Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

[Fork] Asuswrt-Merlin 374.43 LTS releases (V23E4 / V24B6)

Discussion in 'Asuswrt-Merlin' started by john9527, Aug 14, 2014.

  1. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,032
    Location:
    United States
    LATEST RELEASE: Update-23E4
    23-March-2017
    Merlin fork 374.43_2-23E4j9527
    Download http://bit.ly/1YdgUcP
    ============================

    Note: A Beta is also available for the next release. For details, see the following post.
    https://www.snbforums.com/threads/f...leases-v23e4-v24b6.18914/page-281#post-315255

    This is an LTS (Long Term Service) fork of Asuswrt-Merlin based on 374.43_2. This older code base has a history of being very stable, and some of the older code components may perform better in some environments. It may be a good choice for those who desire a 'set it and forget it' router solution. Additional information on the differences between this firmware and the later Asuswrt-Merlin releases can be found following the recent change highlights.
    The following routers are supported by this firmware:
    • N16, N66U, AC66U (original MIPS based revs), AC56U, AC68U (Rev A1,A2,B1) (Rev C1 is NOT supported), and AC68P (and the retail and color versions, R and W, of each router)
    The following routers were released after the base code used for this fork was available, and are NOT supported.
    • AC66U-B1 (ARM based), AC68U Rev C1, AC1900, AC1900P, AC87U, AC3100, AC3200, AC88U, AC5300 (and the retail R versions)

    Installation Notes
    • Firmware is now packaged as a zip file (consistent with Merlin firmware releases). Remember to extract the .trx file prior to updating the firmware. An sha256sum file is included in the zip file to validate the firmware.
    • For supported routers currently running ASUS firmware 380.3000 or above, or Merlin 380.60 or above, you cannot load this fork using the built in firmware update web interface. You must use the ASUS Firmware Restoration Tool from the ASUS support website to install this fork firmware.
    • A factory default reset is NOT required if coming from any level of the fork or Merlin 374.42 or 374.43 code. Coming from any other level does require a factory default reset after the code is loaded.
    • MIPS users are reminded to have a jffs backup as changes in the code image size may affect the jffs space! If you are having jffs script errors or cannot access jffs after loading the firmware, please reformat jffs from the Administration page and restore your jffs backup.

    Following are the major changes (full changelog is in the zip files)

    Update-23E4 Highlights
    • Fix displayed CTF status may be incorrect on LAN/Switch Control page - @cybrnook
    • Fix some router domain names may be incorrectly flagged as being a registered domain - @zonnebril
    • Fix some OpenVPN Client read/write stats may be reversed

    Update-23E3 Highlights
    • Security update for networkmap CVE-2017-6548 - remote code execution
      Note: This fork is NOT exposed to two other reported networkmap CVEs, CVE-2017-6547 and CVE-2017-6549
    • Provide ASUSWRT-Merlin 'branding' string that can be queried by those developing add-on scripts
    • GUI support to enable IPv6 DNS resolution for Native, Stateless connections
      Note: This replaces the dnsmasq.conf.add requirement of the previous release. You need to remove those lines if enabling through the gui.
    • Possible fix for WAN uptime timer not working in a dualwan environment

    Update-23E1 Highlights
    • Security
      • Update OpenSSL to 1.0.2k
      • Update OpenVPN to 2.4.0
      • DNSCrypt update to 1.9.4
      • DNSCrypt update resolvers csv to 13 Feb 2017 version
      • Samba security update for CVE-2013-4124; Denial of service - CPU loop and memory allocation
      • Samba security update for CVE-2015-5252; insufficient symlink verification in smbd
      • Samba security update for CVE-2012-0870; remote code execution vulnerability in smbd
      • Webui changed to prevent entering too long a password (type or paste)
    • Merlin/ASUS/Tomato backports
      • Add support for source IP on port forward rules
      • Option to disable DH usage by entering none in the DH field
      • OpenSSL remove RC4 support
      • Update url for Google DDNS
      • Default port for OpenVPN server 2 changed to 1195 so the defaults automatically allow both servers to be used.
        If you are also using an OpenVPN client, remember to check and resolve port conflicts
      • Improved layout of OpenVPN statistic display on the VPN Status page
      • Avahi reject access from secondary WAN in Dual WAN environment
      • Kernel backports from Tomato and OpenWRT
    • Fork Updates
      • Add reset button to qos stats charts
      • Add scripts for ipv6 hosts auto update for native ipv6 (adds local ipv6 name resolution to public address)
        To start this option, make or add the following lines to /jffs/configs/dnsmasq.conf.add
        Code:
        dhcp-script=/usr/sbin/v6hosts.sh
        addn-hosts=/_etc/hosts.autov6  (remove the underscore, Cloudfare doesn't like specifying that directory) 
        
