Add currently pending patch to fix dsa bridge in bridge configs

This patch fixes the forwarding behavior of bridge in bridge
configurations with DSA.

Without it, the configuration of the upper bridge might overwrite
settings of the lower bridge. For example, a vlan-aware bridge
with DSA interfaces in it might be offloaded to the DSA hardware. If the
bridge interface itself gets slave of a different bridge without vlan
filtering, the vlan filtering setting of the lower bridge is overwritten
by the upper bridge, which results in an incorrect hardware
configuration.

This was backported from kernel 5.7.

Ref: https://github.com/openwrt/openwrt/pull/4493
Signed-off-by: Fabian Bläse <fabian@blaese.de>

bsp/octeon.bsp

@@ -0,0 +1,5 @@
+chipset=octeon
+
+images=(
+        "openwrt-${chipset}-ubnt_edgerouter-4-*"
+       )

bsp/octeon/.config

@@ -0,0 +1,21 @@
+# Generated using "./buildscript config openwrt".
+# Do no edit manually
+#
+CONFIG_TARGET_octeon=y
+CONFIG_TARGET_MULTI_PROFILE=y
+CONFIG_TARGET_PER_DEVICE_ROOTFS=y
+CONFIG_TARGET_DEVICE_octeon_DEVICE_ubnt_edgerouter-4=y
+CONFIG_TARGET_DEVICE_PACKAGES_octeon_DEVICE_ubnt_edgerouter-4=""
+CONFIG_BUSYBOX_CUSTOM=y
+CONFIG_TARGET_PER_DEVICE_ROOTFS=y
+# CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CROND is not set
+# CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
+# CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
+# CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+CONFIG_CLEAN_IPKG=y
+# CONFIG_DROPBEAR_CURVE25519 is not set
+# CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_opkg=m
+CONFIG_STRIP_KERNEL_EXPORTS=y
+CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512

bsp/ramips-mt7621.bsp

@@ -5,4 +5,5 @@ images=(
         "openwrt-ramips-mt7621-netgear_r6220-squashfs-*"
         "openwrt-ramips-mt7621-ubnt_edgerouter-x-squashfs-*"
         "openwrt-ramips-mt7621-ubnt_edgerouter-x-sfp-squashfs-*"
+        "openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-*"
        )

bsp/ramips-mt7621/.config

@@ -10,6 +10,8 @@ CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_ubnt_edgerouter-x=y
 CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_ubnt_edgerouter-x=""
 CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_ubnt_edgerouter-x-sfp=y
 CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_ubnt_edgerouter-x-sfp=""
+CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit=y
+CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set

bsp/ramips-mt76x8.bsp

@@ -3,4 +3,5 @@ subtarget=mt76x8
 images=("openwrt-${chipset}-${subtarget}-tplink_archer-c50-v3-squashfs-*"
         "openwrt-${chipset}-${subtarget}-tplink_archer-c50-v4-squashfs-*"
         "openwrt-${chipset}-${subtarget}-tplink_tl-wr841n-v13-squashfs-*"
+        "openwrt-${chipset}-${subtarget}-xiaomi_mi-router-4a-100m-squashfs-*"
         )

bsp/ramips-mt76x8/.config

@@ -10,6 +10,8 @@ CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_tplink_archer-c50-v4=y
 CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_tplink_archer-c50-v4=""
 CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_tplink_tl-wr841n-v13=y
 CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_tplink_tl-wr841n-v13=""
+CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m=y
+CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set

bsp/x86-64.bsp

@@ -0,0 +1,4 @@
+chipset=x86
+subtarget=64
+images=("openwrt-${chipset}-${subtarget}-generic-squashfs-combined-*"
+        )

bsp/x86-64/.config

@@ -0,0 +1,18 @@
+# Generated using "./buildscript config openwrt".
+# Do no edit manually
+#
+CONFIG_TARGET_x86=y
+CONFIG_TARGET_x86_64=y
+CONFIG_TARGET_x86_64_DEVICE_generic=y
+# CONFIG_TARGET_ROOTFS_EXT4FS is not set
+CONFIG_BUSYBOX_CUSTOM=y
+CONFIG_TARGET_PER_DEVICE_ROOTFS=y
+# CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CROND is not set
+# CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
+# CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
+# CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+CONFIG_CLEAN_IPKG=y
+# CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_opkg=m
+CONFIG_STRIP_KERNEL_EXPORTS=y

build_patches/openwrt/0003-ntpd-host-as-string.patch

@@ -3,15 +3,14 @@ Date: Sat, 8 Jul 2017 10:47:56 +0200
 Subject: ntpd host as string
 
