Commit Graph

3121 Commits

Author SHA1 Message Date
Christof Schulze
bc2fb8cc69 gluon-respondd: firewall should allow access for devices in zone local_client (#1291) 2017-12-31 19:57:57 +01:00
Christof Schulze
910a6c8bb3 gluon-respondd: add current unix time to statistics (#1287) 2017-12-29 23:49:28 +01:00
Matthias Schiffer
d531289dee
Backport patches for rx buffer stalls on QCA953x and QCA956x
Fixes #1101
2017-12-29 16:12:52 +01:00
Matthias Schiffer
21b3dd3259
build: add file size field to manifest lines
We would like to check the file size instead of downloading indefinitely.
The file size is added in another copy of the manifest lines, which is
ignored by older autoupdater implementations.
2017-12-28 22:57:37 +01:00
Matthias Schiffer
245e0f9ecc
Merge pull request #1280 from FreifunkVogtland/libbatadv
libbatadv: Add common batman-adv helper functions library
2017-12-28 14:50:13 +01:00
Christof Schulze
41ab551518
libgluonutil: add function that retrieves the node prefix from site.conf 2017-12-27 23:50:31 +01:00
Ruben Barkow
a92cfa3194 docs: standardize package descriptions and add missing example in site-example (#1179) 2017-12-27 21:48:21 +01:00
Matthias Schiffer
8e6e06c4b8
modules: update Gluon packages
57c6796 tunneldigger: clean up version variables in Makefile
90ecf80 tunneldigger: Update to newest upstream commit: (#178)
8769d07 L3roamd bump (#180) -- use all-nodes mac
79583b3 l3roamd: bump version, fix memleaks, adjust output (#177)
030be55 l3roamd: bump version to 2017-12-11
ffd793a libbabelhelper: update version
e0e4fa2 mmfd: bump version (compile fix) (#176)
25123fe bumping versions of l3roamd, mmfd, libbabelhelper
2017-12-27 17:53:18 +01:00
Sven Eckelmann
6701aa81a5 gluon-status-page-api: Use genl helpers from libbatadv
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:41 +01:00
Sven Eckelmann
a267cc7ee7 gluon-mesh-batman-adv: Use genl helpers from libbatadv
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:35 +01:00
Sven Eckelmann
624cffc744 libbatadv: Add library for common batman-adv helpers
Interacting with batman-adv's genl interface requires some code and
definitions which could be shared between different packages. libbatadv is
trying to do this without providing any guarantee for ABI or API stability.
It is only useful in very controlled environments like gluon.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:30 +01:00
Matthias Schiffer
f799518194
gluon-ebtables-filter-multicast: do not filter out Bridge Loop Avoidance
batman-adv uses gratuitous ARP packets with certain target addresses for
BLA.

Fixes #1198
2017-12-27 17:22:37 +01:00
Karsten
35237c2ca1 gluon-web-network: make 'PoE Power Port[0-9]' translatable (#1173) 2017-12-27 03:11:49 +01:00
Jan-Tarek Butt
f514ec13b5
brcm2708-bcm2709: add manifest_alias for raspberry-pi-2-model-b-rev-1.1 2017-12-27 03:06:19 +01:00
Jan-Tarek Butt
7b61cb16f8
brcm2708-bcm2708: add manifest_alias for raspberry-pi-model-b-rev-2
Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
2017-12-27 03:05:53 +01:00
Matthias Schiffer
2b1ffb3034
gluon-core, gluon-client-bridge: create local_client zone in core
As core defines basic rules for this zone, it makes sense to create it
there.
2017-12-27 02:43:34 +01:00
Matthias Schiffer
8ea5810bda
gluon-core: firewall: allow inbound ICMPv4 ping on local_node 2017-12-27 02:43:34 +01:00
Matthias Schiffer
39284f00d0
gluon-core: firewall: allow Multicast Listener Discovery on mesh/local_client
Based-on-patch-by: Christof Schulze <christof.schulze@gmx.net>
2017-12-27 02:43:33 +01:00
Matthias Schiffer
a252383918
gluon-core: firewall: remove redundant ICMPv6 output rules
OUTPUT is always accepted, no need to allow ICMPv6 explicitly.
2017-12-27 02:43:33 +01:00
Matthias Schiffer
fe2048e4df
gluon-core: firewall: coding style
Wrap long lines.
2017-12-27 02:43:33 +01:00
Ralf Jung
4bae0a429f docs: dns-cache: explain setting dns.servers a bit more (#1268) 2017-12-27 00:21:08 +01:00
edeso
ab16cea161
build: allow passing relative paths
Allow using relative paths for GLUON_SITEDIR, GLUON_OUTPUTDIR, ...

