diff --git a/package/kernel/mac80211/Makefile b/package/kernel/mac80211/Makefile
index a7472ee779..f06c889b0a 100644
--- a/package/kernel/mac80211/Makefile
+++ b/package/kernel/mac80211/Makefile
@@ -20,6 +20,7 @@ PKG_SOURCE:=backports-$(PKG_VERSION).tar.xz
 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/backports-$(PKG_VERSION)
 PKG_BUILD_PARALLEL:=1
 
+SOURCE_PATH:=./src
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 
 PKG_DRIVERS = \
@@ -72,6 +73,10 @@ config-y:= \
 	WLAN_VENDOR_ST \
 	WLAN_VENDOR_TI \
 	WLAN_VENDOR_ZYDAS \
+	MAC80211_DEBUG_MENU \
+	MAC80211_MLME_DEBUG \
+	MAC80211_STA_DEBUG \
+	MAC80211_HT_DEBUG \
 
 config-$(call config_package,cfg80211) += CFG80211
 config-$(CONFIG_PACKAGE_CFG80211_TESTMODE) += NL80211_TESTMODE
@@ -297,6 +302,8 @@ define Build/Prepare
 	mkdir -p $(PKG_BUILD_DIR)
 	$(PKG_UNPACK)
 	$(Build/Patch)
+	$(CP) $(SOURCE_PATH)/net $(PKG_BUILD_DIR) 2>/dev/null || :
+	$(CP) $(SOURCE_PATH)/include $(PKG_BUILD_DIR) 2>/dev/null || :
 	rm -rf \
 		$(PKG_BUILD_DIR)/include/linux/ssb \
 		$(PKG_BUILD_DIR)/include/linux/bcma \
diff --git a/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh b/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
index 5aaba9af26..e6e9e540e4 100644
--- a/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
+++ b/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
@@ -27,6 +27,7 @@ drv_mac80211_init_device_config() {
 
 	config_add_string path phy 'macaddr:macaddr'
 	config_add_string tx_burst
+	config_add_int mbssid mu_onoff sr_enable sr_enhanced rnr
 	config_add_string distance
 	config_add_int beacon_int chanbw frag rts
 	config_add_int rxantenna txantenna antenna_gain txpower min_tx_power
@@ -53,7 +54,10 @@ drv_mac80211_init_device_config() {
 		he_spr_sr_control \
 		he_spr_psr_enabled \
 		he_bss_color_enabled \
-		he_twt_required
+		he_twt_required \
+		he_twt_responder \
+		etxbfen \
+		itxbfen
 	config_add_int \
 		beamformer_antennas \
 		beamformee_antennas \
@@ -140,13 +144,11 @@ mac80211_hostapd_setup_base() {
 	[ -n "$acs_exclude_dfs" ] && [ "$acs_exclude_dfs" -gt 0 ] &&
 		append base_cfg "acs_exclude_dfs=1" "$N"
 
-	json_get_vars noscan ht_coex min_tx_power:0 tx_burst
+	json_get_vars noscan ht_coex min_tx_power:0 tx_burst mbssid mu_onoff rnr
+	json_get_vars etxbfen:1 itxbfen:0
 	json_get_values ht_capab_list ht_capab
 	json_get_values channel_list channels
 
-	[ "$auto_channel" = 0 ] && [ -z "$channel_list" ] && \
-		channel_list="$channel"
-
 	[ "$min_tx_power" -gt 0 ] && append base_cfg "min_tx_power=$min_tx_power"
 
 	set_default noscan 0
@@ -160,8 +162,8 @@ mac80211_hostapd_setup_base() {
 	ieee80211n=1
 	ht_capab=
 	case "$htmode" in
-		VHT20|HT20|HE20) ;;
-		HT40*|VHT40|VHT80|VHT160|HE40|HE80|HE160)
+		VHT20|HT20|HE20|EHT20) ;;
+		HT40*|VHT40|VHT80|VHT160|HE40*|HE80|HE160|EHT40*|EHT80|EHT160|EHT320*)
 			case "$hwmode" in
 				a)
 					case "$(( (($channel / 4) + $chan_ofs) % 2 ))" in
@@ -171,8 +173,22 @@ mac80211_hostapd_setup_base() {
 				;;
 				*)
 					case "$htmode" in
-						HT40+) ht_capab="[HT40+]";;
-						HT40-) ht_capab="[HT40-]";;
+						HT40+|HE40+|EHT40+)
+							if [ "$channel" -gt 9 ]; then
+								echo "Could not set the center freq with this HT mode setting"
+								return 1
+							else
+								ht_capab="[HT40+]"
+							fi
+						;;
+						HT40-|HE40-|EHT40-)
+							if [ "$channel" -lt 5 ]; then
+								echo "Could not set the center freq with this HT mode setting"
+								return 1
+							else
+								ht_capab="[HT40-]"
+							fi
+						;;
 						*)
 							if [ "$channel" -lt 7 ]; then
 								ht_capab="[HT40+]"
@@ -205,7 +221,7 @@ mac80211_hostapd_setup_base() {
 			dsss_cck_40:1
 
 		ht_cap_mask=0
-		for cap in $(iw phy "$phy" info | grep 'Capabilities:' | cut -d: -f2); do
+		for cap in $(iw phy "$phy" info | grep 'Capabilities: 0x' | cut -d: -f2); do
 			ht_cap_mask="$(($ht_cap_mask | $cap))"
 		done
 
