mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2025-12-27 04:23:39 +08:00
Compare commits
1 Commits
netmodes_e
...
voip
| Author | SHA1 | Date | |
|---|---|---|---|
|
96d9b2ba2f |
@@ -8,11 +8,5 @@ config FIREWALLMNGR_PORT_TRIGGER
|
||||
help
|
||||
Set this option to include support for PortTrigger object.
|
||||
|
||||
config FIREWALLMNGR_NAT_INTERFACE_SETTING
|
||||
bool "Include Device.NAT.InterfaceSetting"
|
||||
default n
|
||||
help
|
||||
Set this option to include support for NAT InterfaceSetting object.
|
||||
|
||||
endmenu
|
||||
endif
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=firewallmngr
|
||||
PKG_VERSION:=1.0.9.1
|
||||
PKG_VERSION:=1.0.9
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
|
||||
PKG_SOURCE_VERSION:=3ce0550dbbc49617c36202fc8d63e453467a246e
|
||||
PKG_SOURCE_VERSION:=77ad8425b73a3ac63f6160dc217635394ac87907
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
@@ -52,10 +52,6 @@ ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
|
||||
TARGET_CFLAGS += -DINCLUDE_PORT_TRIGGER
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_FIREWALLMNGR_NAT_INTERFACE_SETTING),y)
|
||||
TARGET_CFLAGS += -DINCLUDE_NAT_IF_SETTING
|
||||
endif
|
||||
|
||||
define Package/firewallmngr/install
|
||||
$(INSTALL_DIR) $(1)/etc/config
|
||||
$(INSTALL_DIR) $(1)/etc/uci-defaults
|
||||
|
||||
@@ -8,13 +8,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=icwmp
|
||||
PKG_VERSION:=9.9.9.4
|
||||
PKG_VERSION:=9.9.9.3
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
|
||||
PKG_SOURCE_VERSION:=868f749f3fd61a094cc4792ea842a261443a99ad
|
||||
PKG_SOURCE_VERSION:=55a64d756afd6249b8bb4cccf2cdaa7e1aa05f91
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -5,12 +5,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=libwifi
|
||||
PKG_VERSION:=7.13.7
|
||||
PKG_VERSION:=7.13.6
|
||||
|
||||
LOCAL_DEV=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=0b3cc45334c167d164c2c79e82522f13698abf92
|
||||
PKG_SOURCE_VERSION:=d17ad7415a821e95618c4739507bf129df3fdebf
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
|
||||
PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
|
||||
@@ -61,7 +61,7 @@ else
|
||||
endif
|
||||
|
||||
ifneq ($(CONFIG_PACKAGE_kmod-mt7915e_en7523),)
|
||||
TARGET_CFLAGS +=-DMT7915_VENDOR_EXT
|
||||
TARGET_CFLAGS=-DMT7915_VENDOR_EXT
|
||||
endif
|
||||
|
||||
PKG_BUILD_DEPENDS:=PACKAGE_kmod-mt7915e_en7523:mt76_en7523
|
||||
|
||||
@@ -31,8 +31,8 @@ MESON_ARGS += \
|
||||
|
||||
define Package/linux-pam/install
|
||||
$(INSTALL_DIR) $(1)/usr/lib/security
|
||||
$(INSTALL_DIR) $(1)/etc/init.d
|
||||
$(INSTALL_BIN) ./linux_pam.init $(1)/etc/init.d/linux_pam
|
||||
$(INSTALL_DIR) $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/pam_faillock.uci_default $(1)/etc/uci-defaults/99-add_pam_faillock
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,linux-pam))
|
||||
|
||||
43
linux-pam/files/pam_faillock.uci_default
Normal file
43
linux-pam/files/pam_faillock.uci_default
Normal file
@@ -0,0 +1,43 @@
|
||||
#!/bin/sh
|
||||
|
||||
create_faillock_files()
|
||||
{
|
||||
# also create files needed by pam_faillock
|
||||
touch /var/log/faillock
|
||||
chmod 700 /var/log/faillock
|
||||
touch /var/log/btmp
|
||||
chmod 700 /var/log/btmp
|
||||
}
|
||||
|
||||
update_pam_common_auth()
|
||||
{
