What's new

Kamoj add-on V5 for Netgear R7800 X4S and R9000 X10

kamoj

Very Senior Member
Thank you for all feedback. (If you like it press the "like" button...)

Unfortunately I must agree with some critics of the Netgear software.
Their support quality has been much criticized as well.

BUT...
I still think the Netgear R7800 is a good router:
  • Good Qualcomm chip-sets that don't get really hot
  • Fan-less
  • Very good WiFi coverage and speed
  • Handles Gigabit ethernet without any cpu usage/problem at all (thanks to the NSS)
  • Fast cpu giving 120+ Mbps OpenVPN
  • USB3
  • SATA3
  • You can run @Voxel firmware, giving you lots of goodies, e.g.
    - Entware
    - Debian
    - Up to date software packages, e.g. openSSL
    - Up to date security patches
    - Support for Kamoj add-on ;)
  • Best software support available through the master himself: @Voxel
Comments to you questions:
1. All congestion control options are implemented by @Voxel. I just added a GUI to change it.

2. NSS is a dual core part of the cpu that takes care of shuffling network packages, offloading the 2 Krait cores.
(https://www.qualcomm.com/products/ipq8065)
It's only for the R7800. I added it to experiment with how much speed it takes without NSS.
I'll probably remove this in next add-on version...

3. The an_router_flag is accessed in many of Netgears html-pages, so it's too much to describe here.
If you are interested, search all .htm and .html files in /www/

4. If you have to ask about the network options - don't change them ;-)
You can "google it" and you might find it fun to play with them when you understand what they do.

Hey

@Voxel Want to thank you for making my life a bit simpler and for improving my quality of internet. hehe.
I am sadly stuck with this pos 7800 x4s for 2-3 more months and the netgear software is absolute pure sh*t. Luckily I will have my ubiquiti setup back in few months. But in the meantime your firmware has been a savoir for the x4s and actually made it halfway decent for a all in one consumer grade router.

@kamoj Want to thank you as well for simplifying my life and improving the features of the router. The Signal Strength of all the connected clients is huge. I could not believe that it was not a feature that was built into the router with its stock firmware. The only way I could find the info before was by going to the debug.htm and running the log then saving it and opening the console log file but over half the time that would cause issues with the router and none of the 192.168.1.1 pages would work and it would cause my ethernet connected pc to lose connection but yet wifi still worked. So i would always have to restart the router to get it fully working again.
I do have a few questions for you though.

1.For the congestion control options can you tell me exactly which version each one is as most if not all of those have different variants to them and I am trying to decide which one would be best for certain gaming applications and for when I do heavy downloading. So if you could give me which variant to each one you have implented and maybe a brief description of each one would be greatly appreciated.

2. What is Disable NSS Network SubSystem Accelerator for ipv4/6- I tried to google this information but it was very scarce and mainly talked about part of the network structure for cellular.

3. Set an_router_flag in nvram to indicate 802.11a and 802.11n capability- what is this option and what does it do exactly

4. can you elaborate on what each of the network options do

Again thank you for the amazing addon and I hope to hear back from you soon.
 
Last edited:

e38BimmerFN

Very Senior Member
Any chance your going to support this plug in on Orbi 50 series with Voxels FW?
 

kamoj

Very Senior Member
I can't see that happen, not by me at least, of several reasons:
  • I don't have and don't intend to buy an Orbi
  • The Orbi GUI and cgi handling is not standard.:mad:
    Netgear seems to have tried to lock-out people like @Voxel and me.
    It is probably necessary to own an Orbi to get around this inconvenience;)
    (I have googled some and it seems like you can/must hi-jack the original GUI, so it's doable, though not easy.)
  • I'm not a time millionaire
  • ...
Any chance your going to support this plug in on Orbi 50 series with Voxels FW?
 
Last edited:

e38BimmerFN

Very Senior Member
So if you had a RBR50, would you still be able to get around:
The Orbi GUI and cgi handling is not standard.
Netgear seems to have tried to lock-out people like @Voxel and me.
It is probably necessary to own an Orbi to get around this inconvenience
(I have googled some and it seems like you can/must hi-jack the original GUI, so it's doable, though not easy.)


I can't see that happen, not by me at least, of several reasons:
  • I don't have and don't intend to buy an Orbi
  • The Orbi GUI and cgi handling is not standard.:mad:
    Netgear seems to have tried to lock-out people like @Voxel and me.
    It is probably necessary to own an Orbi to get around this inconvenience;)
    (I have googled some and it seems like you can/must hi-jack the original GUI, so it's doable, though not easy.)
  • I'm not a time millionaire
  • ...
 

kamoj

Very Senior Member
Haha, who knows. Depends on.
Who is more determined.
Who has more time.
But if we want, both me and @Voxel could do it. That's my belief.
So if you had a RBR50, would you still be able to get around:
The Orbi GUI and cgi handling is not standard.
Netgear seems to have tried to lock-out people like @Voxel and me.
It is probably necessary to own an Orbi to get around this inconvenience
(I have googled some and it seems like you can/must hi-jack the original GUI, so it's doable, though not easy.)
 

e38BimmerFN

Very Senior Member
I just loaded v5 of your add on on my R7800. Gotta say Wow. Great job. Like the additional menus and hidden features. ;)
Orbi would be stellar with this. o_O
 

nsx

Occasional Visitor
hi! amazing addon for an amazing firmware! great job kamoj & Voxel !!
little bug in OpenVPN client config: the password is not stored properly (last character is deleted if it's a symbol like +)
 

Tom Brough

Regular Contributor
@kamoj What's the possibility of including a banip style add-on into the next version, the addition of ad blocking is most welcomed, adding ip banning too would be the icing on the cake!!
 

kamoj

Very Senior Member
Ok, It was easy to implement, so it will included be in next release!:)

You make your own list of ip addresses, one per line.
It's also possible to use wildcard for the last octet, e.g.:
1.2.3.4
5.6.7.8
1.231.153.*
2.20.55.*
10.11.12.13

@kamoj What's the possibility of including a banip style add-on into the next version, the addition of ad blocking is most welcomed, adding ip banning too would be the icing on the cake!!
 
