Software Update: Asuswrt-Merlin 384.14

Asus uses Tomato-derived firmware called Asuswrt for its newer routers, such as the RT-AC87 and RT-AC5300. This firmware is, with the exception of a few drivers, open source, whereby the closed binaries are included. Asuswrt-merlin, in turn, is a modified version of the original firmware from Asus. It includes bug fixes and minor improvements, but still tries to stay close to the original, so that it remains possible to add new features that Asus introduces to the code. The complete changelog for version 384.14 is up this page Here are the highlights in a nutshell:

Asuswrt-Merlin 384.14 (and 384.13_2) are now available

Asuswrt-Merlin 384.13_2 (RT-AC87U and RT-AC3200), and 384.14 (other models) are now available. The 384.13_2 release mostly focuses on fixes backported from 384.14. Since the 382 and 384 codebases are now too different, compiling these two older models with newer GPL code is not possible unless obtaining special binary components from Asus, which I was not able to do for 384.14. The 384.14 release for other models focuses on GPL merges and fixes.

The highlights:

  • GPL updates: 384_6436 (RT-AX88U), 384_81351 (other models, with 384_81116 binary blobs used for the RT-AC88U/RT-AC3100), which contains Let’s Encrypt fixes.
  • Added option to prevent automatic DoH upgrade by Firefox. By default this option will only prevent automatic upgrade if you use DNSFilter or DNSPrivacy (DNS-over-TLS). You can change it to always prevent the upgrade. Note that this option has no impact if you manually decide to enable DoH in Firefox, only for its automatic option currently only available in the US.
  • Updated components: miniupnpd 20190824, dnsmasq 2.80-95-g1aef66b, OpenSSL (1.0.2t/1.1.1d), curl (7.66), OpenVPN (2.4.8) and nano (4.4).
  • Made self-generated SSL certificate compliant with new IOS 13 and MacOS 10.15 requirements (reduced duration to two years, and added missing attribute)
  • Re-implemented the faketc script (which injects fq_codel support into Adaptive QoS) as a binary executable for better performance (reducing the chances of warning messages during QoS initialization if QoS took too long to initialize)
  • Enhancements to the IPv6 firewall webui (now accepts empty fields to denote “Any IP”, and improved EUI-64 handling)
  • Re-added low nvram notification (was lost a few years ago in the move to 382)
  • A number of fixes to Let’s Encrypt support
  • A number of misc fixes, please see the changelog for the complete list

Changelog is here.

Version number 384.14
Release status Final
Website Asuswrt-Merlin
License type Freeware