What's new

[Release 380] Asuswrt-Merlin 380.69 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

This is gonna be long, so please bear with me.

I have a strange problem. I have three routers (2xRT-AC68U, and Netgear R7000). As short form I’ll reference them as following:

- The two RT-AC68U routers “were originally T-Mobile and now they have Asus-merlin installed”, will be router A and router B respectively.

- The R7000 will be router C.


Router A, has merlin v 380.67 installed right now. This router is the main router connected to my ISP modem. I have disabled all Wi-Fi functionality in this router because I just needed the management part in it with Asus-Merlin.

Router C, running its original firmware V1.0.9.6_1.2.19, is connected to Router A via ethernet and it acts as an AP. I needed this as AP due to the amazing and solid wireless performance with this beast.

Router B, running Asuswrt-Merlin John’s fork 374.43 LTS (V29E2), connected to Router C wirelessly via 5GHz band and it act as a repeater. I had no way of running wire to other rooms, so I am using this one as a repeater to extended the connectivity. In addition to overclocking the cpu I have boosted te wifi power to 500mw. And I have NEVER experienced any wireless issue whatsoever.

My main PC is connected via Cat6 to Router B. Internet speed test is awesome, hands down, no complaint. I am ALWAYS getting the advertised speed 100MB, and sometimes more.

I have an external USB 3 HDD connected to the USB-3 port on Router A, which the main one.

Router A and router B are overclocked to 1400 MHz with active cooling attached via the usb-2 port in each router. The temp in both routers never went above 60f with heavy loading (streaming online, watching movies, via my AFTV, stored on the USB3 HDD…etc).

I have enabled Adaptive QoS on the main router, using FreshJR’s script v1.92 with fd_codel.


Now, the issue……until merlin v380.67, read/write speed from my main PC to the USB-3 HDD is described as following:

- Before I got into the QoS thing, read speed was 70mb+ and write speed 55mb-60mb all the times.

- After enabling Adaptive QoS write speed is 40mb-45mb, read speed is 45mb-50mb. This is totally fine with me after the improvement I gained in traffic prioritization, especially while streaming and someone else is using VOIP services.

Two weeks ago, I pulled the plug and updated the main router “router A” to merlin 380.69. The only thing that I cared about and tested was read/write to the USB-3 HDD attached to the main router “router A”. I didn’t even enable any feature like QoS, the read and write speed dropped drastically to 25-29 read, and 20-23 write. I made sure that “reduce usb3 interference” is NOT enabled. Of course, I did the basics restored to factory defaults and cleared nvram then apply basic router config for internet connectivity with my ISP, without any improvement at all. I even saved a copy of the setting while I was on 380.67, which I don’t like and never did before, then uploaded to router A after updating to 380.69 and still no improvement. I went ahead and downgraded to 380.68_4, 380.68_2, and 380.68 (after each process I made sure to clear nvram and restore to defaults) and same read/write to usb3 hdd attached to router A issue still exists.

Now, I am running 380.67 on router A and read/write speed is normal as I mentioned earlier.

Any help/input/advice will be appreciated.

Thank you!!

Edit: I even tried other PCs and different OSs...same result.
 
This is gonna be long, so please bear with me.

I have a strange problem. I have three routers (2xRT-AC68U, and Netgear R7000). As short form I’ll reference them as following:

- The two RT-AC68U routers “were originally T-Mobile and now they have Asus-merlin installed”, will be router A and router B respectively.

- The R7000 will be router C.


Router A, has merlin v 380.67 installed right now. This router is the main router connected to my ISP modem. I have disabled all Wi-Fi functionality in this router because I just needed the management part in it with Asus-Merlin.

Router C, running its original firmware V1.0.9.6_1.2.19, is connected to Router A via ethernet and it acts as an AP. I needed this as AP due to the amazing and solid wireless performance with this beast.

Router B, running Asuswrt-Merlin John’s fork 374.43 LTS (V29E2), connected to Router C wirelessly via 5GHz band and it act as a repeater. I had no way of running wire to other rooms, so I am using this one as a repeater to extended the connectivity. In addition to overclocking the cpu I have boosted te wifi power to 500mw. And I have NEVER experienced any wireless issue whatsoever.

