Maintainer: me
Build system: Arch Linux x86_64
Build tested: ipq806x/R7800
Run tested : ipq806x/R7800
Signed-off-by: Daniel Bermond <danielbermond@gmail.com>
Add flag "--lookup-default-namespace" to signal that wg-installer should
look already established wireguard sessions in the default namespace.
Signed-off-by: Nick Hainke <vincent@systemli.org>
This commit removes iptables backend support and leaves only the
netfilter backend support. This means that:
- iptables and nftables firewall based systems (firewall3 and firewall
4) are supported trough the netfilter instance mode
- the iptables/xtables mode support is disabled
For more information on the modes and how to use the new netfilter
instance checkout https://www.jool.mx/en/intro-jool.html
This move is made out of the commit upstream that sets firewall4 as the
default for new default buils and based on the conversation in #16818
and was decided that the netfilter interface is the priority since
iptables support will be dropped in the foreseeable future.
While at it update the templates provided.
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
libreswan makefile detects macos (darwin) and changes build logic
but OpenWrt is always Linux so it is required to specify linux as
target platfrom
This patch specifies Linux as a target platfrom
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer
the initd need the correct binary name to start the process
the link for github source need also to be fixed (only the information one)
fix the BuildDate
updated copyright
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Check if a peer is already existing with a given public key. Introduce a
response code for signaling why the server rejected the request.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Use shellcheck to rework the code. Use "export" to return variables from
a function call. Further, fix typos.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* bump to 4.7.0
* enable DNS over TLS (uses libssl which was already a dependency)
* add libcurl dependency for new zone-to-cache feature.
Co-Authored-By: wout@wbnet.eu
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Latest Apple clang (v13) defines __cplusplus=199711 by default, but
protobuf requires at least 201103 (c++11)
Backported patch to fix c++ detection:
30fe936a88
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Version 1.0.1 brought the following changes:
[v1.0.1] - 2021-11-26
Primarily fixes a few issues in the kernel module that were found
during a quick review from Russell King:
https://lore.kernel.org/netdev/YYPThd7aX+TBWslz@shell.armlinux.org.uk/https://lore.kernel.org/netdev/YYPU1gOvUPa00JWg@shell.armlinux.org.uk/
- mdio: The mvls subcommand now supports flushing the ATU
- mdio-netlink: Plug some glaring holes around integer overflows of
the PC.
- mdio-netlink: Release reference to MDIO bus after a transaction
completes.
So, update to the latest version and switch the kernel module back
to fetching tarballs like the userspace tool does.
Signed-off-by: Robert Marko <robimarko@gmail.com>
* Updating i2pd package to 2.40.0
* Rewrite Makefile
* Remove usage of PKG_INSTALL (package's make install)
* Rewrite init.rc configuration and script
* Remove '--service' option from init, which only sets datadir to /var/lib/i2pd
* Use '--datadir' option in init, otherwise datadir changing via uci is not works
* Update patch for i2pd.conf
Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
When ModemManager is started on boot we may end up with hotplug events
reported directly to the daemon, plus some others already cached in
the cache file before the daemon was started.
If the cached events correspond to the same device that is still
notifying ports directly, we may end up with a modem object created
before the cached events have been emitted, so the modem may not
handle all control/data ports it should.
E.g.:
- modem detected
- hotplug event for wwan0 port, cached as MM not running
- hotplug event for cdc-wdm0 port, cached as MM not running
- hotplug event for ttyUSB0, cached as MM not running
- MM starts
- hotplug event for ttyUSB1, directly processed as MM is running
- hotplug event for ttyUSB2, directly processed as MM is running
- modem object created with ttyUSB1 and ttyUSB2
- 2s after MM starts, cached events for wwan0, cdc-wdm0 and ttyUSB0
happen, but are ignored because the modem object has already been
created
MM expects that ports of the same device are reported with less than
1500ms in between ports. In other words, if ports are reported more
than 1500ms after the last reported port, they may get ignored.
If we remove the 2s timeout, the report of the cached events will
happen as soon as MM starts, which makes it much more likely to happen
in the timeslot that MM expects for ports of the same device reported.
The logic is still not perfect, and we may also need to increase that
1500ms timeout inside MM, but removing the 2s timeout right away here
makes sense.
This 2s timeout was introduced along with the new wrapper launcher for
the daemon, it didn't exist before.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
This commit adds support for starting and running jool through init
scripts, with default config files as examples.
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
Add checks not to overwrite defaultnotify options in the nut-sendmail-notify fashion.
Use lists for defaultnotify instead of option.
