Matthias Schiffer
3203970969
gluon-web: clean up parser
2018-02-22 21:13:24 +01:00
Matthias Schiffer
5a20f9794c
gluon-web: clean up buffer handling
2018-02-22 21:13:24 +01:00
Matthias Schiffer
624d969c52
gluon-web: compile with -std=c99 -Wall -Wextra
...
Also fix all warnings.
2018-02-22 21:13:23 +01:00
Matthias Schiffer
56a10e03b3
gluon-web: update copyright
2018-02-22 21:13:23 +01:00
Matthias Schiffer
7e5f0fe1d5
gluon-web: clean up opening files
...
Open with O_CLOEXEC, use fstat() instead of stat().
2018-02-22 21:13:23 +01:00
Matthias Schiffer
94f22e50e6
gluon-web: clean up malloc() calls
2018-02-22 21:13:23 +01:00
Matthias Schiffer
f957593f26
gluon-web: template_lmo: clean up sfh_hash()
2018-02-22 21:13:23 +01:00
Matthias Schiffer
9e8a6ec2b5
gluon-web: remove lmo_canon_hash()
...
Our strings can be looked up verbatim.
2018-02-22 13:58:20 +01:00
Matthias Schiffer
b5817f5523
gluon-web: replace custom strfind() function with memmem()
2018-02-22 13:37:57 +01:00
Matthias Schiffer
0ff4761a57
gluon-web: remove unnecessary template_lualib.h
2018-02-22 13:34:32 +01:00
Matthias Schiffer
91ae553c93
gluon-web-node-role: don't mention "Freifunk" in the labels
2018-02-22 03:27:29 +01:00
Christof Schulze
9711afaf69
gluon-core: allow multiple domain names for next_node-feature
...
* change type of next_node.name
* create domain entry for each entry and add to dnsmasq configuration
[Matthias Schiffer: reword documentation]
2018-02-16 15:15:31 +01:00
T-X
b3762fc61c
gluon-client-bridge: move IPv4 local subnet route to br-client ( #1312 )
...
This patch moves the prefix4 subnet route from the local-node veth
device to br-client (while keeping the next node ipv4 address on the
local node device).
This is in preparation to allow routing over the br-client interface
later.
2018-02-16 00:00:12 +01:00
Christof Schulze
f94a410738
gluon-l3roamd: let l3roam0 interface and routes be set up by l3roamd
2018-02-15 23:54:06 +01:00
Christof Schulze
e724fec260
gluon-l3roamd: adjust l3roamd startup parameters
...
* use local socket
* use main routing table,
* pass client-bridge
2018-02-15 23:54:06 +01:00
Linus Lüssing
84a6f65f02
gluon-ebtables-limit-arp: a package for ARP rate-limiting
...
This package adds filters to limit the amount of ARP Requests
devices are allowed to send into the mesh. The limits are 6 packets
per minute per client device, by MAC address, and 1 per second per
node in total.
A burst of up to 50 ARP Requests is allowed until the rate-limiting
takes effect (see --limit-burst in the ebtables manpage).
Furthermore, ARP Requests with a target IP already present in the
batman-adv DAT Cache are excluded from the rate-limiting,
both regarding counting and filtering, as batman-adv will respond
locally with no burden for the mesh. Therefore, this limiter
should not affect popular target IPs, like gateways.
However it should mitigate the problem of curious people or
smart devices scanning the whole IP range. Which could create
a significant amount of overhead for all participants so far.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2018-02-15 23:21:11 +01:00
kb-light
b98956e47e
gluon-config-mode-domain-select: new package
...
[Matthias Schiffer: slightly clean up code]
2018-02-15 20:57:53 +01:00
Matthias Schiffer
0dd03597a6
gluon-config-mode-core: allow returning functions from wizard modules
...
Allow returning functions in addition to the names of UCI packages to
commit. Functions are run after all packages have been committed.
2018-02-15 20:57:53 +01:00
Matthias Schiffer
345a5de861
gluon-core: add newline to the end of sysconfig files
...
Both gluon.sysconfig and libgluonutil already remove the trailing newline
if it exists. It's nicer to avoid files without a trailing newline, e.g.
for printing the file contents in a terminal.
2018-02-15 20:57:53 +01:00
Martin Weinelt
427c83754b
gluon-core: 200-wireless: upgrade 11ac radios to VHT20 ( #1328 )
...