My main PC is connected via Cat6 to Router B. Internet speed test is awesome, hands down, no complaint. I am ALWAYS getting the advertised speed 100MB, and sometimes more.

I have an external USB 3 HDD connected to the USB-3 port on Router A, which the main one.

Router A and router B are overclocked to 1400 MHz with active cooling attached via the usb-2 port in each router. The temp in both routers never went above 60f with heavy loading (streaming online, watching movies, via my AFTV, stored on the USB3 HDD…etc).

I have enabled Adaptive QoS on the main router, using FreshJR’s script v1.92 with fd_codel.


Now, the issue……until merlin v380.67, read/write speed from my main PC to the USB-3 HDD is described as following:

- Before I got into the QoS thing, read speed was 70mb+ and write speed 55mb-60mb all the times.

- After enabling Adaptive QoS write speed is 40mb-45mb, read speed is 45mb-50mb. This is totally fine with me after the improvement I gained in traffic prioritization, especially while streaming and someone else is using VOIP services.

Two weeks ago, I pulled the plug and updated the main router “router A” to merlin 380.69. The only thing that I cared about and tested was read/write to the USB-3 HDD attached to the main router “router A”. I didn’t even enable any feature like QoS, the read and write speed dropped drastically to 25-29 read, and 20-23 write. I made sure that “reduce usb3 interference” is NOT enabled. Of course, I did the basics restored to factory defaults and cleared nvram then apply basic router config for internet connectivity with my ISP, without any improvement at all. I even saved a copy of the setting while I was on 380.67, which I don’t like and never did before, then uploaded to router A after updating to 380.69 and still no improvement. I went ahead and downgraded to 380.68_4, 380.68_2, and 380.68 (after each process I made sure to clear nvram and restore to defaults) and same read/write to usb3 hdd attached to router A issue still exists.

Now, I am running 380.67 on router A and read/write speed is normal as I mentioned earlier.

Any help/input/advice will be appreciated.

Thank you!!

Edit: I even tried other PCs and different OSs...same result.


Anyone??
 
This is gonna be long, so please bear with me.

I have a strange problem. I have three routers (2xRT-AC68U, and Netgear R7000). As short form I’ll reference them as following:

- The two RT-AC68U routers “were originally T-Mobile and now they have Asus-merlin installed”, will be router A and router B respectively.

- The R7000 will be router C.


Router A, has merlin v 380.67 installed right now. This router is the main router connected to my ISP modem. I have disabled all Wi-Fi functionality in this router because I just needed the management part in it with Asus-Merlin.

Router C, running its original firmware V1.0.9.6_1.2.19, is connected to Router A via ethernet and it acts as an AP. I needed this as AP due to the amazing and solid wireless performance with this beast.

Router B, running Asuswrt-Merlin John’s fork 374.43 LTS (V29E2), connected to Router C wirelessly via 5GHz band and it act as a repeater. I had no way of running wire to other rooms, so I am using this one as a repeater to extended the connectivity. In addition to overclocking the cpu I have boosted te wifi power to 500mw. And I have NEVER experienced any wireless issue whatsoever.

My main PC is connected via Cat6 to Router B. Internet speed test is awesome, hands down, no complaint. I am ALWAYS getting the advertised speed 100MB, and sometimes more.

I have an external USB 3 HDD connected to the USB-3 port on Router A, which the main one.

Router A and router B are overclocked to 1400 MHz with active cooling attached via the usb-2 port in each router. The temp in both routers never went above 60f with heavy loading (streaming online, watching movies, via my AFTV, stored on the USB3 HDD…etc).

I have enabled Adaptive QoS on the main router, using FreshJR’s script v1.92 with fd_codel.


Now, the issue……until merlin v380.67, read/write speed from my main PC to the USB-3 HDD is described as following:

- Before I got into the QoS thing, read speed was 70mb+ and write speed 55mb-60mb all the times.

- After enabling Adaptive QoS write speed is 40mb-45mb, read speed is 45mb-50mb. This is totally fine with me after the improvement I gained in traffic prioritization, especially while streaming and someone else is using VOIP services.

