Gargoyle 1.15.x BETA - 2024-03-11 - Based on OpenWrt 23.05
Posted: Mon Mar 11, 2024 5:36 am
Gargoyle 1.15.x is based on OpenWrt 23.05, which is a significant leap forward from 22.03 for 1.14.x.
This is the first "stable beta" (if there is such a thing) which includes all images generated, and a few new targets/profiles.
Configs should generally not be preserved between 1.14 (and earlier) and 1.15.x. Do so at your own risk.
Please provide your feedback (positive or negative).
A big thanks to pythonic (Github: aimacintyre) for their assistance and many contributions towards getting this into a position to make it ready for testing.
"BETA - 2024-03-11" Notable changes:
- Update from OpenWrt 22.03 -> 23.05
- Latest security updates
- ntfs3 has been switched to the in-kernel version
- Target "atheros" (ath25) has been removed. This has been marked as "source-only" upstream
- Switch from OpenSSL to MbedTLS for all default packages. This will save a heap of space on all devices. Some optional plugins still require it which may require external storage to fit
- Spectrum Analyser plugin minimal version has been dropped. The space savings were not worth the additional maintenance effort
- libmatrixssl package has been dropped
- OpenVPN (and EasyRSA) updated to support OpenSSL 3.x
- OpenVPN BF-CBC cipher has been removed (deprecated)
- New package MbedTLS Command Line Utility (mbedtls-clu). This is a brand new package designed to replicate (some of) the features of the OpenSSL Utility (openssl). It is smaller and relies on MbedTLS instead of OpenSSL so again, saves a bunch of space
- OpenVPN EasyRSA modified to work with mbedtls-clu
- Tor plugin dropped by default from all profiles. It is still available as a plugin.
- New DDNS IP Lookup provider ip2location.io
- New GeoIP Lookup provider ip2location.io
- DDNS updated to support a "test domain" where the configured update domain may not match the domain needed to detect the IP correctly (e.g. CloudFlare)
- Show additional information in DDNS GUI to make it easier to see which provider is being used
- Update OpenVPN and Wireguard to support the "test domain" variable from DDNS
- Add support for OpenVPN plugin to advertise additional subnets behind the server (not just the LAN subnet). This can be useful if you have cascaded LANs or want to allow access upstream as well
- New plugin DNS over HTTPS
- Add WAN port speed on the Status Overview page
- Add new subtarget Mediatek Filogic which includes some very popular new devices e.g. GL.iNet Flint 2 (MT6000)
- mvebu devices are back! These were previously disabled due to an upstream issue which has now been resolved
Bugs squashed
- Quotas Others (Individual) not working
- Quotas bandwidth throttling using QoS not working in the upload direction
- Quotas bandwidth throttling not using QoS not working
- DDNS sometimes sending IPv6 updates to IPv4 providers (and vice versa)
- Some devices showing an empty temperature value on Status Overview
- Units (B, KB, MB, GB, TB etc) not selecting properly in some circumstances with language plugins other than English-EN
- Wireguard peer subnet routing not working in both directions
- Polish-PL plugin typo in Wireguard
Things to Note
- The "domain" setting has been switched from the default of ".lan" to ".home.arpa" in line with RFC 8375
- WiFi interfaces are no longer named "wlanX"
- Similarly a guest network is no longer "wlan0-1", it is now "wl0-sta0" and "wl0-ap0" for an Access Point configuration. This won't affect most users, but for anyone poking around be aware of this.
- mbedtls-clu is a brand new utility which has not received wider testing and scrutiny. If you note any issues or differences between it and openssl, please raise an issue
New Devices
- Xiaomi Mi Router 4c
- DLink DIR-859-A3
- DLink DIR-869-A1
- TPLink WR841HP-v2/v3
- TPLink WR941HP-v1
- AVM Fritzbox 7520
- GL.iNet A1300
- Netgear SRR60
- Netgear SRS60
- Teltonika RUTX50
- Asrock G10
- Acer Predator W6 (Note: No 6GHz support in GUI)
- ASUS TUF AX4200
- ASUS TUF AX6000
- Cudy WR-3000-v1
- GL.iNet MT3000
- GL.iNet MT6000
- Netgear WAX220
- ASUS RT-AC57U-v1
- ASUS RT-AX54
- DLink DIR-3060-A1
- DLink DIR-853-A1
- Linksys e7350
- Linksys RE7000
- Netgear EX6150
- TPLink ER605-v2
- Zyxel WSM20
- Several others I've forgotten to mention
Known Issues
- If you have installed and enabled DNS over HTTPS plugin and then sysupgrade to an image without it (e.g. any image that you haven’t self compiled) you will have no DNS resolution until you manually fix your /etc/config/dhcp file
Note: OpenWrt 22.03 moved to nftables from iptables. Gargoyle still uses iptables to support the custom modules it needs, and so there is some package incompatibility with the base openwrt package repository. For normal operation this should not cause a problem. For anyone trying to install extra packages manually, your mileage may vary!
