* more startup tweaks
* re-use f_log function in helper scripts
* small fixes / polish up for forthcoming 19.07 release
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 2c3cb6f1d1)
This looks like something was not cherry-picked, or was cherry-picked
incorrectly. Those packages don't exist.
Warnings are:
```
WARNING: Makefile 'package/feeds/packages/seafile-seahub/Makefile' has a dependency on 'django-simple-captcha', which does not exist
WARNING: Makefile 'package/feeds/packages/seafile-seahub/Makefile' has a dependency on 'django-statici18n', which does not exist
WARNING: Makefile 'package/feeds/packages/seafile-seahub/Makefile' has a dependency on 'django-webpack-loader', which does not exist
```
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
- The old hotplug script caused long boot-times for r7800 and
possibly others. The new script is now only triggered by iface
changes for wan and lan interfaces.
Signed-off-by: Christian Lachner <gladiac@gmail.com>
This change also updates the maintainer email to cotequeiroz@gmail.com, as
requested on a different change.
Also, changing here is the download URL to github's codeload, since that
one offers .tar.gz archives.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit 545cff8b63)
The pillow package has been updated to the Python[3] packaging format, and
now the package names are `python-pillow` & `python3-pillow`.
This change updates seafile-seahub to use it.
Not updating other packages as they will be converted to Python[3]
packaging format.
And not bumping PKG_RELEASE here as it will be done in the last commit that
updates deps for seafile-seahub.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit cc33edc138)
This also updates all dependencies to use the new `python-django` package.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit f026dba26e)
seafile-seahub's build is a mess.
It hijacks some OpenWrt mk files into the build.
This can be avoided by provided some of the required parameters via
env-vars and patching the env-vars into the build.
Which is what this patch does.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit cf99755444)
The change is mostly organizational.
More packages will be moved to have python- or python3- prefixes.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit 1c5f5b61d3)
rtorrent is the only user of libtorrent. Statically link to save space.
Added usleep patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 358495f118)
argp-standalone is only needed for non GLIBC targets.
Added PKG_BUILD_PARALLEL for faster compilation.
Removed unnecessary C/LDFLAGS.
Remove libstdcpp depends. It's included with libfmt.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 5a7ac1d83b)
Fixes following errors:
main.c:458:37: error: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Werror=sign-compare]
main.c:463:17: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare]
main.c:518:35: error: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘long int’} and ‘size_t’ {aka ‘long unsigned int’} [-Werror=sign-compare]
main.c:157:3: error: ignoring return value of ‘read’, declared with attribute warn_unused_result [-Werror=unused-result]
main.c:763:3: error: ignoring return value of ‘chdir’, declared with attribute warn_unused_result [-Werror=unused-result]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bb6cdb804c)
Currently cgi-io try to read data after the data ended.
- Adds "-" to whitelist char
- In main_upload is tried to consume the buffer while it's already readed by the while loop before
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit 535b2b6bd8)
Instead of always replying with a generic 500 internal server error code,
use more appropriate codes such as 403 to indicate denied permissions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 8c22db6531)
Add a new `cgi-download` applet which allows to retrieve the contents
of regular files or block devices.
In order to initiate a transfer, a POST request in x-www-form-urlencoded
format must be sent to the applet, with one field "sessionid" holding
the login session and another field "path" containing the file path to
download.
Further optional fields are "filename" which - if present - will cause
the download applet to set a Content-Dispostition header and "mimetype"
which allows to let the applet respond with a specific type instead of
the default "application/octet-stream".
Below is an example for the required acl rules to grant download access
to files or block devices:
ubus call session grant '{
"ubus_rpc_session": "...",
"scope": "cgi-io",
"objects": [
[ "download", "read" ]
]
}'
ubus call session grant '{
"ubus_rpc_session": "...",
"scope": "file",
"objects": [
[ "/etc/config/*", "read" ],
[ "/dev/mtdblock*", "read" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit ab2a2b080d)
Use the `cgi-io` scope to check for permission to execute the requested
command (`upload`, `backup`) and the `file` scope to check path
permissions.
