| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Mikrotik R11e-LTE6 modem is similar to ZTE MF286R modem, added
earlier: it has a Marvel chip, able to work in ACM+RNDIS mode, knows ZTE
specific commands, runs OpenWrt Barrier Breaker fork.
While the modem is able to offer IPv6 address, the RNDIS setup is unable
to complete if there is an IPv6 adress.
While it works in ACM+RNDIS mode, the user experience isn't as good as
with "proto 3g": the modem happily serves a local IP (192.168.1.xxx)
without internet access. Of course, if the modem has enough time
(for example at the second dialup), it will serve a public IP.
Modifing the DHCP Lease (to a short interval before connect and back to
default while finalizing) is a workaround to get a public IP at the
first try.
A safe workaround for this is to excercise an offline script of the
pingcheck program: simply restart (ifdown - ifup) the connection.
Another pitfall is that the modem writes a few messages at startup,
which confuses the manufacturer detection algorithm and got disabled.
daemon.notice netifd: Interface 'mikrotik' is setting up now
daemon.notice netifd: mikrotik (2366): Failed to parse message data
daemon.notice netifd: mikrotik (2366): WARNING: Variable 'ok' does not exist or is not an array/object
daemon.notice netifd: mikrotik (2366): Unsupported modem
daemon.notice netifd: mikrotik (2426): Stopping network mikrotik
daemon.notice netifd: mikrotik (2426): Failed to parse message data
daemon.notice netifd: mikrotik (2426): WARNING: Variable '*simdetec:1,sim' does not exist or is not an array/object
daemon.notice netifd: mikrotik (2426): Unsupported modem
daemon.notice netifd: Interface 'mikrotik' is now down
A workaround for this is to use the "delay" option in the interface
configuration.
I want to thank Forum members dchard (in topic Adding support for
MikroTik hAP ac3 LTE6 kit (D53GR_5HacD2HnD)) [1]
and mrhaav (in topic OpenWrt X86_64 + Mikrotik R11e-LTE6) [2]
for sharing their experiments and works.
Another information page was found at eko.one.pl [3].
[1]: https://forum.openwrt.org/t/137555
[2]: https://forum.openwrt.org/t/151743
[3]: https://eko.one.pl/?p=modem-r11elte
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
(cherry picked from commit dbd6ebd6d84b35599a0446559576df41f487200e)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The MikroTik R11e-LTE6 modem goes into flight mode (CFUN=4) at startup
and the radio is off (*RADIOPOWER: 0):
AT+RESET
OK
OK
*SIMDETEC:2,NOS
*SIMDETEC:1,SIM
*ICCID: 8936500119010596302
*EUICC: 1
+MSTK: 11, D025....74F3
*ADMINDATA: 0, 2, 0
+CPIN: READY
*EUICC: 1
*ECCLIST: 5, 0, 112, 0, 000, 0, 08, 0, 118, 0, 911
+CREG: 0
$CREG: 0
+CESQ: 99,99,255,255,255,255
*CESQ: 99,99,255,255,255,255,0
+CGREG: 0
+CEREG: 0
+CESQ: 99,99,255,255,255,255
*CESQ: 99,99,255,255,255,255,0
*RADIOPOWER: 0
+MMSG: 0, 0
+MMSG: 0, 0
+MMSG: 1, 0
+MPBK: 1
While the chat script is able to establish the PPP connection,
it's closed instantly by the modem: LCP terminated by peer.
local2.info chat[7000]: send (ATD*99***1#^M)
local2.info chat[7000]: expect (CONNECT)
local2.info chat[7000]: ^M
local2.info chat[7000]: ATD*99***1#^M^M
local2.info chat[7000]: CONNECT
local2.info chat[7000]: -- got it
local2.info chat[7000]: send ( ^M)
daemon.info pppd[6997]: Serial connection established.
kern.info kernel: [ 453.659146] 3g-mikrotik: renamed from ppp0
daemon.info pppd[6997]: Renamed interface ppp0 to 3g-mikrotik
daemon.info pppd[6997]: Using interface 3g-mikrotik
daemon.notice pppd[6997]: Connect: 3g-mikrotik <--> /dev/ttyACM0
daemon.info pppd[6997]: LCP terminated by peer
daemon.notice pppd[6997]: Connection terminated.
daemon.notice pppd[6997]: Modem hangup
daemon.info pppd[6997]: Exit.
