Re: [LEDE-DEV] tagged vlans on a TP-Link 841n v9

2017-06-19 Thread yanosz 
Hello,

here we go - the system is no longer reachable using IPv6 link local or
192.168.1.1.

I changed the swtich configuration, only.

Screenshot:
http://jluehr.de/owncloud/index.php/s/DtjWvXzhQV30FbM

/etc/config/network

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd92:ca4c:8920::/48'

config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'

config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'

config interface 'wan6'
option ifname 'eth1'
option proto 'dhcpv6'

config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'

config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 4'
option vid '1'

config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 1t 2t 3t 4t'
option vid '23'


Am 06/19/2017 um 09:03 AM schrieb Jo-Philipp Wich:
> Hi.
> 
> Please make a screenshot of your settings or paste the generated 
> /etc/config/network here.
> 
> Also consider doing the switch config via wireless, this allows for simpler 
> recovery after a config mistake.
> 
> ~ Jo
> 
> ___
> Lede-dev mailing list
> Lede-dev@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/lede-dev
> 

-- 
For those of you without hope, we have rooms with color TV,
cable and air conditioning

___
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev

Re: [LEDE-DEV] tagged vlans on a TP-Link 841n v9

2017-06-19 Thread yanosz 
Hello,


Am 06/19/2017 um 09:14 AM schrieb Mikael Bak:
> Hi,
> 
> On 2017-06-19 08:52, yanosz wrote:
>> Hei folks,
>>
>> I've some issues setting up a tagged vlan on a TP-Link 841n v9 router.
>> The vlan (tag 23) should spawn all ports (lan, wan) having a dedictated
>> interface.
>>
>> For doing so in luci I add a new vlan, name it 23 and enable all
>> drop-down boxes (incl. cpu) as checked.
>>
>> After applying, the system becomes unreachable (v4, v6) on any interface.
>>
>> What's wrong here? How can I enable the vlan?
>>
> 
> On my 841n (v10) the WAN port is not part of the switch and thus cannot
> be used as a trunk port. Perhaps this is true for v9 too.
> 
> You should however be able to configure one of the LAN ports to act as
> WAN and carry VLAN23. In this case the real WAN port is useless.

Yes, guess you're right. Anyway, it ought to be possible to defined
tagged vlan on both interfaces and bridge 'em afterwards - isn't it?

Greetz.

-- 
For those of you without hope, we have rooms with color TV,
cable and air conditioning



signature.asc
Description: OpenPGP digital signature
___
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev

Re: [LEDE-DEV] [PATCH] build: add V=e option for extended build info

2017-06-19 Thread Felix Fietkau 
On 2017-06-18 21:06, Matthew McClintock wrote:
> On Sat, Jun 17, 2017 at 7:35 AM, Felix Fietkau  wrote:
>> On 2017-06-16 20:58, Matthew McClintock wrote:
>>> This will output when a job starts and stops:
>>>
>>> $ make -j24 V=e
>>> [ snip ]
>>>  make[3] -C package/network/config/firewall compile
>>>  make -r -C package/network/config/firewall 
>>> BUILD_SUBDIR=package/network/config/firewall BUILD_VARIANT= compile finished
>>>
>>> It's quite useful for debugging parallel builds to see what actually
>>> failed without having to re-run -j1 V=s when the issue may not occur at
>>> all.
>>>
>>> Signed-off-by: Matthew McClintock 
>> I think this is a good idea. Could you please make the following changes
>> to it:
>>
>> - clean up the "make ... finished" part to look like the earlier msg
>> that indicated the start of the build. Preferably both should indicate
>> which build variant is being used (where present).
>>
>> - print the "make ... failed" message by default
> 
> How about this? Print a started, and always print the finished message.
> 
>  make -r -C package/network/config/firewall
> BUILD_SUBDIR=package/network/config/firewall BUILD_VARIANT= compile
> started
>  make[3] -C package/network/config/firewall compile
>  make -r -C package/network/config/firewall
> BUILD_SUBDIR=package/network/config/firewall BUILD_VARIANT= compile
> finished
> 
> SUBMAKE:=cmd() { printf "$(_Y) make $$* started$(_N)\n" >&8; $(MAKE)
> $$* || { printf "$(_Y) make $$* failed$(_N)\n" >&8; false; }; printf
> "$(_Y) make $$* finished$(_N)\n" >&8; }; cmd
Looks a bit ugly. I'd prefer a filtered version that shows the essential
parts in a more concise way.

