Utilize the new selective conntrack flushing facility to clear
out active conntrack entries referring to old IP addresses after
a firewall reload.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42114 3c298f89-4303-0410-b956-a3cf2f4a3e73
Depend on the GRE tunnel peeraddr to trigger setup of the tunnel interface.
Addresses the issue reported in https://lists.openwrt.org/pipermail/openwrt-devel/2014-August/027201.html
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41998 3c298f89-4303-0410-b956-a3cf2f4a3e73
The package supports Generic Routing Encapsulation support by registering following protocol kinds:
-gre
-gretap
-grev6
-grev6tap
Following options are valid for gre and gretap kinds:
-ipaddr
-peeraddr
-df
-mtu
-ttl
-tunlink
-zone
-ikey
-okey
-icsum
-ocsum
-iseqno
-oseqno
The gretap kind supports additionally the network option
Following options are valid for grev6 and grev6tap kinds:
-ip6addr
-peer6addr
-weakif
-mtu
-ttl
-tunlink
-zone
-ikey
-okey
-icsum
-ocsum
-iseqno
-oseqno
The grev6tap kind supports additionally the network option
Typical network config for a GREv4 tunnel :
config interface 'gre'
option peeraddr '172.16.18.240'
option mtu '1400'
option proto 'gre'
option tunlink 'wan'
option zone 'tunnel'
Typical network config for a GREv4 tap tunnel :
config interface 'gretap'
option peeraddr '195.207.5.79'
option mtu '1400'
option proto 'gretap'
option zone 'tunnel'
option tunlink 'wan'
option network 'wlan_ap'
I added myself as maintainer for the moment; feel free to change.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41897 3c298f89-4303-0410-b956-a3cf2f4a3e73
the IB tries to run the enable target on all init.d scripts.
It fails when including the dsl_control helper. Check for existence
prior to the include.
Signed-off-by: John Crispin <blogic@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41787 3c298f89-4303-0410-b956-a3cf2f4a3e73
Properly parse and pass arbritary netmasks to iptables, this allows
specifying ranges like '::c23f:eff:fe7a:a094/::ffff:ffff:ffff:ffff' to
match the host part of an IPv6 address regardless of the currently active
IPv6 prefix.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41760 3c298f89-4303-0410-b956-a3cf2f4a3e73
Split connection mark into two parts:
The lower nibble contains the confirmed conntrack mark which is not
generated by default/reclassify rules.
The upper nibble contains the current value specified by
default/reclassify rules.
For egress, the default/reclassify value is preferred
For ingress, the connection mark is preferred
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41682 3c298f89-4303-0410-b956-a3cf2f4a3e73
The commit 92281eb747b56e748b7c3d754055919c23befdd4 broke fw3_ubus_addresses() so that
no addresses where returned at all, this caused fw3 to not emit NAT reflection rules
anymore.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41556 3c298f89-4303-0410-b956-a3cf2f4a3e73
They should be unnecessary with fq_codel, and simplifying rules helps
with performance
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41549 3c298f89-4303-0410-b956-a3cf2f4a3e73
The netifd fixes went to the wrong repository, revert until it is sorted out.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41283 3c298f89-4303-0410-b956-a3cf2f4a3e73
Reworks the handling of RT_TABLE_MAIN in system-linux.c so that ip rules
with lookup main can be properly setup.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41282 3c298f89-4303-0410-b956-a3cf2f4a3e73
Let the first parameter of function config_get be local, because there
is a chance that config_get won't export the variable.
Signed-off-by: Zhao, Gang <gamerh2o@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41000 3c298f89-4303-0410-b956-a3cf2f4a3e73
- The package does not compile at the moment. Since there is a new
upstream version avaiable, use this new source instead.
- Upstream has already included our both patches.
- This is only compile tested, since I do not own any test hardware.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@40940 3c298f89-4303-0410-b956-a3cf2f4a3e73
It's quite unconveniet to remember which ports are used by which applications, especially for not so advanced users.
Together with luci patch (discussed on IRC) this improves qos-scripts usability.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@40935 3c298f89-4303-0410-b956-a3cf2f4a3e73
