Custom firmware build for R9000

Subscriptions

Subscribe
66 posts / 0 new
Last post
Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.4.34HF.

Changes (vs 1.0.4.33HF):

1. proftpd package is upgraded from specific version with NG changes to 1.3.6 + CVE-2019-12815 security patch.
(Plus some changes in its behavior. Issue alarmed by kamoj)​
2. DNSCrypt Proxy v.2 is upgraded 2.0.25->2.0.27 (Firefox workaround).
3. OpenSSL v. 1.0.2 package is upgraded 1.0.2s->1.0.2t.
(see https://www.openssl.org/news/openssl-1.0.2-notes.html for details)​
4. OpenSSL v. 1.0.2 package: patch to strip cflags from resulting binary is added.
5. OpenSSL v. 1.1.1 package is upgraded 1.1.1c->1.1.1d.
(see https://www.openssl.org/news/openssl-1.1.1-notes.html for details)​
6. haveged package is upgraded 1.9.4->1.9.6.
7. uci package is upgraded 2019-05-17->2019-09-01.
8. unbound package (used in stubby) is upgraded 1.9.2->1.9.3.
9. libgcrypt package is upgraded 1.8.4->1.8.5.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.

 

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.4.35HF.

Changes (vs 1.0.4.34HF):

1. minidlna package is upgraded 1.2.1->1.2.1-2018-04-10.
2. (minidlna) ffmpeg package configuration is changed (to provide more stable support of the FLAC files).
3. (minidlna) ffmpeg compilation flag conflict is fixed (now it is pure Cortex-A15 target).
4. (minidlna) libogg package is upgraded 1.3.3->1.3.4.
5. (minidlna) sqlite package is upgraded 3290000->3300100.
6. expat package is upgraded 2.2.7->2.2.9 (CVE-2019-15903).
7. unbound package (used in stubby) is upgraded 1.9.3->1.9.4 (CVE-2019-16866).
8. DNSCrypt Proxy v.2 is upgraded 2.0.27->2.0.28.
9. dnsmasq package is upgraded 2.78->2.80.
10. curl package is upgraded 7.65.3->7.66.0.
11. haveged package is upgraded 1.9.6->1.9.8.
12. libubox package is upgraded 2019-06-16->2019-10-21.
13. transmission-web-control package is upgraded 2019-04-16->2019-07-24.
14. dropbear package is changed: to allow ssh forwarding.
15. e2fsprogs package: optimization for a size.
16. patch package is added (kamoj add-on, replacement of a busybox analog).
17. coreutils sort package is added (kamoj add-on, replacement of a busybox analog).
18. etherwake package is added (kamoj add-on).
19. busybox: sort and patch are disabled.
20. OpenSSL 1.0.2/1.1.1: make an order with patches.
21. Host tools (mtd-utils): Add: glibc >= 2.28 compatibility patch.
22. Host tools (m4): Add: glibc >= 2.28 compatibility patch.
23. Host tools (squashfs4): Add: glibc >= 2.28 compatibility patch.
24. Toolchain: gdb is upgraded.
25. Development platform is changed (Debian9->Debian10: glib 2.24->2.28; gcc 6.3.0->8.3.0; etc).
26. Support of new certificates for https.
27. QoS could be updated to v1.64 Oct 23, 2019 (press [Update Now] button in GUI).
28. Plex could be updated to v.1.18.0.1913-e5cc93306 Jul 16, 2019.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.

PureLoneWolf
PureLoneWolf's picture
Hi

Hi

I hope this hasn't been covered, searching didn't bring much, but does this firmware support Local DNS Resolution so that I can access devices on my local network by name?

Many thanks

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.4.36HF.

Changes (vs 1.0.4.35HF):

1. WireGuard v. 20191212 is added (kernel module + "wg" utility).
2. libmnl package version 1.0.4 is added (used in WireGuard).
3. OpenVPN is upgraded 2.4.7->2.4.8.
4. curl package is upgraded 7.66.0->7.67.0.
5. DNSCrypt Proxy v.2 is upgraded 2.0.28->2.0.35.
6. stubby config is changed (not so strict requirements to the server).
7. unbound package (used in stubby) is upgraded 1.9.4->1.9.5.
8. e2fsprogs: CVE-2019-5094 patch is added.
9. libubox package is upgraded 2019-10-21->2019-11-24.
10. uci package is upgraded 2019-09-01->2019-11-14.
11. net-wall script is fixed to support IPv6.
12. Host tools (e2fspogs): is upgraded to 1.45.4.
WireGuard (everything from console, for advanced users):

To use it you should first load the kernel module:

insmod /lib/modules/3.10.20/wireguard.ko
After this you should use the commands: ip, route, iptables, wg. See:

https://www.wireguard.com/quickstart/

NOTE: Your iptables rules for WireGuard should be included into /opt/scripts/firewall-start.sh script​

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.
 

Voxel
Voxel's picture
New version of my custom

New version of my custom firmware build: 1.0.4.38HF.

Changes (vs 1.0.4.37HF):

1. WireGuard client support is added (tested with Integrity VPN, thanks to KW.).
2. net-wall firewall is changed to support WireGuard client.
3. hotplug2 package is changed to support automatic WireGuard client config copy from USB drive.
4. wireguard package is upgraded 0.0.20191226->0.0.20200121.
5. wireguard-tools package is upgraded 1.0.20191226->1.0.20200121.
6. ubus package is upgraded 2019-12-27->2020-01-05.
7. e2fsprogs package is upgraded 1.44.5->1.45.5.
8. curl package is upgraded 7.67.0->7.68.0.
9. DNSCrypt Proxy v.2 build scheme is changed (compilation by Go, dynamic GCC libs). Should work faster.
10. libubox package is upgraded 2019-12-28->2020-01-20.
11. Default ReadyCLOUD version is upgraded to 20190805.
12. Host tools (e2fspogs): is upgraded to 1.45.5.
13. Host tools (bison): is upgraded to 3.5.

 

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).
WireGuard client:

To start its using you should

1. Prepare the text file with name wireguard.conf defining the following values: EndPoint, LocalIP, PrivateKey, PublicKey and Port of you WireGuard client config from WG provider.

Example:
------------------------- cut here ---------------------------------------
EndPoint="wireguard.5july.net"
LocalIP="10.0.xxx.xxx"
PrivateKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
PublicKey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
Port="48574"
------------------------- cut here ---------------------------------------
NOTE: no spaces before/after "=" symbol in example above.
NOTE: the name of the file wireguard.conf is lowercase.

2. Place this wireguard.conf file to the root of USB flash drive (FAT or NTFS or EXT2/3/4).

3. Insert this flash drive into your R9000/R8900.

4. Enter by telnet to your router and set the nvram variable wg-client to 1

Code:
nvram set wg-client=1
nvram commit
5. Reboot your router.

NOTE: to disable WireGuard client starting just set wg-client to "0" and reboot the router.
NOTE: USB drive with the file wireguard.conf should not be left attached to your router. It will be copied again and again after every router reboot. Remove this file after you have WG client working.

P.S. Also you can just create the file /etc/wireguard.conf manually w/o USB drive...

Voxel.

 

Pages