Custom firmware build for R7800 v. 1.0.2.60SF

[percy3]

I am playing a bit with R7800 firmware by Voxel. So far I've enabled ssh and trying to setup syslogd without installing Entware.

What has been done so far:

I've edited /etc/init.d/syslogd script adding -R 1.1.1.1 -L options. It works perfectly until next router restart. My understanding is sylog tries to write to network but at that time network interface is still down and syslogd is not retrying.



1) Is it porper place to modify syslogd behaviour? Or should I rather play with web interface scritps for example?

2) should I use /etc/hotplug.d in addition?

percy

 

[Voxel]

I am on 1.0.2.60FS version and after each restart I am getting from web interface prompt to update OpenVPN package. Is it possible to get rid of that message? How can I upgrade OpenVPN package?

percy

Interesting. I do not have such message. Most probably it is internals of /usr/sbin/net-cgi (pre-built binary from NG). Usually it downloadы some updates (ReadyCLOUD etc) from updates1.netgear.com

You can try to modify the script /sbin/printhosts which creates hosts file in /etc adding IP for this server as 127.0.0.1

. . .
127.0.0.1 updates1.netgear.com
$ip $name
EOF

Voxel.

 

[Voxel]

I am playing a bit with R7800 firmware by Voxel. So far I've enabled ssh and trying to setup syslogd without installing Entware.

What has been done so far:

I've edited /etc/init.d/syslogd script adding -R 1.1.1.1 -L options. It works perfectly until next router restart. My understanding is sylog tries to write to network but at that time network interface is still down and syslogd is not retrying.



1) Is it porper place to modify syslogd behaviour? Or should I rather play with web interface scritps for example?

2) should I use /etc/hotplug.d in addition?

percy

Overall you need to run this init script after WAN is started. There are possibility to change its start order. Currently it is 49.

START=49

Try to

/etc/init.d/syslogd disable

change this 49 to other value (99 or so) and

/etc/init.d/syslogd enable

Voxel.

 

[percy3]

Overall you need to run this init script after WAN is started. There are possibility to change its start order. Currently it is 49.

START=49

Try to

/etc/init.d/syslogd disable

change this 49 to other value (99 or so) and

/etc/init.d/syslogd enable

Voxel.

I've tried to solve it with /etc/hotplug.d but with no success.
Instead I've put following commands into /etc/init.d/syslogd (after /etc/init.d/syslogd disable):

# syslogd -m 0 -T "$($CONFIG get time_zone)" -c "$g_total" -C
logread | nc $IPLOG 514
killall syslogd
syslogd -L -m 0 -T "$($CONFIG get time_zone)" -c "$g_total" -R $IPLOG

and increased START value to 99 and then issued /etc/init.d/syslogd enable command

Now it works as expected however I do not understand which script is starting "local" instance of syslogd prior to init.d execution (that's why I have killall syslog command). Any idea where that might be coming from?

 

[percy3]

I believe I've put together proper SYSLOG configuration. The only issue I have is with nc. That particular version seams to be able to support only sending through TCP so I had to open TCP syslog port in addition at syslog collector server.

Prerequisites:
- ssh enabled router (optional)
- IP of the server that will receive syslog messages

Steps to configure:
1. /etc/init.d/syslogd disable
2. Edit /etc/init.d/syslogd file adding -C option to syslogd -m 0 -T "$($CONFIG get time_zone)" -c "$g_total" line
3. /etc/init.d/syslogd disable
4. Create new /etc/init.d/syslogd-net file with -rwxr-xr-x permissions with the following contents:

#!/bin/sh /etc/rc.common
# Copyright (C) 2006 OpenWrt.org
START=99

SLIP=1.1.1.1 # your syslog server IP here
LOG_CATEGORY_FILE=/tmp/logcategory
CONFIG=/bin/config

# save the log category information
g_total=0

update_check_log ()
{
        local LAS=$(($($CONFIG get log_allow_sites) << 0))
        local LBSS=$(($($CONFIG get log_block_sites_services) << 1))
        local LCWI=$(($($CONFIG get log_conn_web_interface) << 2))
        local LRO=$(($($CONFIG get log_router_operation) << 3))
        local LDAPS=$(($($CONFIG get log_dos_attacks_port_scans) << 4))
        local LPFT=$(($($CONFIG get log_port_firwarding_trigering) << 5))
        local LWA=$(($($CONFIG get log_wire_access) << 6))
        local LACR=$(($($CONFIG get log_internet_conn_reset) << 7))
        local LWOS=$(($($CONFIG get log_wire_signal_sched) << 8))
        local LVPN=$(($($CONFIG get log_vpn_head) << 10))

        g_total=$(($LAS + $LBSS + $LCWI + $LRO + $LDAPS + $LPFT + $LWA + $LACR + $LWOS + $LVPN))
}

start ()
{
    update_check_log
    logread | nc $SLIP 514
    killall syslogd
    syslogd -L -m 0 -T "$($CONFIG get time_zone)" -c "$g_total" -R $SLIP

    # the fisrt log
    local sys_first=`$CONFIG get syslog_up_first`
    if [ "x$sys_first" = "x0" ]; then
        logger "[Initialized, firmware version: $(cat /firmware_version)$(cat /firmware_region)]"
        $CONFIG set syslog_up_first=1
    fi
}

stop ()
{
    killall syslogd
}

restart ()
{
    stop
    start
}

5. /etc/init.d/syslogd-net enable
6. reboot

Works perfectly!