We also check for whitespace in paths now, as build will not work properly
with whitespace anyways, and Make's abspath would require escaping
otherwise.

[Matthias Schiffer: minor changes, rewrite commit message]
2017-12-25 17:54:42 +01:00
David Bauer
70784cb3b2 ar71xx: add support for TP-Link TL-WR1043N v5 (#1279) 2017-12-19 04:22:44 +01:00
Rotzbua
3e25039012 docs: README.md: switch to https URLs (#1278) 2017-12-14 16:12:10 +01:00
Steffen Förster
9136562517 ramips-rt305x: add D-Link DIR-615 rev D1-D4 2017-12-08 00:00:35 +01:00
Matthias Schiffer
d21c3e4964
modules: update LEDE
7f3dab2fc3 kernel: bump 4.4 to 4.4.102
d3f40aabba wireguard: bump to 20171122
7ec639451d ramips: fix Planex CS-QR10 device packages
6cfa7e5788 ramips: fix DCH-M225 support
e626942c33 dnsmasq: load instance-specific conf-file if exists
d64c0e54a5 rpcd: update to version 2017-11-12
ecaad8b2cb brcm47xx: fix switch port mapping on D-Link DIR-330
d851d7fa56 wireguard: fix portability issue
8751bd771d wireguard: move to kernel build directory
ed571c14e0 wireguard: bump to 0.0.20171111
c9fb48a432 procd: update to latest git HEAD (fixes and improvements)
cda8ec7dd8 openssl: update to 1.0.2m
421754191d brcm47xx: fix switch port mapping on Asus RT-N12 and RT-N16 models
95824b9bf6 rpcd: update to the latest version from 2017-11-09
792559f25b mountd: bump to git HEAD version (optimization fixes)
a0ef1c478a functions.sh: fix default_postinst function
2017-11-26 15:44:41 +01:00
kb-light
17d1c65610
ramips-mt7621: do not tag ubnt-erx(-sfp) as broken
There is no wifi, so there is no bad wifi.

[Matthias Schiffer: rebase onto master]
2017-11-26 12:46:20 +01:00
Karsten Böddeker
64cfd648cb
ramips-mt7621: add support for UBNT EdgeRouter X-SFP
[Matthias Schiffer: remove patch "ramips: simplify ubnt-erx-sfp device
definition", as it depends on other patches that have not been backported]
2017-11-26 12:44:52 +01:00
Christof Schulze
c544846bc5
gluon-neighbour-info: allow respondd replies on mesh and wan interface 2017-11-25 23:31:23 +01:00
Christof Schulze
e5b4d25451
gluon-respondd: allow access to respondd from mesh-internal addresses 2017-11-25 23:31:08 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
 * gluon-core: put clients in local_client zone, introduce drop-zone,
   set dns-rules and zones
 * gluon-respondd: allow respondd on mesh
 * gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
7351fb5d4a
gluon-web-network: fix reading "legacy" mode settings from UCI
Fixes #1269
2017-11-25 22:08:58 +01:00
Matthias Schiffer
87c741b45e
scripts: run feeds.sh with bash like the other scripts handling modules
Fixes #1262
2017-11-23 17:44:46 +01:00
Andreas Ziegler
1ca402ee46 ramips-mt7621: ZBT-WG3526 has no factory image 2017-11-23 03:09:03 +01:00
Andreas Ziegler
14ef0387ea ramips-mt7621: add ZBT-WG3526 2017-11-23 03:05:58 +01:00
kb-light
f7f659c254
gluon-web-network: make poe_passthrough more generic 2017-11-15 22:45:22 +01:00
Andreas Ziegler
6f7504b48a docs: site-example: site.conf: fix typo 2017-11-15 03:44:53 +01:00
Matthias Schiffer
d147c987c6
modules: update LEDE
6b6578feec wireguard: version bump to 0.0.20171101
9740523763 ar71xx: fix LED config for DIR-869 A1
bdf19eec35 ipq806x: nbg6817: sync MAC addresses to the upstream values
2aff2add31 ipq806x: nbg6817: add kmod-fs-ext4 to device packages
63f6408ccc uclient: update to the latest version, fixes fetch of multiple files
2017-11-05 20:40:20 +01:00
Matthias Schiffer
460830bea1
modules: update Gluon packages
16bf1f9 libpacketmark: fix call of initialization function (again)

