Adblock doesnt seems to work.
I tried to install the package and no ads were blocked.
Adblock doesnt seems to work.
Connect to TOR network.
Aside the VPN, it would be nice if the router can connect to TOR. Sometimes VPNs are blocked by the network admin. Tor becomes an application level alternative.
Informative statistics and graphics.
LuCi statistic page is really bad and only available after a few clicks.
I would like to see those statistics directly in the mobile.
Speed test and network diagnose
It would be nice to have a preconfigured speed test application, one from the router to the station. Another from the router to the internet. Just to isolate wireless network and internet link issues.
With a SDCard we have plenty of space for caching. Having to apt-get/yum packages many times in many machines is annoying. Optional caching with Squid or an alternative can help improving the users experience.
AR750, Beta 3.002:
German translation of “WIRELESS”: “DRAHTLOS” sounds better than “KABELLOS”
Mainmenue → Menue WIRELESS:
- Missing possibility to change the country. I know its available on advanced menue.
- highlighting of ideal WiFi channels in green like 1/6/11in US and 1/5/9/11 in EU, will reduce collision and bring some user and neigber better WIFI speed
- alphabetical of WiFi network, mean 2.4 GHz on top and 5 GHz as 2`nd
Mainmenue → More Settings → Custom DNS Server:
- Clouflare DNS: the used 1
st and 2nd DNS server adress not shown
Ideal will be a drope down menue with the 3 good known DNS over TLS server Cloudflare, Quad9 and clean browsing. See list on: DNS over TLS - Wikipedia
- The Cloudlare DNS over TLS menue dont tell about its DNSSEC validatet or not
- the menue from manual DNS server setting dont tell it will use DNS over TLS and DNSSEC validation if available on DNS server
- great will be a button for enable/diable DNS over TLS and a button for enable/disable validation by DNSSEC
- ideal will be a function on menue which check the function of DNS over TLS and DNSSEC validation and a menue item for diable internet connection if DNS are not TLS secured and DNSSEC validated (it can be like this is called kill switch)
Mainmenue → More Settings → Time Zone:
- Its looks like its not possible to configure 1
st and 2nd NTP server on simple webinterface
Bypass Open VPN:
Possibility to configure by “regular expression”, some domains or pages which dont use VPN. P.e. all china domains and www.domainname.tld: [..cn], [*.domainname.tld]
- deactivate internet connection if the VPN dont work.
Menue Item, for deactivating all IPV6 connections.
Kill switch already exists (= “force VPN”)
Disable IPV6 already in request list!
Just got my 750S and it’s a nice bit of hardware. I like the new UI in comparison to the AR300M (which I have as well).
Here are my comment on the UI:
The password fields have “onpaste=return false”. This prevent people from generating a strong random password in a password manager and pasting it in. I don’t see the point of prevent pasting. Especially as it’s trivial to open the dev tools in the browser and delete that line.
There doesn’t seem to be a way to set the Wifi encryption. I found I could use the advanced Lede UI to change it from WPA/WPA2 mixed, but this really should be exposed in the main UI.
Thanks again for great product!
@ttl0 for now you can change the wifi encryption using Luci.
@kyson-lok someone will be angry again haha UI issue when pasting password.
I agree you.
It doesn’t need to expose in UI, as it only support OPEN/WPAPSK/WPA2PSK/WPAPSKWPA2PSK on ui, but I think it should be configured to WPA2 PSK by default which is the most security at present.
We will develop it in the future.
Thanks for the suggestion.
Good idea! We will evaluate this feature.
Customers don’t need to configure it.
Providing secured time source like:
- internal or external (external by USB) GPS time source
- internal or external (external by USB) DCF77 time source
- more secure time protocoll like:
*** tlsdate tlsdate: The Secure Alternative for ntpd, ntpdate and rdate - Linux Audit
tlsdate/INSTALL at master · ioerror/tlsdate · GitHub
*** ntimed ntpdate - Wikipedia
*** NTP over TLS RFC 8915 - Network Time Security for the Network Time Protocol
What’s the use-case for requiring secured time? Do you find NTP Stratum 1/2 servers giving out false time info?
I don’t really see the point of the TLS based ones. They all add some latency so the time won’t be exact after a sync, worse than a “non secure” way.
The hardware solutions are also even worse, they are totally not secure at all.
I can sit by your window and spoof GPS and DCF77 just with a micro controller, maybe even another GL router
There are more important features required at the moment, like captive portal detection so that you don’t need to disable the VPN and leak data while you accept the captive portal TOS.
The normal NTP by UDP can easy used to set a wrong time (pe. the right time +2year). The result of this are, the most certificates will be invalide. Certificate based things wil stopp working.
Secured time source will fix this. I am not a programmer, I dont no how complicated to implement like this. In the past i have seen how to how to install the existing tlsdate on openwrt. One other how too was describing how to get time by GPS mouse on openwrt.
- It can be DCF 77 and equal are not the right way, because its not available around the world.
- A secure source for time signal is a external GPS mouse for sbout 10USD. [OpenWrt Wiki] Stratum 1 NTP server using USB GPS
- tlsdate have depend on resolution of TLS1.2 a uncertainly of +/-1secound. A add on for this available for openwrt. tlsdate only working up to TLS 1.2, thats mean not working with TLS 1.3.
- On Wikipedia is written “OpenNTPD” are compatible with existing NTP server, other webpage told "is compatible with NTP Pools. On Wikipedia is written the uncertainly of OPENNTPD is only 50 to 200ms. Thats not so got like GPS or NTP, a its better than tlsdate.
OpenNTPD: Portable Release
GitHub - openntpd-portable/openntpd-portable: Portable build framework for OpenNTPD