Orbi WiFi 7 RBE973

Re: New firmware with built in Torrent Client


Re: New firmware with built in Torrent Client

@JediNite wrote:

@paulmcg wrote:


Still having an issue with the port forwarding display, the one that I created using the gui is not visible in the gui, I see it in the nat5 agApi_natDumpRuleTbl, but not in the inbound or pf_ params.



richud and paul,


I've got the same issue with the inbound Port Forwarding Rules not showing on the GUI, but they are active as confirmed from the Network Logs section you referenced in other posts.  These were rules that existed prior to updating from richud's February release of the v1 firmware. Any suggestions on why this might not be showing correctly or if there is anything that can be done to fix it ?  I can probably do a factory reset if you think this will help.






Hey guys,


I just did as you suggested in a different post Richud; to delete all the rules and parameters and then run the commands to clear the NAT rules fully, reboot and then re-entered them in from scratch.  All looks good now 🙂






Message 876 of 1,478

Re: New firmware with built in Torrent Client

Okay, I give. How did you clean it up? Did you go back to old firmware and delete your port forwards and then come back to current and redo the port forwards? If so, how far back in firmware did you go? Some detail on what you did or a link to the post that tells you how to reset/clear the port forwards and then re-establish.

Message 877 of 1,478

Re: New firmware with built in Torrent Client

For the port forwarding, when I look at the GUI I see nothing, but looking at the dump table...

~ # nat5 agApi_natDumpRuleTbl 0 0 0 0
Trying arg1 function agApi_natDumpRuleTbl
Trying arg2 0
Trying arg3 0
Trying arg4 0
Trying arg5 0

Current time: 690723
 id wif lif          wan_ip          lan_ip        lan_mask fport1 fport2 s_port    time  timeout  type nat prot once resv confl       ForeignIp add_from
 10  30   0  XXX.XXX.XXX.XXX      0      0      0       0        0     0   1  TCP    0    1     0        0
 41  30   0  XXX.XXX.XXX.XXX   8081      0   8081       0        0     0   2  TCP    0    1     0        4
Total 2 rules.

The XXX.XXX.XXX.XXX is me disguising my external IP.

I had at one time put in the rule to get to my IP camera, but it does not show in the GUI, nor does it show in the params as expected, e.g.

~ # param show inbound
~ # param show pf_

I can clear everything, and the dump table only shows the default one.

~ # nat5 agApi_natRuleClear 0 0 0 0
Trying arg1 function agApi_natRuleClear
Trying arg2 0
Trying arg3 0
Trying arg4 0
Trying arg5 0
~ # nat5 agApi_natDumpRuleTbl 0 0 0 0
Trying arg1 function agApi_natDumpRuleTbl
Trying arg2 0
Trying arg3 0
Trying arg4 0
Trying arg5 0

Current time: 691675
 id wif lif          wan_ip          lan_ip        lan_mask fport1 fport2 s_port    time  timeout  type nat prot once resv confl       ForeignIp add_from
 10  30   0  XXX.XXX.XXX.XXX      0      0      0       0        0     0   1  TCP    0    1     0        0
Total 1 rules.

I can now add the rule back in through the gui, and it shows in the GUI, and in the params, but after a reboot I am back to where I started, the rule is there in the dump table, not in the params, not in the GUI.

~ # param show inbound
~ # param show pf_
~ # nat5 agApi_natDumpRuleTbl 0 0 0 0
Trying arg1 function agApi_natDumpRuleTbl
Trying arg2 0
Trying arg3 0
Trying arg4 0
Trying arg5 0

Current time: 691838
 id wif lif          wan_ip          lan_ip        lan_mask fport1 fport2 s_port    time  timeout  type nat prot once resv confl       ForeignIp add_from
 10  30   0  XXX.XXX.XXX.XXX      0      0      0       0        0     0   1  TCP    0    1     0        0
 20  30   0   8081      0   8081       0        0     0   2  ALL    0    0     0        1
Total 2 rules.

