[Fork] FreshTomato-MIPS

Discussion in 'Tomato Firmware' started by kille72, Apr 26, 2018.

  1. Beast

    Beast Network Guru Member

    Sorry to ask again, but I can't figure out which firmware is made for the Asus RT-N16. Could someone please point out the correct version for me.

    I see the router names in the firmware name just not one for the "Asus RT-N16".
     
  2. Monk E. Boy

    Monk E. Boy Network Guru Member

    N16s are MIPSR2 CPUs and can use either RT or RT-N drivers.

    It looks like pedro's only building RT-N so you could use one of the freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta builds. For example freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta-VPN.zip, freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta-Mega-VPN.zip, freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta-AIO.zip. You should stay away from named builds like the one for the N53 and, well, I don't know what BT VPN is.

    There's almost never been a named version of the firmware for N12s or N16s with Tomato. The named versions came into being for special one-off firmwares needed for oddball routers like the E2500, N53, etc. that required a unique build to work around their hardware.

    For example, if I wanted to put this on an N12 I would go with freshtomato-K26_RT-N5x-MIPSR2-2018.1.066-beta-Mini.zip since the N12 lacks USB ports, uses RT-N drivers (at least the N12B1 & up), uses a MIPSR2 CPU, and only has 8MB of flash. N16 has USB ports and 32MB of flash, which is why there's a greater variety of firmwares available for it. Though I once flashed a non-USB build onto an N16... worked fine until I went looking for the USB ports.
     
    kylejustknows and koitsu like this.
  3. kylejustknows

    kylejustknows Serious Server Member

    Wow thats thoughtful.

    BTW, a week tested, this firmware is better than shibby's regarding many aspects. (RT-N66U)I noticed that it has:
    Less gaming ping spike (UDP packets loss/congestion)
    Very little but 15ms lower ping in game. (I played the same game for years on same router so I am certain)
    Less errors in log
    Less devices freezes in heavy uses like BL for 30 users + transmission downloading.

    The only downside is the graphic of bandwidth usage is not showing. Other than that, no glitch is found.

    Thank OP for bring in such a nice firmware.
     
  4. NutsN'bolts

    NutsN'bolts Network Newbie Member

    Is someone able to awnser my question about ebtables ?
    Is it included in the latest beta ??
     
  5. nisarg86

    nisarg86 Network Guru Member

    Thank you killer and pedro for reviving old routers. I flashed it on RT-N16 and its been working perfectly except bandwidth graph.

    Any way to correct this ?
     
  6. Aardvark

    Aardvark Serious Server Member

    Regarding the issue a number of people (myself included) have recently had when attempting to build the AIO version of the firmware and the ensuing errors ...

    I downloaded the zip repo directly instead of using git clone (step 10 of the building instructions), and what do you know -- it successfully compiled. I then tried the same with kille72's ARM repo (which had similar build errors), and it too compiled successfully. The cloned versions still will not compile the AIO builds successfully.

    Now I will be the first to admit that I am a noob when it comes to building the firmware (just started this week), but what is the difference between git cloning the repo, and downloading the zip archive? Isn't the archive (theoretically) the same as the clone?
     
  7. Beast

    Beast Network Guru Member

    Thanks, for explaining the nameing of these files. That cleared it up for me.
     
  8. EpsilonX

    EpsilonX LI Guru Member

    So...
    Tried freshtomato-K26USB_RT-N5x-MIPSR2-2018.1.066-beta-VPN.trx for my RT-N15U, didn't fit slightly too large...
    Tried compiling latest repo, "make r2e" creates a smaller file than what I downloaded (7.58 MB vs 7.96 MB)...
    Pretty sure that's wrong, well I go ahead and flashed it anyway...
    As expected, bricked the router :D...
    Thankfully this router is easily recoverable...
    Care to share something similar with the problem I had..?
     
  9. Sean B.

    Sean B. LI Guru Member

    Finally had some time to mess with my old E3000. Was able to unbrick it via serial and flash in my build of freshtomato. It boots fine and appears to function as it should. Haven't tested it out much as I had to desolder the WAN port for the serial connection, but I can at least confirm the firmware boots fine on an E3000.
     
    pharma, Monk E. Boy and kille72 like this.
  10. pedro311

    pedro311 Serious Server Member

    Add. Available in next beta, probably end of next week.
     
    pharma and Monk E. Boy like this.
  11. EpsilonX

    EpsilonX LI Guru Member

    Issues. apparently QoS is not working...
    It classifies correctly, but set no limit whatsoever...
    Tried limiting Inbound to 1000kbps, speedtest still full speed... :(
     
  12. pedro311

    pedro311 Serious Server Member

    The new FreshTomato 2018.3.006-beta MIPS is ready. See OP for full changelog and more info.
    Happy testing!

    Best Regards,
    FreshTomato team

    PS. I am aware, that some of the images are too big due to the "growth" of the packages (I can't do anything with that). Please report to me, I will try to build smaller images (if possible at all), omitting not needed packages.

    PPS. Donations are (very) welcome ;)
     
    Last edited: Jun 1, 2018
    Elfew, kille72, Wolfgan and 1 other person like this.
  13. WildFireSG

    WildFireSG Addicted to LI Member

    Nice! Question: what is "See OP" for full changelog?
     
  14. Beast

    Beast Network Guru Member

    I think OP=orginal post/poster. That would be the first post on page 1. There is a link to the log files explaining the changes made tot he new version of the firmware since the last one.
     
    Last edited: Jun 2, 2018
    WildFireSG and kille72 like this.
  15. pedro311

    pedro311 Serious Server Member

    Exactly.
     
  16. pedro311

    pedro311 Serious Server Member

    Try new beta - should works.
     
    Monk E. Boy, pharma and Goggy like this.
  17. txnative

    txnative Networkin' Nut Member

    Screenshot_time.png Screenshot_qos.png Using the freshtomato-E3200USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.bin. Done usual install cleared nvram before and installed freshtomato-E3200USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.bin, noticed three problems, the first was Qos with this written in bold letters, although it may not have impacted my settings as I ran a few bufferbloat tests and a few ping tests while stressing my both dl and ul in which was nothing wrong in my settings. However I don't recall seeing that message before? Second: The NTP time server is missing as shown. Third: All macaddr's are still showing 00:16:B6 as to previous versions of Tomato using original Linksys mac addresses.
     
  18. pedro311

    pedro311 Serious Server Member

    This is just info about limitations while using both BWL and QOS together.

    You have "Auto Update Time" set to "disabled" so how it may works?

    What do you mean? There were no changes regarding MAC addresses, they should behave as on @Shibby's v140 (and on "my" RT-N66U they are fine).
     
  19. tvcat

    tvcat Networkin' Nut Member

    Can this firmware flash on RT-N12D1?
    The flash size is 8MB
    freshtomato-K26-NVRAM64K_RT-N5x-MIPSR2-2018.3.006-beta-Max.trx
    or i need to use the one without NVRAM wording?
     
  20. txnative

    txnative Networkin' Nut Member

    On the Qos remark I had done. Maybe it should state what you written, " This is just info about limitations while using both BWL and Qos together" when a user enables either Qos or BWL, Andre made something similar but you'd see that type of Heading when you enable BWL, but ok, I get it now.

    Regarding the NTP Server. Was not aware of the change that you are suppose to use enable "Auto Update Time" I seen it in the change log, but didn't know that I had to do enable it and that is it. I'll remember that.(User didn't know)Acknowledge now.

    The mac addresses, are not what my Linksys shows from OFW or from the back of my unit, Shibby's previous builds had always shown these mac addresses also well with the correct addresses, they don't start with 00:16:B6.
     