Fixes #1245
2017-11-04 20:56:54 +01:00
Matthias Schiffer
3fce6a6836
docs: fix recommended command line to generate site seed
Without -v, hexdump would sometimes replace duplicate bytes with "*" and
a newline.
2017-10-31 22:41:33 +01:00
Christof Schulze
94e7827ac8
gluon-status-page: improve localization (#1241) 2017-10-31 19:25:27 +01:00
Matthias Schiffer
7a53482f86
modules: update LEDE
3eae19acee ramips: fix Youku-YK1 support
8a48a53dcb tools/squashfs4: include sysmacros.h explicitly
8406e50df5 tools/squashfs: include sysmacros.h explicitly
96dbf59e5a tools/mtd-utils: include sysmacros.h explicitly
d2fd6412a6 tools/findutils: include sysmacros.h explicitly
367b4563b4 dnsmasq: restore ability to include/exclude raw device names
ee6fa8d839 lantiq: add missing default lan interface
2bee675d33 ipq806x: fix Zyxel NBG6817 WiFi button
f5935f78a1 ramips: fix default usb support for nexx wt3020-8M
2017-10-29 20:48:31 +01:00
Matthias Schiffer
f7baa2c4df
modules: update OpenWrt packages
Fixes a build issue in kmod-jool.

82ef2fd7 jool: fix PKG_BUILD_DIR to avoid kernel ABI mismatch
fee9a0aa monit: update to 5.24, use https download url
5a6fcfbc monit: update to 5.23
4479fada monit: update to 5.20, use PKG_HASH
9ce3deb8 sqlite3: update to 3.19.3
6bca8579 libs/sqlite3: Update to 3190200
0a279576 sqlite: update to 3.17.0
58a1a733 libwebsockets: add PROVIDES to both variants
e967fd8c icu: fix CVE-2017-14952 Double-Free Vulnerability [lede-17.01]
3c29b149 Revert "Provides a way to acquire the list of installed packages without the"
27bdc743 Revert "add ubus call to perform a sysupgrade and acl file for the attended"
cdcf6ad2 Revert "due to renaming .rpcd was forgotten in the Makefile"
04cbc70c due to renaming .rpcd was forgotten in the Makefile
f6c287f1 add ubus call to perform a sysupgrade and acl file for the attended sysupgrade use case as well uci defaults. Package is a part of the GSoC 17 project implementing easy sysupgrade functionality.
983819f3 Provides a way to acquire the list of installed packages without the need to have opkg available. It is being used for the GSoC 17 project implementing easy sysupgrade functionality.
cd5c4487 wireguard: drop package
9040b270 noddos: new backport of noddos from master branch
72e88678 wireguard: bump to release 0.0.20171005 for 17.01
de79f4c7 bluez: fix CVE-2017-1000250
b56e6504 tor: update to version 0.2.9.12
c69b0774 tor: update to version 0.2.9.11
ea9ca5ed ruby: bump to 2.4.2
fa3a118d collectd: uptime plugin: apply fix from upstream
4739584c mwan3: fix interface-bound traffic when interface is offline
d61bf45c haproxy: update to 1.7.8 and pending patches  - fixes reload issue with hanging process
a6a44f91 pcre: Added fix for CVE-2017-11164 by adding stack recursion limit
1434dbdf pcre: upgrade to version 8.41  - fixes security issues
ad256bbf strongswan: fix typo
a7007291 strongswan: add curve25519 plugin
1143cb9b strongswan: bump to 5.5.3
384e89b3 strongswan: bump to 5.5.2
fe233e35 net/mwan3: update Makefile
42f46570 unbound: update to 1.6.5
a3c78648 net/mwan3: remove lock file on mwan3 stop
282e9001 net/mwan3: fix ping issue if last interface recovers from failure
94a52336 net/mwan3: fix ipset generation in hotplug script with an lock
822bc96b net/mwan3: add lock for mwan3 hotplug script
70d96f5d net/mwan3: add connected network regardless of mwan3 interface enable state
8a111b5b net/mwan3: mwan3track interrupt sleep on signal (trap) event
eefc65b0 net/mwan3: fix hotplug on ACTION ifdown
7fb33ad6 mosquitto: properly use localhost instead of ipv4
75f50611 mosquitto: support more config options in UCI
956ef7a8 acme: Make sure postrm script doesn't fail
788f17e9 acme: Fix for curl linked against mbed TLS. (#4254)
5383fd42 nlbwmon: update to latest version
29fb31fe nlbwmon: add package
ce5ff274 mosquitto: update to 1.4.14
bdac4914 mosquitto: update to 1.4.13
e4e22eb9 zabbix: update to 3.2.6
4ea3c274 zabbix: partially fix zabbix-extra-mac80211
26897f09 zabbix: update to 3.2.4, use PKG_HASH
f2539c58 lighttpd: backport more mod_cgi fixes queued for 1.4.46
46014e36 coreutils: stdbuf: fix missing libstdbuf.so
e8af9ce4 gnutls: updated to 3.5.13
4c26df19 libtasn1: updated to 4.12
b91c48ba openconnect: new option mtu
7af43217 openconnect: drop stale config: interface
9c9571fd openconnect: Bump openconnect to 7.08
72928442 minidlna: backport fixes from 1.1.6 and 1.2.0 releases
ca5d4b08 openldap: update to 2.4.45
dc558eaa mosquitto: fix empty client-nossl package
33d8f9e5 libdmapsharing: update to 2.9.38
53d18a45 tor: update to version 0.2.9.10
2017-10-29 18:47:17 +01:00
Matthias Schiffer
becc90d818
build: delete lede/tmp on module updates
LEDE doesn't always notice that the metadata needs to be refreshed.
2017-10-29 18:44:30 +01:00
Matthias Schiffer
207337b5de
modules: update Gluon packages
5249974 libpacketmark: fix call of initialization function

