linux better to follow alternative method described in Appendix A. Step-by-step.

Voxel.