Hey guys,
during the testing of my new WiFi7-Interface, I noticed some more “problems” with the WLanAP-page, so I wrote (or more created) a little patch. 
It does completely remove the need for “iwconfig” (only “iw” from now on).
It adds two more encryption options for wpa3 and wpa2+3, using GCMP-256 and WPA-PSK-SHA256/GCMP-256 respectively (if it works, depends on your modul, see “iw list” for supported encryption methods).
It adds two really useful options (exclude_dfs and background_radar) which save a lot of time when testing WiFi (since the frequencys 5600Mhz - 5650Mhz have 600 second cac_time by law). For now they are deactivated by default because the functions depend on the used modul and it’s not possible to switch them on and off within the WUI. Maybe sometime in the future I will add a checkbox. 
And it makes the page kind of “WiFi-7-ready”, including basic activating of 802.11ax and 802.11be.
For better compatibility I only added the standard-options (so only 80Mhz, no 80+80, 160, 320 or other special options).
From 802.11ax on there’s no “capabs” anymore, the options have to be handed over to the hostapd.conf line by line, so it will be a bit difficult to implement them in the template at whole.
Anyway, it’s a start, have fun with it!
Oh and I use the most recent hostapd 2.11, which was released about two weeks ago (https://w1.fi/). You may need to update to get full Wifi6-support (WiFi 7 is still experimental).
--- /srv/web/ipfire/cgi-bin/wlanap-original.cgi 2024-08-05 17:07:49.252130494 +0200
+++ /srv/web/ipfire/cgi-bin/wlanap-patched.cgi 2024-08-05 17:07:49.255130557 +0200
@@ -229,7 +229,7 @@
&Header::closepage();
exit;
}else{
- my $cmd_out = `/usr/sbin/iwconfig $INTF 2>/dev/null`;
+ my $cmd_out = `/usr/sbin/iw dev $INTF info 2>/dev/null`;
if ( $cmd_out eq '' ){
$message = "$Lang::tr{'wlanap no interface'}";
@@ -240,9 +240,11 @@
$wlan_card_status = 'down';
}else{
$wlan_card_status = 'up';
- $cmd_out = `/usr/sbin/iwconfig $INTF | /bin/grep "Mode:Master"`;
- if ( $cmd_out ne '' ){
+ $cmd_out = `/usr/local/bin/wlanapctrl status | /bin/grep "not"`;
+ if ( $cmd_out eq '' ){
$wlan_ap_status = 'up';
+ }else{
+ $wlan_ap_status = 'down';
}
}
}
@@ -416,6 +418,8 @@
<option value='an' $selected{'HW_MODE'}{'an'}>802.11an</option>
<option value='gn' $selected{'HW_MODE'}{'gn'}>802.11gn</option>
<option value='ac' $selected{'HW_MODE'}{'ac'}>802.11ac</option>
+ <option value='ax' $selected{'HW_MODE'}{'ax'}>802.11ax</option>
+ <option value='be' $selected{'HW_MODE'}{'be'}>802.11be</option>
</select>
</td></tr>
END
@@ -454,8 +458,10 @@
<option value='wpa1' $selected{'ENC'}{'wpa1'}>WPA1</option>
<option value='wpa2' $selected{'ENC'}{'wpa2'}>WPA2</option>
<option value='wpa3' $selected{'ENC'}{'wpa3'}>WPA3</option>
+ <option value='wpa3-strong' $selected{'ENC'}{'wpa3-strong'}>WPA3 (GCMP-256)</option>
<option value='wpa1+2' $selected{'ENC'}{'wpa1+2'}>WPA1+2</option>
<option value='wpa2+3' $selected{'ENC'}{'wpa2+3'}>WPA2+3</option>
