2021, gl-inet Firmware 3.2, shorttest of snapshot version

Does anything already fixed or improved which is listed on the “2021, gl-inet Firmware 3.2, shorttest of snapshot version” ?

See:

Some. Will reply in details.

I’m sorry to reply so late. For 3.201, the main thing is to upgrade the device to OpenWrt19.07.7 version
We are planning the firmware of 4.000 and there will be major adjustments. I will consider the problems you mentioned together. Now, I will reply to some of the problems you mentioned

  • The system don’t ask by first logon or on first popup window or on easy to use gui on wifi section. The country selection is still a little bit hidden for a lot of user… That can be a problem with local law, the certification like CE and the speed and connection for the user. In the current case, the router will use without country configuration in some countrys around the world not all channels which allowed in the country, can be use wrong power on some channels and dont get connection depend on the static preconfigured cannel 6, which don’t make sense in some country like EU, JP and can be some more.
    –>I agree, will be added in firmware version 4.000

  • By first configuration of 3.2. snapshot software are only accepted short passwords like p.e. 6 character. Long one like p.e 64 character can be set by first configuration too, a its not possible to logon by this after reboot. So its need to reset the router. Set a insecure short password, logoff, logon and set a longer one. I remember the same gl firmware bug like this one or two years ago …
    –>I just tested it and it still exists

  • Logging in the advanced admin menu, show some big red error message about “Syntax Errors”.
    –>has been fixed

  • The right German translation for the English menu item “WIRELESS” is “DRAHTLOS” and not “KABELLOS”. See old bug report on this …
    –>I just tested it and it still exists

  • Replace the non secured NTP by a secured one like NTS. Its offered by p.e. Cloudflare and RFC. See old suggest on this …
    –>Will be considered in version 4.000

  • It can be the “Update Button” in Plug-ins" menu don’t update the available plugins. It can be, on this time shown only already installed and used plugins. On this time I see about 286 or so on Plug-ins. If I remember right, the count of available was much higher on older released gl firmware versions.
    → The software repository has been updated

  • By gl firmware used web server lighttpd 1.4.48 is outdated since more than 3 years. The actual version from 2021-02 is 1.4.59
    → I really want to upgrade, but there is a memory leak in the new version and 4.000 will use our own developed HTTP server.

  • The List of available UTC times are still not alphabetical like on older firmware versions. See older reports for this …
    → I checked. alread alphabetical order.

  • Add a check for wrong passwords on follow way: Add a wait time after 1st wrong password of 1 second, after every next wrong password input, double the time. See for this old suggestion post …
    –>We made some simple restrictions. If you make 10 errors in a row, it will take 5 minutes to type again

  • Changing the default value from NTP config, which tell by every NTP request to the requested NTP server the by router used OS, to one which don’t tell the by router used OS can improve the security a little bit for free.
    –>Will be considered in version 4.000

  • Add a self exploring description about the security level of different wifi modes, like this one which are available on advanced admin of gl firmware and come from from original open wrt firmware. It can be, the user of simple admin menu will need this hints more than the advanced user of advanced admin menu.
    –>This has been changed that if the user chooses a low level of encryption, there will be a security alert.

  • add a file proxy on router, for reduce the traffic
    –>Could you give me more details?

  • NEED TO CHANGE THE DEFAULT VALUE FOR SSH ACCESS !!!
    –>Except for developers, I don’t think most users will use it

  • https login for router

  • http to https redirect for build in webserver
    → Will add in firmware version 4.000

1 Like

any date for the official release of the 3.2?

Possible one more old bug are still active:

"I have still seen one OLLLLLLD password bug again on my new gl router AR-750S … After factory reset, the router are saving by password witch are longer than 32 carracter, only the first 32 caracter. That means. If I save p.e. a 40 carcter after factory reset. You can set p.e. a 40 caracter pasword without error message. A you can not log in by this 40 caracter password. A if you use only the first 32 caracter, you can log in … (by a password, which you didn’t realy set …). Thats are a bug, which have some open wrt router since about two years… It can be, one router vendor should pay some bugs for bugfixing this by open wrt.

