Add support for Mikrotik RB5009

Device support is based on the patch set linked in the OpenWrt Wiki. [1][2] The aux-loader blob is not included, as it is only required for initial installation. Two additional kernel patches for mvpp2 are added to allow receive hashing to work properly in the DSA setup of the device. [1] https://openwrt.org/toh/mikrotik/rb5009ug_s_in#installation [2] https://paste.myconan.net/482114 Signed-off-by: Fabian Bläse <fabian@blaese.de>
bsp: work around lm-sensors build error
2024-01-19 01:04:03 +01:00 · 2024-01-19 01:03:18 +01:00 · 2024-01-18 21:44:49 +01:00 · 2024-01-18 21:44:48 +01:00 · 2024-01-18 21:44:28 +01:00 · 2024-01-18 21:34:04 +01:00
25 changed files with 332 additions and 111 deletions
--- a/bsp/ath79-generic.bsp
+++ b/bsp/ath79-generic.bsp
@ -20,6 +20,6 @@ images=("openwrt-${chipset}-${subtarget}-glinet_gl-ar150-squashfs-*"
        "openwrt-${chipset}-${subtarget}-tplink_tl-wr1043nd-v4-squashfs-*"
        "openwrt-${chipset}-${subtarget}-tplink_tl-wr1043n-v5-squashfs-*"
        "openwrt-${chipset}-${subtarget}-ubnt_nanostation-loco-m-xw-squashfs-*"
-        "openwrt-${chipset}-${subtarget}-ubnt_unifi-squashfs-*"
+        "openwrt-${chipset}-${subtarget}-ubnt_unifi-ap-squashfs-*"
        "openwrt-${chipset}-${subtarget}-ubnt_unifiac-mesh-squashfs-*"
        )
--- a/bsp/ath79-generic/.config
+++ b/bsp/ath79-generic/.config
@ -60,17 +60,25 @@ CONFIG_TARGET_DEVICE_ath79_generic_DEVICE_ubnt_nanostation-m=y
 CONFIG_TARGET_DEVICE_PACKAGES_ath79_generic_DEVICE_ubnt_nanostation-m="-rssileds"
 CONFIG_TARGET_DEVICE_ath79_generic_DEVICE_ubnt_picostation-m=y
 CONFIG_TARGET_DEVICE_PACKAGES_ath79_generic_DEVICE_ubnt_picostation-m="-rssileds"
-CONFIG_TARGET_DEVICE_ath79_generic_DEVICE_ubnt_unifi=y
-CONFIG_TARGET_DEVICE_PACKAGES_ath79_generic_DEVICE_ubnt_unifi=""
+CONFIG_TARGET_DEVICE_ath79_generic_DEVICE_ubnt_unifi-ap=y
+CONFIG_TARGET_DEVICE_PACKAGES_ath79_generic_DEVICE_ubnt_unifi-ap=""
 CONFIG_TARGET_DEVICE_ath79_generic_DEVICE_ubnt_unifiac-mesh=y
 CONFIG_TARGET_DEVICE_PACKAGES_ath79_generic_DEVICE_ubnt_unifiac-mesh="-kmod-ath10k-ct kmod-ath10k -ath10k-firmware-qca988x-ct ath10k-firmware-qca988x"
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
@ -85,9 +93,11 @@ CONFIG_KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE=1
 CONFIG_PACKAGE_hostapd-mini=y
 CONFIG_PACKAGE_iwinfo=m
 CONFIG_PACKAGE_libiwinfo=m
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_PACKAGE_wpad-mini=m
 CONFIG_PACKAGE_ath10k-firmware-qca9887=m
@ -101,3 +111,9 @@ CONFIG_PACKAGE_ath10k-firmware-qca988x-ct=m
 CONFIG_PACKAGE_kmod-ath10k-ct-smallbuffers=m
 CONFIG_PACKAGE_kmod-ath10k-ct=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
+CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=1024
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/default/root_file_system/root/.ash_history
+++ b/bsp/default/root_file_system/root/.ash_history
@ -0,0 +1 @@
+/tmp/.ash_history
