| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Update to new iwinfo version.
Adds support for channel survey.
Adds ubus support.
Etc.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 296ae7ab89c179ff39feff973000fcb864754df7)
|
| |
|
|
|
|
|
|
|
| |
e59f925 hardware: add device ids for QCA9984, 88W8887 and 88W8964 radios
2a82f87 nl80211: back out early when receiving FAIL-BUSY reply
77c32f0 nl80211: fix code calculating average signal and rate
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 20b76c0a5bb7a13dcc739bd644f0f968e3b3c68a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches
Upstream commits since last bump:
3b6eb19 Log DNSSEC trust anchors at startup.
f3e5787 Trivial comment change.
c851c69 Log failure to confirm an address in DHCPv6.
a3bd7e7 Fix missing fatal errors when parsing some command-line/config options.
ab5ceaf Document the --help option in the french manual
1f2f69d Fix recurrent minor spelling mistake in french manual
f361b39 Fix some mistakes in french translation of the manual
eb1fe15 When replacing cache entries, preserve CNAMES which target them.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 1e93ef84981f2722138824413a1b197fdab7fb6c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As dnsmasq is started earlier than netifd usage of network.sh functions
at boottime will fail; therefore don't call at boottime the functions
which construct the dhcp pool/relay info.
As interface triggers are installed the dhcp pool/relay info will be
constructed when the interface gets reported as up by netifd.
At the same time also register interface triggers based on DHCP relay
config.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 2336b942b37f265c59547d738ca558b61102833d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches and backport upstream to current HEAD:
a997ca0 Fix sometimes missing DNSSEC RRs when DNSSEC validation not enabled.
51e4eee Fix address-dependent domains for IPv6.
05ff659 Fix stupid infinite loop introduced by preceding commit.
db0f488 Handle some corner cases in RA contructed interfaces with addresses changing interface.
7dcca6c Warn about the impact of cache-size on performance.
090856c Allow zone transfer in authoritative mode whenever auth-peer is specified.
cc5cc8f Sane error message when pcap file header is wrong.
c488b68 Handle standard and contructed dhcp-ranges on the same interface.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit fbf475403b911f46e91b57fb7a6cf3c65276464c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
81a281e dhcpv6-ia: fix border assignment size setting
a2ffc59 dhcpv6-ia: fix status code for not on link IAs
5b087a6 dhcpv6-ia: improve error checking in assign_pd()
c9114a1 config: fix wrong assignment
bb8470f dhcpv4: delay forced renew transaction start
62a1b09 dhcpv4: fix DHCP address space logic
d5726ff dhcpv4: improve logging when sending DHCP messages
9484351 odhcpd: call handle_error when socket error can be retrieved
c45e2eb dhcpv6: fix out of bounds write in handle_nested_message()
c2ff5af dhcpv6-ia: log renew messages as well
676eb38 router: fix possible segfault in send_router_advert()
392701f odhcpd: fix passing possible negative parameter
029123b treewide: switch to C-code style comments
6b79748 router: improve error checking
12e21bc netlink: fix incorrect sizeof argument
d7aa414 dhcpv6: improve error checking in dhcpv6_setup_interface()
373495a ubus: fix invalid ipv6-prefix json
79d5e6f ndp: improve error checking
d834ae3 dhcpv4: fix error checking in dhcpv4_setup_interface()
f2aa383 dhcpv4: fix out of bound access in dhcpv4_put
4591b36 dhcpv4: improve error checking in dhcpv4_setup_interface()
4983ee5 odhcpd: fix strncpy bounds
c0f6390 odhcpd: Check if open the ioctl socket failed
345bba0 dhcpv4: improve error checking in handle_dhcpv4()
44cce31 ubus: avoid dumping interface state with NULL message
Cherry picked and squashed from commits:
b7ef10cbf0 odhcpd: update to latest git HEAD
98a6bee09a odhcpd: update to latest git HEAD
88c88823d5 odhcpd: update to latest git HEAD
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reduces .ipk size on MIPS from 41.6k to 41.1k
Changes:
30463d0 zones: add interface/subnet bound LOG rules
0e77bf2 options: treat time strings as UTC times
d2bbeb7 firewall3: make reject types selectable by user
aa8846b ubus: avoid dumping interface state with NULL message
Cherry picked and squashed from commits:
a3f2451fba firewall: update to latest git HEAD
433d71e73e fw3: update to latest git HEAD
ef96d1e34a firewall: compile with LTO enabled
1e83f775a3 firewall3: update to latest git HEAD
3ee2c76ae0 firewall: update to latest git HEAD
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This watchdog script tries to re-resolve hostnames for inactive WireGuard peers.
