1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Fork] Tomato by Shibby, compiled by @kille72

Discussion in 'Tomato Firmware' started by kille72, Mar 24, 2017.

  1. AndreDVJ

    AndreDVJ Addicted to LI Member

    I can't make Virtual Wireless work properly on AT GUI. No idea what's wrong with the code.

    About scan function in basic-network, unfortunately the Wireless Survey rework introduced the issue. I reverted that commit in my local repo and it's working again.

    Those are the reasons my online repo was quiet (I messed up my local repo some time ago). I'll push to git all my changes (and struggles) anyway.
     
  2. edusodanos

    edusodanos Serious Server Member

    I also have this bug
     
  3. sszpila

    sszpila Reformed Router Member

    On beta 9 everything works fine. [​IMG]

    Wysłane z mojego 2014811 przy użyciu Tapatalka
     
  4. Yim Sonny

    Yim Sonny Reformed Router Member

     
  5. Yim Sonny

    Yim Sonny Reformed Router Member

    I couldn't find beta9 download anywhere. Tried v139 and Shibby 32. Both are missing QOS details.
    The Shibby instruction video shows him setting the MAC addresses to defaults. I did that and then also changed the MAC addresses to random. The QOS details did show properly just after setting to Random and saving. Then I turned QOS off and back on. The problem returned. No more QOS details. After 45 more minutes of changing firmware, rebooting, changing MAC address, clearing browser cache, etc. it has not yet again shown the QOS details. That one time it worked must have been a fluke. Cannot get it to work again.

    Is there a way to get a copy of Beta 9 anywhere ? I would like to give it a try.
    Thank you.

    Edit - Connections for ICMP protocol also show up. If I ping Google.com it shows in the connections, but only that ICMP connection. The other hundreds of connections still are missing from view.
     

    Attached Files:

    Last edited: Nov 19, 2017
  6. pegasus123

    pegasus123 Addicted to LI Member

    I'm using R7000 and B12 Pedro version don't see this issue with QOS. The only thing I'm not seeing is the rule no. that was matched.
     
    Mercjoe likes this.
  7. Darkbing

    Darkbing Network Newbie Member

    Just to ask guys, has the multiwan and qos issue / bug had already been resolved or will be solved on the next release? Thanks and have a nice day!
     
  8. Yim Sonny

    Yim Sonny Reformed Router Member

    Thanks. This is my first ARM router and had forgotten that Pedro compiled some versions.

    The QOS details bug is due to deleting all QOS rules. I never use the default rules and delete them all as part of the initial router setup. When I flashed B12 I left it at defaults and the QOS details worked. After deleting all QOS rules and rebooting the computer, the problem returns. After creating one rule to match all traffic going to my computer the QOS graph does indicate the connections but the details of that category and the main QOS details are not showing any of the connections.

    I use Tomato primarily for custom QOS control and need the QOS rule system to work properly. Just upgraded to 300 Mbps internet and need ARM powered router. Will need to wait for debug before can use ARM.
     
  9. octopus

    octopus Network Newbie Member

    Hey @kille72! Thanks for updating your fork. Any chance for supporting Huawei WS880? It is supported by Shibby, curious why did you left it out.
     
  10. pegasus123

    pegasus123 Addicted to LI Member

    hmm. i cant be certain, i just upgraded to b13 by kille72 and no issues with QOS still. also, i dont use the default as well basically i deleted everything and created my own entries.

    [​IMG]
     
  11. Yim Sonny

    Yim Sonny Reformed Router Member

    Thank you for the info. I would very much like to get mine working and I appreciate your help. I still do not seem to be successful. I just re-confirmed with b13 AIO.

    Here are my exact steps :
    NVram erase thorough ( router restarts )
    Delete all QOS rules
    Create rule to match my computer MAC and assign to "Service" class
    Enable QOS
    Reboot Router
    Open browser to Google News and browse around

    Result :
    QOS - Graphs show "Service" has 45 connections. Un-Classified has 36.
    Open "Unclassified" and it reports (1) connection and shows IGMP source 224.0.0.0 dest 0.0.0.0
    "Service" should be showing the 45 connections to my computer as matched by the rule. It reports (0) connections and shows none at all.
    QOS - Details reports only (1) connection and shows IGMP source 224.0.0.0 dest 0.0.0.0 but should be showing the 36 and 45 all together.
    Back to the graphs view again and both the "unclassified and service" classes show a dwindling but still numerous connection count.
     
  12. Yim Sonny

    Yim Sonny Reformed Router Member

    More testing and trouble shooting. Notes below as I documented while testing.