  21. jsnepo

    jsnepo Serious Server Member

    Does this fix the missing 5GHz when NVRAM usage reaches a certain KB?
     
  22. pedro311

    pedro311 Serious Server Member

  23. jsnepo

    jsnepo Serious Server Member

  24. alcuin

    alcuin Network Newbie Member

    Could this maybe be supported on a linksys E1000v1? Is there any major difference between a BCM4716B0 and a BCM5357B0? Thanks.
     
  25. kylejustknows

    kylejustknows Serious Server Member

    please add a line like:
    server=/onion/192.168.1.1#9053
    into Dnsmasq conf when tor is enabled (127.0.0.1#9053 won't work as tor daemon reject loopback)

    So users can solve xxx.onion website dns and visit tor sites. That makes full function of tor.
     
  26. Beast

    Beast Network Guru Member

    Ok about to change from Toastman builds to freshtomato. I have an Asus RT-N16 router. I would like to use a VPN flavor firmware. I have d/l these tree versions.

    freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.trx" 11.6 MB

    freshtomato-K26USB_RT-MIPSR2-2018.3.006-beta-Mega-VPN.trx" 11.2 MB

    freshtomato-K26USB_RT-MIPSR2-2018.3.006-beta-VPN.trx" 8.4 MB

    Can someone please tell me the differance between them? Note the NVRAM32k in the first file name.
    All these file came from the K26-N subfolder.

    Whate is the differance between MAX and MEGA.

    And one other question... is the "rstat" file from Toastman builds compatible with freshtomato.
    I would like to import this file if possible. I plan to do an nvram erase and configure from stractch.

    TIA
     
  27. pharma

    pharma Network Guru Member

    @Beast, didn't you ask already a few threads up and @Monk E. Boy gave a pretty good breakdown?
     
  28. Beast

    Beast Network Guru Member

    Yes he did, and his break down took me to this stage. With his information I was able to navagate to the correct sub folders and pick the type firmware I would like to run. I picked (New Driver) and (VPN). And since flashing the router is always a risk of ending up with a brick, I would like to get a little bit more info, as to the differences in those three firmwares so I have to do only one flash. I know my router "Asus RT-N16" has a 32k flash.

    So why is there a freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.trx" 11.6 MB
    NOTE the (NVRAM32k) and (N5x) in the file name and size which is different from the one below.

    freshtomato-K26USB_RT-MIPSR2-2018.3.006-beta-Mega-VPN.trx" 11.2 MB. I ASSUME this one does not have the new wifi drivers. Yet it came from the same floder K26-N. Which again i ASSUME, the K26-N folder should contain only builds with the new drivers.

    Also ive never used freshtomato before. So here im trying to learn what is extra in a firmware based on their names. I know an AIO=all in one build, but what is a MEGA, MAX, BT?? Even Monk E. Boy din't know what the BT build was.

    I assume VPN.trx is most likely to be bare bones vpn build. And the N5x means new drivers.
    So what does the Mega-VPN.trx add to the build.
    With what I think I know, I want the NVRAM32K_RT-N5x MEGA for my Asus RT-N16.

    I like my router, even tho ist's getting old. I want to be as knowledgeable about what im about to flash into my router, don't want a brick.

    Hope this an't to confusing, I hate assume-ing.
     
  29. pedro311

    pedro311 Serious Server Member

    For those using K26 images:
    I've just added images, with kernel optimized to size in this branch ["freshtomato-mips 2018.3.011-beta (K26 only - smaller size)" ----> K26]

    You can check them, maybe someone will be able to upload image, where in the previous version was slightly too big?
     
  30. Justio

    Justio Networkin' Nut Member

    @pedro311
    I've seen that MIPSR1 images now are also RT.
    Example: freshtomato-K26_RT-MIPSR1-2018.1.066-beta-MiniIPv6
    Is this image safe to flash older routers (like WRT54GL)?

    Thanks to you and to @kille72 for keeping Tomato project alive.
     
  31. Monk E. Boy

    Monk E. Boy Network Guru Member

    RT seems to refer to the RT driver, which I mentioned in my earlier post. RT-N5x seems to refer to the RT-N driver using the 5.x SDK. There is an RT-N driver using the 6.x SDK that Tomato has typically referred to as RT-AC to make it less confusing (which is a misnomer to a certain extent because it also supports some 802.11n hardware).

    It's all about how you split up the filename.

    I'll probably un-mothball my N66 this weekend, now that my relatives finally switched over to the AC68 I gave them a while ago, so I can start experimenting with this firmware. I kept it set to the side just in case they had some issue with the 68's form factor or whatever. I might even get back the N16 I gave them ages ago, assuming it hasn't died.
     
    Last edited: Jun 6, 2018
  32. pedro311

    pedro311 Serious Server Member

    pharma likes this.
  33. Justio

    Justio Networkin' Nut Member

  34. Mark Barabus

    Mark Barabus Serious Server Member

    QoS seems to be broken (nothing gets classified) with the N66U using a PPPoE connection.
    Asus  QoS  View Graphs.png
     
  35. EpsilonX

    EpsilonX LI Guru Member

    Same problem as me, also PPPOE...
    Haven't tried the new BETA, but previously it classified correctly, but no limits are applied...
    Try setting inbound to something small like 1000kbps and do a Speedtest...
    If it works, it should limit the top speed...
     
  36. Mark Barabus

    Mark Barabus Serious Server Member

    Yep not working for me on the new BETA 2018.3.006.
    Tested with speedtest and its just downloading/uploading at full speed completely ignoring the limits and traffic isnt getting classified at all.
    Unfortunately this is the one feature i need (QoS) so its back to 1.32 again for me but i'll check back here again for updates.
     
  37. pedro311

    pedro311 Serious Server Member

    OK, will check it.
     
  38. EpsilonX

    EpsilonX LI Guru Member

  39. pedro311

    pedro311 Serious Server Member

  40. EpsilonX

    EpsilonX LI Guru Member

    OK, "freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Max" with ASUS RT-N15U...
    I think I found out the culprit, DSL Overhead...
    I always enable it...
    I believe it's a much easier fix than combing and testing everything... ;)
    Will keep testing this version for now...
    Now, if only my rig can build my custom version... :D

    Tomato-ST1.PNG Tomato-ST2.PNG
     
  41. pedro311

    pedro311 Serious Server Member

    See (in ARM thread):

    https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-2#post-296437
    https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-2#post-296506
    https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-2#post-296525
    https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm.74117/page-2#post-296660

    So probably it won't be fixed soon.
    BTW: on my 4G connection, everything's fine (mean traffic classification of course)
     

    Attached Files:

    • QOS.png
      QOS.png
      File size:
      98.5 KB
      Views:
      12
  42. Mark Barabus

    Mark Barabus Serious Server Member

    To clarify i'm not using BWL and QoS together only QoS is enabled. QoS has been broken on pppoe connections ever since multi wan was introduced. The last build that QoS works correctly with as in traffic gets classified and qos limits are followed is shibby's 1.32.
     
  43. EpsilonX

    EpsilonX LI Guru Member

    Mark Barabus likes this.
  44. Mark Barabus

    Mark Barabus Serious Server Member

    Interesting thanks. Just re-flashed the beta to test this out and it appears disabling the DSL overhead has indeed fixed QoS (classification and qos limits now working). Nice find ;). I'll also test this out further over the weekend and report back but as of now QoS appears fine aslong as the DSL overhead is set to "none".
     
  45. hashgb

    hashgb Network Newbie Member

    Thanks for your work pedro!

