In this case CTF feature need more sources when this function is enabled. I have the WNR3500L v2 and especially in last builds system need more power to good work. Generally capacities are utilisation without user actions. You have many users connected to router or other services utilisation sources. On CTF function packets that operate on device works on the fly. I wonder SPI + CTF it's not non-sense configuration ? Turn on firewall options via GUI and test how it works. Firewall rather is no functional when you turn on CTF. In my opinion CTF is unsecure function and I'm stay on SFE mode. Test your configuration I wonder, that's physically work ?
Hye, my friend Thommy! About my experience: CTF bring a new life to my old TP-link Archer C9 v2. I have 600mbit fiber internet and the speedtest can beat 600mbit more fast. Webpages responses more fast and i gain 20ms in ping time response.
I'm a boomer and the unique online game i play is skaterXL. The pings values are below:
SFE and CTF = Disabled = skaterXL ping is 147ms
SFE = Enabled = skaterXL ping is 127ms
CTF = Enabled = skaterXL ping is 127ms
Note: My broadcom uses MIPS structure and don't have the CTF Flow Acceleration. I use only CTF.
SFE is very fast and have the same benefits that CTF, but i have ocasional hang problems with streamings. For me, SFE is bugged with Broadcom.
The SFE is like a generic heart of Broadcom
The CTF is a official and true heart of Broadcom
It's not a miracle. If CTF or SFE is disabled, i can beat My 600mbits connection but the velocimeter increase speed more slow.
About Firewall, i belive is working. On gui is marked. Spi Fireall and Filter Multicast, etc. And multicast packages are blocked. But i dont undesrtand about firewall very well. Lets wait more people on this thread testing CTF and firewall.
Huges, and thanks for the explanations about resources consuption when CTF is on.
Firmware: v3.0-r47040 std (07/12/21)
Router/Version: Netgear R7000 Kernel: Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Previous: v3.0-r47033 std (07/08/21)
Mode/Status: AP wired and wireless / Up and running for 24 hours
Reset: Soft boot before and after upgrade
Temperatures: CPU 61.9 °C / WL0 46.8 °C / WL1 52.1 °C
Issues/Errors: Nothing significant
Updated via webif. No 'nvram erase' this time, last one was in July 2018 (r36325).
Upload and Download speeds are to ISP spec. Nothing unexpected in the syslog.
Current basic R7000 setup (subject to change of course):
- Static WAN IP
- Shortcut Forwarding Engine: CTF, Flow Acceleration: Disabled
- STP - Enabled
- IPv4 only, both WAN and LAN
- LAN DHCP Enabled
- Wireless: AP, Regulatory Domain = CANADA, wl0 Mixed (ch. 6), wl1 AC/N-Mixed (ch. 36, VHT80), AES
- 1 wireless VLAN on wl0
- SNMP disabled, SSH enabled, Telnet disabled
- Firewall enabled, Log Level high
- Syslog: to local server. klogd: disabled.
- USB support - Off
- No custom scripts
- No: ttraf, Tor, VNC, Zabbix, VPN, Radius, OpenVPN
- No: UPnP, DMZ, QoS
- No: Samba, CIFS, JFFS2, miniDLNA, Entware, Optware _________________ Netgear R7000: v3.0-r54248 std (11/29/23)
EdgeRouter-X: EdgeOS v2.0.9-hotfix 7
Joined: 26 Mar 2013 Posts: 1855 Location: Hung Hom, Hong Kong
Posted: Thu Jul 15, 2021 12:15 Post subject:
kernel-panic69 wrote:
A router was not meant to have an anti-virus since the filesystem is read-only and it's main function is to route packets. The only thing I could see a need for having anti-virus, etc. for is usb storage, but since that is usually populated by a client machine if your storage is read/write, that would be strictly dependent on said client and how secure it is. If you're downloading known nefarious code... well...
New routers do feature anti-virus solution! Not sure it's an app or actually a function in the router.... haven't studied about its mechanism!
Joined: 08 May 2018 Posts: 14129 Location: Texas, USA
Posted: Thu Jul 15, 2021 12:47 Post subject:
And this is how people get fooled into things. Marketing. I could see having it for attached USB storage; but the filesystem on the router's flash chip is read-only. There is no way to overwrite it with bad code unless it's been compromised remotely. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 26 Mar 2013 Posts: 1855 Location: Hung Hom, Hong Kong
Posted: Thu Jul 15, 2021 12:57 Post subject:
kernel-panic69 wrote:
And this is how people get fooled into things. Marketing. I could see having it for attached USB storage; but the filesystem on the router's flash chip is read-only. There is no way to overwrite it with bad code unless it's been compromised remotely.
Time will tell.... it could be just a bundled commercial to sell apps.
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Router/Version: Asus RT-AC68U H/W Version C1
Mode: WAP, Guest VLANs
File: asus_rt-ac68u-firmware.trx, Firmware: DD-WRT v3.0-r47040 std (07/12/21)
Kernel: Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Status: Main VLAN still not working. Configured with two guest VLANs (14 and 15). Wireless access for guest vlans works fine. Can't get a dhcp address through main vlan. If set manually, everything works fine. VLAN trunk through port 2. Shouldn't port 2 pvid be 1???
Router/Version: Netgear R7000
File/Kernel: netgear-r7000-webflash.bin // Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Previous/Reset: 46885 no reset
Mode/Status: WAN Router (DHCP on Cable Modem), OpenVPN Server, CTF/SFE, IPV4 only, DDNS, Guest LAN on 2,4ghz,
Issues/Errors: Up 12 hours, no issues so far
Joined: 30 Jul 2007 Posts: 33 Location: Melbourne, Australia
Posted: Mon Jul 19, 2021 8:57 Post subject:
Router/Version: Asus RT-N16
File/Kernel: dd-wrt.v24-47040_NEWD-2_K3.x-big-RT-N16.trx / Linux 4.4.274 #10583 Mon Jul 12 05:03:50 +07 2021 mips
Previous/Reset: DD-WRT v3.0-r46446 big (04/24/21) / Yes
Mode/Status: Default configuration only / In test
Issues/Errors: Router fails to reboot correctly - does not bring network back up after relatively minor configuration changes - specific example, disable DHCP server
40704-testing.txt
Description:
Details of the testing performed when observing reboot issue on RT-N16
Router/Version: Asus RT-AC56U
File/Kernel: Linux 4.4.274 #3636 SMP Sat Jul 10 12:14:12 +07 2021 armv7l
Previous/Reset: r41517, yes
Mode/Status: Unusable for me without samba, not tested it much further.
Issues/Errors:
- Samba is not working at all with win10.
- First boot after "restore defaults" behaves funny, half of the default settings are not applied (another reboot fixes this).
- Overclock is ignored, it resets the clkfreq value after each boot to 800,666, even if the bootloader's default is (this bug is in the system init, it immediately writes 800,666 to the nvram at boot). As it only overwrites it on boot a small startup script in the jffs fixes this. It boots with those values (so overclocking works), it just resets it on every boot.
Setup:
- defaults
- usb core + storage enabled
- automount to /opt
- 1 public samba share enabled (no password, no auth)
Last edited by eligrad on Tue Jul 20, 2021 0:44; edited 2 times in total