aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* netifd: return error status in reload_serviceHans Dedecker2017-04-241-1/+4
| | | | | | | | Based on a patch by Alexandru Ardelean. netifd ubus reload call returns the actual reload error status; return error status as well in reload_service Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to git HEAD versionHans Dedecker2017-04-241-3/+3
| | | | | | | | | 11cb9cf ubus: add interface method to trigger renew event 4375d1b system-linux: allow "throw" route type 5fbd904 netifd: propagate error code on netifd_reload() 6e0acec interface-ip: fix device name for IPv6 link-local DNS server Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: update to git HEAD versionHans Dedecker2017-04-241-3/+3
| | | | | | | 570069d ubus: rework dumping IPv6 and IPv4 leases 4e579c4 dhcpv6-ia: simplify logic to write statefile and dhcpv6 logging Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iptables: fix wrong depends for nftables support (FS#707)Ansuel Smith2017-04-221-1/+1
| | | | | | | The dep for the nftables support was wrong, if someone actually enable that option gain a compilation error. This fix this problem. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* dnsmasq: fix uninitialized varname in init-scriptBastian Bittorf2017-04-171-1/+1
| | | | | | | | | minor/cosmetic: fixes the following misleading message: root@box:~ /etc/init.d/dnsmasq restart sh: out of range Signed-off-by: Bastian Bittorf <bb@npl.de>
* iptables: set ABI_VERSION to force rebuild of dependent packagesFelix Fietkau2017-04-121-0/+4
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iptables: bump to 1.6.1Ansuel Smith2017-04-129-304/+103
| | | | | | | | | Switch to git repo Removed musl patch Refreshed existing patch Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
* openvpn: add myself as maintainerFelix Fietkau2017-04-121-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* OpenVPN: Update to 2.4.1Daniel Engberg2017-04-124-20/+12
| | | | | | | | | Update OpenVPN to 2.4.1 Remove 200-small_build_enable_occ.patch as it's included upstream. Refresh patches Add mirror and switch to HTTPS Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* iproute2: add libgenl.h and ll_map.h to InstallDev sectionHans Dedecker2017-04-081-1/+1
| | | | | | | | Commit f4e312ddf855375667f43c842c7187934b8aca92 adds libnetlink to staging dir but did not add the header files libgenl.h and ll_map.h which define functions belonging to libnetlink lib Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: peacefully coexist with ISC DHCPdDaniel Golle2017-04-081-0/+9
| | | | | | | | Similar to odhcpd, allow using ISC DHCPd instead of dnsmasq. Disable DHCP and/or DHCP6 in case ISC DHCP is present and enabled. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: fix fw3 warnings in dhcp scriptHans Dedecker2017-04-031-1/+1
| | | | | | Fix fw3 warnings in dhcp script in case fw3 is not enabled Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: update to git HEAD version (FS#635)Hans Dedecker2017-04-011-3/+3
| | | | | | | | | | 3d9f406 rework IPv6 dns address selection (FS#635) bc6c3ac ndp: keep an exact copy of IPv6 interface addresses 6eb1e01 ndp: code cleanup eea7d03 rework IPv6 address dump logic 24d21c7 ndp: add syslog debug tracing Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: use logical interface name for dhcp relay configKarl Vogel2017-03-291-1/+2
| | | | | | | | | The relay section should use the logical interface name and not the linux network device name directly. This to be consistent with other sections of the dnsmasq config where 'interface' means the logical interface. Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
* firewall: document rules for IPSec ESP/ISAKMP with 'name' optionYousong Zhou2017-03-282-15/+16
| | | | | | | | | | These are recommended practices by REC-22 and REC-24 of RFC6092: "Recommended Simple Security Capabilities in Customer Premises Equipment (CPE) for Providing Residential IPv6 Internet Service" Fixes FS#640 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* iw: enable MESH ID in scan outputMatthias Schiffer2017-03-251-4/+5
| | | | | | | | Make scan output useful for 802.11s meshes. The common print_ssid function is used, so this doesn't add any additional code. Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* odhcp6c: update to git HEAD versionHans Dedecker2017-03-221-3/+3
| | | | | | | | | | | 0463b05 dhcpv6: rebind capability support in reconfigure message (rfc6644) 53767fc dhcpv6: respect renew end point when handling reconfigure message dd892e2 dhcpv6: calculate T1, T2 and T3 in a more sane manner 8a6ca6e md5: use libubox md5 library as local implementation 89822de dhcpv6: don't return renew msg in case of invalid msg type in reconfigure msg 4160c0e treewide: align coding style Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* openvpn: add extra respawn parametersMartin Schiller2017-03-221-0/+3
