xt_CT was added to kmod-ipt-conntrack a while back. Update our
GLUON_SPECIALIZE_KERNEL rules accordingly.
When building xt_CT into the kernel, one of the symbols IP_NF_RAW and
IP6_NF_RAW must be enabled as well, even though there is no runtime
dependency when building as modules. The kernel grows by less than 1KB
even when both IP_NF_RAW and NETFILTER_XT_TARGET_CT are enabled, making
this change a (very slight) net win in both flash and RAM usage.
In OpenWrt 19.07, the block size was increased to 1024KiB for "tiny"
devices by default to save flash. Unfortunately, this also significantly
increases the cache memory required by squashfs.
In my test, the increased block size reduced the image size by ~64KiB,
but increased the RAM usage by ~2.6MiB. As most tiny devices have only
32MiB of RAM, this is not a reasonable tradeoff.
The ar71xx-generic target already defines an even lower block size of
64KiB.
As x86-generic is compiled to pentium4 (and newer) there is a need for
a subtarget for older devices. The x86-legacy subtarget is set to
compile to pentium (and newer) and should support even very old devics.
x86-legacy includes the packages from x86.inc to only maintain one
package list. The three excludes are because the packages do not exist
for x86-legacy.
The OpenWrt feeds.conf.defaults contains some feeds that are commented out
and not active. Such feeds will be returned by the default_feeds.sh script
anyway and causing pseudo feeds. Limit the script to only return active
feeds, by filtering out lines starting with '#'.
This usually only applies to the OpenWrt master branch.
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
change as per NeoRider
As a partial fix to #496, do not touch the MAC address of the WAN
interface when using VXLANs (as only the MAC address of the VXLAN
interface matters to batman-adv).
This reverts commit 2a8943e516.
.SILENT gets passed down to OpenWrt make as -s through MAKEFLAGS. This
hides certain messages from the build log with V=s.
On PoE-powered devices, we usually want to use WAN for the setup mode.
As all outdoor devices are PoE-powered, we can reuse this function. This
switches the setup mode interface for new installations / after config
reset on a few devices that were missing in this list before.
The 'preserve' flag can be used to mark a peer so it is not removed or
modified on upgrades. In addition, groups containing preserved peers are
not removed.
Fixes: #557
a8c92e9eda opkg: Fix PKG_MIRROR_HASH
844b892a74 ath10k-firmware: fix mirror hash
7e9d84ee4a opkg: update to latest Git HEAD
81f3f6540e wireguard: bump to 1.0.20200506
b956f6bd13 wireguard: bump to 20191226
c61fbdd087 odhcpd: fix PKG_SOURCE_DATE
5e8b50da15 odhcpd: fix lan host reachibility due to identical RIO and PIO prefixes (FS#3056)
ac5d5d8d09 ustream-ssl: update to 19.07 Git HEAD
a6caa8fad1 uhttpd: update to 19.07 Git HEAD
3b9e4d6d4c fstools: update to the latest version
af5ada457 wifidog-ng: remove incorrect PKG_BUILD_DIR override
b8ce0e959 ddns-scripts: Increment PKG_RELEASE and internal version number
9437c31c8 ddns-scripts: cloudflare.com-v4: Fix grep patterns.
b7958778a ddns-scripts: cloudflare.com-v4: Fix success check for new response format JSON response now has spaces between parameters. Accept this new format and the old one.
