There have been a number of interesting fixes in conntrack-tools since
the current latest release. Most notable is that this fixes IPv6
conntrack table syncing when cross-compiling conntrack-tools.
7e7748d src/main: refresh help message
fe32043 conntrackd.8: refresh file
47a4dda conntrackd.8: add reference to systemd
0cfe7ff doc/manual: include some bits about init systems
74a418b conntrackd: cthelper: ftp: Set match offset/len for PORT mangling
d833bed conntrackd: cthelper: ftp: Fix debug print
dd4b5a1 conntrackd: cthelper: Add new mdns helper
498d698 Link nfct and helper modules with `-z lazy`
9e94e85 sync-mode: print errno message on failure
ab81c35 log: print messages to stdout/sderr if running in console mode
631d92b log: introduce a mechanism to know if log was initialized
ccb1c8b conntrackd: replace error reporting in the config parser with dlog()
bee121e conntrackd: replace fprintf calls with dlog()
5a51b04 conntrack-tools: update Arturo Borrero Gonzalez email address
abb9984 helper: remove copy and paste from uapi kernel header
a91a004 src: add log message when resync is requested by other node
c2d8be1 systemd: fix missing log.h include
f6ca216 config: drop old/obsolete/deprecated conntrackd.conf config options
8b83771 conntrack: send mark filter to kernel iff set
1ba5e76 conntrackd: cthelper: Don't leak nat_tuple
832166d conntrackd: cthelper: Free pktb after use
ff843bc conntrackd: config: Do not strdup() tokens
b61c454 conntrackd: cthelper: ssdp: Track UPnP eventing
8ea394e conntrackd: Remove obsolete rule to catch ambiguous Checksum option
39398cd conntrackd: CommitTimeout breaks DisableExternalCache set On
29b390a conntrack: Support IPv6 NAT
381827a conntrackd: factorice tx_queue functions
131df89 conntrackd: factorize resync operations
d31bacc conntrackd: consolidate more code to use resync_send()
3d98496 conntrackd: request resync at startup
ef410bf conntrackd: remove use of HAVE_INET_PTON_IPV6
9d38445 conntrackd: evaluate configuration earlier
6feded7 conntrackd: cleanup if failed forking
dbfdea7 conntrackd: deprecate unix backlog configuration
210f542 conntrackd: make the daemon run in RT mode by default
37cc7f0 conntrackd: remove warning for -S
d2849d1 conntrack: Show multiple CPUs stats from proc
bc0b49a conntrackd: cthelper: ssdp: fix build with musl
0c77a25 tests: don't fail on modprobe since the driver might be built-in
eefe649 conntrack.8: refresh manpage
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
In order to build conntrack-tools from git, a newer version of
libnetfilter_conntrack is required. As 1.0.6 is currently the latest
release, switch to git.
b0a7cf7 include: expose a copy of nf_conntrack_common.h
f68f7b3 conntrack: fix missing break in setobjopt_undo_dnat()
79dac5a conntrack: revert getobjopt_is_nat() condition
b266523 libnetfilter_conntrack: bump version to 1.0.7
e870432 labels: don't crash on NULL labelmap
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
b39cac7 src: Correct typo in the location of internal.h in #include
58cb066 src: Declare the define visibility attribute together
e84b559 Revert "src: Declare the define visibility attribute together"
003c2b1 examples: set dummy connmark value to show use of NFQA_CT nested attribute
63973da doc: extend the doxygen section about NFQA_CFG_F_GSO
d7f74c7 build: bump version to 1.0.3
3f9eb57 build: bump library release version too
601abd1 doc: Add information about retrieving UID/GID/SECCTX fields
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
As git.netfilter.org seems to support HTTPS, use that instead of HTTP
which is insecure, or GIT which is blocked on many corporate networks.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Enable dwmac-sun8i Ethernet core to use the built-in FastEthernet port.
Enable exposed UART, USB and I2C pins.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The lantiq patch 0028-NET-lantiq-various-etop-fixes.patch and sunxi
patch 0051-stmmac-form-4-11.patch no longer applied after applying the
the "generalize napi_complete_done()" patch.
Update them so they apply, and refresh patches while at it.
Fixes: 9aeb7ce8dc ("generic: net: generalize napi_complete_done")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Backport upstream commit that improves ethernet performance by a
small amount.
Compile and run tested on ipq8065.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
These options are deactivating some kernel modules for IP blocks not
uses on this SoC. I saw the same when working with the ARM64 Marvell
board so it is better to move them to generic.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Layerscape uses Cortex-A53 or Cortex-A72 CPU. It's proper
to set below CPU_TYPE for 32-bit mode.
CPU_TYPE:=cortex-a15
CPU_SUBTYPE:=neon-vfpv4
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This patch is to add linux 4.9 support for layerscape.
