OpenWrt Suggestions


#1

OpenWrt is by far, the best router firmware that I have ever used; however, there are a few features that would make it just that much more complete...

It would be nice, if the Overview page in LuCI could kick / ban users from the network. Of course, a user management page, under the Network tab could have more detailed features, like setting the amount of time for a ban(s), and perhaps an ability to promote / demote users in accordance to traffic priority.

Having WPS push button within the Overview tab would be ultra cool too.

Third, an ability to set specific lease times for guest devices within LuCI would be nice.

Lastly, if there was a way within LuCI for guest devices to only be assigned IPs within a specific range, that would be superb.


#2

Glad you're enjoying it!

Kick/ban -- there are ways of doing it and a search here should turn up several approaches. Some are around the use case you hint at, others are around "band steering" or trying to force a client to a different AP. Outright ban is nearly impossible on home systems once they have the key. (Relatively easy on enterprise systems that need both a user name and password to access the wireless at all.)

WPS -- :skull_and_crossbones: Once you understand what it is, how it works, and how it weakens your network's security, you'll understand why that is not enabled by default (if at all) and unlikely to ever get attention in LuCI

Specific lease times and pool range (both DHCP-related) is already handled on a subnet-by-subnet basis in config and exposed in LuCI


#3

Ahh I see.. I might have to look into how to implement a username / password system within OpenWrt, or at least start segregating my traffic between a guest network and private network.

Are there any plans to implement a feature where you can see the individual traffic of specific users? Either visually or in a log format? I think that would be cool too, but I bet there is probably an add-on for that.


#4

When you're up for "some bedtime reading material", you could look into 802.1X and something like FreeRADIUS -- that is roughly how enterprises manage username and password for their wireless access.

OpenWrt, through hostapd, will support 802.1X authentication.