YazFi YazFi - enhanced AsusWRT-Merlin Guest WiFi inc. SSID <-> VPN Client

[PC Pilot]

Ah, the failure for uf would be because switching branch triggers a firewall restart (in fact any update of YazFi does), and this waits 60 seconds for it to complete - my apologies! With @RMerlin 's guidance on uname it is a simple enough fix, but I can't promise that the separate busybox installed in Entware won't cause any other issues down the road!

Hi Jack

….and firstly my apologies for the slow reply! As ever your explanation adds much value to my on-going networking education, and I completely understand that the presence of the separate "Entware installed" busybox may well have implications 'down the tracks' as these things are complex (at least to my somewhat feeble mind!! LOL) and the inter-relationship/interaction between Merlin's base firmware, add-ons (like YazFi) and scripts clearly leaves many opportunities for conflicts to arise. I am grateful that, in this regard at least, your expertise was able to unravel the issue and ultimately to present a functional WebUI.

I have however experienced another issue, which may (or may not) turn out to be related to the busybox clash, in that since installing YazFi my VPN Client is no longer working (despite being connected and correctly reporting) with both the network PC's and my iPhone revealing the public (ISP) IP . The issue persists following a router re-start both soft (from the WebUI) and hard (with the removal of power).

(NB. As a result of advice proffered on these forums my Network has been configured (for enhanced security) to establish a VPN Server hosted on the AX88U so that activity away from home (cell or Wi-Fi) is directed through my secure home network. Thanks to a clever script lodged in "firewall-start" kindly offered by forum expert Martineau I was then also then able to direct this traffic through my existing VPN Client thus enjoying the full advantages of my home network as if I was at home!)

I should note that the issue reported persists on the iPhone whether or not it is connected through the VPN Server, thus with the VPN Client active ALL devices connected to my network are still being routed via the Public IP. Perhaps the explanation is simple, but I felt by offering an insight into the way my VPN Client/VPN Server is configured may well hold some significance, please ignore if this is not the case.

Thank you for your continuing kind assistance

PC Pilot

 

[Jack Yaz]

Hi Jackw
….and firstly my apologies for the slow reply! As ever your explanation adds much value to my on-going networking education, and I completely understand that the presence of the separate "Entware installed" busybox may well have implications 'down the tracks' as these things are complex (at least to my somewhat feeble mind!! LOL) and the inter-relationship/interaction between Merlin's base firmware, add-ons (like YazFi) and scripts clearly leaves many opportunities for conflicts to arise. I am grateful that, in this regard at least, your expertise was able to unravel the issue and ultimately to present a functional WebUI.

I have however experienced another issue, which may (or may not) turn out to be related to the busybox clash, in that since installing YazFi my VPN Client is no longer working (despite being connected and correctly reporting) with both the network PC's and my iPhone revealing the public (ISP) IP . The issue persists following a router re-start both soft (from the WebUI) and hard (with the removal of power).

(NB. As a result of advice proffered on these forums my Network has been configured (for enhanced security) to establish a VPN Server hosted on the AX88U so that activity away from home (cell or Wi-Fi) is directed through my secure home network. Thanks to a clever script lodged in "firewall-start" kindly offered by forum expert Martineau I was then also then able to direct this traffic through my existing VPN Client thus enjoying the full advantages of my home network as if I was at home!)

I should note that the issue reported persists on the iPhone whether or not it is connected through the VPN Server, thus with the VPN Client active ALL devices connected to my network are still being routed via the Public IP. Perhaps the explanation is simple, but I felt by offering an insight into the way my VPN Client/VPN Server is configured may well hold some significance, please ignore if this is not the case.

Thank you for your continuing kind assistance

PC Pilot

First thing to check is the configuration of the VPN Client - particularly the Policy Rules section - both dropdown and table

Can you also share the firewall-start addition?

 

[PC Pilot]

Hi Jack...

