What's new

Kamoj Kamoj Addon 5.5 Beta for Netgear R7800/R8900/R9000 with Voxel FW

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

btw, the the issue with AGH was a bug on their side. (#5872)
It was present in 0.107.30 & v0.108.0-b.35 but fixed in both the latest stable and latest beta.
Both work on my R7800.
 
What is the download link for the latest beta for the R9000 installation?
Voxel's site does not list the links! The old version has issues with the R9000 and I'm not sure how to upgrade to the latest beta without the download link.
 

Attachments

  • Not_Listed.jpg
    Not_Listed.jpg
    239.7 KB · Views: 38
Changes in kamoj-addon beta version 2023-06-08 5.5b29
---------------------------------------------------------------
- Settings: Added: "Extra DDoS (distributed denial-of-service) protection firewall rules" (@HELLO_wORLD)
See: https://www.snbforums.com/threads/aegis-simple-yet-effective-protection.67351/post-666117
- Settings: Reworked "Show idle devices in device lists" (@R. Gerrits)
Don't run process when not used. Removed "(Reboot router to enable)".
Don't create the log-file unless nvram parameter kamoj_show_idle_devices_debug is set.
- Some debugging of AdGuardHome done and some minor code changes involving that.
Result: R9000 is working OK with latest AdGuardHome BETA v0.108.0-b.35 only.
Result: R7800 is NOT working with latest AdGuardHome, not even BETA.
Gives error(s) of the type "setting SO_REUSEPORT: protocol not available":
"[error] POST 192.168.1.1:3000 /control/install/configure: couldn't start forwarding DNS server: starting listeners: listening on udp addr 0.0.0.0:5300: listening to udp socket: listen udp 0.0.0.0:5300: setting SO_REUSEPORT: protocol not available"
"[fatal] couldn't start forwarding DNS server: starting listeners: listening on udp addr 0.0.0.0:5300: listening to udp socket: listen udp 0.0.0.0:5300: setting SO_REUSEPORT: protocol not available"
All was working OK with v0.107.12.
So:
WARNING all AdGuardHome users:
If your AdGuardHome is working, DON'T update it.


I hope there are some AdGuardHome users out there, that can do some fault finding to find out what is going,
and report back here.
What is the url?

wget --no-check-certificate https://voxel-firmware.com/Downloads/kamoj-addon_?????-??????-5.5b29_r9000.ipk
 
Using Router Firmware Version (Voxel) V1.0.4.68HF and Kamoj Add-on V5.5b29 - AdGuard home latest beta - Version: v0.108.0-b.36 is working on R9000
Thank you very much @jberry for this confirmation!
Thank you too @R. Gerrits for notifying about the AGH bugs.

I must had really bad luck when I was testing AGH - both release and beta versions broken...
At least I've added some better logging for AGH. Will be included in the next addon version.

This is how the community should work, helping each other and appreciating each others with respect.
 
Changes in kamoj-addon beta version 2023-06-19 5.5b30
---------------------------------------------------------------
- DNS Privacy/Ad-Blocking: Aegis.
Aegis will now automatically install private lists if found in /aegis directory on USB device.
- Router Information: Don't flag new Aegis version when Aegis download site is not responding.
- Added: Supervision: BOOT SETTINGS: Max number of tries to synchronize time: AdGuard, DNSCrypt, OpenVPN, Wireguard (@jberry)
(Default was 30, and is now changed to 300)
- Added: Supervision: BOOT SETTINGS: Max number of waits for DNS: OpenVPN, Wireguard
(Default was 30, and is now changed to 60)
- OpenVPN, Wireguard: DNS function is now tested after time sync.
- GUI general: Blocked floating point numbers in Integer input fields
- AdGuardHome: Changed way of installing, and using new download site, and new alternative download places.
- AdGuardHome: Added more logs
- AdGuardHome: Default configuration file updated.
- AdGuardHome: Warnings in previous addon release note were correct.
The AdGuardHome versions were buggy, and new releases are available now.
- udhcpc: The log when renewing the lease is corrected
from "[Internet connected] IP address" to "[Internet connected] IP Renewed"
- DNSCrypt: Changed start order from 70 to 98 as per Voxel releases.
- Minor corrections
 
I experienced and confirm this problem on my R9000 using Voxel's latest firmware and the latest Kaomj beta b26 I believe. I am using PPPoE, so I think its part of the problem.

