Commit Graph

1438 Commits

Author SHA1 Message Date
David Bauer
9720be5112 gluon-web-wifi-config: set state of OWE VAP 2020-04-01 01:15:38 +02:00
David Bauer
6692095f9d gluob-client-bridge: add support for OWE encryption 2020-04-01 01:15:38 +02:00
David Bauer
c7fa1927aa gluon-web-private-wifi: enable WPA3 configuration
This allows a user to enable WPA3-Personal and WPA2-WPA3-MM for the
private WiFi in case it is supported by the platform.
2020-03-25 02:05:18 +01:00
David Bauer
86b5104790 gluon-core: add WPA3 platorm helper
This adds a helper method, which determines if the current platform
supports WPA3 or not.

WPA3 is supported if
 - the device is not in the featureset category "tiny"
 - the WiFi driver supports 802.11w management frame protection
2020-03-25 02:05:18 +01:00
David Bauer
00e029500e features: add hostapd-mini by default
If WPA3 is not selected as a feature, autmatically include
hostapd-mini.
2020-03-25 02:05:18 +01:00
David Bauer
b057015455 gluon-wireless-encryption: add package
The gluon-wireless-encryption package selects a WPA3 supporting
hostapd package as a dependency and stores the information, which
encryption method is supported to the device.
2020-03-25 02:05:18 +01:00
Martin Weinelt
461d904086 Add gluon-mesh-wireless-sae package
This package adds support for SAE on 802.11s mesh connections.

Enabling this package will require all 802.11s mesh connections
to be encrypted using the SAE key agreement scheme. The security
of SAE relies upon the authentication through a shared secret.

In the context of public mesh networks a shared secret is an
obvious oxymoron. Still this functionality provides an improvement
over unencrypted mesh connections in that it protects against a
passive attacker who did not observe the key agreement. In addition
Management Frame Protection (802.11w) gets automatically enabled on
mesh interfaces to prevent protocol-level deauthentication attacks.

If `wifi.mesh.sae` is enabled a shared secret will automatically be
derived from the `prefix6` variable. This is as secure as it gets
for a public mesh network.

For *private* mesh networks `wifi.mesh.sae_passphrase` should be
set to your shared secret.

Fixes #1636
2020-03-23 17:06:43 +01:00
Matthias Schiffer
3bd67ab25f gluon-core: retrieve primary MAC address from board.json for Netgear DGN3500B 2020-03-14 16:26:08 +01:00
Matthias Schiffer
2e265e03c1
gluon-core: refactor primary MAC logic
Remove a lot of redundant code by switching to a match table listing
the targets and boards for each candidate for the primary MAC interface.

In addition, we add some flexiblity by allow to switch out the sysfs file
data source for the MAC address.
2020-03-12 18:52:23 +01:00
Matthias Schiffer
59d182fe54
gluon-core: gluon.platform: allow omitting target and subtarget
Allow wildcard matches on all subtargets of a target, or a full wildcard
always returning true when no arguments are passed.
2020-03-12 00:27:05 +01:00
Jan Alexander
5591d3e745 ipq40xx-generic: add support for EnGenius ENS620EXT 2020-03-09 02:15:50 +01:00
Ralf Jung
68d970e91b
gluon-mesh-vpn-tunneldigger: only search for exactly the tunneldigger binary in watchdog (#1953) 2020-03-08 13:42:25 +01:00
Steffen Förster
79ca7a7baa ramips-mt7620: add support for tp-link archer c20 v1 (#1866)
Specification:
- MediaTek MT7620A (580 Mhz)
- 64 MB of RAM
- 8 MB of FLASH
- 2T2R 2.4 GHz and 1T1R 5 GHz
- 5x 10/100 Mbps Ethernet
- 2x external, non-detachable antennas
- UART (J1) header on PCB (115200 8n1)
- 8x LED (GPIO-controlled*), 2x button, power input switch
- 1 x USB 2.0 port
2020-01-20 23:26:04 +01:00
Matthias Schiffer
d3d2204e1a
Merge pull request #1879 from freifunk-gluon/respondd-cleanup
gluon-mesh-* respondd cleanup (part 1?)
2020-01-17 21:50:32 +01:00
Dark4MD
fbb59cfd60 ramips-mt7620: add support for TP-Link Archer C20i 2020-01-10 02:37:54 +01:00
lemoer
74bdf79be0 gluon-neighbour-info: use default port 1001 and default dest ::1 2020-01-10 00:13:37 +01:00
Dark4MD
19e0f7959e ramips-mt7620: add support for TP-Link Archer C50 v1 2020-01-09 00:53:21 +01:00
Dark4MD
13f16ed737 ramips-mt7620: add support for TP-Link Archer C2 v1 2020-01-08 19:12:34 +01:00
Matthias Schiffer
8446772d07
gluon-site: add missing build depends on gluon-web/host 2019-12-23 12:02:37 +01:00
Jan-Tarek Butt
dd76e0898d
treewide: solve shellcheck warnings 2019-12-14 18:35:11 +01:00
lemoer
82082d8c62 gluon-status-page: add gateway_nexthop to statistics 2019-12-05 17:00:59 +01:00
Martin Weinelt
580b7357d5 Revert gluon-status-page gateway_nexthop changes
This reverts commits
- caf2dd037b.
- 07ebac6a49
- 55eff45f96

