What's new

YazFi YazFi v4.x

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Does anyone else have issues with their Guest Network not restarting after a router Reboot? I'm using Guest Network #2 and Yazfi (though that may be irrelevant) and my router is automatically rebooting once a week. Every time, my Guest Network gets disabled and does not restart when things come back up. This has been consistent across multiple versions of firmware. It's not a big issue obviously as I can easily go in and reestablish Guest Net2. But I wouldn't think I should need to.
 
Thanks for suggestion but that solution will not allow my other clients to use encrypted dns since router is not selected as default filter - at least that is how I understand configuration.
Have you tried the steps in that Diversion link to see if it would work for what you are seeking to accomplish? One is selecting a specific client (by the client MAC) to exempt when using the DNSFilter option, so other network clients should not be affected.
 
After upgrading my AC86 to 386.2-4 the latest version of YazFi no longer assigns a DHCP in from the subnet 192.168.3. 0/24 subnet range.

Instead the devices connecting to guest network 2 get assigned an IP from the router's primary DHCP subnet.

The VPN I want the guest devices is up and connected.

Devices are connected to the SSID for guest network 2.

Rebooting the router, removing YazFi completely then reinstalling doesn't fix the problem.

Thought it might be a problem with the rules coming to late in the boot cycle but even connecting a device to the guest after the the router is rebooted and stable.

This is what I get when I go directly into YazFi and ask for a list of connected devices:

INTERFACE: wl0.2
SSID: ControlVPN2a

HOSTNAME IP ADDRESS MAC
Unknown A0:C9:A0:5B:88:5F
Unknown 00:16:6C:A2:40:39
Unknown 00:D0:2D:84:41:A9
Unknown 2C:61:F6:B6:A8:E3
 
After upgrading my AC86 to 386.2-4 the latest version of YazFi no longer assigns a DHCP in from the subnet 192.168.3. 0/24 subnet range.

Instead the devices connecting to guest network 2 get assigned an IP from the router's primary DHCP subnet.

The VPN I want the guest devices is up and connected.

Devices are connected to the SSID for guest network 2.

Rebooting the router, removing YazFi completely then reinstalling doesn't fix the problem.

Thought it might be a problem with the rules coming to late in the boot cycle but even connecting a device to the guest after the the router is rebooted and stable.

This is what I get when I go directly into YazFi and ask for a list of connected devices:

INTERFACE: wl0.2
SSID: ControlVPN2a

HOSTNAME IP ADDRESS MAC
Unknown A0:C9:A0:5B:88:5F
Unknown 00:16:6C:A2:40:39
Unknown 00:D0:2D:84:41:A9
Unknown 2C:61:F6:B6:A8:E3
diagnostics please and a copy of syslog from a reboot up to where devices are connected but the wrong ip
 
diagnostics please and a copy of syslog from a reboot up to where devices are connected but the wrong ip
Here you go:

/tmp/YazFi.tar.gz.enc with passphrase lBRrZIfldaXDuyixLA7M9F0pKfwD7AaU

I have the gx.enc file but I can't attach it. What do I need to do so I can open it and send you a screen shot of the contents?
 

Attachments

  • GuestNet_Wrong_Subnet.png
    GuestNet_Wrong_Subnet.png
    9.7 KB · Views: 127
  • Devices_ SB 192,168.3.0 _24.png
    Devices_ SB 192,168.3.0 _24.png
    3.6 KB · Views: 118
  • LogYazFi.png
    LogYazFi.png
    6.8 KB · Views: 109
Here you go:

/tmp/YazFi.tar.gz.enc with passphrase lBRrZIfldaXDuyixLA7M9F0pKfwD7AaU

I have the gx.enc file but I can't attach it. What do I need to do so I can open it and send you a screen shot of the contents?
ive looked through the diagnostics and i can see all of the necessary firewall rules are missing
if you run YazFi over SSH and option 1, do you get any errors that don't make it to syslog?
 
ive looked through the diagnostics and i can see all of the necessary firewall rules are missing
if you run YazFi over SSH and option 1, do you get any errors that don't make it to syslog?

I will have time this weekend to check. I reverted back to 2-2 which resolved the issue and also a couple of other nagging issues I had while on 2-4.

Thanks for taking a look.
 
I will have time this weekend to check. I reverted back to 2-2 which resolved the issue and also a couple of other nagging issues I had while on 2-4.

Thanks for taking a look.
386.2_4 all OK here on my 86U, factory reset time?
 
386.2_4 all OK here on my 86U, factory reset time?
Might be. Not as big of a PITA with your app to easily restore static DHCP assignments.

Will have to wait until wife gone for the afternoon sometime to reduce the shouting that the Internet is down.

Thanks for looking.
 
v4.2.1 is now available
Changelog:

  • NEW: Allow client isolation for AX88U on 386 f/w and later
  • NEW: Guest clients will traverse NAT if connecting to public IP service on self
  • NEW: If VPN redirection is enabled, YazFi will set policy routing for the VPN client automatically
  • NEW: Add firewall rules if NTP redirection is enabled (ntpMerlin only)
  • FIXED: Apple devices should no longer keep adding a numerical suffix to their name
  • FIXED: If invalid settings for an interface are detected this will no longer produce a hard failure
  • CHANGED: Move DHCP configuration to dedicated file. YazFi contents are now appended by dnsmasq.postconf and not dnsmasq.conf.add
  • CHANGED: Remove xt_comment module check. This check isn't needed in most firmware versions now
 
Great work Jack. Personally, I liked the DHCP setup the way it was before as I could easily check the configs so I know exactly what the router is doing. Little extra work now hunting down your configs (as they are hidden as . file), but that is just me wanting to know what is being done to the router.

