Update on 2023 feature requests implemented starting firmware v4.3 and ongoing development

Since firmware v4.3

• Optimized the font color for cellular signal strength.
• Added a feature to allow setting cellular by operator. (We will preset some operator profiles and gradually add more.)

Since firmware v4.4

• Added an access control feature to prevent new clients from accessing LAN and WAN.
• Added the dual-WAN port feature in certain GL.iNet models.
• Added a feature to block cellular cell towers.
• Added automatic configuration support for T-Mobile.

Since firmware v4.5

• Added SIP ALG options.
• Added the Admin Panel Access Port option to allow users to use port 80/443 for other purposes.
• Added security options to support disabling HTTP access and using HTTPS access.
• Added an option to use TailScale as an exit node.
• Added the Full Cone NAT option.
• Fixed an issue where WireGuard clients connected to the server via DDNS are disconnected when the server IP changes.

Since firmware v4.6

• Fixing an issue where hotel hotspots cannot be authenticated.
• Optimizing the VPN client to ensure AdGuard Home’s DNS will not override the VPN client’s DNS.
• Optimizing connections via repeater to allow different randomized MAC addresses for different SSIDs.
• Adding support for setting a port range for the external port in port forwarding.

Since firmware v4.7

• Optimizing firewall features to support preventing specific IPs from accessing open or forwarded ports.
• Adding the VPN policy domain list subscription feature to support automatic domain name update from URL.
• Adding client isolation.
• Client isolation was originally due to be released in firmware v4.5.
• It wasn’t implemented because two clients connected via the LAN port could not be isolated.
• AP isolation will be added in firmware v4.7.
• Optimizing the flow for adding the WireGuard client configuration file manually and adding support for automatic key generation.
• Optimize the page names in the web admin panel so that the router’s Hostname is displayed in the browser Tab.

Since firmware 4.8

• Add real-time network speed display for each interface.
• Add traffic statistics analysis chart, including the history of the interface, and client traffic. (Only cloud display, as frequent writes will reduce the device’s lifespan)
• Locally displayed data will not be saved to flash and will be deleted after rebooting.
• Add support for exporting data for viewing.
• Add support for cloud saving in later versions.
• Add support for exporting debug information.
• Optimize the WireGuard server to allow custom endpoint domains.
• Upgrade OpenVPN to v2.6.
• Add an option to enable or disable VPN on the web admin panel’s main page.
• Optimize the “enable” option for repeater when it is disabled.

Since firmware v4.9 or higher

• Optimize VPN policies to support multiple VPN clients simultaneously and composite VPN policies.
  • Complete the design by the end of this year.
  • Release the beta firmware by the end of this year or the first half of next year.
• Optimize VPN policies and add support to enable Kill Switch in VPN policy mode.
  • These will be developed together with the composite VPN policy.
• Add package description and statistics to the plug-in page.
• Add whitelist for DNS rebinding attack protection.
• Add support for setting up VPN policies for devices coming from WAN in Drop-in Gateway mode.
• Devices with batteries support auto-off settings.
• Add global speed limit to limit the speed of new clients.
• Add IP address reservation import/export.

Features that will be in the development pipeline but most likely won’t be released within a year

• Optimize the VPN client to support automatic reconnection.
• Add QoS.
• Optimize network storage, resolve issues with FTP and NFS protocols, and resolve some SMB compatibility issues.
• Optimize the toggle button to support switching the guest network’s “enable” status.
• Optimize S2S to support client devices’ access.
• Optimize support for clients to show they are connected through other VLANs and different DHCP.
• Add automatic Let’s Encrypt certificate request.
• Optimize connections via repeater to allow setting up randomized MACs and automatically switching them based on time or data traffic usage.
• Add an identifier to the currently used interface to the internet page if multi-WAN is used.
• Move the DHCP Reservation feature to the Clients page.
• Adjust the maximum length of the administrator password to 64 characters.
• Add a page to allow users to leave their feedback.

