Commit graph

864 commits

Author SHA1 Message Date
Steven Barth
9f2a17103f iptables: NFLOG and NFQUEUE targets' full support
NFLOG and NFQUEUE targets' full support for iptables.

Includes all needed kernel modules (Xtables's and Netlink's)
 and userspace libraries.
All added kernel modules can be individually disabled,
 all other new libraries get their own individual packages.

Reported-by: Fabian Hugelshofer <hugelshofer2006@gmx.ch>
Reported-by: Rainer Poisel <rainer.poisel@fhstp.ac.at>
Reported-by: Derek LaHousse <dlahouss@mtu.edu>
Signed-off-by: Guillaume Déflache <guillaume.deflache@ibwag.com>

SVN-Revision: 42022
2014-08-07 04:42:22 +00:00
Steven Barth
6656292619 netifd: disable ds-lite, map & gre for old kernels
this unbreaks netifd compilation on old kernels

SVN-Revision: 42019
2014-08-06 19:57:19 +00:00
Felix Fietkau
b465cf412f iwinfo: allow scans in AP mode on nl80211
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42014
2014-08-06 17:07:18 +00:00
Steven Barth
1e6ab23098 netifd: minor fixes (thanks Hans Dedecker)
SVN-Revision: 42000
2014-08-05 10:03:10 +00:00
Steven Barth
bc0acb9db9 gre: Change hostdependcy to remote endpoint tunnel address
Depend on the GRE tunnel peeraddr to trigger setup of the tunnel interface.
Addresses the issue reported in https://lists.openwrt.org/pipermail/openwrt-devel/2014-August/027201.html

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41998
2014-08-05 09:57:55 +00:00
Felix Fietkau
44cb68c038 hostapd: revert bogus version that was added in r41872
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41960
2014-08-03 10:53:40 +00:00
Felix Fietkau
49d00e95db iputils: add missing includes, fix musl support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41958
2014-08-03 10:45:36 +00:00
Felix Fietkau
3e0247b95f igmpproxy: add missing include
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41957
2014-08-03 10:45:31 +00:00
Felix Fietkau
34a1ee8410 iwcap: add missing include
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41956
2014-08-03 10:45:28 +00:00
Felix Fietkau
5a506ca595 iwinfo: add missing include statement
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41955
2014-08-03 10:45:23 +00:00
Jo-Philipp Wich
baa7c211f5 netfilter: introduce xt_id match
This commit implements a new netfilter match "xt_id" which can be used to
attach unsigned 32bit IDs to iptables rules.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41945
2014-08-01 22:49:47 +00:00
Steven Barth
7dabdbde78 gre: Generic Routing Encapsulation package support
The package supports Generic Routing Encapsulation support by registering following protocol kinds:
    -gre
    -gretap
    -grev6
    -grev6tap

Following options are valid for gre and gretap kinds:
    -ipaddr
    -peeraddr
    -df
    -mtu
    -ttl
    -tunlink
    -zone
    -ikey
    -okey
    -icsum
    -ocsum
    -iseqno
    -oseqno

The gretap kind supports additionally the network option

Following options are valid for grev6 and grev6tap kinds:
    -ip6addr
    -peer6addr
    -weakif
    -mtu
    -ttl
    -tunlink
    -zone
    -ikey
    -okey
    -icsum
    -ocsum
    -iseqno
    -oseqno

The grev6tap kind supports additionally the network option

Typical network config for a GREv4 tunnel :

config interface 'gre'
        option peeraddr '172.16.18.240'
        option mtu '1400'
        option proto 'gre'
        option tunlink 'wan'
        option zone 'tunnel'

Typical network config for a GREv4 tap tunnel :

config interface 'gretap'
        option peeraddr '195.207.5.79'
        option mtu '1400'
        option proto 'gretap'
        option zone 'tunnel'
        option tunlink 'wan'
        option network 'wlan_ap'

