aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* tcpdump: libpcap: Remove http://www.us.tcpdump.org mirrorHauke Mehrtens2021-12-291-2/+1
| | | | | | | | | | | The http://www.us.tcpdump.org mirror will go offline soon, only use the normal download URL. Reported-by: Denis Ovsienko <denis@ovsienko.info> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 18bdfc803bef00fad03f90b73b6e65c3c79cb397) Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> [rebased for OpenWrt 21.02 branch]
* hostapd: only attempt to set qos map if supported by the driverFelix Fietkau2021-12-232-1/+13
| | | | | | | Fixes issues with brcmfmac Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 5e67cd63c4ff5d8f36c341dfa3355e3a4ac2be81)
* hostapd: add a patch that allows processing auth requests for peers in ↵Felix Fietkau2021-11-245-9/+43
| | | | | | | | | | | | | | | | blocked state If authentication fails repeatedly e.g. because of a weak signal, the link can end up in blocked state. If one of the nodes tries to establish a link again before it is unblocked on the other side, it will block the link to that other side. The same happens on the other side when it unblocks the link. In that scenario, the link never recovers on its own. To fix this, allow restarting authentication even if the link is in blocked state, but don't initiate the attempt until the blocked period is over. Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit f84053af5c0b0a159ea4d3e90b0c06574b4fde8d)
* hostapd: bump PKG_RELEASEFelix Fietkau2021-11-241-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix goto loop for ubus assoc handlerDavid Bauer2021-11-231-5/+5
| | | | | | | | | | When a ubus event handler denies a association with a non-zero return value, the code jumps to preceeding code, creating an endless loop until the event handler accepts the assc request. Move the ubus handler further up the code to avoid creating such a loop. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: enable ht40 in wpa_supplicant when using wider HE modesFelix Fietkau2021-11-231-1/+1
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit c26d741d07632451337810aaecd500a0b3cbf44f)
* hostapd: add support for providing vendor specific IE elementsFelix Fietkau2021-11-231-1/+4
| | | | | | | They can be added as hex digit strings via the 'vendor_elements' option Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 1818b038d7275273adbd525b5ee76bc60b7d628c)
* hostapd: add eap_server supportJohn Crispin2021-11-231-4/+21
| | | | | | | | This makes it possible to avoid using a RADIUS server for WPA enterprise authentication Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from 98621c97822eb20a80ab2248a253972051ea6f08)
* hostapd: add default values for r0kh/r1khFelix Fietkau2021-11-231-0/+7
| | | | | | | | This allows WPA enterprise roaming in the same mobility domain without any manual key configuration (aside from radius credentials) Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 704ab6a002172e76d41612f6d07ff179ef035d10)
* hostapd: add support for configuring the beacon rateFelix Fietkau2021-11-231-1/+3
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 46509a51dd63aa49648ad0f130461817f43532d0)
* hostapd: add support for configuring rts thresholdFelix Fietkau2021-11-231-1/+4
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 26da5c235983d215a42983467149e0e5597e8de2)
* hostapd: fix use after free bugsDavid Bauer2021-11-231-6/+6
| | | | | | | | Using a pointer one lifter after it freed is not the best idea. Let's not do that. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry-picked from commit 63c01ad025981eaa841353dc0fc27e5017febe21)
* hostapd: add wmm qos map set by defaultFelix Fietkau2021-11-231-1/+6
| | | | | | | | | | | This implements the mapping recommendations from RFC8325, with an update from RFC8622. This ensures that DSCP marked packets are properly sorted into WMM classes. The map can be disabled by setting iw_qos_map_set to something invalid like 'none' Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit a5e3def1822431ef6436cb493df77006dbacafd6)
* hostapd: support qos_map_set without CONFIG_INTERWORKINGFelix Fietkau2021-11-231-0/+112
| | | | | | | This feature is useful on its own even without full interworking support Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit efff3520f4d8fe131c4bd54bb2e098139a7efa4d)
* hostapd: refresh patchesFelix Fietkau2021-11-2314-45/+35
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix a race condition on adding AP mode wds sta interfacesFelix Fietkau2021-11-233-4/+26
| | | | | | | | | | | | Both hostapd and netifd attempt to add a VLAN device to a bridge. Depending on which one wins the race, bridge vlan settings might be incomplete, or hostapd might run into an error and refuse to service the client. Fix this by preventing hostapd from adding interfaces to the bridge and instead rely entirely on netifd handling this properly Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit da4be02fcd5d642954b1c9d9855d9e8d1e6205f4) (cherry-picked from commit 63c01ad025981eaa841353dc0fc27e5017febe21)