Patch originally authored by @oleeander.
Fixes #424
2018-02-15 20:29:19 +01:00
Matthias Schiffer
d61f6a1e85
gluon-core: rename iterate_radios() to foreach_radio(), pass whole radio section
...
Allows to remove some redundant UCI lookups.
2018-02-15 14:04:37 +01:00
Karsten
f69fbf7d05
gluon-core: don't disable legacy mesh on mesh_lan on reconfigure ( #1323 )
...
Fixes #1322
2018-02-07 07:33:25 +01:00
Martin Weinelt
42763d21dc
gluon-mesh-vpn-core: add public key to nodeinfo response
...
This is currently only implemented in the gluon-mesh-vpn-fastd
package.
Advertising the public key may be deemed problematic when
your threat-model involves protecting the nodes privacy
from tunnel traffic correlation by onlink observers.
It can be enabled by setting site.mesh_vpn.fastd.pubkey_privacy
to `false`.
2018-02-04 20:47:53 +01:00
Matthias Schiffer
623faf794a
gluon-web: fix access to undefined in checkvalue()
...
Fixes: cfe1bba8
"gluon-web: fix radio button view of ListValues"
2018-02-04 18:57:27 +01:00
Matthias Schiffer
9ece0daa76
gluon-web: ListValue: convert keys to strings before adding to key list
...
Fixes validation of ListValues.
Fixes: ec532b95
"gluon-web: extend ListValue with optional and unset
values"
2018-02-04 18:57:27 +01:00
Matthias Schiffer
c479d9160d
gluon-core: don't request a prefix via DHCPv6 on WAN
...
The prefix is not used, and requesting it leads to odhcp6c log spam with
certain DHCPv6 servers.
2018-02-03 03:02:56 +01:00
Matthias Schiffer
09c2e60cd4
gluon-core: upgrade/110-network: fix formatting
2018-02-03 03:02:20 +01:00
Matthias Schiffer
ec532b95cf
gluon-web: extend ListValue with optional and unset values
...
If a value is unset or optional, an empty choice is added to the selection.
This empty choice will be marked as invalid if the value is not optional.
This is properly supported for the 'select' widget only for now, and not
for 'radio'.
2018-01-31 17:08:21 +01:00
Matthias Schiffer
cfe1bba8ae
gluon-web: fix radio button view of ListValues
...
Pretty much everything about this was broken:
* Fix dependency tracking
* Fix vertical orientation
* Fix paddings
* Add theming
2018-01-31 15:47:45 +01:00
Matthias Schiffer
dbfd22d651
gluon-web: simplify DynamicList data attributes, respect size option
2018-01-30 23:55:08 +01:00
Matthias Schiffer
bc75ce5c86
gluon-site: remove dependency of GLUON_MULTIDOMAIN on gluon-site
...
Solves a recursive dependency problem.
While we're at it, also fix the description string.
2018-01-28 11:24:42 +01:00
Matthias Schiffer
6ae067cb37
gluon-core: add domain aliases and pretty name
...
Based-on-patch-by: lemoer <git@irrelefant.net>
2018-01-26 12:32:47 +01:00
lemoer
2ef0af5fe8
gluon-respondd: add system.domain_code to respondd provider "nodeinfo"
...
[Matthias Schiffer: rebase]
2018-01-26 12:32:47 +01:00
lemoer
146787fa5c
libgluonutil: merge domain and site configs
...
[Matthias Schiffer: rebase and simplify]
2018-01-26 12:32:47 +01:00
Matthias Schiffer
a2f45d0d32
gluon-core: store default domain in UCI
2018-01-26 12:32:46 +01:00
Matthias Schiffer
24a085a542
gluon-site: add default domain and check for it
...
This does not do anything yet, as this_domain() is not implemented yet.
Based-on-patch-by: lemoer <git@irrelefant.net>
2018-01-26 12:32:46 +01:00
Matthias Schiffer
07dbfea617
gluon-site: disable multidomain support by default
2018-01-26 12:32:46 +01:00
Jan-Philipp Litza
cf329daaf0
Add package gluon-radv-filterd
...
This package drops all incoming router advertisements except for the
default router with the best metric according to B.A.T.M.A.N. advanced.
Note that advertisements originating from the node itself (for example
via gluon-radvd) are not affected.
