diff --git a/settings-configs/AX3200-dumb-ap/dawn b/settings-configs/AX3200-dumb-ap/dawn index 4000609640..4b3391589e 100644 --- a/settings-configs/AX3200-dumb-ap/dawn +++ b/settings-configs/AX3200-dumb-ap/dawn @@ -34,7 +34,9 @@ config metric 'global' option eval_probe_req '0' option eval_auth_req '0' option eval_assoc_req '0' +# important option kicking '1' +# option kicking_threshold '20' option deny_auth_reason '1' option deny_assoc_reason '17' diff --git a/settings-configs/AX3200-dumb-ap/network b/settings-configs/AX3200-dumb-ap/network index 660f849ca3..56ba068f98 100644 --- a/settings-configs/AX3200-dumb-ap/network +++ b/settings-configs/AX3200-dumb-ap/network @@ -16,6 +16,7 @@ config device list ports 'lan1' list ports 'lan2' list ports 'lan3' + option stp '1' config interface 'lan' option device 'br-lan' diff --git a/settings-configs/AX3200-dumb-ap/wireless b/settings-configs/AX3200-dumb-ap/wireless index 490fdcf186..571e7ddbb9 100644 --- a/settings-configs/AX3200-dumb-ap/wireless +++ b/settings-configs/AX3200-dumb-ap/wireless @@ -28,7 +28,7 @@ config wifi-device 'radio1' option band '5g' option channel '124' option htmode 'HE160' - option txpower '20' + option txpower '21' option country 'PL' option cell_density '0' @@ -46,7 +46,7 @@ config wifi-iface 'default_radio1' option dtim_period '3' option time_advertisement '2' option time_zone 'CET-1CEST,M3.5.0,M10.5.0/3' - option proxy_arp '1' + option ieee80211w '2' config wifi-iface 'wifinet2' option device 'radio1' diff --git a/settings-configs/BPI-R4/dawn b/settings-configs/BPI-R4/dawn index 4000609640..4b3391589e 100644 --- a/settings-configs/BPI-R4/dawn +++ b/settings-configs/BPI-R4/dawn @@ -34,7 +34,9 @@ config metric 'global' option eval_probe_req '0' option eval_auth_req '0' option eval_assoc_req '0' +# important option kicking '1' +# option kicking_threshold '20' option deny_auth_reason '1' option deny_assoc_reason '17' diff --git a/settings-configs/BPI-R4/dhcp b/settings-configs/BPI-R4/dhcp index 36a32b630b..f28d67c78c 100644 --- a/settings-configs/BPI-R4/dhcp +++ b/settings-configs/BPI-R4/dhcp @@ -15,7 +15,7 @@ config dnsmasq option ednspacket_max '1232' option noresolv '1' option localuse '1' - list server '127.0.0.53' + list server '127.0.0.1#5353' config dhcp 'lan' option interface 'lan' diff --git a/settings-configs/BPI-R4/librespeed-go b/settings-configs/BPI-R4/librespeed-go new file mode 100644 index 0000000000..116dc2316a --- /dev/null +++ b/settings-configs/BPI-R4/librespeed-go @@ -0,0 +1,47 @@ + +config librespeed-go 'config' + option enabled '1' + + # bind address, use empty string to bind to all interfaces + option bind_address '' + # backend listen port + option listen_port '8989' + + # change the base URL + # option url_base '/librespeed' + # proxy protocol port, use 0 to disable + option proxyprotocol_port '0' + # Server location, use zeroes to fetch from API automatically + option server_lat '0' + option server_lng '0' + # ipinfo.io API key, if applicable + option ipinfo_api_key '' + + # assets directory path, defaults to `assets` in the same directory + # if the path cannot be found, embedded default assets will be used + option assets_path '' + + # password for logging into statistics page, change this to enable stats page + # option statistics_password 'PASSWORD' + # redact IP addresses (boolean) + option redact_ip_addresses '0' + + # database type for statistics data, currently supports: none, memory, bolt, mysql, postgresql + # if none is specified, no telemetry/stats will be recorded, and no result PNG will be generated + option database_type 'none' + # option database_hostname '' + # option database_name '' + # option database_username '' + # option database_password '' + + # if you use `bolt` as database, set database_file to database file location + # option database_file '/etc/librespeed-go/speedtest.db' + + # TLS and HTTP/2 settings. TLS is required for HTTP/2 (boolean) + option enable_tls '0' + option enable_http2 '0' + + # if you use HTTP/2 or TLS, you need to prepare certificates and private keys + # option tls_cert_file '/etc/librespeed-go/cert.pem' + # option tls_key_file '/etc/librespeed-go/privkey.pem' + diff --git a/settings-configs/BPI-R4/network b/settings-configs/BPI-R4/network index d84120666f..cd908e692d 100644 --- a/settings-configs/BPI-R4/network +++ b/settings-configs/BPI-R4/network @@ -11,10 +11,11 @@ config globals 'globals' config device option name 'br-lan' option type 'bridge' + list ports 'eth1' list ports 'lan1' list ports 'lan2' list ports 'lan3' - list ports 'eth1' + option stp '1' config interface 'lan' option device 'br-lan' @@ -24,10 +25,11 @@ config interface 'lan' option