Posted: Fri May 19, 2023 6:17 Post subject: New Build - 05/18/2023 - r52596
Welcome to Broadcom r52596 beta release thread for reporting, feedback to developers & community benefit.
Please do not flash builds until installation is understood, risks involved and device specificrecovery methods.
Avoid discussions, create threads for questions, general problems or use search; this thread is not for support.
List router model & version or revision, operating & wireless modes & exact filename/firmware image flashed.
CLI Flash: 'cd /tmp' then 'wget {file URL}' (httponly) or 'curl -O {file URL}' (http, https, ftp). 'write {file} linux' then 'reboot'.
Issues, observations, and/or workarounds reported:
• WebUI: Clear history or use a portable. Temporary cache bypass: Ctrl+F5, Cmd+Shift+R or new private window/incognito.
• Please report findings with steps needed to reproduce, configuration, clients, output, logs and important information below!
Important:
• Detail issues & relevant configs, logs: syslog klog 'dmesg' 'cat /tmp/var/log/messages' nvram set console_debug=1, serial.
• Firewall NAT: 'iptables -vnL' 'iptables -t nat -vnL' 'iptables -t mangle -vnL' & 'cat /tmp/.ipt'. Misc: stracetcpdumpwireshark.
• Gremlins: reboot. cold boot. Reset & reconfigure not restore backup. Search Trac & discuss in forum before opening tickets.
• Include operating & wireless modes (e.g. Gateway, Router, AP, SB, WDS, Mesh) and applicable configurations to reproduce.
Joined: 16 Nov 2015 Posts: 6411 Location: UK, London, just across the river..
Posted: Fri May 19, 2023 6:53 Post subject:
Router Model Netgear R7000
Firmware Version DD-WRT v3.0-r52596 std (05/18/23)
Kernel Version Linux 4.4.302-st40 #9360 SMP Mon May 15 17:46:07 +06 2023 armv7l
In order to test the updated ndpi service, i decided to use long list to block ndpi, l7 and risk rules...not seeing any performance draw backs...
On this unit, Im also heaving PBR VPN x3 VLAN's...along with SmartDNS, Ad-block and long list of other firewall rules..so far so good running smooth...I also checked firewall rules at cat /tmp/.ipt iptables -t mangle -vnL, or cat /tmp/.rule to see if there are any changes, as im using all those service blocking rules...but haven't seen any change..so, where to look at...is my silly question... ...
p.s.
R7000 lsmod output
root@R7000:/tmp# lsmod
Module Size Used by
ip6_tables 9661 0
xt_DSCP 1518 1
tun 16385 2
wl 4472842 0
b5301x_srab 1778 0
b5301x_common 10655 1 b5301x_srab
et 64696 0
ctf 51086 0
softdog 1711 1
dont see :
insmod("ipt_layer7");
insmod("xt_layer7");
insmod("xt_ndpi");
insmod("xt_ndpi")
but root@R7000:~# ls -l /lib/modules/$(uname -r) | grep xt_
-rw-r--r-- 1 root root 3248 May 18 00:31 xt_DSCP.ko
-rw-r--r-- 1 root root 2360 May 18 00:31 xt_IMQ.ko
-rw-r--r-- 1 root root 5200 May 18 00:31 xt_WGOBFS.ko
-rw-r--r-- 1 root root 4272 May 18 00:31 xt_addrtype.ko
-rw-r--r-- 1 root root 1956 May 18 00:31 xt_cpu.ko
-rw-r--r-- 1 root root 2112 May 18 00:31 xt_devgroup.ko
-rw-r--r-- 1 root root 2688 May 18 00:31 xt_dscp.ko
-rw-r--r-- 1 root root 3384 May 18 00:31 xt_ipvs.ko
-rw-r--r-- 1 root root 901792 May 18 00:31 xt_ndpi.ko
-rw-r--r-- 1 root root 2992 May 18 00:31 xt_physdev.ko
nor anything positive at
iptables -t mangle -vnL
so...is the new ndip,l7,risk section is actually working on R7000 ??
but still able to ping windows-telemetry from router side...
I can see https://svn.dd-wrt.com/browser/src/router/ndpi-netfilter/ndpi-netfilter/INSTALL?rev=49984
is available for Kernel 4.4 but not functioning on R7000
tried to fiddle with some commands from the link above and if i add
modprobe xt_ndpi to firewall rules, than i can see the output of
lsmod - xt_ndpi 713132 0 ...but GUI rules still done work..
or not present anywhere i looked at...
so, yep to make those ndpi/l7/risk service blocking rules to work, I guess something is still missing on R7000 ...looking forward...to see those in action...BS could you have a look at those ?? _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Fri May 19, 2023 21:56; edited 10 times in total
Would help if someone can take off cool sunglasses and read. Changelog, since last build, is effectively listed twice.
