What's new

[Release 384/NG] Asuswrt-Merlin 384.4 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
So, I too am having issues with this release on my beloved RT-AC88U. I feel like o_O right now!

I went from release 380.69_2 to 384.4_2. After updating, I initialized and reconfigured the settings with the exception of the nat-start script. I also run a VPN client using AirVPN service but reconfigured that last. Now, both the 2.4 ghz and 5 ghz wireless worked at first however, once I put in my nat-start script for port forwarding through my VPN, everything broke. My laptop's LAN connection appears fine, as in it shows I'm connected with no issues, and wireless shows to be connected but with no internet, yet I cannot access anything on the web even through just my LAN connection. I discovered that if I rename the nat-start script so it doesn't get loaded and reboot the router, everything works again.

So it's either...

1) The 384.4_2 breaks port forwarding in which I will have to revert to 380.69_2 or try a maybe 38x.x

or

2) My nat-start script is broken (though it worked before) in which case can someone here please review it?

This is what I was using that did work.

Code:
#!/bin/sh

iptables -t nat -A POSTROUTING -s [URL='http://10.4.0.0/24']10.8.0.0/24[/URL] -o eth0 -j MASQUERADE

#Port forwarding for transmission
iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 61xxx -j DNAT --to-destination 192.168.1.x
iptables -t nat -I PREROUTING -i tun11 -p udp --dport 61xxx -j DNAT --to-destination 192.168.1.x
iptables -I FORWARD -i tun11 -p udp -d 192.168.1.x --dport 61xxx -j ACCEPT
iptables -I FORWARD -i tun11 -p tcp -d 192.168.1.x --dport 61xxx -j ACCEPT

Does my script need to be modified? Is there another method to forward a single port to a single IP on my network?

I have to this forum and everyone in this community has been invaluable. I would appreciate any assistance and recommendations on any of this.

Hi, I had same/similar issue using openvpn client connecting to AirVPN. Port forwarding wouldn't work and only machines sent through the vpn would have internet access; any machines configured to use a wan connection had no internet.

I got it working by renaming nat-start to openvpn-event - hope this helps
see https://github.com/RMerl/asuswrt-merlin/wiki/User-scripts for info

jon
 
@RMerlin, Any idea why cron is is operating in a different time zone?

I just noticed this happening when a user said his 3AM scheduled task did not execute.

results.png


I always remembered CRON using the system time zone.
For some reason it is using GMT timezone.


Code:
Mar 31 03:43:18 admin: cron time offset bug
Mar 31 03:43:27 admin: current time is Sat Mar 31 03:43:27 DST 2018
Mar 31 03:43:46 admin: cron task about to run

Mar 31 08:44:00 crond[269]: USER admin pid 28629 cmd logger $(date)
Mar 31 08:44:00 admin: Sat Mar 31 08:44:00 GMT 2018

Mar 31 03:44:37 admin: cron task just finished
Mar 31 03:44:42 admin: current time is Sat Mar 31 03:44:42 DST 2018
 
Last edited:
Sorry for the newbie question but just for being sure, as i'm not too familiar with firmware upgrade procedures, upgrading a 87U from HGG 380.57 to Merlin 384.4.2 is possible without intermediate firmwares or it is a better solution to flash a 380.69 before?
Thanks in advance.
 
Hi guys,


I have a ac68u and since I upgraded to 384.4 I have issues with I suppose WAN stability and Wi-Fi. I upgraded to 384.4_2 all ready but no diference.

I experience:
1. Verry lowand unstable bandwidth
2. Skype-calls are very bad even when on UTP cable.
3. Sometimes Wi-Fi is dropping.

I already tried a fully factory reset incl power off. Reflashed latest firmware after the factory reset again and again to be sure the router is clean. I powered off my modem to. The modem has his own Wi-Fi (I enabled it short to test stability) and other routers work fine. So it has something todo with the new firmware I suppose.