|
||||
local file="/etc/pam.d/common-auth"
|
||||
local deny=6
|
||||
local unlock_time=300
|
||||
|
||||
# update pam_unix.so line
|
||||
sed -i -E 's|^.*pam_unix\.so.*|auth\t sufficient\tpam_unix.so nullok_secure|' "$file"
|
||||
|
||||
# Insert pam_faillock lines before and after pam_unix.so
|
||||
sed -i -E "/pam_unix.so nullok_secure/i auth required pam_faillock.so preauth deny=$deny even_deny_root unlock_time=$unlock_time" "$file"
|
||||
sed -i -E "/pam_unix.so nullok_secure/a auth [default=die] pam_faillock.so authfail audit deny=$deny even_deny_root unlock_time=$unlock_time" "$file"
|
||||
}
|
||||
|
||||
update_pam_common_account()
|
||||
{
|
||||
# update account file
|
||||
sed -i "/pam_unix.so/ i account required pam_faillock.so" /etc/pam.d/common-account
|
||||
}
|
||||
|
||||
if [ -f "/usr/lib/security/pam_faillock.so" ]; then
|
||||
update_pam_common_auth
|
||||
update_pam_common_account
|
||||
create_faillock_files
|
||||
fi
|
||||
|
||||
if [ -f /etc/config/sshd ]; then
|
||||
uci -q set sshd.@sshd[0].UsePAM=1
|
||||
uci commit sshd
|
||||
fi
|
||||
|
||||
exit 0
|
||||
@@ -1,18 +0,0 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
|
||||
START=11
|
||||
STOP=90
|
||||
USE_PROCD=1
|
||||
|
||||
create_faillock_files()
|
||||
{
|
||||
# also create files needed by pam_faillock
|
||||
touch /var/log/faillock
|
||||
chmod 700 /var/log/faillock
|
||||
touch /var/log/btmp
|
||||
chmod 700 /var/log/btmp
|
||||
}
|
||||
|
||||
boot() {
|
||||
create_faillock_files
|
||||
}
|
||||
@@ -55,10 +55,6 @@ config AGENT_OPER_CHANNEL_CHANGE_RELAY_MCAST
|
||||
config AGENT_USE_LIBDPP
|
||||
bool "Depend on libdpp for DPP EasyConnect"
|
||||
|
||||
config AGENT_ZEROTOUCH_DPP
|
||||
bool "Enable Zero-touch DPP bootstrapping. Depends on libztdpp.so"
|
||||
default n
|
||||
|
||||
config AGENT_CHECK_PARTIAL_WIFI_RELOAD
|
||||
bool "Option that allow SSID/PSK simple reload"
|
||||
default y
|
||||
|
||||
@@ -1,14 +1,13 @@
|
||||
#
|
||||
# Copyright (C) 2020-2024 IOPSYS Software Solutions AB
|
||||
# Copyright (C) 2025 Genexis Sweden AB
|
||||
# Copyright (C) 2020-2023 IOPSYS Software Solutions AB
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=map-agent
|
||||
PKG_VERSION:=6.3.7.0
|
||||
PKG_VERSION:=6.3.6.15
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_SOURCE_VERSION:=ab9fa6ffc6978c84ab9a3b410d31c71c3b185430
|
||||
PKG_SOURCE_VERSION:=7b05d265776fca2ff84a63188fcec55c08057e33
|
||||
PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
|
||||
|
||||
PKG_LICENSE:=BSD-3-Clause
|
||||
@@ -27,7 +26,7 @@ include $(INCLUDE_DIR)/package.mk
|
||||
define Package/map-agent
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE:=Wi-Fi Multi-AP Agent (EasyMesh R6)
|
||||
TITLE:=WiFi multi-AP Agent (EasyMesh R2)
|
||||
DEPENDS:=+libwifi +libuci +libubox +ubus +libeasy +libieee1905 +ieee1905 \
|
||||
+ieee1905-map-plugin +ip-bridge +AGENT_USE_LIBDPP:libdpp \
|
||||
+uuidgen +openssl-util +!TARGET_brcmbca:ebtables-legacy \
|
||||
@@ -46,12 +45,9 @@ define Package/dynbhd
|
||||
+ieee1905-map-plugin +map-agent
|
||||
endef
|
||||
|
||||
ifeq ($(CONFIG_AGENT_ZEROTOUCH_DPP),y)
|
||||
TARGET_CFLAGS += -DZEROTOUCH_DPP
|
||||
endif
|
||||
|
||||
define Package/map-agent/description
|
||||
This package provides EasyMesh R6 compliant Wi-Fi Multi-AP Agent.
