Commit Graph

535 Commits

Author SHA1 Message Date
John Crispin
4cac13f8e2 Revert "xtables-addons: fix nathelper-rtsp dependencies"
This reverts commit e2ef80130e.

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-23 09:54:53 +02:00
Philip Prindeville
e2ef80130e xtables-addons: fix nathelper-rtsp dependencies
Both nf_conntrack and nf_nat need to be called out.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-08-22 21:31:39 +02:00
Hauke Mehrtens
779227d5ee nftables: remove date from version
We are using the normal 0.7 version of nftables, do not add an
additional date to the version number.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-08-09 23:20:56 +02:00
Daniel Engberg
911331ad0f tcpdump: Update to 4.9.1
Update tcpdump to 4.9.1

Fixes:
 * CVE-2017-11108: Fix bounds checking for STP.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-07-28 23:07:00 +02:00
Alexandru Ardelean
d9f7ae6cdb ipset: split libipset as a subpackage
Intent is to link against it, and have the option to
not install the ipset utility (if needed).

One example/use-case is keepalived (from package)
feeds, where it would be nice to just depend on a
`libipset` (sub)package.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-07-21 15:12:48 +02:00
Nick Brassel
eaf6f1532d nftables: Update to 0.7
Updated nftables to latest.

Signed-off-by: Nick Brassel <nick@tzarc.org>
2017-07-15 00:17:49 +02:00
Alif M. Ahmad
683e73735e
curl: bump to version 7.54.1
Upgrade the curl package to latest version. Patches refreshed.

Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
2017-07-14 03:10:38 +02:00
Alin Nastac
d8748e537f netfilter: add iptables-mod-rpfilter package
Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw
-I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to
become full when a packet flood with randomly selected source IP addresses
is received from the lan side.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2017-07-11 22:09:57 +02:00
Kevin Darbyshire-Bryant
a4198f8c8d iproute2: bump to 4.11
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-30 14:00:31 +02:00
Filip Moc
43e4e1f4a5 Move enablemodem from ramips to new package adb-enablemodem and make it used also by TL-MR6400
Signed-off-by: Filip Moc <lede@moc6.cz>
2017-05-27 07:54:40 +02:00
Felix Fietkau
c2dc7321d7 iptables: fix typos in 600-shared-libext.patch (FS#711)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:30:36 +02:00
Giuseppe Lippolis
4ba2f4dc63 DWR-512: adding wwan support for the dwr-512 3G modem
This PR allow the 3G modem embedded in the DWR-512 to be managed
by the wwan-ncm scripts. The modem will use the usb-option and
usb-cdc-ether drivers.
The DWR-512 DT is updated accordingly.

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
2017-05-25 19:01:08 +02:00
Giuseppe Lippolis
db776c01e1 comgt-3g: enable modem before to setpin
some modems needs to be enabled with CFUN=1 before to set the pin

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
2017-05-18 07:07:00 +02:00
Daniel Engberg
89807b627f network/utils/curl: Update to 7.54.0
Update curl to 7.54.0
Update and fresh patches

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-16 16:58:15 +02:00
Daniel Engberg
ea2927e1ea network/utils/ipset: Update to 6.32
Update ipset to 6.32

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-05-16 16:58:07 +02:00
Yousong Zhou
9b4c41524f iproute2: bump PKG_RELEASE
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:45:42 +08:00
Yousong Zhou
cfa5865187 iproute2: add ip-tiny, ip-full as alternatives of /sbin/ip
They will not be in conflict anymore ;)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:36 +08:00
Ansuel Smith
e80a041348 iptables: fix wrong depends for nftables support (FS#707)
The dep for the nftables support was wrong, if someone actually enable
that option gain a compilation error. This fix this problem.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-04-22 21:33:46 +02:00
Felix Fietkau
5e2d15b4a6 iptables: set ABI_VERSION to force rebuild of dependent packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-12 10:51:36 +02:00
Ansuel Smith
98e43b13a7 iptables: bump to 1.6.1
Switch to git repo
Removed musl patch
Refreshed existing patch

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
2017-04-12 10:51:29 +02:00
Hans Dedecker
fc859fb44b iproute2: add libgenl.h and ll_map.h to InstallDev section
Commit f4e312ddf8 adds libnetlink to
staging dir but did not add the header files libgenl.h and ll_map.h
which define functions belonging to libnetlink lib

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-08 20:53:44 +02:00
Matthias Schiffer
ea1855949b
iw: enable MESH ID in scan output
Make scan output useful for 802.11s meshes. The common print_ssid function
is used, so this doesn't add any additional code.

Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-03-25 13:46:21 +01:00
Daniel Engberg
fd95397ee3 utils/tcpdump: Rework URLs
Add actual mirror and use main site as last resport
Source: http://www.tcpdump.org/mirrors.html

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-03-22 09:16:23 +01:00
Daniel Engberg
17987b9fa4 iperf3: Update to 3.1.7
Update iperf3 to 3.1.7

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-03-20 08:25:33 +01:00
Yousong Zhou
312b9dcd65 iproute2: fix ip monitor can't work when NET_NS is not enabled
The bug appeared in v4.1.0 and was fixed since v4.8.0

Fixes FS#620

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-03-19 12:41:13 +08:00
Daniel Engberg
902590e175 curl: Adjust URLs
Update mirror list, add main site as last resort
Source: https://github.com/curl/curl-www/blob/master/latest.pl

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-03-15 22:49:09 +01:00
Felix Fietkau
2f09a1e3c9 iwcap: fix handling kill signal during dump
Do not run another loop iteration before checking the stop flag

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-14 13:29:03 +01:00
Hauke Mehrtens
c481774298 curl: update to version 7.53.1
This fixes the following security problem:
* CVE-2017-2629 SSL_VERIFYSTATUS ignored

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-03-13 21:03:07 +01:00
Felix Fietkau
055e9dfb58 xtables-addons: fix build error on ARC
The kernel unconditionally pulls in a header file that defines
'current', which conflicts with the lua extension code.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-12 15:06:50 +01:00
Florian Fainelli
30159b3886 rssileds: Fix build with external toolchains
Pass down TARGET_CPPFLAGS for path to header files, and append the
libraries we depend on in TARGET_LDFLAGS. Put TARGET_LDFLAGS at the end
of the command line as is required by modern GCC/binutils.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-03-01 17:19:52 -08:00
Hsing-Wang Liao
a29163faab wireless-tools: Change download url to github
Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
2017-02-28 20:22:10 +01:00
Kevin Darbyshire-Bryant
c8ac9c09f9 iftop: bump to latest upstream
Drops a LEDE carried patch now upstream.
Convert to autotools.
A number of nits fixed upstream (dns & short packet handling most
notable)

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-26 08:41:08 +01:00
Felix Fietkau
3e41afda56 iw: sync nl80211.h with mac80211 package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 12:17:45 +01:00
Ansuel Smith
d1a75c5161 ebtables: update to last commit
Refreshed patches

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-02-15 11:28:57 +01:00
Felix Fietkau
c22255e50e tcpdump: fix tcpdump-mini build on glibc 2.25
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:24 +01:00
Daniel Engberg
2faa1edd91 iperf3: Update to 3.1.6
Update to 3.1.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-02-09 12:26:36 +01:00
Hauke Mehrtens
985c90d102 tcpdump: update to version 4.9.0
This fixes the following 41 security problems:
 + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
 + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
 + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
 + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
 + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
 + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
 + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
 + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
 + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
 + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
 + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
 + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
 + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
 + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
 + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
 + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
 + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
 + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
 + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
 + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
 + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
 + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
 + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
 + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
 + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
 + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
 + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
 + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
 + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
 + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
 + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
 + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
 + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
 + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
 + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
 + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
 + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().