….and sorry to be a PIA ! …….

First thing to check is the configuration of the VPN Client - particularly the Policy Rules section - both dropdown

…..Full (I assume from dropdown) Policy Rules (Obfuscated) as per attached text file:

and table

?? Where should I look for that??

Can you also share the firewall-start addition?

Certainly , see here:

#!/bin/sh

# Allow pass-through for a connecting OpenVPN Server client to use Selective Policy routing RPDB out via VPN Client

iptables -D POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -D POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE

Hope it's not me that has fowled something up with my config !!

PC Pilot

Edit, think I may have figured out table, is it "Custom Configuration"?? if so it is as follows:

fast-io
remote-random
pull
tls-client
"auth-nocache"
verify-x509-name Server name-prefix
ns-cert-type server
route-method exe
route-delay 2
tun-mtu 1500
fragment 1300
mssfix 1200
keysize 256
sndbuf 524288
rcvbuf 524288
comp-lzo no
push "comp-lzo no"

BTW. VPN Client is Express VPN....

 

[Jack Yaz]

Hi Jack...

….and sorry to be a PIA ! …….
…..Full (I assume from dropdown) Policy Rules (Obfuscated) as per attached text file:

?? Where should I look for that??

Certainly , see here:

#!/bin/sh

# Allow pass-through for a connecting OpenVPN Server client to use Selective Policy routing RPDB out via VPN Client

iptables -D POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -D POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE

Hope it's not me that has fowled something up with my config !!

PC Pilot

Edit, think I may have figured out table, is it "Custom Configuration"?? if so it is as follows:

fast-io
remote-random
pull
tls-client
"auth-nocache"
verify-x509-name Server name-prefix
ns-cert-type server
route-method exe
route-delay 2
tun-mtu 1500
fragment 1300
mssfix 1200
keysize 256
sndbuf 524288
rcvbuf 524288
comp-lzo no
push "comp-lzo no"

BTW. VPN Client is Express VPN....

You appear to have conflicting rules. FYI obfuscating private IP blocks is unnecessary and actually makes things much harder to troubleshoot.

Description (1)                                    LAN IP's
Source IP (1)                                    192.168.XXX.0/24
Destination IP (1)                                0.0.0.0
Iface (1)                                    VPN


Description (4)                                    LAN IP's
Source IP (4)                                    0.0.0.0
Destination IP (4)                                192.168.XXX.0/24
Iface (4)                                    WAN

EDIT: Also YazFi entry doesn't seem to appear at all. Please can you run option d and then PM me the generated tarball with passphrase?

 

[PC Pilot]

Hi Jack,

FYI obfuscating private IP blocks is unnecessary and actually makes things much harder to troubleshoot.

OK, understood..... subnet is 50 router 50.1

You appear to have conflicting rules.

following expert advice ...also troubled me, hence clarification sought here... https://www.snbforums.com/threads/c...openvpn-client-express-vpn.63261/#post-570010

EDIT: Also YazFi entry doesn't seem to appear at all

…..apologies for confusion, I supplied the code I was given PRIOR to installing YazFi from WinSCP see here:

#!/bin/sh

# Allow pass-through for a connecting OpenVPN Server client to use Selective Policy routing RPDB out via VPN Client

iptables -D POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -D POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE

/jffs/scripts/YazFi runnow & # YazFi Guest Networks

Please can you run option d and then PM me the generated tarball with passphrase?

More than happy to PM you results of YazFi option d ….unless the above clears up the mystery??

Sorry to be a PIA

PC Pilot

 

[Jack Yaz]

Hi Jack,



OK, understood..... subnet is 50 router 50.1



following expert advice ...also troubled me, hence clarification sought here... https://www.snbforums.com/threads/c...openvpn-client-express-vpn.63261/#post-570010

…..apologies for confusion, I supplied the code I was given PRIOR to installing YazFi from WinSCP see here:

#!/bin/sh

# Allow pass-through for a connecting OpenVPN Server client to use Selective Policy routing RPDB out via VPN Client

iptables -D POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -D POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE 2>/dev/null
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE

/jffs/scripts/YazFi runnow & # YazFi Guest Networks

More than happy to PM you results of YazFi option d ….unless the above clears up the mystery??

