Custom firmware build for R7800 v. 1.0.2.39SF

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Voxel

Very Senior Member
Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-r7800.36859/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-22sf.37222/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-23sf-v-1-0-2-24sf.37477/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-25sf-v-1-0-2-29sf.38032/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-30sf.38366/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-31sf.39142/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-32sf.39657/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-33sf.40198/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-34sf.40523/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-35sf.40794/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-36sf.41166/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-37sf.41317/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-38sf.41751/

New version of my custom firmware build: 1.0.2.39SF.

Changes (vs 1.0.2.38SF):
1. Most important: samba write speed is imporved (thanks to RMerlin for his tip (affinity)).
2. Changes in OpenVPN servers startup script (first is now using core0, second: core1).
3. Changes in OpenVPN client (now it is using core1).
4. taskset utility is added.
5. e2fsprogs package is upgraded 1.43.6->1.43.7.
6. curl package is upgraded 7.55.1->7.56.1.
7. ethtool package is upgaded 4.11->4.13.
8. wget package is upgraded 1.19.1->1.19.2.
9. Host tools: three components are upgraded.
10. Toolchain: Patch is added to compiler (to support compilation by gcc 6.3.0).

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

No reset is needed to upgrade from my previous versions.

P.S.
This version does not include the fix for the WPA2 Vulnerability in bridge mode (the last is not released by NETGEAR yet).


Voxel.
 

jdmpower

New Around Here
thank you, I'm trying for the first time custom firmware,:)

It is possible to limit bandwidth on this equipment?

Like a Asus sample
post-8863-0-23746000-1444083539.png
 

Voxel

Very Senior Member
Voxel,
Just an update to the VPN server issue. It seems to be an issue with the certs that netgear provides and the openvpn connect on android. I down graded the version of the client and it is working again.

With the upgraded version it gives an error "the certificate is signed with an unacceptable hash : depth =0

and this
14:21:22.464 -- Transport Error: mbed TLS: SSL read error : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
14:21:22.464 -- EVENT: CERT_VERIFY_FAIL info='mbed TLS: SSL read error : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed'
14:21:22.502 -- EVENT: DISCONNECTED
14:21:22.507 -- EVENT: CORE_THREAD_INACTIVE
14:21:22.508 -- Tunnel bytes per CPU second: 0
14:21:22.508 -- ----- OpenVPN Stop -----

Since i'm not versed in generating my own keys I could use some help or guidance

Thanks
Let's continue in this thread.

Something is happened with your certificates. So you should re-generate them. And all old client's *.ovpn will be invalid, sorry.

1. Disable OpenVPN in GUI.
2. Enter by telnet to router console.
3. Run the command:
Code:
/etc/init.d/openvpn regenerate_cert_file
4. Reboot your router.
5. Start OpenVPN
6. Re-download your client *.ovpn

P.S. It is better to flash first today's 1.0.2.39SF

Voxel.
 

Voxel

Very Senior Member
Hi Voxel,

Excuse the newbie-type question, but I was reading your Readme file, and it appears that you can move from Netgear stock firmware to your mod without having to do anything special or complex (i.e. flash your firmware, restore to base settings, then configure your WAN, LAN, etc...).

The next section of the Readme file says, "After flashing and your settings you need to have SSH access to router."

What does that mean for the average user?

Thanks,
Antopn
Hi Anton,
It is optional. You can use router w/o any SSH access to it. Usually SSH is needed for Entware users or advanced users who want to do some modifications.

Voxel.
 

deweyii

Occasional Visitor
Let's continue in this thread.

Something is happened with your certificates. So you should re-generate them. And all old client's *.ovpn will be invalid, sorry.

1. Disable OpenVPN in GUI.
2. Enter by telnet to router console.
3. Run the command:
Code:
/etc/init.d/openvpn regenerate_cert_file
4. Reboot your router.
5. Start OpenVPN
6. Re-download your client *.ovpn

P.S. It is better to flash first today's 1.0.2.39SF

Voxel.
Worked like a charm. Don't know how they got corrupted. I'll have to save that for the future.

Sent from my SM-G950U using Tapatalk
 

Thomas White

New Around Here
Continuation of
New version of my custom firmware build: 1.0.2.39SF.
I came to SNB today looking for an open source firmware to load on my new R7800. I did a bit of reading and it seems the benefit of Voxel firmware is speed vs. easier to use GUI on DD-WRT.

