Add support for IEEE802.11w Management Frame Protection options.
Mention in the help text that the full version of wpad/hostapd is
needed.
Currently supported by ath9k and ath10k, and in LEDE also by
mwlwifi and mt76.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* Add WPA/WPA2-PSK mixed mode to the list of allowed modes
* Add datatype validation to some fields
* Add help texts
* Reformat longest lines
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Adds support for 802.11r fast transition to luci.
Corrects the deletion on nasid in issue #844
The R0KH & R1KH options are not perfect as it would be better
to separate out each option and do some sanity checking on
the values, but that is beyond my capabilities.
Signed-off-by: Warren Linton warren@linton.id.au
(squashed from three original commits in #994. commit message reworded)
The same wifi option 'nasid' is used for two purposes,
RADIUS NAS ID and 802.11r NAS ID / R0KH-ID.
In LuCI the 'nasid' option has depended on WPA-EAP/WPA2-EAP, which
can lead to accidental deletion of the option, if the user modifies
any wifi settings while he has WPA(2)-PSK & 802.11r mode.
802.11r can also be with WPA(2)-PSK, so add them to the dependency
list of allowed encryptions.
(Note: after this fix the 'nasid' field is shown unnecessarily
to "normal" WPA(2)-PSK users. It might later be set to depend on
802.11r being used, after 802.11r has been added to LuCI.)
Reference to bugs:
https://github.com/openwrt/luci/issues/844https://dev.openwrt.org/ticket/20764https://bugs.lede-project.org/index.php?do=details&task_id=274
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The previous commit erroneously used "ports" instead of "port" as name for the
option widget, causing wrong uci values to be written.
Also work around some cbi idiosyncrasies regarding MultiValue widgets which
prevented rendering the correct initial selection state.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The Overview page and Network>Interfaces page currently do not give much information about IPv6, particularly with Prefix Delegated setups. In these setups, ISP will delegate a prefix to the router. Currently LuCI doesn't display this Prefix Delegation from the ISP anywhere. A number of changes was added to this commit:
1) self:_ubus("ipv6-prefix") was extracted and put into protocol.ip6prefix.
2) Network>Interfaces page, if a .ip6prefix is present, show it under Status. (IPv6-PD).
3) On the Overview page, "Type" and "Prefix Delegated" has been added to the IPv6 Network Overview Status:
- Type will display the .proto, similar to the IPv4 case. If a .ip6prefix is present, it'll display a "-pd" at the end of the Type: i.e. dhcpv6-pd vs. dhcpv6.
- If no .ip6prefix is present, it'll do what it does currently, and just show Address, or :: if no address is present.
- If .ip6prefix is present, it'll show the "Prefix Delegated", it'll also hide "Address" if no address is present, else it'll show ifc6.ip6addr as well.
Signed-off-by: Cody R. Brown <dev@codybrown.ca>
Move the password setting into the .parse() callback to ensure that it is
updated regardless of whether "Save" or "Save & Apply" has been pressed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Reloading the page ensures that the allowed tx power values and channel select
lists are properly populated with the new effective values.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixed some display problems where the UUID label of the drop down
list does not exist and the positions of other labels are misplaced
in mount settings page.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Fixed an issue where the network name is displayed as "%q" on wlan
connection destination network settings page.
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
When a lease objects expires property is set to "false", its expiry time is
unlimited, so adjust the templates to properly display that state.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
We're currently just setting system time, but we don't set battery
backed RTC. Time in the RTC is only set on the graceful shutdown, which
is quite hard to achieve on embedded devices.
In other words, on systems with battery backed RTC we currently don't
handle following use case properly:
1. Set system time from web UI (sets only system time, but not RTC)
2. Unplug the device from power
Then after the reboot, we've wrong system time again, because time set
in [1] is not saved to battery backed RTC.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Specify reasonable sizes for metric and MTU fields to
prevent the table from being too wide.