- Felix

___
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev

Re: [LEDE-DEV] [PATCH v3] dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53

2017-06-19 Thread Ben Pfountz 
I tested this patch with a standard install, as well as with noresolv=1 
and 2 servers configured with opendns, and it worked fine. 
/etc/resolv.conf still correctly listed 127.0.0.1 and ::1 as the local 
nameserver.


Ben

On 6/19/2017 6:16 AM, Paul Oranje wrote:

this patch has been resend with corrected title (not "if", but "iff")
sorry for the spamming


Op 18 jun. 2017, om 09:46 heeft Paul Oranje  het volgende 
geschreven:

With this patch the dnsmasq init script manages resolv.conf if and only if
when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance).
Also adds ::1 to the resolver file.

For unbound a likewise patch exists (PR#4454).
Fixes (combined with the unbound PR) FS#785

Signed-off-by: Paul Oranje 
---
The intended invariant is that resolv.conf is managed whenever a resolver
listens on 127.0.0.1#53. Besides dnsmasq, unbound can take that role as well
(but only when dnsmasq is not already listens on 127.0.0.1#53).
When no instance of dnsmasq has been configured to listen on 127.0.0.1#53 then
resolv.conf is not touched by dnsmasq.

Currently unbound handles resolv.conf also, but leaves it to dnsmasq whenever
that will run, even when no dnsmasq instance will listen on localhost:53. So
for unbound PR#4454  has been submitted to make sure it always manages
resov.conf when it owns localhost:domain.


Tests performed:

- with/without unbound, dhcp linkages none and dnsmasq
- dnsmasq listens on #53, not #53 (dnsmasq takes precedence when also on #53)
- listen on localhost, not localhost
- noresolv false and true
- one/multiple dnsmasq instances (useless combinations are omitted in testing)

single dnsmasq instance
standard setup
==> dnsmasq manages resolv.conf

two dnsmasq instances, each serving another LAN
both dnsmasq on #53
dnsmasq-2 notinterface loopback
==> dnsmasq-1 manages resolv.conf

two dnsmasq unstances and unbound (dhcp_link: none, one dnsmasq behind ubound)
both dnsmasq on #53
dnsmasq-2 on #53, notinterface loopback
noresolv true and server 127.0.0.1#1053
unbound on #1053
==> dnsmasq-1 manages resolv.conf

two dnsmasq instances and unbound (dhcp_link: dnsmasq)
dnsmasq-1 on #1053, noresolv true
dnsmasq-2 on #2053, noresolv true
unbound on #53
forward LAN1 to 127.0.0.1#1053, forward LAN2 to 127.0.0.1#2053
==> unbound manages resolv.conf

on init stops resolv.conf is reset to the auto resolvfile.


History:
v1 -> v2corrected synxtax error
increased PKG_RELEASE
v2  reverted with commit 8180bbac7c237a31bd6e06c63e342c72342b7303
v3  corected errors, setup/teardown routines and thoroughly tested

Paul


package/network/services/dnsmasq/Makefile  |  2 +-
.../network/services/dnsmasq/files/dnsmasq.init| 79 +++---
2 files changed, 55 insertions(+), 26 deletions(-)

diff --git a/package/network/services/dnsmasq/Makefile 
b/package/network/services/dnsmasq/Makefile
index f9ab13aef0..35ac6b2891 100644
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

PKG_NAME:=dnsmasq
PKG_VERSION:=2.77
-PKG_RELEASE:=3
+PKG_RELEASE:=4

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
diff --git a/package/network/services/dnsmasq/files/dnsmasq.init 
b/package/network/services/dnsmasq/files/dnsmasq.init
index d5177ecb0c..2a4d7b2239 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -707,9 +707,51 @@ dhcp_relay_add() {
fi
}