* hostapd: fix max_oper_chwidth setting for HEFelix Fietkau2021-11-231-3/+3
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 2319cf4ec048e50a7d3885d19dc27663b45e258d)
* hostapd: let netifd set bridge port attributes for snoopingFelix Fietkau2021-11-231-1/+30
| | | | | | | Avoids race conditions on bridge member add/remove Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 17d19a7d4398789ae8da3daf8e0db167d58b0782)
* hostapd: respect fixed channel BW in HE20 modeJesus Fernandez Manzano2021-11-231-1/+1
| | | | | | | | | When using htmode 'HE20' with a radio mode that uses wpa-supplicant (like mesh or sta), it will default to 40 MHz bw if disable_ht40 is not set. This commit fixes this behaviour. Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net> (cherry-picked from commit af83e3ce0ff40dcecbe913676343bf86846294f7)
* hostapd: make proxyarp work with libnl-tinyFelix Fietkau2021-11-231-0/+275
| | | | | | | Remove a dependency on libnl3-route Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit ae1c5d0d6af60d0467899f5730a2f01aa72137f7)
* hostapd: fix a segfault on sta disconnect with proxy arp enabledFelix Fietkau2021-11-231-0/+19
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 5dd1bd5b80feb2dbaad8bdf93779acad74ed199a)
* hostapd: make the snooping interface (for proxyarp) configurableFelix Fietkau2021-11-232-0/+38
| | | | | | | | | Use the VLAN interface instead of the bridge, to ensure that hostapd receives untagged DHCP packets Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 7b46377a0cd9d809a3c340358121de77f005d4cc) (cherry-picked from commit f1b98fa4fa8a86a9daf2a7177235f28cbd7c53ef)
* hostapd: configure inter-AP communication interface for 802.11rFelix Fietkau2021-11-232-0/+39
| | | | | | | | In setups using VLAN bridge filtering, hostapd may need to communicate using a VLAN interface on top of the bridge, instead of using the bridge directly Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 305c1b8d746b363f655c2f8d5a6497cca10a5d4e)
* hostapd: add additional radius optionsJohn Crispin2021-11-231-2/+17
| | | | | | | | | | - add functionality to configure RADIUS NAS-Id and Operator-Name - add functionality to configure RADIUS accounting interval - enable RADIUS "Chargeable User Identity" Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 3bd6c8c728e72444bdf23b8904ef9c52ebb46bb7)
* hostapd: add extra options for hotspot 2.0 / interworkingFelix Fietkau2021-11-231-4/+25
| | | | | | Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit c76f1d8330c679774eb568a423feb57d956b3ca4)
* hostapd: fix civic location optionJohn Crispin2021-11-231-1/+1
| | | | | Signed-off-by: John Crispin <john@phrozen.org> (cherry-picked from commit 937dd79e2a4457a316d67b3091f6da7d14a99168)
* hostapd: enable airtime policy for the -basic variantsRui Salvaterra2021-11-231-1/+1
| | | | | | | | | | | | | | | Airtime policy configuration is extremely useful in multiple BSS scenarios. Since nowadays most people configure both private and guest networks (at least), it makes sense to enable it by default, except for the most limited of the variants. Size of the hostapd-basic-openssl binary (mipsel 24Kc -O2): 543944 bytes (airtime policy disabled) 548040 bytes (airtime policy enabled) Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> Acked-by: Daniel Golle <daniel@makrotopia.org> (cherry-picked from commit d38f4565828264731f2a9cfe646491fba80315d3)
* hostapd: add patch for disabling automatic bridging of vlan interfacesFelix Fietkau2021-11-232-3/+40
| | | | | | | | netifd is responsible for handling that, except if the vlan bridge was provided by the config Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit cf45caeff16256f9db777e0e652ec3a38cd476a4)
* mac80211: backport support for BSS color changesFelix Fietkau2021-11-231-13/+56
| | | | | | | | | This is needed for an upcoming mt76 update also sync iw nl80211 with kernel backports Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 2bfac61483db32f8bd1f5b38702b39f206256265) (cherry-picked from commit 36019ed5893cd11c86a7dbedca1c6a055654a3c0)
* netifd: update to the master branchFelix Fietkau2021-11-231-3/+3
| | | | | | Sync with commit 4eba313065f372ef0edf4abdbe00538fdbe7538f Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iw: enable print wpa ie for scanJianhui Zhao2021-11-231-19/+25
| | | | | | | | This increases the size of the iw_5.9-8fab0c9e-3_mips_24kc.ipk from 41166 to 41942 bytes by 776 bytes. Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com> (cherry-picked from commit 9df7eadcfd3129cecfb30ec78a43ae9b3175869e)