--- a/bsp/ipq40xx-generic/.config
+++ b/bsp/ipq40xx-generic/.config
@ -9,20 +9,32 @@ CONFIG_TARGET_DEVICE_PACKAGES_ipq40xx_generic_DEVICE_avm_fritzbox-4040="-kmod-at
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
 CONFIG_PACKAGE_ath10k-firmware-qca4019=m
 CONFIG_PACKAGE_ath10k-firmware-qca4019-ct=m
+CONFIG_PACKAGE_fff-extra=y
 CONFIG_PACKAGE_kmod-ath10k=m
 CONFIG_PACKAGE_kmod-ath10k-ct=m
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
 CONFIG_PACKAGE_kmod-hwmon-core=y
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/ipq806x-generic/.config
+++ b/bsp/ipq806x-generic/.config
@ -9,10 +9,18 @@ CONFIG_TARGET_DEVICE_PACKAGES_ipq806x_generic_DEVICE_tplink_c2600="-ath10k-firmw
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
@ -23,12 +31,20 @@ CONFIG_CLEAN_IPKG=y
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_fff-extra=y
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_PACKAGE_ath10k-firmware-qca99x0=m
 CONFIG_PACKAGE_kmod-ath10k=y
 CONFIG_PACKAGE_ath10k-firmware-qca99x0-ct=m
 CONFIG_PACKAGE_kmod-ath10k-ct=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/mpc85xx-p1010/.config
+++ b/bsp/mpc85xx-p1010/.config
@ -9,10 +9,18 @@ CONFIG_TARGET_DEVICE_PACKAGES_mpc85xx_p1010_DEVICE_tplink_tl-wdr4900-v1=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
@ -23,9 +31,17 @@ CONFIG_CLEAN_IPKG=y
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_fff-extra=y
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
 CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/mvebu-cortexa72/.config
+++ b/bsp/mvebu-cortexa72/.config
@ -5,80 +5,43 @@ CONFIG_TARGET_mvebu=y
 CONFIG_TARGET_mvebu_cortexa72=y
 CONFIG_TARGET_MULTI_PROFILE=y
 CONFIG_TARGET_DEVICE_mvebu_cortexa72_DEVICE_mikrotik_rb5009=y
-CONFIG_KERNEL_KEXEC=y
-CONFIG_PACKAGE_ca-bundle=y
-CONFIG_PACKAGE_dnsmasq=y
-# CONFIG_PACKAGE_ethtool is not set
-CONFIG_PACKAGE_ethtool-full=y
-CONFIG_PACKAGE_gre=y
-CONFIG_PACKAGE_ip-full=y
-CONFIG_PACKAGE_jansson=y
-CONFIG_PACKAGE_kmod-ata-core=y
-CONFIG_PACKAGE_kmod-crypto-crc32c=y
-CONFIG_PACKAGE_kmod-crypto-hash=y
-CONFIG_PACKAGE_kmod-crypto-kpp=y
-CONFIG_PACKAGE_kmod-crypto-lib-chacha20=y
-CONFIG_PACKAGE_kmod-crypto-lib-chacha20poly1305=y
-CONFIG_PACKAGE_kmod-crypto-lib-curve25519=y
-CONFIG_PACKAGE_kmod-crypto-lib-poly1305=y
-CONFIG_PACKAGE_kmod-fs-exportfs=y
-CONFIG_PACKAGE_kmod-fs-xfs=y
-CONFIG_PACKAGE_kmod-gre=y
-CONFIG_PACKAGE_kmod-gre6=y
-CONFIG_PACKAGE_kmod-hwmon-core=y
-CONFIG_PACKAGE_kmod-hwmon-drivetemp=y
-CONFIG_PACKAGE_kmod-hwmon-gpiofan=y
-CONFIG_PACKAGE_kmod-i2c-core=y
-CONFIG_PACKAGE_kmod-ip6-tunnel=y
-CONFIG_PACKAGE_kmod-ipt-core=y
-CONFIG_PACKAGE_kmod-ipt-nat=y
-CONFIG_PACKAGE_kmod-iptunnel=y
-CONFIG_PACKAGE_kmod-iptunnel6=y
-CONFIG_PACKAGE_kmod-lib-crc32c=y
-CONFIG_PACKAGE_kmod-linkstation-poweroff=y
-CONFIG_PACKAGE_kmod-md-mod=y
-CONFIG_PACKAGE_kmod-md-raid0=y
-CONFIG_PACKAGE_kmod-md-raid1=y
-CONFIG_PACKAGE_kmod-nf-conntrack=y
-CONFIG_PACKAGE_kmod-nf-conntrack6=y
