fwknop Makefile had two conffiles sections. Combine them.
Remove also the whitespace from conffiles section (see #2652)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The conffiles definition in Makefile should not contain leading whitespace.
Remove whitespace from Makefile of motion, dnscrypt-proxy and sstp-client.
Reference to discussion at #2652
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* support more router modes, as long as the firewall and the DNS server
are enabled
* new source sites can be added & changed via awk ruleset in uci config
* source domain count, last update time & overall count will be stored
in uci config
* added 3 new source sites:
ransomware tracker
rolist/easylist
winspy
* switch to minimal inline base64 encoded 1×1 GIF for pixel server
(separate png image no longer needed)
* simplified uci parser
* source download & domain sort optimization
* add whitelist parser with wildcard support
* reduced code size & various cleanups
* updated documentation
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
Create directory which was accidentally left-out during the previous
commit adding the proto handler.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
fixes bug in resolver logic which was exposed by recent fixes in
various C Standard libraries including musl.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
TARGET_CFLAGS was pointing to /usr/include/libnl3 instead
of $(STAGING_DIR)/usr/include/libnl3
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>
[RELEASE] Released version 1.5.16
Released version 1.5.16 with the following main changes :
- BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
- BUG/MINOR: acl: don't use record layer in req_ssl_ver
- BUG: http: do not abort keep-alive connections on server timeout
- BUG/MEDIUM: http: switch the request channel to no-delay once done.
- MINOR: config: extend the default max hostname length to 64 and beyond
- BUG/MEDIUM: http: don't enable auto-close on the response side
- BUG/MEDIUM: stream: fix half-closed timeout handling
- BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
- BUILD: freebsd: double declaration
- BUG/MEDIUM: sample: urlp can't match an empty value
- BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
- BUG/MEDIUM: peers: old stick table updates could be repushed.
- CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
- BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
- MINOR: chunk: make chunk_initstr() take a const string
- BUG/MEDIUM: config: Adding validation to stick-table expire value.
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
- BUG/MEDIUM: channel: fix miscalculation of available buffer space.
- BUG/MINOR: stream: don't force retries if the server is DOWN
- MINOR: unix: don't mention free ports on EAGAIN
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
- MINOR: stats: send content-length with the redirect to allow keep-alive
- BUG: stream_interface: Reuse connection even if the output channel is empty
- DOC: remove old tunnel mode assumptions
- DOC: add server name at rate-limit sessions example
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
- BUG/MINOR: http: Be sure to process all the data received from a server
- BUG/MEDIUM: chunks: always reject negative-length chunks
- BUG/MINOR: systemd: ensure we don't miss signals
- BUG/MINOR: systemd: report the correct signal in debug message output
- BUG/MINOR: systemd: propagate the correct signal to haproxy
- MINOR: systemd: ensure a reload doesn't mask a stop
- CLEANUP: stats: Avoid computation with uninitialized bits.
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
- BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
- MINOR: cfgparse: warn when uid parameter is not a number
- MINOR: cfgparse: warn when gid parameter is not a number
- BUG/MINOR: standard: Avoid free of non-allocated pointer
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
- CLEANUP: http: fix a build warning introduced by a recent fix
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST
Signed-off-by: heil <heil@terminal-consulting.de>
On some systems too many retries with authentication failure results
in IP or username being locked out, so add option to prevent retries
in the event of authentication failure
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
The contents of the file "db.root" is very old (12 years).
Here's a new version downloaded from ftp://ftp.internic.net/domain/
Signed-off-by: DonkZZ <donk@evhr.net>
This adds one patch from the upcoming 0.10.2 release to exclude Avahi/DNS-SD from build time
detection and properly adds liblo as a dependency.
Signed-off-by: Christian Beier <dontmind@freeshell.org>
The "internal pure-C" tor-fw-helper was removed in 0.2.7.5. This removes
the tor-fw-helper package and references to its dependencies.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
$(CP) was defined as `cp -fpR' since the very begining of OpenWrt build
system (2006-06-22). The -R option should be enough and base packages
use only $(CP) for the same purposes just fine and BSD manual of cp also
discourages the use of `-r' option. So let's just tidy up the usage now.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* add sysctl.org as new adblock source
* add main debug switch (by default all stderr outputs are going to
/dev/null)
* small cleanups
* first 'stable' release! ;-)
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
This should always have been available in the mosquitto package itself.
This file needs to exist in basic form to allow the init scripts to even check whether it exists.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Instead of manually copying files and renaming on install, use the nice
clean "files/<mirror>" structure and just $(CP) them into place.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Change the git repository url to use https. Because it's found that in
some network environments http doesn't work.