Signed-off-by: Andrew Shadura <andrew.shadura@collabora.co.uk>
Attempt to infer the default diagnostics host for nslookup / ping / traceroute
from the various URLs in /etc/os-release. Fall back to "openwrt.org" if no
host is found to preserve backwards compatibility.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of defaulting to replace, even on hardware that supports multi
SSID, make the default to add. This reduces the chance of locking
oneself out when adding a second network. If you intended to replace,
ending up with two networks then deleting one is easier than recovering
when the old network configuration is gone.
Signed-off-by: Karl Palsson <karlp@etactica.com>
After clicking the "join" button on the scan list, the SSID is no longer
visible, though it's kept in the form to pass to the server.
Show the chosen SSID on the top of the page, to help people confirm that
they're joining the right network.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Simplify the sysupgrade image checksum strings in order to
avoid translating "Checksum xxx" items both for MD5 and SHA256.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Show also the sha256 checksum in addition to MD5 checksum to enable
image verification also for builds with only sha256 checksums.
If the 'sha256sum' command is not present in the system, the value
remains empty.
Note: The easiest way to get the 'sha256sum' command is to compile it
into busybox.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Fix incomplete port status display on vlan setup page when ports in the middle
are not used, e.g. some Lantiq boards use ports 0, 1, 2 and 4 for LAN ports so
JS code should not attempt to reference an undefined status element for port 3.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Use a generic default topology if we cannot infer switch information from
board.json and display an error message in this case. Should fix#779 and
similar issues.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Gracefully handle a missing diag section in /etc/config/luci when rendering
the network diagnostics tool page.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When a wireless network is disabled it can't be removed. From
wifi_overview.htm the delete call is generated as wlan0, wlan1 or
whatever. This wlan is not working because it is disabled, then LuCI
deletes the virtual radio which really is named as wlan0.
Replace the menu item "Wifi" by "Wireless",
which is already used for page and section headings
This closes#695
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This pull request adds a condition, which checks whether the file "/etc/config/fstab" exists before it allows access to "mount points".
Signed-off-by: Guido Lipke <lipkegu@gmail.com>
Add support for dnsmasq uci options 'quietdhcp' and 'sequential_ip'
(disable logging, allocate ip addresses sequentially)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This patch fixes the wrong visualization of Noise Margin (SNR) and Signal Attenuation (SATN) stats
Signed-off-by: Luca Debernardi <luca.debernardi@gmail.com>
Fix dhcpv6 ra_management option's handling of "stateless" value.
Default value for the option is 1, so trying to store ""
instead of "0" for stateless is not working.
This fixes#676
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
- Under some conditions the system will shutdown
uhttpd before the page will be delivered to
the client. Waiting one second should eleminate
this behaviour.
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
When kmod-nf-nat6 and kmod-ipt-nat6 are installed, the firewall has also
the 'nat' table for ipv6, and packages like 'adblock' utilize that table.
Currently that table is not shown on the Luci firewall status page,
although it is visible by 'ip6tables -L -v -t nat' from console.
Detect 'nat' table's presence from /proc/net/ip6_tables_names
Show 'nat' table in Status->Firewall->IPv6 if that table is present.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This adds a lot of new status information about the dsl line.
It now looks like this on a Telekom line:
Status: UP
Line State: showtime_tc_sync [0x801]
Line Mode: G.993.2 (VDSL2)
Annex: B
Profile: 17a
Data Rate: 51.391 Mb/s / 10.046 Mb/s
Max. Attainable Data Rate (ATTNDR): 63.817 Mb/s / 23.908 Mb/s
Latency: 4.0 ms / 8.0 ms
Line Attenuation (LATN): 10.5 dB / 9.9 dB
Signal Attenuation (SATN): 8.2 dB / 14.4 dB
Noise Margin (SNR): 10.5 dB / 9.7 dB
Aggregate Transmit Power(ACTATP): -14 dB / 12.4 dB
Forward Error Correction Seconds (FECS): 1 / 1723485
Errored seconds (ES): 0 / 2477
Severely Errored Seconds (SES): 0 / 50
Loss of Signal Seconds (LOSS): 0 / 0
Unavailable Seconds (UAS): 31 / 31
Header Error Code Errors (HEC): 0 / 0
Non Pre-emtive CRC errors (CRC_P): 0 / 0
Pre-emtive CRC errors (CRCP_P): 0 / 0
Line Uptime: 2m 3s
ATU-C System Vendor ID: Broadcom 176.15
Power Management Mode: L0 - Synchronized
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Enable setting a host-specific lease time for static hosts.
