An interface can have both a /64 and a /128 from a provider.
In such a case, use the address from the /64 to do the ping check, not
the /128.
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
(cherry picked from commit 49cf5eac5c)
Add alternative to busybox nslookup. Busybox throws an error when
the host does not have an AAAA record.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
(cherry picked from commit 4cb5aa57fd)
As miniupnpd is running as root, libcap can be used to limit its
capabilities.
libcap is very small, so this isn't a problem.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit ba49c96808)
(switched to use libcap as -ng is not available)
Use the newly introduced configure script.
Use PKG_INSTALL for consistency between packages.
Use PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 2b5028458e)
If miniupnpd is installed but disabled or not running, the hotplug
script will query uci for keys that don't exist and grep a temporary
config file that doesn't exist, resulting in the following errors:
uci: Entry not found
grep: /var/etc/miniupnd.conf: No such file or directory
These would arise when an interface is brought up or down, and are
more confusing than helpful, especially when miniupnpd is disabled.
Suppress these errors.
Signed-off-by: David Ehrmann <ehrmann@gmail.com>
(cherry picked from commit 6ef2b5400b)
The existing interface selection/detection code was incomprehensible at
worst and convoluted at best. The uci config file suggested it
understood an external ipv6 interface but in reality the init script
took no notice. Re-work it so it is at least comprehendible and takes
notice of ipv6 interface details if specified.
Update the hotplug script to use the same interface selection/detection
code as the init script and take note of ipv6 interface selection, only
restarting miniupnpd on interface up events and only if that interface
isn't already known (for that ip class) by miniupnpd.
For me this has solved numerous 'flaky' startup problems, especially
with regard to ipv6.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 295d77943c)
Error was:
The domain 'example.com' seems to have a ECC cert already, please add '--ecc' parameter if you want to use that cert.
Signed-off-by: David Yang <mmyangfl@gmail.com>
* update to git 2020-05-06
* run init script through shellcheck
* fix infinite loop when BI_PARM is never set
* Fix '-b' option parsing
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Unbound has a quirk and may reply on a different device address.
When Unbound answers with from-address different than it
received queries on, it may cause trouble for select VPN and
firewall configurations. Ensure Unbound replies with the same
address by changing this default.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
* add anti_ad blocklist source
* made SafeSearch provider configurable, you can limit
SafeSearch to certain providers
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit e5ab2de1ff)
* add regional list source for czech/slovak
* add regional list source for korea
* adapt oisd_nl changes, switch to adb-syntax domains
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 0a5e61ecb6)
Removed patch
`03-configure-allow-to-manually-disable-POSIX-capabiliti.patch` that has been backported into release.
Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 9d81b6e4ca)
Recently, there was added libcap-ng to OpenWrt packages feed,
which is optional for Knot DNS. It enables POSIX 1003.1e capabilities.
This can restrict root (by default it runs as root) permissions and
might harm and as there isn't systemd on OpenWrt it can interfere.
There is an added patch, which introduced an option to disable libcap-ng.
This will be part of the next release.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 41957d6967)
Build is failing because HWTSTAMP_TX_ONESTEP_P2P is defined anymore on
linux net_tstamp.h.
Moreover, the usual way of linuxptp build is looking for system includes
unless user defines differently. That also was tried to fix.
PKG_RELEASE bumped to 3.
Signed-off-by: Paulo Machado <pffmachado@yahoo.com>
(cherry picked from commit 5f64b2d1e4)
Upstream will drop support for the ssl option in the next future version.
Signed-off-by: Gabor Seljan <sgabe@users.noreply.github.com>
(cherry picked from commit 46c253dfca)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[package bump]
This exposes the interface-auto option to UCI.
By default, interface-auto is disabled.
This leads to the DNS reply possibly originating from
a different address then the request was sent to.
Devices with a packet filter might not receive the reply in this case.
Enabling interface-auto ensures the reply is sent with the
source-address the request was sent to.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit da76aeb24c)
The configure script confusingly sets CXXFLAGS to gnu++11 but does
not use that to check the important stuff. Fix that.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8f7687833e)
* remove dumb list cache
* start adblock processing after adding/removing
list sources via CLI
* add regional list source for france
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit ab44d8146a)
Refactor the package so init script is installed from the binary instead
of an init script embedded in the package.
