aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* netifd: fix build errorJo-Philipp Wich2016-03-041-1/+1
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48920
* netifd: fix VTI ikey/okey endianessJo-Philipp Wich2016-03-041-2/+2
| | | | | | | | | Ensure that ikey and okey are sent in network byte order to the kernel. Also don't mangle external IP addrs and routes when reconfiguring iinterfaces. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48919
* dnsmasq: add host-specific lease time option for static hostsJohn Crispin2016-02-262-3/+5
| | | | | | | | | | | | | | | | | | | | | | | Enable setting a host-specific lease time for static hosts. The new option is called "leasetime" and the format is similar as for the default lease time: e.g. 12h, 3d, infinite Default lease time is used for all hosts for which there is no host-specific definition. The option is added to /etc/config/dhcp for the selected hosts: config host option name 'Nexus' option mac 'd8:50:66:55:59:7c' option ip '192.168.1.245' option leasetime '2h' It gets appended to /var/etc/dnsmasq.conf like this: dhcp-host=d8:50:66:55:59:7c,192.168.1.245,Nexus,2h Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> SVN-Revision: 48801
* dnsmasq: add dhcp relay optionJohn Crispin2016-02-261-0/+19
| | | | | | Signed-off-by: dbugnar <dnbugnar@ocedo.com> SVN-Revision: 48800
* linux-atm: activate format security checksHauke Mehrtens2016-02-253-14/+20
| | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48786
* ltq-vdsl-app: Enable T1.413 in Annex A xTSE setJohn Crispin2016-02-251-1/+1
| | | | | | | | | Before r47933 Bit 1 (first bit) of xTSE Octet 1 (first octet) defaulted to 1, which allowed T1.413 to operate. Signed-off-by: Jonathan A. Kollasch <jakllsch@kollasch.net> SVN-Revision: 48763
* dnsmasq: export tftp root to the procd jailFelix Fietkau2016-02-251-11/+17
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48761
* dnsmasq: only enable tftp if the tftp root existsFelix Fietkau2016-02-251-1/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48760
* lldp: Upgrade to 0.9.0John Crispin2016-02-181-2/+2
| | | | | | Signed-off-by: Ben Kelly <ben@benjii.net> SVN-Revision: 48738
* vti: fix kmod dependenciesJohn Crispin2016-02-121-2/+2
| | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> SVN-Revision: 48704
* dropbear: honor CONFIG_TARGET_INIT_PATHJo-Philipp Wich2016-02-082-6/+17
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48679
* relayd: update to the latest version, fixes some more connectivity issues ↵Felix Fietkau2016-02-081-2/+2
| | | | | | | | (#21817) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48655
* iptables: using external kernel tree should not alter patch behaviour.Felix Fietkau2016-02-071-4/+0
| | | | | | | | | iptables is the only exception in the package tree, causing patch behaviour to be inconsistent on this package. Signed-off-by: Rick van der Zwet <rick.vanderzwet@anywi.com> SVN-Revision: 48643
* relayd: update to the latest version, fixes route table issues when ↵Felix Fietkau2016-02-051-2/+2
| | | | | | | | connecting to the router Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48635
* swconfig: support setting SWITCH_TYPE_LINK attributesRafał Miłecki2016-02-031-0/+51
| | | | | | | | | | Supported syntax is inspired by ethtool. Example usages: swconfig dev switch0 port 2 set link "duplex half speed 100" swconfig dev switch0 port 2 set link "autoneg on" Signed-off-by: Rafał Miłecki <zajec5@gmail.com> SVN-Revision: 48624
* curl: add support for mbedtlsHauke Mehrtens2016-02-013-1/+17
| | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48615
* curl: update curl to version 7.47.0Hauke Mehrtens2016-02-013-8/+8
| | | | | | | | | | | | | | This fixes the following security problems: CVE-2016-0754: remote file name path traversal in curl tool for Windows http://curl.haxx.se/docs/adv_20160127A.html CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use http://curl.haxx.se/docs/adv_20160127B.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48614
* iproute2: refresh patchesFelix Fietkau2016-02-019-29/+28
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48613
* iproute2: Update to version 4.4Felix Fietkau2016-02-011-2/+2
| | | | | | | | Update iproute2 to latest version 4.4 with full MPLS support. Signed-off-by: André Valentin <avalentin@marcant.net> SVN-Revision: 48612