Fixes #1245
2017-10-25 14:57:05 +02:00
Matthias Schiffer
3a8ea42595
modules: update LEDE (2017-10-23)
0780e12483 opkg: bump to 2017-10-23 (lede-17.01)
98c003e3da lantiq: ARV752DPW22: fix wireless mac address
50db9a4004 lantiq: ARV752DPW22: set correct wireless led trigger

Fixes #1246
2017-10-23 23:57:44 +02:00
lrnzo
0b4cbec0e9
docs: change group name gluon-fastd to gluon-mesh-vpn
The group was renamed during the development of Gluon v2017.1, adjust the
documentation accordingly.
2017-10-22 20:34:05 +02:00
Andreas Ziegler
a040ec0083
ar71xx: add TP-Link Archer C25 (#1238)
BROKEN because of stability issues with 5GHz enabled.
2017-10-22 01:43:20 +02:00
Matthias Schiffer
53de2e65c5
modules: update Gluon packages
6d2b807 lua-simple-uci: fix set()/tset()/section() with empty lists
5733253 libbabelhelper: adapt to new install paths due to package version change
ce7f69a use latest libbabelhelper
f76cfa8 mmfd: bump version to pull in latest adaptions to libbabelhelper
b4f97fb mmfd: bump version to pull in latest adaptions to libbabelhelper
706bef6 respondd: add diagnostics about failed module load (#171)
4f1a0c0 mmfd: bump version
f5cc0fb libbabelhelper: add initial version
2017-10-19 02:13:44 +02:00
Matthias Schiffer
184e2283ce
modules: update LEDE base
373fa54d35 kernel: bump 4.4 to 4.4.93 for 17.01
586a721d3f mountd: bump to git HEAD version (fixes SIGSEV crashes)
cdb2684dce LEDE v17.01.4: revert to branch defaults
444add156f LEDE v17.01.4: adjust config defaults
79f57e422d wireguard: version bump to 0.0.20171017
d501786ff2 hostapd: add wpa_disable_eapol_key_retries option
b6c3931ad6 hostapd: backport extra changes related to KRACK
a5e1f7f5ef mac80211: backport kernel fix for CVE-2017-13080
46e29bd078 x86: partly revert cabf775
707305a19d mac80211: Update wireless-regdb to master-2017-03-07
907d8703f4 wireguard: add wireguard to base packages
bff16304b0 brcmfmac: backport length check in brcmf_cfg80211_escan_handler()
fa0b5fce1f kernel: bump 4.4 to 4.4.92
e6fd17d04c ramips: fix compile warning in MT7621 NAND driver
2e9f3c6225 ramips: fix typo in MT7621 NAND driver
63c17142c8 hostapd: merge fixes for WPA packet number reuse with replayed messages and key reinstallation
cdd093b539 x86/64: add xen DomU support
cabf775e64 x86: Refresh subtargets kernel config
da0219ed9f x86: Fix xen serial console by removing conflicting PATA driver
f52b404aee x86/generic: use HIGHMEM64G instead of HIGHMEM4G to fix PAE and Xen
8ad1b09c6d kernel: add fix for bgmac with B50212E B1 PHY
c1023c8075 mt76: sync with version 878456caf60d from master
baa8eaaba6 bcm53xx: backport DTS changes up to the first 4.15 queued commits
94aa2b8af0 ar71xx: add rssileds to WA850RE v1 image
f67c22e0c2 toolchain/gdb: update to version 8.0.1
067221360e cmake: fix build error with Xcode 9 on macOS 12
a999f91ca3 gcc: fix build error with macOS + Xcode 9
2ce9c84a92 build: add a darwin sitefile to deal with macOS 10.12 + Xcode 9 build errors
f9a849ca84 ramips: mt7620: do not pad sysupgrade Archer images
2017-10-18 21:15:38 +02:00