Merge branch 'master' into master

This commit is contained in:
fwiessner 2021-07-31 00:20:53 +02:00
commit f0b03b48d4
10 changed files with 158 additions and 184 deletions

View File

@ -6,10 +6,10 @@ images=("openwrt-${chipset}-${subtarget}-glinet_gl-ar150-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_archer-c60-v2-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_archer-c7-v2-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_archer-c7-v5-squashfs-*"
# "openwrt-${chipset}-${subtarget}-tplink_cpe210-v1-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_cpe210-v1-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_cpe210-v2-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_cpe210-v3-squashfs-*"
# "openwrt-${chipset}-${subtarget}-tplink_cpe510-v1-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_cpe510-v1-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_tl-wdr3500-v1-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_tl-wdr3600-v1-squashfs-*"
"openwrt-${chipset}-${subtarget}-tplink_tl-wdr4300-v1-squashfs-*"

View File

@ -23,6 +23,7 @@ alias l='ls -CF'
alias la='ls -A'
alias ll='ls -alF'
alias ls='ls --color=auto'
alias ip='ip --color=auto'
# and color my prompt
export PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

View File

@ -1,12 +1,15 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-3.0-or-later
set -e
set -o pipefail
builddir=./build
# OpenWrt: package hashes correspond to core repo version
OPENWRTREV="v21.02.0-rc1"
PACKAGEREV="4ceeb8fc90ed2c2e650ddddc855e7ed1df071c22"
ROUTINGREV="5b4d4c7fb6a97cac68c7d8b156fd0ab27bab4dcc"
OPENWRTREV="v21.02.0-rc3"
PACKAGEREV="e738d2faf1c4ed68094f1d5da075d2d92fb35049"
ROUTINGREV="2baff33918c089fd3744c7192f8ae7a29c47a8d7"
# Gluon packages: master from 2020-02-04
GLUONREV="12e41d0ff07ec54bbd67a31ab50d12ca04f2238c"
@ -17,13 +20,13 @@ GLUON_PKGS="simple-tc uradvd"
FFF_VARIANTS="node layer3"
OPENWRTURL="https://git.openwrt.org/openwrt/openwrt.git"
OPENWRTURL="https://git.freifunk-franken.de/mirror/openwrt.git"
## Feed definition [0]: name aka directory, [1]: url, [2]: revision
#official openwrt packages
OPENWRT=(openwrt
https://git.openwrt.org/feed/packages.git
https://git.freifunk-franken.de/mirror/openwrt-packages.git
$PACKAGEREV)
#gluon packages
@ -33,7 +36,7 @@ GLUON=(gluon
#official openwrt routing packages
ROUTING=(routing
https://git.openwrt.org/feed/routing.git
https://git.freifunk-franken.de/mirror/openwrt-routing.git
$ROUTINGREV)
FFF=(fff)

View File

@ -1,16 +1,10 @@
From 8e7de199282ba76a94a1b4370ac7712325b81fc2 Mon Sep 17 00:00:00 2001
From: Robert Langhammer <rlanghammer@web.de>
Date: Mon, 13 Nov 2017 21:04:55 +0100
Subject: [PATCH] fastd_generate_key_from_urandom
---
net/fastd/patches/001-generate_key_from_urandom.patch | 14 ++++++++++++++
1 file changed, 14 insertions(+)
create mode 100644 net/fastd/patches/001-generate_key_from_urandom.patch
Subject: fastd_generate_key_from_urandom
diff --git a/net/fastd/patches/001-generate_key_from_urandom.patch b/net/fastd/patches/001-generate_key_from_urandom.patch
new file mode 100644
index 000000000..e06739a1e
index 0000000000000000000000000000000000000000..e06739a1e715ab310d9b30ae704f615572d6b4b9
--- /dev/null
+++ b/net/fastd/patches/001-generate_key_from_urandom.patch
@@ -0,0 +1,14 @@
@ -28,6 +22,3 @@ index 000000000..e06739a1e
+ ecc_25519_gf_sanitize_secret(&secret_key, &secret_key);
+
+ ecc_25519_work_t work;
--
2.25.1

