Turris OS 3.10.7 is out!



Dear Turris users,

we just released Turris OS 3.10.7. It contains just few minor polishing touches to 3.10.6. Fixing missing symbols in ath10k-ct, updating kernel and wireguard and fixing lighttpd config file for people who manually altered it. Full release notes are as follows:

  • kernel, ath10k-firmware, wireguard: update
  • ath10k-ct: fix missing symbols
  • lighttpd: fix manually edited configuration file

If you encounter any regressions, please let us know, but this should be pretty calm release.



Do you have changed anything in OS so that after 3.10.*(maybe 4 or 5 or 6) it limits p2p downloading?
it is stuck at 10MB/s and only when there is more than 200 seeders than it gets up a little bit but also limited.
Can’t undredstand the reason.

PS If I connect directly to ips’s switch, I get full download speed. If again to omnia(not matter wi-fi or eth) than again only 10MB/s


Seems to mostly be working. OpenVPN is not though, fails to generate client config and also fails to start. I used the config web page to set it up after installing it via the updater page.

2018-09-27 10:14:33 notice openvpn(server_turris)[28428]: OpenVPN 2.4.6 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2018-09-27 10:14:33 notice openvpn(server_turris)[28428]: library versions: OpenSSL 1.0.2p 14 Aug 2018, LZO 2.08
2018-09-27 10:14:33 notice openvpn(server_turris)[28428]: Diffie-Hellman initialized with 2048 bit key
2018-09-27 10:14:33 err openvpn(server_turris)[28428]: OpenSSL: error:02001002:lib(2):func(1):reason(2)
2018-09-27 10:14:33 err openvpn(server_turris)[28428]: OpenSSL: error:2006D080:lib(32):func(109):reason(128)
2018-09-27 10:14:33 err openvpn(server_turris)[28428]: OpenSSL: error:140AD002:lib(20):func(173):reason(2)
2018-09-27 10:14:33 err openvpn(server_turris)[28428]: Cannot load certificate file /etc/ssl/ca/openvpn/01.crt
2018-09-27 10:14:33 notice openvpn(server_turris)[28428]: Exiting due to fatal error

Searching on here revealed try this:
sh /usr/share/dhparam/generate_dh.sh

which results in this:
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
/usr/share/dhparam/generate_dh.sh: line 9: /etc/init.d/dhparam: not found

So no OpenVPN for me at the moment. :frowning:


Found the solution.
Not actual already.


So I now have openvpn running. Something must be broken somewhere in the installation though.

I removed and reinstalled dhparam, which allowed the above sh script to complete.
I had to then manually copy CA.key and CA.crt to 01.key and 01.crt to get it to start.


Hmmm - so syslog shows the vpn is up and ready for business but the web interface is still sat there spinning away
" Generating certificate authority

The CA necessary for the OpenVPN server is being generated. The time required for generating CA may differ. It could take up to 30 minutes. Please try to reload this page later."

It’s been like that since 17h ago! Even persists through reboots.
Any ideas where I can see what’s going on (a log file?) or how I can reset it? (without resetting the whole router settings perhaps?)


main config fixed, but “module.d” folder has some duplicate files causing lighttpd not start at all. After cleanup (removing the new ones) all went fine.

Lighttpd-mod-simple_vhost issue after update to 3.10.6 / 3.10.7

How can i see if i have this update or not ? i see different verions of user interfaces but turris os version which is mentioned here where can i display it ?


ssh: cd /etc; cat turris-version

or Foris -> About



thanks i knew i saw it somewhere .

its weird that it shows 3.10.7 when the notification in forris says update failure due to connection error :slight_smile:

Error from 2018/10/07 21:59:05

Updater selhal:

unreachable: https://repo.turris.cz/omnia/lists/base.lua: Couldn’t resolve host ‘repo.turris.cz’



Updater checks every 4 hours if there’s a new update. Once the router cannot reach our server, it will tell you that it didn’t resolve host repo.turris.cz, which could be caused by temporary internet access outage - most possible that your ISP maintains their infrastructure at night.

You can check if you have the latest version in Foris’s tab About or it can be noticed from kernel version, which we’re updating very often. The kernel version can be found also in LuCI. For some cases, it is possible to know the version of Turris OS from file /etc/turris-version.

Anyway, the Foris version can be same between two or more minor releases of Turris OS.