I'm a photographer and business owner–not a gamer. I need to use Open VNP when I'm traveling. I'm moderately tech savvy buy not a networking geek. Is the Voxel firmware or DD-WRT likely to be a better choice for me?
 

deweyii

Occasional Visitor
I came to SNB today looking for an open source firmware to load on my new R7800. I did a bit of reading and it seems the benefit of Voxel firmware is speed vs. easier to use GUI on DD-WRT.

I'm a photographer and business owner–not a gamer. I need to use Open VNP when I'm traveling. I'm moderately tech savvy buy not a networking geek. Is the Voxel firmware or DD-WRT likely to be a better choice for me?
I like voxel firmware. More like the original firmware.

Sent from my SM-G950U using Tapatalk
 

Thomas White

New Around Here
I like voxel firmware. More like the original firmware.
True that. I loaded it last night and if I didn't look carefully I'd think it was the original Netgear. Just (Voxel) to show the difference. I did get an warning while uploading the image that it was older than the previously installed firmware.

Can anyone summarize how this compares to the original or other open source options?
 

deweyii

Occasional Visitor
True that. I loaded it last night and if I didn't look carefully I'd think it was the original Netgear. Just (Voxel) to show the difference. I did get an warning while uploading the image that it was older than the previously installed firmware.

Can anyone summarize how this compares to the original or other open source options?
In a nutshell it's netgears firmware with updated packages. It does have some other stuff like transmission for downloading stuff and you can add entware to add some or her things you might want it to do. As always check out his read me to see other options.

Hope this helps.
Deweyii

Sent from my SM-G950U using Tapatalk
 

flyboynm

Occasional Visitor
Is there any place I can find screenshots of what the router's settings look like with this firmware? Does it allow you to turn off the radios for Wireless B/G?
 

deweyii

Occasional Visitor
Is there any place I can find screenshots of what the router's settings look like with this firmware? Does it allow you to turn off the radios for Wireless B/G?
Looks like the netgear firmware screens.

Sent from my SM-G950U using Tapatalk
 

pege63

Very Senior Member
It looks like the WPA2 Vulnerability is NOT so important to NETGEAR
 

Killhippie

Senior Member
It looks like the WPA2 Vulnerability is NOT so important to NETGEAR
Unless you are in AP mode its not, its clients side that need patching. In normal router mode the unit is not vulnerable, but still you would have thought Netgear would have patched it by now, I mean they say they are security conscious. 1.0.2.36 (official) did patch a few injection vulnerabilities. Alas much like their QoS updates any movement from Netgear is so slow. Its almost like they no idea how far behind their firmware writers are in patching and updating. I mean Voxel can do it pretty quick and bring a lot of code bang up to date yet Netgear still cant be bothered. <sigh>
 

Supersaiyan_IV

Occasional Visitor
Great release!

Regarding:
10. Toolchain: Patch is added to compiler (to support compilation by gcc 6.3.0).

Watch out for undefined symbols at link-time when -fdevirtualize-speculatively is enabled automatically with -O2, since it's mutually exclusive from -fdevirtualize.
 

Voxel

Very Senior Member
Great release!
Not great yet, but good. There is a space for optimization, I know. Not by linker/compiler but additional brainstorming.

Watch out for undefined symbols at link-time when -fdevirtualize-speculatively is enabled automatically with -O2, since it's mutually exclusive from -fdevirtualize.
Well. I played a bit with LTO... It is headache... Too many problems

You should read opinion of sx2000 regarding over-optimization :). Reliability first of all. Anyway, thanks. I really play with this.

Voxel.
 

RMerlin

Asuswrt-Merlin dev
It looks like the WPA2 Vulnerability is NOT so important to NETGEAR
That's in large part up to the SoC manufacturers to provide an updated SDK. On Asus' side, the updates are currently trickling one at a time, with the Broadcom HND platform patched two weeks ago, and the old SDK 6.34 only patched a few days ago. Still no patch for SDK 6.37 (RT-AC68U - same platform as the R7000) or SDK 7.14 (RT-AC88U/RT-AC3100).

No idea how Qualcomm has reacted so far in terms of providing security patches.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top