The reasoning of this change is that `cgi-io` is usually used in
conjunction with `rpcd-mod-file` to transfer large file data out
of band and `rpcd-mod-file` already uses the `file` scope to manage
file path access permissions. After this change, both `rpc-mod-file`
and `cgi-io` can share the same path acl rules.
Write access to a path can be granted by using an ubus call in the
following form:
ubus call session grant '{
"ubus_rpc_session": "...",
"scope": "file",
"objects": [
[ "/var/lib/uploads/*", "write" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c8a86c8c8e)
Introduce further ACL checks to verify that the request-supplied
upload location may be written to. This prevents overwriting things
like /bin/busybox and allows to confine uploads to specific directories.
To setup the required ACLs, the following ubus command may be used
on the command line:
ubus call session grant '{
"ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
"scope": "cgi-io",
"objects": [
[ "/etc/certificates/*", "write" ],
[ "/var/uploads/*", "write" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 22be9a1c01)
* the WAN auto detection now supports multiple interfaces, too
* no longer filter out possible LAN devices
* add a new DoH (DNS over HTTPS) blocklist source with public
DoH DNS server addresses, to effectively block client side DoH
communication, e.g. via Firefox or Chrome
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 70ab67649b)
* new 'ca-bundle' dependency as all https connections
are now validated by default
* automatically select the download utility: 'aria2', 'curl',
'uclient-fetch' with libustream-* or wget are supported
* track & ban failed LuCI login attempts as well
* add a small log/banIP background monitor to block
SSH/LuCI brute force attacks in realtime (disabled by default)
* add a config version check (please update your default config!)
* made the automatic wan detection more stable
* fix the IPv6 logfile parser
* fix the service status message
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit ff8b853a6d)
Add code blocks for easier reading and change "dns" to "DNS".
Signed-off-by: Claudius Ellsel <claudius.ellsel@live.de>
(cherry picked from commit 088a14e5ce)
This can be helpful for example in hotels where you need to
enter a new user/password combination every week.
Signed-off-by: Johannes Rothe <mail@johannes-rothe.de>
(cherry picked from commit a7f87f939d)
The double quote thells the shell that the list returned from `pidof` is a
single argument, therefore, `renice` will cry about a malformed input.
With this commit, `renice` will be applied correctly to all the returned PIDs
from `pidof`.
The output of `renice` for the quoted list is as follows:
`renice: invalid number '6592 6587 6586 6574'`
`renice` does not show and does apply the nice value if the list is unquoted.
Signed-off-by: Oever González <notengobattery@gmail.com>
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from c45974d0a3)
* revert to 4.9.x series (4.10 needs too many unofficial patches and has weird waf bugs)
* cleanup patches
* enable AD_DC build option again
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry-picked from 2f2a4bccd9)
The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry-picked from bbb1ea7345)
Fixes issue where CFLAGS were not being passed. This was breaking ASLR
builds.
Added PKG_BUILD_PARALLEL for faster compilation.
Added PKG_INSTALL. Changed install paths based on PKG_INSTALL paths.
Added --disable-debug to make sure debug code is disabled.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 946dfed856)
On a Debian system without python3-distutils install, uwsgi-cgi was
failing to build because it couldn't import sysconfig from distutils.
OpenWrt packages should be using the OpenWrt python not the system
python. In addition we need to use python3 not python2, even when
both are available.
(cherry-pick c387d0923c from master)
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
We add the necessary Makefile, hotplug, config, and init bits
so that p910nd daemon runs as user:group p910nd:lp by default.
This eliminates an unnecessary root daemon.
The hotplug script sets the permissions of the USB lp
device(s) to read-write owner and group and no access to
anyone else, and sets owner root, group lp.
This is allows sufficient privileges to p910nd
to do it's job.
(cherry-pick 932c76fa74)
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
* remove 'http-only' mode, all sources are now fetched from https sites
* the backup mode is now mandatory ('/tmp' is the default backup
directory), always create and re-use backups if available.