    I have tested:
    freshtomato-K26_RT-MIPSR1-2018.3.011-beta-MiniIPv6.zip @ Buffalo WHR-HP-G54
    - httpd is not starting properly, starting via telnet/ssh works. If https is enabled, it is not working at all

    freshtomato-K26USB_RT-MIPSR2-2018.3.006-beta-miniVPN.zip @ Netgear WNR3500L v1
    - File too big for 8MB Flash, is there a chance to get it smaller?

    freshtomato-K26_RT-MIPSR2-2018.3.011-beta-Max.zip @ Netgear WNR3500L v1
    - Working, but for current settings NVRAM was too small. Have to try it again when I have more time
     
    Last edited: Jun 10, 2018
  46. gikornilov

    gikornilov Networkin' Nut Member

    Is there any freshtomato for DIR-320 with USB support ?
     
  47. EpsilonX

    EpsilonX LI Guru Member

    @pedro311
    pedro, any idea why my compiled image is much smaller than yours..?
    It compiled successfully though, and I follow your guide step by step...
    Tried the latest source, same result, smaller by around 400KB...
     
  48. Wolfgan

    Wolfgan Networkin' Nut Member

    FOA, thanks a lot to the devs for keep working on Tomato.

    As this seems to be the only Tomato project alive, I'm planning to update my Toastman old setup and I wonder if there's a way to safely import my current config (or the bulk of it) to FreshTomato after NVRAM erasing, and avoid have to enter everything manually (mostly wireless filter MACs list, static DHCP list, QoS rules, etc etc).

    Would FreshTomato accept settings' import via text files (nvram export // nvram set) as suggested in http://www.linksysinfo.org/index.ph...orial-and-discussion.28349/page-3#post-138676 ?
    TIA, Wolf
     
  49. pedro311

    pedro311 Serious Server Member

    Probably because your builds are about 16 commits ahead of mines (kernel size optimization, etc).
     
  50. pedro311

    pedro311 Serious Server Member


    I suggest clean install.
     
  51. EpsilonX

    EpsilonX LI Guru Member

    It compiled successfully, but after I flashed it, it wont boot... :D
    I'm under the impression that if there is something wrong, it will stop compiling halfway...

    Just in case other users are reading this, can anyone with a running system try to test compiling..?
    Just do "make r2e", just to get a ballpark of the filesize, should be around 8.8xx.xxx mine was 8.3xx.xxx.
    Thanx !
     
  52. EpsilonX

    EpsilonX LI Guru Member

    Do it manually...
    Since this is based on MultiWAN, there are differences...
    Wireless Filter and Static DHCP are the same, do the rest manually...
    I'm also from Toastman's build, currently testing this...
     
    Wolfgan likes this.
  53. pedro311

    pedro311 Serious Server Member

    TBH, I have no idea what could be wrong :p
    Just compiling r2e target, will let you know.
     
  54. pedro311

    pedro311 Serious Server Member

    In subfolder "test" you can find last compilation of r2e target, size: 8359936.
     
  55. Wolfgan

    Wolfgan Networkin' Nut Member

    Great! Let me know how it goes. I won't be using multiwan (nor ever used a multiwan build), is there any way to force single wan or just configure a single one?
    Thx, Wolf

    Sent from my SGH-I747M using Tapatalk
     
  56. pedro311

    pedro311 Serious Server Member

    Just use one wan, that's all.
     
    pharma and Wolfgan like this.
  57. EpsilonX

    EpsilonX LI Guru Member

    I'll be damned, its the same as mine...
    LOL...

    Tomato-ST4.PNG

    Gotta find time to test this...
    pedro, thanx for testing a build for me, at least I'm more confident in my setup...
    But there's a probability that this won't work too... :D

    UPDATE :
    As expected, also not working...
    ~488KB smaller size than your "make all" build...
    It seems we have a problem here... ;)

    UPDATE 2:
    Tried "make r2f", just to test a small image...
    Also failed to boot...
    @pedro311
    What command did you use to build all of those images..?
     
    Last edited: Jun 12, 2018
  58. pedro311

    pedro311 Serious Server Member

    Maybe try clean install?
     
  59. EpsilonX

    EpsilonX LI Guru Member

    i always did a NVRAM erase before flashing a new firmware... ;)
     
  60. pedro311

    pedro311 Serious Server Member

    I'll compile for you later today, test build (2018.3.016, see commits), before busybox changes and libcurl/sqlite/nano updates.
     
  61. rs232

    rs232 Network Guru Member

    It it possible at all to have a mini MIPS VPN only under 4Mb?
    It would be awesome to update my old devices!

    Thanks
     
    hashgb likes this.
  62. pedro311

    pedro311 Serious Server Member

    It's up in "tests" folder.
     
  63. Justio

    Justio Networkin' Nut Member

    I had some spare time today and compiled r2e image to test this issue.
    Result:
    - pedro's image (freshtomato-K26USB_RT-MIPSR2-2018.3.028-beta-VPN.trx) available in folder "tests" has 8.359.936 bytes

    - the image built locally by me from last commit of "freshtomato-mips" has 8.359.936 bytes (branch used mips-master)

    though I do not have a router at hand to test if the image works, taking into account that your image size is different, i suppose that the issue is on your side @EpsilonX so here are my questions:
    - what branch did you use for compilation?
    - under what directory did you compile the image: .../freshtomato-mips/release/src-rt/ or .../freshtomato-mips/release/src-rt/src-rt-6.x/ ?

    Edit:
    *********************** Tue Jun 12 21:29:03 WEST 2018 ************************
    2018.3 MIPSR2 K26 USB VPN
    Creating little endian 3.0 filesystem on /home/vbox/freshtomato-mips/release/src-rt/router/mipsel-uclibc/target.image, block size 65536.

    Little endian filesystem, data block size 65536, compressed data, compressed metadata, compressed fragments
    Filesystem size 7318.25 Kbytes (7.15 Mbytes)
    31.07% of uncompressed filesystem size (23552.21 Kbytes)
    Inode table size 9627 bytes (9.40 Kbytes)
    21.44% of uncompressed inode table size (44898 bytes)
    Directory table size 11179 bytes (10.92 Kbytes)
    52.15% of uncompressed directory table size (21438 bytes)
    No duplicate files removed
    Number of inodes 1385
    Number of files 1140
    Number of fragments 75
    Number of symbolic links 192
    Number of device nodes 0
    Number of fifo nodes 0
    Number of socket nodes 0
    Number of directories 53
    Number of uids 1
    root (0)
    Number of gids 0

    Creating TRX: image/freshtomato-K26USB_RT-MIPSR2-2018.3-VPN.trx

    TRX Image:
    Total Size .... : 8359936 (8164.0 KB) (8.0 MB)
    Images ...... : 8359908 (0x007f8fe4)
    Padding ..... : 0
    Avail. for jffs :
    4MB, 128K CFE : 0 EBs + 0
    4MB, 256K CFE : 0 EBs + 0
    8MB, 256K CFE : 0 EBs + 0
    Note : Netgear routers have 6 EBs less available!
    CRC-32 ........ : 8E4644F6
    128K Blocks ... : 64 (0x00000040)
    64K Blocks ... : 128 (0x00000080)
    Offsets:
    0: 0x0000001C lzma-loader/loader.gz
    1: 0x00000AD8 /home/vbox/freshtomato-mips/release/src-rt/linux/linux-2.6/arch/mips/brcm-board
    2: 0x000D3000 router/mipsel-uclibc/target.image
     
    Last edited: Jun 12, 2018
  64. EpsilonX

    EpsilonX LI Guru Member

    OK, finally...
    I figured out what is wrong...
    If I clone from Git, it will result in 8.359.936 bytes, like I posted here #151...
    Since all 3 of us got the same size, in case you're wondering, that image won't work... ;)
    Then I tried downloading in ZIP form, this time I choose the one tagged as 2018.3.016...
    Result..?
    The image came out around 8.8xx.xxx bytes, and it worked... :D
    If I clone the repo, the Makefile contains no mention of ASUS...
    The one from the ZIP, contains more device and builds (lots of ASUS)...
    I don't know why, I'm not used to bitbucket, but all 3 of us actually get it "wrong"... :p

    @Justio
    src-rt, for N router...
    Oh, if I clone, I actually don't have src-rt-6.x, it's there in the ZIP though... :D

    I finished compiling my custom build, currently testing...
    I like to thank @pedro311 and @Justio to make some valuable time to assist me... :)
    Don't mind an explanation why that happened though... :D
     
  65. Beast

    Beast Network Guru Member

    Installed freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.trx on my Asus RT-N16. Coming from Toastman build 7511. So far its running fine.
    Total / Free NVRAM32.00 KB / 5332 (16.27%)

    I think I will try the none Mega version of vpn, on the next update. I know I have no use for the portal, and Im not sur what for or how to use tor.

