Tomato (firmware)

Last updated
Tomato Firmware
Tuxt.png
Original author(s) Jonathan Zarate
Developer(s) Tomato Project
Initial releaseDecember 2006;14 years ago (2006-12)
Final release
1.28 / June 28, 2010;
10 years ago
 (2010-06-28)
Written in C++
Operating system Linux
Platform MIPS, ARM
Type Routing software
License Freeware
Backend: GNU General Public License
Frontend: proprietary [1]
Website www.polarcloud.com/tomato

FreshTomato
Stable release
2021.1 / February 20, 2021;11 days ago (2021-02-20)
Repository bitbucket.org/pedro311/
Platform MIPS, ARM
Website freshtomato.org

Tomato is a family of community-developed, custom firmware for consumer-grade computer networking routers and gateways powered by Broadcom chipsets. The goal of the project is to provide users with an alternative to the firmware pre-installed on their equipment by the manufacturer, providing:

Contents

History

Tomato was originally released by Jonathan Zarate in 2006, using the Linux kernel and drawing extensively on the code of HyperWRT. It was targeted at many popular routers of the time, most notably the older Linksys WRT54G series, Buffalo AirStation, Asus routers and Netgear WNR3500L. [2] His final release of the original Tomato firmware came in June 2010, by which point its popularity had grown large enough that development and support continued through the user community, resulting in a series of releases (dubbed "mods") by individual users or teams of them that continues to the present day.

Fedor Kozhevnikov created a notable early mod he called TomatoUSB, which ceased development in November 2010. [3] It was then forked by other developers [4] and remains the nearest common ancestor to all of the forks with any recent activity. Arguably the project's largest recognition to date came when Tomato was chosen by Asus as the base used to build the firmware currently preinstalled on their entire line of home routers, ASUSWRT. [5] [6]

As is often seen in projects founded on volunteer effort, the Tomato ecosystem slowly became more fragmented over time and thus more vulnerable to attrition. As of 2020 there is only a single extant fork under active development: FreshTomato. [7]

Features

Several notable features have been part of Tomato long enough to be common to all forks, among them are:

Feature comparison

Mod nameBase
version
Mod
version
Latest
release
5 GHz
(802.11
a/n/ac/ax)
IPv6 USB
support
Memory card
support
VPN
protocols [lower-alpha 1]
SFTP Virtual LANs
TomatoVPN
(SgtPepperKSU) [8]
1.27 [lower-alpha 2] 1.27vpn3.6Jan 2010NoNoNoNo OpenVPN NoNo
Tomato1.28 [lower-alpha 3] 1.28Jun 2010NoNoNoNoNoNoNo
Tomato ND1.28 [lower-alpha 4] NoNoNoNoNoNoNo
SpeedMod
(hardc0re)
1.28 [lower-alpha 2] 120Jul 2010NoNoNoNoNoNoNo
TomatoUSB
(Teddy Bear) [9]
1.28 [lower-alpha 4] Build 54Nov 2010YesYes Printer sharing,
NAS (CIFS/FTP),
DLNA server
No OpenVPN Via
Optware
Yes
slodki1.28 [lower-alpha 4] 1.28.02Feb 2011NoNo Printer sharing,
NAS (CIFS/FTP)
SD,
SDHC,
MMC
OpenVPN Via
Optware
No
DualWAN [10] 1.28 [lower-alpha 2] 1.28.0542Jan 2012NoYes Printer sharing,
NAS (CIFS/FTP),
DLNA server,
3G Modem
No OpenVPN,
PPTP
Via
Optware
Yes
Teaman [11] 1.28 [lower-alpha 4] v0025Jun 2012YesYes Printer sharing,
NAS (CIFS/FTP),
3G Modem
SD,
SDHC,
MMC
OpenVPN,
PPTP (server)
Via
Optware
With GUI
EasyTomato [12] 1.28 [lower-alpha 2] 0.8Jun 2013YesYes Printer sharing,
NAS (CIFS/NFSv3/FTP),
DLNA server,
3G Modem
SD,
SDHC,
MMC
OpenVPN,
PPTP
Via
Optware
With GUI
Victek RAF [13] 1.28 [lower-alpha 2] 1.28.9013 R1.3Jul 2014YesYes Printer sharing,
NAS (CIFS/NFSv3/FTP),
DLNA server,
3G Modem
SD,
SDHC,
MMC
OpenVPN,
PPTP
Via
Optware
With GUI
Toastman [14] 1.28 [lower-alpha 2] RT: 1.28.7511.5
RT‑N: 1.28.0511.5
ARM: 1.28.9008.8
Jan 2017YesYes Printer sharing,
NAS (CIFS/NFSv3/FTP),
DLNA server,
3G Modem
SD,
SDHC,
MMC
OpenVPN,
PPTP
Via Entware‑ng
or
Optware‑ng
With GUI
Shibby1.28 [lower-alpha 2] v140‑MultiWANMay 2017YesYes Printer sharing,
NAS (CIFS/NFSv3/FTP),
DLNA server,
3G/LTE Modem,
UPS monitoring
SD,
SDHC,
SDXC,
MMC
OpenVPN, PPTP,
L2TP (client),
tinc (server)
Via Entware
or
Optware‑ng
With GUI
AdvancedTomato V21.28 [lower-alpha 2] 3.5-140Nov 2017YesYes Printer sharing,
NAS (CIFS/NFSv3/FTP),
DLNA server,
3G/LTE Modem
and UPS monitoring
SD,
SDHC,
SDXC,
MMC
OpenVPN, PPTP,
L2TP (client),
tinc (server)
Via Entware
or
Optware‑ng
With GUI
FreshTomato‑ARM
and
FreshTomato‑MIPS
1.28 [lower-alpha 2] 2021.1 [15] Feb 2021YesYes Printer sharing,
NAS (SMB2/NFSv4/FTP),
DLNA server,
3G/LTE Modem
and UPS monitoring
SD,
SDHC,
SDXC,
MMC
OpenVPN, PPTP,
L2TP (client),
tinc (server)
Via Entware
or
Optware‑ng
With GUI
Mod nameBase
version
Mod
version
Latest
release
5 GHz
(802.11
a/n/ac/ax)
IPv6 USB
support
Memory card
support
VPN
protocols
SFTP Virtual LANs

Feature comparison (cont.)

Name
Static ARP
Bandwidth limiter
NFS server
BitTorrent client
Guest WiFi
PPPoE server
Tor client
MultiWAN
Siproxd VoIP
LED control
Theming  [16]
Per-IP traffic stats
TomatoVPN
(SgtPepperKSU)
NoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNo
TomatoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNo
Tomato NDNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNo
SpeedMod
(hardc0re)
NoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNo
TomatoUSB
(Teddy Bear)
NoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoYesNo
slodkiNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNoNo
DualWANYesYesNoYesNoYesNoNoNoNoYesNoNoNoNoNoYesYesYes
TeamanYesYesNoNoWith
GUI
NoNoNoNoNoNoNoNoNoNoNoYesYesYes
EasyTomatoYesYes Version 3 NoWith
GUI
NoNoNoNoNoNoNoNoNoNoNoYesYesYes
Victek RAFYesVLAN Version 3 NoWith
GUI
NoWith
GUI
With
GUI
NoNoNoWith
GUI
With
GUI
by scriptNoNoYesYesYes
ToastmanYesYes Version 3 NoWith
GUI
NoNoWith
GUI
NoNoNoNoNoNoNoNoYesYesYes
ShibbyYesVLAN Version 3
(with GUI)
With
GUI
With
GUI
NoWith
GUI
YesWith
GUI
YesYesNoYesYesYesby scriptYesYesYes
AdvancedTomato V2YesVLAN Version 3
(with GUI)
With
GUI
With
GUI
NoWith
GUI
YesWith
GUI
YesYesNoYesYesYesby scriptYesYesYes
FreshTomato‑ARM
and
FreshTomato‑MIPS
YesVLAN Version 4
(with GUI)
With
GUI
With
GUI
NoWith
GUI
YesWith
GUI
YesYesNoYesYesYesby scriptYesYesYes
Name
Static ARP
Bandwidth limiter
NFS server
BitTorrent client
Guest WiFi
PPPoE server
Tor client
MultiWAN
Siproxd VoIP
LED control
Theming  [16]
Per-IP traffic stats
  1. Firmware supports listed protocols in client and server modes unless specified
  2. 1 2 3 4 5 6 7 8 9 Tomato standard and ND
  3. Tomato standard only
  4. 1 2 3 4 Tomato ND (New Driver) only

