Commit Graph

869 Commits

Author SHA1 Message Date
Matthias Schiffer
5cd6295265
gluon-core: add gluon_mesh netifd proto
This new protocol will allow configuring mesh interfaces independently of
the used mesh protocol.
2016-09-07 02:14:42 +02:00
Matthias Schiffer
d70788adbc
gluon-status-page-api: hide warning in upgrade script 2016-08-30 22:09:40 +02:00
Matthias Schiffer
2331cb194e
gluon-mesh-batman-adv-core, gluon-mesh-vpn-fastd: switch MAC address assignment
Switch to:

1. WAN
2. LAN
3. Mesh VPN

As WAN and LAN are setup in gluon-mesh-batman-adv-core (and will be moved
to gluon-core), while the mesh VPN has its own package, giving WAN and LAN
the first indices is preferable.
2016-08-30 21:25:40 +02:00
Matthias Schiffer
051fd926ef
gluon-wan-dnsmasq: add interface name to link-local addresses
Fixes #854
2016-08-28 22:04:47 +02:00
Matthias Schiffer
e0ed7dde85
gluon-config-mode-mesh-vpn: fix indentation 2016-08-27 16:39:30 +02:00
Matthias Schiffer
7e0075584d
Use a "pretty" hostname where possible
Fixes #414
2016-08-27 16:33:37 +02:00
Matthias Schiffer
819c7d59f1
gluon-config-mode-*, gluon-luci-*: add escaping for many user- or site-defined strings
Allows weird release numbers, models and site names, and prepares support
for pretty hostnames.
2016-08-27 15:18:13 +02:00
Matthias Schiffer
79a49a1515
gluon-luci-theme: add HTML and URL escaping utility functions 2016-08-27 13:19:42 +02:00
kb-light
81280d8e18 gluon-mesh-batman-adv-core: use need_one_of() to check for valid mcast_rate 2016-08-27 07:12:07 +02:00
kb-light
6ff94aca35 gluon-core: make wifi rates configurable by site.conf
and add documentation
2016-08-27 07:11:58 +02:00
Matthias Schiffer
c84bb17915
Merge branch 'enable-multicast-snooping' of https://github.com/T-X/gluon 2016-08-26 21:05:30 +02:00
Matthias Schiffer
e5acba5fbc
gluon-radvd: fix init script
Fixes #862
2016-08-24 13:07:29 +02:00
Linus Lüssing
6594ba314c gluon-core: reenable multicast snooping on WAN side
Just like we enabled multicast snooping on the batman-adv client bridge
again, let's do the same for the WAN side.

With one exception: The IGMP/MLD querier is kept disabled to avoid
becoming too "bossy"/"noisy" on a foreign network. The main router on
the WAN side should perform querying and by that enable
IGMP/MLD/snooping if it considers this appropriate there.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-08-23 00:21:26 +02:00
Linus Lüssing
2a51d94fbb gluon-mesh-batman-adv-core: reenable multicast snooping
A few issues with the bridge snooping were identified and fixed
upstream in OpenWRT:

* "firewall: Allow IGMP and MLD input on WAN" (r45613)
* "kernel: bridge: backport two snooping related patches" (r45783)
* netifd: "bridge: Fix multicast_to_unicast feature by hairpin+isolate"
  (OW: "netifd: update to the latest version, adds multicast-to-unicast fixes" (r46719))
* "kernel: bridge, multicast-to-unicast: assign src after pskb_may_pull()" (r46721)
* "kernel: bridge, multicast-to-unicast: fix echoes on STA" (46765)

These have very likely caused issues with the bridge snooping before,
which led to disabling it in the past. Let's reenable the multicast
snooping now that they were fixed for reduced multicast overhead on the
wifi.

Advantages are the following:

This mildly reduces overhead on the mesh layer. And significantly reduces
overhead on the AP interface and therefore significantly increases
available airtime (the currently most significant scalability bottleneck).

Secondly removes an easy, often accidental node-local Denial-of-Service
vector based on multicast flooding / streaming.

Thirdly, makes node-local multicast streaming feasible.

Finally should noticably increase battery life of mobile devices.

Note: bridge querier is disabled for br-wan. We want to avoid becoming
too "bossy"/"noisy" on a foreign network.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-08-23 00:15:27 +02:00
T-X
d5829d87be gluon-mesh-batman-adv-core: disable bridge port learning on bat0 (#780)
The mesh side has become fairly huge in many communities. Up to
a few thousand entries can currently be found in the forwarding
database (fdb) of a bridge for its bridge port bat0.

The bridge fdb is kind of redundant to the batman-adv global translation
table here. Therefore this patch tries to reduce memory footprint by
following an approach similar to the IGMP/MLD split patchset approach:

Make the bridge oblivious not only regarding multicast listeners towards
the mesh but with this patch unicast hosts on the mesh, too.

If the destination of an ethernet frame is known by the bridge to be a
local one, then the frame is forwarded to the according port. If it is
unknown, then the frame is forwarded to the wifi AP interface and bat0.

mac80211 and batman-adv then know whether to drop or forward a frame
further through their own book-keeping.

