├── .gitea └── workflows │ └── ci.yaml ├── .gitignore ├── .woodpecker.yml ├── LICENSES ├── GPL-2.0 └── GPL-3.0 ├── README.md ├── bsp ├── ath79-generic.bsp ├── ath79-generic │ └── .config ├── default │ └── root_file_system │ │ ├── etc │ │ ├── banner │ │ └── profile │ │ └── root │ │ └── .ash_history ├── ipq40xx-generic.bsp ├── ipq40xx-generic │ └── .config ├── ipq806x-generic.bsp ├── ipq806x-generic │ └── .config ├── mpc85xx-p1010.bsp ├── mpc85xx-p1010 │ └── .config ├── mvebu-cortexa72.bsp ├── mvebu-cortexa72 │ └── .config ├── octeon.bsp ├── octeon │ └── .config ├── ramips-mt7621.bsp ├── ramips-mt7621 │ └── .config ├── ramips-mt76x8.bsp ├── ramips-mt76x8 │ └── .config ├── x86-64.bsp └── x86-64 │ └── .config ├── build_patches └── openwrt │ ├── 0001-Disable-OpenWrt-config-migration-mechanisms.patch │ ├── 0001-mvebu-clearfog-pro-add-label-mac-device.patch │ ├── 0002-set-root-password.patch │ ├── 0003-ntpd-host-as-string.patch │ ├── 0004-build-remove-libustream-and-certs-from-default-packa.patch │ ├── 0005-Disable-ujail-for-sysntpd.patch │ ├── 0006-Switch-from-ath10k-ct-to-ath10k-by-default.patch │ ├── 0007-Add-patch-to-fix-IPv6-on-unbridged-devices.patch │ ├── 0010-c2600-retain-old-compat-version.patch │ ├── 0011-mt7621-bump-compat-version.patch │ ├── 0060-ramips-mt7621-swap-incorrectly-labeled-lan-ports-on-.patch │ ├── 0070-mvebu-rb5009-add-label-mac-device.patch │ ├── 0100-Add-hack-which-fixes-forwarding-on-a-stacked-bridge-.patch │ ├── 0101-Add-hack-which-fixes-forwarding-on-a-stacked-bridge-.patch │ ├── 0240-rb5009-poe-spi.patch │ ├── 0299-mvpp2-enable-dsa-parser-entry.patch │ ├── 0299-mvpp2-vlan-after-dsa.patch │ └── 0641-Add-support-for-SolidRun-CN9130-ClearFog-Base.patch ├── buildscript ├── feed_patches ├── gluon │ └── 0001-simple-tc-Use-hotplug.d-iface-instead-of-hotplug.d-n.patch ├── openwrt │ └── 0020-fastd_generate_key_from_urandom.patch └── routing │ ├── 0001-babeld-Include-PKG_RELEASE-in-babeld-version.patch │ ├── 0002-bird-disable-unnecessary-protocols.patch │ └── 0003-bird-add-patch-to-fix-IPv4-via-IPv6-with-disabled-MP.patch ├── src └── packages │ └── fff │ ├── alfred-json │ └── Makefile │ ├── fff-alfred │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 51-fff-alfred │ │ └── usr │ │ ├── lib │ │ └── micron.d │ │ │ └── fff-nodewatcher-alfred │ │ └── sbin │ │ └── fff-nodewatcher-alfred │ ├── fff-babel-bird2 │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── bird-fff.conf │ │ ├── bird │ │ │ └── fff │ │ │ │ └── nat-filter.conf │ │ ├── init.d │ │ │ └── fff-bird │ │ └── uci-defaults │ │ │ ├── 30-disable-bird2 │ │ │ └── 60-fff-bird-config │ │ ├── lib │ │ └── functions │ │ │ └── fff │ │ │ └── babeldaemon │ │ │ └── bird2 │ │ └── usr │ │ └── lib │ │ └── nodewatcher.d │ │ └── 80-bird2.sh │ ├── fff-babel │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── layer3.d │ │ │ └── 40-babel │ │ └── uci-defaults │ │ │ ├── 26-babel-iproute │ │ │ └── 27-babel-network-rules │ │ └── lib │ │ └── functions │ │ └── fff │ │ └── babel │ ├── fff-babeld │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── config │ │ │ └── babeld │ │ └── uci-defaults │ │ │ └── 30-disable-babeld │ │ ├── lib │ │ └── functions │ │ │ └── fff │ │ │ └── babeldaemon │ │ │ └── babeld │ │ └── usr │ │ └── lib │ │ └── nodewatcher.d │ │ └── 80-babeld.sh │ ├── fff-base │ └── Makefile │ ├── fff-batman-adv │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 93-fff-batman-adv │ │ └── usr │ │ └── lib │ │ ├── micron.d │ │ └── fff-batman-adv │ │ └── nodewatcher.d │ │ └── 30-batman-adv.sh │ ├── fff-boardname │ ├── Makefile │ └── files │ │ └── etc │ │ ├── config │ │ └── board │ │ └── uci-defaults │ │ └── 15-fff-boardname │ ├── fff-config │ ├── Makefile │ └── files │ │ └── etc │ │ ├── sysctl.d │ │ └── 20-oom-panic.conf │ │ └── uci-defaults │ │ ├── 05-config-system-migration │ │ └── 98-configure-fff │ ├── fff-dhcp │ ├── Makefile │ └── files │ │ └── etc │ │ ├── layer3.d │ │ └── 35-dns │ │ └── uci-defaults │ │ └── 90-fff-dhcp │ ├── fff-extra │ └── Makefile │ ├── fff-fastd │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 55_fff-fastd │ │ └── usr │ │ └── lib │ │ └── vpn-select.d │ │ └── fastd │ ├── fff-firewall │ ├── Makefile │ └── files │ │ ├── etc │ │ └── init.d │ │ │ └── fff-firewall │ │ └── usr │ │ └── lib │ │ └── firewall.d │ │ ├── 00-prepare │ │ └── 90-user │ ├── fff-hoods │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 93-fff-hoodfile │ │ └── usr │ │ ├── lib │ │ ├── firewall.d │ │ │ └── 30-gateway-fe801 │ │ ├── functions │ │ │ └── fff │ │ │ │ └── hoodfile │ │ └── micron.d │ │ │ └── fff-hoods │ │ └── sbin │ │ └── configurehood │ ├── fff-hoodutils │ ├── Makefile │ └── files │ │ └── lib │ │ └── functions │ │ └── fff │ │ ├── evalhoodinfo │ │ └── keyxchange │ ├── fff-layer3-config │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── layer3.d │ │ │ ├── 01-version │ │ │ ├── 10-meta │ │ │ ├── 20-vlan │ │ │ ├── 30-network-client │ │ │ ├── 30-network-routerip │ │ │ └── 30-network-wan │ │ └── uci-defaults │ │ │ ├── 20-l3config-generate-default │ │ │ ├── 20-l3config-migrate-1-to-2 │ │ │ ├── 21-l3config-migrate-2-to-3 │ │ │ ├── 21-l3config-migrate-3-to-4 │ │ │ ├── 23-network-layer3 │ │ │ └── 99-configure-layer3 │ │ └── usr │ │ └── sbin │ │ └── configure-layer3 │ ├── fff-layer3-nodewatcher │ ├── Makefile │ └── files │ │ └── usr │ │ ├── lib │ │ └── micron.d │ │ │ └── fff-nodewatcher-layer3 │ │ └── sbin │ │ └── fff-nodewatcher-layer3 │ ├── fff-layer3-snat │ ├── Makefile │ └── files │ │ ├── etc │ │ └── layer3.d │ │ │ └── 33-snat.conf │ │ └── usr │ │ └── lib │ │ └── firewall.d │ │ └── 30-snat │ ├── fff-layer3 │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── sysctl.d │ │ │ └── 60-fff-layer3.conf │ │ └── uci-defaults │ │ │ └── 90-rc-local │ │ └── usr │ │ └── lib │ │ ├── firewall.d │ │ ├── 10-no-forward-wan │ │ └── 20-stateful-firewall │ │ └── nodewatcher.d │ │ └── 90-latency.sh │ ├── fff-macnock │ ├── Makefile │ └── files │ │ └── etc │ │ ├── init.d │ │ └── macnock │ │ └── uci-defaults │ │ └── 52-fff-macnock │ ├── fff-mqtt-monitoring │ ├── Makefile │ └── files │ │ └── usr │ │ ├── lib │ │ └── micron.d │ │ │ └── fff-nodewatcher-mqtt │ │ └── sbin │ │ └── fff-nodewatcher-mqtt │ ├── fff-mqtt │ ├── Makefile │ └── files │ │ └── etc │ │ └── uci-defaults │ │ └── 35-fff-mqtt │ ├── fff-network │ ├── Makefile │ ├── aarch64 │ │ ├── network.mikrotik,rb5009 │ │ ├── network.solidrun,clearfog-base │ │ └── network.solidrun,clearfog-pro │ ├── arm │ │ ├── network.avm,fritzbox-4040 │ │ └── network.tplink,c2600 │ ├── files │ │ ├── etc │ │ │ ├── hotplug.d │ │ │ │ └── net │ │ │ │ │ └── 40-net-rss │ │ │ ├── sysctl.d │ │ │ │ └── 50-fff-network.conf │ │ │ └── uci-defaults │ │ │ │ ├── 20-migrate-gl-ar150 │ │ │ │ ├── 20-remove-ports-override │ │ │ │ ├── 22-network-base │ │ │ │ └── 50-packet-steering │ │ ├── lib │ │ │ └── functions │ │ │ │ └── fff │ │ │ │ ├── cpuport │ │ │ │ ├── evalbytes │ │ │ │ ├── network │ │ │ │ └── portorder │ │ └── usr │ │ │ └── lib │ │ │ └── nodewatcher.d │ │ │ ├── 20-interfaces.sh │ │ │ └── 50-clients.sh │ ├── mips │ │ ├── network.glinet,gl-ar150 │ │ ├── network.mode │ │ ├── network.tplink,archer-c25-v1 │ │ ├── network.tplink,archer-c60-v1 │ │ ├── network.tplink,archer-c60-v2 │ │ ├── network.tplink,archer-c7-v2 │ │ ├── network.tplink,archer-c7-v4 │ │ ├── network.tplink,archer-c7-v5 │ │ ├── network.tplink,cpe210-v1 │ │ ├── network.tplink,cpe210-v2 │ │ ├── network.tplink,cpe210-v3 │ │ ├── network.tplink,cpe510-v1 │ │ ├── network.tplink,tl-wdr3500-v1 │ │ ├── network.tplink,tl-wdr3600-v1 │ │ ├── network.tplink,tl-wdr4300-v1 │ │ ├── network.tplink,tl-wdr4310-v1 │ │ ├── network.tplink,tl-wr1043n-v5 │ │ ├── network.tplink,tl-wr1043nd-v2 │ │ ├── network.tplink,tl-wr1043nd-v3 │ │ ├── network.tplink,tl-wr1043nd-v4 │ │ ├── network.ubnt,nanostation-loco-m-xw │ │ ├── network.ubnt,unifi-ap │ │ └── network.ubnt,unifiac-mesh │ ├── mips64 │ │ └── network.ubnt,edgerouter-4 │ ├── mipsel │ │ ├── network.netgear,r6220 │ │ ├── network.tplink,archer-c50-v3 │ │ ├── network.tplink,archer-c50-v4 │ │ ├── network.tplink,tl-wr841n-v13 │ │ ├── network.ubnt,edgerouter-x │ │ ├── network.ubnt,edgerouter-x-sfp │ │ ├── network.xiaomi,mi-router-4a-100m │ │ ├── network.xiaomi,mi-router-4a-100m-intl │ │ ├── network.xiaomi,mi-router-4a-gigabit │ │ └── network.xiaomi,mi-router-4a-gigabit-v2 │ ├── powerpc │ │ └── network.tplink,tl-wdr4900-v1 │ └── x86_64 │ │ ├── network.mode │ │ └── network.x86_64 │ ├── fff-node │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ ├── 23-network-node │ │ │ ├── 24c-fff-wireless-node │ │ │ └── 90-rc-local │ │ └── usr │ │ ├── lib │ │ └── firewall.d │ │ │ ├── 05-setup-batman-chains │ │ │ ├── 06-disable-forwarding │ │ │ ├── 30-client-dhcp │ │ │ ├── 30-client-dhcpv6 │ │ │ ├── 30-client-ra │ │ │ ├── 31-node-dhcp │ │ │ ├── 31-node-dhcpv6 │ │ │ ├── 31-node-ra │ │ │ ├── 35-mc │ │ │ ├── 35-mc-arp │ │ │ ├── 35-mc-ping │ │ │ ├── 36-mc-policy │ │ │ ├── 40-local-node │ │ │ └── 40-nft-counter │ │ └── sbin │ │ └── configurenetwork │ ├── fff-nodewatcher │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 93-fff-nodewatcher │ │ └── usr │ │ ├── lib │ │ └── nodewatcher.d │ │ │ └── 10-systemdata.sh │ │ └── sbin │ │ └── nodewatcher │ ├── fff-ra │ └── Makefile │ ├── fff-random │ ├── Makefile │ └── src │ │ ├── Makefile │ │ └── random.c │ ├── fff-simple-tc │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 98-configure-tc │ │ └── usr │ │ └── lib │ │ └── nodewatcher.d │ │ └── 70-simple-tc.sh │ ├── fff-support │ ├── Makefile │ ├── ath79 │ │ └── usr │ │ │ └── lib │ │ │ └── fff-support │ │ │ ├── activate_poe_passthrough.sh │ │ │ ├── disable_poe_passthrough.sh │ │ │ └── permanent_poe_passthrough.sh │ └── files │ │ ├── etc │ │ ├── dataprotection.de │ │ ├── dataprotection.en │ │ ├── init.d │ │ │ └── fff-userconfig │ │ └── uci-defaults │ │ │ └── 80-banner-info │ │ └── usr │ │ └── sbin │ │ └── show_info │ ├── fff-sysupgrade │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 99-fff-sysupgrade │ │ └── sbin │ │ └── fff-upgrade.sh │ ├── fff-timeserver │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 51-fff-timeserver │ │ └── lib │ │ └── functions │ │ └── fff │ │ └── timeserver │ ├── fff-uradvd │ ├── Makefile │ └── files │ │ ├── etc │ │ └── init.d │ │ │ └── fff-uradvd │ │ └── usr │ │ └── lib │ │ └── firewall.d │ │ └── 32-local-ra │ ├── fff-vpn-select │ ├── Makefile │ └── files │ │ └── usr │ │ └── sbin │ │ ├── vpn-select │ │ └── vpn-stop │ ├── fff-vxlan-node-vpn │ ├── Makefile │ └── files │ │ ├── etc │ │ └── uci-defaults │ │ │ └── 53-vxlan-node │ │ └── usr │ │ └── lib │ │ └── vpn-select.d │ │ └── vxlan │ ├── fff-web-hood │ ├── Makefile │ └── files │ │ └── etc │ │ └── uci-defaults │ │ └── 93-fff-web-hood │ ├── fff-web-l3config │ ├── Makefile │ └── files │ │ └── www │ │ ├── menu │ │ └── ssl │ │ │ └── 15-l3settings │ │ └── ssl │ │ └── cgi-bin │ │ └── l3settings.html │ ├── fff-web-mqtt │ ├── Makefile │ └── files │ │ └── www │ │ ├── menu │ │ └── ssl │ │ │ └── 17-mqtt │ │ └── ssl │ │ └── cgi-bin │ │ └── mqtt.html │ ├── fff-web-ui │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── httpd.conf │ │ └── uci-defaults │ │ │ └── 94-fff-web-ui │ │ ├── usr │ │ └── sbin │ │ │ └── disable_update_notification.sh │ │ └── www │ │ ├── include │ │ ├── footer │ │ ├── header │ │ └── helpers │ │ ├── menu │ │ └── ssl │ │ │ ├── 05-home │ │ │ ├── 10-settings │ │ │ ├── 20-ports │ │ │ ├── 30-wifiscan │ │ │ ├── 40-upgrade │ │ │ ├── 50-password │ │ │ ├── 60-reboot │ │ │ └── 70-logout │ │ ├── public │ │ ├── cgi-bin │ │ │ └── status.html │ │ ├── freifunk.svg │ │ ├── index.html │ │ └── style.css │ │ └── ssl │ │ ├── cgi-bin │ │ ├── home.html │ │ ├── leaflet.css │ │ ├── leaflet.js │ │ ├── logout.html │ │ ├── password.html │ │ ├── ports.html │ │ ├── reboot.html │ │ ├── settings.html │ │ ├── upgrade.html │ │ └── wifiscan.html │ │ ├── freifunk.svg │ │ ├── index.html │ │ ├── leaflet.css.gz │ │ ├── leaflet.js.gz │ │ ├── map.html │ │ ├── port_down.png │ │ ├── port_up.png │ │ └── style.css │ ├── fff-wireguard │ ├── Makefile │ └── files │ │ └── etc │ │ ├── layer3.d │ │ └── 50-wireguard │ │ └── uci-defaults │ │ └── 28-wireguard-rules │ ├── fff-wireless │ ├── Makefile │ └── files │ │ ├── etc │ │ ├── init.d │ │ │ └── fff-wireless-update │ │ ├── layer3.d │ │ │ └── 28-wifi │ │ └── uci-defaults │ │ │ ├── 24a-fff-wireless │ │ │ └── 24b-config-wireless │ │ ├── lib │ │ └── functions │ │ │ └── fff │ │ │ └── wireless │ │ └── usr │ │ └── lib │ │ └── nodewatcher.d │ │ └── 60-airtime.sh │ └── mtpoe_ctrl │ ├── Makefile │ └── files │ └── 99-mtpoe_ctrl └── tools ├── README.md ├── buildscript-bash-completion └── dep-tree /.gitignore: -------------------------------------------------------------------------------- 1 | /selected_bsp 2 | /selected_community 3 | /selected_variant 4 | /build 5 | /bin* 6 | /src/dl 7 | /src/openwrt 8 | /src/packages/fastd 9 | /src/packages/wlanslovenija 10 | /src/packages/openwrt 11 | /src/packages/gluon 12 | /src/packages/routing 13 | /.project 14 | /*.patch 15 | /.mailmap 16 | -------------------------------------------------------------------------------- /.woodpecker.yml: -------------------------------------------------------------------------------- 1 | clone: 2 | git: 3 | image: woodpeckerci/plugin-git 4 | settings: 5 | tags: true 6 | 7 | steps: 8 | clone: 9 | image: alpine/git 10 | commands: 11 | - chown -R 1000:1000 "$CI_WORKSPACE" 12 | buildall-layer3: 13 | image: openwrt/imagebuilder 14 | commands: 15 | - export HOME=$(mktemp -d) 16 | - git config --global user.email "ci@fff.community" 17 | - git config --global user.name "FFF CI" 18 | - ./buildscript selectvariant layer3 19 | - ./buildscript selectbsp bsp/ath79-generic.bsp 20 | - ./buildscript prepare 21 | - ./buildscript buildall 22 | 23 | buildall-node: 24 | image: openwrt/imagebuilder 25 | commands: 26 | - export HOME=$(mktemp -d) 27 | - git config --global user.email "ci@fff.community" 28 | - git config --global user.name "FFF CI" 29 | - ./buildscript selectvariant node 30 | - ./buildscript selectbsp bsp/ath79-generic.bsp 31 | - ./buildscript prepare 32 | - ./buildscript buildall 33 | 34 | distribute: 35 | image: alpine/git 36 | volumes: 37 | - /var/lib/woodpecker/artifacts:/var/run/artifacts 38 | commands: 39 | - rm -rf /var/run/artifacts/$(git describe --tags) 40 | - mkdir -p /var/run/artifacts/$(git describe --tags) 41 | - cp -r bin/* /var/run/artifacts/$(git describe --tags)/ 42 | - echo 43 | - echo 44 | - echo "You can download the built firmware images here:" 45 | - echo "https://ci.fff.community/artifacts/$(git describe --tags)" 46 | 47 | when: 48 | branch: [ master ] 49 | -------------------------------------------------------------------------------- /bsp/ath79-generic.bsp: -------------------------------------------------------------------------------- 1 | chipset=ath79 2 | subtarget=generic 3 | images=("openwrt-${chipset}-${subtarget}-glinet_gl-ar150-squashfs-*" 4 | "openwrt-${chipset}-${subtarget}-tplink_archer-c25-v1-squashfs-*" 5 | "openwrt-${chipset}-${subtarget}-tplink_archer-c60-v1-squashfs-*" 6 | "openwrt-${chipset}-${subtarget}-tplink_archer-c60-v2-squashfs-*" 7 | "openwrt-${chipset}-${subtarget}-tplink_archer-c7-v2-squashfs-*" 8 | "openwrt-${chipset}-${subtarget}-tplink_archer-c7-v4-squashfs-*" 9 | "openwrt-${chipset}-${subtarget}-tplink_archer-c7-v5-squashfs-*" 10 | "openwrt-${chipset}-${subtarget}-tplink_cpe210-v1-squashfs-*" 11 | "openwrt-${chipset}-${subtarget}-tplink_cpe210-v2-squashfs-*" 12 | "openwrt-${chipset}-${subtarget}-tplink_cpe210-v3-squashfs-*" 13 | "openwrt-${chipset}-${subtarget}-tplink_cpe510-v1-squashfs-*" 14 | "openwrt-${chipset}-${subtarget}-tplink_tl-wdr3500-v1-squashfs-*" 15 | "openwrt-${chipset}-${subtarget}-tplink_tl-wdr3600-v1-squashfs-*" 16 | "openwrt-${chipset}-${subtarget}-tplink_tl-wdr4300-v1-squashfs-*" 17 | "openwrt-${chipset}-${subtarget}-tplink_tl-wdr4310-v1-squashfs-*" 18 | "openwrt-${chipset}-${subtarget}-tplink_tl-wr1043nd-v2-squashfs-*" 19 | "openwrt-${chipset}-${subtarget}-tplink_tl-wr1043nd-v3-squashfs-*" 20 | "openwrt-${chipset}-${subtarget}-tplink_tl-wr1043nd-v4-squashfs-*" 21 | "openwrt-${chipset}-${subtarget}-tplink_tl-wr1043n-v5-squashfs-*" 22 | "openwrt-${chipset}-${subtarget}-ubnt_nanostation-loco-m-xw-squashfs-*" 23 | "openwrt-${chipset}-${subtarget}-ubnt_unifi-ap-squashfs-*" 24 | "openwrt-${chipset}-${subtarget}-ubnt_unifiac-mesh-squashfs-*" 25 | ) 26 | -------------------------------------------------------------------------------- /bsp/default/root_file_system/etc/banner: -------------------------------------------------------------------------------- 1 | ____ ____ ____ 2 | | | | Freifunk 3 | |____ |____ |____ Franken 4 | | | | Firmware 5 | | | | 6 | 7 | Welcome to the free wireless experience 8 | More information at http://franken.freifunk.net 9 | 10 | Data protection notes may be found in: 11 | /etc/dataprotection.en (in English) 12 | /etc/dataprotection.de (in German) 13 | --------------------------------------------------------- 14 | -------------------------------------------------------------------------------- /bsp/default/root_file_system/etc/profile: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | [ -f /etc/banner ] && cat /etc/banner 3 | 4 | export PATH=/usr/bin:/usr/sbin:/bin:/sbin 5 | export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6) 6 | export HOME=${HOME:-/root} 7 | 8 | [ -x /bin/more ] || alias more=less 9 | [ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi 10 | 11 | [ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc 12 | 13 | [ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; } 14 | [ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; } 15 | 16 | # update uhttpd passwd on passwd-change 17 | [ -e /etc/rc.d/S50uhttpd ] && passwd() { /bin/passwd "$@" && /etc/init.d/uhttpd restart; } 18 | 19 | # I'm lazy, let's add some aliases 20 | alias ..='cd ..' 21 | alias ...='cd ../..' 22 | alias l='ls -CF' 23 | alias la='ls -A' 24 | alias ll='ls -alF' 25 | alias ls='ls --color=auto' 26 | alias ip='ip --color=auto' 27 | 28 | # and color my prompt 29 | export PS1='\[\033[01;32m\]\u@\H\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' 30 | -------------------------------------------------------------------------------- /bsp/default/root_file_system/root/.ash_history: -------------------------------------------------------------------------------- 1 | /tmp/.ash_history -------------------------------------------------------------------------------- /bsp/ipq40xx-generic.bsp: -------------------------------------------------------------------------------- 1 | chipset=ipq40xx 2 | subtarget=generic 3 | 4 | images=( 5 | "openwrt-${chipset}-${subtarget}-avm_fritzbox-4040-squashfs-*" 6 | ) 7 | -------------------------------------------------------------------------------- /bsp/ipq40xx-generic/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_ipq40xx=y 5 | CONFIG_TARGET_ipq40xx_generic=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_ipq40xx_generic_DEVICE_avm_fritzbox-4040=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_ipq40xx_generic_DEVICE_avm_fritzbox-4040="" 9 | CONFIG_BUSYBOX_CUSTOM=y 10 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 11 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 12 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 13 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 14 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 15 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 16 | CONFIG_CLEAN_IPKG=y 17 | # CONFIG_DROPBEAR_CURVE25519 is not set 18 | # CONFIG_PACKAGE_ALFRED_VIS is not set 19 | CONFIG_PACKAGE_fff-extra=y 20 | CONFIG_PACKAGE_libuclient=m 21 | CONFIG_PACKAGE_libwolfssl=m 22 | CONFIG_PACKAGE_opkg=m 23 | CONFIG_PACKAGE_wpad-basic=y 24 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 25 | CONFIG_PACKAGE_uclient-fetch=m 26 | 27 | CONFIG_PACKAGE_kmod-hwmon-core=y 28 | # CONFIG_HTOP_LMSENSORS is not set 29 | -------------------------------------------------------------------------------- /bsp/ipq806x-generic.bsp: -------------------------------------------------------------------------------- 1 | chipset=ipq806x 2 | subtarget=generic 3 | 4 | images=( 5 | "openwrt-${chipset}-${subtarget}-tplink_c2600-squashfs-*" 6 | ) 7 | -------------------------------------------------------------------------------- /bsp/ipq806x-generic/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_ipq806x=y 5 | CONFIG_TARGET_ipq806x_generic=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_ipq806x_generic_DEVICE_tplink_c2600=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_ipq806x_generic_DEVICE_tplink_c2600="" 9 | CONFIG_BUSYBOX_CUSTOM=y 10 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 11 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 12 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 13 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 14 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 15 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 16 | CONFIG_CLEAN_IPKG=y 17 | # CONFIG_DROPBEAR_CURVE25519 is not set 18 | # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set 19 | # CONFIG_FASTD_ENABLE_MAC_GHASH is not set 20 | # CONFIG_FASTD_ENABLE_MAC_UHASH is not set 21 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_GMAC is not set 22 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_UMAC is not set 23 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set 24 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set 25 | # CONFIG_PACKAGE_ALFRED_VIS is not set 26 | CONFIG_PACKAGE_fff-extra=y 27 | CONFIG_PACKAGE_libuclient=m 28 | CONFIG_PACKAGE_libwolfssl=m 29 | CONFIG_PACKAGE_opkg=m 30 | CONFIG_PACKAGE_wpad-basic=y 31 | CONFIG_PACKAGE_uclient-fetch=m 32 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 33 | 34 | # CONFIG_LIBCURL_FILE is not set 35 | # CONFIG_LIBCURL_FTP is not set 36 | # CONFIG_LIBCURL_PROXY is not set 37 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 38 | # CONFIG_HTOP_LMSENSORS is not set 39 | -------------------------------------------------------------------------------- /bsp/mpc85xx-p1010.bsp: -------------------------------------------------------------------------------- 1 | chipset=mpc85xx 2 | subtarget=p1010 3 | 4 | images=( 5 | "openwrt-${chipset}-${subtarget}-tplink_tl-wdr4900-v1-squashfs-*" 6 | ) 7 | -------------------------------------------------------------------------------- /bsp/mpc85xx-p1010/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_mpc85xx=y 5 | CONFIG_TARGET_mpc85xx_p1010=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_mpc85xx_p1010_DEVICE_tplink_tl-wdr4900-v1=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_mpc85xx_p1010_DEVICE_tplink_tl-wdr4900-v1="" 9 | CONFIG_BUSYBOX_CUSTOM=y 10 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 11 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 12 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 13 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 14 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 15 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 16 | CONFIG_CLEAN_IPKG=y 17 | # CONFIG_DROPBEAR_CURVE25519 is not set 18 | # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set 19 | # CONFIG_FASTD_ENABLE_MAC_GHASH is not set 20 | # CONFIG_FASTD_ENABLE_MAC_UHASH is not set 21 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_GMAC is not set 22 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_UMAC is not set 23 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set 24 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set 25 | # CONFIG_PACKAGE_ALFRED_VIS is not set 26 | CONFIG_PACKAGE_fff-extra=y 27 | CONFIG_PACKAGE_libuclient=m 28 | CONFIG_PACKAGE_libwolfssl=m 29 | CONFIG_PACKAGE_opkg=m 30 | CONFIG_PACKAGE_wpad-basic=y 31 | CONFIG_PACKAGE_uclient-fetch=m 32 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 33 | 34 | CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512 35 | # CONFIG_LIBCURL_FILE is not set 36 | # CONFIG_LIBCURL_FTP is not set 37 | # CONFIG_LIBCURL_PROXY is not set 38 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 39 | # CONFIG_HTOP_LMSENSORS is not set 40 | -------------------------------------------------------------------------------- /bsp/mvebu-cortexa72.bsp: -------------------------------------------------------------------------------- 1 | chipset=mvebu 2 | subtarget=cortexa72 3 | 4 | images=( 5 | "openwrt-mvebu-cortexa72-mikrotik_rb5009-squashfs*" 6 | "openwrt-mvebu-cortexa72-solidrun_clearfog-pro-squashfs*" 7 | "openwrt-mvebu-cortexa72-solidrun_clearfog-base-squashfs*" 8 | ) 9 | -------------------------------------------------------------------------------- /bsp/mvebu-cortexa72/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_mvebu=y 5 | CONFIG_TARGET_mvebu_cortexa72=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_mvebu_cortexa72_DEVICE_mikrotik_rb5009=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_mvebu_cortexa72_DEVICE_mikrotik_rb5009="mtpoe_ctrl" 9 | CONFIG_TARGET_DEVICE_mvebu_cortexa72_DEVICE_solidrun_clearfog-base=y 10 | CONFIG_TARGET_DEVICE_PACKAGES_mvebu_cortexa72_DEVICE_solidrun_clearfog-base="" 11 | CONFIG_TARGET_DEVICE_mvebu_cortexa72_DEVICE_solidrun_clearfog-pro=y 12 | CONFIG_TARGET_DEVICE_PACKAGES_mvebu_cortexa72_DEVICE_solidrun_clearfog-pro="" 13 | CONFIG_BUSYBOX_CUSTOM=y 14 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 15 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 16 | # CONFIG_BUSYBOX_CONFIG_CHGRP is not set 17 | # CONFIG_BUSYBOX_CONFIG_CHOWN is not set 18 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 19 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 20 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 21 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 22 | # CONFIG_BUSYBOX_CONFIG_IFCONFIG is not set 23 | # CONFIG_BUSYBOX_CONFIG_IP is not set 24 | # CONFIG_BUSYBOX_CONFIG_MKSWAP is not set 25 | # CONFIG_BUSYBOX_CONFIG_ROUTE is not set 26 | # CONFIG_BUSYBOX_CONFIG_SWAPOFF is not set 27 | # CONFIG_BUSYBOX_CONFIG_SWAPON is not set 28 | CONFIG_CLEAN_IPKG=y 29 | # CONFIG_DROPBEAR_CURVE25519 is not set 30 | # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set 31 | # CONFIG_FASTD_ENABLE_MAC_GHASH is not set 32 | # CONFIG_FASTD_ENABLE_MAC_UHASH is not set 33 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_GMAC is not set 34 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_UMAC is not set 35 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set 36 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set 37 | # CONFIG_PACKAGE_ALFRED_VIS is not set 38 | CONFIG_PACKAGE_fff-extra=y 39 | CONFIG_PACKAGE_libuclient=m 40 | CONFIG_PACKAGE_libwolfssl=m 41 | CONFIG_PACKAGE_mtpoe_ctrl=m 42 | CONFIG_PACKAGE_opkg=m 43 | CONFIG_PACKAGE_uclient-fetch=m 44 | CONFIG_PACKAGE_yafut=m 45 | 46 | # CONFIG_TARGET_ROOTFS_EXT4FS is not set 47 | CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512 48 | # CONFIG_LIBCURL_FILE is not set 49 | # CONFIG_LIBCURL_FTP is not set 50 | # CONFIG_LIBCURL_PROXY is not set 51 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 52 | # CONFIG_HTOP_LMSENSORS is not set 53 | -------------------------------------------------------------------------------- /bsp/octeon.bsp: -------------------------------------------------------------------------------- 1 | chipset=octeon 2 | subtarget=generic 3 | 4 | images=( 5 | "openwrt-${chipset}-${subtarget}-ubnt_edgerouter-4-*" 6 | ) 7 | -------------------------------------------------------------------------------- /bsp/octeon/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_octeon=y 5 | CONFIG_TARGET_octeon_generic=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_octeon_generic_DEVICE_ubnt_edgerouter-4=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_octeon_generic_DEVICE_ubnt_edgerouter-4="" 9 | CONFIG_BUSYBOX_CUSTOM=y 10 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 11 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 12 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 13 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 14 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 15 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 16 | CONFIG_CLEAN_IPKG=y 17 | # CONFIG_DROPBEAR_CURVE25519 is not set 18 | # CONFIG_PACKAGE_ALFRED_VIS is not set 19 | CONFIG_PACKAGE_fff-extra=y 20 | CONFIG_PACKAGE_libuclient=m 21 | CONFIG_PACKAGE_libwolfssl=m 22 | CONFIG_PACKAGE_opkg=m 23 | CONFIG_PACKAGE_wpad-basic=y 24 | CONFIG_PACKAGE_uclient-fetch=m 25 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 26 | 27 | CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512 28 | # CONFIG_LIBCURL_FILE is not set 29 | # CONFIG_LIBCURL_FTP is not set 30 | # CONFIG_LIBCURL_PROXY is not set 31 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 32 | # CONFIG_HTOP_LMSENSORS is not set 33 | -------------------------------------------------------------------------------- /bsp/ramips-mt7621.bsp: -------------------------------------------------------------------------------- 1 | chipset=ramips 2 | subtarget=mt7621 3 | 4 | images=( 5 | "openwrt-ramips-mt7621-netgear_r6220-squashfs-*" 6 | "openwrt-ramips-mt7621-ubnt_edgerouter-x-squashfs-*" 7 | "openwrt-ramips-mt7621-ubnt_edgerouter-x-sfp-squashfs-*" 8 | "openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-*" 9 | "openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-v2-squashfs-*" 10 | ) 11 | -------------------------------------------------------------------------------- /bsp/ramips-mt7621/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_ramips=y 5 | CONFIG_TARGET_ramips_mt7621=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_netgear_r6220=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_netgear_r6220="" 9 | CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_ubnt_edgerouter-x=y 10 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_ubnt_edgerouter-x="" 11 | CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_ubnt_edgerouter-x-sfp=y 12 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_ubnt_edgerouter-x-sfp="" 13 | CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit=y 14 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit="" 15 | CONFIG_TARGET_DEVICE_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit-v2=y 16 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt7621_DEVICE_xiaomi_mi-router-4a-gigabit-v2="" 17 | CONFIG_BUSYBOX_CUSTOM=y 18 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 19 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 20 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 21 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 22 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 23 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 24 | CONFIG_CLEAN_IPKG=y 25 | # CONFIG_DROPBEAR_CURVE25519 is not set 26 | # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set 27 | # CONFIG_FASTD_ENABLE_MAC_GHASH is not set 28 | # CONFIG_FASTD_ENABLE_MAC_UHASH is not set 29 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_GMAC is not set 30 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_UMAC is not set 31 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set 32 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set 33 | # CONFIG_PACKAGE_ALFRED_VIS is not set 34 | CONFIG_PACKAGE_fff-extra=y 35 | CONFIG_PACKAGE_libuclient=m 36 | CONFIG_PACKAGE_libwolfssl=m 37 | CONFIG_PACKAGE_opkg=m 38 | CONFIG_PACKAGE_wpad-basic=y 39 | CONFIG_PACKAGE_uclient-fetch=m 40 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 41 | 42 | CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=512 43 | # CONFIG_LIBCURL_FILE is not set 44 | # CONFIG_LIBCURL_FTP is not set 45 | # CONFIG_LIBCURL_PROXY is not set 46 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 47 | # CONFIG_HTOP_LMSENSORS is not set 48 | -------------------------------------------------------------------------------- /bsp/ramips-mt76x8.bsp: -------------------------------------------------------------------------------- 1 | chipset=ramips 2 | subtarget=mt76x8 3 | images=("openwrt-${chipset}-${subtarget}-tplink_archer-c50-v3-squashfs-*" 4 | "openwrt-${chipset}-${subtarget}-tplink_archer-c50-v4-squashfs-*" 5 | "openwrt-${chipset}-${subtarget}-tplink_tl-wr841n-v13-squashfs-*" 6 | "openwrt-${chipset}-${subtarget}-xiaomi_mi-router-4a-100m-squashfs-*" 7 | "openwrt-${chipset}-${subtarget}-xiaomi_mi-router-4a-100m-intl-squashfs-*" 8 | ) 9 | -------------------------------------------------------------------------------- /bsp/ramips-mt76x8/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_ramips=y 5 | CONFIG_TARGET_ramips_mt76x8=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_tplink_archer-c50-v3=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_tplink_archer-c50-v3="" 9 | CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_tplink_archer-c50-v4=y 10 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_tplink_archer-c50-v4="" 11 | CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_tplink_tl-wr841n-v13=y 12 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_tplink_tl-wr841n-v13="" 13 | CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m=y 14 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m="" 15 | CONFIG_TARGET_DEVICE_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m-intl=y 16 | CONFIG_TARGET_DEVICE_PACKAGES_ramips_mt76x8_DEVICE_xiaomi_mi-router-4a-100m-intl="" 17 | CONFIG_BUSYBOX_CUSTOM=y 18 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 19 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 20 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 21 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 22 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 23 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 24 | CONFIG_CLEAN_IPKG=y 25 | # CONFIG_DROPBEAR_CURVE25519 is not set 26 | # CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 is not set 27 | # CONFIG_FASTD_ENABLE_MAC_GHASH is not set 28 | # CONFIG_FASTD_ENABLE_MAC_UHASH is not set 29 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_GMAC is not set 30 | # CONFIG_FASTD_ENABLE_METHOD_COMPOSED_UMAC is not set 31 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_GMAC is not set 32 | # CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC is not set 33 | # CONFIG_PACKAGE_ALFRED_VIS is not set 34 | CONFIG_PACKAGE_libuclient=m 35 | CONFIG_PACKAGE_libwolfssl=m 36 | CONFIG_PACKAGE_opkg=m 37 | CONFIG_PACKAGE_wpad-basic=y 38 | CONFIG_PACKAGE_uclient-fetch=m 39 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 40 | 41 | # CONFIG_LIBCURL_FILE is not set 42 | # CONFIG_LIBCURL_FTP is not set 43 | # CONFIG_LIBCURL_PROXY is not set 44 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 45 | # CONFIG_HTOP_LMSENSORS is not set 46 | -------------------------------------------------------------------------------- /bsp/x86-64.bsp: -------------------------------------------------------------------------------- 1 | chipset=x86 2 | subtarget=64 3 | images=("openwrt-${chipset}-${subtarget}-generic-squashfs-combined-*" 4 | ) 5 | -------------------------------------------------------------------------------- /bsp/x86-64/.config: -------------------------------------------------------------------------------- 1 | # Generated using "./buildscript config openwrt". 2 | # Do no edit manually 3 | # 4 | CONFIG_TARGET_x86=y 5 | CONFIG_TARGET_x86_64=y 6 | CONFIG_TARGET_MULTI_PROFILE=y 7 | CONFIG_TARGET_DEVICE_x86_64_DEVICE_generic=y 8 | CONFIG_TARGET_DEVICE_PACKAGES_x86_64_DEVICE_generic="" 9 | CONFIG_BUSYBOX_CUSTOM=y 10 | CONFIG_TARGET_PER_DEVICE_ROOTFS=y 11 | # CONFIG_BUSYBOX_CONFIG_BRCTL is not set 12 | # CONFIG_BUSYBOX_CONFIG_CROND is not set 13 | # CONFIG_BUSYBOX_CONFIG_CRONTAB is not set 14 | # CONFIG_BUSYBOX_CONFIG_FEATURE_FAST_TOP is not set 15 | # CONFIG_BUSYBOX_CONFIG_FEATURE_NTPD_SERVER is not set 16 | CONFIG_CLEAN_IPKG=y 17 | # CONFIG_PACKAGE_ALFRED_VIS is not set 18 | CONFIG_PACKAGE_fff-extra=y 19 | CONFIG_PACKAGE_kmod-vmxnet3=y 20 | CONFIG_PACKAGE_libuclient=m 21 | CONFIG_PACKAGE_libwolfssl=m 22 | CONFIG_PACKAGE_opkg=m 23 | CONFIG_PACKAGE_wpad-basic=y 24 | CONFIG_PACKAGE_uclient-fetch=m 25 | CONFIG_PACKAGE_wpad-basic-mbedtls=m 26 | 27 | # CONFIG_LIBCURL_FILE is not set 28 | # CONFIG_LIBCURL_FTP is not set 29 | # CONFIG_LIBCURL_PROXY is not set 30 | # CONFIG_LIBCURL_UNIX_SOCKETS is not set 31 | # CONFIG_HTOP_LMSENSORS is not set 32 | -------------------------------------------------------------------------------- /build_patches/openwrt/0001-Disable-OpenWrt-config-migration-mechanisms.patch: -------------------------------------------------------------------------------- 1 | From f3d677950fb011bdf23519659bd5375a91d20ecc Mon Sep 17 00:00:00 2001 2 | From: Tim Niemeyer 3 | Date: Sat, 8 Jul 2017 10:46:59 +0200 4 | Subject: [PATCH 1/9] Disable OpenWrt config migration mechanisms 5 | 6 | This disables all OpenWrt config migration mechanisms except for 7 | files listed in /etc/sysupgrade.conf 8 | --- 9 | package/base-files/files/sbin/sysupgrade | 15 ++------------- 10 | 1 file changed, 2 insertions(+), 13 deletions(-) 11 | 12 | diff --git a/package/base-files/files/sbin/sysupgrade b/package/base-files/files/sbin/sysupgrade 13 | index 611d8830bfd..e1706d66fdf 100755 14 | --- a/package/base-files/files/sbin/sysupgrade 15 | +++ b/package/base-files/files/sbin/sysupgrade 16 | @@ -159,14 +159,14 @@ list_static_conffiles() { 17 | local filter=$1 18 | 19 | find $(sed -ne '/^[[:space:]]*$/d; /^#/d; p' \ 20 | - /etc/sysupgrade.conf /lib/upgrade/keep.d/* 2>/dev/null) \ 21 | + /etc/sysupgrade.conf 2>/dev/null) \ 22 | \( -type f -o -type l \) $filter 2>/dev/null 23 | } 24 | 25 | build_list_of_backup_config_files() { 26 | local file="$1" 27 | 28 | - ( list_static_conffiles "$find_filter"; list_changed_conffiles ) | 29 | + ( list_static_conffiles "$find_filter" ) | 30 | sort -u > "$file" 31 | return 0 32 | } 33 | @@ -244,7 +244,6 @@ include /lib/upgrade 34 | 35 | create_backup_archive() { 36 | local conf_tar="$1" 37 | - local disabled 38 | local err 39 | 40 | [ "$(rootfs_type)" = "tmpfs" ] && { 41 | @@ -264,16 +263,6 @@ create_backup_archive() { 42 | { 43 | local ret=0 44 | 45 | - if [ $ret -eq 0 ]; then 46 | - for service in /etc/init.d/*; do 47 | - if ! $service enabled; then 48 | - disabled="$disabled$service disable\n" 49 | - fi 50 | - done 51 | - disabled="$disabled\nexit 0" 52 | - tar_print_member "/etc/uci-defaults/10_disable_services" "$(echo -e $disabled)" || ret=1 53 | - fi 54 | - 55 | # Part of archive with installed packages info 56 | if [ $ret -eq 0 ]; then 57 | if [ "$SAVE_INSTALLED_PKGS" -eq 1 ]; then 58 | -- 59 | 2.45.2 60 | 61 | -------------------------------------------------------------------------------- /build_patches/openwrt/0001-mvebu-clearfog-pro-add-label-mac-device.patch: -------------------------------------------------------------------------------- 1 | From 6bd5ce04002fa22d7390d1a4df2696c70a7dacf8 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Sat, 22 Feb 2025 17:53:30 +0100 4 | Subject: [PATCH] mvebu: clearfog-pro: add label-mac-device 5 | 6 | --- 7 | .../arch/arm64/boot/dts/marvell/cn9130-clearfog-pro.dts | 1 + 8 | 1 file changed, 1 insertion(+) 9 | 10 | diff --git a/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/cn9130-clearfog-pro.dts b/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/cn9130-clearfog-pro.dts 11 | index 15e19fb932..2d8c2289b9 100644 12 | --- a/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/cn9130-clearfog-pro.dts 13 | +++ b/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/cn9130-clearfog-pro.dts 14 | @@ -28,6 +28,7 @@ 15 | ethernet1 = &cp0_eth1; 16 | ethernet2 = &cp0_eth2; 17 | spi1 = &cp0_spi1; 18 | + label-mac-device = &cp0_eth0; 19 | }; 20 | 21 | memory@00000000 { 22 | -- 23 | 2.48.1 24 | 25 | -------------------------------------------------------------------------------- /build_patches/openwrt/0002-set-root-password.patch: -------------------------------------------------------------------------------- 1 | From 8c47bdcbe009eee1233bf0662dc1e71a39584fdd Mon Sep 17 00:00:00 2001 2 | From: Tim Niemeyer 3 | Date: Sat, 8 Jul 2017 10:47:28 +0200 4 | Subject: [PATCH 2/9] set root password 5 | 6 | --- 7 | package/base-files/files/etc/shadow | 2 +- 8 | 1 file changed, 1 insertion(+), 1 deletion(-) 9 | 10 | diff --git a/package/base-files/files/etc/shadow b/package/base-files/files/etc/shadow 11 | index 39bdb9c90a3..b8d180a9569 100644 12 | --- a/package/base-files/files/etc/shadow 13 | +++ b/package/base-files/files/etc/shadow 14 | @@ -1,4 +1,4 @@ 15 | -root:::0:99999:7::: 16 | +root:$1$OmvoKpjK$e.lPVnBxsrAbNV4EoH3xb1:0:0:99999:7::: 17 | daemon:*:0:0:99999:7::: 18 | ftp:*:0:0:99999:7::: 19 | network:*:0:0:99999:7::: 20 | -- 21 | 2.45.2 22 | 23 | -------------------------------------------------------------------------------- /build_patches/openwrt/0003-ntpd-host-as-string.patch: -------------------------------------------------------------------------------- 1 | From f74dc461f4789ba758282593d6be1d163546c48a Mon Sep 17 00:00:00 2001 2 | From: Tim Niemeyer 3 | Date: Sat, 8 Jul 2017 10:47:56 +0200 4 | Subject: [PATCH 3/9] ntpd host as string 5 | 6 | --- 7 | package/utils/busybox/files/sysntpd | 2 +- 8 | 1 file changed, 1 insertion(+), 1 deletion(-) 9 | 10 | diff --git a/package/utils/busybox/files/sysntpd b/package/utils/busybox/files/sysntpd 11 | index 074f14b8f8a..a05d1789ff7 100755 12 | --- a/package/utils/busybox/files/sysntpd 13 | +++ b/package/utils/busybox/files/sysntpd 14 | @@ -34,7 +34,7 @@ validate_ntp_section() { 15 | 'enable_server:bool:0' \ 16 | 'enabled:bool:1' \ 17 | 'interface:string' \ 18 | - 'server:list(host)' \ 19 | + 'server:list(string)' \ 20 | 'use_dhcp:bool:1' 21 | } 22 | 23 | -- 24 | 2.45.2 25 | 26 | -------------------------------------------------------------------------------- /build_patches/openwrt/0004-build-remove-libustream-and-certs-from-default-packa.patch: -------------------------------------------------------------------------------- 1 | From e02361b7c96fbfbd1fda768aaccf7ee24a2bfff3 Mon Sep 17 00:00:00 2001 2 | From: Adrian Schmutzler 3 | Date: Wed, 10 Feb 2021 19:12:59 +0100 4 | Subject: [PATCH 4/9] build: remove libustream and certs from default packages 5 | MIME-Version: 1.0 6 | Content-Type: text/plain; charset=UTF-8 7 | Content-Transfer-Encoding: 8bit 8 | 9 | This effectively reverts upstream commit e79df3516d3e ("build: add 10 | libustream and certs to default pkgs"). 11 | 12 | Signed-off-by: Adrian Schmutzler 13 | [fabian@blaese.de: Rebase onto OpenWrt 23.05] 14 | Signed-off-by: Fabian Bläse 15 | --- 16 | include/target.mk | 2 -- 17 | 1 file changed, 2 deletions(-) 18 | 19 | diff --git a/include/target.mk b/include/target.mk 20 | index 0108bced99..1447278ed9 100644 21 | --- a/include/target.mk 22 | +++ b/include/target.mk 23 | @@ -20,12 +20,10 @@ DEVICE_TYPE?=router 24 | ## 25 | DEFAULT_PACKAGES:=\ 26 | base-files \ 27 | - ca-bundle \ 28 | dropbear \ 29 | fstools \ 30 | libc \ 31 | libgcc \ 32 | - libustream-mbedtls \ 33 | logd \ 34 | mtd \ 35 | netifd \ 36 | -- 37 | 2.45.2 38 | 39 | -------------------------------------------------------------------------------- /build_patches/openwrt/0005-Disable-ujail-for-sysntpd.patch: -------------------------------------------------------------------------------- 1 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 2 | Date: Wed, 24 Jul 2024 14:26:28 +0200 3 | Subject: [PATCH] Disable ujail for sysntpd 4 | 5 | diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile 6 | index 4bddd5201d..e54c2b124a 100644 7 | --- a/package/utils/busybox/Makefile 8 | +++ b/package/utils/busybox/Makefile 9 | @@ -150,7 +150,6 @@ ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_NTPD),) 10 | $(INSTALL_BIN) ./files/sysntpd $(1)/etc/init.d/sysntpd 11 | $(INSTALL_BIN) ./files/ntpd-hotplug $(1)/usr/sbin/ntpd-hotplug 12 | $(INSTALL_DIR) $(1)/etc/capabilities $(1)/usr/share/acl.d 13 | - $(INSTALL_DATA) ./files/ntpd.capabilities $(1)/etc/capabilities/ntpd.json 14 | $(INSTALL_DATA) ./files/ntpd_acl.json $(1)/usr/share/acl.d/ntpd.json 15 | endif 16 | -rm -rf $(1)/lib64 17 | 18 | -------------------------------------------------------------------------------- /build_patches/openwrt/0010-c2600-retain-old-compat-version.patch: -------------------------------------------------------------------------------- 1 | From 5561d5eccccc4aaa35780f8e170e65d9bef9fa88 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Thu, 2 Jan 2025 21:00:04 +0100 4 | Subject: [PATCH] c2600: retain old compat version 5 | 6 | --- 7 | target/linux/ipq806x/image/generic.mk | 1 - 8 | 1 file changed, 1 deletion(-) 9 | 10 | diff --git a/target/linux/ipq806x/image/generic.mk b/target/linux/ipq806x/image/generic.mk 11 | index 0055e6231e..2505b90f50 100644 12 | --- a/target/linux/ipq806x/image/generic.mk 13 | +++ b/target/linux/ipq806x/image/generic.mk 14 | @@ -529,7 +529,6 @@ TARGET_DEVICES += tplink_ad7200 15 | 16 | define Device/tplink_c2600 17 | $(call Device/TpSafeImage) 18 | - $(Device/dsa-migration) 19 | DEVICE_VENDOR := TP-Link 20 | DEVICE_MODEL := Archer C2600 21 | DEVICE_VARIANT := v1 22 | -- 23 | 2.47.1 24 | 25 | -------------------------------------------------------------------------------- /build_patches/openwrt/0011-mt7621-bump-compat-version.patch: -------------------------------------------------------------------------------- 1 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 2 | Date: Mon, 6 Jan 2025 20:52:13 +0100 3 | Subject: [PATCH] mt7621: bump compat version 4 | 5 | diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk 6 | index eb7dacefef..af91d26af4 100644 7 | --- a/target/linux/ramips/image/mt7621.mk 8 | +++ b/target/linux/ramips/image/mt7621.mk 9 | @@ -2105,6 +2105,8 @@ endef 10 | 11 | define Device/netgear_r6220 12 | $(Device/netgear_sercomm_nand) 13 | + DEVICE_COMPAT_VERSION := 2.0 14 | + DEVICE_COMPAT_MESSAGE := Config cannot be migrated from swconfig to DSA 15 | DEVICE_MODEL := R6220 16 | SERCOMM_HWNAME := R6220 17 | SERCOMM_HWID := AYA 18 | @@ -3132,6 +3134,8 @@ TARGET_DEVICES += xiaomi_mi-router-4 19 | define Device/xiaomi_mi-router-4a-gigabit 20 | $(Device/dsa-migration) 21 | $(Device/uimage-lzma-loader) 22 | + DEVICE_COMPAT_VERSION := 2.0 23 | + DEVICE_COMPAT_MESSAGE := Config cannot be migrated from swconfig to DSA 24 | IMAGE_SIZE := 14848k 25 | DEVICE_VENDOR := Xiaomi 26 | DEVICE_MODEL := Mi Router 4A 27 | @@ -3143,6 +3147,8 @@ TARGET_DEVICES += xiaomi_mi-router-4a-gigabit 28 | define Device/xiaomi_mi-router-4a-gigabit-v2 29 | $(Device/dsa-migration) 30 | $(Device/uimage-lzma-loader) 31 | + DEVICE_COMPAT_VERSION := 2.0 32 | + DEVICE_COMPAT_MESSAGE := Config cannot be migrated from swconfig to DSA 33 | IMAGE_SIZE := 14784k 34 | DEVICE_VENDOR := Xiaomi 35 | DEVICE_MODEL := Mi Router 4A 36 | 37 | -------------------------------------------------------------------------------- /build_patches/openwrt/0060-ramips-mt7621-swap-incorrectly-labeled-lan-ports-on-.patch: -------------------------------------------------------------------------------- 1 | From bed33fd410b918de42765a1080d2aca63745bb20 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Fri, 16 Aug 2024 23:05:05 +0200 4 | Subject: [PATCH] ramips: mt7621: swap incorrectly labeled lan ports on Xiaomi 5 | Mi Router 4A Gigabit v2 6 | MIME-Version: 1.0 7 | Content-Type: text/plain; charset=UTF-8 8 | Content-Transfer-Encoding: 8bit 9 | 10 | Signed-off-by: Fabian Bläse 11 | --- 12 | .../ramips/dts/mt7621_xiaomi_mi-router-4a-gigabit-v2.dts | 4 ++-- 13 | 1 file changed, 2 insertions(+), 2 deletions(-) 14 | 15 | diff --git a/target/linux/ramips/dts/mt7621_xiaomi_mi-router-4a-gigabit-v2.dts b/target/linux/ramips/dts/mt7621_xiaomi_mi-router-4a-gigabit-v2.dts 16 | index 67ff6ea11e..d52864cec9 100644 17 | --- a/target/linux/ramips/dts/mt7621_xiaomi_mi-router-4a-gigabit-v2.dts 18 | +++ b/target/linux/ramips/dts/mt7621_xiaomi_mi-router-4a-gigabit-v2.dts 19 | @@ -62,12 +62,12 @@ 20 | ports { 21 | port@1 { 22 | status = "okay"; 23 | - label = "lan1"; 24 | + label = "lan2"; 25 | }; 26 | 27 | port@2 { 28 | status = "okay"; 29 | - label = "lan2"; 30 | + label = "lan1"; 31 | }; 32 | 33 | wan: port@3 { 34 | -- 35 | 2.46.0 36 | 37 | -------------------------------------------------------------------------------- /build_patches/openwrt/0070-mvebu-rb5009-add-label-mac-device.patch: -------------------------------------------------------------------------------- 1 | From 16c47c23dfd53778a2143e3d0891b6aeb31b0d4b Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Fri, 20 Dec 2024 10:38:31 +0100 4 | Subject: [PATCH] mvebu: rb5009: add label-mac-device 5 | MIME-Version: 1.0 6 | Content-Type: text/plain; charset=UTF-8 7 | Content-Transfer-Encoding: 8bit 8 | 9 | Add the label-mac-device alias. 