Commit Graph

3304 Commits

Author SHA1 Message Date
Matthias Schiffer
39284f00d0
gluon-core: firewall: allow Multicast Listener Discovery on mesh/local_client
Based-on-patch-by: Christof Schulze <christof.schulze@gmx.net>
2017-12-27 02:43:33 +01:00
Matthias Schiffer
a252383918
gluon-core: firewall: remove redundant ICMPv6 output rules
OUTPUT is always accepted, no need to allow ICMPv6 explicitly.
2017-12-27 02:43:33 +01:00
Matthias Schiffer
fe2048e4df
gluon-core: firewall: coding style
Wrap long lines.
2017-12-27 02:43:33 +01:00
Ralf Jung
4bae0a429f docs: dns-cache: explain setting dns.servers a bit more (#1268) 2017-12-27 00:21:08 +01:00
edeso
ab16cea161
build: allow passing relative paths
Allow using relative paths for GLUON_SITEDIR, GLUON_OUTPUTDIR, ...

We also check for whitespace in paths now, as build will not work properly
with whitespace anyways, and Make's abspath would require escaping
otherwise.

[Matthias Schiffer: minor changes, rewrite commit message]
2017-12-25 17:54:42 +01:00
David Bauer
70784cb3b2 ar71xx: add support for TP-Link TL-WR1043N v5 (#1279) 2017-12-19 04:22:44 +01:00
Rotzbua
3e25039012 docs: README.md: switch to https URLs (#1278) 2017-12-14 16:12:10 +01:00
Steffen Förster
9136562517 ramips-rt305x: add D-Link DIR-615 rev D1-D4 2017-12-08 00:00:35 +01:00
Matthias Schiffer
d21c3e4964
modules: update LEDE
7f3dab2fc3 kernel: bump 4.4 to 4.4.102
d3f40aabba wireguard: bump to 20171122
7ec639451d ramips: fix Planex CS-QR10 device packages
6cfa7e5788 ramips: fix DCH-M225 support
e626942c33 dnsmasq: load instance-specific conf-file if exists
d64c0e54a5 rpcd: update to version 2017-11-12
ecaad8b2cb brcm47xx: fix switch port mapping on D-Link DIR-330
d851d7fa56 wireguard: fix portability issue
8751bd771d wireguard: move to kernel build directory
ed571c14e0 wireguard: bump to 0.0.20171111
c9fb48a432 procd: update to latest git HEAD (fixes and improvements)
cda8ec7dd8 openssl: update to 1.0.2m
421754191d brcm47xx: fix switch port mapping on Asus RT-N12 and RT-N16 models
95824b9bf6 rpcd: update to the latest version from 2017-11-09
792559f25b mountd: bump to git HEAD version (optimization fixes)
a0ef1c478a functions.sh: fix default_postinst function
2017-11-26 15:44:41 +01:00
kb-light
17d1c65610
ramips-mt7621: do not tag ubnt-erx(-sfp) as broken
There is no wifi, so there is no bad wifi.

