List of current feature requests 2022

Ability to use Luci to do a backup (as currently) for a device, have the option to use Luci to do a restore but NOT overwrite the IP & Mac when restoring - in other words be able to “clone” settings etc. from one device to another so long as they are the same “family” i.e. existing AR750S-EXT to a new AR750S-EXT to have sitting ready to go in case of failure.

What about a 5G CPE router? would be a killer for all other 5G CPE routers on the market yet!

Few tests with the Slate AX at 5Ghz between WDS and 802.11s to an OpenWRT AP

WDS to:
Atheros QCA9880: WDS 180Mbit down / 160Mbit up 15ms max, slows down to 90 after 12 hours
MediaTek MT7615N: WDS 150Mbit down / 70Mbit up with 400ms latency on load, stable speed

Both cutoff randomly every few days requiring a restart.
There is a noticeable packet loss on client connect/disconnect in simultaneous mode: AP and Client (WDS) a.k.a Repeater mode.

Mesh/802.11s to:
Atheros QCA9880: 260Mbit down / 210 Mbit up 20ms max, stable for weeks
MediaTek MT7615N: 290Mbit down / 200 Mbit up 30ms max, no latency increase, stable for weeks

No issues as a repeater mode.

Please consider adding 802.11s

1 Like

Would it be possible to incorporate the connections that is found in luci->status->realtimegraph->connections into the project so we can better review traffic? I don’t like going into luci, it feels outdated and to be honest, your UI is much better.

Maybe even use the NF_conn to build a traffic analysis web page. To show you the top visited sites within a 24-hour, 1-Day, 1-Week window?

Here is an example of asuswrt, traffic analyzer. It’s pretty neat.

https://demoui.asus.com/TrafficAnalyzer_Statistic.asp#:~:text=ASUS%20Wireless%20Router%20RT-AX95Q%20-%20EZQoS%20Bandwidth%20Management&text=Traffic%20Analyzer%20is%20to%20analyze,displayed%20by%20clients%20or%20apps

1 Like

I got a nice one as request :slight_smile:

please make support for vpn policies for different network interfaces currently it has only hardcoded for br-lan and guests.

I did a look myself if its even possible but I made a small prototype:

expand for snippet
. /lib/functions.sh

ignore_iface_list="eth0 eth1 eth2 eth3 eth4 lo" #add wgclient/tun0 if something in the future changes.
iface_list=""

LoadInterfaceAwareness() {
	iface_list="" #empty the list first.
	echo "{vpnpolicy} == [Checking VPN Policy interface awareness!] =="
	config_load network # load the configuration
	config_foreach Populate_Bypass_interfaces 'interface'
}

Populate_Bypass_interfaces() {
    config_get devname "$1" 'device'
	config_get devgateway "$1" 'ipaddr'
	
	echo "{vpnpolicy} vpnpolicy" "test: $devname"
	
	if [ ! -z "$devname" ] && [ ! "${ignore_iface_list[*]}" =~ "$devname"]; # check if its null and also does not contain in our ignore list.
	then
		echo "{vpnpolicy} registering interface subnet $devname for vpn policies with gateway $devgateway"
		iface_list+="$devname"
	fi
}
example of kill switch
killswitch_update()
{
	# entry added by xize
	LoadInterfaceAwareness()
	# end entry
	
	killswitch="$(uci get vpnpolicy.global.kill_switch)"
	iptables -F ROUTE_POLICY 2>/dev/null
	[ "$killswitch" = 0 ] && {
		#iptables -A ROUTE_POLICY  -i br-lan -m mark --mark 0x80000/0x80000  -j ACCEPT 2>/dev/null
		#iptables -A ROUTE_POLICY  -i br-guest -m mark --mark 0x80000/0x80000  -j ACCEPT 2>/dev/null
        
		# entry added by xize
		for iface in $iface_list
		do
			iptables -A ROUTE_POLICY  -i $iface -m mark --mark 0x80000/0x80000  -j ACCEPT 2>/dev/null
		done
		# end entry
	}
}

basicly openwrt has a helper script ( /lib/functions.sh) to iterate through parts of the configuration, though I never got it to work when I presumely tried to edit the /usr/bin/route_policy script, so instead I hardcoded it, but maybe it can give others a idea, maybe the ignored interfaces can be part of ui or something? :slight_smile:

2 Likes

VPN policy for vlan, right? Planed to have this part. But vlan is generally very confusing and difficult to configure, especially mixed with other policies.

1 Like

Not only for vlan, but for different interfaces/devices other than br-lan and guests, but I think for this there needs to be some sort of blacklist of interfaces/devices to be ignored, I kinda tried this in my snipped code.

I think that would be super :+1:

Edit example:

Currently wlan0 and wlan1 and wlan1-1 devices have their own interface with dhcp on my setup in this case those interfaces don’t get policy routed I wish these get routed :yum:

1 Like

Yes. We plan to bind each interface to a vlan and do vpn policy based on vlan. Hope this is the correct direction.

3 Likes

How do you update to 4.0?

I don’t know if this is a feature request or a bug report, but addressing the current problem with Wireguard and Dynamic DNS should be high priority. It’s the only reason I bought this device. In short, wireguard connections fail when the target’s IP address changes - they are not reresolved. Due to GL-I.net’s custom way of handling this, the including wireguard_watchdog script fails.

1 Like

Is there a plan to add vlan management in the gl.inet webUI ?
I’m doing that in luci for now, but it would be nice to be able to create vlan’s from the main webUI.

6 Likes

Agree, this would be really nice addition indeed.

Hi,

possibility to set the wifi region from the gui, I know that via ssh or luciit is possible but the settings maybe vary between the different models and I have the impression that other settings are also modified by luci.

Thanks

3 Likes

Hi,
I know this post is out of context or order, Yet, the roadmap mentions, it will not allow us to create backups to configurations or firmware for 2022? that appears counterintuitive, if we are spending time performing tests in OpenWRT.

I’d like to see additional insight into the ports and how to protect them from attacks. Or how to install additional VOIP application in additional Asterix.

thanks,

2 Likes

Add 10GbE ports, Would love to have a router like the Brume 1 (or flint?) with upgraded ethernet ports to take advantage of higher speeds now being offered in the US (ie: 2.5Gbps, 5Gbps plans).

2 Likes

To get that speed the majority of people would have to update their cables to at least CAT6a and I can tell you for a fact that many new construction installs used CAT 5e to save money and are on a 8 year lifecycle.

4 Likes

FEAUTURE REQUEST
Some routers can work with VPN and TOR at the same time
Example:

1.- VPN → TOR → LAN
In this case the router make a VPN Connection client and later connect to TOR finally all clients connected to the LAN will use the TOR IP

2.- TOR → VPN → LAN
In this case the router make a TOR Connection client and later connect to the VPN Client finally all clients connected to the LAN will use the VPN IP

Other feauture is what For prevent IP leak with tor connection close all DNS Request with UDP Protocol and just accept TCP request.

1 Like

This is a more reasonable setup.

NO I want unreasonable, after VPN I need a AWS VPN before TOR and a proxy jump after. :rofl:
Keep up the great work

@panpan @alzhao

Anything new on the client bandwidth graph / quarantine feature?