fwknop: Use sensible defaults.
if [ -f "$TEST_SCRIPT" ]; then
echo "Use package specific test.sh"
if sh "$TEST_SCRIPT" "$PKG_NAME" "$PKG_VERSION"; then
- echo "Test successfull"
+ echo "Test succesful"
else
echo "Test failed"
exit 1
PACKAGES="${PACKAGES:-vim tmux bmon}"
echo "Building $PACKAGES"
- echo "::set-env name=PACKAGES::$PACKAGES"
+ echo "PACKAGES=$PACKAGES" >> $GITHUB_ENV
- name: Build
uses: openwrt/gh-action-sdk@v1
include $(TOPDIR)/rules.mk
PKG_NAME:=muninlite
-PKG_VERSION:=2.1.0
+PKG_VERSION:=2.1.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/munin-monitoring/$(PKG_NAME)/releases/download/$(PKG_VERSION)/
-PKG_HASH:=e9350eccb97b75fab6a7f8cc5a0cbe1237be9ae907bd41cec8baedf616c2d72b
+PKG_HASH:=427295fe29ac9a7d99d31aa98f3d5dfd382b7e131d0e1193899d54487ca589af
PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=netdata
-PKG_VERSION:=1.23.2
+PKG_VERSION:=1.26.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>, Daniel Engberg <daniel.engberg.lists@pyret.net>
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/netdata/netdata/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=b6dd13292e0b1fb4137b1f7c0dc3d7c5e8a1bf408b82c2b8394f3751800e0eb5
+PKG_HASH:=be32d49381da39196574011653ea863f2064a2168bc9b61a1354171b27ce370b
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
--with-math \
--disable-x86-sse \
--enable-lto \
+ --disable-ebpf \
--without-libcap \
--disable-https \
--disable-dbengine \
--- /dev/null
+From bb405e3c274ca8860c974a720071d346b16c8462 Mon Sep 17 00:00:00 2001
+From: Tomas Kopal <Tomas.Kopal@eccam.com>
+Date: Tue, 6 Oct 2020 13:38:08 +0200
+Subject: [PATCH] Don't check for ebpf dependencies if ebpf is disabled.
+
+---
+ configure.ac | 56 +++++++++++++++++++++++++++-------------------------
+ 1 file changed, 29 insertions(+), 27 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 57f6c0b1cb3a..5f13b4feb0d1 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -989,36 +989,38 @@ AM_CONDITIONAL([ENABLE_PLUGIN_PERF], [test "${enable_plugin_perf}" = "yes"])
+ # -----------------------------------------------------------------------------
+ # ebpf.plugin
+
+-PKG_CHECK_MODULES(
+- [LIBELF],
+- [libelf],
+- [have_libelf=yes],
+- [have_libelf=no]
+-)
++if test "${build_target}" = "linux" -a "${enable_ebpf}" != "no"; then
++ PKG_CHECK_MODULES(
++ [LIBELF],
++ [libelf],
++ [have_libelf=yes],
++ [have_libelf=no]
++ )
+
+-AC_CHECK_TYPE(
+- [struct bpf_prog_info],
+- [have_bpf=yes],
+- [have_bpf=no],
+- [#include <linux/bpf.h>]
+-)
++ AC_CHECK_TYPE(
++ [struct bpf_prog_info],
++ [have_bpf=yes],
++ [have_bpf=no],
++ [#include <linux/bpf.h>]
++ )
+
+-AC_CHECK_FILE(
+- externaldeps/libbpf/libbpf.a,
+- [have_libbpf=yes],
+- [have_libbpf=no]
+-)
++ AC_CHECK_FILE(
++ externaldeps/libbpf/libbpf.a,
++ [have_libbpf=yes],
++ [have_libbpf=no]
++ )
+
+-AC_MSG_CHECKING([if ebpf.plugin should be enabled])
+-if test "${build_target}" = "linux" -a \
+- "${enable_ebpf}" != "no" -a \
+- "${have_libelf}" = "yes" -a \
+- "${have_bpf}" = "yes" -a \
+- "${have_libbpf}" = "yes"; then
+- OPTIONAL_BPF_CFLAGS="${LIBELF_CFLAGS} -I externaldeps/libbpf/include"
+- OPTIONAL_BPF_LIBS="externaldeps/libbpf/libbpf.a ${LIBELF_LIBS}"
+- AC_DEFINE([HAVE_LIBBPF], [1], [libbpf usability])
+- enable_ebpf="yes"
++ AC_MSG_CHECKING([if ebpf.plugin should be enabled])
++ if test "${have_libelf}" = "yes" -a \
++ "${have_bpf}" = "yes" -a \
++ "${have_libbpf}" = "yes"; then
++ OPTIONAL_BPF_CFLAGS="${LIBELF_CFLAGS} -I externaldeps/libbpf/include"
++ OPTIONAL_BPF_LIBS="externaldeps/libbpf/libbpf.a ${LIBELF_LIBS}"
++ AC_DEFINE([HAVE_LIBBPF], [1], [libbpf usability])
++ enable_ebpf="yes"
++ else
++ enable_ebpf="no"
++ fi
+ else
+ enable_ebpf="no"
+ fi
--- /dev/null
+#!/bin/sh
+
+netdata -version 2>&1 | grep "$2"
include $(TOPDIR)/rules.mk
PKG_NAME:=ksmbd
-PKG_VERSION:=3.2.4
+PKG_VERSION:=3.2.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/cifsd-team/cifsd/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=a7beeb0e804b361adf2b79dcd98ccf4b92b2c1fa8a65a39dd4fbb63479cdf7cd
+PKG_HASH:=b93a068f6dc2b2040c8cebcb67f6d8c3a1c5c7c5032269a48579ccba996e6be7
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
# General build info
-GO_BUILD_CACHE_DIR:=$(or $(call qstrip,$(CONFIG_GOLANG_BUILD_CACHE_DIR)),$(TOPDIR)/.go-build)
+GO_BUILD_CACHE_DIR:=$(or $(call qstrip,$(CONFIG_GOLANG_BUILD_CACHE_DIR)),$(TMP_DIR)/go-build)
GO_MOD_CACHE_DIR:=$(DL_DIR)/go-mod-cache
GO_MOD_ARGS= \
GO_MOD_ARGS="$(GO_MOD_ARGS)"
define Go/CacheCleanup
- $(GENERAL_BUILD_CONFIG_VARS) \
+ $(GO_GENERAL_BUILD_CONFIG_VARS) \
$(SHELL) $(GO_INCLUDE_DIR)/golang-build.sh cache_cleanup
endef
default ""
help
Store the Go build cache in this directory.
- If not set, uses './.go-build'.
+ If not set, uses '$(TMP_DIR)/go-build'.
config GOLANG_MOD_CACHE_WORLD_READABLE
bool "Ensure Go module cache is world-readable"
include $(TOPDIR)/rules.mk
GO_VERSION_MAJOR_MINOR:=1.15
-GO_VERSION_PATCH:=2
+GO_VERSION_PATCH:=3
PKG_NAME:=golang
PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d
+PKG_HASH:=896a602570e54c8cdfc2c1348abd4ffd1016758d0bd086ccd9787dbfc9b64888
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=BSD-3-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=7.4.11
+PKG_VERSION:=7.4.12
PKG_RELEASE:=1
PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_HASH:=5d31675a9b9c21b5bd03389418218c30b26558246870caba8eb54f5856e2d6ce
+PKG_HASH:=e82d2bcead05255f6b7d2ff4e2561bc334204955820cabc2457b5239fde96b76
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
include ../python3-package.mk
define Package/gunicorn/Default
- SUBMENU:=Python
- SECTION:=lang
- CATEGORY:=Languages
+ SUBMENU:=Web Servers/Proxies
+ SECTION:=net
+ CATEGORY:=Network
TITLE:=WSGI HTTP Server for UNIX
URL:=https://gunicorn.org
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=pillow
-PKG_VERSION:=7.2.0
+PKG_VERSION:=8.0.0
PKG_RELEASE:=1
PYPI_NAME:=Pillow
-PKG_HASH:=97f9e7953a77d5a70f49b9a48da7776dc51e9b738151b22dacf101641594a626
+PKG_HASH:=59304c67d12394815331eda95ec892bf54ad95e0aa7bc1ccd8e0a4a5a25d4bf3
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
PKG_LICENSE:=HPND
include $(TOPDIR)/rules.mk
PKG_NAME:=python-appdirs
-PKG_VERSION:=1.4.3
-PKG_RELEASE:=3
+PKG_VERSION:=1.4.4
+PKG_RELEASE:=1
PKG_MAINTAINER:=Karel Kočí <cynerd@email.cz>
PYPI_NAME:=appdirs
-PKG_HASH:=9e5896d1372858f8dd3344faf4e5014d21849c756c8d5701f78f8a103b372d92
+PKG_HASH:=7d5d0167b2b1ba821647616af46a749d1c653740dd0d2415100fe26e27afdf41
PKG_LICENSE:=MIT
include ../pypi.mk
--- /dev/null
+#
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-babel
+PKG_VERSION:=2.8.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=Babel
+PKG_HASH:=1aac2ae2d0d8ea368fa90906567f5c08463d98ade155c0c4bfedd6a0f7160e38
+
+PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-babel
+ SUBMENU:=Python
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=Internationalization utilities
+ URL:=https://babel.pocoo.org/en/latest/
+ DEPENDS:= \
+ +python3-cgi \
+ +python3-decimal \
+ +python3-distutils \
+ +python3-email \
+ +python3-light \
+ +python3-pytz \
+ +python3-urllib
+endef
+
+define Package/python3-babel/description
+ Babel is an integrated collection of utilities that assist in
+ internationalizing and localizing Python applications
+ with an emphasis on web-based applications.
+endef
+
+$(eval $(call Py3Package,python3-babel))
+$(eval $(call BuildPackage,python3-babel))
+$(eval $(call BuildPackage,python3-babel-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-cached-property
-PKG_VERSION:=1.5.1
-PKG_RELEASE:=2
+PKG_VERSION:=1.5.2
+PKG_RELEASE:=1
PYPI_NAME:=cached-property
-PKG_HASH:=9217a59f14a5682da7c4b8829deadbfc194ac22e9908ccf7c8820234e80a1504
+PKG_HASH:=9fa5755838eecbb2d234c3aa390bd80fbd3ac6b6869109bfc1b499f7bd89a130
PKG_MAINTAINER:=Javier Marcet <javier@marcet.info>
PKG_LICENSE:=BSD-3-Clause
SUBMENU:=Python
TITLE:=Fast ISO8601 date time parser for Python written in C
URL:=https://github.com/closeio/ciso8601
- DEPENDS:= \
- +python3-light
+ DEPENDS:=+python3-light
endef
define Package/python3-ciso8601/description
$(eval $(call Py3Package,python3-ciso8601))
$(eval $(call BuildPackage,python3-ciso8601))
-$(eval $(call BuildPackage,python3-ciso8601))
+$(eval $(call BuildPackage,python3-ciso8601-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-contextlib2
-PKG_VERSION:=0.5.5
-PKG_RELEASE:=2
+PKG_VERSION:=0.6.0.post1
+PKG_RELEASE:=1
PKG_MAINTAINER:=Karel Kočí <cynerd@email.cz>
PYPI_NAME:=contextlib2
-PKG_HASH:=509f9419ee91cdd00ba34443217d5ca51f5a364a404e1dce9e8979cea969ca48
+PKG_HASH:=01f490098c18b19d2bd5bb5dc445b2054d2fa97f09a4280ba2c5f3c394c8162e
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-dotenv
-PKG_VERSION:=0.13.0
-PKG_RELEASE:=3
+PKG_VERSION:=0.15.0
+PKG_RELEASE:=1
PYPI_NAME:=python-dotenv
-PKG_HASH:=3b9909bc96b0edc6b01586e1eed05e71174ef4e04c71da5786370cebea53ad74
+PKG_HASH:=587825ed60b1711daea4832cf37524dfd404325b7db5e25ebe88c495c9f807a0
PKG_MAINTAINER:=Javier Marcet <javier@marcet.info>
PKG_LICENSE:=BSD-3-Clause
--- /dev/null
+#
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-flask-babel
+PKG_VERSION:=2.0.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=Flask-Babel
+PKG_HASH:=f9faf45cdb2e1a32ea2ec14403587d4295108f35017a7821a2b1acb8cfd9257d
+
+PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-flask-babel
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=Flask Babel
+ URL:=https://github.com/python-babel/flask-babel
+ DEPENDS:= \
+ +python3-light \
+ +python3-flask \
+ +python3-babel \
+ +python3-jinja2 \
+ +python3-pytz
+endef
+
+define Package/python3-flask-babel/description
+ Implements i18n and l10n support for Flask.
+endef
+
+$(eval $(call Py3Package,python3-flask-babel))
+$(eval $(call BuildPackage,python3-flask-babel))
+$(eval $(call BuildPackage,python3-flask-babel-src))
--- /dev/null
+#
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-flask-seasurf
+PKG_VERSION:=0.2.2
+PKG_RELEASE:=1
+
+PYPI_NAME:=Flask-SeaSurf
+PKG_HASH:=c57918c17e9afd988bdc30d8dcb7bfb833741dee38b06c1bbd17821d6fa2b6cf
+
+PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-flask-seasurf
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=Flask SeaSurf
+ URL:=https://flask-seasurf.readthedocs.io/en/latest/
+ DEPENDS:= \
+ +python3-flask \
+ +python3-light \
+ +python3-urllib
+endef
+
+define Package/python3-flask-seasurf/description
+ SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).
+endef
+
+$(eval $(call Py3Package,python3-flask-seasurf))
+$(eval $(call BuildPackage,python3-flask-seasurf))
+$(eval $(call BuildPackage,python3-flask-seasurf-src))
--- /dev/null
+#
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-flask-session
+PKG_VERSION:=0.3.2
+PKG_RELEASE:=1
+
+PYPI_NAME:=Flask-Session
+PKG_HASH:=0768e2bbf06f963ec1aa711bde7aa32dc39ff70f89b495d6db687d899eae4423
+
+PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-flask-session
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=Flask Session
+ URL:=https://github.com/fengsp/flask-session
+ DEPENDS:= \
+ +python3-cachelib \
+ +python3-flask \
+ +python3-light
+endef
+
+define Package/python3-flask-session/description
+ Adds server-side session support to your Flask application.
+endef
+
+$(eval $(call Py3Package,python3-flask-session))
+$(eval $(call BuildPackage,python3-flask-session))
+$(eval $(call BuildPackage,python3-flask-session-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-influxdb
-PKG_VERSION:=5.2.2
-PKG_RELEASE:=2
+PKG_VERSION:=5.3.0
+PKG_RELEASE:=1
PKG_MAINTAINER:=Karel Kočí <cynerd@email.cz>
PYPI_NAME:=influxdb
-PKG_HASH:=afeff28953a91b4ea1aebf9b5b8258a4488d0e49e2471db15ea43fd2c8533143
+PKG_HASH:=9bcaafd57ac152b9824ab12ed19f204206ef5df8af68404770554c5b55b475f6
+
PKG_LICENSE:=MIT
include ../pypi.mk
SUBMENU:=Python
URL:=https://github.com/influxdb/influxdb-python
TITLE:=python3-influxdb
- DEPENDS:=+python3-requests +python3-pytz +python3-six +python3-dateutil
+ DEPENDS:=\
+ +python3-requests \
+ +python3-pytz \
+ +python3-six \
+ +python3-dateutil \
+ +python3-msgpack
endef
define Package/python3-influxdb/description
include $(TOPDIR)/rules.mk
PKG_NAME:=python-iniconfig
-PKG_VERSION:=1.0.1
-PKG_RELEASE:=2
+PKG_VERSION:=1.1.1
+PKG_RELEASE:=1
PYPI_NAME:=iniconfig
-PKG_HASH:=e5f92f89355a67de0595932a6c6c02ab4afddc6fcdc0bfc5becd0d60884d3f69
+PKG_HASH:=bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=MIT
PKG_NAME:=python-intelhex
PKG_VERSION:=2.2.1
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PYPI_NAME:=IntelHex
PYPI_SOURCE_NAME:=intelhex
--- /dev/null
+From 4125dce5b174401d38cc0fcf9d2e1aad07997f5e Mon Sep 17 00:00:00 2001
+From: fernandez85 <fernandez2005@gmail.com>
+Date: Sun, 11 Oct 2020 12:39:06 +0200
+Subject: [PATCH] Fix Python 3.9 compatibility issue with 'array' module
+
+---
+ intelhex/compat.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/intelhex/compat.py b/intelhex/compat.py
+index 194cd5d..2a6bee6 100644
+--- a/intelhex/compat.py
++++ b/intelhex/compat.py
+@@ -57,7 +57,8 @@ if sys.version_info[0] >= 3:
+ return s
+ return s.decode('latin1')
+
+- array_tobytes = getattr(array.array, "tobytes", array.array.tostring)
++ # for python >= 3.2 use 'tobytes', otherwise 'tostring'
++ array_tobytes = array.array.tobytes if sys.version_info[1] >= 2 else array.array.tostring
+
+ IntTypes = (int,)
+ StrType = str
+--
+2.28.0
+
include $(TOPDIR)/rules.mk
PKG_NAME:=python-jsonpath-ng
-PKG_VERSION:=1.4.3
-PKG_RELEASE:=2
+PKG_VERSION:=1.5.2
+PKG_RELEASE:=1
PKG_MAINTAINER:=Karel Kočí <cynerd@email.cz>
PYPI_NAME:=jsonpath-ng
-PKG_HASH:=b1fc75b877e9b2f46845a455fbdcfb0f0d9c727c45c19a745d02db620a9ef0be
+PKG_HASH:=144d91379be14d9019f51973bd647719c877bfc07dc6f3f5068895765950c69d
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-lxml
-PKG_VERSION:=4.5.2
+PKG_VERSION:=4.6.1
PKG_RELEASE:=1
PYPI_NAME:=lxml
-PKG_HASH:=cdc13a1682b2a6241080745b1953719e7fe0850b40a5c71ca574f090a1391df6
+PKG_HASH:=c152b2e93b639d1f36ec5a8ca24cde4a8eefb2b6b83668fcd8e83a67badcb367
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSES.txt
--- /dev/null
+#
+# Copyright (C) 2017-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-msgpack
+PKG_VERSION:=1.0.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=msgpack
+PKG_HASH:=9534d5cc480d4aff720233411a1f765be90885750b07df772380b34c10ecb5c0
+
+PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
+PKG_LICENSE:=Apache-2.0
+PKG_LICENSE_FILES:=COPYING
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-msgpack
+ SUBMENU:=Python
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=MessagePack (de)serializer
+ URL:=https://msgpack.org/
+ DEPENDS:=+python3-light +libstdcpp
+endef
+
+define Package/python3-msgpack/description
+ MessagePack is an efficient binary serialization format.
+ It lets you exchange data among multiple languages like JSON.
+endef
+
+$(eval $(call Py3Package,python3-msgpack))
+$(eval $(call BuildPackage,python3-msgpack))
+$(eval $(call BuildPackage,python3-msgpack-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-psutil
-PKG_VERSION:=5.7.2
-PKG_RELEASE:=2
+PKG_VERSION:=5.7.3
+PKG_RELEASE:=1
PYPI_NAME:=psutil
-PKG_HASH:=90990af1c3c67195c44c9a889184f84f5b2320dce3ee3acbd054e3ba0b4a7beb
+PKG_HASH:=af73f7bcebdc538eda9cc81d19db1db7bf26f103f91081d780bbacfcb620dee2
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=BSD 3-Clause
--- /dev/null
+#
+# Copyright (C) 2020 CZ.NIC z.s.p.o. (https://www.nic.cz/)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-tornado
+PKG_VERSION:=6.0.4
+PKG_RELEASE:=1
+
+PYPI_NAME:=tornado
+PKG_HASH:=0fe2d45ba43b00a41cd73f8be321a44936dc1aba233dee979f17a042b83eb6dc
+
+PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
+PKG_LICENSE:=Apache-2.0
+PKG_LICENSE_FILES:=LICENSE
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-tornado
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=Web framework and asynchronous networking library
+ URL:=https://tornadoweb.org
+ DEPENDS:= \
+ +python3-asyncio \
+ +python3-codecs \
+ +python3-email \
+ +python3-light \
+ +python3-logging \
+ +python3-multiprocessing \
+ +python3-openssl \
+ +python3-unittest \
+ +python3-urllib
+endef
+
+define Package/python3-tornado/description
+ Tornado is a Python web framework and asynchronous networking library,
+ originally developed at FriendFeed. By using non-blocking network I/O,
+ Tornado can scale to tens of thousands of open connections, making it
+ ideal for long polling, WebSockets, and other applications that require
+ a long-lived connection to each user.
+endef
+
+$(eval $(call Py3Package,python3-tornado))
+$(eval $(call BuildPackage,python3-tornado))
+$(eval $(call BuildPackage,python3-tornado-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-zipp
-PKG_VERSION:=3.3.0
+PKG_VERSION:=3.4.0
PKG_RELEASE:=1
PYPI_NAME:=zipp
-PKG_HASH:=64ad89efee774d1897a58607895d80789c59778ea02185dd846ac38394a8642b
+PKG_HASH:=ed5eee1974372595f9e416cc7bbeeb12335201d8081ca8a0743c954d4446e5cb
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=asgiref
-PKG_VERSION:=3.2.10
+PKG_VERSION:=3.3.0
PKG_RELEASE:=1
PYPI_NAME:=asgiref
-PKG_HASH:=7e51911ee147dd685c3c8b805c0ad0cb58d360987b56953878f8c06d2d1c6f1a
+PKG_HASH:=cd88907ecaec59d78e4ac00ea665b03e571cb37e3a0e37b3702af1a9e86c365a
PKG_MAINTAINER:=Peter Stadler <peter.stadler@student.uibk.ac.at>
PKG_LICENSE:=BSD-3-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=django-cors-headers
-PKG_VERSION:=3.4.0
+PKG_VERSION:=3.5.0
PKG_RELEASE:=1
PYPI_NAME:=django-cors-headers
-PKG_HASH:=f5218f2f0bb1210563ff87687afbf10786e080d8494a248e705507ebd92d7153
+PKG_HASH:=db82b2840f667d47872ae3e4a4e0a0d72fbecb42779b8aa233fa8bb965f7836a
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=django-etesync-journal
-PKG_VERSION:=1.2.0
-PKG_RELEASE:=3
+PKG_VERSION:=1.2.2
+PKG_RELEASE:=1
PYPI_NAME:=django-etesync-journal
-PKG_HASH:=1b481f592217186482be9faee686f0c132790db4177deb1f5152b73e99ac6338
+PKG_HASH:=1b10a6bca45078bff9b78da3757ba118ecae8f0cc1d9db278bd96eab85f594db
PKG_LICENSE:=AGPL-3.0-only
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=drf-nested-routers
-PKG_VERSION:=0.91
-PKG_RELEASE:=3
+PKG_VERSION:=0.92.1
+PKG_RELEASE:=1
PYPI_NAME:=drf-nested-routers
-PKG_HASH:=46e5c3abc15c782cafafd7d75028e8f9121bbc6228e3599bbb48a3daa4585034
+PKG_HASH:=e043fc937f94ac462a92d2d9fc9a7e55710a67164b558442adfe9634fc519c3b
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=maxminddb
-PKG_VERSION:=2.0.2
+PKG_VERSION:=2.0.3
PKG_RELEASE:=1
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=b95d8ed21799e6604683669c7ed3c6a184fcd92434d5762dccdb139b4f29e597
+PKG_HASH:=47e86a084dd814fac88c99ea34ba3278a74bc9de5a25f4b815b608798747c7dc
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=Apache-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=sqlparse
-PKG_VERSION:=0.3.1
-PKG_RELEASE:=2
+PKG_VERSION:=0.4.1
+PKG_RELEASE:=1
PYPI_NAME:=sqlparse
-PKG_HASH:=e162203737712307dfe78860cc56c8da8a852ab2ee33750e33aeadf38d12c548
+PKG_HASH:=0f91fd2e829c44362cbcfab3e9ae12e22badaa8a29ad5ff599f9ec109f0454e8
PKG_MAINTAINER:=Peter Stadler <peter.stadler@student.uibk.ac.at>
PKG_LICENSE:=BSD-3-Clause
# Note: keep in sync with setuptools & pip
PYTHON3_VERSION_MAJOR:=3
-PYTHON3_VERSION_MINOR:=8
-PYTHON3_VERSION_MICRO:=5
+PYTHON3_VERSION_MINOR:=9
+PYTHON3_VERSION_MICRO:=0
PYTHON3_VERSION:=$(PYTHON3_VERSION_MAJOR).$(PYTHON3_VERSION_MINOR)
PYTHON3_SETUPTOOLS_PKG_RELEASE:=1
PYTHON3_PIP_PKG_RELEASE:=1
-PYTHON3_SETUPTOOLS_VERSION:=47.1.0
-PYTHON3_PIP_VERSION:=20.1.1
+PYTHON3_SETUPTOOLS_VERSION:=49.2.1
+PYTHON3_PIP_VERSION:=20.2.3
include ../python3-version.mk
PKG_NAME:=python3
-PKG_RELEASE:=2
+PKG_RELEASE:=1
PKG_VERSION:=$(PYTHON3_VERSION).$(PYTHON3_VERSION_MICRO)
PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION)
-PKG_HASH:=e3003ed57db17e617acb382b0cade29a248c6026b1bd8aad1f976e9af66a83b0
+PKG_HASH:=9c73e63c99855709b9be0b3cc9e5b072cb60f37311e8c4e50f15576a0bf82854
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>, Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=Python/2.0
$(PKG_BUILD_DIR)/install-setuptools/usr/lib/python$(PYTHON3_VERSION)/site-packages/setuptools-$(PYTHON3_SETUPTOOLS_VERSION).dist-info \
$(PKG_BUILD_DIR)/install-setuptools/usr/lib/python$(PYTHON3_VERSION)/site-packages/easy_install.py \
$(1)/usr/lib/python$(PYTHON3_VERSION)/site-packages
- $(CP) \
- $(1)/usr/lib/python$(PYTHON3_VERSION)/site-packages/setuptools/site-patch.py \
- $(1)/usr/lib/python$(PYTHON3_VERSION)/site-packages/setuptools/site-patch.py.txt
find $(1)/usr/lib/python$(PYTHON3_VERSION)/site-packages/ -path '*/__pycache__/*' -delete
find $(1)/usr/lib/python$(PYTHON3_VERSION)/site-packages/ -type d -name __pycache__ -delete
endef
+++ /dev/null
---- a/setuptools/command/easy_install.py
-+++ b/setuptools/command/easy_install.py
-@@ -1324,7 +1324,10 @@ class easy_install(Command):
- return # already did it, or don't need to
-
- sitepy = os.path.join(self.install_dir, "site.py")
-- source = resource_string("setuptools", "site-patch.py")
-+ try:
-+ source = resource_string("setuptools", "site-patch.py")
-+ except FileNotFoundError:
-+ source = resource_string("setuptools", "site-patch.py.txt")
- source = source.decode('utf-8')
- current = ""
-
--- a/Modules/Setup
+++ b/Modules/Setup
-@@ -334,7 +334,7 @@ _symtable symtablemodule.c
+@@ -338,7 +338,7 @@ _symtable symtablemodule.c
# Andrew Kuchling's zlib module.
# This require zlib 1.1.3 (or later).
# See http://www.gzip.org/zlib/
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -1451,6 +1451,7 @@ libinstall: build_all $(srcdir)/Modules/
+@@ -1524,6 +1524,7 @@ libinstall: build_all $(srcdir)/Modules/
$(INSTALL_DATA) `cat pybuilddir.txt`/_sysconfigdata_$(ABIFLAGS)_$(MACHDEP)_$(MULTIARCH).py \
$(DESTDIR)$(LIBDEST); \
$(INSTALL_DATA) $(srcdir)/LICENSE $(DESTDIR)$(LIBDEST)/LICENSE.txt
if test -d $(DESTDIR)$(LIBDEST)/distutils/tests; then \
$(INSTALL_DATA) $(srcdir)/Modules/xxmodule.c \
$(DESTDIR)$(LIBDEST)/distutils/tests ; \
-@@ -1486,6 +1487,7 @@ libinstall: build_all $(srcdir)/Modules/
+@@ -1559,6 +1560,7 @@ libinstall: build_all $(srcdir)/Modules/
$(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/Grammar.txt
-PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
$(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/PatternGrammar.txt
--- a/Python/initconfig.c
+++ b/Python/initconfig.c
-@@ -152,7 +152,7 @@ int Py_NoSiteFlag = 0; /* Suppress 'impo
+@@ -157,7 +157,7 @@ int Py_NoSiteFlag = 0; /* Suppress 'impo
int Py_BytesWarningFlag = 0; /* Warn on str(bytes) and str(buffer) */
int Py_FrozenFlag = 0; /* Needed by getpath.c */
int Py_IgnoreEnvironmentFlag = 0; /* e.g. PYTHONPATH, PYTHONHOME */
--- a/setup.py
+++ b/setup.py
-@@ -654,7 +654,8 @@ class PyBuildExt(build_ext):
+@@ -749,7 +749,8 @@ class PyBuildExt(build_ext):
# only change this for cross builds for 3.3, issues on Mageia
if CROSS_COMPILING:
self.add_cross_compiling_paths()
self.library_dirs.append('.')
--- a/Lib/distutils/sysconfig.py
+++ b/Lib/distutils/sysconfig.py
-@@ -18,10 +18,17 @@ from .errors import DistutilsPlatformErr
- from .util import get_platform, get_host_platform
+@@ -17,10 +17,17 @@ import sys
+ from .errors import DistutilsPlatformError
# These are needed in a couple of spots, so just compute them once.
-PREFIX = os.path.normpath(sys.prefix)
--- a/setup.py
+++ b/setup.py
-@@ -631,8 +631,9 @@ class PyBuildExt(build_ext):
+@@ -726,8 +726,9 @@ class PyBuildExt(build_ext):
# directly since an inconsistently reproducible issue comes up where
# the environment variable is not set even though the value were passed
# into configure and stored in the Makefile (issue found on OS X 10.3).
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -735,6 +735,16 @@ regen-all: regen-opcode regen-opcode-tar
+@@ -764,6 +764,16 @@ regen-all: regen-opcode regen-opcode-tar
############################################################################
# Special rules for object files
Modules/getbuildinfo.o: $(PARSER_OBJS) \
$(OBJECT_OBJS) \
$(PYTHON_OBJS) \
-@@ -743,6 +753,8 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \
+@@ -772,6 +782,8 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \
$(DTRACE_OBJS) \
$(srcdir)/Modules/getbuildinfo.c
$(CC) -c $(PY_CORE_CFLAGS) \
--- a/configure
+++ b/configure
-@@ -15174,7 +15174,7 @@ $as_echo_n "checking ABIFLAGS... " >&6;
+@@ -15308,7 +15308,7 @@ $as_echo_n "checking ABIFLAGS... " >&6;
$as_echo "$ABIFLAGS" >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking SOABI" >&5
$as_echo_n "checking SOABI... " >&6; }
--- a/configure.ac
+++ b/configure.ac
-@@ -4654,7 +4654,7 @@ AC_SUBST(SOABI)
+@@ -4749,7 +4749,7 @@ AC_SUBST(SOABI)
AC_MSG_CHECKING(ABIFLAGS)
AC_MSG_RESULT($ABIFLAGS)
AC_MSG_CHECKING(SOABI)
--- a/setup.py
+++ b/setup.py
-@@ -441,6 +441,7 @@ class PyBuildExt(build_ext):
+@@ -536,6 +536,7 @@ class PyBuildExt(build_ext):
print("Failed to build these modules:")
print_three_column(failed)
print()
--- a/Lib/distutils/sysconfig.py
+++ b/Lib/distutils/sysconfig.py
-@@ -445,6 +445,7 @@ def _init_posix():
+@@ -451,6 +451,7 @@ def _init_posix():
platform=sys.platform,
multiarch=getattr(sys.implementation, '_multiarch', ''),
))
global _config_vars
--- a/Lib/sysconfig.py
+++ b/Lib/sysconfig.py
-@@ -344,6 +344,7 @@ def get_makefile_filename():
+@@ -342,6 +342,7 @@ def get_makefile_filename():
def _get_sysconfigdata_name():
abi=sys.abiflags,
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -1460,7 +1460,7 @@ libinstall: build_all $(srcdir)/Modules/
+@@ -1533,7 +1533,7 @@ libinstall: build_all $(srcdir)/Modules/
esac; \
done; \
done
$(DESTDIR)$(LIBDEST); \
$(INSTALL_DATA) $(srcdir)/LICENSE $(DESTDIR)$(LIBDEST)/LICENSE.txt
ifeq (@COMPILE_ALL_TESTS@,yes)
-@@ -1618,7 +1618,7 @@ sharedinstall: sharedmods
+@@ -1691,7 +1691,7 @@ sharedinstall: sharedmods
--install-scripts=$(BINDIR) \
--install-platlib=$(DESTSHARED) \
--root=$(DESTDIR)/
# Here are a couple of targets for MacOSX again, to install a full
--- a/configure
+++ b/configure
-@@ -2951,7 +2951,7 @@ $as_echo_n "checking for python interpre
+@@ -2977,7 +2977,7 @@ $as_echo_n "checking for python interpre
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $interp" >&5
$as_echo "$interp" >&6; }
fi
elif test "$cross_compiling" = maybe; then
as_fn_error $? "Cross compiling required --host=HOST-TUPLE and --build=ARCH" "$LINENO" 5
-@@ -15213,7 +15213,7 @@ else
- fi
+@@ -15383,7 +15383,7 @@ fi
+
-if test x$PLATFORM_TRIPLET = x; then
+if true ; then
- LIBPL='$(prefix)'"/lib/python${VERSION}/config-${LDVERSION}"
+ LIBPL='$(prefix)'"/${PLATLIBDIR}/python${VERSION}/config-${LDVERSION}"
else
- LIBPL='$(prefix)'"/lib/python${VERSION}/config-${LDVERSION}-${PLATFORM_TRIPLET}"
+ LIBPL='$(prefix)'"/${PLATLIBDIR}/python${VERSION}/config-${LDVERSION}-${PLATFORM_TRIPLET}"
--- a/configure.ac
+++ b/configure.ac
@@ -75,7 +75,7 @@ if test "$cross_compiling" = yes; then
fi
elif test "$cross_compiling" = maybe; then
AC_MSG_ERROR([Cross compiling required --host=HOST-TUPLE and --build=ARCH])
-@@ -4688,7 +4688,7 @@ fi
+@@ -4812,7 +4812,7 @@ fi],
dnl define LIBPL after ABIFLAGS and LDVERSION is defined.
