Kamoj Kamoj add-on V5 for Netgear R7800 X4S and R9000 X10

[kamoj]

Thank you both about ExpressVPN!
I've sent a corrected .ovpn file to @walleyez now.
Hope it is working.

 

[LSM]

Kamoj,

In another message thread you encouraged me to followup on trying to get PureVPN running on your V5 addon. I finally got the chance to try it today (R7800, Voxel 76.1SF, kamoj addon V5, most current (2020) linux PureVPN udp openvpn.opvn file as you suggested) and got a strange result. The script loaded and the VPN indicator in your gui indicated a successful connection. However, I could not access anything on the internet. I've included the log file below and hope you will have an opportunity to see if you can determine where I am going wrong. I also tried the ca2*.ovpn file and got the same result. I do note now that the date is wrong, April 22 rather than 25, but am unsure if this is important and I have restored my internet servise with my EA8500. A intial issue is that when I imported the *.ovpn files in your gui they were saved with an extra space between every line. I had to manually edit the file to remove the spaces as the various certificate blocks don't work with spaces between the lines. As well I tried repeatedly to join the beta testing program for your 5.1 and beyond addon by voting but nothing seemed to result from the voting exercise. I would have tested an updated version if I could have and will do so if I can obtain a copy to test. Even with my minor problem I can see the major benefit of your addon to Voxel's excellent firmware.

Thank you in advance for any assistance!

LSM


2020-04-22 11:29:06 [OpenVPN] Client:Existing OpenVPN nvram configuration found: usny2-ovpn-udp.ovpn
2020-04-22 11:29:06 [OpenVPN] Client:Check if DNS is already working
2020-04-22 11:29:06 [OpenVPN] Clientassword file given and exist.
2020-04-22 11:29:06 [OpenVPN] Client:Copy /etc/openvpn/config/client/usny2-ovpn-udp.ovpn and change dev to: tun21
2020-04-22 11:29:06 [OpenVPN] Client:******* ip route before START:
default via 99.254.68.1 dev brwan
99.254.68.0/23 dev brwan proto kernel scope link src 99.254.69.235
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.253
2020-04-22 11:29:06 [OpenVPN] Client:Starting OpenVPN client usny2-ovpn-udp.ovpn, device: tun21. Please wait...
Wed Apr 22 11:29:07 2020 OpenVPN 2.4.9 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Wed Apr 22 11:29:07 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
Wed Apr 22 11:29:07 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Apr 22 11:29:07 2020 nice -20 succeeded
Wed Apr 22 11:29:07 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]172.94.86.4:53
Wed Apr 22 11:29:07 2020 UDP link local: (not bound)
Wed Apr 22 11:29:07 2020 UDP link remote: [AF_INET]172.94.86.4:53
Wed Apr 22 11:29:08 2020 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Wed Apr 22 11:29:08 2020 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Wed Apr 22 11:29:08 2020 [Secure-Server] Peer Connection Initiated with [AF_INET]172.94.86.4:53
Wed Apr 22 11:29:10 2020 TUN/TAP device tun21 opened
Wed Apr 22 11:29:10 2020 /sbin/ifconfig tun21 172.94.86.205 netmask 255.255.255.192 mtu 1500 broadcast 172.94.86.255
Wed Apr 22 11:29:10 2020 /etc/openvpn/ovpnclient-up.sh tun21 1500 1557 172.94.86.205 255.255.255.192 init
/opt/xagent/run-xagent.sh: /opt/xagent/run-xagent.sh: 3: system: not found
/opt/xagent/run-xagent.sh: /opt/xagent/run-xagent.sh: 4: system: not found
Please specify hardware_id (by --hardware_id option) to run xagent.
It should contain only upper latin letters and numbers and have 13 symbols
/opt/xagent/xagent: [-d|--daemon] [-c|--config_file <file name>]
[--disable_console] [--disable_log_file] [--model_id]
[--ca_path <path to CA folder>] [--ca_file <path to cert file>]
[--log_debug|--log_info|--log_warning|--log_error|--log_silent]
[-w|--watchdog] [-v|--version] [--log_file <filename>]
[-s|--service_id <service_id>] [--discovery_time <discovery time>]
[--discovery_id <id>] [--carrier_id <id>] [--discovery_data <data>]
[--start_paused] [--log_file_cnt <count of files in rotation>]
[--log_file_size <max size of log file before rotation in human format: nK|nM where n in 1-9999>]
[--pid_file <pid_file>] [--watchdog_pid_file <pid_file>]
[--broker_keepalive <time>,<probes>,<intv>] [--agent_keepalive <time>,<probes>,<intv>]
[--agent_heartbeat <time>]
--hardware_id <hardware id> [--model_id <model_id>]
2020-04-22 11:29:10 [OpenVPN] Client:INFO: OpenVPN client pid:5191/PID:5191 started with: /usr/sbin/openvpn--devtun21--fast-io--nice-20--auth-nocache--sndbuf786432--rcvbuf786432--tun-mtu1500--mssfix1460--txqueuelen1000--writepid/var/run/openvpn-client.pid--cd/etc/openvpn/config/client--log-append/var/log/openvpn-client.log--config/tmp/openvpn_conf/usny2-ovpn-udp.ovpn--script-security2--up/etc/openvpn/ovpnclient-up.sh--down/etc/openvpn/ovpnclient-down.sh--daemon--pushsndbuf 786432--pushrcvbuf 786432
2020-04-22 11:29:10 [OpenVPN] Client:Connection is UP: tun21 1500 1557 172.94.86.205 255.255.255.192 init
2020-04-22 11:29:10 [OpenVPN] Client:Connection is UP: tun21 1500 1557 172.94.86.205 255.255.255.192 init
Wed Apr 22 11:29:10 2020 Initialization Sequence Completed
Content-type:text/html

