What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Many thanks to @dave14305 @Martineau and @john9527
In case someone will be interested in this, I decided to share. Here is manual to configurate Asus RT-N66U (R/W) with [Fork] Asuswrt-Merlin 374.43 LTS release on board to use TOR for listed domains/IP's.
This manual is taken as the basis. Russian version (original) can be found here.

For installation, we need a MicroSD (remove the cover and insert it into the slot inside the router) or a USB flash drive connected on an ongoing basis.
Use command
Code:
amtm
and follow instructions to install Entware
Code:
opkg update ; opkg upgrade ; opkg install tor tor-geoip bind-dig
Create file
Code:
nano /jffs/scripts/init_ipset.sh
with this content
Code:
modprobe ip_set
modprobe ip_set_iphash
modprobe ip_set_nethash
modprobe ip_set_setlist

ipset --create unblock iphash
Make it executable
Code:
chmod +x /jffs/scripts/init_ipset.sh
Edit startup script
Code:
nano /jffs/scripts/services-start
Add following
Code:
#!/bin/sh
# This script get called after all other system services
# have been started at boot on router
# ---------------------------------------------------------

# Cron job to install after reboot
cru a unblock-ipset "3 3 * * * /opt/bin/unblock_ipset.sh"

# Run script now
/jffs/scripts/init_ipset.sh
/opt/bin/unblock_ipset.sh
Make it executable
Code:
chmod +x /jffs/scripts/services-start
Edit this file
Code:
nano /jffs/scripts/nat-start
Add following line
Code:
#!/bin/sh

iptables -t nat -A PREROUTING -i br0 -p tcp -m set --set unblock dst -j REDIRECT --to-port 9141
Make it executable
Code:
chmod +x /jffs/scripts/nat-start
Deleting old config file
Code:
cat /dev/null > /opt/etc/tor/torrc
Edit file
Code:
nano /opt/etc/tor/torrc
Insert the lines below. Please note that the admin is the default username that is used for authorization in the web interface of the router. If you changed it, replace it with yours.
Code:
User admin
PidFile /opt/var/run/tor.pid
ExcludeExitNodes {RU},{UA},{AM},{KG},{BY}
StrictNodes 1
TransPort 192.168.1.1:9141
ExitRelay 0
ExitPolicy reject *:*
ExitPolicy reject6 *:*
GeoIPFile /opt/share/tor/geoip
GeoIPv6File /opt/share/tor/geoip6
DataDirectory /opt/var/lib/tor
  • Exclude output nodes: Russia, Ukraine, Armenia Kyrgyzstan, Belarus.
  • Hang a "transparent" proxy on the address 192.168.1.1, port 9141.
  • Deny be an exit point.
unblock.txt is a simple list to unlock. You can unlock the domain or IP address. One line - one element. Empty lines (including spaces and tabs) are ignored. You can use the # character at the beginning of a line to ignore it. Create a new file with the command
Code:
nano /opt/etc/unblock.txt
Insert your list into it
Code:
###Torrent Trackers
rutracker.org
rutor.info
rutor.is
mega-tor.org
kinozal.tv
nnm-club.me
nnm-club.ws
tfile.me
tfile-home.org
tfile1.cc
megatfile.cc
megapeer.org
megapeer.ru
tapochek.net
tparser.org
tparser.me
rustorka.com
uniongang.tv
fast-torrent.ru

###Catalogs of media content for programs
rezka.ag
hdrezka.ag
hdrezka.me
filmix.co
filmix.cc
seasonvar.ru

###Books
lib.rus.ec
flibusta.is
flibs.me
flisland.net
flibusta.site

###Telegram
telegram.org
tdesktop.com
tdesktop.org
tdesktop.info
tdesktop.net
telesco.pe
telegram.dog
telegram.me
t.me
telegra.ph
web.telegram.org
desktop.telegram.org
updates.tdesktop.com
venus.web.telegram.org
flora.web.telegram.org
vesta.web.telegram.org
pluto.web.telegram.org
aurora.web.telegram.org

