Commit Graph

4698 Commits (2021.1.082)

Author SHA1 Message Date
pedro f273c0fe06 nettle: update to 3.7 5 years ago
pedro aae3182bf2 igmpproxy: update to 0.3 5 years ago
pedro c8047059ed Merge branch 'arm-master' into arm-sdk7
- manually fix conflicts
5 years ago
pedro 622231f009 stubby: add full GUI support (part 1/2)
- based on @RMerlin work (thanks!)
5 years ago
pedro cef08dfd8f GUI: move stubby, dnscrypt-proxy and some other options to Advanced -> DHCP/DNS 5 years ago
pedro 07243b7632 www: tomato.js: fix wrongly treated input delay value in TomatoRefresh.initPage 5 years ago
Johan Källström 75ced02e89 build: add support for Netgear XR300 5 years ago
Johan Källström 6db0b29c98 Makefile: fix PATH and LD_LIBRARY_PATH 5 years ago
pedro 7f5275351d www: tomato.js: add missing semicolon 5 years ago
M_ars c33cc49658 R1D Xiaomi: change/fix LED table - assign GPIO 1 for LED_DIAG (active LOW, color red) / Status LED ==> with restart/reboot/... color red ON - assign GPIO 2 (color orange) and GPIO 3 (color blue) for LED_WHITE (active LOW) ==> with wan-up color blue ON (orange Off), wan-down color orange ON (blue Off) - add also stealth mode support
see report
https://www.linksysinfo.org/index.php?threads/2020-8-broke-led-on-multi-wan-indication.76138/#post-321980
5 years ago
pedro b0a8f23be9 rc: firewall.c: tune some params in NAT performance tweaks 5 years ago
pedro 2054160d3b libshared: introduce and use f_write_procsysnet() 5 years ago
pedro 05bf959e1f rc: interface.c: config_loopback(): properly bring down IF (oops...) 5 years ago
pedro 62721a54f6 stubby: tweak config: tls_query_padding_blocksize and idle_timeout 5 years ago
pedro ef07171af5 rc: interface.c: add possibility to set mtu in _ifconfig() 5 years ago
pedro 57fa27f2f3 rc: rc.h: duplicate prototype of config_loopback() 5 years ago
pedro fd7f3723c0 rc: openvpn.c: fix compiler warnings 5 years ago
pedro 9e2e89a340 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 0499eced31 rc: interface.c: a few improvements 5 years ago
pedro e82f7fda83 rc: firewall: rename variables 5 years ago
pedro b3c77924f3 multiwan: reduce and flush the route cache to ensure a more synchronous load-balancing across multiwan
The Tomato default route cache can create route affinity in a multi-wan environment.
Disparate devices to the same destination may follow the kernel route cache creating a lack of load-balancing
across the multi-wan environment. The proposed resolution is to adjust the route cache garbage collector to prune
the route cache and allow for proper load balancing across multiple WAN circuits.

Based on: https://bitbucket.org/pl_shibby/tomato-arm/issues/193/multiwan-route-cache-creates-route
5 years ago
pedro 7b902cfda7 openvpn: fix typo in commit 29474d4 (implement CRL file) 5 years ago
pedro 495e10f9d9 GUI: OpenVPN Server: allow empty string as a static key in case it's located elsewhere 5 years ago
pedro 431a2393b1 openvpn: masquerade all client outbound traffic regardless of source subnet
- ported from @Merlin
5 years ago
pedro f448f453d4 Bump version to 2021.1 5 years ago
pedro 9e38058ea5 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 9f5f363232 patches: miniupnpd: cosmetic 5 years ago
pedro 4bb5858e82 httpd/rc: openvpn.c: use one version for ARM and MIPS branch 5 years ago
M_ars 428846ef9c SDK6: router: Makefile: fix path for WLAN_Common.mk
Note: no change for SDK6 BUT for SDK7 !!!

