This change removes the prefix4 and prefix6 attributes from the
site.conf. These do not make sense in the context of parker.

Packages that are usually used in parker do not use these anymore. Some
other packages do - you should not enable those :-)

With this change a ipv6 route to prefix_6 will no longer be set on
br-client. Systems that already have this route will keep it.

With this change the (not working) redirect in the http status page has
been removed. We should consider to add this later on.

Packets which have a destination MAC of other local nodes should not be
redirected, as this possibly results in routing loops in networks with more
than one uplink.

Signed-off-by: Jan Luebbe <sho@stratum0.net>

Kasalehlia authored 4 years ago and chrissi^ committed 4 years ago

at least concerning traffic limits

chrissi^ authored 4 years ago and chrissi^ committed 4 years ago

This change let's uradvd deliver the v6 link-local of this node as DNS.
With this change DNS-requests are not affected by the radv-filterd
-rewrites during roaming.

Signed-off-by: Chrissi^ <chris@tinyhost.de>

Jan Luebbe authored 4 years ago and chrissi^ committed 4 years ago

Signed-off-by: Jan Luebbe <jluebbe@debian.org>

Jan Luebbe authored 5 years ago and chrissi^ committed 4 years ago

When multiple routers are in the same local mesh and clients roam from one (A)
to the next (B), the change of global IP and default gateway are not
synchronized. This leads to packets with an address belonging to router A to be
sent via router B (or the other way around). Those packets are then dropped by
wireguard at the concentrator.

To avoid this, we let gluon-radv-filterd monitor router advertisements and keep
a list of neighbouring v6 networks. With this information, it can maintain a
set of ebtables DNAT rules to redirect the packets to the matching gateway.

Signed-off-by: Jan Luebbe <jluebbe@debian.org>

chrissi^ authored 5 years ago and chrissi^ committed 4 years ago

Using this change an VPN-node announces it's own IPv6 as DNS server.
/tmp/addr6 is written by nodeoute.lua during runtime configuration.

Signed-off-by: Chrissi^ <chris@tinyhost.de>

chrissi^ authored 6 years ago and chrissi^ committed 4 years ago

This change alles meshed PARKER-Nodes to forward IPv6 to the next node.

Signed-off-by: Chrissi^ <chris@tinyhost.de>

Jan Luebbe authored 6 years ago and chrissi^ committed 4 years ago

For parker we need DHCP on the client interface. Ths rule
prevents us from doing so.
In addition: make sure old rules will be deleted on upgrade.

Jan Luebbe authored 6 years ago and chrissi^ committed 4 years ago

Signed-off-by: Jan Luebbe <jlu@pengutronix.de>

Dark4MD authored 5 years ago and chrissi^ committed 4 years ago

Edit by Chrissi^:
Patch taken from:
https://github.com/freifunkh/site/blob/master/patches/0003-added-TP-Link-TL-WR841ND-N-Devices-for-8M-and-16M-Va.patch
This Patch adds support for 8M and 16M Flash variants of TP-Link
TL-WR841 with hand-made modifications.

chrissi^ authored 5 years ago and chrissi^ committed 4 years ago

Signed-off-by: Chrissi^ <chris@tinyhost.de>

chrissi^ authored 6 years ago and chrissi^ committed 4 years ago

Well, we don't actually need this. But let's try some patriotism.

chrissi^ authored 6 years ago and chrissi^ committed 4 years ago

Contact Info is no longer added on FFBS nodes since our gluon release of
v2017.1.8. On nodes that have been running before this release this
field is set to "Intentionally left blank".

This Info should not be shown on the statuspage.

Signed-off-by: Chrissi^ <chris@tinyhost.de>

Fixes commit fb8cd562 ("modules: update OpenWrt")

(cherry picked from commit 604087fa)

d0b8be75ff generic: ipeth: fix iOS 14 tethering
bdc2f19f9d OpenWrt v19.07.5: revert to branch defaults
c37eb9a9f9 OpenWrt v19.07.5: adjust config defaults
5090152ae3 tools: always create $STAGING_DIR/usr/{include,lib}

