Custom firmware build for R7800 v. 1.0.2.39SF

[Voxel]

Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-r7800.36859/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-22sf.37222/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-23sf-v-1-0-2-24sf.37477/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-25sf-v-1-0-2-29sf.38032/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-30sf.38366/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-31sf.39142/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-32sf.39657/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-33sf.40198/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-34sf.40523/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-35sf.40794/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-36sf.41166/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-37sf.41317/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-38sf.41751/

New version of my custom firmware build: 1.0.2.39SF.

Changes (vs 1.0.2.38SF):
1. Most important: samba write speed is imporved (thanks to RMerlin for his tip (affinity)).
2. Changes in OpenVPN servers startup script (first is now using core0, second: core1).
3. Changes in OpenVPN client (now it is using core1).
4. taskset utility is added.
5. e2fsprogs package is upgraded 1.43.6->1.43.7.
6. curl package is upgraded 7.55.1->7.56.1.
7. ethtool package is upgaded 4.11->4.13.
8. wget package is upgraded 1.19.1->1.19.2.
9. Host tools: three components are upgraded.
10. Toolchain: Patch is added to compiler (to support compilation by gcc 6.3.0).

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

No reset is needed to upgrade from my previous versions.

P.S.
This version does not include the fix for the WPA2 Vulnerability in bridge mode (the last is not released by NETGEAR yet).


Voxel.

 

[jdmpower]

thank you, I'm trying for the first time custom firmware,

It is possible to limit bandwidth on this equipment?

Like a Asus sample

 

[Voxel]

Voxel,
Just an update to the VPN server issue. It seems to be an issue with the certs that netgear provides and the openvpn connect on android. I down graded the version of the client and it is working again.

With the upgraded version it gives an error "the certificate is signed with an unacceptable hash : depth =0

and this
14:21:22.464 -- Transport Error: mbed TLS: SSL read error : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
14:21:22.464 -- EVENT: CERT_VERIFY_FAIL info='mbed TLS: SSL read error : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed'
14:21:22.502 -- EVENT: DISCONNECTED
14:21:22.507 -- EVENT: CORE_THREAD_INACTIVE
14:21:22.508 -- Tunnel bytes per CPU second: 0
14:21:22.508 -- ----- OpenVPN Stop -----

Since i'm not versed in generating my own keys I could use some help or guidance

Thanks

Let's continue in this thread.

Something is happened with your certificates. So you should re-generate them. And all old client's *.ovpn will be invalid, sorry.

1. Disable OpenVPN in GUI.
2. Enter by telnet to router console.
3. Run the command:

/etc/init.d/openvpn regenerate_cert_file

4. Reboot your router.
5. Start OpenVPN
6. Re-download your client *.ovpn

P.S. It is better to flash first today's 1.0.2.39SF

Voxel.

 

[Voxel]

thank you, I'm trying for the first time custom firmware,

It is possible to limit bandwidth on this equipment?

Like a Asus sample
View attachment 10866

Sorry, no limitation of bandwidth by device. Stock FW does not support this, and my version too. Only limitation for all devices.

Voxel.

 

[Voxel]

Hi Voxel,

Excuse the newbie-type question, but I was reading your Readme file, and it appears that you can move from Netgear stock firmware to your mod without having to do anything special or complex (i.e. flash your firmware, restore to base settings, then configure your WAN, LAN, etc...).

The next section of the Readme file says, "After flashing and your settings you need to have SSH access to router."

What does that mean for the average user?

Thanks,
Antopn

Hi Anton,
It is optional. You can use router w/o any SSH access to it. Usually SSH is needed for Entware users or advanced users who want to do some modifications.

Voxel.

 

[deweyii]

Let's continue in this thread.

Something is happened with your certificates. So you should re-generate them. And all old client's *.ovpn will be invalid, sorry.

1. Disable OpenVPN in GUI.
2. Enter by telnet to router console.
3. Run the command:

/etc/init.d/openvpn regenerate_cert_file

4. Reboot your router.
5. Start OpenVPN
6. Re-download your client *.ovpn

P.S. It is better to flash first today's 1.0.2.39SF

Voxel.

Worked like a charm. Don't know how they got corrupted. I'll have to save that for the future.

Sent from my SM-G950U using Tapatalk

 

[Voxel]

Worked like a charm. Don't know how they got corrupted. I'll have to save that for the future.

Sent from my SM-G950U using Tapatalk

Who knows... Good that it is OK now.

