Commit Graph

4353 Commits

Author SHA1 Message Date
Janusz Dziedzic
c201905d05 wifi-scripts: mac80211.sh: enable EHT320
For EHT320 we should also enable HE160.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2024-10-02 15:12:18 +02:00
Janusz Dziedzic
42185bf429 wifi-scripts: mac80211.sh: allow EHT* sets
Allow to configure 80211BE.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2024-10-02 15:12:18 +02:00
Janusz Dziedzic
d1fc8c3db0 hostapd: fix build when 80211BE enabled
In file included from hostapd-wpad-basic-mbedtls/hostapd-2024.03.09~695277a5/src/ap/ubus.h:11,
                 from hostapd-wpad-basic-mbedtls/hostapd-2024.03.09~695277a5/src/ap/hostapd.h:21,
                 from main.c:26:
hostapd-2024.03.09~695277a5/src/ap/sta_info.h: In function 'ap_sta_is_mld':
hostapd-2024.03.09~695277a5/src/ap/sta_info.h:425:20: error: invalid use of undefined type 'struct hostapd_data'
  425 |         return hapd->conf->mld_ap && sta && sta->mld_info.mld_sta;
      |                    ^~

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2024-10-02 15:12:18 +02:00
Janusz Dziedzic
b1d6068330 hostapd: add CONFIG_DRIVER_11BE_SUPPORT
Add option to enable 802.11BE support.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2024-10-02 15:12:18 +02:00
John Crispin
52e8aeabee iwinfo: update to latest HEAD
714e419 iwinfo: fix EHT mode reporting for STA interfaces
7eed433 devices: add device id for MediaTek MT7996e

Signed-off-by: John Crispin <john@phrozen.org>
2024-10-02 15:12:18 +02:00
Felix Fietkau
d3628ca209 wifi-scripts: wifi-detect.uc: skip null entries on nl80211 phy dump
This can happen on incomplete device probe

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-10-01 14:45:58 +02:00
Chen Minqiang
105a5790b7 comgt: directip: add delegate option support
Ipv6 delegate option is not respected by proto directip
this add support for it.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15508
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:43:08 +02:00
Chen Minqiang
8a5db2ff3c comgt: directip: add sourcefilter option support
This make source based IPv6 routing option available for directip

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15508
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:43:08 +02:00
Chen Minqiang
a97b7af33e qmi: add delegate option support
Ipv6 delegate option is not respected by proto qmi
this add support for it.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15508
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:43:08 +02:00
Chen Minqiang
0371a4c814 ncm: add delegate option support
Ipv6 delegate option is not respected by proto ncm
this add support for it.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15508
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:43:08 +02:00
Chen Minqiang
72d9e4fc31 mbim: add delegate option support
Ipv6 delegate option is not respected by proto mbim
this add support for it.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15508
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:43:08 +02:00
Chen Minqiang
01d257e95f ppp: add delegate option support
Ipv6 delegate option is not respected by proto of ppp/pptp/pppoe/pppoa
this add support for them.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15508
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:43:08 +02:00
Jianhui Zhao
b4dfa3b33c hostapd: fix UPDATE_VAL fail in uc_hostapd_iface_start
If the `intval` obtained from `info` is indeed 0, it cannot be set to `conf`.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15495
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:36:46 +02:00
Lev A. Melnikovsky
b0aecfaa4f hostapd-common: add missing ingredients for standalone EAP server
Namely radius_server_auth_port and radius_server_clients arguments. Below is a working config example:

config wifi-iface 'enterprise1'
        option device 'radio1'
        option mode 'ap'
        option network 'lan'
        option ssid 'openwrt'
        option encryption 'wpa2'
        option dh_file '/etc/hostapd/dh.pem'
        option eap_server '1'
        option eap_user_file '/etc/hostapd/eap_user'
        option ca_cert '/etc/hostapd/ca.pem'
        option server_cert '/etc/hostapd/server.crt'
        option private_key '/etc/hostapd/server.key'
        option radius_server_clients '/etc/hostapd/radius_clients'
        option radius_server_auth_port 1812

config wifi-iface 'enterprise2'
        option device 'radio2'
        option mode 'ap'
        option network 'lan'
        option ssid 'openwrt'
        option encryption 'wpa2'
        option dh_file '/etc/hostapd/dh.pem'
        option auth_server '127.0.0.1'
        option auth_secret 'radius_secret'
        option auth_cache '0'

Signed-off-by: Lev A. Melnikovsky <melnikovsky@gmail>
Link: https://github.com/openwrt/openwrt/pull/16112
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 23:25:14 +02:00
Ivan Pavlov
6b9e008ab7 tcpdump: update to 4.99.5
Changes: https://git.tcpdump.org/tcpdump/blob/4a789712f187e3ac7b2c0044c3a3f8c71b83646e:/CHANGES