    NVram Clear thorough erase
    Entire router and all 50 QOS rules at default
    Browse internet by opening several news pages on Google News
    Graphs show plenty of connections in every class except "crawl".
    There are no default rules pointing to "crawl" class
    Open various class views and all show their matched connections to my computer
    Open QOS - Details and it is loaded with long list of connections to my computer
    Create new QOS rule matching my computer and assign to "Crawl". Move to top of QOS rule list.
    My rule is now #1 of 51 rules
    Refresh several news websites
    Crawl graph reports numerous connections. Opening Crawl details shows the connections matched to my computer as it should be showing.
    Reboot Router. Refresh websites.
    Graphs now show numerous connection but only in Crawl and Unclassified connections as expected.
    Details of "crawl" and "unclassified" classes, and "QOS - Details" are all showing their connections as expected.
    Delete all 50 default rules and leave only my custom QOS rule.
    Reboot router. Refresh websites. Graphs view show Crawl has 114 connections and unclassified has 35. No other classes have any connections.
    Details of Crawl reports (0) and shows no connections. Details of unclassified and QOS - Details both show (1) connection, the IGMP one.

    Deleting the 50 default QOS rules, leaving my custom rule and rebooting the router breaks the QOS detailed view. :eek:
     
    Last edited: Nov 20, 2017
  13. pegasus123

    pegasus123 Addicted to LI Member

    ^ can you try not deleting the "service" DNS 53. I think thats the only thing i didnt delete.
     
  14. pedro311

    pedro311 Serious Server Member

    It doesn't work either. :(
     
  15. DooZer

    DooZer Network Newbie Member

    You can easily debug with chrome to see whats the problem with it. Put bp on the scan function and see whats going on.
     
  16. Yim Sonny

    Yim Sonny Reformed Router Member

    Yes, that was the culprit. Thank you very much ! I was planning to go through them one at a time tomorrow but you saved me the time. Much obliged.
     
    pegasus123 likes this.
  17. bille flour

    bille flour Networkin' Nut Member

    Another bug; on basic-wireless filter. I cant select device for block or permit wireless. Can you fix it?
    Thanks
     

    Attached Files:

  18. bille flour

    bille flour Networkin' Nut Member

    Sorry. I found it.
    Advanced - Virtual Wireless Interfaces - eth1(wl0)
     

    Attached Files:

  19. rs232

    rs232 Network Guru Member

    How does this version relate to 2017.2?

    I haven't fully tested but 2017.2 (ipset 6.32) seems to be working fine with P2Partisan where 2017.3b13 appears to have issues (ipset 6.34) on same script and same settings.

    Thanks
     
  20. xhaloz

    xhaloz Network Newbie Member

  21. Elfew

    Elfew Network Guru Member

    OK, so there are steps how to reproduce/debug this ugly bug... good work! I hope it will be easy to fix that - @pedro311 :)

    About PPPoE - it works for me (I had issues with v140 shibby) - so really nice, good job!
     
  22. Kala Que

    Kala Que New Member Member

    New here.

    I was wondering if you don't support special charectors (?<>) in WPA key. It was supported in WRT54GL which I had Tomato running for years. Just tried the same key on R8000 and doesn't work. Can anyone help in finding a version that supports special charectors?

    Thanks!
     
  23. rs232

    rs232 Network Guru Member

    Please open your own thread.

    Thanks
     
  24. Solace50

    Solace50 Network Newbie Member

    @kille72 Ive recently noticed the BW limiter cripples Intranet throughput to a crawl when enabled you can reproduce by enable/disabling while doing a FTP/samba transfer but anything external seems unaffected with normal speeds.
     
  25. pedro311

    pedro311 Serious Server Member

    EDIT: Files deleted because of failure. Will upload corrected files again tomorrow.

    EDIT2: Corrected files uploaded. Happy testing!

    freshtomato-arm 2017.3b16 has been released!

    Downloads (see appropriate subfolder):
    https://mega.nz/#F!QywknIpa!5JwWNIfEwCOKXqXG0AOh4w

    Changelog (bitbucket, 20 commits since the last 2017.3b13 release):
    https://bitbucket.org/pedro311/freshtomato-arm/commits/all

    Feedback welcome, specially from those on PPPoE/PPTP/L2TP wan connections (see below)!

    I fixed (among others) a start of the "redial" deamon, responsible for the reconnect in Keep Alive mode, which didn't start in previous version of the firmware.
    There could be more bugs about that reconnect, but let's start from something...