fix for SDK7 SRC path (SDK6 path was used to build the SDK7 utils for example --> not OK)
OLD: -I/home/tomato/tomato/release/src-rt-6.x.4708/shared/bcmwifi/include
NEW: -I/home/tomato/tomato/release/src-rt-7.x.main/src/shared/bcmwifi/include -I/home/tomato/tomato/release/src-rt-7.x.main/src/wl/olpc/include -I/home/tomato/tomato/release/src-rt-7.x.main/src/wl/ppr/include

Note: sync SDK6 and SDK7
5 years ago
M_ars 8225b1f38c SDK7: router: Makefile: fix path for WLAN_Common.mk
Note: no change for SDK6 BUT for SDK7 !!!

fix for SDK7 SRC path (SDK6 path was used to build the SDK7 utils for example --> not OK)
OLD: -I/home/tomato/tomato/release/src-rt-6.x.4708/shared/bcmwifi/include
NEW: -I/home/tomato/tomato/release/src-rt-7.x.main/src/shared/bcmwifi/include -I/home/tomato/tomato/release/src-rt-7.x.main/src/wl/olpc/include -I/home/tomato/tomato/release/src-rt-7.x.main/src/wl/ppr/include
5 years ago
pedro ee17877039 openvpn: add 'mode p2p' option to generated client config if auth mode is static 5 years ago
pedro 1ed89a1c96 build: fix latest merge 5 years ago
pedro 804f6ff0a2 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro a62475406b Revert "libcurl: update to 7.74.0"
- fucked up release...

This reverts commit c630e3a23b.
5 years ago
M_ars b6fb9591e3 SDK7: add wireless band steering feature (turned off by default)
Note: right now only On/Off at GUI (keep it simple). tested with dual-core arm and apple device (iOS 14)

Control parameter can be adjusted via nvram variables (no GUI yet, tbd.). For basic infos, have a look at https://www.smallnetbuilder.com/wireless/wireless-howto/32653-asus-rt-ac3200-smart-connect-the-missing-manual?start=0

For default config see (or nvram variables) // [Example from SDK6 router]
root@Tomato-ARM:/tmp/home/root# bsd -i
=== Basic info ===
max_ifnum: 2
mode: 2
role: 3
helper: 192.168.1.232[9877]
primary: 192.168.1.231[9878]
status_poll: 5
counter_poll: 0
idle_rate: 10
prefer_5g: 1
scheme: 2[3]
steer_timeout: 15
sta_timeout: 120
maclist_timeout: 3
probe_timeout: 3600
probe_gap: 30
poll_interval: 1
slowest_at_ratio: 40
phyrate_delta: 200

=== intf_info ===

idx: 0
idx=0 band=2 remote=0 enabled=1 steering_flags=0x2
Steer Policy:
max=0 period=5 cnt=3 rssi=-52 phyrate_high=110 phyrate_low=0 flags=0x22 state=3
Rule Logic: OR
RSSI: Greater than
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
STA NUM BALANCE: NO
PHYRATE (LOW): Less than
N ONLY: NO

Interface Qualify Policy:
min_bw=0 rssi=-75 flags=0x0
Rule Logic: OR
VHT: Allowed
NON VHT: Allowed

ifidx=0 bssidx=0 ifnames=eth1 valid=1:
prefix=wl0_ ssid=MM24-Test idx=0x0 bssid=f0:70:60:7f:50:01 rclass=0x4 chanspec=0x1001 prio=0x0 video_idle=0
steer_prefix=wl1_ [1][0]
policy=3[6]
algo=0[2]
Sta Select Policy: defined=YES:
idle_rate=10 rssi=-52 phyrate_high=110 phyrate_low=0 wprio=0 wrssi=1 wphy_rate=1 wtx_failures=0 wtx_rate=0 wrx_rate=0 flags=0x122
Rule Logic: OR
RSSI: Greater than
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
SINGLE BAND: No Preference
DUAL BAND: Prefered
ACTIVE STA: Can't be Selected
PHYRATE (LOW): Less than
N ONLY: NO

