What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hi John,

No, I did not. This is the original version. Never changed the iptables. Any tips?

I just needed to educate myself a bit more:eek:....you have IP Traffic monitoring active and changed the Logged packets types settings which lead to some entries I hadn't see before.

For a test, can you change the Logged packets types back to 'None' (I think this will bring back the entry I was looking for), and then try the iptables command again?
 
Hi John.. Just wondering what might be new for your next release #7. I dont think there has been any security issues since #6. :)

There actually was one security issue in OpenVPN server to be picked up (someone with a valid client logon could crash the router, so for most setups, this means you could hack yourself if you wanted). Also following Merlin's lead, removed the SSL2/SSL3 protocols which had previously been just disabled.

The rest of the update has actually grown quite a bit....primarily two areas...

- IPv6 fixes (including a couple I ported over from Tomato)
- miscellaneous gui fixes

and a couple of little 'surprises' :)

My ISP isn't IPv6 yet, so I'm going to put it out first as a Beta in case of problems with the IPv6 adds.

Watch this space.....coming soon!
 

This thread covers a fork extending the life of an older firmware level, so doesn't include adding in a significant new function.

You may ask in a separate thread, against current levels, but I think the answer will likely be the same. You may find a taker that will help do it as a separate addon package if its possible.
 
AFAIK none of the Asus routers or code levels support channel bonding...sorry.

Unless you are refering to something completely different Asus routers do support channel bonding in the 40 and 80 mhz mode.
 
Last edited by a moderator:
Minor bug report...

You standardized the Wireless Mode dropdown choices... Auto, N Only, Legacy

But if you click on the "Wireless Mode" label, the informational text popup hasn't been updated.

On the page for Wireless --> General -- 2.4GHz
the popup lists three options in this order... Auto, Legacy, N Only
(a different order from the dropdown)

On the page for Wireless --> General -- 5GHz
the popup lists three options in this order... Auto, Legacy, N + AC
(different options from the dropdown, and the order is different)
 
Minor bug report...

You standardized the Wireless Mode dropdown choices... Auto, N Only, Legacy

But if you click on the "Wireless Mode" label, the informational text popup hasn't been updated.

On the page for Wireless --> General -- 2.4GHz
the popup lists three options in this order... Auto, Legacy, N Only
(a different order from the dropdown)

On the page for Wireless --> General -- 5GHz
the popup lists three options in this order... Auto, Legacy, N + AC
(different options from the dropdown, and the order is different)

Yes, I knew that was there....and had put it on the back burner to see if I could come up with a good solution. I could change the English language version, but there are 20 other language modules with that hint as well. So I could code to only support the hint on English and disable all the others (or just disable it everywhere), but there is some good info in the hint on what happens with Legacy support. Still thinking about it.....

EDIT: Found the needed string for [N Only] for AC mode routers in the 376 code base. The hint will be updated in the next update for all languages.
 
Last edited:
Does this mean if I select n-only option on the 5ghz radio it will actually be ac+n?

Thank you
 
Does this mean if I select n-only option on the 5ghz radio it will actually be ac+n?

Thank you

No, the selection is correct....if you select 'N Only' its n-only. To use ac-mode, you need to select 'Auto'.

The popup text with the description of the options is incorrect.
 
I'm still using your Firmware:374.43_2_1007 that has the TM with Mbps.
Can Mbps be added to this fork?

Are you a mind reader?:)

This will be a user option in the next release....a little 'surprise' item.

It's easier for me to relate to Mb/s as well.
 
Last edited:
Hi, has anything been done in the fork w.r.t. L2TP?
For some reason Merlin's 43 works just fine but your fork cannot connect to the same ISP. The only relevant thing I can see in the log are complaints about "some failure" (literally!)
 
Hi, has anything been done in the fork w.r.t. L2TP?
For some reason Merlin's 43 works just fine but your fork cannot connect to the same ISP. The only relevant thing I can see in the log are complaints about "some failure" (literally!)

Sorry, can't think of anything changed with respect to L2TP connections. Post up some of the logs and maybe someone can spot something.
 
I just needed to educate myself a bit more:eek:....you have IP Traffic monitoring active and changed the Logged packets types settings which lead to some entries I hadn't see before.

For a test, can you change the Logged packets types back to 'None' (I think this will bring back the entry I was looking for), and then try the iptables command again?

Haha :) I disabled the IP Traffic monitoring and did the command again without luck.

admin@RT-N66U:/tmp/home/root# iptables -D FORWARD -m state --state INVALID -j DROP
iptables: Bad rule (does a matching rule exist in that chain?)

This is the chain:
Chain FORWARD (policy DROP)
target prot opt source destination
logaccept all -- anywhere anywhere state RELATED,ESTAB LISHED
logdrop all -- anywhere anywhere
logdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere
logaccept all -- anywhere anywhere
DROP icmp -- anywhere anywhere
logaccept tcp -- anywhere anywhere tcp flags:FIN,SYN,R ST,ACK/SYN limit: avg 1/sec burst 5
logaccept tcp -- anywhere anywhere tcp flags:FIN,SYN,R ST,ACK/RST limit: avg 1/sec burst 5
logaccept icmp -- anywhere anywhere icmp echo-request l imit: avg 1/sec burst 5
logaccept all -- anywhere anywhere ctstate DNAT
ACCEPT all -- anywhere anywhere
 
Haha :) I disabled the IP Traffic monitoring and did the command again without luck.

Haha :) I didn't say Traffic Monitor, I said Logged Packet types (under Firewall/General) :)
 
Last edited:
Emergency Release

An emergency update release...

STABLE RELEASE: Update-06E
9-January-2015
Merlin fork 374.43_2-06Ej9527
Download http://1drv.ms/1uChm3J
===============================

For those of you not yet ready to update to the latest 376.xx release, I have created an incremental update (fixpack) to 374.43_2. This build primarily backports some of the fixes of the later Merlin builds back to the 374.43_2 build.

Update-06E of the 374.43 update fork is now available. This is an emergency release for the stable build to pick up Merlin's temporary fixes for the ASUS infosvr LAN-side security vulnerability. THERE ARE NO OTHER CHANGES IN THIS RELEASE.

Highlights

- Includes Merlin's temporary fix for infosvr LAN-side security vulnerability

A factory default reset is NOT required if coming from any level of the fork or Merlin 374 code. Coming from any other levels does require a factory default reset after the code is loaded.


For those waiting on the Update-07 BETA release.....it will be posted later today (and also includes the infosvr fixes)
 
Last edited:
Haha :) I didn't say Traffic Monitor, I said Logged Packet types (under Firewall/General) :)

HAHA. That's just stupid from me. I'm sorry. Don't know why I did that. :)

But, it works! Thank you so much! I can finally use my VPN. :) Are you going to fix this in a next release?
 
HAHA. That's just stupid from me. I'm sorry. Don't know why I did that. :)

But, it works! Thank you so much! I can finally use my VPN. :) Are you going to fix this in a next release?

I'll take a look into it....right now I've locked down the Beta to get a public release out. I was suffering from 'content creep' and was never going to get it out. :)
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top