Add check not to overwrite notifycmd if already defined.
upssched-cmd script must not be called directly, it is called by the upssched binary with needed arguments.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
Convert notifyflags options to lists as supported by the init script, so multiple options can be chosen.
Add SYSLOG default option to individuals notifyflags instead of deprecated flag 1|0.
Add comment for defaultnotify and individuals notifyflags about possible values.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
lynx uses host C-compiler to build internal utility that is used to
generate files required for target build. On MacOS it uses internal
clang with MacOS system headers so host build fails due to MacOS is
not Linux
Forced to use OpenWrt host C compiler using --with-build-*
./configure flags
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
This backports a patch from upstream radsecproxy to fix compilation with glibc 2.34.
It fixes the following build problem:
radsecproxy.h:35:5: error: missing binary operator before token "("
35 | #if PTHREAD_STACK_MIN > PTHREAD_STACK_SIZE
| ^~~~~~~~~~~~~~~~~
make[5]: *** [Makefile:623: dtls.o] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
davfs2 username and password information is typically stored in
/etc/davfs2/secrets. This information should be kept across sysupgrades.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
Although undocumented, there's a way to explicitly disable static linking in
Stubby, setting the CMake build option ENABLE_GETDNS_STATIC_LINK to OFF (ON by
default). Make it so.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Drop the tftpd binary, which is no longer provided upstream. Users
should switch to the atftp server as a replacement.
Avoid executing runtime tests, which are not supported in cross-build
environments.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
When zone id is explicitly provided, there is no need for the API token to have read permission. Inspired by acme.sh's cloudflare logic.
Signed-off-by: Glen Huang <heyhgl@gmail.com>
Update crowdsec-firewall-bouncer to latest upstream release version 0.0.21
Makefile rework
- use tagged version for download
Fixes
- set API_KEY in firewall bouncer config file
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
backport of upstream commit
3c66c1fec7
Original author: Nikhil Benesch <nikhil.benesch@gmail.com>
Remove unnecessary flag in macOS build
The configuration logic for adding the `-search_paths_first` linker
flag on Darwin does not correctly handle cross compilation. It should
check the value of $krb5_cv_host rather than `uname -s` to detect when
the compilation target is Darwin, rather than the build machine.
It turns out `-search_paths_first` has been the default behavior of ld
on macOS since XCode 4. So just remove that bit of logic entirely.
(The flag was added in commit acd27af0e845f8b93de2e226cc2ec9ac8af52077
in 2004; XCode 4 was released in 2010.)
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
With procd-ujail enabled, it is not possible to use HTTPS URLs, for
example when either for downloading torrent files or blocklists. The
followig example occurs when downloading a URL from the "Upload Torrent
Files" dialogue box:
Error adding
"https://releases.ubuntu.com/21.10/ubuntu-21.10-desktop-amd64.iso.torrent":
gotMetadataFromURL: http error 0: No Response
syslog will also hint that no CA_BUNDLE is being used:
transmission-daemon[6683]: [2021-12-30 20:01:30.990] web will verify
tracker certs using envvar CURL_CA_BUNDLE: none (web.c:455)
This patch rectifies this issue by adding a ca_bundle configurable,
enabled by default. This explicitly fixes the ca_bundle file location
to /etc/ssl/certs/ca-certificates.crt and adds this file to the procd
jail. On subsequent testing, HTTPS URL download functionality is
restored.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
The delete variable was misspelled leading to devices always being
removed although they had connected neighbors.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Update crowdsec to latest upstream release version 1.2.2
Makefile rework
- use tagged version for download
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Issue: 2to3 support has been removed in setuptools since version 58.0.0.
Fix: openwrt/packages#17311
Requirements: 2to3/host openwrt/packages#17429
Add upstream patch: 196c55e931
To install/build for python3 from source, it is necessary to convert to py3
codebase before setup (invoke 2to3 or ./fail2ban-2to3 firstly).
> ./fail2ban-2to3
> python3 setup.py build
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
The next OpenWrt stable release aims to use firewall4 by default. As
this uses nftables as backend, miniupnpd will no longer work. Create an
iptables and nftables variant of the miniupnpd package so that miniupnpd
can be used with either firewall variant.
See #16818 for more info.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Since version 2.2.3, miniupnpd will detect MS clients and force IGDv1.
This reverts commit 7f5534ac7a.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Removed patches:
001-fix-stime-glibc-remove.patch - it is included in upstream
003-Fix-compilation-with-gcc11.patch - no longer necessary
Updated patches:
002-Avoid-problems-with-64-bit-time_t.patch
Refreshed patches:
004-Comment-out-librt-testing.patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
These cmake modules are actually never referenced. Stubby itself doesn't link to
libidn or libunbound, only getdns does. They're most likely leftovers from when
stubby was split from getdns to its own repository.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Full changelog available at: https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.0
packr has been removed from build dependencies, per
c6888326b0 (diff-2873f79a86c0d8b3335cd7731b0ecf7dd4301eb19a82ef7a1cba7589b5252261L2)
Also added the ability to configure working directory location and moved
the directory to /var. On most setups this should not change anything,
as /var is symlinked to /tmp. The move mostly benefits setups where /var
is configured to be persistent.
The working directory is used by AdGuard to store persistent data like
query logs, filter lists, etc.
Data stored in this directory can get really huge, as such allowing
this directory to be moved elsewhere (ie. an USB drive) is very
beneficial.
Co-authored-by: Dobroslaw Kijowski <dobo90@gmail.com>
Co-authored-by: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Hiếu Lê <leorize+oss@disroot.org>
Add MaxMind's geoipupdate utility. mmdb files are downloaded to /var/GeoIP
by default. The user should update /etc/GeoIP.conf with their API key and
DB choice, currently set to country only. So as not to exceed MaxMind's
download limitations, the user should manually run the utility or set up a
cron job.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
Remove un-necessary crowdsec package dependency, to be able to use
crowdsec-firewall-bouncer independently from crowdsec local installation.
(with remote API)
Fix issue: https://github.com/openwrt/packages/issues/17406
Description:
using crowdsec-firewall-bouncer on many OpenWRT devices connected
with my domain LAPI server (which collect many crowdsec machines,
mostly nginx), it works great. Actually, crowdsec package is not
mandatory for that usage, it would be great if it was not a dependency.
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Maintainer: me / @mkrkn
Compile tested: ramips/mt7620 TP-Link Archer C50 v1, ramips/mt7621 Xiaomi Mi router 3 Pro, ath79/generic TP-Link WDR-3500
Run tested: ramips/mt7620 TP-Link Archer C50 v1, ramips/mt7621 Xiaomi Mi router 3 Pro, ath79/generic TP-Link WDR-3500
openvpn: update to 2.5.5
use of CFG Spectre-mitigations in MSVC builds
bring back OpenSSL config loading to Windows builds
several build fixes, refer to https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Fixes: f88485f572 ("nft-qos: silence buildsystem errors")
Prefixing IPKG_INSTROOT to sourced includes is ineffective for this
package.
Source includes only when empty to avoid image make errors.
Signed-off-by: Imran Khan <gururug@gmail.com>
The kmod-sched-cake package already depends on kmod-sched-core, there's no need
for explicitly stating the dependency.
While at it, change PKG_RELEASE to $(AUTORELEASE).
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Enabling OPENVSWITCH in the kernel config selects MPLS. This exposes the
MPLS_ROUTING symbol, which is missing if kmod-mpls is not enabled. On
kernel 5.4 this problem doesn't show up, as the Open vSwitch package
uses the in-tree kernel modules rather than the upstream ones.
Restore the kmod-mpls dependency when using the upstream kernel modules
to fix build.
Reported-by: Matthew Hagan <mnhagan88@gmail.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The ifeq check for CONFIG_OPENVSWITCH_WITH_LIBUNBOUND does not evaluate
correctly within the menuconfig, resulting in libunbound not being
selected, resulting in a failing libunbound.so.8 dependency.
Instead add this condition:dependency in the manner defined in the
OpenWrt developer guide.
Signed-off-by: Matthew Hagan <mathagan@fb.com>
ovs_libovsdb_depends and ovs_libofproto_depends append the libatomic
dependency. However in these cases these variables were not previously
defined and thus a reader may search the Makefile for the definition.
Therefore change the operator to explicitly define these dependency
variables, rather than append. In addition add a space after operator to
improve readability and conform to other dependency definitions in the
Makefile.
Signed-off-by: Matthew Hagan <mathagan@fb.com>
Rather than defining dependencies, then appending the libatomic
dependency on the following line, merge all into one definition.
Simultaneously, sort by alphabetical order.
Signed-off-by: Matthew Hagan <mathagan@fb.com>
The output of the hotplug is very chatty and floods the log with
messages that are not necessary in functioning operation.
So that the log can be filtered. A log level was added to each message
as the first opiton on mm_log function call.
In addition, the facility of the hotplug script has been set to daemon,
which in my view fits better than user.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
1. prctl() check is not required for host-compile on any OS due to prctl
is not used in rpcgen which is only one is compiled during host-compile
phase. prctl() check is disabled via HOST_CONFIGURE_VARS in OpenWrt makefile
2. __DARWIN_ONLY_64_BIT_INO_T is true on macos arm64 so struct stat64
and stat64() are not available. This patch defines stat64 as stat if
__DARWIN_ONLY_64_BIT_INO_T is true
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Breaking changes:
The database has been replaced with boltdb to try to solve the problem
of database corruption.
Note that the data will not be migrated, but the previous data will be
retained. If you need the previous data, just downgrade v2rayA (v1.5.4).
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
depend on libpcre2 instead of libpcre
also remove patches incorporated upstream into lighttpd 1.4.62
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
route-override IPAM works as meta CNI plugin to override IP route given by previous CNI plugins. It is useful in a case with network-attachment-definition.
Currently route-override verified its feature with podman and crio(with Kubernetes).
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
The way the init script is written now, we get a bad output when calling
the ubus service backend.
ubus call service list "{'verbose':true,'name':'modemmanager'}"
>{
> "modemmanager": {
> "instances": {
> "instance1": {
> "running": true,
> "pid": 20511,
> "command": [
> "sh",
> "-c",
> ".
>/usr/share/ModemManager/modemmanager.common; \t
>mkdir -m 0755 -p /var/run/modemmanager; \t
>mm_cleanup_interfaces; \t
>( mm_report_events_from_cache ) >/dev/null 2>&1 & \t
>/usr/sbin/ModemManager"
> ],
> "term_timeout": 5,
> "respawn": {
> "threshold": 3600,
> "timeout": 5,
> "retry": 5
> },
> "pidfile":"/var/run/modemmanager/modemmanager.pid"
> }
> }
> }
>}"
I also get the output in the log that the PID file cannot be created.
> daemon.err procd: Failed to remove pidfile: :No such file or directory
The changes in this commit fixes this issues, by moving startup into a
wrapper script.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
SpeedTest++
Yet another unofficial speedtest.net client cli interface
For users who instead of python based speedtest client want
to use something that was written in c++...
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Currently banip matches nginx log entries starting with
nginx[number]:...
I am running a containerized nginx with alpine as base, which
ends up adding log entries without [number] part..
like this:
nginx:...
This patch updates regex for nginx log entry search to include
both versions.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
The configuration for the ksmbd service is auto-generated when
the OpenWRT configuration changes, and also during startup,
hence ksmbd.init has to reload the kernel module. It does that by
calling kill_server, which does not perform cleanup. This results
in ksmbd being killed but not restarted properly during boot.
This patch resolves the issue by using stop_service, which performs
proper cleanup.
https://forum.openwrt.org/t/ksmbd-samba3-4-alternative-ex-cifsd-smbd-package-support-thread/51695/68
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
Django 1.x is not compatible with python 3.10.
Mark the package as BROKEN. Since its dependent packages will also
select it, they will need to be marked BROKEN as well to avoid recursive
dependencies--packages not marked as BROKEN will be able to select the
broken package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
- Update haproxy download URL and hash
- Switched over to using USE_LIBATOMIC in favor of -latomic
- Added a patch which fixes nossl builds
Signed-off-by: Christian Lachner <gladiac@gmail.com>
7bf79a2 ubus: set scan duration to roam scan interval
b4eb49e policy: only select nodes with better signal when roaming
5d5a0be ubus: don't request measurement from unsupported STAs
abc6fe0 local-node: update STA RRM capabilites
5ec713b node: determine roamability when selecting neighbors
d0cd65b node: save created time for node
a5c21ae ubus: prioritize neighbor reports on bss transition
532a48d local-node: prioritize neighbor candidates
4862080 node: keep track of roam-sources and roam-destinations
6a20591 sta-info: add last_connected field
Signed-off-by: David Bauer <mail@david-bauer.net>
Commit 1038ac1235 ("openvswitch: add support for definining bridge ports...")
added two new options:
- drop_unknown_ports
- ports
They are missing from the README, so add them.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Fixes 'transmission-web' for users which didn't manually configure the
'web_home' option.
Assume transmission's default in case 'web_home' isn't defined and
mount the directory so it can be accessed from inside the jail.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add missing "inotify_add_watch", "inotify_init1" and "inotify_rm_watch"
syscalls to seccomp filter which are needed in case watch_dir feature
of transmission is used.
Fixes#16972
Reported-by: @siwind
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
As written in the commit message:
Depending on your conntrackd configuration, events might get lost,
leaving stuck entries in the cache forever. Skip checking the conntrack
ID to allow for lazy cleanup by when a new entry that is represented by
the same tuple is added.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Open vSwitch does not bring up ports automatically. This is not a
problem for wireless ports, or for ports configured in
/etc/config/network, but other ports will be down, and require manual
interaction to be brought up. Configuring them with proto none will
cause netifd to do some actions on them, which might cause undefined
results, and will also bloat the UCI config file.
The cleanest solution is to bring all member ports up as part of the
init script.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
statd currently fails to start due to missing /run which doesn't exist
on OpenWrt.
Add a patch moving /run to /tmp/run as the path is hardcoded in several
places and cannot be configured neither at buildtime nor at runtime.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
`time_t` on musl 1.2 is 64bit, while `long` is 32 bit. we will always get zero time with the original source on mips big endian.
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
The PCIe physdev path lookup relies on the 'vendor' and 'device'
attribute files, instead of the 'idVendor' and 'idProduct' ones, which
are USB specific.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
OVN doesn't require Python Six, since about commit
338a6ddb5e
Maybe even earlier than that.
There are some left-over installations of six in their CI, but no usage in
any Python source code.
Refreshed patches.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Python six was required to build the OVS Python libs during the time when
they were supporting both Python 2 & 3.
Python 3 is a minimum requirement for OVS Python's libs since commits:
1ca0323e7cbd90524550
and Six is no longer required since commit
0c4d144a98
The end-goal here is to get rid of the Python Six host-build.
OVS is the only user.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Release notes:
1.8.0
- Upgrade json.hpp dependency to version 3.10.2
- Check if DNS servers need to be applied on macOS
- Set MAC address before bringing up Linux TAP link
- Stop binding to temporary IPv6 addresses
- Fix for mistakenly using v6 source addresses for v4 routes on some platforms
- Fix for MacOS MTU capping issue on feth devices
- Implement a workaround for one potential source of a "coma" bug, which can occur if buggy NATs/routers stop allowing the service to communicate on a given port. ZeroTier now reassigns a new secondary port if it's offline for a while unless a secondary port is manually specified in local.conf. Working around crummy buggy routers is an ongoing effort.
- A completely rewritten desktop UI for Mac and Windows!
1.8.1
- Fix an issue that could cause clobbering of MacOS IP route settings on restart.
- Added additional hardening against address impersonation on networks (also in 1.6.6).
- MacOS IPv6 no longer binds to temporary addresses as these can cause interruptions if they expire.
- Remove support for REALLY ancient 1.1.6 or earlier network controllers.
- Fix numerous UI issues from 1.8.0 (never fully released).
Changed to git as source and added $(AUTORELEASE)
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Client and server software to query DNS over HTTPS, using Google DNS-over-HTTPS protocol and IETF DNS-over-HTTPS (RFC 8484). https://github.com/m13253/dns-over-https
Signed-off-by: Martin Schneider <martschneider@google.com>
Side-effect of dropping capabilities(7) with last commit is now we
need the `/var/run/named/` directory created for us at startup.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Reasons to drop this package:
a) this package depends on luci-app-rosy-file-server
Unfortunately, it was marked as broken as it is unmaintained.
See: 34b682afac
b) maintainer is inactive
c) rosinson website does not seem to be working
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Update to the newest versions and switch to $(AUTORELEASE) for the python3 packages (where I am the maintainer).
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Currently when the connection times out, the interface will disconnect.
Add capability to add persistent option to re-establish connectivity.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
* adopt pypi name and line numbers in patches
* remove custom tar command and patch for using python3 (changed upstream)
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
It never works... And Xray-core needs root access to work.
Bump geodata to latest version while at it.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
The following CVE updates are included:
* CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This
effectively disables the lame server cache, as it could previously be
abused by an attacker to significantly degrade resolver performance.
* CVE-2021-25218: An assertion failure occurred when named attempted
to send a UDP packet that exceeded the MTU size, if Response Rate
Limiting (RRL) was enabled.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Reload the service when interfaces flap; note that libcap support
is required to open new sockets on interfaces coming up during
a reload, otherwise a full restart would be needed.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Use newly introduced procd_add_reload_mount_trigger to reload nfsd
when a mountpoint covering an exported filesystem is added by blockd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fix uci-defaults for PostgreSQL backends
Add user 'gnunet' to 'postgres' group
Always build with sqlite3 as configure fails when --without-sqlite
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
If an interface doesn't exist yet when vnStat is started, it won't be
monitored, as only existing interfaces can be added to the database via
the vnstat command.
This adds a hotplug script which adds any configured interfaces to the
vnStat database when it goes up.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
By default, vnstatd adds all available interfaces on startup when its
database is empty. The --noadd option prevents this, but it breaks
import of legacy databases, and causes vnstatd to exit immediately
after startup, which breaks reloading.
This changes the init script to add the --noadd option when no legacy
databases need to be imported, and patches vnstatd to keep running
even when no interfaces are configured.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