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16402
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 17:53:13 +02:00
Aleksandr V. Piskunov
a47bf906cd 6in4: add 'nohostroute' option
Same as 'nohostroute' option for GRE tunnels (commit 0f8b9addfc)
and IPIP tunnels (commit 46ce629fe0)

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15961
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 16:28:52 +02:00
Aleksandr V. Piskunov
6b5aea7429 6in4: Support fqdn as remote tunnel endpoint
Same as fqdn support in GRE (commit a79f3d11b3) and IPIP (commit 311682905e)

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15961
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 16:28:51 +02:00
Aleksandr V. Piskunov
cdb535ac32 6in4: allow specifying tunnel device name
Accept 'device' option, allowing to specify custom l3 device name,
instead of default autogenerated one (prefix "6in4-" + interface name)

Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15961
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 16:28:51 +02:00
Pawel Dembicki
832abf0109 restool: bump to lf-6.6.23-2.0.0
This commit bumps restool layerscape package to lf-6.6.23-2.0.0 version.

Patch was refreshed.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16360
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-22 16:21:02 +02:00
Felix Fietkau
df1011e0b7 hostapd: fix OWE ssid update on configuration changes
Refresh OWE transition IEs on updating BSS interfaces

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-21 20:37:41 +02:00
Felix Fietkau
81a48e7d1a wpa_supplicant: fix num_global_macaddr handling
Pass num_global_macaddr via ubus in the top level config_set call

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-21 20:33:45 +02:00
Felix Fietkau
b4e7682c54 hostapd: fix num_global_macaddr and mbssid config handling
Store the config values in the correct field and apply them on restart too

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-21 20:14:51 +02:00
Felix Fietkau
1a288670d9 hostapd: fold extra APuP patches into main patch + src/
Simplifies maintenance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-21 18:33:52 +02:00
Felix Fietkau
127078567b hostapd: improve ucode bss notifications
Reduce code duplication, add extra callback for bss create

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-21 18:32:26 +02:00
Felix Fietkau
3727731e6a netifd: update to Git HEAD (2024-09-21)
24f9a93a9559 interface: fix regression on adding hotplug devices to interfaces

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-21 18:28:40 +02:00
Mieczyslaw Nalewaj
e67aa1d5bf packages: remove remnants of kernels below 6.6
Remove remnants of kernels below 6.6.

Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16432
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-21 13:03:49 +02:00
Felix Fietkau
3efdc8e16d qosify: update to Git HEAD (2024-09-20)
850cc271083d qosify: add support for keeping stats
1501e0935175 bpf_skb_utils.h: add missing include to fix build against newer kernel headers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-20 23:17:43 +02:00
Daniel Golle
80347989ee iwinfo: update to git HEAD
Add support for 802.11be (HE) radios.

 4b7c47c iwinfo: sync with upstream nl80211.h
 268a662 iwinfo: add basic IEEE 802.11be support

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-09-17 19:07:53 +01:00
Ivan Pavlov
da11a1e20c hostapd: update to version 2024-09-15
Remove upstreamed from 2.11 release:
  060-nl80211-fix-crash-when-adding-an-interface-fails.patch

Rebase all other patches

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16338
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-16 10:32:43 +02:00
Ivan Pavlov
395afc4c58 hostapd: update to 2.11 release tag
Release 2.11 has been quite a few new features and fixes since the 2.10
release. The following ChangeLog entries highlight some of the main
changes:

* Wi-Fi Easy Connect
  - add support for DPP release 3
  - allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
  - various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
  - add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
  drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
  - use Secure=1 in message 3 during PTK rekeying

...and many more

Remove upstreamed patches:
  023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
  030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
  040-mesh-allow-processing-authentication-frames-in-block.patch
  181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
  182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
  183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
  210-build-de-duplicate-_DIRS-before-calling-mkdir.patch
  253-qos_map_set_without_interworking.patch
  751-qos_map_ignore_when_unsupported.patch
  800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
  801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
  802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch

Other patches has been updated.

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16338
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-16 10:32:43 +02:00
Daniel Golle
2f7369150b netifd: revert problematic ethtool hack
02aa43d Revert "system-linux: re-apply ethtool on phy attachment"

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-09-12 15:42:20 +02:00
Christian Svensson
01ae39a0b2 wireguard-tools: accept iproute2 as dependency
If the user has ip-tiny or ip-full installed there is no need to depend on
BusyBox having any form of `ip` or `ip link` applets.

