[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

[mobileman88]

@john9527 - thx. I understand, though it kinda sux ;-) ... The AP is acting as an extender and though we can create a separate Guest SSID on the AP it does not provide all the same controls that a Guest SSID does on the Router. Problem with this is that using a Guest SSID on the AP partly (or fully) defeats the purpose of a "Guest" network - which people often/usually want to isolate from the Intranet. Would be nice if there was a way to have the AP tell the Router not to route packets to the Intranet if they come from a specific SSID.

Your main Router will have no idea about the existence of any other SSIDs since its packets are coming in from the LAN port which the AP is connected to at the Router side. But if the AP is plugged directly to one of the ports of your router, you might be able to use bridging controls possibly.

I recalled reading such a config in the DDWRT forums which is possible both to limit traffic and also to QOS it.

You might want to search over the internet. You'd need to use the "brctl" and "route" commands a fair bit to accomplish this and run a custom "dnsmasq" in that segment to provide IP addresses.

Possible steps
- Remove LAN port of AP from main bridge on the Router (using brctl)
- Setup custom routes of this LAN port (using route)
- Setup custom dhcp for this LAN port (using dnsmasq)

Put all the above into a custom script and you should be all set.

 

[Chrysalis]

So everyone benefits from my feedback I can confirm FQ_CODEL is a massive improvement over the original shaper been used in the older firmwares. Not tried CODEL yet.

 

[maurer]

can you please tell me how can I compile the firmware with prebuilt binary like http://files.lancethepants.com/Binaries/tinc/mipsel/tinc 1.1pre11/tincd
i just don't like jffs backup/restore during each upgrade

thanks

 

[a5m]

I'm having an issue when running OpenVPN on the 17E8 firmware build and using Policy Rules to Redirect Internet traffic to a NAS. I use TorGuard and followed the instructions show in this link to setup OpenVPN on the router:

https://torguard.net/knowledgebase.php?action=displayarticle&id=216

Only thing I've done differently is for Accept DNS Configuration I've selected Exclusive and checked the box for Only VPN clients use VPN DNS.

After about a day the connection to the NAS goes down and no traffic goes either in or out.

I've noticed in the beta 18B9 build one of the changes is:

* CHANGED: openvpn: only set persist-tun if not DNS exclusive mode

The TorGuard instructions state to add persist-key and persist-tun in the Custom Configuration. Should I remove persist-tun to resolve this issue?

Also a second issue is that the NAS keeps displaying a notice saying:

"The system has detected that your DNS server cannot resolve hosts, and some applications might not work properly."

Any help on these matters would be appreciated.

 

[john9527]

@a5m - Can you provide a little more detail about what you have going through the VPN tunnel and what is being routed around the tunnel (is the NAS using the VPN?) Sorry if I'm missing the obvious....

It would also help if you posted your policy rules and any custom configuration.

 

[a5m]

No that's alright John I will try to provide more information. Thank you for your help.

Only the NAS (192.168.1.69) is going through the VPN tunnel, all other devices are being routed around the tunnel.

My Policy Rules are as follows:

TorGuard | 192.168.1.69 | 0.0.0.0 | VPN

Custom Configuration as follows:

persist-key
persist-tun

I hope that helps.

 

[kevinlekiller]

Thanks John for the update! Can you push your recent changes to GitHub? The last push was like 6 months ago

I'm no expert on the subject, but I believe under the current license (GPL v2) it is required to make the source code available for a publicly released binary release.

 

[octopus]

I'm no expert on the subject, but I believe under the current license (GPL v2) it is required to make the source code available for a publicly released binary release.

http://www.snbforums.com/threads/fork-update-for-374-43-available-v17e8-v18b9.18914/

 

[john9527]

Thanks John for the update! Can you push your recent changes to GitHub? The last push was like 6 months ago

My fault everyone A lot going on for me right now and I just forgot to push the update. I pushed up through V17E8...next push when V18 comes out of beta.

