Commits · main · debwrt / netifd

11 Jan, 2021 1 commit

interface-ip: add unreachable route if address is offlink · c00c8335

Hans Dedecker authored Jan 09, 2021



In order to avoid a routing loop add an unreachable route for the
address prefix is the offlink flag is set for an address.
This fixes a routing loop which is currently present on point-to-point
links (e.g PPP) when the wan interface is assigned a globally unique
prefix (e.g. 2001:db8:1:0::/64) from which an IPv6 address is picked
and installed on the wan interface
(e.g. 2001:db8:1:0:5054:ff:feab:d87c/64)

The prefix route 2001:db8:1::/64 would be present in the routing table
which will route any packet with as destination 2001:db8:1::/64 to the wan
interface and would be routed back by the upstream router due to the
wan interface due to the assigned global unique prefix.
Besides not installing the prefix route 2001:db8:1::/64 on point-to-point links
adding an unreachable route is required to avoid the routing loop.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

c00c8335

09 Jan, 2021 1 commit
- interface-ip: coding style fixes · e71909c4
  Hans Dedecker authored Jan 09, 2021
```
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
```
  e71909c4
05 Jan, 2021 1 commit
- netifd: wireless: default to GCMP WPA cipher on 802.11ad · 0c834396
  Daniel Golle authored Jan 05, 2021
```
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
```
  0c834396
28 Dec, 2020 1 commit

wireless: add support for not killing processes on teardown · 39fb8c3e

Felix Fietkau authored Dec 28, 2020



When using a global hostapd/wpa_supplicant instance, it should not be killed
if a single radio is torn down

Signed-off-by: Felix Fietkau <nbd@nbd.name>

39fb8c3e

14 Dec, 2020 1 commit

netifd: fix a typo in vlandev hotplug support · 88c6003e

Felix Fietkau authored Dec 14, 2020



Need to check the type of the vlan device, not the underlying device

Signed-off-by: Felix Fietkau <nbd@nbd.name>

88c6003e

13 Dec, 2020 1 commit

netifd: add segment routing support · 458b1a7e

Nick Hainke authored Dec 12, 2020

seg6_enabled - Bool
  Accept or drop SR-enabled IPv6 packets on this interface.

More Information:
https://www.kernel.org/doc/html/latest/networking/seg6-sysctl.html



Now you can set as interface option
  option ip6segmentrouting '1'

It is not enough to turn on "seg6_enabled" on the interface. Further,
we have to enable "/all/seg6_enabled". This means that a working config
is "interface + all".

Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [style fixes]

458b1a7e

30 Nov, 2020 4 commits
- config: parse default mac address from board.json · 42c48866
  Felix Fietkau authored Nov 30, 2020
```
Example:
{
	"network-device": {
		"eth0": {
			"macaddr": "bc:a5:11:16:76:d7"
		}
	}
}

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  42c48866
- system-linux: move device settings handling to device.c · 52431027
  Felix Fietkau authored Nov 30, 2020
```
Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  52431027
- system-linux: simplify mask check in system_if_apply_settings · 14f0e8ff
  Felix Fietkau authored Nov 30, 2020
```
Mask flags against apply_mask only once instead of once per field

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  14f0e8ff
- system-dummy: print configured mac address · 574dc4a1
  Felix Fietkau authored Nov 30, 2020
```
Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  574dc4a1
26 Nov, 2020 2 commits

vlandev: support bridge-vlan aliases in the vid config parameter · e0c838bd

Felix Fietkau authored Nov 26, 2020

This can be used to generate default network configurations that define
the lan/wan interfaces as vlandevs with custom names and specify the actual
VLAN ID only in the bridge-vlan section without repeating it elsewhere