Sorry to be a PIA

PC Pilot

No worries. Install YazFi and apply settings, then run option d and PM me diagnostics. Are clients on YazFi networks appearing on ISP, LAN or both?

 

[PC Pilot]

Jack please excuse the ignorance here.... but struggling to find Personal Messaging. Conversations don't appear to offer a file attachment option... NB. Have not previously used PM here so feeling a bit of a clown

PC Pilot

 

[Jack Yaz]

Jack please excuse the ignorance here.... but struggling to find Personal Messaging. Conversations don't appear to offer a file attachment option... NB. Have not previously used PM here so feeling a bit of a clown

PC Pilot

If you send me a PM I'll send you a link to upload to my dropbox

 

[PC Pilot]

If you send me a PM I'll send you a link to upload to my dropbox

Thank you, hope you receive the PM OK

PC Pilot

 

[maghuro]

Did you check the logs like i suggested?

Yes, sir.
No dropped packets, nothing on tcpdump.
As soon as I remove guest password... everything connects perfectly!

 

[eldereko]

I have read the thread, but I don't see any info for using Yazfi on AP's. Does it work with having multiple AP on your system and the main router running Yasfi. Or is this another issue of needing Vlans to get this to work. Looking to make common network for Guest in house. Also it is possible to have just one IP range for guest for both 2.4 and 5 ghz networks. I am using the same ssid for both and would like to just have one IP range to look for guest machines. I have tried to set them to the same IP range but get errors when that happens.

Really like the code and setup. Makes things like I have wanted to do for years with my router. I has a setup with Tomato years ago using Vlans to get it how I wanted to, but since I updated my hardware, I have never been able to do that again.

I'm also looking to have a common subnet for both 2.4 and 5ghz guest network using the same SSID for both. did you find a way to do this with YazFi?

 

[Xannor]

I have a question and a possible suggestion regarding this addon.

Q: The YazFi tab (and config) want separate IP ranges for each of the guest network radios (2.4 & 5) But most of the time, I have set those to the same SSID. Is the script smart enough to handle the same information in both parts, or do you have to have a separate subnet for each radio? If you do, and the SSID are the same how does that affect roaming between the radios, or is it you should not have the same SSID's for guest networks because it is not really supported the same way the primary can be combined.

Suggestion:
The current setup will forward UDP broadcasts from the internal network to the guest network (I have it set to one-way as I am using guest 3 for IoT devices, not the same as the question above.) However, if a device on the guest responds, it dies at the firewall. This is mostly due to the fact that UDP is stateless so established connections do not exists. For now I have added a manual rule to allow the broadcaster to receive the reply.

#/bin/sh
ipset create udpbcast hash:ip,port timeout 3
iptables -I YazFiINPUT 1 ! -i eth0 -m addrtype --dst-type broadcast -p udp -j SET --add-set udpbcast src,src --exist

iptables -I YazFiFORWARD 3 -i wl1.3 ! -o eth0 -p udp -m set --match-set udpbcast dst,dst -j ACCEPT
iptables -I YazFiFORWARD 8 -i wl0.3 ! -o eth0 -p udp -m set --match-set udpbcast dst,dst -j ACCEPT

Maybe this concept can be integrated into your scripts for when one-way is enabled.

 

[Chuckles67]

Trying YazFi 4.0.4 on latest Merlin release 384.17 on an AC-66U_B1: YazFi is enabled on one of two 2.4HGz guest networks.

