aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config
Commit message (Collapse)AuthorAgeFilesLines
* vti: remove setting default firewall zone to wanHans Dedecker2019-02-092-3/+1
| | | | | | | | | Same reasoning as in bdedb798150a58ad7ce3c4741f2f31df97e84c3f; don't set default firewall zone to wan as the firewall zone for the vti interface can be configured in the firewall config or it makes it impossible not to specify a firewall zone for the vti interface. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ipip: remove setting default firewall zone to wanHans Dedecker2019-02-092-3/+1
| | | | | | | | | Same reasoning as in bdedb798150a58ad7ce3c4741f2f31df97e84c3f; don't set default firewall zone to wan as the firewall zone for the ipip interface can be configured in the firewall config or it makes it impossible not to specify a firewall zone for the ipip interface. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: remove setting default firewall zone to wanFlorian Eckert2019-02-072-2/+1
| | | | | | | | | | | | | | | | | | | | | | There are two problems with this behaviour that the zone is set to wan if no zone config option is defined in the interface section. * The zone for the interface is "normally" specified in the firewall config file. So if we have defined "no" zone for this interface zone option is set now to "wan" additonaly if we add the interface in the firewall config section to the "lan" zone, the interface is added to lan and wan at once. iptables-save | grep <iface> This is not what I expect. * If I do not want to set a zone to this interface it is not possible. Remove the default assigment to wan if no zone option is defined. If some one need the option it stil possible to define this option. Signed-off-by: Florian Eckert <fe@dev.tdt.de> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* netifd: handle hotplug event socket errorsHans Dedecker2019-01-311-3/+3
| | | | | | 5cd7215 system-linux: handle hotplug event socket ENOBUFS errors Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADHans Dedecker2019-01-031-3/+3
| | | | | | | | 70f8785 zones: add zone identifying local traffic in raw OUTPUT chain 6920de7 utils: Free args in __fw3_command_pipe() 6ba9105 options: redirects: Fix possible buffer overflows Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: fix ipv6 multicast check in previous commitKevin Darbyshire-Bryant2018-12-171-2/+2
| | | | Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* netifd: support configuring class e 240.0.0.0/4 addressesKevin Darbyshire-Bryant2018-12-171-3/+3
| | | | | | cd089c5 proto: Support class-e addressing in netifd Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* swconfig: Add missing includeRosen Penev2018-12-162-1/+2
| | | | | | | | | Fixes these warnings: swlib.c:455:18: warning: implicit declaration of function 'isspace' swlib.c:461:9: warning: implicit declaration of function 'isdigit' Signed-off-by: Rosen Penev <rosenp@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-12-131-3/+3
| | | | | | 1ac1c78 system-linux: get rid of SIOCSDEVPRIVATE Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADHans Dedecker2018-12-091-3/+3
| | | | | | 14589c8 redirects: properly handle src_dport in SNAT rules Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-11-261-4/+4
| | | | | | | | | dfa4ede interface: fix return code of __interface_add() a82a8f6 netifd: fix resource leak on error in netifd_add_dynamic() fa2403d config: fix resource leaks on error in config_parse_interface() 85de9de interface: fix memory leak on error in __interface_add() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-11-191-3/+3
| | | | | | | | | 4b83102 treewide: switch to C-code style comments 70506bf treewide: make some functions static d9872db interface: fix removal of dynamic interfaces 2f7ef7d interface: rework code to get rid of interface_set_dynamic Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-10-171-3/+3
| | | | | | | 841b5d1 system-linux: enable by default ignore encaplimit for grev6 tunnels 125cbee system-linux: fix a typo in gre tunnel data parsing logic Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: make encaplimit support configurableHans Dedecker2018-10-172-2/+4
| | | | | | | | | | | Make inclusion of the destination option header containing the tunnel encapsulation limit configurable for IPv6 GRE packets. Setting the uci parameter encaplimit to ignore; allows to disable the insertion of the destination option header in the IPv6 GRE packets. Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255 by setting the encaplimit uci parameter accordingly. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHauke Mehrtens2018-10-141-2/+2
