aiden
/
freshtomato-arm
mirror of https://bitbucket.org/pedro311/freshtomato-arm
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
arm-master
arm-sdk714
arm-sdk7
arm-ng
2024.5
2024.4
2024.3
2024.2
2024.1
2023.5
2023.4
2023.3
2023.2
2023.1
2022.7
2022.6
2022.5
2022.4
2022.3
2022.2
2022.1
2021.8
2021.7
2021.6
2021.5
2021.4
2021.3
2021.2
2021.1
2021.1.082
2021.1.070
2021.1.044
2020.8
2020.8.164
2020.8.144
2020.8.130
2020.8.113
2020.8.083
2020.8.060
2020.8.048
2020.8.042
2020.8.029
2020.8.022
2020.8.021
2020.6
2020.6.084
2020.6.080
2020.6.076
2020.6.065
2020.6.064
2020.6.060
2020.6.055
2020.5
2020.4
2020.4.140
2020.4.100
2020.4.078
2020.3
2020.3.039
2020.3.031
2020.3.028
2020.3.027
2020.2
2020.1
2020.1.037
2020.1.001
2019.4
2019.4.095
2019.4.090
2019.4.056
2019.3
2019.3.274
2025.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'arm-ng'
${ noResults }
freshtomato-arm/CHANGELOG

1124 lines
71 KiB
Plaintext
Raw Permalink Blame History Unescape Escape

FreshTomato-ARM Changelog
===========================
2020.2 2020.03.20
--------------------------
Note: Because of changes in GUI it is recommended to clear the browser cache, or use Ctrl+F5
- Add Asus RT-AC68U B2 support (almost the same like AC1900P)
- kernel: tcp: avoid infinite loop in tcp_splice_read() Splicing from TCP socket is vulnerable when a packet with URG flag is received and stored into receive queue
- kernel: net: don't call strlen() on the user buffer in packet_bind_spkt() KMSAN (KernelMemorySanitizer, a new error detection tool) reports use of uninitialized memory in packet_bind_spkt()
- kernel: netfilter: nf_ct_ipv4: handle invalid IPv4 and IPv6 packets consistently IPv6 conntrack marked invalid packets as INVALID and let the user drop those by an explicit rule, while IPv4 conntrack dropped such packets itself
- kernel: netfilter: nf_ct_ipv4: packets with wrong ihl are invalid
- kernel: ipv6: do not increment mac header when it's unset Otherwise we'll overflow the integer. This occurs when layer 3 tunneled packets are handed off to the IPv6 layer
- kernel: ipv6: Allow IPv4-mapped address as next-hop Made kernel accept IPv6 routes with IPv4-mapped address as next-hop
- gmp: update to 6.2.0
- nginx: update to 1.17.9
- php: update to 7.2.28
- spawn-fcgi: update to 3c1b01c (2019.08.25) snapshot; clean sources, add patch instead, cosmetic in router/Makefile
- sqlite: update to 3.31.1
- libcurl: update to 7.69.0
- dnsmasq: update to 2.81rc3
- libexif: update to 54b6f7f (2020.02.29) snapshot
- nano: update to 4.8
- pcre: update to 8.44
- tor: update to 0.4.2.6
- getdns/stubby: update to 1.6.0/0.3.0
- pppd: fixes from upstream (pppd: Fix bounds check in EAP code; pppd: Ignore received EAP messages when not doing EAP)
- libcurl: update CA certificate bundle as of 2020-01-01
- GUI: TOR: add an option to resolve only .onion/.exit domains without having to configure anything else
- GUI: Fix Issue #15 to allow configuring remote access in router mode
- GUI: Admin Access: fix info about default web username
- GUI: Admin Access: delete the unnecessary http_root variable (Allow web login as "root") - now the username is 'root' if it's not entered, no need to check/uncheck something
- GUI: overview: fix the order of the enable/disable wifi buttons for routers with three radios
- GUI: overview: fix issue when warning about unsecured wifi appears, even if this radio is temporarily disabled by <20>Disable<6C> button on this page
- GUI: Admin Access: do not restart sshd if there are no configuration changes
- GUI: Basic Network: fix the order in which the wifi interfaces are selected when setting Wireless Client Mode bug similar to that on the Overview page fd06410
- GUI: clean-up; the first step to sorting out this mess
- GUI: add AdvancedTomato-like themes: red, blue, green and dark
- GUI: nas-samba.asp - add option to enable/disable GRO (Default Off <20>> like before)
- GUI: OpenVPN client: extend <20>To Domain<69> field to 50 chars
- GUI: support showing status of hilink modem reachable from any WAN
- router: Makefile: clean-up; remove unused scsi-idle package from the tree
- router: Makefile: fix some configure/compiler warnings, clean-up
- router: Makefile: there is no libyaml to install
- router: Makefile: remove FULL_OPENSSL var
- router: Makefile: always build and install zlib
- router: Makefile: samba3: build with libiconv if available
- router: Makefile: transmission: fix compiler warnings (partially); don<6F>t build utils/cli; clean-up recipe
- router: Makefile: add symlink to openssl
- router: httpd: misc.c: change memory format specifiers to unsigned integer, fixes #9 (there was an overflow in displaying memory sizes above 2GB)
- router: mdu: Makefile: build openssl11 with pthread
- router: others: secure adblock with lock file; cosmetic in Makefile
- router: others: mymotd: fix <20>bad number<65> bug when wanX is disabled
- router: rc: services.c: add warning to syslog when dnsmasq is skipped because of WEB mode enabled
- router: rc: init.c - adjust et and wl thresh value after reset (for wifi-driver and et_linux.c)
- router: rc: init.c - init variable restore_defaults to 0 and also use it to reset/adjust beamforming parameter
- router: rc: network.c - rework start and stop of emf/lan/wl - fix/correct start and stop of EMF (stop failed almost every time and also router stuck/hung sometimes at reboot via GUI!) - make EMF multi-lan aware - give feedback about start and stop EMF - rework basic start and stop of start_lan / start_lan_wl / start_wl / start_wireless
- router: rc: usb.c - improve/extend detection to activate the USB LED for Router with only one USB LED
- router: rc: network.c - bring down loopback interface if we stop lan (and some cosmetic)
- router: rc: init.c - remove start_nas()/stop_nas() (already done at start_services()/stop_services())
- router: rc: blink_br.c - exit / stop blink_br for router with more than one LAN LED (we do not need blink_br in that case <20>> save memory/cpu load)
- router: rc: init.c - reboot automatically when the kernel panics and set waiting time (3 sec now)
- router: rc: init.c - set overcommit_memory and overcommit_ratio
- router: rc: network.c - unload/load wifi driver only with start_lan() and stop_lan()
- router: rc: network.c - make sure to validate/restore all per wl-interface related variables for sdk7
- router: rc: init.c - load wifi driver for sdk7 at sysinit Hint: sdk7 seems to be a special case
- router: rc: services.c: simplify if statement
- router: www: vpn-tinc.asp: fix some bugs, add link to the tutorial, clean-up
- router: www: status-overview.asp: add missing 10Mb port icons, add set of half-duplex icons, code optimization/reduce size, clean-up
- RT-AC3200: improve/change LED table if router is in WiFi bridge mode
- Huawei WS880: disable wifi blink by default for WS880, causing problems (This is a workaround for now!)
- Huawei WS880: change LED table
2020.1 2020.01.20
--------------------------
- openssl: update to 1.0.2u
- nano: update to 4.7
- tinc: update to de7d5a0 (2019.07.17) snapshot
- dnsmasq: update to ab53883 (2020.01.11) snapshot
- e2fsprogs: update to 1.45.5
- libcurl: update to 7.68.0
- openssl-1.1: move folder to openssl-1.1
- openssl11: Enable OpenSSL 1.1.1 in router/Makefile
- openssl11: add patch
- openssl11: tor: enable OpenSSL 1.1.x support
- openssl11: OpenVPN: enable OpenSSL 1.1.x support
- openssl11: getdns/stubby: enable OpenSSL 1.1.x support
- openssl11: vsftpd: enable OpenSSL 1.1.x support
- openssl11: enable OpenSSL 1.1.x for libcurl, mdu (if built with libcurl), transmission
- openssl11: tinc: enable OpenSSL 1.1.x support
- openssl11: nginx: enable OpenSSL 1.1.x support
- openssl11: mysql: enable OpenSSL 1.1.x support
- openssl11: enable OpenSSL 1.1.1 for httpd, mssl, mdu (if built with mssl)
- openssl11: dnsmasq: add openssl backend for DNSSEC
- openssl11: Add OPENSSL_PREFER_CHACHA_OVER_GCM option
- openssl11: priorize CHACHA over GCM for models with no AES acceleration
- openssl11: don<6F>t build test and fuzz to shorten build time
- openssl11: enable OpenSSL 1.1.x on all targets
- GUI: FTP Server Configuration: add usage notes
- GUI: advanced-vlan.asp - make it possible to create a VLAN with all ports (including tag on!)
