aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
...
* | | | xray-core: Update to 1.8.10Tianling Shen2024-04-01
| | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | alist: Update to 3.33.0Tianling Shen2024-04-01
| | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | tor: update to 0.4.8.10 stableRui Salvaterra2024-03-31
| |/ / |/| | | | | | | | | | | | | | | | | | | | Bugfix release, see the changelog [1] for what's new. [1] https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.10/ChangeLog Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* | | kmsbd-tools: switch to use tagged releaseAndrea Pesaresi2024-03-31
| | | | | | | | | | | | | | | | | | | | | | | | Instead of checking Git sources, we will use now tagged releases. This solve the strange version 0~3.5.1-r1, now will be 3.5.2-r2 Signed-off-by: Andrea Pesaresi <andreapesaresi82@gmail.com>
* | | netbird: update to 0.26.6jiangslee2024-03-30
| | | | | | | | | | | | Signed-off-by: jiangslee <jiangsili@qq.com>
* | | tailscale: Update to 1.62.1Zephyr Lykos2024-03-30
| |/ |/| | | | | | | | | https://github.com/tailscale/tailscale/releases/tag/v1.62.1 Signed-off-by: Zephyr Lykos <git@mochaa.ws>
* | strongswan: drop unneeded sleep patchPhilip Prindeville2024-03-27
| | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | strongswan: backport upstream MUSL fix for farp_spoofer.cPhilip Prindeville2024-03-27
| | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | strongswan: backport upstream MUSL fix for pf_handler.cPhilip Prindeville2024-03-27
| | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | strongswan: simplify MUSL patchPhilip Prindeville2024-03-27
| | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | strongswan: Update to 5.9.14Philip Prindeville2024-03-27
| | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | uspot: update to Git HEAD (2024-03-25)Thibaut VARÈNE2024-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 56eebdad085e uspot: wrap spotfilter device under tip_mode 1a96d57e5fe0 uspot: client_enable() wrap spotfilter data in tip_mode fe12f9a7abde uspot: clear ratelimit state on startup/shutdown 976badc4d0b6 update README 53b8cb88a94a Makefile: require minimum ucode version ff6163190d5a uspot/portal: report client_enable() failure 8601d9199233 include sample radcli dictionaries c670f6c4b48f update README 094f0df88150 uspot: work around ucode#191 missing in 23.05 Update the package Makefile to reflect the changes from the following above-listed commit: 53b8cb88a94a Makefile: require minimum ucode version Fixes: https://github.com/f00b4r0/uspot/issues/4 Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* | nginx: update to 1.25.4Jan Klos2024-03-26
| | | | | | | | Signed-off-by: Jan Klos <jan@klos.xyz>
* | p910nd: fix running multiple instancesPeca Nesovanovic2024-03-26
| | | | | | | | | | | | | | | | | | | | | | | | | | Compile tested: (ramips, rb760igs, 23.05 snapshot) Run tested: (ramips, rb760igs, 23.05 snapshot, tests done) Description: In case we have multiple device defined in /etc/config/p910nd then init script will try to start multiple instance with same instance name drop instance name as resolution tested on 23.05 snapshot with 2 USB printers Signed-off-by: Peca Nesovanovic <peca.nesovanovic@sattrakt.com>
* | sing-box: update to 1.8.10brvphoenix2024-03-26
| | | | | | | | Signed-off-by: brvphoenix <brvphoenix@gmail.com>
* | sing-box: restart if the specified interfaces start upbrvphoenix2024-03-26
| | | | | | | | Signed-off-by: brvphoenix <brvphoenix@gmail.com>
* | Merge pull request #23681 from jummo/add_ddns_servercowMichael Heimpold2024-03-24
|\ \ | | | | | | ddns-scripts: Add servercow.de as DDNS provider
| * | ddns-scripts: Add servercow.de as DDNS providerPatrick Hemmen2024-03-19
| | | | | | | | | | | | | | | | | | Add servercow.de as dynamic DNS provider provider. Signed-off-by: Patrick Hemmen <jummo4@yahoo.de>
* | | Merge pull request #23716 from stangri/master-https-dns-proxyStan Grishin2024-03-24
|\ \ \ | | | | | | | | https-dns-proxy: prepare migration to APK
| * | | https-dns-proxy: prepare migration to APKStan Grishin2024-03-24
| | | | | | | | | | | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | Merge pull request #23717 from stangri/master-adblock-fastStan Grishin2024-03-24
|\ \ \ \ | | | | | | | | | | adblock-fast: prepare migration to APK
| * | | | adblock-fast: prepare migration to APKStan Grishin2024-03-23
| |/ / / | | | | | | | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | Merge pull request #23715 from stangri/master-nebulaStan Grishin2024-03-24
|\ \ \ \ | | | | | | | | | | nebula: prepare migration to APK
| * | | | nebula: prepare migration to APKStan Grishin2024-03-23
| |/ / / | | | | | | | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | Merge pull request #23714 from stangri/master-pbrStan Grishin2024-03-24
|\ \ \ \ | | | | | | | | | | pbr: prepare migration to APK
| * | | | pbr: prepare migration to APKStan Grishin2024-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * remove dependencies/references to opkg * simplify wan/wan6 discovery Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | | knot-resolver: Update to version 5.7.1Michal Hrusecky2024-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Fixes CVE-2023-50868 and CVE-2023-50387 - Also, the resolver has not been called 'Knot DNS Resolver' for quite some time, so fix that, too. Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
* | | | | knot-resolver: enable dnstap module build by defaultŠimon Bořek2024-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'dnstap' module will be built but not loaded by default at runtime (configuration must be provided for it to be loaded). It is still possible to disable dnstap build manually using menuconfig. "The dnstap module supports logging DNS requests and responses to a unix socket in dnstap format using fstrm framing library. This logging is useful if you need effectively log all DNS traffic."[^1] Adds dependency on 'protobuf', 'protobuf-c', 'libfstrm'. Listed packages are available from OpenWrt packages, have uncomplicated manifests and while 'protobuf-c' doesn't have a maintainer since spring 2020, all the packages (including 'protobuf-c') seem to be maintained - the last updates of all of them in autumn 2021. As stated by Vladimír Čunát from Knot Resolver team they build dnstap while packaging for majority of standard Linux distributions. Therefore this change brings us closer to expected default. [^1]: https://knot-resolver.readthedocs.io/en/stable/modules-dnstap.html Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
* | | | | knot-resolver: do not overwrite -Ddnstap=enabled configurationŠimon Bořek2024-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was possible to enable dnstap in menuconfig, but the configuration only added dependencies while leaving dnstap module build disabled. Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
* | | | | snort3: Fix compilation with GCC 13Hauke Mehrtens2024-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a compile problem with GCC 13. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* | | | | openvpn: update to 2.6.10Ivan Pavlov2024-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a bugfix release containing several security fixes specific to the Windows platform. Bug fixes --------- - Windows: if the win-dco driver is used (default) and the GUI requests use of a proxy server, the connection would fail. Disable DCO in this case. - Compression: minor bugfix in checking option consistency vs. compiled-in algorithm support - systemd unit files: remove obsolete syslog.target Security fixes -------------- - CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation. - CVE-2024-24974: Windows: disallow access to the interactive service pipe from remote computers. - CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
* | | | | netbird: update to 0.26.3jiangslee2024-03-23
| | | | | | | | | | | | | | | | | | | | Signed-off-by: jiangslee <jiangsili@qq.com>
* | | | | tailscale: Update to 1.62.0Zephyr Lykos2024-03-23
|/ / / / | | | | | | | | | | | | | | | | | | | | https://github.com/tailscale/tailscale/releases/tag/v1.62.0 Signed-off-by: Zephyr Lykos <git@mochaa.ws>
* | | | Merge pull request #23684 from stangri/master-pbrStan Grishin2024-03-22
|\ \ \ \ | |/ / / |/| | | pbr: update to 1.1.4-5
| * | | pbr: update to 1.1.4-5Stan Grishin2024-03-20