The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk

old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-06 22:33:58 +01:00
Felix Fietkau
a112786acb xtables-addons: update to version 2.12
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:53 +01:00
Kevin Darbyshire-Bryant
bdd1fad9e3 iproute2: cake: update cake support
Updated cake's tc patch to match the official cake repository
formatting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-30 16:30:41 +01:00
Kevin Darbyshire-Bryant
a40f3f90d6 iproute2: cake: add 'mpu' minimum packet length support
Add 'mpu' minimum length packet size parameter for scheduling/bandwidth
accounting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-26 15:46:01 +01:00
Stijn Segers
b65572fee9 curl: fix HTTPS network timeouts with OpenSSL
Backport an upstream change to fix HTTPS timeouts with OpenSSL.
Upstream curl bug #1174.

Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
[Jo-Philipp Wich: reword commit message, rename patch to 001-*]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-16 19:39:42 +01:00
Felix Fietkau
f44663c673 uqmi: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:09 +01:00
Felix Fietkau
185b06f04a umbim: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
1ca31b0931 comgt: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
1ad30be982 Revert the recent dependency and metadata scanning rework
This reverts the following commits:
fbe522d120
278ad007ee
863888e44f
96daf6352f
cfd83555fc

This seems to trigger some mconf bugs when built with all feeds
packages, so I will try to find a less intrusive solution before the
release.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 19:48:09 +01:00
Felix Fietkau
fbe522d120 comgt: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
278ad007ee umbim: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
863888e44f uqmi: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Stijn Tintel
c687a70fdf iwinfo: drop references to madwifi
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2017-01-10 13:01:26 +01:00
Felix Fietkau
84bd74057f build: use mkhash to replace various quirky md5sum/openssl calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-05 11:09:12 +01:00
Rosen Penev
558680012d curl: Remove PolarSSL and adjust default to mbedTLS
luci-ssl has already made the switch since mainline support for PolarSSL is
almost over (2016).

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-01-03 14:26:41 +01:00
Hauke Mehrtens
1436e15488 curl: update to version 7.52.1
This fixes the folowing security problems:

CVE-2016-9586: printf floating point buffer overflow
CVE-2016-9952: Win CE schannel cert wildcard matches too much
CVE-2016-9953: Win CE schannel cert name out of buffer read
CVE-2016-9594: unititialized random

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-02 13:07:10 +01:00
Felix Fietkau
c7c1cf5618 treewide: clean up and unify PKG_VERSION for git based downloads
Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:21 +01:00
Florian Eckert
6c82f8a483 uqmi: add plmn set functionality for netifd proto handler
uqmi has the possibility to allow the modem to start a regsitration
process only to this specified plmn

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-22 15:03:58 +01:00
Cezary Jackiewicz
83eca5d8b7 comgt-ncm: fix typo Fix typo in ncm.sh. Resolves:
Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-12-22 15:02:35 +01:00
Kevin Darbyshire-Bryant
197b11f325 iproute2: tc - update cake support
Update tc to track upstream cake changes:

diffserv3 - a simple 3 tin classifier

Also make diffserv3 and triple-isolate default

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 09:35:36 +01:00
Nickolay Ledovskikh
600d648a0d uqmi: Prevent 'POLICY MISMATH' error.
Add uqmi 'sync' command call to release stalled cid when preparing to
setup new connection. As a result it prevents 'POLICY MISMATCH' errors.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:36 +01:00
John Crispin
4146047eaf uqmi: bump to latest git HEAD
8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command.
1dc7be1 uqmi: Add sync command to release all cids.

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
6439e39677 uqmi: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
13ab314b0b comgt: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Matti Laakso
5bd3b9dfc0 comgt-ncm: Add support for specifying profile index
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.

In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Matti Laakso
2e2748b053 uqmi: Add support for specifying profile index
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.

Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Jo-Philipp Wich
e2f8d200f5 netfilter: drop proprietary xt_id match
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Kevin Darbyshire-Bryant
88f8c8d7eb iproute2: support latest cake & restore DSCP washing
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Felix Fietkau
b9ddf3098b tcpdump: reduce size of -mini by removing more infrequently used protocols
This removes:
- BGP
- CDP
- SCTP