To force a re-download take the 'reload' action.
* support 'sshd' in addition to 'dropbear' for logfile parsing
to detect break-in events
* always update the black-/whitelist with logfile parsing results
in 'refresh' mode (no new downloads)
* rework the return code handling
* tweak procd trigger
* various small fixes
* (s)hellsheck cosmetics
* Change .*GPL.*+ licenses to SPDX compatible identifier
Signed-off-by: Dirk Brenken <dev@brenken.org>
* use raw procd interface trigger as last resort, if the
adblock config is not available during startup
* fix selective subdomain whitelisting for dnsmasq
* fix a kresd restart issue with 'DNS File Reset'
* fix a suspend/resume cornercase
* disable the tld compression, if the number of blocked domains
is greater than 'adb_maxtld' (default: 100000)
* made the fw portlist configurable (default '53 853 5353')
* preliminary support for inotify-like autoload features
of dns backends like kresd in future Turris OS. If 'adb_dnsinotify'
is set to 'true', all adblock related restarts and the
'DNS File Reset' will be disabled
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 45cb0e1023)
- Correct SPDX License Identifier
- Move MAINTAINER, SUBMENU to more appropriate place
- Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit e06086c4c)
* automatically add open uplinks to your wireless config,
e.g. hotel captive portals (disabled by default)
* shift net status check in a separate function
* (s)hellcheck cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 1d90509b03)
* fix the 'adb_sysver' output
* pass the adblock version information to the helper scripts correctly
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 161597f2fa)
* fix a dns restart issue if 'flush dns cache' is set
* fix a suspend/resume issue, the status wasn't properly updated
* fix a long standing query issue
* rework return code handling, mostly for debugging
* various cleanups & cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 95189994e7)
* background service: no longer miss "signal" events for the
dns backend (to trigger adblock)
* fix a dns backend reload issue during switch between
different blocking modes
* domain query: report found domains only once in
"null" blocking mode with IPv4 & IPv6 list entries
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 806f5ca9d8)
* fix a possible race condition during DNS file reset on slow hardware
* optimize DNS restart behaviour in 'null' blocking mode
* mute useless warnings
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 866878aa78)
* add support for 'DNS File Reset', where the final DNS blockfile
will be purged after DNS backend loading (save storage space).
A small background service will be started to trace/handle
dns backend reloads/restarts
* add support for the 'null' blocking variant in dnsmasq
(via addn-hosts), which may provide better response times
in dnsmasq
* enhance the report & search engine to support
the new blocking variants. Search now includes
backups & black-/whitelist as well
* compressed source list backups are now mandatory (default to '/tmp')
* speed up TLD compression
* E-Mail notification setup is now integrated in UCI/LuCI
* update the LuCI frontend to reflect all changes (separate PR)
* drop preliminary dnscrypt-proxy-support (use dnsmasq instead)
* drop additional 'dnsjail' blocklist support (not used by anyone)
* procd cleanups in init
* various shellcheck cleanups
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 504412ccdb)
This avoids copying /usr/include, unversioned *.so files, pkgconfig,
/usr/lib/*.la, and the build-time libs/cflags configuration utility
clamav-config.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from 815e05e38e)
If libxml2 is installed in the host, then the host library is used and
compilation fails.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from 199ccc9475)
Parallel building is causing a failure because it executes some
commands, such as patch, more than once.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* add missing dnsmasq dependency
* add a captive portal auto-login hook (configurable via uci/LuCI),
you could reference an external auto-login script - see readme
* provide an auto-login script for german ICE hotspots
(/etc/travelmate/wifionice.login), requires 'curl'
* small fixes
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 5a2a4fa20a)
Full changelog here: https://mosquitto.org/blog/2019/08/version-1-6-4-released/
Fixes a regression in persistent session handling, and various other
regressions related to the mqtt5 support.