Note that unicast-flood is not disabled for the wifi AP bridge port, nor
is learning disabled on the wifi AP. This is mainly to keep the
configuration in UCI and according setup scripts simple ;). However, not
disalbling unicast-flood on the wifi AP interface might also give a
minor latency improvement for newly joining wifi clients.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-08-22 23:26:07 +02:00
kb-light
2789aebcb2 gluon-luci-private-wifi: limit ssid to 32 characters (#848)
Fixes #845
2016-08-08 11:38:57 +02:00
Jan-Philipp Litza
d445cb772d gluon-radvd: Use procd in init script
The main advantage is that procd is capable of logging stderr to logd,
making errors easier to debug.
2016-07-30 20:27:20 +02:00
Matthias Schiffer
f3cb6d7b36
gluon-luci-portconfig: add setting for PoE passthrough
Fixes #328
2016-07-30 00:04:17 +02:00
Matthias Schiffer
b1a753e1c5
gluon-core: allow setting PoE passthrough default setting from site.conf 2016-07-30 00:00:39 +02:00
Matthias Schiffer
b241373640
gluon-luci-private-wifi: set MAC address if the driver provides one 2016-07-28 00:27:47 +02:00
Matthias Schiffer
279a409198
gluon-core: split get_wlan_mac_from_driver() out of get_wlan_mac() 2016-07-27 17:25:05 +02:00
Matthias Schiffer
806af27083
gluon-client-bridge, gluon-mesh-batman-adv-core: make macaddr variable local in upgrade script 2016-07-27 17:25:05 +02:00
Matthias Schiffer
7565839fc4 Merge pull request #674 from T-X/filter-igmp-mld
Filter IGMP+MLD
2016-07-27 17:24:43 +02:00
Matthias Schiffer
85674a5557
gluon-luci-admin: rename "Expert Mode" to "Advanced settings"
Use the common term; the "Expert Mode" never was a distinct mode of
operation anyways.
2016-07-27 02:38:39 +02:00
Matthias Schiffer
5e3b1f80b0
gluon-luci-admin: regenerate fr.po 2016-07-27 02:35:06 +02:00
Christof Schulze
65ee128c37
gluon-radvd: externalize arguments
The arguments are now provided by gluon-mesh-batman-adv-core, so
gluon-radvd can be used with other mesh protocols.

[Matthias Schiffer: removed PROVIDES dependency]
2016-07-27 01:24:33 +02:00
Matthias Schiffer
55d6f71cff
gluon-setup-mode: remove unneeded require 2016-07-26 01:11:03 +02:00
lemoer
8e8f794c24 gluon-neighbour-info: improve verbosity on wrong cli parameters (#829)
gluon-neighbour-info: improve verbosity on wrong cli parameters
2016-07-25 15:52:27 +02:00
Matthias Schiffer
2afe34efec
Use MAC addresses provided by WLAN drivers by default
Some drivers (mt76) don't support arbitrary MAC addresses. Use the
addresses provided by the driver (avoiding the primary address) by default,
but fall back to our has-based scheme when the driver doesn't provide
(enough) addresses.
2016-07-20 18:42:56 +02:00
Matthias Schiffer
c8bc4620d1
gluon-core: unify indentation in gluon/util.lua 2016-07-20 17:51:09 +02:00
Matthias Schiffer
849af9ade0
gluon-client-bridge, gluon-mesh-batman-adv-core: simplify VIF config functions 2016-07-20 15:44:36 +02:00
Matthias Schiffer
64fdc0d7ba
gluon-mesh-batman-adv-core: add sleep to autoupdater network stop script
Accidentially forgot to commit this. The sleep is necessary so netifd can
actually stop the WLAN interfaces after `wifi down`.
2016-07-19 15:49:07 +02:00
Jan-Tarek Butt
8f5a7c9001
gluon-mesh-batman-adv-core: stop WLAN and batman-adv before autoupdater upgrades
[Matthias Schiffer:
  - improve commit message
  - add pidof check
  - also call `wifi down`
]
2016-07-19 03:41:21 +02:00
Jan-Tarek Butt
1c1f490527
Minify all Lua code 2016-07-10 20:14:25 +02:00
Matthias Schiffer
42910c0606
ramips-mt7621: use phy1 MAC address as primary on DIR-860L B1 2016-07-10 15:51:07 +02:00
Matthias Schiffer
c913957e01
gluon-luci-wifi-config: fix to work with legacy configs using macaddr instead of path to identify radios 2016-07-09 23:32:46 +02:00
Matthias Schiffer
bae721a9bb
Add target ar71xx-mikrotik
Fixes #121

Based-on-patch-by: Tobias Hachmer <tobias@hachmer.de>
2016-06-23 00:29:28 +02:00
Matthias Schiffer
dc485f7356
gluon-core: make gluon.platform.match() match all boards when no boards are given 2016-06-23 00:07:25 +02:00
Sven Eckelmann
fa04fff88d ar71xx-generic: Add support for OpenMesh MR1750v2
The new MR1750v2 device support is only available in LEDE master. The
relevant patches have to backported to add support for them in Gluon

Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-06-17 20:04:00 +02:00
Sven Eckelmann
3ccd516971 ar71xx-generic: Add support for OpenMesh OM2P-HSv3
The new OM2P-HSv3 device support is only available in LEDE master. The
relevant patches have to backported to add support for them in Gluon

Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-06-17 20:04:00 +02:00
Thomas Weißschuh
0a936e4de5 gluon-batman-adv-core: respondd: add gateway_nexthop field 2016-06-02 16:14:13 +02:00
Jan-Philipp Litza
76c3456787 gluon-node-info: simplify respondd module code a bit 2016-05-27 22:40:17 +02:00
Jan-Philipp Litza
f7eda9381f respondd modules: Use proper formatting of doubles
Most doubles that are delivered via respondd have limited input
precision, but are converted with up to 17 digits of precision. That can
cause ugly blowups like 0.2800000000000001 in the output, which is
avoided by specifying better format strings (like "%.2f" in most cases).
2016-05-26 17:38:36 +02:00
Sven Eckelmann
780f7cad2a ar71xx-generic: Use eth0 as OpenMesh primary mac address
The OpenMesh devices have a sticker with the eth0 mac address on the
bottom. Also all other mac addresses are calculated based on this address.
Therefore, it is better to use this as primary mac address instead of the
WiFi mac address.

Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-05-23 21:39:27 +02:00
Linus Lüssing
4199b216c6 ebtables-segment-mld: Segment IGMP/MLD domain
This patch adds a new gluon-ebtables package to filter IGMP/MLD messages
via ebtables.

For one thing this reduces multicast overhead: About one third of all
ICMPv6 multicast traffic in Lübeck or Hamburg is MLD.

Furthermore it removes a potential Distributed Denial-of-Service vector
(see Gluon ticket #553).

Finally, it is a prerequisite for enabling bridge multicast snooping in
a decentral and robust fashion.

Note that IGMP/MLD are filtered for multicast traffic coming from
the mesh, too (new MULTICAST_IN), as unfortunately there seem to
be other queriers somewhere in the mesh at least for Freifunk
Lübeck. Also adding these rules to be prepared to anyone intentionally
or unintentionally disabling these filters on his/her node.

Node operators not running Gluon (for instance gateway nodes) should
make sure to either enable multicast_router towards bat0 or disable
multicast snooping entirely if they have a bridge on top of bat0.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-05-20 22:59:31 +02:00
Linus Lüssing
8e891b2cc4 ebtables-filter-mcast: Remove redundant allow-filter for hop-by-hop
ebtables actually skips any IPv6 extension headers like the hop-by-hop
one. So this rule is actually void.

The intend back then was to allow passing MLD messages into the mesh.
Since extension headers are skipped, the general icmpv6 rule will
actually match MLD messages. So the hop-by-hop rule is unnecessary,
too.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-05-20 02:04:25 +02:00
Matthias Schiffer
97879e80ad
gluon-config-mode-core: clean up reboot handling
Don't fork reboot process before all package hooks have been handled and
rendering is complete.

Replace debug.setfenv hack to close stdout with nixio.dup.

Fixes #772
2016-05-19 15:31:47 +02:00
Matthias Schiffer
4a60e5a02a
gluon-mesh-vpn-fastd: add missing iptables dependency confusing Kconfig
This was causing "recursive dependency" errors and potentially broken
configurations.
2016-05-18 01:24:11 +02:00
Sven Eckelmann
d30a6ff1db gluon-luci-admin: Fix uploaded image validation
The image validation currently fails on some devices (tested OpenMesh)
because it isn't done via sysupgrade. But the checks depend partially on
the integration in sysupgrade (e.g. via loops that can be stopped via
"break statements").

Instead of hacking its own version check, it is easier and better tested to
just use 'sysupgrade -T' like it is already done by LuCI.

Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-05-16 13:31:25 +02:00
Matthias Schiffer
cab23b1838
ar71xx-generic: switch default WAN/LAN assignment on Ubiquiti UAP Pro
Fixes #764
2016-05-14 01:02:25 +02:00
Matthias Schiffer
087112a09b
ar71xx-generic: add support for UniFi AC PRO/LITE (LITE untested)
Also backport some patches improving QCA956x support.
2016-05-14 00:48:10 +02:00
Matthias Schiffer
86ef9b0e97
Fix creation of IBSS interfaces on devices with two radios
Lua's tables are 1-based, so we must decrement the index by 1 to get the
desired MAC addresses. By not doing this, the second IBSS interface would
get the address with index 8, but only indices 0..7 are available.

Fixes: c73a12e0ea
2016-05-14 00:34:04 +02:00
kb-light
f68a5662b6 gluon-node-info: add a script to fix whitespaces within the coordinates
Signed-off-by: kb-light <freifunk@kb-light.de>
2016-04-28 09:34:33 +02:00
Matthias Schiffer
d77bfe9da9 gluon-mesh-batman-adv-core: fix rssid for setups without 11s 2016-04-27 21:07:46 +02:00
kb-light
d8092bce62 gluon-config-mode-mesh-vpn: provide contact-information for reboot-message (#671) 2016-04-27 17:08:42 +02:00
kb-light
269a8fbdd4 gluon-config-mode-geo-location: add ability to hide the altitude field (#693) 2016-04-27 12:37:30 +02:00
Matthias Schiffer
937fe715c7 gluon-mesh-batman-adv-core: make mesh_lan config a bridge
There are a few devices which have more than one LAN interface (for example
some revision of the TL-WR941ND, which uses a DSA-based switch, so each
switch port has its own netdev.) On these devices we need a bridge for
mesh-on-lan (as the alternative of adding them to batman-adv individually
would need too many MAC addresses.)
2016-04-27 12:20:27 +02:00
lemoer
c73a12e0ea Change MAC schema generation (#715)
While ath9k/ath10k devices can supprt VIFs with any combination of MAC addresses, there are also adapters which have a hardware MAC filter which only allows a few bits to differ. This commit changes the addresses of all VIFs to ony differ in the last 3 bits, which is required to support many Ralink/Mediatek based WLAN adapters.

Technically, the new addresses are generated by calculating an MD5 hash of the primary MAC address and using a part of this hash as a prefix for the MAC addresses.

The addresses (BSSIDs) of the AP VIFs are also reused for the LAN and WAN interfaces in mesh-on-LAN/WAN mode to reduce the number of needed addresses, and thus reduce the chance of collisions. This is not a problem as the MAC addresses of the AP VIFs are never used except as BSSID, and thus not seen by routing protocols like batman-adv.

Fixes #648

[Matthias Schiffer: rewrote commit message]
2016-04-27 12:16:39 +02:00
corvusmo
82b5b5a8d2 gluon-status-page: refactor creation of table rows and cells (#738) 2016-04-27 08:40:13 +02:00
Matthias Schiffer
7f2b93e7f0 gluon-status-page: remove old status page
We have Git for history, there's no reason to keep old files that aren't
used anymore.
2016-04-26 21:29:48 +02:00
Matthias Schiffer
c936fd8054 Merge branch 'master' of https://github.com/corvusmo/gluon 2016-04-25 18:33:10 +02:00
Matthias Schiffer
c18d43d2cb gluon-core: use correct file variable in get_site_config() 2016-04-24 15:55:37 +02:00
Matthias Schiffer
f38bbf0d2c gluon-mesh-batman-adv-core: remove 'gluon.batman_adv' Lua module
It is not used anymore.
2016-04-24 09:47:06 +02:00
Matthias Schiffer
db32736d3b Merge pull request #730 from jannic/master
Add support for carambola 2 board
2016-04-22 18:13:10 +02:00
Jan Niehusmann
bdcd166c7c ar71xx-generic: add support for Carambola 2
Device information can be found at:
http://www.8devices.com/products/carambola-2
https://wiki.openwrt.org/toh/8devices/carambola2

I only did some minimal testing of gluon on the carambola 2 development
board:

 - Config mode works
 - Connects to Wifi Mesh
 - Allows clients to connect

Notably, autoupgrade has not yet been tested.