 

[ulaganath]

WAN Port mirror to LAN port1

what is actual function of this option in debug page. Is that fail over if wan stopped working or can R7800 be set as load balancer?

 

[percy3]

WAN Port mirror to LAN port1

what is actual function of this option in debug page. Is that fail over if wan stopped working or can R7800 be set as load balancer?

Neither. It allows you to see traffic from WAN port e.g. for sniffing.

 

[ulaganath]

So Netgear yet to release a router with failover/load balancer for secondary wan?

Was it software bound or hardware chip required.

Sent from my ASUS_Z01RD using Tapatalk

 

[percy3]

So Netgear yet to release a router with failover/load balancer for secondary wan?

Was it software bound or hardware chip required.

Sent from my ASUS_Z01RD using Tapatalk

We are talking here about consumer grade routers. Those aren't usually designed for LB or failover.

 

[percy3]

I believe I've put together proper SYSLOG configuration. The only issue I have is with nc. That particular version seams to be able to support only sending through TCP so I had to open TCP syslog port in addition at syslog collector server.

Prerequisites:
- ssh enabled router (optional)
- IP of the server that will receive syslog messages

Steps to configure:
1. /etc/init.d/syslogd disable
2. Edit /etc/init.d/syslogd file adding -C option to syslogd -m 0 -T "$($CONFIG get time_zone)" -c "$g_total" line
3. /etc/init.d/syslogd disable
4. Create new /etc/init.d/syslogd-net file with -rwxr-xr-x permissions with the following contents:

#!/bin/sh /etc/rc.common
# Copyright (C) 2006 OpenWrt.org
START=99

SLIP=1.1.1.1 # your syslog server IP here
LOG_CATEGORY_FILE=/tmp/logcategory
CONFIG=/bin/config

# save the log category information
g_total=0

update_check_log ()
{
        local LAS=$(($($CONFIG get log_allow_sites) << 0))
        local LBSS=$(($($CONFIG get log_block_sites_services) << 1))
        local LCWI=$(($($CONFIG get log_conn_web_interface) << 2))
        local LRO=$(($($CONFIG get log_router_operation) << 3))
        local LDAPS=$(($($CONFIG get log_dos_attacks_port_scans) << 4))
        local LPFT=$(($($CONFIG get log_port_firwarding_trigering) << 5))
        local LWA=$(($($CONFIG get log_wire_access) << 6))
        local LACR=$(($($CONFIG get log_internet_conn_reset) << 7))
        local LWOS=$(($($CONFIG get log_wire_signal_sched) << 8))
        local LVPN=$(($($CONFIG get log_vpn_head) << 10))

        g_total=$(($LAS + $LBSS + $LCWI + $LRO + $LDAPS + $LPFT + $LWA + $LACR + $LWOS + $LVPN))
}

start ()
{
    update_check_log
    logread | nc $SLIP 514
    killall syslogd
    syslogd -L -m 0 -T "$($CONFIG get time_zone)" -c "$g_total" -R $SLIP

    # the fisrt log
    local sys_first=`$CONFIG get syslog_up_first`
    if [ "x$sys_first" = "x0" ]; then
        logger "[Initialized, firmware version: $(cat /firmware_version)$(cat /firmware_region)]"
        $CONFIG set syslog_up_first=1
    fi
}

stop ()
{
    killall syslogd
}

restart ()
{
    stop
    start
}

5. /etc/init.d/syslogd-net enable
6. reboot

Works perfectly!

Please note above has been tested for wired (Ethernet) syslog receiver only. Wireless one might get connected too late.

 

[routine]

How can i set killswitch in openvpn in the router ?

 

[Luuc Paauw]

Voxel,

I put your initial entware on my hdd...mount bind it to opt...opkg list does not show midnight commander but i downloaded it from your website as *.ipk
if i try to install it with opkg i get the error

Collected errors:
* pkg_hash_fetch_best_installation_candidate: Packages for mc found, but incompatible with the architectures configured
* opkg_install_cmd: Cannot install package mc.

can you put mc in the opkg list otr tell me how to correct the error

 

[Voxel]

How can i set killswitch in openvpn in the router ?

There are two scripts:

/etc/openvpn/ovpnclient-down.sh
/etc/openvpn/ovpnclient-up.sh

they are called when client starts/stops. You can use them and replace WAN LED amber/white to your own actions.

Voxel.

