What's new

Voxel Custom firmware build for Orbi RBK50/RBK53 (RBR50, RBS50) v. 9.2.5.2.27SF-HW & v. 9.2.5.2.27.1SF-HW

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Voxel

Part of the Furniture
Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-orbi-rbk50-v-2-5-0-42sf-hw.60308/
. . .
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-2-25sf-hw.81580/
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-2-26sf-hw.82463/

New version of my custom firmware build: 9.2.5.2.27SF-HW.

Changes (vs 9.2.5.2.26SF-HW):

1. Toolchain: binutils version is upgraded 2.39->2.40.
2. Toolchain: Go is upgraded 1.18.9->1.19.5.
3. OpenSSL v. 1.1.1 package is upgraded 1.1.1s->1.1.1t (fixing CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286).
CVE-2023-0286, High severity.​
CVE-2023-0215, Moderate severity.​
CVE-2022-4450, Moderate severity.​
CVE-2022-4304, Moderate severity.​
4. e2fsprogs package is upgraded 1.46.5->1.46.6 (fixing CVE-2022-1304).
(score 7.8, High)​
5. bind package is upgraded 9.18.9->9.18.11 (fixing CVE-2022-3924, CVE-2022-3736).
(score 7.5, High)​
(score 7.5, High)​
6. lighttpd package is upgraded 1.4.67->1.4.68.
7. DNSCrypt Proxy v.2 is upgraded 2.1.2->2.1.4.
8. ipset package is upgraded 7.16->7.17.
9. curl package is upgraded 7.86.0->7.87.0.
10. unbound package (used in stubby) is upgraded 1.17.0->1.17.1.
11. getdns package (used in stubby) is upgraded 1.7.2->1.7.3.
12. stubby package is upgraded 0.4.2->0.4.3.
13. ncurses package is upgraded 6.3->6.4.
14. libpcap package is upgraded 1.10.1->1.10.3.
15. tcpdump package is upgraded 4.99.1->4.99.3.
16. ethtool package is upgraded 6.0->6.1.
17. dbus package is upgraded 1.14.4->1.14.6.
18. nano package is upgraded 7.1->7.2.
19. sysstat package is upgraded 12.7.1->12.7.2.
20. dnsmasq: add possibility to disable dnsmasq in AP mode (nvram).
nvram set disable_dnsmasq=1​
nvram commit​
21. Host tools: upgrade e2fsprogs to 1.46.6 (fixing CVE-2022-1304).
(score 7.8, High)​
22. Host tools: upgrade mkimage/u-boot to 2023.01.
23. Host tools: upgrade mtd-utils to 2.1.5.
24. Host tools: upgrade genext2fs to 1.5.0.
25. Host tools: upgrade xz to 5.4.1.
26. Host tools: upgrade mpfr to 4.2.0.
27. Host tools: upgrade UPX to 4.0.2.
28. Host tools: synchronize libtool with OpenWRT.

[Updated: QuickFix version]
New version of my custom firmware build: 9.2.5.2.27.1SF-HW.

Changes (vs 9.2.5.2.27SF-HW):

1. Bug fixing: add missed 'ethtool' package.
2. OpenVPN is upgraded 2.5.8->2.5.9.
3. lighttpd package is upgraded 1.4.68->1.4.69.
4. curl package is upgraded 7.87.0->7.88.0.
5. iperf3 package is upgraded 3.12->3.13.
6. nghttp2 package is upgraded 1.51.0->1.52.0.
7. bind package is upgraded 9.18.11->9.18.12.
8. ethtool: change to 'ethtool-full' variant.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 
Last edited:
Thank you for your continued efforts through all of the adversity.
Sadly, I ended up with a reboot loop on my router with this release... Reverting to .26 resolved the issue.
 
Well, it's not continuing... simply uploading the prior release stopped the reboots.
 
I had been using .27 for a few days and was having problems with my internet speeds and reboots. I also had to revert back to .26. Now running smooth again. :cool:
Screenshot 2023-02-17 .jpg
 
Last edited:
I had been using .27 for a few days and was having problems with my internet speeds and reboots. I also had to revert back to .26. Now running smooth again. :cool:View attachment 48057

Please try the version 9.2.5.2.27.1SF-HW. As I found there was missed somehow 'ethtool' package in 9.2.5.2.27SF-HW. Sorry. Probably it is a reason of issue. See updated the very first post in this thread.

Voxel.
 
Please try the version 9.2.5.2.27.1SF-HW. As I found there was missed somehow 'ethtool' package in 9.2.5.2.27SF-HW. Sorry. Probably it is a reason of issue. See updated the very first post in this thread.

Voxel.
I was having similar issues, will test and get back to you. Thanks!
 