AC_SUBST(PY_ENABLE_SHARED)
-if test x$PLATFORM_TRIPLET = x; then
+if true ; then
- LIBPL='$(prefix)'"/lib/python${VERSION}/config-${LDVERSION}"
+ LIBPL='$(prefix)'"/${PLATLIBDIR}/python${VERSION}/config-${LDVERSION}"
else
- LIBPL='$(prefix)'"/lib/python${VERSION}/config-${LDVERSION}-${PLATFORM_TRIPLET}"
+ LIBPL='$(prefix)'"/${PLATLIBDIR}/python${VERSION}/config-${LDVERSION}-${PLATFORM_TRIPLET}"
PKG_NAME:=boost
PKG_VERSION:=1.74.0
PKG_SOURCE_VERSION:=1_74_0
-PKG_RELEASE:=4
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)_$(PKG_SOURCE_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/$(PKG_NAME)/$(PKG_NAME)/$(PKG_VERSION) https://dl.bintray.com/boostorg/release/$(PKG_VERSION)/source/
PKG_USE_MIPS16:=0
include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
define Package/boost/Default
SECTION:=libs
- graph
- - graph-parallel
- iostreams
- - locale (Requires kernel being compiled with full language support)
+ - locale
- log
- math
- nowide
See more at http://www.boost.org/doc/libs/1_74_0/
endef
-PKG_BUILD_DEPENDS:=boost/host PACKAGE_boost-python3:python3
+PKG_BUILD_DEPENDS:=boost/host
include ../../lang/python/python3-version.mk
BOOST_PYTHON3_VER=$(PYTHON3_VERSION)
config PACKAGE_boost-$(lib)
prompt "Boost $(lib) $(if $(findstring python3,$(lib)),$(paren_left)v$(BOOST_PYTHON3_VER)$(paren_right) ,)library."
default m if ALL
- $(if $(findstring locale,$(lib)),depends on BUILD_NLS,)\
$(if $(findstring fiber,$(lib)),depends on !boost-fiber-exclude,)\
$(if $(findstring context,$(lib)),depends on !boost-context-exclude,)
$(if $(findstring coroutine,$(lib)),depends on !boost-coroutine-exclude,)
define Build/Configure
endef
+define Package/boost/Default/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/lib/libboost_$(2)*.so* $(1)/usr/lib/
+endef
+
# 1: short name
# 2: dependencies on other boost libraries (short name)
# 3: dependencies on other packages
# 4: conditional/inward dependencies
+# 5: dependencies compiled only when this package has been selected
define DefineBoostLibrary
-
BOOST_DEPENDS+= +$(if $(4),$(4):boost-$(1),boost-$(1))
PKG_CONFIG_DEPENDS+= CONFIG_PACKAGE_boost-$(1)
define Package/boost-$(1)
$(call Package/boost/Default)
TITLE+= ($(1))
- DEPENDS+= $$(foreach lib,$(2),+boost-$$(lib)) $(3) $(if $(4),@$(4),) $(patsubst %,+PACKAGE_boost-$(1):%,$(5))
+ DEPENDS+= $(foreach lib,$(2),+boost-$(lib)) $(3) $(if $(4),@$(4),) $(patsubst %,+PACKAGE_boost-$(1):%,$(5))
HIDDEN:=1
endef
define Package/boost-$(1)/description
This package contains the Boost $(1) library.
endef
+
+ define Package/boost-$(1)/install
+ $(if $(CONFIG_boost-static-libs),true,$(call Package/boost/Default/install,$$(1),$(1)))
+ endef
endef
$(eval $(call DefineBoostLibrary,atomic,system))
$(eval $(call DefineBoostLibrary,filesystem,system))
$(eval $(call DefineBoostLibrary,graph,regex))
$(eval $(call DefineBoostLibrary,iostreams,,,,zlib liblzma libbz2 libzstd))
-$(eval $(call DefineBoostLibrary,locale,system,$(ICONV_DEPENDS),BUILD_NLS))
+$(eval $(call DefineBoostLibrary,locale,system chrono thread,,,icu))
$(eval $(call DefineBoostLibrary,log,system chrono date_time thread filesystem regex))
$(eval $(call DefineBoostLibrary,math))
#$(eval $(call DefineBoostLibrary,mpi,,)) # OpenMPI does no exist in OpenWRT at this time.
$(eval $(call DefineBoostLibrary,nowide))
$(eval $(call DefineBoostLibrary,program_options))
-$(eval $(call DefineBoostLibrary,python3))
+$(eval $(call DefineBoostLibrary,python3,,,,python3-base))
$(eval $(call DefineBoostLibrary,random,system))
-$(eval $(call DefineBoostLibrary,regex))
+$(eval $(call DefineBoostLibrary,regex,,,,icu))
$(eval $(call DefineBoostLibrary,serialization))
$(eval $(call DefineBoostLibrary,wserialization,serialization))
$(eval $(call DefineBoostLibrary,stacktrace))
endef
CONFIGURE_PREFIX:=$(PKG_INSTALL_DIR)
-TARGET_LDFLAGS += -pthread -lrt
+TARGET_LDFLAGS += -pthread -lrt -lstdc++ -Wl,--gc-sections,--as-needed,--print-gc-sections
TARGET_CFLAGS += \
- $(if $(CONFIG_SOFT_FLOAT),-DBOOST_NO_FENV_H) -fPIC
+ $(if $(CONFIG_SOFT_FLOAT),-DBOOST_NO_FENV_H) -fPIC -ffunction-sections -fdata-sections -flto
EXTRA_CXXFLAGS += $(if $(CONFIG_GCC_USE_VERSION_10),-std=gnu++20,$(if $(CONFIG_GCC_USE_VERSION_5),-std=gnu++14,-std=gnu++17))
) \
) \
) \
- $(if $(CONFIG_PACKAGE_boost-locale),boost.locale.iconv=on -sICONV_PATH=$(ICONV_PREFIX) boost.locale.posix=$(if $(USE_MUSL),on,off), \
- boost.locale.iconv=off) \
+ $(if $(CONFIG_PACKAGE_boost-locale),boost.locale.std=off boost.locale.posix=off) \
\
$(if $(CONFIG_PACKAGE_boost-iostreams),-sNO_BZIP2=1 -sZLIB_INCLUDE=$(STAGING_DIR)/usr/include \
-sZLIB_LIBPATH=$(STAGING_DIR)/usr/lib) \
$(CP) $(HOST_BUILD_DIR)/tools/build/src/engine/b2 $(STAGING_DIR_HOSTPKG)/bin/
endef
-define Package/boost/Default/install
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/lib/libboost_$(2)*.so* $(1)/usr/lib/
-endef
-
define Package/boost-test/install
+ $(if $(CONFIG_boost-static-libs),true,
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/lib/libboost_unit_test_framework*.so* $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/lib/libboost_prg_exec_monitor*.so* $(1)/usr/lib/
-endef
-
-define BuildBoostLibrary
- define Package/boost-$(1)/install
- $(call Package/boost/Default/install,$$(1),$(1))
- endef
-
- $$(eval $$(call BuildPackage,boost-$(1)))
+ $(CP) $(PKG_INSTALL_DIR)/lib/libboost_{unit_test_framework,prg_exec_monitor}*.so* $(1)/usr/lib/
+ )
endef
$(eval $(call HostBuild))
-$(foreach lib,$(BOOST_LIBS),$(eval $(call BuildBoostLibrary,$(lib))))
+$(foreach lib,$(BOOST_LIBS),$(eval $(call BuildPackage,boost-$(lib))))
$(eval $(call BuildPackage,boost-test))
$(eval $(call BuildPackage,boost-libs))
$(eval $(call BuildPackage,boost))
include $(TOPDIR)/rules.mk
PKG_NAME:=freetype
-PKG_VERSION:=2.10.2
+PKG_VERSION:=2.10.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@SF/freetype
-PKG_HASH:=1543d61025d2e6312e0a1c563652555f17378a204a61e99928c9fcef030a2d8b
+PKG_HASH:=86a854d8905b19698bbc8f23b860bc104246ce4854dcea8e3b0fb21284f75784
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
PKG_LICENSE:=FTL GPL-2.0-only MIT ZLIB GPL-3.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=libinput
-PKG_VERSION:=1.16.1
+PKG_VERSION:=1.16.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.freedesktop.org/software/libinput
-PKG_HASH:=7ba7d1aeedd15168bb21d17e9e628aa1c27957963a423a3fea3938a501758539
+PKG_HASH:=fc3d8c50fe7abc4dc4406bc01262a3f8149864557f87279adcf300e523c160a9
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=libmariadb
-PKG_VERSION:=3.1.8
+PKG_VERSION:=3.1.10
PKG_RELEASE:=1
PKG_SOURCE:=mariadb-connector-c-$(PKG_VERSION)-src.tar.gz
https://mirror.lstn.net/mariadb/connector-c-$(PKG_VERSION) \
https://ftp.yz.yamagata-u.ac.jp/pub/dbms/mariadb/connector-c-$(PKG_VERSION) \
https://downloads.mariadb.org/interstitial/connector-c-$(PKG_VERSION)
+PKG_HASH:=af3e5613cb9e811f70db85a8a704c7140dc3e35f7c39912d0509511638f9658f
+PKG_BUILD_DIR:=$(BUILD_DIR)/mariadb-connector-c-$(PKG_VERSION)-src
-PKG_HASH:=431434d3926f4bcce2e5c97240609983f60d7ff50df5a72083934759bb863f7b
PKG_MAINTAINER:=Michal Hrusecky <Michal@Hrusecky.net>
-PKG_LICENSE:=LGPL-2.1
+PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING.LIB
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/mariadb-connector-c-$(PKG_VERSION)-src
-
PKG_CPE_ID:=cpe:/a:mariadb:mariadb
-PKG_BUILD_PARALLEL:=1
-
CMAKE_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
MARIADB_CONF_DIR:=/etc/mysql
MARIADB_PLUGIN_DIR:=/usr/lib/mariadb/plugin
+++ /dev/null
---- a/cmake/CheckIncludeFiles.cmake
-+++ b/cmake/CheckIncludeFiles.cmake
-@@ -46,4 +46,7 @@
- CHECK_INCLUDE_FILES (sys/un.h HAVE_SYS_UN_H)
- CHECK_INCLUDE_FILES (unistd.h HAVE_UNISTD_H)
- CHECK_INCLUDE_FILES (utime.h HAVE_UTIME_H)
--CHECK_INCLUDE_FILES (ucontext.h HAVE_UCONTEXT_H)
-+CHECK_INCLUDE_FILES (ucontext.h HAVE_UCONTEXT_HEADER)
-+IF(HAVE_UCONTEXT_HEADER)
-+ CHECK_FUNCTION_EXISTS(makecontext HAVE_UCONTEXT_H)
-+ENDIF(HAVE_UCONTEXT_HEADER)
include $(TOPDIR)/rules.mk
PKG_NAME:=libndpi
-PKG_VERSION:=3.2
+PKG_VERSION:=3.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ntop/nDPI/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=6808c8c4495343e67863f4d30bb261c1e2daec5628ae0be257ba2a2dea7ec70a
+PKG_HASH:=dc9b291c7fde94edb45fb0f222e0d93c93f8d6d37f4efba20ebd9c655bfcedf9
PKG_BUILD_DIR:=$(BUILD_DIR)/nDPI-$(PKG_VERSION)
PKG_MAINTAINER:=Banglang Huang <banglang.huang@foxmail.com>, Toni Uhlig <matzeton@googlemail.com>
include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
+ifeq ($(CONFIG_LIBNDPI_GCRYPT),)
+CONFIGURE_ARGS += --disable-gcrypt
+endif
+
define Package/libndpi
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Library for deep-packet inspection
URL:=https://github.com/ntop/nDPI
- DEPENDS:=$(CXX_DEPENDS) +libpcap +libjson-c
+ DEPENDS:=$(CXX_DEPENDS) +LIBNDPI_GCRYPT:libgcrypt +libpcap +libjson-c
endef
define Package/libndpi/description
Based on OpenDPI it includes ntop extensions.
endef
+define Package/libndpi/config
+config LIBNDPI_GCRYPT
+ bool "GCrypt support"
+ depends on PACKAGE_libndpi
+ default n
+ help
+ This option enables QUIC client hello decryption.
+ Disabled by default.
+endef
+
define Build/Prepare
$(PKG_UNPACK)
$(Build/Patch)
mv $(PKG_BUILD_DIR)/configure.seed $(PKG_BUILD_DIR)/configure.ac
$(SED) "s/@NDPI_MAJOR@/3/g" \
- -e "s/@NDPI_MINOR@/2/g" \
+ -e "s/@NDPI_MINOR@/4/g" \
-e "s/@NDPI_PATCH@/0/g" \
- -e "s/@NDPI_VERSION_SHORT@/3.2.0/g" \
+ -e "s/@NDPI_VERSION_SHORT@/3.4.0/g" \
+ -e "s/@FUZZY@/dnl> /g" \
$(PKG_BUILD_DIR)/configure.ac
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=libp11
-PKG_VERSION:=0.4.10
-PKG_RELEASE:=2
+PKG_VERSION:=0.4.11
+PKG_RELEASE:=1
PKG_SOURCE_URL:=https://github.com/OpenSC/libp11/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=639ea43c3341e267214b712e1e5e12397fd2d350899e673dd1220f3c6b8e3db4
+PKG_HASH:=57d47a12a76fd92664ae30032cf969284ebac1dfc25bf824999d74b016d51366
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=LGPL-2.1-or-later
PKG_NAME:=libyaml-cpp
PKG_VERSION:=0.6.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=yaml-cpp-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/jbeder/yaml-cpp/tar.gz/yaml-cpp-$(PKG_VERSION)?
--- /dev/null
+From 78f338e4ee69bb00fb37faf50f448eeedc8b824c Mon Sep 17 00:00:00 2001
+From: Mark Jan van Kampen <mjvk@allseas.com>
+Date: Tue, 13 Oct 2020 11:19:57 +0200
+Subject: [PATCH] Adds assert to enable compilation with libcxx+gcc
+
+Somehow this instantiates a template properly otherwise the build fails
+---
+ include/yaml-cpp/node/iterator.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/include/yaml-cpp/node/iterator.h b/include/yaml-cpp/node/iterator.h
+index b4472381..080ec76c 100644
+--- a/include/yaml-cpp/node/iterator.h
++++ b/include/yaml-cpp/node/iterator.h
+@@ -15,6 +15,8 @@
+ #include <utility>
+ #include <vector>
+
++static_assert(std::is_constructible<YAML::Node, const YAML::Node&>::value, "Node must be copy constructable");
++
+ namespace YAML {
+ namespace detail {
+ struct iterator_value : public Node, std::pair<Node, Node> {
include $(TOPDIR)/rules.mk
PKG_NAME:=mxml
-PKG_VERSION:=3.1
+PKG_VERSION:=3.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/michaelrsweet/$(PKG_NAME)/releases/download/v$(PKG_VERSION)/
-PKG_HASH:=1ac8d252f62f9dc2b2004518c70d2da313bdfcd92b8350e215f46064a34b52fc
+PKG_HASH:=b894f6c64964f2e77902564c17ba00f5d077a7a24054e7c1937903b0bd42c974
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_FIXUP:=autoreconf
include $(TOPDIR)/rules.mk
PKG_NAME:=nspr
-PKG_VERSION:=4.27
+PKG_VERSION:=4.29
PKG_RELEASE:=1
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENCE:=MPL-2.0
PKG_SOURCE_URL:= \
https://download.cdn.mozilla.net/pub/$(PKG_NAME)/releases/v$(PKG_VERSION)/src/ \
https://archive.mozilla.org/pub/$(PKG_NAME)/releases/v$(PKG_VERSION)/src/
-PKG_HASH:=6d495192b6ab00a3c28db053492cf794329f7c0351a5728db198111a1816e89b
+PKG_HASH:=22286bdb8059d74632cc7c2865c139e63953ecfb33bf4362ab58827e86e92582
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=nss
-PKG_VERSION:=3.55
+PKG_VERSION:=3.58
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
https://download.cdn.mozilla.net/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src \
https://archive.mozilla.org/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src
-PKG_HASH:=fc692e3db45a082ee6328cd989e795c171a00df9c518df090937f7604f850004
+PKG_HASH:=9f73cf789b5f109b978e5239551b609b0cafa88d18f0bc8ce3f976cb629353c0
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENCE:=MPL-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=qrencode
-PKG_VERSION:=4.1.0
+PKG_VERSION:=4.1.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://fukuchi.org/works/qrencode
-PKG_HASH:=ac7eff020d94be016d5b93bc6567f10a4a4692dcced901a384300f589a6cad0a
+PKG_HASH:=e455d9732f8041cf5b9c388e345a641fd15707860f928e94507b1961256a6923
PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz>
PKG_LICENSE:=LGPL-2.1-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=spice-protocol
-PKG_VERSION:=0.14.2
+PKG_VERSION:=0.14.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.spice-space.org/download/releases
-PKG_HASH:=8f3a63c8b68300dffe36f2e75eac57afa1e76d5d80af760fd138a0b3f44cf1e9
+PKG_HASH:=f986e5bc2a1598532c4897f889afb0df9257ac21c160c083703ae7c8de99487a
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
PKG_NAME:=uw-imap
PKG_VERSION:=2007f
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=imap-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
$(1)/usr/include/c-client
$(CP) $(PKG_BUILD_DIR)/c-client/libc-client.so.$(PKG_VERSION) $(1)/usr/lib/
$(LN) libc-client.so.$(PKG_VERSION) $(1)/usr/lib/libc-client.so
- $(CP) $(PKG_BUILD_DIR)/c-client/linkage.h $(1)/usr/include/c-client/
+ $(CP) $(PKG_BUILD_DIR)/c-client/linkage.{c,h} $(1)/usr/include/c-client/
$(CP) $(PKG_BUILD_DIR)/src/c-client/*.h $(1)/usr/include/c-client/
$(CP) $(PKG_BUILD_DIR)/src/osdep/unix/*.h $(1)/usr/include/c-client/
$(LN) os_slx.h $(1)/usr/include/c-client/osdep.h
include $(TOPDIR)/rules.mk
PKG_NAME:=youtube-dl
-PKG_VERSION:=2020.9.20
+PKG_VERSION:=2020.11.1.1
PKG_RELEASE:=1
PYPI_NAME:=youtube_dl
-PKG_HASH:=67fb9bfa30f5b8f06227c478a8a6ed04af1f97ad4e81dd7e2ce518df3e275391
+PKG_HASH:=b73379d6b08f03aec49a1899affe4cfd35bb92002dbdb3a3a1435a5811d4f120
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
PKG_LICENSE:=Unlicense
PKG_NAME:=acme
PKG_VERSION:=2.8.7
-PKG_RELEASE:=1
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/acmesh-official/acme.sh/tar.gz/$(PKG_VERSION)?
local user_cleanup
local ret
local domain_dir
+ local acme_server
+ local days
config_get_bool enabled "$section" enabled 0
config_get_bool use_staging "$section" use_staging
config_get dns "$section" dns
config_get user_setup "$section" user_setup
config_get user_cleanup "$section" user_cleanup
+ config_get acme_server "$section" acme_server
+ config_get days "$section" days
UPDATE_NGINX=$update_nginx
UPDATE_UHTTPD=$update_uhttpd
[ -n "$ACCOUNT_EMAIL" ] && acme_args="$acme_args --accountemail $ACCOUNT_EMAIL"
[ "$use_staging" -eq "1" ] && acme_args="$acme_args --staging"
+ if [ -n "$acme_server" ]; then
+ log "Using custom ACME server URL"
+ acme_args="$acme_args --server $acme_server"
+ fi
+
+ if [ -n "$days" ]; then
+ log "Renewing after $days days"
+ acme_args="$acme_args --days $days"
+ fi
+
if [ -n "$dns" ]; then
log "Using dns mode"
acme_args="$acme_args --dns $dns"
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=4.0.6
-PKG_RELEASE:=3
+PKG_VERSION:=4.0.7
+PKG_RELEASE:=2
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
+<!-- markdownlint-disable -->
+
# DNS based ad/abuse domain blocking
## Description
| reg_fi | | S | reg_finland | [Link](https://github.com/finnish-easylist-addition) |
| reg_fr | | S | reg_france | [Link](https://forums.lanik.us/viewforum.php?f=91) |
| reg_id | | M | reg_indonesia | [Link](https://easylist.to) |
+| reg_it | | M | reg_italy | [Link](https://easylist.to) |
| reg_kr | | S | reg_korea | [Link](https://list-kr.github.io) |
| reg_nl | | M | reg_netherlands | [Link](https://easylist.to) |
| reg_pl1 | | S | reg_poland | [Link](https://kadantiscam.netlify.com) |
# Copyright (c) 2015-2020 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
+# set (s)hellcheck exceptions
+# shellcheck disable=1091,2010,2016,2034,2039,2059,2086,2091,2129,2143,2154,2181,2183,2188
+
START=30
USE_PROCD=1
-EXTRA_COMMANDS="suspend resume query report list timer status_service"
+EXTRA_COMMANDS="suspend resume query report list timer status_service version"
EXTRA_HELP=" suspend Suspend adblock processing
resume Resume adblock processing
query <domain> Query active blocklists and backups for a specific domain
report [<search>] Print DNS statistics with an optional search parameter
list [[<add>|<remove>] [source(s)]] List available adblock sources or add/remove them from config
- timer <action> <hour> [<minute>] [<weekday>] Set a cron based update interval"
+ timer <action> <hour> [<minute>] [<weekday>] Set a cron based update interval
+ version print version information"
adb_init="/etc/init.d/adblock"
adb_script="/usr/bin/adblock.sh"
exit 0
fi
+version()
+{
+ rc_procd "${adb_script}" version
+}
+
boot()
{
[ -s "${adb_pidfile}" ] && > "${adb_pidfile}"
# Please note: you have to manually install and configure the package 'msmtp' before using this script
+# set (s)hellcheck exceptions
+# shellcheck disable=1091,2010,2016,2034,2039,2059,2086,2091,2129,2143,2154,2181,2183,2188
+
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
# Copyright (c) 2015-2020 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
+# set (s)hellcheck exceptions
+# shellcheck disable=1091,2010,2016,2034,2039,2059,2086,2091,2129,2143,2154,2181,2183,2188
+
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
# This is free software, licensed under the GNU General Public License v3.
# set (s)hellcheck exceptions
-# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188
+# shellcheck disable=1091,2010,2016,2034,2039,2059,2086,2091,2129,2143,2154,2181,2183,2188
# set initial defaults
#
export LC_ALL=C
export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
set -o pipefail
-adb_ver="4.0.6"
+adb_ver="4.0.7"
adb_enabled=0
adb_debug=0
adb_forcedns=0
{
local cnt=0 cnt_max=10
- if [ ! -r "/etc/config/adblock" ] || [ -n "$(uci -q show adblock.@source[0])" ]
+ if [ ! -r "/etc/config/adblock" ] || [ -z "$(uci -q show adblock.global.adb_safesearch)" ]
then
- if { [ -r "/etc/config/adblock-opkg" ] && [ -z "$(uci -q show adblock-opkg.@source[0])" ]; } || \
- { [ -r "/rom/etc/config/adblock" ] && [ -z "$(uci -q show /rom/etc/config/adblock.@source[0])" ]; }
- then
- if [ -r "/etc/config/adblock" ]
- then
- cp -pf "/etc/config/adblock" "/etc/config/adblock-backup"
- fi
- if [ -r "/etc/config/adblock-opkg" ]
- then
- cp -pf "/etc/config/adblock-opkg" "/etc/config/adblock"
- elif [ -r "/rom/etc/config/adblock" ]
- then
- cp -pf "/rom/etc/config/adblock" "/etc/config/adblock"
- fi
- f_log "info" "missing or old adblock config replaced with new valid default config"
- else
- f_log "err" "unrecoverable adblock config error, please re-install the package via opkg with the '--force-reinstall --force-maintainer' options"
- fi
+ f_log "err" "no valid adblock config found, please re-install the package via opkg with the '--force-reinstall --force-maintainer' options"
fi
config_cb()
fi
case "${adb_fetchutil}" in
"aria2c")
- adb_fetchparm="${adb_fetchparm:-"--timeout=20 --allow-overwrite=true --auto-file-renaming=false --check-certificate=true --dir= -o"}"
+ adb_fetchparm="${adb_fetchparm:-"--timeout=20 --allow-overwrite=true --auto-file-renaming=false --check-certificate=true --log-level=warn --dir=/ -o"}"
;;
"curl")
adb_fetchparm="${adb_fetchparm:-"--connect-timeout 20 --silent --show-error --location -o"}"
"google")
rset="/^(\\.[[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{printf \"%s\n%s\n\",tolower(\"www\"\$1),tolower(substr(\$1,2,length(\$1)))}"
safe_url="https://www.google.com/supported_domains"
- safe_ips="216.239.38.120 2001:4860:4802:32::78"
safe_cname="forcesafesearch.google.com"
safe_domains="${adb_tmpdir}/tmp.load.safesearch.${src_name}"
if [ "${adb_backup}" -eq 1 ] && [ -s "${adb_backupdir}/safesearch.${src_name}.gz" ]
fi
if [ "${out_rc}" -eq 0 ]
then
- "${adb_awk}" "${rset}" "${safe_domains}" > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ if [ -x "${adb_lookupcmd}" ]
+ then
+ safe_ips="$("${adb_lookupcmd}" "${safe_cname}" 2>/dev/null | "${adb_awk}" '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
+ if [ -n "${safe_ips}" ]
+ then
+ "${adb_awk}" "${rset}" "${safe_domains}" > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ fi
+ fi
out_rc="${?}"
fi
;;
"bing")
- safe_ips="204.79.197.220 ::FFFF:CC4F:C5DC"
safe_cname="strict.bing.com"
safe_domains="www.bing.com"
- printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ if [ -x "${adb_lookupcmd}" ]
+ then
+ safe_ips="$("${adb_lookupcmd}" "${safe_cname}" 2>/dev/null | "${adb_awk}" '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
+ if [ -n "${safe_ips}" ]
+ then
+ printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ fi
+ fi
out_rc="${?}"
;;
"duckduckgo")
- safe_ips="50.16.250.179 54.208.102.2 52.204.96.252"
safe_cname="safe.duckduckgo.com"
safe_domains="duckduckgo.com"
- printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ if [ -x "${adb_lookupcmd}" ]
+ then
+ safe_ips="$("${adb_lookupcmd}" "${safe_cname}" 2>/dev/null | "${adb_awk}" '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
+ if [ -n "${safe_ips}" ]
+ then
+ printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ fi
+ fi
out_rc="${?}"
;;
"pixabay")
- safe_ips="104.18.82.97 2606:4700::6812:8d57 2606:4700::6812:5261"
safe_cname="safesearch.pixabay.com"
safe_domains="pixabay.com"
- printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ if [ -x "${adb_lookupcmd}" ]
+ then
+ safe_ips="$("${adb_lookupcmd}" "${safe_cname}" 2>/dev/null | "${adb_awk}" '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
+ if [ -n "${safe_ips}" ]
+ then
+ printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ fi
+ fi
out_rc="${?}"
;;
"yandex")
- safe_ips="213.180.193.56"
safe_cname="familysearch.yandex.ru"
safe_domains="ya.ru yandex.ru yandex.com yandex.com.tr yandex.ua yandex.by yandex.ee yandex.lt yandex.lv yandex.md yandex.uz yandex.tm yandex.tj yandex.az"
- printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ if [ -x "${adb_lookupcmd}" ]
+ then
+ safe_ips="$("${adb_lookupcmd}" "${safe_cname}" 2>/dev/null | "${adb_awk}" '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
+ if [ -n "${safe_ips}" ]
+ then
+ printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ fi
+ fi
out_rc="${?}"
;;
"youtube")
if [ "${adb_safesearchmod}" -eq 0 ]
then
- safe_ips="216.239.38.120 2001:4860:4802:32::78"
safe_cname="restrict.youtube.com"
else
- safe_ips="216.239.38.119 2001:4860:4802:32::77"
safe_cname="restrictmoderate.youtube.com"
fi
safe_domains="www.youtube.com m.youtube.com youtubei.googleapis.com youtube.googleapis.com www.youtube-nocookie.com"
- printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ if [ -x "${adb_lookupcmd}" ]
+ then
+ safe_ips="$("${adb_lookupcmd}" "${safe_cname}" 2>/dev/null | "${adb_awk}" '/^Address[ 0-9]*: /{ORS=" ";print $NF}')"
+ if [ -n "${safe_ips}" ]
+ then
+ printf "%s\n" ${safe_domains} > "${adb_tmpdir}/tmp.raw.safesearch.${src_name}"
+ fi
+ fi
out_rc="${?}"
;;
esac
- if [ "${out_rc}" -eq 0 ]
+ if [ "${out_rc}" -eq 0 ] && [ -s "${adb_tmpdir}/tmp.raw.safesearch.${src_name}" ]
then
> "${adb_tmpdir}/tmp.safesearch.${src_name}"
if [ "${adb_dns}" = "named" ]
(
"${adb_dumpcmd}" -tttt -r "${file}" 2>/dev/null | \
"${adb_awk}" -v cnt="${cnt}" '!/\.lan\. |PTR\? | SOA\? /&&/ A[\? ]+|NXDomain|0\.0\.0\.0/{a=$1;b=substr($2,0,8);c=$4;sub(/\.[0-9]+$/,"",c);d=cnt $7;sub(/\*$/,"",d);
- e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]|0\.0\.0\.0/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);printf "%s\t%s\t%s\t%s\t%s\n",d,e,a,b,c}' >> "${adb_reportdir}/adb_report.raw"
+ e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]|0\.0\.0\.0/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);if(e==""){e="err"};printf "%s\t%s\t%s\t%s\t%s\n",d,e,a,b,c}' >> "${adb_reportdir}/adb_report.raw"
)&
hold=$((cnt%adb_maxqueue))
if [ "${hold}" -eq 0 ]
f_log "err" "system libraries not found"
fi
+# version information
+#
+if [ "${adb_action}" = "version" ]
+then
+ printf "%s\n" "${adb_ver}"
+ exit 0
+fi
+
# handle different adblock actions
#
f_load
"focus": "reg_indonesia",
"descurl": "https://easylist.to"
},
+ "reg_it": {
+ "url": "https://easylist-downloads.adblockplus.org/easylistitaly+easylist.txt",
+ "rule": "BEGIN{FS=\"[|^]\"}/^\\|\\|([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+\\^(\\$third-party)?$/{print tolower($3)}",
+ "size": "M",
+ "focus": "reg_italy",
+ "descurl": "https://easylist.to"
+ },
"reg_kr": {
"url": "https://raw.githubusercontent.com/List-KR/List-KR/master/filter.txt",
"rule": "BEGIN{FS=\"[|^]\"}/^\\|\\|([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+\\^(\\$third-party)?$/{print tolower($3)}",
--- /dev/null
+#!/bin/sh
+
+/etc/init.d/"${1}" version 2>/dev/null | grep "${2}"
include $(TOPDIR)/rules.mk
PKG_NAME:=banip
-PKG_VERSION:=0.3.11
+PKG_VERSION:=0.3.12
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
* output comprehensive runtime information via LuCI or via 'status' init command
* strong LuCI support
* optional: add new banIP sources on your own
+* optional: log banned inbound and/or outbound IP to syslog.
