With growing interest, DNS over TLS can be setup in Unbounds foward-zone:
clause. A broader UCI solution is added to support forward-, stub-, and
auth- zone clauses in a new 'zone' section. This implentation required
reworking scripts, because they did not scale. 'forward_domain' and
'prefetch_root' options are removed, and superceded by 'zone' section.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
* no longer rename faulty uplinks in /etc/config/wireless, but save
uplink state in json runtime information. To reset the saved state
simply restart travelmate processing.
Signed-off-by: Dirk Brenken <dev@brenken.org>
Delay startup of p910nd to give devices more time to enumerate
Fixes issue #4752
Tested on mir3g
Signed-off-by: Francesco Molitierno <francyesc0@hotmail.it>
Selecting libcap in addition to mtr causes it to error with
Package mtr is missing dependencies for the following libraries:
libcap.so.2
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Notable Changes:
* New IRCv3.2 capabilities support on client and server side
* Increased max line lengths
* support for stripping color control codes
* various bug fixes
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[jonas.gorski: add notable changes, switch to 1.7.1]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Added compatibility with openssl 1.1, and also fixed a compiler
warning about implicit declaration.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Since certain characters are dangerous to pass as-is to a sub shell,
sanitize the character set and only allow characters that are considered
valid for DNS hosts and filter shell escape characters on generic parameters.
Disable pathname expansion on RUNPROG evals to disable the shell expanding *,
? and [ in the arguments.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
backend:
* add low priority mode (nice level 10), disabled by default
* enhance 'Force DNS' to redirect ports 53, 853 and 5353
frontend:
* switch to dynamic XHR polling for runtime information and logfile
viewing
* add new 'Refresh' button to reload blocklists
* various cleanups & small fixes
Signed-off-by: Dirk Brenken <dev@brenken.org>
OpenWrt changed the way the uci shell parsing functions deal with list
configuration items.
This change broke the generation of the privoxy runtime configuration
because no callbacks were emitted anymore.
Fix the problem by defining a list_cb() that simply calls the existing
option_cb() to deal with list item values.
Ref: c9c0fc28a9 ("base-files: fix UCI config parsing and callback handling")
Ref: https://forum.lede-project.org/t/openwrt-snapshot-privoxy-error/15919
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Currently the uwsgiconfig python script append some additional compilation flag based on the host system. This fix some problem related with this by hardcoding usgi_os variable to Linux
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Currently the nginx user for the default luci config is root... This is dangerous and unnecessary, reset it back to nobody nogroup.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Currently the socket file for uwsgi can be open only from root user, change this to permit other use to use it. (Needed for nginx to use uwsgi as nobody or dedicated user)
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
The spoofer client is part of a system to measure the Internet's resistance
to packets with a spoofed (forged) source IP address.
Signed-off-by: Ken Keys <kkeys@caida.org>
Ipsec user script (/etc/ipsec.user) now get called indirectly by openwrt
"/sbin/hotplug-call". So other packages could also install their scripts
in "/etc/hotplug.d/ipsec".
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Some package needs nginx as dependency this permit to use nginx-ssl and nginx-all-module as dep for them.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* Remove stray LICENSE file added to repo
* Use codeload instead of git
* Add proper (as close as possible) SPDX license
* Drop OpenSSL, PCRE and Libxml2 as dependencies
Makes it more suitable alternative for small flash devices
* Drop /etc/uwsgi as there's only one config file
* Remove stray /etc/nginx directory
* Reorganize configuration file
* Convert init.d script to use procd
* Hardset 3 threads and processes, seems like a good tradeoff
between performance and memory usage instead of doing
auto scaling based on amout of cpu cores/threads
Non-scientific benchmark (tm)
ramips, mt7621, WiTi Board 16/256M
1. 3 threads, 6 processes
2. 2 threads, 2 processes
3. 3 threads, 3 processes
- LuCI Main page
1.48s
1.72s
1.64s
- Status --> Firewall
6.24s
6.39s
6.40s
- Status --> Kernel log
266ms
256ms
251ms
- Network --> Firewall
936ms
1.08s
1.07s
- Network --> Wireless
1.39s
1.42s
1.40s
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Currently the uci-defaults scripts reset nginx config even it they are valid due to a bug in the if condition.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Undo previous commit that added an iconv hack. The problem was actually
fixed by including nls.mk in the mariadb package.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>