Router: DIR-615e3
Firmware: dir615e3-firmware.bin (v3.0-r33006 std)
Kernel: Linux 3.10.107 #37311 Thu Aug 3 04:32:23 CEST 2017 mips
Status: Working
Reset: No
Notes on configuration:
DNSMasq
Virtual wireless with bridging x2
multiple DHCP server
QOS
Errors:
None
Router: DIR-825 rev B1
Firmware: dir825-firmware.bin (v3.0-r33006 std)
Kernel: Linux 3.10.107 #37293 Thu Aug 3 04:09:31 CEST 2017 mips
Status: Working
Reset: No
Notes on configuration:
Media Network
DNSMasq
Port Forwarding
Errors:
None
NOTE: With SFE enabled getting same speed as stock firmware!!
Posted: Sun Aug 13, 2017 6:59 Post subject: Re: New Build (BS) DD-WRT v3 --- build 33006 08-03-2017
Router: buffalo wzr-600dhp
Firmware: DD-WRT build 33006 08-03-2017
Kernel: Linux 3.10.107 #37279
Status: OK
Reset: YES
Errors:
OpenVPN Client does not execute script (or execution does not change routes and ip rule):
route-up "/tmp/openvpn-up.sh"
route-pre-down "/tmp/openvpn-down.sh"
down "/tmp/openvpn-down.sh"
The only one that works is (changes routes and ip rule):
up "/tmp/openvpn-up.sh"
I'm using: route-noexec or route-nopull keys
Script preload:
echo '#!/bin/sh
ip route flush table 10
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
ip route add default dev tun0 table 10
ip rule add from 192.168.1.16/28 table 10"
ip route flush cache
' > /tmp/openvpn-up.sh
chmod +x /tmp/openvpn-down.sh
I'm checking by executing command "ip rule" from administration tab expecting presence "192.168.1.16/28 to 10" in the list
It was working in few months old build, now I tried to upgrade...
WRT160NL
DD-WRT v3.0-r33006 std (08/03/17
Linux 3.10.107 #37299 Thu Aug 3 04:20:41 CEST 2017 mips
ovpn client good
----
@nmordasov
Try:
Do away with your script or make changes to it
I haven't seen anything use tun0 in long time .. probably using tun1.
You can check routing table if ovpn client is active.
Recommend:
Use the GUI to setup the ovpn client.
Example: This is what client conf shows when setup thru GUI using r33006.
~: cat /tmp/openvpncl/openvpn.conf
Basic nothing special added but policy based routing.
Main setup page DHCP starts 192.168.1.97 -- Max of 30
The 192.168.96/27 covers all clients connected to the router -- they all go thru the tunnel.
You Must Disable 'Shortcut Forwarding Engine' on main page for policy based routing to work
Your config may vary depending on server. I am connected to another dd-wrt router running
ovpn server set to push route & DNS ....not that the pushed DNS makes a difference in this case since
the wrt160nl is behind main router running unbound and all DNS goes thru it ... but that's a different story.
All clients connected to the wrt160nl will show same public IP as what ovpn server router holds.
Router: TPLINK TL-WDR3600 v1.5
Firmware: DD-WRT v3.0-r32170 std (06/01/17)
Kernel: Linux 3.10.105 #32456 Thu Jun 1 03:06:02 CEST 2017 mips
Status: operational
Reset: No (kept settings, standard reboot after update)
Errors: Acceptable --- 5 Ghz light is not on the unit, but is still functioning (WiFi works)
-- NOW ---
Router Model: TPLINK TL-WDR3600 v1.5
Firmware Version: DD-WRT v3.0-r33006 std (08/03/17)
Kernel Version: Linux 3.10.107 #37295 Thu Aug 3 04:17:17 CEST 2017 mips
Status: operational
Reset: No (kept settings, standard reboot after update)
Errors: Acceptable --- 5 Ghz light is not on the unit, but is still functioning (WiFi works)
Linksys E2100L
DD-WRT v3.0-r33006 std (08/03/17)
Linux 3.10.107 #37303 Thu Aug 3 04:23:06 CEST 2017 mips
Previous
DD-WRT v3.0-r27506 (07/09/15) std
Linux 3.10.83 #5662 Thu Jul 9 01:55:29 CEST 2015 mip
updated the WDS-AP & the WDS-Sta
NO Reset .. no changes but to enable Klogd in Services page ....didn't have such a setting in the old firmware
Seems to be working good so far. Same rate as had before.
Both are set to reboot at 03:00 every morning ... twas only way to maintain 100% service with them from
past experience... may rethink that in few days.
r33006 has been very good for all my atheros/QCA devices --- can't say the same on the old broadcom boxes though
confirming that access restrictions stopped working with this or a recent build. I had a couple non secure http "www.something.com" sites in there and they dont block anymore. I use opendns now though so I could just make personal blocks there, since it wouldn't block https anyway.
