nodogsplash: explicit file copy

Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit 2a725e7cbe)

.github/issue_template

@@ -0,0 +1,16 @@
+Please make sure that the issue subject starts with `<package-name>: `
+
+Also make sure that the package is maintained in this repository and not in base which should be submitted at https://bugs.openwrt.org or in the LuCI repository which should be submitted at https://github.com/openwrt/luci/issues.
+
+Issues related to releases below 18.06 and forks are not supported or maintained and will be closed.
+
+# Issue template (remove lines from top till here)
+
+Maintainer: @\<github-user> (find it by checking history of the package Makefile)
+Environment: (put here arch, model, OpenWrt version)
+
+Description:
+
+```
+Formating code blocks by wrapping them with pairs of ```
+```

.github/pull_request_template

@@ -0,0 +1,5 @@
+Maintainer: me / @\<github-user> (find it by checking history of the package Makefile)
+Compile tested: (put here arch, model, OpenWrt version)
+Run tested: (put here arch, model, OpenWrt version, tests done)
+
+Description:

.github/workflows/Dockerfile

@@ -0,0 +1,6 @@
+ARG ARCH=x86-64
+FROM openwrt/rootfs:$ARCH
+
+ADD entrypoint.sh /entrypoint.sh
+
+CMD ["/entrypoint.sh"]

.github/workflows/ci_helpers.sh

@@ -0,0 +1,26 @@
+#!/bin/sh
+
+color_out() {
+	printf "\e[0;$1m$PKG_NAME: %s\e[0;0m\n" "$2"
+}
+
+success() {
+	color_out 32 "$1"
+}
+
+info() {
+	color_out 36 "$1"
+}
+
+err() {
+	color_out 31 "$1"
+}
+
+warn() {
+	color_out 33 "$1"
+}
+
+err_die() {
+	err "$1"
+	exit 1
+}

.github/workflows/entrypoint.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# not enabling `errtrace` and `pipefail` since those are bash specific
+set -o errexit # failing commands causes script to fail
+set -o nounset # undefined variables causes script to fail
+
+echo "src/gz packages_ci file:///ci" >> /etc/opkg/distfeeds.conf
+
+FINGERPRINT="$(usign -F -p /ci/packages_ci.pub)"
+cp /ci/packages_ci.pub "/etc/opkg/keys/$FINGERPRINT"
+
+mkdir -p /var/lock/
+
+opkg update
+
+[ -n "${CI_HELPER:=''}" ] || CI_HELPER="/ci/.github/workflows/ci_helpers.sh"
+
+for PKG in /ci/*.ipk; do
+	tar -xzOf "$PKG" ./control.tar.gz | tar xzf - ./control
+	# package name including variant
+	PKG_NAME=$(sed -ne 's#^Package: \(.*\)$#\1#p' ./control)
+	# package version without release
+	PKG_VERSION=$(sed -ne 's#^Version: \(.*\)-[0-9]*$#\1#p' ./control)
+	# package source contianing test.sh script
+	PKG_SOURCE=$(sed -ne 's#^Source: .*/\(.*\)$#\1#p' ./control)
+
+	echo "Testing package $PKG_NAME in version $PKG_VERSION from $PKG_SOURCE"
+
+	opkg install "$PKG"
+
+	export PKG_NAME PKG_VERSION CI_HELPER
+
+	TEST_SCRIPT=$(find /ci/ -name "$PKG_SOURCE" -type d)/test.sh
+
+	if [ -f "$TEST_SCRIPT" ]; then
+		echo "Use package specific test.sh"
+		if sh "$TEST_SCRIPT" "$PKG_NAME" "$PKG_VERSION"; then
+			echo "Test succesful"
+		else
+			echo "Test failed"
+			exit 1
+		fi
+	else
+		echo "No test.sh script available"
+	fi
+
+	opkg remove "$PKG_NAME" --force-removal-of-dependent-packages --force-remove
+done

.github/workflows/formal.yml

@@ -0,0 +1,63 @@
+name: Test Formalities
+
+on:
+  pull_request:
+
+jobs:
+  build:
+    name: Test Formalities
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
+
+      - name: Determine branch name
+        run: |
+          BRANCH="${GITHUB_BASE_REF#refs/heads/}"
+          echo "Building for $BRANCH"
+          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
+
+      - name: Test formalities
+        run: |
+          source .github/workflows/ci_helpers.sh
+
+          RET=0
+          for commit in $(git rev-list HEAD ^origin/$BRANCH); do
+            info "=== Checking commit '$commit'"
+            if git show --format='%P' -s $commit | grep -qF ' '; then
+              err "Pull request should not include merge commits"
+              RET=1
+            fi
+
+            author="$(git show -s --format=%aN $commit)"
+            if echo $author | grep -q '\S\+\s\+\S\+'; then
+              success "Author name ($author) seems ok"
+            else
+              err "Author name ($author) need to be your real name 'firstname lastname'"
+              RET=1
+            fi
+
+            subject="$(git show -s --format=%s $commit)"
+            if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert '; then
+              success "Commit subject line seems ok ($subject)"
+            else
+              err "Commit subject line MUST start with '<package name>: ' ($subject)"
+              RET=1
+            fi
+
+            body="$(git show -s --format=%b $commit)"
+            sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
+            if echo "$body" | grep -qF "$sob"; then
+              success "Signed-off-by match author"
+            else
+              err "Signed-off-by is missing or doesn't match author (should be '$sob')"
+              RET=1
+            fi
+          done
+
+          exit $RET

.github/workflows/multi-arch-test-build.yml

@@ -0,0 +1,150 @@
+name: Test Build
+
+on:
+  pull_request:
+
+jobs:
+  build:
+    name: Test ${{ matrix.arch }}
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - arch: arc_archs
+            target: archs38-generic
+            runtime_test: false
+
+          - arch: arm_cortex-a9_vfpv3-d16
+            target: mvebu-cortexa9
+            runtime_test: false
+
+          - arch: mips_24kc
+            target: ath79-generic
+            runtime_test: false
+
+          - arch: powerpc_464fp
+            target: apm821xx-nand
+            runtime_test: false
+
+          - arch: powerpc_8540
+            target: mpc85xx-p1010
+            runtime_test: false
+
+          - arch: aarch64_cortex-a53
+            target: mvebu-cortexa53
+            runtime_test: true
+
+          - arch: arm_cortex-a15_neon-vfpv4
+            target: armvirt-32
+            runtime_test: true
+
+          - arch: i386_pentium-mmx
+            target: x86-geode
+            runtime_test: true
+
+          - arch: x86_64
+            target: x86-64
+            runtime_test: true
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Determine branch name
+        run: |
+          BRANCH="${GITHUB_BASE_REF#refs/heads/}"
+          echo "Building for $BRANCH"
+          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
+
+      - name: Determine changed packages
+        run: |
+          # only detect packages with changes
+          PKG_ROOTS=$(find . -name Makefile | \
+            grep -v ".*/src/Makefile" | \
+            sed -e 's@./\(.*\)/Makefile@\1/@')
+          CHANGES=$(git diff --diff-filter=d --name-only origin/$BRANCH)
+
+          for ROOT in $PKG_ROOTS; do
+            for CHANGE in $CHANGES; do
+              if [[ "$CHANGE" == "$ROOT"* ]]; then
+                PACKAGES+=$(echo "$ROOT" | sed -e 's@\(.*\)/@\1 @')
+                break
+              fi
+            done
+          done
+
+          # fallback to test packages if nothing explicitly changes this is
+          # should run if other mechanics in packages.git changed
+          PACKAGES="${PACKAGES:-bird2 cjdns olsrd}"
+
+          echo "Building $PACKAGES"
+          echo "PACKAGES=$PACKAGES" >> $GITHUB_ENV
+
+      - name: Generate build keys
+        run: |
+          sudo apt-get install -y signify-openbsd
+          signify-openbsd -G -n -c 'DO NOT USE - OpenWrt packages feed CI' -p packages_ci.pub -s packages_ci.sec
+          EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
+          echo "KEY_BUILD<<$EOF" >> $GITHUB_ENV
+          cat packages_ci.sec >> $GITHUB_ENV
+          echo "$EOF" >> $GITHUB_ENV
+
+      - name: Build
+        uses: openwrt/gh-action-sdk@v5
+        env:
+          ARCH: ${{ matrix.arch }}-${{ env.BRANCH }}
+          FEEDNAME: packages_ci
+          INDEX: 1
+          KEY_BUILD: ${{ env.KEY_BUILD }}
+
+      - name: Move created packages to project dir
+        run: cp bin/packages/${{ matrix.arch }}/packages_ci/* . || true
+
+      - name: Store packages
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{env.ARCHIVE_NAME}}-packages
+          path: |
+            Packages
+            Packages.*
+            *.ipk
+            PKG-INFO
+
+      - name: Store logs
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ matrix.arch}}-logs
+          path: logs/
+
+      - name: Remove logs
+        run: sudo rm -rf logs/ || true
+
+      - name: Check if any packages were built
+        run: |
+          if [ -n "$(find . -maxdepth 1 -type f -name '*.ipk' -print -quit)" ]; then
+            echo "Found *.ipk files"
+            HAVE_IPKS=true
+          else
+            echo "No *.ipk files found"
+            HAVE_IPKS=false
+          fi
+          echo "HAVE_IPKS=$HAVE_IPKS" >> $GITHUB_ENV
+
+      - name: Register QEMU
+        if: ${{ matrix.runtime_test && fromJSON(env.HAVE_IPKS) }}
+        run: |
+          sudo docker run --rm --privileged aptman/qus -s -- -p
+
+      - name: Build Docker container
+        if: ${{ matrix.runtime_test && fromJSON(env.HAVE_IPKS) }}
+        run: |
+          docker build -t test-container --build-arg ARCH .github/workflows/
+        env:
+          ARCH: ${{ matrix.arch }}-${{ env.BRANCH }}
+
+      - name: Test via Docker container
+        if: ${{ matrix.runtime_test && fromJSON(env.HAVE_IPKS) }}
+        run: |
+          docker run --rm -v $GITHUB_WORKSPACE:/ci test-container

README

@@ -1,18 +0,0 @@
-This is an OpenWrt package feed containing community maintained routing packages.
-
-To use these packages, add the following line to the feeds.conf
-in the OpenWrt buildroot:
-
-  src-git routing git://github.com/openwrt-routing/packages.git
-  
-Update the feed:
-
-  ./scripts/feeds update routing
-  
-Activate the package:
-
-  ./scripts/feeds install -a -p routing
-  
-The routing packages should now appear in menuconfig.
-
-

README.md

@@ -0,0 +1,21 @@
+# OpenWrt Routing Feed
+
+## Description
+
+This OpenWrt package feed contains community maintained routing packages.
+
+## Usage
+
+
+This repository is intended to be layered on-top of an OpenWrt buildroot.
+If you do not have an OpenWrt buildroot installed, see the documentation at:
+[OpenWrt Buildroot – Installation][1] on the OpenWrt support site.
+
+This feed is enabled by default. To install all its package definitions, run:
+
+```
+./scripts/feeds update routing
+./scripts/feeds install -a -p routing
+```
+
+[1]: https://openwrt.org/docs/guide-developer/build-system/install-buildsystem

alfred/Makefile

@@ -3,17 +3,25 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=alfred
-PKG_VERSION:=2021.0
-PKG_RELEASE:=3
+PKG_VERSION:=2021.1
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://downloads.open-mesh.org/batman/releases/batman-adv-$(PKG_VERSION)
-PKG_HASH:=a062c08da21e0a23ae0554d392c8147dfd2129ae6975a7f5004dc680fee2244b
+PKG_HASH:=94e2cf4dad885f9059fc8b8694a71eca51c9e184683bb99a79e3de8cb7485e88
 
 PKG_MAINTAINER:=Simon Wunderlich <sw@simonwunderlich.de>
 PKG_LICENSE:=GPL-2.0-only MIT
 PKG_LICENSE_FILES:=LICENSES/preferred/GPL-2.0 LICENSES/preferred/MIT
 
+
+PKG_CONFIG_DEPENDS += \
+	CONFIG_ALFRED_NEEDS_lua \
+	CONFIG_ALFRED_NEEDS_libgps \
+	CONFIG_PACKAGE_ALFRED_VIS \
+	CONFIG_PACKAGE_ALFRED_BATHOSTS \
+	CONFIG_PACKAGE_ALFRED_GPSD
+
 include $(INCLUDE_DIR)/package.mk
 
 define Package/alfred

alfred/patches/0001-alfred-Ensure-processed-change_iface-packet-is-0-ter.patch

@@ -0,0 +1,22 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Sat, 19 Feb 2022 08:51:28 +0100
+Subject: alfred: Ensure processed change_iface packet is 0-terminated
+
+A client sending a alfred_change_interface_v0 packet to the alfred server
+might have forgotten to 0-terminate the string. In this case, strstr in
+unix_sock_change_iface might read outside of the available buffer.
+
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/alfred.git/commit/d2d27e4b9d697928d21dfa5c79908618ef8b56ac
+
+--- a/unix_sock.c
++++ b/unix_sock.c
+@@ -329,6 +329,8 @@ unix_sock_change_iface(struct globals *g
+ 	if (len < (int)(sizeof(*change_iface) - sizeof(change_iface->header)))
+ 		goto err;
+ 
++	change_iface->ifaces[sizeof(change_iface->ifaces) - 1] = '\0';
++
+ 	if (globals->opmode == OPMODE_SECONDARY) {
+ 		if (strstr(change_iface->ifaces, ",") != NULL) {
+ 			ret = -EINVAL;

alfred/patches/0001-alfred-Show-error-message-for-invalid-batadv-interfa.patch

@@ -1,29 +0,0 @@
-From: Sven Eckelmann <sven@narfation.org>
-Date: Mon, 15 Feb 2021 19:56:22 +0100
-Subject: alfred: Show error message for invalid batadv interface
-
-The alfred server process always stopped without any informational message
-when the provided batman-adv was not "none" and was not accessible. This
-made it extremely hard to debug the reason why alfred directly stopped
-after launching it.
-
-Signed-off-by: Sven Eckelmann <sven@narfation.org>
-Forwarded: https://patchwork.open-mesh.org/project/b.a.t.m.a.n./patch/20210215200126.140253-1-sven@narfation.org/
-
-diff --git a/server.c b/server.c
-index fc27246b845af75bd1f459f8bb553aef87cc24d5..efac5ad399df52f8c444711a14bcf4814e38a3bf 100644
---- a/server.c
-+++ b/server.c
-@@ -385,8 +385,11 @@ int alfred_server(struct globals *globals)
- 	}
- 
- 	if (strcmp(globals->mesh_iface, "none") != 0 &&
--	    batadv_interface_check(globals->mesh_iface) < 0)
-+	    batadv_interface_check(globals->mesh_iface) < 0) {
-+		fprintf(stderr, "Can't start server: batman-adv interface %s not found\n",
-+			globals->mesh_iface);
- 		return -1;
-+	}
- 
- 	num_socks = netsock_open_all(globals);
- 	if (num_socks <= 0) {

alfred/patches/0002-alfred-Allow-exactly-one-interface-for-secondary-mod.patch

@@ -1,72 +0,0 @@
-From: Sven Eckelmann <sven@narfation.org>
-Date: Mon, 15 Feb 2021 20:16:15 +0100
-Subject: alfred: Allow exactly one interface for secondary mode
-
-A primary alfred daemon allows syncing over more than one interface. But
-the secondary alfred daemon needs exactly one interface. But the check for
-this property was insufficient because it allowed paramters like
-"-i wlan0,asd" when wlan0 is valid and asd is not valid.
-
-The better solution is to really use the number of interfaces given to
-alfred instead of the number of interfaces evaluated as "valid".
-
-Fixes: 67ae5f57eedd ("alfred: Add support for multiple interfaces per master")
-Signed-off-by: Sven Eckelmann <sven@narfation.org>
-Forwarded: https://patchwork.open-mesh.org/project/b.a.t.m.a.n./patch/20210215200126.140253-2-sven@narfation.org/
-
-diff --git a/alfred.h b/alfred.h
-index 1e2c05835cbfba02ebabefe55afc29f7ef8e12b1..7d6b0b35b5c8b8c3b087589880c390eb035584be 100644
---- a/alfred.h
-+++ b/alfred.h
-@@ -182,6 +182,7 @@ int unix_sock_req_data_finish(struct globals *globals,
- int vis_update_data(struct globals *globals);
- /* netsock.c */
- int netsock_open_all(struct globals *globals);
-+size_t netsocket_count_interfaces(struct globals *globals);
- void netsock_close_all(struct globals *globals);
- int netsock_set_interfaces(struct globals *globals, char *interfaces);
- struct interface *netsock_first_interface(struct globals *globals);
-diff --git a/netsock.c b/netsock.c
-index 367b20730500a1c24448200a24149b64059f3381..84b0ec3827e491eead997f58b2b8f26c5b18b843 100644
---- a/netsock.c
-+++ b/netsock.c
-@@ -471,6 +471,17 @@ int netsock_open_all(struct globals *globals)
- 	return num_socks;
- }
- 
-+size_t netsocket_count_interfaces(struct globals *globals)
-+{
-+	struct interface *interface;
-+	size_t count = 0;
-+
-+	list_for_each_entry(interface, &globals->interfaces, list)
-+		count++;
-+
-+	return count;
-+}
-+
- void netsock_reopen(struct globals *globals)
- {
- 	struct interface *interface;
-diff --git a/server.c b/server.c
-index efac5ad399df52f8c444711a14bcf4814e38a3bf..eb2bc8aeb787e4bf028c8f9e3a523a18c6992be1 100644
---- a/server.c
-+++ b/server.c
-@@ -371,6 +371,7 @@ int alfred_server(struct globals *globals)
- 	int maxsock, ret, recvs;
- 	struct timespec last_check, now, tv;
- 	fd_set fds, errfds;
-+	size_t num_interfaces;
- 	int num_socks;
- 
- 	if (create_hashes(globals))
-@@ -397,7 +398,8 @@ int alfred_server(struct globals *globals)
- 		return -1;
- 	}
- 
--	if (num_socks > 1 && globals->opmode == OPMODE_SECONDARY) {
-+	num_interfaces = netsocket_count_interfaces(globals);
-+	if (num_interfaces > 1 && globals->opmode == OPMODE_SECONDARY) {
- 		fprintf(stderr, "More than one interface specified in secondary mode\n");
- 		return -1;
- 	}

alfred/patches/0003-alfred-Save-global-mode-flags-in-bitfield.patch

@@ -1,67 +0,0 @@
-From: Sven Eckelmann <sven@narfation.org>
-Date: Mon, 15 Feb 2021 20:34:54 +0100
-Subject: alfred: Save global mode flags in bitfield
-
-The verbose and ipv4mode entries in the globals structure is only used to
-save a boolean information. So just use a bit in a bitfield to store this
-information instead of a full int.
-
-Signed-off-by: Sven Eckelmann <sven@narfation.org>
-Forwarded: https://patchwork.open-mesh.org/project/b.a.t.m.a.n./patch/20210215200126.140253-3-sven@narfation.org/
-
-diff --git a/alfred.h b/alfred.h
-index 7d6b0b35b5c8b8c3b087589880c390eb035584be..c64ff17ab9be8a16b3e1c86070b93235c226a004 100644
---- a/alfred.h
-+++ b/alfred.h
-@@ -115,8 +115,8 @@ struct globals {
- 	enum clientmode clientmode;
- 	int clientmode_arg;
- 	int clientmode_version;
--	int verbose;
--	int ipv4mode;
-+	uint8_t verbose:1;
-+	uint8_t ipv4mode:1;
- 
- 	int unix_sock;
- 	const char *unix_path;
-diff --git a/main.c b/main.c
-index 7b866cc4275797beb7f614dd1a19ea0099e1281b..f25b6cc11975b8523abf6c59b77a86e94684b03b 100644
---- a/main.c
-+++ b/main.c
-@@ -9,6 +9,7 @@
- #include <arpa/inet.h>
- #include <getopt.h>
- #include <signal.h>
-+#include <stdbool.h>
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-@@ -181,8 +182,8 @@ static struct globals *alfred_init(int argc, char *argv[])
- 	globals->clientmode_version = 0;
- 	globals->mesh_iface = "bat0";
- 	globals->unix_path = ALFRED_SOCK_PATH_DEFAULT;
--	globals->verbose = 0;
--	globals->ipv4mode = 0;
-+	globals->verbose = false;
-+	globals->ipv4mode = false;
- 	globals->update_command = NULL;
- 	globals->sync_period.tv_sec = ALFRED_INTERVAL;
- 	globals->sync_period.tv_nsec = 0;
-@@ -252,7 +253,7 @@ static struct globals *alfred_init(int argc, char *argv[])
- 			globals->unix_path = optarg;
- 			break;
- 		case 'd':
--			globals->verbose++;
-+			globals->verbose = true;
- 			break;
- 		case 'c':
- 			globals->update_command = optarg;
-@@ -268,7 +269,7 @@ static struct globals *alfred_init(int argc, char *argv[])
- 			printf(" ** Setting sync interval to: %.9f seconds (%ld.%09ld)\n", sync_period, globals->sync_period.tv_sec, globals->sync_period.tv_nsec);
- 			break;
- 		case '4':
--			globals->ipv4mode = 1;
-+			globals->ipv4mode = true;
- 			inet_pton(AF_INET, optarg, &alfred_mcast.ipv4);
- 			printf(" ** IPv4 Multicast Mode: %x\n", alfred_mcast.ipv4.s_addr);
- 			break;

alfred/patches/0004-alfred-Allow-start-of-server-without-valid-interface.patch

@@ -1,102 +0,0 @@
-From: Sven Eckelmann <sven@narfation.org>
-Date: Mon, 15 Feb 2021 20:52:17 +0100
-Subject: alfred: Allow start of server without valid interface
-
-The alfred server always needs interfaces to operate on. But these
-interfaces might not exist at the moment when the daemon process is
-started. This caused an error and stopped the process.
-
-But alfred is able to deal with interfaces which disappeared at runtime but
-existed at startup. To force a similar behavior for the alfred startup, the
-parameter "--force" or "-f" is introduced.
-
-Signed-off-by: Sven Eckelmann <sven@narfation.org>
-Forwarded: https://patchwork.open-mesh.org/project/b.a.t.m.a.n./patch/20210215200126.140253-4-sven@narfation.org/
-
-diff --git a/alfred.h b/alfred.h
-index c64ff17ab9be8a16b3e1c86070b93235c226a004..ac082536bd6565756835489194be9b80fe0dd653 100644
---- a/alfred.h
-+++ b/alfred.h
-@@ -117,6 +117,7 @@ struct globals {
- 	int clientmode_version;
- 	uint8_t verbose:1;
- 	uint8_t ipv4mode:1;
-+	uint8_t force:1;
- 
- 	int unix_sock;
- 	const char *unix_path;
-diff --git a/main.c b/main.c
-index f25b6cc11975b8523abf6c59b77a86e94684b03b..e190d4274a0fe2abdb2c462a5bdefb3e199d4797 100644
---- a/main.c
-+++ b/main.c
-@@ -164,6 +164,7 @@ static struct globals *alfred_init(int argc, char *argv[])
- 		{"version",		no_argument,		NULL,	'v'},
- 		{"verbose",		no_argument,		NULL,	'd'},
- 		{"sync-period",		required_argument,	NULL,	'p'},
-+		{"force",		no_argument,		NULL,	'f'},
- 		{NULL,			0,			NULL,	0},
- 	};
- 
-@@ -184,6 +185,7 @@ static struct globals *alfred_init(int argc, char *argv[])
- 	globals->unix_path = ALFRED_SOCK_PATH_DEFAULT;
- 	globals->verbose = false;
- 	globals->ipv4mode = false;
-+	globals->force = false;
- 	globals->update_command = NULL;
- 	globals->sync_period.tv_sec = ALFRED_INTERVAL;
- 	globals->sync_period.tv_nsec = 0;
-@@ -191,7 +193,7 @@ static struct globals *alfred_init(int argc, char *argv[])
- 
- 	time_random_seed();
- 
--	while ((opt = getopt_long(argc, argv, "ms:r:hi:b:vV:M:I:u:dc:p:4:", long_options,
-+	while ((opt = getopt_long(argc, argv, "ms:r:hi:b:vV:M:I:u:dc:p:4:f", long_options,
- 				  &opt_ind)) != -1) {
- 		switch (opt) {
- 		case 'r':
-@@ -273,6 +275,9 @@ static struct globals *alfred_init(int argc, char *argv[])
- 			inet_pton(AF_INET, optarg, &alfred_mcast.ipv4);
- 			printf(" ** IPv4 Multicast Mode: %x\n", alfred_mcast.ipv4.s_addr);
- 			break;
-+		case 'f':
-+			globals->force = true;
-+			break;
- 		case 'h':
- 		default:
- 			alfred_usage();
-diff --git a/man/alfred.8 b/man/alfred.8
-index 25591be9ece1f8de572be8f639576861e318005f..e965db8260086cc83bc78ad95f97bc368a6cb170 100644
---- a/man/alfred.8
-+++ b/man/alfred.8
-@@ -72,6 +72,9 @@ Collect data from the network and prints it on the network
- \fB\-d\fP, \fB\-\-verbose\fP
- Show extra information in the data output
- .TP
-+\fB\-d\fP, \fB\-\-force\fP
-+Start server even when batman-adv or interface(s) are not yet available.
-+.TP
- \fB\-V\fP, \fB\-\-req\-version\fP \fIversion\fP
- Specify the data version set for \fB\-s\fP
- 
-diff --git a/server.c b/server.c
-index eb2bc8aeb787e4bf028c8f9e3a523a18c6992be1..b4925e7e16ba7465662a5dbf12432916fed8bd03 100644
---- a/server.c
-+++ b/server.c
-@@ -386,14 +386,15 @@ int alfred_server(struct globals *globals)
- 	}
- 
- 	if (strcmp(globals->mesh_iface, "none") != 0 &&
--	    batadv_interface_check(globals->mesh_iface) < 0) {
-+	    batadv_interface_check(globals->mesh_iface) < 0 &&
-+	    !globals->force) {
- 		fprintf(stderr, "Can't start server: batman-adv interface %s not found\n",
- 			globals->mesh_iface);
- 		return -1;
- 	}
- 
- 	num_socks = netsock_open_all(globals);
--	if (num_socks <= 0) {
-+	if (num_socks <= 0 && !globals->force) {
- 		fprintf(stderr, "Failed to open interfaces\n");
- 		return -1;
- 	}

babeld/Makefile

@@ -8,15 +8,16 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=babeld
-PKG_VERSION:=1.9.2
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_VERSION:=1.12.2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.irif.fr/~jch/software/files/
-PKG_HASH:=154f00e0a8bf35d6ea9028886c3dc5c3c342dd1a367df55ef29a547b75867f07
+PKG_HASH:=1db22b6193070ea2450a1ab51196fd72f58a1329f780cb0388e2e4b2e7768cbb
 
 PKG_MAINTAINER:=Gabriel Kerneis <gabriel@kerneis.info>, \
-	Baptiste Jonglez <openwrt-pkg@bitsofnetworks.org>
+	Baptiste Jonglez <openwrt-pkg@bitsofnetworks.org>, \
+	Nick Hainke <vincent@systemli.org>
 PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=LICENCE
 
