What's new

Kamoj Kamoj add-on V5 for Netgear R7800 X4S and R9000 X10

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hi kamoj,

Can you please add me for beta testing, been enjoying V5 and would like to try out the latest builds. Appreciate the work you've done!

Regards,
pred
 
One small issue I've found on this router whilst using an OpenVPN client: NAT loopback/hairpinning doesn't work. Meaning that if I have the OpenVPN client connected, I can't connect to my WAN IP and access internal services through the NAT port forwarding.
I just noticed the same issue. I'll have a look and try to fix it. (I guess it needs some additional rule in the iptables nat table)
 
Many thanks for your report!:)
If you want to use wireguard, the beta version of this add-on supports that in a similar way as the OpenVPN Client.
Just send me a PM if you want to join the beta testing!'
(News are published and commented here:
https://www.snbforums.com/threads/kamoj-add-on-5-1-beta-testing-poll.62315/
)
@kamoj Unfathomable amount of thanks for this addon! I was attempting to setup wireguard using the ipk files provided by Voxel R7800 downloads, gave up after an hour or two. It literally only took less than 5 minutes to install this addon, get an OpenVPN config setup, and up n running.
 
can you develop here what you have done please ?
Well, that's the problem. I didn't do anything specific to make it work.

I just enabled the OpenVPN server in the GUI, configured it to use tcp and allow clients to connect to internet and home network.
Then I downloaded the config for smartphone, mailed the .opvn to myself. And on the iPhone opened the .ovpn with the OpenVPN app.

I configured OpenVPN app to use seamless tunnel, and disabled dns fallback. (but this shouldn't have any impact)

Then I press connect and it simply works.
iPhone uses DNS from my router, so I get less ads on my iPhone. (now using AdGuard thnx to kamoj's addon; previously I was using pihole)
I forwarded port 80 & 443 from my router to my nas.
If on my iPhone that is connected via VPN I browse to http(s)://<dynamic.dns.name.of.router> (or http(s)://<public.ipaddress.of.router> then I see the webpages that are running on my NAS.

This works both over WiFi and over 4G, so I have the tunnel active always.
(at home it is a bit strange, from an internal ip create a tunnel to another internal ip. And probably it is a litter slower than it would be if I disable VPN. But this way, I can keep VPN active all the time.)


The fact that it didn't seem to work, probably was my I was tinkering with a lot of scripts on the router, trying to get OpenVPN client and server to function at the same time. And this caused my DynamicDNS name to point to the wrong IP. (it got the IP of my OpenVPN client)
 
Well, that's the problem. I didn't do anything specific to make it work.

I just enabled the OpenVPN server in the GUI, configured it to use tcp and allow clients to connect to internet and home network.
Then I downloaded the config for smartphone, mailed the .opvn to myself. And on the iPhone opened the .ovpn with the OpenVPN app.

I configured OpenVPN app to use seamless tunnel, and disabled dns fallback. (but this shouldn't have any impact)

Then I press connect and it simply works.
iPhone uses DNS from my router, so I get less ads on my iPhone. (now using AdGuard thnx to kamoj's addon; previously I was using pihole)
I forwarded port 80 & 443 from my router to my nas.
If on my iPhone that is connected via VPN I browse to http(s)://<dynamic.dns.name.of.router> (or http(s)://<public.ipaddress.of.router> then I see the webpages that are running on my NAS.

This works both over WiFi and over 4G, so I have the tunnel active always.
(at home it is a bit strange, from an internal ip create a tunnel to another internal ip. And probably it is a litter slower than it would be if I disable VPN. But this way, I can keep VPN active all the time.)


The fact that it didn't seem to work, probably was my I was tinkering with a lot of scripts on the router, trying to get OpenVPN client and server to function at the same time. And this caused my DynamicDNS name to point to the wrong IP. (it got the IP of my OpenVPN client)


Hello R. Guerrits,

many thanks for your reply.
But, i don't really understand what is the link with the problem said by Tiago.
For my understand, Tiago told about :"using an OpenVPN client: NAT loopback/hairpinning doesn't work. Meaning that if I have the OpenVPN client connected, I can't connect to my WAN IP and access internal services through the NAT port forwarding"

As you said, your DDNS point to Client VPN public address when OpenVPN client connexion is active, (same for me) so port forwarding isn't possible as is.
Perhaps, it is possible to activate a virtual WAN interface when OpenVPN client is active and add port forwarding from this virtual interface to local services/devices ?
I'm not sure but i think i've read something about that with OpenWRT firmware (multiwan)

The question is : is it possible with the R7800 or find a VPN provider who accept port forwarding...