Only constant log I can Found :

Mar 31 11:19:11 kernel: DROP IN=eth0 OUT= MAC=********** SRC=5.188.11.25 DST=********* LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=11651 PROTO=TCP SPT=43210 DPT=30630 SEQ=2377157107 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0

Can someone help me with troubleshooting?
What can I do?

Verstuurd vanaf mijn ONEPLUS A3003 met Tapatalk
 
Hi guys,


I have a ac68u and since I upgraded to 384.4 I have issues with I suppose WAN stability and Wi-Fi. I upgraded to 384.4_2 all ready but no diference.

I experience:
1. Verry lowand unstable bandwidth
2. Skype-calls are very bad even when on UTP cable.
3. Sometimes Wi-Fi is dropping.

I already tried a fully factory reset incl power off. Reflashed latest firmware after the factory reset again and again to be sure the router is clean. I powered off my modem to. The modem has his own Wi-Fi (I enabled it short to test stability) and other routers work fine. So it has something todo with the new firmware I suppose.

Only constant log I can Found :

Mar 31 11:19:11 kernel: DROP IN=eth0 OUT= MAC=********** SRC=5.188.11.25 DST=********* LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=11651 PROTO=TCP SPT=43210 DPT=30630 SEQ=2377157107 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0

Can someone help me with troubleshooting?
What can I do?

Verstuurd vanaf mijn ONEPLUS A3003 met Tapatalk
And VPN is continuously reconnecting to

Verstuurd vanaf mijn ONEPLUS A3003 met Tapatalk
 
Just update to 384.4_2 and working just fine. Factory reset and configure by hand.:)
 
So this morning I woke up to no internet. Everything worked grate on 384.4_2 for the last few days. First thing was checking the system log and I'm getting every couple of minutes or so a kernel error:
Mar 31 08:38:36 kernel: DROP IN=eth0 OUT= MAC=******************** SRC=************ DST=************ LEN=40 TOS=0x00 PREC=0x20 TTL=240 ID=58436 DF PROTO=TCP SPT=19517 DPT=23 SEQ=2464954731 ACK=0 WINDOW=14600 RES=0x00 SYN URGP=0 MARK=0x828d0086
Mar 31 08:40:13 kernel: DROP IN=eth0 OUT= MAC=******************** SRC=************ DST=************ LEN=71 TOS=0x00 PREC=0x20 TTL=54 ID=18443 DF PROTO=TCP SPT=443 DPT=53522 SEQ=3375546511 ACK=2438322503 WINDOW=33 RES=0x00 ACK PSH URGP=0
Mar 31 08:42:13 kernel: DROP IN=eth0 OUT= MAC=******************* SRC=************** DST=*********** LEN=71 TOS=0x00 PREC=0x20 TTL=54 ID=18444 DF PROTO=TCP SPT=443 DPT=53522 SEQ=3375546511 ACK=2438322503 WINDOW=33 RES=0x00 ACK PSH URGP=0

Since I haven't touched anything in the routers config since installing 384.4_2 I thought a simple reboot would fix whatever the problem is. So fare I've tried rebooting from the WebUI, unplug router for a minute, turn off ABSolution and Skynet. But can't get the internet back to work. The only change I noticed on the router is the signature was updated last night to version
2.062 Updated : 2018/03/30 02:01. Could that be the issue?

Hooking the modem up to my computer works (that's how I'm connected now).
 
Hi, I had same/similar issue using openvpn client connecting to AirVPN. Port forwarding wouldn't work and only machines sent through the vpn would have internet access; any machines configured to use a wan connection had no internet.

I got it working by renaming nat-start to openvpn-event - hope this helps
see https://github.com/RMerl/asuswrt-merlin/wiki/User-scripts for info

jon

Much appreciated. I will try it out when I can and report back.
 
Updated my RT-AC3100 with the latest FW 384.4_2 yesterday, one issue found on DDNS.

I set a scheduled reboot on every Saturday morning. However, I noticed that the DDNS was enabled this morning when I login to the router. The feature was intentionally disabled after I updated the FW yesterday.
 
