Firmware-update: FreshTomato 2021.3

FreshTomato logo (79 pix) FreshTomato is van Tomato afgeleide firmware voor verschillende op Arm of MIPS gebaseerde routers van ASUS, D-Link, Huawei, Linksys, Netgear, Tenda en Xiaomi. Het kan gezien worden als de voortzetting van 'Tomato by Shibby' sinds deze ontwikkelaar, Michał Rupental, zijn tijd aan andere projecten wil besteden. De FreshTomato-firmware voegt ten opzichte van de originele firmware van de fabrikant diverse extra opties toe, zoals een realtime-bandbreedtemonitor en uitgebreide instelmogelijkheden. De ontwikkelaars hebben de derde uitgave van FreshTomato in 2021 uitgebracht en deze is beschikbaar voor routers met een Arm- of MIPS-cpu.

FreshTomato-ARM 2021.3 changelog
  • SDK6: update wireless driver (dual core) - fix for FragAttacks
  • kernel: drivers: net: ppp_generic.c: check pointer first
  • busybox: update to 1.33.1
  • tor: update to 0.4.5.8
  • sqlite: update to 3.35.5
  • dnsmasq: update to 2021.04.10 (3573ca0) snapshot
  • openvpn: update to 2.5.2
  • libcurl: update to 7.76.1
  • nettle: update to 3.7.2
  • nginx: update to 1.19.10
  • tinc: update to d100eb0 (2021.04.15) snaphot
  • nano: update to 5.7
  • rp-pppoe: update to 3.15
  • miniupnpd: update to 2.2.2
  • adminer: update to 4.8.1-mysql-en
  • libxml2: update to 2.9.12
  • iperf2: update to 3.9
  • minidlna: update to 1.3.0
  • vsftpd: update to 3.0.4
  • libcurl: update CA certificate bundle as of 2021-04-13
  • getdns: fixes from upstream
  • ebtables: fixes from upstream
  • build: add Asus RT-AC68U V3 support
  • build: add Asus RT-AC1750 B1 support
  • build: add Asus RT-AC1900U support
  • build: add Netgear R6900 support
  • build: Makefile: switch to tinc instead of SNMP for 'e' (VPN) image
  • build: Makefile: tor: compile without zstd and systemd
  • build: Makefile: nano: add -fsi to autoreconf
  • build: Makefile: use 'printf' command instead of 'echo', fix formatting
  • build: Makefile: add libmnl to PKG_CONFIG_PATCH in libnetfilter_queue, libnetfilter_conntrack and conntrack-tools recipies
  • build: common.mak: add (export) PKG_CONFIG_DIR/PKG_CONFIG_LIBDIR/PKG_CONFIG_SYSROOT_DIR env variables
  • GUI: update all icons; thanks to @rs232
  • GUI improvements: add interface/bridge info to the device list page and other changes; fixes #106
  • GUI: Admin: Bandwidth Monitoring: fix the availability of some forms when enabling/disabling
  • GUI: Advanced: DHCP/DNS: exclude ipv6 only servers if ipv6 not enabled
  • GUI: Advanced: DHCP/DNS: when built with stubby add option to choose between dnsmasq and stubby for DNSSEC validation
  • GUI: Advanced: DHCP/DNS: add option to force minimum acceptable TLS version to 1.3 for Stubby (required OpenSSL >= 1.1.1)
  • GUI: Advanced: DHCP/DNS: fix visibility of 'DNSSEC validation method' radio group
  • GUI: Advanced: DHCP/DNS: Add option to generate a name for DHCP clients which do not otherwise have one; useful for e.g. Device List page
  • GUI: Advanced: DHCP/DNS: always show the 'Prevent client auto DoH' option regardless of whether the image is built with or without Stubby
  • GUI: Advanced: DHCP/DNS: make 'dnsmasq custom configuration' textarea automatically stretched vertically
  • GUI: Bandwidth: Last 24 Hours: fix bridge naming
  • GUI: Bandwidth: WAN Bandwidth - Daily: flip from/to dates
  • GUI: Basic: DHCP Reservation: do not allow multiple hostnames for a device when only associate to a MAC address (causing dnsmasq failed to start)
  • GUI: basic-ipv6.asp - hide option tun mtu for case 6RD Relay (not used)
  • GUI: basic-ipv6.asp - show option tun ttl for case 6rd from DHCPv4 (Option 212)
  • GUI: DHCP Reservation: allow definition of hostnames for devices without static DHCP assignment (resolves #127)
  • GUI: Display NETGEAR CFE version on status page
  • GUI: status-devices.asp - extend IPv6 support
  • GUI: Status: Device List: add network discovery helper; thanks to @rs232 for the bash script and the idea
  • GUI: Status: Overview: fix displaying of static DNS when in AP mode
  • GUI: Tools: Wireless Site Survey: add/change OUI search like this one on Device List page. Also, calculate the signal quality as on that page
  • GUI: Virtual Wireless: add frequency to interface drop down list
  • Adblock: add DoH servers to Adblock blacklist (disabled)
