aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils
Commit message (Collapse)AuthorAgeFilesLines
* iproute2: cake: fix patch format errorKevin Darbyshire-Bryant2017-12-302-16/+6
| | | | | | | Fix patch format error introduced in c4e9487cf5 Refresh patches to tidy fuzz Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* iproute2: cake: support new operating modes for 17.01Kevin Darbyshire-Bryant2017-12-302-38/+118
| | | | | | | | | | | | | | | | | | | | There has been recent significant activity with the cake qdisc of late Some of that effort is related to upstreaming to kernel & iproute2 mainline but we're not quite there yet. This commit teaches tc how to activate and interprete the latest cake operating modes, namely: ingress mode: Instead of only counting packets that make it past the shaper, include packets we've decided to drop as well, since they did arrive with us on the link and took link capacity. This mode is more suitable for shaping the ingress of a link (e.g. from ISP) rather than the more normal egress. ack-filter/ack-filter-aggressive: Filter excessive TCP ACKS. Useful in highly assymetric links (downstream v upstream capacity) where the majority of upstream link capacity is occupied with ACKS for downstream traffic. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* uqmi: replace legacy command invoke with newer typeKoen Vandeputte2017-12-131-7/+7
| | | | | Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> (cherry picked from commit 06d5d01e8acb4c7012bfa1ce8d432816b98088b0)
* wwan: json format in some modem definitionsAlexandru Ardelean2017-12-13268-349/+349
| | | | | | | | | | | | | | | | | | | | | Method used: ``` cd package/network/utils/wwan/files/data sed -e 's/}}/}/g' -i * sed -e 's/}\t"acm": 1/\t"acm": 1/g' -i * sed -e 's/}\t"generic": 1/\t"generic": 1/g' -i * ``` Manually adjusted commas. Validated with ``` for f in `ls` ; do echo $f ; python -m json.tool < $f || break ; done ``` Thanks to @lynxis for pointing out the commas. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com> (cherry picked from commit ad510c4d62fd6dd879a02cb2253eb37c2179d9c0)
* netfilter: add iptables-mod-rpfilter packageAlin Nastac2017-12-131-0/+14
| | | | | | | | | | Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw -I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to become full when a packet flood with randomly selected source IP addresses is received from the lan side. Signed-off-by: Alin Nastac <alin.nastac@gmail.com> (cherry picked from commit d8748e537f11ab5f2b5e2ed25d94baa5ce353984)
* comgt-3g: enable modem before to setpinGiuseppe Lippolis2017-12-131-0/+1
| | | | | | | some modems needs to be enabled with CFUN=1 before to set the pin Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com> (cherry picked from commit db776c01e1202307b78a4bb757f78db5ea48e27e)
* network/utils/ipset: Update to 6.32Daniel Engberg2017-12-131-2/+2
| | | | | | | Update ipset to 6.32 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit ea2927e1eaa321033b28f08db0ec59e7df5f7806)
* iproute2: add libgenl.h and ll_map.h to InstallDev sectionHans Dedecker2017-12-131-1/+1
| | | | | | | | | Commit f4e312ddf855375667f43c842c7187934b8aca92 adds libnetlink to staging dir but did not add the header files libgenl.h and ll_map.h which define functions belonging to libnetlink lib Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (cherry picked from commit fc859fb44b4e7a38a1f1825b05b72b81e80f82a8)
* iwcap: fix handling kill signal during dumpFelix Fietkau2017-12-131-13/+13
| | | | | | | Do not run another loop iteration before checking the stop flag Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 2f09a1e3c950c9b2993ae52d1b0e78317c344470)
* rssileds: Fix build with external toolchainsFlorian Fainelli2017-12-131-2/+4
| | | | | | | | | Pass down TARGET_CPPFLAGS for path to header files, and append the libraries we depend on in TARGET_LDFLAGS. Put TARGET_LDFLAGS at the end of the command line as is required by modern GCC/binutils. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> (cherry picked from commit 30159b3886849f94cd065ecece7ac988bfb89548)
* uqmi: also try newer pin verificationKoen Vandeputte2017-12-111-1/+1
| | | | | | | | | Newer devices tend to only support the newer version of the pin verification command, so also try that one. Fixes PIN issues with modems like the Sierra Wireless MC7455 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* curl: apply CVE 2017-8816 and 2017-8817 security patchesStijn Segers2017-12-043-1/+209
| | | | | | | | | This commit adds the upstream patches for CVE 2017-8816 and 2017-8817 to the 17.01 Curl package. Compile-tested on ar71xx, ramips and x86. Signed-off-by: Stijn Segers <foss@volatilesystems.org>
* curl: fix security problemsHauke Mehrtens2017-09-303-1/+75
| | | | | | | | This fixes the following security problems: * CVE-2017-1000100 TFTP sends more than buffer size * CVE-2017-1000101 URL globbing out of bounds read Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tcpdump: noop commit to refer CVEs fixed in 4.9.2Stijn Tintel2017-09-181-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When bumping tcpdump from 4.9.1 to 4.9.2, I did not include the fixed CVEs in the commit message. As the list of fixed CVEs is quite long, we should probably mention them in the changelogs of the releases to come. This commit will make sure this happens. The following CVEs were fixed in 21014d9708d586becbd62da571effadb488da9fc: CVE-2017-11541 CVE-2017-11541 CVE-2017-11542 CVE-2017-11542 CVE-2017-11543 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 2375e279a7cb462d62fd6028cb3fbd56217222de)
