Kernel commit 1ac89d20150e ("netfilter: nat: merge nf_nat_redirect into
nf_nat") made the redirect module part of the nat core and changed the
CONFIG_NF_NAT_REDIRECT option to a boolean, without prompt, affecting
kernel 4.18 onwards. CONFIG_NF_NAT_REDIRECT now can only be selected by
CONFIG_NFT_REDIR or NETFILTER_XT_TARGET_REDIRECT
Fixes: FS#2476
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2476
Fixes: FS#2990 (partial)
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2990
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[note that the option has no prompt and can only be selected by other
kconfig options]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
It was removed in upstream linux commit faec18db ("netfilter: nat:
remove l4proto->manip_pkt"). This happened since linux 5.0
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Kernel commit 22fc4c4c9fd6 ("netfilter: conntrack: gre: switch module to
be built-in") moved the CT GRE code into the core nf_conntrack.ko module
and changed the CONFIG_NF_CT_PROTO_GRE option to boolean for kernel 5.1
and onwards.
CONFIG_NF_CT_PROTO_GRE at the moment has no prompt and can only be
selected by NF_CONNTRACK_PPTP
Fixes: FS#2990 (partial)
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2990
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[note that the option now can not be enabled on its own]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Upstream linux 5.1 commit d1aca8ab ("netfilter: nat: merge ipv4 and ipv6
masquerade functionality") replaces the following 2 options
- CONFIG_NF_NAT_MASQUERADE_IPV4
- CONFIG_NF_NAT_MASQUERADE_IPV6
with CONFIG_NF_NAT_MASQUERADE. The new option is one without prompt and
will be selected by CONFIG_NETFILTER_XT_TARGET_MASQUERADE introduced
still later in 5.2.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The upstream linux commit is 3bf195ae ("netfilter: nat: merge
nf_nat_ipv4,6 into nat core"). It was included since linux 5.1
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
CONFIG_IP_NF_TARGET_REDIRECT is a compat option since upstream commit
2cbc78a2 ("netfilter: combine ipt_REDIRECT and ip6t_REDIRECT"). That
happened since linux 3.10
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
CONFIG_IP_NF_TARGET_MASQUERADE and its counterpart
CONFIG_IP6_NF_TARGET_MASQUERADE are "backwards-compat option for the
user's convenience"
Related commit d22c1755 ("netfilter: fix NAT packaging with kernels
5.2+")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Changelog follows
ced0d535 build: find and use libnl header dirs
5722218e proto: rework parse_addr to return struct device_addr
3d7bf604 device_addr: record address index as in the blob
24ce1eab interface: proto_ip: order by address index first
This bump mainly affects order of interface addresses in ubus output. At the
moment dnsmasq uses first address of an interface for setting dhcp-range option
in its config
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Add procd-ujail and procd-seccomp to DEFAULT_PACKAGES if not building
for space-constraint (FEATURES:=small_flash) targets.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Unify capability handling to only use OCI spec parsers even for ujail
slim containers which previously supposedly used their own format.
80c9516 cgroups: restrict allowed keys in 'unified' section
5ade567 cgroups: memory controller fixes
3121467 early: run ubusd non-root as user ubus, group ubus
12a5b97 jail: adapt to new ubus socket path
788d144 instance: actually wire up capabilities filename
ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code
6c5233a jail: capabilities: apply in two phases
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for
having ubusd run as non-root user.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Rather than unconditionally adding busybox and procd to the set of
default packages, add busybox-selinux and procd-selinux in case
CONFIG_SELINUX is set.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
rt2800 olny gives you survey for current channel.
Survey-based ACS algorithms are failing to perform their job when working
with rt2800.
Make rt2800 save survey for every channel visited and be able to give away
that information.
There is a bug registred https://dev.archive.openwrt.org/ticket/19081 and
this patch solves the issue.
Signed-off-by: Markov Mikhail <markov.mikhail@itmh.ru>
All modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
TP-Link RE200 v4 is a wireless range extender with Ethernet and 2.4G and 5G
WiFi with internal antennas.
