aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config
Commit message (Collapse)AuthorAgeFilesLines
* lantiq: Allow PKG_ASLR_PIE for DSL and voice driversHauke Mehrtens2019-11-011-1/+0
| | | | | | | | | | | When ASLR_PIE was activated globally these drivers failed to build because the user space LDFLAGS leaked into the kernel build process. This was fixed in upstream Linux kernel commit ce99d0bf312d ("kbuild: clear LDFLAGS in the top Makefile") which went into Linux 4.17. The lantiq target is now on Linux 4.19 only and these exceptions are not needed any more. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* lantiq: fix dsl_control status handling.Martin Schiller2019-10-154-8/+8
| | | | | | | | | | Commit 7519a36774ca ("base-files,procd: add generic service status") introduced the generic 'status' command which broke the previous dsl_control status output. To fix this, let's rename the "old" command to "dslstat". Fixes: 7519a36774ca ("base-files,procd: add generic service status") Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* firewall: update to latest git HEADHans Dedecker2019-10-041-3/+3
| | | | | | daed0cf utils: fix resource leak Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest Git HEADJo-Philipp Wich2019-09-181-3/+3
| | | | | | | 383eb58 ubus: do not overwrite ipset name attribute Ref: https://forum.openwrt.org/t/fw3-ipset-procd-objects/44044 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall: update to latest git HEADPetr Štetiar2019-09-151-3/+3
| | | | | | c26f8907d1d2 firewall3: fix typo that affects ICMPv6 rules with numeric icmp_type Signed-off-by: Petr Štetiar <ynezz@true.cz>
* netifd,lldpd,rpcd,log: use generic service_runningPetr Štetiar2019-09-151-5/+0
| | | | | | | | | | | | | | | | | | commit eb204d14f75c ("base-files: implement generic service_running") introduced generic service_running so it's not needed to copy&paste same 3 lines over and over again. I've removed service_running from netifd/network init script as well, because it was not working properly, looked quite strange and I didn't understand the intention: $ /etc/init.d/network stop $ service network running && echo "yes" || echo "nope" ( have to wait for 30s ) Command failed: Request timed out yes Signed-off-by: Petr Štetiar <ynezz@true.cz>
* firewall: update to latest git HEADHauke Mehrtens2019-09-081-3/+3
| | | | | | 487bd0d utils: Fix string format message Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* firewal: update to latest git HEADHans Dedecker2019-09-071-3/+3
| | | | | | | | 4d0c703 firewall3: Fix some format string problems 8c404ef iptables.c: lock the xtables.lock c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADKevin Darbyshire-Bryant2019-08-221-3/+3
| | | | | | bf29c1e firewall3: ipset: Handle reload_set properly Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* firewall: improve ipset supportKevin Darbyshire-Bryant2019-08-161-4/+4
| | | | | | | | | | | | | | | | | | | | Bump to latest git HEAD 509e673 firewall3: Improve ipset support The enabled option did not work properly for ipsets, as it was not checked on create/destroy of a set. After this commit, sets are only created/destroyed if enabled is set to true. Add support for reloading, or recreating, ipsets on firewall reload. By setting "reload_set" to true, the set will be destroyed and then re-created when the firewall is reloaded. Add support for the counters and comment extensions. By setting "counters" or "comment" to true, then counters or comments are added to the set. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* netifd: update to latest git HEADHans Dedecker2019-08-071-3/+3
| | | | | | 5e02f94 system-linux: fix resource leak Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADHans Dedecker2019-08-051-3/+3
| | | | | | de94097 utils: coverity resource leak warning Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2019-07-221-3/+3
| | | | | | 899f168 system-linux: Coverity fixes Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* package/network: add PKGARCH:=all to non-binary packagesDeng Qingfang2019-06-225-0/+5
| | | | | | Packages such as xfrm contain only script files, add PKGARCH:=all Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
* netifd: xfrm fixesHans Dedecker2019-06-151-3/+3
| | | | | | 9932ed0 netifd: fix xfrm interface deletion and standardize netlink call Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* network/config/xfrm: add host-dependency for xfrm interface parentAndré Valentin2019-06-152-8/+12
| | | | | | | Add proto_add_host_dependency to add a dependency to the tunlink interface Signed-off-by: André Valentin <avalentin@marcant.net> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* netifd: update to latest git HEADHans Dedecker2019-06-131-4/+4