| | | | | | | | 22476ff wireless: Add Simultaneous Authentication of Equals (SAE) c6c3a0d wireless: Add Opportunistic Wireless Encryption (OWE) a117e41 wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* package/: fix $(PROJECT_GIT) usageJohn Crispin2018-10-111-1/+1
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* soloscli: Install hotplug file as 600Rosen Penev2018-10-111-2/+2
| | | | | | Hotplug is managed by procd, which runs as root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* firewall: Install config files as 600Rosen Penev2018-10-111-6/+6
| | | | | | None of the files in firewall are used by non-root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* netifd: update to latest git HEAD (FS#1875)Hans Dedecker2018-10-021-3/+3
| | | | | | | 83428fa iprule: coding style fixes aeec2a0 iprule: fix segfault (FS#1875) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-09-301-3/+3
| | | | | | | 94e156f scripts: fix previous commit 3c8ac1c netifd: fix wpa mixed mode matching Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: do not validate relevant section when ipv6 is not supportedRosy Song2018-09-252-3/+3
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* netifd: update to latest git HEADHans Dedecker2018-09-191-3/+3
| | | | | | 23941d7 system-linux: enable by default ignore encaplimit for ip6 tunnels Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest HEADFlorian Fainelli2018-09-111-3/+3
| | | | | | 0059335c5b60 CMakeList: Check that compiler supports -Wimplicit-fallthrough Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-08-201-3/+3
| | | | | | | | | 7454d12 interface: let interface_set_down() return void 32f11a8 interface: make __interface_set_down() static b9d5a8c interface: extend interface error messages in interface_set_up() de394b3 interface: ensure NO_DEVICE error is always reported Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-08-141-3/+3
| | | | | | 522456b device: gracefully handle device names exceeding IFNAMESIZ Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: bump to git HEADStijn Tintel2018-08-131-3/+3
| | | | | | | | 12a7cf9 Add support for DSCP matches and target 06fa692 defaults: use a generic check_kmod() function 1c4d5bc defaults: fix check_kmod() function Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* netifd: update to latest git HEADHans Dedecker2018-08-091-3/+3
| | | | | | 115a694 interface-ip: always override downstream IPv6 mtu Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADJohn Crispin2018-07-301-2/+2
| | | | | | fix a compile error Signed-off-by: John Crispin <john@phrozen.org>
* netifd: update to latest git HEAD (FS#1668)Hans Dedecker2018-07-301-3/+3
| | | | | | | | | | | | | | 75ee790 interface-ip: fix eui64 ifaceid generation (FS#1668) ca97097 netifd: make sure the vlan ifname fits into the buffer b8c1bca iprule: remove bogus assert calls a2f952d iprule: fix broken in_dev/out_dev checks 263631a vlan: use alloca to get rid of IFNAMSIZE in vlan_dev_set_name() 291ccbb ubus: display correct prefix size for IPv6 prefix address 908a9f4 CMakeLists.txt: add -Wimplicit-fallthrough to the compiler flags b06b011 proto-shell.c: add a explicit "fall through" comment to make the compiler happy 60293a7 replace fall throughs in switch/cases where possible with simple code changes Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to latest git HEADJo-Philipp Wich2018-07-261-3/+3
| | | | | | aa8846b ubus: avoid dumping interface state with NULL message Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall3: update to latest git HEADHans Dedecker2018-07-171-3/+3
| | | | | | d2bbeb7 firewall3: make reject types selectable by user Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: compile with LTO enabledFelix Fietkau2018-07-131-2/+2
| | | | | | Reduces .ipk size on MIPS from 41.6k to 41.1k Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: compile with LTO enabledFelix Fietkau2018-07-131-1/+4
| | | | | | Reduces .ipk size from 65k to 63k on MIPS Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to latest git HEADHans Dedecker2018-07-111-3/+3
| | | | | | | 5cf7975 iprule: rework interface based rules to handle dynamic interfaces 57f87ad Introduce new interface event "create" (IFEV_CREATE) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to the latest versionFelix Fietkau2018-07-111-3/+3
| | | | | | | | | c1f6a82 system-linux: add autoneg and link-partner output e9eff34 system-linux: extend link mode speed definitions d1251e1 system-linux: adjust bridge isolate mode for upstream attribute naming 03785fb system-linux: fix build error on older kernels Signed-off-by: Felix Fietkau <nbd@nbd.name>
* qos-scripts: fix indentationMoritz Warning2018-07-113-15/+16
| | | | Signed-off-by: Moritz Warning <moritzwarning@web.de>
