fff-layer3: add ethtool

Signed-off-by: Fabian Bläse <fabian@blaese.de>
OpenWrt: bump to v23.05.3
2024-04-01 23:54:21 +02:00 · 2024-04-01 23:54:21 +02:00 · 2024-04-01 23:54:16 +02:00 · 2024-03-21 21:55:43 +01:00 · 2024-03-21 21:53:32 +01:00 · 2024-03-21 21:53:32 +01:00
32 changed files with 182 additions and 137 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -4,7 +4,7 @@ clone:
    settings:
      tags: true

-pipeline:
+steps:
  buildall-layer3:
    image: openwrtorg/imagebuilder
    commands:
@ -42,4 +42,5 @@ pipeline:
      - echo "You can download the built firmware images here:"
      - echo "https://ci.fff.community/artifacts/$(git describe --tags)"

-branches: [ master ]
+when:
+  branch: [ master ]
--- a/README.md
+++ b/README.md
@ -8,7 +8,7 @@ Weitere Informationen gibt es auf <https://freifunk.net/> und auf <https://wiki.

 # Firmware selbst kompilieren
 ## Voraussetzungen
-* `apt-get install zlib1g-dev lua5.2 build-essential unzip libncurses-dev gawk git subversion libssl-dev` (Sicherlich müssen noch mehr Abhängigkeiten installiert werden, diese Liste wird sich hoffentlich nach und nach füllen. Ein erster Ansatzpunkt sind die Abhängigkeiten von OpenWrt selbst)
+* `apt-get install zlib1g-dev lua5.2 build-essential unzip libncurses-dev gawk git subversion libssl-dev rsync python3-distutils` (Sicherlich müssen noch mehr Abhängigkeiten installiert werden, diese Liste wird sich hoffentlich nach und nach füllen. Ein erster Ansatzpunkt sind die Abhängigkeiten von OpenWrt selbst)
 * `git clone https://git.freifunk-franken.de/freifunk-franken/firmware.git`
 * `cd firmware`

--- a/bsp/ath79-generic/.config
+++ b/bsp/ath79-generic/.config
@ -67,18 +67,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_ath79_generic_DEVICE_ubnt_unifiac-mesh="-kmod-ath1
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
--- a/bsp/default/root_file_system/etc/profile
+++ b/bsp/default/root_file_system/etc/profile
@ -26,4 +26,4 @@ alias ls='ls --color=auto'
 alias ip='ip --color=auto'

