diff --git a/settings-configs/AX3200/collectd b/settings-configs/AX3200/collectd
index 091dd9a..0757882 100644
--- a/settings-configs/AX3200/collectd
+++ b/settings-configs/AX3200/collectd
@@ -188,7 +188,8 @@ config globals 'globals'
#config plugin 'tcpconns'
# option enable '0'
-# list ListeningPort '0'
+# option ListeningPorts '0'
+# option AllPortsSummary '0'
# list LocalPort '22'
# list LocalPort '80'
diff --git a/settings-configs/AX3200/collectd.conf b/settings-configs/AX3200/collectd.conf
new file mode 100644
index 0000000..b415225
--- /dev/null
+++ b/settings-configs/AX3200/collectd.conf
@@ -0,0 +1,60 @@
+BaseDir "/var/run/collectd"
+Include "/etc/collectd/conf.d/*.conf"
+PIDFile "/var/run/collectd.pid"
+PluginDir "/usr/lib/collectd"
+TypesDB "/usr/share/collectd/types.db"
+Interval 30
+ReadThreads 2
+
+LoadPlugin cpu
+
+ ValuesPercentage true
+ ReportByCpu true
+ ReportByState true
+
+
+LoadPlugin dns
+
+ Interface "br-lan"
+ IgnoreSource "127.0.0.1"
+
+
+LoadPlugin interface
+
+ IgnoreSelected false
+ Interface "br-lan"
+
+
+LoadPlugin irq
+
+ Irq "2"
+ Irq "3"
+ Irq "4"
+ Irq "7"
+
+
+LoadPlugin iwinfo
+
+LoadPlugin load
+
+LoadPlugin memory
+
+ ValuesPercentage false
+ ValuesAbsolute true
+
+
+LoadPlugin rrdtool
+
+ DataDir "/mnt/rrd"
+ RRARows 288
+ RRASingle true
+
+
+LoadPlugin sensors
+
+ Sensor "mt7615_phy0-isa-18000000/temperature-temp1"
+ Sensor "mt7915_phy1-pci-0100/temperature-temp1"
+
+
+LoadPlugin thermal
+
diff --git a/settings-configs/AX3200/dhcp b/settings-configs/AX3200/dhcp
new file mode 100644
index 0000000..4107235
--- /dev/null
+++ b/settings-configs/AX3200/dhcp
@@ -0,0 +1,45 @@
+
+config dnsmasq
+ option domainneeded '1'
+ option localise_queries '1'
+ option rebind_protection '1'
+ option rebind_localhost '1'
+ option local '/lan/'
+ option domain 'lan'
+ option expandhosts '1'
+ option cachesize '2500'
+ option authoritative '1'
+ option readethers '1'
+ option leasefile '/tmp/dhcp.leases'
+ option localservice '1'
+ option ednspacket_max '1232'
+ option doh_backup_noresolv '-1'
+ option noresolv '1'
+ list doh_backup_server '127.0.0.1#5053'
+ list doh_backup_server '127.0.0.1#5054'
+ list doh_backup_server '127.0.0.1#5055'
+ list server '127.0.0.1#5053'
+ list server '127.0.0.1#5054'
+ list server '127.0.0.1#5055'
+
+config dhcp 'lan'
+ option interface 'lan'
+ option start '100'
+ option limit '150'
+ option leasetime '12h'
+ option dhcpv4 'server'
+ option dhcpv6 'server'
+ option ra 'server'
+ option ra_slaac '1'
+ list ra_flags 'managed-config'
+ list ra_flags 'other-config'
+
+config odhcpd 'odhcpd'
+ option maindhcp '0'
+ option leasefile '/tmp/hosts/odhcpd'
+ option leasetrigger '/usr/sbin/odhcpd-update'
+ option loglevel '4'
+
+config dhcp 'wan'
+ option interface 'wan'
+ option ignore '1'
diff --git a/settings-configs/AX3200/firewall b/settings-configs/AX3200/firewall
new file mode 100644
index 0000000..6cf62c9
--- /dev/null
+++ b/settings-configs/AX3200/firewall
@@ -0,0 +1,143 @@
+
+config defaults
+ option input 'ACCEPT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+ option synflood_protect '1'
+ option flow_offloading '1'
+ option flow_offloading_hw '1'
+
+config zone 'lan'
+ option name 'lan'
+ option input 'ACCEPT'
+ option output 'ACCEPT'
+ option forward 'ACCEPT'
+ option network 'lan'
+
+config zone 'wan'
+ option name 'wan'
+ option input 'REJECT'
+ option output 'ACCEPT'
