I am also getting exception with the latest NSS build:
Mar 5 22:30:57 OpenWrt https-dns-proxy[26468]: [E] 92532.1678055457 (null):875418 3A75: Setting HTTP/2 version failed with 1: Error
Mar 5 22:30:57 OpenWrt https-dns-proxy[26468]: [E] 92532.1678055457 (null):875451 Try to run application with -x argument! Falling back to HTTP/1.1 version.
Mar 5 22:30:57 OpenWrt https-dns-proxy[26469]: [E] 92532.1678055457 (null):875578 3A75: Setting HTTP/2 version failed with 1: Error
Mar 5 22:30:57 OpenWrt https-dns-proxy[26469]: [E] 92532.1678055457 (null):875607 Try to run application with -x argument! Falling back to HTTP/1.1 version.
I believe this is causing my https-dns-proxy to stop and start over and over again every minute. Any idea how to fix this?
CC: @KONG
That is just an informal message telling you that the server you are connecting to does not support HTTP/2 and thus HTTP/1.1 is used, if https-dns-proxy starts over again, then there is a different problem, e.g. wan goes up and down every minute and triggers a restart of https-dns-proxy.
Thanks for your reply! Next update you make on the nss build, I can try getting logs or whatever you need to take a look if you want. I recently changed to ACwifidude NSS 22.03 build and everything is perfect. No error from https-dns-proxy either. I have XR500 that I was thinking about setting up and trying with your build to see if I get the same problem.
Quick update, I had the same problem with the NSS build on my XR500. The WAN would go up and down every minute. I ended up just flashing ACwifidude's NSS 22.03 build on my XR500 and flashed the Kong NSS build on my R7800 that I setup as a dumb AP. Performance is great wired and wireless. I have zero complaints with the current network setup. Thanks for the great build @KONG
I have just installed the 22.03/ipq806x-nss build dated 2023-03-10 on my R7800. Alas, it does not contain kmod-usb-net-dm9601-ether. Can someone help me creating a build environment for this kernel version so that I can build this kernel module myself?
By the way, with latest source sync the https-dns-proxy error is gone, obviously this was a problem in the app itself.
Probably in the next few days I'll upgrade my main router to 22. I already have 22 builds running at work with 180+ days uptime and no issues. Then I plan on dropping 21 builds as support officially ends in April. I have not been very active lately since I started working on custom android builds.
ACwifidude, thanks for the detailed instructions. I have built 22.03 branch but the packages built do not include kmod-usb-net-dm9601-ether. How can I choose to add this kmod to be built?
FYI: I have now migrated my main unit to 22.03. My setup is quite complex and I had to setup from scratch.
This revealed a few little probs in my 22 build. E.g. missing options, one or 2 theme issues.
Since I soon drop 21 builds, you should get ready to upgrade to 22. For me one missing feature in firewall4 caused some trouble. nft command does not allow to delete a rule by the defintion that was used to add/insert it (wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes#Simple_IP.2FIPv6_Firewall).
This is a pain in the ass if you add/remove rules via cron, where you only want to disable a single rule without flushing other rules/chains that were created through cron. Thus I created a little script called in /bin/nft-delete, that allows to simple delete a rule by definition without the need to query the rules to get a handle etc., e.g.:
0 1 * * * nft insert rule inet fw4 user_pre_forward ip saddr 192.168.1.50 counter drop
0 8 * * * nft-delete rule inet fw4 user_pre_forward ip saddr 192.168.1.50 counter drop
Also I heavily used /etc/firewall.user through webif. With fw4 this tab was gone. I enabled it again, but it edits now /etc/nftables.d/10-custom-filter-chains.nft. This is the place where you can add your custom rules in nft syntax. If you used custom iptables rules, just use iptables-translate and add them into the right section.
For the upgrade I don't recommend an upgrade without reset. Thus you should backup config, take screenshots and setup from scratch. You can always extract the backup and copy and paste IPs,MACs etc. from the old configs.
After “cp diffconfig .config” and “make defconfig” - these yes selections should be in your .config file. After your build you should see these packages in your manifest file in your bin folder. Are these packages in your .config and manifest file?
if the packages are in your .config and manifest files then they should be in your image. You can try to sysupgrade your image you built and see if it will load. The packages you show there are in my standard build (kmod-usb-core and kmod-nls-base, my build doesn't have kmod-usb-net). Try loading your sysupgrade and seeing if it loads the packages you added.
I had to change CONFIG_TARGET_DEVICE_ipq806x_generic_DEVICE_netgear_r7800=y to CONFIG_TARGET_ipq806x_generic_DEVICE_netgear_r7800=y
I copied the diffconfig from your first post. Seemed a bit old... Thanks for ya help.