For several days, I have been manipulating LuCi to create and delete interfaces, Vlan, DHCP and DNS servers, firewalling rules, etc.
I observe that LuCI does not clean up the configuration files well. For example, in /etc/config/dhcp or /etc/config/network, incomplete fragments of old configurations are stored which no longer appear in LuCI. My understanding is that these incomplete fragments are simply ignored when reading the configuration files.
What is the recommended method of cleaning up the configuration files of this slag, once things have stabilised?
Thank you. Indeed, LuCI only clears depending entries from /etc/config/network, /etc/config/firewall and /etc/config/wireless on deleting an interface. The dhcp config is not covered. Will add cleanup for it.
Are there any other artifacts not covered? Right now only sections of type alias, route and route6 are removed in the network config if the corresponding interface is deleted, I suppose it needs to be extended to rule and rule6 as well.
This is actually correct, it specifically tells dnsmasq to ignore any inbound DHCP and DNS requests on that interface. It is also part of the shipped default configuration:
At the moment, yes. Will implement a fix to clear up stale DHCP pools as well when deleting an interface from LuCI. Until then you either need to delete those pools before deleting the corresponding interface or remove them manually via command line.
I had created a wildcard rule on the firewall, which allowed port 53 from any zone, and the DNS responded when queried from the WAN (that WAN is actually an RFC1918 LAN), despite the presence of option ignore '1'. I had to give up the wildcard rule, in order to be able to gag the DNS on the WAN interface.
Do we have a tool to test the validity of a configuration file, after manually cleaning it up?
The manual cleanup of the /etc/config/dhcp file went smoothly. However, I managed to lose all connectivity after editing the /etc/config/network file. As soon as I rebooted the router, it seemed to be unable to recreate its VLANS and subnet IP.
On this particular router (it's a Turris Omnia), it was possible to rollback to a previous system image, which minimised the implications of the mistake. However, it would be better to check the validity of a manually cleaned configuration file, to avoid such incidents completely.