|
||||
This package implements EasyMesh R2 compliant WiFi Agent.
|
||||
endef
|
||||
|
||||
define Package/dynbhd/description
|
||||
|
||||
@@ -44,16 +44,19 @@ generate_multiap_config() {
|
||||
2g)
|
||||
mode_band=2
|
||||
priority=2
|
||||
dpp_chan="81/1"
|
||||
channels="1 6 11"
|
||||
;;
|
||||
5g)
|
||||
mode_band=5
|
||||
priority=1
|
||||
dpp_chan="128/36"
|
||||
channels="36-64 100-112"
|
||||
;;
|
||||
6g)
|
||||
mode_band=6
|
||||
priority=0
|
||||
dpp_chan="133/49"
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -155,17 +158,13 @@ generate_multiap_config() {
|
||||
uci set mapagent.@bsta[-1].band="$mode_band"
|
||||
uci set mapagent.@bsta[-1].priority="$priority"
|
||||
|
||||
# add dpp_chirp section for 2.4GHz bSTA
|
||||
if [ $mode_band -eq 2 ]; then
|
||||
uci add mapagent dpp_chirp
|
||||
uci set mapagent.@dpp_chirp[-1].type="qrcode"
|
||||
uci set mapagent.@dpp_chirp[-1].device="$device"
|
||||
uci set mapagent.@dpp_chirp[-1].ifname="$ifname"
|
||||
uci set mapagent.@dpp_chirp[-1].band="$mode_band"
|
||||
for channel in $channels; do
|
||||
uci add_list mapagent.@dpp_chirp[-1].channel="$channel"
|
||||
done
|
||||
fi
|
||||
#uci add mapagent dpp_uri
|
||||
#uci set mapagent.@dpp_uri[-1].type="qrcode"
|
||||
#uci set mapagent.@dpp_uri[-1].device="$device"
|
||||
#uci set mapagent.@dpp_uri[-1].ifname="$ifname"
|
||||
#uci set mapagent.@dpp_uri[-1].band="$mode_band"
|
||||
#uci set mapagent.@dpp_uri[-1].chirp_interval="10"
|
||||
#uci add_list mapagent.@dpp_uri[-1].dpp_chan="$dpp_chan"
|
||||
|
||||
if [ $generate_wireless_sta_config -eq 1 ]; then
|
||||
secname="default_sta_${device}"
|
||||
|
||||
@@ -39,10 +39,6 @@ config CONTROLLER_EASYMESH_VENDOR_EXT_OUI
|
||||
config CONTROLLER_USE_LIBDPP
|
||||
bool "Depend on libdpp for DPP EasyConnect"
|
||||
|
||||
config CONTROLLER_ZEROTOUCH_DPP
|
||||
bool "Enable Zero-touch DPP bootstrapping via passphrase."
|
||||
default n
|
||||
|
||||
config CONTROLLER_PROPAGATE_PROBE_REQ
|
||||
depends on CONTROLLER_EASYMESH_VENDOR_EXT
|
||||
bool "Enable publishing probe requests vendor specific messages as UBUS events"
|
||||
|
||||
@@ -6,9 +6,9 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=map-controller
|
||||
PKG_VERSION:=6.4.4.0
|
||||
PKG_VERSION:=6.4.2.9
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_SOURCE_VERSION:=d2e91ca156dbe0b44f0fc551b0a353137343fdf1
|
||||
PKG_SOURCE_VERSION:=c427bbaa53ce470a45a59326281f214f1111c3f7
|
||||
PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@genexis.eu>
|
||||
|
||||
LOCAL_DEV=0
|
||||
@@ -36,9 +36,6 @@ ifeq ($(CONFIG_CONTROLLER_USE_LIBDPP),y)
|
||||
TARGET_CFLAGS += -DUSE_LIBDPP
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_CONTROLLER_ZEROTOUCH_DPP),y)
|
||||
TARGET_CFLAGS += -DZEROTOUCH_DPP
|
||||
endif
|
||||
|
||||
define Package/map-controller/description
|
||||
This package provides WiFi MultiAP Controller as per the EasyMesh-R2 specs.
