ASUS RT-AC68U Firmware version 3.0.0.4.374.5047

[ualdrivr]

Nope not me running good here. All computers,tablets,phones,and roku boxes.

Jim, have you tried AirPrint or WiFi print on the new version yet? If yes can you report any irregularities if any, please? Thanks.

 

[jim769]

Jim, have you tried AirPrint or WiFi print on the new version yet? If yes can you report any irregularities if any, please? Thanks.

Sorry i dont use any of those features. I just use my router for routing and not much more at least right now.

 

[drabisan]

My laptop connects to 450mbps. It has a common Intel 6300 abgn adapter.
I first saw this in 4887 beta and I thought it may be a mistake. In the final 5047 it looks the same. I can't say I'm seeing any difference in speed on 5GHz.

Probably "new" beamforming?
At least it it stable. It manage not to reboot by itself though I stressed wireless as much as I could.

 

[GrinningShark]

Jim, have you tried AirPrint or WiFi print on the new version yet? If yes can you report any irregularities if any, please? Thanks.

Airprint working fine here. I have never had any issues with it, this includes prior firmware versions.


Sent from my iPad using Tapatalk

 

[Pedro]

My laptop connects to 450mbps. It has a common Intel 6300 abgn adapter.

It was stated since 4887 improvements 6300 card.

Here I noticed from AC68U wireless log It´s keeping 40mhz for 2,4ghz and no interferences at all. Before updating always used 20mhz instead 40mhz. Does It have to do with beamforming improvements?

 

[Patricia]

Random Q - can ac68r make non airprint printer airprint compatible? It doesn't look like it from printer sharing options but thought I'd double check here.

The other question which is more on topic... Why does the router management interface say I have the latest firmware when I'm not yet on 5047? I suppose I can manually download and apply the patch but kind of annoying their firmware update check doesn't work all the time.

On a more serious note It sounds like 5047 is rather serious update. I guess visiting a malicious website can spawn a hidden frame which sends a get request to my router which in turn installs malware via cmd line injection. (Assuming I'm already authed against the router). No ROP, PIE bypass, working around stack protector...just straight up cmd injection. Any script kiddy can author a payload to install malware on this router. I wonder if the ping,trace, etc runs as root? Hope not!

 

[hungarianhc]

I'm so happy to report that I have NOT upgraded to this firmware! Why?

Because with the most recent beta, it looks like Asus finally fixed the last bug that was bothering me (reboots). I can't wait for the Merlin based on this release, and then I can stop checking daily for firmware updates to fix my issues!

 

[jayboyyyy]

The other question which is more on topic... Why does the router management interface say I have the latest firmware when I'm not yet on 5047? I suppose I can manually download and apply the patch but kind of annoying their firmware update check doesn't work all the time.

what updates from the web gui isn't as up-to-date as the website. Most people that update from the gui are more common users. Not many manu push FW updates through gui that quickly because if things are working for a user, why push an update to them that may cause problems. So once something is super stable it may get sent to the place where the web gui calls to check and see if there is an update. Clearly this isn't a technical answers to your question. I can't speak that language. sorry.

 

[Patricia]

what updates from the web gui isn't as up-to-date as the website. Most people that update from the gui are more common users. Not many manu push FW updates through gui that quickly because if things are working for a user, why push an update to them that may cause problems. So once something is super stable it may get sent to the place where the web gui calls to check and see if there is an update. Clearly this isn't a technical answers to your question. I can't speak that language. sorry.

No worries. I think common user still need security updates pushed in a timely manner. The full details on how to achieve cmd injection on ac68r is on full disclosure mailing list. But yet I can't get the free update through the GUI? I don't think common users want their Emails, documents, photos, IM, banking pass codes, facebook and twitter login, etc stolen. Ideally the router should be auto-updating itself so common users don't need to worry about information safety or bank accounts.

I'd take random router reboots or asus cloud issues over my email or bank account getting stolen.

 

[RMerlin]

I wonder if the ping,trace, etc runs as root? Hope not!

Nearly everything runs as the superuser. This is common for the vast majority of home gateways, for design simplicity (and also because a lot of these are based on old, legacy codebases).

Keep in mind that for the httpd daemon to be able to restart system services while working with the webui, it must itself have superuser privileges.

 

[Patricia]

Nearly everything runs as the superuser. This is common for the vast majority of home gateways, for design simplicity (and also because a lot of these are based on old, legacy codebases).

Keep in mind that for the httpd daemon to be able to restart system services while working with the webui, it must itself have superuser privileges.

I see, are you aware of any home or commercial router that doesn't run everything as su? I get needing su for things like reboots but this can be exposed as a service that can be invoked via ipc. The service can be locked down to only perform a very specific predefined task. In the case of reboot op the worst that can happen if its repurposed is router DoS. How hard is it to make a change like this? I imagine you'd need to isolate all the code paths that require su, stick it in a elevated service then run everything else with lower privilege.