| | | | | | | | | | | | | | | This change protects the openvpn instances to be marked as "in a crash loop" and thereby the connection retries will run infinitely. When the remote site of an openvpn connection goes down for some time (network failure etc.) the openvpn instance in an openwrt/lede device should not stop retrying to establish the connection. With the current limit of 5 retries, there is a user interaction required, which isn't really what you want when the device should simply do everything to keep the vpn connection up. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* utils/tcpdump: Rework URLsDaniel Engberg2017-03-221-2/+2
| | | | | | | Add actual mirror and use main site as last resport Source: http://www.tcpdump.org/mirrors.html Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* umdns: update to the version 2017-03-21Rafał Miłecki2017-03-211-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | This includes following changes: 480d7bc Fix sending unicast questions on cache expire a0403cd Keep source sockaddr for every cached DNS record 1478293 Fix code freeing cached non-A(AAA) records too early 9f1cc22 Fix replying to "QU" questions received on unicast interface 943bedb Fix reading port of incoming packets c725494 Use MCAST_PORT define for port 5353 ce7e9e9 Use one define for DNS-Based Service Discovery service name e1bacef Drop entries cached for interface we're going to delete 496aeba Fix comment typo in cache_gc_timer f89986b Fix refreshing cached A(AAA) records that expire Previous updates made umdns work as expected on startup but there were still many bugs. They were mostly related to runtime - cache management and requests + responses. E.g. umdns was never able to send question on DNS record expire. It was also ignoring all incoming unicast questions. Since these issues are quite serious it makes sense to backport this update to the stable branch. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* netifd: update to git HEAD versionHans Dedecker2017-03-211-3/+3
| | | | | | | | a032166 interface-ip: set prefix indicator flag when IPv6 prefix lifetime changes b4f8984 system-linux: parse vti specific settings as nested json data object 7e3b89a system-linux: parse gre specific settings as nested json data object Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* vti: add vti specific settings as nested json objectHans Dedecker2017-03-212-2/+7
| | | | | | Add vti specific settings ikey and okey as a nested data json object Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: add gre specific settings as nested json objectHans Dedecker2017-03-212-2/+11
| | | | | | | Add gre specific settings ikey, okey, iseqno, oseqno, icsum and ocsum as a nested data json object Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iperf3: Update to 3.1.7Daniel Engberg2017-03-201-2/+2
| | | | | | Update iperf3 to 3.1.7 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* iproute2: fix ip monitor can't work when NET_NS is not enabledYousong Zhou2017-03-192-1/+41
| | | | | | | | The bug appeared in v4.1.0 and was fixed since v4.8.0 Fixes FS#620 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* dnsmasq: don't point --resolv-file to default location unconditionallyPhilip Prindeville2017-03-181-3/+3
| | | | | | | If noresolv is set, we should not generate a --resolv-file parameter. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [minor cleanup]
* lldpd: bump to 0.9.6Stijn Tintel2017-03-181-2/+2
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* odhcp6c: update to git HEAD versionHans Dedecker2017-03-161-3/+6
| | | | | | 7e0d8b8 CMakeLists: don't enable libubox md5 implementation by default Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* curl: Adjust URLsDaniel Engberg2017-03-151-6/+4
| | | | | | | Update mirror list, add main site as last resort Source: https://github.com/curl/curl-www/blob/master/latest.pl Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* iwcap: fix handling kill signal during dumpFelix Fietkau2017-03-141-13/+13
| | | | | | Do not run another loop iteration before checking the stop flag Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umdns: update to the version 2017-03-14Rafał Miłecki2017-03-141-3/+3
| | | | | | | | | This includes 3 cleanups: fd5a160 Don't cache hosts as services 80dd246 Refresh DNS records A and AAAA directly 6515101 Access cached records (instead of services) to read list of hosts Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* curl: update to version 7.53.1Hauke Mehrtens2017-03-134-42/+6
| | | | | | | This fixes the following security problem: * CVE-2017-2629 SSL_VERIFYSTATUS ignored Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* xtables-addons: fix build error on ARCFelix Fietkau2017-03-121-0/+11
| | | | | | | The kernel unconditionally pulls in a header file that defines 'current', which conflicts with the lua extension code. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umdns: update to the 2017-03-10 versionRafał Miłecki2017-03-101-3/+3