I'm seeing frequent restarting of the 2.4GHz interface (but not 5GHz interface), all 2.4GHz devices are disconnected and then reconnect. In the system log YazFi restarts every few minutes:

May 26 07:33:24 YazFi: YazFi v4.0.4 starting up
May 26 07:33:24 YazFi: Mounting YazFi WebUI page as user1.asp
May 26 07:33:31 YazFi: wl0.2 (SSID: wifiwanting-iot) - sending all interface internet traffic over WAN interface

.... < cut > ....

May 26 07:34:07 adaptive QOS: Applying - Iptable Up   Rules (eth0)
May 26 07:34:07 adaptive QOS: TC Modification Delayed Start (5min)
May 26 07:34:40 kernel: htb: htb qdisc 10: is non-work-conserving?
May 26 07:34:58 YazFi: YazFi v4.0.4 starting up
May 26 07:34:58 YazFi: Mounting YazFi WebUI page as user1.asp

I disabled YazFi in the web GUI and the restarting of the 2.4GHz has stopped. Any suggestion how to debug this? Thanks.

 

[Jack Yaz]

Trying YazFi 4.0.4 on latest Merlin release 384.17 on an AC-66U_B1: YazFi is enabled on one of two 2.4HGz guest networks.

I'm seeing frequent restarting of the 2.4GHz interface (but not 5GHz interface), all 2.4GHz devices are disconnected and then reconnect. In the system log YazFi restarts every few minutes:

May 26 07:33:24 YazFi: YazFi v4.0.4 starting up
May 26 07:33:24 YazFi: Mounting YazFi WebUI page as user1.asp
May 26 07:33:31 YazFi: wl0.2 (SSID: wifiwanting-iot) - sending all interface internet traffic over WAN interface

.... < cut > ....

May 26 07:34:07 adaptive QOS: Applying - Iptable Up   Rules (eth0)
May 26 07:34:07 adaptive QOS: TC Modification Delayed Start (5min)
May 26 07:34:40 kernel: htb: htb qdisc 10: is non-work-conserving?
May 26 07:34:58 YazFi: YazFi v4.0.4 starting up
May 26 07:34:58 YazFi: Mounting YazFi WebUI page as user1.asp

I disabled YazFi in the web GUI and the restarting of the 2.4GHz has stopped. Any suggestion how to debug this? Thanks.

You've cut out any of the useful information as to what is calling YazFi, e.g. firewall-start
Please post without the information redacted

 

[Jack Yaz]

I'm also looking to have a common subnet for both 2.4 and 5ghz guest network using the same SSID for both. did you find a way to do this with YazFi?

I have a question and a possible suggestion regarding this addon.

Q: The YazFi tab (and config) want separate IP ranges for each of the guest network radios (2.4 & 5) But most of the time, I have set those to the same SSID. Is the script smart enough to handle the same information in both parts, or do you have to have a separate subnet for each radio? If you do, and the SSID are the same how does that affect roaming between the radios, or is it you should not have the same SSID's for guest networks because it is not really supported the same way the primary can be combined.

Not currently possible within YazFi as it would require code to create and amend bridging interfaces. Not impossible, but gets very complicated when trying to write it into a user interface that protects the user from borking their network!

 

[Jack Yaz]

Suggestion:
The current setup will forward UDP broadcasts from the internal network to the guest network (I have it set to one-way as I am using guest 3 for IoT devices, not the same as the question above.) However, if a device on the guest responds, it dies at the firewall. This is mostly due to the fact that UDP is stateless so established connections do not exists. For now I have added a manual rule to allow the broadcaster to receive the reply.

#/bin/sh
ipset create udpbcast hash:ip,port timeout 3
iptables -I YazFiINPUT 1 ! -i eth0 -m addrtype --dst-type broadcast -p udp -j SET --add-set udpbcast src,src --exist

iptables -I YazFiFORWARD 3 -i wl1.3 ! -o eth0 -p udp -m set --match-set udpbcast dst,dst -j ACCEPT
iptables -I YazFiFORWARD 8 -i wl0.3 ! -o eth0 -p udp -m set --match-set udpbcast dst,dst -j ACCEPT

Maybe this concept can be integrated into your scripts for when one-way is enabled.