## Prerequisites
* [OpenWrt](https://openwrt.org), tested with the stable release series (19.07) and with the latest snapshot
## banIP config options
* usually the pre-configured banIP setup works quite well and no manual overrides are needed
* the following options apply to the 'global' config section:
- * ban\_enabled => main switch to enable/disable banIP service (bool/default: '0', disabled)
- * ban\_automatic => determine the L2/L3 WAN network device automatically (bool/default: '1', enabled)
- * ban\_iface => space separated list of WAN network interface(s)/device(s) used by banIP (default: not set, automatically detected)
- * ban\_realtime => a small log/banIP background monitor to block SSH/LuCI brute force attacks in realtime (bool/default: 'false', disabled)
+ * ban\_enabled => main switch to enable/disable banIP service (bool/default: '0', disabled)
+ * ban\_automatic => determine the L2/L3 WAN network device automatically (bool/default: '1', enabled)
+ * ban\_iface => space separated list of WAN network interface(s)/device(s) used by banIP (default: not set, automatically detected)
+ * ban\_realtime => a small log/banIP background monitor to block SSH/LuCI brute force attacks in realtime (bool/default: 'false', disabled)
+ * ban\_target\_src => action to perform when banning inbound IPv4 packets ('DROP'/'REJECT', default: 'DROP')
+ * ban\_target\_src\_6 => action to perform when banning inbound IPv6 packets ('DROP'/'REJECT', default: 'DROP')
+ * ban\_target\_dst => action to perform when banning outbound IPv4 packets ('DROP'/'REJECT', default: 'REJECT')
+ * ban\_target\_dst\_6 => action to perform when banning outbound IPv6 packets ('DROP'/'REJECT', default: 'REJECT')
+ * ban\_log\_src => switch to enable/disable logging of banned inbound IPv4 packets (bool/default: '0', disabled)
+ * ban\_log\_dst => switch to enable/disable logging of banned outbound IPv4 packets (bool/default: '0', disabled)
* the following options apply to the 'extra' config section:
- * ban\_debug => enable/disable banIP debug output (bool/default: '0', disabled)
- * ban\_nice => set the nice level of the banIP process and all sub-processes (int/default: '0', standard priority)
- * ban\_triggerdelay => additional trigger delay in seconds before banIP processing begins (int/default: '2')
- * ban\_backupdir => target directory for banIP backups (default: '/tmp')
- * ban\_sshdaemon => select the SSH daemon for logfile parsing, 'dropbear' or 'sshd' (default: 'dropbear')
- * ban\_starttype => select the used start type during boot, 'start', 'refresh' or 'reload' (default: 'start')
- * ban\_maxqueue => size of the download queue to handle downloads & IPSet processing in parallel (int/default: '4')
- * ban\_fetchutil => name of the used download utility: 'uclient-fetch', 'wget', 'curl', 'aria2c' (default: not set, automatically detected)
- * ban\_fetchparm => special config options for the download utility (default: not set)
- * ban\_autoblacklist => store auto-addons temporary in ipset and permanently in local blacklist as well (bool/default: '1', enabled)
- * ban\_autowhitelist => store auto-addons temporary in ipset and permanently in local whitelist as well (bool/default: '1', enabled)
+ * ban\_debug => enable/disable banIP debug output (bool/default: '0', disabled)
+ * ban\_nice => set the nice level of the banIP process and all sub-processes (int/default: '0', standard priority)
+ * ban\_triggerdelay => additional trigger delay in seconds before banIP processing begins (int/default: '2')
+ * ban\_backupdir => target directory for banIP backups (default: '/tmp')
+ * ban\_sshdaemon => select the SSH daemon for logfile parsing, 'dropbear' or 'sshd' (default: 'dropbear')
+ * ban\_starttype => select the used start type during boot, 'start', 'refresh' or 'reload' (default: 'start')
+ * ban\_maxqueue => size of the download queue to handle downloads & IPSet processing in parallel (int/default: '4')
+ * ban\_fetchutil => name of the used download utility: 'uclient-fetch', 'wget', 'curl', 'aria2c' (default: not set, automatically detected)
+ * ban\_fetchparm => special config options for the download utility (default: not set)
+ * ban\_autoblacklist => store auto-addons temporary in ipset and permanently in local blacklist as well (bool/default: '1', enabled)
+ * ban\_autowhitelist => store auto-addons temporary in ipset and permanently in local whitelist as well (bool/default: '1', enabled)
+
+## Logging of banned packets
+* by setting ban\_log\_src=1 / ban\_log\_dst=1 in the config options, banIP will log banned inbound / outbound packets to syslog.
+* example of a logged inbound (dst) and outbound (src) packet:
+<pre><code>
+Oct 2 12:49:14 gateway kernel: [434134.855130] REJECT(dst banIP) IN=br-lan OUT=br-wan MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=x.x.x.x DST=x.x.x.x LEN=100 TOS=0x00 PREC=0x00 TTL=63 ID=7938 PROTO=UDP SPT=16393 DPT=16393 LEN=80
+
+Oct 3 14:11:13 gateway kernel: [11290.429712] DROP(src banIP) IN=br-wan OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=x.x.x.x DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=63275 PROTO=TCP SPT=48246 DPT=37860 WINDOW=1024 RES=0x00 SYN URGP=0
+</code></pre>
+* to change the default logging behavior, the following options can be added to the 'global' config section:
+ * ban\_log\_src\_opts => IPv4 iptables LOG options for banned inbound packets (default: '-m limit --limit 10/sec')
+ * ban\_log\_src\_opts\_6 => IPv6 iptables LOG options for banned inbound packets (default: '-m limit --limit 10/sec')
+ * ban\_log\_src\_prefix (default: '<ban\_target\_src>(src banIP) ', typically 'DROP(src banIP) ')
+ * ban\_log\_src\_prefix\_6 (default: '<ban\_target\_src\_6>(src banIP) ', typically 'DROP('src banIP)' )
+ * ban\_log\_dst\_opts => IPv4 iptables LOG options for banned outbound packets (default: '-m limit --limit 10/sec')
+ * ban\_log\_dst\_opts\_6 => IPv6 iptables LOG options for banned outbound packets (default: '-m limit --limit 10/sec')
+ * ban\_log\_dst\_prefix (default: '<ban\_target\_dst>(dst banIP) ', typically 'REJECT(dst banIP) ')
+ * ban\_log\_dst\_prefix\_6 (default: '<ban\_target\_dst\_6>(dst banIP) ', typically 'REJECT('dst banIP)' )
## Examples
**receive banIP runtime information:**
-<pre><code>
-/etc/init.d/banip status
-::: banIP runtime information
- + status : enabled
- + version : 0.3.0
- + util_info : /usr/bin/aria2c, true
- + ipset_info : 10 IPSets with overall 106729 IPs/Prefixes
- + backup_dir : /tmp
- + last_run : 03.10.2019 19:15:25
- + system : UBNT-ERX, OpenWrt SNAPSHOT r11102-ced4c0e635
-</code></pre>
-
+ # /etc/init.d/banip status
+ ::: banIP runtime information
+ + status : enabled
+ + version : 0.3.0
+ + util_info : /usr/bin/aria2c, true
+ + ipset_info : 10 IPSets with overall 106729 IPs/Prefixes
+ + backup_dir : /tmp
+ + last_run : 03.10.2019 19:15:25
+ + system : UBNT-ERX, OpenWrt SNAPSHOT r11102-ced4c0e635
+
**cronjob for a regular IPSet blocklist update (/etc/crontabs/root):**
-<pre><code>
-0 06 * * * /etc/init.d/banip reload
-</code></pre>
-
+ # Every day at 06:00, update the IPSets of banIP
+ 00 06 * * * /etc/init.d/banip reload
## Support
Please join the banIP discussion in this [forum thread](https://forum.openwrt.org/t/banip-support-thread/16985) or contact me by mail <dev@brenken.org>
option ban_basever '0.3'
option ban_automatic '1'
option ban_realtime 'false'
+ option ban_log_src '0'
+ option ban_log_dst '0'
config banip 'extra'
option ban_debug '0'
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# (s)hellcheck exceptions
-# shellcheck disable=1091 disable=2039 disable=2143 disable=2181 disable=2188
+# shellcheck disable=1091,2039,2086,2140,2143,2181,2188
# set initial defaults
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-ban_ver="0.3.11"
+ban_ver="0.3.12"
ban_basever=""
ban_enabled=0
ban_automatic="1"
ban_sshdaemon=""
ban_setcnt=0
ban_cnt=0
+ban_log_src=0
+ban_log_dst=0
# load environment
#
config_load banip
config_foreach parse_config source
+ # setup logging
+ #
+ ban_log_chain_src="${ban_log_chain_src:-"${ban_chain}_log_src"}"
+ if [ "${ban_log_src}" -eq 1 ]
+ then
+ log_target_src="${ban_target_src:-"DROP"}"
+ ban_target_src="${ban_log_chain_src}"
+
+ log_target_src_6="${ban_target_src_6:-"DROP"}"
+ ban_target_src_6="${ban_log_chain_src}"
+ fi
+
+ ban_log_chain_dst="${ban_log_chain_dst:-"${ban_chain}_log_dst"}"
+ if [ "${ban_log_dst}" -eq 1 ]
+ then
+ log_target_dst="${ban_target_dst:-"REJECT"}"
+ ban_target_dst="${ban_log_chain_dst}"
+
+ log_target_dst_6="${ban_target_dst_6:-"REJECT"}"
+ ban_target_dst_6="${ban_log_chain_dst}"
+ fi
+
# log daemon check
#
if [ "$(/etc/init.d/log running; printf "%u" "${?}")" -eq 1 ]
fi
case "${util}" in
"aria2c")
- ban_fetchparm="${ban_fetchparm:-"--timeout=20 --allow-overwrite=true --auto-file-renaming=false --check-certificate=true --dir=" " -o"}"
+ ban_fetchparm="${ban_fetchparm:-"--timeout=20 --allow-overwrite=true --auto-file-renaming=false --check-certificate=true --dir=/ -o"}"
;;
"curl")
ban_fetchparm="${ban_fetchparm:-"--connect-timeout 20 -o"}"
then
if [ "${src_ruletype}" != "dst" ]
then
- if [ "${src_name##*_}" = "6" ]
+ f_iptrule "-I" "${wan_input} -j ${ban_chain}"
+ f_iptrule "-I" "${wan_forward} -j ${ban_chain}"
+ if [ "${src_name##*_}" != "6" ]
then
- # dummy, special IPv6 rules
- /bin/true
- else
- f_iptrule "-I" "${wan_input} -p udp --dport 67:68 --sport 67:68 -j RETURN"
+ # special IPv4 rules
+ f_iptrule "-A" "${ban_chain} -p udp --dport 67:68 --sport 67:68 -j RETURN"
fi
- f_iptrule "-A" "${wan_input} -j ${ban_chain}"
- f_iptrule "-A" "${wan_forward} -j ${ban_chain}"
for dev in ${ban_dev}
do
f_iptrule "${action:-"-A"}" "${ban_chain} -i ${dev} -m conntrack --ctstate NEW -m set --match-set ${src_name} src -j ${target_src}"
fi
if [ "${src_ruletype}" != "src" ]
then
- if [ "${src_name##*_}" = "6" ]
+ f_iptrule "-I" "${lan_input} -j ${ban_chain}"
+ f_iptrule "-I" "${lan_forward} -j ${ban_chain}"
+ if [ "${src_name##*_}" != "6" ]
then
- # dummy, special IPv6 rules
- /bin/true
- else
- f_iptrule "-I" "${lan_input} -p udp --dport 67:68 --sport 67:68 -j RETURN"
+ # special IPv4 rules
+ f_iptrule "-A" "${ban_chain} -p udp --dport 67:68 --sport 67:68 -j RETURN"
fi
- f_iptrule "-A" "${lan_input} -j ${ban_chain}"
- f_iptrule "-A" "${lan_forward} -j ${ban_chain}"
for dev in ${ban_dev}
do
f_iptrule "${action:-"-A"}" "${ban_chain} -o ${dev} -m conntrack --ctstate NEW -m set --match-set ${src_name} dst -j ${target_dst}"
#
f_ipset()
{
- local out_rc source action ruleset ruleset_6 rule cnt=0 cnt_ip=0 cnt_cidr=0 timeout="-w 5" mode="${1}" in_rc="${src_rc:-0}"
+ local out_rc source action ruleset rule cnt=0 cnt_ip=0 cnt_cidr=0 timeout="-w 5" mode="${1}" in_rc="${src_rc:-0}"
if [ "${src_name%_6*}" = "whitelist" ]
then
return "${out_rc}"
;;
"initial")
- if [ -x "${ban_ipt}" ] && [ -z "$("${ban_ipt}" "${timeout}" -nL "${ban_chain}" 2>/dev/null)" ]
- then
- "${ban_ipt}" "${timeout}" -N "${ban_chain}" 2>/dev/null
- out_rc="${?}"
- elif [ -x "${ban_ipt}" ]
- then
- src_name="ruleset"
- ruleset="${ban_wan_input_chain:-"input_wan_rule"} ${ban_wan_forward_chain:-"forwarding_wan_rule"} ${ban_lan_input_chain:-"input_lan_rule"} ${ban_lan_forward_chain:-"forwarding_lan_rule"}"
- for rule in ${ruleset}
- do
- f_iptrule "-D" "${rule} -j ${ban_chain}"
- done
- fi
- if [ -x "${ban_ipt6}" ] && [ -z "$("${ban_ipt6}" "${timeout}" -nL "${ban_chain}" 2>/dev/null)" ]
- then
- "${ban_ipt6}" "${timeout}" -N "${ban_chain}" 2>/dev/null
- out_rc="${?}"
- elif [ -x "${ban_ipt6}" ]
- then
- src_name="ruleset_6"
- ruleset_6="${ban_wan_input_chain_6:-"input_wan_rule"} ${ban_wan_forward_chain_6:-"forwarding_wan_rule"} ${ban_lan_input_chain_6:-"input_lan_rule"} ${ban_lan_forward_chain_6:-"forwarding_lan_rule"}"
- for rule in ${ruleset_6}
- do
- f_iptrule "-D" "${rule} -j ${ban_chain}"
- done
- fi
+ local ipt log_src_target log_src_opts log_src_prefix log_dst_target log_dst_opts log_dst_prefix
+ for src_name in "ruleset" "ruleset_6"
+ do
+ if [ "${src_name##*_}" = "6" ]
+ then
+ ipt="${ban_ipt6}"
+ ruleset="${ban_wan_input_chain_6:-"input_wan_rule"} ${ban_wan_forward_chain_6:-"forwarding_wan_rule"} ${ban_lan_input_chain_6:-"input_lan_rule"} ${ban_lan_forward_chain_6:-"forwarding_lan_rule"}"
+ log_src_target="${log_target_src_6}"
+ log_src_opts="${ban_log_src_opts_6:-"-m limit --limit 10/sec"}"
+ log_src_prefix="${ban_log_src_prefix_6:-"${log_target_src_6}(src banIP) "}"
+ log_dst_target="${log_target_dst_6}"
+ log_dst_opts="${ban_log_dst_opts_6:-"-m limit --limit 10/sec"}"
+ log_dst_prefix="${ban_log_dst_prefix_6:-"${log_target_dst_6}(dst banIP) "}"
+ else
+ ipt="${ban_ipt}"
+ ruleset="${ban_wan_input_chain:-"input_wan_rule"} ${ban_wan_forward_chain:-"forwarding_wan_rule"} ${ban_lan_input_chain:-"input_lan_rule"} ${ban_lan_forward_chain:-"forwarding_lan_rule"}"
+ log_src_target="${log_target_src}"
+ log_src_opts="${ban_log_src_opts:-"-m limit --limit 10/sec"}"
+ log_src_prefix="${ban_log_src_prefix:-"${log_target_src}(src banIP) "}"
+ log_dst_target="${log_target_dst}"
+ log_dst_opts="${ban_log_dst_opts:-"-m limit --limit 10/sec"}"
+ log_dst_prefix="${ban_log_dst_prefix:-"${log_target_dst}(dst banIP) "}"
+ fi
+
+ if [ -x "${ipt}" ]
+ then
+ if [ -z "$("${ipt}" "${timeout}" -nL "${ban_chain}" 2>/dev/null)" ]
+ then
+ "${ipt}" "${timeout}" -N "${ban_chain}" 2>/dev/null
+ out_rc="${?}"
+ else
+ out_rc=0
+ for rule in ${ruleset}
+ do
+ f_iptrule "-D" "${rule} -j ${ban_chain}"
+ done
+ fi
+ f_log "debug" "f_ipset ::: name: -, mode: ${mode:-"-"}, chain: ${ban_chain:-"-"}, $src_name: ${ruleset:-"-"}, out_rc: ${out_rc}"
+
+ if [ "${ban_log_src}" -eq 1 ] && [ "${out_rc}" -eq 0 ]
+ then
+ if [ -z "$("${ipt}" "${timeout}" -nL "${ban_log_chain_src}" 2>/dev/null)" ]
+ then
+ "${ipt}" "${timeout}" -N "${ban_log_chain_src}" 2>/dev/null
+ out_rc="${?}"
+ if [ "${out_rc}" -eq 0 ]
+ then
+ "${ipt}" "${timeout}" -A "${ban_log_chain_src}" -j LOG ${log_src_opts} --log-prefix "${log_src_prefix}" && \
+ "${ipt}" "${timeout}" -A "${ban_log_chain_src}" -j "${log_src_target}"
+ out_rc="${?}"
+ fi
+ fi
+ f_log "debug" "f_ipset ::: name: -, mode: ${mode:-"-"}, chain: ${ban_log_chain_src:-"-"}, out_rc: ${out_rc}"
+ fi
+
+ if [ "${ban_log_dst}" -eq 1 ] && [ "${out_rc}" -eq 0 ]
+ then
+ if [ -z "$("${ipt}" "${timeout}" -nL "${ban_log_chain_dst}" 2>/dev/null)" ]
+ then
+ "${ipt}" "${timeout}" -N "${ban_log_chain_dst}" 2>/dev/null
+ out_rc="${?}"
+ if [ "${out_rc}" -eq 0 ]
+ then
+ "${ipt}" "${timeout}" -A "${ban_log_chain_dst}" -j LOG ${log_dst_opts} --log-prefix "${log_dst_prefix}" && \
+ "${ipt}" "${timeout}" -A "${ban_log_chain_dst}" -j "${log_dst_target}"
+ out_rc="${?}"
+ fi
+ fi
+ f_log "debug" "f_ipset ::: name: -, mode: ${mode:-"-"}, chain: ${ban_log_chain_dst:-"-"}, out_rc: ${out_rc}"
+ fi
+ fi
+ done
+
out_rc="${out_rc:-"${in_rc}"}"
- f_log "debug" "f_ipset ::: name: -, mode: ${mode:-"-"}, chain: ${ban_chain:-"-"}, ruleset: ${ruleset:-"-"}, ruleset_6: ${ruleset_6:-"-"}, out_rc: ${out_rc}"
+ f_log "debug" "f_ipset ::: name: -, mode: ${mode:-"-"}, out_rc: ${out_rc}"
return "${out_rc}"
;;
"create")
f_log "debug" "f_ipset ::: name: ${src_name:-"-"}, mode: ${mode:-"-"}"
;;
"destroy")
- if [ -x "${ban_ipt}" ] && [ -x "${ban_ipt_save}" ] && [ -x "${ban_ipt_restore}" ] && \
- [ -n "$("${ban_ipt}" "${timeout}" -nL "${ban_chain}" 2>/dev/null)" ]
- then
- "${ban_ipt_save}" | grep -v -- "-j ${ban_chain}" | "${ban_ipt_restore}"
- "${ban_ipt}" "${timeout}" -F "${ban_chain}" 2>/dev/null
- "${ban_ipt}" "${timeout}" -X "${ban_chain}" 2>/dev/null
- fi
- if [ -x "${ban_ipt6}" ] && [ -x "${ban_ipt6_save}" ] && [ -x "${ban_ipt6_restore}" ] && \
- [ -n "$("${ban_ipt6}" "${timeout}" -nL "${ban_chain}" 2>/dev/null)" ]
- then
- "${ban_ipt6_save}" | grep -v -- "-j ${ban_chain}" | "${ban_ipt6_restore}"
- "${ban_ipt6}" "${timeout}" -F "${ban_chain}" 2>/dev/null
- "${ban_ipt6}" "${timeout}" -X "${ban_chain}" 2>/dev/null
- fi
+ for chain in ${ban_log_chain_src} ${ban_log_chain_dst} ${ban_chain}
+ do
+ if [ -x "${ban_ipt}" ] && [ -x "${ban_ipt_save}" ] && [ -x "${ban_ipt_restore}" ] && \
+ [ -n "$("${ban_ipt}" "${timeout}" -nL "${chain}" 2>/dev/null)" ]
+ then
+ "${ban_ipt_save}" | grep -v -- "-j ${chain}" | "${ban_ipt_restore}"
+ "${ban_ipt}" "${timeout}" -F "${chain}" 2>/dev/null
+ "${ban_ipt}" "${timeout}" -X "${chain}" 2>/dev/null
+ fi
+ if [ -x "${ban_ipt6}" ] && [ -x "${ban_ipt6_save}" ] && [ -x "${ban_ipt6_restore}" ] && \
+ [ -n "$("${ban_ipt6}" "${timeout}" -nL "${chain}" 2>/dev/null)" ]
+ then
+ "${ban_ipt6_save}" | grep -v -- "-j ${chain}" | "${ban_ipt6_restore}"
+ "${ban_ipt6}" "${timeout}" -F "${chain}" 2>/dev/null
+ "${ban_ipt6}" "${timeout}" -X "${chain}" 2>/dev/null
+ fi
+ done
for source in ${ban_sources}
do
if [ -x "${ban_ipset}" ] && [ -n "$("${ban_ipset}" -q -n list "${source}")" ]
if [ -z "$(ls "${ban_tmpfile}".*.err 2>/dev/null)" ]
then
- for cnt in $(cat "${ban_tmpfile}".*.cnt 2>/dev/null)
- do
- ban_cnt="$((ban_cnt+cnt))"
- done
- if [ "${ban_cnt}" -gt 0 ]
- then
- ban_setcnt="$(ls "${ban_tmpfile}".*.cnt 2>/dev/null | wc -l)"
- fi
+ for cnt_file in "${ban_tmpfile}".*.cnt
+ do
+ if [ -f "$cnt_file" ]
+ then
+ read -r cnt < "$cnt_file"
+ ban_cnt="$((ban_cnt+cnt))"
+ ban_setcnt="$((ban_setcnt+1))"
+ fi
+ done
f_log "info" "${ban_setcnt} IPSets with overall ${ban_cnt} IPs/Prefixes loaded successfully (${ban_sysver})"
f_bgserv "start"
f_jsnup
include $(TOPDIR)/rules.mk
PKG_NAME:=bind
-PKG_VERSION:=9.16.6
+PKG_VERSION:=9.16.8
PKG_RELEASE:=1
USERID:=bind=57:bind=57
PKG_SOURCE_URL:= \
https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \
https://ftp.isc.org/isc/bind9/$(PKG_VERSION)
-PKG_HASH:=b567b0f3b47dd03b345a4848af7f2acdd3f5cea2bd804edd85d9ef50743571cb
+PKG_HASH:=9e9b9c563692be86ec41f670f6b70e26c14e72445c742d7b5eb4db7d2b5e8d31
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=aclocal.m4 libtool.m4
--- /dev/null
+From 12a10bcfb1999d07961206587d79ce27c432c6ce Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
+Date: Tue, 27 Oct 2020 12:40:45 +0100
+Subject: [PATCH] Fix cross-compilation
+
+Using AC_RUN_IFELSE() in configure.ac breaks cross-compilation:
+
+ configure: error: cannot run test program while cross compiling
+
+Commit 978c7b2e89aa37a7ddfe2f6b6ba12ce73dd04528 caused AC_RUN_IFELSE()
+to be used instead of AC_LINK_IFELSE() because the latter had seemingly
+been causing the check for --wrap support in the linker to not work as
+expected. However, it later turned out that the problem lied elsewhere:
+a minus sign ('-') was missing from the LDFLAGS variable used in the
+relevant check [1].
+
+Revert to using AC_LINK_IFELSE() for checking whether the linker
+supports the --wrap option in order to make cross-compilation possible
+again.
+
+Fixes: https://gitlab.isc.org/isc-projects/bind9/-/issues/2237
+
+[1] see commit cfa4ea64bc06685f210a4187dcc05cc0aac84851
+---
+ configure | 16 ++++------------
+ configure.ac | 2 +-
+ 2 files changed, 5 insertions(+), 13 deletions(-)
+
+diff --git a/configure b/configure
+index a408f0dcf6..7694a18c0b 100755
+--- a/configure
++++ b/configure
+@@ -22047,13 +22047,7 @@ $as_echo_n "checking for linker support for --wrap option... " >&6; }
+
+
+ LDFLAGS="-Wl,--wrap,exit"
+-if test "$cross_compiling" = yes; then :
+- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+-as_fn_error $? "cannot run test program while cross compiling
+-See \`config.log' for more details" "$LINENO" 5; }
+-else
+- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h. */
+ #include <stdlib.h>
+ void __real_exit (int status);
+@@ -22067,7 +22061,7 @@ exit (1);
+ return 0;
+ }
+ _ACEOF
+-if ac_fn_c_try_run "$LINENO"; then :
++if ac_fn_c_try_link "$LINENO"; then :
+ LD_WRAP_TESTS=true
+
+ $as_echo "#define LD_WRAP 1" >>confdefs.h
+@@ -22078,10 +22072,8 @@ else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ $as_echo "no" >&6; }
+ fi
+-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+- conftest.$ac_objext conftest.beam conftest.$ac_ext
+-fi
+-
++rm -f core conftest.err conftest.$ac_objext \
++ conftest$ac_exeext conftest.$ac_ext
+
+ CCASFLAGS=$CCASFLAGS_wrap_ax_save_flags
+
+diff --git a/configure.ac b/configure.ac
+index 1201b5e2a7..9648d9727a 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -2247,7 +2247,7 @@ LD_WRAP_TESTS=false
+ AC_MSG_CHECKING([for linker support for --wrap option])
+ AX_SAVE_FLAGS([wrap])
+ LDFLAGS="-Wl,--wrap,exit"
+-AC_RUN_IFELSE(
++AC_LINK_IFELSE(
+ [AC_LANG_PROGRAM([[#include <stdlib.h>
+ void __real_exit (int status);
+ void __wrap_exit (int status) { __real_exit (0); }
+--
+GitLab
PKG_NAME:=chrony
PKG_VERSION:=4.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://download.tuxfamily.org/chrony/
-# This file is included from config file generated from /etc/config/chrony
+# Load UCI configuration
+confdir /var/etc/chrony.d
+
+# Load NTP servers from DHCP if enabled in UCI
+sourcedir /var/run/chrony-dhcp
# Log clock errors above 0.5 seconds
logchange 0.5
# Don't log client accesses
noclientlog
-# set the system clock else the kernel will always stay in UNSYNC state
+# Mark the system clock as synchronized
rtcsync
+
+# Record the clock's drift
+driftfile /var/run/chrony/drift
+
+# Save NTS keys and cookies
+ntsdumpdir /var/run/chrony
config dhcp_ntp_server
option iburst 'yes'
+ option disabled 'no'
config allow
option interface 'lan'
config makestep
option threshold '1.0'
option limit '3'
+
+config nts
+ option rtccheck 'yes'
+ option systemcerts 'yes'
#!/bin/sh
# Set chronyd online/offline status, allow NTP access and add servers from DHCP
-[ "$ACTION" = ifup -o "$ACTION" = ifdown ] || exit 0
+SOURCEFILE="/var/run/chrony-dhcp/$INTERFACE.sources"
run_command() {
/usr/bin/chronyc -n "$*" > /dev/null 2>&1
}
-run_command tracking || exit 0
+run_command onoffline
-. /lib/functions/network.sh
-
-network_find_wan iface4
-network_find_wan6 iface6
-run_command $([ -n "$iface4" ] && echo online || echo offline) 0.0.0.0/0.0.0.0
-run_command $([ -n "$iface6" ] && echo online || echo offline) ::/0
+if [ "$ACTION" = ifdown ] && [ -f "$SOURCEFILE" ]; then
+ rm -f "$SOURCEFILE"
+ run_command reload sources
+fi
[ "$ACTION" = ifup ] || exit 0
. /usr/share/libubox/jshn.sh
-for iface in $iface4 $iface6; do
- json_load "$(ifstatus $iface)"
- json_select data
- json_get_var dhcp_ntp_servers ntpserver
+json_load "$(ifstatus "$INTERFACE")"
+json_select data
+json_get_var dhcp_ntp_servers ntpserver
- for server in $dhcp_ntp_servers; do
- run_command add $(NTP_SOURCE_HOSTNAME=$server config_foreach \
- handle_source dhcp_ntp_server server)
- done
-done
+[ -z "$dhcp_ntp_servers" ] && exit 0
+
+mkdir -p "$(dirname "$SOURCEFILE")"
+
+for NTP_SOURCE_HOSTNAME in $dhcp_ntp_servers; do
+ config_foreach handle_source dhcp_ntp_server server
+done > "$SOURCEFILE"
+
+run_command reload sources
START=15
USE_PROCD=1
PROG=/usr/sbin/chronyd
-CONFIGFILE=/var/etc/chrony.conf
-INCLUDEFILE=/etc/chrony/chrony.conf
+CONFIGFILE=/etc/chrony/chrony.conf
+INCLUDEFILE=/var/etc/chrony.d/10-uci.conf
+RTCDEVICE=/dev/rtc0
handle_source() {
- local cfg=$1 sourcetype=$2 hostname minpoll maxpoll iburst
+ local cfg=$1 sourcetype=$2 disabled hostname minpoll maxpoll iburst nts
+ config_get_bool disabled "$cfg" disabled 0
+ [ "$disabled" = "1" ] && return
hostname=$NTP_SOURCE_HOSTNAME
[ -z "$hostname" ] && config_get hostname "$cfg" hostname
[ -z "$hostname" ] && return
config_get minpoll "$cfg" minpoll
config_get maxpoll "$cfg" maxpoll
config_get_bool iburst "$cfg" iburst 0
+ config_get_bool nts "$cfg" nts 0
echo $(
echo $sourcetype $hostname
[ -n "$minpoll" ] && echo minpoll $minpoll
[ -n "$maxpoll" ] && echo maxpoll $maxpoll
[ "$iburst" = "1" ] && echo iburst
+ [ "$nts" = "1" ] && echo nts
)
}
echo makestep $threshold $limit
}
+handle_nts() {
+ local cfg=$1 threshold limit
+
+ config_get_bool rtccheck "$cfg" rtccheck 0
+ config_get_bool systemcerts "$cfg" systemcerts 1
+ config_get trustedcerts "$cfg" trustedcerts
+ # Disable certificate time checks if no RTC is present
+ [ "$rtccheck" = "1" ] && ! [ -c $RTCDEVICE ] && echo nocerttimecheck 1
+ [ "$systemcerts" = "0" ] && echo nosystemcert
+ [ -n "$trustedcerts" ] && echo ntstrustedcerts "$trustedcerts"
+}
+
start_service() {
. /lib/functions/network.sh
procd_open_instance
- procd_set_param command $PROG -n -f $CONFIGFILE
+ procd_set_param command $PROG -n
procd_set_param file $CONFIGFILE
procd_set_param file $INCLUDEFILE
procd_close_instance
config_load chrony
- mkdir -p $(dirname $CONFIGFILE)
+ mkdir -p $(dirname $INCLUDEFILE)
(
- echo include $INCLUDEFILE
config_foreach handle_source server server
config_foreach handle_source pool pool
config_foreach handle_source peer peer
config_foreach handle_allow allow
config_foreach handle_makestep makestep
- ) > $CONFIGFILE
+ config_foreach handle_nts nts
+ ) > $INCLUDEFILE
}
include $(TOPDIR)/rules.mk
PKG_NAME:=conserver
-PKG_VERSION:=8.2.5
+PKG_VERSION:=8.2.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/conserver/conserver/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=43be704932bca365d7bf34be929851cf0bb7a229cc28391b3302ae19d6e6565b
+PKG_HASH:=1c8b86f123d2d8e3ce568b782087b43dfac9cf6ffd5a9bdfcfdc6718d749a923
PKG_MAINTAINER:=Bjørn Mork <bjorn@mork.no>
PKG_LICENSE:=BSD-3-Clause
PKG_NAME:=ddns-scripts
PKG_VERSION:=2.8.2
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_LICENSE:=GPL-2.0
[ $# -ne 1 ] && write_log 12 "Error in 'do_transfer()' - wrong number of parameters"
+ # Use ip_network as default for bind_network if not separately specified
+ [ -z "$bind_network" ] && [ "$ip_source" = "network" ] && [ "$ip_network" ] && bind_network="$ip_network"
+
# lets prefer GNU Wget because it does all for us - IPv4/IPv6/HTTPS/PROXY/force IP version
if [ -n "$WGET_SSL" -a $USE_CURL -eq 0 ]; then # except global option use_curl is set to "1"
__PROG="$WGET_SSL --hsts-file=/tmp/.wget-hsts -nv -t 1 -O $DATFILE -o $ERRFILE" # non_verbose no_retry outfile errfile
{
"name": "sitelutions.com",
"ipv4": {
- "url": "http://www.sitelutions.com/dnsup?user=[USERNAME]&pass=[PASSWORD]&id=[DOMAIN]&ip=[IP]",
+ "url": "https://dnsup.sitelutions.com/dnsup?user=[USERNAME]&pass=[PASSWORD]&id=[DOMAIN]&ip=[IP]",
"answer": "success"
}
}
PKG_NAME:=etesync-server
PKG_VERSION:=0.3.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=etesync-server-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/etesync/server/archive/v$(PKG_VERSION)
define Package/etesync-server/postrm
#!/bin/sh
[ -n "$${IPKG_INSTROOT}" ] && exit 0
-rmdir /usr/share/etesync-server/etesync_server
+rmdir --ignore-fail-on-non-empty /usr/share/etesync-server/etesync_server
[ "$${PKG_UPGRADE}" = "1" ] && exit 0
rm -r /www/etesync/static
rmdir /www/etesync
#!/bin/sh
-[ "${PKG_UPGRADE}" = "1" ] && /etc/init.d/etesync-server stop
-
cd /usr/share/etesync-server || exit 1
python3 manage.pyc migrate --noinput || exit 1
config django 'global'
- option static_url '/etesync/static/' # TODO for django 3.1: "static/"
+ option static_url 'static/'
option debug 'false'
config django 'allowed_hosts'
include $(TOPDIR)/rules.mk
PKG_NAME:=fastd
-PKG_VERSION:=20
+PKG_VERSION:=21
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd/releases/download/v$(PKG_VERSION)
-PKG_HASH:=56cab8639218d63237d9a5508fb2bf6fa637374d53fb7fa55b7e92e4d4dfeb00
+PKG_HASH:=942f33bcd794bcb8e19da4c30c875bdfd4d0f1c24ec4dcdf51237791bbfb0d4c
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=COPYRIGHT
PKG_NAME:=ifstat
PKG_VERSION:=1.1
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://gael.roualland.free.fr/ifstat/
--- /dev/null
+From: Matthieu Baerts <matthieu.baerts@tessares.net>
+Subject: [PATCH] ifstat: v1.1-8.1 from Debian
+
+Extracted from:
+
+ http://deb.debian.org/debian/pool/main/i/ifstat/ifstat_1.1-8.1.diff.gz
+
+Author:
+- Goswin von Brederlow <goswin-v-b@web.de>
+
+ChangeLog:
+
+ * snmp.c: fix 2 pointer targets differ in signedness warnings
+ * Adding upport for 64bit /proc/net/dev counters.