  • BWL: add the ability to enable/disable rule and enter the description
  • BWL: fix bwlimit filter conflicts due to priority value
  • busybox: build with CONFIG_FEATURE_TOP_INTERACTIVE
  • dnsmasq: patches: fix patch 110 - compilation error when building an image without openssl1.1 support
  • cstats: replace date check with nvram ntp check instead
  • flac: do not build docs, test and utility
  • httpd: devlist.c: also add hostname to devlist()
  • IPv6: for case DHCPv6 PD use IPv6 preferred lifetime provided by your ISP/Server for LAN0-3 (IPv6 lease time); Note: get back IPv6 connectivity faster with IPv6 addr/prefix changes. (Some ISPs provide really very low lifetimes)
  • IPv6: for case DHCPv6 PD use first ethernet for DUID-LL (LLT) (and not ifb0); fixes #113; DUID used by a client or server should not change over time, therefore we use eth0 (constant) now
  • IPv6: help IPv6 and advertise the link MTU in router advertisement messages
  • miniupnpd: patches: remove SO_REUSEPORT option for SSDP - causing build error
  • OpenVPN: Server: fix generating keys
  • OpenVPN: implement kill-switch for routing policy
  • PPPoE: Allow MTU up to 1500 for ISPs that support RFC 4638; Note: Jumbo frame needs to be enabled and supported (Gigabit-LAN) for the router. Clamping can be disabled manually via nvram value "tcp_clamp_disable"
  • QoS: extend qos_irates and qos_orates nvram variables to 256 characters for multiwan images
  • rstats: replace date check with nvram ntp check instead
  • rstats: remove old history format
  • stubby: only include IPv6 resolvers if needed
  • transmission: add missing file in prepackaged source build for tr 3.00
  • TTB: increase the time interval when trying to download the theme to 5 minutes when there are network problems
  • vsftpd: add fix for CVE-2015-1419
  • httpd: httpd.c: use logmsg(); add 'X-Frame-Options' in httpd response headers for better protection; more verbose logging; code improvements
  • httpd: upgrade.c: erase flash file when it's not needed anymore to release more memory; clearly specify the directory from which the (www) files used later are copied - also in some color schemes .png files are needed; a few minor changes in .asp file
  • httpd: wl.c - align country list code/way and sync SDK7 to newer SDK6 code
  • rc: introduce new functions that remove kernel modules (grouped by type), used when disabling/removing USB support or on reboot/upgrade the router
  • rc: add g_upgrade global variable - used to skip several unnecessary delay and redundant steps during upgrade procedure
  • rc: do not stop inactive services, also mute unwanted log messages about it
  • rc: dhcpd: discard old format of dhcpd_static
  • rc: dnsmasq: add the ability to forward local domain queries to upstream DNS (default disabled)
  • rc: firewall: rate limit ipv6 ping when allow ping request disabled
  • rc: init.c: try to write all pending modifications/cache data before reboot
  • rc: init.c: give at least 30 secs instead of only 20 secs before enforcing a system reset during reboot
  • rc: init.c: kill all instances of pppd/xl2tpd on reboot/halt
  • rc: services.c: dnsmasq: disable negative caching
  • rc: transmission.c: fix issue while stopping daemon (resolves #131)
  • samba: enable pthread
  • shared: id.c: cosmetic for RT-AC67U detection details/infos
  • switch3g: add search for every possible visible usb device as a last resort when vendor/product is not available
  • switch4g: add search for every possible visible usb device as a last resort when vendor/product is not available
  • www: advanced-dhcpdns.asp: fix javascript error in case when the image is built without IPv6 support
  • www: basic-static.asp: abandon the old nvram dhcpd_static format; Note: the allowed notation of the IP address also changes (one octet => full IP), ie "200" => "192.168.1.200" (to be synced with other places), so if using the old one, re-enter reservations again
  • www: basic-network.asp: fix page when WL module is removed
  • www: bwm.c: extend allowed size of restored cstats/rstats backup file
  • www: at*.css: align "About" description to the left
  • www: tomato.js: fix problems with refresh time, when using more than one refresher
