Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
My local openwrt diff: cosmetics, uqmi bug-fix, and usleep command in ash
diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index cf5166772d..f325630bd7 100644
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -147,13 +147,9 @@ define Package/base-files/install
)
$(VERSION_SED_SCRIPT) \
- $(1)/etc/banner \
- $(1)/etc/openwrt_version \
$(1)/usr/lib/os-release
$(VERSION_SED_SCRIPT) \
- $(1)/etc/openwrt_release \
- $(1)/etc/device_info \
$(1)/usr/lib/os-release
$(SED) "s#%PATH%#$(TARGET_INIT_PATH)#g" \
@@ -164,7 +160,6 @@ define Package/base-files/install
mkdir -p $(1)/CONTROL
mkdir -p $(1)/dev
mkdir -p $(1)/etc/config
- mkdir -p $(1)/etc/crontabs
mkdir -p $(1)/etc/rc.d
mkdir -p $(1)/overlay
mkdir -p $(1)/lib/firmware
diff --git a/package/base-files/files/etc/banner b/package/base-files/files/etc/banner
deleted file mode 100644
index f3af3c014f..0000000000
--- a/package/base-files/files/etc/banner
+++ /dev/null
@@ -1,8 +0,0 @@
- _______ ________ __
- | |.-----.-----.-----.| | | |.----.| |_
- | - || _ | -__| || | | || _|| _|
- |_______|| __|_____|__|__||________||__| |____|
- |__| W I R E L E S S F R E E D O M
- -----------------------------------------------------
- %D %V, %C
- -----------------------------------------------------
diff --git a/package/base-files/files/etc/banner.failsafe b/package/base-files/files/etc/banner.failsafe
deleted file mode 100644
index 49855e7133..0000000000
--- a/package/base-files/files/etc/banner.failsafe
+++ /dev/null
@@ -1,15 +0,0 @@
-================= FAILSAFE MODE active ================
-special commands:
-* firstboot reset settings to factory defaults
-* mount_root mount root-partition with config files
-
-after mount_root:
-* passwd change root's password
-* /etc/config directory with config files
-
-for more help see:
-https://openwrt.org/docs/guide-user/troubleshooting/
-- failsafe_and_factory_reset
-- root_password_reset
-=======================================================
-
diff --git a/package/base-files/files/etc/device_info b/package/base-files/files/etc/device_info
deleted file mode 100644
index 4045e9e027..0000000000
--- a/package/base-files/files/etc/device_info
+++ /dev/null
@@ -1,4 +0,0 @@
-DEVICE_MANUFACTURER='%M'
-DEVICE_MANUFACTURER_URL='%m'
-DEVICE_PRODUCT='%P'
-DEVICE_REVISION='%h'
diff --git a/package/base-files/files/etc/ethers b/package/base-files/files/etc/ethers
deleted file mode 100644
index b92c200a4b..0000000000
--- a/package/base-files/files/etc/ethers
+++ /dev/null
@@ -1,6 +0,0 @@
-#
-# Lookup man 5 ethers for syntax documentation
-#
-# Examples :
-# 02:00:11:22:33:44 OpenWrt.lan
-# 02:00:11:22:33:44 192.168.1.1
diff --git a/package/base-files/files/etc/fstab b/package/base-files/files/etc/fstab
index 6e9b7baf53..e69de29bb2 100644
--- a/package/base-files/files/etc/fstab
+++ b/package/base-files/files/etc/fstab
@@ -1 +0,0 @@
-# <file system> <mount point> <type> <options> <dump> <pass>
diff --git a/package/base-files/files/etc/hosts b/package/base-files/files/etc/hosts
index b7713ebcc6..7d093e7906 100644
--- a/package/base-files/files/etc/hosts
+++ b/package/base-files/files/etc/hosts
@@ -1,5 +1,5 @@
127.0.0.1 localhost
-::1 localhost ip6-localhost ip6-loopback
+::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
diff --git a/package/base-files/files/etc/iproute2/ematch_map b/package/base-files/files/etc/iproute2/ematch_map
index 4d6bb2f039..fc6e46a8e3 100644
--- a/package/base-files/files/etc/iproute2/ematch_map
+++ b/package/base-files/files/etc/iproute2/ematch_map
@@ -1,8 +1,7 @@
-# lookup table for ematch kinds
-1 cmp
-2 nbyte
-3 u32
-4 meta
-7 canid
-8 ipset
-9 ipt
+1 cmp
+2 nbyte
+3 u32
+4 meta
+7 canid
+8 ipset
+9 ipt
diff --git a/package/base-files/files/etc/iproute2/rt_protos b/package/base-files/files/etc/iproute2/rt_protos
index 5b61798aec..9baf9ed29e 100644
--- a/package/base-files/files/etc/iproute2/rt_protos
+++ b/package/base-files/files/etc/iproute2/rt_protos
@@ -1,18 +1,15 @@
-#
-# Reserved protocols.