-CONFIG_PACKAGE_kmod-nf-ipt=y
-CONFIG_PACKAGE_kmod-nf-log=y
-CONFIG_PACKAGE_kmod-nf-log6=y
-CONFIG_PACKAGE_kmod-nf-nat=y
-CONFIG_PACKAGE_kmod-nf-reject=y
-CONFIG_PACKAGE_kmod-nf-reject6=y
-CONFIG_PACKAGE_kmod-nfnetlink=y
-CONFIG_PACKAGE_kmod-nft-core=y
-CONFIG_PACKAGE_kmod-nls-base=y
-CONFIG_PACKAGE_kmod-rtc-rs5c372a=y
-CONFIG_PACKAGE_kmod-sched-cake=y
-CONFIG_PACKAGE_kmod-sched-core=y
-CONFIG_PACKAGE_kmod-scsi-core=y
-CONFIG_PACKAGE_kmod-udptunnel4=y
-CONFIG_PACKAGE_kmod-udptunnel6=y
-CONFIG_PACKAGE_kmod-usb-core=y
-CONFIG_PACKAGE_kmod-usb-xhci-hcd=y
-CONFIG_PACKAGE_kmod-usb3=y
-CONFIG_PACKAGE_kmod-vxlan=y
-CONFIG_PACKAGE_kmod-wireguard=y
-CONFIG_PACKAGE_libbpf=y
-CONFIG_PACKAGE_libelf=y
-CONFIG_PACKAGE_libmnl=y
-CONFIG_PACKAGE_libncurses=y
-CONFIG_PACKAGE_libnftnl=y
-CONFIG_PACKAGE_libnl-core=y
-CONFIG_PACKAGE_libnl-route=y
-CONFIG_PACKAGE_libpcap=y
-CONFIG_PACKAGE_libpcre=y
-CONFIG_PACKAGE_libreadline=y
-CONFIG_PACKAGE_nftables-nojson=y
-CONFIG_PACKAGE_odhcpd-ipv6only=y
-CONFIG_PACKAGE_odhcpd_ipv6only_ext_cer_id=0
-CONFIG_PACKAGE_resolveip=y
-CONFIG_PACKAGE_tc-tiny=y
-CONFIG_PACKAGE_tcpdump=y
-CONFIG_PACKAGE_terminfo=y
-CONFIG_PACKAGE_vxlan=y
-CONFIG_PACKAGE_wireguard-tools=y
-CONFIG_PACKAGE_zlib=y
+CONFIG_TARGET_DEVICE_PACKAGES_mvebu_cortexa72_DEVICE_mikrotik_rb5009=""
+CONFIG_BUSYBOX_CUSTOM=y
+CONFIG_TARGET_PER_DEVICE_ROOTFS=y
+# CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
+# CONFIG_BUSYBOX_CONFIG_CROND is not set
+# CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
+# CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
+# CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
+CONFIG_CLEAN_IPKG=y
+# CONFIG_DROPBEAR_CURVE25519 is not set
+# CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
+# CONFIG_FASTD_ENABLE_MAC_GHASH is not set
+# CONFIG_FASTD_ENABLE_MAC_UHASH is not set
+# CONFIG_FASTD_ENABLE_METHOD_COMPOSED_GMAC is not set
+# CONFIG_FASTD_ENABLE_METHOD_COMPOSED_UMAC is not set
+# CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set
+# CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set
+# CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_libuclient=m
+CONFIG_PACKAGE_libwolfssl=m
+CONFIG_PACKAGE_opkg=m
+CONFIG_PACKAGE_uclient-fetch=m
+CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_wpad-basic-wolfssl=m
+CONFIG_STRIP_KERNEL_EXPORTS=y
 # CONFIG_TARGET_ROOTFS_EXT4FS is not set
+CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/octeon/.config
+++ b/bsp/octeon/.config
@ -9,16 +9,32 @@ CONFIG_TARGET_DEVICE_PACKAGES_octeon_generic_DEVICE_ubnt_edgerouter-4=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_fff-extra=y
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
 CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/ramips-mt7621/.config
+++ b/bsp/ramips-mt7621/.config
@ -15,10 +15,18 @@ CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit="
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
