[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

[john9527]

Hi John,

No, I did not. This is the original version. Never changed the iptables. Any tips?

I just needed to educate myself a bit more....you have IP Traffic monitoring active and changed the Logged packets types settings which lead to some entries I hadn't see before.

For a test, can you change the Logged packets types back to 'None' (I think this will bring back the entry I was looking for), and then try the iptables command again?

 

[john9527]

Is there any way to do bonding on asus rtn66u?


Sent from my iPhone using Tapatalk

AFAIK none of the Asus routers or code levels support channel bonding...sorry.

 

[john9527]

Hi John.. Just wondering what might be new for your next release #7. I dont think there has been any security issues since #6.

There actually was one security issue in OpenVPN server to be picked up (someone with a valid client logon could crash the router, so for most setups, this means you could hack yourself if you wanted). Also following Merlin's lead, removed the SSL2/SSL3 protocols which had previously been just disabled.

The rest of the update has actually grown quite a bit....primarily two areas...

- IPv6 fixes (including a couple I ported over from Tomato)
- miscellaneous gui fixes

and a couple of little 'surprises'

My ISP isn't IPv6 yet, so I'm going to put it out first as a Beta in case of problems with the IPv6 adds.

Watch this space.....coming soon!

 

[john9527]

Hi, can you add shadowsocks in merlin?
https://github.com/shadowsocks/shadowsocks-libev

This thread covers a fork extending the life of an older firmware level, so doesn't include adding in a significant new function.

You may ask in a separate thread, against current levels, but I think the answer will likely be the same. You may find a taker that will help do it as a separate addon package if its possible.

 

[Deleted member 22229]

AFAIK none of the Asus routers or code levels support channel bonding...sorry.

Unless you are refering to something completely different Asus routers do support channel bonding in the 40 and 80 mhz mode.

 

[Lotta Cox]

I'm still using your Firmware:374.43_2_1007 that has the TM with Mbps.
Can Mbps be added to this fork?

 

[krick]

Minor bug report...

You standardized the Wireless Mode dropdown choices... Auto, N Only, Legacy

But if you click on the "Wireless Mode" label, the informational text popup hasn't been updated.

On the page for Wireless --> General -- 2.4GHz
the popup lists three options in this order... Auto, Legacy, N Only
(a different order from the dropdown)

On the page for Wireless --> General -- 5GHz
the popup lists three options in this order... Auto, Legacy, N + AC
(different options from the dropdown, and the order is different)

 

[john9527]

Minor bug report...

You standardized the Wireless Mode dropdown choices... Auto, N Only, Legacy

But if you click on the "Wireless Mode" label, the informational text popup hasn't been updated.

On the page for Wireless --> General -- 2.4GHz
the popup lists three options in this order... Auto, Legacy, N Only
(a different order from the dropdown)

On the page for Wireless --> General -- 5GHz
the popup lists three options in this order... Auto, Legacy, N + AC
(different options from the dropdown, and the order is different)

Yes, I knew that was there....and had put it on the back burner to see if I could come up with a good solution. I could change the English language version, but there are 20 other language modules with that hint as well. So I could code to only support the hint on English and disable all the others (or just disable it everywhere), but there is some good info in the hint on what happens with Legacy support. Still thinking about it.....

EDIT: Found the needed string for [N Only] for AC mode routers in the 376 code base. The hint will be updated in the next update for all languages.

 

[Jaded]

Does this mean if I select n-only option on the 5ghz radio it will actually be ac+n?

Thank you

 

[john9527]

Does this mean if I select n-only option on the 5ghz radio it will actually be ac+n?

Thank you

No, the selection is correct....if you select 'N Only' its n-only. To use ac-mode, you need to select 'Auto'.

The popup text with the description of the options is incorrect.

 

[guma77]

hi
when a new version of the fork?

 

[john9527]

I'm still using your Firmware:374.43_2_1007 that has the TM with Mbps.
Can Mbps be added to this fork?

Are you a mind reader?

This will be a user option in the next release....a little 'surprise' item.

