1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Custom firmware build for R7800 v. 1.0.2.61SF

Discussion in 'NETGEAR AC Wireless' started by Voxel, Oct 16, 2018.

Tags:
  1. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    Continuation of
    . . .
    https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-60sf.48805/

    New version of my custom firmware build: 1.0.2.61SF.

    Changes (vs 1.0.2.60SF):

    1. stubby package is added to provide DNS-over-TLS support:
    to enable stubby run the commands from telnet/ssh console:
    nvram set stubby=1
    nvram commit
    and reboot your router; to disable stubby run the commands from telnet/ssh console:
    nvram set stubby=0
    nvram commit
    and reboot your router.​
    2. getdns, unbound, yaml, ca-certificates packages are added (stubby dependences).
    3. sqlite3 package is upgraded 3230100->3240000.
    4. liblz4 package is upgraded 1.8.2->1.8.3.
    5. sysstat package is upgraded 11.0.4->11.6.4.
    6. ubus package is upgraded 2018-07-26->2018-10-06-221ce7e7.
    7. libevent2-pthreads packages is removed (not used).
    8. Toolchain: binutils version is upgraded to 2.31.1.
    9. Host tools: two components are upgraded.

    The link is:

    https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

    So important notes:

    1. stubby (DNS-Over-TLS) is already included into firmware (not necessary to install add-on). To enable stubby run the commands from telnet/ssh console:
    nvram set stubby=1
    nvram commit
    and reboot your router; to disable stubby run the commands from telnet/ssh console:
    nvram set stubby=0
    nvram commit
    and reboot your router. Currently it is configured to use Cloudflare servers (DoT). You may customize your config file:

    /etc/stubby/stubby.yml

    2. dnscrypt-proxy (v. 1) is left in firmware (will be removed in the next release). If both (dnscrypt-proxy and stubby) are enabled, stubby has higher priority and dnscrypt-proxy will be stopped.

    Voxel.
     
    Last edited: Oct 16, 2018
    rbird2, percy3, tlavarea and 16 others like this.
  2. Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!
  3. pege63

    pege63 Very Senior Member

    Joined:
    Jan 17, 2015
    Messages:
    920
    Location:
    Sweden, AngelIsland
    Nice work Voxel, thanks.
     
    Voxel likes this.
  4. cdysthe

    cdysthe Regular Contributor

    Joined:
    Sep 22, 2013
    Messages:
    120
    This is my first upgrade. Should I factory reset and restore backed up settings, or can I just upgrade as is?

    Otherwise, works like a charm. Thank you so much!
     
    Voxel likes this.
  5. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    Just upgrade "as is".

    There could be problems when upgrading from the version prior to 1.0.2.53SF (or 1.0.2.52 stock) when GUI could reject flashing with a message something like "wrong firmware file". Remedy is to use intermediate flashing: 1.0.2.60SF and then 1.0.2.61SF.

    Voxel.
     
  6. cdysthe

    cdysthe Regular Contributor

    Joined:
    Sep 22, 2013
    Messages:
    120
    Thanks. That's the easiest quickest update I've ever had on a Nighthawk!
     
  7. RamboUnchained

    RamboUnchained New Around Here

    Joined:
    Oct 16, 2018
    Messages:
    3
    So, I've been thinking about getting an R7800 for a while and I have a few questions for you, Voxel.

    1. Can the R7800 handle QOS of a 400/20 connection without neutering my download speed like the ER-X does? I cant get more than 225Mbps with the Edge Router with QOS enabled.
    2. Is there a way to prioritize traffic by packet type in your FW? (i.e prioritizing ICMP traffic on a gaming console)
    3. Are there any manual bandwidth control options available?
     
  8. MinkyMomo

    MinkyMomo New Around Here

    Joined:
    Jul 26, 2018
    Messages:
    8
    Another fantastic update, Voxel. Upgraded from 1.0.2.60SF, enabled stubby (using stock settings for now), and all's well. Thanks!
     
    Voxel likes this.
  9. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    QoS: to say true I do not use it. It is handled by NG and QCA and is used almost "as-is" in my fw (== QoS in the stock fw). With only some upgrades of obsolete packages such as redis, etc.

    IMO your download speed does not require QoS, Anyway, maybe I am mistaken:

    1. I think "yes".
    2. Rather "no".
    3. It is possible to limit manually download/upload speed. Nothing more.

    Voxel.
     
  10. RamboUnchained

    RamboUnchained New Around Here

    Joined:
    Oct 16, 2018
    Messages:
    3
    Cool. Is it still possible to install your DumaOS "hack" on the R7800? If so, can you PM me the link?
     