+ option forward 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+ list network 'wan'
+ list network 'wan6'
+
+config forwarding
+ option src 'lan'
+ option dest 'wan'
+
+config rule
+ option name 'Allow-DHCP-Renew'
+ option src 'wan'
+ option proto 'udp'
+ option dest_port '68'
+ option target 'ACCEPT'
+ option family 'ipv4'
+
+config rule
+ option name 'Allow-Ping'
+ option src 'wan'
+ option proto 'icmp'
+ option icmp_type 'echo-request'
+ option family 'ipv4'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-IGMP'
+ option src 'wan'
+ option proto 'igmp'
+ option family 'ipv4'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-DHCPv6'
+ option src 'wan'
+ option proto 'udp'
+ option dest_port '546'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-MLD'
+ option src 'wan'
+ option proto 'icmp'
+ option src_ip 'fe80::/10'
+ list icmp_type '130/0'
+ list icmp_type '131/0'
+ list icmp_type '132/0'
+ list icmp_type '143/0'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ICMPv6-Input'
+ option src 'wan'
+ option proto 'icmp'
+ list icmp_type 'echo-request'
+ list icmp_type 'echo-reply'
+ list icmp_type 'destination-unreachable'
+ list icmp_type 'packet-too-big'
+ list icmp_type 'time-exceeded'
+ list icmp_type 'bad-header'
+ list icmp_type 'unknown-header-type'
+ list icmp_type 'router-solicitation'
+ list icmp_type 'neighbour-solicitation'
+ list icmp_type 'router-advertisement'
+ list icmp_type 'neighbour-advertisement'
+ option limit '1000/sec'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ICMPv6-Forward'
+ option src 'wan'
+ option dest '*'
+ option proto 'icmp'
+ list icmp_type 'echo-request'
+ list icmp_type 'echo-reply'
+ list icmp_type 'destination-unreachable'
+ list icmp_type 'packet-too-big'
+ list icmp_type 'time-exceeded'
+ list icmp_type 'bad-header'
+ list icmp_type 'unknown-header-type'
+ option limit '1000/sec'
+ option family 'ipv6'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-IPSec-ESP'
+ option src 'wan'
+ option dest 'lan'
+ option proto 'esp'
+ option target 'ACCEPT'
+
+config rule
+ option name 'Allow-ISAKMP'
+ option src 'wan'
+ option dest 'lan'
+ option dest_port '500'
+ option proto 'udp'
+ option target 'ACCEPT'
+
+config redirect
+ option dest 'lan'
+ option target 'DNAT'
+ option name 'test'
+ option src 'wan'
+ option src_dport '3000'
+ option dest_ip '192.168.88.247'
+ option dest_port '3000'
+ option enabled '0'
+
+config redirect
+ option dest 'lan'
+ option target 'DNAT'
+ option name 'iperf3'
+ option src 'wan'
+ option src_dport '29418'
+ option dest_ip '192.168.88.100'
+ option dest_port '29418'
+ option enabled '0'
+
diff --git a/settings-configs/AX3200/https-dns-proxy b/settings-configs/AX3200/https-dns-proxy
index 5f5c49a..c9f286a 100644
--- a/settings-configs/AX3200/https-dns-proxy
+++ b/settings-configs/AX3200/https-dns-proxy
@@ -9,7 +9,7 @@ config main 'config'
config https-dns-proxy
option resolver_url 'https://cloudflare-dns.com/dns-query'
option listen_addr '127.0.0.1'
- option listen_port '5054'
+ option listen_port '5053'
option user 'nobody'
option group 'nogroup'
option bootstrap_dns '1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001'
@@ -17,7 +17,7 @@ config https-dns-proxy
config https-dns-proxy
option resolver_url 'https://dns.google/dns-query'
option listen_addr '127.0.0.1'
- option listen_port '5053'
+ option listen_port '5054'