bssinfo to list:
ifname=eth1, intf_info->idx=0
ifidx=1 bssidx=0 to_ifidx=1 ifnames=eth2 prefix=wl1_

idx: 1
idx=1 band=1 remote=0 enabled=1 steering_flags=0x0
Steer Policy:
max=80 period=5 cnt=3 rssi=-82 phyrate_high=0 phyrate_low=0 flags=0x20 state=2
Rule Logic: OR
RSSI: Less than or Equal to
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
STA NUM BALANCE: NO
PHYRATE (LOW): Less than
N ONLY: NO

Interface Qualify Policy:
min_bw=60 rssi=-75 flags=0x0
Rule Logic: OR
VHT: Allowed
NON VHT: Allowed

ifidx=1 bssidx=0 ifnames=eth2 valid=1:
prefix=wl1_ ssid=MM24-Test idx=0x0 bssid=f0:70:60:7f:50:04 rclass=0x7 chanspec=0xe06a prio=0x0 video_idle=0
steer_prefix=wl0_ [0][0]
policy=2[6]
algo=0[2]
Sta Select Policy: defined=YES:
idle_rate=10 rssi=-82 phyrate_high=0 phyrate_low=0 wprio=0 wrssi=1 wphy_rate=1 wtx_failures=0 wtx_rate=0 wrx_rate=0 flags=0x20
Rule Logic: OR
RSSI: Less than or Equal to
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
SINGLE BAND: No Preference
DUAL BAND: No Preference
ACTIVE STA: Can't be Selected
PHYRATE (LOW): Less than
N ONLY: NO

bssinfo to list:
ifname=eth2, intf_info->idx=1
ifidx=0 bssidx=0 to_ifidx=0 ifnames=eth1 prefix=wl0_
root@Tomato-ARM:/tmp/home/root#

Further Note: to save nvram space --> feature turned off for dir868l
5 years ago
M_ars da557f4fd1 SDK7: prepare for band steering update 5 years ago
M_ars e28e477194 SDK6: add wireless band steering feature (turned off by default)
Note: right now only On/Off at GUI (keep it simple). tested with dual-core arm and apple device (iOS 14)

Control parameter can be adjusted via nvram variables (no GUI yet, tbd.). For basic infos, have a look at https://www.smallnetbuilder.com/wireless/wireless-howto/32653-asus-rt-ac3200-smart-connect-the-missing-manual?start=0

For default config see (or nvram variables)
root@Tomato-ARM:/tmp/home/root# bsd -i
=== Basic info ===
max_ifnum: 2
mode: 2
role: 3
helper: 192.168.1.232[9877]
primary: 192.168.1.231[9878]
status_poll: 5
counter_poll: 0
idle_rate: 10
prefer_5g: 1
scheme: 2[3]
steer_timeout: 15
sta_timeout: 120
maclist_timeout: 3
probe_timeout: 3600
probe_gap: 30
poll_interval: 1
slowest_at_ratio: 40
phyrate_delta: 200

=== intf_info ===

idx: 0
idx=0 band=2 remote=0 enabled=1 steering_flags=0x2
Steer Policy:
max=0 period=5 cnt=3 rssi=-52 phyrate_high=110 phyrate_low=0 flags=0x22 state=3
Rule Logic: OR
RSSI: Greater than
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
STA NUM BALANCE: NO
PHYRATE (LOW): Less than
N ONLY: NO