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This update includes the following changes: 1. Makefile * update copyright * attempt to implement the proper variants to avoid luci-app dependency on both variants * quietly stop service on uninstall 2. Config-file * add the list of dnsmasq instances to target in supported dnsmasq modes * for default pbr variant, set the `resolver_set` to `dnsmasq.nftset` * for iptables pbr variant, set the `resolver_set` to `dnsmasq.ipset` * add the `nft_file_support` (disabled by default) * introduce `procd_boot_delay` to delay service start on boot * introduce the following nft set creation options: * nft_set_auto_merge * nft_set_counter * nft_set_flags_interval * nft_set_flags_timeout * nft_set_gc_interval * nft_set_policy * nft_set_timeout * add the pbr.user.wg_server_and_client custom user script to allow running wg server and client at the same time * add the "Ignore Local Requests" sample policy 3. Hotplug firewall/interface scripts * better logged messages 4. The pbr and pbr-iptables uci defaults script * use functions from the init script * improve vpn-policy-routing migration 5. The pbr-netifd uci defaults script * use functions from the init script * improve uci operations 6. Introduce the firewall.include file 7. Improve pbr.user.aws custom user script 8. Improve pbr.user.netflix custom user script 9. Introduce pbr.user.wg_server_and_client custom user script 10. Update the init file: * refactor some code to allow the init script file to be sourced by the uci defaults scripts and the luci rpcd script for shared functions * add support for `nft_file_mode` in which service prepares the fw4-compatible atomic nft/include file for faster operations on service reload * improve Tor support (nft mode only) * implement support for nft set options * update validation functions for new options/parameters Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | tgt: update to 1.0.91Maxim Storchak2024-03-22
| | | | | | | | | | | | Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
* | | squid: update to 6.8krant2024-03-22
| | | | | | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | | git-lfs: update to 3.5.1krant2024-03-22
| | | | | | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | | git: update to 2.44.0krant2024-03-22
| | | | | | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | | dnsproxy: Update to 0.66.0Tianling Shen2024-03-21
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | cloudflared: Update to 2024.3.0Tianling Shen2024-03-21
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | v2ray-geodata: Update to latest versionTianling Shen2024-03-21
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | v2ray-core: Update to 5.15.1Tianling Shen2024-03-21
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | xray-core: Update to 1.8.9Tianling Shen2024-03-21
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | microsocks: update to 1.0.4Ozan Göktan2024-03-21
| | | | | | | | | | | | Signed-off-by: Ozan Göktan <ozan@goktan.site>
* | | dnsdist: update to 1.9.1 and add maintainerPeter van Dijk2024-03-21
| | | | | | | | | | | | Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
* | | pdns: update to 4.9.0 and add maintainerPeter van Dijk2024-03-21
| | | | | | | | | | | | Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
* | | nginx: Fix compilation with LTOAndreas Gnau2024-03-20
| | | | | | | | | | | | | | | | | | | | | When CONFIG_USE_LTO=y, the int-size detection script will fail because a variable gets optimised out. Mark it as volatile to fix the issue. Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
* | | net/acme-common: Fix example configToke Høiland-Jørgensen2024-03-20
| | | | | | | | | | | | | | | | | | Make sure we quote all strings, and add missing "option" in second example. Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* | | openssh: bump to 9.7p1John Audia2024-03-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Release notes: https://www.openssh.com/txt/release-9.7 Removed upstreamed patch: 010-better_fzero-call-detection.patch Build system: x86/64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia <therealgraysky@proton.me>
Powered by cgit, Themed by Ted Yin.