| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Set the score value to the maximum value when the connected function is
called. The same happens with a disconnected event, the score value is
there set to zero.
Suggested-by: Anna Tikhomirova <vamp@vampik.ru>
Suggested-by: Maxim Mikityanskiy <maxtram95@gmail.com>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Refactoring the score handling, so that only one action could take place
during run. The behaviour should be more comprehensible, since several
score actions are not processed at the same time.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* fixed a log parser regression introduced in latest 0.8.4 update
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma GĂ©rald <gandalf@gk2.net>
Run tested: ipq40xx/generic, Fritzbox 4040, Openwrt 22.03.5
Update crowdsec-firewall-bouncer to latest upstream release version 0.0.26
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Upstream bump
Removed upstreamed patch: 900-fix_build_for_archs_contain_plus.patch[1]
1. https://github.com/snort3/snort3/commit/4de62ca9b9bfea4049ebe373a07076284b121bfe
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-2.6.git;a=shortlog
Signed-off-by: Christian Lachner <gladiac@gmail.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | |/ / /
|/| | |
| | | |
| | | | |
Signed-off-by: Nick Peng <pymumu@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add support for external allowlist URLs to reference additional IPv4/IPv6 feeds, set 'ban_allowurl' accordingly
* make download retries in case of an error configurable, set 'ban_fetchretry' accordingly (default 5)
* small fixes
* readme update
* LuCI update (separate commit)
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix compilation error for stream module not converted to use the PACKAGE
config flag and a missing required dependency for the DAV ext module.
Drop additional config for STREAM module since they are now included and
built by default.
Fixes: 65a676ed56fb ("nginx: introduce support for dynamic modules")
Fixes: #20906
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
LuCI is no longer powered by lua, but ucode
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| |\ \ \
| | | |
| | | | |
pbr: update to 1.1.1-1
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
*** MAKEFILE ***
* remove libubus dependency as it was causing issues
https://forum.openwrt.org/t/policy-based-routing-pbr-package-discussion/140639/318
* move firewall hotplug directory/file creation out of default section into
pbr and pbr-iptables packages sections in preparation for dropping it from pbr
* fix no new line after output when uninstalling packages
*** UCI-DEFAULTS ***
* only add firewall include to firewall config if the include file exists
* add shellcheck exception to netifd uci-defaults file
*** SCRIPTS ***
* more informative logging for firewall and iface hotplug scripts
* more informative logging for firewall include script
*** SERVICE ***
* introduce lock-file to prevent package starting on external events if it hasn't
been auto- or manually started before
* use the `ip`, not `ip-full` command to prevent errors on OpenWrt 21.02
* parse firewall WAN zone to append list of interfaces
* append error and warning "arrays" with new messages
* used shared memory to store the service output/logging messages
* improve is_ovpn function to filter out false positives when interface names started
with `tun`
* introduce is_valid_ovpn to find OpenVPN tunnels where the device name in OpenVPN config
matches the device name in network config
* introduce opkg_get_version to compare versions of principal and luci packages
* better code to obtain AdGuardHome version with betas installed
* optimize code and add better logging for errors when inserting policies with iptables
* optimize code and add better logging for errors when inserting policies with nft
* bugfix: insert policies in all specified protocols
* bugfix: support using physical devices in policies in nft mode
* bugfix: use iptPrefix, not nftPrefix in iptables commands
* implement Tor support in nft mode
* bugfix: fix spelling for User File Syntax error
* restart service fully (instead of quick reload) for OpenVPN interface events, as
the order/number of supported interfaces
* more verbose output (showing handles) of status in nft mode
* improve `icmp_interface`, `ignored_interface`, `supported_interface` validation
regexes
* improve `interface`, validation regex
Signed-off-by: Stan Grishin <stangri@melmac.ca>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* fix remaining small issues
* standardize log wording
* polished up for branch 23.x
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add housekeeping to the autoallow function, only the current uplink will be held
* fix small issues
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Addition of routes to mwan3_connected ipset is broken. The ipset name was
changed from mwan3_connected_v4/6 to mwan3_connected_ipv4/6, but this
change was not reflected in mwan3rtmon.
Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
* Update commit message
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Addition of iptables rules for mwan3 sticky rules is broken, resulting
in non-working sticky rules. The required parameters for the function
'mwan3_set_sticky_iptables' were passed in the wrong order.
Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
* Update commit message
* Quoting function arguments
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add the option 'ban_autoallowuplink' to limit the uplink autoallow function: 'subnet' (default), 'ip' or 'disable'
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |\ \ \ \
| | | | |
| | | | | |
simple-adblock: implement curl_additional_param compressed_cache_dir
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* curl_additional_param: to pass additional parameters (like proxy) to curl
* compressed_cache_dir: where to store compressed cache in non-volitile memory
Signed-off-by: Stan Grishin <stangri@melmac.ca>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Configure the openssh server to respawn. Reload by sending SIGHUP
Signed-off-by: Erik Karlsson <erik.karlsson@genexis.eu>
|
| | |/ / /
|/| | |
| | | |
| | | | |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* fix domain lookup function (parse banIP config vars)
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Release Notes:
https://github.com/libreswan/libreswan/releases/tag/v4.10
Fixes: CVE-2023-23009
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Rename nginx-all-module to nginx-full to follow pattern used by other
package and other projects.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update nginx to 1.24.0 and update headers-more module to fix compilation
error.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update lua module to latest openrestry version. Additional config are
required to correctly use it.
Switch it to luajit from liblua as this is what is currently supported
for the module since plain lua support was dropped from the module.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Start building sub package that provide dynamic modules.
Each module needs to be loaded using load_modules.
Refer to nginx documentation on how to use this.
This should result in lower memory usage as only used module are loaded.
Also fix the uci-default scripts to add the required ubus module for
luci module.
-fvisibility=hidden is needed to be dropped to correctly support loading
dynamic modules.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add support for loading dynamic module in uci template by adding .module
file in module.d directory.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
opkg runs uci-defaults if a package installs one, in acme-common's case
that's identical to postinst.
prerm shouldn't be run a image builder, so it's unnecessary to check
IPKG_INSTROOT
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Release Notes:
https://software.es.net/iperf/news.html#iperf-3-13-released
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This fixes "permission denied" error when access files as a normal user.
Reported-by: Anya Lin <hukk1996@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Changelog can be found here:
https://sourceforge.net/projects/iperf2/files/
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The root user is usually the user that clients ssh into with, so in most
cases its authorized_keys determines what clients are allowed to ssh
into this device. Without preserving this file, they could potentially
be locked out after upgrading.
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Without these charon will warn with messages like:
plugin 'kdf': failed to load - kdf_plugin_create not found and no plugin file available
plugin 'drbg': failed to load - drbg_plugin_create not found and no plugin file available
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
strongswan: enable nonce unconditionally
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Without nonce, charon won't start, so it's not an optional plugin. I
asked one of the strongSwan maintainers (ecdsa), and he confirmed this:
> It definitely has to be enabled unconditionally. The only other
> provider for the NONCE_GEN plugin feature is in charon-tkm, so
> completely irrelevant on OpenWrt
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Upstream bump
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add support for a custom feeds file (/etc/banip/banip.custom.feeds). Add new or edit existing banIP feeds on your own with the integrated custom feed editor (LuCI-component
* add a new option 'ban_blockpolicy' to overrule the default bblock policy (block all chains), see readme for details
* change the feed file format and add a new ipthreat feed, see readme
* refine (debug) logging
* multiple small fixes and improvements
* readme update
* luci update (separate commit)
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Changelog: https://github.com/cifsd-team/ksmbd-tools/releases/tag/3.4.8
Maintainer: nobody
Compile tested: Mediatek filogic, Asus TUF AX4200, lastest master
Run tested: Mediatek filogic, Asus TUF AX4200, lastest master
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Link: https://github.com/openwrt/packages/pull/20647
Signed-off-by: Kirill Fertikov <kirill.fertikov@gmail.com>
[indentation fix]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
strongswan: local_gateway unused in swanctl.init
|