Signed-off-by: Christian Svensson <blue@cmd.nu>
Link: https://github.com/openwrt/openwrt/pull/16062
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 23:35:02 +02:00
Gioacchino Mazzurco
d760576132 hostapd: ensure that interface name is not null
Include hotfix suggested by Sebastian Gottschall to fix bug introduced
with APuP patchset

Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: 0c3001a69e
Link: https://github.com/openwrt/openwrt/pull/16298
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-09-06 22:42:42 +02:00
Felix Fietkau
e7ea93e1e3 netifd: update to Git HEAD (2024-09-05)
61c606d6e66b device: simplify external device settings handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-05 10:16:19 +02:00
Eric Long
21b155e0ff bpftool: add host build
Besides probing BPF information in running system, bpftool is also used in
generating skeleton, dumping BTF, etc. that is widely used in modern BPF
development. Make it available as a host tool so that we can use it in
package build.

Tested build targeting malta/le on Arch Linux x86_64. bpftools currently
does not support processing cross-endian BPF objects, so big-endian host
is needed to build for big-endian targets using bpftools.

Signed-off-by: Eric Long <i@hack3r.moe>
Link: https://github.com/openwrt/openwrt/pull/16122
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-09-04 00:06:34 +02:00
Felix Fietkau
2bec6f48e6 netifd: update to Git HEAD (2024-09-03)
480551a3adc4 interface: add support for disabling renew on topology change
b7b294266781 device: add more debugging code
595094f5c213 device: do not pull device present state from hotplug events
4e11e52e9b98 main: add messages to udebug regardless of their log level
091d063f4a9d wireless: handle link updates even if devices are present already
a8e90853c936 interface: improve hotplug handling reliability
cdb41673ceea device: remove redundant newlines from debug messages
cd2a7964f2c0 device: revert to explicit device_set_present calls

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-09-03 15:14:42 +02:00
Jan Hoffmann
cf6d52f45a ltq-vdsl-vr11-app: perform orderly shutdown on exit
Try to do a clean disconnection via L3 request before the connection is
stopped.

Because this might take up to 6 seconds (the driver does 3 attempts with
a timeout of 2 seconds each), a termination timeout needs to be defined
in the init script.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
23826115e1 ltq-vdsl-vr11-app: always disconnect on exit
Move the code for disconnection on exit to a separate function, and also
call it in the code paths for SIGINT and the "quit" CLI command.

While at it, make the patch description a bit clearer.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
663389c4cf ltq-vdsl-vr9-app: always disconnect on exit
Move the code for disconnection on exit to a separate function, and also
call it in the code path for the "quit" CLI command.

While at it, make the patch description a bit clearer.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
a78ad43d1d ltq-vdsl-vr11-app: fix error handling during disconnection
Use the correct return value in error message.

Fixes: 6e4c9738be ("ltq-vdsl-vr11-app: add version 4.23.1 for vr11 targets")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Jan Hoffmann
df6284b079 ltq-vdsl-vr9-app: fix error handling during disconnection
Use the correct return value in error message.

Fixes: 1daaef31b3 ("ltq-vdsl-app: disconnect when service is stopped")
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2024-08-31 19:40:21 +02:00
Sarah Maedel
8de185a176 hostapd: fix anqp_3gpp_cell_net list delimiter
This patch fixes the list delimiter between 3GPP networks
passed to hostapd.

> list iw_anqp_3gpp_cell_net '262,001'
> list iw_anqp_3gpp_cell_net '262,002'

When passing a list of "iw_anqp_3gpp_cell_net" parameters via UCI,
hostapd would crash at startup:
> daemon.err hostapd: Line 73: Invalid anqp_3gpp_cell_net: 262,001:262,002

Using a semicolon as a delimiter, hostapd will start as expected.

Signed-off-by: Sarah Maedel <git@tbspace.de>
2024-08-28 11:57:23 +02:00
David Bauer
ebe7c5f1a3 uqmi: update to latest HEAD
28b48a1 uim: add support for ICC communication channel
f582e00 qmi: fix dynamic array macro
d381f80 data: add support for ICC channel

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-08-25 23:25:45 +02:00
Carsten Schuette
57c600dc27 dnsmasq: Add EDNS0 Upstream support
Forward client mac address and subnet on dns queries. Pi-hole and Adguard use this feature to send the originators ip address/subnet so it can be logged and not just the nat address of the router. This feature has been added since version 2.56 of dnsmasq and would be nice to expose this feature in openwrt.

Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
Link: https://github.com/openwrt/openwrt/pull/15965
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-24 21:25:17 +02:00
Matt Eaton
60951f0515 xfrm: remove requirement for underlying device
Since kernel 5.3, phydev (dev) is no longer required

   torvalds/linux@22d6552

Signed-off-by: Matt Eaton <git@divinehawk.com>
Link: https://github.com/openwrt/openwrt/pull/16046
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:49:49 +02:00
Sylvain Monné
88186c85f9 uhttpd: restart daemon if certificate has changed
Fixes #16075

When the SSL certificate used by uhttpd has been changed, calling
`/etc/init.d/uhttpd reload` will now have the effect of restarting the
daemon to make the change effective.