daemon.notice netifd: Interface 'mikrotik' is now down
Sending "AT+CFUN=1" to modem deactivates the flight mode and
solves the issue:
daemon.notice netifd: Interface 'mikrotik' is setting up now
daemon.notice netifd: mikrotik (7051): sending -> AT+CFUN=1
daemon.notice pppd[7137]: pppd 2.4.9 started by root, uid 0
local2.info chat[7140]: abort on (BUSY)
local2.info chat[7140]: abort on (NO CARRIER)
local2.info chat[7140]: abort on (ERROR)
local2.info chat[7140]: report (CONNECT)
local2.info chat[7140]: timeout set to 10 seconds
local2.info chat[7140]: send (AT&F^M)
local2.info chat[7140]: expect (OK)
local2.info chat[7140]: ^M
local2.info chat[7140]: +CESQ: 99,99,255,255,255,255^M
local2.info chat[7140]: ^M
local2.info chat[7140]: *CESQ: 99,99,255,255,255,255,0^M
local2.info chat[7140]: AT&F^MAT&F^M^M
local2.info chat[7140]: OK
local2.info chat[7140]: -- got it
...
local2.info chat[7140]: send (ATD*99***1#^M)
local2.info chat[7140]: expect (CONNECT)
local2.info chat[7140]: ^M
local2.info chat[7140]: ATD*99***1#^M^M
local2.info chat[7140]: CONNECT
local2.info chat[7140]: -- got it
local2.info chat[7140]: send ( ^M)
daemon.info pppd[7137]: Serial connection established.
kern.info kernel: [ 463.094254] 3g-mikrotik: renamed from ppp0
daemon.info pppd[7137]: Renamed interface ppp0 to 3g-mikrotik
daemon.info pppd[7137]: Using interface 3g-mikrotik
daemon.notice pppd[7137]: Connect: 3g-mikrotik <--> /dev/ttyACM0
daemon.warn pppd[7137]: Could not determine remote IP address: defaulting to 10.64.64.64
daemon.notice pppd[7137]: local IP address 100.112.63.62
daemon.notice pppd[7137]: remote IP address 10.64.64.64
daemon.notice pppd[7137]: primary DNS address 185.29.83.64
daemon.notice pppd[7137]: secondary DNS address 185.62.131.64
daemon.notice netifd: Network device '3g-mikrotik' link is up
daemon.notice netifd: Interface 'mikrotik' is now up
To send this AT command to the modem the "runcommand.gcom" script
dependency is moved from comgt-ncm to comgt.
As the comgt-ncm package depends on comgt already, this change
is a NOOP from that point of view.
But from the modem's point it is a low hanging fruit as the modem
is usable with installing comgt and kmod-usb-ncm packages.
Signed-off-by: Szabolcs Hubai <szab.hu@gmail.com>
(cherry picked from commit 91eca7b04ff1309c7408baa1f1631d7623ce50cf)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch solves the problem of receiving "error" responses when
initially calling gcom. This avoids unnecessary NO_DEVICE failures.
A retry loop retries the call after an "error" response within the
specified delay. A successful response will continue with the connection
immediately without waiting for max specified delay, bringing the
interface up sooner.
Signed-off-by: Mike Wilson <mikewse@hotmail.com>
(cherry picked from commit 8f27093ce784daad5a9b1c89f51d0a76a8bbb07b)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
8d15809 cli: print current HT mode
8f86dd6 cli: use IWINFO_HTMODE_COUNT
f36b72b cli: use IWINFO_KMGMT_NAMES
91be7e0 cli: use IWINFO_CIPHER_NAMES
49b6ec9 cli: fix printing the scan channel width
b1c8873 cli: fix marking the active channel
9e14e64 utils: add iwinfo_band2ghz() and iwinfo_ghz2band() helpers
e084781 utils: add helper functions to get names by values
d09a77a utils: add iwinfo_htmode_is_{ht|vht|he} helpers
8752977 utils: add and use iwinfo_format_hwmodes()
02f433e lib: add IWINFO_80211_COUNT and IWINFO_80211_NAMES
1d30df1 lib: add IWINFO_BAND_COUNT and IWINFO_BAND_NAMES
aefd0ef lib: use common IWINFO_CIPHER_NAMES strings
a5b30de lib: add IWINFO_OPMODE_COUNT and use it for IWINFO_OPMODE_NAMES
9f29e79 lib: constify and fixup the string array definitions
fddc015 nl80211: mark frequencies where HE operation in not allowed
6d50a7c nl80211: add support for HE htmodes
4ba5713 nl80211: properly get available bands for the hwmode
91b2ada nl80211: update the kernel header nl80211.h
3f619a5 nl80211: fix frequency/channel conversion for the 6G band
a77d915 nl80211: don't guess if a name is an ifname
c27ce71 devices: add usb device MediaTek MT7921AU
14f864e nl80211: add ability to describe USB devices
a5a75fd nl80211: remove ancient wpa_supplicant ctrl socket path
dd4e1ff nl80211: fix wpa supplicant ctrl socket permissions
d638163 fix -Wdangling-else warnings
