Upgrading D-Link DIR-868L A1 firmware to Tomato

I was finally able to upgrade the firmware on my old but trusty D-Link DIR-868L router to Tomato firmware.

The process is a little bit involved and it’s very easy to brick your router. Fortunately, this router provides a relatively easy way to perform recovery.

Note this instruction is for DIR-868L rev A1. There are more than one version of this router and the process could differ for each of those versions.

At a high level, you will need to upgrade the firmware to DD-WRT first and then to Tomato. We will use Tomato by Shibby.

Step 1: Upgrade to DD-WRT

You cannot simply use any DIR-868L version of DD-WRT firmware. You need R25974 or prior. If you use any firmware after that version you may not be able to flash it and if that happens your device will be bricked.

You will need two files: factory-to-ddwrt.bin and dir868-webflash.bin

Download the two files from this link. The links are for R25974.

After you download, first flash the firmware “factory-to-ddwrt.bin” using the D-Link router’s firmware upgrade page.

The process could take up to 3 minutes. Once successfully flashed your router will reboot. Then go to the router page (default is and immediately upgrade the firmware to “dir868-webflash.bin“. If all goes well router will reboot once again. At this point, you are set to proceed to Step 2

Step 2: Upgrade to Tomato firmware

Download the latest Tomato by Shibby firmware from this link. The build I used was 140; direct link.

Download the zip file and extract it. Then flash the “tomato-DIR868L-ARM–xxx-special.trx” file with “Reset to Default Settings”. As usual the process could take up to 3 minutes. Once complete, Tomato firmware should boot up. Right after this, go to “Administration -> Configuration” and choose “Erase all data in NVRAM memory (thorough)” option. This will take a few more minutes. Once done, you are all set!

Bricked the router?

D-Link DIR-868L provides an easy way to recover.

  • Download the latest available firmware on the official D-Link website of the router revision
  • Unplug all cables (incl. power cable) from the router
  • Connect the router to the PC using one of the 4 switch ports
  • Set the PC TCP/IPv4 address to and use as the Subnet mask
  • Power-on the router with a paperclip pushing the hidden reset button located on the bottom of the device for a few seconds, when the Power LED starts blinking, release the reset button
  • Open browser and navigate to
  • Upload the stock firmware, when completed the router should report to reboot
  • The router should now be running stock and accessible on the default address.


mjml + jinja2 = awesome

If you have ever tried programmatically sending HTML emails, you probably know how giant of a pain in the rear it is. It’s all because while HTML has progressed in the world of Internet, the Email HTML is still way way behind. There are no set standards and most of the times, you end up doing too much manual HTML coding. In today’s world, surely there must be something you can do about it, right? Turns out, yes. MJML tries to standardize and speed up HTML email layout creation. Think of it as Bootstrap for Email. MJML comes with it’s tagging format. The resulting layouts are very cross-platform and responsive, just like today’s modern websites are. Granted, things can never be 100% perfect in the Email world, but MJML gets you to at least 90% there.

Then, if you are using Python you can make Emails dynamic using Jinja library. There is some work involved in tying the two together, i.e. making MJML and Jinja work seamlessly, but once set up, they work very very nicely.

To be continued…


SELinux fix to allow Docker containers access to Kernel modules

This is most likely after effect of Spectre and Meltdown Kernel patches rolled out for CentOS. My OpenVPN container could not access /dev/net/tun device even though the Run Script had necessary parameters.




SELinux fix for Mergerfs to allow Docker and Samba access

I recently started using Snapraid and Mergerfs setup to manage my disk pool. I have ~27TB of raw storage which I am managing.

While setting up Mergerfs as usual ran into SELinux issues that will prohibit Docker and Samba access to the storage. So, here’s my fix.




Docker Container for SMTP Relay

SMTP Relay service allows you to use an external SMTP server to send your mails through. After many frustrating hours of working with several SMTP Relay Docker Images, I finally found the one that works.

