1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Custom firmware build for R7800 v. 1.0.2.64SF

Discussion in 'NETGEAR AC Wireless' started by Voxel, Feb 22, 2019.

Tags:
  1. Sizzlechest

    Sizzlechest Regular Contributor

    Joined:
    Nov 30, 2017
    Messages:
    72
    I want to set up a thumbdrive to add the authorized_keys to the .ssh folder, copy a firewall-start.sh to the /root folder and execute a sed command to modify the
    /etc/dnscrypt-proxy-2.toml file to use the cisco server.

    I read the instructions in the documentation. I don't have a Linux OS, so I used the 7800 to format the drive as ext2. I put the authorized_keys in a folder called ssh on the thumbdrive. I created a post-mount.sh in /autorun/scripts directory on the thumbdrive, too. I made sure it was chmoded correctly. I could not unmount the drive. I had to reboot the router to safely pull the usb stick out. When I plugged it back in, the only folder was lost+found. I reinstalled the files, pulled it out, plugged it back in and again the only folder was lost+found. Should I try it again with ext4?

    EDIT: It worked with ext4. I had to add copying the authorized_keys to the script, too.

    One other question: How do I unmount the usb drive? doing a umount /mnt/sda1 results in an "Invalid argument" error.
     
    Last edited: Feb 23, 2019
  2. Sizzlechest

    Sizzlechest Regular Contributor

    Joined:
    Nov 30, 2017
    Messages:
    72
    Okay, I think I figured this out...

    the mount in /tmp/mnt/sda1 is not the thumb drive. It survives removal of the device. It's a copy of the thumb drive contents. If you edit the files in there, they do not get written back to the thumb drive. they will not survive a reboot. I believe the thumbdrive is automatically unmounted after the copy is made.

    You have to make your own seperate mount point for the thumbdrive to edit read/write the files. I could not get ext4 to work. I used ext3 instead.

    Here is my script:
    Code:
    #!/bin/sh
    
    if [ ! -f "/root/firewall-start.sh" ]
    then
      cp /tmp/mnt/$1/firewall-start.sh /root/.
    fi
    
    if [ ! -f "/root/.ssh/authorized_keys" ]
    then
      cp /tmp/mnt/$1/authorized_keys /root/.ssh/authorized_keys
    fi
    
    sed -i -r "s/(server_names[[:space:]]*=[[:space:]]*).*/\1['cisco']/" /etc/dnscrypt-proxy-2.toml
     
  3. Robert Laverty

    Robert Laverty New Around Here

    Joined:
    Feb 19, 2019
    Messages:
    4
  4. kamoj

    kamoj Senior Member

    Joined:
    May 12, 2017
    Messages:
    371
    No. Even if Entware would support it, Wireguard need a newer kernel v3.10 with some
    specific configuration options:
    https://www.wireguard.com/install/#kernel-requirements
    I doubt Netgear will ever upgrade to that...

    But both DD-WRT and OpenWRT (LEDE) for R7800 have support for Wireguard.

     
    Last edited: Feb 25, 2019
  5. routine

    routine Occasional Visitor

    Joined:
    Sep 11, 2018
    Messages:
    33
    WireGuard requires Linux ≥3.10 but NG firmware have kernel 3.4.103 ...
    I hope wireguard will be implemented in the NG firmware.. but it seems difficult unfortunately
    The asus ac86 has better vpn performance and wireguard support but not openwrt ddwrt support..
     
    Last edited: Mar 1, 2019
    Tom_Batty and kamoj like this.
  6. mr-b

    mr-b Occasional Visitor

    Joined:
    Nov 28, 2018
    Messages:
    12
    Hi Voxel

    Is there any chance you can post an announce thread i.e. with no discussions or similar for new firmware that I can subscribe to, as I only seem to find out about them by chance?
     
  7. Gar

    Gar Senior Member

    Joined:
    Aug 26, 2018
    Messages:
    398
    Location:
    US
    Thanks for your continued firmware support, it is appreciated!

