-dnsmasq crash/security fix for CVE-2017-13704
-kernel fixes
-removed softether as it is not compatible with latest openssl anymore, but added a new ipsec server that uses certs, just a few clicks and you can setup vpn ikev2 with iOS or Win7, allowing to connect to your home network or tunnel all traffic through the vpn, no ipsec client support yet
I do not have time right now to sync with latest svn, thus just kept the tested revision and only added the security fixes.
Nice to see you back Sir ! _________________ My Routers - NETGEAR R7000
Firmware: DD-WRT v3.0-r40270M kongac (07/11/19)
Kernel: Linux 4.4.185 #670 SMP Thu Jul 11 02:19:39 CEST 2019 armv7l
http://www.desipro.de/ddwrt/K3-AC-Arm/ ---------------------------------------------------------------- - TP-LINK TL-WR1043ND V2
Firmware version: LEDE Reboot 17.01.4 (18/10/17)
Kernel: Linux version 4.13.3
https://downloads.lede-project.org/releases/ ---------------------------------------------------------------- http://www.ncsacademy.com/default.cfm?ref=28555
I have one R7000 loaded with 33010M Release 2017-09-16 and the "ip" command works.
I have loaded the same build to another R7000 and the "ip" command doesn't work and my custom scripts are failing. I have enlarged the "ip" shown in folder /usr/sbin but says not found?? I have tried Factory Reset & erase nvram and still the same problem.
Joined: 30 Jan 2015 Posts: 676 Location: Texas, USA
Posted: Tue Sep 19, 2017 23:18 Post subject:
There is another update on the same build from Kong today.
When I used dup it said no new firmware, means the version is the same but the bug fix that Kong mentioned probably in place.
You can force update, if you login to your router:
for example: R7000
Firmware: DD-WRT v3.0-r33010M kongac (09/19/17 _________________ ASUS GT-BE98 PRO Main: Fiber 5gbps up/down
ASUS AXE16000: AI Mesh node
2 X ASUS RT-AX89X: AI Mesh nodes
QNAP QSW-1208-8C 12-Port 10GbE Switch
XS712T ProSafe 12-Port 10GbE Switch
3 X R9000 DD-WRT Mesh
Router: 2x R7000
Firmware: 33010M (R.2017.08.09)(over 35days uptime) -> 33010M (R.2017.09.15)
Kernel: Linux 4.4.80 #422 SMP -> Linux 4.4.87 #439 SMP
Status: Both Working & Monitoring
Reset: Yes
Errors: None so far
UpTime: over an hour
#1 R7000 (WAN + HE-IPv6 + OpenVPN Client#1)
- Disabled SFE
- IPv4 + HE IPv6 via 6in4 Static Tunnel
- USB Custom Startup Script for Route Tables, OpenVPN Client & Cron Scripts
- GUI Firewall & Startup Scripts
- WiFi Disabled
- SPI with non-filtered Multicast
- WAN port -> Cable Modem
- DNSCrpyt for IPv4 & IPv6
- NTP with Blank IP
- Cron Job - Monitor WAN & OpenVPN Connections
- DDNS Custom with DNSoMatic
- 7 BRs, 9 VLANS & 7 Assignments
- SSH (WAN Access), Telnet & Syslog
- WAN Traffic Disabled
- USB Storage with Auto Mount for Scripts Only
- ebtables + ip6tables used
- YAMon 3.3.2
#2 R7000 (WiFi + OpenVPN Client#2)
- Disabled SFE
- IPv4 Only
- USB Custom Startup Script for OpenVPN Client
- GUI Firewall Script
- 2.4Ghz Radio with 3 SSIDs (BW 40Mhz)
- 5Ghz Radio with 2 SSIDs (BW 80Mhz)
- SPI with non-filtered Multicast
- WAN Port (static IP) Assignment to vlan8 -> Vlan Switch
- DNSCrpyt x4 for IPv4
- NTP with Blank IP
- Cron Job - Monitor OpenVPN Connection
- 5 BRs, 7 VLANS & 12 Assignments
- SSH (local only), Telnet & Syslog
- WAN Traffic Disabled
- ebtables used
- USB Storage with Auto Mount for Scripts & Bootstrap
- Installed Bootstrap to install ip-full package (ip command wasn't working with this build on this router see earlier post above)
UPDATE...
Kong NEW Release 2017-09-19 of Build 33010M
Updated both R7000s via ddup --flash-remote http://www.desipro.de/ddwrt/K3-AC-Arm/TEST/dd-wrt.v24-K3_AC_ARM_STD.bin command that CloneVince used. Now using Kernel Version Linux 4.4.88 #441 SMP Tue Sep 19 22:44:21 CEST 2017 armv7l. Now the "ip" command works without the need of the bootstrap package.
Thanks KONG!!
Router: 2x R7000
Firmware: 33010M (R.2017.09.19)
Kernel: Linux 4.4.88 #441 SMP Tue Sep 19 22:44:21 CEST 2017 armv7l
Status: Both Working & Monitoring
Reset: No, Firmware installed via ddup command
Errors: None so far
UpTime: minutes _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
There is another update on the same build from Kong today.
When I used dup it said no new firmware, means the version is the same but the bug fix that Kong mentioned probably in place.
You can force update, if you login to your router:
for example: R7000
I upgraded my 2 R7000s via ddup no problem. But yesterday I upgraded a family members R7000 from 33010M R.2017.08.09 to 33010M 2017.09.19, it downloaded find but during the flash process it froze at the end, I was hardwired to the router too. I ended up with an R7000 with a flashing white power LED. I was able ping it. So I went through the be-bricking procedure via tftp to get the router back.
The router had over 33 days of uptime and a number of wifi devices where connected the time. I should of disconnected all devices and rebooted the router before running ddup to update. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Has the QoS been touched in anyway? I am getting high amounts of bufferbloat now. More than without QoS enabled.
Using an R7000 with a 100/10 connection. I've set me QoS to 75/10 now to reduce bufferbloat, but it use to be 95/10.
Using HTB with FQ_CODEL
Is SFE disabled? _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339