2020-04-22 11:29:10 [OpenVPN] Client:Waiting up to 10 s etc to let password etc fail before checking log-file for connection
2020-04-22 11:29:10 [OpenVPN] Client:INFO: OpenVPN Client started and connected. : usny2-ovpn-udp.ovpn : tun21 : Secure-Server 172.94.86.4:53
2020-04-22 11:29:10 [OpenVPN] Client:Optimize Start. Setting Turbo mode on
2020-04-22 11:29:10 [OpenVPN] Client:Started. Restarting Firewall
2020-04-22 11:29:11 [OpenVPN] Client:Start completed
2020-04-22 11:29:11 [OpenVPN] Client:[OpenVPN] Client:******* ip route after START:
0.0.0.0/1 via 172.94.86.193 dev tun21
default via 172.94.86.193 dev tun21
default via 99.254.68.1 dev brwan
99.254.68.0/23 dev brwan proto kernel scope link src 99.254.69.235
128.0.0.0/1 via 172.94.86.193 dev tun21
172.94.86.4 via 99.254.68.1 dev brwan
172.94.86.192/26 dev tun21 proto kernel scope link src 172.94.86.205
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.253
239.0.0.0/8 dev br0 scope link
2020-04-22 11:29:11 [OpenVPN] Client:Waiting again up to 10 s etc to let password etc fail before checking log-file for connection

 

[kamoj]

If you want join beta test program you simply contact me via PM or like you do here, no problem.
The poll is just a voting for the general interest of different router.

About your vpn issue:
I agree the log looks good, but if you have the wrong date it will not work.
I'll send you a PM with link to beta program where you can test the new beta version,
which handles erroneous date.
For now you can follow the instruction in Voxel readme.docx and set up a delay in the openvpn client:
Login to router command line and run these 2 commands, and reboot:

nvram set vpn_client_delay=120
nvram commit

This will cause a 2 minutes delay before starting the openvpn client both att boot time and every time you
switch it on, but it might help your router to get services like ntp and dns to work before the vpn client starts.

Kamoj,

In another message thread you encouraged me to followup on trying to get PureVPN running on your V5 addon. I finally got the chance to try it today (R7800, Voxel 76.1SF, kamoj addon V5, most current (2020) linux PureVPN udp openvpn.opvn file as you suggested) and got a strange result. The script loaded and the VPN indicator in your gui indicated a successful connection. However, I could not access anything on the internet. I've included the log file below and hope you will have an opportunity to see if you can determine where I am going wrong. I also tried the ca2*.ovpn file and got the same result. I do note now that the date is wrong, April 22 rather than 25, but am unsure if this is important and I have restored my internet servise with my EA8500. A intial issue is that when I imported the *.ovpn files in your gui they were saved with an extra space between every line. I had to manually edit the file to remove the spaces as the various certificate blocks don't work with spaces between the lines. As well I tried repeatedly to join the beta testing program for your 5.1 and beyond addon by voting but nothing seemed to result from the voting exercise. I would have tested an updated version if I could have and will do so if I can obtain a copy to test. Even with my minor problem I can see the major benefit of your addon to Voxel's excellent firmware.