@ -29,9 +37,17 @@ CONFIG_CLEAN_IPKG=y
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_fff-extra=y
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
 CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/ramips-mt76x8/.config
+++ b/bsp/ramips-mt76x8/.config
@ -15,10 +15,18 @@ CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_DROPBEAR_CURVE25519 is not set
 # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set
@ -29,8 +37,15 @@ CONFIG_CLEAN_IPKG=y
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set
 # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set
 # CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/bsp/x86-64/.config
+++ b/bsp/x86-64/.config
@ -3,20 +3,37 @@
 #
 CONFIG_TARGET_x86=y
 CONFIG_TARGET_x86_64=y
-CONFIG_TARGET_x86_64_DEVICE_generic=y
-# CONFIG_TARGET_ROOTFS_EXT4FS is not set
+CONFIG_TARGET_MULTI_PROFILE=y
+CONFIG_TARGET_DEVICE_x86_64_DEVICE_generic=y
+CONFIG_TARGET_DEVICE_PACKAGES_x86_64_DEVICE_generic=""
 CONFIG_BUSYBOX_CUSTOM=y
 CONFIG_TARGET_PER_DEVICE_ROOTFS=y
 # CONFIG_BUSYBOX_CONFIG_BRCTL is not set
+# CONFIG_BUSYBOX_CONFIG_CHGRP is not set
+# CONFIG_BUSYBOX_CONFIG_CHOWN is not set
 # CONFIG_BUSYBOX_CONFIG_CROND is not set
 # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set
 # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set
+# CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+# CONFIG_BUSYBOX_CONFIG_MKSWAP is not set
+# CONFIG_BUSYBOX_CONFIG_ROUTE is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set
+# CONFIG_BUSYBOX_CONFIG_SWAPON is not set
 CONFIG_CLEAN_IPKG=y
 # CONFIG_PACKAGE_ALFRED_VIS is not set
+CONFIG_PACKAGE_fff-extra=y
 CONFIG_PACKAGE_kmod-vmxnet3=y
+CONFIG_PACKAGE_libuclient=m
 CONFIG_PACKAGE_libwolfssl=m
 CONFIG_PACKAGE_opkg=m
 CONFIG_PACKAGE_wpad-basic=y
+CONFIG_PACKAGE_uclient-fetch=m
 CONFIG_PACKAGE_wpad-basic-wolfssl=m
 CONFIG_STRIP_KERNEL_EXPORTS=y
+# CONFIG_LIBCURL_FILE is not set
+# CONFIG_LIBCURL_FTP is not set
+# CONFIG_LIBCURL_PROXY is not set
+# CONFIG_LIBCURL_UNIX_SOCKETS is not set
+# CONFIG_HTOP_LMSENSORS is not set
--- a/build_patches/openwrt/0001-Remove-unnecessary-dependency.patch
+++ b/build_patches/openwrt/0001-Remove-unnecessary-dependency.patch
@ -0,0 +1,25 @@
+From 19e4f5bdf7de5364c0d58e741f733dfc057d0952 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
+Date: Sat, 6 Jan 2024 14:34:15 +0100
+Subject: [PATCH] Remove unnecessary dependency
+
+---
+ package/network/utils/wireguard-tools/Makefile | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/package/network/utils/wireguard-tools/Makefile b/package/network/utils/wireguard-tools/Makefile
+index 5b1fab057d..24fff3725e 100644
+--- a/package/network/utils/wireguard-tools/Makefile
+++ b/package/network/utils/wireguard-tools/Makefile
+@@ -35,8 +35,6 @@ define Package/wireguard-tools
+   MAINTAINER:=Jason A. Donenfeld <Jason@zx2c4.com>
+   TITLE:=WireGuard userspace control program (wg)
+   DEPENDS:= \
+-	  +@BUSYBOX_CONFIG_IP \
