[Release] Asuswrt-Merlin 380.68 is available
- Thread starter RMerlin
- Start date
I would like to report BUG regarding "Specified IP and SSH"
I am using Specified IP address field to restrict access from WAN
however, what is the purpose of SSH if it doesn't do something ?
if you select LAN Only it is closed to Specific IPs, that are allowed and coming from WAN
if you select LAN + WAN it is open to all IP Addresses, not only Specific IPs listed above
the question is, how to allow only specific IPs to access SSH on Asus Merlin from WAN ?
I have tried this, it doesn't work:
iptables -I INPUT -i eth0 -s X.X.X.X -p tcp --dport 22 -j ACCEPT
regarding this topic, is there an option to use HTTP&HTTPS access, but to allow ONLY HTTPS from WAN - Internet (allow HTTPS traffic on port 8443, deny HTTP traffic on port 8080) and allow HTTPS WAN access only for specific IP addresses
I guess some iptables magic is required there, and I guess I am not the only one looking how to get this done.
I am using Specified IP address field to restrict access from WAN
however, what is the purpose of SSH if it doesn't do something ?
if you select LAN Only it is closed to Specific IPs, that are allowed and coming from WAN
if you select LAN + WAN it is open to all IP Addresses, not only Specific IPs listed above
the question is, how to allow only specific IPs to access SSH on Asus Merlin from WAN ?
I have tried this, it doesn't work:
iptables -I INPUT -i eth0 -s X.X.X.X -p tcp --dport 22 -j ACCEPT
regarding this topic, is there an option to use HTTP&HTTPS access, but to allow ONLY HTTPS from WAN - Internet (allow HTTPS traffic on port 8443, deny HTTP traffic on port 8080) and allow HTTPS WAN access only for specific IP addresses
I guess some iptables magic is required there, and I guess I am not the only one looking how to get this done.
Last edited:
visortgw
Very Senior Member
Restrict to LAN only, and use VPN to access from WAN -- much safer. Do not leave web access open from WAN, period -- again use VPN tunnel.I would like to report BUG regarding "Specified IP and SSH"
I am using Specified IP address field to restrict access from WAN
however, what is the purpose of SSH if it doesn't do something ?
if you select LAN Only it is closed to Specific IPs, that are allowed and coming from WAN
if you select LAN + WAN it is open to all IP Addresses, not only Specific IPs listed above
the question is, how to allow only specific IPs to access SSH on Asus Merlin from WAN ?
I have tried this, it doesn't work:
iptables -I INPUT -i eth0 -s X.X.X.X -p tcp --dport 22 -j ACCEPT
regarding this topic, is there an option to use HTTP&HTTPS access, but to allow ONLY HTTPS from WAN - Internet (allow HTTPS traffic on port 8443, deny HTTP traffic on port 8080) and allow HTTPS WAN access only for specific IP addresses
I guess some iptables magic is required there, and I guess I am not the only one looking how to get this done.
Hunny Puppy
Occasional Visitor
My 2 cents on this, it appears to be related to the netfilter module in the linux kernel or possibly the USB module. Do you have a lot of open connections and/or IP filter rules defined or a USB storage attached? Try reducing the maximum number of connections per torrent/overall in your BT client to say 200 and see if that resolves the issue. If you have IPv6 enabled, try disabling it and see if it makes any difference. Very difficult to debug kernel panics without a full stack trace and possibly reproducing it.
Ignitionnet
New Around Here
This is interesting. Did the upgrade with an AC87U in AP mode, hit some management issues after so factory reset the device, and reconfigured with the previous configuration, bar leaving it in router mode.
2.4 GHz network is fine, 5 GHz network no longer passes traffic properly. Pings get through but not much else - connection to router GUI is fine, onwards to Internet broken.
It's configured with a static WAN IP address in an RFC1918 network, non-NAT, MTU is set as 1492 which matches the ISP, and it's very odd that all works fine on 2.4 GHz but not 5 GHz, I'd have thought they'd both use the same routing plane.