[Matthias Schiffer: rebase onto master]
2017-11-26 12:46:20 +01:00
Karsten Böddeker
64cfd648cb
ramips-mt7621: add support for UBNT EdgeRouter X-SFP
[Matthias Schiffer: remove patch "ramips: simplify ubnt-erx-sfp device
definition", as it depends on other patches that have not been backported]
2017-11-26 12:44:52 +01:00
Christof Schulze
c544846bc5
gluon-neighbour-info: allow respondd replies on mesh and wan interface 2017-11-25 23:31:23 +01:00
Christof Schulze
e5b4d25451
gluon-respondd: allow access to respondd from mesh-internal addresses 2017-11-25 23:31:08 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
 * gluon-core: put clients in local_client zone, introduce drop-zone,
   set dns-rules and zones
 * gluon-respondd: allow respondd on mesh
 * gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
7351fb5d4a
gluon-web-network: fix reading "legacy" mode settings from UCI
Fixes #1269
2017-11-25 22:08:58 +01:00
Matthias Schiffer
87c741b45e
scripts: run feeds.sh with bash like the other scripts handling modules
Fixes #1262
2017-11-23 17:44:46 +01:00
Andreas Ziegler
1ca402ee46 ramips-mt7621: ZBT-WG3526 has no factory image 2017-11-23 03:09:03 +01:00
Andreas Ziegler
14ef0387ea ramips-mt7621: add ZBT-WG3526 2017-11-23 03:05:58 +01:00
kb-light
f7f659c254
gluon-web-network: make poe_passthrough more generic 2017-11-15 22:45:22 +01:00
Andreas Ziegler
6f7504b48a docs: site-example: site.conf: fix typo 2017-11-15 03:44:53 +01:00
Matthias Schiffer
d147c987c6
modules: update LEDE
6b6578feec wireguard: version bump to 0.0.20171101
9740523763 ar71xx: fix LED config for DIR-869 A1
bdf19eec35 ipq806x: nbg6817: sync MAC addresses to the upstream values
2aff2add31 ipq806x: nbg6817: add kmod-fs-ext4 to device packages
63f6408ccc uclient: update to the latest version, fixes fetch of multiple files
2017-11-05 20:40:20 +01:00
Matthias Schiffer
460830bea1
modules: update Gluon packages
16bf1f9 libpacketmark: fix call of initialization function (again)

Fixes #1245
2017-11-04 20:56:54 +01:00
Matthias Schiffer
3fce6a6836
docs: fix recommended command line to generate site seed
Without -v, hexdump would sometimes replace duplicate bytes with "*" and
a newline.
2017-10-31 22:41:33 +01:00
Christof Schulze
94e7827ac8
gluon-status-page: improve localization (#1241) 2017-10-31 19:25:27 +01:00
Matthias Schiffer
7a53482f86
modules: update LEDE
3eae19acee ramips: fix Youku-YK1 support
8a48a53dcb tools/squashfs4: include sysmacros.h explicitly
8406e50df5 tools/squashfs: include sysmacros.h explicitly
96dbf59e5a tools/mtd-utils: include sysmacros.h explicitly
d2fd6412a6 tools/findutils: include sysmacros.h explicitly
367b4563b4 dnsmasq: restore ability to include/exclude raw device names
ee6fa8d839 lantiq: add missing default lan interface
2bee675d33 ipq806x: fix Zyxel NBG6817 WiFi button
f5935f78a1 ramips: fix default usb support for nexx wt3020-8M
2017-10-29 20:48:31 +01:00
Matthias Schiffer
f7baa2c4df
modules: update OpenWrt packages
Fixes a build issue in kmod-jool.

