aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config
Commit message (Collapse)AuthorAgeFilesLines
* firewall4: update to latest Git HEADJo-Philipp Wich2022-02-071-3/+3
| | | | | | | | | | | | | b54f462 fw4: parse traffic rules before forwarding rules 4d5af8b fw4: consolidate helper code 300c737 fw4: fix applying zone family restrictions to forwardings eb9c25a tests: implement fs.opendir() mock interface d30ff48 tests: fix mocked fs.popen() trace log 52831a0 fw4: improve flowtable handling 7cb10c8 fw4: disable "flow_offloading_hw" option for now b2241a1 fw4: fix enabling NAT reflection rules for DNATs without explicit family Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to latest Git HEADJo-Philipp Wich2022-02-071-3/+3
| | | | | | | | | fd4c9e1 system-linux: expose hw-tc-offload ethtool feature in device status dump 3d76f2e system-linux: add wrapper function for creating link config messages 88af2f1 system-linux: delete bridge devices using netlink 85c3548 system-linux: create bridge devices using netlink Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-01-281-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | 16a1070 fw4.uc: handle zone masq6 option 5f61dbf ruleset: fix chain selection for mark and dscp targets 0bc844b ruleset: properly deal with wildcards in zone device selectors 101988d fw4: fix family comparisons 127dbc0 ruleset: emit AF specific rules for DSCP matches d63cb89 fw4: fix parsing inverted numeric DSCP values 8c8a867 fw4: fix wrong `parse_network()` return value on `parse_subnet()` failure f85bb2d ruleset: consolidate zone matches for raw_prerouting and raw_output chains 5669bc7 fw4: consolidate device grouping logic 94f03e0 ruleset: properly render redirect targets without port fff9779 fw4: fix family selection logic for redirect rules ca88fcd tests: update interface dump mock data e60bb4b ruleset: support non-contiguous address masks 8fec51a fw4: fix potential crashes when parsing invalid redirect sections c08eb44 fw4: fix redirect destination zone resolving 0df6ba0 fw4: fix address selection logic for DNAT reflection rules 60a2518 tests: add test coverage for redirect rules e479eff fw4: add RFC-8622 'Least Effort' (LE) DSCP mark ac8a737 ruleset: remove redundant syn check bd5dc4b tests: run testcases in strict mode 3ee6a5c ruleset: fix undeclared variable access uncovered by strict mode Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to git HEADHans Dedecker2022-01-231-3/+3
| | | | | | ed71876 iprule: add support for uidrange Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ipip: add 'nohostroute' optionMatthew Hagan2022-01-192-3/+6
| | | | | | | | Add the nohostroute option as available for gre and wg tunnels to allow the user to prevent explicit creation of a route to the peer address. Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
* netifd: update to git HEADHans Dedecker2022-01-141-3/+3
| | | | | | 3043206 system: fix compilation with glibc 2.34 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to git HEADHans Dedecker2022-01-121-3/+3
| | | | | | | | 96902e8 Revert "netifd: add devtype to ubus call" 29e6acf netifd: add devtype to ubus call 7ccbf08 netifd: add devtype to ubus call Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest HEADKevin Darbyshire-Bryant2022-01-101-3/+3
| | | | | | | | | 0f16ea5 options.c: add DSCP code LE Least Effort 24ba465 firewall3: remove redundant syn check df1306a firewall3: fix locking issue 3624c37 firewall3: support table load on access on Linux 5.15+ Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* firewall4: bump to git HEADStijn Tintel2022-01-091-3/+3
| | | | | | | | | | | | 9a509d4 ruleset.uc: consolidate ip and ip6 offload 21f311d ruleset.uc: don't trim newline before comment sign f121383 tests: enable flow offloading in tests 550df40 tests: add test for unknown defaults option 47c5a5b tests: add test for deprecated rule option 69a89d6 tests: add test for unknown rule option 07579df fw4.uc: handle interface zone option Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* ltq-vdsl: move to the default device name /dev/dsl_cpe_api/0Andre Heider2022-01-082-12/+1
| | | | | | | This makes patching it for ltq-vdsl-app unnecessary and paves the way for VRX518 support. Signed-off-by: Andre Heider <a.heider@gmail.com>
* firewall4: bump to git HEADStijn Tintel2022-01-061-2/+2
| | | | | | main.uc: fix device gathering Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* firewall4: fix syntax error in dependency specJo-Philipp Wich2022-01-061-1/+1
| | | | | Fixes: ae60af8572 ("firewall4: order DEPENDS alphabetically") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall/firewall4: provide uci-firewallStijn Tintel2022-01-062-2/+4
