aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config
Commit message (Collapse)AuthorAgeFilesLines
* netifd: fix IPv4 route target maskingJo-Philipp Wich2023-11-142-1/+33
| | | | | | | | | A previous commit supposed to mask out excess host bits in route targets failed to correctly calculate the mask value, causing it to produce improper results for certain mask lengths. Fixes: https://github.com/openwrt/netifd/issues/17 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to the latest versionFelix Fietkau2023-11-111-3/+3
| | | | | | | | | eee02ccca8c8 device: add support to configure eee bb28f6a291d9 wireless: fix sign comparison warning 35facc8306f5 wireless: fix premature removal of hotplug devices due to down state Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit d45d72a6da004a557a2b39793c84174b33f0500c)
* netifd: update to Git HEAD (2023-11-09)Christian Marangi2023-11-111-3/+3
| | | | | | | | | | 841b05fbb91e system-linux: fix compilation error if IFLA_DSA_MASTER is not supported 5c9ecc1ff74f system-linux: make system_if_get_master_ifindex static 2dc7f450f3a2 system-linux: add option to configure DSA conduit device 838f815db5ef system-linux: add support for configurable GRO option Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 1714087442bb61591fe60a375f39b39abd657e25)
* netifd: update to the latest versionFelix Fietkau2023-11-081-3/+3
| | | | | | | | | | | | 383753dd65ae device/bridge: support passing extra vlans in the device_set_state call b6e75eafc1af device: send notifications for device events via ubus cab415c7aefd bridge: add auth-required bridge members with auth_status=0 if vlan is enabled 827a02f0343c bridge: add support for configuring vlans for auth=1,auth_status=false 40ed7363caf2 device: fix build error on 32 bit systems 516ab774cc16 system-linux: fix race condition on bringing up wireless devices Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 41d7439af5a40a71a0deb2075fa133b61b0e478a)
* firewall4: update to the latest versionFelix Fietkau2023-11-021-3/+3
| | | | | | | | | | 23a434d0d15d tests: fix expected test output 840ccdeeabce fw4: avoid emitting invalid rule jump targets 20da9933fd7e fw4: fix another instance of invalid rule jump targets 598d9fbb5179 fw4: remove special cases around hw flow offloading Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 7049ea9e95b0aec461f585523b773e68db3ae304)
* netifd: update to latest git HEADChristian Marangi2023-10-201-3/+3
| | | | | | | 5590a80e2566 config: fix incompatible with jshn network-device entry Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 53039bf7f5aa16d2f69394a86d04b8442c743e77)
* netifd: update to the latest versionFelix Fietkau2023-09-191-3/+3
| | | | | | | 7a58b995fdbe wireless: update prev_config on SET_DATA notify Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit f52e008d045302976d2ff40f35e91b84a5678d12)
* netifd: update to the latest versionFelix Fietkau2023-09-182-36/+3
| | | | | | | | | | | f429bd94f99e system-linux: switch to new ETHTOOL_xLINKSETTINGS API 1a07f1dff32b make_ethtool_modes_h.sh: apply anti-bashism 3d425f16d6a6 wireless: rework and fix vlan/station config reload handling 88a3a9e2be07 wireless: clean up prev_config handling afcd3825dad9 wireless: dynamically enable/disable virtual interfaces base on network interface autostart Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit a33f1d35155cf9579065ed76bd17e991d165170e)
* netifd: update to the latest versionFelix Fietkau2023-09-181-3/+3
| | | | | | | | | | | | | | | | | | | | db3934d2f740 scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support Support the following values for the different WPA3 Enterprise modes: - wpa3-mixed: WPA3 Enterprise transitional mode This supports EAP with both SHA1 and SHA-256, with optional MFP - wpa3: WPA3 Enterprise only mode This supports only SHA256 with mandatory MFP - wpa3-192: WPA3 Enterprise with mandatory 192 bit support This uses only GCMP-256 ciphers Disable 192 bit support and GCMP-256 ciphers for the regular "wpa3" mode. It seems that even leaving in optional 192 bit support breaks auth on some clients, including iOS devices. Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 8c03dc962f8e10f9fef0877a0f8d8235f619ef7d)
* netifd: update to the latest versionFelix Fietkau2023-09-181-3/+3