      • Fix missing files for wget on github
      • Fix cron job for openvpn polling not working
      • Change wireless scheduler default to off
      • Add syslog entry for VPN client WAN address
      • Fix NAS applications could fail to start if WAN up delayed
      • Fix webui rendering under Chrome version 56
      • Change low nvram threshold for N16 to 1.5K (no OpenVPN certs)
      • Add DNSCrypt unavailable message if OpenVPN DNS option is relaxed or strict
        Using relaxed or strict implies that you are willing to accept to non-encrypted DNS responses, so it is disabled for these options.
      • Expand jffs for ARM from 32MB to 64MB
        (ARM users, do like MIPS users and make a JFFS backup for safety just in case)
      • Fix for QoS trying to start before WAN is up
      • Fix for HTTP check errrors in the syslog if 'Allow only specified IP address' option is selected for web access
      • Several fixes for properly updating the WAN uptime timer in a Dual WAN environment
      • Improvements in Dual WAN failover
        One thing to note. The 'Redirect to error page' under WAN settings provides some additional function besides just the redirect which affect Dual WAN. If you are having unexpected results running Dual WAN, it is recommended to set the redirect setting to 'Link or WAN down'

    Some notes on this fork...

    The fork does include
    • Maintenance for documented security issues
    • Maintenance for supporting open source components (such as dnsmasq, miniupnpd, etc)
    • Backports of applicable fixes and new functions from Merlin's main branch
    • Some unique support for options requested by users
    • A different IPv6 stack which may work better in some environments
    • Older versions of the wireless drivers that some feel offer better performance (especially on the MIPS based routers)
    • Less of a lockdown on tweaking power levels
    The fork does not include
    • The new TrendMicro DPI engine functions for ARM routers
    • The enhancements to the networkmap for custom icons, client naming, etc.
    • Some of the enhanced gui formatting of later releases, for instance the new wireless log
    • Support for the ASUS router control app
    • All the changes/tweaks that ASUS may have made since the original code was released (and any new introduced bugs :) )

    Custom features of the fork which are not exposed in the gui can be set by an nvram variable. These custom features are documented in the Merlin_Fork_Options file in the download directory.

    Thanks to all for your continued interest in this fork.

    Source: https://github.com/john9527/asuswrt-merlin : branch 374.43_2-update

    SHA256
    Code:
    8f942b8ba8da56ed1e8953c1f20cfdc9dac6f06fa11c85778d283074a34b2c30  RT-AC56U_3.0.0.4_374.43_2-23E4j9527.trx
    11b1f1ddc5f190c98c53b4d7a366da24a4e422cd9efa4870b0f266c01c27c604  RT-AC66U_3.0.0.4_374.43_2-23E4j9527.trx
    39d3158cfd444a5fa137b144d22340d014627c33340e3cfb58a5003fc7be8e64  RT-AC68U_3.0.0.4_374.43_2-23E4j9527.trx
    fa03328f12608e9ac2f87510e2d69eb3fa970ca48e9aa4d84a309b53f2322067  RT-N16_3.0.0.4_374.43_2-23E4j9527.trx
    bb602560e97e46446179976475afc395d9c773be3daa28db7c26b722b9bd6cce  RT-N66U_3.0.0.4_374.43_2-23E4j9527.trx
    
    .
     
    Last edited: Mar 26, 2017 at 11:49 AM
  2. Raiu

    Raiu Regular Contributor

    Joined:
    Dec 10, 2013
    Messages:
    186
    This is awesome man! I haven't tried it yet. My wife is in school so I need 100% up time right now lol
     
  3. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    Awesome!
    A maintenance update for 374.43 :)

    I flashed it on top of 374.43 and so far so good.
    Nice work.

    MD5 checksum I got for the RT-N66U .trx file: E10E98C4F6CF380B00712A6A6BEEE2A1
     
  4. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,032
    Location:
    United States
    Glad to hear that the flash on N66U worked!
    Good point on the MD5 checksum....I added them for all the releases in the first post.
     
  5. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    Nothing funny in the syslog so far.
    Glad to see my MD5 is the same as your source. :)

    For my understanding, the fixes/changes above are they all from Github?
    Or did you merge them in yourself?
     
  6. kiesa1231

    kiesa1231 Regular Contributor

    Joined:
    Jul 13, 2013
    Messages:
    87
    Please fix to work huawei e3276s 4g modem in 374.43_3 build thanks.
     