@@ -236,8 +252,8 @@ mac80211_hostapd_setup_base() {
 
 	idx="$channel"
 	case "$htmode" in
-		VHT20|HE20) enable_ac=1;;
-		VHT40|HE40)
+		VHT20|HE20|EHT20) enable_ac=1;;
+		VHT40|HE40|EHT40)
 			case "$(( (($channel / 4) + $chan_ofs) % 2 ))" in
 				1) idx=$(($channel + 2));;
 				0) idx=$(($channel - 2));;
@@ -245,7 +261,7 @@ mac80211_hostapd_setup_base() {
 			enable_ac=1
 			vht_center_seg0=$idx
 		;;
-		VHT80|HE80)
+		VHT80|HE80|EHT80)
 			case "$(( (($channel / 4) + $chan_ofs) % 4 ))" in
 				1) idx=$(($channel + 6));;
 				2) idx=$(($channel + 2));;
@@ -256,7 +272,7 @@ mac80211_hostapd_setup_base() {
 			vht_oper_chwidth=1
 			vht_center_seg0=$idx
 		;;
-		VHT160|HE160)
+		VHT160|HE160|EHT160)
 			if [ "$band" = "6g" ]; then
 				case "$channel" in
 					1|5|9|13|17|21|25|29) idx=15;;
@@ -271,12 +287,43 @@ mac80211_hostapd_setup_base() {
 				case "$channel" in
 					36|40|44|48|52|56|60|64) idx=50;;
 					100|104|108|112|116|120|124|128) idx=114;;
+					149|153|157|161|165|169|173|177) idx=163;;
 				esac
 			fi
 			enable_ac=1
 			vht_oper_chwidth=2
 			vht_center_seg0=$idx
 		;;
+		EHT320*)
+			case "$channel" in
+				1|5|9|13|17|21|25|29) idx=31;;
+				33|37|41|45|49|53|57|61| \
+				65|69|73|77|81|85|89|93) idx=63;;
+				97|101|105|109|113|117|121|125| \
+				129|133|137|141|145|149|153|157) idx=127;;
+				161|165|169|173|177|181|185|189| \
+				193|197|201|205|209|213|217|221) idx=191;;
+			esac
+			if [[ "$htmode" = "EHT320-1" && "$channel" -ge "193" ]] ||
+			   [[ "$htmode" = "EHT320-2" && "$channel" -le "29" ]]; then
+				echo "Could not set the center freq with this EHT setting"
+				return 1
+			elif [[ "$htmode" = "EHT320-1" && "$channel" -ge "33" ]]; then
+				if [ "$channel" -gt $idx ]; then
+					idx=$(($idx + 32))
+				else
+					idx=$(($idx - 32))
+				fi
+			fi
+			vht_oper_chwidth=2
+			if [ "$channel" -gt $idx ]; then
+				vht_center_seg0=$(($idx + 16))
+			else
+				vht_center_seg0=$(($idx - 16))
+			fi
+			eht_oper_chwidth=9
+			eht_oper_centr_freq_seg0_idx=$idx
+		;;
 	esac
 	[ "$band" = "5g" ] && {
 		json_get_vars background_radar:0
@@ -286,8 +333,9 @@ mac80211_hostapd_setup_base() {
 	[ "$band" = "6g" ] && {
 		op_class=
 		case "$htmode" in
-			HE20) op_class=131;;
-			HE*) op_class=$((132 + $vht_oper_chwidth))
+			HE20|EHT20) op_class=131;;
+			EHT320*) op_class=137;;
+			HE*|EHT*) op_class=$((132 + $vht_oper_chwidth))
 		esac
 		[ -n "$op_class" ] && append base_cfg "op_class=$op_class" "$N"
 	}
@@ -315,7 +363,6 @@ mac80211_hostapd_setup_base() {
 			vht_link_adapt:3 \
 			vht160:2
 
-		set_default tx_burst 2.0
 		append base_cfg "ieee80211ac=1" "$N"
 		vht_cap=0
 		for cap in $(iw phy "$phy" info | awk -F "[()]" '/VHT Capabilities/ { print $2 }'); do
@@ -329,6 +376,12 @@ mac80211_hostapd_setup_base() {
 		[ "$rx_stbc" -lt "$cap_rx_stbc" ] && cap_rx_stbc="$rx_stbc"
 		vht_cap="$(( ($vht_cap & ~(0x700)) | ($cap_rx_stbc << 8) ))"
 