+ * Clean up compiler warnings.
+
+Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
+---
+ data.c | 4 +-
+ drivers.c | 36 ++++++++--------
+ ifstat.c | 5 ++-
+ ifstat.h | 6 +--
+ snmp.c | 12 +++---
+
+diff --git a/data.c b/data.c
+index e29149b..9af27bf 100644
+--- a/data.c
++++ b/data.c
+@@ -103,8 +103,8 @@ void ifstat_free_interface(struct ifstat_data *data) {
+ }
+
+ void ifstat_set_interface_stats(struct ifstat_data *data,
+- unsigned long bytesin,
+- unsigned long bytesout) {
++ unsigned long long bytesin,
++ unsigned long long bytesout) {
+ if (data->bout > bytesout || data->bin > bytesin) {
+ if (!ifstat_quiet)
+ ifstat_error("warning: rollover for interface %s, reinitialising.", data->name);
+diff --git a/drivers.c b/drivers.c
+index d5ac501..2861fff 100644
+--- a/drivers.c
++++ b/drivers.c
+@@ -140,6 +140,7 @@ char *strchr (), *strrchr ();
+
+ static void examine_interface(struct ifstat_list *ifs, char *name,
+ int ifflags, int iftype) {
++ (void)iftype;
+ #ifdef IFF_LOOPBACK
+ if ((ifflags & IFF_LOOPBACK) && !(ifs->flags & IFSTAT_LOOPBACK))
+ return;
+@@ -242,6 +243,7 @@ static int ioctl_map_scan(int sd, struct ifreq *ifr, void *data) {
+ static int ioctl_scan_interfaces(struct ifstat_driver *driver,
+ struct ifstat_list *ifs) {
+ int sd;
++ (void)driver;
+
+ if ((sd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+ ifstat_perror("socket");
+@@ -256,7 +258,7 @@ static int ioctl_scan_interfaces(struct ifstat_driver *driver,
+ #endif
+
+ #ifdef USE_KSTAT
+-static int get_kstat_long(kstat_t *ksp, char *name, unsigned long *value) {
++static int get_kstat_long(kstat_t *ksp, char *name, unsigned long long *value) {
+ kstat_named_t *data;
+
+ if ((data = kstat_data_lookup(ksp, name)) == NULL)
+@@ -277,7 +279,7 @@ static int get_kstat_long(kstat_t *ksp, char *name, unsigned long *value) {
+ *value = data->value.ui64;
+ break;
+ #else
+- case KSTAT_DATA_LONGLONG:
++ case KSTAT_DATA_LONG LONGLONG:
+ *value = data->value.ll;
+ break;
+ case KSTAT_DATA_ULONGLONG:
+@@ -311,7 +313,7 @@ static int kstat_open_driver(struct ifstat_driver *driver,
+
+ static int kstat_get_stats(struct ifstat_driver *driver,
+ struct ifstat_list *ifs) {
+- unsigned long bytesin, bytesout;
++ unsigned long long bytesin, bytesout;
+ struct ifstat_data *cur;
+ kstat_ctl_t *kc = driver->data;
+ kstat_t *ksp;
+@@ -802,7 +804,7 @@ static int proc_get_stats(struct ifstat_driver *driver,
+ char buf[1024];
+ FILE *f;
+ char *iface, *stats;
+- unsigned long bytesin, bytesout;
++ unsigned long long bytesin, bytesout;
+ struct ifstat_data *cur;
+ struct proc_driver_data *data = driver->data;
+ char *file;
+@@ -839,7 +841,7 @@ static int proc_get_stats(struct ifstat_driver *driver,
+ iface++;
+ if (*iface == '\0')
+ continue;
+- if (sscanf(stats, "%lu %*u %*u %*u %*u %*u %*u %*u %lu %*u", &bytesin, &bytesout) != 2)
++ if (sscanf(stats, "%llu %*u %*u %*u %*u %*u %*u %*u %llu %*u", &bytesin, &bytesout) != 2)
+ continue;
+
+ if ((cur = ifstat_get_interface(ifs, iface)) != NULL)
+@@ -1326,9 +1328,9 @@ static int win32_get_stats(struct ifstat_driver *driver,
+ for (i = 0; i < iftable->dwNumEntries; i++) {
+ if ((cur = ifstat_get_interface(ifs, iftable->table[i].bDescr)) != NULL)
+ ifstat_set_interface_stats(cur,
+- (unsigned long)
++ (unsigned long long)
+ iftable->table[i].dwInOctets,
+- (unsigned long)
++ (unsigned long long)
+ iftable->table[i].dwOutOctets);
+ }
+ return 1;
+@@ -1346,40 +1348,40 @@ void win32_close_driver(struct ifstat_driver *driver) {
+ static struct ifstat_driver drivers[] = {
+ #ifdef USE_KSTAT
+ { "kstat", &kstat_open_driver, &ioctl_scan_interfaces, &kstat_get_stats,
+- &kstat_close_driver },
++ &kstat_close_driver, NULL },
+ #endif
+ #ifdef USE_IFMIB
+- { "ifmib", NULL, &ifmib_scan_interfaces, &ifmib_get_stats, NULL },
++ { "ifmib", NULL, &ifmib_scan_interfaces, &ifmib_get_stats, NULL, NULL },
+ #endif
+ #ifdef USE_IFDATA
+ { "ifdata", &ifdata_open_driver, &ifdata_scan_interfaces,
+- &ifdata_get_stats, &ifdata_close_driver },
++ &ifdata_get_stats, &ifdata_close_driver, NULL },
+ #endif
+ #ifdef USE_ROUTE
+ { "route", &route_open_driver, &route_scan_interfaces,
+- &route_get_stats, &route_close_driver },
++ &route_get_stats, &route_close_driver, NULL },
+ #endif
+ #ifdef USE_KVM
+ { "kvm", &kvm_open_driver, &kvm_scan_interfaces, &kvm_get_stats,
+- &kvm_close_driver },
++ &kvm_close_driver, NULL },
+ #endif
+ #ifdef USE_PROC
+ { "proc", &proc_open_driver, &ioctl_scan_interfaces, &proc_get_stats,
+- &proc_close_driver },
++ &proc_close_driver, NULL },
+ #endif
+ #ifdef USE_DLPI
+ { "dlpi", &dlpi_open_driver, &dlpi_scan_interfaces, &dlpi_get_stats,
+- &dlpi_close_driver },
++ &dlpi_close_driver, NULL },
+ #endif
+ #ifdef USE_WIN32
+ { "win32", &win32_open_driver, &win32_scan_interfaces,
+- &win32_get_stats, &win32_close_driver },
++ &win32_get_stats, &win32_close_driver, NULL },
+ #endif
+ #ifdef USE_SNMP
+ { "snmp", &snmp_open_driver, &snmp_scan_interfaces, &snmp_get_stats,
+- &snmp_close_driver },
++ &snmp_close_driver, NULL },
+ #endif
+- { NULL } };
++ { NULL, NULL, NULL, NULL, NULL, NULL } };
+
+ int ifstat_get_driver(char *name, struct ifstat_driver *driver) {
+ int num = 0;
+diff --git a/ifstat.c b/ifstat.c
+index 942aa94..0521e71 100644
+--- a/ifstat.c
++++ b/ifstat.c
+@@ -215,7 +215,8 @@ static RETSIGTYPE update_termsize(int sig) {
+ int _sigcont = 0;
+ #ifdef SIGCONT
+ static RETSIGTYPE sigcont(int sig) {
+- _sigcont = 1;
++ (void)sig;
++ _sigcont = 1;
+ RESIGNAL(SIGCONT, &sigcont);
+ }
+ #endif
+@@ -234,7 +235,7 @@ static RETSIGTYPE sigcont(int sig) {
+
+ #define NUM "12345.12"
+ #define NA " n/a"
+-#define WIDTH (sizeof(NUM) - 1) * 2 + (sizeof(SPACE) - 1)
++#define WIDTH ((ssize_t)sizeof(NUM) - 1) * 2 + ((ssize_t)sizeof(SPACE) - 1)
+
+ #define LEN(options, namelen) (((options) & OPT_FIXEDWIDTH || (namelen) < WIDTH) ? WIDTH : (namelen))
+ #define FMT(n) (((n) < 1e+5) ? "%8.2f" : (((n) < 1e+6) ? "%.1f" : "%.2e"))
+diff --git a/ifstat.h b/ifstat.h
+index b63a3fb..dff38b6 100644
+--- a/ifstat.h
++++ b/ifstat.h
+@@ -35,7 +35,7 @@
+ struct ifstat_data {
+ char *name;
+ int namelen;
+- unsigned long obout, obin, bout, bin;
++ unsigned long long obout, obin, bout, bin;
+ int flags, index;
+ struct ifstat_data *next;
+ };
+@@ -72,8 +72,8 @@ void ifstat_add_interface(struct ifstat_list *ifs, char *ifname, int flags);
+ void ifstat_free_interface(struct ifstat_data *data);
+
+ void ifstat_set_interface_stats(struct ifstat_data *data,
+- unsigned long bytesin,
+- unsigned long bytesout);
++ unsigned long long bytesin,
++ unsigned long long bytesout);
+
+ void ifstat_set_interface_index(struct ifstat_data *data,
+ int index);
+diff --git a/snmp.c b/snmp.c
+index 2457001..5dd8a0a 100644
+--- a/snmp.c
++++ b/snmp.c
+@@ -91,7 +91,7 @@ static int snmp_get_ifcount(struct snmp_session *ss) {
+
+ static int snmp_get_nextif(struct snmp_session *ss, int index) {
+ oid ifindex[] = { 1, 3, 6, 1, 2, 1, 2, 2, 1, 1, 0 };
+- int len = sizeof(ifindex) / sizeof(oid);
++ unsigned int len = sizeof(ifindex) / sizeof(oid);
+ struct snmp_pdu *pdu;
+ struct snmp_pdu *response = NULL;
+ struct variable_list *vars;
+@@ -139,7 +139,7 @@ static int snmp_get_nextif(struct snmp_session *ss, int index) {
+
+ struct ifsnmp {
+ char name[S_IFNAMEMAX];
+- unsigned long bout, bin;
++ unsigned long long bout, bin;
+ int flags, index;
+ };
+
+@@ -248,7 +248,7 @@ static int snmp_get_ifinfos(struct snmp_session *ss, int nifaces,
+ if (memcmp(ifinfo, vars->name, sizeof(ifinfo) - 2 * sizeof(oid)) != 0)
+ continue;
+ for(i = 0; i < nifaces; i++) {
+- if (ifsnmp[i].index == vars->name[10])
++ if ((signed long long)ifsnmp[i].index == (signed long long)vars->name[10])
+ break;
+ }
+
+@@ -258,11 +258,11 @@ static int snmp_get_ifinfos(struct snmp_session *ss, int nifaces,
+ switch (vars->name[9]) {
+ case ifDescr:
+ if (vars->type == ASN_OCTET_STR) {
+- int count = vars->val_len;
++ unsigned int count = vars->val_len;
+
+ if (count >= sizeof(ifsnmp[i].name))
+ count = sizeof(ifsnmp[i].name) - 1;
+- strncpy(ifsnmp[i].name, vars->val.string, count);
++ strncpy(ifsnmp[i].name, (char *)vars->val.string, count);
+ ifsnmp[i].name[count] = '\0';
+ }
+ break;
+@@ -361,7 +361,7 @@ int snmp_open_driver(struct ifstat_driver *driver, char *options) {
+ snmp_sess_init(&session);
+ session.peername = host;
+ session.version = SNMP_VERSION_1;
+- session.community = community;
++ session.community = (unsigned char *)community;
+ session.community_len = strlen(community);
+
+ if ((data->session = snmp_open(&session)) == NULL) {
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=jool
-PKG_VERSION:=4.0.9
+PKG_VERSION:=4.1.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/NICMx/Jool/releases/download/v$(PKG_VERSION)
-PKG_HASH:=d42215f87abf2e113bc039d23e6b4e1c39cafc90f0e5584adf0e40e996c68ffb
+PKG_HASH:=84e294f880986ef13fc17d7ddb96aac5d88b7d47932c843eb621647235191fab
PKG_MAINTAINER:=
PKG_LICENSE:=GPL-2.0-only
$(call Package/jool/Default)
TITLE:=Jool meta-package
DEPENDS:=+kmod-jool +jool-tools
+ BUILDONLY:=1
endef
define Package/jool/description
PKG_NAME:=kea
PKG_VERSION:=1.8.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.isc.org/isc/kea/$(PKG_VERSION)
TARGET_CXXFLAGS += \
$(FPIC) \
-fdata-sections \
- -ffunction-sections
+ -ffunction-sections \
+ -std=c++17
TARGET_LDFLAGS += \
-Wl,--gc-sections,--as-needed
--- a/configure.ac
+++ b/configure.ac
-@@ -542,8 +542,8 @@ AC_TRY_COMPILE([
+@@ -580,10 +580,10 @@ AC_TRY_COMPILE([
+
+ usable_regex=
AC_MSG_CHECKING(for usuable C++11 regex)
-AC_TRY_RUN([
+AC_TRY_COMPILE([
--- a/m4macros/ax_crypto.m4
+++ b/m4macros/ax_crypto.m4
-@@ -454,7 +454,7 @@ EOF
+@@ -330,7 +330,7 @@ EOF
dnl Check availability of SHA-2
AC_MSG_CHECKING([support of SHA-2])
LIBS_SAVED=${LIBS}
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
# Install kea-admin in sbin.
sbin_SCRIPTS = kea-admin
--- a/src/bin/agent/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/d2/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/dhcp4/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/dhcp6/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/keactrl/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
# Install keactrl in sbin and the keactrl.conf required by the keactrl
# in etc. keactrl will look for its configuration file in the etc folder.
--- a/src/bin/lfc/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/netconf/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/perfdhcp/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
--- a/src/bin/shell/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
pkgpython_PYTHON = kea_conn.py kea_connector2.py kea_connector3.py
-
+
--- a/src/hooks/dhcp/high_availability/Makefile.am
+++ b/src/hooks/dhcp/high_availability/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . libloadtests tests
+SUBDIRS = . libloadtests
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/hooks/dhcp/lease_cmds/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/hooks/dhcp/stat_cmds/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/hooks/dhcp/user_chk/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/asiodns/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/asiolink/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . testutils tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/cc/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/cfgrpt/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CXXFLAGS = $(KEA_CXXFLAGS)
--- a/src/lib/config/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/config_backend/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/cql/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . testutils tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES) $(CQL_CPPFLAGS)
--- a/src/lib/cryptolink/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES) $(CRYPTO_CFLAGS) $(CRYPTO_INCLUDES)
--- a/src/lib/database/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . testutils tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/dhcp/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/dhcp_ddns/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/dhcpsrv/Makefile.am
+++ b/src/lib/dhcpsrv/Makefile.am
@@ -1,6 +1,6 @@
AUTOMAKE_OPTIONS = subdir-objects
-
+
-SUBDIRS = . testutils tests benchmarks
+SUBDIRS = . benchmarks
-
- dhcp_data_dir = @localstatedir@/@PACKAGE@
- kea_lfc_location = @prefix@/sbin/kea-lfc
+
+ # DATA_DIR is the directory where to put default CSV files and the DHCPv6
+ # server ID file (i.e. the file where the server finds its DUID at startup).
--- a/src/lib/dns/Makefile.am
+++ b/src/lib/dns/Makefile.am
@@ -1,6 +1,6 @@
AUTOMAKE_OPTIONS = subdir-objects
-
+
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/eval/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/exceptions/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CXXFLAGS=$(KEA_CXXFLAGS)
--- a/src/lib/hooks/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/http/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/log/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = interprocess . compiler tests
+SUBDIRS = interprocess . compiler
-
+
AM_CPPFLAGS = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/log/interprocess/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += -DLOCKFILE_DIR=\"$(localstatedir)/run/$(PACKAGE_NAME)\"
--- a/src/lib/mysql/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . testutils tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES) $(MYSQL_CPPFLAGS)
--- a/src/lib/pgsql/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . testutils tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES) $(PGSQL_CPPFLAGS)
--- a/src/lib/process/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/util/Makefile.am
+++ b/src/lib/util/Makefile.am
@@ -1,6 +1,6 @@
AUTOMAKE_OPTIONS = subdir-objects
-
+
-SUBDIRS = . io unittests tests python
+SUBDIRS = . io unittests python
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES)
--- a/src/lib/yang/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = . testutils pretests tests
+SUBDIRS = .
-
+
AM_CPPFLAGS = -I$(top_srcdir)/src/lib -I$(top_builddir)/src/lib
AM_CPPFLAGS += $(BOOST_INCLUDES) $(SYSREPO_CPPFLAGS)
local conf_name
- conf_name=$(basename -- "${kea_config_file}" | rev | cut -f2- -d'.' | rev)
+ conf_name=$(basename -- "${kea_config_file}" | awk '{for(i=length($0); i>0;i--) printf (substr($0,i,1));}' | cut -f2- -d'.' | awk '{for(i=length($0); i>0;i--) printf (substr($0,i,1));}')
-
+
# Default the directory to --localstatedir / run
local pid_file_dir
include $(TOPDIR)/rules.mk
PKG_NAME:=knot
-PKG_VERSION:=2.9.6
-PKG_RELEASE:=1
+PKG_VERSION:=3.0.1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/
-PKG_HASH:=bf742883c6825b54f19f2dadca2c94fec1ff8bdcf0a52388e2e167937594b2e7
+PKG_HASH:=97af6724b04308f691392c80d75564ff8b246871f2f59c4f03cede3c4dd401bb
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_LICENSE:=GPL-3.0 LGPL-2.0 0BSD BSD-3-Clause OLDAP-2.8
--enable-cap-ng=no \
--disable-fastparser \
--without-libidn \
+ --with-libnghttp2=no \
--with-rundir=/var/run/knot \
--with-storage=/var/lib/knot \
--with-configdir=/etc/knot \
--with-conf-mapsize=20
-TARGET_CFLAGS += -DPSELECT_COMPAT -DNDEBUG
+TARGET_CFLAGS += -DNDEBUG
define Package/knot/conffiles
/etc/knot/knot.conf
include $(TOPDIR)/rules.mk
PKG_NAME:=libreswan
-PKG_VERSION:=3.32
-PKG_RELEASE:=3
+PKG_VERSION:=4.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://download.libreswan.org/
-PKG_HASH:=236b57fee8f562302c54f2b16d8a839a9039fcb5893668e61b398ec6b179432e
+PKG_HASH:=216444c3a2ede7bed5820648856fa5d9cc8fc4b4122bd4a1129d1a5954d9227d
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
USE_LABELED_IPSEC=false \
USE_NM=false \
USE_NSS_KDF=true \
- USE_NSS_PRF=true \
USE_LIBCURL=false \
USE_GLIBC_KERN_FLIP_HEADERS=true \
USE_XAUTHPAM=false \
USE_LIBCAP_NG=true \
USE_SYSTEMD_WATCHDOG=false \
USE_SECCOMP=false\
- INC_USRLOCAL="/usr" \
+ PREFIX="/usr" \
FINALRUNDIR="/var/run/pluto" \
+ FINALNSSDIR="/etc/ipsec.d" \
MODPROBEARGS="-q" \
ARCH="$(LINUX_KARCH)" \
#include <errno.h>
#include "defs.h"
-@@ -172,7 +172,8 @@
+@@ -180,7 +180,8 @@
/* Send a duplicate packet when this impair is enabled - used for testing */
if (IMPAIR(JACOB_TWO_TWO)) {
/* sleep for half a second, and second another packet */
--- /dev/null
+--- a/include/fd.h 2020-10-25 12:29:43.527467613 +0200
++++ b/include/fd.h 2020-10-25 12:27:41.043595114 +0200
+@@ -26,6 +26,7 @@
+
+ #include <stdbool.h>
+ #include <stdlib.h> /* for ssize_t */
++#include <sys/types.h>
+
+ #include "where.h"
+
+++ /dev/null
-From db7715407efa43cd2a66caed67c02d8f7bb90b35 Mon Sep 17 00:00:00 2001
-From: Paul Wouters <pwouters@redhat.com>
-Date: Tue, 12 May 2020 12:56:38 -0400
-Subject: [PATCH] nss: move NSS_PKCS11_2_0_COMPAT define to
- ike_alg_encrypt_nss_gcm_ops.c
-
-It needs to go before any nss includes are done, and those includes are
-all over the place. But CK_GCM_PARAMS is only used in one file, so
-just define it there instead before the nss includes.
----
- lib/libswan/ike_alg_encrypt_nss_gcm_ops.c | 6 ++++++
- 1 files changed, 6 insertions(+), 0 deletions(-)
-
-diff --git a/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c b/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
-index 93a027089a..571913cc1e 100644
---- a/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
-+++ b/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
-@@ -16,6 +16,12 @@
- #include <stdio.h>
- #include <stdlib.h>
-
-+/*
-+ * Special advise from Bob Relyea - needs to go before any nss include
-+ *
-+ */
-+#define NSS_PKCS11_2_0_COMPAT 1
-+
- #include "lswlog.h"
- #include "lswnss.h"
- #include "prmem.h"
--- /dev/null
+--- a/mk/targets.mk 2020-10-25 12:47:38.504784276 +0200
++++ b/mk/targets.mk 2020-10-25 12:48:16.242123361 +0200
+@@ -64,7 +64,7 @@
+ #
+ # For each define: TARGET clean-TARGET install-TARGET
+
+-TARGETS = base manpages
++TARGETS = base
+
+ $(foreach target,$(TARGETS),$(eval $(call recursive-target,$(target))))
+
+++ /dev/null
---- a/programs/pluto/kernel_xfrm.c 2020-05-16 19:12:30.107226478 +0300
-+++ b/programs/pluto/kernel_xfrm.c 2020-05-16 19:20:25.735522574 +0300
-@@ -2759,7 +2759,8 @@
- LOG_ERRNO(errno, "\"%s\"", proc_f);
- }
- } else {
-- LOG_ERRNO(errno, "could not stat \"%s\"", proc_f);
-+ DBG(DBG_KERNEL, DBG_log("starting without ipv6 support!"));
-+ disable_ipv6 = 1;
- }
-
- if (disable_ipv6 == 1) {
PKG_NAME:=lighttpd
PKG_VERSION:=1.4.55
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://download.lighttpd.net/lighttpd/releases-1.4.x
define Package/lighttpd
$(call Package/lighttpd/Default)
MENU:=1
- DEPENDS:=+LIGHTTPD_SSL:libopenssl +libpcre +libpthread
+ DEPENDS:=+LIGHTTPD_SSL:libopenssl +libpcre +libpthread +LIGHTTPD_LOGROTATE:logrotate
TITLE:=A flexible and lightweight web server
endef
Implements SSL support in lighttpd (using libopenssl). This
option is required if you enable the SSL engine in your
lighttpd confguration file.
+
+config LIGHTTPD_LOGROTATE
+ bool "Logrotate support"
+ depends on PACKAGE_lighttpd
+ default n
+ help
+ It adds support for logrotate functionality.
endef
MESON_ARGS += \
done
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/lighttpd $(1)/usr/sbin/
+
+ifneq ($(strip $(CONFIG_LIGHTTPD_LOGROTATE)),)
+ $(INSTALL_DIR) $(1)/etc/logrotate.d
+ $(CP) ./files/lighttpd.logrotate $(1)/etc/logrotate.d/lighttpd.conf
+endif
endef
define BuildPlugin
--- /dev/null
+/var/log/lighttpd/error.log {
+ maxsize 1M
+ compress
+ delaycompress
+ postrotate
+ /etc/init.d/lighttpd reload
+ endscript
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=mwan3
-PKG_VERSION:=2.9.0
+PKG_VERSION:=2.10.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPL-2.0
+PKG_CONFIG_DEPENDS:=CONFIG_IPV6
include $(INCLUDE_DIR)/package.mk
exit 0
endef
+define Build/Compile
+ $(TARGET_CC) $(CFLAGS) $(LDFLAGS) $(FPIC) -shared -o $(PKG_BUILD_DIR)/libwrap_mwan3_sockopt.so.1.0 $(if $(CONFIG_IPV6),-DCONFIG_IPV6) $(PKG_BUILD_DIR)/sockopt_wrap.c -ldl
+endef
+
define Package/mwan3/install
-$(CP) ./files/* $(1)
+ $(CP) ./files/* $(1)
+ $(CP) $(PKG_BUILD_DIR)/libwrap_mwan3_sockopt.so.1.0 $(1)/lib/mwan3/
endef
$(eval $(call BuildPackage,mwan3))
+# For full documentation of mwan3 configuration:
+# https://openwrt.org/docs/guide-user/network/wan/multiwan/mwan3#mwan3_configuration
config globals 'globals'
option mmx_mask '0x3F00'
list track_ip '208.67.220.220'
option family 'ipv4'
option reliability '2'
- option count '1'
- option timeout '2'
- option failure_latency '1000'
- option recovery_latency '500'
- option failure_loss '20'
- option recovery_loss '5'
- option interval '5'
- option down '3'
- option up '8'
config interface 'wan6'
option enabled '0'
list track_ip '2620:0:ccc::2'
option family 'ipv6'
option reliability '2'
- option count '1'
- option timeout '2'
- option interval '5'
- option down '3'
- option up '8'
config interface 'wanb'
option enabled '0'
list track_ip '208.67.220.220'
option family 'ipv4'
option reliability '1'
- option count '1'
- option timeout '2'
- option failure_latency '1000'
- option recovery_latency '500'
- option failure_loss '20'
- option recovery_loss '5'
- option interval '5'
- option down '3'
- option up '8'
config interface 'wanb6'
option enabled '0'
list track_ip '2620:0:ccc::2'
option family 'ipv6'
option reliability '1'
- option count '1'
- option timeout '2'
- option interval '5'
- option down '3'
- option up '8'
config member 'wan_m1_w3'
option interface 'wan'
. /lib/mwan3/common.sh
SCRIPTNAME="mwan3-hotplug"
-[ "$ACTION" = "ifup" ] || [ "$ACTION" = "ifdown" ] || [ "$ACTION" = "connected" ] || [ "$ACTION" = "disconnected" ] || exit 1
+[ "$ACTION" = "ifup" ] || [ "$ACTION" = "ifdown" ] || [ "$ACTION" = "connected" ] || [ "$ACTION" = "disconnected" ] || exit 1
[ -n "$INTERFACE" ] || exit 2
-if ( [ "$ACTION" = "ifup" ] || [ "$ACTION" = "connected" ] ) && [ -z "$DEVICE" ]; then
+[ "$FIRSTCONNECT" = "1" ] || [ "$MWAN3_SHUTDOWN" = "1" ] && exit 0
+
+if { [ "$ACTION" = "ifup" ] || [ "$ACTION" = "connected" ] ; } && [ -z "$DEVICE" ]; then
LOG notice "$ACTION called on $INTERFACE with no device set"
exit 3
fi
[ "$MWAN3_STARTUP" = 1 ] || mwan3_lock "$ACTION" "$INTERFACE"
config_load mwan3
-config_get_bool enabled globals 'enabled' '0'
-[ "${enabled}" -gt 0 ] || {
+/etc/init.d/mwan3 running || {
[ "$MWAN3_STARTUP" = 1 ] || mwan3_unlock "$ACTION" "$INTERFACE"
- LOG notice "mwan3 hotplug on $INTERFACE not called because globally disabled"
+ LOG notice "mwan3 hotplug $ACTION on $INTERFACE not called because globally disabled"
mwan3_flush_conntrack "$INTERFACE" "$ACTION"
exit 0
}
mwan3_init
[ "$MWAN3_STARTUP" = 1 ] || {
- mwan3_set_connected_iptables
- mwan3_set_custom_ipset
+ config_get family $INTERFACE family ipv4
+ mwan3_set_connected_${family}
}
-if [ "$MWAN3_STARTUP" != 1 ]; then
+if [ "$MWAN3_STARTUP" != 1 ] && [ "$ACTION" = "ifup" ]; then
mwan3_set_user_iface_rules $INTERFACE $DEVICE
fi
-config_get initial_state $INTERFACE initial_state "online"
config_get_bool enabled $INTERFACE 'enabled' '0'
[ "${enabled}" -eq 1 ] || {
[ "$MWAN3_STARTUP" = 1 ] || mwan3_unlock "$ACTION" "$INTERFACE"
exit 0
}
-trackpid=$(pgrep -f "mwan3track $INTERFACE ")
-
+config_get initial_state $INTERFACE initial_state "online"
if [ "$initial_state" = "offline" ]; then
status=$(cat $MWAN3TRACK_STATUS_DIR/$INTERFACE/STATUS 2>/dev/null || echo unknown)
+ [ "$status" = "online" ] || status=offline
else
status=online
fi
-[ -z "$TRUE_INTERFACE" ] && mwan3_get_true_iface TRUE_INTERFACE $INTERFACE
-
-binary_status=$status
-[ "$binary_status" = "online" ] || binary_status=offline
+if [ "$ACTION" = ifup ] || [ "$ACTION" = ifdown ]; then
+ initscript=/etc/init.d/mwan3
+ . /lib/functions/procd.sh
+fi
-LOG notice "Execute "$ACTION" event on interface $INTERFACE (${DEVICE:-unknown})"
+LOG notice "Execute $ACTION event on interface $INTERFACE (${DEVICE:-unknown})"
case "$ACTION" in
- ifup|connected)
+ connected)
+ mwan3_set_iface_hotplug_state $INTERFACE "online"
+ mwan3_set_policies_iptables
+ ;;
+ ifup)
mwan3_create_iface_iptables $INTERFACE $DEVICE
mwan3_create_iface_rules $INTERFACE $DEVICE
- mwan3_create_iface_route $INTERFACE $DEVICE
- [ "$MWAN3_STARTUP" != 1 ] && mwan3_add_non_default_iface_route $INTERFACE $DEVICE
- mwan3_set_iface_hotplug_state $INTERFACE "$binary_status"
-
- mwan3_get_src_ip src_ip "$TRUE_INTERFACE"
- if [ -n "${trackpid}" ]; then
- device_pid=$(pgrep -f "mwan3track $INTERFACE $DEVICE ")
- if [ "$device_pid" = "$trackpid" ]; then
- [ "$ACTION" = ifup ] && kill -USR2 "$trackpid"
- else
- mwan3_track $INTERFACE $DEVICE "$binary_status" "$src_ip"
- LOG notice "Restarted tracker [$!] on interface $INTERFACE (${DEVICE:-unknown})"
- fi
- else
- mwan3_track $INTERFACE $DEVICE "$binary_status" "$src_ip"
- LOG notice "Started tracker [$!] on interface $INTERFACE (${DEVICE:-unknown})"
+ mwan3_set_iface_hotplug_state $INTERFACE "$status"
+ if [ "$MWAN3_STARTUP" != 1 ]; then
+ mwan3_create_iface_route $INTERFACE $DEVICE
+ [ "$status" = "online" ] && mwan3_set_policies_iptables
fi
- [ "$MWAN3_STARTUP" != 1 ] && [ "$binary_status" == "online" ] && mwan3_set_policies_iptables
-
- ;;
- ifdown|disconnected)
+ [ "$ACTION" = ifup ] && procd_running mwan3 "track_$INTERFACE" && procd_send_signal mwan3 "track_$INTERFACE" USR2
+ ;;
+ disconnected)
+ mwan3_set_iface_hotplug_state $INTERFACE "offline"
+ mwan3_set_policies_iptables
+ ;;
+ ifdown)
mwan3_set_iface_hotplug_state $INTERFACE "offline"
mwan3_delete_iface_ipset_entries $INTERFACE
mwan3_delete_iface_rules $INTERFACE
mwan3_delete_iface_route $INTERFACE
mwan3_delete_iface_iptables $INTERFACE
- if [ "$ACTION" = "ifdown" ]; then
- [ -n "$trackpid" ] && kill -USR1 "$trackpid"
- fi
+ procd_running mwan3 "track_$INTERFACE" && procd_send_signal mwan3 "track_$INTERFACE" USR1
mwan3_set_policies_iptables
;;
esac
. /lib/functions.sh
. /lib/mwan3/mwan3.sh
- [ "$MWAN3_STARTUP" = 1 ] || mwan3_lock "$ACTION" "$DEVICE-user"
+ [ "$MWAN3_SHUTDOWN" != 1 ] && mwan3_lock "$ACTION" "$DEVICE-user"
- config_load mwan3
- config_get_bool enabled globals 'enabled' '0'
- [ "${enabled}" -gt 0 ] || {
- [ "$MWAN3_STARTUP" = 1 ] || mwan3_unlock "$ACTION" "$DEVICE-user"
+ [ "$MWAN3_SHUTDOWN" != 1 ] && ! /etc/init.d/mwan3 running && {
+ mwan3_unlock "$ACTION" "$DEVICE-user"
exit 0
}
+ config_load mwan3
+
config_get_bool enabled "$INTERFACE" enabled 0
[ "${enabled}" -eq 1 ] || {
- [ "$MWAN3_STARTUP" = 1 ] || mwan3_unlock "$ACTION" "$DEVICE-user"
+ [ "$MWAN3_SHUTDOWN" != 1 ] && mwan3_unlock "$ACTION" "$DEVICE-user"
exit 0
}
- [ "$MWAN3_STARTUP" = 1 ] || mwan3_unlock "$ACTION" "$DEVICE-user"
+ [ "$MWAN3_SHUTDOWN" != 1 ] && mwan3_unlock "$ACTION" "$DEVICE-user"
env -i ACTION="$ACTION" INTERFACE="$INTERFACE" DEVICE="$DEVICE" \
/bin/sh /etc/mwan3.user
#!/bin/sh /etc/rc.common
+. /lib/functions.sh
+. /lib/mwan3/common.sh
+. /lib/functions/network.sh
+. /lib/mwan3/mwan3.sh
+
START=19
USE_PROCD=1
-boot() {
- . /lib/config/uci.sh
- # disabled until mwan3 start runs so hotplug scripts
- # do not start prematurely
- uci_toggle_state mwan3 globals enabled "0"
- rc_procd start_service
+service_running() {
+ [ -d "$MWAN3_STATUS_DIR" ]
}
-# FIXME
-# fd 1000 is an inherited lock file descriptor for preventing concurrent
-# init script executions. Close it here to prevent the mwan3 daemon from
-# inheriting it further to avoid holding the lock indefinitely.