+ <option value='wpa2+3-strong' $selected{'ENC'}{'wpa2+3-strong'}>WPA2+3 (WPA-PSK-SHA256 / GCMP-256)</option>
</select>
</td></tr>
<tr><td width='25%' class='base'>Passphrase: </td><td class='base' colspan='3'><input type='text' name='PWD' size='30' value='$wlanapsettings{'PWD'}' /></td></tr>
@@ -592,13 +598,18 @@
ieee80211d=1
ieee80211h=1
channel=$wlanapsettings{'CHANNEL'}
+### Two useful options, which save time, but functions depend on modul ###
+### Will create check-box eventually to activate manually ###
+#acs_exclude_dfs=1
+#enable_background_radar=1
END
;
+### hereinafter I changed the order of the in individual options to match up with the original hostapd.conf ###
if ( $wlanapsettings{'HW_MODE'} eq 'an' ){
print CONFIGFILE <<END
hw_mode=a
-ieee80211n=1
wmm_enabled=1
+ieee80211n=1
ht_capab=$wlanapsettings{'HTCAPS'}
END
;
@@ -606,8 +617,8 @@
}elsif ( $wlanapsettings{'HW_MODE'} eq 'gn' ){
print CONFIGFILE <<END
hw_mode=g
-ieee80211n=1
wmm_enabled=1
+ieee80211n=1
ht_capab=$wlanapsettings{'HTCAPS'}
END
;
@@ -615,12 +626,42 @@
}elsif ( $wlanapsettings{'HW_MODE'} eq 'ac' ){
print CONFIGFILE <<END
hw_mode=a
+wmm_enabled=1
+ieee80211n=1
+ht_capab=$wlanapsettings{'HTCAPS'}
ieee80211ac=1
+vht_capab=$wlanapsettings{'VHTCAPS'}
+vht_oper_chwidth=1
+END
+;
+
+ }elsif ( $wlanapsettings{'HW_MODE'} eq 'ax' ){
+ print CONFIGFILE <<END
+hw_mode=a
+wmm_enabled=1
ieee80211n=1
+ht_capab=$wlanapsettings{'HTCAPS'}
+ieee80211ac=1
+vht_capab=$wlanapsettings{'VHTCAPS'}
+vht_oper_chwidth=1
+ieee80211ax=1
+he_oper_chwidth=1
+END
+;
+
+ }elsif ( $wlanapsettings{'HW_MODE'} eq 'be' ){
+ print CONFIGFILE <<END
+hw_mode=a
wmm_enabled=1
+ieee80211n=1
ht_capab=$wlanapsettings{'HTCAPS'}
+ieee80211ac=1
vht_capab=$wlanapsettings{'VHTCAPS'}
vht_oper_chwidth=1
+ieee80211ax=1
+he_oper_chwidth=1
+ieee80211be=1
+eht_oper_chwidth=1
END
;
@@ -692,6 +733,8 @@
if ( $wlanapsettings{'ENC'} eq 'wpa1'){
print CONFIGFILE <<END
+### Added "wpa3-strong" and "wpa2+3-strong", that contain better encryption ###
+### Will create drop-down-field eventually to choose manually ###
######################### wpa hostapd configuration ############################
#
wpa=1
@@ -720,6 +763,16 @@
rsn_pairwise=CCMP
END
;
+ }elsif ( $wlanapsettings{'ENC'} eq 'wpa3-strong'){
+ print CONFIGFILE <<END
+######################### wpa hostapd configuration ############################
+#
+wpa=2
+wpa_passphrase=$wlanapsettings{'PWD'}
+wpa_key_mgmt=SAE
+rsn_pairwise=GCMP-256
+END
+;
} elsif ( $wlanapsettings{'ENC'} eq 'wpa1+2'){
print CONFIGFILE <<END
######################### wpa hostapd configuration ############################
@@ -740,6 +793,16 @@
wpa_key_mgmt=WPA-PSK SAE
rsn_pairwise=CCMP
END
+;;
+ }elsif ( $wlanapsettings{'ENC'} eq 'wpa2+3-strong'){
+ print CONFIGFILE <<END
+######################### wpa hostapd configuration ############################
+#
+wpa=2
+wpa_passphrase=$wlanapsettings{'PWD'}
+wpa_key_mgmt=WPA-PSK-SHA256 SAE
+rsn_pairwise=GCMP-256
+END
;
}
close CONFIGFILE;