###Miscellaneous
7-zip.org
edem.tv
4pna.com
2019.vote

###Tor check
check.torproject.org

###Example of unlocking by IP (remove # at the beginning of the line)
#195.82.146.214
Code:
nano /opt/bin/unblock_ipset.sh
Code:
#!/bin/sh

until ADDRS=$(dig +short google.com @localhost) && [ -n "$ADDRS" ] > /dev/null 2>&1; do sleep 5; done

while read line || [ -n "$line" ]; do

  [ -z "$line" ] && continue
  [ "${line:0:1}" = "#" ] && continue

  addr=$(echo $line | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')

  if [ ! -z "$addr" ]; then
    ipset --add unblock $addr
    continue
  fi
 
  dig +short $line @localhost | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | awk '{system("ipset --add unblock "$1)}'

done < /opt/etc/unblock.txt
Code:
chmod +x /opt/bin/unblock_ipset.sh
Edit file
Code:
nano /opt/bin/unblock_dnsmasq.sh
Insert the lines below
Code:
#!/bin/sh

cat /dev/null > /opt/etc/unblock.dnsmasq

while read line || [ -n "$line" ]; do

  [ -z "$line" ] && continue
  [ "${line:0:1}" = "#" ] && continue

  echo $line | grep -Eq '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' && continue

  echo "ipset=/$line/unblock" >> /opt/etc/unblock.dnsmasq

done < /opt/etc/unblock.txt
Make it executable
Code:
chmod +x /opt/bin/unblock_dnsmasq.sh
Now execute
Code:
/opt/bin/unblock_dnsmasq.sh
Check that the file is created and has entries in it
Code:
cat /opt/etc/unblock.dnsmasq
Edit file
Code:
nano /opt/bin/unblock_update.sh
Insert the lines below
Code:
#!/bin/sh

ipset --flush unblock

/opt/bin/unblock_dnsmasq.sh
service restart_dhcpd
sleep 3
/opt/bin/unblock_ipset.sh &
Make it executable
Code:
chmod +x /opt/bin/unblock_update.sh
Create file
Code:
nano /opt/etc/init.d/S99unblock
Insert the lines below
Code:
#!/bin/sh

[ "$1" != "start" ] && exit 0

/opt/bin/unblock_ipset.sh &
Make it executable
Code:
chmod +x /opt/etc/init.d/S99unblock
We need to connect the created unblock.dnsmasq file to dnsmasq. To do this, open the file in the editor
Code:
nano /etc/dnsmasq.conf
Add to the end of the file:
Code:
conf-file=/opt/etc/unblock.dnsmasq
If you want (this is optional), you can add an additional server for resolution and reliability:
Code:
server=8.8.8.8
Do not edit the dnsmasq.conf file directly as any change will be thrown out when the service or router is restarted.
Use /jffs/configs/dnsmasq.conf.add or /jffs/scripts/dnsmasq-postconf as per the Asuswrt-Merlin wiki.
 
Hello, I updated my AC68U from 39E3 to 43E6 and I can no longer access the GUI.
Neither 192.168.1.1 nor router.asus.com work, it just says ERR_EMPTY_RESPONSE.
SSH access still works fine, any fix? Thanks.
 

Attachments

  • Capture.PNG
    Capture.PNG
    7.5 KB · Views: 286
Hello, I updated my AC68U from 39E3 to 43E6 and I can no longer access the GUI.
Neither 192.168.1.1 nor router.asus.com work, it just says ERR_EMPTY_RESPONSE.
SSH access still works fine, any fix? Thanks.

Typically means trying to use http on an https port or vice-versa.
 
Hello, I updated my AC68U from 39E3 to 43E6 and I can no longer access the GUI.
Neither 192.168.1.1 nor router.asus.com work, it just says ERR_EMPTY_RESPONSE.
SSH access still works fine, any fix? Thanks.
Clear your browser cache/cookies. The way cache manifests are handled was changed (the use of manifests is going to be deprecated).
 
Typically means trying to use http on an https port or vice-versa.
Clear your browser cache/cookies. The way cache manifests are handled was changed (the use of manifests is going to be deprecated).
Thanks, it was actually the "Specified IP address" I had enable which I was able to disable via SSH.
I guess my PC's IP address changed during the update and it wasn't able to recognize it anymore since the "Enable Manual Assignment" option got reset or something.
 
I have a few issues being reported in Zabbix on the WAN port (eth0) and just curious how much performance improvement you generally see when going from 380.70 to your more "up to date" build?
 