Two weeks ago, I pulled the plug and updated the main router “router A” to merlin 380.69. The only thing that I cared about and tested was read/write to the USB-3 HDD attached to the main router “router A”. I didn’t even enable any feature like QoS, the read and write speed dropped drastically to 25-29 read, and 20-23 write. I made sure that “reduce usb3 interference” is NOT enabled. Of course, I did the basics restored to factory defaults and cleared nvram then apply basic router config for internet connectivity with my ISP, without any improvement at all. I even saved a copy of the setting while I was on 380.67, which I don’t like and never did before, then uploaded to router A after updating to 380.69 and still no improvement. I went ahead and downgraded to 380.68_4, 380.68_2, and 380.68 (after each process I made sure to clear nvram and restore to defaults) and same read/write to usb3 hdd attached to router A issue still exists.

Now, I am running 380.67 on router A and read/write speed is normal as I mentioned earlier.

Any help/input/advice will be appreciated.

Thank you!!

Edit: I even tried other PCs and different OSs...same result.

Clarity, did you after the factory reset configure the device from scratch or did you simply upload an old configuration? If you uploaded suggest you default to factory and config from scratch never upload config from old firmware as you are simply loading old variables. Also you may want to try the 382.2 beta2 and see if that makes any difference.
 
Clarity, did you after the factory reset configure the device from scratch or did you simply upload an old configuration? If you uploaded suggest you default to factory and config from scratch never upload config from old firmware as you are simply loading old variables. Also you may want to try the 382.2 beta2 and see if that makes any difference.

I DID do factory rest and that didn't help. Also, I mentioned that I don't like, and never will, upload old config...but as I was hopeless and did that when everything else failed. Now, I have 380.67 on router A with a clean fresh config which I redid config the router from scratch.
 
I DID do factory rest and that didn't help. Also, I mentioned that I don't like, and never will, upload old config...but as I was hopeless and did that when everything else failed. Now, I have 380.67 on router A with a clean fresh config which I redid config the router from scratch.

I guess this will be a trail and error, try 380.68, also the 382 code, if results are not desirable. You have to decide what is more important security enhancements vs. functionality e.g speed.
 
thank you for this release, I was on your 382.1x release and wifi was very unstable, is this using the same wifi driver?
 
I finally solved the frequent crashes of my AC-RT68U (post #175) by flashing the latest greatest Asus stock firmware for my router (3.0.0.4.384_10007). I didn't try Merlin 382.2-Beta2 which may also have solved it. It is nice to have some stability back again and see what stock looks like these days. Although I do miss some features that I took for granted now! :)
 
Hey guys. I tried installing this twice to my RT-AC3200, neither time it worked. I had to use the recovery utility to reinstall the ASUS firmware. I even tried the prior version (380.68-4) and it didn't work either.

Basically, I'd install it, the asus control panel page would tell me to reset the router after communicating a successful upgrade, and it seemed like it would never boot up. Never got an IP, tried setting a static, didn't work. It's almost like it would hang on bootup and never fully turn on. Then, after a few minutes it would reset itself and do it all over again. One thing I noticed is the WAN light never turned red.

I'm back on the original ASUS firmware now. Open to any suggestions anyone may have.

Thanks!
 
I'm back on the original ASUS firmware now. Open to any suggestions anyone may have.
Maybe the procedure described here will help - basically you need to "clean"/factory reset the router before the update process and follow the rest also afterwards.
 
Hi,
Sorry, my English isn't very well.
I have Asus RT56U on 380.59 (Merlin), now 380.69 - it's the same problem. My net topology is: 2 pre-routers (3G) connected into 1 switch and Asus-Merlin (with 2 WAN's) connected into the same switch (WAN1 via 1-st pre-router & WAN2 via 2-nd pre-router & balancing WAN's). It's work. I need some home DNS IP's. So, I set DNS with home IP's on 1-st & 2-nd pre-routers. And now it's work so, that LAN IP's which are routed via Asus master WAN (WAN1) they read DNS on pre-routers and correctly recognize home adresses, but LAN IP's which are routed via second Asus WAN (WAN2) they not read pre-router's DNS. They read some outside (?) DNS and read not correctly DNS home IP's.
How to solve it ? I need: some laptops - if they are plugged into the home network they connect directly to home IP, and when I'm on the go, they connect via external links (on the same domain name)
E.g.:
- if laptop is connected into home LAN I need DNS answer of www.domain1.com -> 192.168.1.40
- if laptop is connected outside my home I need DNS answer of www.domain1.com -> 80.15.25.100
of course, I have an external DNS server

As I can see, Asus-Merlin is unable to set & enter his own private DNS?
 