    *** In case of (still) lack of reconnect, how to report it: ***

    In: Tools -> System Commands (*):
    Code:
    nvram set mwan_debug=8
    nvram commit
    Click: Execute

    In: Basic -> Network:
    1. MultiWAN -> Check connections every -> Disabled
    2. WAN Settings -> Type -> PPPoE/PPTP/L2TP/3G Modem (as required)
    3a. WAN Settings -> DNS Server -> Manual; Set both (important!) to nothing (del) _and_ after that, set: DNS Server -> Auto
    and/or:
    3b. WAN Settings -> DNS Server -> Manual, and set the appropriate dns (in feedback, let me know if 3a or 3b or both)
    4. WAN Settings -> Connect Mode -> Keep Alive
    5. WAN Settings -> Redial Interval -> 10
    6. [PPPoE/PPTP/L2TP]: WAN Settings -> Use DHCP (as required, but let me know about it)
    7. Use dnscrypt-proxy -> OFF (important, there are more serious problems with this, I'll deal with it later)
    8. Enable DNSSEC -> OFF (so to not complicate it more)
    Click: Save

    *** Wait about 5 minutes and reboot (necessarily) your router. You're ready to go! ***



    So if you encounter a problem with reconnect after disconnection, take a log about 10 secs earlier than that disconnect and about 1-2 minutes long.
    Thanks.


    * to go back, set:
    Code:
    nvram set mwan_debug=0
    nvram commit
     
    Last edited: Dec 2, 2017
  26. PetervdM

    PetervdM Network Guru Member

    thx pedro for this new build.
    i use a static wan address and installed this build over your previous one on a R8000. i also use dnssec and dnsproxy, but for test disabled them both. i could re-enable dnssec, but the dnsproxy dialog is completely gone. as i value dnsproxy very much i had to rollback to the previous build.
    thx for your hard work!
     
  27. pedro311

    pedro311 Serious Server Member

    What do you mean "dnsproxy dialog is completely gone"? (screenshot)
    What is your router?
    Thanks.
     
  28. user17600

    user17600 Network Newbie Member

    Pedro, will there be a R-7000 AIO for this build?

    Thanks for all the work you do!
     
  29. pedro311

    pedro311 Serious Server Member

  30. PetervdM

    PetervdM Network Guru Member

    my router is R8000. see requested screenshots below, upper is B16, below is B12. thx for looking into this. b16.jpg b12.jpg
     
  31. pedro311

    pedro311 Serious Server Member

    Strange... Try to clear cookies/cache in browser. It must be there ;)
     
  32. ghoffman

    ghoffman LI Guru Member

    @peterdvm, pedro311:
    im using Tomato Firmware 1.28.0000 -2017.3b16-pedro- K26ARM USB VPN-64K:
    i can confirm the absense of dnscrypt-proxy checkbox and submenus. both with chrome and edge.

    i upgraded from pervious version without clearing nvram. im. not in a position to clear and reset the whole system right now.
     
  33. pedro311

    pedro311 Serious Server Member

    Your're right, something went wrong with my make-batch script. Will upload corrected files again tomorrow.
     
    The Master likes this.
  34. ghoffman

    ghoffman LI Guru Member

    @Pedro -thank you do much for your efforts!!!!
     
  35. edusodanos

    edusodanos Serious Server Member

    @pedro311 can you fix this?
     
  36. pedro311

    pedro311 Serious Server Member

    I have no idea :p
     
    edusodanos likes this.
  37. pedro311

    pedro311 Serious Server Member

    Files of 2017.3b16 uploaded (again) to mega. This time, I hope everything will be fine ;)
     
  38. PetervdM

    PetervdM Network Guru Member

    thx for the new upload. the dnscrypt dialog is back, but dnscrypt is not working. i think this is the culprit:
    "daemon.err dnscrypt-proxy[xxxx]: No useable certificates found"
    the file /rom/etc/dnscrypt-resolvers.csv is of different size between b12 and b16, maybe something went wrong while updating, although i see no dns-proxy entry in your bitbucket.
    fwiw i use cisco opendns. router is R8000.
    edit:
    i took the values from the resolver file and entered them as "manual entry" and made it work in b12. after upgrading to b16 dnscrypt failed again. so maybe the resolver file is OK after all.
     
    Last edited: Dec 2, 2017
  39. pedro311

    pedro311 Serious Server Member

    I have no problem with that image from mega on my rt-n18u...
    btw: remember that the list of dnscrypt servers is changing constantly, maybe you have chosen actually not working server?
     
