Because of to the switch from swconfig to DSA, the switchport names
have to be migrated for a few devices. Due to past migrations, we
already have developed a migration script for that.
Duplicate and adjust the script for the newly migrated devices. While at
it, rename the old script to reflect the configuration version bump.
Fixes: #301
Signed-off-by: Fabian Bläse <fabian@blaese.de>
OpenWrt images contain a compat_version, which is used to block upgrades
to newer versions with incompatible configuration, if the configuration
cannot be migrated.
As we maintain our own configuration and all OpenWrt configuration files
are dropped on an upgrade, this upgrade block is not required.
To simplify the upgrade process, retain the old compat_version for the
next sysupgrade release. The compat_version will then be bumped
automatically by the `05_compat-version` board.d script.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
the TL-WDR4900 was migrated to a DSA driver with OpenWrt 23.05. Adjust
our network configuration accordingly.
Fixes: #302
Signed-off-by: Fabian Bläse <fabian@blaese.de>
When adjusting our configuration for the DSA migration of the FritzBox
4040, the cpuport was forgotten. The cpuport has to be removed for DSA
devices.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
With OpenWrt 23.05 a few more devices have been migrated to DSA. Bump
the config_version of layer3-config to reflect the necessary migration.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
All of our devices are routers. Because they all serve the same purpose,
it is quite common that the first part of the hostname is the same for
multiple devices, and the location of the device is only included in
subsequent parts of the hostname.
Include the full hostname in the shell prompt, so it is easier to
determine the devices location.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
The packages rsync and python3-distutils are required for a successful
build, but missing in the prerequisites of the README. Add them.
Reviewed-by: Fabian Bläse <fabian@blaese.de>
Use color output when the `tput` command is available.
`tput` handles terminal-dependant capabilities, so the script should
remain portable.
Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
This reverts commit 3e27bff731.
Removing these busybox features breaks wireless configuration in various
confusing ways. Revert this change until further analysis.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Device support is based on the patch set linked in the OpenWrt Wiki. [1][2]
The aux-loader blob is not included, as it is only required for initial
installation.
Two additional kernel patches for mvpp2 are added to allow receive
hashing to work properly in the DSA setup of the device.
[1] https://openwrt.org/toh/mikrotik/rb5009ug_s_in#installation
[2] https://paste.myconan.net/482114
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Building htop with lm-sensors support currently breaks x86_64 image
building. Disable lm-sensors support for all platforms for now, because
we are currently not including lm-sensors anyway.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
- enable persistent history, save it to tmpfs (ram)
- increase history size to 1024
- enable reverse-i search
- enable watch command
- enable top SMP command
Signed-off-by: Fabian Bläse <fabian@blaese.de>
fff-extra: feature_top_smp (apply for all targets or move to dependency!)
A bigger squashfs block size improves compression ratio. The improved
compression ratio is necessary for the Archer C60 devices (v1 + v2)
because they include large wifi drivers.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
On a typical Freifunk router, only a small subset of bird protocols
is in use. Disable unused bird protocols to save disk space.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Devices with large flash can hold more packages and tools to improve
user experience. Create an additional package which can be used to
select packages only on targets with large flash (currently >= 16 MiB).
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Babeld has been replaced with bird by default for quite some time now.
Remove babeld and all configurations scripts (fff-babeld) to reduce
image size.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Instead of fetching the complete git repositories, only download
reachable commits and trees. Anything missing will be automatically
fetched on-demand.
The blobless prepare step is about 10% faster and uses 300M less
diskspace.
Additionally the following repository options are disabled:
gc.auto:
The checkouts are short lived, garbage collection are likely never
useful
advice.detachedHead:
Disable the repeating warning message that the repositories are in a
detached state for cleaner logs.
Reviewed-by: Fabian Bläse <fabian@blaese.de>
Add the following option to the client config section in
`/etc/config/gateway` to enable a basic stateful firewall:
```
config client
option stateful_firewall '1'
```
The firewall will forward icmp mesages and allow any outbound client
traffic and related inbound traffic.
