Custom firmware build for R9000 v. 1.0.2.42HF/1.0.2.42HF-HW

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

RMerlin

Asuswrt-Merlin dev
Nothing to keep it off ARM except for resource restrictions - it's a bit of a beast...
Cross-compiling Samba is a nightmare, and the Samba devs are providing zero assistance there ("if you get a working WAF build profile, feel free to send it to us" was the conclusion they posted on their mailing list a few years ago). Plenty of folks tried to get 4.x to cross-compile on non-x86, with no real luck with it. Personally I simply gave up both times I tried to.

You basically have to provide your own answers to everything that is normally handled by autoconf, which requires you to be a complete expert in *IX environment.

Samba probably has the worst build system I have ever seen out of an open-source project. So I'll be definitely keeping an eye for a final release from Netgear, and hope they provide the build files for it.

Meanwhile, Asus is just starting to get Samba 3.6. Something I've done years ago, they could have saved a lot of work by just grabbing my code. <shrug>
 

RMerlin

Asuswrt-Merlin dev
Even more bastard: plus ~9MB of "lib*samba*" ... So 24MB total ;-)

I guess this is requirement of Plex (Samba4). To get media from shared disks in LAN. But now it is practically only R9000 with its large internal flash can allow this.

Voxel.
I can probably fit that in most Asus routers that I support, after I removed the wasted flash space for Download Master, I got around 25-30 MB of free space. Something tells me I could probably cut down on that 24 MB footprint once I'm able to start digging into it...
 

RMerlin

Asuswrt-Merlin dev
Main reason for Netgear to move to Samba 4 is probably the same reason why I suspect Asus is moving to 3.6: SMB1 is getting phased out by Microsoft this autumn, so they need something that handles SMB2. Except that Asus went with an already EOL version (3.6), while Netgear seem to be looking more long-term with 4.6.
 

Voxel

Very Senior Member
Meanwhile, Asus is just starting to get Samba 3.6. Something I've done years ago, they could have saved a lot of work by just grabbing my code. <shrug>
Interesting... I was sure that Asus is using 3.6 in their stock...

Something tells me I could probably cut down on that 24 MB footprint once I'm able to start digging into it...
It seems this samba_multicall is debug version. So release will be not so huge.

SMB1 is getting phased out by Microsoft this autumn
Thanks for info. I have to read MS news more often ;-)

Voxel.
 

RMerlin

Asuswrt-Merlin dev
Interesting... I was sure that Asus is using 3.6 in their stock...
Currently they use 3.0.25b for the main Samba service, 3.5.8 for AiCloud (just the libsmb file, not the actual daemon).

3.6.x appeared in recent GPLs, but I don't think they've enabled it for any models yet, so probably still a WIP.
 

RMerlin

Asuswrt-Merlin dev
Nothing to keep it off ARM except for resource restrictions - it's a bit of a beast...
The OpenWRT devs managed to strip out stuff like the RPC code from 3.6.x, which greatly helped reduce the flash footprint.
 

lateparty

Occasional Visitor
Hi Voxel,

I went full hog on your firmware + Entware because there just doesn't seem to be a way to get VLAN tagging to work on DD-WRT in a way that's compatible with my cable modem unlike the Netgear stock/your mod can (oh and LEDE on an EA8500).

The main reason I wanted to use DD-WRT was for their OpenVPN client support. That said, I loaded up my client config as per the readme instructions (and copied over the LEDE "service" profile alias which I think is pretty neat) and while it seems to connect without issues, once connected, it doesn't appear to be configuring DNS correctly

Screenshot of full process run down - [URL]http://i.imgur.com/mfC28cs.jpg[/URL]

Any help will be appreciated :D

Aleks.
 

Voxel

Very Senior Member
Hi Voxel,

I went full hog on your firmware + Entware because there just doesn't seem to be a way to get VLAN tagging to work on DD-WRT in a way that's compatible with my cable modem unlike the Netgear stock/your mod can (oh and LEDE on an EA8500).

