Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

[Fork] Asuswrt-Merlin 374.43 LTS releases (V25E8 / V26B6)

Discussion in 'Asuswrt-Merlin' started by john9527, Aug 14, 2014.

  1. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,334
    Location:
    United States
    LATEST RELEASE: Update-25E8
    27-June-2017
    Merlin fork 374.43_2-25E8j9527
    Download http://bit.ly/1YdgUcP
    ============================

    Note: A Beta is available for the next release. See
    https://www.snbforums.com/threads/f...leases-v25e8-v26b6.18914/page-312#post-333001

    This is an LTS (Long Term Service) fork of Asuswrt-Merlin based on 374.43_2. This older code base has a history of being very stable, and some of the older code components may perform better in some environments. It may be a good choice for those who desire a 'set it and forget it' router solution. Additional information on the differences between this firmware and the later Asuswrt-Merlin releases can be found following the recent change highlights.
    The following routers are supported by this firmware:
    • N16, N66U, AC66U (original MIPS based revs), AC56U, AC68U (Rev A1,A2,B1) and AC68P (and the retail and color versions, R and W, of each router)
    The following routers were released after the base code used for this fork was available, and are NOT supported.
    • AC66U-B1 (ARM based), AC68U Rev C1 and E1, AC1900, AC1900P, AC87U, AC3100, AC3200, AC88U, AC5300 (and the retail R versions)

    Installation Notes
    • Firmware is now packaged as a zip file (consistent with Merlin firmware releases). Remember to extract the .trx file prior to updating the firmware. An sha256sum file is included in the zip file to validate the firmware.
    • For supported routers currently running ASUS firmware 380.3000 or above, or Merlin 380.60 or above, you cannot load this fork using the built in firmware update web interface. You must use the ASUS Firmware Restoration Tool from the ASUS support website to install this fork firmware.
    • A factory default reset is NOT required if coming from any level of the fork or Merlin 374.42 or 374.43 code. Coming from any other level does require a factory default reset after the code is loaded.
    • MIPS users are reminded to have a jffs backup as changes in the code image size may affect the jffs space! If you are having jffs script errors or cannot access jffs after loading the firmware, please reformat jffs from the Administration page and restore your jffs backup.

    Following are the major changes (full changelog is in the zip files)

    Update-25E8
    • Update OpenVPN to 2.4.3
    • Update OpenSSL to 1.0.2l
    • Fix incomplete/corrupt JFFS backup
    • Fix reversed miniupnpd config external and internal port definitions
    Update-25E7
    • Fixes for some additional problems in the port of CVE-2017-5892, including gui 'hangs'
    • Fix for IPv6 stateful mode breakage introduced in Update-20
    • Removed the Bridge Multicast option from MIPS routers as it is not supported on those models
    • Misc changes related to IPv6 support and configuration
    • Improved services start for non-router modes
    • GUI cleanup for non-router modes
    Update-25E6
    • Security
      • Improvements to the port of CVE-2017-5892 that were causing login and gui interface problems
      • Improvement to https cert generation to prevent a conflict between a main router and MediaBridge/AP/Repeater
    • Other Fork Fixes/Updates
      • Revert dnsmasq to a custom fork of 2.76, which includes only selected fixes from 2.77 due to reported problems on the later code
      • Fix for incomplete router
        If when logging in, you do not see a syslog message similar to the following indicating a 'successful' login, you should up upgrade to this release.
        Code:
        HTTP login: login 'admin' successful from 192.168.1.102:8443
        
