What's new

Voxel Custom firmware build for R9000/R8900 v. 1.0.4.69HF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Voxel

Part of the Furniture
Continuation of:

https://www.snbforums.com/threads/custom-firmware-build-for-r9000.40125/
. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r9000-r8900-v-1-0-4-67hf.84135/
https://www.snbforums.com/threads/custom-firmware-build-for-r9000-r8900-v-1-0-4-68hf.84752/

New version of my custom firmware build: 1.0.4.69HF.

Changes (vs 1.0.4.68HF):

1. Toolchain: Go is upgraded 1.20.3->1.20.5.
2. OpenSSL v. 1.1.1 package is upgraded 1.1.1t->1.1.1u (fixing CVE-2023-0466, CVE-2023-0465, CVE-2023-0464).
(score 5.3, Medium)​
(score 5.3, Medium)​
(score 7.5, High)​
3. netatalk package is upgraded 3.1.14->3.1.15 (fixing CVE-2022-43634, CVE-2022-45188).
(score 9.8, Critical)​
(score 7.8, High)​
4. minidlna package is upgraded 1.3.2->1.3.3 (fixing CVE-2023-33476).
(score 9.8, Critical)​
5. ffmpeg (minidlna) package is upgraded 5.1.3->6.0.
6. sqlite (minidlna) package is upgraded 3410100->3410200.
7. wget package is upgraded 1.21.3->1.21.4.
8. ethtool package is upgraded 6.2->6.3.
9. curl package is upgraded 8.0.1->8.1.2.
10. dbus package is upgraded 1.14.6->1.14.8.
11. pciutils package is upgraded 3.8.0->3.10.0.
12. less package is upgraded 608->633.
13. libubox package is upgraded 2022-09-27->2023-05-23.
14. util-linux: add 'dmesg' utility instead of busybox version.
15. Host tools: upgrade xz to 5.4.3.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 
Unfortunately something seems to be broken on my R9000 router/Voxel FW v. 1.0.4.69HF.
All tries to add or edit an entry in Static Routes ends with an error 400.

I have used this function in the past to exclude certain ip addresses from the VPN,
so it's quite usable. But now I can not even edit old entries. Delete was working though!
This is the error message when prsseing Add or Edit:

"400 Bad Request​

This server does not support the operation requested by your client."

Maybe I've done something wrong with my R9000 router/addon development.
I'm glad if someone else can try as well.

The form "Static Routes" (Add / Edit) works ok with my R7800, but I don't know about the function itself.

/Kamoj
 
Unfortunately something seems to be broken on my R9000 router/Voxel FW v. 1.0.4.69HF.
All tries to add or edit an entry in Static Routes ends with an error 400.

I have used this function in the past to exclude certain ip addresses from the VPN,
so it's quite usable. But now I can not even edit old entries. Delete was working though!
This is the error message when prsseing Add or Edit:

"400 Bad Request​

This server does not support the operation requested by your client."

Maybe I've done something wrong with my R9000 router/addon development.
I'm glad if someone else can try as well.

The form "Static Routes" (Add / Edit) works ok with my R7800, but I don't know about the function itself.

/Kamoj
I'm sorry @kamoj but I'm very busy at the moment with my main job to check it carefully enough. Extremely busy. Really.

So, later. If you have any idea what's wrong, let me know. I don't see now any reason in my changes (log file) that might be causing this.

Keep tracking, warmest regards,
Voxel.
 
I tried to add a static route to my modem which is on a different sub-net. Same result. I do not have the kamoj add-on installed at this time.

Screenshot 2023-06-28 130513.jpg
 
Not sure what happened. I put @Voxel example in my R9000 this morning and it worked perfectly. I put my example in and it also worked perfectly. In my example I enabled Private and Metric 2.


Screenshot 2023-06-30 074718.jpg


Screenshot 2023-06-30 074832.jpg
 
There is an issue with the Dnsmasq configuration. The lines below keep getting appended to my config for some reason.

no-resolv
server=127.0.0.1#64153
proxy-dnssec

The line proxy-dnssec is the issue as it disables caching. It also prevents Dnscrypt 2 Ad-Blocking from loading.

--proxy-dnssec Copy the DNSSEC Authenticated Data bit from upstream servers to downstream clients. This is an alternative to having dnsmasq validate DNSSEC, but it depends on the security of the network between dnsmasq and the upstream servers, and the trustworthiness of the upstream servers. Note that caching the Authenticated Data bit correctly in all cases is not technically possible. If the AD bit is to be relied uponwhen using this option, then the cache should be disabled using --cache-size=0. In most cases, enabling DNSSEC validationwithin dnsmasq is a better option. See --dnssec for details.

From:


I use Dnsmasq specifically for caching.

Notes:
dnssec (Not Supported In This Build)
dnssec-check-unsigned (Not Supported In This Build)
proxy-dnssec (when using this option, then the cache should be disabled using --cache-size=0 so caching no longer works!)

A good solution might be to include Dnsmasq Full for those of us not running Entware.

 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top