aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config
Commit message (Collapse)AuthorAgeFilesLines
* qosify: update to the latest versionFelix Fietkau2022-03-061-3/+3
| | | | | | | | | | | 3276aed81c73 move run_cmd() to main.c 558eabc13c64 map: move dns host based lookup code to a separate function 6ff06d66c36c dns: add code for snooping dns packets a78bd43c4a54 ubus: remove dnsmasq subscriber 9773ffa70f1f map: process dns patterns in the order in which they were defined f13b67c9a786 dns: allow limiting dns entry matching to cname name Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: bump to git HEADStijn Tintel2022-03-042-4/+4
| | | | | | | | interface: disable autorate-ingress by default Also change the example config to reflect this. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* qosify: add PKG_RELEASEStijn Tintel2022-03-041-0/+1
| | | | | | | | | Without PKG_RELEASE, it's impossible to trigger package updates when changing files included in the package that are not in the qosify git repository. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Felix Fietkau <nbd@nbd.name>
* iptables: move libiptext* to their own packagesEtienne Champetier2022-02-281-1/+1
| | | | | | | | iptables-nft doesn't depend on libip{4,6}tc, so move libiptext* libs in their own packages to clean up dependencies Rename libxtables-nft to libiptext-nft Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* qosify: update to the latest versionFelix Fietkau2022-02-201-3/+3
| | | | | | 65b42032063f interface: add missing autorate-ingress options Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: bump to version 2022-02-20Petr Štetiar2022-02-201-3/+3
| | | | | | | | | Contains following changes: 136006b88826 cmake: fix usage of implicit library and include paths bc0e84d689e2 netifd: interface-ip: don't set fib6 policies if ipv6 disabled Signed-off-by: Petr Štetiar <ynezz@true.cz>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-02-121-3/+3
| | | | | | | | | | | | | 53caa1a fw4: resolve zone layer 2 devices for hw flow offloading 9fe58f5 fw4: rework and fix family inheritance logic 8795296 tests: mocklib: fix infinite recursion in wrapped print() 281b1bc tests: change mocked wan interface type to PPPoE 93b710d tests: mocklib: forward compatibility change 1a94915 fw4: only stage reflection rules if all required addrs are known 5c21714 fw4: add device iifname/oifname matches to DSCP and MARK rules 3eacc97 tests: adjust 01_ruleset test case to latest changes Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* qosify: update to the latest versionFelix Fietkau2022-02-101-3/+3
| | | | | | | | e230e71e0a12 map: fix copy-paste error in codepoints map 580d2ccf89f3 bpf: declare tcp_ports/udp_ports without typedef 8d6c19a81f3f ubus: fix a use-after-free bug Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-02-071-3/+3
| | | | | | | a0518b6 fw4: gracefully handle unsupported hardware offloading ac99eba init: fix boot action in init script Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-02-071-3/+3
| | | | | | | | | | | | | b54f462 fw4: parse traffic rules before forwarding rules 4d5af8b fw4: consolidate helper code 300c737 fw4: fix applying zone family restrictions to forwardings eb9c25a tests: implement fs.opendir() mock interface d30ff48 tests: fix mocked fs.popen() trace log 52831a0 fw4: improve flowtable handling 7cb10c8 fw4: disable "flow_offloading_hw" option for now b2241a1 fw4: fix enabling NAT reflection rules for DNATs without explicit family Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to latest Git HEADJo-Philipp Wich2022-02-071-3/+3
| | | | | | | | | fd4c9e1 system-linux: expose hw-tc-offload ethtool feature in device status dump 3d76f2e system-linux: add wrapper function for creating link config messages 88af2f1 system-linux: delete bridge devices using netlink 85c3548 system-linux: create bridge devices using netlink Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-01-281-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | 16a1070 fw4.uc: handle zone masq6 option 5f61dbf ruleset: fix chain selection for mark and dscp targets 0bc844b ruleset: properly deal with wildcards in zone device selectors 101988d fw4: fix family comparisons 127dbc0 ruleset: emit AF specific rules for DSCP matches d63cb89 fw4: fix parsing inverted numeric DSCP values 8c8a867 fw4: fix wrong `parse_network()` return value on `parse_subnet()` failure f85bb2d ruleset: consolidate zone matches for raw_prerouting and raw_output chains 5669bc7 fw4: consolidate device grouping logic 94f03e0 ruleset: properly render redirect targets without port fff9779 fw4: fix family selection logic for redirect rules ca88fcd tests: update interface dump mock data e60bb4b ruleset: support non-contiguous address masks 8fec51a fw4: fix potential crashes when parsing invalid redirect sections c08eb44 fw4: fix redirect destination zone resolving 0df6ba0 fw4: fix address selection logic for DNAT reflection rules 60a2518 tests: add test coverage for redirect rules e479eff fw4: add RFC-8622 'Least Effort' (LE) DSCP mark ac8a737 ruleset: remove redundant syn check bd5dc4b tests: run testcases in strict mode 3ee6a5c ruleset: fix undeclared variable access uncovered by strict mode Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to git HEADHans Dedecker2022-01-231-3/+3