It's based on MediaTek MT7628AN+MT7610EN like the v2/v3.
Specifications
--------------
- MediaTek MT7628AN (580 Mhz)
- 64 MB of RAM
- 8 MB of FLASH
- 2T2R 2.4 GHz and 1T1R 5 GHz
- 1x 10/100 Mbps Ethernet
- 8x LED (GPIO-controlled), 2x button
- UART connection holes on PCB (57600 8n1)
There are 2.4G and 5G LEDs in red and green which are controlled
separately.
MAC addresses
-------------
The MAC address assignment matches stock firmware, i.e.:
LAN : *:8E
2.4G: *:8D
5G : *:8C
MAC address assignment has been done according to the RE200 v2.
The label MAC address matches the OpenWrt ethernet address.
Installation
------------
Web Interface
-------------
It is possible to upgrade to OpenWrt via the web interface. Simply flash
the -factory.bin from OEM. In contrast to a stock firmware, this will not
overwrite U-Boot.
Recovery
--------
Unfortunately, this devices does not offer a recovery mode or a tftp
installation method. If the web interface upgrade fails, you have to open
your device and attach serial console.
Instructions for serial console and recovery may be checked out in
commit 6d6f36ae78 ("ramips: add support for TP-Link RE200 v2") or on
the device's Wiki page.
Signed-off-by: Richard Fröhning <misanthropos@gmx.de>
[removed empty line, fix commit message formatting]
Signed-off-by: David Bauer <mail@david-bauer.net>
The target uses 5.4 as default kernel since 06/2020.
Kernel 4.19 support is not really maintained anymore, it does not
seem to be needed and upcoming changes (mainly DSA) will break
backward-compatibility anyway.
Thus, make maintaining of old stuff and reviewing of new stuff
easier by removing support for kernel 4.19.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Pci is broken when bootm is used instead of the custom bootipq. This
is caused by the lack of reset by the bootloader. Make the driver do
the reset to fix this specific problem.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
The target uses 5.4 as default kernel since 04/2020.
Kernel 4.19 support is not really maintained anymore, and there has
been a lot of changes between 4.19 and 5.4 on this target. Despite,
new devices are typically added for 5.4 only anyway.
Thus, make maintaining of old stuff and reviewing of new stuff
easier by removing support for kernel 4.19.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The target uses 5.4 as default kernel since 03/2020.
Kernel 4.19 support is not really maintained anymore, it does not
seem to be needed, and removing it will make upcoming driver
updates easier. Thus, remove it.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* add d-link_dgs-1210-10p support
* make sure mips16 is disabled
* add a generic sub target
* add proper cflags
Signed-off-by: John Crispin <john@phrozen.org>
The board was renamed without changing the BUILD_DEVICES in the U-Boot
Makefile, this broken the build.
Fixes: 0830ae3a2f ("sunxi: Correct manufacturer name to Sinovoip")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Specification:
- CPU: Allwinner H3, Quad-core Cortex-A7 Up to 1.2GHz
- DDR3 RAM: 512MB/1GB
- Network:
10/100/1000M Ethernet x 1,
10/100M Ethernet x 1
- WiFi: 802.11b/g/n, with SMA antenna interface
- USB Host: Type-A x2
- MicroSD Slot x 1
- MicroUSB: for OTG and power input
- Debug Serial Port: 3Pin 2.54mm pitch pin-header
- LED:
nanopi:red:status
nanopi:green:wan
nanopi:green:lan
- KEY:
reset
- Power Supply: DC 5V/2A
Installation:
- Write the image to SD Card with dd
- Boot NanoPi from the SD Card
Signed-off-by: Jayantajit Gogoi <jayanta.gogoi525@gmail.com>
E1700AC v2 based on Qualcomm/Atheros QCA9563 + QCA9880.
