YazFi [Solved] Yazfi (again, same problem ever)

[maghuro]

No, i deem the config invalid therefore apply no settings, as things stand

So in this case, anytime I want to disable guest 1, I need to go first to yazfi tab and disable yazfi guest1 configs?

 

[Jack Yaz]

So in this case, anytime I want to disable guest 1, I need to go first to yazfi tab and disable yazfi guest1 configs?

Please try this change, on the develop branch. https://github.com/jackyaz/YazFi/commit/e57d51f85dbdfe7c406dd3c99566473e3f5a0dc0

 

[L&LD]

Sorry, off-topic, but the 'Solved' label is confusing for something that is still being worked on.

I don't believe the labels are effective at all, but that may be just me (I don't get their purpose when I read every post anyway).

 

[maghuro]

Please try this change, on the develop branch. https://github.com/jackyaz/YazFi/commit/e57d51f85dbdfe7c406dd3c99566473e3f5a0dc0

Perfect sir!! Thank you so much!

Last mistery to solve is why can't I make.changes through web interface. Instead I have always to make the changes directly.on config file...

 

[maghuro]

Sorry, off-topic, but the 'Solved' label is confusing for something that is still being worked on.

I don't believe the labels are effective at all, but that may be just me (I don't get their purpose when I read every post anyway).

Well... Despite "my problem" being solved, as we've found the culprit, the coding problem instead was being solved...

It was more to make the thread fancy than something else

 

[Jack Yaz]

Perfect sir!! Thank you so much!

Last mistery to solve is why can't I make.changes through web interface. Instead I have always to make the changes directly.on config file...

You should be able to make changes in the WebUI. Do you see YazFi being called to merge settings (in syslog) when you Save/Apply?

 

[maghuro]

You should be able to make changes in the WebUI. Do you see YazFi being called to merge settings (in syslog) when you Save/Apply?

No... Nothing on syslog when hitting apply

 

[Jack Yaz]

No... Nothing on syslog when hitting apply

does the page refresh with the "Loading..." or nothing happen at all? I have an idea what's going on but don't have time to check the code atm

 

[maghuro]

You should be able to make changes in the WebUI. Do you see YazFi being called to merge settings (in syslog) when you Save/Apply?

No... Nothing on syslog when

does the page refresh with the "Loading..." or nothing happen at all? I have an idea what's going on but don't have time to check the code atm

It refreshes... And when it refreshes, the old values appear

 

[Jack Yaz]

No... Nothing on syslog when

It refreshes... And when it refreshes, the old values appear

can you share a syslog across a refresh? it's not what I thought it was

 

[maghuro]

can you share a syslog across a refresh? it's not what I thought it was

Here it is!

Feb 3 01:53:03 kernel: br0: received packet on eth5 with own address as source address
Feb 3 01:53:25 rc_service: httpd 1845:notify_rc start_yazfi
Feb 3 01:53:25 custom_script: Running /jffs/scripts/service-event (args: start yazfi)
Feb 3 01:53:25 custom_script: Running /jffs/scripts/service-event-end (args: start yazfi)

 

[Jack Yaz]

Here it is!

sorry for the delay...i see the problem...and fixed! You'll need to do option uf at the command line to force download the updated WebUI page

 

[maghuro]

sorry for the delay...i see the problem...and fixed! You'll need to do option uf at the command line to force download the updated WebUI page

Perfect, Jack! As always....

Thank you so much

 

[Jack Yaz]

Perfect, Jack! As always....

Thank you so much

I had actually already fixed it locally a while ago but neglected to push the commit

 

[Swinson]

I had actually already fixed it locally a while ago but neglected to push the commit

I’ve been having the same problem but I’ve been so busy lately I haven’t looked into at all until just now. I’ll update later today and confirm the fix works on my system. Thanks for troubleshooting this.

Edit: upgraded just a second ago (v4.2.0) and everything is now working as expected thanks.