| | | | | | | | | | | | | | | | | | | | 077e05f2b129 vlan/vlandev: pass through extra vlan information passed via hotplug 40fad91eb5be wireless: add network_vlan config attribute 1571e18e4a69 bridge: add support for configuring extra tagged vlans on member devices b719f189f243 bridge: make hotplug-added vlans default to tagged edf3aced9f9a bridge: add support for adding vlan ranges via hotplug 493e1589bc8b bridge: fix coverity false positive report 03a619947717 bridge: add support for configuring extra vlans for the bridge itself 4bea6d21a9ab wireless: fix changing reconf/serialize options in configuration 255b4d5c472e wireless: fix handling config reload with reconf=1 1ab992a74b43 wireless: fix another reconf issue e94f7a81a039 bridge: fix config reload on 32 bit systems 8c2758b4fbbb wireless: add support for replacing data blobs at runtime 0ff22a6a68ce wireless: enable dynamic reconfiguration by default 4711f74479e2 netifd: fix disabling radio via config if reconf is being used Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 09fd59938b673ca10d4b3c46d32f18164bcdb21a)
* netifd: update to the latest versionFelix Fietkau2023-06-071-3/+3
| | | | | | | ec9dba721245 system-linux: fix memory leak in system_bridge_vlan_check Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 20ce21866e482c132df7085061f28dfdafc8a48a)
* netifd: Fix PKG_MIRROR_HASHHauke Mehrtens2023-06-071-1/+1
| | | | | | | | Fix the PKG_MIRROR_HASH value for netifd. Fixes: d2ecaaca3404 ("netifd: update to version 2023-05-31") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 21f713d5abf86fc5639b41d7f4e7535a5538d63a)
* netifd: update to version 2023-05-31Petr Štetiar2023-06-071-3/+3
| | | | | | | | | | | | Contains following changes: * bridge: bridge_dump_info: add dumping of bridge attributes * bridge: make it more clear why the config was applied * cmake: fix build by reordering the cflags definitions * treewide: fix multiple compiler warnings Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit d2ecaaca3404a05ba65bb6756bc5fbd05389ed2f)
* treewide: replace AUTORELEASE with real PKG_RELEASETianling Shen2023-05-184-4/+4
| | | | | | | | | | | | | | | | | | Based on Paul Fertser <fercerpav@gmail.com>'s guidance: Change AUTORELEASE in rules.mk to: ``` AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile)) ``` then update all affected packages by: ``` for i in $(git grep -l PKG_RELEASE:=.*AUTORELEASE | sed 's^.*/\([^/]*\)/Makefile^\1^';); do make package/$i/clean done ``` Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* netifd: update to the latest versionFelix Fietkau2023-04-171-3/+3
| | | | | | 7de5440a520f device: fix segfault when recreating devices Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: strip mask from IP address in DHCP client paramsAndrey Erokhin2023-04-011-1/+1
| | | | | | | ipaddr option can be in CIDR notation, but udhcp wants just an IP address Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
* firewall4: update to the latest versionFelix Fietkau2023-03-241-3/+3
| | | | | | | | | | | 39e8c70957c7 fw4: fix handling the ipset "comment" option e6e82a55206c fw4: add further symbolic ICMP type declarations ce9a37829a76 tests: add testcase for automatic includes 30ee17a9c65d fw4: fix syntax errors in ICMP type declarations 1ecfadd52291 fw4: remove accidentally committed .orig and .rej file 04a06bd70b98 fw4: enable flowtable counters Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: add support for "lto" in PKG_BUILD_FLAGSAndre Heider2023-03-213-10/+6
| | | | | | | | | | | | | | | | This reduces open coding and allows to easily add a knob to enable it treewide, where chosen packages can still opt-out via "no-lto". Some packages used LTO, but not the linker plugin. This unifies 'em all to attempt to produce better code. Quoting man gcc(1): "This improves the quality of optimization by exposing more code to the link-time optimizer." Also use -flto=auto instead of -flto=jobserver, as it's not guaranteed that every buildsystem uses +$(MAKE) correctly. Signed-off-by: Andre Heider <a.heider@gmail.com>
* treewide: add support for "gc-sections" in PKG_BUILD_FLAGSAndre Heider2023-03-211-2/+4
