Commit graph

167 commits

Author SHA1 Message Date
Jo-Philipp Wich
21f4cf1a73 firewall: fix several ipset integration issues (#15016)
- Do not consider bitmap storage for IPv6 family sets
	- Move ipset family parameter before any additional option
	- Only emit family parameter for hash sets
	- Do not allow IPv6 iprange for IPv4 sets and vice versa

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 39647
2014-02-20 23:20:10 +00:00
John Crispin
8fb44e0d1e netifd: add validation support
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39621
2014-02-18 13:34:04 +00:00
John Crispin
15ebcfc04e firewall3: update init.d script to make use of procd
add validation data

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39617
2014-02-18 13:33:47 +00:00
John Crispin
204e859542 netifd: update to latest git head
this adds support for proto and wireless handler adding uci validation rules

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39614
2014-02-18 13:33:36 +00:00
Steven Barth
41acaaf893 netifd: work around dangling prefix kernel-routes (fixes #14963)
SVN-Revision: 39597
2014-02-16 11:20:22 +00:00
Steven Barth
af8f06beca netifd: fix source-routing breaking 6in4 + others
6in4 historically allowed an ip6addr without a mask however the newly
introduced source-routing segfaulted in this scenario (#14958 + #14858).

Fixes include: "Fix ubus route src mask printing" and
"Disable netlink auto ack" (thanks to Hans Dedecker)

SVN-Revision: 39586
2014-02-14 21:21:44 +00:00
Steven Barth
229d186490 netifd: don't add unnecessary NOP policy rules
SVN-Revision: 39351
2014-01-20 18:23:02 +00:00
Steven Barth
fac5e62abd firewall: don't reload if there were no address or data changes
This fixes packet loss due to reloading firewall every minute with IPv6
implementation of certain ISPs.

SVN-Revision: 39332
2014-01-19 17:35:33 +00:00
Steven Barth
bc8412b90e netifd: Add IFUPDATE-flags and use main IPv6 routing table again
SVN-Revision: 39306
2014-01-17 13:59:40 +00:00
John Crispin
a844275f37 firewall: improve logging in hotplug script
Signed-off-by: Nathan Hintz <nlhintz@hotmail.com>

SVN-Revision: 39300
2014-01-15 18:29:59 +00:00
John Crispin
4810de8e4b swconfig: improve usability when switch device incorrect
http://patchwork.openwrt.org/patch/4701/

Signed-off-by: Andreas Mohr <andim2@users.sf.net>

SVN-Revision: 39229
2014-01-12 12:07:01 +00:00
Felix Fietkau
20151a3394 netifd: initialize the switch early at start time and on reload (fixes #13015)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39183
2013-12-31 13:09:20 +00:00
Felix Fietkau
6865f1d6b2 netifd: update to the latest version, fixes wireless related segfaults on arm
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39180
2013-12-29 02:26:34 +00:00
Felix Fietkau
5607a13aa1 netifd: update to the latest version, fixes wifi related segfaults
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39176
2013-12-28 14:19:54 +00:00
John Crispin
d1156bca0a swconfig: remove useless variables, return -1 on errors
spotted with cppcheck

Signed-off-by: Etienne CHAMPETIER <etienne.champetier@free.fr>

SVN-Revision: 39170
2013-12-27 21:15:20 +00:00
Jo-Philipp Wich
1789744958 netifd: add reload trigger for /etc/config/wireless as well
SVN-Revision: 39131
2013-12-18 12:38:29 +00:00
Jo-Philipp Wich
de5ebc19c0 firewall: fix handling of tcp_ecn parameter
The firewall3 implementation as well as the shell implementation predating it
used to process the tcp_ecnoption as boolean while it actually is an integer.

Change the code to parse tcp_ecn as integer.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 39122
2013-12-17 16:59:47 +00:00
Felix Fietkau
12c05542e8 netifd: update to latest version, fixes a null pointer crash
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39088
2013-12-16 10:08:13 +00:00
Steven Barth
e49d67f192 Convert DHCP->6rd and DHCPv6->DS-Lite autoconfig to dynamic interface
SVN-Revision: 39061
2013-12-15 19:38:53 +00:00
Felix Fietkau
ce062a7b5c netifd: update to the latest version, adds a revert of the link state handling patches which caused regressions in combination with wifi devices
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39050
2013-12-14 14:59:05 +00:00
Felix Fietkau
47730fe355 netifd: prevent an unnecessary restart of netifd-managed wifi interfaces at boot time
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39046
2013-12-13 16:43:11 +00:00
Felix Fietkau
3f744a4ad3 netifd: fix crashes triggered by adding/removing wireless devices on reload
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39035
2013-12-11 18:23:52 +00:00
John Crispin
31a2912cd9 netifd: enable coredumps again
got broken due procd startup. Requires procd resource limit patch.