    I noticed that in the about page there is no NVRAM32K in the firmware name. Still wondering about the difference of these two files ???

    freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.trx" 11.6 MB

    freshtomato-K26USB _RT- MIPSR2-2018.3.006-beta-Mega-VPN.trx" 11.2 MB
     
    Last edited: Jun 13, 2018
  66. EpsilonX

    EpsilonX LI Guru Member

    What is the difference between, B=E, B=M and B=V..?
    And I notice not all builds use KERN_SIZE_OPT, any downside using it..?
     
    Last edited: Jun 13, 2018
  67. peyton

    peyton Network Guru Member

    I tried to upgrade to freshtomato from asus firmware but it says the format is illegal and refuse to go on. How could i do ? I saw to use asus recovery but i'm on arch linux. Tried to go in CFE but pressing reset button powered off and on but didn't work.

    Thanks.
     
  68. pomidor1

    pomidor1 Networkin' Nut Member

  69. pedro311

    pedro311 Serious Server Member

    What's on the Overview page after "Total / Free NVRAM" ?
     
    Last edited: Jun 13, 2018
  70. pedro311

    pedro311 Serious Server Member

    Because you get it wrong.

    There are two branches in the repo: "mips-master" and "mips-RT-AC".
    You may switch between them with:
    Code:
    git checkout <branch>
    In master branch you can build only in "src-rt" directory, and these are builds placed in K26 folder on FreshTomato MIPS download page.
    In RT-AC branch you can build in "src-rt" dir (K26RT-N) and "src-rt-6.x" (K26RT-AC).

    Remember about:
    Code:
    make clean
    before compiling different target, and:
    Code:
    git clean -fdxq && git reset --hard
    when you want the local repo to be in status as the remote repo.

    Is it clear now?
     
  71. Beast

    Beast Network Guru Member

    Total / Free NVRAM32.00 KB / 5332 (16.27%)
     
  72. pedro311

    pedro311 Serious Server Member

    So the version with "NVRAM32K" in the filename is the proper one.
     
  73. EpsilonX

    EpsilonX LI Guru Member

    Yup...
    Thank you for explaining...
    And another questions... :D

     
  74. Monk E. Boy

    Monk E. Boy Network Guru Member

    The first is for USB-equipped MIPSR2 routers and uses the RT-N 5.x drivers.

    The second is for USB-equipped MIPSR2 routers and uses the RT (not RT-N) drivers. I don't know recall any routers that are supported by the RT drivers that have 64K of NVRAM so its probably is limited to 32K.

    If you're on an RT-N16 you can use either RT or RT-N MIPSR2 builds.

    He's using Shibby's naming conventions which can be confusing coming from Toastman, who used different naming conventions. I had a hard time when I first started looking at Shibbys builds too. But there is a rhyme and reason to them, you just have to learn how to split the filename up.

    Keep in mind unless you're updating the CFE there's no bricking RT-N16s. You can always put the router into recovery mode and come back from an incorrect flash of the wrong firmware. The only time it can't come back is if you update the CFE (and it goes bad), which is why its almost never touched (the only ones I know who update it are crazy people like myself or OEM firmwares).
     
  75. Beast

    Beast Network Guru Member

    I am starting to understand the file nameing. Still a bit of confustion. But I will get there.

    I'm going to stick witht he RT-N NVRAM32K Mega-VPN ones for now. The one i have loaded seems to be running nicely.
    Even trying the IPV6 enable for Charter/Spectrum. I just enabled it and its working, but for how long. On Toastman it ran for a few minutes and than fell apart.

    Thanks for the responce Monk E. Boy
     
  76. Beast

    Beast Network Guru Member

    Now that i have taken the plunge, from Toastman to FreshTomato.
    freshtomato-K26USB-NVRAM32K_RT-N5x-MIPSR2-2018.3.006-beta-Mega-VPN.trx on Asus RT-N16

    Can someone tell me about the builtin adblock? Is it the same or based on adblock not so clean. And does it use pixelserv? Or is it completely different. I see it shares the same blocklists as does "not so clean adblock".

    How can i mute/prevent the logging of theses messages:
    daemon.info dnsmasq-dhcp[2045]: RTR-ADVERT(br0) 2xxx:x00:6xx7:dxxx::

    Edit: After enableing IPV6 started getting these errores again. I remmbered now why I stopped using ipv6. Never firgured out how to fix this error.

    user.crit kernel: Dead loop on virtual device 6rd, fix it urgently!

    Edit: I start getting the Dead Loop messages as soone as I connect to my network with my Samsung Galaxy Tab-4 wirelessly. Yet my Amazon Echo Dot nor my Honeywell thermostat both connect wireless, are not causing any dead loop messages.

    Any insite anyone ?????
     
    Last edited: Jun 14, 2018
  77. Cold Winter

    Cold Winter Networkin' Nut Member

  78. calc66u

    calc66u New Member Member

    Hi, new member here. I have come to freshtomato having used Merlin's builds for a long time, but now he has stopped support for my router which is the RT-AC66u. I'm so pleased to find support with Pedro's build - I found Shibby first, but of course it's no longer maintained.
    I installed freshtomato-RT-AC66U_RT-AC6x-2018.3.006-beta-AIO
    It installed ok (using the ASUS recovery tool), and I configured for pppoe and connected to my UK (BT) supplied modem. I get erratic connection via the 192.168.1.1 web interface and internet connection is up and down with restarts all over the place. When it is working it is super fast, but then a new connection attempt will fail until the router decides to reboot itself.
    I feel it is a problem with the pppoe implementation. Wireless connects ok, but is subject to the same issues.
    I then tried shibby's tomato-RT-AC66U_AT-RT-AC6x-3.5-140-AIO-64K.trx. It is working flawlessly, but of course I want an up-to-date build.
    I'm used to compiling linux kernels, so not completely clueless.
    I configured as pppoe with the Asus set as a gateway (actually I have tried a ot of different settings) but always the same instabilty.
    Would anyone make a suggestion? I can supply logs, debug output or whatever, if anyone is prepared to help.

    thanks! calc66u
     
  79. pedro311

    pedro311 Serious Server Member

    So let's start with your pppoe configuration and logs.
     