- GUI: Static DHCP/ARP/IPT: also restart dnsmasq when saving
- GUI: Advanced: DHCP / DNS Server (LAN): change the <20>DHCPC Options<6E> format to a 256 character textarea
- vsftpd: clean 3.0.3 sources, add patch instead
- mdu: fix some bugs (again)
- stubby: add syslog support
- pppd: restore the use of libcrypt to support DES instead of OpenSSL (commit #5c08f06 introduced an upstream change: 'Use openssl for DES instead of libcrypt / glibc', with no choice of libcrypt (only libdes and OpenSSL). It requires OpenSSL 1.0.2 and prevents compilation with OpenSSL 1.1. This commit fixes it))
- pppd: fixes from upstream (pppd.h: Add missing headers; pppd: Don't free static string; pppd: Limit memory accessed by string formats with max length specified; pppd: Make sure word read from options file is null-terminated; pppd: Avoid use of strnlen (and strlen) in vslprintf)
- miniupnpd: get rid of OpenSSL dependencies in miniupnpd
- vpnrouting: fix the extraction of foreign options from the OpenVPN server, add a warning if the option is enabled but nothing was received from the server, change firewall restart - move to the very end
- busybox: wget: openssl11: fix ssl when built with OpenSSL-1.1.x
- NFS: allow selection of protocol version; optimization and clean-up; move code from nfs.rc script to nfs.c
- router: Makefile: correct/adjust/fix emf & igs targets
- router: wlconf: use src files / compile from sources
- router: shared: defaults.c: align type1 nvram settings to Asus SRC
- router: shared: defaults: add nvram acs variables (align to Asus SRC)
- router: shared: defaults: add limit for association retries (align to Asus SRC)
- Asus RT-AC1900P: fix detection
- RT-AC68U: extend stealth mode (add / turn off Asus Logo LED also)
2019.4 2019.12.29
--------------------------
- Add AC1900P Router Support (thanks Don Bushway aka snowman58)
- openssl11: add OpenSSL 1.1.1d to the tree
- dnsmasq: update to 7d04e17 (2019.12.12) snapshot
- pptpd: update poptop to 3b7a80c (2019.10.14) snapshot
- ebtables: up version to 2.0.11
- libusb: fixes from upstream
- tor: update to 0.4.2.5
- nano: update to 4.6
- php: update to 7.2.26
- libjson-c: update to d6b968d (2019.12.13) snapshot
- libexif: update to da025b3 (2019.12.13) snapshot
- libubox: update to 07413cc (2019.11.24) snapshot
- usb-modeswitch: update to 2.6.0
- usb_modeswitch: update data package to 20191128
- pppd: fixes/updates from upstream
- adminer: update to 4.7.5
- openssl11: add build recipes
- busybox: enable TAC command
- busybox: enable support for lspci. Enable lsusb, CONFIG_FEATURE_WGET_STATUSBAR, and CONFIG_FEATURE_VERBOSE_USAGE in config_base instead of Makefile
- build: update libfoo.pl for OpenSSL 1.1.x
- GUI: PPTP Client Configuration: fix problems with <20>Start/Stop Now<6F> button
- GUI: OpenVPN Client: cosmetic as suggested by @rs232: https://www.linksysinfo.org/index.php?threads/fork-freshtomato-arm-development-thread.74117/post-309967
- GUI: add Model Name to the header
- TTBv2 - add local storage and custom URL support
- NFS: fix connection problems: "nfsd: unable to resolve ANYADDR:nfs: Servname not supported for ai_socktype"; (fixes issue #3)
- VPN PPTP Client: changes and improvements - tested on 2 ARM routers as client and server, working (both: lan and internet access)
- VPN PPTP: changes and improvements (part 2) - tested on Android and MIPS/ARM routers in different configurations, working (both: lan access and internet)
- mdu: use libcurl if available for DDNS
- mdu: Add dns.he.net DDNS support
- mdu: fixes and improvements
- nvram utility: fix unwanted new line in output when variable in nvram is set but empty (fixes problems with e.g: <20>nvram get VAR | wc -l<>)
- pppd: merge patches 109-fixes-from-upstream and 110-various-fixes-for-errors-found-by-coverity-static-analysis with the sources
- Makefile: clearly identify the AC68U (C1 E1) model in the image name
- patches: portmap: fix patch
- patches: ebtables: fix patch
- httpd: gencert.sh: add emailAddress attribute to generated certificate
- httpd: gencert.sh: use openssl11 when available for certificate generation; replace deprecated genrsa command with genpkey
- router: Makefile: openssl: openssl11: tweak build recipes; removed unused ciphers
- router: Makefile: do not add /rom/etc/vpn to image
- router: mdu: fix missing User-Agent curl header
- router: accel-pptp: fix some warnings from code analyzer
- router: others: sysinfo: add -p switch to netstat (thanks @tvlz)
- router: rc: mdu: mdu.c: cosmetic, stay as close as possible to MIPS version
- router: rc: pptpd.c: add interface ppp1* to dnsmasq config (only for DNS); (fix for: PPTP Client Android 9 cellphone/smartphone can now successfully connect and use the tunnel)
- router: rc: pptpd.c: add interfaces vlan* and eth* to dnsmasq config (only for DNS); (fix for: PPTP Client Android 9 cellphone/smartphone can now successfully connect and can access local lan / samba / et cetera)
- router: rc: pptp_client.c: fix the inability to enable pptp when <20>Start with WAN<41> is unchecked
- router: rc: services.c: c: Add WPAD DHCP option for Win7/8 by default if dhcpd_auth >=0 is fixed in nvram
- router: rc: usb.c: set USB LED(s) after saving settings (case web admin)
- router: utils: use src files / compile from src
- router: www: vpn-pptp.asp: fix annoying bug that clicking <20>Start Now<6F> causing pop-up window with warning <20>Unsaved changes will be lost. Continue anyway?"
- router: www: tomato.js: cosmetic (thanks @tvlz)
- router: www: tools-survey.asp: cosmetic (thanks @tvlz)
- Revert <20>nocat: Attempts to make Captive Portal work<72>
- DIR868L: add libutil to all builds, including the special build for DIR868L Router A1/B1/C1 (PPPoE working again)
2019.3 2019.11.23
--------------------------
- SDK6 update (as new branch: arm-ng): Add support for C0 CPU (based on the work of Don Bushway aka snowman58)
- Add Netgear R6400v2 support
- Add Netgear R6700v3 support (same like R6400v2)
- Add Asus RT-AC66U B1 / RT-AC68U (C1/E1) support
- kernel (all): drivers: net: usb: usbnet: sanity checking of packet sizes and device mtu
- kernel (all): drivers: net: usb: cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
- kernel (all): drivers: net: usb: usbnet: ignore endpoints with invalid wMaxPacketSize
- kernel (all): drivers: net: usb: cdc_ncm: handle incomplete transfer of MTU
- kernel (all): drivers: net: usb: fixes/additions from upstream (cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size(); qmi_wwan: add support for Cinterion CLS8 devices; qmi_wwan: add Telit 0x1050 composition; qmi_wwan: add support for DW5821e with eSIM support; qmi_wwan: add support for Foxconn T77W968 LTE modules)
- miniupnpd: update to 2.1.20191006
- dnsmasq: update to 936bd82 snapshot
- sqlite: update to 3.30.1
- e2fsprogs: update to 1.45.4
- nano: update to 4.5
- php: update to 7.2.24
- xl2tpd: update to 1.3.15
- libogg: update to 1.3.4
- openvpn: update to 2.4.8
- libxml2: update to 2.9.10
- libcurl: update to 7.67.0
- flac: update to 1.3.3
- libcurl: Updated CA certificate bundle as of 2019-10-16
- WL: update wireless driver for SDK7 to GPL 382.51640
- GUI: OpenVPN server: extend Username field to 25 chars
- GUI: Report CFE version on status-overview.asp page
- GUI: rename <20>Enable SYN cookies<65> to <20>Enable TCP SYN cookies<65>
- GUI: reading webmon logs from end to beginning to repair display
- GUI: Hide references to TOR on advanced-dhcpdns.asp if image was built without it
- TTB: fix memory leak, when WAN or tomatothemebase.eu is down (bug present from the very beginning)
- Modified prompt of nvram utility
- hiding nvram size summary when displaying mymotd
- RTCONFIG_FANCTRL not defined or used, TCONFIG_FANCTRL is used
- Makefile: we need to distinguish arm-ng images with names in relation to the arm-master
- router: httpd: misc.c: tune-up function get_cfeversion()
- router: httpd/shared: remove unused variable <20>trunk_vlan_so<73>
- router: others: mymotd: fix typo in #0f5379b
- router: others: wwansignal: simplify checkPid(), cause we have only low priority process here
- router: rc: firewall.c: fix compiler warning
- router: rc: nginx.c: clean-up, code optimization - size reduced by almost 4kB
- router: rc: openvpn.c: fix typo causing wrong netmask to be added to the nat for bridges 2 - 4
- router: rc: openvpn.c: clean-up, code optimization - size reduced by almost 4kB
- router: rc: services.c: make reading stubby version more secure
- router: rc: services.c: clean-up, code optimization - size reduced by almost 3kB
- router: rc/shared: fix compiler warnings
- router: shared: id.c: do call check_hw_type() only once (only cosmetic / optimization <20>> save cpu work/load)
- router: www: about.asp: add BT donation address to the page + cosmetics
- router: www: status-overview.asp: fix CPU temperature refreshing
- Tenda AC15: correct/fix detection, caused by (earlier) commit
- Tenda AC15: rely on tenda cfe default / init parameter (for each router)
- Tenda AC18: use variable 1:boardnum=AC18_5G to determine Tenda AC18 (and add some more infos)
- Tenda AC18: rely on tenda cfe default / init parameter (for each router)
- R6400v2 / R6700v3: align extra default parameter for Wifi modules to values from dd wrt
- Revert include/ctf files from commit c943223. Causing boot loop
- Updated bcmrobo.c and bcmdevs.h to fix R6400v2 WAN LED not working
- Updated led.c to work with updated bcmrobo.c
- Update bcmrobo to support R7000, R6400v2 and update led.c . WAN led support now in bcmrobo
- EA6200 / EA6350v1: rely on linksys cfe default / init parameter (for each router)
- Update bcmrobo to support R8000. Switch not being properly initialized for WAN led. Update led.c to fix WAN led color from amber to white
- AC66U_B1 being identified as a U68 C1 rearranged checks
- RT-AC66U B1: change/fix LED table (not the same like RT-AC68U)
- RT-AC66U B1: clean-up button setup and remove wifi button
2019.3.220-beta - 2019.09.29
----------------------------
Recommendations:
- clear your NVRAM after upgrade! (Erase all data in NVRAM memory (thorough))
- Add Cisco Linksys EA6350v1 support
- Add Tenda AC18 support
- Add Cisco Linksys EA6200 support
- kernel: tcp: refine memory limit test in tcp_fragment()
- kernel: support Huawei CDC NCM driver (backported from newer kernels)
- kernel: drivers: net: usb: fixes/additions from the upstream
- nettle: update to 3.5.1
- uqmi: update to 2019.06.27 (1965c71) snapshot
- sqlite: update to 3.29.0
- php: update to 7.2.22
- nfs-utils: update to 1.3.4
- e2fsprogs: update to 1.45.3
- ffmpeg: update to 0.6.7
- nginx: update to 1.16.1
- nano: update to 4.4
- tor: update to 0.4.1.5
- miniupnpd: update to 2.1.20190902
- dnsmasq: update to 2.80-e24abf2 snapshot
- openssl: update to 1.0.2t
- tor: update to 0.4.1.6
- Updated adminer from 4.7.2 to 4.7.3 2019-08-27
- portmap: clean-sources 6.0, add patch instead
- libxml2: update to 2.9.9 + libs optimization
- libpng: update to 1.2.59 + libs optimization
- libubox: update to 2019.06.16 (ecf5617) snapshot
- libjson-c: update to 2019.06.09 (07ea04e) snaphot
- libexif: update to 2019.06.15 (a0c04d9) snaphot
- libiconv: update to 1.16 + libs optimization
- libnfnetlink: update to 2018.05.11 (5087de4) snapshot
- libmnl: update to 2019.05.06 (5937dfc) snaphot
- libevent: update to 2.1.11-stable + libs optimization
- libcurl: update to 7.66.0 + libs optimization
- libusb: update to 1.0.23
- libcurl: Updated CA certificate bundle as of 2019-08-28
- pcre: reduce size
- lzo: set optimize flag also for CPP
- ebtables: build ipv6 extension only if needed
- Move disabling of rp_filter from mwan to firewall and make it multiwan aware
- Test and fix wwansignal with all possible modes of Huawei E8372
- Fix race condition starting wireless WAN causing route addition failure.