Downloads
Please find the downloads here
The plugin repositories are also found in the same location.
This is the first "stable beta" (if there is such a thing) which includes all images generated, and a few new targets/profiles.
Configs should generally not be preserved between 1.14 (and earlier) and 1.15.x. Do so at your own risk.
Please provide your feedback (positive or negative).
A big thanks to pythonic (Github: aimacintyre) for their assistance and many contributions towards getting this into a position to make it ready for testing.
"BETA - 2024-03-11" Notable changes:
- Update from OpenWrt 22.03 -> 23.05
- Latest security updates
- ntfs3 has been switched to the in-kernel version
- Target "atheros" (ath25) has been removed. This has been marked as "source-only" upstream
- Switch from OpenSSL to MbedTLS for all default packages. This will save a heap of space on all devices. Some optional plugins still require it which may require external storage to fit
- Spectrum Analyser plugin minimal version has been dropped. The space savings were not worth the additional maintenance effort
- libmatrixssl package has been dropped
- OpenVPN (and EasyRSA) updated to support OpenSSL 3.x
- OpenVPN BF-CBC cipher has been removed (deprecated)
- New package MbedTLS Command Line Utility (mbedtls-clu). This is a brand new package designed to replicate (some of) the features of the OpenSSL Utility (openssl). It is smaller and relies on MbedTLS instead of OpenSSL so again, saves a bunch of space
- OpenVPN EasyRSA modified to work with mbedtls-clu
- Tor plugin dropped by default from all profiles. It is still available as a plugin.
- New DDNS IP Lookup provider ip2location.io
- New GeoIP Lookup provider ip2location.io
- DDNS updated to support a "test domain" where the configured update domain may not match the domain needed to detect the IP correctly (e.g. CloudFlare)
- Show additional information in DDNS GUI to make it easier to see which provider is being used
- Update OpenVPN and Wireguard to support the "test domain" variable from DDNS
- Add support for OpenVPN plugin to advertise additional subnets behind the server (not just the LAN subnet). This can be useful if you have cascaded LANs or want to allow access upstream as well
- New plugin DNS over HTTPS
- Add WAN port speed on the Status Overview page
- Add new subtarget Mediatek Filogic which includes some very popular new devices e.g. GL.iNet Flint 2 (MT6000)
- mvebu devices are back! These were previously disabled due to an upstream issue which has now been resolved
Bugs squashed
- Quotas Others (Individual) not working
- Quotas bandwidth throttling using QoS not working in the upload direction
- Quotas bandwidth throttling not using QoS not working
- DDNS sometimes sending IPv6 updates to IPv4 providers (and vice versa)
- Some devices showing an empty temperature value on Status Overview
- Units (B, KB, MB, GB, TB etc) not selecting properly in some circumstances with language plugins other than English-EN
- Wireguard peer subnet routing not working in both directions
- Polish-PL plugin typo in Wireguard
Things to Note
- The "domain" setting has been switched from the default of ".lan" to ".home.arpa" in line with RFC 8375
- WiFi interfaces are no longer named "wlanX"
- Similarly a guest network is no longer "wlan0-1", it is now "wl0-sta0" and "wl0-ap0" for an Access Point configuration. This won't affect most users, but for anyone poking around be aware of this.
- mbedtls-clu is a brand new utility which has not received wider testing and scrutiny. If you note any issues or differences between it and openssl, please raise an issue
New Devices
- Xiaomi Mi Router 4c
- DLink DIR-859-A3
- DLink DIR-869-A1
- TPLink WR841HP-v2/v3
- TPLink WR941HP-v1
- AVM Fritzbox 7520
- GL.iNet A1300
- Netgear SRR60
- Netgear SRS60
- Teltonika RUTX50
- Asrock G10
- Acer Predator W6 (Note: No 6GHz support in GUI)
- ASUS TUF AX4200
- ASUS TUF AX6000
- Cudy WR-3000-v1
- GL.iNet MT3000
- GL.iNet MT6000
- Netgear WAX220
- ASUS RT-AC57U-v1
- ASUS RT-AX54
- DLink DIR-3060-A1
- DLink DIR-853-A1
- Linksys e7350
- Linksys RE7000
- Netgear EX6150
- TPLink ER605-v2
- Zyxel WSM20
- Several others I've forgotten to mention
Known Issues
- If you have installed and enabled DNS over HTTPS plugin and then sysupgrade to an image without it (e.g. any image that you haven’t self compiled) you will have no DNS resolution until you manually fix your /etc/config/dhcp file
Note: OpenWrt 22.03 moved to nftables from iptables. Gargoyle still uses iptables to support the custom modules it needs, and so there is some package incompatibility with the base openwrt package repository. For normal operation this should not cause a problem. For anyone trying to install extra packages manually, your mileage may vary!
Downloads
Please find the downloads here
The plugin repositories are also found in the same location.