option user 'nobody'
option group 'nogroup'
option bootstrap_dns '8.8.8.8,8.8.4.4,2001:4860:4860::8888,2001:4860:4860::8844'
diff --git a/settings-configs/AX3200/irqbalance b/settings-configs/AX3200/irqbalance
deleted file mode 100644
index 8b7be00..0000000
--- a/settings-configs/AX3200/irqbalance
+++ /dev/null
@@ -1,10 +0,0 @@
-config irqbalance 'irqbalance'
- option enabled '1'
-
- # The default value is 10 seconds
- #option interval '10'
-
- # List of IRQ's to ignore
- #list banirq '36'
- #list banirq '69'
-
diff --git a/settings-configs/AX3200/network b/settings-configs/AX3200/network
new file mode 100644
index 0000000..cd2a9dd
--- /dev/null
+++ b/settings-configs/AX3200/network
@@ -0,0 +1,49 @@
+
+config interface 'loopback'
+ option device 'lo'
+ option proto 'static'
+ option ipaddr '127.0.0.1'
+ option netmask '255.0.0.0'
+
+config globals 'globals'
+ option packet_steering '1'
+
+config device
+ option name 'br-lan'
+ option type 'bridge'
+ list ports 'lan1'
+ list ports 'lan2'
+ list ports 'lan3'
+ option igmp_snooping '1'
+ option stp '1'
+
+config interface 'lan'
+ option device 'br-lan'
+ option proto 'static'
+ option netmask '255.255.255.0'
+ option ip6assign '60'
+ option ipaddr '192.168.88.1'
+ option ipv6 '0'
+ option delegate '0'
+
+config device
+ option name 'wan'
+ option macaddr '5c:02:14:30:1e:5a'
+
+config interface 'wan'
+ option device 'wan'
+ option proto 'dhcp'
+ option peerdns '0'
+ list dns '1.1.1.1'
+ list dns '8.8.8.8'
+ list dns '9.9.9.9'
+ option ipv6 '0'
+
+config interface 'wan6'
+ option device 'wan'
+ option proto 'dhcpv6'
+ option reqaddress 'try'
+ option reqprefix 'auto'
+ option peerdns '0'
+ list dns '2606:4700:4700::1111'
+ list dns '2001:4860:4860::8888'
diff --git a/settings-configs/AX3200/sqm b/settings-configs/AX3200/sqm
index b480a97..53be8f7 100644
--- a/settings-configs/AX3200/sqm
+++ b/settings-configs/AX3200/sqm
@@ -1,13 +1,15 @@
+# https://www.waveform.com/tools/bufferbloat?test-id=992b05f5-5e29-494e-b39d-dfa12c67c157
+# With this settings, result is A+ in bufferbloat test with enabled SW+HW offload
config queue 'eth1'
option enabled '1'
option interface 'wan'
- option download '880000'
- option upload '880000'
- option qdisc 'cake'
+ option download '840000'
+ option upload '840000'
+ option qdisc 'fq_codel'
option script 'simplest_tbf.qos'
option linklayer 'ethernet'
- option debug_logging '1'
+ option debug_logging '0'
option verbosity '5'
option overhead '44'
option linklayer_advanced '1'
diff --git a/settings-configs/AX3200/wireless b/settings-configs/AX3200/wireless
index 90b2095..c8b862b 100644
--- a/settings-configs/AX3200/wireless
+++ b/settings-configs/AX3200/wireless
@@ -17,6 +17,11 @@ config wifi-iface 'default_radio0'
option ssid 'MyNetwork_2G'
option encryption 'psk2'
option key 'mypassword1234'
+ option wnm_sleep_mode '1'
+ option bss_transition '1'
+ option ieee80211k '1'
+ option macfilter 'deny'
+ list maclist '38:1f:8d:4c:6a:b5'
config wifi-device 'radio1'
option type 'mac80211'
@@ -25,7 +30,7 @@ config wifi-device 'radio1'
option band '5g'
option htmode 'HE160'
option country 'PL'
- option txpower '23'
+ option txpower '24'
option cell_density '0'
option log_level '1'
@@ -56,4 +61,6 @@ config wifi-iface 'wifinet3'
option network 'lan'
option bss_transition '1'
option disassoc_low_ack '0'
+ option wnm_sleep_mode '1'
+ option multicast_to_unicast '1'