- Add Cloudflare DDNS support
- Fix undefined function reference in wwan_parser.js
- Revert "libcurl: disable proxy and libcurl output options"
- httpd: gencert.sh: add "TLS Web Server Authentication" to certificate's extended attributes
- httpd: limit SSL certificate to 2 years if clock is accurate
- OpenVPN: add Strict Mode to client's Routing Policy
- Make solving domain .onion using Tor optional
- GUI: admin-buttons.asp - add option to turn on/off blink for WiFi LEDs (and some cosmetic)
- GUI: advanced-wireless.asp - add Turbo QAM option (Default: On --> like before/no change)
- GUI: advanced-wireless.asp - add options for TX Beamforming (align to Asus SRC)
- GUI: advanced-wireless.asp - add option Air Time Fairness (remove restriction only for R7000 / R8000)
- GUI: fix/add conditional OpenVPN client restart, if the entry was removed from Routing Policy table only by clicking the "x" sign
- router: Makefile: cosmetics in libmnl recipe
- router: Makefile: fix/tune OpenVPN recipe
- router: wanuptime: fix compiler warnings
- router: others: -clean-up and remove obsolete (mips) stealthMode script completely from ARM branch
- router: others: mymotd: remove unused stealthmode support + cosmetics
- router: shared: led.c add function set_gpio() and replace system calls (and also at rc: inti.c)
- router: rc: init.c - remove blink_wl for R8000 because it is now turned on by default (sync with sdk6)
- router: rc: / shared: clean-up and remove MIPS hardware and router completely from ARM branch
- router: rc: usb.c: replace xstart() calls with set_gpio()
- switch4g: also try to reset modem in QMI mode
- RT-N18U / RT-AC56U / RT-AC68U: set boot_wait=on (default for Asus) and set wait_time=3
- R6250/R6300v2/R6400/R7000: set boot_wait=on and set wait_time=3
- DIR868L / WS880: set boot_wait=on and set wait_time=3
- R1D / EA6400 / EA6700 / EA6900 / WZR-1750DHP: set boot_wait=on and set wait_time=3 (10 for R1D)
- R7000: setup/init Wifi modules with extra default parameter - split up Netgear R Series Router to init WiFi modules parameter (not the same for all models...) - clean up, remove 5 GHz WiFi parameter from 2,4 GHz init/setup - clean up, remove 2,4 GHz WiFi parameter from 5 GHz init/setup - align to dd wrt default values
- R7000: fix overlapping MAC addresses with more than one VIF per WiFi module
- R6400 / R6300v2 / R6250: fix overlapping MAC addresses with more than one VIF per WiFi module
- RT-N18U / RT-AC56U / RT-AC68U: fix identical MAC addresses for LAN and WiFi module
- Tenda A15 / AC18: assign unique MAC addresses for WAN, LAN and WiFi modules
- DIR868L / WS880: assign unique MAC addresses for WAN, LAN and WiFi modules
- Xiaomi MiWiFi R1D: fix overlapping MAC addresses with more than one VIF per WiFi module
- Buffalo WZR-1750DHP: assign unique MAC addresses for WAN, LAN and WiFi modules
- R6300v2: setup/init Wifi modules with extra default parameter - split up Netgear R Series Router to init WiFi modules parameter (not the same for all models...) - clean up, remove 5 GHz WiFi parameter from 2,4 GHz init/setup - clean up, remove 2,4 GHz WiFi parameter from 5 GHz init/setup - align to dd wrt default values
- RT-AC56U: small change for init of Wifi modules (align to values of dd wrt and some cosmetic/alignment to other tomato router)
- RT-N18U / RT-AC68U: small change for init of Wifi modules (align to other tomato router)
- R6400: setup/init Wifi modules with extra default parameter - split up Netgear R Series Router to init WiFi modules parameter (not the same for all models...) - clean up, remove 5 GHz WiFi parameter from 2,4 GHz init/setup - clean up, remove 2,4 GHz WiFi parameter from 5 GHz init/setup - align to dd wrt default values
- R6250: setup/init Wifi modules with extra default parameter - split up Netgear R Series Router to init WiFi modules parameter (not the same for all models... Last one! :-) ) - clean up, remove 5 GHz WiFi parameter from 2,4 GHz init/setup - clean up, remove 2,4 GHz WiFi parameter from 5 GHz init/setup - align to dd wrt default values
- RT-N18U: make sure to enable gpio 13 for WiFi IC after re-/boot (only for safety)
- EA6200: extend/fix support - show correct name at GUI - load correct cfe default parameter/config (fix for initial support)
- DIR868L rev C1: improve support - load correct cfe default parameter for rev C1 (not the same like for rev A1/B1) - small change for init of Wifi modules (align to other tomato router)
- RT-AC56U: extend LED table (add missing 2.4 GHz WLAN Led finally!)
- EA6200 / EA6350v1: rebranding - boxes/units are shipped with "AC1200 Linksys EA6350v1" and "AC900 Linksys EA6200" (remove Cisco, only Linksys)
- RT-N18U: modify/adjust 2,4 GHz WiFi setup/init parameter (align to Asus 384)
- Xiaomi R1D: automatic fanctrl rework
- RT-AC3200 / R8000: set boot_wait=on and set wait_time=3
- RT-AC3200: fix identical MAC addresses for LAN and 2,4 GHz WiFi module (eth2)
- R8000: fix overlapping MAC addresses with more than one VIF per WiFi module
2019.3.118-beta - 2019.07.06
----------------------------
Recommendations:
- clear your NVRAM after upgrade!
- users using OpenVPN client: check your settings!
- GUI problems: use Ctrl+F5 and/or clean your browser cache.
- openssl: update to 1.0.2s
- nano: update to 4.3
- sqlite: update to 3.28.0
- miniupnpd: update to 2.1.20190630
- php: update to 7.2.19
- tor: update to 0.4.0.5
- nginx: update to 1.16.0 - Stable Branch
- pcre: update to 8.43
- xl2tpd: update to v1.3.14les
- libcurl: update to 7.65.1
- libcurl: update CA certificate bundle as of 2019-05-15
- e2fsprogs: update to 1.45.2
- ebtables: update to 2019.06.28 snapshot
- pppd: various fixes for errors found by coverity static analysis
- patches: update patch for xl2tpd + cosmetics
- patches: cosmetics in php patch
- patches: ebtables: build ipv6 extension only if needed
- patches: fixes in pppd patches
- kernel: XZ: fix incorrect XZ_BUF_ERROR
- kernel: Backport ida_simple_* kernel functions
- kernel: improve sack handling and resource usage
- kernel: xfrm: Return error on unknown encap_type in init_state
- kernel: netfilter: ebtables: Revert "fix wrong name length while copying to user-space" (it breaks ebtables totally...)