 diff --git a/package/utils/busybox/files/sysntpd b/package/utils/busybox/files/sysntpd
-index e4a070762f2e6be299db8a7af7a8383062b0cf57..9f7aff31c57803de1d61fdfaac751fc8c8d0d108 100755
+index 074f14b8f8..a05d1789ff 100755
 --- a/package/utils/busybox/files/sysntpd
 +++ b/package/utils/busybox/files/sysntpd
-@@ -30,7 +30,7 @@ get_dhcp_ntp_servers() {
- 
- validate_ntp_section() {
- 	uci_load_validate system timeserver "$1" "$2" \
--		'server:list(host)' 'enabled:bool:1' 'enable_server:bool:0' 'use_dhcp:bool:1' 'dhcp_interface:list(string)'
-+		'server:list(string)' 'enabled:bool:1' 'enable_server:bool:0' 'use_dhcp:bool:1' 'dhcp_interface:list(string)'
+@@ -34,7 +34,7 @@ validate_ntp_section() {
+ 		'enable_server:bool:0' \
+ 		'enabled:bool:1' \
+ 		'interface:string' \
+-		'server:list(host)' \
++		'server:list(string)' \
+ 		'use_dhcp:bool:1'
  }
- 
- start_ntpd_instance() {

build_patches/openwrt/0010-ramips-add-missing-label-mac-device-mi-router-4a.patch

@@ -0,0 +1,25 @@
+From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
+Date: Mon, 19 Jul 2021 21:54:29 +0200
+Subject: [PATCH] ramips: add missing label-mac-device for Xiaomi Mi Router 4A
+ (100M)
+
+As both the Mi Router 4A (100M) and the Mi Router 4C use the same
+label-mac-device, the alias can be moved to the shared dtsi.
+
+Signed-off-by: Fabian Bläse <fabian@blaese.de>
+---
+ target/linux/ramips/dts/mt7628an_xiaomi_mi-router-4.dtsi | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/target/linux/ramips/dts/mt7628an_xiaomi_mi-router-4.dtsi b/target/linux/ramips/dts/mt7628an_xiaomi_mi-router-4.dtsi
+index 0f5897f5c593..d3f5e33be732 100644
+--- a/target/linux/ramips/dts/mt7628an_xiaomi_mi-router-4.dtsi
++++ b/target/linux/ramips/dts/mt7628an_xiaomi_mi-router-4.dtsi
+@@ -11,6 +11,7 @@
+ 		led-failsafe = &led_power_yellow;
+ 		led-running = &led_power_blue;
+ 		led-upgrade = &led_power_yellow;
++		label-mac-device = &ethernet;
+ 	};
+ 
+ 	chosen {

build_patches/openwrt/0020-kernel-5.4-backport-fix-to-allow-bridge-in-bridge-co.patch