I accidentally pushed these commits as I had them lying around on a
dirty checkout I did testing on.
2019-12-01 16:22:34 +01:00
Martin Weinelt
a8beae5189 Merge remote-tracking branch 'lemoer/pr_status_page_gateway_nexthop' 2019-11-27 12:37:50 +01:00
Simon Terzenbach
04421f60ac ath79-generic: add support for devolo WiFi pro 1750x 2019-11-26 11:57:31 +01:00
Matthias Schiffer
ba42412527
Merge pull request #1877 from christf/respondd
gluon-mesh-babel: Fix packets leaving wrong interface
2019-11-24 13:16:19 +01:00
Christof Schulze
d5b08fe6c9 gluon-mesh-babel: depend on gluon-mmfd 2019-11-24 12:31:04 +01:00
Christof Schulze
2389679380 gluon-mesh-babel: use babel 1.9.0 feature to set pref-src on installed routes 2019-11-24 12:31:04 +01:00
Matthias Schiffer
ecc29e0b09
gluon-mesh-batman-adv: further cleanup of respondd provider
- Split into multiple files
- Avoid alloca()
2019-11-24 12:04:58 +01:00
Matthias Schiffer
0f1fa243f7
Move common code from gluon-mesh-babel and -batman-adv respondd providers to gluon-respondd
In addition this PR contains:
- split of gluon-respondd provider into multiple source files
- minor additional cleanups in gluon-mesh-babel respondd provider
  (untested, as the babel respondd provider already doesn't compile prior
  to these changes...)
2019-11-24 12:04:58 +01:00
Matthias Schiffer
f34b302b22
gluon-mesh-babel: remove explicit ubus socket specification, convert timeout to expected units 2019-11-24 12:04:58 +01:00
lemoer
55eff45f96 gluon-status-page: prettify nextnode when node is offline 2019-11-24 02:38:55 +01:00
lemoer
07ebac6a49 gluon-status-page: show gateway_nexthop and gateway in one table row 2019-11-24 02:12:47 +01:00
lemoer
caf2dd037b gluon-status-page: add gateway_nexthop to status page statistics 2019-11-24 01:19:17 +01:00
Matthias Schiffer
b4101e54e0
gluon-mesh-batman-adv: remove remaining deprecated sysfs usage
While we're at it, also slightly optimize proto_gluon_bat0_renew.
2019-11-24 01:10:59 +01:00
Matthias Schiffer
f715a58fdb
gluon-mesh-batman-adv: remove obsolete no_rebroadcast setting 2019-11-24 00:53:54 +01:00
Matthias Schiffer
abf46c5f42
gluon-mesh-babel: fix compilation of respondd provider
Adjust for changed libbabelhelper API.
2019-11-23 23:36:33 +01:00
Matthias Schiffer
4ee5f3590b
gluon-respondd: fix format string type mismatches 2019-11-23 18:56:44 +01:00
Matthias Schiffer
43b1368b70
gluon.mk: depend on luasrcdiet/host instead of luci-base/host
We don't use anything else from luci-base anymore.
2019-11-23 17:28:17 +01:00
Matthias Schiffer
23fd9cd0f9
gluon-web: import po2lmo tool from luci-base
The code is slightly cleaned up to fix compiler warnings.
2019-11-23 17:28:17 +01:00
David Bauer
3ca6abe7b1 ath79-generic: add support for OCEDO Raccoon (#1869) 2019-11-20 13:46:18 +01:00
bobcanthelpyou
4b962f24d1 treewide: update i18n files via i18n-scan.pl and msgmerge (#1784) 2019-11-09 01:25:33 +01:00
Matthias Schiffer
02c7503f74 gluon-mesh-batman-adv: remove MTU workaround for VLAN-on-WLAN
We don't support VLANs on 11s interfaces, so the workaround can be dropped
with the IBSS support.
2019-11-07 19:48:16 +01:00
Matthias Schiffer
066158a27b gluon-core: drop IBSS support 2019-11-07 19:48:16 +01:00
Matthias Schiffer
2fdb3080ce
gluon-web-wifi-config: drop IBSS enable setting 2019-11-06 22:03:51 +01:00
Misanthropos
b359ed1887 gluon-setup-mode: add DECT button to enter setup mode
many AVM devices do not have RESET/WPS buttons. So use the otherwise unused DECT/PHONE button to boot the device into setup mode.

This patch allows to enter the setup-mode by pressing the phone button
(often labeled as DECT) in addition to WPS and reset button.

This patch is necessary to allow supporting boards without a WPS and reset
button (e.g. AVM FRITZ!Box 7312).
2019-11-06 14:59:23 +01:00
Matthias Schiffer
a3a8d962fc
gluon-web-node-role: fix node role list
Fixes: 4249d65af7 ("treewide: fix luacheck warnings")
Closes: #1851
2019-11-05 20:05:16 +01:00
David Bauer
e3bdfeefa1 ipq806x: rename target to ipq806x-generic
This commit accounts for the target renaming which was done in upstream
commit 7407e723991 ("ipqx0xx: add Generic subtarget")
2019-11-04 17:22:46 +01:00
David Bauer
88e6bc5278 ipq40xx: rename target to ipq40xx-generic
This commit accounts for the target renaming which was done in upstream
commit 7407e723991 ("ipqx0xx: add Generic subtarget")
2019-11-04 17:22:46 +01:00
David Bauer
ab2efef7f9 mpc85xx-p1020: add support for OCEDO Panda (#1847) 2019-11-03 18:59:00 +01:00
David Bauer
dc8d5d3ca9 gluon-setup-mode: get status-led from device-tree
With this commit, the status-led is set to be the "led-running"
device-tree alias for targets which do not implement the get_status_led
method in /etc/diag.sh.
2019-10-30 00:06:14 +01:00
Matthias Schiffer
b262b72563 gluon-mesh-batman-adv: adjust to removal of batman-adv UCI config 2019-10-30 00:06:14 +01:00
David Bauer
75fa7e73db gluon-setup-mode: fix dropbear hostkey generation
Upstream commit 5eb7864a changed the method name for host-key
generation.
2019-10-30 00:06:14 +01:00
David Bauer
966f398782 modules: switch to OpenWrt 19.07 2019-10-30 00:06:14 +01:00
Marssl78
b823b80356 ar71xx-generic: add support for TP-Link Archer C60 v2 (#1840) 2019-10-06 22:11:02 +02:00
lemoer
21397ce678 gluon-status-page: add domain and site (#1820) 2019-09-30 02:00:17 +02:00
Christof Schulze
6d64057536 gluon-mesh-babel: neighbours-babel: adjust to libbabelhelper interface
specify command 'dump' for now until babeld supports filtering
2019-09-29 22:44:39 +02:00
Christof Schulze
33fb58bbf9 gluon-mesh-babel: getnumber() allocate sufficient memory including \0 byte
increase size of path by 1 to be able to fit the full path including trailing \0 byte into array
2019-09-29 22:44:39 +02:00
Matthias Schiffer
5b97d36c7e gluon-mesh-batman-adv: remove gluon-mesh-batman-adv-14 2019-09-25 21:57:52 +02:00
Tata
6742584e12 gluon-config-mode-geo-location: allow to set location independently from sharing it (#1537)
also properly delete location data when a user disables
the location option after re-entering config-mode.
2019-09-24 09:56:40 +02:00
Christof Schulze
6aee8e95e8 gluon-mmfd: add package (#1802) 2019-09-23 21:34:53 +02:00
Linus Lüssing
302a795189 Revert "gluon-mesh-batman-adv: reenable batman-adv multicast optimizations"
This reverts commit 9b1eb40fe7.

With the batman-adv v2019.2 upgrade reverted (c1a7733956), the batman-adv
multicast-to-multi-unicast feature is not available yet. Without that it is
going to be very unlikely of the batman-adv multicast optimizations to
take effect. E.g. some outdated nodes would disable it.