If I experience a power outage, My ISP modem takes a while to train to get a VDSL signal, as a result, the R9000 is already booted up and trying to "dial in", when this happens, Adguard home becomes unavailable and is ghosted out, so by the time my ISP modem is good to go and the R9000 males a connection, all my devices on my router can not access the internet because AGH DNS is down. Only way for me to fix this, is to go to the DNS privacy section, choose "none" then choose "Adguard Home" again, or at time I just do a full reboot. This happens on both protocols, both wireguard and OpenVPN. I even have reestablish connection if disconnected check marked. Also if my ISP temporarily disconnects, and PPPoE connection is re established quickly, wireguard or OpenVPN will get stuck reconnecting, something about trying to enable the firewall or IP tables which I have set up. I think this all happens because I am using PPPoE. Not sure if anyone has experienced this I think in the past someone did mention this.

Also I tried to test this, I on purpose turned off my ISP's modem, and the R9000 would get stuck, when I try to access it, its like I'm setting up a new router? screenshot is attached.
I would like to bring up a post from August 2022. Kamoj was able to fix this, in the latest beta, 5.5b30, by increasing the AdGuard Home default number of tires to synchronize time from 30 to 300, and also me setting the Boot Settings: Max wait time for Internet: Addon start/Router boot and Max wait time for Internet: AdGuard Home to a higher amount fixed this issue. Every time I had a power outage, and both my ISP modem and R9000 router would boot up, sometimes it takes my ISP modem (VDSL) time to train and get a signal (3 to 5 minutes), and for my R9000 to "dial in" PPPoE, so 300 tries for time synchronization time really fixed this, it gave the R9000 time to dial in PPPoE, while waiting for the ISP modem to train which takes 3 to 5 minutes, once I had ISP internet, wireguard client would connect, then AdGuard Home would synchronize time and start :) resulting in Adguard home not timing out, and actually resolving DNS inquires. Thank you @kamoj !!

Now using Router Firmware Version (Voxel) V1.0.4.68HF and Kamoj Add-on V5.5b30 - installed over older b29, working fine.
 
Last edited:
Just finished adding Kamoj Add-on V5.5b30 to Voxel's V1.0.2.103SF and everything is working great!
AdGuard Home on, OpenVPN client working.

Great job @kamoj !
 
There is an issue with the Dnsmasq configuration. The lines below keep getting appended to my config for some reason.

no-resolv
server=127.0.0.1#64153
proxy-dnssec

The line proxy-dnssec is the issue as it disables caching. It also prevents Dnscrypt 2 Ad-Blocking from loading.

--proxy-dnssec Copy the DNSSEC Authenticated Data bit from upstream servers to downstream clients. This is an alternative to having dnsmasq validate DNSSEC, but it depends on the security of the network between dnsmasq and the upstream servers, and the trustworthiness of the upstream servers. Note that caching the Authenticated Data bit correctly in all cases is not technically possible. If the AD bit is to be relied uponwhen using this option, then the cache should be disabled using --cache-size=0. In most cases, enabling DNSSEC validationwithin dnsmasq is a better option. See --dnssec for details.

From:


I use Dnsmasq specifically for caching.

Notes:
dnssec (Not Supported In This Build)
dnssec-check-unsigned (Not Supported In This Build)
proxy-dnssec (when using this option, then the cache should be disabled using --cache-size=0 so caching no longer works!)

A good solution might be to include Dnsmasq Full for those of us not running Entware.

