aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
...
* | | nginx: bump to 1.25.5 releaseChristian Marangi2024-04-21
| | | | | | | | | | | | | | | | | | | | | | | | Bump nginx to 1.25.5 release. Patch automatically refreshed with make package/nginx/refresh. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* | | uwsgi: update Maintainer nameChristian Marangi2024-04-21
| | | | | | | | | | | | | | | | | | Update maintainer name with real name for Christian Marangi. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* | | uwsgi: bump to latest 2.0.25.1 releaseChristian Marangi2024-04-21
| |/ |/| | | | | | | | | | | | | | | Bump to latest 2.0.25.1 release Drop upstream PCRE2 patch and alarm memory leak fix. Rework and refresh patch due to release bump. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* | Merge pull request #23969 from dibdot/curlJosef Schlehofer2024-04-20
|\ \ | | | | | | curl: fix/bump PKG_RELEASE, remove maintainer
| * | curl: fix/bump PKG_RELEASE, remove maintainerDirk Brenken2024-04-20
| | | | | | | | | | | | | | | | | | | | | | | | * make PKG_RELEASE numeric again * made a release bump due to a newly added patch (see https://github.com/openwrt/packages/commit/de4ef9d169a182350796afca778742bf68052af4 for details) * remove maintainer (as requested in #23890 Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | Merge pull request #23963 from dibdot/banIPDirk Brenken2024-04-20
|\ \ \ | | | | | | | | banip: release 0.9.5-1
| * | | banip: release 0.9.5-1Dirk Brenken2024-04-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * added a DDoS protection rules in a new pre-routing chain to prevent common ICMP, UDP and SYN flood attacks and drop spoofed tcp flags & invalid conntrack packets, flood tresholds are configured via 'ban_icmplimit' (default 10/s), 'ban_synlimit' (default 10/s) and 'ban_udplimit' (default 100/s) * the new pre-routing rules are tracked via named nft counters and are part of the standard reporting, set 'ban_logprerouting' accordingly * block countries dynamically by Regional Internet Registry (RIR)/regions, e.g. all countries related to ARIN. Supported service regions are: AFRINIC, ARIN, APNIC, LACNIC and RIPE, set 'ban_region' accordingly * it's now possible to always allow certain protocols/destination ports in wan-input and wan-forward chains, set 'ban_allowflag' accordingly - e.g. ' tcp 80 443-445' * filter/convert possible windows line endings of external feeds during processing * the cpu core autodetection is now limited to max. 16 cores in parallel, set 'ban_cores' manually to overrule this limitation * set the default nft priority to -100 for banIP input/forward chains (pre-routing is set to -150) * update readme * a couple of bugfixes & performance improvements * removed abandoned feeds: darklist, ipblackhole * added new feeds: becyber, ipsum, pallebone, debl (changed URL) * requires a LuCI frontend update as well (separate PR/commit) Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | geoip-shell: remove extra r from PKG_RELEASEHannu Nyman2024-04-20
| |/ |/| | | | | | | | | | | | | | | Remove the unnecessary 'r' from PKG_RELEASE as it is added automatically by the build system to the final versioning. (Current version leads into 'geoip-shell_0.5-rr2_all.ipk') Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* | ntpd: update to version 4.2.8p17Paul Donald2024-04-20
| | | | | | | | | | | | | | | | | | | | | | Also some spell fixes for README.md Drop patch-0001 - ntpd >= 4.2.8p16 patched this behaviour. See: https://bugs.ntp.org/show_bug.cgi?id=3741 (and the linked diff there) https://git.nwtime.org/websites/ntpwww/commit/d2a7faef2fea5f10b28cc2ee1d842e4b241f414f Signed-off-by: Paul Donald <newtwen@gmail.com>
* | udpspeeder: use local tarballsRosen Penev2024-04-19
| | | | | | | | | | | | Simpler, smaller, and avoids PKG_UNPACK. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | tailscale: Update to 1.64.1Zephyr Lykos2024-04-19
| | | | | | | | | | | | <https://github.com/tailscale/tailscale/releases/v1.64.1> Signed-off-by: Zephyr Lykos <git@mochaa.ws>
* | socat: fix compile error when ccache is enabledkrant2024-04-19
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | rsync: support xxhash and lz4Maxim Storchak2024-04-19
| | | | | | | | Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
* | Merge pull request #23943 from rsalvaterra/tor-bumpRui Salvaterra2024-04-19
|\ \ | | | | | | tor: update to 0.4.8.11 stable
| * | tor: update to 0.4.8.11 stableRui Salvaterra2024-04-16
| | | | | | | | | | | | | | | | | | | | | | | | Minor release, see the changelog [1] for what's new. [1] https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.11/ChangeLog Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* | | Merge pull request #23821 from friendly-bits/add_geoip-shellJo-Philipp Wich2024-04-19
|\ \ \ | | | | | | | | geoip-shell: add package
| * | | geoip-shell: add packageAnton Khazan2024-04-16
| |/ / | | | | | | | | | | | | | | | | | | Adds the geoip-shell package to OpenWrt. geoip-shell is a flexible geoip blocker for Linux with a user-friendly command-line interface. Signed-off-by: Anton Khazan <antonk.d3v@gmail.com>
* | | v2ray-geodata: Update to latest versionTianling Shen2024-04-19
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | v2ray-geodata: make PKG_RELEASE numeric againTianling Shen2024-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to the documentation[1] 'PKG_RELEASE' should be a number, so polulate the APK-style 'r' via 'VERSION' instead. 1. https://openwrt.org/docs/guide-developer/packages#buildpackage_variables Fixes: 30796c59485b ("v2ray-geodata: use APK compatible version schema") Reported-by: Sean Khan <datapronix@protonmail.com> Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | curl: fix SSL init with mbedtls 3.6Felix Fietkau2024-04-18
| | | | | | | | | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* | | nginx: Use zst + APK style packaging for modulesSean Khan2024-04-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Generates git tarballs in the new APK style format: Note that `SOURCE_DATE` was added and need to be updated as the commit date of the commit hash Before: ``` nginx-mod-geoip2-1cabd8a1f68ea3998f94e9f3504431970f848fbf.tar.xz nginx-mod-headers-more-bea1be3bbf6af28f6aa8cf0c01c07ee1637e2bd0.tar.xz nginx-mod-brotli-25f86f0bac1101b6512135eac5f93c49c63609e3.tar.xz nginx-mod-rtmp-f0ea62342a4eca504b311cd5df910d026c3ea4cf.tar.xz nginx-mod-ts-ef2f874d95cc75747eb625a292524a702aefb0fd.tar.xz nginx-mod-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.xz nginx-mod-lua-c89469e920713d17d703a5f3736c9335edac22bf.tar.xz nginx-mod-lua-resty-core-2e2b2adaa61719972fe4275fa4c3585daa0dcd84.tar.xz nginx-mod-lua-resty-lrucache-52f5d00403c8b7aa8a4d4f3779681976b10a18c1.tar.xz nginx-mod-dav-ext-f5e30888a256136d9c550bf1ada77d6ea78a48af.tar.xz nginx-mod-ubus-b2d7260dcb428b2fb65540edb28d7538602b4a26.tar.xz ``` After: ``` nginx-mod-geoip2-2020.01.22~1cabd8a1.tar.zst nginx-mod-headers-more-2022.07.17~bea1be3b.tar.zst nginx-mod-brotli-2020.04.23~25f86f0b.tar.zst nginx-mod-rtmp-2018.12.07~f0ea6234.tar.zst nginx-mod-ts-2017.12.04~ef2f874d.tar.zst nginx-mod-naxsi-2022.09.14~d714f163.tar.zst nginx-mod-lua-2023.08.19~c89469e9.tar.zst nginx-mod-lua-resty-core-2023.09.09~2e2b2ada.tar.zst nginx-mod-lua-resty-lrucache-2023.08.06~52f5d004.tar.zst nginx-mod-dav-ext-2018.12.17~f5e30888.tar.zst nginx-mod-ubus-2020.09.06~b2d7260d.tar.zst ``` Run tested: aarch64, Dynalink DL-WRX36, Master Branch Signed-off-by: Sean Khan <datapronix@protonmail.com>
* | | nginx: autoload dynamic modulesSean Khan2024-04-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In current setup, dynamic modules are not autoloaded, requiring users to create and load additional config files. We should assume that if a user installs additional modules, they want them 'on' by default. This commit does the following: 1.) generates a module load config in '/etc/nginx/modules.d' with the format '${module_name}'.module (i.e. /etc/nginx/modules.d/ngx_http_geoip2.module) 2.) deletes previous module conf for 'luci' /etc/nginx/modules.d/luci.module if it exists, this will prevent 'module already loaded' errors. The following is a portion of the final output when using the default uci template `/etc/nginx/uci.conf.template` (via nginx-util): ``` nginx -T -c '/etc/nginx/uci.conf' load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; load_module /usr/lib/nginx/modules/ngx_http_dav_ext_module.so; load_module /usr/lib/nginx/modules/ngx_http_geoip2_module.so; load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so; load_module /usr/lib/nginx/modules/ngx_http_lua_module.so; load_module /usr/lib/nginx/modules/ngx_http_naxsi_module.so; load_module /usr/lib/nginx/modules/ngx_http_ts_module.so; load_module /usr/lib/nginx/modules/ngx_http_ubus_module.so; load_module /usr/lib/nginx/modules/ngx_rtmp_module.so; load_module /usr/lib/nginx/modules/ngx_stream_module.so; load_module /usr/lib/nginx/modules/ngx_stream_geoip2_module.so; ``` Signed-off-by: Sean Khan <datapronix@protonmail.com>
* | | nginx: fix geoip2 dependency on mod ngx_streamSean Khan2024-04-18
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the geoip2 package contains both `http` and `stream` versions. It requires the module `ngx_stream` be installed and loaded and produces the error: ``` 2024/04/12 18:38:18 [emerg] 4402#0: dlopen() "/usr/lib/nginx/modules/ngx_stream_geoip2_module.so" failed (Error relocating /usr/lib/nginx/modules/ngx_stream_geoip2_module.so: ngx_stream_complex_value: symbol not found) in /etc/nginx/module.d/ngx_stream_geoip2.module:1 nginx: configuration file /etc/nginx/uci.conf test failed ``` Add dependency so it's built at build time and installed automatically by `opkg` Signed-off-by: Sean Khan <datapronix@protonmail.com>
* | keepalived: remove file sync handling for ucitrackFlorian Eckert2024-04-16
| | | | | | | | | | | | | | The ucitrack file hanlding was converted to json. Therefore this is not needed anymore. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | Merge pull request #23925 from stangri/master-pbrStan Grishin2024-04-15
|\ \ | | | | | | pbr: bugfix: fix IPv6 interface errors
| * | pbr: bugfix: fix IPv6 interface errorsStan Grishin2024-04-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update license to AGPL-3.0-or-later * rename pbr_get_gateway to pbr_get_gateway4 for better readability * improve IPv6 "gateway" detection/display on start * prevent IPv6 interface errors on start * revert release format Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | squid: update to 6.9krant2024-04-14
| | | | | | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | | cloudflared: Update to 2024.4.0Tianling Shen2024-04-15
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | dnsproxy: Update to 0.69.2Tianling Shen2024-04-15
|/ / | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | hcxdumptool: Update to 6.3.4dracode2024-04-13
| | | | | | | | | | | | | | Version 6.3.4 has some important fixes for the OpenWrt community. This version properly supports Big-Endian systems (which are many); the previous OpenWrt packaged version crashed on such systems. Signed-off-by: dracode <github@dragonbyte.org>
* | adguardhome: update to 0.107.48Shi JiaYang2024-04-13
| | | | | | | | | | | | | | View the release notes for more information: https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.48 Signed-off-by: Shi JiaYang <shi05275@163.com>
* | snort3: update to 3.1.84.0John Audia2024-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Update to latest version 2. Remove redundant section in Makefile Changelog: https://github.com/snort3/snort3/releases/tag/3.1.84.0 ,,_ -*> Snort++ <*- o" )~ Version 3.1.84.0 '''' By Martin Roesch & The Snort Team http://snort.org/contact#team Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved. Copyright (C) 1998-2013 Sourcefire, Inc., et al. Using DAQ version 3.0.14 Using LuaJIT version 2.1.0-beta3 Using OpenSSL 3.0.13 30 Jan 2024 Using libpcap version 1.10.4 (with TPACKET_V3) Using PCRE version 8.45 2021-06-15 Using ZLIB version 1.3.1 Using Hyperscan version 5.4.2 2024-04-10 Using LZMA version 5.4.6 Build system: x86/64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia <therealgraysky@proton.me>
* | rsync: update to 3.3.0John Audia2024-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: https://download.samba.org/pub/rsync/NEWS#3.3.0 $ rsync --version rsync version 3.3.0 protocol version 31 Copyright (C) 1996-2024 by Andrew Tridgell, Wayne Davison, and others. Web site: https://rsync.samba.org/ Capabilities: 64-bit files, 64-bit inums, 64-bit timestamps, 64-bit long ints, no socketpairs, symlinks, symtimes, hardlinks, no hardlink-specials, no hardlink-symlinks, IPv6, atimes, batchfiles, inplace, append, no ACLs, no xattrs, optional secluded-args, no iconv, prealloc, stop-at, no crtimes Optimizations: no SIMD-roll, no asm-roll, no openssl-crypto, asm-MD5 Checksum list: md5 md4 none Compress list: zlibx zlib none Daemon auth list: md5 md4 Build system: x86/64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia <therealgraysky@proton.me>
* | mosquitto: bump PKG_RELEASE since missing in PR #23863David Andreoletti2024-04-13
| | | | | | | | Signed-off-by: David Andreoletti <david@andreoletti.net>
* | pdns: unbreak bigendian buildsPeter van Dijk2024-04-13
| | | | | | | | Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
* | netbird: update to 0.27.3Wesley Gimenes2024-04-13
| | | | | | | | Signed-off-by: Wesley Gimenes <wehagy@proton.me>
* | socat: update to 1.8.0.0krant2024-04-13
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | wget: update to 1.24.5krant2024-04-13
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | snort3: fix issue caused by ucode semantics changeEric Fahlgren2024-04-13
| | | | | | | | | | | | | | | | | | | | | | A recent change in the ucode interpeter caused a failure when using the 'in' operator. https://github.com/jow-/ucode/commit/be767ae197babd656d4f5d9c2d5013e39ddbe656 Reported in a forum post by @graysky2. https://forum.openwrt.org/t/194218/28 Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
* | lighttpd: update to lighttpd 1.4.76 release hashGlenn Strauss2024-04-12
| | | | | | | | Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
* | Merge pull request #23880 from stangri/master-pbrStan Grishin2024-04-12
|\ \ | | | | | | pbr: update to 1.1.4-r15
| * | pbr: update to 1.1.4-r15Stan Grishin2024-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * delete obsolete files/etc/init.d/pbr.init * add files/etc/uci-defaults/91-pbr-iptables to help update from older OpenWrt * add files/etc/uci-defaults/91-pbr-nft to help update from older OpenWrt * update files/etc/uci-defaults/91-pbr-netifd to only add tables to supported ifaces * re-organize variants in the Makefile so that they hopefull work this time * update prerm for all variants for better user experience * update the -netifd prerm to remove leftofver entries from network and rt_tables file In the init script: * add decorations for netifd-interfaces related operations (blue ticks) * add rtTablesFile variables instead of hard-coding the rt_tables file * add function to check if the table is netifd-derived * add error messages/hints for failed interface setup and failed WAN discovery * make cleanup_rt_tables the netifd-compatible * streamline interface_process function with a clearer case statement * rename the interface_process `pre-init` option to `pre_init` to conform to the other functions options naming style Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | Merge pull request #23872 from stangri/master-adblock-fastStan Grishin2024-04-12
|\ \ \ | |_|/ |/| | adblock-fast: improve Makefile's prerm
| * | adblock-fast: improve Makefile's prermStan Grishin2024-04-10
| | | | | | | | | | | | | | | | | | * improve output of Makefile's prerm routines Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | softflowd: add '-b' option to configRafal Macyszyn2024-04-11
| |/ |/| | | | | | | | | - add '-b' option to enable bidirectional flow probing Signed-off-by: Rafal Macyszyn <rafal@v92.pl>
* | pppossh: add option peer_pppd_optionsYousong Zhou2024-04-11
|/ | | | | | | This can be useful for things like making the interface on the peer side fixed with value like `ifname xx` Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* mosquitto: support anonymous user per listenerDavid Andreoletti2024-04-10
| | | | Signed-off-by: David Andreoletti <david@andreoletti.net>
* dnsdist: update to 1.9.3Peter van Dijk2024-04-09
| | | | Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
* Merge pull request #23723 from findlayfeng/fix_proto-bondingFlorian Eckert2024-04-08
|\ | | | | proto-bonding: Modify ipaddr as optional
| * proto-bonding: Modify ipaddr as optionalFindlay Feng2024-03-29
| | | | | | | | | | | | | | | | The configuration of ipaddr in proto-bonding is not necessary, such as adding the bond interface to the bridge or performing pppoe dialing on the bond interface, etc. Signed-off-by: Findlay Feng <i@fengch.me>
Powered by cgit, Themed by Ted Yin.