Signed-off-by: Ulrich Weber <uw@xyne.com>

SVN-Revision: 39020
2013-12-09 17:29:34 +00:00
Felix Fietkau
6242255df2 netifd: update to the latest version, adds tunnel fixes by Hans Dedecker and adds back support for multiple networks per wifi-iface
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39004
2013-12-08 18:00:05 +00:00
Felix Fietkau
4155016637 netifd: update to the latest version, improves wireless status output and fixes some bridge handling issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38992
2013-12-03 14:17:44 +00:00
Felix Fietkau
3c50feca19 wifi: rename the "reload" (restarting non-netifd wifi) command to "reload_legacy"
Add a new "reload" command that reloads the netifd config as well

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38989
2013-12-02 16:53:24 +00:00
Felix Fietkau
498d84fc4e netifd: add wireless configuration support and port mac80211 to the new framework
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38988
2013-12-02 16:41:03 +00:00
Felix Fietkau
107bcb5de3 netifd: remove redundant calls to /sbin/wifi down
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38982
2013-12-02 13:08:00 +00:00
Jo-Philipp Wich
bc9043cc53 firewall: optimize DNAT rules and skip invalid rules and redirects (#14485)
- instead of writing one (or more) ACCEPT rules in the filter table
	  for each redirect install a global ctstate DNAT accept rule per zone

	- discard rules and redirects which have invalid options set instead
	  of silently skipping the invalid values

SVN-Revision: 38849
2013-11-18 11:59:27 +00:00
Felix Fietkau
e78e720a6f netifd: remove connect_time from /var/state, it is unused
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38704
2013-11-10 10:01:33 +00:00
John Crispin
edf6236838 lantiq: fix vdsl-app dependency
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38666
2013-11-07 12:45:39 +00:00
Felix Fietkau
e16f104a6f netifd: update to the latest version, fixes regression in proto-shell scripts (#14400, #14402)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38627
2013-10-31 11:22:01 +00:00
Felix Fietkau
22890e6382 netifd: update to latest version, adds fixes and some preparation for supporting wifi devices
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38606
2013-10-30 11:25:01 +00:00
Steven Barth
bb699867e0 firewall: Improve ubus support
* Use network.interface dump call instead of individual status calls
  to reduce overall netifd lookups and invokes to 1 per fw3 process.

* Allow protocol handlers to assign a firewall zone for an interface
  in the data section to allow for dynamic firewall zone assignment.

SVN-Revision: 38504
2013-10-23 10:25:26 +00:00
Steven Barth
91b173d231 netifd: Fix ifupdate events
SVN-Revision: 38458
2013-10-19 11:01:25 +00:00
Steven Barth
c3bcdd59de netifd: various improvements
* Add ubus methods for global interface status
* Add ubus function to create nested interfaces
* Add protocol update notifications and hotplug legacy calls
* Fix: key to data elements point at wrong memory area
* Add support for source-restricted routes
* Add option "delegate" to toggle prefix delegation
* Reevaluate target routes also on interface update

SVN-Revision: 38453
2013-10-18 13:39:43 +00:00
Steven Barth
56bc536713 netifd: rename customopts to sendopts for consistency
SVN-Revision: 38437
2013-10-17 13:12:06 +00:00
Steven Barth
c759b49a4f Added 'customopts' dhcp protocol option, which is an array passed along to udhcpc as series of -x options.
Signed-off-by: Markus Stenberg <markus.stenberg@iki.fi>

SVN-Revision: 38436
2013-10-17 12:55:40 +00:00
Hauke Mehrtens
e1523b5504 switch: remove old switch driver
The switch driver is not used by brcm47xx any more and can be removed,
instead of this switch driver b53 is used now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 38387
2013-10-13 22:15:31 +00:00
Hauke Mehrtens
af32e63bae lantiq: add some missing PKG_SOURCE_URLs
These URLs where missing and causes build failures.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 38376
2013-10-12 22:33:55 +00:00
Jo-Philipp Wich
db3013852a firewall: small improvements in nat reflection
- do not insert duplicate rules when setting up reflection to a zone containing multiple interfaces
	- set up reflection for any protocol, not just TCP and UDP

SVN-Revision: 38361
2013-10-10 18:15:10 +00:00
Felix Fietkau
e96695df10 netifd: update to latest version, adds macvlan support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38299
2013-10-03 14:51:34 +00:00
Steven Barth
1d485c737e netifd: don't remove & readd addresses that only have a changed lifetime
SVN-Revision: 38269
2013-10-01 17:30:05 +00:00
John Crispin
f874094402 procd: convert various packages to procd style init.d scripts
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38023
2013-09-17 21:45:30 +00:00
Felix Fietkau
7fc90889d5 netifd: update to the latest version, fixes a bridge handling corner case on config reload
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37856
2013-08-29 22:20:36 +00:00
Jo-Philipp Wich
2864fb107f firewall: update to git head
- uses "-j CT --notrack" instead of deprecated "-j NOTRACK"
	- fixes support for rule sections with target "NOTRACK"

SVN-Revision: 37777
2013-08-14 15:40:38 +00:00
Jo-Philipp Wich
d6e8047f83 firewall: update to git head
- handles redirects as port relocations if the dest_ip points to the router itself

SVN-Revision: 37374
2013-07-16 14:04:59 +00:00
Steven Barth
54ae5ce507 netifd: Fix IPv6-prefix assignment with continuous hints
SVN-Revision: 37371
2013-07-16 12:07:11 +00:00
Luka Perkov
1a963355b0 netifd: update to latest version, add bridge_empty option
with this option enabled it's possible to create empty bridges

Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 37318
2013-07-14 18:50:04 +00:00
John Crispin
7d7c2ff5f9 swconfig: fix dependency bug introduced by [37304]
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37316
2013-07-14 18:16:42 +00:00