| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
WPA3 enterprise requires wpa_cipher to be GCMP-256 for good client/device
support, so if the user sets encryption to wpa3 or wpa3-mixed, then add
GCMP-256. Also allow explicit selection of GCMP-256/CCMP-256 ciphers by
adding gcmp256/ccmp256 at the end of the encryption value.
Signed-off-by: Joerg Werner <schreibubi@gmail.com>
|
| |
|
|
|
|
|
|
| |
hwmode should be set to 'ad' for 60g band.
Reported-by: herman@zeilsteenfilm.nl
Fixes: 62e3cb5 ("scripts/netifd-wireless.sh: add support for specifying the operating band")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
| |
instead of relying on hostapd to manipulate bridge attributes (which can race
against netifd adding/removing of member ports), set the proxyarp related
attributes in netifd directly when bringing up the member port
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
| |
If the network ifname is a VLAN on top of a VLAN-filtering bridge, hostapd
needs to know the VLAN ifname to communicate with other APs, if 802.11r is enabled.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
Add the new 'band' option, which supports the following values: 2g, 5g, 6g, 60g
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
| |
When using a global hostapd/wpa_supplicant instance, it should not be killed
if a single radio is torn down
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
| |
Support Hotspot 2.0 online signup with encryption, either as only
encryption type of a dedicated SSID or together with WPA-EAP for
single SSID setups.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
| |
This new section allows us to assign mac specific key/vid settings to a
station.
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
|
|
|
|
| |
This new section allows us to create apvlan settings for hostapd.
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The neighbor or neighbor6 network section makes neighbours
configurable via UCI or proto shell handlers. It allows to
install neighbor proxy entries or static neighbor entries
The neighbor or neighbor6 section has the following types:
interface : declares the logical OpenWrt interface
ipaddr : the ip address of the neighbor
mac : the mac address of the neighbor
proxy : specifies whether the neighbor ia a proxy
entry (can be 1 or 0)
router : specifies whether the neighbor is a router
(can be 1 or 0)
Signed-off-by: Alexander Meuris <meurisalexander@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
| |
This simple patch adds 802.11ad to hwmode list so that netifd-wireless.sh does not otherwise overwrite it with the default hwmode=g
Signed-off-by: Robert Marko <robimarko@gmail.com>
|
| |
|
|
|
|
|
|
| |
This patch will add support for using GCMP as cipher suite.
This is not a strong cipher but is only one supported by
wil6210 driver in order to have encrypted traffic.
Signed-off-by: Robert Marko <robimarko@gmail.com>
|
| |
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
| |
This adds PSK3 / SAE support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
| |
Actually change the glob pattern as described in the previous commit.
Fixes: 3c8ac1c ("netifd: fix wpa mixed mode matching")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Change wpa mixed mode matching to not accidently catch wep+mixed.
All documented cases have the character between {wpa,psk} and mixed as a
'-' but no need to break things which were working, so preserve the *
case.
Reported-by: "Rick Farina (Zero_Chaos)" <zerochaos@gentoo.org>
[Allow "psk-mixed" to be prefixed, to align with the *psk2* and *psk* cases,
slightly reword subject and commit message.]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
'noscan' can be passed down to wpa_supplicant to enforce channel
settings in mesh mode. Allow hostapd.sh to take care of it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
| |
The pid is in $1, not $pid.
Use proper test condition for nonmatching exe warning.
Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
|
| |
|
|
|
|
|
|
| |
Adding helpers for virtual interfaces generic options in ncm, qmi, mbim
and directip protocols as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html
Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Commit c6858766 added interface teardown support on layer 3 device link loss
mainly for shell protocols who have no proto task like xl2tp. However for
shell protocols having a proto task it is not always the correct action to
teardown the interface; as an example the PPP daemon can be put into
persist state trying to re-establish the link via a hold-off mechanism
if layer 3 link loss is detected.
Therefore shell handlers can enable via TEARDOWN_ON_L3_LINK_DOWN a proto
flag which will teardown the interface when layer 3 link loss is detected
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
We shall enforce the cipher for both, pairwise and group, thus change
the name of the variable to a more generic phrasing, 'cipher' instead
of 'pairwise'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Felix Fietkau <nbd@openwrt.org> [keep a copy for compatibility reasons]
|
| |
|
|
|
|
|
| |
This was caused by a faulty test for the isolate option (arithmetic on a
variable with no default)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
With this patch the multicast_to_unicast feature can be disabled for all
wireless interfaces via an according option on the uci bridge interface.
This patch also exports the setting information to wireless handler
scripts. The hostapd script will need that information to determine
whether to enable or disable ap-isolation, for instance.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All IGMP and MLD versions suffer from a specific limitation (from a
snooping switch perspective): Report suppression.
Once a listener hears an IGMPv2/3 or MLDv1 report for the same group
itself participates in then it might (if this listener is an IGMPv3 or
MLDv2 listener) or will (if this is an IGMPv1/2 or MLDv1 listener)
refrain from sending its own report.
Therefore we might currently miss such surpressing listeners as they
won't receive the multicast packet with the mangled, unicasted
destination.
Fixing this by first isolating the STAs and giving the bridge more
control over traffic forwarding. E.g. refraining to forward listener
reports to other STAs.
For broadcast and unicast traffic to an STA on the same AP, the hairpin
feature of the bridge will reflect such traffic back to the AP
interface. However, if the AP interface is actually configured to
isolate STAs, then hairpin is kept disabled.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a new config parameter "no-proto-task" for noting that no
proto_task will be running for this protocol type. This is required
since then change in commit "d0dcf74 proto-shell: retry setup if the
proto handler script quits without changing the state or starting a
process".
The change is mainly for protocols like xl2tpd in which control commands
are sent to another daemon xl2tpd to start L2TP negotiation and pppd
process who is not under netifd's control as proto_task as is the case
in other ppp related protocols like pppoe, pptp, etc.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds interface last error support which preserves the last reported
error reported by the protocol handler till the interface is up;
e.g. survives network reload and interface restarts.
This is mainly usefull for tracking down why an interface fails
to establish; eg auth failure/traffic limit for PPP interfaces
Protocol handlers register last error support by setting lasterror=1
in the proto_init function
Signed-off-by: Johan Peeters <johan.peeters111@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
| |
Signed-off-by: Steven Barth <steven@midlink.org>
|
| | |
|
| |
|
|
| |
Signed-off-by: Steven Barth <steven@midlink.org>
|
| |
|
|
| |
Signed-off-by: Steven Barth <steven@midlink.org>
|
| |
|
|
|
|
|
|
|
| |
proto_add_ipv4_route(). This is useful with for example DHCP in a multihomed
scenario, as it provides an easy way to match default routes with the correct IP
address. One use case for this are applications that monitor the state of the
WAN port, and the WAN port is assigned multiple addresses.
Signed-off-by: Kristian Evensen <kristian.evensen at gmail.com>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
|
|
|
|
|
|
| |
Introduce a new device event "topology change" that gets signaled
by bridges on adding/removing members.
On "topology changes" the proto handlers are requested to "renew"
which is most useful for DHCP.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| | |
|
| |
|
|
|
|
| |
config_add_*
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
