This patch adds a new gluon-ebtables package to filter IGMP/MLD messages
via ebtables.
For one thing this reduces multicast overhead: About one third of all
ICMPv6 multicast traffic in Lübeck or Hamburg is MLD.
Furthermore it removes a potential Distributed Denial-of-Service vector
(see Gluon ticket #553).
Finally, it is a prerequisite for enabling bridge multicast snooping in
a decentral and robust fashion.
Note that IGMP/MLD are filtered for multicast traffic coming from
the mesh, too (new MULTICAST_IN), as unfortunately there seem to
be other queriers somewhere in the mesh at least for Freifunk
Lübeck. Also adding these rules to be prepared to anyone intentionally
or unintentionally disabling these filters on his/her node.
Node operators not running Gluon (for instance gateway nodes) should
make sure to either enable multicast_router towards bat0 or disable
multicast snooping entirely if they have a bridge on top of bat0.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Device information can be found at:
http://www.8devices.com/products/carambola-2https://wiki.openwrt.org/toh/8devices/carambola2
I only did some minimal testing of gluon on the carambola 2 development
board:
- Config mode works
- Connects to Wifi Mesh
- Allows clients to connect
Notably, autoupgrade has not yet been tested.
Change to 010-primary-mac is necessary as the mac address printed
on the sticker is the one of eth0, not the wifi mac.
OpenWRT now supports the CISCO Meraki enterprise class routers
MR12, MR16, MR62 and MR66. The fabric firmware demands the yearly
renewal of a support license.
This firmware was successfully tested by @Garunda for the MR62 (and
the MR12 with it for which this is an alias). The initial firmware
pre OpenWRT adoption was prepared and adapted for Gluon by @tcatm.
The confirmation of the functionality of the image for the MR66
(and the aliased MR16 with it) is still pending.
The devices are of strategic interest to the Freifunk community as
they are making a rock-solid impression. However, these come with
fairly hefty annual license. The Freifunk may offer an escape route
for those who had signed up and want to keep their investment into the
similarly expensive hardware. Used evices sell for $60 on eBay/Amazon
in the US. Here in the old world it is all >300 €, still.
Credits go to @Garunda for testing, to @tcatm for finding the
OpenWRT patch prior to its adoption and preparing the initial Gluon
adaptation, to @smoe for the update once that patch had arrived in
OpenWRT, and to @NeoRaider for his review and advice to use
GluonModelAlias for MR62 and MR66 to point to MR12 and MR16,
respectively.
The Hornet UB is sold at least in the varieties. Without case it is a Hornet UB, with case and without connected USB port it is called AP121. If the USB port is present this device is called AP121U.
We have a AP121U in our mesh http://meshviewer.chemnitz.freifunk.net/#!v:m;n:00c0ca6efffa
This new feature introduces the new uci section 'gluon-core.wireless' with a preserve_channels option:
* preserve_channels (boolean)
By setting this option to 1 (true) wifi channels will be preserved during upgrades.
Also
* create list of newly supported devices since v2015.1.2 in the v2015.2 release notes
* update information on docs/user/x86
* fix a comment in targets/ar71xx-generic/profiles.mk
This commit basically does two things: it urges users always to use an own
git repository to manage the site configuration, and it removed all
mentions of "communities" from the "Getting started" page, as it was too
Freifunk-specific.
Other documentation pages (especially the site configuration docs) should
probably be adjusted as well.
The Freifunk Münsterland firmware was formerly known as Freifunk Münster firmware - while the URL hasn't changed. In future, there will probably be subdomains with their own files, but for now this is state of the project.
I guess this is some copy and paste mistake which makes the example an
invalid site.conf. In my case merging the changes of the example into
our actual site.conf lead to an error because this line was merged to.
gluon-radio-config contained only a single file. The code has been adjusted
to allow creating a Gluon configuration without WLAN support by removing
the wifi24 and wifi5 sections from site.conf.
When rebooting the node in config mode, currently the fastd key is
forcefully displayed in a fixed format. This is confusing in communities
where fastd accepts all keys and no key submission is needed.
Furthermore, some communities might want to personalize the display of
the key (see #387).
This patch moves the displaying <div> from the package's lua file to the
translation files of the sample site configuration and mentiones the
change in the release notes.
Split basic radio configuration from gluon-mesh-batman-adv as this will
be required for virtually any wireless mesh protocol.
This package takes care of setting:
- wireless channel,
- htmode and
- regulatory domain
gluon-mesh-batman-adv-core depends on this package.
This is a site.conf-breaking change in regard to the wireless config.
Make sure to read http://gluon.readthedocs.org/en/latest/user/site.html
and update your site.conf accordingly!
Support for 802.11s mesh interfaces has been added. Gluon now supports
three interface types: ap, ibss and mesh. All of them are now optional
and may be configured independently in site.conf.
A sample site.conf may look like this:
wifi24 = {
channel = 1,
htmode = 'HT40+',
ap = {
ssid = 'luebeck.freifunk.net',
},
ibss = {
ssid = '02:d1:11:37:fc:38',
bssid = '02:d1:11:37:fc:38',
mcast_rate = 12000,
},
mesh = {
id = 'ffhl-mesh',
mcast_rate = 12000,
},
},
The file targets/$GLUON_TARGET/config becomes optional, as many targets
only used it to set the board and subtarget.
Also fix targets without subtarget.
This adds mesh_on_lan functionality.
A new optional site.conf option, mesh_on_lan, has been added. If set to
'true', all LAN ports will be used for meshing instead of being part of
the client bridge.
With a backported patch from the OpenWrt trunk, it is now easy to generate an
equivalent configuration using CONFIG_ALL_KMODS.
The build will take a bit longer because all kernel module packages are actually
built even when they are not included in the image, but adding new targets
becomes a lot easier.
Also, related documentation updates and fixes.