mwan3, mwan4, and the next steps

Florian Eckert fe at dev.tdt.de
Mon Nov 17 03:02:27 PST 2025 

Hello Jonas

> So I took a look at mwan4 now and it looks like a skeleton.

Here, I just tried to implement pinging in C with uloop. The
rtmon and the firewall update still need to be implemented.

> And I took a
> look at ucode and its capabilities: ubus and netlink are supported. I
> don't know how complete the netlink part is, but there was at least
> something with routes and it seems to be extendable at runtime by 
> shared
> libraries exposing APIs in a certain way.

If we want to use ucode, then we are entering new territory in terms of
ucode and networking. We would then also have a script language again.
This has advantages but also disadvantages in terms of runtime errors.

> Now I think that mwan3 could be modernized step by step:

We can certainly do that. However, it is important that we use the
same configuration scheme as the current mwan3 implementation.
If we don't start from scratch.

> 1.  replace the rpcd based ubus interface of mwan3 by a "real" service
>     implemented with ucode - but doing the same thing it does currently
> 
> 2.  manage state in the ucode service and not in files; provide a ubus
>     interface to get and set parameters
> 
> 3.1 manage the rtmon instances in the ucode service instead of using
>     procd and the init script for that
> 3.2 implement rtmon within that service in ucode
> 
> 4.1 manage mwan3track instances by the ucode service
> 4.2 implement mwan3track within the service in ucode
> 
> 5. replace iptables calls by nftables/libnft calls

I would suggest to integrate the mwan3 firewall rules into the fw4
include framework [1] with ucode. Then we would have everything in
one place. We'll have to see if that's possible with fw4 and that
all firewall extension are supported. The pbr tool in openwrt
is using this include handling already [2].

> I could start with point 1 but I would like to get an OK from Florian
> Eckert first before I start this. I have to think where I can test this
> without annoying anyone.

In my view, there is no reason not to implement this. OK from my side.
We should just agree whether we implement all this in ucode or C.
Everything has its advantages and disadvantages.

Best regards

Florian

[1] 
https://openwrt.org/docs/guide-user/firewall/firewall_configuration?s[]=open&s[]=pass#includes_2203_and_later_with_fw4
[2] 
https://github.com/openwrt/packages/blob/master/net/pbr/files/etc/init.d/pbr#L60

More information about the openwrt-devel mailing list