Firmware 4.2.x is out as snapshot firmware

Yes. PM is good. Pls send.

the demo config just created for you is working in both, my 3.215 and my 4.2 as well.
OK, consider this solved for now. In case I have the next non-working one I send it to you.

edit: Due to a lack of ‘slots’ at the provider I have to overwrite old configs, so the faulty one cannot be tested any more. Sorry.

To the Dev’s, when may we expect a new Beta version for the Flint router? Right now we have been using 4.2.0 beta2, when may we expect beta3 for the Flint?

Regards,

Come on now lads, hit us with a firmware update!

Using Slate AX1800 I am having a Wireguard profile issue. When I upload a Wireguard profile and upload the config files, on 4.1.0 I can upload many to the profile group (for different locations). On 4.2 + including the latest snapshot I can only add 2. If I add a 3rd it stops responding and the entire vpn client area disappears not allowing any changes or uploads. Reboot doesn’t help. Have to restore firmware to get access back to the vpn client area.

You mean add multiple profiles to one group?

Do you think there is strange names in the config profiles? I tested mine and I don’t have this problem.

Can you create new group and test? Maybe send some profiles to me to test.

I have tried uploading to a single group or making 3 groups. The moment I upload the 3rd config file - either to the single group or to individual groups - it “freaks out” and causes the issue where the entire VPN area is missing. I don’t see a way to private message on here. I emailed the config files to the support email address.

MT-1300

file name of VPN config can’t contain a ', otherwise it won’t be imported (though GUI claims “Success”).

wg11024×647 22.7 KB

.
clicked [Apply]

wg21080×399 20.5 KB

you missed /usr/bin/route_policy, this is where the ‘magic’ happens.

HTH!

Single quota ’ in filename is a bug. I filed internally.

Alzhao answered (effectively correcting you) a few posts up: “GL service should not use vpn by default.”

Your being unproductive in this conversation. I pointed out that that something was changed from previous firmware builds so that people are array of it. It has since changed again. Go play with 4.2 snapshot and move on.

GL-S1300:

Compared to version 4.1 Beta, the size of the .img file is ~double (80MB)
SHA256-Checksum fits.

Screenshot_20230119_1924092542×1849 155 KB

You should use the .tar file, not the img file.

BUG Report
Date Compiled: 2023-01-19 19:24:04 (UTC-05:00)

SHA256: bcdb81024aa4b55eb82bd0068863a3027132c918c87baeeac55fe5929eb7635f

Not usable:
WiFi radios crash after 24hours
When this happens unable to connect wireless or wired connection SSH also can not be access
VPN will only allow 2 config files to be uploaded before wipe out configurations, Also has a limit of 10 config files before wipes all config files.

Previous 2 snapshots did not have problem that I encountered

Fresh install with snapshot and load config file

Noticed the vpn profile count problem. Still need to check WiFi issue.

That’s the log file, when the VPN connection stopped working this morning:
VPN.zip (931 Bytes)

2.4gHz channel is randomly disconnecting now
System log excerpt
Sat Jan 21 17:15:24 2023 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=KEYPAIR-CREATED SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Sat Jan 21 17:15:26 2023 daemon.warn dnsmasq[8472]: possible DNS-rebind attack detected: cooper.logs.roku.com
Sat Jan 21 17:15:26 2023 daemon.warn dnsmasq[8472]: possible DNS-rebind attack detected: scribe.logs.roku.com
Sat Jan 21 17:15:43 2023 daemon.info hostapd: wlan1: STA 34:41:5d:31:cb:ad IEEE 802.11: authenticated
Sat Jan 21 17:15:43 2023 daemon.info hostapd: wlan1: STA 34:41:5d:31:cb:ad IEEE 802.11: associated (aid 1)
Sat Jan 21 17:15:43 2023 daemon.notice hostapd: wlan1: AP-STA-CONNECTED 34:41:5d:31:cb:ad 0 0
Sat Jan 21 17:15:43 2023 daemon.info hostapd: wlan1: STA 34:41:5d:31:cb:ad RADIUS: starting accounting session C51B68D94B0A60CC
Sat Jan 21 17:15:43 2023 daemon.info hostapd: wlan1: STA 34:41:5d:31:cb:ad WPA: pairwise key handshake completed (RSN)
Sat Jan 21 17:15:43 2023 daemon.info dnsmasq-dhcp[8472]: DHCPREQUEST(br-lan) 192.168.1.112 34:41:5d:31:cb:ad
Sat Jan 21 17:15:43 2023 daemon.info dnsmasq-dhcp[8472]: DHCPACK(br-lan) 192.168.1.112 34:41:5d:31:cb:ad DESKTOP-NCRG9BM
Sat Jan 21 17:15:56 2023 daemon.warn dnsmasq[8472]: possible DNS-rebind attack detected: cloudservices.roku.com