Format is similar as for the default lease time: e.g. 2m, 12h, 3d, infinite
Default lease time is used for all hosts without host-specific definition.
Support for the option was added to Openwrt trunk by r48801:
https://dev.openwrt.org/changeset/48801
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Map DUIDs to their corresponding MAC addresses in order to correlate them with
IPv4 information. This is useful to e.g. identify IPv6 hosts which do not send
a name.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* add more WPA-EAP phase2 authentication methods.
* client cert, client key and key password are only relevant for
WPA EAP-TLS, change dependency accordingly.
* add support for certificates and key for EAP-TLS phase2 auth.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Copy the changes made by f8d0ba00b2
also to the interface details pages in order to clarify display of
multiple addresses.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Some applications only support ipv4 so add ipv4only option
to host and hostport datatypes so that for thos applications
that when an IP address is specified only and ipv4 ip address
gets accepted.
For better view of 'Interface Overview' IPv4/IPv6 addresses for
interfaces should be displayed as lists, but not as comma separated
strings.
Signed-off-by: Alexander Logger <intagger@gmail.com>
Previously the global configuration options were missing the the LuCI configuration,
however these options are useful, so make them available to the UI.
Limit the name of a new interface to 15 characters.
Add a note about the maximum length and the automatic protocol/bridge
prefixes (br-, 6in4-, pppoe- etc.).
Reference to:
https://dev.openwrt.org/ticket/20380https://github.com/openwrt/luci/issues/507
There is a 15 character limit to the "real" interface name,
enforced both in the firewall and dnsmasq. The real interface name
includes the possible prefix "br-", "6in4-" etc. Example of an error:
interface name `br-lan_protected' must be shorter than IFNAMSIZ (15)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Do not use standard post security checking for actions that require file upload
since reading the token value will trigger parsing of the http message body
before the file upload handler has been set, which causes LuCI to buffer the
entire request body in memory.
In order to simplify the code and logic flow, split action_flashops() into
separate handlers for reset, backup, restore and sysupgrade.
Let the backup restore and sysupgrade handlers use the new test_post_security()
method in luci.dispatcher to perform token checking *after* setting the upload
handler.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* Use post_on() target to require csrf token verification for modifying actions
* Ensure that package and flash operation handlers guard modifying operations
with parameter check
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Only attempt to call "dsl_func" if the dsl_control lucistat output could be
successfully evaluated.
Works around https://dev.openwrt.org/ticket/20607
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Prevent word-wrap on the config input areas. Especially the feed
definition lines can be long, and automatic word-wrap can decrease
clarity.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Add package *.ipk size information to package listing in Luci,
as opkg was today extended to support listing also the size information.
Visible fields are now: name, version, size, description
That will help users considering installation of a certain package
to assess its size impact on flash.
Note: Opkg data includes the size of the .ipk file, not the expanded size.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
opkg config was recently changed by https://dev.openwrt.org/changeset/46491/
Existing /etc/opkg.conf was split to three:
/etc/opkg.conf -> base opkg configuration
/etc/opkg/distfeeds.conf -> default Openwrt package feeds
/etc/opkg/customfeeds.conf -> custom package feeds
Since then, the actual feed definitions have not been visible/configurable,
as only /etc/opkg.conf has been visible in Luci.
This patch restores the capability to see and edit package feed definitions.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Simplify fstab setup by offering hints for uuid/label and device node options.
Fix rootfs handling logic by removing obsolete references to the "is_rootfs"
option and offering "/" and "/overlay" choices for the mountpoint instead.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Fetch the required information via ubus instead of relying on the
to-be-removed luci.sys.sysinfo() and luci.sys.loadavg() functions.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
* Rename subdirectories to their repective OpenWrt package names
* Make each LuCI module its own standalone package
* Deploy a shared luci.mk which is used by each module Makefile
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