2.4 GHz network is fine, 5 GHz network no longer passes traffic properly. Pings get through but not much else - connection to router GUI is fine, onwards to Internet broken.
It's configured with a static WAN IP address in an RFC1918 network, non-NAT, MTU is set as 1492 which matches the ISP, and it's very odd that all works fine on 2.4 GHz but not 5 GHz, I'd have thought they'd both use the same routing plane.
P
Pir8pete
Guest
yeah it's odd guys I don't know whats actually making my 1900P's reboot when torrenting . As a temp solution I had to switch back to factory for now, so ppl in the house don't freak out cuz they keep losing connection
Last edited by a moderator:
P
Pir8pete
Guest
I just have a usb with AB-solutions on it running.
I do have IPv6 enabled
i have 100 max connections pre torrent
I switched to qbittorrent but same issue, not like what progy would make a diff.
just odd that the newest asus factory fw has no issue's with torrenting
uwish
Occasional Visitor
after flashing to the latest version, I seem to have lost the ability to connect to the router's web gui using say 192.168.1.1 for example. I thought it was just a browser issue, so I tried it in explorer, chrome and then on my AP what was also flashed with the _2 version...I get the same result....anyone else?
The connection just fails, I have other hardware with web based GUI's in the 192.168.x.x domain on my network and can connect to all of them, just not my router or AP....
The connection just fails, I have other hardware with web based GUI's in the 192.168.x.x domain on my network and can connect to all of them, just not my router or AP....
Last edited:
KnightRider
Regular Contributor
Did you try unplugging the router, remove it from the outlet, let it clear. I would give it a few minutes and see if that helps. If not, try ssh and check to see the http/httpd are listening. Weird issue, if all fails you may have to reset to factory.
Good luck
After 9 days of uptime, I have a 93% of memory usage. I've tried to see memory usage per process (with top, it does not show any memory info) but I was unable to do that, I don't know how 
.
cat /proc/meminfo
MemTotal: 515304 kB
MemFree: 36476 kB
Buffers: 2244 kB
Cached: 11704 kB
SwapCached: 0 kB
Active: 22140 kB
Inactive: 9028 kB
Active(anon): 18260 kB
Inactive(anon): 588 kB
Active(file): 3880 kB
Inactive(file): 8440 kB
Unevictable: 0 kB
Mlocked: 0 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 17228 kB
Mapped: 6920 kB
Shmem: 1628 kB
Slab: 391540 kB
SReclaimable: 864 kB
SUnreclaim: 390676 kB
KernelStack: 752 kB
PageTables: 932 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 257652 kB
Committed_AS: 32588 kB
VmallocTotal: 1302528 kB
VmallocUsed: 43576 kB
VmallocChunk: 1211288 kB
Free -m
total used free shared buffers cached
Mem: 515304 478744 36560 0 2300 11820
-/+ buffers/cache: 464624 50680
Swap: 0 0 0
I don’t know if it is a normal behaviour but It is weird to me. It is a RT-AC5300
.cat /proc/meminfo
MemTotal: 515304 kB
MemFree: 36476 kB
Buffers: 2244 kB
Cached: 11704 kB
SwapCached: 0 kB
Active: 22140 kB
Inactive: 9028 kB
Active(anon): 18260 kB
Inactive(anon): 588 kB
Active(file): 3880 kB
Inactive(file): 8440 kB
Unevictable: 0 kB
Mlocked: 0 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 17228 kB
Mapped: 6920 kB
Shmem: 1628 kB
Slab: 391540 kB
SReclaimable: 864 kB
SUnreclaim: 390676 kB
KernelStack: 752 kB
PageTables: 932 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 257652 kB
Committed_AS: 32588 kB
VmallocTotal: 1302528 kB