Change to 010-primary-mac is necessary as the mac address printed
on the sticker is the one of eth0, not the wifi mac.
2016-04-22 08:32:19 +02:00
Matthias Schiffer
ddb9e6b2e5 Merge pull request #679 from T-X/preparations-for-mcast-snooping-final
Preparations for Multicast Snooping Final
2016-04-20 19:44:53 +02:00
corvusmo
80515c087d gluon-status-page: sort gateways alphabetically
Fixes #698
2016-04-08 21:23:56 +02:00
Jan-Philipp Litza
3a3c922a4d gluon-core: use exec on uci commit 2016-04-03 16:14:48 +02:00
Matthias Schiffer
4658afb2c6 gluon-core: commit all UCI configs at the end
Avoid commiting configs inbetween to decrease number of flash writes.

Fixes #714.
2016-04-02 18:56:45 +02:00
Matthias Schiffer
827d81aab3 gluon-config-mode-mesh-vpn: fix save() call for traffic limits
It doesn't seem like this mistake had any effect.
2016-04-02 18:53:56 +02:00
Matthias Schiffer
b8cb60a8d6 Merge pull request #675 from T-X/preparations-for-mcast-snooping
Preparations for Multicast Snooping
2016-03-11 13:27:33 +01:00
Linus Lüssing
c9aa2672bd bridge: Increase IGMP/MLD robustness parameter to three for br-client
We are mostly dealing with the 2.4GHz crap-band here, so increasing the
IGMP/MLD robustness parameter to three to be able to compensate for up
to two consecutive instead of just one lost packet.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-03-10 16:44:34 +01:00
Linus Lüssing
4d00c804c0 bridge: Lower IGMP/MLD query intervals for br-client
There are some devices not acting properly to roaming events, in that
they do not timely reissue IGMP/MLD reports after reconnecting.

To compensate for that this commit reduces the query interval from 125
seconds to 20 and the query response interval from 20 seconds to 5.
This reduces a timeout to 20+5 seconds in the worst-case (12.5s average)
after a roaming event for such broken devices. This should be below the
30s "impatient user threshold" and below any connection timeout.

Until the bridge multicast snooping + querier gets re-enabled this is a
no-op.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-03-10 16:44:05 +01:00
Matthias Schiffer
fc6d4d6c97 gluon-mesh-batman-adv-core: respondd: add uci.h include
This include wasn't actually missing, but well hidden behind the iwinfo.h
include. Make this more obvious.
2016-03-08 07:57:06 +01:00
Linus Lüssing
0fc9e1d966 update config: "firewall: Allow IGMP and MLD input on WAN" (r45613)
Adopt the according modifications to the default firewall settings of
the WAN interface from OpenWRT, revision 45613.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-03-08 07:55:55 +01:00
Linus Lüssing
ca9a6f34f3 gluon-mesh-batman-adv-core: Always forward towards mesh/batman-adv
An IGMP/MLD domain split will prevent us from being able to track
multicast listeners on other nodes.

Therefore we need to always hand any multicast packets we received from
local clients to batman-adv. With bridge multicast snooping disabled,
the current setting in Gluon, this is already the case.

However, in preparation to enabling multicast snooping, we need to
enforce forwarding towards batman-adv by setting the bridge port
option "multicast_router" to 2.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-03-08 07:55:55 +01:00
Matthias Schiffer
289b599233 gluon-status-page: unify prefix list of prettyBytes and prettyBits 2016-03-01 00:06:20 +01:00
Matthias Schiffer
6e452f207a gluon-status-page: don't use internationalization API
It is not supported by all browsers yet.

Also change load display always to display 2 decimal digits (as it is read
from the kernel with 2 decimal digits).

Fixes #606
2016-03-01 00:06:20 +01:00
Matthias Schiffer
79bc3a8d4b gluon-status-page: fix neighbour purging
notUpdated is a Set, to a for-in loop doesn't work.

Fixes #657
2016-02-29 01:12:20 +01:00
Matthias Schiffer
bb8d1783b3 gluon-config-mode-*, gluon-luci-portconfig: improve validation
Make bandwidth limits unsigned; trim numbers, the validator accepts
trailing whitespace.
2016-02-28 22:38:19 +01:00
Matthias Schiffer
88bdc98108 gluon-status-page: don't reset signal graphs on resize events if width hasn't changed
Mobile browsers will often show or hide the address bar while scrolling.
This causes resize events which would often reset the signal graphs.

Fixes #662
2016-02-26 05:35:47 +01:00
Matthias Schiffer
6961406523 Merge pull request #640 from kokel/preserve-wifi-channel
gluon-core: add preserve wifi channel feature
2016-02-24 17:25:02 +01:00
Matthias Schiffer
f0ad8ed5cb gluon-mesh-batman-adv-core: enable mesh_no_rebroadcast for Mesh-on-WAN/LAN
Ethernet links provide transitive connectivity in all but very unusual
setup, enable mesh_no_rebroadcast to reduce load for devices on links with
many nodes.

Fixes #652
2016-02-16 23:26:42 +01:00
Kokel
388d264ff0 gluon-core: add preserve wifi channels feature
This new feature introduces the new uci section 'gluon-core.wireless' with a preserve_channels option:
 * preserve_channels (boolean)

By setting this option to 1 (true) wifi channels will be preserved during upgrades.
2016-02-10 07:06:36 +01:00
Matthias Schiffer
19242f4deb Remove all uses of batman-adv-visdata
Should be redundant after 0bd0df6f93
2016-02-08 20:58:28 +01:00
Matthias Schiffer
e0e96b7b28 Merge branch 'restrict-respondd' 2016-02-05 19:18:40 +01:00
Matthias Schiffer
145cb4ded2 gluon-luci-admin: ensure that the authorized_keys file always ends with a newline
Fixes #558
2016-02-05 18:31:25 +01:00
Matthias Schiffer
2f499dbfc1 gluon-respondd: restrict queries from the mesh to link-local addresses
Restrict to link-local addresses to prevent amplification attacks from
outside the mesh, or such attacks affecting the outside world.