* fw3: update to latest git HEADJohn Crispin2018-07-021-3/+3
| | | | | | 72684e5 firewall3: Fix GCC8 warnings by replacing sprintf with snprintf Signed-off-by: John Crispin <john@phrozen.org>
* swconfig: swlib_map_settings(): change return type to voidAlexander Couzens2018-06-291-1/+1
| | | | | | | | The return value of the function isn't used anywhere. Fixes missing return value, CID 1329717. Found-by: Coverity Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* swconfig: fix un-initialized return valueAlexander Couzens2018-06-291-2/+3
| | | | | | | Fix CID 1330844 Found-by: Coverity Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* qos-scripts: fix uci callback handlingTony Ambardar2018-06-283-29/+29
| | | | | | | | | | | | | | | | | The previous callback code was fragile, dependent on some UCI callback bugs and side-effects now fixed in master commit 73d8a6ab. Update scripts to use callbacks where appropriate and necessary, while using normal UCI config parsing for all else. This results in smaller, simpler, more robust code. Use callbacks in generate.sh to only process 'interface' defaults and the varying entries for 'reclassify', 'default' and 'classify' sections. Also switch qos-stat to use non-callback UCI handling. The current changes work independently of 73d8a6ab (i.e. both before and after), and are consistent with UCI config parsing documentation. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* ltq-vdsl-app: use downloaded vectoring firmwareDaniel Golle2018-06-151-1/+3
| | | | | | | Use vectoring firmware downloaded via vdsl_fw_install.sh from ltq-vdsl-fw package for annex B and annex J. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: update to latest git HEAD (FS#1501)Hans Dedecker2018-06-041-4/+4
| | | | | | a580028 system-linux: make encaplimit configurable for ip6 tunnels (FS#1501) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: drop conflicting 'device' interface propertyIvan Shapovalov2018-06-013-5/+1
| | | | | | | | | | Do not set device runtime property on interfaces in the hotplug handler and in fixup_interfaces(). This property conflicts with device option in several proto handlers (mainly QMI and other WWAN/3G protos) and does not seem to be used anywhere. Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* firewall: update to latest git HEADHans Dedecker2018-05-251-3/+3
| | | | | | | 30463d0 zones: add interface/subnet bound LOG rules 0e77bf2 options: treat time strings as UTC times Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ltq-xdsl-app: start after led scriptMathias Kresin2018-05-172-3/+2
| | | | | | | | | | | | During handshake we are highjack and reset a LED to the configured trigger afterwards. ltq-xdsl-app need to start after the LED init script, to ensure that the LED init script doesn't re-highjack the LED we are currently using for handshake indication. Drop the comment about the atm dependency. The dependency was fixed quite some time ago by using hotplug scripts for br2684ctl. Signed-off-by: Mathias Kresin <dev@kresin.me>
* firewall3: update to latest git HEADJohn Crispin2018-05-141-4/+4
| | | | | | | | b45e162 helpers: fix the set_helper in the rule structure f742ba7 helpers.conf: support also tcp in the CT sip helper 08b2c61 helpers: make the proto field as a list rather than one option Signed-off-by: John Crispin <john@phrozen.org>
* netifd: update to latest git HEAD (Coverity fixes)Hans Dedecker2018-04-271-3/+3
| | | | | | | 56ceced interface-ip: remove superfluous iface check in interface_ip_set_enabled() 4f4a8c0 system-linux: fix strncpy bounds Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADDaniel Golle2018-04-201-3/+3
| | | | | | b3dca7b wireless: include noscan option in common wdev vars Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: update to latest git HEAD (coverity fixes)Hans Dedecker2018-04-161-3/+3
| | | | | | | | | | | | 513eb27 system-linux: check ioctl return value in system_vlan() df1625d system-linux: check ioctl return value in system_if_flags() 209c508 system-linux: fix segfault on alloc failure in system_if_check() 4a8e20e system-linux: fix segfault on error in system_add_ip6_tunnel() 36e4700 handler: fix resource leak on error in netifd_init_script_handlers() 86a0e7c system-linux: remove unnecessary open call in system_if_dump_info() 1e2cf67 system-linux: fix memory leak on error in system_add_vxlan() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* firewall: update to the latest version, adds hw flow offload supportFelix Fietkau2018-04-051-3/+3
| | | | | | 35b3e74 defaults: add support for setting --hw on the xt_FLOWOFFLOAD rule Signed-off-by: Felix Fietkau <nbd@nbd.name>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-13 23:10:29 +0000