Firmware-ng Changelog


  • NEW: OM2P-HSv2 platform support
  • FIX: [OM2P] send ibss probe responses with noack flag to reduce number of sent probe responses
  • FIX: [OM2P] process management frames only once per BSS to reduce number of sent probe responses
  • FIX: [OM2P] don't drop connections of roaming clients when bridge_mode is disabled
  • FIX: [OM1P] disable mesh encryption due to failures in the encryption over time


  • FIX: fallback inet_test uses checkin URL to avoid endless SSL redirect
  • FIX: [ng2ng] don't enable ng2ng mesh bridge while running in orphan mode
  • FIX: [nds] deactivate oversized thread stack cache
  • FIX: [nds] check if kernel module was loaded already to avoid insmod failure
  • FIX: [nds] work around the leaking thread stack
  • FIX: [coova-chilli] fix DNS regression for chilli and orphan mode
  • FIX: [OM2P] fix decrypt_error initialization to avoid decryption problem
  • FIX: [OM2P] avoid mangling powersave keys when the chip key cache is filled
  • FIX: [OM2P] allow multicast frames on eth1 (dropped by ethernet switch)
  • FIX: [OM2P] set fallback to /tmp/resolv.conf for inet_test DNS check in repeater mode


  • NEW: update fallback dashboard IP to point to server in Oregon
  • NEW: send hostname with syslog messages
  • NEW: reboot after 6 checkins in orphan mode if no upgrade or mesh key is available
  • NEW: [OM2P] print extensive logs when/how a device was rebooted
  • NEW: [OM2P] drop unsolicited DHCP broadcast packets instead of forwarding them
  • FIX: fix wireless WPA key cache corruption leading to wifi disconnects
  • FIX: ignore case of captive portal variable sent from the dashboard (prevents health care reboot of ticket #618)
  • FIX: backport port asprintf memory leak
  • FIX: [nds] remove threading for HTTP access to minimize risk for race conditions
  • FIX: [nds] deactivate over-sized thread stack cache
  • FIX: [nds] check if kernel module was loaded already to avoid insmod failure
  • FIX: [nds] work around of the leaking stack of thread
  • FIX: [coova-chilli] properly configure LAN block if enabled (closes ticket #593)
  • FIX: [OM2P] fix invalid memory access in crashlog potentially leading to a crash
  • FIX: [OM2P] stop bridge-in-batman DHCP packet mangling when bridge_netfilter is enabled (ng463 regression)
  • FIX: [OM2P] increase beacon interval to 300ms to reduce channel pollution


  • NEW: [nds] allow walled garden refresh without nds restart
  • FIX: avoid running multiple dhcp clients on repeaters
  • FIX: remove interface event handler delay to avoid losing events on the LAN
  • FIX: launch dhcp watch also when connected to a possible lan
  • FIX: avoid lockup by releasing gw lock before exiting in case of memory shortage
  • FIX: set dhcp start IP option to not waste 99 IPs from the IP pool
  • FIX: [nds] sanatize voucher input
  • FIX: [health care] detect if cable is plugged but ignored by the system (closes ticket #485)
  • FIX: re-order health care rule processing to run dashboard rules first (closes ticket #499)
  • FIX: [OM2P] workaround roaming breakage with bridge mode enabled
  • FIX: [OM2P] fix sending DHCP INFORM packets to wrong subnets (e.g. LAN)


  • FIX: properly handle IP range calculation on gateways with high node ids


  • FIX: disable bridge loop avoidance completely when bridge mode is disabled (closes ticket #441)
  • FIX: uci creash triggered by too long string
  • FIX: [OM2P] wifi stability fixes (closes ticket #439)
  • FIX: [wgarden] do not activate wgarden ip verification when coova-chilli is running


  • NEW: [nds] redirect including node & client mac
  • NEW: [checkin] after 12 subsequent alt dashboard timeouts contact dfl dashboard
  • NEW: [checkin] alternate dashboard checkin timeout flag
  • NEW: [walled garden] periodic DNS update
  • FIX: [walled garden] separate /etc/hosts entry from walled garden entries
  • FIX: remove accidental restriction of local LAN interface access (closes ticket #229 and #262)


