What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Good to see you posting again John, all the best to you.

I installed 42E7 without problems on my RT-N66U.

Funfact: Recently my ISP decided to stop supporting Bridged IPTV, now only Routed IPTV is possible.
As you know Bridged IPTV is easy to configure on the ASUS LAN -> IPTV tab. Routed... not so easy. :rolleyes:
Long story short, I found some slick scripts to configure Routed IPTV.
Works great on my old and trusty RT-N66U, because of you, still providing security updates and other fixes for it. :)

Awesome!
 
Just an FYI on the NextDNS servers....looks like they are generating some rebind attack msgs that I never saw on Cloudflare or Quad9. Your mileage may vary :)
 
I would like to move to John's fork on my AC66U (non B-1). Right now I'm on the latest 380 MerlinWRT.
When opening the restoration tool a message pops up that the A1 version of the AC66U is not supported even though I downloaded
the utility from the AC66U's support page. Has anyone else encountered this and would it still be safe to downgrade the firmware with the utility?

oLALs8L.png

ck67Uak
 
When opening the restoration tool a message pops up that the A1 version of the AC66U is not supported even though I downloaded the utility from the AC66U's support page.
I can't see anything in your screen shot that says version A1 is not supported.

The message shown is telling you that you should only upload a firmware that matches your router model. It also points out that the "RT-AC66U_B1" is not the same model as "RT-AC66U" so they have different firmware.

EDIT: I think I see the confusion. The message is wrong, perhaps mistranslated from Chinese. The message talks about "hardware version" when it really means "model number". "RT-AC66U_B1" is a model not a hardware version.
 
Last edited:
Welcome back John! Thank you for all of your work maintaining this port! I actually just bought an AC68U for my folks' house which will soon run your 374 branch, based on how rock solid it runs on my N66U.
 
The NextDNS servers can work with stubby DoT, so I've added them to the available stubby resolvers. Those that have updated to the 42E7 release can use the
stubby-update-resolvers.sh
command to make them available.
View attachment 22278
If you mean integrating the NextDNS client....it's a REALLY BIG piece of work to do something like that, so at this point I'd say that's not likely to happen.

Thanks a lot John. I'll give a it try
 
@john9527 I think you need to remove your custom ID from the tls name in stubby-resolvers.csv on OneDrive.
Exactly what I was thinking.

@acale75 You could use a stubby.postconf script to replace the tls_auth_name with you own config id.

Replace 123456 with your own ID.
/jffs/configs/dnsmasq.conf.add
Code:
# NextDNS
add-cpe-id=123456
# Uncomment the following lines to send devices MAC and local IPs
# and identify them in NextDNS Logs and Analytics sections.
add-mac
add-subnet=32,128

/jffs/scripts/stubby.postconf
Code:
#!/bin/sh

CONFIG=$1
source /usr/sbin/helper.sh

pc_replace "dns1.nextdns.io" "123456.dns1.nextdns.io" $CONFIG
pc_replace "dns2.nextdns.io" "123456.dns2.nextdns.io" $CONFIG

EDIT: Updated stubby.postconf because of change in posts #10342/10344.
 
Last edited:
@john9527 I think you need to remove your custom ID from the tls name in stubby-resolvers.csv on OneDrive.
Not too worried.....I'm not registered. Just hit the 'try it for free' link to see the docs. Didn't realize that's how they made the account link.
I'm not using it, for me it generates pages of rebind attack warnings.

Do you know if there is a 'generic' auth-id to use'?
 
Not too worried.....I'm not registered. Just hit the 'try it for free' link to see the docs. Didn't realize that's how they made the account link.
I'm not using it, for me it generates pages of rebind attack warnings.

Do you know if there is a 'generic' auth-id to use'?
I think just dns1.nextdns.io and dns2.nextdns.io. It will give standard DNS services unaligned to a configuration profile, I believe.

The potential bad part is people may use your profile and if logging is enabled in that profile, all their queries will be logged under your test account.

Rebind would occur for anything they block.
 
Is there any logic/pattern to the rebind messages? So far I've only seen 1 spurious message.
I've since cleared my logs.....but it was a couple of specific sites generating most of them. Like blocks of 20 msgs in a row. A couple of analytics sites thrown in occasionally for good measure.
 
I upgraded my RT-AC66U a few days ago from 39E3 to 42D5 and it is running smoothly, no issues detected, even without resetting the router after upgrade. I'm using a small set of features: DoT, DHCP, DNSFilter, Parental Control.
Great work! Thank you John! And thanks for the Community for good support.

Did you try the LATEST RELEASE: Update-42E7 ?
I am having issues with my wifi speed , so just checking with you .
 
Did you try the LATEST RELEASE: Update-42E7 ?
I am having issues with my wifi speed , so just checking with you .
Part of this fork is that the wireless drivers are 'stable'.....last change was for the Krack fix in 2017,

It's likely that wireless contention has increased with everyone at home now. If you haven't moved the router, or added new electronics in your home that can be causing noise, double check again that there aren't a lot of other access points on your selected channel.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top