Asus gebruikt voor zijn nieuwere routers, zoals de RT-N66U en RT-AC66U, van Tomato afgeleide firmware met de naam Asuswrt. Deze firmware is - op enkele drivers na - opensource, waarvan de gesloten binaries wel meegeleverd worden.
Asuswrt-merlin is een aangepaste versie van de originele firmware die onder meer bugfixes en kleine verbeteringen bevat, maar toch dicht bij het origineel probeert te blijven, zodat het mogelijk blijft om nieuwe features die Asus introduceert toe te voegen aan de code. Maandag is versie 378.54_1 uitgekomen en de release notes van die uitgave zien er als volgt uit:
Important:
If you were previously using the AiProtection ad blocker, you will need to manually disable it over SSH after flashing this release, by running the following commands:
nvram set wrs_adblock_popup=0
nvram set wrs_adblock_stream=0
nvram commit
New:Changed:
- Merged with Asus GPL 378_5134.
- OpenVPN policy rules can now be set to route matching traffic through either the tunnel, or to your ISP (allowing you to create exceptions to your tunnelling rules)
- Added OpenVPN server setting to let the OS manage socket buffers (by inserting rcvbuf 0 and sndbuf 0 in the server configuration)
Fixed:
- Upgraded OpenSSL to 1.0.2a, adding new tls ciphers to OpenVPN and the https webui
- Updated miniupnpd to 1.9.20150430
- Reverted kernel backport of the parallel printer support, and reintroduced fix in lprng. This should hopefully fix the recent printing breakage issues.
- Removed AiProtection's ad blocker, as it's too buggy to be usable, breaking numerous mobile applications, and not being configurable in any way.
- OpenVPN policy routing rules are now applied at boot time (when WAN comes up), so clients who are blocked while a tunnel is down will immediately be blocked until the tunnel comes up.
- Upgraded Quantenna firmware to 378_6065 release (AC87)
- Router DNS weren't reverted to their original values when shutting down an OpenVPN client with "explicit- exit-notify" enabled. Now we manually clean it up after the user manually terminates the client - it might still not be cleaned up after an unexpected shutdown however. Ideally, users should try avoiding using this setting when possible.
- Some legitimate VPN packets could get dropped due to their conntrack state. Now, only INVALID packets coming from the WAN interface are dropped.
- OpenVPN client would sometime try to connect before the clock had been set by NTP at boot time, preventing it from connecting.
- AiProtection security check would fail to load when Dual WAN is enabled
- Various fields would allow you to enter a single quote character, which could break the webui. Now these fields re-validate the content after you deactivate the text field.
- Switching between All Traffic and Policy Mode OpenVPN routing while the option to block traffic when the tunnel goes down wasn't properly removing those rules, so a tunnel going down in All Traffic would still block policed clients.
- EMF wasn't working on ARM models (missing userspace tool)