View File

@ -10,10 +10,10 @@ Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Fabian Bläse <fabian@blaese.de>
diff --git a/babeld/Makefile b/babeld/Makefile
index 0b611286092464528135c15e100b3d6928f5a677..b0ed749e98714bf146b4e4be34d71484447b8ecb 100644
index 056ce43d5ddb461ba94e51a5b18ffac0ef971468..16cc86fe5c2ae8731b0d7d2f64517e9b92d029f9 100644
--- a/babeld/Makefile
+++ b/babeld/Makefile
@@ -49,6 +49,11 @@ MAKE_FLAGS+= \
@@ -50,6 +50,11 @@ MAKE_FLAGS+= \
LDLIBS="" \
LDLIBS+="-lubus -lubox"

View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=fff-network
PKG_RELEASE:=40
PKG_RELEASE:=45
include $(INCLUDE_DIR)/package.mk

View File

@ -1,46 +1,24 @@
net.ipv4.conf.default.arp_ignore=1
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.forwarding=0
net.ipv4.conf.all.send_redirects=0
net.ipv4.tcp_ecn=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=120
net.ipv4.tcp_syncookies=1
net.core.netdev_max_backlog=30
net.netfilter.nf_conntrack_checksum=0
#Do not accept source routing
net.ipv4.conf.all.accept_source_route=0
net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.default.accept_redirects=0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_responses=1
# Disable IPv4 forwarding.
# This has to be set first, because it resets some of the
# net.ipv4.conf.* sysctls.
net.ipv4.ip_forward=0
net.ipv6.conf.default.accept_dad=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.accept_redirects=0
net.ipv6.conf.all.accept_dad=0
net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.accept_redirects=0
# Learn Prefix Information in Router Advertisement
net.ipv6.conf.default.accept_ra_pinfo = 0
net.ipv6.conf.all.accept_ra_pinfo = 0
# Setting controls whether the system will accept Hop Limit settings from a router advertisement
net.ipv6.conf.default.accept_ra_defrtr = 0
net.ipv6.conf.all.accept_ra_defrtr = 0
#router advertisements can cause the system to assign a global unicast address to an interface
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.all.autoconf = 0
#how many neighbor solicitations to send out per address?
net.ipv6.conf.default.dad_transmits = 3
net.ipv6.conf.all.dad_transmits = 3
# Enable forwarding, otherwise not all local route are examined
# Enable IPv6 forwarding, otherwise the fc00::/7 route sometimes is
# not used if a default route is available, which breaks fc00::/7
# inside Freifunk.
# To ensure no packets are routed to different interfaces, fff-firewall
# sets appropriate iptables rules
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.default.forwarding=0
# Do not accept Router Advertisements, so no public
# addresses are assigned to interfaces, where we don't
# want them. OpenWrts netifd overwrites this option for the WAN
# interface, so IPv6 WAN connectivity is still possible.
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.all.accept_ra=0
# Disable DAD, so fdff::1 on br-client does not get erroneously disabled.
# This should be done on a per-interface basis in the future.
net.ipv6.conf.default.accept_dad=0
net.ipv6.conf.all.accept_dad=0

