| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
The deletion of IP tunnels via the ioctl interface is broken; instead of
fixing the ioctl interface switch to the netlink based interface to delete
IP tunnel devices as this simplifies and unifies the code
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 8f82742ca4f47f459284f3a07323d04da72ea5f6)
|
|
|
|
|
|
|
|
| |
Move the DEV_EVENT_LINK_UP case to avoid messing with a fallthrough
Only restart members if the vlan check returns a positive result
Fixes: 85f01c44a950 ("bridge: check bridge port vlan membership on link-up events")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
When hostapd does a DFS channel switch, it tears down all vifs except for the
primary one, which causes them got get dropped from the device configuration
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
| |
When changing to a dfs channel, hostapd can bring down wlan interfaces and
reset their bridge membership. If that happens, the port loses its vlan
membership settings and needs to be reconfigured by netifd.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A recent commit changed the vlan chain handling to not treat devices with
non-digit characters after "." as vlan devices. This broke aliases, which
rely on names after the "." component.
Fix dealing with both cases by first trying to set up a vlan regardless
of the non-digit characters, but for the first component allow falling back
to treating the first two parts as a full device name
Fixes: 013a1171e9b0 ("device: do not treat devices with non-digit characters after . as vlan devices")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
| |
The avl key type for bridge vlans is uint16_t, so any lookup with a wider
type is going to fail on big-endian systems
This resulted in hotplug-added devices replacing configured member ports
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
When adding a member to an existing VLAN, it needs to be updated as well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Fixes corner cases related to AP WDS station interfaces
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
avoids running into ifname size limits
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Can be used to test the device hotplug handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Preparation for dealing with wifi per-station devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
defer adding back changed vlans until config processing is done
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
|
|
|
|
|
|
| |
This is useful for a dynamic VLAN setup, where extra tags need to be created
on the trunking port on demand
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
If the network ifname is a VLAN on top of a VLAN-filtering bridge, hostapd
needs to know the VLAN ifname to communicate with other APs, if 802.11r is enabled.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
This makes it possible to use dynamic tags without changing the configuration
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Interfaces need to be assigned to devices. For that purpose a "device"
option should be more accurate than "ifname" one.
For backward compatibility old option remains supported too.
Config example:
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config interface 'lan'
option device 'br-lan'
option proto 'static'
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
| |
Add the new 'band' option, which supports the following values: 2g, 5g, 6g, 60g
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
Instead of looking it up as a string, use uci_rename.
That way it works both on list and string options
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bridge aggregates multiple ports so use a more accurate name ("ports").
For backward compatibility add a temporary config translation.
Config example:
config interface 'lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
| |
config
On config reload, any vif entries in the config added to the vlist will be
matched against existing ones, and the old entries preserved.
This means that the vif pointer is no longer valid after vlist_add.
Look up the vif again before using it for vlan/station entries.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
| |
This can be used to support 802.1x on wired devices.
In order to use this, the device section for each port needing authentication
needs to contain the option auth 1
When set, this option prevents devices from being added to bridges or configured
with IP settings by default, until the set_state ubus call on network.device
sets "auth_status" to true for the device.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds the new configuration option `disabled` for the route
section, which can be used to temporarily disable the section so that
the route is not set. The advantage is that we do not have to delete
this route configuration section to achieve this.
config route
option disabled '1
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When unchecked the igmp snoop option for a bridge by luci, it
just delete the igmp_snooping key from the config file.
So netifd can't change /sys/devices/virtual/net/br-lan/bridge/multicast_snooping from "1" to "0".
Option multicast_querier seems no input entry in luci, but it's
an related option.
This patch will set a default value to false for the bridge
option to fix this bug.