(cherry picked from commit fb8cd562)

d830403133 toolchain: kernel-headers: kernel Git tree mirror hash
8c2bb1d9b6 toolchain: kernel-headers: fix check target for kernel Git tree
a47caacaf3 download.pl: properly cleanup intermediate .hash file
605adb1023 download: handle possibly invalid local tarballs
5abe989475 cmake.mk,rules.mk: fix host builds using CMake and ccache
77734ce82a cmake.mk: set C/CXX compiler for host builds as well
ebe8cc2b2a mvebu: fixup Turris Omnia U-Boot environment
f10332c292 mvebu: base-files: Update Turris Omnia U-Boot environment
ca1ee39854 mvebu: Add turris-omnia.bootscript
f61e053e72 uboot-envtools: mvebu: update uci defaults for Turris Omnia
f1525e785e kernel: backport GD25Q256 support from 4.15
c72b7a4f0d kernel: bump 4.14 to 4.14.209
c420f77678 wireguard-tools: fix category/description in menuconfig

2974079d3 nano: update to 5.4
e82884caf miniupnpd: Pass ipv6 addr to ipv6_listening_ip
33bd6b6af Merge pull request #14115 from mwarning/zt
ace81238c zerotier: update to 1.6.2
808a67b35 net/miniupnpd: ext_ip_reserved_ignore support
1adf9d979 miniupnpd: Added chain rule to filter table so udp stun incoming connections rules works
4ed18c40e miniupnpd: update to 2.2.0
16cceb118 net/miniupnpd: check by /etc/init.d/miniupnpd running
93d44081c miniupnpd: default to IGDv1
49fb6862d adblock: reporting fixes/tweaks
613d4e19c Merge pull request #14029 from aaronjg/xtables-addons-fix
12b0f8c1a xtables-addons: patch for 4.14 route_me_harder fix
a453361e7 Merge pull request #13943 from jjm2473/openwrt-19.07-fix-libtirpc-clang
fb9077a72 Merge pull request #13983 from rs/nextdns-1.9.4-openwrt-19.07
591601446 nextdns: Update to version 1.9.4
889c46a79 Merge pull request #13981 from rs/nextdns-1.9.3-openwrt-19.07
c65dc2c45 nextdns: Update to version 1.9.3
446bec699 Merge pull request #13937 from jjm2473/openwrt-19.07-fix-vim-clang
fb7630209 travelmate: refine scan interface determination
c68be0b84 libs/libtirpc: fix host compile with clang 12.0.0
1f5670bdf vim: fix host compile with clang 12.0.0

0ce0d687de ipq40xx: disable double-tagging for PSGMII devices
6703abb7ca tcpdump: patch CVE-2020-8037
b4698d87c8 kernel: mtd: parser: cmdline: Fix parsing of part-names with colons
193adc94d1 ar71xx,ath79: refresh 910-unaligned_access_hacks.patch
733a482733 musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)
c9c7b4b394 kernel: add netfilter-actual-sk patch
a448ad7490 uhttpd: update to 19.07 Git HEAD

39c5635714 scripts: download.pl: retry download using filename

(cherry picked from commit 99e1e527)

b77fabe01 Merge pull request #13911 from ja-pa/libexif-sec-19.07
e74565a0b libexif: update to 0.6.22
68eb1943c mwan3: add missing dependency
b038148cc mwan3: Remove fork/exec for head
c5d61945f haproxy: Update HAProxy to v2.0.19
5b3870890 php7: update to 7.2.34
2bd627ec7 Merge pull request #13828 from jgora/jgora
d1d53a3ac xtables-addons: Support IPTV Timeshift
05efc24fd youtube-dl: update to version 2020.11.1.1
5db211c62 youtube-dl: update to version 2020.9.20
7b1ac9283 youtube-dl: update to version 2020.9.14
3a61338ab bind: update to version 9.16.8
2331de4ec libftdi1: disable building documentation
73c7bcb63 libftdi1: Fix pkgconfig paths properly
82208ceca libftdi1: Apply pkgconfig fixes to libftdipp1 as well
58b6d0ee5 libftdi1: Partially add back InstallDev
55e7acc25 libftdi1: Remove faulty change from last patch
45e7e13dc libftdi1: Don't build examples
089699b1e tinyproxy: convert to procd
39ce33461 tinyproxy: update to 1.10.0
b07f752e7 nextdns: Update to version 1.8.8
99e77a716 openconnect: allow specify --protocol from config
37303e1f0 adblock: update 4.0.7-2
5dbbb7ebf adblock: update 4.0.7
0c9206469 zoneinfo: Updated to the latest release
a9162448c zoneinfo: Updated to the latest release
abcbc5e1c zoneinfo: Updated to the latest release.