 # and color my prompt
-export PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
+export PS1='\[\033[01;32m\]\u@\H\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
--- a/bsp/ipq40xx-generic/.config
+++ b/bsp/ipq40xx-generic/.config
@ -9,18 +9,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_ipq40xx_generic_DEVICE_avm_fritzbox-4040="-kmod-at
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
--- a/bsp/ipq806x-generic/.config
+++ b/bsp/ipq806x-generic/.config
@ -9,18 +9,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_ipq806x_generic_DEVICE_tplink_c2600="-ath10k-firmw
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
--- a/bsp/mpc85xx-p1010/.config
+++ b/bsp/mpc85xx-p1010/.config
@ -9,18 +9,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_mpc85xx_p1010_DEVICE_tplink_tl-wdr4900-v1=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
--- a/bsp/octeon/.config
+++ b/bsp/octeon/.config
@ -9,18 +9,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_octeon_generic_DEVICE_ubnt_edgerouter-4=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
--- a/bsp/ramips-mt7621/.config
+++ b/bsp/ramips-mt7621/.config
@ -15,18 +15,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit="
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
--- a/bsp/ramips-mt76x8.bsp
+++ b/bsp/ramips-mt76x8.bsp
@ -4,4 +4,5 @@ images=("openwrt-${chipset}-${subtarget}-tplink_archer-c50-v3-squashfs-*"
        "openwrt-${chipset}-${subtarget}-tplink_archer-c50-v4-squashfs-*"
        "openwrt-${chipset}-${subtarget}-tplink_tl-wr841n-v13-squashfs-*"
        "openwrt-${chipset}-${subtarget}-xiaomi_mi-router-4a-100m-squashfs-*"
+        "openwrt-${chipset}-${subtarget}-xiaomi_mi-router-4a-100m-intl-squashfs-*"
        )
--- a/bsp/ramips-mt76x8/.config
+++ b/bsp/ramips-mt76x8/.config
@ -12,21 +12,15 @@ CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_tplink_tl-wr841n-v13=y
 CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_tplink_tl-wr841n-v13=""
 CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m=y
 CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m=""
+CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m-intl=y
+CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m-intl=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
--- a/bsp/x86-64/.config
+++ b/bsp/x86-64/.config
@ -9,18 +9,10 @@ CONFIG_TARGET_DEVICE_PACKAGES_x86_64_DEVICE_generic=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
-# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
-# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
-# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
-# CONFIG_BUSYBOX_CONFIG_IP is not set
-# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
-# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
-# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_PACKAGE_ALFRED_VIS is not set
 CONFIG_PACKAGE_fff-extra=y
--- a/build_patches/openwrt/0001-Remove-unnecessary-dependency.patch
+++ b/build_patches/openwrt/0001-Remove-unnecessary-dependency.patch
@ -1,25 +0,0 @@
-From 19e4f5bdf7de5364c0d58e741f733dfc057d0952 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
-Date: Sat, 6 Jan 2024 14:34:15 +0100
-Subject: [PATCH] Remove unnecessary dependency
-
---
- package/network/utils/wireguard-tools/Makefile | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/package/network/utils/wireguard-tools/Makefile b/package/network/utils/wireguard-tools/Makefile
-index 5b1fab057d..24fff3725e 100644
--- a/package/network/utils/wireguard-tools/Makefile
-+++ b/package/network/utils/wireguard-tools/Makefile
-@@ -35,8 +35,6 @@ define Package/wireguard-tools
-   MAINTAINER:=Jason A. Donenfeld <Jason@zx2c4.com>
-   TITLE:=WireGuard userspace control program (wg)
-   DEPENDS:= \
-	  +@BUSYBOX_CONFIG_IP \
-	  +@BUSYBOX_CONFIG_FEATURE_IP_LINK \
- 	  +kmod-wireguard
- endef
- 
-- 
-2.43.0
-
--- a/build_patches/openwrt/0052-mpc85xx-retain-old-compat_version.patch
+++ b/build_patches/openwrt/0052-mpc85xx-retain-old-compat_version.patch
@ -0,0 +1,17 @@
+From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
+Date: Wed, 24 Jan 2024 16:50:12 +0200
+Subject: [PATCH] mpc85xx: retain old compat_version
+
+diff --git a/target/linux/mpc85xx/image/p1010.mk b/target/linux/mpc85xx/image/p1010.mk
+index c0de19f6c6..5aa580300f 100644
+--- a/target/linux/mpc85xx/image/p1010.mk
+++ b/target/linux/mpc85xx/image/p1010.mk
+@@ -51,8 +51,6 @@ define Device/tplink_tl-wdr4900-v1
+   DEVICE_VENDOR := TP-Link
+   DEVICE_MODEL := TL-WDR4900
+   DEVICE_VARIANT := v1
+-  DEVICE_COMPAT_VERSION := 1.1
+-  DEVICE_COMPAT_MESSAGE := Config cannot be migrated from swconfig to DSA
+   TPLINK_HEADER_VERSION := 1
+   TPLINK_HWID := 0x49000001
+   TPLINK_HWREV := 1
--- a/14
+++ b/14
@ -7,9 +7,9 @@ set -o pipefail
 builddir=./build

 # OpenWrt: package hashes correspond to core repo version
-OPENWRTREV="v23.05.0"
-PACKAGEREV="0da9f622975aa1e4efe452da4acbae15479bee63"
-ROUTINGREV="2272106e0839ee06957e88e3596489e1b510d3c2"
+OPENWRTREV="v23.05.3"
+PACKAGEREV="063b2393cbc3e5aab9d2b40b2911cab1c3967c59"
+ROUTINGREV="648753932d5a7deff7f2bdb33c000018a709ad84"