+		[ "$etxbfen" -eq 0 ] && {
+			su_beamformer=0
+			su_beamformee=0
+			mu_beamformer=0
+		}
+
 		mac80211_add_capabilities vht_capab $vht_cap \
 			RXLDPC:0x10::$rxldpc \
 			SHORT-GI-80:0x20::$short_gi_80 \
@@ -410,7 +463,7 @@ mac80211_hostapd_setup_base() {
 	# 802.11ax
 	enable_ax=0
 	case "$htmode" in
-		HE*) enable_ax=1 ;;
+		HE*|EHT*) enable_ax=1 ;;
 	esac
 
 	if [ "$enable_ax" != "0" ]; then
@@ -419,10 +472,11 @@ mac80211_hostapd_setup_base() {
 			he_su_beamformee:1 \
 			he_mu_beamformer:1 \
 			he_twt_required:0 \
+			he_twt_responder \
 			he_spr_sr_control:3 \
 			he_spr_psr_enabled:0 \
 			he_spr_non_srg_obss_pd_max_offset:0 \
-			he_bss_color:128 \
+			he_bss_color \
 			he_bss_color_enabled:1
 
 		he_phy_cap=$(iw phy "$phy" info | sed -n '/HE Iftypes: AP/,$p' | awk -F "[()]" '/HE PHY Capabilities/ { print $2 }' | head -1)
@@ -436,6 +490,11 @@ mac80211_hostapd_setup_base() {
 			append base_cfg "he_oper_centr_freq_seg0_idx=$vht_center_seg0" "$N"
 		}
 
+		[ "$etxbfen" -eq 0 ] && {
+			he_su_beamformer=0
+			he_mu_beamformer=0
+		}
+
 		mac80211_add_he_capabilities \
 			he_su_beamformer:${he_phy_cap:6:2}:0x80:$he_su_beamformer \
 			he_su_beamformee:${he_phy_cap:8:2}:0x1:$he_su_beamformee \
@@ -443,7 +502,14 @@ mac80211_hostapd_setup_base() {
 			he_spr_psr_enabled:${he_phy_cap:14:2}:0x1:$he_spr_psr_enabled \
 			he_twt_required:${he_mac_cap:0:2}:0x6:$he_twt_required
 
+		if [ -n "$he_twt_responder" ]; then
+			append base_cfg "he_twt_responder=$he_twt_responder" "$N"
+		fi
 		if [ "$he_bss_color_enabled" -gt 0 ]; then
+			if !([ "$he_bss_color" -gt 0 ] && [ "$he_bss_color" -le 64 ]); then
+				rand=$(head -n 1 /dev/urandom | tr -dc 0-9 | head -c 2)
+				he_bss_color=$((rand % 63 + 1))
+			fi
 			append base_cfg "he_bss_color=$he_bss_color" "$N"
 			[ "$he_spr_non_srg_obss_pd_max_offset" -gt 0 ] && { \
 				append base_cfg "he_spr_non_srg_obss_pd_max_offset=$he_spr_non_srg_obss_pd_max_offset" "$N"
@@ -484,12 +550,47 @@ mac80211_hostapd_setup_base() {
 		append base_cfg "he_mu_edca_ac_vo_timer=255" "$N"
 	fi
 
+	set_default tx_burst 2
+
+	# 802.11be
+	enable_be=0
+	case "$htmode" in
+		EHT*) enable_be=1 ;;
+	esac
+
+	if [ "$enable_be" != "0" ]; then
+		append base_cfg "ieee80211be=1" "$N"
+		if [ "$etxbfen" -eq 0 ]; then
+			append base_cfg "eht_su_beamformee=1" "$N"
+		else
+			append base_cfg "eht_su_beamformer=1" "$N"
+			append base_cfg "eht_su_beamformee=1" "$N"
+			append base_cfg "eht_mu_beamformer=1" "$N"
+		fi
+		[ "$hwmode" = "a" ] && {
+			case $htmode in
+				EHT320*)
+					append base_cfg "eht_oper_chwidth=$eht_oper_chwidth" "$N"
+					append base_cfg "eht_oper_centr_freq_seg0_idx=$eht_oper_centr_freq_seg0_idx" "$N"
+				;;
+				*)
+					append base_cfg "eht_oper_chwidth=$vht_oper_chwidth" "$N"
+					append base_cfg "eht_oper_centr_freq_seg0_idx=$vht_center_seg0" "$N"
+				;;
+			esac
+		}
+	fi
+
 	hostapd_prepare_device_config "$hostapd_conf_file" nl80211
 	cat >> "$hostapd_conf_file" <<EOF
 ${channel:+channel=$channel}
 ${channel_list:+chanlist=$channel_list}
 ${hostapd_noscan:+noscan=1}
 ${tx_burst:+tx_queue_data2_burst=$tx_burst}
+${mbssid:+mbssid=$mbssid}
+${mu_onoff:+mu_onoff=$mu_onoff}
+${itxbfen:+ibf_enable=$itxbfen}
+${rnr:+rnr=$rnr}
 $base_cfg
 
 EOF
@@ -517,7 +618,7 @@ mac80211_hostapd_setup_bss() {
 		append hostapd_cfg "wds_sta=1" "$N"
 		[ -n "$wds_bridge" ] && append hostapd_cfg "wds_bridge=$wds_bridge" "$N"
 	}
-	[ "$staidx" -gt 0 -o "$start_disabled" -eq 1 ] && append hostapd_cfg "start_disabled=1" "$N"
+	[ "$start_disabled" -eq 1 ] && append hostapd_cfg "start_disabled=1" "$N"
 
 	cat >> /var/run/hostapd-$phy.conf <<EOF
 $hostapd_cfg
@@ -527,6 +628,31 @@ ${max_listen_int:+max_listen_interval=$max_listen_int}
 EOF
 }
 
