Posted: Mon Jul 12, 2021 7:51 Post subject: New Build - 07/12/2021 - r47040
[WARNING]: This thread is only for feedback on this beta release for developers and the community's benefit.
DO NOT flash this beta release unless you understand the risks involved and device specificrecovery methods.
Avoid discussions! Create threads for questions, general problems or use search; this thread is not for support.
Please list router model & revision, operating & wireless mode(s) and exact filename/firmware image flashed.
Issues, observations, and/or workarounds reported:
• DNScrypt 1.95 can still be used in the GUI, but v2 (not compatible) requires Golang and thus Entware. #6246
• WDS does not work on Broadcom ARM devices(only MIPS<->MIPS) & bridge modes on k4.4 devices may sometimes work
in some configurations for certain builds but are not supported by the bcmdhd driver. Use client or repeater instead.
• VAPs not working at bootfixed for unbridged VAPs in40562 - 40566. Effective startup commandsdiscussion thread is here.
• If start-up scripts do not work from USB add a delay, e.g. wait script or 'sleep 25'.
• Broadcom ARM devices if 5 GHz channels are missing, via Telnet/SSH: 'nvram set brcm_unlock=1' 'nvram commit' 'reboot'
• Show us your findings with steps to reproduce, configuration, output, logs and important information below!
Important:
• For issues provide applicable info: 'dmesg', 'cat /tmp/var/log/messages', syslog, klog, serial, strace, tcpdump, wireshark etc.
• Any firewall NAT or WAN issues, show output: 'iptables -vnL', 'iptables -t nat -vnL', 'iptables -t mangle -vnL' and /tmp/.ipt file.
• Search SVN tickets & discuss in forum before opening. Before reporting: reset & manually set up, not restore from a backup.
• Please include operating & wireless modes (e.g. Gateway, Router, AP, CB, WDS, Mesh) & relevant configuration information.
Router/Version: Netgear r6700v3
Kernel: Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Previous: r47000
Mode Gateway, Wireless AP, CTF & FA Enabled. NAT and QOS Off.
Issues: none.
Status Working well so far.
Temperatures CPU 76.4 °C / WL0 48.2 °C / WL1 56.9 °C
Gigabit connection (1000/500) speedtests:
LAN - 950 Down / 480 Up
Wi-Fi 5.7GHz - 400 Down / 450 Up
Router/Version: Netgear R6250
Firmware: DD-WRT v3.0-r47040 std (07/12/21)
Kernel: Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Mode: Gateway, Wireless AP, unbound
Reset: No, not this time
Previous : r47033
Upgrade: Web and 1st succeed without reset.
Temperatures CPU 77.5 °C / WL1 56.3 °C
Load: 0.09, 0.16, 0.08
Uptime 2.5h
Errors: No, not at this moment.
WAN: DHCP
MTU:1500 Auto
Shortcut Forwarding Engine: CTF
Flow Acceleration: CTF & FA
STP: Disable
DHCP Server Enabled - Running
Samba Disabled
WRT-radauth Disabled
WRT-rflow Disabled
MAC-upd Disabled
CIFS Automount Disabled
Sputnik Agent Disabled
USB Support Disabled
Router/Version: ASUS RT-AC56U
File/Kernel: DD-WRT v3.0-r47040 std (07/12/21) / Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Previous/Reset: DD-WRT v3.0-r47033 std (07/08/21) / no
Mode/Status: Gateway, WireGuard, QoS Off
Issues/Errors:
Router's ports became inaccessible after selecting CTF or CTF & FA for Flow Acceleration, WAN port also not working, PC report Host Unreachable and timeouts when pinging, and that the cable isn't plugged in. Only can access the router from WAP. I have another AC56U with r47033, same thing. Tried NVRAM reset too, same. After disabling Flow Acceleration the router starts working again. Tried several times.
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Tue Jul 13, 2021 5:32 Post subject: Samba problem in builds after 46979 *SOLVED*
OH well, I guess I figured it out!
ksmbd or ksmbd.mountd did NOT bind directly to network interfaces, but to wsdd2!!!!
I compared /usr/sbin/wsdd2 and /usr/sbin/ksmbd.mountd in both build 46979 and build 47040. Turned out that wsdd2 are the same, but NOT ksmbd.mountd.