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
This updates the include paths for python(3)-package.mk to be relative
to the package Makefile. If not, in certain cases this will print errors
like the following one:
ERROR: please fix feeds/openwrt/net/freeradius3/Makefile
- see logs/feeds/openwrt/net/freeradius3/dump.txt for details
In the dump.txt there is the following:
Makefile:42: /mylocalpath/feeds/packages/lang/python/python3-package.mk: No such file or directory
make[1]: *** No rule to make target '/mylocalpath/feeds/packages/lang/python/python3-package.mk'. Stop.
The relative path is used already in 19.07 for most of the packages, and
has been updated for the packages at hand in master as well:
302f4d17e3 ("libmraa,libupm: Disable default Python package build recipe")
1bc2f4f3c6 ("treewide: Remove Python variants for non-Python packages")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
OpenSSL is already built as part of tools (LibreSSL actually) and can be
used instead for the host build.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c037c8d988)
Remove boost-python3 dependency and reduce file size of the compiled
kea-libs
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit 74603fe5ea)
Fix kea-admin dependency where if procps-ng-ps wasn't available busybox
would output an error casuse it does't support showing a processe's PID
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit 9314a96765)
Fix an issue where the Makefile wouldn't allow kea to show up in the
menuconfig Also added some description to the packages
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit 95307f2a4b)
STAGING_DIR_HOST is for packages under tools/ , not host packages.
Reorganized Makefile for consistency between packages.
Added PKG/HOST_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit d93fd61d62)
The host build is not used by anything.
Added PKG_INSTALL for consistency between packages.
Added PKG_BUILD_PARALLEL for faster compilation.
Added missing protobuf/host build dependency. This was previously
specified as a host dependency, which is wrong.
Removed pointless std parameter. It's only useful for old G++ versions.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 63107fa8c0)
Needed for the new protobuf update.
Cleaned up Makefile.
Got rid of HOST_BUILD_DEPENDS. This package does not have a host build.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 4c42eb0b45)
* limit domain name length to max. 63 chars
to fix issues with energized sources
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 0b6ea12560)
To use eap tls, 'tmpdir' must be created before server starts.
This 'tmpdir' is used to store and verify client certificate,
and therefore radiusd do 'chmod go-rwx'.
If 'tmpdir' does NOT exists, server failed to start and default
'tmpdir' is '/tmp/radiusd'. So init script MUST create default
'tmpdir' like other directories.
Signed-off-by: Eiji MATSUMOTO <toudaiman@gmail.com>
hotplug scripts are sourced not exec'd so #!/bin/sh /etc/rc.common
doesn't pull in the functions defined in /etc/rc.common thus since
'enabled' isn't defined the following sequence always fails:
enabled miniupnpd || exit 0
Unfortunately sourcing /etc/rc.common doesn't appear to work so come up
with some alternatives.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
As wifidog-ng builds a kernel module, it must use a PKG_BUILD_DIR in
KERNEL_BUILD_DIR instead of BUILD_DIR, otherwise old build artifacts may
be incorrectly reused when switching between different targets of same
architecture without a full clean.
Instead of fixing up the override, just remove it and instead move the
kernel.mk include above package.mk, so PKG_BUILD_DIR is set up correctly
by default.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 25babf817f)
Related commit: 0080bb4b
Use `\s*` instead of ` \?` to match 0 or multiple spaces.
Signed-off-by: Zheng Luo <cherrotluo@gmail.com>
(cherry picked from commit 88b03577c4)
JSON response now has spaces between parameters. Accept this new format and the old one.
Signed-off-by: Michael Gray <michael.gray@lantisproject.com>
(cherry picked from commit 0080bb4bba)
Fixes issue #11282, this patch was provided by PaulFertser on the #openwrt
IRC.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit bf68826897)
HTTPS support is not provided by default.
Also fixed a mistakenly added ].
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fdfe5a7607)