Last edited:
Why not? 95% of my firmware flashing is done over Wifi, as I mostly do my development from my laptop.



Run "top" over SSH to determine which process is using your CPU. Most common causes are the DLNA media server scanning plugged USB disks.
You are absolutely correct. I had to disable DLNA and now the 2 cores are stable.
Thank you so much.
 
No one will help ?
is it possible to set the resolving sequence to Asuswrt-Merlin?
hosts file - first
outer dns - second?

e. g. in linux:

"order hosts, bind"

?
 
No one will help ?
is it possible to set the resolving sequence to Asuswrt-Merlin?
hosts file - first
outer dns - second?

e. g. in linux:

"order hosts, bind"

?
You can do it, I using the same scenario. Just use jffs partition and add there hosts.add file under configs directory and records in hosts.add file will be automatically added into the router hosts file.

Sent from my SM-G930F using Tapatalk
 
@RMerlin I hope you had some responsible disclosure by the reporter for this new cve (cve-2018-5721) I'm seeing. surprised you are just updating the (github) code for 380 right now.

were they responsible? I couldn't find any report here on the forums.
 
Last edited:
@RMerlin I hope you had some responsible disclosure by the reporter for this new cve (cve-2018-5721) I'm seeing. surprised you are just updating the (github) code for 380 right now.

were they responsible? I couldn't find any report here on the forums.

Today's merge is unrelated to that particular CVE, it's for a different security issue that was reported to Asus in the past, and already resolved in GPL 384_10007. I'm remaining vague on purpose for now.

No idea if Asus were contacted about that new CVE. I was forwarded the link by a user earlier today, so it was the first I heard about it myself. I forwarded the info to Asus, along with a potential patch I developed this afternoon with another developer. That patch hasn't been committed to Github yet as we haven't had a chance to actually test it.

So no, despite the fact the author refers to my firmware by name, I was never contacted about it.

And the issue is also present in stock firmware, it's not specific to mine.
 
Last edited:
And the issue is also present in stock firmware, it's not specific to mine.
And although the code is different now, it's also there back to my LTS fork (although harder to hit). I wrote a fix today for my fork.

EDIT: Also note that the first step for that CVE is be logged in to the gui.....so to be exploited you already have to be compromised.
 
So no, despite the fact the author refers to my firmware by name, I was never contacted about it.

And the issue is also present in stock firmware, it's not specific to mine.

Email cve@mitre.org and request a change to the CVE. Irresponsible on the author's part to publish without contacting you or ASUS or determining that ASUS has the issue also (lazy as well).
 
Email cve@mitre.org and request a change to the CVE. Irresponsible on the author's part to publish without contacting you or ASUS or determining that ASUS has the issue also (lazy as well).

No point at this time, there's a blog post from someone else with the details. Another one more interested in being famous than in making the Internet more secure. Par for the course...
 
CVE-2018-5721
Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS routers (when using software from https://github.com/RMerl/asuswrt-merlin) allows web authenticated attackers to execute code via a request that updates a setting. In ej_update_variables, the length of the variable action_script is not checked, as long as it includes a "_wan_if" substring.
Published: January 17, 2018; 01:29:00 AM -05:00

CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
Published: January 22, 2018; 03:29:00 PM -05:00

CVE-2018-6000
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
Published: January 22, 2018; 03:29:00 PM -05:00
 
Last edited:
Hello. Unfortunately yesterday evening in the upgrade seemed to be all right, but this morning I find myself with my rt-n66u that disconnects every 2/3 minutes. To restore I had to install the official firmware 3.0.0.4.380_8120
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top