 # Gluon packages: master from 2020-02-04
 GLUONREV="12e41d0ff07ec54bbd67a31ab50d12ca04f2238c"
@ -381,8 +381,12 @@ buildall() {
 }

 if [ "$(/usr/bin/id -u)" -eq 0 ]; then
-    echo "don't run buildscript as root"
-    exit 1
+    TPUT=$(command -v tput || echo ":")
+    textWarn="$($TPUT bold setaf 1)" # bold + red
+    textReset="$($TPUT sgr0)"        # be a good citizen
+
+    printf "${textWarn}WARNING: buildscript is running as root${textReset}\n"
+    printf "${textWarn}WARNING: build may fail at a later stage${textReset}\n"
 fi

 if [ "$1" != "selectbsp" -a "$1" != "selectvariant" ]; then
--- a/src/packages/fff/fff-babel/files/lib/functions/fff/babel
+++ b/src/packages/fff/fff-babel/files/lib/functions/fff/babel
@ -82,12 +82,12 @@ babel_reload() {
 	# switch implementation temporarily
 	case $implementation in
 		bird2)
-			/etc/init.d/babeld stop 2>/dev/null
-			/etc/init.d/fff-bird start
+			[ -f /etc/init.d/babeld ] && /etc/init.d/babeld stop 2>/dev/null
+			[ -f /etc/init.d/fff-bird ] && /etc/init.d/fff-bird start
 			;;
 		babeld)
-			/etc/init.d/fff-bird stop 2>/dev/null
-			/etc/init.d/babeld start
+			[ -f /etc/init.d/fff-bird ] && /etc/init.d/fff-bird stop 2>/dev/null
+			[ -f /etc/init.d/babeld ] && /etc/init.d/babeld start
 			;;
 	esac

@ -101,12 +101,12 @@ babel_apply() {
 	# switch implementation persistently
 	case $implementation in
 		bird2)
-			/etc/init.d/babeld disable
-			/etc/init.d/fff-bird enable
+			[ -f /etc/init.d/babeld ] && /etc/init.d/babeld disable
+			[ -f /etc/init.d/fff-bird ] && /etc/init.d/fff-bird enable
 			;;
 		babeld)
-			/etc/init.d/fff-bird disable
-			/etc/init.d/babeld enable
+			[ -f /etc/init.d/fff-bird ] && /etc/init.d/fff-bird disable
+			[ -f /etc/init.d/babeld ] && /etc/init.d/babeld enable
 			;;
 	esac

--- a/src/packages/fff/fff-extra/Makefile
+++ b/src/packages/fff/fff-extra/Makefile
@ -11,6 +11,7 @@ define Package/fff-extra
 	TITLE:=Freifunk-Franken gateway configuration
 	URL:=https://www.freifunk-franken.de
 	DEPENDS:=+bmon \
+	         +ethtool \
 	         +htop \
 	         +procps-ng \
 	         +procps-ng-vmstat \
--- a/src/packages/fff/fff-firewall/Makefile
+++ b/src/packages/fff/fff-firewall/Makefile
@ -10,7 +10,8 @@ define Package/$(PKG_NAME)
 	CATEGORY:=Freifunk
 	TITLE:=Freifunk-Franken firewall
 	URL:=https://www.freifunk-franken.de
-	DEPENDS:=+nftables
+	DEPENDS:=+kmod-nft-bridge \
+	         +nftables
 endef

 define Package/$(PKG_NAME)/description
--- a/src/packages/fff/fff-firewall/files/usr/lib/firewall.d/90-user
+++ b/src/packages/fff/fff-firewall/files/usr/lib/firewall.d/90-user
@ -0,0 +1 @@
+nft -f /etc/nftables-fff.conf
--- a/src/packages/fff/fff-layer3-config/files/etc/layer3.d/01-version
+++ b/src/packages/fff/fff-layer3-config/files/etc/layer3.d/01-version
@ -7,7 +7,7 @@ configure() {
 	fi

 	# check version of configuration
-	local expected_version=2
+	local expected_version=3
 	local config_version=$(uci -q get gateway.meta.config_version)

 	if ! [ -n "$config_version" ]; then
--- a/src/packages/fff/fff-layer3-config/files/etc/uci-defaults/20-l3config-migrate-1-to-2
+++ b/src/packages/fff/fff-layer3-config/files/etc/uci-defaults/20-l3config-migrate-1-to-2
@ -7,7 +7,7 @@
 BOARD="$(uci get board.model.name)"