To avoid confusion and diversion with a few communities having it enabled
and most implicitly deactivated, just deactivate it for all for now
until batman-adv is updated to v2019.2 or greater again.
2019-09-21 23:28:12 +02:00
Christof Schulze
a3fd203e13 gluon-mesh-babel: add dependency: gluon-l3roamd
gluon-mesh-babel conigures babeld and thus the mesh. This mesh is only usable
with routes to the clients which are discovered by l3roamd.
2019-09-14 00:32:55 +02:00
Christof Schulze
d5a4f4fd8c gluon-mesh-babel: distribute routes to 2000::/3 2019-09-14 00:32:55 +02:00
Christof Schulze
59b7625e54 gluon-l3roamd: utilize node_client_prefix6 from site, add checks
* add check_site.lua to validate required field from site
* make use of node_client_prefix6 if defined in site
2019-09-14 00:32:55 +02:00
Matthias Schiffer
b2f5f71c43
gluon-web-wifi-config: fix incorrect UCI call
Fixes #1809

Fixes: bf55249159 ("gluon-core: add outdoor support for 5 ghz radios")
2019-09-06 20:37:37 +02:00
Christof Schulze
bd543db86b gluon-core: enhance mac_to_ip() beyond RFC 4291 (#1798)
mac_to_ip() calculates an ipv6 address from a mac address according to
RFC 4291. For wireguard we have to use specially crafted addresses that
must be unique. This allows calculating such unique mac-based addresses
by allowing to optionally specifying the bytes to be inserted into the
address.
2019-08-23 20:42:23 +02:00
Linus Lüssing
cb899874dc
gluon-mesh-batman-adv: allow installing mesh-batman-adv-14 and -15 at the same time
The new routing_algo site.conf value BATMAN_IV_LEGACY is introduced. With
these changes, the routing_algo setting becomes mandatory.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2019-08-22 20:09:10 +02:00
Linus Lüssing
f9e68be4e0
gluon-mesh-batman-adv: respondd: determine compat version from release version
We cannot add the same file (here: /lib/gluon/mesh-batman-adv/compat) to
two, installed packages. Therefore, instead of determining the compat
version number from this file, infer it from the batman-adv release
version number instead.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2019-08-22 20:09:10 +02:00
Matthias Schiffer
dcb18e6efe
features: include gluon-radvd by default
Fixes #1775
2019-08-21 19:34:12 +02:00
Chrissi^
dc8149abc4
gluon-mesh-vpn-core: Add dependency for KERNEL_NET_ACT_POLICE
This is a fix for the broken ingress traffic-shaping in gluon v2018.2.2
and possibly earlier.

For ingress traffic shaping the kernel option NET_ACT_POLICE is needed.
Before this patch there was no dependency to this. Neither in
gluon_core, gluon-mesh-vpn-core nor in the package.

This patch adds this dependency.

[Matthias Schiffer: move dependency from GLUON_CORE to gluon-mesh-vpn-core]

Fixes #1790
2019-08-21 18:37:53 +02:00
Martin Weinelt
eeb745d717 gluon-web-network: fix variable shadowing
package/gluon-web-network/luasrc/lib/gluon/config-mode/model/admin/network.lua:122:16: (W431) shadowing upvalue f on line 19

Fixes: bab4af01e ("gluon-web-network: improve PoE GPIO name translation
handling")
2019-08-13 17:49:02 +02:00
Simon Terzenbach
c124f6f410 mcp85xx-p1020: add support for Aerohive HiveAP 330 2019-08-13 13:25:20 +02:00
Simon Terzenbach
c37644e004
ar71xx-nand: add support for Aerohive HiveAP 121 2019-08-02 00:37:26 +02:00
Matthias Schiffer
bab4af01eb
gluon-web-network: improve PoE GPIO name translation handling
- Replace string concat for i18n key with an explicit list to make the code
  compatible with i18n-scan.pl
- Improve fallback string
2019-07-20 20:56:58 +02:00
Sven Eckelmann
2eb15bac0e gluon-authorized-keys: Force installation of gluon-lock-password
The gluon-authorized-keys is usually installed to use SSH keys to
authenticate a user against the device. To make this useful, it is also
required to disable passwordless SSH access to the device.

This new dependency is only required when the user doesn't have
gluon-setup-mode enabled already.

Fixes: #1777
Reported-by: yanosz <github@yanosz.net>
Fixes: a753fa79e3 ("gluon-authorized-keys: add keys from site.conf")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-07-02 12:34:55 +02:00
Jan-Tarek Butt
90baebc2b7 add gluon-hoodselector: Integrate geolocation mode
This MR includs only the VPN MODE of the hoodselector whitch simply set
hoods base on their geopositions.

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

check_site.lua: fix language syntax

muss -> must
rage -> range
at lease -> at least
coordiantes -> coordinates
realaise -> realised

gluon-hoodselector: fix language syntax in hoodselector

can not -> can't
routers -> router's
continure -> continue
to next -> to the next
TMP -> temporary
for current -> for the current
continure -> continue
with next -> with the next
thier -> there
provides -> provide
possition -> position
therfore -> therefore

gluon-hoodselector: fix language syntax in util.lua

realaise -> realised

gluon-hoodselector: fix language syntax and use autoupdate lock mechanism.

gluon-hoodselector: fix spelling/grammar

gluon-hoodselector: automatically set SECTION and CATEGORY for Gluon packages

gluon-hoodselector-add-VPN-MODE: add micrond & libjson-c dependency

gluon-hoodselector-add-VPN-MODE: check running hoodselector before loading lua

gluon-hoodselector-add-VPN-MODE: remove nixio dependency from hoodselector util

Revert "gluon-hoodselector-add-VPN-MODE: check running hoodselector before loading lua"

This reverts commit 535b0a1b2fb73e563bf6a44b568a796440bd307f.

add luaposix and luabitop to pakage dependency

sbin/hoodselector: remove nixio requiemend

sbin/hoodselector: load hoods only if necessary

gluon-hoodselector: use VPN abstraction layer. the hoodselectore does
not need to know about all individual VPN protocols.

gluon-hoodselector: Makefile add gluon-mesh-vpn-core as dependency

gluon-hoodselector: apply changes of mesh vpn lib

gluon-hoodselector: remove outdated comments

package/gluon-hoodselector: check_site.lua rm domain seed check thus its already checked by gluon-core

package/gluon-hoodselector: util.lua code cleanup and refactoring

package/gluon-hoodselector: hoodselector code cleanup and refactoring

gluon-hoodselector: util.lua, use taps instead of spaces. Use posix.unistd.access instead of io.open

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

gluon-hoodselector: hoodselector, use taps instead of spaces.