Signed-off-by: Zheng Qian <sotux82@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add device options used by wpad in preparation of running hostapd and
wpa_supplicant non-root (and hence those options will need to be taken
care of by netifd as sysctl is root-only):
* drop_v4_unicast_in_l2_multicast
* drop_v6_unicast_in_l2_multicast
* drop_gratuitous_arp
* drop_unsolicited_na
* arp_accept
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
| |
Move system_set_sendredirects up to the other non-bridge-related sysctl
functions.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
| |
This allows to integrate external daemons that configure network devices with
netifd. At startup, netifd generates device handler stubs from descriptions in
/lib/netifd/extdev-config via the mechanism in handler.c. These are then added
to the list of device handlers. Device handlers stubs act as relays forwarding
calls against the device handler interface to the external daemon.
Signed-off-by: Arne Kappen <arne.kappen@hhi.fraunhofer.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Parse JSON files in a given directory and pass the information on to a callback
function for creation of an external device handler stub.
The description contains:
- 'name': the name of the device type,
- 'ubus_name': the name of the external device handler daemon on ubus,
- 'bridge': a flag indicating whether the devices are bridge-like,
- optionally 'br_prefix': a prefix for created devices
(only for bridge-like, defaults to type name),
- 'config': the UCI config options for devices of this type, and
- optionally 'info' and 'stats': the format of calls to info() and dump().
Signed-off-by: Arne Kappen <arne.kappen@hhi.fraunhofer.de>
|
|
|
|
| |
Signed-off-by: Arne Kappen <arne.kappen@hhi.fraunhofer.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to avoid a routing loop add an unreachable route for the
address prefix is the offlink flag is set for an address.
This fixes a routing loop which is currently present on point-to-point
links (e.g PPP) when the wan interface is assigned a globally unique
prefix (e.g. 2001:db8:1:0::/64) from which an IPv6 address is picked
and installed on the wan interface
(e.g. 2001:db8:1:0:5054:ff:feab:d87c/64)
The prefix route 2001:db8:1::/64 would be present in the routing table
which will route any packet with as destination 2001:db8:1::/64 to the wan
interface and would be routed back by the upstream router due to the
wan interface due to the assigned global unique prefix.
Besides not installing the prefix route 2001:db8:1::/64 on point-to-point links
adding an unreachable route is required to avoid the routing loop.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
| |
When using a global hostapd/wpa_supplicant instance, it should not be killed
if a single radio is torn down
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Need to check the type of the vlan device, not the underlying device
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
seg6_enabled - Bool
Accept or drop SR-enabled IPv6 packets on this interface.
More Information:
https://www.kernel.org/doc/html/latest/networking/seg6-sysctl.html
Now you can set as interface option
option ip6segmentrouting '1'
It is not enough to turn on "seg6_enabled" on the interface. Further,
we have to enable "/all/seg6_enabled". This means that a working config
is "interface + all".
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [style fixes]
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Example:
{
"network-device": {
"eth0": {
"macaddr": "bc:a5:11:16:76:d7"
}
}
}
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Mask flags against apply_mask only once instead of once per field
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
| |
This can be used to generate default network configurations that define
the lan/wan interfaces as vlandevs with custom names and specify the actual
VLAN ID only in the bridge-vlan section without repeating it elsewhere
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
| |
When netifd tries to add bridge members brought up by hostapd asynchronously
(e.g. after an autochannel run), the first try often fails with EBUSY or
EAGAIN, since it's racing against hostapd's own setup.
Add retry logic, which includes checking if the device was added to the
bridge in the meantime to deal with this issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
| |
force-external devices
We need to detect when devices are present, because they can be created
asynchronously by hostapd after they have already been added by the wifi
setup script
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When defining a bridge-vlan like this:
config bridge-vlan
option device 'switch0'
option vlan '1'
option ports 'lan1 lan2 lan3 lan4'
option alias 'lan'
You can use switch0.lan instead of switch0.1 to refer to the VLAN.
This ensures that the VLAN ID can be kept in a single place in the config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
On wireless interfaces, hostapd can sometimes defer the bringup of secondary
virtual interfaces until autochannel or coex scan completes.
Do not force the present state in that case in order to avoid attempting
to bring up the device before it is ready
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|