aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* uhttpd: don't redirect to HTTPS by defaultPetr Štetiar2020-12-201-1/+1
| | | | | | | | | | | | | | | | | | | So we can ship px5g-wolfssl by default in the release image, but still make the HTTPS for LuCI optional. This small change with addition of `CONFIG_PACKAGE_px5g-wolfssl=y` into the buildbot's seed config for the next release should provide optional HTTPS in the next release. Disabling the current default automatic uhttpd's redirect to HTTPS should make the HTTPS optional. That's it, user would either need to switch to HTTPS by manually switching to https:// protocol in the URL or by issuing the following commands to make the HTTPS automatic redirect permanent: $ uci set uhttpd.main.redirect_https=1 $ uci commit uhttpd $ service uhttpd reload Signed-off-by: Petr Štetiar <ynezz@true.cz>
* netifd: update to latest versionNick Hainke2020-12-141-3/+3
| | | | | | 458b1a7e9473 netifd: add segment routing support Signed-off-by: Nick Hainke <vincent@systemli.org>
* odhcpd: remove local mkdir_p implementationDaniel Golle2020-12-131-3/+3
| | | | | | | Replace local mkdir_p implementation in favour of using mkdir_p now added to libubox. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* xfrm: support 'multicast' attribute on interfacesPhilip Prindeville2020-12-112-3/+6
| | | | | | | | | | | | | | You shouldn't need the overhead of GRE just to add multicast capability on a point-to-point interface (for instance, you might want to run mDNS over IPsec transport connections, and Avahi requires IFF_MULTICAST be set on interfaces, even point-to-point ones). Borrowed heavily from: b3c9321b9e gre: Support multicast configurable gre interfaces Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* dropbear: bump package versionKonstantin Demin2020-12-111-1/+1
| | | | | | | | Bump package version after previous changes. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> [added missing commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* dropbear: add ssh-askpass support in configurationKonstantin Demin2020-12-112-1/+12
| | | | | | | | | | binary size cost is much less than 1k. tested on ath79/generic: bin: 215128 -> 215132 (+4b) ipk: 111183 -> 111494 (+311b) Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: roll up recipes into mapping listsKonstantin Demin2020-12-111-24/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this commit removes manual recipes for options and introduces mapping lists: - DB_OPT_COMMON holds option mappings which are common for all builds; - DB_OPT_CONFIG holds option mappings which are depend on config settings. DB_OPT_COMMON is space-separated list of 'words', each of them is in format: 'header_option|value' 'header_option' is added with value 'value' to 'localoptions.h'. if 'header_option' is preceded by two exclamation marks ('!!') then option is not added to 'localoptions.h' but replaced in 'sysoptions.h'. in short: option|value - add option to localoptions.h !!option|value - replace option in sysoptions.h DB_OPT_CONFIG is space-separated list of 'words', each of them is in format: 'header_option|config_variable|value_enabled|value_disabled' 'header_option' is handled likewise in DB_OPT_COMMON. if 'config_variable' is enabled (technically: not disabled) then 'header_option' is set to 'value_enabled' and 'value_disabled' otherwise. in short: option|config|enabled|disabled = add option to localoptions.h !!option|config|enabled|disabled = replace option in sysoptions.h option := (config) ? enabled : disabled If you're not sure that option's value doesn't have '|' within - add your recipe manually right after '$(Build/Configure/dropbear_headers)' and write some words about your decision. PS about two exclamation marks: early idea was to use one exclamation mark to denote such header options but then i thought single exclamation mark may be overlooked by mistake. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: rework recipes that configure buildKonstantin Demin2020-12-111-22/+17
| | | | | | | | - add two helper functions to avoid mistakes with choice of correct header file to work with - update rules accordingly Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: reorder options in Configure recipeKonstantin Demin2020-12-111-11/+11
| | | | | | | put static options at first place, then place configurable options. also put DROPBEAR_ECC right before DROPBEAR_ECC_FULL to ease maintainance. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* dropbear: enable back DROPBEAR_USE_PASSWORD_ENVKonstantin Demin2020-12-111-2/+1