+mac80211_generate_mbssid_mac() {
+	local phy="$1"
+	local transmitted_bssid="$2"
+	local id="${mbssidx:-0}"
+
+	local ref="$(cat /sys/class/ieee80211/${phy}/macaddress)"
+
+	if [ -z "$transmitted_bssid" ]; then
+		transmitted_bssid=$ref
+	fi
+
+	if [ $id -eq 0 ]; then
+		echo "$transmitted_bssid"
+		return
+	fi
+
+	local oIFS="$IFS"; IFS=":"; set -- $transmitted_bssid; IFS="$oIFS"
+
+	# Calculate nontransmitted bssid
+	b6="0x$6"
+	ref_b6=$(($b6 % $max_mbssid))
+	b6=$(($b6 - $ref_b6 + ($ref_b6 + $id) % $max_mbssid))
+	printf "%s:%s:%s:%s:%s:%02x" $1 $2 $3 $4 $5 $b6
+}
+
 mac80211_get_addr() {
 	local phy="$1"
 	local idx="$(($2 + 1))"
@@ -757,7 +883,19 @@ mac80211_prepare_vif() {
 
 	json_select ..
 
-	if [ -z "$macaddr" ]; then
+	if [ "$mbssid" -gt 0 ] && [ "$mode" == "ap" ]; then
+		[ "$mbssidx" -eq 0 ] && {
+			if [ -z $macaddr ]; then
+				transmitted_bssid="$(mac80211_generate_mac $phy)"
+			else
+				# uci set mac address
+				transmitted_bssid=$macaddr
+			fi
+			macidx="$(($macidx + 1))"
+		}
+		macaddr="$(mac80211_generate_mbssid_mac $phy $transmitted_bssid)"
+		mbssidx="$(($mbssidx + 1))"
+	elif [ -z "$macaddr" ]; then
 		macaddr="$(mac80211_generate_mac $phy)"
 		macidx="$(($macidx + 1))"
 	elif [ "$macaddr" = 'random' ]; then
@@ -1058,6 +1196,9 @@ mac80211_setup_vif() {
 
 	json_select ..
 	[ -n "$failed" ] || wireless_add_vif "$name" "$ifname"
+
+	echo "Setup SMP Affinity"
+	/sbin/smp-mt76.sh
 }
 
 get_freq() {
@@ -1122,6 +1263,10 @@ drv_mac80211_cleanup() {
 	hostapd_common_cleanup
 }
 
+mac80211_count_ap() {
+	total_num_ap=$(($total_num_ap + 1))
+}
+
 drv_mac80211_setup() {
 	json_select config
 	json_get_vars \
@@ -1129,7 +1274,8 @@ drv_mac80211_setup() {
 		country chanbw distance \
 		txpower antenna_gain \
 		rxantenna txantenna \
-		frag rts beacon_int:100 htmode
+		frag rts beacon_int:100 htmode \
+		sr_enable sr_enhanced
 	json_get_values basic_rate_list basic_rate
 	json_get_values scan_list scan_list
 	json_select ..
@@ -1180,6 +1326,7 @@ drv_mac80211_setup() {
 	no_ap=1
 	macidx=0
 	staidx=0
+	mbssidx=0
 
 	[ -n "$chanbw" ] && {
 		for file in /sys/kernel/debug/ieee80211/$phy/ath9k*/chanbw /sys/kernel/debug/ieee80211/$phy/ath5k/bwmode; do
@@ -1219,6 +1366,16 @@ drv_mac80211_setup() {
 	for_each_interface "sta adhoc mesh" mac80211_set_noscan
 	[ -n "$has_ap" ] && mac80211_hostapd_setup_base "$phy"
 
+	total_num_ap=0
+	max_mbssid=1
+	for_each_interface "ap" mac80211_count_ap
+	total_num_ap=$(($total_num_ap - 1))
+	while [ $total_num_ap -gt 0 ]
+	do
+		total_num_ap=$(($total_num_ap >> 1))
+		max_mbssid=$(($max_mbssid << 1))
+	done
+
 	mac80211_prepare_iw_htmode
 	for_each_interface "sta adhoc mesh monitor" mac80211_prepare_vif
 	NEWAPLIST=
@@ -1251,6 +1408,14 @@ drv_mac80211_setup() {
 		if [ "$no_reload" != "0" ]; then
 			add_ap=1
 			ubus wait_for hostapd
+
+			# each phy sleeps different times to prevent for ubus race condition.
+			if [ "$phy" = "phy1" ]; then
+				sleep 1;
+			elif [ "$phy" = "phy2" ]; then
+				sleep 2;
+			fi
+
 			local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")"
 			ret="$?"
 			[ "$ret" != 0 -o -z "$hostapd_res" ] && {
@@ -1266,6 +1431,9 @@ drv_mac80211_setup() {
 	[ "${add_ap}" = 1 ] && sleep 1
 	for_each_interface "ap" mac80211_setup_vif
 