(cherry picked from commit b09a124a)

2a8279c161 layerscape: Fix check after kernel update
ac5297340e kernel: bump 4.14 to 4.14.206
589c3cf4e0 ath79: remove wmac mtd-mac-address for UniFi AC family
2a3dbded93 feeds: add freifunk feed
ad3c2b9736 ath79: use correct firmware name for UniFi AP
84ae238324 ramips: fix logic level for DIR-645 buttons
c25e3275ac ath79: fix LED labels for PowerCloud CAP324
78c4c04dd7 uci: Backport security fixes
3af9c5fefd uboot-envtools: mvebu: fix config for mainline u-boot
7fbee0c7b2 mvebu: Add bootscript for espressobin to support mainline firmware
14903d9d8c kernel: bump 4.14 to 4.14.202
03a029745f firmware: intel-microcode: update to 20200616
95d60bf881 firmware: amd64-microcode: update to 20191218
dda5e3db19 firewall: options: fix parsing of boolean attributes
7dd822983b kernel: bump 4.14 to 4.14.201
aee081e62e oxnas: fix qc_prep return in sata driver after kernel 4.14.200
6696fddfd9 mac80211: do not allow bigger VHT MPDUs than the hardware supports
9c718b5478 kernel: bump 4.14 to 4.14.200
b21bea7b1b ath79: ar8216: make switch register access atomic
891022918d scripts: getver.sh: fix version based on stable branch
8076fb59ab openssl: bump to 1.1.1h
f4286d7bc2 ath79: fix rssi-low LED for My Net Range Extender
d82e6a2f10 kernel: Update to version 4.14.199
86b44028e2 comgt: fix hotplug event handling
34a9652904 Revert "ramips: ethernet: fix to interrupt handling"

Build-tested: x86-64, ath79-generic, ipq40xx-generic
(cherry picked from commit 2537b743)

Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.

This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.

02b4dbf (HEAD -> openwrt-19.07, origin/openwrt-19.07) Merge pull request #620 from ecsv/batadv-for-19.07
59e8d5f batctl: Merge bugfixes from 2020.4
6859689 batman-adv: Merge bugfixes from 2020.4

Compile-tested: x86-64
Run-tested: x86-64 (QEMU)
(cherry picked from commit c273f1a2)

Gluon v2020.2.x uses fastd v19, so we keep that in a separate patch. The
fastd memory leak fix from v18 is not removed in this patch anymore, as
the fix is needed for v19 as well.

(cherry picked from commit 53f5b809)

a2673dc53 fastd: fix buffer leak when receiving invalid packets
51bf00834 logrotate: update to version 3.17.0
8715cef64 logrotate: update to 3.16.0
acb77d5be python3: Update to 3.7.9, refresh/remove backported patches
4af889f20 travelmate: bugfix single radio mode
cb3bab180 netdata: update to version 1.26.0
70bb0b4c8 bind: update to version 9.16.7
d05698fae freeradius3: move "release_" from PKG_VERSION
93360e625 freeradius3: add meta-package for default modules
2f7338b62 python-urllib3: update to version 1.25.10 (security fix)
50a67ed74 nextdns: Update to version 1.8.6
b48575ef4 chrony: update to 3.5.1
35e6986a0 nextdns: mark /etc/config/nextdns as configuration file
418e3b294 simple-adblock: config update file fix
9ac587ca8 libuv: update to 1.40.0
613d21085 nano: update to 5.3
992746571 btrfs-progs: update to version 5.7
cedba1ca2 btrfs-progs: update to version 5.6
25b2751f8 python-pytz: update to 2019.03
f3b424139 adblock: refresh blocklist sources
ec628b10d syslog-ng: bump version in config file
d0a74afad syslog-ng: tweak shell code of network_localhost little bit
f705a5a93 python-sentry-sdk: Update to version 0.12.3
2976a5a0e haproxy: Update HAProxy to v2.0.18
eec7bd646 tor: update to version 0.4.4.5
91af4cf72 mariadb: Update to the latest version from 10.2 branch
9461ae47a Werkzeug: Update to version 0.16.0
f9d9ae8c8 Flask: update to version 1.1.2
4a833e3a8 Flask: Update to version 1.1.1
a4534f160 gstreamer1: enable build options necessary for most applications
8a71cdd6a python-ifaddr: update to version 0.1.7
05ea7dfc6 nextdns: Update to version 1.8.5
9069ad925 ipmitool: fix CVE-2020-5208
826fc8921 nextdns: Update to version 1.8.4
ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823
3f0e26637 python-zeroconf: update to version 0.28.0
fe7ceaa65 python-zeroconf: update to version 0.24.4
49459505e mwan3: fix typo in mwan3_set_sticky_iptables
cae961784 ocserv: include ocserv-worker
2af61c9a4 vpnbypass: README update, code cleanup
b00feac4b ocserv: updated to 1.1.1
c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close
70e57317b simple-adblock: add config auto-update feature
94866d76a collectd: update to 5.12.0
b60fa2de9 collectd: update PKG_RELEASE
aeefbbe34 collectd: remove quotation on interval this is an number
b0ad32a3e collectd: move include line
fbe7abcd5 collectd: update PKG_RELEASE
f53b79ced collectd: fix ubi data source type
67a403bfe collectd: add ubi uci and plugin info
37335cf65 collectd: enable ubi plugin