PS : sorry for my poor english, i'm a french guy who try to rise in competence, in english and in advanced home network.
 
But, i don't really understand what is the link with the problem said by Tiago.

The only link is that the DDNS pointing to the VPN IP also breaks NAT Loopback/hairpinning. Because iptables cannot see that the public IP from my VPN actually belongs to the tun21 interface, and that the traffic thus could be hairpinned.
(because my VPN provider is again natting the traffic)

It is possible to have OpenVPN client active AND use portforwarding.
But there are some caveats.

Options:
1) use OpenVPN client + portforwarding + you require DDNS because your IP changes freqently:
then it is possible if you accept that router accesses internet directly. I.e. all your clients would still use OpenVPN to access internet. But for instance DNS lookups that the router does, is done directly.
Actually, the only requirement is that http/https traffic that DDNS initiates, goes directly to internet. But without changing too much, this is only easily achieved by routing all traffic from router itself to internet.

2) use OpenVPN client + portforwarding and you have a static IP for which you manually registered a DNS record.
In this scenario, you can even have portforwarding active, while still routing all outbound traffic via VPN tunnel.

if you keep an eye on https://www.snbforums.com/threads/run-openvpn-client-and-server-at-same-time.63935/page-2 there I'll post some script that can achieve what you want.
 
I had two random questions about the "router information" page, with the CPU part.

1) why is the "system load" number there different (like 0.4) than what I get from the "top" command when I log in? (like 4.2)

2) earlier you said the cpu speed reports the max available speed. Any chance of a feature add where it can show the current speed as well?
 
Thank you for your clever questions!

Netgear code is more buggy than mine? Or other way?
Is load 4.2 is ok for an idle device?

You can still look at Netgear stock debug page for Netgear info.

I'm not in the mood to defend either mine or Netgear's figures.
It's not important to me, and I concentrate on the 5.3 beta branch, happily trying to forget the past.
 
If I run 'uptime' I get "15:03:30 up 46 days, 4:35, load average: 4.00, 4.03, 4.04",
so it looks like 4 is a reasonable load average. (uptime & top show the same values)
 
  • Like
Reactions: KW.
well, i'm glad at least that netbytes number matches my number.

I was just wondering if the kamoj router page was getting "load" from the same source as top, htop, and uptime. or somewhere else.

because as google just told me, load is more than just cpu:
http://www.brendangregg.com/blog/2017-08-08/linux-load-averages.html

the kamoj figures seem more realistic to measure the CPU load, but there's a chance the netgear has a lot of driver I/o or something that would lead a Linux load figure higher. I.e. they may both be right.
 
well, i'm glad at least that netbytes number matches my number.

I was just wondering if the kamoj router page was getting "load" from the same source as top, htop, and uptime. or somewhere else.

because as google just told me, load is more than just cpu:
http://www.brendangregg.com/blog/2017-08-08/linux-load-averages.html

the kamoj figures seem more realistic to measure the CPU load, but there's a chance the netgear has a lot of driver I/o or something that would lead a Linux load figure higher. I.e. they may both be right.

In fact they are probably both right, just different measures of the 'business' of the router.
I was just confirming that I also had an average of 4 and nothing more.
Much love for @kamoj's addon.
 
hello,

I had to factory reset(dnscrypt was working fine for many months) my R7800 recently and I am trying to find out why dnscrypt is not working for me after many attempts of reinstalling and configuring voxels firmware .77SF and this amazing add-on. When i go to enable dnscrpyt setting the gui reverts to "none" and dns leak tests confirm this. Is there something that i am missing? Thanks

pic for reference if it helps

https://ibb.co/TPyYnsB
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top