1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

[Beta] Asuswrt-Merlin 384.7 Beta is now available

Discussion in 'Asuswrt-Merlin' started by RMerlin, Sep 15, 2018.

  1. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    27,772
    Location:
    Canada
    Asuswrt-Merlin 384.7 beta is now available for all supported models, with the exception of the RT-AC56U and RT-AC3200 (as the latest firmware available for these two models isn't compatible with the GPL version used by 384.7). The biggest change in this release is the replacement of the ez-ipupdate DDNS client with the more modern inadyn client.

    Edit (24-Sept-2018): 384.7 Beta 2 released. Changes since beta1:

    Code:
    8d9cf9bb1 rc: remove temp file accidentally commited with e2b8ce3c6abfc8b38186cc61d967c97cba25c0d2
    e563f8df0 Updated documentation
    4baece1d3 webui: clarify the forced DDNS parameter
    0a283695e rc: reset the forced ddns update timer when ddns_check() forces an update
    e2b8ce3c6 rc: ensure we do issue a forced DDNS update after "x" days
    773ba2049 webui: only display an OpenVPN client/router status table if it actually has content
    ec12f5a06 nano: updated to 3.1.
    8bf340922 rc: inadyn: trying a different update URL for selfhost.de that's closer to Asus's ez-ipupdate implementation
    93e0b2f0e Bumped revision to beta 2
    
    Here is a summary of the changes:
    • Merged with Asus GPL 384_21152. The RT-AC87U binary blobs from GPL 382_50702 were merged in, allowing 384.7 to support this model (it wasn't available for 384.6).
    • Replaced ez-ipupdate with inadyn. This DDNS client adds HTTPS support, more built-in DDNS services, easier support for additional services, and more. A new plugin was developed to fully support Asus's own DDNS service.
    • All DDNS services now use HTTPS. Your DDNS login credentials are finally secure. Welcome to 2018 folks. If worried, now is a good time to change your DDNS password.
    • Added freedns.afraid.org DDNS service to the webui.
    • DDNS can now retrieve your public IP either Internally (the original method of using the IP on your router's WAN interface) or Externally (by querying a remote server). This allows the use of DDNS in a Dual NAT or CGNAT situation.
    • DFS Channel information are now shown on the Wireless Log page (based on upstream code from Asus's stock firmware)
    • Updated various components: curl (7.61.1), wget (1.19.5), openssl (1.0.2p), dnsmasq (2.80test4), nano (3.0 + backported fix).
    • DNSFilter settings were moved to the LAN section, to make it clearer that this feature is completely unrelated to Trend Micro.
    • A couple of IPv6-related fixes surrounding dnsmasq (like dnsmasq crashes on the RT-AC86U in stateful mode).

    See the changelog for the complete details.

    Things that require testing in this beta:
    • All the DDNS services, using either the Internal or External IP checks. Please make sure to specify the service and the IP check method when providing feedback, also whether or not you are using a custom script. Note that some scripts might require some tweaks (and some can possibly be re-implemented as a custom inadyn service. Please check out the inadyn documentation for more information.
    • Some code improvements were made to the OpenVPN server key/certs handling at start time. Please confirm that there are no new issues when starting the OpenVPN server.

    Please keep the discussions in this thread to this specific beta release. Any off-topic posts will be either ignored, moved or deleted, depending on my mood a the time I run into them.

    Downloads are here.
    Changelog is here.
     
    Last edited: Sep 24, 2018 at 12:42 AM
    netmik3, dvohwinkel, Jaco2k and 25 others like this.
  2. Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!
  3. bigmag

    bigmag Regular Contributor

    Joined:
    Feb 24, 2012
    Messages:
    110
    Location:
    Germany
    I have DDNS Probs
    Sep 15 09:35:04 start_ddns: update WWW.SELFHOST.DE selfhost, wan_unit 0
    Sep 15 09:35:04 inadyn[10099]: In-a-dyn version 2.4 -- Dynamic DNS update client.
    Sep 15 09:35:05 inadyn[10099]: Update forced for alias xxxxxxx, new IP# xx.xxx.xx.xxx
    Sep 15 09:35:05 inadyn[10099]: Fatal error in DDNS server response:
    Sep 15 09:35:05 inadyn[10099]: [200 OK] nochg xx.xxx.xx.xxx
    Sep 15 09:35:05 inadyn[10099]: Error response from DDNS server, exiting!
    Sep 15 09:35:05 syslog: Error code 48: DDNS server response not OK
     
    Mihai likes this.
  4. Zastoff

    Zastoff Regular Contributor

    Joined:
    Nov 21, 2017
    Messages:
    96
    Location:
    Sweden
    Smooth upgrade over alpha3 everything seems to start and work fine here.
    Asus DDNS(internal) and vpn-server works fine.
    Thank you!
     