The main reason I wanted to use DD-WRT was for their OpenVPN client support. That said, I loaded up my client config as per the readme instructions (and copied over the LEDE "service" profile alias which I think is pretty neat) and while it seems to connect without issues, once connected, it doesn't appear to be configuring DNS correctly

Screenshot of full process run down - http://i.imgur.com/mfC28cs.jpg

Any help will be appreciated :D

Aleks.
Aha, one more Entware user :). That's good.

Regarding DNS. I am not sure, IMO there are two ways. First, as it is written in instruction (myopenrouter, thanks to them):

https://www.myopenrouter.com/article/how-set-openvpn-client-netgear-r9000-voxels-firmware

Go into the Internet settings and manually input the DNS servers used by your VPN, if needed. Confirm the change and reboot the router.

Second (more secure), try to use dnscrypt-proxy. See my readme re: how. To avoid DNS leak. Plus DNS should work.

Regards,
Voxel.
 

lateparty

Occasional Visitor
Thanks. I was conspicuous as to the placing of the dnscrypt section in your readme and had a glance last night, they have an AU server which is handy (family complains when I use a default international DNS, and the VPN is international) I'll give dnscrypt a shot and see how it goes.

One more question - I couldn't find a decent explanation as to what "Any Cast" means when regarding a location in their server list. Regardless, tempting to use as a backup as there is only one AU server. - Was right, will need to inspect the "Any Cast" options and find one with AU servers.

Edit: Works fine with dnscrypt. Going to modify the openvpn-client init.d scripts to include dnscrypt start/stop triggers. Not comfortable only having one DNS provider available in my region as the 24/7 option, as sexy as the dnscrypt offering is.

Thanks again Voxel!

Aleks.
 
Last edited:

sfx2000

Part of the Furniture
The OpenWRT devs managed to strip out stuff like the RPC code from 3.6.x, which greatly helped reduce the flash footprint.
There's a lot of stuff inside Samba than most folks wouldn't need for basic file sharing...
 

sfx2000

Part of the Furniture
I agree though - Samba is a pita to work with - esp. in an embedded distro -- Worked through it, we basically can load up samba as a docker container -- this doesn't help much for embedded things like *WRT/LEDE/etc, but again, cafeole was always planned to be different. We're more like what Syno/QNAP is doing with their 2016 NAS products, and less like what the WRT oriented builds are.

Nice thing is that once we got it bottled up inside a container, it's easier to manage across other changes, and we can update the samba outside of the main board BSP, as we're essentially a thing inside the app "catalog" or "store".

Code:
docker run -it --name smbapp -p 139:139 -p 445:445 -v /cafeuser/data/share:/mount -d cafeole/smbapp
 
Last edited:

Voxel

Very Senior Member
Main reason for Netgear to move to Samba 4 is probably the same reason why I suspect Asus is moving to 3.6: SMB1 is getting phased out by Microsoft this autumn, so they need something that handles SMB2. Except that Asus went with an already EOL version (3.6), while Netgear seem to be looking more long-term with 4.6.
Anyway I am surprised by this movement of Netgear (Samba4). With size of binaries 24MB… Or even about 9MB compressed. Total size of firmware for e.g. R7800 (compressed) is 24MB. 24-9=15 for all the rest if Samba4 will be used. So IMO they will consider to use Samba 3.6.x for other routers (except R9000). What means breaking code portability.


Most probably there are additional problems. If I am not mistaken (my guessing) they are related to use of old version uClibc, not to Samba itself. Currently (as I can see) there is unpleasant problem with Netgear’s beta:

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R9000-Beta-Firmware-1-0-2-106/td-p/1356180

i.e. this Samba4 does not handle files with more than 2GB size. 32-bit integer for filesize I suppose (uClibc?).

BTW, did not you meet such problem when you added 3.6.x to your firmware? I remember I had similar when I tried to replace 3.0.x Samba to 3.6.x in firmware for R7500.

Well, maybe this requirement from MS will force Netgear to use something more attractive for libc, like musl...

Voxel.
 