@@ -0,0 +1,101 @@
+From 6f91e2bd8fd3d0e31a451a401ee586021b4f449e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
+Date: Sun, 29 Aug 2021 21:21:35 +0200
+Subject: [PATCH] kernel-5.4: backport switchdev fix for bridge in bridge
+ configurations
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch fixes the forwarding behavior of bridge in bridge
+configurations with DSA.
+
+Without it, the configuration of the upper bridge might overwrite
+settings of the lower bridge. For example, a vlan-aware bridge
+with DSA interfaces in it might be offloaded to the DSA hardware. If the
+bridge interface itself gets slave of a different bridge without vlan
+filtering, the vlan filtering setting of the lower bridge is overwritten
+by the upper bridge, which results in an incorrect hardware
+configuration.
+
+This was backported from kernel 5.7.
+
+Ref: https://lore.kernel.org/netdev/20191222192235.GK25745@shell.armlinux.org.uk/
+Fixes: FS#3996
+Signed-off-by: Fabian Bläse <fabian@blaese.de>
+---
+ ...-not-propagate-bridge-updates-across.patch | 62 +++++++++++++++++++
+ 1 file changed, 62 insertions(+)
+ create mode 100644 target/linux/generic/backport-5.4/790-v5.7-net-switchdev-do-not-propagate-bridge-updates-across.patch
+
+diff --git a/target/linux/generic/backport-5.4/790-v5.7-net-switchdev-do-not-propagate-bridge-updates-across.patch b/target/linux/generic/backport-5.4/790-v5.7-net-switchdev-do-not-propagate-bridge-updates-across.patch
+new file mode 100644
+index 0000000000..e18e2bf3e4
+--- /dev/null
++++ b/target/linux/generic/backport-5.4/790-v5.7-net-switchdev-do-not-propagate-bridge-updates-across.patch
+@@ -0,0 +1,62 @@
++From 07c6f9805f12f1bb538ef165a092b300350384aa Mon Sep 17 00:00:00 2001
++From: Russell King <rmk+kernel@armlinux.org.uk>
++Date: Wed, 26 Feb 2020 17:14:21 +0000
++Subject: [PATCH] net: switchdev: do not propagate bridge updates across
++ bridges
++
++When configuring a tree of independent bridges, propagating changes
++from the upper bridge across a bridge master to the lower bridge
++ports brings surprises.
++
++For example, a lower bridge may have vlan filtering enabled.  It
++may have a vlan interface attached to the bridge master, which may
++then be incorporated into another bridge.  As soon as the lower
++bridge vlan interface is attached to the upper bridge, the lower
++bridge has vlan filtering disabled.
++
++This occurs because switchdev recursively applies its changes to
++all lower devices no matter what.
++
++Reviewed-by: Ido Schimmel <idosch@mellanox.com>
++Tested-by: Ido Schimmel <idosch@mellanox.com>
++Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
++Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
++Signed-off-by: David S. Miller <davem@davemloft.net>
++---
++ net/switchdev/switchdev.c | 9 +++++++++
++ 1 file changed, 9 insertions(+)
++
++diff --git a/net/switchdev/switchdev.c b/net/switchdev/switchdev.c
++index 60630762a748b7..f25604d68337cf 100644
++--- a/net/switchdev/switchdev.c
+++++ b/net/switchdev/switchdev.c
++@@ -475,6 +475,9 @@ static int __switchdev_handle_port_obj_add(struct net_device *dev,
++ 	 * necessary to go through this helper.
++ 	 */
++ 	netdev_for_each_lower_dev(dev, lower_dev, iter) {
+++		if (netif_is_bridge_master(lower_dev))
+++			continue;
+++
++ 		err = __switchdev_handle_port_obj_add(lower_dev, port_obj_info,
++ 						      check_cb, add_cb);
++ 		if (err && err != -EOPNOTSUPP)
++@@ -526,6 +529,9 @@ static int __switchdev_handle_port_obj_del(struct net_device *dev,
++ 	 * necessary to go through this helper.
++ 	 */
++ 	netdev_for_each_lower_dev(dev, lower_dev, iter) {
+++		if (netif_is_bridge_master(lower_dev))
+++			continue;
+++
++ 		err = __switchdev_handle_port_obj_del(lower_dev, port_obj_info,
++ 						      check_cb, del_cb);
++ 		if (err && err != -EOPNOTSUPP)
++@@ -576,6 +582,9 @@ static int __switchdev_handle_port_attr_set(struct net_device *dev,
++ 	 * necessary to go through this helper.
++ 	 */
++ 	netdev_for_each_lower_dev(dev, lower_dev, iter) {
+++		if (netif_is_bridge_master(lower_dev))
+++			continue;
+++
++ 		err = __switchdev_handle_port_attr_set(lower_dev, port_attr_info,
++ 						       check_cb, set_cb);
++ 		if (err && err != -EOPNOTSUPP)
+-- 
+2.33.0
+

buildscript

@@ -7,15 +7,15 @@ set -o pipefail
 builddir=./build
 
 # OpenWrt: package hashes correspond to core repo version
-OPENWRTREV="v21.02.0-rc3"
-PACKAGEREV="e738d2faf1c4ed68094f1d5da075d2d92fb35049"
-ROUTINGREV="2baff33918c089fd3744c7192f8ae7a29c47a8d7"
+OPENWRTREV="v21.02.0-rc4"
+PACKAGEREV="49b1a6f4cc6e265cb98eb3d3225aca96079d1ec0"
+ROUTINGREV="e7e25b873b8ed4376cdcf82f963db34dda954f02"
 
 # Gluon packages: master from 2020-02-04
 GLUONREV="12e41d0ff07ec54bbd67a31ab50d12ca04f2238c"
 
 OPENWRT_PKGS="gpioctl-sysfs libugpio fastd haserl micrond mtr bmon"
-ROUTING_PKGS="kmod-batman-adv batctl alfred babeld"
+ROUTING_PKGS="kmod-batman-adv batctl alfred babeld bird2"
 GLUON_PKGS="simple-tc uradvd"
 
 FFF_VARIANTS="node layer3"

src/packages/fff/fff-babel-bird2/Makefile

@@ -0,0 +1,30 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fff-babel-bird2
+PKG_RELEASE:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fff-babel-bird2
+	SECTION:=base
+	CATEGORY:=Freifunk
+	TITLE:=Freifunk-Franken babel-bird2
+	URL:=https://www.freifunk-franken.de
+	DEPENDS:=+bird2 +bird2c
+	PROVIDES:=fff-babel-implementation
+	CONFLICTS:=fff-babeld
+endef
+
+define Package/fff-babel-bird2/description
+	This is the Freifunk Franken Firmware babel-bird2 package.
+endef
+
+define Build/Compile
+	# nothing
+endef
+
+define Package/fff-babel-bird2/install
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,fff-babel-bird2))

src/packages/fff/fff-babel-bird2/files/etc/bird-babel-include.conf

@@ -0,0 +1 @@
+include "/etc/bird-babel/*.conf";