Joined: 24 Feb 2013 Posts: 1634 Location: Belgrade
Posted: Thu Aug 17, 2017 6:31 Post subject:
jmfolcik wrote:
confirming that access restrictions stopped working with this or a recent build. I had a couple non secure http "www.something.com" sites in there and they dont block anymore. I use opendns now though so I could just make personal blocks there, since it wouldn't block https anyway.
if you still have those rules you can:
Code:
cat /tmp/.ipt
to see if something is "fetched" wrong from GUI...
Disabling that new fangled Shortcut Forwarding Engine on the setup page makes the dns access restrictions work again. I don't know if its just me, but it also seems to improve the speed of the management website remotely.
Linksys E2100L
DD-WRT v3.0-r33006 std (08/03/17)
Linux 3.10.107 #37303 Thu Aug 3 04:23:06 CEST 2017 mips
Previous
DD-WRT v3.0-r27506 (07/09/15) std
Linux 3.10.83 #5662 Thu Jul 9 01:55:29 CEST 2015 mip
updated the WDS-AP & the WDS-Sta
NO Reset .. no changes but to enable Klogd in Services page ....didn't have such a setting in the old firmware
Seems to be working good so far. Same rate as had before.
Both are set to reboot at 03:00 every morning ... twas only way to maintain 100% service with them from
past experience... may rethink that in few days.
r33006 has been very good for all my atheros/QCA devices --- can't say the same on the old broadcom boxes though
All in all working pretty good but I just don't understand why the station seems forget what the heck its suppose to be doing.
This happens once or twice a day. They are still set to reboot same time once a day.
Not a big deal and wouldn't even notice the 3 second snafu if didn't see log --- it's still irritating.
WDS-AP
Aug 21 08:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 09:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 11:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 12:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 13:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 14:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 15:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 16:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 17:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 18:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 19:13:56 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 IEEE 802.11: authenticated
Aug 21 19:13:56 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 IEEE 802.11: associated (aid 1)
Aug 21 19:13:56 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 RADIUS: starting accounting session 00000008-00000000
Aug 21 19:13:56 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: pairwise key handshake completed (RSN)
Aug 21 20:13:49 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 21:13:50 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 22:13:50 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 21 23:13:50 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 22 00:13:50 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 22 01:13:50 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 22 02:13:50 South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
---
WDS-Sta
Aug 21 19:13:53 North kern.info kernel: [39628.150000] ath0: deauthenticated from 68:7f:74:ac:35:4e (Reason: 2=PREV_AUTH_NOT_VALID)
Aug 21 19:13:56 North kern.info kernel: [39631.000000] ath0: send auth to 68:7f:74:ac:35:4e (try 1/3)
Aug 21 19:13:56 North kern.info kernel: [39631.010000] ath0: authenticated
Aug 21 19:13:56 North kern.info kernel: [39631.020000] ath0: associate with 68:7f:74:ac:35:4e (try 1/3)
Aug 21 19:13:56 North kern.info kernel: [39631.020000] ath0: RX AssocResp from 68:7f:74:ac:35:4e (capab=0x411 status=0 aid=1)
Aug 21 19:13:56 North kern.info kernel: [39631.030000] ath0: associated
Aug 21 19:13:56 North kern.info kernel: [39631.050000] br0: port 3(ath0) entered forwarding state
Aug 21 19:13:56 North kern.info kernel: [39631.050000] br0: port 3(ath0) entered forwarding state
Aug 21 19:13:58 North kern.info kernel: [39633.050000] br0: port 3(ath0) entered forwarding state
EDIT:
If your wondering where the 'Aug 21 10:13:49 group key handshake' is that is another GUI mystery.
I didn't notice till after I posted. It was copied from GUI and that segment of the syslog fell at
a page break and it is NOT shown in the GUI at all.
But it's there when I checked thru terminal ...strange things these days.
Disabling that new fangled Shortcut Forwarding Engine on the setup page makes the dns access restrictions work again. I don't know if its just me, but it also seems to improve the speed of the management website remotely.
Big thanks to jmfolcik for that quick fix for getting access restriction working again in fw 33006. This version seems more better and i will stay on this now that access restriction is working.
Does any one no what the "Shortcut Forwarding Engine" on the setup page does apart from break access restriction.
Many thanks _________________ Regards
bp1
Does any one no what the "Shortcut Forwarding Engine" on the setup page does apart from break access restriction.
Yea, it also breaks ovpn client policy based routing and I think a couple other things
About all I know ... SFE bypasses NAT on established connections. Meaning you do not need
it and you don't want it unless your router cannot handle the rates your ISP gives you.