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

gluon-hoodselector: check_site.lua: replace hood with domain

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

gluon-hoodselector: drop VPN mode and rename hood to domain. Furthermore implement geolocator mode as neorayder way

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: rm duplicated print output

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector util: fix wrong function signature

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

small typo fixes

small typo fixes

Update util.lua

processes are really restarted now. new (old) problem: nodes will not forget their former ipv6-addresses. watchdog could here with that.

gluon-hoodselector util.lua: replace i iterator with _

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

Update util.lua

now polygons with holes are recognized correctly. also a mix of nested polygons and boxes should be possible as shapes[]

package/gluon-hoodselector: hoodselector use gluon-reload for daemon restarts/reloads

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: util.lua use math-polygon lib and rm restart_services function. Rectengles will be converted into polygons now

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: Makefile rewrite description update depends list

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: check_site.lua reduce complexity

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: use : for gluon_version Val

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: fix if equal syntax

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

luasrc/usr/lib/lua/hoodselector/util.lua: check_site.lua simplify checksite script and fix if logic

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: set space after comma, rm unnecessary error handling

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: use only brackes on require function no mixup

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: check_site.lua rm unuse variables and fix non std global function

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: util.lua rm unuse include

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: rm comment return nil in function get_geolocation()

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>

package/gluon-hoodselector: Makefile refactor pkg description

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
2019-06-29 02:43:01 +02:00
Martin Weinelt
10d05d268c
gluon-core: fix primary mac selection on tp-link archer c25 v1
Fixes #1771
2019-06-27 13:35:35 +02:00
Ruben Barkow
2bda2ea028 gluon-web-mesh-vpn-fastd: update comment after luacheck fixes (#1751)
Fixes: 4249d65af7 ("treewide: fix luacheck warnings")
2019-06-19 22:40:05 +02:00
Matthias Schiffer
a6a25c9431
Merge pull request #1724 from freifunk-gluon/pr/tc-mbits
gluon-config-mode-mesh-vpn: display tc limits in Mbit/s
2019-06-19 19:35:59 +02:00
Matthias Schiffer
a2ba3efe8b
Merge pull request #1743 from freifunk-gluon/mesh-vpn-fix-limits
gluon-mesh-vpn-core: move common VPN config to gluon UCI package
2019-06-19 19:34:28 +02:00
Matthias Schiffer
ecc8ebc8ed
treewide: move ebtables filter definitions from files to luasrc 2019-06-18 19:52:33 +02:00
Matthias Schiffer
95e7d41563
gluon-ebtables-source-filter: another luacheck fix 2019-06-17 20:12:47 +02:00
Martin Weinelt
cd9f1a0f0c gluon-core: fix and complete list of outdoor board names 2019-06-17 16:27:19 +02:00
Martin Weinelt
3d4fb37351
gluon-mesh-vpn-tunneldigger: move watchdog script into luasrc directory
This allows the script to be minified as well as being checked by
luacheck.
2019-06-17 00:48:08 +02:00
bobcanthelpyou
266e0aed38 gluon-mesh-vpn-tunneldigger: fix luacheck warnings 2019-06-17 00:41:20 +02:00
Matthias Schiffer
f67522bef3
Merge pull request #1748 from bobcanthelpyou/luacheck_warnings
treewide: fix luacheck warnings
2019-06-16 23:17:43 +02:00
bobcanthelpyou
f2305faea8 gluon-web-model: fix return value of resolve_depends() 2019-06-16 22:51:53 +02:00
bobcanthelpyou
4249d65af7 treewide: fix luacheck warnings 2019-06-16 22:51:53 +02:00
Matthias P. Walther
8e176354f8
gluon-mesh-vpn-tunneldigger add watchdog script
The logic is based on the previously used shell script implementation.

Co-Authored-By: Robin Weiligmann <admin@robwei.me>
2019-06-16 20:56:35 +02:00
Martin Weinelt
ada723a0df
gluon-config-mode-mesh-vpn: display tc limits in Mbit/s 2019-06-16 19:32:57 +02:00
Matthias Schiffer
fc7c8cb086
gluon-mesh-vpn-core: remove obsolete migration code
/etc/config/gluon-simple-tc was removed with Gluon 2016.1.
2019-06-16 18:40:10 +02:00
Matthias Schiffer
818c31afdd
gluon-mesh-vpn-core: move common VPN config to gluon UCI package
We now keep the VPN enable state, bandwidth limit enable and actual limits
in the core config to avoid having to recover "user intent" from different
config files when the used VPN packages change.

Fixes #1736
2019-06-16 18:40:10 +02:00
Matthias Schiffer
f6df3b0541
gluon-mesh-vpn-core: don't consider tunneldigger when fastd is installed
None of our scripts can handle fastd and tunneldigger running at the same
time. When both are installed, ignore tunneldigger.
2019-06-16 17:56:18 +02:00
Matthias Schiffer
80b6e7f18f
Merge pull request #1742 from bobcanthelpyou/luacheck_gluon-mesh-vpn-core
gluon-mesh-vpn-core: fix luacheck warnings
2019-06-16 17:39:24 +02:00
bobcanthelpyou
9f4c393295 gluon-mesh-vpn-core: fix luacheck warnings
./gluon-wan:25:1: (W122) setting read-only field ? of global arg
./gluon-wan:29:1: (W311) value assigned to variable ok is unused
2019-06-16 17:31:53 +02:00
Matthias Schiffer
da45bd5987
treewide: do not use Lua module() 2019-06-16 15:51:43 +02:00
Matthias Schiffer
3ec108aacc
gluon-web: fix Http:getcookie()
None of our code uses cookies, so this issue went unnoticed.
2019-06-16 14:55:23 +02:00
Matthias Schiffer
071cf7b20f
Switch to Lua for target definitions
The old bash-based parsing code was way too complex. Replace it with Lua.
2019-06-15 23:34:07 +02:00
Martin Weinelt
709c1b1b91 gluon-config-mode-outdoor: fix reference mess for real this time 2019-06-10 11:20:53 +02:00
Martin Weinelt
718696e11d gluon-config-mode-outdoor: fix default value readout 2019-06-09 21:54:52 +02:00
Matthias Schiffer
7be7064432
gluon-ebtables-filter-multicast: fix comment char in Lua code
It seems this mistake didn't cause an error because of Lua's support for
shebang lines.
2019-06-09 15:27:08 +02:00
Linus Lüssing
9b1eb40fe7 gluon-mesh-batman-adv: reenable batman-adv multicast optimizations
Several fixes and enhancements related to multicast were added upstream
in batman-adv. So let's give the batman-adv multicast optimizations
another go.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2019-06-07 15:16:40 +02:00
Christof Schulze
08a8815815 gluon-l3roamd: add missing uc dependency
uc is used in the initscript. It must be set as dependency
2019-05-25 15:43:25 +02:00
David Bauer
5f19706756 gluon-core: fix mesh radios not being created
This commit fixes a bug where on first setup, mesh interfaces won't be
created for 2.4GHz radios.
2019-05-21 13:42:22 +02:00
David Bauer
1aa4ffc514 gluon-config-mode gluon-core: fix incorrect gluon.platform reference
The is_outdoor function is placed inside the gluon.platform module, not
the platform_info module. Currently, the outdoor-mode wizard component
and the upgrade script fail due to nil-value calls.
2019-05-21 13:42:22 +02:00
Martin Weinelt
ad1a1906ab
gluon-core: fix reference to outdoors config site variable 2019-04-29 16:08:10 +02:00
Martin Weinelt
501c3b38bb add gluon-config-mode-outdoor package
adds a section to the wizard for outdoor capable devices
that informs the user of of the regulatory situation and
allows a quick toggle of the outdoor mode.
2019-04-28 18:19:43 +02:00
Martin Weinelt
e20d5b0a3e gluon-core: allow presetting the outdoor mode for new installations 2019-04-28 18:19:43 +02:00
Martin Weinelt
423aafbd29 gluon-core: improve channel and add chanlist validation 2019-04-28 18:17:40 +02:00
Martin Weinelt
bf55249159 gluon-core: add outdoor support for 5 ghz radios
Add the `wifi5.outdoor_chanlist` site configuration that
allows specifying an outdoor channel range that can be
switched to for regulatory compliance.