+	[ -n "$sr_enable" ] && echo "$sr_enable" > /sys/kernel/debug/ieee80211/$phy/mt76/sr_enable
+	[ -n "$sr_enhanced" ] && echo "$sr_enhanced" > /sys/kernel/debug/ieee80211/$phy/mt76/sr_enhanced_enable
+
 	NEWSPLIST=
 	NEWUMLIST=
 
diff --git a/package/kernel/mac80211/files/lib/wifi/mac80211.sh b/package/kernel/mac80211/files/lib/wifi/mac80211.sh
index e24a2a634e..20e60688ea 100644
--- a/package/kernel/mac80211/files/lib/wifi/mac80211.sh
+++ b/package/kernel/mac80211/files/lib/wifi/mac80211.sh
@@ -60,6 +60,9 @@ BEGIN {
 		if (vht && band != "1:") mode="VHT80"
 		if (he) mode="HE80"
 		if (he && band == "1:") mode="HE20"
+		if (eht && band == "2:") mode="EHT160"
+		if (eht && band == "4:") mode="EHT320"
+		if (eht && band == "1:") mode="EHT20"
                 sub("\\[", "", channel)
                 sub("\\]", "", channel)
                 bands = bands band channel ":" mode " "
@@ -73,6 +76,7 @@ $1 == "Band" {
 	vht = ""
 	ht = ""
 	he = ""
+	eht = ""
 }
 
 $0 ~ "Capabilities:" {
@@ -87,6 +91,18 @@ $0 ~ "HE Iftypes" {
 	he=1
 }
 
+$0 ~ "EHT Iftypes" {
+	eht=1
+}
+
+$0 ~ / *HE MAC Capabilities \(0x000000000000\)/ {
+	he=0
+}
+
+$0 ~ / *EHT MAC Capabilities \(0x0000\)/ {
+	eht=0
+}
+
 $1 == "*" && $3 == "MHz" && $0 !~ /disabled/ && band && !channel {
         channel = $4
 }
@@ -120,6 +136,19 @@ get_band_defaults() {
 		mode_band="$band"
 		channel="$chan"
 		htmode="$mode"
+		if [ "$band" = "6g" ]
+		then
+			encryption=sae
+			key=12345678
+			sae_pwe=2
+			ieee80211w=2
+			channel=37
+			mbssid=1
+		else
+			noscan=1
+			encryption=none
+			rnr=1
+		fi
 	done
 }
 
@@ -153,6 +182,10 @@ detect_mac80211() {
 
 	json_load_file /etc/board.json
 
+	# generate random bytes for macaddr
+	rand=$(hexdump -C /dev/urandom | head -n 1 &)
+	killall hexdump
+
 	for _dev in /sys/class/ieee80211/*; do
 		[ -e "$_dev" ] || continue
 
@@ -162,6 +195,13 @@ detect_mac80211() {
 		channel=""
 		htmode=""
 		ht_capab=""
+		encryption=""
+		noscan=""
+		key=""
+		sae_pwe=""
+		ieee80211w=""
+		mbssid=""
+		rnr=""
 
 		get_band_defaults "$dev"
 
@@ -196,6 +236,14 @@ detect_mac80211() {
 				;;
 		esac
 
+		macaddr=""
+		if (dmesg | grep -q "eeprom load fail"); then
+			for i in $(seq 2 3); do
+				macaddr=${macaddr}:$(echo $rand | cut -d ' ' -f $i)
+			done
+			macaddr="00:0$(($devidx - 1)):55:66${macaddr}"
+		fi
+
 		uci -q batch <<-EOF
 			set wireless.${name}=wifi-device
 			set wireless.${name}.type=mac80211
@@ -203,15 +251,40 @@ detect_mac80211() {
 			set wireless.${name}.channel=${channel}
 			set wireless.${name}.band=${mode_band}
 			set wireless.${name}.htmode=$htmode
-			set wireless.${name}.disabled=1
+			set wireless.${name}.country='US'
+			set wireless.${name}.noscan=${noscan}
+			set wireless.${name}.disabled=0
+EOF
+		[ -n "$mbssid" ] && {
+			uci -q set wireless.${name}.mbssid=${mbssid}
+		}
+		[ -n "$rnr" ] && {
+			uci -q set wireless.${name}.rnr=${rnr}
+		}
 
+		uci -q batch <<-EOF
 			set wireless.default_${name}=wifi-iface
 			set wireless.default_${name}.device=${name}
 			set wireless.default_${name}.network=lan
 			set wireless.default_${name}.mode=ap
-			set wireless.default_${name}.ssid=OpenWrt
-			set wireless.default_${name}.encryption=none
+			set wireless.default_${name}.ssid=OpenWrt-${mode_band}
+			set wireless.default_${name}.encryption=${encryption}
 EOF
+
+		# calibrated board will use eeprom macaddress, not ramdom address
+		[ -n "$macaddr" ] && {
+			uci -q set wireless.default_${name}.macaddr=${macaddr}
+		}
+
+		[ -n "$key" ] && {
+			uci -q set wireless.default_${name}.key=${key}
+		}
+		[ -n "$sae_pwe" ] && {
+			uci -q set wireless.default_${name}.sae_pwe=${sae_pwe}
+		}
+		[ -n "$ieee80211w" ] && {
+			uci -q set wireless.default_${name}.ieee80211w=${ieee80211w}
+		}
 		uci -q commit wireless
 	done
 }
diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
index bf3625c92d..d98ff0e9c0 100644
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -60,7 +60,14 @@ hostapd_append_wpa_key_mgmt() {
 			[ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-EAP-SHA256"
 		;;
 		sae)
-			append wpa_key_mgmt "SAE"
+			case "$encryption" in
+			*sae-ext*)
+				append wpa_key_mgmt "SAE-EXT-KEY"
+			;;
+			*)
+				append wpa_key_mgmt "SAE"
+			;;
+			esac
 			[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-SAE"
 		;;
 		psk-sae)
@@ -115,6 +122,7 @@ hostapd_common_add_device_config() {
 	config_add_int rts_threshold
 	config_add_int rssi_reject_assoc_rssi
 	config_add_int rssi_ignore_probe_request
+	config_add_int rssi_reject_assoc_timeout
 	config_add_int maxassoc
 