- kernel: update netfilter_bridge headers
- kernel sdk7: XZ: fix incorrect XZ_BUF_ERROR
- kernel sdk7: Backport ida_simple_* kernel functions
- kernel sdk7: improve sack handling and resource usage
- kernel sdk7: update netfilter_bridge headers
- kernel sdk7: fix for CVE-2011-0726
- switch4g: Fix 4g wan restart causing wrong restart of wan1 due to dhcpc-event bound event behavior and missing wanX_iface nvram var
- switch4g: cosmetics and fix minor display bug
- wwansignal: fix problems with signal level and LAC value on some modems (ie. Huawei E8372)
- watchdog/redial: Fix race condition between ppp watchdog and redial (for keepalive mode)
- MultiWAN: Add routes for all LAN bridges when creating multiwan routing tables
- MultiWAN: Improve code layout, merge if branches
- MultiWAN: Disable rp_filter on multiwan routing add to allow policy-based routing to work
- MultiWAN: Implement MultiWAN Up script (WAN number passed as $1) that runs regardless of which one is considered the "primary" one
- IPv6: fix IPv6 6to4 tunnel (if remote host was on 6to4, the packets were dropped because of wrong routing and tunnel settings; this fixes issue #51; Reference: http://tomatousb.org/forum/t-461151/6to4-tunnel-in-tomatousb-is-done-wrong)
- IPv4: ip_input.c / ip_output.c - sync sdk7 with sdk6
- OpenVPN: fix generating an openvpn client configuration on server with TLS authorization [2]
- OpenVPN: key generation: add also "key-direction" in the second case
- OpenVPN: use of the OpenVPN scripting engine
- OpenVPN: rename files and functions from vpn to ovpn/openvpn for better consistency
- OpenVPN: configurable inbound allow/drop firewall policy for clients
- OpenVPN: fix the visibility of the Routing Policy table and when the rules are to be applied
- OpenVPN: "Manage Client-Specific Options" Fix bug when more than one subnet per client is defined in ccd (only the last one was stored in ccd)
- OpenVPN: Client: also run up/down script for Static Key auth
- OpenVPN: Client: move back firewall rules to vpn.c script
- OpenVPN: Client: split updown script
- OpenVPN: Client: simplify use of Routing Policy (remove route-nopull and route-noexec options, add in "Redirect Internet traffic" option "Routing Policy" instead, remove unused variables from NVRAM, fix links to OpenVPN howtos)
- OpenVPN: Client/Server: add tls-crypt as an option - encrypt and authenticate all control channel packets with the key
- OpenVPN: Routing Policy: copy routes from the main table to the alternate routing table
- OpenVPN: some improvements: updown-client.sh: remove unneeded dnsmasq restart, vpnrouting.sh: add a FW restart instead of a simple local script call - when kill switch will be ready, it can be change back
- OpenVPN: Fix password validation to actually accept 70 characters
- OpenVPN: Integrate OpenVPN 2.4.7 Tunnelblick XOR patch (allows using obfuscated servers)
- OpenVPN: Adjust OpenVPN policy routing priority to come before multiwan rules
- OpenVPN: Fix OpenVPN policy based routing in case of using route-nopull or no pushed routes
- OpenVPN: When OpenVPN inbound firewall is enabled, adjust fw rules to allow reply packets
- OpenVPN: move loading of the policy routing modules (hash:ip) to openvpn.c script
- GUI: fix removal of the WWAN SMS
- GUI: fix undefined Modem Type on "WWAN Modem Status" (also lack of link to view WWAN SMS) when modem on different wan than the first one
- GUI: OpenVPN Client: extend password field to 70 characters
- GUI: add "Wifi Security Disabled" warning on Status Overview page
- GUI: advanced-dhcpdns.asp - add DHCP IPv6 lease time option
- GUI: advanced-firewall.asp - add IGMP proxy option quickleave
- GUI: advanced-firewall.asp - Add note for hidden IGMP proxy settings
- GUI: admin-buttons.asp - add/show Startup LED
- GUI: admin-buttons.asp - remove brau mask (not needed/used at ARM branch)
- GUI: status-overview.asp - extend Ethernet Ports State - distinguish all possible speed modes (1000 FD/HD, 100 FD/HD, 10 FD/HD and Auto
- www: vpn-server.asp: cosmetics
- www: basic-ipv6.asp: cosmetics
- www: vpn-client.asp: fix missing </div>
- www: basic-time.asp: fix javascript error
- router: clean-up of unused files and variables
- router: Makefile: save space in NVRAM for routers with 32k NVRAM
- router: Makefile: cosmetics
- router: Makefile: fix logic in applying/unapplaying the patches
- router: Makefile: remove the patches in reverse order
- router: Makefile: clean-up and simplify libcurl recipe
- router: Makefile: php: remove deprecated option - --without-mcrypt
- router: Makefile: libcurl: fix build break
- router: Makefile: dnsmasq: skip gost validation with nettle, it's not supported anyway
- router: config: config.in: cosmetics
- router: ebtables: restore original #include in ebt_ip.c
- router: shared: led.c: remove not needed comments
- router: shared: led.c: cosmectic for function do_led() - add some comments - prepare for non GPIO LEDs
- router: shared: led.c: remove/clean-up MIPS Router at function do_led() (--> not needed at ARM branch) and make LED table much smaller (--> save space/memory)
- router: shared: led.c: do call get_model() only once (only cosmetic / optimization)
- router: shared: led.c: extend LED table and make it possible to turn on/off bridge LEDs for most Router (R6400, R7000, RT-AC68U, EA6400, EA6500v2, EA6700, EA6900, AC15)
- router: shared: led.c: adjust LED table LED_AOSS (used for Power LED, active LOW) for Asus Router RT-AC3200
- router: shared: led.c: adjust LED table LED_AOSS (used for Power LED, active LOW) for Asus Router RT-N18U, RT-AC56U, RT-AC68U
- router: shared: led.c: add conditional compilation and some cosmetic
- router: shared: led.c: avoid compiler warning because of unused variable wzr1750
- router: shared: defaults.c: cosmetics
- router: shared: shared.h: remove not used define LED_BLINK (and cosmetic)
- router: rc: optimizing code, cosmetics - (mainly for openvpn part; based on @RMerlin - thanks!)
- router: rc/shared: led.c: corrections for sdk7 - add case for second 5 GHz WLAN and special case for LED AOSS
- router: rc: vpn.c: add missing closedir() in write_vpn_dnsmasq_config() function
- router: rc: vpn.c: cosmetics, clean-up
- router: rc: openvpn.c: Make firewall rules consistent in both IPv4 and IPv6
- router: rc: init.c / rc: button.c / shared: led.c - do some clean-up - use LED_ON and LED_OFF - cosmetic
- router: rc: rc.c / init.c / wan.c - remove obsolete SET_LED() and defines - clean-up
- router: rc: led.c: add/show a note if stealth mode is turned ON (and some cosmetic)
- router: rc: led.c: small optimization for led_main(), compare (full) led name only once
- router: rc: led.c: extend led cmd to react properly with blink turned on
- router: rc: led.c: extend led cmd to react properly with blink_br turned on
- router: rc: led.c: add special case for ASUS Router with FreshTomato: LED_AOSS is used for Power LED (active LOW, inverted! --> see LED table at shared/led.c )
- router: rc: button.c: do some clean-up/cosmetic - use LED_ON and LED_OFF - call get_model() only once - add some comments
- router: rc: button.c: remove/clean-up MIPS Router (--> not needed at ARM branch) and remove brau mask (not needed/used at ARM branch)
- router: rc: button.c: turn on Power LED again (LED_AOSS) after WPS- OR WLAN- Button has been pressed
- router: rc: blink.c: remove/clean-up unused variables - some cosmetic - adjust sleep time between checks
- router: rc: blink.c: add checks for rate and threshold command line parameters
- router: rc: blink.c: prevent the start of blink for non GPIO leds and/or unknown LEDs
- router: rc: blink_br.c: do call get_model() only once (only cosmetic / optimization)
- router: others: watchdog: Cosmetics
- SDK7 dhd logging: turn off/suppress dhd debug messages
- R8000: add wifi button - reset button gpio 6 active LOW (no change) - wifi button gpio 4 active LOW (change assignment) - wps button gpio 5 active LOW (new/change)
- R8000: fix stealth mode, Power LED was still turned on
- R7000: add wifi button - reset button gpio 6 active LOW (no change) - wifi button gpio 5 active LOW (change assignment) - wps button gpio 4 active LOW (new/change)
- R6400: add wifi button - reset button gpio 5 active LOW (no change) - wifi button gpio 4 active LOW (change assignment) - wps button gpio 3 active LOW (new/change)
- RT-AC3200: add wifi button - reset button gpio 11 active LOW (no change) - wps button gpio 7 active LOW (no change) - wifi button gpio 4 active LOW (new/cange)
- RT-AC3200: change LED table - catch up to RT-N18U / RT-AC56U / RT-AC68U LED FT behavior
- RT-AC3200: extend LED table - assign return value 254 (non GPIO) for 2.4/5.0/5.0(second) GHz WLAN LEDs - add the ability to control/set all WLAN LEDs on/off
- RT-AC3200: extend stealth mode (part 1)
- RT-AC68U: add wifi button - reset button gpio 11 active LOW (no change) - wps button gpio 7 active LOW (no change) - wifi button gpio 15 active LOW (new/change)
- RT-AC68U: extend LED table - assign return value 254 (non GPIO) for 2.4/5.0 GHz WLAN LEDs - add the ability to conrol/set both WLAN LEDs on/off
- RT-AC56U: add wifi button - reset button gpio 11 active LOW (no change) - wps button gpio 15 active LOW (no change) - wifi button gpio 7 active LOW (new/change)
- RT-N18U: add some comments for buttons (only cosmetic) - reset button gpio 7 active LOW (no change) - wps button gpio 11 active LOW (no change)
- RT-N18U: extend LED table - assign WLAN return value 254 (non GPIO)
- R6250 / R6300v2: add wifi button - reset button gpio 6 active LOW (no change) - wifi button gpio 5 active LOW (change assignment) - wps button gpio 4 active LOW (new/change)
- EA6500v2: add new/extra LED table for that router - assign GPIO pin 6 for LED_WHITE (active LOW)
- EA6500v2: add to stealth mode (extended --> Logo LED was missing)
- DIR868L: Use LED Diag (toggle green / amber) for feedback if a button is pushed (and some cosmetic)
- DIR868L: enable 5 GHz WLAN radio after full NVRAM erase
- WZR-1750DHP: add reset button and use LED_DIAG for feedback (was missing so far)
- WZR-1750DHP: add to stealth mode
- WZR-1750DHP: change LED table
- WZR-1750DHP: change LED table (Part 2) - assign GPIO 0 with color blue for LED_USB / USB LED (active HIGH)
- AC15: change LED table and button feedback - add support for 2.4 GHz LED (non GPIO) - turn on WPS LED again (LED_AOSS) after WPS- OR WLAN- Button has been pressed
- AC15: enable blink for 5 GHz Wifi
- AC15: adjust GUI Ethernet Ports State - start with LAN Port 1 now (fix for Issue #60) (LAN Port 4 ==> Show "NOSUPPORT" for the not available Port)
- README: DIR868L: add supported rev (A1/B1/C1)
2019.2 - 2019.04.20
----------------------------
- openssl: update to 1.0.2r
- SQLite: update to 3.27.2
- php: update to 7.2.17
- dnsmasq: update to 2.80-343b7b4 snapshot
- libcurl: update to 7.64.1
- nano: update to 4.0
- dropbear: update to 2019.78
- pppd: clean sources 2.4.5, add patches instead
- pppd: update to 2.4.6
- pppd: update to 2.4.7
- pppd: fixes from upstream
- miniupnpd: update to 2.1.20190408
- libyaml: update to 0.2.2
- getdns: update to 1.5.2 + upstream build error fix
- getdns: add patch to fix missing define for log_warn
- libubox: update to eeef7b5 snapshot
- patches: miniupnpd: fix naming, cosmetics
- patches: libcurl: cosmetics
- ebtables: add 2 patches (Check -C parameters correctly, Check port range correctly)
- OpenVPN: change the default order of Negotiable Ciphers
- OpenVPN: fix generating an openvpn client configuration on server with TLS authorization (enable remote-cert-tls)
- router: Makefile: build openssl with no SSLv2 and SSLv3 support
- router: Makefile: clean-up openvpn recipe
- router: Makefile: clean-up miniupnpd build recipe
- router: Makefile: build dnsmasq with HAVE_AUTH flag
- router: Makefile: fix emf install
- router: rc: misc.c: clean-up
- router: rc: usb.c: add support for Router with two USB LEDs / Ports (according to LED table at shared/led.c)
- router: rc: usb.c: change R8000 assignment for USB2/USB3 (and some cosmetic)
- router: rc: usb.c: some cosmetic at function usbled_proc(...) / align to sdk7
- router: rc: usb.c: change R7000 assignment for USB2/USB3 (only cosmetic)
- router: rc: services.c/network.c/usb.c: clean-up and cosmetics
- router: rc: services.c: add function disable_led_wanlan() to have more compact code
- router: rc: services.c: add stealth mode also for R8000 and AC3200
- router: rc: network.c - change blink behaviour / start
- router: rc: services.c: add some logging when starting/stopping services
- router: rc: services.c: change the way how "serial" and "uuid" are created in minidlna config
- router: rc: services.c: cosmetics
- router: rc: rc.h - add missing prototype declaration for function start_phy_tempsense() and stop_phy_tempsense()
- router: shared: misc.c: correct insufficient number of snprintf arguments
- router: rc: change the name of the ntpc service to ntpd + some code changes, in accordance with other start/stop functions
- router: rc: blink_br.c - small fix for the Router RT-AC56U - distinguish two cases right now: LAN Port 0-1-2-3 or 1-2-3-4
- router: rc: init.c: change back to where the start_wan() function is called
- router: rc: init.c: Reverted "Change back to where the start_wan () function is called"
- router: rc: init.c: change min_free_kbytes setting - catch up to AsusWRT / Merlin and also Netgear (case 20 MByte right now, was 14 MByte)
- router: rc: init.c: tune SMP
- router: rc: vpn.c: fix client/server start on NOSMP routers
- router: rc: vpn.c: increase interface queue length from 100 to 1000 bytes
- router: rc: clean-up (cosmetics)
- router: rc: services.c and shared: led.c: do some cleanup and cosmetic - move all functions for LEDs into led.c - rename start_led_setup() to led_setup - add function enable_led_wanlan()
- router: others: wwansignal: fix showing the 3G signal level
- router: others: switch3g/switch4g/wwansignal: some improvements/fixes
- router: www: tools-shell.asp: support of multiple lines pasted into termlib window
- router: www: status-overview.asp: a few W3C fixes
- router: www: Makefile: remove more obsolete stuff from html
- router: www: qos-graphs.asp: fix W3C again
- router: www: another W3C fixes
- router: httpd/rc: vpn.c: replace &buffer[0] (and &buffer2[0], &buf[0]) references in openvpn with straight buffer, for better readability and reduced risk of errors
- router: httpd: correct generation of HTTPS certificate
- router: httpd: wwan.c: fix compiler warning
- router: nvram: defaults.c: cosmetics - rebranding ;)
- router: pdureader: fix compiler warning
- router: utils: robocfg.c - catch up to AsusWRT / Merlin (thx) - one file for both, ARM and MIPS
- GUI: Reverted "Wireless Settings: remove obsolete settings"
- GUI: Wireless Settings: remove obsolete settings (antennas)
- GUI: PPTP Client: increase max length of "server address" to 50 chararacters
- GUI: QOS: fix JS error on View Details page, when view in given class
- GUI: QOS: fix (again) some problems on View Details page
- GUI: QOS: fix table sorting by "Protocol" on View Details page
- GUI: OpenVPN: remove support for the RC ciphers. DES is kept for now, for legacy reasons
- GUI: OpenVPN: Fix vpn-server.asp visible key fields
- GUI: fix at last Wireless Ethernet Bridge mode - just refresh (Ctrl + F5) Basic -> Network page, and click "Save"
- GUI: fix ports order caused by commit #7cb2220 + clean-up
- GUI: add support of WWAN modem signal - use a minimum of 10 seconds of refresh time for best readings on Status -> Overview page
- GUI: add support of multi WAN in modem status
- GUI: add support of SMS inbox for 4G non-hilink/3G modems
- GUI: advanced-routing.asp - add option to force IGMPv2 - cosmetic
- R6250: change LED table + LED table cleanup
- R6300v2: change LED table + LED table cleanup
- R6400: change LED table + LED table cleanup
- R7000: change LED table + LED table cleanup
- R8000: change LED table + LED table cleanup
- WS880: change LED table + LED table cleanup
- RT-N18U: change LED table + LED table cleanup
- RT-AC56U: change LED table + LED table cleanup
- RT-AC68U: change LED table + LED table cleanup
- EA6400: change LED table + LED table cleanup
- EA6700: change LED table + LED table cleanup
- EA6900: change LED table + LED table cleanup
- DIR868L: change LED table + LED table cleanup
- LEDs: stealth mode (part 1) - extend already existing stealth mode and turn off GPIO LEDs - do not start blink / blink_br with stealth mode turned on
- LEDs: stealth mode (part 2) - extend already existing stealth mode and turn off WAN & LAN Port LEDs at the ethernet connectors or front panel/case - reboot is requiered right now after enabling stealth mode! - code/stealth mode will be extended...
- R6250/R6300v2/AC15U/DIR868L: add to stealth mode
- Add support for D-Link DIR868L rev C
- WL: update wireless driver for SDK7 to GPL 382.51374
- Raise revision level to allow initial files install from stock NETGEAR
- Raise revision level to allow initial files install from stock NETGEAR (for SDK7)
2019.1 - 2019.02.27
----------------------------
- OpenVPN: update to 2.4.7
- tor: updated to 0.3.5.8
- dnsmasq: update to 2.80-28cfe36 snapshot (add back ability to compile without IPv6 support to minimize size of dnsmasq (as a patch), cosmetics in other patches, little cleanup in router/Makefile)
- miniupnpd: update to 2.1.20190210
- patches: cosmetics in miniupnpd
- SQLite: update to 3.27.1
- php: update to 7.2.15
- libcurl: update to 7.64.0
- libcurl: Updated CA certificate bundle as of 2019-01-23
- nettle: update to 3.4.1
- adminer: update from 4.7.0 to 4.7.1 2019-01-24
- getdns: update to 1.5.1 (stubby 0.2.5)
- stubby: change round_robin_upstreams to 1
- stubby: add Google DNSoTLS (ipv4/ipv6) to stubby.yml
- tinc: revert: Use git describe to populate autoconf's VERSION
- kernel: drivers: net: usb: rndis_host.c: fix init of the module
- kernel: drivers: net: usb: rndis_host: Set valid random MAC on buggy devices
- kernel: drivers: net: usb: rndis_host: support Novatel Verizon USB730L
- kernel: etherdevice: Use ether_addr_copy to copy an Ethernet address
- kernel: net: netfilter: nf_conntrack_proto_tcp.c: reduce TCP_CONNTRACK_ESTABLISHED default value to 20 minutes
- DDNS: opendns requires now HTTP 1.1 in request header
- router: httpd: fix warnings in compiler; clean-up
- router: httpd: tomato.c: additional commit for #0660a82 and #c1d1c76
- router: httpd: misc.c: cosmetics
- router: mdu: mdu.c: clean-up & simplify some if conditions
- router: mdu: fix compiler warnings
- router: mdu: remove no more needed functions/files/includes
- router: rc: fix warnings in compiler; clean-up
- router: rc: init.c: enable blink on R8000
- router: rc: network.c: include 2nd 5Ghz radio for Wifi LED status for Netgear R8000
- router: rc: network.c: tweak blink startup code for 2nd 5Ghz LED
- router: rc: network.c: turn on/off WiFi status LED according to the overall radio statuses
- router: rc: network.c: tweak conditional for blink startup on 5Ghz radio
- router: rc: network.c: clean-up
- router: rc: network.c: cosmetics
- router: rc: dhcp.c: remove unused variable
- router: rc: dhcp.c: clean-up
- router: rc: ppp.c: add missing TRACE_PT("end\n")
- router: rc: wan.c: cleanup WAN LED control
- router: rc: blink_5g.c: old blink 5g code is obsolete
- router: rc: blink_5g.c: fix popen/pclose
- router: rc: pbr.c: cosmetics
- router: rc: vpn.c: make instance run code handle more than 1 CPU core
- router: rom: etc: remove unneeded .gitignore file
- router: Makefile: add build progress indicator
- router: Makefile: mv huawei_ether to extras if needed, remove unneeded call to patch for nano
- router: Makefile: clean-up, remove unused ntpclient and ntpc
- router: Makefile: add missing pcre make
- router: Makefile: build mysql --without-docs
- router: Makefile: remove unused libsub
- router: Makefile: move udpxy build
- router: Makefile: add pptpd make part
- router: Makefile: add missing make notices
- router: Makefile: move kernel modules to proper directory
- router: Makefile: pptp-client: remove (forgotten) obsolete sh ip scripts
- router: Makefile: don't ln /usr/share to /tmp when samba3 is installed
- router: Makefile: build nginx with http v2 module
- router: Makefile: fix tor build failures
- router: shared: fix warnings in compiler
- router: shared: fix warnings in compiler; clean-up
- router: shared: misc.c: correction of the "if" condition
- router: shared: misc.c: add/fix missing fclose(...) and some cosmetic
- router: shared: misc.c: change/fix function wan_led(int mode) --> call by value
- router: shared: misc.c: fix a few typos (wrong type, pointer by mistake) at function wan_led_off(...) and check_wanup(...)
- router: shared: misc.c: add 2nd 5Ghz LED for R8000
- router: shared: misc.c: tweak behavior of WLAN/5G LEDs
- router: shared: misc.c: cosmetic / optimization
- router: shared: misc.c: fix popen/pclose
- router: shared: led.c: increase value related to gpio indexing limit scheme to cater for Netgears R8000
- router: shared: led.c: extend GPIO pin support from 0-15 to 0-31
- router: shared: led.c: clean-up; remove unused code
- router: shared: shared.h: add missing prototype declaration for function wan_led(...) and wan_led_off(...)
- router: www: basic-ddns.asp: clean-up of vars, remove unneeded js code
- router: www: vpn-client.asp: change allowed server address length to 60 characters (it's amazing that such long addresses exist ...)
- router: www: about.asp: Cosmetics
- vpnrouting: fix cleaning of routing after stopping the OpenVPN client with "Redirect through VPN" checked - not working from the very beginning (commit that adds this function, also responsible for the error: https://bitbucket.org/pedro311/freshtomato-mips/commits/4c75d36f6fb2c1da1de8d7db33e2a91714d045e8)
- switch4g: fix path for DIAG device in qmi_wwan mode
- switch4g: add support for rndis protocol
- DDNS: FreeDNS: add possibility to update IP with custom value as on other services, add https
- DDNS: HE.net IPv6 Tunnel Broker uses now Dyn DNS Update API http://dyn.com/support/developers/api/
- GUI: Wireless Settings: remove obsolete settings
- GUI: Wireless Filter: add a warning about the number of MAC addresses supported + cosmetics
- GUI: fix IPv6 mask matches
- GUI: fix generate vpn client config
- GUI: QOS: hide View Details when QOS is disabled
- GUI: OpenVPN: increase max length of client common name to 255 chararacters
- GUI: add option for OpenVPN server to force IPv4 or IPv6 for connection
- GUI: add option for OpenVPN client to choose IPv4 or IPv6 only connection
- GUI: OpenVPN ServerX & ClientX - restrict option/setting "Poll Interval" to 0-30 minutes (values > 30 are not usefull)
- Add support for Asus RT-AC3200 with 128k NVRAM - new targets: ac3200-128e and ac3200-128z, use CFE, Asus Firmware Restoration, tftp, DD-WRT fw page update, to upload the firmware to the router on Asus OFW (with already changed NVRAM size to 128k)
- R8000: change LED table
- R6400: change LED table
- R7000: change LED table
- R7000 / R6400: WLAN LED cleanup
- EA6700: enable/activate WAN LED
- WS880: WLAN LED cleanup - use blink for WLAN LED (same like for Netgear R7000)
- Improved a little bit build progress indicator
2019.1.015-beta - 2019.01.10
----------------------------
- kernel: ipv6: use ND_REACHABLE_TIME and ND_RETRANS_TIMER instead of magic number
- kernel: ipv6: drop packets when source address is multicast
- kernel: ipv6: don't accept multicast traffic with scope 0
- kernel: ipv6: don't accept node local multicast traffic from the wire
- kernel: ipv6: drop non loopback packets claiming to originate from ::1
- kernel: ipv6: ip6_forward: perform skb->pkt_type check at the beginning
- kernel: ipv6: drop frames with attached skb->sk in forwarding
- kernel: ipv4: ip_forward: perform skb->pkt_type check at the beginning
- kernel: ipv4: ip_forward: Drop frames with attached skb->sk
- kernel: net: ipv4: igmp.c: bonding: fix to rejoin multicast groups immediately
- kernel: net: ipv4: igmp.c: igmp: Reduce Unsolicited report interval to 1s when using IGMPv3
- kernel: net: ipv4: igmp.c: Make igmp group member RFC 3376 compliant
- udpxy: update to 1.0.23-12, clean sources
- udpxy: fix start with PPP connection
- udpxy: extend GUI function (advanced-firewall.asp)
- e2fsprogs: update to 1.44.5
- miniupnpd: update to git snapshot from 20181218
- miniupnpd: do not disable port forwarding when in double NAT / CGNAT
- GUI: adblock: update lists immediately, if called from the GUI
- GUI: MultiWAN Routing: increase the maximum number of digits to 80 for Port
- GUI: tinc: fix errors caused by commits #eadba155 and #9a391ecc
- GUI: basic-ipv6.asp - only small cosmetic changes/corrections
- router: shared: misc.c: make function check_wanup_time() mwan-ready; small change/adjustment to rstats & cstats to use the new function; cosmetic for rstats & cstats at function calc(): add typecast (long) to meet variable wanuptime (long)
- router: httpd: misc.c: use function check_wanup_time(char *prefix) for void asp_link_uptime(int argc, char **argv) to get the link uptime (wanX)
- router: rc: vpn.c: cosmetics - as close as possible to MIPS version
- router: rc: wan.c: cosmetics - stay as close as possible to MIPS version
- router: rc: wnas.c: cosmetics - stay as close as possible to MIPS
- router: rc: tomatoanon.c: cosmetics - stay as close as possible to MIPS version
- router: rc: tinc.c: cosmetics
- dnsmasq: fix router reboots, when connected to wifi with specific configuration (it's (theoretically) only needed in MIPS branch, but who knows)
2018.5 - 2018.12.21
----------------------------
- openssl: updated to 1.0.2q
- openssl: make proper call to openssl Configure script
- gmp: Move .gitignore to proper directory
- adminer: Updated to 4.7.0
- SQLite: Updated to 3.26.0
- xl2tpd: Updated to 1.3.13
- php: updated to 7.2.13
- nginx: updated to 1.14.2
- rp-pppoe: updated to 3.13
- miniupnpd: updated to git snapshot from 20181206
- libcurl: updated to 7.63.0
- libcurl: updated CA certificate bundle as of 2018-12-05
- comgt: clean sources of v 0.32, add patches instead
- GUI: new termlib based tools-shell.asp
- GUI: simple workaround for supporting cd in tools-shell
- router: httpd: tomato.c: fix the correct length of wanX_modem_dev variables
- router: httpd: vpn.c: use system() instead run_program()
- router: www: admin-access.asp: change allowed password length to 60 characters
- router: www: vpn-client.asp: change allowed server address length to 40 characters
- router: www: about.asp: Cosmetics
- router: www: fixes for W3C + some cosmetics
- router: www: qos-classify.asp: change allowed port length to 130 characters
- router: rom: Makefile: decrease number of tries to 1 for wget. It's already in loop
- router: rc: firewall.c: allow responses from the dhcpv6 server (Port 547) to the client (Port 546) (--> add Server Port 547)
- switch4g: fix variable initialization in modemReset() function
- switch3g/switch4g: add info to log about successful PIN verification
- IPv6: extend GUI status page (status-overview.asp) - show IPv6 addresses for interface wan, br0, br1, br2 and br3
- IPv6: DHCPv6 PD: small corrections - fix visibility for "Request /64 subnet for" --> right now only applicable for DHCPv6 with PD (and not for Native/Static IPv6) - cosmetic for ipv6_pdonly visibility
- IPv6: DHCPv6 PD: - override the default EUI-64 address selection and create a very userfriendly address for br0...br3 (--> ends with ::1 now) - cosmetic - add some comments
- IPv6: small change for DNSMASQ DHCPv6 start address (new ::2 up to ::FFFF:FFFF); leave ::1 address for the router interface brX --> used with DHCPv6-PD (WIDE-DHCPv6) now
- WIDE-DHCPv6: Fix manpages This patch fixes wide-dhcpv6 manpages (paths, typos, ...)
- WIDE-DHCPv6: Don't strip binaries This patch prevents wide-dhcpv6 build system from stripping built binaries
- WIDE-DHCPv6: Make sla-len config optional
- WIDE-DHCPv6: Make sla-id config optional
- WIDE-DHCPv6: cflag patch
- WIDE-DHCPv6: Fix parallel make race condition
- WIDE-DHCPv6: Adding ifid option to the dhcp6c.conf prefix-interface statement
- kernel: netfilter: ip6_tables: fix information leak to userspace
- kernel: ipv6: Warn users if maximum number of routes is reached
- kernel: ipv6: fix overlap check for fragments
- kernel: netfilter: ipv6: fix overlap check for fragments
- kernel: bridge: Fix IPv6 multicast snooping by storing correct protocol type
- kernel: bridge: Fix IPv6 multicast snooping by correcting offset in MLDv2
- kernel: bridge: Add missing ntohs()s for MLDv2 report parsing
- kernel: inet6: prevent network storms caused by linux IPv6 routers
- kernel: ipv6: udp: fix the wrong headroom check
- kernel: bridge: mcast snooping, fix length check of snooped MLDv1/2
- kernel: ipv4: correct IGMP behavior on v3 query during v2-compatibility mode
- Revert "leds and stealth mode rework", it should be checked and tested with given router models first
- Updated README.md, "HOW TO COMPILE"
2018.5.083-beta - 2018.11.25
----------------------------
- kernel: drivers: net: usb: qmi_wwan.c: fix CVE-2017-16650
- kernel: net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
- kernel: net: ipv6: accept RA and send RS while configured as router
- kernel: proc/sysctl: fix the int overflow for jiffies conversion
- OpenVPN: add TLS keys generator in GUI for VPN Server. Add ability to generate VPN client configuration for TLS
- dnsmasq: change default dns priority to 'no-resolv'
- dnsmasq: improve insecure ds syslog to handle servers that really do not support dnssec
- dnsmasq: update to 2.80
- stubby: make tls_authentication REQUIRED
- nf_conntrack_rtsp and nf_nat_rtsp: update to version 0.7, correcting nat_rtsp's behavour so it now will strip destination addresses that are not a stunaddr and replace with the masquerade IP of the host.
- tor: Updated to 0.3.4.9
- tor: make tor fully functional, so users can solve xxx.onion website dns and visit tor sites
- nano: Updated to 3.2
- php: updated to 7.2.12
- miniupnpd: update to git snapshot from 20181031 (includes PCP fix)
- tinc: Updated to 1.1pre17
- SQLite: Updated to 3.25.3
- nginx: updated to 1.14.1
- snmpd: Updated to 5.8
- uqmi: update to uqmi-01944dd
- apcupsd: update to 3.14.14
- libubox: update to libubox-c83a84a, clean sources, add patch instead
- libcurl: Updated to 7.62.0
- libcurl: Updated CA certificate bundle as of 2018-10-17
- dropbear: fix from upstream for CVE-2018-15599
- Remove residues in the code after ARIA2
- nano: bindings: when Ctrl+Shift+Delete has no keycode, don't use KEY_BSP
- mssl: Updated cipher list
- mssl: fix ssl context ciphers & options wasn't applied
- mssl: fix CVE-2009-3555, various security improvements
- mdu/mssl: add TLS SNI support
- mdu: fix warnings in compiler + cosmetics
- adblock: clean-up, fixes, improvements
- adblock: decrease timeout for wget to a reasonable value
- adblock: fix race condition when wan is up
- IGMP: Resolve CVE-2012-0207 - Resolve potential for divide by 0, allowing remote attackers to cause a denial of service via IGMP packets
- router: preparation of variables for new version of switch4g/switch3g
- router: preparation of variables for new version of switch4g/switch3g part 2
- router: Makefile: Fix nano not working on dir868l target due to missing library
- router: Makefile: add libnfnetlink-clean target
- router: Makefile: add stubby to targets o (R1D) and dir868l
- router: Makefile: Filter support for PHP needs to be enabled for h5ai
- router: Makefile: fix typo
- btools: libfoo.pl: fix typo
- router: www: qos-graphs.asp: Hide "Zoom Graphs" because it doesn't work anyway
- router: www: status-devices.asp: fix the freeze in Vivaldi browser
- router: www: vpn-tinc.asp: small js fix
- router: www: basic-ipv6.asp AND rc: dhcp.c - some cosmetic - add missing verifcation for lanX_ipv6 - add/change comments (also at file httpd/tomato.c) - add additional check before we request a prefix for br1/br2/br3
- router: www: tomato.js: small fixes
- router: www: red.css: cosmetics
- router: www: Makefile: small fix regarding remove of obsolete stuff from html
- router: www: Makefile: cleanup comments more aggressively
- router: www: Makefile: cosmetics
- router: httpd: increase HTTP_MAX_LISTENERS to 16
- router: httpd: wl.c: fix popen/pclose
- router: httpd: vpn.c: cosmetics
- router: httpd: tomato.c: sync NVRAM variables sequence of OpenVPN Server 1 and Server 2 - add missing default-values for variables "vpn_server1_userpass" and "vpn_server1_nocert"
- router: httpd: tomato.c: cosmetics
- router: httpd: iperf.c: change the location of the pid file
- router: rc: vpn.c: add some comments -protection/cosmetic within function start_vpn_eas() and stop_vpn_eas: add check that i (counter for Server X/Client Y) will always be < 4 before write value to nums[i]
- router: rc: led.c: fix led applet - use proper led in case usb3
- router: rc: init.c: cosmetics
- router: rc: services.c: fix: Static DNS settings broken with WAN disabled (i.e. operating as AP)
- router: rc: network.c: Do not enable IPv6 for 'all', 'eth0', 'eth1', 'eth2' (ethX) - IPv6 will live on the bridged instances
- router: dhcp.c: add some comments -cosmetic -change *lanif to const char (pointer can be changed but not char), because of getifaddr return value (const char*) -remove semicolon after some if-conditions
- router: shared: led.c: also for USB GPIO values in case AC56/68U
- router: shared: defaults.c: change default value for ntp_updates (Auto Update Time) to 1 (Auto interval)
- router: shared: defaults.c: small fix for vpn ca key
- router: config_base: add missing TCONFIG_IPERF
- router: mssl: mssl.c: fix build break on dir868l target
- small fix for IPv6 accept_ra: make it possible to change accept_ra value for WAN and LAN(br0...br3) without reboot/restart of the router
- IPv6: restrict Accept RA from LAN option (with dnsmasq)
- IPv6: small fix/changes for DHCPv6 with Prefix Delegation - let IPv6 RA via WAN take care of adding the default route
- switch3g: change sleep time for switching modem
- switch3g: rework (1/2)
- switch4g: change the sleep time for 2nd type non-hilink modem, before send any command (some devices need this, otherwise they hang)
- switch4g: add more possible options to Network Type and Roaming for 2nd type (qmi-wwan) non-hilink modems
- switch4g: rework
- switch4g: do not search all DIAGS every time - use already found for given device in searchDiag()
- vpnrouting: cosmetics
- GUI: adblock: add warning
- GUI: stubby: add the ability to choose the level of logging
- GUI: add CPU / WL temperature readings in Fahrenheit degrees
- GUI: add feature to generate VPN static key from GUI
- GUI: add warning on OpenVPN server page about needed free NVRAM space
- GUI: add option for OpenVPN LZ4-V2 compression
- GUI: Add IPERF bandwidth test tool with as an option
- GUI: Generation of iperf commandline
- GUI: IPerf: fix some minor JS bugs
- Fix build when valgrind is installed on host
- www: W3C never-ending-story
- Final clean-up of UI files according to the Web Consortium W3C standard
- Fix PHP build when libicu is installed
- Fix build when LZMA is installed on host
- Fix "cannot run test program while cross compiling"
- patches: fix mysql re-check patch
- cosmetic and small updates for IPv6
- Stealth Mode switch for LEDs
- LEDs and stealth mode rework
2018.4 - 2018.09.12
----------------------------
- Preliminary support for Stubby (DNS-over-TLS)
- dnsmasq: Updated to 2.80test6
- openssl: updated to 1.0.2p
- php: Updated to 7.2.9
- tor: Updated to 0.3.3.9
- tinc: Updated to 1.1pre16
- libcurl: Updated to 7.61.1
- libcurl: Fix build failures
- e2fsprogs: Updated to 1.44.4
- libcurl: Updated CA certificate bundle as of 2018-06-20
- adminer: Updated to 4.6.3
- miniupnpd: Updated to 2.1.20180706
- libjson-c: Updated to 0.13.1
- samba: enable PARALLEL_BUILD directive for components
- gmp: optimize gmp build (fix compilation with different autotools version, allow parallel make, don't build demos and doc)
- mdadm: skip building mdadm man pages
- igmpproxy: fix compiler flags, change code optimization to -O3
- dnscrypt-proxy: Updated resolvers csv to 20180709
- Increase the maximum size that is used when reading the ssh-host-key (to 4096 bits)
- OpenVPN: make IPv6 connection possible if IPv6 is enabled
- OpenVPN: extend Server GUI functionality - add option to push LAN(br0)...LAN4(br3) (only if available) - push the suitable DNS Server LAN IP
- radvd: remove leftovers at file router/rc/rc.h (Tomato uses dnsmasq)
- GUI: only include curl as a connection checker, if it's built
- GUI: openvpn: add AES-*-GCM ciphers to the available legacy ciphers
- GUI: add a needed include file for code utilizing bwm-common.js
- GUI: bwm-common.js: fix erroneous change in commit 3e650c1
- GUI: wireless.js: fix erroneous change in commit fe53904
- GUI: do not display rt bw graphs if monitoring has been disabled
- router: Makefile: compile dnsmasq with NO_ID, NO_AUTH and NO_GMP directive + some cosmetics
- router/rc/wan.c: start miniupnpd after httpd/later to avoid disabling IPv6 at miniupnpd startup (does happen sometimes with 2018.3, solves miniupnpd warning "no HTTP IPv6 address, disabling IPv6" at reboot/restart)
- router/rc/transmission.c: sysctl binary is not included in TomatoUSB, write values directly instead
- router/rc/rc.h: fix ARM builds WITHOUT IPv6 support (there is no freshtomato ARM build with IPv4 support only)
- router/rc/firewall.c and rc.h - add function "enable_ndp_proxy()" - Enable NDP Proxy for IPv6 builds - add missing conditional compilation
- watchdog: increase waittime to 3 and max_ttl to 4 in traceroute to reduce false positives
- nocat: Retiring Captive Portal feature
- kernel: netfilter: fix u32 match
- kernel: netfilter: nf_conntrack: fix count leak in error path of __nf_conntrack_alloc
- kernel: netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT
- kernel: netfilter: nf_conntrack: fix early_drop with reliable event delivery
- kernel: netfilter: nf_conntrack: fix ct refcount leak in l4proto->error() (Tomato doesn't have icmp module, but this fix is still relevant)
- kernel: netfilter: nf_conntrack: fix event flooding in GRE protocol tracker
- kernel: netfilter: ip6_route_output() never returns NULL. ip6_route_output() never returns NULL, so it is wrong to check if the return value is NULL
- kernel: netfilter: ip4 ip_queue: Fix small leak in ipq_build_packet_message()
- kernel: netfilter: ip6 ip_queue: Fix small leak in ipq_build_packet_message()
- kernel: netfilter: ipset: dumping error triggered removing references twice
- kernel: netfilter: ebtables: fix wrong name length while copying to user-space
- kernel: logfs: Prevent memory corruption
- kernel: cifs: fix possible memory corruption in CIFSFindNext
- kernel: ARM: 6891/1: prevent heap corruption in OABI semtimedop
