Commit graph

1079 commits

Author SHA1 Message Date
Steven Barth
99fa07d07e netifd: add option to customize IPv6 interface identifiers (thx Hans Dedecker)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44050
2015-01-19 08:39:04 +00:00
Felix Fietkau
2f43d3dcba igmpproxy: add patch to silence unnecessary logging of downstream igmp traffic
This patch adds a simple check to silence logging of messages about
unrecognized igmp packets which originate from devices in local network.

Without this patch igmpproxy floods openwrt syslog with messages such as:
  user.warn igmpproxy[19818]: The source address 192.168.1.175 for group
  239.255.250.250, is not in any valid net for upstream VIF.

Signed-off-by: Antti Seppälä <a.seppala@gmail.com>

SVN-Revision: 44020
2015-01-18 00:42:43 +00:00
John Crispin
16b45d21c6 dnsmasq: add option --quiet-dhcp
The --quiet-dhcp setting increases privacy by omitting DHCP lease logs including MAC addresses.

Signed-off-by: Lars Kruse <devel@sumpfralle.de>

SVN-Revision: 44006
2015-01-17 14:38:55 +00:00
John Crispin
491f3fc048 Support for building an hardened OpenWRT
Introduce configuration options to build an "hardened" OpenWRT.

Options to enable Stack-Smashing Protection, FORTIFY_SOURCE and RELRO
have been introduced.

uClibc makefile now automatically detects if SSP support is necessary.

hostapd makefile has been fixed to use "^" as sed separator since
using a comma was problematic when using "-Wl,-z,now" and the like in
TARGET_CFLAGS.

Currently enabling SSP on user space depends on enabling SSP kernel
side, this is due to the fact that TARGET_CFLAGS are used to build
kernel modules (at least). Suggestions on how to avoid this are welcome.
Using "select" instead of "depends on" doesn't seem to work with choice
entries.

Tested with a lantiq (WBMR) router, GCC 4.8, uClibc and a subset of
the available packages.
Needs to be tested with GCC 4.9 and the remaining packages.
PIE not currently included.

Signed-off-by: Alessandro Di Federico <ale+owrt@clearmind.me>

SVN-Revision: 44005
2015-01-17 14:31:30 +00:00
John Crispin
ff3448adaa curl: allow enabling https protocol
Provide optional --enable-https flag for curl.

Signed-off-by: Lars Kruse <devel@sumpfralle.de>

SVN-Revision: 43997
2015-01-17 13:57:56 +00:00
Felix Fietkau
6774c43dde add iperf3, a new and smaller version of iperf
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43996
2015-01-17 13:14:02 +00:00
Steven Barth
18f76fbef1 iproute2: add package for bridge program
The 'bridge' program has been part of iproute2 for a while, and it was once
declared[1] to the the intended longterm replacement for bridge-utils, but
its features are still mostly distinct[2] from the venerable brctl.

[1] http://lwn.net/Articles/435845/
[2] http://sgros-students.blogspot.com/2013/11/comparison-of-brctl-and-bridge-commands.html

Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 43993
2015-01-17 10:58:34 +00:00
Steven Barth
d644d1bd5e iproute2: fix header problem for musl
iproute2 includes "sanitized" linux kernel headers, which work fine for uClibc, however
with musl there is some header conflict, principally some ipv6 structure redefinition.  This
patch removes <linux/in6.h> from include/linux/if_bridge.h to solve the problem.

Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 43992
2015-01-17 10:58:29 +00:00
Steven Barth
148684bbf4 iproute2: bump version to 3.18.0
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 43991
2015-01-17 10:58:22 +00:00
Jo-Philipp Wich
59cab6dd48 dnsmasq: support and use local-service by default (#14951)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43982
2015-01-16 19:04:19 +00:00
Luka Perkov
5b0849b97f mdns: install uci package as config
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>

SVN-Revision: 43967
2015-01-14 09:59:26 +00:00
Steven Barth
252bb0eeae map: export calculated ruleset to /tmp
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43961
2015-01-13 19:00:39 +00:00
Rafał Miłecki
adaac86c7f hostapd: backport patch fixing handling new stations
This patch fixes adding new stations for some specific drivers when
using more than 1 BSS.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 43951
2015-01-12 22:10:00 +00:00
Steven Barth
98cb5c3a55 nftables: add missing patch
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43949
2015-01-12 12:40:08 +00:00
Steven Barth
05220c415c nftables: bump again and disable building docs
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43948
2015-01-12 12:39:14 +00:00
Steven Barth
d73c382a73 map: ignore psid and psidlen if psidlen is 0
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43946
2015-01-12 10:56:54 +00:00
Steven Barth
6150714eb0 nftables: bump to latest and enable debugging
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43944
2015-01-12 06:16:51 +00:00
Jo-Philipp Wich
da9782f935 thc-ipv6: update to v2.7
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43894
2015-01-09 12:49:55 +00:00
Jo-Philipp Wich
39d0b8fea8 lldpd: update to v0.7.13
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43891
2015-01-09 12:35:09 +00:00
John Crispin
52c949e448 openvpn: procd_set_param respawn
Makes sure that the openvpn instance gets restarted in case of a crash.

Intentional stops using /etc/init.d/openvpn stop will not result in
respawning. Anything else will, e.g. killall openvpn.

Signed-off-by: Lars Gierth <larsg@systemli.org>

SVN-Revision: 43886
2015-01-08 20:26:41 +00:00
Jo-Philipp Wich
a6a142caf6 firewall: respect src_dip option for reflection (#18544)
Also fix wrong IPv4 netmask calculation on x86-64, thanks Ulrich Weber.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43874
2015-01-08 16:10:46 +00:00
Steven Barth
afff105706 nftables: bump to latest git / all patches upstreamed
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43870
2015-01-08 11:31:36 +00:00
Jo-Philipp Wich
7f6af5ddc9 qos-scripts: bump PKG_REVISION and copyright year
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43860
2015-01-06 12:42:38 +00:00
Jo-Philipp Wich
a0fb139369 openvpn: bump PKG_REVISION and copyright year
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43859
2015-01-06 12:41:22 +00:00
Felix Fietkau
6493328c8f dnsmasq: fix dependency problems of the dnsmasq-full variant.
This patch tries to

 - Let the DHCPv6 feature depend on CONFIG_IPV6.
 - Conditionally select libnettle, kmod-ipv6, kmod-ipt-ipset only if the
   corresponding features are enabled.
 - Install `trust-anchors.conf` only if DNSSEC is selected.
 - Add PKG_CONFIG_DEPENDS for the configurable options.
 - Add a patch to let the Makefile of dnsmasq be aware of changes in
   COPTS variable.

Big thanks goes to Frank Schäfer <fschaefer.oss@googlemail.com> for
providing necessary information on connections and dependency relations
between these CONFIGs and packages.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 43851
2015-01-05 13:03:48 +00:00
Felix Fietkau
fe35a1cb8b package: remove references to symbols TARGET_{ps3,pxcab}.
Target pxcab and ps3 were removed from maintaince in r34764 and r34765
respectively.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 43850
2015-01-05 13:03:40 +00:00
Felix Fietkau
4ea1edf840 hostapd: Add uapsd option to netifd.sh
The uapsd option sets the uapsd_advertisement_enabled flag in hostapd.

The check for phy support is already implemented here in hostapd since 2011:
http://w1.fi/cgit/hostap/commit/?id=70619a5d8a3d32faa43d66bcb1b670cacf0c243e

So this can be safely set to 1 as default.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>

SVN-Revision: 43846
2015-01-05 13:03:12 +00:00
Imre Kaloz
f9cf1e97fd upgrade to latest revision
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 43826
2015-01-04 18:39:58 +00:00
Felix Fietkau
8bd2c446d4 openvpn: backport an upstream fix for a regression in using --cipher none (fixes #18676)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43823
2015-01-04 12:03:29 +00:00
Felix Fietkau
b2de18bea4 hostapd: add support for configuring supported rates
patch by Wilco Baan Hofman from #18627

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43782
2014-12-27 12:59:47 +00:00
Steven Barth
4746ffd7a6 netifd: minor fixes, add mldversion option
thanks to Hans Dedecker

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43771
2014-12-23 13:34:04 +00:00
Steven Barth
d945d7d647 dnsmasq: also add the actual patches...
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43759
2014-12-22 09:52:19 +00:00
Steven Barth
1472eaec65 dnsmasq: backport some dnssec fixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43758
2014-12-22 09:51:22 +00:00
Steven Barth
d9011ad6be dnsmasq: allow de-selecting features from -full variant.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 43733
2014-12-17 05:59:12 +00:00
Steven Barth
f0ecc0ec37 iproute2: bump version from 3.16.0 to 3.17.0
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 43731
2014-12-16 12:43:50 +00:00
Steven Barth
5628648f87 nftables: bump to release 0.4, cleanup our patches
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43730
2014-12-16 09:28:59 +00:00
Steven Barth
8aa9160274 nftables: mini-bump and patch cleanup
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43710
2014-12-15 09:41:47 +00:00
Steven Barth
c927daaf76 nftables: bump to latest git, fix mini-gmp patches
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43707
2014-12-14 16:03:45 +00:00
John Crispin
d64e4392df iwinfo: bump to latest git HEAD
http://patchwork.ozlabs.org/patch/420128/

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43666
2014-12-12 16:17:24 +00:00
Felix Fietkau
8afce572b7 igmpproxy: do not attempt to ifstatus error messages as json
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43660
2014-12-12 14:52:29 +00:00
Felix Fietkau
f48b7aa6e4 igmpproxy: do not start instance if no upstream interface is available
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43659
2014-12-12 14:52:24 +00:00
Felix Fietkau
b37dc7e7ce igmpproxy: fix init script indentation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43658
2014-12-12 14:52:18 +00:00
Steven Barth
f565e0598d netifd: Set source IP for DHCP static routes as well
Commit ce92f6650bd8a86db04c7a6cbb58e7fdb200a7e6 added source IP support
for DHCP default routes. As a side effect of this change the default route
could be present twice in netifd (once with source IP set and once with
source IP unset) if it was sent by the server in both the router and static
route options. Therefore add source IP support as well for static routes as this
case was not considered. Additional remove unused parameter type.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 43645
2014-12-12 09:39:07 +00:00
John Crispin
a8d0b41530 umbim: fix build for 64bit targets
the CC builder fails to build umbim for 64bit targets (xlp, malta64, ....)

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43595
2014-12-10 15:50:43 +00:00
Steven Barth
89e3a8b3b5 odhcp6c: correctly handle renew-replies with short lease times
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43592
2014-12-10 10:41:51 +00:00
Steven Barth
1f4ddec7f2 netifd: several fixes and optimizations
Thanks to Hans Dedecker and Kristian Evensen

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43583
2014-12-08 17:43:14 +00:00
Steven Barth
15d67644f1 This patch depends on "Pass source address to proto_add_ipv4_route".
I have not found a scenario that would break by setting the source address on
default, but please let me know if any special considerations should be taken.

Signed-off-by: Kristian Evensen <kristian.evensen at gmail.com>

SVN-Revision: 43582
2014-12-08 17:43:03 +00:00
Felix Fietkau
62c33d9f62 qos-scripts: fix insmod commands
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43562
2014-12-08 12:03:47 +00:00
John Crispin
1e8a83e553 uqmi: Add --delete-message for deleting SMS messages
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43504
2014-12-03 09:17:28 +00:00
Felix Fietkau
fe05893ffb openvpn: update to 2.3.6, fixes CVE-2014-8104
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43482
2014-12-01 19:49:59 +00:00