@@ -36,7 +37,7 @@ define Package/babeld/description
   with fast convergence properties. It is based on the ideas in DSDV, AODV and
   Cisco's EIGRP, but is designed to work well not only in wired networks but
   also in wireless mesh networks, and has been extended with support for
-  overlay networks. Babel is in the process of becoming an IETF Standard.
+  overlay networks. Babel is an IETF standard protocol (RFC 8966).
 endef
 
 define Package/babeld/conffiles

babeld/patches/600-add-ubus.patch

@@ -1,7 +1,7 @@
 --- a/babeld.c
 +++ b/babeld.c
-@@ -55,6 +55,8 @@ THE SOFTWARE.
- #include "rule.h"
+@@ -54,6 +54,8 @@ THE SOFTWARE.
+ #include "local.h"
  #include "version.h"
  
 +#include "ubus.h"
@@ -9,7 +9,7 @@
  struct timeval now;
  
  unsigned char myid[8];
-@@ -536,6 +538,9 @@ main(int argc, char **argv)
+@@ -521,6 +523,9 @@ main(int argc, char **argv)
          }
      }
  
@@ -19,7 +19,7 @@
      init_signals();
      rc = resize_receive_buffer(1500);
      if(rc < 0)
-@@ -635,6 +640,8 @@ main(int argc, char **argv)
+@@ -616,6 +621,8 @@ main(int argc, char **argv)
                  FD_SET(local_sockets[i].fd, &readfds);
                  maxfd = MAX(maxfd, local_sockets[i].fd);
              }
@@ -28,7 +28,7 @@
              rc = select(maxfd + 1, &readfds, NULL, NULL, &tv);
              if(rc < 0) {
                  if(errno != EINTR) {
-@@ -703,6 +710,9 @@ main(int argc, char **argv)
+@@ -684,6 +691,9 @@ main(int argc, char **argv)
              i++;
          }
  
@@ -38,22 +38,6 @@
          if(reopening) {
              kernel_dump_time = now.tv_sec;
              check_neighbours_timeout = now;
---- a/Makefile
-+++ b/Makefile
-@@ -11,11 +11,11 @@ LDLIBS = -lrt
- 
- SRCS = babeld.c net.c kernel.c util.c interface.c source.c neighbour.c \
-        route.c xroute.c message.c resend.c configuration.c local.c \
--       disambiguation.c rule.c
-+       disambiguation.c rule.c ubus.c
- 
- OBJS = babeld.o net.o kernel.o util.o interface.o source.o neighbour.o \
-        route.o xroute.o message.o resend.o configuration.o local.o \
--       disambiguation.o rule.o
-+       disambiguation.o rule.o ubus.o
- 
- babeld: $(OBJS)
- 	$(CC) $(CFLAGS) $(LDFLAGS) -o babeld $(OBJS) $(LDLIBS)
 --- a/generate-version.sh
 +++ b/generate-version.sh
 @@ -10,4 +10,4 @@ else
@@ -64,15 +48,16 @@
 +echo "#define BABELD_VERSION \"$version-ubus-mod\""
 --- a/configuration.c
 +++ b/configuration.c
-@@ -41,6 +41,7 @@ THE SOFTWARE.
- #include "kernel.h"
+@@ -42,6 +42,8 @@ THE SOFTWARE.
+ #include "hmac.h"
  #include "configuration.h"
- #include "rule.h"
-+#include "ubus.h"
  
++#include "ubus.h"
++
  static struct filter *input_filters = NULL;
  static struct filter *output_filters = NULL;
-@@ -850,7 +851,8 @@ parse_option(int c, gnc_t gnc, void *clo
+ static struct filter *redistribute_filters = NULL;
+@@ -1036,7 +1038,8 @@ parse_option(int c, gnc_t gnc, void *clo
                strcmp(token, "daemonise") == 0 ||
                strcmp(token, "skip-kernel-setup") == 0 ||
                strcmp(token, "ipv6-subtrees") == 0 ||
@@ -82,7 +67,7 @@
          int b;
          c = getbool(c, &b, gnc, closure);
          if(c < -1)
-@@ -868,6 +870,8 @@ parse_option(int c, gnc_t gnc, void *clo
+@@ -1054,6 +1057,8 @@ parse_option(int c, gnc_t gnc, void *clo
              has_ipv6_subtrees = b;
          else if(strcmp(token, "reflect-kernel-metric") == 0)
              reflect_kernel_metric = b;
@@ -102,15 +87,6 @@
  int local_server_socket = -1;
  struct local_socket local_sockets[MAX_LOCAL_SOCKETS];
  int num_local_sockets = 0;
-@@ -80,7 +82,7 @@ write_timeout(int fd, const void *buf, i
-     }
- }
- 
--static const char *
-+const char *
- local_kind(int kind)
- {
-     switch(kind) {
 @@ -191,6 +193,8 @@ local_notify_neighbour(struct neighbour
          if(local_sockets[i].monitor)
              local_notify_neighbour_1(&local_sockets[i], neigh, kind);
@@ -138,10 +114,19 @@
  }
  
  static void
---- a/local.h
-+++ b/local.h
-@@ -55,3 +55,4 @@ int local_read(struct local_socket *s);
- int local_header(struct local_socket *s);
- struct local_socket *local_socket_create(int fd);
- void local_socket_destroy(int i);
-+const char * local_kind(int kind);
+--- a/Makefile
++++ b/Makefile
+@@ -11,11 +11,11 @@ LDLIBS = -lrt
+ 
+ SRCS = babeld.c net.c kernel.c util.c interface.c source.c neighbour.c \
+        route.c xroute.c message.c resend.c configuration.c local.c \
+-       hmac.c rfc6234/sha224-256.c BLAKE2/ref/blake2s-ref.c
++       hmac.c ubus.c rfc6234/sha224-256.c BLAKE2/ref/blake2s-ref.c
+ 
+ OBJS = babeld.o net.o kernel.o util.o interface.o source.o neighbour.o \
+        route.o xroute.o message.o resend.o configuration.o local.o \
+-       hmac.o rfc6234/sha224-256.o BLAKE2/ref/blake2s-ref.o
++       hmac.o ubus.o rfc6234/sha224-256.o BLAKE2/ref/blake2s-ref.o
+ 
+ babeld: $(OBJS)
+ 	$(CC) $(CFLAGS) $(LDFLAGS) -o babeld $(OBJS) $(LDLIBS)

babeld/src/ubus.c

@@ -2,10 +2,10 @@
 #include <stdlib.h>
 #include <sys/select.h>
 
-#include <libubus.h>
 #include <libubox/blob.h>
 #include <libubox/blobmsg.h>
 #include <libubox/list.h>
+#include <libubus.h>
 
 #include <arpa/inet.h>
 #include <net/if.h>
@@ -23,7 +23,6 @@
 #include "net.h"
 #include "resend.h"
 #include "route.h"
-#include "rule.h"
 #include "source.h"
 #include "util.h"
 #include "version.h"
@@ -55,6 +54,95 @@ struct neighbour_list_entry {
   struct neighbour *neighbour;
 };
 
+// Definition of interface function enums (to be used with ubox's blobmsg
+// helpers).
+enum { INTERFACE_IFNAME, __INTERFACE_MAX };
+
+// Definition of interface parsing (to be used with ubox's blobmsg helpers).
+static const struct blobmsg_policy interface_policy[__INTERFACE_MAX] = {
+    [INTERFACE_IFNAME] = {"ifname", BLOBMSG_TYPE_STRING},
+};
+
+// Definition of filter function enums (to be used with ubox's blobmsg
+// helpers).
+enum { FILTER_IFNAME, FILTER_TYPE, FILTER_METRIC, __FILTER_MAX };
+
+// Definition of filter parsing (to be used with ubox's blobmsg helpers).
+static const struct blobmsg_policy filter_policy[__FILTER_MAX] = {
+    [FILTER_IFNAME] = {"ifname", BLOBMSG_TYPE_STRING},
+    [FILTER_TYPE] = {"type", BLOBMSG_TYPE_INT32},
+    [FILTER_METRIC] = {"metric", BLOBMSG_TYPE_INT32},
+};
+
+// Adds a filter (ubus equivalent to "filter"-function).
+static int babeld_ubus_add_filter(struct ubus_context *ctx_local,
+                                  struct ubus_object *obj,
+                                  struct ubus_request_data *req,
+                                  const char *method, struct blob_attr *msg) {
+  struct blob_attr *tb[__FILTER_MAX];
+  struct blob_buf b = {0};
+  struct filter *filter = NULL;
+  char *ifname;
+  int metric, type;
+
+  blobmsg_parse(filter_policy, __FILTER_MAX, tb, blob_data(msg), blob_len(msg));
+
+  if (!tb[FILTER_IFNAME])
+    return UBUS_STATUS_INVALID_ARGUMENT;
+
+  if (!tb[FILTER_TYPE])
+    return UBUS_STATUS_INVALID_ARGUMENT;
+
+  type = blobmsg_get_u32(tb[FILTER_TYPE]);
+
+  if (tb[FILTER_METRIC])
+    metric = blobmsg_get_u32(tb[FILTER_METRIC]);
+
+  filter = calloc(1, sizeof(struct filter));
+  if (filter == NULL)
+    return UBUS_STATUS_UNKNOWN_ERROR;
+
+  filter->af = AF_INET6;
+  filter->proto = 0;
+  filter->plen_le = 128;
+  filter->src_plen_le = 128;
+  filter->action.add_metric = metric;
+
+  ifname = blobmsg_get_string(tb[FILTER_IFNAME]);
+  filter->ifname = strdup(ifname);
+  filter->ifindex = if_nametoindex(filter->ifname);
+
+  add_filter(filter, type);
+
+  return UBUS_STATUS_OK;
+}
+
+// Adds an inteface (ubus equivalent to "interface"-function).
+static int babeld_ubus_add_interface(struct ubus_context *ctx_local,
+                                     struct ubus_object *obj,
+                                     struct ubus_request_data *req,
+                                     const char *method,
+                                     struct blob_attr *msg) {
+  struct blob_attr *tb[__INTERFACE_MAX];
+  struct blob_buf b = {0};
+  struct interface *ifp = NULL;
+  char *ifname;
+
+  blobmsg_parse(interface_policy, __INTERFACE_MAX, tb, blob_data(msg),
+                blob_len(msg));
+
+  if (!tb[INTERFACE_IFNAME])
+    return UBUS_STATUS_INVALID_ARGUMENT;
+
+  ifname = blobmsg_get_string(tb[INTERFACE_IFNAME]);
+
+  ifp = add_interface(ifname, NULL);
+  if (ifp == NULL)
+    return UBUS_STATUS_UNKNOWN_ERROR;
+
+  return UBUS_STATUS_OK;
+}
+
 // Sends a babel info message on ubus socket.
 static int babeld_ubus_babeld_info(struct ubus_context *ctx_local,
                                    struct ubus_object *obj,
@@ -75,6 +163,8 @@ static int babeld_ubus_babeld_info(struct ubus_context *ctx_local,
   if (ret)
     fprintf(stderr, "Failed to send reply: %s\n", ubus_strerror(ret));
 
+  blob_buf_free(&b);
+
   return ret;
 }
 
@@ -104,6 +194,8 @@ static int babeld_ubus_get_xroutes(struct ubus_context *ctx_local,
   LIST_HEAD(xroute_ipv4_list);
   LIST_HEAD(xroute_ipv6_list);
 
+  blob_buf_init(&b, 0);
+
   xroutes = xroute_stream();
   if (xroutes) {
     while (1) {
@@ -124,7 +216,6 @@ static int babeld_ubus_get_xroutes(struct ubus_context *ctx_local,
     xroute_stream_done(xroutes);
   }
 
-  blob_buf_init(&b, 0);
   ipv4 = blobmsg_open_table(&b, "IPv4");
   list_for_each_entry_safe(cur, tmp, &xroute_ipv4_list, list) {
     babeld_add_xroute_buf(cur->xroute, &b);
@@ -145,6 +236,8 @@ static int babeld_ubus_get_xroutes(struct ubus_context *ctx_local,
   if (ret)
     fprintf(stderr, "Failed to send reply: %s\n", ubus_strerror(ret));
 
+  blob_buf_free(&b);
+
   return ret;
 }
 
@@ -209,7 +302,7 @@ static int babeld_ubus_get_routes(struct ubus_context *ctx_local,
 
   blob_buf_init(&b, 0);
 
-  routes = route_stream(ROUTE_ALL);
+  routes = route_stream(0);
   if (routes) {
     while (1) {
       struct babel_route *route = route_stream_next(routes);
@@ -227,7 +320,6 @@ static int babeld_ubus_get_routes(struct ubus_context *ctx_local,
     route_stream_done(routes);
   }
 
-  blob_buf_init(&b, 0);
   ipv4 = blobmsg_open_table(&b, "IPv4");
   list_for_each_entry_safe(cur, tmp, &route_ipv4_list, list) {
     babeld_add_route_buf(cur->route, &b);
@@ -248,6 +340,8 @@ static int babeld_ubus_get_routes(struct ubus_context *ctx_local,
   if (ret)
     fprintf(stderr, "Failed to send reply: %s\n", ubus_strerror(ret));
 
+  blob_buf_free(&b);
+
   return ret;
 }
 
@@ -296,8 +390,6 @@ static int babeld_ubus_get_neighbours(struct ubus_context *ctx_local,
     }
   }
 
-  blob_buf_init(&b, 0);
-
   ipv4 = blobmsg_open_table(&b, "IPv4");
   list_for_each_entry_safe(cur, tmp, &neighbour_ipv4_list, list) {
     babeld_add_neighbour_buf(cur->neighbour, &b);
@@ -318,11 +410,15 @@ static int babeld_ubus_get_neighbours(struct ubus_context *ctx_local,
   if (ret)
     fprintf(stderr, "Failed to send reply: %s\n", ubus_strerror(ret));
 
+  blob_buf_free(&b);
+
   return ret;
 }
 
 // List of functions we expose via the ubus bus.
 static const struct ubus_method babeld_methods[] = {
+    UBUS_METHOD("add_interface", babeld_ubus_add_interface, interface_policy),
+    UBUS_METHOD("add_filter", babeld_ubus_add_filter, filter_policy),
     UBUS_METHOD_NOARG("get_info", babeld_ubus_babeld_info),
     UBUS_METHOD_NOARG("get_xroutes", babeld_ubus_get_xroutes),
     UBUS_METHOD_NOARG("get_routes", babeld_ubus_get_routes),
@@ -384,6 +480,7 @@ void ubus_notify_route(struct babel_route *route, int kind) {
   babeld_add_route_buf(route, &b);
   snprintf(method, sizeof(method), "route.%s", local_kind(kind));
   ubus_notify(shared_ctx, &babeld_object, method, b.head, -1);
+  blob_buf_free(&b);
 }
 
 void ubus_notify_xroute(struct xroute *xroute, int kind) {
@@ -404,6 +501,7 @@ void ubus_notify_xroute(struct xroute *xroute, int kind) {
   babeld_add_xroute_buf(xroute, &b);
   snprintf(method, sizeof(method), "xroute.%s", local_kind(kind));
   ubus_notify(shared_ctx, &babeld_object, method, b.head, -1);
+  blob_buf_free(&b);
 }
 
 void ubus_notify_neighbour(struct neighbour *neigh, int kind) {
@@ -423,6 +521,7 @@ void ubus_notify_neighbour(struct neighbour *neigh, int kind) {
   babeld_add_neighbour_buf(neigh, &b);
   snprintf(method, sizeof(method), "neigh.%s", local_kind(kind));
   ubus_notify(shared_ctx, &babeld_object, method, b.head, -1);
+  blob_buf_free(&b);
 }
 
 void babeld_ubus_receive(fd_set *readfds) {

babeld/src/ubus.h

@@ -2,6 +2,13 @@
     IPC integration of babeld with OpenWrt.
 
     The ubus interface offers following functions:
+    - add_filter '{"ifname":"eth0", "type":0, "metric":5000}'
+        type:
+            0: FILTER_TYPE_INPUT
+            1: FILTER_TYPE_OUTPUT
+            2: FILTER_TYPE_REDISTRIBUTE
+            3: FILTER_TYPE_INSTALL
+    - add_interface '{"ifname":"eth0"}'
     - get_info
     - get_neighbours
     - get_xroutes

batctl/Makefile

@@ -3,12 +3,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=batctl
-PKG_VERSION:=2021.0
-PKG_RELEASE:=1
+PKG_VERSION:=2021.1
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://downloads.open-mesh.org/batman/releases/batman-adv-$(PKG_VERSION)
-PKG_HASH:=9cec8bf1952f885192749a9dc0318a54633b717aaf05c438d504efd83f5201e4
+PKG_HASH:=44b28cebb46b8ba1bc170bedeef67f69d89503806c429ff8cb113cc01966e176
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 
 PKG_MAINTAINER:=Simon Wunderlich <sw@simonwunderlich.de>
@@ -95,27 +95,37 @@ config-n := \
 	backbonetable \
 	bisect_iv \
 	bonding \
+	bla_backbone_json \
+	bla_claim_json \
 	bridge_loop_avoidance \
 	claimtable \
 	dat_cache \
+	dat_cache_json \
 	distributed_arp_table \
 	elp_interval \
 	event \
 	fragmentation \
 	gateways \
+	gateways_json \
 	gw_mode \
+	hardif_json \
+	hardifs_json \
 	hop_penalty \
 	interface \
 	isolation_mark \
 	loglevel \
 	mcast_flags \
+	mcast_flags_json \
+	mesh_json \
 	multicast_fanout \
 	multicast_forceflood \
 	multicast_mode \
 	neighbors \
+	neighbors_json \
 	network_coding \
 	orig_interval \
 	originators \
+	originators_json \
 	ping \
 	routing_algo \
 	statistics \
@@ -126,6 +136,9 @@ config-n := \
 	transglobal \
 	translate \
 	translocal \
+	transtable_global_json \
+	transtable_local_json \
+	vlan_json \
 
 config-settings := \
 	aggregation \
@@ -160,6 +173,21 @@ config-tables := \
 	transglobal \
 	translocal \
 
+config-json := \
+	bla_backbone_json \
+	bla_claim_json \
+	dat_cache_json \
+	gateways_json \
+	hardif_json \
+	hardifs_json \
+	mcast_flags_json \
+	mesh_json \
+	neighbors_json \
+	originators_json \
+	transtable_global_json \
+	transtable_local_json \
+	vlan_json \
+
 config-tools := \
 	event \
 	ping \
@@ -183,6 +211,7 @@ ifeq ($(BUILD_VARIANT),default)
 config-y := \
 	$(config-settings) \
 	$(config-tables) \
+	$(config-json) \
 	$(config-tools) \
 
 endif
@@ -192,6 +221,7 @@ ifeq ($(BUILD_VARIANT),full)
 config-y := \
 	$(config-settings) \
 	$(config-tables) \
+	$(config-json) \
 	$(config-tools) \
 	$(config-extratools) \
 

batctl/patches/0001-batctl-Fix-build-of-routing_algo-against-musl.patch

@@ -1,25 +0,0 @@
-From: Sven Eckelmann <sven@narfation.org>
-Date: Thu, 28 Jan 2021 20:44:22 +0100
-Subject: batctl: Fix build of routing_algo against musl
-
-glibc is including the headers for the rtnetlink functionality. But musl
-avoids this indirect include. The headers must therefore be included
-explicitely.
-
-Fixes: e0ccb9b575d9 ("batctl: Switch active routing algo list to netlink")
-Signed-off-by: Sven Eckelmann <sven@narfation.org>
-Origin: upstream, https://git.open-mesh.org/batctl.git/commit/b0044a6b2f8a762387d9b7408b1fe528f21c4ad7
-
-diff --git a/routing_algo.c b/routing_algo.c
-index 27458ffdd9b91decbecbe6ec5da8ffd14c863a35..b5e3ebb8c5a4743cd2c42634d79f8a4c6a8210db 100644
---- a/routing_algo.c
-+++ b/routing_algo.c
-@@ -9,6 +9,8 @@
- #include <errno.h>
- #include <fcntl.h>
- #include <getopt.h>
-+#include <linux/if_link.h>
-+#include <linux/rtnetlink.h>
- #include <netinet/if_ether.h>
- #include <netlink/netlink.h>
- #include <netlink/genl/genl.h>

batctl/patches/0001-batctl-ping-Skip-sleep-after-last-packet.patch

@@ -0,0 +1,29 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Fri, 22 Apr 2022 11:14:08 +0200
+Subject: batctl: ping: Skip sleep after last packet
+
+The -i option for ping is documented as interval between ping requests. But
+the sleep was also applied after all the requested pings already sent out.
+As result, the user had to wait additional time until the statistics for
+the (limited) ping test was printed.
+
+Just skip the last sleep in case there will be no next ping packet to avoid
+this problem.
+
+Reported-by: Roman Le bg <roman@romanlebg.fr>
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batctl.git/commit/47d063213d5843d1ca33c557bd4a874db3e90e9e)
+
+--- a/ping.c
++++ b/ping.c
+@@ -282,6 +282,10 @@ read_packet:
+ 		}
+ 
+ sleep:
++		/* skip last sleep in case no more packets will be sent out */
++		if (loop_count == 0)
++			continue;
++
+ 		if (loop_interval > 0)
+ 			sleep(loop_interval);
+ 		else if ((tv.tv_sec != 0) || (tv.tv_usec != 0))

batman-adv/Makefile

@@ -3,12 +3,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=batman-adv
-PKG_VERSION:=2021.0
-PKG_RELEASE:=1
+PKG_VERSION:=2021.1
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://downloads.open-mesh.org/batman/releases/batman-adv-$(PKG_VERSION)
-PKG_HASH:=5a989ba580897268373bd516b87b588061f344af773a0f6b038a3d8d2af028a1
+PKG_HASH:=bf77843d8dead75342d673ce7021e4ad037447ce18c64056ae1e3202039934d0
 PKG_EXTMOD_SUBDIRS:=net/batman-adv
 
 PKG_MAINTAINER:=Simon Wunderlich <sw@simonwunderlich.de>
@@ -17,6 +17,15 @@ PKG_LICENSE_FILES:=LICENSES/preferred/GPL-2.0 LICENSES/preferred/MIT
 
 STAMP_CONFIGURED_DEPENDS := $(STAGING_DIR)/usr/include/mac80211-backport/backport/autoconf.h
 
+PKG_CONFIG_DEPENDS += \
+	CONFIG_BATMAN_ADV_BATMAN_V \
+	CONFIG_BATMAN_ADV_BLA \
+	CONFIG_BATMAN_ADV_DAT \
+	CONFIG_BATMAN_ADV_NC \
+	CONFIG_BATMAN_ADV_MCAST \
+	CONFIG_BATMAN_ADV_DEBUG \
+	CONFIG_BATMAN_ADV_TRACING
+
 include $(INCLUDE_DIR)/kernel.mk
 include $(INCLUDE_DIR)/package.mk
 
@@ -61,6 +70,7 @@ PKG_EXTRA_CFLAGS:= \
 	$(patsubst CONFIG_%, -DCONFIG_%=1, $(patsubst %=y,%,$(filter %=y,$(PKG_EXTRA_KCONFIG)))) \
 
 NOSTDINC_FLAGS = \
+	$(KERNEL_NOSTDINC_FLAGS) \
 	-I$(PKG_BUILD_DIR)/net/batman-adv \
 	-I$(STAGING_DIR)/usr/include/mac80211-backport \
 	-I$(STAGING_DIR)/usr/include/mac80211-backport/uapi \

batman-adv/patches/0001-Revert-batman-adv-genetlink-move-to-smaller-ops-wher.patch

@@ -12,11 +12,9 @@ or newer - otherwise it will not work as expected.
 
 This reverts commit 725b4ef5be840cfcd0ca33b9393c14dee40c10f7.
 
-diff --git a/compat-include/net/genetlink.h b/compat-include/net/genetlink.h
-index f16355febac42294491531a3f8049bc680560d0c..d1f80cd88503cdd11e9051f2e90ea533bee89a67 100644
 --- a/compat-include/net/genetlink.h
 +++ b/compat-include/net/genetlink.h
-@@ -31,17 +31,15 @@ void batadv_genl_dump_check_consistent(struct netlink_callback *cb,
+@@ -31,17 +31,15 @@ void batadv_genl_dump_check_consistent(s
  #endif /* LINUX_VERSION_IS_LESS(4, 15, 0) */
  
  
@@ -48,7 +46,7 @@ index f16355febac42294491531a3f8049bc680560d0c..d1f80cd88503cdd11e9051f2e90ea533
  	unsigned int n_mcgrps;
  	struct module *module;
  
-@@ -96,32 +94,24 @@ static inline int batadv_genl_register_family(struct batadv_genl_family *family)
+@@ -96,32 +94,24 @@ static inline int batadv_genl_register_f
  	family->family.pre_doit = family->pre_doit;
  	family->family.post_doit = family->post_doit;
  	family->family.mcgrps = family->mcgrps;
@@ -89,7 +87,7 @@ index f16355febac42294491531a3f8049bc680560d0c..d1f80cd88503cdd11e9051f2e90ea533
  	family->family.ops = ops;
  	family->copy_ops = ops;
  
-@@ -136,7 +126,7 @@ typedef struct genl_ops batadv_genl_ops_old;
+@@ -136,7 +126,7 @@ typedef struct genl_ops batadv_genl_ops_
  #define batadv_post_doit(__x, __y, __z) \
  	batadv_post_doit(const batadv_genl_ops_old *ops, __y, __z)
  
@@ -98,7 +96,7 @@ index f16355febac42294491531a3f8049bc680560d0c..d1f80cd88503cdd11e9051f2e90ea533
  #define genl_family batadv_genl_family
  
  #define genl_register_family(family) \
-@@ -160,6 +150,6 @@ batadv_genl_unregister_family(struct batadv_genl_family *family)
+@@ -160,6 +150,6 @@ batadv_genl_unregister_family(struct bat
  	genlmsg_multicast_netns(&(_family)->family, _net, _skb, _portid, \
  				_group, _flags)
  
@@ -106,11 +104,9 @@ index f16355febac42294491531a3f8049bc680560d0c..d1f80cd88503cdd11e9051f2e90ea533
 +#endif /* LINUX_VERSION_IS_LESS(5, 2, 0) */
  
  #endif /* _NET_BATMAN_ADV_COMPAT_NET_GENETLINK_H_ */
-diff --git a/net/batman-adv/netlink.c b/net/batman-adv/netlink.c
-index 97bcf149633d850ff4fcece6d7dc0d799adb1444..a8f15c04826af1144db655887b754758fc5ab47a 100644
 --- a/net/batman-adv/netlink.c
 +++ b/net/batman-adv/netlink.c
-@@ -1351,7 +1351,7 @@ static void batadv_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
+@@ -1351,7 +1351,7 @@ static void batadv_post_doit(const struc
  	}
  }
  
@@ -119,7 +115,7 @@ index 97bcf149633d850ff4fcece6d7dc0d799adb1444..a8f15c04826af1144db655887b754758
  	{
  		.cmd = BATADV_CMD_GET_MESH,
  		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
-@@ -1485,8 +1485,8 @@ struct genl_family batadv_netlink_family __ro_after_init = {
+@@ -1485,8 +1485,8 @@ struct genl_family batadv_netlink_family
  	.pre_doit = batadv_pre_doit,
  	.post_doit = batadv_post_doit,
  	.module = THIS_MODULE,

batman-adv/patches/0002-Revert-batman-adv-Add-new-include-for-min-max-helper.patch

@@ -9,14 +9,11 @@ This reverts commit 1810de05310d5c5e9140f870ac21052f38bc06b8.
 
