Commit Graph

289 Commits (90283e410bd6227125427f0f240b87ecd1cc4e1c)

Author SHA1 Message Date
Jo-Philipp Wich a6a142caf6 firewall: respect src_dip option for reflection (#18544)
Also fix wrong IPv4 netmask calculation on x86-64, thanks Ulrich Weber.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43874
2015-01-08 16:10:46 +00:00
Jo-Philipp Wich 7f6af5ddc9 qos-scripts: bump PKG_REVISION and copyright year
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43860
2015-01-06 12:42:38 +00:00
Steven Barth 4746ffd7a6 netifd: minor fixes, add mldversion option
thanks to Hans Dedecker

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43771
2014-12-23 13:34:04 +00:00
Steven Barth f565e0598d netifd: Set source IP for DHCP static routes as well
Commit ce92f6650bd8a86db04c7a6cbb58e7fdb200a7e6 added source IP support
for DHCP default routes. As a side effect of this change the default route
could be present twice in netifd (once with source IP set and once with
source IP unset) if it was sent by the server in both the router and static
route options. Therefore add source IP support as well for static routes as this
case was not considered. Additional remove unused parameter type.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 43645
2014-12-12 09:39:07 +00:00
Steven Barth 1f4ddec7f2 netifd: several fixes and optimizations
Thanks to Hans Dedecker and Kristian Evensen

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43583
2014-12-08 17:43:14 +00:00
Steven Barth 15d67644f1 This patch depends on "Pass source address to proto_add_ipv4_route".
I have not found a scenario that would break by setting the source address on
default, but please let me know if any special considerations should be taken.

Signed-off-by: Kristian Evensen <kristian.evensen at gmail.com>

SVN-Revision: 43582
2014-12-08 17:43:03 +00:00
Felix Fietkau 62c33d9f62 qos-scripts: fix insmod commands
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43562
2014-12-08 12:03:47 +00:00
Steven Barth 200c30b426 netifd: correctly handle source-parameter for IPv4 routes
Thanks to Kristian Evensen

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43400
2014-11-27 07:26:10 +00:00
Felix Fietkau 185172bdd3 netifd: update to the latest version, fixes issues when changing a bridge member from a vlan to its base device (#18351)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43346
2014-11-23 16:07:00 +00:00
Steven Barth 047f1c8dca netifd: fix race, expose config options
Thanks to Hans Dedecker

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43299
2014-11-19 08:31:13 +00:00
Steven Barth 990b501ec4 netifd: fix default ORO-setting for 6rd
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43214
2014-11-08 12:24:49 +00:00
John Crispin 74a3a77bcd license info - revert r43155
turns out that r43155 adds duplicate info.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43167
2014-11-03 09:56:44 +00:00
John Crispin c10d97484a Add more license tags with SPDX identifiers
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.

I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.

However, I can not garantee that I always picked the correct information
and/or did not miss license information.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 43155
2014-11-03 08:01:08 +00:00
Steven Barth bec9d38fa4 Add a few SPDX tags
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43151
2014-11-02 12:20:54 +00:00
John Crispin 26e308019d ltq-vdsl-app: use VDSL tone-setup if annex is unset
I had to use a VDSL-only tone-setup to get show-time.
Handle this in uci by checking if annex is unset.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 43114
2014-10-30 08:08:01 +00:00
Felix Fietkau 3cefd0af7d netifd: update to the latest version, fixes a use-after-free bug
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43044
2014-10-24 13:04:12 +00:00
Felix Fietkau 188eb85f5b netifd: update to the latest version, fixes link status handling on VLAN devices (#18106)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43007
2014-10-20 20:09:35 +00:00
John Crispin 20940138ac scripts: fix wrong usage of '==' operator
[base-files] shell-scripting: fix wrong usage of '==' operator

normally the '==' is used for invoking a regex parser and is a bashism.
all of the fixes just want to compare a string. the used busybox-ash
will silently "ignore" this mistake, but make it portable/clean at least.

this patch does not change the behavior/logic of the scripts.

