- Disable interface-level bridging if a corresponding br-$name bridge
already exists as device declaration
- Exempt wireless interfaces from bridge port configuration, they can only
be attached indirectly through "option network"
- Consider bridge ports from both "option ifname" in interface/device
sections and from "option ports" in bridge-vlan ones
- Small fixes for rendering quirks
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Recent netifd automatically adds wireless devices as bridge ports if the
layer 2 device referenced by the "config interface" target network is a
Linux network bridge or a VLAN interface on top of a network bridge.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Before this commit, assigning the same static IP address to two
different hosts disabled dnsmasq.
Logic of adding a new static lease was modified. If user try to assign a
new MAC address to already reserved IP, old lease will be modified (list
of MAC addresses will be extended by new MAC) instead of creation a new lease with the same IP.
Signed-off-by: Oleksandr Pastushkov <oleks.pastushkov@gmail.com>
Modernize the 802.11w help text as support for 802.11w is
currently always compiled into hostapd/wpad and most of
the relevant wireless drivers support it well.
Add a cautionary note that some drivers do not fully support
it. Mention mwlwifi by name as it has several 802.11w bugs
open in upstream and its development has stopped.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
OpenWrt commit 1a9b896d ("treewide: nuke DRIVER_11W_SUPPORT") enables
802.11w feature for all wpad/hostapd configurations. The feature flag
was removed at all but for the compatibility reasons 11w is still
advertised (but there's a plan to nuke it also) [1].
Remove conditional 802.11w LuCI support to match current behavior.
[1]: https://github.com/openwrt/openwrt/pull/3347
Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
Wireless device names must not be added as list/option ifname, but the
network must be backreferenced in config wifi-iface instead in these
cases.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
luci-mod-network Describe issues: Hidden SSID, WMM
The performance and reliability implications of hiding SSIDs or disabling
WMM are not commonly known and these settings often end up being
misconfigured to harmful effect.
To seek to mitigate this, add descriptions explaining that:
Where the ESSID is hidden, clients may fail to roam and airtime efficiency
may be significantly reduced.
Where Wi-Fi Multimedia (WMM) Mode QoS is disabled, clients may be limited
to 802.11a/802.11g rates.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
The time has long come where 802.11b DSSS/CCK data rates should be disabled
By default in OpenWRT. Users in need of 802.11b client support can reasonably
enable these where they are needed.
The balance of equities has significantly, and for a long time, tipped
such that dropping backwards compatibility by default with 802.11b
devices is appropriate, proportionate and justified. By doing so,
management and control traffic is moved by default to a 20
MHz wide 6 Mb/s OFDM data rate instead of a 22 MHz wide 1 Mb/s DSSS data
rate. This is significantly more airtime efficient.
For discoverability:
1) Move the option from the Advanced Settings to the General Setup tab.
2) Add a description explaining potential compatibility implications.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
Add support for the cell_density option added to OpenWRT via commit:
81ff23fc91dbbedc374e58afdb4b0b13146c0f15
This configures data rates based on the coverage cell density.
Normal configures basic rates to 6, 12, 24 Mbps if legacy 802.11b rates
are not used else to 5.5, 11 Mbps.
High configures basic rates to 12, 24 Mbps if legacy 802.11b rates are
not used else to the 11 Mbps rate.
Very High configures 24 Mbps as the basic rate. Supported rates lower
than the minimum basic rate are not offered.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
Modern browsers allow decomposing table markup equally well as nested div
constructs, therefor migrate our <div> table markup to actual <table> tags
but keep the old table/tr/th/td CSS classes for now to allow for a smooth
theme transition.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
WiFi join won't work if is tried to connect to a Hidden Wifi without specifying the WiFi SSID.
Fixes: #2085
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
The method array may be null in case of an open network, also not all
occurrences of `is_sae` and `is_psk` were properly checked.
Resolve the issue by moving the length check to the variable initialization.
Fixes: ba98a2fd0 ("luci-mod-network: fix logic bug in parse enc for network join")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In handleJoinConfirm while is_wep is a boolean, is_psk and is_sae are an array. In the following if check, all 3 are used as boolean but Js treat empty array as positive values and this cause the ui to wrongly set the encryption to sae. fix this by checking if the array actually contains data.