  • www: wireless.jsx: fix the radio frequency display (2.4 / 5GHz) for dual-band WL devices
  • www: small fixes for older browsers
FreshTomato-MIPS 2021.3 changelog
  • kernel: squashfs: update to compile on Artix
  • SDK5: align wl driver version for USB AP router (and revert back wl driver for eth1); Note: patch only for USB AP Router like f9k, rtn53, e3200, ...
  • busybox: update to 1.33.1
  • tor: update to 0.4.5.8
  • sqlite: update to 3.35.5
  • dnsmasq: update to 2021.04.10 (3573ca0) snapshot
  • openvpn: update to 2.5.2
  • openvpn-2.4: update to 2.4.11
  • libcurl: update to 7.76.1
  • nettle: update to 3.7.2
  • nginx: update to 1.19.10
  • tinc: update to d100eb0 (2021.04.15) snaphot
  • nano: update to 5.7
  • rp-pppoe: update to 3.15
  • miniupnpd: update to 2.2.2
  • adminer: update to 4.8.1-mysql-en
  • libxml2: update to 2.9.12
  • iperf2: update to 3.9
  • minidlna: update to 1.3.0
  • vsftpd: update to 3.0.4
  • libcurl: update CA certificate bundle as of 2021-04-13
  • getdns: fixes from upstream
  • ebtables: fixes from upstream
  • build: E4200v1: apply FT wireless default setup after nvram reset
  • build: E4200v1: add ethernet LED fix (moved from arm branch)
  • build: Belkin F9K1102 (v1/v3): adjust nvram size to 32K
  • build: add DNSSEC to 'e', 'c', 'd', 'b' and 'm' (VPN, BTgui-VPN, Nocat-VPN, Big-VPN, Max) images, but optimize more aggressively dropbear and igmpproxy
  • build: add DNSSEC to 'f5d', 'f7d', 'wndr64-vpn', 'rtn53', 'e2500', 'wndr3400v2-vpn' and 'n60' images, but optimize more aggressively dropbear and igmpproxy
  • build: Makefile: tor: compile without zstd and systemd
  • build: Makefile: nano: add -fsi to autoreconf
  • build: Makefile: use 'printf' command instead of 'echo', fix formatting
  • build: common.mak: add (export) PKG_CONFIG_DIR/PKG_CONFIG_LIBDIR/PKG_CONFIG_SYSROOT_DIR env variables
  • GUI: update all icons; thanks to @rs232
  • GUI improvements: add interface/bridge info to the device list page and other changes; fixes #106
  • GUI: Admin: Bandwidth Monitoring: fix the availability of some forms when enabling/disabling
  • GUI: Advanced: DHCP/DNS: exclude ipv6 only servers if ipv6 not enabled
  • GUI: Advanced: DHCP/DNS: when built with stubby add option to choose between dnsmasq and stubby for DNSSEC validation
  • GUI: Advanced: DHCP/DNS: add option to force minimum acceptable TLS version to 1.3 for Stubby (required OpenSSL >= 1.1.1)
  • GUI: Advanced: DHCP/DNS: fix visibility of 'DNSSEC validation method' radio group
  • GUI: Advanced: DHCP/DNS: Add option to generate a name for DHCP clients which do not otherwise have one; useful for e.g. Device List page
  • GUI: Advanced: DHCP/DNS: always show the 'Prevent client auto DoH' option regardless of whether the image is built with or without Stubby
  • GUI: Advanced: DHCP/DNS: make 'dnsmasq custom configuration' textarea automatically stretched vertically
  • GUI: Bandwidth: Last 24 Hours: fix bridge naming
  • GUI: Bandwidth: WAN Bandwidth - Daily: flip from/to dates
  • GUI: Basic: DHCP Reservation: do not allow multiple hostnames for a device when only associate to a MAC address (causing dnsmasq failed to start)
  • GUI: basic-ipv6.asp - hide option tun mtu for case 6RD Relay (not used)
  • GUI: basic-ipv6.asp - show option tun ttl for case 6rd from DHCPv4 (Option 212)
  • GUI: DHCP Reservation: allow definition of hostnames for devices without static DHCP assignment (resolves #127)
  • GUI: Display NETGEAR CFE version on status page
  • GUI: status-devices.asp - extend IPv6 support
  • GUI: Status: Device List: add network discovery helper; thanks to @rs232 for the bash script and the idea
  • GUI: Status: Overview: fix displaying of static DNS when in AP mode
  • GUI: Tools: Wireless Site Survey: add/change OUI search like this one on Device List page. Also, calculate the signal quality as on that page
  • GUI: Virtual Wireless: add frequency to interface drop down list
  • Adblock: add DoH servers to Adblock blacklist (disabled)
  • BWL: add the ability to enable/disable rule and enter the description
  • BWL: fix bwlimit filter conflicts due to priority value
  • busybox: build with CONFIG_FEATURE_TOP_INTERACTIVE
  • dnsmasq: patches: fix patch 110 - compilation error when building an image without openssl1.1 support
