Securing OpenWrt Setups ( recomendations )

Not OK...I didn't magically understand anything...I'm expecting you to explain something here...

Also, if you're implying that a can be spoofed via Wireless LAN...LOL

The only thing I understand - is that you're implying WiFi, in all its forms, is insecure.

Am I correct?

If someone is this security paranoid, as I suggested:

Using a management VLAN only addresses all your concerns:

  • No WiFi
  • Physically at device
  • Configured to be only port/network LuCI/SSH is reachable from

Last option is console access, only.

1 Like

dude i understand one thing only , you are really not in favour of any advancement , its fine your choice keep LAN wire with you configure safely

al da best

1 Like

I wish you well too; but for someone as security paranoid as you, don't get me wrong:

I'd turn off uHTTPd and dropbear and run console only.

I can't imagine a network security person like yourself not taking that as sound advice.

(The LAN wire chide was funny, but again, used to take me out of context.)

1 Like

thats because i manage around 3200 openwrt access points all across the world and client gets angry if i dont do my research and always ask them to insert cable

more over i cannot compromise with their security too


you notice that you NEVER FOLLOW THROUGH??

1 Like

so i tried to share what i got to know from my R n D , but you have alternatives for all .. LOL

Please stop confusing the community. In all these threads, you ask a question, then you always fail to follow through.

I said I wouldn't enable wireless, then you make a joke about me carrying a LAN cable.

Grow up sir, and just explain yourself like an adult.

1 Like

i have joined the community and will always be fair with them , i will give whatever required let the need come
right now every one is happy with alternatives
let all realise the need , i am happy that yesterday this didnt happen

I got my first solution accepted and the user itself denied alternative even before i reacted well about the alternative

If this is your opinion, I would advice you to stop posting and responding to people.

A lot of people are beginning to get agitated that you are harboring some secret way to secure routers and configure multiple multiple vendor equipment with OpenWrt; and you always fail to follow through and share.

You obviously claim you have an alternative (you even claim to have invested in Research and Development now). So it seems quite silly to keep reminding people when they ask you to explain.

1 Like

You wrote a script for someone.


No clue how "alternative" applies in that context, and I don't want to know. The community can read for themselves. Congrats on your first solution.

1 Like


I also tried to help out others , its not only me who is not following :stuck_out_tongue: lol

Yes, there are also 2 other known Central Management solutions available on OpenWrt.

In fact, someone informed you of them:

The other is Cucumber Tony:

Other notes:

  • It appears you have displayed a private message between you and @nemesis. I think that was poor taste.
  • It seems you solicited @nemesis
  • It also seems you created that paged around or near the time you contacted @nemesis !!!

I've been waiting for you to tell us...perhaps in its own post announcing it to the community! :wink:

I'm also concerned about the JavaScript you have running...but that's another story...

1 Like

dude CT just managed the hotspot portion i used it two years back

and tries openwisp and openwisp2 also i have shared what i experience from them and scope of improvements that i will give to my controller

I don't care. Please follow through regarding your solution. Thanks.

1 Like

you detective its very much obvious that i wrote that post for @nemisis only , because he accepted what openwisp currently misses and perfectly answered my public posts

Again, see:

1 Like

record my words again then , i ll share all , let me become familier with this group working

I ll personally mention you when i share :stuck_out_tongue:

1 Like

Allow me to assist, although, I'm merely patronizing your silliness, since the entire community can obviously realize you already know how to:

  1. Click new topic:

  2. Place select category as follows:


  1. Write a clear and concise title - that you want to announce a new software to the community!

For transparency, I post here the reply I just sent to Arjuniet:

Hi Arjuniet,

I could spend hours replying to the points you wrote in that post but I don't think it's productive for me to do that, let me summarize it in one paragraph: the polling (1 HTTPS request every 5 minutes by default) is really not an issue (it's being used by thousands of organizations all over the world and nobody is complaining) and has allowed us to get it working with minimum effort and start working on other fronts while leaving optimizations for a future phase (and some of these optimizations are already in the pipeline and going to be released in 2019).

The difference between OpenWISP and what you are building is that OpenWISP aims at creating a foundation, a set of tools, an ecosystem, something like a framework, to build really powerful and customizable network management solutions with the aim of offering power, freedom from lock-in, ease of access and lower costs of management.

We haven't achieved all our goals but we are progressing. To achieve for those long-term goals, given my limited resources I decided to compromise some aspects that are usually emphasized by those who want to build commercial products.

I understand where your concerns come from although I have decided to go on a different path: build a solid foundation and once that is ready refine the system and make it easier to use. Doing the latter first would not have allowed me to have enough room for building a strong foundation later: once you build a skyscraper, you can't change its foundations. I believe building software is similar.

Since there's demand for this kind of product you are building, I think it's good that you help those who don't want to choose OpenWISP because they need something different and I wish you good luck.



@nemesis sorry it was never my intent to take your time specially for this thing , I am becoming active now on this forum and got provoked and just for putting my words to a guy i took your name .

As i really dont want to take your time as you are really doing very good , I personally prefer your tool as of now.

My message to you were really suggestions for you and as i am also working i thought for that discussion

Al da best dude