* enable code to support Turris Omnia forthcoming upstream change
(new kresd 'keep_cache' option) to preserve kresd DNS cache
* fix a 'status' race condition while the adblock process
is running in parallel
* various small speed improvements
* rework debug output
* refine blacklist handling
* enable the (empty) blacklist source in the default config
* email notification supports mstmp, even without sendmail symlink
* email notification writes minimal status to log (one-liner)
* LuCI: refine logfile search term
* LuCI: Textarea 'autoscroll down' in logfile view
* LuCI: Left-align blocklist source table plus a more compact design
Signed-off-by: Dirk Brenken <dev@brenken.org>
It's an option that is supposed to be fed by ss-manager. It can be
in the form of host:port or path to unix dgram socket. Drop it now with
the assumption that it has no real user at the moment
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
If we're built with CONFIG_LIGHTTPD_SSL then mod_openssl.so should
be included into the base package. Fixes issue #5343.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* corner case fix with multiple (partly disabled) radios
* LuCI: BSSID will be ignored by default in 'wireless add' dialog
* LuCI: Textarea 'autoscroll down' in logfile view
* LuCI: refine logfile search term
Signed-off-by: Dirk Brenken <dev@brenken.org>
Notable changes since 3.1.1
- 57ab828 fix possible use-after-free in ss-server
- 65e9d23 filter through acl first before doing sni detection
- b26cbc2 another attack on null ref
- d237a05 udprelay: fix off-by-one bug
- 0c3cf8b fix runtime TFO detection
- d445ea9 Linux 4.11 TFO socket option support
--no-delay is a new cmdline argument introduced in 3.1.0 to NOT turn off
TCP_NODELAY socket option, i.e. keeping it's default value without
setting it explicitly. This can be potentially useful for interactive
traffics
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* preserve DNS cache after adblock processing,
- 'unbound' and 'named' support this (please check readme)
- 'dnsmasq' now uses the 'servers-file' directive
to minimize the reload disruption,
even though the dns cache will be cleared after SIGHUP
- 'kresd' dns cache is persistent by upstream default, anyway
Turris Omnia devices need a small upstream software change
which is not accepted/implemented yet
* email notification in case of an error or domain count < n
(default 0, check readme)
* removed securemecca from default config (service has been closed)
* new separate functions for hash compare and list/overall count
* add missing package dependencies
* various clean-ups
* update documentation
Signed-off-by: Dirk Brenken <dev@brenken.org>
It will let reaver to save session file to cwd of the process instead of
/etc/reaver. This has the same effect as the old patch
0002-Use-the-current-directory-for-storing-and-loading-se.patch
which was removed in the transition to reaver-wps-t6x-fork
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This patch add's a new cmakefile which builds other cmakefiles and
simplifies the Makefile, also it renames the yang files so
sysrepoctl does not create duplicates.
Signed-off-by: Mislav Novakovic <mislav.novakovic@sartura.hr>
This pppd feature does not make sense in L2TP case because the
tunnel is already connected when xl2tpd launch pppd process. If
a dial-on-demand feature is to be implemented, trigger interface
would have to be provided by xl2tpd, not pppd.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
All of the bugs for which we had patches have been fixed upstream
in 1.4.46, so the patches can be dropped.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* limit sta interface selection/handling
to defined travelmate interface (trm_iface) only
* check eap capabilities and ignore enterprise uplinks
as long as eap support is not available
* documentation update
* cosmetics
* LuCI: various cleanups
Signed-off-by: Dirk Brenken <dev@brenken.org>
Add an enabled option for the service section, so you could keep your
configuration in place without apply this section on startup or service reload.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The arpa/nameser.h header of musl libc indirectly depends on the endian.h
header but fails to explicitely include it to properly define
`__BYTE_ORDER` and `__BIG_ENDIAN` prior to declaring the DNS `HEADER`
structure.
When both the appropriate `__BYTE_ORDER` and `__BIG_ENDIAN` defines are
unset, the `#if __BYTE_ORDER == __BIG_ENDIAN` condition in `nameser.h`
evaluates to true, causing it to declare a bad (big endian) DNS packet
header structure on little endian systems.
Work around this musl bug by forcibly passing `-include endian.h` through
the `osflags` file.
An upstream fix for musl libc has been submitted with
http://www.openwall.com/lists/musl/2017/12/04/3
This should solve iodine packet corruption on little endian musl systems
reported at
http://lists.infradead.org/pipermail/lede-dev/2017-November/010085.html
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to latest Git HEAD in order to solve a number of issues.
- Improves MAC address lookup reliability
- Properly counts DNAT-ed connections (e.g. for port forwards)
- Fixes stack corruption when parsing netlink records
- Fixes deletion of gzipped databases
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Remove build timestamp. Using currently proposed upstream patch.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Karl Palsson <karlp@etactica.com>
Can't use DEPENDS:= +libname when libname is now a virtual package.
Switch to plain DEPENDS:= libname.
Fixes Github issue 4751
Signed-off-by: Karl Palsson <karlp@etactica.com>