summaryrefslogtreecommitdiff
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* package/lantiq: make lantiq kernel modules work with xway_legacyJohn Crispin2016-06-131-2/+2
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* openvpn: update to 2.3.11Magnus Kroken2016-06-133-4/+25
| | | | | | | | | | Security fixes: * Fixed port-share bug with DoS potential * Fix buffer overflow by user supplied data Full changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.11 Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* package/*: update git urls for project reposJohn Crispin2016-06-138-8/+8
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* swconfig: improve failure reportingJo-Philipp Wich2016-06-112-7/+7
| | | | | | Report the translated error to the user if a get/set netlink operation failed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: support hostid ipv6 address suffix optionKevin Darbyshire-Bryant2016-06-101-1/+29
| | | | | | | | | | | | | | | | | | | | | | Add support for hostid dhcp config entry to dnsmasq. This allows specification of dhcpv6 hostid suffix and works in the same way as odhcpd. Entries in auto generated dnsmasq.conf should conform to: dhcp-host=mm:mm:mm:mm:mm:mm,IPv4addr,[::V6su:ffix],hostname example based on sample config/dhcp entry: config host option name 'Kermit' option mac 'E0:3F:49:A1:D4:AA' option ip '192.168.235.4' option hostid '4' dhcp-host=E0:3F:49:A1:D4:AA,192.168.235.4,[::0:4],Kermit Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* dnsmasq: Add option --max-portHans Dedecker2016-06-101-0/+1
| | | | | | | | | By default dnsmasq uses random ports for outbound dns queries; when the maxport UCI option is specified the ports used will always be smaller than the specified value. This is usefull for systems behind firewalls. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* xtables-addons: add missing dependencyFelix Fietkau2016-06-091-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* xtables-addons: update to 2.11Dirk Neukirchen2016-06-073-60/+8
| | | | | | | | | | | | - fix compilation w. Kernel 4.6 due to hash->shash crypto API - remove a patch integrated upstream - remove unrecognized configure option removed upstream in 2010 commit 40d0345f1ed02de183b13a6ce38847bc1f4ac48e Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* openvpn: add support for tls-version-minMatteo Panella2016-06-072-2/+2
| | | | | | | | | | | | | Currently, the uci data model does not provide support for specifying the minimum TLS version supported in an OpenVPN instance (be it server or client). This patch adds support for writing the relevant option to the openvpn configuration file at service startup. Signed-off-by: Matteo Panella <morpheus@level28.org> [Jo-Philipp Wich: shorten commit title, bump pkg release] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-0743-46/+46
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-0729-30/+30
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iproute2: Add support for cake qdiscHannu Nyman2016-06-062-1/+670
| | | | | | | | | | | | | | | Add cake support to 'tc' in iproute2 - Use a patch to modify tc instead of adding a new tc-adv package. Patch creates q_cake.c that matches commit https://github.com/dtaht/tc-adv/commit/3314230bc47328bc9b44faacaad8210065ef98b7 - Do not include the other things from tc-adv (cake0, cake2, pie etc.). V2 - KDB Small update to base on latest cake tc changes (wash option deprecated) V3 - KDB Move kmod-sched-cake package to kernel as is kernel related v4 - KDB Split into individual patches, tc & kmod Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* netifd: update to the latest versionFelix Fietkau2016-06-061-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: remove unrecognized optionDirk Neukirchen2016-06-011-1/+0
| | | | | | | | removed upstream in https://github.com/OpenVPN/openvpn/commit/9ffd00e7541d83571b9eec087c6b3545ff68441f now its always on Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* lantiq: fix segfault inside ltq-adsl-appDaniel Gimpelevich2016-05-271-0/+65
| | | | Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
* iproute2: Use URL aliasDaniel Engberg2016-05-241-1/+1
| | | | | | Remove hardcoded URLs and use alias instead. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* iw: Use URL aliasDaniel Engberg2016-05-241-1/+1
| | | | | | Remove hardcoded URL and use alias instead. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* dropbear: Fix incorrect CONFIG_TARGET_INIT_PATH.Dario Ernst2016-05-241-2/+2
| | | | | | | Fix a „semantic typo“ introduced in b78aae793e20e06defa1e75ab4d30dbb6807c139, where TARGET_INIT_PATH was used instead of CONFIG_TARGET_INIT_PATH. Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