Signed-off-by: Felix Fietkau <nbd@nbd.name>

e0c838bd

vlandev: dump vlan id in device status · d6bd1047
Felix Fietkau authored Nov 26, 2020
```
Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
d6bd1047

23 Nov, 2020 2 commits

system-linux: add retry for adding member devices to a bridge · 3abe1fc8

Felix Fietkau authored Nov 23, 2020



When netifd tries to add bridge members brought up by hostapd asynchronously
(e.g. after an autochannel run), the first try often fails with EBUSY or
EAGAIN, since it's racing against hostapd's own setup.
Add retry logic, which includes checking if the device was added to the
bridge in the meantime to deal with this issue

Signed-off-by: Felix Fietkau <nbd@nbd.name>

3abe1fc8

system-linux: implement full device present state management for force-external devices · 213748a9

Felix Fietkau authored Nov 23, 2020



We need to detect when devices are present, because they can be created
asynchronously by hostapd after they have already been added by the wifi
setup script

Signed-off-by: Felix Fietkau <nbd@nbd.name>

213748a9

20 Nov, 2020 2 commits

bridge-vlan: add support for defining aliases for vlan ids · 4544f026

Felix Fietkau authored Nov 20, 2020



When defining a bridge-vlan like this:

config bridge-vlan
	option device 'switch0'
	option vlan '1'
	option ports 'lan1 lan2 lan3 lan4'
	option alias 'lan'

You can use switch0.lan instead of switch0.1 to refer to the VLAN.
This ensures that the VLAN ID can be kept in a single place in the config

Signed-off-by: Felix Fietkau <nbd@nbd.name>

4544f026

interface: do not force link-ext hotplug interfaces to present by default · 5e18d5b9

Felix Fietkau authored Nov 20, 2020



On wireless interfaces, hostapd can sometimes defer the bringup of secondary
virtual interfaces until autochannel or coex scan completes.
Do not force the present state in that case in order to avoid attempting
to bring up the device before it is ready

Signed-off-by: Felix Fietkau <nbd@nbd.name>

5e18d5b9

18 Nov, 2020 2 commits

config: initialize bridge and bridge vlans before other devices · c1c27289

Felix Fietkau authored Nov 18, 2020



This allows vlan devices to access bridge vlan data safely, regardless
of the order in which sections appear in the config

Signed-off-by: Felix Fietkau <nbd@nbd.name>

c1c27289

wireless: fix passing bridge name for vlan hotplug pass-through · 351d690f

Felix Fietkau authored Nov 18, 2020



When preparing the interface for hotplug add, pass the bridge
device back to the caller, since it may not match the original device

Signed-off-by: Felix Fietkau <nbd@nbd.name>

351d690f

13 Nov, 2020 1 commit

system-linux: only overwrite dev->present state on check_state for simple devices · 4a411357

Felix Fietkau authored Nov 13, 2020

After settting config_pending for vlan devices, a check_state call from
device_init_pending was leading to the vlan device present state being
overwritten because the linux device didn't exist yet, even though the
vlan code had already indicated its present state based on the lower dev.

Signed-off-by: Felix Fietkau <nbd@nbd.name>

4a411357

05 Nov, 2020 4 commits

bridge: only overwrite implicit vlan assignment if vlans are configured · ed11f0c0

Felix Fietkau authored Nov 05, 2020



When VLAN filtering is enabled, but no vlans are defined, the implicit
VLANs should stay, so that forwarding between ports still works.
This is useful for setups where VLANs are assigned by external scripts
instead of being configured via netifd

Signed-off-by: Felix Fietkau <nbd@nbd.name>

ed11f0c0

system-dummy: set present state only for simple devices · 3a2b2100
Felix Fietkau authored Nov 05, 2020
```
Fixes an issue with bringing up VLANs/bridges too early

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
3a2b2100

bridge: fix use-after-free bug on bridge member free · d1e8884f

Felix Fietkau authored Nov 04, 2020

When removing the device reference, the core might free the device.
Use device_lock/unlock to keep the reference valid until it is no longer needed

Signed-off-by: Felix Fietkau <nbd@nbd.name>

d1e8884f

bridge: preserve hotplug ports on vlan update if config is unchanged · a56e14af
Felix Fietkau authored Nov 04, 2020
```
Fixes cleanup of port state

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
a56e14af

28 Oct, 2020 4 commits
- bridge: show vlans in device status · dd5e6115
  Felix Fietkau authored Oct 28, 2020
```
List vlans with member ports, VLAN IDs and flags

