OpenWrt 22.03.0-rc1 first release candidate

Run fine with my 3 * Tenbay t-mb5eu-v01 in WIFI 6 / AX

  • i use my t-mb5eu-v01 after modified iwith a 32M flash ...

I couldn't have internet connection on my LAN client with this release. Probably a firewall issue on my part as I've noticed it wasn't working as I was expecting. Router itself had connection. I didn't have any leftover settings. Switching back to 21.02.03 fixed the problem.
ramips 7621 xiaomi mi a4 gigabit
using wireguard

Can't provide too much detail now as I'm busy but I will try again.

A big thank you to everyone who worked on this project, we appreciate it.

1 Like

In my case, these three kmod packages were missing...

kmod-nf-reject6
kmod-nf-ipt6
kmod-nf-conntrack6

Now have Internet access, and entries in nftables.

1 Like

You are absolutely right and I don't understand why they didn't mention it, because Qosify (made by the smart @nbd) is the best solution to prioritize important traffic (eBPF > iptables/nftables) and completely FIX the bufferbloat (CAKE > fq_codel), there is nothing like it in any other firewall.

If you want you can test my Qosify configuration:

4 Likes

I am using custom adblock hosts files as well as dns query logging to a separate file (logfacility property). The crash was due to the latter. ujail needs to know about the logfacility file and allow dnsmasq to write to it. A patched dnsmasq init script will fix this.

Other than that, working fine now on both TPLink Archer A7v5 and Netgear 6700v2.

Thanks, but unfortunately this does not solve the problem for me. The modules kmod-nf-reject6 and kmod-nf-conntrack6 were already installed by default and the module kmod-nf-ipt6 or kmod-nf-ipt did not help, but seems to be for the no longer used iptables anyway. Too bad on my other router everything works fine.

Are you running docker on your R4S ?
Cant seem to get docker loaded luci

No, I switched to podman since there seem to be quite some issues with nftables and docker.

I found another issue with the C7 V2.

One static device is getting kicked after an hour, when the Station inactivity limit is set to 10 hours.

Works in 21.02.3, and prior releases.

I installed Adguard as this post, but there is a DNS port setting in there.
Like this:

iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5353
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5353

Now how do I set it up to achieve this?

https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nftables

1 Like

I've searched for this article before, but I couldn't read it or figure out how to do it on openwrt 22.

Create the following entry in /etc/firewall

config redirect
	option name 'Redirect-DNS'
	option src 'lan'
	option src_dport '53'
	option dest_ip '192.168.1.1'
	option dest_port '5353'
	option target 'DNAT'

I have done the above but the ad filter is still not working

I have returned to version 21.0.3 and everything is working fine, I will update to version 22 when I search for a solution.

There is a new thread which handles this better. The old thread had AGH installed at 5353 thus adding an additional hop to your DNS route.

The new way switches Dnsmasq to be behind AGH and thus only refers to Dnsmasq for PTR requests.

2 Likes

Thank you very much, I will try this.

Thanks for the RC, the firmware works well on:

  • Linksys EA8500

Issues on packages:

  • banIP : related with nftables / iptables
  • vpn-policy routing : fail on setup gateway

Packages working:

  • adblock
  • unbound DoT
  • nlbwmon
  • ddns
  • wireguard

So, rollback to the stable 21.02.3.

2 Likes

Upnp doesnt work for 2 console only one on my belkin rt3200

Trying out 22.03.0-rc1 on my Archer C7 v2 I found that IPv6 from LAN to WAN and vice versa works fine, but not Pv4. IPv4 on the subnet and to the router works fine and IPv4 from the router to the internet also works fine, but something seems wrong with the transmission of IPv4 packets from LAN to WAN and vice versa. Switched back to 21.02.3, now everything works as expected again. On my other router (gl.inet) version 22.03.0-rc1 works fine, strange.

I was able to get IPv4 working, but the deauth issues on one of my static devices started showing up in the logs today.

I rolled back to 21.02.3 (again).

I'll give it another shot when rc2 is released.