 
Last edited:
Changes in kamoj-addon beta version 2023-07-02 5.5b31
---------------------------------------------------------------
- Router Information: Added (sometimes) missing timestamp for "Addon time valid:".
- System Information: Ookla Speed Test: Added button "Start - bypassing VPN"
to run the test bypassing VPN (@jberry)
- Minor changes
 
Changes in kamoj-addon beta version 2023-07-02 5.5b31
---------------------------------------------------------------
- Router Information: Added (sometimes) missing timestamp for "Addon time valid:".
- System Information: Ookla Speed Test: Added button "Start - bypassing VPN"
to run the test bypassing VPN (@jberry)
- Minor changes
This post turned into way longer than planned. So coming back to top to summarize before the excessive comments :)

SUMMARY: Kamoj addon 5.5b31 is MAGIC. Been almost full day and rock solid. Came from b27 with zero issues and gained performance. By far the smoothest, fastest and least difficult install of any version yet.

Kamoj... Below are more details and my sincere thank you and appreciation for the work you provide.

---

Every time I am ready to get a new Router... new Kamoj add-on version is so good it ruins everything :)

Installed 5.5b31 on R9000 and VERY NOTICIBLE improvement in UI responsiveness and overall network performance. In fact I installed 5.5b31 on R7800 that is hard wired as AP too and same UI improvement.

For the primary router (R9000)... ping times are lower... usually 25-26... now 23-24 (over course of 1 day so far). Pages listing attached devices load so much faster. Now able to run Aegis & Ad-Guard without router RAM use climbing up near 100% and needing reboot. (Had ditched Aegis for past 3-6 months... glad to have it back).

Kamoj... THANK YOU! I had stayed on b27 after trying one of the other updates then reading about Ad-Guard versions. I use Ad-Guard as DHCP server and didn't have time to work through potential issues. Yesterday saw b31 and looked like enough changes to give it a try and it is best version yet and really killed all thoughts of swapping out router.

FYI... I am not running typical setup... and fully aware of issues I have of my own doing but without the add-on I could not attempt let alone manage effectively my home network setup off 1 Router (R9000) and 1 AP (R7800). I have over 100 concurrently connected devices -- WAY ABOVE anything Netgear suggests should be possible. The majority of the devices are Amazon sketchy Tuya based IoT (Smart Home) devices. Though I do also have ~10 phones/tables, 15 laptops/computers, and ~20 VMs along with the 77 smart home devices (lights, air sensors, speakers... etc). On top of that I have terrible internet (AT&T U-Verse 50mbps - bonded 25x2 ADSL) which has high latency (~24ms).

I have all devices staying connected without any issues. Coverage for both 2.4 & 5 seems stronger than before but too early to know if that is persistent or just part of the normal flux given congestion in area... but voice commands for Google Home are faster, sustained download speeds are faster, normal SMB access on local network to files is faster, and amount of times devices not responding due to sheer number of devices on same subnet sharing mainly 2.4 GHz is much lower across literally everything.

I did not do anything special... and probablly was more risky than I could have been. Did not uninstall old add-on -- just backed up config to USB before I installed Voxel update and it killed the add-on after reboot.
Then ran uninstall (via Telnet) and it showed add-on not installed.
Used wget for b31 version to root of Router attached USB.
Installed b31 direct from USB and reboot.
After reboot went to turn on persistent Telnet and no need... EVERYTHING was exactly the same. (All previous settings persisted for add-on.)
I installed Aegis from the add-on but it went to the Router so uninstalled and reboot.
Installed Aegis manually to USB and it installed and was up much faster than it had in past.
Then walked every setting to confirm and everything was perfect.
80 devices with assigned IPs in Ad-Guard DHCP, all Ad-Guard known hosts remained configured, all Ad-Guard settings including pages of custom rules blocking/unblocking.

It is hard to believe the gap between the Netgear R9000 out of the box and what I have setup now. Out of the box I could not realistically host more than 65-70 devices and had non-stop performance issues using R7800 AP when trying to pull up any router page showing attached devices and had to keep access control disabled as well as dial down WiFi settings... and even then both ran HOT.