Signed-off-by: Karl Palsson <karlp@etactica.com>
The maintainer is inactive, in addition to this package being woefully out
of date. It probably does not work properly.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 196976cdf0)
kcptun is a stable & secure tunnel based on kcp with N:M multiplexing.
https://github.com/xtaci/kcptun
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
If we're going to have a list of ntp servers, we should at least respect
them. Fallback to the original static list if no configured servers are
found.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Update to the latest maintenance release, fixing CVE-2018-11782 and
CVE-2019-0203 among other things.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
(cherry-picked from commit 53f33e5e74)
It was requested in #9065 .
Cleaned up Makefile slightly.
Removed inactive maintainer.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 23a36b00e2)
When compiled with musl >1.1.20, fastd will crash in case it can't
resolve a peers hostname. This is due to a changed implementation of
freeaddrinfo in musl 1.1.21 onwards.
This segfault is fixed by not calling freeaddrinfo in case the supplied
pointer is null.
Signed-off-by: David Bauer <mail@david-bauer.net>
This absolutely needs symbols from libresolv, which uClibc-ng does not
support.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 0a3ebb32a1)
* use '$ddns_rundir' in 'get_service_data' for pipe creation, fix#8971
* add missing local variables in 'get_service_data'
* change DNS server verification with drill in 'verify_host_port',
fix/supersed #8935
* remove needless cat calls in 'verify_host_port'
* set cloudfare TTL to min. 120 seconds, fix#7745
* bump/align package version number
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 2e06c4ec93)
the latest update url format for deSEC is
http(s)://update.dedyn.io/update?username=[USERNAME]&password=[PWD]
Signed-off-by: James Qian <sotux82@gmail.com>
(cherry picked from commit e4951651e2)
* update to 5.01.9671
* switch to release tar's
* add cmake iconv and musl patches
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry-pick from 46c320f18f)
softethervpn overrides nls.mk by defining its iconv functions. This only
works if the libc has iconv. In addition, it does not allow external
libiconv usage. TARGET_LDFLAGS is also the wrong place to add -liconv.
Removed SSL3 patch. It was needed for OpenSSL 1.0.2 but not anymore.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from fb480e297c)
Added -Wno-error to fix.
Also added patch to fix compilation without deprecated OpenSSL APIs.
Added PKG_BUILD_PARALLEL for faster compilation.
Switched libcyassl to libwolfssl.
Reorganized makefile for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 266b0ba9d9)
libiconv-full requires a const char for its second parameter. Otherwise
-fpermissive error is thrown.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from ee94a1e912)
This applies to uClibc-ng and libiconv-full
Switched to building with uClibc++.
Fixed license information.
Fixed BUILD_DEPENDS.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from fec9257655)
This project seems abandoned. Updated to latest version.
Also cleaned up the Makefile quite a bit.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from dff6d2639e)
Patch taken from upstream fixes an Invalid argument error while trying
to get the IP address of an interface.
Makefile was updated to current style.
(cherry-picked from 5ab9f3e357)
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* fix a corner case issue with auto expiry of the
'Faulty Station' list (the last run information was not updated)
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 59a69ee059)
Backported upstream patches that fix this.
Removed local patch that fixes libp11 with version 0.4.7, which is not
used anymore. Upstream has a different solution.
License fixes and Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 6dbbc17b1f)
* optimize the main scan/iwinfo call (performance & system load):
- remove a needless f_trim function call
- remove a redundant awk call
- reduce the scan buffer size and
make it configurable (trm_scanbuffer, default 1024 bytes)
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 8335e6e76c)
Change log for v3.11.1716:
[IMP] Replaced libhttpd with libevent, therefore commented thread
related parameters in wifidogx conf file
[IMP] Added REQUEST_TYPE_COUNTERS_V2 to wifidog protocol
[IMP] Sent online and offline client's counter info to auth server
[FIX] Fixed missing setting online_time parameter bug
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
- Update haproxy download URL and hash
- Add new patches
- Add several CFLAGS (derived from haproxy Makefile) to make the build work with v1.9+
- Update default configuration
- Add check-command (for config) to init-script
- Add prometheus-service from contribs by default
- Add support for uclibc to haproxy with libcrypt disabled
- Minor cleanups
I have been running v2.0 for some time now and it feels as stable as v1.8. v2.0 is the new LTS release.
