Custom firmware build for R9000/R8900 v. 1.0.4.42HF & v. 1.0.4.42.1HF

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Voxel

Very Senior Member
Continuation of:

https://www.snbforums.com/threads/custom-firmware-build-for-r9000.40125/
. . .
https://www.snbforums.com/threads/custom-firmware-build-for-r9000-r8900-v-1-0-4-40hf.63602/
https://www.snbforums.com/threads/custom-firmware-build-for-r9000-r8900-v-1-0-4-41hf.64388/

New version of my custom firmware build: 1.0.4.42HF.

Changes (vs 1.0.4.41HF):

1. dropbear package is upgraded 2019.78->2020.79
(scp fix for CVE-2018-20685:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
support of ed25519 hostkeys and authorized_keys,
adding chacha20-poly1305 authenticated cipher etc).​
2. iptables package is upgraded 1.8.4->1.8.5.
3. ca-certificates package is upgraded 20190110->20200601.
4. DNSCrypt Proxy v.2 is upgraded 2.0.42->2.0.44.
5. haveged package is upgraded 1.9.8->1.9.12.
6. wireguard package is upgraded 1.0.20200520->1.0.20200611.
7. wireguard init script is changed (allowing to use LocalIP scope such as e.g. 10.0.xxx.xxx/24).
8. proftpd package is upgraded 1.3.6c->1.3.6d.
9. pciutils package is upgraded 3.4.1->3.7.0.
10. PCI ID's DB is updated to 2020.05.29
11. Toolchain: Go is upgraded 1.14.3->1.14.4.

[Updated]

1.0.4.42.1HF

Changes (vs 1.0.4.42HF):

1. dropbear package is upgraded 2020.79->2020.80.
2. curl package is upgraded 7.70.0->7.71.1.
3. yaml package (used in stubby) is upgraded 0.2.4->0.2.5.
4. wireguard package is upgraded 1.0.20200611->1.0.20200623.
5. IEEE 802.3ad Dynamic link aggregation issue is fixed.


The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

NOTE:

WG users: please pay your attention to p. 7

7. wireguard init script is changed (allowing to use LocalIP scope such as e.g. 10.0.xxx.xxx/24).

I.e. probably you have to change your current wireguard.conf e.g.
. . .
LocalIP="10.0.xxx.xxx/24" instead of just LocalIP="10.0.xxx.xxx"
. . .

Voxel.
 
Last edited:

KW.

Regular Contributor
Oh yes! This evening will be a router evening!. New firmware from Voxel and time to get up to date with Kamojs addon.

Proud owner of one of my countries best setup thanks to you guys:)
 

Arnout Verbeken

Occasional Visitor
Voxel, thanks again for this little gem for our routers. I still need to upgrade to this release, but I seem to have some issues with the previous release 1.0.4.41.
I have to admit that I also started using the beta Kamoj Addon with Adguard Home enabled.

