Commit Graph

1125 Commits

Author SHA1 Message Date
Matthias Schiffer
9e8a6ec2b5
gluon-web: remove lmo_canon_hash()
Our strings can be looked up verbatim.
2018-02-22 13:58:20 +01:00
Matthias Schiffer
b5817f5523
gluon-web: replace custom strfind() function with memmem() 2018-02-22 13:37:57 +01:00
Matthias Schiffer
0ff4761a57
gluon-web: remove unnecessary template_lualib.h 2018-02-22 13:34:32 +01:00
Matthias Schiffer
91ae553c93
gluon-web-node-role: don't mention "Freifunk" in the labels 2018-02-22 03:27:29 +01:00
Christof Schulze
9711afaf69
gluon-core: allow multiple domain names for next_node-feature
* change type of next_node.name
* create domain entry for each entry and add to dnsmasq configuration

[Matthias Schiffer: reword documentation]
2018-02-16 15:15:31 +01:00
T-X
b3762fc61c gluon-client-bridge: move IPv4 local subnet route to br-client (#1312)
This patch moves the prefix4 subnet route from the local-node veth
device to br-client (while keeping the next node ipv4 address on the
local node device).

This is in preparation to allow routing over the br-client interface
later.
2018-02-16 00:00:12 +01:00
Christof Schulze
f94a410738 gluon-l3roamd: let l3roam0 interface and routes be set up by l3roamd 2018-02-15 23:54:06 +01:00
Christof Schulze
e724fec260 gluon-l3roamd: adjust l3roamd startup parameters
* use local socket
* use main routing table,
* pass client-bridge
2018-02-15 23:54:06 +01:00
Linus Lüssing
84a6f65f02 gluon-ebtables-limit-arp: a package for ARP rate-limiting
This package adds filters to limit the amount of ARP Requests
devices are allowed to send into the mesh. The limits are 6 packets
per minute per client device, by MAC address, and 1 per second per
node in total.

A burst of up to 50 ARP Requests is allowed until the rate-limiting
takes effect (see --limit-burst in the ebtables manpage).

Furthermore, ARP Requests with a target IP already present in the
batman-adv DAT Cache are excluded from the rate-limiting,
both regarding counting and filtering, as batman-adv will respond
locally with no burden for the mesh. Therefore, this limiter
should not affect popular target IPs, like gateways.

However it should mitigate the problem of curious people or
smart devices scanning the whole IP range. Which could create
a significant amount of overhead for all participants so far.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2018-02-15 23:21:11 +01:00
kb-light
b98956e47e
gluon-config-mode-domain-select: new package
[Matthias Schiffer: slightly clean up code]
2018-02-15 20:57:53 +01:00
Matthias Schiffer
0dd03597a6
gluon-config-mode-core: allow returning functions from wizard modules
Allow returning functions in addition to the names of UCI packages to
commit. Functions are run after all packages have been committed.
2018-02-15 20:57:53 +01:00
Matthias Schiffer
345a5de861
gluon-core: add newline to the end of sysconfig files
Both gluon.sysconfig and libgluonutil already remove the trailing newline
if it exists. It's nicer to avoid files without a trailing newline, e.g.
for printing the file contents in a terminal.
2018-02-15 20:57:53 +01:00
Martin Weinelt
427c83754b gluon-core: 200-wireless: upgrade 11ac radios to VHT20 (#1328)
Patch originally authored by @oleeander.

Fixes #424
2018-02-15 20:29:19 +01:00
Matthias Schiffer
d61f6a1e85
gluon-core: rename iterate_radios() to foreach_radio(), pass whole radio section
Allows to remove some redundant UCI lookups.
2018-02-15 14:04:37 +01:00
Karsten
f69fbf7d05 gluon-core: don't disable legacy mesh on mesh_lan on reconfigure (#1323)
Fixes #1322
2018-02-07 07:33:25 +01:00
Martin Weinelt
42763d21dc
gluon-mesh-vpn-core: add public key to nodeinfo response
This is currently only implemented in the gluon-mesh-vpn-fastd
package.

Advertising the public key may be deemed problematic when
your threat-model involves protecting the nodes privacy
from tunnel traffic correlation by onlink observers.

It can be enabled by setting site.mesh_vpn.fastd.pubkey_privacy
to `false`.
2018-02-04 20:47:53 +01:00
Matthias Schiffer
623faf794a
gluon-web: fix access to undefined in checkvalue()
Fixes: cfe1bba8 "gluon-web: fix radio button view of ListValues"
2018-02-04 18:57:27 +01:00
Matthias Schiffer
9ece0daa76
gluon-web: ListValue: convert keys to strings before adding to key list
Fixes validation of ListValues.

Fixes: ec532b95 "gluon-web: extend ListValue with optional and unset
values"
2018-02-04 18:57:27 +01:00
Matthias Schiffer
c479d9160d
gluon-core: don't request a prefix via DHCPv6 on WAN
The prefix is not used, and requesting it leads to odhcp6c log spam with
certain DHCPv6 servers.
2018-02-03 03:02:56 +01:00
Matthias Schiffer
09c2e60cd4
gluon-core: upgrade/110-network: fix formatting 2018-02-03 03:02:20 +01:00
Matthias Schiffer
ec532b95cf
gluon-web: extend ListValue with optional and unset values
If a value is unset or optional, an empty choice is added to the selection.
This empty choice will be marked as invalid if the value is not optional.