  80. txnative

    txnative Networkin' Nut Member

    I have been using FreshTomato Firmware 2018.3.006 MIPSR2-beta K26 IPv6-VPN and Freshtomato-F7D4302USB_RT-N5x-MIPSR2-2018.3.006-beta-IPv6-VPN as a wap, and I noticed that when I turn the wan port into a switch it doesn't work properly when I had my PS3 connected. The main router didn't register it as when I was running the connection test showed that upnp was not available. This only happened on the K26 Mini but the RT-N5x IPv6 build didn't do this, although if problems occur for anyone doing something similar connect to one of the other remaining open ports but after I had figured what the problem was the connection test on the PS3 was able to pass upnp recognition numerous times without error. Using my E3200 with build Mega-VPN ran great, but for some reason when I disable imq0, I was not able to achieve full inbound rates, as from previous older builds this method usually worked while using qos on the outbound, my isp has asynchronous connection and I have to kill the bloat for gaming. The wifi connections on both 2.4 and 5ghz work great no issues on my f7d430 and e3200 need the mac addresses corrected while the imq0 is something I'm not sure to work with?
     
  81. K3rm1t4

    K3rm1t4 New Member Member

    Great to see a Tomato revival :cool:
    Brilliant stuff, thanks to @pedro311, @kille72 and the rest of the team!

    After some testing I'd like to contribute the following issue report.
    Any help would be very much appreciated.

    Description:
    HTTPS access to admin interface not working

    Steps to reproduce:

    1. Go to Administration, Admin Access
    2. Enable local HTTPS access by setting below parameters and save afterwards
    3. Start admin interface through HTTPS URL - Result: "Connection failed" error
    Code:
        Local Access = HTTPS
        HTTPS Port = 443
        Common Name (CN) = <blank>
        Regenerate = <Check>
        Save In NVRAM = <Check>
    
    Analysis:
    • No related warnings/errors in syslog
    • No process listening on port 443
    • SSL certificate not generated and stored in NVRAM/filesystem
    Code:
    root@router:/tmp/home/root# netstat -an | grep 443
    root@router:/tmp/home/root#
    
    root@router:/tmp/home/root# nvram export --set | grep https
    nvram set https_crt=""
    nvram set https_crt_gen="1"
    nvram set https_enable="1"
    nvram set https_crt_cn=""
    nvram set remote_mgt_https="0"
    nvram set https_crt_file=""
    nvram set https_crt_save="1"
    nvram set https_lanport="443"
    
    root@router:/tmp/home/root# ls -al /tmp/etc/*.pem
    ls: /tmp/etc/*.pem: No such file or directory
    

    Device:

    Linksys WRT54GL v1.1

    Tested builds:
    (erased all data in NVRAM prior and after flashing each firmware image)
    • FreshTomato: freshtomato-K26_RT-MIPSR1-2018.3.006-beta-MiniIPv6
    • FreshTomato: freshtomato-K26_RT-MIPSR1-2018.3.011-beta-MiniIPv6
    • shibby: tomato-K26-1.28.RT-MIPSR1-140-MiniIPv6
    • shibby: tomato-K26-1.28.RT-MIPSR1-132-MiniIPv6
     
    Last edited: Jun 16, 2018
    Justio likes this.
  82. bookreader

    bookreader Reformed Router Member

    Success! :D
    Belkin Play Max / N600 HD (F7D4301/F7D8301) v1
    freshtomato-K26USB_RT-MIPSR2-2018.3.011-beta-miniVPN.trx
    Advanced-> VLAN /advanced-vlan.asp
    VLAN = 9 VID = 0 (displays 201 when ok is clicked) Tagged WAN
    First 802.1Q VLAN tag = 192 (thanks for bringing this back!)

    Same 42/6 speeds as the Asus AC66U (merlin firmware) with CenturyLink GPON.

    The Ethernet Ports State shows LAN 1 + 4 plugged in with nothing in the WAN, when the WAN and LAN 4 are really plugged in. Cosmetic at this point.
     
  83. Justio

    Justio Networkin' Nut Member

    The build in question does not have HTTPS implemented

    @$(MAKE) bin NO_JFFS=y NO_CIFS=y NO_ZEBRA=y IPV6SUPP=y B=I BUILD_DESC="MiniIPv6" USB="" NO_HTTPS=y MULTIWAN=y

    I guess the effort to update the interface not to show HTTPS in GUI (from the devs), doesn’t worth the time spent.

    With "NO_HTTPS=n" the image of the firmware gets bigger than the 4 Mb flash available on WRT54GL 1.1, so does not fit any more...

    Let's all say "Thank you pedro311" for having an up to date tomato firmware available for WRT54GL in 2018

    Anyway my congrats for the post format and for the steps to reproduce.
     
    K3rm1t4 likes this.
  84. txnative

    txnative Networkin' Nut Member

    pedro, I been having problems compiling the e3200 from the freshtomato-mips.done all packages installed, using Linux version 4.9.0-6-amd64 (debian-kernel@lists.debian.org) (gcc version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1) ) #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07) the error I'm receiving is here:

    checking lzo/lzoutil.h usability... yes
    checking lzo/lzoutil.h presence... yes
    checking for lzo/lzoutil.h... yes
    checking lzo/lzo1x.h usability... yes
    checking lzo/lzo1x.h presence... yes
    checking for lzo/lzo1x.h... yes
    checking for LZ4... no
    checking lz4.h usability... no
    checking lz4.h presence... no
    checking for lz4.h... no
    usable LZ4 library or header not found, using version in src/compat/compat-lz4.*
    checking git checkout... no
    configure: error: route utility is required but missing
    Makefile:2188: recipe for target 'openvpn/.conf' failed
    make[5]: *** [openvpn/.conf] Error 1
    make[5]: Leaving directory '/home/user1/freshtomato-mips/release/src/router'
    Makefile:118: recipe for target 'all' failed
    make[4]: *** [all] Error 2
    make[4]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1022: recipe for target 'bin' failed
    make[3]: *** [bin] Error 2
    make[3]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1116: recipe for target 'o' failed
    make[2]: *** [o] Error 2
    make[2]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1202: recipe for target 'r2o' failed
    make[1]: *** [r2o] Error 2
    make[1]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1334: recipe for target 'e3200' failed
    make: *** [e3200] Error 2

    Already done git clean -fdxq && git reset --hard. git branch * mips-RT-AC
    What are your thoughts? I'm going to use linux-mint-serena later this morning, as for compatibility testing and see it I get through the lz4 error.
     
  85. pedro311

    pedro311 Serious Server Member

    I've no problems with openvpn, when compiling my images.
    Try to clone my repo again, or just download it (Downloads -> Download repository).
     
  86. pedro311

    pedro311 Serious Server Member

    These B's are (I think) some basic targets, but I can't find any info/comment about it in code - it looks like you need to find the content of individual targets (B could be E, M, F, I and V) yourself.

    Kernel optimization for size (except that "some versions of gcc may generate incorrect code with this option"), is good option for router software where we have a limited size of flash, but you have to remember that this happens at the expense of compilation time.
    So, where it is not necessarily needed, you have to turn it off.
     
  87. EpsilonX

    EpsilonX LI Guru Member

    Got it, compilation time is not a problem...
    Thanks to the FreshTomato team for maintaining Tomato... :cool:
     
  88. pedro311

    pedro311 Serious Server Member

    Well, if you have to compile over one hundred images at a time, time _is_ a problem...
     
  89. pegasus123

    pegasus123 Addicted to LI Member

    thanks for this. now my Tenda N60 is alive again however latest build does not fit on 8mb flash
     
  90. peyton

    peyton Network Guru Member

    Stupid question i guess but, i can't run android tethering on my rt n16 with official wrt or forked merlin one. It reboots my device few minutes after running it. I already got a better power supply and caps.

    Do i have some chance to use it with tomato and how ? Thanks.
     
  91. Twincam

    Twincam Networkin' Nut Member

    @pedro311

    “K26 only - smaller size” builds

    Notes on freshtomato-K26_RT-MIPSR1-2018.3.011-beta-MiniIPv6.trx build ["freshtomato-mips 2018.3.011-beta (K26 only - smaller size)” folder] on WRT54GL [4MB Flash limit; 16MB RAM; 32KB NVRAM; 200MHz CPU] - this one.

