The structure of the config files does not really lend itself to hierarchical / merge approach.
I think something like a sqlite could be used to keep all parameters and the config files can be generated based on the parameters.
But I think all these types of approaches limit the flexibility of openwrt. It becomes like OEM hardware that is factory configured for one role only.
This will simplify a life of a developer at the expense of usability, yes.
No, if your an advanced user with many demands then just edit the config files yourself.
If your a novice and just want a wizard like experience then a user interface that keeps your settings in a database to be used for generating config files now or after an upgrade seems like a reasonable approach.
Especially now that low memory devices are getting phased out and newer devices have more resources to include nice UI features.
https://www.freebsd.org/cgi/man.cgi?mergemaster(8)
~40 kB
pkg updating is equally interesting, alerting users as to any changes in ports that they have installed that might require more than just an install.
Of course, none of this is really appropriate for the 4-8 MB crowd.
Yes. I just updated the OP to say that I would only insist that these improvements be available to Recommended devices. (People using "limited" or "difficult" routers will have been forewarned, and any niceties that come to OpenWrt may not be available to them.)
The structure of FreeBSD is very good indeed.
I wonder if this thread gonna be resolved like the one below and several other similar threads...
LEDE is not consumer software: LEDE is death hole for consumer
According to the FAQ on the Wiki:
Is OpenWrt suitable for me?
OpenWrt is primarily intended for power users, networking enthusiasts, wireless communities, and embedded device developers.
OpenWrt's default configuration, with the luci web interface, is a big improvement over the stock firmware of most wireless routers and similar devices. It provides all of the functionality most people will need. Additional packages can be installed with just a few clicks, to provide extended functionality if needed. A command line interface is also available.
I dare to say that âmost consumersâ donât fall into that category. The group of people that do fall into this category still might need help/support but it will be on a completely different level.
Handling kernel updates, package updates etc while keeping all the configurations might just be to much for âembedded devicesâ. If you start targeting the high end devices for these features that would leave an even bigger group of people / devices behind than just cutting the 4/32 devices as discussed in another thread.
Doing a full update might only be suitable for those âdual bootâ devices where the configuration can be (automatically) copies & pasted from the âother partitionâ. With a failsafe in place should this fail. Any package updating/adding settings should have its own script to handle those changes.
This triggers two thoughts:
I believe we should aspire to have our basic secure router be broadly usable - to the consumer (or a "pro-sumer"). We are almost all the way there: we work on lots of devices, the installation process from Vendor GUI to OpenWrt is smooth and well-tested, and the base installation is as secure, robust and reliable as an vendor firmware.
As for updates, we can do better (of course). But I also suspect that an 18.06 OpenWrt install (even if un-upgraded) is more secure than most vendor firmwares.
So we must never be ashamed of our progress - there's a huge amount to be proud of. I think what we're talking about here is our next steps to make OpenWrt better. Thanks.
@richb-hanover-priv I feel like you are a little offended by my last post (maybe Iâm reading to much into it). Nobody said that the project hasnât come a long way. And nobody implied that there is not a lot to be proud of.
But: The first problem here: maintaining a router. Updating / upgrading package or the kernel âin placeâ is complicated given the limited resources on our embedded devices. Iâm afraid that it will add to much âbloatâ, which needs to be compensated by using higher end devices (with more flash / ram).
Second problem: if you want to make it more available to consumers vs pro-sumers, maybe there is a need for a âfullâ installation image vs âminimalâ and the end user adds his/her own packages. A âfullâ installation will have all the features like Adblock, guest-network, file-share, OpenVPN, maybe WireGuard, SQM etc.
That will make it more âfriendlyâ for many consumers, but is moving away from the original intention of this project: making everything user customizable.
In the end it is even related to the 4/32 question: those will never be able to have all the eye-candy and features AND be very user friendly in terms of updates (without basically flashing a clean install and reconfigure). So which group do you want to leave âbehindâ. Or, like I mentioned: make a âfull featuredâ image available for those devices that could handle that (still leaving the 4/x behind).
Another option (not sure how workable it would be)...copy all relevant config files to the end users PC, do all the reconfiguration on that PC with a âtoolâ, which needs to be created for that. Merge everything back together into a âfinalâ image, which in turn can be flashed as âfull configured custom-updateâ.
Something like an online image builder perhaps?
Something like that, but in order to do an upgrade, it should "read" the flash from the device and based on that update / upgrade relevant packages while keeping all the config files associated with that package. Any non related (user) files should be kept "as-is". Maybe even "merge" the writable overlay with the original flash, and flash the whole thing back and by doing so, freeing up blocks which could be used for new overlay stuff. The "merged" version would be squashed again.
I think this should not be done directly on the device because of limited resources. I haven't given it a lot of thought yet. It might not be such a great idea in the end, depending how "secure" we can do this.
Let's say the UI has a toggle..... near the top right...
-simple
-intermediate
-advanced
With simple.... 70% or so percent is not shown and is autoselected..... and so on.....
Simple could also instantiate verbose "tooltips" around especially tricky or exact parameters.
It could also have a wizard, to generate config backups and likewise for restoration.
