Commit Graph

28 Commits

Author SHA1 Message Date
T-X
b3762fc61c gluon-client-bridge: move IPv4 local subnet route to br-client (#1312)
This patch moves the prefix4 subnet route from the local-node veth
device to br-client (while keeping the next node ipv4 address on the
local node device).

This is in preparation to allow routing over the br-client interface
later.
2018-02-16 00:00:12 +01:00
Matthias Schiffer
d61f6a1e85
gluon-core: rename iterate_radios() to foreach_radio(), pass whole radio section
Allows to remove some redundant UCI lookups.
2018-02-15 14:04:37 +01:00
Matthias Schiffer
18b9174d03
Use 'disabled' attribute instead of 'auto' to disable wired mesh interfaces
The 'auto' attribute still allows enabling the interface using ifup, which
is not intended when wired mesh is disabled.
2018-01-11 23:06:36 +01:00
Matthias Schiffer
2b1ffb3034
gluon-core, gluon-client-bridge: create local_client zone in core
As core defines basic rules for this zone, it makes sense to create it
there.
2017-12-27 02:43:34 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
 * gluon-core: put clients in local_client zone, introduce drop-zone,
   set dns-rules and zones
 * gluon-respondd: allow respondd on mesh
 * gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
ee6afaced9
treewide: use new gluon.site Lua library
Some files have received some additional refactoring.
2017-08-11 22:07:34 +02:00
Matthias Schiffer
293a45456b
gluon-core, gluon-client-bridge: use new gluon.site library in gluon.util
In particular, this affects users of gluon.util.iterate_radios.
2017-08-08 14:07:09 +02:00
Matthias Schiffer
eef3bba123
gluon-client-bridge: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:09 +02:00
Matthias Schiffer
2b9dd54f00
gluon-client-bridge: fix 320-gluon-client-bridge-wireless coding style 2017-08-08 04:31:52 +02:00
Matthias Schiffer
08e667ba2e
gluon-client-bridge: add default next-node MAC address
The next-node MAC address doesn't need to be unique in different
communities, so we can as well add a default value.
2017-06-26 22:48:45 +02:00
Linus Lüssing
66ead88dcb gluon-client-bridge: reenable multicast snooping for client zone
LEDE recently disabled multicast snooping by default:

https://git.lede-project.org/?p=project/netifd.git;a=commitdiff;h=52541140f8138e31958cdc3d7e42a4029fa6bbc9

Reenable it for Gluon as there have been no confirmed issues for
LEDE and no negative reports concerning Gluon v2016.2.x so far.

Closes #1025.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2017-04-13 22:31:31 +02:00
Matthias Schiffer
c4613c4e8d
gluon-core: gluon.util: pass UCI cursor to get_wlan_mac(), get rid of local UCI context 2017-04-11 01:48:11 +02:00
Matthias Schiffer
f48d10bdde
gluon-core: gluon.util: pass UCI cursor as argument to iterate_radios() instead of using local context 2017-04-11 01:48:11 +02:00
Matthias Schiffer
f0b919e89c
gluon-client-bridge: add next-node IPv6 address as deprecated
We always want to prefer the unique node address for outgoing traffic. Note
that this doesn't have an effect with batman-adv, as usually br-client will
be the outgoing interface, so the unique address would be chosen anyways.
2017-02-23 17:58:44 +01:00
Matthias Schiffer
f238b01173
gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client
macvlan interfaces never directly exchange traffic with the underlying
interface, but only with other hosts behind the interface. In consequence,
router advertisements from the uradvd running on br-client could never
reach local-node, preventing it from getting an IPv6 address without RAs
from an external radvd. Fix this be replacing the macvlan interface with
a veth pair (with the peer interface in br-client).

As a side effect, this saves about 5KB of flash, as the veth module is
simpler than macvlan.
2017-02-10 10:21:38 +01:00
Matthias Schiffer
57f8b9bc6a
Switch back roles of br-client and local-node interfaces
When preparing the migration from macvlan to veth for local-node, MAC
address conflicts occurred as some ports of br-client had the same address
as local-node. Reverting the roles of both interfaces fixes this.

By default, br-client is left as an interface without addresses and
firewall rules that drop everything, so the bridge is used to connect its
ports only. gluon-mesh-batman-adv-core changes this to the usual set
of addresses and firewall rules.
2017-02-10 09:58:23 +01:00
Matthias Schiffer
b92dfcb966
Move creation of local-node device from gluon-mesh-batman-adv-core to gluon-client-bridge
Prepare reverting the roles of br-client and local-node to their state
before 8c4403ba11.
2017-02-10 09:42:16 +01:00
Matthias Schiffer
eb350aba34
gluon-client-bridge, gluon-mesh-batman-adv-core: nicer indentation of uci:section calls
Also simplify the local_node.peerdns setting.
2017-02-10 08:16:27 +01:00
Matthias Schiffer
80de4a69e3
gluon-client-bridge: don't depend on luci.ip 2017-02-10 02:10:01 +01:00
Matthias Schiffer
c83b5b3cab
treewide: get rid of luci.util outside of config mode/advanced settings 2017-02-10 02:10:01 +01:00
Matthias Schiffer
6cf03bab37
treewide: replace normal uses of luci.model.uci with simple-uci to reduce LuCI dependencies
We also make use of the boolean support of simple-uci to make scripts
clearer.
2017-02-10 02:10:01 +01:00
Matthias Schiffer
04818c170b
package: refactor add_to_set/remove_to_set to get rid of last LuCI patch 2017-01-18 16:28:54 +01:00
Matthias Schiffer
8c4403ba11
gluon-client-bridge, gluon-mesh-batman-adv-core: switch roles of br-client and local-node interfaces
MAC and IP addresses are switched. This makes the gluon-client-bridge
package more useful for different routing protocols that don't need a
unique address on the client bridge.

As a side effect, gluon-radvd is now using the next-node address, which had
been considered before, but was dismissed to avoid having gluon-radvd
depend on gluon-next-node and gluon-mesh-batman-adv. This will be useful
for announcing default routes via gluon-radvd.

One downside is that this introduces a minor dependency on batman-adv in
gluon-respondd: the hotplug script that checked for the client interface
before will now check for local-node. This doesn't really matter: for mesh
protocols without a local-node interface, the check will do nothing (which
makes sense, as there is no interface to bind to for mesh-wide respondd).
2016-12-10 23:43:44 +01:00
Matthias Schiffer
9a5a8e0ab0
gluon-client-bridge: add LAN interfaces to client bridge by default (instead of doing this in the batman-adv-specific scripts)
This allows to weaken the gluon-mesh-batman-adv-core dependency of
gluon-luci-portconfig to gluon-client-bridge.
2016-09-07 02:14:42 +02:00
Matthias Schiffer
806af27083
gluon-client-bridge, gluon-mesh-batman-adv-core: make macaddr variable local in upgrade script 2016-07-27 17:25:05 +02:00
Matthias Schiffer
2afe34efec
Use MAC addresses provided by WLAN drivers by default
Some drivers (mt76) don't support arbitrary MAC addresses. Use the
addresses provided by the driver (avoiding the primary address) by default,
but fall back to our has-based scheme when the driver doesn't provide
(enough) addresses.
2016-07-20 18:42:56 +02:00
Matthias Schiffer
849af9ade0
gluon-client-bridge, gluon-mesh-batman-adv-core: simplify VIF config functions 2016-07-20 15:44:36 +02:00
Jan-Tarek Butt
1c1f490527
Minify all Lua code 2016-07-10 20:14:25 +02:00