MIPS binary .ipk size is reduced from ~150k to ~130k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:20 +01:00
p-wassi
a4a00d794f net/utils/tcpdump: update to 4.8.1
Update tcpdump to upstream release 4.8.1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-12 10:22:19 +01:00
Hauke Mehrtens
4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Felix Fietkau
4d448cf720 xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packages
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 14:24:03 +01:00
Rafał Miłecki
e8fe83e1be iw: drop TX power patch that is part of upstream version now
Applying it again was resulting in duplicated TX info like:
Interface wlan0
        ifindex 6
        wdev 0x1
        addr 00:23:6a:a3:7d:00
        ssid LEDE2
        type AP
        wiphy 0
        channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
        txpower 31.00 dBm
        txpower 31.00 dBm

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-29 08:39:57 +01:00
Julian Kornberger
04a76da1ae ipset: Add InstallDev to provide libipset as library 2016-11-26 22:39:27 +01:00
Ralph Sennhauser
32cfd3bd50 arptables: bump to 2015-05-20
This fixes building with musl and drops the dependency on the OpenWrt
kernel-header patches:

  270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch
  271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch
  272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch

Use the new upstream location at netfilter.org and use a define instead
of a patch to "optimize".

See also: https://git.netfilter.org/arptables/log/

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
[Jo-Philipp Wich: add mirror SHA256 sum]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:14:30 +01:00
Jo-Philipp Wich
dc7c9f590a conntrack-tools: update to v1.4.4
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Rafał Miłecki
fc93494066 iw: fix build error caused by redeclaration of NL80211_ATTR_PAD
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fixes: 7aff00ab19 ("iw: update to version 4.9")
2016-11-12 16:30:06 +01:00
Rafał Miłecki
7aff00ab19 iw: update to version 4.9
This adds support for "channels" command which displays more details
about channels. It includes e.g. info about available widths.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-12 16:09:19 +01:00
Rafał Miłecki
7305b55588 iw: update to version 4.7
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-12 16:04:16 +01:00
Christian Lamparter
9c91335dc7 iperf3: update to version 3.1.4
"This release fixes a few minor bugs, including a
(non-security-impacting) buffer overflow fix ported
from upstream cjson."
<http://software.es.net/iperf/news.html#iperf-3-1-4-released>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-08 11:17:11 +01:00
Alberto Bursi
e4fef72244 comgt: move to WWAN submenu, fixed link
moving comgt and its modules to WWAN submenu to join uqmi as both are tools for WWAN modems.

I replaced the link with comgt's ubuntu manpage because the old link isn't working anymore.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
9abdeee0b7 uqmi: moved to WWAN submenu
Moving uqmi to WWAN submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Cezary Jackiewicz
862e7fb7b3 gcom: Fix 'mode' option for ncm
For Huawei devices like E3372 proper command for set lte mode is:

AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,

Eval is required for proper quotation.

Without this fix:

Fri Nov  4 19:07:49 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> AT
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> ATZ
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATQ0
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATV1
Fri Nov  4 19:07:54 2016 daemon.notice netifd: wan (2060): sending -> ATE1
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> ATS0=0
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:07:57 2016 daemon.notice netifd: wan (2060): sending -> AT^SYSCFGEX=\"03\",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Error running AT-command
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Failed to set operating mode
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2092): Stopping network
...

With this fix:

Fri Nov  4 19:10:59 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> AT
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> ATZ
Fri Nov  4 19:11:02 2016 daemon.notice netifd: wan (2539): sending -> ATQ0
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATV1
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATE1
Fri Nov  4 19:11:04 2016 daemon.notice netifd: wan (2539): sending -> ATS0=0
Fri Nov  4 19:11:05 2016 daemon.notice netifd: wan (2539): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:11:06 2016 daemon.notice netifd: wan (2539): sending -> AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:11:07 2016 daemon.notice netifd: wan (2539): sending -> AT^NDISDUP=1,1,"internet"
Fri Nov  4 19:11:08 2016 daemon.notice netifd: wan (2539): Connected, starting DHCP on wwan0
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan' is now up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network device 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network alias 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is enabled
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' has link connectivity
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is setting up now
...