* netifd: fix deletion of ip tunnels (FS#4058)Hans Dedecker2021-11-171-3/+3
| | | | | | a68e805 system-linux: fix deletion of ip tunnels (FS#4058) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iproute2: m_xt.so depends on dynsyms.listRoman Yeryomin2021-10-271-1/+2
| | | | | | | | | | | | | | | | | | | When doing parallel build on a fast machine with bottleneck in i/o, m_xt.so may start linking faster than dynsyms.list gets populated, resulting in error: ld:dynsyms.list:0: syntax error in dynamic list Fix this by adding dynsyms.list as make dependency to m_xt.so Described also here: https://bugs.openwrt.org/index.php?do=details&task_id=3353 Change from v1: - add dynsysms.list dependancy only when shared libs are enabled Signed-off-by: Roman Yeryomin <roman@advem.lv> Fixes: FS#3353 (cherry-picked from commit edd53df16843a0a6380920ed17b88bfe7d26d71b)
* uhttpd: make organization (O=) of the cert configurable via uciMartin Schiller2021-10-062-3/+4
| | | | | | | | | Make the organization (O=) of the cert configurable via uci. If not configured, use a combination of "OpenWrt" and an unique id like it was done before. Signed-off-by: Martin Schiller <ms@dev.tdt.de> (cherry picked from commit 2c6c1501af664490ec9b701b46a201e21c670b96)
* hostapd: fix segfault when deinit mesh ifacesJesus Fernandez Manzano2021-09-241-0/+5
| | | | | | | | | | | | In hostapd_ubus_add_bss(), ubus objects are not registered for mesh interfaces. This provokes a segfault when accessing the ubus object in mesh deinit. This commit adds the same condition to hostapd_ubus_free_bss() for discarding those mesh interfaces. Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net> (cherry picked from commit 5269c47e8db549695ceaf6a19afdd0cb90074622)
* dnsmasq: reset EXTRA_MOUNT in the right placeDaniel Golle2021-08-021-2/+2
| | | | | | | | | | EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than just once at the beginning of the script. Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues") Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit ddc8d085f39dea998f59680fb556ca72d779a3b1)
* dnsmasq: fix more dnsmasq jail issuesDaniel Golle2021-08-021-10/+26
| | | | | | | | | | | | | * remove superflus mounts of /dev/null and /dev/urandom * reset EXTRA_MOUNTS at the beginning of the script * add mount according to ignore_hosts_dir * don't add mount for file which is inside a directory already in the EXTRA_MOUNTS list Fixes: 59c63224e1 ("dnsmasq: rework jail mounts") Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit ac4e8aa2f8d98158ea7b749f877269f1f5fa9c5a)
* dnsmasq: rework jail mountsDaniel Golle2021-08-021-1/+7
| | | | | | | | | | | | | * split into multiple lines to improve readability * use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts * remove no longer needed mount for /sbin/hotplug-call * add dhcp-script.sh dependencies (jshn, ubus) Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount") Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call") Reported-by: Stijn Tintel <stijn@linux-ipv6.be> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 59c63224e11d6c4eca27131a73bf16218e47a271)
* dnsmasq: use local option for local domain parameterKevin Darbyshire-Bryant2021-08-021-1/+1
| | | | | | | | | | | '--local' is a synonym for '--server' so let's use '--local' in the resultant config file for uci's 'local' instead of uci's local parameter being turned into '--server'. Slightly less confusion all round. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit e4cfefa9fc3d22da5705b554785ba9c533c373d0) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: add ignore hosts dir to dnsmasq init scriptJoão Henriques2021-08-021-1/+6
| | | | | | | | | | When running multiple instances of dnsmasq, for example one being for the lan and another for a guest network, it might not be desirable to have the same dns names configured in both networks Signed-off-by: João Henriques <joaoh88@gmail.com> (cherry picked from commit e8a5670122e04574fdb5855ecd63d18f317c5bfd) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: update to the latest versionFelix Fietkau2021-07-261-3/+3
| | | | | | | 440eb0647708 bridge: fix regression in bringing up bridge ports Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 39f81b0bf687017b4d086255c94166e662ac177e)
* netifd: update to the latest versionFelix Fietkau2021-07-251-3/+3
| | | | | | | | 85f01c44a950 bridge: check bridge port vlan membership on link-up events 17e453bd68b4 wireless: add back regular virtual interfaces on hotplug-add events as well Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 2801fe6132c4e2e364e2d5a304594185351b501b)
* dnsmasq: distinct Ubus names for multiple instancesEtan Kissling2021-07-191-3/+29