2018-01-25 23:02:49 +01:00
Matthias Schiffer
7ae8a51126
gluon-core: allow zero VXLAN UDP checksum on RX
...
Also disabling TX checksums and not only allowing incoming packets without
checksum will provide another small speedup. As doing so would break wired
meshing with VXLAN-enabled nodes that require non-zero checksums, we will
wait a few days before this step.
2018-01-24 22:41:29 +01:00
Matthias Schiffer
e54b37d835
gluon-core: firewall: move VXLAN rules to the top
...
Evaluating these rules before all the ICMPv6 rules improves wired mesh
throughput measurably.
2018-01-24 22:41:29 +01:00
Matthias Schiffer
2950cc3f59
gluon-core: only use a bridge for wired meshing when necessary
...
On most devices, there is only a single LAN interface connected to all LAN
ports, so no bridge is necessary.
2018-01-24 22:16:09 +01:00
Matthias Schiffer
c84820cb08
package/gluon.mk: add to PKG_FILE_DEPENDS
...
Ensure packages get rebuilt when gluon.mk changes.
2018-01-19 13:22:26 +01:00
Matthias Schiffer
775028475b
check_site: move site loading logic to check_site_lib (which is renamed to check_site.lua)
2018-01-19 12:33:52 +01:00
Matthias Schiffer
7ccdacd294
treewide: rework check_site_lib.lua
...
In addition to significant internal differences in check_site_lib.lua (in
particular unifying error handling to a single place for the upcoming
multi-domain support), this changes the way fields are addressed in site
check scripts: rather than providing a string like 'next_node.ip6', the
path is passed as an array {'next_node', 'ip6'}.
Other changes in site check scripts:
* need_array and need_table now pass the full path to the sub fields to the
subcheck instead of the key and value
* Any check referring to a field inside a table implies that all higher
levels must be tables if they exist: a check for {'next_node', 'ip6'} adds
an implicit (optional) check for {'next_node'}, which allows to remove many
explicit checks for such tables
2018-01-19 10:12:43 +01:00
Matthias Schiffer
414dfa8155
libgluonutil: simplify CMakeLists.txt
...
libgluonutil is not usable outside the OpenWrt/LEDE environment anyways, so
it doesn't make much sense to make the CMakeLists.txt overly generic.
2018-01-19 06:23:29 +01:00
Matthias Schiffer
020afc856f
gluon-site: install domain configs
...
The domain configs are not checked yet, and not used for anything.
Based-on-patch-by: lemoer <git@irrelefant.net>
2018-01-19 05:44:25 +01:00
lemoer
50812b162c
treewide: forbid use of selected site variables in domain specific or site configs
...
[Matthias schiffer: rebase, add a few more restrictions]
2018-01-19 04:05:27 +01:00
lemoer
b520bf5c50
gluon-core: rename site_seed to domain_seed
...
[Matthias Schiffer: rebase]
2018-01-19 03:30:06 +01:00
Matthias Schiffer
1dd9845db1
package/gluon.mk: use nicer escaping in GluonCheckSite
2018-01-19 01:38:56 +01:00
lemoer
adcd5b7311
gluon-core: add gluon-reconfigure script
...
Not useful by itself except for testing; will be used for multi-domain
support.
[Matthias Schiffer: rename script, use for initial configuration]
2018-01-19 01:10:39 +01:00
lemoer
0f5d932c4f
gluon-core: add util gluon-show-site to print merged site config
...
This should not convert JSON to a Lua table and back, as this loses the
distinction between arrays and objects, but as our site.conf is defined in
Lua anyways (for now), this can be fixed in a later revision.
[Matthias Schiffer: rename to gluon-show-site, rebase]
2018-01-19 01:07:44 +01:00
lemoer
5817170821
gluon-core: introduce "gluon" uci package
...
[Matthias Schiffer: change section name and commit message]
2018-01-19 00:41:25 +01:00
Matthias Schiffer
0b80f1b5ce
gluon-core: reimplement gluon.site module in C
...
By basing the Lua gluon.site module on gluonutil_load_site_config(), the
config load implementation needs to changed only in a single place for
multi-domain support.