All these kernel patches are from NXP LSDK 1709 release.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
NXP Layerscape LSDK had set up its own open source web site
and github for release.
https://lsdk.github.iohttps://github.com/qoriq-open-source
This patch is to update rcw/fman_ucode/u-boot packages with LSDK
git trees. Also add some patches of packages to support LEDE.
Since ARMv8 32-bit u-boot images are same with ARMv8 64-bit images
but 64-bit toolchain couldn't be used for 32-bit targets, we still
use a private tree for ARMv8 32-bit u-boot images. This is in plan
to move this private tree to NXP Layerscape github.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Rename subtargets 32b/64b with armv8_32b/armv8_64b which are
more proper, and update makefile files. There also will be other
subtargets added in the future, like armv7.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Under heavy load it's possible to overrun the 82574L. When this
happens, Other Interrupt happens and that's erroneously interpreted
as a Link Status Change.
http://patchwork.ozlabs.org/patch/792260/
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
A default rssileds config exists for the TP-Link WA850RE v1 but the
rssiled package is not included by default.
The compressed 17.01.3 image size increases by 3302 bytes which should
be tolerable even for a 4MB flash board.
Fixes: FS#1043
Signed-off-by: Mathias Kresin <dev@kresin.me>
With kernel commit 7630ea4bda18 ("Documentation: net: phy: improve
explanation when to specify the PHY ID") the purpose of using phy id
specific compatibles was clarified.
Remove the phy id specific compatibles since they are meant to be used
if the phy reports an incorrect or no phy id at all.
Reported-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
The generic nand driver fails to load with:
gen_nand 14000000.nand-parts: platform_nand_data is missing
gen_nand: probe of 14000000.nand-parts failed with error -22
and the xway-nand driver is used afterwards.
Drop the gen_nand compatible to get rid of the error message.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Refresh patches.
Compile-tested on brcm2708/bcm2708, octeon and x86/64.
Runtime-tested on brcm2708/bcm2708, octeon and x86/64.
Fixes the following CVEs:
- CVE-2017-1000252
- CVE-2017-12153
- CVE-2017-12154
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The nghttp2 library is an implementation of the Hypertext Transfer
Protocol version 2 in C; it supports RFC7540 and RFC7541.
The package enables only the reusable C library; binary size is 130K (X86)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This patch implements CPU frequency control as found on several
routerboard devices.
Supported SoCs:
- QCA953X
- AR9344
Tested on hAP lite and mAP lite (QCA953x): steps of 50MHz
Tested on LHG 5 (AR9344): steps of 50MHz
On unsupported hardware, this patch is a NOP: it will not alter the
new field.
"rbcfg help" will display an empty "cpu_freq" help listing.
"rbcfg show" will not show the cpu_freq field.
"rbcfg set/get cpu_freq" will return an error code.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
[adjusted subject]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Evaluation board 2.2 uses a different status LED pin
The other removed LEDs were never present
Signed-off-by: Catrinel Catrinescu <cc@80211.de>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Handle AR9344 as well. Disable the EHCI platform device when device mode
is active, to avoid resource conflicts.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
A recent commit in hostapd added a build option to specify the default
TLS ciphers. This build option is passed via CFLAGS. Due to the way
CFLAGS are handled when building wpad, the compiler tries to recursively
expand TLS_DEFAULT_CIPHERS, resulting in the following error:
../src/crypto/tls_openssl.c: In function 'tls_init':
<command-line>:0:21: error: 'DEFAULT' undeclared (first use in this function)
../src/crypto/tls_openssl.c:1028:13: note: in expansion of macro 'TLS_DEFAULT_CIPHERS'
ciphers = TLS_DEFAULT_CIPHERS;
^
Escape double quotes in the .cflags file to avoid this.
Fixes: 2f78034c3e ("hostapd: update to version 2017-08-24")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
5df3f01 config: suppress error if no wireless config present (FS#1030)
3429bd8 system-linux: add support for hotplug event 'move'
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This patch moves build_fw() to mktplinkfw-lib.c
The versions of mktplinkfw.c and mktplinkfw2.c had slight
differences in code flow, the version from mktplinkfw.c has been
preferred.
While it's expected that this change will not affect mktplinkfw2,
all use cases could not be tested and so this particular change
is committed separately.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
This patch carves out the duplicated code of mktplinfw.c and
mktplinkfw2.c and moves it to mktplinkfw-lib.c
This change is a semantic NOP (the code is unchanged).
To ensure compatibility with gcc-5.x and newer without changing
the code, -fgnu89-inline is added to the build flags for these
two binaries.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
This patch removes all the hardcoded board-specific values from
mktplinkfw2.c, and as well as the corresponding support code.
By design, this change also deletes all of the broken matching logic
that was embedded in mktplinkfw2 and aligns the "inspect" behavior
with that of mktplinkfw (i.e. print the parsed header content as
they are without further processing).
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
This patch adds all the board-specific values currently hardcoded
in mktplinkfw2.c back to the respective device declarations in the
makefiles.
The rationale is to avoid modifying the source code every time a
new board or board variant is added.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>