Asuswrt-Merlin 378.54_2 is now available

Status
Not open for further replies.

ObliteRon

New Around Here
Works fine with my RT-AC66U and a Nexus 9. Check your config, and if it still fails do a factory default reset.

The RT-AC66U wireless driver hasn't changed since October 2014.
Checked my settings (made no changes) and rebooted with no luck. Then, I disabled the Optimized for Xbox settings on both bands (since the Xbox 360 is no longer being used and Xbox One is not applicable) and now I have connections again. Not sure if it is related or not.
 

RMerlin

Asuswrt-Merlin dev
Attempted upgrade from 53_0 on my RT-N66U. Router went into reboot loop. Was able to get to .54 default settings with WPS+reboot, but I prefer to wait to see if this can be resolved with a patch so I don't have to go through the song & dance of manually reconfiguring. Was able to duplicate this twice (downloaded 54 again to try ruling out bad download). I am NOT using any of the aforementioned adblock stuff.

No issue here when I upgraded my development N66 from 52 to 54. Reboot loops can be caused by a lot of factors: an interrupted flash, corrupted nvram, a corrupted USB disk plugged, etc...

The ad blocker only exists on ARM models (AC56/AC68/AC87/AC3200).
 

RMerlin

Asuswrt-Merlin dev
Is the Trend Micro signature on your latest version 1.050?

Signatures are automatically downloaded from the Internet. The included signature is whichever was current with 378_5134 - no idea which it is, my routers having all upgraded to 048 or 050 before I flashed them.
 

cosmoxl

Senior Member
boot time blocking of clients set to go through VPN tunnel doesn't seem to be working. I get this error at boot.

Jun 8 09:00:21 openvpn[821]: cd to '/opt/etc/openvpn' failed: No such file or directory (errno=2)
Jun 8 09:00:21 openvpn[821]: Exiting due to fatal error
 

RMerlin

Asuswrt-Merlin dev
boot time blocking of clients set to go through VPN tunnel doesn't seem to be working. I get this error at boot.

Jun 8 09:00:21 openvpn[821]: cd to '/opt/etc/openvpn' failed: No such file or directory (errno=2)
Jun 8 09:00:21 openvpn[821]: Exiting due to fatal error

/opt/etc/openvpn is not part of the firmware. You either installed OpenVPN through Optware/Entware, or got a custom script/config pointing at this incorrect path.
 

dlandon

Regular Contributor
Works fine for me on an RT-AC3200, I just re-tested it with a vpnbook ovpn config. Check your ovpn file, it might have an extra space in there.

Ok. I figured out what the problem is. I have a 26 character DynDNS url and when the ovpn file is created the port is truncated to '1'. I think there is a line length issue in the OpenVPN server "Export" function that generates the clientx.ovpn file.
 

cosmoxl

Senior Member
/opt/etc/openvpn is not part of the firmware. You either installed OpenVPN through Optware/Entware, or got a custom script/config pointing at this incorrect path.

ahh.. yes, long time ago I did experiment with trying to use openssl 1.0.2 with openvpn since the firmware didn't support it yet. I should have seen that. It's removed now.

however, boot time blocking is still not working. I've tried a reboot through the GUI with openvpn client down and clients already blocked as intended. at boot time there is nothing in log to show anything's being done to edit ip rules and internet is accessible.

I've also tried cutting power to the router while the openvpn client is running. Upon boot up same thing - internet is accessible.
 
Last edited:

Zirescu

Very Senior Member
Attempted upgrade from 53_0 on my RT-N66U. Router went into reboot loop. Was able to get to .54 default settings with WPS+reboot, but I prefer to wait to see if this can be resolved with a patch so I don't have to go through the song & dance of manually reconfiguring. Was able to duplicate this twice (downloaded 54 again to try ruling out bad download). I am NOT using any of the aforementioned adblock stuff.

Yeah, I had the same problem with mine. Luckily I had a backup of all my settings through John's backup script so was back and running relatively quickly.
 