 

[Citius]

I have tried YazFi in different versions now and as soon as i activate it. I get strange errors.
Today i set up 5.2Ghz Guestnet nr:2 and pointed it to vpn 1.
I set VPN to Strict and entered the proper net that was set in YazFi "192.168.110.0/24"
i only give it a span from 10 - 20 in the DHCP settings.
I don't force DNS since i do that already in the VPN (Exlusivly).
I set Redirect all to VPN YES.
And i use VPN 1 (Only one im using).
Two way = NO
One way = No
Client isolation = YES

I must activate ipv6 because my VPN provider demands it. So i set it to native and "Enable Router Advertisement" = Disable

I then test by switching my phone to the guest network. And it works fine. I get no DNS leak and VPN is working. however Skynet seems to bail out and i get errors.
YazFi: wl1.2 (SSID: XXXXXXX) - VPN redirection enabled, sending all interface internet traffic over VPN Client 1
CONSOLE: 090443.320 wl1: wlc_recvfilter: bad frame control 0x40d
hostapd: wl1.2: STA 34:1c:f0:cc:3e:d6 IEEE 802.11: associated
kernel: CFG80211-ERROR) wl_cfg80211_change_station : WLC_SCB_AUTHORIZE sta_flags_mask not set
hostapd: wl1.2: STA 34:1c:f0:cc:3e:d6 RADIUS: starting accounting session 396B51F3D75C4A25
hostapd: wl1.2: STA 34:1c:f0:cc:3e:d6 WPA: pairwise key handshake completed (RSN)
kernel: CONSOLE: 090442.260 wlc_ap_authresp: status 0
kernel: CONSOLE: 090442.278 wlc_ap_authresp: status 0
kernel: CONSOLE: 090442.281 wl1: turn sta MFP setting on with sha256
kernel: CONSOLE: 090442.282 wlc_ap_process_assocreq_done status 0
kernel: CONSOLE: 090442.282 wl1: STA 34:1c:f0:cc:3e:d6 has associated tx_type 2
kernel: CONSOLE: 090442.285 iov:SCB_DEAUTH
kernel: CONSOLE: 090442.286 txrep:802.1x
kernel: CONSOLE: 090442.297 txrep:802.1x
kernel: CONSOLE: 090442.301 iov:SCB_AUTH
kernel: CONSOLE: 090443.316 wl1: 34:1c:f0:cc:3e:d6: addba timed out 0
kernel: CONSOLE: 090443.320 wl1: wlc_is_publicaction: rx frame has category 9, pub action field 0; should have cat 4
kernel: CONSOLE: 090443.320 wl1: wlc_recvfilter: bad frame control 0x40d0
kernel: CONSOLE: 090444.313 wl1: 34:1c:f0:cc:3e:d6: addba timed out 1
kernel: CONSOLE: 090444.821 wl1.2: wlc_send_bar: for 34:1c:f0:cc:3e:d6 seq 0x1 tid 0
kernel: CONSOLE: 090445.310 wl1: 34:1c:f0:cc:3e:d6: addba timed out 2
kernel: CONSOLE: 090446.307 wl1: 34:1c:f0:cc:3e:d6: addba timed out 3

But the most wierd thing is this:
kernel: XX:1C:X0:CC:3E:XX not mesh client, can't update it's ip.
Somehow the router want's to make my Phone a Mesh Node???

So i wan't to run one client on a guest net with VPN and all my other devices on my normal lan without VPN.
What steps could be wrong?
My router is alone. No other nodes. I did a full reset going to 386.1 and had exatly the same issue then.
Now im on 1_2 with still the same issue.
I am probably not setting something up correctly, but i don't know what.

Also under Wireless log i can se the following:
Stations List
----------------------------------------
idx MAC Associated Authorized RSSI PHY PSM SGI STBC MUBF NSS BW Tx rate Rx rate Connect Time
XX:39:X6:91B:XX Yes Yes -46dBm ac No Yes No Yes 1 80MHz 433.3M 433.3M 00:03:04
2 XX:1C:F0:CX:3E:XX Yes Yes -50dBm ax Yes Yes Yes Yes 2 80MHz 1134.2M 6M 00:02:17

They are under the same SSID and i can't see the Guest WIFI.
It's my Laptop and my Phone. The phone on VPN and my laptop on the Lan.