 Signed-off-by: Sven Eckelmann <sven@narfation.org>
 
-diff --git a/compat-include/linux/minmax.h b/compat-include/linux/minmax.h
-deleted file mode 100644
-index 4b19479bc5ea12c5005485f623decfad90a85cff..0000000000000000000000000000000000000000
 --- a/compat-include/linux/minmax.h
 +++ /dev/null
 @@ -1,20 +0,0 @@
 -/* SPDX-License-Identifier: GPL-2.0 */
--/* Copyright (C) 2007-2020  B.A.T.M.A.N. contributors:
+-/* Copyright (C) B.A.T.M.A.N. contributors:
 - *
 - * Marek Lindner, Simon Wunderlich
 - *
@@ -35,8 +32,6 @@ index 4b19479bc5ea12c5005485f623decfad90a85cff..00000000000000000000000000000000
 -#endif
 -
 -#endif /* _NET_BATMAN_ADV_COMPAT_LINUX_MINMAX_H_ */
-diff --git a/net/batman-adv/bat_v.c b/net/batman-adv/bat_v.c
-index e4455babe4c28f8c1527a17e825675183c37ea1d..22183e954647089ca72a941e744375d72e1f94b0 100644
 --- a/net/batman-adv/bat_v.c
 +++ b/net/batman-adv/bat_v.c
 @@ -15,7 +15,6 @@
@@ -47,8 +42,6 @@ index e4455babe4c28f8c1527a17e825675183c37ea1d..22183e954647089ca72a941e744375d7
  #include <linux/netdevice.h>
  #include <linux/netlink.h>
  #include <linux/rculist.h>
-diff --git a/net/batman-adv/bat_v_elp.c b/net/batman-adv/bat_v_elp.c
-index 0512ea6cd818c22768e601f446ff806cf863163b..79a7dfc32e76c511c5b5d8716cbebf64f6228d9d 100644
 --- a/net/batman-adv/bat_v_elp.c
 +++ b/net/batman-adv/bat_v_elp.c
 @@ -18,7 +18,6 @@
@@ -59,8 +52,6 @@ index 0512ea6cd818c22768e601f446ff806cf863163b..79a7dfc32e76c511c5b5d8716cbebf64
  #include <linux/netdevice.h>
  #include <linux/nl80211.h>
  #include <linux/prandom.h>
-diff --git a/net/batman-adv/bat_v_ogm.c b/net/batman-adv/bat_v_ogm.c
-index 798d659855d0bcc9d7638901fedeb77d830f1980..8c1148fc73d776c076bdb35896f5536d7378578d 100644
 --- a/net/batman-adv/bat_v_ogm.c
 +++ b/net/batman-adv/bat_v_ogm.c
 @@ -18,7 +18,6 @@
@@ -71,8 +62,6 @@ index 798d659855d0bcc9d7638901fedeb77d830f1980..8c1148fc73d776c076bdb35896f5536d
  #include <linux/mutex.h>
  #include <linux/netdevice.h>
  #include <linux/prandom.h>
-diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c
-index e522f1fcfd9af04ee2d92b1b11ace6960d6f9c9f..ea40e54867573320d44e68524589454db553fb81 100644
 --- a/net/batman-adv/fragmentation.c
 +++ b/net/batman-adv/fragmentation.c
 @@ -14,8 +14,8 @@
@@ -85,8 +74,6 @@ index e522f1fcfd9af04ee2d92b1b11ace6960d6f9c9f..ea40e54867573320d44e68524589454d
  #include <linux/netdevice.h>
  #include <linux/skbuff.h>
  #include <linux/slab.h>
-diff --git a/net/batman-adv/hard-interface.c b/net/batman-adv/hard-interface.c
-index 0f186ddc15e30a9c9f5e4de44b96b2c7b27d8b86..b57e95c959cf064a74a01d25a24bdc495caa6324 100644
 --- a/net/batman-adv/hard-interface.c
 +++ b/net/batman-adv/hard-interface.c
 @@ -18,7 +18,6 @@
@@ -97,8 +84,6 @@ index 0f186ddc15e30a9c9f5e4de44b96b2c7b27d8b86..b57e95c959cf064a74a01d25a24bdc49
  #include <linux/mutex.h>
  #include <linux/netdevice.h>
  #include <linux/printk.h>
-diff --git a/net/batman-adv/main.c b/net/batman-adv/main.c
-index ed9d87ce3407614e5e37922fe3039324adb027cc..edc0d53e9ba0a79ad0c37986e15ec362fb009f4f 100644
 --- a/net/batman-adv/main.c
 +++ b/net/batman-adv/main.c
 @@ -23,7 +23,6 @@
@@ -109,8 +94,6 @@ index ed9d87ce3407614e5e37922fe3039324adb027cc..edc0d53e9ba0a79ad0c37986e15ec362
  #include <linux/module.h>
  #include <linux/netdevice.h>
  #include <linux/printk.h>
-diff --git a/net/batman-adv/netlink.c b/net/batman-adv/netlink.c
-index a8f15c04826af1144db655887b754758fc5ab47a..dc193618a761c0b451e860ca83921007d286e09b 100644
 --- a/net/batman-adv/netlink.c
 +++ b/net/batman-adv/netlink.c
 @@ -23,7 +23,6 @@
@@ -121,8 +104,6 @@ index a8f15c04826af1144db655887b754758fc5ab47a..dc193618a761c0b451e860ca83921007
  #include <linux/netdevice.h>
  #include <linux/netlink.h>
  #include <linux/printk.h>
-diff --git a/net/batman-adv/tp_meter.c b/net/batman-adv/tp_meter.c
-index d4e10005df6cd2936a3132e1ad7bd8bf3c1d99b6..db7e3774825b5f5871b23c0e4fa5ce7afb2accd6 100644
 --- a/net/batman-adv/tp_meter.c
 +++ b/net/batman-adv/tp_meter.c
 @@ -23,7 +23,6 @@

batman-adv/patches/0003-batman-adv-Fix-build-of-multicast-code-against-Linux.patch

@@ -0,0 +1,34 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Fri, 14 May 2021 19:34:35 +0200
+Subject: batman-adv: Fix build of multicast code against Linux < 5.13
+
+Fixes: 007b4c4b031f ("batman-adv: convert ifmcaddr6 to RCU")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+
+--- a/net/batman-adv/multicast.c
++++ b/net/batman-adv/multicast.c
+@@ -454,9 +454,14 @@ batadv_mcast_mla_softif_get_ipv6(struct
+ 		return 0;
+ 	}
+ 
++#if LINUX_VERSION_IS_LESS(5, 13, 0)
++	read_lock_bh(&in6_dev->lock);
++	for (pmc6 = in6_dev->mc_list; pmc6; pmc6 = pmc6->next) {
++#else
+ 	for (pmc6 = rcu_dereference(in6_dev->mc_list);
+ 	     pmc6;
+ 	     pmc6 = rcu_dereference(pmc6->next)) {
++#endif
+ 		if (IPV6_ADDR_MC_SCOPE(&pmc6->mca_addr) <
+ 		    IPV6_ADDR_SCOPE_LINKLOCAL)
+ 			continue;
+@@ -485,6 +490,9 @@ batadv_mcast_mla_softif_get_ipv6(struct
+ 		hlist_add_head(&new->list, mcast_list);
+ 		ret++;
+ 	}
++#if LINUX_VERSION_IS_LESS(5, 13, 0)
++	read_unlock_bh(&in6_dev->lock);
++#endif
+ 	rcu_read_unlock();
+ 
+ 	return ret;

batman-adv/patches/0004-batman-adv-Always-send-iface-index-name-in-genlmsg.patch

@@ -0,0 +1,111 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Mon, 10 May 2021 15:05:42 +0200
+Subject: batman-adv: Always send iface index+name in genlmsg
+
+The batman-adv netlink messages often contain the interface index and
+interface name in the same message. This makes it easy for the receiver to
+operate on the incoming data when it either needs to print something or
+needs to operate on the interface index.
+
+But one of the attributes was missing for:
+
+* neighbor table dumps
+* originator table dumps
+* gateway list dumps
+* query of hardif information
+* query of vid information
+
+The userspace therefore had to implement special workarounds using
+SIOCGIFNAME or SIOCGIFINDEX depending on what was actually provided.
+Providing both information simplifies the userspace code massively without
+adding a lot of extra overhead in the kernel portion.
+
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/77c7d62618259f22f36427eaa62668e6e1c43090
+
+--- a/net/batman-adv/bat_iv_ogm.c
++++ b/net/batman-adv/bat_iv_ogm.c
+@@ -1849,6 +1849,8 @@ batadv_iv_ogm_orig_dump_subentry(struct
+ 		    orig_node->orig) ||
+ 	    nla_put(msg, BATADV_ATTR_NEIGH_ADDRESS, ETH_ALEN,
+ 		    neigh_node->addr) ||
++	    nla_put_string(msg, BATADV_ATTR_HARD_IFNAME,
++			   neigh_node->if_incoming->net_dev->name) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
+ 			neigh_node->if_incoming->net_dev->ifindex) ||
+ 	    nla_put_u8(msg, BATADV_ATTR_TQ, tq_avg) ||
+@@ -2078,6 +2080,8 @@ batadv_iv_ogm_neigh_dump_neigh(struct sk
+ 
+ 	if (nla_put(msg, BATADV_ATTR_NEIGH_ADDRESS, ETH_ALEN,
+ 		    hardif_neigh->addr) ||
++	    nla_put_string(msg, BATADV_ATTR_HARD_IFNAME,
++			   hardif_neigh->if_incoming->net_dev->name) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
+ 			hardif_neigh->if_incoming->net_dev->ifindex) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_LAST_SEEN_MSECS,
+@@ -2459,6 +2463,8 @@ static int batadv_iv_gw_dump_entry(struc
+ 		    router->addr) ||
+ 	    nla_put_string(msg, BATADV_ATTR_HARD_IFNAME,
+ 			   router->if_incoming->net_dev->name) ||
++	    nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
++			router->if_incoming->net_dev->ifindex) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_BANDWIDTH_DOWN,
+ 			gw_node->bandwidth_down) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_BANDWIDTH_UP,
+--- a/net/batman-adv/bat_v.c
++++ b/net/batman-adv/bat_v.c
+@@ -145,6 +145,8 @@ batadv_v_neigh_dump_neigh(struct sk_buff
+ 
+ 	if (nla_put(msg, BATADV_ATTR_NEIGH_ADDRESS, ETH_ALEN,
+ 		    hardif_neigh->addr) ||
++	    nla_put_string(msg, BATADV_ATTR_HARD_IFNAME,
++			   hardif_neigh->if_incoming->net_dev->name) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
+ 			hardif_neigh->if_incoming->net_dev->ifindex) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_LAST_SEEN_MSECS,
+@@ -297,6 +299,8 @@ batadv_v_orig_dump_subentry(struct sk_bu
+ 	if (nla_put(msg, BATADV_ATTR_ORIG_ADDRESS, ETH_ALEN, orig_node->orig) ||
+ 	    nla_put(msg, BATADV_ATTR_NEIGH_ADDRESS, ETH_ALEN,
+ 		    neigh_node->addr) ||
++	    nla_put_string(msg, BATADV_ATTR_HARD_IFNAME,
++			   neigh_node->if_incoming->net_dev->name) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
+ 			neigh_node->if_incoming->net_dev->ifindex) ||
+ 	    nla_put_u32(msg, BATADV_ATTR_THROUGHPUT, throughput) ||
+@@ -737,6 +741,12 @@ static int batadv_v_gw_dump_entry(struct
+ 		genlmsg_cancel(msg, hdr);
+ 		goto out;
+ 	}
++
++	if (nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
++			router->if_incoming->net_dev->ifindex)) {
++		genlmsg_cancel(msg, hdr);
++		goto out;
++	}
+ 
+ 	if (nla_put_u32(msg, BATADV_ATTR_BANDWIDTH_DOWN,
+ 			gw_node->bandwidth_down)) {
+--- a/net/batman-adv/netlink.c
++++ b/net/batman-adv/netlink.c
+@@ -813,6 +813,10 @@ static int batadv_netlink_hardif_fill(st
+ 			bat_priv->soft_iface->ifindex))
+ 		goto nla_put_failure;
+ 
++	if (nla_put_string(msg, BATADV_ATTR_MESH_IFNAME,
++			   bat_priv->soft_iface->name))
++		goto nla_put_failure;
++
+ 	if (nla_put_u32(msg, BATADV_ATTR_HARD_IFINDEX,
+ 			net_dev->ifindex) ||
+ 	    nla_put_string(msg, BATADV_ATTR_HARD_IFNAME,
+@@ -1044,6 +1048,10 @@ static int batadv_netlink_vlan_fill(stru
+ 			bat_priv->soft_iface->ifindex))
+ 		goto nla_put_failure;
+ 
++	if (nla_put_string(msg, BATADV_ATTR_MESH_IFNAME,
++			   bat_priv->soft_iface->name))
++		goto nla_put_failure;
++
+ 	if (nla_put_u32(msg, BATADV_ATTR_VLANID, vlan->vid & VLAN_VID_MASK))
+ 		goto nla_put_failure;
+ 

batman-adv/patches/0005-batman-adv-Avoid-WARN_ON-timing-related-checks.patch

@@ -0,0 +1,31 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Tue, 18 May 2021 21:00:27 +0200
+Subject: batman-adv: Avoid WARN_ON timing related checks
+
+The soft/batadv interface for a queued OGM can be changed during the time
+the OGM was queued for transmission and when the OGM is actually
+transmitted by the worker.
+
+But WARN_ON must be used to denote kernel bugs and not to print simple
+warnings. A warning can simply be printed using pr_warn.
+
+Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
+Reported-by: syzbot+c0b807de416427ff3dd1@syzkaller.appspotmail.com
+Fixes: 29b9256e6631 ("batman-adv: consider outgoing interface in OGM sending")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/5061f9c502d7101912089d8f4a7866e0a926a49a
+
+--- a/net/batman-adv/bat_iv_ogm.c
++++ b/net/batman-adv/bat_iv_ogm.c
+@@ -409,8 +409,10 @@ static void batadv_iv_ogm_emit(struct ba
+ 	if (WARN_ON(!forw_packet->if_outgoing))
+ 		return;
+ 
+-	if (WARN_ON(forw_packet->if_outgoing->soft_iface != soft_iface))
++	if (forw_packet->if_outgoing->soft_iface != soft_iface) {
++		pr_warn("%s: soft interface switch for queued OGM\n", __func__);
+ 		return;
++	}
+ 
+ 	if (forw_packet->if_incoming->if_status != BATADV_IF_ACTIVE)
+ 		return;

batman-adv/patches/0006-batman-adv-fix-error-handling.patch

@@ -0,0 +1,162 @@
+From: Pavel Skripkin <paskripkin@gmail.com>
+Date: Sun, 24 Oct 2021 16:13:56 +0300
+Subject: batman-adv: fix error handling
+
+Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was
+in wrong error handling in batadv_mesh_init().
+
+Before this patch batadv_mesh_init() was calling batadv_mesh_free() in case
+of any batadv_*_init() calls failure. This approach may work well, when
+there is some kind of indicator, which can tell which parts of batadv are
+initialized; but there isn't any.
+
+All written above lead to cleaning up uninitialized fields. Even if we hide
+ODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit
+GPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]
+
+To fix these bugs we can unwind batadv_*_init() calls one by one.
+It is good approach for 2 reasons: 1) It fixes bugs on error handling
+path 2) It improves the performance, since we won't call unneeded
+batadv_*_free() functions.
+
+So, this patch makes all batadv_*_init() clean up all allocated memory
+before returning with an error to no call correspoing batadv_*_free()
+and open-codes batadv_mesh_free() with proper order to avoid touching
+uninitialized fields.
+
+Link: https://lore.kernel.org/netdev/000000000000c87fbd05cef6bcb0@google.com/ [1]
+Reported-and-tested-by: syzbot+28b0702ada0bf7381f58@syzkaller.appspotmail.com
+Fixes: 21e838760727 ("[batman-adv] fix various race conditions during startup & shutdown")
+Signed-off-by: Pavel Skripkin <paskripkin@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/0631e0825c8129cd3896926da62a09ac00bf13a0
+
+--- a/net/batman-adv/bridge_loop_avoidance.c
++++ b/net/batman-adv/bridge_loop_avoidance.c
+@@ -1556,10 +1556,14 @@ int batadv_bla_init(struct batadv_priv *
+ 		return 0;
+ 
+ 	bat_priv->bla.claim_hash = batadv_hash_new(128);
+-	bat_priv->bla.backbone_hash = batadv_hash_new(32);
++	if (!bat_priv->bla.claim_hash)
++		return -ENOMEM;
+ 
+-	if (!bat_priv->bla.claim_hash || !bat_priv->bla.backbone_hash)
++	bat_priv->bla.backbone_hash = batadv_hash_new(32);
++	if (!bat_priv->bla.backbone_hash) {
++		batadv_hash_destroy(bat_priv->bla.claim_hash);
+ 		return -ENOMEM;
++	}
+ 
+ 	batadv_hash_set_lock_class(bat_priv->bla.claim_hash,
+ 				   &batadv_claim_hash_lock_class_key);
+--- a/net/batman-adv/main.c
++++ b/net/batman-adv/main.c
+@@ -189,29 +189,41 @@ int batadv_mesh_init(struct net_device *
+ 
+ 	bat_priv->gw.generation = 0;
+ 
+-	ret = batadv_v_mesh_init(bat_priv);
+-	if (ret < 0)
+-		goto err;
+-
+ 	ret = batadv_originator_init(bat_priv);
+-	if (ret < 0)
+-		goto err;
++	if (ret < 0) {
++		atomic_set(&bat_priv->mesh_state, BATADV_MESH_DEACTIVATING);
++		goto err_orig;
++	}
+ 
+ 	ret = batadv_tt_init(bat_priv);
+-	if (ret < 0)
+-		goto err;
++	if (ret < 0) {
++		atomic_set(&bat_priv->mesh_state, BATADV_MESH_DEACTIVATING);
++		goto err_tt;
++	}
++
++	ret = batadv_v_mesh_init(bat_priv);
++	if (ret < 0) {
++		atomic_set(&bat_priv->mesh_state, BATADV_MESH_DEACTIVATING);
++		goto err_v;
++	}
+ 
+ 	ret = batadv_bla_init(bat_priv);
+-	if (ret < 0)
+-		goto err;
++	if (ret < 0) {
++		atomic_set(&bat_priv->mesh_state, BATADV_MESH_DEACTIVATING);
++		goto err_bla;
++	}
+ 
+ 	ret = batadv_dat_init(bat_priv);
+-	if (ret < 0)
+-		goto err;
++	if (ret < 0) {
++		atomic_set(&bat_priv->mesh_state, BATADV_MESH_DEACTIVATING);
++		goto err_dat;
++	}
+ 
+ 	ret = batadv_nc_mesh_init(bat_priv);
+-	if (ret < 0)
+-		goto err;
++	if (ret < 0) {
++		atomic_set(&bat_priv->mesh_state, BATADV_MESH_DEACTIVATING);
++		goto err_nc;
++	}
+ 
+ 	batadv_gw_init(bat_priv);
+ 	batadv_mcast_init(bat_priv);
+@@ -221,8 +233,20 @@ int batadv_mesh_init(struct net_device *
+ 
+ 	return 0;
+ 
+-err:
+-	batadv_mesh_free(soft_iface);
++err_nc:
++	batadv_dat_free(bat_priv);
++err_dat:
++	batadv_bla_free(bat_priv);
++err_bla:
++	batadv_v_mesh_free(bat_priv);
++err_v:
++	batadv_tt_free(bat_priv);
++err_tt:
++	batadv_originator_free(bat_priv);
++err_orig:
++	batadv_purge_outstanding_packets(bat_priv, NULL);
++	atomic_set(&bat_priv->mesh_state, BATADV_MESH_INACTIVE);
++
+ 	return ret;
+ }
+ 
+--- a/net/batman-adv/network-coding.c
++++ b/net/batman-adv/network-coding.c
+@@ -152,8 +152,10 @@ int batadv_nc_mesh_init(struct batadv_pr
+ 				   &batadv_nc_coding_hash_lock_class_key);
+ 
+ 	bat_priv->nc.decoding_hash = batadv_hash_new(128);
+-	if (!bat_priv->nc.decoding_hash)
++	if (!bat_priv->nc.decoding_hash) {
++		batadv_hash_destroy(bat_priv->nc.coding_hash);
+ 		goto err;
++	}
+ 
+ 	batadv_hash_set_lock_class(bat_priv->nc.decoding_hash,
+ 				   &batadv_nc_decoding_hash_lock_class_key);
+--- a/net/batman-adv/translation-table.c
++++ b/net/batman-adv/translation-table.c
+@@ -4193,8 +4193,10 @@ int batadv_tt_init(struct batadv_priv *b
+ 		return ret;
+ 
+ 	ret = batadv_tt_global_init(bat_priv);
+-	if (ret < 0)
++	if (ret < 0) {
++		batadv_tt_local_table_free(bat_priv);
+ 		return ret;
++	}
+ 
+ 	batadv_tvlv_handler_register(bat_priv, batadv_tt_tvlv_ogm_handler_v1,
+ 				     batadv_tt_tvlv_unicast_handler_v1,

batman-adv/patches/0007-batman-adv-allow-netlink-usage-in-unprivileged-conta.patch

@@ -0,0 +1,182 @@
+From: Linus Lüssing <linus.luessing@c0d3.blue>
+Date: Mon, 1 Nov 2021 21:46:17 +0100
+Subject: batman-adv: allow netlink usage in unprivileged containers
+
+Currently, creating a batman-adv interface in an unprivileged LXD
+container and attaching secondary interfaces to it with "ip" or "batctl"
+works fine. However all batctl debug and configuration commands
+fail:
+
+  root@container:~# batctl originators
+  Error received: Operation not permitted
+  root@container:~# batctl orig_interval
+  1000
+  root@container:~# batctl orig_interval 2000
+  root@container:~# batctl orig_interval
+  1000
+
+To fix this change the generic netlink permissions from GENL_ADMIN_PERM
+to GENL_UNS_ADMIN_PERM. This way a batman-adv interface is fully
+maintainable as root from within a user namespace, from an unprivileged
+container.
+
+All except one batman-adv netlink setting are per interface and do not
+leak information or change settings from the host system and are
+therefore save to retrieve or modify as root from within an unprivileged
+container.
+
+"batctl routing_algo" / BATADV_CMD_GET_ROUTING_ALGOS is the only
+exception: It provides the batman-adv kernel module wide default routing
+algorithm. However it is read-only from netlink and an unprivileged
+container is still not allowed to modify
+/sys/module/batman_adv/parameters/routing_algo. Instead it is advised to
+use the newly introduced "batctl if create routing_algo RA_NAME" /
+IFLA_BATADV_ALGO_NAME to set the routing algorithm on interface
+creation, which already works fine in an unprivileged container.
+
+Cc: Tycho Andersen <tycho@tycho.pizza>
+Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/055fa41b73ca8dae1c1ed41777e32a8f02e80c82
+
+--- /dev/null
++++ b/compat-include/uapi/linux/genetlink.h
+@@ -0,0 +1,22 @@
++/* SPDX-License-Identifier: GPL-2.0 */
++/* Copyright (C) B.A.T.M.A.N. contributors:
++ *
++ * Marek Lindner, Simon Wunderlich
++ *
++ * This file contains macros for maintaining compatibility with older versions
++ * of the Linux kernel.
++ */
++
++#ifndef _NET_BATMAN_ADV_COMPAT_UAPI_LINUX_GENETLINK_H_
++#define _NET_BATMAN_ADV_COMPAT_UAPI_LINUX_GENETLINK_H_
++
++#include <linux/version.h>
++#include_next <uapi/linux/genetlink.h>
++
++#if LINUX_VERSION_IS_LESS(4, 6, 0)
++
++#define GENL_UNS_ADMIN_PERM GENL_ADMIN_PERM
++
++#endif /* LINUX_VERSION_IS_LESS(4, 6, 0) */
++
++#endif /* _NET_BATMAN_ADV_COMPAT_UAPI_LINUX_GENETLINK_H_ */
+--- a/net/batman-adv/netlink.c
++++ b/net/batman-adv/netlink.c
+@@ -1369,21 +1369,21 @@ static const struct genl_ops batadv_netl
+ 	{
+ 		.cmd = BATADV_CMD_TP_METER,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.doit = batadv_netlink_tp_meter_start,
+ 		.internal_flags = BATADV_FLAG_NEED_MESH,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_TP_METER_CANCEL,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.doit = batadv_netlink_tp_meter_cancel,
+ 		.internal_flags = BATADV_FLAG_NEED_MESH,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_ROUTING_ALGOS,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_algo_dump,
+ 	},
+ 	{
+@@ -1398,68 +1398,68 @@ static const struct genl_ops batadv_netl
+ 	{
+ 		.cmd = BATADV_CMD_GET_TRANSTABLE_LOCAL,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_tt_local_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_TRANSTABLE_GLOBAL,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_tt_global_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_ORIGINATORS,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_orig_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_NEIGHBORS,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_hardif_neigh_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_GATEWAYS,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_gw_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_BLA_CLAIM,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_bla_claim_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_BLA_BACKBONE,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_bla_backbone_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_DAT_CACHE,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_dat_cache_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_GET_MCAST_FLAGS,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.dumpit = batadv_mcast_flags_dump,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_SET_MESH,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.doit = batadv_netlink_set_mesh,
+ 		.internal_flags = BATADV_FLAG_NEED_MESH,
+ 	},
+ 	{
+ 		.cmd = BATADV_CMD_SET_HARDIF,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.doit = batadv_netlink_set_hardif,
+ 		.internal_flags = BATADV_FLAG_NEED_MESH |
+ 				  BATADV_FLAG_NEED_HARDIF,
+@@ -1475,7 +1475,7 @@ static const struct genl_ops batadv_netl
+ 	{
+ 		.cmd = BATADV_CMD_SET_VLAN,
+ 		.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
+-		.flags = GENL_ADMIN_PERM,
++		.flags = GENL_UNS_ADMIN_PERM,
+ 		.doit = batadv_netlink_set_vlan,
+ 		.internal_flags = BATADV_FLAG_NEED_MESH |
+ 				  BATADV_FLAG_NEED_VLAN,

batman-adv/patches/0008-batman-adv-mcast-don-t-send-link-local-multicast-to-.patch

