Adds support for acl_plugin, and acl_opt_* options.
acl_opt_* requires some care as it relies on the internal behaviour of
cfg_load setting environment variables in a certain form. However,
given that _all_ of the cfg_load infrastructure relies on that, we can
be pretty sure that it won't change in a way that will hurt us.
Originally reported as: https://github.com/openwrt/packages/pull/7434
Signed-off-by: Karl Palsson <karlp@etactica.com>
This is to correct the variable name CONFIGSTR in the export_bool
sub-routine: the variable in line 26 was written CONFIGSTRING instead
of CONFIGSTR.
Signed-off-by: Jean-Michel Lacroix <lacroix@lepine-lacroix.info>
Fixes compilation without deprecated OpenSSL APIs
Switched to codeload for simplicity and to fix package upgrades.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This prevents updates from failing if multiple instances of the
script are running in parallel. This fixes#7492.
Signed-off-by: Martin Konrad <info@martin-konrad.net>
Avoid specifying variables that are not specificy set in order to avoid breaking
drivers for which those variables do not exist. Closes: #7096.
As part of these fixes make sure we have all the variables we need. Closes: #7001.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Various path and permissions fixes to properly allow nut-server and nut-monitor to
start properly.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Serial drivers don't add much to main NUT and appear to be common,
so make it possible for users to use NUT with serial UPS drivers without
a custom build.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
The mechanism for making sure hotplug doesn't execute during forced shutdown
was interfering with initial start of hotplug script due to checking for path
that doesn't exist at initial start. This fixes that and closes#6966.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Leading zeroes left in ProductId results in some UPS hardware not being matched
by the hotplug script lead to bad permissions and driver not starting.
Closes: #6966
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
* support multiple WAN interfaces in iptables rules,
set 'ban_iface' option accordingly (as space separated list)
or use the LuCI frontend
* add new "refresh" mode while triggered by fw changes (no download)
* add required ip dependency
* fix wrong 'settype' definition for firehol1 in config
Signed-off-by: Dirk Brenken <dev@brenken.org>
This is to change the init script to a procd init script
This also enable some additional parameters in the binary that
were present but not enabled:
The export file (option export_file)
The import file (option import_file)
The daylog (option daylog_file)
These are disabled by default. Also, the option to run as a daemon
is removed, as not compatible with procd.
There is no change in the binary.
Signed-off-by: Jean-Michel Lacroix <lacroix@lepine-lacroix.info>
Switch to codeload for simplicity and easier package bumping.
Added dependency on pytz on build time as django-admin requires it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add to ubus the missing output information "policies" which could already
be observed with the command "mwan3 status".
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The source download storage contains a 0 byte version
of the webui-aria2 sources, which breaks buildbot.
Trigger a new download by bumping the version by a date.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Using the input chain can only limit the upload rate in local network.
Since to do the limit rate on both native and remote, we have to
replace the input hook with prerouting.
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(Added Makefile version bump)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.
Add interface triggers to catch dhcp events and restart as required.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
a new script based package called "banIP" to block
incoming & outgoing ip adresses/subnets via ipset.
Features:
* a shell script which uses ipset and iptables
to ban a large number of IP addresses
published in various IP blacklists (bogon, firehol etc.)
* support blocking by ASN numbers
* support blocking by iso country codes
* support local white & blacklist (IPv4, IPv6 & CIDR notation)
* auto-add unsuccessful ssh login attempts to local blacklist
* auto-add the uplink subnet to local whitelist
* per source configuration of SRC (incoming) and DST (outgoing)
* supports IPv4 & IPv6
Strong LuCI support:
* easy interface to track & change all aspects of your ipset
configuration on the fly
* integrated IPSet-Lookup
* integrated RIPE-Lookup
* Log-Viewer & online configuration of white- & blacklist
LuCI-Screenshots will follow in the second post.
Forum discussion:
https://forum.openwrt.org/t/banip-new-project-needs-testers-feedback/16985
Signed-off-by: Dirk Brenken <dev@brenken.org>