Also, I notice that if I use Skype, it creates several more rules that are visible in in the dump table, and they are saved in a temp file, and persist even when you finish using the app.

/tmp # cat soap_portmap 
IP-Camera???c?)Skype UDP at (3243)Jc??Jb.Skype UDP at (3244)Jb??Jb,Skype TCP at (3244)Jb??Jb-Skype UDP at (3244)?5???5/Skype TCP at (3244)?5???50Skype UDP at (3247)Ά??Ά*Skype TCP at (3247)Ά??Ά+
/tmp # 
Message 878 of 1,478

Re: New firmware with built in Torrent Client

@w3wilkes wrote:

Okay, I give. How did you clean it up? Did you go back to old firmware and delete your port forwards and then come back to current and redo the port forwards? If so, how far back in firmware did you go? Some detail on what you did or a link to the post that tells you how to reset/clear the port forwards and then re-establish.

Hi w3wilkes,


Here is what I did :


1.) Take a backup of the NAT rules, via the "Advanced", "Administration - Logs", "Live Network States", "NAT Firewall" (Just put the output into a text file somewhere).

2.) From a SSH window run the following :

# param show inbound_policy_tbl

# param show inbound_record

# param show pf_services_tbl

Record the output of these somewhere in case needed later.

3.) Unset the parameters :

# param unset inbound_policy_tbl

# param unset inbound_record

# param unset pf_services_tbl

4.) Confirm the values are now cleared :

# param show inbound_policy_tbl

# param show inbound_record

# param show pf_services_tbl

5.) Clear the firewall rules via the Foxconn CLI :

# /usr/bin/cli

User : ambit Password : ambitdebug

Foxconn$? nat ruletab (to record the current rules)

Foxconn$? nat ruleclear (to clear the rules)

Foxconn$? nat ruletab (confirm the rules have been removed)

Foxconn$? exit

6.) At this point, reboot the router.  I think from memory I did this from the GUI, but would probably also work from ssh shell with "reboot" command.

7.) When the router reboots, and you check the NAT rules in the location in Step 1 and also via the "Port Forwarding" menus, both should now be blank.

8.) Re-set up the rules in the "Port Forwarding" menus using the details in the backups of the previous setup that was taken in steps 1 and 2.

9.) Once these are added in, perform a sanity reboot of the router to confirm the rules persist after rebooting.


References : 


http://www.richud.com/wiki/DGND3700_V1_Transmission_Firmware (Posts between richud and mauri_va around 2/11/2015 - search on "inbound_policy_tbl" for example)


Hope this helps!!!





Message 879 of 1,478

Re: New firmware with built in Torrent Client

Hey JediNite,

This worked great! I was doing just fine with this down to step 5. Couldn't figure out how to do the CLI Foxconn stuff so just for good measure in place of step 5 I did

~ # nat5 agApi_natRuleClear 0 0 0 0

-Booted the router

-Defined my port forwarding rules via WebUI (this wouldn't have worked if old rules were still in place)

-Booted the router

-port forwarding rules still show in WebUI and verified using ShieldsUp




Message 880 of 1,478

Re: New firmware with built in Torrent Client

Does the USA region setting increase signal strength?


I thought the region setting just changed the channels depending on local usage. However WNDR3700 owners in this old thread seem to think the USA setting also boosts the signal.



Is there any evidence of this in the firmware?

Message 881 of 1,478

Re: New firmware with built in Torrent Client

I don't know if Netgear put the ability to change the power in the radios of their routers based on region. That being said... I believe I read somewhere that the unlicensed radio transmitter regulations in the US (and maybe Canada) allow for higher power on the wifi 2.4Ghz radios, don't know about the 5Ghz band.