 # only migrate appropriate config versions
-[ "$(uci -q get gateway.meta.config_version)" = "1" ] || exit 1
+[ "$(uci -q get gateway.meta.config_version)" = "1" ] || exit 0

 translate_ports() {
 	local vlan="$1"
@ -77,3 +77,5 @@ esac

 uci set gateway.meta.config_version='2'
 uci commit gateway
+
+exit 0
--- a/src/packages/fff/fff-layer3-config/files/etc/uci-defaults/21-l3config-migrate-2-to-3
+++ b/src/packages/fff/fff-layer3-config/files/etc/uci-defaults/21-l3config-migrate-2-to-3
@ -0,0 +1,78 @@
+## this script migrates configs from version 2 to 3.
+##
+## with version 2 the switchport names of some devices changed
+## due to the switch to DSA
+
+
+BOARD="$(uci get board.model.name)"
+
+# only migrate appropriate config versions
+[ "$(uci -q get gateway.meta.config_version)" = "2" ] || exit 0
+
+translate_ports() {
+	local vlan="$1"
+	local oldports="$(uci -q get gateway.$vlan.ports)"
+	local newports
+
+	local name
+	local tag
+
+	for port in $oldports; do
+		# generate new tagged/untagged syntax
+		if [ -z "${port##*t}" ]; then
+			# port is tagged
+			tag=":t"
+		else
+			# port is untagged
+			tag=":*"
+		fi
+
+		# generate new name
+		case "$BOARD" in
+			avm,fritzbox-4040)
+				case "${port%%t}" in
+					1) name="lan1" ;;
+					2) name="lan2" ;;
+					3) name="lan3" ;;
+					4) name="lan4" ;;
+					5) name="wan" ;;
+					*) name="" ;;
+				esac
+				;;
+			tplink,tl-wdr4900-v1)
+				case "${port%%t}" in
+					1) name="wan" ;;
+					2) name="lan1" ;;
+					3) name="lan2" ;;
+					4) name="lan3" ;;
+					5) name="lan4" ;;
+					*) name="" ;;
+				esac
+				;;
+		esac
+
+		# catch empty name (invalid entry or old cpuport)
+		[ -z "$name" ] && continue
+
+		# assemble new port name
+		newports="$newports ${name}${tag}"
+	done
+
+	# cleanup unnecessary spaces
+	newports=$(echo "$newports" | xargs)
+
+	uci set gateway.$vlan.ports="$newports"
+}
+
+case "$BOARD" in
+	avm,fritzbox-4040|\
+	tplink,tl-wdr4900-v1)
+		config_load gateway
+		config_foreach translate_ports vlan
+		;;
+esac
+
+uci set gateway.meta.config_version='3'
+uci commit gateway
+
+exit 0
--- a/src/packages/fff/fff-network/files/lib/functions/fff/cpuport
+++ b/src/packages/fff/fff-network/files/lib/functions/fff/cpuport
@ -12,12 +12,15 @@ get_cpu_port() {
 		tplink,tl-wr1043nd-v2|\
 		tplink,tl-wr1043nd-v3|\
 		tplink,tl-wr841n-v13|\
-		xiaomi,mi-router-4a-100m)
+		xiaomi,mi-router-4a-100m|\
+		xiaomi,mi-router-4a-100m-intl)
 			CPUPORT="6t"
 			;;
+		avm,fritzbox-4040|\
 		netgear,r6220|\
 		tplink,cpe210-v2|\
 		tplink,cpe210-v3|\
+		tplink,tl-wdr4900-v1|\
 		ubnt,edgerouter-4|\
 		ubnt,edgerouter-x|\
 		ubnt,edgerouter-x-sfp|\
--- a/src/packages/fff/fff-network/files/lib/functions/fff/portorder
+++ b/src/packages/fff/fff-network/files/lib/functions/fff/portorder
@ -36,7 +36,8 @@ get_port_order() {
 		tplink,cpe510-v1)
 			PORTORDER="5 4"
 			;;
-		xiaomi,mi-router-4a-100m)
+		xiaomi,mi-router-4a-100m|\
+		xiaomi,mi-router-4a-100m-intl)
 			PORTORDER="0 2 4"
 			;;
 	esac
--- a/src/packages/fff/fff-network/files/usr/lib/nodewatcher.d/20-interfaces.sh
+++ b/src/packages/fff/fff-network/files/usr/lib/nodewatcher.d/20-interfaces.sh
@ -48,19 +48,12 @@ for filename in $(grep 'up\|unknown' /sys/class/net/*/operstate); do

 	interface_data=$interface_data"<$iface><name>$iface</name>$addrs<traffic_rx>$traffic_rx</traffic_rx><traffic_tx>$traffic_tx</traffic_tx>"