|
||||
@@ -84,7 +81,6 @@ define Build/InstallDev
|
||||
$(CP) $(PKG_BUILD_DIR)/src/cntlr_commands_impl.h $(1)/usr/include/map-controller
|
||||
$(CP) $(PKG_BUILD_DIR)/src/cntlr_commands.h $(1)/usr/include/map-controller
|
||||
$(CP) $(PKG_BUILD_DIR)/src/cntlr_apis.h $(1)/usr/include/map-controller
|
||||
$(CP) $(PKG_BUILD_DIR)/src/cntlr_plugin.h $(1)/usr/include/map-controller
|
||||
$(CP) $(PKG_BUILD_DIR)/src/wifi_opclass.h $(1)/usr/include/map-controller
|
||||
$(CP) $(PKG_BUILD_DIR)/src/steer_module.h $(1)/usr/include/map-controller
|
||||
$(CP) $(PKG_BUILD_DIR)/src/timer.h $(1)/usr/include/map-controller
|
||||
|
||||
@@ -10,9 +10,8 @@ config controller 'controller'
|
||||
option primary_pcp '0'
|
||||
option stale_sta_timeout '30d'
|
||||
option de_collect_interval '60'
|
||||
list plugin 'zerotouch'
|
||||
|
||||
config sta_steering 'sta_steering'
|
||||
config sta_steering
|
||||
option enable_sta_steer '1'
|
||||
option enable_bsta_steer '0'
|
||||
option rcpi_threshold_2g '70'
|
||||
@@ -24,10 +23,8 @@ config sta_steering 'sta_steering'
|
||||
option plugins_enabled '1'
|
||||
option plugins_policy 'any'
|
||||
list plugins 'rcpi'
|
||||
list plugins 'rate'
|
||||
list plugins 'bsteer'
|
||||
|
||||
config channel_plan 'channel_plan'
|
||||
config channel_plan
|
||||
option preclear_dfs '0'
|
||||
option acs '0'
|
||||
|
||||
|
||||
@@ -1,18 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
cfg=mapcontroller
|
||||
|
||||
# singleton sections
|
||||
sections="channel_plan sta_steering"
|
||||
|
||||
for sec in $sections; do
|
||||
# find unnamed section of given type, only index 0
|
||||
s=$(uci show $cfg | grep -oE "@${sec}\[0\]" | sort -u)
|
||||
[ "$s" = "" ] && continue
|
||||
|
||||
uci rename $cfg.$s=$sec
|
||||
done
|
||||
|
||||
uci commit $cfg
|
||||
@@ -5,12 +5,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=map-plugins
|
||||
PKG_VERSION:=1.1.2
|
||||
PKG_VERSION:=1.0.32
|
||||
|
||||
LOCAL_DEV=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=a76610182366cf05ed7e8f5fbac26890b709eeb4
|
||||
PKG_SOURCE_VERSION:=d8b310edad1b9777aed805682394e3f9bb300d81
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/map-plugins.git
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
@@ -27,18 +27,12 @@ include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
include $(wildcard plugins/*.mk)
|
||||
|
||||
TARGET_CFLAGS += \
|
||||
-I$(STAGING_DIR)/usr/include \
|
||||
-I$(STAGING_DIR)/usr/include/libnl3 \
|
||||
-D_GNU_SOURCE
|
||||
|
||||
MAKE_FLAGS += \
|
||||
CFLAGS="$(TARGET_CFLAGS) -Wall"
|
||||
|
||||
plugins := \
|
||||
$(if $(CONFIG_PACKAGE_map-plugins-steer-rate),steer-rate) \
|
||||
$(if $(CONFIG_PACKAGE_map-plugins-bsteer),bsteer) \
|
||||
$(if $(CONFIG_PACKAGE_map-plugins-zero-touch),zero-touch)
|
||||
$(if $(CONFIG_PACKAGE_map-plugins-bsteer),bsteer)
|
||||
|
||||
ppkg:=$(patsubst plugins/%.mk,map-plugins-%,$(wildcard plugins/*.mk))
|
||||
|
||||
|
||||
@@ -1,22 +0,0 @@
|
||||
define Package/map-plugins-zero-touch
|
||||
$(call Package/map-plugins/Default)
|
||||
TITLE:=Full Zero-touch bootstrapping of Wi-Fi Repeater device(s)
|
||||
DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
|
||||
+libjson-c +libblobmsg-json +map-controller \
|
||||
+map-plugins
|
||||
endef
