| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
| |
* add support for destination port & protocol limitations for external feeds (see readme for details),
useful for lan-forward ad- or DoH-blocking, e.g. only tcp ports 80 and 443
* add turris sentinel blocklist feed
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
|
|
| |
Make it more practical to easier get an idea
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The new validation_method option can be: dns, webroot or standalone.
Previously we guessed the challenge type:
1. if the DNS provider is specified then it's dns
2. if standalone=1
3. fallback to webroot
The logic is preserved and if the validation_method wasn't set explicitly we'll guess it in old manner.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The new validation_method option can be: dns, webroot or standalone.
Previously we guessed the challenge type:
1. if the DNS provider is specified then it's dns
2. if standalone=1
3. fallback to webroot
The logic is preserved and if the validation_method wasn't set explicitly we'll guess it in old manner.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
|
| |
|
|
|
|
| |
* final vpn tweaks
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
| |
Signed-off-by: brvphoenix <brvphoenix@gmail.com>
|
| |
|
|
|
|
| |
* minimal fix with reporting interface 'any'
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
|
|
|
|
| |
- ':BOOL' suffix is not needed
- Don't set options which are matching the defaults
- Rename non-existing OT_BORDER_ROUTING_NAT64 to OTBR_NAT64
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
| |
The patch is not needed since it is implemented in
https://github.com/openthread/ot-br-posix/pull/1908
and included into the current version.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
On some builders the package was failing to build:
```
cp: cannot overwrite non-directory '[..]/var' with directory '[..]/var
```
Here we're moving the creation of /var/lib/thread into runtime script,
which eliminates the error.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
| |
rclone has switched to use fuse3 since v1.62.0.
Reported-by: qiuzi <gxfclql@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
XSK support is set to auto by default and on some hosts it is detected as
on and leads to:
```
In file included from dnsdist-backend.cc:32:
xsk.hh:28:10: fatal error: bits/types/struct_timespec.h: No such file or
directory
28 | #include <bits/types/struct_timespec.h>
```
Here we disable XSK so configure will behave more deterministically and
hopefully fix the builders.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
- Update package URLs
- Use local tarball for sources
- Switch to CMake
- Drop obsolete patches including 'minimize' (ipk size +3KB only)
- Add 3 new patches to fix musl, openssl and cmake issues
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Should provide increases in snort3 performance thanks to thread-
caching malloc provided by gperftools. Avg CPU usage is down.
Another user reported higher throughput achieved with snort3
compiled with this on samba transfers on system with CPU-limited
snort3 performance.[1]
1. https://forum.openwrt.org/t/some-help-with-a-makefile-gperftools/165656/22
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
|
|
|
| |
* more re-connections tweaks
* made travelmate generated emails responsive
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog: https://github.com/snort3/snort3/releases/tag/3.1.81.0
,,_ -*> Snort++ <*-
o" )~ Version 3.1.81.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.14
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.13 30 Jan 2024
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3.1
Using Hyperscan version 5.4.2 2024-02-16
Using LZMA version 5.4.6
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
When looping through addrinfo lists in AddrsMatch, keep a copy of the
original addrinfo pointers to free instead of ending up at the terminating
NULLs and trying to free those.
OpenWRT uses musl in which freeaddrinfo(NULL) is not safe (which is
fine, it's not required by the spec) so this fixes a segfault.
Signed-off-by: Darren Tucker <dtucker@dtucker.net>
|
| |
|
|
|
|
|
|
| |
- Switch package URLs to HTTPS
- Use .gz for source archive since .xz is no longer available
- Remove upstreamed patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
| |
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* various vpn optimizations
* remove obsololete trm_maxscan option
* small fixes for net status and captive portal handling
* add an additional login variant to the h-hotels login script
* fix the wifibahn login script work again with wifionice hotspots again
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- license change is now complete, and all code has been re-licensed
under the new license (still GPLv2, but with new linking exception
for Apache2 licensed code).
Code that could not be re-licensed has been removed or rewritten.
- add support for building with mbedTLS 3.x.x
- new option "--force-tls-key-material-export" to only accept clients
that can do TLS keying material export to generate session keys
(mostly an internal option to better deal with TLS 1.0 PRF failures).
- Windows: bump vcpkg-ports/pkcs11-helper to 1.30
- Log incoming SSL alerts in easier to understand form and move logging
from "--verb 8" to "--verb 3".
- protocol_dump(): add support for printing "--tls-crypt" packets
and other fixes
For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.9/Changes.rst
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
|
| |
|
|
|
|
| |
openwrt/packages#23092 )
Signed-off-by: Pierre Parent <m@pierre-parent.fr>
|
| |
|
|
|
|
|
| |
- Add build-time Rust dependency
- Don't set default and rename changed CMake options
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
changelogs:
9.6.10: https://github.com/schollz/croc/releases/tag/v9.6.10
9.6.11: https://github.com/schollz/croc/releases/tag/v9.6.10
9.6.12: https://github.com/schollz/croc/releases/tag/v9.6.10
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
|
| |
|
|
|
|
| |
- Refresh a patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
| |
- Use local tarball
- Remove upstreamed and refresh remaining patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
8dab2ae24c54 neigh: fix potential integer underflow in avl_cmp_neigh()
992f9078b1d5 nfnetlink: fix netlink dump receive logic
ec1a39e53d3f nfnetlink: improve message reception in event callback
0ef61c3bebcb build: convert CMakeList.txt to lowercase
c7616bcfaaef nlbwmon: utilize uloop interval timer if available
Fixes: https://github.com/jow-/nlbwmon/issues/57
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
| |
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Refresh and backport patches so that
- ./python path in the source code takes precedence over the same dir in hostpkg
- OVN LTS version 22.03.5 which depends on Open vSwitch 3.0 can compile
with Open vSwitch 2.17
Fixes: https://github.com/openwrt/packages/issues/22744
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
- Missing --without-nghttp3 was leaking host includes and breaking the build
- Remove or rename deprecated configure options
- Add --disable-libcurl-option to reduce package size
- Use .xz instead of .bz2 for PKG_SOURCE
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This makes mwan3rtmon check if mwan3_get_routes returns a route
before removing it. This helps with IPv6 routes with source address
selector removal where multiple original routes are transformed to
the same mwan3 route if one of the source routes is removed while
the others are kept.
Signed-off-by: Jonas Lochmann <git@inkompetenz.org>
|
| |
|
|
|
|
|
|
|
|
| |
Check the conffile existance (with .conf extension), before calling the
function 'start_path_instance'. This fixes errors with non-existing and
wrong spelling instances.
Signed-off-by: Dirk Brenken <dev@brenken.org>
- Update commit description
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
| |
Without it, using uci to manipulate ipsec config can result in errors,
making it much difficult to use in uci-defaults for example.
Signed-off-by: Glen Huang <me@glenhuang.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increases snort's IPS fast pattern matching by 2x (compared to
the ac_full engine) and 3x (compared to ac_bfna). This is most
noticeable for users of large rules sets and when doing deep flow
inspection.
For more see: https://blog.snort.org/2020/09/snort-3-hyperscan-.html
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This prevents clashes with network addresses that
contain '/'.
Resolves: #18589
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
|
| |\
| |
| | |
openconnect: make host dependency more resilient
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Retry when resolveip fails as it seems to be causing issues
on startup depending on various unpredictable parameters.
Resolves: #23185
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
|
| |\ \
| | |
| | | |
apr/subversion: fix subversion build and apache-mod-php8 build regres…
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
(fixes #23460)
The recent upgrade of apr included a change with should fix the subversion build.
Unfortunately, this fix resulted in a build regression of apache-mod-php8.
The new approach is to pass the locations of the apr config helpers
to configure via parameter.
Fixes: 68dd7b7cf632 ("apr: update to 1.7.4")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Maintainer: @EricLuehrsen
Fixes: CVE-2023-50387, CVE-2023-50868
Release notes: https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
Run tested: BPi-R3, mediatek/filogic, OpenWrt 23.05.2
Signed-off-by: S. Brusch <ne20002@gmx.ch>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-2.8.git;a=shortlog
Signed-off-by: Christian Lachner <gladiac@gmail.com>
|