Upon enabling the outdoor option the device will
 - configure the `outdoor_chanlist` on all 5 GHz radios
 - which may enable DFS/TPC, based on the regulatory domain
 - disable ibss/mesh on the 5 GHz radio, as DFS *will*
   break mesh connections
 - allow for htmode reconfiguration on 5 GHz radios

The outdoor option can be toggled from
 - Advanced Settings
   - W-LAN
     - Outdoor Installation

The `preserve_channel` flag overrules the outdoor channel
selection.
2019-04-28 18:17:11 +02:00
Martin Weinelt
4f60f6dbc6 gluon-core: disable legacy_rates by default, drop support for supported and basic rates (#1716) 2019-04-28 16:47:29 +02:00
Matthias Schiffer
09916f6e35
gluon-mesh-batman-adv: drop packets from mesh with next-node source or destination address (#1714)
Fixes #1659
2019-04-28 14:56:09 +02:00
bobcanthelpyou
fe521db441 build: add site check for obsolete settings (#1702) 2019-04-28 14:38:08 +02:00
Tata
e81d1a390f Add mechanism to reload domain related services (#1710) 2019-04-23 17:34:49 +02:00
Matthias Schiffer
59a44274cb
gluon-respondd: do not join link-local multicast group on br-client
Fixes #1701
2019-04-21 19:31:32 +02:00
Matthias Schiffer
a5614a5019
gluon-neighbour-info: fix outgoing interface for non-link-local multicast addresses 2019-04-21 19:19:02 +02:00
Matthias Schiffer
e9e1e2d18a
gluon-neighbour-info: exit on unknown parameters 2019-04-21 19:19:02 +02:00
Matthias Schiffer
7dec8ebf87
gluon-neighbour-info: fix mixed tab/space indentation 2019-04-21 19:19:02 +02:00
Matthias Schiffer
fc5f93604e
gluon-neighbour-info: fix inet_pton() error message
inet_pton() doesn't set errno on regular parse errors, so using perror()
doesn't make sense (and we avoid a confusing "Success" message).
2019-04-21 19:19:02 +02:00
Linus Lüssing
8e04679be6 gluon-mesh-batman-adv: add batctl dependency to gluon-mesh-batman-adv-14
The batctl v2013.4 build was removed from the batman-adv-legacy package
as the current, upstream batctl releases work with batman-adv-legacy,
too.

As a replacement we need to add the upstream batctl dependency to
gluon-mesh-batman-adv-14 to have a batctl available again here.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2019-04-16 12:03:20 +02:00
bobcanthelpyou
149b55526f gluon.mk: fix reference to LuaSrcDiet binary 2019-04-14 11:21:31 +02:00
Tata
d4c066a0f8 gluon-config-mode-mesh-vpn: 0300-mesh-vpn.lua fix limit_ingress default value (#1682)
in case of default disabled simple-tc for tunneldigger

Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
2019-04-11 08:50:48 +02:00
Sven Eckelmann
e13a614420 gluon-status-page-mesh-batman-adv: Save if metrics chose neighbor as own best nexthop
The commit a080049735 ("gluon-status-page-mesh-batman-adv: Retrieve TQ of
neighbors with non-best direct link") removed the check whether a neighbor
has the BATADV_ATTR_FLAG_BEST set. But consumers may still want to filter
out or mark neighbors which don't have this flag set. To assist with such a
feature, enhance the neighbor object with an extra boolean "best" attribute
which stores whether the BATADV_ATTR_FLAG_BEST was found or not.

Reported-by: Vincent Wiemann <webmaster@codefetch.de>
2019-04-09 01:31:51 +02:00
Sven Eckelmann
cef21e584a gluon-mesh-batman-adv: Save if metrics chose neighbor as own best nexthop
The commit ee63ed42fe ("gluon-mesh-batman-adv: List neighbors with
non-best direct link") removed the check whether a neighbor has the
BATADV_ATTR_FLAG_BEST set. But consumers may still want to filter out or
mark neighbors which don't have this flag set. To assist with such a
feature, enhance the neighbor object with an extra boolean "best" attribute
which stores whether the BATADV_ATTR_FLAG_BEST was found or not.

Reported-by: Vincent Wiemann <webmaster@codefetch.de>
2019-04-09 01:31:51 +02:00
Sven Eckelmann
d0df47d943 gluon-status-page-mesh-batman-adv: Retrieve TQ of neighbors with non-best direct link
Links between two direct neighbors are not always the best route between
these devices. The flag BATADV_ATTR_FLAG_BEST would not be set for these
originator entries and the respondd module would just ignore this entry.

If these neighbors are not accepted and returned to the status page then
some of the neighbor entries will show a name, (acceptable) signal strength
and mac address but no TQ value.

Fixes: 28668c8c52 ("gluon-status-page: API")
2019-04-09 01:31:51 +02:00
Sven Eckelmann
ec72d30b8f gluon-mesh-batman-adv: List neighbors with non-best direct link
Links between two direct neighbors are not always the best route between
these devices. The flag BATADV_ATTR_FLAG_BEST would not be set for these
originator entries and the respondd module would just ignore this entry.

This causes missing links in meshviewer and similar tools. And when the
link quality is nearly equal and but fluctuates slightly, these links will
from time to time appear and disappear on the map.

Fixes: 2e0e24a992 ("announce neighbours using alfred/gluon-announce")
2019-04-09 01:31:51 +02:00
Manu.WTF
3b0e5fab71 ramips-mt7620: add support for Xiaomi MiWifi Mini (#1638) 2019-03-29 12:43:05 +01:00
David Bauer
a9a4abb637 ipq806x: add support for NETGEAR R7800 (#1669)
The device is broken until the next release. The LEDs are currently not
working (fixed in current OpenWRT master).

