Commit Graph

910 Commits

Author SHA1 Message Date
Matthias Schiffer
2b1ffb3034
gluon-core, gluon-client-bridge: create local_client zone in core
As core defines basic rules for this zone, it makes sense to create it
there.
2017-12-27 02:43:34 +01:00
Matthias Schiffer
8ea5810bda
gluon-core: firewall: allow inbound ICMPv4 ping on local_node 2017-12-27 02:43:34 +01:00
Matthias Schiffer
39284f00d0
gluon-core: firewall: allow Multicast Listener Discovery on mesh/local_client
Based-on-patch-by: Christof Schulze <christof.schulze@gmx.net>
2017-12-27 02:43:33 +01:00
Matthias Schiffer
a252383918
gluon-core: firewall: remove redundant ICMPv6 output rules
OUTPUT is always accepted, no need to allow ICMPv6 explicitly.
2017-12-27 02:43:33 +01:00
Matthias Schiffer
fe2048e4df
gluon-core: firewall: coding style
Wrap long lines.
2017-12-27 02:43:33 +01:00
Ralf Jung
4bae0a429f docs: dns-cache: explain setting dns.servers a bit more (#1268) 2017-12-27 00:21:08 +01:00
Christof Schulze
c544846bc5
gluon-neighbour-info: allow respondd replies on mesh and wan interface 2017-11-25 23:31:23 +01:00
Christof Schulze
e5b4d25451
gluon-respondd: allow access to respondd from mesh-internal addresses 2017-11-25 23:31:08 +01:00
Christof Schulze
1c1c9f8fc7
gluon-core: firewall rework, make base policy more restrictive
* gluon-core, gluon-client-bridge: introduce new firewall zone: local_client
 * gluon-core: put clients in local_client zone, introduce drop-zone,
   set dns-rules and zones
 * gluon-respondd: allow respondd on mesh
 * gluon-status-page-api: allow http input on mesh and client
2017-11-25 23:19:08 +01:00
Matthias Schiffer
7351fb5d4a
gluon-web-network: fix reading "legacy" mode settings from UCI
Fixes #1269
2017-11-25 22:08:58 +01:00
kb-light
f7f659c254
gluon-web-network: make poe_passthrough more generic 2017-11-15 22:45:22 +01:00
Christof Schulze
94e7827ac8
gluon-status-page: improve localization (#1241) 2017-10-31 19:25:27 +01:00
Ruben Barkow
99c405756f gluon-web-theme: allow more width in style for input fields and selectboxes (#1229) 2017-10-14 13:42:24 +02:00
Matthias Schiffer
9324d18fee
gluon-mesh-batman-adv: filter out all packages between bat0 and local-port
Filtering by MAC address won't filter out multicast packages like router
solicitations, causing uradvd to send out router advertisements with
maximum frequency (every 3 seconds) in active meshes, even when no local
client is actually interested in the advertisements.

Fixes #1230
2017-10-03 17:07:42 +02:00
Christof Schulze
86e89a86d1 gluon-mesh-vpn-fastd: make respondd module compile again (#1228)
by moving the declaration of ret to the top of get_fastd()
2017-09-24 23:49:00 +02:00
lemoer
4899dda4af treewide: check for NULL after uci_alloc_context() (#1224) 2017-09-21 20:56:40 +02:00
Matthias Schiffer
9ab93992d1
gluon-autoupdater: mirror URLs must start with http://
The older busybox-based wget erroneously accepted URLs without protocol.
Add validator to avoid building firmwares with broken autoupdates.
2017-09-05 19:04:27 +02:00
Matthias Schiffer
fda2d10b6f
gluon-web-admin: simplify info.html template 2017-08-11 22:09:08 +02:00
Matthias Schiffer
13b325355d
gluon-core: make old site_config library reference new one, not the other way around 2017-08-11 22:07:35 +02:00
Matthias Schiffer
ee6afaced9
treewide: use new gluon.site Lua library
Some files have received some additional refactoring.
2017-08-11 22:07:34 +02:00
Matthias Schiffer
fd36bcce07
gluon-web-admin: fix info.html template indentation 2017-08-11 21:25:46 +02:00
Matthias Schiffer
8dbf3ea568
gluon-mesh-batman-adv: fix radvd start with dns.servers, but without next_node.ip config 2017-08-11 20:56:06 +02:00
Matthias Schiffer
8a41ed05f1
gluon-core: more coding style fixes 2017-08-11 20:28:59 +02:00
kb-light
90305761ce
gluon-core: update lib/gluon/upgrade/150-poe-passthrough for naming within lede 2017-08-11 20:27:51 +02:00
kb-light
949f4b7dd5
gluon-core: lib/gluon/upgrade/150-poe-passthrough: fix indentation 2017-08-11 20:26:08 +02:00
Matthias Schiffer
3df9fcecb0
gluon-core: explicitly disable radios without configuration in site.conf 2017-08-08 14:08:35 +02:00
Matthias Schiffer
293a45456b
gluon-core, gluon-client-bridge: use new gluon.site library in gluon.util
In particular, this affects users of gluon.util.iterate_radios.
2017-08-08 14:07:09 +02:00
Matthias Schiffer
53b6065500
gluon-ebtables-source-filter: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:20 +02:00
Matthias Schiffer
12ec6ab2bc
gluon-mesh-batman-adv: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:20 +02:00
Matthias Schiffer
951f62ac85
gluon-config-mode-*, gluon-web-admin: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:16 +02:00
Matthias Schiffer
eef3bba123
gluon-client-bridge: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:09 +02:00
Matthias Schiffer
1d6e6726d7
gluon-core: use new gluon.site library to avoid 'or {}' syntax 2017-08-08 13:53:02 +02:00
Matthias Schiffer
57adb49de2
gluon-core: add new gluon.site library for convenient access to optional values
The new gluon.site lua library will eventually replace gluon.site_config
(which is hereby deprecated, but will continue to be supported for a
while).