| | | | | | | 42a3878 interface-ip: fix possible null pointer dereference c1964d8 system-linux: remove superfluous dev check Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* config: add xfrm interface support scriptsAndré Valentin2019-06-102-0/+103
| | | | | | | | | | | | | | | | | | | | | | | | This package adds scripts for xfrm interfaces support. Example configuration via /etc/config/network: config interface 'xfrm0' option proto 'xfrm' option mtu '1300' option zone 'VPN' option tunlink 'wan' option ifid 30 config interface 'xfrm0_static' option proto 'static' option ifname '@xfrm0' option ip6addr 'fe80::1/64' option ipaddr '10.0.0.1/30' Now set in strongswan IPsec policy: if_id_in = 30 if_id_out = 30 Signed-off-by: André Valentin <avalentin@marcant.net>
* netifd: xfrm tunnel supportHans Dedecker2019-06-081-3/+3
| | | | | | 8c6358b netifd: add xfrm tunnel interface support Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: introduce 'nohostroute' optionFabian Bläse2019-05-312-5/+11
| | | | | | | | | | | It is not always necessary to add a host route for the gre peer address. This introduces a new config option 'nohostroute' (similar to the option introduced for wireguard in d8e2e19) to allow to disable the creation of those routes explicitely. Signed-off-by: Fabian Bläse <fabian@blaese.de> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* netifd: fix missing ip rules after network reload (FS#2296)Hans Dedecker2019-05-281-3/+3
| | | | | | beb810d iprule: fix missing ip rules after a reload (FS#2296) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: add support for the new ar8xxx MIB counters settingsPetr Štetiar2019-05-202-2/+4
| | | | | | | | | Commit "generic: ar8216: add mib_poll_interval switch attribute" has added mib_poll_interval global config option and commit "generic: ar8216: group MIB counters and use two basic ones only by default" has added mib_type config option. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* netifd: update to latest git HEADHans Dedecker2019-05-181-3/+3
| | | | | | | 22e8e58 interface-ip: use ptp address as well to find local address target f1aa0f9 treewide: pass bool as second argument of blobmsg_check_attr Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2019-05-081-3/+3
| | | | | | | f6fb700 interface-ip: fine tune IPv6 mtu warning 975a5c4 interface: tidy ipv6 mtu warning Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2019-04-151-3/+3
| | | | | | | | 666c14f system-linux: remove debug tracing 08989e4 interface: add neighbor config support bfd4de3 interface: fix "if-down" hotplug event handling Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2019-04-011-3/+3
| | | | | | | 361b3e4 proto-shell: return error in case setup fails a97297d interface: set interface in TEARDOWN state when checking link state Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHauke Mehrtens2019-03-211-3/+3
| | | | | | | a8cf037 netifd: wireless: Add support for GCMP cipher 34a70b6 netifd: wireless: Add support for 802.11ad Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: add support for suppressing the DHCP request hostname by setting it to *Felix Fietkau2019-03-161-0/+2
| | | | | | | | | dnsmasq (and probably other DHCP servers as well) does not like to hand out leases with duplicate host names. Adding support for skipping the hostname makes it easier to deploy setups where it is not guaranteed to be unique Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to latest git HEAD (FS#2087)Hans Dedecker2019-03-141-3/+3
| | | | | | 81ac3bc interface-ip: fix delegate config update on reload (FS#2087) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* vti: remove setting default firewall zone to wanHans Dedecker2019-02-092-3/+1
| | | | | | | | | Same reasoning as in bdedb798150a58ad7ce3c4741f2f31df97e84c3f; don't set default firewall zone to wan as the firewall zone for the vti interface can be configured in the firewall config or it makes it impossible not to specify a firewall zone for the vti interface. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ipip: remove setting default firewall zone to wanHans Dedecker2019-02-092-3/+1
| | | | | | | | | Same reasoning as in bdedb798150a58ad7ce3c4741f2f31df97e84c3f; don't set default firewall zone to wan as the firewall zone for the ipip interface can be configured in the firewall config or it makes it impossible not to specify a firewall zone for the ipip interface. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: remove setting default firewall zone to wanFlorian Eckert2019-02-072-2/+1