Link: https://hub.docker.com/r/tecnativa/postfix-relay/

Configuration is very easy; Sample Run script

After this you will have a running Docker container that will relay all your emails to the “smtpserver” you have set.


Create To addresses for Local Linux Users

If you want to set external email address to be used as “To” address for System users then edit the file “/etc/mail.rc”

Add entries such as

alias root [email protected]


Docker Container for phpMyAdmin

Been containerizing a lot of my tools and just added phpMyAdmin to that list.

It’s very easy to get going with it esp. if you also happen to have a Docker container running MySQL albeit with one minor issue.

Official docker hub page: https://hub.docker.com/r/phpmyadmin/phpmyadmin/

Use an example Docker Run script below

  • localport is the port you want phpMyAdmin to use. Generally it’s port 80 but I like to override that with a different port#
  • mysqlcontainer is the name of the running MySQL container
  • The “-e” option with “PMA_HOST” must be provided (atleast for now) with value equal to the name of the running MySQL container. Note that the official docs do not indicate that but without this I was receiving following error while trying to log in. So PMA_HOST is a workaround

#2002 – php_network_getaddresses: getaddrinfo failed: Name does not resolve — The server is not responding (or the local server’s socket is not



Docker Transmission Container with Windscribe VPN

Found this awesome container that has Transmission with VPN support which I can use with Windscribe VPN.

Docker Hub Link – https://hub.docker.com/r/haugene/transmission-openvpn/

Run command:

Things to keep in mind:

  • I had to use dns parameters with Google DNS because my Docker container was not able to resolve any domains. You may not need it
  • user name and password is different from the ones you use to login to Windscribe site. Get these from here: https://windscribe.com/getconfig/openvpn
  • iprange is something like depending upon your local area network
  • SELinux will cause issues. So, use following code to set an SELinux policy

  • All the “-e” options that start with TRANSMISSION are Optional but I find those useful to set
    • Use rpc_user / rpc_pass if you want to have transmission use a user for login
    • somescript is a post-download script you want to execute
    • Set the Upload speed and queue size
    • Set the Download queue size

Additionally, I discovered that by default this container will use Port 1194 to connect to Windscribe. I prefer to use 443. There are many ways you can override the port and here’s how I preferred to do it.

I downloaded the OVPN file from Windscribe using link: https://windscribe.com/getconfig/openvpn

Then modified the OVPN file to add “/config/openvpn-credentials.txt” at the end of the line that starts with “auth-user-pass”. The file referenced will be automatically created by the container with Windscribe user/pass values you provide in the Run script. Then OpenVPN can use this auth information and seamlessly connect to Windscribe.

Thereafter, modified the Run script to use a CUSTOM provider and also mapped the location of OVPN file to /etc/openvpn/custom/default.ovpn.

Notice that this does not have “OPENVPN_CONFIG” variable set. This is because we are overriding OpenVPN default config file.

Fire up your container, and you are all set!


Installing Smart Water Shut Off Valve

I took my smart home journey one step further today. I installed a smart auto water shutoff valve. Wow, what’s that? Well, this device mounts to your main water shutoff valve and automatically open or close it based on your command. Sounds magic! Yes it’s magic. Seriously, we now have Z-Wave devices that do this magic. I bought one such device called “Dome Water Main Shut-Off”.

Dome’s device mounts to your main water pipe and can close or open the Ball valve. No plumbing necessary. I repeat. No plumbing necessary.

It’s a very cool piece of technology. But I see you raised your hand for the question – why would someone need it? Well, with smart home devices, this question is irrelevant. Just get it!! Well, but seriously, if you were to buy one smart device get this one. This device has the potential to save you hundreds or thousands in water damage cost to your house due a water leak somewhere. Don’t come back to your home after vacation in Hawaii only to find there is knee deep water in your house because of a leak in the Laundry room! Instead picture this… You are in Hawaii enjoying your vacation. Your Wink app tells you that the Laundry Room water sensor detected a water leak. You take a sip of your favorite cocktail and close the main water valve with a touch of a finger. Then go back to enjoying your vacation. Now, that’s cool!