Signed-off-by: Sylvain Monné <sylvain@monne.contact>
Link: https://github.com/openwrt/openwrt/pull/16076
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-19 18:46:08 +02:00
Hannu Nyman
0b7d99147b uhttpd: Decrease the default validity time of certificate
The recommended maximum validity period is currently 397 days
and some browsers throw warning with longer periods.

Reference to
https://cabforum.org/working-groups/server/baseline-requirements/
 6.3.2 Certificate operational periods and key pair usage periods
 Subscriber Certificates issued on or after 1 September 2020
 SHOULD NOT have a Validity Period greater than 397 days and
 MUST NOT have a Validity Period greater than 398 days.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Pat Fruth
db4e8ef952 uhttpd: Include new extensions in uhttpd self-signed certs
The introduction of MacOS Catalina includes new requirements for self-signed certificates.
See: https://support.apple.com/en-us/HT210176
These new requirements include the addition of two TLS server certificate extensions.
- extendedKeyUsage
- subjectAltName
The extendedKeyUsage must be set to serverAuth.
The subjectAltName must be set to the DNS name of the server.
In the absense of these new extensions, when the LUCI web interface is configured to use HTTPS and
self-signed certs, MacOS user running Google Chrome browsers will not be able to access the LUCI web enterface.
If you are generating self-signed certs which do not include that extension, Chrome will
report "NET::ERR_CERT_INVALID" instead of "NET::ERR_CERT_AUTHORITY_INVALID".  You can click through to
ignore the latter, but not the former.

This change updates the uhttpd init script to generate self-signed cert that meets the new requirements.
Signed-off-by: Pat Fruth <pat@patfruth.com>
Link: https://github.com/openwrt/openwrt/pull/15366
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-08-13 21:07:13 +02:00
Gioacchino Mazzurco
e80520197c hostapd: Add support for APuP
Add support for hostapd Access Point Micro Peering

Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: https://gitlab.com/g10h4ck/hostap/-/commits/APuP
Link: https://github.com/openwrt/openwrt/pull/15442
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-13 00:28:32 +02:00
Rany Hany
db7f70fe61 hostapd: fix SAE H2E security vulnerability
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.

As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].

An explanation of the impact of the vulnerability is provided from the
advisory[1]:

This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.

[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16042
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-08-02 23:13:44 +02:00
Daniel Golle
ee8c05f9b6 netifd: update to git HEAD
68c8a4f system-linux: re-apply ethtool on phy attachment
 890929b wireless: add support for defining wifi interfaces via procd service data
 b57e40b wireless: use blobmsg_parse_attr
 7a6532f proto-shell: add proto property for skipping device config
 33ec3da CMake: bump the minimum required CMake version to 3.5

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-08-01 20:48:24 +01:00
FUKAUMI Naoki
2d31004133 wifi-scripts: add missing dependency on ucode-mod-rtnl
rtnl is used in hostap/common.uc.

$ grep -r rtnl files
files/usr/share/hostap/common.uc:import * as rtnl from "rtnl";
files/usr/share/hostap/common.uc:	     rtnl.request(rtnl.const.RTM_SETLINK, 0, { dev: reuse_ifname, ifname: name}) != false))
files/usr/share/hostap/common.uc:	rtnl.request(rtnl.const.RTM_SETLINK, 0, { dev: name, change: 1, flags: up ? 1 : 0 });

Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15922
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-23 23:49:36 +02:00
Tan Zien
9a8111fb25 libiwinfo: update to Git HEAD (2024-07-06)
2158201 devices: add device id for Atheros AR9590

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15889
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-07-10 09:40:26 +02:00
Stijn Tintel
6b16eaf840 wifi-scripts: add missing dependency on ucode-mod-uci
Fixes the following error:

Syntax error: Unable to resolve path for module 'uci'
In line 3, byte 27:

 `import * as uci from 'uci';`
  Near here ----------------^

Fixes: 4a3ed518b2 ("wifi-scripts: rewrite wifi detect code in ucode")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2024-07-03 01:40:15 +03:00
David Bauer
89d7051485 hostapd: bump PKG_RELEASE
Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
David Bauer
68e4cc9be5 hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.

As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.

However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.

These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.

Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.

