What's new

Custom firmware build for R7800 v. 1.0.2.67SF & 1.0.2.67.1SF

Voxel

Very Senior Member
Continuation of
. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-65sf.55917/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-66sf.56631/

New version of my custom firmware build: 1.0.2.67SF.

Changes (vs 1.0.2.66SF):

1. OpenSSL v. 1.1.1c package is added.
2. OpenSSL v. 1.0.2 package is upgraded 1.0.2r->1.0.2s.
3. OpenVPN package is changed to use OpenSSL v. 1.1.1.
4. OpenVPN server(s) is(are) slightly optimized.
5. OpenVPN client now could be used simultaneously with OpenVPN server(s) (no necessity to disable server(s) from GUI).
6. unbound package (used in stubby) is changed to use OpenSSL v. 1.1.1.
7. getdns package (used in stubby) is changed to use OpenSSL v. 1.1.1.
8. Because of "6." and "7.": stubby is set to support TLSv1.3 with cloudflare (DoT).
9. wget package is changed to use OpenSSL v. 1.1.1.
10. transmission package is changed to use OpenSSL v. 1.1.1.
11. curl package is upgraded 7.64.1->7.65.0.
12. curl package is changed to use OpenSSL v. 1.1.1.
13. opkg package is changed to use OpenSSL v. 1.1.1.
14. uci package is upgraded 2018-08-11->2019-05-17.
15. openssh-client add-on is changed to use OpenSSL v. 1.1.1.

[updated]

New version of my custom firmware build: 1.0.2.67.1SF.

Changes (vs 1.0.2.67SF):

1. curl package: revert to OpenSSL 1.0.2 (to provide compatibility with ReadyCLOUD).
2. opkg package: revert to OpenSSL 1.0.2 (because of using libcurl p.1).
3. curl package is upgraded 7.65.0->7.65.1.
4. libubox package is upgraded 2019-02-27->2019-06-16.
5. DNSCrypt Proxy v.2 is upgraded 2.0.23->2.0.25.
6. ReadyCLOUD startup script is simplified to avoid potential problems from NG updates.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 
Last edited:

Gar

Very Senior Member
Here goes, hoping I can make it work this time:

I never did get past the test version issues I had.

How do you test Dnscrypt?
 

Voxel

Very Senior Member
:DImpressing job Voxel - again::)
Yeah: there was such request. Recorded in my 2do list. And more comfortable for me, because I have to test both functionalities... Now w/o permanent clicking in GUI :confused:.

Voxel.
 

Voxel

Very Senior Member
How do you test Dnscrypt?
Usually:

Code:
nvram set dnscrypt2=1
nvram set stubby=0
nvram commit
then changing /etc/dnscrypt-proxy-2.toml file, string with server_names:

Code:
server_names = ['ipredator', 'scaleway-fr', 'dnscrypt.eu-nl', 'dnscrypt.eu-dk']
and reboot. BTW it works :).

P.S.

Currently I do use stubby (5 days). For me it is faster a bit vs dnscrypt. Testing TLSv1.3 (OpenSSL 1.1.1). Back to dnscrypt: later, after testing.

Voxel.
 

Gar

Very Senior Member
Usually


then changing /etc/dnscrypt-proxy-2.toml file, string with server_names:

Code:
server_names = ['ipredator', 'scaleway-fr', 'dnscrypt.eu-nl', 'dnscrypt.eu-dk']
and reboot. BTW it works :).

P.S.

Currently I do use stubby (5 days). For me it is faster a bit vs dnscrypt. Testing TLSv1.3 (OpenSSL 1.1.1). Back to dnscrypt: later, after testing.

Voxel.
I didn't know to change this entry so didn't work for me. Thanks.

Had DoT set up correctly so will see how it goes. Maybe my ISP made some changes I didn't know about so it wouldn't work.
 

Voxel

Very Senior Member
Had DoT set up correctly so will see how it goes. Maybe my ISP made some changes I didn't know about so it wouldn't work.
Perhaps DoT (stubby) is faster for me because of I've changed my ISP (to faster speed). Well, it is also useful because of OpenVPN testing...

P.S.

Funnily. My current ISP could not setup (some time) my speed. I had (two days) 100/1000 speed :confused:... I.e. 100 downloading and gigabit upload... Now 200/200 and external IP.

Voxel.
 
  • Like
Reactions: Gar

Gar

Very Senior Member
I had DoT working with 30/3 and I think .62SF last year. Now I have 100/10. The US is so far behind in internet speeds.
 

Voxel

Very Senior Member
I had DoT working with 30/3 and I think .62SF last year. Now I have 100/10. The US is so far behind in internet speeds.
Hmm... I have to use LTE connection with one from my R7800. Just USB LTE modem attached to USB port of R7800 (no WAN cable). Speed is (avg) 85/20... Well... your previous 30/3 is impressing. Price of LTE's ISP is about $9 per month (but total traffic is only 50GB).

Voxel.
 

Gar

Very Senior Member
If Stubby is enabled do the pre-configured Cloudflare settings in stubby override other server settings you may have chosen without it?
 

Sizzlechest

Regular Contributor
Just wanted to share an issue due to my own stupidity that I just discovered...

I created an automounting setup script that would restore my custom settings by plugging in a usb drive after an upgrade. It copies my custom firewall-start.sh to the root directory, adds an authoirized_users file with my public key to the .ssh directory with the proper rights, and edits the /etc/dnscrypt-proxy-2.toml to change the server names to just use cisco. I used a sed command with regex to do the search and replace for the last one. What I didn't realize is that the dnscrypt-proxy-2.toml file has ANOTHER server_names parameter for servers you wish to disable. The regex was simultaneously setting the server to cisco AND adding it to the disabled server list. :eek: I just needed a "^" at the beginning of the regex. :mad:

Here's the fixed script:

#!/bin/sh

if [ ! -f "/root/firewall-start.sh" ]
then
cp /tmp/mnt/$1/firewall-start.sh /root/.
fi

if [ ! -f "/root/.ssh/authorized_keys" ]
then
cp /tmp/mnt/$1/authorized_keys /root/.ssh/authorized_keys
fi

sed -i -r "s/^(server_names[[:space:]]*=[[:space:]]*).*/\1['cisco']/" /etc/dnscrypt-proxy-2.toml
 

kamoj

Very Senior Member
It's because the tun0 device doesn't exist anymore.
Voxel changed device from tun0 to tun21 in this release!

Run this to see:
Code:
grep tun /proc/net/dev
You can patch the addon this way:
Code:
sed -i 's/tun0/tun21/g' /usr/bin/addon_info_update.sh
hello,
Quick question. When i log int to http://192.168.1.1/debug.htm with (kamoji script) to view the status of vpn it says ERROR: 185.245.86.21, ERROR is red in color. The weird part is that the vpn is working according to dnsleaktest etc. Does anybody know why? thanks
 
Last edited:

gobble

Occasional Visitor
Not related to this firmware as I at least noticed it was happening on .66SF, but is anyone else's WiFi calling working? Not working for me and I know it has in the past
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top