10 | 11 | Signed-off-by: Fabian Bläse 12 | Link: https://github.com/openwrt/openwrt/pull/17313 13 | Signed-off-by: Robert Marko 14 | --- 15 | .../arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts | 3 ++- 16 | 1 file changed, 2 insertions(+), 1 deletion(-) 17 | 18 | diff --git a/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts b/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts 19 | index dfbf3af137c114..306f84a516fdd5 100644 20 | --- a/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts 21 | +++ b/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts 22 | @@ -26,6 +26,7 @@ 23 | led-failsafe = &led_user; 24 | led-running = &led_user; 25 | led-upgrade = &led_user; 26 | + label-mac-device = &p1; 27 | }; 28 | 29 | usb3_vbus: regulator-usb3-vbus0 { 30 | @@ -322,7 +323,7 @@ 31 | nvmem-cell-names = "mac-address"; 32 | }; 33 | 34 | - port@9 { 35 | + p1: port@9 { 36 | reg = <9>; 37 | label = "p1"; 38 | phy-mode = "sgmii"; 39 | -------------------------------------------------------------------------------- /build_patches/openwrt/0100-Add-hack-which-fixes-forwarding-on-a-stacked-bridge-.patch: -------------------------------------------------------------------------------- 1 | From eb32f9ff9a5106c1b44634ca7300f76be0d817f2 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Thu, 24 Feb 2022 00:04:47 +0100 4 | Subject: [PATCH 7/9] Add hack which fixes forwarding on a stacked bridge 5 | configuration using DSA 6 | 7 | --- 8 | .../999-fix-stacked-bridge-forwarding.patch | 12 ++++++++++++ 9 | 1 file changed, 12 insertions(+) 10 | create mode 100644 target/linux/generic/hack-5.15/999-fix-stacked-bridge-forwarding.patch 11 | 12 | diff --git a/target/linux/generic/hack-5.15/999-fix-stacked-bridge-forwarding.patch b/target/linux/generic/hack-5.15/999-fix-stacked-bridge-forwarding.patch 13 | new file mode 100644 14 | index 00000000000..e1d4cb9cd50 15 | --- /dev/null 16 | +++ b/target/linux/generic/hack-5.15/999-fix-stacked-bridge-forwarding.patch 17 | @@ -0,0 +1,12 @@ 18 | +--- a/net/bridge/br_input.c 19 | ++++ b/net/bridge/br_input.c 20 | +@@ -52,6 +52,9 @@ static int br_pass_frame_up(struct sk_bu 21 | + return NET_RX_DROP; 22 | + } 23 | + 24 | ++ /* remove offload flag, so upper bridges do not drop the packet */ 25 | ++ br_switchdev_frame_unmark(skb); 26 | ++ 27 | + indev = skb->dev; 28 | + skb->dev = brdev; 29 | + skb = br_handle_vlan(br, NULL, vg, skb); 30 | -- 31 | 2.45.2 32 | 33 | -------------------------------------------------------------------------------- /build_patches/openwrt/0101-Add-hack-which-fixes-forwarding-on-a-stacked-bridge-.patch: -------------------------------------------------------------------------------- 1 | From 3989fcbea2a1f8fc142aad74739c118be0476bff Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Thu, 11 Jul 2024 23:42:16 +0200 4 | Subject: [PATCH] fix stacked bridge forwarding 5 | 6 | --- 7 | .../hack-6.1/999-fix-stacked-bridge-forwarding.patch | 12 ++++++++++++ 8 | .../hack-6.6/999-fix-stacked-bridge-forwarding.patch | 12 ++++++++++++ 9 | 2 files changed, 24 insertions(+) 10 | create mode 100644 target/linux/generic/hack-6.1/999-fix-stacked-bridge-forwarding.patch 11 | create mode 100644 target/linux/generic/hack-6.6/999-fix-stacked-bridge-forwarding.patch 12 | 13 | diff --git a/target/linux/generic/hack-6.1/999-fix-stacked-bridge-forwarding.patch b/target/linux/generic/hack-6.1/999-fix-stacked-bridge-forwarding.patch 14 | new file mode 100644 15 | index 00000000000..e1d4cb9cd50 16 | --- /dev/null 17 | +++ b/target/linux/generic/hack-6.1/999-fix-stacked-bridge-forwarding.patch 18 | @@ -0,0 +1,12 @@ 19 | +--- a/net/bridge/br_input.c 20 | ++++ b/net/bridge/br_input.c 21 | +@@ -52,6 +52,9 @@ static int br_pass_frame_up(struct sk_bu 22 | + return NET_RX_DROP; 23 | + } 24 | + 25 | ++ /* remove offload flag, so upper bridges do not drop the packet */ 26 | ++ br_switchdev_frame_unmark(skb); 27 | ++ 28 | + indev = skb->dev; 29 | + skb->dev = brdev; 30 | + skb = br_handle_vlan(br, NULL, vg, skb); 31 | diff --git a/target/linux/generic/hack-6.6/999-fix-stacked-bridge-forwarding.patch b/target/linux/generic/hack-6.6/999-fix-stacked-bridge-forwarding.patch 32 | new file mode 100644 33 | index 00000000000..e1d4cb9cd50 34 | --- /dev/null 35 | +++ b/target/linux/generic/hack-6.6/999-fix-stacked-bridge-forwarding.patch 36 | @@ -0,0 +1,12 @@ 37 | +--- a/net/bridge/br_input.c 38 | ++++ b/net/bridge/br_input.c 39 | +@@ -52,6 +52,9 @@ static int br_pass_frame_up(struct sk_bu 40 | + return NET_RX_DROP; 41 | + } 42 | + 43 | ++ /* remove offload flag, so upper bridges do not drop the packet */ 44 | ++ br_switchdev_frame_unmark(skb); 45 | ++ 46 | + indev = skb->dev; 47 | + skb->dev = brdev; 48 | + skb = br_handle_vlan(br, NULL, vg, skb); 49 | -- 50 | 2.45.2 51 | 52 | -------------------------------------------------------------------------------- /build_patches/openwrt/0240-rb5009-poe-spi.patch: -------------------------------------------------------------------------------- 1 | From 0ca1ea0017d1afa143734855117186c9db68a5a8 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Sat, 27 Jul 2024 14:08:09 +0200 4 | Subject: [PATCH] rb5009 poe spi 5 | 6 | --- 7 | .../boot/dts/marvell/armada-7040-rb5009.dts | 37 +++++++++++++++++++ 8 | 1 file changed, 37 insertions(+) 9 | 10 | diff --git a/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts b/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts 11 | index 8cd744f64d..6c3ce847aa 100644 12 | --- a/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts 13 | +++ b/target/linux/mvebu/files-6.6/arch/arm64/boot/dts/marvell/armada-7040-rb5009.dts 14 | @@ -382,3 +382,40 @@ 15 | }; 16 | }; 17 | }; 18 | + 19 | +&cp0_pinctrl { 20 | + cp0_spi1_pins: cp0-spi1-pins { 21 | + // Mikrotik defines SPI1 with mpp50 as CS0 and then additionally sets mpp8 as CS for the PoE driver via GPIO. We just want the hardware to handle CS0 on mpp8 22 | + marvell,pins = "mpp47", "mpp48", "mpp49", "mpp8"; 23 | + //marvell,pins = "mpp47", "mpp48", "mpp49", "mpp50"; 24 | + marvell,function = "spi1"; 25 | + }; 26 | + 27 | + /*cp0_spi1_poe_cs_pins: cp0-spi1-poe-cs-pins { 28 | + marvell,pins = "mpp8"; 29 | + marcell,function = "gpio"; 30 | + };*/ 31 | +}; 32 | + 33 | +&cp0_spi1 { 34 | + status = "okay"; 35 | + 36 | + pinctrl-0 = <&cp0_spi1_pins>; 37 | + pinctrl-names = "default"; 38 | + 39 | + spidev@0 { 40 | + compatible = "rohm,dh2228fv"; 41 | + //compatible = "linux,spidev"; 42 | + reg = <0>; 43 | + spi-max-frequency = <2000000>; 44 | + }; 45 | +}; 46 | + 47 | +&cp0_gpio1 { 48 | + enable-poe-power { 49 | + gpio-hog; 50 | + gpios = <8 GPIO_ACTIVE_HIGH>; 51 | + output-high; 52 | + line-name = "enable PoE chip"; 53 | + }; 54 | +}; 55 | -- 56 | 2.45.2 57 | 58 | -------------------------------------------------------------------------------- /build_patches/openwrt/0299-mvpp2-enable-dsa-parser-entry.patch: -------------------------------------------------------------------------------- 1 | From 216f1cf8f8ce54964791e90604dfa17ed5689add Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Sat, 18 Nov 2023 23:30:43 +0100 4 | Subject: [PATCH 8/9] mvpp2: enable dsa parser entry 5 | 6 | --- 7 | .../999-mvpp2-enable-dsa-parser-entry.patch | 22 +++++++++++++++++++ 8 | 1 file changed, 22 insertions(+) 9 | create mode 100644 target/linux/mvebu/patches-6.6/999-mvpp2-enable-dsa-parser-entry.patch 10 | 11 | diff --git a/target/linux/mvebu/patches-6.6/999-mvpp2-enable-dsa-parser-entry.patch b/target/linux/mvebu/patches-6.6/999-mvpp2-enable-dsa-parser-entry.patch 12 | new file mode 100644 13 | index 00000000000..fe5c2657d9a 14 | --- /dev/null 15 | +++ b/target/linux/mvebu/patches-6.6/999-mvpp2-enable-dsa-parser-entry.patch 16 | @@ -0,0 +1,22 @@ 17 | +--- a/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c 18 | ++++ b/drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c 19 | +@@ -4757,7 +4757,7 @@ static int mvpp2_open(struct net_device 20 | + netdev_err(dev, "mvpp2_prs_mac_da_accept own addr failed\n"); 21 | + return err; 22 | + } 23 | +- err = mvpp2_prs_tag_mode_set(port->priv, port->id, MVPP2_TAG_TYPE_MH); 24 | ++ err = mvpp2_prs_tag_mode_set(port->priv, port->id, MVPP2_TAG_TYPE_DSA); 25 | + if (err) { 26 | + netdev_err(dev, "mvpp2_prs_tag_mode_set failed\n"); 27 | + return err; 28 | +--- a/drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c 29 | ++++ b/drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c 30 | +@@ -1260,7 +1260,7 @@ static void mvpp2_prs_dsa_init(struct mv 31 | + 32 | + /* Shift 0 bytes */ 33 | + mvpp2_prs_sram_shift_set(&pe, 0, MVPP2_PRS_SRAM_OP_SEL_SHIFT_ADD); 34 | +- mvpp2_prs_shadow_set(priv, pe.index, MVPP2_PRS_LU_MAC); 35 | ++ mvpp2_prs_shadow_set(priv, pe.index, MVPP2_PRS_LU_DSA); 36 | + 37 | + /* Clear all sram ai bits for next iteration */ 38 | + mvpp2_prs_sram_ai_update(&pe, 0, MVPP2_PRS_SRAM_AI_MASK); 39 | -- 40 | 2.45.2 41 | 42 | -------------------------------------------------------------------------------- /build_patches/openwrt/0299-mvpp2-vlan-after-dsa.patch: -------------------------------------------------------------------------------- 1 | From e56df0174af07abeb599fd52c566f8d1ba1e7165 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 3 | Date: Mon, 20 Nov 2023 21:28:16 +0100 4 | Subject: [PATCH 9/9] mvpp2: vlan after dsa 5 | 6 | --- 7 | .../linux/mvebu/patches-6.6/999-vlan-after-dsa.patch | 11 +++++++++++ 8 | 1 file changed, 11 insertions(+) 9 | create mode 100644 target/linux/mvebu/patches-6.6/999-vlan-after-dsa.patch 10 | 11 | diff --git a/target/linux/mvebu/patches-6.6/999-vlan-after-dsa.patch b/target/linux/mvebu/patches-6.6/999-vlan-after-dsa.patch 12 | new file mode 100644 13 | index 00000000000..d6f241ca085 14 | --- /dev/null 15 | +++ b/target/linux/mvebu/patches-6.6/999-vlan-after-dsa.patch 16 | @@ -0,0 +1,11 @@ 17 | +--- a/drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c 18 | ++++ b/drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c 19 | +@@ -576,7 +576,7 @@ static void mvpp2_prs_dsa_tag_set(struct 20 | + /* Set result info bits to 'no vlans' */ 21 | + mvpp2_prs_sram_ri_update(&pe, MVPP2_PRS_RI_VLAN_NONE, 22 | + MVPP2_PRS_RI_VLAN_MASK); 23 | +- mvpp2_prs_sram_next_lu_set(&pe, MVPP2_PRS_LU_L2); 24 | ++ mvpp2_prs_sram_next_lu_set(&pe, MVPP2_PRS_LU_VLAN); 25 | + } 26 | + 27 | + /* Mask all ports */ 28 | -- 29 | 2.45.2 30 | 31 | -------------------------------------------------------------------------------- /feed_patches/openwrt/0020-fastd_generate_key_from_urandom.patch: -------------------------------------------------------------------------------- 1 | From: Robert Langhammer 2 | Date: Mon, 13 Nov 2017 21:04:55 +0100 3 | Subject: fastd_generate_key_from_urandom 4 | 5 | diff --git a/net/fastd/patches/001-generate_key_from_urandom.patch b/net/fastd/patches/001-generate_key_from_urandom.patch 6 | new file mode 100644 7 | index 0000000000000000000000000000000000000000..e06739a1e715ab310d9b30ae704f615572d6b4b9 8 | --- /dev/null 9 | +++ b/net/fastd/patches/001-generate_key_from_urandom.patch 10 | @@ -0,0 +1,14 @@ 11 | +--- a/src/protocols/ec25519_fhmqvc/util.c 12 | ++++ b/src/protocols/ec25519_fhmqvc/util.c 13 | +@@ -47,9 +47,9 @@ void fastd_protocol_ec25519_fhmqvc_gener 14 | + ecc_int256_t public_key; 15 | + 16 | + if (!conf.machine_readable) 17 | +- pr_info("Reading 32 bytes from /dev/random..."); 18 | ++ pr_info("Reading 32 bytes from /dev/urandom..."); 19 | + 20 | +- fastd_random_bytes(secret_key.p, SECRETKEYBYTES, true); 21 | ++ fastd_random_bytes(secret_key.p, SECRETKEYBYTES, false); 22 | + ecc_25519_gf_sanitize_secret(&secret_key, &secret_key); 23 | + 24 | + ecc_25519_work_t work; 25 | -------------------------------------------------------------------------------- /feed_patches/routing/0001-babeld-Include-PKG_RELEASE-in-babeld-version.patch: -------------------------------------------------------------------------------- 1 | From: Adrian Schmutzler 2 | Date: Mon, 30 Sep 2019 17:09:10 +0200 3 | Subject: babeld: Include PKG_RELEASE in babeld version 4 | 5 | This will account for custom patches added, as otherwise version 6 | would stay the same. 7 | 8 | Signed-off-by: Adrian Schmutzler 9 | [fabian@blaese.de: revise version string] 10 | Signed-off-by: Fabian Bläse 11 | 12 | diff --git a/babeld/Makefile b/babeld/Makefile 13 | index 056ce43d5ddb461ba94e51a5b18ffac0ef971468..16cc86fe5c2ae8731b0d7d2f64517e9b92d029f9 100644 14 | --- a/babeld/Makefile 15 | +++ b/babeld/Makefile 16 | @@ -50,6 +50,11 @@ MAKE_FLAGS+= \ 17 | LDLIBS="" \ 18 | LDLIBS+="-lubus -lubox" 19 | 20 | +define Build/Configure 21 | + echo "babeld-$(PKG_VERSION)+fff$(PKG_RELEASE)" > $(PKG_BUILD_DIR)/version 22 | + $(Build/Configure/Default) 23 | +endef 24 | + 25 | define Package/babeld/install 26 | $(INSTALL_DIR) $(1)/usr/sbin 27 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/babeld $(1)/usr/sbin/ 28 | -------------------------------------------------------------------------------- /feed_patches/routing/0002-bird-disable-unnecessary-protocols.patch: -------------------------------------------------------------------------------- 1 | From: =?UTF-8?q?Fabian=20Bl=C3=A4se?= 2 | Date: Sat, 6 Jan 2024 13:24:58 +0100 3 | Subject: [PATCH] bird: disable unnecessary protocols 4 | 5 | diff --git a/bird2/Makefile b/bird2/Makefile 6 | index ec9c12c..6f17463 100644 7 | --- a/bird2/Makefile 8 | +++ b/bird2/Makefile 9 | @@ -97,7 +97,7 @@ protocols, telling BIRD to show various information, telling it to show 10 | a routing table filtered by a filter, or asking BIRD to reconfigure. 11 | endef 12 | 13 | -CONFIGURE_ARGS += --disable-libssh 14 | +CONFIGURE_ARGS += --disable-libssh --with-protocols="babel pipe radv static" --disable-mpls-kernel 15 | 16 | define Package/bird2/conffiles 17 | /etc/bird.conf 18 | 19 | -------------------------------------------------------------------------------- /src/packages/fff/alfred-json/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=alfred-json 4 | PKG_VERSION:=0.3.1 5 | PKG_RELEASE:=1 6 | PKG_LICENSE:=GPL-2.0-only 7 | PKG_SOURCE_PROTO:=git 8 | PKG_SOURCE_VERSION:=e4cacfc791092389f63c36a435d3f1d069f8a13e 9 | PKG_SOURCE_URL:=https://github.com/FreifunkFranken/alfred-json.git 10 | 11 | include $(INCLUDE_DIR)/package.mk 12 | include $(INCLUDE_DIR)/cmake.mk 13 | 14 | define Package/alfred-json 15 | SECTION:=utils 16 | CATEGORY:=Utilities 17 | TITLE:=A.L.F.R.E.D - JSON Client 18 | URL:=https://github.com/FreifunkFranken/alfred-json 19 | DEPENDS:=+jansson +zlib +alfred 20 | endef 21 | 22 | define Package/alfred-json/install 23 | $(INSTALL_DIR) $(1)/bin/ 24 | $(CP) $(PKG_INSTALL_DIR)/usr/bin/alfred-json $(1)/bin/ 25 | endef 26 | 27 | $(eval $(call BuildPackage,alfred-json)) 28 | -------------------------------------------------------------------------------- /src/packages/fff/fff-alfred/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-alfred 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Alfred 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-nodewatcher +alfred +micrond 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the Freifunk Franken Firmware Alfred package. 18 | This packages configures the Alfred on the device. 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-alfred/files/etc/uci-defaults/51-fff-alfred: -------------------------------------------------------------------------------- 1 | >/etc/config/alfred 2 | 3 | uci batch < /tmp/bird/include/babelpeers.conf 40 | echo 'include "/tmp/bird/fff/nat-filter.conf";' > /tmp/bird/include/nat-filter.conf 41 | else 42 | echo 'include "/etc/bird/fff/babelpeers/*.conf";' > /tmp/bird/include/babelpeers.conf 43 | echo 'include "/etc/bird/fff/nat-filter.conf";' > /tmp/bird/include/nat-filter.conf 44 | fi 45 | } 46 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel-bird2/files/etc/uci-defaults/30-disable-bird2: -------------------------------------------------------------------------------- 1 | /etc/init.d/bird disable 2 | rm -f /etc/init.d/bird 3 | 4 | exit 0 5 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel-bird2/files/etc/uci-defaults/60-fff-bird-config: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | 3 | mv /etc/bird-fff.conf /etc/bird.conf 4 | 5 | exit 0 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel-bird2/files/lib/functions/fff/babeldaemon/bird2: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | 3 | babel_get_version() { 4 | /usr/sbin/bird --version 2>&1 | sed "s/BIRD version /bird-/" 5 | } 6 | 7 | babel_add_interface() { 8 | [ "$#" -gt "5" ] && return 1 9 | 10 | local name="${1:?Missing parameter: name}" 11 | local interface="${2:?Missing parameter: interface}" 12 | local type="${3:?Missing parameter: type}" 13 | local rxcost="${4:?Missing parameter: rxcost}" 14 | local limit="${5:-12}" 15 | 16 | [ "$limit" -lt 1 ] || [ "$limit" -gt "16" ] && { echo "babelpeer limit option must be in range 1-16"; return 1; } 17 | 18 | mkdir -p /tmp/bird/fff/babelpeers 19 | echo "interface \"$interface\" { type $type; rxcost $rxcost; limit $limit; };" > /tmp/bird/fff/babelpeers/$name.conf 20 | 21 | return 0 22 | } 23 | 24 | babel_delete_interface() { 25 | [ "$#" -ne "1" ] && return 1 26 | 27 | local name="$1" 28 | 29 | # Removing peers from /etc is not necessary, as all peers are generated into /tmp on every configuration run, 30 | # which completely overwrites existing peers in /etc in the apply step. 31 | rm -f /tmp/bird/fff/babelpeers/$name.conf 32 | 33 | return 0 34 | } 35 | 36 | babel_add_redistribute_filter() { 37 | return 0 38 | } 39 | 40 | babel_add_private_prefix_filter() { 41 | [ "$#" -ne "1" ] && return 1 42 | 43 | local prefix="$1" 44 | prefix=$(owipcalc "$prefix" network prefix "$prefix") 45 | 46 | mkdir -p /tmp/bird/fff 47 | echo "if net ~ $prefix then reject;" > /tmp/bird/fff/nat-filter.conf 48 | 49 | return 0 50 | } 51 | 52 | babel_remove_custom_redistribute_filters() { 53 | mkdir -p /tmp/bird/fff 54 | > /tmp/bird/fff/nat-filter.conf 55 | 56 | return 0 57 | } 58 | 59 | babel_apply_implementation() { 60 | # error output hidden because apply might be executed without a preceding configure step. 61 | if [ -d /tmp/bird/fff ]; then 62 | rm -rf /etc/bird/fff 63 | mv /tmp/bird/fff /etc/bird/fff 64 | fi 65 | 66 | return 0 67 | } 68 | 69 | babel_reload_implementation() { 70 | /etc/init.d/fff-bird reload 71 | } 72 | 73 | babel_revert() { 74 | rm -rf /tmp/bird/fff 75 | } 76 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel-bird2/files/usr/lib/nodewatcher.d/80-bird2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-only 3 | 4 | set -e 5 | set -o pipefail 6 | 7 | 8 | if ! birdcl show status >/dev/null 2>&1; then 9 | # bird daemon not running or unavailable. exit. 10 | exit 0 11 | fi 12 | 13 | neighbours="$(birdcl -r show babel neighbors | 14 | tail -n +5 | 15 | awk '{ printf "%s%s%s", $1, $2, $3 }' 16 | )" 17 | 18 | echo -n "$neighbours" 19 | 20 | exit 0 21 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-babel 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-babel 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken babel 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-babel-implementation 14 | endef 15 | 16 | define Package/fff-babel/description 17 | This is the Freifunk Franken Firmware babel package. 18 | endef 19 | 20 | define Build/Compile 21 | # nothing 22 | endef 23 | 24 | define Package/fff-babel/install 25 | $(CP) ./files/* $(1)/ 26 | endef 27 | 28 | $(eval $(call BuildPackage,fff-babel)) 29 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel/files/etc/uci-defaults/26-babel-iproute: -------------------------------------------------------------------------------- 1 | echo "10 fff" >> /etc/iproute2/rt_tables 2 | 3 | exit 0 4 | -------------------------------------------------------------------------------- /src/packages/fff/fff-babel/files/etc/uci-defaults/27-babel-network-rules: -------------------------------------------------------------------------------- 1 | uci batch </dev/null; then 4 | neighbours="$(echo dump | nc ::1 33123 | grep '^add neighbour' | 5 | awk '{ 6 | for (i=2; i < NF; i += 2) { 7 | vars[$i] = $(i+1) 8 | } 9 | } 10 | { 11 | printf "%s%s%s", vars["address"], vars["if"], vars["cost"] 12 | }')" 13 | echo -n "$neighbours" 14 | fi 15 | 16 | exit 0 17 | -------------------------------------------------------------------------------- /src/packages/fff/fff-base/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-base 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-base 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken base dependencies 12 | URL:=https://www.freifunk-franken.de 13 | DEFAULT:=y 14 | DEPENDS:= \ 15 | +@BUSYBOX_CONFIG_FEATURE_REVERSE_SEARCH \ 16 | +@BUSYBOX_CONFIG_FEATURE_TOP_SMP_CPU \ 17 | +@BUSYBOX_CONFIG_WATCH \ 18 | +@BUSYBOX_CONFIG_FEATURE_EDITING_SAVEHISTORY \ 19 | +micrond \ 20 | +odhcp6c \ 21 | +fff-config \ 22 | +fff-network \ 23 | +fff-nodewatcher \ 24 | +fff-simple-tc \ 25 | +fff-support \ 26 | +fff-sysupgrade \ 27 | +fff-timeserver \ 28 | +fff-web-ui \ 29 | +fff-wireless 30 | endef 31 | 32 | define Package/fff-variant/description 33 | This package includes base packages used in the Freifunk-Franken firmware 34 | endef 35 | 36 | $(eval $(call BuildPackage,fff-base)) 37 | -------------------------------------------------------------------------------- /src/packages/fff/fff-batman-adv/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-batman-adv 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken batman-adv 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+kmod-batman-adv \ 14 | +@BATMAN_ADV_BATMAN_V \ 15 | +@BATMAN_ADV_NC \ 16 | +batctl 17 | endef 18 | 19 | define Package/$(PKG_NAME)/description 20 | This is the batman-adv for the Freifunk Franken Firmware 21 | It is used to configure batman-adv. 22 | endef 23 | 24 | define Build/Compile 25 | # nothing 26 | endef 27 | 28 | define Package/$(PKG_NAME)/install 29 | $(CP) ./files/* $(1)/ 30 | endef 31 | 32 | $(eval $(call BuildPackage,$(PKG_NAME))) 33 | -------------------------------------------------------------------------------- /src/packages/fff/fff-batman-adv/files/etc/uci-defaults/93-fff-batman-adv: -------------------------------------------------------------------------------- 1 | uci batch < /dev/null; then 4 | BOARD="x86_64" 5 | fi 6 | 7 | uci set board.model.name=$BOARD 8 | uci commit board 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /src/packages/fff/fff-config/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-config 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Config 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-boardname 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the Freifunk Franken Firmware Config package. 18 | This packages provides utilities for a central FFF config file. 