| | | | | | | | | | | | | this option was disabled in 2011 and these long nine years showed us that change was definitely wrong. binary size cost is much less than 1k. tested on ath79/generic: bin: 215128 -> 215128 (no change) ipk: 111108 -> 111183 (+75b) Fixes: 3c801b3dc0359 ("tune some more options by default to decrease size") Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* iftop: remove packagePaul Spooren2020-12-091-45/+0
| | | | | | | The package has no reason to be in openwrt.git. Move it to packages.git. Signed-off-by: Paul Spooren <mail@aparcar.org> Acked-by: Jo-Philipp Wich <jo@mein.io>
* odhcp6c: update to latest git HEADHans Dedecker2020-12-091-3/+3
| | | | | | | 0ffa3a3 dhcpv6: harden reconfigure logic 3999b6d dhcpv6: rework DHCPv6 message to string implementation Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* lldpd: fix autoreconf failureJo-Philipp Wich2020-12-091-0/+61
| | | | | | | | | | | | | | | | | | | | | The lldpd sources ship a modified local AX_LIB_READLINE M4 macro which conflicts with the official macro shipped by autoconf-archive. Due to the official macro having the same name and a higher serial number, autoconf will prefer including that one instead of the local copy, preventing the substitution of @READLINE_LIBS@ in Makefile.in templates, ultimately leading to the following build failure when linking lldpcli: ...-gcc: error: READLINE_LIBS@: No such file or directory Avoid this problem by renaming the locally shipped macro to not clash with the official implementation anymore. Ref: https://github.com/lldpd/lldpd/pull/423 Acked-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Rosen Penev <rosenp@gmail.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: Disable 802.11b data rates by defaultNick Lowe2020-12-062-2/+2
| | | | | | | | | | | | | | | | | Set legacy_rates to 0 by default to disable 802.11b data rates by default. The time has long come where 802.11b DSSS/CCK data rates should be disabled by default in OpenWRT. Users in need of 802.11b client support can reasonably enable these where they are needed. The balance of equities has significantly, and for a long time, tipped such that dropping backwards compatibility by default with 802.11b devices is appropriate, proportionate and justified. By doing so, management and control traffic is moved by default to a 20 MHz wide 6 Mb/s OFDM data rate instead of a 22 MHz wide 1 Mb/s DSSS data rate. This is significantly more airtime efficient. Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
* openvpn: removeRosen Penev2020-12-0518-1564/+0
| | | | | | | This will be moved to packages. Signed-off-by: Rosen Penev <rosenp@gmail.com> Acked-by: Paul Spooren <mail@aparcar.org>
* openvpn-easy-rsa: removeRosen Penev2020-12-053-92/+0
| | | | | | This will be moved to packages. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* odhcp6c: update to git HEADHans Dedecker2020-12-051-3/+3
| | | | | | | | | | faed29a dhcpv6: only refresh timers when reconfigure is valid 9c50975 dhcpv6: fix printing identity association id a7b2221 dhcpv6: avoid sending continuous renew/rebind messages d7afa2b dhcpv6: add extra syslog info traces f5728e4 odhcp6c_find_entry: exclude priority from the list of fields that must match Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to the latest versionFelix Fietkau2020-12-021-3/+3
| | | | | | | | | | | d6bd1047d004 vlandev: dump vlan id in device status e0c838bd06a6 vlandev: support bridge-vlan aliases in the vid config parameter 574dc4a17105 system-dummy: print configured mac address 14f0e8ff928f system-linux: simplify mask check in system_if_apply_settings 524310276f20 system-linux: move device settings handling to device.c 42c48866f1c1 config: parse default mac address from board.json Signed-off-by: Felix Fietkau <nbd@nbd.name>
* umdns: add check for seccomp listJan Pavlinec2020-11-302-2/+2
| | | | | | | | This should fix an issue when user have a router with enabled seccomp and tries to run umdns package which was build with SDK with disabled seccomp support. Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* hostapd: Add cell_density data rates optionNick Lowe2020-11-301-13/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a cell_density option to configure data rates for normal, high and very high cell density wireless deployments. The purpose of using a minimum basic/mandatory data rate that is higher than 6 Mb/s, or 5.5 Mb/s (802.11b compatible), in high cell density environments is to transmit broadcast/multicast data frames using less airtime or to reduce management overheads where significant co-channel interference (CCI) exists and cannot be avoided. Caution: Without careful design and validation, configuration of a too high minimum basic/mandatory data rate