-#
-0 unspec
-1 redirect
-2 kernel
-3 boot
-4 static
-8 gated
-9 ra
-10 mrt
-11 zebra
-12 bird
-13 dnrouted
-14 xorp
-15 ntk
-16 dhcp
-42 babel
+0 unspec
+1 redirect
+2 kernel
+3 boot
+4 static
+8 gated
+9 ra
+10 mrt
+11 zebra
+12 bird
+13 dnrouted
+14 xorp
+15 ntk
+16 dhcp
+42 babel
diff --git a/package/base-files/files/etc/iproute2/rt_tables b/package/base-files/files/etc/iproute2/rt_tables
index 5fc09b3c0c..f775eb7067 100644
--- a/package/base-files/files/etc/iproute2/rt_tables
+++ b/package/base-files/files/etc/iproute2/rt_tables
@@ -1,12 +1,5 @@
-#
-# reserved values
-#
-128 prelocal
-255 local
-254 main
-253 default
-0 unspec
-#
-# local
-#
-#1 inr.ruhep
+0 unspec
+128 prelocal
+253 default
+254 main
+255 local
diff --git a/package/base-files/files/etc/openwrt_release b/package/base-files/files/etc/openwrt_release
deleted file mode 100644
index d03400ca05..0000000000
--- a/package/base-files/files/etc/openwrt_release
+++ /dev/null
@@ -1,7 +0,0 @@
-DISTRIB_ID='%D'
-DISTRIB_RELEASE='%V'
-DISTRIB_REVISION='%R'
-DISTRIB_TARGET='%S'
-DISTRIB_ARCH='%A'
-DISTRIB_DESCRIPTION='%D %V %C'
-DISTRIB_TAINTS='%t'
diff --git a/package/base-files/files/etc/openwrt_version b/package/base-files/files/etc/openwrt_version
deleted file mode 100644
index 48157ed97f..0000000000
--- a/package/base-files/files/etc/openwrt_version
+++ /dev/null
@@ -1 +0,0 @@
-%C
diff --git a/package/base-files/files/etc/profile b/package/base-files/files/etc/profile
index 9a3ac069a2..14d7866ed2 100644
--- a/package/base-files/files/etc/profile
+++ b/package/base-files/files/etc/profile
@@ -1,59 +1,33 @@
#!/bin/sh
-[ -e /tmp/.failsafe ] && export FAILSAFE=1
-[ -f /etc/banner ] && cat /etc/banner
-[ -n "$FAILSAFE" ] && cat /etc/banner.failsafe
-
-fgrep -sq '/ overlay ro,' /proc/mounts && {
- echo 'Your JFFS2-partition seems full and overlayfs is mounted read-only.'
- echo 'Please try to remove files from /overlay/upper/... and reboot!'
-}
-
-export PATH="%PATH%"
+export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6)
export HOME=${HOME:-/root}
export PS1='\u@\h:\w\$ '
-case "$TERM" in
- xterm*|rxvt*)
- export PS1='\[\e]0;\u@\h: \w\a\]'$PS1
- ;;
-esac
-
-[ -x /bin/more ] || alias more=less
-[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi
-
-alias ll='ls -alF --color=auto'
+alias ll='ls -alF'
+alias more=less
-[ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc
-
-[ -x /usr/bin/arp -o -x /sbin/arp ] || arp() { cat /proc/net/arp; }
-[ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }
-
-[ -n "$FAILSAFE" ] || {
- for FILE in /etc/profile.d/*.sh; do
- [ -e "$FILE" ] && . "$FILE"
- done
- unset FILE
+arp() {
+ cat /proc/net/arp
}
-if ( grep -qs '^root::' /etc/shadow && \
- [ -z "$FAILSAFE" ] )
-then
-cat << EOF
-=== WARNING! =====================================
-There is no root password defined on this device!
-Use the "passwd" command to set up a new password
-in order to prevent unauthorized SSH logins.
---------------------------------------------------
-EOF
+case "$TERM" in
+ xterm*|rxvt*)
+ export PS1='\[\e]0;\u@\h: \w\a\]'$PS1
+ ;;
+esac
+
+if [ -e /tmp/.failsafe ]; then
+ export FAILSAFE=1
+else
+ for FILE in /etc/profile.d/*.sh; do
+ [ -e "$FILE" ] && . "$FILE"
+ done
+ unset FILE
fi
-service() {
- [ -f "/etc/init.d/$1" ] || {
- echo "service "'"'"$1"'"'" not found, the following services are available:"
- ls "/etc/init.d"
- return 1
- }
- /etc/init.d/$@
-}
+if fgrep -sq '/ overlay ro,' /proc/mounts; then
+ echo 'The JFFS2 partition is full and overlayfs is mounted read-only.'
+ echo 'Please remove files from /overlay/upper/... and reboot.'
+fi
diff --git a/package/base-files/files/etc/protocols b/package/base-files/files/etc/protocols
index 26bc775ed6..aa39e74b12 100644
--- a/package/base-files/files/etc/protocols
+++ b/package/base-files/files/etc/protocols
@@ -1,57 +1,46 @@
-# Internet (IP) protocols
-#
-# Updated from http://www.iana.org/assignments/protocol-numbers and other
-# sources.
