aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
...
* | | | | Merge pull request #4709 from kdarbyshirebryant/nlbwmontweakJo-Philipp Wich2017-08-16
|\ \ \ \ \ | | | | | | | | | | | | nlbwmon: preserve protocols mapping across sysupgrade
| * | | | | nlbwmon: preserve protocols mapping across sysupgradeKevin Darbyshire-Bryant2017-08-14
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Define package config files to preserve /usr/share/nlbwmon/protocols across sysupgrade Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* | | | | ntpd: move ntpq to ntp-utilsPeter Wagner2017-08-16
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | acme: Make sure postrm script doesn't failToke Høiland-Jørgensen2017-08-16
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* | | | | gnurl: update to version 7.55.0Daniel Golle2017-08-15
|/ / / / | | | | | | | | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | shadowsocks-libev: setting mode with default value tcp_onlyYousong Zhou2017-08-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the default value taken by ss-server and ss-redir. After this change ss_rules section can still use those ss-redir instances who do not have mode explicitly specified. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | | | Merge pull request #4695 from dibdot/patch-1champtar2017-08-12
|\ \ \ \ | | | | | | | | | | dnscrypt-proxy: change start priority
| * | | | dnscrypt-proxy: change start priorityDirk Brenken2017-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | * adapt start priority to the new trigger based setup Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | | | Merge pull request #4696 from dibdot/travelmateHannu Nyman2017-08-12
|\ \ \ \ \ | | | | | | | | | | | | travelmate: update to 0.9.2
| * | | | | travelmate: update to 0.9.2Dirk Brenken2017-08-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * backend: fix typo in log message * frontend: add/modify input datatypes in 'extra' section * frontend: add support to edit/change wpa enterprise key phrases * frontend: various small fixes Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | | | | Merge pull request #4690 from val-kulkov/subversion-packageHannu Nyman2017-08-11
|\ \ \ \ \ \ | | | | | | | | | | | | | | subversion: update to 1.9.7
| * | | | | | subversion: update to 1.9.7Val Kulkov2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a straightforward update to the latest version that fixes a security issue per CVE-2017-9800: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* | | | | | | git: update to 2.14.1Peter Wagner2017-08-11
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: CVE-2017-1000117 Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | | Merge pull request #4688 from TDT-GmbH/mwan3-featuresHannu Nyman2017-08-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | net/mwan3: add new feature and bug fixes
| * | | | | | net/mwan3: update versionFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: add hotplug script for hidden self interface generationFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new globals config section with option local_source. With this config option the self interface generation will be done now automatically on hotplug event. You can specify which interface (ip) sould be used for router traffic. To replace the self intereface in the config set local_source to "lan". The default option is none, so it will not change default behavior if a "self" interface is configured in the network section. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: add Makefile postinst and postrm for rpcdFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restart rpcd on package install/remove Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: fix ipset generation in hotplug script with an lockFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix critical section during hotplug events. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: fix ubus json datatypFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: expand ubus to show when last mwan3track check was doneFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To know how old the ubus output is, add an age parameter which indicats how old the check informations on the interface are. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: on startup mark interface online only if track_ip are reachableFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new interface config option "inital_state". If interface comeing up the first time(mwan3 start, boot), there are now two option for interface behaviour: - online (default as is now) Set up interface regardless wether tracking ip are reachable or not. - offline Set up interface first to ping tracking ip and if they are reachable set up the interface completely. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: fix ping issue if last interface recovers from failureFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Even though error was fixed the interface checks still fails, if last_resort was set to blackhole or unreachable. To fix this issue do not remove failure interface from iptables change on down event. Reported-by: Colby Whitney <colby.whitney@luxul.com> Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: move mwan3track clean up to mwan3 cmdFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is usefull to see the last state of the interface with ubus. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: remove unused global definitionFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: fix mwan3track kill executionFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If two interface have the same prefix "wan" for example "wan" and "wan1" pgrep returns the PID for wan1 also "pgrep -f mwan3track wan". Before this fix "wan1" was also killed! This is not what we want. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: fix ubus output for mwan3track running stateFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix ubus output for mwan3track running state Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: change logging output on hotplug interface eventFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change logging output on hotplug interface event Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: add option keep_failure_interval on failureFlorian Eckert2017-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new boolean interface config param to keep ping failure interval during interface failure state. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | net/mwan3: add process PID to LOG outputFlorian Eckert2017-08-10
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Update log output macro to show PID during logging Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* / | | | | wireguard: bump to release 0.0.20170810Kevin Darbyshire-Bryant2017-08-10
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | Compile & run tested: ar71xx: archer c7 v2 Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* | | | | Merge pull request #4679 from dibdot/dnscrypt-proxyHannu Nyman2017-08-09
|\ \ \ \ \ | | | | | | | | | | | | dnscrypt-proxy: mute needless warnings
| * | | | | dnscrypt-proxy: mute needless warningsDirk Brenken2017-08-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * print only 'missing plugins support warning' if user really configured 'blacklist' or 'block_ipv6' parameter. Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | | | | Merge pull request #4670 from larsi-org/masterHannu Nyman2017-08-08
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | mwan3: allow to change mwan3's MARKing mask
| * | | | | mwan3: allow to change mwan3's MARKing maskLars Schumann2017-08-04
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Lars Schumann <larsi.org@gmail.com>
* | | | | | Merge pull request #4678 from pprindeville/bind-update-9.11.2Noah Meyerhans2017-08-08
|\ \ \ \ \ \ | | | | | | | | | | | | | | Bind update 9.11.2
| * | | | | | bind: fixes for openssl 1.1.0 thread compatibilityPhilip Prindeville2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
| * | | | | | bind: version update to 9.11.2Philip Prindeville2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also refresh patches and dependencies. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | | | | | | net/nmap: Avoid linking libssh2 unintentionallyDaniel Engberg2017-08-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Explicitly tell nmap not to link libssh2 if its available, fixes buildbot failure. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* | | | | | | strongswan: use -eq when testing booleansStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: convert init script to procdStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: check return value instead of outputStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the strongswan service is running, `ipsec status` returns 0. Check the return value instead of checking its output. While at it, remove the [[ ]] bashism, use rereadall instead of (reread)secrets, and move it inside the if statement. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: remove checks for UCI configStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In commit 36e073d8201fe7cf133ef3eea41f8855c3344c71, some checks were added to see if the UCI config file exists and if there are any peers configured in it. Due to these checks, if /etc/config/ipsec exists, but contains no enabled peers, strongswan will not be started. This is not ideal, as a user might want to experiment with the UCI config while keeping existing connections in /etc/ipsec.conf operational. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: add charon-cmd utilityStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: add missing charon config filesStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: add swanctl utilityStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: add vici pluginStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: rename -utils to -ipsecStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the strongswan-utils package now only contains the aging ipsec utility, rename it to strongswan-ipsec. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: split scepclient into separate packageStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently include the SCEP client in strongswan-utils, which is a dependency of the strongswan-default meta-package. As it's generally not recommended to generate keys on embedded devices due to lack of entropy, move the SCEP client to a separate package, and only depend on it in the strongswan-full meta-package. While at it, add scepclient.conf to the package. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | strongswan: split PKI tool into separate packageStijn Tintel2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently include the PKI tool in strongswan-utils, which is a dependency of the strongswan-default meta-package. As it's generally not recommended to generate keys on embedded devices due to lack of entropy, move the PKI tool to a separate package, and only depend on it in the strongswan-full meta-package. While at it, add pki.conf to the package. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | git: update to 2.14.0Peter Wagner2017-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
Powered by cgit, Themed by Ted Yin.