can sacrifice connection stability or disrupt the ability to reliably connect and authenticate for little to no capacity benefit. This is because this configuration affects the ability of clients to hear and demodulate management, control and broadcast/multicast data frames. Deployments that have not been specifically designed and validated are usually best suited to use 6, 12 and 24 Mb/s as basic/mandatory data rates. Only usually seek to configure a 12 Mb/s, or 11 Mb/s (802.11b compatible), minimum basic/mandatory rate in high cell density deployments that have been designed and validated for this. For many deployments, the minimum basic/mandatory data rate should not be configured above 12 Mb/s to 18 Mb/s, 24 Mb/s or higher. Such a configuration is only appropriate for use in very high cell density deployment scenarios. A cell_density of Very High (3) should only be used where a deployment has a valid use case and has been designed and validated specifically for this use, nearly always with highly directional antennas - an example would be stadium deployments. For example, with a 24 Mb/s OFDM minimum basic/mandatory data rate, approximately a -73 dBm RSSI is required to decode frames. Many clients will not have roamed elsewhere by the time that they experience -73 dBm and, where they do, they frequently may not hear and be able to demodulate beacon, control or broadcast/multicast data frames causing connectivity issues. There is a myth that disabling lower basic/mandatory data rates will improve roaming and avoid sticky clients. For 802.11n, 802.11ac and 802.11ax clients this is not correct as clients will shift to and use lower MCS rates and not to the 802.11b or 802.11g/802.11a rates that are able to be used as basic/mandatory data rates. There is a myth that disabling lower basic/mandatory data rates will ensure that clients only use higher data rates and that better performance is assured. For 802.11n, 802.11ac and 802.11ax clients this is not correct as clients will shift around and use MCS rates and not the 802.11b or 802.11g/802.11a rates that able to be used as basic/mandatory data rates. Cell Density 0 - Disabled (Default) Setting cell_density to 0 does not configure data rates. This is the default. 1 - Normal Cell Density Setting cell_density to 1 configures the basic/mandatory rates to 6, 12 and 24 Mb/s OFDM rates where legacy_rates is 0. Supported rates lower than the minimum basic/mandatory rate are not offered. Setting cell_density to 1 configures the basic/mandatory rates to the 5.5 and 11 Mb/s DSSS rates where legacy_rates is 1. Supported rates lower than the minimum basic/mandatory rate are not offered. 2 - High Cell Density Setting the cell_density to 2 configures the basic/mandatory rates to the 12 and 24 Mb/s OFDM rates where legacy_rates is 0. Supported rates lower than the minimum basic/mandatory rate are not offered. Setting the cell_density to 2 configures the basic/mandatory rates to the 11 Mb/s DSSS rate where legacy_rates is 1. Supported rates lower than the minimum basic/mandatory rate are not offered. 3 - Very High Cell Density Setting the cell_density to 3 configures the basic/mandatory rates to the 24 Mb/s OFDM rate where legacy_rates is 0. Supported rates lower than the minimum basic/mandatory rate are not offered. Setting the cell_density to 3 only has effect where legacy_rates is 0, else this has the same effect as being configured with a cell_density of 2. Where specified, the basic_rate and supported_rates options continue to override both the cell_density and legacy_rates options. Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
* umdns: update seccomp filter rulesDaniel Golle2020-11-272-1/+2
| | | | | | Add 'writev' syscall to list of allowed syscalls. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: fix "sh: out of range" errorsStijn Tintel2020-11-261-0/+7
| | | | | | | | | | | | | | Several variables in hostapd.sh can be used uninitialized in numerical comparisons, causing errors in logread: netifd: radio24 (1668): sh: out of range Set defaults for those variables to silence those errors. Fixes: b518f07d4b8a ("hostapd: remove ieee80211v option") Fixes: cc80cf53c50d ("hostapd: add FTM responder support") Fixes: e66bd0eb0469 ("hostapd: make rrm report independent of ieee80211k setting") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* lldpd: bump to 1.0.7Stijn Tintel2020-11-261-3/+3
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* tcpdump: patch CVE-2020-8037Jan Pavlinec2020-11-252-1/+48