Let me actually do less of rambling and more of talk. So, the Dome device sells for $99 but can be easily found time to time on Sale for $50. That’s when you know to buy it.

Installation was a breeze. The provided manual is self-explanatory.  Prior to mounting, it’s recommended to pair with your Smart Home Controller; Wink in my case. In the Wink app, device is recognized properly and you can see the two controls – Open or Close.

The device is mounted on the water pipe using two provided clamps.

Then, the other end sits on top of the Ball valve handle.

The attached cord needs to be plugged in to a nearby outlet. So, if you do not have that you are in tough luck. I happened to have a GFCI outlet nearby since my Water main is in the Basement.

The device itself works great. Here’s a short video of Valve closing.

And then, the video of Valve opening.

Pretty cool, didn’t I tell you?

What more can you do with this? Well, for the starts buy Water Sensors and quite a few. Then place those in strategic locations, e.g. Laundry Room, Bathroom, etc. Each of these Sensors can be configured in Wink and you be alerted if a leak is detected. Then either you can manually close the Valve or set a Robot to have Wink automatically do that for you.

The Sensor cost varies. I bought a couple of SmartThings Water Leak Sensors for $20 each. They are one of the best Water Sensors. Dome themselves sell Water Sensors and also a bundled kit with Sensors and the Shut Off Valve, but they tend to be a bit pricey.

So, is this a good buy? In my view it is. It could save you money on costly water damage repairs. By quickly ensuring the Water supply is closed you can minimize the water damage in the house. It’s a cheap insurance.


Cortana now supports Smart Home integration

I don’t use Cortana very much. I don’t have Cortana powered speakers. I don’t have Cortana app installed on my cellphone and I don’t use any Windows Phones anymore… but one thing that I have and majority of people do is a Windows 10 computer. If you do own that, then Cortana comes installed by default on it and you can actually use it to do some really cool stuff if you happen to have Smart devices in your home. I said in the beginning I don’t use Cortana very much but that could change today….

So, back in the second half of 2017, Microsoft released an update that allowed Cortana to be able to integrate with Connected Home providers. Then Wink also confirmed in October 2017 that Cortana now works with Wink. In addition to Wink, Cortana also supports Nest, Insteon, SmartThings and Philips Hue. I only have Nest and Wink and that’s what I ended up configuring.

The configuration is actually pretty easy. Go to the Cortana Icon or Search bar next to Start Menu (Windows Button) on Bottom left corner of your screen.

This will open the Cortana Menu. You will need to go to Cortana Notebook.

Once, in you will see several options and one of them will be “Connected Home”. Select that option.

Once inside “Connected Home”, you will need to select “Enable Connected Home” to be able to proceed further. Once you enable that you will see several providers.

Then based on the service, you will be asked to enter your credentials so Cortana can access your accounts.

I first did Nest and that went pretty well.

I then did Wink.

Once connected, Cortana will show these Services as Connected. It will also automatically discover any Devices provided by these services and update it’s database.

Prior to testing, I also changed the Cortana settings so that it can be invoked whenever I say “Hey Cortana”.

For the testing, I tried to turn on a light by saying “Hey Cortana, turn on Office Lights”. I was expecting Cortana will connect to Wink and take the necessary action. It worked flawlessly…

First, it tried to make sense of what I said.

Then took the action. And yes, the Office Ceiling Light did turn on.

Similarly I was also able to control my Nest Thermostat by saying “Hey Cortana, set thermostat to XX degrees”.

Summing up, the Cortana and Connected Home integration works very good. If you are a Cortana fan or use Windows 10 this can be very handy. I am also going to test this on Cortana app on my Android Phone and see how the experience is. Rest assured it’s not going to replace my Amazon Echo devices in future.


Notes, thoughts, and life experiences