  40. PetervdM

    PetervdM Network Guru Member

    that's why i entered the server and parameters in the manual boxes in b12 to exclude the dnscrypt resolver file dependency. that works in b12. installing b16 over b12 breaks dnscrypt, even if i save the values again. i also saw in my dns log at opendns tens of thousands of "A" requests for "com", and hunderds of "eu", "org" and "nl" while in dnsmasq i have "domain-needed" in the custom configuration. this should block requests not containing a dot. also tens of thousands "A" requests for a sipserver which is completely unknown to me. i had to rollback to b12. thx for your efforts.
     
  41. pedro311

    pedro311 Serious Server Member

    OK, so what is your whole dnscrypt-proxy configuration (mean, as on picture), and the custom one (in "Dnsmasq
    Custom configuration")?

    EDIT: I've seen again your earlier screenshot: did you use "cisco" as a resolver? You can't use it and have DNSSEC checked at the same time. That resolver have no DNSSEC validation.
     

    Attached Files:

    Last edited: Dec 3, 2017
  42. PetervdM

    PetervdM Network Guru Member

    @pedro311 , pls find requested data below:
    screenshot dnscrypt. the key is longer but cannot be fully displayed in the field.
    dnscrypt-manual.jpg
    edited dnsmasq.conf file from /etc. some data has been masqued.
    dnsmasq-log.txt: entries from the syslog file b12 since last restart. the first entry of dec 3 checks the dnssec timestamps after time has been set, no error has been returned.
     

    Attached Files:

  43. pedro311

    pedro311 Serious Server Member

  44. dowden

    dowden Reformed Router Member

    I am using Asus RT-AC68R/U, flashed 2017.3b16, and clear NVRAM.

    >Basic >Network >Wireless
    when I click on Scan, looks like it's scanning, but it doesn't show the result

    with b13, it doesn't scan at all.
     
    pedro311 likes this.
  45. PetervdM

    PetervdM Network Guru Member

    i tried:
    in b13 disable dnssec -> works, no difference
    flash b16 -> works
    erase manual entry and choose "cisco" -> works
    enable dnssec -> fail
    disable dnssec -> works
    choose "securedns" ( supports dnssec ) -> works
    enable dnssec -> works
    choose "cisco" again -> fail
    disable dnssec -> works

    so afterall it seems to be the enabling of dnssec while using cisco ( and probably other dnscrypt providers that don't support dnssec ) to be the root cause.
    curious that this setting has been working for me for at least 2 years this way.
    thx for your assistance!
     
  46. pedro311

    pedro311 Serious Server Member

    Yes, it's known issue caused by this commit: https://bitbucket.org/pedro311/freshtomato-arm/commits/e2a0fea4867595a9478d0216a176edf8300d923d
    Need more time to solve it.

    Good to hear it ;) Probably after one of the dnsmasq upgrade, its behaviour has changed.
     
    dowden likes this.
  47. My Name

    My Name Serious Server Member

    @pedro311 When time permits, can you add the Tenda AC15 to your latest 2017.3b16 updates/

    Thanks
     
    Techie007 likes this.
  48. pedro311

    pedro311 Serious Server Member

    Added, you'll find it in 2017.3b17 subfolder, as a bonus ;)
     
    Techie007 likes this.
  49. My Name

    My Name Serious Server Member

    Thanks. Downloaded. Will post back in a couple of days as to how it is running on the AC15.

    FYI, Microcenter website has the Tenda AC15 for $39.99 these days.
     
  50. Marios

    Marios Network Newbie Member

    Hi, is there any chance linksys e3000/e900 can be supported?
     
  51. The Master

    The Master Network Guru Member

    e900 is mips not arm so no :(
     
  52. Techie007

    Techie007 Serious Server Member

    Where? I just looked and they are $54.99. Still a steal for a router this good, but I would've latched up a few at $39.99! :)
     
  53. Wizardknight

    Wizardknight Connected Client Member

    I just picked up an EA6700, and I was having issues where the 2.4ghz would disappear after I loaded in my settings. I figured out that it was being caused by the 32K nvram bug. Does anyone know a workaround for that? I have not been able to find one. If I can't use tomato on the router, I will just have to ebay it. :(
     
  54. pomidor1

    pomidor1 Serious Server Member

  55. My Name

    My Name Serious Server Member

    They were still $39.99 at the web store when I posted and I bought one locally for $39.99 but I see they are back up to $54.99 today.:(

    FYI, been busy last couple of days and am still programming the Tenda AC15 but so far everything looks OK running @pedro311 latest.

    I have a couple of them already running the last version of @Toastman but plan to convert all of them to @pedro311 as time permits to take advantage of the updates.

    Hopefully down the road we will get some relief on the KRACK thing.
     