Use it for peers with a frequently changing dynamic IP.
persistent_keepalive must be set, recommended value is 25 seconds.
Run this script from cron every minute:
echo '* * * * * /usr/bin/wireguard_watchdog' >> /etc/crontabs/root
Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
[bump the package release]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 20c4819c7baf6f9b91420849caf30e5137bd75d6)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
80b41cd version: bump snapshot
fe5f0f6 recieve: disable NAPI busy polling
e863f40 device: destroy workqueue before freeing queue
81a2e7e wg-quick: allow link local default gateway
95951af receive: use gro call instead of plain call
d9501f1 receive: account for zero or negative budget
e80799b tools: only error on wg show if all interfaces failk
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
[Added commit log to commit description]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 57b808ec88315db6743b3159a04dbb16097597ea)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* device: print daddr not saddr in missing peer error
* receive: style
Debug messages now make sense again.
* wg-quick: android: support excluding applications
Android now supports excluding certain apps (uids) from the tunnel.
* selftest: ratelimiter: improve chance of success via retry
* qemu: bump default kernel version
* qemu: decide debug kernel based on KERNEL_VERSION
Some improvements to our testing infrastructure.
* receive: use NAPI on the receive path
This is a big change that should both improve preemption latency (by not
disabling it unconditionally) and vastly improve rx performance on most
systems by using NAPI. The main purpose of this snapshot is to test out this
technique.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(cherry picked from commit 4630159294024c0718077e49dbb440919440de87)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
iproute2's tc was updated to support the recently upstreamed cake qdisc.
Backport this canonical support from upstream into iproute2 v4.16
There is no kernel kmod/userspace tc ABI change in this release from the
previous package bump, so everyone can breath a sigh of relief.
This is largely a code style change, the exception to prove the rule:
option 'autorate_ingress' has been changed to 'autorate-ingress' to fit
in with upstream option naming expectations.
No openwrt package (e.g. sqm-scripts) has knowledge of
'autorate_ingress' thus only users who made their own scripts or used
it within the 'dangerous configuration' options of sqm-scripts will be
affected.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
| |
procd needs processes to stay in foreground to remain under its gaze and
control. Failure to do so means service stop commands fail to actually
stop the process (procd doesn't think it's running 'cos the process has
exited already as part of its forking routing)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 9d5a2469304eb23b6d09432a6d9b6a57d0019d2a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous callback code was fragile, dependent on some UCI callback
bugs and side-effects now fixed in master commit 73d8a6ab.
Update scripts to use callbacks where appropriate and necessary, while
using normal UCI config parsing for all else. This results in smaller,
simpler, more robust code. Use callbacks in generate.sh to only process
'interface' defaults and the varying entries for 'reclassify', 'default'
and 'classify' sections. Also switch qos-stat to use non-callback UCI
handling.
The current changes work independently of 73d8a6ab (i.e. both before and
after), and are consistent with UCI config parsing documentation.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix broken DHCPv6 servers which provide the server unicast option but
do not reply on DHCPv6 renew messages directed to the IPv6 address
contained in the server unicast option which results in broken IPv6
connectivity.
67ae6a7 odhcp6c: add option to ignore Server Unicast option
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
| |
b99c1f6 odhcp6c: remove len check in option parsing handle
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
| |
ca8822b odhcp6c: add support for user string options
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
db86175 lua: honour size argument in recv() function
d3b9560 utils: add uh_htmlescape() helper
8109b95 file: escape strings in HTML output
393b59e proc: expose HTTP Origin header in process environment
796d42b client: flush buffered SSL output when tearing down client ustream
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit b54bef205846e2b30da23c1316c4a9b941c5078d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dfd9827 version: bump snapshot
88729f0 wg-quick: android: prevent outgoing handshake packets from being dropped
1bb9daf compat: more robust ktime backport
68441fb global: use fast boottime instead of normal boottime
d0bd6dc global: use ktime boottime instead of jiffies
18822b8 tools: fix misspelling of strchrnul in comment
0f8718b manpages: eliminate whitespace at the end of the line
590c410 global: fix a few typos
bb76804 simd: add missing header
7e88174 poly1305: give linker the correct constant data section size
fd8dfd3 main: test poly1305 before chacha20poly1305
c754c59 receive: don't toggle bh
Compile-tested-for: ath79 Archer C7 v2
Run-tested-on: ath79 Archer C7 v2
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 3ce11588f6346ebedde68ef30a06e01999e292bb)
|
| |
|
|
|
|
|
|
|
|
| |
Bump iproute2/tc support of cake.
