What's new

Custom firmware build for R9000/R8900 v. 1.0.4.36HF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hello,

Thank you Voxel and Kamoj for dedicating so much time with this project. I want it to try Wire Guard as my VPN speed has been very slow for a few months now, I am guessing because of some sort of ISP throttling.

I subscribe to Azire but I can't get their wire guard von going.

I did made the following files as suggested by Voxel on msg 13 and replace my router ip and azire ip
/mnt/optware/autorun/scripts/post-mount.sh
/opt/scripts/firewall-start.sh
/mnt/optware/wireguard/wg0.conf

Something that I noticed if I enter the codes manually is an error in my .conf file

/tmp/mnt/sdi1/wireguard$ wg setconf wg0 /mnt/optware/wireguard/wg0.conf

Line unrecognized: `Address=10.0.22.221/19,2a0e:1c80:4:2000::16de/64'

Configuration parsing error

Does anyone knows how to get Azire WireGuard going?

Regards!
 
Something that I noticed if I enter the codes manually is an error in my .conf file

/tmp/mnt/sdi1/wireguard$ wg setconf wg0 /mnt/optware/wireguard/wg0.conf

Line unrecognized: `Address=10.0.22.221/19,2a0e:1c80:4:2000::16de/64'

Configuration parsing error

Try to comment this line in your conf file and use this address in "ip" command. In my very raw example:

https://www.snbforums.com/threads/c...r-r9000-r8900-v-1-0-4-36hf.60635/#post-534558

I've used "10.9.200.1/24" i.e. R9000 should get the IP 10.9.200.1. Your IP should be 10.0.22.221. I.e. something like

Code:
#!/bin/sh
insmod /lib/modules/3.10.20/wireguard.ko
ip link add dev wg0 type wireguard
ip address add dev wg0 10.0.22.221/19
wg setconf wg0 /mnt/optware/wireguard/wg0.conf
ip link set up dev wg0
. . .

My conf file also does not contain the line "Address: xx.xx.xx.xx/xx ...

Also note that your IP rules in /opt/scripts/firewall-start.sh not obligatory will be started immediately after reboot. So run these commands manually to push them to work right now:

Code:
net-wall rule
net-wall start

Advice: First, test all this manually. From console and for IPv4 initially.

Voxel.
 
I am getting a new error on this latest build for the firewall. It won't start, leaving my ports open. When I manually run `/usr/sbin/iptables-save`, I get this output and error. Is this something I caused? The error is:

Can't find library for match `dnshijack'

Code:
# Generated by iptables-save v1.4.21 on Fri Dec 27 19:06:22 2019
*raw
:PREROUTING ACCEPT [5422023:3650678311]
:OUTPUT ACCEPT [1081369:60706121]
-A OUTPUT -o lo -j NOTRACK
COMMIT
# Completed on Fri Dec 27 19:06:22 2019
# Generated by iptables-save v1.4.21 on Fri Dec 27 19:06:22 2019
*nat
:PREROUTING ACCEPT [86813:8928098]
:INPUT ACCEPT [19912:2046783]
:OUTPUT ACCEPT [6289:478197]
:POSTROUTING ACCEPT [6660:554916]
:br0_masq - [0:0]
:brwan_masq - [0:0]
:igmp_nat - [0:0]
:lan_dnat - [0:0]
:net_dnat - [0:0]
Can't find library for match `dnshijack'
-A PREROUTING ! -d 192.168.1.1/32 -i br0 -p udp -m udp --dport 53
 
Came here just to like and say thanks. I cannot overstate enough how important this firmware is, and if all you ask is a simple show of appreciation I will gladly do it for all upgrades I install.

Additionally, I hate when there are empty BB commitments that peaple make and forget/fail to keep, but I've set a reminder for the 15th when I get paid to send you some donation funds. As long as I am reliant on this router, and your firmware, I'll do what I can to show you the support you deserve for unleashing a lot of the potential of this device.
 
I am getting a new error on this latest build for the firewall. It won't start, leaving my ports open. When I manually run `/usr/sbin/iptables-save`, I get this output and error. Is this something I caused? The error is:

Can't find library for match `dnshijack'

It could be so. This module "ipt_dnshijack.ko" is included into GPL sources from NG/DNI in binary form. So I use it 'as-is'. Just one more bug from NG/DNI but not fatal. As far as I understand (guessing, browsing this binary) this module is responsible to fake the DNS and to return LAN IP of your router for such names as routerlogin.net/www.routerlogin.net/routerlogin.com/www.routerlogin.com instead of real Internet IP. But dnsmasq package is also changed to do the same... So you may ignore this error message IMO.

And BTW I'd not recommend to use ip6tables-save/ip6tables-restore. Firewall program fromNG/DNI (also in binary form) does the changes directly and can spoil your iptables rules. So better use the scheme I described in README (/opt/scripts/firewall-start.sh) to use your own iptables rules.


If you run "net-wall rule" and "net-wall start" (see my post above) your changes in iptables will be nullified if not to use the scheme with /opt/scripts/firewall-start.sh

Voxel.
 
Hi.

I just want to say THANKS for this firmware. I was growing very frustrated with my R9000 router and the lagging (bufferbloat) issues I was seeing. I was going to go the route of DD-WRT to (hopefully) get a good QOS system in place, but thought I would try this Voxel build instead. So glad I did! Much simpler for me to use, and I was even able to keep running my existing Plex system! Easy installation, and now my Bufferbloat rating on DSLReports has gone from an "F" rating to an "A" rating. This with Comcast 200/5 service, and setting the QOS on my router to use 200/4.5 (took some experimenting to find the sweet spot for these numbers).