2018-01-18 16:29:00 +01:00
Matthias Schiffer
6cf88c3b03
Replace luci-lib-jsonc with our own lua-jsonc
2018-01-18 16:28:59 +01:00
Matthias Schiffer
12103d9638
gluon-web: remove useless serialize_json alias
2018-01-18 07:49:00 +01:00
Matthias Schiffer
01336f70ec
gluon-core: firewall: make the default input policy REJECT
...
Fixes #1311
2018-01-17 09:51:10 +01:00
Matthias Schiffer
a32fddf38c
gluon-core: firewall: accept inbound VXLAN traffic on wired mesh interfaces
...
Fixes #1308
2018-01-17 09:51:10 +01:00
Matthias Schiffer
454555a030
gluon-alfred: firewall: allow alfred server announces from mesh
2018-01-17 08:06:42 +01:00
Matthias Schiffer
18feb29b29
gluon-autoupdater: don't reference old autoupdater util library
...
Fixes #1310
2018-01-17 01:06:15 +01:00
David Bauer
99b02701cc
ar71xx: add support for TP-Link Archer C58/C59/C60 ( #1281 )
2018-01-16 18:51:12 +01:00
Matthias Schiffer
18b9174d03
Use 'disabled' attribute instead of 'auto' to disable wired mesh interfaces
...
The 'auto' attribute still allows enabling the interface using ifup, which
is not intended when wired mesh is disabled.
2018-01-11 23:06:36 +01:00
Linus Lüssing
4911da56e1
gluon-ebtables: Enable concurrent ebtables updates
...
This enables the ebtables internal locking mechanism which
will avoid race conditions between multiple, concurrent
ebtables calls.
This is a preparation for the upcoming gluon-arp-limiter
daemon, to avoid issues if upon restarting gluon-ebtables
the gluon-arp-limiter daemon tries to modify the tables.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2018-01-03 19:58:53 +01:00
David Bauer
9273e56c63
ar71xx: add support for TP-Link Archer C7 v4 ( #1289 )
2018-01-03 16:50:23 +01:00
Christof Schulze
bc2fb8cc69
gluon-respondd: firewall should allow access for devices in zone local_client ( #1291 )
2017-12-31 19:57:57 +01:00
Christof Schulze
910a6c8bb3
gluon-respondd: add current unix time to statistics ( #1287 )
2017-12-29 23:49:28 +01:00
Matthias Schiffer
245e0f9ecc
Merge pull request #1280 from FreifunkVogtland/libbatadv
...
libbatadv: Add common batman-adv helper functions library
2017-12-28 14:50:13 +01:00
Christof Schulze
41ab551518
libgluonutil: add function that retrieves the node prefix from site.conf
2017-12-27 23:50:31 +01:00
Sven Eckelmann
6701aa81a5
gluon-status-page-api: Use genl helpers from libbatadv
...
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:41 +01:00
Sven Eckelmann
a267cc7ee7
gluon-mesh-batman-adv: Use genl helpers from libbatadv
...
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:35 +01:00
Sven Eckelmann
624cffc744
libbatadv: Add library for common batman-adv helpers
...
Interacting with batman-adv's genl interface requires some code and
definitions which could be shared between different packages. libbatadv is
trying to do this without providing any guarantee for ABI or API stability.
It is only useful in very controlled environments like gluon.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2017-12-27 17:40:30 +01:00
Matthias Schiffer
f799518194
gluon-ebtables-filter-multicast: do not filter out Bridge Loop Avoidance
...
batman-adv uses gratuitous ARP packets with certain target addresses for
BLA.
Fixes #1198
2017-12-27 17:22:37 +01:00
Karsten
35237c2ca1
gluon-web-network: make 'PoE Power Port[0-9]' translatable ( #1173 )
2017-12-27 03:11:49 +01:00
Matthias Schiffer
2b1ffb3034
gluon-core, gluon-client-bridge: create local_client zone in core
...
As core defines basic rules for this zone, it makes sense to create it
there.
2017-12-27 02:43:34 +01:00
Matthias Schiffer
8ea5810bda
gluon-core: firewall: allow inbound ICMPv4 ping on local_node
2017-12-27 02:43:34 +01:00
Matthias Schiffer
39284f00d0
gluon-core: firewall: allow Multicast Listener Discovery on mesh/local_client
...
Based-on-patch-by: Christof Schulze <christof.schulze@gmx.net>
2017-12-27 02:43:33 +01:00
Matthias Schiffer
a252383918
gluon-core: firewall: remove redundant ICMPv6 output rules
...