* gre: Support multicast configurable gre interfacesFelix Fietkau2016-02-011-2/+5
| | | | | | | | | | | UCI paramater multicast is added which allows to toggle multicast support on gre interfaces. By default multicast support is enabled as gre tunnels are often used in combination with routing protocols using multicast. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Nick Podolak <nicholas.podolak@dtechlabs.com> SVN-Revision: 48596
* netifd: update to the latest version, adds many fixesFelix Fietkau2016-02-011-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48595
* firewall: drop invalid by default, remove chain indirection, fix invert ↵Jo-Philipp Wich2016-01-291-3/+3
| | | | | | | | | | | | flags (#21738) * Enable drop_invalid by default to catch unnatted packets (#21738) * Fix processing of inversions for -i, -o, -s, -d and -p flags * Remove delegate_* chain indirection but rely on xt_id to identify own rules Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48551
* hostapd: remove useless TLS provider selection override for ↵Felix Fietkau2016-01-281-2/+1
| | | | | | | | wpad-mesh/wpa_supplicant-mesh Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48537
* hostapd: fix mesh interface bridge handlingFelix Fietkau2016-01-285-10/+22
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48529
* hostapd: fix wpad-mesh and wpa-supplicant-mesh configuration issuesFelix Fietkau2016-01-282-417/+9
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48528
* hostapd: update to version 2016-01-15Felix Fietkau2016-01-2842-945/+243
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48527
* dnsmasq: Don't add local hostname if ula prefix is not specifiedJo-Philipp Wich2016-01-252-3/+3
| | | | | | | | | | | | Commit 6a7e56b adds support for adding local hostname for own lan ula adress but if ula prefix is not specified results into an invalid config (address=/OpenWrt.lan/1) causing dnsmasq not to start up. Use lanaddr6 when adding local hostname as the lan ula address is constructed based on the UCI parameters ip6hint and ip6ifaceid and thus not always ula prefix suffixed with 1 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 48495
* package/uhttpd: generate 2048 bit RSA keyFelix Fietkau2016-01-252-2/+2
| | | | | | | | | | RSA keys should be generated with sufficient length. Using 1024 bits is considered unsafe. In other packages the used key length is 2048 bits. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> SVN-Revision: 48494
* iwinfo: add support for VHT rates to Lua bindingJo-Philipp Wich2016-01-251-1/+1
| | | | | | | | Update to Git HEAD in order to include VHT rate support in the Lua binding. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48488
* iwinfo: add support for VHT ratesJo-Philipp Wich2016-01-251-3/+3
| | | | | | | | | Update to upstream Git HEAD to include VHT rate support and a number of coverity scan fixes. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48487
* iptables: improve iptables listing output of xt_id matchJo-Philipp Wich2016-01-242-4/+14
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 48478
* linux-atm: add missing br2684ctl patch chunkFelix Fietkau2016-01-231-0/+9
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48458
* ltq-vdsl-app: mask out VDSL bits when ATM is selected, fixes compatibility ↵Felix Fietkau2016-01-231-2/+5
| | | | | | | | issues with some DSLAMs Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48457
* qos-scripts: bump versionFelix Fietkau2016-01-221-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48455
* qos-scripts: Add IPv6 supportFelix Fietkau2016-01-222-28/+64
| | | | | | | | | | | | | | | This adds IPv6 support to qos-scripts for both tc/qdisc and the iptables classification rules. The tc/qdisc part is accomplished by removing "protocol ip" from the tc command line, causing the rule to be applied to all protocols. The iptables part is accomplished by adding each rule using both iptables and ip6tables. This patch is based on previous work by Ilkka Ollakka and Dominique Martinet. Signed-off-by: Michael Marley <michael@michaelmarley.com> SVN-Revision: 48452
* qos-scripts: Allow classification by the traffic's source interfaceFelix Fietkau2016-01-211-0/+3
| | | | | | | | | | | This adds a "srciface" option that can be used on classification rules in /etc/config/qos. This is useful to allow prioritization based on the local network from which the traffic originates, for example to deprioritize traffic from a guest network. Signed-off-by: Michael Marley <michael@michaelmarley.com> SVN-Revision: 48446