src/packages/fff/fff-babel-bird2/files/etc/bird-fff.conf

@@ -0,0 +1,115 @@
+# router id is not required for babeld, but necessary for bird startup
+router id 192.0.2.0;
+
+ipv4 table fff4;
+ipv6 sadr table fff6;
+
+ipv4 table local4;
+ipv6 sadr table local6;
+
+protocol device {
+	scan time 15;
+}
+
+# device routes for ipv4 peering address
+protocol direct {
+	ipv4 {
+		table fff4;
+		import filter {
+			if (net ~ 10.50.0.0/16 || net ~ 10.83.0.0/16) && net.len = 32 then {
+				accept;
+			}
+			reject;
+		};
+	};
+}
+
+# device routes on loopback interface
+protocol direct {
+	ipv4 {
+		table fff4;
+		import filter {
+			if net ~ 10.50.0.0/16 || net ~ 10.83.0.0/16 then {
+				accept;
+			}
+			reject;
+		};
+	};
+
+	ipv6 sadr {
+		table fff6;
+		import filter {
+			if net ~ 2000::/3 from ::/0 then {
+				accept;
+			}
+			reject;
+		};
+		import keep filtered;
+	};
+
+	interface "lo";
+}
+
+# ipv6 kernel route interface
+protocol kernel {
+	ipv6 sadr {
+		table fff6;
+		import filter {
+			# only import routes from kernel with proto static
+			if krt_source = 4 then {
+				accept;
+			}
+			reject;
+		};
+		export all;
+		preference 200;
+	};
+	kernel table 10;
+	scan time 15;
+	learn yes;
+}
+
+# ipv4 kernel route interface
+protocol kernel {
+	ipv4 {
+		table fff4;
+		import filter {
+			# only import routes from kernel with proto static
+			if krt_source = 4 then {
+				accept;
+			}
+			reject;
+		};
+		export all;
+		preference 200;
+	};
+	kernel table 10;
+	scan time 15;
+	learn yes;
+}
+
+protocol babel {
+	# required due to static configuration of global router id.
+	# also improves reconnect speed after restart.
+	randomize router id yes;
+
+	ipv4 {
+		table fff4;
+		import filter {
+			accept;
+		};
+		export all;
+	};
+
+	ipv6 sadr {
+		table fff6;
+		import filter {
+			accept;
+		};
+		export filter {
+			accept;
+		};
+	};
+
+	include "/etc/bird-babel-include.conf";
+};

src/packages/fff/fff-babel-bird2/files/etc/uci-defaults/60-fff-bird-config

@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: GPL-3.0-only
+
+mv /etc/bird-fff.conf /etc/bird.conf
+
+exit 0

src/packages/fff/fff-babel-bird2/files/lib/functions/fff/babeldaemon

@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: GPL-3.0-only
+
+babel_add_interface() {
+	[ "$#" -ne "4" ] && return 1
+
+	local name="$1"
+	local interface="$2"
+	local type="$3"
+	local rxcost="$4"
+
+	mkdir -p /tmp/bird-babel
+	echo "interface \"$interface\" { type $type; rxcost $rxcost; };" > /tmp/bird-babel/$name.conf
+
+	return 0
+}
+
+babel_delete_interface() {
+	return 0
+}
+
+babel_add_redistribute_filter() {
+	return 0
+}
+
+babel_remove_custom_redistribute_filters() {
+	return 0
+}
+
+babel_apply() {
+	# error output hidden because apply might be executed without a preceding configure step.
+	if [ -d /tmp/bird-babel ]; then
+		rm -rf /etc/bird-babel
+		mv /tmp/bird-babel /etc/bird-babel
+	fi
+
+	return 0
+}
+
+babel_reload() {
+	# Change include file path, so bird uses the correct configuration, depending on the configuration state:
+	#  - If test mode is active (and /tmp/bird-babel exists), switch to the temporary (/tmp) configuration to be tested.
+	#  - If new settings are applied or the old settings are restored after an unsuccessful test (and /tmp/bird-babel does not exist),
+	#    switch back to the permanent configuration (/etc).
+	if [ -d /tmp/bird-babel ]; then
+		echo 'include "/tmp/bird-babel/*.conf";' > /etc/bird-babel-include.conf
+	else
+		echo 'include "/etc/bird-babel/*.conf";' > /etc/bird-babel-include.conf
+	fi
+
+	/etc/init.d/bird reload
+}
+
+babel_revert() {
+	rm -r /tmp/bird-babel
+}

src/packages/fff/fff-babel-bird2/files/usr/lib/nodewatcher.d/80-bird2.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-3.0-only
+
+set -e
+set -o pipefail
+
+neighbours="$(birdc -r show babel neighbors |
+		tail -n +5 |
+		awk '{ printf "<neighbour><ip>%s</ip><outgoing_interface>%s</outgoing_interface><link_cost>%s</link_cost></neighbour>", $1, $2, $3 }'
+	)"
+
+echo -n "<babel_neighbours>$neighbours</babel_neighbours>"
+
+exit 0