Also give a brief explanation about the BROKEN status being dependent on
the WiFi chip used and not the SoC family in general.
2019-03-28 14:49:17 +01:00
Matthias Schiffer
c208fc4fd9
gluon-site: add better error message for domain name conflicts
When two domains alias the same name (or one aliases another), display a
meaningful error message like:

    Failed to alias domain 'foo' as 'bar', name already taken by
    domain 'baz'.
2019-03-22 20:15:25 +01:00
bobcanthelpyou
3b55cbc1f3 gluon-web: fix typos 2019-03-18 21:49:54 +01:00
Sven Eckelmann
b850fff7e4 gluon-mesh-batman-adv: Only use local TT to count non-wifi clients (#1676)
The amount of local wifi clients is currently counted by two different
ways:

* asking the kernel wifi layer for the number of of clients on 2.4GHz and
  5GHz band
* asking batman-adv for the number of non-timed out entries in the local
  translation table with WiFi flag

The number of wifi24+wifi5 and the number of TT wifi client counts are
reported via respondd to various consumers. The ffrgb meshviewer is
displaying these values as:

* 2,4 GHz: wifi24
* 5 GHz: wifi5
* other: (TT local wifi+non-wifi clients) - (wifi24 + wifi5)

But the local translation table is holding entries much longer than the
wifi layer. It can therefore easily happen that a wifi client disappears in
the kernel wifi layer and batman-adv still has the entry stored in the
local TT.

The ffrgb meshviewer would then show this count in the category "other".
This often results in confusions because "other" is usually for ethernet
clients. And nodes with a frequently disappearing larger group of clients
(near bus stations or larger intersections) often show most clients under
the group "other" even when this devices doesn't have a LAN ethernet port.

It is better for presentation to calculate the number of total wifi clients
by summing up wifi24 + wifi5. And getting the number of total clients (non
wifi + wifi) by adding the result of the previous calculation to the sum of
non-wifi client in the local batman-adv translation table.

Fixes: 89a9d8138c ("gluon-mesh-batman-adv-core: Announce client count by frequency")
Reported-by: Pascal Wettin <p.wettin@gmx.de>
2019-03-16 13:37:49 +01:00
bobcanthelpyou
dcf5f192a0 gluon-web-node-role: Update i18n role translation (#1655) 2019-02-25 21:24:08 +01:00
David Bauer
f52bd99e71 gluon-mesh-batman-adv: use libnl-tiny to get IPv6 addresses (#1616) 2019-02-17 19:53:24 +01:00
bobcanthelpyou
5cdb6e86c7 package: update urls to https 2019-02-16 19:25:49 +01:00
David Bauer
c1b9ea2d9c gluon-scheduled-domain-switch: add package (#1555)
This package allows to automatically switch to another domain, either
at a given point in time or after the node was offline long enough.
2019-02-12 11:00:29 +01:00
David Bauer
387a9b4fe4 gluon-core: assert WiFi driver provides 4 MAC-addresses (#1626)
Gluon has multiple ways to obtain unique MAC-addresses. They are either
provided by the WiFi driver or derived from the primary MAC-address.

Quoting the same file:

> It's necessary that the first 45 bits of the MAC address don't
> vary on a single hardware interface, since some chips are using
> a hardware MAC filter. (e.g 'rt305x')

This currently fails in case the rt35xx based chips mac address differs
from the primary MAC. In this case, the MAC address for the client0 radio
(vif 1) comes from the WiFi driver. As there is only a single
MAC-address provided by '/sys/class/ieee80211/phyX/addresses' but the
MAC-address for mesh 0 (vif 2) is derived from the Node-ID, resulting in
different first 45 bits. The WiFi won't come up altogether in this case.

This commit verifies at least 4 MAC-Addresses are provided by the WiFi
driver. If this is not the case, all MAC-addresses are derived from the
primary MAC. This way, affected radios are working correctly.
2019-02-11 21:22:46 +01:00
Martin Weinelt
9153b38117 gluon-core: fix unifiac-{lite,pro} primary mac selection
fixes #1629
2019-01-25 01:50:53 +01:00
Martin Weinelt
c4d435c9c7 gluon-core: sort 010-primary-mac by target and board_name 2019-01-25 01:50:53 +01:00
Martin Weinelt
86148bdfc3 gluon-status-page: rebuild status-page.js after 02dfc66
The original commit only applied its changes to the source file and did
not rebuild the minified file, therefore the change never went live.
2019-01-17 23:25:31 +01:00
Matthias Schiffer
2aa324ecf7
gluon-config-mode-geo-location: fix source/i18n mismatch
The text was changed in the i18n files, but the corresponding change in the
Lua sources seemingly got lost during a rebase.

Closes #1611
2019-01-03 03:16:11 +01:00
David Bauer
888cddb662 gluon-core: distribute dualband radios (#1606)
This commit distributes dualband radios evenly on 2.4 GHz and 5GHz with
2.4 GHz being prioritised higher than 5 GHz. This means in case a device
has only a single radio and this radio supports operation in both bands,
it will be set to 2.4 GHz.

Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
2018-12-29 21:48:12 +01:00
Martin Weinelt
76f591995e gluon-client-bridge: set ra_holdoff interval to 30 seconds (#1597)
Allow odhcp6c to fork the script to handle router
advertisments in 30 seconds intervals. This is the value
that was previously used in Gluon v2018.1 / LEDE 17.01.

The default value is 3 seconds and while it is RFC compliant
it can put alot of pressure on even moderately sized devices.

