Contains a bugfix for cake_mq. Also add 'ip' as a dependency to be able
to create multi-queue ifb devices.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
This plugin has not seen updates to keep it synchronised
with recent openvpn, nor any updates in the last several
years. It relies on the SHA1 algo which is deprecated,
and iptables. ovpn has its own management interface.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
https://github.com/openwrt/packages/pull/28533
openvpn needs a proto handler. Here it is.
Removed all of the up/down scripts from the init handler
and made those entirely optional (with some ucode examples).
The config options have been updated to reflect v 2.6/2.7,
with a 'd' flag to denote deprecated. Deprecated flags are
gated behind an 'allow_deprecated' config flag, which must
be on to use them. Some flags will cease to work in the next
version.
Users should not be using compression. Openvpn has enough
security holes and pitfalls already without using
compression.
Updated the example configs (left in place as legacy
documentation) and removed older cryptos which do not exist
in ovpn any longer.
A migration script is included -x. /etc/config/openvpn
entries become interface entries in /etc/config/network
with proto='openvpn'. The source config is retained.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
https://github.com/openwrt/packages/pull/28533
With fortify sources libutp fails to compile because the fortify sources
for musl use the GNU extension include_next. Do not fail when the
compiler issues a warning.
Fixes the following compile error:
```
In file included from libutp-2023.02.14~c95738b1/utp_utils.cpp:23:
/include/fortify/stdlib.h:22:2: error: #include_next is a GCC extension [-Werror]
22 | #include_next <stdlib.h>
| ^~~~~~~~~~~~
```
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The big endian patch was replace upstream.
This drops the last downstream patch and should serve as a test version
Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
Add opt-in support for waiting for dnsmasq to be fully initialized
before starting LXC containers. This addresses issues where containers
that depend on DNS resolution (e.g., AdGuardHome) start before dnsmasq
has loaded its DHCP lease table, resulting in hostnames not being
resolved to IP addresses.
The feature is controlled by two new optional UCI config options in
/etc/config/lxc-auto whose usage is commented therein.
No new depends are introduced with this change.
Signed-off-by: John Audia <therealgraysky@proton.me>
The log file path is hardcoded as $HOME/.local/state/btop.log, i.e. to the router’s flash storage rather than to tmpfs. This patch sets the log file path to /tmp/log/btop.log
Signed-off-by: XCas13 <xcas13@gmail.com>
- libmptcpd breaking changes: new deny_join_id0 parameter in connection interfaces
- subflow_closed interface has new error parameter
- add support for new 'laminar' in-kernel PM endpoint
- mptcpize now appends LD_PRELOAD instead of overriding
- mptcpize sets GODEBUG=multipathtcp=1 for Go applications
- add musl libc compatibility
-> allows removal of most downstream patches
- support ELL 0.72 API changes
- security: added recommendation against world-writeable plugin directories
Link: https://github.com/intel/mptcpd/releases/tag/v0.14
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
If the directory is missing, otbr-agent will fail to start, and it's not
immediately clear from the logs why:
netifd: Interface 'thread' is setting up now
: [NOTE]-AGENT---: Backbone interface: br-iot
otbr-agent[5682]: [NOTE]-AGENT---: Running 0.3.0
otbr-agent[5682]: [NOTE]-AGENT---: Thread version: 1.4.0
otbr-agent[5682]: [NOTE]-AGENT---: Thread interface: wpan0
otbr-agent[5682]: [NOTE]-AGENT---: Radio URL: spinel+hdlc_uart:///dev/ttyS1?uart-baudrate=921600
otbr-agent[5682]: [NOTE]-AGENT---: Radio URL: trel://br-iot
otbr-agent[5682]: [NOTE]-ILS-----: Infra link selected: br-iot
otbr-agent[5682]: [INFO]-RCP_HOS-: OpenThread log level changed to 4
otbr-agent[5682]: 49d.17:03:10.822 [I] P-SpinelDrive-: co-processor reset: RESET_POWER_ON
otbr-agent[5682]: 49d.17:03:10.822 [C] P-SpinelDrive-: Software reset co-processor successfully
otbr-agent[5682]: 49d.17:03:10.825 [C] Platform------: Init() at settings_file.cpp:65: No such file or directory
netifd: thread (5684): Command failed: Not found
netifd: Interface 'thread' is now down
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This update fixes incompatibility with python-msgpack 1.1.2.
Add missing dependency on python3-openssl and drop the optional
dependency on python-pyfuse3, which doesn't work with the current
version.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
* rework wlan scanning
- drop iw/ip - use ubus/iwinfo calls instead
- build a new, central wlan scan function (used in LuCI and during
* simplify uci config parsing
Signed-off-by: Dirk Brenken <dev@brenken.org>
Update modbus to version 3.1.12
https://github.com/stephane/libmodbus/releases/tag/v3.1.12
Fix FD_SET overflow when socket fd >= FD_SETSIZE.
Check dest pointer not null and nb in read functions.
NULL check for src and nb < 1 validation in write functions.
modbus_reply: don't compute address for FC 0x07/0x11.
Use O_NONBLOCK instead of deprecated O_NDELAY.
Explicit cast for Coverity CID 416366.
Document required buffer size of modbus_receive.
Document macros for error codes corresponding to Modbus exceptions.
Fix example of modbus_rtu_set_serial_mode.
Test filesystem provides symlink in autogen.sh.
Sync API signatures with the documentation.
Many documentation fixes and typo corrections.
Add coverage target and helper script.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Closes#28587
nginx: many module recursive dependencies
The solution turns out to be pretty trivial.
Replace the +nginx in the module DEPENDS.
This means the modules do not 'select' nginx, but the do 'depend on'
nginx. So nginx is required to install the modules.
This is the same approach taken with PHP8 and #28585 for Zabbix.
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
records
Problem:
When using Cloudflare with proxy enabled (orange cloud), DNS lookups
return Cloudflare's edge IP instead of the actual origin IP registered
in the dashboard. This causes ddns-scripts to incorrectly detect IP
mismatches, triggering unnecessary updates and potential rate limiting.
Solution:
Add an optional 'use_api_check' configuration option that enables
provider scripts to fetch the registered IP directly via their API,
bypassing DNS lookups.
Changes:
- dynamic_dns_functions.sh: Add API check block to get_registered_ip()
(~25 lines). When use_api_check is enabled, sources the provider
script with GET_REGISTERED_IP=1 flag. Falls back to DNS lookup if
API check is disabled, unsupported, or fails.
- update_cloudflare_com_v4.sh: Add handler for GET_REGISTERED_IP mode
(~15 lines). Reuses existing cURL setup and authentication to query
Cloudflare API for actual record content.
- etc/config/ddns: Document use_api_check option
Behavior:
- use_api_check=0 or unset: DNS lookup (existing behavior, no changes)
- use_api_check=1 with API support: API query for registered IP
- use_api_check=1 without API support: Falls back to DNS lookup
- API failure: Gracefully falls back to DNS lookup
Testing:
- Cloudflare (proxied): Correctly retrieves origin IP via API
- Cloudflare (non-proxied): Works correctly
- No-IP: DNS lookup works (no regression)
- IPv4 and IPv6 records tested
- API failure gracefully falls back to DNS
Signed-off-by: Wayne King 244781262+bdk38@users.noreply.github.com