Signed-off-by: David Bauer <mail@david-bauer.net>
2024-06-30 22:23:11 +02:00
Sean Khan
d648ee4c58 wifi-scripts: ensure get_freq returns int (iw-6.9)
With `iw` version 6.9 frequencies are now being reported as float,
which is incompatible with wpa_supplicant's config option 'frequency'
which expects an integer.

iwinfo phy0 info output:

Version: 5.19
```
Frequencies:
  * 5180 MHz [36] (30.0 dBm)
  * 5200 MHz [40] (30.0 dBm)
  * 5220 MHz [44] (30.0 dBm)
  * 5240 MHz [48] (30.0 dBm)
  * 5260 MHz [52] (24.0 dBm)
  * 5280 MHz [56] (24.0 dBm)
  * 5300 MHz [60] (24.0 dBm)
  * 5320 MHz [64] (24.0 dBm)
  * 5500 MHz [100] (24.0 dBm)
  * 5520 MHz [104] (24.0 dBm)
  * 5540 MHz [108] (24.0 dBm)
  * 5560 MHz [112] (24.0 dBm)
  * 5580 MHz [116] (24.0 dBm)
  * 5600 MHz [120] (24.0 dBm)
  * 5620 MHz [124] (24.0 dBm)
  * 5640 MHz [128] (24.0 dBm)
  * 5660 MHz [132] (24.0 dBm)
  * 5680 MHz [136] (24.0 dBm)
  * 5700 MHz [140] (24.0 dBm)
  * 5720 MHz [144] (24.0 dBm)
  * 5745 MHz [149] (30.0 dBm)
  * 5765 MHz [153] (30.0 dBm)
  * 5785 MHz [157] (30.0 dBm)
  * 5805 MHz [161] (30.0 dBm)
  * 5825 MHz [165] (30.0 dBm)
  * 5845 MHz [169] (disabled)
  * 5865 MHz [173] (disabled)
  * 5885 MHz [177] (disabled)
```

Version: 6.9
```
Frequencies:
  * 5180.0 MHz [36] (30.0 dBm)
  * 5200.0 MHz [40] (30.0 dBm)
  * 5220.0 MHz [44] (30.0 dBm)
  * 5240.0 MHz [48] (30.0 dBm)
  * 5260.0 MHz [52] (24.0 dBm)
  * 5280.0 MHz [56] (24.0 dBm)
  * 5300.0 MHz [60] (24.0 dBm)
  * 5320.0 MHz [64] (24.0 dBm)
  * 5500.0 MHz [100] (24.0 dBm)
  * 5520.0 MHz [104] (24.0 dBm)
  * 5540.0 MHz [108] (24.0 dBm)
  * 5560.0 MHz [112] (24.0 dBm)
  * 5580.0 MHz [116] (24.0 dBm)
  * 5600.0 MHz [120] (24.0 dBm)
  * 5620.0 MHz [124] (24.0 dBm)
  * 5640.0 MHz [128] (24.0 dBm)
  * 5660.0 MHz [132] (24.0 dBm)
  * 5680.0 MHz [136] (24.0 dBm)
  * 5700.0 MHz [140] (24.0 dBm)
  * 5720.0 MHz [144] (24.0 dBm)
  * 5745.0 MHz [149] (30.0 dBm)
  * 5765.0 MHz [153] (30.0 dBm)
  * 5785.0 MHz [157] (30.0 dBm)
  * 5805.0 MHz [161] (30.0 dBm)
  * 5825.0 MHz [165] (30.0 dBm)
  * 5845.0 MHz [169] (disabled)
  * 5865.0 MHz [173] (disabled)
  * 5885.0 MHz [177] (disabled)
```

Error reported from wpa_supplicant
```console
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: invalid number "5320.0"
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 10: failed to parse frequency '5320.0'.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Line 16: failed to parse network block.
Fri Jun 21 14:07:22 2024 daemon.err wpa_supplicant[2866]: Failed to read or parse configuration '/var/run/wpa_supplicant-phy1-mesh0.conf'.
```

This affects mesh, adhoc, and client-mode WDS.

Until hostapd/wpa_supplicant is updated (or patched) to support float
frequencies, ensure `get_freq` prints out an integer.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15770
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-06-22 11:34:46 +02:00
Felix Fietkau
4a3ed518b2 wifi-scripts: rewrite wifi detect code in ucode
Rely entirely on /etc/board.json instead of screen scraping iw cli output

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
31aa61503e wifi-scripts: add default channel to board.json in wifi-detect.uc
Preparation for avoiding iw calls in /lib/wifi/mac80211.sh

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:26 +02:00
Felix Fietkau
a6e1c5f01e iw: update to version 6.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
032d3fcf7a hostapd: use strdup on string passed to hostapd_add_iface
The data is modified within hostapd_add_iface

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Felix Fietkau
3984fb0582 hostapd: fix crash on interface setup failure
Add a missing NULL pointer check when deleting beacons

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-21 11:52:25 +02:00
Konstantin Demin
f3080677f5
xdp-tools: update to v1.4.2
- release notes:
  https://github.com/xdp-project/xdp-tools/releases/tag/v1.4.2
- patches rebased manually:
  - 010-configure-respect-LDFLAGS.patch

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15705
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-17 13:26:37 +02:00
Christian Marangi
9f6fc4f524
dropbear: don't install /usr/lib/opkg/info in package install
Don't install /usr/lib/opkg/info in package install as it doesn't make
sense and conflicts with APK installations.