 

[rtn66uftw]

My fault everyone A lot going on for me right now and I just forgot to push the update. I pushed up through V17E8...next push when V18 comes out of beta.

No you're good! Thanks for all the hard work!

 

[kevinlekiller]

http://www.snbforums.com/threads/fork-update-for-374-43-available-v17e8-v18b9.18914/

Yes, I'm aware of the git repository linked there, although according to the license it's required to redistribute the source code with every binary release (rtn66uftw was asking about the v18 binary releases, which does not have the source code publicly released):

"But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program's users, under the GPL."

https://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.en.html#GPLRequireSourcePostedPublic

 

[RMerlin]

"But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program's users, under the GPL."

They don't specify that it must be made immediately available for download, only if someone asks for it. In theory, someone could make these available only on request - which is how many companies actually handle the GPL. And it's perfectly legal.

It's not uncommon for beta/test software releases to not come with GPL sources for immediate download, as this isn't finalized work anyway, and most people don't care (from a technical level) about the beta source code.

 

[rtn66uftw]

Anybody knows why some devices don't show IP address under System log > Wireless log?

RT-N66U on AP mode

 

[john9527]

Anybody knows why some devices don't show IP address under System log > Wireless log?

The router picks up the ip address from the DHCP leases. So one scenario that can cause this is that the device went to 'sleep' and it's lease expired, but still has it's radio active. When it wakes up, it will request a new lease and the log will get filled in..

 

[razvanu]

I'm using V17E8 on AC68U and i have a little problem with openvpn, I've imported all keys, all setup but i got this message:

openvpn[2344]: Connection reset, restarting [0]
openvpn[2344]: TCP/UDP: Closing socket
openvpn[2344]: SIGUSR1[soft,connection-reset] received, process restarting
openvpn[2344]: Restart pause, 5 second(s)

What could be wrong? Thanks

 

[rtn66uftw]

The router picks up the ip address from the DHCP leases. So one scenario that can cause this is that the device went to 'sleep' and it's lease expired, but still has it's radio active. When it wakes up, it will request a new lease and the log will get filled in..

Thanks John! Strange because there wasnt any device that went to sleep at the time I check the log

 

[a5m]

@a5m - Can you provide a little more detail about what you have going through the VPN tunnel and what is being routed around the tunnel (is the NAS using the VPN?) Sorry if I'm missing the obvious....

It would also help if you posted your policy rules and any custom configuration.

I understand you are busy but just wondering if you had the chance to think of a reason of why I'm having this issue with the VPN tunnel?

 

[john9527]

I understand you are busy but just wondering if you had the chance to think of a reason of why I'm having this issue with the VPN tunnel?

The only thing I can think of is that your VPN provider server is breaking the connection and something is keeping you from reconnecting (the change I made in V18 for persistent-tun MAY be a prevention for one such case).

Does anything show in the syslog for openvpn when you lose access?

 

[mustafa803]

I noticed an issue I constantly face when I used both V17E8 and V18B9.

I have DNS based filtering set to on in the parental control page. Every time I need to reboot the router I am not able to establish a connection to any of my devices until I turn off DNS based filtering then clicking apply then turning it on and clicking apply. I have had this problem with both RT-N16 and RT-N66U.

I tried different merling firmwares like (358.56_2) (380.57) (380.59) and none of these firmwares have this issue.

 

[a5m]

The only thing I can think of is that your VPN provider server is breaking the connection and something is keeping you from reconnecting (the change I made in V18 for persistent-tun MAY be a prevention for one such case).

Does anything show in the syslog for openvpn when you lose access?

I went to check the logs and realized the WAN connection on the router was disconnected. I experienced this before also, where after 5 or 6 days the router would drop the WAN connection.

I removed persist-tun from the Custom Configuration and rebooted the router. Will wait and see if the tunnel goes down, and if it does, I'll post what shows in the syslog.