+start_tracker() {
+ local enabled interface
+ interface=$1
+ config_get_bool enabled $interface 'enabled' '0'
+ [ $enabled -eq 0 ] && return
-reload_service() {
- /usr/sbin/mwan3 restart 1000>&-
+ procd_open_instance "track_${1}"
+ procd_set_param command /usr/sbin/mwan3track $interface
+ procd_set_param respawn
+ procd_close_instance
}
start_service() {
- /usr/sbin/mwan3 start 1000>&-
+ local enabled hotplug_pids
+
+ config_load mwan3
+ mwan3_init
+ config_foreach start_tracker interface
+
+ mwan3_lock "command" "mwan3"
+
+ mwan3_update_iface_to_table
+ mwan3_set_connected_ipset
+ mwan3_set_custom_ipset
+ mwan3_set_general_rules
+ mwan3_set_general_iptables
+ config_foreach mwan3_ifup interface 1
+ wait $hotplug_pids
+ mwan3_set_policies_iptables
+ mwan3_set_user_rules
+
+ mwan3_unlock "command" "mwan3"
+
+ procd_open_instance rtmon_ipv4
+ procd_set_param command /usr/sbin/mwan3rtmon ipv4
+ procd_set_param respawn
+ procd_close_instance
+
+ if command -v ip6tables > /dev/null; then
+ procd_open_instance rtmon_ipv6
+ procd_set_param command /usr/sbin/mwan3rtmon ipv6
+ procd_set_param respawn
+ procd_close_instance
+ fi
}
stop_service() {
- /usr/sbin/mwan3 stop 1000>&-
+ local ipset rule IP IPTR IPT family table tid
+
+ mwan3_lock "command" "mwan3"
+
+ config_load mwan3
+ mwan3_init
+ config_foreach mwan3_interface_shutdown interface
+
+ for family in ipv4 ipv6; do
+ if [ "$family" = "ipv4" ]; then
+ IPT="$IPT4"
+ IPTR="$IPT4R"
+ IP="$IP4"
+ elif [ "$family" = "ipv6" ]; then
+ [ $NO_IPV6 -ne 0 ] && continue
+ IPT="$IPT6"
+ IPTR="$IPT6R"
+ IP="$IP6"
+ fi
+
+ for tid in $(ip route list table all | sed -ne 's/.*table \([0-9]\+\).*/\1/p' | sort -u); do
+ [ $tid -gt $MWAN3_INTERFACE_MAX ] && continue
+ $IP route flush table $tid &> /dev/null
+ done
+
+ for rule in $($IP rule list | grep -E '^[1-3][0-9]{3}\:' | cut -d ':' -f 1); do
+ $IP rule del pref $rule &> /dev/null
+ done
+ table="$($IPT -S)"
+ {
+ echo "*mangle";
+ [ -z "${table##*PREROUTING -j mwan3_hook*}" ] && echo "-D PREROUTING -j mwan3_hook"
+ [ -z "${table##*OUTPUT -j mwan3_hook*}" ] && echo "-D OUTPUT -j mwan3_hook"
+ echo "$table" | awk '{print "-F "$2}' | grep mwan3 | sort -u
+ echo "$table" | awk '{print "-X "$2}' | grep mwan3 | sort -u
+ echo "COMMIT"
+ } | $IPTR
+ done
+
+ for ipset in $($IPS -n list | grep mwan3_); do
+ $IPS -q destroy $ipset
+ done
+
+ for ipset in $($IPS -n list | grep mwan3 | grep -E '_v4|_v6'); do
+ $IPS -q destroy $ipset
+ done
+
+ rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR
+
+ mwan3_unlock "command" "mwan3"
}
service_triggers() {
echo "${uptime%%.*}"
}
+IP4="ip -4"
+IP6="ip -6"
SCRIPTNAME="$(basename "$0")"
+
+MWAN3_STATUS_DIR="/var/run/mwan3"
+MWAN3TRACK_STATUS_DIR="/var/run/mwan3track"
+
+MWAN3_INTERFACE_MAX=""
+
+MMX_MASK=""
+MMX_DEFAULT=""
+MMX_BLACKHOLE=""
+MM_BLACKHOLE=""
+
+MMX_UNREACHABLE=""
+MM_UNREACHABLE=""
+MAX_SLEEP=$(((1<<31)-1))
+
LOG()
{
local facility=$1; shift
# when this release is out of beta, the comment in the line below
# should be removed
[ "$facility" = "debug" ] && return
- logger -t "$SCRIPTNAME[$$]" -p $facility "$*"
+ logger -t "${SCRIPTNAME}[$$]" -p $facility "$*"
+}
+
+mwan3_get_true_iface()
+{
+ local family V
+ _true_iface=$2
+ config_get family "$2" family ipv4
+ if [ "$family" = "ipv4" ]; then
+ V=4
+ elif [ "$family" = "ipv6" ]; then
+ V=6
+ fi
+ ubus call "network.interface.${2}_${V}" status &>/dev/null && _true_iface="${2}_${V}"
+ export "$1=$_true_iface"
+}
+
+mwan3_get_src_ip()
+{
+ local family _src_ip interface true_iface device addr_cmd default_ip IP sed_str
+ interface=$2
+ mwan3_get_true_iface true_iface $interface
+
+ unset "$1"
+ config_get family "$interface" family ipv4
+ if [ "$family" = "ipv4" ]; then
+ addr_cmd='network_get_ipaddr'
+ default_ip="0.0.0.0"
+ sed_str='s/ *inet \([^ \/]*\).*/\1/;T; pq'
+ IP="$IP4"
+ elif [ "$family" = "ipv6" ]; then
+ addr_cmd='network_get_ipaddr6'
+ default_ip="::"
+ sed_str='s/ *inet6 \([^ \/]*\).* scope.*/\1/;T; pq'
+ IP="$IP6"
+ fi
+
+ $addr_cmd _src_ip "$true_iface"
+ if [ -z "$_src_ip" ]; then
+ network_get_device device $true_iface
+ _src_ip=$($IP address ls dev $device 2>/dev/null | sed -ne "$sed_str")
+ if [ -n "$_src_ip" ]; then
+ LOG warn "no src $family address found from netifd for interface '$true_iface' dev '$device' guessing $_src_ip"
+ else
+ _src_ip="$default_ip"
+ LOG warn "no src $family address found for interface '$true_iface' dev '$device'"
+ fi
+ fi
+ export "$1=$_src_ip"
+}
+
+mwan3_get_mwan3track_status()
+{
+ local track_ips pid
+ mwan3_list_track_ips()
+ {
+ track_ips="$1 $track_ips"
+ }
+ config_list_foreach "$1" track_ip mwan3_list_track_ips
+
+ if [ -n "$track_ips" ]; then
+ pid="$(pgrep -f "mwan3track $1$")"
+ if [ -n "$pid" ]; then
+ if [ "$(cat /proc/"$(pgrep -P $pid)"/cmdline)" = "sleep${MAX_SLEEP}" ]; then
+ tracking="paused"
+ else
+ tracking="active"
+ fi
+ else
+ tracking="down"
+ fi
+ else
+ tracking="not enabled"
+ fi
+ echo "$tracking"
+}
+
+mwan3_init()
+{
+ local bitcnt
+ local mmdefault
+
+ [ -d $MWAN3_STATUS_DIR ] || mkdir -p $MWAN3_STATUS_DIR/iface_state
+
+ # mwan3's MARKing mask (at least 3 bits should be set)
+ if [ -e "${MWAN3_STATUS_DIR}/mmx_mask" ]; then
+ MMX_MASK=$(cat "${MWAN3_STATUS_DIR}/mmx_mask")
+ MWAN3_INTERFACE_MAX=$(uci_get_state mwan3 globals iface_max)
+ else
+ config_load mwan3
+ config_get MMX_MASK globals mmx_mask '0x3F00'
+ echo "$MMX_MASK"| tr 'A-F' 'a-f' > "${MWAN3_STATUS_DIR}/mmx_mask"
+ LOG debug "Using firewall mask ${MMX_MASK}"
+
+ bitcnt=$(mwan3_count_one_bits MMX_MASK)
+ mmdefault=$(((1<<bitcnt)-1))
+ MWAN3_INTERFACE_MAX=$((mmdefault-3))
+ uci_toggle_state mwan3 globals iface_max "$MWAN3_INTERFACE_MAX"
+ LOG debug "Max interface count is ${MWAN3_INTERFACE_MAX}"
+ fi
+
+ # mark mask constants
+ bitcnt=$(mwan3_count_one_bits MMX_MASK)
+ mmdefault=$(((1<<bitcnt)-1))
+ MM_BLACKHOLE=$((mmdefault-2))
+ MM_UNREACHABLE=$((mmdefault-1))
+
+ # MMX_DEFAULT should equal MMX_MASK
+ MMX_DEFAULT=$(mwan3_id2mask mmdefault MMX_MASK)
+ MMX_BLACKHOLE=$(mwan3_id2mask MM_BLACKHOLE MMX_MASK)
+ MMX_UNREACHABLE=$(mwan3_id2mask MM_UNREACHABLE MMX_MASK)
+}
+
+# maps the 1st parameter so it only uses the bits allowed by the bitmask (2nd parameter)
+# which means spreading the bits of the 1st parameter to only use the bits that are set to 1 in the 2nd parameter
+# 0 0 0 0 0 1 0 1 (0x05) 1st parameter
+# 1 0 1 0 1 0 1 0 (0xAA) 2nd parameter
+# 1 0 1 result
+mwan3_id2mask()
+{
+ local bit_msk bit_val result
+ bit_val=0
+ result=0
+ for bit_msk in $(seq 0 31); do
+ if [ $((($2>>bit_msk)&1)) = "1" ]; then
+ if [ $((($1>>bit_val)&1)) = "1" ]; then
+ result=$((result|(1<<bit_msk)))
+ fi
+ bit_val=$((bit_val+1))
+ fi
+ done
+ printf "0x%x" $result
+}
+
+# counts how many bits are set to 1
+# n&(n-1) clears the lowest bit set to 1
+mwan3_count_one_bits()
+{
+ local count n
+ count=0
+ n=$(($1))
+ while [ "$n" -gt "0" ]; do
+ n=$((n&(n-1)))
+ count=$((count+1))
+ done
+ echo $count
}
. /usr/share/libubox/jshn.sh
-IP4="ip -4"
-IP6="ip -6"
IPS="ipset"
IPT4="iptables -t mangle -w"
IPT6="ip6tables -t mangle -w"
IPv6_REGEX="${IPv6_REGEX}fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|"
IPv6_REGEX="${IPv6_REGEX}::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|"
IPv6_REGEX="${IPv6_REGEX}([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])"
+IPv4_REGEX="((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"
-MWAN3_STATUS_DIR="/var/run/mwan3"
-MWAN3TRACK_STATUS_DIR="/var/run/mwan3track"
-MWAN3_INTERFACE_MAX=""
DEFAULT_LOWEST_METRIC=256
-MMX_MASK=""
-MMX_DEFAULT=""
-MMX_BLACKHOLE=""
-MM_BLACKHOLE=""
-
-MMX_UNREACHABLE=""
-MM_UNREACHABLE=""
command -v ip6tables > /dev/null
NO_IPV6=$?
# helper function to build an update string to pass on to
# IPTR or IPS RESTORE. Modifies the 'update' variable in
# the local scope.
- update="$update
-$*";
+ update="$update"$'\n'"$*";
}
mwan3_update_dev_to_table()
{
local _tid
+ # shellcheck disable=SC2034
mwan3_dev_tbl_ipv4=" "
+ # shellcheck disable=SC2034
mwan3_dev_tbl_ipv6=" "
update_table()
config_foreach update_table interface
}
-mwan3_get_true_iface()
-{
- local family V
- _true_iface=$2
- config_get family "$iface" family ipv4
- if [ "$family" = "ipv4" ]; then
- V=4
- elif [ "$family" = "ipv6" ]; then
- V=6
- fi
- ubus call "network.interface.${iface}_${V}" status &>/dev/null && _true_iface="${iface}_${V}"
- export "$1=$_true_iface"
-}
-
mwan3_route_line_dev()
{
# must have mwan3 config already loaded
# arg 1 is route device
- local _tid route_line route_device route_family entry curr_table
+ local _tid route_line route_device route_family entry curr_table
route_line=$2
route_family=$3
route_device=$(echo "$route_line" | sed -ne "s/.*dev \([^ ]*\).*/\1/p")
echo $count
}
-# maps the 1st parameter so it only uses the bits allowed by the bitmask (2nd parameter)
-# which means spreading the bits of the 1st parameter to only use the bits that are set to 1 in the 2nd parameter
-# 0 0 0 0 0 1 0 1 (0x05) 1st parameter
-# 1 0 1 0 1 0 1 0 (0xAA) 2nd parameter
-# 1 0 1 result
-mwan3_id2mask()
-{
- local bit_msk bit_val result
- bit_val=0
- result=0
- for bit_msk in $(seq 0 31); do
- if [ $((($2>>bit_msk)&1)) = "1" ]; then
- if [ $((($1>>bit_val)&1)) = "1" ]; then
- result=$((result|(1<<bit_msk)))
- fi
- bit_val=$((bit_val+1))
- fi
- done
- printf "0x%x" $result
-}
-
-mwan3_init()
-{
- local bitcnt
- local mmdefault
-
- [ -d $MWAN3_STATUS_DIR ] || mkdir -p $MWAN3_STATUS_DIR/iface_state
-
- # mwan3's MARKing mask (at least 3 bits should be set)
- if [ -e "${MWAN3_STATUS_DIR}/mmx_mask" ]; then
- MMX_MASK=$(cat "${MWAN3_STATUS_DIR}/mmx_mask")
- MWAN3_INTERFACE_MAX=$(uci_get_state mwan3 globals iface_max)
- else
- config_load mwan3
- config_get MMX_MASK globals mmx_mask '0x3F00'
- echo "$MMX_MASK"| tr 'A-F' 'a-f' > "${MWAN3_STATUS_DIR}/mmx_mask"
- LOG debug "Using firewall mask ${MMX_MASK}"
-
- bitcnt=$(mwan3_count_one_bits MMX_MASK)
- mmdefault=$(((1<<bitcnt)-1))
- MWAN3_INTERFACE_MAX=$(($mmdefault-3))
- uci_toggle_state mwan3 globals iface_max "$MWAN3_INTERFACE_MAX"
- LOG debug "Max interface count is ${MWAN3_INTERFACE_MAX}"
- fi
-
- # mark mask constants
- bitcnt=$(mwan3_count_one_bits MMX_MASK)
- mmdefault=$(((1<<bitcnt)-1))
- MM_BLACKHOLE=$(($mmdefault-2))
- MM_UNREACHABLE=$(($mmdefault-1))
-
- # MMX_DEFAULT should equal MMX_MASK
- MMX_DEFAULT=$(mwan3_id2mask mmdefault MMX_MASK)
- MMX_BLACKHOLE=$(mwan3_id2mask MM_BLACKHOLE MMX_MASK)
- MMX_UNREACHABLE=$(mwan3_id2mask MM_UNREACHABLE MMX_MASK)
-}
-
mwan3_lock() {
lock /var/run/mwan3.lock
#LOG debug "$1 $2 (lock)"
lock -u /var/run/mwan3.lock
}
-mwan3_get_src_ip()
-{
- local family _src_ip true_iface
- true_iface=$2
- unset "$1"
- config_get family "$true_iface" family ipv4
- if [ "$family" = "ipv4" ]; then
- network_get_ipaddr _src_ip "$true_iface"
- [ -n "$_src_ip" ] || _src_ip="0.0.0.0"
- elif [ "$family" = "ipv6" ]; then
- network_get_ipaddr6 _src_ip "$true_iface"
- [ -n "$_src_ip" ] || _src_ip="::"
- fi
- export "$1=$_src_ip"
-}
-
mwan3_get_iface_id()
{
local _tmp
_tmp="${mwan3_iface_tbl##* ${2}=}"
_tmp=${_tmp%% *}
export "$1=$_tmp"
- new_val=$_tmp
}
mwan3_set_custom_ipset_v4()
{
local custom_network_v4
- for custom_network_v4 in $($IP4 route list table "$1" | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
+ for custom_network_v4 in $($IP4 route list table "$1" | awk '{print $1}' | grep -E "$IPv4_REGEX"); do
LOG notice "Adding network $custom_network_v4 from table $1 to mwan3_custom_v4 ipset"
mwan3_push_update -! add mwan3_custom_v4 "$custom_network_v4"
done
{
local custom_network_v6
- for custom_network_v6 in $($IP6 route list table "$1" | awk '{print $1}' | egrep "$IPv6_REGEX"); do
+ for custom_network_v6 in $($IP6 route list table "$1" | awk '{print $1}' | grep -E "$IPv6_REGEX"); do
LOG notice "Adding network $custom_network_v6 from table $1 to mwan3_custom_v6 ipset"
mwan3_push_update -! add mwan3_custom_v6 "$custom_network_v6"
done
mwan3_set_connected_ipv4()
{
local connected_network_v4 candidate_list cidr_list
- local ipv4regex='[0-9]{1,3}(\.[0-9]{1,3}){3}'
$IPS -! create mwan3_connected_v4 hash:net
$IPS create mwan3_connected_v4_temp hash:net
$IP4 route | awk '{print $1}'
$IP4 route list table 0 | awk '{print $2}'
}
- for connected_network_v4 in $(route_lists | egrep "$ipv4regex"); do
+ for connected_network_v4 in $(route_lists | grep -E "$IPv4_REGEX"); do
if [ -z "${connected_network_v4##*/*}" ]; then
cidr_list="$cidr_list $connected_network_v4"
else
$IPS swap mwan3_connected_v4_temp mwan3_connected_v4
$IPS destroy mwan3_connected_v4_temp
+ $IPS -! add mwan3_connected mwan3_connected_v4
}
-mwan3_set_connected_iptables()
+mwan3_set_connected_ipv6()
{
- local connected_network_v6 source_network_v6 error
+ local connected_network_v6 error
local update=""
- mwan3_set_connected_ipv4
+ [ $NO_IPV6 -eq 0 ] || return
- [ $NO_IPV6 -eq 0 ] && {
- mwan3_push_update -! create mwan3_connected_v6 hash:net family inet6
- mwan3_push_update flush mwan3_connected_v6
+ mwan3_push_update -! create mwan3_connected_v6 hash:net family inet6
+ mwan3_push_update flush mwan3_connected_v6
- for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep "$IPv6_REGEX"); do
- mwan3_push_update -! add mwan3_connected_v6 "$connected_network_v6"
- done
+ for connected_network_v6 in $($IP6 route | awk '{print $1}' | grep -E "$IPv6_REGEX"); do
+ mwan3_push_update -! add mwan3_connected_v6 "$connected_network_v6"
+ done
- mwan3_push_update -! create mwan3_source_v6 hash:net family inet6
- for source_network_v6 in $($IP6 addr ls | sed -ne 's/ *inet6 \([^ \/]*\).* scope global.*/\1/p'); do
- mwan3_push_update -! add mwan3_source_v6 "$source_network_v6"
- done
- }
+ mwan3_push_update -! add mwan3_connected mwan3_connected_v6
+ error=$(echo "$update" | $IPS restore 2>&1) || LOG error "set_connected_ipv6: $error"
+}
+
+mwan3_set_connected_ipset()
+{
+ local error
+ local update=""
mwan3_push_update -! create mwan3_connected list:set
mwan3_push_update flush mwan3_connected
- mwan3_push_update -! add mwan3_connected mwan3_connected_v4
- [ $NO_IPV6 -eq 0 ] && mwan3_push_update -! add mwan3_connected mwan3_connected_v6
mwan3_push_update -! create mwan3_dynamic_v4 hash:net
mwan3_push_update -! add mwan3_connected mwan3_dynamic_v4
- [ $NO_IPV6 -eq 0 ] && mwan3_push_update -! create mwan3_dynamic_v6 hash:net family inet6
- [ $NO_IPV6 -eq 0 ] && mwan3_push_update -! add mwan3_connected mwan3_dynamic_v6
- error=$(echo "$update" | $IPS restore 2>&1) || LOG error "set_connected_iptables: $error"
+ if [ $NO_IPV6 -eq 0 ]; then
+ mwan3_push_update -! create mwan3_dynamic_v6 hash:net family inet6
+ mwan3_push_update -! add mwan3_connected mwan3_dynamic_v6
+ fi
+
+ error=$(echo "$update" | $IPS restore 2>&1) || LOG error "set_connected_ipset: $error"
}
mwan3_set_general_rules()
for IP in "$IP4" "$IP6"; do
[ "$IP" = "$IP6" ] && [ $NO_IPV6 -ne 0 ] && continue
- RULE_NO=$(($MM_BLACKHOLE+2000))
+ RULE_NO=$((MM_BLACKHOLE+2000))
if [ -z "$($IP rule list | awk -v var="$RULE_NO:" '$1 == var')" ]; then
$IP rule add pref $RULE_NO fwmark $MMX_BLACKHOLE/$MMX_MASK blackhole
fi
- RULE_NO=$(($MM_UNREACHABLE+2000))
+ RULE_NO=$((MM_UNREACHABLE+2000))
if [ -z "$($IP rule list | awk -v var="$RULE_NO:" '$1 == var')" ]; then
$IP rule add pref $RULE_NO fwmark $MMX_UNREACHABLE/$MMX_MASK unreachable
fi
local IPT current update error
for IPT in "$IPT4" "$IPT6"; do
[ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue
- current="$($IPT -S)"
+ current="$($IPT -S)"$'\n'
update="*mangle"
if [ -n "${current##*-N mwan3_ifaces_in*}" ]; then
mwan3_push_update -N mwan3_ifaces_in
-p ipv6-icmp \
-m icmp6 --icmpv6-type 137 \
-j RETURN
- # do not mangle outgoing echo request
- mwan3_push_update -A mwan3_hook \
- -m set --match-set mwan3_source_v6 src \
- -p ipv6-icmp \
- -m icmp6 --icmpv6-type 128 \
- -j RETURN
fi
mwan3_push_update -A mwan3_hook \
+ -m mark --mark 0x0/$MMX_MASK \
-j CONNMARK --restore-mark --nfmask "$MMX_MASK" --ctmask "$MMX_MASK"
mwan3_push_update -A mwan3_hook \
-m mark --mark 0x0/$MMX_MASK \
mwan3_create_iface_iptables()
{
- local id family connected_name IPT IPTR current update error
+ local id family IPT IPTR current update error
config_get family "$1" family ipv4
mwan3_get_iface_id id "$1"
[ -n "$id" ] || return 0
if [ "$family" = "ipv4" ]; then
- connected_name=mwan3_connected
IPT="$IPT4"
IPTR="$IPT4R"
- $IPS -! create $connected_name list:set
-
elif [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then
- connected_name=mwan3_connected_v6
IPT="$IPT6"
IPTR="$IPT6R"
- $IPS -! create $connected_name hash:net family inet6
else
return
fi
- current="$($IPT -S)"
+
+ current="$($IPT -S)"$'\n'
update="*mangle"
if [ -n "${current##*-N mwan3_ifaces_in*}" ]; then
mwan3_push_update -N mwan3_ifaces_in
fi
- if [ -n "${current##*-N mwan3_iface_in_$1*}" ]; then
+ if [ -n "${current##*-N mwan3_iface_in_$1$'\n'*}" ]; then
mwan3_push_update -N "mwan3_iface_in_$1"
else
mwan3_push_update -F "mwan3_iface_in_$1"
mwan3_push_update -A "mwan3_iface_in_$1" \
-i "$2" \
- -m set --match-set $connected_name src \
- -m mark --mark 0x0/$MMX_MASK \
+ -m set --match-set mwan3_connected src \
+ -m mark --mark "0x0/$MMX_MASK" \
-m comment --comment "default" \
- -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+ -j MARK --set-xmark "$MMX_DEFAULT/$MMX_MASK"
mwan3_push_update -A "mwan3_iface_in_$1" \
-i "$2" \
- -m mark --mark 0x0/$MMX_MASK \
+ -m mark --mark "0x0/$MMX_MASK" \
-m comment --comment "$1" \
- -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+ -j MARK --set-xmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK"
- if [ -n "${current##*-A mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_${1}*}" ]; then
+ if [ -n "${current##*-A mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_${1}$'\n'*}" ]; then
mwan3_push_update -A mwan3_ifaces_in \
-m mark --mark 0x0/$MMX_MASK \
-j "mwan3_iface_in_$1"
- LOG debug "create_iface_iptables: mwan3_iface_in_$1 not in iptables, adding"
+ LOG debug "create_iface_iptables: mwan3_iface_in_$1 not in iptables, adding"
else
- LOG debug "create_iface_iptables: mwan3_iface_in_$1 already in iptables, skip"
+ LOG debug "create_iface_iptables: mwan3_iface_in_$1 already in iptables, skip"
fi
mwan3_push_update COMMIT
}
-mwan3_create_iface_route()
+mwan3_get_routes()
{
- local id via metric V V_ IP family
- local iface device cmd true_iface
-
- iface=$1
- device=$2
- config_get family "$iface" family ipv4
- mwan3_get_iface_id id "$iface"
-
- [ -n "$id" ] || return 0
-
- mwan3_get_true_iface true_iface $iface
- if [ "$family" = "ipv4" ]; then
- V_=""
- IP="$IP4"
- elif [ "$family" = "ipv6" ]; then
- V_=6
- IP="$IP6"
- fi
-
- network_get_gateway${V_} via "$true_iface"
-
- { [ -z "$via" ] || [ "$via" = "0.0.0.0" ] || [ "$via" = "::" ] ; } && unset via
-
- network_get_metric metric "$true_iface"
-
- $IP route flush table "$id"
- cmd="$IP route add table $id default \
- ${via:+via} $via \
- ${metric:+metric} $metric \
- dev $2"
- $cmd || LOG warn "ip cmd failed $cmd"
-
+ local source_routing
+ config_get_bool source_routing globals source_routing 0
+ [ $source_routing -eq 0 ] && unset source_routing
+ $IP route list table main | sed -ne "/^linkdown/T; s/expires \([0-9]\+\)sec//;s/error [0-9]\+//; ${source_routing:+s/default\(.*\) from [^ ]*/default\1/;} p" | uniq
}
-mwan3_add_non_default_iface_route()
+mwan3_create_iface_route()
{
- local tid route_line family IP id
+ local tid route_line family IP id tbl
config_get family "$1" family ipv4
mwan3_get_iface_id id "$1"
IP="$IP6"
fi
+ tbl=$($IP route list table $id 2>/dev/null)$'\n'
mwan3_update_dev_to_table
- $IP route list table main | grep -v "^default\|linkdown\|^::/0\|^fe80::/64\|^unreachable" | while read route_line; do
+ mwan3_get_routes | while read -r route_line; do
mwan3_route_line_dev "tid" "$route_line" "$family"
+ { [ -z "${route_line##default*}" ] || [ -z "${route_line##fe80::/64*}" ]; } && [ "$tid" != "$id" ] && continue
if [ -z "$tid" ] || [ "$tid" = "$id" ]; then
+ # possible that routes are already in the table
+ # if 'connected' was called after 'ifup'
+ [ -n "$tbl" ] && [ -z "${tbl##*$route_line$'\n'*}" ] && continue
$IP route add table $id $route_line ||
LOG warn "failed to add $route_line to table $id"
fi
done
}
-mwan3_add_all_nondefault_routes()
-{
- local tid IP route_line ipv family active_tbls tid
-
- add_active_tbls()
- {
- let tid++
- config_get family "$1" family ipv4
- [ "$family" != "$ipv" ] && return
- $IP route list table $tid 2>/dev/null | grep -q "^default\|^::/0" && {
- active_tbls="$active_tbls${tid} "
- }
- }
-
- add_route()
- {
- let tid++
- [ -n "${active_tbls##* $tid *}" ] && return
- $IP route add table $tid $route_line ||
- LOG warn "failed to add $route_line to table $tid"
- }
-
- mwan3_update_dev_to_table
- for ipv in ipv4 ipv6; do
- [ "$ipv" = "ipv6" ] && [ $NO_IPV6 -ne 0 ] && continue
- if [ "$ipv" = "ipv4" ]; then
- IP="$IP4"
- elif [ "$ipv" = "ipv6" ]; then
- IP="$IP6"
- fi
- tid=0
- active_tbls=" "
- config_foreach add_active_tbls interface
- $IP route list table main | grep -v "^default\|linkdown\|^::/0\|^fe80::/64\|^unreachable" | while read route_line; do
- mwan3_route_line_dev "tid" "$route_line" "$ipv"
- if [ -n "$tid" ]; then
- $IP route add table $tid $route_line
- else
- config_foreach add_route interface
- fi
- done
- done
-}
mwan3_delete_iface_route()
{
- local id
+ local id family
config_get family "$1" family ipv4
mwan3_get_iface_id id "$1"
- [ -n "$id" ] || return 0
+ if [ -z "$id" ]; then
+ LOG warn "delete_iface_route: could not find table id for interface $1"
+ return 0
+ fi
if [ "$family" = "ipv4" ]; then
$IP4 route flush table "$id"
- fi
-
- if [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then
+ elif [ "$family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then
$IP6 route flush table "$id"
fi
}
return
fi
- while [ -n "$($IP rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do
- $IP rule del pref $(($id+1000))
- done
-
- while [ -n "$($IP rule list | awk '$1 == "'$(($id+2000)):'"')" ]; do
- $IP rule del pref $(($id+2000))
- done
+ mwan3_delete_iface_rules "$1"
- $IP rule add pref $(($id+1000)) iif "$2" lookup "$id"
- $IP rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup "$id"
+ $IP rule add pref $((id+1000)) iif "$2" lookup "$id"
+ $IP rule add pref $((id+2000)) fwmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK" lookup "$id"
+ $IP rule add pref $((id+3000)) fwmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK" unreachable
}
mwan3_delete_iface_rules()
{
- local id family
+ local id family IP rule_id
config_get family "$1" family ipv4
mwan3_get_iface_id id "$1"
return
fi
- while [ -n "$($IP rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do
- $IP rule del pref $(($id+1000))
- done
-
- while [ -n "$($IP rule list | awk '$1 == "'$(($id+2000)):'"')" ]; do
- $IP rule del pref $(($id+2000))
+ for rule_id in $(ip rule list | awk '$1 % 1000 == '$id' && $1 > 1000 && $1 < 4000 {print substr($1,0,4)}'); do
+ $IP rule del pref $rule_id
done
}
done
}
-mwan3_rtmon()
-{
- local protocol
- for protocol in "ipv4" "ipv6"; do
- pid="$(pgrep -f "mwan3rtmon $protocol")"
- [ "$protocol" = "ipv6" ] && [ $NO_IPV6 -ne 0 ] && continue
- if [ "${pid}" = "" ]; then
- [ -x /usr/sbin/mwan3rtmon ] && /usr/sbin/mwan3rtmon $protocol &
- fi
- done
-}
-
-mwan3_track()
-{
- local track_ips pids
-
- mwan3_list_track_ips()
- {
- track_ips="$track_ips $1"
- }
- config_list_foreach "$1" track_ip mwan3_list_track_ips
-
- # don't match device in case it changed from last launch
- if pids=$(pgrep -f "mwan3track $1 "); then
- kill -TERM $pids > /dev/null 2>&1
- sleep 1
- kill -KILL $(pgrep -f "mwan3track $1 ") > /dev/null 2>&1
- fi
-
- if [ -n "$track_ips" ]; then
- [ -x /usr/sbin/mwan3track ] && MWAN3_STARTUP=0 /usr/sbin/mwan3track "$1" "$2" "$3" "$4" $track_ips &
- fi
-}
mwan3_set_policy()
{
IPT="$IPT6"
IPTR="$IPT6R"
fi
- current="$($IPT -S)"
+ current="$($IPT -S)"$'\n'
update="*mangle"
if [ "$family" = "ipv4" ] && [ $is_offline -eq 0 ]; then
total_weight_v4=$weight
lowest_metric_v4=$metric
elif [ "$metric" -eq "$lowest_metric_v4" ]; then
- total_weight_v4=$(($total_weight_v4+$weight))
+ total_weight_v4=$((total_weight_v4+weight))
total_weight=$total_weight_v4
else
return
total_weight_v6=$weight
lowest_metric_v6=$metric
elif [ "$metric" -eq "$lowest_metric_v6" ]; then
- total_weight_v6=$(($total_weight_v6+$weight))
+ total_weight_v6=$((total_weight_v6+weight))
total_weight=$total_weight_v6
else
return
mwan3_push_update -A "mwan3_policy_$policy" \
-m mark --mark 0x0/$MMX_MASK \
-m comment --comment \"$iface $weight $weight\" \
- -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+ -j MARK --set-xmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK"
elif [ $is_offline -eq 0 ]; then
- probability=$(($weight*1000/$total_weight))
+ probability=$((weight*1000/total_weight))
if [ "$probability" -lt 10 ]; then
probability="0.00$probability"
elif [ $probability -lt 100 ]; then
--mode random \
--probability "$probability" \
-m comment --comment \"$iface $weight $total_weight\" \
- -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+ -j MARK --set-xmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK"
elif [ -n "$device" ]; then
echo "$current" | grep -q "^-A mwan3_policy_$policy.*--comment .* [0-9]* [0-9]*" ||
mwan3_push_update -I "mwan3_policy_$policy" \
for IPT in "$IPT4" "$IPT6"; do
[ "$IPT" = "$IPT6" ] && [ $NO_IPV6 -ne 0 ] && continue
- current="$($IPT -S)"
+ current="$($IPT -S)"$'\n'
update="*mangle"
- if [ -n "${current##*-N mwan3_policy_$1*}" ]; then
- mwan3_push_update -N "mwan3_policy_$1"
+ if [ -n "${current##*-N mwan3_policy_$1$'\n'*}" ]; then
+ mwan3_push_update -N "mwan3_policy_$1"
fi
mwan3_push_update -F "mwan3_policy_$1"
mwan3_get_iface_id id "$1"
[ -n "$id" ] || return 0
- if [ -z "${current##*-N mwan3_iface_in_$1*}" ]; then
+ if [ -z "${current##*-N mwan3_iface_in_$1$'\n'*}" ]; then
mwan3_push_update -I "mwan3_rule_$rule" \
- -m mark --mark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK \
+ -m mark --mark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK" \
-m set ! --match-set "mwan3_sticky_$rule" src,src \
- -j MARK --set-xmark 0x0/$MMX_MASK
+ -j MARK --set-xmark "0x0/$MMX_MASK"
mwan3_push_update -I "mwan3_rule_$rule" \
- -m mark --mark 0/$MMX_MASK \
- -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
+ -m mark --mark "0/$MMX_MASK" \
+ -j MARK --set-xmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK"
fi
fi
done
{
local ipset family proto policy src_ip src_port src_iface src_dev
local sticky dest_ip dest_port use_policy timeout policy
- local global_logging rule_logging loglevel rule_policy rule ipv
+ local global_logging rule_logging loglevel rule_policy rule ipv
rule="$1"
ipv="$2"
config_get global_logging globals logging 0
config_get loglevel globals loglevel notice
+ [ "$ipv" = "ipv6" ] && [ $NO_IPV6 -ne 0 ] && return
+ [ "$family" = "ipv4" ] && [ "$ipv" = "ipv6" ] && return
+ [ "$family" = "ipv6" ] && [ "$ipv" = "ipv4" ] && return
+
+ for ipaddr in "$src_ip" "$dest_ip"; do
+ if [ -n "$ipaddr" ] && { { [ "$ipv" = "ipv4" ] && echo "$ipaddr" | grep -qE "$IPv6_REGEX"; } ||
+ { [ "$ipv" = "ipv6" ] && echo "$ipaddr" | grep -qE $IPv4_REGEX; } }; then
+ LOG warn "invalid $ipv address $ipaddr specified for rule $rule"
+ return
+ fi
+ done
+
if [ -n "$src_iface" ]; then
network_get_device src_dev "$src_iface"
if [ -z "$src_dev" ]; then
[ -z "$dest_ip" ] && unset dest_ip
[ -z "$src_ip" ] && unset src_ip
[ -z "$ipset" ] && unset ipset
- [ -z "$src_port" ] && unset src_port
- [ -z "$dest_port" ] && unset dest_port
- if [ "$proto" != 'tcp' ] && [ "$proto" != 'udp' ]; then
+ [ -z "$src_port" ] && unset src_port
+ [ -z "$dest_port" ] && unset dest_port
+ if [ "$proto" != 'tcp' ] && [ "$proto" != 'udp' ]; then
[ -n "$src_port" ] && {
LOG warn "src_port set to '$src_port' but proto set to '$proto' not tcp or udp. src_port will be ignored"
}
fi
fi
- [ "$ipv" = "ipv6" ] && [ $NO_IPV6 -ne 0 ] && return
- [ "$family" = "ipv4" ] && [ "$ipv" = "ipv6" ] && return
- [ "$family" = "ipv6" ] && [ "$ipv" = "ipv4" ] && return
-
- if [ $rule_policy -eq 1 ] && [ -n "${current##*-N $policy*}" ]; then
+ if [ $rule_policy -eq 1 ] && [ -n "${current##*-N $policy$'\n'*}" ]; then
mwan3_push_update -N "$policy"
fi
if [ $rule_policy -eq 1 ] && [ "$sticky" -eq 1 ]; then
- if [ -n "${current##*-N mwan3_rule_$1*}" ]; then
+ if [ -n "${current##*-N mwan3_rule_$1$'\n'*}" ]; then
mwan3_push_update -N "mwan3_rule_$1"
fi
fi
[ "$ipv" = "ipv6" ] && [ $NO_IPV6 -ne 0 ] && continue
update="*mangle"
- current="$($IPT -S)"
+ current="$($IPT -S)"$'\n'
if [ -n "${current##*-N mwan3_rules*}" ]; then
}
+mwan3_interface_hotplug_shutdown()
+{
+ local interface status device ifdown
+ interface="$1"
+ ifdown="$2"
+ [ -f $MWAN3TRACK_STATUS_DIR/$interface/STATUS ] && {
+ status=$(cat $MWAN3TRACK_STATUS_DIR/$interface/STATUS)
+ }
+
+ [ "$status" != "online" ] && [ "$ifdown" != 1 ] && return
+
+ if [ "$ifdown" = 1 ]; then
+ env -i ACTION=ifdown \
+ INTERFACE=$interface \
+ DEVICE=$device \
+ sh /etc/hotplug.d/iface/15-mwan3
+ else
+ [ "$status" = "online" ] && {
+ env -i MWAN3_SHUTDOWN="1" \
+ ACTION="disconnected" \
+ INTERFACE="$interface" \
+ DEVICE="$device" /sbin/hotplug-call iface
+ }
+ fi
+
+}
+
+mwan3_interface_shutdown()
+{
+ mwan3_interface_hotplug_shutdown $1
+ mwan3_track_clean $1
+}
+
+mwan3_ifup()
+{
+ local up l3_device status interface true_iface mwan3_startup
+
+ interface=$1
+ mwan3_startup=$2
+
+ if [ "${mwan3_startup}" != 1 ]; then
+ # It is not necessary to obtain a lock here, because it is obtained in the hotplug
+ # script, but we still want to do the check to print a useful error message
+ /etc/init.d/mwan3 running || {
+ echo 'The service mwan3 is global disabled.'