    Techie007 likes this.
  56. My Name

    My Name Serious Server Member

    @pedro311 Running your latest TendaAC15 firmware on my new TendaAC15 as an Access Point via a cat5e cable from my main TendaAC15 which is still on @Toastman last firmware.

    The main Tenda AC15 router has two tagged Vlans on VIDs 10 and 11 on Lan Port 1. The new TendaAC15 AP has the same two tagged Vlans on VIDs 10 and 11 on Lan Port 1. The cat5e cable feeds from the main router to the AP.

    The two Vlans support two separate wireless and wired subnets on the AP to isolate certain wired and/or wireless clients (Roku boxes and/or Smart TVs) from my main network.

    So far everything is working fine for what I use it for.

    I am not using QOS or Muliple WANs now or in the past so can't speak to any of that.

    Did notice one thing that has probably nothing to do with @pedro311 or @Toastman firmware. I had the WAN port bridged to the Primary Lan on the @pedro311 AP and used the WAN port to feed a device on that AP. It was working fine except when I tried changing the type from ' Gateway' to ' Router ' the WAN port quit working. Changing the type back to 'Gateway' fixed that. That setting is under Advanced, Routing as I recall and is probably normal operation.

    Also, as I have posted previously, I have a 2.4 Ghz network and a 5 Ghz network with a Virtual Wireless 2.4 Ghz network and a Virtual Wireless 5 Ghz network. Every time I assign this many networks, one of them will end up with a duplicate MAC Address. When this happens, go to Advanced, MAC Address and reassign one of the duplicates with a different MAC Address to fix it. Nothing new, just need to know about it.
     
  57. Sean B.

    Sean B. LI Guru Member

    Normal. Changing from gateway to router mode flushes all iptables rules, the routing table, and disables NAT among other things I'm likely forgetting. When this happens the route from the switch ( the LAN ports ) and it's interfaces ( br0, br1 etc ) to the separate CPU-path'd WAN port are lost. This could be fixed manually via CLI but not many situations really require router mode anyway.

    Normal. Virtual sub-interfaces inherit the MAC of the parent interface.
     
  58. Nathan Ellsworth

    Nathan Ellsworth Connected Client Member

    Here is a chart I put together in Excel after looking through Shibby's make files. You can glean what the differences are between VPN and AIO builds.

    - Nathan
     

    Attached Files:

  59. monoton

    monoton Connected Client Member

    Well, they doesn't for me, This is what I get:

    Newly reset router
    ---------------------
    Router's LAN MAC Address___48:xx:xx:xx:xx:5C
    WAN Port___________________48:xx:xx:xx:xx:5D
    Wireless Interface eth1____48:xx:xx:xx:xx:5E
    Wireless Interface eth2____48:xx:xx:xx:xx:5F

    With some Virtual Wireless Interfaces
    ------------------------------------------
    Router's LAN MAC Address___48:xx:xx:xx:xx:5C
    WAN Port___________________48:xx:xx:xx:xx:5D
    Wireless Interface eth1____48:xx:xx:xx:xx:5E
    Wireless Interface eth2____48:xx:xx:xx:xx:5F
    Wireless Interface wl0.1___4A:xx:xx:xx:xx:5F
    Wireless Interface wl0.2___4A:xx:xx:xx:xx:50
    Wireless Interface wl0.3___4A:xx:xx:xx:xx:51
    Wireless Interface wl1.1___4A:xx:xx:xx:xx:50
    Wireless Interface wl1.2___4A:xx:xx:xx:xx:51
    Wireless Interface wl1.3___4A:xx:xx:xx:xx:52

    When I press the "Default" MAC Address button, some interfaces will get the same MAC. When that happens the settings cannot be saved (error messege: Addresses must be unique)

    Router's LAN MAC Address___48:xx:xx:xx:xx:5C
    WAN Port___________________48:xx:xx:xx:xx:5D
    Wireless Interface eth1____48:xx:xx:xx:xx:5E
    Wireless Interface eth2____4A:xx:xx:xx:xx:5F
    Wireless Interface wl0.1___4A:xx:xx:xx:xx:5F
    Wireless Interface wl0.2___4A:xx:xx:xx:xx:60
    Wireless Interface wl0.3___4A:xx:xx:xx:xx:61
    Wireless Interface wl1.1___4A:xx:xx:xx:xx:5F
    Wireless Interface wl1.2___4A:xx:xx:xx:xx:60
    Wireless Interface wl1.3___4A:xx:xx:xx:xx:61


    Could never understand how Tomato came up with these values, so I have always manually set all interfaces to a unique MAC.