@@ -0,0 +1,165 @@
+From: Linus Lüssing <linus.luessing@c0d3.blue>
+Date: Sat, 1 Jan 2022 06:27:13 +0100
+Subject: batman-adv: mcast: don't send link-local multicast to mcast routers
+
+The addition of routable multicast TX handling introduced a
+bug/regression for packets with a link-local multicast destination:
+These packets would be sent to all batman-adv nodes with a multicast
+router and to all batman-adv nodes with an old version without multicast
+router detection.
+
+This even disregards the batman-adv multicast fanout setting, which can
+potentially lead to an unwanted, high number of unicast transmissions or
+even congestion.
+
+Fixing this by avoiding to send link-local multicast packets to nodes in
+the multicast router list.
+
+Fixes: 3a8df00cd969 ("batman-adv: mcast: apply optimizations for routable packets, too")
+Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/ee013870947b9175847aa46a0686ca01dd480af4
+
+--- a/net/batman-adv/multicast.c
++++ b/net/batman-adv/multicast.c
+@@ -1380,6 +1380,7 @@ batadv_mcast_forw_rtr_node_get(struct ba
+  * @bat_priv: the bat priv with all the soft interface information
+  * @skb: The multicast packet to check
+  * @orig: an originator to be set to forward the skb to
++ * @is_routable: stores whether the destination is routable
+  *
+  * Return: the forwarding mode as enum batadv_forw_mode and in case of
+  * BATADV_FORW_SINGLE set the orig to the single originator the skb
+@@ -1387,17 +1388,16 @@ batadv_mcast_forw_rtr_node_get(struct ba
+  */
+ enum batadv_forw_mode
+ batadv_mcast_forw_mode(struct batadv_priv *bat_priv, struct sk_buff *skb,
+-		       struct batadv_orig_node **orig)
++		       struct batadv_orig_node **orig, int *is_routable)
+ {
+ 	int ret, tt_count, ip_count, unsnoop_count, total_count;
+ 	bool is_unsnoopable = false;
+ 	unsigned int mcast_fanout;
+ 	struct ethhdr *ethhdr;
+-	int is_routable = 0;
+ 	int rtr_count = 0;
+ 
+ 	ret = batadv_mcast_forw_mode_check(bat_priv, skb, &is_unsnoopable,
+-					   &is_routable);
++					   is_routable);
+ 	if (ret == -ENOMEM)
+ 		return BATADV_FORW_NONE;
+ 	else if (ret < 0)
+@@ -1410,7 +1410,7 @@ batadv_mcast_forw_mode(struct batadv_pri
+ 	ip_count = batadv_mcast_forw_want_all_ip_count(bat_priv, ethhdr);
+ 	unsnoop_count = !is_unsnoopable ? 0 :
+ 			atomic_read(&bat_priv->mcast.num_want_all_unsnoopables);
+-	rtr_count = batadv_mcast_forw_rtr_count(bat_priv, is_routable);
++	rtr_count = batadv_mcast_forw_rtr_count(bat_priv, *is_routable);
+ 
+ 	total_count = tt_count + ip_count + unsnoop_count + rtr_count;
+ 
+@@ -1730,6 +1730,7 @@ batadv_mcast_forw_want_rtr(struct batadv
+  * @bat_priv: the bat priv with all the soft interface information
+  * @skb: the multicast packet to transmit
+  * @vid: the vlan identifier
++ * @is_routable: stores whether the destination is routable
+  *
+  * Sends copies of a frame with multicast destination to any node that signaled
+  * interest in it, that is either via the translation table or the according
+@@ -1742,7 +1743,7 @@ batadv_mcast_forw_want_rtr(struct batadv
+  * is neither IPv4 nor IPv6. NET_XMIT_SUCCESS otherwise.
+  */
+ int batadv_mcast_forw_send(struct batadv_priv *bat_priv, struct sk_buff *skb,
+-			   unsigned short vid)
++			   unsigned short vid, int is_routable)
+ {
+ 	int ret;
+ 
+@@ -1758,12 +1759,16 @@ int batadv_mcast_forw_send(struct batadv
+ 		return ret;
+ 	}
+ 
++	if (!is_routable)
++		goto skip_mc_router;
++
+ 	ret = batadv_mcast_forw_want_rtr(bat_priv, skb, vid);
+ 	if (ret != NET_XMIT_SUCCESS) {
+ 		kfree_skb(skb);
+ 		return ret;
+ 	}
+ 
++skip_mc_router:
+ 	consume_skb(skb);
+ 	return ret;
+ }
+--- a/net/batman-adv/multicast.h
++++ b/net/batman-adv/multicast.h
+@@ -43,7 +43,8 @@ enum batadv_forw_mode {
+ 
+ enum batadv_forw_mode
+ batadv_mcast_forw_mode(struct batadv_priv *bat_priv, struct sk_buff *skb,
+-		       struct batadv_orig_node **mcast_single_orig);
++		       struct batadv_orig_node **mcast_single_orig,
++		       int *is_routable);
+ 
+ int batadv_mcast_forw_send_orig(struct batadv_priv *bat_priv,
+ 				struct sk_buff *skb,
+@@ -51,7 +52,7 @@ int batadv_mcast_forw_send_orig(struct b
+ 				struct batadv_orig_node *orig_node);
+ 
+ int batadv_mcast_forw_send(struct batadv_priv *bat_priv, struct sk_buff *skb,
+-			   unsigned short vid);
++			   unsigned short vid, int is_routable);
+ 
+ void batadv_mcast_init(struct batadv_priv *bat_priv);
+ 
+@@ -68,7 +69,8 @@ void batadv_mcast_purge_orig(struct bata
+ 
+ static inline enum batadv_forw_mode
+ batadv_mcast_forw_mode(struct batadv_priv *bat_priv, struct sk_buff *skb,
+-		       struct batadv_orig_node **mcast_single_orig)
++		       struct batadv_orig_node **mcast_single_orig,
++		       int *is_routable)
+ {
+ 	return BATADV_FORW_ALL;
+ }
+@@ -85,7 +87,7 @@ batadv_mcast_forw_send_orig(struct batad
+ 
+ static inline int
+ batadv_mcast_forw_send(struct batadv_priv *bat_priv, struct sk_buff *skb,
+-		       unsigned short vid)
++		       unsigned short vid, int is_routable)
+ {
+ 	kfree_skb(skb);
+ 	return NET_XMIT_DROP;
+--- a/net/batman-adv/soft-interface.c
++++ b/net/batman-adv/soft-interface.c
+@@ -198,6 +198,7 @@ static netdev_tx_t batadv_interface_tx(s
+ 	int gw_mode;
+ 	enum batadv_forw_mode forw_mode = BATADV_FORW_SINGLE;
+ 	struct batadv_orig_node *mcast_single_orig = NULL;
++	int mcast_is_routable = 0;
+ 	int network_offset = ETH_HLEN;
+ 	__be16 proto;
+ 
+@@ -300,7 +301,8 @@ static netdev_tx_t batadv_interface_tx(s
+ send:
+ 		if (do_bcast && !is_broadcast_ether_addr(ethhdr->h_dest)) {
+ 			forw_mode = batadv_mcast_forw_mode(bat_priv, skb,
+-							   &mcast_single_orig);
++							   &mcast_single_orig,
++							   &mcast_is_routable);
+ 			if (forw_mode == BATADV_FORW_NONE)
+ 				goto dropped;
+ 
+@@ -365,7 +367,8 @@ send:
+ 			ret = batadv_mcast_forw_send_orig(bat_priv, skb, vid,
+ 							  mcast_single_orig);
+ 		} else if (forw_mode == BATADV_FORW_SOME) {
+-			ret = batadv_mcast_forw_send(bat_priv, skb, vid);
++			ret = batadv_mcast_forw_send(bat_priv, skb, vid,
++						     mcast_is_routable);
+ 		} else {
+ 			if (batadv_dat_snoop_outgoing_arp_request(bat_priv,
+ 								  skb))

batman-adv/patches/0009-batman-adv-make-mc_forwarding-atomic.patch

@@ -0,0 +1,27 @@
+From: Eric Dumazet <edumazet@google.com>
+Date: Wed, 2 Mar 2022 20:05:13 +0100
+Subject: batman-adv: make mc_forwarding atomic
+
+This fixes minor data-races in ip6_mc_input() and
+batadv_mcast_mla_rtr_flags_softif_get_ipv6()
+
+Signed-off-by: Eric Dumazet <edumazet@google.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+[sven@narfation.org: Add ugly hack to get it building with old kernels]
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/56db7c0540e733a1f063ccd6bab1b537a80857eb
+
+--- a/net/batman-adv/multicast.c
++++ b/net/batman-adv/multicast.c
+@@ -135,7 +135,11 @@ static u8 batadv_mcast_mla_rtr_flags_sof
+ {
+ 	struct inet6_dev *in6_dev = __in6_dev_get(dev);
+ 
++#if LINUX_VERSION_IS_GEQ(5, 18, 0) // UGLY_HACK_NEW
++	if (in6_dev && atomic_read(&in6_dev->cnf.mc_forwarding))
++#else // UGLY_HACK_OLD
+ 	if (in6_dev && in6_dev->cnf.mc_forwarding)
++#endif // UGLY_HACK_STOP
+ 		return BATADV_NO_FLAGS;
+ 	else
+ 		return BATADV_MCAST_WANT_NO_RTR6;

batman-adv/patches/0010-batman-adv-compat-Add-atomic-mc_fowarding-support-fo.patch

@@ -0,0 +1,23 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Fri, 15 Apr 2022 15:12:45 +0200
+Subject: batman-adv: compat: Add atomic mc_fowarding support for stable kernels
+
+Fixes: 56db7c0540e7 ("batman-adv: make mc_forwarding atomic")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/350adcaec82fbaa358a2406343b6130ac8dad126
+
+--- a/net/batman-adv/multicast.c
++++ b/net/batman-adv/multicast.c
+@@ -135,7 +135,11 @@ static u8 batadv_mcast_mla_rtr_flags_sof
+ {
+ 	struct inet6_dev *in6_dev = __in6_dev_get(dev);
+ 
+-#if LINUX_VERSION_IS_GEQ(5, 18, 0) // UGLY_HACK_NEW
++#if (LINUX_VERSION_IS_GEQ(5, 4, 189) && LINUX_VERSION_IS_LESS(5, 5, 0)) || /* UGLY_HACK */ \
++    (LINUX_VERSION_IS_GEQ(5, 10, 111) && LINUX_VERSION_IS_LESS(5, 11, 0)) || /* UGLY_HACK */ \
++    (LINUX_VERSION_IS_GEQ(5, 15, 34) && LINUX_VERSION_IS_LESS(5, 16, 0)) || /* UGLY_HACK */ \
++    (LINUX_VERSION_IS_GEQ(5, 16, 20) && LINUX_VERSION_IS_LESS(5, 17, 0)) || /* UGLY_HACK */ \
++    LINUX_VERSION_IS_GEQ(5, 17, 3) // UGLY_HACK_NEW
+ 	if (in6_dev && atomic_read(&in6_dev->cnf.mc_forwarding))
+ #else // UGLY_HACK_OLD
+ 	if (in6_dev && in6_dev->cnf.mc_forwarding)

batman-adv/patches/0011-batman-adv-Request-iflink-once-in-batadv-on-batadv-c.patch

@@ -0,0 +1,44 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Wed, 2 Mar 2022 19:49:44 +0100
+Subject: batman-adv: Request iflink once in batadv-on-batadv check
+
+There is no need to call dev_get_iflink multiple times for the same
+net_device in batadv_is_on_batman_iface. And since some of the
+.ndo_get_iflink callbacks are dynamic (for example via RCUs like in
+vxcan_get_iflink), it could easily happen that the returned values are not
+stable. The pre-checks before __dev_get_by_index are then of course bogus.
+
+Fixes: 3d48811b27f5 ("batman-adv: prevent using any virtual device created on batman-adv as hard-interface")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/f6c0c45356fe3ab9c5e01b81d060f8a436658037
+
+--- a/net/batman-adv/hard-interface.c
++++ b/net/batman-adv/hard-interface.c
+@@ -149,22 +149,23 @@ static bool batadv_is_on_batman_iface(co
+ 	struct net *net = dev_net(net_dev);
+ 	struct net_device *parent_dev;
+ 	struct net *parent_net;
++	int iflink;
+ 	bool ret;
+ 
+ 	/* check if this is a batman-adv mesh interface */
+ 	if (batadv_softif_is_valid(net_dev))
+ 		return true;
+ 
++	iflink = dev_get_iflink(net_dev);
++
+ 	/* no more parents..stop recursion */
+-	if (dev_get_iflink(net_dev) == 0 ||
+-	    dev_get_iflink(net_dev) == net_dev->ifindex)
++	if (iflink == 0 || iflink == net_dev->ifindex)
+ 		return false;
+ 
+ 	parent_net = batadv_getlink_net(net_dev, net);
+ 
+ 	/* recurse over the parent device */
+-	parent_dev = __dev_get_by_index((struct net *)parent_net,
+-					dev_get_iflink(net_dev));
++	parent_dev = __dev_get_by_index((struct net *)parent_net, iflink);
+ 	/* if we got a NULL parent_dev there is something broken.. */
+ 	if (!parent_dev) {
+ 		pr_err("Cannot find parent device\n");

batman-adv/patches/0012-batman-adv-Request-iflink-once-in-batadv_get_real_ne.patch

@@ -0,0 +1,46 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Wed, 2 Mar 2022 19:49:45 +0100
+Subject: batman-adv: Request iflink once in batadv_get_real_netdevice
+
+There is no need to call dev_get_iflink multiple times for the same
+net_device in batadv_get_real_netdevice. And since some of the
+ndo_get_iflink callbacks are dynamic (for example via RCUs like in
+vxcan_get_iflink), it could easily happen that the returned values are not
+stable. The pre-checks before __dev_get_by_index are then of course bogus.
+
+Fixes: 2b45bb6c3aad ("batman-adv: additional checks for virtual interfaces on top of WiFi")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/445f477ec3e805425186f5fbe8ed0fe89cc226b6
+
+--- a/net/batman-adv/hard-interface.c
++++ b/net/batman-adv/hard-interface.c
+@@ -215,14 +215,16 @@ static struct net_device *batadv_get_rea
+ 	struct net_device *real_netdev = NULL;
+ 	struct net *real_net;
+ 	struct net *net;
+-	int ifindex;
++	int iflink;
+ 
+ 	ASSERT_RTNL();
+ 
+ 	if (!netdev)
+ 		return NULL;
+ 
+-	if (netdev->ifindex == dev_get_iflink(netdev)) {
++	iflink = dev_get_iflink(netdev);
++
++	if (netdev->ifindex == iflink) {
+ 		dev_hold(netdev);
+ 		return netdev;
+ 	}
+@@ -232,9 +234,8 @@ static struct net_device *batadv_get_rea
+ 		goto out;
+ 
+ 	net = dev_net(hard_iface->soft_iface);
+-	ifindex = dev_get_iflink(netdev);
+ 	real_net = batadv_getlink_net(netdev, net);
+-	real_netdev = dev_get_by_index(real_net, ifindex);
++	real_netdev = dev_get_by_index(real_net, iflink);
+ 
+ out:
+ 	if (hard_iface)

batman-adv/patches/0013-batman-adv-Don-t-expect-inter-netns-unique-iflink-in.patch

@@ -0,0 +1,86 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Wed, 2 Mar 2022 19:49:46 +0100
+Subject: batman-adv: Don't expect inter-netns unique iflink indices
+
+The ifindex doesn't have to be unique for multiple network namespaces on
+the same machine.
+
+  $ ip netns add test1
+  $ ip -net test1 link add dummy1 type dummy
+  $ ip netns add test2
+  $ ip -net test2 link add dummy2 type dummy
+
+  $ ip -net test1 link show dev dummy1
+  6: dummy1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
+      link/ether 96:81:55:1e:dd:85 brd ff:ff:ff:ff:ff:ff
+  $ ip -net test2 link show dev dummy2
+  6: dummy2: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
+      link/ether 5a:3c:af:35:07:c3 brd ff:ff:ff:ff:ff:ff
+
+But the batman-adv code to walk through the various layers of virtual
+interfaces uses this assumption because dev_get_iflink handles it
+internally and doesn't return the actual netns of the iflink. And
+dev_get_iflink only documents the situation where ifindex == iflink for
+physical devices.
+
+But only checking for dev->netdev_ops->ndo_get_iflink is also not an option
+because ipoib_get_iflink implements it even when it sometimes returns an
+iflink != ifindex and sometimes iflink == ifindex. The caller must
+therefore make sure itself to check both netns and iflink + ifindex for
+equality. Only when they are equal, a "physical" interface was detected
+which should stop the traversal. On the other hand, vxcan_get_iflink can
+also return 0 in case there was currently no valid peer. In this case, it
+is still necessary to stop.
+
+Fixes: 3d48811b27f5 ("batman-adv: prevent using any virtual device created on batman-adv as hard-interface")
+Fixes: 2b45bb6c3aad ("batman-adv: additional checks for virtual interfaces on top of WiFi")
+Reported-by: Sabrina Dubroca <sd@queasysnail.net>
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/0aac7a9fbbbeec25f2f54a9e6d53ea91217ba720
+
+--- a/net/batman-adv/hard-interface.c
++++ b/net/batman-adv/hard-interface.c
+@@ -157,13 +157,15 @@ static bool batadv_is_on_batman_iface(co
+ 		return true;
+ 
+ 	iflink = dev_get_iflink(net_dev);
+-
+-	/* no more parents..stop recursion */
+-	if (iflink == 0 || iflink == net_dev->ifindex)
++	if (iflink == 0)
+ 		return false;
+ 
+ 	parent_net = batadv_getlink_net(net_dev, net);
+ 
++	/* iflink to itself, most likely physical device */
++	if (net == parent_net && iflink == net_dev->ifindex)
++		return false;
++
+ 	/* recurse over the parent device */
+ 	parent_dev = __dev_get_by_index((struct net *)parent_net, iflink);
+ 	/* if we got a NULL parent_dev there is something broken.. */
+@@ -223,8 +225,7 @@ static struct net_device *batadv_get_rea
+ 		return NULL;
+ 
+ 	iflink = dev_get_iflink(netdev);
+-
+-	if (netdev->ifindex == iflink) {
++	if (iflink == 0) {
+ 		dev_hold(netdev);
+ 		return netdev;
+ 	}
+@@ -235,6 +236,14 @@ static struct net_device *batadv_get_rea
+ 
+ 	net = dev_net(hard_iface->soft_iface);
+ 	real_net = batadv_getlink_net(netdev, net);
++
++	/* iflink to itself, most likely physical device */
++	if (net == real_net && netdev->ifindex == iflink) {
++		real_netdev = netdev;
++		dev_hold(real_netdev);
++		goto out;
++	}
++
+ 	real_netdev = dev_get_by_index(real_net, iflink);
+ 
+ out:

batman-adv/patches/0014-batman-adv-Don-t-skb_split-skbuffs-with-frag_list.patch

@@ -0,0 +1,46 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Sat, 16 Apr 2022 14:24:34 +0200
+Subject: batman-adv: Don't skb_split skbuffs with frag_list
+
+The receiving interface might have used GRO to receive more fragments than
+MAX_SKB_FRAGS fragments. In this case, these will not be stored in
+skb_shinfo(skb)->frags but merged into the frag list.
+
+batman-adv relies on the function skb_split to split packets up into
+multiple smaller packets which are not larger than the MTU on the outgoing
+interface. But this function cannot handle frag_list entries and is only
+operating on skb_shinfo(skb)->frags. If it is still trying to split such an
+skb and xmit'ing it on an interface without support for NETIF_F_FRAGLIST,
+then validate_xmit_skb() will try to linearize it. But this fails due to
+inconsistent information. And __pskb_pull_tail will trigger a BUG_ON after
+skb_copy_bits() returns an error.
+
+In case of entries in frag_list, just linearize the skb before operating on
+it with skb_split().
+
+Reported-by: Felix Kaechele <felix@kaechele.ca>
+Tested-by: Felix Kaechele <felix@kaechele.ca>
+Fixes: 9de347143505 ("batman-adv: layer2 unicast packet fragmentation")
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/d467720acaf1b22b0cee58144eeaf9ef6c5e285c
+
+--- a/net/batman-adv/fragmentation.c
++++ b/net/batman-adv/fragmentation.c
+@@ -477,6 +477,17 @@ int batadv_frag_send_packet(struct sk_bu
+ 		goto free_skb;
+ 	}
+ 
++	/* GRO might have added fragments to the fragment list instead of
++	 * frags[]. But this is not handled by skb_split and must be
++	 * linearized to avoid incorrect length information after all
++	 * batman-adv fragments were created and submitted to the
++	 * hard-interface
++	 */
++	if (skb_has_frag_list(skb) && __skb_linearize(skb)) {
++		ret = -ENOMEM;
++		goto free_skb;
++	}
++
+ 	/* Create one header to be copied to all fragments */
+ 	frag_header.packet_type = BATADV_UNICAST_FRAG;
+ 	frag_header.version = BATADV_COMPAT_VERSION;

batman-adv/patches/0015-batman-adv-Fix-hang-up-with-small-MTU-hard-interface.patch

@@ -0,0 +1,43 @@
+From: Shigeru Yoshida <syoshida@redhat.com>
+Date: Sat, 20 Aug 2022 12:25:16 +0900
+Subject: batman-adv: Fix hang up with small MTU hard-interface
+
+The system hangs up when batman-adv soft-interface is created on
+hard-interface with small MTU.  For example, the following commands
+create batman-adv soft-interface on dummy interface with zero MTU:
+
+  # ip link add name dummy0 type dummy
+  # ip link set mtu 0 dev dummy0
+  # ip link set up dev dummy0
+  # ip link add name bat0 type batadv
+  # ip link set dev dummy0 master bat0
+
+These commands cause the system hang up with the following messages:
+
+  [   90.578925][ T6689] batman_adv: bat0: Adding interface: dummy0
+  [   90.580884][ T6689] batman_adv: bat0: The MTU of interface dummy0 is too small (0) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
+  [   90.586264][ T6689] batman_adv: bat0: Interface activated: dummy0
+  [   90.590061][ T6689] batman_adv: bat0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
+  [   90.595517][ T6689] batman_adv: bat0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
+  [   90.598499][ T6689] batman_adv: bat0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
+
+This patch fixes this issue by returning error when enabling
+hard-interface with small MTU size.
+
+Fixes: 29a2a3dc52f4 ("hard interface rewrite")
+Signed-off-by: Shigeru Yoshida <syoshida@redhat.com>
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/a124b52ebab91ac416cf7ba05e671cbb860f30e8
+
+--- a/net/batman-adv/hard-interface.c
++++ b/net/batman-adv/hard-interface.c
+@@ -729,6 +729,9 @@ int batadv_hardif_enable_interface(struc
+ 	int max_header_len = batadv_max_header_len();
+ 	int ret;
+ 
++	if (hard_iface->net_dev->mtu < ETH_MIN_MTU + max_header_len)
++		return -EINVAL;
++
+ 	if (hard_iface->if_status != BATADV_IF_NOT_IN_USE)
+ 		goto out;
+ 

bird1-openwrt/Makefile

@@ -0,0 +1,166 @@
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# Copyright (C) 2014-2017 Eloi Carbó <eloicaso@openmailbox.org>
+# Copyright (C) 2022-2023 Roger Pueyo Centelles <roger.pueyo@guifi.net>
+#
+
+include $(TOPDIR)/rules.mk
+
+BIRD1_PKG := bird1
+BIRD1_IPV4_PKG := $(BIRD1_PKG)-ipv4
+BIRD1_IPV6_PKG := $(BIRD1_PKG)-ipv6
+BIRD4 := bird4
+BIRD6 := bird6
+
+PKG_NAME := $(BIRD1_PKG)-openwrt
+PKG_IPV4_NAME := $(BIRD1_IPV4_PKG)-openwrt
+PKG_IPV6_NAME := $(BIRD1_IPV6_PKG)-openwrt
+PKG_VERSION := 0.3
+PKG_RELEASE := 5
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+PKG_LICENSE := GPL-3.0-or-later
+
+PKG_UCI_NAME := $(BIRD1_PKG)-uci
+PKG_LUCI_NAME := $(BIRD1_PKG)-luci
+PKG_IPV4_UCI_NAME := $(BIRD1_IPV4_PKG)-uci
+PKG_IPV6_UCI_NAME := $(BIRD1_IPV6_PKG)-uci
+PKG_IPV4_LUCI_NAME := luci-app-$(BIRD1_IPV4_PKG)
+PKG_IPV6_LUCI_NAME := luci-app-$(BIRD1_IPV6_PKG)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Build/Prepare
+endef
+
+define Build/Compile
+endef
+
+define Package/$(PKG_UCI_NAME)/Default
+  TITLE:=The BIRD UCI module (v1.6)
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=Routing and Redirection
+  MAINTAINER:=Roger Pueyo Centelles <roger.pueyo@guifi.net>
+  URL:=https://github.com/openwrt/bird1-openwrt/
+  DEPENDS:=+libuci +uci
+endef
+
+define Package/$(PKG_LUCI_NAME)/Default
+  TITLE:=LuCI support for BIRD (v1.6)
+  SECTION:=luci
+  CATEGORY:=LuCI
+  SUBMENU:=3. Applications
+  MAINTAINER:=Roger Pueyo Centelles <roger.pueyo@guifi.net>
+  URL:=https://github.com/openwrt/bird1-openwrt/
+  DEPENDS:=+luci-base +luci-compat
+endef
+
+define Package/$(PKG_UCI_NAME)/description
+$(BIRD1_PKG) UCI integration module
+endef
+
+define Package/$(PKG_LUCI_NAME)/description
+$(BIRD1_PKG) application for LuCI
+endef
+
+define Package/$(PKG_IPV4_UCI_NAME)
+$(call Package/$(PKG_UCI_NAME)/Default)
+  TITLE+= (IPv4)
+  DEPENDS+= +$(BIRD1_IPV4_PKG)
+endef
+
+define Package/$(PKG_IPV6_UCI_NAME)
+$(call Package/$(PKG_UCI_NAME)/Default)
+  TITLE+= (IPv6)
+  DEPENDS+= +$(BIRD1_IPV6_PKG)
+endef
+
+define Package/$(PKG_IPV4_LUCI_NAME)
+$(call Package/$(PKG_LUCI_NAME)/Default)
+  TITLE+= (IPv4)
+  DEPENDS+= +$(PKG_IPV4_UCI_NAME)
+endef
+
+define Package/$(PKG_IPV6_LUCI_NAME)
+$(call Package/$(PKG_LUCI_NAME)/Default)
+  TITLE+= (IPv6)
+  DEPENDS+= +$(PKG_IPV6_UCI_NAME)
+endef
+
+define Package/$(PKG_IPV4_UCI_NAME)/conffiles
+/etc/config/$(BIRD4)
+endef
+
+define Package/$(PKG_IPV6_UCI_NAME)/conffiles
+/etc/config/$(BIRD6)
+endef
+
+define Package/$(PKG_IPV4_UCI_NAME)/install
+	$(INSTALL_DIR) $(1)/etc/$(BIRD4)/init.d
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/$(BIRD4)/filters
+	$(INSTALL_DIR) $(1)/etc/$(BIRD4)/functions
+	$(INSTALL_BIN) ./$(PKG_IPV4_NAME)/src/init.d/$(BIRD4)* $(1)/etc/$(BIRD4)/init.d/
+	$(CP) ./$(PKG_IPV4_NAME)/src/uci-defaults/* $(1)/etc/$(BIRD4)/init.d/
+	$(INSTALL_CONF) ./$(PKG_IPV4_NAME)/src/config/$(BIRD4) $(1)/etc/config/
+endef
+
+define Package/$(PKG_IPV6_UCI_NAME)/install
+	$(INSTALL_DIR) $(1)/etc/$(BIRD6)/init.d
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/$(BIRD6)/filters
+	$(INSTALL_DIR) $(1)/etc/$(BIRD6)/functions
+	$(INSTALL_BIN) ./$(PKG_IPV6_NAME)/src/init.d/$(BIRD6)* $(1)/etc/$(BIRD6)/init.d/
+	$(CP) ./$(PKG_IPV6_NAME)/src/uci-defaults/* $(1)/etc/$(BIRD6)/init.d/
+	$(INSTALL_CONF) ./$(PKG_IPV6_NAME)/src/config/$(BIRD6) $(1)/etc/config/
+endef
+
+define Package/$(PKG_IPV4_UCI_NAME)/postinst
+#!/bin/sh
+if [ -z "$${IPKG_INSTROOT}" ]; then
+    ( . /etc/$(BIRD4)/init.d/bird-uci-install-init.d $(BIRD4) ) && rm -f /etc/$(BIRD4)/init.d/bird-uci-install-init.d
+    ( . /etc/$(BIRD4)/init.d/99-relocate-filters $(BIRD4) ) && rm -f /etc/$(BIRD4)/init.d/99-relocate-filters
+    if [ -f /etc/sysupgrade.conf ] && ! grep $(BIRD4) /etc/sysupgrade.conf; then
+        echo /etc/config/$(BIRD4) >> /etc/sysupgrade.conf
+        echo /etc/$(BIRD4)/filters/ >> /etc/sysupgrade.conf
+        echo /etc/$(BIRD4)/functions/ >> /etc/sysupgrade.conf
+    fi
+fi
+endef
+
+define Package/$(PKG_IPV6_UCI_NAME)/postinst
+#!/bin/sh
+if [ -z "$${IPKG_INSTROOT}" ]; then
+    ( . /etc/$(BIRD6)/init.d/bird-uci-install-init.d $(BIRD6) ) && rm -f /etc/$(BIRD6)/init.d/bird-uci-install-init.d
+    ( . /etc/$(BIRD6)/init.d/99-relocate-filters $(BIRD6) ) && rm -f /etc/$(BIRD6)/init.d/99-relocate-filters
+    if [ -f /etc/sysupgrade.conf ] && ! grep $(BIRD6) /etc/sysupgrade.conf; then
+        echo /etc/config/$(BIRD6) >> /etc/sysupgrade.conf
+        echo /etc/$(BIRD6)/filters/ >> /etc/sysupgrade.conf
+        echo /etc/$(BIRD6)/functions/ >> /etc/sysupgrade.conf
+    fi
+fi
+endef
+
+$(eval $(call BuildPackage,$(PKG_IPV4_UCI_NAME)))
+$(eval $(call BuildPackage,$(PKG_IPV6_UCI_NAME)))
+
+define Package/$(PKG_IPV4_LUCI_NAME)/install
+	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
+	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/$(BIRD4)/
+	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/$(BIRD4)/
+	$(CP) ./$(PKG_IPV4_NAME)/src/model/* $(1)/usr/lib/lua/luci/model/cbi/$(BIRD4)/
+	$(CP) ./$(PKG_IPV4_NAME)/src/controller/* $(1)/usr/lib/lua/luci/controller/
+	$(CP) ./$(PKG_IPV4_NAME)/src/view/* $(1)/usr/lib/lua/luci/view/$(BIRD4)/
+endef
+
+define Package/$(PKG_IPV6_LUCI_NAME)/install
+	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
+	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/$(BIRD6)/
+	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/$(BIRD6)/
+	$(CP) ./$(PKG_IPV6_NAME)/src/model/* $(1)/usr/lib/lua/luci/model/cbi/$(BIRD6)/
+	$(CP) ./$(PKG_IPV6_NAME)/src/controller/* $(1)/usr/lib/lua/luci/controller/
+	$(CP) ./$(PKG_IPV6_NAME)/src/view/* $(1)/usr/lib/lua/luci/view/$(BIRD6)/
+endef
+
+$(eval $(call BuildPackage,$(PKG_IPV4_LUCI_NAME)))
+$(eval $(call BuildPackage,$(PKG_IPV6_LUCI_NAME)))