Signed-off-by: Martin Weinelt <martin@darmstadt.freifunk.net>
2018-12-07 21:40:13 +01:00
Christof Schulze
8c058af89d gluon-mesh-babel: remove broken log-file option from config
log-file /dev/stderr is broken for babeld as it eats log messages for debug log.
This commit gets rid of the option. This allows -d N to be used as babeld command
line option.
2018-12-05 00:21:33 +01:00
Julian
68ee1db91e gluon-core: fix pattern %v in opkg URLs (#1594)
$VERSION_ID is a lowercase value
2018-12-02 16:59:06 +01:00
bobcanthelpyou
f3fa17d0f7 gluon-mesh-babel: Variable 'uret' is reassigned a value before the old one has been used. 2018-11-29 23:57:06 +01:00
bobcanthelpyou
62f06c1b16 gluon-mesh-babel: Unsigned variable 'total' can't be negative 2018-11-29 23:57:06 +01:00
bobcanthelpyou
083b7ef675 gluon-mesh-babel: 'buf' nulled but not freed upon failure 2018-11-29 23:57:06 +01:00
Martin Weinelt
bcf4d076e1 gluon-status-page: display position and link it with geo uri scheme (#1587)
Fixes: #659
Signed-off-by: Martin Weinelt <martin@darmstadt.freifunk.net>
2018-11-27 23:16:32 +01:00
Andreas Ziegler
1d2e36dab5 Revert "gluon-config-mode-geo-location: allow to store coordinates without sharing"
This reverts commit 104d7455fa.
in its current form it requires you to enter coordinates, which we don't want to enforce by default.
2018-11-27 02:07:04 +01:00
Andreas Ziegler
f5dc9601c3
Merge pull request #1577 from freifunk-ffm/wireguard-prep
Prepare existing babel stack for wireguard
2018-11-26 01:22:14 +01:00
Christof Schulze
62406509fc gluon-core: enable ECN 2018-11-26 01:20:31 +01:00
Christof Schulze
e5b238e04a gluon-mesh-babel: exit with error if unable to connect to babeld 2018-11-26 01:20:31 +01:00
Christof Schulze
89b7612fdb gluon-l3roamd: init: dynamically configure mesh interfaces gracefully during reload
This patch makes use of the new feature in l3roamd to gracefully
add, remove and list the mesh interfaces that are currently in use. This
helps when changing mesh interfaces often - a characteristic of the
wireguard protocol implementation as in the previous behavior all local
clients are dropped when adjusting mesh interfaces.
2018-11-26 01:20:31 +01:00
Jan-Tarek Butt
104d7455fa gluon-config-mode-geo-location: allow to store coordinates without sharing 2018-11-24 15:02:49 +01:00
Christof Schulze
171c293ebe gluon-core, gluon-mesh-babel: move lua functions that generate ll-addresses from a mac into gluon-core 2018-11-21 20:56:35 +01:00
Christof Schulze
c23e6e4b53 gluon-mesh-babel: babel-respond: stop relying on mac addresses and instead obtain ll-address from nic 2018-11-21 20:56:35 +01:00
Christof Schulze
bd96bd4024 gluon-mesh-babel: explicitly specify the use of the busybox netcat 2018-11-21 20:56:35 +01:00
Christof Schulze
b90d214da9 gluon-iptables-clamp-mss-to-pmtu: clamp mss on all mesh interfaces for all destinations to pmtu 2018-11-21 20:47:39 +01:00
Matthias Schiffer
eda3aa3333
gluon-mesh-vpn-core: add gluon-wan exec wrapper
gluon-wan is a sudo-like exec wrapper that switches the process group to
gluon-mesh-vpn, making it use the WAN dnsmasq rather than resolving over
the mesh.

Note that this only affects DNS at the moment. Processes running under
gluon-wan will still use the regular mesh IPv6 routing table, and not the
WAN routing table. This is not a problem for IPv4, as there is only one
IPv4 routing table.

Fixes #1575
2018-11-21 12:09:10 +01:00
Matthias Schiffer
6d4d4792d5
gluon-mesh-*: do not count wifi clients/neighbours inactive for more than 60s 2018-11-18 11:45:16 +01:00
Matthias Schiffer
f61d252361
gluon-mesh-batman-adv: respondd: do not count batadv clients inactive for more than 60s 2018-11-17 20:07:00 +01:00
Matthias Schiffer
af9c1f7e9f
gluon-mesh-babel: fix respondd provider build/install
Rename to respondd.c / respondd.so, gluon.mk expects these names. This way
we can remove the install code. The installed filename is changed to
gluon-mesh-babel.so, bringing it in line with out common naming scheme.
2018-11-17 19:45:18 +01:00
T-X
cb35b0d10a gluon-ebtables: build kernel with ebt_dnat and ebt_redirect (#1472)
The redirect and dnat target are needed for gluon-alt-esc-client to
forward frames to the selected, alternative gateways.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2018-11-16 21:33:59 +01:00
David Bauer
665cc49d67 ar71xx: add support for Archer C7 v5 2018-10-15 00:38:18 +02:00
Andreas Ziegler
849f72b0a6 gluon-status-page: don't cache index meta redirect 2018-10-11 03:23:29 +02:00
Andreas Ziegler
1628f2d49e gluon-config-mode-core: don't cache index meta redirect 2018-10-11 03:23:29 +02:00
David Bauer
246a617d71 ar71xx: add support for TL-WR902AC v1 (#1546)
This adds support for the TP-Link TL-WR902Ac v1 travel router.

The device is marked as broken due to 64MB which might be insufficient
in certain environments.
2018-10-11 03:21:51 +02:00
Matthias Schiffer
c584d81952
gluon-config-mode-hostname: fix site check for prefill
Do not require this setting in site.conf.
2018-09-29 14:09:28 +02:00
David Bauer
9de78e27b6 gluon-config-mode-hostname: add option to use default hostname (#1529)
Before 7827f89, mandatory hostname field in config mode was
pre-filled with the default hostname.

This commit adds the config_mode.hostname.prefill option for
controlling the default value.
2018-09-15 22:36:07 +02:00
Tata
1a690d2fd6 package/features: add gluon-ebtables-limit-arp to batman feature (#1516)
this activates the package by default when using the batman feature
while still allowing to explicitly remove it like this:

GLUON_SITE_PACKAGES := \
  -gluon-ebtables-limit-arp
2018-09-05 04:45:41 +02:00
Matthias Schiffer
a8d736ac7b
gluon-config-mode-geo-location-osm: add OSM-based location picker
gluon-config-mode-geo-location-osm extends the
gluon-config-mode-geo-location with a location picker based on
OpenStreetMaps.

Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de>
2018-09-01 11:35:39 +02:00
Matthias Schiffer
0d4188d40b
gluon-web-osm: base on OpenLayers 5, add model class
The new code is shorter and uses more readable variable names. It does not
depend on specifically named input fields anymore (allowing to use multiple
maps on the same page), and only uses well-defined interfaces to trigger
revalidation of input fields.

The Map model class allows to add OSM maps to gluon-web forms.
2018-09-01 11:35:33 +02:00
Matthias Schiffer
ba1df47dba
gluon-web-model: add custom events for form elements 2018-09-01 11:28:12 +02:00
Matthias Schiffer
a3a1d217f2
gluon-web-model, gluon-config-mode-theme: replace old gluon-map class, fix Form id 2018-09-01 11:28:12 +02:00
Matthias Schiffer
9a732f30dd
gluon-web-model: reorder Node arguments so Section:option() can just pass them through 2018-09-01 11:28:12 +02:00
Matthias Schiffer
653c132013
gluon-web-model: remove unused Section attribute "fields" 2018-09-01 11:28:12 +02:00
Matthias Schiffer
a2be178ce8
gluon-web: add view helper for JSON-encoded values
Can be used for inserting Lua values into inline JS code.
2018-09-01 11:28:12 +02:00
Matthias Schiffer
897ee73d14
gluon-mesh-batman-adv: respondd: remove incorrect field width limits
At least the ifindex and the flags fields can be larger than 0xff.

Fixes #1523
2018-09-01 11:12:22 +02:00
Matthias Schiffer
d3d6637c7f
Merge pull request #1517 from blocktrron/pr-memory-calculation 2018-08-25 01:55:01 +02:00
David Bauer
02dfc66438 gluon-status-page: update memory usage estimation
Let gluon-respondd expose "MemAvailable" from /proc/meminfo to allow for
a more realistic memory-usage estimation.