I encountered this issue this morning, which took my 5Ghz network offline:

2018-10-11 05:26:56 warning kernel[]: [  258.911673] WARNING: CPU: 0 PID: 2942 at /home/beast/beast/workspace/omnia-stable/build_dir/target-arm_cortex-a9+vfpv3_musl-1.1.15_eabi/linux-mvebu/compat-wireless-2017-01-31/net/mac80211/driver-ops.h:17 ieee80211_iter_keys_rcu+0x5b4/0x86c [mac80211]()
2018-10-11 05:26:56 warning kernel[]: [  258.911682] wlan0:  Failed check-sdata-in-driver check, flags: 0x9
2018-10-11 05:26:56 warning kernel[]: [  258.911689] Modules linked in: qcserial option iptable_nat ath9k usb_wwan snd_usb_audio rndis_host qmi_wwan pppoe nf_nat_pptp nf_nat_ipv4 nf_nat_amanda nf_conntrack_pptp nf_conntrack_netlink nf_conntrack_ipv6 nf_conntrack_ipv4 nf_conntrack_amanda ipt_REJECT ipt_MASQUERADE ebtable_nat ebtable_filter ebtable_broute cdc_ether ath9k_common armada_thermal xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_id xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_LOG xt_HL xt_DSCP xt_CT xt_CLASSIFY usbserial usbnet ums_usbat ums_sddr55 ums_sddr09 ums_karma ums_jumpshot ums_isd200 ums_freecom ums_datafab ums_cypress ums_alauda ts_kmp ts_fsm ts_bm thermal_sys snd_usbmidi_lib pppox ppp_mppe ppp_async nfnetlink nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_nat_h323 nf_nat_ftp nf_nat nf_log_ipv4 nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_irc nf_conntrack_h323 nf_conntrack_ftp nf_conntrack_broadcast mvsdio iptable_raw iptable_mangle iptable_filter ipt_ECN ip_tables hwmon ebtables ebt_vlan ebt_stp ebt_redirect ebt_pkttype ebt_mark_m ebt_mark ebt_limit ebt_among ebt_802_3 crc_ccitt cdc_wdm ath9k_hw fuse sch_cake sch_teql sch_tbf sch_sfq sch_red sch_prio sch_pie sch_netem sch_htb sch_gred sch_fq sch_dsmark sch_codel em_text em_nbyte em_meta em_cmp cls_basic act_vlan act_police act_pedit act_nat act_ipt act_gact act_csum act_bpf act_connmark nf_conntrack act_skbedit act_mirred em_u32 cls_u32 cls_tcindex cls_flow cls_route cls_fw sch_hfsc sch_ingress ath10k_pci ath10k_core ath mac80211 cfg80211 compat ledtrig_usbdev ledtrig_oneshot xt_LED ledtrig_morse ledtrig_heartbeat ledtrig_gpio cryptodev ip6t_REJECT nf_reject_ipv6 nf_log_ipv6 nf_log_common ip6table_raw ip6table_mangle ip6table_filter ip6_tables x_tables pppoatm ppp_generic slhc nfsd nfsv3 msdos ip_gre gre ifb sit ip6_tunnel tunnel6 tunnel4 ip_tunnel veth tun snd_compress snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_rawmidi snd_seq_device snd_hwdep snd input_core soundcore rxkad vfat fat udf crc_itu_t ntfs nfs_layout_nfsv41_files nfsv4 nfs auth_rpcgss oid_registry lockd sunrpc grace minix isofs hfsplus hfs cramfs configfs cifs autofs4 kafs af_rxrpc dns_resolver dm_crypt dm_mirror dm_region_hash dm_log dm_mod br2684 atm multipath fscache raid456 async_raid6_recov async_pq async_xor async_memcpy async_tx raid10 raid1 raid0 linear md_mod nls_utf8 nls_koi8_r nls_cp1255 nls_iso8859_6 nls_iso8859_2 nls_iso8859_15 nls_iso8859_13 nls_iso8859_1 nls_cp932 nls_cp866 nls_cp864 nls_cp862 nls_cp852 nls_cp850 nls_cp775 nls_cp437 nls_cp1251 nls_cp1250 xts algif_skcipher algif_hash af_alg sha512_generic sha256_generic sha1_generic seqiv jitterentropy_rng drbg pcbc md5 md4 marvell_cesa hmac gf128mul fcrypt ecb des_generic ctr cmac ccm cbc authenc xhci_plat_hcd xhci_pci xhci_hcd uhci_hcd ledtrig_transient ehci_orion ehci_platform ehci_hcd ahci_platform uas usb_storage xfs libcrc32c jfs f2fs exfat usbcore nls_base usb_common mii aead crypto_null
2018-10-11 05:26:56 warning kernel[]: [  258.912192] CPU: 0 PID: 2942 Comm: kworker/0:2 Tainted: G        W       4.4.157-0a333a8e606ab056173befac424900d2-1 #1
2018-10-11 05:26:56 warning kernel[]: [  258.912196] Hardware name: Marvell Armada 380/385 (Device Tree)

Link to whole stacktrace on pastebin. The uptime was at about 1h30m and I made a copy of /var/log/messages before rebooting. Will update this thread if I encounter it again. :slight_smile:


Upon updating from 3.10.5 to 3.10.7 (the router was offline for a month) the lighthttpd stops to work with the error messages similar to people that transitioned from .5 to .6 (e.g. error parsing the config).

The lighttpd.conf file contains the “include” directive both in the after-updated version and in the .5 rollbacked version.

In the past, i have added a web-page to switch GPIO pin 0/1, but I do not remember the modifications I made, and I do not see modifications in the lighttpd.conf file.

For now, I have disabled updates and I stick to .5 – what information should I provide to help localize the issue?