-	interface_data=$interface_data$(iwconfig "${iface}" 2>/dev/null | awk -F':' '
-		/Mode/{ split($2, m, " "); printf "<wlan_mode>"m[1]"</wlan_mode>" }
-		/Cell/{ split($0, c, " "); printf "<wlan_bssid>"c[5]"</wlan_bssid>" }
-		/ESSID/ { split($0, e, "\""); printf "<wlan_essid>"e[2]"</wlan_essid>" }
-		/Freq/{ split($3, f, " "); printf "<wlan_frequency>"f[1]f[2]"</wlan_frequency>" }
-		/Tx-Power/{ split($0, p, "="); sub(/[[:space:]]*$/, "", p[2]); printf "<wlan_tx_power>"p[2]"</wlan_tx_power>" }
-	')
-
 	interface_data=$interface_data$(iw dev "${iface}" info 2>/dev/null | awk '
 		/ssid/{ split($0, s, " "); printf "<wlan_ssid>"s[2]"</wlan_ssid>" }
 		/type/ { split($0, t, " "); printf "<wlan_type>"t[2]"</wlan_type>" }
 		/channel/{ split($0, c, " "); printf "<wlan_channel>"c[2]"</wlan_channel>" }
 		/width/{ split($0, w, ": "); sub(/ .*/, "", w[2]); printf "<wlan_width>"w[2]"</wlan_width>" }
+		/txpower/{ sub(/\.../, "", $2); print "<wlan_tx_power>"$2" dBm</wlan_tx_power>" }
 	')

 	interface_data=$interface_data"</$iface>"
--- a/src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-100m-intl
+++ b/src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-100m-intl
@ -0,0 +1,7 @@
+. /lib/functions/fff/network
+
+WANDEV=eth0
+SWITCHDEV=eth0
+CLIENT_PORTS="6t 4"
+WAN_PORTS="6t 0"
+BATMAN_PORTS="6t 2"
--- a/src/packages/fff/fff-network/powerpc/network.tplink,tl-wdr4900-v1
+++ b/src/packages/fff/fff-network/powerpc/network.tplink,tl-wdr4900-v1
@ -1,10 +1,11 @@
 . /lib/functions/fff/network

-WANDEV=eth0
-SWITCHDEV=eth0
-CLIENT_PORTS="0t 4 5"
-WAN_PORTS="0t 1"
-BATMAN_PORTS="0t 2 3"
+WANDEV=switch0
+SWITCHDEV=switch0
+CLIENT_PORTS="lan3 lan4"
+WAN_PORTS="wan"
+BATMAN_PORTS="lan1 lan2"
+DSA=1

 # use mac address from phy1 with 'locally administered' bit set to '1'
 # only possible, because wXmesh is created first and therefore gets the 'universally administered address'
--- a/src/packages/fff/fff-node/files/usr/lib/firewall.d/05-setup-batman-chains
+++ b/src/packages/fff/fff-node/files/usr/lib/firewall.d/05-setup-batman-chains
@ -4,7 +4,7 @@ table bridge filter {
 	# vom Gateway (also vom BATMAN) kommen darf.
 	chain IN_ONLY {
 		# -i ! bat0 --logical-in br-client -j DROP
-		iifname != "bat0" counter drop
+		iifname != "bat0" ibrname "br-client" counter drop
 		counter
 	}

@ -12,7 +12,7 @@ table bridge filter {
 	# in Richtung Gateway (also ins BATMAN) gesendet werden darf.
 	chain OUT_ONLY {
 		# --logical-out br-client -o ! bat0 -j DROP
-		oifname != "bat0" counter drop
+		oifname != "bat0" obrname "br-client" counter drop
 		counter
 	}

@ -24,21 +24,21 @@ table bridge filter {
 		type filter hook input priority filter; policy accept;

 		# -d Multicast -i ! bat0 --logical-in br-client -j ACCEPT
-		iifname != "bat0" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter packets 0 bytes 0 accept
+		iifname != "bat0" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 ibrname "br-client" counter packets 0 bytes 0 accept
 	}

 	chain FORWARD {
 		type filter hook forward priority filter; policy accept;