Can you share which application/tool you're using when you see this please? I haven't come across any UDP issues with my devices so I'd like to have a way to re-create and test so that I can implement it if needed.

 

[Chuckles67]

You've cut out any of the useful information as to what is calling YazFi, e.g. firewall-start
Please post without the information redacted

Thanks Jack - I got told I had exceeded a 10K character limit - so cut most of the log to get the post. Trying again in two Parts. Here is part 1.

May 26 07:33:24 YazFi: YazFi v4.0.4 starting up
May 26 07:33:24 YazFi: Mounting YazFi WebUI page as user1.asp
May 26 07:33:31 YazFi: wl0.2 (SSID: wifiwanting-iot) - sending all interface internet traffic over WAN interface
May 26 07:33:38 YazFi: Forcing YazFi Guest WiFi clients to reauthenticate
May 26 07:33:38 syslog: WLCEVENTD wlceventd_proc_event(386): eth1: Deauth_ind 00:00:14:00:F6:07, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
May 26 07:33:38 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 00:00:19:00:F6:07, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
May 26 07:33:38 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.2: Deauth_ind C5:01:18:00:00:00, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(386): eth1: Deauth_ind F8:62:14:AE:CA:89, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(386): eth1: Deauth_ind F8:62:14:AE:CA:89, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(386): eth1: Deauth_ind F8:62:14:AE:CA:89, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 18:B4:30:88:55:63, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:49 YazFi: YazFi v4.0.4 completed successfully
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 18:B4:30:88:55:63, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(420): eth1: Auth F8:62:14:AE:CA:89, status: 0, reason: d11 RC reserved (0)
May 26 07:33:49 syslog: WLCEVENTD wlceventd_proc_event(449): eth1: Assoc F8:62:14:AE:CA:89, status: 0, reason: d11 RC reserved (0)
May 26 07:33:50 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.2: Auth E4:23:54:0B:9E:7C, status: 0, reason: d11 RC reserved (0)
May 26 07:33:50 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.2: Assoc E4:23:54:0B:9E:7C, status: 0, reason: d11 RC reserved (0)
May 26 07:33:50 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.183 f8:62:14:ae:ca:89
May 26 07:33:50 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.183 f8:62:14:ae:ca:89 iPod-Touch-32GB
May 26 07:33:51 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 64:52:99:99:EC:8A, status: 0, reason: d11 RC reserved (0)
May 26 07:33:51 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 64:52:99:99:EC:8A, status: 0, reason: d11 RC reserved (0)
May 26 07:33:51 syslog: WLCEVENTD wlceventd_proc_event(420): eth1: Auth F0:03:8C:FD:E1:CB, status: 0, reason: d11 RC reserved (0)
May 26 07:33:51 syslog: WLCEVENTD wlceventd_proc_event(449): eth1: Assoc F0:03:8C:FD:E1:CB, status: 0, reason: d11 RC reserved (0)
May 26 07:33:52 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 18:B4:30:88:55:63, status: 0, reason: d11 RC reserved (0)
May 26 07:33:52 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 18:B4:30:88:55:63, status: 0, reason: d11 RC reserved (0)
May 26 07:33:52 dnsmasq-dhcp[248]: DHCPDISCOVER(wl0.2) e4:23:54:0b:9e:7c
May 26 07:33:52 dnsmasq-dhcp[248]: DHCPOFFER(wl0.2) 192.168.3.117 e4:23:54:0b:9e:7c
May 26 07:33:52 dnsmasq-dhcp[248]: DHCPREQUEST(wl0.2) 192.168.3.117 e4:23:54:0b:9e:7c
May 26 07:33:52 dnsmasq-dhcp[248]: DHCPACK(wl0.2) 192.168.3.117 e4:23:54:0b:9e:7c Koogeek-P2-0b9e7c
May 26 07:33:52 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.2: Auth 00:7E:56:6C:7E:F6, status: 0, reason: d11 RC reserved (0)
May 26 07:33:52 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.2: Assoc 00:7E:56:6C:7E:F6, status: 0, reason: d11 RC reserved (0)
May 26 07:33:52 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.2: Auth 40:9F:38:05:8A:E3, status: 0, reason: d11 RC reserved (0)
May 26 07:33:52 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.2: Assoc 40:9F:38:05:8A:E3, status: 0, reason: d11 RC reserved (0)