src/packages/fff/fff-babel/Makefile

@@ -0,0 +1,28 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fff-babel
+PKG_RELEASE:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fff-babel
+	SECTION:=base
+	CATEGORY:=Freifunk
+	TITLE:=Freifunk-Franken babel
+	URL:=https://www.freifunk-franken.de
+	DEPENDS:=+fff-babel-implementation
+endef
+
+define Package/fff-babel/description
+	This is the Freifunk Franken Firmware babel package.
+endef
+
+define Build/Compile
+	# nothing
+endef
+
+define Package/fff-babel/install
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,fff-babel))

src/packages/fff/fff-babel/files/etc/layer3.d/40-babel

@@ -26,7 +26,7 @@ configure() {
 		fi
 	}
 
-	config_load babeld
+	config_load network
 	config_foreach remove_babelpeer interface
 
 	#add new peers
@@ -75,14 +75,14 @@ configure() {
 		babel_add_peer6addr "network.$prefixname.ip6addr"
 
 		# add babel interface
-		babel_add_interface "$prefixname" "$iface" "$type" "$rxcost" || { echo "Could not add babeld interface for babelpeer $name"; exit 1; }
+		babel_add_interface "$prefixname" "$iface" "$type" "$rxcost" || { echo "Could not add babel interface for babelpeer $name"; exit 1; }
 	}
 
 	config_load gateway
 	config_foreach add_babelpeer babelpeer
 
 
-	# configure babeld filters for custom ipv6 addresses
+	# configure babel filters for custom ipv6 addresses
 	## remove old filters
 	babel_remove_custom_redistribute_filters
 
@@ -94,10 +94,14 @@ configure() {
 
 apply() {
 	uci commit network
-	uci commit babeld
+	babel_apply
+}
+
+reload() {
+	babel_reload
 }
 
 revert() {
 	uci revert network
-	uci revert babeld
+	babel_revert
 }

src/packages/fff/fff-babel/files/lib/functions/fff/babel

@@ -0,0 +1,67 @@
+. /lib/functions/fff/babeldaemon
+
+babel_add_iifrules() {
+	[ "$#" -ne "1" ] && return 1
+
+	local name="$1"
+	local table='10'
+	local prio='31'
+
+	uci set network.${name}_rule=rule
+	uci set network.${name}_rule.in="$name"
+	uci set network.${name}_rule.lookup="$table"
+	uci set network.${name}_rule.priority="$prio"
+
+	uci set network.${name}_rule6=rule6
+	uci set network.${name}_rule6.in="$name"
+	uci set network.${name}_rule6.lookup="$table"
+	uci set network.${name}_rule6.priority="$prio"
+
+	return 0
+}
+
+babel_delete_iifrules() {
+	[ "$#" -ne "1" ] && return 1
+
+	local name="$1"
+
+	uci -q del network.${name}_rule
+	uci -q del network.${name}_rule6
+
+	return 0
+}
+
+babel_add_peeraddr() {
+	[ "$#" -ne "1" ] && return 1
+
+	local option="$1"
+
+	if peer_ip=$(uci -q get gateway.@gateway[0].peer_ip); then
+		uci add_list "$option"="$peer_ip"
+	elif router_ip=$(uci -q get gateway.meta.router_ip); then
+		# use router_ip if no peer_ip is set
+		uci add_list "$option"="$router_ip"
+	elif ipaddr=$(uci -q get gateway.@client[0].ipaddr); then
+		# use client interface address (without subnet) if no router_ip is set
+		uci add_list "$option"=$(echo $ipaddr | cut -d / -f1)
+	else
+		echo "WARNING: No peer_ip, router_ip or client interface ipaddr set! IPv4 routing is not possible."
+		return 1
+	fi
+
+	return 0
+}
+
+babel_add_peer6addr() {
+	[ "$#" -ne "1" ] && return 1
+
+	local option="$1"
+
+	if peer_ip6=$(uci -q get gateway.@gateway[0].peer_ip6); then
+		uci add_list "$option"="$peer_ip6"
+	else
+		return 1
+	fi
+
+	return 0
+}

src/packages/fff/fff-babeld/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-babeld
-PKG_RELEASE:=7
+PKG_RELEASE:=8
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -11,6 +11,7 @@ define Package/fff-babeld
 	TITLE:=Freifunk-Franken babeld configuration example
 	URL:=http://www.freifunk-franken.de
 	DEPENDS:=+babeld
+	PROVIDES:=fff-babel-implementation
 endef
 
 define Package/fff-babeld/description

src/packages/fff/fff-babeld/files/etc/config/babeld

@@ -1,7 +1,6 @@
 config general
 	option export_table '10'
 	option import_table '10'
-	option first_table_number '100'
 	option local_port '33123'
 
 config interface
@@ -22,6 +21,11 @@ config filter
 	option local 'true'
 	option ip 'fd43:5602:29bd::/48'
 