Sorry for the newbie question but just for being sure, as i'm not too familiar with firmware upgrade procedures, upgrading a 87U from HGG 380.57 to Merlin 384.4.2 is possible without intermediate firmwares or it is a better solution to flash a 380.69 before?
Thanks in advance.
Flash directly to 384.4_2 and Factory Reset to default after if something act weird. You coming from an old fw.
Dont imports saved settings, reconfig from beginning
 
Not sure if anyone else noticed this, but after another user posted having trouble with signature update's. I noticed mines was stuck on 2.060, while other's were reporting being updated to 2.062. No matter how I tried to update, it would tell me my signature was up to date, even after a reboot.

So, I suspected this was either a time sync issue or a DNS issue, and while I was having some noticeable time sync issue's, after fixing them, this still didn't correct my signature updating issue. I use Tenta DNS provider, who provides DoH and DNSSEC, and I was suspecting maybe DoH was the culprit since it's still new and not mainstream yet. I also had this issue with DNSCrypt, since it seems the confidential component break's certain function's with the router.

I ran 3 test to confirm it was in fact DNS causing me grief. The first test I switched between Tenta DNS OpenNIC server's and their ICANN server's, no change. 2nd test was with DNS.Watch since they only provide DNSSEC, and thing's started behaving a bit better. 3rd test I used my ISP DNS server's and my signature updated right away after I rebooted the router for the 3rd and final time. It said updated, but didn't actually finish the process until I click check for update one last time.

After doing this, I switched back to Tenta DNS OpenNIC server's and everything is still working, VPN's, name resolution, QoS. The only reason I discovered this is because I was getting QoS error's (QoS_ Registration_Failed), which usually mean's the signature need's updating.

Seem's encrypting DNS queries is the cause for all of today's issue's, should I switch to using something like unbound, or wait for wider adoption of DoH?
 
Updated to 384.4_2 without issues.

I’m trying to find the least used 5 GHz near me.

The least used 5 Ghz channels will appear to be the eight 2 digit channels (36-64 with 20 Mhz bandwidth). They appear least used (while they may not be) as they are (edit: originally) indoor use channels and are fixed to a lower power by the (edit: US) government. This is good as you are less likely to pickup any neighbours using these channels and can safely reuse with less interference.

Channels 149-161 are the higher power channels originally meant for outdoor use and so its much more likely you will see users in your neighbourhood here. If you don't want more interference try avoiding this space.
 
Last edited:
they are indoor use channels and are fixed to a lower power by the government.

Not in the US Fcc changed the rules a few years ago. Now the lower 5ghz channels are aloud the same power as the higher channels.
 
@RMerlin, Any idea why cron is is operating in a different time zone?

Does the crond notification logged after ntp sync also shows the same offset? I don't have any cron task set up at the time to check cron events, but crond does log that event with the correct time here:

Code:
Mar 31 00:14:58 dnsmasq[1193]: using local addresses only for domain lostrealm.lan
Mar 31 00:15:04 crond[369]: time disparity of 590654 minutes detected
Mar 31 00:15:06 rc_service: udhcpc 751:notify_rc start_dnsmasq

I don't know how Busybox's crond retrieves the timezone, I'd have to look at its code. What do you have in /etc/TZ?

Also, on which router? Could be a difference between 1.24 and 1.25's busybox applet.
 
@RMerlin - If I upgrade from 384.3 to 384.4 right now, what are the odds my OpenDNS server is going to get dorked? My wife is on a trip and uses that connection daily. I'd prefer to have the latest security, but should I wait until she gets home at the end of the month? Thanks. :)
 
I should have taken a screenshot......
I went to log into the admin page today & everything is suddenly in Chinese, including the login page. Now I did not make any changes. Currently have FW: 380.69. I will be updating this soon but wondering if I should be concerned & how would I check the integrity of the router?

Yikes!

You may have accidentally clicked on the language drop down and changed it to Chinese? :)
 
Status
Not open for further replies.

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top