+ echo 'Please execute "/etc/init.d/mwan3 start" first.'
+ exit 1
+ }
+ config_load mwan3
+ fi
+ mwan3_get_true_iface true_iface $interface
+ status=$(ubus -S call network.interface.$true_iface status)
+
+ [ -n "$status" ] && {
+ json_load "$status"
+ json_get_vars up l3_device
+ }
+ hotplug_startup()
+ {
+ env -i MWAN3_STARTUP=$mwan3_startup ACTION=ifup \
+ INTERFACE=$interface DEVICE=$l3_device \
+ sh /etc/hotplug.d/iface/15-mwan3
+ }
+
+ if [ "$up" != "1" ] || [ -z "$l3_device" ]; then
+ return
+ fi
+
+ if [ "${mwan3_startup}" = 1 ]; then
+ hotplug_startup &
+ hotplug_pids="$hotplug_pids $!"
+ else
+ hotplug_startup
+ fi
+
+}
+
mwan3_set_iface_hotplug_state() {
local iface=$1
local state=$2
mwan3_report_iface_status()
{
- local device result track_ips tracking IP IPT
+ local device result tracking IP IPT
mwan3_get_iface_id id "$1"
network_get_device device "$1"
if [ -z "$id" ] || [ -z "$device" ]; then
result="offline"
- elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" ] && \
- [ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] && \
+ elif [ -n "$($IP rule | awk '$1 == "'$((id+1000)):'"')" ] && \
+ [ -n "$($IP rule | awk '$1 == "'$((id+2000)):'"')" ] && \
+ [ -n "$($IP rule | awk '$1 == "'$((id+3000)):'"')" ] && \
[ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] && \
[ -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
json_init
json_get_vars online uptime
json_select ..
json_select ..
- online="$(printf '%02dh:%02dm:%02ds\n' $(($online/3600)) $(($online%3600/60)) $(($online%60)))"
- uptime="$(printf '%02dh:%02dm:%02ds\n' $(($uptime/3600)) $(($uptime%3600/60)) $(($uptime%60)))"
+ online="$(printf '%02dh:%02dm:%02ds\n' $((online/3600)) $((online%3600/60)) $((online%60)))"
+ uptime="$(printf '%02dh:%02dm:%02ds\n' $((uptime/3600)) $((uptime%3600/60)) $((uptime%60)))"
result="$(mwan3_get_iface_hotplug_state $1) $online, uptime $uptime"
- elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" ] || \
- [ -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" ] || \
+ elif [ -n "$($IP rule | awk '$1 == "'$((id+1000)):'"')" ] || \
+ [ -n "$($IP rule | awk '$1 == "'$((id+2000)):'"')" ] || \
+ [ -n "$($IP rule | awk '$1 == "'$((id+3000)):'"')" ] || \
[ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ] || \
[ -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
result="error"
result="disabled"
fi
- mwan3_list_track_ips()
- {
- track_ips="$1 $track_ips"
- }
- config_list_foreach "$1" track_ip mwan3_list_track_ips
-
- if [ -n "$track_ips" ]; then
- if [ -n "$(pgrep -f "mwan3track $1 $device")" ]; then
- tracking="active"
- else
- tracking="down"
- fi
- else
- tracking="not enabled"
- fi
-
+ tracking="$(mwan3_get_mwan3track_status $1)"
echo " interface $1 is $result and tracking is $tracking"
}
total_weight=$($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
- if [ ! -z "${total_weight##*[!0-9]*}" ]; then
+ if [ -n "${total_weight##*[!0-9]*}" ]; then
for iface in $($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do
weight=$($ipt -S "$policy" | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
- percent=$(($weight*100/$total_weight))
+ percent=$((weight*100/total_weight))
echo " $iface ($percent%)"
done
else
mwan3_track_clean()
{
- rm -rf "$MWAN3_STATUS_DIR/${1}" &> /dev/null
+ rm -rf "${MWAN3_STATUS_DIR:?}/${1}" &> /dev/null
rmdir --ignore-fail-on-non-empty "$MWAN3_STATUS_DIR"
}
local online=0
local offline=0
local up="0"
- local enabled pid device time_p time_n time_u time_d status
+ local enabled device time_p time_n time_u time_d status track_status
network_get_device device $1
if [ "${iface}" = "${iface_select}" ] || [ "${iface_select}" = "" ]; then
- pid="$(pgrep -f "mwan3track $iface $device")"
- if [ "${pid}" != "" ]; then
- running="1"
- fi
-
+ track_status="$(mwan3_get_mwan3track_status "$1")"
+ [ "$track_status" = "active" ] && running="1"
time_p="$(cat "$MWAN3TRACK_STATUS_DIR/${iface}/TIME")"
[ -z "${time_p}" ] || {
time_n="$(get_uptime)"
Syntax: mwan3 [command]
Available commands:
- start Load iptables rules, ip rules and ip routes
- stop Unload iptables rules, ip rules and ip routes
- restart Reload iptables rules, ip rules and ip routes
- ifup <iface> Load rules and routes for specific interface
- ifdown <iface> Unload rules and routes for specific interface
- interfaces Show interfaces status
- policies Show currently active policy
- connected Show directly connected networks
- rules Show active rules
- status Show all status
-
+ start Load iptables rules, ip rules and ip routes
+ stop Unload iptables rules, ip rules and ip routes
+ restart Reload iptables rules, ip rules and ip routes
+ ifup <iface> Load rules and routes for specific interface
+ ifdown <iface> Unload rules and routes for specific interface
+ interfaces Show interfaces status
+ policies Show currently active policy
+ connected Show directly connected networks
+ rules Show active rules
+ status Show all status
+ use <iface> <cmd> Run a command bound to <iface> and avoid mwan3 rules
EOF
}
-ifdown()
-{
+
+ifdown() {
if [ -z "$1" ]; then
- echo "Error: Expecting interface. Usage: mwan3 ifdown <interface>" && exit 0
+ echo "Error: Expecting interface. Usage: mwan3 ifdown <interface>"
+ exit 0
fi
if [ -n "$2" ]; then
- echo "Error: Too many arguments. Usage: mwan3 ifdown <interface>" && exit 0
+ echo "Error: Too many arguments. Usage: mwan3 ifdown <interface>"
+ exit 0
fi
- ACTION=ifdown INTERFACE=$1 /sbin/hotplug-call iface
-
- kill $(pgrep -f "mwan3track $1 ") &> /dev/null
- mwan3_track_clean $1
+ mwan3_interface_hotplug_shutdown "$1" 1
}
-ifup()
-{
- local device enabled up l3_device status interface true_iface
+ifup() {
+ . /etc/init.d/mwan3
if [ -z "$1" ]; then
echo "Expecting interface. Usage: mwan3 ifup <interface>"
exit 0
fi
- interface=$1
-
- if [ "${MWAN3_STARTUP}" != 1 ]; then
- # It is not necessary to obtain a lock here, because it is obtained in the hotplug
- # script, but we still want to do the check to print a useful error message
- config_load mwan3
- config_get_bool enabled globals 'enabled' 0
-
- [ ${enabled} -gt 0 ] || {
- echo "The service mwan3 is global disabled."
- echo "Please execute \"/etc/init.d/mwan3 start\" first."
- exit 1
- }
- else
- enabled=1
- fi
- mwan3_get_true_iface true_iface $interface
- status=$(ubus -S call network.interface.$true_iface status)
-
- [ -n "$status" ] && {
- json_load "$status"
- json_get_vars up l3_device
- }
- hotplug_startup()
- {
- MWAN3_STARTUP=$MWAN3_STARTUP ACTION=ifup INTERFACE=$interface DEVICE=$l3_device TRUE_INTERFACE=$true_iface sh /etc/hotplug.d/iface/15-mwan3
- MWAN3_STARTUP=$MWAN3_STARTUP ACTION=ifup INTERFACE=$interface DEVICE=$l3_device TRUE_INTERFACE=$true_iface sh /etc/hotplug.d/iface/16-mwan3-user
- }
-
- if [ "$up" != "1" ] || [ -z "$l3_device" ] || [ "$enabled" != "1" ]; then
- return
- fi
-
- if [ "${MWAN3_STARTUP}" = 1 ]; then
- hotplug_startup &
- hotplug_pids="$hotplug_pids $!"
- else
- hotplug_startup
- fi
-
+ mwan3_ifup "$1"
}
interfaces()
echo "Interface status:"
config_foreach mwan3_report_iface_status interface
- echo -e
+ echo
}
policies()
{
echo "Current ipv4 policies:"
mwan3_report_policies_v4
- echo -e
+ echo
[ $NO_IPV6 -ne 0 ] && return
echo "Current ipv6 policies:"
mwan3_report_policies_v6
- echo -e
+ echo
}
connected()
{
echo "Directly connected ipv4 networks:"
mwan3_report_connected_v4
- echo -e
+ echo
[ $NO_IPV6 -ne 0 ] && return
echo "Directly connected ipv6 networks:"
mwan3_report_connected_v6
- echo -e
+ echo
}
rules()
{
echo "Active ipv4 user rules:"
mwan3_report_rules_v4
- echo -e
+ echo
[ $NO_IPV6 -ne 0 ] && return
echo "Active ipv6 user rules:"
mwan3_report_rules_v6
- echo -e
+ echo
}
status()
rules
}
-start()
-{
- local enabled hotplug_pids MWAN3_STARTUP
- MWAN3_STARTUP=1
- mwan3_lock "command" "mwan3"
- uci_toggle_state mwan3 globals enabled "1"
- config_load mwan3
-
- mwan3_update_iface_to_table
- mwan3_set_connected_iptables
- mwan3_set_custom_ipset
- mwan3_set_general_rules
- mwan3_set_general_iptables
- config_foreach ifup interface
- wait $hotplug_pids
- mwan3_add_all_nondefault_routes
- mwan3_set_policies_iptables
- mwan3_set_user_rules
-
-
- mwan3_unlock "command" "mwan3"
- mwan3_rtmon
- unset MWAN3_STARTUP
+start() {
+ /etc/init.d/mwan3 enable
+ /etc/init.d/mwan3 start
}
-stop()
-{
- local ipset rule IP IPTR IPT kill_pid family table tid
-
- mwan3_lock "command" "mwan3"
- uci_toggle_state mwan3 globals enabled "0"
+stop() {
+ /etc/init.d/mwan3 disable
+ /etc/init.d/mwan3 stop
+}
- {
- kill -TERM $(pgrep -f "mwan3rtmon") > /dev/null 2>&1
- kill -TERM $(pgrep -f "mwan3track") > /dev/null 2>&1
+restart() {
+ /etc/init.d/mwan3 enable
+ /etc/init.d/mwan3 stop
+ /etc/init.d/mwan3 start
+}
- sleep 1
+wrap() {
+ # Run a command with the device, src_ip and fwmark set to avoid processing by mwan3
+ # firewall rules
- kill -KILL $(pgrep -f "mwan3rtmon") > /dev/null 2>&1
- kill -KILL $(pgrep -f "mwan3track") > /dev/null 2>&1
- } &
- kill_pid=$!
+ local interface device src_ip family
+ mwan3_init
config_load mwan3
- config_foreach mwan3_track_clean interface
-
- for family in ipv4 ipv6; do
- if [ "$family" = "ipv4" ]; then
- IPT="$IPT4"
- IPTR="$IPT4R"
- IP="$IP4"
- elif [ "$family" = "ipv6" ]; then
- [ $NO_IPV6 -ne 0 ] && continue
- IPT="$IPT6"
- IPTR="$IPT6R"
- IP="$IP6"
- fi
-
- for tid in $(ip route list table all | sed -ne 's/.*table \([0-9]\+\).*/\1/p'|sort -u); do
- [ $tid -gt $MWAN3_INTERFACE_MAX ] && continue
- $IP route flush table $tid &> /dev/null
- done
-
- for rule in $($IP rule list | egrep '^[1-2][0-9]{3}\:' | cut -d ':' -f 1); do
- $IP rule del pref $rule &> /dev/null
- done
- table="$($IPT -S)"
- {
- echo "*mangle";
- [ -z "${table##*PREROUTING -j mwan3_hook*}" ] && echo "-D PREROUTING -j mwan3_hook"
- [ -z "${table##*OUTPUT -j mwan3_hook*}" ] && echo "-D OUTPUT -j mwan3_hook"
- echo "$table" | awk '{print "-F "$2}' | grep mwan3 | sort -u
- echo "$table" | awk '{print "-X "$2}' | grep mwan3 | sort -u
- echo "COMMIT"
- } | $IPTR
- done
- for ipset in $($IPS -n list | grep mwan3_); do
- $IPS -q destroy $ipset
- done
+ interface=$1 ; shift
+ [ -z "$*" ] && echo "no command specified for mwan3 wrap" && return
+ network_get_device device $interface
+ [ -z "$device" ] && echo "could not find device for $interface" && return
- for ipset in $($IPS -n list | grep mwan3 | grep -E '_v4|_v6'); do
- $IPS -q destroy $ipset
- done
+ mwan3_get_src_ip src_ip $interface
+ [ -z "$src_ip" ] && echo "could not find src_ip for $interface" && return
- if ! pgrep -f "mwan3track" >/dev/null && ! pgrep -f "mwan3rtmon" >/dev/null; then
- # mwan3track has already exited, no need to send
- # TERM signal
- kill $kill_pid 2>/dev/null
- else
- # mwan3track has not exited, wait for the killer
- # to do its work
- wait $kill_pid
- fi
- rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR
-
- mwan3_unlock "command" "mwan3"
+ config_get family $interface family
+ [ -z "$family" ] && echo "could not find family for $interface. Using ipv4." && family='ipv4'
-}
+ echo "Running '$*' with DEVICE=$device SRCIP=$src_ip FWMARK=$MMX_DEFAULT FAMILY=$family"
+ # shellcheck disable=SC2048
+ FAMILY=$family DEVICE=$device SRCIP=$src_ip FWMARK=$MMX_DEFAULT LD_PRELOAD=/lib/mwan3/libwrap_mwan3_sockopt.so.1.0 $*
-restart() {
- stop
- start
}
case "$1" in
- ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart)
+ ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart|use)
mwan3_init
+ # shellcheck disable=SC2048
$*
;;
*)
. /lib/mwan3/mwan3.sh
. /lib/mwan3/common.sh
+trap_with_arg()
+{
+ func="$1" ; shift
+ pid="$1" ; shift
+ for sig ; do
+ # shellcheck disable=SC2064
+ trap "$func $sig $pid" "$sig"
+ done
+}
+
+func_trap()
+{
+ kill -${1} ${2} 2>/dev/null
+}
+
+mwan3_add_all_routes()
+{
+ local tid IP IPT route_line family active_tbls tid initial_state
+ local ipv=$1
+
+ add_active_tbls()
+ {
+ let tid++
+ config_get family "$1" family ipv4
+ config_get initial_state "$1" initial_state "online"
+ [ "$family" != "$ipv" ] && return
+ if $IPT -S "mwan3_iface_in_$1" &> /dev/null; then
+ active_tbls="$active_tbls${tid} "
+ fi
+ }
+
+ add_route()
+ {
+ let tid++
+ [ -n "${active_tbls##* $tid *}" ] && return
+ $IP route add table $tid $route_line ||
+ LOG warn "failed to add $route_line to table $tid"
+ }
+
+ mwan3_update_dev_to_table
+ [ "$ipv" = "ipv6" ] && [ $NO_IPV6 -ne 0 ] && return
+ if [ "$ipv" = "ipv4" ]; then
+ IP="$IP4"
+ IPT="$IPT4"
+ elif [ "$ipv" = "ipv6" ]; then
+ IP="$IP6"
+ IPT="$IPT6"
+ fi
+ tid=0
+ active_tbls=" "
+ config_foreach add_active_tbls interface
+ [ $active_tbls = " " ] && return
+ mwan3_get_routes | while read -r route_line; do
+ mwan3_route_line_dev "tid" "$route_line" "$ipv"
+ if [ -n "$tid" ] && [ -z "${active_tbls##* $tid *}" ]; then
+ $IP route add table $tid $route_line
+ elif [ -n "${route_line##default*}" ] && [ -n "${route_line##fe80::/64*}" ]; then
+ config_foreach add_route interface
+ fi
+ done
+}
+
mwan3_rtmon_route_handle()
{
- config_load mwan3
- local section action route_line family tbl device metric tos dst line
- local route_device tid
+ local action route_line family tbl device line route_line_exp tid source_routing
+
route_line=${1##"Deleted "}
route_family=$2
+ config_get_boolean source_routing globals source_routing 0
+ [ $source_routing -eq 0 ] && unset source_routing
+
+ if [ "$route_line" = "$1" ]; then
+ action="replace"
+ route_line_exp="s/expires \([0-9]\+\)sec//;s/error [0-9]\+//; ${source_routing:+s/default\(.*\) from [^ ]*/default\1/}"
+ $IPS -! add mwan3_connected_${route_family##ip} ${route_line%% *}
+ else
+ action="del"
+ route_line_exp="s/expires [0-9]\+sec//;s/error [0-9]\+//; ${source_routing:+s/default\(.*\) from [^ ]*/default\1/}"
+ mwan3_set_connected_${route_family}
+ fi
+
if [ "$route_family" = "ipv4" ]; then
IP="$IP4"
elif [ "$route_family" = "ipv6" ] && [ $NO_IPV6 -eq 0 ]; then
IP="$IP6"
+ route_line=$(echo "$route_line" | sed "$route_line_exp")
else
+ LOG warn "route update called with invalid family - $route_family"
return
fi
- if [ "$route_line" == "$1" ]; then
- action="add"
- else
- action="del"
+ # don't try to add routes when link has gone down
+ if [ -z "${route_line##linkdown*}" ]; then
+ LOG debug "not adding route due to linkdown - skipping $route_line"
+ return
fi
- # never add default route lines, since this is handled elsewhere
- [ -z "${route_line##default*}" ] && return
- [ -z "${route_line##::/0*}" ] && return
- route_line=${route_line%% linkdown*}
- route_line=${route_line%% unreachable*}
- mwan3_update_dev_to_table
- mwan3_route_line_dev "tid" "$route_line" "$route_family"
handle_route() {
- tbl=$($IP route list table $tid)
- if [ $action = "add" ]; then
- echo "$tbl" | grep -q "^default\|^::/0" || return
- else
- [ -z "$tbl" ] && return
+ local iface=$1
+ tbl=$($IP route list table $tid 2>/dev/null)$'\n'
+
+ if [ "$(cat /var/run/mwan3track/$iface/STATUS)" != "online" ]; then
+ LOG debug "interface $iface is offline - skipping $route_line";
+ return
fi
- # check that action needs to be performed. May not need to take action if:
- # Got a route update on ipv6 where route is already in the table
- # Got a delete event, but table was already flushed
-
- [ $action = "add" ] && [ -z "${tbl##*$route_line*}" ] && return
- [ $action = "del" ] && [ -n "${tbl##*$route_line*}" ] && return
- network_get_device device "$section"
- LOG debug "adjusting route $device: $IP route "$action" table $tid $route_line"
+
+ # check that action needs to be performed. May not need to take action if we
+ # got a delete event, but table was already flushed
+ if [ $action = "del" ] && [ -n "${tbl##*$route_line$'\n'*}" ]; then
+ LOG debug "skipping already deleted route table $tid - skipping $route_line"
+ return
+ fi
+
+ network_get_device device "$iface"
+ LOG debug "adjusting route $device: $IP route $action table $tid $route_line"
$IP route "$action" table $tid $route_line ||
LOG warn "failed: $IP route $action table $tid $route_line"
}
handle_route_cb(){
+ local iface=$1
let tid++
- config_get family "$section" family ipv4
+ config_get family "$iface" family ipv4
[ "$family" != "$route_family" ] && return
- handle_route
+ handle_route "$iface"
}
- if [ $action = "add" ]; then
- ## handle old routes from 'change' or 'replace'
- metric=${route_line##*metric }
- [ "$metric" = "$route_line" ] && unset metric || metric=${metric%% *}
-
- tos=${route_line##*tos }
- [ "$tos" = "$route_line" ] && unset tos || tos=${tos%% *}
-
- dst=${route_line%% *}
- grep_line="$dst ${tos:+tos $tos}.*table [0-9].*${metric:+metric $metric}"
- $IP route list table all | grep "$grep_line" | while read line; do
- tbl=${line##*table }
- tbl=${tbl%% *}
- [ $tbl -gt $MWAN3_INTERFACE_MAX ] && continue
- LOG debug "removing route on ip route change/replace: $line"
- $IP route del $line
- done
- fi
+ mwan3_update_dev_to_table
+ mwan3_route_line_dev "tid" "$route_line" "$route_family"
if [ -n "$tid" ]; then
handle_route
- else
+ elif [ -n "${route_line##default*}" ] && [ -n "${route_line##fe80::/64*}" ]; then
config_foreach handle_route_cb interface
fi
}
config_load mwan3
family=$1
[ -z $family ] && family=ipv4
- if [ "$family" = ipv6 ]; then
+ if [ "$family" = "ipv6" ]; then
+ if [ $NO_IPV6 -ne 0 ]; then
+ LOG warn "mwan3rtmon started for ipv6, but ipv6 not enabled on system"
+ exit 1
+ fi
IP="$IP6"
else
IP="$IP4"
fi
mwan3_init
-
- $IP monitor route | while read line; do
- [ -z "${line##*table*}" ] && continue
- LOG debug "handling route update $family $line"
- mwan3_lock "service" "mwan3rtmon"
- mwan3_rtmon_route_handle "$line" "$family"
- mwan3_unlock "service" "mwan3rtmon"
- done
+ mwan3_lock "mwan3rtmon" "start"
+ sh -c "echo \$\$; exec $IP monitor route" | {
+ read -r monitor_pid
+ trap_with_arg func_trap "$monitor_pid" SIGINT SIGTERM SIGKILL
+ while read -r line; do
+ [ -z "${line##*table*}" ] && continue
+ LOG debug "handling route update $family $line"
+ mwan3_lock "service" "mwan3rtmon"
+ mwan3_rtmon_route_handle "$line" "$family"
+ mwan3_unlock "service" "mwan3rtmon"
+ done
+ } &
+ child=$!
+ kill -SIGSTOP $child
+ trap_with_arg func_trap "$child" SIGINT SIGTERM SIGKILL
+ mwan3_set_connected_${family}
+ mwan3_add_all_routes ${family}
+ mwan3_unlock "mwan3rtmon" "start"
+ kill -SIGCONT $child
+ wait $!
}
main "$@"
#!/bin/sh
. /lib/functions.sh
+. /lib/functions/network.sh
. /lib/mwan3/common.sh
INTERFACE=""
DEVICE=""
-PING="/bin/ping"
IFDOWN_EVENT=0
IFUP_EVENT=0
+TRACK_OUTPUT=$MWAN3TRACK_STATUS_DIR/$INTERFACE/TRACK_OUTPUT
+
+mwan3_init
+
+stop_subprocs() {
+ [ -n "$SLEEP_PID" ] && kill "$SLEEP_PID" && unset SLEEP_PID
+ [ -n "$TRACK_PID" ] && kill "$TRACK_PID" && unset TRACK_PID
+}
+
+WRAP() {
+ # shellcheck disable=SC2048
+ FAMILY=$FAMILY DEVICE=$DEVICE SRCIP=$SRC_IP FWMARK=$MMX_DEFAULT LD_PRELOAD=/lib/mwan3/libwrap_mwan3_sockopt.so.1.0 $*
+}
clean_up() {
- LOG notice "Stopping mwan3track for interface \"${INTERFACE}\""
+ LOG notice "Stopping mwan3track for interface \"${INTERFACE}\". Status was \"${STATUS}\""
+ stop_subprocs
exit 0
}
if_down() {
LOG info "Detect ifdown event on interface ${INTERFACE} (${DEVICE})"
IFDOWN_EVENT=1
+ stop_subprocs
}
if_up() {
LOG info "Detect ifup event on interface ${INTERFACE} (${DEVICE})"
+ IFDOWN_EVENT=0
IFUP_EVENT=1
+ STARTED=1
+ stop_subprocs
}
validate_track_method() {
case "$1" in
ping)
- [ -x "$PING" ] || {
- LOG warn "Missing ping. Please enable ping util and recompile busybox."
+ if [ -x "/usr/bin/ping" ] && [ "$(/usr/bin/ping -V | grep -o '[0-9]*$')" -gt 20150519 ]; then
+ # -4 option added in iputils c3e68ac6
+ PING="/usr/bin/ping -${FAMILY#ipv}"
+ elif [ "$FAMILY" = "ipv6" ] && [ -x "/usr/bin/ping6" ]; then
+ PING="/usr/bin/ping6"
+ elif [ "$FAMILY" = "ipv4" ] && [ -x "/usr/bin/ping" ]; then
+ PING="/usr/bin/ping"
+ elif [ -x "/bin/ping" ]; then
+ PING="/bin/ping -${FAMILY#ipv}"
+ else
+ LOG warn "Missing ping. Please enable BUSYBOX_DEFAULT_PING and recompile busybox or install iputils-ping package."
return 1
- }
+ fi
;;
arping)
command -v arping 1>/dev/null 2>&1 || {
LOG warn "Missing httping. Please install httping package."
return 1
}
- [ -n "$2" -a "$2" != "0.0.0.0" -a "$2" != "::" ] || {
- LOG warn "Cannot determine source IP for the interface which is required by httping."