 		# -d Multicast --logical-out br-client -o bat0 -j MULTICAST_OUT
-		oifname "bat0" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter packets 0 bytes 0 jump MULTICAST_OUT
+		oifname "bat0" obrname "br-client" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter packets 0 bytes 0 jump MULTICAST_OUT
 	}

 	chain OUTPUT {
 		type filter hook output priority filter; policy accept;

 		# -d Multicast --logical-out br-client -o bat0 -j MULTICAST_OUT
-		oifname "bat0" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter jump MULTICAST_OUT
+		oifname "bat0" obrname "br-client" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter jump MULTICAST_OUT
 	}
 }
 __EOF
--- a/src/packages/fff/fff-node/files/usr/lib/firewall.d/40-local-node
+++ b/src/packages/fff/fff-node/files/usr/lib/firewall.d/40-local-node
@ -4,27 +4,27 @@ table bridge filter {
 		# No input from/to local node ip from batman

 		# -p IPv6 -i bat0 --logical-in br-client --ip6-src fdff::1 -j DROP
-		iifname "bat0" ether type ip6 ip6 saddr fdff::1 counter drop
+		iifname "bat0" ibrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop
 		# -p IPv6 -i bat0 --logical-in br-client --ip6-dst fdff::1 -j DROP
-		iifname "bat0" ether type ip6 ip6 daddr fdff::1 counter drop
+		iifname "bat0" ibrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop
 	}

 	chain FORWARD {
 		# Do not forward local node ip

 		# -p IPv6 --logical-out br-client -o bat0 --ip6-dst fdff::1 -j DROP
-		oifname "bat0" ether type ip6 ip6 daddr fdff::1 counter drop
+		oifname "bat0" obrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop
 		# -p IPv6 --logical-out br-client -o bat0 --ip6-src fdff::1 -j DROP
-		oifname "bat0" ether type ip6 ip6 saddr fdff::1 counter drop
+		oifname "bat0" obrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop
 	}

 	chain OUTPUT {
 		# Do not output local node ip to batman

 		# -p IPv6 --logical-out br-client -o bat0 --ip6-dst fdff::1 -j DROP
-		oifname "bat0" ether type ip6 ip6 daddr fdff::1 counter drop
+		oifname "bat0" obrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop
 		# -p IPv6 --logical-out br-client -o bat0 --ip6-src fdff::1 -j DROP
-		oifname "bat0" ether type ip6 ip6 saddr fdff::1 counter drop
+		oifname "bat0" obrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop
 	}
 }
 __EOF
--- a/src/packages/fff/fff-support/files/etc/init.d/fff-userconfig
+++ b/src/packages/fff/fff-support/files/etc/init.d/fff-userconfig
@ -4,8 +4,6 @@
 START=96
 boot() {
  LOCALCONFIGSCRIPT="/etc/rc.local.fff_userconfig"
-  #add LOCALCONFIGSCRIPT to sysupgrade regardless if it already exists or not to prevent data loss
-  grep -q ^"${LOCALCONFIGSCRIPT}"$ /etc/sysupgrade.conf || echo "$LOCALCONFIGSCRIPT" >> /etc/sysupgrade.conf

  # process user commands
  [ -f "${LOCALCONFIGSCRIPT}" ] && {
--- a/src/packages/fff/fff-sysupgrade/files/etc/uci-defaults/99-fff-sysupgrade
+++ b/src/packages/fff/fff-sysupgrade/files/etc/uci-defaults/99-fff-sysupgrade
@ -12,6 +12,8 @@ cat > /etc/sysupgrade.conf <<-__EOF__
 /etc/config/fff
 /etc/config/gateway
 /etc/hoodfile
+/etc/nftables-fff.conf
+/etc/rc.local.fff_userconfig
 __EOF__