    Last edited: Sep 15, 2018
    Mihai likes this.
  5. pattiri

    pattiri Senior Member

    Joined:
    Dec 27, 2016
    Messages:
    223
    Location:
    Istanbul, Turkey
    What are those mean in wireless log page?

    Code:
    DFS State: In-Service Monitoring(ISM)    Time elapsed: 2593350ms    Channel cleared for radar: 100/80 (0xE06A)
     
    Mihai likes this.
  6. M@rco

    [email protected] Very Senior Member

    Joined:
    Dec 23, 2017
    Messages:
    533
    Location:
    /tmp
    I had similar issues, using no-ip. Had to disable to use the Pixelserv certificate to get it to update (Certificate = None). However, now I can't access the WebUI anymore, as Firefox doesn't trust the Pixelserv certificate anymore either. Removed it and added it again, but no avail.

    Other than that, updating from 384.6 to 384.7 beta 1 seems to have gone just fine.
     
    Mihai likes this.
  7. M@rco

    [email protected] Very Senior Member

    Joined:
    Dec 23, 2017
    Messages:
    533
    Location:
    /tmp
    When switching back to Import/Auto-generated, WebUI hangs at 'Complete' with a spinning wheel. Syslog shows it generated a new certificate (even though Generate new is set to 'No') and performs an update, but WebUI is stuck:

    Code:
    Sep 15 10:19:58 inadyn[6499]: In-a-dyn version 2.4 -- Dynamic DNS update client.
    Sep 15 10:19:58 httpd: Generating SSL certificate...
    Sep 15 10:19:58 inadyn[6499]: Update forced for alias xxxxxxxxxx.ddns.net, new IP# xxx.xxx.xxx.xxx
    Sep 15 10:20:00 inadyn[6499]: Updating cache for xxxxxxxxxx.ddns.net
    
    Manually refreshing the page shows a new certificate has been issues and registering was successful?

    Can I just import my Pixelserv certificate again?
     
    Last edited: Sep 15, 2018
    Mihai likes this.
  8. M@rco

    [email protected] Very Senior Member

    Joined:
    Dec 23, 2017
    Messages:
    533
    Location:
    /tmp
    <deleted>
     
    Last edited: Sep 15, 2018
    Mihai likes this.
  9. appleseed

    appleseed Regular Contributor

    Joined:
    Jun 26, 2010
    Messages:
    58
    Location:
    everywhere
    you should see what channel you are on in relation to this message.
    probably (guessing) means you are near (or not near) radar and 2.59 million milliseconds is around 40 minutes remaining (or counting up, not sure) for the next check. so probably a 5 or 10 minute (or hourly) check maybe. The other part, 80 (0xE06A) might be channel width of 80 on channel 100. just guessing I'm not really sure.

    but DFS is definitely used to automatically change channels if it detects signals in a range specified by your country's equivalent to the FCC (Federal Communications Commission) in the US, like if you are near radar, satellite, planes, military, etc...
     
    Mihai and pattiri like this.
  10. M@rco

    [email protected] Very Senior Member

    Joined:
    Dec 23, 2017
    Messages:
    533
    Location:
    /tmp
    Syslog is flooded with

    Code:
    Sep 15 10:49:40 ovpn-client1[4409]: AEAD Decrypt error: bad packet ID (may be a replay): [ #822814 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    
    I haven't seen this error prior to installing 384.7 beta 1 (coming from 384.6 stable)

    Edit: Error seems gone after a third reboot (rebooted twice after updating, noticed the error flooding syslog, now it's gone).
     
    Last edited: Sep 15, 2018
    Mihai likes this.
  11. wiz

    wiz Regular Contributor

    Joined:
    Feb 15, 2013
    Messages:
    123
    Location:
    the Netherlands
    update went smooth on my ac5300, coming from 384.6-beta1. No issues to report so far. Thanks Eric!
     