Signed-off-by: Christian Lachner <gladiac@gmail.com>
This change is inspired by commit openwrt/openwrt@38b22b1e ("nghttp2:
deduplicate files in libnghttp2")
The packages in this commit are identified with the following command
grep -rin -E 'INSTALL_(DATA|BIN)' | grep -F '.so' | grep -F '*'
Some of them do not have symlinks and are not affected, but the change
is still applied for consideration of best practices just in case
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked from 9ac5ac81ab)
Fixes: https://github.com/openwrt/packages/issues/9255
This seems to fail the build for this package only.
So, this change patches the build, to add `-lssp` to the LDFLAGS of this
package, in case the build uses GCC's libssp.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* refine 'refresh' mode, add normal processing/download as fallback
* remove needless reload trigger
* fix various ipset warnings
* fix timer in 'refresh' mode
* adapt ssbl regex to new source list format
Signed-off-by: Dirk Brenken <dev@brenken.org>
- treat RFC6762 'local.' as nxdomain because avahi and other services
will disable if SOA or NS records appear in central DNS.
- allow two threads to be enabled with the 'heavy traffic' variant of
Unbound packages.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Change log for v2.88:
[IMP] Added support for search and replace privacy expressions.
[IMP] Added support for masking external addresses with private address ranges.
[IMP] When enabled, trigger a sink update on start-up.
[IMP] Added flow hash cache.
[IMP] Added HTTPS as a super-protocol of SSL.
[IMP] Add ability to save DNS hint cache to non-volatile (persistent) memory.
[IMP] Save sink responses when "json_save" is enabled.
[IMP] Added dynamic sink URL cloud configuration.
[IMP] Implemented per-detection-thread packet capture queue.
[IMP] Added support for a loadable serial UUID.
[IMP] Added configuration option to override sink connection timeout.
[IMP] Idle flow TTLs tunable via configuration directives.
[IMP] Added idle TCP flow multiplier to keep TCP flows in memory longer.
[IMP] Added new flow metadata "first_update_at" timestamp.
[IMP] Added complete reference sample configuration file.
[IMP] Various optimizations and fixes for FreeBSD.
[IMP] Employ advisory locking when writing output files.
[FIX] Ensure all configuration files are preserved on upgrades.
[FIX] Fixed automatic interface role detection for nethserver/shorewall.
[FIX] Memory usage fixes using profiling tools.
[UPD] Updated to nDPI v2.9.0-dev-709a87c.
[OPT] Flush and compress upload queue as soon as possible.
[OPT] Significantly reduced detection thread locking times.
[DEV] Added example plugin submodule to repository.
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
Use link-time optimization and --gc-sections --as-needed ldflags
Reduces ipk size by 20%
Remove unnecessary dependencies
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Busybox brctl applet conflicts with the version from bridge-utils.
Fix this by using ALTERNATIVE support for brctl in bridge-utils.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[PKG_RELEASE bump]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
OpenWrt toolchains already use correct CFLAGS for every ARM target
There is no reason to use conservative CFLAGS now
It also causes compile error with GCC 9.1.0
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Moving the DNSDIST package into the IP Addresses and Names subcategory under Network. This will make it easier to find since it will be with other DNS tools.
Signed-off-by: James Taylor <james@jtaylor.id.au>
With this change it is now possible to combine interface action events.
If an interface action is generated by netifd or mwan3 for example ifup,
ifdown, connectd or disconnected and this action is configured in the inteface
uci section, then the conntrack table is flushed by mwan3.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Current version in OpenWrt (3.16.2) fails against the Arch Linux
in System Rescue CD's NBD as rootfs (to allow sharing ISO across
network). Based on resolved issues and web searching it seems
nbd had endianness issues (which affected my ath79 device).