4aa6c5a fix -Wreturn-type warning
3112726 fix -Wpointer-sign warning
ebd5f84 fix -Wmaybe-uninitialized warning
5469898 fix -Wunused-variable warnings
462b679 fix -Wduplicate-decl-specifier warnings
ccaabb4 fix -Wformat-truncation warnings
50380db enable useful compiler warnings via -Wall
Fixes: https://github.com/openwrt/openwrt/issues/10158
Fixes: https://github.com/openwrt/openwrt/issues/10687
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4a4d0bf78ddbbf17508891c5c837e5eb00420b5c)
|
| |
|
|
|
|
|
| |
00aab87 Correctly identify key management algorithms starting with "FT-"
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5c70b19c425896625f891c70910a96cdf9f61345)
|
| |
|
|
|
|
|
| |
0496c722f1d7 nl80211: fix issues with renamed wiphy and multiple phy per device
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 735f5f18ddbcb5c4e2033f1c08be0113369d2b79)
|
| |
|
|
|
|
|
|
|
|
|
| |
46f04f3808e8 devices: add MediaTek MT7986 WiSoC
b3e08c8b5a8f ops: make support for wireless extensions optional
1f695d9c7f82 nl80211: allow phy names that don't start with 'phy'
b7f9f06e1594 nl80211: fix phy/netdev index lookup
4a43b0d40ba5 nl80211: look up the phy name instead of assuming name == phy<idx>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit c787962e1d5016cab637cf8857bc6aa3afdda001)
|
| |
|
|
|
|
|
|
|
|
|
| |
Allow registration if the SIM is roaming or partner mode, by adding two
new options to the protocol.
Until now, such registration failed because umbim returns exit codes 4 and
5 for such situations.
Signed-off-by: Julio Gonzalez Gil <git@juliogonzalez.es>
(cherry picked from commit 840ce0a65bbb7ba13a547f90cb94452b290475ef)
|
| |
|
|
|
|
|
|
|
|
| |
context_type is an integer mapping of pdptype:
1: IPV4
2: IPV6
3: IPV4V6
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit 13f82ce264ed2d02c66cb2cae8f013c8f64a979f)
|
| |
|
|
|
|
|
|
|
| |
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
Suggested-by: Steffen Pfendtner <s.pfendtner@ads-tec.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit a80e198cd383593da7f41857a6122f28ed6354a1)
|
| |
|
|
|
|
|
|
|
| |
35fec487e30f05c81bd135326a993dad7f861812 fixed opkg usage,
but when using buildroot we were still defaulting to
ip(6)tables-legacy
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 0c8d7e34ab35f6b41f034fd94fec740970e0125b)
|
| |
|
|
|
|
|
| |
0dad3e6 Add support for CCMP-256 and GCMP-256 ciphers
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cc6a323e2328176b732b13f1f09745354270cd39)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the SDK the folder $(LINUX_DIR)/user_headers/include does not exist,
but it more or less contains the same content as
$(LINUX_DIR)/include/uapi which also exists in the SDK.
Since iproute2 commit 1d819dcc741e ("configure: fix parsing issue on
include_dir option") it checks if this folder exists and aborts the
build if it does not exists.
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1d819dcc741e25958190e31f8186c940713fa0a8
With this commit the KERNEL_INCLUDE variable points to a valid folder
with the kernel include headers. I am not sure if they are actually
needed because the build worked before even with an invalid path.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 60738fedede1746922a8b227f24ad5c733661585)
|
| |
|
|
|
|
|
| |
146bc77 umbim: fix invalid mbim message string encoding
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 90bedc411b1e98e9adf668dde09f8eafe4490344)
|
| |
|
|
|
|
|
|
|
| |
Musl libc does not support the non-POSIX "%F" format for strptime() so
replace all occurrences of it with an equivalent "%Y-%m-%d" format.
Fixes: #10419
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit e6e4f979999393825370e9db9fe04d75cb01acf2)
|
| |
|
|
|
|
|
| |
705d3b5 iwinfo: Add missing auth_suites mappings for WPA3
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cc2dfc5e4dc2e480203b826749186c73021795df)
|
| |
|
|
|
|
|
|
| |
The ulog iptables target was removed with kernel 3.17, remove the kernel
and also the iptables package in OpenWrt too.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2a0284fb0325f07e79b9b4c58a7d280ba9999a39)
|
| |
|
|
|
|
|
|
|
|
|
| |
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the archive.
