Custom firmware for R7800 to extend its functionality

392 posts / 0 new
Last post
Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.59SF.

Changes (vs 1.0.2.54SF):

1. Integration of changes from the stock v. 1.0.2.58.
2. OpenSSL is upgraded 1.0.2o->1.0.2p (CVE-2018-0732, CVE-2018-0737).
3. dnsmasq: dnsmasq.conf options optimized.
4. ntpclient: init script is changed (automatization of setting date for OpenVPN client).
5. dbus package is upgraded 1.12.8->1.12.10.
6. ubus package is upgraded 2018-01-16->2018-07-26.
7. libubox package is upgraded 2018-06-07->2018-07-25.
8. uci package is upgraded 2018-03-24->2018-08-11.
9. e2fsprogs package is upgraded 1.43.9->1.44.4.
10. util-linux package is upgraded 2.32->2.32.1.
11. ffmpeg package is upgraded 3.2.10->3.2.12.
12. libgpg-error package is upgraded 1.27->1.32
13. Firewall: user can keep own iptables seetings in /opt/scripts/firewall-start.sh
14. /sbin/cloud Changes of PATH.
15. Temporary fix for NG's bug (Attached Device List) is removerd (is working now).
16. /etc/profile default profile is changed (no PATH for /opt/bin:/opr/sbin). Entware users should set the PATH for Entware in /root/.profile file.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

NOTE 1: Most probably no reset is needed to upgrade from my previous versions. But if you face problems it is better to perform reset.

NOTE 2: Info for Entware users. /etc/profile default profile is changed (no PATH for Entware is set by default, i.e. /opt/bin:/opr/sbin). Set the PATH for Entware in /root/.profile file, something like:
 

Code:
export PATH=/opt/bin:/opt/sbin:/bin:/sbin:/usr/bin:/usr/sbin


Voxel.

d3n3b
d3n3b's picture
Hi Voxel, hi everyone,

Hi Voxel, hi everyone,

Since 1.0.2.53SF, (transmission package 2.94) there is some difficulties with torrent trackers SSL connection. General symptoms are "Scrape" or "Announce error": Could not connect to tracker. The problem occurs on various trackers. Could You give me some hints?

Thanks

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.60SF.

Changes (vs 1.0.2.59SF):

1. Partial rollback: integrated binaries and kernel objects from the stock 1.0.2.58 are reverted back to 1.0.2.52
(except net-cgi, trafficmeter, ookla, greendownload) to avoid probelms with Wi-Fi stability.
2. expat package is upgraded 2.2.5->2.2.6.
3. at package is upgraded 3.1.20->3.1.23.
4. curl package is upgraded 7.61.0->7.61.1.
5. ethtool package is upgaded 4.17->4.18.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting and testing Wi-Fi stability).

NOTE: Most probably no reset is needed to upgrade from my previous versions. But if you face problems it is better to perform reset.

Voxel.
 

randytsuch
randytsuch's picture
I made some instructions for

I made some instructions for a few things, telnet, SSH (PC and MAC), Entware and OpenVPN Server

https://sites.google.com/view/netgear-r7800/home

Hopefully these will help if you're having problems figuring this out.

 

kamoj
kamoj's picture
Thank you very much for your

smileyThank you very much for your guides and attitude!smiley

MannyLNJ
MannyLNJ's picture
I'm using Private Internet

I'm using Private Internet Access as my VPN. I would like to route all traffic through it. They have instructions for Linux CLI with OpenVPN at https://www.privateinternetaccess.com/helpdesk/guides/desktop/linux/linu... can someone please assist me with configuring my router to work with this?

Voxel
Voxel's picture
I'm using Private Internet

I'm using Private Internet Access as my VPN. I would like to route all traffic through it. They have instructions for Linux CLI with OpenVPN at https://www.privateinternetaccess.com/helpdesk/guides/desktop/linux/linu... can someone please assist me with configuring my router to work with this?

 

Probably the best choice for you is to try following this instruction:
 

https://www.myopenrouter.com/article/how-set-openvpn-client-netgear-r900...

 

It is for R9000, but the same for R7800.

Voxel.

jprgomet
jprgomet's picture
Using voxel fw from day 1

Using voxel fw from day 1 more than a year now. Like it very much.

But having "problems" with torrent/transmission. All the files downloaded are root owned. Read only from shares. And I would like to delete/move/rename. That means that I have to take the USD drive out of the router, connect it to linux box (as is ext4 formated) and chmod files. Is it possible to run transmission on startup as a admin so when logged in share as admin I can delete. Or is there other way to make transmission downloads 777?