  • cstats: replace date check with nvram ntp check instead
  • dropbear: fix start of dropbear
  • flac: do not build docs, test and utility
  • httpd: devlist.c: also add hostname to devlist()
  • IPv6: for case DHCPv6 PD use IPv6 preferred lifetime provided by your ISP/Server for LAN0-3 (IPv6 lease time); Note: get back IPv6 connectivity faster with IPv6 addr/prefix changes. (Some ISPs provide really very low lifetimes)
  • IPv6: for case DHCPv6 PD use first ethernet for DUID-LL (LLT) (and not ifb0); fixes #113; DUID used by a client or server should not change over time, therefore we use eth0 (constant) now
  • IPv6: help IPv6 and advertise the link MTU in router advertisement messages
  • miniupnpd: patches: remove SO_REUSEPORT option for SSDP - causing build error
  • OpenVPN: Server: fix generating keys
  • OpenVPN: implement kill-switch for routing policy
  • pppd: make PPPoE work again and adjust the commit (applied in code) from upstream "pppd: linux: use monotonic time if possible" (but only for FreshTomato MIPS branches)
  • PPPoE: Allow MTU up to 1500 for ISPs that support RFC 4638; Note: Jumbo frame needs to be enabled and supported (Gigabit-LAN) for the router. Clamping can be disabled manually via nvram value "tcp_clamp_disable"
  • QoS: extend qos_irates and qos_orates nvram variables to 256 characters for multiwan images
  • rstats: replace date check with nvram ntp check instead
  • rstats: remove old history format
  • stubby: only include IPv6 resolvers if needed
  • transmission: add missing file in prepackaged source build for tr 3.00
  • TTB: increase the time interval when trying to download the theme to 5 minutes when there are network problems
  • vsftpd: add fix for CVE-2015-1419
  • httpd: httpd.c: use logmsg(); add 'X-Frame-Options' in httpd response headers for better protection; more verbose logging; code improvements
  • httpd: upgrade.c: erase flash file when it's not needed anymore to release more memory; clearly specify the directory from which the (www) files used later are copied - also in some color schemes .png files are needed; a few minor changes in .asp file
  • httpd: wl.c - align country list code/way and sync mips branches to newer SDK6 arm code
  • rc: introduce new functions that remove kernel modules (grouped by type), used when disabling/removing USB support or on reboot/upgrade the router
  • rc: add g_upgrade global variable - used to skip several unnecessary delay and redundant steps during upgrade procedure
  • rc: do not stop inactive services, also mute unwanted log messages about it
  • rc: dhcpd: discard old format of dhcpd_static
  • rc: dnsmasq: add the ability to forward local domain queries to upstream DNS (default disabled)
  • rc: firewall: rate limit ipv6 ping when allow ping request disabled
  • rc: init.c: try to write all pending modifications/cache data before reboot
  • rc: init.c: give at least 30 secs instead of only 20 secs before enforcing a system reset during reboot
  • rc: init.c: kill all instances of pppd/xl2tpd on reboot/halt
  • rc: services.c: dnsmasq: disable negative caching
  • rc: transmission.c: fix issue while stopping daemon (resolves #131)
  • samba: enable pthread
  • shared: id.c: cosmetic for RT-AC67U detection details/infos
  • switch3g: add search for every possible visible usb device as a last resort when vendor/product is not available
  • switch4g: add search for every possible visible usb device as a last resort when vendor/product is not available
  • www: advanced-dhcpdns.asp: fix javascript error in case when the image is built without IPv6 support
  • www: basic-static.asp: abandon the old nvram dhcpd_static format; Note: the allowed notation of the IP address also changes (one octet => full IP), ie "200" => "192.168.1.200" (to be synced with other places), so if using the old one, re-enter reservations again
  • www: basic-network.asp: fix page when WL module is removed
  • www: bwm.c: extend allowed size of restored cstats/rstats backup file
  • www: at*.css: align "About" description to the left
  • www: tomato.js: fix problems with refresh time, when using more than one refresher
  • www: wireless.jsx: fix the radio frequency display (2.4 / 5GHz) for dual-band WL devices
  • www: small fixes for older browsers