The add-on with Ad-Guard has let me scale up past 100 devices and improved LITERALLY every single performance related experience. R9000 never goes above 35% RAM, runs far cooler, and I routinely leave it running 30+ days without thinking about it... no more bi-daily reboots to keep internet working. The normal computer/laptop experience is also night & day as DNS no longer lagging no longer the indicator it's time to check router for max RAM use and reboot to fix. I was fully happy with things 2 days ago.

TODAY? It's like I did get new router and AP and all the fun short term performance improvements (until I push further to see where the new line is).

It looks like the clock on the death of my R9000 (router) & R7800 (AP) network has been once again reset for who knows how long.

THANK YOU! THANK YOU! THANK YOU!

One last rant... it is super irritating to read the occasional comment/complaint in the posts. If none of this worked (Voxel FW or Kamoj add-on) -- I would still be appreciative of unpaid developers putting in so much effort for no direct reward. Yet that is not the case -- this unpaid volunteer development work not only does work -- it takes what Netgear thinks is a production ready product and improves it so significantly it becomes an entirely new, better and upgraded product. That is brilliant, amazing and indescribably great and generous.

KAMOJ... ONCE AGAIN... A MILLION THANK YOUs!
 
This post turned into way longer than planned. So coming back to top to summarize before the excessive comments :)

SUMMARY: Kamoj addon 5.5b31 is MAGIC. Been almost full day and rock solid. Came from b27 with zero issues and gained performance. By far the smoothest, fastest and least difficult install of any version yet.

Kamoj... Below are more details and my sincere thank you and appreciation for the work you provide.

---

Every time I am ready to get a new Router... new Kamoj add-on version is so good it ruins everything :)

Installed 5.5b31 on R9000 and VERY NOTICIBLE improvement in UI responsiveness and overall network performance. In fact I installed 5.5b31 on R7800 that is hard wired as AP too and same UI improvement.

For the primary router (R9000)... ping times are lower... usually 25-26... now 23-24 (over course of 1 day so far). Pages listing attached devices load so much faster. Now able to run Aegis & Ad-Guard without router RAM use climbing up near 100% and needing reboot. (Had ditched Aegis for past 3-6 months... glad to have it back).

Kamoj... THANK YOU! I had stayed on b27 after trying one of the other updates then reading about Ad-Guard versions. I use Ad-Guard as DHCP server and didn't have time to work through potential issues. Yesterday saw b31 and looked like enough changes to give it a try and it is best version yet and really killed all thoughts of swapping out router.

FYI... I am not running typical setup... and fully aware of issues I have of my own doing but without the add-on I could not attempt let alone manage effectively my home network setup off 1 Router (R9000) and 1 AP (R7800). I have over 100 concurrently connected devices -- WAY ABOVE anything Netgear suggests should be possible. The majority of the devices are Amazon sketchy Tuya based IoT (Smart Home) devices. Though I do also have ~10 phones/tables, 15 laptops/computers, and ~20 VMs along with the 77 smart home devices (lights, air sensors, speakers... etc). On top of that I have terrible internet (AT&T U-Verse 50mbps - bonded 25x2 ADSL) which has high latency (~24ms).

I have all devices staying connected without any issues. Coverage for both 2.4 & 5 seems stronger than before but too early to know if that is persistent or just part of the normal flux given congestion in area... but voice commands for Google Home are faster, sustained download speeds are faster, normal SMB access on local network to files is faster, and amount of times devices not responding due to sheer number of devices on same subnet sharing mainly 2.4 GHz is much lower across literally everything.

I did not do anything special... and probablly was more risky than I could have been. Did not uninstall old add-on -- just backed up config to USB before I installed Voxel update and it killed the add-on after reboot.
Then ran uninstall (via Telnet) and it showed add-on not installed.
Used wget for b31 version to root of Router attached USB.
Installed b31 direct from USB and reboot.
After reboot went to turn on persistent Telnet and no need... EVERYTHING was exactly the same. (All previous settings persisted for add-on.)
I installed Aegis from the add-on but it went to the Router so uninstalled and reboot.
Installed Aegis manually to USB and it installed and was up much faster than it had in past.
Then walked every setting to confirm and everything was perfect.
80 devices with assigned IPs in Ad-Guard DHCP, all Ad-Guard known hosts remained configured, all Ad-Guard settings including pages of custom rules blocking/unblocking.