Fixes: 038d5bdab117 ("layerscape: use semantic versions for LSDK")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit e879cccaa21563a7cdf47797b18fb86723720158)
(cherry picked from commit d4391ef073825f5817cdbcc3fc215311f1bbb461)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenWrt now uses firewall4 (nft) by default,
so iptables should also default to nftables backend.
When multiple packages provide the same virtual package,
opkg pick the first one by alphabetical order,
so we rename iptables-legacy to iptables-zz-legacy and add
iptables-legacy in PROVIDES.
We also need to remove IPTABLES_NFTABLES config as
this cause recursive dependencies.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 35fec487e30f05c81bd135326a993dad7f861812)
|
| |
|
|
|
|
|
|
| |
56cb2d4 nas: add decoding of cell_id
9a9019a uqmi: wms - added storage to read text messages
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 51c442c265a8661427441193e7dc585b1539a915)
|
| |
|
|
|
|
|
| |
dc6847e iwinfo: nl80211: omit A-hwmode on non-5GHz hardware
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f757a8a09885e3c8bb76371e037b8c0731111980)
|
| |
|
|
|
|
|
| |
a479b9b devices: remove whitespace
562d015 iwinfo: nl80211: fix hwmode parsing for multi-band NICs
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The modem is based on Marvell PXA1826 and uses ACM+RNDIS interface to
establish connection with custom commands specific to ZTE modems.
Two variants of modems were discovered, some identifying themselves
as "ZTE", and others as plain "Marvell", the chipset manufacturer.
The modem itself runs a fork of OpenWrt inside, which root shell can be
accessed via ADB interface.
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit e02fb42c53bad5dd36726c6ef5a46bfe31d2e400)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Some modems expose ttyACM as their control ports, which have the
"device" symlink pointing one level down in sysfs tree. Try to find
network interfaces for them as well, this is commonly used for modems
exposing ACM + RNDIS or ACM + ECM interface combinations.
Co-developed-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit ed7957810c0aee04943559be9b0ed23431ee0654)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some modems expose multiple network interfaces on the same USB device,
causing the connection setup script to fail, because glob matching in
the detection phase causes 'ls' to output more than one interface name
plus their base directories in sysfs. Avoid that by listing the
directories explicitly and then selecting first available interface.
This is the case for some variants of ZTE MF286R built-in modem, which
exposes both RNDIS and CDC-ECM network interfaces, causing the
connection setup to fail.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit b2940bb8b2878ce193f2edaee3e7d4c44f4a2065)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add ifname property to UCI, which can be used to override the
autodetected interface name in case the detection fails due to having
none or more than one interface exposed by the modem, which is not
explicitly linked to TTY port. This is needed on certain variants of ZTE
MF286R built-in modem, which exposes both RNDIS and CDC-ECM interfaces
on the modem, on which the automatic detection may select the wrong
network interface.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit a67629bbe25ef3d0e159db1e0c6ca81affd06898)
|
| |
|
|
|
|
|
| |
Have nftables-json conflict with nftables-nojson.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 1135b75d1fd26049a0644b304b7199e4a73c6a08)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Evaluating the return value of 'json_load' didn't work in the
intended way resulting in PIN status no longer being read on modems
where --get-pin-status doesn't fail.
Fix this by trying --get-pin-status first and checking if pin1_status
field exists in JSON, and if it doesn't try again with
--uim-get-sim-state.
Fixes: #9501
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ee7cb5e885118b78fb5f692d8ed6c93bb7e35853)
|
| |
|
|
|
|
| |
Following {arp,eb}tables-nft addition, bump PKG_RELEASE
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
| |
Add a patch to add some missing init_extensions{a,b}() calls
Package lib{arp,eb}t_*.so
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
| |
This allows to install ip6tables-nft without iptables-nft
This prepare the addition of {arp,eb}tables-nft
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
| |
This allows to install ip6tables-legacy without iptables-legacy
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
| |
This prepare the introduction of ebtables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
| |
This prepare the introduction of arptables-nft.
Add PROVIDES so dependencies are not broken,
use ALTERNATIVES.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Changelog:
90bfbb9 devices: Add Cypress CYW43455
234075b devices: fix AMD RZ608 format
0e2a318 devices: add AMD RZ608 device-id
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
| |
drop the use of LIB_SUFFIX
Fixes: 00cbf6f6ab1d ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
| |
This fixes ip6tables-nft no being able to use built-in
extensions like icmp6.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When porting mwan3 from iptables to nftables I tried the new translation
tool for ipset ipset-translate. I noticed that no IPv6 ipset can be
created with the tool. I have reported the problem to the upstream
project and the following patch fixes the problem.
