What's new

YazFi YazFi - enhanced AsusWRT-Merlin Guest WiFi inc. SSID <-> VPN Client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

@Jack Yaz

I noticed something I had not seen before, which was

Code:
YazFi : Lock Found - stopping

Would this signify it is already running? I am going to assume yes, or maybe the update was still ongoing ? I had just re ran the update command and attempted to, manually run the script.
 
@Jack Yaz

I noticed something I had not seen before, which was

Code:
YazFi : Lock Found - stopping

Would this signify it is already running? I am going to assume yes, or maybe the update was still ongoing ? I had just re ran the update command and attempted to, manually run the script.
That's normal to stop multiple runs, e.g. during boot when firewall-start gets called multiple times. If it still won't let you run the script after 1-2 mins then something isn't right and the script has errored out in an unexpected way.

If it had installed an update then YazFi restarts the firewall, which in turn calls YazFi. This probably explains why you couldn't manually run it afterwards as the firewall restart was still going in the background.
 
@Jack Yaz

Its been 27 minutes and its still in lock state. Ill reboot when the wife and kids are not on, and see if it clears. Likely later this evening. At this rate, much much later. She's watching the wedding, (recorded it) and its streaming. I don't want to interrupt that. :p
 
Ok managed a reboot as she was out of the room. Lock file still present after 15 min this time. I removed YazFi script and re downloaded and this time as soon as the download finished the lock file message appeared.
 
Ok looks like YazFi is just looking for a config file, seems if that config file is in place the lock file is created. If I remove the "YazFi.lock" file, the install proceeds and then stops. (see below)

It however removes the existing user config file. I would suggest leaving the users config in place and placing the new file as a place holder like YazFi.config.original or something.

Next it started up and I had disabled 2 radios from my original config. It says those radios failed validation. The last radio passed validation. But the script proceeded no further. It give no notice or failure or success.
I removed the lock file again and received the same results


Dummy me I grabbed a way earlier copy of my config file, all good when it is replaced by the correct version, and then YazFi starts just fine.

This time the lock file did not pose an issue, I ran the script 3 more times. ALL good now.
 
Last edited:
Ok looks like YazFi is just looking for a config file, seems if that config file is in place the lock file is created. If I remove the "YazFi.lock" file, the install proceeds and then stops. (see below)

It however removes the existing user config file. I would suggest leaving the users config in place and placing the new file as a place holder like YazFi.config.original or something.

Next it started up and I had disabled 2 radios from my original config. It says those radios failed validation. The last radio passed validation. But the script proceeded no further. It give no notice or failure or success.
I removed the lock file again and received the same results


Dummy me I grabbed a way earlier copy of my config file, all good when it is replaced by the correct version, and then YazFi starts just fine.

This time the lock file did not pose an issue, I ran the script 3 more times. ALL good now.
I'll update the install function to check for presence of a config, or at least back up the existing (as config file may change over time)

I'll see if there's a way to check age of lock file and if over 5mins force remove
 
Last edited:
v1.3.5 is available

Changelog:
  • Make sure permission set on updated script
  • Purge old locks
  • Ensure lock file is removed on failed validation
  • Keep existing config if re-installing

To update:

If on a verison earlier than v1.3.0:
Code:
/usr/sbin/curl --retry 3 "https://raw.githubusercontent.com/jackyaz/YazFi/master/YazFi" -o "/jffs/scripts/YazFi" && chmod 0755 /jffs/scripts/YazFi && /jffs/scripts/YazFi

If on v1.3.0 or later:
Code:
/jffs/scripts/YazFi update
 
I was on 1.3.0, thought 1.3.1 was released as it was in a screen shot from Brennke.

I just updated to 1.3.5 with no issues.
 
Re. LAN access, what are people looking for? e.g.
  • Access to specific devices
  • Access to subnet(s)
  • Access to specific ports on specific devices?
  • Access to FTP/SMB/NFS resources on the router itself?
I'm trying to gauge how I should be approaching the solution :)
 
Re. LAN access, what are people looking for? e.g.
  • Access to specific devices
  • Access to subnet(s)
  • Access to specific ports on specific devices?
  • Access to FTP/SMB/NFS resources on the router itself?
I'm trying to gauge how I should be approaching the solution :)

In my case, I’d like to be able to access specific devices on the main network, and specific (entire) guest networks, ie subnets. :)
 
@Jack Yaz - this link in Post # 1 is returning 404 Error on Chrome. Thought you might like to know...

Code:
For ease of reference, a sample configuration file is available here: https://raw.githubusercontent.com/jackyaz/YazFi/master/YazFi.sample.config
 
@Jack Yaz - this link in Post # 1 is returning 404 Error on Chrome. Thought you might like to know...

Code:
For ease of reference, a sample configuration file is available here: https://raw.githubusercontent.com/jackyaz/YazFi/master/YazFi.sample.config
Good spot - fixed. I changed the name and missed the first post reference.
 
Re. LAN access, what are people looking for? e.g.
  • Access to specific devices
  • Access to subnet(s)
  • Access to specific ports on specific devices?
  • Access to FTP/SMB/NFS resources on the router itself?
I'm trying to gauge how I should be approaching the solution :)

Here is a vote for "Access to specific ports on specific devices"
 
Re. LAN access, what are people looking for? e.g.
  • Access to specific devices
  • Access to subnet(s)
  • Access to specific ports on specific devices?
  • Access to FTP/SMB/NFS resources on the router itself?
I'm trying to gauge how I should be approaching the solution :)

Just installed it and it works a treat. Ideally I'd like probably the simplest option - Access to other subnets.
 
Re. LAN access, what are people looking for? e.g.
  • Access to specific devices
  • Access to subnet(s)
  • Access to specific ports on specific devices?
  • Access to FTP/SMB/NFS resources on the router itself?
I'm trying to gauge how I should be approaching the solution :)

It would be nice if clients on the Guest WiFi networks could access LAN-connected printers.
I suppose that would qualify as "Access to specific devices" or "Access to specific ports on specific devices"
 
v1.3.6 is available

Changelog:

  • Move firewall rules to dedicated chains
  • Improve positioning of rules in INPUT and FORWARD chains
  • Also remove Port 68 on INPUT, not used by DHCP server, 67 only

To update:

If on a verison earlier than v1.3.0:
Code:
/usr/sbin/curl --retry 3 "https://raw.githubusercontent.com/jackyaz/YazFi/master/YazFi" -o "/jffs/scripts/YazFi" && chmod 0755 /jffs/scripts/YazFi && /jffs/scripts/YazFi

If on v1.3.0 or later:
Code:
/jffs/scripts/YazFi update

LAN access is coming, I just need to learn more about ipsets first!

I'm also working to make YazFi cron-friendly.
 
Please excuse my ignorance, but when I can use this script for on a day to day situation and can we use with FreshJR QOS scripts? Any info is greatly appreciated.
 
LAN access is coming, I just need to learn more about ipsets first!
I'm very excited about this! It seems to be my only hope for getting Guest wifi access to the Pixelserv IP! Separate IP ranges for the Guest networks is just gravy. :)
 
I'm very excited about this! It seems to be my only hope for getting Guest wifi access to the Pixelserv IP! Separate IP ranges for the Guest networks is just gravy. :)
Pixelserv IP in theory i can patch in quite readily as I won't need to account for user input. I'll see if I can get something on the testing branch working tonight.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top