Fixes: a377aa9ab5 ("add dropkey ssh keys and config files to the conffiles section (#2014)")
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-06-11 23:58:17 +02:00
Felix Fietkau
a3d1583317 Revert "hostapd: add support for authenticating with multiple PSKs via ubus helper"
This reverts commit c67d5189a4.
Revert until reported issues have been resolved

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 21:34:20 +02:00
Felix Fietkau
c67d5189a4 hostapd: add support for authenticating with multiple PSKs via ubus helper
Also supports assigning a VLAN ID based on the PSK

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-06-06 11:47:59 +02:00
Rosen Penev
2f4bb69664 packages: refresh patches
CI is supposed to catch all of these. Some of these predate CI.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-05-31 11:30:06 +02:00
Rui Salvaterra
2ae1330a22 iproute2: update to 6.9.0
Support for iptables action has been dropped. Remove tc-mod-iptables and related
patch (175-reduce-dynamic-syms.patch).

We also add the missing libbpf dependency for `ss` since iproute 8740ca9
("ss: add support for BPF socket-local storage") now means that `ss` requires
libbpf as well.

Fix 170-ip_tiny.patch, as the help text didn't match all the included functions.

Drop upstreamed patches 402-bpf-fix-warning-from-basename.patch
and 403-bpf-include-libgen.h-for-basename.patch.

All other patches automatically rebased.

Co-authored-by: Rany Hany <rany_hany@riseup.net>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Rany Hany
b2e0775bc6 iproute2: fix build on GCC 14
Upstream patches:

401-bridge-vlan.c-bridge-vlan.c-fix-build-with-gcc-14-on.patch
402-bpf-fix-warning-from-basename.patch
403-bpf-include-libgen.h-for-basename.patch

The patch (400-rdma-include-libgen.h-for-basename.patch) was not
submitted upstream but just adds a missing include for basename.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-31 11:13:31 +02:00
Georgi Valkov
32e4c50d24 ebtables: fix compilation with GCC14
Remove 100-musl_fix.patch, which is no longer needed
and causes a build error with gcc-14.

Fixes:
useful_functions.c:63:41: error: passing argument 1 of 'ether_ntoa' from incompatible pointer type [-Wincompatible-pointer-types]
   63 |                 printf("%s", ether_ntoa((struct ether_addr *) mac));
      |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~
      |                                         |
      |                                         struct ether_addr *
In file included from include/ebtables_u.h:28,
                 from useful_functions.c:25:
/Volumes/wrt3200/openwrt/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-14.1.0_musl_eabi/include/netinet/ether.h:10:19: note: expected 'const struct ether_addr *' but argument is of type 'struct ether_addr *'
   10 | char *ether_ntoa (const struct ether_addr *);
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15576
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-05-28 10:41:45 +02:00
Rany Hany
3e024022c3 linux-atm: fix build with GCC 14
Basic changes to make linux-atm build without any issues with GCC 14.

Besides some errors caused by -Wpointer-sign, there was also an issue
with socklen_t not being used for getsockopt() and accept()
sometimes.

I also updated the Debian patch to include the latest changes from
version "1:2.5.1-5.1" in Debian Sid. This allowed me to drop
"600-fix-format-errors.patch" and "700-include_sockios.patch".

Signed-off-by: Rany Hany <rany_hany@riseup.net>
2024-05-24 00:09:47 +02:00
Jo-Philipp Wich
61330ddef8 firewall4: update to Git HEAD (2024-05-21)
4c01d1ebf99e fw4: substitute double quotes in strings

Fixes: https://github.com/openwrt/luci/issues/7091
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2024-05-21 08:59:13 +02:00
Konstantin Demin
2cd414c33e dropbear: clarify DROPBEAR_MODERN_ONLY option
don't mention SHA1 in order to not confuse users - SHA1 support is already disabled (except RSA-SHA1 signagures).

ref: https://github.com/openwrt/openwrt/issues/15281

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-05-09 19:35:36 +02:00
Konstantin Demin
f230d00e64 dropbear: bump to 2024.85
- update dropbear to latest stable 2024.85;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- drop cherry-picked patches (merged in release 2024.84)
- refresh remaining patches