- return 1
- }
;;
nping-*)
command -v nping 1>/dev/null 2>&1 || {
esac
}
+validate_wrap() {
+ [ -x /lib/mwan3/libwrap_mwan3_sockopt.so.1.0 ] && return
+ LOG error "Missing libwrap_mwan3_sockopt. Please reinstall mwan3." &&
+ exit 1
+}
+
disconnected() {
- echo "offline" > /var/run/mwan3track/$INTERFACE/STATUS
- echo "$(get_uptime)" > /var/run/mwan3track/$INTERFACE/OFFLINE
- echo "0" > /var/run/mwan3track/$INTERFACE/ONLINE
+ STATUS='offline'
+ echo "offline" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/STATUS
+ get_uptime > $MWAN3TRACK_STATUS_DIR/$INTERFACE/OFFLINE
+ echo "0" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/ONLINE
score=0
- [ "$1" == 1 ] && return
+ [ "$1" = 1 ] && return
LOG notice "Interface $INTERFACE ($DEVICE) is offline"
env -i ACTION="disconnected" INTERFACE="$INTERFACE" DEVICE="$DEVICE" /sbin/hotplug-call iface
}
connected() {
- echo "online" > /var/run/mwan3track/$INTERFACE/STATUS
- echo "0" > /var/run/mwan3track/$INTERFACE/OFFLINE
- echo "$(get_uptime)" > /var/run/mwan3track/$INTERFACE/ONLINE
+ STATUS='online'
+ echo "online" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/STATUS
+ echo "0" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/OFFLINE
+ get_uptime > $MWAN3TRACK_STATUS_DIR/$INTERFACE/ONLINE
host_up_count=0
lost=0
turn=0
loss=0
- [ "$1" == 1 ] && return
LOG notice "Interface $INTERFACE ($DEVICE) is online"
- env -i ACTION="connected" INTERFACE="$INTERFACE" DEVICE="$DEVICE" /sbin/hotplug-call iface
+ env -i FIRSTCONNECT=$1 ACTION="connected" INTERFACE="$INTERFACE" DEVICE="$DEVICE" /sbin/hotplug-call iface
+}
+
+disabled() {
+ STATUS='disabled'
+ echo "disabled" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/STATUS
+ STARTED=0
}
firstconnect() {
+ local true_iface
+ network_flush_cache
+
+ mwan3_get_true_iface true_iface $INTERFACE
+ network_get_device DEVICE $true_iface
+
+ if [ "$STATUS" != "online" ]; then
+ config_get STATUS $INTERFACE initial_state "online"
+ fi
+
+ if ! network_is_up $true_iface || [ -z "$DEVICE" ]; then
+ disabled
+ return
+ fi
+
+ mwan3_get_src_ip SRC_IP $INTERFACE
+
+ LOG debug "firstconnect: called on $INTERFACE/$true_iface ($DEVICE). Status is $STATUS. SRC_IP is $SRC_IP"
+
+ STARTED=1
if [ "$STATUS" = "offline" ]; then
disconnected 1
else
}
update_status() {
- local status track_ip
- track_ip=$1
- status=$2
+ local track_ip=$1
- echo "$1" > /var/run/mwan3track/$INTERFACE/TRACK_${track_ip}
+ echo "$2" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/TRACK_${track_ip}
[ -z "$3" ] && return
- echo "$3" > /var/run/mwan3track/$INTERFACE/LATENCY_${track_ip}
- echo "$4" > /var/run/mwan3track/$INTERFACE/LOSS_${track_ip}
+ echo "$3" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/LATENCY_${track_ip}
+ echo "$4" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/LOSS_${track_ip}
}
main() {
local recovery_interval down up size
local keep_failure_interval check_quality failure_latency
local recovery_latency failure_loss recovery_loss
- local max_ttl httping_ssl
- [ -z "$5" ] && echo "Error: should not be started manually" && exit 0
+ local max_ttl httping_ssl track_ips do_log
INTERFACE=$1
- DEVICE=$2
- STATUS=$3
- SRC_IP=$4
- mkdir -p /var/run/mwan3track/$INTERFACE
+ STATUS=""
+ STARTED=0
+ mkdir -p $MWAN3TRACK_STATUS_DIR/$INTERFACE
+
trap clean_up TERM
trap if_down USR1
trap if_up USR2
config_load mwan3
+ config_get FAMILY $INTERFACE family ipv4
config_get track_method $INTERFACE track_method ping
config_get_bool httping_ssl $INTERFACE httping_ssl 0
- validate_track_method $track_method $SRC_IP || {
+ validate_track_method $track_method || {
track_method=ping
if validate_track_method $track_method; then
LOG warn "Using ping to track interface $INTERFACE avaliability"
config_get recovery_latency $INTERFACE recovery_latency 500
config_get failure_loss $INTERFACE failure_loss 40
config_get recovery_loss $INTERFACE recovery_loss 10
+ local sleep_time result ping_status loss latency
+ mwan3_list_track_ips()
+ {
+ track_ips="$track_ips $1"
+ }
+ config_list_foreach "$1" track_ip mwan3_list_track_ips
- local score=$(($down+$up))
- local track_ips=$(echo $* | cut -d ' ' -f 5-99)
+ local score=$((down+up))
local host_up_count=0
local lost=0
local turn=0
- local ping_protocol=4
- local sleep_time result ping_result ping_result_raw ping_status loss latency
firstconnect
while true; do
-
+ [ $STARTED -eq 0 ] && { sleep $MAX_SLEEP & SLEEP_PID=$!; wait; }
+ unset SLEEP_PID
sleep_time=$interval
-
for track_ip in $track_ips; do
if [ $host_up_count -lt $reliability ]; then
case "$track_method" in
ping)
- # pinging IPv6 hosts with an interface is troublesome
- # https://bugs.openwrt.org/index.php?do=details&task_id=2897
- # so get the IP address of the interface and use that instead
- if [ -z ${track_ip##*:*} ]; then
- ping_protocol=6
- else
- unset SRC_IP
- fi
if [ $check_quality -eq 0 ]; then
- $PING -$ping_protocol -I ${SRC_IP:-$DEVICE} -c $count -W $timeout -s $size -t $max_ttl -q $track_ip &> /dev/null
+ WRAP $PING -c $count -W $timeout -s $size -t $max_ttl -q $track_ip &> /dev/null &
+ TRACK_PID=$!
+ wait $TRACK_PID
result=$?
else
- ping_result_raw="$($PING -$ping_protocol -I ${SRC_IP:-$DEVICE} -c $count -W $timeout -s $size -t $max_ttl -q $track_ip 2>/dev/null)"
+ WRAP $PING -c $count -W $timeout -s $size -t $max_ttl -q $track_ip 2>/dev/null > $TRACK_OUTPUT &
+ TRACK_PID=$!
+ wait $TRACK_PID
ping_status=$?
- ping_result=$(echo "$ping_result_raw" | tail -n2)
- loss="$(echo "$ping_result" | grep "packet loss" | cut -d "," -f3 | awk '{print $1}' | sed -e 's/%//')"
+ loss="$(sed $TRACK_OUTPUT -ne 's/.*\([0-9]\+\)% packet loss.*/\1/p')"
if [ "$ping_status" -ne 0 ] || [ "$loss" -eq 100 ]; then
latency=999999
loss=100
else
- latency="$(echo "$ping_result" | grep -E 'rtt|round-trip' | cut -d "=" -f2 | cut -d "/" -f2 | cut -d "." -f1)"
+ latency="$(sed $TRACK_OUTPUT -ne 's%\(rtt\|round-trip\).* = [^/]*/\([0-9]\+\).*%\2%p')"
fi
fi
;;
arping)
- arping -I $DEVICE -c $count -w $timeout -q $track_ip &> /dev/null
+ WRAP arping -I $DEVICE -c $count -w $timeout -q $track_ip &> /dev/null &
+ TRACK_PID=$!
+ wait $TRACK_PID
result=$?
;;
httping)
if [ "$httping_ssl" -eq 1 ]; then
- httping -y $SRC_IP -c $count -t $timeout -q "https://$track_ip" &> /dev/null
+ WRAP httping -c $count -t $timeout -q "https://$track_ip" &> /dev/null &
else
- httping -y $SRC_IP -c $count -t $timeout -q "http://$track_ip" &> /dev/null
+ WRAP httping -c $count -t $timeout -q "http://$track_ip" &> /dev/null &
fi
+ TRACK_PID=$!
+ wait $TRACK_PID
result=$?
;;
- nping-tcp)
- result=$(nping -e $DEVICE -c $count $track_ip --tcp | grep Lost | awk '{print $12}')
- ;;
- nping-udp)
- result=$(nping -e $DEVICE -c $count $track_ip --udp | grep Lost | awk '{print $12}')
- ;;
- nping-icmp)
- result=$(nping -e $DEVICE -c $count $track_ip --icmp | grep Lost | awk '{print $12}')
- ;;
- nping-arp)
- result=$(nping -e $DEVICE -c $count $track_ip --arp | grep Lost | awk '{print $12}')
+ nping-*)
+ WRAP nping -c $count $track_ip --${FAMILY#nping-} > $TRACK_OUTPUT &
+ TRACK_PID=$!
+ wait $TRACK_PID
+ result=$(grep $TRACK_OUTPUT Lost | awk '{print $12}')
;;
esac
+ do_log=""
if [ $check_quality -eq 0 ]; then
if [ $result -eq 0 ]; then
let host_up_count++
update_status "$track_ip" "up"
- if [ $score -le $up ]; then
- LOG info "Check ($track_method) success for target \"$track_ip\" on interface $INTERFACE ($DEVICE). Current score: $score"
- fi
+ [ $score -le $up ] && do_log="success"
else
let lost++
update_status "$track_ip" "down"
- if [ $score -gt $up ]; then
- LOG info "Check ($track_method) failed for target \"$track_ip\" on interface $INTERFACE ($DEVICE). Current score: $score"
- fi
+ [ $score -gt $up ] && do_log="failed"
fi
+ [ -n "$do_log" ] && LOG info "Check ($track_method) ${do_log} for target \"$track_ip\" on interface $INTERFACE ($DEVICE). Current score: $score"
+
else
- if [ "$loss" -ge "$failure_loss" -o "$latency" -ge "$failure_latency" ]; then
+ if [ "$loss" -ge "$failure_loss" ] || [ "$latency" -ge "$failure_latency" ]; then
let lost++
update_status "$track_ip" "down" $latency $loss
- if [ $score -gt $up ]; then
- LOG info "Check (${track_method}: latency=${latency}ms loss=${loss}%) failed for target \"$track_ip\" on interface $INTERFACE ($DEVICE). Current score: $score"
- fi
- elif [ "$loss" -le "$recovery_loss" -a "$latency" -le "$recovery_latency" ]; then
+ [ $score -gt $up ] && do_log="failed"
+ elif [ "$loss" -le "$recovery_loss" ] && [ "$latency" -le "$recovery_latency" ]; then
let host_up_count++
update_status "$track_ip" "up" $latency $loss
- if [ $score -le $up ]; then
- LOG info "Check (${track_method}: latency=${latency}ms loss=${loss}%) success for target \"$track_ip\" on interface $INTERFACE ($DEVICE). Current score: $score"
- fi
+ [ $score -le $up ] && do_log="success"
else
- echo "skipped" > /var/run/mwan3track/$INTERFACE/TRACK_${track_ip}
+ echo "skipped" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/TRACK_${track_ip}
fi
+ [ -n "$do_log" ] && LOG info "Check (${track_method}: latency=${latency}ms loss=${loss}%) ${do_log} for target \"$track_ip\" on interface $INTERFACE ($DEVICE). Current score: $score"
fi
else
- echo "skipped" > /var/run/mwan3track/$INTERFACE/TRACK_${track_ip}
+ echo "skipped" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/TRACK_${track_ip}
fi
done
if [ $score -lt $up ]; then
score=0
- [ ${keep_failure_interval} -eq 1 ] && {
- sleep_time=$failure_interval
- }
+ [ ${keep_failure_interval} -eq 1 ] && sleep_time=$failure_interval
else
sleep_time=$failure_interval
fi
score=0
fi
else
- if [ $score -lt $(($down+$up)) ] && [ $lost -gt 0 ]; then
- LOG info "Lost $(($lost*$count)) ping(s) on interface $INTERFACE ($DEVICE). Current score: $score"
+ if [ $score -lt $((down+up)) ] && [ $lost -gt 0 ]; then
+ LOG info "Lost $((lost*count)) ping(s) on interface $INTERFACE ($DEVICE). Current score: $score"
fi
let score++
lost=0
if [ $score -gt $up ]; then
- echo "online" > /var/run/mwan3track/$INTERFACE/STATUS
- score=$(($down+$up))
+ echo "online" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/STATUS
+ score=$((down+up))
elif [ $score -le $up ]; then
sleep_time=$recovery_interval
fi
if [ $score -eq $up ]; then
- connected $INTERFACE $DEVICE
+ connected
fi
fi
let turn++
- mkdir -p "/var/run/mwan3track/${1}"
- echo "${lost}" > /var/run/mwan3track/$INTERFACE/LOST
- echo "${score}" > /var/run/mwan3track/$INTERFACE/SCORE
- echo "${turn}" > /var/run/mwan3track/$INTERFACE/TURN
- echo "$(get_uptime)" > /var/run/mwan3track/$INTERFACE/TIME
+ mkdir -p "$MWAN3TRACK_STATUS_DIR/${1}"
+ echo "${lost}" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/LOST
+ echo "${score}" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/SCORE
+ echo "${turn}" > $MWAN3TRACK_STATUS_DIR/$INTERFACE/TURN
+ get_uptime > $MWAN3TRACK_STATUS_DIR/$INTERFACE/TIME
host_up_count=0
sleep "${sleep_time}" &
if [ "${IFDOWN_EVENT}" -eq 1 ]; then
LOG debug "Register ifdown event on interface ${INTERFACE} (${DEVICE})"
- disconnected 1
+ disabled
+ disconnected
IFDOWN_EVENT=0
fi
if [ "${IFUP_EVENT}" -eq 1 ]; then
--- /dev/null
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2020 Aaron Goodman <aaronjg@alumni.stanford.edu>. All Rights Reserved.
+ */
+
+/*
+ * sockopt_wrap.c provides a shared library that intercepts syscalls to various
+ * networking functions to bind the sockets a source IP address and network device
+ * and to set the firewall mark on otugoing packets. Parameters are set using the
+ * DEVICE, SRCIP, FWMARK environment variables.
+ *
+ * Additionally the FAMILY environment variable can be set to either 'ipv4' or
+ * 'ipv6' to cause sockets opened with ipv6 or ipv4 to fail, respectively.
+ *
+ * Each environment variable is optional, and if not set, the library will not
+ * enforce the particular parameter.
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <arpa/inet.h>
+#include <net/ethernet.h>
+#include <linux/if_packet.h>
+#include <net/if.h>
+
+static int (*next_socket)(int domain, int type, int protocol);
+static int (*next_setsockopt)(int sockfd, int level, int optname,
+ const void *optval, socklen_t optlen);
+static int (*next_bind)(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
+static int (*next_close)(int fd);
+static ssize_t (*next_send)(int sockfd, const void *buf, size_t len, int flags);
+static ssize_t (*next_sendto)(int sockfd, const void *buf, size_t len, int flags,
+ const struct sockaddr *dest_addr, socklen_t addrlen);
+static ssize_t (*next_sendmsg)(int sockfd, const struct msghdr *msg, int flags);
+static int (*next_connect)(int sockfd, const struct sockaddr *addr,
+ socklen_t addrlen);
+static int device=0;
+static struct sockaddr_in source4 = {0};
+#ifdef CONFIG_IPV6
+static struct sockaddr_in6 source6 = {0};
+#endif
+static struct sockaddr * source = 0;
+static int sockaddr_size = 0;
+static int is_bound [1024] = {0};
+
+#define next_func(x)\
+void set_next_##x(){\
+ if (next_##x) return;\
+ next_##x = dlsym(RTLD_NEXT, #x);\
+ dlerror_handle();\
+ return;\
+}
+
+void dlerror_handle()
+{
+ char *msg;
+ if ((msg = dlerror()) != NULL) {
+ fprintf(stderr, "socket: dlopen failed : %s\n", msg);
+ fflush(stderr);
+ exit(EXIT_FAILURE);
+ }
+}
+
+next_func(bind);
+next_func(close);
+next_func(setsockopt);
+next_func(socket);
+next_func(send);
+next_func(sendto);
+next_func(sendmsg);
+next_func(connect);
+
+void dobind(int sockfd)
+{
+ if (source && sockfd < 1024 && !is_bound[sockfd]) {
+ set_next_bind();
+ if (next_bind(sockfd, source, sockaddr_size)) {
+ perror("failed to bind to ip address");
+ next_close(sockfd);
+ exit(EXIT_FAILURE);
+ }
+ is_bound[sockfd] = 1;
+ }
+}
+
+int connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen)
+{
+ set_next_connect();
+ dobind(sockfd);
+ return next_connect(sockfd, addr, addrlen);
+}
+
+ssize_t send(int sockfd, const void *buf, size_t len, int flags)
+{
+ set_next_send();
+ dobind(sockfd);
+ return next_send(sockfd, buf, len, flags);
+}
+
+ssize_t sendto(int sockfd, const void *buf, size_t len, int flags,
+ const struct sockaddr *dest_addr, socklen_t addrlen)
+{
+ set_next_sendto();
+ dobind(sockfd);
+ return next_sendto(sockfd, buf, len, flags, dest_addr, addrlen);
+}
+
+ssize_t sendmsg(int sockfd, const struct msghdr *msg, int flags)
+{
+ set_next_sendmsg();
+ dobind(sockfd);
+ return next_sendmsg(sockfd, msg, flags);
+}
+
+int bind (int sockfd, const struct sockaddr *addr, socklen_t addrlen)
+{
+ set_next_bind();
+ if (device && addr->sa_family == AF_PACKET) {
+ ((struct sockaddr_ll*)addr)->sll_ifindex=device;
+ }
+ else if (source && addr->sa_family == AF_INET) {
+ ((struct sockaddr_in*)addr)->sin_addr = source4.sin_addr;
+ }
+#ifdef CONFIG_IPV6
+ else if (source && addr->sa_family == AF_INET6) {
+ ((struct sockaddr_in6*)addr)->sin6_addr = source6.sin6_addr;
+ }
+#endif
+ if (sockfd < 1024)
+ is_bound[sockfd] = 1;
+ return next_bind(sockfd, addr, addrlen);
+}
+
+int close (int sockfd)
+{
+ set_next_close();
+ if (sockfd < 1024)
+ is_bound[sockfd]=0;
+ return next_close(sockfd);
+}
+
+int setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen)
+{
+ set_next_setsockopt();
+ if (level == SOL_SOCKET && (optname == SO_MARK || optname == SO_BINDTODEVICE))
+ return 0;
+ return next_setsockopt(sockfd, level, optname, optval, optlen);
+}
+
+int socket(int domain, int type, int protocol)
+{
+ int handle;
+
+ const char *socket_str = getenv("DEVICE");
+ const char *srcip_str = getenv("SRCIP");
+ const char *fwmark_str = getenv("FWMARK");
+ const char *family_str = getenv("FAMILY");
+ const int iface_len = socket_str ? strnlen(socket_str, IFNAMSIZ) : 0;
+ int has_family = family_str && *family_str != 0;
+ int has_srcip = srcip_str && *srcip_str != 0;
+ const int fwmark = fwmark_str ? (int)strtol(fwmark_str, NULL, 0) : 0;
+
+ set_next_close();
+ set_next_socket();
+ set_next_send();
+ set_next_setsockopt();
+ set_next_sendmsg();
+ set_next_sendto();
+ set_next_connect();
+ if(has_family) {
+#ifdef CONFIG_IPV6
+ if(domain == AF_INET && strncmp(family_str,"ipv6",4) == 0)
+ return -1;
+#endif
+ if(domain == AF_INET6 && strncmp(family_str,"ipv4",4) == 0)
+ return -1;
+ }
+
+ if (domain != AF_INET
+#ifdef CONFIG_IPV6
+ && domain != AF_INET6
+#endif
+ ) {
+ return next_socket(domain, type, protocol);
+ }
+
+
+ if (iface_len > 0) {
+ if (iface_len == IFNAMSIZ) {
+ fprintf(stderr,"socket: Too long iface name\n");
+ fflush(stderr);
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ if (has_srcip) {
+ int s;
+ void * addr_buf;
+ if (domain == AF_INET) {
+ addr_buf = &source4.sin_addr;
+ sockaddr_size=sizeof source4;
+ memset(&source4, 0, sockaddr_size);
+ source4.sin_family = domain;
+ source = (struct sockaddr*)&source4;
+ }
+#ifdef CONFIG_IPV6
+ else {
+ addr_buf = &source6.sin6_addr;
+ sockaddr_size=sizeof source6;
+ memset(&source6, 0, sockaddr_size);
+ source6.sin6_family=domain;
+ source = (struct sockaddr*)&source6;
+ }
+#endif
+ s = inet_pton(domain, srcip_str, addr_buf);
+ if (s == 0) {
+ fprintf(stderr, "socket: ip address invalid format for family %s\n",
+ domain == AF_INET ? "AF_INET" : domain == AF_INET6 ?
+ "AF_INET6" : "unknown");
+ return -1;
+ }
+ if (s < 0) {
+ perror("inet_pton");
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ handle = next_socket(domain, type, protocol);
+ if (handle == -1 ) {
+ return handle;
+ }
+
+ if (iface_len > 0) {
+ device=if_nametoindex(socket_str);
+ if (next_setsockopt(handle, SOL_SOCKET, SO_BINDTODEVICE,
+ socket_str, iface_len + 1)) {
+ perror("socket: setting interface name failed with error");
+ next_close(handle);
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ if (fwmark > 0) {
+ if (next_setsockopt(handle, SOL_SOCKET, SO_MARK,
+ &fwmark, sizeof fwmark)) {
+ perror("failed setting mark for socket");
+ next_close(handle);
+ exit(EXIT_FAILURE);
+ }
+ }
+ return handle;
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=nextdns
-PKG_VERSION:=1.8.6
+PKG_VERSION:=1.8.8
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_SOURCE_URL:=https://github.com/nextdns/nextdns.git
-PKG_MIRROR_HASH:=8a98fd998aa5ccd5b3ba6552859563e0f1b8cde59d4bf61ec3ac11f0e8b35d10
+PKG_MIRROR_HASH:=cf012e15722269bf78fa60048a137c06651a61599043b50a1d00d120ac52fc85
PKG_MAINTAINER:=Olivier Poitrey <rs@nextdns.io>
PKG_LICENSE:=MIT
PKG_NAME:=nginx
PKG_VERSION:=1.19.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://nginx.org/download/
location /ubus {
ubus_interpreter;
- ubus_socket_path /var/run/ubus.sock;
+ ubus_socket_path /var/run/ubus/ubus.sock;
ubus_parallel_req 2;
}
EOT
fi
fi
+grep -q /var/run/ubus.sock /etc/nginx/conf.d/luci.locations &&
+ sed -i 's#/var/run/ubus.sock#/var/run/ubus/ubus.sock#' /etc/nginx/conf.d/luci.locations
+
if [ -x /etc/init.d/uhttpd ]; then
/etc/init.d/uhttpd disable
if [ -n "$(pgrep uhttpd)" ]; then
PKG_NAME:=openconnect
PKG_VERSION:=8.10
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
#option token_mode 'script'
#option token_script '/lib/custom/getocpass.sh'
- # Juniper vpn support
- #option juniper '1'
+ # For non-anyconnect vpn protocols
+ # Cisco AnyConnect (default)
+ #option vpn_protocol 'anyconnect'
+ # Juniper Network Connect
+ #option vpn_protocol 'nc'
+ # Palo Alto Networks GlobalProtect
+ #option vpn_protocol 'gp'
+ # Pulse Connect Secure
+ #option vpn_protocol 'pulse'
# Authentication form responses
#list form_entry FORM:OPT=VAL
proto_config_add_int "port"
proto_config_add_int "mtu"
proto_config_add_int "juniper"
+ proto_config_add_string "vpn_protocol"
proto_config_add_boolean "no_dtls"
proto_config_add_string "interface"
proto_config_add_string "username"
form_entry \
interface \
juniper \
+ vpn_protocol \
mtu \
no_dtls \
os \
append_args --juniper
fi
+ [ -n "$vpn_protocol" ] && {
+ append_args --protocol "$vpn_protocol"
+ }
+
[ -n "$serverhash" ] && {
append_args "--servercert=$serverhash"
append_args --no-system-trust
include ../openvswitch/openvswitch.mk
PKG_NAME:=ovn
-PKG_VERSION:=20.06.2
-PKG_RELEASE:=2
+PKG_VERSION:=20.09.0
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/ovn-org/ovn.git
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-PKG_MIRROR_HASH:=1cab735f6712be90316183072b6cb8426237f12d2de0293bb80e9954b3502150
+PKG_MIRROR_HASH:=38cf4af2c6b7e1b9440e21281c1da4dc5a48d03504b7063bc019b9459aba4a7e
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=prosody
-PKG_VERSION:=0.11.5
+PKG_VERSION:=0.11.7
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://prosody.im/downloads/source
-PKG_HASH:=55f8bd65d5d2af61cc739bd6164e4207011e0d2d260cde583071c90d8d85408b
+PKG_HASH:=28ffc07653485cb63e22b387d3ea4825ee2baaee0c5827de4d6053a35b1c8747
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=MIT/X11
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/prosody.init $(1)/etc/init.d/prosody
$(INSTALL_DIR) $(1)/etc/prosody
- #$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/prosody/prosody.cfg.lua $(1)/etc/prosody/
- $(INSTALL_CONF) ./files/prosody.cfg.lua $(1)/etc/prosody/
+ $(INSTALL_DATA) ./files/prosody.cfg.lua $(1)/etc/prosody/
$(INSTALL_DIR) $(1)/etc/prosody/certs
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/prosody/certs/localhost.{crt,key} $(1)/etc/prosody/certs/
$(INSTALL_DIR) $(1)/etc/prosody/data
USE_PROCD=1
BIN=/usr/bin/prosodyctl
-LOG_D=/var/log/prosody
-RUN_D=/var/run/prosody
-PID_F=$RUN_D/prosody.pid
-RUN_USER=prosody
-RUN_GROUP=prosody
start_service() {
[ -d /var/run/prosody ] || {
- mkdir -m 0755 -p /var/run/prosody
+ mkdir /var/run/prosody
+ chmod 0755 /var/run/prosody
chown prosody:prosody /var/run/prosody
}
[ -d /var/log/prosody ] || {
- mkdir -m 0755 -p /var/log/prosody
+ mkdir /var/log/prosody
+ chmod 0755 /var/log/prosody
chown prosody:prosody /var/log/prosody
}
chown -R prosody:prosody /etc/prosody/data
}
- [ -f /sbin/paxctl ] && {
- paxctl -v /usr/bin/ > /dev/null 2>&1
- [ $? -ne 0 ] && {
- cp /usr/bin/lua /tmp
- paxctl -c -m /tmp/lua
- cp -f /tmp/lua /usr/bin/lua
- }
- }
-
procd_open_instance
procd_set_param command "$BIN" start
procd_set_param file /etc/prosody/prosody.cfg.lua
+ procd_set_param user prosody
+ procd_set_param group prosody
procd_close_instance
}
stop_service() {
${BIN} stop
}
+
+reload_service() {
+ ${BIN} reload
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=softethervpn
-PKG_VERSION:=4.29-9680
+PKG_VERSION:=4.34-9745
PKG_VERREL:=rtm
-PKG_VERDATE:=2019.02.28
-PKG_RELEASE:=5
+PKG_VERDATE:=2020.04.05
+PKG_RELEASE:=1
PKG_SOURCE:=softether-src-v$(PKG_VERSION)-$(PKG_VERREL).tar.gz
PKG_SOURCE_URL:=http://www.softether-download.com/files/softether/v$(PKG_VERSION)-$(PKG_VERREL)-$(PKG_VERDATE)-tree/Source_Code/
-PKG_HASH:=e6035fa7d9aaf59bdb342cd7ab5ecfdff89811a875f62a3230208cdc8a4e26e4
+PKG_HASH:=bf5547e2a190e8620fe02da9756b32d010e3b64cbc6317f172f7820394b4c036
PKG_MAINTAINER:=Federico Di Marco <fededim@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
-diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c
-index f3b3908..06b7fea 100644
--- a/src/Mayaqua/Encrypt.c
+++ b/src/Mayaqua/Encrypt.c
@@ -120,6 +120,7 @@
#include <openssl/des.h>\r
#include <openssl/aes.h>\r
#include <openssl/dh.h>\r
-@@ -625,7 +627,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
+@@ -627,7 +629,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
return 0;\r
}\r
\r
{\r
return 0;\r
}\r
-@@ -924,6 +926,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
+@@ -926,6 +928,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
// Initialization of the lock of OpenSSL\r
void OpenSSL_InitLock()\r
{\r
UINT i;\r
\r
// Initialization of the lock object\r
-@@ -937,11 +940,13 @@ void OpenSSL_InitLock()
+@@ -939,11 +942,13 @@ void OpenSSL_InitLock()
// Setting the lock function\r
CRYPTO_set_locking_callback(OpenSSL_Lock);\r
CRYPTO_set_id_callback(OpenSSL_Id);\r
UINT i;\r
\r
for (i = 0;i < ssl_lock_num;i++)\r
-@@ -953,11 +958,13 @@ void OpenSSL_FreeLock()
+@@ -955,11 +960,13 @@ void OpenSSL_FreeLock()
\r
CRYPTO_set_locking_callback(NULL);\r
CRYPTO_set_id_callback(NULL);\r
LOCK *lock = ssl_lock_obj[n];\r
\r
if (mode & CRYPTO_LOCK)\r
-@@ -970,12 +977,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
+@@ -972,12 +979,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
// Unlock\r
Unlock(lock);\r
}\r
}\r
\r
// Get the display name of the certificate\r
-@@ -1899,8 +1909,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
+@@ -1901,8 +1911,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
X509_set_version(x509, 2L);\r
\r
// Set the Expiration\r
if (!UINT64ToAsn1Time(t1, notBefore))\r
{\r
FreeX509(x509);\r
-@@ -2041,8 +2051,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
+@@ -2043,8 +2053,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
X509_set_version(x509, 2L);\r
\r
// Set the Expiration\r
}\r
\r
// Release the Crypt library\r
-@@ -4130,13 +4177,16 @@ void InitCryptLibrary()
+@@ -4130,12 +4177,14 @@ void InitCryptLibrary()
CheckIfIntelAesNiSupportedInit();\r
// RAND_Init_For_SoftEther()\r
openssl_lock = NewLock();\r
OpenSSL_add_all_digests();\r
ERR_load_crypto_strings();\r
SSL_load_error_strings();\r
--\r
-+#else\r
-+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);\r
+#endif\r
- #ifdef OS_UNIX\r
- {\r
- char *name1 = "/dev/random";\r
+ \r
+ ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL);\r
+ \r
+--- a/src/Mayaqua/Encrypt.h
++++ b/src/Mayaqua/Encrypt.h
+@@ -105,7 +105,7 @@
+ #ifndef ENCRYPT_H\r
+ #define ENCRYPT_H\r
+ \r
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L\r
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(OPENSSL_NO_CHACHA) && !defined(LIBRESSL_VERSION_NUMBER)\r
+ #define USE_OPENSSL_AEAD_CHACHA20POLY1305\r
+ #endif\r
+ \r
+--- a/src/Mayaqua/Network.c
++++ b/src/Mayaqua/Network.c
+@@ -18172,7 +18172,7 @@ struct ssl_ctx_st *NewSSLCtx(bool server_mode)
+ SSL_CTX_set_ecdh_auto(ctx, 1);\r
+ #endif // SSL_CTX_set_ecdh_auto\r
+ \r
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL\r
++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)\r
+ // For compatibility with VPN 3.0 or older\r
+ SSL_CTX_set_security_level(ctx, 0);\r
+ #endif\r
+--- a/src/Mayaqua/Secure.c
++++ b/src/Mayaqua/Secure.c
+@@ -127,6 +127,7 @@
+ #include <openssl/pkcs7.h>\r
+ #include <openssl/pkcs12.h>\r
+ #include <openssl/rc4.h>\r
++#include <openssl/rsa.h>\r
+ #include <openssl/md5.h>\r
+ #include <openssl/sha.h>\r
+ #include <Mayaqua/Mayaqua.h>\r
-diff --git a/src/Mayaqua/Mayaqua.h b/src/Mayaqua/Mayaqua.h
-index 194f8e6..177129e 100644
--- a/src/Mayaqua/Mayaqua.h
+++ b/src/Mayaqua/Mayaqua.h
@@ -283,7 +283,7 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
typedef void *iconv_t;\r
iconv_t iconv_open (__const char *__tocode, __const char *__fromcode);\r
size_t iconv (iconv_t __cd, char **__restrict __inbuf,\r
-diff --git a/src/makefiles/linux_32bit.mak b/src/makefiles/linux_32bit.mak
-index 8219d5d..8020290 100644
--- a/src/makefiles/linux_32bit.mak
+++ b/src/makefiles/linux_32bit.mak
@@ -68,7 +68,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lrea
INSTALL_BINDIR=/usr/bin/
INSTALL_VPNSERVER_DIR=/usr/vpnserver/
-diff --git a/src/makefiles/linux_64bit.mak b/src/makefiles/linux_64bit.mak
-index 7f81b58..a36e0de 100644
--- a/src/makefiles/linux_64bit.mak
+++ b/src/makefiles/linux_64bit.mak
@@ -68,7 +68,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto
+++ /dev/null
---- a/src/Mayaqua/Secure.c
-+++ b/src/Mayaqua/Secure.c
-@@ -127,6 +127,7 @@
- #include <openssl/pkcs7.h>\r
- #include <openssl/pkcs12.h>\r
- #include <openssl/rc4.h>\r
-+#include <openssl/rsa.h>\r
- #include <openssl/md5.h>\r
- #include <openssl/sha.h>\r
- #include <Mayaqua/Mayaqua.h>\r
include $(TOPDIR)/rules.mk
PKG_NAME:=stunnel
-PKG_VERSION:=5.56
+PKG_VERSION:=5.57
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0-or-later
https://www.usenix.org.uk/mirrors/stunnel/archive/$(word 1, $(subst .,$(space),$(PKG_VERSION))).x/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=7384bfb356b9a89ddfee70b5ca494d187605bb516b4fff597e167f97e2236b22
+PKG_HASH:=af5ab973dde11807c38735b87bdd87563a47d2fa1c72a07929fcfce80a600fe1
PKG_FIXUP:=autoreconf
PKG_FIXUP:=patch-libtool
PKG_NAME:=transmission
PKG_VERSION:=3.00
-PKG_RELEASE:=6
+PKG_RELEASE:=7
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GITHUB/transmission/transmission-releases/master
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
+PKG_CONFIG_DEPENDS:= \
+ CONFIG_LIBCURL_GNUTLS \
+ CONFIG_LIBCURL_MBEDTLS \
+ CONFIG_LIBCURL_OPENSSL \
+ CONFIG_LIBCURL_WOLFSSL \
+ CONFIG_LIBCURL_NOSSL
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/package-seccomp.mk
CATEGORY:=Network
TITLE:=BitTorrent client
URL:=https://www.transmissionbt.com
- DEPENDS:=+libcurl +libevent2 +libminiupnpc +libnatpmp +libpthread +librt +zlib $(ICONV_DEPENDS)
+ DEPENDS:=+libcurl +libevent2 +libminiupnpc +libnatpmp +libpthread +librt +zlib +LIBCURL_NOSSL:libmbedtls +LIBCURL_GNUTLS:libmbedtls $(ICONV_DEPENDS)
endef
-define Package/transmission-daemon/Default
+define Package/transmission-daemon
$(call Package/transmission/template)
USERID:=transmission=224:transmission=224
endef
-define Package/transmission-daemon-openssl
- $(call Package/transmission-daemon/Default)
- TITLE+= (with OpenSSL)
- DEPENDS+=+libopenssl
- VARIANT:=openssl
-endef
-
-define Package/transmission-daemon-mbedtls
- $(call Package/transmission-daemon/Default)
- TITLE+= (with mbed TLS)
- DEPENDS+=+libmbedtls
- VARIANT:=mbedtls
-endef
-
-define Package/transmission-cli-openssl
- $(call Package/transmission/template)
- TITLE+= (with OpenSSL)
- DEPENDS+=+libopenssl
- VARIANT:=openssl
-endef
-
-define Package/transmission-cli-mbedtls
+define Package/transmission-cli
$(call Package/transmission/template)
- TITLE+= (with mbed TLS)
- DEPENDS+=+libmbedtls
- VARIANT:=mbedtls
+ TITLE+= (utilities)
endef
-define Package/transmission-remote-openssl
+define Package/transmission-remote
$(call Package/transmission/template)
- TITLE+= (with OpenSSL)
- DEPENDS+=+libopenssl
- VARIANT:=openssl
-endef
-
-define Package/transmission-remote-mbedtls
- $(call Package/transmission/template)
- TITLE+= (with mbed TLS)
- DEPENDS+=+libmbedtls
- VARIANT:=mbedtls
+ TITLE+= (remote)
endef
define Package/transmission-web
$(call Package/transmission/template)
TITLE+= (webinterface)
- DEPENDS:=@(PACKAGE_transmission-daemon-openssl||PACKAGE_transmission-daemon-mbedtls)
+ DEPENDS:=+transmission-daemon
PKGARCH:=all
endef
-
-define Package/transmission-daemon/Default/description
+define Package/transmission-daemon/description
Transmission is a simple BitTorrent client.
