A tunnel cannot be set up, if the peer configured is unreachable for the
route when the tunnel is set up, because adding host dependency fails.
As already stated when this dependency was disabled for wireguard, it
seems to be somehow broken for IPv6 peers as well.
Because it is not necessary for us anyway, host dependency is disabled
for gre with this patch.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Set ra_default to '2' to announce as default-router, even if no default
route or global addresses are present.
This is necessary to be able to reach addresses in fc00::/7 from
clients, because odhcpd does not support sending out routes to clients
via router advertisements.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
When no default route was present in the table main, but only in table
fff because of disconnected WAN, wireguard was digging it's tunnel
through fff-network.
Depending on the metrics, the gateway therefore used the tunnel as
default-route which let the tunnel collapse.
By introducing fwmark and routing it seperately, this can be avoided.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
This keeps gateway specific changes, even if updating from node firmware.
Because this file wasn't cleared anywhere, it got longer with every
upgrade. This is now fixed by reverting to the upstream behaviour
(truncate instead of append)
Signed-off-by: Fabian Bläse <fabian@blaese.de>
When using IPv6 addresses (or DNS which has AAAA record) as endpoint,
add_host_dependency fails for some reason which causes the wireguard
interface to disappear.
Because it is not necessary for us anyway, host_dependency is disabled
for wireguard with this patch.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
CC: kratz00@gmx.de
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
- Changed subject
- Changed curl parameters
- Added firewall rule
- Configure alfred to be master
- Add fff-nodewatcher as dep, because we use the alfred config
This firewall blocks all communication with fe80::1 from a
Client to Batman and to the Node.
We need this because some crap devices (e.g. a wrongly
connected router on a clientport) have fe80::1 as address
and break our setup.
Signed-off-by: Christian Dresel <fff@chrisi01.de>
Tested-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When using local hoodfile neither this nor central hoodfile
downloaded earlier should be offered to neighbours, so remove it
from the webroot.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Instead of overwriting local variable to local hoodfile location,
copy it to the commonly used location. This makes the local hoodfile
behave exactly like central hoodfiles, which prevents some border cases.
The previous behaviour mainly caused issues when using getJsonPath() and
getUpgradePath() from fff-hoodutils.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
This make it easier to use new targets without subtarget.
Signed-off-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Based on the documentation, BLA will only help if two nodes
are connected via WiFi AND via Ethernet cable on CLIENT ports!
For a "correct" setup, e.g. WiFi and BATMAN port connection,
BLA won't have an effect.
Since the former case is possible and there are no known
drawbacks, we enable BLA.
This removes the line to disable BLA, so it will be enabled as
B.A.T.M.A.N. enables it by default.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
This shows the configured peers for fastd and L2TP.
Note that "configured" does not tell whether they are working.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
USB support is removed because of very limited flash.
This allows building for tl-mr3020 again.
USB support has no known use case for this firmware.
Most usb devices would require additional drivers anyway.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Instead of manually overwriting basic and supported rates,
this patch makes use of a new OpenWRT option "legacy_rates",
which disables 802.11b data rates.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
So far, the Monitoring evaluates hoods based on their names.
This introduces several problems, most prominently a hood
re-creation if it is renamed at the KeyXchange.
Since we have unique hood IDs in the KeyXchange and the
Monitoring retrieves those via hoods.php, it is logical use this
information instead of relying on string comparison.
This requires the hood files to contain an additional field "id".
While this has not been implemented, the changes in this patch
will still work and just write empty data to the uci field and
alfred data.
For local hoods, the "id" in the hood file will remain unset.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
When setting up a node, router solicitations can be used to speed
up receiving router advertisements a lot. This mechanism has been
previously disabled by our custom sysctl config.
However because linux does not send router solicitations, if it
doesn't accept router advertisements, which is disabled for every
link except WAN, this option can safely be set to it's default value
for all interfaces.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
Since the MacNocker was introduced, the hood information in
UCI is DELETED if the hood is lost.
If the router still successfully sends alfred data in this state,
the Monitoring will treat it as a V1 device. This is annoying,
especially since it looks like a loop.
An easy solution is to send an empty <hood> field in those cases,
as V2 routers are detected by them knowing their hood.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
This sysfs option no longer exists.
The no_rebroadcast option was used as part of gluon’s
batman-adv-legacy implementation, after open-mesh decided
to not include it into batman-adv v14:
https://patchwork.open-mesh.org/patch/3434/
Our firmware has included (and enabled) it since December 2013.
With the upgrade to batman-adv v15 (pulled from openwrt-routing
then) in October 2017, the custom patch was no longer included.
It looks like open-mesh provides an equivalent built-in
solution now:
https://git.open-mesh.org/batman-adv.git/commit/a00797d8fa8fd1471e8be1ac23d506f76d866aaa
Thus, the option can be removed.
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
The "ipv4" option is used to enforce using ipv4 when
using dns for fastd remotes.
However this option was incorrectly always set which
makes ipv6 connections impossible.
Because enforcing ipv4 is not necessary, this option
is removed.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
Tested-by: Fabian Bläse <fabian@blaese.de>