Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

[Fork] Asuswrt-Merlin 374.43 LTS releases (V27E5)

Discussion in 'Asuswrt-Merlin' started by john9527, Aug 14, 2014.

  1. SuperFly74

    SuperFly74 Regular Contributor

    Joined:
    Aug 18, 2015
    Messages:
    64
  2. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    23,907
    Location:
    Canada
    Yes, use a web browser and go through the regular webui.

    App support requires a LOT of code in the httpd daemon - I doubt John feels like trying to track down all of it and backport it, especially as there's a portion that's closed source now.
     
  3. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,633
    Location:
    United States
    Or switch to ASUS OEM or Merlin firmware. As Merlin said, I have no plans to backport the app support.
     
  4. SuperFly74

    SuperFly74 Regular Contributor

    Joined:
    Aug 18, 2015
    Messages:
    64
    Can u Go from latest Fork to Merlin SW without problems ?


    Sent from my iPhone using Tapatalk
     
  5. zonnebril

    zonnebril Occasional Visitor

    Joined:
    Nov 28, 2016
    Messages:
    25
    Location:
    The Netherlands
    @john9527, can you confirm where the PTCSRV firewall rule is for? It is implemented since one of your latest firmware versions and also in the latest V26E4:

    PTCSRV tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22

    The packetcounter is increasing on this rule (iptables -L -nv), so the rule is getting "hit", but what does it do?
     
    Last edited: Aug 20, 2017
  6. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    3,496
    Location:
    UK
    It appears to be part of Asus' new closed-source protect_srv service.
     
  7. jrmwvu04

    jrmwvu04 Regular Contributor

    Joined:
    Mar 29, 2016
    Messages:
    197
    Fork to Merlin or stock, yes. Merlin or stock to fork...
     
  8. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,633
    Location:
    United States
    Colin right again (as usual). It's monitoring the ssh (and telnet) ports if enabled, and will dynamically generate a block rule for an ip address that is repetitively trying to access it.

    I shortened the chain name from that used in Merlin builds because it was screwing up the columns in the iptables output.
     
  9. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,633
    Location:
    United States
    Have you ever had an 'nvram low' situation? It seems as if port forwards as one of the first things that can be affected (maybe corrupted) if that occurs.

    On the no description problem.....just wrote a fix for the next release. Thanks for the report!
     

    Attached Files:

  10. p71

    p71 Occasional Visitor

    Joined:
    Nov 7, 2012
    Messages:
    43
    Hi,

    I configured the AC66 router to renew every connected devices' IP address in every 15 minutes. I enabled the JFFS partition and configured to save the syslog to that area. My problem is that the router saves only 2.5 days long log, the older entries are automatically overwritten. How can I increase the log / history size?

    Thanks!
     
  11. zonnebril

    zonnebril Occasional Visitor

    Joined:
    Nov 28, 2016
    Messages:
    25
    Location:
    The Netherlands
    I do not open ports to the outside to access LAN. That's why VPN is invented imho. Because the rule is getting hit, is seems to do some inspection of the traffic or? Can I safely remove this rule upon startup, or am I screwing the service (or something else) up when doing so... ;)
     
  12. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    462
    Location:
    The Netherlands
    No, no 'nvram low' messages.
    I do have my OpenVPN certs/keys in nvram, not on jffs.
    But this I have for a long time without problems.
    NVRAM usage is always stable at 82% used.
    Code:
    NVRAM usage    53948 / 65536 bytes   (82% utilized)
    Usually I power off and on the router before a flash.
    To free up RAM.
    This time I did not do that and flashed directly after 30days uptime.
    Maybe that created this glitch. :(

    Anyway, it's working fine now.
    And thanks for the description fix! :)
     
  13. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    3,496
    Location:
    UK
    Personally I wouldn't risk it. It looks like that chain is fairly baked-in to the firmware, and who knows what dependencies there are in the closed source parts. John undoubtedly knows more about this. But I think a better approach would be to kill the protect_srv process (although it might get restated automatically).
     
  14. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,633
    Location:
    United States
    Metaphor time.....even though you have the door locked (no WAN access), people are continually coming by and knocking on the door. This provides an extra bit of protection if someone (or a bunch of people) continuously knock on the door. As @ColinTaylor said, it's pretty embedded in the code (every time the firewall starts and a separate process to support it). There's no real impact of having it enabled, so I'd recommend just leaving it.

    The only time it might be worthwhile to disable it, is if you are running another blocking script like Skynet. So, I'll take a look at providing a disable option....it shouldn't be too hard.
     
    Builder71 likes this.
  15. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    462
    Location:
    The Netherlands
    Can you explain why this could be needed? :confused:
    I'm using the ya-malware-block script, which I believe is similar to Skynet.
     
  16. SuperFly74

    SuperFly74 Regular Contributor

    Joined:
    Aug 18, 2015
    Messages:
    64
    Just tried to Go from Fork 26E4 to Merlin 380.68 and upgrade went through on screen but my router stil says Fork 26E4?[​IMG]


    Sent from my iPhone using Tapatalk
     
  17. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,633
    Location:
    United States
    There is nothing specific that I know of. It's just that they can be detecting the same events and trying to implement a block with two different methods. Unnecessary complication.
     
  18. john9527

    john9527 Part of the Furniture

    Joined:
    Mar 28, 2014
    Messages:
    4,633
    Location:
    United States
    Try powering down the router, unplug any USB devices, power up and retry the firmware upgrade first thing after the boot completes.
     
    SuperFly74 likes this.
  19. Builder71

    Builder71 Senior Member

    Joined:
    Oct 14, 2012
    Messages:
    462
    Location:
    The Netherlands
    Ahhh, I see.

    In that case I would also prefer to switch off this closed source Asus thing. :p
    I really like the well maintained open source scripts found here on SNB. :)
     
    tyspeed42 likes this.
  20. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    23,907
    Location:
    Canada
    The version of the code John is using is actually open sourced. It's the newer version that's part of 382 that has gone closed source.
     

Share This Page