  • FIX: [OM2P-HS] disable LDPC to workaround printer connection issues


  • NEW: strip CR characters from custom scripts (closes ticket #379)
  • NEW: [OM2P] build GRE kernel module (closes ticket #220)
  • NEW: [OM2P] auto-orphan mode
  • NEW: [chilli] make dhcp lease timeout configurable via uci
  • FIX: [OM2P] fix random ethernet driver crash (closes ticket #373)
  • FIX: [OM2P] improve wifi reset reliability after errors
  • FIX: [OM2P-LC] disable wifi diversity in eeprom
  • FIX: [MR500] gateway crash due to random memory access
  • FIX: configure dnsmasq to also forward DNS SRV records (closes ticket #386)
  • FIX: [health care] protect health care config change with file lock
  • FIX: [nds] limit dashboard pre-authentication checks


  • FIX: [OM2P] connected wifi client reporting
  • FIX: [nds] limit the number of voucher authentication attempts [5 attempts every 30 minutes] (closes ticket #356)


  • NEW: [OM2P] allow dashboard to specify SSID encryption type (WPA1+2 or WPA2-only)
  • NEW: [OM2P] crashlog support - store debug information while rebooting due to kernel crash
  • NEW: [connkeeper] add support for CHECKIN and REBOOT command
  • NEW: [OM2P] support TKIP countermeasures according to WFA requirements
  • FIX: filter problematic LF characters from dashboard configuration
  • FIX: [OM2P] adapt slot time in IBSS mode for higher mesh performance
  • FIX: [OM2P] fix WMM VI and VO handling
  • FIX: [OM2P] downgrade coova-chilli to version 1.2.8
  • FIX: [OM2P] skb leaks leading to hostapd/wpa_supplicant hangs (closes ticket #365)
  • FIX: [nds] retry 3 times when trying to authenticate a voucher
  • FIX: [health care]: write test & test result into log file when running dashboard tests


  • NEW: separate hostname for remoteauthdata/remotevoucher/remoteblockedmsg to be able to use different hosts for each
  • FIX: [OM2P] replace batman-adv race condition workaround with proper fix
  • FIX: [OM2P] ignored MTU setting (regression)
  • FIX: [OM2P] retry mesh encryption key exchange on failure
  • FIX: [OM2P] improve IBSS state station handling to make mesh encryption more reliable
  • FIX: [OM2P] re-enable Atheros noise immunity for single chain devices (OM2P/OM2P-LC)
  • FIX: [MR500] fix batman-adv backport to calculate mac header length correctly (closes ticket #342)
  • FIX: [nds] report "last seen" field correctly (table layout change)


  • NEW: redesigned bridge loop avoidance (closes ticket #40)
  • NEW: AP isolation (closes ticket #37)
  • NEW: mesh encryption
  • NEW: fast roaming for clients
  • NEW: roaming client threshold to force switching the gateway
  • NEW: SMTP redirect support added
  • NEW: delay mesh relevant WiFi settings to avoid outages & prolonged recovery phase
  • NEW: include support for OM2P-LC / OM2P-HS devices
  • NEW: public firmware hooks for internet connect / disconnect events
  • NEW: [nds] display blocked user message even if splash page is disabled
  • NEW: [nds] unblock authentication if dashboard authenticator can't be reached (closes ticket #338)
  • NEW: [OM2P] ACL whitelisting support (closes ticket #266)
  • NEW: [OM2P] WPA / WPA2 Enterprise (mixed)
  • NEW: [OM2P] include OpenWrt sysupgrade support to allow manual reflash
  • FIX: harden signal handling to avoid unnecessary reboots
  • FIX: randomize dashboard check-ins to distribute check-in load
  • FIX: [OM2P] enable vlan tagging on 2nd Ethernet port
  • FIX: [OM2P] delete leaving stations immediately without waiting for their ACK (closes ticket #300)
  • FIX: [MR500] internal loop due to non-unique mac addresses
  • FIX: [MR500] WPA-Enterprise authentication regression (closes ticket #274)
  • FIX: [nds] check & repair folder layout before downloading splash pages (closes ticket #278)
  • FIX: [lonely] recover faster from prolonged internet outage (closes ticket #231)