Release [Fork] Asuswrt-Merlin 374 LTS release 48E7

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

john9527

Part of the Furniture
LATEST RELEASE: Update-48E7
1 April 2021
Merlin fork 374.43_48E7j9527
============================

Update-48E7 Highlights
  • Updated OpenSSL to 1.1.1k
  • Updated AMTM to 3.1.9 rev 5
  • Updated NANO to 5.6.1
  • Updated NCURSES to 6.0
  • Updated CA bundle to 2021 March 9th version
  • Updated download links in Administration > Firmware Upgrade
  • Upstream commits for GetDNS (DoT)
  • Improved compatibility with Asuswrt-Merlin for AMTM Addons (OpenSSL, getrealip)
  • Include conntrack modules for those that install conntrack via Entware
  • Fixed timezone settings for some timezones
  • Added VPN endpoint address and port to VPN status page
  • Automated routing for VPNs that push private address DNS servers

Update-48E2 Highlights
  • REMOVED - Support for RT-AC68U V3 routers. The updated wireless drivers were incompatible with alternate operating modes as implemented in this Fork, including Media Bridge mode.
  • Updated OpenVPN to 2.5.1
  • Fixed UDP NAT Loopback with hardware acceleration active
  • Fixed IPv6 hosts update for sleeping ethernet attached clients
  • Added NEW ip2cidr function to helper.sh

Additional Notes on OpenVPN
Some notes/info for users of OpenVPN service providers
  • Private Internet Access (PIA) has started pushing DNS servers with private addresses (10.0.0.241 - 10.0.0.244) when connecting to their next gen servers. In order to access these private address DNS servers, you must add a route command in the 'Custom Configuration' section. You may check DNSMASQ or the OpenVPN PUSH_REPLY message to determine which server PIA is sending to the router. For example, adding
    Code:
    route 10.0.0.243 255.255.255.255
    will allow access to the PIA DNS+Streaming private address DNS server which seems to be the default server.

    Starting with release 48E7, the routing will be automatically updated.
    Further info on the PIA next gen DNS can be found at
    https://www.privateinternetaccess.com/helpdesk/kb/articles/next-generation-dns-custom-configuration
  • Some providers have also started pushing IPv6 route information when connecting to their servers. The current router OpenVPN does not support IPv6 and if you are running dual stack you may experience problems. The following will now automatically be added to the configuration for the OpenVPN clients
    Code:
    pull-filter ignore "ifconfig-ipv6"
    pull-filter ignore "route-ipv6"

Full ChangeLog: Changelog.txt in the download directory

Downloads:
https://1drv.ms/f/s!Ainhp1nBLzMJrEayV5NOiKa8zDA3
Folder 'Public-Release/Update-48E7'

Overview/Installation: LTS_OVERVIEW.pdf in the download directory

Previous release threads:
https://www.snbforums.com/threads/f...ease-47eb-rt-ac68u-v3-lets-encrypt-cli.70777/
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-46e9-dnspooq.69896/
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-46e8-superseded.68757/
https://www.snbforums.com/threads/fork-asuswrt-merlin-374-lts-release-45ec.67509

SHA256
(Default Build - All supported routers)
4e341d424d4a63abe793c187130d246dad024f19d3f8bd236e07c82b97aca55e RT-N16_374.43_48E7j9527.trx
e9048e4de97f86b6c5e60198f5334c5b76d613a18a5b43fe0a3e2450a70510fe RT-AC66U_374.43_48E7j9527.trx
28687ee8b93d2b884f108092001bec5b6f047545b364b2fe1f5ee75d515faa19 RT-N66U_374.43_48E7j9527.trx
4db74b5cc85df23626085e70be879ecbce3019b2c8ea4896f4d1c1fd51ec1273 RT-AC68U_374.43_48E7j9527.trx
5acddad74021aa5c1c2e794a6a9591807145fc4b7e154836e96afb888e2aedb7 RT-AC56U_374.43_48E7j9527.trx
 
Last edited:

dave14305

Part of the Furniture
I may need to borrow that new helper function! :)
 

diamuxin

Occasional Visitor
Hi, do you know any jffs scripts for [Fork] Asuswrt-Merlin 374 LTS, which can notify me by email when DDNS (in my case NOIP) changes the WAN IP address. My router is RT-AC66U.

I have only found a very elaborate script online: wicens.sh but the firmware must be 384.15 or higher and it does not work for my router (checked).

Thanks a lot.
 

octopus

Very Senior Member
Thank you 48E2 working just fine. openvpn client1 running fine with 2.5.1.
 

Gar

Very Senior Member
Working great on my AC56, thanks again (and again)!
 

RMerlin

Asuswrt-Merlin dev
I borrowed it too :) Was part of a vlan script I got from somewhere (don't remember where)
If scripters feel it may be useful, I might as well add it for uniformity.
 

dave14305

Part of the Furniture
If scripters feel it may be useful, I might as well add it for uniformity.
I’m mostly interested in the ip2num portion because I want to find a reliable way to strip out the network address when saving an IP to save settings storage. It’s usually easy because most people use a /24, but the occasional odd-ball wants a /23 or larger. I want to calculate the offset from the network address.

It’s just an idea and seeing this function may give me a head-start.
 

Jack Yaz

Part of the Furniture
I’m mostly interested in the ip2num portion because I want to find a reliable way to strip out the network address when saving an IP to save settings storage. It’s usually easy because most people use a /24, but the occasional odd-ball wants a /23 or larger. I want to calculate the offset from the network address.