    Linksys EA6400 - xvortex CFE - 1.28.0000 -2017.3b13-kille72- K26ARM USB AIO-64K
     
    Last edited: Dec 8, 2017 at 4:26 PM
  60. Techie007

    Techie007 Serious Server Member

    While we're talking about Virtual WiFi and MAC addresses, I've noticed that I can't independently set different MAC addresses for multiple Virtual WiFi access points. I can set the MAC addresses for main and first virtual to whatever, but the remaining virtual access points have to have a similar MAC address to the first virtual access point. Otherwise, the virtual access points show as having a MAC address of 00:00:00:00:00:00 and don't work reliably.
     
  61. monoton

    monoton Connected Client Member

    Strange. I can't set the same MAC on any interface without getting the message "Addresses must be unique"
     
  62. Sean B.

    Sean B. LI Guru Member

    Couldn't tell you why your setup is different, as I've never bothered looking into what specifics govern virtual interface MAC addressing. But I can say the behavior you describe is not what I'd call expected.
     
  63. monoton

    monoton Connected Client Member

    Here's the MAC addresses from an old Linksys WRT54GL. Can't find the logic here either.

    Newly reset router
    ---------------------
    Router's LAN MAC Address___C0:C1:C0:18:10:59
    WAN Port___________________C0:C1:C0:18:10:5A
    Wireless Interface_________00:90:4C:5F:00:2A


    With some Virtual Wireless Interfaces
    ------------------------------------------
    Router's LAN MAC Address___C0:C1:C0:18:10:59
    WAN Port___________________C0:C1:C0:18:10:5A
    Wireless Interface eth1____00:90:4C:5F:00:2A
    Wireless Interface wl0.1___02:90:4C:5F:00:2B
    Wireless Interface wl0.2___02:90:4C:5F:00:28
    Wireless Interface wl0.3___02:90:4C:5F:00:29


    When I press the "Default" MAC Address button
    -----------------------------------------------------
    Router's LAN MAC Address___C0:C1:C0:18:10:59
    WAN Port___________________C0:C1:C0:18:10:5A
    Wireless Interface eth1____C0:C1:C0:18:10:5B
    Wireless Interface wl0.1___C2:C1:C0:18:10:5C
    Wireless Interface wl0.2___C2:C1:C0:18:10:5D
    Wireless Interface wl0.3___C2:C1:C0:18:10:5E


    This loks a bit more logical but after a save and a page reload the MAC Addressses will change to the following:

    Router's LAN MAC Address___C0:C1:C0:18:10:59
    WAN Port___________________C0:C1:C0:18:10:5A
    Wireless Interface eth1____C0:C1:C0:18:10:5B
    Wireless Interface wl0.1___C2:C1:C0:18:10:58
    Wireless Interface wl0.2___C2:C1:C0:18:10:59
    Wireless Interface wl0.3___C2:C1:C0:18:10:5A


    Still get the "Addresses must be unique" message if I try to set the same MAC to more than one interface.

    I also remember I used to change MAC addresses on the ASUS RT-AC66U but I recently sold that one so I cannot check.

    I have made it a habit to manually change the MAC addresses to some sort of logical structure.


    Linksys WRT54GL - 1.28.0000 MIPSR1-140 K26 MiniIPv6
     
    Last edited: Dec 9, 2017 at 12:25 PM
  64. madpanter

    madpanter Networkin' Nut Member

    any news for only vpn version?
     
  65. kille72

    kille72 LI Guru Member

    Last edited: Dec 10, 2017 at 6:46 PM
    M_ars, edusodanos, somms and 3 others like this.
  66. Mr Dini

    Mr Dini New Member Member

    Hi,

    First of all, I am glad to hear that someone takes care of the awesome Tomato project again. Thank you guys for all your efforts.

    I am using the old but stable Shibby build (v132 MAX) right now, because the multiWAN support isn't necessary for me. It works well on a MIPS router, but I am considering an update to this promising build.

    While upgrading I should reset the NVRAM, or it isn't required? Is there a way to compile this build without mulitWAN support? Like a configure flag which disables that?

    And I have a guest SSID with radius (WPA2-Enterprise) authentication. It works well, with the current v132 Shibby build, but I am really missing the accounting functionality. In that way I could limit my users' traffic and so on. :cool: Do you guys considering this feature to be added in the future? Should be appreciated.

    Thanks a lot.
     
    Last edited: Dec 10, 2017 at 9:43 PM
  67. Mr Dini

    Mr Dini New Member Member

    Ohh, I see now. This build is only for ARM devices. Sorry.

    BTW I know, it is a constantly evolving question, but is there any technical obstacle about the MIPS compiling?
     