By all accounts using SFE will give you as fast across the WAN as your router's stock firmware ...some say a bit faster
WNDR3700 V4
DD-WRT v3.0-r33006 std (08/03/17)
Linux 3.18.63 #8197 Thu Aug 3 05:31:57 CEST 2017 mips
Seems recent problems have been fixed.
QOS is good.
Seems to work Ok on test router.
Also installed on WAP + guests unit -- No Reset
Also installed on switch(WiFi disabled) + ovpn server unit -- No Reset
All good.
I have been very pleased with r33006.
Checking logs on the WAP + guests on both radios and it is smooth as silk.
Its current up time is 9 days ... some power blinks here due to stormy weather.
Been running this build since BS built it and am very happy with it on the wndr3700v4.
The other with ovpn server hasn't missed a beat either.
just sharing something good for a change
Two E2100L r33006
I know this is really good compared to some older builds but why oh why does the station
enter 'disabled state' for no good reason at all at some odd time.
They both reboot at 03:13 everyday and work great but I just don't know why this
happens --- signal is not the problem.....makes my OCD itch... I just want to fix it.
WDS-Station
Aug 29 08:13:43 WDS-North daemon.debug process_monitor[962]: We need to re-update after 3600 seconds
Aug 29 08:13:43 WDS-North daemon.info process_monitor[962]: set timer: 3600 seconds, callback: ntp_main()
Aug 29 08:13:43 WDS-North user.info : cron : cron daemon successfully started
Aug 29 08:13:43 WDS-North cron.info cron[1085]: (CRON) STARTUP (fork ok)
Aug 29 08:17:32 WDS-North kern.info kernel: [ 248.290000] nf_conntrack: automatic helper assignment is deprecated and it will be removed soon. Use the iptables CT target to attach helpers instead.
Aug 29 12:45:29 WDS-North kern.info kernel: [16325.020000] br0: port 3(ath0) entered disabled state
Aug 29 12:45:30 WDS-North kern.info kernel: [16325.960000] ath0: authenticate with 68:7f:74:ac:35:4e
Aug 29 12:45:30 WDS-North kern.info kernel: [16325.990000] ath0: send auth to 68:7f:74:ac:35:4e (try 1/3)
Aug 29 12:45:30 WDS-North kern.info kernel: [16326.000000] ath0: authenticated
Aug 29 12:45:30 WDS-North kern.info kernel: [16326.010000] ath0: associate with 68:7f:74:ac:35:4e (try 1/3)
Aug 29 12:45:30 WDS-North kern.info kernel: [16326.020000] ath0: RX AssocResp from 68:7f:74:ac:35:4e (capab=0x411 status=0 aid=1)
Aug 29 12:45:30 WDS-North kern.info kernel: [16326.020000] ath0: associated
Aug 29 12:45:31 WDS-North kern.info kernel: [16327.040000] br0: port 3(ath0) entered forwarding state
Aug 29 12:45:31 WDS-North kern.info kernel: [16327.040000] br0: port 3(ath0) entered forwarding state
Aug 29 12:45:33 WDS-North kern.info kernel: [16329.040000] br0: port 3(ath0) entered forwarding state
Aug 30 02:40:12 WDS-North auth.info login[5690]: root login on 'pts/0'
-----------------
WDS-AP
Aug 29 08:13:44 WDS-South daemon.debug process_monitor[985]: We need to re-update after 3600 seconds
Aug 29 08:13:44 WDS-South daemon.info process_monitor[985]: set timer: 3600 seconds, callback: ntp_main()
Aug 29 08:13:44 WDS-South user.info : cron : cron daemon successfully started
Aug 29 08:13:44 WDS-South cron.info cron[1082]: (CRON) STARTUP (fork ok)
Aug 29 08:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 08:17:32 WDS-South kern.info kernel: [ 248.410000] nf_conntrack: automatic helper assignment is deprecated and it will be removed soon. Use the iptables CT target to attach helpers instead.
Aug 29 09:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 10:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 11:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 12:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 12:45:30 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 IEEE 802.11: authenticated
Aug 29 12:45:30 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 IEEE 802.11: associated (aid 1)
Aug 29 12:45:31 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 RADIUS: starting accounting session 00000008-00000000
Aug 29 12:45:31 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: pairwise key handshake completed (RSN)
Aug 29 13:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 14:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 15:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 16:13:45 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 17:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 18:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 19:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 20:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 21:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 22:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 29 23:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 30 00:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 30 01:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 30 02:13:46 WDS-South daemon.info hostapd: ath0: STA 68:7f:74:d7:ba:40 WPA: group key handshake completed (RSN)
Aug 30 02:38:08 WDS-South auth.info login[5695]: root login on 'pts/0'
...strange things these days.