A section can be marked as preseved by setting the gluon_preserve option
to 1. In addition the following conditions must hold:
- The preserved section must not already exist after OpenWrt's and
Gluons setup scripts run. Modifying existing sections is currently
unsupported.
- Preserved sections must be named, so it can be detected whether a
section conflicts with a preexisting one.
Allow interface names to change on updates to handle hwconfig -> DSA and
similar migrations.
On devices with only a single interface, a sysconfig single_ifname is
created instead of wan_ifname or lan_ifname to allow separate
configuration in site.conf.
With the new role-based interface configuration, it would be better to
rename the wan/wan6 interfaces to uplink/uplink6, but that would cause
unnecessary churn for the firewall configuration, so it is left for a
later update.
As all interfaces with the 'uplink' role are in the br-wan bridge, it is
not possible to assign these to the 'mesh' role independently - instead,
br-wan is added as a mesh interface as soon as a single interface has
both the 'uplink' and 'mesh' roles. The UCI section for this
configuration is now called 'mesh_uplink' instead of 'mesh_wan'.
For all interfaces that have the 'mesh', but not the 'uplink' role a
second configuration 'mesh_other' is created. If there is more than one
such interface, all these interfaces are bridged as well (creating a
bridge 'br-mesh_other'). This replaces the 'mesh_lan' section with its
optional 'br-mesh_lan' bridge, but can also include interfaces that were
not considered "LAN" when interfaces roles are modified (via site.conf
or manually).
The new configuration generates sections iface_single/lan/wan in
/etc/config/gluon. These sections usually refer to a sysconfig-controlled
interface list, but adding custom sections with verbatim interfaces names
is also possible.
Each interface section contains a list of roles. The supported roles are
'client', 'uplink' and 'mesh'. Multiple roles can be configured on the
same interface (for example the old 'mesh_on_wan' setting would become
'uplink'+'mesh').
'client' is subsumed by any other role configured on the same interface
('client'+'mesh' is equivalent to 'mesh'). This property is important, as
it allows the Wired Mesh settings in gluon-web-network to simply add and
remove the mesh role without having to care what other roles are set -
so in the default setup, this would switch between 'client' and
'client'+'mesh' for the LAN interface.
By default, the WAN interface has role 'uplink' and the LAN interface
'client'; if only a single interface exists, the roles from the WAN
interface are used by default. The default for each of the three
interfaces (WAN/LAN/single) can be changed separated in site.conf,
superseding the old mesh_on_wan, mesh_on_lan and single_as_lan settings.
Swap the interfaces so than the PoE input port LAN0 is used for WAN and
config mode, and LAN1 becomes LAN.
To this end, the code previously used for ar71xx and removed in
commit 9fdc57c175 ("treewide: drop ar71xx platform specific code") is
reintroduced.
Fixes#2384
This copies the code from web-admin and uses it to create a neat
cli-accessible summary about a node
This could also be extended or possibly have all the data the status
page has
Co-Authored-By: Matthias Schiffer <mschiffer@universe-factory.net>
The 'hwmode' setting has been replaced with 'band' in OpenWrt to add
support for newer bands outside of 2.4G and 5G. Adjust Gluon accordingly.
[Matthias Schiffer: rebased, extended commit message]
The PHY lookup helper "find_phy_by_path" could not lookup the PHY name
for paths from multi-phy devices.
An example for such a path would be:
'1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
The integer after the plus (+) character determines the PHY index of the
specific device in relation to the PHY with the lowest index of the
device.
For example, if the device provides phy2 and phy3, the above path would
describe phy3. In case the device provides phy0 and phy1, it would
describe phy1.
Rewrite the "find_phy_by_path" function to support those paths as well
as regular device paths in a universal manner.
Signed-off-by: David Bauer <mail@david-bauer.net>
Delete all default network device sections upon first boot.
Only LAN & WAN networks are defined at this point. We are using the
legacy way of definiting bridges via the interface sections ifname
option.
The prior filtering was based upon a single device and didn't take into
consideration that DSA interface names can be named arbitrarily.
Signed-off-by: David Bauer <mail@david-bauer.net>
VoCores aren't exactly useful mesh nodes except for experimentation.
They certainly aren't worth maintaining a whole target, in particular
one that has a WLAN driver not used by any other target.
The file_contains_line helper function was not testing whether a file
exists or not prior attempting to read from it.
Add this check to circumvent errors on the private WiFi config in
case the hwflags file is missing.
Reported-by: Tom Herbers <freifunk@tomherbers.de>
Tested-by: Tom Herbers <freifunk@tomherbers.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
The relevant entry for the primary MAC location was lost when rebasing
the patch on OpenWrt 21.02.