 exit 0
--- a/src/packages/fff/fff-wireless/files/etc/init.d/fff-wireless-update
+++ b/src/packages/fff/fff-wireless/files/etc/init.d/fff-wireless-update
@ -0,0 +1,21 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+
+boot() {
+	# first we disable the init.d
+	/etc/init.d/fff-wireless-update disable
+	# we must delete the symlink manually
+	rm -f /etc/rc.d/S99fff-wireless-update
+
+	# Starting with OpenWrt 23.05, reload_config does not
+	# properly start the wifi access point on some devices.
+	# This seems to be an issue with the reloading of hostapd,
+	# which throws errors, but does not restart hostapd.
+	# see https://git.freifunk-franken.de/freifunk-franken/firmware/issues/319
+	#
+	# workaround: manually restart wifi completely
+	# after any automatic post-update configuration (fff-layer3-config, ...)
+	sleep 20
+	wifi
+}
Author	SHA1	Message	Date
Fabian Bläse	d593b1aa5e	fff-layer3: add ethtool ci/woodpecker/push/woodpecker Pipeline was successful Details ci/woodpecker/tag/woodpecker Pipeline was successful Details Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-04-01 23:54:21 +02:00
Fabian Bläse	3dc5905241	OpenWrt: bump to v23.05.3 Bump core, packages and routing. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-04-01 23:54:21 +02:00
Robert Langhammer	4762825411	fff-network: remove iwconfig iwconfig is upstream scheduled for removal and no longer working. It is only used once to get the txpower for the nodewatcher. Fixes: #327 Signed-off-by: Robert Langhammer <rlanghammer@web.de> Reviewed-by: Fabian Bläse <fabian@blaese.de>	2024-04-01 23:54:16 +02:00
Fabian Bläse	1d2c835b53	fff-layer3-config: fix exit status of uci-default scripts ci/woodpecker/push/woodpecker Pipeline was successful Details OpenWrt only removes uci-defaults scripts if the exit status of the executed script is 0. Fix the exit code of the layer3-config migration scripts so they are removed as intended. Fixes: #313 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-03-21 21:55:43 +01:00
Fabian Bläse	797c3ddca0	Add support for Xiaomi Mi Router 4A (100m-intl) The international variant of the Xiaomi Mi Router 4A (100m) has a different partition layout as the chinese version and was added to OpenWrt at a later time. Using the OpenWrt image for the international variant saves the extra step of flashing the chinese firmware variant via TFTP before OpenWrt itself. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-03-21 21:53:32 +01:00
Fabian Bläse	daa25fded8	Consolidate sysupgrade.conf entries Most of the entries in /etc/sysupgrade.conf are generated by a uci-defaults script in the fff-sysupgrade package. The only entry added in a different place is rc.local.fff_userconfig. Consolidate all entries to be added by the uci-defaults script in fff-sysupgrade. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-03-21 21:53:32 +01:00
Fabian Bläse	6acdc6efa1	fff-firewall: add user-customizable nftables hook Currently there is no way to persistently configure firewall rules on a router. This might be desirable as home-use of the Freifunk network is quite common these days. To allow for the most flexibility while keeping maintenance efforts low, add a persistent, user-customizable nftables hook. It is evaluated after all firewall rules have already been configured, so it is possible to override them. Users of this hook are responsible for keeping up with changes to the firmware and modify it appropriately, before updating the system. Fixes: #314 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-03-21 21:53:32 +01:00
Fabian Bläse	cef7bc3c88	fff-wireless: add workaround for wifi configuration after update Introduce a workaround for an OpenWrt bug on the Xiaomi Mi 4A (Gigabit Edition). After an update of the firmware, the wireless interfaces are not properly created as configured. When configuring the WiFi interfaces via uci and applying the settings using reload_config, hostapd reports errors and no WiFi interfaces are created. It seems like OpenWrt tries to dynamically reload the settings instead of restarting hostapd, but hostapd fails to properly apply them. To work around this regression until the root cause is found, restart the wifi interfaces manually after a firmware upgrade. Fixes: #319 Signed-off-by: Fabian Bläse <fabian@blaese.de> Tested-by: ArchTux <alex@tux-hausen.de>	2024-03-21 21:53:32 +01:00
Fabian Bläse	86c893161f	fff-node: apply firewall rules to br-client only When switching from ebtables to nftables, the --logical-in and --logical-out selectors of some rules were missed. This might have been caused by kmod-nft-bridge not being installed, which is required for the ibrname and obrname selectors, so it is possible that the migration (using ebtables-nft) did not apply these selectors. Add the ibrname and obrname selectors and add the required kernel module. Fixes: #315 Fixes: `157fa4eac5` ("fff-firewall: Switch from ip/ebtables to nftables") Reported-by: Robert Langhammer <rlanghammer@web.de> Signed-off-by: Fabian Bläse <fabian@blaese.de> Tested-by: Robert Langhammer <rlanghammer@web.de>	2024-03-21 21:47:10 +01:00