 

[Chuckles67]

Thanks Jack - I got told I had exceeded a 10K character limit - so cut most of the log to get the post. Trying again in two Parts.

Here is part 2.

May 26 07:33:53 dnsmasq-dhcp[248]: DHCPDISCOVER(br0) f0:03:8c:fd:e1:cb 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPOFFER(br0) 192.168.50.138 f0:03:8c:fd:e1:cb 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.138 f0:03:8c:fd:e1:cb 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.138 f0:03:8c:fd:e1:cb CanonD570
May 26 07:33:53 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 6C:21:A2:68:65:88, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:53 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 6C:21:A2:68:65:88, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.166 18:b4:30:88:55:63 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.166 18:b4:30:88:55:63 09AC01AC45160F7W
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPDISCOVER(br0) 64:52:99:99:ec:8a 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPOFFER(br0) 192.168.50.128 64:52:99:99:ec:8a 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.128 64:52:99:99:ec:8a 
May 26 07:33:53 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.128 64:52:99:99:ec:8a MyQ-9D8
May 26 07:33:53 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 6C:21:A2:68:65:88, status: 0, reason: d11 RC reserved (0)
May 26 07:33:53 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 6C:21:A2:68:65:88, status: 0, reason: d11 RC reserved (0)
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPDISCOVER(wl0.2) 40:9f:38:05:8a:e3 
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPOFFER(wl0.2) 192.168.3.120 40:9f:38:05:8a:e3 
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPREQUEST(wl0.2) 192.168.3.120 40:9f:38:05:8a:e3 
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPACK(wl0.2) 192.168.3.120 40:9f:38:05:8a:e3 Koogeek-Socket-058AE3
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPDISCOVER(wl0.2) 00:7e:56:6c:7e:f6 
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPOFFER(wl0.2) 192.168.3.210 00:7e:56:6c:7e:f6 
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPREQUEST(wl0.2) 192.168.3.210 00:7e:56:6c:7e:f6 
May 26 07:33:54 dnsmasq-dhcp[248]: DHCPACK(wl0.2) 192.168.3.210 00:7e:56:6c:7e:f6 Koogeek-P1-6C7EF6
May 26 07:33:54 rc_service: amas_lib 28323:notify_rc restart_firewall
May 26 07:33:54 custom_script: Running /jffs/scripts/service-event (args: restart firewall)
May 26 07:33:55 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 9C:8E:CD:17:4C:63, status: 0, reason: Class 3 frame received from nonassociated station (7)
May 26 07:33:56 nat: apply nat rules (/tmp/nat_rules_eth0_eth0)
May 26 07:33:57 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 9C:8E:CD:17:4C:63, status: 0, reason: d11 RC reserved (0)
May 26 07:33:57 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 9C:8E:CD:17:4C:63, status: 0, reason: d11 RC reserved (0)
May 26 07:33:57 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May 26 07:33:58 YazFi: Firewall restarted - sleeping 60s before running YazFi
May 26 07:33:58 adaptive QOS: Delayed Start Canceled
May 26 07:33:59 syslog: WLCEVENTD wlceventd_proc_event(386): wl0.1: Deauth_ind 9C:8E:CD:17:4C:63, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