  7. Jeffo

    Jeffo New Around Here

    Joined:
    Jul 17, 2014
    Messages:
    6
    Add maintenance of Huawei 3g/4g lte dongle to 374.43

    Same here. Requesting for maintance fix for the Huawei compatibility issue for 3G/4G/LTE dongle. it was working from Merlin 374.40Alpha4 and older also the latest 376.44 series. the firmwares in between doesn't work.
    Using a Huawei e3276s here too.
     
  8. lwizard

    lwizard Regular Contributor

    Joined:
    Jan 27, 2014
    Messages:
    95
    minidlna

    Is it possible also updating minidlna to 1.1.3?

    Thanks for the work.

    I am scared about trying 44 since it seems to cause lot of troubles in very important things like wifi and general speeds... and actually 43.2 is working right for me..
     
  9. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    Come on gents, cut the Huawei crap.
    That one is complicated and for ASUS to fix.
    Send ASUS a bug report!

    And put the router in question in your signature.
    Do we have to smell what you are using?

    Do try the fork from john9527 and give him some feedback.
    Much better than only asking.
     
    Last edited: Aug 15, 2014
  10. Kal-EL

    Kal-EL Very Senior Member

    Joined:
    Aug 15, 2013
    Messages:
    1,152
    Location:
    Motor City, Michigan-USA
    Can someone running this build explain more about it ? Is this a build that has the fixes for 44 but the interface of 43_2 ? Any comments would be great..
     
  11. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    Don't be scared, just give 376.44 a try.
    See if it works in your environment and decide yourself.
    If not, simply revert to what you are using now.
     
  12. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    That seems the case as far as I can see.

    Maybe john9527 can tell us a bit more...
     
  13. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,032
    Location:
    United States
    All the fixes have been committed by Merlin in his master branch. For this build, I merged them in by hand....gave me a chance to double check they were applicable (some I looked at were not) and gave me the chance to work through how git really worked. The exception was the openssl update...that one I let 'git cherry-pick' for me (146 updated files!).
     
  14. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,032
    Location:
    United States
    Merlin kindly tags all his releases in github, so I was able to make a branch of exactly the 374.43 release. With that as a base, I looked at what had been fixed in later builds that may have been seen on the 43 code (a good example is the Plex miniupnpd syslog flood). So I picked up that specific fix and added it to the 43 code.

    So what this is, is the 43 code, with just a couple of fixes on top of it that may help people out who don't want to upgrade to the next major release yet.
     
  15. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,032
    Location:
    United States
    Right now the minidlna update is not in the plan (there is one minidlna fix picked up)....Asus actually picked that up, so it's rolled into Merlin's big merge without a specific commit I can go after (and I need to learn more to do an update that big ;) ) This is unlike the openssl commit where I was just able to grab Merlin's work (only picked up to stay on top of any security issues).

    Also, as you said, for me 43.2 is running pretty well....there were just a couple of things that needed addressing in my environment which led me into this project. I don't want to do too much and end up destabilizing the 43.2 base.
     
  16. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    Great choice!

    The problem with 376.44 is that you can't localize the router any more.
    This is ASUS crap because of some FCC regulations.
    FCC has no jurisdiction in my country, but ASUS doesn't care.

    This means that with 376.44 I'm stuck with only 4 channels on 5GHz and reduced range on both WiFi bands.

    So I stick with 374.43 unless there are serious security issues that needs to be fixed.
    Probably a lot of people will do the same.
    Such a shame for a great open source project.

    That's why I am happy to see john9527's update on the 374.43 base. :)
     
  17. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    408
    Location:
    The Netherlands
    Running fine, nothing unusual seen in syslog. :)
     

    Attached Files:

  18. DrTeeth

    DrTeeth Senior Member

    Joined:
    Mar 29, 2013
    Messages:
    381
    Many, many thanks indeed. Just what the Dr ordered, no pun intended.

    Please keep up the good work. If you do keep it up, please set up a donation page.
     
    Last edited: Aug 16, 2014
  19. Raiu

    Raiu Regular Contributor

    Joined:
    Dec 10, 2013
    Messages:
    186


    From what I have read those that went to 44 and that wanted to go back were stuck and couldn't get their settings to work right.
     
  20. Kal-EL

    Kal-EL Very Senior Member

    Joined:
    Aug 15, 2013
    Messages:
    1,152
    Location:
    Motor City, Michigan-USA
    I tried 44 two times and went back to 43_2 with no issues just make sure you do a complete factory reset.
     

Share This Page