What's new

Padavan's Custom Firmware

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Can I assume then that Padavan is also safe since its also based on Asus' firmware?

Code:
BusyBox v1.22.1 (2014-09-22 01:25:36 MDT) built-in shell (ash)
Enter 'help' for a list of built-in commands.

/home/root # env x='() { :;}; echo vulnerable' sh -c "echo this is a test"
this is a test

/home/root # bash --version


BusyBox v1.22.1 (2014-09-22 01:25:36 MDT) built-in shell (ash)
Enter 'help' for a list of built-in commands.

Most embedded devices use busybox, which is not vulnerable.
 
Last edited:
Anyone know what Padavan is up to? We haven't had a firmware update in quite awhile now.

I was wondering the same thing. It looks like he has been quite busy working on the firmware but for whatever reasons he hasnt released any new versions.
 
Hey guys,

I have a question regarding iptables in padavan's firmware. I'm trying to do some redirect routing for DNS requests, something that on tomato or dd-wrt firmwares goes a little bit like this:

iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 192.168.1.1
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 192.168.1.1

I was wondering if there is a way to make these redirects using padavan's firmware. Firstly if it works at all, then if the interface is br0 for our routers as well, and third if this can be done in the form of a script that can be run at every boot.


Thanks.
 
You would have to experiment with the rules and I am not an expert in those to help you there unfortunately, but:

br0 is the main bridge interface:
Code:
brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.d850e695f421       no              eth2
                                                        ra0
                                                        rai0
where
eth2 = wired ports
ra0 = WiFi 5GHz
rai0 = WiFi 2.4GHz

You can execute the above command on boot:
Advanced Settings -> Customization -> Scripts -> Run After Firewall Rules Restarted

FYI: I did try it and all DNS stopped to function, so it must be close but not there yet ;)
 
You would have to experiment with the rules and I am not an expert in those to help you there unfortunately, but:

br0 is the main bridge interface:
Code:
brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.d850e695f421       no              eth2
                                                        ra0
                                                        rai0
where
eth2 = wired ports
ra0 = WiFi 5GHz
rai0 = WiFi 2.4GHz

You can execute the above command on boot:
Advanced Settings -> Customization -> Scripts -> Run After Firewall Rules Restarted

FYI: I did try it and all DNS stopped to function, so it must be close but not there yet ;)

Thanks for this, I'll give it a try. The ideea for the rules are to redirect all custom DNS requests (if an app has hardcoded google DNS for example) to use my routers DNS settings.

LE: I tried adding the lines in scripts but it seems that iptables -L does not show anything different. Will test and see if it actually did anything :)

LLE: It seems the commands need a bit of tweaking. The nat table for example doesn't seem to be there. I guess it's harder than I thought.
 
Last edited:
You would have to experiment with the rules and I am not an expert in those to help you there unfortunately, but:

br0 is the main bridge interface:
Code:
brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.d850e695f421       no              eth2
                                                        ra0
                                                        rai0
where
eth2 = wired ports
ra0 = WiFi 5GHz
rai0 = WiFi 2.4GHz

You can execute the above command on boot:
Advanced Settings -> Customization -> Scripts -> Run After Firewall Rules Restarted

FYI: I did try it and all DNS stopped to function, so it must be close but not there yet ;)

I've upgraded to the latest version of Padavan's firmware and added the lines to the location you pointed (with a minor adjustment) and everything worked. Thank you very much for your help.
 
I've upgraded to the latest version of Padavan's firmware and added the lines to the location you pointed (with a minor adjustment) and everything worked. Thank you very much for your help.
It would be nice if you posted the rule here so everybody could use it too.
 
It would be nice if you posted the rule here so everybody could use it too.

The end rules are:
Code:
iptables -t nat -A PREROUTING -i br0 -p udp --destination 8.8.8.8 --dport 53 -j DNAT --to <alternative DNS>
iptables -t nat -A PREROUTING -i br0 -p udp --destination 8.8.4.4 --dport 53 -j DNAT --to <alternative DNS>

The purpose of this rule is do redirect all Google DNS requests to an alternative DNS server. It's helpful if you are dealing with devices that have hardcoded DNS servers and you don't want to use said DNS settings for whatever reason.
 
Can anyone tell me how to disable the router acting as the DNS server with this firmware?

I keep getting this error when running a DNS benchmark:


aOaglf9.jpg


Would I just have the DHCP server assign the DNS servers to the LAN adapters?
 
Last edited:
Can anyone tell me how to disable the router acting as the DNS server with this firmware?

I keep getting this error when running a DNS benchmark:


aOaglf9.jpg


Would I just have the DHCP server assign the DNS servers to the LAN adapters?
Check under wan.

Sent from my Nexus 4
 
Can anyone tell me how to disable the router acting as the DNS server with this firmware?

I keep getting this error when running a DNS benchmark:

Would I just have the DHCP server assign the DNS servers to the LAN adapters?
OK, if you REALLY want to have each client to have assigned specific DNS servers.

Advanced settings
LAN
DNS and WINS server settings

From there you can enter up to 3 DNS servers and 1 WINS server (depending on your firmware version).

But in reality, you don't need to. As kalpik said, just go to:
Advanced settings
WAN
WAN DNS Settings.

From there you can either get your ISP's DNS servers automatically, or plug in your preferred DNS servers (Google, OpenDNS, etc.).

That warning is somewhat misleading, as in if your router can't do name resolution then you have something else a bit more serious wrong. Like your connection is down or the actual DNS server(s) are not available.

I prefer to have the router to do the work, because: Say for instance you find that the DNS servers you like are down or misconfigured or just plain horked. Just pop into the router, change the DNS servers in the WAN settings and go.

If you put the custom DNS servers in the LAN DHCP settings, then you have to go there, make the change, and then go to EACH client and do an ipconfig /release, /renew (or reboot each client, your choice). A lot more work in my opinion.
 
Just ignore this bogus warning. Using your router as the DNS server will allow you to use its caching capabilities, which will actually increase performance, versus directly using the ISP's servers.

Another reason why those DNS benchmark "tools" are totally useless and misleading.
 
upgrade from ASUS to Padavan, no internet connection

I upgraded from the most recent ASUS firmware to the most recent Padavan Base firmware and after I changed the SSID and passwords, even before I changed them, i could connect to the network, but there was no internet access granted for LAN or WAN.

I messed with some things and still nothing worked. I can't find anything about it not working for anyone else, so I find this very strange.

I can't even revert back to the old ASUS firmware because even if it's in recovery mode the ASUS Utility won't pick up the router saying it isn't in recovery mode.

Any suggestions on how I can gain my internet access back with the LAN/WAN, or perhaps revert back to the old ASUS firmware? I did not back anything up as I didn't know it was possible until after I already upgraded to the Padavan Firmware.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top