What's new

Voxel Custom firmware build for R7800 v. 1.0.2.96SF

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I always disable traffic meter. But for some reason it always turns itself on again after some time. Possibly after a fw update/reboot.
Running below cmds once after firmware update will disable traffic meter till next firmware update. It will not start after reboot.
Code:
## |TrafficMeter| - [Disable]
nvram set endis_traffic=0
nvram commit

# Stop & Disable > TrafficMeter Process
[ -x /sbin/traffic_meter ] && { /etc/init.d/traffic_meter stop; chmod -x /sbin/traffic_meter; }
Setup usb to automatically run optimization script once after firmware update including above cmds. [OR] Kamoj addon will do the trick as well.

You can verify with cmd "ps -w" if "traffic_meter" binary is running.
[OR]
From "/tmp/traffic_meter/traffic_statistics" file, the timestamp will remain the same since you disable "traffic_meter" binary, and its contents will remain as below:
Today 00:00 0.00 0.00 0.00
Yesterday 00:00 0.00 0.00 0.00
Thisweek 00:00 0.00/0.00 0.00/0.00 0.00/0.00
Thismonth 00:00 0.00/0.00 0.00/0.00 0.00/0.00
Lastmonth 00:00 0.00/0.00 0.00/0.00 0.00/0.00
 
It will be great to setup email notification for new Voxel`s firmware update.
It will be also nice to have RSS feeds on SourceForge.
Do you have any simple suggestion?
 
I personally enjoy checking the forum a few times a day. I read all the interesting posts, not only those about our favorite router and all the people who work hard to make it better, but all the posts about the other routers, the network, ... :)
 
I have so many devices now and tired to check manually every day for update and read forums just want to enjoy internet services . Let me know please if any option exist
For example i just setup email notification from RSS feed to my other router and like it
 
Last edited:
Last edited:
Just installed this version as my first Voxel firmware. I have a question about the SSH/Dropbear setup.

I created a key pair on Windows using puttygen.exe and created an authorized_keys file to put on the router via USB. I also installed dropbear on a linux machine and used dropbearkey to create my own versions of the dropbear_ecdsa_host_key & dropbear_rsa_host_key files.

After extracting the setssh.tar and replacing the default files with my own, I inserted the USB and now SSH access works as expected. However, I noticed that there are other files that aren't part of the automatic file copy process described in the readme:

ll /etc/dropbear
-rw------- 1 root root 141 Aug 9 11:19 dropbear_ecdsa_host_key
-rw------- 1 root root 83 Jul 15 05:53 dropbear_ed25519_host_key
-rw------- 1 root root 805 Aug 9 11:19 dropbear_rsa_host_key
-rw-r--r-- 1 root root 188 Aug 9 11:19 ssh_host_ecdsa_key.pub
-rw-r--r-- 1 root root 95 Jul 15 05:53 ssh_host_ed25519_key.pub
-rw-r--r-- 1 root root 408 Aug 9 11:19 ssh_host_rsa_key.pub

You'll notice that the files I created have a recent date while the highlighted items have the firmware creation date.

Why are these files present & why does the readme and autocopy scropt not include instructions/tasks for overwriting them? Can they be removed without affecting functionality?
 
All the files in that folder by default are part of the dropbear initial installation and are stored in the rom.

And Voxels instructions offer the optional replacement of those host keys.
What I don't fully understand: that option instructs to generate new versions of dropbear_rsa_host_key and dropbear_ecdsa_host_key -> If you would initiate an ssh session with ed25519 encryption then you would still use the default keys?

So I feel that the instruction (and the post-mount.sh inside the setssh.tar) need some update to also generate the newer ed25519 host keys.


If you would delete those two files, then I'm not sure what happens. Either nothing changes, except that you can no longer use ed25519 to connect. OR after the next reboot dropbear will no longer start and thus lock you out. (requiring you to use telnet to "undelete" the files.)
(and in this case you can undelete them, because the files are in rom -> you can remove the deletion via /overlay/etc/dropbear)


As for the purpose of these keys, I think their only purpose is to prove the identity of the router, when you connect to it via ssh.
Risk of reusing these factory keys, is that someone could deploy another ssh instance with the same keys. And if he could then do some mitm trickery to redirect you there, then you would logon to that malicious ssh instance without knowing.

If you do install your own host keys, then in that mitm situation, your ssh client should warn that you are connecting to something with a changed key.
And if you do stick to the default keys -> these can change in newer versions of dropbear -> after a firmware update it could be that your ssh-client will complain that the host-keys have changed and refuse to connect until you wipe the entry from that ssh-client.