bird1-openwrt/bird1-ipv4-openwrt/Makefile

@@ -1,103 +0,0 @@
-# Copyright (C) 2014-2017  Eloi Carbo <eloicaso@openmailbox.org>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-BIRD := bird4
-BIRD_PKG := bird1-ipv4
-PKG_NAME := $(BIRD_PKG)-openwrt
-PKG_VERSION := 0.3
-PKG_RELEASE := 1
-PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
-PKG_LICENSE := GPL-3.0+
-uci := $(BIRD_PKG)-uci
-luci := luci-app-$(BIRD_PKG)
-
-include $(INCLUDE_DIR)/package.mk
-
-define Build/Prepare
-endef
-define Build/Compile
-endef
-
-define Package/$(uci)
-  TITLE:=The BIRD UCI module (v1.6) (IPv4)
-  SECTION:=net
-  CATEGORY:=Network
-  SUBMENU:=Routing and Redirection
-  MAINTAINER:=Eloi Carbo <eloicaso@openmailbox.org>
-  URL:=https://github.com/eloicaso/bird-openwrt/
-  DEPENDS:=+$(BIRD_PKG) +libuci +uci
-endef
-
-define Package/$(uci)/description
-$(BIRD_PKG) UCI integration module
-endef
-
-define Package/$(uci)/conffiles
-	/etc/config/$(BIRD)
-endef
-
-define Package/$(uci)/install
-	$(INSTALL_DIR) $(1)/etc/$(BIRD)/init.d
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/$(BIRD)/filters
-	$(INSTALL_DIR) $(1)/etc/$(BIRD)/functions
-	$(INSTALL_BIN) ./src/init.d/$(BIRD)* $(1)/etc/$(BIRD)/init.d/
-	$(CP) ./src/uci-defaults/* $(1)/etc/$(BIRD)/init.d/
-	$(INSTALL_CONF) ./src/config/$(BIRD) $(1)/etc/config/
-endef
-
-define Package/$(uci)/postinst
-#!/bin/sh
-    if [ -z "$${IPKG_INSTROOT}" ]; then
-        ( . /etc/$(BIRD)/init.d/bird-uci-install-init.d $(BIRD) ) && rm -f /etc/$(BIRD)/init.d/bird-uci-install-init.d
-        ( . /etc/$(BIRD)/init.d/99-relocate-filters $(BIRD) ) && rm -f /etc/$(BIRD)/init.d/99-relocate-filters
-        if [ -f /etc/sysupgrade.conf ] && ! grep $(BIRD) /etc/sysupgrade.conf; then
-            echo /etc/config/$(BIRD) >> /etc/sysupgrade.conf
-            echo /etc/$(BIRD)/filters/ >> /etc/sysupgrade.conf
-            echo /etc/$(BIRD)/functions/ >> /etc/sysupgrade.conf
-        fi
-    fi
-endef
-
-$(eval $(call BuildPackage,$(uci)))
-
-define Package/$(luci)
-  TITLE:=LuCI support for $(BIRD_PKG)
-  SECTION:=luci
-  CATEGORY:=LuCI
-  SUBMENU:=3. Applications
-  MAINTAINER:=Eloi Carbo <eloicaso@openmailbox.org>
-  URL:=https://github.com/eloicaso/bird-openwrt/
-  DEPENDS:=+$(BIRD_PKG)-uci +luci-base
-endef
-
-define Package/$(luci)/description
-$(BIRD) application for LuCI
-endef
-
-define Package/$(luci)/install
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/$(BIRD)/
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/$(BIRD)/
-	$(CP) ./src/model/* $(1)/usr/lib/lua/luci/model/cbi/$(BIRD)/
-	$(CP) ./src/controller/* $(1)/usr/lib/lua/luci/controller/
-	$(CP) ./src/view/* $(1)/usr/lib/lua/luci/view/$(BIRD)/
-endef
-
-$(eval $(call BuildPackage,$(luci)))

bird1-openwrt/bird1-ipv4-openwrt/src/controller/bird4.lua

@@ -23,7 +23,7 @@ function index()
             _("Bird4"), 0)
 
         entry({"admin", "network", "bird4", "status"},
-            cbi("bird4/status"),
+            form("bird4/status"),
             _("Status"), 0).leaf = true
 
         entry({"admin","network","bird4","log"},
@@ -43,10 +43,10 @@ function index()
             _("BGP Protocol"), 4).leaf = true
 
         entry({"admin","network","bird4","filters"},
-            cbi("bird4/filters"),
+            form("bird4/filters"),
             _("Filters"), 5).leaf = true
 
         entry({"admin","network","bird4","functions"},
-            cbi("bird4/functions"),
+            form("bird4/functions"),
             _("Functions"), 6).leaf = true
 end

bird1-openwrt/bird1-ipv4-openwrt/src/init.d/bird4-lib.sh

@@ -56,12 +56,15 @@ get() {
 }
 
 
-# Function: get_bool $1 $2
+# Function: get_a_bool $1 $2
 # $1 boolean. $2 string
 # This function uses the external UCI function "config_get_bool $result $section $option" to obtain a boolean value from UCI config file.
 # To use this function, use the same name of the UCI option for the variable $1.
 # Example: UCI (option use_ipv6 '1'); local use_ipv6; get use_ipv6 $section
-get_bool() {
+# Note: this function was originally called get_bool(), but it collided with
+#       the get_bool() function provided by /lib/functions.sh. Read more at
+#       https://github.com/openwrt/routing/issues/920.
+get_a_bool() {
     config_get_bool $1 $2 $1
 }
 
@@ -201,7 +204,7 @@ prepare_kernel() {
     local disabled; local table; local kernel_table; local import; local export
     local scan_time; local persist; local learn
 
-    get_bool disabled ${section}
+    get_a_bool disabled ${section}
     get table ${section}
     get import ${section}
     get export ${section}
@@ -328,7 +331,7 @@ prepare_bgp_template() {
     local import_limit; local import_limit_action; local export_limit; local export_limit_action
     local receive_limit; local receive_limit_action; local igp_table
 
-    get_bool disabled ${section}
+    get_a_bool disabled ${section}
     get table ${section}
     get import ${section}
     get export ${section}
@@ -338,8 +341,8 @@ prepare_bgp_template() {
     get neighbor_address ${section}
     get neighbor_as ${section}
 
-    get_bool next_hop_self ${section}
-    get_bool next_hop_keep ${section}
+    get_a_bool next_hop_self ${section}
+    get_a_bool next_hop_keep ${section}
     get rr_client ${section}
     get rr_cluster_id ${section}
 
@@ -417,8 +420,8 @@ prepare_bgp() {
 
     get receive_limit ${section}
     get receive_limit_action ${section}
-    get_bool next_hop_self ${section}
-    get_bool next_hop_keep ${section}
+    get_a_bool next_hop_self ${section}
+    get_a_bool next_hop_keep ${section}
     get rr_client ${section}
     get rr_cluster_id ${section}
 

bird1-openwrt/bird1-ipv6-openwrt/Makefile

@@ -1,103 +0,0 @@
-# Copyright (C) 2014-2017  Eloi Carbo <eloicaso@openmailbox.org>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-BIRD := bird6
-BIRD_PKG := bird1-ipv6
-PKG_NAME := $(BIRD_PKG)-openwrt
-PKG_VERSION := 0.3
-PKG_RELEASE := 1
-PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
-PKG_LICENSE := GPL-3.0+
-uci := $(BIRD_PKG)-uci
-luci := luci-app-$(BIRD_PKG)
-
-include $(INCLUDE_DIR)/package.mk
-
-define Build/Prepare
-endef
-define Build/Compile
-endef
-
-define Package/$(uci)
-  TITLE:=The BIRD UCI module (v1.6) (IPv6)
-  SECTION:=net
-  CATEGORY:=Network
-  SUBMENU:=Routing and Redirection
-  MAINTAINER:=Eloi Carbo <eloicaso@openmailbox.org>
-  URL:=https://github.com/eloicaso/bird-openwrt/
-  DEPENDS:=+$(BIRD_PKG) +libuci +uci
-endef
-
-define Package/$(uci)/description
-$(BIRD_PKG) UCI integration module
-endef
-
-define Package/$(uci)/conffiles
-	/etc/config/$(BIRD)
-endef
-
-define Package/$(uci)/install
-	$(INSTALL_DIR) $(1)/etc/$(BIRD)/init.d
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/$(BIRD)/filters
-	$(INSTALL_DIR) $(1)/etc/$(BIRD)/functions
-	$(INSTALL_BIN) ./src/init.d/$(BIRD)* $(1)/etc/$(BIRD)/init.d/
-	$(CP) ./src/uci-defaults/* $(1)/etc/$(BIRD)/init.d/
-	$(INSTALL_CONF) ./src/config/$(BIRD) $(1)/etc/config/
-endef
-
-define Package/$(uci)/postinst
-#!/bin/sh
-    if [ -z "$${IPKG_INSTROOT}" ]; then
-        ( . /etc/$(BIRD)/init.d/bird-uci-install-init.d $(BIRD) ) && rm -f /etc/$(BIRD)/init.d/bird-uci-install-init.d
-        ( . /etc/$(BIRD)/init.d/99-relocate-filters $(BIRD) ) && rm -f /etc/$(BIRD)/init.d/99-relocate-filters
-        if [ -f /etc/sysupgrade.conf ] && ! grep $(BIRD) /etc/sysupgrade.conf; then
-            echo /etc/config/$(BIRD) >> /etc/sysupgrade.conf
-            echo /etc/$(BIRD)/filters/ >> /etc/sysupgrade.conf
-            echo /etc/$(BIRD)/functions/ >> /etc/sysupgrade.conf
-        fi
-    fi
-endef
-
-$(eval $(call BuildPackage,$(uci)))
-
-define Package/$(luci)
-  TITLE:=LuCI support for $(BIRD_PKG)
-  SECTION:=luci
-  CATEGORY:=LuCI
-  SUBMENU:=3. Applications
-  MAINTAINER:=Eloi Carbo <eloicaso@openmailbox.org>
-  URL:=https://github.com/eloicaso/bird-openwrt/
-  DEPENDS:=+$(BIRD_PKG)-uci +luci-base
-endef
-
-define Package/$(luci)/description
-$(BIRD) application for LuCI
-endef
-
-define Package/$(luci)/install
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/$(BIRD)/
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci/view/$(BIRD)/
-	$(CP) ./src/model/* $(1)/usr/lib/lua/luci/model/cbi/$(BIRD)/
-	$(CP) ./src/controller/* $(1)/usr/lib/lua/luci/controller/
-	$(CP) ./src/view/* $(1)/usr/lib/lua/luci/view/$(BIRD)/
-endef
-
-$(eval $(call BuildPackage,$(luci)))

bird1-openwrt/bird1-ipv6-openwrt/src/controller/bird6.lua

@@ -23,7 +23,7 @@ function index()
             _("Bird6"), 0)
 
         entry({"admin", "network", "bird6", "status"},
-            cbi("bird6/status"),
+            form("bird6/status"),
             _("Status"), 0).leaf = true
 
         entry({"admin","network","bird6","log"},
@@ -43,10 +43,10 @@ function index()
             _("BGP Protocol"), 4).leaf = true
 
         entry({"admin","network","bird6","filters"},
-            cbi("bird6/filters"),
+            form("bird6/filters"),
             _("Filters"), 5).leaf = true
 
         entry({"admin","network","bird6","functions"},
-            cbi("bird6/functions"),
+            form("bird6/functions"),
             _("Functions"), 6).leaf = true
 end

bird1-openwrt/bird1-ipv6-openwrt/src/init.d/bird6-lib.sh

@@ -57,12 +57,15 @@ get() {
 }
 
 
-# Function: get_bool $1 $2
+# Function: get_a_bool $1 $2
 # $1 boolean. $2 string
 # This function uses the external UCI function "config_get_bool $result $section $option" to obtain a boolean value from UCI config file.
 # To use this function, use the same name of the UCI option for the variable $1.
 # Example: UCI (option use_ipv6 '1'); local use_ipv6; get use_ipv6 $section
-get_bool() {
+# Note: this function was originally called get_bool(), but it collided with
+#       the get_bool() function provided by /lib/functions.sh. Read more at
+#       https://github.com/openwrt/routing/issues/920.
+get_a_bool() {
     config_get_bool $1 $2 $1
 }
 
@@ -195,7 +198,7 @@ prepare_kernel() {
     local disabled; local table; local kernel_table; local import; local export
     local scan_time; local persist; local learn
 
-    get_bool disabled ${section}
+    get_a_bool disabled ${section}
     get table ${section}
     get import ${section}
     get export ${section}
@@ -322,9 +325,9 @@ prepare_bgp_template() {
     local import_limit; local import_limit_action; local export_limit; local export_limit_action
     local receive_limit; local receive_limit_action; local igp_table
 
-    get_bool disabled ${section}
-    get_bool next_hop_self ${section}
-    get_bool next_hop_keep ${section}
+    get_a_bool disabled ${section}
+    get_a_bool next_hop_self ${section}
+    get_a_bool next_hop_keep ${section}
     get table ${section}
     get import ${section}
     get export ${section}

bird2/Makefile

@@ -7,17 +7,18 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bird2
-PKG_VERSION:=2.0.7
-PKG_RELEASE:=3
+PKG_VERSION:=2.13.1
+PKG_RELEASE:=1
 
 PKG_SOURCE:=bird-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=ftp://bird.network.cz/pub/bird
-PKG_HASH:=631d2b58aebdbd651aaa3c68c3756c02ebfe5b1e60d307771ea909eeaa5b1066
-PKG_BUILD_DEPENDS:=ncurses readline
-PKG_MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
-PKG_BUILD_DIR:=$(BUILD_DIR)/bird-$(PKG_VERSION)
+PKG_HASH:=97bb8d57be9bc5083e2b566416d27e314162856a12ca7c77e202e467d20d4080
 
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
+PKG_LICENSE:=GPL-2.0-or-later
+
+PKG_BUILD_DEPENDS:=ncurses readline
+PKG_BUILD_DIR:=$(BUILD_DIR)/bird-$(PKG_VERSION)
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -96,7 +97,7 @@ protocols, telling BIRD to show various information, telling it to show
 a routing table filtered by a filter, or asking BIRD to reconfigure.
 endef
 
-CONFIGURE_ARGS += --with-linux-headers="$(LINUX_DIR)"  --disable-libssh
+CONFIGURE_ARGS += --disable-libssh
 
 define Package/bird2/conffiles
 /etc/bird.conf

bird2/patches/000-ospf-bus-error.patch

@@ -0,0 +1,11 @@
+--- a/proto/ospf/topology.h
++++ b/proto/ospf/topology.h
+@@ -41,7 +41,7 @@ struct top_hash_entry
+   u8 mode;			/* LSA generated during RT calculation (LSA_RTCALC or LSA_STALE)*/
+   u8 nhs_reuse;			/* Whether nhs nodes can be reused during merging.
+ 				   See a note in rt.c:add_cand() */
+-};
++} PACKED;
+ 
+ 
+ /* Prevents ospf_hash_find() to ignore the entry, for p->lsrqh and p->lsrth */

bird2/patches/0001-babel-Set-onlink-flag-for-IPv4-routes-with-unreachab.patch

@@ -1,40 +0,0 @@
-From 0ca3156f64a46c52c6d6fc913958f83970d3e57f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
-Date: Mon, 30 Apr 2018 11:13:02 +0200
-Subject: [PATCH] babel: Set onlink flag for IPv4 routes with unreachable next
- hop
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-If the next hop of a route is not a reachable address, the route should be
-installed as onlink. This enables a configuration common in mesh networks
-where the mesh interface is assigned a /32 and babel handles the routing by
-installing onlink routes.
-
-Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
----
- proto/babel/babel.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/proto/babel/babel.c b/proto/babel/babel.c
-index ce05191c..afd2eb19 100644
---- a/proto/babel/babel.c
-+++ b/proto/babel/babel.c
-@@ -640,6 +640,13 @@ babel_announce_rte(struct babel_proto *p, struct babel_entry *e)
-       .nh.iface = r->neigh->ifa->iface,
-     };
- 
-+    /* If we cannot find a reachable neighbour, set the entry to be onlink. This
-+     * makes it possible to, e.g., assign /32 addresses on a mesh interface and
-+     * have routing work.
-+     */
-+    if (!neigh_find(&p->p, r->next_hop, r->neigh->ifa->iface, 0))
-+	    a0.nh.flags = RNF_ONLINK;
-+
-     rta *a = rta_lookup(&a0);
-     rte *rte = rte_get_temp(a);
-     rte->u.babel.seqno = r->seqno;
--- 
-2.17.0
-

bird2/patches/010-gcc10.patch

@@ -1,30 +0,0 @@
-From 4bbc10614f3431c37e6352f5a6ea5c693c31021e Mon Sep 17 00:00:00 2001
-From: Maria Matejka <mq@ucw.cz>
-Date: Tue, 4 Feb 2020 10:11:16 +0100
-Subject: [PATCH] Added missing extern
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Thanks to Robert Scheck <bird@robert-scheck.de> who reported it
-and Toke Høiland-Jørgensen <toke@toke.dk> who suggested this patch.
----
- nest/route.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/nest/route.h b/nest/route.h
-index d2a07f09..b927db5f 100644
---- a/nest/route.h
-+++ b/nest/route.h
-@@ -458,7 +458,7 @@ typedef struct rta {
- 					   protocol-specific metric is availabe */
- 
- 
--const char * rta_dest_names[RTD_MAX];
-+extern const char * rta_dest_names[RTD_MAX];
- 
- static inline const char *rta_dest_name(uint n)
- { return (n < RTD_MAX) ? rta_dest_names[n] : "???"; }
--- 
-2.26.2
-

cjdns/Makefile

@@ -17,12 +17,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=cjdns
-PKG_VERSION:=v21
-PKG_RELEASE:=1
+PKG_VERSION:=v21.1
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/cjdelisle/cjdns/tar.gz/$(PKG_NAME)-$(PKG_VERSION)?
-PKG_HASH:=6dfb1fe18c9689324f36c8d33e660972aac5af4579fcaa9c4730179bc8d67c69
+PKG_HASH:=a6158ce7847159aa44e86f74ccc7b6ded6910a230ed8f3830db53cda5838f0b0
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_NAME)-$(PKG_VERSION)
 
 PKG_MAINTAINER:=William Fleurant <meshnet@protonmail.com>
@@ -81,7 +81,7 @@ define Build/Compile
 	CC="$(TARGET_CC)" \
 	AR="$(TARGET_AR)" \
 	RANLIB="$(TARGET_RANLIB)" \
-	CFLAGS="$(TARGET_CFLAGS) -U_FORTIFY_SOURCE" \
+	CFLAGS="$(TARGET_CFLAGS) -U_FORTIFY_SOURCE -Wno-error=array-bounds -Wno-error=stringop-overflow" \
 	LDFLAGS="$(TARGET_LDFLAGS)" \
 	SYSTEM="linux" \
 	TARGET_ARCH="$(CONFIG_ARCH)" \

cjdns/files/cjdns.defaults

@@ -23,17 +23,10 @@ EOF
   fi
 
   # enable auto-peering on ethernet interface lan, if existing
-  uci get network.lan | grep interface >/dev/null 2>&1
-  if [ $? -eq 0 ]; then
-    uci get network.lan.type | grep bridge >/dev/null 2>&1
-    if [ $? -eq 0 ]; then
-      # most routers will set up an ethernet bridge for the lan
-      ifname="br-lan"
-    else
-      # docker containers don't have permission to create bridges by default,
-      # so we bind to the underlying interface instead (likely eth0)
-      ifname=`uci get network.lan.ifname`
-    fi
+  ifname=$(uci -q get network.lan.device || \
+           ([ "$(uci -q get network.lan.type)" == "bridge" ] && echo br-lan) || \
+           uci -q get network.lan.ifname)
+  if [ -n "$ifname" ]; then
     uci -q batch <<-EOF >/dev/null
       add cjdns eth_interface
       set cjdns.@eth_interface[-1].beacon=2
@@ -46,7 +39,7 @@ EOF
   # create the network interface
   uci -q batch <<-EOF >/dev/null
     set network.cjdns=interface
-    set network.cjdns.ifname=tuncjdns
+    set network.cjdns.device=tuncjdns
     set network.cjdns.proto=none
 EOF
 

cjdns/lua/cjdns/uci.lua

@@ -53,6 +53,10 @@ function UCI.get()
     obj.router.interface.tunDevice = config.tun_device
   end
 
+  cursor:foreach("cjdns", "supernodes", function(supernodes)
+    table.insert(obj.router.supernodes, supernodes.public_key)
+  end)
+
   for i,section in pairs(obj.security) do
     if type(section.seccomp) == "number" then
       obj.security[i].seccomp = tonumber(config.seccomp)

cjdns/patches/001-five-mins-builder-zonk.patch

@@ -1,13 +1,13 @@
 --- a/node_build/builder.js
 +++ b/node_build/builder.js
-@@ -215,8 +215,8 @@ var execJs = function (js, builder, file
-     js = qs.join("'");
+@@ -277,8 +277,8 @@ const execJs = function (js, ctx, file,
+     js = '"use strict";' + qs.join("'");
  
-     var to = setTimeout(function () {
+     const to = setTimeout(function () {
 -        throw new Error("Inline JS did not return after 120 seconds [" + js + "]");
 -    }, 120000);
 +        throw new Error("Inline JS did not return after 5 minutes [" + js + "]");
 +    }, 300000);
  
-     var REQUIRE = function (str) {
-         if (typeof(str) !== 'string') {
+     nThen(function (waitFor) {
+ 

cjdns/patches/010-musl-12x.patch

@@ -1,11 +0,0 @@
---- a/memory/Allocator.c
-+++ b/memory/Allocator.c
-@@ -57,7 +57,7 @@ static void unroll(struct Allocator_pvt*
-     struct Allocator_Allocation_pvt* allocation = context->allocations;
-     while (allocation && includeAllocations) {
-         writeUnroller(&childUnroller);
--        fprintf(stderr, "%s:%ld [%lu] bytes at [0x%lx]\n",
-+        fprintf(stderr, "%s:%tu [%tu] bytes at [0x%lx]\n",
-                 allocation->fileName,
-                 allocation->lineNum,
-                 allocation->pub.size,

cjdns/patches/020-prefer-python2.patch

@@ -0,0 +1,11 @@
+--- a/node_build/FindPython.js
++++ b/node_build/FindPython.js
+@@ -23,7 +23,7 @@ var Fs = require('fs');
+ // de-prioritize because the testing script accepts ANY python3 version
+ // (as of this writing, we don't know what python3 versions actually work)
+ // whereas we know that python2.7 is the only working python2 version.
+-var PYTHONS = ["python3.7", "python3", "python2.7", "python2", "python"];
++var PYTHONS = ["python2", "python2.7", "python3.7", "python3.8", "python3.9", "python3"]
+ 
+ var SCRIPT = [
+     'import sys',

luci-app-cjdns/Makefile

@@ -18,7 +18,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-cjdns
 PKG_VERSION:=1.3
-PKG_RELEASE:=8
+PKG_RELEASE:=9
 
 PKG_MAINTAINER:=William Fleurant <meshnet@protonmail.com>
 PKG_LICENSE:=GPL-3.0-or-later

luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua

@@ -70,4 +70,13 @@ eth_peers:option(Value, "address", translate("MAC address")).datatype = "macaddr
 eth_peers:option(Value, "public_key", translate("Public key"))
 eth_peers:option(Value, "password", translate("Password"))
 