This is properly supported for the 'select' widget only for now, and not
for 'radio'.
2018-01-31 17:08:21 +01:00
Matthias Schiffer
cfe1bba8ae
gluon-web: fix radio button view of ListValues
Pretty much everything about this was broken:
* Fix dependency tracking
* Fix vertical orientation
* Fix paddings
* Add theming
2018-01-31 15:47:45 +01:00
Matthias Schiffer
dbfd22d651
gluon-web: simplify DynamicList data attributes, respect size option 2018-01-30 23:55:08 +01:00
Matthias Schiffer
bc75ce5c86
gluon-site: remove dependency of GLUON_MULTIDOMAIN on gluon-site
Solves a recursive dependency problem.

While we're at it, also fix the description string.
2018-01-28 11:24:42 +01:00
Matthias Schiffer
6ae067cb37
gluon-core: add domain aliases and pretty name
Based-on-patch-by: lemoer <git@irrelefant.net>
2018-01-26 12:32:47 +01:00
lemoer
2ef0af5fe8
gluon-respondd: add system.domain_code to respondd provider "nodeinfo"
[Matthias Schiffer: rebase]
2018-01-26 12:32:47 +01:00
lemoer
146787fa5c
libgluonutil: merge domain and site configs
[Matthias Schiffer: rebase and simplify]
2018-01-26 12:32:47 +01:00
Matthias Schiffer
a2f45d0d32
gluon-core: store default domain in UCI 2018-01-26 12:32:46 +01:00
Matthias Schiffer
24a085a542
gluon-site: add default domain and check for it
This does not do anything yet, as this_domain() is not implemented yet.

Based-on-patch-by: lemoer <git@irrelefant.net>
2018-01-26 12:32:46 +01:00
Matthias Schiffer
07dbfea617
gluon-site: disable multidomain support by default 2018-01-26 12:32:46 +01:00
Jan-Philipp Litza
cf329daaf0
Add package gluon-radv-filterd
This package drops all incoming router advertisements except for the
default router with the best metric according to B.A.T.M.A.N. advanced.

Note that advertisements originating from the node itself (for example
via gluon-radvd) are not affected.
2018-01-25 23:02:49 +01:00
Matthias Schiffer
7ae8a51126
gluon-core: allow zero VXLAN UDP checksum on RX
Also disabling TX checksums and not only allowing incoming packets without
checksum will provide another small speedup. As doing so would break wired
meshing with VXLAN-enabled nodes that require non-zero checksums, we will
wait a few days before this step.
2018-01-24 22:41:29 +01:00
Matthias Schiffer
e54b37d835
gluon-core: firewall: move VXLAN rules to the top
Evaluating these rules before all the ICMPv6 rules improves wired mesh
throughput measurably.
2018-01-24 22:41:29 +01:00
Matthias Schiffer
2950cc3f59
gluon-core: only use a bridge for wired meshing when necessary
On most devices, there is only a single LAN interface connected to all LAN
ports, so no bridge is necessary.
2018-01-24 22:16:09 +01:00
Matthias Schiffer
c84820cb08
package/gluon.mk: add to PKG_FILE_DEPENDS
Ensure packages get rebuilt when gluon.mk changes.
2018-01-19 13:22:26 +01:00
Matthias Schiffer
775028475b
check_site: move site loading logic to check_site_lib (which is renamed to check_site.lua) 2018-01-19 12:33:52 +01:00
Matthias Schiffer
7ccdacd294
treewide: rework check_site_lib.lua
In addition to significant internal differences in check_site_lib.lua (in
particular unifying error handling to a single place for the upcoming
multi-domain support), this changes the way fields are addressed in site
check scripts: rather than providing a string like 'next_node.ip6', the
path is passed as an array {'next_node', 'ip6'}.

Other changes in site check scripts:
* need_array and need_table now pass the full path to the sub fields to the
subcheck instead of the key and value
* Any check referring to a field inside a table implies that all higher
levels must be tables if they exist: a check for {'next_node', 'ip6'} adds
an implicit (optional) check for {'next_node'}, which allows to remove many
explicit checks for such tables
2018-01-19 10:12:43 +01:00
Matthias Schiffer
414dfa8155
libgluonutil: simplify CMakeLists.txt
libgluonutil is not usable outside the OpenWrt/LEDE environment anyways, so
it doesn't make much sense to make the CMakeLists.txt overly generic.
2018-01-19 06:23:29 +01:00
Matthias Schiffer
020afc856f
gluon-site: install domain configs
The domain configs are not checked yet, and not used for anything.

Based-on-patch-by: lemoer <git@irrelefant.net>
2018-01-19 05:44:25 +01:00
lemoer
50812b162c
treewide: forbid use of selected site variables in domain specific or site configs
[Matthias schiffer: rebase, add a few more restrictions]
2018-01-19 04:05:27 +01:00
lemoer
b520bf5c50
gluon-core: rename site_seed to domain_seed
[Matthias Schiffer: rebase]
2018-01-19 03:30:06 +01:00
Matthias Schiffer
1dd9845db1
package/gluon.mk: use nicer escaping in GluonCheckSite 2018-01-19 01:38:56 +01:00
lemoer
adcd5b7311
gluon-core: add gluon-reconfigure script
Not useful by itself except for testing; will be used for multi-domain
support.