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-config/files/etc/sysctl.d/20-oom-panic.conf: -------------------------------------------------------------------------------- 1 | vm.panic_on_oom=1 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-config/files/etc/uci-defaults/05-config-system-migration: -------------------------------------------------------------------------------- 1 | if [ ! -s /etc/config/fff ] ; then 2 | 3 | UPGRADE_hostname=$(uci -q get "system.@system[0].hostname") 4 | UPGRADE_description=$(uci -q get "system.@system[0].description") 5 | UPGRADE_latitude=$(uci -q get "system.@system[0].latitude") 6 | UPGRADE_longitude=$(uci -q get "system.@system[0].longitude") 7 | UPGRADE_position_comment=$(uci -q get "system.@system[0].position_comment") 8 | UPGRADE_contact=$(uci -q get "system.@system[0].contact") 9 | 10 | /bin/rm -rf /etc/config/system 11 | 12 | /bin/config_generate 13 | 14 | touch /etc/config/fff 15 | 16 | uci -q set fff.system=fff 17 | test -n "${UPGRADE_hostname}" && uci -q set "fff.system.hostname=${UPGRADE_hostname}" 18 | test -n "${UPGRADE_description}" && uci -q set "fff.system.description=${UPGRADE_description}" 19 | test -n "${UPGRADE_latitude}" && uci -q set "fff.system.latitude=${UPGRADE_latitude}" 20 | test -n "${UPGRADE_longitude}" && uci -q set "fff.system.longitude=${UPGRADE_longitude}" 21 | test -n "${UPGRADE_position_comment}" && uci -q set "fff.system.position_comment=${UPGRADE_position_comment}" 22 | test -n "${UPGRADE_contact}" && uci -q set "fff.system.contact=${UPGRADE_contact}" 23 | 24 | uci -q commit fff 25 | fi 26 | 27 | exit 0 28 | -------------------------------------------------------------------------------- /src/packages/fff/fff-config/files/etc/uci-defaults/98-configure-fff: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2017 Adrian Schmutzler 4 | 5 | touch /etc/config/fff 6 | 7 | if ! uci -q get fff.system > /dev/null ; then 8 | uci set fff.system=fff 9 | uci set "fff.system.hostname=FFF" 10 | uci commit fff 11 | fi 12 | 13 | FFF_hostname=$(uci -q get "fff.system.hostname") 14 | test -n "${FFF_hostname}" && uci -q set "system.@system[0].hostname=${FFF_hostname}" 15 | test -n "${FFF_hostname}" && echo "${FFF_hostname}" > /proc/sys/kernel/hostname 16 | 17 | uci commit system 18 | 19 | poe_passthrough=$(uci -q get "fff.poe_passthrough.active") 20 | if [ "$poe_passthrough" = "1" ] && [ -s /usr/lib/fff-support/activate_poe_passthrough.sh ] ; then 21 | /usr/lib/fff-support/activate_poe_passthrough.sh 22 | fi 23 | 24 | exit 0 25 | -------------------------------------------------------------------------------- /src/packages/fff/fff-dhcp/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-dhcp 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-dhcp 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken dhcp 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+dnsmasq 14 | endef 15 | 16 | define Package/fff-dhcp/description 17 | This is the fff-dhcp for the Freifunk Franken Firmware 18 | It is used to configure dnsmasq for use as gateway. 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/fff-dhcp/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,fff-dhcp)) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-dhcp/files/etc/layer3.d/35-dns: -------------------------------------------------------------------------------- 1 | configure() { 2 | ## dns 3 | uci -q del dhcp.@dnsmasq[0].server 4 | if dnsservers=$(uci -q get gateway.@dns[0].server); then 5 | for f in $dnsservers; do 6 | uci add_list dhcp.@dnsmasq[0].server=$f 7 | uci add_list dhcp.@dnsmasq[0].server="/in-addr.arpa/$f" 8 | uci add_list dhcp.@dnsmasq[0].server="/ip6.arpa/$f" 9 | done 10 | else 11 | echo "WARNING: No DNS servers set! Using default server fd43:5602:29bd:ffff:1:1:1:1" 12 | uci add_list dhcp.@dnsmasq[0].server="fd43:5602:29bd:ffff:1:1:1:1" 13 | uci add_list dhcp.@dnsmasq[0].server="/in-addr.arpa/fd43:5602:29bd:ffff:1:1:1:1" 14 | uci add_list dhcp.@dnsmasq[0].server="/ip6.arpa/fd43:5602:29bd:ffff:1:1:1:1" 15 | fi 16 | } 17 | 18 | apply() { 19 | uci commit dhcp 20 | } 21 | 22 | revert() { 23 | uci revert dhcp 24 | } 25 | -------------------------------------------------------------------------------- /src/packages/fff/fff-dhcp/files/etc/uci-defaults/90-fff-dhcp: -------------------------------------------------------------------------------- 1 | # Use a larger cachesize by default 2 | cachesize=1024 3 | 4 | # Increase cachesize for systems with enough memory 5 | mem="$(awk '/^MemTotal:/ {print $2}' /proc/meminfo)" 6 | [ "$mem" -gt 65536 ] && cachesize=8192 7 | 8 | uci batch >/dev/null </etc/config/fastd 4 | 5 | uci batch < /etc/fastd/fff/up.sh 30 | echo "ip link set up dev fffVPN" >> /etc/fastd/fff/up.sh 31 | echo "batctl if add fffVPN" >> /etc/fastd/fff/up.sh 32 | echo "batctl hardif fffVPN hop_penalty 30" >> /etc/fastd/fff/up.sh 33 | chmod +x /etc/fastd/fff/up.sh 34 | 35 | exit 0 36 | -------------------------------------------------------------------------------- /src/packages/fff/fff-fastd/files/usr/lib/vpn-select.d/fastd: -------------------------------------------------------------------------------- 1 | protocol=fastd 2 | 3 | fastd_clear() { 4 | rm /tmp/fastd_fff_peers/* 2>/dev/null 5 | } 6 | 7 | fastd_addpeer() { 8 | [ -d /tmp/fastd_fff_peers ] || mkdir /tmp/fastd_fff_peers 9 | 10 | # write fastd-config 11 | json_get_var servername name 12 | filename="/etc/fastd/fff/peers/$servername" 13 | echo "#name \"${servername}\";" > "$filename" 14 | json_get_var key key 15 | echo "key \"${key}\";" >> "$filename" 16 | json_get_var address address 17 | json_get_var port port 18 | echo "remote \"${address}\" port ${port};" >> "$filename" 19 | echo "" >> "$filename" 20 | echo "float yes;" >> "$filename" 21 | } 22 | 23 | fastd_start_stop() { 24 | if ls /etc/fastd/fff/peers/* &>/dev/null; then 25 | /etc/init.d/fastd reload 26 | else 27 | /etc/init.d/fastd running && /etc/init.d/fastd stop 28 | fi 29 | } 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-firewall/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-firewall 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken firewall 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+kmod-nft-bridge \ 14 | +nftables 15 | endef 16 | 17 | define Package/$(PKG_NAME)/description 18 | This is the firewall for the Freifunk Franken Firmware 19 | It is used to configure firewall. 20 | endef 21 | 22 | define Build/Compile 23 | # nothing 24 | endef 25 | 26 | define Package/$(PKG_NAME)/install 27 | $(CP) ./files/* $(1)/ 28 | endef 29 | 30 | $(eval $(call BuildPackage,$(PKG_NAME))) 31 | -------------------------------------------------------------------------------- /src/packages/fff/fff-firewall/files/etc/init.d/fff-firewall: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=50 4 | 5 | USE_PROCD=1 6 | 7 | FIREWALL_DIR=/usr/lib/firewall.d 8 | 9 | service_triggers() 10 | { 11 | procd_add_reload_trigger "fff-firewall" "network" 12 | } 13 | 14 | start_service() 15 | { 16 | local file 17 | 18 | IF_WAN=$(uci get network.wan.ifname) 19 | 20 | for file in ${FIREWALL_DIR}/*; do 21 | if [ -f "$file" ]; then 22 | . "$file" 23 | fi 24 | done 25 | } 26 | -------------------------------------------------------------------------------- /src/packages/fff/fff-firewall/files/usr/lib/firewall.d/00-prepare: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | flush ruleset 3 | __EOF 4 | -------------------------------------------------------------------------------- /src/packages/fff/fff-firewall/files/usr/lib/firewall.d/90-user: -------------------------------------------------------------------------------- 1 | USER_NFT="/etc/nftables-fff.conf" 2 | 3 | [ -f "$USER_NFT" ] && nft -f "$USER_NFT" 4 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoods/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-hoods 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken hoods 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:= \ 14 | +fff-firewall \ 15 | +fff-hoodutils \ 16 | +fff-macnock \ 17 | +fff-network \ 18 | +fff-timeserver \ 19 | +fff-vpn-select \ 20 | +fff-web-hood \ 21 | +fff-wireless \ 22 | +jshn \ 23 | +owipcalc \ 24 | +@BUSYBOX_CONFIG_WGET \ 25 | +@BUSYBOX_CONFIG_FEATURE_WGET_TIMEOUT 26 | endef 27 | 28 | define Package/$(PKG_NAME)/description 29 | This package load and configures the current hood 30 | endef 31 | 32 | define Build/Compile 33 | # nothing 34 | endef 35 | 36 | define Package/$(PKG_NAME)/install 37 | $(CP) ./files/* $(1)/ 38 | endef 39 | 40 | $(eval $(call BuildPackage,$(PKG_NAME))) 41 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoods/files/etc/uci-defaults/93-fff-hoodfile: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/keyxchange 2 | 3 | ln -s "$hoodfilewww" /www/hood/keyxchangev2data 4 | 5 | uci set fff.keyserver='hood' 6 | uci commit fff 7 | 8 | exit 0 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoods/files/usr/lib/firewall.d/30-gateway-fe801: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | # Erlaube nur fe80::1 von BATMAN -> CLIENT 5 | # -p IPv6 --ip6-src fe80::1 -j IN_ONLY 6 | ether type ip6 ip6 saddr fe80::1 counter jump IN_ONLY 7 | } 8 | 9 | chain FORWARD { 10 | # Erlaube nur fe80::1 von KNOTEN -> CLIENT 11 | # -p IPv6 --ip6-src fe80::1 -j IN_ONLY 12 | ether type ip6 ip6 saddr fe80::1 counter jump IN_ONLY 13 | } 14 | } 15 | __EOF 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods: -------------------------------------------------------------------------------- 1 | 3-59/5 * * * * /bin/sleep $(/usr/bin/random 1 15); [ -f /tmp/started ] && /usr/sbin/configurehood 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoodutils/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-hoodutils 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken hoodutils 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-network +fff-config 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This package contains hood-related code that may 18 | may be used outside of configurehood 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoodutils/files/lib/functions/fff/evalhoodinfo: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2017 Adrian Schmutzler 4 | 5 | . /lib/functions/fff/keyxchange 6 | 7 | jsonfile="$(getJsonPath)" 8 | if [ -n "$jsonfile" ] ; then 9 | json_load "$(cat "$jsonfile")" 10 | json_select hood 11 | json_get_var mesh_type2 mesh_type2 12 | json_get_var mesh_type5 mesh_type5 13 | json_get_var chan2ghz channel2 14 | json_get_var chan5ghz channel5 15 | json_get_var essid essid 16 | else 17 | mesh_type2="-" 18 | mesh_type5="-" 19 | chan2ghz="-" 20 | chan5ghz="-" 21 | essid="-" 22 | fi 23 | 24 | real_chan2ghz="--" 25 | real_chan5ghz="--" 26 | real_essid="-" 27 | if uci -q get wireless.w2ap > /dev/null ; then 28 | radio2="$(uci -q get wireless.w2ap.device)" 29 | real_chan2ghz="$(uci -q get "wireless.${radio2}.channel")" 30 | real_essid="$(uci -q get wireless.w2ap.ssid)" 31 | fi 32 | if uci -q get wireless.w5ap > /dev/null ; then 33 | radio5="$(uci -q get wireless.w5ap.device)" 34 | real_chan5ghz="$(uci -q get "wireless.${radio5}.channel")" 35 | real_essid="$(uci -q get wireless.w5ap.ssid)" 36 | fi 37 | -------------------------------------------------------------------------------- /src/packages/fff/fff-hoodutils/files/lib/functions/fff/keyxchange: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2017 Adrian Schmutzler 4 | 5 | . /usr/share/libubox/jshn.sh 6 | . /etc/firmware_release 7 | 8 | hoodfiletmp="/tmp/hoodfile" 9 | hoodfileref="/tmp/hoodfileref" 10 | hoodfilewww="/tmp/hoodfilewww" 11 | 12 | getJsonPath() { 13 | jsonfile="" 14 | if [ -s "$hoodfilewww" ] ; then 15 | jsonfile="$hoodfilewww" 16 | elif [ -s "$hoodfileref" ] ; then 17 | jsonfile="$hoodfileref" 18 | elif [ -s "$hoodfiletmp" ] ; then 19 | jsonfile="$hoodfiletmp" 20 | fi 21 | echo "$jsonfile" 22 | } 23 | 24 | getUpgradePath() { 25 | jsonfile="$(getJsonPath)" 26 | local upgrade_path 27 | 28 | if [ -n "$jsonfile" ] ; then 29 | json_load "$(cat "$jsonfile")" 30 | json_select hood 31 | json_get_var upath upgrade_path 32 | upgrade_path="$upath" 33 | else 34 | upgrade_path="http://dev.freifunk-franken.de" 35 | >&2 echo "Upgrade path not set! Falling back to $upgrade_path" 36 | fi 37 | 38 | # add full firmware path for current firmwares variant 39 | echo "${upgrade_path}/${VARIANT}/current" 40 | 41 | return 0 42 | } 43 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-layer3-config 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-layer3-config 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Layer3 firmware configuration tools 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:= \ 14 | +fff-boardname \ 15 | +fff-config \ 16 | +fff-dhcp \ 17 | +fff-network 18 | endef 19 | 20 | define Package/fff-layer3-config/description 21 | This package provides the means for configuring the gateway 22 | endef 23 | 24 | define Build/Compile 25 | # nothing 26 | endef 27 | 28 | define Package/fff-layer3-config/install 29 | $(CP) ./files/* $(1)/ 30 | endef 31 | 32 | $(eval $(call BuildPackage,fff-layer3-config)) 33 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/layer3.d/01-version: -------------------------------------------------------------------------------- 1 | configure() { 2 | # check if gateway config exists 3 | if ! uci show gateway > /dev/null; then 4 | echo "ERROR: Gateway config could not be parsed or does not exist." 5 | 6 | return 1 7 | fi 8 | 9 | # check version of configuration 10 | local expected_version=4 11 | local config_version=$(uci -q get gateway.meta.config_version) 12 | 13 | if ! [ -n "$config_version" ]; then 14 | echo "ERROR: No config version given. Supported versions: '$expected_version'" 15 | 16 | return 1 17 | fi 18 | 19 | if [ "$config_version" != "$expected_version" ]; then 20 | echo "ERROR: Invalid config version. Expected '$expected_version', got '$config_version'." 21 | echo "Please check what has been changed and adjust your config appropriately." 22 | 23 | return 1 24 | fi 25 | 26 | return 0 27 | } 28 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/layer3.d/10-meta: -------------------------------------------------------------------------------- 1 | configure() { 2 | ## set hostname 3 | if name=$(uci -q get fff.system.hostname); then 4 | uci -q set system.@system[0].hostname="$name" 5 | else 6 | echo "WARNING: No hostname set!" 7 | fi 8 | 9 | ## set contact 10 | if ! contact=$(uci -q get fff.system.contact); then 11 | echo "WARNING: No contact set!" 12 | fi 13 | 14 | ## set location 15 | if ! lat=$(uci -q get fff.system.latitude) || ! long=$(uci -q get fff.system.longitude); then 16 | echo "WARNING: No location set!" 17 | fi 18 | 19 | ## hoodname 20 | if hood=$(uci -q get fff.system.hoodname); then 21 | uci -q set "system.@system[0].hood=$hood" 22 | else 23 | echo "WARNING: No hoodname set!" 24 | fi 25 | } 26 | 27 | apply() { 28 | uci commit system 29 | uci commit fff 30 | echo "$(uci get "system.@system[0].hostname")" > /proc/sys/kernel/hostname 31 | } 32 | 33 | revert() { 34 | uci revert system 35 | uci revert fff 36 | } 37 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/layer3.d/20-vlan: -------------------------------------------------------------------------------- 1 | # load uci functions 2 | . /lib/functions.sh 3 | 4 | # load board specific properties 5 | BOARD="$(uci get board.model.name)" 6 | . /etc/network.$BOARD 7 | . /lib/functions/fff/cpuport 8 | 9 | 10 | configure() { 11 | add_vlan() { 12 | local vlan="$1" 13 | local ports="$(uci -q get gateway.$vlan.ports)" 14 | local name="$SWITCHDEV"_$vlan 15 | 16 | if [ "$DSA" = "1" ]; then 17 | uci set network.$name='bridge-vlan' 18 | else 19 | uci set network.$name='switch_vlan' 20 | fi 21 | 22 | uci set network.$name.device="$(uci get network.$SWITCHDEV.name)" 23 | uci set network.$name.vlan="$vlan" 24 | uci set network.$name.ports="$(get_cpu_port) $ports" 25 | } 26 | 27 | remove_vlan() { 28 | local name="$1" 29 | 30 | local switchdev=$(echo $name | cut -d_ -f1) 31 | local vlan=$(echo $name | cut -d_ -f2) 32 | 33 | # only remove vlans not present in gateway config 34 | if ! uci -q get gateway.$vlan > /dev/null; then 35 | # remove switch_vlan 36 | uci del network.$name 37 | fi 38 | } 39 | 40 | config_load network 41 | config_foreach remove_vlan switch_vlan 42 | config_foreach remove_vlan bridge-vlan 43 | 44 | config_load gateway 45 | config_foreach add_vlan vlan 46 | } 47 | 48 | apply() { 49 | uci commit network 50 | } 51 | 52 | revert() { 53 | uci revert network 54 | } 55 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/layer3.d/30-network-routerip: -------------------------------------------------------------------------------- 1 | . /lib/functions.sh 2 | 3 | configure() { 4 | local router_ip 5 | local router_ip6 6 | 7 | # prepare routerip config 8 | uci -q set network.routerip=interface 9 | uci -q set network.routerip.ifname='lo' 10 | uci -q set network.routerip.proto='static' 11 | 12 | 13 | # clean old addresses 14 | uci -q del network.routerip.ipaddr 15 | uci -q del network.routerip.ip6addr 16 | 17 | # clean old rules 18 | remove_rules() { 19 | local name="$1" 20 | 21 | # check if filter was added by this script 22 | if ! [ "$(uci -q get network.$name.addedbyautoconfig)" = '30-network-routerip' ]; then 23 | return 24 | fi 25 | 26 | uci -q del network.$name 27 | } 28 | 29 | config_load network 30 | config_foreach remove_rules rule 31 | config_foreach remove_rules rule6 32 | 33 | # add router_ip 34 | router_ip=$(uci -q get gateway.meta.router_ip) 35 | for ip in $router_ip; do 36 | uci -q add_list network.routerip.ipaddr="$ip" 37 | 38 | # CIDR notation required 39 | case $ip in 40 | */*) 41 | # do nothing; ip is already in CIDR notation 42 | ;; 43 | *) 44 | ip="$ip/32" 45 | ;; 46 | esac 47 | 48 | config=$(uci add network rule) 49 | uci -q set network.$config.src="$ip" 50 | uci -q set network.$config.lookup='fff' 51 | # default prio for the ip4table interface option is 10000 52 | uci -q set network.$config.priority='10000' 53 | uci -q set network.$config.addedbyautoconfig='30-network-routerip' 54 | done 55 | 56 | # add router_ip6 57 | router_ip6=$(uci -q get gateway.meta.router_ip6) 58 | for ip in $router_ip6; do 59 | uci -q add_list network.routerip.ip6addr="$ip" 60 | 61 | # CIDR notation required 62 | case $ip in 63 | */*) 64 | # do nothing; ip is already in CIDR notation 65 | ;; 66 | *) 67 | ip="$ip/128" 68 | ;; 69 | esac 70 | 71 | config=$(uci add network rule6) 72 | uci -q set network.$config.src="$ip" 73 | uci -q set network.$config.lookup='fff' 74 | # default prio for the ip6table interface option is 10000 75 | uci -q set network.$config.priority='10000' 76 | uci -q set network.$config.addedbyautoconfig='30-network-routerip' 77 | done 78 | } 79 | 80 | apply() { 81 | uci commit network 82 | } 83 | 84 | revert() { 85 | uci revert network 86 | } 87 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/layer3.d/30-network-wan: -------------------------------------------------------------------------------- 1 | # load board specific properties 2 | BOARD="$(uci get board.model.name)" 3 | . /etc/network.$BOARD 4 | 5 | configure() { 6 | if vlan=$(uci -q get gateway.@wan[0].vlan); then 7 | uci set network.wan.ifname="${SWITCHDEV}.$vlan" 8 | elif iface=$(uci -q get gateway.@wan[0].iface); then 9 | uci set network.wan.ifname="$iface" 10 | else 11 | uci -q del network.wan.ifname || true 12 | fi 13 | } 14 | 15 | apply() { 16 | uci commit network 17 | } 18 | 19 | revert() { 20 | uci revert network 21 | } 22 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/uci-defaults/20-l3config-generate-default: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | . /lib/functions.sh 4 | 5 | BOARD="$(uci get board.model.name)" 6 | . /etc/network.$BOARD 7 | 8 | # skip if gateway configuration already exists 9 | if [ -s /etc/config/gateway ]; then 10 | exit 0 11 | fi 12 | 13 | touch /etc/config/gateway 14 | 15 | essid='noservice.freifunk' 16 | chan2ghz='1' 17 | chan5ghz='36' 18 | 19 | uci batch <<-EOF 20 | set gateway.meta='gateway' 21 | set gateway.meta.config_version='4' 22 | 23 | add gateway wireless 24 | set gateway.@wireless[0].chan2ghz='$chan2ghz' 25 | set gateway.@wireless[0].chan5ghz='$chan5ghz' 26 | 27 | set gateway.client=client 28 | 29 | add gateway dns 30 | add_list gateway.@dns[0].server='fd43:5602:29bd:ffff:1:1:1:1' 31 | EOF 32 | 33 | if [ "$ONE_PORT" = "YES" ]; then 34 | uci batch <<-EOF 35 | set gateway.client.iface='$SWITCHDEV' 36 | EOF 37 | elif [ "$TWO_PORT" = "YES" ]; then 38 | uci batch <<-EOF 39 | set gateway.client.iface='$SWITCHDEV' 40 | add gateway wan 41 | set gateway.@wan[0].iface='$WANDEV' 42 | EOF 43 | elif [ "$DSA" = "1" ]; then 44 | uci batch <<-EOF 45 | set gateway.client.vlan='1' 46 | add gateway wan 47 | set gateway.@wan[0].vlan='2' 48 | 49 | set gateway.1=vlan 50 | set gateway.1.comment='client' 51 | set gateway.1.ports='$(for port in $BATMAN_PORTS $CLIENT_PORTS; do printf "${port}:* "; done | xargs)' 52 | 53 | set gateway.2=vlan 54 | set gateway.2.comment='wan' 55 | set gateway.2.ports='$(for port in $WAN_PORTS; do printf "${port}:* "; done | xargs)' 56 | EOF 57 | else 58 | uci batch <<-EOF 59 | set gateway.client.vlan='1' 60 | add gateway wan 61 | set gateway.@wan[0].vlan='2' 62 | 63 | set gateway.1=vlan 64 | set gateway.1.comment='client' 65 | set gateway.1.ports='$BATMAN_PORTS $CLIENT_PORTS' 66 | 67 | set gateway.2=vlan 68 | set gateway.2.comment='wan' 69 | set gateway.2.ports='$WAN_PORTS' 70 | EOF 71 | fi 72 | 73 | # separated from the section above for 74 | # a more pleasing option order in the configuration file 75 | uci batch <<-EOF 76 | set gateway.client.essid='$essid' 77 | add_list gateway.client.ip6addr="fdff::1/64" 78 | EOF 79 | 80 | uci commit gateway 81 | 82 | exit 0 83 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/uci-defaults/20-l3config-migrate-1-to-2: -------------------------------------------------------------------------------- 1 | ## this script migrates configs from version 1 to 2. 2 | ## 3 | ## with version 2 the switchport names of some devices changed 4 | ## due to the switch to DSA 5 | 6 | 7 | BOARD="$(uci get board.model.name)" 8 | 9 | # only migrate appropriate config versions 10 | [ "$(uci -q get gateway.meta.config_version)" = "1" ] || exit 0 11 | 12 | translate_ports() { 13 | local vlan="$1" 14 | local oldports="$(uci -q get gateway.$vlan.ports)" 15 | local newports 16 | 17 | local name 18 | local tag 19 | 20 | for port in $oldports; do 21 | # generate new tagged/untagged syntax 22 | if [ -z "${port##*t}" ]; then 23 | # port is tagged 24 | tag=":t" 25 | else 26 | # port is untagged 27 | tag=":*" 28 | fi 29 | 30 | # generate new name 31 | case "$BOARD" in 32 | ubnt,edgerouter-x|\ 33 | ubnt,edgerouter-x-sfp) 34 | case "${port%%t}" in 35 | 0) name="eth0" ;; 36 | 1) name="eth1" ;; 37 | 2) name="eth2" ;; 38 | 3) name="eth3" ;; 39 | 4) name="eth4" ;; 40 | 5) name="eth5" ;; 41 | *) name="" ;; 42 | esac 43 | ;; 44 | netgear,r6220) 45 | case "${port%%t}" in 46 | 0) name="lan1" ;; 47 | 1) name="lan2" ;; 48 | 2) name="lan3" ;; 49 | 3) name="lan4" ;; 50 | 4) name="wan" ;; 51 | *) name="" ;; 52 | esac 53 | ;; 54 | esac 55 | 56 | # catch empty name (invalid entry or old cpuport) 57 | [ -z "$name" ] && continue 58 | 59 | # assemble new port name 60 | newports="$newports ${name}${tag}" 61 | done 62 | 63 | # cleanup unnecessary spaces 64 | newports=$(echo "$newports" | xargs) 65 | 66 | uci set gateway.$vlan.ports="$newports" 67 | } 68 | 69 | case "$BOARD" in 70 | ubnt,edgerouter-x|\ 71 | ubnt,edgerouter-x-sfp|\ 72 | netgear,r6220) 73 | config_load gateway 74 | config_foreach translate_ports vlan 75 | ;; 76 | esac 77 | 78 | uci set gateway.meta.config_version='2' 79 | uci commit gateway 80 | 81 | exit 0 82 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/uci-defaults/21-l3config-migrate-2-to-3: -------------------------------------------------------------------------------- 1 | ## this script migrates configs from version 2 to 3. 