Last edited:

hannez8014

Occasional Visitor
Hi Kamoj
I love your addon for r7800. I wonder if it's a possibility to ad an option för when Wan down the router will restart automaticly
Best Regards Hannez

Skickat från min POT-LX1 via Tapatalk
 

kamoj

Very Senior Member
Thank you for the appreciation:)
It's not difficult, but please tell me more about your use case!
Tell me more about how it would function.
How long without "WAN"? How often restart?
What is "Wan down"? No DNS? No ping answer? No incoming traffic? Etc.
Hi Kamoj
I love your addon for r7800. I wonder if it's a possibility to ad an option för when Wan down the router will restart automaticly
Best Regards Hannez

Skickat från min POT-LX1 via Tapatalk
 

hannez8014

Occasional Visitor
So I have a problem with someone attacking my router I think. When I look in dmsg it says ip spoofing and ddos. So several times a day my internet connection shuts down. And when I restart my router internet is working again. When I do a check internet connection in windows 10 it says I have a problem with dns. Next time it happens I can post the log. I have to find a way to stop the attacks or some mitigation to the problem. I use expressvpn and dns proxy 2. Thanks to your addon they work fine. Hope for some tips to my problem

Best Regards Hannez

Skickat från min POT-LX1 via Tapatalk
 

kamoj

Very Senior Member
Tips next time you have problems:
  • save the openvpn log file
  • run "ping 8.8.8.8" from windows (8.8.8.8 is google DNS)
  • run "ping 8.8.8.8" from the router command prompt
  • close the openvpn connection and see what happens
I've not tested the OpenVPN with ExpressVPN, so I don't know what settings are optimal.
Are you running udp or tcp, what mtu, buffer size, mss fix, encryption etc?
But I'm glad you confirm it is working.

Are the ddos attacks coming from a few or many many different ip addresses?
Are they coming even when you are connected to ExpressVPN as well?

So I have a problem with someone attacking my router I think. When I look in dmsg it says ip spoofing and ddos. So several times a day my internet connection shuts down. And when I restart my router internet is working again. When I do a check internet connection in windows 10 it says I have a problem with dns. Next time it happens I can post the log. I have to find a way to stop the attacks or some mitigation to the problem. I use expressvpn and dns proxy 2. Thanks to your addon they work fine. Hope for some tips to my problem

Best Regards Hannez

Skickat från min POT-LX1 via Tapatalk
 

Tom Brough

Regular Contributor
Ok, It was easy to implement, so it will included be in next release!:)

You make your own list of ip addresses, one per line.
It's also possible to use wildcard for the last octet, e.g.:
1.2.3.4
5.6.7.8
1.231.153.*
2.20.55.*
10.11.12.13
That's great to hear, currently I use a few lists from sources, but I can copy and paste them into my own files easy enough.

When's V6 coming then :)
 

Tom Brough

Regular Contributor
Ok, It was easy to implement, so it will included be in next release!:)

You make your own list of ip addresses, one per line.
It's also possible to use wildcard for the last octet, e.g.:
1.2.3.4
5.6.7.8
1.231.153.*
2.20.55.*
10.11.12.13
I use these lists...

https://pgl.yoyo.org/as/serverlist.php?showintro=0;hostformat=hosts

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

https://www.dshield.org/block.txt

https://github.com/shounak-de/iblocklist-loader/blob/master/iblocklist-loader.sh

All which are automatically added in openwrt banip program...

Https://github.com/openwrt/packages/blob/master/net/banip/files/banip.conf
 

kamoj

Very Senior Member
That will take some time...
First I want to make a v5 bug-fix release, remember this v5.00 is a beta release.
Trying to get time to fix the reported bugs for v5. Also need to adapt to new Voxel releases.

Then maybe for v5.1/v6 make a GUI for Wireguard, an intelligent installer, a smart backup/restore function, traffic shaping/bandwidth limiting etc...
Pretty much up to what users wish and their level of appreciation of mine and Voxel's work.
PS
...
When's V6 coming then :)
 

nsx

Occasional Visitor
Hello, I have 2 questions regarding the VPN bypass page:

1/ There is always "Bypass devices:1" even when the list is empty, is this normal? which device is it?
2/ Can you add the router itself to the bypass list (to de/activate VPN tunneling for the Transmission client in Voxel's firmware) ?

thank you again!
 

kamoj

Very Senior Member
1/ I've corrected some bug about this page, for next release.
To see all bypass devices, run router command:
Code:
ip rule show
2/ You can try it out yourself by running router commands (If your router has ip 192.168.1.1):
Code:
ip rule add from 192.168.1.1 table novpn
ip route flush cache
'
Hello, I have 2 questions regarding the VPN bypass page:

1/ There is always "Bypass devices:1" even when the list is empty, is this normal? which device is it?
2/ Can you add the router itself to the bypass list (to de/activate VPN tunneling for the Transmission client in Voxel's firmware) ?

thank you again!
 
  • Like
Reactions: nsx

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top