Thank you in advance for any assistance!

LSM

 

[LSM]

If you want join beta test program you simply contact me via PM or like you do here, no problem.
The poll is just a voting for the general interest of different router.

About your vpn issue:
I agree the log looks good, but if you have the wrong date it will not work.
I'll send you a PM with link to beta program where you can test the new beta version,
which handles erroneous date.
For now you can follow the instruction in Voxel readme.docx and set up a delay in the openvpn client:
Login to router command line and run these 2 commands, and reboot:

nvram set vpn_client_delay=120
nvram commit

This will cause a 2 minutes delay before starting the openvpn client both att boot time and every time you
switch it on, but it might help your router to get services like ntp and dns to work before the vpn client starts.

Kamoj,

your advice was very helpful! I downloaded the 5.2-2beta, installing it as recommended (i.e., first uninstall the previous version). With a bit of fiddling about and redoing the VPN transformation of a PureVPN *.opvn file for Canada (ca2) I got it working. That is the good news. Although PureVPN says the site is in Toronto (I'm north of Toronto) it links to an OpenVPN server in Montreal. With my current router (Linksys EA8500 with most current dd-wrt firmware) and some script tuning from a base down/up connection of about 320/17 Mbps I get OpenVPN performance of 50-70/14-16 Mbps, with a ping of 16-50 ms, depending on the time of day and the test program used.

The bad news is the R7800 at this stage gets, from the same base connect rate and same Montreal server, about 30/16 Mbps with a ping of 50 or more. I tried a New York config file but the performance was even poorer. So, rather than getting about double the EA8500 throughput I'm getting about half, despite the presence of the network accelerator subsystem in the R7800. It may be a few days before I can get back to this. If there is something specific that you might wish to have tested and reported on to help to better understand what is going on and/or some suggestions regardng what "tuning" might be worth while exploring please let me know. Also, if you are interested in the successful R7800 OpenVPN logs and/or the ca2*.opvn file I can forward them to you if you have a recommended way of doing that.

Finally, the 5.2b2-2 addon appears to work well in the relatively short time I spent with it. It sure helps to navigate and extend the firmware GUI!

LSM

 

[kamoj]

Very happy to hear about your success with the latest beta!
Hope the 5.2 beta won't disappoint you.
I think it's more stable than this threads v5.0 beta,
but some things are not yet working for the R9000, hence the delayed release.

About the slow speed:
The same server address does not mean it is the same server.
Many providers have many servers for load balancing using the same address.
But if it consistently slow you might have not so good configuration.
It's a tedious job to tune for each provider.
Please send me the log and .ovpn file as PM (start a new conversation),
and I'll make a short walk-through of it.
But i's far from Toronto to Montreal so you should find a closer server!
Close server is the most important factor I've found.

Kamoj,

your advice was very helpful! I downloaded the 5.2-2beta, installing it as recommended (i.e., first uninstall the previous version). With a bit of fiddling about and redoing the VPN transformation of a PureVPN *.opvn file for Canada (ca2) I got it working. That is the good news. Although PureVPN says the site is in Toronto (I'm north of Toronto) it links to an OpenVPN server in Montreal. With my current router (Linksys EA8500 with most current dd-wrt firmware) and some script tuning from a base down/up connection of about 320/17 Mbps I get OpenVPN performance of 50-70/14-16 Mbps, with a ping of 16-50 ms, depending on the time of day and the test program used.

The bad news is the R7800 at this stage gets, from the same base connect rate and same Montreal server, about 30/16 Mbps with a ping of 50 or more. I tried a New York config file but the performance was even poorer. So, rather than getting about double the EA8500 throughput I'm getting about half, despite the presence of the network accelerator subsystem in the R7800. It may be a few days before I can get back to this. If there is something specific that you might wish to have tested and reported on to help to better understand what is going on and/or some suggestions regardng what "tuning" might be worth while exploring please let me know. Also, if you are interested in the successful R7800 OpenVPN logs and/or the ca2*.opvn file I can forward them to you if you have a recommended way of doing that.

Finally, the 5.2b2-2 addon appears to work well in the relatively short time I spent with it. It sure helps to navigate and extend the firmware GUI!