2 | ## 3 | ## with version 2 the switchport names of some devices changed 4 | ## due to the switch to DSA 5 | 6 | 7 | BOARD="$(uci get board.model.name)" 8 | 9 | # only migrate appropriate config versions 10 | [ "$(uci -q get gateway.meta.config_version)" = "2" ] || exit 0 11 | 12 | translate_ports() { 13 | local vlan="$1" 14 | local oldports="$(uci -q get gateway.$vlan.ports)" 15 | local newports 16 | 17 | local name 18 | local tag 19 | 20 | for port in $oldports; do 21 | # generate new tagged/untagged syntax 22 | if [ -z "${port##*t}" ]; then 23 | # port is tagged 24 | tag=":t" 25 | else 26 | # port is untagged 27 | tag=":*" 28 | fi 29 | 30 | # generate new name 31 | case "$BOARD" in 32 | avm,fritzbox-4040) 33 | case "${port%%t}" in 34 | 1) name="lan1" ;; 35 | 2) name="lan2" ;; 36 | 3) name="lan3" ;; 37 | 4) name="lan4" ;; 38 | 5) name="wan" ;; 39 | *) name="" ;; 40 | esac 41 | ;; 42 | tplink,tl-wdr4900-v1) 43 | case "${port%%t}" in 44 | 1) name="wan" ;; 45 | 2) name="lan1" ;; 46 | 3) name="lan2" ;; 47 | 4) name="lan3" ;; 48 | 5) name="lan4" ;; 49 | *) name="" ;; 50 | esac 51 | ;; 52 | esac 53 | 54 | # catch empty name (invalid entry or old cpuport) 55 | [ -z "$name" ] && continue 56 | 57 | # assemble new port name 58 | newports="$newports ${name}${tag}" 59 | done 60 | 61 | # cleanup unnecessary spaces 62 | newports=$(echo "$newports" | xargs) 63 | 64 | uci set gateway.$vlan.ports="$newports" 65 | } 66 | 67 | case "$BOARD" in 68 | avm,fritzbox-4040|\ 69 | tplink,tl-wdr4900-v1) 70 | config_load gateway 71 | config_foreach translate_ports vlan 72 | ;; 73 | esac 74 | 75 | uci set gateway.meta.config_version='3' 76 | uci commit gateway 77 | 78 | exit 0 79 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/uci-defaults/23-network-layer3: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | . /lib/functions/system.sh 5 | . /lib/functions/fff/network 6 | 7 | BOARD="$(uci get board.model.name)" 8 | . /etc/network.$BOARD 9 | 10 | [ -n "$ROUTERMAC" ] || ROUTERMAC=$(get_mac_label) 11 | 12 | uci batch <<-__EOF__ 13 | set network.fdff='interface' 14 | set network.fdff.ifname='lo' 15 | set network.fdff.proto='static' 16 | set network.fdff.ip6deprecated='1' 17 | 18 | add_list network.fdff.ip6addr="fdff::1/128" 19 | add_list network.fdff.ip6addr="fdff::$(ipMacSuffic "$ROUTERMAC")/128" 20 | add_list network.fdff.ip6addr="fdff::$(ipEUISuffix "$ROUTERMAC")/128" 21 | __EOF__ 22 | 23 | uci -q commit network 24 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-config/files/etc/uci-defaults/99-configure-layer3: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | # Reapply gateway settings, if configuration succeeds 5 | if yes | configure-layer3 -c; then 6 | configure-layer3 -a 7 | exit 0 8 | else 9 | # TODO: failsafe, if configuration does not succeed. 10 | configure-layer3 -r 11 | fi 12 | 13 | exit 0 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-nodewatcher/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-layer3-nodewatcher 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-layer3-nodewatcher 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Nodewatcher-Monitoring-Proxy 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+curl +micrond +fff-random +fff-nodewatcher 14 | endef 15 | 16 | define Package/fff-layer3-nodewatcher/description 17 | The Nodewatcher-Monitoring-Proxy is used 18 | to send node status information to 19 | https://monitoring.freifunk-franken.de/ 20 | endef 21 | 22 | define Build/Compile 23 | # nothing 24 | endef 25 | 26 | define Package/fff-layer3-nodewatcher/install 27 | $(CP) ./files/* $(1)/ 28 | endef 29 | 30 | $(eval $(call BuildPackage,fff-layer3-nodewatcher)) 31 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-nodewatcher/files/usr/lib/micron.d/fff-nodewatcher-layer3: -------------------------------------------------------------------------------- 1 | */5 * * * * sleep $(/usr/bin/random 70 85); /usr/sbin/fff-nodewatcher-layer3 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-nodewatcher/files/usr/sbin/fff-nodewatcher-layer3: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | 3 | set -e 4 | set -o pipefail 5 | 6 | . /lib/functions/system.sh 7 | 8 | api_url="https://monitoring.freifunk-franken.de/api/alfred2" 9 | BOARD="$(uci get board.model.name)" 10 | . /etc/network.$BOARD 11 | 12 | [ -n "$ROUTERMAC" ] || ROUTERMAC=$(get_mac_label) 13 | MACADDR=$(echo $ROUTERMAC | /bin/sed 's/://g') 14 | 15 | test -f /tmp/started || exit 1 16 | 17 | printf '{"%s": "%s"}' "$MACADDR" "$(/usr/sbin/nodewatcher)" | \ 18 | /usr/bin/curl -k -sS -H "Content-type: application/json; charset=UTF-8" --data-binary @- "$api_url" 19 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-snat/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-layer3-snat 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-layer3-snat 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken layer3 configuration with SNAT 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:= \ 14 | +fff-firewall \ 15 | +fff-layer3-config \ 16 | +kmod-nft-nat 17 | endef 18 | 19 | define Package/fff-layer3-snat/description 20 | With this package it is possible to make SNAT with IPv4 on the router 21 | endef 22 | 23 | define Build/Compile 24 | # nothing 25 | endef 26 | 27 | define Package/fff-layer3-snat/install 28 | $(CP) ./files/* $(1)/ 29 | endef 30 | 31 | $(eval $(call BuildPackage,fff-layer3-snat)) 32 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-snat/files/etc/layer3.d/33-snat.conf: -------------------------------------------------------------------------------- 1 | # load uci functions 2 | . /lib/functions.sh 3 | . /lib/functions/system.sh 4 | 5 | configure() { 6 | add_snat() { 7 | local name="$1" 8 | 9 | if [ "$(uci -q get gateway.$name.snat)" = '1' ]; then 10 | 11 | # first check the config is plausible 12 | if ! routerip=$(uci -q get gateway.meta.router_ip); then 13 | echo "ERROR: No router_ip set, which is required for SNAT!" 14 | return 1 15 | fi 16 | if ! uci -q get gateway.$name.ipaddr >/dev/null; then 17 | echo "ERROR: No ipaddr set, which is required for SNAT!" 18 | return 1 19 | fi 20 | 21 | # keep only the first IP 22 | routerip=${routerip%% *} 23 | # keep only the IP without the CIDR 24 | routerip=${routerip%%/*} 25 | 26 | # We set the snat config 27 | uci set network.$name.fff_snat=1 28 | uci set network.$name.fff_snat_sourceip=$routerip 29 | fi 30 | } 31 | 32 | remove_snat() { 33 | local name="$1" 34 | 35 | uci -q del network.$name.fff_snat 36 | uci -q del network.$name.fff_snat_sourceip 37 | 38 | # TODO: only delete if fff_snat is actually gone 39 | } 40 | 41 | 42 | config_load network 43 | config_foreach remove_snat interface 44 | 45 | config_load gateway 46 | config_foreach add_snat client 47 | } 48 | 49 | apply() { 50 | uci commit network 51 | } 52 | 53 | revert() { 54 | uci revert network 55 | } 56 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3-snat/files/usr/lib/firewall.d/30-snat: -------------------------------------------------------------------------------- 1 | # load uci functions 2 | . /lib/functions.sh 3 | . /lib/functions/system.sh 4 | 5 | 6 | NAT_BASE_MARK=0x736e6174 7 | NAT_GLOBAL=0 8 | 9 | 10 | add_snat() { 11 | local name="$1" 12 | 13 | if [ "$(uci -q get network.$name.fff_snat)" = '1' ]; then 14 | # create tables if at least one SNAT entry is present 15 | if [ "$NAT_GLOBAL" == 0 ]; then 16 | nft add table ip mangle 17 | nft add chain ip mangle PREROUTING '{ type filter hook prerouting priority mangle; policy accept; }' 18 | 19 | nft add table ip nat 20 | nft add chain ip nat POSTROUTING '{ type nat hook postrouting priority srcnat; policy accept; }' 21 | 22 | # semantically wrong. Only works, because all fff_snat_sourceip are identical by design. 23 | nft add rule ip nat POSTROUTING meta mark "$NAT_BASE_MARK" counter snat ip to $(uci -q get network.$name.fff_snat_sourceip) 24 | 25 | NAT_GLOBAL=1 26 | fi 27 | 28 | nft add rule ip mangle PREROUTING iifname "br-$name" counter mark set "$NAT_BASE_MARK" 29 | fi 30 | } 31 | 32 | config_load network 33 | config_foreach add_snat interface 34 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-layer3 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-layer3 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken gateway configuration 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-babel \ 14 | +fff-babel-bird2 \ 15 | +fff-boardname \ 16 | +fff-dhcp \ 17 | +fff-layer3-config \ 18 | +fff-layer3-nodewatcher \ 19 | +fff-layer3-snat \ 20 | +fff-mqtt-monitoring \ 21 | +fff-network \ 22 | +fff-ra \ 23 | +fff-web-l3config \ 24 | +fff-web-mqtt \ 25 | +fff-wireguard \ 26 | +kmod-sched-cake \ 27 | +gre \ 28 | +@PACKAGE_grev4 \ 29 | +@PACKAGE_grev6 \ 30 | +iperf3 \ 31 | +ip-full \ 32 | +nftables \ 33 | +tc \ 34 | +tcpdump-mini \ 35 | +vxlan 36 | endef 37 | 38 | define Package/fff-layer3/description 39 | This package provides the packages and settings for the layer 3 firmware 40 | endef 41 | 42 | define Build/Compile 43 | # nothing 44 | endef 45 | 46 | define Package/fff-layer3/install 47 | $(CP) ./files/* $(1)/ 48 | endef 49 | 50 | $(eval $(call BuildPackage,fff-layer3)) 51 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3/files/etc/sysctl.d/60-fff-layer3.conf: -------------------------------------------------------------------------------- 1 | # Enable forwarding 2 | net.ipv4.conf.all.forwarding=1 3 | net.ipv4.ip_forward=1 4 | net.ipv6.conf.all.forwarding=1 5 | net.ipv6.conf.default.forwarding=1 6 | 7 | # Use inbound ifaddr for icmp errors to ensure correct PMTUD when using far-away NAT 8 | net.ipv4.icmp_errors_use_inbound_ifaddr=1 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3/files/etc/uci-defaults/90-rc-local: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | cat <<-__EOF__ >/etc/rc.local 5 | #!/bin/sh 6 | # Put your custom commands here that should be executed once 7 | # the system init finished. By default this file does nothing. 8 | 9 | touch /tmp/started 10 | 11 | exit 0 12 | __EOF__ 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3/files/usr/lib/firewall.d/10-no-forward-wan: -------------------------------------------------------------------------------- 1 | # Ensure nothing is forwarded onto WAN interface 2 | if [ -n "$IF_WAN" ]; then 3 | nft add table ip filter 4 | nft add chain ip filter FORWARD '{ type filter hook forward priority filter; policy accept; }' 5 | nft add table ip6 filter 6 | nft add chain ip6 filter FORWARD '{ type filter hook forward priority filter; policy accept; }' 7 | 8 | nft add rule ip filter FORWARD oifname "$IF_WAN" counter reject with icmp net-unreachable 9 | nft add rule ip6 filter FORWARD oifname "$IF_WAN" counter reject with icmpv6 no-route 10 | fi 11 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3/files/usr/lib/firewall.d/20-stateful-firewall: -------------------------------------------------------------------------------- 1 | # load uci functions 2 | . /lib/functions.sh 3 | . /lib/functions/system.sh 4 | 5 | 6 | NAT_BASE_MARK=0x736e6174 7 | NAT_GLOBAL=0 8 | 9 | 10 | add_firewall() { 11 | local name="$1" 12 | 13 | [ "$(uci -q get network.$name.fff_stateful_firewall)" != 1 ] && return 14 | 15 | nft -f - << EOF 16 | table ip filter { 17 | chain forward-client { 18 | ct state { 19 | established, 20 | related, 21 | } accept \ 22 | comment "accept traffic originating from clients" 23 | 24 | ip protocol icmp icmp type { 25 | echo-reply, 26 | destination-unreachable, 27 | echo-request, 28 | time-exceeded, 29 | parameter-problem, 30 | } accept \ 31 | comment "accept icmp" 32 | 33 | counter drop \ 34 | comment "drop the rest" 35 | } 36 | chain FORWARD { 37 | type filter hook forward priority filter; policy accept; 38 | oifname "br-$name" goto forward-client 39 | } 40 | } 41 | 42 | table ip6 filter { 43 | chain forward-client { 44 | ct state { 45 | established, 46 | related, 47 | } accept \ 48 | comment "accept traffic originating from clients" 49 | 50 | ip6 nexthdr icmpv6 icmpv6 type { 51 | destination-unreachable, 52 | packet-too-big, 53 | time-exceeded, 54 | parameter-problem, 55 | echo-request, 56 | echo-reply, 57 | } accept \ 58 | comment "accept icmpv6 for basic ipv6 functionality" 59 | 60 | counter drop \ 61 | comment "drop the rest" 62 | } 63 | chain FORWARD { 64 | type filter hook forward priority filter; policy accept; 65 | oifname "br-$name" goto forward-client 66 | } 67 | } 68 | EOF 69 | } 70 | 71 | config_load network 72 | config_foreach add_firewall interface 73 | 74 | 75 | 76 | -------------------------------------------------------------------------------- /src/packages/fff/fff-layer3/files/usr/lib/nodewatcher.d/90-latency.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ipv4dest=$(uci -q get fff.latency.ipv4) 3 | ipv6dest=$(uci -q get fff.latency.ipv6) 4 | if [ -n "$ipv4dest" ] || [ -n "$ipv6dest" ] ; then 5 | printf "" 6 | 7 | if [ -n "$ipv4dest" ] ; then 8 | ipv4latency=$(ping -qc3 -4 $ipv4dest 2>&1 | awk -F'/' 'END{ print (/^round-trip/? $4:"0") }') 9 | printf "$ipv4latency$ipv4dest" 10 | fi 11 | 12 | if [ -n "$ipv6dest" ] ; then 13 | ipv6latency=$(ping -qc3 -6 $ipv6dest 2>&1 | awk -F'/' 'END{ print (/^round-trip/? $4:"0") }') 14 | printf "$ipv6latency$ipv6dest" 15 | fi 16 | 17 | printf "" 18 | fi 19 | exit 0 20 | -------------------------------------------------------------------------------- /src/packages/fff/fff-macnock/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-macnock 4 | PKG_RELEASE:=2 5 | 6 | PKG_SOURCE_PROTO:=git 7 | PKG_SOURCE_URL:=https://github.com/FreifunkFranken/macnocker.git 8 | PKG_SOURCE_DATE:=2020-04-26 9 | PKG_SOURCE_VERSION:=d0bdfdba569934442e9d8bfc01bcc6c3712b6011 10 | 11 | include $(INCLUDE_DIR)/package.mk 12 | include $(INCLUDE_DIR)/cmake.mk 13 | 14 | CMAKE_OPTIONS+=-DMACNOCK_DEBUG=ON 15 | 16 | define Package/$(PKG_NAME) 17 | SECTION:=base 18 | CATEGORY:=Freifunk 19 | TITLE:=Freifunk-Franken mac nocker 20 | URL:=https://www.freifunk-franken.de 21 | KCONFIG:= \ 22 | CONFIG_NET_EMATCH=y \ 23 | CONFIG_NET_EMATCH_U32=y \ 24 | CONFIG_NET_CLS_BASIC=y \ 25 | CONFIG_NET_CLS_ACT=y \ 26 | CONFIG_NET_ACT_GACT=y \ 27 | CONFIG_NET_CLS_U32=y 28 | DEPENDS:=+fff-network +tc 29 | endef 30 | 31 | define Package/$(PKG_NAME)/install 32 | $(INSTALL_DIR) $(1)/usr/sbin 33 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/macnock $(1)/usr/sbin/macnock 34 | $(CP) ./files/* $(1)/ 35 | endef 36 | 37 | $(eval $(call BuildPackage,$(PKG_NAME))) 38 | -------------------------------------------------------------------------------- /src/packages/fff/fff-macnock/files/etc/init.d/macnock: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=99 4 | 5 | USE_PROCD=1 6 | PROCD_DEBUG=9 7 | 8 | validate_hood_section() { 9 | if [ -z "$(uci -q get network.ethmesh.ifname)" ]; then 10 | # false 11 | return 1 12 | fi 13 | 14 | if [ -n "$(uci -q get system.@system[0].hood)" -o -n "$(uci -q get network.client.macaddr)" ]; then 15 | # true 16 | return 0 17 | fi 18 | 19 | # false 20 | return 1 21 | } 22 | 23 | service_triggers() 24 | { 25 | local script name 26 | 27 | script=$(readlink -f "$initscript") 28 | name=$(basename ${script:-$initscript}) 29 | 30 | procd_add_config_trigger "config.change" "system" /etc/init.d/$name reload 31 | procd_add_interface_trigger "interface.*" "ethmesh" /etc/init.d/$name reload 32 | procd_add_validation validate_hood_section 33 | } 34 | 35 | reload_service() 36 | { 37 | echo "Explicitly restarting macnocker" 38 | stop 39 | start 40 | } 41 | 42 | start_service() { 43 | validate_hood_section || { 44 | echo "validation failed" 45 | return 1 46 | } 47 | 48 | 49 | local IFACE="$(uci -q get network.ethmesh.ifname)" 50 | local HOOD="$(uci -q get system.@system[0].hood)" 51 | if [ -z "$HOOD" ]; then 52 | HOOD="$(uci -q get network.client.macaddr)" 53 | fi 54 | 55 | procd_open_instance macnock 56 | procd_set_param command /usr/sbin/macnock $IFACE $HOOD 57 | procd_set_param respawn 10 10 0 58 | procd_set_param file /etc/config/system 59 | procd_set_param netdev $IFACE 60 | procd_set_param stdout 1 61 | procd_set_param stderr 1 62 | procd_set_param user root 63 | procd_close_instance 64 | } 65 | -------------------------------------------------------------------------------- /src/packages/fff/fff-macnock/files/etc/uci-defaults/52-fff-macnock: -------------------------------------------------------------------------------- 1 | if ! grep -q u32 /etc/iproute2/ematch_map; 2 | then 3 | echo "3 u32" > /etc/iproute2/ematch_map 4 | fi 5 | 6 | exit 0 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-mqtt-monitoring/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-mqtt-monitoring 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | PKG_BUILD_DIR:=$(BUILD_DIR)/fff-mqtt-monitoring 7 | 8 | include $(INCLUDE_DIR)/package.mk 9 | 10 | define Package/fff-mqtt-monitoring 11 | SECTION:=base 12 | CATEGORY:=Freifunk 13 | TITLE:=Freifunk-Franken mqtt configuration 14 | URL:=https://www.freifunk-franken.de 15 | DEPENDS:= \ 16 | +fff-mqtt \ 17 | +fff-nodewatcher \ 18 | +micrond 19 | endef 20 | 21 | define Package/fff-mqtt-monitoring/description 22 | This package send monitoring informations to 23 | the mqtt broker 24 | endef 25 | 26 | define Build/Compile 27 | # nothing 28 | endef 29 | 30 | define Package/fff-mqtt-monitoring/install 31 | $(CP) ./files/* $(1)/ 32 | endef 33 | 34 | $(eval $(call BuildPackage,fff-mqtt-monitoring)) 35 | -------------------------------------------------------------------------------- /src/packages/fff/fff-mqtt-monitoring/files/usr/lib/micron.d/fff-nodewatcher-mqtt: -------------------------------------------------------------------------------- 1 | */5 * * * * sleep $(/usr/bin/random 70 85); /usr/sbin/fff-nodewatcher-mqtt 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-mqtt-monitoring/files/usr/sbin/fff-nodewatcher-mqtt: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | set -o pipefail 5 | 6 | . /lib/functions/system.sh 7 | 8 | BOARD="$(uci get board.model.name)" 9 | . /etc/network.$BOARD 10 | 11 | [ -n "$ROUTERMAC" ] || ROUTERMAC=$(get_mac_label) 12 | MACADDR=$(echo $ROUTERMAC | /bin/sed 's/://g') 13 | 14 | test -f /tmp/started || exit 1 15 | 16 | DATA=$(printf '{"%s": "%s"}' "$MACADDR" "$(/usr/sbin/nodewatcher)") 17 | 18 | if [ -n "$(uci -q get fff.mqtt.server)" ] ; then 19 | mosquitto_pub -h "$(uci get fff.mqtt.server)" -p 1883 -t /monitoring/v1/$MACADDR -m "$DATA" 20 | fi 21 | 22 | -------------------------------------------------------------------------------- /src/packages/fff/fff-mqtt/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-mqtt 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | PKG_BUILD_DIR:=$(BUILD_DIR)/fff-mqtt 7 | 8 | include $(INCLUDE_DIR)/package.mk 9 | 10 | define Package/fff-mqtt 11 | SECTION:=base 12 | CATEGORY:=Freifunk 13 | TITLE:=Freifunk-Franken mqtt configuration 14 | URL:=https://www.freifunk-franken.de 15 | DEPENDS:= \ 16 | +fff-config \ 17 | +libmosquitto-nossl \ 18 | +mosquitto-client-nossl 19 | endef 20 | 21 | define Package/fff-mqtt/description 22 | This package provides mosquitto and settings 23 | endef 24 | 25 | define Build/Compile 26 | # nothing 27 | endef 28 | 29 | define Package/fff-mqtt/install 30 | $(CP) ./files/* $(1)/ 31 | endef 32 | 33 | $(eval $(call BuildPackage,fff-mqtt)) 34 | -------------------------------------------------------------------------------- /src/packages/fff/fff-mqtt/files/etc/uci-defaults/35-fff-mqtt: -------------------------------------------------------------------------------- 1 | uci set fff.mqtt=mqtt 2 | 3 | exit 0 4 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-network 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken network configuration 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:= \ 14 | +owipcalc \ 15 | +fff-boardname \ 16 | +fff-firewall 17 | endef 18 | 19 | define Package/$(PKG_NAME)/description 20 | This package configures the network interfaces 21 | endef 22 | 23 | define Build/Compile 24 | # nothing 25 | endef 26 | 27 | define Package/$(PKG_NAME)/install 28 | $(CP) ./files/* $(1)/ 29 | test -d ./$(ARCH) && $(CP) ./$(ARCH)/* $(1)/etc/ 30 | endef 31 | 32 | $(eval $(call BuildPackage,$(PKG_NAME))) 33 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/aarch64/network.mikrotik,rb5009: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="p2 p3 p4 p5 p6 p7 p8 sfp" 4 | WAN_PORTS="p1" 5 | DSA=1 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/aarch64/network.solidrun,clearfog-base: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="eth0 eth1" 4 | WAN_PORTS="eth2" 5 | DSA=1 6 | ROUTERMAC=$(cat /sys/class/net/eth2/address) 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/aarch64/network.solidrun,clearfog-pro: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="lan1 lan2" 4 | WAN_PORTS="eth2" 5 | BATMAN_PORTS="lan3 lan4" 6 | DSA=1 7 | ROUTERMAC=$(cat /sys/class/net/eth2/address) 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/arm/network.avm,fritzbox-4040: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="lan3 lan4" 4 | WAN_PORTS="wan" 5 | BATMAN_PORTS="lan1 lan2" 6 | DSA=1 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/arm/network.tplink,c2600: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="lan3 lan4" 4 | WAN_PORTS="wan" 5 | BATMAN_PORTS="lan1 lan2" 6 | DSA=1 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/etc/hotplug.d/net/40-net-rss: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0 3 | 4 | case "$(uci get board.model.name)" in 5 | mikrotik,rb5009) 6 | ethtool -K eth0 receive-hashing on 7 | ;; 8 | solidrun,clearfog-base|\ 9 | solidrun,clearfog-pro) 10 | ethtool -K eth0 receive-hashing on 11 | ethtool -K eth1 receive-hashing on 12 | ethtool -K eth2 receive-hashing on 13 | ;; 14 | esac 15 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/etc/sysctl.d/50-fff-network.conf: -------------------------------------------------------------------------------- 1 | # Disable IPv4 forwarding. 2 | # This has to be set first, because it resets some of the 3 | # net.ipv4.conf.* sysctls. 4 | net.ipv4.ip_forward=0 5 | 6 | # Enable IPv6 forwarding, otherwise the fc00::/7 route sometimes is 7 | # not used if a default route is available, which breaks fc00::/7 8 | # inside Freifunk. 9 | # To ensure no packets are routed to different interfaces, fff-firewall 10 | # sets appropriate iptables rules 11 | net.ipv6.conf.all.forwarding=1 12 | net.ipv6.conf.default.forwarding=0 13 | 14 | # Do not accept Router Advertisements, so no public 15 | # addresses are assigned to interfaces, where we don't 16 | # want them. OpenWrts netifd overwrites this option for the WAN 17 | # interface, so IPv6 WAN connectivity is still possible. 18 | net.ipv6.conf.default.accept_ra=0 19 | net.ipv6.conf.all.accept_ra=0 20 | 21 | # Disable DAD, so fdff::1 on br-client does not get erroneously disabled. 22 | # This should be done on a per-interface basis in the future. 23 | net.ipv6.conf.default.accept_dad=0 24 | net.ipv6.conf.all.accept_dad=0 25 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/etc/uci-defaults/20-migrate-gl-ar150: -------------------------------------------------------------------------------- 1 | # The GL-AR150 was converted from ONEPORT to TWOPORT. 2 | # Copy ETHMODE to LAN1MODE ("LAN"-Port) and set LAN0MODE ("WAN"-Port) to WAN to retain the configured behaviour for upgraded devices. 3 | if [ -s /etc/network.config ] ; then 4 | . /etc/network.config 5 | 6 | # Ensure ETHMODE contains a sensible value. Use default behaviour (CLIENT) otherwise. 