 	config_add_string acs_chan_bias
@@ -227,8 +235,10 @@ hostapd_prepare_device_config() {
 		hostapd_add_rate brlist "$br"
 	done
 
+	json_get_vars rssi_reject_assoc_timeout
 	[ -n "$rssi_reject_assoc_rssi" ] && append base_cfg "rssi_reject_assoc_rssi=$rssi_reject_assoc_rssi" "$N"
 	[ -n "$rssi_ignore_probe_request" ] && append base_cfg "rssi_ignore_probe_request=$rssi_ignore_probe_request" "$N"
+	[ -n "$rssi_reject_assoc_timeout" ] && append base_cfg "rssi_reject_assoc_timeout=$rssi_reject_assoc_timeout" "$N"
 	[ -n "$beacon_rate" ] && append base_cfg "beacon_rate=$beacon_rate" "$N"
 	[ -n "$rlist" ] && append base_cfg "supported_rates=$rlist" "$N"
 	[ -n "$brlist" ] && append base_cfg "basic_rates=$brlist" "$N"
@@ -379,6 +389,24 @@ hostapd_common_add_bss_config() {
 	config_add_string fils_dhcp
 
 	config_add_int ocv
+
+	config_add_int disable_eht
+	config_add_int disable_he
+	config_add_int disable_vht
+	config_add_int disable_ht
+
+	config_add_boolean beacon_prot interworking
+
+	config_add_int unsol_bcast_probe_resp_interval
+	config_add_int fils_discovery_min_interval
+	config_add_int fils_discovery_max_interval
+	config_add_boolean rnr
+
+	config_add_array sae_groups
+	config_add_array owe_groups
+	config_add_array pairwise
+	config_add_string group_cipher
+
 }
 
 hostapd_set_vlan_file() {
@@ -443,11 +471,11 @@ append_iw_nai_realm() {
 }
 
 append_iw_venue_name() {
-	append bss_conf "venue_name=$1" "$N"
+	[ -n "$1" ] && append bss_conf "venue_name=$1" "$N"
 }
 
 append_iw_venue_url() {
-	append bss_conf "venue_url=$1" "$N"
+	[ -n "$1" ] && append bss_conf "venue_url=$1" "$N"
 }
 
 append_hs20_oper_friendly_name() {
@@ -565,7 +593,8 @@ hostapd_set_bss_options() {
 		ppsk airtime_bss_weight airtime_bss_limit airtime_sta_weight \
 		multicast_to_unicast_all proxy_arp per_sta_vif \
 		eap_server eap_user_file ca_cert server_cert private_key private_key_passwd server_id \
-		vendor_elements fils ocv
+		vendor_elements fils ocv unsol_bcast_probe_resp_interval fils_discovery_min_interval \
+		fils_discovery_max_interval rnr group_cipher
 
 	set_default fils 0
 	set_default isolate 0
@@ -793,6 +822,35 @@ hostapd_set_bss_options() {
 	local auth_algs="$((($auth_mode_shared << 1) | $auth_mode_open))"
 	append bss_conf "auth_algs=${auth_algs:-1}" "$N"
 	append bss_conf "wpa=$wpa" "$N"
+
+	json_get_values pairwise pairwise
+	if [ -n "$pairwise" ]; then
+		case "$pairwise" in
+			*tkip+aes|*tkip+ccmp|*aes+tkip|*ccmp+tkip)
+				wpa_cipher="CCMP TKIP"
+			;;
+			*ccmp256)
+				wpa_cipher="CCMP-256"
+			;;
+			*aes|*ccmp)
+				wpa_cipher="CCMP"
+			;;
+			*tkip)
+				wpa_cipher="TKIP"
+			;;
+			*gcmp256)
+				wpa_cipher="GCMP-256"
+			;;
+			*gcmp)
+				wpa_cipher="GCMP"
+			;;
+			*)
+				wpa_cipher=""
+			;;
+		esac
+	fi
+	[ -n "$wpa_cipher" ] && wpa_pairwise="$wpa_cipher"
+
 	[ -n "$wpa_pairwise" ] && append bss_conf "wpa_pairwise=$wpa_pairwise" "$N"
 
