Verizon FiOS → Actiontec Router weirdness (bug?)and thoughts (GPL code CD?)

Wow that Actiontec router is a piece of work. I blocked that stupid backdoor that Verizon had (4567).

So obviously the thing runs linux, but the company that has put this together has cleverly (or not so) hidden all the standard linux interfaces to make things like standard tools for iptables and QoS not work.

Ok, before I get off track, I noticed something weird. I had a machine on my network with a bunch of port forwarding rules. I removed this machine, hostname kabir. I came back to my house and looked at the Enable Applications menu and saw that it had "resolved" kabir to 4 IP addresses (3 distinct):
63.251.179.13
66.150.2.134
8.15.7.117
66.150.2.134

What's going on here? Reverse DNS fails on them and the ARIN database looks like they are mostly inactive ranges (though a number of them are routable (I think to their toplevel ISP blackhole). So I'm wondering if this is some kind of bug, potentially a security problem, because it would seem like these entries would be from some uninitialized buffer or stack data, freed memory, etc.

It doesn't look like ARM code by my eye and mental hex conversion, but I can't disassemble IP addresses in my head :-!.
This worries me a bit.
However the DNS server does not resolve the host, so maybe it is just in the GUI. Regardless, it is awful sloppy.

--- About openrg ---
I doubt that Jungo has actually written their own QoS/queueing and firewall infrastructure. I am pretty sure they are using netfilter and standard linux queueing algos. Why do they bother to isolate this stuff in big fat modules is beyond me.

You can apparently get a CD with contents that fulfills there legal requirements for GPL compliance, but unlike Linksys and D-Link, you cannot download it (I didn't find it). Instead, you have to send a letter to Israel and then you get the thing shipped to you...
I don't know, there a lot of security/firewall companies in Israel, maybe they licensed something..
Two ways to tell: Look in the firmware (which I will do when I get some time, or ask if anyone else has done it), or look at their GPL distribution CD.
Has anyone sent the $15.00 by registered mail to Israel and obtained one? I didn't find anything on google.

While the GPL does allow for "reasonable" S&H and server costs to be defrayed, I think Jungo is actually not fulfilling their obligation properly. The $15.00 and registered mail is obviously to make things difficult, but more legally relevant and decisive is that the argument that they need this money is specious because you can download the BINARY off their website. Ridiculous. I mean are you telling me that they don't have a FAX machine? I'll send a FAX, NP.

If you have the CD, could you send me the contents, or post it somewhere (usenet). Posting is legal since it obviously is GPL and when they send you the data you inherit the right of redistribution. You are not legally obligated to post, but it is your prerogative. If someone posts it, I will gladly host it on my server for public access.

I actually like the Actiontec router, relative to other consumer RGs, but that isn't saying much. I think it is better than the feature barren Linksys and buggy DLink stuff. The features of openrg are certainly very appealing, and they make setting up good QoS a snap. I think far better than any other device in its class (RGs); again, not saying much.

However:
1. There are obviously bugs; ones that I as a user can see, and if I were doing testing I am sure I would encounter more, but the damn company has not released a firmware update in ages.
2. It has been intentionally backdoored. Even if you can disable it, I find this pretty despicable, and my trust is completely gone at this point... Reminds me of: It is better to not do something blatant and thought to have security problems than to be an asshat and remove all doubt. At least I would respect them if the backdoor were not so obvious. And the obvious backdoor, if there are errors, opens up unsuspecting Joe's to exploits.

So I'm not using mine anymore. I put together a Mini-ITX router together with IDE Flash Disk, 4 1Gb NICs and I'm doing all the software builds myself with rpm for packaging (I've seen most of the firewall projects, most of them are not to my liking..not necessarily security related, just personal user peeves). Yes it did cost about $300 (mostly because of the exorbitant, but pretty case, but I've got a better product). The hardware was under $200 (including a nice VIA Wireless NIC with functional HostAP).

Regards,
--jkl