Interface Qualify Policy:
min_bw=0 rssi=-75 flags=0x0
Rule Logic: OR
VHT: Allowed
NON VHT: Allowed

ifidx=0 bssidx=0 ifnames=eth1 valid=1:
prefix=wl0_ ssid=MM24-Test idx=0x0 bssid=f0:70:60:7f:50:01 rclass=0x4 chanspec=0x1001 prio=0x0 video_idle=0
steer_prefix=wl1_ [1][0]
policy=3[6]
algo=0[2]
Sta Select Policy: defined=YES:
idle_rate=10 rssi=-52 phyrate_high=110 phyrate_low=0 wprio=0 wrssi=1 wphy_rate=1 wtx_failures=0 wtx_rate=0 wrx_rate=0 flags=0x122
Rule Logic: OR
RSSI: Greater than
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
SINGLE BAND: No Preference
DUAL BAND: Prefered
ACTIVE STA: Can't be Selected
PHYRATE (LOW): Less than
N ONLY: NO

bssinfo to list:
ifname=eth1, intf_info->idx=0
ifidx=1 bssidx=0 to_ifidx=1 ifnames=eth2 prefix=wl1_

idx: 1
idx=1 band=1 remote=0 enabled=1 steering_flags=0x0
Steer Policy:
max=80 period=5 cnt=3 rssi=-82 phyrate_high=0 phyrate_low=0 flags=0x20 state=2
Rule Logic: OR
RSSI: Less than or Equal to
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
STA NUM BALANCE: NO
PHYRATE (LOW): Less than
N ONLY: NO

Interface Qualify Policy:
min_bw=60 rssi=-75 flags=0x0
Rule Logic: OR
VHT: Allowed
NON VHT: Allowed

ifidx=1 bssidx=0 ifnames=eth2 valid=1:
prefix=wl1_ ssid=MM24-Test idx=0x0 bssid=f0:70:60:7f:50:04 rclass=0x7 chanspec=0xe06a prio=0x0 video_idle=0
steer_prefix=wl0_ [0][0]
policy=2[6]
algo=0[2]
Sta Select Policy: defined=YES:
idle_rate=10 rssi=-82 phyrate_high=0 phyrate_low=0 wprio=0 wrssi=1 wphy_rate=1 wtx_failures=0 wtx_rate=0 wrx_rate=0 flags=0x20
Rule Logic: OR
RSSI: Less than or Equal to
VHT: Allowed
NON VHT: Allowed
NEXT RF: NO
PHYRATE (HIGH): Greater than or Equal to
LOAD BALANCE: NO
SINGLE BAND: No Preference
DUAL BAND: No Preference
ACTIVE STA: Can't be Selected
PHYRATE (LOW): Less than
N ONLY: NO

bssinfo to list:
ifname=eth2, intf_info->idx=1
ifidx=0 bssidx=0 to_ifidx=0 ifnames=eth1 prefix=wl0_
root@Tomato-ARM:/tmp/home/root#

Further Note: to save nvram space --> feature turned off for dir868l
5 years ago
pedro 67e8d02d1d Revert "build: openvpn 2.5: use (built-in) netlink support instead of iproute2"
- netlink support still with bugs

This reverts commit fabb11a051.
5 years ago
Lorian Coltof c9dd13571f www: fix escapeCGI to properly encode unicode 5 years ago
Lorian Coltof 5adaae7957 httpd: use UTF-8 decoding for SSIDs 5 years ago
pedro b82c6962f1 dropbear: libtommath: enable fixed cutoffs as size-optimization
- ported from @Merlin
5 years ago
pedro ce12690f09 dropbear: use common random source for ltm
- ported from @Merlin
5 years ago
pedro cc6378d3f5 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 47d7689bdd wsdd2: update to 2020.11.19 (e0cf50d) snapshot 5 years ago
pedro 4af2ab4918 uqmi: update to 2020.11.22 (0a19b5b) snapshot 5 years ago
pedro c8e2f35246 udpxy: update to 1.0-25.1 5 years ago
pedro 6772e75c88 sqlite: update to 3.34.0 5 years ago
pedro 7c6e2d1579 openssl-1.1: update to 1.1.1i 5 years ago
pedro bdcedbee9f nginx: update to 1.19.5 5 years ago
pedro 5adeefc3d8 nano: update to 5.4 5 years ago
pedro 298559aa27 gmp: update to 6.2.1 5 years ago
pedro c630e3a23b libcurl: update to 7.74.0 5 years ago
pedro a6d63a1bbb adminer: update to 4.7.8 5 years ago
pedro 525d8b13f9 rc/shared: fix compiler warnings 5 years ago
M_ars 80e7d75958 rc: ppp.c: - set nvram "wan_iface" also in case IPv6 link up (function ip6up_main())
fix for: ipup_main() not yet (or later) called --> nvram variable "wan_iface" needed for function start_dhcp6c()