Also the kernel seems to be doing speed test or port speed mitigation on the ethernet for no reason
Kernel log:
[ 3055.378061] br-lan: port 2(eth2) entered disabled state
[ 3057.377560] nss-dp 3a001400.dp3 eth2: PHY Link up speed: 1000
[ 3057.377635] br-lan: port 2(eth2) entered forwarding state
[ 3057.382343] br-lan: port 2(eth2) entered forwarding state
[ 3065.407384] br-lan: port 2(eth2) entered forwarding state
[ 3127.386995] nss-dp 3a001400.dp3 eth2: PHY Link is down
[ 3127.387305] br-lan: port 2(eth2) entered disabled state
[ 3236.386074] nss-dp 3a001400.dp3 eth2: PHY Link up speed: 10
[ 3236.386147] br-lan: port 2(eth2) entered forwarding state
[ 3236.390501] br-lan: port 2(eth2) entered forwarding state
[ 3238.396044] nss-dp 3a001400.dp3 eth2: PHY Link is down
[ 3238.396358] br-lan: port 2(eth2) entered disabled state
[ 3240.396040] nss-dp 3a001400.dp3 eth2: PHY Link up speed: 100
[ 3240.396113] br-lan: port 2(eth2) entered forwarding state
[ 3240.400817] br-lan: port 2(eth2) entered forwarding state
[ 3248.405861] br-lan: port 2(eth2) entered forwarding state
[ 4415.392814] nss-dp 3a001400.dp3 eth2: PHY Link is down
[ 4415.393234] br-lan: port 2(eth2) entered disabled state
[ 8249.347295] nss-dp 3a001400.dp3 eth2: PHY Link up speed: 100
[ 8249.347460] br-lan: port 2(eth2) entered forwarding state
[ 8249.352068] br-lan: port 2(eth2) entered forwarding state
[ 8257.367072] br-lan: port 2(eth2) entered forwarding state
[ 8268.357028] nss-dp 3a001400.dp3 eth2: PHY Link is down
[ 8268.357350] br-lan: port 2(eth2) entered disabled state
[ 8283.356852] nss-dp 3a001400.dp3 eth2: PHY Link up speed: 10
[ 8283.356989] br-lan: port 2(eth2) entered forwarding state
[ 8283.361280] br-lan: port 2(eth2) entered forwarding state
[ 8285.366794] nss-dp 3a001400.dp3 eth2: PHY Link is down
[ 8285.367111] br-lan: port 2(eth2) entered disabled state
[ 8287.366820] nss-dp 3a001400.dp3 eth2: PHY Link up speed: 1000
[ 8287.366955] br-lan: port 2(eth2) entered forwarding state
[ 8287.371598] br-lan: port 2(eth2) entered forwarding state
[ 8295.386561] br-lan: port 2(eth2) entered forwarding state
[ 8953.368449] nss-dp 3a001400.dp3 eth2: PHY Link is down
[ 8953.368853] br-lan: port 2(eth2) entered disabled state

I think I figured the 2.4gHz I caught a neighborhood kid playing with a FlipperZer0 and WiFi devboard out front

FYI WPA2 is susceptible to the marauder attacks WPA2/WPA3 is not along with WPA3

rather a feature request:
When clicking on VPN in the left menu open the VPN-submenu (like you do today) and display the dashboard, please. It’s a totally unnecessary extra click to have to click on Dashboard in that situation.

edit:
my next post leads me to another feature request:
In case it’s not already allowed (which was the character to use?) please allow comments in the IP-/Domain list. Especially when using IPs it makes the list way easier to read/edit.