Fixes: #4524
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
handleJoin can be slow to parse all the data and show the new modal, this can result in the disappear of the scan modal and the showing of the wifi config page while the data are generating. This is wrong since a user can think that he did something wrong. Fix this by using the createHandleFn and by removing the scan pool function instead of calling ScanAbort function that with the other thing wrongly removes the Scan modal. (the modal is replaced with the add one when all the data are ready)
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
The mac section for the static lease doesn't correctly handle when multiple mac are set for a rule.
Fixes: #4291
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
This commit removes WEP from the list of supported
encryption methods in case hostapd or wpa_supplicant
were compiled without WEP support.
Signed-off-by: David Bauer <mail@david-bauer.net>
Address is very useful in dnsmasq. I don't see a reason why we should not have it in the form
Signed-off-by: Najdanovic Ivan <najdanovicivan@gmail.com>
This commit adds the ability for users to validate against the system's
built-in CA bundle if it is installed. The process is made much easier because
the user does not have to first extract the CA certificate from the EAPOL
handshake and upload it via LuCI uploads. Dependent on commit
openwrt/openwrt#2696.
Signed-off-by: David Lam <david@thedavid.net>
This PR is tied to changes being made via openwrt/openwrt#2654, and it
allows users to provide certificate constraint(s) when connecting as a
STA to an AP using Enterprise modes. The constraints can either be
provided via the certificate's X509 subject using a substring (e.g.
/CN=wifi.mycompany.com) or subject alternate name values (e.g.
DNS:wifi.mycompany.com), although both can be combined for a stricter
validation criteria. Other options, such as wildcard and exact domain
matches are also available.
Signed-off-by: David Lam <david@thedavid.net>
Having a description attached to a VLAN makes identification a lot easier when
dealing with many VLANs
Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
Replace the `iface_down` endpoint with a direct invocation of `/sbin/ifdown`
and replace the interface connectivity check with a call to the new
`remote_addr` endpoint.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The remote_addr endpoint allows clients to query their external IP address
as seen by the device as well as the inbound network devices and logical
interfaces on the router.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Currently WPS push-button is dropped when SAE or SAE-Mixed is selected. WPS is still supported in WPA3.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Align the status column device selection logic with the approach used for
rendering the interface status boxes; first try to obtain the active
layer3 device as reported by ubus, only then fall back to the protocol
specific device hint which might or might not point to an existing device.
Fixes: #3076
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Rewrite the wireless network management views in client side JS using ubus
rpc calls for the router communication.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- Autoselect the matching IPv4 address when initially picking a MAC
- Add hostname hints in the MAC/IP dropdowns
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
802.11w has to be enabled in station mode to be effective. If the AP is using WPA3-SAE or requires 11w, station will not connect unless 11w is enabled via this option.
Signed-off-by: Antoine Deschênes <adeschenes@kronostechnologies.com>
Attempt to properly report the scan status by treating 404 replies as
not yet completed scans and empty array replies as successful scans
that did not yield any results.
Fixes: #2874
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
commit 8a34a54b6aa6 ("base-files: use OPENWRT prefix for os-release
variables") changes the prefix of the os-release variables from LEDE_
to OPENWRT_. Use the new name.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Since openwrt-18.06 the auto option is set/unset if we press
connect/disconnect on the interface page. So I think we should move this
to the general tab so that we see at once if this is started on boot or
not.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This checks if the installed hostapd supports SAE and allows to select
WPA3 Personal SAE in that case.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Replace all XHR poll time number with -1 so they will use the default
poll interval time value from "/etc/config/luci". If this is not set then
5 seconds as default is used.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The default for 802.11r option ft_psk_generate_local
was changed a few months ago by openwrt/openwrt@3cc56a5
That change was a bit awkward, as it made hostapd to
overlook the possibly existing r0kh values by default
unless the user explicitly disables the new default.
Adapt LuCI by changing the default for ft_psk_generate_local
into 'enabled'.
But ensure that LuCI does not delete the existing key values
by not making the r0kh and r1kh fields to depend on this.
Note that this is just a quick fix for the wrong default value
causing problems, but not yet a complete fix for all the options.
In the long run it might be better to make the detail options
to depend on local generation.
Reference also to LuCI PR #2102
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