Fixes #637
2016-02-05 17:06:07 +01:00
Matthias Schiffer
6554cc21ab Merge remote-tracking branch 'origin/firewall-multicast' 2016-02-03 08:40:20 +01:00
Matthias Schiffer
d58484c84e gluon-mesh-batman-adv-core: respondd: fix pattern to count clients to work with compat 15 2016-02-02 17:18:52 +01:00
Jan-Philipp Litza
5bb4316f71 gluon-neighbour-info: Open firewall on WAN for respondd replies
If the query was via multicast, the response isn't matched by
--state ESTABLISHED,RELATED

This fixes #619
2016-02-02 13:06:54 +01:00
Matthias Schiffer
0005b3b5a2 autoupdater: stop non-essential services before downloading the image 2016-02-02 09:22:50 +01:00
Matthias Schiffer
b4aaf8a1f8 gluon-respondd: add init script
Instead of starting gluon-respondd from a hotplug handler, add a proper
init script. The new init script has a restart_if_running argument which
is now used by the hotplug handler.
2016-02-02 09:18:13 +01:00
Matthias Schiffer
9004028cb4 Convert gluon-announce Lua code to C modules, rename to gluon-respondd
gluon-announced and gluon-announce are merged to gluon-respondd.
2016-02-02 09:18:12 +01:00
Matthias Schiffer
840d07dd48 Add utility library libgluonutil 2016-02-02 06:39:22 +01:00
Daniel Golle
4ce85afc22 gluon-status-page-api: support batadv-in-VLAN on ibss interface
introduce function to recurse down to the lowest layer-2 interface
corresponding to a given interface.
also re-introduce some of the previously removed input validation plus
some more to protect against glob and path based exploits.
2016-01-13 12:59:16 +01:00
Matthias Schiffer
0880159eb5 gluon-status-page: fix handling of interface names containing dots 2016-01-08 14:54:30 +01:00
Delta / Stefan
bbdc334b43 gluon-status-page: add TB to list of units for transfer volumes
Fixes #614
2016-01-07 18:09:30 +01:00
Matthias Schiffer
f23e024787 Convert site.conf to JSON during build
This will allow us to use its content from other languages than Lua as
well.
2016-01-02 23:49:25 +01:00
Matthias Schiffer
8ffdcaaa1b gluon-mesh-batman-adv-core: announce/neighbours.d: use batman-adv-visdata 2015-12-18 17:46:24 +01:00
Matthias Schiffer
939087cec9 gluon-status-page-api: neighbours-batadv: use batman-adv-visdata, increase interval 2015-12-18 17:46:24 +01:00
Matthias Schiffer
90a64ca87f gluon-status-page-api: use sse-multiplex 2015-12-18 17:46:24 +01:00
Matthias Schiffer
fa504dae8d gluon-neighbour-info: simplify and fix timeout calculation
The timeout was calculated incorrectly (in each iteration the span between
the start time and the current time was substracted from the timeout
again), and would often become negative, causing warnings in the kernel
log.
2015-12-18 17:46:24 +01:00
Matthias Schiffer
a3155c427a gluon-neighbour-info: fix a few compiler warnings 2015-12-18 17:46:24 +01:00
Matthias Schiffer
d3bc707caa gluon-neighbour-info: flush after writing the HTTP header
sse-multiplex likes to get the header as fast as possible.
2015-12-18 17:46:24 +01:00
Matthias Schiffer
c3150d821f gluon-announce{,d}: create a new UCI cursor for each run 2015-12-18 17:46:24 +01:00
Matthias Schiffer
077dbe3c08 gluon-status-page-api: decrease dyn/statistics event frequency
The statistics data is now cached for 5s, no need to send an event every
second. The new interval is 3s, which is coprime with the cache timeout.
2015-12-18 17:45:45 +01:00
Matthias Schiffer
48d24c2674 gluon-announce: enable caching 2015-12-18 17:43:16 +01:00
Matthias Schiffer
eba7ecbbc0 gluon-announced: add support for caching announced data 2015-12-18 17:43:12 +01:00
Matthias Schiffer
5927fd66db gluon-status-page: filter out duplicate events in statistics event stream
Allows simple handling of cached events.
2015-12-18 17:37:48 +01:00
Matthias Schiffer
5ecb8a7366 gluon-mesh-vpn-fastd: gluon-annouced: fix fastd status always being reported as enabled 2015-12-08 22:47:32 +01:00
Nils Schneider
0bb530d1c6 gluon-status-page: fix display of rx and tx traffic
On the status page statistics section counters for transmitted and received traffic were mixed up. Transmitted traffic was shown as received while received traffic was shown as being transmitted.

Fixes #586
2015-12-07 13:44:17 +01:00
Matthias Schiffer
9c7582afe0 gluon-luci-private-wifi: fix typo in code file and regenerate translation files (correctly this time) 2015-11-27 14:33:56 +01:00
Matthias Schiffer
7f0fe061dc gluon-luci-private-wifi: fix translation files 2015-11-27 09:49:12 +01:00
Matthias Schiffer
d428576ec5 Merge pull request #552 from freifunk-gluon/disable-mesh
gluon-mesh-batman-adv-core: keep disabled state even when the mesh interface section name is changed
2015-11-23 00:42:39 +01:00
Matthias Schiffer
81b2142e65 Merge branch 'patch-1' of https://github.com/ohrensessel/gluon 2015-11-22 23:28:39 +01:00
Matthias Schiffer
0335ce10e2 gluon-mesh-batman-adv-core: keep disabled state even when the mesh interface section name is changed
Is makes sense to always look for both ibss_radio* and mesh_radio* sections
to determine if the meshing should be enabled when regenerating these
sections. Doing this, the disabled state will survive updates changing the
section name (either updating from pre-2015.2 while keeping IBSS, or
changing from IBSS to 11s or vice-versa).

If both ibss_radio* and mesh_radio* sections exist, the disabled state will
be kept correctly for each section, the behaviour is changed only when
creating a section that didn't exist before.