ip6assign '60' config device - option name 'br-wan' - option type 'bridge' - list ports 'eth2' - list ports 'wan' + option name 'wan' + option macaddr 'B6:C7:8B:XX:XX:XX' + +config device + option name 'eth2' option macaddr 'B6:C7:8B:XX:XX:XX' config interface 'wan' @@ -45,9 +47,8 @@ config interface 'wan6' option peerdns '0' config device - option name 'eth2' - option macaddr 'B6:C7:8B:XX:XX:XX' - -config device - option name 'wan' + option name 'br-wan' + option type 'bridge' + list ports 'eth2' + list ports 'wan' option macaddr 'B6:C7:8B:XX:XX:XX' diff --git a/settings-configs/BPI-R4/openssl b/settings-configs/BPI-R4/openssl new file mode 100644 index 0000000000..548d2dda77 --- /dev/null +++ b/settings-configs/BPI-R4/openssl @@ -0,0 +1,10 @@ + +config provider 'legacy' + option enabled '0' + +config engine 'devcrypto' + option enabled '1' + + +config engine 'afalg' + option enabled '1' diff --git a/settings-configs/BPI-R4/sqm b/settings-configs/BPI-R4/sqm index 4a6d7a5b5b..684b41f5b1 100644 --- a/settings-configs/BPI-R4/sqm +++ b/settings-configs/BPI-R4/sqm @@ -5,7 +5,7 @@ config queue 'eth1' option download '850000' option upload '850000' option qdisc 'fq_codel' - option script 'simplest.qos' + option script 'piece_of_cake.qos' option linklayer 'ethernet' option debug_logging '0' option verbosity '5' diff --git a/settings-configs/BPI-R4/unbound b/settings-configs/BPI-R4/unbound new file mode 100644 index 0000000000..76165732d4 --- /dev/null +++ b/settings-configs/BPI-R4/unbound @@ -0,0 +1,61 @@ + +config zone + option fallback '0' + option enabled '1' + option zone_type 'forward_zone' + list zone_name '. ' + option dns_assist 'none' + option tls_upstream '1' + option tls_index 'dns.nextdns.io' + list server '45.90.28.0#YOURIDENT.dns.nextdns.io' + list server '45.90.30.0#YOURIDENT.dns.nextdns.io' + list server '2a07:a8c1::#YOURIDENT.dns.nextdns.io' + list server '2a07:a8c0::#YOURIDENT.dns.nextdns.io' + +config unbound 'ub_main' + option add_extra_dns '0' + option add_local_fqdn '2' + option add_wan_fqdn '0' + option dhcp_link 'none' + option dns64 '0' + option domain 'lan' + option domain_type 'static' + option edns_size '1232' + option extended_stats '1' + option hide_binddata '1' + option interface_auto '1' + option listen_port '5353' + option localservice '1' + option manual_conf '0' + option num_threads '1' + option protocol 'default' + option rate_limit '0' + option rebind_localhost '0' + option rebind_protection '1' + option recursion 'default' + option resource 'default' + option root_age '9' + option ttl_min '120' + option ttl_neg_max '1000' + option unbound_control '0' + option validator '1' + option validator_ntp '1' + option verbosity '1' + list iface_wan 'wan' + option enabled '1' + list iface_trig 'lan' + list iface_trig 'wan' + +config zone + option fallback '0' + option enabled '0' + option zone_type 'forward_zone' + list zone_name '. ' + list server '9.9.9.11' + list server '149.112.112.11' + list server '2620:fe::11' + list server '2620:fe::fe:11' + option dns_assist 'none' + option tls_upstream '1' + option tls_index 'dns11.quad9.net' + diff --git a/settings-configs/BPI-R4/usteer b/settings-configs/BPI-R4/usteer index 4bca31222f..a57b7811d0 100644 --- a/settings-configs/BPI-R4/usteer +++ b/settings-configs/BPI-R4/usteer @@ -1,15 +1,155 @@ - config usteer - option network 'lan' - option syslog '1' + # The network interface for inter-AP communication + option 'network' 'lan' + + # Log messages to syslog (0/1) + option 'syslog' '1' + + # Disable network communication (0/1) option local_mode '0' - option ipv6 '0' - option debug_level '2' - option roam_scan_snr '-70' - option roam_trigger_snr '-75' + + # Use IPv6 for remote exchange + option 'ipv6' '0' + + # Minimum level of logged messages + # 0 = fatal + # 1 = info + # 2 = verbose + # 3 = some debug messages + # 4 = network packet information + # 5 = all debug messages + option 'debug_level' '2' + + # Maximum number of neighbor reports set for a node + option max_neighbor_reports 6 + + # Maximum amount of time (ms) a station may be blocked due to policy decisions + #option sta_block_timeout 30000 + + # Maximum amount of time (ms) a local unconnected station is tracked + #option local_sta_timeout 120000 + + # Maximum amount of time (ms) a measurement report is stored + #option measurement_report_timeout 120000 + + # Local station information update interval (ms) + #option local_sta_update 1000 + + # Maximum number of consecutive times a station may be blocked by policy + #option max_retry_band 5 + + # Maximum idle time of a station entry (ms) to be considered for policy decisions + #option seen_policy_timeout 30000 + + # Minimum