| | | | | | ed71876 iprule: add support for uidrange Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ipip: add 'nohostroute' optionMatthew Hagan2022-01-192-3/+6
| | | | | | | | Add the nohostroute option as available for gre and wg tunnels to allow the user to prevent explicit creation of a route to the peer address. Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
* netifd: update to git HEADHans Dedecker2022-01-141-3/+3
| | | | | | 3043206 system: fix compilation with glibc 2.34 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to git HEADHans Dedecker2022-01-121-3/+3
| | | | | | | | 96902e8 Revert "netifd: add devtype to ubus call" 29e6acf netifd: add devtype to ubus call 7ccbf08 netifd: add devtype to ubus call Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest HEADKevin Darbyshire-Bryant2022-01-101-3/+3
| | | | | | | | | 0f16ea5 options.c: add DSCP code LE Least Effort 24ba465 firewall3: remove redundant syn check df1306a firewall3: fix locking issue 3624c37 firewall3: support table load on access on Linux 5.15+ Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* firewall4: bump to git HEADStijn Tintel2022-01-091-3/+3
| | | | | | | | | | | | 9a509d4 ruleset.uc: consolidate ip and ip6 offload 21f311d ruleset.uc: don't trim newline before comment sign f121383 tests: enable flow offloading in tests 550df40 tests: add test for unknown defaults option 47c5a5b tests: add test for deprecated rule option 69a89d6 tests: add test for unknown rule option 07579df fw4.uc: handle interface zone option Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* ltq-vdsl: move to the default device name /dev/dsl_cpe_api/0Andre Heider2022-01-082-12/+1
| | | | | | | This makes patching it for ltq-vdsl-app unnecessary and paves the way for VRX518 support. Signed-off-by: Andre Heider <a.heider@gmail.com>
* firewall4: bump to git HEADStijn Tintel2022-01-061-2/+2
| | | | | | main.uc: fix device gathering Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* firewall4: fix syntax error in dependency specJo-Philipp Wich2022-01-061-1/+1
| | | | | Fixes: ae60af8572 ("firewall4: order DEPENDS alphabetically") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall/firewall4: provide uci-firewallStijn Tintel2022-01-062-2/+4
| | | | | | | | | | | | | | | | Provide uci-firewall via PROVIDES in both firewall and firewall4. This will allow us to change the dependency of luci-app-firewall to uci-firewall, making it possible to use it with either implementation. Move CONFLICTS from firewall4 to firewall, to solve this recursive dependency problem: tmp/.config-package.in:307:error: recursive dependency detected! tmp/.config-package.in:307: symbol PACKAGE_firewall is selected by PACKAGE_firewall4 tmp/.config-package.in:328: symbol PACKAGE_firewall4 depends on PACKAGE_firewall Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: bump to git HEADStijn Tintel2022-01-061-4/+4
| | | | | | | | | | | | | | | | 4ead2a6 treewide: move executables to /sbin 9ebc2f4 fw4.uc: filter duplicates in fw4.set 85b74f3 treewide: support flow offloading be3b4e6 treewide: support hardware flow offloading 38889b7 treewide: support set timeout 31c7550 fw4.uc: do not skip defaults with invalid option 334a127 fw4.uc: introduce DEPRECATED flag 7a0d38f fw4.uc: add _name as deprecated option 5e7ad3b fw4.uc: don't fail on unknown options be5f4e3 fw4.uc: allow use of cidr in ipsets Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: order DEPENDS alphabeticallyStijn Tintel2022-01-061-1/+5
| | | | | | | Add some line breaks while at at, to improve readability. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: drop kmod-ipt-nat from CONFLICTSStijn Tintel2022-01-061-1/+1
| | | | | | | | The limitation of not being able to use iptables and nft nat at the same time exists only in kernels before 4.18. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to latest git HEADHans Dedecker2021-12-171-3/+3
| | | | | | | | | 5ca5e0b netifd: allow disabling rule/rule6 config sections 8875960 interface-ip: add support for IPv6 prefix invalidation e589c05 interface-ip: use metric when looking for a route b54ffde main: fix hotplug script usage message Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: on dhcp interfaces, store the dhcp server in interface dataFelix Fietkau2021-12-101-0/+1
| | | | | | | | Among other things, this can be used to auto-configure the DHCP server address for wireless APs using FILS, if the bridged interface is configured to DHCP Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: remove bulk flow detection from default portsFelix Fietkau2021-12-011-3/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add besteffort class and switch all default classifications to class ↵Felix Fietkau2021-12-012-13/+17
| | | | | | names Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-221-3/+3
| | | | | | 06872673c10f map: allow referring to a class index directly in tcp/udp default entries Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: install hotplug handler into /etc/hotplug.d/iface as wellFelix Fietkau2021-11-221-1/+9