Until this upsream is included in a new release, this patch should be
used in Openwrt.
https://lore.kernel.org/netfilter-devel/20220228190217.2256371-1-pablo@netfilter.org/T/#m09cc3cb738f2e42024c7aecf5b7240d9f6bbc19c
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |
|
|
|
|
| |
44dd095 uqmi: corrected too short received SMS
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Modems used in ZTE mobile broadband routers require to query the data
session status using the same CID as one used to establish the session,
otherwise they will report the session as "disconnected" despite
reporting correct PDH in previous step. Without this change, IPv6
connection on these modems doesn't establish properly. In IPv4 this bug
is present as well, but for some reason querying of IPv4 status works
using temporary CID, this however seems noncompliant with QMI
specifications, so fix it as well.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Previously libxt_socket.so was included in iptables-mod-tproxy. It was
missed out when trying to make kmod-ipt-socket and kmod-ipt-tproxy
separate packages
Fixes: 4f443c88 ("netfilter: separate packages for kmod-ipt-socket and kmod-ipt-tproxy")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
https://lwn.net/ml/netdev/YhO5Pn+6+dgAgSd9@salvia/
Patches:
removed:
- 001-parser-allow-quoted-string-in-flowtable_expr_member:
it is now part of upstream release [1]
added:
- 001-examples-compile-with-make-check.patch:
backported from [2], it fixes:
nft-json-file.c:3:10: fatal error: nftables/libnftables.h: No such file or directory
3 | #include <nftables/libnftables.h>
| ^~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
[1] https://git.netfilter.org/nftables/commit/?h=v1.0.2&id=07af4429241c9832a613cb8620331ac54257d9df
[2] https://git.netfilter.org/nftables/commit/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the new tc-bpf variant and removes libxtables dependency from
the tc-tiny variant. The tc-full variant stays like before and contains
everything.
This allows to use tc without libxtables.
The variants have the following sizes:
root@OpenWrt:/# ls -al /usr/libexec/tc-*
-rwxr-xr-x 1 root root 282453 Mar 1 21:55 /usr/libexec/tc-bpf
-rwxr-xr-x 1 root root 282533 Mar 1 21:55 /usr/libexec/tc-full
-rwxr-xr-x 1 root root 266037 Mar 1 21:55 /usr/libexec/tc-tiny
They are linking the following shared libraries:
root@OpenWrt:/# ldd /usr/libexec/tc-tiny
/lib/ld-musl-mips-sf.so.1 (0x77d6e000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d4a000)
libc.so => /lib/ld-musl-mips-sf.so.1 (0x77d6e000)
root@OpenWrt:/# ldd /usr/libexec/tc-bpf
/lib/ld-musl-mips-sf.so.1 (0x77da6000)
libbpf.so.0 => /usr/lib/libbpf.so.0 (0x77d60000)
libelf.so.1 => /usr/lib/libelf.so.1 (0x77d3e000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d1a000)
libc.so => /lib/ld-musl-mips-sf.so.1 (0x77da6000)
libz.so.1 => /usr/lib/libz.so.1 (0x77cf6000)
root@OpenWrt:/# ldd /usr/libexec/tc-full
/lib/ld-musl-mips-sf.so.1 (0x77de8000)
libbpf.so.0 => /usr/lib/libbpf.so.0 (0x77da2000)
libelf.so.1 => /usr/lib/libelf.so.1 (0x77d80000)
libxtables.so.12 => /usr/lib/libxtables.so.12 (0x77d66000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d42000)
libc.so => /lib/ld-musl-mips-sf.so.1 (0x77de8000)
libz.so.1 => /usr/lib/libz.so.1 (0x77d1e000)
This is based on a patch from Tiago Gaspar.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
Update to the latest upstream version. In this version there is a new
tool with which you can convert ipsets into nftables sets. Since we are
now using nftables as default firewall, this could be a useful tool for
porting ipsets to nftables sets.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |
|
|
|
|
| |
PKG_VERSION should not contain the package name but the version only.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
| |
|
|
|
|
| |
Following dependencies rework, bump PKG_RELEASE
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
| |
iptables-nft doesn't depend on libip{4,6}tc, so move
libiptext* libs in their own packages to clean up dependencies
Rename libxtables-nft to libiptext-nft
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
| |
Using PROVIDES allows to have other packages continue to
depend on iptables and users to pick between legacy and nft
version.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
| |
Those 2 configs are not specific to iptables(-legacy)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