Thank you!

jprgomet
jprgomet's picture
Got reply from Voxel. I just

Got reply from Voxel. I just use connect as on readyshare, with root as user and admin password. And it works :) It was so easy I did not saw it :) 

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.61SF.

Changes (vs 1.0.2.60SF):

1. stubby package is added to provide DNS-over-TLS support:

to enable stubby run the commands from telnet/ssh console:
 
nvram set stubby=1
nvram commit

and reboot your router; to disable stubby run the commands from telnet/ssh console:

nvram set stubby=0
nvram commit

and reboot your router.​

2. getdns, unbound, yaml, ca-certificates packages are added (stubby dependences).
3. sqlite3 package is upgraded 3230100->3240000.
4. liblz4 package is upgraded 1.8.2->1.8.3.
5. sysstat package is upgraded 11.0.4->11.6.4.
6. ubus package is upgraded 2018-07-26->2018-10-06-221ce7e7.
7. libevent2-pthreads packages is removed (not used).
8. Toolchain: binutils version is upgraded to 2.31.1.
9. Host tools: two components are upgraded.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

So important notes:

1. stubby (DNS-Over-TLS) is already included into firmware (not necessary to install add-on). To enable stubby run the commands from telnet/ssh console:

nvram set stubby=1
nvram commit

and reboot your router; to disable stubby run the commands from telnet/ssh console:

nvram set stubby=0
nvram commit

and reboot your router. Currently it is configured to use Cloudflare servers (DoT). You may customize your config file:

/etc/stubby/stubby.yml 

2. dnscrypt-proxy (v. 1) is left in firmware (will be removed in the next release). If both (dnscrypt-proxy and stubby) are enabled, stubby has higher priority and dnscrypt-proxy will be stopped.

Voxel.

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.62SF.

Changes (vs 1.0.2.61SF):

1. OpenSSL package is upgraded 1.0.2p->1.0.2q.
2. DNSCrypt Proxy v.2 (2.0.19) is included into firmware:

to enable DNSCrypt Proxy v.2 run the commands from telnet/ssh console:
 
nvram set dnscrypt2=1
nvram commit

and reboot your router;
to disable DNSCrypt Proxy v.2 run the commands from telnet/ssh console:

nvram set dnscrypt2=0
nvram commit

and reboot your router.​

3. ipset package and its dependences are added into firmware.
4. unbound package (used in stubby) is upgraded 1.8.1->1.8.3.
5. wget package is upgraded 1.19.5->1.20.
6. util-linux package is upgraded 2.32.1->2.33.
7. haveged package is upgraded 1.9.2->1.9.4.
8. ethtool package is upgaded 4.18->4.19.
9. libjpeg package is upgraded 9a->9c.
10. curl package is upgraded 7.61.1->7.62.0.
11. libgcrypt package is upgraded 1.8.3->1.8.4.
12. libubox package is upgraded 2018-07-25->2018-11-16.
13. sqlite package is upgraded 3240000->3250300.
14. jq package is upgraded 1.5->1.6.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

NOTES:

1. stubby (DNS-Over-TLS) is already included into firmware. To enable stubby run the commands from telnet/ssh console:

nvram set stubby=1
nvram commit

and reboot your router; to disable stubby run the commands from telnet/ssh console:

nvram set stubby=0
nvram commit

and reboot your router. Currently it is configured to use Cloudflare servers (DoT). You may customize your config file:

/etc/stubby/stubby.yml

2. DNSCrypt Proxy v.2 is already included into firmware. To enable DNSCrypt Proxy v.2 run the commands from telnet/ssh console:

nvram set dnscrypt2=1
nvram commit

and reboot your router;
to disable DNSCrypt Proxy v.2 run the commands from telnet/ssh console:

nvram set dnscrypt2=0
nvram commit

and reboot your router. Currently is is configured to use Cloudflare, ipredator, scaleway-fr, dnscrypt.eu-nl, dnscrypt.eu-dk. You may customize your config file /etc/dnscrypt-proxy-2.toml to add/remove your selected servers.

3. If both (stubby and DNSCrypt Proxy v.2) are enabled, stubby has highest priority (it will shutdown all dnscrypt (v1 and v2)). DNSCrypt Proxy v1 if still used has lowest priority.

Voxel.

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.63SF.