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 42911
2014-10-14 12:21:11 +00:00
Steven Barth 9106cc0af9 netifd: Make mtu configurable of dynamic 6rd tunnel interface
Patch allows to configure the mtu of the dynamic 6rd tunnel interface when created by dhcp script.
In some setups it's desirable to have config control over the 6rd tunnel mtu to maximize the traffic throughput

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 42871
2014-10-12 12:27:21 +00:00
Steven Barth 36b05bbed3 IPIP: IP in IP package support
The package supports IP in IP by registering the ipip protocol handler

Following options are configurable
    -peeraddr (IPv4 remote address)
    -ipaddr (IPv4 local address)
    -ttl (time to live of encapsulating packet)
    -tos (type of service of encapsulating packet either inherit (outer header inherits the value of the inner header) or hex value)
    -df (don't fragment flag of encapsulating packet)
    -mtu (IPIP tunnel mtu)
    -tunlink (bind tunnel to this interface)
    -zone (firewall zone to which the IPIP tunnel will be added)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 42746
2014-10-02 19:37:36 +00:00
Steven Barth 73179a188c netifd: fix an error message during network shutdown
When 'wifi down' is called by /etc/init.d/network, it is run from
stop_service( ). This function is in turn invoked from stop( ).
stop( ) messes up the order by first procd_kill-ing the network
settings, then calling wifi to down the wifi networking
interfaces. By redefining stop( ) instead, the proper order is
restored.

Signed-off-by: Michel Stam <m.stam@fugro.nl>

SVN-Revision: 42745
2014-10-02 19:37:25 +00:00
Steven Barth 1c166058df netifd: add IPIP tunnel support (thx Hans Dedecker)
SVN-Revision: 42744
2014-10-02 19:37:17 +00:00
Steven Barth 6e2262898f GRE: Tos support
Tos support is added as a generic grev4/grev6 parameter which can have the following values :
     -inherit (outer header inherits the tos value of the inner header)
     -hex value

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 42700
2014-09-29 18:00:02 +00:00
Steven Barth 30912c5d81 netifd: add support for promisc and GRE tos option
SVN-Revision: 42699
2014-09-29 17:59:50 +00:00
Jo-Philipp Wich 68147004e2 firewall: allow '*' as synonym for any / all in family and proto options
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 42620
2014-09-19 18:18:58 +00:00
Jo-Philipp Wich 36e2179c10 firewall: fix heap corruption in fw3_bitlen2netmask() with IPv6 addresses
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 42610
2014-09-18 12:05:12 +00:00
Jo-Philipp Wich cbf50a0ffd firewall: fix invalid memory access when processing /128 IPv6 addresses from ubus, properly emit REDIRECT rules for local port forwards
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 42604
2014-09-17 22:09:52 +00:00
John Crispin 50d313f409 lantiq: revert vr9 driver update as it causes problems
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42556
2014-09-15 16:19:33 +00:00
Felix Fietkau 8d699086c3 qos-scripts: disable fq_codel ecn by default to improve compatibility
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42479
2014-09-11 23:13:24 +00:00
John Crispin e9dab2de72 lantiq: update to a newer versions of the vr9 drivers
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42478
2014-09-11 18:22:31 +00:00
Steven Barth bd74df01b1 netifd: work-around kernel IPv6 on-link route issue
SVN-Revision: 42439
2014-09-08 14:45:56 +00:00
Felix Fietkau 008c7a9e5a netifd: update to the latest version, adds interface cleanup fixes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42345
2014-08-31 13:09:01 +00:00
Felix Fietkau ba62bcbf24 netifd: update to the latest version, fixes proto-shell teardown after renew
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42344
2014-08-31 12:26:26 +00:00
John Crispin 2ae05c57f8 package/*: remove useless explicit set of function returncode
somebody started to set a function returncode in the validation
stuff and everybody copies it, e.g.

myfunction()
{
	fire_command

	return $?
}

a function automatically returns with the last returncode,
so we can safely remove the command 'return $?'. reference:

http://tldp.org/LDP/abs/html/exit-status.html
"The last command executed in the function or script determines the exit status."