Acked-by: Fabian Bläse <fabian@blaese.de>
OpenWrt images contain a compat_version, which is used to block upgrades
to newer versions with incompatible configuration, if the configuration
cannot be migrated.
As we maintain our own configuration and all OpenWrt configuration files
are dropped on an upgrade, this upgrade block is not required.
To simplify the upgrade process, retain the old compat_version for the
next sysupgrade release. The compat_version will then be bumped
automatically by the `05_compat-version` board.d script.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Include nftables and appropriate modules. Translate ip- and ebtables
rules to their nftables counterparts. Remove ip/ebtables and modules.
This change intentionally tries to keep structural changes at a minimum
to keep the rule translation comprehensible.
kmod-nft-bridge is not required for fff-node, because it was merged into
a single kernel module since Linux 4.17:
[1] 02c7b25e5f
[2] fbaf48387eFixes: #252
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Co-authored-by: Johannes Kimmel <fff@bareminimum.eu>
OpenWrt 22.03 introduced a generic subtarget for the octeon platform and
moved all targets without a subtarget into it. Adjust our BSP and config
to accomodate this change.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
It might be desired by the user to change the channel width of the
wireless radios. Implement a layer3 option to make channel width
configurable by the user.
Fixes: #276
Signed-off-by: Fabian Bläse <fabian@blaese.de>
When reverting configured settings, it is not an error if no temporary
directory for bird babel peers has been created.
Use rm -rf to prevent an error message and early exit of
configure-layer3 scripts.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
The flash of some devices is too small to accomodate the additional
wolfssl library, which is included by default on OpenWrt 22.03.
In the future, the currently included mbedtls library should be replaced
with wolfssl, so WPA3, OWE and 802.11s encryption can be used.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
A Linux patch which changed the kernel behavior of pci device naming
was backported to Linux 5.4, and is therefore included in OpenWrt
21.02.5.
However, the OpenWrt scripts generating the default uci configuration
were not updated to accomodate this change. Therefore, wifi interface
configuration does have various side effects on the wdr4900. Most of the
time, more than two wifi radio/interface configurations are generated,
which results in wifi not working properly (because our own
configuration layer relies on the default configuration done by
OpenWrt).
Backport a patch from OpenWrt 22.03 / master, which works around this
problem but has not been applied to the 21.02 branch.
Based on: 7f4b4c29f3 (OpenWrt)
Ref: https://github.com/openwrt/openwrt/issues/11002
Ref: https://github.com/openwrt/openwrt/pull/11005
Ref: https://github.com/openwrt/openwrt/issues/10530
Ref: https://github.com/openwrt/openwrt/pull/10554Fixes: #267
Signed-off-by: Fabian Bläse <fabian@blaese.de>
By default OpenWRT generates A and AAAA records for the routers
hostname. This might interferes with upstream records and breaks when
DNSSEC is utilized.
Therefore, disable this features.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Add support for a new SPI flash to the Linux kernel. It is required for
recent versions of the Xiaomi Mi 4A Gigabit, which utilizes this SPI
flash.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Tested-by: Fabian Bläse <fabian@blaese.de>
The tool dep-tree is broken since commit "Simplify firmware variant selection"
Use the new package names for the roots of the tree to fix it.
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
The bird2 babel implementation has proven to be the more reliable option
over babeld, especially on low-end hardware. It has been working
flawlessly on many test installations.
Use bird2 instead of babeld, if no implementation is specified via uci.
While at it, use the automatically incrementing $(COMMITCOUNT) for
PKG_RELEASE.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Many functions of configure-layer3 terminate the program after
successful execution, as they were originally only intended for
execution of configure-layer3 commands.
However, some functions are used both for command exection, but also as
helper functions. For example, revert_changes() is used as a helper
function in test_changes(). Terminating the program at the end of the
function therefore ends the exection of test_changes() prematurely. As a
result, the test mode of configure-layer3 never reloads services after
a successful configuration revert.
Replace exit commands with appropriate function return values, which can
then be evaluated by the caller where appropriate.
While at it, add a missing return to the parameter validation in
execute_subshell().
Fixes: #256
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Fabian Bläse
Felix
Johannes Kimmel
Robert Langhammer
Wolfgang Hüttenhofer