Message 882 of 1,478

Re: New firmware with built in Torrent Client

I just flashed to the GENIE edition and all appears to be working well. I cleared out my port forwarding rules prior to the upgrade and then re-entered them in the GUI, which has worked fine. The upgrade did lose my custom inadyn settings but I suspected this may happen and so had made a note of them.


I wanted to experiment with setting my SSID to same on both 2.4GHz & 5GHz bands but annoyingly the firmware complains at this and doesn't allow you to commit the change. Strangely it only complains about this for the main SSID and is quite happy for you to set the same SSID for the Guest WLAN on 2.4 and 5GHz bands. From another post in this forum I found that you can defeat this block by using Firefox. I suspect this is an oddity of source firmware but perhaps this is something that could be fixed in a future update?

Message 883 of 1,478

Re: New firmware with built in Torrent Client

Hey guys,

Good firmware, using it for a couple of years right now. Until now I didn't had the necessity of using a Network Disk, but lately as I don't stop moving files from a PC to another I decided to  connect my external hdd to router's usb port.

The hdd is detected and mounted but when I go readyshare it says there is no disk available. So I enable the samba service, everything OK until I want to transfer something to disk, it says there is not enough space. Make same tests it seems that any files bigger than 6MB it won't be copied.

I also test with an pendrive, switch formats (NTFS, ext4, exFAT) and nothing worked, in fact the ext4 it wasn't mounted (seeing something that is not an NTFS format). Any idea if it's a bug or those services aren't working fine, etc?

PS1: For any reason I'm also anable to set the timezone correctly, when I choose "Brossels, Copenhagen, Madrid, Paris" it sets the next entry as my timezone "Sarajevo, Skopje, Warsaw, Zagreb".

PS2: My router is the 3700V1

Message 884 of 1,478

Re: New firmware with built in Torrent Client

@JediNite: nice one 🙂 I spent weeks trying to figure out how to use the libnat.so library directly but couldnt guess what the function type/arguments were (I was just going to rewrite a new page for it). If only Netgear released the source code 😞

@ittroll: wireless is AFIK always at max power it can be. The regions just select what channels are available (look at the web page Frame source to see what, see the JS, last script tag in header).
I too noticed it not liking the same SSID...you can either change the nvram parameter directly, commit and reboot. ('param show ssid' to see)
or in your browser, inspect the web page code and change 'false' to 'true' below on the live page then it will let you set it.

alert("2.4G and 5G have the same SSID");
return false;

I think I will remove that in next release as it works fine having them the same.

Message 885 of 1,478

Re: New firmware with built in Torrent Client

ifusion@ suggest you use ext3 - ext4 needs special tuning options as ext4 'final' isn't fully backported (see wiki for options). NTFS should work but will be slower, FAT32 should also work but isn't very fault tolerant. exFAT won't work. Not sure why you are only copying 6Mb are you writing it to the right place? /media/<yourdrivelabel> ?


Timezone - I lifted all of those from dd-wrt I think. I couldn't find any formal list. Both the ones you mention have same timezone code (bottom two below) hence it just picks latter. If they are different please tell me what they should be, there were lots of mistakes in the list, I think I fixed the most obvious ones at the time.

If you think your two are both correct I will just merge them.


			<option value="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00">(GMT+01:00) Amsterdam, Berlin, Bern, Rome, Vienna</option>
			<option value="CET-1CEST,M3.5.0/2,M10.5.0/3">(GMT+01:00) Belgrade, Bratislava, Budapest, Prague</option>
			<option value="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00">(GMT+01:00) Brussels, Copenhagen, Madrid, Paris</option>
			<option value="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00">(GMT+01:00) Sarajevo, Skopje, Warsaw, Zagreb</option>
Message 886 of 1,478

Re: New firmware with built in Torrent Client

@richud wrote:

@JediNite: nice one 🙂 I spent weeks trying to figure out how to use the libnat.so library directly but couldnt guess what the function type/arguments were (I was just going to rewrite a new page for it). If only Netgear released the source code 😞

@richud: NetGear could not make it that easy by sharing source code... Where would be the fun in that!!! *LOL* Any chance you can somewhow integrate what I did as a workaround into a function on the interface to make it easier for others ?  Not sure if you can do something like "expect" scripts of the like through the interface but might get around the username / password prompts perhaps...