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add support for configuring overheadFelix Fietkau2021-11-212-1/+41
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-211-3/+3
| | | | | | 2743e58741b3 bpf: work around a verifier issue Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add qosify-status scriptFelix Fietkau2021-11-192-1/+74
| | | | | | This will show detailed status for all devices/interfaces Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add class specific bulk flow detection example to voice classFelix Fietkau2021-11-191-0/+3
| | | | | | | With the new version, priority/bulk flow detection can be selectively enabled and configured per class Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-193-16/+24
| | | | | | | | | | | | | 68961a555e42 ubus: drop dnsmasq check for dns_result method 1ca3e26b8169 bpf: refactor code to support explicit opt-in for bulk+prio detection 3f0acf039f41 bpf: move flow prio/bulk detection config into a separate data structure bc54c97e3333 map, bpf: create a separate map for configured dscp classes 46cf3eae2d99 bpf: fix bulk flow detaction 88f1db7dd611 bpf: fix priority flow detection b5dec7874373 bpf: remove access to skb->gso_size e728a319a9a5 interface: unify status, always include ifname, ingress, egress Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: keep ICMP in the default best-effort classFelix Fietkau2021-11-191-1/+1
| | | | | | | Also preserve existing DSCP tags to make it easier to test latency for different DSCP values Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: move package to Base SystemRodrigo B. de Sousa Martins2021-11-191-2/+2
| | | | | | | | Since sqm-scripts and qos-scripts packages are in the same category as qosify, the firsts being in the Base System category, I find it understandable to move the latter to Base System instead of network section. Signed-off-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com>
* qosify: add missing alias support in the init scriptFelix Fietkau2021-11-141-0/+18
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall4: update to latest Git HEADPaul Spooren2021-11-131-4/+4
| | | | | | | | | eb0a3ee fw4.uc: Do not quote port ranges c5a8e3e tests: adapt test to new ICMP print logic Also start using $(AUTORELEASE) Signed-off-by: Paul Spooren <mail@aparcar.org>
* qosify: add default alias sectionsFelix Fietkau2021-11-121-1/+13
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-121-3/+3
| | | | | | | | 0750f2b4d329 README: dnsmasq integration is complete 8e48d0b0cbba bpf: add initial support for splitting map dscp value into ingress and egress bfc2cafe2a8c map: add support for defining aliases Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: mark as nonsharedFelix Fietkau2021-11-091-0/+1
| | | | | | The SDK does not have the LLVM toolchain yet Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: move files to /etc/qosifyFelix Fietkau2021-11-082-4/+4
| | | | | | | Now that wildcard matching is supported, this makes it easier for packages to supply their own qosify rules Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-081-3/+3
| | | | | | | | 737970946bc0 map: default to fnmatch matching for dns patterns. support regex via leading / b56b112e62e2 ubus: fix crash caused by missing static keyword 3a420e272c18 qosify: support wildcards in classifier filenames Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: add missing dependencyFelix Fietkau2021-11-081-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: update to the latest versionFelix Fietkau2021-11-081-3/+3
| | | | | | | | | | | | | | | | | | | | | | 2ca7352543da map: make a helper function for freeing entries 411432ec853b map: add support for adding dns regex patterns 14803cb559d8 ubus: remove unused enum a0740172eda6 ubus: add api for providing dns lookup results for dns regex rules 406fbf478e87 ubus: add support for dynamically adding dns based rules 5fc91183d60a README: mention dns regex entries 3ed8c3eb1a3b README: document mapping file syntax 91ce2e77d302 map: introduce low effort codepoint from RFC8622 5ff14acca0e7 interface: enable NAT on interfaces by default e70f70e496d7 README: fix typo f25ded617478 README: fix another typo 675238bc2ce5 loader: always reinitialize programs 010eea0d98c3 map: improve timeout handling of IP entries 7ef54a7f04a0 map: add DF codepoint 6f7fbe698555 map: increase active timeout to 300 60e06a579a13 qosify-bpf: inline check_flow() to ensure that it is jited f5ae89e8d869 ubus: subscribe to dnsmasq.dns for dns lookup results Signed-off-by: Felix Fietkau <nbd@nbd.name>
* vti: squash vtiv4 and vtiv6 packages into vtiFlorian Eckert2021-11-031-36/+7
| | | | | | This change adds the same package behaviour as gre package. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* qosify: add missing config option for nat supportFelix Fietkau2021-11-032-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qosify: include nls.mk to avoid build error with full NLS support enabledFelix Fietkau2021-11-031-0/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 16:46:29 +0000