Kamoj Kamoj Addon 5.5 Beta for Netgear R7800/R8900/R9000 with Voxel FW

jrbmw

Regular Contributor
Running my R7800 with Voxel V1.0.2.98SF and Kamoj V5.5b27 and I have a problem with the Vpn bypass. If I put my google chromecast on bypass the vpn to watch netflix I get the you are using an unblocker or proxy.The ip rule shows the chromecast as bypassed and its in the bypass devices box.Netflix works fine with the vpn off.
 

jay2020

Occasional Visitor
Running my R7800 with Voxel V1.0.2.98SF and Kamoj V5.5b27 and I have a problem with the Vpn bypass. If I put my google chromecast on bypass the vpn to watch netflix I get the you are using an unblocker or proxy.The ip rule shows the chromecast as bypassed and its in the bypass devices box.Netflix works fine with the vpn off.
go back to Voxel V1.0.2.97SF and see if the issue is still there. dont forget to report back with your status/results
 

R. Gerrits

Senior Member
Running my R7800 with Voxel V1.0.2.98SF and Kamoj V5.5b27 and I have a problem with the Vpn bypass. If I put my google chromecast on bypass the vpn to watch netflix I get the you are using an unblocker or proxy.The ip rule shows the chromecast as bypassed and its in the bypass devices box.Netflix works fine with the vpn off.
so "ip rule show" has an entry like this: "from <chromecast_IP> lookup novpn" ???

and you are really sure that the chromecast still has that IP-address?

If so then the only explanation I can think of, is that somethings wrong with the routing table.
Can you check the output of "ip route show table novpn" ?
 

jrbmw

Regular Contributor
so "ip rule show" has an entry like this: "from <chromecast_IP> lookup novpn" ???

and you are really sure that the chromecast still has that IP-address?

If so then the only explanation I can think of, is that somethings wrong with the routing table.
Can you check the output of "ip route show table novpn" ?
vpn set to new york

32763: from 192.168.1.2 lookup novpn same as chromecast with google tv ip

[email protected]:/$ ip route show table novpn
default via 172.16.10.217 dev ppp0
172.16.10.217 dev ppp0 proto kernel scope link src 195.213.37.142
173.239.207.84 via 172.16.10.217 dev ppp0
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.1
239.0.0.0/8 dev br0 scope link
 

R. Gerrits

Senior Member
vpn set to new york

32763: from 192.168.1.2 lookup novpn same as chromecast with google tv ip

[email protected]:/$ ip route show table novpn
default via 172.16.10.217 dev ppp0
172.16.10.217 dev ppp0 proto kernel scope link src 195.213.37.142
173.239.207.84 via 172.16.10.217 dev ppp0
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.1
239.0.0.0/8 dev br0 scope link
Looks fine to me.
Then the next guess:
You haven't enabled "Router it-self bypass VPN" -> DNS requests that chromecast makes are routed through the VPN. And your VPN provider intercepts those DNS requests and redirects it to his own DNS servers.
(chromecast asks your router; your router sends the queries towards the internet via its default route)
 

jrbmw

Regular Contributor
Looks fine to me.
Then the next guess:
You haven't enabled "Router it-self bypass VPN" -> DNS requests that chromecast makes are routed through the VPN. And your VPN provider intercepts those DNS requests and redirects it to his own DNS servers.
(chromecast asks your router; your router sends the queries towards the internet via its default route)
Enabling router it-self bypass made no difference
 

jrbmw

Regular Contributor
It seems that the device is bypassing the vpn but the internet connection on the bypassed device is dropping in and out.
But not on the vpn devices
 
Last edited:

schneidewind

Occasional Visitor
Hello,
I have updated the Voxel software from 58HF to 65 HF today. I wanted to install the new Kamoj-addon from V5.5b19 to V5.5b27 but I can't find a link where I can download it. Can someone please tell me where to find it?
Thanks a lot
Greetings
 

irfan44

New Around Here
Hi,
I am new to this but have been using Voxel fw for a year now. Decided to go further and install Kamoj addon.
I have installed 5.5b27 on R7800 fw 1.0.2.99SF.

Testing it now and will give the feedback

Thanks @kamoj for letting me in on the beta testing.
 

yourdream

New Around Here
Hi, i used

1x r7800 with Voxels V1.0.2.98SF
2x Orbi RBR50 with V9.2.5.2.26SF
1x Orbi RBS50 with V9.2.5.2.26SF
1x EX6200
1x RBR750 with V4.6.14.3_2.3.12
1x RBS750 with V4.6.14.3_2.3.12


I'm interesst to kamoj to use the VPN benefits from kamoj's add-on!
 

irfan44

New Around Here
Voxwl fw 1.0.2.99SF
Kamoj Addon 5.5b27

I have noticed that NSS is turned off in router information page.
How to enable it?

Untitled.png
 

R. Gerrits

Senior Member
I noticed an few issues with the supervision mechanism:

- I enabled DNS supervision and selected dnsmasq + adguard.
....
Also if I do "killall AdGuardHome" then supervision newer restarts AGH.

- This morning I had an issue that AGH was not responding -> this would not be detected by simply checking if the process is still running.

tbc

To resurrect an older topic. I still occasionally run in to the situation where AdGuardHome stopped working.
And also if I reboot my R7800 then AdGuardHome does't automatically start.

In both cases I usually click on "restore config from USB" and that restarts AGH.

I didn't have time yet to gather logs.
But I was thinking about solutions so that the Supervision can more reliably detect whether AGH is working or not.

My latest thought: Can't we use nc to send an UDP packet to port 5300 to check if AGH is still listening?

A bit of googling led me to this site hxxp://dev.lab427.net/dns-query-wth-netcat.html

And if I try this from my MacBook:
Code:
echo -n -e "\x13\x37\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x13google-public-dns-a\x06google\x03com\x00\x00\x01\x00\x01" | n_c -u -w1 192.168.1.1 5300 | hexdump -C
(replace n_c with nc)
Then indeed I see a DNS query to google-public-dns-a.google.com in the query log of AGH.
and that command also gives some output.

If I for instance try with port 5301 then the command gives no output.

So it seems and ideal solution to test if AGH (or even specific upstream DNS servers) are responding.

Only now the issue:
the nc on the R7800 (supplied by busybox) is really crippled. It does not have the -u option nor the -w1 option.

according to hxxps://www.busybox.net/downloads/BusyBox.html#nc the options should be there. So did netgear then apply some patches to cripple that nc ??
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top