82ef2fd7 jool: fix PKG_BUILD_DIR to avoid kernel ABI mismatch
fee9a0aa monit: update to 5.24, use https download url
5a6fcfbc monit: update to 5.23
4479fada monit: update to 5.20, use PKG_HASH
9ce3deb8 sqlite3: update to 3.19.3
6bca8579 libs/sqlite3: Update to 3190200
0a279576 sqlite: update to 3.17.0
58a1a733 libwebsockets: add PROVIDES to both variants
e967fd8c icu: fix CVE-2017-14952 Double-Free Vulnerability [lede-17.01]
3c29b149 Revert "Provides a way to acquire the list of installed packages without the"
27bdc743 Revert "add ubus call to perform a sysupgrade and acl file for the attended"
cdcf6ad2 Revert "due to renaming .rpcd was forgotten in the Makefile"
04cbc70c due to renaming .rpcd was forgotten in the Makefile
f6c287f1 add ubus call to perform a sysupgrade and acl file for the attended sysupgrade use case as well uci defaults. Package is a part of the GSoC 17 project implementing easy sysupgrade functionality.
983819f3 Provides a way to acquire the list of installed packages without the need to have opkg available. It is being used for the GSoC 17 project implementing easy sysupgrade functionality.
cd5c4487 wireguard: drop package
9040b270 noddos: new backport of noddos from master branch
72e88678 wireguard: bump to release 0.0.20171005 for 17.01
de79f4c7 bluez: fix CVE-2017-1000250
b56e6504 tor: update to version 0.2.9.12
c69b0774 tor: update to version 0.2.9.11
ea9ca5ed ruby: bump to 2.4.2
fa3a118d collectd: uptime plugin: apply fix from upstream
4739584c mwan3: fix interface-bound traffic when interface is offline
d61bf45c haproxy: update to 1.7.8 and pending patches  - fixes reload issue with hanging process
a6a44f91 pcre: Added fix for CVE-2017-11164 by adding stack recursion limit
1434dbdf pcre: upgrade to version 8.41  - fixes security issues
ad256bbf strongswan: fix typo
a7007291 strongswan: add curve25519 plugin
1143cb9b strongswan: bump to 5.5.3
384e89b3 strongswan: bump to 5.5.2
fe233e35 net/mwan3: update Makefile
42f46570 unbound: update to 1.6.5
a3c78648 net/mwan3: remove lock file on mwan3 stop
282e9001 net/mwan3: fix ping issue if last interface recovers from failure
94a52336 net/mwan3: fix ipset generation in hotplug script with an lock
822bc96b net/mwan3: add lock for mwan3 hotplug script
70d96f5d net/mwan3: add connected network regardless of mwan3 interface enable state
8a111b5b net/mwan3: mwan3track interrupt sleep on signal (trap) event
eefc65b0 net/mwan3: fix hotplug on ACTION ifdown
7fb33ad6 mosquitto: properly use localhost instead of ipv4
75f50611 mosquitto: support more config options in UCI
956ef7a8 acme: Make sure postrm script doesn't fail
788f17e9 acme: Fix for curl linked against mbed TLS. (#4254)
5383fd42 nlbwmon: update to latest version
29fb31fe nlbwmon: add package
ce5ff274 mosquitto: update to 1.4.14
bdac4914 mosquitto: update to 1.4.13
e4e22eb9 zabbix: update to 3.2.6
4ea3c274 zabbix: partially fix zabbix-extra-mac80211
26897f09 zabbix: update to 3.2.4, use PKG_HASH
f2539c58 lighttpd: backport more mod_cgi fixes queued for 1.4.46
46014e36 coreutils: stdbuf: fix missing libstdbuf.so
e8af9ce4 gnutls: updated to 3.5.13
4c26df19 libtasn1: updated to 4.12
b91c48ba openconnect: new option mtu
7af43217 openconnect: drop stale config: interface
9c9571fd openconnect: Bump openconnect to 7.08
72928442 minidlna: backport fixes from 1.1.6 and 1.2.0 releases
ca5d4b08 openldap: update to 2.4.45
dc558eaa mosquitto: fix empty client-nossl package
33d8f9e5 libdmapsharing: update to 2.9.38
53d18a45 tor: update to version 0.2.9.10
2017-10-29 18:47:17 +01:00
Matthias Schiffer
becc90d818
build: delete lede/tmp on module updates
LEDE doesn't always notice that the metadata needs to be refreshed.
2017-10-29 18:44:30 +01:00
Matthias Schiffer
207337b5de
modules: update Gluon packages
5249974 libpacketmark: fix call of initialization function

Fixes #1245
2017-10-25 14:57:05 +02:00
Matthias Schiffer
3a8ea42595
modules: update LEDE (2017-10-23)
0780e12483 opkg: bump to 2017-10-23 (lede-17.01)
98c003e3da lantiq: ARV752DPW22: fix wireless mac address
50db9a4004 lantiq: ARV752DPW22: set correct wireless led trigger