[Matthias Schiffer: rename script, use for initial configuration]
2018-01-19 01:10:39 +01:00
lemoer
0f5d932c4f
gluon-core: add util gluon-show-site to print merged site config
This should not convert JSON to a Lua table and back, as this loses the
distinction between arrays and objects, but as our site.conf is defined in
Lua anyways (for now), this can be fixed in a later revision.

[Matthias Schiffer: rename to gluon-show-site, rebase]
2018-01-19 01:07:44 +01:00
lemoer
5817170821
gluon-core: introduce "gluon" uci package
[Matthias Schiffer: change section name and commit message]
2018-01-19 00:41:25 +01:00
Matthias Schiffer
0b80f1b5ce
gluon-core: reimplement gluon.site module in C
By basing the Lua gluon.site module on gluonutil_load_site_config(), the
config load implementation needs to changed only in a single place for
multi-domain support.
2018-01-18 16:29:00 +01:00
Matthias Schiffer
6cf88c3b03
Replace luci-lib-jsonc with our own lua-jsonc 2018-01-18 16:28:59 +01:00
Matthias Schiffer
12103d9638
gluon-web: remove useless serialize_json alias 2018-01-18 07:49:00 +01:00
Matthias Schiffer
01336f70ec
gluon-core: firewall: make the default input policy REJECT
Fixes #1311
2018-01-17 09:51:10 +01:00
Matthias Schiffer
a32fddf38c
gluon-core: firewall: accept inbound VXLAN traffic on wired mesh interfaces
Fixes #1308
2018-01-17 09:51:10 +01:00
Matthias Schiffer
454555a030
gluon-alfred: firewall: allow alfred server announces from mesh 2018-01-17 08:06:42 +01:00
Matthias Schiffer
18feb29b29
gluon-autoupdater: don't reference old autoupdater util library
Fixes #1310
2018-01-17 01:06:15 +01:00
David Bauer
99b02701cc ar71xx: add support for TP-Link Archer C58/C59/C60 (#1281) 2018-01-16 18:51:12 +01:00
Matthias Schiffer
18b9174d03
Use 'disabled' attribute instead of 'auto' to disable wired mesh interfaces
The 'auto' attribute still allows enabling the interface using ifup, which
is not intended when wired mesh is disabled.
2018-01-11 23:06:36 +01:00
Linus Lüssing
4911da56e1
gluon-ebtables: Enable concurrent ebtables updates
This enables the ebtables internal locking mechanism which
will avoid race conditions between multiple, concurrent
ebtables calls.

This is a preparation for the upcoming gluon-arp-limiter
daemon, to avoid issues if upon restarting gluon-ebtables
the gluon-arp-limiter daemon tries to modify the tables.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2018-01-03 19:58:53 +01:00
David Bauer
9273e56c63 ar71xx: add support for TP-Link Archer C7 v4 (#1289) 2018-01-03 16:50:23 +01:00
Christof Schulze
bc2fb8cc69 gluon-respondd: firewall should allow access for devices in zone local_client (#1291) 2017-12-31 19:57:57 +01:00
Christof Schulze
910a6c8bb3 gluon-respondd: add current unix time to statistics (#1287) 2017-12-29 23:49:28 +01:00
Matthias Schiffer
245e0f9ecc
Merge pull request #1280 from FreifunkVogtland/libbatadv
libbatadv: Add common batman-adv helper functions library
2017-12-28 14:50:13 +01:00
Christof Schulze
41ab551518
libgluonutil: add function that retrieves the node prefix from site.conf 2017-12-27 23:50:31 +01:00
Sven Eckelmann
6701aa81a5 gluon-status-page-api: Use genl helpers from libbatadv
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:41 +01:00
Sven Eckelmann
a267cc7ee7 gluon-mesh-batman-adv: Use genl helpers from libbatadv
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:35 +01:00
Sven Eckelmann
624cffc744 libbatadv: Add library for common batman-adv helpers
Interacting with batman-adv's genl interface requires some code and
definitions which could be shared between different packages. libbatadv is
trying to do this without providing any guarantee for ABI or API stability.
It is only useful in very controlled environments like gluon.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:30 +01:00
Matthias Schiffer
f799518194
gluon-ebtables-filter-multicast: do not filter out Bridge Loop Avoidance
batman-adv uses gratuitous ARP packets with certain target addresses for
BLA.

