Informacje o pliku
Asuswrt-merlin is a customized version of Asus's firmware. The goal is to provide bugfixes and minor enhancements to Asus's firmware, with also
a few occasional feature additions. This is done while retaining the look and feel of the original firmware, and also ensuring that the two codebases remain close enough so it will remain possible to keep up with any new features brought by Asus in the original firmware.
This project's goal is NOT to develop yet another firmware filled with many features that are rarely used by home users - that is already covered by other excellent projects such as Tomato or DD-WRT. This more conservative approach will also help ensuring the highest level of stability possible. Priority is given to stability over performance, and performance over features.
Supported devices are:
- RT-N66U
- RT-AC66U
- RT-AC56U
- RT-AC68U
- RT-AC68P
- RT-AC87U
- RT-AC3200
- RT-AC88U
- RT-AC3100
- RT-AC5300U
Co nowego w wersji 384.5 Zobacz listę zmian
Dodano
384.5 (13-May-2018)
- NEW: Merged withh GPL 384_20648
- NEW: Merged RT-AC68U, RT-AC5300 binary blobs from 384_20648
- NEW: Merged RT-AC86U SDK and binary blobs from 384_20648
- NEW: service-event script, executed before any service
call is made. First argument is the event (typically
stop, start or restart), second argument is the target
(wireless, httpd, etc...).
Note that this script will block the execution of
the event until it returns.
- NEW: Added USB HID modules (for use with devices such
as UPS)
- NEW: Added ip6tables-save command.
- CHANGED: Updated OpenVPN to 2.4.6.
- CHANGED: Updated Dropbear to 2018.76.
- CHANGED: Updated Openssl to 1.0.2o.
- CHANGED: Updated miniupnpd to version 2.1 (20180508).
- CHANGED: Updated nano to 2.9.5.
- CHANGED: Moved RT-AC86U to the same Busybox version (1.25.1)
as other models.
- CHANGED: Revised OpenVPN server options:
o Removed "TLS Reneg time" (rarely used, can manually
be set as a custom option)
o Removed "Server Poll" (which didn't work
properly), and reimplemented watchdog service,
hardcoded to 2 mins frequency.
o Removed "Push LAN" and "Redirect Gateway",
replaced with new Client Access setting
o Removed Firewall setting (firewall rules are now
always created, and the broken External mode
was fixed and integrated into the new Client
Access setting). You can now use the postconf
script to override it.
o Removed option to respond to DNS queries - enabling
the option to Push DNS will also handle it
o Added new Client Access setting to select between
three types of access: LAN only, WAN only (will
block access to the LAN, including the router
itself) and LAN + WAN.
o Keys and certificates can now be up to 7999
characters long.
- CHANGED: Revised OpenVPN client options:
o Reorganized settings into groups
o Removed "Poll Interval" (which didn't work
properly), and reimplemented watchdog service,
with a hardcoded frequency of 2 mins.
o Removed Firewall setting (firewall rules are now
always created). You can now use the postconf
script to override it.
o Modified behaviour of Connection Retry. Instead
of taking a value in seconds that only affected
resolution failure, it now takes a number of
attempts, and affects connection failures.
Resolution failures will now retry for an infinite
period of time (the default OpenVPN value).
o Added "refresh" link which can be clicked to
re-query the public IP endpoint of the tunnel
o Keys and certificates can now be up to 7999
characters long.
- CHANGED: Removed option to resolve names on the
Log -> Connections page.
That functionality was added to the
Network Tools -> Netstat page instead.
- CHANGED: Re-designed Log -> Connections page into a table
with sortable fields - click on a column header to
sort on that field.
- CHANGED: From now on, setting the router to act as a master
browser or a WINS server will also require you to
enable sharing. This will ensure that users understand
that enabling either of these settings requires disk
sharing to also be enabled (which it was already
silently doing before).
- CHANGED: Moved "Beta firmware" option to the Tools -> Other
Settings page
- CHANGED: Improved layout of the Firmware Update page
- CHANGED: WPAD behaviour (sending a carriage return on
DHCP option 252) can now be controlled in the
Tweaks section.
- CHANGED: Blocking custom scripts such as service-event
and pre-mount will now wait a maximum of 120
seconds before resuming normal operations, to
prevent accidental lockouts.
- CHANGED: Autofill start/end time for DST when selecting
a timezone (LostFreq)
- FIXED: Some dnsmasq issues related to DNSSEC were fixed,
including CVE-2017-15107. (backported from
dnsmasq 2.79 by John Bacho)
- FIXED: Restoring an OpenVPN instance to default values
would fail to disable its Start with WAN setting.
- FIXED: Hardware authentication failure for the RT-AC3100
and RT-AC5300.
- FIXED: Minidlna web status page could no longer be enabled.
- FIXED: CVE-2017-9022, CVE-2017-9023 and CVE-2017-11185 in
Strongswan (odkrys)
- FIXED: Various issues with download traffic in Traditional
QoS (Cédric Dufour)
- FIXED: TCP timeout values couldn't be changed on the
Tools -> Other Settings page.
- FIXED: Security issue related to webui logging in (Asus bug)