| | | | | | | | | | | | | | | | Provide uci-firewall via PROVIDES in both firewall and firewall4. This will allow us to change the dependency of luci-app-firewall to uci-firewall, making it possible to use it with either implementation. Move CONFLICTS from firewall4 to firewall, to solve this recursive dependency problem: tmp/.config-package.in:307:error: recursive dependency detected! tmp/.config-package.in:307: symbol PACKAGE_firewall is selected by PACKAGE_firewall4 tmp/.config-package.in:328: symbol PACKAGE_firewall4 depends on PACKAGE_firewall Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: bump to git HEADStijn Tintel2022-01-061-4/+4
| | | | | | | | | | | | | | | | 4ead2a6 treewide: move executables to /sbin 9ebc2f4 fw4.uc: filter duplicates in fw4.set 85b74f3 treewide: support flow offloading be3b4e6 treewide: support hardware flow offloading 38889b7 treewide: support set timeout 31c7550 fw4.uc: do not skip defaults with invalid option 334a127 fw4.uc: introduce DEPRECATED flag 7a0d38f fw4.uc: add _name as deprecated option 5e7ad3b fw4.uc: don't fail on unknown options be5f4e3 fw4.uc: allow use of cidr in ipsets Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: order DEPENDS alphabeticallyStijn Tintel2022-01-061-1/+5
| | | | | | | Add some line breaks while at at, to improve readability. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: drop kmod-ipt-nat from CONFLICTSStijn Tintel2022-01-061-1/+1
| | | | | | | | The limitation of not being able to use iptables and nft nat at the same time exists only in kernels before 4.18. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to latest git HEADHans Dedecker2021-12-171-3/+3
| | | | | | | | | 5ca5e0b netifd: allow disabling rule/rule6 config sections 8875960 interface-ip: add support for IPv6 prefix invalidation e589c05 interface-ip: use metric when looking for a route b54ffde main: fix hotplug script usage message Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: on dhcp interfaces, store the dhcp server in interface dataFelix Fietkau2021-12-101-0/+1
| | | | | | | | Among other things, this can be used to auto-configure the DHCP server address for wireless APs using FILS, if the bridged interface is configured to DHCP Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: remove bulk flow detection from default portsFelix Fietkau2021-12-011-3/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add besteffort class and switch all default classifications to class ↵Felix Fietkau2021-12-012-13/+17
| | | | | | names Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-221-3/+3
| | | | | | 06872673c10f map: allow referring to a class index directly in tcp/udp default entries Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: install hotplug handler into /etc/hotplug.d/iface as wellFelix Fietkau2021-11-221-1/+9
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add support for configuring overheadFelix Fietkau2021-11-212-1/+41
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-211-3/+3
| | | | | | 2743e58741b3 bpf: work around a verifier issue Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add qosify-status scriptFelix Fietkau2021-11-192-1/+74
| | | | | | This will show detailed status for all devices/interfaces Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add class specific bulk flow detection example to voice classFelix Fietkau2021-11-191-0/+3
| | | | | | | With the new version, priority/bulk flow detection can be selectively enabled and configured per class Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-193-16/+24
| | | | | | | | | | | | | 68961a555e42 ubus: drop dnsmasq check for dns_result method 1ca3e26b8169 bpf: refactor code to support explicit opt-in for bulk+prio detection 3f0acf039f41 bpf: move flow prio/bulk detection config into a separate data structure bc54c97e3333 map, bpf: create a separate map for configured dscp classes 46cf3eae2d99 bpf: fix bulk flow detaction 88f1db7dd611 bpf: fix priority flow detection b5dec7874373 bpf: remove access to skb->gso_size e728a319a9a5 interface: unify status, always include ifname, ingress, egress Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: keep ICMP in the default best-effort classFelix Fietkau2021-11-191-1/+1
| | | | | | | Also preserve existing DSCP tags to make it easier to test latency for different DSCP values Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: move package to Base SystemRodrigo B. de Sousa Martins2021-11-191-2/+2
| | | | | | | | Since sqm-scripts and qos-scripts packages are in the same category as qosify, the firsts being in the Base System category, I find it understandable to move the latter to Base System instead of network section. Signed-off-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com>
* qosify: add missing alias support in the init scriptFelix Fietkau2021-11-141-0/+18
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall4: update to latest Git HEADPaul Spooren2021-11-131-4/+4
| | | | | | | | | eb0a3ee fw4.uc: Do not quote port ranges c5a8e3e tests: adapt test to new ICMP print logic Also start using $(AUTORELEASE) Signed-off-by: Paul Spooren <mail@aparcar.org>
* qosify: add default alias sectionsFelix Fietkau2021-11-121-1/+13
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-121-3/+3