Fixes #549
2015-11-18 03:01:18 +01:00
Matthias Schiffer
e528977100 gluon-site: set PKG_FILE_DEPENDS to site.conf and i18n/ only
PKG_FILE_DEPENDS caused the whole site repo to be hashed to determine if
gluon-site needed rebuilding. While this is normally no problem,
alternative build setups sometimes put the Gluon repo inside the site repo,
causing long build times and parallel build failures.
2015-11-18 02:39:05 +01:00
Leo Krueger
bc15b6c810 gluon-ebtables-filter-multicast: drop icmpv6 type 128 & 139, drop icmp
in a layer 2 mesh network, multicast pings cause a lot of traffic in the
network, significantly increasing the 'backgroudn noise' (= Grundrauschen)
and stressing nodes in the network.

this commit blacklists all icmpv4 multicast traffic as well as multicast
icmpv6 echo-requests and node iformation queries. as no application
depending on these types of multicast traffic is known, blacklisting is safe.
2015-11-12 21:16:37 +01:00
Matthias Schiffer
412e1ef147 gluon-core: fix removal of "OpenWrt" default WLAN interface
Fixes #534
2015-10-28 17:06:29 +01:00
Matthias Schiffer
3ddcf50b80 Drop htmode field from config, always use HT20
Fixes #487
2015-10-27 01:57:10 +01:00
Matthias Schiffer
3647cf1d18 Remove leftover file from gluon-radio-config 2015-10-27 01:57:10 +01:00
Matthias Schiffer
9b46a05de7 Merge pull request #450 from freifunk-gluon/status-page
gluon-status-page: new status page
2015-10-26 22:55:00 +01:00
Matthias Schiffer
557a073dc7 gluon-mesh-batman-adv-core/gluon-luci-portconfig: fix configuration of br-client ifname with multiple interfaces in lan_ifname
There are a few devices on which lan_ifname contains multiple interface
names separated by spaces.
2015-10-26 22:29:44 +01:00
Nils Schneider
84b6374970 gluon-client-bridge: basic br-client config and wireless AP
This package provides br-client and sets up a wireless AP interface for
clients.
2015-10-26 21:14:32 +01:00
Matthias Schiffer
22130e84e8 Merge gluon-radio-config into gluon-core
gluon-radio-config contained only a single file. The code has been adjusted
to allow creating a Gluon configuration without WLAN support by removing
the wifi24 and wifi5 sections from site.conf.
2015-10-26 20:59:56 +01:00
Matthias Schiffer
53211b5b46 Replace gluon-cron by micrond 2015-10-15 23:52:30 +02:00
Matthias Schiffer
d0a78ea8ba Merge branch 'opkg' 2015-10-15 22:28:41 +02:00
Matthias Schiffer
45d1d04ae3 Merge branch 'simple-tc' 2015-10-15 22:28:32 +02:00
Matthias Schiffer
2fefdeee63 gluon-mesh-batman-adv-core: neighbours.d/wifi: output empty object instead of empty list when there are no neighbours on an interface 2015-10-15 02:42:28 +02:00
Matthias Schiffer
26682b24b3 Replace gluon-simple-tc by non-Gluon-specific simple-tc
The Gluon-specific functions of the gluon-simple-tc package are moved to
gluon-mesh-vpn-fastd.
2015-10-15 02:38:47 +02:00
Jan-Philipp Litza
daa15290ab gluon-announce: Remove now unused collect.lua
The file promotes the probably unnecessary re-execution of the announce
scripts. Instead, gluon-announced should be queried using

    gluon-neighbour-info -d ::1 -p 1001 -t0 -r nodeinfo

if both gluon-announced and gluon-neighbour-info are present. But to not
depend on any of those, no script for this one-liner is provided.
2015-10-15 01:49:20 +02:00
Jan-Philipp Litza
bae6519279 gluon-alfred/gluon-status-page: Query gluon-announced
By not executing all scripts from gluon.announce themselves, both should
be considerably faster and lighter on RAM usage.
2015-10-15 01:49:20 +02:00
Jan-Philipp Litza
d2ff7d5c22 gluon-neighbour-info: Add -l and -c parameter, make event type for -s configurable 2015-10-15 01:49:20 +02:00
Matthias Schiffer
3725f7bca3 Merge remote-tracking branch 'origin/announce.d' 2015-10-15 01:31:05 +02:00
Matthias Schiffer
d5c334af6d gluon-core: replace opkg site configuration to make it more flexible
The new options allow specifying custom repositories and are evaluated
in an upgrade script, not during build.
2015-10-14 02:57:29 +02:00
Matthias Schiffer
b46d4fd537 gluon-mesh-batman-adv-core: make gateway selection class configurable
Fixes #401
2015-10-12 21:49:02 +02:00
Nils Schneider
9dffb1284f gluon-announce(d): preload functions, collectgarbage
By calling collectgarbage() at various places I was able to reduce heap
usage by ~270kb.
2015-10-12 20:54:03 +02:00
Nils Schneider
435ded0c60 gluon-announce: build a tree of functions first
collect_dir() will now pre-load all files and return a function that will
collect all information.
2015-10-12 20:54:03 +02:00
Matthias Schiffer
a22c808634 Merge pull request #466 from kb-light/11s-mesh-dev
gluon-mesh-batman-adv-core: prepare for 802.11s mesh
2015-10-11 23:01:08 +02:00
Matthias Schiffer
12f9df7e86 gluon-config-mode-core: don't throw error when no config mode modules are installed
The expert mode can still be useful without any cohfig mode modules.
2015-10-11 21:19:28 +02:00
Matthias Schiffer
05f146f817 Validate section names from site.conf in various packages 2015-10-11 19:34:14 +02:00
Ruben Barkow
06a2b2b1d1 gluon-luci-private-wifi: typo seperaten 2015-10-09 11:59:12 +02:00
Matthias Schiffer
98542b015d i18n: s/noeud/nœud/ 2015-10-08 22:16:25 +02:00
kb-light
955dc886a8 gluon-mesh-batman-adv-core: prepare for 802.11s mesh
keep macfilter and maclist config after fw-update
2015-09-22 10:48:09 +02:00
srauscher
16888d214d Add french translation 2015-09-17 07:28:09 +02:00
Alex
b465504ae8 add: info for 802.11s interface
additional information for commit 2a93c58042
2015-09-13 14:32:53 +02:00
Nils Schneider
014f5751c8 gluon-status-page-api: increase uhttp.max_requests to 32
Now that the status page api has been rewritten in C CPU load and memory
usage is much lower. Also, nodes with both ibss and 11s mesh and dual
band wifi may require up to 9 connections for a single client, thus the
previous limit of 12 seemed a little low.
2015-09-05 12:11:35 +02:00
Nils Schneider
8be372a590 gluon-status-page-api: rewrite stations in C 2015-09-05 12:11:33 +02:00
Nils Schneider
4b8f6c9835 gluon-status-page-api: rewrite neighbours-batadv in C 2015-09-05 11:47:44 +02:00
Nils Schneider
431ac81407 gluon-status-page-api: split API from gluon-status-page
This will make it easier to replace the API with C programs.
2015-09-05 11:47:44 +02:00
Nils Schneider
5e5dc5ab18 gluon-status-page: new status page 2015-09-04 20:50:18 +02:00
Nils Schneider
34752c7e0b br-client: convert option ifname to list ifname
Convert option ifname in br-client to use a list instead. This
simplifies adding and remove interfaces:

uci:add_to_set("network", "client", "ifname", "eth0")
uci:remove_from_set("network", "client", "ifname", "eth0")

An option ifname will be automatically converted to a list when
performing an upgrade.

Packages affected: gluon-mesh-batman-adv-core, gluon-luci-portconfig
2015-09-04 20:31:53 +02:00
Matthias Schiffer
faba9efb88 Merge branch 'jsonc-sink' of https://github.com/FreifunkBremen/gluon 2015-09-04 17:15:58 +02:00
Jan-Philipp Litza
961e6cc1c0 Add sink support to luci-lib-jsonc and use it where needed 2015-09-04 12:27:45 +02:00
Nils Schneider
96033758ab Merge pull request #473 from FreifunkBremen/batctl-if-lua
Don't fork batctl from announce scripts
2015-09-04 11:40:00 +02:00
Jan-Philipp Litza
bccf4f7b21 gluon-mesh-batman-adv-core: Add lua code for iface listing, don't fork 2015-09-03 16:33:13 +02:00
Matthias Schiffer
3599d8912b Merge branch 'slim-down-lua-scripts' of https://github.com/FreifunkBremen/gluon 2015-09-03 15:29:27 +02:00
Nils Schneider
21935ffc81 gluon-status-page: set html encoding to utf-8 2015-09-02 21:19:41 +02:00
Jan-Philipp Litza
339a6c9959 Remove dependencies on luci.util (and partly nixio.fs) from announce scripts 2015-09-02 13:17:59 +02:00
Matthias Schiffer
a25d00ddce Merge branch 'feature-optional-thekey' of https://github.com/FreifunkBremen/gluon 2015-08-31 00:42:54 +02:00
Matthias Schiffer
d97586dd89 Merge branch 'announce-separate-frequencies' of https://github.com/FreifunkBremen/gluon 2015-08-30 23:53:36 +02:00
Jan-Philipp Litza
89a9d8138c gluon-mesh-batman-adv-core: Announce client count by frequency 2015-08-30 23:39:45 +02:00
Jan-Philipp Litza
eb590bdc12 gluon-config-mode-mesh-vpn: Move display of key to translations
When rebooting the node in config mode, currently the fastd key is
forcefully displayed in a fixed format. This is confusing in communities
where fastd accepts all keys and no key submission is needed.
Furthermore, some communities might want to personalize the display of
the key (see #387).

This patch moves the displaying <div> from the package's lua file to the
translation files of the sample site configuration and mentiones the
change in the release notes.
2015-08-30 21:55:29 +02:00
Jan-Philipp Litza
15a80aaffd Switch from luci-lib-json to luci-lib-jsonc
Apart from replacing a patch for the former by two patches for latter,
this involved minimal adaptations of the lua scripts in the following
packages:

* gluon-announce
* gluon-announced
* gluon-mesh-batman-adv-core
* gluon-status-page
2015-08-30 21:05:13 +02:00
Matthias Schiffer
4405f39869 Merge remote-tracking branch 'origin/radio-config' 2015-08-29 02:36:38 +02:00
kb-light
753c1f9e2a gluon-status-page: handle 11s interfaces 2015-08-23 23:19:28 +02:00
Nils Schneider
6906ef9de6 gluon-radvd: use uradvd 2015-08-19 21:20:50 +02:00
Nils Schneider
177086b881 gluon-radio-config: basic wireless configuration
Split basic radio configuration from gluon-mesh-batman-adv as this will
be required for virtually any wireless mesh protocol.

This package takes care of setting:

  - wireless channel,
  - htmode and
  - regulatory domain

gluon-mesh-batman-adv-core depends on this package.
2015-08-18 11:41:14 +02:00
Matthias Schiffer
86773d7628 gluon-luci-wifi-config: add support for new WLAN configuration 2015-08-07 18:36:13 +02:00
Matthias Schiffer
26c6a787f6 Merge remote-tracking branch 'origin/flexible-wifi' 2015-08-07 17:45:23 +02:00
Nils Schneider
2a93c58042 mesh-batadv-core: introduce 11s mesh, refactor wireless config
This is a site.conf-breaking change in regard to the wireless config.
Make sure to read http://gluon.readthedocs.org/en/latest/user/site.html
and update your site.conf accordingly!

Support for 802.11s mesh interfaces has been added. Gluon now supports
three interface types: ap, ibss and mesh. All of them are now optional
and may be configured independently in site.conf.