| | | | | | | | | | | | | | | | | | | | | | | | | Currently, when using multiple dnsmasq instances they are all assigned to the same Ubus instance name. This does not work, as only a single instance can register with Ubus at a time. In the log, this leads to `Cannot add object to UBus: Invalid argument` error messages. Furthermore, upstream 3c93e8eb41952a9c91699386132d6fe83050e9be changes behaviour so that instead of the log, dnsmasq exits at start instead. With this patch, all dnsmasq instances are assigned unique names so that they can register with Ubus concurrently. One of the enabled instances is always assigned the previous default name "dnsmasq" to avoid breaking backwards compatibility with other software relying on that default. Previously, a random instance got assigned that name (while the others produced error logs). Now, the first unnamed dnsmasq config section is assigned the default name. If there are no unnamed dnsmasq sections the first encountered named dnsmasq config section is assigned instead. A similar issue exists for Dbus and was similarly addressed. Signed-off-by: Etan Kissling <etan.kissling@gmail.com> [tweaked commit message] dnsmasq was not crashing it is exiting Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit ba5bd8e556b2e7573d27b16e005ba287e066f795)
* dnsmasq: add /tmp/hosts/ to jail_mountNick Hainke2021-07-191-1/+1
| | | | | | | | Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/". If you don't add this to the jail_mount, dnsmasq can't read it anymore. Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 3a94c2ca5cf7c11ca150fa3ae884e7be8d07a281)
* odhcpd: fix invalid DHCPv6 ADVERTSIE with small configured leasetime (FS#3935)Hans Dedecker2021-07-191-3/+3
| | | | | | | bc9d317 dhcpv6-ia: fix invalid preferred lifetime Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (cherry picked from commit 033d5ff25eaf4facbaab09153982e7321fe282e6)
* netifd: update to the latest versionFelix Fietkau2021-07-141-3/+3
| | | | | | | 7f24a063475e vlan: fix device vlan alias handling Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit d1a812c49b57636efcb9ef6f5f0aff4f11eb6b36)
* netifd: update to the latest versionFelix Fietkau2021-07-131-3/+3
| | | | | | | | | | | | | | | | | | | | 61a71e5e49c3 bridge: dynamically create vlans for hotplug members cb6ee9608e10 bridge: fix dynamic delete of hotplug vlans 7f199050f395 wireless: pass the real network ifname to the setup script 50381d0a2998 bridge: allow adding/removing VLANs to configured member ports via hotplug f12b073c0cc3 wireless: add some comments to functions b0d090688302 bridge: fix setting pvid for updated vlans ff3764ce28e0 device: move hotplug handling logic from system-linux.c to device.c 16bff892f415 ubus: add a dummy mode ubus call to simulate hotplug events 7f30b02013f2 examples: make dummy wireless vif names shorter 013a1171e9b0 device: do not treat devices with non-digit characters after . as vlan devices f037b082923a wireless: handle WDS per-sta devices db0fa24e1c17 bridge: fix enabling hotplug-added VLANs on the bridge port 4e92ea74273f bridge: bring up pre-existing vlans on hotplug as well 1f283c654aeb bridge: fix hotplug vlan overwrite on big-endian systems Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 1236cbe30cec8e3e8246237005140596f8611ce9)
* iwinfo: move device info into -data packageJo-Philipp Wich2021-07-112-4/+40
| | | | | | | | | | Backport upstream patch a0a0e02 ("iwinfo: rename hardware.txt to devices.txt") and split devices.txt (former hardware.txt) into a common libiwinfo-data package to allow different libiwinfo versions to coexist without file clashes. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit c13d7c82aa4cd2cbf1f61bad857cd01b795318e3)
* hostapd: make wnm_sleep_mode_no_keys configurableTimo Sigurdsson2021-07-052-4/+8
| | | | | | | | | | | | | | | In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not enabled by default on OpenWrt, but it is configurable through the option wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by exposing the option wnm_sleep_mode_no_keys. If you use the option wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might consider using this workaround. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> [bump PKG_RELEASE] Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit bf98faaac8ed24cf7d3d93dd4fcd7304d109363b)
* hostapd: make country3 option configurableTimo Sigurdsson2021-07-052-3/+4
| | | | | | | | | | | | | The country3 option in hostapd.conf allows the third octet of the country string to be set. It can be used e.g. to indicate indoor or outdoor use (see hostapd.conf for further details). Make this option configurable but optional in OpenWrt. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> [bump PKG_RELEASE, rebase] Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 9f09c1936a4a13b67fcba632f7ca02331f685359) Signed-off-by: Paul Spooren <mail@aparcar.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-11 08:38:59 +0000