Feature Request Thread For Firmware v3


I agree with this (think I mentioned it in bugs thread).
There are way too many menus now, meaning way too many clicks and/or scrolling.
For example, Upgrade and Revert could both could both go in a Firmware menu.


“Force VPN” is a wrong friend. That should be replaced on firmware by “VPN only” or like this exact describtion.


Here are some features on my wish list:

  • TOR support in the main code (no special image, not sure if this is solved)
  • TOR over VPN
  • TOR advanced option to influence leaking country
  • Multiple OpenVPN connections in parallel

  • It can be it need to be a add on, depend on law of countrys like cn

  • DDWRT have the possibility to create more than one WiFi name for one Wifi Hardware. Thats mean, it should be possible to create on OPEN WRT too to create two WiFi names at the same time for one WiFi hardware.

That sounds for me that should be possible to configure one WiFi connection over VPN and one WiFi connection over Tor.


You can create second wifi SSIDs using the advanced menu (luci).

There is a package called vpn-policy-routing that can be used to split traffic between wan and vpn for the different SSIDs. Install using the following commands.

opkg remove dnsmasq
opkg list-installed | grep -q uclient-fetch || opkg install uclient-fetch
opkg list-installed | grep -q libustream || opkg install libustream-mbedtls
echo -e -n ‘untrusted comment: LEDE usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n’ > /tmp/stangri-repo.pub && opkg-key add /tmp/stangri-repo.pub
! grep -q ‘stangri_repo’ /etc/opkg/customfeeds.conf && echo ‘src/gz stangri_repo https://raw.githubusercontent.com/stangri/openwrt-repo/master’ >> /etc/opkg/customfeeds.conf
opkg update
opkg install vpn-policy-routing luci-app-vpn-policy-routing dnsmasq-full

It didn’t work properly with 2.72 and I haven’t completely tested with 3.0 but it does appear to be working now.

  • Persistent SMS conversations. Sent messages will stay in the thread with each recipients.
  • SMS auto refresh in SMS message and conversation page.
  • GUI for some common LuCI apps, like luci-app-shadowsocks. Or any plan for publishing the documentation or manuals for adapting our own app into the beautiful 3.X UI?


I think this is possible. We do have a template to make packages. But we still need some time for this to be released.


On this time its possible to access Webinteface by WLAN. Thats a little bit risky.

A Yes/No Button for allow or not to access webinterface (incl. advanced webinterface) by WLAN will fix this. On other hand, useing a doubling wait time by every wrong password will secure this good enough.


Modify existing Mac adress changer on Admin menue:

  • The menue dont tell how often the Mac changed on auto Mac change mode. That information should be add on this menue.
  • Add the possibility to configure how often this change by automatic. Ideal will be the possibility to configure additional a +/- fortune variance for this.
  • Add the possibility to configure a user defined MAC adress in this menue.


3.006 ,on safari
The login button on home page not work after click;
On chrome could work.

  • “The “Force VPN are allways on” is a great feuture in V3. That should be promoted by a short message on VPN menue. Becorse this function are why some people buy a vpn router.”

Without this information on admin menue, customer can think, the “Force VPN” from V 2.x are lost on V.3.


Actually this is quite annoying thing when you enforce a feature but users think it is lost.


I agree. We should have more options like described



  1. DNS over TLS - on by default

  2. Provide NTP server - toggle in GL UI

  1. VPNgate support
  1. SSL - installed by default &
    software packages served over HTTPS


  1. SQM installed by default (reduce latency for VOIP applications)


  1. Adblock installed by default, with toggle in GL UI
    (need to block Google Analytics, etc in router for IoT devices, TV’s & media players)



Would this break captive portal usage?


ofc, it will break captive portal. If you enable DNS over TLS, it can’t be redirected to portal page.


If I read like this, it need to be checked:

TLS 1.3 only, or with fallback to TLS 1.2 (Disable support for TLS 1.1 and lower)

  • Software package downlod
  • Admin webinterface on

Uninstall at minimum broken chipper suites like:

  • security.ssl3.rsa_aes_128_sha
  • security.ssl3.rsa_aes_256_sha
  • security.ssl3.rsa_des_ede3_sha


Ability to add individual ovpn file or ovpn.zip file to current profile (and without need to re-enter password etc.).

A “reconnect” button to current VPN server.


Okay, I forgot about this - I did not try it with captive portals yet


Hello, I am using version 3.005 so far without problems with overlay in microsd and I would like to know if there is possibility to add an advanced option to the button tab both to use the third position with mod and execute a custom command or activate or deactivate a custom service