 	set_default wps_pushbutton 0
@@ -844,7 +902,7 @@ hostapd_set_bss_options() {
 	}
 
 	append bss_conf "ssid=$ssid" "$N"
-	[ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge${N}wds_bridge=" "$N"
+	[ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge${N}wds_bridge=$network_bridge" "$N"
 	[ -n "$network_ifname" ] && append bss_conf "snoop_iface=$network_ifname" "$N"
 	[ -n "$iapp_interface" ] && {
 		local ifname
@@ -957,6 +1015,8 @@ hostapd_set_bss_options() {
 	fi
 
 	if [ "$wpa" -ge "2" ]; then
+		json_get_values sae_groups sae_groups
+		json_get_values owe_groups owe_groups
 		if [ -n "$network_bridge" -a "$rsn_preauth" = 1 ]; then
 			set_default auth_cache 1
 			append bss_conf "rsn_preauth=1" "$N"
@@ -975,17 +1035,42 @@ hostapd_set_bss_options() {
 		append bss_conf "okc=$auth_cache" "$N"
 		[ "$auth_cache" = 0 -a "$fils" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
 
+		[ -z "$group_cipher" ] && group_cipher="$wpa_cipher"
+
+		if [ -n "$sae_groups" -o -n "$owe_groups" ]; then
+			case "$auth_type" in
+			sae*)
+				append bss_conf "sae_groups=$sae_groups" "$N"
+				append bss_conf "group_cipher=$group_cipher" "$N"
+			;;
+			owe)
+				append bss_conf "owe_groups=$owe_groups" "$N"
+				append bss_conf "group_cipher=$group_cipher" "$N"
+			;;
+			esac
+		fi
+
 		# RSN -> allow management frame protection
 		case "$ieee80211w" in
 			[012])
-				json_get_vars ieee80211w_mgmt_cipher ieee80211w_max_timeout ieee80211w_retry_timeout
+				json_get_vars ieee80211w_mgmt_cipher ieee80211w_max_timeout ieee80211w_retry_timeout beacon_prot
 				append bss_conf "ieee80211w=$ieee80211w" "$N"
 				[ "$ieee80211w" -gt "0" ] && {
+					case "$group_cipher" in
+					CCMP*)
+						ieee80211w_mgmt_cipher="AES-128-CMAC"
+					;;
+					GCMP-256)
+						[[ "$encryption" != "*owe*" ]] && ieee80211w_mgmt_cipher="BIP-GMAC-256"
+					;;
+					esac
 					if [ "$auth_type" = "eap192" ]; then
 						append bss_conf "group_mgmt_cipher=BIP-GMAC-256" "$N"
 					else
 						append bss_conf "group_mgmt_cipher=${ieee80211w_mgmt_cipher:-AES-128-CMAC}" "$N"
 					fi
+					[ -n "$beacon_prot" ] && \
+						append bss_conf "beacon_prot=$beacon_prot" "$N"
 					[ -n "$ieee80211w_max_timeout" ] && \
 						append bss_conf "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N"
 					[ -n "$ieee80211w_retry_timeout" ] && \
@@ -1050,9 +1135,10 @@ hostapd_set_bss_options() {
 	json_get_vars iw_roaming_consortium iw_domain_name iw_anqp_3gpp_cell_net iw_nai_realm
 	json_get_vars iw_anqp_elem iw_qos_map_set iw_ipaddr_type_availability iw_gas_address3
 	json_get_vars iw_venue_name iw_venue_url
+	json_get_vars interworking
 
 	set_default iw_enabled 0
-	if [ "$iw_enabled" = "1" ]; then
+	if [ "$iw_enabled" = "1" ] || [ "$interworking" = "1" ]; then
 		append bss_conf "interworking=1" "$N"
 		set_default iw_internet 1
 		set_default iw_asra 0
@@ -1159,6 +1245,22 @@ hostapd_set_bss_options() {
 		append bss_conf "$val" "$N"
 	done
 
+	if [ "$unsol_bcast_probe_resp_interval" -gt 0 ]; then
+		append bss_conf "unsol_bcast_probe_resp_interval=$unsol_bcast_probe_resp_interval" "$N"
+	fi
+
+	if [ -n "$fils_discovery_min_interval" ]; then
+		append bss_conf "fils_discovery_min_interval=$fils_discovery_min_interval" "$N"
+	fi
+
+	if [ -n "$fils_discovery_max_interval" ]; then
+		append bss_conf "fils_discovery_max_interval=$fils_discovery_max_interval" "$N"
+	fi
+
+	if [ -n "$rnr" ]; then
+		append bss_conf "rnr=$rnr" "$N"
+	fi
+
 	bss_md5sum="$(echo $bss_conf | md5sum | cut -d" " -f1)"
 	append bss_conf "config_id=$bss_md5sum" "$N"
 
@@ -1249,6 +1351,7 @@ wpa_supplicant_prepare_interface() {
 		country_str="country=$country"
 	}
 
+	local tx_queue_data2_burst="tx_queue_data2_burst=0"
 	multiap_flag_file="${_config}.is_multiap"
 	if [ "$multi_ap" = "1" ]; then
 		touch "$multiap_flag_file"
@@ -1260,6 +1363,7 @@ wpa_supplicant_prepare_interface() {
 ${scan_list:+freq_list=$scan_list}
 $ap_scan
 $country_str
+$tx_queue_data2_burst
 EOF
 	return 0
 }
@@ -1531,12 +1635,38 @@ wpa_supplicant_add_network() {
 		;;
 	esac
 