This seems the most plausible route...... This way effort to support basic users is narrowed into that toggle space and achievable.
No offense taken at all (and thank you for checking in.) Your comments are really important. They get to the question of "What is the 'purpose' of OpenWrt?" Who are we designing OpenWrt for?
Is OpenWrt just is a low-level platform, where all things are possible, and equally easy (or difficult)?
Or is it worth focusing some of our attention to make sure OpenWrt is very well suited to one or a few tasks?
As I've stated elsewhere, my focus is on newcomers to OpenWrt. I believe our challenge is to design OpenWrt to provide some variation on a Basic Secure Router that offers easy installation and maintenance (e.g., updates) on a Recommended piece of hardware. For total transparency, my other bias/goal is that I am weary of seeing dozens of posts on different forums, "My network is really slow when someone's streaming..." I want to be able to respond with, "It may not be for everyone, but you could just install OpenWrt and configure SQM" and know that they're highly likely to succeed.
I am willing to spend energy envisioning a router GUI that provides a simple install/maintenance process for newer, more capable devices. (That is why I say we're most of the way there...) My advocacy here is to see if there are others who would like to work with me to envision what that would look like. Thanks!
"My network is really slow when someone's streaming..." I want to be able to respond with, "It may not be for everyone, but you could just install OpenWrt and configure SQM" and know that they're highly likely to succeed.
I have the same experience when playing with others in Overwatch. People will constantly complain that the game is laggy, yet I almost never have any latency issue. I try to explain that their internet, not the game servers, is to blame. I try to explain what OpenWrt is and why they should get it but I've literally never had anyone seriously take me up on the offer. I have two brothers. the oldest was the one that told me about Lede. I turned an old PC into an overpowered router with quite a bit of pain and research. I FINALLY got my older brother to put it on his formerly Tomato router and he has had a lot of success with it as well. We don't all have networking backgrounds but we are all working in the IT space in our individual verticals. I still worry the default firewall settings are leaving my home vulnerable to boogymen. All that to say: I'd rather the project move towards being inclusive of consumers.
I would compare it to US personal tax filings. If you don't own a home, make lots of charitable donations, trade securities, etc, The standard EZ form with a standard deduction is great, simple, won't get you in trouble if you just input the info from your tax forms. For people who benefit from itemizing their taxes, there is a process for that as well, but it takes longer, requires more knowledge, and opens you up to the risk of getting something wrong. In router-speak, I'm the first type of person. I don't want to mess around with the firewall, ports, VPN's.....it just needs to connect to the internet and not leave my home at risk to major known threats.
@anon50098793's suggestion for a wizard would be something I'd be interested in seeing. By that I mean, a wizard for setting up WAN (Who is your ISP? Centurylink: PPPOE), SQM (What does your ISP claim your download and upload speeds are?), Firewall.....
@thompdre841 I love stories like this. It shows the value that OpenWrt can bring to thoughtful people who are new to the project.
The challenge lies in the balance between simplifying everything as much as possible (but no further) to produce a basic router that is secure, robust, and does "the things people need". Let's take @anon50098793's suggestion about a wizard to the extreme:
How few questions can we require for a "good-enough secure router" setup? I think the minimum is Login Password and Router name.
/etc/... allow experts to extend the router.)But if we could design a system where people could get a good-enough secure router running with a minimum of hassles, we would have accomplished something really important.
A wizard can be confusing at times and it makes it hard to see the whole picture of configuration. What about a single page with several tabs? Each tab would show if it is filled with data or not. A tab for WAN, a tab for trusted network, guest network, Adblock, etc.
This page could save all data into a single file and it would be used to re-generate the config files after every save or reboot.
Iâm not sure if this is the way to go. Have a quick google about âwizardsâ from different vendors. Probably I like the Netgear Genie the most, it gives very little options, and basically gets the user online with a few simple clicks.
Besides the âwizardâ, who is going to decide the preinstalled packages? Basic routing, firewall and WiFi, but than: guest network? Adblock? SQM? VPN: which? OpenVPN, softether, Wireguard, IPSEC? Samba, FTP? USB 3g/4g? I want it all! Preconfigured, preinstalled and everything in my TP-Link Arcer C7 for my 1 gigabit fiber connection!
We know that the âconsumerâ has to high expectations already...will this not just make it worse?? Have a look at dd-wrt (as example). It comes âpreinstalled with a lotâ, than look at the questions in their forum. Padavan, Tomato, all more preinstalled with âstuffâ, but in the end is that what we wanted??
Isnât OpenWRT supposed to be âOpenâ, as in, the end âpro-sumerâ decides what to install (either build the firmware from source) or add later via opk?
BTW: isnât this moving away from the original post: how to maintain the router? As in: itâs installed and working, now we need to update/upgrade packages? And how to do that painless and maybe even remotely?
Yes, actually it's why I started the how to get started thread over here: How to make getting started with configuring easier - #32 by Hegabo
Totally agree. I moved my list to the other topic.
Perhaps the sole remaining item is solving the easy-upgrade problem. I suspect the people who are interested in that are also interested in the "easier configuration" problem as well, and we can treat them as another essential requirement.