1. I see that my log is full of the following:
Code:
5856:[wifi0] FWLOG: [6022697] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x1, 0x0 )
5858:[wifi0] FWLOG: [6024745] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x2, 0x0 )
5859:[wifi0] FWLOG: [6025769] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x3, 0x0 )
5860:[wifi0] FWLOG: [6026793] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x2, 0x0 )
5862:[wifi0] FWLOG: [6028841] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x1, 0x0 )
5863:[wifi0] FWLOG: [6029865] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x2, 0x0 )
5864:[wifi0] FWLOG: [6030889] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x1, 0x0 )
5865:[wifi0] FWLOG: [6031913] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x0, 0x0 )
5929:[wifi0] FWLOG: [6096935] RATE: ChainMask 1, peer_mac 91:83, phymode 10, ni_flags 0x0621b006, vht_mcs_set 0xfffe, ht_mcs_set 0x00ff, legacy_rate_set 0x5d0860
5929:[wifi0] FWLOG: [6096992] WAL_DBGID_SECURITY_UCAST_KEY_SET ( 0x9183, 0x0 )
5929:[wifi0] FWLOG: [6096992] WAL_DBGID_SECURITY_ENCR_EN ( )
5929:[wifi0] FWLOG: [6096992] WAL_DBGID_SECURITY_ALLOW_DATA ( 0x4492dc )
5929:[wifi0] FWLOG: [6097078] WAL_DBGID_TX_BA_SETUP ( 0x4492dc, 0x91830006, 0x2, 0x40, 0x1 )
5929:[wifi0] FWLOG: [6097080] RATE: ChainMask 1, peer_mac 91:83, phymode 15, ni_flags 0x0621b006, vht_mcs_set 0xfffe, ht_mcs_set 0x00ff, legacy_rate_set 0x5d0909
5929:[wifi0] FWLOG: [6097161] WAL_DBGID_TX_BA_SETUP ( 0x4492dc, 0x91830000, 0x0, 0x40, 0x1 )
5929:[wifi0] FWLOG: [6097451] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x1, 0x0 )
5930:[wifi0] FWLOG: [6098475] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x0, 0x0 )
6101:[wifi0] FWLOG: [6273584] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x1, 0x0 )
6102:[wifi0] FWLOG: [6274608] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x0, 0x0 )
6112:[LAN access from remote] from 92.63.194.70:64069 to 192.168.1.10:7001
6135:[LAN access from remote] from 92.63.194.70:65300 to 192.168.1.10:5000
6246:[wifi0] FWLOG: [6421401] vap-0 VDEV_MGR_AP_KEEPALIVE_UNRESPONSIVE ( 0x2, 0xffff, 0x1, 0x1 )
6246:[wifi0] FWLOG: [6421401] WAL_DBGID_SECURITY_UCAST_KEY_SET ( 0x9183, 0x0 )
6246:[wifi0] FWLOG: [6421401] WAL_DBGID_SECURITY_ALLOW_DATA ( 0x4492dc )
6348:[LAN access from remote] from 106.12.172.248:47726 to 192.168.1.10:10025
6430:[update_tmufe_counters(904)]: Shared memory is not existing
6430:[gather_dev_traffic_stat(1492)]: n_app_traffic is incorrect! (7 >= 7)
6430:[tdts_shell_ioctl_stat:256] Recv ioctl req with op 2
6435:[LAN access from remote] from 92.63.194.70:63412 to 192.168.1.10:5001
6551:[LAN access from remote] from 49.233.147.108:59836 to 192.168.1.10:10025
6631:[LAN access from remote] from 195.54.160.135:50773 to 192.168.1.11:80
6723:[LAN access from remote] from 62.234.102.25:37146 to 192.168.1.10:10025
6835:[wifi0] FWLOG: [7025223] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x1, 0x0 )
6837:[wifi0] FWLOG: [7027271] WAL_DBGID_XCESS_FAILURES ( 0xffff, 0x0, 0x0 )


Any hints of what could be the issue?

2. I was playing around with DCHP and reservations and I found some odd things... While /etc/init.d/net-lan points to the file /tmp/udhcpd.leases where the active leases will be stored, it seems to be an empty file in my case. My active leases are in the file /tmp/dhpcd_hostlist.
Not really an issue, but I thought I would mention it here. I do wonder however where this info is coming from.

3. My /mnt folder is very weird.
Code:
[email protected]:/tmp/mnt$ ls -aFlh
drwxr-xr-x    3 root     root          100 Jun 23 18:11 ./
drwxrwxrwt   48 root     root         6.1k Jun 23 20:13 ../
lrwxrwxrwx    1 root     root            4 Jun 23 18:01 Optware -> sdb1/
-rw-r--r--    1 root     root         1.4k Jun 23 20:11 sda1
drwxr-xr-x    5 root     root         4.0k Jun 19 00:56 sdb1/
[email protected]:/tmp/mnt$
As you can see, sda1 is just a file and not a USB mount. I also have only 1 USB inserted and that is my /mnt/sdb1.
The file /mnt/sda1 seems to contain a list of MACs, IP,s numbers, and dates. I think it is also some sort of IP list from DHCP, but also here I am wondering where it is coming from.
E.g.
Code:
[email protected]:/tmp/mnt$ cat sda1
192.168.1.000,B4:74:43:00:00:00,574,266,0,0,574,266,2020-06-23 20:08:03
.
.
.
[email protected]:/tmp/mnt$
The fact that I have no real USB mounted on /mnt/sda1 has given me already some headaches. E.g. Kamoj's Adguard backup script does not (yet) seem to detect correctly where the USB mount is exactly. The backup IS saved, but I can't find exactly where it is. Proof that it works is the restore from backup that works perfectly (but I will talk to Kamoj about this).
I was wondering if you would know how I can fix this so that my USBstick is mounted as /mnt/sda1. I know it is something historical from the time I was using a seperate usb stick for Plex, but I do not use plex anymore and the stick has been removed.