Specification:
- 750/400/250 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 3T3R 5 GHz
- 2 x 10/1000M Mbps Ethernet (RJ45)
- 1 x MiniPCI-e
- 1 x SIM (3G/4G)
- 1 x USB 2.0 Port
- 5 x LED , 2 x Button(S8-Reset Buttun), 1 x power input
- UART (J5) header on PCB (115200 8N1)
Flash instruction:
1.Using tftp mode with UART connection and original LEDE image
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "openwrt-ar71xx-generic-xxx-squashfs-sysupgrade.bin"
to "firmware.bin" and place it in tftp server directory.
- Connect PC with one of LAN ports, power up the router and press
key "Enter" to access U-Boot CLI.
- Use the following commands to update the device to LEDE:
run lfw
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
2.Using httpd mode with Web UI connection and original LEDE image
- Configure PC with static IP 192.168.1.xxx(2-255) and tftp server.
- Connect PC with one of LAN ports,press the reset button, power up
the router and keep button pressed for around 6-7 seconds, until
leds flashing.
- Open your browser and enter 192.168.1.1,You will see the upgrade
interface, select "openwrt-ar71xx-generic-xxx-squashfs-
sysupgrade.bin" and click the upgrade button.
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
[cut out of bigger patch, keep swconfig, whitespace fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Qxwlan E558 v2 is based on Qualcomm QCA9558 + AR8327.
Specification:
- 720/600/200 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 2.4 GHz (QCA9558)
- 3x 10/100/1000 Mbps Ethernet (one port with PoE support)
- 4x miniPCIe slot (USB 2.0 bus only)
- 1x microSIM slot
- 5x LED (4 driven by GPIO)
- 1x button (reset)
- 1x 3-pos switch
- 1x DC jack for main power input (9-48 V)
- UART (JP5) and LEDs (J8) headers on PCB
Flash instruction:
1.Using tftp mode with UART connection and original LEDE image
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "openwrt-ar71xx-generic-xxx-squashfs-sysupgrade.bin"
to "firmware.bin" and place it in tftp server directory.
- Connect PC with one of LAN ports, power up the router and press
key "Enter" to access U-Boot CLI.
- Use the following commands to update the device to LEDE:
run lfw
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
2.Using httpd mode with Web UI connection and original LEDE image
- Configure PC with static IP 192.168.1.xxx(2-255) and tftp server.
- Connect PC with one of LAN ports,press the reset button, power up
the router and keep button pressed for around 6-7 seconds, until
leds flashing.
- Open your browser and enter 192.168.1.1,You will see the upgrade
interface, select "openwrt-ar71xx-generic-xxx-squashfs-
sysupgrade.bin" and click the upgrade button.
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
[cut out of bigger patch, keep swconfig, whitespace adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Qxwlan E750G v8 is based on Qualcomm QCA9344 + QCA9334.
Specification:
- 560/450/225 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 2.4G GHz (AR9344)
- 2x 10/100/1000 Mbps Ethernet (one port with PoE support)
- 7x LED (6 driven by GPIO)
- 1x button (reset)
- 1x DC jack for main power input (9-48 V)
- UART (J23) and LEDs (J2) headers on PCB
Flash instruction:
1.Using tftp mode with UART connection and original LEDE image
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "openwrt-ar71xx-generic-xxx-squashfs-sysupgrade.bin"
to "firmware.bin" and place it in tftp server directory.
- Connect PC with one of LAN ports, power up the router and press
key "Enter" to access U-Boot CLI.
- Use the following commands to update the device to LEDE:
run lfw
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
2.Using httpd mode with Web UI connection and original LEDE image
- Configure PC with static IP 192.168.1.xxx(2-255) and tftp server.
- Connect PC with one of LAN ports,press the reset button, power up
the router and keep button pressed for around 6-7 seconds, until
leds flashing.
- Open your browser and enter 192.168.1.1,You will see the upgrade
interface, select "openwrt-ar71xx-generic-xxx-squashfs-
sysupgrade.bin" and click the upgrade button.
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
[cut out of bigger patch, keep swconfig]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
After the status rework, ieee80211_tx_status_ext is leaking un-acknowledged
packets for stations in powersave mode.