Fixes commit ded4b8a711 ("rockchip-armv8: add FriendlyARM NanoPi R2S")
Signed-off-by: David Bauer <mail@david-bauer.net>
Configure a radio for HE (802.11ax) operation in case it's supported by
the hardware. This can be the case for 2.4 GHz as well as 5 GHz.
Signed-off-by: David Bauer <mail@david-bauer.net>
Before this commit the decision whether a vxlan layer will be
introduced between the lower interface before the interface is
added to batman was inside the proto. Now the decision is moved
to the user of the proto.
This device is a dual 5GHz device. It is recommended to manually change the
radio of the first device to the lower 5GHz channels and the second radio
to the upper 5GHz channels
This adds the OpenWrt label-mac device selection as the most preferred
fallback.
While this is only used on OpenWrt 19.07 for backports, we can also use
the label-mac device when backporting device support. This way, we have
to deal with less device-sepcific code downstream.
Signed-off-by: David Bauer <mail@david-bauer.net>
Specifications:
* SoC: MT7620A
* RAM: 64 MB DDR
* Flash: 8MB NOR SPI flash
* WiFi: MT7612E (5Ghz) and builtin MT7620A (2.4GHz)
* LAN: 1x100M
The -factory images can be flashed from the device's web
interface or via nmrpflash.
Both devices differ by a additional power outlet for the EX3800.
This patch has been tested on a EX3800 device.
This renames the local_client zone to loc_client, as local_clint exceeds
the maximum zone length allowed for firewall3, which is 11 bytes.
This worked previously due to firewall3 using unsafe string operations.
Now creation of the chain fails (latest OpenWrt master).
Reorder scripts so that the mesh_lan interface is accounted for.
Two other firewall upgrade scripts (mesh-babel and l3roamd) are
reordered as well. While there seems to be no hard dependency at the
moment, it makes sense to run the basic setup first, also to avoid
problems with future changes.
Closes: #2090
Fixes: ed094bc68c ("gluon-core: firewall: Allow custom gluon_wired interfaces (#2041)")
This will hide the outdoor mode setting on compatible devices in case
the defined channels should be preserved.
Otherwise a user might be under the impression their device is compliant
with outdoor operation when in reality it still uses prohibited
channels.
On lantiq, the default WAN ifname is 'dsl0' even on devices that have a
separate WAN port. At least on devices using swconfig we can override
this with the switch port labelled as 'wan'.
Because is_disabled() was always returning true or false, the
first_non_nil() would never actually check the default setting from
site.conf. This was broken since v2017.1.
Fixes: 6cf03bab37 ("treewide: replace normal uses of luci.model.uci with simple-uci to reduce LuCI dependencies")
The interfaces should always exist and just be disabled when outdoor
mode is enabled. Not creating them at all leads to an issue in the
advanced wifi settings where an additional reload of the page is
necessary after enabling or disabling the ourdoor mode to make the mesh
VIF options appear or disappear.
This allows for multiple mesh legs out of one box. Useful for offloaders
and networks using vlan for separate mesh transport.
Custom mesh interfaces in a VXLAN domain are otherwise firewalled.
This fixes#1479
This adds support for the beacon interval to be set on a per-band base.
This has the potential to reduce the amount of airtime used up for
sending beacon frames.
Separate wireless-related helper methods from the util module to a
new wireless module. This keeps them separated, as the amount of
wireless helpers increased in the past, justifying a separate module.
The netdev() lookup is confusing to use: whenever a interface does not
exist during boot (for example VLAN) or when the address is overridden
from board.json (which is not obvious at all), it will yield either no
address, or a different address than expected.
To avoid this confusion, using board.json-based interface() is
preferable. This converts all uses of netdev() to the corresponding
lan/wan lookups, except for the final fallback for eth0.
- Replace misnamed, closure-returning sysfs() to a reusable read() function
- Rename eth() to netdev(), pass full interface name
- Rename board() to interface()
- Split reuable get_netdev_addr() out of netdev()
gsub() returns the number of matches as its second return value. This
was unintendedly passed through by the util functions trim() and
node_id(). It can be presumed that this had no effect in practice, but
it can lead to surprising output when passing values to print() for
debugging.
This adds a helper method, which determines if the current platform
supports WPA3 or not.
WPA3 is supported if
- the device is not in the featureset category "tiny"
- the WiFi driver supports 802.11w management frame protection
Remove a lot of redundant code by switching to a match table listing
the targets and boards for each candidate for the primary MAC interface.
In addition, we add some flexiblity by allow to switch out the sysfs file
data source for the MAC address.