LSM

 

[Easy Rhino]

First, this is really cool. thanks.

Second, the advanced QoS options don't seem to really ... work... on my R7800.

For instance i can go into QoS Setup. The first thing is I don't see a button for "set up a QoS rule" until AFTER I hit the "apply" button.

Second, if I attempt to enter any value in upstream bandwidth and hit apply I get "qos bandwidth of mbps should be 1 to undefined"

third, if I do manage to create a rule, and enter in some UDP/TCP ports, it doesn't seem to change the name of the 'traffic' in bandwidth on the regular "attached devices" page. i know this one might be a stretch if it would work, but how else would I know if the new QoS rules are working?

finally if I already have a rule, click on setup qos rules, click on an existing one, click edit, and enter in new port numbers, and click apply, I get a "400 bad request" error.

 

[kamoj]

These are not advanced settings?! You talk about "hidden" settings?
Maybe that's why Netgear has hidden these menus?
I don't use QoS myself, so hopefully some other user can help here!

 

[Easy Rhino]

you are correct, not advanced settings... hidden qos setup settings.

makes me wonder if they weren't meant to be used with qualcomm's streamboost.

 

[Stan Dragos Cristian]

Nice work Kamoj. Congrats!

 

[mr-b]

Hi - in the installations instructions it says "Previously installed Kamoj add-on should be uninstalled before installing new version" .
How does one do this please?

 

[microchip]

Hi - in the installations instructions it says "Previously installed Kamoj add-on should be uninstalled before installing new version" .
How does one do this please?

opkg remove kamoj-addon

 

[kamoj]

Very good you read the instruction!

Please:
1. Read the first post (OP) of this thread/topic!
2. Click "Spoiler: Uninstall/Removal" and
3. follow the instruction

Hi - in the installations instructions it says "Previously installed Kamoj add-on should be uninstalled before installing new version" .
How does one do this please?

 

[kamoj]

Also in the beta version of the add-on I added an experimental fix for the data corruption when using WAN port in AP-mode.
If possible you can enable the fix and make a test and report back to me how it is working!
(https://www.snbforums.com/threads/r7800-data-corruption-when-in-accesspoint-mode.54744/#post-507109)

Hi - in the installations instructions it says "Previously installed Kamoj add-on should be uninstalled before installing new version" .
How does one do this please?

 

[mr-b]

Yes happy to try out the WAN port corruption fix.
FWIW I did search for the deinstallation process but that tiny font spoiler button was too well buried down the page. ;-)

 

[mr-b]

Also in the beta version of the add-on I added an experimental fix for the data corruption when using WAN port in AP-mode.
If possible you can enable the fix and make a test and report back to me how it is working!
(https://www.snbforums.com/threads/r7800-data-corruption-when-in-accesspoint-mode.54744/#post-507109)

OK, I've loaded the add-on (since the AP has no route to the internet, I had to download the .ipk file first to a USB stick and then "cd /mnt/sda1" before installing it)

How do I enable the fix? I can't see any wan/corruption fix settings in the new menus, nor in Release Notes.

Also in the other thread you mention some ethool/ifconfig cmds - do you still want the output of those?

 

[kamoj]

Sorry, but you need to use the 5.2 beta version. I send you PM if you want to try. (Same handling with USB stick then).

OK, I've loaded the add-on (since the AP has no route to the internet, I had to download the .ipk file first to a USB stick and then "cd /mnt/sda1" before installing it)

How do I enable the fix? I can't see any wan/corruption fix settings in the new menus, nor in Release Notes.

Also in the other thread you mention some ethool/ifconfig cmds - do you still want the output of those?

 

[mr-b]

Ok cool - the OP did say it was a beta version ...

 

[kamoj]

Yes, the 5.0 you are running is even more beta than 5.2 beta though.
It was more of a christmas gift thing...

The 5.2 beta is much more tested.
There is one user reporting problems with check-boxes not working,
and I have not solved his/her problem yet.

 

[mr-b]

LOL. OK I've replied in the data corruption thread to save cluttering up this one.

 

[manup85]

Yes, the 5.0 you are running is even more beta than 5.2 beta though.
It was more of a christmas gift thing...

The 5.2 beta is much more tested.
There is one user reporting problems with check-boxes not working,
and I have not solved his/her problem yet.

Hello sir. Is it possible to send me the download link? Thank you

Inviato dal mio Mi 9T Pro utilizzando Tapatalk