ci/woodpecker/pr/woodpecker Pipeline was successfulDetails
ci/woodpecker/push/woodpecker Pipeline was successfulDetails
Device support is based on the patch set linked in the OpenWrt Wiki. [1][2]
The aux-loader blob is not included, as it is only required for initial
installation.
Two additional kernel patches for mvpp2 are added to allow receive
hashing to work properly in the DSA setup of the device.
[1] https://openwrt.org/toh/mikrotik/rb5009ug_s_in#installation
[2] https://paste.myconan.net/482114
Signed-off-by: Fabian Bläse <fabian@blaese.de>
ci/woodpecker/push/woodpecker Pipeline was successfulDetails
Building htop with lm-sensors support currently breaks x86_64 image
building. Disable lm-sensors support for all platforms for now, because
we are currently not including lm-sensors anyway.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
- enable persistent history, save it to tmpfs (ram)
- increase history size to 1024
- enable reverse-i search
- enable watch command
- enable top SMP command
Signed-off-by: Fabian Bläse <fabian@blaese.de>
fff-extra: feature_top_smp (apply for all targets or move to dependency!)
A bigger squashfs block size improves compression ratio. The improved
compression ratio is necessary for the Archer C60 devices (v1 + v2)
because they include large wifi drivers.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
On a typical Freifunk router, only a small subset of bird protocols
is in use. Disable unused bird protocols to save disk space.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Devices with large flash can hold more packages and tools to improve
user experience. Create an additional package which can be used to
select packages only on targets with large flash (currently >= 16 MiB).
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Babeld has been replaced with bird by default for quite some time now.
Remove babeld and all configurations scripts (fff-babeld) to reduce
image size.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Instead of fetching the complete git repositories, only download
reachable commits and trees. Anything missing will be automatically
fetched on-demand.
The blobless prepare step is about 10% faster and uses 300M less
diskspace.
Additionally the following repository options are disabled:
gc.auto:
The checkouts are short lived, garbage collection are likely never
useful
advice.detachedHead:
Disable the repeating warning message that the repositories are in a
detached state for cleaner logs.
Reviewed-by: Fabian Bläse <fabian@blaese.de>
Add the following option to the client config section in
`/etc/config/gateway` to enable a basic stateful firewall:
```
config client
option stateful_firewall '1'
```
The firewall will forward icmp mesages and allow any outbound client
traffic and related inbound traffic.
Acked-by: Fabian Bläse <fabian@blaese.de>
OpenWrt images contain a compat_version, which is used to block upgrades
to newer versions with incompatible configuration, if the configuration
cannot be migrated.
As we maintain our own configuration and all OpenWrt configuration files
are dropped on an upgrade, this upgrade block is not required.
To simplify the upgrade process, retain the old compat_version for the
next sysupgrade release. The compat_version will then be bumped
automatically by the `05_compat-version` board.d script.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Include nftables and appropriate modules. Translate ip- and ebtables
rules to their nftables counterparts. Remove ip/ebtables and modules.
This change intentionally tries to keep structural changes at a minimum
to keep the rule translation comprehensible.
kmod-nft-bridge is not required for fff-node, because it was merged into
a single kernel module since Linux 4.17:
[1] 02c7b25e5f
[2] fbaf48387eFixes: #252
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Co-authored-by: Johannes Kimmel <fff@bareminimum.eu>
OpenWrt 22.03 introduced a generic subtarget for the octeon platform and
moved all targets without a subtarget into it. Adjust our BSP and config
to accomodate this change.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
ci/woodpecker/push/woodpecker Pipeline is pendingDetails
It might be desired by the user to change the channel width of the
wireless radios. Implement a layer3 option to make channel width
configurable by the user.
Fixes: #276
Signed-off-by: Fabian Bläse <fabian@blaese.de>
ci/woodpecker/push/woodpecker Pipeline was successfulDetails
When reverting configured settings, it is not an error if no temporary
directory for bird babel peers has been created.
Use rm -rf to prevent an error message and early exit of
configure-layer3 scripts.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
ci/woodpecker/push/woodpecker Pipeline was successfulDetails
The flash of some devices is too small to accomodate the additional
wolfssl library, which is included by default on OpenWrt 22.03.
In the future, the currently included mbedtls library should be replaced
with wolfssl, so WPA3, OWE and 802.11s encryption can be used.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
A Linux patch which changed the kernel behavior of pci device naming
was backported to Linux 5.4, and is therefore included in OpenWrt
21.02.5.
However, the OpenWrt scripts generating the default uci configuration
were not updated to accomodate this change. Therefore, wifi interface
configuration does have various side effects on the wdr4900. Most of the
time, more than two wifi radio/interface configurations are generated,
which results in wifi not working properly (because our own
configuration layer relies on the default configuration done by
OpenWrt).