| | | | | | | | | | | | | | | | | | | | | | There are two problems with this behaviour that the zone is set to wan if no zone config option is defined in the interface section. * The zone for the interface is "normally" specified in the firewall config file. So if we have defined "no" zone for this interface zone option is set now to "wan" additonaly if we add the interface in the firewall config section to the "lan" zone, the interface is added to lan and wan at once. iptables-save | grep <iface> This is not what I expect. * If I do not want to set a zone to this interface it is not possible. Remove the default assigment to wan if no zone option is defined. If some one need the option it stil possible to define this option. Signed-off-by: Florian Eckert <fe@dev.tdt.de> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* netifd: handle hotplug event socket errorsHans Dedecker2019-01-311-3/+3
| | | | | | 5cd7215 system-linux: handle hotplug event socket ENOBUFS errors Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADHans Dedecker2019-01-031-3/+3
| | | | | | | | 70f8785 zones: add zone identifying local traffic in raw OUTPUT chain 6920de7 utils: Free args in __fw3_command_pipe() 6ba9105 options: redirects: Fix possible buffer overflows Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: fix ipv6 multicast check in previous commitKevin Darbyshire-Bryant2018-12-171-2/+2
| | | | Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* netifd: support configuring class e 240.0.0.0/4 addressesKevin Darbyshire-Bryant2018-12-171-3/+3
| | | | | | cd089c5 proto: Support class-e addressing in netifd Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* swconfig: Add missing includeRosen Penev2018-12-162-1/+2
| | | | | | | | | Fixes these warnings: swlib.c:455:18: warning: implicit declaration of function 'isspace' swlib.c:461:9: warning: implicit declaration of function 'isdigit' Signed-off-by: Rosen Penev <rosenp@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-12-131-3/+3
| | | | | | 1ac1c78 system-linux: get rid of SIOCSDEVPRIVATE Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADHans Dedecker2018-12-091-3/+3
| | | | | | 14589c8 redirects: properly handle src_dport in SNAT rules Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-11-261-4/+4
| | | | | | | | | dfa4ede interface: fix return code of __interface_add() a82a8f6 netifd: fix resource leak on error in netifd_add_dynamic() fa2403d config: fix resource leaks on error in config_parse_interface() 85de9de interface: fix memory leak on error in __interface_add() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-11-191-3/+3
| | | | | | | | | 4b83102 treewide: switch to C-code style comments 70506bf treewide: make some functions static d9872db interface: fix removal of dynamic interfaces 2f7ef7d interface: rework code to get rid of interface_set_dynamic Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-10-171-3/+3
| | | | | | | 841b5d1 system-linux: enable by default ignore encaplimit for grev6 tunnels 125cbee system-linux: fix a typo in gre tunnel data parsing logic Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: make encaplimit support configurableHans Dedecker2018-10-172-2/+4
| | | | | | | | | | | Make inclusion of the destination option header containing the tunnel encapsulation limit configurable for IPv6 GRE packets. Setting the uci parameter encaplimit to ignore; allows to disable the insertion of the destination option header in the IPv6 GRE packets. Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255 by setting the encaplimit uci parameter accordingly. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHauke Mehrtens2018-10-141-2/+2
| | | | | | | | 22476ff wireless: Add Simultaneous Authentication of Equals (SAE) c6c3a0d wireless: Add Opportunistic Wireless Encryption (OWE) a117e41 wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* package/: fix $(PROJECT_GIT) usageJohn Crispin2018-10-111-1/+1
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* soloscli: Install hotplug file as 600Rosen Penev2018-10-111-2/+2
| | | | | | Hotplug is managed by procd, which runs as root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* firewall: Install config files as 600Rosen Penev2018-10-111-6/+6
| | | | | | None of the files in firewall are used by non-root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* netifd: update to latest git HEAD (FS#1875)Hans Dedecker2018-10-021-3/+3
| | | | | | | 83428fa iprule: coding style fixes aeec2a0 iprule: fix segfault (FS#1875) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-09-301-3/+3
| | | | | | | 94e156f scripts: fix previous commit 3c8ac1c netifd: fix wpa mixed mode matching Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: do not validate relevant section when ipv6 is not supportedRosy Song2018-09-252-3/+3
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-06 08:21:45 +0000