View File

@ -4,23 +4,6 @@
. /lib/functions/system.sh
. /lib/functions/fff/network
setupPorts() {
# Add a single port to the *_PORTS config
# Usage: setupPorts <port id> <port mode>
local port=$1
local mode=$2
#default: BATMAN
if [ "$mode" = "WAN" ] ; then
WAN_PORTS="${WAN_PORTS} $port"
elif [ "$mode" = "CLIENT" ] ; then
CLIENT_PORTS="${CLIENT_PORTS} $port"
else
BATMAN_PORTS="${BATMAN_PORTS} $port"
fi
}
BOARD="$(uci get board.model.name)"
. /etc/network.$BOARD
[ -n "$ROUTERMAC" ] || ROUTERMAC=$(get_mac_label)
@ -37,10 +20,8 @@ else
if [ "$ONE_PORT" = "YES" ] || [ -n "$ETHPORT" ] ; then
echo "ETHMODE='$ETHMODE' # use BATMAN, CLIENT or WAN" >> /etc/network.config
fi
if [ -n "$LAN0PORT" ] ; then
if [ -n "$TWO_PORT" ] ; then
echo "LAN0MODE='$LAN0MODE' # use BATMAN, CLIENT or WAN" >> /etc/network.config
fi
if [ -n "$LAN1PORT" ] ; then
echo "LAN1MODE='$LAN1MODE' # use BATMAN, CLIENT or WAN" >> /etc/network.config
fi
echo "FORCEPARSE='0' # Parse at: 0=first boot only, 1=every reboot, 2=next reboot (once)" >> /etc/network.config
@ -52,79 +33,123 @@ if [ "$FORCEPARSE" = '2' ] ; then
FORCEPARSE='1'
fi
if [ -n "$ETHPORT" ] ; then
#LAN@AR150: default: BATMAN
setupPorts "$ETHPORT" "${ETHMODE}"
fi
if [ -n "$LAN0PORT" ] ; then
#LAN0@two-port: default: BATMAN
setupPorts "$LAN0PORT" "${LAN0MODE}"
fi
if [ -n "$LAN1PORT" ] ; then
#LAN1@two-port: default: BATMAN
setupPorts "$LAN1PORT" "${LAN1MODE}"
fi
if ! uci -q get network.$SWITCHDEV > /dev/null || [ "$FORCEPARSE" = '1' ] ; then
SWITCHHW=$(swconfig list | awk '{ print $4 }')
uci set network.$SWITCHDEV=switch
uci set network.$SWITCHDEV.name=$SWITCHHW
uci set network.$SWITCHDEV.enable=1
uci set network.$SWITCHDEV.reset=1
uci set network.$SWITCHDEV.enable_vlan=1
uci set network.${SWITCHDEV}_1=switch_vlan
uci set network.${SWITCHDEV}_1.device=$SWITCHHW
uci set network.${SWITCHDEV}_1.vlan=1
uci set network.${SWITCHDEV}_1.ports="$CLIENT_PORTS"
if [ "$WANDEV" = "$SWITCHDEV" ] || ! [ -z "$WAN_PORTS" ]; then
uci set network.${SWITCHDEV}_2=switch_vlan
uci set network.${SWITCHDEV}_2.device=$SWITCHHW
uci set network.${SWITCHDEV}_2.vlan=2
uci set network.${SWITCHDEV}_2.ports="$WAN_PORTS"
if [ "$ONE_PORT" = "YES" ]; then
if ! uci -q get network.$SWITCHDEV.ifname || [ "$FORCEPARSE" = '1' ] ; then
uci set network.$SWITCHDEV=interface
uci set network.$SWITCHDEV.ifname=$SWITCHDEV
if [ "$ETHMODE" = "WAN" ]; then
uci set network.client.ifname="bat0"
uci set network.wan.ifname="$WANDEV"
uci del network.ethmesh.ifname
uci del network.${SWITCHDEV}.macaddr
elif [ "$ETHMODE" = "CLIENT" ] ; then
uci set network.client.ifname="bat0 $SWITCHDEV"
uci set network.wan.ifname="eth2" #eth2 because it is default in config file
uci del network.ethmesh.ifname
uci del network.${SWITCHDEV}.macaddr
elif [ "$ETHMODE" = "BATMAN" ] ; then
uci set network.client.ifname="bat0"
uci set network.wan.ifname="eth2" #eth2 because it is default in config file
uci set network.ethmesh.ifname="$SWITCHDEV"
ETH0DEV="$SWITCHDEV"
ETH0MAC="w2ap"