+-- Supernodes
+supernodes = m:section(TypedSection, "supernodes", translate("List of Supernodes"),
+  translate("If none are specified they'll be taken from your peers"))
+supernodes.anonymous = true
+supernodes.addremove = true
+supernodes.template  = "cbi/tblsection"
+
+supernodes:option(Value, "public_key", translate("Public Key")).size = 55
+
 return m

mcproxy/Makefile

@@ -10,10 +10,11 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=mcproxy
 PKG_SOURCE_VERSION:=93b5ace42268160ebbfff4c61818fb15fa2d9b99
 PKG_VERSION:=2017-08-24-$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/mcproxy/mcproxy.git
+PKG_MIRROR_HASH:=5779a78dedaef491825ada632fe6d8282067025dede41d0eede5c441893a2994
 PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
 PKG_LICENSE:=GPL-2.0+
 

mcproxy/patches/0003-add-sourcefilter.patch

@@ -1,7 +1,5 @@
-Index: mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/utils/mc_socket.cpp
-===================================================================
---- mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99.orig/mcproxy/src/utils/mc_socket.cpp
-+++ mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/utils/mc_socket.cpp
+--- a/mcproxy/src/utils/mc_socket.cpp
++++ b/mcproxy/src/utils/mc_socket.cpp
 @@ -37,6 +37,10 @@
  #include <numeric>
  #include <unistd.h>
@@ -13,10 +11,8 @@ Index: mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/u
  std::string ipAddrResolver(std::string ipAddr)
  {
      std::string str[][2] = {
-Index: mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/utils/sourcefilter.cpp
-===================================================================
 --- /dev/null
-+++ mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/utils/sourcefilter.cpp
++++ b/mcproxy/src/utils/sourcefilter.cpp
 @@ -0,0 +1,165 @@
 +/* Get source filter.  Linux version.
 +   Copyright (C) 2004-2014 Free Software Foundation, Inc.

mcproxy/patches/0006-block-ingress.patch

@@ -1,7 +1,5 @@
-Index: mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/proxy/proxy_instance.cpp
-===================================================================
---- mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99.orig/mcproxy/src/proxy/proxy_instance.cpp
-+++ mcproxy-2017-08-24-93b5ace42268160ebbfff4c61818fb15fa2d9b99/mcproxy/src/proxy/proxy_instance.cpp
+--- a/mcproxy/src/proxy/proxy_instance.cpp
++++ b/mcproxy/src/proxy/proxy_instance.cpp
 @@ -171,6 +171,9 @@ void proxy_instance::worker_thread()
      HC_LOG_TRACE("");
      while (m_running) {

mesh11sd/Makefile

@@ -0,0 +1,63 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+# Copyright (C) 2022 BlueWave Projects and Services  <licence@blue-wave.net>
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mesh11sd
+PKG_VERSION:=1.2.0
+PKG_RELEASE:=$(AUTORELEASE)
+
+PKG_MAINTAINER:=Rob White <rob@blue-wave.net>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/opennds/mesh11sd/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=b719eaacf63eb3684d0cd6a026f4357a4f400f2339f5d5a6cf74ba3744fe30d8
+PKG_BUILD_DIR:=$(BUILD_DIR)/mesh11sd-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mesh11sd
+  SUBMENU:=Captive Portals
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Dynamic 802.11s Mesh Configuration Daemon
+  PKGARCH:=all
+  URL:=https://github.com/opennds/mesh11sd
+endef
+
+define Package/mesh11sd/description
+  Mesh11sd is a dynamic parameter configuration daemon for 802.11s mesh networks.
+  It was originally designed to leverage 802.11s mesh networking at Captive Portal venues.
+  This is the open source version and it enables easy and automated mesh network operation with multiple mesh nodes.
+  It allows all mesh parameters supported by the wireless driver to be set in the uci config file.
+  Settings take effect immediately without having to restart the wireless network.
+  Default settings give rapid and reliable layer 2 mesh convergence.
+  Without mesh11sd, many mesh parameters cannot be set in the uci wireless config file as the mesh interface must be up before the parameters can be set.
+  Some of those that are supported, would fail to be implemented when the network is (re)started resulting in errors or dropped nodes.
+  The mesh11sd daemon dynamically checks configured parameters and sets them as required.
+  This version does not require a Captive Portal to be running.
+endef
+
+define Package/mesh11sd/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/mesh11sd $(1)/usr/sbin
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/linux_openwrt/mesh11sd/files/etc/config/mesh11sd $(1)/etc/config/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/linux_openwrt/mesh11sd/files/etc/init.d/mesh11sd $(1)/etc/init.d/
+endef
+
+define Package/mesh11sd/conffiles
+/etc/config/mesh11sd
+endef
+
+define Build/Compile
+endef
+
+$(eval $(call BuildPackage,mesh11sd))

minimalist-pcproxy/Makefile

@@ -9,10 +9,11 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=minimalist-pcproxy
 PKG_SOURCE_VERSION:=2d6d1b0b0a3b79a9b4a9b0a7606a84600a967bcb
 PKG_VERSION:=2015-01-12-$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/fingon/minimalist-pcproxy.git
+PKG_MIRROR_HASH:=d3e872ee6207829ef142d22d591d203e4836f6aa150167411b542e8df4af4d53
 PKG_MAINTAINER:=Markus Stenberg <fingon@iki.fi>
 PKG_LICENSE:=GPL-2.0
 

mrd6/Makefile

@@ -8,20 +8,20 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mrd6
-PKG_SOURCE_VERSION:=c805eb33255dbc0b6647d463c6c67d1c9d3105a0
-PKG_VERSION:=2013-11-30-$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=2
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/hugosantos/mrd6.git
+PKG_SOURCE_DATE:=2013-11-30
+PKG_SOURCE_VERSION:=c805eb33255dbc0b6647d463c6c67d1c9d3105a0
+PKG_MIRROR_HASH:=976243b967c18fcbf64d26158898245264c6d03d498826b104e6c92406a8f64f
+
 PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
-PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
 
 include $(INCLUDE_DIR)/package.mk
 

naywatch/Makefile

@@ -0,0 +1,50 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2021 Nick Hainke <vincent@systemli.org>
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=naywatch
+PKG_VERSION:=1
+PKG_RELEASE:=$(AUTORELEASE)
+
+PKG_MAINTAINER:=Nick Hainke <vincent@systemli.org>
+PKG_LICENSE:=GPL-2.0-only
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/naywatch
+  SECTION:=utils
+  CATEGORY:=Utilities
+  TITLE:=Watchdog for IPv6 links
+  PKGARCH:=all
+  DEPENDS:=@IPV6 +owipcalc
+endef
+
+define Package/naywatch/description
+Reboots or triggers watchdog if no link-local neighbor is available.
+
+Important:
+Be careful when you do a sysupgrade. Stop naywatch first, and make
+sure procd took control again of the watchdog.
+You can do this using 'ubus call system watchdog'.  Status should be "running".
+endef
+
+define Package/naywatch/conffiles
+/etc/config/naywatch
+endef
+
+define Build/Compile
+endef
+
+define Package/naywatch/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/naywatch.init $(1)/etc/init.d/naywatch
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) ./files/naywatch.sh $(1)/usr/bin/naywatch
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DATA) ./files/naywatch.config $(1)/etc/config/naywatch
+endef
+
+$(eval $(call BuildPackage,naywatch))

naywatch/files/naywatch.config

@@ -0,0 +1,8 @@
+config naywatch general
+    option check_interval   '50'
+    option watchdog_timeout '60'
+    option use_watchdog     '0'
+    option save_logs        '1'
+    list interface          'lan'
+    list interface          'wan'
+    list save_cmd           'dmesg'

naywatch/files/naywatch.init

@@ -0,0 +1,89 @@
+#!/bin/sh /etc/rc.common
+
+. /usr/share/libubox/jshn.sh
+
+USE_PROCD=1
+START=95
+STOP=01
+
+log() {
+    local msg="$1"
+    logger -t naywatch "$msg"
+}
+
+wait_for_network()
+{
+    ubus -t 15 wait_for network.interface.$1 2>/dev/null
+}
+
+boot()
+{
+    local _interfaces
+    config_load naywatch
+    config_get _interfaces general interface
+
+    for interface in $_interfaces; do
+        wait_for_network interface
+    done
+
+    rc_procd start_service
+}
+
+start_service() {
+    procd_open_instance
+
+    config_load naywatch
+    local _check_interval
+    local _watchdog_timeout
+    local _use_watchdog
+    local _save_logs
+    local _interfaces
+
+    config_get _check_interval general "check_interval"
+    config_get _watchdog_timeout general "watchdog_timeout"
+    config_get _use_watchdog general "use_watchdog"
+    config_get _save_logs general "save_logs"
+    config_get _interfaces general "interface"
+
+    procd_set_param command /usr/bin/naywatch "$_check_interval" "$_watchdog_timeout" "$_use_watchdog" "$_save_logs" "$_interfaces"
+
+    procd_set_param respawn 3600 15 0
+
+    procd_set_param stdout 1
+    procd_set_param stderr 1
+
+    procd_close_instance
+}
+
+stop_service() {
+    exec 3>&- # close file again
+    sync && wait
+}
+
+watchdog_procd_runnig() {
+	watch=$(ubus call system watchdog)
+	json_load "$watch"
+	json_get_var watchdogstatus status
+	if [[ "$watchdogstatus" == "running" ]] ; then
+        echo "1"
+        return
+	fi
+    echo "0"
+}
+
+service_stopped() {
+    log "Naywatch Stopped!"
+    log "Try to handover watchdog to procd again."
+    for i in 1 2 3 4 5 6 7 8 9 10 ; do
+        sleep 5
+        ubus call system watchdog '{"stop":false}' > /dev/null
+        if [[ $(watchdog_procd_runnig) == "1" ]] ; then
+            break
+        fi
+    done
+    if [[ $(watchdog_procd_runnig) == "1" ]] ; then
+        log "Handover sucessfully!"
+    else
+        log "Handover to procd failed! Device can reboot!"
+    fi
+}

naywatch/files/naywatch.sh

@@ -0,0 +1,125 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/functions/network.sh
+
+CHECK_INTERVAL=$1
+shift
+WATCHDOG_TIMEOUT=$1
+shift
+USE_WATCHDOG=$1
+shift
+SAVE_LOGS=$1
+shift
+INTERFACES="$*"
+
+ACTIVE=0
+NO_NEIGHBORS_COUNT=0
+MIN_KICK=5
+
+log() {
+    local msg="$1"
+    logger -t naywatch "$msg"
+}
+
+write_logs() {
+    save_log() {
+        eval $1 > /root/$(date +%s)-"$1".log
+    }
+    config_load naywatch
+    config_list_foreach general save_cmd save_log
+    sync
+}
+
+neighbors_available() {
+    local phy
+
+    for interface in $INTERFACES; do
+        network_get_physdev phy $interface > /dev/null 2>&1
+        linklocal=$(ip -6 a list dev $phy | grep "scope link" | awk '{print $2}' | sed 's/\/64//') 2> /dev/null
+        ips=$(ping ff02::1%$phy -w5 -W5 -c2 | awk '/from/{print($4)}' | sed 's/.$//') 2> /dev/null
+        for ip in $ips; do
+            if [ $ip != $linklocal ] && [ $(owipcalc $ip linklocal) -eq 1 ]; then
+                echo 1
+                return 0
+            fi
+        done
+    done
+
+    echo 0
+}
+
+activate_watchdog() {
+    # disable openwrt instrumentation:
+    ubus call system watchdog '{"magicclose":true,"stop":true,"timeout":'${WATCHDOG_TIMEOUT}'}' > /dev/null
+    exec 3>/dev/watchdog
+}
+
+reboot_now() {
+    # copied from watch-cat
+    reboot &
+
+    [ "$1" -ge 1 ] && {
+        sleep "$1"
+        echo 1 >/proc/sys/kernel/sysrq
+        echo b >/proc/sysrq-trigger
+    }
+}
+
+no_neighbors() {
+    log "No Neighbors Available!"
+
+    NO_NEIGHBORS_COUNT=$(($NO_NEIGHBORS_COUNT+1))
+
+    if [ $ACTIVE -eq 0 ]; then
+        return 0
+    fi
+
+    if [ $SAVE_LOGS -eq 1 ]; then
+        log "Saving Logs!"
+        write_logs
+    fi
+
+    if [ $USE_WATCHDOG -eq 0 ] && [ $NO_NEIGHBORS_COUNT -gt $MIN_KICK ]; then
+        reboot_now 10
+    fi
+}
+
+log "Naywatch Started!"
+
+neighbors() {
+    if [ $ACTIVE -eq 0 ]; then
+        log "Naywatch Activated!"
+    fi
+    ACTIVE=1
+    NO_NEIGHBORS_COUNT=0
+    if [ $USE_WATCHDOG -eq 1 ]; then
+        echo 1 >&3
+    fi
+}
+
+not_active() {
+    if [ $USE_WATCHDOG -eq 1 ]; then
+        echo 1 >&3
+    fi 
+}
+
+if [ $USE_WATCHDOG -eq 1 ]; then
+    activate_watchdog
+fi
+
+while [ 1 ]; do
+    # first sleep
+    sleep $CHECK_INTERVAL
+
+    has_neighbor=$(neighbors_available)
+    if [ $has_neighbor -eq 0 ] && [ $ACTIVE -eq 1 ]; then
+        no_neighbors
+    elif [ $has_neighbor -eq 1 ]; then
+        neighbors
+    else
+        not_active
+    fi
+done
+
+exit 0

nodogsplash/Makefile

@@ -6,59 +6,57 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=nodogsplash
-PKG_FIXUP:=autoreconf
-PKG_VERSION:=5.0.0
+PKG_VERSION:=5.0.2
 PKG_RELEASE:=1
 
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/nodogsplash/nodogsplash/tar.gz/v$(PKG_VERSION)?
-PKG_SOURCE:=nodogsplash-$(PKG_VERSION).tar.gz
-PKG_HASH:=a7665f4a42997746a31e9217f2f54e360aa7fc4bc72bd89faa08f1ccf7875b5e
-PKG_BUILD_DIR:=$(BUILD_DIR)/nodogsplash-$(PKG_VERSION)
+PKG_HASH:=908d3674e93726fdcefb4c3b6705c745753435df9d46425781a57e3f6b417797
 
 PKG_MAINTAINER:=Moritz Warning <moritzwarning@web.de>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
-PKG_LICENSE:=GPL-2.0+
 
 include $(INCLUDE_DIR)/package.mk
 
-
 define Package/nodogsplash
   SUBMENU:=Captive Portals
   SECTION:=net
   CATEGORY:=Network
-	DEPENDS:=+libpthread +iptables-mod-ipopt +libmicrohttpd-no-ssl
+  DEPENDS:=+libpthread +libmicrohttpd-no-ssl +iptables-nft \
+           +iptables-mod-nat-extra +iptables-mod-ipopt \
+           +iptables-mod-conntrack-extra
   TITLE:=Open public network gateway daemon
   URL:=https://github.com/nodogsplash/nodogsplash
-	CONFLICTS:=nodogsplash2
 endef
 
 define Package/nodogsplash/description
   Nodogsplash is a Captive Portal that offers a simple way to
   provide restricted access to the Internet by showing a splash
   page to the user before Internet access is granted.
-	It also incorporates an API that allows the creation of
-	sophisticated authentication applications.
 endef
 
 define Package/nodogsplash/install
-
+	$(INSTALL_DIR) $(1)/usr/lib/nodogsplash
+	$(INSTALL_BIN) ./files/usr/lib/nodogsplash/restart.sh $(1)/usr/lib/nodogsplash/
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/nodogsplash $(1)/usr/bin/
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/
-
+	$(INSTALL_DIR) $(1)/etc/nodogsplash/htdocs/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/nodogsplash/htdocs/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/resources/splash.css $(1)/etc/nodogsplash/htdocs/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/resources/status.html $(1)/etc/nodogsplash/htdocs/
 	$(INSTALL_DIR) $(1)/etc/nodogsplash/htdocs/images
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/nodogsplash/htdocs/images/
 	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/etc/config/nodogsplash $(1)/etc/config/
 	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/etc/init.d/nodogsplash $(1)/etc/init.d/
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/usr/lib/nodogsplash
-	$(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/nodogsplash/htdocs/
-	$(CP) $(PKG_BUILD_DIR)/resources/splash.css $(1)/etc/nodogsplash/htdocs/
-	$(CP) $(PKG_BUILD_DIR)/resources/status.html $(1)/etc/nodogsplash/htdocs/
-	$(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/nodogsplash/htdocs/images/
-	$(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/etc/config/nodogsplash $(1)/etc/config/
-	$(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/etc/init.d/nodogsplash $(1)/etc/init.d/
-	$(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/etc/uci-defaults/40_nodogsplash $(1)/etc/uci-defaults/
-	$(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/usr/lib/nodogsplash/restart.sh $(1)/usr/lib/nodogsplash/
+	$(INSTALL_BIN) ./files/etc/uci-defaults/40_nodogsplash $(1)/etc/uci-defaults/
 endef
 
 define Package/nodogsplash/postrm

nodogsplash/files/etc/config/nodogsplash

@@ -0,0 +1,152 @@
+
+# The options available here are an adaptation of the settings used in nodogsplash.conf.
+# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
+
+config nodogsplash
+  # Set to 0 to disable nodogsplash
+  option enabled 1
+
+  # Set to 0 to disable hook that makes nodogsplash restart when the firewall restarts.
+  # This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries.
+  option fwhook_enabled '1'
+
+  # WebRoot
+  # Default: /etc/nodogsplash/htdocs
+  #
+  # The local path where the splash page content resides.
+  # ie. Serve the file splash.html from this directory
+  #option webroot '/etc/nodogsplash/htdocs'
+
+  # Use plain configuration file
+  #option config '/etc/nodogsplash/nodogsplash.conf'
+
+  # Use this option to set the device nodogsplash will bind to.
+  # The value may be an interface section in /etc/config/network or a device name such as br-lan.
+  option gatewayinterface 'br-lan'
+
+  # GatewayPort
+  # Default: 2050
+  #
+  # Nodogsplash's own http server uses gateway address as its IP address.
+  # The port it listens to at that IP can be set here; default is 2050.
+  #
+  #option gatewayport '2050'
+
+
+  option gatewayname 'OpenWrt Nodogsplash'
+  option maxclients '250'
+
+  # Enables debug output (0-3)
+  #option debuglevel '1'
+
+  # Client timeouts in minutes
+  option preauthidletimeout '30'
+  option authidletimeout '120'
+  # Session Timeout is the interval after which clients are forced out (a value of 0 means never)
+  option sessiontimeout '1200'
+
+  # The interval in seconds at which nodogsplash checks client timeout status
+  option checkinterval '600'
+
+  # Enable BinAuth Support.
+  # If set, a program is called with several parameters on authentication (request) and deauthentication.
+  # Request for authentication:
+  # $<BinAuth> auth_client <client_mac> '<username>' '<password>'
+  #
+  # The username and password values may be empty strings and are URL encoded.
+  # The program is expected to output the number of seconds the client
+  # is to be authenticated. Zero or negative seconds will cause the authentification request
+  # to be rejected. The same goes for an exit code that is not 0.
+  # The output may contain a user specific download and upload limit in KBit/s:
+  # <seconds> <upload> <download>
+  #
+  # Called on authentication or deauthentication:
+  # $<BinAuth> <*auth|*deauth> <incoming_bytes> <outgoing_bytes> <session_start> <session_end>
+  #
+  # "client_auth": Client authenticated via this script.
+  # "client_deauth": Client deauthenticated by the client via splash page.
+  # "idle_deauth": Client was deauthenticated because of inactivity.
+  # "timeout_deauth": Client was deauthenticated because the session timed out.
+  # "ndsctl_auth": Client was authenticated manually by the ndsctl tool.
+  # "ndsctl_deauth": Client was deauthenticated by the ndsctl tool.
+  # "shutdown_deauth": Client was deauthenticated by Nodogsplash terminating.
+  #
+  # Values session_start and session_start are in seconds since 1970 or 0 for unknown/unlimited.
+  #
+  #option binauth '/bin/myauth.sh'
+  # Enable PreAuth Support.
+  #
+  # A simple login script is provided in the package.
+  # This generates a login page asking for usename and email address.
+  # User logins are recorded in the log file /tmp/ndslog.log
+  # Details of how the script works are contained in comments in the script itself.
+  #
+  # The Preauth program will output html code that will be served to the client by NDS
+  # Using html GET the Preauth program may call:
+  # /nodogsplash_preauth/ to ask the client for more information
+  # or
+  # /nodogsplash_auth/ to authenticate the client
+  #
+  # The Preauth program should append at least the client ip to the query string
+  # (using html input type hidden) for all calls to /nodogsplash_preauth/
+  # It must also obtain the client token using ndsctl (or the original query string if fas_secure_enabled=0)
+  # for NDS authentication when calling /nodogsplash_auth/
+  #
+  #option preauth '/usr/lib/nodogsplash/login.sh'
+
+  # Your router may have several interfaces, and you
+  # probably want to keep them private from the gatewayinterface.
+  # If so, you should block the entire subnets on those interfaces, e.g.:
+  #list authenticated_users 'block to 192.168.0.0/16'
+  #list authenticated_users 'block to 10.0.0.0/8'
+
+  # Typical ports you will probably want to open up.
+  #list authenticated_users 'allow tcp port 22'
+  #list authenticated_users 'allow tcp port 53'
+  #list authenticated_users 'allow udp port 53'
+  #list authenticated_users 'allow tcp port 80'
+  #list authenticated_users 'allow tcp port 443'
+  # Or for happy customers allow all
+  list authenticated_users 'allow all'
+
+  # For preauthenticated users to resolve IP addresses in their
+  # initial request not using the router itself as a DNS server,
+  # Leave commented to help prevent DNS tunnelling
+  #list preauthenticated_users 'allow tcp port 53'
+  #list preauthenticated_users 'allow udp port 53'
+
+  # Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
+  list users_to_router 'allow tcp port 22'
+  list users_to_router 'allow tcp port 23'
+  list users_to_router 'allow tcp port 53'
+  list users_to_router 'allow udp port 53'
+  list users_to_router 'allow udp port 67'
+  list users_to_router 'allow tcp port 80'
+
+  # MAC addresses that are / are not allowed to access the splash page
+  # Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
+  #option macmechanism 'allow'
+  #list allowedmac '00:00:C0:01:D0:0D'
+  #list allowedmac '00:00:C0:01:D0:1D'
+  #list blockedmac '00:00:C0:01:D0:2D'
+
+  # MAC addresses that do not need to authenticate
+  #list trustedmac '00:00:C0:01:D0:1D'
+
+  # Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask.
+  # This mask can conflict with the requirements of other packages such as mwan3, sqm etc
+  # Any values set here are interpreted as in hex format.
+  #
+  # List: fw_mark_authenticated
+  # Default: 30000 (0011|0000|0000|0000|0000 binary)
+  #
+  # List: fw_mark_trusted
+  # Default: 20000 (0010|0000|0000|0000|0000 binary)
+  #
+  # List: fw_mark_blocked
+  # Default: 10000 (0001|0000|0000|0000|0000 binary)
+  #
+  #option fw_mark_authenticated '30000'
+  #option fw_mark_trusted '20000'
+  #option fw_mark_blocked '10000'
+

nodogsplash/files/etc/init.d/nodogsplash

@@ -0,0 +1,215 @@
+#!/bin/sh /etc/rc.common
+
+#
+# Startup/shutdown script for nodogsplash captive portal
+#
+
+START=95
+STOP=95
+
+USE_PROCD=1
+
+IPT=/usr/sbin/iptables
+WD_DIR=/usr/bin
+
+# Run in PROCD (-f) and log to SYSLOG (-s)
+OPTIONS="-f -s"
+#
+
+CONFIG=""
+
+
+addline() {
+  append CONFIG "$1" "$N"
+}
+
+setup_mac_lists() {
+  local cfg="$1"
+  local macs=""
+  local val
+
+  append_mac() {
+    append macs "$1" ","
+  }
+
+  config_get val "$cfg" macmechanism
+  if [ -z "$val" ]; then
+    # Check if we have AllowedMACList or BlockedMACList defined they will be ignored
+    config_get val "$cfg" allowedmac
+    if [ -n "$val" ]; then
+      echo "Ignoring allowedmac - macmechanism not \"allow\"" >&2
+    fi
+
+    config_get val "$cfg" blockedmac
+    if [ -n "$val" ]; then
+      echo "Ignoring blockedmac - macmechanism not \"block\"" >&2
+    fi
+  elif [ "$val" = "allow" ]; then
+    config_list_foreach "$cfg" allowedmac append_mac
+    addline "MACmechanism allow"
+    addline "AllowedMACList $macs"
+  elif [ "$val" = "block" ]; then
+    config_list_foreach "$cfg" blockedmac append_mac
+    addline "MACmechanism block"
+    addline "BlockedMACList $macs"
+  else
+    echo "Invalid macmechanism '$val' - allow or block are valid." >&2
+    return 1
+  fi
+
+  macs=""
+  config_list_foreach "$cfg" trustedmac append_mac
+  if [ -n "$macs" ]; then
+    addline "TrustedMACList $macs"
+  fi
+
+  return 0
+}
+
+setup_firewall() {
+  local cfg="$1"
+  local uci_name
+  local val
+
+  append_firewall() {
+    addline "  FirewallRule $1"
+  }
+
+  for rule in authenticated-users preauthenticated-users users-to-router trusted-users trusted-users-to-router; do
+    # uci does not allow dashes
+    uci_name=${rule//-/_}
+    addline "FirewallRuleSet $rule {"
+    config_list_foreach "$cfg" "$uci_name" append_firewall
+    addline "}"
+    config_get val "$cfg" "policy_${uci_name}"
+    if [ -n "$val" ]; then
+      addline "EmptyRuleSetPolicy $rule $val"
+    fi
+  done
+}
+
+wait_for_interface() {
+  local ifname="$1"
+  local timeout=10
+
+  for i in $(seq $timeout); do
+    if [ $(ip -4 addr show dev $ifname 2> /dev/null | grep -c inet) -ne 0 ]; then
+      break
+    fi
+    sleep 1
+    if [ $i = $timeout ]; then
+      echo "Interface $ifname not detected." >&2
+      return 1
+    fi
+  done
+
+  return 0
+}
+
+generate_uci_config() {
+  local cfg="$1"
+  local val
+  local ifname
+  local download
+  local upload
+
+  # Init config file content
+  CONFIG="# auto-generated config file from /etc/config/nodogsplash"
+
+  config_get val "$cfg" config
+  if [ -n "$val" ]; then
+    if [ ! -f "$val" ]; then
+      echo "Configuration file '$file' doesn't exist." >&2
+      return 1
+    fi
+    addline "$(cat $val)"
+  fi
+
+  config_get ifname "$cfg" gatewayinterface
+
+  # Get device name if interface name is a section name in /etc/config/network
+  if network_get_device tmp "$ifname"; then
+    ifname="$tmp"
+  fi
+
+  if [ -z "$ifname" ]; then
+    echo "Option network or gatewayinterface missing." >&2
+    return 1
+  fi
+
+  wait_for_interface "$ifname" || return 1
+
+  addline "GatewayInterface $ifname"
+
+  for option in preauth binauth \
+    daemon debuglevel maxclients gatewayname gatewayinterface gatewayiprange \
+    gatewayaddress gatewayport webroot splashpage statuspage \
+    redirecturl sessiontimeout preauthidletimeout authidletimeout checkinterval \
+    setmss mssvalue trafficcontrol downloadlimit uploadlimit \
+    syslogfacility ndsctlsocket fw_mark_authenticated \
+    fw_mark_blocked fw_mark_trusted
+  do
+    config_get val "$cfg" "$option"
+
+    if [ -n "$val" ]; then
+      addline "$option $val"
+    fi
+  done
+  for option in fasport fasremoteip faspath fas_secure_enabled ; do
+    config_get val "$cfg" "$option"
+    if [ -n "$val" ]; then
+      echo "Warning: nodogsplash does not support $val"
+      return 1
+    fi
+  done
+  config_get download "$cfg" downloadlimit
+  config_get upload "$cfg" uploadlimit
+
+  if [ -n "$upload" -o -n "$download" ]; then
+    addline "TrafficControl yes"
+  fi
+
+  setup_mac_lists "$cfg" || return 1
+  setup_firewall "$cfg"
+
+  echo "$CONFIG" > "/tmp/etc/nodogsplash_$cfg.conf"
+  return 0
+}
+
+# setup configuration and start instance
+create_instance() {
+  local cfg="$1"
+  local val
+
+  config_get_bool val "$cfg" enabled 0
+  [ $val -gt 0 ] || return 0
+
+  if ! generate_uci_config "$cfg"; then
+    echo "Can not generate uci config. Will not start instance $cfg." >&2
+    return 1
+  fi
+
+  procd_open_instance $cfg
+  procd_set_param command /usr/bin/nodogsplash -c "/tmp/etc/nodogsplash_$cfg.conf" $OPTIONS
+  procd_set_param respawn
+  procd_set_param file "/tmp/etc/nodogsplash_$cfg.conf"
+  procd_close_instance
+}
+
+start_service() {
+  # For network_get_device()
+  include /lib/functions
+
+  # For nodogsplash.conf file
+  mkdir -p /tmp/etc/
+
+  config_load nodogsplash
+  config_foreach create_instance nodogsplash
+}
+
+stop_service() {
+  # When procd terminates nodogsplash, it does not exit fast enough.
+  # Otherwise procd will restart nodogsplash twice. First time starting
+  # nodogsplash fails, second time it succeeds.
+  sleep 1
+}

nodogsplash/files/etc/uci-defaults/40_nodogsplash

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+uci -q batch <<-EOF
+	delete firewall.nodogsplash
+	set firewall.nodogsplash=include
+	set firewall.nodogsplash.type=script
+	set firewall.nodogsplash.path=/usr/lib/nodogsplash/restart.sh
+	commit firewall
+EOF

nodogsplash/files/usr/lib/nodogsplash/restart.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# Check if nodogsplash is running
+if ndsctl status &> /dev/null; then
+  if [ "$(uci -q get nodogsplash.@nodogsplash[0].fwhook_enabled)" = "1" ]; then
+    /etc/init.d/nodogsplash restart
+  fi
+fi

ohybridproxy/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=ohybridproxy
 PKG_SOURCE_VERSION:=0dfef1eb5f067250a5f24a899536879ea4fdc4c5
 PKG_SOURCE_DATE:=2020-05-22
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/sbyx/ohybridproxy.git
@@ -24,9 +24,6 @@ PKG_BUILD_PARALLEL:=1
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 
-# Spammy debug builds for now
-CMAKE_OPTIONS += -DL_LEVEL=7
-
 define Package/ohybridproxy
   SECTION:=net
   CATEGORY:=Network

olsrd/Makefile

@@ -1,21 +1,20 @@
+# SPDX-License-Identifier: GPL-2.0-or-later
 #
 # Copyright (C) 2009-2016 OpenWrt.org
 #
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
 
