Divested-WRT: No-nonsense hardened builds for Linksys WRT series

Hi, is it recommended to upgrade to the latest version now, to prevent the wifi attacks as described in fragattacks?


The patches as I currently have them applied are "bodgey", so they aren't guaranteed for anything.
But the builds are stable and you should regularly update anyway.

The OpenWrt developers have a much better patch here: https://github.com/openwrt/openwrt/commit/025bd93f36c9923127674ce127e22933592cba6c

I will make another build soon. 20210512-00 is up.


Upgraded and looks very stable, as always. Great stuff :slight_smile:

Keep in mind, that drivers may need to be patched. Per driver updates were included for ath10k, ath11k, iwlwifi, and most recently, mt76. mwlwifi may still be vulnerable, hopefully we will see a fix. Linksys released a notice here: https://www.linksys.com/gb/support-article?articleNum=246427#ff

We may once again see movement here: https://github.com/kaloz/mwlwifi

But I wouldn't keep my hopes up given the history of the driver's development and the transfer of ownership from Marvell to NXP.

Once again, another reason why to prioritise picking an access point with ath, mt76, or intel chipsets...

1 Like


I have just flashed my WRT1900AC v1 with this firmware.
But I'm litte confused with DSA and VLANS.

I want to use my WRT1900AC as a dumb AP, my main router have DHCP servers for each VLAN.
I have a trunk from my router containing VLAN10, 20 and 30

I want to have one interface per VLAN:
VLAN10: GUEST, static IP
VLAN20: IOT, static IP
VLAN30: HOME, static IP

and every wlan should have one access port and one wifi-ssid.

Anyone can help me how I can setup this?


Some syntax, an example, and debate


It seems that the two Galaxy S8 phones on my network experience the same issue as @rsolis76 does, except that I believe I've reproduced it even on a fresh install without any static leases set. I've seen it on the official RC1 (I think...could've been a similar but different failure?) as well as multiple divested builds. Not really sure how to collect more data on it at this point. I've found that once they fall into this bad state:

  • They can't access webpages
  • They can't ping within or outside the network or be pinged
  • If they use a network analysis app, they're still able to discover PCs using less common services.
  • And I can't be sure of this, but it seems like RC1 is better behaved than this firmware, wherein trying to access the router repeatedly or retrying a google search eventually corrects the issue? This is pretty hard to prove.

Normal recovery as mentioned is just to disconnect/reconnect or hop to the other band.

Truly bizarre, and sad that it's preventing me from a trouble-free run on an otherwise great firmware. Never seen this issue on the stock firmware over the years. I wonder if this is just the current (and possibly permanent) state of mwlwifi as far as interacting with the radio used in these phones.

I switched from Divested build to a regular vanilla and stable openwrt 19.07. I just changed the mwlwifi driver to the last available kaloz version that @eduperez precompiled and that's it.

I have not had any samsung 8 disconnects or any other major symptom. Wifi is stable, speeds are great and I can have static leases without disconnects. Ofc being an official 19.07 it does not have the security tighten as with Divested and it is still running on the old switch sw instead of DSA.

I have a hunch that the S8 disconnects has to do more with DSA builds rather than the mwlifi. But I have no clue how to prove it.

Hope it helps

I used the example. worked great. Thanks!!
Just had to add my vlan tag in luci (devices->switch0->Bridge vlan filtering).

I suspect you're correct about it not being mwlwifi, as the version bundled is also used in other builds that seem ok (I believe). Thank you for the notes about your current configuration. My worry is that if this issue is low visibility, it could make it into the stable 21.02 drop without a fix, so hopefully someone will take me up on troubleshooting it for a fix.

Totally agree, I am fairly new to Openwrt, coming from DDWRT since 2020, but if someone can point on how to raise a bug for the RC or the right way to give visibility of this issue we can start from there, this will benefit the Divested build as a consequence...

You can mention it on the 21.02-rc1 thread and put a bug report here: https://bugs.openwrt.org/

Yea it might be some combination of DSA and mwlwifi. I have a 20 day uptime on rc1 and it's running great (bounced betwee nthan and Divested, both are great really) but have noticed wifi isn't as good as I remember from davidc502 final.

1 Like

Just thought I'd chime in as well, but I have been experiencing the same issue as the others with Samsung phones (not sure why Samsungs would be any different).

It's a bummer because I'd love to fully switch over to this build.

@digital_mystik @rsolis76 @serverror

Can you try changing your 2.4GHz radio to channel 4?

I noticed a few months back with a Samsung Galaxy S5 I had that the router would completely disappear every few minutes when I had it on 1/149. 4 seemed to fix it.

I considered it breakage on my end, as my S5 is running my own ROM.

Worth a test.

No change here, the issue persists.

Yeah it might be a DSA issue (although I haven't tried any other DSA builds aside from Divested). My PCs don't disconnect in the same way, although I am not sure about other types of devices since I've only ever used Samsung phones.

Wouldn't it's wireless stack be the same as other Android devices?

No change here, the issue persists.


Wouldn't it's wireless stack be the same as other Android devices?

There are Androids with:

  • Atheros
  • Broadcom
  • QC prima
  • QC qcacld-2.0
  • QC qcacld-3.0
  • QC qma-wifi
  • + whatever else (TI?)

I have same disconnection issues in fresh and custom dsa builds also with apple devices.


Do you guys use fast transition 802.11R on your 1900acs v2? (I have two of them)
I didn't get it up an running, some info from my attempt

I also have network issues after moving to the 5.10.28 kernel build(I dont know when others started having issues its just when I noticed and family started to complain). The devices do not say disconnected they just dont have internet for about 30-45 seconds then it comes back.
Mine tends to be cheaper android stuff for kids and my samsung tv running tizen.
I have not upgraded since. I dont know if its DSA issue or not but I upgraded to DSA a few months ago and this problem just started.


dont know if this is anything?
kernel log:

[  882.030856] ieee80211 phy0: staid 1 deleted
[  882.068867] ieee80211 phy0: staid 2 deleted
[  882.979226] ieee80211 phy0: staid 7 deleted
[  884.818235] ieee80211 phy0: staid 5 deleted
[  907.377793] ieee80211 phy0: staid 8 deleted
[ 1898.883350] ieee80211 phy0: staid 9 deleted
[ 2383.411975] ieee80211 phy0: staid 2 deleted
[ 2721.453133] ieee80211 phy0: staid 9 deleted
[ 2909.416699] ieee80211 phy1: staid 11 deleted