Supported routers

The Tomato by Shibby, [17] AdvancedTomato [18] and FreshTomato [19] projects offer lists of supported devices on their respective websites.

See also

Related Research Articles

AirPort

AirPort is the name given to a series of products by Apple Inc. using the Wi-Fi protocols. These products comprise a number of wireless routers and wireless cards. The AirPort Extreme name was originally intended to signify the addition of the 802.11g protocol to these products.

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

Wireless access point

In computer networking, a wireless access point (WAP), or more generally just access point (AP), is a networking hardware device that allows other Wi-Fi devices to connect to a wired network. As a standalone device, the AP may have a wired connection to a router, but, in a wireless router, it can also be an integral component of the router itself. An AP is differentiated from a hotspot which is a physical location where Wi-Fi access is available.

Captive portal

A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement, acceptable use policy, survey completion, or other valid credentials that both the host and user agree to adhere by. Captive portals are used for a broad range of mobile and pedestrian broadband services – including cable and commercially provided Wi-Fi and home hotspots. A captive portal can also be used to provide access to enterprise or residential wired networks, such as apartment houses, hotel rooms, and business centers.

Internet Connection Sharing (ICS) is a Windows service that enables one Internet-connected computer to share its Internet connection with other computers on a local area network (LAN). The computer that shares its Internet connection serves as a gateway device, meaning that all traffic between other computers and the Internet go through this computer. ICS provides Dynamic Host Configuration Protocol (DHCP) and network address translation (NAT) services for the LAN computers.

The Freebox is an ADSL-VDSL-FTTH modem and a set-top box that the French Internet service provider named Free provides to its DSL-FTTH subscribers.

Pharming is a cyberattack intended to redirect a website's traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real IP addresses. Compromised DNS servers are sometimes referred to as "poisoned". Pharming requires unprotected access to target a computer, such as altering a customer's home computer, rather than a corporate business server.

Wireless router device that functions as a router and wireless access point

A wireless router is a device that performs the functions of a router and also includes the functions of a wireless access point. It is used to provide access to the Internet or a private computer network. Depending on the manufacturer and model, it can function in a wired local area network, in a wireless-only LAN, or in a mixed wired and wireless network.

Wireless security

Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks, which include Wi-Fi networks. The most common type is Wi-Fi security, which includes Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is a notoriously weak security standard: the password it uses can often be cracked in a few minutes with a basic laptop computer and widely available software tools. WEP is an old IEEE 802.11 standard from 1997, which was superseded in 2003 by WPA, or Wi-Fi Protected Access. WPA was a quick alternative to improve security over WEP. The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP. Enterprises often enforce security using a certificate-based system to authenticate the connecting device, following the standard 802.11X.

DSL modem Type of computer network modem; network equipment

A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet, which is often called DSL broadband.

Home network

A home network or home area network (HAN) is a type of computer network that facilitates communication among devices within the close vicinity of a home. Devices capable of participating in this network, for example, smart devices such as network printers and handheld mobile computers, often gain enhanced emergent capabilities through their ability to interact. These additional capabilities can be used to increase the quality of life inside the home in a variety of ways, such as automation of repetitive tasks, increased personal productivity, enhanced home security, and easier access to entertainment.

SpeedTouch

SpeedTouch is the brand name of a line of networking equipment produced by Alcatel and Technicolor SA. Before 27 January 2010 Technicolor was known as Thomson SA.