Features that we are open to developing but do not have a release timeline

• Add a built-in speed test tool to the web admin panel.
• Add Port Trigger.
• Add Port Protection.
• Optimize parental controls to support disabling adult content for children.
• Add DoH, DoT, and DoQ blocking.
• Add VLAN management.
  • Waiting for a more suitable product model
• Add a feature to allow users to shut down sleep devices with battery remotely.
• Optimize self-captive portal. (Set the captive portal used by the client to connect to the GL.iNet router, not the repeater to connect to the hotspot. This feature has not been migrated to firmware v4.x and there are no plans to develop it.)
• Add display for device connection time.
• Add backup or restore settings.
• Add Vulnerability Scanning.
• Optimize VPN traffic display with support for saving and manual clearing.
• Add support for mesh and 802.11r/802.11s.
• Optimize DNS to allow different DNSs to be assigned to different clients.
• Optimize NTP Support secure NTP servers or use DNS-based time sources.
• Add alerts for SIM card traffic overage.
• Add the auto power on/off function.
• Add support for client request monitoring.
• Add the wireless bridge (Layer 2 bridge, no NAT) mode.
  • Requires support for the original chip which is not available in all our current models.
  • Will be developed for the appropriate models in the future.

• Add more enabled SSIDs for different sub-networks, new SSIDs for VPN-dedicated channels or IoT-dedicated network entry.
  • Some of the usage scenarios for this feature overlap with the feature of Composite VPN Policies
  • Should be developed in conjunction with the VLAN management feature
• Add an option for toggle switches to switch VPN client configuration.
  • Some of the usage scenarios for this feature overlap with the feature of Composite VPN Policies
• Add total data traffic limit feature to cellular, support overrun alarm and auto disable.
  • We need to look at the degree of bias in the data statistics
• Add a feature to enter encrypted DNS manually.
• Add support for HeadScale.
• Add support for custom DoT / DoT / DoQ.
• Optimize Internet tracking and DNS servers used in the DNS option.
• Add backup exit node option to TailScale for Failover.
• Add ContrlD to encrypted DNS.
• Add Zenarmor.
• Add the docker to the available package list.
• Add IP Passthrough.
• Provide VPN servers as VPN operators.
• Add secondary connection(Russian PPOE) settings.

We will not consider the following requests

• Add ZigBee interface.
• Add support for SSR/V2Ray.
• Add support for SFTP.
• Add an option to allow users to change country or region. (Authorization Standard is not allowed)
• Optimize Tor to allow users to use Tor and VPN at the same time.
• Add buttons to the UI to allow users to access U-Boot. (Technically unattainable.)
• Add VPN scheduled connections.
• Add band steering.
• Add pi-hole.
• Add file explorer.
• Add Torrent tool.
• Add CIFS kernel support for Ubuntu to MV1000.
• Add a feature that passes all traffic through an SSH tunnel.
• Add a feature to implement the extroot configuration.
• Don’t blow the router name around by NETBIOS. (Technically unattainable)
• Optimize Wi-Fi txpower option to allow users to set value. (Authorization Standards is not allowed)
• Add OpenDNS.
• Lower fan start-up temperature.
• Add package installation path option to support installation to USB storage devices.
• Add support for UPnP.
• Add support for Wake on LAN.
  • It’s not stable enough and has mediocre client device compatibility
  • There are too many alternatives
• Add support for destination-based policy for Tor.
• Optimize repeater connections by allowing settings to set whether DNS rebinding attack protection is enabled for each SSID setting.
• Add Policy Settings Support to SIP ALG.
• Add an SSH Terminal Page in the Web Admin Panel.
• Add support for cellular WCDMA band block or open.
• Allow modification of Wi-Fi country code.
• Add policy settings similar to a VPN policy for Load Balancing.
• Add SIM card calling feature.
• Add multi-Wi-Fi password feature, Wi-Fi support configure to connect to different VLANs with different passwords.
• Add VPN obfuscation.
• Add a node selection policy for Tor.
• Add Kill Switch for Tor.
• Optimize the Override DNS Settings option, support setting the list to be overridden
• Add a simple DNS blocking feature.
• Add Watchcat to automatically reboot Wi-Fi when disconnected.
• Add support for multiple USB cellular modem accesses and allow setting a balanced load for them.
• Add an option to turn off detecting whether a new firmware version is available.
• Optimize USB cellular modem compatibility, open them to lock base station, and traffic logging features.

We have developed some solutions to the common problem of not being able to repeat public hotspots with captive portal (such as hotels/airport/malls). In order to make these features available as soon as possible, we have decided to split the original 4.6 version into two, the current 4.6 and 4.7 versions. Features that are still in development will be moved to the 4.7 release. Subsequent releases will follow in that order.
The 4.6 beta is expected to be available for MT3000, AXT1800 and other models by early May.