RMerlin

Asuswrt-Merlin dev
Ok. I figured out what the problem is. I have a 26 character DynDNS url and when the ovpn file is created the port is truncated to '1'. I think there is a line length issue in the OpenVPN server "Export" function that generates the clientx.ovpn file.

I'll have to look over that code (it was written by Asus), they might have used a few buffers that are too small.
 

RMerlin

Asuswrt-Merlin dev
ahh.. yes, long time ago I did experiment with trying to use openssl 1.0.2 with openvpn since the firmware didn't support it yet. I should have seen that. It's removed now.

however, boot time blocking is still not working. I've tried a reboot through the GUI with openvpn client down and clients already blocked as intended. at boot time there is nothing in log to show anything's being done to edit ip rules and internet is accessible.

I've also tried cutting power to the router while the openvpn client is running. Upon boot up same thing - internet is accessible.

I just re-tested it, and it's working fine for me. Make sure you did enable the option to block Internet access, especially if you don't see any log entry concerning vpnrouting.
 

RMerlin

Asuswrt-Merlin dev
Attempted upgrade from 53_0 on my RT-N66U. Router went into reboot loop. Was able to get to .54 default settings with WPS+reboot, but I prefer to wait to see if this can be resolved with a patch so I don't have to go through the song & dance of manually reconfiguring. Was able to duplicate this twice (downloaded 54 again to try ruling out bad download). I am NOT using any of the aforementioned adblock stuff.

This is possibly caused by IPTraffic. Disable it for now, I'll have to hook the router to a serial cable to figure out why that would be happening, since that code hasn't changed in months.
 

hifiwifi

Regular Contributor
FYI. I began the process of manually reconfiguring the router. When I got to the QOS part, it went into the reboot loop again when I applied my settings (0.64 Up/12 Down). I was able to duplicate this behavior.


This is possibly caused by IPTraffic. Disable it for now, I'll have to hook the router to a serial cable to figure out why that would be happening, since that code hasn't changed in months.
 

cosmoxl

Senior Member
Could it be because initially the WAN doesn't come up properly that policy routing at boot time isn't working properly? "ISP's DHCP did not function properly"