-# New protocols will be added on request if they have been officially
-# assigned by IANA and are not historical.
-# If you need a huge list of used numbers please install the nmap package.
-
-ip 0 IP # internet protocol, pseudo protocol number
-#hopopt 0 HOPOPT # IPv6 Hop-by-Hop Option [RFC1883]
-icmp 1 ICMP # internet control message protocol
-igmp 2 IGMP # Internet Group Management
-ggp 3 GGP # gateway-gateway protocol
-ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'')
-st 5 ST # ST datagram mode
-tcp 6 TCP # transmission control protocol
-egp 8 EGP # exterior gateway protocol
-igp 9 IGP # any private interior gateway (Cisco)
-pup 12 PUP # PARC universal packet protocol
-udp 17 UDP # user datagram protocol
-hmp 20 HMP # host monitoring protocol
-xns-idp 22 XNS-IDP # Xerox NS IDP
-rdp 27 RDP # "reliable datagram" protocol
-iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 [RFC905]
-dccp 33 DCCP # Datagram Congestion Control Protocol [RFC4340]
-xtp 36 XTP # Xpress Transfer Protocol
-ddp 37 DDP # Datagram Delivery Protocol
-idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport
-ipv6 41 IPv6 # Internet Protocol, version 6
-ipv6-route 43 IPv6-Route # Routing Header for IPv6
-ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6
-idrp 45 IDRP # Inter-Domain Routing Protocol
-rsvp 46 RSVP # Reservation Protocol
-gre 47 GRE # General Routing Encapsulation
-esp 50 IPSEC-ESP # Encap Security Payload [RFC2046]
-ah 51 IPSEC-AH # Authentication Header [RFC2402]
-skip 57 SKIP # SKIP
-ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6
-ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6
-ipv6-opts 60 IPv6-Opts # Destination Options for IPv6
-rspf 73 RSPF CPHB # Radio Shortest Path First (officially CPHB)
-vmtp 81 VMTP # Versatile Message Transport
-eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco)
-ospf 89 OSPFIGP # Open Shortest Path First IGP
-ax.25 93 AX.25 # AX.25 frames
-ipip 94 IPIP # IP-within-IP Encapsulation Protocol
-etherip 97 ETHERIP # Ethernet-within-IP Encapsulation [RFC3378]
-encap 98 ENCAP # Yet Another IP encapsulation [RFC1241]
-# 99 # any private encryption scheme
-pim 103 PIM # Protocol Independent Multicast
-ipcomp 108 IPCOMP # IP Payload Compression Protocol
-vrrp 112 VRRP # Virtual Router Redundancy Protocol
-l2tp 115 L2TP # Layer Two Tunneling Protocol [RFC2661]
-isis 124 ISIS # IS-IS over IPv4
-sctp 132 SCTP # Stream Control Transmission Protocol
-fc 133 FC # Fibre Channel
-
+ip 0 IP # internet protocol, pseudo protocol number
+icmp 1 ICMP # internet control message protocol
+igmp 2 IGMP # Internet Group Management
+ggp 3 GGP # gateway-gateway protocol
+ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'')
+st 5 ST # ST datagram mode
+tcp 6 TCP # transmission control protocol
+egp 8 EGP # exterior gateway protocol
+igp 9 IGP # any private interior gateway (Cisco)
+pup 12 PUP # PARC universal packet protocol
+udp 17 UDP # user datagram protocol
+hmp 20 HMP # host monitoring protocol
+xns-idp 22 XNS-IDP # Xerox NS IDP
+rdp 27 RDP # "reliable datagram" protocol
+iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4 [RFC905]
+dccp 33 DCCP # Datagram Congestion Control Protocol [RFC4340]
+xtp 36 XTP # Xpress Transfer Protocol
+ddp 37 DDP # Datagram Delivery Protocol
+idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport
+ipv6 41 IPv6 # Internet Protocol, version 6
+ipv6-route 43 IPv6-Route # Routing Header for IPv6
+ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6
+idrp 45 IDRP # Inter-Domain Routing Protocol
+rsvp 46 RSVP # Reservation Protocol
+gre 47 GRE # General Routing Encapsulation
+esp 50 IPSEC-ESP # Encap Security Payload [RFC2046]
+ah 51 IPSEC-AH # Authentication Header [RFC2402]
+skip 57 SKIP # SKIP
+ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6
+ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6
+ipv6-opts 60 IPv6-Opts # Destination Options for IPv6
+rspf 73 RSPF CPHB # Radio Shortest Path First (officially CPHB)
+vmtp 81 VMTP # Versatile Message Transport
+eigrp 88 EIGRP # Enhanced Interior Routing Protocol (Cisco)
+ospf 89 OSPFIGP # Open Shortest Path First IGP
+ax.25 93 AX.25 # AX.25 frames
+ipip 94 IPIP # IP-within-IP Encapsulation Protocol
+etherip 97 ETHERIP # Ethernet-within-IP Encapsulation [RFC3378]
+encap 98 ENCAP # Yet Another IP encapsulation [RFC1241]
+pim 103 PIM # Protocol Independent Multicast
+ipcomp 108 IPCOMP # IP Payload Compression Protocol
+vrrp 112 VRRP # Virtual Router Redundancy Protocol
+l2tp 115 L2TP # Layer Two Tunneling Protocol [RFC2661]
+isis 124 ISIS # IS-IS over IPv4
+sctp 132 SCTP # Stream Control Transmission Protocol
+fc 133 FC # Fibre Channel
diff --git a/package/base-files/files/etc/rc.local b/package/base-files/files/etc/rc.local
deleted file mode 100644
index 56394773c3..0000000000
--- a/package/base-files/files/etc/rc.local
+++ /dev/null
@@ -1,4 +0,0 @@
-# Put your custom commands here that should be executed once
-# the system init finished. By default this file does nothing.
-
-exit 0
diff --git a/package/base-files/files/etc/services b/package/base-files/files/etc/services
index 968f9e78be..941818efde 100644
--- a/package/base-files/files/etc/services
+++ b/package/base-files/files/etc/services
@@ -170,4 +170,3 @@ isisd 2608/tcp
sane-port 6566/tcp sane saned
ircd 6667/tcp
git 9418/tcp
-
diff --git a/package/base-files/files/etc/sysupgrade.conf b/package/base-files/files/etc/sysupgrade.conf
index e06fd5e332..e69de29bb2 100644
--- a/package/base-files/files/etc/sysupgrade.conf
+++ b/package/base-files/files/etc/sysupgrade.conf
@@ -1,5 +0,0 @@
-## This file contains files and directories that should
-## be preserved during an upgrade.
-
-# /etc/example.conf
-# /etc/openvpn/
diff --git a/package/base-files/files/rom/.keep b/package/base-files/files/rom/.keep
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/package/base-files/files/rom/note b/package/base-files/files/rom/note
deleted file mode 100644
index 1746eb0509..0000000000
--- a/package/base-files/files/rom/note
+++ /dev/null
@@ -1,3 +0,0 @@
-SQUASHFS USERS:
-After firstboot has been run, / will be jffs2 and /rom will be squashfs
-(* except when in failsafe)
diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile
index bf2a1060eb..97da069d18 100644
--- a/package/network/config/firewall/Makefile
+++ b/package/network/config/firewall/Makefile
@@ -54,7 +54,6 @@ define Package/firewall/install
$(INSTALL_DIR) $(1)/etc/config/
$(INSTALL_CONF) ./files/firewall.config $(1)/etc/config/firewall
$(INSTALL_DIR) $(1)/etc/
- $(INSTALL_CONF) ./files/firewall.user $(1)/etc/firewall.user
$(INSTALL_DIR) $(1)/usr/share/fw3
$(INSTALL_CONF) $(PKG_BUILD_DIR)/helpers.conf $(1)/usr/share/fw3
endef
diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config
index 8874e9882c..cae15af909 100644
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@@ -1,195 +1,121 @@
config defaults
- option syn_flood 1
- option input ACCEPT
- option output ACCEPT
- option forward REJECT
-# Uncomment this line to disable ipv6 rules
-# option disable_ipv6 1
+ option syn_flood 1
+ option input ACCEPT
+ option output ACCEPT
+ option forward REJECT
config zone
- option name lan
- list network 'lan'
- option input ACCEPT
- option output ACCEPT
- option forward ACCEPT
+ option name lan
+ list network lan
+ option input ACCEPT
+ option output ACCEPT
+ option forward ACCEPT
config zone
- option name wan
- list network 'wan'
- list network 'wan6'
- option input REJECT
- option output ACCEPT
- option forward REJECT
- option masq 1
- option mtu_fix 1
+ option name wan
+ list network wan
+ list network wan6
+ option input REJECT
+ option output ACCEPT
+ option forward REJECT
+ option masq 1
+ option mtu_fix 1
config forwarding
- option src lan
- option dest wan
+ option src lan
+ option dest wan
-# We need to accept udp packets on port 68,
-# see https://dev.openwrt.org/ticket/4108
config rule
- option name Allow-DHCP-Renew
- option src wan
- option proto udp
- option dest_port 68
- option target ACCEPT
- option family ipv4
+ option name allow-dhcp-renew
+ option src wan
+ option proto udp
+ option dest_port 68
+ option target ACCEPT
+ option family ipv4
-# Allow IPv4 ping
config rule
- option name Allow-Ping
- option src wan
- option proto icmp
- option icmp_type echo-request
- option family ipv4
- option target ACCEPT
+ option name allow-ping
+ option src wan
+ option proto icmp
+ option icmp_type echo-request
+ option family ipv4
+ option target ACCEPT
config rule
- option name Allow-IGMP
- option src wan
- option proto igmp
- option family ipv4
- option target ACCEPT
+ option name allow-igmp
+ option src wan
+ option proto igmp
+ option family ipv4
+ option target ACCEPT
-# Allow DHCPv6 replies
-# see https://dev.openwrt.org/ticket/10381
config rule
- option name Allow-DHCPv6
- option src wan
- option proto udp
- option src_ip fc00::/6
- option dest_ip fc00::/6
- option dest_port 546
- option family ipv6
- option target ACCEPT
+ option name allow-dhcpv6
+ option src wan
+ option proto udp
+ option src_ip fc00::/6
+ option dest_ip fc00::/6
+ option dest_port 546
+ option family ipv6
+ option target ACCEPT
config rule
- option name Allow-MLD
- option src wan
- option proto icmp
- option src_ip fe80::/10
- list icmp_type '130/0'
- list icmp_type '131/0'
- list icmp_type '132/0'
- list icmp_type '143/0'
- option family ipv6
- option target ACCEPT
+ option name allow-mld
+ option src wan
+ option proto icmp
+ option src_ip fe80::/10
+ list icmp_type 130/0
+ list icmp_type 131/0
+ list icmp_type 132/0
+ list icmp_type 143/0
+ option family ipv6
+ option target ACCEPT
-# Allow essential incoming IPv6 ICMP traffic
config rule
- option name Allow-ICMPv6-Input
- option src wan
- option proto icmp
- list icmp_type echo-request
- list icmp_type echo-reply
- list icmp_type destination-unreachable
- list icmp_type packet-too-big
- list icmp_type time-exceeded
- list icmp_type bad-header
- list icmp_type unknown-header-type
- list icmp_type router-solicitation
- list icmp_type neighbour-solicitation
- list icmp_type router-advertisement
- list icmp_type neighbour-advertisement
- option limit 1000/sec
- option family ipv6
- option target ACCEPT
+ option name allow-icmpv6-input
+ option src wan
+ option proto icmp
+ list icmp_type echo-request
+ list icmp_type echo-reply
+ list icmp_type destination-unreachable
+ list icmp_type packet-too-big
+ list icmp_type time-exceeded
+ list icmp_type bad-header
+ list icmp_type unknown-header-type
+ list icmp_type router-solicitation
+ list icmp_type neighbour-solicitation
+ list icmp_type router-advertisement
+ list icmp_type neighbour-advertisement
+ option limit 1000/sec
+ option family ipv6
+ option target ACCEPT
-# Allow essential forwarded IPv6 ICMP traffic
config rule
- option name Allow-ICMPv6-Forward
- option src wan
- option dest *
- option proto icmp
- list icmp_type echo-request
- list icmp_type echo-reply
- list icmp_type destination-unreachable
- list icmp_type packet-too-big
- list icmp_type time-exceeded
- list icmp_type bad-header
- list icmp_type unknown-header-type
- option limit 1000/sec
- option family ipv6
- option target ACCEPT
+ option name allow-icmpv6-forward
+ option src wan
+ option dest *
+ option proto icmp
+ list icmp_type echo-request
+ list icmp_type echo-reply
+ list icmp_type destination-unreachable
+ list icmp_type packet-too-big
+ list icmp_type time-exceeded
+ list icmp_type bad-header
+ list icmp_type unknown-header-type
+ option limit 1000/sec
+ option family ipv6
+ option target ACCEPT
config rule
- option name Allow-IPSec-ESP
- option src wan
- option dest lan
- option proto esp
- option target ACCEPT
+ option name allow-ipsec-esp
+ option src wan
+ option dest lan
+ option proto esp
+ option target ACCEPT
config rule
- option name Allow-ISAKMP
- option src wan
- option dest lan
- option dest_port 500
- option proto udp
- option target ACCEPT
-
-# include a file with users custom iptables rules
-config include
- option path /etc/firewall.user
-
-
-### EXAMPLE CONFIG SECTIONS
-# do not allow a specific ip to access wan
-#config rule
-# option src lan
-# option src_ip 192.168.45.2
-# option dest wan
-# option proto tcp
-# option target REJECT
-
-# block a specific mac on wan
-#config rule
-# option dest wan
-# option src_mac 00:11:22:33:44:66
-# option target REJECT
-
-# block incoming ICMP traffic on a zone
-#config rule
-# option src lan
-# option proto ICMP
-# option target DROP
-
-# port redirect port coming in on wan to lan
-#config redirect
-# option src wan
-# option src_dport 80
-# option dest lan
-# option dest_ip 192.168.16.235
-# option dest_port 80
-# option proto tcp
-
-# port redirect of remapped ssh port (22001) on wan
-#config redirect
-# option src wan
-# option src_dport 22001
-# option dest lan
-# option dest_port 22
-# option proto tcp
-
-### FULL CONFIG SECTIONS
-#config rule
-# option src lan
-# option src_ip 192.168.45.2
-# option src_mac 00:11:22:33:44:55
-# option src_port 80
-# option dest wan
-# option dest_ip 194.25.2.129
-# option dest_port 120
-# option proto tcp
-# option target REJECT
-
-#config redirect
-# option src lan
-# option src_ip 192.168.45.2
-# option src_mac 00:11:22:33:44:55
-# option src_port 1024
-# option src_dport 80
-# option dest_ip 194.25.2.129
-# option dest_port 120
-# option proto tcp
+ option name allow-isakmp
+ option src wan
+ option dest lan
+ option dest_port 500
+ option proto udp
+ option target ACCEPT
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile
index c57a837e9e..8fbcecdcbd 100644
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -163,7 +163,6 @@ define Package/dnsmasq/install
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/dnsmasq $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/dhcp.conf $(1)/etc/config/dhcp
- $(INSTALL_CONF) ./files/dnsmasq.conf $(1)/etc/dnsmasq.conf
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/dnsmasq.init $(1)/etc/init.d/dnsmasq
$(INSTALL_DIR) $(1)/etc/hotplug.d/dhcp
diff --git a/package/network/services/dnsmasq/files/dhcp.conf b/package/network/services/dnsmasq/files/dhcp.conf
index 360c7d79ee..af0c254d8c 100644
--- a/package/network/services/dnsmasq/files/dhcp.conf
+++ b/package/network/services/dnsmasq/files/dhcp.conf
@@ -1,32 +1,38 @@
config dnsmasq
- option domainneeded 1
- option boguspriv 1
- option filterwin2k 0 # enable for dial on demand
- option localise_queries 1
- option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
- option rebind_localhost 1 # enable for RBL checking and similar services
- #list rebind_domain example.lan # whitelist RFC1918 responses for domains
- option local '/lan/'
- option domain 'lan'
- option expandhosts 1
- option nonegcache 0
- option authoritative 1
- option readethers 1
- option leasefile '/tmp/dhcp.leases'
- option resolvfile '/tmp/resolv.conf.auto'
- #list server '/mycompany.local/1.2.3.4'
- option nonwildcard 1 # bind to & keep track of interfaces
- #list interface br-lan
- #list notinterface lo
- #list bogusnxdomain '64.94.110.11'
- option localservice 1 # disable to allow DNS requests from non-local subnets
+ option domainneeded '1'
+ option boguspriv '1'
+ option filterwin2k '0'
+ option localise_queries '1'
+ option rebind_protection '1'
+ option rebind_localhost '1'
+ option local '/lan/'
+ option domain 'lan'
+ option expandhosts '1'
+ option nonegcache '0'
+ option authoritative '1'
+ option readethers '1'
+ option leasefile '/tmp/dhcp.leases'
+ option resolvfile '/tmp/resolv.conf.auto'
+ option nonwildcard '1'
+ option localservice '1'
config dhcp lan
- option interface lan
- option start 100
- option limit 150
- option leasetime 12h
+ option interface 'lan'
+ option start '100'
+ option limit '150'
+ option leasetime '12h'
+ option dhcpv6 'server'
+ option ra 'server'
+ option ra_slaac '1'
+ list ra_flags 'managed-config'
+ list ra_flags 'other-config'
config dhcp wan
- option interface wan
- option ignore 1
+ option interface 'wan'
+ option ignore '1'
+
+config odhcpd odhcpd
+ option maindhcp '0'
+ option leasefile '/tmp/hosts/odhcpd'
+ option leasetrigger '/usr/sbin/odhcpd-update'
+ option loglevel '4'
diff --git a/package/network/services/dnsmasq/files/dnsmasq.conf b/package/network/services/dnsmasq/files/dnsmasq.conf
index bf5816be56..e69de29bb2 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.conf
+++ b/package/network/services/dnsmasq/files/dnsmasq.conf
@@ -1,37 +0,0 @@
-# Change the following lines if you want dnsmasq to serve SRV
-# records.
-# You may add multiple srv-host lines.
-# The fields are <name>,<target>,<port>,<priority>,<weight>
-
-# A SRV record sending LDAP for the example.com domain to
-# ldapserver.example.com port 289
-#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
-
-# Two SRV records for LDAP, each with different priorities
-#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
-#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
-
-# A SRV record indicating that there is no LDAP server for the domain
-# example.com
-#srv-host=_ldap._tcp.example.com
-
-# The following line shows how to make dnsmasq serve an arbitrary PTR
-# record. This is useful for DNS-SD.
-# The fields are <name>,<target>
-#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
-
-# Change the following lines to enable dnsmasq to serve TXT records.
-# These are used for things like SPF and zeroconf.
-# The fields are <name>,<text>,<text>...
-
-#Example SPF.
-#txt-record=example.com,"v=spf1 a -all"
-
-#Example zeroconf
-#txt-record=_http._tcp.example.com,name=value,paper=A4
-
-# Provide an alias for a "local" DNS name. Note that this _only_ works
-# for targets which are names from DHCP or /etc/hosts. Give host
-# "bert" another name, bertrand
-# The fields are <cname>,<target>
-#cname=bertand,bert
diff --git a/package/network/services/dropbear/files/dropbear.config b/package/network/services/dropbear/files/dropbear.config
index 2139ba0bbe..c90eb5bbbf 100644
--- a/package/network/services/dropbear/files/dropbear.config
+++ b/package/network/services/dropbear/files/dropbear.config
@@ -1,5 +1,2 @@
config dropbear
- option PasswordAuth 'on'
- option RootPasswordAuth 'on'
- option Port '22'
-# option BannerFile '/etc/banner'
+ option Port '22'
diff --git a/package/network/utils/uqmi/files/lib/netifd/proto/qmi.sh b/package/network/utils/uqmi/files/lib/netifd/proto/qmi.sh
index 8cbe9e97e7..4aadd57813 100755
--- a/package/network/utils/uqmi/files/lib/netifd/proto/qmi.sh
+++ b/package/network/utils/uqmi/files/lib/netifd/proto/qmi.sh
@@ -19,6 +19,7 @@ proto_qmi_init_config() {
proto_config_add_string modes
proto_config_add_string pdptype
proto_config_add_int profile
+ proto_config_add_boolean dhcp
proto_config_add_boolean dhcpv6
proto_config_add_boolean autoconnect
proto_config_add_int plmn
@@ -31,13 +32,14 @@ proto_qmi_setup() {
local interface="$1"
local dataformat connstat
local device apn auth username password pincode delay modes pdptype
- local profile dhcpv6 autoconnect plmn timeout mtu $PROTO_DEFAULT_OPTIONS
- local ip4table ip6table
+ local profile dhcp dhcpv6 autoconnect plmn timeout mtu
+ local $PROTO_DEFAULT_OPTIONS ip4table ip6table
local cid_4 pdh_4 cid_6 pdh_6
+ local ip subnet gateway dns1 dns2
local ip_6 ip_prefix_length gateway_6 dns1_6 dns2_6
json_get_vars device apn auth username password pincode delay modes
- json_get_vars pdptype profile dhcpv6 autoconnect plmn ip4table
+ json_get_vars pdptype profile dhcp dhcpv6 autoconnect plmn ip4table
json_get_vars ip6table timeout mtu $PROTO_DEFAULT_OPTIONS
[ "$timeout" = "" ] && timeout="10"
@@ -353,15 +355,36 @@ proto_qmi_setup() {
}
[ -n "$pdh_4" ] && {
- json_init
- json_add_string name "${interface}_4"
- json_add_string ifname "@$interface"
- json_add_string proto "dhcp"
- [ -n "$ip4table" ] && json_add_string ip4table "$ip4table"
- proto_add_dynamic_defaults
- [ -n "$zone" ] && json_add_string zone "$zone"
- json_close_object
- ubus call network add_dynamic "$(json_dump)"
+ if [ "$dhcp" = 0 ]; then
+ json_load "$(uqmi -s -d $device --set-client-id wds,$cid_4 --get-current-settings)"
+ json_select ipv4
+ json_get_vars ip subnet gateway dns1 dns2
+
+ proto_init_update "$ifname" 1
+ proto_set_keep 1
+ proto_add_ipv4_address "$ip" "$subnet"
+ [ "$defaultroute" = 0 ] || proto_add_ipv4_route "0.0.0.0" 0 "$gateway"
+ [ "$peerdns" = 0 ] || {
+ proto_add_dns_server "$dns1"
+ proto_add_dns_server "$dns2"
+ }
+ [ -n "$zone" ] && {
+ proto_add_data
+ json_add_string zone "$zone"
+ proto_close_data
+ }
+ proto_send_update "$interface"
+ else
+ json_init
+ json_add_string name "${interface}_4"
+ json_add_string ifname "@$interface"
+ json_add_string proto "dhcp"
+ [ -n "$ip4table" ] && json_add_string ip4table "$ip4table"
+ proto_add_dynamic_defaults
+ [ -n "$zone" ] && json_add_string zone "$zone"
+ json_close_object
+ ubus call network add_dynamic "$(json_dump)"
+ fi
}
}
diff --git a/package/network/utils/uqmi/patches/999-flock.patch b/package/network/utils/uqmi/patches/999-flock.patch
new file mode 100644
index 0000000000..40070b7c8e
--- /dev/null
+++ b/package/network/utils/uqmi/patches/999-flock.patch
@@ -0,0 +1,22 @@
+diff --git a/dev.c b/dev.c
+index bd10207..d14255a 100644
+--- a/dev.c
++++ b/dev.c
+@@ -24,6 +24,7 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <string.h>
++#include <sys/file.h>
+ #include "uqmi.h"
