YazFi Problem with YazFi

[msrao]

Hello Gurus,

Huge fan of ASUS Routers and Merlin Firmware. Used the RT-AC68U initially and now switched to RT-AX86U Pro, running 3004.388.8_2, working solidly for mostly.

A while ago, i started using the YazFi, to isolate the IOT devices such as the Cameras and Lights, and it worked beautifully initially. However with subsequent Firmware updates I started seeing the problems. Bunch of times, i reinstalled YazFi and it worked. Now i want to completely get rid of YazFi and use the Asus Guest WiFi SSID, dedicated to IOT devices, with denying to the Intranet access.

I did uninstall the YazFi from command line, however, the IOT devices are still connecting to the YazFi network VLANs

Main Network is 192.168.1.0/24
YazFi Guest Network 1- 192.168.101.0/24
YazFi Guest Network 2 - 192.168.102.0/24

The problem is when i add a new IOT camera to Guest Network on primary VLAN, it tries to join to WiFi, but doesn't register to the Wyze Camera portal. I see the device on Wifi, but not connecting to Wyze.

I did install the Asus Firmware, using the rescue mode as it says it can fix third party firmware issues. But i will see the devices connecting to YazFi networks, against my wishes.

So, i need a solution with 1) Permanently remove all references to YazFi Networks or 2) Fix the YazFi issue, once for all.

Here is the output of 'nvram show' with VLANs 101 and 102.

wgn_brif_rulelist=<br1>192.168.101.1/24><br2>192.168.102.1/24>
subnet_rulelist=<192.168.101.1>255.255.255.0>1>192.168.101.2>192.168.101.254>86400>>>>>>1><192.168.102.1>255.255.255.0>1>192.168.102.2>192.168.102.254>86400>>>>>>1>
vlan_rulelist=<1>501>0>0>FFFF>0002>0000>192.168.101.1/24>1>0>1><1>502>0>0>FFFF>0000>0002>192.168.102.1/24>1>0>1>

Any help is greatly appreciated.

Regards,
MS Rao

 

[visortgw]

FYI, if you select disable Access Intranet for guest network 1:

• on 2.4 GHz, all devices are put on 192.168.101.0/24 subnet; and
• on 5 GHz, all devices are put on 192.168.102.0/24 subnet.

Also, ASUS creates a "hidden VLAN" (I know, ASUS doesn't do VLANs on 3004 and earlier firmware, but they do!) using VLAN tags 501 and 502 to manage access.

This is independent of YazFi or any other third-party software — it is the same on Asus stock firmware or Merlin.

If you enable Access Intranet for either band, those devices are moved back to your primary network subnet.

 

[bennor]

Main Network is 192.168.1.0/24
YazFi Guest Network 1- 192.168.101.0/24
YazFi Guest Network 2 - 192.168.102.0/24

Those are not YazFi created guest networks. Those are created by the Asus firmware itself independent of YazFi. It is why there were suggestions made elsewhere in other YazFi discussions not to use 192.168.101.x/24 and 192.168.102.x/24 as YazFi IP address ranges. And a reason why there are suggestions, when using YazFi, not to use Guest Network #1 for YazFi, use Guest Network #2 and or #3 instead. If using Guest Network #1, disable it and try Guest Network #2 and or #3 and see if the issue persists.

The whole Access Intranet set to disabled on Guest Network causing Guest Network clients to not be able to access the internet is a Asus firmware bug. See the forum search feature to find various past posts and discussion about that specific bug in the Guest Network feature of Asus firmware. One workaround to that bug was to use YazFi since YazFi enabled the Access Intranet option then uses separate YazFi gnerated IPTables rules to control/limit/allow/block intranet access and internet access.

 

[eibgrad]

Two simple suggestions (based on a lot of good details above):

1) Never use Guest #1, only Guest #2 and/or Guest #3
2) Do NOT use YazFi anymore (the author no longer supports it)

That will likely help you avoid many problems.

 

[bennor]

2) Do NOT use YazFi anymore (the author no longer supports it)

While Jack Yaz is no longer actively developing most or all of his add-on scripts. Another user (Martinski) has taken to fixing some issues with some of Jack's scripts including fixing some issues with YazFi. The latest YazFi fix (v4.4.5 develop) was the scroll bar issue with various addon's that cropped up with 386.14.
https://www.snbforums.com/threads/yazfi-v4-x-continued.83846/page-7#post-919067

/jffs/scripts/YazFi develop
/jffs/scripts/YazFi forceupdate

Some other Jack Yaz scripts that had the scroll bar fix are mentioned here:
https://www.snbforums.com/threads/a...ilable-for-ac-models.91060/page-2#post-918838

 

[Ripshod]

1) Never use Guest #1, only Guest #2 and/or Guest #3
2) Do NOT use YazFi anymore (the author no longer supports it)

GN1 + YazFi working fine here. As mentioned above, Martinski has stepped up.

 

[heysoundude]

GN1 + YazFi working fine here. As mentioned above, Martinski has stepped up.

Do the amtm links reflect the newer DLs or…?

 

[bennor]

Do the amtm links reflect the newer DLs or…?

AMTM typically reflects the stable versions of the addon's. For example YazFi 4.4.4 doesn't have the scroll bar fix update that the YazFi 4.4.5 develop version has. Certain fixes, may only be present in the "develop" versions of some addons like Jack Yaz's scripts that Martinski has updated. As previously indicated you may have to force update that develop script.

YazFi v4.4.5:

/jffs/scripts/YazFi develop
/jffs/scripts/YazFi forceupdate

connmon v3.0.3:

/jffs/scripts/connmon develop
/jffs/scripts/connmon forceupdate

spdMerlin v4.4.6:

/jffs/scripts/spdmerlin develop
/jffs/scripts/spdmerlin forceupdate

ntpMerlin v3.4.6:

/jffs/scripts/ntpmerlin develop
/jffs/scripts/ntpmerlin forceupdate

 

[heysoundude]

AMTM typically reflects the stable versions of the addon's. For example YazFi 4.4.4 doesn't have the scroll bar fix update that the YazFi 4.4.5 develop version has. Certain fixes, may only be present in the "develop" versions of some addons like Jack Yaz's scripts that Martinski has updated. As previously indicated you may have to force update that develop script.

YazFi v4.4.5:

/jffs/scripts/YazFi develop
/jffs/scripts/YazFi forceupdate

connmon v3.0.3:

/jffs/scripts/connmon develop
/jffs/scripts/connmon forceupdate

spdMerlin v4.4.6:

/jffs/scripts/spdmerlin develop
/jffs/scripts/spdmerlin forceupdate

ntpMerlin v3.4.6:

/jffs/scripts/ntpmerlin develop
/jffs/scripts/ntpmerlin forceupdate

seems to me that it would be a “simple” logic gate in AMTM based on model detection…if it would solve the noise/traffic here of people looking for answers like in this thread. Perhaps it’ll happen for when Merlin has the newest stuff from Asus, the v102 for AX routers. (I have faith that the good people who make it possible to have these script functionalities are proactively/anticipatorially waiting and working in the background)

 

[bennor]

seems to me that it would be a “simple” logic gate in AMTM based on model detection…if it would solve the noise/traffic here of people looking for answers like in this thread.

That would be up to @thelonelycoder to code in an option (if it doesn't already exist) to AMTM to allow a person to install the script develop version rather than the stable script version. There may already be a reason (and probably a good one) why such a option is not, or has not been, included in AMTM.

Part of the noise/traffic issue is because people are (understandably) looking for a quick answer and start a new post hoping for a quick response rather than spend a few minutes of their time scanning the post topic titles on the first or second pages of a subforum, and or using the forum search feature to search for past or existing discussions on a topic or issue they are experiencing. Common problem on many support/discussion forums.

 

[thelonelycoder]

The ‚problem‘ would solve itself if the devs would merge develop to master once it‘s fixed.

 

[heysoundude]

The ‚problem‘ would solve itself if the devs would merge develop to master once it‘s fixed.

Then @Martinski might need a nudge, it seems

 

[dave14305]

Then @Martinski might need a nudge, it seems

But Martinski isn't the gatekeeper of Jack Yaz's repositories.

 

[bennor]

Then @Martinski might need a nudge, it seems

It may not be Martinski that needs the nudge, it may be that @Jack Yaz would need to merge the develop into master on his end since it's on his GitHub account that YazFi/AMTM is pointing to. This is likely one of the issues that happens when developers step away from continually developing and or merging other's changes to their AMTM connected scripts.

 

[heysoundude]

But Martinski isn't the gatekeeper of Jack Yaz's repositories.

It may not be Martinski that needs the nudge, it may be that @Jack Yaz would need to merge the develop into master on his end since it's on his GitHub account that YazFi/AMTM is pointing to. This is likely one of the issues that happens when developers step away from continually developing and or merging other's changes to their AMTM connected scripts.

I seem to recall that before he stepped back from being active here/on those scripts, @Jack Yaz stated that he'd be happy if people took things from where he had brought them to by forking. it could well be time for that

 

[bennor]

I seem to recall that before he stepped back from being active here/on those scripts, @Jack Yaz stated that he'd be happy if people took things from where he had brought them to by forking. it could well be time for that

No doubt he likely would be happy if someone else took over full control. That however likely would require someone to expend considerable effort to delve into his scripts and perform the upkeep the various scripts Jack has created. Not everyone has the desire or time available to do so, particularly if there is no financial incentive for the use of what is likely their busy daily schedule.

The fact that it appears no one has stepped up to offer, since Jack made the announcement two years ago, to take over full time control assuming Jack would relinquish full control of his scripts, is what it is.

 

[dave14305]

"develop" branches seemed like a good idea in the infancy of individual addons when the rate of change was high and potentially buggy. In the waning code-rot years, they serve little purpose other than to delay deployment of important fixes.

There could be benefit from a "community repo" (Github Organization) on Github that has the "amtm official" versions of addons that would have multiple maintainers available to commit changes and merge pull requests (similar to the OpenWrt packages repo that is community-driven).

Ultimately, individuals move on, but a shared repo could survive the comings and goings of any single contributor.

 

[thelonelycoder]

The fact that it appears no one has stepped up to offer, since Jack made the announcement two years ago, to take over full time control assuming Jack would relinquish full control of his scripts, is what it is.

Ahem.

 

[dave14305]

 

[bennor]

Ahem.

I was thinking primary of YazFi and YazDHCP when making that comment as this was primarily a YazFi topic. It doesn't appear, other than Martinski, that anyone else appears (from the various YazFi and YazDHCP posts I've read) has taken up the reigns for those two scripts. Good that some (PS: three of ten or so) of Jack's other Asus Merlin scripts are having continued support.