* dnsmasq: Set the default dhcp lease file and resolv fileDaniel Dickinson2016-05-241-4/+12
| | | | | | | | Instead of making assumptions about the leasefile and resolv file make sure we use what the user configures, but fall back to defaults if no configuration is specified Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
* dnsmasq: update to dnsmasq v2.76Kevin Darbyshire-Bryant2016-05-244-10/+28
| | | | | | | Update to dnsmasq2.76. Refresh patches. Add new patch to fix musl 'poll.h' location warning. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* mdns: update to latest git HEADJohn Crispin2016-05-231-2/+2
| | | | | | * fixes loopback handling Signed-off-by: John Crispin <john@phrozen.org>
* uhttpd: use configured distribution name for SSL certificate CNFelix Fietkau2016-05-212-1/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* curl: remove axtls config option, the library does not exist in our treeFelix Fietkau2016-05-192-6/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* curl: update to 7.49Dirk Neukirchen2016-05-194-40/+14
| | | | | | | | | | | | | | | | fixes: CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL - remove crypto auth compile fix curl changelog of 7.46 states its fixed - fix mbedtls and cyassl usability #19621 : add path to certificate file (from Mozilla via curl) and provide this in a new package tested on ar71xx w. curl/mbedtls/wolfssl Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.timeKevin Darbyshire-Bryant2016-05-192-0/+18
| | | | | | | | | | | | conditionally save dnsmasq.time across sysupgrade dnsmasq uses /etc/dnsmasq.time as record of the last known good system time to aid its validation of dnssec timestamps. dnsmasq updates the timestamp on process start/stop once it considers the system time as valid. The timestamp file should be preserved across system upgrade but should not be included as part of normal configuration backups to prevent restores corrupting the current timestamp. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* Revert "dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time"Jo-Philipp Wich2016-05-192-18/+0
| | | | | | | | This reverts commit d830cb08826dc593406d9003d061016061b6c3c4. Reverting this commit due to a missing Signed-off-by. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.timeKevin Darbyshire-Bryant2016-05-182-0/+18
| | | | | | | | | | conditionally save dnsmasq.time across sysupgrade dnsmasq uses /etc/dnsmasq.time as record of the last known good system time to aid its validation of dnssec timestamps. dnsmasq updates the timestamp on process start/stop once it considers the system time as valid. The timestamp file should be preserved across system upgrade but should not be included as part of normal configuration backups to prevent restores corrupting the current timestamp.
* iw: refresh patchesFelix Fietkau2016-05-154-25/+11
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: update to wireless-testing 2016-05-12Felix Fietkau2016-05-151-6/+267
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dropbear: update to 2016.73Jo-Philipp Wich2016-05-136-28/+18
| | | | | | | | | | | | | Update the dropbear package to version 2016.73, refresh patches. The measured .ipk sizes on an x86_64 build are: 94588 dropbear_2015.71-3_x86_64.ipk 95316 dropbear_2016.73-1_x86_64.ipk This is an increase of roughly 700 bytes after compression. Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iperf: Drop single-threaded variantBert Vermeulen2016-05-122-50/+4
| | | | Signed-off-by: Bert Vermeulen <bert@biot.com>
* iperf: Upgrade to version 2.0.8Bert Vermeulen2016-05-122-104/+5
| | | | | | | | | | | | | | The original iperf package is unmaintained. This switches to the "iperf2" project on sourceforge, a fork that started where the previous iperf left off. Version 2.0.8 fixes the issue that patch 002 handled, so that can be dropped. Due to a faulty check in configure.ac, this version needs _GNU_SOURCE defined to build properly against musl. Various other obsolete build options were also removed. Signed-off-by: Bert Vermeulen <bert@biot.com>
* global: change my email addressJohn Crispin2016-05-124-4/+4
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* dropbear: Add --disable-utmpx againHans Dedecker2016-05-121-0/+1
| | | | | | | The option --disable-utmpx was deleted by accident in commit 7545c1d; add it again to the CONFIGURE_ARGS list Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: Remove hardcoded DHCP release optionHans Dedecker2016-05-111-1/+1
| | | | | | | Remove the udhcpc -R release option as sending a DHCP release is configurable via the uci option release. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iftop: Update to latest version, and drop patchBert Vermeulen2016-05-102-14/+2