Fixes #1246
2017-10-23 23:57:44 +02:00
lrnzo
0b4cbec0e9
docs: change group name gluon-fastd to gluon-mesh-vpn
The group was renamed during the development of Gluon v2017.1, adjust the
documentation accordingly.
2017-10-22 20:34:05 +02:00
Andreas Ziegler
a040ec0083
ar71xx: add TP-Link Archer C25 (#1238)
BROKEN because of stability issues with 5GHz enabled.
2017-10-22 01:43:20 +02:00
Matthias Schiffer
53de2e65c5
modules: update Gluon packages
6d2b807 lua-simple-uci: fix set()/tset()/section() with empty lists
5733253 libbabelhelper: adapt to new install paths due to package version change
ce7f69a use latest libbabelhelper
f76cfa8 mmfd: bump version to pull in latest adaptions to libbabelhelper
b4f97fb mmfd: bump version to pull in latest adaptions to libbabelhelper
706bef6 respondd: add diagnostics about failed module load (#171)
4f1a0c0 mmfd: bump version
f5cc0fb libbabelhelper: add initial version
2017-10-19 02:13:44 +02:00
Matthias Schiffer
184e2283ce
modules: update LEDE base
373fa54d35 kernel: bump 4.4 to 4.4.93 for 17.01
586a721d3f mountd: bump to git HEAD version (fixes SIGSEV crashes)
cdb2684dce LEDE v17.01.4: revert to branch defaults
444add156f LEDE v17.01.4: adjust config defaults
79f57e422d wireguard: version bump to 0.0.20171017
d501786ff2 hostapd: add wpa_disable_eapol_key_retries option
b6c3931ad6 hostapd: backport extra changes related to KRACK
a5e1f7f5ef mac80211: backport kernel fix for CVE-2017-13080
46e29bd078 x86: partly revert cabf775
707305a19d mac80211: Update wireless-regdb to master-2017-03-07
907d8703f4 wireguard: add wireguard to base packages
bff16304b0 brcmfmac: backport length check in brcmf_cfg80211_escan_handler()
fa0b5fce1f kernel: bump 4.4 to 4.4.92
e6fd17d04c ramips: fix compile warning in MT7621 NAND driver
2e9f3c6225 ramips: fix typo in MT7621 NAND driver
63c17142c8 hostapd: merge fixes for WPA packet number reuse with replayed messages and key reinstallation
cdd093b539 x86/64: add xen DomU support
cabf775e64 x86: Refresh subtargets kernel config
da0219ed9f x86: Fix xen serial console by removing conflicting PATA driver
f52b404aee x86/generic: use HIGHMEM64G instead of HIGHMEM4G to fix PAE and Xen
8ad1b09c6d kernel: add fix for bgmac with B50212E B1 PHY
c1023c8075 mt76: sync with version 878456caf60d from master
baa8eaaba6 bcm53xx: backport DTS changes up to the first 4.15 queued commits
94aa2b8af0 ar71xx: add rssileds to WA850RE v1 image
f67c22e0c2 toolchain/gdb: update to version 8.0.1
067221360e cmake: fix build error with Xcode 9 on macOS 12
a999f91ca3 gcc: fix build error with macOS + Xcode 9
2ce9c84a92 build: add a darwin sitefile to deal with macOS 10.12 + Xcode 9 build errors
f9a849ca84 ramips: mt7620: do not pad sysupgrade Archer images
2017-10-18 21:15:38 +02:00
Martin Weinelt
1992d4fd29 docs: mtu: fix reference to faq entry, add mtu diagram locally 2017-10-17 01:16:26 +02:00
Martin Weinelt
e4ef421711 docs: faq: clarify how to calculate proper mesh-vpn mtu value 2017-10-14 13:59:46 +02:00
Martin Weinelt
0d1d579196 docs: mesh-vpn: recommend better default mtu 2017-10-14 13:59:46 +02:00
Ruben Barkow
99c405756f gluon-web-theme: allow more width in style for input fields and selectboxes (#1229) 2017-10-14 13:42:24 +02:00
David Lutz
ced1b7ab98 contrib/sign.sh: fix typo (#1237) 2017-10-13 02:18:47 +02:00
Tarnatos
230897be86 docs: autoupdater.rst: add GLUON_RELEASE to make manifest (#1235) 2017-10-12 09:50:17 +02:00
hexa-
ea01c467f2
docs: fix typo in v2017.1.3 release notes (#1234) 2017-10-11 02:01:50 +02:00
Matthias Schiffer
36c940c11d
docs, README: import v2017.1.3 release notes 2017-10-04 22:53:30 +02:00
Matthias Schiffer
cc1f6555c8
modules: update LEDE (2017-10-03)
Update to LEDE v17.01.3.