    Last edited: Dec 10, 2017 at 6:55 PM
    kille72 likes this.
  68. somms

    somms Network Guru Member

    Just finished upgraded to tomato-R7000-ARM--2017.3b17-kille72--VPN-64K on my R7000 following a full NVRAM flush w/o issue...thanks!;)
     
    kille72 likes this.
  69. eangulus

    eangulus Network Guru Member

    Just tried 2017.3b17 ARM on an Asus RT-AC3200.

    The moment I updated, I lost all Internet. It made a connection but had not traffic at all.

    I run on 100Mb/40Mb Fibre and it uses a PPPoE connection. Nothing else was changed other than the update.

    The moment I downgraded back to 2017.2b13 everything came up and back to normal.
     
  70. kille72

    kille72 LI Guru Member

    You must clear NVRAM and configure your router again. There were many changes between these versions...
     
  71. eangulus

    eangulus Network Guru Member

    Really? Bugger. I know it's good practise and I do do it between major versions, but it's very tedious having to add my hundreds of IP/Mac pairs and QoS rules.

    May try again over the weekend when I have a few hours spare.

    Sent from my Pixel XL using Tapatalk
     
    kille72 likes this.
  72. Jlove3184

    Jlove3184 Network Newbie Member

    I noticed an bug with this build involving DNScrypt. When DNScrypt is enabled, I don't get an internet connection. I've restarted PC, router and modem. Issue still occurs. I've switched from cisco, to adguard on the DNScrypt options and got the same result. On the b13 build this worked perfectly. Just wanted to point this out.
     
  73. kille72

    kille72 LI Guru Member

    Try other dnscrypt providers that support dnssec:
    https://www.linksysinfo.org/index.p...compiled-by-kille72.73397/page-13#post-292740
    https://www.linksysinfo.org/index.p...compiled-by-kille72.73397/page-13#post-292742
     
  74. gowri.allison

    gowri.allison New Member Member

    kille72 & pedro311 i see that many people ask you about MIPS&MIPS2 maybe in free time you will look into this? guyes make tomato great again !! ;) not each one have arm half of us still have older hardware with many security holes
     
  75. kille72

    kille72 LI Guru Member

    Personally, I do not have time to deal with MIPS...
     
  76. gowri.allison

    gowri.allison New Member Member

    I know. free time is only for us! but I'm not talking about support in 100% like you do with pedro in arm project. something like 1-2 version in year only fix BIG security issue. for example now we have old dnsmasq version and we are vulnerable for dnsmasq exploit by visiting a compromised site. in future there will be only worst! all of us would be grateful if you occasionally fix some security issue
     
  77. _s3n0_

    _s3n0_ New Member Member

    @kille72:

    And what about WPA2 KRACK security ? No news ? However, this so-called KRACK is a pretty serious disruption to WPA2 security and the update would be needed. Would you be able to implement the patch at least in your TomatoShibby@kille72 firmware edition? :) We would all be very grateful to you ! In my opinion, it will not be easy to fix, as TomatoShibby uses the older kernel version 2.6.

    I figured TomatoShibby's creator since he's married, so he does not have enough free time to regularly update his firmware. This so-called KRACK is a serious violation of WPA2 security, and we need to fix this security vulnerability. The latest version from TomatoShibby is pretty old (May-2017).

    For example, one of the many discussions is - here:

    In the DD-WRT firmware is all done (already patched). More info about that is here:

    @gowri.allison:

    If you want a Tomato firmware for MIPS architecture, use TomatoShibby firmware. There is support for many MIPS routers as well.

    My personal opinion is that she would like some change. Tomato firmware has always been very popular with me. The kernel 2.6 that uses Tomato Shibby is pretty outdated. K3.x has already begun to be used in the new firmware, and it also begins to be old :).
     
    Last edited: Dec 12, 2017 at 2:19 PM
  78. pomidor1

    pomidor1 Serious Server Member

  79. rs232

    rs232 Network Guru Member

    I can confirm that the problem disappeared after an cleaning the NVRAM so please ignore.
     
    kille72 likes this.
  80. SpockWRT

    SpockWRT New Member Member

    I have a question regarding spillover-based load balancing on Tomato. Is it (easily) doable?

    My scenario:
    • a broadband connection on WAN1, low speed, unlimited usage, just enough for email, minimal web browsing, and generally being connected to the net
    • a mobile broadband connection on WAN2, high speed, but limited usage and costly per MB
    So what I want to do is to switch from WAN1 to WAN2 once a certain bandwidth has been exceeded (on demand, say because I am streaming a movie), and switch back to WAN1 when the bandwidth settles below the threshold.