|
||||
|
||||
define Package/map-plugins-zero-touch/install
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(INSTALL_DIR) $(1)/usr/lib/mapcontroller
|
||||
$(CP) $(PKG_BUILD_DIR)/zero-touch/zerotouch.so $(1)/usr/lib/mapcontroller/zerotouch.so
|
||||
$(CP) $(PKG_BUILD_DIR)/zero-touch/libztdpp.so $(1)/usr/lib/libztdpp.so
|
||||
|
||||
endef
|
||||
|
||||
define Build/Compile/map-plugins-zero-touch
|
||||
$(MAKE) -C $(PKG_BUILD_DIR)/zero-touch \
|
||||
CC="$(TARGET_CC)" \
|
||||
CFLAGS="$(TARGET_CFLAGS)" \
|
||||
LDFLAGS="$(TARGET_LDFLAGS)";
|
||||
endef
|
||||
@@ -16,8 +16,6 @@ l3_mcast_config() {
|
||||
|
||||
l3_network_config() {
|
||||
logger -s -p user.info -t "netmode" "Generating L3 network configuration"
|
||||
|
||||
wandev="$(uci -q get network.WAN.ifname)"
|
||||
|
||||
# Configure L3 Network Mode
|
||||
uci -q set network.lan=interface
|
||||
@@ -38,32 +36,11 @@ l3_network_config() {
|
||||
uci -q delete network.wan.disabled
|
||||
uci -q delete network.wan.username
|
||||
uci -q delete network.wan.password
|
||||
uci -q delete network.wan.ipaddr
|
||||
uci -q delete network.wan.gateway
|
||||
uci -q delete network.wan.netmask
|
||||
|
||||
uci -q set network.wan6=interface
|
||||
uci -q set network.wan6.proto='dhcpv6'
|
||||
uci -q delete network.wan6.disabled
|
||||
|
||||
if [ -n "$wandev" -a -n "$NETMODE_vlanid" -a $NETMODE_vlanid -gt 0 ]; then
|
||||
uci -q set network.vlan_${NETMODE_vlanid}=device
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.type="8021q"
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.name="$wandev.$NETMODE_vlanid"
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.ifname="$wandev"
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.vid=$NETMODE_vlanid
|
||||
|
||||
uci -q set network.wan.device="$wandev.$NETMODE_vlanid"
|
||||
fi
|
||||
|
||||
uci -q delete network.wan.dns
|
||||
if [ -n "$NETMODE_dns_servers" ]; then
|
||||
dns_servers="$(echo $NETMODE_dns_servers | tr ',' ' ')"
|
||||
for server in $dns_servers; do
|
||||
uci -q add_list network.wan.dns=$server
|
||||
done
|
||||
fi
|
||||
|
||||
uci -q delete network.br_lan.ports
|
||||
uci -q set network.br_lan.bridge_empty='1'
|
||||
|
||||
|
||||
@@ -16,8 +16,6 @@ l3_mcast_config() {
|
||||
|
||||
l3_network_pppoe_config() {
|
||||
logger -s -p user.info -t "netmode" "Generating L3 network configuration"
|
||||
|
||||
wandev="$(uci -q get network.WAN.ifname)"
|
||||
|
||||
# Configure L3 Network Mode
|
||||
uci -q set network.lan=interface
|
||||
@@ -38,30 +36,9 @@ l3_network_pppoe_config() {
|
||||
uci -q set network.wan.username="$NETMODE_username"
|
||||
uci -q set network.wan.password="$NETMODE_password"
|
||||
uci -q delete network.wan.disabled
|
||||
uci -q delete network.wan.ipaddr
|
||||
uci -q delete network.wan.gateway
|
||||
uci -q delete network.wan.netmask
|
||||
|
||||
uci -q set network.wan6.disabled='1'
|
||||
|
||||
if [ -n "$wandev" -a -n "$NETMODE_vlanid" -a $NETMODE_vlanid -gt 0 ]; then
|
||||
uci -q set network.vlan_${NETMODE_vlanid}=device
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.type="8021q"
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.name="$wandev.$NETMODE_vlanid"
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.ifname="$wandev"
|
||||
