YazFi YazFi - enhanced AsusWRT-Merlin Guest WiFi inc. SSID <-> VPN Client

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Jack Yaz

Part of the Furniture
I'm sorry, I didn't get a notification about this! But thank you, the new version has solved the issue with incrementing client hostnames.

Unfortunately, although it sounds like @marelit's printer issue was resolved, my access to my Brother printer via Airprint is still borked and it seems to have started after YazFi install. I've tried resetting it, nothing has worked. MacOS reports "The printer is in use."
The change has since been merged to stable, are you on the latest version?
 

ppaull

Occasional Visitor
Can you please post the output of:
Code:
cat /tmp/avahi/avahi-daemon.conf

Code:
[Server]
host-name=Home_Router
aliases=RT-AC68U
aliases_llmnr=RT-AC68U
use-ipv4=yes
use-ipv6=no
deny-interfaces=vlan2
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[publish]
publish-a-on-ipv6=no
publish-aaaa-on-ipv4=no

[wide-area]
enable-wide-area=yes

[rlimits]
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3
 

Jack Yaz

Part of the Furniture
Code:
[Server]
host-name=Home_Router
aliases=RT-AC68U
aliases_llmnr=RT-AC68U
use-ipv4=yes
use-ipv6=no
deny-interfaces=vlan2
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[publish]
publish-a-on-ipv6=no
publish-aaaa-on-ipv4=no

[wide-area]
enable-wide-area=yes

[rlimits]
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3
OK so reflector isn't enabled. Does Airprint rely on Bonjour/mDNS?
 

mefody

New Around Here
The same problem here. After update to v4.0.3 and reboot, I still have [reflector] in avahi-daemon.conf. My Brother Airprint printer has hostname with (503) now, so I've set it to "no" manually.
 

Jack Yaz

Part of the Furniture
The same problem here. After update to v4.0.3 and reboot, I still have [reflector] in avahi-daemon.conf. My Brother Airprint printer has hostname with (503) now, so I've set it to "no" manually.
The postconf file should have been emptied so restarting avahi won't enable reflector
 

Lord Lovaduck

Regular Contributor
You would need VLANs for this, which YazFi doesn't currently support
Thanks Jack, I thought it did.
I am trying to get some VLANs configured myself already using a trunk port on the router for each. There's some beta script by Martineau that creates Vlans. I am trying to get a hold of it.
In any case Yazfi is very cool!
 

Jack Yaz

Part of the Furniture
Thanks Jack, I thought it did.
I am trying to get some VLANs configured myself already using a trunk port on the router for each. There's some beta script by Martineau that creates Vlans. I am trying to get a hold of it.
In any case Yazfi is very cool!
I do/did want to add VLANs, but I only have an HND router (AC86U) which uses different utilities for VLANs, and no-one seems to have a definitive way of using them (yet).
 

Trik

New Around Here
Hi Jack,

Just installed your script on my RT-AC5300, was working great, using it with Pi-hole to give Guest accounts access to Pi-hole DNS. My Guest network is set as 192.168.69.0.

My question is around this point:

https://github.com/jackyaz/YazFi/wi...t-name-resolutionarp-settings-for-lan-clients

I too have the instance where I only get IP addresses for clients on the Guest Network in Pi-hole. So, I created the file as you recommend: 10-subnet-dns.conf

Code:
server=/69.168.192.in-addr.arpa/192.168.1.1<br />

That is the only line in the file, permissions are correct. But when I attempt to start Pi-hole, it crashes shortly after startup. I also noticed in the logs the following:

Code:
dnsmasq: bad address at line 1 of /etc/dnsmasq.d/10-subnet-dns.conf

I feel like I'm following your directions exactly, so I'm not sure exactly what I am doing wrong. I appreciate any assistance, sorry this is my first time trying this!
 

Jack Yaz

Part of the Furniture
Hi Jack,

Just installed your script on my RT-AC5300, was working great, using it with Pi-hole to give Guest accounts access to Pi-hole DNS. My Guest network is set as 192.168.69.0.

My question is around this point:

https://github.com/jackyaz/YazFi/wi...t-name-resolutionarp-settings-for-lan-clients

I too have the instance where I only get IP addresses for clients on the Guest Network in Pi-hole. So, I created the file as you recommend: 10-subnet-dns.conf

Code:
server=/69.168.192.in-addr.arpa/192.168.1.1<br />

That is the only line in the file, permissions are correct. But when I attempt to start Pi-hole, it crashes shortly after startup. I also noticed in the logs the following:

Code:
dnsmasq: bad address at line 1 of /etc/dnsmasq.d/10-subnet-dns.conf

I feel like I'm following your directions exactly, so I'm not sure exactly what I am doing wrong. I appreciate any assistance, sorry this is my first time trying this!
Ah the <br /> are a mistake. remove them and it should work. i've edited the wiki page
 

Trik

New Around Here
Ah the <br /> are a mistake. remove them and it should work. i've edited the wiki page

Haha oh man I'm an idiot. I saw them and thought it was strange, then, looked at the other examples you gave and they had them too, so in my mind I was thinking "I guess that needs to be there". Sorry for not realizing it was just an HTML parsing error in code display!
 