It’s just an idea and seeing this function may give me a head-start.
I just assume /24 in YazDHCP because enough of Asus code assumes the same and I didn't think that it was worth the effort at the time to consider other CIDR.
 

john9527

Part of the Furniture
Hi, do you know any jffs scripts for [Fork] Asuswrt-Merlin 374 LTS, which can notify me by email when DDNS (in my case NOIP) changes the WAN IP address. My router is RT-AC66U.

I have only found a very elaborate script online: wicens.sh but the firmware must be 384.15 or higher and it does not work for my router (checked).

Thanks a lot.
Wow.....that's some script :)
As I suspected, the release limitations just needed some tweaks to run on my fork (release 41 or later). I pretty much keep the basic 'extras' in sync with Merlin.
I've added a new folder 'Scripts' in the download directory with wicens-lts.sh which should work for you (works on my AC68). Let us know if you give it a try.

As an alternative, one could probably craft a basic sendmail with a lot less code in a ddns-start script since you are already using DDNS. see https://github.com/RMerl/asuswrt-merlin.ng/wiki/Sending-Email
 

diamuxin

Occasional Visitor
Wow.....that's some script :)
As I suspected, the release limitations just needed some tweaks to run on my fork (release 41 or later). I pretty much keep the basic 'extras' in sync with Merlin.
I've added a new folder 'Scripts' in the download directory with wicens-lts.sh which should work for you (works on my AC68). Let us know if you give it a try.

As an alternative, one could probably craft a basic sendmail with a lot less code in a ddns-start script since you are already using DDNS. see https://github.com/RMerl/asuswrt-merlin.ng/wiki/Sending-Email
@john9527 thank you very much for your interest.

As soon as I have time I will try all the options.

Great job!
 

Jack Yaz

Part of the Furniture
Wow.....that's some script :)
As I suspected, the release limitations just needed some tweaks to run on my fork (release 41 or later). I pretty much keep the basic 'extras' in sync with Merlin.
I've added a new folder 'Scripts' in the download directory with wicens-lts.sh which should work for you (works on my AC68). Let us know if you give it a try.

As an alternative, one could probably craft a basic sendmail with a lot less code in a ddns-start script since you are already using DDNS. see https://github.com/RMerl/asuswrt-merlin.ng/wiki/Sending-Email
@Maverickcdn
 

jerrytouille

Regular Contributor
Dumb question: how to tell my RT-AC68U version? ie. is V3 or not?
 

diamuxin

Occasional Visitor
Wow.....that's some script :)
As I suspected, the release limitations just needed some tweaks to run on my fork (release 41 or later). I pretty much keep the basic 'extras' in sync with Merlin.
I've added a new folder 'Scripts' in the download directory with wicens-lts.sh which should work for you (works on my AC68). Let us know if you give it a try.

As an alternative, one could probably craft a basic sendmail with a lot less code in a ddns-start script since you are already using DDNS. see https://github.com/RMerl/asuswrt-merlin.ng/wiki/Sending-Email
Hi, I have already tried the adapted script but have not been successful. After configuring it with my mail data I have an error when the script executes "getextip.sh" (my network interface is "vlan20").

1615371492551.png


TalzNPSMb9.png


I run the wicens-lts script:

MobaXterm_mv6kjSw8OK.png


MobaXterm_snjkOC2e2Y.png


After 3 attempts...

MobaXterm_ViUc7K6hYq.png


Syslog:
Code:
Mar 10 11:00:01 wicens[3972]: cron : No saved WAN IP found, attempting to write current to this script
Mar 10 11:02:11 wicens[3972]: cron : Error retrieving WAN IP 3 times... aborting....

Any advice?

Thanks.
 
Last edited:

john9527

Part of the Furniture
Syslog:
Code:
Mar 10 11:00:01 wicens[3972]: cron : No saved WAN IP found, attempting to write current to this script
Mar 10 11:02:11 wicens[3972]: cron : Error retrieving WAN IP 3 times... aborting....

Any advice?

Thanks.

What happens if you run

sh /usr/sbin/getextip.sh

from the command line?

EDIT: I also refreshed the download wicens-lts.sh script to fix a problem removing the wan-event script when doing a reset.
 
Last edited:

diamuxin

Occasional Visitor
What happens if you run

sh /usr/sbin/getextip.sh

from the command line?

EDIT: I also refreshed the download wicens-lts.sh script to fix a problem removing the wan-event script when doing a reset.

Does not report anything

1JgQkNOIAV.png


In the syslog either

getextip.sh script content:

Bash:
# use STUN to find the external IP.

DEV=$1
max_instance=2
servers="stun.l.google.com:19302 stun.stunprotocol.org default"

if [ "$DEV" == "-h" ]
then
    echo "Get External IP Address via STUN"
    echo "Usage: getextip.sh [interface]"
    echo "Usage: gettunnelip.sh [vpn_instance]"
    exit 0
fi

[ "$DEV" == "" ] && DEV=$(nvram get wan0_ifname)
if [ ${#DEV} -eq 1 ] # instance specified
then
    if [ "${DEV}" == "0" ]; then DEV=$(nvram get wan0_ifname); else DEV="tun1${DEV}"; fi
fi
INSTANCE="${DEV:$((${#DEV}-1)):1}"
if [ "${DEV:0:3}" == "tun" -a $INSTANCE -gt $max_instance ]
then
    echo "Invalid client instance!"
    exit 1
fi

for server in $servers; do
    [ "$server" = "default" ] && server=
    result=$(/usr/sbin/ministun -t 1000 -c 1 -i $DEV $server 2>/dev/null)
    [ $? -eq 0 ] && break
    result=""
done

[ "${DEV:0:3}" == "tun" ] && nvram set "vpn_client${INSTANCE}_rip"=$result || nvram set "ext_ipaddr"=$result
echo "$result"
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top