So I copied ksmbd.mountd from 46979 to 47040. Then I manually killed ksmbd by process ids without using servicestop, thus keeping wsdd2 running. Then I manually started the copied ksmbd.mountd, Samba problem was *SOLVED*, no connection error from Win 10, no netlink errors in DD-WRT's syslog.
Question:
Why can't ksmbd.mountd bind BOTH directly to network interfaces as well as WSDD2? It's more flexible from users' point of view. Any bugs in WSDD2 would not affect the whole Samba service.
BTW, please also read reply if you knew the answer to this question:
Router/Version: Netgear R7000
File: netgear-r7000-webflash.bin
Firmware: DD-WRT v3.0-r47040 std (07/12/21) (prev. DD-WRT v3.0-r47033 std (07/08/21))
Kernel: Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Mode: Gateway, Wifi disabled, Wireguard for external access, WAN to DSL, Keep Alive reboot 5:00 in the morning
Reset: No
Status: Ok, up 0:32h.
Router/Version: Asus RT-N66U
File: dd-wrt.v24-47040_NEWD-2_K3.x-big-RT-N66U.trx
Firmware: DD-WRT v3.0-r47040 big (07/12/21) (prev. DD-WRT v3.0-r47033 big (07/08/21))
Kernel: Linux 4.4.274 #10583 Mon Jul 12 05:03:50 +07 2021 mips
Mode: Gateway, Wifi disabled, WAN disabled, Wireguard Endpoint for external VPS, connected via LAN to R7800, Keep Alive reboot 6:05 in the morning
Reset: No
Status: Ok, up 0:47h.
Joined: 16 Mar 2019 Posts: 353 Location: Szczecin, Poland EU
Posted: Tue Jul 13, 2021 15:19 Post subject: New Build - 07/12/2021 - r47040
Router: Netgear WNR3500L v2
Kernel: Linux 4.4.274 #10571 Mon Jul 12 04:29:02 +07 2021 mips
Previous: r47033
Mode: Internet gateway, WIFI AP, Dns server (dnsmasq)
Issues: Poor WAN port performance. On sfe ~260 mbit/s. After OC main CPU to 533 internet speed is good.
Reset: No
Status: Working
Uptime: 24h
I'm update firmware via ssh. Router work in good performance after OC main CPU. In sfe mode on stock clock WAN performance is ~260 mbit/s download. CTF is usable and speed of connection is a bit better. I'm not enthusiast of CTF, that is unsecure option in my opinion. Generally device work good.
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Tue Jul 13, 2021 15:22 Post subject: Re: New Build - 07/12/2021 - r47040
thommy181 wrote:
I'm update firmware via ssh. Router work in good performance after OC main CPU. In sfe mode on stock clock WAN performance is ~260 mbit/s download. CTF is usable and speed of connection is a bit better. I'm not enthusiast of CTF, that is unsecure option in my opinion. Generally device work good.
I think it would bypass a lot of tools, including iptables and possibly virus scanners.
BTW, it would be interesting if DD-WRT features ClamAV in the future for routers with lots of RAM.
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Tue Jul 13, 2021 16:17 Post subject:
I didn't think CTF was available on MIPS, only on ARM. Either way, CTF is native Broadcom just like SFE is native Atheros. Both only bypass the firewall for certain packets only. A router was not meant to have an anti-virus since the filesystem is read-only and it's main function is to route packets. The only thing I could see a need for having anti-virus, etc. for is usb storage, but since that is usually populated by a client machine if your storage is read/write, that would be strictly dependent on said client and how secure it is. If you're downloading known nefarious code... well... _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 16 Mar 2019 Posts: 353 Location: Szczecin, Poland EU
Posted: Tue Jul 13, 2021 20:24 Post subject:
In this case CTF feature need more sources when this function is enabled. I have the WNR3500L v2 and especially in last builds system need more power to good work. Generally capacities are utilisation without user actions. You have many users connected to router or other services utilisation sources. On CTF function packets that operate on device works on the fly. I wonder SPI + CTF it's not non-sense configuration ? Turn on firewall options via GUI and test how it works. Firewall rather is no functional when you turn on CTF. In my opinion CTF is unsecure function and I'm stay on SFE mode. Test your configuration I wonder, that's physically work ?