 

[Voxel]

Voxel,

I put your initial entware on my hdd...mount bind it to opt...opkg list does not show midnight commander but i downloaded it from your website as *.ipk
if i try to install it with opkg i get the error

Collected errors:
* pkg_hash_fetch_best_installation_candidate: Packages for mc found, but incompatible with the architectures configured
* opkg_install_cmd: Cannot install package mc.

can you put mc in the opkg list otr tell me how to correct the error

Probably you run not /opt/bin/opkg but /bin/opkg. Try to run /opt/bin/opkg.

NOTE 2: Info for Entware users. /etc/profile default profile is changed (no PATH for Entware is set by default, i.e. /opt/bin:/opr/sbin). Set the PATH for Entware in /root/.profile file, something like:

export PATH=/opt/bin:/opt/sbin:/bin:/sbin:/usr/bin:/usr/sbin

Voxel.

 

[jeanp]

Hello Voxel, Hello everyone
Thank you very much for your work.
I had many problem with wlan with the original netgear firmware, but with your Firmware it work perfect, very stable wlan connection.
Merci beaucoup

I have install every things, all ok, but I had a small problem (I found a solution but want to know why).
I use: Nighthawk(R) X4S R7800 version V1.0.2.60SF

I never be able to mount a drive formatted with ext4, the system recognizes only fat/32, exfat, ntfs.
I format the way you give in your doc. with:
"mkfs.ext4 -F -L optware /dev/sdb1" format the drive seems to be done, but no mount "df" never show the drive...
even different drive and stick, different size, formatted with netgear & debian & raspberry, I never be able to mount those disk.
only as I format with ext3 recognize netgear the usb.
Formatted with ext3 every things work.

I do not understand how you could format ext4, and nit me. Do you have any idea ?
Merci
Jean-Luc

 

[Luuc Paauw]

Thanx Voxel that did the trick...so for entware just unzip your tar on the HDD en bind mount the opt...and your ready to go entware...
Your firmware is way faster in ftp en samba than the dd-wrt.. sometimes twice as fast...only miss the detect bij radar option from dd-wrt
other issue is that my dd-wrt client bridge linksys dd-wrt EA6500 sometimes drops connection and also the 5 GHz on the R7800 drops

One question about mc...i had to set TERM when first starting and set it to xterm...but the screen is very tiny and does not adjust if i make the window bigger in windows 10...any ideas what to set in the mc.ini or something (i already wear glasses ;-))

 

[randytsuch]

Hello Voxel, Hello everyone
Thank you very much for your work.
I had many problem with wlan with the original netgear firmware, but with your Firmware it work perfect, very stable wlan connection.
Merci beaucoup

I have install every things, all ok, but I had a small problem (I found a solution but want to know why).
I use: Nighthawk(R) X4S R7800 version V1.0.2.60SF

I never be able to mount a drive formatted with ext4, the system recognizes only fat/32, exfat, ntfs.
I format the way you give in your doc. with:
"mkfs.ext4 -F -L optware /dev/sdb1" format the drive seems to be done, but no mount "df" never show the drive...
even different drive and stick, different size, formatted with netgear & debian & raspberry, I never be able to mount those disk.
only as I format with ext3 recognize netgear the usb.
Formatted with ext3 every things work.

I do not understand how you could format ext4, and nit me. Do you have any idea ?
Merci
Jean-Luc

FWIW, I used this:
mkfs.ext4 -L optware /dev/sdb1

and as long as the stick is in sdb1, it worked for me

 

[jeanp]

I have also format it with "mkfs.ext4 -L optware /dev/sdb1" "mkfs.ext4 -L optware /dev/sda1" with 1 or 2 drives
and never get sdb1 or sda1 show to "df" and never be able to mount, formatting work, it show only with ext3
wait after format
reboot 1) usb insert, 2) with no usb and insert.
its not a big thing because it work with ext3, I just that I will understand why it does not work on my R7800...
I hope my system is ok.

 

[routine]

There are two scripts:

/etc/openvpn/ovpnclient-down.sh
/etc/openvpn/ovpnclient-up.sh

they are called when client starts/stops. You can use them and replace WAN LED amber/white to your own actions.

Voxel.

I don't understand what you say..
I don't want use my true ip when openvpn connection is lost...

 

[Voxel]

I don't understand what you say..
I don't want use my true ip when openvpn connection is lost...

I mean that if OpenVPN client fails to connect to your provider it automatically runs the script

/etc/openvpn/ovpnclient-down.sh

Currently this script just turns amber color for the WAN LED. I.e. if you are connected to VPN your WAN LED is white. If you got disconnection you could see that WAN LED is amber.

If you want to do some your own actions for example reboot your router is it cannot connect to your VPN provider you may add "reboot" command to the script /etc/openvpn/ovpnclient-down.sh

#!/bin/sh
/sbin/ledcontrol -n wan -c red -s on
reboot

But it is a bit dangerous: your router could reboot all the time e.g. if your ISP has temporary problems...

Voxel.