Add support for cake's change to u64 attribute passing for certain
attributes (rate & byte counts)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit a2165f936e94ed71dff5fdbf0fbc58c88fb17158)
|
| |
|
|
|
|
|
| |
this makes sure that offloading support is properly included for v4.14 targets.
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit ebe1216c7cd10357c3277fb25bae4e508d4b165a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes specific support for PH8(1e2d-0053) / ELS61(1e2d-005b) modules.
Note for ELS61, the serial driver changes from serial option(ttyUSB) to usb-cdc (ttyACM).
Two additional fixes in this commit resolve issues with ttyACM devices: -
* wwan.sh - sys-fs has a subdirectory indirection (*/tty/ttyACMx) which was not handled properly
* wwan.usb - dependent scripts were not included, so this never actually called proto_set_available for example (and relied on inadvertent call for ttyUSB case)
Signed-off-by: David Thornley <david.thornley@touchstargroup.com>
(cherry picked from commit cb262b09396edd171eb3903e50ce5ddeb593f963)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0bc4230 version: bump snapshot
ed04799 poly1305: add missing string.h header
cbd4e34 compat: use stabler lkml links
caa718c ratelimiter: do not allow concurrent init and uninit
894ddae ratelimiter: mitigate reference underflow
0a8a62c receive: drop handshake packets if rng is not initialized
cad9e52 noise: wait for crng before taking locks
83c0690 netlink: maintain static_identity lock over entire private key update
0913f1c noise: take locks for ss precomputation
073f31a qemu: bump default kernel
bec4c48 wg-quick: android: don't forget to free compiled regexes
7ce2ef3 wg-quick: android: disable roaming to v6 networks when v4 is specified
9132be4 dns-hatchet: apply resolv.conf's selinux context to new resolv.conf
41a5747 simd: no need to restore fpu state when no preemption
6d7f0b0 simd: encapsulate fpu amortization into nice functions
f8b57d5 queueing: re-enable preemption periodically to lower latency
b7b193f queueing: remove useless spinlocks on sc
5bb62fe tools: getentropy requires 10.12
4e9f120 chacha20poly1305: use slow crypto on -rt kernels on arm too
Compiled-for: ar71xx, lantiq
Run-tested-on: ar71xx Archer C7 v2 & lantiq HH5a
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
| |
Commit ecd954d530 installs specific interface triggers which rewrites the dnsmasq config
file and restarts dnsmasq if the network interface becomes active for which a trigger
has been installed.
In case no dhcp sections are specified or ignore is set to 1 dnsmasq will not be started
at startup which breaks DNS resolving.
Fix this by ditching the BOOT check in start_service and always start dnsmasq at startup.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501.
Setting the uci parameter encaplimit to ignore; allows to disable the insertion
of the destination option header in the ds-lite packets.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit uci parameter accordingly.
If no encaplimit value is specified the default value is 4 as before.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(FS#1501)
Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501 for dynamic created ds-lite/map
interfaces.
Setting the uci parameter encaplimit_dslite/map to ignore; allows to disable the insertion
of the destination option header for the dynamic created ds-lite/map interface.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit_dslite/map uci parameter accordingly.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
| |
a580028 system-linux: make encaplimit configurable for ip6 tunnels (FS#1501)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501.
Setting the uci parameter encaplimit to ignore; allows to disable the insertion
of the destination option header in the map-e packets.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit uci parameter accordingly.
If no encaplimit value is specified the default value is 4 as before.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix condir option processing allowing to use the format
"<directory>[,<file-extension>......]," as documented on the dnsmasq man
page which previously resulted into bogus dir being created.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This version bump was made upstream mostly for OpenWRT, and should fix
an issue with a null dst when on the flow offloading path.