+-	  +@BUSYBOX_CONFIG_FEATURE_IP_LINK \
+ 	  +kmod-wireguard
+ endef
+ 
+-- 
+2.43.0
+
--- a/45
+++ b/45
@ -14,7 +14,7 @@ ROUTINGREV="2272106e0839ee06957e88e3596489e1b510d3c2"
 # Gluon packages: master from 2020-02-04
 GLUONREV="12e41d0ff07ec54bbd67a31ab50d12ca04f2238c"

-OPENWRT_PKGS="gpioctl-sysfs libugpio fastd haserl micrond mtr bmon"
+OPENWRT_PKGS="gpioctl-sysfs libugpio fastd haserl micrond mtr bmon htop sysstat procps-ng procps-ng-vmstat"
 ROUTING_PKGS="kmod-batman-adv batctl alfred babeld bird2"
 GLUON_PKGS="simple-tc uradvd"

@ -54,29 +54,28 @@ checkout_git(){

    local MYGIT="git -C $DIRECTORY"
    echo "checking out $REPO_URL to $DIRECTORY in version $COMMITID"
-    if [ -d "$DIRECTORY" ]; then
-        if $MYGIT remote -v | grep -q "$REPO_URL" ; then
-            echo "Right remote detected"
-            # Remove untracked files
-            $MYGIT clean -f -d
-            # Select desired commit and remove local changes (-f)
-            if ! $MYGIT checkout -f "$COMMITID" ; then
-                echo "commitid not found trying to fetch new commits"
-                $MYGIT fetch --all && $MYGIT checkout "$COMMITID"
-            fi
-        else
-            echo "wrong remote or not an git repo at all -> deleting whole directory"
-            /bin/rm -rf "$DIRECTORY"
-            #needs to be without -C!!!
-            git clone "$REPO_URL" "$DIRECTORY"
-            $MYGIT checkout "$COMMITID"
-        fi
-    else
-        echo "We need to do a fresh checkout"
-        #needs to be without -C!!!
-        git clone "$REPO_URL" "$DIRECTORY"
-        $MYGIT checkout "$COMMITID"
+    if ! $MYGIT remote -v | grep -q "$REPO_URL"; then
+        echo "we need to do a fresh clone"
+
+        /bin/rm -rf -- "$DIRECTORY"
+        mkdir "$DIRECTORY"
+
+        $MYGIT clone --progress --no-checkout --filter=blob:none "$REPO_URL" .
+        $MYGIT config gc.auto 0
+        $MYGIT config advice.detachedHead 0
    fi
+
+    echo
+
+    # Remove untracked files
+    $MYGIT clean -f -d
+    # Select desired commit and remove local changes (-f)
+    if ! $MYGIT checkout --progress --force "$COMMITID" ; then
+        echo "commitid not found trying to fetch new commits"
+        $MYGIT fetch --all && $MYGIT checkout "$COMMITID"
+    fi
+
+    echo
 }

 get_source() {
--- a/feed_patches/routing/0002-bird-disable-unnecessary-protocols.patch
+++ b/feed_patches/routing/0002-bird-disable-unnecessary-protocols.patch
@ -0,0 +1,18 @@
+From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= <fabian@blaese.de>
+Date: Sat, 6 Jan 2024 13:24:58 +0100
+Subject: [PATCH] bird: disable unnecessary protocols
+
+diff --git a/bird2/Makefile b/bird2/Makefile
+index 9fd0031..dc827b0 100644
+--- a/bird2/Makefile
+++ b/bird2/Makefile
+@@ -97,7 +97,7 @@ protocols, telling BIRD to show various information, telling it to show
+ a routing table filtered by a filter, or asking BIRD to reconfigure.