The new gluon.site library will wrap all values to allow traversing
non-existing tables without errors.

    site = require 'gluon.site'
    c = site.a.b.c -- doesn't fail even if a or a.b don't exist

The wrapped values must be unwrapped using call syntax:

    site_name = site.site_name()

Using the call syntax on a non-existing value will return nil. An
alternative default value may be passed instead:

    mac = site.next_node.mac('16:41:95:40:f7:dc')
2017-08-08 13:20:38 +02:00
Matthias Schiffer
73ad23936e
gluon-web-wifi-config: make the code a bit nicer
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:53 +02:00
Matthias Schiffer
0fee6cc707
gluon-web-logging: remove uci:set() nil check
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:53 +02:00
Matthias Schiffer
6884aad788
gluon-core: simplify 820-dns-config code 2017-08-08 04:31:53 +02:00
Matthias Schiffer
cd9ee858b8
gluon-config-mode-geo-location: remove uci:set() nil check
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:53 +02:00
Matthias Schiffer
4f51439167
gluon-config-mode-contact-info: remove uci:set() nil check
simple-uci will now delete an option when nil is passed.
2017-08-08 04:31:52 +02:00
Matthias Schiffer
31721a61f5
gluonc-core: 200-wireless: remove unneeded nil checks for uci:set_list()
uci:set_list() will delete the list when nil is passed, so there is no need
to differentiate between the cases.
2017-08-08 04:31:52 +02:00
Matthias Schiffer
06d0c0f211
gluon-core: fix 200-wireless coding style 2017-08-08 04:31:52 +02:00
Matthias Schiffer
2b9dd54f00
gluon-client-bridge: fix 320-gluon-client-bridge-wireless coding style 2017-08-08 04:31:52 +02:00
Matthias Schiffer
952439885e
gluon-mesh-vpn: fix fastd <-> tunneldigger migration
The generic upgrade script is moved to run after the more specific scripts.
In addition, the script will now remove the configuration sections of
uninstalled VPN packages, so both positive and negative changes of the
default enable state can be migrated correctly.

Based-on-patch-by: Cyrus Fox <cyrus@lambdacore.de>
Fixes: #1187
2017-08-08 01:39:29 +02:00
Matthias Schiffer
a76eaa5c45
gluon-mesh-batman-adv: preserve gw_mode on upgrades
When a Gluon node is used to connect to an uplink router/DHCP server (for
example in deployments without VPN tunnels), the gw_mode must be set to
server; this should be preserved on upgrades.

Fixes #1196
2017-07-25 23:49:11 +02:00
Steffen Förster
582d09615b
gluon-mesh-batman-adv: enable routing algorithm configuration through site.conf
[Matthias Schiffer: move to proto_gluon_bat0_setup() and default to BATMAN_IV]
2017-07-19 17:58:07 +02:00
kb-light
46126de792 Add new package gluon-web-logging (#1153) 2017-07-11 02:58:45 +02:00
Matthias Schiffer
3fd4ee99c3
gluon-l3roamd: fix incorrect dependency
gluon-mesh-babel is not merged yet, and once it is, this would lead to a
circular dependency.
2017-07-09 13:12:58 +02:00
Matthias Schiffer
6ca841bad5
build: introduce GLUON_FEATURES
To reduce the number of packages that need to be listed in
GLUON_SITE_PACKAGES, this adds a new variable GLUON_FEATURES. Sets of
packages are enabled automatically based on the combination of listed
feature flags.

Site-specified package feeds can provide their own feature flag
definitions.
2017-07-09 02:31:38 +02:00
Matthias Schiffer
818705280e
gluon-ebtables-*: add dependency on gluon-mesh-batman-adv
These packages don't work or don't make sense without batman-adv.
2017-07-08 21:23:00 +02:00
Matthias Schiffer
2cd30d644b
Remove redundant virtual packages
As PROVIDES can be used to replace real packages now, we don't need the
virtual packages as workaround anymore. This also means that the providing
packages don't need to be added to site.mk explicitly anymore when the
default provider is used.
2017-07-08 16:34:40 +02:00
Ruben Barkow
84d117ff73
gluon-web-admin: add option to show/hide password-login and add minimum password length 2017-07-07 02:15:52 +02:00