The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to current HEAD in order to drop automatic generation of per-zone
NOTRACK rules.
The NOTRACK rules used to provide a little performance improvement but the
later introduction of the netfilter conntrack cache made those rules largely
unnecessary. Additionally, those rules caused various issues which broke
stateful firewalling in some scenarios.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Depending on the dhcp uci config pidof dnsmasq can return
multiple pids. Fix re-reading of the hostfile by dnsmasq in
such case by sending SIGHUP signal to each of the returned
pids.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
These patches were queued for 4.10. For possible use cases see added:
[PATCH] ubifs: Use dirty_writeback_interval value for wbuf timer
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Track upstream changes, incl changes in packet overhead accounting
(automatically taking care of linux' packet sizing knowledge),
improvements to triple isolated DRR handling (new flow dominance),
statistics tweak & allow more packet drops in stressed conditions.
Under tests this has significantly improved latency control under
'many flows to one' scenarious as is typical of bittorrent and MS
Windows update.
I also restored 'DSCP washing' functionality in my repo which follows
upstream closely (like a hawk!) with tc keywords 'wash/nowash'. This
allows cake to limit/control packets in bands determined by a packet's
DSCP but to clear those DSCP bits on qdisc egress. This functionality
was originally removed as part of an attempt to push cake into the
kernel, which hasn't actually happened as yet.
A matching commit is required to iproute2/tc to support the new overhead
handling, keyword changes as well as the 'wash/nowash' tweak.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Adds support for new EU and US variants; removes a few strings that were
never actually used and have been removed from the stock firmwares.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
This also makes the detection more flexible, as it doesn't need to check
for each model explicitly.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations
Signed-off-by: Felix Fietkau <nbd@nbd.name>
OpenVPN requires arguments to --push to be enclosed in double quotes.
One set of quotes is stripped when the UCI config is parsed.
Change append_params() of openvpn.init to enclose push parameters in
double quotes.
Unquoted push parameters do not cause errors in OpenVPN 2.3,
but OpenVPN 2.4 fails to start with unquoted push parameters.
Fixes: FS#290.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This board is very old and unlikely to still be relevant today. Support
for it contains a significant amount of device specific baggage which is
worth getting rid of.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
There are many targets using user space scripts to generate firmware but
bcm53xx doesn't need this, so let's disable that kernel option.
This lets us avoid some scary-looking kernel warnings like:
brcmfmac 0001:04:00.0: Falling back to user helper
firmware brcm!brcmfmac43602-pcie.txt: firmware_loading_store: map pages failed
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
/etc/preinit has been the default init-script for a very long time (at
least since Linux 2.6.30 in OpenWrt). Remove the kernel command line
"init" parameter to get rid of duplicate and inconsistent definitions
of this parameter (some boards, like FRITZ3370 for example did not use
it at all, while it's just copy and paste on others).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Use devicetree's /chosen/stdout-path instead of the kernel command line
(embedded in the .dts-files) to specify the serial console. Using the
chosen node is recommended on devicetree based platforms.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
YunCore SR3200 is a dual-band AC1200 router, based on Qualcomm/Atheros
QCA9563+QCA9882+QCA8337N.
YunCore XD3200 (FCC ID: 2ADUG-XD3200) is a dual-band AC1200 ceiling mount
AP with PoE support, based on Qualcomm/Atheros QCA9563+QCA9882+QCA8334.
Common specification:
- 775/650/258 MHz (CPU/DDR/AHB)
- 128 MB or RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 2T2R 2.4 GHz, with ext. PA (SKY65174-21), up to 30 dBm
- 2T2R 5 GHz, with ext. PA (SKY85405-11) and LNA (SKY85601-11), up to 30 dBm
SR3200 specification:
- 5x 10/100/1000 Mbps Ethernet
- 6x ext. RP-SMA antennas (actually, only 4 are connected with radio chips)
- 3x LED (+ 5x LED in RJ45 sockets), 1x button
- UART header on PCB
XD3200 specification:
- 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port)
- 4x internal antennas
- 3 sets of LEDs on external PCB (+ 2x LED near RJ45 sockets), 1x button
- UART and JTAG (custom 6-pin, 2 mm pitch) headers on PCB
LED for 5 GHz WLAN is currently not supported on both devices as it is
connected directly to the QCA9882 radio chip.