Edit: 2nd purpose could be that the host keys are used to encrypt the ssh traffic. -> When using the default keys, someone could decrypt and inspect your ssh traffic.
 
Last edited:
I used dropbearkey on the router to generate new dropbear_ed25519_host_key & extracted the public key to ssh_host_ed25519_key.pub

After restarting the router, everything worked fine, with the caveat that putty (Windows SSH client) gave me a warning that the server key didn't match what I had previously saved. After accepting the new key, everything works fine.

In short, I believe the readme and setssh.tar script should indeed be updated to include the ed25519 key in the process.
 
Hello Voxel, do you remember the issue i had with unexpected ETH ports switching off or losing DHCP ability? i think that the problem is USB port and HDD attached which somehow is filling up RAM or some buffer and router is affected by switching down ports. i remember i was using 1TB drive but when i move to 3TB drive issues appears straight away. now im running stable for 1 day with HDD unplugged even if Kamoj addon is showing "ERROR: Router configuration is CORRUPT!. Size: 188884. Entries:?. Add-on entries:?. Timestamp: 2022-06-10 11:50:50". this issue is present even with stock Netgear:V1.0.2.90. do you know if there is a way to improve HDD compatibitly, ram or whatever is needed to avoid ETH ports switching down after sometime?
Thank You very much to look at this
 
Hello Voxel, do you remember the issue i had with unexpected ETH ports switching off or losing DHCP ability? i think that the problem is USB port and HDD attached which somehow is filling up RAM or some buffer and router is affected by switching down ports. i remember i was using 1TB drive but when i move to 3TB drive issues appears straight away. now im running stable for 1 day with HDD unplugged even if Kamoj addon is showing "ERROR: Router configuration is CORRUPT!. Size: 188884. Entries:?. Add-on entries:?. Timestamp: 2022-06-10 11:50:50". this issue is present even with stock Netgear:V1.0.2.90. do you know if there is a way to improve HDD compatibitly, ram or whatever is needed to avoid ETH ports switching down after sometime?
Thank You very much to look at this
If you have a corrupt configuration, you can expect all kind of failures.
My advice:
Reset to default or restore a non-corrupt backup
(You can see that the size of the corrupt one is very much larger than a normal backup file).
 
If you have a corrupt configuration, you can expect all kind of failures.
My advice:
Reset to default or restore a non-corrupt backup
(You can see that the size of the corrupt one is very much larger than a normal backup file).
Hello kamoj, tnx for the reply. With or without corruption message it was the same. I worked months and tried all sort of things. I end with the theory that 3tb hdd is not supported and create this problem. Probably the hardware is not supporting this or no other idea
 
Daylight Saving Time
There was a known bug in Netgear fw long time back. With DST enabled the Traffic Meter stats used to show 0.

I use DST and have it enabled all the time, never used Traffic Meter though (always kept it disabled).
 
Edit, oh, so it is not the actual DST that is causing it, but the fact that you enable the checkbox at "Automatically adjust for daylight savings time" in the NTP settings ?
Yes under NTP settings. But issue was with DST & traffic meter both, the traffic meter stats used to show 0 if DST was enabled. I think it was fixed.
 
Continuation of

. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-94sf.78610/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-95sf.79173/

New version of my custom firmware build: 1.0.2.96SF.

Changes (vs 1.0.2.95SF):

1. Toolchain: add patch to uClibc to fix CVE-2022-30295, score 6.5, Medium (Use predictable DNS transaction IDs that may lead to DNS cache poisoning).
2. Toolchain: Go is upgraded 1.18.3->1.18.4.
3. OpenSSL v. 1.1.1 package: change the compiler flag '-fvect-cost-model=unlimited'->'-fvect-cost-model=dynamic'.
4. OpenSSL v. 1.1.1 package is upgraded 1.1.1o->1.1.1q.
5. curl package is upgraded 7.83.1->7.84.0.
6. tcpdump package is upgraded 4.9.3->4.99.1.
7. unbound package (used in stubby) is upgraded 1.16.0->1.16.1.
8. ethtool package is upgraded 5.17->5.18.
9. OpenSSL 0.9.8 package is upgraded 0.9.8zg->0.9.8zh.
10. iptables: add 'tee' support (iptables-mod-tee/kmod-ipt-tee packages).

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.Updated to 1.0.2.96SF from 1.0.2.93SF - no issues - thank you sir.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top