NFLOG and NFQUEUE targets' full support for iptables.
Includes all needed kernel modules (Xtables's and Netlink's)
and userspace libraries.
All added kernel modules can be individually disabled,
all other new libraries get their own individual packages.
Reported-by: Fabian Hugelshofer <hugelshofer2006@gmx.ch>
Reported-by: Rainer Poisel <rainer.poisel@fhstp.ac.at>
Reported-by: Derek LaHousse <dlahouss@mtu.edu>
Signed-off-by: Guillaume Déflache <guillaume.deflache@ibwag.com>
SVN-Revision: 42022
This changeset implements a new menuconfig option to generate separate
repositories for each enabled package feed instead of one monolithic one.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 42002
This commit implements a new netfilter match "xt_id" which can be used to
attach unsigned 32bit IDs to iptables rules.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41945
Fixes
b43-phy0 ERROR: Firmware file "b43-open/ucode30_mimo.fw" not found
for BCM43217 devices.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 41943
configure enables libzfs support on default.
This will break the build, on systems without libzfs.
Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
SVN-Revision: 41935
* set the system time/data
* "ubus call gps info" will tell you lattitude, longitude, elevation, speed and bearing
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 41929
This add 5GHz support for N-PHY to b43, thanks Rafał Miłecki.
b43_wflush16 was put into an extra function because it is pretty big in asm.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41900
The package supports Generic Routing Encapsulation support by registering following protocol kinds:
-gre
-gretap
-grev6
-grev6tap
Following options are valid for gre and gretap kinds:
-ipaddr
-peeraddr
-df
-mtu
-ttl
-tunlink
-zone
-ikey
-okey
-icsum
-ocsum
-iseqno
-oseqno
The gretap kind supports additionally the network option
Following options are valid for grev6 and grev6tap kinds:
-ip6addr
-peer6addr
-weakif
-mtu
-ttl
-tunlink
-zone
-ikey
-okey
-icsum
-ocsum
-iseqno
-oseqno
The grev6tap kind supports additionally the network option
Typical network config for a GREv4 tunnel :
config interface 'gre'
option peeraddr '172.16.18.240'
option mtu '1400'
option proto 'gre'
option tunlink 'wan'
option zone 'tunnel'
Typical network config for a GREv4 tap tunnel :
config interface 'gretap'
option peeraddr '195.207.5.79'
option mtu '1400'
option proto 'gretap'
option zone 'tunnel'
option tunlink 'wan'
option network 'wlan_ap'
I added myself as maintainer for the moment; feel free to change.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 41897
Make sure they don't break the sed command, and also make device_info
and openwrt_release more robust for parsing by scripts
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 41885
Creates /etc/device_info which will be used to fill in information for
WPS and other protocols that need manufacturer/device information
This helps with creating OpenWrt firmware for OEM or rebranded devices.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 41884
This change introduces support for wildcard patterns in "option path"
of section "wifi-device".
Objective is to allow paths like "*/usb[0-9]/*/*" in order to claim
any usb device using the same backend type, regardless of its bus
address or phy name.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41873
This patch brings full dynamic vlan support to netifd that existed in hostapd.sh in Attitude Adjustment.
Signed-off-by: Joseph CG Walker <Joe@ChubbyPenguin.net>
[jow@openwrt.org: changed commit message, rebased on top of current hostapd.sh]
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41872
If the iface to scan on already is in ad-hoc, station or monitor mode
then do not spawn a temporary iface.
Also preventively disable IPv6 on temporary ifaces before bringing them
up to avoid potential security issues.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41830
So far iwinfo aborted a wifi scan attempt if the mac of the spawned
interface could not be changed. Change the code to try anyway - this
should fix wifi scanning on RaLink devices.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41826
the IB tries to run the enable target on all init.d scripts.
It fails when including the dsl_control helper. Check for existence
prior to the include.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 41787
Properly parse and pass arbritary netmasks to iptables, this allows
specifying ranges like '::c23f:eff:fe7a:a094/::ffff:ffff:ffff:ffff' to
match the host part of an IPv6 address regardless of the currently active
IPv6 prefix.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41760
Split connection mark into two parts:
The lower nibble contains the confirmed conntrack mark which is not
generated by default/reclassify rules.
The upper nibble contains the current value specified by
default/reclassify rules.
For egress, the default/reclassify value is preferred
For ingress, the connection mark is preferred
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 41682
With this patch mac80211 will be rebuild when one of these config
options was changed.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41677
I missed adding B43_PHY_G to .local-symbols, without this it will not
be added to autoconf.h
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41676
Generate the configuration file for uboot-envtools
on BTHOMEHUBV2B. Adds the specific parameters for the
BTHOMEHUBV2B and also fixes an incorrect path which
would have affected other lantiq boards as well
(currently only the GIGASX76X).
Signed-off-by: Ben Mulvihill <ben.mulvihill@gmail.com>
SVN-Revision: 41597
A missing path prevents the rootfs type contained in a SysupgradeNAND
tar file from being determined correctly.
This fixes it, and also corrects a minor spelling mistake.
Signed-off-by: Ben Mulvihill <ben.mulvihill@gmail.com>
SVN-Revision: 41564
If the sysupgrade scripts is called under upgraded, it will not kill all
other processes as it should to avoid interference by locked filesystem.
This patch checks the parent and if it is upgraded, it kills all.
Signed-off-by: André Valentin <avalentin@marcant.net>
SVN-Revision: 41563
The vif option dtim_period was accidently renamed dtim_interval in r38988
("netifd: add wireless configuration support and port mac80211 to the new
framework"). This is wrong and makes the dtim_period/dtim_interval a dead
option because the rest of the config generation code still uses dtim_period.
Reported-by: Jeppe Ledet-Pedersen <jlp@steinwurf.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
SVN-Revision: 41557
The commit 92281eb747b56e748b7c3d754055919c23befdd4 broke fw3_ubus_addresses() so that
no addresses where returned at all, this caused fw3 to not emit NAT reflection rules
anymore.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41556
They should be unnecessary with fq_codel, and simplifying rules helps
with performance
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 41549
When the original mac addresses are not valid assign the first one to
the internal wifi core, this matches the manufacture mac address in
most cases. In addition refresh the patches.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41545
This updates linux-firmware to version
7f388b4885cf64d6b7833612052d20d4197af96f from 2014-06-04.
In addition it adds new firmware for Intel, Broadcom and Realtek devices.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41523
Some devices have an nvram setting, which make broadcom-wl turn of the
led all the time. When the driver is switched on and we find such a
setting we replace it with a better value.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41518
Some series of devices are using the same mac address, which causes
conflicts for these devices we generate a new mac address based on the
base address. This patch adds this functionality to braodcom-wl.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 41514
in r41439 a flag for enabling remote logging was added,
but the actual check was done on a different variable.
Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
SVN-Revision: 41467
currently the keepalive option needs to be removed to fully disable it. this patch allows us to set it to 0.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 41438
Regardles of the return code from validate_data _error variable will be 0 due
to 'local' command in the previous line. With this patch we are able to catch
the return code from validate_data tool.
Signed-off-by: Luka Perkov <luka@openwrt.org>
SVN-Revision: 41414
ubox validate_data defines yes/no as valid boolean options, do the same in
config_get_bool too.
Signed-off-by: Luka Perkov <luka@openwrt.org>
SVN-Revision: 41405
The preferred he.net /nic/update endpoint expects the password or updatekey in
plain text and not as md5 sum, therfore remove the hashing operation from the
script.
This effectively renders the "updatekey" option redundant but we keep it around
for backwards compatibility. Both "option password" and "option updatekey" will
have end up in the "&password=" parameter of the update url and are passed through
unmodified.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41358
The current $(wildcard ...) match might return multiple files which will break subsequent cp commands
with an error like:
cp: target `/home/user/openwrt/staging_dir/target-mips_34kc_uClibc-0.9.33.2/root-ar71xx/tmp-libc/lib/libgcc_s_pic.a' is not a directory
Prevent this issue by only taking the last path returned by globbing.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41357
Even if enabled option is missing from ntp configuration we are still keeping
default behavior.
Signed-off-by: Luka Perkov <luka@openwrt.org>
SVN-Revision: 41355
this is still wip, you can use the following ubus calls.
ubus call mdns scan # triggers a scan
ubus call mdns browse # look at the currenlty cached records
ubus call mdns hosts # look at the currenlty cached hosts
TODO
- ipv6, currenlty AAAA records are handled but only on v4 sockets
- finish the service announce code
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 41345
sysupgrade otherwise skips kernel part on devices which got
kernel in ubi due to kern_length being undefined, kernel_length
is being used instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 41327
Insert a missing #ifdef UBI around the use of libubi_close().
As the preceding if (libubi) will never be true on non-UBI builds,
compiling only failed when disabling optimization.
Also rebase patch to latest u-boot.git HEAD.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 41313
Reworks the handling of RT_TABLE_MAIN in system-linux.c so that ip rules
with lookup main can be properly setup.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41282
Switches /lib/functions/network.sh from jshn based json parsing to
jsonfilter expression while keeping the existing api.
Expensive methods like "network_find_wan" are up to 20x faster now.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41281
The CLI now describes expression errors more precisely, e.g.:
Syntax error: Invalid escape sequence
In expression @["foo\x"]
Near here ----------^
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41266
This commit renames the jsonpath binary to jsonfilter to avoid clashing with a Python
extension of the same name.
The utility itself has been rewritten to use SQLite3's lemon parser generator instead
of a flex/bison combination which results in a much smaller binary.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41258
* Add Authoritative DNS and IPSET to full variant
* Remove some bloat from IPSET support
* Reintroduce "DHCP no address warning"-patch
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 41246
Ship keys for the root zone and add two uci options to enable
DNSSEC checks:
Option 'dnssec': Activate DNSSEC validation
Option 'dnsseccheckunsigned': Ensure answers without DNSSEC are in
unsigned zones.
Signed-off-by: Andre Heider <a.heider@gmail.com>
SVN-Revision: 41245
This variant includes support for DHCPv6 and DNSSEC.
DNSSEC adds a dependency on libnettle.
Signed-off-by: Andre Heider <a.heider@gmail.com>
SVN-Revision: 41244
As documented in config.h.
Doing otherwise will break dnsmasq's pkg-wrapper script to find its
libs to link to.
Signed-off-by: Andre Heider <a.heider@gmail.com>
SVN-Revision: 41241
Removed unused ubi file file from template as ubinized images are
passed directly and not inside the tarball.
Also removed left-over white-space.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 41237
i got complaints about the bad naming of the api. lets rename it while there are no users yet.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 41220
r40682 ("mac80211: clean up ht capability handling, drop the use of the
ht_capab list, use individual variables instead") removed the ht_capab list and
replaced it with optional variables to disable features for a phy. But these
variables weren't added in drv_mac80211_init_device_config and thus didn't make
any difference when modifying /etc/config/wireless.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
SVN-Revision: 41180