While we're at it, Kevin and I are the only people actually taking care
of this package, so trim the maintainer list a bit.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use ft_psk_generate_local=1 by default, as it makes everything else fairly
trivial. All of the r0kh/r1kh and key management stuff goes away and hostapd
fairly much does it all for us.
We do need to provide nas_identifier, which can be derived from the BSSID,
and we need to generate a mobility_domain, for which we default to the first
four chars of the md5sum of the SSID.
The complex manual setup should also still work, but the defaults also
now work easily out of the box. Verified by manually running hostapd
(with the autogenerated config) and watching the debug output:
wlan2: STA ac:37:43:a0:a6:ae WPA: FT authentication already completed - do not start 4-way handshake
This was previous submitted to LEDE in
https://github.com/lede-project/source/pull/1382
[dwmw2: Rewrote commit message]
Signed-off-by: Gospod Nassa <devianca@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
(cherry picked from commit 3cc56a5534b8b49a7e9ba57edf9878ec32bdd27a)
|
| |
|
|
|
|
|
|
|
|
| |
Drop package/network/services/wireguard/patches/100-portability.patch
Instead pass 'PLATFORM=linux' to make since we are always building FOR
linux.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit f06def4221c25f4ee43d31c2b90a1371ba4d6d33)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
During handshake we are highjack and reset a LED to the configured trigger
afterwards. ltq-xdsl-app need to start after the LED init script, to
ensure that the LED init script doesn't re-highjack the LED we are
currently using for handshake indication.
Drop the comment about the atm dependency. The dependency was fixed quite
some time ago by using hotplug scripts for br2684ctl.
Signed-off-by: Mathias Kresin <dev@kresin.me>
(cherry picked from commit 0678cc850ccc068ba33eb87f5f1bf8294a87e611)
|
| |
|
|
|
|
|
|
|
| |
This reverts commit c97189e26dfb9b0eaf5b9cd7e33a99e2f780cb58
as it has different issues:
-Host file is not written in a directory unique per dnsmasq instance
-odhcpd writes host info into the same directory but still sends a SIGHUP to dnsmasq
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
| |
1.) "addn-hosts" per default point to a file (but it supports directory)
2.) "hostsdir" only support directory with the additional benefit: New or changed files are read automatically.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* chacha20poly1305: add mips32 implementation
"The OpenWRT Commit" - this significantly speeds up performance on cheap
plastic MIPS routers, and presumably the remaining MIPS32r2 super computers
out there.
* timers: reinitialize state on init
* timers: round up instead of down in slack_time
* timers: remove slack_time
* timers: clear send_keepalive timer on sending handshake response
* timers: no need to clear keepalive in persistent keepalive
Andrew He and I have helped simplify the timers and remove some old warts,
making the whole system a bit easier to analyze.
* tools: fix errno propagation and messages
Error messages are now more coherent.
* device: remove allowedips before individual peers
This avoids an O(n^2) traversal in favor of an O(n) one. Before systems with
many peers would grind when deleting the interface.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
| |
Refresh patches; remove 320-mbedtls_dont_use_deprecated_sha256_function
patch as upstream fixed
For changes in version 2.60 see https://curl.haxx.se/changes.html#7_60_0
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
52be69b version: bump snapshot
4884b45 ncat-client-server: add wg-quick variant
a333551 wg-quick: add darwin implementation
f5bf84d compat: backport for OpenSUSE 15
fe1ae1b wg-quick: add wg symlink
ecc1c5f wg-quick: add android implementation
3e6bb79 tools: reorganize for multiplatform wg-quick
b289d12 allowedips: Fix graphviz output after endianness patch
Refresh cross compile compatibility patch
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes it easier to distribute prefixes over a wireguard tunnel
interface, by simply setting the ip6prefix option in uci (just like with
other protocols).
Obviously, routing etc needs to be setup properly for things to work; this
just adds the config option so the prefix can be assigned to other
interfaces.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The max_oper_chwidth settings was parsed incorrectly for big endian system.
This prevented the system to switch to VHT80 (or VHT160). Instead they were
mapped to:
* HT20: 20MHz
* VHT20: 20MHz
* HT40: 40MHz
* VHT40: 40MHz
* VHT80: 40MHz
* VHT160: 40MHz
This happened because each max_oper_chwidth setting in the config file was
parsed as "0" instead of the actual value.