+ endef
+ 
+-CONFIGURE_ARGS += --disable-libssh
+CONFIGURE_ARGS += --disable-libssh --with-protocols="babel pipe radv static"
+ 
+ define Package/bird2/conffiles
+ /etc/bird.conf
+
--- a/src/packages/fff/fff-base/Makefile
+++ b/src/packages/fff/fff-base/Makefile
@ -12,6 +12,10 @@ define Package/fff-base
 	URL:=https://www.freifunk-franken.de
 	DEFAULT:=y
 	DEPENDS:= \
+		+@BUSYBOX_CONFIG_FEATURE_REVERSE_SEARCH \
+		+@BUSYBOX_CONFIG_FEATURE_TOP_SMP_CPU \
+		+@BUSYBOX_CONFIG_WATCH \
+		+@BUSYBOX_CONFIG_FEATURE_EDITING_SAVEHISTORY \
 		+micrond \
 		+odhcp6c \
 		+fff-config \
--- a/src/packages/fff/fff-extra/Makefile
+++ b/src/packages/fff/fff-extra/Makefile
@ -0,0 +1,24 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fff-extra
+PKG_RELEASE:=$(COMMITCOUNT)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fff-extra
+	SECTION:=base
+	CATEGORY:=Freifunk
+	TITLE:=Freifunk-Franken gateway configuration
+	URL:=https://www.freifunk-franken.de
+	DEPENDS:=+bmon \
+	         +htop \
+	         +procps-ng \
+	         +procps-ng-vmstat \
+	         +sysstat
+endef
+
+define Package/fff-extra/description
+	This package selects useful packages for devices with enough disk space available
+endef
+
+$(eval $(call BuildPackage,fff-extra))
--- a/src/packages/fff/fff-hoods/files/etc/uci-defaults/93-fff-hoodfile
+++ b/src/packages/fff/fff-hoods/files/etc/uci-defaults/93-fff-hoodfile
@ -2,4 +2,7 @@

 ln -s "$hoodfilewww" /www/hood/keyxchangev2data

+uci set fff.keyserver='hood'
+uci commit fff
+
 exit 0
--- a/src/packages/fff/fff-hoods/files/usr/lib/functions/fff/hoodfile
+++ b/src/packages/fff/fff-hoods/files/usr/lib/functions/fff/hoodfile
@ -99,7 +99,7 @@ getKeyserverHoodfile() {

 	echo "Getting hoodfile from Keyserver"

-	if /bin/busybox wget -T15 -O "$file" "http://keyserver.freifunk-franken.de/v2/?lat=$lat&long=$long"; then
+	if /bin/busybox wget -T15 -O "$file" "$(uci -q get fff.keyserver.url || echo "http://keyserver.freifunk-franken.de/v2")/?lat=$lat&long=$long"; then
 		return 0
 	else
 		return 1
--- a/src/packages/fff/fff-layer3-config/files/etc/layer3.d/30-network-client
+++ b/src/packages/fff/fff-layer3-config/files/etc/layer3.d/30-network-client
@ -57,6 +57,12 @@ configure() {
 	else
 		echo "WARNING: No Interface for client specified"
 	fi
+
+	# stateful firewall
+	uci -q del network.client.fff_stateful_firewall
+	if [ "$(uci -q get gateway.@client[0].stateful_firewall)" = 1 ]; then
+		uci set network.client.fff_stateful_firewall=1
+	fi
 }

 apply() {
--- a/src/packages/fff/fff-layer3/Makefile
+++ b/src/packages/fff/fff-layer3/Makefile
@ -12,7 +12,6 @@ define Package/fff-layer3
 	URL:=https://www.freifunk-franken.de
 	DEPENDS:=+fff-alfred-monitoring-proxy \
 	         +fff-babel \
-	         +fff-babeld \
 	         +fff-babel-bird2 \
 	         +fff-boardname \
 	         +fff-dhcp \
@ -23,7 +22,6 @@ define Package/fff-layer3
 	         +fff-ra \
 	         +fff-web-mqtt \
 	         +fff-wireguard \
-	         +bmon \
 	         +kmod-sched-cake \
 	         +gre \
 	         +@PACKAGE_grev4 \
@ -34,7 +32,7 @@ define Package/fff-layer3
 	         +nftables \
 	         +snmp-utils \
 	         +tc \
-	         +tcpdump \
+	         +tcpdump-mini \
 	         +vxlan
 endef

--- a/src/packages/fff/fff-layer3/files/usr/lib/firewall.d/20-stateful-firewall
+++ b/src/packages/fff/fff-layer3/files/usr/lib/firewall.d/20-stateful-firewall
@ -0,0 +1,56 @@
+[ "$(uci -q get network.client.fff_stateful_firewall)" != 1 ] && return
+
+nft -f - << EOF
+table ip filter {
+	chain forward-client {
+		ct state {
+			established,
+			related,
+		} accept \
+		comment "accept traffic originating from clients"
+
+		ip protocol icmp icmp type {
+			echo-reply,
+			destination-unreachable,
+			echo-request,
+			time-exceeded,
+			parameter-problem,
+		} accept \
+		comment "accept icmp"
+
+		counter drop \
+		comment "drop the rest"
+	}
+	chain FORWARD {
+		type filter hook forward priority filter; policy accept;
+		oifname br-client goto forward-client
+	}
+}
+
+table ip6 filter {
+	chain forward-client {
+		ct state {
+			established,
+			related,
+		} accept \
+		comment "accept traffic originating from clients"