Fabian Bläse	7391ac8312	OpenWrt: bump to v23.05 from 2024-03-08 OpenWrt v23.05 releases up to and including v23.05.2 contain a bug which causes some SPI flashes to be partially or fully unwriteable [1]. A workaround for this bug has already been added to the v23.05 branch, but no new version has been released since. Bump OpenWrt and corresponding feeds to the most recent commit on the v23.05 branch. [1] https://github.com/openwrt/openwrt/pull/14361 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-03-21 21:47:10 +01:00
Fabian Bläse	23a3af46d2	fff-babel: remove erroneous error messages for absent babel implementation Fixes: #306 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-03-21 14:20:30 +01:00
Fabian Bläse	94c5340700	woodpecker: replace syntax deprecated with 1.0.0 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-28 10:49:29 +01:00
Fabian Bläse	7c0a24a80c	layer3-config: Add DSA migration script for migrated devices ci/woodpecker/manual/woodpecker Pipeline was successful Details Because of to the switch from swconfig to DSA, the switchport names have to be migrated for a few devices. Due to past migrations, we already have developed a migration script for that. Duplicate and adjust the script for the newly migrated devices. While at it, rename the old script to reflect the configuration version bump. Fixes: #301 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-16 22:54:44 +01:00
Fabian Bläse	ecc590cbaa	mpc85xx: retain old compat_version for sysupgrade compatibility OpenWrt images contain a compat_version, which is used to block upgrades to newer versions with incompatible configuration, if the configuration cannot be migrated. As we maintain our own configuration and all OpenWrt configuration files are dropped on an upgrade, this upgrade block is not required. To simplify the upgrade process, retain the old compat_version for the next sysupgrade release. The compat_version will then be bumped automatically by the `05_compat-version` board.d script. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-16 22:54:44 +01:00
Fabian Bläse	fc1c0c39ae	fff-network: adjust network configuration of TP-Link TL-WDR4900 for DSA the TL-WDR4900 was migrated to a DSA driver with OpenWrt 23.05. Adjust our network configuration accordingly. Fixes: #302 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-16 22:54:44 +01:00
Fabian Bläse	dfb892d4ac	fff-network: add missing cpuport case for the FritzBox 4040 When adjusting our configuration for the DSA migration of the FritzBox 4040, the cpuport was forgotten. The cpuport has to be removed for DSA devices. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-16 22:54:44 +01:00
Fabian Bläse	1677a35624	fff-layer3-config: bump config_version With OpenWrt 23.05 a few more devices have been migrated to DSA. Bump the config_version of layer3-config to reflect the necessary migration. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-16 22:54:44 +01:00
Fabian Bläse	d20b081498	profile: include full hostname in shell prompt All of our devices are routers. Because they all serve the same purpose, it is quite common that the first part of the hostname is the same for multiple devices, and the location of the device is only included in subsequent parts of the hostname. Include the full hostname in the shell prompt, so it is easier to determine the devices location. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-02-16 22:53:51 +01:00
Felix	0280e0d3de	README: add missing build prerequisites ci/woodpecker/push/woodpecker Pipeline was successful Details The packages rsync and python3-distutils are required for a successful build, but missing in the prerequisites of the README. Add them. Reviewed-by: Fabian Bläse <fabian@blaese.de>	2024-01-25 17:48:41 +01:00
Johannes Kimmel	5a6a0a39d7	buildscript: add color to the root warning Use color output when the `tput` command is available. `tput` handles terminal-dependant capabilities, so the script should remain portable. Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> Reviewed-by: Fabian Bläse <fabian@blaese.de>	2024-01-25 17:48:41 +01:00
Johannes Kimmel	de15c71c53	buildscript: print warning instead of failing build Signed-off-by: Johannes Kimmel <fff@bareminimum.eu> Reviewed-by: Fabian Bläse <fabian@blaese.de>	2024-01-25 17:48:38 +01:00
Fabian Bläse	06c8718761	Revert "Disable unnecessary busybox features" This reverts commit `3e27bff731`. Removing these busybox features breaks wireless configuration in various confusing ways. Revert this change until further analysis. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-25 17:45:42 +01:00
Fabian Bläse	f376cc916d	OpenWrt: bump to v23.05.2 Bump core, packages and routing. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-25 17:45:42 +01:00