4. I am actually planning to do a full factory reset and just start completely over. I know I have some trash in my config due to my plex adventure some time ago.
I was planning to remove kamoj addon, update firmwware via GUI, factory reset via GUI (Administration / backup settings/Erase). Is that the correct way and will this really wipe out the complete config and items stored in nvram?

Thank you again for providing this firmware to us, and for helping me out here. ;)
 

Voxel

Very Senior Member
1. I see that my log is full of the following:
You should ignore this. This is just debug info from QCA drivers. Similar e.g is displayed in R7800...

2. I was playing around with DCHP and reservations and I found some odd things... While /etc/init.d/net-lan points to the file /tmp/udhcpd.leases where the active leases will be stored, it seems to be an empty file in my case. My active leases are in the file /tmp/dhpcd_hostlist.
Not really an issue, but I thought I would mention it here. I do wonder however where this info is coming from.
Did not check this much. net-lan is used the same as in the stick FW (just to simplify the integration of changes.., Will check.

3. My /mnt folder is very weird.
Something is strange indeed. I do not have such file. ext4?

Voxel.
 

paddyr

New Around Here
Hi Guys,

First time giving a custom firmware a try, as I was using the device primarily for restricting content for my kids of different ages and plex. So wasn't sure that a custom firmware would retain these features but happy to find out it does and adds some extras.

Just wonder has anybody experienced router reboots? I only install this firmware last night. I do also have Kamoj add-on V5 installed. I was about to setup the openvpn but this is the second reboot that has occurred today. Is there any logs that persist a reboot as they seem to be very short from what I can see and only contain from boot time.

Actually I see that it picked up the openvpn config on reboot and has started using it.

One other query, once the VPN is configured on the router does this that the router traffic for downloads/torrents will use this, I guess it would be just wanted to clarify as it's not listed in the bypass list.
 
Last edited:

paddyr

New Around Here
Some more details that I forgot to add.

Came from Netgear v1.0.5.2 firmware, did a complete factory reset and then another using the reset button on the back as it seemed to get stuck during the setup wizard and I couldn't get back onto it as I wouldn't give me a new IP Address (via ethernet).
 

anhrzg

Occasional Visitor
Dear All,

I have noticed that Netgear FW 1.0.5.14 have different MTD partitions layout then current Voxel.
Interested why Netgear have introduced eight config partitions instead of one?

cat /proc/mtd
dev: size erasesize name
mtd0: 001e0000 00020000 "u-boot"
mtd1: 00120000 00020000 "u-boot-env"
mtd2: 00140000 00020000 "ART"
mtd3: 00140000 00020000 "ART.bak"
mtd4: 00480000 00020000 "kernel"
mtd5: 027c0000 00020000 "rootfs"
mtd6: 02c40000 00020000 "firmware"
mtd7: 04480000 00020000 "netgear"
mtd8: 12c00000 00020000 "plex"
mtd9: 00120000 00020000 "config1"
mtd10: 00120000 00020000 "config2"
mtd11: 00120000 00020000 "config3"
mtd12: 00120000 00020000 "config4"
mtd13: 00120000 00020000 "config5"
mtd14: 00120000 00020000 "config6"
mtd15: 00120000 00020000 "config7"
mtd16: 00120000 00020000 "config8"

mtd17: 00700000 00020000 "ntgrcrypt"
mtd18: 04780000 00020000 "reserve"
mtd19: 00080000 00020000 "crashdump"
mtd20: 00380000 00020000 "language"
mtd21: 00120000 00020000 "config"
mtd22: 00120000 00020000 "pot"
mtd23: 0001f000 0001f000 "cert"
mtd24: 0005d000 0001f000 "pot.bak"
mtd25: 001b2000 0001f000 "traffic_meter"
mtd26: 001b2000 0001f000 "traffic_meter.bak"
mtd27: 001b2000 0001f000 "dongle"
mtd28: 037b4000 0001f000 "overlay_volume"
mtd29: 00307000 0001f000 "vol_ntgrcryptD"
mtd30: 0009b000 0001f000 "vol_ntgrcryptK"
mtd31: 11874000 0001f000 "plexmediaserver"