  12. Grisu

    Grisu Very Senior Member

    Joined:
    Aug 28, 2014
    Messages:
    1,079
    @Merlin: Thanks really works with Asuscomm and double-NAT on RT-AC68U coming from stock 32738.
    Tested letsencrypt and without encyrption, both ok!

    Only what I found and probably could be improved:
    On network map it is showing only internal WAN (private IP), would it be possible to show both IP's there, internal (private) and external public WAN-IP used for DDNS update?

    Other question: Would it be even possible to allow this well done service in AP-mode too? I think thas would not really be a problem to run this feature on AP, only not possible to get WAN-page in GUI.
    Sorry, I know you made a very good new feature many waiting since >5 years for, and one of the first comments is to ask for unlimit its usage in non router mode.

    So it is meant to be only a question, not more or less, just please anwser, no will never be done (impossible) or could think about or maybe in a year or 2 - thanks!

    UPDATE:
    I can access directly AP-router_IP/Advanced_ASUSDDNS_Content.asp and change settings.
    No errors, but does NOT update ASUSDDNS.
     
    Last edited: Sep 19, 2018 at 3:47 AM
    Mihai likes this.
  13. nash16

    nash16 Occasional Visitor

    Joined:
    Sep 17, 2016
    Messages:
    30
    Someone has FreeDNS working? It works with custom ddns-start script, however, if I remove the script, it doesn't work.

    My config is:
    • Server: freedns.afraid.org
    • Enable wildcard: No.
    • Method to retrieve WAN IP: Internal.
    • WAN IP and hostname verification: Yes.
    Tested with API Key and Username password, as well as External method to retrieve WAN IP, right now I'm not using Let's Encrypt, so certificate has been chosen as 'None', nothing works for me.

    Thanks in advance!
     
    Mihai likes this.
  14. skeal

    skeal Very Senior Member

    Joined:
    Apr 30, 2016
    Messages:
    1,764
    Location:
    Canada
    AC3100 up and running! Easy flash. Great work Eric, I see no issues at all.;)
     
    JohnSmith, Mihai, scjr and 1 other person like this.
  15. Marin

    Marin Regular Contributor

    Joined:
    Sep 15, 2015
    Messages:
    161
    On AC-87U I noticed these two (see screenshot). I did initialize after FW upgrade and reboot router several times but there were no changes. Never had this happen before:

    1) The current timezone will not pick up automatically (in screenshot Greenwich Mean Time comes up as default) instead Central Time where I am at.

    2) There no synchronization with NTP servers. I clicked on the link but wasn't sure how to fix this.

    Thank you
     

    Attached Files:

    Mihai likes this.
  16. M@rco

    [email protected] Very Senior Member

    Joined:
    Dec 23, 2017
    Messages:
    533
    Location:
    /tmp
    No issues starting the OpenVPN server. Works like a charm.

    After re-importing the Pixelserv certificate (see previous post), everything appears to work as described. Using no-ip.com, tried both Internal and External succesfully and I'm not using a custom script.
     
    Mihai likes this.
  17. geobernd

    geobernd New Around Here

    Joined:
    Jan 14, 2012
    Messages:
    8
    Working fine here - I never had a custom script - I switched to freedns during the alpha phase. I am using the same settings you have with username and password - with a 60 minute check.

    During boot I get the following update lines -
    Code:
    Sep 15 06:57:17 inadyn[632]: In-a-dyn version 2.4 -- Dynamic DNS update client.
    Sep 15 06:57:18 inadyn[632]: Update forced for alias redacted.mooo.com, new IP# xx.xxx.xx.x
    I assume freedns actually got updated but didn't try setting a fake IP before to see if the update makes it - will do that now and see if the 60 minute check catches i....
     
    Mihai and nash16 like this.
  18. nash16

    nash16 Occasional Visitor

    Joined:
    Sep 17, 2016
    Messages:
    30
    I have rebooted the router to get a new IP address and it never updates the IP in freedns.afraid.org automatically :(

    So, I don't know what happens really because I have the same log than you, if you can test it with a different public IP and check in the website of DDNS Service if this changes or not.

    Thanks!
     