Jan 1 07:00:14 stop_nat_rules: apply the redirect_rules!
Jan 1 07:00:14 WAN Connection: ISP's DHCP did not function properly.
Jan 1 07:00:14 dropbear[457]: Running in background
Jan 1 07:00:14 dnsmasq[467]: started, version 2.73rc1 cachesize 1500
Jan 1 07:00:14 dnsmasq[467]: warning: interface ppp1* does not currently exist
Jan 1 07:00:14 dnsmasq[467]: asynchronous logging enabled, queue limit is 5 messages
Jan 1 07:00:14 dnsmasq-dhcp[467]: DHCP, IP range 192.168.2.2 -- 192.168.2.254, lease time 1d
Jan 1 07:00:14 dnsmasq[467]: read /etc/hosts - 5 addresses
Jan 1 07:00:15 RT-AC68U: start httpd
Jan 1 07:00:15 crond[475]: crond: crond (busybox 1.20.2) started, log level 8
Jan 1 07:00:15 kernel: gro enabled with interval 2
Jan 1 07:00:15 disk monitor: be idle
Jan 1 07:00:16 Samba Server: daemon is started
Jan 1 07:00:16 custom script: Running /jffs/scripts/services-start
Jan 1 07:00:17 dnsmasq[467]: read /etc/hosts - 5 addresses
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.8.8#53 for domain local
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.4.4#53 for domain local
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.4.4#53
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.8.8#53
Jan 1 07:00:17 syslog: module ledtrig-usbdev not found in modules.dep
Jan 1 07:00:17 kernel: usbcore: registered new interface driver usbfs
Jan 1 07:00:17 kernel: usbcore: registered new interface driver hub
Jan 1 07:00:17 syslog: module leds-usb not found in modules.dep
Jan 1 07:00:17 kernel: usbcore: registered new device driver usb
Jan 1 07:00:17 kernel: SCSI subsystem initialized
Jan 1 07:00:17 rc_service: udhcpc 548:notify_rc start_firewall
Jan 1 07:00:17 dnsmasq[467]: read /etc/hosts - 5 addresses
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.8.8#53 for domain local
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.4.4#53 for domain local
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.4.4#53
Jan 1 07:00:17 dnsmasq[467]: using nameserver 8.8.8.8#53
Jan 1 07:00:17 kernel: csw_retry 100
Jan 1 07:00:17 kernel: Initializing USB Mass Storage driver...
Jan 1 07:00:17 kernel: usbcore: registered new interface driver usb-storage
Jan 1 07:00:17 kernel: USB Mass Storage support registered.
Jan 1 07:00:17 wan: finish adding multi routes
Jan 1 07:00:17 rc_service: udhcpc 548:notify_rc stop_upnp
Jan 1 07:00:17 rc_service: waitting "start_firewall" via udhcpc ...
Jan 1 07:00:17 kernel: Tuxera FAT 12/16/32 driver version 3014.7.30 [Flags: R/W MODULE].
Jan 1 07:00:18 kernel: Tuxera NTFS driver 3014.7.29 [Flags: R/W MODULE].
Jan 1 07:00:18 kernel: Tuxera HFS+ driver 3014.7.28
Jan 1 07:00:18 kernel: xhci_hcd 0000:00:0c.0: xHCI Host Controller
Jan 1 07:00:18 kernel: xhci_hcd 0000:00:0c.0: new USB bus registered, assigned bus number 1
Jan 1 07:00:18 kernel: xhci_hcd 0000:00:0c.0: irq 112, io mem 0x18023000
Jan 1 07:00:18 kernel: xhci_hcd 0000:00:0c.0: Failed to enable MSI-X
Jan 1 07:00:18 kernel: xhci_hcd 0000:00:0c.0: failed to allocate MSI entry
Jan 1 07:00:18 kernel: usb usb1: No SuperSpeed endpoint companion for config 1 interface 0 altsetting 0 ep 129: using minimum values
Jan 1 07:00:18 kernel: hub 1-0:1.0: USB hub found
Jan 1 07:00:18 kernel: hub 1-0:1.0: 1 port detected
Jan 1 07:00:18 kernel: [xhci-hub] usb2mode:[0]
Jan 1 07:00:18 kernel: ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
Jan 1 07:00:18 kernel: ehci_hcd 0000:00:0b.1: EHCI Host Controller
Jan 1 07:00:18 kernel: ehci_hcd 0000:00:0b.1: new USB bus registered, assigned bus number 2
Jan 1 07:00:18 kernel: ehci_hcd 0000:00:0b.1: irq 111, io mem 0x18021000