fi
uci commit network
fi
elif [ "$TWO_PORT" = "YES" ]; then
if ! uci -q get network.$WANDEV.ifname || [ "$FORCEPARSE" = '1' ] ; then
uci set network.$WANDEV=interface
uci set network.$WANDEV.ifname="$WANDEV"
uci set network.$SWITCHDEV=interface
uci set network.$SWITCHDEV.ifname="$SWITCHDEV"
# Only one WAN possible, second port will be unset if both are WAN
if [ "$LAN0MODE" = "WAN" ]; then
if [ "$LAN1MODE" = "CLIENT" ]; then
uci set network.client.ifname="bat0 $SWITCHDEV"; else
uci set network.client.ifname=bat0; fi
# WAN
uci set network.wan.ifname="$WANDEV"
if [ "$LAN1MODE" = "BATMAN" ]; then
uci set network.ethmesh.ifname="$SWITCHDEV"; else
uci del network.ethmesh.ifname; fi
# Two client ports are possible
elif [ "$LAN0MODE" = "CLIENT" ]; then
if [ "$LAN1MODE" = "CLIENT" ]; then
uci set network.client.ifname="bat0 $WANDEV $SWITCHDEV"; else
uci set network.client.ifname="bat0 $WANDEV"; fi
if [ "$LAN1MODE" = "WAN" ]; then
uci set network.wan.ifname="$SWITCHDEV"; else
uci set network.wan.ifname=eth2; fi #eth2 because it is default in config file
if [ "$LAN1MODE" = "BATMAN" ]; then
uci set network.ethmesh.ifname="$SWITCHDEV"; else
uci del network.ethmesh.ifname; fi
# Only one BATMAN port possible, second port will be unset if both are BATMAN
elif [ "$LAN0MODE" = "BATMAN" ] ; then
if [ "$LAN1MODE" = "CLIENT" ]; then
uci set network.client.ifname="bat0 $SWITCHDEV"; else
uci set network.client.ifname=bat0; fi
if [ "$LAN1MODE" = "WAN" ]; then
uci set network.wan.ifname="$SWITCHDEV"; else
uci set network.wan.ifname=eth2; fi #eth2 because it is default in config file
# BATMAN
uci set network.ethmesh.ifname="$WANDEV"
fi
if [ "$LAN0MODE" = "BATMAN" ]; then
ETH0DEV="$WANDEV" # only needed for setting macaddr
ETH0MAC=w2ap
uci del network.$SWITCHDEV.macaddr
elif [ "$LAN1MODE" = "BATMAN" ]; then
# $WANDEV will win if both are set to BATMAN, as above
ETH0DEV="$SWITCHDEV" # only needed for setting macaddr
ETH0MAC=w2ap
uci del network.$WANDEV.macaddr
else
uci del network.$WANDEV.macaddr
uci del network.$SWITCHDEV.macaddr
fi
uci set network.${SWITCHDEV}_3=switch_vlan
uci set network.${SWITCHDEV}_3.device=$SWITCHHW
uci set network.${SWITCHDEV}_3.vlan=3
uci set network.${SWITCHDEV}_3.ports="$BATMAN_PORTS"
uci set network.client.ifname="$SWITCHDEV.1 bat0"
uci set network.ethmesh.ifname="$SWITCHDEV.3"
if [ "$WANDEV" = "$SWITCHDEV" ]; then
uci set network.wan.ifname=$WANDEV.2
else
uci set network.wan.ifname=$WANDEV
uci commit network
fi
else
if ! uci -q get network.$SWITCHDEV > /dev/null || [ "$FORCEPARSE" = '1' ] ; then
uci commit network
fi
SWITCHHW=$(swconfig list | awk '{ print $4 }')
if [ "$ONE_PORT" = "YES" ] && ( ! uci -q get network.$SWITCHDEV.ifname || [ "$FORCEPARSE" = '1' ] ) ; then
uci set network.$SWITCHDEV=interface
uci set network.$SWITCHDEV.ifname=$SWITCHDEV
if [ "$ETHMODE" = "WAN" ]; then
uci set network.client.ifname="bat0"
uci set network.wan.ifname="$WANDEV"
uci del network.ethmesh.ifname
uci del network.${SWITCHDEV}.macaddr