7 | [ "$ETHMODE" != "BATMAN" ] && [ "$ETHMODE" != "CLIENT" ] && [ "$ETHMODE" != "WAN" ] && ETHMODE="CLIENT" 8 | 9 | echo "LAN0MODE='WAN' # use BATMAN, CLIENT or WAN" > /etc/network.config 10 | echo "LAN1MODE='$ETHMODE' # use BATMAN, CLIENT or WAN" >> /etc/network.config 11 | echo "FORCEPARSE='2' # Parse at: 0=first boot only, 1=every reboot, 2=next reboot (once)" >> /etc/network.config 12 | fi 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/etc/uci-defaults/20-remove-ports-override: -------------------------------------------------------------------------------- 1 | # Remove port configuration residues from earlier firmware versions 2 | sed -i -e '/^WAN_PORTS/d' -e '/^BATMAN_PORTS/d' -e '/^CLIENT_PORTS/d' /etc/network.config 3 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/etc/uci-defaults/22-network-base: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | . /lib/functions/system.sh 5 | . /lib/functions/fff/network 6 | 7 | BOARD="$(uci get board.model.name)" 8 | . /etc/network.$BOARD 9 | 10 | [ -n "$ROUTERMAC" ] || ROUTERMAC=$(get_mac_label) 11 | 12 | # Clear possibly existing network configuration 13 | > /etc/config/network 14 | 15 | # Add basic network configuration 16 | uci batch <<-__EOF__ 17 | del network.globals 18 | set network.globals=globals 19 | set network.globals.packet_steering='-n' 20 | 21 | set network.loopback='interface' 22 | set network.loopback.ifname='lo' 23 | set network.loopback.proto='static' 24 | set network.loopback.ipaddr='127.0.0.1' 25 | set network.loopback.netmask='255.0.0.0' 26 | 27 | set network.fdff='interface' 28 | set network.fdff.ifname='lo' 29 | set network.fdff.proto='static' 30 | set network.fdff.ip6deprecated='1' 31 | 32 | set network.wan='interface' 33 | set network.wan.proto='none' 34 | 35 | set network.wan4='interface' 36 | set network.wan4.proto='dhcp' 37 | set network.wan4.ifname='@wan' 38 | 39 | set network.wan6='interface' 40 | set network.wan6.proto='dhcpv6' 41 | set network.wan6.reqprefix='no' 42 | set network.wan6.sourcefilter='0' 43 | set network.wan6.ifname='@wan' 44 | __EOF__ 45 | 46 | SWITCHHW=$(swconfig list | awk '{ print $4 }') 47 | if [ "$DSA" = "1" ]; then 48 | uci batch <<-__EOF__ 49 | set network.$SWITCHDEV=device 50 | set network.$SWITCHDEV.name=$SWITCHDEV 51 | set network.$SWITCHDEV.type=bridge 52 | # temporary workaround for netifd bug present in OpenWrt 21.02.0 (FS#4104) 53 | set network.$SWITCHDEV.bridge_empty='1' 54 | __EOF__ 55 | elif [ -n "$SWITCHHW" ] && [ -z "$ONE_PORT" ] && [ -z "$TWO_PORT" ]; then 56 | uci batch <<-__EOF__ 57 | set network.$SWITCHDEV=switch 58 | set network.$SWITCHDEV.name=$SWITCHHW 59 | set network.$SWITCHDEV.enable=1 60 | set network.$SWITCHDEV.reset=1 61 | set network.$SWITCHDEV.enable_vlan=1 62 | __EOF__ 63 | fi 64 | 65 | uci -q commit network 66 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/etc/uci-defaults/50-packet-steering: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | # Skip devices which are capable of RSS 5 | if [ $(uci get board.model.name) = "mikrotik,rb5009" ]; then 6 | exit 0 7 | fi 8 | 9 | # Enable RPS 10 | uci batch <<-__EOF__ 11 | set network.globals=globals 12 | set network.globals.packet_steering='2' 13 | __EOF__ 14 | 15 | uci -q commit network 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/lib/functions/fff/cpuport: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2019 Adrian Schmutzler 4 | 5 | get_cpu_port() { 6 | local BOARD=$(uci get board.model.name) 7 | local CPUPORT 8 | 9 | case "$BOARD" in 10 | tplink,archer-c50-v3|\ 11 | tplink,archer-c50-v4|\ 12 | tplink,tl-wr1043nd-v2|\ 13 | tplink,tl-wr1043nd-v3|\ 14 | tplink,tl-wr841n-v13|\ 15 | xiaomi,mi-router-4a-100m|\ 16 | xiaomi,mi-router-4a-100m-intl) 17 | CPUPORT="6t" 18 | ;; 19 | avm,fritzbox-4040|\ 20 | mikrotik,rb5009|\ 21 | netgear,r6220|\ 22 | solidrun,clearfog-base|\ 23 | solidrun,clearfog-pro|\ 24 | tplink,c2600|\ 25 | tplink,cpe210-v2|\ 26 | tplink,cpe210-v3|\ 27 | tplink,tl-wdr4900-v1|\ 28 | ubnt,edgerouter-4|\ 29 | ubnt,edgerouter-x|\ 30 | ubnt,edgerouter-x-sfp|\ 31 | ubnt,nanostation-loco-m-xw|\ 32 | ubnt,unifi-ap|\ 33 | ubnt,unifiac-mesh|\ 34 | x86_64|\ 35 | xiaomi,mi-router-4a-gigabit) 36 | CPUPORT="" 37 | ;; 38 | *) 39 | CPUPORT="0t" 40 | ;; 41 | esac 42 | 43 | echo "$CPUPORT" 44 | } 45 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/lib/functions/fff/evalbytes: -------------------------------------------------------------------------------- 1 | 2 | human_bytes() { 3 | while read B ; do 4 | [ $B -lt 1024 ] && echo ${B} B && return 5 | KB=$(((B+512)/1024)) 6 | [ $KB -lt 1024 ] && echo ${KB} KB && return 7 | MB=$(((KB+512)/1024)) 8 | [ $MB -lt 1024 ] && echo ${MB} MB && return 9 | GB=$(((MB+512)/1024)) 10 | [ $GB -lt 1024 ] && echo ${GB} GB && return 11 | echo $(((GB+512)/1024)) TB && return 12 | done 13 | echo "-" 14 | } 15 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/lib/functions/fff/network: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2017 Adrian Schmutzler 4 | 5 | ipMacSuffix() { 6 | # Returns the lower 64 bits of an IPv6 address (0:aabb:ccdd:eeff) 7 | # based on the provided MAC address (aa:bb:cc:bb:ee:ff) 8 | # 9 | # Argument: MAC address (with colons) 10 | 11 | [ $# -ne "1" ] && return 1 12 | 13 | local mac=$1 14 | 15 | echo "$mac" | awk -F: '{ print "0:"$1$2":"$3$4":"$5$6 }' 16 | return 0 17 | } 18 | 19 | ipEUISuffix() { 20 | # Returns the EUI (interface ID, a8bb:ccff:fedd:eeff) 21 | # based on the provided MAC address (aa:bb:cc:bb:ee:ff) 22 | # 23 | # Argument: MAC address (with colons) 24 | 25 | [ $# -ne "1" ] && return 1 26 | 27 | local mac=$1 28 | 29 | echo "$mac" | awk -F: '{ printf("%02x%s:%sff:fe%s:%s%s\n", xor(("0x"$1),2), $2, $3, $4, $5, $6) }' 30 | return 0 31 | } 32 | 33 | macFlipLocalBit() { 34 | # Returns given MAC-address with locally administered bit flipped 35 | # 36 | # Argument: MAC-address 37 | 38 | local mac=$1 39 | 40 | echo "$mac" | awk -F: '{ printf("%02x:%s:%s:%s:%s:%s\n", xor(("0x"$1),2), $2, $3, $4, $5, $6) }' 41 | return 0 42 | } 43 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/lib/functions/fff/portorder: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2019 Adrian Schmutzler 4 | 5 | get_port_order() { 6 | local BOARD=$(uci get board.model.name) 7 | local PORTORDER 8 | 9 | case "$BOARD" in 10 | glinet,gl-ar150) 11 | PORTORDER="1" 12 | ;; 13 | netgear,r6220) 14 | PORTORDER="4 3 2 1 0" 15 | ;; 16 | tplink,archer-c25-v1|\ 17 | tplink,archer-c60-v1|\ 18 | tplink,archer-c60-v2) 19 | PORTORDER="4 3 2 1" 20 | ;; 21 | tplink,archer-c50-v4|\ 22 | tplink,tl-wr841n-v13) 23 | PORTORDER="0 1 2 3 4" 24 | ;; 25 | tplink,archer-c7-v2|\ 26 | tplink,archer-c7-v5|\ 27 | tplink,tl-wdr4300-v1) 28 | PORTORDER="1 2 3 4 5" 29 | ;; 30 | tplink,c2600|\ 31 | tplink,tl-wr1043nd-v4|\ 32 | tplink,tl-wr1043n-v5) 33 | PORTORDER="5 4 3 2 1" 34 | ;; 35 | tplink,cpe210-v1|\ 36 | tplink,cpe510-v1) 37 | PORTORDER="5 4" 38 | ;; 39 | xiaomi,mi-router-4a-100m|\ 40 | xiaomi,mi-router-4a-100m-intl) 41 | PORTORDER="0 2 4" 42 | ;; 43 | esac 44 | 45 | echo "$PORTORDER" 46 | } 47 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/files/usr/lib/nodewatcher.d/50-clients.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-only 3 | # 4 | # Netmon Nodewatcher (C) 2010-2012 Freifunk Oldenburg 5 | 6 | . /lib/functions/system.sh 7 | 8 | debug() { 9 | (>&2 echo "nodewatcher: $1") 10 | } 11 | 12 | debug "Collecting information about connected clients" 13 | 14 | client_count=0 15 | dataclient="" 16 | 17 | count_clients() { 18 | local name="$1" 19 | 20 | [ "$(uci -q get network.$name.fff_clientif)" = "1" ] || return 21 | 22 | CLIENT_INTERFACES=$(ls "/sys/class/net/br-$name/brif" | grep -v '^bat') 23 | for clientif in ${CLIENT_INTERFACES}; do 24 | cc=$(bridge fdb show br "br-$name" brport "$clientif" | grep -v self | grep -v permanent -c) 25 | client_count=$((client_count + cc)) 26 | dataclient="$dataclient<$clientif>$cc" 27 | done 28 | } 29 | 30 | config_load network 31 | config_foreach count_clients interface 32 | 33 | echo -n "$client_count" 34 | echo -n "$dataclient" 35 | 36 | exit 0 37 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.glinet,gl-ar150: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth1 4 | SWITCHDEV=eth0 5 | TWO_PORT=YES 6 | 7 | ETHMESHMAC="$(macFlipLocalBit $(cat /sys/class/net/eth0/address))" 8 | 9 | . /etc/network.mode 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.mode: -------------------------------------------------------------------------------- 1 | ################ 2 | ## This file is used to configure the behavior of network interfaces 3 | ## if the routers interfaces differ from the standard WAN+4LAN-Ports 4 | ## +2Wireless APs. 5 | ## If you want to change their behavior, you should edit the file 6 | ## /etc/network.config 7 | ## After that you have to reboot the router with following command. 8 | #reboot 9 | # 10 | ### The canonical syntax of this file is: 11 | #SPECIFIER="MODE" 12 | ### MODES 13 | ## Generally there are 3 operating modes for network interfaces in fff. 14 | #BATMAN: The interface is used to mesh with other fff-nodes 15 | #WAN: The interface is used to connect to supernodes via vpn and 16 | # ordinary internet. 17 | #CLIENT: The interface is used to connect clients to the fff-net 18 | ## 19 | ### SPECIFIER 20 | ## For devices only including one ethernet port the specifier is called 21 | ## ETHMODE. The default mode for these devices is "BATMAN". 22 | ## For example this is the case for: gl-ar150, tl-mr3020-v1, tl-wa850re-v1, 23 | ## tl-wa860re-v1, tl-wa901nd-v2, ubnt-bullet-m, ubnt-loco-m-xw, ubnt-nano-m, 24 | ## ubnt-unifi-ap 25 | ETHMODE="CLIENT" 26 | ## Devices featuring 2 ethernet ports are configured by SPECIFIERs ressembling 27 | ## the labels on the PORT itself. For the cpe210 these are called LAN0 and LAN1. 28 | ## Therefore they are configured as follows: 29 | LAN0MODE="WAN" 30 | LAN1MODE="CLIENT" 31 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,archer-c25-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | WAN_PORTS="" 5 | BATMAN_PORTS="3 4" 6 | 7 | ETHMESHMAC=$(cat /sys/class/net/eth0/address) 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,archer-c60-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | BATMAN_PORTS="3 4" 5 | 6 | ETHMESHMAC=$(cat /sys/class/net/eth1/address) 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,archer-c60-v2: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | BATMAN_PORTS="3 4" 5 | 6 | ETHMESHMAC=$(cat /sys/class/net/eth1/address) 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,archer-c7-v2: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth1 3 | CLIENT_PORTS="4 5" 4 | WAN_PORTS="1" 5 | BATMAN_PORTS="2 3" 6 | 7 | ETHMESHMAC=$(cat /sys/class/net/eth0/address) 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,archer-c7-v4: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="4 5 0t" 6 | WAN_PORTS="1 0t" 7 | BATMAN_PORTS="2 3 0t" 8 | 9 | # use mac address from phy1 with 'locally administered' bit set to '1' 10 | # only possible, because wXmesh is created first and therefore gets the 'universally administered address' 11 | 12 | ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/ieee80211/phy1/macaddress)") 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,archer-c7-v5: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="4 5" 6 | WAN_PORTS="1" 7 | BATMAN_PORTS="2 3" 8 | 9 | # use mac address from phy1 with 'locally administered' bit set to '1' 10 | # only possible, because wXmesh is created first and therefore gets the 'universally administered address' 11 | 12 | ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/ieee80211/phy1/macaddress)") 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,cpe210-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth0 3 | TWO_PORT=YES 4 | 5 | . /etc/network.mode 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,cpe210-v2: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | ONE_PORT="YES" 4 | 5 | . /etc/network.mode 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,cpe210-v3: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | ONE_PORT="YES" 4 | 5 | . /etc/network.mode 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,cpe510-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth0 3 | TWO_PORT=YES 4 | 5 | . /etc/network.mode 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wdr3500-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth1 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | WAN_PORTS= 5 | BATMAN_PORTS="3 4" 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wdr3600-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="4 5" 4 | WAN_PORTS="1" 5 | BATMAN_PORTS="2 3" 6 | 7 | . /lib/functions/system.sh 8 | 9 | ETHMESHMAC=$(macaddr_add $(cat /sys/class/ieee80211/phy1/macaddress) 1) 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wdr4300-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="4 5" 4 | WAN_PORTS="1" 5 | BATMAN_PORTS="2 3" 6 | 7 | . /lib/functions/system.sh 8 | 9 | ETHMESHMAC=$(macaddr_add $(cat /sys/class/ieee80211/phy1/macaddress) 1) 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wdr4310-v1: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="4 5" 4 | WAN_PORTS="1" 5 | BATMAN_PORTS="2 3" 6 | 7 | . /lib/functions/system.sh 8 | 9 | ETHMESHMAC=$(macaddr_add $(cat /sys/class/ieee80211/phy1/macaddress) 1) 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wr1043n-v5: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | WAN_PORTS="5" 5 | BATMAN_PORTS="3 4" 6 | 7 | . /lib/functions/system.sh 8 | . /lib/functions.sh 9 | 10 | # Load second MAC address from flash because we haven't any interface with this 11 | # address where we can copy it from 12 | 13 | ETHMESHMAC=$(macaddr_add $(mtd_get_mac_binary info 8) 1) 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wr1043nd-v2: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | WAN_PORTS="5" 5 | BATMAN_PORTS="3 4" 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wr1043nd-v3: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | WAN_PORTS="5" 5 | BATMAN_PORTS="3 4" 6 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.tplink,tl-wr1043nd-v4: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="1 2" 4 | WAN_PORTS="5" 5 | BATMAN_PORTS="3 4" 6 | 7 | . /lib/functions/system.sh 8 | . /lib/functions.sh 9 | 10 | # Load second MAC address from flash because we haven't any interface with this 11 | # address where we can copy it from 12 | 13 | ETHMESHMAC=$(macaddr_add $(mtd_get_mac_binary info 8) 1) 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.ubnt,nanostation-loco-m-xw: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="" 4 | WAN_PORTS="" 5 | BATMAN_PORTS="" 6 | ONE_PORT="YES" 7 | 8 | . /etc/network.mode 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.ubnt,unifi-ap: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="" 4 | WAN_PORTS="" 5 | BATMAN_PORTS="" 6 | ONE_PORT="YES" 7 | 8 | . /etc/network.mode 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips/network.ubnt,unifiac-mesh: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | CLIENT_PORTS="" 4 | WAN_PORTS="" 5 | BATMAN_PORTS="" 6 | ONE_PORT="YES" 7 | 8 | . /etc/network.mode 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mips64/network.ubnt,edgerouter-4: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=switch0 4 | SWITCHDEV=switch0 5 | CLIENT_PORTS="lan2" 6 | WAN_PORTS="lan0" 7 | BATMAN_PORTS="lan1" 8 | DSA=1 9 | 10 | ROUTERMAC=$(cat /sys/class/net/lan3/address) 11 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.netgear,r6220: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=switch0 4 | SWITCHDEV=switch0 5 | CLIENT_PORTS="lan1 lan2" 6 | WAN_PORTS="wan" 7 | BATMAN_PORTS="lan3 lan4" 8 | DSA=1 9 | 10 | ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/net/eth0/address)") 11 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.tplink,archer-c50-v3: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="3 4" 6 | WAN_PORTS="0" 7 | BATMAN_PORTS="1 2" 8 | 9 | ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/net/eth0/address)") 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.tplink,archer-c50-v4: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="3 4" 6 | WAN_PORTS="0" 7 | BATMAN_PORTS="1 2" 8 | 9 | ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/net/eth0/address)") 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.tplink,tl-wr841n-v13: -------------------------------------------------------------------------------- 1 | . /lib/functions/system.sh 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="3 4" 6 | WAN_PORTS="0" 7 | BATMAN_PORTS="1 2" 8 | 9 | ETHMESHMAC=$(macaddr_setbit_la $(cat /sys/class/net/eth0/address)) 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.ubnt,edgerouter-x: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="eth3 eth4" 4 | WAN_PORTS="eth0" 5 | BATMAN_PORTS="eth1 eth2" 6 | DSA=1 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.ubnt,edgerouter-x-sfp: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="eth3 eth4 eth5" 4 | WAN_PORTS="eth0" 5 | BATMAN_PORTS="eth1 eth2" 6 | DSA=1 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-100m: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="6t 4" 6 | WAN_PORTS="6t 0" 7 | BATMAN_PORTS="6t 2" 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-100m-intl: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=eth0 4 | SWITCHDEV=eth0 5 | CLIENT_PORTS="6t 4" 6 | WAN_PORTS="6t 0" 7 | BATMAN_PORTS="6t 2" 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-gigabit: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="lan2" 4 | WAN_PORTS="wan" 5 | BATMAN_PORTS="lan1" 6 | DSA=1 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/mipsel/network.xiaomi,mi-router-4a-gigabit-v2: -------------------------------------------------------------------------------- 1 | WANDEV=switch0 2 | SWITCHDEV=switch0 3 | CLIENT_PORTS="lan2" 4 | WAN_PORTS="wan" 5 | BATMAN_PORTS="lan1" 6 | DSA=1 7 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/powerpc/network.tplink,tl-wdr4900-v1: -------------------------------------------------------------------------------- 1 | . /lib/functions/fff/network 2 | 3 | WANDEV=switch0 4 | SWITCHDEV=switch0 5 | CLIENT_PORTS="lan3 lan4" 6 | WAN_PORTS="wan" 7 | BATMAN_PORTS="lan1 lan2" 8 | DSA=1 9 | 10 | # use mac address from phy1 with 'locally administered' bit set to '1' 11 | # only possible, because wXmesh is created first and therefore gets the 'universally administered address' 12 | 13 | ETHMESHMAC=$(macFlipLocalBit "$(cat /sys/class/ieee80211/phy1/macaddress)") 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-network/x86_64/network.mode: -------------------------------------------------------------------------------- 1 | ETHMODE="CLIENT" -------------------------------------------------------------------------------- /src/packages/fff/fff-network/x86_64/network.x86_64: -------------------------------------------------------------------------------- 1 | WANDEV=eth0 2 | SWITCHDEV=eth0 3 | ONE_PORT="YES" 4 | 5 | . /etc/network.mode 6 | 7 | ROUTERMAC=$(cat /sys/class/net/eth0/address) -------------------------------------------------------------------------------- /src/packages/fff/fff-node/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-node 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-node 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken node configuration 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-alfred \ 14 | +fff-batman-adv \ 15 | +fff-fastd \ 16 | +fff-vxlan-node-vpn \ 17 | +fff-firewall \ 18 | +fff-hoods \ 19 | +fff-uradvd 20 | endef 21 | 22 | define Package/fff-node/description 23 | This package configures the node 24 | endef 25 | 26 | define Build/Compile 27 | # nothing 28 | endef 29 | 30 | define Package/fff-node/install 31 | $(CP) ./files/* $(1)/ 32 | endef 33 | 34 | $(eval $(call BuildPackage,fff-node)) 35 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/etc/uci-defaults/24c-fff-wireless-node: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2016 Tim Niemeyer 4 | # Copyright 2019 Adrian Schmutzler 5 | 6 | . /lib/functions.sh 7 | . /lib/functions/fff/wireless 8 | 9 | configWifiDevice() { 10 | local radio="$1" 11 | local freq="$(wifiGetFreq $radio)" 12 | 13 | # Comments 14 | # wXmesh: use 802.11s mesh as "default" 15 | 16 | uci batch <<-__EOF__ 17 | set wireless.w${freq}ap='wifi-iface' 18 | set wireless.w${freq}ap.device='${radio}' 19 | set wireless.w${freq}ap.network='client' 20 | set wireless.w${freq}ap.ifname='w${freq}ap' 21 | set wireless.w${freq}ap.mode='ap' 22 | set wireless.w${freq}ap.ssid='noservice.freifunk' 23 | set wireless.w${freq}ap.encryption='none' 24 | set wireless.w${freq}ap.hidden='0' 25 | set wireless.w${freq}ap.disabled='0' 26 | 27 | set network.w${freq}mesh='interface' 28 | set network.w${freq}mesh.mtu='1560' 29 | set network.w${freq}mesh.proto='batadv_hardif' 30 | set network.w${freq}mesh.master='bat0' 31 | 32 | set wireless.w${freq}mesh='wifi-iface' 33 | set wireless.w${freq}mesh.device='${radio}' 34 | set wireless.w${freq}mesh.network='w${freq}mesh' 35 | set wireless.w${freq}mesh.ifname='w${freq}mesh' 36 | set wireless.w${freq}mesh.mode='mesh' 37 | set wireless.w${freq}mesh.mesh_id='nomesh.freifunk' 38 | set wireless.w${freq}mesh.encryption='none' 39 | set wireless.w${freq}mesh.mesh_fwding=0 40 | set wireless.w${freq}mesh.disabled='0' 41 | 42 | set network.configap${freq}=interface 43 | set network.configap${freq}.proto='static' 44 | set network.configap${freq}.ip6addr='fe80::1/64' 45 | 46 | set wireless.w${freq}configap='wifi-iface' 47 | set wireless.w${freq}configap.device='${radio}' 48 | set wireless.w${freq}configap.network='configap${freq}' 49 | set wireless.w${freq}configap.ifname='w${freq}configap' 50 | set wireless.w${freq}configap.mode='ap' 51 | set wireless.w${freq}configap.ssid='config.franken.freifunk.net' 52 | set wireless.w${freq}configap.encryption='none' 53 | set wireless.w${freq}configap.hidden='1' 54 | set wireless.w${freq}configap.disabled='1' 55 | __EOF__ 56 | } 57 | 58 | # Set up WiFi interfaces, but leave them disabled 59 | config_load wireless 60 | config_foreach configWifiDevice wifi-device 61 | 62 | uci commit network 63 | uci commit wireless 64 | 65 | exit 0 66 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/etc/uci-defaults/90-rc-local: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | cat <<-__EOF__ >/etc/rc.local 5 | #!/bin/sh 6 | # Put your custom commands here that should be executed once 7 | # the system init finished. By default this file does nothing. 8 | 9 | /usr/sbin/configurenetwork 10 | 11 | sleep 3 12 | 13 | /usr/sbin/configurehood 14 | 15 | touch /tmp/started 16 | 17 | exit 0 18 | __EOF__ 19 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/05-setup-batman-chains: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | # IN_ONLY wird angesprungen, wenn dieses Paket nur 4 | # vom Gateway (also vom BATMAN) kommen darf. 5 | chain IN_ONLY { 6 | # -i ! bat0 --logical-in br-client -j DROP 7 | iifname != "bat0" ibrname "br-client" counter drop 8 | counter 9 | } 10 | 11 | # OUT_ONLY wird angesprungen, wenn dieses Paket nur 12 | # in Richtung Gateway (also ins BATMAN) gesendet werden darf. 13 | chain OUT_ONLY { 14 | # --logical-out br-client -o ! bat0 -j DROP 15 | oifname != "bat0" obrname "br-client" counter drop 16 | counter 17 | } 18 | 19 | # MULTICAST_OUT filtert/reduziert Multicast-Frames, die ins BATMAN gesendet werden. 