Custom firmware build for R7800 v. 1.0.2.72SF

[Sizzlechest]

Voxel,

Any chance you can make a test build using DNSCrypt 2.0.29 that I can try out? It came out of beta today.

 

[Voxel]

Voxel,

Any chance you can make a test build using DNSCrypt 2.0.29 that I can try out? It came out of beta today.

New version: sorry, no. But manual installation to this 1.0.2.72SF - it is easy for me.

Note: DNSCrypt-Proxy-2 is very independent package, it does not require changes in other packages, everything is inside. So if you wish to try please spend 5 min of your time for manual installation.

Instruction how-to:

1. Enable telnet:
http://routerlogin.net/debug.htm
2. Login to the router using telnet:

telnet routerlogin.net

3. Change your dir to /tmp

cd /tmp

4. Download installation package:

/usr/bin/wget https://voxel-firmware.com/Downloads/dnscrypt-proxy-2_2.0.29-1_ipq806x.ipk

5. Install it:

/bin/opkg --force-overwrite install ./dnscrypt-proxy-2_2.0.29-1_ipq806x.ipk

6. Check that is is installed properly:

dnscrypt-proxy-2 --version

it should display 2.0.29
7. Reboot your router.


If you wish to test the new features of 2.0.29 (Anonymized DNS) you have to change the default config /etc/dnscrypt-proxy-2.toml (see the very end of this file). But w/o changes it should work as before.

Voxel.

 

[Sizzlechest]

New version: sorry, no. But manual installation to this 1.0.2.72SF - it is easy for me.

Note: DNSCrypt-Proxy-2 is very independent package, it does not require changes in other packages, everything is inside. So if you wish to try please spend 5 min of your time for manual installation.

Instruction how-to:

...

If you wish to test the new features of 2.0.29 (Anonymized DNS) you have to change the default config /etc/dnscrypt-proxy-2.toml (see the very end of this file). But w/o changes it should work as before.

Voxel.

Thank you! I am trying it now. I'll let you know if it makes a difference.

EDIT: To anyone else who wants to try this, check the output to see if you need to delete your old config file and replace it with the new one.

 

[jocelyn fournier]

Had to register and wait for one day, but now I can say thank you Voxel!

 

[Tom Brough]

If you wish to test the new features of 2.0.29 (Anonymized DNS) you have to change the default config /etc/dnscrypt-proxy-2.toml (see the very end of this file). But w/o changes it should work as before.

Voxel.

How do we edit the .toml file and in what way do we need to adjust it?? In your opinion is it worth the effort to change it??

 

[Sizzlechest]

How do we edit the .toml file and in what way do we need to adjust it?? In your opinion is it worth the effort to change it??

You can telnet and edit it using vi.

If you wish to test the new features of 2.0.29 (Anonymized DNS) you have to change the default config /etc/dnscrypt-proxy-2.toml (see the very end of this file). But w/o changes it should work as before.

Ironically for me... https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS

Relaying is currently incompatible with cisco, as this resolver doesn't implement DNSCrypt v2 yet, and doesn't support large queries.

 

[Droidrat]

Before purchasing this router, I researched it thoroughly and discovered your customized firmware. Your project (and the responses of users to it) was the deciding factor for me. Thank you so much for your work. The modified R7800 has been flawless for us.

 

[Voxel]

In your opinion is it worth the effort to change it??

In general default config is OK for most of users. Because of it refers also to Cloudflare, thus should be close to you (worldwide).

Voxel.

 

[stelio]

Great piece of software , thank you Voxel. Greetings from Bulgaria.

 

[Voxel]

Greetings from Bulgaria.

OOT: Just interesting: what is your city in Bulgaria if it is not a secret? I am visiting Bulgaria quite often...

Voxel.

 

[stelio]

OOT: Just interesting: what is your city in Bulgaria if it is not a secret? I am visiting Bulgaria quite often...

Voxel.

I live in Sofia . What you like and dislike in Bulgaria ?

 

[Voxel]

I live in Sofia . What you like and dislike in Bulgaria ?

I like everything. Especially your beer, I was surprised to say true. Shumensko - right? And this tradition when nodding your head means "no". Had some funny cases.

Voxel.

 

[Tom Brough]

Voxel, I notice the link you gave to get the v2.0.29 dnscrypt was listed as v2.0.29-1 does this mean it's the beta 1 version?