Changes (vs 1.0.2.62SF):

1. Integration of changes from the stock v. 1.0.2.62 including:

  • a login password enhancement in the router web interface to support a more secure password (no saving passwords in NVRAM in the plain text form).
  • fixing the issue where the speed test in the QoS page always displays a zero number.
  • 22 QoS packages are changed to provide synchronization with a latest version (so even if your QoS page displays "Release Date: October 23, 2017": de facto there are a lot of changes in the QoS internals).

2. dropbear: security issue CVE-2018-15599 is fixed, see:

for details.
3. curl package is upgraded 7.62.0->7.63.0.
4. dbus package is upgraded 1.12.10->1.12.12.
5. e2fsprogs package is upgraded 1.44.4->1.44.5.
6. jansson package is upgraded 2.11->2.12.
7. libgpg-error package is upgraded 1.32->1.34.
8. libxml2 package is upgraded 2.9.8->2.9.9.
9. sqlite package is upgraded 3250300->3260000.
10. wget package is upgraded 1.20->1.20.1.
11. dnsmasq: synchronization of codes with stock 1.0.2.62 (R9000 codes were used in my previous version).
12. OpenSSL: old libraries 0.9.8 are added to fix NG bug (/bin/fbwifi).
13. NG Downloader: ftp/http downloading issue is fixed.
14. NG bugs corrections fixed in my previous versions are included.
15. NG version of OpenVPN client is removed (conflicting with my version of OpenVPN client).
16. Funjsq service is removed:

Guys from China: I am really sorry, please use a stock version if you need exactly this version of OpenVPN client, my knowledge of Chinese is close to zero to understand this service description/features from this: https://www.funjsq.com/

17. Toolchain: gdb is upgraded to 8.2.1.
18. Host tools: two components are upgraded.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Thanks to percy3 for his help with testing.

P.S.

There are several opinions found by me in Internet that Voxel’s FW is just a stock firmware with a bit more attractive icons. I cannot provide full statistics but FYI: stock firmware is using third party GPL packages, about 143 of them are used in my version. And about 105 of them are upgraded/changed/added/bugfixed. So I think that at least 73 per cents of firmware internals is different. This is w/o accounting specific changes such as different toolchain/host-tools or optimized for IPQ806x compiler options, -O2, boosting OpenSSL etc. Just FYI. My version is my vision re: what I’d like to have from a stock firmware.

Voxel.

harbinger756
harbinger756's picture
Hi Voxel, first off I want to

Hi Voxel, first off I want to say thanks for producing you firmware for the R7800.

The Netgear .62 release of the firmware has a DNS bug which is documented here:

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7800-Latest-Fir...

and here:

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Can-t-reach-Inte...

I have experienced the same issues as the users in these threads so am reluctant to upgrade to your .63SF version as it's based on the .62 Netgear version. Do you know if your version suffers the same problems? or maybe even you could fix the issue for us?

Once again, thanks for all the great work you've done.

 

Voxel
Voxel's picture
I have experienced the same

I have experienced the same issues as the users in these threads so am reluctant to upgrade to your .63SF version as it's based on the .62 Netgear version. Do you know if your version suffers the same problems? or maybe even you could fix the issue for us?
 

Seems it is really fixed in my version:
 

https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-...

Once again, thanks for all the great work you've done.

 

You are welcome.

Voxel.

Voxel
Voxel's picture
The Netgear .62 release of

The Netgear .62 release of the firmware has a DNS bug which is documented here:

 

By the way, could somebody inform people on NG forum alarming this problem  that this issue could be fixed using my build? Now guys just inform that OK, no such problem in 1.0.2.63SF and forget to help other users facing this isue....

Voxel.

kamoj
kamoj's picture
Ok, done 

Ok, done cheeky

Christianhchuk
Christianhchuk's picture
Hi Voxel and Everyone,

Hi Voxel and Everyone,

Really appreciate all of your work on this. I just got my R7800 six days ago, and initially, with upgraded NG firmware (V1.0.2.62), I was getting dropouts and strangely slow speed (I did try factory reset and called customer service, which was not very helpful). I then upgraded, in order, to your .62SF and now .63SF firmware. NOW, my 5ghz band is stable, but my 2.4Ghz band is dropping pretty often. I have posted a graph below from NetSpot during the past 30 min. As you can see, the signal is fine on 2.4Ghz (orange line) but that sucker DROPS. 

I have also posted what my dropouts looked like with .62SF, below the first image. That SEEMED to have less dropouts, but that could be for other reasons I'm not aware of.