Note: see mips Issue #43
5 years ago
pedro fe2f26fd13 www: basic-network.c: code clean-up, cosmetic
- stay as close as possible to MIPS branch
5 years ago
pedro 070fb130fe www: move eventHandler() to tomato.js 5 years ago
notsure2 cbbcd14616 Fix miniupnp build 5 years ago
M_ars d4152b9304 SDK7: update emf / igs
Note: GPL 300438252287 / only blob
5 years ago
M_ars d6e4899a40 SDK7: update wl util
Note: GPL 300438252287 / only blob
5 years ago
pedro 34bf621eb6 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 7dbad49593 build: fix logmsg() (2nd try...) 5 years ago
pedro e99887a28c rc: mwan.c: fix error in checkConnect() 5 years ago
pedro f4dee70c6e build: fix compiler warnings 5 years ago
pedro 4657487a38 build: fix compiler warnings 5 years ago
pedro b126822877 watchdog: always add check if mwanJob is added to cru in case of problems on first attempt 5 years ago
pedro 051629598e watchdog: change some options for traceroute checker 5 years ago
M_ars 4ae6df364e firewall: adjust limit connection attempts (ssh/telnet) for IPv6 (and align to IPv4 --> remove incoming device, apply to all)
Note: see arm issue 75
5 years ago
M_ars 045dedaeca GUI: advanced-wireless - restrict tx power range (for very low values)
Via GUI we allow a tx power range in mW from 5 to 1000 or default value 0 (-1 will be used for the wl driver) --> AVOID 1-4 mW area!!
see latest findings https://www.linksysinfo.org/index.php?threads/tenda-ac15-ac1900-tomato-firmware-support.71709/page-14#post-321389
5 years ago
Not Sure 519ff35daf Merged in watchdog-fix-inverted-check (pull request #41)
watchdog: Fix incorrect ISPPPD check and condition.
5 years ago
pedro 3697bf71ff build: miniupnpd: a little correction to recipe 5 years ago
notsure2 29e4836797 watchdog: Fix incorrect ISPPPD check and condition.
- Don't use ps because Entware procps and busybox ps give different output.
- Fix inverted check condition causing 'via xxx' to be removed in the checker route.
5 years ago
M_ars d48812ea9d SDK7: router: wlconf - small update/fixes/improvements
Note: also prepare for future updates
5 years ago
pedro f449a59124 Merge branch 'arm-master' into arm-sdk7
- manually fix conflict
5 years ago
notsure2 62cd0f8a56 watchdog: new method of checking without breaking existing connections to the check hosts.
- the idea depends on inserting an explicit clone of the default route to the target IP
  then inserting a 2nd explicit route to the target IP over the desired interface to check
  but with a very high metric. Existing traffic will go through the clone of the default route,
  while traffic that is forced out of the desired interface to check will use the high metric route
  and be sent correctly
- additionally, set the default connection checker back to traceroute
5 years ago
pedro 3b2e8f0a38 rc: mwan.c: code optimization and clean-up. One version for ARM and MIPS branch.
- in PRs please use #ifdef TCONFIG_BCMARM/#ifndef TCONFIG_BCMARM/etc to distinguish different branches
5 years ago
pedro 83f413eb34 shared: Makefile: fix logmsg() 5 years ago
M_ars 7f2cc3cf52 router: Makefile: remove prebuilt
Note: not needed for SDK7
5 years ago
M_ars a78b463624 rc: network.c : - remove validation for wl-interface related variables for sdk7
Note: with commit aa605ee3a9 check/validation moved to wlconf (no need to do it twice)