ee32de4426 LEDE v17.01.3: revert to branch defaults
df54a8f583 LEDE v17.01.3: adjust config defaults
d0bf257c46 uhttp: update to latest version
2017-10-04 00:49:57 +02:00
Matthias Schiffer
9324d18fee
gluon-mesh-batman-adv: filter out all packages between bat0 and local-port
Filtering by MAC address won't filter out multicast packages like router
solicitations, causing uradvd to send out router advertisements with
maximum frequency (every 3 seconds) in active meshes, even when no local
client is actually interested in the advertisements.

Fixes #1230
2017-10-03 17:07:42 +02:00
Matthias Schiffer
a8f5051104
modules: update LEDE (2017-10-02)
783465d783 odhcpd: don't enable server mode on non-static lan port
c92c1894a5 odhcpd: backport fixes from master branch (FS#402, FS#524)
4b4a4af814 dnsmasq: bump to v2.78
b8357e87d7 base-files: create /etc/config/ directory
3350137bd3 sunxi: clean up modules definitions
a881323cb2 ltq-vdsl-mei: revert disable optimized firmware download
f483a35f08 curl: fix security problems
e232c6754d mbedtls: update to 2.6.0 CVE-2017-14032
37e1bd27d0 generic: drop 704-phy-no-genphy-soft-reset.patch
720b0e2e2d kernel: update 4.4 to 4.4.89
b428f45c06 ltq-vdsl-mei: disable optimized firmware download
39e5cd9556 ltq-vdsl: fix PM thread suspend and resume handling
86f0e8b091 openvpn: add "extra-certs" option
af802bc687 lantiq: fix missing otg_cap on danube platform
12a0da6315 tcpdump: noop commit to refer CVEs fixed in 4.9.2
f66c6e1d8a tcpdump: bump to 4.9.2
a131f7cb69 utils/tcpdump: Rework URLs
7f1359c14e base-files: fix wan6 interface config generation for pppoe
97ebdf93a3 ipq806x: Archer C2600: fix switch ports numbering
d33f7905df treewide: fix shellscript syntax errors/typos
4f162ac3ce ramips: fix hg255d LED status support
2017-10-02 21:08:11 +02:00
Christof Schulze
86e89a86d1 gluon-mesh-vpn-fastd: make respondd module compile again (#1228)
by moving the declaration of ret to the top of get_fastd()
2017-09-24 23:49:00 +02:00
lemoer
4899dda4af treewide: check for NULL after uci_alloc_context() (#1224) 2017-09-21 20:56:40 +02:00
Matthias Schiffer
c0b4fb54a4
modules: update LEDE
Fixes #1223
2017-09-11 19:50:45 +02:00
Matthias Schiffer
32c010ce3b
modules: update LEDE 2017-09-07 15:39:12 +02:00
Matthias Schiffer
08cbbf9925
build: move all generic config generation to targets/generic
As the default package list is now handled using the 'packages' directive,
explicit wpad-mini removals in target definitions can be dropped.
2017-09-07 03:21:42 +02:00
Matthias Schiffer
587c5016cb
build: handle generic and target-specific config in the same run of target_config{,_check}.sh
This, together with a new try_config directive, will allow checking the
generic config and make it more flexible.
2017-09-07 00:17:57 +02:00