Page 8 of 17
Re: Openwrt 19.07 based Gargoyle
Posted: Wed Dec 11, 2019 7:55 am
by papka__
Will try. Thank you.
P.S. Is it bad idea to include wpad-openssl instead of wpad-mini to default config?
Re: Openwrt 19.07 based Gargoyle
Posted: Wed Dec 11, 2019 10:29 am
by oliver44
@Lantis
It looks like WAP3 doesn't work , wrt1900acs v2
http://s.go.ro/x897pexv
You can publish another version 1.13.x with fixed version for Adblock and WAP3?
Thx
Re: Openwrt 19.07 based Gargoyle
Posted: Wed Dec 11, 2019 4:25 pm
by Lantis
papka__ wrote:Will try. Thank you.
P.S. Is it bad idea to include wpad-openssl instead of wpad-mini to default config?
Are you asking whether it's a bad idea that I've done it? Or whether it would be bad to do it?
Either way, we need it to enable WPA3. I've left it out of a few profiles which are on the smaller side.
Re: Openwrt 19.07 based Gargoyle
Posted: Wed Dec 11, 2019 4:29 pm
by Lantis
oliver44 wrote:@Lantis
It looks like WAP3 doesn't work , wrt1900acs v2
http://s.go.ro/x897pexv
You can publish another version 1.13.x with fixed version for Adblock and WAP3?
Thx
I'm already building the new version. Please be patient, or learn to build it yourself
I'm not convinced that Wpa3 isn't working there. How do you know that both of your scanners actually support it? If they don't understand the network, they'll see it as Wpa2, especially given you have it in dual mode.
Test it with a device you can guarantee supports it, then let me know.
Also there are some reports that the mwlwifi driver doesn't work well with wpa3 so that may be a problem in future.
Re: Openwrt 19.07 based Gargoyle
Posted: Wed Dec 11, 2019 4:45 pm
by papka__
Lantis wrote:
Are you asking whether it's a bad idea that I've done it? Or whether it would be bad to do it?
Question was more about - are there any consequences, I'm not aware about, disabling wpad-mini and leaving only wpad-openssl. And if not, then maybe you could change it in default config.
Sorry, not mentioned, I'm talking about ramips config.
Re: Openwrt 19.07 based Gargoyle
Posted: Wed Dec 11, 2019 6:41 pm
by Lantis
Ahh, ok. I didn't remember that i hadn't enabled it for ramips.
The problem is that wpad-openssl relies on the libopenssl package, which is almost 1MB in size.
So for any target that has the OpenVPN plugin installed by default, i enabled it.
I'll need to double check which targets have other requirements which are automatically including libopenssl anyway. If they already have this library, there's no reason we shouldn't also run wpad-openssl.
It looks like ewget (which is included in every target) required libopenssl, and therefore there's not much reason to not run wpad-openssl as well. I'll look
Re: Openwrt 19.07 based Gargoyle
Posted: Thu Dec 12, 2019 1:43 am
by papka__
Great. Thank you.
Re: Openwrt 19.07 based Gargoyle
Posted: Thu Dec 12, 2019 5:39 pm
by papka__
So. I tested WPA3/WPA2 setup. I reset router to default config and
this line not appeared inside wireless config.
Code: Select all
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'pci0000:00/0000:00:01.0/0000:02:00.0'
option htmode 'HT20'
config wifi-device 'radio1'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'VHT80'
config wifi-iface 'ap_g'
option device 'radio0'
option mode 'ap'
option network 'lan'
option disassoc_low_ack '0'
option ssid 'Gargoyle'
option encryption 'sae-mixed'
option key '12345678'
config wifi-iface 'ap_a'
option device 'radio1'
option mode 'ap'
option network 'lan'
option disassoc_low_ack '0'
option ssid 'Gargoyle'
option encryption 'sae-mixed'
option key '12345678'
Build based on OpenWRT RC2.
Re: Openwrt 19.07 based Gargoyle
Posted: Thu Dec 12, 2019 6:36 pm
by Lantis
It isn't needed explicitly in the config anymore with the latest patch, it is set as a default in the hostapd config generation script.
https://git.openwrt.org/?p=openwrt/open ... 83bde6e3e4
So if you setup everything and then do
cat /var/run/hostapd-phy0.conf
and look for "okc=1", then you know it is enabled as required.
If your devices still aren't working, it could be non-compliant clients, or possibly that your wifi chipset/drivers don't support the required encryption.
Some of the early ar71xx devices can't support it in hardware and you need to explicitly disable hardware encryption for wifi to make it work.
Re: Openwrt 19.07 based Gargoyle
Posted: Fri Dec 13, 2019 5:54 am
by Lantis