Fixes #1198
2017-12-27 17:22:37 +01:00
Karsten
35237c2ca1 gluon-web-network: make 'PoE Power Port[0-9]' translatable (#1173) 2017-12-27 03:11:49 +01:00
Matthias Schiffer
2b1ffb3034
gluon-core, gluon-client-bridge: create local_client zone in core
As core defines basic rules for this zone, it makes sense to create it
there.
2017-12-27 02:43:34 +01:00
Matthias Schiffer
8ea5810bda
gluon-core: firewall: allow inbound ICMPv4 ping on local_node 2017-12-27 02:43:34 +01:00
Matthias Schiffer
39284f00d0
gluon-core: firewall: allow Multicast Listener Discovery on mesh/local_client
Based-on-patch-by: Christof Schulze <christof.schulze@gmx.net>
2017-12-27 02:43:33 +01:00
Matthias Schiffer
a252383918
gluon-core: firewall: remove redundant ICMPv6 output rules
OUTPUT is always accepted, no need to allow ICMPv6 explicitly.
2017-12-27 02:43:33 +01:00
Matthias Schiffer
fe2048e4df
gluon-core: firewall: coding style
Wrap long lines.
2017-12-27 02:43:33 +01:00
Ralf Jung
4bae0a429f docs: dns-cache: explain setting dns.servers a bit more (#1268) 2017-12-27 00:21:08 +01:00
Christof Schulze
c544846bc5
gluon-neighbour-info: allow respondd replies on mesh and wan interface 2017-11-25 23:31:23 +01:00
Christof Schulze
e5b4d25451
gluon-respondd: allow access to respondd from mesh-internal addresses 2017-11-25 23:31:08 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
 * gluon-core: put clients in local_client zone, introduce drop-zone,
   set dns-rules and zones
 * gluon-respondd: allow respondd on mesh
 * gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
7351fb5d4a
gluon-web-network: fix reading "legacy" mode settings from UCI
Fixes #1269
2017-11-25 22:08:58 +01:00
kb-light
f7f659c254
gluon-web-network: make poe_passthrough more generic 2017-11-15 22:45:22 +01:00
Christof Schulze
94e7827ac8
gluon-status-page: improve localization (#1241) 2017-10-31 19:25:27 +01:00
Ruben Barkow
99c405756f gluon-web-theme: allow more width in style for input fields and selectboxes (#1229) 2017-10-14 13:42:24 +02:00
Matthias Schiffer
9324d18fee
gluon-mesh-batman-adv: filter out all packages between bat0 and local-port
Filtering by MAC address won't filter out multicast packages like router
solicitations, causing uradvd to send out router advertisements with
maximum frequency (every 3 seconds) in active meshes, even when no local
client is actually interested in the advertisements.

Fixes #1230
2017-10-03 17:07:42 +02:00
Christof Schulze
86e89a86d1 gluon-mesh-vpn-fastd: make respondd module compile again (#1228)
by moving the declaration of ret to the top of get_fastd()
2017-09-24 23:49:00 +02:00
lemoer
4899dda4af treewide: check for NULL after uci_alloc_context() (#1224) 2017-09-21 20:56:40 +02:00
Matthias Schiffer
9ab93992d1
gluon-autoupdater: mirror URLs must start with http://
The older busybox-based wget erroneously accepted URLs without protocol.
Add validator to avoid building firmwares with broken autoupdates.
2017-09-05 19:04:27 +02:00
Matthias Schiffer
fda2d10b6f
gluon-web-admin: simplify info.html template 2017-08-11 22:09:08 +02:00
Matthias Schiffer
13b325355d
gluon-core: make old site_config library reference new one, not the other way around 2017-08-11 22:07:35 +02:00
Matthias Schiffer
ee6afaced9
treewide: use new gluon.site Lua library
Some files have received some additional refactoring.
2017-08-11 22:07:34 +02:00
Matthias Schiffer
fd36bcce07
gluon-web-admin: fix info.html template indentation 2017-08-11 21:25:46 +02:00
Matthias Schiffer
8dbf3ea568
gluon-mesh-batman-adv: fix radvd start with dns.servers, but without next_node.ip config 2017-08-11 20:56:06 +02:00
Matthias Schiffer
8a41ed05f1
gluon-core: more coding style fixes 2017-08-11 20:28:59 +02:00
kb-light
90305761ce
gluon-core: update lib/gluon/upgrade/150-poe-passthrough for naming within lede 2017-08-11 20:27:51 +02:00
kb-light
949f4b7dd5
gluon-core: lib/gluon/upgrade/150-poe-passthrough: fix indentation 2017-08-11 20:26:08 +02:00
Matthias Schiffer
3df9fcecb0
gluon-core: explicitly disable radios without configuration in site.conf 2017-08-08 14:08:35 +02:00
Matthias Schiffer
293a45456b
gluon-core, gluon-client-bridge: use new gluon.site library in gluon.util
In particular, this affects users of gluon.util.iterate_radios.
2017-08-08 14:07:09 +02:00
Matthias Schiffer
53b6065500
gluon-ebtables-source-filter: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:20 +02:00
Matthias Schiffer
12ec6ab2bc
gluon-mesh-batman-adv: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:20 +02:00
Matthias Schiffer
951f62ac85
gluon-config-mode-*, gluon-web-admin: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:16 +02:00
Matthias Schiffer
eef3bba123
gluon-client-bridge: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:09 +02:00
Matthias Schiffer
1d6e6726d7
gluon-core: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:02 +02:00
Matthias Schiffer
57adb49de2
gluon-core: add new gluon.site library for convenient access to optional values
The new gluon.site lua library will eventually replace gluon.site_config
(which is hereby deprecated, but will continue to be supported for a
while).