    Mihai likes this.
  19. geobernd

    geobernd New Around Here

    Joined:
    Jan 14, 2012
    Messages:
    8
    Just did a test setting a different IP through manual post on freedns.afraid.org - verified that it showed
    Then I rebooted the router (AC68U) and it updated back to the correct IP - so for me the update is working....

    If there is anything else I can help to try I'd be happy to (likely won't be before tomorrow afternoon - I have family come and visit in a little bit....)
     
    Mihai likes this.
  20. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    27,772
    Location:
    Canada
    Odd, cause it did report a positive result on the check (200 OK).

    Enable debugging, then initiate a DDNS update:

    Code:
    nvram set ddns_debug=1
    service restart_ddns
    
    Then post the syslog content.

    Sounds like after the client reconnected, the server thought it was the same session rather than a new one. Stopping the client for a few minutes should have fixed it. In any case, OpenVPN hasn't changed in quite some time, so it's unrelated to 384.7.

    Need log content to analyze. FreeDNS is working fine for me.
     
    Mihai and [email protected] like this.
  21. martywd

    martywd Occasional Visitor

    Joined:
    Apr 11, 2015
    Messages:
    24
    Location:
    TX
    Router: RT-AC88U
    Firmware: 384.7_beta1 (installed over 384.7_alpha3-gf2a90e48c, no reset)

    Server: www.dyndns.org

    Configuring to just one of my hostnames in my dyndns account does work.
    Code:
    ...
    Sep 15 11:06:32 start_ddns: update WWW.DYNDNS.ORG [email protected], wan_unit 0
    Sep 15 11:06:32 inadyn[13076]: In-a-dyn version 2.4 -- Dynamic DNS update client.
    Sep 15 11:06:32 inadyn[13076]: Update forced for alias xxx.dynxxx.com, new IP# xxx.yyy.zzz.101
    Sep 15 11:06:33 inadyn[13076]: Updating cache for xxx.yyy.zzz.101
    Sep 15 11:07:22 rc_service: httpd 346:notify_rc restart_ddns
    ...
    But.
    Attempting to configure DDNS on this router to my 'dyndns' account using my _multiple_ (3) hostnames associated with my dynamic IP address. No good, 'Apply' fails with an errors. The errors depending on whether I attempt to use coma-delineation or by separating the multiple hostnames with spaces in the 'Host Name' box of the admin gui.

    Example:
    Code:
    ...
    Sep 15 10:59:51 rc_service: watchdog 350:notify_rc start_ddns
    Sep 15 10:59:51 start_ddns: update WWW.DYNDNS.ORG [email protected], wan_unit 0
    Sep 15 10:59:52 inadyn[12935]: In-a-dyn version 2.4 -- Dynamic DNS update client.
    Sep 15 10:59:52 inadyn[12935]: /etc/inadyn.conf:4: unexpected token ','
    Sep 15 10:59:52 inadyn[12935]: Parse error in /etc/inadyn.conf
    Sep 15 10:59:52 syslog: Error code 74: Missing .conf file
    Sep 15 11:00:21 watchdog: start ddns.
    Sep 15 11:00:21 rc_service: watchdog 350:notify_rc start_ddns
    ...
    Sep 15 11:01:16 start_ddns: update WWW.DYNDNS.ORG [email protected], wan_unit 0
    Sep 15 11:01:16 inadyn[12964]: In-a-dyn version 2.4 -- Dynamic DNS update client.
    Sep 15 11:01:16 inadyn[12964]: /etc/inadyn.conf:4: no such option 'xxxx.yyydns.com'
    Sep 15 11:01:16 inadyn[12964]: Parse error in /etc/inadyn.conf
    Sep 15 11:01:16 syslog: Error code 74: Missing .conf file
    Sep 15 11:01:21 watchdog: start ddns.
    ...
    To summarize:
    Configure one hostname = good. Attempt to configure multiple hostnames = fail.

    I see from the 'man inadyn' that hostnames are configured with the '--alias' switch. The '--alias' switch can be applied multiple times for multiple hostnames. Looking at '/etc/inadyn' logged in to a command prompt I'm not seeing any obvious way to add the extra hostnames (alias) so that this will work. Doing some sort custom config might be the workaround? I did not look into that possibility.

    http://manpages.ubuntu.com/manpages/trusty/man8/inadyn.8.html
    http://manpages.ubuntu.com/manpages/trusty/man5/inadyn.conf.5.html

    .
     
    Mihai likes this.
Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!