| | | | | | | | 0750f2b4d329 README: dnsmasq integration is complete 8e48d0b0cbba bpf: add initial support for splitting map dscp value into ingress and egress bfc2cafe2a8c map: add support for defining aliases Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: mark as nonsharedFelix Fietkau2021-11-091-0/+1
| | | | | | The SDK does not have the LLVM toolchain yet Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: move files to /etc/qosifyFelix Fietkau2021-11-082-4/+4
| | | | | | | Now that wildcard matching is supported, this makes it easier for packages to supply their own qosify rules Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-081-3/+3
| | | | | | | | 737970946bc0 map: default to fnmatch matching for dns patterns. support regex via leading / b56b112e62e2 ubus: fix crash caused by missing static keyword 3a420e272c18 qosify: support wildcards in classifier filenames Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add missing dependencyFelix Fietkau2021-11-081-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-081-3/+3
| | | | | | | | | | | | | | | | | | | | | | 2ca7352543da map: make a helper function for freeing entries 411432ec853b map: add support for adding dns regex patterns 14803cb559d8 ubus: remove unused enum a0740172eda6 ubus: add api for providing dns lookup results for dns regex rules 406fbf478e87 ubus: add support for dynamically adding dns based rules 5fc91183d60a README: mention dns regex entries 3ed8c3eb1a3b README: document mapping file syntax 91ce2e77d302 map: introduce low effort codepoint from RFC8622 5ff14acca0e7 interface: enable NAT on interfaces by default e70f70e496d7 README: fix typo f25ded617478 README: fix another typo 675238bc2ce5 loader: always reinitialize programs 010eea0d98c3 map: improve timeout handling of IP entries 7ef54a7f04a0 map: add DF codepoint 6f7fbe698555 map: increase active timeout to 300 60e06a579a13 qosify-bpf: inline check_flow() to ensure that it is jited f5ae89e8d869 ubus: subscribe to dnsmasq.dns for dns lookup results Signed-off-by: Felix Fietkau <nbd@nbd.name>
* vti: squash vtiv4 and vtiv6 packages into vtiFlorian Eckert2021-11-031-36/+7
| | | | | | This change adds the same package behaviour as gre package. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* qosify: add missing config option for nat supportFelix Fietkau2021-11-032-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: include nls.mk to avoid build error with full NLS support enabledFelix Fietkau2021-11-031-0/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add missing dependencyFelix Fietkau2021-11-021-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: fix package section/categoryFelix Fietkau2021-11-011-3/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: fix bpf toolchain dependency for qosifyFelix Fietkau2021-11-011-1/+1
| | | | | | Add hidden symbols to fix defaults with CONFIG_DEVEL unset Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add package for simple qos based on ebpf+cakeFelix Fietkau2021-11-015-0/+209
| | | | | | | | | | | | | | qosify is simple daemon for setting up and managing CAKE along with a custom eBPF based classifier that sets DSCP fields of packets. It is configured via UCI and it supports the following features: - simple TCP/UDP port based mapping - IP address based mapping - priority boosting based on average packet size - bulk flow detection based on number of packets per second - dynamically add IP entries with timeout Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: fix deletion of ip tunnels (FS#4058)Hans Dedecker2021-10-301-3/+3
| | | | | | 8f82742 system-linux: fix deletion of ip tunnels (FS#4058) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to the latest versionFelix Fietkau2021-10-211-3/+3
| | | | | | | c61a1d432b34 wireless: fix creating AP mode WDS station interfaces f78bdec2ed5f wireless: fix handling vif attributes on reload with mode change Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ltq-vdsl-app: add error vector counters to the ubus metricsAndre Heider2021-10-211-0/+23
| | | | | | | | | | | | | | | These are useful stats to debug vector related line deteriorations, see [0]. Example output: "erb": { "sent": 169925, "discarded": 0 } [0] https://forum.openwrt.org/t/vectoring-on-lantiq-vrx200-vr9-missing-callback-for-sending-error-samples/104046 Signed-off-by: Andre Heider <a.heider@gmail.com>
* ltq-vdsl-app: prepare for multiple mei ioctlsAndre Heider2021-10-212-19/+23
| | | | | | | | | | | | Refactor so that the outer function opens and closes the mei fd and passes it around, just as with the main fd. That also allows us to use the IOCTL macro in get_vector_status() and clean up accordingly. Switch to AUTORELEASE while at it. Signed-off-by: Andre Heider <a.heider@gmail.com>
* netifd: update to git HEADDaniel Golle2021-10-131-3/+3
| | | | | | | be8cd8f interface: don't fork() to start jail interface 7a048bd interface, ubus: rework netns up/down Signed-off-by: Daniel Golle <daniel@makrotopia.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 05:48:18 +0000