    FT-MIPS-Status.jpg

    Observations:

    01) Works very well [with 2x VLAN] on ADSL PPPoE connection [via Vigor 130 modem] – “snappy” interface! A minor difference in VLAN configuration [compared with ARM build on RT-AC3200] is that VLAN 0 [assigned VID 0] is always listed; I couldn’t eliminate it.

    FT-MIPS-VLAN.jpg

    02) “Adblock” does not work [HW limitation?]; crashes router when enabled.

    03) I understand that the HTTPS components are removed [but it would be nice if the HTTPS option was not listed as available].

    04) When UPnP is enabled [and “Show In My Network Places” is checked], router is visible on [windows] LAN as UPnP router; can this be made to display the “Host” name exactly as it does with ARM builds?

    05) [Minor] bug? “Please configure VLAN first” [menu “Basic”->”Network” page; basic-network.asp] hyperlink points to the wrong URL. Actual URL should be http://192.168.15.1/advanced-vlan-r1.asp [IP due to my configuration].

    06) >34% Free Memory & ~36% of NVRAM remains available.

    07) Bug fix confirmed [reported against ARM builds].

    Possible enhancements:

    a) Eliminate “Adblock” [and, possibly, “QoS”] components if that saves enough space to add “CIFS” page back. This would allow the “Bandwidth” data to be stored remotely [on a ReadyNAS in my case]. I think this [these] should be eliminated from both “small” builds <4MB [on the assumption that “AdBlock” will not run & QoS can be eliminated].

    b) It would be great to have OpenVPN available [even just 1x server & 1x client] as I use this all the time. If this were possible it would require the “CIFS” enhancement above – otherwise, there would be no room to store keys & certificates in NVRAM [no USB!]. I think many people with retired WRT54G* devices [mine was very dusty] might willingly sacrifice QoS for a miniature VPN build [“*-beta-MicroVPN” anyone?] ….

    Conclusion:

    You have successfully breathed new life into ancient hardware; thanks. This WRT54GL is a viable, short-term substitute for my regular RT-AC3200. With the enhancements above [certainly the first], it could actually be a reliable long-term substitute for the same [I am on a metered connection so I need to keep track of my bandwidth usage]! I also attempted to flash image freshtomato-K26_RT-MIPSR1-2018.3.011-beta-Mini.trx but it is "too big" for this router [but reports as 3.72MB under windows]. What is the functional difference between that build and this one [@3.40MB]?

    There are 719 of these routers listed on TomatoAnon. Assuming only a small %age of Users join TomatoAnon, there could be many, many more ….
     
    Last edited: Jun 19, 2018 at 12:13 AM
    pedro311 and M_ars like this.
  92. frozencat

    frozencat New Member Member

    Netgear R7000, FreshTomato Version 2018.3

    Issue 1: Routing Policy not working.

    When i try to use routing policy - no result. Same problem was on tomato 140 firmware, i make factory reset, then load FreshTomato Version 2018.3 by FreshTomato team. And problem still here.

    Issue 2: PPTP Server Started, but no interface appears. Clients cannot connect.

    It happens suddenly, everything worked normal and from one moment - routing policy not working, pptp server nor working. I load fresh firmware, then reconfigure router and it not solve the problem. Any rebooting not solving the problem.

    I can find one way - if I enable QoS and then disable it, and after that connect to vpn routing policy some time working till VPN or WAN restart. But it is very unstable solution (it is not solution at all, just observation).

    Name TomatoUSB
    Model Netgear R7000
    Chipset ARMv7 Processor rev 0 (v7l)
    CPU Frequency 1000 MHz (dual-core)
    Flash Size 128MB

    Time Sun, 17 Jun 2018 20:17:25 +0200
    Uptime 0 days, 00:26:22
    CPU Usage 2.11%
    CPU Load (1 / 5 / 15 mins) 0.00 / 0.03 / 0.05
    Total / Free Memory 249.63 MB / 223.00 MB (89.33%)
    Total / Free NVRAM 64.00 KB / 21.38 KB (33.40%)

    CPU Temperature 67°C
    Wireless Temperature eth1: 2.4G - --°C eth2: 5G - --°C

    Ip Tables

    Chain PREROUTING (policy ACCEPT 143 packets, 9670 bytes)
    num pkts bytes target prot opt in out source destination
    1 20 1456 WANPREROUTING all -- any any anywhere wan1-ip

    Chain INPUT (policy ACCEPT 13 packets, 1815 bytes)
    num pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 3 packets, 228 bytes)
    num pkts bytes target prot opt in out source destination

    Chain POSTROUTING (policy ACCEPT 3 packets, 228 bytes)
    num pkts bytes target prot opt in out source destination
    1 0 0 MASQUERADE all -- any tun11 192.168.2.0/24 anywhere
    2 89 4770 MASQUERADE all -- any tun11 192.168.1.0/24 anywhere
    3 0 0 MASQUERADE all -- any ppp0 anywhere anywhere
    4 0 0 SNAT all -- any br0 192.168.1.0/24 192.168.1.0/24 to:192.168.1.1
    5 0 0 SNAT all -- any br1 192.168.2.0/24 192.168.2.0/24 to:192.168.2.1

    Chain WANPREROUTING (1 references)
    num pkts bytes target prot opt in out source destination
    1 0 0 DNAT icmp -- any any anywhere anywhere to:192.168.1.1
    2 0 0 DNAT tcp -- any any anywhere anywhere tcp dpt:www to:192.168.1.168:80
    3 0 0 DNAT tcp -- any any anywhere anywhere tcp dpt:https to:192.168.1.168:443

    Chain PREROUTING (policy ACCEPT 68985 packets, 33M bytes)
    num pkts bytes target prot opt in out source destination
    1 23839 17M DSCP all -- ppp0 any anywhere anywhere DSCP set 0x00
    2 0 0 DROP all -- ppp0 any anywhere 192.168.1.0/24
    3 0 0 DROP all -- ppp0 any anywhere 192.168.2.0/24
    4 45 8222 MARK all -- any any anywhere anywhere match-set vpnrouting311 dst,src MARK set 0x137

    Chain INPUT (policy ACCEPT 24554 packets, 17M bytes)
    num pkts bytes target prot opt in out source destination

    Chain FORWARD (policy ACCEPT 43568 packets, 16M bytes)
    num pkts bytes target prot opt in out source destination
    1 808 42156 TCPMSS tcp -- any any anywhere anywhere tcpflags: SYN,RST/SYN TCPMSS clamp to PMTU

    Chain OUTPUT (policy ACCEPT 20574 packets, 3273K bytes)
    num pkts bytes target prot opt in out source destination

    Chain POSTROUTING (policy ACCEPT 64135 packets, 20M bytes)
    num pkts bytes target prot opt in out source destination