Although @w3wilkes got it working with a "nat5" command, so maybe that might be a possibility as well...



Message 887 of 1,478

Re: New firmware with built in Torrent Client

I've formated the hdd as ext3 and still have te problem with the space, for files bigger than 6MB still saying not enough space. Yes I'm reading/writting the correct place /media/ExternHDD, in my case.

About the timezone I would say that is a bug the way information is stored, displayed or picked up from the list.

<option value="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00">(GMT+01:00) Amsterdam, Berlin, Bern, Rome, Vienna</option>
<option value="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00">(GMT+01:00) Brussels, Copenhagen, Madrid, Paris</option>
<option value="CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00">(GMT+01:00) Sarajevo, Skopje, Warsaw, Zagreb</option>

For those 3 values it always place the last option, and I tested with other timezones and it's doing the same. I suponse that on options with the same value when it does the maching is showing always the last option on the list. https://github.com/lukasniemeier/tuxbox-cvs-cdk/blob/a6d2bb00a73b10743acc20c919ad098d545c337b/root/e...


=================== HDD INFO ===================

 /wwwbb/cgi-bin # df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/root                19776     19776         0 100% /
tmpfs                    12472      1152     11320   9% /tmp
tmpfs                     6236         0      6236   0% /media
tmpfs                     6236        12      6224   0% /dev
/dev/mtdblock18         131072      4740    126332   4% /tmp/mnt/storage
/dev/sda             480721640    202780 456099532   0% /media/ExternHDD


/wwwbb/cgi-bin # mount
rootfs on / type rootfs (rw)
/dev/root on / type squashfs (ro)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
tmpfs on /tmp type tmpfs (rw)
tmpfs on /media type tmpfs (rw)
tmpfs on /dev type tmpfs (rw)
none on /proc/bus/usb type usbfs (rw)
/dev/mtdblock18 on /tmp/mnt/storage type jffs2 (rw)
/dev/sda on /media/ExternHDD type ext3 (rw,noatime,data=ordered)


Nov 29 13:49:42 (none) user.notice automount.sh: mdev[189] Triggered MDEV:sda ACTION:add TYPE: DEVPATH:/block/sda LABEL: UUID: MP:
Nov 29 13:49:42 (none) user.info kernel:  sda: unknown partition table
Nov 29 13:49:42 (none) user.notice kernel: sd 0:0:0:0: Attached scsi disk sda
Nov 29 13:49:42 (none) user.notice automount.sh: mdev[189] MP found my_blkid MDEV:sda ACTION:add TYPE:ext3 DEVPATH:/block/sda LABEL:ExternHD
D UUID:1c1d82fa-cd04-4f46-b3b1-d5f9ee5a06bc MP:/media/ExternHDD
Nov 29 13:49:42 (none) user.notice automount.sh: mdev[189] NOT in /proc/mounts my_umount MDEV:sda ACTION:add TYPE:ext3 DEVPATH:/block/sda LA
BEL:ExternHDD UUID:1c1d82fa-cd04-4f46-b3b1-d5f9ee5a06bc MP:/media/ExternHDD
Nov 29 13:49:42 (none) user.debug kernel: usb-storage: device scan complete
Nov 29 13:49:42 (none) user.info kernel: kjournald starting.  Commit interval 5 seconds
Nov 29 13:49:42 (none) user.notice automount.sh: mdev[189] MOUNTED my_mount MDEV:sda ACTION:add TYPE:ext3 DEVPATH:/block/sda LABEL:ExternHDD
 UUID:1c1d82fa-cd04-4f46-b3b1-d5f9ee5a06bc MP:/media/ExternHDD
Nov 29 13:49:42 (none) user.notice automount.sh: mdev[189] Services:restart my_services MDEV:sda ACTION:add TYPE:ext3 DEVPATH:/block/sda LAB
EL:ExternHDD UUID:1c1d82fa-cd04-4f46-b3b1-d5f9ee5a06bc MP:/media/ExternHDD
Nov 29 13:49:43 (none) user.info kernel: EXT3 FS on sda, internal journal
Nov 29 13:49:43 (none) user.info kernel: EXT3-fs: mounted filesystem with ordered data mode.