The new gluon.site library will wrap all values to allow traversing
non-existing tables without errors.

    site = require 'gluon.site'
    c = site.a.b.c -- doesn't fail even if a or a.b don't exist

The wrapped values must be unwrapped using call syntax:

    site_name = site.site_name()

Using the call syntax on a non-existing value will return nil. An
alternative default value may be passed instead:

    mac = site.next_node.mac('16:41:95:40:f7:dc')
2017-08-08 13:20:38 +02:00
Matthias Schiffer
73ad23936e
gluon-web-wifi-config: make the code a bit nicer
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:53 +02:00
Matthias Schiffer
0fee6cc707
gluon-web-logging: remove uci:set() nil check
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:53 +02:00
Matthias Schiffer
6884aad788
gluon-core: simplify 820-dns-config code 2017-08-08 04:31:53 +02:00
Matthias Schiffer
cd9ee858b8
gluon-config-mode-geo-location: remove uci:set() nil check
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:53 +02:00
Matthias Schiffer
4f51439167
gluon-config-mode-contact-info: remove uci:set() nil check
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:52 +02:00
Matthias Schiffer
31721a61f5
gluonc-core: 200-wireless: remove unneeded nil checks for uci:set_list()
uci:set_list() will delete the list when nil is passed, so there is no need
to differentiate between the cases.
2017-08-08 04:31:52 +02:00
Matthias Schiffer
06d0c0f211
gluon-core: fix 200-wireless coding style 2017-08-08 04:31:52 +02:00
Matthias Schiffer
2b9dd54f00
gluon-client-bridge: fix 320-gluon-client-bridge-wireless coding style 2017-08-08 04:31:52 +02:00
Matthias Schiffer
952439885e
gluon-mesh-vpn: fix fastd <-> tunneldigger migration
The generic upgrade script is moved to run after the more specific scripts.
In addition, the script will now remove the configuration sections of
uninstalled VPN packages, so both positive and negative changes of the
default enable state can be migrated correctly.

Based-on-patch-by: Cyrus Fox <cyrus@lambdacore.de>
Fixes: #1187
2017-08-08 01:39:29 +02:00
Matthias Schiffer
a76eaa5c45
gluon-mesh-batman-adv: preserve gw_mode on upgrades
When a Gluon node is used to connect to an uplink router/DHCP server (for
example in deployments without VPN tunnels), the gw_mode must be set to
server; this should be preserved on upgrades.

Fixes #1196
2017-07-25 23:49:11 +02:00
Steffen Förster
582d09615b
gluon-mesh-batman-adv: enable routing algorithm configuration through site.conf
[Matthias Schiffer: move to proto_gluon_bat0_setup() and default to BATMAN_IV]
2017-07-19 17:58:07 +02:00
kb-light
46126de792 Add new package gluon-web-logging (#1153) 2017-07-11 02:58:45 +02:00
Matthias Schiffer
3fd4ee99c3
gluon-l3roamd: fix incorrect dependency
gluon-mesh-babel is not merged yet, and once it is, this would lead to a
circular dependency.
2017-07-09 13:12:58 +02:00
Matthias Schiffer
6ca841bad5
build: introduce GLUON_FEATURES
To reduce the number of packages that need to be listed in
GLUON_SITE_PACKAGES, this adds a new variable GLUON_FEATURES. Sets of
packages are enabled automatically based on the combination of listed
feature flags.

Site-specified package feeds can provide their own feature flag
definitions.
2017-07-09 02:31:38 +02:00
Matthias Schiffer
818705280e
gluon-ebtables-*: add dependency on gluon-mesh-batman-adv
These packages don't work or don't make sense without batman-adv.
2017-07-08 21:23:00 +02:00
Matthias Schiffer
2cd30d644b
Remove redundant virtual packages
As PROVIDES can be used to replace real packages now, we don't need the
virtual packages as workaround anymore. This also means that the providing
packages don't need to be added to site.mk explicitly anymore when the
default provider is used.
2017-07-08 16:34:40 +02:00
Ruben Barkow
84d117ff73
gluon-web-admin: add option to show/hide password-login and add minimum password length 2017-07-07 02:15:52 +02:00
Sunz3r
b5a8959f59 gluon-config-mode-mesh-vpn: add tunneldigger to reboot page (#1172) 2017-07-06 13:24:15 +02:00
Ruben Barkow
0441c7d91f gluon-web-admin: typo "your node" (#1169) 2017-06-29 22:15:18 +02:00
Tata
5dcbbe93dc gluon-node-info: use GluonSrcDiet (#1168) 2017-06-29 11:59:22 +02:00
Matthias Schiffer
27f35e56b4
gluon-core: add interfaces having proto = gluon_mesh to mesh firewall zone
Based-on-patch-by: Christof Schulze <christof.schulze@gmx.net>
2017-06-27 23:49:56 +02:00
Christof Schulze
e432dd4d9f
gluon-core: gluon_mesh.sh: whitespace cleanup 2017-06-27 23:45:58 +02:00
Matthias Schiffer
ae593d8439
gluon-core: convert site seed to lowercase
While we use the hexadecimal representation as a hash input for simplicity,
it should not be interpreted as case-sensitive.
2017-06-27 23:28:23 +02:00
Matthias Schiffer
0ceb25e3e7
gluon-web-network: allow switching wired mesh legacy mode on and off 2017-06-27 23:04:50 +02:00
Matthias Schiffer
a2711065c8
gluon-core: add VXLAN support for gluon_wired protocol 2017-06-27 23:04:50 +02:00
Matthias Schiffer
0d6f957196
gluon-core: introduce new gluon_wired netifd proto for wired meshing
The new proto will simplify the switch to VXLAN encapsulation.
2017-06-27 23:00:17 +02:00
Matthias Schiffer
8bcd0975af
gluon-core: add a "site seed" to site.conf to seed site-specific random values 2017-06-27 23:00:17 +02:00
Matthias Schiffer
08e667ba2e
gluon-client-bridge: add default next-node MAC address
The next-node MAC address doesn't need to be unique in different
communities, so we can as well add a default value.
2017-06-26 22:48:45 +02:00
Ruben Barkow
822cfecbf5 gluon-config-mode-autoupdater: autoupdater disabled message (#1137) 2017-06-23 14:55:38 +02:00
Ruben Barkow
b44373efaf gluon-web-*: remove unused Section variables (#1150) 2017-06-23 13:00:52 +02:00
Matthias Schiffer
acfc3cc1a2
gluon-core: upgrade/210-interface-wan: whitespace cleanup 2017-06-21 17:16:41 +02:00
Matthias Schiffer
0db63008cd
gluon-core: upgrade/220-interface-lan: whitespace cleanup 2017-06-21 02:56:23 +02:00
Ruben Barkow
f3d763f509 gluon-web: improve menu order in Advanced Settings (#1146) 2017-06-19 20:16:18 +02:00
Matthias Schiffer
9dae2ebbfd
gluon-mesh-vpn-fastd: respondd: adjust for new site.conf mesh VPN structure
Fixes #1130
2017-06-01 16:23:51 +02:00
Matthias Schiffer
1ed87c6df4
gluon-mesh-batman-adv: enable bridge learning on bat0 again
Reverts d5829d87be ("gluon-mesh-batman-adv-core: disable bridge port
learning on bat0").