 

[Jack Yaz]

I have tried YazFi in different versions now and as soon as i activate it. I get strange errors.
Today i set up 5.2Ghz Guestnet nr:2 and pointed it to vpn 1.
I set VPN to Strict and entered the proper net that was set in YazFi "192.168.110.0/24"
i only give it a span from 10 - 20 in the DHCP settings.
I don't force DNS since i do that already in the VPN (Exlusivly).
I set Redirect all to VPN YES.
And i use VPN 1 (Only one im using).
Two way = NO
One way = No
Client isolation = YES

I must activate ipv6 because my VPN provider demands it. So i set it to native and "Enable Router Advertisement" = Disable

I then test by switching my phone to the guest network. And it works fine. I get no DNS leak and VPN is working. however Skynet seems to bail out and i get errors.
YazFi: wl1.2 (SSID: XXXXXXX) - VPN redirection enabled, sending all interface internet traffic over VPN Client 1
CONSOLE: 090443.320 wl1: wlc_recvfilter: bad frame control 0x40d
hostapd: wl1.2: STA 34:1c:f0:cc:3e:d6 IEEE 802.11: associated
kernel: CFG80211-ERROR) wl_cfg80211_change_station : WLC_SCB_AUTHORIZE sta_flags_mask not set
hostapd: wl1.2: STA 34:1c:f0:cc:3e:d6 RADIUS: starting accounting session 396B51F3D75C4A25
hostapd: wl1.2: STA 34:1c:f0:cc:3e:d6 WPA: pairwise key handshake completed (RSN)
kernel: CONSOLE: 090442.260 wlc_ap_authresp: status 0
kernel: CONSOLE: 090442.278 wlc_ap_authresp: status 0
kernel: CONSOLE: 090442.281 wl1: turn sta MFP setting on with sha256
kernel: CONSOLE: 090442.282 wlc_ap_process_assocreq_done status 0
kernel: CONSOLE: 090442.282 wl1: STA 34:1c:f0:cc:3e:d6 has associated tx_type 2
kernel: CONSOLE: 090442.285 iov:SCB_DEAUTH
kernel: CONSOLE: 090442.286 txrep:802.1x
kernel: CONSOLE: 090442.297 txrep:802.1x
kernel: CONSOLE: 090442.301 iov:SCB_AUTH
kernel: CONSOLE: 090443.316 wl1: 34:1c:f0:cc:3e:d6: addba timed out 0
kernel: CONSOLE: 090443.320 wl1: wlc_is_publicaction: rx frame has category 9, pub action field 0; should have cat 4
kernel: CONSOLE: 090443.320 wl1: wlc_recvfilter: bad frame control 0x40d0
kernel: CONSOLE: 090444.313 wl1: 34:1c:f0:cc:3e:d6: addba timed out 1
kernel: CONSOLE: 090444.821 wl1.2: wlc_send_bar: for 34:1c:f0:cc:3e:d6 seq 0x1 tid 0
kernel: CONSOLE: 090445.310 wl1: 34:1c:f0:cc:3e:d6: addba timed out 2
kernel: CONSOLE: 090446.307 wl1: 34:1c:f0:cc:3e:d6: addba timed out 3

But the most wierd thing is this:
kernel: XX:1C:X0:CC:3E:XX not mesh client, can't update it's ip.
Somehow the router want's to make my Phone a Mesh Node???

So i wan't to run one client on a guest net with VPN and all my other devices on my normal lan without VPN.
What steps could be wrong?
My router is alone. No other nodes. I did a full reset going to 386.1 and had exatly the same issue then.
Now im on 1_2 with still the same issue.
I am probably not setting something up correctly, but i don't know what.

Also under Wireless log i can se the following:
Stations List
----------------------------------------
idx MAC Associated Authorized RSSI PHY PSM SGI STBC MUBF NSS BW Tx rate Rx rate Connect Time
XX:39:X6:91B:XX Yes Yes -46dBm ac No Yes No Yes 1 80MHz 433.3M 433.3M 00:03:04
2 XX:1C:F0:CX:3E:XX Yes Yes -50dBm ax Yes Yes Yes Yes 2 80MHz 1134.2M 6M 00:02:17

They are under the same SSID and i can't see the Guest WIFI.
It's my Laptop and my Phone. The phone on VPN and my laptop on the Lan.

The router VPN client doesn't support IPv6 neither does YazFi.

 

[Citius]

The router VPN client doesn't support IPv6 neither does YazFi.

Thank you for that quick and short answer
and also sorry for my WOT comming now. Please just quick read it and then i will upload my settings in a new post.

Ii'm not really sure about that IPV6 is causing my problems or YazFi. But i will sure turn off IPV6 amongst other stuff:
My VPN is connected even though i have IPV6 on and has been all day. The client connected to it has always on vpn from Microsoft and it has not failed during all day, no matter what happens.

My other clients is experiencing a lot of errors and dropuots though.

