| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Update to latest HEAD in order to fix MARK rule generation for local traffic,
also fix a possible race condition during firewall start.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
| |
Patch Lua packet script defines SHRT_MAX which is already defined in <linux/kernel.h> and
is included indirectly by lauxlib.h. Fix the redefintion as it leads to compile failure
on systems which treat macro redefinition as an error
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Conntrack support reads the connection track mark associated with
incoming DNS queries and sets the same mark value on the upstream
forwarded DNS query. This can be usefull to track traffic generated
by dnsmasq to associate it with the clients who generate the queries,
usefull for bandwidth accouting and firewall.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
| |
A dropbear instance having an interface config won't start if the interface is down as no
IP address is available.
Adding interface triggers for each configured interface executing the dropbear reload script
will start the dropbear instance when the interface is up.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
Add support for the command line utility nstat displaying network statistics
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
| |
options
Utmp support tracks who is currenlty logged in by logging info to the file /var/run/utmp (supported by busybox)
Putuline support will use the utmp structure to write to the utmp file
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
Make sending a DHCP release configurable when the client exits allowing to clean up
IP/mac state info in intermediate devices.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
lua_packet_segment parameter start has type char pointer; in function lua_tg
it's assigned an uint16 value generating compiler warnings obviously indicating
posssible seg fault problems. Fix the issue by using the correct skb functions
so the parameter points to the position inside the sk_buff
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Stijn Cleynhens <stijn.cleynhens@gmail.com>
|
|
|
|
|
|
|
| |
Add nonshared flag to package depending on specific targets or subtargets as
there's no guarantee otherwise that they'll be available in the shared repo.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
| |
Let DHCP client send a release when it exists so the DHCP server is
informed the IP address is released and allowing to clean up IP/mac
state info in intermediate devices.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
Update to latest HEAD in order to remove the faulty "prelocal" ip rule leading
to unexpected policy rule precedence.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: John Crispin <blogic@openwrt.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Running dnsmasq in a dedicated user/group allows matching its outgoing
traffic more easily using iptables' owner match.
Add UID/GID to the package metadata and append the user/group
parameters to the init script.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 49252
|
|
|
|
|
|
|
|
|
| |
Fixes build with /bin/sh pointing to certain versions of dash (for example
on Void Linux).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 49218
|
|
|
|
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49199
|
|
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 49197
|
|
|
|
|
|
|
|
|
| |
This was introduced in r49183
Reported-by: swalker
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49192
|
|
|
|
|
|
|
|
|
|
| |
Parameter allows to enable/disable static leases; by default the value is 1
to keep backwards compatibility
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49187
|
|
|
|
|
|
|
| |
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49184
|
|
|
|
|
|
|
| |
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49183
|
|
|
|
|
|
|
| |
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49182
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The wpa_supplicant supports an "anonymous_identity" field, which some
EAP networks require. From the documentation:
anonymous_identity: Anonymous identity string for EAP (to be used as the
unencrypted identity with EAP types that support different tunnelled
identity, e.g., EAP-TTLS).
This change modifies the hostapd.sh script to propagate this field
from the UCI config to the wpa_supplicant.conf file.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Reviewed-by: Manuel Munz <freifunk@somakoma.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49181
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following security problems:
* CVE-2015-7560
* CVE-2015-5370
* CVE-2016-2110
* CVE-2016-2111
* CVE-2016-2112
* CVE-2016-2115
* CVE-2016-2118
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49175
|
|
|
|
|
|
|
|
|
|
| |
Silence warning "daemon.notice netifd: wan6 (1139): sh: write error: Invalid argument"
when an invalid MTU is received via RA as kernel refuses to accept IPv6 mtu values
which are smaller than 1280 and bigger than the device mtu.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
git-svn-id: svn+ssh://svn.openwrt.org/openwrt/trunk@49054 3c298f89-4303-0410-b956-a3cf2f4a3e73
|
|
|
|
|
|
|
|
|
| |
x509-username-field was added in OpenVPN 2.2, and verify-x509-name was
added in 2.3. This fixes ticket #18807.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
SVN-Revision: 48969
|
|
|
|
|
|
|
|
|
|
| |
I do not know if this causes any problems now, but we should not set
it, because it is reserved. Some more recent versions of the Lantiq DSL
API driver and Control is checking if only valid bits are set.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48948
|
|
|
|
|
|
|
|
|
|
|
| |
There are some cases where ISPs are running ATM over VDSL or PTM over
ADSL, this is not the common case, but these cases exist. Make it
possible to configure OpenWrt for such cases by adding a new config
option line_mode.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48947
|
|
|
|
|
|
|
|
|
|
| |
The detailed annex option were only available in the danube DSL app
including the activation of G.992.2 Annex A (ADSL Lite). This is now
also added to the vdsl app for the vrx200.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48946
|
|
|
|
|
|
|
|
|
|
|
|
| |
The adsl control app missed the activation of annex M and annex L in
the Annex A part, this now activates everything the firmware supports.