Jan 1 07:00:18 kernel: ehci_hcd 0000:00:0b.1: USB 0.0 started, EHCI 1.00
Jan 1 07:00:18 kernel: hub 2-0:1.0: USB hub found
Jan 1 07:00:18 kernel: hub 2-0:1.0: 2 ports detected
Jan 1 07:00:18 kernel: ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
Jan 1 07:00:18 kernel: ohci_hcd 0000:00:0b.0: OHCI Host Controller
Jan 1 07:00:18 kernel: ohci_hcd 0000:00:0b.0: new USB bus registered, assigned bus number 3
Jan 1 07:00:18 kernel: ohci_hcd 0000:00:0b.0: irq 111, io mem 0x18022000
Jan 1 07:00:18 kernel: hub 3-0:1.0: USB hub found
Jan 1 07:00:18 kernel: hub 3-0:1.0: 2 ports detected
Jan 1 07:00:18 kernel: usbcore: registered new interface driver usblp
Jan 1 07:00:18 kernel: usbcore: registered new interface driver asix
Jan 1 07:00:18 kernel: usbcore: registered new interface driver cdc_ether
Jan 1 07:00:18 kernel: usbcore: registered new interface driver rndis_host
Jan 1 07:00:18 kernel: cdc_ncm: 14-Mar-2012
Jan 1 07:00:18 kernel: usbcore: registered new interface driver cdc_ncm
Jan 1 07:00:18 kernel: usbcore: registered new interface driver cdc_wdm
Jan 1 07:00:18 kernel: usbcore: registered new interface driver qmi_wwan
Jan 1 07:00:18 kernel: cdc_mbim: loaded
Jan 1 07:00:18 kernel: usbcore: registered new interface driver cdc_mbim
Jan 1 07:00:18 kernel: usb 2-2: new high speed USB device using ehci_hcd and address 2
Jan 1 07:00:18 kernel: scsi0 : usb-storage 2-2:1.0
Jan 1 07:00:19 WAN Connection: WAN was restored.
Jan 1 07:00:19 start_nat_rules: apply the nat_rules(/tmp/nat_rules)!
Jan 1 07:00:19 kernel: scsi 0:0:0:0: Direct-Access Kingston DataTraveler 112 1.00 PQ: 0 ANSI: 2
Jan 1 07:00:19 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
Jan 1 07:00:19 kernel: sd 0:0:0:0: [sda] 3913664 512-byte logical blocks: (2.00 GB/1.86 GiB)
Jan 1 07:00:19 kernel: sd 0:0:0:0: [sda] Write Protect is off
Jan 1 07:00:19 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
Jan 1 07:00:19 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
Jan 1 07:00:19 kernel: sda: sda1
Jan 1 07:00:19 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
Jan 1 07:00:19 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
Jan 1 07:00:20 start_nat_rules: apply the nat_rules(/tmp/nat_rules_eth0_eth0)!
Jan 1 07:00:21 kernel: nf_conntrack_rtsp v0.6.21 loading
Jan 1 07:00:21 kernel: nf_nat_rtsp v0.6.21 loading
Jan 1 07:00:21 hotplug[690]: USB ext2 fs at /dev/sda1 mounted on /tmp/mnt/entware
Jan 1 07:00:21 usb: USB ext2 fs at /dev/sda1 mounted on /tmp/mnt/entware.
Jan 1 07:00:21 kernel: EXT2-fs (sda1): warning: mounting unchecked fs, running e2fsck is recommended
Jan 1 07:00:22 custom script: Running /jffs/scripts/post-mount (args: /tmp/mnt/entware)
Jan 1 07:00:22 rc_service: hotplug 690:notify_rc restart_nasapps
Jan 1 07:00:22 rc_service: udhcpc 548:notify_rc start_upnp
Jan 1 07:00:22 rc_service: waitting "restart_nasapps" via hotplug ...
Jan 1 07:00:22 iTunes: daemon is stopped
Jan 1 07:00:22 FTP Server: daemon is stopped
Jan 1 07:00:23 Samba Server: smb daemon is stopped
Jan 1 07:00:23 kernel: gro disabled
Jan 1 07:00:24 Timemachine: daemon is stopped
Jan 1 07:00:24 kernel: gro enabled with interval 2
Jan 1 07:00:25 Samba Server: daemon is started
Jan 1 07:00:26 dhcp client: bound 192.168.1.214 via 192.168.1.1 during 86400 seconds.
Jan 1 07:00:27 ntp: start NTP update
Jun 8 10:25:08 rc_service: ntp 787:notify_rc restart_upnp
Jun 8 10:25:09 rc_service: ntp 787:notify_rc restart_diskmon
Jun 8 10:25:10 disk_monitor: Finish
Jun 8 10:25:11 disk monitor: be idle
Jun 8 10:25:41 crond[475]: time disparity of 227725 minutes detected
 