20 | chain MULTICAST_OUT { 21 | } 22 | 23 | chain INPUT { 24 | type filter hook input priority filter; policy accept; 25 | 26 | # -d Multicast -i ! bat0 --logical-in br-client -j ACCEPT 27 | iifname != "bat0" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 ibrname "br-client" counter packets 0 bytes 0 accept 28 | } 29 | 30 | chain FORWARD { 31 | type filter hook forward priority filter; policy accept; 32 | 33 | # -d Multicast --logical-out br-client -o bat0 -j MULTICAST_OUT 34 | oifname "bat0" obrname "br-client" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter packets 0 bytes 0 jump MULTICAST_OUT 35 | } 36 | 37 | chain OUTPUT { 38 | type filter hook output priority filter; policy accept; 39 | 40 | # -d Multicast --logical-out br-client -o bat0 -j MULTICAST_OUT 41 | oifname "bat0" obrname "br-client" ether daddr & 01:00:00:00:00:00 == 01:00:00:00:00:00 counter jump MULTICAST_OUT 42 | } 43 | } 44 | __EOF 45 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/06-disable-forwarding: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table ip filter { 3 | chain FORWARD { 4 | type filter hook forward priority filter; policy drop; 5 | } 6 | } 7 | table ip6 filter { 8 | chain FORWARD { 9 | type filter hook forward priority filter; policy drop; 10 | } 11 | } 12 | __EOF 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/30-client-dhcp: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain MULTICAST_OUT { 4 | # Erlaube DHCP Requests 5 | # -p IPv4 --ip-proto udp --ip-dport 67 -j RETURN 6 | ether type ip udp dport 67 counter return 7 | } 8 | 9 | chain FORWARD { 10 | # Erlaube nur DHCP Request von CLIENT -> BATMAN 11 | # -p IPv4 --ip-proto udp --ip-dport 67 -j OUT_ONLY 12 | ether type ip udp dport 67 counter jump OUT_ONLY 13 | 14 | # Erlaube nur DHCP Antworten von BATMAN -> CLIENT 15 | # -p IPv4 --ip-proto udp --ip-dport 68 -j IN_ONLY 16 | ether type ip udp dport 68 counter jump IN_ONLY 17 | } 18 | } 19 | __EOF 20 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/30-client-dhcpv6: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain MULTICAST_OUT { 4 | # Erlaube DHCPv6 Requests 5 | # -p IPv6 --ip6-proto udp --ip6-dport 547 -j RETURN 6 | ether type ip6 udp dport 547 counter return 7 | } 8 | 9 | chain FORWARD { 10 | # Erlaube nur DHCPv6 Request von CLIENT -> BATMAN 11 | # -p IPv6 --ip6-proto udp --ip6-dport 547 -j OUT_ONLY 12 | ether type ip6 udp dport 547 counter jump OUT_ONLY 13 | 14 | # Erlaube nur DHCPv6 Antworten von BATMAN -> CLIENT 15 | # -p IPv6 --ip6-proto udp --ip6-dport 546 -j IN_ONLY 16 | ether type ip6 udp dport 546 counter jump IN_ONLY 17 | } 18 | } 19 | __EOF 20 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/30-client-ra: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain FORWARD { 4 | # Erlaube nur Router-Solicitation von CLIENT -> BATMAN 5 | # -p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type router-solicitation -j OUT_ONLY 6 | ether type ip6 icmpv6 type nd-router-solicit counter jump OUT_ONLY 7 | 8 | # Erlaube nur Router-Advertisment von BATMAN -> CLIENT 9 | # -p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type router-advertisement -j IN_ONLY 10 | ether type ip6 icmpv6 type nd-router-advert counter jump IN_ONLY 11 | } 12 | } 13 | __EOF 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/31-node-dhcp: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | # Erlaube nur DHCP Antworten von BATMAN -> KNOTEN 5 | # -p IPv4 --ip-proto udp --ip-dport 68 -j IN_ONLY 6 | ether type ip udp dport 68 counter jump IN_ONLY 7 | } 8 | 9 | chain OUTPUT { 10 | # Erlaube nur DHCP Request von KNOTEN -> BATMAN 11 | # -p IPv4 --ip-proto udp --ip-dport 67 -j OUT_ONLY 12 | ether type ip udp dport 67 counter jump OUT_ONLY 13 | } 14 | } 15 | __EOF 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/31-node-dhcpv6: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | # Erlaube nur DHCPv6 Antworten von BATMAN -> KNOTEN 5 | # -p IPv6 --ip6-proto udp --ip6-dport 546 -j IN_ONLY 6 | ether type ip6 udp dport 546 counter jump IN_ONLY 7 | } 8 | 9 | chain OUTPUT { 10 | # Erlaube nur DHCPv6 Request von KNOTEN -> BATMAN 11 | # -p IPv6 --ip6-proto udp --ip6-dport 547 -j OUT_ONLY 12 | ether type ip6 udp dport 547 counter jump OUT_ONLY 13 | } 14 | } 15 | __EOF 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/31-node-ra: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | # Erlaube nur Router-Advertisment von BATMAN -> KNOTEN 5 | # -p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type router-advertisement -j IN_ONLY 6 | ether type ip6 ip6 nexthdr icmpv6 icmpv6 type nd-router-advert counter jump IN_ONLY 7 | 8 | # Verbiete Router-Solicitation von BATMAN -> KNOTEN 9 | # -p IPv6 -i bat0 --ip6-proto ipv6-icmp --ip6-icmp-type router-solicitation -j DROP 10 | iifname "bat0" ether type ip6 ip6 nexthdr icmpv6 icmpv6 type nd-router-solicit counter drop 11 | } 12 | 13 | chain OUTPUT { 14 | # Erlaube nur Router-Solicitation von KNOTEN -> BATMAN 15 | # -p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type router-solicitation -j OUT_ONLY 16 | ether type ip6 icmpv6 type nd-router-solicit counter jump OUT_ONLY 17 | 18 | # Verbiete Router-Advertisment von KNOTEN -> BATMAN 19 | # -p IPv6 -o bat0 --ip6-proto ipv6-icmp --ip6-icmp-type router-advertisement -j DROP 20 | oifname "bat0" ether type ip6 icmpv6 type nd-router-advert counter drop 21 | } 22 | } 23 | __EOF 24 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/35-mc: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain MULTICAST_OUT { 4 | # Erlaube alles was nicht IP ?? ist " hop-by-hop " ?? 5 | # -p IPv6 --ip6-proto ip -j RETURN 6 | ether type ip6 ip6 nexthdr 0 counter return 7 | 8 | # Erlaube Organisation der Multicast Gruppen 9 | # -p IPv4 --ip-proto igmp -j RETURN 10 | ether type ip meta l4proto igmp counter return 11 | } 12 | } 13 | __EOF 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/35-mc-arp: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain MULTICAST_OUT { 4 | # Verbiete ARP Antworten an alle 5 | # -p ARP --arp-op Reply --arp-ip-src 0.0.0.0 -j DROP 6 | ether type arp arp operation reply arp daddr ip 0.0.0.0 counter drop 7 | 8 | # Verbiete ARP Requests an alle 9 | # -p ARP --arp-op Request --arp-ip-dst 0.0.0.0 -j DROP 10 | ether type arp arp operation request arp daddr ip 0.0.0.0 counter drop 11 | 12 | # Erlaube alle anderen ARP's 13 | # -p ARP -j RETURN 14 | ether type arp counter return 15 | } 16 | } 17 | __EOF 18 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/35-mc-ping: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain MULTICAST_OUT { 4 | # Erlaube PING 5 | # -p IPv4 --ip-proto icmp -j RETURN 6 | ether type ip meta l4proto icmp counter return 7 | 8 | # Erlaube PINGv6 9 | # -p IPv6 --ip6-proto ipv6-icmp -j RETURN 10 | ether type ip6 meta l4proto icmpv6 counter return 11 | } 12 | } 13 | __EOF 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/36-mc-policy: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain MULTICAST_OUT { 4 | # policy: DROP 5 | counter drop 6 | } 7 | } 8 | __EOF 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/40-local-node: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | # No input from/to local node ip from batman 5 | 6 | # -p IPv6 -i bat0 --logical-in br-client --ip6-src fdff::1 -j DROP 7 | iifname "bat0" ibrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop 8 | # -p IPv6 -i bat0 --logical-in br-client --ip6-dst fdff::1 -j DROP 9 | iifname "bat0" ibrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop 10 | } 11 | 12 | chain FORWARD { 13 | # Do not forward local node ip 14 | 15 | # -p IPv6 --logical-out br-client -o bat0 --ip6-dst fdff::1 -j DROP 16 | oifname "bat0" obrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop 17 | # -p IPv6 --logical-out br-client -o bat0 --ip6-src fdff::1 -j DROP 18 | oifname "bat0" obrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop 19 | } 20 | 21 | chain OUTPUT { 22 | # Do not output local node ip to batman 23 | 24 | # -p IPv6 --logical-out br-client -o bat0 --ip6-dst fdff::1 -j DROP 25 | oifname "bat0" obrname "br-client" ether type ip6 ip6 daddr fdff::1 counter drop 26 | # -p IPv6 --logical-out br-client -o bat0 --ip6-src fdff::1 -j DROP 27 | oifname "bat0" obrname "br-client" ether type ip6 ip6 saddr fdff::1 counter drop 28 | } 29 | } 30 | __EOF 31 | -------------------------------------------------------------------------------- /src/packages/fff/fff-node/files/usr/lib/firewall.d/40-nft-counter: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | counter 5 | } 6 | 7 | chain FORWARD { 8 | counter 9 | } 10 | 11 | chain OUTPUT { 12 | counter 13 | } 14 | } 15 | __EOF 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-nodewatcher/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-nodewatcher 4 | PKG_RELEASE:=62 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Nodewatcher 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-config +fff-random +ip-full +ip-bridge 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the Nodewatcher for the Freifunk Franken Firmware 18 | It is used to send node status information to 19 | monitoring.freifunk-franken.de and 20 | netmon.freifunk-franken.de 21 | endef 22 | 23 | define Package/$(PKG_NAME)/conffiles 24 | /etc/config/nodewatcher 25 | endef 26 | 27 | define Build/Compile 28 | # nothing 29 | endef 30 | 31 | define Package/$(PKG_NAME)/install 32 | $(CP) ./files/* $(1)/ 33 | printf "$(if $(PKG_VERSION),$(PKG_VERSION).)$(PKG_RELEASE)" >> $(1)/etc/nodewatcher_version 34 | endef 35 | 36 | $(eval $(call BuildPackage,$(PKG_NAME))) 37 | -------------------------------------------------------------------------------- /src/packages/fff/fff-nodewatcher/files/etc/uci-defaults/93-fff-nodewatcher: -------------------------------------------------------------------------------- 1 | [ -s /etc/config/nodewatcher ] && exit 0 2 | 3 | touch /etc/config/nodewatcher 4 | 5 | uci batch >/dev/null <&2 echo "nodewatcher: $1") 21 | } 22 | 23 | #This method generates the crawl data XML file that is being fetched by netmon 24 | #and provided by a small local httpd 25 | crawl() { 26 | DATA="" 27 | 28 | for f in /usr/lib/nodewatcher.d/*.sh; do 29 | tmp="$($f)" 30 | if [ $? -ne 0 ]; then 31 | debug "Error when executing subscript $f, exiting!" 32 | exit 1 33 | fi 34 | DATA="$DATA$tmp" 35 | done 36 | 37 | DATA="$DATA" 38 | 39 | echo "$DATA" 40 | } 41 | 42 | LANG=C 43 | 44 | #Erzeugt die statusdaten 45 | debug "Generate actual status data" 46 | crawl 47 | 48 | exit 0 49 | -------------------------------------------------------------------------------- /src/packages/fff/fff-ra/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-ra 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-ra 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Router Advertisements 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+odhcpd-ipv6only 14 | endef 15 | 16 | define Package/fff-ra/description 17 | This is the fff-ra for the Freifunk Franken Firmware 18 | It is used to configure odhcpd to send Router Advertisements for use as gateway. 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/fff-ra/install 26 | # nothing 27 | endef 28 | 29 | $(eval $(call BuildPackage,fff-ra)) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-random/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-random 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Random 12 | URL:=https://www.freifunk-franken.de 13 | endef 14 | 15 | define Package/$(PKG_NAME)/description 16 | This is the Freifunk Franken Firmware Random package 17 | This packages provides a random function. 18 | endef 19 | 20 | define Build/Prepare 21 | mkdir -p $(PKG_BUILD_DIR) 22 | $(CP) ./src/* $(PKG_BUILD_DIR)/ 23 | endef 24 | 25 | define Build/Compile 26 | CFLAGS="$(TARGET_CFLAGS)" CPPFLAGS="$(TARGET_CPPFLAGS)" $(MAKE) -C $(PKG_BUILD_DIR) $(TARGET_CONFIGURE_OPTS) 27 | endef 28 | 29 | define Package/$(PKG_NAME)/install 30 | $(INSTALL_DIR) $(1)/usr/bin 31 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/random $(1)/usr/bin/ 32 | endef 33 | 34 | $(eval $(call BuildPackage,$(PKG_NAME))) 35 | -------------------------------------------------------------------------------- /src/packages/fff/fff-random/src/Makefile: -------------------------------------------------------------------------------- 1 | all: random 2 | 3 | random: random.c 4 | $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -Wall -o $@ $^ $(LDLIBS) 5 | -------------------------------------------------------------------------------- /src/packages/fff/fff-random/src/random.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-only 2 | /* 3 | * Simple random tool, used to get a random value 4 | * 2017-07-02 5 | * Tim Niemeyer 6 | */ 7 | #include 8 | #include 9 | #include 10 | 11 | static int parse_int(char *str) { 12 | char *endptr = NULL; 13 | errno = 0; 14 | long val = strtol(str, &endptr, 10); 15 | 16 | if (errno != 0) { 17 | perror("strtol"); 18 | exit(EXIT_FAILURE); 19 | } 20 | 21 | if (endptr == str) { 22 | fprintf(stderr, "No digits were found\n"); 23 | exit(EXIT_FAILURE); 24 | } 25 | 26 | if (*endptr != '\0') { 27 | fprintf(stderr, "Further characters were found after number: \"%s\"\n", endptr); 28 | exit(EXIT_FAILURE); 29 | } 30 | 31 | int retVal = (int) val; 32 | if (val != retVal) { 33 | fprintf(stderr, "Given number is out of range\n"); 34 | exit(EXIT_FAILURE); 35 | } 36 | 37 | return retVal; 38 | } 39 | 40 | int main(int argc, char **argv) 41 | { 42 | int from = 0; 43 | int to = 100; 44 | int diff = 1; 45 | FILE *f = 0; 46 | unsigned int r = 0; 47 | 48 | if (argc != 1 && argc != 3) 49 | { 50 | fprintf(stderr, "%s \n", argv[0]); 51 | return -1; 52 | } 53 | else if (argc == 3) 54 | { 55 | from = parse_int(argv[1]); 56 | to = parse_int(argv[2]); 57 | } 58 | 59 | diff = to - from; 60 | if (diff <= 0) 61 | { 62 | fprintf(stderr, "Bad from/to\n"); 63 | return -1; 64 | } 65 | 66 | f = fopen("/dev/urandom", "r"); 67 | if (!f) 68 | { 69 | fprintf(stderr, "Can't open /dev/urandom\n"); 70 | return -1; 71 | } 72 | 73 | if (1U != fread(&r, sizeof(unsigned int), 1U, f)) 74 | { 75 | fprintf(stderr, "Can't read /dev/urandom\n"); 76 | fclose(f); 77 | return -1; 78 | } 79 | 80 | printf("%u\n", (r % (diff +1 )) + from); 81 | fclose(f); 82 | return 0; 83 | } 84 | -------------------------------------------------------------------------------- /src/packages/fff/fff-simple-tc/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-simple-tc 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken simple-tc config 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+simple-tc 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This meta-package configures simple-tc for FFF 18 | endef 19 | 20 | define Build/Compile 21 | # nothing 22 | endef 23 | 24 | define Package/$(PKG_NAME)/install 25 | $(CP) ./files/* $(1)/ 26 | endef 27 | 28 | $(eval $(call BuildPackage,$(PKG_NAME))) 29 | -------------------------------------------------------------------------------- /src/packages/fff/fff-simple-tc/files/etc/uci-defaults/98-configure-tc: -------------------------------------------------------------------------------- 1 | traffic_enabled=$(uci -q get "fff.trafficcontrol.enabled") 2 | traffic_in=$(uci -q get "fff.trafficcontrol.limit_in") 3 | traffic_out=$(uci -q get "fff.trafficcontrol.limit_out") 4 | 5 | test -n "${traffic_enabled}" && uci set "simple-tc.example.enabled=${traffic_enabled}" 6 | uci set "simple-tc.example.ifname=wan" 7 | uci set "simple-tc.example.limit_ingress=${traffic_in}" 8 | uci set "simple-tc.example.limit_egress=${traffic_out}" 9 | 10 | uci commit simple-tc 11 | 12 | exit 0 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-simple-tc/files/usr/lib/nodewatcher.d/70-simple-tc.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | . /lib/functions.sh 4 | 5 | config_load simple-tc 6 | tc_enabled="0" 7 | tc_in="0" 8 | tc_out="0" 9 | parseTcInterface() { 10 | local iface="$1" 11 | 12 | config_get ifname "$iface" ifname 13 | [ "wan" = "$ifname" ] || return 14 | 15 | config_get tc_enabled "$iface" enabled "0" 16 | config_get tc_in "$iface" limit_ingress "0" 17 | config_get tc_out "$iface" limit_egress "0" 18 | } 19 | config_foreach parseTcInterface 'interface' 20 | 21 | echo -n "$tc_enabled$tc_in$tc_out" 22 | 23 | exit 0 24 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-support 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Support Scripts 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+@BUSYBOX_CONFIG_ASH +fff-config +fff-hoodutils 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the Freifunk Franken Firmware support package. 18 | This packages provides smaller convenience scripts, 19 | not essential to the operation of the Firmware 20 | endef 21 | 22 | define Build/Compile 23 | # nothing 24 | endef 25 | 26 | define Package/$(PKG_NAME)/install 27 | $(CP) ./files/* $(1)/ 28 | test -d ./$(BOARD) && $(CP) ./$(BOARD)/* $(1)/ || true 29 | endef 30 | 31 | $(eval $(call BuildPackage,$(PKG_NAME))) 32 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/ath79/usr/lib/fff-support/activate_poe_passthrough.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # This enables PoE passthrough so it is persistent through reboots, 3 | # but reset after firmware upgrade 4 | 5 | if uci -q get "system.poe_passthrough" > /dev/null ; then 6 | uci -q set "system.poe_passthrough.value=1" 7 | uci -q commit system 8 | /etc/init.d/gpio_switch restart 9 | fi 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/ath79/usr/lib/fff-support/disable_poe_passthrough.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # This disables PoE passthrough permanently 3 | 4 | uci -q set "fff.poe_passthrough=fff" 5 | uci -q set "fff.poe_passthrough.active=0" 6 | uci -q commit fff 7 | 8 | if uci -q get "system.poe_passthrough" > /dev/null ; then 9 | uci -q set "system.poe_passthrough.value=0" 10 | uci -q commit system 11 | /etc/init.d/gpio_switch restart 12 | fi 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/ath79/usr/lib/fff-support/permanent_poe_passthrough.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # This enables PoE passthrough permanently, so it is persistent 3 | # during firmware upgrades 4 | 5 | uci -q set "fff.poe_passthrough=fff" 6 | uci -q set "fff.poe_passthrough.active=1" 7 | uci -q commit fff 8 | 9 | /usr/lib/fff-support/activate_poe_passthrough.sh 10 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/files/etc/dataprotection.de: -------------------------------------------------------------------------------- 1 | Freifunk Franken Firmware 2 | Mehr Informationen unter http://franken.freifunk.net 3 | 4 | DATENSCHUTZHINWEISE 5 | 6 | Das Freifunk-Netzwerk benötigt bestimmte Information um einen stabilen und sicheren Betrieb zu gewährleisten. 7 | 8 | Es bestehen bestimmte Einstellungen (in /etc/config/fff), die vom Benutzer gesetzt werden sollen und die von Diensten im Netzwerk und/oder Menschen verarbeitet werden: 9 | 10 | 1. Die Angaben zur POSITION sind für die Funktion des Netzwerkes erforderlich, sodass Router einer bestimmten Netzuntereinheit ("Hood") zugeordnet werden können. 11 | 12 | 2. Die KONTAKT-DATEN sind erforderlich, damit im Falle einer Funktionsstörung eine verantwortliche Person kontaktiert werden kann. 13 | 14 | 3. OHNE ANGABE VON POSITION UND KONTAKTADRESSE KANN DER ROUTER NICHT BETRIEBEN WERDEN. Alle weiteren Angaben sind freiwillig. 15 | 16 | 4. Alle eingegebenen (verpflichtenden und freiwilligen) Daten sind sowohl im Netzwerk als auch öffentlich zugänglich. 17 | Zu Zwecken der Diagnose und zur Kontaktaufnahme im Störfall können diese von verschiedenen Instanzen im Netz sowie von Dritten gespeichert und verarbeitet werden. 18 | 19 | Für Fragen besteht die Möglichkeit zur Kontaktaufnahme über franken@freifunk.net 20 | 21 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/files/etc/dataprotection.en: -------------------------------------------------------------------------------- 1 | Freifunk Franken Firmware 2 | More information at http://franken.freifunk.net 3 | 4 | DATA PROTECTION NOTES 5 | 6 | The Freifunk network requires information to ensure a stable and safe operation. 7 | 8 | There are specific config options (in /etc/config/fff) which are meant to be set by the user and are processed and evaluated by network services and/or human beings: 9 | 10 | 1. The COORDINATES are required for the network operation, so routers can be assigned to a particular network sub unit ("hood"). 11 | 12 | 2. CONTACT INFORMATION is necessary to be able to contact a responsible person in case of malfunction. 13 | 14 | 3. WITHOUT PROVIDING COORDINATES AND CONTACT INFORMATION THE ROUTER MUST NOT OPERATE. Any additional data is optional. 15 | 16 | 4. Every piece of information entered (mandatory and optional) will be accessible both inside the network and publicly. 17 | For diagnosis and for establishing contact in case of an incident data may be saved and processed from various instances inside the network as well from third parties. 18 | 19 | In case of questions, please contact franken@freifunk.net 20 | 21 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/files/etc/init.d/fff-userconfig: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | # Copyright (C) 2006 OpenWrt.org 3 | 4 | START=96 5 | boot() { 6 | LOCALCONFIGSCRIPT="/etc/rc.local.fff_userconfig" 7 | 8 | # process user commands 9 | [ -f "${LOCALCONFIGSCRIPT}" ] && { 10 | sh /etc/rc.local.fff_userconfig 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-support/files/etc/uci-defaults/80-banner-info: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2018 Adrian Schmutzler 4 | 5 | . /etc/firmware_release 6 | 7 | echo "" >> /etc/banner 8 | echo "> $(cat /tmp/sysinfo/model 2>/dev/null) @ $FIRMWARE_VERSION" >> /etc/banner 9 | echo "" >> /etc/banner 10 | 11 | exit 0 12 | -------------------------------------------------------------------------------- /src/packages/fff/fff-sysupgrade/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-sysupgrade 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken sysupgrade 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-boardname +fff-config +fff-hoodutils +@BUSYBOX_CONFIG_WGET 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the Freifunk Franken Firmware sysupgrade package. 18 | This packages provides an semi automated sysupgrade script. 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-sysupgrade/files/etc/uci-defaults/99-fff-sysupgrade: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2017 Tim Niemeyer 4 | 5 | cat > /etc/sysupgrade.conf <<-__EOF__ 6 | /etc/shadow 7 | /etc/dropbear/dropbear_rsa_host_key 8 | /etc/dropbear/dropbear_ecdsa_host_key 9 | /etc/dropbear/dropbear_ed25519_host_key 10 | /etc/dropbear/authorized_keys 11 | /etc/network.config 12 | /etc/config/fff 13 | /etc/config/gateway 14 | /etc/hoodfile 15 | /etc/nftables-fff.conf 16 | /etc/rc.local.fff_userconfig 17 | /etc/nhosts.fff 18 | __EOF__ 19 | 20 | exit 0 21 | -------------------------------------------------------------------------------- /src/packages/fff/fff-timeserver/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-timeserver 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken timeserver 12 | URL:=https://www.freifunk-franken.de 13 | endef 14 | 15 | define Package/$(PKG_NAME)/description 16 | This is the Freifunk Franken Firmware timeserver package. 17 | This packages configures the timeserver on the device. 18 | endef 19 | 20 | define Build/Compile 21 | # nothing 22 | endef 23 | 24 | define Package/$(PKG_NAME)/install 25 | $(CP) ./files/* $(1)/ 26 | endef 27 | 28 | $(eval $(call BuildPackage,$(PKG_NAME))) 29 | -------------------------------------------------------------------------------- /src/packages/fff/fff-timeserver/files/etc/uci-defaults/51-fff-timeserver: -------------------------------------------------------------------------------- 1 | # No initialization here, this is done in configurehood 2 | 3 | uci set "system.@system[0].timezone=CET-1CEST,M3.5.0,M10.5.0/3" 4 | 5 | uci commit system 6 | 7 | exit 0 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-timeserver/files/lib/functions/fff/timeserver: -------------------------------------------------------------------------------- 1 | # SPDX-License-Identifier: GPL-3.0-only 2 | # 3 | # Copyright 2016 Tim Niemeyer 4 | 5 | setTimeserver() { 6 | if [ $# -ne "1" ] 7 | then 8 | echo "Usage: setTimeserver " 9 | return 1 10 | fi 11 | 12 | local ntp=$1 13 | 14 | uci batch <<-__EOF__ 15 | delete system.ntp 16 | set system.ntp='timeserver' 17 | add_list system.ntp.server='$ntp' 18 | set system.ntp.enable_server='0' 19 | commit system 20 | __EOF__ 21 | 22 | return 0 23 | } 24 | 25 | # vim: set noexpandtab:tabstop=4 26 | -------------------------------------------------------------------------------- /src/packages/fff/fff-uradvd/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-uradvd 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken uradvd 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+uradvd 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the uradvd wrapper for the Freifunk Franken Firmware 18 | It is used to configure and start the uradvd daemon. 