this reverts 5f5431f290 (was only needed/useful for our old wlconf blob)
5 years ago
M_ars b879b1b04b SDK7: shared: defaults: small wl-cleanup (we do not need/use them right now) 5 years ago
M_ars 2ce9bb0eae router: Makefile: remove prebuilt
Note: not needed for SDK6 anymore
5 years ago
M_ars 53b92fee72 SDK6: router: wlconf - small update/fixes/improvements
Note: also prepare for future updates
5 years ago
M_ars 75cfde1264 rc: services: adjust function start_dnsmasq() and check wireless bridge after stop_dnsmasq()
fix for: in wireless ethernet bridge mode, router time not working anymore (tested/approved with arm dual-core)
5 years ago
pedro ee6f95c30d miniupnpd: update to 2.2.0
- refresh patches
5 years ago
pedro 33f56ee6ce build: librt is required on every target with USB support (for e2fsprogs) 5 years ago
pedro 60a343282f Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 32faed4c02 SDK7: GUI: keep the current wireless noise floor value(s) on device list page - now it's supported 5 years ago
pedro 48ff90b7a4 watchdog: set the default value for connection checker depending on whether or not there is curl in the image 5 years ago
pedro ba15d0a2fc rc: firewall.c: be more restrictive, only allow ICMP messages we need
- thanks @rs232
5 years ago
notsure2 96cf8db16d Make watchdog less destructive to the routing table (only modify route of test hosts); change default checker to curl; cosmetic 5 years ago
notsure2 78d07bb8d9 mwan_load_balance: if connection is down, clear old mwan state. 5 years ago
notsure2 a7f5a1ee97 In case of multiwan, don't set default gateway route. mwanroute script will handle this. 5 years ago
pedro 0129e946cc build: changes in patch_files macro 5 years ago
pedro 67ddde2544 SNMP: fix patch 5 years ago
pedro e3effe75a0 tomatoanon: cosmetics 5 years ago
pedro 813c6908aa udpxy: update to 061a0ab (2020-10-18) snapshot 5 years ago
pedro ebb4d721d2 igmpproxy: update to 78eda58 (2020-09-05) snapshot 5 years ago
pedro de2159f61f Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 4217eceb50 mdu: mdu.c: code optimization and clean-up. One version for ARM and MIPS branch.
- use logmsg()
- fix compiler warnings
- in PRs please use #ifdef TCONFIG_BCMARM/#ifndef TCONFIG_BCMARM/etc to distinguish different branches
5 years ago
pedro 4596277c9a shared: shutils.c: use logmsg() 5 years ago
pedro 5d9c18e5b5 shared: led.c: use logmsg() 5 years ago
pedro 66b41ae1c2 shared: misc.c: use logmsg() 5 years ago
pedro 42bfec9ccd shared: move logmsg() from rc to libshared 5 years ago
pedro 772a36b1c6 SNMP: update to 5.9
- clean sources, add patches instead
5 years ago
pedro b7c2625b9e tor: update to 0.4.4.6 5 years ago
pedro 6fc9d80472 Merge branch 'arm-master' into arm-sdk7 5 years ago
M_ars aa605ee3a9 SDK7: router: wlconf: use src files / compile from src 5 years ago
M_ars 8a706ce8b1 SDK7: update NAS / Network Authentication Server
Note: only binary blob
5 years ago
pedro 497daaea1e iproute2: updates from upstream
- fix ip -force -batch to continue on errors
- libnamespaces: fix warning about syscall()
- tc: fix compilation warning on 32bits arch
- ip: return correct exit code on route failure
- ip: fix exit code for rule failures
- ip: fix exit code for addrlabel
- tc: util: fix print_rate for ludicrous speeds
- ip/ip6tunnel: fix missing return value check
- lib/namespace: don't leak fd in error case
- lib/namespace: fix fd leakage in non-error case
- tc: fix return after invarg
- bond: fix return after invarg
- monitor: fix file handle leak
- lnstat: fix error handling
- tc/m_xt: Fix for potential string buffer overflows
- gre: Fix ttl inherit option
5 years ago
pedro 07efe27f82 Merge branch 'arm-master' into arm-sdk7 5 years ago
nikk gitanes ad3cbf8aa1 fix motd and remove ethstate leftovers 5 years ago
nikk gitanes bb124e2cc9 update R1D leds
Blue for Internet as original fw, Red for diag
5 years ago
pedro 1eda1fee60 build: dnsmasq: add default edns_pktsz 5 years ago
pedro 9bb741e5b6 pppd: add two patches from openwrt
- retain foreign default routes on Linux
- remove runtime kernel checks
5 years ago
pedro e887af0d15 openvpn: hide build date 5 years ago
pedro 9e0412a230 rc: firewall.c: only intercept udp requests to port 123, ntpd does not listen to tcp 5 years ago
pedro 00db337d09 busybox: add time and getopt applets 5 years ago
pedro b27e2e151e Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 4fb3699f25 busybox: update to 1.31.1 5 years ago
pedro 2aeff61a7c Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 93c885c50e busybox: update to 1.29.3 5 years ago
pedro d3f12ee6ee Merge branch 'arm-master' into arm-sdk7 5 years ago
M_ars e1a6b08d3f shared: led clean-up and use defines for GPIO_XY
Note: for sdk7, prepare for merge
5 years ago
M_ars e5f02f8bde shared: led.c: - improve function do_led_nongpio() and some cosmetic
Note: for sdk7, prepare for merge
5 years ago
M_ars fc75e45a58 SDK6: update NAS / Network Authentication Server
Note: tested with arm, all ok
5 years ago
M_ars 82b1281881 LEDs: repair wireless LED and bridge LED (was not working anymore for mips branch)
Note: only cosmetic for arm branch (no change, sync with mips branch)
5 years ago
M_ars 53cddc5c7d www: Makefile: small addition for commit vsftpd: add native support for basic ftp_tls using router httpd cert/key (3cef32e9fd)
Note: cosmetic for arm because always usb support so far (--> stay as close as possible to mips branch)
5 years ago
M_ars 106a84cdbc Add Asus RT-N66U C1 support (almost the same like RT-AC66U B1)
Note: add support based on asus src and http://en.techinfodepot.shoutwiki.com/wiki/ASUS_RT-N66U_C1