 

[Voxel]

Voxel, I notice the link you gave to get the v2.0.29 dnscrypt was listed as v2.0.29-1 does this mean it's the beta 1 version?

No, it is not beta but exactly release. 2.0.29 i.e.

https://github.com/DNSCrypt/dnscrypt-proxy/releases/tag/2.0.29

2.0.29-1

"-1" above means internal development info. I.e. version of product itself is "2.0.29" and "-1" means development version of release. E.g. you could see etherwake package 1.09-5 . It is not beta 5 or so. It means that version of package etherwake is "1.0.9" but version of its release is "5". Changed patches, Makefile, compiler options etc.

Voxel.

 

[Sizzlechest]

I'm still testing, but here are my priminary findings:

2.0.29 didn't resolve the issue but provided better logging. This issue seems to be with the newer DNSCrypt versions and Cisco. Using the default server list, which ends up using Cloudflare, doesn't seem to have an issue. Here are some log messages when using Cisco:

[2019-10-29 13:57:12][INFO] [2.dnscrypt-cert.opendns.com.] the key validity period for this server is excessively long (365 days), significantly reducing reliability and forward security.
[2019-10-29 13:57:12] [INFO] [cisco] OK (DNSCrypt) - rtt: 16ms
[2019-10-29 13:57:12] [NOTICE] Server with the lowest initial latency: cisco (rtt: 16ms)
[2019-10-29 14:01:30] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 14:01:30] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 14:01:33] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 14:01:33] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 14:01:59] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 14:30:46] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 14:31:52] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 15:48:53] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 16:48:11] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 16:48:25] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 17:22:58] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues
[2019-10-29 17:23:03] [INFO] Server [cisco] returned temporary error code [2] -- Upstream server may be experiencing connectivity issues

I don't see these log messages when using Cloudflare. Ironically, the eventual breakdown of DNSCrypt when using Cisco is not logged.

I've been considering switching to Cloudflare anyway. Cisco doesn't say they won't keep records of your DNS queries like Cloudflare does. The only reason I was using Cisco is that OpenDNS has a blacklist of scam sites and makes it easy to manually blacklist others. I can accomplish the manual blacklist in other ways and I haven't seen an OpenDNS block message in a long time, so I don't think the scam blacklist is adding much value. However, I want to wait 48-72 hours using Cloudflare without a breakdown of DNS before I claim victory.

 

[Voxel]

This issue seems to be with the newer DNSCrypt versions and Cisco. Using the default server list, which ends up using Cloudflare, doesn't seem to have an issue.

Similar issue with Cloudflare:

https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/page-48#post-403245

Voxel.

 

[Sizzlechest]

Similar issue with Cloudflare:

https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/page-48#post-403245

Voxel.

I read through that thread from that point on. It looks like 2.0.14 might have fixed whatever connection issues Cloudflare was experiencing with DNSCrypt-proxy (or maybe it was a coincidence?) Apparently Cloudflare doesn't support DNSCrypt but works with DNSCrypt-proxy using DoH. You currently can't use any DoH servers with the new anonymized feature, so Cloudflare is disqualified if that's important to anyone.

It hasn't been even 24 hours since I switched to the default configuration (except for setting the logging level to 1), but the fact that you haven't had any issues for a few days leads me to believe Cloudflare is currently stable.

EDIT: I don't know if this is specific to 2.0.19, but it looks like DNSCrypt-proxy restarts itself every 4 hours:

[2019-10-29 22:34:47] [NOTICE] dnscrypt-proxy 2.0.29
[2019-10-29 22:34:47] [NOTICE] Network connectivity detected
[2019-10-29 22:34:47] [NOTICE] Source [public-resolvers.md] loaded
[2019-10-29 22:34:47] [NOTICE] Firefox workaround initialized
[2019-10-29 22:34:47] [NOTICE] Now listening to 127.0.0.1:64153 [UDP]
[2019-10-29 22:34:47] [NOTICE] Now listening to 127.0.0.1:64153 [TCP]
[2019-10-29 22:34:47] [NOTICE] Now listening to [::1]:64153 [UDP]
[2019-10-29 22:34:47] [NOTICE] Now listening to [::1]:64153 [TCP]
[2019-10-29 22:34:47] [NOTICE] [dnscrypt.eu-dk] OK (DNSCrypt) - rtt: 115ms
[2019-10-29 22:34:47] [NOTICE] [scaleway-fr] OK (DNSCrypt) - rtt: 86ms
[2019-10-29 22:34:47] [NOTICE] [dnscrypt.eu-nl] OK (DNSCrypt) - rtt: 95ms
[2019-10-29 22:34:48] [NOTICE] [cloudflare] OK (DoH) - rtt: 16ms
[2019-10-29 22:34:48] [NOTICE] Sorted latencies:
[2019-10-29 22:34:48] [NOTICE] - 16ms cloudflare
[2019-10-29 22:34:48] [NOTICE] - 86ms scaleway-fr
[2019-10-29 22:34:48] [NOTICE] - 95ms dnscrypt.eu-nl
[2019-10-29 22:34:48] [NOTICE] - 115ms dnscrypt.eu-dk
[2019-10-29 22:34:48] [NOTICE] Server with the lowest initial latency: cloudflare (rtt: 16ms)
[2019-10-29 22:34:48] [NOTICE] dnscrypt-proxy is ready - live servers: 4
[2019-10-30 02:34:49] [NOTICE] Sorted latencies:
[2019-10-30 02:34:49] [NOTICE] - 16ms cloudflare
[2019-10-30 02:34:49] [NOTICE] - 86ms scaleway-fr
[2019-10-30 02:34:49] [NOTICE] - 89ms dnscrypt.eu-nl
[2019-10-30 02:34:49] [NOTICE] - 116ms dnscrypt.eu-dk
[2019-10-30 02:34:49] [NOTICE] Server with the lowest initial latency: cloudflare (rtt: 16ms)
[2019-10-30 06:34:50] [NOTICE] Sorted latencies:
[2019-10-30 06:34:50] [NOTICE] - 12ms cloudflare
[2019-10-30 06:34:50] [NOTICE] - 90ms scaleway-fr
[2019-10-30 06:34:50] [NOTICE] - 91ms dnscrypt.eu-nl
[2019-10-30 06:34:50] [NOTICE] - 113ms dnscrypt.eu-dk
[2019-10-30 06:34:50] [NOTICE] Server with the lowest initial latency: cloudflare (rtt: 12ms)
[2019-10-30 10:34:51] [NOTICE] Sorted latencies:
[2019-10-30 10:34:51] [NOTICE] - 11ms cloudflare
[2019-10-30 10:34:51] [NOTICE] - 87ms scaleway-fr
[2019-10-30 10:34:51] [NOTICE] - 92ms dnscrypt.eu-nl
[2019-10-30 10:34:51] [NOTICE] - 115ms dnscrypt.eu-dk
[2019-10-30 10:34:51] [NOTICE] Server with the lowest initial latency: cloudflare (rtt: 11ms)
[2019-10-30 14:34:51] [NOTICE] Sorted latencies:
[2019-10-30 14:34:51] [NOTICE] - 15ms cloudflare
[2019-10-30 14:34:51] [NOTICE] - 91ms scaleway-fr
[2019-10-30 14:34:51] [NOTICE] - 91ms dnscrypt.eu-nl
[2019-10-30 14:34:51] [NOTICE] - 114ms dnscrypt.eu-dk
[2019-10-30 14:34:51] [NOTICE] Server with the lowest initial latency: cloudflare (rtt: 15ms)

 

[Supersaiyan_IV]

Continuation of
21. Host tools (mtd-utils): Add: glibc >= 2.28 compatibility patch.
22. Host tools (m4): Add: glibc >= 2.28 compatibility patch.
23. Host tools (squashfs4): Add: glibc >= 2.28 compatibility patch.
24. Toolchain: gdb is upgraded.
25. Development platform is changed (Debian9->Debian10: glib 2.24->2.28; gcc 6.3.0->8.3.0; etc).
Voxel.

I know you've wanted to do this for the longest time, congrats on being way ahead of the curve Splendid work!

 

[Voxel]

I know you've wanted to do this for the longest time, congrats on being way ahead of the curve Splendid work!

Thanks, it is my internal needs to upgrade the development platform. Users of my firmware cannot not see any changes.
Voxel.

 

[Pion33r]

Thanks a lot for the ongoing great work!