    What results should we see with stubby or DNSCrypt enabled using the Cloudflare link?

    https://cloudflare-dns.com/help

    Edit: oops, wrong thread
     
    Last edited: Feb 25, 2019
  8. cdysthe

    cdysthe Regular Contributor

    Joined:
    Sep 22, 2013
    Messages:
    148
    I can not say for sure that this is a Voxel FW issue, but I have problems with ReadyCloud after the latest update. On the router it says that it's registered with ReadyCloud when I check the "ReadyCLOUD (Allows you to access ReadySHARE Storage from anywhere.)" box and I get "This router is registered with the following ReadyCLOUD user: [email protected]" screen. The shares show up as they should from an USB connected drive locally and I can access the shares on my network. But when I log into the cloud in my browser I can see my router but no shares are accessible. I have tried to "Unregistered" my router and register it again but even after putting in my ReadyCloud credentials I still can't access the shares on the cloud. I can not disable Network Neighborhood either. It looks like "Unregister" doesn't work for some reason. Is there a way for me to get this to work again without a full factory reset?
     
    Last edited: Feb 27, 2019
  9. cordezz

    cordezz Occasional Visitor

    Joined:
    Feb 12, 2018
    Messages:
    28
    Login into you ReadyCloud Account (Netgear website) and delete you R7800.
    Then login with telnet on the R7800 and type “cloud uninstall” and reboot your R7800. Now you should be able to register your ReadyCloud access on the routers WI again.
     
    cdysthe and L&LD like this.
  10. cdysthe

    cdysthe Regular Contributor

    Joined:
    Sep 22, 2013
    Messages:
    148
    Thanks. I have never telnet'ed into the router so I have no idea how. Where can I find information on how to do that? I have Google'ed some and not been able to find it.
     
  11. kamoj

    kamoj Senior Member

    Joined:
    May 12, 2017
    Messages:
    371
  12. Gallo

    Gallo Occasional Visitor

    Joined:
    Sep 11, 2018
    Messages:
    16
    Not sure where to put this but here goes. Ive got a r7800 running 64sf. Recently defaulted and have setup wifi with wpa2 on both channels. Ssid's are different, only 2 of the eth ports are used 1 for pc and the other for a ps4. 2.4g is on channel 6 and 5g is on 149. The router runs rock solid, I can max out my line on wireless and hard wire. modem is an arris tm1602 with a 400/20 link.
    Ill try to list as much of my setup, if im lacking any info let me know.
    2.4g
    20/40 coexistence is enabled
    5g
    implicit beamforming, mu-mimo, and ht160 are enabled

    My problems start when I wirelessly bridge a wrt1900ac v1. Its running current firmware Ver. 1.0.3.187766. The bridge is defaulted, wireless is setup the same as the r7800 aside from the ssid for the 5g on the bridge being different from the main router. Joining the 2 routers on the 2.4g channels works fine. Whatever bw i can get out of my 2.4g is transferred fine by the 5g band on the bridge. All the AP work fine for about an hour or so then 5g stops working on both routers. Although they still broadcast, the main router will not let you connect anymore. It goes thru a split second of attempt to connect then the tablet or phone gives up and jumps to the 2.4g and it connects without a problem and works. The bridge no longer accepts connections, i believe its a lack of dhcp. It appears that the bridge is still connected but is inaccessible. The eth ports work all the time. In an attempt to clear up the problem ive changed the 5g channel to 36, on the bridge, to see if congestion was the problem, that didnt work. In order to get the main router to accept connections on 5g the router needs a reboot, it hasnt recovered by simply shutting down the bridge. Am i going to far in trying to run these routers together, would rather to get it working vs. getting another router or a mesh. If I need to post more info let me know. Any suggestions? TIA

    further update:
    tried another router d-link dir825b1 and the exact same scenario occurs only difference my r7800 went down in about 20 mins.
     
    Last edited: Feb 28, 2019
  13. cdysthe

    cdysthe Regular Contributor

    Joined:
    Sep 22, 2013
    Messages:
    148
    Thank you for your help. I got telnet enabled, ran 'cloud uninstall' from the telnet prompt and rebooted. Still no go. I did it again but rebooted from telnet. This time it worked and I got the router registered!
     
    Last edited: Feb 27, 2019
    kamoj likes this.
  14. rk8531

    rk8531 Regular Contributor

    Joined:
    Jan 28, 2019
    Messages:
    92
    Can someone please tell me how can I change the resolver in Stubby from Clouflare to Quad9? I am noob with programming but I can copy paste the commands :D.
     
  15. Gallo

    Gallo Occasional Visitor

    Joined:
    Sep 11, 2018
    Messages:
    16
    just fyi for anyone ht160 was the culprit big thanks to avtella for this comment on another thread
    'For regular use leave it at HT80 for greater stability, and less chances of interference.'
     