May 26 07:33:59 adaptive QOS: Applying - Iptable Down Rules
May 26 07:34:00 adaptive QOS: Applying - Iptable Up   Rules (eth0)
May 26 07:34:00 adaptive QOS: TC Modification Delayed Start (5min)
May 26 07:34:01 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 9C:8E:CD:17:4C:63, status: 0, reason: d11 RC reserved (0)
May 26 07:34:01 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 9C:8E:CD:17:4C:63, status: 0, reason: d11 RC reserved (0)
May 26 07:34:01 rc_service: amas_lib 352:notify_rc restart_firewall
May 26 07:34:01 custom_script: Running /jffs/scripts/service-event (args: restart firewall)
May 26 07:34:02 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.34 9c:8e:cd:17:4c:63 
May 26 07:34:02 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.34 9c:8e:cd:17:4c:63 AMC000C3_BA958A
May 26 07:34:02 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 8C:85:90:B3:2B:64, status: 0, reason: d11 RC reserved (0)
May 26 07:34:02 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 8C:85:90:B3:2B:64, status: 0, reason: d11 RC reserved (0)
May 26 07:34:02 nat: apply nat rules (/tmp/nat_rules_eth0_eth0)
May 26 07:34:03 custom_script: Running /jffs/scripts/firewall-start (args: eth0)
May 26 07:34:03 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.137 8c:85:90:b3:2b:64 
May 26 07:34:03 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.137 8c:85:90:b3:2b:64 guynich-macbookpro2
May 26 07:34:04 YazFi: Lock file found (age: 6 seconds) - stopping to prevent duplicate runs
May 26 07:34:05 syslog: WLCEVENTD wlceventd_proc_event(420): wl0.1: Auth 08:9E:08:34:57:C0, status: 0, reason: d11 RC reserved (0)
May 26 07:34:05 syslog: WLCEVENTD wlceventd_proc_event(449): wl0.1: Assoc 08:9E:08:34:57:C0, status: 0, reason: d11 RC reserved (0)
May 26 07:34:05 dnsmasq-dhcp[248]: DHCPDISCOVER(br0) 08:9e:08:34:57:c0 
May 26 07:34:05 dnsmasq-dhcp[248]: DHCPOFFER(br0) 192.168.50.143 08:9e:08:34:57:c0 
May 26 07:34:05 dnsmasq-dhcp[248]: DHCPREQUEST(br0) 192.168.50.143 08:9e:08:34:57:c0 
May 26 07:34:05 dnsmasq-dhcp[248]: DHCPACK(br0) 192.168.50.143 08:9e:08:34:57:c0 
May 26 07:34:05 adaptive QOS: Delayed Start Canceled
May 26 07:34:06 adaptive QOS: Applying - Iptable Down Rules
May 26 07:34:07 adaptive QOS: Applying - Iptable Up   Rules (eth0)
May 26 07:34:07 adaptive QOS: TC Modification Delayed Start (5min)
May 26 07:34:40 kernel: htb: htb qdisc 10: is non-work-conserving?
May 26 07:34:58 YazFi: YazFi v4.0.4 starting up
May 26 07:34:58 YazFi: Mounting YazFi WebUI page as user1.asp
/CODE]

 

[Jack Yaz]

@Chuckles67 Ah it seems to be this event:

rc_service: amas_lib 28323:notify_rc restart_firewall

Are you using AiMesh? If not, a factory reset helped the last person that saw this issue

 

[Chuckles67]

@Chuckles67 Ah it seems to be this event:

rc_service: amas_lib 28323:notify_rc restart_firewall

Are you using AiMesh? If not, a factory reset helped the last person that saw this issue

Thanks Jack. I'm not using AiMesh and haven't used AiMesh before on this router (and it was reflashed with Merlin 384.16 using a factory reset around six weeks ago). I did install YazFi a week ago and uninstalled YazFi, then reinstalled YazFi again later.