    Code:
    ip rule
    0:    from all lookup local
    1000:    from all fwmark 0x137 lookup 311
    32766:    from all lookup main
    32767:    from all lookup default
    
    ip route show table 311
    default via 10.18.10.6 dev tun11
    
    Jun 17 20:09:17 unknown daemon.notice openvpn[5380]: UDP link local: (not bound)
    Jun 17 20:09:17 unknown daemon.notice openvpn[5380]: UDP link remote: [AF_INET]46.166.188.227:1198
    Jun 17 20:09:18 unknown daemon.warn openvpn[5380]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Jun 17 20:09:18 unknown daemon.warn openvpn[5380]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1542'
    Jun 17 20:09:18 unknown daemon.warn openvpn[5380]: WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Jun 17 20:09:18 unknown daemon.notice openvpn[5380]: [b120d7accb4248d376884834db0ec143] Peer Connection Initiated with [AF_INET]46.166.188.227:1198
    Jun 17 20:09:18 unknown user.notice vpnrouting[5384][tun11]: Clean-up
    Jun 17 20:09:18 unknown user.notice vpnrouting[5384][tun11]: Searching gateway for tun11
    Jun 17 20:09:19 unknown daemon.notice openvpn[5380]: TUN/TAP device tun11 opened
    Jun 17 20:09:19 unknown daemon.notice openvpn[5380]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
    Jun 17 20:09:19 unknown daemon.notice openvpn[5380]: /sbin/ifconfig tun11 10.10.10.6 pointopoint 10.10.10.5 mtu 1500
    Jun 17 20:09:19 unknown daemon.notice openvpn[5380]: Initialization Sequence Completed
    Jun 17 20:09:21 unknown user.notice vpnrouting[5384][tun11]: Got gateway for tun11 - IP 10.10.10.6 - ID 311
    Jun 17 20:09:21 unknown kern.notice kernel: ip_set: protocol 6
    Jun 17 20:09:22 unknown user.notice vpnrouting[5384][tun11]: Type: 3 - add yandex.ru
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5068]: exiting on receipt of SIGTERM
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: started, version 2.80test2 cachesize 4096
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth DNSSEC loop-detect inotify
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: asynchronous logging enabled, queue limit is 5 messages
    Jun 17 20:09:24 unknown daemon.info dnsmasq-dhcp[5576]: DHCP, IP range 192.168.2.11 -- 192.168.2.51, lease time 1d
    Jun 17 20:09:24 unknown daemon.info dnsmasq-dhcp[5576]: DHCP, IP range 192.168.1.11 -- 192.168.1.51, lease time 1d
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: reading /etc/resolv.dnsmasq
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: using nameserver 192.168.1.168#53
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: using nameserver 208.67.220.220#53
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: read /etc/hosts - 3 addresses
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: read /etc/dnsmasq/hosts - 13 addresses
    Jun 17 20:09:24 unknown daemon.info dnsmasq[5576]: read /etc/dnsmasq/dhcp-hosts - 0 addresses
    Jun 17 20:09:24 unknown daemon.info dnsmasq-dhcp[5576]: read /etc/dnsmasq/hosts
    Jun 17 20:09:24 unknown daemon.info dnsmasq-dhcp[5576]: read /etc/dnsmasq/dhcp-hosts
    Jun 17 20:09:24 unknown user.notice vpnrouting[5384][tun11]: Completed routing policy configuration for client1
    Jun 17 20:09:40 unknown daemon.err openvpn[5380]: event_wait : Interrupted system call (code=4)
    Jun 17 20:09:40 unknown daemon.notice openvpn[5380]: /sbin/ifconfig tun11 0.0.0.0
    Jun 17 20:09:40 unknown daemon.notice openvpn[5380]: SIGTERM[hard,] received, process exiting
    Jun 17 20:09:47 unknown kern.info kernel: tun: Universal TUN/TAP device driver, 1.6
    Jun 17 20:09:47 unknown kern.info kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
    Jun 17 20:09:47 unknown daemon.notice openvpn[5639]: OpenVPN 2.4.6 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 27 2018
    Jun 17 20:09:47 unknown daemon.notice openvpn[5639]: library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
    Jun 17 20:09:47 unknown daemon.warn openvpn[5645]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Jun 17 20:09:47 unknown daemon.notice openvpn[5645]: TCP/UDP: Preserving recently used remote address: [AF_INET]109.201.152.241:1198
    Jun 17 20:09:47 unknown daemon.notice openvpn[5645]: UDP link local: (not bound)
    Jun 17 20:09:47 unknown daemon.notice openvpn[5645]: UDP link remote: [AF_INET]109.201.152.241:1198
    Jun 17 20:09:47 unknown daemon.warn openvpn[5645]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Jun 17 20:09:47 unknown daemon.warn openvpn[5645]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1542'
    Jun 17 20:09:47 unknown daemon.warn openvpn[5645]: WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Jun 17 20:09:47 unknown daemon.notice openvpn[5645]: [3386382d2210d8f97bb14350a711d6] Peer Connection Initiated with [AF_INET]109.201.152.241:1198
    Jun 17 20:09:48 unknown user.notice vpnrouting[5649][tun11]: Clean-up
    Jun 17 20:09:48 unknown user.notice vpnrouting[5649][tun11]: Searching gateway for tun11
    Jun 17 20:09:48 unknown daemon.notice openvpn[5645]: TUN/TAP device tun11 opened
    Jun 17 20:09:48 unknown daemon.notice openvpn[5645]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
    Jun 17 20:09:48 unknown daemon.notice openvpn[5645]: /sbin/ifconfig tun11 10.18.10.6 pointopoint 10.18.10.5 mtu 1500
    Jun 17 20:09:48 unknown daemon.notice openvpn[5645]: Initialization Sequence Completed
    Jun 17 20:09:51 unknown user.notice vpnrouting[5649][tun11]: Got gateway for tun11 - IP 10.18.10.6 - ID 311
    Jun 17 20:09:51 unknown user.notice vpnrouting[5649][tun11]: Type: 3 - add yandex.ru
    Jun 17 20:09:51 unknown daemon.err openvpn[5645]: event_wait : Interrupted system call (code=4)
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: OpenVPN STATISTICS
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: Updated,Sun Jun 17 20:09:51 2018
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: TUN/TAP read bytes,8501
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: TUN/TAP write bytes,196
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: TCP/UDP read bytes,3433
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: TCP/UDP write bytes,10598
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: Auth read bytes,196
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: pre-compress bytes,0
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: post-compress bytes,0
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: pre-decompress bytes,0
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: post-decompress bytes,0
    Jun 17 20:09:51 unknown daemon.notice openvpn[5645]: END
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5576]: exiting on receipt of SIGTERM
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: started, version 2.80test2 cachesize 4096
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth DNSSEC loop-detect inotify
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: asynchronous logging enabled, queue limit is 5 messages
    Jun 17 20:09:52 unknown daemon.info dnsmasq-dhcp[5849]: DHCP, IP range 192.168.2.11 -- 192.168.2.51, lease time 1d
    Jun 17 20:09:52 unknown daemon.info dnsmasq-dhcp[5849]: DHCP, IP range 192.168.1.11 -- 192.168.1.51, lease time 1d
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: reading /etc/resolv.dnsmasq
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: using nameserver 192.168.1.168#53
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: using nameserver 208.67.220.220#53
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: read /etc/hosts - 3 addresses
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: read /etc/dnsmasq/hosts - 13 addresses
    Jun 17 20:09:52 unknown daemon.info dnsmasq[5849]: read /etc/dnsmasq/dhcp-hosts - 0 addresses
    Jun 17 20:09:52 unknown daemon.info dnsmasq-dhcp[5849]: read /etc/dnsmasq/hosts
    Jun 17 20:09:52 unknown daemon.info dnsmasq-dhcp[5849]: read /etc/dnsmasq/dhcp-hosts
    Jun 17 20:09:52 unknown user.notice vpnrouting[5649][tun11]: Completed routing policy configuration for client1
    Jun 17 20:23:42 unknown daemon.err openvpn[5645]: event_wait : Interrupted system call (code=4)
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: OpenVPN STATISTICS
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: Updated,Sun Jun 17 20:23:42 2018
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: TUN/TAP read bytes,2324343
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: TUN/TAP write bytes,11656214
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: TCP/UDP read bytes,12589378
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: TCP/UDP write bytes,3118949
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: Auth read bytes,11656214
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: pre-compress bytes,0
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: post-compress bytes,0
    Jun 17 20:23:42 unknown daemon.notice openvpn[5645]: pre-decompress bytes,0
    Jun 17 20:23:52 unknown daemon.err openvpn[5645]: event_wait : Interrupted system call (code=4)
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: OpenVPN STATISTICS
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: Updated,Sun Jun 17 20:23:52 2018
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: TUN/TAP read bytes,2336212
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: TUN/TAP write bytes,11707153
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: TCP/UDP read bytes,12649054
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: TCP/UDP write bytes,3138926
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: Auth read bytes,11707153
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: pre-compress bytes,0
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: post-compress bytes,0
    Jun 17 20:23:52 unknown daemon.notice openvpn[5645]: pre-decompress bytes,0
    Jun 17 20:25:11 unknown daemon.info pptpd[6050]: MGR: Maximum of 50 connections reduced to 3, not enough IP addresses given
    Jun 17 20:25:11 unknown daemon.debug pptpd[6051]: CTRL: BCrelay incoming interface is disable
    Jun 17 20:25:11 unknown daemon.info pptpd[6051]: MGR: Manager process started
    Jun 17 20:25:11 unknown daemon.debug pptpd[6052]: CTRL (BCrelay Launcher): Launching BCrelay with pid 0
    Jun 17 20:25:11 unknown daemon.info pptpd[6051]: MGR: Maximum of 3 connections available
    Jun 17 20:25:11 unknown daemon.debug pptpd[6052]: MGR: BCrelay incoming interface is disable
    Jun 17 20:25:11 unknown daemon.debug pptpd[6052]: MGR: BCrelay outgoing interface is regexp ppp[0-9].*
    Jun 17 20:25:11 unknown daemon.info dnsmasq[5849]: exiting on receipt of SIGTERM
    Jun 17 20:25:11 unknown daemon.info bcrelay[6052]: Running as child
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: started, version 2.80test2 cachesize 4096
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth DNSSEC loop-detect inotify
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: asynchronous logging enabled, queue limit is 5 messages
    Jun 17 20:25:11 unknown daemon.info dnsmasq-dhcp[6055]: DHCP, IP range 192.168.2.11 -- 192.168.2.51, lease time 1d
    Jun 17 20:25:11 unknown daemon.info dnsmasq-dhcp[6055]: DHCP, IP range 192.168.1.11 -- 192.168.1.51, lease time 1d
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: reading /etc/resolv.dnsmasq
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: using nameserver 192.168.1.168#53
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: using nameserver 208.67.220.220#53
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: read /etc/hosts - 3 addresses
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: read /etc/dnsmasq/hosts - 13 addresses
    Jun 17 20:25:11 unknown daemon.info dnsmasq[6055]: read /etc/dnsmasq/dhcp-hosts - 0 addresses
    Jun 17 20:25:11 unknown daemon.info dnsmasq-dhcp[6055]: read /etc/dnsmasq/hosts
    Jun 17 20:25:11 unknown daemon.info dnsmasq-dhcp[6055]: read /etc/dnsmasq/dhcp-hosts
     