Signed-off-by: Zhao, Gang <gang.zhao.42@gmail.com>
- roll back to "old" update_url of freedns.afraid.org fix for #2445 and openwrt/luci#661
- add provider nubem.com (IPv4 only)
- add provider nettica.com (IPv4 only)
- add provider zerigo.com (IPv4 and IPv6)
- add provider regfish.de (IPv4 and IPv6)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* all relevant adblock events will be properly written to syslog/stdout
* removed needless 'debug log' option
* add optional parm 'adb_forcedns' to redirect all queries to local
resolver (default: '1', enabled)
* revised space check
* various code cosmetics & cleanups
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
new packages: gnunet-rest, gnunet-rps, gnunet-social
also improve package descriptions and maintain order
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fix ip6tables reject types
* simplified firewall ruleset for IPv4/IPv6
* fix memory detection (swap was always 0)
* fix dnsmasq restart after partial restore
* ad hotplug support, adblock will be started when wan interface comes
up
* change adblock init script accordingly, do nothing on 'boot'
* optimize wget parameters for faster download results (in case of an
error)
* added CC installation notes to readme
* removed needless external online check
* removed needless optional parms 'adb_maxtime', 'adb_maxloop',
'adb_probeipv4' and 'adb_probeipv6'
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
When applying wireless configuration changes, the ifindex of the
wireless interface(s) change. While snmpd picks up the new interfaces
with the correct index, it does not remove the old ones:
IF-MIB::ifName.23 = STRING: wlan0
IF-MIB::ifName.24 = STRING: wlan1
IF-MIB::ifName.25 = STRING: wlan0
IF-MIB::ifName.26 = STRING: wlan1
This causes problems for monitoring tools that use ifName (or ifDesc) as
interface reference. Add a trigger that reloads snmpd on interface
up/down events so that it will no longer have the old interfaces.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Update to 0.9.10 due to https://prosody.im/issues/issue/585
The init script seems to block, as "prosodyctl start" started to block
at least on my configuration. I switched to a procd init script, which
deals with blocking processes.
Signed-off-by: Stefan Hellermann <stefan@the2masters.de>
Add uci option mppe which makes the mppe parameter configurable;
the default value is required,no40,no56,stateless as before.
Add uci option logwtmp; when enabled updates wtmp when users
connect and disconnect
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* fix root cause for https timeout issues
* fix startup issues via luci
* detach init start process to fix luci timeout issues
* fix html header in adblock pages
* fix adblock.conf options to single quotes
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
* openwrt init system support, see /etc/init.d/adblock
* support for two new adblock sources: openphish and ruadlist/easylist
* partial block list restore, i.e. if a single list download failed
* fix performance regression on sites with links to https ad servers
* removed no longer used samples dir
* updated documentation
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
- renamed (lower case) filenames and servicenames for no-ip.com, cloudflare.com and bind_nsupdate including modifing existing configurations #2375
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- fix build error reported by buildbot by disabling krb5
- libcom_err from krb5 is used - configure output:
configure: WARNING: library 'com_err' is required for Heimdal Kerberos
- krb5 has its own libcom_err (see krb5 package) with its own symbols
- linking with wrong libcom_err from libext2fs produces errors during
libgssapi_krb5.so: undefined reference to `error_message@com_err_3_MIT'
libgssapi_krb5.so: undefined reference to `remove_error_table@com_err_3_MIT'
libgssapi_krb5.so: undefined reference to `add_error_table@com_err_3_MIT'
-> remove libext2fs dependency (wasnt working anyway - no PKG_BUILD_DEP)
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* upstream to Privoxy 3.0.24
* add facility to set compile options
* add file list to be saved on sysupgrade
* fixed PKG_MAINTAINER string
* add port 8118 used by privoxy to /etc/services
* new "boot_delay" option (default 10 seconds) to wait for interfaces to come up before hotplug restarts are enabled
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- new function expand_ipv6()
- expand IPv6 before compare https://dev.openwrt.org/ticket/21725
- Fix split_FQDN() to return host.subdomain correctly #2334
- modified check for musl library used by nslookup #2341#2346 thanks to Arjen de Korte
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- fix possible race condition during startup
- fix duplicate logging during startup
- fix wget parms to prevent partitial downloads
- fix iptables rules to meet openwrt user chains
- added a rule in output chain to reject local ad related requests as
well
- changed default IPv4/IPv6 blackhole ip address to fix routing issues
with windows clients
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
