What's new

Custom firmware build for R7800 v. 1.0.2.61SF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Voxel

Part of the Furniture
Continuation of
. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-60sf.48805/

New version of my custom firmware build: 1.0.2.61SF.

Changes (vs 1.0.2.60SF):

1. stubby package is added to provide DNS-over-TLS support:
to enable stubby run the commands from telnet/ssh console:
nvram set stubby=1
nvram commit
and reboot your router; to disable stubby run the commands from telnet/ssh console:
nvram set stubby=0
nvram commit
and reboot your router.​
2. getdns, unbound, yaml, ca-certificates packages are added (stubby dependences).
3. sqlite3 package is upgraded 3230100->3240000.
4. liblz4 package is upgraded 1.8.2->1.8.3.
5. sysstat package is upgraded 11.0.4->11.6.4.
6. ubus package is upgraded 2018-07-26->2018-10-06-221ce7e7.
7. libevent2-pthreads packages is removed (not used).
8. Toolchain: binutils version is upgraded to 2.31.1.
9. Host tools: two components are upgraded.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

So important notes:

1. stubby (DNS-Over-TLS) is already included into firmware (not necessary to install add-on). To enable stubby run the commands from telnet/ssh console:
nvram set stubby=1
nvram commit
and reboot your router; to disable stubby run the commands from telnet/ssh console:
nvram set stubby=0
nvram commit
and reboot your router. Currently it is configured to use Cloudflare servers (DoT). You may customize your config file:

/etc/stubby/stubby.yml

2. dnscrypt-proxy (v. 1) is left in firmware (will be removed in the next release). If both (dnscrypt-proxy and stubby) are enabled, stubby has higher priority and dnscrypt-proxy will be stopped.

Voxel.
 
Last edited:
This is my first upgrade. Should I factory reset and restore backed up settings, or can I just upgrade as is?

Otherwise, works like a charm. Thank you so much!
 
This is my first upgrade. Should I factory reset and restore backed up settings, or can I just upgrade as is?
Just upgrade "as is".

There could be problems when upgrading from the version prior to 1.0.2.53SF (or 1.0.2.52 stock) when GUI could reject flashing with a message something like "wrong firmware file". Remedy is to use intermediate flashing: 1.0.2.60SF and then 1.0.2.61SF.

Voxel.
 
Just upgrade "as is".

There could be problems when upgrading from the version prior to 1.0.2.53SF (or 1.0.2.52 stock) when GUI could reject flashing with a message something like "wrong firmware file". Remedy is to use intermediate flashing: 1.0.2.60SF and then 1.0.2.61SF.

Voxel.

Thanks. That's the easiest quickest update I've ever had on a Nighthawk!
 
So, I've been thinking about getting an R7800 for a while and I have a few questions for you, Voxel.

1. Can the R7800 handle QOS of a 400/20 connection without neutering my download speed like the ER-X does? I cant get more than 225Mbps with the Edge Router with QOS enabled.
2. Is there a way to prioritize traffic by packet type in your FW? (i.e prioritizing ICMP traffic on a gaming console)
3. Are there any manual bandwidth control options available?
 
Another fantastic update, Voxel. Upgraded from 1.0.2.60SF, enabled stubby (using stock settings for now), and all's well. Thanks!
 
So, I've been thinking about getting an R7800 for a while and I have a few questions for you, Voxel.

1. Can the R7800 handle QOS of a 400/20 connection without neutering my download speed like the ER-X does? I cant get more than 225Mbps with the Edge Router with QOS enabled.
2. Is there a way to prioritize traffic by packet type in your FW? (i.e prioritizing ICMP traffic on a gaming console)
3. Are there any manual bandwidth control options available?
QoS: to say true I do not use it. It is handled by NG and QCA and is used almost "as-is" in my fw (== QoS in the stock fw). With only some upgrades of obsolete packages such as redis, etc.

IMO your download speed does not require QoS, Anyway, maybe I am mistaken:

1. I think "yes".
2. Rather "no".
3. It is possible to limit manually download/upload speed. Nothing more.

Voxel.
 
Thanks Gary.

Cool. Is it still possible to install your DumaOS "hack" on the R7800? If so, can you PM me the link?

Probably it is necessary to prepare FAQ re: Voxel and Voxel's FW. Please read this:

https://www.snbforums.com/threads/d...by-add-ons-for-r7800-r9000.48445/#post-429364

Hacking binary firmware for XR500 to use it on R7800 is illegal activity. It assumes loses of profits for honest developers such as DumaOS people, NETGEAR and even my own (this man extracted some of my pre-built packages such as samba, dropbear and put them into his hack). Anybody is free to use source codes to build own version by compilation. It is legal. But such hacks are violation of laws and rules and moreover is dangerous for you too:

https://www.snbforums.com/threads/n...ces-with-this-router.45569/page-8#post-401463

Voxel.
 