Voxel.

 

[Thomas White]

Continuation of
New version of my custom firmware build: 1.0.2.39SF.

I came to SNB today looking for an open source firmware to load on my new R7800. I did a bit of reading and it seems the benefit of Voxel firmware is speed vs. easier to use GUI on DD-WRT.

I'm a photographer and business owner–not a gamer. I need to use Open VNP when I'm traveling. I'm moderately tech savvy buy not a networking geek. Is the Voxel firmware or DD-WRT likely to be a better choice for me?

 

[deweyii]

I came to SNB today looking for an open source firmware to load on my new R7800. I did a bit of reading and it seems the benefit of Voxel firmware is speed vs. easier to use GUI on DD-WRT.

I'm a photographer and business owner–not a gamer. I need to use Open VNP when I'm traveling. I'm moderately tech savvy buy not a networking geek. Is the Voxel firmware or DD-WRT likely to be a better choice for me?

I like voxel firmware. More like the original firmware.

Sent from my SM-G950U using Tapatalk

 

[Thomas White]

I like voxel firmware. More like the original firmware.

True that. I loaded it last night and if I didn't look carefully I'd think it was the original Netgear. Just (Voxel) to show the difference. I did get an warning while uploading the image that it was older than the previously installed firmware.

Can anyone summarize how this compares to the original or other open source options?

 

[deweyii]

True that. I loaded it last night and if I didn't look carefully I'd think it was the original Netgear. Just (Voxel) to show the difference. I did get an warning while uploading the image that it was older than the previously installed firmware.

Can anyone summarize how this compares to the original or other open source options?

In a nutshell it's netgears firmware with updated packages. It does have some other stuff like transmission for downloading stuff and you can add entware to add some or her things you might want it to do. As always check out his read me to see other options.

Hope this helps.
Deweyii

Sent from my SM-G950U using Tapatalk

 

[flyboynm]

Is there any place I can find screenshots of what the router's settings look like with this firmware? Does it allow you to turn off the radios for Wireless B/G?

 

[deweyii]

Is there any place I can find screenshots of what the router's settings look like with this firmware? Does it allow you to turn off the radios for Wireless B/G?

Looks like the netgear firmware screens.

Sent from my SM-G950U using Tapatalk

 

[pege63]

It looks like the WPA2 Vulnerability is NOT so important to NETGEAR

 

[Killhippie]

It looks like the WPA2 Vulnerability is NOT so important to NETGEAR

Unless you are in AP mode its not, its clients side that need patching. In normal router mode the unit is not vulnerable, but still you would have thought Netgear would have patched it by now, I mean they say they are security conscious. 1.0.2.36 (official) did patch a few injection vulnerabilities. Alas much like their QoS updates any movement from Netgear is so slow. Its almost like they no idea how far behind their firmware writers are in patching and updating. I mean Voxel can do it pretty quick and bring a lot of code bang up to date yet Netgear still cant be bothered. <sigh>

 

[janthony6]

What about the r9000

 

[Supersaiyan_IV]

Great release!

Regarding:
10. Toolchain: Patch is added to compiler (to support compilation by gcc 6.3.0).

Watch out for undefined symbols at link-time when -fdevirtualize-speculatively is enabled automatically with -O2, since it's mutually exclusive from -fdevirtualize.

 

[Voxel]

Unless you are in AP mode its not,

In bridge mode, right? Not AP .

Voxel.

 

[Voxel]

Great release!

Not great yet, but good. There is a space for optimization, I know. Not by linker/compiler but additional brainstorming.

Watch out for undefined symbols at link-time when -fdevirtualize-speculatively is enabled automatically with -O2, since it's mutually exclusive from -fdevirtualize.

Well. I played a bit with LTO... It is headache... Too many problems

You should read opinion of sx2000 regarding over-optimization . Reliability first of all. Anyway, thanks. I really play with this.

Voxel.

 

[RMerlin]

It looks like the WPA2 Vulnerability is NOT so important to NETGEAR

That's in large part up to the SoC manufacturers to provide an updated SDK. On Asus' side, the updates are currently trickling one at a time, with the Broadcom HND platform patched two weeks ago, and the old SDK 6.34 only patched a few days ago. Still no patch for SDK 6.37 (RT-AC68U - same platform as the R7000) or SDK 7.14 (RT-AC88U/RT-AC3100).

No idea how Qualcomm has reacted so far in terms of providing security patches.