+_resolv_setup()
+{
+   local cfg="$1"
+   local port notinterfaces
+
+   config_get port "$cfg" port "53"
+   [ $port = "53" ] || return
+
+   config_get notinterfaces "$cfg" notinterface ""
+   [ -n "$notinterfaces" ] && list_contains notinterfaces "loopback" && 
return
+
+   # dnsmasq instance is designated to listen on 127.0.0.1#53.
+   # rewrite /tmp/resolv.conf
+   rm -f /tmp/resolv.conf
+   {
+   echo "# /tmp/resolv.conf generated by dnsmasq $cfg $( date )"
+   [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
+   echo "search $DOMAIN"
+   }
+   DNS_SERVERS="$DNS_SERVERS 127.0.0.1 ::1"
+   for DNS_SERVER in $DNS_SERVERS ; do
+   echo "nameserver $DNS_SERVER"
+   done
+   } > /tmp/resolv.conf
+
+   return
+}
+
+_resolv_teardown()
+{
+   cfg="$1"
+
+   case $( cat /tmp/resolv.conf ) in
+   *"generated by dnsmasq $cfg"*)
+   # resolv.conf was written by this instance,
+   # reset /tmp/resolv.conf to default.
+   [ -f /tmp/resolv.conf ] && rm -f /tmp/resolv.conf
+   ln -s /tmp/resolv.conf.auto /tmp/resolv.conf
+   ;;
+   esac
+}
+
dnsmasq_start()
{
-   local cfg="$1"

[LEDE-DEV] [PATCH procd] watchdog: add support for starting/stopping kernel watchdog

2017-06-19 Thread Hans Dedecker 
Extend the ubus watchdog cmd with the parameter magicclose; when set and
in case the stopped parameter is enabled the kernel watchdog will be stopped
by first sending the magic character 'V' followed by a close of the watchdog
fd. In case stopped is set to disabled the watchdog fd will be created again.

Signed-off-by: Hans Dedecker 
---
 system.c   |  6 +
 watchdog.c | 76 +++---
 watchdog.h | 10 +
 3 files changed, 74 insertions(+), 18 deletions(-)

diff --git a/system.c b/system.c
index 4bbceee..a5d197e 100644
--- a/system.c
+++ b/system.c
@@ -245,6 +245,7 @@ static int system_reboot(struct ubus_context *ctx, struct 
ubus_object *obj,
 enum {
WDT_FREQUENCY,
WDT_TIMEOUT,
+   WDT_MAGICCLOSE,
WDT_STOP,
__WDT_MAX
 };
@@ -252,6 +253,7 @@ enum {
 static const struct blobmsg_policy watchdog_policy[__WDT_MAX] = {
[WDT_FREQUENCY] = { .name = "frequency", .type = BLOBMSG_TYPE_INT32 },
[WDT_TIMEOUT] = { .name = "timeout", .type = BLOBMSG_TYPE_INT32 },
+   [WDT_MAGICCLOSE] = { .name = "magicclose", .type = BLOBMSG_TYPE_BOOL },
[WDT_STOP] = { .name = "stop", .type = BLOBMSG_TYPE_BOOL },
 };
 
@@ -286,6 +288,9 @@ static int watchdog_set(struct ubus_context *ctx, struct 
ubus_object *obj,
 watchdog_timeout(timeout);
}
 
+   if (tb[WDT_MAGICCLOSE])
+   watchdog_set_magicclose(blobmsg_get_bool(tb[WDT_MAGICCLOSE]));
+
if (tb[WDT_STOP])
watchdog_set_stopped(blobmsg_get_bool(tb[WDT_STOP]));
 
@@ -300,6 +305,7 @@ static int watchdog_set(struct ubus_context *ctx, struct 
ubus_object *obj,
blobmsg_add_string(, "status", status);
blobmsg_add_u32(, "timeout", watchdog_timeout(0));
blobmsg_add_u32(, "frequency", watchdog_frequency(0));
+   blobmsg_add_u8(, "magicclose", watchdog_get_magicclose());
ubus_send_reply(ctx, req, b.head);
 
return 0;
diff --git a/watchdog.c b/watchdog.c
index 780b321..97c8337 100644
--- a/watchdog.c
+++ b/watchdog.c
@@ -31,6 +31,7 @@
 static struct uloop_timeout wdt_timeout;
 static int wdt_fd = -1;
 static int wdt_frequency = 5;
+static bool wdt_magicclose = false;
 
 void watchdog_ping(void)
 {
@@ -45,12 +46,66 @@ static void watchdog_timeout_cb(struct uloop_timeout *t)
uloop_timeout_set(t, wdt_frequency * 1000);
 }
 