Tomato

Versienummer 2021.3
Releasestatus Final
Website FreshTomato
Download https://freshtomato.org/downloads/
Licentietype GPL

Door Bart van Klaveren

Downloads en Best Buy Guide

05-06-2021 • 08:43

1 Linkedin

Submitter: Indir

Bron: FreshTomato

Reacties (1)

1
1
1
0
0
0
Wijzig sortering
Ze zijn de images nog aan het uploaden. Van niet alle bekende modems/routers zijn de firmwares nu beschikbaar. Heel benieuwd naar de aanlassingen

[Reactie gewijzigd door N. Steenvoorde op 5 juni 2021 13:13]

Op dit item kan niet meer gereageerd worden.

Tweakers maakt gebruik van cookies

Tweakers plaatst functionele en analytische cookies voor het functioneren van de website en het verbeteren van de website-ervaring. Deze cookies zijn noodzakelijk. Om op Tweakers relevantere advertenties te tonen en om ingesloten content van derden te tonen (bijvoorbeeld video's), vragen we je toestemming. Via ingesloten content kunnen derde partijen diensten leveren en verbeteren, bezoekersstatistieken bijhouden, gepersonaliseerde content tonen, gerichte advertenties tonen en gebruikersprofielen opbouwen. Hiervoor worden apparaatgegevens, IP-adres, geolocatie en surfgedrag vastgelegd.

Meer informatie vind je in ons cookiebeleid.

Sluiten

Toestemming beheren

Hieronder kun je per doeleinde of partij toestemming geven of intrekken. Meer informatie vind je in ons cookiebeleid.

Functioneel en analytisch

Deze cookies zijn noodzakelijk voor het functioneren van de website en het verbeteren van de website-ervaring. Klik op het informatie-icoon voor meer informatie. Meer details

janee

    Relevantere advertenties

    Dit beperkt het aantal keer dat dezelfde advertentie getoond wordt (frequency capping) en maakt het mogelijk om binnen Tweakers contextuele advertenties te tonen op basis van pagina's die je hebt bezocht. Meer details

    Tweakers genereert een willekeurige unieke code als identifier. Deze data wordt niet gedeeld met adverteerders of andere derde partijen en je kunt niet buiten Tweakers gevolgd worden. Indien je bent ingelogd, wordt deze identifier gekoppeld aan je account. Indien je niet bent ingelogd, wordt deze identifier gekoppeld aan je sessie die maximaal 4 maanden actief blijft. Je kunt deze toestemming te allen tijde intrekken.

    Ingesloten content van derden

    Deze cookies kunnen door derde partijen geplaatst worden via ingesloten content. Klik op het informatie-icoon voor meer informatie over de verwerkingsdoeleinden. Meer details

    janee