VmallocUsed: 43576 kB
VmallocChunk: 1211288 kB
Free -m
total used free shared buffers cached
Mem: 515304 478744 36560 0 2300 11820
-/+ buffers/cache: 464624 50680
Swap: 0 0 0
I don’t know if it is a normal behaviour but It is weird to me. It is a RT-AC5300
Attachments
After 9 days of uptime, I have a 93% of memory usage. I've tried to see memory usage per process (with top, it does not show any memory info) but I was unable to do that, I don't know how
cat /proc/meminfo
MemTotal: 515304 kB
MemFree: 36476 kB
Buffers: 2244 kB
Cached: 11704 kB
SwapCached: 0 kB
Active: 22140 kB
Inactive: 9028 kB
Active(anon): 18260 kB
Inactive(anon): 588 kB
Active(file): 3880 kB
Inactive(file): 8440 kB
Unevictable: 0 kB
Mlocked: 0 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 17228 kB
Mapped: 6920 kB
Shmem: 1628 kB
Slab: 391540 kB
SReclaimable: 864 kB
SUnreclaim: 390676 kB
KernelStack: 752 kB
PageTables: 932 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 257652 kB
Committed_AS: 32588 kB
VmallocTotal: 1302528 kB
VmallocUsed: 43576 kB
VmallocChunk: 1211288 kB
Free -m
total used free shared buffers cached
Mem: 515304 478744 36560 0 2300 11820
-/+ buffers/cache: 464624 50680
Swap: 0 0 0
I don’t know if it is a normal behaviour but It is weird to me. It is a RT-AC5300
RT-Ac5300
I have seen tthe same in all versions of Merlin 380-68. That's my initial version. I believe at one time the router hung and needed power restart. As I need this router to run unattended, I have set it to reboot after 7 days. Trialing that now. Otherwise RAM consumption increases daily. I have tried factory reset and restore settings using excellent nvram tool. Still RAM increases. I have about 50 clients, 2/3 are wifi with 5 on the 5GHZ bands and the rest 2.4Ghz.
Wondering if a garbage collection will kick in after 90% or so or I'll just run out of ram and die?
cheers,
Last edited:
RamGuy
Senior Member
I had the same issue. I have file/torrentserver and it would kill my RT-AC5300 running 380.68_2. I'm not entirely sure what caused the issues, I recently enabled both Adaptive QoS (fq-codel, streaming preset) and installed AB-Solution and decided to disable QoS and remove AB-solutions and then it worked again. So not entirely sure if it was AB-Solutions or Adaptive QoS doing it.
falloutman
New Around Here
I am also seeing the same thing. WIFI is slowwww
falloutman
New Around Here
Seems to be disabled by default
brummygit
Very Senior Member
I reverted to 380.68 and have had a stable router for over 5 days using the same configuration. I can’t see anything remotely suspicious in the change log for _2 but it seems to be where my problems have started.
Sent from my iPhone using Tapatalk
Similar threads
- Locked
Similar threads
Similar threads
-
-
-
-
Release Asuswrt-Merlin 3006.102.2 is now available for Wifi 7 devices
- Started by RMerlin
- Replies: 28
-
Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14
- Started by B0GDAN
- Replies: 1
-
Several Questions Re:Asuswrt-Merlin Feature Implementation
- Started by fenixreign
- Replies: 2
-
-
Beta Asuswrt-Merlin 3006.102.2 Beta is now available for Wifi 7 devices
- Started by RMerlin
- Replies: 70
-
-
Latest threads
-
-
ASUS RT-AC86U Firmware version 3.0.0.4.386_51955 (2024/11/08)
- Started by lepicane
- Replies: 0
-
iPhone 16 Pro w/ GT-Be98 Pro & BQ16
- Started by Jadehsn
- Replies: 0
-
-
Release ASUS ZenWiFi Pro ET12 Firmware version 3.0.0.4.З88_24610 (2024/11/08)- Started by rudoyeugene
- Replies: 0
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!