98f12a896 ddns-scripts: fix logging bug
a6a2c8d13 ddns-scripts: use HTTP for IPv6 dyndns URL
d040b2471 ddns-scripts: remove HTTPS from dyndns URL
ab7dfd76b ddns-scripts: use new DDNS URL for dyndns.org
c2943b13f ddns-scripts: update ddnss.de response
4d050bac7 ddns-scripts: Use https for domains.google.com
4938c148c nextdns: Update to version 1.5.7
501c782f7 youtube-dl: update to version 2020.5.3
f79cb0907 gerbera: add
2ce218bdc vpn-policy-routing: support phys-dev policies
9eb229c09 vpn-policy-routing: bugfix: remove non-ASCII from log; update README
0ae7e11d7 vpnbypass: bugfix: remove non-ASCII from system log; update README
1d5350fb4 openconnect: updated to 8.09
b10a73c9a ocserv: updated to 1.0.1
04af75b94 youtube-dl: update to version 2020.3.24
e92ac8abe travelmate: fix captive portal detection
c0f906273 bash: Import upstream patches
The netdev() lookup is confusing to use: whenever a interface does not
exist during boot (for example VLAN) or when the address is overridden
from board.json (which is not obvious at all), it will yield either no
address, or a different address than expected.
To avoid this confusion, using board.json-based interface() is
preferable. This converts all uses of netdev() to the corresponding
lan/wan lookups, except for the final fallback for eth0.
- Replace misnamed, closure-returning sysfs() to a reusable read() function
- Rename eth() to netdev(), pass full interface name
- Rename board() to interface()
- Split reuable get_netdev_addr() out of netdev()
d9244a1b5b generic: ar8216: fix unknown packet flooding for ar8229/ar8236
429e4490c4 libpcap: fix library packaging issues
e678cb1595 kernel: bump 4.14 to 4.14.179
8fa4ed9ef7 fstools: update to the latest version
5c6dfb5bc0 fstools: update to the latest version
607809dcdc mac80211: Update to version 4.19.120
96d280cc37 scripts/download: add sources CDN as first mirror
55ccb04046 upgs: Remove extra _DEFAULT_SOURCE definition
ee480c50c1 dante: Fix compile with glibc
5f0e25d966 perf: build with NO_LIBCAP=1
005adba939 mac80211: ath10k: increase rx buffer size to 2048
0974d59b5f kernel: backport fix for non-regular inodes on f2fs
f40947a8c0 ath79: indicate boot/failsafe/upgrade for NanoBeam/Nanostation AC
65cf72d5d2 ath79: add SUPPORTED_DEVICES based on ar71xx for some devices
f9ef0c5705 kernel: bump 4.14 to 4.14.178
2df0ea042d wpad-wolfssl: fix crypto_bignum_sub()
ec6cb33452 mac80211: backport fix for an no-ack tx status issue
f141cdd200 hostapd: unconditionally enable ap/mesh for wpa-cli
54b6683390 wireless-regdb: backport three upstream fixes
55591e63bc curl: backport fix for CVE-2019-15601
35ea808b97 uboot-kirkwood: fix ethernet and usb
Compile-tested: all targets
gsub() returns the number of matches as its second return value. This
was unintendedly passed through by the util functions trim() and
node_id(). It can be presumed that this had no effect in practice, but
it can lead to surprising output when passing values to print() for
debugging.
The precedence of different package lists was broken since #1876,
disallowing removal of GLUON_FEATURES packages via GLUON_SITE_PACKAGES.
Including all package selections, both implicit defaults and explicit
handling in Gluon, the order of precedence is now the following:
1. OpenWrt defaults (including target-specific defaults)
2. Device-specific packages from OpenWrt
3. Generic default packages (from target/generic)
4. Target default packages (target/$(GLUON_TARGET))
5. Removal of opkg for tiny targets
6. Packages derived from GLUON_FEATURES + GLUON_FEATURES_$(class)
7. GLUON_SITE_PACKAGES
8. GLUON_SITE_PACKAGES_$(class)
9. Device-specific packages from target/$(GLUON_TARGET)
10. Device-specific packages from GLUON_$(device)_SITE_PACKAGES
This also contains various pieces of cleanup:
- No hardcoded order of device classes for target_config.lua arguments
anymore (in fact, the Makefile doesn't know anything about device
classes now)
- target_conifg_lib.lua only hardcodes the fallback class for x86, no
other occurences of specific class names
- Feature -> package list mapping is moved from Makefile to the Lua code
as well (still implemented in Shell though)