      • Fixes for MediaBridge mode (I expect many of these will also affect other router modes as well)
        • Fix boot sequencing for MediaServer and Samba
        • Several gui format fixes
        • Changes to improve syslog logging (remove noise messages)
      • Fix to allow saving the Auto select DFS channels option when running the N66 with DFS channels enabled
      • Fix a bug that run any Samba custom scripts regardless of the JFFS scripts option
    Update-25E1
    • Security
      • Fix for CVE-2017-5891, CVE-2017-5892 (ASUS backport)
      • Enhanced web page checking for unauthorized operations (ASUS backport - check_xxs_blacklist)
      • Updated OpenVPN to 2.4.2
      • Updated LIBSODIUM to 1.0.12
        This is the encryption engine for DNSCrypt
      • NEW: Include haveged 1.9.1
        This ensures a sufficient entropy (supply of random numbers) is available for crypto operations
      • Changed mssl to disable all 3DES ciphers (Merlin backport)
    • Other Fork Fixes/Updates
      • Update Nano to 2.8.1 (Merlin backport)
      • Update dnsmasq to 2.77rc3
        This fixes a problem in retrying a truncated UDP DNS response with TCP. It is more likely to occur when using DNSSEC with Linux/Android clients.
      • NEW: Add command line utilities to move HTTPS cert between NVRAM and JFFS
        • To move the HTTPS (router SSL cert), enter
          https2jffs or
          https2nvram
        IMPORTANT: If you wish to revert to a firmware prior to Update-25 and have moved the HTTPS cert to JFFS, you MUST move it back to NVRAM prior to loading the earlier firmware.
      • Fix for the minidlna database being placed in the wrong location
      • Increase timeouts for some webui operations
        Continued feature additions have resulted in some operations likely to take longer, and the webui was returning too early.
      • Disable LAN bridge multicast snooping by default (Merlin backport)
        This could cause intermittent LAN problems with functions such as minidlna and IPv6. If you experience problems with it disabled, it can be re-enabled on the LAN > IPTV page.
      • Changes to enhance the setup and import of OpenVPN configurations (Merlin backports)
      • Some additional experimental changes for DFS Channel support on the N66, AC66 and AC56
        Use the same instructions for the N66U DFS support in Merlin_Fork_Options.txt
        Additionally, I've found that some early AC66 routers will be unable to support these additional DFS channels. You must be AC66 hardware rev B0 (hardware rev A2 is unable to support DFS).

    Some notes on this fork...

    The fork does include
    • Maintenance for documented security issues
    • Maintenance for supporting open source components (such as dnsmasq, miniupnpd, etc)
    • Backports of applicable fixes and new functions from Merlin's main branch
    • Some unique support for options requested by users
    • A different IPv6 stack which may work better in some environments
    • Older versions of the wireless drivers that some feel offer better performance (especially on the MIPS based routers)
    • Less of a lockdown on tweaking power levels
    The fork does not include
    • The new TrendMicro DPI engine functions for ARM routers
    • The enhancements to the networkmap for custom icons, client naming, etc.
    • Some of the enhanced gui formatting of later releases, for instance the new wireless log
    • Support for the ASUS router control app
    • All the changes/tweaks that ASUS may have made since the original code was released (and any new introduced bugs :) )

    Custom features of the fork which are not exposed in the gui can be set by an nvram variable. These custom features are documented in the Merlin_Fork_Options file in the download directory.

    Thanks to all for your continued interest in this fork.

    Source: https://github.com/john9527/asuswrt-merlin : branch 374.43_2-update

    SHA256
    Code:
    cd5eac044d221e343b34864e080db4f870ccc371c1b129fce2009c7461722970  RT-AC68U_3.0.0.4_374.43_2-25E8j9527.trx
    5a8ffb9802cbb507d0f8d8848a3cb2b9d12a203cdfb477f958ae03b28498c22d  RT-AC56U_3.0.0.4_374.43_2-25E8j9527.trx
    f6108461fa2011ceb44c239774a79211878660f08d5d4a4a225b6b28f9157c20  RT-N16_3.0.0.4_374.43_2-25E8j9527.trx
    68883d47ae02d91fd4a8374e9f17a0e6b374bfeb730f2bb6907b14f18eddbe71  RT-AC66U_3.0.0.4_374.43_2-25E8j9527.trx
    f2d7a70d4893b06346935d178927bc96b38c42e6f0a6bd80d8745a9c3b7bd14a  RT-N66U_3.0.0.4_374.43_2-25E8j9527.trx
    
     
    Last edited: Jun 28, 2017 at 1:23 PM
  2. Raiu

    Raiu Regular Contributor

    Joined:
    Dec 10, 2013
    Messages:
    186
    This is awesome man! I haven't tried it yet. My wife is in school so I need 100% up time right now lol
     
  3. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    Awesome!
    A maintenance update for 374.43 :)

    I flashed it on top of 374.43 and so far so good.
    Nice work.

    MD5 checksum I got for the RT-N66U .trx file: E10E98C4F6CF380B00712A6A6BEEE2A1
     
  4. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,334
    Location:
    United States
    Glad to hear that the flash on N66U worked!
    Good point on the MD5 checksum....I added them for all the releases in the first post.
     
  5. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    Nothing funny in the syslog so far.
    Glad to see my MD5 is the same as your source. :)

    For my understanding, the fixes/changes above are they all from Github?
    Or did you merge them in yourself?
     
  6. kiesa1231

    kiesa1231 Regular Contributor

    Joined:
    Jul 13, 2013
    Messages:
    89
    Please fix to work huawei e3276s 4g modem in 374.43_3 build thanks.
     