+
+		ip6 nexthdr icmpv6 icmpv6 type {
+			destination-unreachable,
+			packet-too-big,
+			time-exceeded,
+			parameter-problem,
+			echo-request,
+			echo-reply,
+		} accept \
+		comment "accept icmpv6 for basic ipv6 functionality"
+
+		counter drop \
+		comment "drop the rest"
+	}
+	chain FORWARD {
+		type filter hook forward priority filter; policy accept;
+		oifname br-client goto forward-client
+	}
+}
+EOF
--- a/src/packages/fff/fff-network/files/lib/functions/fff/cpuport
+++ b/src/packages/fff/fff-network/files/lib/functions/fff/cpuport
@ -22,7 +22,7 @@ get_cpu_port() {
 		ubnt,edgerouter-x|\
 		ubnt,edgerouter-x-sfp|\
 		ubnt,nanostation-loco-m-xw|\
-		ubnt,unifi|\
+		ubnt,unifi-ap|\
 		ubnt,unifiac-mesh|\
 		x86_64|\
 		xiaomi,mi-router-4a-gigabit)
--- a/src/packages/fff/fff-network/mips/network.mode
+++ b/src/packages/fff/fff-network/mips/network.mode
@ -21,7 +21,7 @@
 ## ETHMODE. The default mode for these devices is "BATMAN".
 ## For example this is the case for: gl-ar150, tl-mr3020-v1, tl-wa850re-v1,
 ## tl-wa860re-v1, tl-wa901nd-v2, ubnt-bullet-m, ubnt-loco-m-xw, ubnt-nano-m,
-## ubnt-unifi
+## ubnt-unifi-ap
 ETHMODE="CLIENT"
 ## Devices featuring 2 ethernet ports are configured by SPECIFIERs ressembling
 ## the labels on the PORT itself. For the cpe210 these are called LAN0 and LAN1.
--- a/src/packages/fff/fff-network/mips/network.ubnt,unifi-ap
+++ b/src/packages/fff/fff-network/mips/network.ubnt,unifi-ap
--- a/src/packages/fff/fff-wireless/files/etc/uci-defaults/24b-config-wireless
+++ b/src/packages/fff/fff-wireless/files/etc/uci-defaults/24b-config-wireless
@ -10,7 +10,7 @@ case "$BOARD" in
 		uci set wireless.radio0.antenna_gain=9
 		uci commit wireless
 		;;
-	ubnt,unifi)
+	ubnt,unifi-ap)
 		# No support for Unifi AP Pro!
 		uci set wireless.radio0.antenna_gain=3
 		uci commit wireless
Author	SHA1	Message	Date
Fabian Bläse	48718f48e4	Add support for Mikrotik RB5009 ci/woodpecker/pr/woodpecker Pipeline is pending Details Device support is based on the patch set linked in the OpenWrt Wiki. [1][2] The aux-loader blob is not included, as it is only required for initial installation. Two additional kernel patches for mvpp2 are added to allow receive hashing to work properly in the DSA setup of the device. [1] https://openwrt.org/toh/mikrotik/rb5009ug_s_in#installation [2] https://paste.myconan.net/482114 Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-19 01:04:03 +01:00
Fabian Bläse	abd172a309	bsp: work around lm-sensors build error ci/woodpecker/push/woodpecker Pipeline was successful Details Building htop with lm-sensors support currently breaks x86_64 image building. Disable lm-sensors support for all platforms for now, because we are currently not including lm-sensors anyway. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-19 01:03:18 +01:00
Fabian Bläse	cc5a1d267b	layer3: add htop and sysstat commands The sysstat tools and htop can be valueable tools when debugging performance issues. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:44:49 +01:00
Fabian Bläse	718b8e2afe	layer3: add vmstat command Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:44:48 +01:00
Fabian Bläse	efbed2f9c1	busybox: quality of life improvements - enable persistent history, save it to tmpfs (ram) - increase history size to 1024 - enable reverse-i search - enable watch command - enable top SMP command Signed-off-by: Fabian Bläse <fabian@blaese.de> fff-extra: feature_top_smp (apply for all targets or move to dependency!)	2024-01-18 21:44:28 +01:00
Fabian Bläse	c66a5fd1d3	Disable unnecessary libcurl features Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	3e27bff731	Disable unnecessary busybox features Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	202104c9f2	Remove uclient-fetch Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	168b9e1215	ath79: use bigger squashfs block size A bigger squashfs block size improves compression ratio. The improved compression ratio is necessary for the Archer C60 devices (v1 + v2) because they include large wifi drivers. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	373c2f7fef	Disable unused bird protocols On a typical Freifunk router, only a small subset of bird protocols is in use. Disable unused bird protocols to save disk space. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	5d08552e7a	layer3: move bmon to fff-extra Bmon takes up a lot of disk space, but is not essential for operation. Move it to fff-extra. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	f05c352867	Create fff-extra package for devices with large flash Devices with large flash can hold more packages and tools to improve user experience. Create an additional package which can be used to select packages only on targets with large flash (currently >= 16 MiB). Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	f7cd560d90	layer3: switch from tcpdump to tcpdump-mini Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	fe466ffa90	layer3: remove fff-babeld Babeld has been replaced with bird by default for quite some time now. Remove babeld and all configurations scripts (fff-babeld) to reduce image size. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	469fa9cbf7	x86_64: use multi-profile for target Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:34:04 +01:00
Fabian Bläse	9beee4a9ec	Apply upstream device rename of ubnt,unifi-ap The Unifi AP has been renamed upstream. Accomodate this change by adjusting strings and paths. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:33:58 +01:00
Robert Langhammer	52ffd403c7	node-fff-hoods: Make keyserverurl configurable Signed-off-by: Robert Langhammer <rlanghammer@web.de> Reviewed-by: Fabian Bläse <fabian@blaese.de>	2024-01-18 21:33:33 +01:00
Johannes Kimmel	3f88f46715	buildscript: switch to blobless clone Instead of fetching the complete git repositories, only download reachable commits and trees. Anything missing will be automatically fetched on-demand. The blobless prepare step is about 10% faster and uses 300M less diskspace. Additionally the following repository options are disabled: gc.auto: The checkouts are short lived, garbage collection are likely never useful advice.detachedHead: Disable the repeating warning message that the repositories are in a detached state for cleaner logs. Reviewed-by: Fabian Bläse <fabian@blaese.de>	2023-12-26 21:42:31 +01:00
Johannes Kimmel	53ac7cc6b5	layer3: add option to enable stateful firewall on client network ci/woodpecker/push/woodpecker Pipeline failed Details Add the following option to the client config section in `/etc/config/gateway` to enable a basic stateful firewall: ``` config client option stateful_firewall '1' ``` The firewall will forward icmp mesages and allow any outbound client traffic and related inbound traffic. Acked-by: Fabian Bläse <fabian@blaese.de>	2023-12-26 18:53:36 +01:00
Fabian Bläse	61b1bebbd2	ipq40xx: retain old compat_version for sysupgrade compatibility OpenWrt images contain a compat_version, which is used to block upgrades to newer versions with incompatible configuration, if the configuration cannot be migrated. As we maintain our own configuration and all OpenWrt configuration files are dropped on an upgrade, this upgrade block is not required. To simplify the upgrade process, retain the old compat_version for the next sysupgrade release. The compat_version will then be bumped automatically by the `05_compat-version` board.d script. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2023-12-26 18:51:44 +01:00
Fabian Bläse	1a5c91b2ef	OpenWrt: bump to v23.05 Bump core, packages and routing. Remove upstreamed build patches. Signed-off-by: Fabian Bläse <fabian@blaese.de>	2023-12-26 18:51:41 +01:00
Fabian Bläse	157fa4eac5	fff-firewall: Switch from ip/ebtables to nftables Include nftables and appropriate modules. Translate ip- and ebtables rules to their nftables counterparts. Remove ip/ebtables and modules. This change intentionally tries to keep structural changes at a minimum to keep the rule translation comprehensible. kmod-nft-bridge is not required for fff-node, because it was merged into a single kernel module since Linux 4.17: [1] `02c7b25e5f` [2] `fbaf48387e` Fixes: #252 Signed-off-by: Fabian Bläse <fabian@blaese.de> Co-authored-by: Johannes Kimmel <fff@bareminimum.eu>	2023-12-26 18:51:35 +01:00