number of stations delta between APs before load balancing policy is active + option load_balancing_threshold '0' + + # Minimum number of stations delta between bands before band steering policy is active + #option band_steering_threshold 5 + + # Interval (ms) between sending state updates to other APs + #option remote_update_interval 1000 + + # Number of remote update intervals after which a remote-node is deleted + #option remote_node_timeout 10 + + # Allow rejecting assoc requests for steering purposes (0/1) + #option assoc_steering 0 + + # Allow ignoring probe requests for steering purposes (0/1) + #option probe_steering 0 + + # Minimum signal-to-noise ratio or signal level (dBm) to allow connections + #option min_connect_snr 0 + + # Minimum signal-to-noise ratio or signal level (dBm) to remain connected option min_snr '-85' - option roam_scan_tries '0' - option max_neighbor_reports '6' + + # Timeout after which a station with snr < min_snr will be kicked + #option min_snr_kick_delay 5000 + + # Timeout (ms) for which a client will not be steered after rejecting a BSS-transition-request + #option steer_reject_timeout 60000 + + # Timeout (in ms) after which a association following a disassociation is not seen + # as a roam + option roam_process_timeout 1000 + + # Minimum signal-to-noise ratio or signal level (dBm) before attempting to trigger + # client scans for roaming + option roam_scan_snr -70 + + # Maximum number of client roaming scan trigger attempts + option roam_scan_tries '5' + + # Retry scanning when roam_scan_tries is exceeded after this timeout (in ms) + # In case this option is set to 0, the client is kicked instead + #option roam_scan_timeout 0 + + # Minimum time (ms) between client roaming scan trigger attempts + option roam_scan_interval '5000' + + # Minimum signal-to-noise ratio or signal level (dBm) before attempting to trigger + # forced client roaming + option roam_trigger_snr '-75' + + # Minimum time (ms) between client roaming trigger attempts + #option roam_trigger_interval 60000 + + # Timeout (ms) for client roam requests. usteer will kick the client after this times out. + #option roam_kick_delay 10000 + + # Minimum signal strength difference until AP steering policy is active option signal_diff_threshold '12' - option load_balancing_threshold '0' + # Initial delay (ms) before responding to probe requests (to allow other APs to see packets as well) + #option initial_connect_delay 0 + + # Enable kicking client on excessive channel load (0/1) + #option load_kick_enabled 0 + + # Minimum channel load (%) before kicking clients + #option load_kick_threshold 75 + + # Minimum amount of time (ms) that channel load is above threshold before starting to kick clients + #option load_kick_delay 10000 + + # Minimum number of connected clients before kicking based on channel load + #option load_kick_min_clients 10 + + # Reason code on client kick based on channel load (default: WLAN_REASON_DISASSOC_AP_BUSY) + #option load_kick_reason_code 5 + + # Attempting to steer clients to a higher frequency-band every n ms. + # A value of 0 disabled band-steering. + #option band_steering_interval 120000 + + # Minimal SNR or absolute signal a device has to maintain over band_steering_interval to be + # steered to a higher frequency band + #option band_steering_min_snr -60 + + # Interval (ms) the device is sent a link-measurement request to help assess + # the bi-directional link quality. Setting the interval to 0 disables link-measurements. + #option link_measurement_interval 30000 + + # Script to run after bringing up a node + #option node_up_script '' + + # Message types to include in log + # Available types: + # - probe_req_accept + # - probe_req_deny + # - auth_req_accept + # - auth_req_deny + # - assoc_req_accept + # - assoc_req_deny + # - load_kick_trigger + # - load_kick_reset + # - load_kick_min_clients + # - load_kick_no_client + # - load_kick_client + # - signal_kick + #list event_log_types '' + + # List of SSIDs to enable steering on + list ssid_list 'MYWIFI' diff --git a/settings-configs/BPI-R4/wireless b/settings-configs/BPI-R4/wireless index 9f89642949..204c71392e 100644 --- a/settings-configs/BPI-R4/wireless +++ b/settings-configs/BPI-R4/wireless @@ -28,7 +28,7 @@ config wifi-device 'radio1' option band '5g' option channel '100' option htmode 'HE160' - option txpower '20' + option txpower '22' option country 'PL' option cell_density '0' @@ -46,7 +46,7 @@ config wifi-iface 'default_radio1' option dtim_period '3' option time_advertisement '2' option time_zone 'CET-1CEST,M3.5.0,M10.5.0/3' - option proxy_arp '1' + option ieee80211w '2' config wifi-iface 'wifinet3' option device 'radio1'