The samba configuration is the default one, and the logs are empty

EDIT: There is something that I forgot to say, the message of not enough space it says that is for Netgear_USB not for ExternHDD, when I'm trying to write into ExternHDD.

Message 888 of 1,478

Re: New firmware with built in Torrent Client

@iFuSiiOnzZ wrote:

I've formated the hdd as ext3 and still have te problem with the space, for files bigger than 6MB still saying not enough space. Yes I'm reading/writting the correct place /media/ExternHDD, in my case.

=================== HDD INFO ===================

 /wwwbb/cgi-bin # df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/root                19776     19776         0 100% /
tmpfs                    12472      1152     11320   9% /tmp
tmpfs                     6236         0      6236   0% /media
tmpfs                     6236        12      6224   0% /dev
/dev/mtdblock18         131072      4740    126332   4% /tmp/mnt/storage
/dev/sda             480721640    202780 456099532   0% /media/ExternHDD




6MB seems to match the space available in "/media" (6236 1K blocks). Are you definately sure it is not trying to write to here ?  If you copy a file smaller then 6MB to the location and then do a "df -k", where are you finding the space being used ?






Message 889 of 1,478

Re: New firmware with built in Torrent Client

I'm quite shure I'm writing into ExternHDD, this is my path



Before writing something

/wwwbb/cgi-bin # df -h /media/ExternHDD/
Filesystem                Size      Used Available Use% Mounted on
/dev/sda                458.5G    198.0M    435.0G   0% /media/ExternHDD

After writing something (3.9MB)

/wwwbb/cgi-bin # df -h /media/ExternHDD/
Filesystem                Size      Used Available Use% Mounted on
/dev/sda                458.5G    201.9M    435.0G   0% /media/ExternHDD

Now I unplug from the router and I plug into PC and my written data is on it.



As you see here, after copying the data the size of /media didn't change


/wwwbb/cgi-bin # df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/root                19776     19776         0 100% /
tmpfs                    12472      1328     11144  11% /tmp
tmpfs                     6236         0      6236   0% /media
tmpfs                     6236        12      6224   0% /dev
/dev/mtdblock18         131072      4740    126332   4% /tmp/mnt/storage
/dev/sda             480721640    206772 456095540   0% /media/ExternHDD
Message 890 of 1,478

Re: New firmware with built in Torrent Client

If i make a copy of /etc/smb.conf into /tmp and I modify the path from /media to /media/EnternHDD now I can write without any kind of problem. The problem is that I have to execute manualy the samba client. Maybe when it uses /media as path it does some buffering before placing the data into the HDD. There is any script that executes at start up and can be modified?

Message 891 of 1,478

Re: New firmware with built in Torrent Client

@iFuSiiOnzZ: yes it appears to be a bug now I had a few minutes to look properly , thanks for reporting it - samba isnt seeing the mount point change and thus reports only the free space in /media (i.e. free space on the tmpfs filesystem).
@JediNite: yes i'll add a button or something to auto reset the PF!
Message 892 of 1,478

Re: New firmware with built in Torrent Client

@iFuSiiOnzZ wrote:

If i make a copy of /etc/smb.conf into /tmp and I modify the path from /media to /media/EnternHDD now I can write without any kind of problem. The problem is that I have to execute manualy the samba client. Maybe when it uses /media as path it does some buffering before placing the data into the HDD. There is any script that executes at start up and can be modified?