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  dd5e6115
- vlandev: add pass-through hotplug ops that pass the VLAN info to the bridge · d59f3ddc
  Felix Fietkau authored Aug 07, 2020
```
Only used for 802.1q devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  d59f3ddc
- vlan: add pass-through hotplug ops that pass the VLAN info to the bridge · a3016c45
  Felix Fietkau authored Aug 07, 2020
```
Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  a3016c45
- bridge: add support for defining port member vlans via hotplug ops · 3023b0cc
  Felix Fietkau authored Aug 07, 2020
```
Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  3023b0cc
22 Oct, 2020 4 commits

interface: proto_ip: order by address index first · 24ce1eab

Yousong Zhou authored Oct 20, 2020



At the moment, dnsmasq initscript generates dhcp-range for an interface
by inspecting first address of that interface from netifd ubus output.

Order by address index as specified in the uci config makes netifd ubus
output consistent with linux network interfaces' primary/secondary
address settings.  More importantly, the ubus output and dnsmasq config
generation will be more predictable.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>

24ce1eab

device_addr: record address index as in the blob · 3d7bf604

Yousong Zhou authored Oct 21, 2020



Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>

3d7bf604

proto: rework parse_addr to return struct device_addr · 5722218e

Yousong Zhou authored Oct 14, 2020



This is a preparation for the next commit to record address index for
the returned device_addr struct

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>

5722218e

build: find and use libnl header dirs · ced0d535

Yousong Zhou authored Oct 14, 2020



Name of the libnl .pc file is libnl-3.0.pc

This commit is mainly for testing netifd build on usual Linux systems.

netifd Makefile in current OpenWrt build system specifies custom cmake
flags to directly point to libnl-tiny

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

ced0d535

10 Oct, 2020 1 commit
- system-linux: initialize ifreq struct before using it · 64ff9093
  Alin Nastac authored Oct 08, 2020
```
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
```
  64ff9093
12 Sep, 2020 4 commits

netifd: vxlan: add aging and maxaddress options · 55a7b6b7

Johannes Kimmel authored Sep 04, 2020



For both options the values can just be passed to the kernel. All
unsigned values are accepted, thus no range checking required.

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>

55a7b6b7

netifd: vxlan: add most missing boolean options · 11223f55

Johannes Kimmel authored Sep 04, 2020



adds the folloing missing options:
  - learning
  - rsc
  - proxy
  - l2miss
  - l3miss
  - gbp

See ip-link(3) for their meaning.

still missing:
  - external
  - gpe

I'm not sure how to handle them at the moment. It's unclear to me what
IFLA_VXLAN_* value corresponds to the 'external' option and according to
the manpage, gpe depends on it.

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>

11223f55

netifd: vxlan: refactor mapping of boolean attrs · 226566b9

Johannes Kimmel authored Sep 04, 2020



Add a small function to handle boolean options and make use of it to handle:
  - rxcsum
  - txcsum

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>

226566b9

netifd: vxlan: handle srcport range · a3c033e2

Johannes Kimmel authored Sep 04, 2020



This adds adds the ability to set the source port range for vxlan
interfaces.

By default vxlans will use a random port within the ephermal range as
source ports for packets. This is done to aid scaleability within a
datacenter.

But with these defaults it's impossible to punch through NATs or
traverese most stateful firewalls easily. One solution is to fix the
srcport to the same as dstport.

If only srcportmin is specified, then srcportmax is set in a way that
outgoing packets will only use srcportmin.

If a range is to be specified, srcportmin and srcportmax have to be
specified. srcportmax is exclusive.

If only srcportmax is specified, the value is ignored and defaults are
used.

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>

a3c033e2

08 Sep, 2020 1 commit

netifd-wireless: parse 'osen' encryption · d7b614a8

Daniel Golle authored Sep 08, 2020



Support Hotspot 2.0 online signup with encryption, either as only
encryption type of a dedicated SSID or together with WPA-EAP for
single SSID setups.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

d7b614a8

10 Aug, 2020 1 commit

interface-ip: clear host bits of the device prefix · 645ceed0

Hans Dedecker authored Aug 09, 2020



Clear the host bits of the device prefix in
interface_ip_add_device_prefix as interface_set_prefix_address just ORs
the calculated assignment part which would lead to an invalid IPv6
address if the host bits are not masked out

Suggested-by: Daniel Gröber <dxld@darkboxed.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

645ceed0

07 Aug, 2020 1 commit
- bridge: flush vlan list on bridge free · e32e21e8
  Felix Fietkau authored Aug 07, 2020
```
Fixes a potential memory leak

Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
  e32e21e8
27 Jul, 2020 1 commit

device: look up full device name before traversing vlan chain · ac0710b7

Felix Fietkau authored Jul 27, 2020



The user may have configured a VLAN device with explicit settings and the same
name by adding a config device section

Signed-off-by: Felix Fietkau <nbd@nbd.name>

ac0710b7