To fix this, move the code handling those packets from __ieee80211_tx_status
into ieee80211_tx_status_ext
Reported-by: Tobias Waldvogel <tobias.waldvogel@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This reverts commit ef7c34c1d1.
The commit seems to break all buildbots with messages like:
/builder/shared-workdir/build/include/toplevel.mk:15:
/builder/shared-workdir/build/include/toplevel-vars.mk: No such file or directory
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
version_abbrev uses $(shell) and the ?= is causing make to run the command
over and over again, causing a significant build slowdown
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The code is now much cleaner and works better than the old code.
Preparation for submitting it upstream (though with a different API)
Also add back MT7621 support and fix flow table coherence issues on
MT7622
Signed-off-by: Felix Fietkau <nbd@nbd.name>
In order to make it easier for users to build with SELinux, have a
single option in 'Global build settings' to enable all necessary
kernel features, userland packages and build-system hooks.
Also add better descriptions and help messages while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
8e0f29a mount: remove support for legacy overlayfs before v2.3
0f8a443 mount: fix log format string and indentation
46a56d3 overlay: use precompiler macros for reoccuring path names
f25ab8a mount: apply SELinux labels before overlayfs mount
Total ipk size change (ipq40xx): +120b
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of duplicating the '/sbin/setfiles' binary, have
'/sbin/restorecon' as yet another alias for
'/sbin/policycoreutils-setfiles'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Expose WPS ubus API only if compiled with WPS support and add new
handler for wps_status call.
Also add '-v wps' option to check whether WPS support is present in
hostapd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Qxwlan E750A v4 is based on Qualcomm QCA9344.
Specification:
- 560/450/225 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 5G GHz (AR9344)
- 2x 10/100 Mbps Ethernet (one port with PoE support)
- 1x miniPCIe slot (USB 2.0 bus only)
- 7x LED (6 driven by GPIO)
- 1x button (reset)
- 1x DC jack for main power input (9-48 V)
- UART (J23) and LEDs (J2) headers on PCB
Flash instruction:
1.Using tftp mode with UART connection and original LEDE image
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "openwrt-ar71xx-generic-xxx-squashfs-sysupgrade.bin"
to "firmware.bin" and place it in tftp server directory.
- Connect PC with one of LAN ports, power up the router and press
key "Enter" to access U-Boot CLI.
- Use the following commands to update the device to LEDE:
run lfw
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
2.Using httpd mode with Web UI connection and original LEDE image
- Configure PC with static IP 192.168.1.xxx(2-255) and tftp server.
- Connect PC with one of LAN ports,press the reset button, power up
the router and keep button pressed for around 6-7 seconds, until
leds flashing.
- Open your browser and enter 192.168.1.1,You will see the upgrade
interface, select "openwrt-ar71xx-generic-xxx-squashfs-
sysupgrade.bin" and click the upgrade button.
- After that the device will reboot and boot to LEDE.
- Wait until all LEDs stops flashing and use the router.
Signed-off-by: Peng Zhang <sd20@qxwlan.com>
[cut out of bigger patch, alter use of DEVICE_VARIANT, merge case
in 01_leds, use lower case for v4]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Like in the previous patches for various targets, this removes
the "devicename" from LED labels in rtl838x, as it's useless and
only creates complexity.
Since the target is fresh and so far only system LEDs were added,
this does not add a migration script.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The syntax of the shared SoC DTSI file determines the DTS version,
so no need to repeat the "/dts-v1/;" identifier in every file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The idea of commit a14f5bb4bd was to use wpad-basic-wolfssl
consistently throughout the whole trunk, so use it here as well.
Fixes: 50fdddae05 ("BPi-M2U kernel modules for onboard WiFi")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Fix wrong magic number verification for FW files.
Correct handling of external RTL8218B firmware PHY name in firmware.
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
build: always build package/kernel/linux
If no in-tree module packages are selected, the build system does not process
package/kernel/linux. This package is required for building the virtual
'kernel' package, which is specified as a dependency for all kernel packages.
Signed-off-by: Felix Fietkau <nbd@nbd.name>