After first reboot, can set working passwords longer 32 caracter. I dont know doo you have the same password bug on your router too. In the past they are a password bug by advanced admin menue too. By this, the initial password didnt be set for advanced admin menue an it was need to set it after first reboot by hand. You can check it if you have password problems on this part."

Possible DNS leak:

Other possible security potential:

  • change the hostname

The Hostname can be changed under /cgi-bin/luci/admin/system/system

I know. THX. By the way. On advanced admin menu can be found “Hostname” are used on two different places for two thinks. Thats are possible not so consistent…

Possible potential for improvement:

  • advance the Tor function by a Kill Switch function

One thing more which a have seen by a old GL-AR300M router now, which I have found around.
After factory default and updating to open -wrt-ar300-nand-3.019 and after than by autoupdate t the actual firmware, I was doing the follow:

  • configure the wifi configuration from default value which was a 11 chanel WIFI2.4 country like us, to the 13 chanel WiFi 2.4 country Germany.
  • The menue saved the country value “Germany”, a still only 11 chanels was available…

On 3.2 firmware can configured on webinterface of GL-Router “auto update”, a its not self declared to which version it will be updated, like:

  • does a released version updated to a released version ?
  • or does every version only updated to a released version ?
  • or does berta versions are updated do newer beta version too ?
  • or, or, or…

Did already one point at minimum, of partly years old bugs from this short test 3.2 list fixed or one possible improvement are added from this ?

After testing one time again now, with the actual Beta 3.201 2021-04-23, I replaced the firmware from all systems by the non DNS leaking released one openwrt 3.105.tar

By the way. The Beta 3.201 2021-04-23 have all some hours breaks in internet connection by ethernet connected clients (no wifi connected clients er tested). Thats are the 2nd no go for me. By the way, one other user reported on forum about breaks on his wifi connection all 30 minutes or so on… It can be thats the same bug.

Now I am out some days and stopp endlos testing… I am not a gl fulltime stuff or a gl shareholder… It can be I will check some times about they are statements about starting to fix the near endless list of bugs or doing some of suggested improvements…

@Henry_Bruns I totally agree with your statement. I too have given up testing GL iNet firmware, as there is just too many problems. I am looking forward to going to 21.02 OpenWrt, as it now supports all the GL iNet products I own. I have no plans on buying or recommending anything else from GL iNet until the quality and timeliness of the software improves.

@alzhao and other working for GL iNet. We need working, tested firmware across your whole product line. We need critical bug fixes released in days or at most weeks, not months like it took to update dnsmasq. We need your upgrades too work. We need your release more tailored, so it will fit in 16MB of flash. The base for OpenWrt 21.02 is less than half the size of your releases, and I can easily fit it with the tools I need into 16 MB of flash.

You have great hardware. I hope one day your software can be as good.

4 Likes

I think the follow should be diabled on future firmware versions:

DNS leak by using 3.2xx firmware and Wireguard:

Wireguard client not honoring DNS setting [workaround discovered]

Source: Wireguard client not honoring DNS setting [workaround discovered] - #15 by Henry_Bruns

( For OpenVPN see the possible same DNS leak report: Firmware openwrt-ar750s-3.201-0402.tar, possible still same DNS leak or again )

One more possible improvement are found:
One of the gui item offer the possibility to show the traffic graphical. Thats nice, a its reduce the possible traffic speed p.e. to 50%. So switch it of by auto, if no user are logged in on webinterface.

See follow discussion:

This one will be optimized. It should not reduce speed.

Its nice to hear that will be optimize in future.

I am not shure on this time the follow bug are taken over from older buglists, so I add it today, for don’t forget it:

  • The term “Hostname” is used on two different menu item of gl firmware for different things. Thats are not consistent and can lead to misconfiguration, if the the user not check by suitable tools, what the router really doing after configure this.
1 Like