Re: [PATCH V3 3/3] base-files: sysupgrade: add uci-defaults script disabling services #2

2024-02-29 Thread Jo-Philipp Wich
Hi, [...] Extend sysupgrade to check for disabled services, generate uci-defaults script disabling them and include it in backup. Cc: Christian Marangi Cc: Jo-Philipp Wich Cc: Jonas Gorski Signed-off-by: Rafał Miłecki Acked-by: Jo-Philipp Wich ~ Jo

Re: [PATCH V3 2/3] base-files: sysupgrade: use tar helper to include installed_packages.txt

2024-02-29 Thread Jo-Philipp Wich
limitations (mount points). Signed-off-by: Rafał Miłecki Acked-by: Jo-Philipp Wich ~ Jo ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH V3 1/3] base-files: sysupgrade: add tar.sh with helpers for building archives

2024-02-29 Thread Jo-Philipp Wich
Hi, [...] This allows building uncompressed tar archives from shell scripts (and compressing them later if needed) Signed-off-by: Rafał Miłecki Signed-off-by: Jo-Philipp Wich ~ Jo ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org

Re: [PATCH V2 1/3] base-files: sysupgrade: add tar.sh with helpers for building archives

2024-02-28 Thread Jo-Philipp Wich
Hi Rafał, comments inline. Sorry for the bikeshedding ahead. ~ Jo [...] + +__tar_print_padding() { + dd if=/dev/zero bs=$1 count=1 2>/dev/null $1 may be 0 which is an invalid value for `bs=`: root@OpenWrt:~# dd bs=0 dd: number 0 is not in 1..2147483647 range A value of "0" is

Re: [PATCH 1/3] base-files: sysupgrade: add tar.sh with helpers for building archives

2024-02-27 Thread Jo-Philipp Wich
Hi Rafał, thanks for taking are of this. Please find some comments below. Am 2/26/24 um 15:14 schrieb Rafał Miłecki: From: Jo-Philipp Wich This allows building uncompressed tar archives from shell scripts (and compressing them later if needed) Signed-off-by: Rafał Miłecki --- package

Re: [PATCH] base-files: sysupgrade: include uci-defaults script disabling services

2024-02-16 Thread Jo-Philipp Wich
Hi Rafał, Extend sysupgrade to check for disabled services, generate uci-defaults script disabling them and include it in backup. Cc: Christian Marangi Cc: Jo-Philipp Wich Cc: Jonas Gorski Signed-off-by: Rafał Miłecki Acked-by: Jo-Philipp Wich

Re: ustream-ssl ABI_VERSION usage

2024-02-12 Thread Jo-Philipp Wich
Hi Paul, While working on using APK instead of OPKG, I started to look into ABI versions of different packages and found that ustream-ssl always install libustream-ssl.so , with no ABI version attached. $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libustream-ssl.so

Re: Are we still use md5 as default as password hash?

2024-01-18 Thread Jo-Philipp Wich
Hi, you will also need to enable additional ciphers in musl libc (disabling the crypt size hack). Please disregard that remark, it has already been pointed out that the hack is disabled by default since quite some time. ~ Jo ___ openwrt-devel

Re: Are we still use md5 as default as password hash?

2024-01-18 Thread Jo-Philipp Wich
Hi, Does the following do the trick? you will also need to enable additional ciphers in musl libc (disabling the crypt size hack). ~ Jo ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org

Re: firewall4: loopback device is ACCEPTED before include chain-prepend input

2023-09-06 Thread Jo-Philipp Wich
Hi, > [...] > Is there a reason why this decision was made, to add the custom include after > the loopback interface? Performance considerations, mostly. It violates pola though since it deviates from the behavior of other chain includes, so I'm okay with moving the include before the loopback

[RFC netifd 1/2] interface-ip: mask out host bits in IPv4 route targets

2023-08-24 Thread Jo-Philipp Wich
figuration. Signed-off-by: Jo-Philipp Wich --- interface-ip.c | 4 1 file changed, 4 insertions(+) diff --git a/interface-ip.c b/interface-ip.c index a06a514..fee29a9 100644 --- a/interface-ip.c +++ b/interface-ip.c @@ -441,6 +441,10 @@ interface_ip_add_route(struct interface *iface, struct

[RFC netifd 2/2] interface-ip: allow configuring routes without explicit interface

2023-08-24 Thread Jo-Philipp Wich
-Philipp Wich --- interface-ip.c | 16 interface-ip.h | 3 +++ system-linux.c | 3 +++ 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/interface-ip.c b/interface-ip.c index fee29a9..d2fe385 100644 --- a/interface-ip.c +++ b/interface-ip.c @@ -405,6 +405,7

Re: Intention on moving board-2 blob to a separate repo

2023-02-27 Thread Jo-Philipp Wich
Hi Ansuel, this makes a lot of sense imho. ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH] ubus: added ubus_handle_events function that "guaranties" execution of all polled events

2023-02-13 Thread Jo-Philipp Wich
Hi, > In case of previous setup or calling flow ctx->cancel_poll is set to true > function ubus_handle_event may process ONLY ONE request, though the comment > says it processes events: > > /* call this for read events on ctx->sock.fd when not using uloop */ static > inline void

Re: [PATCH] fw4: add a range of icmpv6 types

2023-02-03 Thread Jo-Philipp Wich
Hi, the patch was white-space mangled and the Signed-off-by didn't match the author. It also introduced syntax errors in fw4.uc so it seems it hasn't been runtime tested at all. Superseded by https://git.openwrt.org/e6e82a5 and https://git.openwrt.org/30ee17a. signature.asc Description:

Re: [PATCH] fw4: fix ipset comment field from bool to string

2023-02-03 Thread Jo-Philipp Wich
Hi, the patch was whitespace mangled and didn't apply. After fixing it up manually, the Signed-off-by didn't match the author. Also the fixed option wasn't use anywhere so the fix was rather incomplete (or not useful by itself). It is superseded by https://git.openwrt.org/39e8c70 now. Regards,

Re: [PATCH v3 6/7] ucode: Update to latest

2023-01-12 Thread Jo-Philipp Wich
Hi, > Can you change that? Could you also please omit the merge commits from the listing in the commit message? ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org

Re: [PATCH] iwinfo: devices: add Qualcomm Atheros IPQ8074 WiSoC

2023-01-06 Thread Jo-Philipp Wich
Hi Robert, I know that you're just expanding existing code (which I recently noticed for the first time) but I think that adding more and more if/else clauses with further hardware matches for purely cosmetic reasons* is a good way forward. At the very least a mechanism should be added to

Re: Secure cookie handling upon https to http downgrade

2023-01-02 Thread Jo-Philipp Wich
Hi, > More generally, and regard to the earlier suggestion, I would still suggest > splitting the http vs https cookie names in any ongoing luci rework in order > to avoid this situation. this also has been implemented already, see

Re: Secure cookie handling upon https to http downgrade

2022-12-30 Thread Jo-Philipp Wich
Hi, > [...] > I renamed the new cookies to "http-sysauth" and "https-sysauth", to work > around this and it seems to do the right thing.  But there is still a fault > here. Already fixed with https://github.com/jow-/lucihttp/commit/6e68a1065f3ed1889e5fa053b206bd3aa108bd5f ~ Jow

Re: ui.waitReconnect() may load over HTTP instead of HTTPS

2022-12-28 Thread Jo-Philipp Wich
Hi, ui.awaitReconnect() tries both http:// and https:// access simultaneously and redirects to whatever URL loads successfully. HTTPS access might be unavailable, e.g. when flashing an image without SSL support built in. This used to be the norm before OpenWrt enabled HTTPS by default in 22.03.

Re: firewall4 question

2022-11-26 Thread Jo-Philipp Wich
Hi, try adding `option dest lan` to your block rule. Without any destination, it is treated as input rule, not a forwarding one. ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org

Re: [RFC] dropping of $(AUTORELEASE) feature

2022-11-07 Thread Jo-Philipp Wich
Hi, > The AUTORELEASE has been a nice feature from the package PR maintenance > perspective. > > Earlier there was constant trouble with concurrent PRs for the same package > having the same PKG_RELEASE bump, or the maintainer doing a small change with > a bump while there was an open PR with

Re: [RFC] dropping of $(AUTORELEASE) feature

2022-11-07 Thread Jo-Philipp Wich
Hi, yes, please kill it. The $(AUTORELEASE) option does not work for sources without Git history, it produces different results depending on the history, it causes package bumps for even trivial cosmetic fixes. It can also lead to situations where packages on different branches end up with the

Re: [PATCH] fw4: fix handling of unaccepted forward packets

2022-11-03 Thread Jo-Philipp Wich
Hi, you misunderstand the purpose of the zone forward policy. It is not meant to catch traffic from a zone to another zone, but traffic relayed from one interface to another interface within the same zone. Traffic from one zone to another zone is solely handled by the global forward policy in

Re: lua 5.1.5 CVEs / lua 5.3 with luci

2022-10-26 Thread Jo-Philipp Wich
Hi, > Can one be curious and ask what is gonna be used instead of lua, or is > that still not 100% decided yet? you can find more details at https://forum.openwrt.org/t/luci-rewrite-in-ucode-testers-wanted/137250 ~ Jo signature.asc Description: OpenPGP digital signature

Re: lua 5.1.5 CVEs / lua 5.3 with luci

2022-10-26 Thread Jo-Philipp Wich
Hi, all errors you quoted are occurring within Lua code. The view rendering etc. mostly happens in JavaScript on the client side, this is why things /seem/ to work. Many backend actions are implemented as rpcd plugins in Lua code though, and all those seem to fail (not register with rpcd in the

Re: [PATCH] netifd: add accept_ra support

2022-10-09 Thread Jo-Philipp Wich
Hi, > Make the "Accept Router Advertisements" configurable. This is needed if > you do not want to use odhcp6c and let the kernel handle the RAs. This > can save some diskspace. NACK from me. As it will interfere with odhcp6c operation in the default setup I don't think that it is a good idea to

Re: [musl] nslookup failures with coarse CLOCK_MONOTONIC

2022-10-07 Thread Jo-Philipp Wich
Hi, > [...] > Which implementation of nslookup is this? Busybox? It would probably > be useful to hear thoughts on it from their side. assuming the OP is using standard OpenWrt nslookup, it is the "big" busybox nslookup implementation, which is using the res_*() api and name lookup logic borrowed

Re: [PATCH] Send bad forward_zone packets to verdict_from_zone

2022-09-28 Thread Jo-Philipp Wich
Hi, the forward policy for zones is supposed to only apply to forwarded traffic among interfaces of the same zone. If I read it correctly, your patch would change this long standing behavior to something else. ~ Jo signature.asc Description: OpenPGP digital signature

Re: Add SoB tag to hack patches on generic target

2022-09-21 Thread Jo-Philipp Wich
Hi, to be pragamtic, set a `Submitted-by`, `Added-by`, `Introduced-by` or similar tag. This should provide enough clue to locate the original author without the need to "forge" Sob. ~ Jo signature.asc Description: OpenPGP digital signature ___

Re: DSA Terminology

2022-09-13 Thread Jo-Philipp Wich
Hi, >> Well, it would still be less confusing than the state we're currently in. >> Anyway, converting "config interface" to "config network" and "config >> device" to "config iface" is an option. I don't like `iface`, it is also easily confused with `interface` (which - as explained - still has

Re: DSA Terminology

2022-09-13 Thread Jo-Philipp Wich
Hi, > IMHO changing, in /etc/config/network: > "config interface" -> "config network" > "config device" -> "config interface" > would eliminate this semantic inconsistency and bring the naming > convention more in line with what Rich referred to in his comments > above. This cannot be done in a

Re: DSA Mini-tutorial

2022-09-08 Thread Jo-Philipp Wich
Hi, > [...] > Meanwhile I wonder if a few specific cases wouldn't need to be better > addressed. For instance ppp or wwan create extra « Interfaces » (in current > Luci lingo), some having the related protocol - PPPoE/NCM, some having > protocol « Virtual Dynamic Interface » (for ipv4/ipv6) -

Re: DSA Mini-tutorial still marked as Work In Progress

2022-09-07 Thread Jo-Philipp Wich
Hi Rich, that tutorial is good ground work imho. One thing I repeatedly noticed (not in the document, but in forum and irc chatter) is that over the time, DSA and bridge VLAN filtering became conflated into one concept while they're actually different pieces; one can do bridge VLAN filtering

Re: DSA Mini-tutorial

2022-09-07 Thread Jo-Philipp Wich
Hi, >> I wrote this mostly because the LuCI interface itself makes a distinction >> between the "Devices" tab and the "Interfaces" tab. But maybe this isn't the >> best way to describe what goes there. > > I agree that there are inconsistencies in LuCI. The only place I see the > terminology

Re: [PATCH rpcd] sys: mitigate possible strncpy string truncation

2022-08-24 Thread Jo-Philipp Wich
Hi, comment below. ~ Jo On 8/24/22 10:14 AM, Petr Štetiar wrote: > [...] > --- a/sys.c > +++ b/sys.c > @@ -224,7 +224,8 @@ procstr: > continue; > > if (!strcmp(var, "Package:")) { > - strncpy(pkg, p1, sizeof(pkg)); > +

Re: [PATCH] build: always set CONFIG_IPV6

2022-08-20 Thread Jo-Philipp Wich
Hi, > [...] > This patch sets the related CONFIG to always true and removes the > config prompt, keeping the change minimal, and, should !CONFIG_IPV6 ever > be fixed, easy to revert. > > Signed-off-by: Thibaut VARÈNE Acked-by: Jo-Philipp Wich signature.asc Descriptio

Re: [PATCH firewall4] fw4: add support for include.d dir

2022-08-11 Thread Jo-Philipp Wich
ly ignore any non-include section type being put there I have attached my proposal as patch for reference. Kind regards, Jo From 5ab0f61350f02590c5e6c1981bce4531510517de Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Thu, 11 Aug 2022 13:48:14 +0200 Subject: [PATCH] fw4: support automatic include

Re: Contributions to netifd

2022-08-03 Thread Jo-Philipp Wich
Hi Joerg, > we are a company of experts for automotive software and are working for > many customers in the automotive industry. > > One of our customers (a big german automotive supplier) is looking for a > network configuration solution with some specific limitations and after > evaluating

Re: Question about ancient TARGET_CFLAGS in rules.mk?

2022-07-23 Thread Jo-Philipp Wich
Hi, > I mean I know they are gigantic corner case where you can build an entire > house in the corner... But what are the drawbacks of such small fix? The > NULL check one for example seems pretty important... Adding that null check there seems redundant, any code path that could lead to

Re: [PATCH firewall4] fw4: add support for include.d dir

2022-07-22 Thread Jo-Philipp Wich
Hi, instead of introducing uci includes that configure nft includes, why not encode the chain/position etc. values directly into the path/filename and directly include the file if it exists at the expected location? A potential pattern could be

Re: [PATCH 1/2] ubox: fix GCC fanalyzer warnings

2022-07-18 Thread Jo-Philipp Wich
Hi, > [...] > - free(aliases); > + if (aliases) > + free(aliases); This check is redundant, the free() function is guaranteed to be NULL-safe in the standard: The free() function shall cause the space pointed to by ptr to be deallocated; that is, made available for further

Re: Query regd. rw rootfs

2022-06-16 Thread Jo-Philipp Wich
Hi, > As mentioned in https://openwrt.org/docs/techref/preinit_mount#failsafeBy, > rootfs is made rw via overlay. So, even a non-root user will have the > ability to modify (for e.g. delete dnsmasq entry in /etc/passwd). no, a non-root user will lack sufficient permission to modify these files.

Re: Query regd. rw rootfs

2022-06-16 Thread Jo-Philipp Wich
Hi, > If the behavior is not same, can you let me know how "below" is > handled/taken care in OpenWRT? "changes made to sensitive files for e.g. > /etc/passwd (deleting a line. Deleting passwd file etc.) will have adverse > impact on security and some init scripts may not start etc." OpenWrt

Re: Query regd. rw rootfs

2022-06-16 Thread Jo-Philipp Wich
Hi, > [...] > Is this behavior the same with procd? it is not the same. There is no special handling for specific overlay file paths in procd. ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list

Re: Wrong hash for firewall package?

2022-05-20 Thread Jo-Philipp Wich
Hi again, please ignore my previous message, that was an incorrect observation on my side. In fact my locally generated source archive matches the one on the source mirror, so I assume Rui's recent bump simply added a wrong checksum. ~ Jo signature.asc Description: OpenPGP digital signature

Re: Wrong hash for firewall package?

2022-05-20 Thread Jo-Philipp Wich
Hi, I compared the package stored on the source mirror with the locally generated mismatching one. The contained .tar has the same checksum but the compressed xz file is different. I suppose this is due to the recent enabling of multithreaded xz compression which yields different results on

Re: [PATCH firewall4] ruleset: add missing pre_* chains

2022-05-18 Thread Jo-Philipp Wich
Hi, can't you do the same by dropping a snippet into /etc/nftables.d/ which simply registers chain with lower priority hooks? In fact there already is an example [1]. So in order to achieve what you want, create an `/etc/nftables.d/10-pre-chains.nft with the following contents: -- 8< -- chain

Re: Question about DNS-Tap integration

2022-05-16 Thread Jo-Philipp Wich
Hi, > My question is about whether are you planning to introduce the DNS-Tap > over TCP/IP to some version of the OpenWRT Router firmware. It's the emerging > technology which might be very useful in the future. you probably should direct these questions to the upstream DNSmasq project. > You

Re: [PATCH 1/4] uclient-fetch: --header option to pass additional raw HTTP headers

2022-05-10 Thread Jo-Philipp Wich
Hi Sergey, a minor nitpick inline below. On 5/9/22 11:59 PM, Sergey Ponomarev wrote: > You can add a custom HTTP header(s) to request: > > wget --header='Authorization: Bearer TOKEN' \ > --header='If-Modified-Since: Wed, 9 May 2021 12:16:00 GMT' \ > https://example.com/ > >

Re: Unpatched DNS bug affects millions of routers and IoT devices

2022-05-04 Thread Jo-Philipp Wich
Hi, > [QUOTE] > > The library uClibc and its fork from the OpenWRT team, uClibc-ng. Both > variants are widely used by major vendors like Netgear, Axis, and > Linksys, as well as Linux distributions suitable for embedded > applications. > > [/QUOTE] > > Does it affect my TP-link AC1200

Re: [PATCH] packages: nvram: add NVRAM quirks for bcm53xx target

2022-05-03 Thread Jo-Philipp Wich
Hi, > I think boot() would look better, but it would be good to keep this consistent > with the bcm47xx code. Using boot() or start() does not make a big difference, > boot() calls start() anyway. an "/etc/init.d/whatever restart" will not execute boot(), which would be a reason to prefer it

Re: [PATCH] kernel/kmod-lib-lzo: include the lzo-rle kmod in the package

2022-03-22 Thread Jo-Philipp Wich
patch: > https://patchwork.ozlabs.org/project/openwrt/patch/541cbfbd-76f2-59b3-a867-47b6f0fc7...@gmail.com/ > > Signed-off-by: Rui Salvaterra Acked-by: Jo-Philipp Wich signature.asc Description: OpenPGP digital signature ___ openwrt-devel ma

Re: Drop CONFIG_IPV6 ?

2022-03-14 Thread Jo-Philipp Wich
Hi, > Is anyone disabling CONFIG_IPV6 ? no. > Do people agree we can drop CONFIG_IPV6 ? yes. > Should we do this before we branch 22.x ? yes please. I am tired of sprinkling ifdefs, maintaining separate package build flavors, conditional dependency forests and runtime checks for IPv6

Re: Firewall question

2022-02-09 Thread Jo-Philipp Wich
Hello Hartmut, [...] > If I check the logs from apache2, I see from lan network only the gateway > or router ip and no client ip's. From guest network, I see every individual > client ip's. Yeah, for lan this is expected. The automatic NAT reflection consists of one DNAT rule to forward the

Merged: opkg_remove: avoid remove pkg repeatly with option--force-removal-of-dependent-packages

2022-01-26 Thread Jo-Philipp Wich
Merged into project/opkg-lede.git, branch master. Thank you! ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH] toolchain: musl: disable crypt size hack on !SMALL_FLASH devices

2021-12-14 Thread Jo-Philipp Wich
Hi, while the decision to do that seems obvious on first sight, I think that supporting different password hashing algorithms on different targets might lead to unexpected surprises for downstream users. E.g. when precalculated password hashes taken from one device are built inside custom

[RFC] Stop providing binary package updates for release builds?

2021-12-12 Thread Jo-Philipp Wich
Hi, since the release of LEDE 17.01.0, OpenWrt started offering updated binary packages for released versions, means the HEAD of a released stable branch is continuously getting rebuilt and the resulting binaries are uploaded to the release repositories. Users will see those updated packages as

Re: [PATCH] netifd: system-linux: add dev_type info for ubus network.device status

2021-12-07 Thread Jo-Philipp Wich
Hi, > I have now taken a look at your suggestion. > Unfortunately, I found that not all network interfaces have set the DEVTYPE > attribute set in their uevent file. I have not yet found any information > who sets this value. Does this do the driver or the subsystem? afair it is set by the

Re: [PATCH] netifd: system-linux: add dev_type info for ubus network.device status

2021-12-06 Thread Jo-Philipp Wich
Hi, imho these types are not that useful in practice (e.g. tap devices etc. are all reported as "ethernet". Maybe expose /sys/class/net/$devname/uevent DEVTYP= instead. ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel

Re: dnsmasq issue

2021-12-05 Thread Jo-Philipp Wich
Hi, > Or does this phenomenon also happen if running without ujail? afair it also happens without ujail. Whenever handler scripts are enabled, dnsmasq will spawn a secondary helper process. This was also the reason why /etc/hotplug.d/*/ support is only conditionally enabled if installed scripts

[PATCH] procd: procd.sh: make no assumptions about init script path

2021-11-23 Thread Jo-Philipp Wich
` which corresponds to `argv[0]` when readlink failed. This fixes reload trigger setup for init script symlinks that point to files with different base names. Signed-off-by: Jo-Philipp Wich --- package/system/procd/files/procd.sh | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff

[RFC PATCH] treewide: drop librt and libpthread packages

2021-11-18 Thread Jo-Philipp Wich
them as extra shared libraries. Signed-off-by: Jo-Philipp Wich --- package/devel/perf/Makefile | 2 +- package/devel/valgrind/Makefile | 2 +- package/libs/libevent2/Makefile | 2 +- package/libs/libnl/Makefile | 1 - package/libs

[PATCH] procd: setup /dev/stdin, /dev/stdout and /dev/stderr symlinks

2021-11-18 Thread Jo-Philipp Wich
Extend the hotplug.json ruleset to setup the common /dev/std{in,out,err} symbolic links which are needed by some applications, e.g. nftables when applying rulesets from stdin. Signed-off-by: Jo-Philipp Wich --- package/system/procd/files/hotplug.json | 12 +++- 1 file changed, 11

Re: Missing 'libubus.so' and change of ABI in 19.07.8

2021-11-13 Thread Jo-Philipp Wich
Hi, > But I really can't see the breaking change, could you please point it out for > me? struct ubus_client changed its layout. > The second question is the change of the library name from 'libubus.so' to > 'libubus.so.20210603'. Was this intended? Yes, it was intentional. Programs should

Re: [PATCH firewall4 1/2] tests: adapt test to new ICMP print logic

2021-10-24 Thread Jo-Philipp Wich
Hi, merged both patches, thank you! ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH] nftables: bump to 1.0.0

2021-10-17 Thread Jo-Philipp Wich
Hi, > Signed-off-by: Stijn Tintel Acked-by: Jo-Philipp Wich signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH 2/2] hostapd: force ieee80211w instead of setting a default

2021-10-11 Thread Jo-Philipp Wich
Hi, > right now luci will force 2 nope, it will not. It calculates the dynamic default according to the logic in hostapd.sh and will remove the value from uci if the selected user value matches the dynamic default [1]. So with WPA3 selected and choosing 11w ... ... required -> remove option

Re: [PATCH 2/2] hostapd: force ieee80211w instead of setting a default

2021-10-11 Thread Jo-Philipp Wich
Hi, > Doesn't that downgrade PSK-SAE which the user configured to be with > mandatory MFP to now only have optional MFP? yes. The way I read it, it also prevents using the WPA3 protocol without obligatory MFP (afair some users use that for limited drivers) ~ Jo signature.asc Description:

Re: RFC: toolchain for building eBPF modules within the OpenWrt build system

2021-10-04 Thread Jo-Philipp Wich
Hi Felix, I'd suggest to require a preinstalled host toolchain for the time being. ~ Jo ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH] base-files: make os-release symbolic link absolute

2021-09-08 Thread Jo-Philipp Wich
Hi, > Did you check that none of the build scripts try to access this file? In > case they do, they'd fail since an absolute path wouldn't exists on the > building host system. apart from that it might break 3rd party workflows for no obvious reason. The existing absolute symlinks mentioned all

Re: [PATCH luci] luci-mod-network: wireless.js: allow changing the 60 GHz radio's frequency

2021-07-09 Thread Jo-Philipp Wich
Hi Alex, thank you for this patch. Based on your submission I pushed a somewhat smaller fix to LuCI master which omits the last two hunks: https://github.com/openwrt/luci/commit/e5626ece12236f6be9dbb6da6eb90fcbb469a1f0 The code related to the `hwmode` option is there for backwards compatibility

Re: [PATCH 19.07 4/4] treewide: mark selected packages nonshared

2021-07-03 Thread Jo-Philipp Wich
Hi, > I've never seen a non integer release, is there a special reason for this? I used to do that in the past when backporting master changes to branches that didn't apply cleanly anymore. In this case the package contents between master and release branches deviated while keeping the same

Re: ip rule processing partly broken (21.02 and Master)

2021-06-14 Thread Jo-Philipp Wich
Hi, the ip rules encoded in /etc/config/network are processed by netifd C code directly, they're not translated into busybox ip calls. The entire busybox ip.c code contains not a single instance of FIB_RULE_INVERT so it simply does not implement inversion. It will also not be able to report

Re: Luci->Network->Interfaces is broken

2021-06-09 Thread Jo-Philipp Wich
Hi, > It works now (no error message), but the bad thing is, it isn't visible in > LuCI, which wireless adapter's are attached to the bridge and it needs some > clicks to see which interfaces (wired ports) are attached to the bridge. > > I don't like this solution in LuCI. Fixed with

Re: [PATCH 19.07] ubus: update to version 2021-06-03

2021-06-03 Thread Jo-Philipp Wich
Hi Petr, does that change the libubus abi? ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH] busybox: sysntpd: add trigger to reload server

2021-06-01 Thread Jo-Philipp Wich
Hi, >> start_service() { >> +. /lib/functions/network.sh > > > This doesn't look right. It's usually added at the top of the file, unnested. Which would be the wrong thing to do here. Since the init script is run on the host system during build (to enable it), it must not source files

Re: Interface names when putting 802.1q VLAN on top of bonding configuration

2021-06-01 Thread Jo-Philipp Wich
Hi, > One more question, now I'm trying to put a bridge on top of each of these > vlan* interfaces so that I can map those to a few physical interfaces. I also > need several vlans to map to one of the interfaces (tagged).. not sure how to > do that yet either. Any suggestions with this

Re: [PATCH] base-files: simplify setting device MAC

2021-06-01 Thread Jo-Philipp Wich
Hi, > Ideally you should be able to use jsonfilter too but I don't know how to > deal with "-" in a property name. Use bracket notation. > Following doesn't work for me: > > ubus call network.device status '{ "name": "br-lan" }' | jsonfilter -e > "$.bridge-members" ubus call network.device

Re: Luci->Network->Interfaces is broken

2021-05-31 Thread Jo-Philipp Wich
Hi, > This is the reason. Long time ago, I did select the option 'Remove ipkg/opkg > status data files in final images' to reduce the image size. Since such an > option can be selected, LuCI cannot assume, that the file netifd.control > exists. fixed. ~ Jo signature.asc Description:

Re: Interface names when putting 802.1q VLAN on top of bonding configuration

2021-05-28 Thread Jo-Philipp Wich
Hi, the following should do what you want. config device option type 8021q option ifname bonding-lan option vid 20 option name vlan20 config interface vlan20 option ifname vlan20 option proto static option ipaddr 172.20.34.2 option netmask 255.255.255.128 ~ Jo signature.asc

Merged: rules: fix device and chain usage forDSCP/MARK targets

2021-03-23 Thread Jo-Philipp Wich
Merged into project/firewall3.git, branch master at http://git.openwrt.org/?p=project/firewall3.git. Thank you! ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Merged: zone: avoid duplicates in devices list

2021-03-23 Thread Jo-Philipp Wich
Merged into project/firewall3.git, branch master at http://git.openwrt.org/?p=project/firewall3.git. Thank you! ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH 1/2] uhttpd: Reload config after uhttpd-mod-ubus was added

2021-03-20 Thread Jo-Philipp Wich
Hi Hauke, thanks for looking into it! I have a couple of remarks... > [...] > [ "$(uci -q get uhttpd.main.ubus_socket)" = "/var/run/ubus.sock" ] && { > uci set uhttpd.main.ubus_socket='/var/run/ubus/ubus.sock' > uci commit uhttpd > + reload_config That might reload other,

Re: Question about LuCI state (incl DSA) & request for testing

2021-02-12 Thread Jo-Philipp Wich
Hi, > I'd like to ask: what's the current state of LuCI? > One thing that probably requires some extra focus is DSA. Are there > any remaining issues regarding it? some parts of the DSA/device config code are intentionally disabled since netifd didn't handle these things at the time it was

Re: Revisiting ABI_VERSION handling policy

2021-02-09 Thread Jo-Philipp Wich
Hi, > The last stable update didn't change SONAME, but it included changes to > the same data structure that triggered the bug that I ran into. It could > very likely have introduced very similar subtle breakage. this is a clear upstream bug then. Might make sense to look into how other

Re: Revisiting ABI_VERSION handling policy

2021-02-09 Thread Jo-Philipp Wich
Hi, > The goal of reducing unnecessary build churn makes perfect sense to me, > but I think we need to reconsider the trade-off we're making here, and > the failure modes of each option. the motivation wasn't about build-churn at all but to ensure that library packages can be cleanly upgraded

Re: Job board support on openwrt.org?

2021-01-23 Thread Jo-Philipp Wich
Hi, I don't think this is a good idea due to legal obligations, administrative hassle, quality of work issues and so on. NACK from me. ~ Jo ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org

Re: Dnsmasq 2.83 causes log spam

2021-01-22 Thread Jo-Philipp Wich
Hi Hannu, unfortunately we lack a reliable reproducer so far. A packet capture would be most helpful, another option would be a bisect of the intermediate dnsmasq Git revisions. ~ Jo signature.asc Description: OpenPGP digital signature ___

Re: Add package version dependency for point releases

2021-01-11 Thread Jo-Philipp Wich
Hi, why not simply wrap the workaround in a uname or /proc/version check? ~ Jo signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org

Re: [PATCH] wireguard-tools: allow generating private_key

2021-01-08 Thread Jo-Philipp Wich
Hi, I'm afraid this approach is not really acceptable. Automatically calling `uci commit` outside of the early-boot / uci-defaults context is not safe. There could be arbitrary user defined, intentionally uncommitted changes stashed when the ifup sequence is running which you would inadvertently

Re: [PATCH 1/3] rules: add commitcount function

2021-01-07 Thread Jo-Philipp Wich
Hi, I think this change will introduce massive overhead during the DUMP phase of the buildroot when scanning package metadata. You should wrap the logic into an `ifneq ($(DUMP),1)` or similar and simply return a static placeholder value if DUMP==1 ~ Jo signature.asc Description: OpenPGP

Re: R: [RPCD PATCH v4 3/4] iwinfo: add ht and vht operation info to wifi scan

2021-01-06 Thread Jo-Philipp Wich
Hi, > I didn't add the check here as we can assume that ht_operation are always > present. > Should I add this anyway? why can we assume it? They way I see it, HT info is only populated if IE type 61 was present, valid and parsed from BSS info, otherwise the structure mightr be present but

Re: [RPCD PATCH v4 4/4] iwinfo: export center channel for info ubus call

2021-01-05 Thread Jo-Philipp Wich
Hi, comment below. > [...] > diff --git a/iwinfo.c b/iwinfo.c > index 45ca784..94fa822 100644 > --- a/iwinfo.c > +++ b/iwinfo.c > @@ -364,6 +364,8 @@ rpc_iwinfo_info(struct ubus_context *ctx, struct > ubus_object *obj, > > rpc_iwinfo_call_int("mode", iw->mode, IWINFO_OPMODE_NAMES); >

Re: [RPCD PATCH v4 3/4] iwinfo: add ht and vht operation info to wifi scan

2021-01-05 Thread Jo-Philipp Wich
Hi, comments below. > [...] > @@ -441,6 +441,20 @@ rpc_iwinfo_scan(struct ubus_context *ctx, struct > ubus_object *obj, > blobmsg_add_u32(, "quality", e->quality); > blobmsg_add_u32(, "quality_max", e->quality_max); > Only add the "ht_operation"

Re: [IWINFO PATCH v4 2/4] iwinfo: export center_chan info for local wifi

2021-01-05 Thread Jo-Philipp Wich
Hi, comments below. > [...] > diff --git a/include/iwinfo.h b/include/iwinfo.h > index 676db91..680f384 100644 > --- a/include/iwinfo.h > +++ b/include/iwinfo.h > @@ -282,6 +282,8 @@ struct iwinfo_ops { > int (*survey)(const char *, char *, int *); > int (*lookup_phy)(const char *,

Re: [IWINFO PATCH v4 1/4] iwinfo: export ht and vht operation in scan results

2021-01-05 Thread Jo-Philipp Wich
Hi, comments inline below. > [...]@@ -2306,6 +2306,16 @@ static void nl80211_get_scanlist_ie(struct nlattr > **bss, > iwinfo_parse_rsn(>crypto, ie + 6, ie[1] - 4, >IWINFO_CIPHER_TKIP, > IWINFO_KMGMT_PSK); >

Re: [PATCH 1/2 iwinfo] iwinfo: add support for GCMP cipher

2021-01-05 Thread Jo-Philipp Wich
Hi, before merging this, please extend the cmake rules in iwinfo.git to add a SOVERSION property to the resulting libiwinfo library, this way we can adopt ABI versio ntracking when we bump it the next time in OpenWrt. ~ Jo signature.asc Description: OpenPGP digital signature

Merged: libnetfilter-conntrack: update to 1.0.8

2020-12-14 Thread Jo-Philipp Wich
Merged into master at http://git.openwrt.org/?p=openwrt/openwrt.git. Thank you! ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel

  1   2   3   4   5   6   7   8   9   10   >