[blkt]

[WARNING]: This thread is only for feedback on this beta release for developers and the community's benefit.
DO NOT flash this beta release unless you understand the risks involved and device specific recovery methods.
Avoid discussions! Create threads for questions, general problems or use search; this thread is not for support.
Please list router model & revision, operating & wireless mode(s) and exact filename/firmware image flashed.

Downloads: (DD-WRT website) HTTPS & FTP (try another if a link does not work)

CLI Flash: 'cd /tmp' then 'wget {file URL}' (or 'curl -k {file URL} -o {file}') with http (not https) or ftp. Then 'write {file} linux'.

Repository: Trac SVN changelog since last build r46750 (GitHub mirror)

Notes:
• OpenVPN 2.5.2: Guides, Server, PBR, Reverse PBR, Client (see second post), Kill Switch, update tips, scripts and more.
• WireGuard 1.0.20210219/Tools: Guides, Client, Server, Advanced, PBR, KS, update tips, scripts & more. Thanks BS & egc!
• CVE-2019-14899 VPN fix (applicability depends on VPN setup) and GUI toggle since r41813.
• SmartDNS • MiniDLNA • Unbound 1.13.1 • CoovaChilli 1.6 • Tor 0.4.5.8 • OpenSSL 1.1.1k • Dnsmasq 2.85 • Privoxy 3.0.32
• In-kernel Samba (ksmbd 3.3.9+): default min/max versions changed. • WSD update • ANTFS/NTFS3 kernel mode driver++.
• CVE-2020-26147, CVE-2020-24586, CVE-2020-24587 & CVE-2020-24588 (Fragattack) fixed.

Issues:
• Show us your findings with steps to reproduce, configuration, output, logs and important information below!

Important:
• For issues provide applicable info: 'dmesg', 'cat /tmp/var/log/messages', syslog, klog, serial, strace, tcpdump, wireshark etc.
• Any firewall NAT or WAN issues, show output: 'iptables -vnL', 'iptables -t nat -vnL', 'iptables -t mangle -vnL' and /tmp/.ipt file.
• Search SVN tickets & discuss in forum before opening. Before reporting: reset & manually set up, not restore from a backup.
• Please include operating & wireless modes (e.g. Gateway, Router, AP, CB, WDS, Mesh) & relevant configuration information.

Example Template:

[Monza]

Upgraded WRT1200AC v1's from r46750 to r46772 using Brave 1.10.97 (64-bit) running on Linux Mint 20.1 OS hardwired via Cat6.

Successful update and reboot. No reset, nothing disabled prior to update, uptime approx 8 hrs, wired/wireless connected, vpn up immediately (Expressvpn). I do not use NAS. SFE, QoS and IPv6 are always disabled. OpenVPN client/DNSMasq and radios always enabled. I do not have any Apple devices.

Kernel Version Linux 4.9.269 #2620 SMP Wed May 26 12:26:36 +07 2021 armv7l

No issues with a routine update session.

[Fonzi]

WRT1900ACSv2
Coming from 46069
Config retained

Build is up 5H without any crashes. Samsung Galaxy S9+ still has the same behavior on this build. The phone connects to Wifi but after a while, the internet throughput stops. I turned on debugging on the phone.
When its not working, it states "Connected without internet" or message "Slow". Debug information is:
"Connected [ SL SL SL] f=5745 <Router Mac address>
rssi=-24 score=60 speed=SLOW
tx=15.7,0.1,0.0 rx=1.4 STAs:N/A
[;(1) (<Router MAC>=5745,-24,SLOW.0s)]

Restarting Wifi on the phone, brings it back - and then the same happens after a while.

The ARP Spoofing DMESG messages, commented by Brainslayer in the previous build - doesn't seem to come from Apple devices after all. They appear from a Raspberry PI4 that is connected to both Ethernet and Wifi.

Whats happening is that DD-WRT produces the Spoof message, because it expects the Wifi Mac-address to be the Ethernet Mac address.

The Ethernet address of the PI is set at 192.168.2.204 (Fixed address), while the Wifi address is 192.168.2.103. Its the Wifi address where DD-WRT "expects" the Ethernet MAC address and creates the "Spoofing" messages. Needless to say - the PI doesn't have an Mac randomization. So something else is at play here.

I think that might be a bug. And advice on how to investigate this further would be appreciated.

UPDATE: The router is now up 20H so I assume the unwanted crashes are history. The issue mentioned above about the PI4 is still there, and keeps pushing the Spoofing messages into the Kernel log.

UPDATE2: I mitigated the the issue with the PI4 by shutting down wifi on it. But its not ideal. The behavior does not occur with Windows machines that are also "double connected". Don't know if it is a Linux thing, having issues with DD-WRT. Seems to be related to name server. The PI4 is called "Rasp4"
Anyway, about 35+ messages in kernel log:

" arp spoofing detected ip=192.168.2.103 mac is dc:a6:32:1b:f5:b5 but should be dc:a6:32:1b:f5:b4"

At the same time DD-WRT throws the following same amount of messages into the syslog:

daemon.warn "dnsmasq-dhcp[7655]: not giving name rasp4 to the DHCP lease of 192.168.2.103 because the name exists in /etc/hosts with address 192.168.2.204"

Note that the Mac-addresses warned about are the Pi4 Wifi and Ether HW-addresses respectively.

I have 3 more PI's in my infrastructure, but they are either WIFI or ETHER only, in which case these issues do not occur.

I think this should be easily reproducible:
1. Connect a PI to both Ethernet + Wifi
2. Assign a name and fixed address (outside DHCP range) under services management/static leases to the Ethernet. (In my case 192.168.2.204)
3. Enable and connect the wifi to the same network allowing for DHCP (In my case served 192.168.2.103)

...and DD-WRT serves you messages.

[alt0134]

Upgraded WRT3200ACM from Jan.2021 build (didn't capture exact). NAS running, OpenVPN Client functioning, Apple iPhone connected, wired and wireless to VLAN's and bridge to LAN on seperate node operating as expected.

Uptime only in minutes, I rarely upgrade, but recent "reboots" caused me to just scratch and redo.

[blkt]

Build r46772 is no longer available to download. New Build - 05/28/2021 - r46788