Last edited:

RMerlin

Asuswrt-Merlin dev
Anyway I am surprised by this movement of Netgear (Samba4). With size of binaries 24MB… Or even about 9MB compressed. Total size of firmware for e.g. R7800 (compressed) is 24MB. 24-9=15 for all the rest if Samba4 will be used. So IMO they will consider to use Samba 3.6.x for other routers (except R9000). What means breaking code portability.
Try stripping the binaries, in case Netgear might have released them with debug symbols.

BTW, did not you meet such problem when you added 3.6.x to your firmware? I remember I had similar when I tried to replace 3.0.x Samba to 3.6.x in firmware for R7500.
The only problem I remember was the lack of support for getifaddr() (or a similar function). I solved it by providing a replacement function like Asus had done for other components having the same limitation. I made further changes to it a few months ago to make it more robust overall.

You can see everything related to my Samba 3.6 port (beside the Makefile stuff) here: https://github.com/RMerl/asuswrt-merlin/commits/master/release/src/router/samba36

The rest will be in router/libdisk/ or on router/Makefile.


One interesting thing about Asus' new models based on the BCM4908 is they went with glibc instead of uclibc (actually it's probably Broadcom that did). Those routers do have 256 MB of flash (tho I don't know if Asus is allocating it all or only 64 MB to the rootfs).
 

shez

Regular Contributor
Hi Voxel. Great firmware. Is it possible to install pure vpn on this firmware so it’s always on? I don’t like the open VPN method I’d like an always on VPN. Thanks


Sent from my iPhone using Tapatalk
 

Voxel

Very Senior Member
Try stripping the binaries, in case Netgear might have released them with debug symbols.
It is. Anyway it's huge. OK, let's see.

The only problem I remember was the lack of support for getifaddr() (or a similar function). I solved it by providing a replacement function like Asus had done for other components having the same limitation. I made further changes to it a few months ago to make it more robust overall.

You can see everything related to my Samba 3.6 port (beside the Makefile stuff) here: https://github.com/RMerl/asuswrt-merlin/commits/master/release/src/router/samba36

The rest will be in router/libdisk/ or on router/Makefile.
OK, thanks for hints.

One interesting thing about Asus' new models based on the BCM4908 is they went with glibc instead of uclibc (actually it's probably Broadcom that did). Those routers do have 256 MB of flash (tho I don't know if Asus is allocating it all or only 64 MB to the rootfs).
Interesting. Kernel version is upgraded too? If I am not mistaken, new Netgear's router with Broadcom has now 4.x version of kernel...

Voxel.
 

Voxel

Very Senior Member
Hi Voxel. Great firmware. Is it possible to install pure vpn on this firmware so it’s always on? I don’t like the open VPN method I’d like an always on VPN. Thanks
I am not sure that my understanding your question is correct. Do you mean OpenVPN client? If you install it, it should work always until you remove it manually (special actions are needed). I.e. all your Internet traffic will go through VPN.

Voxel.
 

shez

Regular Contributor
I am not sure that my understanding your question is correct. Do you mean OpenVPN client? If you install it, it should work always until you remove it manually (special actions are needed). I.e. all your Internet traffic will go through VPN.

Voxel.
Hi basically I have VPN with IPVanish. As far as I can see if I use OpenVPN I have to install a profile on device and then it works device specific. What I want to do is have an always on VPN on all devices connected. Is this possible?
 

Voxel

Very Senior Member

lateparty

Occasional Visitor
Hi basically I have VPN with IPVanish. As far as I can see if I use OpenVPN I have to install a profile on device and then it works device specific. What I want to do is have an always on VPN on all devices connected. Is this possible?
Hi shez, I used the OpenVPN client included with Voxel's firmware and can confirm if you follow the instructions it will work for "all devices" i.e. All traffic routed through the (r9000/r7800) device will be VPN'd.

I had to use dnscrypt to get it working properly, and would have kept it on if I had more DNS provider options in Australia.

If you need any help feel free to PM me. I've been messing around with OpenVPN for a while now and happy to help troubleshoot.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top