Fixes #1121
2017-05-12 15:43:31 +02:00
Christof Schulze
5bf3c895d0 gluon-mesh-batman-adv: announce dns server if dns cache was configured (#1105) 2017-04-27 21:11:23 +02:00
Linus Lüssing
c519ec4596 gluon-core: reenable multicast snooping for wan zone
LEDE recently disabled multicast snooping by default:

https://git.lede-project.org/?p=project/netifd.git;a=commitdiff;h=52541140f8138e31958cdc3d7e42a4029fa6bbc9

Reenable it for Gluon as there have been no confirmed issues for
LEDE and no negative reports concerning Gluon v2016.2.x so far.

Closes #1025.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2017-04-13 22:31:47 +02:00
Linus Lüssing
66ead88dcb gluon-client-bridge: reenable multicast snooping for client zone
LEDE recently disabled multicast snooping by default:

https://git.lede-project.org/?p=project/netifd.git;a=commitdiff;h=52541140f8138e31958cdc3d7e42a4029fa6bbc9

Reenable it for Gluon as there have been no confirmed issues for
LEDE and no negative reports concerning Gluon v2016.2.x so far.

Closes #1025.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2017-04-13 22:31:31 +02:00
Matthias Schiffer
e45c30330d
gluon-mesh-batman-adv: refactor interface management
We now create bat0 and primary0 independently of the lower mesh interfaces,
making the whole setup a lot more robust. In particular:

- we can't accidentially destroy primary0 because of concurrent setup and
  teardown runs of different interfaces
- bat0 will always exist, even when no mesh interfaces are up (e.g. no link
  on wired mesh)
- interfaces going down and up again will never tear down the whole of
  batman-adv
- we can enable and disable bat0 independently of the lower interface
  states
2017-04-12 19:23:08 +02:00
Matthias Schiffer
4ca67dcca5
gluon-mesh-batman-adv-*: unify into a single source package
For simplicity, we don't use different MTUs for compat 14 and 15 anymore,
there's no harm in using 1532 for batman-adv-legacy as well.
2017-04-12 04:22:45 +02:00
Matthias Schiffer
a502295eaf
gluon-core: gluon_mesh: make transitive and fixed_mtu available as interface data, add post-setup.d
In addition, transitive and fixed_mtu now default to 0 instead of an empty string.
2017-04-12 03:44:45 +02:00
Matthias Schiffer
c4641d47fd
gluon-mesh-batman-adv-core: dont' call 'ip' to check if primary0 exists 2017-04-11 02:01:38 +02:00
Matthias Schiffer
02f2d8796c
gluon-core: don't call 'ip' to check if an interface exists 2017-04-11 02:01:21 +02:00
Matthias Schiffer
c4613c4e8d
gluon-core: gluon.util: pass UCI cursor to get_wlan_mac(), get rid of local UCI context 2017-04-11 01:48:11 +02:00
Matthias Schiffer
f48d10bdde
gluon-core: gluon.util: pass UCI cursor as argument to iterate_radios() instead of using local context 2017-04-11 01:48:11 +02:00
Julian Labus
901b122d83
gluon-web-wifi-config: use find_phy from gluon.util 2017-04-11 01:48:11 +02:00
Julian Labus
734d1925de
gluon-core: gluon.util: fix PHY detection for radios addressed by PCIe address 2017-04-11 01:48:10 +02:00
Matthias Schiffer
da22c5cf8e
gluon-core: gluon.util: change find_phy argument to config table and make public 2017-04-11 01:48:10 +02:00
Matthias Schiffer
6499658b52
gluon-mesh-batman-adv-core: don't print error message when no_rebroadcast is not supported
batman-adv 2017.0 doesn't need (or support) no_rebroadcast anymore. Don't
fail when the file doesn't exist.
2017-04-10 01:32:30 +02:00
kb-light
eefd2ef8db Add package gluon-ebtables-source-filter (#1015) 2017-04-09 18:18:51 +02:00
Julian
13c61d9394 gluon-core: fix pattern %v in opkg URLs (#1087) 2017-04-07 14:24:13 +02:00
Cyrus
6a0ca58fc3 gluon-core: Fixed bug which kept legacy VLAN interface definitions (#1085) 2017-04-03 20:48:42 +02:00
Cyrus
540d0ff0a3 gluon-mesh-vpn-core: Fixed conditions for migration code (#1080)
VPN daemons were always disabled
2017-03-26 10:26:33 +02:00
Cyrus Fox
aa17e3e86e
gluon-mesh-vpn-tunneldigger: ignore default config when checking for legacy configs 2017-03-23 12:51:41 +01:00
Matthias Schiffer
da19961188
gluon-web: javascript: don't use global RegExp.$x matches, fix "this" for parameterized validators
Doing so caused broken validations, as different validators were affecting
each other.
2017-03-10 22:25:00 +01:00
Matthias Schiffer
b016cf18b4
gluon-mesh-vpn-core: add code for migration of enabled state between fastd and tunneldigger
Based-on-patch-by: Cyrus Fox <cyrus@lambdacore.de>
2017-03-10 19:45:35 +01:00
Matthias Schiffer
a49ef70c53
gluon-config-mode-mesh-vpn: add tunneldigger support
Based-on-patch-by: Cyrus Fox <cyrus@lambdacore.de>
2017-03-10 19:45:34 +01:00
Cyrus Fox
ad7a36fdce
gluon-mesh-vpn-tunneldigger: add package for tunneldigger L2TP support 2017-03-10 19:45:34 +01:00
Matthias Schiffer
be88eba07f
Refactor common parts of gluon-mesh-vpn-fastd into a gluon-mesh-vpn-core package
The fastd_mesh_vpn site.conf section is renamed to mesh_vpn.fastd.
2017-03-10 19:45:34 +01:00
Matthias Schiffer
41a9f9b06c
gluon-mesh-batman-adv-core: fix ARP resolution of next-node IPv4 address
The ebtables rules were not adjusted when switching from macvlan to veth.
2017-03-08 22:52:25 +01:00
Matthias Schiffer
7222fc07d1
gluon-web-private-wifi: fix default value of "enabled" setting 2017-03-02 15:09:49 +01:00
Matthias Schiffer
8245e77218
gluon-status-page: fix browser compatiblity of language selection 2017-02-26 20:55:31 +01:00
Matthias Schiffer
959c8ae7f8
gluon-status-page: use unique filenames for dependencies, switch to SHA256 checksums 2017-02-26 19:46:33 +01:00
Christof Schulze
b7651ee96f gluon-core: limit fq_codel memory to 1MB per AP with less than 48MB RAM (#1046) 2017-02-24 19:43:32 +01:00
Christof Schulze
946d873c14 gluon-status-page-api: limit uhttp max_requests to 16 on devices with <48MB RAM (#1045) 2017-02-24 19:38:40 +01:00
Matthias Schiffer
28f42b24a8
gluon-setup-mode, gluon-status-page-api: remove references to rpcd
rpcd is not included in our images anymore since switching to gluon-web, so
we don't need to disable it anymore.
2017-02-24 00:44:03 +01:00
Jan-Tarek Butt
c9f62fc278
gluon-mesh-batman-adv-core: Move lua file into luasrc dir 2017-02-23 20:27:23 +01:00
Matthias Schiffer
b45585a109
Switch LAN and WAN port of Ubiquiti AirGateway
This makes the LAN port the PoE master, so the AirGateway can be used to
supply power to another node connected via mesh-on-LAN.