Flash instruction under vendor firmware, using telnet/SSH:
1. If your firmware does not have root password, go to point 5
2. Connect PC with 192.168.1.x address to LAN or WAN port
3. Power up device, enter failsafe mode with button (no LED indicator!)
4. Change root password and reboot (mount_root, passwd ..., reboot -f)
5. Upload lede-ar71xx-...-sysupgrade.bin to /tmp using SCP
6. Connect PC with 192.168.188.x address to LAN port, SSH to 192.168.188.253
7. Invoke:
- cd /tmp
- fw_setenv bootcmd "bootm 0x9fe80000 || bootm 0x9f050000"
- mtd -e firmware -r write lede-ar71xx-...-sysupgrade.bin firmware
Flash instruction under U-Boot, using UART:
1. tftp 0x80060000 lede-ar71xx-...-sysupgrade.bin
2. erase 0x9f050000 +$filesize
3. cp.b $fileaddr 0x9f050000 $filesize
4. setenv bootcmd "bootm 0x9fe80000 || bootm 0x9f050000"
5. saveenv && reset
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Add support for NXP layerscape ls1046ardb 64b/32b Dev board.
LS1046ARDB Specification:
-------------------------
Memory subsystem:
* 8GByte DDR4 SDRAM (64bit bus)
* 512 Mbyte NAND flash
* Two 64 Mbyte high-speed SPI flash
* SD connector to interface with the SD memory card
* On-board 4G eMMC
Ethernet:
* Two XFI 10G ports
* Two SGMII ports
* Two RGMII ports
PCIe:
* PCIe1 (SerDes2 Lane0) to miniPCIe slot
* PCIe2 (SerDes2 Lane1) to x2 PCIe slot
* PCIe3 (SerDes2 Lane2) to x4 PCIe slot
* USB 3.0: one super speed USB 3.0 type A port, one Micro-AB port
* UART: supports two UARTs up to 115200 bps for console
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
In order to prevent the impact of the merger of the company and the potential
rebase of the SDK repositories, migrate the u-boot source to github.
Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
This attribute is not evaluated any more and the boot loader on these
reference boards does not provide a broken root= or console= parameter.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This just adds the kmods for these kernel modules.
This is found on some Lantiq / Intel reference boards.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This makes it possible to activate the gpio and the pinctl debugging
from LEDE menuconfig.
Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.
Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.
Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add an extra function to patch the mac and fixup the checksum
afterwards. Calculate the checksum position automatically. The offset
to the mac address is the same for all checksum protected EEPROMs.
No EEPROM requires a byte swapped mac address. The mac byte swap code
was required due to an bug in the script that is now fixed.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The EEPROM data in the flash of the ARV7518PW, ARV8539PW22,
BTHOMEHUBV2B and BTHOMEHUBV3A is stored byte-swapped (swab16), meaning
that for example the ath9k base_eep_header fields "version" (high and
low byte), "opCapFlags" and "eepMisc" are swapped (the latter ones are
just 1 byte wide, thus their position is swapped).
The old "ath,eep-endian" property enabled the corresponding swapping
logic in the ath9k driver (swab16 in ath9k_hw_nvram_swap_data, which is
based on the magic bytes in the EEPROM data which have nothing to do
with the calibration data - thus this logic should not be used
anymore).
Since we have switched to the upstream ath9k devicetree bindings there
is no binding anymore which enables swab16 in ath9k (as this logic is
not recommended anymore as explained above), leading to ath9k
initialization errors:
ath: phy0: Bad EEPROM VER 0x0001 or REV 0x00e0
(this shows that the version field is swapped, expected values are VER
0x000E and REV 0x0001)
Swapping the ath9k calibration data when extracting it from the flash
fixes the devices listed above (all other devices do not require
additional swapping, since the position of the fields is already as
expected by ath9k). This allows ath9k to read the version correctly
again, as well as the more important "eepmisc" field (which is used for
determining whether the data inside the EEPROM is Big or Little Endian
which is required to parse the EEPROM contents correctly).
Fixes: a20616863d ("lantiq: use ath9k device tree bindings
binding/owl-loader")
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Rob suggested I should use of_machine_is_compatible insteak of a new
property and updated patch has been sent.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>