+config filter
+	option type 'redistribute'
+	option local 'true'
+	option if 'lo'
+
 config filter
 	option type 'redistribute'
 	option local 'true'

src/packages/fff/fff-babeld/files/lib/functions/fff/babel

@@ -1,121 +0,0 @@
-babel_add_iifrules() {
-	[ "$#" -ne "1" ] && return 1
-
-	local name="$1"
-	local table='10'
-	local prio='31'
-
-	uci set network.${name}_rule=rule
-	uci set network.${name}_rule.in="$name"
-	uci set network.${name}_rule.lookup="$table"
-	uci set network.${name}_rule.priority="$prio"
-
-	uci set network.${name}_rule6=rule6
-	uci set network.${name}_rule6.in="$name"
-	uci set network.${name}_rule6.lookup="$table"
-	uci set network.${name}_rule6.priority="$prio"
-
-	return 0
-}
-
-babel_delete_iifrules() {
-	[ "$#" -ne "1" ] && return 1
-
-	local name="$1"
-
-	uci -q del network.${name}_rule
-	uci -q del network.${name}_rule6
-
-	return 0
-}
-
-babel_add_peeraddr() {
-	[ "$#" -ne "1" ] && return 1
-
-	local option="$1"
-
-	if peer_ip=$(uci -q get gateway.@gateway[0].peer_ip); then
-		uci add_list "$option"="$peer_ip"
-	elif ipaddr=$(uci -q get gateway.@client[0].ipaddr); then
-		# use ipaddr (without subnet) if no peer_ip set
-		uci add_list "$option"=$(echo $ipaddr | cut -d / -f1)
-	else
-		echo "WARNING: Neither peer_ip nor ipaddr set! IPv4 routing is not possible."
-		return 1
-	fi
-
-	return 0
-}
-
-babel_add_peer6addr() {
-	[ "$#" -ne "1" ] && return 1
-
-	local option="$1"
-
-	if peer_ip6=$(uci -q get gateway.@gateway[0].peer_ip6); then
-		uci add_list "$option"="$peer_ip6"
-	else
-		return 1
-	fi
-
-	return 0
-}
-
-babel_add_interface() {
-	[ "$#" -ne "4" ] && return 1
-
-	local name="$1"
-	local interface="$2"
-	local type="$3"
-	local rxcost="$4"
-
-	uci set babeld.$name=interface
-	uci set babeld.$name.ifname="$interface"
-	uci set babeld.$name.type="$type"
-	uci set babeld.$name.rxcost="$rxcost"
-
-	return 0
-}
-
-babel_delete_interface() {
-	[ "$#" -ne "1" ] && return 1
-
-	local name="$1"
-
-	uci -q del babeld.$name
-
-	return 0
-}
-
-babel_add_redistribute_filter() {
-	[ "$#" -ne "1" ] && return 1
-
-	local prefix="$1"
-
-	config=$(uci add babeld filter)
-	uci set babeld.$config.type='redistribute'
-	uci set babeld.$config.ip="$prefix"
-	uci set babeld.$config.addedbyautoconfig='true'
-
-	return 0
-}
-
-babel_remove_custom_redistribute_filters() {
-	[ "$#" -ne "0" ] && return 1
-
-	remove_filters() {
-		local name="$1"
-
-		# check if filter was added by configuregateway
-		if ! [ "$(uci -q get babeld.$name.addedbyautoconfig)" = 'true' ]; then
-			return
-		fi
-
-		uci -q del babeld.$name
-	}
-
-	config_load babeld
-	config_foreach remove_filters filter
-
-	return 0
-}

src/packages/fff/fff-babeld/files/lib/functions/fff/babeldaemon

@@ -0,0 +1,72 @@
+# SPDX-License-Identifier: GPL-3.0-only
+
+babel_add_interface() {
+	[ "$#" -ne "4" ] && return 1
+
+	local name="$1"
+	local interface="$2"
+	local type="$3"
+	local rxcost="$4"
+
+	uci set babeld.$name=interface
+	uci set babeld.$name.ifname="$interface"
+	uci set babeld.$name.type="$type"
+	uci set babeld.$name.rxcost="$rxcost"
+
+	return 0
+}
+
+babel_delete_interface() {
+	[ "$#" -ne "1" ] && return 1
+
+	local name="$1"
+
+	uci -q del babeld.$name
+
+	return 0
+}
+
+babel_add_redistribute_filter() {
+	[ "$#" -ne "1" ] && return 1
+
+	local prefix="$1"
+
+	config=$(uci add babeld filter)
+	uci set babeld.$config.type='redistribute'
+	uci set babeld.$config.ip="$prefix"
+	uci set babeld.$config.addedbyautoconfig='true'
+
+	return 0
+}
+
+babel_remove_custom_redistribute_filters() {
+	[ "$#" -ne "0" ] && return 1
+
+	remove_filters() {
+		local name="$1"
+
+		# check if filter was added by configuregateway
+		if ! [ "$(uci -q get babeld.$name.addedbyautoconfig)" = 'true' ]; then
+			return
+		fi
+
+		uci -q del babeld.$name
+	}
+
+	config_load babeld
+	config_foreach remove_filters filter
+
+	return 0
+}
+
+babel_apply() {
+	uci apply babeld
+}
+
+babel_reload() {
+	return 0
+}
+
+babel_revert() {
+	uci revert babeld
+}

