Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.
In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.
Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef
guards around the path, and only using one means to set the path in the
makefile.
Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
Update procd to latest HEAD in order to introduce support for services signals:
- Adds a new service.signal ubus call to send a kill() signal to one or all
running instances of a given service
- Adds a new "reload_signal" property which allows service init scripts to
request procd to send a specific kill() signal on reload, instead of
stopping and restarting running processes
Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.
The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Depending on the dhcp uci config pidof dnsmasq can return
multiple pids. Fix re-reading of the hostfile by dnsmasq in
such case by sending SIGHUP signal to each of the returned
pids.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Track upstream changes, incl changes in packet overhead accounting
(automatically taking care of linux' packet sizing knowledge),
improvements to triple isolated DRR handling (new flow dominance),
statistics tweak & allow more packet drops in stressed conditions.
Under tests this has significantly improved latency control under
'many flows to one' scenarious as is typical of bittorrent and MS
Windows update.
I also restored 'DSCP washing' functionality in my repo which follows
upstream closely (like a hawk!) with tc keywords 'wash/nowash'. This
allows cake to limit/control packets in bands determined by a packet's
DSCP but to clear those DSCP bits on qdisc egress. This functionality
was originally removed as part of an attempt to push cake into the
kernel, which hasn't actually happened as yet.
A matching commit is required to iproute2/tc to support the new overhead
handling, keyword changes as well as the 'wash/nowash' tweak.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations
Signed-off-by: Felix Fietkau <nbd@nbd.name>
OpenVPN requires arguments to --push to be enclosed in double quotes.
One set of quotes is stripped when the UCI config is parsed.
Change append_params() of openvpn.init to enclose push parameters in
double quotes.
Unquoted push parameters do not cause errors in OpenVPN 2.3,
but OpenVPN 2.4 fails to start with unquoted push parameters.
Fixes: FS#290.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This board is very old and unlikely to still be relevant today. Support
for it contains a significant amount of device specific baggage which is
worth getting rid of.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add support for NXP layerscape ls1046ardb 64b/32b Dev board.
LS1046ARDB Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 512 Mbyte NAND flash
* Two 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
* On-board 4G eMMC
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe:
* PCIe1 (SerDes2 Lane0) to miniPCIe slot
* PCIe2 (SerDes2 Lane1) to x2 PCIe slot
* PCIe3 (SerDes2 Lane2) to x4 PCIe slot
* USB 3.0: one super speed USB 3.0 type A port, one Micro-AB port
* UART: supports two UARTs up to 115200 bps for console
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
This just adds the kmods for these kernel modules.
This is found on some Lantiq / Intel reference boards.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.
Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.
Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.
Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
If the hostname in /etc/config/system is modified the dnsmasq will not
reread the update host file under /tmp/hosts/dhcp.$cfg.
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.
This updates it to a more recent version, pointing to the git repo.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Support for MIPS toolchains without FPU support was added upstream,
so remove our patch.
patches/310-mips-link-tool.patch was a backport form this version of valgrind
src/abort.c is not referenced anywhere
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.
Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.
While we're at it, also adjust the various URLs to match the current web site.
After this commit, the relevent files will look like the examples given below:
# cat /etc/openwrt_version
r2398+1
# cat /etc/openwrt_release
DISTRIB_ID='LEDE'
DISTRIB_RELEASE='CURRENT'
DISTRIB_REVISION='r2398+1'
DISTRIB_CODENAME='reboot'
DISTRIB_TARGET='x86/64'
DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
DISTRIB_TAINTS='no-all override'
# cat /usr/lib/os-release
NAME="LEDE"
VERSION="CURRENT, Reboot"
ID="lede"
ID_LIKE="lede openwrt"
PRETTY_NAME="LEDE Reboot CURRENT"
VERSION_ID="current"
HOME_URL="http://lede-project.org/"
BUG_URL="http://bugs.lede-project.org/"
SUPPORT_URL="http://forum.lede-project.org/"
BUILD_ID="r2398+1"
LEDE_BOARD="x86/64"
LEDE_TAINTS="no-all override"
LEDE_DEVICE_MANUFACTURER="LEDE"
LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
LEDE_DEVICE_PRODUCT="Generic"
LEDE_DEVICE_REVISION="v0"
LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"
On a release branch, those files would look like:
# cat /etc/openwrt_version
r2399
# cat /etc/openwrt_release
DISTRIB_ID='LEDE'
DISTRIB_RELEASE='16.12-CURRENT'
DISTRIB_REVISION='r2399'
DISTRIB_CODENAME='test_release'
DISTRIB_TARGET='x86/64'
DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
DISTRIB_TAINTS='no-all override'
# cat /usr/lib/os-release
NAME="LEDE"
VERSION="16.12-CURRENT, Test Release"
ID="lede"
ID_LIKE="lede openwrt"
PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
VERSION_ID="16.12-current"
HOME_URL="http://lede-project.org/"
BUG_URL="http://bugs.lede-project.org/"
SUPPORT_URL="http://forum.lede-project.org/"
BUILD_ID="r2399"
LEDE_BOARD="x86/64"
LEDE_TAINTS="no-all override"
LEDE_DEVICE_MANUFACTURER="LEDE"
LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
LEDE_DEVICE_PRODUCT="Generic"
LEDE_DEVICE_REVISION="v0"
LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"
On a release tag, those files would look like:
# cat /etc/openwrt_version
r2500
# cat /etc/openwrt_release
DISTRIB_ID='LEDE'
DISTRIB_RELEASE='17.02.1'
DISTRIB_REVISION='r2500'
DISTRIB_CODENAME='mighty_unicorn'
DISTRIB_TARGET='x86/64'
DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
DISTRIB_TAINTS='no-all override'
# cat /usr/lib/os-release
NAME="LEDE"
VERSION="17.02.1, Mighty Unicorn"
ID="lede"
ID_LIKE="lede openwrt"
PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
VERSION_ID="17.02.1"
HOME_URL="http://lede-project.org/"
BUG_URL="http://bugs.lede-project.org/"
SUPPORT_URL="http://forum.lede-project.org/"
BUILD_ID="r2500"
LEDE_BOARD="x86/64"
LEDE_TAINTS="no-all override"
LEDE_DEVICE_MANUFACTURER="LEDE"
LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
LEDE_DEVICE_PRODUCT="Generic"
LEDE_DEVICE_REVISION="v0"
LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.
Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:
LD blkid
../lib/libext2fs.so: undefined reference to `_et_list'
collect2: error: ld returned 1 exit status
Makefile:504: recipe for target 'blkid' failed
Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.
In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
"service" is a simple wrapper that will allow to call init.d scripts
current method: # /etc/init.d/network reload
with the wrapper: # service network reload
If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
Based on the submission to the uboot-lantiq repo by Martin Blumenstingl.
Use the ddr_settings.h from the GPL tarball. The NAND boot optimized
one (with memory tuning enabled) doesn't work for the UART boot image.
Use the same mtd layout as the stock u-boot. Add add UBI support.
Use the leds to indicate boot status like it is done with the stock
u-boot. Switch on the red power led if kernel image can't be loaded.
Otherwise switch the green led on.
Make only the ramboot u-boot available. Only this image is required for
the first installation of LEDE.
Signed-off-by: Mathias Kresin <dev@kresin.me>