Broken down for you in notes every single release. Maybe this is just another troll account we have plenty of these.
Yes, I read that however it's not clear what the differences are vs the previous version. I can see the code changes, but it doesn't seem to list fixes / changes in a readable manner.
Would help if someone can take off cool sunglasses and read. Changelog, since last build, is effectively listed twice.
Broken down for you in notes every single release. Maybe this is just another troll account we have plenty of these.
Not a Troll at all, sad you would assume that but I guess this is what people have been warning for about some members of the community in this forum. Anyway, I have read it and to me, it does not list differences in a readable manner. Subjective? sure. Helpful to a non-firmware programmer to understand what differences / fixes there are? Not in my opinion.
Yes, I read that however it's not clear what the differences are vs the previous version. I can see the code changes, but it doesn't seem to list fixes / changes in a readable manner.
This is what I mean. If it's not there, not a problem. It just helps to determine why I would run the update or not.
Sadly over the years there are only a few remaining experts here who can explain the code changes in layman terms, but they don't have the spare time and energy to do that.
Back to this reference https://www.asuswrt-merlin.net/changelog, it's indeed nice to have, but to me most of them are still incomprehensible. Maybe to summarize it's like "Bugfixes and performance improvements"?. New features are highlighted here anyway:
It just helps to determine why I would run the update or not.
What are you looking for specifically? New features? Faster speed? Better security? Higher reliability? You may get the answer if you provide the basic info of your router (HW & FW) and post a specific question in some other relevant subforum.
epstrada wrote:
[...] this is what people have been warning for about some members of the community in this forum [...]
Yes, I read that however it's not clear what the differences are vs the previous version. I can see the code changes, but it doesn't seem to list fixes / changes in a readable manner.
This is what I mean. If it's not there, not a problem. It just helps to determine why I would run the update or not.
Sadly over the years there are only a few remaining experts here who can explain the code changes in layman terms, but they don't have the spare time and energy to do that.
Back to this reference https://www.asuswrt-merlin.net/changelog, it's indeed nice to have, but to me most of them are still incomprehensible. Maybe to summarize it's like "Bugfixes and performance improvements"?. New features are highlighted here anyway:
Agree, I will look into contributing making these available in a more readable format listed in plain text without the urls - but it would require some collaboration with the maintainers.
epstrada wrote:
It just helps to determine why I would run the update or not.
What are you looking for specifically? New features? Faster speed? Better security? Higher reliability? You may get the answer if you provide the basic info of your router (HW & FW) and post a specific question in some other relevant subforum.
Sure, i'll post the template with my hardware and version below! I am mostly looking for wireless performance improvement as well as stability for my AC68U's - I was also experiencing some of the wireless de-authentication issues other users were reporting in the previous build] (I tried the leasetime increase fix) but this would be something I am looking to check against if it was included in the changelog or not.
epstrada wrote:
[...] this is what people have been warning for about some members of the community in this forum [...]
Joined: 26 Mar 2013 Posts: 1855 Location: Hung Hom, Hong Kong
Posted: Fri May 19, 2023 9:58 Post subject:
epstrada wrote:
Don't seem to see any changelog, is a changelog available vs the previous build? Would be good to understand the differences and fixes / changes.
You can use the BugTracker in the horizontal navigator bar above to find out what source codes have been changed. If you wanted an executive summary of important changes or even some guraantees for stability, um... assume that this kind of builds are betas and work-in-progress.
You might wanna start a new thread dedicated to this topic. It's indeed interesting.
Just to remind you, DD-WRT development team is not a big company like Micro$oft, Google, Apple, IBM, Fedora, Ubuntu, Mozilla, etc. Are you interested to run a company serving DD-WRT? Just like how Linux had gone through, in the past 20 years ...
(BTW, Caldera OpenLinux tried, it even acquired SCO Xenix, but in the end it's a failure!! Neverthelss, we have Ubuntu and Redhat.) _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Joined: 16 Nov 2015 Posts: 6411 Location: UK, London, just across the river..
Posted: Fri May 19, 2023 10:16 Post subject:
facetious reminder This is new build thread, related to the last build 52596...
do not turn it to cat pissing party, on a outlandish subject...
open a new thread related to changelog issues instead...plz _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
L7: Layer 7 telemetry filtering, add back to webUI Access Restrictions & remove from QoS.
AYB: WNDR3700v5 an attempt to fix hardware ID flashing from stock webUI or nmrpflash.
FW: Comment out, or effectively remove four obsolete nDPI entries from DD-WRT firewall.
VXLAN: Adding VXLAN support has been a primary focus for the past three releases a WIP.
log: Nomessage flag so we can include more log messages into dnsmasq, self explanatory.
no: Add nobody user account, you can use search as any other to determine a typical use.
Amount of user effort is directly related inversely proportional to amount of user complaint.
All of this can be discovered by searching forum threads, web, also reading since last build.