Cheers
 
Great work Jack. Personally, I liked the DHCP setup the way it was before as I could easily check the configs so I know exactly what the router is doing. Little extra work now hunting down your configs (as they are hidden as . file), but that is just me wanting to know what is being done to the router.

Cheers
The primary reason for the change was to move towards only adding a single line to "system" scripts. A good ol' ls -la will show the file in any case :)
 
Hi jack,
I appreciate your work very much. Thanks a lot for all the work you are doing.

One question regarding yazfi :

I want to extend my guest network over an access point. I have an AP with openwrt installed.
I created there an interface with a dhcp server. e. g. 192.168.100.1.
The clients connect to the dhcp server 192.168.100.x . Now I have to route the traffic from the AP through the LAN. I want to route the complete traffic without an exception through Openvpn5. I have x3mrouting installed as well with policy routing enabled. but it there a possibility to route through vpn5 from this 192.168.100.1 network ignoring all the other policies from x3mrouting used for my normal lan and not my guest network?
I have to priorize this rule over the other rules, or am I wrong...


Thanks a lot for your support.
Hugo
 
v4.2.1
Updated 2021-05-28


Feature expansion of guest WiFi networks on AsusWRT-Merlin, including, but not limited to:

* Dedicated VPN WiFi networks
* Separate subnets for organisation of devices
* Restrict guests to only contact router for ICMP, DHCP, DNS, NTP and NetBIOS
* Allow guest networks to make use of pixelserv-tls (if installed)
* Allow guests to use a local DNS server
* Extend DNS Filter to guest networks

This project is hosted on GitHub

YazFi is free to use under the GNU General Public License version 3 (GPL 3.0).

Love the script and want to support future development? Any and all donations gratefully received!
PayPal donation
Buy me a coffee

Supported firmware versions
Core YazFi features
You must be running firmware no older than:
WebUI page for YazFi
You must be running firmware no older than:

Installation
Using your preferred SSH client/terminal, copy and paste the following command, then press Enter:
Code:
/usr/sbin/curl --retry 3 "https://raw.githubusercontent.com/jackyaz/YazFi/master/YazFi.sh" -o "/jffs/scripts/YazFi" && chmod 0755 /jffs/scripts/YazFi && /jffs/scripts/YazFi install

Please then follow instructions shown on-screen. An explanation of the settings is provided in the FAQs in post #2

Usage
WebUI
YazFi can be configured via the WebUI, in the Guest Network section.

Command Line
To launch the YazFi menu after installation, use:
Code:
YazFi

If you do not have Entware installed, you will need to use the full path:
Code:
/jffs/scripts/YazFi
Hi! I would like to limit the tx rate of the guest network to 1Mbps using cck as a way to limit the speed of my guests without disabling nat. Is that a feature that can be added to guest networks? I know you can do it with the main SSIDs of the router. Thanks!
 
Hi! I would like to limit the tx rate of the guest network to 1Mbps using cck as a way to limit the speed of my guests without disabling nat. Is that a feature that can be added to guest networks? I know you can do it with the main SSIDs of the router. Thanks!
sorry i'm not sure what cck is?
 
sorry i'm not sure what cck is?
Its an old modulation with low speeds. In practice it can limit the internet speed without disabling Hardware Acceleration which could be very useful, in the main wireless settings of the router it can be changed but not for the guest network settings
Untitled.png

Is it possible to add this feature in the next release? Thanks!
 
Its an old modulation with low speeds. In practice it can limit the internet speed without disabling Hardware Acceleration which could be very useful, in the main wireless settings of the router it can be changed but not for the guest network settings
View attachment 34110
Is it possible to add this feature in the next release? Thanks!
That looks like a radio feature so I highly doubt it can be configured per SSID unfortunately
 
That looks like a radio feature so I highly doubt it can be configured per SSID unfortunately
My old xioami router with padavan software had it configurable per SSID and from my testing it worked great! So it may be or may not be compatible in Merlin. You are the expert ;)
 
My old xioami router with padavan software had it configurable per SSID and from my testing it worked great! So it may be or may not be compatible in Merlin. You are the expert ;)
you can try using
Code:
wl -i wl0.1 mrate=value
where value should be determined by setting the mrate in the WebUI and querying it. e.g. if you change 2.4ghz you can use
Code:
wl -i eth5 mrate
where eth5 is my 2.4ghz interface
 
you can try using
Code:
wl -i wl0.1 mrate=value
where value should be determined by setting the mrate in the WebUI and querying it. e.g. if you change 2.4ghz you can use
Code:
wl -i eth5 mrate
where eth5 is my 2.4ghz interface
Will this affect my main 2.4Ghz SSID or only the guest SSID? Thanks!
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top