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-uradvd/files/etc/init.d/fff-uradvd: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=50 4 | 5 | USE_PROCD=1 6 | 7 | SERVICE_WRITE_PID=1 8 | SERVICE_DAEMONIZE=1 9 | 10 | URADVD_BIN=/usr/sbin/uradvd 11 | 12 | service_triggers() 13 | { 14 | procd_add_reload_trigger "fff-uradvd" "network" 15 | } 16 | 17 | start_service() { 18 | procd_open_instance 19 | procd_set_param command "$URADVD_BIN" -i br-client -p $(uci get network.globals.ula_prefix) 20 | } 21 | 22 | reload_service() 23 | { 24 | stop 25 | start 26 | } 27 | -------------------------------------------------------------------------------- /src/packages/fff/fff-uradvd/files/usr/lib/firewall.d/32-local-ra: -------------------------------------------------------------------------------- 1 | nft -f - <<__EOF 2 | table bridge filter { 3 | chain INPUT { 4 | # Erlaube router solicitation von client zu knoten 5 | # -p IPv6 -i ! bat0 --ip6-proto ipv6-icmp --ip6-icmp-type router-solicitation -j ACCEPT 6 | iifname != "bat0" ether type ip6 ip6 nexthdr icmpv6 icmpv6 type nd-router-solicit counter accept 7 | } 8 | 9 | chain OUTPUT { 10 | # Erlaube router advertisment von knoten zu client 11 | # -p IPv6 -o ! bat0 --ip6-proto ipv6-icmp --ip6-icmp-type router-advertisement -j ACCEPT 12 | oifname != "bat0" ether type ip6 icmpv6 type nd-router-advert counter accept 13 | } 14 | } 15 | __EOF 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-vpn-select/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-vpn-select 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken vpn-select 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+fff-fastd 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This package selects and starts the VPN 18 | (currently only via fastd) 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Usage: vpn-select 4 | # To add a new protocol, put a file with three functions to /usr/lib/vpn-select.d/ . 5 | # The file must start with protocol=name. It is most important to use the same name here and in hoodfile. 6 | # The old config can be cleared in function ${protocol}_clear(). It is called first once per installed protocol. 7 | # The function ${protocol}_addpeer() is called for every selected peer in hoodfile. 8 | # The function ${protocol}_start_stop() is called at the end once per installed protocol. 9 | 10 | . /usr/share/libubox/jshn.sh 11 | 12 | hoodfile="$1" 13 | 14 | # source functions 15 | for file in /usr/lib/vpn-select.d/*; do 16 | [ -f $file ] && . "$file" 17 | supported_protocols="$supported_protocols $protocol" 18 | done 19 | 20 | # clear old config 21 | for protocol in $supported_protocols; do 22 | "${protocol}_clear" 23 | done 24 | 25 | # configure vpn 26 | 27 | if [ "$0" != "/usr/sbin/vpn-stop" ] ; then 28 | if [ -n "$hoodfile" ] && [ -s "$hoodfile" ] ; then 29 | json_load "$(cat "$hoodfile")" 30 | json_select hood 31 | json_get_var id id 32 | json_select ".." 33 | json_select vpn 34 | json_get_keys vpn_keys 35 | for key in $vpn_keys; do 36 | json_select $key 37 | json_get_var protocol protocol 38 | "${protocol}_addpeer" 39 | json_select ".." # back to vpn 40 | done 41 | fi 42 | fi 43 | 44 | # start/restart/stop vpnservices 45 | for protocol in $supported_protocols; do 46 | "${protocol}_start_stop" 47 | done 48 | -------------------------------------------------------------------------------- /src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop: -------------------------------------------------------------------------------- 1 | vpn-select -------------------------------------------------------------------------------- /src/packages/fff/fff-vxlan-node-vpn/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-vxlan-node-vpn 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken vxlan-node 12 | URL:=http://www.freifunk-franken.de 13 | DEPENDS:=+vxlan 14 | endef 15 | 16 | define Package/$(PKG_NAME)/description 17 | This is the vxlan-node-vpn package for the Freifunk Franken Firmware 18 | This will configure and set up the VPN via vxlan 19 | endef 20 | 21 | define Build/Compile 22 | # nothing 23 | endef 24 | 25 | define Package/$(PKG_NAME)/install 26 | $(CP) ./files/* $(1)/ 27 | endef 28 | 29 | $(eval $(call BuildPackage,$(PKG_NAME))) 30 | -------------------------------------------------------------------------------- /src/packages/fff/fff-vxlan-node-vpn/files/etc/uci-defaults/53-vxlan-node: -------------------------------------------------------------------------------- 1 | uci batch < 4 | <%in /www/include/helpers %> 5 | <% show_msg %> 6 | 7 | <% 8 | l3config=$(cat /etc/config/gateway) 9 | 10 | if [ -n "${POST_test}" ] || [ -n "${POST_apply}" ]; then 11 | %> 12 |
13 | Status 14 | 58 |
59 |   60 |   61 | 62 | <% 63 | fi 64 | %> 65 | 66 |
67 |
68 | Konfigurationsdatei 69 | 70 |
71 | 72 | 73 |
74 | 75 | <%in /www/include/footer %> 76 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-mqtt/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-web-mqtt 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME) 7 | 8 | include $(INCLUDE_DIR)/package.mk 9 | 10 | define Package/fff-web-mqtt 11 | SECTION:=base 12 | CATEGORY:=Freifunk 13 | TITLE:=Freifunk-Franken mqtt config webui 14 | URL:=https://www.freifunk-franken.de 15 | DEPENDS:= \ 16 | +fff-mqtt \ 17 | +fff-web-ui 18 | endef 19 | 20 | define Package/fff-web-mqtt/description 21 | Configure mqtt via a web UI 22 | endef 23 | 24 | define Build/Compile 25 | # nothing 26 | endef 27 | 28 | define Package/fff-web-mqtt/install 29 | $(CP) ./files/* $(1)/ 30 | endef 31 | 32 | $(eval $(call BuildPackage,fff-web-mqtt)) 33 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-mqtt/files/www/menu/ssl/17-mqtt: -------------------------------------------------------------------------------- 1 | mqtt,MQTT-Einstellungen 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-mqtt/files/www/ssl/cgi-bin/mqtt.html: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | 3 | <%in /www/include/header %> 4 | <%in /www/include/helpers %> 5 | <% show_msg %> 6 | 7 | <% 8 | # write 9 | if [ "$REQUEST_METHOD" = "POST" ] ; then 10 | uci -q set "fff.mqtt.server=${POST_server}" 11 | uci commit fff 12 | fi 13 | %> 14 | 15 |
16 | 17 |
18 | MQTT 19 | 20 | 21 |
Server:
22 |
23 | 24 |
25 | 26 | <%in /www/include/footer %> 27 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-web-ui 4 | PKG_RELEASE:=$(shell echo -n $$(( $(COMMITCOUNT) + 20 ))) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/$(PKG_NAME) 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken Webinterface 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:=+uhttpd +libustream-mbedtls +haserl +px5g +fff-simple-tc \ 14 | +fff-boardname +fff-config +fff-network +fff-hoodutils \ 15 | +@BUSYBOX_CONFIG_WGET +@BUSYBOX_CONFIG_FEATURE_WGET_TIMEOUT 16 | endef 17 | 18 | define Package/$(PKG_NAME)/description 19 | This is the web-based user interface for the Freifunk Franken Firmware 20 | endef 21 | 22 | define Build/Compile 23 | # nothing 24 | endef 25 | 26 | define Package/$(PKG_NAME)/install 27 | $(CP) ./files/* $(1)/ 28 | ifeq ($(CONFIG_PACKAGE_fff-nodewatcher),y) 29 | ln -s ../../tmp/crawldata/node.data $(1)/www/public/node.data 30 | endif 31 | endef 32 | 33 | $(eval $(call BuildPackage,$(PKG_NAME))) 34 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/etc/httpd.conf: -------------------------------------------------------------------------------- 1 | /:root:$p$root 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/etc/uci-defaults/94-fff-web-ui: -------------------------------------------------------------------------------- 1 | uci -q delete uhttpd.main 2 | 3 | uci batch < 4 | 5 |
6 | 7 | 11 | 12 | 13 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/include/helpers: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | 3 | <% 4 | . /lib/functions/fff/evalbytes 5 | 6 | show_msg() { 7 | if [ "$MSG" != "" ] ; then 8 | echo "
${MSG}
" 9 | fi 10 | } 11 | %> 12 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/05-home: -------------------------------------------------------------------------------- 1 | home,Home 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/10-settings: -------------------------------------------------------------------------------- 1 | settings,Einstellungen 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/20-ports: -------------------------------------------------------------------------------- 1 | ports,Anschlüsse 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/30-wifiscan: -------------------------------------------------------------------------------- 1 | wifiscan,Wifi Scan 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/40-upgrade: -------------------------------------------------------------------------------- 1 | upgrade,Upgrade 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/50-password: -------------------------------------------------------------------------------- 1 | password,Passwort 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/60-reboot: -------------------------------------------------------------------------------- 1 | reboot,Neustart 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/menu/ssl/70-logout: -------------------------------------------------------------------------------- 1 | logout,Logout 2 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/public/freifunk.svg: -------------------------------------------------------------------------------- 1 | ../ssl/freifunk.svg -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/public/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Freifunk Franken 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |

Redirecting...

14 | 15 | 16 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/public/style.css: -------------------------------------------------------------------------------- 1 | ../ssl/style.css -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/cgi-bin/leaflet.css: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | <% 3 | echo -en "content-type: text/css\r\n\r\n" 4 | 5 | zcat /www/ssl/leaflet.css.gz 6 | 7 | %> 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/cgi-bin/leaflet.js: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | <% 3 | echo -en "content-type: text/javascript\r\n\r\n" 4 | 5 | zcat /www/ssl/leaflet.js.gz 6 | 7 | %> 8 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/cgi-bin/logout.html: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | 3 | <% 4 | echo -en "Content-Type: text/html\r\n\r\n" 5 | url="//logout:logout@${HTTP_HOST}/" 6 | %> 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | Logging out... 18 | 19 | 20 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/cgi-bin/password.html: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | 3 | <% 4 | # write 5 | if [ "$REQUEST_METHOD" = "POST" ] ; then 6 | #check for special characters in password 7 | regex='^[a-zA-Z0-9!#\$%\(\)\*\+,\.:;=\?@\^_&-]+$' 8 | if [ "$POST_pass1" = "" ] ; then 9 | MSG='Das Passwort darf nicht leer sein!' 10 | elif ! echo -n "$POST_pass1" | egrep -q "$regex"; then 11 | MSG='Passwort enthält ungültige Zeichen!' 12 | else 13 | (echo "$POST_pass1"; sleep 1; echo "$POST_pass2") | passwd &>/dev/null 14 | if [ $? -eq 0 ]; then 15 | restart_uhttpd=1 16 | MSG='Passwort geändert!' 17 | else 18 | MSG='Die Passwörter stimmen nicht überein!' 19 | fi 20 | fi 21 | fi 22 | %> 23 | <%in /www/include/header %> 24 | <%in /www/include/helpers %> 25 | <% show_msg %> 26 |
27 | 28 | 29 | 43 |
30 |
31 | Passwort 32 | 33 | 34 | 35 | 36 | 40 |
Neues Passwort:
Bestätigung:
37 | Das Passwort ist für den Zugriff auf die Weboberfläche des Routers
und auch den Zugriff per SSH. 38 | Der Benutzername ist 'root'. 39 |
41 |
42 |
44 | 45 |
46 | <%in /www/include/footer %> 47 | <% 48 | #force instant password change 49 | if [ "$restart_uhttpd" = "1" ] ; then 50 | /etc/init.d/uhttpd restart 2>/dev/null 51 | fi 52 | %> 53 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/cgi-bin/reboot.html: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | 3 | <% 4 | # prepare 5 | if [ "$REQUEST_METHOD" = "POST" ] ; then 6 | if [ "$POST_reboot" != "" ] ; then 7 | do_reboot=1 8 | MSG='Router wird neugestartet...' 9 | fi 10 | fi 11 | %> 12 | <%in /www/include/header %> 13 | <%in /www/include/helpers %> 14 | <% show_msg %> 15 |
16 | 17 | 27 |
18 |
19 | Router neustarten 20 | 21 | 22 | 23 | 24 |
Der Neustart dauert etwa 2 Minuten.
25 |
26 |
28 |
29 | <%in /www/include/footer %> 30 | <% 31 | # write 32 | if [ "$do_reboot" = "1" ] ; then 33 | reboot 34 | fi 35 | %> 36 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/cgi-bin/wifiscan.html: -------------------------------------------------------------------------------- 1 | #!/usr/bin/haserl 2 | 3 | <%in /www/include/header %> 4 | 5 | 30 |
6 |
7 | Wifi Scan 8 | 9 | 10 | <% 11 | # Find one interface for each phy-radio 12 | for interface in $(iw dev | grep -A1 '^phy' | awk '/Interface/ {print $2}'); do 13 | echo "" 14 | echo "" 15 | 16 | iw dev $interface scan | sed 's/^BSS/;\nBSS/g' | while read -d\; station ;do 17 | SSID="$(echo "$station" | grep SSID | sed 's/SSID: //')" 18 | freq="$(echo "$station" | grep "freq:" | cut -f2 -d " ")" 19 | cannel="$(echo "$station" | grep "primary channel:" | tr -s " " | cut -f5 -d " ")" 20 | signal="$(echo "$station" | grep "signal:" | cut -f2 -d" ")" 21 | mac="$(echo "$station" | grep "^BSS "| cut -f2 -d" " | cut -f1 -d "(")" 22 | echo "" 23 | done | sort -n | sed 's#&#\&#' 24 | done 25 | # The HTML comment contains the signal quality to allow sorting 26 | %> 27 |
Scan via interface $interface
NameFrequenzChannelSignalMAC
$SSID$freq MHz$cannel$signal dBm$mac
28 |
29 |
31 | 32 | <%in /www/include/footer %> 33 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/freifunk.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Redirecting... 12 | 13 | 14 | -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/leaflet.css.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/FreifunkFranken/firmware/4135114c7dfe4290205c2d270c440e6753e04e2e/src/packages/fff/fff-web-ui/files/www/ssl/leaflet.css.gz -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/leaflet.js.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/FreifunkFranken/firmware/4135114c7dfe4290205c2d270c440e6753e04e2e/src/packages/fff/fff-web-ui/files/www/ssl/leaflet.js.gz -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/port_down.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/FreifunkFranken/firmware/4135114c7dfe4290205c2d270c440e6753e04e2e/src/packages/fff/fff-web-ui/files/www/ssl/port_down.png -------------------------------------------------------------------------------- /src/packages/fff/fff-web-ui/files/www/ssl/port_up.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/FreifunkFranken/firmware/4135114c7dfe4290205c2d270c440e6753e04e2e/src/packages/fff/fff-web-ui/files/www/ssl/port_up.png -------------------------------------------------------------------------------- /src/packages/fff/fff-wireguard/Makefile: -------------------------------------------------------------------------------- 1 | include $(TOPDIR)/rules.mk 2 | 3 | PKG_NAME:=fff-wireguard 4 | PKG_RELEASE:=$(COMMITCOUNT) 5 | 6 | include $(INCLUDE_DIR)/package.mk 7 | 8 | define Package/fff-wireguard 9 | SECTION:=base 10 | CATEGORY:=Freifunk 11 | TITLE:=Freifunk-Franken wireguard 12 | URL:=https://www.freifunk-franken.de 13 | DEPENDS:= \ 14 | +kmod-wireguard \ 15 | +owipcalc \ 16 | +wireguard-tools \ 17 | +fff-babel \ 18 | +fff-network 19 | endef 20 | 21 | define Package/fff-wireguard/description 22 | This is the Freifunk Franken Firmware wireguard package. 23 | This package provides configuration scripts for wireguard tunnels. 24 | endef 25 | 26 | define Build/Compile 27 | # nothing 28 | endef 29 | 30 | define Package/fff-wireguard/install 31 | $(CP) ./files/* $(1)/ 32 | endef 33 | 34 | $(eval $(call BuildPackage,fff-wireguard)) 35 | -------------------------------------------------------------------------------- /src/packages/fff/fff-wireguard/files/etc/uci-defaults/28-wireguard-rules: -------------------------------------------------------------------------------- 1 | uci batch <" 20 | return 1 21 | fi 22 | 23 | local radio=$1 24 | 25 | # Use uci radio band for switching, since this is always set by firmware (effectively hard-coded) 26 | # Do not use channel, as this might be "auto" for both 27 | [ "$(uci get "wireless.${radio}.band")" = "5g" ] && echo "5" || echo "2" 28 | return 0 29 | } 30 | # vim: set noexpandtab:tabstop=4 31 | -------------------------------------------------------------------------------- /src/packages/fff/fff-wireless/files/usr/lib/nodewatcher.d/60-airtime.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # SPDX-License-Identifier: GPL-3.0-only 3 | # 4 | # Netmon Nodewatcher (C) 2010-2012 Freifunk Oldenburg 5 | 6 | w2dump="$(iw dev w2ap survey dump 2> /dev/null | sed '/Survey/,/\[in use\]/d')" 7 | if [ -n "$w2dump" ] ; then 8 | w2_ACT="$(ACTIVE=$(echo "$w2dump" | grep "active time:"); set ${ACTIVE:-0 0 0 0 0}; echo -e "${4}")" 9 | w2_BUS="$(BUSY=$(echo "$w2dump" | grep "busy time:"); set ${BUSY:-0 0 0 0 0}; echo -e "${4}")" 10 | echo -n "$dataair$w2_ACT$w2_BUS" 11 | fi 12 | w5dump="$(iw dev w5ap survey dump 2> /dev/null | sed '/Survey/,/\[in use\]/d')" 13 | if [ -n "$w5dump" ] ; then 14 | w5_ACT="$(ACTIVE=$(echo "$w5dump" | grep "active time:"); set ${ACTIVE:-0 0 0 0 0}; echo -e "${4}")" 15 | w5_BUS="$(BUSY=$(echo "$w5dump" | grep "busy time:"); set ${BUSY:-0 0 0 0 0}; echo -e "${4}")" 16 | echo -n "$dataair$w5_ACT$w5_BUS" 17 | fi 18 | 19 | exit 0 20 | -------------------------------------------------------------------------------- /src/packages/fff/mtpoe_ctrl/Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2018 adron@yapic.net 3 | # 4 | 5 | include $(TOPDIR)/rules.mk 6 | 7 | PKG_NAME:=mtpoe_ctrl 8 | PKG_SOURCE_VERSION:=d4dfc54f4fe8c6565d585b6a27730e4980b3103d 9 | PKG_MIRROR_HASH:=898d93a7917b5462a2b4e00aee34f610c65e798cff82e81a77a2221140697411 10 | PKG_VERSION:=1.15.2 11 | PKG_RELEASE:=21 12 | 13 | PKG_SOURCE_PROTO:=git 14 | PKG_SOURCE_URL:=https://github.com/fblaese/mtpoe_ctrl.git 15 | PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 16 | PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) 17 | 18 | PKG_MAINTAINER:=Sergey Sergeev 19 | PKG_LICENSE:=GPL-2.0 20 | 21 | include $(INCLUDE_DIR)/package.mk 22 | 23 | define Package/mtpoe_ctrl 24 | SECTION:=utils 25 | CATEGORY:=Utilities 26 | DEPENDS:=+libuci +kmod-spi-dev 27 | TITLE:=Management utility for Mikrotiks PoE V2/V3/V4 28 | URL:=https://github.com/adron-s/mtpoe_ctrl.git 29 | endef 30 | 31 | define Package/mtpoe_ctrl/description 32 | Management utility for Mikrotiks PoE V2/V3/V4 33 | endef 34 | 35 | define Package/mtpoe_ctrl/install 36 | $(INSTALL_DIR) $(1)/usr/bin 37 | $(INSTALL_BIN) $(PKG_BUILD_DIR)/bins/mtpoe_ctrl $(1)/usr/bin/ 38 | $(INSTALL_DIR) $(1)/etc/init.d 39 | $(INSTALL_BIN) ./files/99-mtpoe_ctrl $(1)/etc/init.d/ 40 | endef 41 | 42 | $(eval $(call BuildPackage,mtpoe_ctrl)) 43 | -------------------------------------------------------------------------------- /src/packages/fff/mtpoe_ctrl/files/99-mtpoe_ctrl: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=11 4 | 5 | USE_PROCD=1 6 | 7 | start_service() { 8 | procd_open_instance 9 | procd_set_param command /usr/bin/mtpoe_ctrl --action=load_poe_from_uci 10 | procd_set_param stdout 1 11 | procd_set_param stderr 1 12 | procd_close_instance 13 | } 14 | 15 | service_triggers() 16 | { 17 | procd_add_reload_trigger system 18 | } 19 | -------------------------------------------------------------------------------- /tools/README.md: -------------------------------------------------------------------------------- 1 | ``` 2 | ____ ____ ____ _____ 3 | | | | | Freifunk 4 | |____ |____ |____ | Franken 5 | | | | | Firmware 6 | | | | | Tools 7 | ``` 8 | 9 | In this folder you will find tools which can help you 10 | hacking and building the firmware. 11 | 12 | 13 | ## buildscript-bash-completion 14 | 15 | Just source this script or put it in your `/etc/bash_completion.d` 16 | It provides all options and parameters of the buildscript on tab. 17 | 18 | 19 | ## dep-tree 20 | 21 | This script collects all fff-package dependencies. You can throw the 22 | output at the graphviz dot-tool to visualize the dependecies-tree. e.g. 23 | ``` 24 | dep-tree | dot -Tx11 25 | dep-tree | dot -Tpdf > dependencies.pdf 26 | ``` 27 | -------------------------------------------------------------------------------- /tools/buildscript-bash-completion: -------------------------------------------------------------------------------- 1 | # completion for buildscript 2 | # just source this script 3 | # or put it in your /etc/bash_completion.d/ (you should rename it) 4 | 5 | _buildscript() { 6 | case "${COMP_WORDS[1]}" in 7 | config) 8 | COMPREPLY=($(compgen -W "openwrt" "${COMP_WORDS[2]}")) 9 | ;; 10 | selectbsp) 11 | COMPREPLY=($(compgen -W "$(find bsp -name '*.bsp')" "${COMP_WORDS[2]}")) 12 | ;; 13 | selectvariant) 14 | COMPREPLY=($(compgen -W "node layer3" "${COMP_WORDS[2]}")) 15 | ;; 16 | build) 17 | COMPREPLY=($(compgen -W "fast debug" "${COMP_WORDS[2]}")) 18 | ;; 19 | buildall) 20 | COMPREPLY=($(compgen -W "fast" "${COMP_WORDS[2]}")) 21 | ;; 22 | release) 23 | case "${COMP_WORDS[2]}" in 24 | all) 25 | COMPREPLY=($(compgen -W "fast" "${COMP_WORDS[3]}")) 26 | ;; 27 | fast) 28 | COMPREPLY=($(compgen -W "all" "${COMP_WORDS[3]}")) 29 | ;; 30 | *) 31 | COMPREPLY=($(compgen -W "fast all" "${COMP_WORDS[2]}")) 32 | ;; 33 | esac;; 34 | *) 35 | COMPREPLY=($(compgen -W "selectbsp selectvariant updatefeeds prepare config build buildall release clean" "${COMP_WORDS[1]}")) 36 | ;; 37 | esac 38 | } 39 | 40 | complete -F _buildscript ./buildscript 41 | -------------------------------------------------------------------------------- /tools/dep-tree: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | usage() { 4 | cat <<- EOF 5 | usage: tools/dep-tree [variant] [variant] 6 | If no parameter is given the selected-variant is used. 7 | Possible variants: node layer3 8 | To display the tree pipe it to dot: 9 | tools/dep-tree | dot -Tx11 10 | EOF 11 | } 12 | 13 | builddir=./build 14 | variant=$(cat selected_variant) 15 | [ $# = 0 ] || variant="$@" 16 | feeds=$builddir/feeds 17 | feed=fff 18 | 19 | tmpfile=$(mktemp) 20 | 21 | write_deps() { 22 | local deps 23 | local dep 24 | local pkg=$1 25 | deps=$(awk -v RS="@@" "/Package: $pkg\\n/ { print }" "${feeds}/${feed}".index | grep ^Depends: | sed 's/Depends: //' | tr -d +) 26 | for dep in $deps; do 27 | echo "\"$pkg\" -> \"$dep\"" >> "$tmpfile" 28 | done 29 | for dep in $deps; do 30 | grep "Package:" "${feeds}/${feed}.index" | grep " $dep$" &> /dev/null && write_deps "$dep" 31 | done 32 | } 33 | 34 | for v in base $variant; do 35 | defaults="$defaults fff-$v" 36 | done 37 | # start tree 38 | for package in $defaults; do 39 | write_deps "$package" 40 | done 41 | 42 | # write the gv file to stdout 43 | echo "digraph G {" 44 | sort "$tmpfile" | uniq | grep -v libc | grep -v libssp | grep -v libpthread | grep -v librt 45 | echo "}" 46 | [ -s $tmpfile ] || usage 47 | rm "$tmpfile" 48 | 49 | 50 | # vim: ts=4 51 | --------------------------------------------------------------------------------