What's new

Custom firmware build for R7800 v. 1.0.2.67SF & 1.0.2.67.1SF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Voxel

Part of the Furniture
Continuation of
. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-65sf.55917/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-66sf.56631/

New version of my custom firmware build: 1.0.2.67SF.

Changes (vs 1.0.2.66SF):

1. OpenSSL v. 1.1.1c package is added.
2. OpenSSL v. 1.0.2 package is upgraded 1.0.2r->1.0.2s.
3. OpenVPN package is changed to use OpenSSL v. 1.1.1.
4. OpenVPN server(s) is(are) slightly optimized.
5. OpenVPN client now could be used simultaneously with OpenVPN server(s) (no necessity to disable server(s) from GUI).
6. unbound package (used in stubby) is changed to use OpenSSL v. 1.1.1.
7. getdns package (used in stubby) is changed to use OpenSSL v. 1.1.1.
8. Because of "6." and "7.": stubby is set to support TLSv1.3 with cloudflare (DoT).
9. wget package is changed to use OpenSSL v. 1.1.1.
10. transmission package is changed to use OpenSSL v. 1.1.1.
11. curl package is upgraded 7.64.1->7.65.0.
12. curl package is changed to use OpenSSL v. 1.1.1.
13. opkg package is changed to use OpenSSL v. 1.1.1.
14. uci package is upgraded 2018-08-11->2019-05-17.
15. openssh-client add-on is changed to use OpenSSL v. 1.1.1.

[updated]

New version of my custom firmware build: 1.0.2.67.1SF.

Changes (vs 1.0.2.67SF):

1. curl package: revert to OpenSSL 1.0.2 (to provide compatibility with ReadyCLOUD).
2. opkg package: revert to OpenSSL 1.0.2 (because of using libcurl p.1).
3. curl package is upgraded 7.65.0->7.65.1.
4. libubox package is upgraded 2019-02-27->2019-06-16.
5. DNSCrypt Proxy v.2 is upgraded 2.0.23->2.0.25.
6. ReadyCLOUD startup script is simplified to avoid potential problems from NG updates.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 
Last edited:
Here goes, hoping I can make it work this time:

I never did get past the test version issues I had.

How do you test Dnscrypt?
 
:DImpressing job Voxel - again::)

Yeah: there was such request. Recorded in my 2do list. And more comfortable for me, because I have to test both functionalities... Now w/o permanent clicking in GUI :confused:.

Voxel.
 
How do you test Dnscrypt?

Usually:

Code:
nvram set dnscrypt2=1
nvram set stubby=0
nvram commit

then changing /etc/dnscrypt-proxy-2.toml file, string with server_names:

Code:
server_names = ['ipredator', 'scaleway-fr', 'dnscrypt.eu-nl', 'dnscrypt.eu-dk']

and reboot. BTW it works :).

P.S.

Currently I do use stubby (5 days). For me it is faster a bit vs dnscrypt. Testing TLSv1.3 (OpenSSL 1.1.1). Back to dnscrypt: later, after testing.

Voxel.
 
Usually


then changing /etc/dnscrypt-proxy-2.toml file, string with server_names:

Code:
server_names = ['ipredator', 'scaleway-fr', 'dnscrypt.eu-nl', 'dnscrypt.eu-dk']

and reboot. BTW it works :).

P.S.

Currently I do use stubby (5 days). For me it is faster a bit vs dnscrypt. Testing TLSv1.3 (OpenSSL 1.1.1). Back to dnscrypt: later, after testing.

Voxel.
I didn't know to change this entry so didn't work for me. Thanks.

Had DoT set up correctly so will see how it goes. Maybe my ISP made some changes I didn't know about so it wouldn't work.
 
Had DoT set up correctly so will see how it goes. Maybe my ISP made some changes I didn't know about so it wouldn't work.
Perhaps DoT (stubby) is faster for me because of I've changed my ISP (to faster speed). Well, it is also useful because of OpenVPN testing...

P.S.

Funnily. My current ISP could not setup (some time) my speed. I had (two days) 100/1000 speed :confused:... I.e. 100 downloading and gigabit upload... Now 200/200 and external IP.

Voxel.
 
  • Like
Reactions: Gar
I had DoT working with 30/3 and I think .62SF last year. Now I have 100/10. The US is so far behind in internet speeds.
 
I had DoT working with 30/3 and I think .62SF last year. Now I have 100/10. The US is so far behind in internet speeds.
Hmm... I have to use LTE connection with one from my R7800. Just USB LTE modem attached to USB port of R7800 (no WAN cable). Speed is (avg) 85/20... Well... your previous 30/3 is impressing. Price of LTE's ISP is about $9 per month (but total traffic is only 50GB).

Voxel.
 
If Stubby is enabled do the pre-configured Cloudflare settings in stubby override other server settings you may have chosen without it?
 
Just wanted to share an issue due to my own stupidity that I just discovered...

I created an automounting setup script that would restore my custom settings by plugging in a usb drive after an upgrade. It copies my custom firewall-start.sh to the root directory, adds an authoirized_users file with my public key to the .ssh directory with the proper rights, and edits the /etc/dnscrypt-proxy-2.toml to change the server names to just use cisco. I used a sed command with regex to do the search and replace for the last one. What I didn't realize is that the dnscrypt-proxy-2.toml file has ANOTHER server_names parameter for servers you wish to disable. The regex was simultaneously setting the server to cisco AND adding it to the disabled server list. :eek: I just needed a "^" at the beginning of the regex. :mad:

Here's the fixed script:

#!/bin/sh

if [ ! -f "/root/firewall-start.sh" ]
then
cp /tmp/mnt/$1/firewall-start.sh /root/.
fi

if [ ! -f "/root/.ssh/authorized_keys" ]
then
cp /tmp/mnt/$1/authorized_keys /root/.ssh/authorized_keys
fi

sed -i -r "s/^(server_names[[:space:]]*=[[:space:]]*).*/\1['cisco']/" /etc/dnscrypt-proxy-2.toml
 
Grazie mille!!
 
Hi Voxel,

I installed 67SF a few minutes ago. You're a release machine! :) Thx!

50520531.png


8313795419.png
 
Last edited:
It's because the tun0 device doesn't exist anymore.
Voxel changed device from tun0 to tun21 in this release!

Run this to see:
Code:
grep tun /proc/net/dev

You can patch the addon this way:
Code:
sed -i 's/tun0/tun21/g' /usr/bin/addon_info_update.sh

hello,
Quick question. When i log int to http://192.168.1.1/debug.htm with (kamoji script) to view the status of vpn it says ERROR: 185.245.86.21, ERROR is red in color. The weird part is that the vpn is working according to dnsleaktest etc. Does anybody know why? thanks
 
Last edited:
Not related to this firmware as I at least noticed it was happening on .66SF, but is anyone else's WiFi calling working? Not working for me and I know it has in the past
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top