  16. EmeraldDeer

    EmeraldDeer Very Senior Member

    Joined:
    Dec 22, 2017
    Messages:
    503
    Location:
    Massachusetts
    This is for Asus Merlin. You will need to adapt it to Netgear R7800.
    Code:
    # cat /opt/etc/stubby/stubby.yml
    appdata_dir: "/opt/var/cache/stubby"
    dns_transport_list:
      - GETDNS_TRANSPORT_TLS
    idle_timeout: 1900
    tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
    tls_ca_file: "/rom/etc/ssl/certs/ca-certificates.crt"
    #
    upstream_recursive_servers:
    # Quad9 Primary IPv4
      - address_data: 9.9.9.9
        tls_auth_name: "dns.quad9.net"
    # Quad9 Secondary IPv4
      - address_data: 149.112.112.112
        tls_auth_name: "dns.quad9.net"
    # Quad9 Primary IPv6
      - address_data: 2620:fe::fe
        tls_auth_name: "dns.quad9.net"
    # Quad9 Secondary IPv6
      - address_data: 2620:fe::9
        tls_auth_name: "dns.quad9.net"
    #
    listen_addresses:
      - [email protected]
      - 0::[email protected]
    #
    
     
  17. kamoj

    kamoj Senior Member

    Joined:
    May 12, 2017
    Messages:
    371
    #1. Install Telnet
    Hold down the Windows Key, then press the “R“ key.
    The Run dialog box appears. In the Open: window, type:
    pkgmgr /iu:”TelnetClient”
    Click OK

    #2. Login to the router using your web-browser:
    http://www.routerlogin.net

    #3. Enable Telnet login:
    http://www.routerlogin.net/debug.htm
    Check (Set a tick in the box for) "Enable Telnet". (No apply needed)

    #4. Login to the router using telnet:
    Hold down the Windows Key, then press the “R“ key.
    The Run dialog box appears. In the Open: window, type:
    cmd
    Click OK.
    Code:
    telnet www.routerlogin.net
    The password is the same as from the normal router login page http://routerlogin.net

    Now you can try this:

    #Stubby: To delete Cloudflare and activate Quad9:
    Code:
    sed -i '/# Cloudflare/,/cloudflare-dns.com/d' /etc/stubby/stubby.yml
    sed -i 's/#\(.*quad9\)/ \1/' /etc/stubby/stubby.yml
    sed -i 's/#\(.*9.9.9.10\)/ \1/' /etc/stubby/stubby.yml
    sed -i 's/#\(.*2620:fe::10\)/ \1/' /etc/stubby/stubby.yml
    /etc/init.d/stubby restart
    
    #Stubby: To revert changes:
    Code:
    \cp /rom/etc/stubby/stubby.yml /etc/stubby/stubby.yml
    /etc/init.d/stubby restart
    To see it is working, visit e.g.:
    https://ipleak.net/
    https://dnsleaktest.com/
    https://www.perfect-privacy.com/dns-leaktest/
    https://cmdns.dev.dns-oarc.net/
    https://www.dns-oarc.net/oarc/services/dnsentropy/

    Also you can install the Kamoj add-on to get more information about your router, including Stubby:
    https://www.snbforums.com/threads/k...800-x4s-and-r9000-x10-temperatures-a-o.55063/

    Good Luck! :)

     
    Last edited: Mar 10, 2019
    L&LD and rk8531 like this.
  18. robwiel

    robwiel Occasional Visitor

    Joined:
    Jan 22, 2011
    Messages:
    17
    Hi, updated. Kept my config.

    [Internet connected] IP address: 31.178.149.195, Monday, March 04, 2019 12:15:32
    [DoS Attack: ACK Scan] from source: 162.125.18.133, port 443, Monday, March 04, 2019 12:15:31
    [DoS Attack: ACK Scan] from source: 52.220.50.235, port 8884, Monday, March 04, 2019 12:15:30
    [Initialized, firmware version: V1.0.2.64SF] Monday, March 04, 2019 12:15:27

    How DoS Attack ACK Scan even before internet connected :(
     
  19. microchip

    microchip Very Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    544
    Location:
    Belgium
    False positive. This is a common issue with NG logging. It's bogus
     
  20. LJ H

    LJ H New Around Here

    Joined:
    Apr 2, 2017
    Messages:
    8
    yea, i have issues with ht160 too. it's stable until i try to download anything (i realize everything you do on the internet is downloading, but i'm talking about downloading at high speeds), then the wifi signal dies