A residential gateway is a small consumer-grade router which provides network access between local area network (LAN) hosts to a wide area network (WAN) via a modem. The modem may or may not be integrated into the hardware of the residential gateway. The WAN is a larger computer network, generally operated by an Internet service provider.

The DG834 series are popular ADSL modem router products from Netgear. The devices can be directly connected to the phone line and establish an ADSL broadband Internet connection to the ISP and share it among several computers via 802.3 Ethernet and 802.11b/g wireless data links.

In computing, Microsoft's Windows Vista and Windows Server 2008 introduced in 2007/2008 a new networking stack named Next Generation TCP/IP stack, to improve on the previous stack in several ways. The stack includes native implementation of IPv6, as well as a complete overhaul of IPv4. The new TCP/IP stack uses a new method to store configuration settings that enables more dynamic control and does not require a computer restart after a change in settings. The new stack, implemented as a dual-stack model, depends on a strong host-model and features an infrastructure to enable more modular components that one can dynamically insert and remove.

Windows Rally is a set of technologies from Microsoft intended to simplify the setup and maintenance of wired and wireless network-connected devices. They aim to increase reliability and security of connectivity for users who connect the devices to the Internet or to computers running Microsoft Windows. These technologies provide control of network Quality of Service (QoS) and diagnostics for data sharing, communications, and entertainment. Windows Rally technologies provide provisioning for the following devices:

Linksys manufactures a series of network routers. Many models are shipped with Linux-based firmware and can run third-party firmware. The first model to support third-party firmware was the very popular Linksys WRT54G series.

Gargoyle (router firmware)

Gargoyle is a free OpenWrt-based Linux distribution for a range of wireless routers based on Broadcom or Atheros chipsets, Asus Routers, Netgear, Linksys and TP-Link routers. Among notable features is the ability to limit and monitor bandwidth and set bandwidth caps per specific IP address.

References

  1. Zarate, Jonathan. "Tomato Firmware, tomato/release/src/router/www/tomato.js source file". Sourceforge.net. Retrieved 23 September 2014. Copyright 2006-2010 Jonathan Zarate For use with Tomato Firmware only. No part of this file may be used without permission.
  2. "Tomato Firmware | polarcloud.com". www.polarcloud.com. Retrieved 2016-10-05.
  3. "Tomato by Shibby » About Tomato (ang.)". tomato.groov.pl. Retrieved 2016-10-05.
  4. List of Tomato Mods on the TomatoUSB website
  5. "Asus ASUSWRT" . Retrieved 2018-01-03.
  6. "Asuswrt-Merlin » About" . Retrieved 2018-01-03.
  7. "FreshTomato source code" . Retrieved 2020-10-01.
  8. TomatoVPN official website
  9. TomatoUSB Mod (Teddy Bear) Home page.
  10. DualWAN Mod Home page.
  11. Teaman Mod Home page. Augusto Bott is the author of the VLANs GUI, Per-IP Traffic Stats (author of cstats, which keeps per-IP data/track/history), Client Monitor Graphs (author of IPTraffic) and author of the Guest SSID GUI.
  12. "EasyTomato Home Page" . Retrieved 2019-03-11.
  13. Victek RAF Mod Home page
  14. Toastman Mod Home page. Tomato builds with many useful added features. Lean, stable, and fast with minimal bells and whistles, with a focus on QoS and Administration. Based on TomatoUSB and RT (selected features included from other firmware, plus new mods).
  15. "FreshTomato - Alternative open source firmware for Broadcom-based routers".
  16. 1 2 "About Tomato Theme Base" . Retrieved 2019-05-09.
  17. "Tomato by Shibby » Router List". tomato.groov.pl. Retrieved 2016-12-10.
  18. "AdvancedTomato » Downloads". advancedtomato.com. Retrieved 2016-12-10.
  19. "FreshTomato » Downloads". freshtomato.org. Retrieved 2020-04-17.