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=olsrd
-PKG_SOURCE_DATE:=2020-06-18
-PKG_RELEASE:=3
+PKG_SOURCE_DATE:=2021-06-12
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/OLSR/olsrd.git
-PKG_SOURCE_VERSION:=84400e5cf56590cd2bd5bef2d224104d1bac4252
-PKG_MIRROR_HASH:=0511743e53505107fdb38fe1b355e145cd7bc1aa409dd0a6a2815bb14b63af73
+PKG_SOURCE_VERSION:=4973feb538b5b98b9d8ac2f8f474202f6d73de78
+PKG_MIRROR_HASH:=705ff34d7ce13f59004b7fc91d852b8a6982538b58a78f4dfa552e212c1026eb
 
+PKG_MAINTAINER:=Nick Hainke <vincent@systemli.org>
 PKG_BUILD_PARALLEL:=0
 PKG_LICENSE:=BSD-3-Clause
 
@@ -35,7 +34,7 @@ endef
 define Package/olsrd
   $(call Package/olsrd/template)
   MENU:=1
-  DEPENDS:=+libpthread
+  DEPENDS:=+libpthread +libubus
 endef
 
 define Package/olsrd/conffiles
@@ -55,6 +54,13 @@ define Package/olsrd-mod-dot-draw
   TITLE:=Dot topology information plugin
 endef
 
+
+define Package/olsrd-mod-filtergw
+  $(call Package/olsrd/template)
+  DEPENDS:=olsrd
+  TITLE:=Filter Gateway plugin
+endef
+
 define Package/olsrd-mod-bmf
   $(call Package/olsrd/template)
   DEPENDS:=olsrd +kmod-tun
@@ -151,6 +157,12 @@ define Package/olsrd-mod-watchdog
   TITLE:=Watchdog plugin
 endef
 
+define Package/olsrd-utils
+  $(call Package/olsrd/template)
+  DEPENDS:=olsrd
+  TITLE:=Utils for OLSRD
+endef
+
 define Package/olsrd-mod-pud/conffiles
 /etc/olsrd.d/olsrd.pud.position.conf
 endef
@@ -169,7 +181,7 @@ MAKE_FLAGS+= \
 	DESTDIR="$(PKG_INSTALL_DIR)" \
 	STRIP="true" \
 	INSTALL_LIB="true" \
-	SUBDIRS="arprefresh bmf dot_draw dyn_gw dyn_gw_plain httpinfo jsoninfo netjson mdns nameservice p2pd pgraph pud quagga secure sgwdynspeed txtinfo watchdog"
+	SUBDIRS="arprefresh bmf dot_draw dyn_gw dyn_gw_plain httpinfo filtergw jsoninfo netjson mdns nameservice p2pd pgraph pud quagga secure sgwdynspeed txtinfo watchdog"
 
 define Build/Compile
 	$(call Build/Compile/Default,all)
@@ -178,7 +190,7 @@ endef
 
 define Package/olsrd/install
 	$(INSTALL_DIR) $(1)/lib/functions
-	$(INSTALL_DATA) ./files/olsrd.init $(1)/lib/functions/olsrd.sh
+	$(INSTALL_DATA) ./files/olsrd.sh $(1)/lib/functions/olsrd.sh
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DATA) ./files/olsrd.config $(1)/etc/config/olsrd
 	$(INSTALL_DATA) ./files/olsrd6.config $(1)/etc/config/olsrd6
@@ -187,8 +199,6 @@ define Package/olsrd/install
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/olsrd4.init $(1)/etc/init.d/olsrd
 	$(INSTALL_BIN) ./files/olsrd6.init $(1)/etc/init.d/olsrd6
-	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
-	$(INSTALL_BIN) ./files/olsrd.hotplug.sh $(1)/etc/hotplug.d/iface/50-olsrd
 endef
 
 define Package/olsrd-mod-arprefresh/install
@@ -196,6 +206,11 @@ define Package/olsrd-mod-arprefresh/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/arprefresh/olsrd_arprefresh.so.* $(1)/usr/lib/
 endef
 
+define Package/olsrd-mod-filtergw/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/filtergw/olsrd_filtergw.so.* $(1)/usr/lib/
+endef
+
 define Package/olsrd-mod-dot-draw/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/dot_draw/olsrd_dot_draw.so.* $(1)/usr/lib/
@@ -289,9 +304,15 @@ define Package/olsrd-mod-watchdog/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/watchdog/olsrd_watchdog.so.* $(1)/usr/lib/
 endef
 
+define Package/olsrd-utils/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) ./files/olsrd-neigh.sh $(1)/usr/bin/olsrd-neigh
+endef
+
 $(eval $(call BuildPackage,olsrd))
 $(eval $(call BuildPackage,olsrd-mod-arprefresh))
 $(eval $(call BuildPackage,olsrd-mod-dot-draw))
+$(eval $(call BuildPackage,olsrd-mod-filtergw))
 $(eval $(call BuildPackage,olsrd-mod-bmf))
 $(eval $(call BuildPackage,olsrd-mod-dyn-gw))
 $(eval $(call BuildPackage,olsrd-mod-dyn-gw-plain))
@@ -308,3 +329,4 @@ $(eval $(call BuildPackage,olsrd-mod-secure))
 $(eval $(call BuildPackage,olsrd-mod-sgwdynspeed))
 $(eval $(call BuildPackage,olsrd-mod-txtinfo))
 $(eval $(call BuildPackage,olsrd-mod-watchdog))
+$(eval $(call BuildPackage,olsrd-utils))

olsrd/files/olsrd-neigh.sh

@@ -0,0 +1,109 @@
+#!/bin/sh
+
+. /usr/share/libubox/jshn.sh
+
+hostsfile_getname()
+{
+	local config="$1"
+	local i=0
+	local value file
+
+	while value="$( uci -q get $config.@LoadPlugin[$i].library )"; do {
+		case "$value" in
+			'olsrd_nameservice'*)
+				file="$( uci -q get $config.@LoadPlugin[$i].hosts_file )"
+				break
+			;;
+		esac
+
+		i=$(( i + 1 ))
+	} done
+
+	echo "${file:-/var/run/hosts_olsr}"
+}
+
+read_hostnames()
+{
+	local file_list=" $( hostsfile_getname 'olsrd' ) $(hostsfile_getname 'olsrd6' ) "
+	local line ip hostname file file_list_uniq
+
+	for file in $file_list; do {
+		case " $file_list_uniq " in
+			*" $file "*)
+			;;
+			*)
+				file_list_uniq="$file_list_uniq $file"
+			;;
+		esac
+	} done
+
+	for file in $file_list_uniq; do {
+		[ -e "$file" ] || continue
+
+		while read -r line; do {
+			case "$line" in
+				[0-9]*)
+					# 2001:ffff:ffff:ffff::1 SomeNode-core.olsr   # myself
+					# 10.0.0.1  SomeNode    # 10.0.0.1
+					set -f
+					set +f -- $line
+					ip="$1"
+					hostname="$2"
+
+					# global vars, e.g.
+					# IP_1_2_3_4='foo' or IP_2001_ffff_ffff_ffff__1='bar'
+					eval IP_${ip//[.:]/_}="$hostname"
+				;;
+			esac
+		} done <"$file"
+	} done
+}
+
+read_hostnames
+
+VARS='localIP:Local remoteIP:Remote validityTime:vTime linkQuality:LQ'
+VARS="$VARS neighborLinkQuality:NLQ linkCost:Cost remoteHostname:Host"
+
+for HOST in '127.0.0.1' '::1';do
+	# check for availability of HOST
+	nc $HOST 9090 >/dev/null 2>&1
+	if [ $? != 0 ]; then
+		continue
+	fi
+
+	json_init
+	json_load "$( echo /links | nc $HOST 9090 | sed -n '/^[}{ ]/p' )"	# remove header/non-json
+
+	if json_is_a links array;then
+		json_select links
+		for v in ${VARS};do
+			eval _${v%:*}=0
+		done
+		for j in 0 1;do
+			case ${j} in 1)
+				for v in ${VARS};do
+					eval printf \"%-\${_${v%:*}}s \" ${v#*:}
+				done
+				echo
+			;;esac
+			i=1;while json_is_a ${i} object;do
+				json_select ${i}
+				json_get_vars $(for v in ${VARS};do echo ${v%:*};done)
+				case ${j} in 0)
+					for v in ${VARS};do
+						eval "test \${_${v%:*}} -lt \${#${v%:*}} && _${v%:*}=\${#${v%:*}}"
+					done
+				;;*)
+					for v in ${VARS};do
+						eval printf \"%-\${_${v%:*}}s \" \$${v%:*}
+						eval remoteHostname="\$IP_${remoteIP//[.:]/_}"
+					done
+					echo
+				;;esac
+				json_select ..
+				i=$(( i + 1 ))
+			done
+		done
+	fi
+	echo
+done

olsrd/files/olsrd.config

@@ -22,3 +22,8 @@ config LoadPlugin
 
 config Interface
 	list interface 'wlan'
+
+config procd procd
+	option respawn_threshold '3600'
+	option respawn_timeout '15'
+	option respawn_retry '0'

olsrd/files/olsrd.hotplug.sh

@@ -1,71 +0,0 @@
-#!/bin/sh
-
-olsrd_list_configured_interfaces()
-{
-	local i=0
-	local interface
-
-	while interface="$( uci -q get $OLSRD.@Interface[$i].interface )"; do {
-		case "$( uci -q get $OLSRD.@Interface[$i].ignore )" in
-			1|on|true|enabled|yes)
-				# is disabled
-			;;
-			*)
-				echo "$interface"	# e.g. 'lan'
-			;;
-		esac
-
-		i=$(( i + 1 ))
-	} done
-}
-
-olsrd_interface_already_in_config()
-{
-	# e.g.: 'Interface "eth0.1" "eth0.2" "wlan0"'
-	if grep -s ^'Interface ' "/var/etc/$OLSRD.conf" | grep -q "\"$DEVICE\""; then
-		logger -t olsrd_hotplug -p daemon.debug "[OK] already_active: '$INTERFACE' => '$DEVICE'"
-		return 0
-	else
-		logger -t olsrd_hotplug -p daemon.info "[OK] ifup: '$INTERFACE' => '$DEVICE'"
-		return 1
-	fi
-}
-
-olsrd_interface_needs_adding()
-{
-	local interface
-
-	# likely and cheap operation:
-	olsrd_interface_already_in_config && return 1
-
-	for interface in $(olsrd_list_configured_interfaces); do {
-		[ "$interface" = "$INTERFACE" ] && {
-			olsrd_interface_already_in_config || return 0
-		}
-	} done
-
-	logger -t olsrd_hotplug -p daemon.debug "[OK] interface '$INTERFACE' => '$DEVICE' not used for $OLSRD"
-	return 1
-}
-
-case "$ACTION" in
-	ifup)
-		# only work after the first normal startup
-		# also: no need to test, if enabled
-	        OLSRD=olsrd
-		[ -e "/var/etc/$OLSRD.conf" ] && {
-			# INTERFACE = e.g. 'wlanadhocRADIO1' or 'cfg144d8f'
-			# DEVICE    = e.g. 'wlan1-1'
-			olsrd_interface_needs_adding && {
-				. /etc/rc.common /etc/init.d/$OLSRD restart
-			}
-		}
-
-	        OLSRD=olsrd6
-		[ -e "/var/etc/$OLSRD.conf" ] && {
-			olsrd_interface_needs_adding && {
-				. /etc/rc.common /etc/init.d/$OLSRD restart
-			}
-		}
-	;;
-esac

olsrd/files/olsrd.sh

@@ -1,11 +1,6 @@
 #!/bin/sh /etc/rc.common
 # Copyright (C) 2008-2017 OpenWrt.org
 
-START=65
-
-SERVICE_DAEMONIZE=1
-SERVICE_WRITE_PID=1
-
 OLSRD_OLSRD_SCHEMA='ignore:internal config_file:internal DebugLevel=0 AllowNoInt=yes'
 OLSRD_IPCCONNECT_SCHEMA='ignore:internal Host:list Net:list2'
 OLSRD_LOADPLUGIN_SCHEMA='ignore:internal library:internal Host4:list Net4:list2 Host:list Net:list2 Host6:list Net6:list2 Ping:list redistribute:list NonOlsrIf:list name:list lat lon latlon_infile HNA:list2 hosts:list2 ipv6only:bool'
@@ -34,6 +29,54 @@ validate_varname() {
 	return 0
 }
 
+olsrd_list_configured_interfaces()
+{
+	local i=0
+	local interface
+
+	while interface="$( uci -q get $OLSRD.@Interface[$i].interface )"; do {
+		case "$( uci -q get $OLSRD.@Interface[$i].ignore )" in
+			1|on|true|enabled|yes)
+				# is disabled
+			;;
+			*)
+				echo "$interface"	# e.g. 'lan'
+			;;
+		esac
+
+		i=$(( i + 1 ))
+	} done
+}
+
+olsrd_interface_already_in_config()
+{
+	# e.g.: 'Interface "eth0.1" "eth0.2" "wlan0"'
+	if grep -s ^'Interface ' "/var/etc/$OLSRD.conf" | grep -q "\"$DEVICE\""; then
+		logger -t olsrd_hotplug -p daemon.debug "[OK] already_active: '$INTERFACE' => '$DEVICE'"
+		return 0
+	else
+		logger -t olsrd_hotplug -p daemon.info "[OK] ifup: '$INTERFACE' => '$DEVICE'"
+		return 1
+	fi
+}
+
+olsrd_interface_needs_adding()
+{
+	local interface
+
+	# likely and cheap operation:
+	olsrd_interface_already_in_config && return 1
+
+	for interface in $(olsrd_list_configured_interfaces); do {
+		[ "$interface" = "$INTERFACE" ] && {
+			olsrd_interface_already_in_config || return 0
+		}
+	} done
+
+	logger -t olsrd_hotplug -p daemon.debug "[OK] interface '$INTERFACE' => '$DEVICE' not used for $OLSRD"
+	return 1
+}
+
 validate_olsrd_option() {
 	local str="$1"
 	[ -z "$str" -o "$str" != "${str%%[! 	0-9A-Za-z.%/|:_-]*}" ] && return 1
@@ -581,6 +624,10 @@ olsrd_write_interface() {
 					ifnames="$ifnames \"$IFNAME\""
 					ifsglobal="$ifsglobal $IFNAME"
 				fi
+			elif [[ "$(ip -details link show dev $interface)" == *"wireguard"* ]]; then
+				# wireguard interface
+				ifnames="$ifnames \"$interface\""
+				ifsglobal="$ifsglobal $interface"
 			else
 				log "$funcname() Warning: Interface '$interface' not found, skipped"
 			fi
@@ -769,7 +816,8 @@ olsrd_setup_smartgw_rules() {
 	fi
 }
 
-start() {
+olsrd_generate_config() {
+	UCI_CONF_NAME="$1"
 	SYSTEM_HOSTNAME=
 	SYSTEM_LAT=
 	SYSTEM_LON=
@@ -801,23 +849,4 @@ start() {
 	fi
 
 	[ -z "$OLSRD_CONFIG_FILE" ] && return 1
-
-	SERVICE_PID_FILE="$PID"
-	if service_check /usr/sbin/olsrd; then
-		error "there is already an instance of $UCI_CONF_NAME running (pid: '$(cat $PID)'), not starting."
-		return 1
-	else
-		service_start /usr/sbin/olsrd -f "$OLSRD_CONFIG_FILE" -nofork
-		sleep 1
-		service_check /usr/sbin/olsrd || {
-			log "startup-error: check via: '/usr/sbin/olsrd -f \"$OLSRD_CONFIG_FILE\" -nofork'"
-		}
-	fi
-
-	olsrd_setup_smartgw_rules
-}
-
-stop() {
-	SERVICE_PID_FILE="$PID"
-	service_stop /usr/sbin/olsrd
 }

olsrd/files/olsrd4.init

@@ -4,11 +4,76 @@
 . $IPKG_INSTROOT/lib/functions/olsrd.sh
 
 START=65
-
-SERVICE_DAEMONIZE=1
-SERVICE_WRITE_PID=1
-
-CONF=/var/etc/olsrd.conf
+USE_PROCD=1
+BIN=/usr/sbin/olsrd
+OLSRD=olsrd
+CONF=/var/etc/$OLSRD.conf
 PID=/var/run/olsrd.pid
 
-UCI_CONF_NAME=olsrd
+wait_for_network()
+{
+	ubus -t 15 wait_for network.interface.$1 2>/dev/null
+}
+
+wait_for_wireless()
+{
+	local count=0
+	ubus -t 15 wait_for network.wireless 2>/dev/null
+	while [ $count -lt 30 ]; do
+		if  [ "$(ubus call network.wireless status | jsonfilter -e '@[*]["pending"]' | grep true | wc -l)" == "0" ]; then
+			break
+		fi
+		count=$((count+1))
+		sleep 1
+	done
+}
+
+boot()
+{
+	config_load network
+	config_foreach wait_for_network interface
+	wait_for_wireless
+	rc_procd start_service
+}
+
+start_service() {
+	olsrd_generate_config $OLSRD
+
+	procd_open_instance
+
+	config_load olsrd
+	local _respawn_threshold
+	local _respawn_timeout
+	local _respawn_retry
+
+	config_get _respawn_threshold procd respawn_threshold 3600
+	config_get _respawn_timeout procd respawn_timeout 15
+	config_get _respawn_retry procd respawn_retry 0
+
+	procd_set_param command "$BIN"
+	procd_append_param command -f ${CONF}
+	procd_append_param command -nofork
+	procd_append_param command -pidfile ${PID}
+
+	# restart if olsrd dies
+	procd_set_param respawn $_respawn_threshold $_respawn_timeout $_respawn_retry
+
+	# automatically restart olsrd if generated cfg has changed
+	procd_set_param file $CONF
+
+	procd_set_param pidfile $PID
+
+	procd_close_instance
+
+	olsrd_setup_smartgw_rules
+}
+
+service_triggers() {
+	# reload if config changed via uci
+	procd_add_reload_trigger "olsrd"
+
+	# restart on ifup interface events
+	for n in $(olsrd_list_configured_interfaces $OLSRD); do
+		procd_add_reload_interface_trigger $n /etc/init.d/$OLSRD reload
+	done
+}

olsrd/files/olsrd6.config

@@ -9,3 +9,8 @@ config LoadPlugin
 
 config Interface
 	list interface 'wlan'
+
+config procd procd
+	option respawn_threshold '3600'
+	option respawn_timeout '15'
+	option respawn_retry '0'

olsrd/files/olsrd6.init

@@ -4,11 +4,76 @@
 . $IPKG_INSTROOT/lib/functions/olsrd.sh
 
 START=65
-
-SERVICE_DAEMONIZE=1
-SERVICE_WRITE_PID=1
-
-CONF=/var/etc/olsrd6.conf
+USE_PROCD=1
+BIN=/usr/sbin/olsrd
+OLSRD=olsrd6
+CONF=/var/etc/$OLSRD.conf
 PID=/var/run/olsrd6.pid
 
-UCI_CONF_NAME=olsrd6
+wait_for_network()
+{
+	ubus -t 15 wait_for network.interface.$1 2>/dev/null
+}
+
+wait_for_wireless()
+{
+	local count=0
+	ubus -t 15 wait_for network.wireless 2>/dev/null
+	while [ $count -lt 30 ]; do
+		if  [ "$(ubus call network.wireless status | jsonfilter -e '@[*]["pending"]' | grep true | wc -l)" == "0" ]; then
+			break
+		fi
+		count=$((count+1))
+		sleep 1
+	done
+}
+
+boot()
+{
+	config_load network
+	config_foreach wait_for_network interface
+	wait_for_wireless
+	rc_procd start_service
+}
+
+start_service() {
+	olsrd_generate_config $OLSRD
+
+	procd_open_instance
+
+	config_load olsrd6
+	local _respawn_threshold
+	local _respawn_timeout
+	local _respawn_retry
+
+	config_get _respawn_threshold procd _respawn_threshold 3600
+	config_get _respawn_timeout procd respawn_timeout 15
+	config_get _respawn_retry procd respawn_retry 0
+
+	procd_set_param command "$BIN"
+	procd_append_param command -f ${CONF}
+	procd_append_param command -nofork
+	procd_append_param command -pidfile ${PID}
+
+	# restart if olsrd dies
+	procd_set_param respawn $_respawn_threshold $_respawn_timeout $_respawn_retry
+
+	# automatically restart olsrd if generated cfg has changed
+	procd_set_param file $CONF
+
+	procd_set_param pidfile $PID
+
+	procd_close_instance
+
+	olsrd_setup_smartgw_rules
+}
+
+service_triggers() {
+	# reload if config changed via uci
+	procd_add_reload_trigger "olsrd6"
+
+	# restart on ifup interface events
+	for n in $(olsrd_list_configured_interfaces $OLSRD); do
+		procd_add_reload_interface_trigger $n /etc/init.d/$OLSRD reload
+	done
+}

olsrd/patches/010-musl.patch

@@ -1,11 +0,0 @@
---- a/lib/pud/nmealib/src/info.c
-+++ b/lib/pud/nmealib/src/info.c
-@@ -172,7 +172,7 @@ bool nmeaTimeParseDate(const char *s, NmeaTime *date) {
- void nmeaTimeSet(NmeaTime *utc, uint32_t *present, struct timeval *timeval) {
-   struct timeval tv;
-   struct tm tm;
--  long usec;
-+  time_t usec;
- 
-   if (!utc) {
-     return;

olsrd/patches/011-bison.patch

@@ -1,16 +0,0 @@
---- a/src/cfgparser/local.mk
-+++ b/src/cfgparser/local.mk
-@@ -74,12 +74,8 @@ $(C)oparse.c: $(C)oparse.y $(C)olsrd_conf.h $(C)Makefile
- ifeq ($(VERBOSE),0)
- 	@echo "[BISON] $@"
- endif
--	$(MAKECMDPREFIX)$(BISON) -d -o "$@-tmp" "$<"
--	$(MAKECMDPREFIX)sed	-e 's/register //' \
--		-e '/^#line/s/$(call quote,$@-tmp)/$(call quote,$@)/' \
--		< "$@-tmp" >"$@"
--	$(MAKECMDPREFIX)mv "$(subst .c,.h,$@-tmp)" "$(subst .c,.h,$@)"
--	$(MAKECMDPREFIX)$(RM) "$@-tmp" "$(subst .c,.h,$@-tmp)"
-+	$(MAKECMDPREFIX)$(BISON) -d -o "$@" "$<"
-+	$(MAKECMDPREFIX)sed -e 's/register //' "$@" > "$@.o" && mv "$@.o" "$@"
- 
- $(C)oparse.o: CFLAGS := $(filter-out -Wunreachable-code,$(CFLAGS))

olsrd/patches/012-gpsd.patch

@@ -1,11 +0,0 @@
---- a/lib/pud/src/gpsdclient.c
-+++ b/lib/pud/src/gpsdclient.c
-@@ -370,7 +370,7 @@ void nmeaInfoFromGpsd(struct gps_data_t
-           );
- 
-   gpsdata->set &= ~STATUS_SET; /* always valid */
--  if (gpsdata->status == STATUS_NO_FIX) {
-+  if (gpsdata->fix.status == STATUS_NO_FIX) {
-     nmeaInfoClear(info);
-     nmeaTimeSet(&info->utc, &info->present, NULL);
-     return;

olsrd/patches/101-unix-fix-meshing-with-wireguard-point-to-point-interfaces.patch