@Voxel - thanks for all your hard work!! This seems to have fixed my issues!!
I was having similar issues, will test and get back to you. Thanks!

You know, it's very difficult to determine the cause of such an issue. So, for example, this particular issue is that after building the firmware 9.2.5.2.27SF-HW only one file (To be precise, it's '/usr/sbin/ethtool') was missing. In total there are 44.800 files in the firmware at the moment and I had to determine that one single file is missing...

Any help from you and reports are very helpful.

Thank you,
Voxel.
 
You know, it's very difficult to determine the cause of such an issue. So, for example, this particular issue is that after building the firmware 9.2.5.2.27SF-HW only one file (To be precise, it's '/usr/sbin/ethtool') was missing. In total there are 44.800 files in the firmware at the moment and I had to determine that one single file is missing...

Any help from you and reports are very helpful.

Thank you,
Voxel.
Thanks @Voxel! Ill be better about reporting issues. This 27.1 version seems to have fixed the speed issue and the constant drops.
 
It appears that Proftpd is included in Voxel firmware, but I have not found where it is enabled. Had thought it would be in the init.d/rc.d files, but....?
 
It appears that Proftpd is included in Voxel firmware, but I have not found where it is enabled. Had thought it would be in the init.d/rc.d files, but....?
It is in /usr/sbin/proftpd on R7800, should be same for Orbi. Type on shell:

Code:
proftpd -h

All you have to do is create conf file according to your liking. Default path is /etc/proftpd.conf on R7800. Type proftpd to see config path.

This may be helpful for config:
http://www.proftpd.org/docs/example-conf.html
 
Thanks for the link to the sample config file. I had made a (much shorter) conf that contained only:

ServerType standalone
DefaultAddress eth0


Got no error message, but also could not connect to a server. No response. Just timed out after 20 seconds.

Was concerned that I had missed the entry in init.d/rc.d where the FTP server was started. Thanks for confirming that it is up to a user to start the server.
 
If Orbi is similar to R7800, then it should be started by /sbin/cmdftp
That script reads some nvram variables that are (I think) set if you enable ftp via ReadyShare settings in GUI.

But if you want to be sure, then SSH to the Orbi and do:
cd /rom
grep -ir proftpd

(at least I assume that on Orbi also the read-only portion of the firmware is in /rom
You could also run the grep command in the root. But then it also attempts to search /proc and that can give unexpected results / cause ssh/the router to hang)
(you could tell grep to exclude that folder. But if Orbi has the /rom then that is easier)
 
Thanks for the information about cmdftp. Indeed, it is there in Voxel for Orbi /sbin. Appears to be enabled from the command line rather than started automatically at boot.
Appreciate the help.
 
It does start automatically, if you enable FTP under ReadyShare from UI.

Enabled FTP under ReadyShare > Advanced Settings:
1677746144742.png


Ran "ps -w" on shell and proftpd was running automatically:
1677746359718.png


When proftpd runs automatically from UI it creates "/tmp/proftpd.conf" which is mentioned in "/sbin/cmdftp"

Edit: Above setting works in R7800, it will not work in Orbi as Voxel mentioned in his comment.
 
Last edited:
Does anyone know how to enable SSH from WAN ?
I know it's risky but need to temporarily open that up instead of usual OpenVPN + LAN SSH.

Ideally I would like to use say port 7422 for WAN access and keep 22 for LAN connections + have both in the logs.

What I tried:
  1. port forwarding thru the UI to the router IP itself (7422 -> 22), to no avail - "Invalid IP address"
  2. created /etc/netwall.conf with "ACCEPT net fw tcp 22" + LF, and restarted with `net-wall restart` -> no effect, 22 still closed from WAN
 
Last edited:
Does anyone know how to enable SSH from WAN ?
I know it's risky but need to temporarily open that up instead of usual OpenVPN + LAN SSH.

Ideally I would like to use say port 7422 for WAN access and keep 22 for LAN connections + have both in the logs.

What I tried:
  1. port forwarding thru the UI to the router IP itself (7422 -> 22), to no avail - "Invalid IP address"
  2. created /etc/netwall.conf with "ACCEPT net fw tcp 22" + LF, and restarted with `net-wall restart` -> no effect, 22 still closed from WAN

Check QuickStart.txt:

. . .
5. Open your own firewall ports.

If you need to make several ports accessible from WAN then create the text file
/overlay/etc/netwall.conf with ports you need to open. Example of this file:
------------------------------------------------------------------------
ACCEPT net fw tcp 22,8443
ACCEPT net fw udp 1194
------------------------------------------------------------------------
(to open TCP ports 22 and 8443 and UDP port 1194).

NOTE: this file should contain LF symbol at the end of last line (press ENTER key in
your text editor).

. . .


Voxel.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top