uci -q set network.vlan_${NETMODE_vlanid}.vid=$NETMODE_vlanid
|
||||
|
||||
uci -q set network.wan.device="$wandev.$NETMODE_vlanid"
|
||||
fi
|
||||
|
||||
uci -q delete network.wan.dns
|
||||
if [ -n "$NETMODE_dns_servers" ]; then
|
||||
dns_servers="$(echo $NETMODE_dns_servers | tr ',' ' ')"
|
||||
for server in $dns_servers; do
|
||||
uci -q add_list network.wan.dns=$server
|
||||
done
|
||||
fi
|
||||
|
||||
uci -q delete network.br_lan.ports
|
||||
uci -q set network.br_lan.bridge_empty='1'
|
||||
|
||||
|
||||
@@ -1,128 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
. /usr/share/libubox/jshn.sh
|
||||
|
||||
source "/etc/device_info"
|
||||
|
||||
l3_mcast_config() {
|
||||
# configure L3 mcast config
|
||||
logger -s -p user.info -t "netmode" "Generating L3 mcast configuration"
|
||||
|
||||
rm -f /etc/config/mcast
|
||||
sh /rom/etc/uci-defaults/61-mcast_config_generate
|
||||
uci -q commit mcast
|
||||
}
|
||||
|
||||
l3_network_config() {
|
||||
logger -s -p user.info -t "netmode" "Generating L3 network configuration"
|
||||
|
||||
wandev="$(uci -q get network.WAN.ifname)"
|
||||
|
||||
# Configure L3 Network Mode
|
||||
uci -q set network.lan=interface
|
||||
uci -q set network.lan.device='br-lan'
|
||||
uci -q set network.lan.proto='static'
|
||||
uci -q set network.lan.ipaddr='192.168.1.1'
|
||||
uci -q set network.lan.netmask='255.255.255.0'
|
||||
uci -q set network.lan.ip6assign='60'
|
||||
uci -q delete network.lan.vendorid
|
||||
uci -q delete network.lan.clientid
|
||||
uci -q delete network.lan.reqopts
|
||||
uci -q delete network.lan.sendopts
|
||||
|
||||
uci -q delete network.lan6
|
||||
|
||||
uci -q set network.wan=interface
|
||||
uci -q set network.wan.device="$wandev"
|
||||
uci -q set network.wan.proto='static'
|
||||
uci -q set network.wan.ipaddr="$NETMODE_ipaddr"
|
||||
uci -q set network.wan.gateway="$NETMODE_gateway"
|
||||
uci -q set network.wan.netmask="$NETMODE_netmask"
|
||||
uci -q delete network.wan.disabled
|
||||
uci -q delete network.wan.username
|
||||
uci -q delete network.wan.password
|
||||
|
||||
uci -q set network.wan6.disabled='1'
|
||||
|
||||
uci -q delete network.wan.dns
|
||||
if [ -n "$NETMODE_dns_servers" ]; then
|
||||
dns_servers="$(echo $NETMODE_dns_servers | tr ',' ' ')"
|
||||
for server in $dns_servers; do
|
||||
uci -q add_list network.wan.dns=$server
|
||||
done
|
||||
fi
|
||||
|
||||
uci -q delete network.wan.dns
|
||||
if [ -n "$NETMODE_dns_servers" ]; then
|
||||
IFS=',' read -ra ADDRS <<< "$NETMODE_dns_servers"
|
||||
for ip in "${ADDRS[@]}"; do
|
||||
uci -q add_list network.wan.dns=$ip
|
||||
done
|
||||
fi
|
||||
|
||||
uci -q delete network.br_lan.ports
|
||||
uci -q set network.br_lan.bridge_empty='1'
|
||||
|
||||
add_port_to_br_lan() {
|
||||
port="$1"
|
||||
[ -n "$port" -a -d /sys/class/net/$port ] || continue
|
||||
uci add_list network.br_lan.ports="$port"
|
||||
}
|
||||
|
||||
if [ -f /etc/board.json ]; then
|
||||
json_load_file /etc/board.json
|
||||
json_select network
|
||||
json_select lan
|
||||
if json_is_a ports array; then
|
||||
json_for_each_item add_port_to_br_lan ports
|
||||
else
|
||||
json_get_var device device
|
||||
[ -n "$device" ] && uci add_list network.br_lan.ports="$device"
|
||||
fi
|
||||
json_select ..