Have you seen anything like this? My old WNDR4500v2 rarely disconnected, so I'm frustrated. Any suggestions are very appreciated. I've tried the following:

  • Checking channel traffic (Currently on channel 3, and nobody else is currently on that channel)
  • Disabled MU-MIMO
  • Disabled QOS
  • Factory Reset
  • Switching FW (Again, yours provided a noticable improvement)

 

Image of .63SF

Image of .62SF

e38BimmerFN
e38BimmerFN's picture
What channels are you using

What channels are you using on 2.4Ghz? 

Any other neighbors near by? If so, how many and what channels are they using?

Any other 2.4Ghz wifi singles near by or 2.4Ghz devices near by?  

Christianhchuk
Christianhchuk's picture
Thanks for getting back to me

Thanks for getting back to me. So right now it is on Channel 3, and there is one very weak signal also on that channel. I do have an Epson printer nearby as well (probably 3 feet away) that runs on 2.4, but it has been in sleep mode for several days. That's the only other device close by using the 2.4 band.

Tonight has been a different story (see below), with only 1 dropout for about 10 seconds, coincidentally about the time I shut down my desktop (wired connection). I HOPE it continues this way, although I don't like not knowing what caused the very frequent cutouts before. I'll stop posting until I have something more definitive to share. 

 

angryRant Warning: This unit has been sluggish from the start, the S/N came up as invalid, and now I can't add it to MyNetgear account because a support agent added it for me (don't ask) thus cannot open a ticket online. Just for the headache alone I'm considering just sending this one back. 

e38BimmerFN
e38BimmerFN's picture
You need to be using primary

You need to be using primary channels 1, 6 or 11. Not sub channels used by the router. 

 

If your having serial # issues then I would contact NG support about it to make sure your router and # is valid and correct for support resources. 

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.64SF.

Changes (vs 1.0.2.63SF):

1. Attempt to fix the issue with ReadyCLOUD in AP mode.
2. Default ReadyCLOUD version is upgraded 20170914->20180619.
3. Fixing the issue with OpenVPN server (WebGUI).
4. OpenVPN is upgraded 2.4.6->2.4.7.

5. tar package is upgraded 1.30->1.31.
6. curl package is upgraded 7.63.0->7.64.0.
7. unbound package (used in stubby) is upgraded 1.8.3->1.9.0.
8. getdns package (used un stubby) is upgraded 1.4.2->1.5.0.
9. stubby package is upgraded 0.2.3->0.2.4.
10. libsodium package (used in dnscrypt-proxy v.1) is upgraded 1.0.16->1.0.17.
11. libvorbis package is upgraded 1.3.5->1.3.6.
12. ffmpeg package is upgraded 3.2.12->3.4.5.
13. busybox package: patch command is added.
14. busybox package: dos2unix/unix2dos commands are added.
15. Host tools: two components are upgraded (bison, sed).

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

 

Voxel.

 

kinakuta
kinakuta's picture
@Voxel:

@Voxel:

Thank you for all your great work, I love your FW and I've been using it from the start, it's gotten better and better and it's way faster using the OpenVPN client than DD-WRT or stock FW.

Lately, I've been playing around with Wireguard, since my VPN provider (NordVPN) added Wireguard for beta testers and it's blazingly fast. Granted, there are some things to be aware of when using Wireguard, but I'd love to test it on my R7800.

Do you think that's something you would consider adding to your FW or make possible via Entware at any time in the future? Do you have any experience with Wireguard?

Best,
Randy

kinakuta
kinakuta's picture
Oh, and here's some good info

Oh, and here's some good info from the DD-WRT Wiki, since it's been incorporated into the GUI for DD-WRT: https://wiki.dd-wrt.com/wiki/index.php/The_Easiest_Tunnel_Ever

kamoj
kamoj's picture
https://www.snbforums.com
kinakuta
kinakuta's picture
Hmm, too bad. I really don't

Hmm, too bad. I really don't want to switch to DD-WRT just to play around with it, but testing speeds show a huge, I mean HUGE improvement compared to OpenVPN, so I just might have to say goodbye to Voxel's FW... :-(

mstrzelec
mstrzelec's picture
Hello everyone,

Hello everyone,

Many thanks for the firmware, I am having an issue on R7800 (installed 64SF now, used entware: https://www.voxel-firmware.com/Downloads/Voxel/Entware/entware-cortex-a1...) with opkg however - when trying to do opkg update I get this:

root@R7800:~$ opkg update
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09-rc1/ipq806x/gener....
Collected errors:
 * opkg_download: Failed to download http://downloads.openwrt.org/attitude_adjustment/12.09-rc1/ipq806x/gener... Error.
 

