What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hmmm....spaces shouldn't cause a problem. I have them on my primary system.

On the no description, I'll take a look at that. I may be using the local port as the key to look up the name. I maybe should use the port range.

Uhhh, I added the space again and it keeps working.
Description text is now exactly as is was.

I think there was nothing wrong with the name.
Must be some weird glitch that got fixed by removing the port forward rule and add it back again...
 
This app dont work with my N66U with Fork FW
emoji19.png
.... any alternativ ?

Yes, use a web browser and go through the regular webui.

App support requires a LOT of code in the httpd daemon - I doubt John feels like trying to track down all of it and backport it, especially as there's a portion that's closed source now.
 
@john9527, can you confirm where the PTCSRV firewall rule is for? It is implemented since one of your latest firmware versions and also in the latest V26E4:

PTCSRV tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22

The packetcounter is increasing on this rule (iptables -L -nv), so the rule is getting "hit", but what does it do?
 
Last edited:
Can u Go from latest Fork to Merlin SW without problems ?
Fork to Merlin or stock, yes. Merlin or stock to fork...
  • For supported routers currently running ASUS firmware 380.3000 or above, or Merlin 380.60 or above, you cannot load this fork using the built in firmware update web interface. You must use the ASUS Firmware Restoration Tool from the ASUS support website to install this fork firmware.
 
can you confirm where the PTCSRV firewall rule is for?
It appears to be part of Asus' new closed-source protect_srv service.

Colin right again (as usual). It's monitoring the ssh (and telnet) ports if enabled, and will dynamically generate a block rule for an ip address that is repetitively trying to access it.

I shortened the chain name from that used in Merlin builds because it was screwing up the columns in the iptables output.
 
Uhhh, I added the space again and it keeps working.
Description text is now exactly as is was.

I think there was nothing wrong with the name.
Must be some weird glitch that got fixed by removing the port forward rule and add it back again...
Have you ever had an 'nvram low' situation? It seems as if port forwards as one of the first things that can be affected (maybe corrupted) if that occurs.

On the no description problem.....just wrote a fix for the next release. Thanks for the report!
 

Attachments

  • PortForwardRange.PNG
    PortForwardRange.PNG
    97.6 KB · Views: 396
Hi,

I configured the AC66 router to renew every connected devices' IP address in every 15 minutes. I enabled the JFFS partition and configured to save the syslog to that area. My problem is that the router saves only 2.5 days long log, the older entries are automatically overwritten. How can I increase the log / history size?

Thanks!
 
Colin right again (as usual). It's monitoring the ssh (and telnet) ports if enabled, and will dynamically generate a block rule for an ip address that is repetitively trying to access it.

I do not open ports to the outside to access LAN. That's why VPN is invented imho. Because the rule is getting hit, is seems to do some inspection of the traffic or? Can I safely remove this rule upon startup, or am I screwing the service (or something else) up when doing so... ;)
 
Have you ever had an 'nvram low' situation? It seems as if port forwards as one of the first things that can be affected (maybe corrupted) if that occurs.

On the no description problem.....just wrote a fix for the next release. Thanks for the report!

No, no 'nvram low' messages.
I do have my OpenVPN certs/keys in nvram, not on jffs.
But this I have for a long time without problems.
NVRAM usage is always stable at 82% used.
Code:
NVRAM usage    53948 / 65536 bytes   (82% utilized)

Usually I power off and on the router before a flash.
To free up RAM.
This time I did not do that and flashed directly after 30days uptime.
Maybe that created this glitch. :(

Anyway, it's working fine now.
And thanks for the description fix! :)
 
Can I safely remove this rule upon startup, or am I screwing the service (or something else) up when doing so... ;)
Personally I wouldn't risk it. It looks like that chain is fairly baked-in to the firmware, and who knows what dependencies there are in the closed source parts. John undoubtedly knows more about this. But I think a better approach would be to kill the protect_srv process (although it might get restated automatically).
 
I do not open ports to the outside to access LAN. That's why VPN is invented imho. Because the rule is getting hit, is seems to do some inspection of the traffic or? Can I safely remove this rule upon startup, or am I screwing the service (or something else) up when doing so... ;)
Metaphor time.....even though you have the door locked (no WAN access), people are continually coming by and knocking on the door. This provides an extra bit of protection if someone (or a bunch of people) continuously knock on the door. As @ColinTaylor said, it's pretty embedded in the code (every time the firewall starts and a separate process to support it). There's no real impact of having it enabled, so I'd recommend just leaving it.

The only time it might be worthwhile to disable it, is if you are running another blocking script like Skynet. So, I'll take a look at providing a disable option....it shouldn't be too hard.
 
...

The only time it might be worthwhile to disable it, is if you are running another blocking script like Skynet. So, I'll take a look at providing a disable option....it shouldn't be too hard.

Can you explain why this could be needed? :confused:
I'm using the ya-malware-block script, which I believe is similar to Skynet.
 
Just tried to Go from Fork 26E4 to Merlin 380.68 and upgrade went through on screen but my router stil says Fork 26E4?[emoji15]
ad48304982ab9ade2ba22f59ceb9f3fe.jpg



Sent from my iPhone using Tapatalk
 
Can you explain why this could be needed? :confused:
I'm using the ya-malware-block script, which I believe is similar to Skynet.
There is nothing specific that I know of. It's just that they can be detecting the same events and trying to implement a block with two different methods. Unnecessary complication.
 
Just tried to Go from Fork 26E4 to Merlin 380.68 and upgrade went through on screen but my router stil says Fork 26E4?[emoji15]
Try powering down the router, unplug any USB devices, power up and retry the firmware upgrade first thing after the boot completes.
 
There is nothing specific that I know of. It's just that they can be detecting the same events and trying to implement a block with two different methods. Unnecessary complication.

Ahhh, I see.

In that case I would also prefer to switch off this closed source Asus thing. :p
I really like the well maintained open source scripts found here on SNB. :)
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top