src/packages/fff/fff-boardname/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-boardname
-PKG_RELEASE:=8
+PKG_RELEASE:=9
 
 include $(INCLUDE_DIR)/package.mk
 

src/packages/fff/fff-boardname/files/etc/uci-defaults/15-fff-boardname

@@ -1,5 +1,9 @@
 BOARD=$(cat /var/sysinfo/board_name)
 
+if uname -a | grep x86_64 > /dev/null; then
+	BOARD="x86_64"
+fi
+
 uci set board.model.name=$BOARD
 uci commit board
 

src/packages/fff/fff-layer3-config/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-layer3-config
-PKG_RELEASE:=7
+PKG_RELEASE:=8
 
 include $(INCLUDE_DIR)/package.mk
 

src/packages/fff/fff-layer3-config/files/etc/layer3.d/30-network-routerip

@@ -0,0 +1,31 @@
+configure() {
+	local router_ip
+	local router_ip6
+
+	# clean old addresses
+	uci -q del network.loopback.ipaddr
+	uci -q del network.loopback.ip6addr
+
+	# remove netmask entry that ships by default
+	uci -q del network.loopback.netmask
+
+	# add router_ip
+	router_ip=$(uci -q get gateway.meta.router_ip)
+	for ip in $router_ip; do
+		uci -q add_list network.loopback.ipaddr="$ip"
+	done
+
+	# add router_ip6
+	router_ip6=$(uci -q get gateway.meta.router_ip6)
+	for ip in $router_ip6; do
+		uci -q add_list network.loopback.ip6addr="$ip"
+	done
+}
+
+apply() {
+	uci commit network
+}
+
+revert() {
+	uci revert network
+}

src/packages/fff/fff-layer3-config/files/usr/sbin/configure-layer3

@@ -73,6 +73,7 @@ keep_changes() {
 test_changes() {
 	echo $$ > /tmp/configure-layer3-pid
 	trap keep_changes SIGINT SIGTERM
+	trap : SIGHUP
 
 	reload_services
 

src/packages/fff/fff-layer3/Makefile

@@ -11,7 +11,8 @@ define Package/fff-layer3
 	TITLE:=Freifunk-Franken gateway configuration
 	URL:=https://www.freifunk-franken.de
 	DEPENDS:=+fff-alfred-monitoring-proxy \
-	         +fff-babeld \
+	         +fff-babel \
+	         +fff-babel-bird2 \
 	         +fff-boardname \
 	         +fff-dhcp \
 	         +fff-layer3-config \

src/packages/fff/fff-network/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-network
-PKG_RELEASE:=47
+PKG_RELEASE:=48
 
 include $(INCLUDE_DIR)/package.mk
 

src/packages/fff/fff-network/files/etc/config/network

@@ -1,3 +1,6 @@
+config globals 'globals'
+        option packet_steering '1'
+
 config interface 'loopback'
         option ifname 'lo'
         option proto 'static'

src/packages/fff/fff-network/files/lib/functions/fff/cpuport

@@ -11,7 +11,8 @@ get_cpu_port() {
 		tplink,archer-c50-v4|\
 		tplink,tl-wr1043nd-v2|\
 		tplink,tl-wr1043nd-v3|\
-		tplink,tl-wr841n-v13)
+		tplink,tl-wr841n-v13|\
+		xiaomi,mi-router-4a-100m)
 			CPUPORT="6t"
 			;;
 		netgear,r6220|\
@@ -23,6 +24,7 @@ get_cpu_port() {
 		tplink,tl-wa901nd-v2|\
 		ubnt,bullet-m-ar7240|\
 		ubnt,bullet-m-ar7241|\
+		ubnt,edgerouter-4|\
 		ubnt,edgerouter-x|\
 		ubnt,edgerouter-x-sfp|\
 		ubnt,nanostation-loco-m|\
@@ -30,7 +32,9 @@ get_cpu_port() {
 		ubnt,nanostation-m|\
 		ubnt,picostation-m|\
 		ubnt,unifi|\
-		ubnt,unifiac-mesh)
+		ubnt,unifiac-mesh|\
+		x86_64|\
+		xiaomi,mi-router-4a-gigabit)
 			CPUPORT=""
 			;;
 		tplink,tl-wr1043nd-v1)