It is hard to believe the gap between the Netgear R9000 out of the box and what I have setup now. Out of the box I could not realistically host more than 65-70 devices and had non-stop performance issues using R7800 AP when trying to pull up any router page showing attached devices and had to keep access control disabled as well as dial down WiFi settings... and even then both ran HOT.

The add-on with Ad-Guard has let me scale up past 100 devices and improved LITERALLY every single performance related experience. R9000 never goes above 35% RAM, runs far cooler, and I routinely leave it running 30+ days without thinking about it... no more bi-daily reboots to keep internet working. The normal computer/laptop experience is also night & day as DNS no longer lagging no longer the indicator it's time to check router for max RAM use and reboot to fix. I was fully happy with things 2 days ago.

TODAY? It's like I did get new router and AP and all the fun short term performance improvements (until I push further to see where the new line is).

It looks like the clock on the death of my R9000 (router) & R7800 (AP) network has been once again reset for who knows how long.

THANK YOU! THANK YOU! THANK YOU!

One last rant... it is super irritating to read the occasional comment/complaint in the posts. If none of this worked (Voxel FW or Kamoj add-on) -- I would still be appreciative of unpaid developers putting in so much effort for no direct reward. Yet that is not the case -- this unpaid volunteer development work not only does work -- it takes what Netgear thinks is a production ready product and improves it so significantly it becomes an entirely new, better and upgraded product. That is brilliant, amazing and indescribably great and generous.

KAMOJ... ONCE AGAIN... A MILLION THANK YOUs!
Wow @Grantman ! 😄
Feedback like this make me really happy.
This and "likes" I get, keeps me going on developing the add-on.
Please let me know if there is any function you are missing, and I'll have a look at it.

Maybe I'll even make the addon fully public "soon", but I need some help with documentation.
I know much of the features are not easy to understand, and not described in the FAQ.txt, so there is need for some kind of better "manual",
or I'll be busy answering not so technical users, and have no time for development.

In many ways I feel exactly like you, these routers should be "nothing" without the @Voxel superb base firmware.
He has put years of work into this, and it's a shame that Netgear don't want to use his superior knowledge and due professional care.
The add-on would not exist without Voxels Firmware.
I would not own a Netgear router without @Voxel.

Please everyone, send him a lot of likes, and if you got "a spare dollar", go to his site and donate it.
He's worth it, and he will use it to all our bests interest..

Warm regards,
kamoj
 
Hello @kamoj, hello Everyone,
I'm taking this opportunity to describe my experience with the 5.5b31 addon and to try and be useful to the snb community.
Things I've observed with the latest version of kamoj's add-on:
  1. Options for customisation are second to none. Amazing job there.
  2. The speed and responsiveness of the addon pages is fantastic too. I really like the re-worked router info page, which is now integrated in the main Netgear website.
  3. Adguard addition is fantastic. I exported the custom settings to the usb I use for entware and so on, and copied it to kamoj's default folder and it works brilliantly.
  4. I've encountered a couple of minor inconveniences regarding external (WAN) ssh access: I used to have a script that would copy netwall.conf to /etc/ to open port 22, and created a cron job to update the DDNS from duckdns.org. Now those two things don't seem to work and I've had to manually add the port 22 line to the addon/settings 2 page and click "save and restart firewall(s)" and the cron task to the addon/settings page for it to work again. I may be missing something, but it'd be great to be able to automatise it when a new version is installed.
  5. The ram usage reported in the router info page does not match the ram usage reported by htop. Although... it does match the one reported by top so I guess htop is wrong.
Overall it is a superb improvement over the "vanilla" voxel's firmware, which is, of course, a massive upgrade over netgear's stock firmware. I'm really pleased that we have two heavyweight developers contributing to these not-so-new routers which make them significantly better than they'd ever dreamed of being. I personally never thought I was going to be using an early 2016 router as my main router in 2023.. :cool:
Thanks for allowing me the privilege of being a beta tester and keep up the great work!
Regards,
pintycar
 