    I know I can get a commercial (e.g. SonicWall or Fortigate) load balancing router to do this, but can it be done with Tomato Shibby/Kille72?

    Thus far I have found only round-robin or ratio-based setups, which is not what I am looking for, since that taps into WAN2 unnecessarily.

    Thanks for any insights you may have!
     
  81. Elfew

    Elfew Network Guru Member

    Unfortunately not...
     
  82. SpockWRT

    SpockWRT New Member Member

    Is there a tool that measures the current load on the active WAN interface? That could lead to a script...
     
  83. mauriga

    mauriga Network Newbie Member

    Id like to link my WAN2 to my iPad (hotspot switched on).
    I wonder if I have to set Wan2 to DHCP or static plus how to set DNS server (manual or auto).

    tnx for your help.

    mau----
     
  84. cergo666

    cergo666 New Member Member

  85. kille72

    kille72 LI Guru Member

    How about Huawei WS880, Xiaomi R1D and Dlink DIR868L? Is there any interest?
     
    cergo666 likes this.
  86. Jlove3184

    Jlove3184 Network Newbie Member

    kille72 likes this.
  87. Nathan Ellsworth

    Nathan Ellsworth Connected Client Member

    I just want to say thank you to Kille72 and Pedro311 for their continuing work on Tomato (and Shibby of course). I just successfully flashed 2017.2 build on two Netgear R6300v2 and two Linksys EA6700 routers. I'm using them as 802.11ac access points (Ethernet-connected) so I can get good 5GHz coverage throughout my house.

    I can post more details on the steps I took if anyone is interested. These models were pretty cheap on eBay (~$30 each). For the EA6700's, I had to downgrade the firmware to a factory version that still allowed unsigned upgrades. Then I put on the special XVortex DD-WRT firmware with the new CFE which fixes the 32KB NVRAM bug. And then I used the CFE Miniweb page to upgrade to Kille72 build.

    For the Netgears, it was slightly easier, but I ended up with the Charter variant of the R6300v2, which is initially stuck with an old firmware. But the DD-WRT people figured out how to "upgrade" it to a non-Charter version. See: https://www.dd-wrt.com/wiki/index.php/Netgear_R6300v2

    Nathan
     
    Last edited: Dec 13, 2017 at 10:51 PM
  88. Wizardknight

    Wizardknight Connected Client Member

    I would like to know more about your EA6700 firmware experience. Can you also touch on usb performance after the firmware change. I thought the firmware change killed one of the usb ports from what I read too.
     
  89. Bunsen

    Bunsen New Member Member

    I know there are many dd-wrt users of DIR868L Rev.A that have been looking for a solution to update to.
    Over a year ago there was a wifi driver change that causes a kernel panic. The request to revert the change has gone unanswered even though the fix is documented: http://svn.dd-wrt.com/ticket/5963
    Read a little of the dd-wrt forum links on the subject to get a sense of the frustration; I would bet you'll grab many of users there.
     
  90. cergo666

    cergo666 New Member Member

    Huawei WS880 interests, about the rest I can not say. Very much I ask to enter its support.
     
  91. kille72

    kille72 LI Guru Member

    Ok, I will compile version 2017.3b17 tonight for WS880 (VPN+AIO) which you can test.
     
    cergo666 likes this.
  92. cergo666

    cergo666 New Member Member

    Thank you very much!
     
    kille72 likes this.
  93. rs232

    rs232 Network Guru Member

    It seems like I talk to quickly, today the issue is back. I did some little digging and from the first investigation it seems like a issue with the RETURN iptables function.

    I have 2 different routers one running 2017.2 and the other 2017.3b17 they both suffer the same issue.

    Was the iptables code touched post 2017.1 ?
     
  94. kille72

    kille72 LI Guru Member

    I don't think so:
    https://bitbucket.org/kille72/tomato-arm-kille72/commits/all?search=iptables
     
  95. Mercjoe

    Mercjoe Network Guru Member

    Bug report:

    After much testing of the 2017.2 and the last 2 beta I can now say that something has broken IPv6 for me in the latest releases.

    When I reflash back to 2017.2 I have no problems with IPv6 access. On the last 2 betas I get a DNS failure with the same configuration. Each time I flash I manually configure all settings, no file restores are done.

    I have a UVerse DSL connection and I use 6rd Relay with DNS manually pointing to the Google IPv6 DNS servers.

    Currently I am on 1.28.0000 -2017.3b17-kille72- K26ARM USB AIO-64K and if I turn on IPv6 all internet connectivity is broken on a windows 7 and both windows 10 machines with a DNS failure message. As soon as I disable IPv6 everything returns to normal.
     

Share This Page