- same router case like RT-AC66U B1 (buttons, leds, etc.)
- 2x Broadcom BCM4360 (eth1/eth2)
- router only sold in some countrys
5 years ago
M_ars 788f09764b defaults.c : disable IP Traffic (cstats) Monitoring feature by default and save cpu workload
Note: tomato user can enable it at admin-iptraffic.asp if needed.
In additon disabling cstats avoids the waring/note at basic-network.asp that netmask should have at least 22 bits (255.255.252.0).
(see 5e56835d07)

see arm issue 72
5 years ago
M_ars bde84c8df8 router: rc: firewall.c: raise a little allowed hit count in BF protection for remote GUI access (part 2 for IPv6) 5 years ago
M_ars 76e33d86a3 firewall: allow incoming IPv6 from br0 to br3 (and align also to IPv4)
Note: see arm issue 75
5 years ago
M_ars 048586b830 shared: led clean-up and use defines for GPIO_XY 5 years ago
M_ars 968a115645 shared: led.c: - improve function do_led_nongpio() and some cosmetic 5 years ago
M_ars 94e47c8948 SDK6: update ctf (part 2) (for single and dual-core)
tested with R7000 and RT-N18U, working correct
5 years ago
pedro 86e0f8b9db busybox: update to 1.27.2 5 years ago
pedro 81bb0ca432 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 1b6bb3eaae patches: getdns: name patches properly 5 years ago
pedro dd28d62f20 getdns: listeners reply returned wireformat (issue #430)
So that proxies based on `getdns_set_listen_addresses()` reply with compression from the original response.