  93. pedro311

    pedro311 Serious Server Member

    @Up: Uhmmm, wrong thread ;)
     
  94. candycrush

    candycrush Serious Server Member

    Thanks to all of you for keeping Tomato alive and improving on it. I have some older routers such as WRT54GL, WRT54GS and Buffalo WHR-G54S and WHR-HP-G54. I am looking for a firmware that is not exposed to any CVEs. Particularly I am looking for a firmware that solves the KRACK vulnerability. Does your firmware have a driver that is patched for the vulnerability, and are you keeping track of what CVEs your firmware is vulnerable to? Thanks
     
  95. maurer

    maurer Network Guru Member

    only openwrt/LEDE - b43 driver and dd-wrt have KRACK patched drivers for all *54* seriers
     
  96. txnative

    txnative Networkin' Nut Member

    Ok, done those options before, did notice that i was using the older bison packages but after changing and updating the those packages, I've come to a different error. This error doesn't occur until afer an hr later. I've done a lookup and found a reference back a few years ago with shibby and bwq518 link is here http://www.linksysinfo.org/index.php?threads/tomato-shibbys-releases.33858/page-26 this is the only issue I have when compiling for my e3200 and I have compiled for my f7d4302 from the src and from the src-rt without error and both work as i'm using my f7d4302 as a wap.

    Building modules, stage 2.
    MODPOST 242 modules
    FATAL: drivers/net/wl/wl_high: sizeof(struct usb_device_id)=24 is not a modulo of the size of section __mod_usb_device_table=140.
    Fix definition of struct usb_device_id in mod_devicetable.h
    /home/user1/freshtomato-mips/release/src-rt/linux/linux-2.6/scripts/Makefile.modpost:70: recipe for target '__modpost' failed
    make[7]: *** [__modpost] Error 1
    Makefile:1009: recipe for target 'modules' failed
    make[6]: *** [modules] Error 2
    make[6]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt/linux/linux-2.6'
    Makefile:280: recipe for target 'kernel' failed
    make[5]: *** [kernel] Error 2
    make[5]: Leaving directory '/home/user1/freshtomato-mips/release/src/router'
    Makefile:118: recipe for target 'all' failed
    make[4]: *** [all] Error 2
    make[4]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1022: recipe for target 'bin' failed
    make[3]: *** [bin] Error 2
    make[3]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1116: recipe for target 'o' failed
    make[2]: *** [o] Error 2
    make[2]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1202: recipe for target 'r2o' failed
    make[1]: *** [r2o] Error 2
    make[1]: Leaving directory '/home/user1/freshtomato-mips/release/src-rt'
    Makefile:1334: recipe for target 'e3200' failed
    make: *** [e3200] Error 2
     
  97. pedro311

    pedro311 Serious Server Member

    You forgot to add (to be correct: reverse) patch localized in src-rt/linux:

    Code:
    patch -R -p4 < fix4usbap.patch
    It's needed for n60, rtn53, e2500, e3200, wndr64, wndr64-vpn, f9k targets.
     
    txnative likes this.
  98. Monk E. Boy

    Monk E. Boy Network Guru Member

    KRACK is not a router vulnerability, it's a client vulnerability. Enabling KRACK mitigations on routers leads to client connection problems as even fully patched clients will periodically send a traffic pattern that the mitigation will false positive on. The only real solution to KRACK is to update your clients, everything else is a hack and works as well as you'd expect a hack to work.

    I personally ended up going out and buying a new phone from a manufacturer source rather than the cellular phone vendor because the cellular phone vendor's policy is to only release updates for 1 year after a phone is released. Even if they're still selling the phone 1 year later, they will stop publishing updates. As a result my phone had KRACK vulnerabilities and the only way to solve it was to root the phone and put my own firmware on it or buy a new phone. I opted for the latter because 1.5 years later I could get an amazingly nice phone for the same money as what I had paid earlier.

    If your client is vulnerable to KRACK it's vulnerable to everything that's come out since KRACK was released if not the stuff before it. No router can solve all of them.
     
    kille72 likes this.
  99. txnative

    txnative Networkin' Nut Member

    Thank you for the patch cmd, I saw the patch but i forgot how to do patch cmds, I'll be more keen in the future.
     
  100. MongooseProXC

    MongooseProXC New Member Member

    A big thank you to kille72 and pedro311 for keeping the MIPS routers alive!

    So, what is the consensus on migrating to FreshTomato from the Shibby builds? Currently, I'm running Shibby's v140 on my E3200. Everything seems fine to me, but obviously I'm missing out on some new stuff.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice