Jo-Philipp Wich
ecc95dcba8
firewall: update to git head ( #13652 )
...
- simplifies using ipsets for rules and redirects, match direction can be specified in-place like option ipset 'setname src dst dst'
- uses zone_name_src_ACTION chains for input rules, this fixes logging with log enabled src zones
SVN-Revision: 36854
2013-06-05 11:40:40 +00:00
Jo-Philipp Wich
0a74d9d5c3
firewall3: fix accidentally changed install directive
...
SVN-Revision: 36840
2013-06-04 12:30:50 +00:00
Jo-Philipp Wich
07a3110e88
firewall: fix git source url
...
SVN-Revision: 36839
2013-06-04 12:23:47 +00:00
Jo-Philipp Wich
b721c92221
firewall3: rename to firewall, move into base system menu, update to git head with compatibility fixes for AA
...
SVN-Revision: 36838
2013-06-04 12:21:52 +00:00
Jo-Philipp Wich
0dd6753c09
Drop legacy firewall package
...
SVN-Revision: 36837
2013-06-04 12:21:44 +00:00
Jo-Philipp Wich
6f60308257
firewall3: update to git head ( #13641 )
...
* Fixes wrong chain used for zone forward policy
SVN-Revision: 36830
2013-06-04 10:26:49 +00:00
Jo-Philipp Wich
6eeca5176e
firewall3: update to git head
...
- Fixes problems with reusing matches or targets from loadable extensions
SVN-Revision: 36826
2013-06-03 16:38:29 +00:00
Felix Fietkau
8c69057980
uhttpd: update to latest version, fixes CGI related crashes
...
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 36817
2013-06-01 21:43:06 +00:00
Steven Barth
089d6612ce
6relayd: Work around Windows DHCPv6 quirks Announcing deprecated addresses breaks Windows clients
...
SVN-Revision: 36815
2013-06-01 17:51:02 +00:00
Steven Barth
7ae506c7d4
odhcp6c: work around spurious false-positive address DECLINEs
...
SVN-Revision: 36809
2013-05-31 13:49:17 +00:00
Jo-Philipp Wich
3bb397c997
firewall3: use list notation for default zone network config to avoid "uci add_list" coercing the value wrongly
...
SVN-Revision: 36806
2013-05-31 13:23:23 +00:00
Steven Barth
bf582fbb7b
odhcp6c: fix handling of multiple RAs in a row
...
SVN-Revision: 36804
2013-05-31 10:02:39 +00:00
Steven Barth
cdc3caf533
6relayd: Better compatibility with misbheaving DHCPv6 clients * Make the "best" address / prefix the first one being announced * Only add the "best" address to the hosts-file
...
SVN-Revision: 36772
2013-05-30 15:42:30 +00:00
Steven Barth
519f27cd33
netifd: updated IPv6 prefix delegation * Added support for prefix classes * Various bugfixes
...
SVN-Revision: 36771
2013-05-30 15:42:25 +00:00
Felix Fietkau
02fe12c00d
uhttpd: update again to fix a ubus plugin crash bug
...
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 36770
2013-05-30 13:16:38 +00:00
Felix Fietkau
eeb7fdc13e
uhttpd: update to latest version, fixes script timeout for ubus requests
...
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 36767
2013-05-30 10:44:20 +00:00
Steven Barth
dc6625f977
6relayd: more verbosity in leases and logging
...
SVN-Revision: 36764
2013-05-30 07:56:55 +00:00
Steven Barth
56a3396bf2
iptables: bump to 1.4.19.1
...
SVN-Revision: 36760
2013-05-29 14:58:04 +00:00
Steven Barth
439fdd4d65
netifd: fix IPv6-addresses disappearing due to lifetime-overflows
...
SVN-Revision: 36748
2013-05-28 18:32:01 +00:00
Steven Barth
23b3cebd56
odhcp6c: fix or debug disappearing IPv6 addresses
...
SVN-Revision: 36745
2013-05-28 16:28:14 +00:00
Felix Fietkau
e6250644be
mac80211: add support for "active" monitor interfaces which allow userspace tools to connect to APs via injection
...
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 36743
2013-05-28 11:10:41 +00:00
Steven Barth
61c0c6ab68
6relayd: RFC 6204 and naming improvements * Announce delegated prefixes using route info according to RFC 6204 L-3 * Enable hybrid stateless + stateful DHCPv6-mode as default
...
SVN-Revision: 36738
2013-05-27 20:38:13 +00:00
Jo-Philipp Wich
63603ee478
firewall3: update to git head
...
- allows building without IPv6 support
- uses more robust rules to cope with missing libext.a
- uses better linking strategy to avoid symbol clashes with older iptables
- introduces source compatiblity layer for different libxtables versions
SVN-Revision: 36736
2013-05-27 15:13:19 +00:00
Jo-Philipp Wich
e4f8c38ed1
firewall3: update to git head
...
- allows symbolic notation for src_ip, src_dip and dest_ip options, e.g. option src_ip 'lan' to automatically resolve to "192.168.1.0/24"
- automatically infer destination zone for redirects from target ip, this makes 'dest' optional and nat reflection setup more robust
- properly support output rules with dest '*' to hook directly into delegate_output
- fixes crash when processing rules with unresolved targets
SVN-Revision: 36721
2013-05-26 15:48:04 +00:00
Steven Barth
f63064a257
6relayd: Fix DHCPv6-server picking up addresses from master interface
...
SVN-Revision: 36718
2013-05-26 10:06:02 +00:00
Jo-Philipp Wich
90887b5fb3
firewall3: update to git head
...
- fixes linking issues with some toolchains
SVN-Revision: 36703
2013-05-24 12:49:06 +00:00
Steven Barth
d8d7d7f4aa
6relayd: fix a lease-timing issue with stateful DHCPv6
...
SVN-Revision: 36702
2013-05-24 12:31:30 +00:00
Jo-Philipp Wich
c1ff8cd9bb
firewall3: update to git head
...
- Use weak references for instantiating libext*.a matches, makes fw3 independant from the compile time features of iptables
- Do not leak memory when processing rules with unknown targets or matches
SVN-Revision: 36698
2013-05-23 13:07:44 +00:00
Felix Fietkau
75bb3138aa
uhttpd: update to latest version, fixes #13564 , #13560 , improves error handling as pointed out in #13537
...
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 36696
2013-05-23 10:50:42 +00:00
Steven Barth
32c6ffb5a1
firewall3: Remove abandonend include
...
SVN-Revision: 36692
2013-05-23 06:38:25 +00:00
Jo-Philipp Wich
b757ca2259
firewall3: update to git head
...
- fix build on Linux < 3.7
- limit zone names to 14 bytes
SVN-Revision: 36691
2013-05-22 14:15:53 +00:00
Steven Barth
9c3ac668e0
6relayd: Let OpenWrt override default CFLAGS
...
SVN-Revision: 36690
2013-05-22 11:58:54 +00:00
Jo-Philipp Wich
c12189b379
firewall3: update to git head
...
- fixes reload when firewall is not running already
- fixes crash when ipsets are supported but undeclared
- fixes handling of per zone user chains on reload
SVN-Revision: 36689
2013-05-22 11:37:41 +00:00
Steven Barth
9d115df749
6relayd: Fix a segfault when multiple downstream interfaces are present
...
SVN-Revision: 36687
2013-05-21 18:05:37 +00:00
Jo-Philipp Wich
dd83e87ab0
firewall3: update to git head
...
- fixes segfault in flush command if ipset support is not available
- fixes internal rule generation if custom chains are enabled
SVN-Revision: 36686
2013-05-21 14:49:37 +00:00
Jo-Philipp Wich
6eec8009ba
ipset: remove dependency on iptables-mod-ipset - technically it does not depend on it and the iptables matches are now part of the base
...
SVN-Revision: 36685
2013-05-21 13:00:28 +00:00
Jo-Philipp Wich
9b6c31d4cc
firewall3: move libext*.a copying to compile phase
...
SVN-Revision: 36684
2013-05-21 12:58:36 +00:00
Jo-Philipp Wich
8df6cd005c
netfilter: move time, mark, set matches and MARK, REDIRECT, SET targets into base iptables package - drop iptables-mod-ipset
...
SVN-Revision: 36683
2013-05-21 12:58:15 +00:00
Jo-Philipp Wich
e8050c6c35
firewall3: update to git head
...
* use libiptc and libxtables directly to manage ruleset, iptables-restore is unreliable and prone to race conditions
* make ipset integration more reliable
SVN-Revision: 36681
2013-05-21 10:15:14 +00:00
Jo-Philipp Wich
a9a9644efd
iptables: use -ffunction-sections, -fdata-sections and --gc-sections
...
SVN-Revision: 36680
2013-05-21 10:15:10 +00:00
Steven Barth
24c39ddcf7
odhcp6c: Various fixes * Honour T1 and T2 values from servers better * Correctly send Reconfigure-Accept option in requests
...
SVN-Revision: 36678
2013-05-21 09:13:48 +00:00
Steven Barth
37baf2d6b2
6relayd: Various DHCPv6-fixes * Be more standards-compliant in stateful mode * Handle hostnames from Windows-clients correctly * Handle messages from DHCPv6-relays better
...
SVN-Revision: 36677
2013-05-21 09:13:40 +00:00
Steven Barth
c6f70381c9
odhcp6c: Fix address / prefix expiry logic
...
SVN-Revision: 36675
2013-05-20 14:54:20 +00:00
Steven Barth
dd161ae62b
dnsmasq: add directory for external hosts-files
...
SVN-Revision: 36655
2013-05-17 14:44:12 +00:00
Steven Barth
334c40da14
6relayd: Add stateful DHCPv6-support (IA_NA) * Add management_level option (0: set O-flag, >=1: set M-flag) * Add support for static DHCPv6-leases * Various fixes for DHCPv6-PD
...
SVN-Revision: 36654
2013-05-17 14:44:07 +00:00
Steven Barth
0f1be4425f
netifd: Unify interface-based routing for IPv4 and IPv6 * Add interface option to set routing table for protocol routes * Enabled for IPv6 for source-based filtering, disabled for IPv4
...
Based on a patch by Kristian Evensen. Thank You.
SVN-Revision: 36653
2013-05-17 14:44:02 +00:00
Felix Fietkau
7365e647f6
uhttpd: update to latest version, fixes index page processing order
...
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 36644
2013-05-16 11:38:19 +00:00
Luka Perkov
4fc8e64a40
iproute2: workaround compile issues with gcc 4.8.x
...
SVN-Revision: 36642
2013-05-16 00:04:48 +00:00
Steven Barth
a62ca72309
odhcp6c: Fix handling of RAs when no DHCPv6-server is present
...
SVN-Revision: 36641
2013-05-15 11:07:01 +00:00
Luka Perkov
580481cd6d
iproute2: upgrade to 3.9.0
...
SVN-Revision: 36638
2013-05-14 23:49:34 +00:00