Trik

New Around Here
Ah the <br /> are a mistake. remove them and it should work. i've edited the wiki page

Ok, that was definitely the issue, and I was able to add the settings. I changed the IP range so it would be more obvious at a cursory glance, and while I now have Pi-hole working, for some reason name resolution is still not working for clients on the Guest Network.

Is there an obvious way to test this? I tried this from the terminal in my Docker Pi-hole container, and it worked with no issues:

Code:
[email protected]:/# nslookup 10.0.0.66                                                                                                   
Server:         127.0.0.11                                                                                                           
Address:        127.0.0.11#53                                                                                                         
                                                                                                                                      
66.0.0.10.in-addr.arpa  name = Dans-iPhone-11.home.lan.

But in Pi-hole, it continues to only display the IP address. Are there obvious steps I can perform to try and track down what the issue is exactly? With the change to my Guest IP Range, my settings file is now:

Code:
server=/0.0.10.in-addr.arpa/192.168.1.1
server=/2.168.192.in-addr.arpa/192.168.1.1

Thanks again for your help and this excellent piece of software!!
 

Jack Yaz

Part of the Furniture
Ok, that was definitely the issue, and I was able to add the settings. I changed the IP range so it would be more obvious at a cursory glance, and while I now have Pi-hole working, for some reason name resolution is still not working for clients on the Guest Network.

Is there an obvious way to test this? I tried this from the terminal in my Docker Pi-hole container, and it worked with no issues:

Code:
[email protected]:/# nslookup 10.0.0.66                                                                                                  
Server:         127.0.0.11                                                                                                          
Address:        127.0.0.11#53                                                                                                        
                                                                                                                                     
66.0.0.10.in-addr.arpa  name = Dans-iPhone-11.home.lan.

But in Pi-hole, it continues to only display the IP address. Are there obvious steps I can perform to try and track down what the issue is exactly? With the change to my Guest IP Range, my settings file is now:

Code:
server=/0.0.10.in-addr.arpa/192.168.1.1
server=/2.168.192.in-addr.arpa/192.168.1.1

Thanks again for your help and this excellent piece of software!!
I'm not sure how PiHole resolves names, to be honest
 

Trik

New Around Here
I'm not sure how PiHole resolves names, to be honest

Fair enough, just making sure it wasn't something obvious like the last issue. ;) Thanks again, off to Pi-hole support!
 

clifton.stokes

Occasional Visitor
I have read the thread, but I don't see any info for using Yazfi on AP's. Does it work with having multiple AP on your system and the main router running Yasfi. Or is this another issue of needing Vlans to get this to work. Looking to make common network for Guest in house. Also it is possible to have just one IP range for guest for both 2.4 and 5 ghz networks. I am using the same ssid for both and would like to just have one IP range to look for guest machines. I have tried to set them to the same IP range but get errors when that happens.

Really like the code and setup. Makes things like I have wanted to do for years with my router. I has a setup with Tomato years ago using Vlans to get it how I wanted to, but since I updated my hardware, I have never been able to do that again.
 

msalhab

Occasional Visitor
@Jack Yaz

does "Force DNS" option of WIFI Guests override merlin DNSFilter options?
based on my tests it does override them, but I wanted to confirm with you.

my setup is: I want LAN users to be enforced with opendns and WIFI Guests users to be enforced with something else (8.8.8.8 for example)

Whenever "Force DNS" option is ON on WIFI Guests, my LAN users queries are no longer redirect to opendns
 

Jack Yaz

Part of the Furniture
@Jack Yaz

does "Force DNS" option of WIFI Guests override merlin DNSFilter options?
based on my tests it does override them, but I wanted to confirm with you.

my setup is: I want LAN users to be enforced with opendns and WIFI Guests users to be enforced with something else (8.8.8.8 for example)

Whenever "Force DNS" option is ON on WIFI Guests, my LAN users queries are no longer redirect to opendns
non yazfi guests/normal wifi/lan traffic shouldn't be affected
 

msalhab

Occasional Visitor
@Jack Yaz
Thanks for the previous reply. Indeed I was having an internal miss configuration. Though, I a have few issues on your tool that I would like to share:
1- Guest clients are not seen on the clients page of the router, and also they are not seen under the Adaptive QoS -> Bandwidth Monitor. Is this something you plan to enhance?
2- If I restart only the wifi service on the router, Guests will be reconnecting obviously and for few moments they are getting an IP in the LAN range. Then after few seconds they get another IP from the Guests range (192.168.2.0/24). I confirm those devices don't know how to connect to the LAN Wifi. They only know the Guests ones. Here is an output from arp -a that shows that one device was connected at a certain moment to the LAN range (192.168.1.0/24). Also they are seen on the clients page of the router with the wrong IP.

/tmp/home/root# arp -a
? (192.168.1.111) at 40:5b:d8:7e:9f:25 [ether] on br0
mydevice (192.168.2.5) at 40:5b:d8:7e:9f:25 [ether] on wl0.1 => this is the right one
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top