In Annex L type only the wide US (Mask1) was activated, now also the
narrow US (Mask2) version gets activated.
In addition annex J was also added.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48945
|
|
|
|
|
|
|
|
|
|
|
| |
I am not calling dsl_cmd because I want to ignore the lock, quit
should also be send when someone else is accessing it. I saw that some
other call was stuck here and all following calls were stuck in the
dsl_cmd lock.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48943
|
|
|
|
|
|
|
|
| |
This checks for the VRX firmware provided in the OpenWrt package.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48940
|
|
|
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48920
|
|
|
|
|
|
|
|
|
| |
Ensure that ikey and okey are sent in network byte order to the kernel.
Also don't mangle external IP addrs and routes when reconfiguring iinterfaces.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48919
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable setting a host-specific lease time for static hosts.
The new option is called "leasetime" and the format is similar
as for the default lease time: e.g. 12h, 3d, infinite
Default lease time is used for all hosts for which there is
no host-specific definition.
The option is added to /etc/config/dhcp for the selected hosts:
config host
option name 'Nexus'
option mac 'd8:50:66:55:59:7c'
option ip '192.168.1.245'
option leasetime '2h'
It gets appended to /var/etc/dnsmasq.conf like this:
dhcp-host=d8:50:66:55:59:7c,192.168.1.245,Nexus,2h
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 48801
|
|
|
|
|
|
| |
Signed-off-by: dbugnar <dnbugnar@ocedo.com>
SVN-Revision: 48800
|
|
|
|
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48786
|
|
|
|
|
|
|
|
|
| |
Before r47933 Bit 1 (first bit) of xTSE Octet 1 (first octet) defaulted
to 1, which allowed T1.413 to operate.
Signed-off-by: Jonathan A. Kollasch <jakllsch@kollasch.net>
SVN-Revision: 48763
|
|
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48761
|
|
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48760
|
|
|
|
|
|
| |
Signed-off-by: Ben Kelly <ben@benjii.net>
SVN-Revision: 48738
|
|
|
|
|
|
| |
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
SVN-Revision: 48704
|
|
|
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48679
|
|
|
|
|
|
|
|
| |
(#21817)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48655
|
|
|
|
|
|
|
|
|
| |
iptables is the only exception in the package tree, causing patch
behaviour to be inconsistent on this package.
Signed-off-by: Rick van der Zwet <rick.vanderzwet@anywi.com>
SVN-Revision: 48643
|
|
|
|
|
|
|
|
| |
connecting to the router
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48635
|
|
|
|
|
|
|
|
|
|
| |
Supported syntax is inspired by ethtool. Example usages:
swconfig dev switch0 port 2 set link "duplex half speed 100"
swconfig dev switch0 port 2 set link "autoneg on"
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48624
|
|
|
|
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48615
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following security problems:
CVE-2016-0754: remote file name path traversal in curl tool for Windows
http://curl.haxx.se/docs/adv_20160127A.html
CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
http://curl.haxx.se/docs/adv_20160127B.html
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48614
|
|
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48613
|