Fixes #608
2017-02-23 19:49:39 +01:00
Matthias Schiffer
f0b919e89c
gluon-client-bridge: add next-node IPv6 address as deprecated
We always want to prefer the unique node address for outgoing traffic. Note
that this doesn't have an effect with batman-adv, as usually br-client will
be the outgoing interface, so the unique address would be chosen anyways.
2017-02-23 17:58:44 +01:00
Christof Schulze
b994ad4fdc gluon-l3roamd: add package containing basic l3roamd configuration (#1042) 2017-02-23 15:49:32 +01:00
rubo77
da7f69142f
gluon-config-mode-mesh-vpn: add extra message if mesh-VPN was not selected
This was introduced in ffhh-packages at https://github.com/freifunkhamburg/ffhh-packages/tree/master/gluon-config-mode-reboot-ffhh
2017-02-22 19:28:25 +01:00
Matthias Schiffer
f458d788c8
gluon-config-mode-core: make welcome and reboot message optional
Make use of our new _translate() function.
2017-02-22 19:28:25 +01:00
Matthias Schiffer
1d7b4482b7
gluon-web: add renderer._translate()
_translate() will return nil when no match is found.
2017-02-22 19:28:22 +01:00
Matthias Schiffer
31d3f08f25
treewide: convert all LuCI-based packages to gluon-web 2017-02-22 01:31:25 +01:00
Matthias Schiffer
e4b74be506
gluon-web: add package
The gluon-web package is basically a stripped-down and refactored version
of the LuCI base.
2017-02-22 01:30:58 +01:00
Matthias Schiffer
a06541623e
gluon-luci-admin: remove redundant Compound 2017-02-21 20:55:08 +01:00
Matthias Schiffer
78d8645e19
gluon-luci-autoupdater: avoid use of CBI Maps
As convenient as the Map is, the underlying code is very complex and will
be removed.
2017-02-21 20:55:08 +01:00
Matthias Schiffer
b5a3b9115b
gluon-luci-admin: get rid of an unneeded model 2017-02-21 20:55:08 +01:00
Matthias Schiffer
90fa69d7dd
gluon-config-mode-core: remove bogus comments from pofiles 2017-02-21 20:55:08 +01:00
kb-light
558e98ae42 gluon-mesh-vpn-fastd: improve check_site 2017-02-21 11:19:44 +01:00
kb-light
c9563cdebd scripts: check_site_lib: introduce need_string_array_match() (#1016) 2017-02-21 09:45:33 +01:00
Andrey Perliev
26a0cbd1cc gluon-status-page: JS translations (#1044)
Add translation support to gluon-status-page, including English, German and Russian translations.
2017-02-21 09:40:09 +01:00
Matthias Schiffer
43f32e3c3b
gluon-autoupdater: fix incomplete comment in upgrade script
Fixes #1043
2017-02-16 08:46:41 +01:00
Christof Schulze
6a5a7a7131 gluon-mesh-vpn-fastd: do not depend on gluon-mesh-batman-adv (#1041)
In preparation for Babel support.
2017-02-13 21:00:54 +01:00
Matthias Schiffer
afdae86a5e
gluon-respondd: allow platforminfo_get_model() to return NULL 2017-02-12 06:04:22 +01:00
Christof Schulze
b38bd942b9 gluon-status-page-api: fix indentation of luasrc/lib/gluon/status-page/www/cgi-bin/interfaces 2017-02-11 23:31:28 +01:00
Christof Schulze
8b63ac792a gluon-statuspage-api: make lib/gluon/status-page/www/cgi-bin/interfaces mesh-protocol agnostic 2017-02-11 23:31:28 +01:00
Christof Schulze
b3e609dca9
gluon-radvd: improve coding style in initscript 2017-02-11 22:40:51 +01:00
Christof Schulze
25f1b64934
gluon-radvd: remove netdev from initscript
uradvd will tolerate devices appearing and disappearing during runtime.
2017-02-11 22:40:41 +01:00
Matthias Schiffer
184cb1010d
gluon-core: add single_as_lan option to configure a single ethernet port as LAN instead of WAN 2017-02-10 22:48:23 +01:00
Matthias Schiffer
e39cbcbda1
gluon-core: gluon.util: make exec() replace all stdio files with /dev/null 2017-02-10 22:09:59 +01:00
Matthias Schiffer
ea12cb770d
gluon-core: nicer indentation of /lib/gluon/upgrade/020-interfaces 2017-02-10 22:08:51 +01:00
Matthias Schiffer
e5cb125737
Move wifi24/5 and mesh_on_wan/lan site validators from gluon-mesh-batman-adv-core to gluon-core
These values have been in use in gluon-core for some time, the validators
need to be moved as well.
2017-02-10 21:19:34 +01:00
Matthias Schiffer
f238b01173
gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client
macvlan interfaces never directly exchange traffic with the underlying
interface, but only with other hosts behind the interface. In consequence,
router advertisements from the uradvd running on br-client could never
reach local-node, preventing it from getting an IPv6 address without RAs
from an external radvd. Fix this be replacing the macvlan interface with
a veth pair (with the peer interface in br-client).

As a side effect, this saves about 5KB of flash, as the veth module is
simpler than macvlan.
2017-02-10 10:21:38 +01:00
Matthias Schiffer
57f8b9bc6a
Switch back roles of br-client and local-node interfaces
When preparing the migration from macvlan to veth for local-node, MAC
address conflicts occurred as some ports of br-client had the same address
as local-node. Reverting the roles of both interfaces fixes this.

By default, br-client is left as an interface without addresses and
firewall rules that drop everything, so the bridge is used to connect its
ports only. gluon-mesh-batman-adv-core changes this to the usual set
of addresses and firewall rules.
2017-02-10 09:58:23 +01:00
Matthias Schiffer
b92dfcb966
Move creation of local-node device from gluon-mesh-batman-adv-core to gluon-client-bridge
Prepare reverting the roles of br-client and local-node to their state
before 8c4403ba11.
2017-02-10 09:42:16 +01:00
Matthias Schiffer
eb350aba34
gluon-client-bridge, gluon-mesh-batman-adv-core: nicer indentation of uci:section calls
Also simplify the local_node.peerdns setting.
2017-02-10 08:16:27 +01:00
Matthias Schiffer
f9a52fd54f
Move luci-base dependency from gluon-core to gluon-setup-mode
Nothing outside the config mode depends on luci-base anymore.
2017-02-10 02:10:02 +01:00
Matthias Schiffer
5f922cf3ef
gluon-status-page-api: upgrade: don't throw error messages without rpcd 2017-02-10 02:10:02 +01:00
Matthias Schiffer
efb8475f45
build: get rid of some redundant build dependencies 2017-02-10 02:10:01 +01:00
Matthias Schiffer
80de4a69e3
gluon-client-bridge: don't depend on luci.ip 2017-02-10 02:10:01 +01:00
Matthias Schiffer
e665bfe64a
gluon-core: don't depend on luci.ltn12 2017-02-10 02:10:01 +01:00