OUTPUT is always accepted, no need to allow ICMPv6 explicitly.
2017-12-27 02:43:33 +01:00
Matthias Schiffer
fe2048e4df
gluon-core: firewall: coding style
...
Wrap long lines.
2017-12-27 02:43:33 +01:00
Ralf Jung
4bae0a429f
docs: dns-cache: explain setting dns.servers a bit more ( #1268 )
2017-12-27 00:21:08 +01:00
Christof Schulze
c544846bc5
gluon-neighbour-info: allow respondd replies on mesh and wan interface
2017-11-25 23:31:23 +01:00
Christof Schulze
e5b4d25451
gluon-respondd: allow access to respondd from mesh-internal addresses
2017-11-25 23:31:08 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
...
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
* gluon-core: put clients in local_client zone, introduce drop-zone,
set dns-rules and zones
* gluon-respondd: allow respondd on mesh
* gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
7351fb5d4a
gluon-web-network: fix reading "legacy" mode settings from UCI
...
Fixes #1269
2017-11-25 22:08:58 +01:00
kb-light
f7f659c254
gluon-web-network: make poe_passthrough more generic
2017-11-15 22:45:22 +01:00
Christof Schulze
94e7827ac8
gluon-status-page: improve localization ( #1241 )
2017-10-31 19:25:27 +01:00
Ruben Barkow
99c405756f
gluon-web-theme: allow more width in style for input fields and selectboxes ( #1229 )
2017-10-14 13:42:24 +02:00
Matthias Schiffer
9324d18fee
gluon-mesh-batman-adv: filter out all packages between bat0 and local-port
...
Filtering by MAC address won't filter out multicast packages like router
solicitations, causing uradvd to send out router advertisements with
maximum frequency (every 3 seconds) in active meshes, even when no local
client is actually interested in the advertisements.
Fixes #1230
2017-10-03 17:07:42 +02:00
Christof Schulze
86e89a86d1
gluon-mesh-vpn-fastd: make respondd module compile again ( #1228 )
...
by moving the declaration of ret to the top of get_fastd()
2017-09-24 23:49:00 +02:00
lemoer
4899dda4af
treewide: check for NULL after uci_alloc_context() ( #1224 )
2017-09-21 20:56:40 +02:00
Matthias Schiffer
9ab93992d1
gluon-autoupdater: mirror URLs must start with http://
...
The older busybox-based wget erroneously accepted URLs without protocol.
Add validator to avoid building firmwares with broken autoupdates.
2017-09-05 19:04:27 +02:00
Matthias Schiffer
fda2d10b6f
gluon-web-admin: simplify info.html template
2017-08-11 22:09:08 +02:00
Matthias Schiffer
13b325355d
gluon-core: make old site_config library reference new one, not the other way around
2017-08-11 22:07:35 +02:00
Matthias Schiffer
ee6afaced9
treewide: use new gluon.site Lua library
...
Some files have received some additional refactoring.
2017-08-11 22:07:34 +02:00
Matthias Schiffer
fd36bcce07
gluon-web-admin: fix info.html template indentation
2017-08-11 21:25:46 +02:00
Matthias Schiffer
8dbf3ea568
gluon-mesh-batman-adv: fix radvd start with dns.servers, but without next_node.ip config
2017-08-11 20:56:06 +02:00
Matthias Schiffer
8a41ed05f1
gluon-core: more coding style fixes
2017-08-11 20:28:59 +02:00
kb-light
90305761ce
gluon-core: update lib/gluon/upgrade/150-poe-passthrough for naming within lede
2017-08-11 20:27:51 +02:00
kb-light
949f4b7dd5
gluon-core: lib/gluon/upgrade/150-poe-passthrough: fix indentation
2017-08-11 20:26:08 +02:00
Matthias Schiffer
3df9fcecb0
gluon-core: explicitly disable radios without configuration in site.conf
2017-08-08 14:08:35 +02:00
Matthias Schiffer
293a45456b
gluon-core, gluon-client-bridge: use new gluon.site library in gluon.util
...
In particular, this affects users of gluon.util.iterate_radios.
2017-08-08 14:07:09 +02:00
Matthias Schiffer
53b6065500
gluon-ebtables-source-filter: use new gluon.site library to avoid 'or {}' syntax
2017-08-08 13:53:20 +02:00