This updates to 3.19 which allows System Rescue CD PXE boot with
NBD rootfs to work.
Removed patches no longer required due to upstream changes, and
added new configure option (--without-libnl) required to avoid
linking against full libnl and libnl-genl (if present in build).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
* change iptables whitelist target from 'ACCEPT' to 'RETURN'
to stop traversing the banIP chain and resume at the next chain
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Add patch that detects when -latomic is needed.
Fix compilation without deprecated OpenSSL APIs.
Hard-code lua to avoid luajit dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Commit 32aaaaa led to failures when openwrt ARCH did not match kernel
ARCH, and this may not be its only side-effect.
This restores the previous Build/Compile and Build/Install, using the
default ones only when using external toolchain; in this case, ARCH is
set to LINUX_KARCH.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Two seperate package names were chosen instead of menu selected options
because dependents need a ready (large) package in release directory.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Expressions '-o', '-a', and '\( \)' within test or '[ ]' are obsolete.
POSIX allows few arguments to test, so long expressions are not
portable. '[ p -a q ]' can be replaced with '[ p ] && [ q ]' instead.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
libevhtp 1.2.18 made API changes, and unbundled oniguruma.
To adapt seafile-server, some patches from Alexandre Rossi's debian
packaging at http://sousmonlit.zincube.net/~niol/repositories.git/
were applied.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Instead, use @jow-'s suggestion of just checking for the presence of the
executables to find the installed web servers.
Fixes#8529.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Libevhtp is building a static library, used by seafile-server.
Every time the libevhtp binary changes, seafile-server needs a release
bump.
Leave a note in the libevhtp Makefile, as a reminder.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
The Makefile currently redefine the Compile and Install functions.
This is not working when using an external toolchain because some
flags are not interpreted, like CROSS_COMPILE. It is possible to
override the MAKE_FLAGS and MAKE_INSTALL_FLAGS instead.
Signed-off-by: Sébastien Blin <sebastien.blin@savoirfairelinux.com>
Update to latest stable release 5.54
Add new options ticketKeySecret and ticketMacSecret to uci validation.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Maintainer: me
Compile tested: armv7l, OpenWRT SDK
Run tested: armv7l Linksys WRT1900ACS, OpenWrt SNAPSHOT, r9987-655fff1571 -
confirmed dnsdist links correctly against dependencies and doesn't experience
errors at run-time when enabling features.
Description:
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is
to route traffic to the best server, delivering top performance to legitimate
users while shunting or blocking abusive traffic.
dnsdist is dynamic, its configuration language is Lua and it can be changed at
runtime, and its statistics can be queried from a console-like interface or an
HTTP API.
https://dnsdist.org/Closes: PowerDNS/pdns#3294
Signed-off-by: James Taylor <james@jtaylor.id.au>
Simplified the Makefile and fixes compilation with uClibc-ng. Also added
IPv6 support.
Took the time to clean up the Makefile with other useful options.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
BIND now requires POSIX thread and IPv6 support to build
Add filter-AAAA plugin
Remove unrecognized options
Remove patch that no longer needed
- 002-autoconf-ar-fix.patch
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
* remove needless sort step to reduce system load
* change maxqueue default in backend and LuCI frontend
to '4' to reduce (default) system load
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Major new release of mosquitto.
This release rolls up the initial 1.6.0 release, plus the subsequent
build/bug fixes of 1.6.1 and 1.6.2.
Original upstream changelogs:
https://mosquitto.org/blog/2019/04/version-1-6-released/https://mosquitto.org/blog/2019/04/version-1-6-1-released/https://mosquitto.org/blog/2019/04/version-1-6-2-released/
Major features of interest:
* MQTTv5 support
* performance improvements
* ALPN support
* OCSP staping support
* OpenSSL Engine support
* TLSv1.0 support dropped
Currently adds two patches to continue supporting OpenSSL engine support
being disabled, and a missing header include. These are both tracked
upstream and are expected to be dropped in a subsequent release.
Signed-off-by: Karl Palsson <karlp@etactica.com>
