| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
- Update package URLs
- Use local tarball for sources
- Switch to CMake
- Drop obsolete patches including 'minimize' (ipk size +3KB only)
- Add 3 new patches to fix musl, openssl and cmake issues
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should provide increases in snort3 performance thanks to thread-
caching malloc provided by gperftools. Avg CPU usage is down.
Another user reported higher throughput achieved with snort3
compiled with this on samba transfers on system with CPU-limited
snort3 performance.[1]
1. https://forum.openwrt.org/t/some-help-with-a-makefile-gperftools/165656/22
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
|
|
|
| |
* more re-connections tweaks
* made travelmate generated emails responsive
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog: https://github.com/snort3/snort3/releases/tag/3.1.81.0
,,_ -*> Snort++ <*-
o" )~ Version 3.1.81.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.14
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.13 30 Jan 2024
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3.1
Using Hyperscan version 5.4.2 2024-02-16
Using LZMA version 5.4.6
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
When looping through addrinfo lists in AddrsMatch, keep a copy of the
original addrinfo pointers to free instead of ending up at the terminating
NULLs and trying to free those.
OpenWRT uses musl in which freeaddrinfo(NULL) is not safe (which is
fine, it's not required by the spec) so this fixes a segfault.
Signed-off-by: Darren Tucker <dtucker@dtucker.net>
|
| |
|
|
|
|
|
|
| |
- Switch package URLs to HTTPS
- Use .gz for source archive since .xz is no longer available
- Remove upstreamed patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
| |
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* various vpn optimizations
* remove obsololete trm_maxscan option
* small fixes for net status and captive portal handling
* add an additional login variant to the h-hotels login script
* fix the wifibahn login script work again with wifionice hotspots again
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- license change is now complete, and all code has been re-licensed
under the new license (still GPLv2, but with new linking exception
for Apache2 licensed code).
Code that could not be re-licensed has been removed or rewritten.
- add support for building with mbedTLS 3.x.x
- new option "--force-tls-key-material-export" to only accept clients
that can do TLS keying material export to generate session keys
(mostly an internal option to better deal with TLS 1.0 PRF failures).
- Windows: bump vcpkg-ports/pkcs11-helper to 1.30
- Log incoming SSL alerts in easier to understand form and move logging
from "--verb 8" to "--verb 3".
- protocol_dump(): add support for printing "--tls-crypt" packets
and other fixes
For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.9/Changes.rst
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
|
| |
|
|
|
|
| |
openwrt/packages#23092 )
Signed-off-by: Pierre Parent <m@pierre-parent.fr>
|
| |
|
|
|
|
|
| |
- Add build-time Rust dependency
- Don't set default and rename changed CMake options
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
changelogs:
9.6.10: https://github.com/schollz/croc/releases/tag/v9.6.10
9.6.11: https://github.com/schollz/croc/releases/tag/v9.6.10
9.6.12: https://github.com/schollz/croc/releases/tag/v9.6.10
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
|
| |
|
|
|
|
| |
- Refresh a patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
| |
- Use local tarball
- Remove upstreamed and refresh remaining patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
8dab2ae24c54 neigh: fix potential integer underflow in avl_cmp_neigh()
992f9078b1d5 nfnetlink: fix netlink dump receive logic
ec1a39e53d3f nfnetlink: improve message reception in event callback
0ef61c3bebcb build: convert CMakeList.txt to lowercase
c7616bcfaaef nlbwmon: utilize uloop interval timer if available
Fixes: https://github.com/jow-/nlbwmon/issues/57
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
| |
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Refresh and backport patches so that
- ./python path in the source code takes precedence over the same dir in hostpkg
- OVN LTS version 22.03.5 which depends on Open vSwitch 3.0 can compile
with Open vSwitch 2.17
Fixes: https://github.com/openwrt/packages/issues/22744
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
- Missing --without-nghttp3 was leaking host includes and breaking the build
- Remove or rename deprecated configure options
- Add --disable-libcurl-option to reduce package size
- Use .xz instead of .bz2 for PKG_SOURCE
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This makes mwan3rtmon check if mwan3_get_routes returns a route
before removing it. This helps with IPv6 routes with source address
selector removal where multiple original routes are transformed to
the same mwan3 route if one of the source routes is removed while
the others are kept.
Signed-off-by: Jonas Lochmann <git@inkompetenz.org>
|
| |
|
|
|
|
|
|
|
|
| |
Check the conffile existance (with .conf extension), before calling the
function 'start_path_instance'. This fixes errors with non-existing and
wrong spelling instances.
Signed-off-by: Dirk Brenken <dev@brenken.org>
- Update commit description
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
| |
Without it, using uci to manipulate ipsec config can result in errors,
making it much difficult to use in uci-defaults for example.
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increases snort's IPS fast pattern matching by 2x (compared to
the ac_full engine) and 3x (compared to ac_bfna). This is most
noticeable for users of large rules sets and when doing deep flow
inspection.
For more see: https://blog.snort.org/2020/09/snort-3-hyperscan-.html
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This prevents clashes with network addresses that
contain '/'.
Resolves: #18589
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
|
| |\
| |
| | |
openconnect: make host dependency more resilient
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Retry when resolveip fails as it seems to be causing issues
on startup depending on various unpredictable parameters.
Resolves: #23185
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
|
| |\ \
| | |
| | | |
apr/subversion: fix subversion build and apache-mod-php8 build regres…
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
(fixes #23460)
The recent upgrade of apr included a change with should fix the subversion build.
Unfortunately, this fix resulted in a build regression of apache-mod-php8.
The new approach is to pass the locations of the apr config helpers
to configure via parameter.
Fixes: 68dd7b7cf632 ("apr: update to 1.7.4")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Maintainer: @EricLuehrsen
Fixes: CVE-2023-50387, CVE-2023-50868
Release notes: https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
Run tested: BPi-R3, mediatek/filogic, OpenWrt 23.05.2
Signed-off-by: S. Brusch <ne20002@gmx.ch>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-2.8.git;a=shortlog
Signed-off-by: Christian Lachner <gladiac@gmail.com>
|
| |\ \ \
| |/ /
|/| | |
adblock-fast: add force_dns_interface setting
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
* allow users to specify list of interfaces/networks to force the
DNS Hijacking on
Signed-off-by: Stan Grishin <stangri@melmac.ca>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
changelog:
- Fix some FD leaks (#334, thanks to @giuseppe)
As package belongs to network category, I moved it from utils to network folder
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes CVEs:
- CVE-2023-50387: Validating DNS messages containing a lot of DNSSEC signatures
could cause excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof could cause
excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-4408: Parsing DNS messages with many different names could cause
excessive CPU load.
- CVE-2023-5517: Specific queries could cause named to crash with an assertion
failure when nxdomain-redirect was enabled.
- CVE-2023-5679: A bad interaction between DNS64 and serve-stale could cause
named to crash with an assertion failure, when both of these features were
enabled.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
changelogs: https://github.com/containers/aardvark-dns/releases
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
changelogs: https://github.com/containers/netavark/releases
wrapper script and config file removed as they have become obsolete,
firewall driver is now configured in containers.conf
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
|
| | |/
|/|
| |
| |
| |
| | |
changes: https://github.com/netbirdio/netbird/compare/v0.25.2...v0.25.8
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
|
| | |
| |
| |
| | |
Signed-off-by: Paul Donald <newtwen@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
softethervpn5: The softethervpn5 package is due for an update from recent source. This PR implements a Makefile update to pull December 2023 release, which includes fixes for recently-disclosed vulnerabilities. The build patches are also updated accordingly.
Signed-off-by: Thomas Winkler <tewinkler86@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Maintainer : myself
Build system : Arch Linux x86_64
Build tested : r7800 OpenWrt git master (r25151-2a2abed0be)
Run tested : r7800 OpenWrt git master (r25151-2a2abed0be)
Signed-off-by: Daniel Bermond <dbermond@archlinux.org>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
- Add missing 'ucode' package dependency
- Proto-ify the ConfigItem objects
- Fix indentation and tab usage
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |/
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|