I added myself as maintainer for the moment; feel free to change.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41897
2014-07-30 13:22:24 +00:00
Steven Barth
e413bb0e7e netifd: fixes and GRE support (thx Hans Dedecker)
SVN-Revision: 41896
2014-07-30 13:21:52 +00:00
Steven Barth
462023f45a odhcp6c: Fix white space typo in dhcpv6.script
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41893
2014-07-30 13:18:01 +00:00
Steven Barth
86671615de netifd: suppress fw3 warnings in dhcp script
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41892
2014-07-30 13:17:56 +00:00
Steven Barth
6a50e69b21 netifd: more race condition fixes in proto-shell
SVN-Revision: 41887
2014-07-29 17:24:23 +00:00
John Crispin
8d3f839da7 ppp: fix a buffer overrun in the ms chap code
https://dev.openwrt.org/ticket/17296

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41882
2014-07-29 12:18:52 +00:00
Jo-Philipp Wich
b6153f92ad hostapd: Reintroduce Full Dynamic VLAN support
This patch brings full dynamic vlan support to netifd that existed in hostapd.sh in Attitude Adjustment.

Signed-off-by: Joseph CG Walker <Joe@ChubbyPenguin.net>
[jow@openwrt.org: changed commit message, rebased on top of current hostapd.sh]
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41872
2014-07-29 09:48:02 +00:00
Felix Fietkau
c6d1992701 hostapd: add more missing ifdefs
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41863
2014-07-28 22:52:39 +00:00
Steven Barth
7f17639742 netifd: more dynamic interface improvements
SVN-Revision: 41862
2014-07-28 20:35:53 +00:00
Felix Fietkau
fd619513d1 hostapd: add missing ifdef
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41855
2014-07-28 10:36:51 +00:00
Felix Fietkau
76d7397bc2 netifd: fix a small issue in r41831
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41836
2014-07-26 14:35:15 +00:00
Felix Fietkau
e7ece301fe odhcp6c: suppress fw3 warnings
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41833
2014-07-26 12:23:28 +00:00
Felix Fietkau
ee4f8c8b99 netifd: update to the latest version, fixes a race condition with renew/setup
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41831
2014-07-26 01:46:34 +00:00
Jo-Philipp Wich
b84346e141 iwinfo: avoid creating tmp.* ifaces for scanning
If the iface to scan on already is in ad-hoc, station or monitor mode
then do not spawn a temporary iface.