THANKS!!!!

Claude
 
Voxel большое спасибо тебе за твою работу по модификации и отладке ПО для R9000 , сейчас на вторичном рынке он стал появляться и по доступным ценам, поэтому , думается , аудитория пользователей будет только расти ..
Из вопросов - только один - а нельзя ли в веб морде или консоли как то запросить \ вывести температуру чипов.
Уверен , что аппаратно это реализовано , хотелось бы получить доступ к этой информации .
 
Voxel большое спасибо тебе за твою работу по модификации и отладке ПО для R9000 , сейчас на вторичном рынке он стал появляться и по доступным ценам, поэтому , думается , аудитория пользователей будет только расти ..
Из вопросов - только один - а нельзя ли в веб морде или консоли как то запросить \ вывести температуру чипов.
Уверен , что аппаратно это реализовано , хотелось бы получить доступ к этой информации .


Check this:

https://www.snbforums.com/threads/kamoj-add-on-v5-for-netgear-r7800-x4s-and-r9000-x10.60590/

Add-on features in short:
Extended information about the router, settings, firmware etc. Examples:
  • Router Temperatures
  • CPU Load Total (per core)
  • Memory Usage
. . .

Voxel.
 
Hi.

I just want to say THANKS for this firmware. I was growing very frustrated with my R9000 router and the lagging (bufferbloat) issues I was seeing. I was going to go the route of DD-WRT to (hopefully) get a good QOS system in place, but thought I would try this Voxel build instead. So glad I did! Much simpler for me to use, and I was even able to keep running my existing Plex system! Easy installation, and now my Bufferbloat rating on DSLReports has gone from an "F" rating to an "A" rating. This with Comcast 200/5 service, and setting the QOS on my router to use 200/4.5 (took some experimenting to find the sweet spot for these numbers).

THANKS!!!!

Claude

Uh oh. My Bufferbloat issues have returned. Fresh tests on DSLReports are again showing an F grade for Bufferbloat. I've tried changing the QOS settings, rebooting the router, turning Plex on and off, etc, but no improvement.

Any suggestions?

Thanks.

Claude
 
There was a problem: cannot be synchronized on NTP . writes: Предупреждение. Роутеру Orbi не удалось подключиться к серверу NTP. Проверьте подключение к Интернету или попытайтесь подключиться к другому серверу NTP.
before the transition, everything worked fine with the official one .
(in connection with problems at the provider the router is synchronized on the server in an internal network (outside too sticks out it is possible to check : streenger.net)
but if you click the apply button, the synchronization is normal .
NTP synchronized OK: 2020-01-04 01:27:09: Boot sequence: 36 seconds. Time then synchronized after 41 seconds. Synch indicators: (FL)
 
There was a problem: cannot be synchronized on NTP . writes:
Probably temporary problem.

upload_2020-1-4_18-45-32.png


I've checked right after reboot, 15 min ago...

Voxel.
 
Probably temporary problem.

View attachment 20703

I've checked right after reboot, 15 min ago...

Voxel.
not work / with problems at the provider - closed outgoing packet to NTP server(s) ( incoming this normally pass)
defntp.jpg
defntp.jpg

for example
root@RId_Str9000:/$ rdate -p 192.168.1.9
Sat Jan 4 19:17:26 2020

root@RId_Str9000:/$ rdate -p time.nist.gov
rdate: cannot connect to remote host: Network is unreachable


I know what this is all about ... and you can rebuild the firmware from ntpd и ntpdate ?
 
Last edited:
I have created a little script to check for updates to my R9000. You can add it to a cron job or run it at shell login (likely not every login). I am not sure if the current check is the best way to get the current fw version since its key contains "last_fw", but in my case it matched my current version (maybe because I reflashed the same version before). Any suggestions welcome!

https://gist.github.com/jasonsyoung/af2719586943f1a87cd5fcf440b3ff04
 
Alternative:
https://www.snbforums.com/threads/kamoj-add-on-v5-for-netgear-r7800-x4s-and-r9000-x10.60590/

I have created a little script to check for updates to my R9000. You can add it to a cron job or run it at shell login (likely not every login). I am not sure if the current check is the best way to get the current fw version since its key contains "last_fw", but in my case it matched my current version (maybe because I reflashed the same version before). Any suggestions welcome!

https://gist.github.com/jasonsyoung/af2719586943f1a87cd5fcf440b3ff04
 
Ah i had kamoj installed but it was throwing errors in my log constantly so I disabled it, I didnt realize there was an update feature in it. Awesome! Ignore my post then!

EDIT: For reference, this is the error (I uncommented out the lines in /etc/rc.local and ran them, resulting in this output, which I was seeing in the log). You can ignore the AdGuard is running line, I added a line to start AdGuard Home.

Code:
bash 12:33:56 root@R9000 ~:# bash /etc/rc.local
AdGuard is running
/etc/rc.local: line 8: Wed: command not found
bash 12:34:02 root@R9000 ~:# sh: Off: bad number
sh: Off: bad number
sh: Off: bad number
sh: Off: bad number
sh: Off: bad number
...etc

EDIT 2: Looks like maybe I didnt have Kamoj installed correctly, investigating this. If I still have errors I will let you know since I assume you are the author!
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top