Fixes: a4322eba2b12 ("hostapd: fix encrypted mesh channel settings")
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
|
| |
|
|
|
|
|
|
| |
b45e162 helpers: fix the set_helper in the rule structure
f742ba7 helpers.conf: support also tcp in the CT sip helper
08b2c61 helpers: make the proto field as a list rather than one option
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
|
|
|
|
|
|
| |
Fix encrypted (or DFS) AP+MESH interface combination in a way similar
to how it's done for AP+STA and fix netifd shell script.
Refresh patches while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
6b4a340 version: bump snapshot
faa2103 compat: don't clear header bits on RHEL
4014532 compat: handle RHEL 7.5's recent backports
66589bc queueing: preserve pfmemalloc header bit
37f114a chacha20poly1305: make gcc 8.1 happy
926caae socket: use skb_put_data
724d979 wg-quick: preliminary support for go implementation
c454c26 allowedips: simplify arithmetic
71d44be allowedips: produce better assembly with unsigned arithmetic
5e3532e allowedips: use native endian on lookup
856f105 allowedips: add selftest for allowedips_walk_by_peer
41df6d2 embeddable-wg-library: zero attribute padding
9a1bea6 keygen-html: add zip file example
f182b1a qemu: retry on 404 in wget for kernel.org race
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches and backport upstream to current HEAD:
1f1873a Log warning on very large cachesize config, instead of truncating it.
0a496f0 Do unsolicited RAs for interfaces which appear after dnsmasq startup.
e27825b Fix logging in previous.
1f60a18 Retry SERVFAIL DNSSEC queries to a different server, if possible.
a0088e8 Handle query retry on REFUSED or SERVFAIL for DNSSEC-generated queries.
34e26e1 Retry query to other servers on receipt of SERVFAIL rcode.
6b17335 Add packet-dump debugging facility.
07ed585 Add logging for DNS error returns from upstream and local configuration.
0669ee7 Fix DHCP broken-ness when --no-ping AND --dhcp-sequential-ip are set.
f84e674 Be persistent with broken-upstream-DNSSEC warnings.
Compile & run tested: ar71xx Archer C7 v2
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now interface.update events are sent out by netifd upon interface state,
route, address (lifetime), prefix lifetime changes.
Dnsmasq is only interested in interface state changes and currently adds an
interface trigger for all the "interface.*" events.
In combination with commit 23bba9cb330, which triggers a SIGHUP signal to dnsmasq,
IPv6 address/prefix lifetime changes on the wan will trigger dnsmasq reloads which
can become frequent in case of shorter lifetimes.
To avoid frequent dnsmasq reload, this patch adds specific interface triggers.
During dnsmasq init it loops dhcp uci section; if the value of the ignore option
is set to 0, then the corresponding interface trigger is not installed.
Otherwise, if the ignore option value is 1, then procd_add_interface_trigger is
called which adds the interface trigger.
Signed-off-by: hux <xinxing.huchn@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Point at github which is new, maintained location for igmpproxy.
Remove all patches as all have been upstreamed.
Closes FS#1456
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
| |
The init sccript for igmpproxy uses the option 'network' both as an interface name for fetching the l3_device name and for creating the firewall rules. This only works if the name of the network and firewall zone are identical.
This commit introduces a new option 'zone' for configuring the upstream and downstream firewall zones in order for the init script to create the required firewall rules automatically. When no such options are given, the init script falls back to not creating the firewall rules and the user can opt to create these manually.
Signed-off-by: Jaap Buurman <jaapbuurman@gmail.com>
|
| |
|
|
|
|
| |
Add the channel utilization as hostapd configuration option.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Bearing fruits of the latest upstreaming efforts on cake.
Changes: diffserv-llt dropped. The paper describing this DSCP
allocation has gone stale and doesn't appear used.
The userspace to kernel netlink messages for cake have been reworked in
a backwards incompatible way, so tc & cake must be bumped together this
once.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
print_uint() will silently promote its variable type to uint64_t, but there
is nothing that ensures that the format string specifier passed along with
it fits (and the function name suggest to pass "%u").
Fix this by changing print_uint() to use a native 'unsigned int' type, and
introduce a separate print_u64() function for printing 64-bit values. All
call sites that were actually printing 64-bit values using print_uint() are
converted to use print_u64() instead.
Since print_int() was already using native int types, just add a
print_s64() to match, but don't convert any call sites.
Fixes wonkyness in some stats from some qdiscs under tc
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