+static int watchdog_open(bool cloexec)
+{
+   char *env = getenv("WDTFD");
+
+   if (wdt_fd >= 0)
+   return wdt_fd;
+
+   if (env) {
+   DEBUG(2, "Watchdog handover: fd=%s\n", env);
+   wdt_fd = atoi(env);
+   unsetenv("WDTFD");
+   } else {
+   wdt_fd = open(WDT_PATH, O_WRONLY);
+   }
+
+   if (wdt_fd < 0)
+   return wdt_fd;
+
+   if (cloexec)
+   fcntl(wdt_fd, F_SETFD, fcntl(wdt_fd, F_GETFD) | FD_CLOEXEC);
+
+   return wdt_fd;
+}
+
+static void watchdog_close(void)
+{
+   if (wdt_fd < 0)
+   return;
+
+   if (write(wdt_fd, "V", 1) < 0)
+   ERROR("WDT failed to write release: %s\n", strerror(errno));
+
+   if (close(wdt_fd) == -1)
+   ERROR("WDT failed to close watchdog: %s\n", strerror(errno));
+
+   wdt_fd = -1;
+}
+
+void watchdog_set_magicclose(bool val)
+{
+   wdt_magicclose = val;
+}
+
+bool watchdog_get_magicclose(void)
+{
+   return wdt_magicclose;
+}
+
 void watchdog_set_stopped(bool val)
 {
-   if (val)
+   if (val) {
uloop_timeout_cancel(_timeout);
-   else
+
+   if (wdt_magicclose)
+   watchdog_close();
+   }
+   else {
+   watchdog_open(true);
watchdog_timeout_cb(_timeout);
+   }
 }
 
 bool watchdog_get_stopped(void)
@@ -98,26 +153,11 @@ char* watchdog_fd(void)
 
 void watchdog_init(int preinit)
 {
-   char *env = getenv("WDTFD");
-
-   if (wdt_fd >= 0)
-   return;
-
wdt_timeout.cb = watchdog_timeout_cb;
-   if (env) {
-   DEBUG(2, "Watchdog handover: fd=%s\n", env);
-   wdt_fd = atoi(env);
-   unsetenv("WDTFD");
-   } else {
-   wdt_fd = open("/dev/watchdog", O_WRONLY);
-   }
 
-   if (wdt_fd < 0)
+   if (watchdog_open(!preinit) < 0)
return;
 
-   if (!preinit)
-   fcntl(wdt_fd, F_SETFD, fcntl(wdt_fd, F_GETFD) | FD_CLOEXEC);
-
LOG("- watchdog -\n");
watchdog_timeout(30);
watchdog_timeout_cb(_timeout);
diff --git a/watchdog.h b/watchdog.h
index 3c4a487..fd9aed2 100644
--- a/watchdog.h
+++ b/watchdog.h
@@ -22,6 +22,8 @@ void watchdog_init(int preinit);
 char* watchdog_fd(void);
 int watchdog_timeout(int timeout);
 int watchdog_frequency(int frequency);
+void watchdog_set_magicclose(bool val);
+bool watchdog_get_magicclose(void);
 void watchdog_set_stopped(bool val);
 bool

[LEDE-DEV] [PATCH v3] dnsmasq: manage resolv.conf iff when listening on 127.0.0.1#53

2017-06-19 Thread Paul Oranje 
With this patch the dnsmasq init script manages resolv.conf if and only if
when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance).
Also adds ::1 to the resolver file.

For unbound a likewise patch exists (PR#4454).
Fixes (combined with the unbound PR) FS#785

Signed-off-by: Paul Oranje 
---
The intended invariant is that resolv.conf is managed whenever a resolver
listens on 127.0.0.1#53. Besides dnsmasq, unbound can take that role as well 
(but only when dnsmasq is not already listens on 127.0.0.1#53).
When no instance of dnsmasq has been configured to listen on 127.0.0.1#53 then
resolv.conf is not touched by dnsmasq.