Hello @kamoj, hello Everyone,
I'm taking this opportunity to describe my experience with the 5.5b31 addon and to try and be useful to the snb community.
Things I've observed with the latest version of kamoj's add-on:
  1. Options for customisation are second to none. Amazing job there.
  2. The speed and responsiveness of the addon pages is fantastic too. I really like the re-worked router info page, which is now integrated in the main Netgear website.
  3. Adguard addition is fantastic. I exported the custom settings to the usb I use for entware and so on, and copied it to kamoj's default folder and it works brilliantly.
  4. I've encountered a couple of minor inconveniences regarding external (WAN) ssh access: I used to have a script that would copy netwall.conf to /etc/ to open port 22, and created a cron job to update the DDNS from duckdns.org. Now those two things don't seem to work and I've had to manually add the port 22 line to the addon/settings 2 page and click "save and restart firewall(s)" and the cron task to the addon/settings page for it to work again. I may be missing something, but it'd be great to be able to automatise it when a new version is installed.
  5. The ram usage reported in the router info page does not match the ram usage reported by htop. Although... it does match the one reported by top so I guess htop is wrong.
Overall it is a superb improvement over the "vanilla" voxel's firmware, which is, of course, a massive upgrade over netgear's stock firmware. I'm really pleased that we have two heavyweight developers contributing to these not-so-new routers which make them significantly better than they'd ever dreamed of being. I personally never thought I was going to be using an early 2016 router as my main router in 2023.. :cool:
Thanks for allowing me the privilege of being a beta tester and keep up the great work!
Regards,
pintycar
Thank you very much @pintycar,
your experience is important for both @Voxel and me, and of course for the community!

I'd like to address your inconveniences in point 4:

The addon (and Voxel FW) still accepts /etc/netwall.conf.
The rules in it are added every time "net-wall rule" is run, e.g. at router boot.

The addon (and Voxel FW) still executes "/mnt/sdxx/autorun/scripts/post-mount.sh" at router boot.
So it is enough to add e.g. this to post-mount.sh:
Code:
echo "ACCEPT          net       fw            udp     9994" >/etc/netwall.conf
net-wall rule
You can add these lines to 'Kamoj Menu/Settings 2' instead - no need to create/modify post-mount.sh.

You don't leave any details on why your own cron job doesn't work, so I'll be brief here:
You can start your cron job using 'Kamoj Menu/Settings 2', or from post-mount.sh.
Here you can check if your cron job is running:
Kamoj Menu: System Information: cron jobs
(No need to install cron from Entware).

Again, many thanks for the feedback!

/kamoj
 
Hello Mr @kamoj
Quick question if I may. As you did see on my latest thread about the CPU consumption
I checked the setting "Disable Apple Filing Protocol (AFP) / Netatalk / Time Machine" but after a reboot, the box is unchecked. So I check it again, I guess AFP is then disabled but after a reboot, once more, it's on.
Is this behavior normal ?

Thanx for your feedback :)
 
That is not normal. :oops:
The fault is an nvram variable "noafp" that the addon uses to check at boot.
This variable is of some reason reset at boot.
I don't know where and why, so in next version the addon only uses a kamoj-variable.
Thank you for the report, very good feedback! :)
 
Changes in kamoj-addon beta version 2023-07-13 5.5b32
---------------------------------------------------------------
- Fixed the wrong status after reboot:
"Disable Apple Filing Protocol (AFP) / Netatalk / Time Machine" (@LeKeiser)
- Cleared up and corrected a number of bugs in code that mounts USB and SATA-devices at boot.
Booting and mounting should now also be faster.
(The hotplug2.mount code is a mess, still full of debugging code and is a disgrace for Netgear/DNI.)
(hotplug2.mount, cmdftp, detectSATA)
- Keep time stamp on OpenVPN and WireGuard configurations when copying from USB to router at boot.
- Don't overwrite newer OpenVPN and WireGuard configurations when copying from USB to router at boot.
- Merged the different settings for net-wall log
- Minor changes
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top