| | | | | | | | | | | | | | | This reduces open coding and allows to easily add a knob to enable it treewide, where chosen packages can still opt-out via "no-gc-sections". Note: libnl, mbedtls and opkg only used the CFLAGS part without the LDFLAGS counterpart. That doesn't help at all if the goal is to produce smaller binaries. I consider that an accident, and this fixes it. Note: there are also packages using only the LDFLAGS part. I didn't touch those, as gc might have been disabled via CFLAGS intentionally. Signed-off-by: Andre Heider <a.heider@gmail.com>
* qosify: update to the latest versionFelix Fietkau2023-03-071-3/+3
| | | | | | | | | ca4509cf84d2 bpf: switch to using bpf_skb_utils.h d064439009d0 qosify-bpf: skip unnecessary flow lookups 9c625ae96f2d map: fix deleting port based rules 9a47ea4b683d map: fix return code check for bpf_map_get_next_key calls Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest versionHauke Mehrtens2023-02-251-4/+4
| | | | | | | | | | ed65a00 netifd: bridge: Fix format string position 19372d8 netifd: Fix multiple -Wsign-compare warnings 8ebf033 netifd: Do not return values in void function c77417a netifd: Explicitly zero initialize variables 463a120 netifd: Activate -Wextra compile warnings Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: refactor packet steering initRafał Miłecki2023-02-153-3/+24
| | | | | | | | 1. Move setup code to independent script file 2. Add init.d script to allow automatic updates 3. Support platform specific /usr/libexec/platform/packet-steering.sh Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ltq-*-app: extend ubus metrics/statisticsJan Hoffmann2023-02-033-5/+162
| | | | | | | | | | | | | | Expose a few additional useful values via ubus: - Channel error counters (CRC, FEC) - Retransmission counters (MINEFTR, LEFTRS) - Impulse noise protection level - Rate adaptation mode - OLR statistics (Bitswap, SRA, SOS) - Pilot tones - Upstream/downstream band information Signed-off-by: Jan Hoffmann <jan@3e8.eu>
* ltq-vdsl-vr11-app: add version 4.23.1 for vr11 targetsMartin Schiller2023-01-167-0/+607
| | | | | | | | | | | | | | | | This uses version 4.23.1 of the dsl_cpe_control package from the Intel UGW 8.5.2.10 for the VRX518. Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com> [rebased] Signed-off-by: Jan Hoffmann <jan@3e8.eu> [update to 4.23.1, added Jan's vector mac patch, fix warnings, switch to tag tarball] Signed-off-by: Andre Heider <a.heider@gmail.com> [add missing nLine in autoboot script, fix disconnect on termination, remove unneeded VR9 leftovers in init script] Signed-off-by: Jan Hoffmann <jan@3e8.eu> Signed-off-by: Andre Heider <a.heider@gmail.com>
* netifd: update to the latest versionFelix Fietkau2022-12-301-3/+3
| | | | | | | | | | | | 2cffe0c44e62 treewide: correctly apply IFNAMSIZ limit 96bcbb2e4eb6 wireless: allow set_retry ubus notify command to trigger a wdev restart a2e8cd75dbf6 wireless: add support for disabling multicast-to-unicast per virtual interface e9f44189ade7 system: move netdev types to system-linux.c where they are used a3fab0119ef1 utils: include utils.h last 7ce73fc16765 vlandev: propagate topology changes 81c1fbcba2f2 device: fix vlan device issues with disappearing lower devices Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall4: add missing PKG_MIRROR_HASHJo-Philipp Wich2022-12-071-1/+1
| | | | | Fixes: 84183f0d98 ("firewall4: update to latest Git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-12-061-3/+3
| | | | | | | | 700a925 fw4: prevent null access when no ipsets are defined 6443ec7 config: drop input traffic by default 119ee1a ruleset: drop ctstate invalid traffic for masq-enabled zones Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall: config: drop input traffic by defaultBaptiste Jonglez2022-11-011-1/+1
| | | | | | | | | | | | | | | | | | | This is necessary with firewall4 to avoid a hard-to-diagnose race condition during boot, causing DNAT rules not to be taken into account correctly. The root cause is that, during boot, the ruleset is mostly empty, and interface-related rules (including DNAT rules) are added incrementally. If a packet hits the input chain before the DNAT rules are setup, it can create buggy conntrack entries that will persist indefinitely. This new default should be safe because firewall4 explicitly accepts authorized traffic and rejects the rest. Thus, in normal operations, the default policy is not used. Fixes: #10749 Ref: https://github.com/openwrt/openwrt/issues/10749 Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* ltq-vdsl-vr9-app: extend ubus call to provide DSL statisticsRoland Barenbrug2022-10-301-2/+130
