Allow configuring ipsets with dedicated config sections:
config ipset
list name 'ss_rules_dst_forward'
list name 'ss_rules6_dst_forward'
list domain 't.me'
list domain 'telegram.org'
instead of current, rather inconvenient syntax:
config dnsmasq
...
list ipset '/t.me/telegram.org/ss_rules_dst_forward,ss_rules6_dst_forward'
Current syntax will still continue to work though.
With this change, a LuCI GUI for DNS ipsets should be easy to implement.
Signed-off-by: Aleksandr Mezin <mezin.alexander@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
This patch adds support for D-Link DIR-2640 A1.
Specifications:
* Board: AP-MTKH7-0002
* SoC: MediaTek MT7621AT
* RAM: 256 MB (DDR3)
* Flash: 128 MB (NAND)
* WiFi: MediaTek MT7615N (x2)
* Switch: 1 WAN, 4 LAN (Gigabit)
* Ports: 1 USB 2.0, 1 USB 3.0
* Buttons: Reset, WPS
* LEDs: Power (blue/orange), Internet (blue/orange), WiFi 2.4G (blue),
WiFi 5G (blue), USB 3.0 (blue), USB 2.0 (blue)
Notes:
* WiFi 2.4G and WiFi 5G LEDs are wired directly to the wireless chips
Installation:
* D-Link Recovery GUI: power down the router, press and hold the reset
button, then re-plug it. Keep the reset button pressed until the power
LED starts flashing orange, manually assign a static IP address under
the 192.168.0.xxx subnet (e.g. 192.168.0.2) and go to http://192.168.0.1
* Some modern browsers may have problems flashing via the Recovery GUI,
if that occurs consider uploading the firmware through cURL:
curl -v -i -F "firmware=@file.bin" 192.168.0.1
MAC addresses:
lan factory 0xe000 *:a7 (label)
wan factory 0xe006 *:aa
2.4 factory 0xe000 +1 *:a8
5.0 factory 0xe000 +2 *:a9
Seems like vendor didn't replace the dummy entries in the calibration data.
Signed-off-by: James McGuire <jamesm51@gmail.com>
[fix device definition title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The comment content can be useful for readers of both the log and code
Previously when dd command "records in/out" messages are not filtered
like now with get_image_dd, it's not clear that these messages are for
extracting boot sectors. E.g.
Before
== upgrade: Reading partition table from bootdisk...
37+26 records in
37+26 records out
== upgrade: Reading partition table from image...
After
== upgrade: Reading partition table from bootdisk...
== upgrade: Extract boot sector from the image
37+26 records in
37+26 records out
== upgrade: Reading partition table from image...
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The intent is to make it sound more like info level message, not some
error like "404 not found". x86 target at the moment makes image with
only signature but no metadata (ref commit f8141216 "x86: append
metadata to combined images").
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
This will have at least the following effects
- Log lines will have common prefix
- They will be output to stderr instead of stdout
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This is mainly to handle stderr message "Broken pipe", "F+P records
in/out" by common pattern "xcat | dd .."
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3140
Reported-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
Manually rebased patches:
bcm27xx:
patches-5.4/950-0267-xhci-add-quirk-for-host-controllers-that-don-t-updat.patch
bcm53xx:
patches-5.4/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
layerscape:
patches-5.4/802-can-0025-can-flexcan-add-LPSR-mode-support-for-i.MX7D.patch
patches-5.4/808-i2c-0002-MLK-10893-i2c-imx-add-irqf_no_suspend.patch
patches-5.4/820-usb-0016-MLK-16735-usb-host-add-XHCI_CDNS_HOST-flag.patch
Removed since could be reverse-applied by quilt:
mediatek:
patches-5.4/0700-arm-dts-mt7623-add-missing-pause-for-switchport.patch
All modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711, x86_64
Run-tested: ipq806x/R7800, x86_64
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [x86_64]
Rebase of 802-can-0025-can-flexcan-add-LPSR-mode-support-for-i.MX7D.patch
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Due to the use of LD_LIBRARY_PATH, the programs running in the fakeroot
environment may end up loading bundled SDK libraries using the system
ld.so.
Rework the relocatability patch to avoid meddling with LD_LIBRARY_PATH
and construct the paths to faked and libfakeroot.so directly.
Fixes: f93cb5c2c8 ("fakeroot: make fakeroot script relocatable")
Reviewed-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Althought most of the switches aren't routers, they can be used as such,
so let's add some of the packages from the router's DEVICE_TYPE. While
at it, remove swconfig package which is not needed on DSA targets.
Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This adds a variant of refpolicy that builds the modular form of the
policy. While this requires more memory on the target device, along with
some tricks to deal with OpenWrt's volatile /var directory, it is useful
for experiementing with SELinux policy.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Without an absolute path to staging_dir/host/bin/sstrip the Makefile
tries to run a host installed version of sstrip, which is likely not
available.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The uhttpd package takes care of creating self-signed certificates if
px5g is installed. This improves the security of router management as it
encrypts the LuCI connection.
The EC P-256 curve is faster than RSA which which improves the user
experience on embedded devices. EC P-256 is support for as old devices
as Android 4.4.
Signed-off-by: Paul Spooren <mail@aparcar.org>
mkhash currently returns the hash of an empty input when trying to hash
a folder. This can be missleading in caseswhere e.g. an env variable is
undefined which should contain a filename. `mkhash ./path/to/$FILE`
would exit with code 0 and return a legit looking checksum.
A better behaviour would be to fail with exit code 1, which imitates the
behaviour of `md5sum` and `sha256sum`.
To avoid hashing of folders the `stat()` is checked.
Hashing empty inputs result in the following checksums:
md5: d41d8cd98f00b204e9800998ecf8427e
sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Signed-off-by: Paul Spooren <mail@aparcar.org>
If hashing a file fails mkhash shouldn't just silently fail. Now check
after each call of `hash_file()` the return and exit early in case of
errors. The return value which was previously ignored and would always
return 0.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The -n option prints the filename of hashed files next to the calculated
checksum. Reflect that in the usage message.
user@dawn:~/src/openwrt/openwrt$ ./a.out md5 -n .config
eb06db36e7b6751cb18801945e46bf5d .config
Signed-off-by: Paul Spooren <mail@aparcar.org>
Fixes following dtc warning:
../dts/rtl838x.dtsi:38.3-145.3: Warning (reg_format): /: Root node has a "reg" property
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Hardware specification
----------------------
* RTL8382M SoC, 1 MIPS 4KEc core @ 500MHz
* 128MB DRAM
* 32MB NOR Flash (MX25L25635E)
* 24 x 10/100/1000BASE-T ports
- Internal PHY with 8 ports (RTL8218B)
- Two external PHYs with 8 ports each (RTL8218B)
* 4 x Gigabit RJ45/SFP Combo ports
- External PHY with 4 SFP ports (RTL8214FC)
* Power LED
* Reset button on front panel
* UART (115200 8N1) via unpopulated standard 0.1" pin header marked J6
UART pinout
-----------
[oooo]J3 [o]ooo|J6
| ^ ||`------ GND
| | |`------- RX
| | `-------- TX
| `---------- Vcc (3V3)
|
`------------------ J3 is power input connector nearby J6 UART
Boot initramfs image from U-Boot
--------------------------------
1. Press Escape key during `Hit Esc key to stop autoboot` prompt
2. Press CTRL+C keys to get into real U-Boot prompt
3. Init network with `rtk network on` command
4. Load image with `tftpboot 0x8f000000 openwrt-rtl838x-generic-d-link_dgs-1210-28-initramfs-kernel.bin` command
5. Boot the image with `bootm` command
To install, upload the sysupgrade image to the OEM webpage or sysupgrade
from the system running from initramfs image.
It has been developed and tested on device with F1 revision.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
So the common bits can be easily shared with other boards in the family
and while at it add missing SPDX license identifiers into the DTS files
and fixed alphabetic sorting of the devices in the images.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
If only AP mode is needed, this is currently the most space-efficient way to
provide support for WPA{2,3}-PSK, 802.11w and 802.11r.
openwrt-ath79-generic-ubnt_nanostation-loco-m-squashfs-sysupgrade.bin sizes:
4719426 bytes (with wpad-basic-wolfssl)
4457282 bytes (with hostapd-basic-wolfssl)
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Ubiquiti EdgeRouter 4 is 4 port Octeon Cavium 7130 powered router.
It has internal power supply and needs c13 power cord.
There are three 10/100/1000 Mbps RJ45/Copper ports and
one 1000 Mbps SFP port connected directly to a SoC.
SoC:
Octeon Cavium 7130 (Cavium 3)
Clocked at 1000Mhz
Memory:
1 GiB (SK hynix H5TQ4G63CFR-RDC × 2)
DDR3, clocked at 533 Mhz (1066Mhz effective)
Flash:
- mtd:
8 MiB (Macronix MX25L6408EMI-12G)
used for uboot/eeprom
- emmc:
4 GiB (SanDisk SDIN7DP2-4G)
used for kernel+rootfs
Leds: 1x for power status (white/blue, controllable)
and 4x for ethernet and sfp ports (no control over them)
Buttons: 1x Reset (from SOC)
Serial: 1x RJ45 port on front panel. 115200 baud, 8N1 (from SoC)
USB: 1x USB3.0 on front panel (from SoC)
MII: 1x QSGMII from SoC is used
PHY: 1x Vitesse VSC8504 of which 4x ports is used
All physical port numbers are properly mapped inside OS and
named by lanX instead of ethX.
There is also special purpose four(4) loopX ports available.
That loopX ports are currently hardcoded by linux kernel
and exact use case of them is currently unknown. We leave them
to the linux kernel and octeon board defaults.
All four (4) physical ports are connected to the same QSGMII.
vsc8504 is used for phys and only 4, 5, 6 and 7 phys are used.
Phy mapping:
- Phy5 is connected to physical eth0 port
- Phy6 is connected to physical eth1 port
- Phy7 is connected to physical eth2 port
- Phy4 is connected to physical eth3 port
Why this device needs external dts:
- faster boot time since need to initialize less device tree nodes.
- to add actual indication with LED about boot/failure/upgrade.
i.e. user could know when to enter failsafe mode or if upgrade is done
- reset button support so user can reset their device in case off failure
- sfp port indication in dmesg with information about sfp module
it also indicates when module inserted or removed
Octeon quirks:
- There is no port status available before it interface brought up
- SFP port can not be tied to actual phy due to octeon-ethernet state
and currently we can only get reports a about SFP state in dmesg
How to flash the firmware:
- copy openwrt-octeon-ubnt_edgerouter-4-initramfs-kernel.bin and
openwrt-octeon-ubnt_edgerouter-4-squashfs-sysupgrade.tar to
USB flash drive that is formatted to vfat/fat32
- connect USB flash drive to edgerouter 4 front USB port
- connect serial cable using front RJ45 port (115200 baud, 8N1)
- connect power to cable to edgerouter 4
- connect terminal to the console to see uboot boot process
- interrupt boot by pressing button(s) on your keyboard to log in to the uboot
- detect usb connected flash drives by typing to the console:
usb start
- after drive is detected load initramfs+kernel to the memory by typing:
fatload usb 0:1 0x20000000 openwrt-octeon-ubnt_edgerouter-4-initramfs-kernel.bin
- after initramfs+kernel is loaded to the memory load it by typing:
bootoctlinux 0 numcores=4 endbootargs mem=0
- boot process should finish and you will be greeted with console after pressing enter
- create directory to mount usb flash drive to by typing:
mkdir /tmp/sda
- mount flash drive to that directory by typing:
mount /dev/sda1 /tmp/sda
- flash firmware to router internal storage by typing:
sysupgrade /tmp/sda/openwrt-octeon-ubnt_edgerouter-4-squashfs-sysupgrade.tar
- device will reboot and after it gets up you will have edgerouter 4 running openwrt
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
Tested-by: Johannes Kimmel <fff@bareminimum.eu>
Signed-off-by: Roman Kuzmitskii <damex.pp@icloud.com>
adds patch to octeon ethernet driver that lets sgmii interface
device tree node to be disabled and that disabled interface
won't be unnecessarily initialized.
It solves the problem with octeon boards that have 8 sgmii or more ports
initialized but have nothing connected to them.
Tested-by: Johannes Kimmel <fff@bareminimum.eu>
Signed-off-by: Roman Kuzmitskii <damex.pp@icloud.com>