What's new

Custom firmware build for R7800 v. 1.0.2.60SF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I do not understand how you could format ext4, and nit me. Do you have any idea ?
Bonjour ;-)

Well, you are right. I've checked now. It is because of upgraded e2fsprogs. Kernel is changed and e2fsprogs too. C'est la vie. Currently (since version 1.44.x I suppose) e2fsprogs supports some extra features by default, not available for the kernel 3.4.103 used in R7800. Namely metadata_csum (kernel 3.6 and above):

https://ext4.wiki.kernel.org/index.php/Ext4_Metadata_Checksums

Try to format your USB using option to disable this feature:

Code:
mkfs.ext4 -L optware -O ^metadata_csum /dev/sda1

Please let me know results,
Merci,

P.S. I have to upgrade my README.

Voxel.
 
Last edited:
One question about mc...i had to set TERM when first starting and set it to xterm...but the screen is very tiny and does not adjust if i make the window bigger in windows 10...any ideas what to set in the mc.ini or something (i already wear glasses ;-))

It is rather question re: your ssh client under Windows, not to mc. I use putty, it is set as linux terminal (not xterm). And I use DejaVu Fonts (https://sourceforge.net/projects/dejavu/). DejaVu Sans Mono. Installed into my Windows. IMO it is very comfortable. Recommended.

Voxel.
 
Bonjour ;-)

Well, you are right. I've checked now. It is because of upgraded e2fsprogs. Kernel is changed and e2fsprogs too. C'est la vie. Currently (since version 1.44.x I suppose) e2fsprogs supports some extra features by default, not available for the kernel 3.4.103 used in R7800. Namely metadata_csum (kernel 3.6 and above):

https://ext4.wiki.kernel.org/index.php/Ext4_Metadata_Checksums

Try to format your USB using option to disable this feature:

Code:
mkfs.ext4 -L optware -O ^metadata_csum /dev/sda1

Please let me know results,
Merci,

P.S. I have to upgrade my README.

Voxel.

Salut,
Format work with with your command ext4 is ok
merci beaucoup

Jean-Luc
 
Last edited:
Got an email from Netgear the other day mentioning that I should download their latest R7800 firmware to fix security problems. I assume that Voxel is working on basing a release on the .58 release from Netgear?

Just curious...thanks!
 
Got an email from Netgear the other day mentioning that I should download their latest R7800 firmware to fix security problems. I assume that Voxel is working on basing a release on the .58 release from Netgear?

Just curious...thanks!
This release from Voxel is due to 1.0.2.58 release from Netgear being nearly unusable. Voxel .59SF based on Netgear .58 is broken. Voxel .60SF based on Netgear .52 not broken. We can only hope the next release from Netgear is better.
 
Hi Voxel,

Thank you for your work! I've been running it on my R7800 for a while now without any problems. I even got Time Machine working pretty much flawless.

I noticed the iptables commands are broken (iptables-save breaks midway) in entware and are unlikely to be fixed. Unfortunately the netgear 'firewall' only deals with ports or hosts, not both. I want to route all DNS traffic (port 53) through my pihole, before it's going out. The netgear iptables and interfaces are not that clear and Netgear's own firewall rules tool is lacking documentation. What's the recommended way to do this?

Thanks
 
The netgear iptables and interfaces are not that clear and Netgear's own firewall rules tool is lacking documentation. What's the recommended way to do this?
Try to check my README. How to run the script with own iptables rules.

Voxel.
 
Hi Voxel,

Thank you for your work! I've been running it on my R7800 for a while now without any problems. I even got Time Machine working pretty much flawless.

I noticed the iptables commands are broken (iptables-save breaks midway) in entware and are unlikely to be fixed. Unfortunately the netgear 'firewall' only deals with ports or hosts, not both. I want to route all DNS traffic (port 53) through my pihole, before it's going out. The netgear iptables and interfaces are not that clear and Netgear's own firewall rules tool is lacking documentation. What's the recommended way to do this?

Thanks

Check this thread:
https://www.snbforums.com/threads/help-with-custom-iptables.44630/#post-381444

Although my solution only worked when I was running Dnscrypt on port 443, now that I run my own recursive DNS it doesn't work because it redirects the Pihole too so I would need to exclude it but I'm not sure how.
 
Try to check my README. How to run the script with own iptables rules.

Voxel.

Thanks, I reread my message and I see that I wasn't clear enough. I got the custom rules loaded, but I have a hard time making sense of all the interfaces and tables on the R7800.

Check this thread:
https://www.snbforums.com/threads/help-with-custom-iptables.44630/#post-381444

Although my solution only worked when I was running Dnscrypt on port 443, now that I run my own recursive DNS it doesn't work because it redirects the Pihole too so I would need to exclude it but I'm not sure how.

Thanks for pointing me in the right direction. I also got as far as the Pihole being redirected too… It seems that excluding the pihole ip from the rule is not enough.
 
Thanks, I reread my message and I see that I wasn't clear enough. I got the custom rules loaded, but I have a hard time making sense of all the interfaces and tables on the R7800.



Thanks for pointing me in the right direction. I also got as far as the Pihole being redirected too… It seems that excluding the pihole ip from the rule is not enough.

Unfortunately I don't know enough about iptables to fix it so I put it aside for the moment. I'm testing an Asus AC86U with Merlin FW right now so it's not a problem anymore but if you figure it out please post it here... :)
 
Just a reflection, but maybe it complicates things for you...
iptables is a kind of firewall that can do all kind of tricks and change packets e.g.
Later in the distribution chain you can use the "routing". But packets blocked in the iptables will not reach the routing.
Often both iptables and ip routing are used together.
So basically you can look at the iptables and routing tables in the AC86U, to learn what the GUI settings result in iptables and routing.

Unfortunately I don't know enough about iptables to fix it so I put it aside for the moment. I'm testing an Asus AC86U with Merlin FW right now so it's not a problem anymore but if you figure it out please post it here... :)
 
Is it possible to disable WPS?
Straight from Advanced Setup, Wireless Settings, Help Center:

"Enable Router's PIN"

"You can configure the router's wireless settings or add a wireless client through WPS using the router's PIN only when the PIN is enabled."

If you uncheck "Enable Router's PIN", that disables WPS.
 
Straight from Advanced Setup, Wireless Settings, Help Center:

"Enable Router's PIN"

"You can configure the router's wireless settings or add a wireless client through WPS using the router's PIN only when the PIN is enabled."

If you uncheck "Enable Router's PIN", that disables WPS.
I am using Smart Connect so I can see only:
WPS Settings (disabled when Smart Connect is enabled)
 
You can try this:
Login to the router and issue this command:
Code:
nvram set wps_lock_down=1
and then reboot.
good hint although setting is reverted after every restart despite nvram commit command
 
Interesting. I do not have such message. Most probably it is internals of /usr/sbin/net-cgi (pre-built binary from NG). Usually it downloadы some updates (ReadyCLOUD etc) from updates1.netgear.com

You can try to modify the script /sbin/printhosts which creates hosts file in /etc adding IP for this server as 127.0.0.1

Code:
. . .
127.0.0.1 updates1.netgear.com
$ip $name
EOF

Voxel.
Unfortunately looks like trick with updates1.netgear.com is not helping there. What is worse after every restart new OpenVPN keys are generated. Exact message is as follows:

<<Attention>> A new OpenVPN configuration package for your router is available that enhances your router’s security. You must update the OpenVPN configuration package for your router. Once the OpenVPN configuration package is updated, you must update the OpenVPN configuration package on all your clients; otherwise, your clients won’t be able to access your router using the VPN feature.

Any other idea?
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top