My ISP has one IPV6 DNS server and one IPV4 in the ovpn tunnel. There are othe DNS for the VPN i could input manually.

Last time i got my router working optimal, without any major hickups was when i followed L&LDs guide M&M.
Besides that i also removed Trends Ai stuff, and the built in Qos.
I also enabled fixed Control channels and Channel Bandwith since it was jumping around to much.
One thing causing issues before that was manually assigned IP to every device and Mac adress filtering on Wifi.

As this update came i thought maybe it would fix some issues that prevents me from using my RT-AX86U Router with 802.11ax / Wi-Fi 6 mode, WPA3 and Protected Management Frames.
On my devices that supports it. (only a few and only using it on 5Ghz)
So i enabled those options on my 5 Ghz, and it has been working fine untill i setup YazFi and my OVPN Client.

I can see the guest in the wireless log having an ip in my normal vlan and at the same time it has another IP in Guest wifi.
Is that a normal behaviour? It seems logic that it would causes issues having different settings and one leg in one Vlan and one in another.
I had WPA3 on in the morning on my private Wifi and WPA2 in the Guest Wifi. That probably rocked the boat a lot.
I did change it to WPA2 later but it was still causing issues.

And also having two IPs explains why it seems to be a problem when i set the guests in the VPN client to 192.168.50.0/24 for with VPN Strict mode.
They cant be in three places at the same time.

It is now behaving a lot better since i turned off the Protected Management Frames. But Diversion and Skynet doesn't seem to work. something killed them during the day. I can see it in the graphs.

this guy has the same issue as me with: kernel: CFG80211-ERROR) wl_cfg80211_change_station : WLC_SCB_AUTHORIZE sta_flags_mask not set

RT-AX88U - WLC_SCB_AUTHORIZE sta_flags_mask not set

Hi all, I have some issue with my RT-AX88U. 1 computer in Wifi have some disconnected... In log i see this : Dec 16 14:24:28 WLCEVENTD: Deauth_ind XX:XX:XX:XX:XX:XX Dec 16 14:24:28 hostapd: wl1.1: STA XX:XX:XX:XX:XX:XX IEEE 802.11: disassociated Dec 16 14:24:28 WLCEVENTD: Auth...

www.snbforums.com

This was the last error and it happened when i turned that client off in wl1.2, i had also swithed my phone and my laptop to 2.4Ghz several hourts before so nothing was on the 5Ghz except for that client.

Feb 16 19:52:16 wlceventd: wlceventd_proc_event(469): wl1.2: Deauth_ind 34:F3:9A:9E:F6:0B, status: 0, reason: Unspecified reason (1)
Feb 16 19:52:16 hostapd: wl1.2: STA 34:f3:9a:9e:f6:0b IEEE 802.11: disassociated
Feb 16 19:52:16 kernel: CONSOLE: 137763.595 wl1.2: wlc_ampdu_flush_scb_tid flushing 0 packets for 34:f3:9a:9e:f6:0b AID 14 tid 0
Feb 16 19:52:16 kernel: CONSOLE: 137763.595 wl1.2: wlc_ampdu_flush_scb_tid flushing 0 packets for 34:f3:9a:9e:f6:0b AID 14 tid 5
Feb 16 19:52:16 kernel: CONSOLE: 137763.595 wl1: random key value: 1369DB125C204EAB3257019A33FF513BDF6BC1F26A8C02B26B3E02AA132DC6CC
Feb 16 19:52:16 kernel: CONSOLE: 137763.596 wl1: wlc_txbf_delete_link_serve failed for 34:f3:9a:9e:f6:0b
Feb 16 19:52:16 kernel: CONSOLE: 137763.598 iov:SCB_DEAUTH
Feb 16 19:52:16 kernel: CONSOLE: 137763.598 iov:SCB_DEAUTH
To me it seems obvious that the guest wifi is causing an issue but im not saying it's a bug. It's probably my settings that are not correct

If you can give me some easy steps to using YazFi correctly i would be so greatful.
There are many ways to do it wrong, and i am doing at least one of them

I will provide som pictures later with my setup. I'm sure there is something totally wrong and easy to spot.
DNs setting are everywhere For filtering Lan clients! Lan Dhcp settings!, Wan! VPN! Yazfi!

The only thing i really need is to separate this one client from the other to protect it from them. VPN is not neccesary.

 

[Citius]

 

[Citius]