| | | | | | | | | This PR backports upstream fix for CVE-2020-8037. This fix is only relevant for tcpdump package, tcpdump-mini is not affeted by this issue. Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz> [added missing commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uqmi: set plmn only if necessaryMartin Schiller2020-11-242-8/+22
| | | | | | | | | | | | | | | | | Setting the plmn to '0' (auto) will implicitly lead to a (delayed) network re-registration, which could further lead to some timing related issues in the qmi proto handler. On the other hand, if you switch back from manual plmn selection to auto mode you have to set it to '0', because this setting is permanently "saved" in the wwan module. Conclusion: If plmn is configured, check if it's already set euqally in the module. If so, do nothing. Otherwise set it. Signed-off-by: Martin Schiller <ms@dev.tdt.de> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: fix patch offsetLeon M. George2020-11-231-1/+1
| | | | | | | Fixes the offset of the patch added in 93bbd998aa696a ("hostapd: enter DFS state if no available channel is found"). Signed-off-by: Leon M. George <leon@georgemail.eu>
* netifd: update to the latest versionFelix Fietkau2020-11-231-3/+3
| | | | | | | 213748a9bcd9 system-linux: implement full device present state management for force-external devices 3abe1fc87151 system-linux: add retry for adding member devices to a bridge Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: enable the epoll-based event loopRui Salvaterra2020-11-238-8/+8
| | | | | | Hostapd supports epoll() since 2014. Let's enable it for better performance. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* uhttpd: update to git HEADDaniel Golle2020-11-231-4/+4
| | | | | | f53a639 ubus: fix uhttpd crash Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uqmi: update to git HEADDaniel Golle2020-11-221-4/+4
| | | | | | | 65796a6 nas: add --get-plmn 0a19b5b uqmi: add timeout parameter Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uqmi: set device-operating-mode to onlineFilip Moc2020-11-222-1/+4
| | | | | | | This is required for LTE module MR400 (in TL-MR6400 v4). Otherwise LTE module won't register to GSM network. Signed-off-by: Filip Moc <lede@moc6.cz>
* uqmi: add support for IPv4 autoconf from QMIFilip Moc2020-11-222-12/+39
| | | | | | | | | | | There already was an option for autoconfiguring IPv4 from QMI but this was removed by commit 3b9b963e6e08 ("uqmi: always use DHCP for IPv4"). DHCP does not work on MR400 LTE module (in TL-MR6400 v4) so let's readd support for IPv4 autoconf from QMI but this time allow to configure this for IPv4 and IPv6 independently and keep DHCP default on IPv4. Signed-off-by: Filip Moc <lede@moc6.cz>
* uqmi: wait forever registration if timeout set to 0Thomas Richard2020-11-221-2/+2
| | | | | | | | | | | Give possibility to wait forever the registration by setting timeout option to 0. No timeout can be useful if the interface starts whereas no network is available, because at the end of timeout the interface will be stopped and never restarted. Signed-off-by: Thomas Richard <thomas.richard@kontron.com>
* netifd: update to the latest versionFelix Fietkau2020-11-211-3/+3
| | | | | | | | | 351d690f1a09 wireless: fix passing bridge name for vlan hotplug pass-through c1c2728946b5 config: initialize bridge and bridge vlans before other devices 5e18d5b9ccb1 interface: do not force link-ext hotplug interfaces to present by default 4544f026bb09 bridge-vlan: add support for defining aliases for vlan ids Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iperf3: Update to version 3.9Hauke Mehrtens2020-11-181-2/+2
| | | | | | | | | | | | No special changes, just get in sync with recent code. See here for the changelog: http://software.es.net/iperf/news.html#iperf-3-9-released The ipkg sizes changes as follows for mips 24kc : 3.7 : iperf3_3.7-1_mips_24kc.ipk 39675 3.9 : iperf3_3.9-1_mips_24kc.ipk 41586 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ethtool: update to version 5.9Hans Dedecker2020-11-171-2/+2
| | | | | | | | The ipkg sizes changes as follows for mips 24kc : 5.8 : ethtool_5.8-1_mips_24kc.ipk 34930 5.9 : ethtool_5.9-1_mips_24kc.ipk 35241 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: set validity interval for BSS TMRADavid Bauer2020-11-171-1/+1