(cherry picked from commit 65e5aeed)

03425a0d2 zmq: fix compilation when libbsd is present
8bb1d13a9 pigeonhole: update to 0.5.11
86da3bbeb zmq: update to version 4.3.3 (security fix)
e72b47469 zmq: fix the installed files
48339ba10 zmq: fix pkgconfig file
ef30f8bf8 zmq: update to 4.3.2
a7d129fc2 zmq: switch to building with CMake
a4cbd04df libxml2: patch security issues
207660987 net/u2pnpd: convert init to procd
2d410422c freeradius3: fix hostname invocation in radtest
066ac0392 freeradius3: enable radtest utility
338fa663c samba4: update to 4.11.12
399e1a0bf youtube-dl: update to version 2020.9.6
7825df65f msmtp: update to version 1.8.12
eb8130508 dovecot: disable zstd
538647a26 syslog-ng: update to version 3.29.1
473ca554f php7: update to 7.2.33
62171036b nextdns: Update to version 1.8.3
953de3ca8 gnutls: update to version 3.6.15 (security fix)
d515d9c35 dovecot: update to version 2.3.11.3 (security fix)
a2634c264 nextdns: Update to version 1.8.2
1cf41a88c python-rsa: downgrade to version 4.5 for python2
54847cc7c unbound: improve odhcpd rapid update robustness
d17720f04 htop: update to 3.0.1-1
d953d80bf htop: update to 3.0.0-1
af4cd94a2 htop: fix compilation with GCC10
7af8eaad1 python-rsa: update to version 4.6 (security fix)
8b0457c55 knot: update to version 2.9.6
f2edf8c53 git: update to version 2.26.2 (security fix)
99d0878d0 python,python3: Use locked for host pip
791e0bc76 nano: update to 5.2
3c6b45ab3 clamav: update to version 0.102.4 (security fix)
0202fdc27 clamav: update to version 0.102.3 (security fix)
c5c0e2e33 clamav: update to 0.102.2
9700cea70 bind: New upstream version 9.16.6
256a631d9 bind: update to 9.16.4
ac79fde24 simple-adblock: bugfix: update config; use command -v
4e1bfa748 nspr: update to version 4.27
120ff2c63 nspr: nspr add -flto to compile
847ed6e0f nspr: fix compilation with newer musl
2f58b610d nspr: update to 4.25
fab10b8df nss: update to version 3.55 (security fix)
7c3b05d33 nss: update to 3.53
46d315d31 nss: fix build for mips64 disable arm32_neon on unsupported target
638b1642e nss: revert -flto change it seems that it can lead to segfault in libfreebl3.so
be95fcb78 nss: add -flto and makefile cleanup
f0e6ceff3 nss: update to 3.52
e5d732722 nss: update to 3.51.1
e713f74b7 nss: update to 3.51
d2efcd926 nss: update to 3.50
6a3d05272 nss: update to 3.49.2
5e371c2d5 libffi: fix build failure on powerpc platforms
0413252f3 libffi: update to 3.3
70faa62f3 libffi: do not build in a special directory
9ec9bea25 net/mosquitto: Update to 1.6.12
2f7867074 python3: fix rebasing error
769d51fa9 python: fix host compilation with clang
37857a3f2 python3: fix host compilation with clang
b28c614d3 lvm2: fix CE in mac

(cherry picked from commit 73640292)