Thanks,
 

anhrzg

Occasional Visitor
Dear All,
did find this code in /etc/init.d/boot

prepare_config_partition()
{
for part in config config1 config2 config3 config4 config5 config6 config7 config8
do
mtd_num=$(cat /proc/mtd | grep -E \"$part\" | awk -F: '{print $1}')
echo "Boot: check the block info of partition [$mtd_num] ..." > /dev/console
rm -f /tmp/config_data
/usr/sbin/nanddump /dev/$mtd_num -f /tmp/config_data
if [ $(/usr/bin/wc -c /tmp/config_data | awk '{print $1}') -ge 262144 ];then # there are two block at this partition
echo "Boot: find two normal block in partition [$mtd_num] !!!" > /dev/console
rm -f /dev/mtd_config
ln -s /dev/$mtd_num /dev/mtd_config
echo "Boot: re-bind the mtd_config soft link as [$(ls -l /dev/mtd_config | awk '{print $9 " "$10" "$11}')]..." > /dev/console
break
else
echo "Boot: Not find two normal block in partition [$mtd_num] !!!" > /dev/console
fi
done
}

start() {

...

prepare_config_partition; /bin/datalib

...

}

It seems that it would be very useful to have support for more config partitions in Voxel firmware.

Regards,
 

Voxel

Very Senior Member
Hi Voxel,

Many thanks for your continuous efforts.

I do have a problem that I would like your help if possible.

I've got a R9000 connected to a Negear GS724T switch using a dynamic Link Aggregation IEEE 3ad.

Every thing is setup correctly but it's not working.

According to the switch the LAG the Link is down.

If I make the changes to static all works.

In the netgear firmware this configuration is possible. This is one of the reasons I've bought this router.

By some reason this is broken in your firmware.

Any chance you can fix this ?

I can help you test what you need.

regards

Luis Meira
I am sorry but my I do not have full sources of all parts (some of them are in binary form in NG GPL). So this creates significant obstacles in debugging such issues. So I have to debug/trace this just in my mind...

Try to flash my test version R9000-V1.0.4.42.1HF: I really found some problematic incompatibility in pre-built kernel module dni-vport.ko (made by DNI w/o source codes). Rolling back to previous version in R9000-V1.0.4.42.1HF. I hope this should fix IEEE 3ad.

https://voxel-firmware.com/Downloads/Voxel/html/index.html

Voxel.
 

LFM

New Around Here
Hi Voxel,

thanks for your reply.

I've tried multipled versions of your firmware up to the begining of the year.

None of them support this.

Have you got any concrete version i should try ?

regards

Luis Meira
 

LFM

New Around Here
Hi Voxel,

It's up now.

It's working.

Do you need me to check some thing ?

One last question, does your firmware support STP or RSTP ?

regards

Luis Meira
 

Voxel

Very Senior Member
One last question, does your firmware support STP or RSTP ?
STP is supported somehow (the same as stock firmware). Details of implementation is hidden in binary modules from QCA and DNI.

Voxel.
 

Voxel

Very Senior Member
1.0.4.42.1HF is released.

Changes (vs 1.0.4.42HF):

1. dropbear package is upgraded 2020.79->2020.80.
2. curl package is upgraded 7.70.0->7.71.1.
3. yaml package (used in stubby) is upgraded 0.2.4->0.2.5.
4. wireguard package is upgraded 1.0.20200611->1.0.20200623.
5. IEEE 802.3ad Dynamic link aggregation issue is fixed.

Voxel.
 
  • Like
Reactions: KW.

LFM

New Around Here
Hi Voxel,

Many thanks for your help.

To proceed with the STP quest, what do you suggest ?

Raise and SR with Netgear ?

regards

Luis Meira
 

R. Gerrits

Senior Member
To proceed with the STP quest, what do you suggest ?
Not sure if it is what you are looking for, but you can enable STP with the brctl command

brctl stp br0 on should enable STP for the bridge bro, where all the LAN connections are bridged.

Use at your own risk, because I don't have a clue what it does.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top