Note: It's more of an ask for asus since I know you're probably engaging here as a community service. We're thankful for that. I know it's not a cheap change but shouldn't require a complete rewrite of the legacy code base. Hence hope asus does this but I'm skeptical

 

[RMerlin]

I see, are you aware of any home or commercial router that doesn't run everything as su? I get needing su for things like reboots but this can be exposed as a service that can be invoked via ipc. The service can be locked down to only perform a very specific predefined task. In the case of reboot op the worst that can happen if its repurposed is router DoS. How hard is it to make a change like this? I imagine you'd need to isolate all the code paths that require su, stick it in a elevated service then run everything else with lower privilege.

Note: It's more of an ask for asus since I know you're probably engaging here as a community service. We're thankful for that. I know it's not a cheap change but shouldn't require a complete rewrite of the legacy code base. Hence hope asus does this but I'm skeptical

To do this would pretty much require scrapping the firmware and rewriting it from the ground up. Not gonna happen IMHO.

I'm not aware of any device that does this. For obvious reasons, business-class products like Sonicwall's or Juniper's won't disclose that kind of information. As for the more open-sourced solutions, I don't think any of them does.

 

[chercm]

I'm so happy to report that I have NOT upgraded to this firmware! Why?

Because with the most recent beta, it looks like Asus finally fixed the last bug that was bothering me (reboots). I can't wait for the Merlin based on this release, and then I can stop checking daily for firmware updates to fix my issues!

same here . still waiting for Merlin

 

[ualdrivr]

I'm so happy to report that I have NOT upgraded to this firmware! Why?

Because with the most recent beta, it looks like Asus finally fixed the last bug that was bothering me (reboots). I can't wait for the Merlin based on this release, and then I can stop checking daily for firmware updates to fix my issues!

same here . still waiting for Merlin

+1. I like 370.40 Alpha 4 a lot. Minor little things that I don't mind about, like the 5GHz light blinking slow and the fact that the Client List doesn't refresh, when I hit refresh, I can live without those. The Firmware is very stable otherwise, up time running, over three days now.

Waiting for the new Merlin firmware.

 

[drabisan]

It was stated since 4887 improvements 6300 card.

I missed that details.
And I was also wrong about the speed. It used to be simple to reach my ISP speed. But I never could get over 150mbps from that laptop to LAN.
I'm running several tests and now I constantly getting 300mbps either upload and download. And the speed it's very stable and that's what amaze me!
Cool!

 

[soleillune]

New bugs introduced with 5047

Reboot problem is resolved but now watching video lags. Lost of image when watching video on LaPresse+. Going back to Asuswrt_Merlin 374.40 alpha4

Till now, Asuswrt-Merlin 374.40 alpha4 is the most stable for RT-AC68U

Edit:
I've reinstall 5047 and don't no why, but this time there is no more lag on video using 2,4G and wireless printing is a lot better. Beamforming is enabled

 

[Pedro]

now I constantly getting 300mbps either upload and download. And the speed it's very stable and that's what amaze me!
Cool!

Really a great step up! Are you using 5ghz band?

Here can't catch such speed using a laptop because distance I´m from router (35feet). The 5ghz signal is weak and 2,4ghz is strong but never get 40mhz, so I´m using a second AC68u to do trick and can get up to 500mbps.

 

[drabisan]

Yes. 5GHz. Not too close to the router but no concrete walls in between.

 

[sanke1]

Thankfully we can put the rebooting issues to rest. But with this 5047 firmware I get these strange entries in log

pr  7 04:47:56 miniupnpd[3812]: HTTP listening on port 53092
Apr  7 04:47:56 miniupnpd[3812]: Listening for NAT-PMP traffic on port 5351
Apr  7 08:58:54 miniupnpd[3812]: sendto(udp): Operation not permitted
Apr  7 09:04:02 miniupnpd[3812]: Expired NAT-PMP mapping port 8080 TCP removed
Apr  7 09:04:02 miniupnpd[3812]: Expired NAT-PMP mapping port 8082 TCP removed
Apr  7 09:04:03 miniupnpd[3812]: Expired NAT-PMP mapping port 8083 TCP removed
Apr  7 09:04:03 miniupnpd[3812]: Expired NAT-PMP mapping port 8081 TCP removed
Apr  7 10:20:01 miniupnpd[3812]: sendto(udp): Operation not permitted
Apr  7 10:40:16 miniupnpd[3812]: sendto(udp): Operation not permitted
Apr  7 10:55:26 miniupnpd[3812]: sendto(udp): Operation not permitted
Apr  7 11:20:41 miniupnpd[3812]: sendto(udp): Operation not permitted

Previous beta firmware had no such entries. Wonder what they mean?

 

[rtcomputersinc]

Reboot problem is resolved but now watching video lags. Lost of image when watching video on LaPresse+. Going back to Asuswrt_Merlin 374.40 alpha4

Till now, Asuswrt-Merlin 374.40 alpha4 is the most stable for RT-AC68U

Try turning off beam forming it seems to give throughput that is all over the place on 2.4ghz at least.

I turned it off and the throughput became stable.