| | | | | | | | | | | | This sets the validity interval for the BSS transition candidate list to the same value as the disassociation timer. Currently the value is always 0, which is the specification states is a reserved value. Also, wpa_supplicant and from the looks of it some Android implementations will outright ignore the candidate list in this case. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add support for static airtime policy configurationDobroslaw Kijowski2020-11-172-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for passing airtime_sta_weight into hostapd configuration. * Since that commit it is possible to configure station weights. Set higher value for larger airtime share, lower for smaller share. I have tested this functionality by modyfing /etc/config/wireless to: config wifi-device 'radio0' ... option airtime_mode '1' config wifi-iface 'default_radio0' ... list airtime_sta_weight '01:02:03:04:05:06 1024' Now, when the station associates with the access point it has been assigned a higher weight value. root@OpenWrt:~# cat /sys/kernel/debug/ieee80211/phy0/netdev\:wlan0/stations/01\:02\:03\:04\:05\:06/airtime RX: 12656 us TX: 10617 us Weight: 1024 Deficit: VO: -2075 us VI: 256 us BE: -206 us BK: 256 us [MAC address has been changed into a dummy one.] Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
* hostapd: fix per-BSS airtime configurationDobroslaw Kijowski2020-11-172-1/+3
| | | | | | | | airtime_mode is always parsed as an empty string since it hasn't been added into hostapd_common_add_device_config function. Fixes: e289f183 ("hostapd: add support for per-BSS airtime configuration") Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
* hostapd: ubus: add get_status methodDavid Bauer2020-11-171-0/+40
| | | | | | | This adds a new get_status method to a hostapd interface, which provides information about the current interface status. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: ubus: add VHT capabilities to client listDavid Bauer2020-11-171-0/+71
| | | | | | | This adds parsed VHT capability information to the hostapd get_clients method. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: ubus: add driver information to client listDavid Bauer2020-11-171-0/+24
| | | | | | | | This adds information from mac80211 to hostapd get_client ubus function. This way, TX as well as RX status information as well as the signal can be determined. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: fix variable shadowingDavid Bauer2020-11-171-0/+2
| | | | | | Fixes commit 838b412cb527 ("hostapd: add interworking support") Signed-off-by: David Bauer <mail@david-bauer.net>
* umdns: convert seccomp filter rules to OCI formatDaniel Golle2020-11-172-31/+42
| | | | | | | procd-seccomp switched to OCI-compliant seccomp parser instead of our (legacy, OpenWrt-specific) format. Convert ruleset to new format. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wireguard-tools: fix category/description in menuconfigAlberto Bursi2020-11-171-2/+11
| | | | | | | | | | | | | | | | | | | | | wireguard-tools is trying to import the menuconfig section from the wireguard package, but since it's not anymore in the same makefile this seems to fail and wireguard-tools ends up in "extra packages" category instead with other odds and ends. Same for the description, it's trying to import it from the wireguard package but it fails so it only shows the line written in this makefile. remove the broken imports and add manually the entries and description they were supposed to load Fixes: ea980fb9c6de ("wireguard: bump to 20191226") Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com> [fix trailing whitespaces, add Fixes] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* odhcpd: update to latest git HEADHans Dedecker2020-11-151-4/+4
| | | | | | fb55e80 dhcpv6-ia : write statefile atomically Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dropbear: update to 2.81Hans Dedecker2020-11-154-9/+7
| | | | | | | | Update dropbear to latest stable 2.81; for the changes see https://matt.ucc.asn.au/dropbear/CHANGES Refresh patches Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wireguard-tools: drop the dependency on ip-{tiny,full}Rui Salvaterra2020-11-141-1/+1
| | | | | | | | | | | | BusyBox ip already provides the required functionality and is enabled by default in OpenWrt. This patch drops the ip dependency and makes the BusyBox ip required dependencies explicit, allowing for a significant image size reduction. openwrt-ath79-generic-ubnt_nanostation-loco-m-squashfs-sysupgrade.bin size: 4588354 bytes (with ip-tiny) 4457282 bytes (with BusyBox ip) Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* iproute2: update to 5.9Hans Dedecker2020-11-143-6/+6
| | | | | | | | | Update iproute2 to latest stable 5.9; for the changes see https://lwn.net/Articles/834755/ Refresh patches Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Acked-by: Hauke Mehrtens <hauke@huake-m.de>
* netifd: update to the latest versionFelix Fietkau2020-11-131-3/+3
| | | | | | 4a41135750d9 system-linux: only overwrite dev->present state on check_state for simple devices Signed-off-by: Felix Fietkau <nbd@nbd.name>