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-05-09 19:35:20 +02:00
Christian Marangi
21ddd1164d
odhcpd: update to Git HEAD (2024-05-08)
99dd990690bc treewide: refactor pref(erred) to preferred_lt (lifetime)
4c2b51eab368 treewide: refactor valid to valid_lt (lifetime)
3b4e06055900 router: inherit user-assigned preferred_lifetime
e164414aa184 router: limit prefix preferred_lt to valid_lt in accordance with RFC4861
a2176af7bdeb treewide: spell-fixes and new comments for extra clarification
4590efd3a2b3 treewide: normalize spaces to tabs
2edc60cb7c7a router: rename minvalid to lowest_found_lifetime
7ee72ee17bfa router: disambiguate and clarify 'no route' messages
a29882318a4c config: set RFC defaults for preferred lifetime

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-08 00:11:19 +02:00
Sergey Ponomarev
1d4b88265b
dropbear: use ssh-keygen as an alias for dropbearkey
The DropBear's dropbearkey supports limited set of arguments of
OpenSSH ssh-keygen:  -t, -q -N -Y
After the change you can generate a key with the same command.
Still many features of the original OpenSSH ssh-keygen are absent in
the dropbearkey.
If it's needed then users should install openssh-keygen package that
will replace the /usr/bin/ssh-keygen with the full version.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14174
[ wrap commit description to 80 columns ]
Link: https://github.com/openwrt/openwrt/pull/14174
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-06 13:41:43 +02:00
Christian Marangi
23de46c913
xdp-tools: fix wrong matching for OPENWRT_VERBOSE
To enable verbose log for xdp-tools compilation, we check for "c" in
the OPENWRT_VERBOSE, but verbose.mk supports only "w" and "s" for V=1
and V=99.

Fix the wrong matching and correctly enable verbose output matching for
"s".

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:11 +02:00
Christian Marangi
0d436fc8b1
xdp-tools: refresh patches
Refresh xdp-tools patches with make package/xdp-tools/refresh

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-03 14:53:10 +02:00
Christian Marangi
5acc4f919c
xdp-tools: fix compilation wrongly using host header
Currently it's needed to have gcc-multilib on the host to correctly
compile xdp-tools. This is wrong and means that we are using host header
to compile a tool.

By some searching in how the makefile works it was discovered that
BPF_CFLAGS were not used and required to be appended to config.mk

Only one single header was added but we should include each BPF_CFLAGS
from bpf.mk. To make this some patching to bpf-header were required and
some patches to xdp-tools were required.
Also it's needed to pass the correct target to BPF_CFLAGS.

With the following changes xdp-tools can correctly compile with each
header from bpf-headers and should not use any host header.

Co-Developed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/11825
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-05-01 19:11:34 +02:00
Felix Fietkau
52a5f4491c hostapd: fix a null pointer dereference in wpa_supplicant on teardown
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-05-01 19:00:21 +02:00
Jean Thomas
30245a869e uqmi: set dangling-pointer as error
With "ebfe8b4 CMakeLists: set no-dangling-pointer" the compilation
option is set in uqmi, and can therefore be removed from no-error.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Jean Thomas
4d058d5e4d uqmi: update to git HEAD
e7207be uqmi: print radio interfaces in serving system command
6ef41d6 uqmi: create function to print radio interface string
e25d042 uqmi: Add basic 5G NR support
3e782be uqmi: sync data from libqmi project
368d46c uqmi: support C reserved keywords in upstream JSON files
02e42c0 reorganize source code in common and uqmi specific parts
4591f0a .gitignore build/ directories
2b57ee1 uqmi: commands-uim: fix uninitialized use of card_application_state
7c77e77 data/code-gen: add support for indications
ddbf864 qmi-struct.h: add missing includes
5320c1d move qmi_get_error_str to into utils.c
1503bc7 dev.c: add missing import strings.h
bae945f commands-nas: add missing includes
9ffd0e2 commands: make `struct blob_buf status` public
a4fbdcc commands-nas: fix gcc warning
8ff632a dev.c: add comment to qmi_request_wait()
a043a74 CMakeLists: refactor SOURCES variable to allow later adding uqmid
ebfe8b4 CMakeLists: set no-dangling-pointer
c47125d CMakeLists: improve generated files
0f64b69 CMakeLists: update cmake minimum version to 3.5

As the built uqmi binary is now moved to a dedicated directory,
update the Makefile accordingly.