| | | | | | | The patch made sure the ncursesw library was not selected to save space, but that library doesn't exist in this distribution at all. Signed-off-by: Bert Vermeulen <bert@biot.com>
* firewall3: fix mark rules for local traffic, fix race conditionJo-Philipp Wich2016-05-021-3/+4
| | | | | | | Update to latest HEAD in order to fix MARK rule generation for local traffic, also fix a possible race condition during firewall start. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* xtables-addons: Avoid redefinition of SHRT_MAX in lua packet scriptHans Dedecker2016-05-021-3/+6
| | | | | | | | Patch Lua packet script defines SHRT_MAX which is already defined in <linux/kernel.h> and is included indirectly by lauxlib.h. Fix the redefintion as it leads to compile failure on systems which treat macro redefinition as an error Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ppp: Add ppp-mod-passwordfd subpackage to pppHans Dedecker2016-04-281-1/+19
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: Add conntrack support in the full variantHans Dedecker2016-04-281-6/+12
| | | | | | | | | | Conntrack support reads the connection track mark associated with incoming DNS queries and sets the same mark value on the upstream forwarded DNS query. This can be usefull to track traffic generated by dnsmasq to associate it with the clients who generate the queries, usefull for bandwidth accouting and firewall. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dropbear: Add procd interface triggers when interface config is specifiedHans Dedecker2016-04-282-2/+22
| | | | | | | | | A dropbear instance having an interface config won't start if the interface is down as no IP address is available. Adding interface triggers for each configured interface executing the dropbear reload script will start the dropbear instance when the interface is up. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iproute2: Add package for nstat utilityHans Dedecker2016-04-281-0/+11
| | | | | | Add support for the command line utility nstat displaying network statistics Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dropbear: Make utmp and putuline support configurable via seperate config ↵Hans Dedecker2016-04-282-3/+17
| | | | | | | | | options Utmp support tracks who is currenlty logged in by logging info to the file /var/run/utmp (supported by busybox) Putuline support will use the utmp structure to write to the utmp file Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: Add configurable DHCP release behaviorHans Dedecker2016-04-281-3/+5
| | | | | | | Make sending a DHCP release configurable when the client exits allowing to clean up IP/mac state info in intermediate devices. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* xtables-addons: Fix Lua packet script implementationHans Dedecker2016-04-281-0/+15
| | | | | | | | | | lua_packet_segment parameter start has type char pointer; in function lua_tg it's assigned an uint16 value generating compiler warnings obviously indicating posssible seg fault problems. Fix the issue by using the correct skb functions so the parameter points to the position inside the sk_buff Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Stijn Cleynhens <stijn.cleynhens@gmail.com>
* package: flag further target specific packages as nonsharedJo-Philipp Wich2016-04-261-0/+2
| | | | | | | Add nonshared flag to package depending on specific targets or subtargets as there's no guarantee otherwise that they'll be available in the shared repo. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* netifd: Send DHCP release when client exitsHans Dedecker2016-03-311-1/+1
| | | | | | | | Let DHCP client send a release when it exists so the DHCP server is informed the IP address is released and allowing to clean up IP/mac state info in intermediate devices. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: fix default ip rulesJo-Philipp Wich2016-03-311-2/+2
| | | | | | | Update to latest HEAD in order to remove the faulty "prelocal" ip rule leading to unexpected policy rule precedence. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* branding: add LEDE brandingJohn Crispin2016-03-2410-16/+16
| | | | Signed-off-by: John Crispin <blogic@openwrt.org>
* dnsmasq: run as dedicated UID/GIDJohn Crispin2016-04-262-2/+5
| | | | | | | | | | | Running dnsmasq in a dedicated user/group allows matching its outgoing traffic more easily using iptables' owner match. Add UID/GID to the package metadata and append the user/group parameters to the init script. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 49252