What is the difference between stubby and dnscrypt in addition to the programming language?
What is the best solution of the two? Which one has the best performances?
 
Last edited:
Not specific to this fw ver but I noticed after .60 I want to say.
About once a day I have the following on my firewall with the R7800 as the source. It is in AP mode fwiw so it's indeed that doing since nothing uses it as a GW and the source IP is it. I guess I could try to setup packet capture to snag what the data is but figured would ask too.

50.200.136.108:57599 - ET CINS Active Threat Intelligence Poor Reputation

My only thought is some package or something is doing.
I have all things in the GUI disabled on R7800 and being in AP mode that also disables a bunch. Autoupdate is off, NTP is pointing to an internal NTP server etc. so lost as to why it's making outside attempts.
 
What is the difference between stubby and dnscrypt in addition to the programming language?
What is the best solution of the two? Which one has the best performances?
Almost the same goal. Probably stubby is more preferable because it is a standard.

Voxel.
 
Hi @Voxel, I just upgraded to your build (1.0.2.61SF) from stock firmware (1.0.2.58) on my R7800, I have 2 questions though.
1) Why is the VPN Client settings missing from the web UI, it is present on the original firmware. (I am not using this feature so it's fine for me, just curious)
2) I have an issue with the OpenVpn server. It was working correctly both for TAP and TUN before the upgrade. Now I am only able to connect using TAP, TUN is not connecting no matter what. I suspect this is a firewall/iptables issue but I have no idea. I tried to restore factory settings and even rollback to original firmware but it doesn't work anymore. I also tried to open the port manually using the instructions on your readme file but no luck so far.
The server log shows nothing and the client log is stuck on "Connecting to x.x.x.x:12973 via UDPv4" then timeout.

Can you help me to find out the issue?
 
1) Why is the VPN Client settings missing from the web UI, it is present on the original firmware. (I am not using this feature so it's fine for me, just curious)
There is my own scheme with OpenVPN client, not limited to selected by NG subset. So there could be conflicts if I leave stock scheme.

2) I have an issue with the OpenVpn server. It was working correctly both for TAP and TUN before the upgrade. Now I am only able to connect using TAP, TUN is not connecting no matter what. I suspect this is a firewall/iptables issue but I have no idea. I tried to restore factory settings and even rollback to original firmware but it doesn't work anymore. I also tried to open the port manually using the instructions on your readme file but no luck so far.
The server log shows nothing and the client log is stuck on "Connecting to x.x.x.x:12973 via UDPv4" then timeout.
I checked right now. TUN: do you mean what is named [For Smart Phones]? Anyway I checked both: [For Windows] and [For Smart Phones], Advanced Configuration (*) UDP (2.4.x clients). When connected can ping LAN IP of my router and IP of other client in remote LAN.

Try to renew all:

1. Disable in GUI OpenVPN server
2. From telnet console run:
Code:
/etc/init.d/openvpn regenerate_cert_file
3. Reboot your router
4. Enable OpenVPN server in GUI
5. Download your client configs again.

Voxel.
 
Hi @Voxel, I just upgraded to your build (1.0.2.61SF) from stock firmware (1.0.2.58) on my R7800, I have 2 questions though.
1) Why is the VPN Client settings missing from the web UI, it is present on the original firmware. (I am not using this feature so it's fine for me, just curious)
2) I have an issue with the OpenVpn server. It was working correctly both for TAP and TUN before the upgrade. Now I am only able to connect using TAP, TUN is not connecting no matter what. I suspect this is a firewall/iptables issue but I have no idea. I tried to restore factory settings and even rollback to original firmware but it doesn't work anymore. I also tried to open the port manually using the instructions on your readme file but no luck so far.
The server log shows nothing and the client log is stuck on "Connecting to x.x.x.x:12973 via UDPv4" then timeout.

Can you help me to find out the issue?
I had some problems with persistent config as well. Here is info how to clean up all config: https://www.snbforums.com/threads/c...r-r7800-v-1-0-2-60sf.48805/page-7#post-438643
As for TAP/TUN issues I have the opposite. Connection with client.ovpn (TAP) is established but no traffic whatsoever. Have not investigated further but looks like I am connecting to Guest network. smartphone.ovpn (TUN) profile works perfectly.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top