Signed-off-by: Jean Thomas <jean.thomas@wifirst.fr>
2024-04-28 23:51:19 +02:00
Hauke Mehrtens
00a1671248 hostapd: Fix compile against mbedtsl 3.6
Fix compile of the mbedtls extension for hostapd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-04-28 21:42:18 +02:00
Fabrice Fontaine
6e5edec159 package/network/utils/iptables: fix PKG_CPE_ID
cpe:/a:netfilter:iptables is the correct CPE ID for iptables:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️netfilter:iptables

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15297
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:44:48 +02:00
Fabrice Fontaine
289f811abb package/network/services/dropbear: fix PKG_CPE_ID
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️dropbear_ssh_project:dropbear_ssh

Fixes: c61a239514 (add PKG_CPE_ID ids to package and tools)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15290
Signed-off-by: Robert Marko <robimarko@gmail.com>
2024-04-27 23:43:58 +02:00
Felix Fietkau
2d6fd937c3 netifd: packet_steering: fix shell error on unset steering_flows option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:59:52 +02:00
Felix Fietkau
994f71e0f0 netifd: fix bogus warnings in packet_steering init script
Avoids warnings if options are unset

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-27 20:57:19 +02:00
Paul Donald
708101c141 lldpd: fix reload bug: advertisements shall default to on
Because these capability advertisements default to on in lldpd, they
became absent at reload, and not restart, due to how the reload logic
works ( keep daemon running, send unconfigured and then the new config
via socket ), and it was not evident unless you happened to be looking
for it (e.g. via pcap or tcpdump). It was also not evident from the
manpage ( have now sent patches upstream ).

At reload time, the unconfigure logic disabled them unless they were
explicitly enabled (compare with other settings where 'unconfigure' just
resets them). Now they default to on/enabled at init time, and are
explicitly 'unconfigure'd at startup if the user disables them via:

lldp_mgmt_addr_advertisements=0
lldp_capability_advertisements=0

In other words: explicit is necessary to disable the advertisements.

The same applies to 'configure system capabilities enabled'. Technically
'unconfigure'd is the default but now it is explicit at reload.

Tested on: 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 12:11:27 +02:00
Paul Donald
01cdeb531b ustp: update to Git HEAD (2023-05-29)
a85a5bc83bde netif_utils: correctly close fd on read error

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
2024-04-27 11:40:04 +02:00
Felix Fietkau
7ebcf2fb9c netifd: add flow steering mode to the packet steering script
This allows directing processing of locally received packets to the CPUs
of the tasks receiving them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Felix Fietkau
c4d394c6cc netifd: add a packet steering mode matching the old script
This spreads packet processing across all cores

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-26 06:31:27 +02:00
Felix Fietkau
786e3dec01 bridger: update to Git HEAD (2024-04-22)
ec8c620fd5f4 split bridge-local disable into rx and tx
40b1c5b6be4e flow: do not attempt to offload bridge-local flows

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-22 11:02:52 +02:00
Chen Minqiang
3416144418 ppp: add sourcefilter option support
This make source based IPv6 routing option available for
ppp/pptp/pppoe/pppoa

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-22 15:11:44 +08:00
Paul Donald
4a81d868db
lldpd: extended interface(s) parsing to handle patterns
For interface type parameters, the man page documents patterns:
```
*,!eth*,!!eth1

uses all interfaces, except interfaces starting with "eth",
but including "eth1".
```

* Renamed `_ifname` to `_l2dev`.
* get the l2dev via network_get_physdev (and not l3dev)
* Glob pattern `*` is also valid - use noglob for this

The net result is that now interface 'names' including globs '*' and '!'
inversions are included in the generated lldpd configs.

Temporarily `set -o noglob` and then `set +o noglob` to disable & enable
globbing respectively, because when we pass `*` as an interface choice,
other file and pathnames get sucked in from where the init script runs,
and the `*` never makes it to lldpd.

Tested extensively on: 22.03.6, 23.05.3

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
[ squash with commit bumping release version ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-04-21 17:57:03 +02:00
Chen Minqiang
44a3c18a31 qmi: add sourcefilter option support
This make source based IPv6 routing option available for qmi

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chen Minqiang
044fb8fc13 mbim: add sourcefilter option support
This make source based IPv6 routing option available for mbim

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chen Minqiang
01e8d822e8 ncm: add sourcefilter option support
This make source based IPv6 routing option available for ncm

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2024-04-17 12:34:27 +08:00
Chuanhong Guo
9f6a28b91e ipset: update to 7.21
release notes:
7.21: https://www.spinics.net/lists/netfilter-devel/msg85299.html
7.20: https://www.spinics.net/lists/netfilter-devel/msg85120.html
7.19: https://www.spinics.net/lists/netfilter-devel/msg82985.html

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-04-17 12:14:20 +08:00
Chuanhong Guo
c7fb5d4cac ipset: include libgen.h for basename
musl dropped the GNU version of basename prototype from string.h
in 1.2.5.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2024-04-17 12:14:20 +08:00
Felix Fietkau
123282d9f9 netifd: add missing error checks to packet steering script
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-04-15 13:46:05 +02:00