Download Firmware Asuswrt-Merlin 384.5

Spread the love

Asus uses Tomato-derived firmware called Asuswrt for its newer routers, such as the RT-AC56U and RT-AC68U. This firmware is, with the exception of a few drivers, open source, whereby the closed binaries are included. Asuswrt-merlin, in turn, is a modified version of the original firmware from Asus. It includes bug fixes and minor improvements, but still tries to stay close to the original, so that it remains possible to add new features that Asus introduces to the code.

With Asuswrt-Merlin 382, ​​the team started from scratch with a clean 382 firmware from Asus. It turned out to be too difficult to transfer the changes from version 380 to version 382. At the moment it doesn’t work with all models yet. Support is available for the RT-AC56U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC3100, RT-AC5300, RT-AC87U, and RT-AC3200, with others to follow soon. The release notes for this release are as follows:

General changes in the 384/NG branch vs 380.xx:

  • Clear your browser cache after flashing your first 384 build.
  • It’s generally recommended to do a factory default reset when coming from 380 to 384/NG.
  • HDD spindown settings moved to the System settings page
  • SSL certificate management moved to the DDNS page for models that support Let’s Encrypt
  • Nvram settings now have maximum lengths enforced, to protect against buffer overruns. This means that some very long lists of settings might no longer be possible on 384.xx.

New:

  • Merged with GPL 384_20648
  • Merged RT-AC68U, RT-AC5300 binary blobs from 384_20648
  • Merged RT-AC86U SDK and binary blobs from 384_20648
  • service-event script, executed before any service call is made. First argument is the event (typically stop, start or restart), second argument is the target (wireless, httpd, etc…). Note that this script will block the execution of the event until it returns.
  • Added USB HID modules (for use with devices such as UPS)
  • Added ip6tables save command.

changed:

  • Updated OpenVPN to 2.4.6.
  • Updated Dropbear to 2018.76.
  • Updated Openssl to 1.0.2o.
  • Updated miniupnpd to version 2.1 (20180508).
  • Updated nano to 2.9.5.
  • Moved RT-AC86U to the same Busybox version (1.25.1) as other models.
  • Revised OpenVPN server options:
    • Removed “TLS Reneg time” (rarely used, can manually be set as a custom option)
    • Removed “Server Poll” (which didn’t work properly), and reimplemented watchdog service, hardcoded to 2 mins frequency.
    • Removed “Push LAN” and “Redirect Gateway”, replaced with new Client Access setting
    • Removed Firewall setting (firewall rules are now always created, and the broken External mode was fixed and integrated into the new Client Access setting). You can now use the postconf script to override it.
    • Removed option to respond to DNS queries – enabling the option to Push DNS will also handle it
    • Added new Client Access setting to select between three types of access: LAN only, WAN only (will block access to the LAN, including the router itself) and LAN + WAN.
    • Keys and certificates can now be up to 7999 characters long.
  • Revised OpenVPN client options:
    • Reorganized settings into groups
    • Removed “Poll Interval” (which didn’t work properly), and reimplemented watchdog service, with a hardcoded frequency of 2 mins.
    • Removed Firewall setting (firewall rules are now always created). You can now use the postconf script to override it.
    • Modified Behavior of Connection Retry. Instead of taking a value in seconds that only affected resolution failure, it now takes a number of attempts, and affects connection failures. Resolution failures will now retry for an infinite period of time (the default OpenVPN value).
    • Added “refresh” link which can be clicked to re-query the public IP endpoint of the tunnel
    • Keys and certificates can now be up to 7999 characters long.
  • Removed option to resolve names on the Log -> Connections page. That functionality was added to the Network Tools -> Netstat page instead.
  • Re-designed Log -> Connections page into a table with sortable fields – click on a column header to sort on that field.
  • From now on, setting the router to act as a master browser or a WINS server will also require you to enable sharing. This will ensure that users understand that enabling either of these settings requires disk sharing to also be enabled (which it was already silently doing before).
  • Moved “Beta firmware” option to the Tools -> Other Settings page
  • Improved layout of the Firmware Update page
  • WPAD behavior (sending a carriage return on DHCP option 252) can now be controlled in the Tweaks section.
  • Blocking custom scripts such as service-event and pre-mount will now wait a maximum of 120 seconds before resuming normal operations, to prevent accidental lockouts.
  • Autofill start/end time for DST when selecting a timezone (LostFreq)

Fixed:

  • Some dnsmasq issues related to DNSSEC were fixed, including CVE-2017-15107. (backported from dnsmasq 2.79 by John Bacho)
  • Restoring an OpenVPN instance to default values ​​would fail to disable its Start with WAN setting.
  • Hardware authentication failure for the RT-AC3100 and RT-AC5300.
  • Minidlna web status page could no longer be enabled.
  • CVE-2017-9022, CVE-2017-9023 and CVE-2017-11185 in Strongswan (odkrys)
  • Various issues with download traffic in Traditional QoS (Cédric Dufour)
  • TCP timeout values ​​couldn’t be changed on the Tools -> Other Settings page.
  • Security issue related to webui logging in (Asus bug)

Version number 384.5
Release status Final
Website Asuswrt-Merlin
Download
License type GPL
You might also like
Exit mobile version