Search found 202 matches

by rseiler
Tue Jan 26, 2021 4:29 pm
Forum: Gargoyle Development
Topic: DNSpooq vulnerabilities and Gargoyle
Replies: 10
Views: 1585

Re: DNSpooq vulnerabilities and Gargoyle

Yes, I was referring to what we'd see in the release version with the mitigation, not the latest dev with the updated dnsmasq.
by rseiler
Tue Jan 26, 2021 12:43 pm
Forum: Gargoyle Development
Topic: DNSpooq vulnerabilities and Gargoyle
Replies: 10
Views: 1585

Re: DNSpooq vulnerabilities and Gargoyle

OK, makes sense. While I haven't done it yet, it's worth mentioning that it's very likely to cause a bunch of these errors: daemon.err dnsmasq[24211]: failed to send packet: Network unreachable It happened for everyone with OpenWRT who implemented the workarounds even before the dnsmasq update, so i...
by rseiler
Tue Jan 26, 2021 2:36 am
Forum: Gargoyle Development
Topic: DNSpooq vulnerabilities and Gargoyle
Replies: 10
Views: 1585

Re: DNSpooq vulnerabilities and Gargoyle

Thanks, I hadn't seen this post.

Do you have a feel for what the disabling of caching would mean for its actual function (beyond the vulnerability)?
by rseiler
Tue Jan 26, 2021 1:58 am
Forum: Gargoyle Development
Topic: DNSpooq vulnerabilities and Gargoyle
Replies: 10
Views: 1585

Updating DNSMasq for the latest security issue

A fixed (and then re-fixed, for a log issue) version is now out (it's nominally 2.84 but shows up in OpenWRT as 2.80-16.3).

Gargoyle uses 2.80-1.4.

Are we free to use opkg to update Gargoyle 1.12.0 to solve the issue, or is it not that simple?
by rseiler
Mon Nov 02, 2020 8:11 pm
Forum: Network / Wireless Issues
Topic: OpenVPN 2.5
Replies: 1
Views: 1531

OpenVPN 2.5

The new client is out: https://openvpn.net/community-downloads It does work against Gargoyle but with two warnings (the second one is new for sure, not sure of the first): WARNING : Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not com...
by rseiler
Tue Mar 31, 2020 3:37 pm
Forum: Hardware / Installation Issues
Topic: Archer C7V2 (1.12.0) boot loop (every minute)
Replies: 3
Views: 1207

Archer C7V2 (1.12.0) boot loop (every minute)

Someone reported a boot loop issue some years ago that is the same as I saw this week with 1.12.0. The same way recommended there to make it stop (deleting BW data) is also what worked for me. https://www.gargoyle-router.com/phpbb/viewtopic.php?t=7149 The Archer C7V2 router in question had 1.12.0 on...
by rseiler
Mon Mar 30, 2020 12:24 pm
Forum: News
Topic: Version 1.12.0 : New stable version
Replies: 95
Views: 64788

Re: Version 1.12.0 : New stable version

Out of the clear blue, today I saw this boot loop issue, resolved in the very same way (deleting BW data). This router has had the current build since it came out, so the problem took a very long time to turn up. Archer C7V2. https://www.gargoyle-router.com/phpbb/viewtopic.php?t=7149 Is there any wa...
by rseiler
Tue Feb 04, 2020 12:56 am
Forum: Other Issues
Topic: checkmyip.com causing ddns plugin to update wrong IP
Replies: 20
Views: 14822

Re: checkmyip.com causing ddns plugin to update wrong IP

I wouldn't say corrected, necessarily -- it may just be hit and miss. No harm in effectively editing it out, since there are many others, and it's impractical to be monitoring it.
by rseiler
Mon Jan 06, 2020 11:05 pm
Forum: Network / Wireless Issues
Topic: Hourly "daemon.notice openvpn"
Replies: 4
Views: 3392

Re: Hourly "daemon.notice openvpn"

That reneg-sec setting I mentioned earlier turns out not to have been involved, as setting it higher had no effect. It was just a guess based on it being the only thing in the manual mentioning an hour. So, when on 3, here's the rest of the log not quoted above (when it was on 1), just in case anyth...
by rseiler
Mon Jan 06, 2020 4:06 pm
Forum: Network / Wireless Issues
Topic: Hourly "daemon.notice openvpn"
Replies: 4
Views: 3392

Re: Hourly "daemon.notice openvpn"

2 didn't, but 1 roughly cut it in half, down to this (not the real IP): Mon Jan 6 14:22:32 2020 user.notice ovpn-cn-check: control verified OK Mon Jan 6 14:22:32 2020 daemon.notice openvpn(custom_config)[763]: control/1.2.3.4:56699 peer info: IV_VER=2.4.8 Mon Jan 6 14:22:32 2020 daemon.notice openvp...