|
||||
json_select wan 2>/dev/null
|
||||
json_get_var device device
|
||||
if [ -n "$device" ]; then
|
||||
uci -q set network.wan.device="$device"
|
||||
uci -q set network.wan6.device="$device"
|
||||
fi
|
||||
json_cleanup
|
||||
fi
|
||||
|
||||
uci -q commit network
|
||||
|
||||
# Enable DHCP Server
|
||||
uci -q set dhcp.lan.ignore=0
|
||||
uci -q set dhcp.wan.ignore=1
|
||||
uci -q commit dhcp
|
||||
/etc/init.d/odhcpd enable
|
||||
|
||||
# Enable SSDPD
|
||||
uci -q set ssdpd.ssdp.enabled="1"
|
||||
uci -q commit ssdpd
|
||||
|
||||
# Update CWMP Agent WAN Interface
|
||||
uci -q set cwmp.cpe.default_wan_interface="wan"
|
||||
uci -q commit cwmp
|
||||
|
||||
# Update gateway WAN Interface
|
||||
uci -q set gateway.global.wan_interface="wan"
|
||||
uci -q commit gateway
|
||||
|
||||
# Enable firewall
|
||||
uci -q set firewall.globals.enabled="1"
|
||||
uci -q commit firewall
|
||||
}
|
||||
|
||||
l3_network_config
|
||||
l3_mcast_config
|
||||
|
||||
# If device is already boot-up, assume netmode changed during runtime
|
||||
if [ -f /var/run/boot_complete ]; then
|
||||
/etc/init.d/odhcpd restart 2>/dev/null
|
||||
for config in network dhcp ssdpd cwmp gateway firewall mcast; do
|
||||
ubus call uci commit "{\"config\":\"$config\"}"
|
||||
sleep 1
|
||||
done
|
||||
fi
|
||||
@@ -3,90 +3,25 @@
|
||||
"supported_modes": [
|
||||
{
|
||||
"name": "routed-dhcp",
|
||||
"description": "DHCP",
|
||||
"supported_args": [
|
||||
{
|
||||
"name": "vlanid",
|
||||
"description": "VLAN ID",
|
||||
"required": false,
|
||||
"type": "integer"
|
||||
},
|
||||
{
|
||||
"name": "dns_servers",
|
||||
"description": "DNS Servers, comma separated",
|
||||
"required": false,
|
||||
"type": "string"
|
||||
}
|
||||
]
|
||||
"description": "WAN with DHCP proto (Layer 3)"
|
||||
},
|
||||
{
|
||||
"name": "routed-pppoe",
|
||||
"description": "PPPoE",
|
||||
"description": "WAN with PPPoE (Layer 3)",
|
||||
"supported_args": [
|
||||
{
|
||||
"name": "username",
|
||||
"description": "PPPoE Username",
|
||||
"description": "PPPoE username",
|
||||
"required": true,
|
||||
"type": "string",
|
||||
"type": "string",
|
||||
"#value": "TestUser"
|
||||
},
|
||||
{
|
||||
"name": "password",
|
||||
"description": "PPPoE Password",
|
||||
"description": "PPPoE password",
|
||||
"required": true,
|
||||
"type": "string",
|
||||
"type": "string",
|
||||
"#value": "TestPassword"
|
||||
},
|
||||
{
|
||||
"name": "vlanid",
|
||||
"description": "VLAN ID",
|
||||
"required": false,
|
||||
"type": "integer"
|
||||
},
|
||||
{
|
||||
"name": "dns_servers",
|
||||
"description": "DNS Servers, comma separated",
|
||||
"required": false,
|
||||
"type": "string"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "routed-static",
|
||||
"description": "Static",
|
||||
"supported_args": [
|
||||
{
|
||||
"name": "ipaddr",
|
||||
"description": "IP Address",
|
||||
"required": true,
|
||||
"type": "string",
|
||||
"#value": "93.21.0.104"
|
||||
},
|