- kernel: ext3: Fix error handling on inode bitmap corruption
- kernel: ext2: Fix error handling on inode bitmap corruption
- kernel: mac80211: fix conn_mon_timer running after disassociate
- patches: dnsmasq: log packet resize reports at debug level instead of warning since they are too frequent
- WL: update wireless driver for SDK7 to GPL 382.50470
- Fixing the `uname -r` issue in readme
2018.3 - 2018.06.22
----------------------------
- php: updated to 7.2.7
- dnsmasq: update to 2.80test2
- iptables: updated to to 1.6.2
- libcurl: updated to 7.60.0
- nano: updated to 2.9.8
- sqlite: updated to 3.24.0
- tor: Updated to 0.3.3.7
- xl2tpd: Updated to 1.3.12
- entware: download installer scripts over https
- dnscrypt-proxy: remove unneeded public-resolvers.md file from build
- dnscrypt-proxy: define own timeout and number of tries for wget to use local copy of server list much quicker than with defaults
- www: tools-wol.asp: WOL bugfix
- www/status-overview.asp: fix wireless show/hide state retension
- www: advanced-vlan.asp: cosmetics
- www: status-overview.asp: cosmetics
- router/www: advanced-tor.asp: fix search for specified words
- router/www: advanced-tor.asp: allow to enter "SocksPort" also in Custom Configuration
- router/Makefile: add PARALLEL_BUILD directive to dhcpv6
- router: httpd/rc: fix warnings in compiler
- router: rc: fix warnings in compiler
- kernel: tweak input class modules, removing mouse/joystick support
2018.3.018-beta - 2018.05.27
----------------------------
- OpenVPN: updated to 2.4.6
- php: updated to 7.2.6
- miniupnpd: updated to 2.1
- dnsmasq: updated to 2.80test2
- ipset: updated to 6.38
- nginx: updated to 1.14.0
- nano: updated to 2.9.7
- transmission: updated to 2.94
- snmpd: updated to 5.8.rc2
- e2fsprogs: updated to 1.44.2
- tor: updated to 0.3.3.6
- EBTABLES: updated to master-head as at May 25, 2018
- BRIDGE-UTILS: updated to 1.6 (plus commits in master as at May 7, 2018)
- ntpclient: updated to 2017_246
- Switch from ntpc to ntpclient - Added code to handle previous issues (not update on reboot, etc)
- Transition from using ntpclient (or ntpc) to Busybox ntpd
- Clean ups in ntp start proc
- igmpproxy: update to 0.2.1
- allow IGMPv3 for LAN
- IGMP proxy: add the possiblity for a custom config (instead of the tomato default)
- change label/description "Efficient Multicast Forwarding" at advanced-routing.asp to "Efficient Multicast Forwarding (IGMP Snooping)"
- add function init() to advanced-firewall.asp (use class attribute for IGMP proxy links to open a new tab/window)
- fix typo at IGMP proxy notes section (wrong example value for downstream threshold) --> default to 1
- update for emf-files and igs-files up to Asus 378_4585
- pptpd: clean sources, add patch instead: change number of default connections to 6, fix for wrong location of binaries
- rp-pppoe: clean sources 3.12, add (forgotten) patch instead
- busybox: enable TEE command
- Revert "QOS: fix the # number of Rule doesn't show in QOS Details view."
- router/Makefile: Added symlink to iptables-save command
- router/Makefile: add "--ipv6" to miniupnpd-config AND fix compilation for ARM bring back IPv6 support
- Revert "router/rc/init.c: R8000: invert the default order of ports"
- router/shared/defaults.c: add missing "ipv6_dhcpd" at router/shared/defaults.c and set it to "1" (Enable DHCPv6)
- router/shared/defaults.c: disable "nf_sip" by default (GUI @ Tracking / NAT Helpers SIP - Option Off)
- www: Modified Bandwidth Limiter warnings
- www.tomato.js: fix typo
- www: about.asp: Cosmetics
- BWL: Manipulate waniface only if QoS is Disabled
- fpkg: remove unused variable
- rc/init.c: improve invalid_mac check
- rc/services.c: remove forgotten reference to stop_zebra()
- root dhcp6c: do not open a routing socket that's never used
- dhcpv6: RENEW: ignore advertise messages with none of requested data and missed status codes
- dhcpv6: small code cleanup
- dhcpv6: ignore advertise messages with none of requested data and missed status codes
- dhcpv6: close file descriptors on exec
- dhcpv6: no need for sizeoff(char)
- dhcpv6: Fix a number of resource/memory leaks
- Fixing use of memset
- Fix dhcp6 parallel build failure with poudriere on FreeBSD, by implementing patch from bug 38: https://sourceforge.net/p/wide-dhcpv6/bugs/38/
- Resolve bind(control sock): Address already in use error Patch #1 from: https://sourceforge.net/p/wide-dhcpv6/bugs/36/
- Resolve bind(control sock): Address already in use issue Patch #2 from https://sourceforge.net/p/wide-dhcpv6/bugs/36/
- IGMP - Resolve CVE-2012-0207 - Resolve potential for divide by 0, allowing remote attackers to cause a denial of service via IGMP packets
- Fix potential FILE * resource leak
- Fix bad memset in auth.c
- Allow for NULL termination on variable partname by increasing its size from 16 to 17
- Rework save_variables procedure so that sprintf is not writing to the same variable, in which case the results are considered undefined
- Fix potential FILE * leak in nvram_commit
- minidlna: patch: add missing if() statement MIA/fix in patch
- IPROUTE - Fix a few resource leaks
- fix some build warnings
- Cleanup tree
- Added Dlink DIR868L and Xiaomi R1D to compilation
2018.2 - 2018.04.17
----------------------------
- fix problem with passing Tagged/UNtagged on same port when using default vlan
2018.1 - 2018.04.14
----------------------------
- php: updated to 7.2.4
- php: 'mysql' option is no longer supported in PHP7, changed to 'mysqli'
- OpenVPN: updated to 2.4.5
- openssl: updated to 1.0.2o
- miniupnpd: updated to 2.0.20180412
- miniupnpd: changed the coding to use an interface name instead of an IP/netmask
- nginx: updated to 1.13.12
- Adminer: updated to 4.6.2
- dnsmasq: update to 2.80test1
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=log
- dnscrypt: change update-resolvers script to process v2 resolvers format
- libncurses: updated to 6.1
- nettle: updated to 3.4
- sqlite: updated to 3.23.1
- MiniDLNA: updated to 1.2.1
- New wireless driver for SDK7 (Fixed KRACK vulnerability)
- e2fsprogs: updated to 1.44.1
- nano: updated to 2.9.5
- fixed FTP data connection fails from WAN side when port is not 21
- transmission: updated to 2.93
- ipset: updated to 6.36
- libcurl: updated to 7.59.0
- libcurl: updated CA certificate bundle as of 2018-03-07
- libusb: update to 1.0.22
- usb_modeswitch: updated to 2.52
- libvorbis: updated to 1.3.6
- tor: updated to 0.3.2.10
- dropbear: updated to 2018.76
- xl2tpd: updated to 1.3.11
- pcre: Updated to 8.42
- busybox: changed uname
- router/rc/wan.c: removed "bump wan state file on connect (don't wait watchdog result)"
- router/rc/wan.c: dnsmasq process was receiving a second SIGINT signal. Instead of triggering another DNSSEC time checking, it was killing process
- router/rc/init.c: R7000/R8000: enable Air Time Fairness by default
- router/rc/services.c: fixes issues with httpd
- router/rc/services.c: SIGINT seems to be issued too soon against dnsmasq - wait one second before doing so
- rc/services.c: Connect On Demand could no longer work as designed, due to address 1.1.1.1 becoming a legit recursive DNS server, so a different IP address was chosen for this purpose
- router/Makefile: enabled mini-gmp, saves 4KB
- router/Makefile: disable RAID (mdadm binary)
- Several kernel patches in SDK6 & SDK7
- Changed Tomato versioning
- kernel: updated drivers/net/ modules:
https://bitbucket.org/kille72/tomato-arm-kille72/commits/72befb92d9bf2671de800c2841a583e2c58e9374
https://bitbucket.org/kille72/tomato-arm-kille72/commits/fb421ca0b97e0dedd4e0a2360fd98a1761e80209
- LED: Preliminary support for 2nd 5Ghz LED on R8000
- multiwan: forgotten kernel updates for sdk7
- busybox: add CONFIG_FEATURE_NETSTAT_PRG to configuration, for netstat -p functionality
- GUI: Air Time Fairness support for R7000/R8000
- RT-AC3200: invert the default order of ports
- R8000: invert the default order of ports
- entware: updated installation script
- watchdog: increase curl timeout from 3 to 5 seconds in ckcurl function - on heavy loaded 3G connection it could make false positives
- GUI: fix channel scan function for WiFi
- GUI: fix problem with passing Tagged/UNtagged on same port when using default vlan
- GUI: basic-network.asp: LCP Echo (Interval|Link fail limit) is used also with PPTP, L2TP and PPP3G so let's make it possible to modify
- GUI: add possibility to change default IP (198.51.100.1) where DNS queries send to trigger connect-on-demand
https://bitbucket.org/kille72/tomato-arm-kille72/commits/6d47b63eae4e35f5cbf2375914a2113af61e8d6e
- cstats: fix excess I/O, reduce console spam
https://bitbucket.org/kille72/tomato-arm-kille72/commits/709e23e7f1d6cbb07f125a4227cbe995f2118f88
- libid3tag: fix build/link error on Ubuntu + some additional fixes
- Fixed TOR build on some systems
- Cleanup of unused components from the tree and Makefiles
- www: default theme - original 'usbblue'
- Rebranding to FreshTomato :)
Reference in New Issue View Git Blame Copy Permalink