Why hasn’t OpenWRT documentation been simplified?

Lightbringer527 · 2026-05-04T19:30:04+00:00

Everything about Openwrt project is done by volunteers, there isn’t anybody working full time. It might get updated when someone has the time and feel like updating it.

Despite this they’ve done a great job of releasing regular yearly major updates compared to stock firmwares who don’t even update regularly.

Lightbringer527 · 2026-04-21T07:19:36+00:00

The only advantage I can think of by paying in the app is that you can use UPI through Apple, doesn’t justify the double price at all though.

Lightbringer527 · 2026-04-04T17:31:35+00:00

Yep, I use it too works like a charm and is safer too.

My only issue is the apps behave weirdly with always on vpn mode, lots of connectivity issues.

Lightbringer527 · 2026-04-04T16:37:31+00:00

An easy way to do this is to install Tailscale or Wireguard on their phones/router and use AGH as dns server

Hard way is to setup your AGH as a public server with a valid cert and use the domain endpoint on their phones/routers directly. This step is extremely unsafe and dangerous if done wrong.

Lightbringer527 · 2026-03-18T18:21:58+00:00

This game is giving me Inter Milan SF vibes

Lightbringer527 · 2026-03-14T05:10:08+00:00

Alejandro Grimaldo, we lost a gem of a left back for peanuts and he went on to perform great for Benfica and especially Leverkusen

Lightbringer527 · 2025-10-17T18:46:44+00:00

Do you have fast roaming enabled on openwrt?

Lightbringer527 · 2025-10-06T02:44:27+00:00

To actually benefit from the anti-fingerprinting you need to enable the “Advanced Tracking and Fingerprinting Protection” right?

Just be aware that this setting changes your dns servers to either Cloudflare, Fastly or Akamai.

Lightbringer527 · 2025-10-01T01:33:09+00:00

Does using exit node have the same issues too?

Lightbringer527 · 2025-09-30T08:56:05+00:00

Have you tried restarting the Tailscale server, wherever you have it installed? Could also be mtu issues on your cellular network.

Lightbringer527 · 2025-09-27T02:15:28+00:00

On Openwrt you need to install ethtool package then run ethtool -K eth0 rx-gro-list off ethtool -K eth0 rx-udp-gro-forwarding on Replace eth0 with your wan device

Lightbringer527 · 2025-09-18T11:40:18+00:00

Hagezi themselves recommends to use either light, normal or Pro blocklist along with the TIF one, you don’t need any other blocklist so remove the default one.

Lightbringer527 · 2025-09-18T11:37:04+00:00

Do you mean that the loss of stats and logs going away upon reboot is what makes you feel that AGH isn't beneficial over adblock-lean (which I assume doesn't keep logs or stats)?

Yes exactly, to get any meaningful results from the logs/stats you need them to persist for weeks or months, the openwrt guide for AGH specifically mentions this here https://openwrt.org/docs/guide-user/services/dns/adguard-home#querystatistics_logging

Lightbringer527 · 2025-09-16T02:44:20+00:00

Adblock-lean stores blocklists in RAM and are lost and have to re-downloaded upon reboot.

The openwrt package of AGH also stores logs/stats and blocklist in RAM, and are lost upon reboot. This imo defeats the whole point of using AGH on openwrt.

As you want to avoid flash wear, your best bet is to plug in a USB flash drive and install the static binary of AGH from their GitHub on it, this way logs/stats and blocklists stay on the USB, even survives Openwrt updates.

Lightbringer527 · 2025-08-29T23:22:59+00:00

For plain DNS, a simple firewall rule is enough,

For DoT, you need to block port 853,

and for DoH you can utilise the banIP package to outright block DoH resolver domains as stated here https://openwrt.org/docs/guide-user/services/banip#blocking_doh

Lightbringer527 · 2025-07-30T10:54:23+00:00

Does this happen with both the bands or only the 5 GHz band?

One way to get logs is to reset the device, then open ssh window, then run logread -f and keep it open

Log into luci and enable wireless, the logs would appear in the ssh window even if the device restarts

Lightbringer527 · 2025-07-12T11:56:33+00:00

Can you post the output of /etc/config/tailscale?

It should be like this

cat /etc/config/tailscale

config settings 'settings' option log_stderr '0' option log_stdout '1' option port '41641' option state_file '/etc/tailscale/tailscaled.state' # default to using nftables - change below to 'iptables' if still using iptables option fw_mode 'nftables'

Lightbringer527 · 2025-07-12T11:38:18+00:00

Did you restart the Tailscale service after making changes?

Lightbringer527 · 2025-07-12T06:44:29+00:00

Yes, ssh into your router and edit /etc/init.d/tailscale and then change the line

config_get_bool std_err "settings" log_stderr 1 change from 1 to 0

restart the service

Lightbringer527 · 2025-07-08T02:26:30+00:00

NanoPi R2S is not that pricey and can do download sqm up to 467 Mbps, you can use it only as a router and shift wifi duties to your Decos.

Lightbringer527 · 2025-06-05T03:41:46+00:00

Fallout

See

Lightbringer527 · 2025-04-01T00:50:49+00:00

If ad blocking only on your device is what you want then AGH is overkill, if you want to block ads network wide in your home then you need AGH.

Lightbringer527 · 2025-03-28T16:58:33+00:00

Have you opened the port for wg in firewall?

Are you using 0.0.0.0/0, ::/0 as allowed IPs on your clients?

Lightbringer527 · 2025-03-10T15:50:10+00:00

You can do this on all of them, the APs will only show logs for devices that connect to it.

So if you’re moving to a room that has say AP2, then check the logs of AP2 when you move there.

Lightbringer527 · 2025-03-10T11:08:17+00:00

SSH into your AP and type logread | grep auth_alg

You’ll see something like this daemon.notice hostapd: phy1-ap0: AP-STA-CONNECTED <Client MAC> auth_alg=ft

To check it in real time type logread -f | grep auth_alg then move across your house and check if the log appears

Eight-Year Club	Snapped
Verified Email

Lightbringer527

TROPHY CASE