sfx2000
Part of the Furniture
The OpenWrt Community is proud to present the OpenWrt 22.03 stable version series. It is the successor of the previous 21.02 stable major release.
The OpenWrt 22.03 series focuses on the migration from iptables based firewall3 to the nftables based firewall4.
Highlights in OpenWrt 22.03.0
Firewall4 based on nftables
Firewall4 is used by default, superseding the iptables-based firewall3 implementation in the OpenWrt default images. Firewall4 uses nftables instead of iptables to configure the Linux netfilter ruleset.
Firewall4 keeps the same the UCI firewall configuration syntax and should work as a drop-in replacement for fw3 with most common setups, emitting nftables rules instead of iptables ones.
Including custom firewall rules through /etc/firewall.user still works, but requires marking the file as compatible first, otherwise it is ignored. Firewall4 additionally allows to include nftables snippets. The firewall documentation explains how to include custom firewall rules with firewall4. Some community packages that add firewall rules might not work for now, and will need to be adapted to fw4: this will happen gradually throughout the lifetime of the 22.03 release series.
The legacy iptables utilities are not included in the default images anymore, but can be added back using opkg or the Image Builder if needed. The transitional packages iptables-nft, arptables-nft, ebtables-nft and xtables-nft can be used to create nftables rules using the old iptables command line syntax.
Many new devices added
OpenWrt 22.03 supports over 1580 devices. Support for over 180 new devices was added in addition to the device support by OpenWrt 21.02. OpenWrt 22.03 supports more than 15 devices capable of Wifi 6 (IEEE 802.11ax) using the MediaTek MT7915 wifi chip.
More targets converted to DSA
The following targets or boards were migrated from swconfig to DSA with OpenWrt 22.03 in addition to the systems already migrated with OpenWrt 21.02:
bcm53xx: All board using this target were converted to DSA
lantiq: All boards using the xrx200 / vr9 SoC
sunxi: Bananapi Lamobo R1 (only sunxi board with switch)
Dark mode in LuCI
The LuCI bootstrap design supports a dark mode. The default design activates dark mode depending on the browser settings. Change it manually at “System” → “System” → “Language and Style”.
Year 2038 problem handled
OpenWrt 22.03 uses musl 1.2.x, which changed the time_t type from 32 bit to 64 bit on 32 bit systems, on 64 bit system it was always 64 bit long. When a Unix time stamp is stored in a signed 32 bit integer it will overflow on 19 January 2038. With the change to 64 bit this will happen 292 billion years later. This is a change of the musl libc ABI and needs a recompilation of all user space applications linked against musl libc. For 64 bit systems this was done when the ABI was defined many years ago, the glibc ARC ABI already has a 64 bit time_t.
The OpenWrt 22.03 series focuses on the migration from iptables based firewall3 to the nftables based firewall4.
Highlights in OpenWrt 22.03.0
Firewall4 based on nftables
Firewall4 is used by default, superseding the iptables-based firewall3 implementation in the OpenWrt default images. Firewall4 uses nftables instead of iptables to configure the Linux netfilter ruleset.
Firewall4 keeps the same the UCI firewall configuration syntax and should work as a drop-in replacement for fw3 with most common setups, emitting nftables rules instead of iptables ones.
Including custom firewall rules through /etc/firewall.user still works, but requires marking the file as compatible first, otherwise it is ignored. Firewall4 additionally allows to include nftables snippets. The firewall documentation explains how to include custom firewall rules with firewall4. Some community packages that add firewall rules might not work for now, and will need to be adapted to fw4: this will happen gradually throughout the lifetime of the 22.03 release series.
The legacy iptables utilities are not included in the default images anymore, but can be added back using opkg or the Image Builder if needed. The transitional packages iptables-nft, arptables-nft, ebtables-nft and xtables-nft can be used to create nftables rules using the old iptables command line syntax.
Many new devices added
OpenWrt 22.03 supports over 1580 devices. Support for over 180 new devices was added in addition to the device support by OpenWrt 21.02. OpenWrt 22.03 supports more than 15 devices capable of Wifi 6 (IEEE 802.11ax) using the MediaTek MT7915 wifi chip.
More targets converted to DSA
The following targets or boards were migrated from swconfig to DSA with OpenWrt 22.03 in addition to the systems already migrated with OpenWrt 21.02:
bcm53xx: All board using this target were converted to DSA
lantiq: All boards using the xrx200 / vr9 SoC
sunxi: Bananapi Lamobo R1 (only sunxi board with switch)
Dark mode in LuCI
The LuCI bootstrap design supports a dark mode. The default design activates dark mode depending on the browser settings. Change it manually at “System” → “System” → “Language and Style”.
Year 2038 problem handled
OpenWrt 22.03 uses musl 1.2.x, which changed the time_t type from 32 bit to 64 bit on 32 bit systems, on 64 bit system it was always 64 bit long. When a Unix time stamp is stored in a signed 32 bit integer it will overflow on 19 January 2038. With the change to 64 bit this will happen 292 billion years later. This is a change of the musl libc ABI and needs a recompilation of all user space applications linked against musl libc. For 64 bit systems this was done when the ABI was defined many years ago, the glibc ARC ABI already has a 64 bit time_t.