It features a very simple, intuitive interface
on top on an efficient, cross-platform back-end.
This package contains the daemon itself.
endef
-Package/transmission-daemon-openssl/description = $(Package/transmission-daemon/Default/description)
-Package/transmission-daemon-mbedtls/description = $(Package/transmission-daemon/Default/description)
-define Package/transmission-cli/Default/description
+define Package/transmission-cli/description
CLI utilities for transmission.
endef
-Package/transmission-cli-openssl/description = $(Package/transmission-cli/Default/description)
-Package/transmission-cli-mbedtls/description = $(Package/transmission-cli/Default/description)
-define Package/transmission-remote/Default/description
+define Package/transmission-remote/description
CLI remote interface for transmission.
endef
-Package/transmission-remote-openssl/description = $(Package/transmission-remote/Default/description)
-Package/transmission-remote-mbedtls/description = $(Package/transmission-remote/Default/description)
define Package/transmission-web/description
Webinterface resources for transmission.
endef
-define Package/transmission-daemon-openssl/conffiles
+define Package/transmission-daemon/conffiles
/etc/config/transmission
endef
-Package/transmission-daemon-mbedtls/conffiles = $(Package/transmission-daemon-openssl/conffiles)
TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
TARGET_LDFLAGS += -Wl,--gc-sections -Wl,--as-needed -liconv
--enable-lightweight \
--without-gtk \
--without-kqueue \
- --without-systemd-daemon
-
-ifeq ($(BUILD_VARIANT),mbedtls)
- CONFIGURE_ARGS += --with-crypto=polarssl
-else
- CONFIGURE_ARGS += --with-crypto=openssl
-endif
-
-define Package/transmission-daemon-openssl/install
+ --without-systemd-daemon \
+ $(if $(CONFIG_LIBCURL_NOSSL),--with-crypto=polarssl) \
+ $(if $(CONFIG_LIBCURL_GNUTLS),--with-crypto=polarssl) \
+ $(if $(CONFIG_LIBCURL_MBEDTLS),--with-crypto=polarssl) \
+ $(if $(CONFIG_LIBCURL_OPENSSL),--with-crypto=openssl) \
+ $(if $(CONFIG_LIBCURL_WOLFSSL),--with-crypto=cyassl)
+
+define Package/transmission-daemon/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/transmission-daemon $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_CONF) files/transmission.sysctl $(1)/etc/sysctl.d/20-transmission.conf
$(call InstallSeccomp,$(1),./files/transmission-daemon.json)
endef
-Package/transmission-daemon-mbedtls/install = $(Package/transmission-daemon-openssl/install)
-define Package/transmission-cli-openssl/install
+define Package/transmission-cli/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/transmission-cli \
$(PKG_INSTALL_DIR)/usr/bin/transmission-create \
$(PKG_INSTALL_DIR)/usr/bin/transmission-show \
$(1)/usr/bin/
endef
-Package/transmission-cli-mbedtls/install = $(Package/transmission-cli-openssl/install)
-define Package/transmission-remote-openssl/install
+define Package/transmission-remote/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/transmission-remote $(1)/usr/bin/
endef
-Package/transmission-remote-mbedtls/install = $(Package/transmission-remote-openssl/install)
define Package/transmission-web/install
$(INSTALL_DIR) $(1)/usr/share/transmission
$(CP) $(PKG_INSTALL_DIR)/usr/share/transmission/web $(1)/usr/share/transmission/
endef
-$(eval $(call BuildPackage,transmission-daemon-openssl))
-$(eval $(call BuildPackage,transmission-daemon-mbedtls))
-$(eval $(call BuildPackage,transmission-cli-openssl))
-$(eval $(call BuildPackage,transmission-cli-mbedtls))
-$(eval $(call BuildPackage,transmission-remote-openssl))
-$(eval $(call BuildPackage,transmission-remote-mbedtls))
+$(eval $(call BuildPackage,transmission-daemon))
+$(eval $(call BuildPackage,transmission-cli))
+$(eval $(call BuildPackage,transmission-remote))
$(eval $(call BuildPackage,transmission-web))
PKG_NAME:=udpxy
PKG_VERSION:=1.0-24.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/pcherenkov/udpxy/tar.gz/$(PKG_VERSION)?
procd_set_param command /usr/bin/udpxy
procd_append_param command "-T"
- append_bool "$cfg" verbose "-V"
+ append_bool "$cfg" verbose "-v"
append_bool "$cfg" status "-S"
append_arg "$cfg" bind "-a"
append_arg "$cfg" port "-p"
PKG_NAME:=xinetd
PKG_VERSION:=2.3.15
-PKG_RELEASE:=8
+PKG_RELEASE:=9
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/xinetd-org/xinetd/archive
define Package/xinetd/conffiles
/etc/config/xinetd
+/etc/xinetd.d
endef
TARGET_CFLAGS += -DNO_RPC
CONF_FILE="/etc/config/xinetd"
GENERATED_CONF_FILE="/var/run/xinetd.conf"
+OTHER_CONF_DIR="/tmp/xinetd.d"
ServiceEntry="false"
ListName=""
echo "}" >> $GENERATED_CONF_FILE
echo "" >> $GENERATED_CONF_FILE
echo "includedir /etc/xinetd.d" >> $GENERATED_CONF_FILE
+ echo "includedir $OTHER_CONF_DIR" >> $GENERATED_CONF_FILE
config_load xinetd
}
start_service() {
+ mkdir -p $OTHER_CONF_DIR
+
generate_config
procd_open_instance
# option type 'UNLISTED'
# option port '6556'
# option socket_type 'stream'
-# option protocol 'tcp'
-# option wait 'no'
+# option protocol 'tcp'
+# option wait 'no'
# option user 'root'
# option server '/usr/bin/check_mk_agent'
-# option log_on_success ''
-# option only_from '127.0.0.1'
-# option disable 'no'
+# list only_from '127.0.0.1'
+# list only_from '1.1.1.1'
+# list log_on_success 'PID'
+# list log_on_success 'HOST'
+# option disable 'no'
include $(TOPDIR)/rules.mk
PKG_NAME:=xl2tpd
-PKG_VERSION:=1.3.15
-PKG_RELEASE:=3
+PKG_VERSION:=1.3.16
+PKG_RELEASE:=1
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MIRROR_HASH:=e12232fef216a1cb5b74f990616aff1dd851c62812ef54658a330629823c0996
+PKG_MIRROR_HASH:=bbb5e21967ec036bb59e18d2a8792b29d7525a1ba13de49f0b80325ab7bce2c6
PKG_INSTALL:=1
PKG_NAME:=znc
PKG_VERSION:=1.7.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://znc.in/releases \
config znc
- # where to listen for connections
- list listener '192.168.1.1 1234'
- # If using SSL sockets, use the following certifcate:
+ # If using SSL sockets, use the following certificate:
# option znc_ssl_cert '/etc/znc.cert'
# load global modules (You need to install them first):
# remove this to enable the service
option disabled 1
+config listener 'sampleListener'
+ option allowirc 'true'
+ option allowweb 'false'
+ option host '192.168.1.1'
+ option port '1234'
+ option ipv4 'true'
+ option ipv6 'false'
+ # you must set option_ssl_cert in znc section before change
+ option ssl 'false'
+
config user 'sampleUser'
# Use either a plain text password or use the full sha256#... line.
# You can generate one with 'znc -s'.
mkdir -p $ZNC_CONFIG_PATH/configs/
[ ! -f "$ZNC_CONFIG" ] || rm "$ZNC_CONFIG"
- add_param "Version" "1.0"
+ add_param "Version" "1.6"
config_get anoniplimit "$znc" anoniplimit
config_get maxbuffersize "$znc" maxbuffersize
fi
}
+add_listener() {
+ local listener="$1"
+ local host
+ local port
+ local allowirc
+ local allowweb
+ local ipv4
+ local ipv6
+ local ssl
+
+ config_get host "$listener" host
+ config_get port "$listener" port
+ config_get allowirc "$listener" allowirc
+ config_get allowweb "$listener" allowweb
+ config_get ipv4 "$listener" ipv4
+ config_get ipv6 "$listener" ipv6
+ config_get ssl "$listener" ssl
+
+ echo "<Listener $listener>" >> $ZNC_CONFIG
+
+ [ -z "$host" ] || add_param " Host" "$host"
+ [ -z "$port" ] || add_param " Port" "$port"
+ [ -z "$allowirc" ] || add_param " AllowIRC" "$allowirc"
+ [ -z "$allowweb" ] || add_param " AllowWeb" "$allowweb"
+ [ -z "$ipv4" ] || add_param " IPv4" "$ipv4"
+ [ -z "$ipv6" ] || add_param " IPv6" "$ipv6"
+ [ -z "$ssl" ] || add_param " SSL" "$ssl"
+
+ echo "</Listener>" >> $ZNC_CONFIG
+}
+
add_user() {
local user="$1"
local password
PKG_LICENSE:=LGPL-2.0
PKG_LICENSE_FILES:=COPYING LICENSE
+PKG_CPE_ID:=cpe:/a:lame_project:lame
PKG_CONFIG_DEPENDS:= CONFIG_LAME-LIB_OPTIMIZE_SPEED
include $(TOPDIR)/rules.mk
PKG_NAME:=at
-PKG_VERSION:=3.1.23
-PKG_RELEASE:=3
-
-PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
-PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/a/at
-PKG_HASH:=97450aa954aaa8a70218cc8e61a33df9fee9f86527e9f861de302fb7a3c81710
+PKG_VERSION:=3.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=https://salsa.debian.org/debian/at.git
+PKG_SOURCE_VERSION:=release/3.2.1
+PKG_MIRROR_HASH=c37feb425e7d310f29b4c8dffd846b8a3b410ff6e88a6563f0ecaa636fb22cc2
PKG_MAINTAINER:=Phil Eichinger <phil@zankapfel.net>
PKG_LICENSE:=GPL-2.0-or-later GPL-3.0-or-later ISC
include $(TOPDIR)/rules.mk
PKG_NAME:=bigclown-firmware-tool
-PKG_VERSION:=1.5.1
-PKG_RELEASE:=2
+PKG_VERSION:=1.5.2
+PKG_RELEASE:=1
PYPI_NAME:=bcf
-PKG_HASH:=50b0351b97e6b1b1d4cb4703491daa6102e7e5b3b750b47fa35182d9eb39ab9c
+PKG_HASH:=8ad897586d02433d01a58b4978516621bea388cd230640eb0b8f8f9e40f10e6c
PKG_MAINTAINER:=Karel Kočí <cynerd@email.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=bigclown-mqtt2influxdb
-PKG_VERSION:=1.3.0
-PKG_RELEASE:=2
+PKG_VERSION:=1.4.0
+PKG_RELEASE:=1
PYPI_NAME:=mqtt2influxdb
-PKG_HASH:=1b4b3b13f5b2f092bcd27846d94e91ad6f05141b2daea5167a7d58b09a782639
+PKG_HASH:=9fd98d2239c0b9a2482db8e55e3e5a310c5b644aa7d42c57d35ed775adb0101a
PKG_MAINTAINER:=Karel Kočí <cynerd@email.cz>
PKG_LICENSE:=MIT
PKG_NAME:=coreutils
PKG_VERSION:=8.32
-PKG_RELEASE:=3
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/coreutils
touch true uname
DIR_USR_BIN := \
- basename cksum comm cut dirname du env expand expr factor fold groups \
- head hostid id install logname md5sum mkfifo nl nohup nproc od paste \
- printf readlink realpath seq sha1sum sha256sum sha512sum shred shuf \
- sort split sum tac tail tee test timeout tr truncate tty unexpand uniq \
- unlink uptime users wc who whoami yes
+ basename chcon cksum comm cut dirname du env expand expr factor fold \
+ groups head hostid id install logname md5sum mkfifo nl nohup nproc od \
+ paste printf readlink realpath runcon seq sha1sum sha256sum sha512sum \
+ shred shuf sort split sum tac tail tee test timeout tr truncate tty \
+ unexpand uniq unlink uptime users wc who whoami yes
DIR_USR_SBIN := \
chroot
# BusyBox does not provide these yet
DIR_OTHERS := \
- base32 b2sum basenc chcon csplit dir dircolors fmt join numfmt pathchk \
- pinky pr ptx runcon sha224sum sha384sum stdbuf tsort vdir
+ base32 b2sum basenc csplit dir dircolors fmt join numfmt pathchk pinky \
+ pr ptx sha224sum sha384sum stdbuf tsort vdir
$(eval $(foreach a,$(DIR_BIN),ALTS_$(a):=300:/bin/$(a):/usr/bin/gnu-$(a)$(newline)))
$(eval $(foreach a,$(DIR_USR_BIN),ALTS_$(a):=300:/usr/bin/$(a):/usr/bin/gnu-$(a)$(newline)))
include $(TOPDIR)/rules.mk
PKG_NAME:=ctop
-PKG_VERSION:=0.7.3
-PKG_RELEASE:=2
+PKG_VERSION:=0.7.4
+PKG_RELEASE:=1
PKG_SOURCE:=v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/bcicen/ctop/archive
-PKG_HASH:=3b083b55a7cda7782e370bf03412dbf51ca4a94c1d56325ff70a1545d7a30adc
+PKG_HASH:=55d9a3c6d4cddf6f1afdd52401bb709d3265a96c45fdc51bfa4223467c5d7fb1
PKG_MAINTAINER:=Javier Marcet <javier@marcet.info>
PKG_LICENSE:=MIT
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=dumb-init
+PKG_VERSION:=1.2.2
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/Yelp/dumb-init/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=d4e2e10e39ad49c225e1579a4d770b83637399a0be48e29986f720fae44dafdf
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Toni Uhlig <matzeton@googlemail.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+
+MAKE_FLAGS+=CFLAGS='$(TARGET_CFLAGS) $(TARGET_LDFLAGS)'
+
+define Package/dumb-init
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=dumb-init
+ URL:=https://github.com/Yelp/dumb-init.git
+endef
+
+define Package/dumb-init/description
+ dumb-init is a simple process supervisor and init system designed to run as
+ PID 1 inside minimal container environments.
+endef
+
+define Package/dumb-init/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/dumb-init $(1)/usr/sbin/dumb-init
+endef
+
+$(eval $(call BuildPackage,dumb-init))
include $(TOPDIR)/rules.mk
PKG_NAME:=logrotate
-PKG_VERSION:=3.16.0
-PKG_RELEASE:=2
+PKG_VERSION:=3.17.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/logrotate/logrotate/releases/download/$(PKG_VERSION)
-PKG_HASH:=442f6fdf61c349eeae5f76799878b88fe45a11c8863a38b618bac6988f4a7ce5
+PKG_HASH:=58cc2178ff57faa3c0490181cce041345aeca6cff18dba1c5cd1398bf1c19294
PKG_MAINTAINER:=Christian Beier <cb@shoutrlabs.com>
PKG_LICENSE:=GPL-2.0-or-later
--- /dev/null
+#!/bin/sh
+
+logrotate --version 2>&1 | grep "$2"
mysql_install_db \
mysql_upgrade \
mysqladmin \
- mysqld \
- mysqld_safe
+ mysqld
MARIADB_SERVER_EXTRA := \
aria_chk \
mysql_setpermission \
mysql_tzinfo_to_sql \
mysqld_multi \
+ mysqld_safe \
mysqld_safe_helper \
mysqldumpslow \
mysqlhotcopy \
-DINSTALL_SQLBENCHDIR="" \
-DINSTALL_SUPPORTFILESDIR=share/mariadb \
-DINSTALL_UNIX_ADDRDIR=$(MARIADB_SOCKET) \
- -DMYSQL_DATADIR=/var/lib/mysql \
+ -DMYSQL_DATADIR=/srv/mysql \
-DMYSQL_UNIX_ADDR=$(MARIADB_SOCKET) \
-DSKIP_TESTS=ON \
-DWITH_DEBUG=OFF \
START=95
# shellcheck disable=SC2034
STOP=10
+# shellcheck disable=SC2034
+USE_PROCD=1
NAME=mysqld
+my_user="mariadb"
+my_group="mariadb"
LOGGER="/usr/bin/logger -p user.err -s -t $NAME --"
[ -x "$LOGGER" ] || LOGGER="echo"
-MYSQLADMIN="/usr/bin/mysqladmin"
MYSQLD="/usr/bin/$NAME"
-MYSQLDSAFE="/usr/bin/mysqld_safe"
+
+pidfile=""
# mysqladmin likes to read /root/.my.cnf which could cause issues.
export HOME="/etc/mysql"
cd /
mysqld_get_param() {
- $MYSQLD --print-defaults \
- | tr " " "\n" \
- | grep -- "--$1" \
- | tail -n 1 \
- | cut -d= -f2
+ "$MYSQLD" --help --verbose | sed -n 's|^'"$1"'[[:blank:]]\+||p'
+}
+
+# Send kill signal to MariaDB process
+#
+# Usage: boolean mysqld_kill signal
+mysql_kill() {
+ [ -n "$pidfile" ] || pidfile="$(mysqld_get_param pid-file)"
+ [ -f "$pidfile" ] || return 1
+ pid="$(cat "$pidfile")"
+ [ -n "$pid" ] || return 2
+ kill "$1" "$pid"
}
# Checks if a server is running and accessible.
#
-# check_alive insists on a pingable server
-# check_dead also fails if there is a lost mysqld in the process list
+# Supported modes are 'check_alive' and 'check_dead'.
+# Both check for pidfile and whether the specified process is running and is
+# indeed mysqld. We could use mysqladmin for the check, but to be able to do
+# so, mysqladmin requires access to the database, which sounds like overkill
+# and potential security issue.
#
# Usage: boolean mysqld_status [check_alive|check_dead]
mysqld_status() {
- if $MYSQLADMIN ping >/dev/null 2>&1; then
- ping_alive=1
- else
- ping_alive=0
- fi
-
ps_alive=0
pidfile="$(mysqld_get_param pid-file)"
- if [ -f "$pidfile" ] && kill -0 "$(cat "$pidfile")" >/dev/null 2>&1; then
+ if [ -f "$pidfile" ] && mysql_kill -0 2> /dev/null && \
+ [ "$(readlink "/proc/$(cat "$pidfile")/exe")" = "$MYSQLD" ]; then
ps_alive=1
fi
- if { [ "$1" = check_alive ] && [ $ping_alive = 1 ]; } || \
- { [ "$1" = check_dead ] && [ $ping_alive = 0 ] \
- && [ $ps_alive = 0 ]; }
+ if { [ "$1" = check_alive ] && [ $ps_alive = 1 ]; } || \
+ { [ "$1" = check_dead ] && [ $ps_alive = 0 ]; }
then
return 0 # EXIT_SUCCESS
else
fi
}
-start() {
+start_service() {
conf=/etc/mysql/my.cnf
logdir=/var/log/mysql
rundir=/var/run/mysqld
hint="please fix your server configuration in /etc/mysql/"
-
- for i in "$MYSQLD" "$MYSQLADMIN" "$MYSQLDSAFE"; do
- if [ ! -x "$i" ]; then
- $LOGGER "$i is missing"
- exit 1
- fi
- done
+
+ if [ ! -x "$MYSQLD" ]; then
+ $LOGGER "$MYSQLD is missing"
+ exit 1
+ fi
if [ ! -r "$conf" ]; then
$LOGGER "$conf cannot be read"
exit 1
fi
+ if mysqld_status check_alive; then
+ $LOGGER "server is already running"
+ exit 0
+ fi
+
config_load "$NAME"
config_get_bool enabled general enabled 0
datadir="$(mysqld_get_param datadir)"
tmpdir="$(mysqld_get_param tmpdir)"
- if [ -z "$datadir" ]; then
- $LOGGER "datadir is not set"
- $LOGGER "$hint"
- exit 1
- fi
-
- if [ -z "$tmpdir" ]; then
- $LOGGER "tmpdir is not set"
- $LOGGER "$hint"
- exit 1
- fi
-
if [ ! -f "$datadir/mysql/tables_priv.MAD" ]; then
args="--force"
basedir="$(mysqld_get_param basedir)"
$LOGGER "Cannot detect privileges table. You might need to run"
$LOGGER "'mysql_install_db \"$args\"'"
$LOGGER "to initialize the system tables."
+ $LOGGER "Then hand it ower to MariaDB user"
+ $LOGGER "'chown -Rh \"$my_user:$my_group\" \"$datadir\"'"
exit 1
fi
- # Start daemon
- if mysqld_status check_alive; then
- $LOGGER "server is already running"
- else
- for i in "$logdir" "$rundir"; do
- opts="-m 0750"
- if ! [ -e "$i" ]; then
- # $rundir needs to be accessible for
- # clients
- if [ "$i" = "$rundir" ]; then
- opts=
- fi
- # shellcheck disable=SC2086
- mkdir -p $opts "$i"
- [ -d "$i" ] && chown mariadb:mariadb "$i"
+ for i in "$logdir" "$rundir" "$tmpdir" "$datadir"; do
+ opts="-m 0750"
+ if ! [ -e "$i" ]; then
+ # $rundir needs to be accessible for
+ # clients
+ if [ "$i" = "$rundir" ]; then
+ opts=
fi
- done
- # shellcheck disable=SC2154,SC2086
- "$MYSQLDSAFE" $options >/dev/null 2>&1 &
- fi
-}
-
-stop() {
- if ! mysqld_status check_dead; then
- "$MYSQLADMIN" shutdown
- fi
-}
+ # shellcheck disable=SC2086
+ mkdir -p $opts "$i"
+ [ -d "$i" ] && chown -Rh "$my_user:$my_group" "$i"
+ fi
+ done
-reload() {
- if mysqld_status check_alive; then
- "$MYSQLADMIN" reload
- else
- $LOGGER "server is not running"
- fi
+ # Start daemon
+ procd_open_instance
+
+ # shellcheck disable=SC2154 disable=SC2086
+ procd_set_param command "$MYSQLD" $options
+ procd_set_param respawn "${respawn_threshold:-3600}" "${respawn_timeout:-5}" "${respawn_retry:-5}"
+ # run as user
+ procd_set_param user "$my_user"
+ # forward stderr to logd
+ procd_set_param stderr 1
+ # use HUP to reload
+ procd_set_param reload_signal HUP
+ # terminate using signals
+ procd_set_param term_timeout 60
+
+ procd_close_instance
}
include $(TOPDIR)/rules.mk
PKG_NAME:=prometheus
-PKG_VERSION:=2.21.0
+PKG_VERSION:=2.22.0
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/prometheus/prometheus/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=afafed1be631a53ada60e2b2f12cfdb51dcaee5e539fb65e9983f3276c99f5af
+PKG_HASH:=9390cbd338d253956184d0f0a6719d21cb5719f0319fc48ee08d5bd48fc87cc2
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=psmisc
+PKG_VERSION:=23.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=@SF/psmisc
+PKG_HASH:=41750e1a5abf7ed2647b094f58127c73dbce6876f77ba4e0a7e0995ae5c7279a
+
+PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/psmisc
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=proc utilities
+ URL:=https://gitlab.com/psmisc/psmisc/
+ DEPENDS:=+libncurses
+endef
+
+define Package/psmisc/description
+ psmisc is a set of additional small useful utilities that use
+ the proc filesystem like fuser, killall, prtstat, pstree.
+endef
+
+CONFIGURE_ARGS += \
+ --disable-harden-flags
+
+MAKE_FLAGS += \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ CPPFLAGS="$(TARGET_CPPFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
+
+define Package/psmisc/preinst
+#!/bin/sh
+if [ -e $${IPKG_INSTROOT}/usr/bin/killall ]; then
+ rm $${IPKG_INSTROOT}/usr/bin/killall;
+fi
+endef
+
+define Package/psmisc/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{fuser,killall,prtstat,pstree} $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,psmisc))
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=reptyr
+PKG_VERSION:=0.8.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/nelhage/reptyr/archive/
+PKG_HASH:=4b470ed2a0d25fed591739fa9613ce7ad3d0377891eb56cbe914e3c85db46ca8
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/reptyr
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=Tool for reparenting running programs
+ URL:=https://github.com/nelhage/reptyr
+ DEPENDS:=@!(arc||mips)
+endef
+
+define Package/reptyr/description
+ reptyr is a utility for taking an existing running program and attaching it
+ to a new terminal. Started a long-running process over ssh, but have to
+ leave and don't want to interrupt it? Just start a screen, use reptyr to
+ grab it, and then kill the ssh session and head on home.
+endef
+
+MAKE_FLAGS+= \
+ PREFIX=/usr
+
+define Package/reptyr/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/reptyr $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,reptyr))
--- /dev/null
+#!/bin/sh
+
+reptyr -version 2>&1 | grep "$2"
PKG_NAME:=setools
PKG_VERSION:=4.3.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/SELinuxProject/setools/releases/download/4.3.0
+++ /dev/null
-diff -u --recursive setools-vanilla/setup.py setools/setup.py
---- setools-vanilla/setup.py 2020-04-01 09:57:49.000000000 -0500
-+++ setools/setup.py 2020-08-12 21:44:41.265149504 -0500
-@@ -109,7 +109,6 @@
- extra_compile_args=['-Werror', '-Wextra',
- '-Waggregate-return',
- '-Wfloat-equal',
-- '-Wformat', '-Wformat=2',
- '-Winit-self',
- '-Wmissing-format-attribute',
- '-Wmissing-include-dirs',
--- /dev/null
+diff -u --recursive setools-vanilla/setup.py setools/setup.py
+--- setools-vanilla/setup.py 2020-04-01 09:57:49.000000000 -0500
++++ setools/setup.py 2020-08-12 21:44:41.265149504 -0500
+@@ -109,7 +109,6 @@
+ extra_compile_args=['-Werror', '-Wextra',
+ '-Waggregate-return',
+ '-Wfloat-equal',
+- '-Wformat', '-Wformat=2',
+ '-Winit-self',
+ '-Wmissing-format-attribute',
+ '-Wmissing-include-dirs',
--- /dev/null
+--- a/setup.py
++++ b/setup.py
+@@ -126,6 +126,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
+ '-Wno-unreachable-code',
+ '-Wno-implicit-fallthrough',
+ '-Wno-cast-function-type',
++ '-Wno-deprecated-declarations',
+ '-fno-exceptions'])]
+
+ installed_data = [('share/man/man1', glob.glob("man/*.1"))]
--- /dev/null
+#
+# This software is licensed under the Public Domain.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=sipcalc
+PKG_SOURCE_DATE:=2014-10-24
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/sii/sipcalc
+PKG_SOURCE_VERSION:=9b97dbca1a0ccaaeb322b8f0a4100dc234cfcc8c
+PKG_MIRROR_HASH:=fac4a3e967055bac734bda86c34d318c9bf8dc17b0feb24f556b1d5af57d2896
+
+PKG_MAINTAINER:=Nick Hainke <vincent@systemli.org>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/sipcalc
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=IPv4/IPv6 Calculator
+ URL:=https://github.com/sii/sipcalc
+endef
+
+define Package/sipcalc/description
+ Sipcalc is an advanced ip calculator supporting both IPv4 and IPv6.
+endef
+
+define Package/sipcalc/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/sipcalc $(1)/usr/sbin/sipcalc
+endef
+
+$(eval $(call BuildPackage,sipcalc))
PKG_NAME:=telldus-core
PKG_VERSION:=2.1.2
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://download.telldus.com/TellStick/Software/telldus-core/
PKG_BUILD_DEPENDS:=!USE_GLIBC:argp-standalone
include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/telldus-core
CATEGORY:=Utilities
TITLE:=Telldus TellStick USB interface
URL:=https://telldus.com
- DEPENDS:=+confuse +libftdi +libstdcpp $(ICONV_DEPENDS)
+ DEPENDS:=+confuse +libftdi +libstdcpp
endef
define Package/telldus-core/description
CMAKE_OPTIONS += \
-DBUILD_LIBTELLDUS-CORE=1 \
-DBUILD_TDTOOL=1 \
- -DGENERATE_MAN=0 \
- -DICONV_LIBRARY=-liconv
+ -DGENERATE_MAN=0
define Package/telldus-core/install
$(INSTALL_DIR) $(1)/usr/bin
--- /dev/null
+--- a/common/Strings.cpp
++++ b/common/Strings.cpp
+@@ -12,7 +12,8 @@
+ #ifdef _WINDOWS
+ #include <windows.h>
+ #else
+-#include <iconv.h>
++#include <locale>
++#include <codecvt>
+ #endif
+ #include <algorithm>
+ #include <sstream>
+@@ -50,35 +51,8 @@ std::wstring TelldusCore::charToWstring(const char *value) {
+ return retval;
+
+ #else
+- size_t utf8Length = strlen(value);
+- size_t outbytesLeft = utf8Length*sizeof(wchar_t);
+-
+- // Copy the instring
+- char *inString = new char[utf8Length+1];
+- snprintf(inString, utf8Length+1, "%s", value);
+-
+- // Create buffer for output
+- char *outString = reinterpret_cast<char*>(new wchar_t[utf8Length+1]);
+- memset(outString, 0, sizeof(wchar_t)*(utf8Length+1));
+-
+-#ifdef _FREEBSD
+- const char *inPointer = inString;
+-#else
+- char *inPointer = inString;
+-#endif
+- char *outPointer = outString;
+-
+- iconv_t convDesc = iconv_open(WCHAR_T_ENCODING, "UTF-8");
+- iconv(convDesc, &inPointer, &utf8Length, &outPointer, &outbytesLeft);
+- iconv_close(convDesc);
+-
+- std::wstring retval( reinterpret_cast<wchar_t *>(outString) );
+-
+- // Cleanup
+- delete[] inString;
+- delete[] outString;
+-
+- return retval;
++ std::wstring_convert<std::codecvt_utf8<wchar_t>> converter;
++ return converter.from_bytes(value);
+ #endif
+ }
+
+@@ -211,19 +185,8 @@ std::string TelldusCore::wideToString(const std::wstring &input) {
+ #else
+ char *inPointer = inString;
+ #endif
+- char *outPointer = outString;
+-
+- iconv_t convDesc = iconv_open("UTF-8", WCHAR_T_ENCODING);
+- iconv(convDesc, &inPointer, &wideSize, &outPointer, &outbytesLeft);
+- iconv_close(convDesc);
+-
+- std::string retval(outString);
+-
+- // Cleanup
+- delete[] inString;
+- delete[] outString;
+-
+- return retval;
++ std::wstring_convert<std::codecvt_utf8<wchar_t>> converter;
++ return converter.to_bytes(input);
+ #endif
+ }
+
)
ENDIF (WIN32)
---- a/common/CMakeLists.txt
-+++ b/common/CMakeLists.txt
-@@ -66,12 +66,16 @@ ELSEIF (CMAKE_SYSTEM_NAME MATCHES "FreeB
- )
- ELSE (APPLE)
- #### Linux ####
-+ #FIND_LIBRARY(ICONV_LIBRARY iconv) Does not work
- ADD_DEFINITIONS( -D_LINUX )
- LIST(APPEND telldus-common_SRCS
- Event_unix.cpp
- EventHandler_unix.cpp
- Socket_unix.cpp
- )
-+ LIST(APPEND telldus-common_LIBRARIES
-+ ${ICONV_LIBRARY}
-+ )
- ENDIF (APPLE)
-
-
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -62,7 +62,7 @@ IF(DOXYGEN_FOUND)
#
-# Copyright (C) 2007-2019 OpenWrt.org
+# Copyright (C) 2007-2020 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=zoneinfo
-PKG_VERSION:=2020b
+PKG_VERSION:=2020d
PKG_RELEASE:=1
#As i couldn't find real license used "Public Domain"
PKG_SOURCE:=tzdata$(PKG_VERSION).tar.gz
PKG_SOURCE_CODE:=tzcode$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.iana.org/time-zones/repository/releases
-PKG_HASH:=9b053f951d245ce89d850b96ee4711d82d833559b1fc96ba19f90bc4d745e809
+PKG_HASH:=8d813957de363387696f05af8a8889afa282ab5016a764c701a20758d39cbaf3
include $(INCLUDE_DIR)/package.mk
define Download/tzcode
FILE=$(PKG_SOURCE_CODE)
URL=$(PKG_SOURCE_URL)
- HASH:=47eff8944de4a64f7629b851e4a32338ab12c9b73edd62063795167ff1fe43da
+ HASH:=6cf050ba28e8053029d3f32d71341d11a794c6b5dd51a77fc769d6dae364fad5
endef
$(eval $(call Download,tzcode))
$(HOST_CONFIGURE_OPTS) \
CC="$(HOSTCC)" \
LD="\$$$$(CC)" \
- CPPFLAGS="$(HOST_CPPFLAGS) -DHAVE_SNPRINTF=1" \
+ CPPFLAGS="$(HOST_CPPFLAGS) -DHAVE_SNPRINTF=1 -DZIC_BLOAT_DEFAULT='\"fat\"'" \
LDFLAGS="$(HOST_LDFLAGS)" \
TOPDIR="$(PKG_INSTALL_DIR)" \
TZDIR="$(PKG_INSTALL_DIR)/zoneinfo" \