Currently unbound handles resolv.conf also, but leaves it to dnsmasq whenever
that will run, even when no dnsmasq instance will listen on localhost:53. So
for unbound PR#4454  has been submitted to make sure it always manages
resov.conf when it owns localhost:domain.


Tests performed:

- with/without unbound, dhcp linkages none and dnsmasq
- dnsmasq listens on #53, not #53 (dnsmasq takes precedence when also on #53)
- listen on localhost, not localhost
- noresolv false and true
- one/multiple dnsmasq instances (useless combinations are omitted in testing)

single dnsmasq instance
standard setup
==> dnsmasq manages resolv.conf

two dnsmasq instances, each serving another LAN
both dnsmasq on #53
dnsmasq-2 notinterface loopback
==> dnsmasq-1 manages resolv.conf

two dnsmasq unstances and unbound (dhcp_link: none, one dnsmasq behind ubound)
both dnsmasq on #53
dnsmasq-2 on #53, notinterface loopback
noresolv true and server 127.0.0.1#1053
unbound on #1053
==> dnsmasq-1 manages resolv.conf

two dnsmasq instances and unbound (dhcp_link: dnsmasq)
dnsmasq-1 on #1053, noresolv true
dnsmasq-2 on #2053, noresolv true
unbound on #53
forward LAN1 to 127.0.0.1#1053, forward LAN2 to 127.0.0.1#2053
==> unbound manages resolv.conf

on stops resolv.conf is reset to the auto resolvfile.


History:
v1 -> v2corrected synxtax error
increased PKG_RELEASE
v2  reverted with commit 8180bbac7c237a31bd6e06c63e342c72342b7303
v3  rewritten and thoroughly tested
corrected title ("iff", i.e. if and only if, i.s.o. "if")

Paul

---
 package/network/services/dnsmasq/Makefile  |  2 +-
 .../network/services/dnsmasq/files/dnsmasq.init| 79 +++---
 2 files changed, 55 insertions(+), 26 deletions(-)

diff --git a/package/network/services/dnsmasq/Makefile 
b/package/network/services/dnsmasq/Makefile
index f9ab13aef0..35ac6b2891 100644
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dnsmasq
 PKG_VERSION:=2.77
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
diff --git a/package/network/services/dnsmasq/files/dnsmasq.init 
b/package/network/services/dnsmasq/files/dnsmasq.init
index d5177ecb0c..2a4d7b2239 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -707,9 +707,51 @@ dhcp_relay_add() {
fi
 }
 
+_resolv_setup()
+{
+   local cfg="$1"
+   local port notinterfaces
+
+   config_get port "$cfg" port "53"
+   [ $port = "53" ] || return
+
+   config_get notinterfaces "$cfg" notinterface ""
+   [ -n "$notinterfaces" ] && list_contains notinterfaces "loopback" && 
return
+
+   # dnsmasq instance is designated to listen on 127.0.0.1#53.
+   # rewrite /tmp/resolv.conf
+   rm -f /tmp/resolv.conf
+   {
+   echo "# /tmp/resolv.conf generated by dnsmasq $cfg $( date )"
+   [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
+   echo "search $DOMAIN"
+   }
+   DNS_SERVERS="$DNS_SERVERS 127.0.0.1 ::1"
+   for DNS_SERVER in $DNS_SERVERS ; do
+   echo "nameserver $DNS_SERVER"
+   done
+   } > /tmp/resolv.conf
+
+   return
+}
+
+_resolv_teardown()
+{
+   cfg="$1"
+
+   case $( cat /tmp/resolv.conf ) in
+   *"generated by dnsmasq $cfg"*)
+   # resolv.conf was written by this instance,
+   # reset /tmp/resolv.conf to default.
+   [ -f /tmp/resolv.conf ] && rm -f /tmp/resolv.conf
+   ln -s /tmp/resolv.conf.auto /tmp/resolv.conf
+   ;;
+   esac
+}
+
 dnsmasq_start()
 {
-   local cfg="$1" disabled resolvfile user_dhcpscript
+   local cfg="$1" disabled noresolv resolvfile user_dhcpscript
 
config_get_bool disabled "$cfg" disabled 0
[ "$disabled" -gt 0 ] && return 0
@@ -785,7 +827,6 @@ dnsmasq_start()
append_bool "$cfg" nonegcache "--no-negcache"
append_bool "$cfg" strictorder "--strict-order"
append_bool "$cfg" logqueries

Re: [LEDE-DEV] [PATCH v3] dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53

2017-06-19 Thread Paul Oranje 
this patch has been resend with corrected title (not "if", but "iff")
sorry for the spamming

> Op 18 jun. 2017, om 09:46 heeft Paul Oranje  het volgende 
> geschreven:
> 
> With this patch the dnsmasq init script manages resolv.conf if and only if
> when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance).
> Also adds ::1 to the resolver file.
> 
> For unbound a likewise patch exists (PR#4454).
> Fixes (combined with the unbound PR) FS#785
> 
> Signed-off-by: Paul Oranje 
> ---
> The intended invariant is that resolv.conf is managed whenever a resolver
> listens on 127.0.0.1#53. Besides dnsmasq, unbound can take that role as well 
> (but only when dnsmasq is not already listens on 127.0.0.1#53).
> When no instance of dnsmasq has been configured to listen on 127.0.0.1#53 then
> resolv.conf is not touched by dnsmasq.
> 
> Currently unbound handles resolv.conf also, but leaves it to dnsmasq whenever
> that will run, even when no dnsmasq instance will listen on localhost:53. So
> for unbound PR#4454  has been submitted to make sure it always manages
> resov.conf when it owns localhost:domain.
> 
> 
> Tests performed:
> 
> - with/without unbound, dhcp linkages none and dnsmasq
> - dnsmasq listens on #53, not #53 (dnsmasq takes precedence when also on #53)
> - listen on localhost, not localhost
> - noresolv false and true
> - one/multiple dnsmasq instances (useless combinations are omitted in testing)
> 
> single dnsmasq instance
>standard setup
> ==> dnsmasq manages resolv.conf
> 
> two dnsmasq instances, each serving another LAN
>both dnsmasq on #53
>dnsmasq-2 notinterface loopback
> ==> dnsmasq-1 manages resolv.conf
> 
> two dnsmasq unstances and unbound (dhcp_link: none, one dnsmasq behind ubound)
>both dnsmasq on #53
>dnsmasq-2 on #53, notinterface loopback
>noresolv true and server 127.0.0.1#1053
>unbound on #1053
> ==> dnsmasq-1 manages resolv.conf
> 
> two dnsmasq instances and unbound (dhcp_link: dnsmasq)
>dnsmasq-1 on #1053, noresolv true
>dnsmasq-2 on #2053, noresolv true
>unbound on #53
>forward LAN1 to 127.0.0.1#1053, forward LAN2 to 127.0.0.1#2053
> ==> unbound manages resolv.conf
> 
> on init stops resolv.conf is reset to the auto resolvfile.
> 
> 
> History:
> v1 -> v2corrected synxtax error
>   increased PKG_RELEASE
> v2reverted with commit 8180bbac7c237a31bd6e06c63e342c72342b7303
> v3corected errors, setup/teardown routines and thoroughly tested
> 
> Paul
> 
> 
> package/network/services/dnsmasq/Makefile  |  2 +-
> .../network/services/dnsmasq/files/dnsmasq.init| 79 +++---
> 2 files changed, 55 insertions(+), 26 deletions(-)
> 
> diff --git a/package/network/services/dnsmasq/Makefile 
> b/package/network/services/dnsmasq/Makefile
> index f9ab13aef0..35ac6b2891 100644
> --- a/package/network/services/dnsmasq/Makefile
> +++ b/package/network/services/dnsmasq/Makefile
> @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
> 
> PKG_NAME:=dnsmasq
> PKG_VERSION:=2.77
> -PKG_RELEASE:=3
> +PKG_RELEASE:=4
> 
> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
> PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
> diff --git a/package/network/services/dnsmasq/files/dnsmasq.init 
> b/package/network/services/dnsmasq/files/dnsmasq.init
> index d5177ecb0c..2a4d7b2239 100644
> --- a/package/network/services/dnsmasq/files/dnsmasq.init
> +++ b/package/network/services/dnsmasq/files/dnsmasq.init
> @@ -707,9 +707,51 @@ dhcp_relay_add() {
>   fi
> }
> 
> +_resolv_setup()
> +{
> + local cfg="$1"
> + local port notinterfaces
> +
> + config_get port "$cfg" port "53"
> + [ $port = "53" ] || return
> +
> + config_get notinterfaces "$cfg" notinterface ""
> + [ -n "$notinterfaces" ] && list_contains notinterfaces "loopback" && 
> return
> +
> + # dnsmasq instance is designated to listen on 127.0.0.1#53.
> + # rewrite /tmp/resolv.conf
> + rm -f /tmp/resolv.conf
> + {
> + echo "# /tmp/resolv.conf generated by dnsmasq $cfg $( date )"
> + [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
> + echo "search $DOMAIN"
> + }
> + DNS_SERVERS="$DNS_SERVERS 127.0.0.1 ::1"
> + for DNS_SERVER in $DNS_SERVERS ; do
> + echo "nameserver $DNS_SERVER"
> + done
> + } > /tmp/resolv.conf
> +
> + return
> +}
> +
> +_resolv_teardown()
> +{
> + cfg="$1"
> +
> + case $( cat /tmp/resolv.conf ) in
> + *"generated by dnsmasq $cfg"*)
> + # resolv.conf was written by this instance,
> + # reset /tmp/resolv.conf to default.
> + [ -f /tmp/resolv.conf ] && rm -f /tmp/resolv.conf
> + ln -s /tmp/resolv.conf.auto /tmp/resolv.conf
> + ;;
> + esac
> +}
> +
> dnsmasq_start()
> {
> - local cfg="$1" disabled resolvfile user_dhcpscript
> + local cfg="$1" disabled

[LEDE-DEV] tagged vlans on a TP-Link 841n v9

2017-06-19 Thread yanosz 
Hei folks,

I've some issues setting up a tagged vlan on a TP-Link 841n v9 router.
The vlan (tag 23) should spawn all ports (lan, wan) having a dedictated
interface.

For doing so in luci I add a new vlan, name it 23 and enable all
drop-down boxes (incl. cpu) as checked.

After applying, the system becomes unreachable (v4, v6) on any interface.

What's wrong here? How can I enable the vlan?

Thanks,
Greetz, yanosz
-- 
For those of you without hope, we have rooms with color TV,
cable and air conditioning

___
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev

[LEDE-DEV] [PATCH] busybox: backport 'ip rule suppress_{prefixlength, ifgroup}'

2017-06-19 Thread Stefan Tomanek 
This is a backport from the busybox repository
(192dce4b84fb32346ebc5194de7daa5da3b8d1b4); it enables the use of the
suppress_{prefixlength,ifgroup} flags for policy routing rules.

Signed-off-by: Stefan Tomanek 
---
 .../302-ip-rule-add-suppress-prefixlength.patch| 150 +
 1 file changed, 150 insertions(+)
 create mode 100644 
package/utils/busybox/patches/302-ip-rule-add-suppress-prefixlength.patch

diff --git 
a/package/utils/busybox/patches/302-ip-rule-add-suppress-prefixlength.patch 
b/package/utils/busybox/patches/302-ip-rule-add-suppress-prefixlength.patch
new file mode 100644
index 000..1555f63
--- /dev/null
+++ b/package/utils/busybox/patches/302-ip-rule-add-suppress-prefixlength.patch
@@ -0,0 +1,150 @@
+From dbac30c3784c267bbe44a2a3ebed4e827c8fe82a Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek 
+Date: Tue, 13 Jun 2017 19:06:09 +0200
+Subject: [PATCH] ip rule: add suppress_{prefixlength,ifgroup} options
+
+(cherry-picked from 192dce4b84fb32346ebc5194de7daa5da3b8d1b4)
+
+function old new   delta
+iprule_modify816 887 +71
+print_rule   610 680 +70
+--
+(add/remove: 0/0 grow/shrink: 2/0 up/down: 141/0) Total: 141 bytes
+
+Signed-off-by: Stefan Tomanek 
+Signed-off-by: Denys Vlasenko 
+---
+ networking/libiproute/iprule.c | 73 ++
+ 1 file changed, 46 insertions(+), 27 deletions(-)
+
+diff --git a/networking/libiproute/iprule.c b/networking/libiproute/iprule.c
+index 8f3f862..1bb5e75 100644
+--- a/networking/libiproute/iprule.c
 b/networking/libiproute/iprule.c
+@@ -17,25 +17,32 @@
+ #include 
+ #include 
+ 
++/* from : */
++#define FRA_SUPPRESS_IFGROUP   13
++#define FRA_SUPPRESS_PREFIXLEN 14
++
+ #include "ip_common.h"  /* #include "libbb.h" is inside */
+ #include "rt_names.h"
+ #include "utils.h"
+ 
+-/*
+-static void usage(void) __attribute__((noreturn));
+-
+-static void usage(void)
+-{
+-  fprintf(stderr, "Usage: ip rule [ list | add | del ] SELECTOR 
ACTION\n");
+-  fprintf(stderr, "SELECTOR := [ from PREFIX ] [ to PREFIX ] [ tos TOS ] 
[ fwmark FWMARK ]\n");
+-  fprintf(stderr, "[ dev STRING ] [ pref NUMBER ]\n");
+-  fprintf(stderr, "ACTION := [ table TABLE_ID ] [ nat ADDRESS ]\n");
+-  fprintf(stderr, "  [ prohibit | reject | unreachable ]\n");
+-  fprintf(stderr, "  [ realms [SRCREALM/]DSTREALM ]\n");
+-  fprintf(stderr, "TABLE_ID := [ local | main | default | NUMBER ]\n");
+-  exit(-1);
+-}
+-*/
++/* If you add stuff here, update iprule_full_usage */
++static const char keywords[] ALIGN1 =
++  "from\0""to\0""preference\0""order\0""priority\0"
++  "tos\0""fwmark\0""realms\0""table\0""lookup\0"
++  "suppress_prefixlength\0""suppress_ifgroup\0"
++  "dev\0""iif\0""nat\0""map-to\0""type\0""help\0"
++  ;
++#define keyword_preference(keywords   + sizeof("from") + 
sizeof("to"))
++#define keyword_fwmark(keyword_preference + 
sizeof("preference") + sizeof("order") + sizeof("priority") + sizeof("tos"))
++#define keyword_realms(keyword_fwmark + sizeof("fwmark"))
++#define keyword_suppress_prefixlength (keyword_realms + sizeof("realms") 
+ sizeof("table") + sizeof("lookup"))
++#define keyword_suppress_ifgroup  (keyword_suppress_prefixlength + 
sizeof("suppress_prefixlength"))
++enum {
++  ARG_from = 1, ARG_to, ARG_preference, ARG_order, ARG_priority,
++  ARG_tos, ARG_fwmark, ARG_realms, ARG_table, ARG_lookup,
++  ARG_suppress_prefixlength, ARG_suppress_ifgroup,
++  ARG_dev, ARG_iif, ARG_nat, ARG_map_to, ARG_type, ARG_help,
++};
+ 
+ static int FAST_FUNC print_rule(const struct sockaddr_nl *who UNUSED_PARAM,
+   struct nlmsghdr *n, void *arg 
UNUSED_PARAM)
+@@ -119,6 +126,17 @@ static int FAST_FUNC print_rule(const struct sockaddr_nl 
*who UNUSED_PARAM,
+   else if (r->rtm_table)
+   printf("lookup %s ", rtnl_rttable_n2a(r->rtm_table));
+ 
++  if (tb[FRA_SUPPRESS_PREFIXLEN]) {
++  int pl = *(uint32_t*)RTA_DATA(tb[FRA_SUPPRESS_PREFIXLEN]);
++  if (pl != -1)
++  printf("%s %d ", keyword_suppress_prefixlength, pl);
++  }
++  if (tb[FRA_SUPPRESS_IFGROUP]) {
++  int grp = *(uint32_t*)RTA_DATA(tb[FRA_SUPPRESS_IFGROUP]);
++  if (grp != -1)
++  printf("%s %d ", keyword_suppress_ifgroup, grp);
++  }
++
+   if (tb[RTA_FLOW]) {
+   uint32_t to = *(uint32_t*)RTA_DATA(tb[RTA_FLOW]);
+   uint32_t from = to>>16;
+@@ -174,15 +192,6 @@ static int iprule_list(char