Fix from upstream: bda845ce43
5 years ago
pedro abfd87934e GUI: Advanced: Firewall: simplify the part with WAN behavior for ping and traceroute 5 years ago
pedro bb1ce00109 iptables: update to 1.8.6
- cosmetic in patch
5 years ago
pedro 3ed0f17f6e xl2tpd: update to 1.3.16 5 years ago
pedro bebd606625 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro 74525823d2 GUI: Admin: Debugging: add possibility to enable segfault logging to syslog 5 years ago
pedro 82d7a9aa78 Merge branch 'arm-master' into arm-sdk7 5 years ago
pedro f1472e119a rc: qos.c: code optimization and clean-up. One version for ARM and MIPS branch.
- in PRs please use #ifdef TCONFIG_BCMARM/#ifndef TCONFIG_BCMARM/etc to distinguish different branches
5 years ago
snowman 5586444903 Merged in arm-master (pull request #35)
Add RT-AC67U support
5 years ago
M_ars 27f8f3cf5f pppd: fix/correction for commit IPv6: split IPv6 / IPv4 up and down logic (see d365748b8f)
fix for: PPTP Server and Client not working anymore

Note: V2 (with adjusted patch)
5 years ago
pedro 2eec459d8a kernel: net_sched: fix datalen for ematch
syzbot reported an out-of-bound access in em_nbyte. As initially
analyzed by Eric, this is because em_nbyte sets its own em->datalen
in em_nbyte_change() other than the one specified by user, but this
value gets overwritten later by its caller tcf_em_validate().
We should leave em->datalen untouched to respect their choices.

I audit all the in-tree ematch users, all of those implement
->change() set em->datalen, so we can just avoid setting it twice
in this case.

Reported-and-tested-by: syzbot+5af9a90dad568aa9f611@syzkaller.appspotmail.com
Reported-by: syzbot+2f07903a5b05e7f36410@syzkaller.appspotmail.com
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    [bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings's avatarBen Hutchings <ben@decadent.org.uk>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61678d28d4a45ef376f5d02a839cc37509ae9281
5 years ago
pedro 41202425e7 kernel: netfilter: ebtables: compat: reject all padding in matches/watchers
syzbot reported following splat:

BUG: KASAN: vmalloc-out-of-bounds in size_entry_mwt net/bridge/netfilter/ebtables.c:2063 [inline]
BUG: KASAN: vmalloc-out-of-bounds in compat_copy_entries+0x128b/0x1380 net/bridge/netfilter/ebtables.c:2155
Read of size 4 at addr ffffc900004461f4 by task syz-executor267/7937

Reported-by: syzbot+f68108fed972453a0ad4@syzkaller.appspotmail.com
Fixes: 81e675c227ec ("netfilter: ebtables: add CONFIG_COMPAT support")

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Ben Hutchings's avatarBen Hutchings <ben@decadent.org.uk>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e608f631f0ba5f1fc5ee2e260a3a35d13107cbfe
5 years ago
pedro a57380832a kernel: netfilter: ebtables: fix a memory leak bug in compat
In compat_do_replace(), a temporary buffer is allocated through vmalloc()
to hold entries copied from the user space. The buffer address is firstly
saved to 'newinfo->entries', and later on assigned to 'entries_tmp'. Then
the entries in this temporary buffer is copied to the internal kernel
structure through compat_copy_entries(). If this copy process fails,
compat_do_replace() should be terminated. However, the allocated temporary
buffer is not freed on this path, leading to a memory leak.

To fix the bug, free the buffer before returning from compat_do_replace().

Signed-off-by: Wenwen Wang's avatarWenwen Wang <wenwen@cs.uga.edu>
Reviewed-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=15a78ba1844a8e052c1226f930133de4cef4e7ad
5 years ago