| | | | | | | | | Adding a new method to `ubus call dsl` to retrieve DSL statistics used to feed the DSL charts (bit allocation, SNR, QLN and HLOG) Signed-off-by: Roland Barenbrug <roland@treslong.com> [fix pointer error, clean up] Signed-off-by: Andre Heider <a.heider@gmail.com>
* ltq-vdsl-vr9-app: skip invalid line status valuesRoland Barenbrug2022-10-301-7/+9
| | | | | | | | | DSL_G997_LineStatusData_t defines special invalid values, skip these metrics. Signed-off-by: Roland Barenbrug <roland@treslong.com> [split patch] Signed-off-by: Andre Heider <a.heider@gmail.com>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-10-181-3/+3
| | | | | | 7ae5e14 fw4: gracefully handle `null` return values from `fd.read("line")` Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-10-151-3/+3
| | | | | | | | | | | | | | | 4fbf6d7 ruleset.uc: log forwarded traffic not matched by zone policies c7201a3 main.uc: reintroduce set reload restriction 756f1e2 ruleset: fix emitting set_mark/set_xmark rules with masks 3db4741 ruleset: properly handle zone names starting with a digit 43d8ef5 fw4: fix formatting of default log prefix 592ba45 main.uc: remove uneeded/wrong set reload restrictions b0a6bff tests: fix testcases 145e159 fw4: recognize `option log` and `option counter` in `config nat` sections ce050a8 fw4: fall back to device if l3_device is not available in ifstatus Fixes: #10639, #10965 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* qos-scripts: fix trailing whitespace in config filesManas Sambhus2022-09-274-8/+7
| | | | Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
* qos-scripts: replace modprobe by rmmodManas Sambhus2022-09-271-2/+1
| | | | | | modprobe -r is not available on all platforms, hence use rmmod Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
* ltq-[a|v]dsl-app: provide ltq-dsl-appAndre Heider2022-09-172-0/+2
| | | | | | | This makes it easier for packages to depend on any lantiq/intel/maxlinear compatible dsl daemon. Signed-off-by: Andre Heider <a.heider@gmail.com>
* ltq-vdsl-app: rename to ltq-vdsl-vr9-appAndre Heider2022-09-1713-9/+9
| | | | | | | This matches the scheme used by other target packages and will avoid confusion with any future version. Signed-off-by: Andre Heider <a.heider@gmail.com>
* lantiq: rename ltq-vdsl folder to ltq-vdsl-vr9Andre Heider2022-09-171-1/+1
| | | | | | | Now PKG_NAME matches the folder name, and this will avoid confusion with any future version. Signed-off-by: Andre Heider <a.heider@gmail.com>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-09-011-3/+3
| | | | | | | | f5fcdcf cli: introduce test mode and refuse firewall restart on errors a540f6d fw4: fix cosmetic issue with per-ruleset and per-table include paths 695e821 doc: fix swapped include positions in nftables.d README Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to the latest versionFelix Fietkau2022-08-251-3/+3
| | | | | | 76d2d41b7355 interface: fix use-after-free bug when rewriting resolv.conf Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-08-241-3/+3
| | | | | | | | | a4484d4 fw4: support automatic includes ca7e3a1 fw4: honour enabled option of include sections 5a02f74 tests: add missing fs.stat) mock data for `nf_conntrack_dummy` 111a7f7 fw4: don't inherit zone family from ct helpers Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to git HEADHauke Mehrtens2022-08-201-3/+3
| | | | | | | 87fbefd interface: support "zone" config option bfa039c netifd: fix WPA3 enterprise ciphers Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: kmod-nft-nat6: Remove packageHauke Mehrtens2022-08-101-1/+1
| | | | | | | | | | | The nft NAT packages for IPv4 and IPv6 were merged into the common packages with kernel 5.1. The kmod-nft-nat6 package was empty in our build, remove it. Multiple kernel configuration options were also removed, remove them from our generic kernel configuration too. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ltq-vdsl-app: Fix counter overflow resulting in negative valuesRoland Barenbrug2022-08-051-1/+1