RMerlin

Asuswrt-Merlin dev
FYI. I began the process of manually reconfiguring the router. When I got to the QOS part, it went into the reboot loop again when I applied my settings (0.64 Up/12 Down). I was able to duplicate this behavior.

I just did a complete recompile, and it seemed to at least resolve the crash issue for me with IPTraffic. Can you try this test build on your end to see if it also resolved issues for you?

http://www.mediafire.com/download/397sbxlv1k8fre9/RT-N66U_378.54_0-rebuild1.zip
 

DaveMishSr

Very Senior Member
Is the Trend Micro signature on your latest version 1.050?
Dude here is the changelog so you will stop pestering Eric with the same question that he has ALREADY answered.

78.54 (7-June-2015)
IMPORTANT: if you were previously using the AiProtection ad blocker, you will need to manually disable it over SSH after flashing this release, by running the following commands:

nvram set wrs_adblock_popup=0
nvram set wrs_adblock_stream=0
nvram commit

  • NEW: Merged with Asus GPL 378_5134.
  • NEW: OpenVPN policy rules can now be set to route matching traffic through either the tunnel, or to your ISP (allowing you to create exceptions to your tunnelling rules)
  • NEW: Added OpenVPN server setting to let the OS manage socket buffers (by inserting rcvbuf 0 and sndbuf 0 in the server configuration)
  • CHANGED: Upgraded OpenSSL to 1.0.2a, adding new tls ciphers to OpenVPN and the https webui
  • CHANGED: Updated miniupnpd to 1.9.20150430
  • CHANGED: Reverted kernel backport of the parallel printer support, and reintroduced fix in lprng. This should hopefully fix the recent printing breakage issues.
  • CHANGED: Removed AiProtection's ad blocker, as it's too buggy to be usable, breaking numerous mobile applications, and not being configurable in any way.
  • CHANGED: OpenVPN policy routing rules are now applied at boot time (when WAN comes up), so clients who are blocked while a tunnel is down will immediately be blocked untilthe tunnel comes up.
  • CHANGED: Upgraded Quantenna firmware to 378_6065 release (AC87)
  • FIXED: Router DNS weren't reverted to their original values when shutting down an OpenVPN client with "explicit-exit-notify" enabled. Now we manually clean it up after the user manually terminates the client - it might still not be cleaned up after an unexpected shutdown however. Ideally, users should try avoiding using this setting when possible.
  • FIXED: Some legitimate VPN packets could get dropped due to their conntrack state. Now, only INVALID packets coming from the WAN interface are dropped.
  • FIXED: OpenVPN client would sometime try to connect before the clock had been set by NTP at boot time, preventing it from connecting.
  • FIXED: AiProtection security check would fail to load when Dual WAN is enabled
  • FIXED: Various fields would allow you to enter a single quote character, which could break the webui. Now these fields re-validate the content after you deactivate the text field.
  • FIXED: Switching between All Traffic and Policy Mode OpenVPN routing while the option to block traffic when the tunnel goes down wasn't properly removing those rules, so a tunnel going down in All Traffic would still block policed clients.
  • FIXED: EMF wasn't working on ARM models (missing userspace tool)
If it isn't listed in the changelog then there's your answer. :rolleyes:
 
Last edited:

RMerlin

Asuswrt-Merlin dev
Could it be because initially the WAN doesn't come up properly that policy routing at boot time isn't working properly? "ISP's DHCP did not function properly"

Your WAN IP is a private IP. Can you describe your WAN setup?
 

clash

New Around Here
I actually had the same problem with my N66U. I thought it had something to do with the fact I went from dual wan to single wan during the reboot without shutting it down(and the fact i was playing around with different subnet mask settings in a dual router configuration ). It took me about an hour to reset and reconfigure 4 machines to be able to reach internet again . haven't made any log though .It went into a loop for a second time after setting a different time server and activating all ssh options (without wan access) in the administration section . It's not much info but maybe it tells you something.
 
Status
Not open for further replies.

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top