* tcpdump: bump to 4.9.2Stijn Tintel2017-09-182-37/+41
| | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 21014d9708d586becbd62da571effadb488da9fc)
* utils/tcpdump: Rework URLsDaniel Engberg2017-09-181-2/+2
| | | | | | | | | | | | Add actual mirror and use main site as last resport Source: http://www.tcpdump.org/mirrors.html Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit fd95397ee33a34704771de2ab26a5910b1a88c6f) Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Conflicts: package/network/utils/tcpdump/Makefile
* treewide: fix shellscript syntax errors/typosLorenzo Santina2017-09-133-4/+3
| | | | | | | | | Fix multiple syntax errors in shelscripts (of packages only) These errors were causing many conditions to not working properly Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it> [increase PKG_RELEASE, drop command substitution from directip.sh] Signed-off-by: Mathias Kresin <dev@kresin.em>
* tcpdump: Update to 4.9.1Daniel Engberg2017-08-151-2/+2
| | | | | | | Fixes: * CVE-2017-11108: Fix bounds checking for STP. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* curl: fix CVE-2017-7407 and CVE-2017-7468Hauke Mehrtens2017-07-283-1/+430
| | | | | | | | This fixes the following security problems: * CVE-2017-7407: https://curl.haxx.se/docs/adv_20170403.html * CVE-2017-7468: https://curl.haxx.se/docs/adv_20170419.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iw: enable MESH ID in scan outputMatthias Schiffer2017-03-251-4/+5
| | | | | | | | Make scan output useful for 802.11s meshes. The common print_ssid function is used, so this doesn't add any additional code. Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* iproute2: fix ip monitor can't work when NET_NS is not enabledYousong Zhou2017-03-192-1/+41
| | | | | | | | The bug appeared in v4.1.0 and was fixed since v4.8.0 Fixes FS#620 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* curl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignoredHauke Mehrtens2017-03-133-5/+36
| | | | | | | This fixes the following security problem: https://curl.haxx.se/docs/adv_20170222.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* wireless-tools: Change download url to githubHsing-Wang Liao2017-03-011-1/+1
| | | | Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
* iftop: bump to latest upstreamKevin Darbyshire-Bryant2017-03-012-73/+8
| | | | | | | | | Drops a LEDE carried patch now upstream. Convert to autotools. A number of nits fixed upstream (dns & short packet handling most notable) Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* ebtables: update to last commitAnsuel Smith2017-03-013-183/+12
| | | | | | Refreshed patches Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* iw: sync nl80211.h with mac80211 packageFelix Fietkau2017-02-241-5/+289
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tcpdump: update to version 4.9.0Hauke Mehrtens2017-02-064-81/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following 41 security problems: + CVE-2016-7922: buffer overflow in print-ah.c:ah_print(). + CVE-2016-7923: buffer overflow in print-arp.c:arp_print(). + CVE-2016-7924: buffer overflow in print-atm.c:oam_print(). + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print(). + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print(). + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print(). + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print(). + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header(). + CVE-2016-7930: buffer overflow in print-llc.c:llc_print(). + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print(). + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum(). + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print(). + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print(). + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print(). + CVE-2016-7936: buffer overflow in print-udp.c:udp_print(). + CVE-2016-7937: buffer overflow in print-udp.c:vat_print(). + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame(). + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions. + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions. + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions. + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions. + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print(). + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print(). + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print(). + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print(). + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions. + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print(). + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print(). + CVE-2016-8575: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print(). + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print(). + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print(). + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print(). + CVE-2017-5341: buffer overflow in print-otv.c:otv_print(). + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). + CVE-2017-5482: buffer overflow in print-fr.c:q933_print(). + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse(). + CVE-2017-5484: buffer overflow in print-atm.c:sig_print(). + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap(). + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print(). The size of the package is only incread very little: new size: 306430 tcpdump_4.9.0-1_mips_24kc.ipk 130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk old size: 302782 tcpdump_4.8.1-1_mips_24kc.ipk 129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: cake: update cake supportKevin Darbyshire-Bryant2017-02-012-11/+24