| | | | | | | | | | | | The re-transmit counters can overflow the 32 bit representation resulting in negative values being displayed. Background being that the numbers are treated at some point as signed INT rather than unsigned INT. Change the counters from 32 bit to 64 bit, should provide sufficient room to avoid any overflow. Not the nicest solution but it works Fixes: #10077 Signed-off-by: Roland Barenbrug <roland@treslong.com> Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
* firewall3: update file hashMichael Pratt2022-07-141-1/+1
| | | | | | | | the hash and timestamp of the remote copy of the archive has changed since last bump meaning the remote archive copy was recreated Signed-off-by: Michael Pratt <mcpratt@pm.me>
* firewall4: bump to git HEADStijn Tintel2022-06-171-3/+3
| | | | | | | | | | | | | | | | | | 11f5c7b fw4.uc: fix zone helper assignment b9d35ff fw4.uc: don't skip zone for unavailable helper e35e26b tests: add test for zone helpers a063317 ruleset: fix conntrack helpers e1cb763 ruleset: reuse zone-jump.uc template for notrack and helper chain jumps 11410b8 ruleset: reorder declarations & output tweaks 880dd31 fw4: fix skipping invalid IPv6 ipset entries 5994466 fw4: simplify `is_loopback_dev()` 53886e5 fw4: fix crash in parse_cthelper() if no helpers are present 11256ff fw4: add support for configurable includes 3b5a033 tests: add test coverage for firewall includes d79911c fw4: support sets with timeout capability but without default expiry 15c3831 fw4: add support for `option log` in rule and redirect sections Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* swconfig: parse "switch_vlan" before "switch_port"Rafał Miłecki2022-06-151-26/+33
| | | | | | | | | | | | | | | Before this change UCI sections of both types were parsed in order as specified in UCI. That didn't work well with all drivers (e.g. b53). It seems that VLAN setup can reset / overwrite previously set ports parameters. It resulted in "switch_port" options defined above "switch_vlan"s being silently ignored. Ideally swconfig & all drivers should be improved to handle that properly but it'd be a waste of time at this point as DSA replaces swconfig. Use this minor parsing change as a quick fix. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* netifd: update to git HEADDaniel Golle2022-06-011-3/+3
| | | | | | | 2e1fcf4 netifd: fix hwmode for 60g band 39ef9fe interface-ip: fix memory corruption bug when using jail network namespaces Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-05-311-3/+3
| | | | | | | | | | | | | | 210991d fw4: prefer /dev/stdin if available 4e5e322 fw4: make `fw4 restart` behavior more robust 221040e ruleset: emit time ranges when both start and stop times are specified 30a7d47 fw4: fix datetime parsing fb9a6b2 ruleset: correct mangle_output chain type 6dd2617 fw4: fix logic flaw in testing hw flow offloading support c7c9c84 fw4: ensure that negative bitcounts are properly translated c4a78ed fw4: fix typo in emitted set types Fixes: #9764, #9923, #9927, #9935, #9955 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: update to the latest versionFelix Fietkau2022-05-231-3/+3
| | | | | | | 4b4849cf5e5a interface-ip: unify host and proto route handling 507c0513d176 interface-ip: add support for excluding interfaces in host route lookup Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-05-201-3/+3
| | | | | | | | | | | | | | | | | | | c22eeef fw4: support negative CIDR bit notation 628d791 hotplug: reliably handle interfaces with ubus zone hints d005293 fw4: store zone associations from ubus in statefile as well b268225 fw4: filter non hw-offload capable devices when resolving lower devices 57984e0 fw4: always resolve lower flowtable devices 7782017 tests: fix mocked `fd.read("line")` api 72b196d config: remove restictions on DHCPv6 allow rule f0cc317 fw4: refactor family selection for forwarding rules b0b8122 treewide: use modern syntax 05995f1 fw4: fix emitting device jump rules for family restricted zones b479815 fw4: fix family auto-selection for config nat rules 2816a82 ruleset: ensure that family-agnostic ICMP rules cover ICMPv6 as well 2379c3d tests: add test coverage for zone family selection logic Fixes: #5066, #9611, #9765, #9854 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-11 22:43:12 +0000