Use nft instead of iptables to open port 80 in the firewall when getting a
cert. Since nft doesn't allow deleting a rule by its contents, capture and
save the handle when creating the rule, and use that to delete.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
(cherry picked from commit d926da5182)
- Update 11 minor version to match the upstream
- Rename patches dir to reflect new gcc 11 minor version
- Drop upstream patch
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 4db8466a14)
This is based on the toolchain GCC, and aims to share as much of its
Makefile and patches with that definition. The package requires two
additional patches:
(1) 003-dont-choke-when-building-32bit-on-64bit.patch, which fixes the
`error: size of array 'test_real_width' is negative` error that occurs
when building a 32-bit GCC on a 64-bit host. (Search the Internet for
examples of this error appearing.)
(2) 980-add-nostdinc++.patch, which backports a fix from 11.3.0 (11.2.0
only).
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit ceaa6e840e)
luajit provides higher performance for requests handled in Lua hooks.
It also enables access to dnsdist functionality only exposed via FFI,
and allows configurations/hooks to call functions in any C library
without providing separate bindings.
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit 283b269c7c)
The postinst script is sourced during image build, which causes the
follow failure:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-x86_64_musl/root-x86/etc/init.d/lxc-auto: line 3: /lib/functions.sh: No such file or directory
postinst script ./usr/lib/opkg/info/lxc-auto.postinst has failed with exit code 1
Sourcing /lib/functions.sh is not needed, as /etc/rc.common does so
already. Unfortunately removing that line from the init script is not
enough to fix the problem. The postinst script should also check
IPKG_INSTROOT. As these two changes are unrelated, they should go in
separate commits, and the solution to the image build problem is to
revert the commit that introduced the breakage.
This reverts commit 2cde10b950.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 039912dec5)
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
originally committed in 2cde10b950
reverted in 039912dec5
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 7da7356539)
* the domain whitelist feature has been extended to free up multiple nested captive portal domains.
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 0ee0aa2b53)
1. Switched to use prebuilt web files to get rid of massive Node.js.
2. Increased nofile limitation to avoid "too many open files" error.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit d629a6f8b2)
Instead of waiting for interface to be up,
wait for it to have IPs, as this is what we need.
Also do not call procd_open_instance when not ready.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 1dd46bca62)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit e8f6600851)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Apply post-1.9.0 patch from upstream to fix a segfault.
savedptr can be NULL, so guard for that.
Fixes#18741
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit ab7a23102e)
Apply post-1.9.0 patch from upstream to fix the irq-->module
relation detection.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 358c2293fa)
Not every radio has also ubus support. Only query radios with ubus
functions.
Signed-off-by: Nick Hainke <vincent@systemli.org>
[fixup, call ubus.connect() once per scrape]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 0a07237514)
listen_ipv6 config option is removed and we now
listen on both ipv4 and ipv6 addresses.
HTTP keepalive is enabled and set to 70s by default.
With uhttpd-mod-lua there is a small change in behavior,
all code is loaded/parsed/executed once on startup as before,
but now each request is executed in his own fork, so we can't
keep a state between requests.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 60460f0046)
All current node_exporter netclass metrics will be available. This includes
speed metrics per lan port on supported DSA switches.
Signed-off-by: René Treffer <treffer@measite.de>
(cherry picked from commit a315c40b72)
Description:
Update from v16.15.0
Changed handling of host's npm problems due to npm updates.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit fcfd2599d9)
This fixes "too many open files" error caused by max-file limitation
when xray processes large traffic.
Reported-by: Terry Ding <terryding77@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit d98fd52865)
Includes fix for CVE-2022-30634 (crypto/rand: Read hangs when passed
buffer larger than 1<<32 - 1).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 112cf09031)