@@ -0,0 +1,38 @@
+From fcb30aa4da732d279527feba01cacc7dc996d137 Mon Sep 17 00:00:00 2001
+From: Nick Hainke <vincent@systemli.org>
+Date: Sun, 16 Jan 2022 00:08:56 +0100
+Subject: [PATCH] unix: fix meshing with wireguard/point-to-point interfaces
+
+Wireguard interfaces have no BROADCAST flag. We can also mesh on
+point-to-point links. That is why we mesh now also on interfaces with
+the IFF_POINTOPOINT flag enabled.
+
+Signed-off-by: Nick Hainke <vincent@systemli.org>
+---
+ src/unix/ifnet.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/src/unix/ifnet.c
++++ b/src/unix/ifnet.c
+@@ -184,8 +184,8 @@ chk_if_changed(struct olsr_if *iface)
+ 
+   /* Check broadcast */
+   if ((olsr_cnf->ip_version == AF_INET) && !iface->cnf->ipv4_multicast.v4.s_addr &&     /* Skip if fixed bcast */
+-      (!(ifp->int_flags & IFF_BROADCAST))) {
+-    OLSR_PRINTF(3, "\tNo broadcast - removing\n");
++      ((!(ifp->int_flags & IFF_BROADCAST) && !(ifp->int_flags & IFF_POINTOPOINT)))) {
++    OLSR_PRINTF(3, "\tNo broadcast or point-to-point - removing\n");
+     goto remove_interface;
+   }
+ 
+@@ -552,8 +552,8 @@ chk_if_up(struct olsr_if *iface, int deb
+ 
+   /* Check broadcast */
+   if ((olsr_cnf->ip_version == AF_INET) && !iface->cnf->ipv4_multicast.v4.s_addr &&     /* Skip if fixed bcast */
+-      (!(ifs.int_flags & IFF_BROADCAST))) {
+-    OLSR_PRINTF(debuglvl, "\tNo broadcast - skipping\n");
++      (!(ifs.int_flags & IFF_BROADCAST) && !(ifs.int_flags & IFF_POINTOPOINT))) {
++    OLSR_PRINTF(debuglvl, "\tNo broadcast or point-to-point - skipping\n");
+     return 0;
+   }
+ 

olsrd/patches/102-olsrd-prevent-storm-patches.patch

@@ -0,0 +1,83 @@
+From 4dabd94d598dd893aaaffbd71c315923c8827a14 Mon Sep 17 00:00:00 2001
+From: Nick Hainke <vincent@systemli.org>
+Date: Wed, 22 Jun 2022 14:08:04 +0200
+Subject: [PATCH] olsrd: prevent storm patches
+
+As described in the PR:
+
+  Limit the positive sequence number difference which is considered valid,
+  and prevent network storms.
+  Source: https://github.com/aredn/aredn_packages/pull/5
+
+Signed-off-by: Nick Hainke <vincent@systemli.org>
+---
+ src/duplicate_set.c | 16 ++++++++--------
+ src/duplicate_set.h |  5 +++--
+ 2 files changed, 11 insertions(+), 10 deletions(-)
+
+--- a/src/duplicate_set.c
++++ b/src/duplicate_set.c
+@@ -70,7 +70,7 @@ void olsr_cleanup_duplicates(union olsr_
+ 
+   entry = (struct dup_entry *)olsrd_avl_find(&duplicate_set, orig);
+   if (entry != NULL) {
+-    entry->too_low_counter = DUP_MAX_TOO_LOW - 2;
++    entry->out_of_bounds_counter = DUP_MAX_OUT_OF_BOUNDS - 2;
+   }
+ }
+ 
+@@ -82,7 +82,7 @@ olsr_create_duplicate_entry(void *ip, ui
+   if (entry != NULL) {
+     memcpy(&entry->ip, ip, olsr_cnf->ip_version == AF_INET ? sizeof(entry->ip.v4) : sizeof(entry->ip.v6));
+     entry->seqnr = seqnr;
+-    entry->too_low_counter = 0;
++    entry->out_of_bounds_counter = 0;
+     entry->olsrd_avl.key = &entry->ip;
+     entry->array = 0;
+   }
+@@ -160,12 +160,12 @@ olsr_message_is_duplicate(union olsr_mes
+   }
+ 
+   diff = olsr_seqno_diff(seqnr, entry->seqnr);
+-  if (diff < -31) {
+-    entry->too_low_counter++;
++  if (diff < -31 || diff > DUP_SEQNR_DIFF_HIGH_LIMIT) {
++    entry->out_of_bounds_counter++;
+ 
+-    // client did restart with a lower number ?
+-    if (entry->too_low_counter > DUP_MAX_TOO_LOW) {
+-      entry->too_low_counter = 0;
++    // client did restart with a too low or too high number ?
++    if (entry->out_of_bounds_counter > DUP_MAX_OUT_OF_BOUNDS) {
++      entry->out_of_bounds_counter = 0;
+       entry->seqnr = seqnr;
+       entry->array = 1;
+       return false;             /* start with a new sequence number, so NO duplicate */
+@@ -174,7 +174,7 @@ olsr_message_is_duplicate(union olsr_mes
+     return true;                /* duplicate ! */
+   }
+ 
+-  entry->too_low_counter = 0;
++  entry->out_of_bounds_counter = 0;
+   if (diff <= 0) {
+     uint32_t bitmask = 1u << ((uint32_t) (-diff));
+ 
+--- a/src/duplicate_set.h
++++ b/src/duplicate_set.h
+@@ -54,13 +54,14 @@
+ #define DUPLICATE_CLEANUP_INTERVAL 15000
+ #define DUPLICATE_CLEANUP_JITTER 25
+ #define DUPLICATE_VTIME 120000
+-#define DUP_MAX_TOO_LOW 16
++#define DUP_MAX_OUT_OF_BOUNDS 16
++#define DUP_SEQNR_DIFF_HIGH_LIMIT 0x2000
+ 
+ struct dup_entry {
+   struct olsrd_avl_node olsrd_avl;
+   union olsr_ip_addr ip;
+   uint16_t seqnr;
+-  uint16_t too_low_counter;
++  uint16_t out_of_bounds_counter;
+   uint32_t array;
+   uint32_t valid_until;
+ };

olsrd/patches/600-add-ubus-support.patch

@@ -0,0 +1,60 @@
+--- a/src/scheduler.c
++++ b/src/scheduler.c
+@@ -59,6 +59,8 @@
+ #include <assert.h>
+ #include <time.h>
+ 
++#include "ubus.h"
++
+ #ifdef __MACH__
+ #include "mach/clock_gettime.h"
+ #endif
+@@ -363,6 +365,8 @@ poll_sockets(void)
+   }
+   OLSR_FOR_ALL_SOCKETS_END(entry);
+ 
++  hfd = olsrd_ubus_add_read_sock(&ibits, hfd);
++
+   /* Running select on the FD set */
+   do {
+     n = olsr_select(hfd, fdsets & SP_PR_READ ? &ibits : NULL, fdsets & SP_PR_WRITE ? &obits : NULL, NULL, &tvp);
+@@ -395,6 +399,7 @@ poll_sockets(void)
+     }
+   }
+   OLSR_FOR_ALL_SOCKETS_END(entry);
++  olsrd_ubus_receive(&ibits);
+ }
+ 
+ static void
+--- a/src/main.c
++++ b/src/main.c
+@@ -74,6 +74,8 @@
+ #include "lock_file.h"
+ #include "cli.h"
+ 
++#include "ubus.h"
++
+ #if defined(__GLIBC__) && defined(__linux__) && !defined(__ANDROID__) && !defined(__UCLIBC__)
+   #define OLSR_HAVE_EXECINFO_H
+ #endif
+@@ -771,6 +773,9 @@ int main(int argc, char *argv[]) {
+   signal(SIGUSR2, SIG_IGN);
+ #endif /* _WIN32 */
+ 
++  /* Adding ubus */
++  olsrd_add_ubus();
++
+   /* Starting scheduler */
+   olsr_scheduler();
+ 
+--- a/Makefile.inc
++++ b/Makefile.inc
+@@ -252,7 +252,7 @@ else
+ ifeq ($(OS),win32)
+   LDFLAGS +=	-Wl,-export-all-symbols
+ else 
+-  LDFLAGS +=	-Wl,-export-dynamic 
++  LDFLAGS +=	-Wl,-export-dynamic,-lubus,-lubox
+ endif
+ ifeq ($(NORPATH),0)
+ LDFLAGS +=	-Wl,-rpath,$(LIBDIR)

olsrd/src/src/ubus.c

@@ -0,0 +1,229 @@
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <sys/select.h>
+
+#include <libubox/blob.h>
+#include <libubox/blobmsg.h>
+#include <libubus.h>
+
+#include <arpa/inet.h>
+#include <net/if.h>
+#include <netinet/in.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+
+#include "defs.h"
+#include "ifnet.h"
+#include "interfaces.h"
+#include "link_set.h"
+#include "log.h"
+#include "olsr.h"
+#include "olsr_cfg.h"
+
+#include "ubus.h"
+
+#define MAX(a, b) ((a) > (b) ? (a) : (b))
+#define MIN(a, b) ((a) < (b) ? (a) : (b))
+
+// Shared state maintained throughout calls to handle ubus messages.
+static struct ubus_context *shared_ctx;
+
+enum { INTERFACE_IFNAME, INTERFACE_LQM, __INTERFACE_MAX };
+
+static const struct blobmsg_policy interface_policy[__INTERFACE_MAX] = {
+    [INTERFACE_IFNAME] = {"ifname", BLOBMSG_TYPE_STRING},
+    [INTERFACE_LQM] = {"lqm", BLOBMSG_TYPE_STRING},
+};
+
+static int olsrd_ubus_add_interface(struct ubus_context *ctx_local,
+                                    struct ubus_object *obj,
+                                    struct ubus_request_data *req,
+                                    const char *method, struct blob_attr *msg) {
+  struct blob_attr *tb[__INTERFACE_MAX];
+  struct blob_buf b = {0};
+  union olsr_ip_addr addr;
+  int ret;
+  char *ifname, *lqm;
+
+  blobmsg_parse(interface_policy, __INTERFACE_MAX, tb, blob_data(msg),
+                blob_len(msg));
+
+  if (!tb[INTERFACE_IFNAME])
+    return UBUS_STATUS_INVALID_ARGUMENT;
+
+  ifname = blobmsg_get_string(tb[INTERFACE_IFNAME]);
+
+  struct interface_olsr *tmp = if_ifwithname(ifname);
+  if (tmp != NULL) {
+    return UBUS_STATUS_PERMISSION_DENIED;
+  }
+
+  struct olsr_if *temp;
+  for (temp = olsr_cnf->interfaces; temp != NULL; temp = temp->next) {
+    if (strcmp(temp->name, ifname) == 0)
+      return UBUS_STATUS_PERMISSION_DENIED;
+  }
+
+  struct olsr_if *tmp_ifs = olsr_create_olsrif(ifname, false);
+  tmp_ifs->cnf =
+      olsr_malloc(sizeof(struct if_config_options), "Set default config");
+  *tmp_ifs->cnf = *olsr_cnf->interface_defaults;
+
+  if (tb[INTERFACE_LQM]) { // add interface lqm
+    lqm = blobmsg_get_string(tb[INTERFACE_LQM]);
+    memset(&addr, 0, sizeof(addr));
+
+    struct olsr_lq_mult *mult = malloc(sizeof(*mult));
+    if (mult == NULL) {
+      olsr_syslog(OLSR_LOG_ERR, "Out of memory (LQ multiplier).\n");
+      return UBUS_STATUS_UNKNOWN_ERROR;
+    }
+
+    double lqm_value = atof(lqm);
+    mult->addr = addr;
+    mult->value = (uint32_t)(lqm_value * LINK_LOSS_MULTIPLIER);
+    tmp_ifs->cnf->lq_mult = mult;
+    tmp_ifs->cnf->orig_lq_mult_cnt++;
+  }
+
+  blob_buf_init(&b, 0);
+  blobmsg_add_string(&b, "adding", ifname);
+
+  ret = ubus_send_reply(ctx_local, req, b.head);
+  if (ret)
+    olsr_syslog(OLSR_LOG_ERR, "Failed to send reply: %s\n", ubus_strerror(ret));
+
+  blob_buf_free(&b);
+
+  return ret;
+}
+
+static int olsrd_ubus_del_interface(struct ubus_context *ctx_local,
+                                    struct ubus_object *obj,
+                                    struct ubus_request_data *req,
+                                    const char *method, struct blob_attr *msg) {
+  struct blob_attr *tb[__INTERFACE_MAX];
+  struct blob_buf b = {0};
+  int ret;
+  char *ifname;
+  struct olsr_if *tmp_if, *del_if;
+
+  blobmsg_parse(interface_policy, __INTERFACE_MAX, tb, blob_data(msg),
+                blob_len(msg));
+
+  if (!tb[INTERFACE_IFNAME])
+    return UBUS_STATUS_INVALID_ARGUMENT;
+
+  ifname = blobmsg_get_string(tb[INTERFACE_IFNAME]);
+
+  struct interface_olsr *tmp = if_ifwithname(ifname);
+
+  if (tmp != NULL) {
+
+    struct olsr_if *temp = olsr_cnf->interfaces, *prev;
+    if (temp != NULL && (strcmp(temp->name, ifname) == 0)) {
+      olsr_cnf->interfaces = temp->next;
+      olsr_remove_interface(temp);
+      goto send_reply;
+    }
+
+    while (temp != NULL && (strcmp(temp->name, ifname) != 0)) {
+      prev = temp;
+      temp = temp->next;
+    }
+
+    if (temp == NULL) {
+      goto send_reply;
+    }
+
+    prev->next = temp->next;
+    olsr_remove_interface(temp);
+  } else {
+    return UBUS_STATUS_PERMISSION_DENIED;
+  }
+
+send_reply:
+
+  blob_buf_init(&b, 0);
+  blobmsg_add_string(&b, "deleting", ifname);
+
+  ret = ubus_send_reply(ctx_local, req, b.head);
+  if (ret)
+    olsr_syslog(OLSR_LOG_ERR, "Failed to send reply: %s\n", ubus_strerror(ret));
+
+  blob_buf_free(&b);
+
+  return ret;
+}
+
+// List of functions we expose via the ubus bus.
+static const struct ubus_method olsrd_methods[] = {
+    UBUS_METHOD("add_interface", olsrd_ubus_add_interface, interface_policy),
+    UBUS_METHOD("del_interface", olsrd_ubus_del_interface, interface_policy),
+};
+
+// Definition of the ubus object type.
+static struct ubus_object_type olsrd_object_type =
+    UBUS_OBJECT_TYPE("olsrd", olsrd_methods);
+
+// Object we announce via the ubus bus.
+static struct ubus_object olsrd_object = {
+    .name = "olsrd",
+    .type = &olsrd_object_type,
+    .methods = olsrd_methods,
+    .n_methods = ARRAY_SIZE(olsrd_methods),
+};
+
+// Registers handlers for olsrd methods in the global ubus context.
+static bool ubus_init_object() {
+  int ret;
+
+  ret = ubus_add_object(shared_ctx, &olsrd_object);
+  if (ret) {
+    olsr_syslog(OLSR_LOG_ERR, "Failed to add object: %s\n", ubus_strerror(ret));
+    return false;
+  }
+
+  return true;
+}
+
+// Initializes the global ubus context, connecting to the bus to be able to
+// receive and send messages.
+static bool olsrd_ubus_init(void) {
+  if (shared_ctx)
+    return true;
+
+  shared_ctx = ubus_connect(NULL);
+  if (!shared_ctx)
+    return false;
+
+  return true;
+}
+
+void olsrd_ubus_receive(fd_set *readfds) {
+  if (!shared_ctx)
+    return;
+  if (FD_ISSET(shared_ctx->sock.fd, readfds))
+    ubus_handle_event(shared_ctx);
+}
+
+int olsrd_ubus_add_read_sock(fd_set *readfds, int maxfd) {
+  if (!shared_ctx)
+    return maxfd;
+
+  FD_SET(shared_ctx->sock.fd, readfds);
+  return MAX(maxfd, shared_ctx->sock.fd + 1);
+}
+
+bool olsrd_add_ubus() {
+  if (!olsrd_ubus_init()) {
+    olsr_syslog(OLSR_LOG_ERR, "Failed to initialize ubus!\n");
+    return false;
+  }
+  if (!ubus_init_object()) {
+    olsr_syslog(OLSR_LOG_ERR, "Failed to add objects to ubus!\n");
+    return false;
+  }
+  return true;
+}

olsrd/src/src/ubus.h

@@ -0,0 +1,40 @@
+/*
+    IPC integration of olsrd with OpenWrt.
+
+    The ubus interface offers following functions:
+    - add_inteface '{"ifname":"wg_51820", "lqm": "0.5"}'
+    - del_inteface '{"ifname":"wg_51820"}'
+*/
+
+#include <stdbool.h>
+#include <sys/select.h>
+
+/**
+ * Initialize ubus interface.
+ *
+ * Connect to the ubus daemon and expose the ubus functions.
+ *
+ * @return if initializing ubus was successful
+ */
+bool olsrd_add_ubus();
+
+/**
+ * Add ubus socket to given filedescriptor set.
+ *
+ * We need to check repeatedly if the ubus socket has something to read.
+ * The functions allows to add the ubus socket to the normal while(1)-loop of
+ * olsrd.
+ *
+ * @param readfs: the filedescriptor set
+ * @param maxfd: the current maximum file descriptor
+ * @return the maximum file descriptor
+ */
+int olsrd_ubus_add_read_sock(fd_set *readfds, int maxfd);
+
+/**
+ * Check and process ubus socket.
+ *
+ * If the ubus-socket signals that data is available, the ubus_handle_event is
+ * called.
+ */
+void olsrd_ubus_receive(fd_set *readfds);

oonf-dlep-proxy/Makefile

@@ -10,13 +10,14 @@ PKG_SOURCE_URL:=https://github.com/OLSR/OONF.git
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_VERSION:=$(PKG_REV)
+PKG_MIRROR_HASH:=a5413418b7ab1665758f883a652ff589de6a78ccf9201d29bc13f372cb9adeb0
 
 CMAKE_INSTALL:=1
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 
-CMAKE_OPTIONS=-D OONF_NO_WERROR:Bool=true \
+CMAKE_OPTIONS+=-D OONF_NO_WERROR:Bool=true \
                -D OONF_LOGGING_LEVEL:String=debug \
                -D OONF_NO_TESTING:Bool=true \
                -D UCI:Bool=true \

oonf-dlep-radio/Makefile

@@ -1,22 +1,23 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=oonf-dlep-radio
-PKG_VERSION:=v0.15.1
-PKG_REV:=bffb88b040659b237c4c91b6b42dbbb47431750e
-PKG_RELEASE:=$(PKG_REV)
+PKG_VERSION:=0.15.1
+PKG_RELEASE:=$(AUTORELEASE)
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=https://github.com/OLSR/OONF.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=$(PKG_REV)
+PKG_SOURCE_URL:=https://github.com/OLSR/OONF.git
+PKG_SOURCE_DATE:=2018-03-19
+PKG_SOURCE_VERSION:=bffb88b040659b237c4c91b6b42dbbb47431750e
+PKG_MIRROR_HASH:=c85bf1e38483979f44486b6ad90800535fc7039a162c536c239d897b7c68ef70
+
+PKG_MAINTAINER:=Henning Rogge <hrogge@gmail.com>
 
 CMAKE_INSTALL:=1
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 
-CMAKE_OPTIONS=-D OONF_NO_WERROR:Bool=true \
+CMAKE_OPTIONS+=-D OONF_NO_WERROR:Bool=true \
                -D OONF_LOGGING_LEVEL:String=debug \
                -D OONF_NO_TESTING:Bool=true \
                -D UCI:Bool=true \
@@ -29,19 +30,13 @@ CMAKE_OPTIONS=-D OONF_NO_WERROR:Bool=true \
                -D INSTALL_CMAKE_DIR:Path=lib/oonf \
                -D CMAKE_PREFIX_PATH=$(STAGING_DIR)/usr
 
-define Package/oonf-git/template
+define Package/oonf-dlep-radio
   SECTION:=net
   CATEGORY:=Network
-	MAINTAINER:=Henning Rogge <hrogge@gmail.com>
   SUBMENU:=OLSR.org network framework
   URL:=http://www.olsr.org/
-endef
-
-define Package/oonf-dlep-radio
-	$(call Package/oonf-git/template)
   TITLE:=Build DLEP Radio Agent
   DEPENDS:=+librt +libnl-tiny +libuci +oonf-init-scripts
-	VERSION:=$(PKG_VERSION)
 endef
 
 Build/Compile=$(call Build/Compile/Default,dlep_radio_static)

oonf-olsrd2/Makefile

@@ -10,6 +10,7 @@ PKG_SOURCE_URL:=https://github.com/OLSR/OONF.git
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_VERSION:=$(PKG_REV)
+PKG_MIRROR_HASH:=2e38140e804e7fc0138d0893416c4f19b1ca43bd9de066e8b028bd0d59ac9255
 
 CMAKE_INSTALL:=1
 
@@ -30,7 +31,7 @@ CMAKE_OPTIONAL_PLUGINS:= $(subst $(SPACE),;,$(strip \
 
 BUILD_TYPE:= $(if $(filter y,$(CONFIG_DEBUG)),Debug,Release)
 
-CMAKE_OPTIONS=-D CMAKE_BUILD_TYPE:String=$(BUILD_TYPE) \
+CMAKE_OPTIONS+=-D CMAKE_BUILD_TYPE:String=$(BUILD_TYPE) \
                -D OONF_NO_WERROR:Bool=true \
                -D OONF_LOGGING_LEVEL:String=debug \
                -D OONF_NO_TESTING:Bool=true \

oonf-olsrd2/patches/020-static.patch

@@ -1,6 +1,6 @@
 --- a/src-plugins/nhdp/nhdp/nhdp.c
 +++ b/src-plugins/nhdp/nhdp/nhdp.c
-@@ -187,9 +187,9 @@ static struct oonf_rfc5444_protocol *_protocol;
+@@ -187,9 +187,9 @@ static struct oonf_rfc5444_protocol *_pr
  static struct netaddr _originator_v4, _originator_v6;
  
  /* logging sources for NHDP subsystem */

opennds/Makefile

@@ -6,67 +6,72 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=opennds
-PKG_FIXUP:=autoreconf
-PKG_VERSION:=8.0.0
-PKG_RELEASE:=1
+PKG_VERSION:=9.8.0
+PKG_RELEASE:=2
 
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/opennds/opennds/tar.gz/v$(PKG_VERSION)?
-PKG_SOURCE:=opennds-$(PKG_VERSION).tar.gz
-PKG_HASH:=5cd7f2f415dde36ff26aba246851a4ff972599c56073a3e1737020ada366d987
+PKG_HASH:=11f4a48ef62007f56376c32a028f19183452c62eee6fddcb11aafe822e5ff1b4
 PKG_BUILD_DIR:=$(BUILD_DIR)/openNDS-$(PKG_VERSION)
 
 PKG_MAINTAINER:=Rob White <rob@blue-wave.net>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
-PKG_LICENSE:=GPL-2.0+
 
 include $(INCLUDE_DIR)/package.mk
 
-
 define Package/opennds
   SUBMENU:=Captive Portals
   SECTION:=net
   CATEGORY:=Network
-	DEPENDS:=+libpthread +iptables-mod-ipopt +libmicrohttpd-no-ssl
+  DEPENDS:=+kmod-ipt-conntrack +kmod-ipt-nat +libmicrohttpd-no-ssl
   TITLE:=Open public network gateway daemon
   URL:=https://github.com/opennds/opennds
-	CONFLICTS:=nodogsplash nodogsplash2
+  CONFLICTS:=nodogsplash
 endef
 
 define Package/opennds/description
-	openNDS is a Captive Portal that offers a simple way to
-	provide restricted access to the Internet by showing a splash
-	page to the user before Internet access is granted.
-	It also incorporates an API that allows the creation of
-	sophisticated authentication applications.
+  openNDS is a Captive Portal solution that offers an instant way to provide restricted access to the Internet.
+  With little or no configuration, a dynamically generated and adaptive splash page sequence is automatically served.
+  Both client driven Captive Portal Detection (CPD) and gateway driven Captive Portal Identification (CPI - RFC 8910 and RFC 8908) are supported.
+  Internet access is granted by either a click to continue button, or after credential verification as a result of filling in a login form.
+  The package incorporates the FAS API allowing many flexible customisation options.
+  The creation of sophisticated third party authentication applications is fully supported.
+  Internet hosted https portals can be implemented with no security errors, to inspire maximum user confidence.
+  This version requires iptables-legacy.
 endef
 
 define Package/opennds/install
-
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/opennds $(1)/usr/bin/
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/
-
 	$(INSTALL_DIR) $(1)/etc/opennds/htdocs/images
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/usr/lib/opennds
-	$(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/opennds/htdocs/
 	$(CP) $(PKG_BUILD_DIR)/resources/splash.css $(1)/etc/opennds/htdocs/
-	$(CP) $(PKG_BUILD_DIR)/resources/status.html $(1)/etc/opennds/htdocs/
 	$(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/opennds/htdocs/images/
 	$(CP) $(PKG_BUILD_DIR)/linux_openwrt/opennds/files/etc/config/opennds $(1)/etc/config/
+	$(CP) $(PKG_BUILD_DIR)/linux_openwrt/opennds/files/etc/config/opennds $(1)/etc/opennds/config.uci
 	$(CP) $(PKG_BUILD_DIR)/linux_openwrt/opennds/files/etc/init.d/opennds $(1)/etc/init.d/
 	$(CP) $(PKG_BUILD_DIR)/linux_openwrt/opennds/files/etc/uci-defaults/40_opennds $(1)/etc/uci-defaults/
 	$(CP) $(PKG_BUILD_DIR)/linux_openwrt/opennds/files/usr/lib/opennds/restart.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/binauth/binauth_log.sh $(1)/usr/lib/opennds/
-	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/login.sh $(1)/usr/lib/opennds/
+	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/libopennds.sh $(1)/usr/lib/opennds/
+	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/theme_click-to-continue-basic.sh $(1)/usr/lib/opennds/
+	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/theme_click-to-continue-custom-placeholders.sh $(1)/usr/lib/opennds/
+	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/theme_user-email-login-basic.sh $(1)/usr/lib/opennds/
+	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/theme_user-email-login-custom-placeholders.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/get_client_interface.sh $(1)/usr/lib/opennds/
-	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/get_client_token.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/client_params.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/unescape.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/authmon.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/dnsconfig.sh $(1)/usr/lib/opennds/
+	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/download_resources.sh $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/post-request.php $(1)/usr/lib/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/fas-aes/fas-aes.php $(1)/etc/opennds/
 	$(CP) $(PKG_BUILD_DIR)/forward_authentication_service/fas-hid/fas-hid.php $(1)/etc/opennds/

pimbd/Makefile

@@ -3,10 +3,11 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=pimbd
 PKG_SOURCE_VERSION:=dbf4e5913b06e3160f506df15e6a047a403a5f21
 PKG_VERSION:=2018-06-19-$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/Oryon/pimbd.git
+PKG_MIRROR_HASH:=a08e474d7c210b084a28afe8f85e1b356a067b2f9ec643d26402680782933ae7
 PKG_MAINTAINER:=Pierre Pfister <pierre.pfister@darou.fr>
 PKG_LICENSE:=Apache-2.0