Babeld has been replaced with bird by default for quite some time now.
Remove babeld and all configurations scripts (fff-babeld) to reduce
image size.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Add the following option to the client config section in
`/etc/config/gateway` to enable a basic stateful firewall:
```
config client
option stateful_firewall '1'
```
The firewall will forward icmp mesages and allow any outbound client
traffic and related inbound traffic.
Acked-by: Fabian Bläse <fabian@blaese.de>
Include nftables and appropriate modules. Translate ip- and ebtables
rules to their nftables counterparts. Remove ip/ebtables and modules.
This change intentionally tries to keep structural changes at a minimum
to keep the rule translation comprehensible.
kmod-nft-bridge is not required for fff-node, because it was merged into
a single kernel module since Linux 4.17:
[1] 02c7b25e5f
[2] fbaf48387eFixes: #252
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Co-authored-by: Johannes Kimmel <fff@bareminimum.eu>
This patch add the latency to the nodewatcher data.
The target of the ping can configure in /etc/config/fff
Example:
config latency 'latency'
option ipv4 'ff1.zbau.f3netze.de'
option ipv6 'ff1.zbau.f3netze.de'
if no target is set, no latency is send.
Signed-off-by: Christian Dresel <freifunk@dresel.systems>
Acked-by: Fabian Bläse <fabian@blaese.de>
Some users might want to prefer one babel implementation over another
for various reasons. Having to compile the firmware from scratch can be
quite tedious in that case.
Instead, make the babel implementation switchable at runtime.
The implementation can be switched manually using the uci option
`babelimpl.impl.impl`, which currently is not upgrade-safe.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Acked-by: Christian Dresel <freifunk@dresel.systems>
To be able to swap out babeld for a different babel implementation in
the future, this splits all fff-specific configuration into a seperate
fff-babel package.
Implementation specific configuration is done in
/lib/functions/fff/babeldaemon, which is included with every selectable
babel implementation. It contains functions, which are called by the
fff-specific code, and therefore allows to configure the implementation
specific parts.
The babel implementation is provided by implementation-specific
fff-packages, which provide 'fff-babel-implementation'. At the moment,
only fff-babeld is supported for use as babel implementation.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Acked-by: Christian Dresel <freifunk@dresel.systems>
This adds snmp-utils support to facilitate testing future uses for s2nproxy
WIP/RFC for s2nproxy:
freifunk-franken/firmware#194
Signed-off-by: Christian Dresel <freifunk@dresel.systems>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
COMMITCOUNT allows to have the PKG_RELEASE calculated automatically
based on the number of commits for the package folder.
AUTORELEASE will count the number of commits since the last upstream
bump. This is relevant for packages with PKG_VERSION or
PKG_SOURCE_DATE set, but will not work for us since it assumes the
use of certain identifiers in commit titles.
COMMITCOUNT works fine for most of our packages, with the following
exceptions:
* fff-nodewatcher would yield a commit count of 55, while the
current PKG_RELEASE is 61. Thus, we do not touch it for now.
* Packages that have been renamed will start counting from 1 after
the rename, since folder renames are not tracked by git. This
will result in descreasing PKG_RELEASE after the change for
these packages.
However, since moving essentially creates a new package anyway,
counting from 1 makes sense conceptually, and PKG_RELEASE is
still replaced for these packages.
* alfred-json and fff-macnock use upstream code and thus would
normally require AUTORELEASE. As discussed above, this will
not work for us, so just leave these two untouched.
Note that all this is quite irrelevant for the way we use packages
currently, as without opkg PKG_RELEASE does not matter to us anyway.
So, let's just be happy about not having to bump PKG_RELEASE
anymore, while keeping the basic functionality intact.
The only package where the PKG_RELEASE is actually used for
something is fff-nodewatcher, where the version will be displayed
in the Monitoring.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[fabian@blaese.de: rebase, add new packages]
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
With this new package it is possible to do SNAT for client IPv4.
The user must set a router_ip in gateway.meta.router_ip, so an ip
address is available for peering interfaces and reachability.
Currently, no extra filtering is done, so the client interface should
only use ip ranges, which are already filtered from being announced
(e.g. 192.168.0.0/16).
Using NAT for IPv4 significantly reduces the need for big
Freifunk-global IP range allocations.
Signed-off-by: Christian Dresel <freifunk@dresel.systems>
Co-authored-by: Fabian Bläse <fabian@blaese.de>
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Tested-by: Christian Dresel <freifunk@dresel.systems>
If the router_ips don't happen to be included in the client network's
subnet, the decision defaults to a main table lookup. This causes
packets to choose the wrong interface.
This patch forces packets from a router_ip to be routed via the fff table.
Fixes: #175
Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
With this package the mqtt settings can be configured over the webui.
Each user can use its own mqtt broker or a broker from another user.
This means that the user has a free choice of where to send or get data.
Signed-off-by: Christian Dresel <freifunk@dresel.systems>
Acked-by: Fabian Bläse <fabian@blaese.de>
This package allows to publish monitoring data from alfred
to the mqtt broker.
Anyone can access this data and can build its own monitoring.
Signed-off-by: Christian Dresel <freifunk@dresel.systems>
Acked-by: Fabian Bläse <fabian@blaese.de>
PKG_BUILD_DIR has the following default values set in include/package.mk,
in case no BUILD_VARIANT is set:
With PKG_VERSION set: $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
Without PKG_VERSION: $(BUILD_DIR)/$(PKG_NAME)
Consequently, all PKG_BUILD_DIR definitions in our packages are
redundant. Remove them.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
The cake scheduler is a popular fair queuing scheduler, which is also
capable of shaping traffic. Due to its sensible defaults it is very
easy to set up.
When tunnel traffic exceeds the capability of the transport connection,
firmware users might want to shape traffic, so meaningful queueing can be done
before tunnel packets are dropped. As this is typically combined with a fair
scheduler, cake provides a simple yet very powerful solution for both problems.
Therefore the cake kernel module is now included in the layer3 variant.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Build/Prepare and Build/Configure are not required for packages
which only contain local files and do not need any compilation.
Remove them.
Note that Build/Compile needs to be present and empty to overwrite
the defaults, though.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
The term "gateway" is ambiguous, and we are using "layer 3" for this
flavor now. Reflect that in the package name as well.
This is cosmetic otherwise.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Christian Dresel <freifunk@dresel.systems>
Fabian Bläse
Johannes Kimmel
Christian Dresel
Adrian Schmutzler