src/packages/fff/fff-network/files/lib/functions/fff/portorder

@@ -42,6 +42,9 @@ get_port_order() {
 		tplink,tl-wr841-v8)
 			PORTORDER="2 3 4 1"
 			;;
+		xiaomi,mi-router-4a-100m)
+			PORTORDER="0 2 4"
+			;;
 	esac
 
 	echo "$PORTORDER"

src/packages/fff/fff-network/files/usr/sbin/configurenetwork

@@ -242,8 +242,6 @@ else
     addr=$(owipcalc "$prefix" add "::$(ipMacSuffix "$ROUTERMAC")")
     ip -6 addr add $addr dev br-client
 
-    uci -q del network.globals
-    uci -q set network.globals=globals
     uci -q set network.globals.ula_prefix=$prefix
     uci -q add_list network.client.ip6addr=$addr
     uci -q set network.client.proto=static

src/packages/fff/fff-network/mips64/network.ubnt,edgerouter-4

@@ -0,0 +1,10 @@
+. /lib/functions/fff/network
+
+WANDEV=switch0
+SWITCHDEV=switch0
+CLIENT_PORTS="lan2"
+WAN_PORTS="lan0"
+BATMAN_PORTS="lan1"
+DSA=1
+
+ROUTERMAC=$(cat /sys/class/net/lan3/address)

src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-100m

@@ -0,0 +1,7 @@
+. /lib/functions/fff/network
+
+WANDEV=eth0
+SWITCHDEV=eth0
+CLIENT_PORTS="6t 4"
+WAN_PORTS="6t 0"
+BATMAN_PORTS="6t 2"

src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-gigabit

@@ -0,0 +1,6 @@
+WANDEV=switch0
+SWITCHDEV=switch0
+CLIENT_PORTS="lan2"
+WAN_PORTS="wan"
+BATMAN_PORTS="lan1"
+DSA=1

src/packages/fff/fff-network/x86_64/network.mode

@@ -0,0 +1 @@
+ETHMODE="CLIENT"

src/packages/fff/fff-network/x86_64/network.x86_64

@@ -0,0 +1,7 @@
+WANDEV=eth0
+SWITCHDEV=eth0
+ONE_PORT="YES"
+
+. /etc/network.mode
+
+ROUTERMAC=$(cat /sys/class/net/eth0/address)

src/packages/fff/fff-nodewatcher/files/usr/lib/nodewatcher.d/10-systemdata.sh

@@ -76,6 +76,8 @@ fi
 
 if [ -x /usr/sbin/babeld ]; then
 	SYSTEM_DATA="$SYSTEM_DATA<babel_version>$(/usr/sbin/babeld -V 2>&1)</babel_version>"
+elif [ -x /usr/sbin/bird ]; then
+	SYSTEM_DATA="$SYSTEM_DATA<babel_version>$(/usr/sbin/bird --version 2>&1 | sed "s/BIRD version /bird-/")</babel_version>"
 fi
 
 # example for /etc/openwrt_release:

src/packages/fff/fff-wireguard/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=fff-wireguard
-PKG_RELEASE:=7
+PKG_RELEASE:=8
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -14,7 +14,7 @@ define Package/fff-wireguard
 		+kmod-wireguard \
 		+owipcalc \
 		+wireguard-tools \
-		+fff-babeld \
+		+fff-babel \
 		+fff-network
 endef
 

src/packages/fff/fff-wireguard/files/etc/layer3.d/50-wireguard

@@ -1,4 +1,5 @@
 . /lib/functions.sh
+. /lib/functions/system.sh
 . /lib/functions/fff/network
 . /lib/functions/fff/babel
 
@@ -30,7 +31,7 @@ configure() {
 		fi
 	}
 
-	config_load babeld
+	config_load network
 	config_foreach remove_wgpeer interface
 
 
@@ -127,7 +128,7 @@ configure() {
 		babel_add_iifrules "$prefixname" || { echo "ERROR: Could not add iif-rules for wgpeer $name"; exit 1; }
 
 		# add babel interface
-		babel_add_interface "$prefixname" "$prefixname" 'wired' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; }
+		babel_add_interface "$prefixname" "$prefixname" 'wired' "$rxcost" || { echo "ERROR: Could not add babel interface for wgpeer $name"; exit 1; }
 	}
 
 	config_load gateway
@@ -136,12 +137,16 @@ configure() {
 
 apply() {
 	uci commit network
-	uci commit babeld
 	uci commit gateway
+	babel_apply
+}
+
+reload() {
+	babel_reload
 }
 
 revert() {
 	uci revert network
-	uci revert babeld
 	uci revert gateway
+	babel_revert
 }