elif [ "$ETHMODE" = "CLIENT" ] ; then
uci set network.client.ifname="bat0 $SWITCHDEV"
uci set network.wan.ifname="eth2" #eth2 because it is default in config file
uci del network.ethmesh.ifname
uci del network.${SWITCHDEV}.macaddr
elif [ "$ETHMODE" = "BATMAN" ] ; then
uci set network.client.ifname="bat0"
uci set network.wan.ifname="eth2" #eth2 because it is default in config file
uci set network.ethmesh.ifname="$SWITCHDEV"
ETH0MAC="w2ap"
uci set network.$SWITCHDEV=switch
uci set network.$SWITCHDEV.name=$SWITCHHW
uci set network.$SWITCHDEV.enable=1
uci set network.$SWITCHDEV.reset=1
uci set network.$SWITCHDEV.enable_vlan=1
uci set network.${SWITCHDEV}_1=switch_vlan
uci set network.${SWITCHDEV}_1.device=$SWITCHHW
uci set network.${SWITCHDEV}_1.vlan=1
uci set network.${SWITCHDEV}_1.ports="$CLIENT_PORTS"
if [ "$WANDEV" = "$SWITCHDEV" ] || [ -n "$WAN_PORTS" ]; then
uci set network.${SWITCHDEV}_2=switch_vlan
uci set network.${SWITCHDEV}_2.device=$SWITCHHW
uci set network.${SWITCHDEV}_2.vlan=2
uci set network.${SWITCHDEV}_2.ports="$WAN_PORTS"
fi
uci set network.${SWITCHDEV}_3=switch_vlan
uci set network.${SWITCHDEV}_3.device=$SWITCHHW
uci set network.${SWITCHDEV}_3.vlan=3
uci set network.${SWITCHDEV}_3.ports="$BATMAN_PORTS"
uci set network.client.ifname="$SWITCHDEV.1 bat0"
uci set network.ethmesh.ifname="$SWITCHDEV.3"
if [ "$WANDEV" = "$SWITCHDEV" ]; then
uci set network.wan.ifname=$WANDEV.2
else
uci set network.wan.ifname=$WANDEV
fi
uci commit network
fi
uci commit network
fi
/etc/init.d/network restart
@ -166,14 +191,14 @@ if [ -n "$ROUTERMAC" ]; then
fi
if [ -n "$ETH0MAC" ]; then
echo "Fixing MAC on $SWITCHDEV"
echo "Fixing MAC on $ETH0DEV"
sleep 10
NEW_MACADDR=$(cat "/sys/class/net/${ETH0MAC}/address")
uci set network.${SWITCHDEV}.macaddr=$NEW_MACADDR
uci set network.$ETH0DEV.macaddr=$NEW_MACADDR
uci commit network
ifconfig $SWITCHDEV down
ifconfig $SWITCHDEV hw ether $NEW_MACADDR
ifconfig $SWITCHDEV up
ifconfig $ETH0DEV down
ifconfig $ETH0DEV hw ether $NEW_MACADDR
ifconfig $ETH0DEV up
/etc/init.d/network restart
fi

View File

@ -1,17 +1,5 @@
. /lib/functions/fff/network
WANDEV=eth0
WANDEV=eth1
SWITCHDEV=eth0
CLIENT_PORTS="0t"
WAN_PORTS="0t"
BATMAN_PORTS="0t"
# use mac address from phy0 with 'locally administered' bit set to '1'
# only possible, because wXmesh is created first and therefore gets the 'universally administered address'
ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/ieee80211/phy0/macaddress)")
TWO_PORT=YES
. /etc/network.mode
LAN0PORT=5
LAN1PORT=4

View File

@ -1,17 +1,5 @@
. /lib/functions/fff/network
WANDEV=eth0
WANDEV=eth1
SWITCHDEV=eth0
CLIENT_PORTS="0t"
WAN_PORTS="0t"
BATMAN_PORTS="0t"
# use mac address from phy0 with 'locally administered' bit set to '1'
# only possible, because wXmesh is created first and therefore gets the 'universally administered address'
ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/ieee80211/phy0/macaddress)")
TWO_PORT=YES
. /etc/network.mode
LAN0PORT=5
LAN1PORT=4