Kamoj Kamoj Addon 5.5 Beta for Netgear R7800/R8900/R9000 with Voxel FW - Continuation

[Heriberto Silva Alves]

Hello all supporting addon users!

As a thank you for your wishes lately, I've made a new release.
It's available for a short time, for you that are active and reading this forum thread.

To download and install it, open a router command prompt and issue the command:

curl -fkso- https://www.voxel-firmware.com/Downloads/Voxel/Kamoj/.Download/addon_install_xyz.sh | sh -s 2025-02-18 5.5b45

Glad to be part of this again! Thanks kamoj!

 

[Heriberto Silva Alves]

I'm not sure if it's a bug or not. On Cron Jobs I have set this:

30 7 * * 1-5 /usr/bin/etherwake -b AA-AA-AA-AA-AA-AA

But the computer does not start on time set.
If I put the mac addresss on Wake on Lan it works.

I check cron jobs on System Information and I only see
*/10 * * * * sync; echo 3 > /proc/sys/vm/drop_caches

What Am I missing here?

 

[matttt22]

@jberry thanks for your recommendation!

To make it so that only traffic destined for the 10.200.200.0/24 subnet goes over the VPN tunnel:

1. I switched on reverse bypassing so that all traffic goes via my WAN interface (directly to the internet) nvram set kamoj_reverse_bypass_vpn=1 && nvram commit (see FAQ)
2. (Optional) I set my tun0 adapter to bypass VPN (because I am running the built-in Netgear "VPN Service" OpenVPN server in parallel. This way all this incoming traffic via tun0 will not be outed to the wg0 VPN interface nvram set kamoj_interfaces_to_bypass_vpn=tun0 && nvram commit
3. Then I added a single line to the bottom of the addon_bypassvpnip.sh file: ip route add 10.200.200.0/24 dev wg0 table novpn this way, It will be on the novpn table that gets created when Wireguard is enabled and deleted when Wireguard is turned off.

-----

@kamoj Based on my testing/solution above I can confirm that that the kamoj_reverse_bypass_vpn=1 feature appears to be working great and as-expected. I also tested this by assigning a few local devices/ips to FORCE them over the network by populating the kamoj_ips_to_vpn as well as testing the kamoj_macs_to_vpn fields. Both of these appear to be working as expected!

Suggestions & Feature Requests for any future versions for consideration:

1. You mentioned that you may build the kamoj_reverse_bypass_vpn into the UI after some testing which I would love to see! I think this would be useful to many.
2. I also noticed without kamoj_reverse_bypass_vpn there is the two options in the UI to (1) "Bypass from specified IPs" and (2) "Bypass to specified IP": When kamoj_reverse_bypass_vpn enabled there is the kamoj_ips_to_vpn parameter which is the inverse of (1) "Bypass from specified IPs" however, it would be great if there was also an inverse to (2) "Bypass to specified IP," when reverse bypass is enabled, where you can specify destination addresses that go over the VPN.
3. It would also be nice if, for all the above settings regarding bypassing/not bypassing by IP address, you could also enter them in CDIR notation and/or a range of IPs (instead of one-by-one). However, this is probably not going to be needed by many users of this addon, so i would say if it is a significant effort to implement, it may not be worth it.
4. Maybe instead of "Settings 2" name this menu something more descriptive like "Firewall & Scripts" or "Firewall & Samba Settings"

Overall this is a very solid addon and cannot thank you enough! I can definitely appreciate the work you put into this @kamoj. The fact that I could configure everything in your addon and only need to add a single command to get it to work exactly to my needs says a lot about how well-written and functional this addon is. I can tell you took the time to understand use cases and try to understand all potential use-cases.

----

Additional Observations

DynamicDNS not updating (unable to consistently reproduce) - I am not not even sure if this is Kamoji addon-related since I found several similar issues in the Netgear community form. I also found the exact same issue reported in another SNB thread here where Kamoj addon was being used. Although, this may not have anything to do with this addon, I thought I would report my experience here for some data points.

• I use DynamicDNS with a NO IP account. (I originally set it up as a NETGEAR account and had to switch to a NO IP account after my domain lapsed. I am still using the mynetgear.com domain though.)
• I made an update to add secondary DNS server to point to another DNS server
• The router automatically rebooted and I didn't have internet, after I reset my modem and router together I got a new IP address from my ISP and saw DnyamcDNS didn't update my hostname
• I got the error message "No update action. There is no IP address on the Internet port." when trying to force an update even though I had a public IP address assigned
• I had to change my NO IP password to something incorrect, then switch it back, click Apply and then the DynamicDNS service started working again.
• Looking through the logs, upon bootup, I noticed DynamicDNS ran BEFORE I had a WAN/Public IP address assigned. So I think it's this sequence of events that causes this. But what is weird is it seems to break other subsequent updates as well.
• Another thing that was interesting is I rebooted everything manually again, got a new Public IP address and DynamicDNS worked just fine.

I am using Router Firmware Version (Voxel) V1.0.2.111SF with Kamoj Add-on V5.5b44 on the Netgear R7800.

Just wanted to post an update here that version 5.5b44 of the addon along with these customizations has been working steady for the last 3 months. It has also survived several reboots and WAN IP address changes. Thanks again @kamoj for greatly enhancing this firmware!!!