| | | | | | | Updated cake's tc patch to match the official cake repository formatting. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* iproute2: cake: add 'mpu' minimum packet length supportKevin Darbyshire-Bryant2017-02-012-4/+28
| | | | | | | Add 'mpu' minimum length packet size parameter for scheduling/bandwidth accounting. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* curl: fix HTTPS network timeouts with OpenSSLStijn Segers2017-01-161-0/+36
| | | | | | | | | Backport an upstream change to fix HTTPS timeouts with OpenSSL. Upstream curl bug #1174. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org> [Jo-Philipp Wich: reword commit message, rename patch to 001-*] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uqmi: mark as nonshared because of the usb dependenciesFelix Fietkau2017-01-131-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umbim: mark as nonshared because of the usb dependenciesFelix Fietkau2017-01-131-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* comgt: mark as nonshared because of the usb dependenciesFelix Fietkau2017-01-131-0/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* Revert the recent dependency and metadata scanning reworkFelix Fietkau2017-01-113-3/+3
| | | | | | | | | | | | | | | This reverts the following commits: fbe522d1204149b6c128d55e360bfc15fa8258e1 278ad007ee03c4455c3507322e34b0e3e6ec050d 863888e44f7a1fb1675a2e7a2eaabfec3561d2a2 96daf6352f6e04bc22789466cb5409b93fbec191 cfd83555fc4f0bab18a26f6812da18e64df46ff3 This seems to trigger some mconf bugs when built with all feeds packages, so I will try to find a less intrusive solution before the release. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* comgt: allow build without USB_SUPPORTFelix Fietkau2017-01-111-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umbim: allow build without USB_SUPPORTFelix Fietkau2017-01-111-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uqmi: allow build without USB_SUPPORTFelix Fietkau2017-01-111-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iwinfo: drop references to madwifiStijn Tintel2017-01-101-3/+1
| | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Jo-Philipp Wich <jo@mein.io>
* build: use mkhash to replace various quirky md5sum/openssl callsFelix Fietkau2017-01-051-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* curl: Remove PolarSSL and adjust default to mbedTLSRosen Penev2017-01-034-30/+14
| | | | | | | luci-ssl has already made the switch since mainline support for PolarSSL is almost over (2016). Signed-off-by: Rosen Penev <rosenp@gmail.com>
* curl: update to version 7.52.1Hauke Mehrtens2017-01-022-4/+4
| | | | | | | | | | | This fixes the folowing security problems: CVE-2016-9586: printf floating point buffer overflow CVE-2016-9952: Win CE schannel cert wildcard matches too much CVE-2016-9953: Win CE schannel cert name out of buffer read CVE-2016-9594: unititialized random Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-225-21/+11
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uqmi: add plmn set functionality for netifd proto handlerFlorian Eckert2016-12-221-2/+22
| | | | | | | uqmi has the possibility to allow the modem to start a regsitration process only to this specified plmn Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
* comgt-ncm: fix typo Fix typo in ncm.sh. Resolves:Cezary Jackiewicz2016-12-221-1/+1
| | | | | | Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
* iproute2: tc - update cake supportKevin Darbyshire-Bryant2016-12-202-11/+13
| | | | | | | | | | Update tc to track upstream cake changes: diffserv3 - a simple 3 tin classifier Also make diffserv3 and triple-isolate default Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* uqmi: Prevent 'POLICY MISMATH' error.Nickolay Ledovskikh2016-12-201-0/+1
| | | | | | | Add uqmi 'sync' command call to release stalled cid when preparing to setup new connection. As a result it prevents 'POLICY MISMATCH' errors. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* uqmi: bump to latest git HEADJohn Crispin2016-12-201-2/+2
| | | | | | | 8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command. 1dc7be1 uqmi: Add sync command to release all cids. Signed-off-by: John Crispin <john@phrozen.org>
* uqmi: add support of using device symlinks.Nickolay Ledovskikh2016-12-201-0/+2
| | | | | | | It's useful when using multiple usb devices that should be bound to certain usb ports. Symlinks are created by hotplug handlers. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* comgt: add support of using device symlinks.Nickolay Ledovskikh2016-12-203-0/+5
| | | | | | | It's useful when using multiple usb devices that should be bound to certain usb ports. Symlinks are created by hotplug handlers. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* treewide: clean up download hashesFelix Fietkau2016-12-1623-23/+23
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-09 03:21:15 +0000