  7. Jeffo

    Jeffo New Around Here

    Joined:
    Jul 17, 2014
    Messages:
    6
    Add maintenance of Huawei 3g/4g lte dongle to 374.43

    Same here. Requesting for maintance fix for the Huawei compatibility issue for 3G/4G/LTE dongle. it was working from Merlin 374.40Alpha4 and older also the latest 376.44 series. the firmwares in between doesn't work.
    Using a Huawei e3276s here too.
     
  8. lwizard

    lwizard Regular Contributor

    Joined:
    Jan 27, 2014
    Messages:
    95
    minidlna

    Is it possible also updating minidlna to 1.1.3?

    Thanks for the work.

    I am scared about trying 44 since it seems to cause lot of troubles in very important things like wifi and general speeds... and actually 43.2 is working right for me..
     
  9. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    Come on gents, cut the Huawei crap.
    That one is complicated and for ASUS to fix.
    Send ASUS a bug report!

    And put the router in question in your signature.
    Do we have to smell what you are using?

    Do try the fork from john9527 and give him some feedback.
    Much better than only asking.
     
    Last edited: Aug 15, 2014
  10. Kal-EL

    Kal-EL Very Senior Member

    Joined:
    Aug 15, 2013
    Messages:
    1,215
    Location:
    Motor City, Michigan-USA
    Can someone running this build explain more about it ? Is this a build that has the fixes for 44 but the interface of 43_2 ? Any comments would be great..
     
  11. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    Don't be scared, just give 376.44 a try.
    See if it works in your environment and decide yourself.
    If not, simply revert to what you are using now.
     
  12. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    That seems the case as far as I can see.

    Maybe john9527 can tell us a bit more...
     
  13. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,334
    Location:
    United States
    All the fixes have been committed by Merlin in his master branch. For this build, I merged them in by hand....gave me a chance to double check they were applicable (some I looked at were not) and gave me the chance to work through how git really worked. The exception was the openssl update...that one I let 'git cherry-pick' for me (146 updated files!).
     
  14. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,334
    Location:
    United States
    Merlin kindly tags all his releases in github, so I was able to make a branch of exactly the 374.43 release. With that as a base, I looked at what had been fixed in later builds that may have been seen on the 43 code (a good example is the Plex miniupnpd syslog flood). So I picked up that specific fix and added it to the 43 code.

    So what this is, is the 43 code, with just a couple of fixes on top of it that may help people out who don't want to upgrade to the next major release yet.
     
  15. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,334
    Location:
    United States
    Right now the minidlna update is not in the plan (there is one minidlna fix picked up)....Asus actually picked that up, so it's rolled into Merlin's big merge without a specific commit I can go after (and I need to learn more to do an update that big ;) ) This is unlike the openssl commit where I was just able to grab Merlin's work (only picked up to stay on top of any security issues).

    Also, as you said, for me 43.2 is running pretty well....there were just a couple of things that needed addressing in my environment which led me into this project. I don't want to do too much and end up destabilizing the 43.2 base.
     
  16. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    Great choice!

    The problem with 376.44 is that you can't localize the router any more.
    This is ASUS crap because of some FCC regulations.
    FCC has no jurisdiction in my country, but ASUS doesn't care.

    This means that with 376.44 I'm stuck with only 4 channels on 5GHz and reduced range on both WiFi bands.

    So I stick with 374.43 unless there are serious security issues that needs to be fixed.
    Probably a lot of people will do the same.
    Such a shame for a great open source project.

    That's why I am happy to see john9527's update on the 374.43 base. :)
     
  17. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    422
    Location:
    The Netherlands
    Running fine, nothing unusual seen in syslog. :)
     

    Attached Files:

  18. DrTeeth

    DrTeeth Senior Member

    Joined:
    Mar 29, 2013
    Messages:
    381
    Many, many thanks indeed. Just what the Dr ordered, no pun intended.

    Please keep up the good work. If you do keep it up, please set up a donation page.
     
    Last edited: Aug 16, 2014
  19. Raiu

    Raiu Regular Contributor

    Joined:
    Dec 10, 2013
    Messages:
    186


    From what I have read those that went to 44 and that wanted to go back were stuck and couldn't get their settings to work right.
     
  20. Kal-EL

    Kal-EL Very Senior Member

    Joined:
    Aug 15, 2013
    Messages:
    1,215
    Location:
    Motor City, Michigan-USA
    I tried 44 two times and went back to 43_2 with no issues just make sure you do a complete factory reset.
     

Share This Page