@iFuSiiOnzZ I found some references to a "dfree command" parameter that can be used in the smb.conf file.  Not sure if it would be suitable in this instance to fool Samba into using the space available on the mounted devices when working out free space.


Details on the manpage for smb.conf : https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html (search for dfree command)





Message 893 of 1,478

Re: New firmware with built in Torrent Client

@Jedi: yeah I was having a play about with dfree briefly the other day, just had a proper fiddle now and it appears to not work, as in doesn't get called at all....strange.
Mounting drive with more path isnt a problem but it makes having a web interface near impossible.
I shall carry on fiddling 🙂
Message 894 of 1,478

Re: New firmware with built in Torrent Client

...half a day later and some debug mods on dfree.c code ...
If you use windows and map a drive, dfree works as expected and you can copy files.
If you use windows and use a UNC path it always returns the size of the root share (free space on router) and so doesn't work.
If you use linux, whatever it does with samba to work out free space, doesnt touch any functions in dfree and so also doesnt work.
So in a nutshell each attached drive will get a auto made share instead(as previous firmware did) and I will have to ditch some of the finer controls in the web gui for samba.
Message 895 of 1,478

Re: New firmware with built in Torrent Client

Hi everybody,

I'm new here so please excuse me if asking answered question (tried to search of course).

I've flashed my DGND3700v1 with richud FW. It works fine but I'm trying to figure out how:

1. Set firewall to block access from particular IP in LAN to particular IP in WAN. There is possibility to block by keyword or domain name, but seems by IP is not possible. Please advise if I'm wrong.

2. Is it possible to set one of LAN ports to be mirror for WAN (or any other selected LAN)? Need to sniff using Wireshark traffic between router and internet. Can use tcpdump but Wireshark is more convenient for me.


Thx for support!



Message 896 of 1,478

Re: New firmware with built in Torrent Client


1) you can manipulate the firewall directly via ambit , see below, good luck!



2) the switch chip does provide port mirroring, you set most things on the chip via setting bit fields, via  /proc/switch53115, perhaps Page (0x02), see the bcmmii.h. I never bothered in the end....



If you dig through the disqus wiki comments on the main firmware page, there is more info from 'erm67', about a year ago with some examples of turning ports on and off which may help. Look for this to find the conversation thread.

echo "PAGE REGISTER NUMBYTES BYTE1 BYTE2 BYTE3 ......" > /proc/switch53115


Message 897 of 1,478

Re: New firmware with built in Torrent Client

@mirek: also tcpdump is in the firmware, that may be a simpler way to do what you want.
Message 898 of 1,478

Re: New firmware with built in Torrent Client


fixed ;

samba share free space, vsftpd paths (allows free type), non-duplicate entry timezones, re-enable same SSID for 2 and 5ghz


updated progs;

miniDLNA , samba


fixed and broken;

PF  -> have changed the 2 variable names httpd used to hold PF data which means for anyone upgrading you won't(shouldn't) now have a problem with it as it uses new parameters. It will also still be then backwards compatible with old firmware.


For anyone who has and manually had to fix it already, you will need to re-enter your mappings (or copy the nvram  values.)


inbound_policy_tbl is now inbound_policy_tab 

pf_services_tbl is now pf_services_tab


Basically the problem (as far as I can tell) was that the old system (specifically in pf_services_tbl)  had just two ports defined where the new needs 4 (start/end/in/out) otherwise the web gui fails.

Hopefully that is the end of it!

Message 899 of 1,478

Re: New firmware with built in Torrent Client

Up and running on 12/04 just fine. As you said I had to re-establish PF, but they were retained just fine on reboot. One question... 2 of my 3 PF's show Open from Shields Up and 1 shows as Stealth. Why would they show different? Would there be any advantage for all 3 to show Stealth?

Message 900 of 1,478

Orbi WiFi 7