Commit Graph

21 Commits

Author SHA1 Message Date
Maciej Krüger
583dc69961
gluon-l3roamd: add firewall rules 2022-07-07 13:52:25 +02:00
Matthias Schiffer
9712912904
gluon-l3roamd: remove obsolete migration code 2021-12-31 23:22:14 +01:00
Matthias Schiffer
f419db58a2 Set PKG_VERSION in gluon.mk
This removes PKG_VERSION and PKG_RELEASE from most Makefiles, as the
value was never useful for Gluon packages; instead, PKG_VERSION is set
to 1 in gluon.mk.

It also removes two other weird definitions:

- gluon-iptables-clamp-mss-to-pmtu replicating the old PKG_VERSION logic
  from gluon-core, but without the fixed PKG_BUILD_DIR to prevent
  unnessary rebuilds
- gluon-hoodselector set GLUON_VERSION=3
2021-10-07 23:42:38 +02:00
Matthias Schiffer
1ae7046958
treewide: clean up site checks for prefix[46] and extra_prefixes6
- Move site check for prefix4 and extra_prefixes6 to gluon-core, so the
  rules don't need to be duplicated in several packages. This also fixes
  gluon-respondd not checking extra_prefixes6 at all when
  gluon-ebtables-source-filter is not installed as well.
- A redundant check for prefix6 is removed from gluon-l3roamd (this was
  already checked by gluon-core)
- A separate check for prefix4 remains in gluon-client-bridge, as the
  setting in mandatory there
2021-09-04 21:17:29 +02:00
Matthias Schiffer
de5ebfa44c
gluon-core: run firewall upgrade script after basic network setup (#2091)
Reorder scripts so that the mesh_lan interface is accounted for.

Two other firewall upgrade scripts (mesh-babel and l3roamd) are
reordered as well. While there seems to be no hard dependency at the
moment, it makes sense to run the basic setup first, also to avoid
problems with future changes.

Closes: #2090
Fixes: ed094bc68c ("gluon-core: firewall: Allow custom gluon_wired interfaces (#2041)")
2020-08-14 21:02:55 +02:00
Christof Schulze
59b7625e54 gluon-l3roamd: utilize node_client_prefix6 from site, add checks
* add check_site.lua to validate required field from site
* make use of node_client_prefix6 if defined in site
2019-09-14 00:32:55 +02:00
Christof Schulze
08a8815815 gluon-l3roamd: add missing uc dependency
uc is used in the initscript. It must be set as dependency
2019-05-25 15:43:25 +02:00
Christof Schulze
89b7612fdb gluon-l3roamd: init: dynamically configure mesh interfaces gracefully during reload
This patch makes use of the new feature in l3roamd to gracefully
add, remove and list the mesh interfaces that are currently in use. This
helps when changing mesh interfaces often - a characteristic of the
wireguard protocol implementation as in the previous behavior all local
clients are dropped when adjusting mesh interfaces.
2018-11-26 01:20:31 +01:00
Christof Schulze
a304814c80 gluon-l3roamd: set gc_thresh for ipv4 and ipv6 to obtain DELNEIGH messages 2018-08-02 00:58:51 +02:00
Christof Schulze
d17cef06a2 gluon-l3roamd: obtain uci cursor 2018-08-02 00:58:51 +02:00
Matthias Schiffer
6304a317e4
gluon-l3roamd: fix interface checks in initscript
The local_node ifstatus must be checked for local-node, not client. While
we're at it, also clean up the syntax a bit.
2018-04-15 12:49:52 +02:00
Christof Schulze
b70d4ce20a
gluon-core, gluon-l3roamd: introduce script gluon-list-mesh-interfaces that lists all currently active mesh interfaces 2018-04-15 12:41:01 +02:00
Matthias Schiffer
994c94918a
treewide: automatically set SECTION and CATEGORY for Gluon packages 2018-04-14 00:01:04 +02:00
Matthias Schiffer
60522ee253
treewide: move package Makefile boilerplate to gluon.mk 2018-03-08 19:49:41 +01:00
Matthias Schiffer
934221b86f
treewide: remove redundant definitions from package Makefiles 2018-03-07 21:23:41 +01:00
Christof Schulze
f94a410738 gluon-l3roamd: let l3roam0 interface and routes be set up by l3roamd 2018-02-15 23:54:06 +01:00
Christof Schulze
e724fec260 gluon-l3roamd: adjust l3roamd startup parameters
* use local socket
* use main routing table,
* pass client-bridge
2018-02-15 23:54:06 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
 * gluon-core: put clients in local_client zone, introduce drop-zone,
   set dns-rules and zones
 * gluon-respondd: allow respondd on mesh
 * gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
ee6afaced9
treewide: use new gluon.site Lua library
Some files have received some additional refactoring.
2017-08-11 22:07:34 +02:00
Matthias Schiffer
3fd4ee99c3
gluon-l3roamd: fix incorrect dependency
gluon-mesh-babel is not merged yet, and once it is, this would lead to a
circular dependency.
2017-07-09 13:12:58 +02:00
Christof Schulze
b994ad4fdc gluon-l3roamd: add package containing basic l3roamd configuration (#1042) 2017-02-23 15:49:32 +01:00