+ #include "qmi-errors.h"
+ #include "qmi-errors.c"
+@@ -359,6 +360,9 @@ int qmi_device_open(struct qmi_dev *qmi, const char *path)
+ if (fd < 0)
+ return -1;
+
++ if (flock(fd, LOCK_EX) < 0)
++ return -1;
++
+ us->notify_read = qmi_notify_read;
+ ustream_fd_init(&qmi->sf, fd);
+ INIT_LIST_HEAD(&qmi->req);
diff --git a/package/utils/busybox/patches/999-usleep.patch b/package/utils/busybox/patches/999-usleep.patch
new file mode 100644
index 0000000000..7ae7c0196b
--- /dev/null
+++ b/package/utils/busybox/patches/999-usleep.patch
@@ -0,0 +1,40 @@
+--- a/shell/ash.c
++++ b/shell/ash.c
+@@ -9886,6 +9886,7 @@ static int trapcmd(int, char **) FAST_FUNC;
+ static int umaskcmd(int, char **) FAST_FUNC;
+ static int unsetcmd(int, char **) FAST_FUNC;
+ static int ulimitcmd(int, char **) FAST_FUNC;
++static int usleepcmd(int, char **) FAST_FUNC;
+
+ #define BUILTIN_NOSPEC "0"
+ #define BUILTIN_SPECIAL "1"
+@@ -9984,6 +9985,7 @@ static const struct builtincmd builtintab[] = {
+ { BUILTIN_REGULAR "unalias" , unaliascmd },
+ #endif
+ { BUILTIN_SPEC_REG "unset" , unsetcmd },
++ { BUILTIN_REGULAR "usleep" , usleepcmd },
+ { BUILTIN_REGULAR "wait" , waitcmd },
+ };
+
+@@ -14037,6 +14039,21 @@ ulimitcmd(int argc UNUSED_PARAM, char **argv)
+ return shell_builtin_ulimit(argv);
+ }
+
++static int FAST_FUNC
++usleepcmd(int argc UNUSED_PARAM, char **argv)
++{
++ unsigned i, t;
++ for (i = 1; argv[i]; i++) {
++ t = bb_strtou(argv[i], NULL, 10);
++ if (errno) {
++ bb_error_msg("invalid number '%s'", argv[i]);
++ return EXIT_FAILURE;
++ }
++ usleep(t);
++ }
++ return EXIT_SUCCESS;
++}
++
+ /* ============ main() and helpers */
+
+ /*
diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-eap120.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-eap120.c
index 130c7706a6..2e6cd73aab 100644
--- a/target/linux/ar71xx/files/arch/mips/ath79/mach-eap120.c
+++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-eap120.c
@@ -106,8 +106,8 @@ static void __init eap_setup(u8 *mac)
ath79_eth0_data.phy_if_mode = PHY_INTERFACE_MODE_RGMII;
ath79_eth0_data.phy_mask = BIT(EAP120_LAN_PHYADDR);
ath79_eth0_pll_data.pll_1000 = 0x0e000000;
- ath79_eth0_pll_data.pll_100 = 0x00000101;
- ath79_eth0_pll_data.pll_10 = 0x00001313;
+ ath79_eth0_pll_data.pll_100 = 0x08000101;
+ ath79_eth0_pll_data.pll_10 = 0x08001313;
ath79_register_eth(0);
}
diff --git a/feeds/packages/net/xl2tpd/Makefile b/feeds/packages/net/xl2tpd/Makefile
index 8dceb2292..77e3249a6 100644
--- a/feeds/packages/net/xl2tpd/Makefile
+++ b/feeds/packages/net/xl2tpd/Makefile
@@ -60,6 +60,8 @@ ifneq (0,0)
-DDEBUG_AUTH
endif
+MAKE_FLAGS += DFLAGS=-DTRUST_PPPD_TO_DIE
+
define Package/xl2tpd/conffiles
/etc/xl2tpd/xl2tpd.conf
/etc/xl2tpd/xl2tp-secrets
diff --git a/feeds/packages/net/xl2tpd/files/xl2tp-secrets b/feeds/packages/net/xl2tpd/files/xl2tp-secrets
index 0fb513f6f..e69de29bb 100644
--- a/feeds/packages/net/xl2tpd/files/xl2tp-secrets
+++ b/feeds/packages/net/xl2tpd/files/xl2tp-secrets
@@ -1,5 +0,0 @@
-# Secrets for authenticating l2tp tunnels
-# us them secret
-# * marko blah2
-# zeus marko blah
-# * * interop
diff --git a/feeds/packages/net/xl2tpd/files/xl2tpd.conf b/feeds/packages/net/xl2tpd/files/xl2tpd.conf
index 2423ff645..1201c834e 100644
--- a/feeds/packages/net/xl2tpd/files/xl2tpd.conf
+++ b/feeds/packages/net/xl2tpd/files/xl2tpd.conf
@@ -2,22 +2,3 @@
port = 1701
auth file = /etc/xl2tpd/xl2tp-secrets
access control = no
-
-;[lns default]
-;exclusive = yes
-;ip range = 192.168.254.202-192.168.254.210
-;lac = 10.0.1.2
-;hidden bit = no
-;local ip = 192.168.254.200
-;length bit = yes
-;refuse authentication = yes
-;name = VersaLink
-;ppp debug = yes
-;pppoptfile = /etc/ppp/options.xl2tpd
-
-;[lac left]
-;lns = 10.0.1.2
-;refuse authentication = yes
-;name = VersaLink
-;ppp debug = yes
-;pppoptfile = /etc/ppp/options.xl2tpd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment