Adds support for Alfa AP121F USB powered travel router (looks like an USB ethernet adapter).
There is no factory image, but only a sysupgrade file for this router which can be installed using the inbuilt UBoot web interface.
Configure your PC with IP address 192.168.1.2 and connect the router using its RJ45 port. Hold the reset button while powering the device until all LEDs have flashed 3 times simultaneously. You can now access the fallback web interface using a web browser at http://192.168.1.1 and flash the sysupgrade file.
* do not allow to obligatorily require contact information
* add remark that the data is provided voluntarily
* mention how to delete the data
* be very clear about the fact that the data being entered is public and
can be downloaded and processed by anyone.
In multidomain setups, VXLAN is enabled by default, but can be disabled in
domain configs using the mesh/vxlan option. In single domain setups, the
mesh/vxlan option is mandatory.
The UCI option for legacy mode is removed.
Fixes#1364
dnsmasq's caching is severly broken and does not handle all answer records
equally. In particular, its cached answers are missing DNSKEY and DS
records, breaking DNSSEC validation on clients.
Remove the cache for now. It may return if dnsmasq is fixed or we switch to
a different resolver.
At the moment, we don't have a good guideline for package-specific
configuration, but it seems like a good idea not to split configuration
into too many tiny pages, especially for packages that aren't commonly
selected explicitly.
Some uncommon configuration is dropped from the example site.conf to remove
clutter.
This setting allows to enforce manually setting a hostname.
In the initial configuration, the hostname field is now left empty; when
setting the hostname is not enforced, the default hostname is shown as the
field placeholder.
Fixes#1139
We must ensure that each node becomes IGMP/MLD querier for its local
clients; having only a single querier for the whole mesh is generally
unreliable, leading to frequent "IGMP/MLD querier appeared/disappeared"
messages from batman-adv and unreliable snooping.
In smaller meshes it might be interesting only segment querier domains, but
allow membership reports to pass through the mesh, in order to support
snooping switches outside the mesh without special configuration. A
site.conf switch is provided to control this behaviour.
Fixes#1320
This is currently only implemented in the gluon-mesh-vpn-fastd
package.
Advertising the public key may be deemed problematic when
your threat-model involves protecting the nodes privacy
from tunnel traffic correlation by onlink observers.
It can be enabled by setting site.mesh_vpn.fastd.pubkey_privacy
to `false`.
This package drops all incoming router advertisements except for the
default router with the best metric according to B.A.T.M.A.N. advanced.
Note that advertisements originating from the node itself (for example
via gluon-radvd) are not affected.
Adding the fact that GLUON_RELEASE is needed with 'make manifest'
if it is used with 'make'.
This fact was mentioned in the v2017.1 release notes but is not (clearly)
mentioned inside other parts of the documentation.
Signed-off-by: Chrissi^ <chris@tinyhost.de>
[Matthias Schiffer: minor rewording]
Adding hints that the next_node name should contain a dot to avoid (mobile) browsers interpreting "nextnode" as searchphrase. Also setting it to an fqdn helps when clients use static dns servers.
To reduce the number of packages that need to be listed in
GLUON_SITE_PACKAGES, this adds a new variable GLUON_FEATURES. Sets of
packages are enabled automatically based on the combination of listed
feature flags.
Site-specified package feeds can provide their own feature flag
definitions.
As PROVIDES can be used to replace real packages now, we don't need the
virtual packages as workaround anymore. This also means that the providing
packages don't need to be added to site.mk explicitly anymore when the
default provider is used.
The used nodejs 4.4.5 needs at least GCC 4.8 to be build
https://github.com/nodejs/node/blob/v4.x/BUILDING.md
Signed-off-by: Matthias Fritzsche <matthias@chemnitz.freifunk.net>
[Matthias Schiffer: moved information to the first section]
gluon-core: dns-cache documentation polish
Now its clear that upstreams severs normally means "community gateways".
* added cacheentries to description
* made upstream server description more general
* description of the A and AAAA-records for next_node added
* mention of Cache not being allocated when not set in site.conf
* dns-cache doku polish
propose to make uci commit more specific to minimize unwanted changes in other temporary written config files like wireless ssid (in some offline changers)
The GLUON_ATH10K_MESH must be set to 11s or ibss; when it is not set,
ath10k device images won't be built at all. This also allows us to remove
the BROKEN flag for ath10k devices, as the GLUON_ATH10K_MESH variable is
sufficient to avoid ath10k devices if desired.
Fixes#864
The MR1750 and OM5P-AC devices are based on ath9k SoCs and an external
ath10k chip. All devices which are using ath10k should be marked as broken
due to deficits in their IBSS support.
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
Generate flashable images for the Archer C7 v2 with current stock firmware
again.
To set the region code, the GLUON_REGION variable must be set to "us" or
"eu" in site.mk or as a make argument.
Fixes#860
The new MR1750v2 device support is only available in LEDE master. The
relevant patches have to backported to add support for them in Gluon
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
The new OM2P-HSv3 device support is only available in LEDE master. The
relevant patches have to backported to add support for them in Gluon
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
The new ath9k/ath10k based devices are only available in OpenWrt trunk. The
relevant patches have to backported to add support for them in Gluon
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
This patch adds a new gluon-ebtables package to filter IGMP/MLD messages
via ebtables.
For one thing this reduces multicast overhead: About one third of all
ICMPv6 multicast traffic in Lübeck or Hamburg is MLD.
Furthermore it removes a potential Distributed Denial-of-Service vector
(see Gluon ticket #553).
Finally, it is a prerequisite for enabling bridge multicast snooping in
a decentral and robust fashion.
Note that IGMP/MLD are filtered for multicast traffic coming from
the mesh, too (new MULTICAST_IN), as unfortunately there seem to
be other queriers somewhere in the mesh at least for Freifunk
Lübeck. Also adding these rules to be prepared to anyone intentionally
or unintentionally disabling these filters on his/her node.
Node operators not running Gluon (for instance gateway nodes) should
make sure to either enable multicast_router towards bat0 or disable
multicast snooping entirely if they have a bridge on top of bat0.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Device information can be found at:
http://www.8devices.com/products/carambola-2https://wiki.openwrt.org/toh/8devices/carambola2
I only did some minimal testing of gluon on the carambola 2 development
board:
- Config mode works
- Connects to Wifi Mesh
- Allows clients to connect
Notably, autoupgrade has not yet been tested.
Change to 010-primary-mac is necessary as the mac address printed
on the sticker is the one of eth0, not the wifi mac.
OpenWRT now supports the CISCO Meraki enterprise class routers
MR12, MR16, MR62 and MR66. The fabric firmware demands the yearly
renewal of a support license.
This firmware was successfully tested by @Garunda for the MR62 (and
the MR12 with it for which this is an alias). The initial firmware
pre OpenWRT adoption was prepared and adapted for Gluon by @tcatm.
The confirmation of the functionality of the image for the MR66
(and the aliased MR16 with it) is still pending.
The devices are of strategic interest to the Freifunk community as
they are making a rock-solid impression. However, these come with
fairly hefty annual license. The Freifunk may offer an escape route
for those who had signed up and want to keep their investment into the
similarly expensive hardware. Used evices sell for $60 on eBay/Amazon
in the US. Here in the old world it is all >300 €, still.
Credits go to @Garunda for testing, to @tcatm for finding the
OpenWRT patch prior to its adoption and preparing the initial Gluon
adaptation, to @smoe for the update once that patch had arrived in
OpenWRT, and to @NeoRaider for his review and advice to use
GluonModelAlias for MR62 and MR66 to point to MR12 and MR16,
respectively.