Information on MemAvailable can be found here:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
commit/?id=34e431b0ae398fc54ea69ff85ec700722c9da773
2018-08-25 00:57:44 +02:00
David Bauer
44c70ca4d6 gluon-respondd: expose MemAvailable 2018-08-25 00:57:44 +02:00
Tata
20d22f66dd gluon-mesh-vpn-core: add abstraction layer for VPN interface name (#1518) 2018-08-24 23:21:43 +02:00
Matthias Schiffer
6ebe2ccd1b
gluon-config-mode-geo-location: fix typo 2018-08-23 23:01:43 +02:00
Matthias Schiffer
a72cf0b86b
gluon-config-mode-geo-location: revise altitude label overrides
As already done with other config mode texts, the altitude field now has
default texts that are used when they are not set in the site i18n files.
The altitude-help text has been removed from site i18n; instead, the
geo-location-help text now overrides the whole section description
including the part that mentions the altitude.
2018-08-19 20:58:26 +02:00
Matthias Schiffer
b4346ff9e6
gluon-config-mode-geo-location: make altitude show behaviour match docs
Do not show by default, delete old altitude value when a form without
altitude shown is saved.

Fixes #1493
2018-08-19 20:20:31 +02:00
Ruben Barkow
2b16257896 gluon-web-mesh-vpn-fastd: clarify config of default crypto method (#1502) 2018-08-06 21:36:05 +02:00
Andreas Ziegler
78ed75ee28 Revert "gluon-core: make sure dns traffic leaves the correct interface when there is ipv6 wan uplink"
This reverts commit b3d7011130.

with this change, DNS in batman-adv based networks is broken.
although the revert breaks babel based networks, this is not as big of a problem.
2018-08-03 15:04:26 +02:00
Christof Schulze
a304814c80 gluon-l3roamd: set gc_thresh for ipv4 and ipv6 to obtain DELNEIGH messages 2018-08-02 00:58:51 +02:00
Christof Schulze
d17cef06a2 gluon-l3roamd: obtain uci cursor 2018-08-02 00:58:51 +02:00
Christof Schulze
b3d7011130 gluon-core: make sure dns traffic leaves the correct interface when there is ipv6 wan uplink 2018-08-02 00:58:51 +02:00
Christof Schulze
0f9ab5e306 gluon-mesh-babel: add new package 2018-08-02 00:58:51 +02:00
Christof Schulze
6241ba5435 gluon-iptables-clamp-mss-to-pmtu: add new package 2018-08-02 00:58:51 +02:00
Tata
cf9b6e34ff gluon-web-osm: add javascript static osm source (#1483)
Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
2018-07-29 16:07:39 +02:00
Felix Kaechele
d87c4b521b gluon-mesh-vpn: support ingress bandwidth shaping with tunneldigger (#1460)
Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2018-07-26 01:26:00 +02:00
Ruben Barkow
b9b61ed79c gluon-config-mode-theme: background grey of clicked buttons (#1492) 2018-07-25 22:36:48 +02:00
Ruben Barkow
ca2929a61f gluon-web-admin: add site-commit to info page (#1482) 2018-07-25 22:30:29 +02:00
Sven Eckelmann
b9ec173ffb ipq40xx: add support for OpenMesh A62
This device is a dual 5GHz device. It is recommended to manually change the
radio of the first device to the lower 5GHz channels and the second radio
to the upper 5GHz channels.
2018-07-25 22:27:16 +02:00
Sven Eckelmann
36a5604dfe ipq40xx: add support for OpenMesh A42 2018-07-25 22:27:16 +02:00
Sven Eckelmann
3ef28a4684 gluon-client-bridge: Revert "move IPv4 local subnet route to br-client (#1312)"
The commit b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route
to br-client (#1312)") moves the IPv4 prefix from the local-port interface
to br-client. A client requesting an IPv4 connection to the IPv4 anycast
address of the node (the device running gluon) will create following
packets:

1. ARP packet from client to get the MAC of the mac address of the anycast
   IPv4 address
2. ARP reply from node to client with the anycast MAC address for the IPv4
   anycast address
3. IPv4 packet from client which requires reply (for example ICMP echo
   request)
4. ARP request for the client MAC address for its IPv4 address in prefix4
   (done with the mac address of br-client and transmitted over br-client)
5. IPv4 packet from node (transmitted over br-client with br-client MAC
   address) as reply for the client IPv4 packet (for example ICMP echo
   reply)

The step 4 and 5 are problematic here because packets use the node specific
MAC addresses from br-client instead of the anycast MAC address. The client
will receive the ARP packet with the node specific MAC address and change
their own neighbor IP (translation) table. This will for example break the
access to the status page to the connected device or the anycast DNS
forwarder implementation when the client roams to a different node.

This reverts commit b3762fc61c and adds an
upgrade code to remove local_node_route on on existing installations.
2018-07-22 16:42:41 +02:00
Sven Eckelmann
fc59d5208d gluon-mesh-batman-adv: Drop IPv4 anycast related packets from/to bat0
The commit b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route
to br-client (#1312)") moves the IPv4 prefix from the local-port interface
to br-client. A client requesting an IPv4 connection to the IPv4 anycast
address of the node (the device running gluon) will create following
packets:

1. ARP packet from client to get the MAC of the mac address of the anycast
   IPv4 address
2. ARP reply from node to client with the anycast MAC address for the IPv4
   anycast address
3. IPv4 packet from client which requires reply (for example ICMP echo
   request)
4. ARP request for the client MAC address for its IPv4 address in prefix4
   (done with the mac address of br-client and transmitted over br-client)
5. IPv4 packet from node (transmitted over br-client with br-client MAC
   address) as reply for the client IPv4 packet (for example ICMP echo
   reply)

The step 4 is extremely problematic here. ARP replies with the anycast IPv4
address must not be submitted or received via bat0 - expecially not when it
contains an node specific MAC address as source. When it is still done then
the wrong MAC address is stored in the batadv DAT cache and ARP packet is
maybe even forwarded to clients. This latter is especially true for ARP
requests which are broadcast and will be flooded to the complete mesh.

Clients will see these ARP packets and change their own neighbor IP
(translation) table. They will then try to submit the packets for IPv4
anycast addresses to the complete wrong device in the mesh. This will for
example break the access to the status page to the connected device or the
anycast DNS forwarder implementation. Especially the latter causes extreme
latency when clients try to connect to server using a domain name or even
breaks the connection setup process completely. Both are caused by the
unanswered DNS requests which at first glance look like packet loss.

An node must therefore take care of:

* not transmitting ARP packets related to the anycast IPv4 address over
  bat0
* drop ARP packets related to the anycast IPv4 when they are received on
  bat0 from a still broken node
* don't accept ARP packets related to the anycast IPv4 replies on local
  node when it comes from bat0

Fixes: b3762fc61c ("gluon-client-bridge: move IPv4 local subnet route to br-client (#1312)")
2018-07-22 16:42:41 +02:00