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-11-08 05:49:58 +01:00
Jo-Philipp Wich
eb10b13f16 iproute2: rename ip to ip-tiny and let both ip-tiny and ip-full provide "ip"
Rename the "ip" package declaration to "ip-tiny" and let both "ip-tiny" and
"ip-full" provide the virtual "ip" package. This allows users to freely choose
the "ip" command variant while other packages can continue to depend on "ip"
without needing to enforce a specific variant.

Note that this commit does not add busybox as "ip" provider due to
the following reasons:

 - The builtin Busybox ip applet cannot be added or removed at runtime
 - Both "ip-tiny" and "ip-full" are able to install without file clashes even
   if the busybox applet is enabled
 - The system is preferring full "ip-tiny" and "ip-full" at runtime, even
   if Busybox ip is still present.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-02 02:33:30 +01:00
Daniel Engberg
dc8605b7f7 package/network/utils/ipset: Update to 6.30
Updates to 6.30

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-27 13:16:50 +02:00
Simon Hailes
86c6b07e15 wwan: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Marcin Jurkowski
85fbffd74b qmi: add metric, defaultroute and peerdns options for qmi protocol
Adds generic network options for qmi protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

IPv6-related code taken from Bruno's patch https://patchwork.ozlabs.org/patch/584816.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Signed-off-by: Bruno Randolf <br1@einfach.org>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
35129469ca mbim: add metric, defaultroute and peerdns options for mbim protocol
Adds generic network options for mbim protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
72eb2b8e22 comgt: add metric, defaultroute and peerdns options for directip protocol
Adds generic network options for directip protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
c560d25d19 comgt: add metric, defaultroute and peerdns options for ncm protocol
Adds generic network options for ncm protocol dynamic interfaces
as suggested by Felix in
http://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Felix Fietkau
be7f2abb60 iperf: used an updated renamed tarball instead of main upstream URL
iperf upstream added some bugfixes to the already released 2.0.9 version
without changing the filename. This conflicts with old mirrored files
and the hash that we previously used.
To avoid conflict, use a renamed tarball from mirror2.openwrt.org
containing the new upstream changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-17 11:16:31 +02:00
Alexandru Ardelean
a24442c4f3 network/utils/maccalc: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
0af93f8f30 network/utils/rssileds: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
808a618bc4 network/utils/resolveip: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
964f8bc4e5 network/utils/owipcalc: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
3f8598feaf network/utils/iwcap: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Daniel Engberg
3a136f5c56 packages/network/utils/wpan-tools: Update to 0.7
* Updates to 0.7
* Switches tarball to xz

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
87002c0646 package/network/utils/ipset: Update to 6.29
Updates to 6.29

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Felix Fietkau
db47363ff7 uqmi: re-enable autoconnect which was dropped without explanation
Fixes a regression in commit 8f24ee6382:
"uqmi: Add proper IPv6 support"

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 11:58:59 +02:00
Felix Fietkau
3b9b963e6e uqmi: always use DHCP for IPv4
Commit 8f24ee6382 ("uqmi: Add proper IPv6 support") changed the code
to fetch the IPv4 address via QMI by default instead of using DHCP to
make it consistent with the IPv6 codepath.
This breaks on at least some Sierra Wireless cards, where data exchanges
fail to work until the host has fetched a DHCP lease.
Leave v6 as it is, but always use DHCP for v4.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 11:58:57 +02:00
Daniel Engberg
9edfe7dd13 source: Switch to xz for packages and tools where possible
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-06 12:16:56 +02:00
Kevin Darbyshire-Bryant
4ef1144958 iproute2: tc cake qdisc add nat, docsis & ptm modes
Add cake nat de-masquerading mode: nat, nonat.
Also docsis & ptm overhead related keywords: nat, nonat,
ptm, docsis-downstream-ip, docsis-downstream, docsis-upstream-ip
& docsis-upstream.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-10-04 11:50:48 +02:00
Kevin Darbyshire-Bryant
34c2726ca7 iproute2: fix no fortify build failure
Fix rt_names build failure when FORTIFY_SOURCE disabled.
Include limits.h which otherwise gets automatically included
by fortify headers.

Solves FS #194

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-30 10:15:28 +02:00