A sample site.conf may look like this:

    wifi24 = {
            channel = 1,
            htmode = 'HT40+',
            ap = {
                    ssid = 'luebeck.freifunk.net',
            },
            ibss = {
                    ssid = '02:d1:11:37:fc:38',
                    bssid = '02:d1:11:37:fc:38',
                    mcast_rate = 12000,
            },
            mesh = {
                    id = 'ffhl-mesh',
                    mcast_rate = 12000,
            },
    },
2015-08-04 23:05:29 +02:00
Nils Schneider
d9df118686 gluon-wan-dnsmasq: fix usage of libpacketmark
Using service_start requires exporting of environment variables.

Fixes #397
2015-08-04 22:51:40 +02:00
Jan-Philipp Litza
4e5b3354d2 gluon-mesh-batman-adv-core: Only announce valid IPv6 addresses
The nodeinfo/network/addresses announcement included deprecated and
tentative addresses, which it clearly shouldn't as the host doesn't want
to be contacted on those addresses. They are now filtered out.
2015-08-04 00:11:45 +02:00
Matthias Schiffer
f6498e8773 Update modules 2015-07-18 18:02:13 +02:00
Matthias Schiffer
88ed124d5e Merge remote-tracking branch 'origin/on-link' 2015-07-12 18:23:08 +02:00
Matthias Schiffer
aa33a94ea7 Merge pull request #411 from FreifunkBremen/feature-neighbour-info-timeout
gluon-neighbour-info: Support sub-second timeout
2015-07-12 16:42:28 +02:00
Matthias Schiffer
e878155601 gluon-luci-admin: fix setting the password
This was broken due to the switch to Chaos Calmer.
2015-07-12 16:31:00 +02:00
Matthias Schiffer
34e0451e45 gluon-mesh-batman-adv-core: unconditionally set the WAN MAC address
This fixes MAC address conflicts on devices which use the eth0 as primary
address.
2015-07-11 18:27:35 +02:00
Matthias Schiffer
f5764a4a7b gluon-mesh-batman-adv-core: adjust rssid config to renamed WLAN interfaces
This should fix the signal strength indicators on the TP-Link CPE210/510.
2015-07-10 20:58:46 +02:00
Matthias Schiffer
d386ccdcf8 Always use eth0 address as primary address on x86 and brcm2708
These targets don't have a WLAN adapter by default, so it doesn't make
sense to default to the phy0 address.
2015-07-10 20:22:53 +02:00
Jan-Philipp Litza
9f91a5f841 gluon-neighbour-info: Support sub-second timeout 2015-07-09 20:18:11 +02:00
Nils Schneider
1c4b179dd2 gluon-config-mode-geo-location: translate "altitude" to "Höhe" 2015-07-08 23:18:42 +02:00
Hans-Werner Hilse
66060cf08a gluon-neighbour-info: Do not use error()
error() is a glibc specific function and should not be used in
code meant to be portable.
2015-07-06 09:37:22 +02:00
Nils Schneider
6ced715e13 Merge pull request #371 from freifunk-gluon/status-page-api
gluon-status-page: API
2015-06-29 17:33:04 +02:00
Nils Schneider
4f8ce12325 uhttpd: set max_requests to 12
This limits the number of concurrent users to 2 or 3 (approx. 4 connections per
user), greatly reducing DoS potential.
2015-06-29 12:03:01 +02:00
Nils Schneider
28668c8c52 gluon-status-page: API 2015-06-29 12:03:01 +02:00
Matthias Schiffer
68a3b5f394 gluon-announce, ...: don't output empty lists where not appropriate
Always output empty objects or nothing at all where objects are expected, but
no elements exist.

Also remove a few unneeded "requires", a few basic modules are provided by
announce.lua by default.
2015-06-15 21:17:00 +02:00
Matthias Schiffer
317478e2b7 gluon-mesh-batman-adv-core: don't break network configuration on upgrades with mesh_on_lan=true 2015-05-28 01:44:25 +02:00
Nils Schneider
a42db7a71f gluon-luci-admin: fix translation of "Export Mode"
Export Mode -> Expert Mode
2015-05-22 11:51:32 +02:00
Matthias Schiffer
ab10be9f50 We're on Chaos Calmer now 2015-05-22 01:09:19 +02:00
Matthias Schiffer
6a31830600 gluon-mesh-batman-adv-core: always set hop penalty to 15
15 is the default in batman-adv-legacy, the new default 30 in newer batman-adv
versions is too high in larger networks.
2015-05-16 14:00:06 +02:00
Nils Schneider
e8a483c9a1 luci-wifi-config: don't disable mesh interface
fixes #365
2015-05-09 22:10:32 +02:00
Nils Schneider
2164893616 gluon-radvd: on-link flag
By introducing a new option -a in addition to -p this patch allows
controlling the on-link flag of announcements.

A prefix specified using -a will have the on-link flag set to zero
while a prefix specified using -p will retain its behaviour (i.e.
on-link flag set).

Example:

    gluon-radvd -i local-node -p 2001:db8:aaaa:/64 -a 2001:db8:bbbb::/64

This will announce 2001:db8:aaaa::/64 with the on-link flag set and
2001:db8:bbbb::/64 with the flag unset.
2015-05-08 21:46:12 +02:00
Matthias Schiffer
6d2741c024 gluon-luci-mesh-vpn-fastd: minor text change 2015-05-07 02:23:32 +02:00
Matthias Schiffer
a258092760 Merge remote-tracking branch 'origin/mesh-on-lan' 2015-05-06 23:55:04 +02:00
Matthias Schiffer
1e427c4e77 Merge branch 'configurable-methods' 2015-05-06 23:54:17 +02:00
Nils Schneider
d4c3467bc3 luci-portconfig: allow toggling of mesh_on_lan 2015-05-06 13:57:46 +02:00
Nils Schneider
39d0c8f459 mesh-batman-adv: mesh_on_lan
This adds mesh_on_lan functionality.

A new optional site.conf option, mesh_on_lan, has been added. If set to
'true', all LAN ports will be used for meshing instead of being part of
the client bridge.
2015-05-06 13:57:46 +02:00
Matthias Schiffer
cd00eeb367 Merge remote-tracking branch 'origin/meshinterfaces' 2015-05-04 19:28:28 +02:00