  11. Killhippie

    Killhippie Senior Member

    Joined:
    Mar 20, 2016
    Messages:
    350
    Location:
    UK
    Voxel did not provide a DumaOS 'hack' and hacks that are illegal are not welcome on this forum. DumaOS is proprietary software of Netduma, its stealing.
     
    Voxel likes this.
  12. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    Thanks Gary.

    Probably it is necessary to prepare FAQ re: Voxel and Voxel's FW. Please read this:

    https://www.snbforums.com/threads/d...by-add-ons-for-r7800-r9000.48445/#post-429364

    Hacking binary firmware for XR500 to use it on R7800 is illegal activity. It assumes loses of profits for honest developers such as DumaOS people, NETGEAR and even my own (this man extracted some of my pre-built packages such as samba, dropbear and put them into his hack). Anybody is free to use source codes to build own version by compilation. It is legal. But such hacks are violation of laws and rules and moreover is dangerous for you too:

    https://www.snbforums.com/threads/n...ces-with-this-router.45569/page-8#post-401463

    Voxel.
     
  13. routine

    routine Occasional Visitor

    Joined:
    Sep 11, 2018
    Messages:
    14
    What is the difference between stubby and dnscrypt in addition to the programming language?
    What is the best solution of the two? Which one has the best performances?
     
    Last edited: Oct 18, 2018
  14. RamboUnchained

    RamboUnchained New Around Here

    Joined:
    Oct 16, 2018
    Messages:
    3
    Ahhh sorry, guys.
     
  15. xBryan

    xBryan Occasional Visitor

    Joined:
    Jul 26, 2018
    Messages:
    10
    Not specific to this fw ver but I noticed after .60 I want to say.
    About once a day I have the following on my firewall with the R7800 as the source. It is in AP mode fwiw so it's indeed that doing since nothing uses it as a GW and the source IP is it. I guess I could try to setup packet capture to snag what the data is but figured would ask too.

    50.200.136.108:57599 - ET CINS Active Threat Intelligence Poor Reputation

    My only thought is some package or something is doing.
    I have all things in the GUI disabled on R7800 and being in AP mode that also disables a bunch. Autoupdate is off, NTP is pointing to an internal NTP server etc. so lost as to why it's making outside attempts.
     
  16. Sizzlechest

    Sizzlechest Occasional Visitor

    Joined:
    Nov 30, 2017
    Messages:
    34
  17. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    Almost the same goal. Probably stubby is more preferable because it is a standard.

    Voxel.
     
  18. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    Yes sure.You can use it according to this instruction. But do not enable stubby. The last will shutdown dnscrypt-proxy if enabled.

    Voxel.
     
    Sizzlechest likes this.
  19. olavocastro

    olavocastro New Around Here

    Joined:
    Oct 21, 2018
    Messages:
    4
    Hi @Voxel, I just upgraded to your build (1.0.2.61SF) from stock firmware (1.0.2.58) on my R7800, I have 2 questions though.
    1) Why is the VPN Client settings missing from the web UI, it is present on the original firmware. (I am not using this feature so it's fine for me, just curious)
    2) I have an issue with the OpenVpn server. It was working correctly both for TAP and TUN before the upgrade. Now I am only able to connect using TAP, TUN is not connecting no matter what. I suspect this is a firewall/iptables issue but I have no idea. I tried to restore factory settings and even rollback to original firmware but it doesn't work anymore. I also tried to open the port manually using the instructions on your readme file but no luck so far.
    The server log shows nothing and the client log is stuck on "Connecting to x.x.x.x:12973 via UDPv4" then timeout.

    Can you help me to find out the issue?
     
  20. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    923
    There is my own scheme with OpenVPN client, not limited to selected by NG subset. So there could be conflicts if I leave stock scheme.

    I checked right now. TUN: do you mean what is named [For Smart Phones]? Anyway I checked both: [For Windows] and [For Smart Phones], Advanced Configuration (*) UDP (2.4.x clients). When connected can ping LAN IP of my router and IP of other client in remote LAN.

    Try to renew all:

    1. Disable in GUI OpenVPN server
    2. From telnet console run:
    Code:
    /etc/init.d/openvpn regenerate_cert_file
    
    3. Reboot your router
    4. Enable OpenVPN server in GUI
    5. Download your client configs again.

    Voxel.
     
  21. percy3

    percy3 Occasional Visitor

    Joined:
    Sep 21, 2018
    Messages:
    32
    I had some problems with persistent config as well. Here is info how to clean up all config: https://www.snbforums.com/threads/c...r-r7800-v-1-0-2-60sf.48805/page-7#post-438643
    As for TAP/TUN issues I have the opposite. Connection with client.ovpn (TAP) is established but no traffic whatsoever. Have not investigated further but looks like I am connecting to Guest network. smartphone.ovpn (TUN) profile works perfectly.
     
Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!