Also preventively disable IPv6 on temporary ifaces before bringing them
up to avoid potential security issues.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41830
2014-07-25 15:52:17 +00:00
Jo-Philipp Wich
bd7642f1a9 iwinfo: fix secondary radios being misreported as ralink device
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41829
2014-07-25 14:36:43 +00:00
Felix Fietkau
eaa3c4a11d hostapd: prevent spurious 20/40 mhz channel bandwidth switches if noscan is enabled
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41828
2014-07-25 14:29:58 +00:00
Jo-Philipp Wich
833820dc8b iwinfo: continue scanning even if temporary mac cannot be changed
So far iwinfo aborted a wifi scan attempt if the mac of the spawned
interface could not be changed. Change the code to try anyway - this
should fix wifi scanning on RaLink devices.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41826
2014-07-25 14:11:50 +00:00
Steven Barth
ae50480d77 netifd: Fix some race-conditions in interface handling
SVN-Revision: 41825
2014-07-24 22:05:19 +00:00
Steven Barth
9231df5665 softwires: redesign dhcp(v6) provisioning
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41823
2014-07-24 14:17:41 +00:00
Felix Fietkau
5206b2dac0 netifd: update to the latest version, enables bridge multicast querier and fixes interface reload issues with wifi
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41818
2014-07-24 09:13:04 +00:00
Steven Barth
22419ae4cb odhcpd: don't lose downstream routes for managed PD
SVN-Revision: 41816
2014-07-23 21:14:56 +00:00
Steven Barth
b4a3863875 odhcpd: revert NDP relay rewrite (performance issue still fixed)
SVN-Revision: 41808
2014-07-22 21:52:20 +00:00
Steven Barth
b864faa47c odhcpd: fix typo in ubus integration (thanks Markus Stenberg)
SVN-Revision: 41796
2014-07-21 21:57:15 +00:00
John Crispin
64a07e6a8b lantiq-dsl: add 2 ugly workarounds for the IB to work
the IB tries to run the enable target on all init.d scripts.
It fails when including the dsl_control helper. Check for existence
prior to the include.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41787
2014-07-21 18:41:46 +00:00
Steven Barth
683b622fcd odhcp6c: Send RS with source link-layer address if possible
SVN-Revision: 41778
2014-07-21 10:11:09 +00:00
Jo-Philipp Wich
2dd087ccee firewall: implement support for abritary netmasks
Properly parse and pass arbritary netmasks to iptables, this allows
specifying ranges like '::c23f:eff:fe7a:a094/::ffff:ffff:ffff:ffff' to
match the host part of an IPv6 address regardless of the currently active
IPv6 prefix.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41760
2014-07-19 16:30:47 +00:00
Felix Fietkau
51fbfde474 netifd: update to the latest version, adds a small validation fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41731
2014-07-18 11:45:42 +00:00
Felix Fietkau
4ecb9289ef qos-scripts: convert to procd
Signed-off-by: John Crispin <blogic@openwrt.org>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41730
2014-07-18 11:25:07 +00:00
Steven Barth
c05d6ba1ff odhcpd: rewrite NDP proxy feature
SVN-Revision: 41703
2014-07-17 19:11:17 +00:00
Felix Fietkau
51b11ba5ea netifd: update to the latest version, enables igmp snooping by default
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41683
2014-07-17 14:55:17 +00:00
Felix Fietkau
4ef8d2e014 qos-scripts: fix ingress packet marking with ifb
Split connection mark into two parts:

The lower nibble contains the confirmed conntrack mark which is not
generated by default/reclassify rules.
The upper nibble contains the current value specified by
default/reclassify rules.

For egress, the default/reclassify value is preferred
For ingress, the connection mark is preferred

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41682
2014-07-17 12:02:06 +00:00
Felix Fietkau
1ecb74024b iwinfo: fix crash on parsing mtd (#15807)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41675
2014-07-16 18:57:23 +00:00
Felix Fietkau
b24e77714e hostapd: add a require_mode option in wifi-device sections to select the minimum hardware mode that the AP requires from clients
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41665
2014-07-15 10:30:08 +00:00
Steven Barth
7264389699 odhcpd: disable packet socket if unneeded to preserve performance
SVN-Revision: 41644
2014-07-14 13:39:03 +00:00
Jo-Philipp Wich
f4781cae6d firewall: fix segfault introduced by latest update
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41558
2014-07-10 16:44:20 +00:00
Jo-Philipp Wich
8b0650838d firewall: fix regressions introduced after latest ubus rework
The commit 92281eb747b56e748b7c3d754055919c23befdd4 broke fw3_ubus_addresses() so that
no addresses where returned at all, this caused fw3 to not emit NAT reflection rules
anymore.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41556
2014-07-10 10:21:17 +00:00
Felix Fietkau
a6c4ef18b7 qos-scripts: remove maxsize options and packet size based reclassify from the default config
They should be unnecessary with fq_codel, and simplifying rules helps
with performance

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41549
2014-07-08 11:19:51 +00:00
Hauke Mehrtens
3861bdad99 samba36: update to minor version 3.6.24
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 41525
2014-07-06 11:23:13 +00:00
Felix Fietkau
363eb4cf7a samba36: disable acl support to avoid picking up a dependency on libacl (#16988)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41509
2014-07-04 11:42:57 +00:00