Checking the link in browser shows a) there is no rc1 in 12.09 and b) there is no ipq806x .

Now I guess I did something wrong, but got stuck and can't figure out - please, if you know or have any idea, let me know where I messed it up.

Many thanks again,

Marcin

Voxel
Voxel's picture
root@r7800:~$ opkg

root@R7800:~$ opkg update
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09-rc1/ipq806x/gener....
Collected errors:

 

See this, NOTE 2:

https://www.myopenrouter.com/comment/43324#comment-43324

 

i.e. use not just "opkg: but full path to /opt/bin/opkg:

 

/opt/bin/opkg update

/opt/bin/opkg upgrade

/opt/bin/opkg install <package_name>

(by default /opt/bin is not in the PATH).

Voxel.

Voxel
Voxel's picture
 
 
New version of my custom firmware build: 1.0.2.65SF.
 
Changes (vs 1.0.2.64SF):
 
1. dropbear package is upgraded 2018.76->2019.78.
2. OpenSSL package is upgraded 1.0.2q->1.0.2r.
3. DNSCrypt Proxy v.2 is upgraded 2.0.19->2.0.22.
4. unbound package (used in stubby) is upgraded 1.9.0->1.9.1.
5. curl package is upgraded 7.64.0->7.64.1.
6. util-linux package is upgraded 2.33->2.33.1.
7. ca-certificates package is upgraded 20180409->20190110.
8. libubox package is upgraded 2018-11-16->2019-02-27.
9. tar package is upgraded 1.31->1.32.
10. libgpg-error package is upgraded 1.34->1.36.
11. ffmpeg package is upgraded 3.4.5->3.4.6.
12. proftpd: read access issue for admin user is fixed (NG bug).
13. Toolchain: binutils version is upgraded to 2.32.
 
The link is:
 
https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).
 
Voxel.
 

 

 

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.66SF.

Changes (vs 1.0.2.65SF):

1. wget package is upgraded 1.20.1->1.20.3.
2. sqlite package is upgraded 3260000->3270200.
3. getdns package (used in stubby) is upgraded 1.5.0->1.5.2.
4. stubby package is upgraded 0.2.4->0.2.6.
5. DNSCrypt Proxy v.2 is upgraded 2.0.22->2.0.23.
6. usb-modeswitch package is upgraded 2014-08-26->2017-12-19.
7. usb-modeswitch-data is upgraded 20150115->20170806.
8. proftpd: typo bug is fixed.
9. OpenVPN client: lacking "default turbo mode" issue is fixed (reported by kamoj).
10. congestion control algorithm is changed to westwood+.
11. rmem_max/wmem_max/defaults values are decreased to avoid bufferbloat issues (note: use QoS and limit your max speed for good results in dslreports site).
12. DNSCryps Proxy V1 and its dependence libsodium are removed.
13. CDC/RNDIS USB LTE modem (HiLink) support scheme is significantly changed.
14. OpenSSH client is available for downloading as an addon (useful for Reverse SSH Tunneling, much faster than dropbear).
installation: "/bin/opkg install openssh-client_8.0p1-1_ipq806x.ipk"

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.2.67SF.

Changes (vs 1.0.2.66SF):

1. OpenSSL v. 1.1.1c package is added.
2. OpenSSL v. 1.0.2 package is upgraded 1.0.2r->1.0.2s.
3. OpenVPN package is changed to use OpenSSL v. 1.1.1.
4. OpenVPN server(s) is(are) slightly optimized.
5. OpenVPN client now could be used simultaneously with OpenVPN server(s) (no necessity to disable server(s) from GUI).
6. unbound package (used in stubby) is changed to use OpenSSL v. 1.1.1.
7. getdns package (used in stubby) is changed to use OpenSSL v. 1.1.1.
8. Because of "6." and "7.": stubby is set to support TLSv1.3 with cloudflare (DoT).
9. wget package is changed to use OpenSSL v. 1.1.1.
10. transmission package is changed to use OpenSSL v. 1.1.1.
11. curl package is upgraded 7.64.1->7.65.0.
12. curl package is changed to use OpenSSL v. 1.1.1.
13. opkg package is changed to use OpenSSL v. 1.1.1.
14. uci package is upgraded 2018-08-11->2019-05-17.
15. openssh-client add-on is changed to use OpenSSL v. 1.1.1.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.

Pages