It's easier for me to relate to Mb/s as well.

 

[threepwood]

hi
when a new version of the fork?

These questions always ruin the flow of conversations, why the rush? Any particular bug affecting you?

Even worse when on the same page you have the answer for it:

http://forums.smallnetbuilder.com/showpost.php?p=157721&postcount=812

 

[khorser]

Hi, has anything been done in the fork w.r.t. L2TP?
For some reason Merlin's 43 works just fine but your fork cannot connect to the same ISP. The only relevant thing I can see in the log are complaints about "some failure" (literally!)

 

[john9527]

Hi, has anything been done in the fork w.r.t. L2TP?
For some reason Merlin's 43 works just fine but your fork cannot connect to the same ISP. The only relevant thing I can see in the log are complaints about "some failure" (literally!)

Sorry, can't think of anything changed with respect to L2TP connections. Post up some of the logs and maybe someone can spot something.

 

[JPtjee]

I just needed to educate myself a bit more....you have IP Traffic monitoring active and changed the Logged packets types settings which lead to some entries I hadn't see before.

For a test, can you change the Logged packets types back to 'None' (I think this will bring back the entry I was looking for), and then try the iptables command again?

Haha I disabled the IP Traffic monitoring and did the command again without luck.

admin@RT-N66U:/tmp/home/root# iptables -D FORWARD -m state --state INVALID -j DROP
iptables: Bad rule (does a matching rule exist in that chain?)

This is the chain:
Chain FORWARD (policy DROP)
target prot opt source destination
logaccept all -- anywhere anywhere state RELATED,ESTAB LISHED
logdrop all -- anywhere anywhere
logdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere
logaccept all -- anywhere anywhere
DROP icmp -- anywhere anywhere
logaccept tcp -- anywhere anywhere tcp flags:FIN,SYN,R ST,ACK/SYN limit: avg 1/sec burst 5
logaccept tcp -- anywhere anywhere tcp flags:FIN,SYN,R ST,ACK/RST limit: avg 1/sec burst 5
logaccept icmp -- anywhere anywhere icmp echo-request l imit: avg 1/sec burst 5
logaccept all -- anywhere anywhere ctstate DNAT
ACCEPT all -- anywhere anywhere

 

[john9527]

Haha I disabled the IP Traffic monitoring and did the command again without luck.

Haha I didn't say Traffic Monitor, I said Logged Packet types (under Firewall/General)

 

[john9527]

Emergency Release

An emergency update release...

STABLE RELEASE: Update-06E
9-January-2015
Merlin fork 374.43_2-06Ej9527
Download http://1drv.ms/1uChm3J
===============================

For those of you not yet ready to update to the latest 376.xx release, I have created an incremental update (fixpack) to 374.43_2. This build primarily backports some of the fixes of the later Merlin builds back to the 374.43_2 build.

Update-06E of the 374.43 update fork is now available. This is an emergency release for the stable build to pick up Merlin's temporary fixes for the ASUS infosvr LAN-side security vulnerability. THERE ARE NO OTHER CHANGES IN THIS RELEASE.

Highlights

- Includes Merlin's temporary fix for infosvr LAN-side security vulnerability

A factory default reset is NOT required if coming from any level of the fork or Merlin 374 code. Coming from any other levels does require a factory default reset after the code is loaded.


For those waiting on the Update-07 BETA release.....it will be posted later today (and also includes the infosvr fixes)

 

[JPtjee]

Haha I didn't say Traffic Monitor, I said Logged Packet types (under Firewall/General)

HAHA. That's just stupid from me. I'm sorry. Don't know why I did that.

But, it works! Thank you so much! I can finally use my VPN. Are you going to fix this in a next release?

 

[john9527]

HAHA. That's just stupid from me. I'm sorry. Don't know why I did that.

But, it works! Thank you so much! I can finally use my VPN. Are you going to fix this in a next release?

I'll take a look into it....right now I've locked down the Beta to get a public release out. I was suffering from 'content creep' and was never going to get it out.