* qos-scripts: stop overriding tx queue lengthFelix Fietkau2016-01-211-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48445
* netifd: update to the latest version, adds a cosmetic fix for a wpa related ↵Felix Fietkau2016-01-201-2/+2
| | | | | | | | variable Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48397
* 6in4: use uclient-fetch instead of wget/curlFelix Fietkau2016-01-202-24/+7
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48391
* qos-scripts: Fix classification of ingress trafficFelix Fietkau2016-01-191-1/+1
| | | | | | | | | | | Set the save-mark mask for the qos_${cg} chain to 0xff instead of 0xf0. With the old value, the nibble that was saved would be masked during the restore, preventing ingress traffic from being classified. Thanks to nbd for recommending the fix. Signed-off-by: Michael Marley <michael@michaelmarley.com> SVN-Revision: 48388
* uhttpd: fix typo in default config for px5gFelix Fietkau2016-01-191-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48385
* Revert "6in4: Corrected tunnelbroker tunnel update URL"Jo-Philipp Wich2016-01-192-2/+2
| | | | | | | | | The auth change appears to break the endpoint update for most users and with my local tests the old update url works just fine. This reverts commit 99c03a88cb6fed0519efdfaac305794653a12542. SVN-Revision: 48384
* wpa_supplicant: add support for EAP-TLS phase2Felix Fietkau2016-01-191-2/+12
| | | | | | | | | Introduce config options client_cert2, priv_key2 and priv_key2_pwd used for EAP-TLS phase2 authentication in WPA-EAP client mode. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 48345
* hostap/wpa_supplicant: enable EAP-FAST in -full buildsFelix Fietkau2016-01-192-0/+6
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 48344
* uhttpd: add option for mbedtlsFelix Fietkau2016-01-191-0/+4
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 48343
* br2684ctl: resolve a boot time race condition with nas0 bringup by using ↵Felix Fietkau2016-01-183-13/+7
| | | | | | | | explicit notification when init is done Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48321
* br2684ctl: add support for notifying nas* bringup via a scriptFelix Fietkau2016-01-181-0/+54
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48320
* firewall: add CONFIG_IPV6 to PKG_CONFIG_DEPENDS to fix a rebuild errorFelix Fietkau2016-01-181-0/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48315
* iptables: fix rebuild errors on configuration changesFelix Fietkau2016-01-181-0/+14
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48314
* wpa_supplicant: improve generating phase2 config line for WPA-EAPFelix Fietkau2016-01-181-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WPA-EAP supports several phase2 (=inner) authentication methods when using EAP-TTLS, EAP-PEAP or EAP-FAST (the latter is added as a first step towards the UCI model supporting EAP-FAST by this commit) The value of the auth config variable was previously expected to be directly parseable as the content of the 'phase2' option of wpa_supplicant. This exposed wpa_supplicant's internals, leaving it to view-level to set the value properly. Unfortunately, this is currently not the case, as LuCI currently allows values like 'PAP', 'CHAP', 'MSCHAPV2'. Users thus probably diverged and set auth to values like 'auth=MSCHAPV2' as a work-around. This behaviour isn't explicitely documented anywhere and is not quite intuitive... The phase2-string is now generated according to $eap_type and $auth, following the scheme also found in hostap's test-cases: http://w1.fi/cgit/hostap/tree/tests/hwsim/test_ap_eap.py The old behaviour is also still supported for the sake of not breaking existing, working configurations. Examples: eap_type auth 'ttls' 'EAP-MSCHAPV2' -> phase2="autheap=MSCHAPV2" 'ttls' 'MSCHAPV2' -> phase2="auth=MSCHAPV2" 'peap' 'EAP-GTC' -> phase2="auth=GTC" Deprecated syntax supported for compatibility: 'ttls' 'autheap=MSCHAPV2' -> phase2="autheap=MSCHAPV2" I will suggest a patch to LuCI adding EAP-MSCHAPV2, EAP-GTC, ... to the list of Authentication methods available. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 48309
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 20:30:41 +0000