-	[ "$wpa_cipher" = GCMP ] && {
-		append network_data "pairwise=GCMP" "$N$T"
-		append network_data "group=GCMP" "$N$T"
-	}
+	json_get_values pairwise pairwise
+	if [ -n "$pairwise" ]; then
+		case "$pairwise" in
+			*tkip+aes|*tkip+ccmp|*aes+tkip|*ccmp+tkip)
+				wpa_cipher="CCMP TKIP"
+			;;
+			*ccmp256)
+				wpa_cipher="CCMP-256"
+			;;
+			*aes|*ccmp)
+				wpa_cipher="CCMP"
+			;;
+			*tkip)
+				wpa_cipher="TKIP"
+			;;
+			*gcmp256)
+				wpa_cipher="GCMP-256"
+			;;
+			*gcmp)
+				wpa_cipher="GCMP"
+			;;
+			*)
+				wpa_cipher=""
+			;;
+		esac
+	fi
+	[ -n "$wpa_cipher" ] && wpa_pairwise="$wpa_cipher"
 
 	[ "$mode" = mesh ] || {
+		json_get_values sae_groups sae_groups
+		json_get_values owe_groups owe_groups
+
 		case "$wpa" in
 			1)
 				append network_data "proto=WPA" "$N$T"
@@ -1546,12 +1676,48 @@ wpa_supplicant_add_network() {
 			;;
 		esac
 
+		[ -n "$wpa_pairwise" ] && append network_data "pairwise=$wpa_pairwise" "$N$T"
+		[ -z "$group_cipher" ] && group_cipher="$wpa_cipher"
+
+		if [ -n "$sae_groups" -o -n "$owe_groups" ]; then
+			case "$auth_type" in
+			sae*)
+				echo "sae_groups=$sae_groups" >> "$_config"
+				append network_data "group=$group_cipher" "$N$T"
+			;;
+			owe)
+				append network_data "owe_group=$owe_groups" "$N$T"
+				append network_data "group=$group_cipher" "$N$T"
+			;;
+			esac
+		fi
+
+		# RSN -> allow management frame protection
 		case "$ieee80211w" in
 			[012])
-				[ "$wpa" -ge 2 ] && append network_data "ieee80211w=$ieee80211w" "$N$T"
+				json_get_vars ieee80211w_mgmt_cipher ieee80211w_max_timeout ieee80211w_retry_timeout beacon_prot
+				append network_data "ieee80211w=$ieee80211w" "$N$T"
+				[ "$ieee80211w" -gt "0" ] && {
+					case "$group_cipher" in
+					CCMP*)
+						ieee80211w_mgmt_cipher="AES-128-CMAC"
+					;;
+					GCMP-256)
+						[[ "$encryption" != "*owe*" ]] && ieee80211w_mgmt_cipher="BIP-GMAC-256"
+					;;
+					esac
+					if [ "$auth_type" = "eap192" ]; then
+						append network_data "group_mgmt=BIP-GMAC-256" "$N$T"
+					else
+						append network_data "group_mgmt=${ieee80211w_mgmt_cipher:-AES-128-CMAC}" "$N$T"
+					fi
+					[ -n "$beacon_prot" ] && \
+						append network_data "beacon_prot=$beacon_prot" "$N$T"
+				}
 			;;
 		esac
 	}
+
 	[ -n "$bssid" ] && append network_data "bssid=$bssid" "$N$T"
 	[ -n "$beacon_int" ] && append network_data "beacon_int=$beacon_int" "$N$T"
 
@@ -1562,6 +1728,20 @@ wpa_supplicant_add_network() {
 	[ -n "$bssid_blacklist" ] && append network_data "bssid_blacklist=$bssid_blacklist" "$N$T"
 	[ -n "$bssid_whitelist" ] && append network_data "bssid_whitelist=$bssid_whitelist" "$N$T"
 
+        local disable_eht
+        local disable_he
+        local disable_vht
+        local disable_ht
+        json_get_vars disable_eht
+        json_get_vars disable_he
+        json_get_vars disable_vht
+        json_get_vars disable_ht
+
+        [ -n "$disable_eht" ] && append network_data "disable_eht=$disable_eht" "$N$T"
+        [ -n "$disable_he" ] && append network_data "disable_he=$disable_he" "$N$T"
+        [ -n "$disable_vht" ] && append network_data "disable_vht=$disable_vht" "$N$T"
+        [ -n "$disable_ht" ] && append network_data "disable_ht=$disable_ht" "$N$T"
+
 	[ -n "$basic_rate" ] && {
 		local br rate_list=
 		for br in $basic_rate; do
@@ -1576,6 +1756,11 @@ wpa_supplicant_add_network() {
 		append network_data "mcast_rate=$mc_rate" "$N$T"
 	}
 
+	if [ "$auth_type" = "sae" ]; then
+		json_get_vars sae_pwe sae_pwe
+		[ -n "$sae_pwe" ] && echo "sae_pwe=$sae_pwe" >> "$_config"
+	fi
+
 	if [ "$key_mgmt" = "WPS" ]; then
 		echo "wps_cred_processing=1" >> "$_config"
 	else