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 42278
2014-08-25 06:35:50 +00:00
John Crispin b9ea44f947 firewall: the firewall did not start properly on boot
https://dev.openwrt.org/ticket/17593

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42233
2014-08-21 09:53:25 +00:00
Steven Barth 92ef017054 netifd: assign ipv6-prefixes with length <64 with /64 on-link routes
SVN-Revision: 42161
2014-08-13 14:57:11 +00:00
Jo-Philipp Wich aa9e69908e firewall: fix potential NULL pointer access
Properly skip struct ifaddr entries with NULL ifa_addr, thanks Kostas Papadopoulos for reporting.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 42138
2014-08-11 17:45:18 +00:00
Jo-Philipp Wich fa37594f50 firewall: implement selective conntrack flushing (#10225)
Utilize the new selective conntrack flushing facility to clear
out active conntrack entries referring to old IP addresses after
a firewall reload.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 42114
2014-08-11 09:41:20 +00:00
Steven Barth b95b4ede4c netifd: unblock some proto shell actions in teardown state
SVN-Revision: 42032
2014-08-07 10:21:08 +00:00
Steven Barth 6656292619 netifd: disable ds-lite, map & gre for old kernels
this unbreaks netifd compilation on old kernels

SVN-Revision: 42019
2014-08-06 19:57:19 +00:00
Steven Barth 1e6ab23098 netifd: minor fixes (thanks Hans Dedecker)
SVN-Revision: 42000
2014-08-05 10:03:10 +00:00
Steven Barth bc0acb9db9 gre: Change hostdependcy to remote endpoint tunnel address
Depend on the GRE tunnel peeraddr to trigger setup of the tunnel interface.
Addresses the issue reported in https://lists.openwrt.org/pipermail/openwrt-devel/2014-August/027201.html

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41998
2014-08-05 09:57:55 +00:00
Steven Barth 7dabdbde78 gre: Generic Routing Encapsulation package support
The package supports Generic Routing Encapsulation support by registering following protocol kinds:
    -gre
    -gretap
    -grev6
    -grev6tap

Following options are valid for gre and gretap kinds:
    -ipaddr
    -peeraddr
    -df
    -mtu
    -ttl
    -tunlink
    -zone
    -ikey
    -okey
    -icsum
    -ocsum
    -iseqno
    -oseqno

The gretap kind supports additionally the network option

Following options are valid for grev6 and grev6tap kinds:
    -ip6addr
    -peer6addr
    -weakif
    -mtu
    -ttl
    -tunlink
    -zone
    -ikey
    -okey
    -icsum
    -ocsum
    -iseqno
    -oseqno

The grev6tap kind supports additionally the network option

Typical network config for a GREv4 tunnel :

config interface 'gre'
        option peeraddr '172.16.18.240'
        option mtu '1400'
        option proto 'gre'
        option tunlink 'wan'
        option zone 'tunnel'

Typical network config for a GREv4 tap tunnel :

config interface 'gretap'
        option peeraddr '195.207.5.79'
        option mtu '1400'
        option proto 'gretap'
        option zone 'tunnel'
        option tunlink 'wan'
        option network 'wlan_ap'

I added myself as maintainer for the moment; feel free to change.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41897
2014-07-30 13:22:24 +00:00
Steven Barth e413bb0e7e netifd: fixes and GRE support (thx Hans Dedecker)
SVN-Revision: 41896
2014-07-30 13:21:52 +00:00
Steven Barth 86671615de netifd: suppress fw3 warnings in dhcp script
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 41892
2014-07-30 13:17:56 +00:00
Steven Barth 6a50e69b21 netifd: more race condition fixes in proto-shell
SVN-Revision: 41887
2014-07-29 17:24:23 +00:00
Steven Barth 7f17639742 netifd: more dynamic interface improvements
SVN-Revision: 41862
2014-07-28 20:35:53 +00:00
Felix Fietkau 76d7397bc2 netifd: fix a small issue in r41831
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41836
2014-07-26 14:35:15 +00:00
Felix Fietkau ee4f8c8b99 netifd: update to the latest version, fixes a race condition with renew/setup
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41831
2014-07-26 01:46:34 +00:00
Steven Barth ae50480d77 netifd: Fix some race-conditions in interface handling
SVN-Revision: 41825
2014-07-24 22:05:19 +00:00