Backport a patch from OpenWrt 22.03 / master, which works around this
problem but has not been applied to the 21.02 branch.
Based on: 7f4b4c29f3 (OpenWrt)
Ref: https://github.com/openwrt/openwrt/issues/11002
Ref: https://github.com/openwrt/openwrt/pull/11005
Ref: https://github.com/openwrt/openwrt/issues/10530
Ref: https://github.com/openwrt/openwrt/pull/10554Fixes: #267
Signed-off-by: Fabian Bläse <fabian@blaese.de>
ci/woodpecker/push/woodpecker Pipeline was successfulDetails
By default OpenWRT generates A and AAAA records for the routers
hostname. This might interferes with upstream records and breaks when
DNSSEC is utilized.
Therefore, disable this features.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Add support for a new SPI flash to the Linux kernel. It is required for
recent versions of the Xiaomi Mi 4A Gigabit, which utilizes this SPI
flash.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Tested-by: Fabian Bläse <fabian@blaese.de>
The tool dep-tree is broken since commit "Simplify firmware variant selection"
Use the new package names for the roots of the tree to fix it.
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
The bird2 babel implementation has proven to be the more reliable option
over babeld, especially on low-end hardware. It has been working
flawlessly on many test installations.
Use bird2 instead of babeld, if no implementation is specified via uci.
While at it, use the automatically incrementing $(COMMITCOUNT) for
PKG_RELEASE.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Many functions of configure-layer3 terminate the program after
successful execution, as they were originally only intended for
execution of configure-layer3 commands.
However, some functions are used both for command exection, but also as
helper functions. For example, revert_changes() is used as a helper
function in test_changes(). Terminating the program at the end of the
function therefore ends the exection of test_changes() prematurely. As a
result, the test mode of configure-layer3 never reloads services after
a successful configuration revert.
Replace exit commands with appropriate function return values, which can
then be evaluated by the caller where appropriate.
While at it, add a missing return to the parameter validation in
execute_subshell().
Fixes: #256
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Support for devices with two ports was originally intended for built-in
swconfig switches with only two externally exposed ethernet ports.
With the switch from ath71xx to ath79, the only device which ever made
use of this uncommon configuration (CPE210-v1) now has to dedicated
interfaces exposed to Linux. Therefore, two-port support was modified to
support two distinct interfaces instead of swconfig switch
configuration, which also simplified support for a few other devices.
However, the Web UI has not been taken into account. Due to the way the
Web UI detected a two-port device, the already implemented port selector
is not shown.
Use the TWO_PORT variable introduced with the change mentioned above to
detect two-port devices instead.
Fixes: #257
Fixes: c22032e254 ("fff-network: support native two-port devices")
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Currently router ipv6 addresses imported via the direct protocol from
the lo interface are all filtered. This should fix it.
Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
The stderr of batctl should be redirected.
In a row of pipes a redirection at the end will only redirect the output of the last command! Put it on the right place.
It's just shell grammar.
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
The update notification has been botched into the web ui a long time
ago. It has not been overhauled ever since.
Make it at least a little bit less ugly.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
None of our current settings require a reboot to be applied. Only a
hood change is not done immediately. Therefore, the user is not required
to reboot the router after changing settings, so remove the reboot
request.
Fixes: #107
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
A full reboot is not required for changing the port mode. The port mode
is configured dynamically using configurenetwork, which can be launched
after the port mode has been changed.
Fixes: #107
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Acked-by: Christian Dresel <freifunk@dresel.systems>
This allows to specify the number of threads used in
'./buildscript build' manually by adding them as third option, e.g.
./buildscript build fast 20
./buildscript build debug 4
./buildscript build default 10
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
ci/woodpecker/push/woodpecker Pipeline was successfulDetails
The md5 checksum has not been used by fff-upgrade since 2016 [1]. Since
md5 does not have any advantages over sha256 in our use case, drop md5
checksum entirely.
[1] da1199a55b
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
The new x86_64 target produces gzip compressed binaries, so it is
necessary to generate checksums for *.img.gz files as well.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
A recent change (b26399283a) introduced an upper limit for the preferred
and valid lifetimes, so the statically configured addresses on the client
interface do not result in infinite lifetimes.
This upper bound is derived from the dhcp lease time. However, the
preferred lifetime is unexpectedly bound by an explicit configuration
option in recent versions of odhcpd. Due to our short dhcp leasetime,
the default value of this option is higher than the lease time, which
results preferred lifetimes longer than the valid lifetime.
As this behavior is rather unintuitive, a proper fix for it should be
done upstream (see #238). Until then, lower the preferred lifetime
option to the same value as our leasetime.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Fabian Bläse
Robert Langhammer
Johannes Kimmel
Wolfgang Hüttenhofer
Adrian Schmutzler