I have a few issues being reported in Zabbix on the WAN port (eth0) and just curious how much performance improvement you generally see when going from 380.70 to your more "up to date" build?
WAN port speed.....I'd say no difference.
(I did see your other post, and I'd agree that the first thing to check is that the modem/router connection is negotiating correctly to 1 Gbps...)
 
Hi all
for some reason the client list on the Network Map page is no longer updating. there are about 20 devices connected with DHCP leases, but the Clients button says there are only 4, and the client status column on the right hand side has a constant rotating icon next to the 'Refresh' button. Clicking refresh makes no difference.

it also means I can't update things like manually assigning DHCP for certain hosts as they no longer appear in the drop-down list.

I've tried restarting the router a couple of times but no luck. is there a way to force update of the client list please?


ASUS N66U fork V43E6
 
Hi all
for some reason the client list on the Network Map page is no longer updating. there are about 20 devices connected with DHCP leases, but the Clients button says there are only 4, and the client status column on the right hand side has a constant rotating icon next to the 'Refresh' button. Clicking refresh makes no difference.

it also means I can't update things like manually assigning DHCP for certain hosts as they no longer appear in the drop-down list.

I've tried restarting the router a couple of times but no luck. is there a way to force update of the client list please?


ASUS N66U fork V43E6
There hasn't been any changes to networkmap in a long time. I've seen this happen when a client has a problem and gets into a continuous loop issuing it's own arp requests back to the router, which essentially hangs network map while it responds to those requests. Personally I've only seen it happen on ethernet connected clients. Samsung TVs and HDHomerun tuners are a couple of clients that have reported this problem (I have an HDHomerun that decides to do this about every 6 months or so).
I'd try to reboot any ethernet clients as a first step.
 
thanks John, I turned off the ethernet connected clients, then restarted the router, and the network map is now working properly
 
Updated a few routers today with a handful of the oldie but goldie's RT-AC56U's to john9527 43E6 release. Most of these are being used in Bridge Mode with RT-AC68U's, RT-AC3100's, and even a few with RT-AC86U's too.

Passing on the thanks from those users to @john9527!

One installation, in particular, was noteworthy. The RT-AC86U running RMerlin 384.15_0 as the main router was connecting to the Bridge mode RT-AC56U at a 585Mbps indicated connection rate. After the 'AC86U was updated to 384.17_0 the rate shown was the same 585Mbps for the 'AC56U. But when the RT-AC56U was upgraded from 42E7 to 43E6, the connection rate was showing 780Mbps. More streaming movies for all!

Kudo's to both john9527 and RMerlin too for the fantastic work they produce and the synergy between them!
 
Thank you John much appreciated. I am the one you talk about on your OP. I was on Merlin 374.38_2 (one of the last with web ui commands), however, the sata USB drive was dying so in the switch I crashed everything and brought back up with your RT-N66U_374.43_43E6j9527. Was a bit confused with entware and the new addons directory of the jffs as that was not my procedure before; install to install. Entware working, my programs running, vpn settings stayed and router is working well. If it an't broke; we hope we will see you in another 5 to 10 years when the router dies. Thumbs up and thanks again.
 
Upgraded RT-AC66U A1 - Qty3 , from ASUS Merlin V374.43_42E7j9527 to ASUS Merlin LTS Fork V374.43_43E6j9527 via dirty firmware upgrade, and all working properly as Access Points (AP's).
 
Sorry to jump into this but I'm having problems with my TM-AC1900 2.4ghz and I saw a post that someone mention v28L2 from "john's fork" fixed their problem. Not sure where those numbers are in terms of versions so if anyone can help me to get to the right branch to try this out. Thanks!
 
Router AC68U.
Firmware 374.43, V43E6

Still dont have internet while using a dedicated HoSpot as main source of internet, while connected to USB port via usb cable; USB2 or USB3.
Router detects the make and model of the HotSpot. Router gets an IP from HotSpot, but there is no internet.

This issue is not present in Merlins Firmwares: 384.15, .16, .17. In Merlins firmware, its plug and play, router/firmware detects and configures the HotSpot with out issues.
In some cases, I have to turn Off Internet Connection and Turn it back On when setting up new firmware (Merlin) from scratch. Fork firmware, refuses to work with a Dedicated Hotspot that is connected via USB port.

Screens below are for Merlins 384.16 firmware.

Ignore APN and Dial number on second screen shot. They are irrelevant.


gYnzEG5.png


VqUB39H.png
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top