| | | | | | | This fixes crash in interface_start caused by freeing interface in interface_free without stopping a timeout. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* vxlan: add new package for netifd VXLAN protoMatthias Schiffer2017-03-102-0/+180
| | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* netifd: update to git HEAD versionMatthias Schiffer2017-03-101-3/+3
| | | | | | 91810ec system-linux: add VXLAN support Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* dnsmasq: do not forward rfc6761 excluded domainsKevin Darbyshire-Bryant2017-03-093-2/+24
| | | | | | | | | | | | | | | | | | | | | | RFC 6761 defines a number of top level domains should not be forwarded to the Internet's domain servers since they are not responsible for those domains. This change adds a list of domains that will be blocked when 'boguspriv' is used and augments that which is already blocked by dnsmasq's notion of 'local service' using '--bogus-priv' i.e. RFC 1918 private addresses and IPv6 prefixes as defined in RFC 6303. To make this configurable rather than hard coded in dnsmasq's init script, a new file /usr/share/dnsmasq/rfc6761.conf is conditionally included. The default file matches the RFC 6761 recommendation along with a few other top level domains that should not be forwarded to the Internet. Compile & run tested Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* openvpn: move list of params and bools to a separate fileYousong Zhou2017-03-073-30/+205
| | | | | | | So that future patches for addition/removal of them can be more readable Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* ppp: propagate master peerdns setting to dynamic slave interfaceJo-Philipp Wich2017-03-073-2/+4
| | | | | | | | | | Honour the parent interfaces peerdns option when spawning a virtual DHCPv6 interface in order to avoid pulling in IPv6 DNS servers when the user opted to inhibit peer DNS servers in the configuration. Fixes #597. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* odhcpd: add loglevel uci option in odhcpd defaultsHans Dedecker2017-03-061-0/+1
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: update to git HEAD versionHans Dedecker2017-03-061-3/+3
| | | | | | c69555c dhcpv6: use PRIu64 print macro Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: Bump to latest HEADFlorian Fainelli2017-03-051-3/+3
| | | | | | | | Brings in the following change: 9eac2a896341 dhcpv6-ia: Check lockf return value Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* rssileds: Fix build with external toolchainsFlorian Fainelli2017-03-011-2/+4
| | | | | | | | Pass down TARGET_CPPFLAGS for path to header files, and append the libraries we depend on in TARGET_LDFLAGS. Put TARGET_LDFLAGS at the end of the command line as is required by modern GCC/binutils. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* swconfig: Link with libuboxFlorian Fainelli2017-03-011-1/+1
| | | | | | | | | | | | | | | | | | | Fixes linking failures observed with external toolchains: /home/florian/dev/toolchains/stbgcc-4.8-1.5/bin/../lib/gcc/mipsel-linux-gnu/4.8.5/../../../../mipsel-linux-gnu/bin/ld: warning: libubox.so, needed by /home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so, not found (try using -rpath or -rpath-link) /home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so: undefined reference to `blobmsg_open_nested' /home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so: undefined reference to `blobmsg_parse' /home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so: undefined reference to `blob_nest_end' /home/florian/dev/openwrt/trunk/staging_dir/target-mipsel-unknown-linux-gnu_glibc/usr/lib/libuci.so: undefined reference to `blobmsg_add_field' Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* omcproxy: Update to latest HEADFlorian Fainelli2017-03-011-3/+3
| | | | | | | Brings the following change: 1fe6f48f8a50 Cmake: Find libubox/list.h Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* thc-ipv6: Allow overriding CFLAGSFlorian Fainelli2017-03-011-0/+12
| | | | | | | | thc-ipv6 did not allow an external environment to override CFLAGS, which would lead to our CFLAGS not being passed properly (relro, optimizations, etc...) Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* wireless-tools: Change download url to githubHsing-Wang Liao2017-02-281-1/+1
| | | | Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
* iftop: bump to latest upstreamKevin Darbyshire-Bryant2017-02-262-73/+8
| | | | | | | | | Drops a LEDE carried patch now upstream. Convert to autotools. A number of nits fixed upstream (dns & short packet handling most notable) Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* relayd: fix making incomplete instance json dataYousong Zhou2017-02-252-7/+14
| | | | | | | | Defer procd_open_instance only after validity check passed. Fixes FS#541 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* relayd: remove old start-stop-service related codeYousong Zhou2017-02-251-15/+0
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>