||||
{
|
||||
"name": "netmask",
|
||||
"description": "Subnet Mask",
|
||||
"required": true,
|
||||
"type": "string",
|
||||
"#value": "255.255.255.0"
|
||||
},
|
||||
{
|
||||
"name": "gateway",
|
||||
"description": "Default Gateway",
|
||||
"required": true,
|
||||
"type": "string",
|
||||
"#value": "93.21.0.1"
|
||||
},
|
||||
{
|
||||
"name": "vlanid",
|
||||
"description": "VLAN ID",
|
||||
"required": false,
|
||||
"type": "integer"
|
||||
},
|
||||
{
|
||||
"name": "dns_servers",
|
||||
"description": "DNS servers, comma separated",
|
||||
"required": false,
|
||||
"type": "string"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@ USE_PROCD=1
|
||||
|
||||
PROG=/usr/sbin/obuspa
|
||||
CONFIGURATION=obuspa
|
||||
FIRST_BOOT="/etc/obuspa/boot_marker"
|
||||
|
||||
ENV_PROFILE="/root/.profile"
|
||||
KEEP_FILE="/lib/upgrade/keep.d/obuspa"
|
||||
|
||||
@@ -871,12 +871,6 @@ sync_uci_with_db()
|
||||
return 0;
|
||||
fi
|
||||
|
||||
# Skip overriding uci in case of Firstboot
|
||||
if [ ! -f "${FIRST_BOOT}" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
log "Syncing obuspa uci with usp.db ...."
|
||||
config_load obuspa
|
||||
sync_db_controller
|
||||
sync_db_localagent_mtp
|
||||
@@ -984,6 +978,7 @@ db_init()
|
||||
# Only do this if db have reasonable data
|
||||
val="$(awk 'END{print NR}' ${DB_DUMP})"
|
||||
if [ "$val" -gt 15 ]; then
|
||||
log "Syncing obuspa uci with usp.db ...."
|
||||
sync_uci_with_db
|
||||
fi
|
||||
fi
|
||||
@@ -1031,7 +1026,6 @@ db_init()
|
||||
cat ${CTRUST_RESET_FILE} >> ${RESET_FILE}
|
||||
rm ${CTRUST_RESET_FILE}
|
||||
fi
|
||||
[ -f "${FIRST_BOOT}" ] || touch "${FIRST_BOOT}"
|
||||
}
|
||||
|
||||
start_service() {
|
||||
@@ -1049,6 +1043,7 @@ start_service() {
|
||||
procd_set_param respawn \
|
||||
"${respawn_threshold:-10}" \
|
||||
"${respawn_timeout:-10}" "${respawn_retry:-5}"
|
||||
#procd_set_param limits core="unlimited"
|
||||
fi
|
||||
procd_close_instance ${CONFIGURATION}
|
||||
}
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=parental-control
|
||||
PKG_VERSION:=1.4.1
|
||||
PKG_VERSION:=1.3.1
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/network/parental-control.git
|
||||
PKG_SOURCE_VERSION:=bd852e8b0a6528893917fb89e2ea27a8920f6280
|
||||
PKG_SOURCE_VERSION:=b1e5b3f81f08271bdaf9cb4bda8a7696a27be3c6
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -12,9 +12,7 @@ validate_global_section() {
|
||||
uci_validate_section parentalcontrol globals globals \
|
||||
'enable:bool:1' \
|
||||
'loglevel:uinteger:3' \
|
||||
'queue_num:uinteger:53' \
|
||||
'bundle_path:string' \
|
||||
'default_wan_interface:string:wan' \
|
||||
'urlfilter:bool'
|
||||
}
|
||||
|
||||
@@ -26,12 +24,11 @@ remove_fw_rules() {
|
||||
}
|
||||
|
||||
configure_fw_rules() {
|
||||
local enable urlfilter queue_num
|
||||
local enable urlfilter
|
||||
|
||||
config_load parentalcontrol
|
||||
config_get_bool enable globals enable 0
|
||||
config_get_bool urlfilter globals urlfilter 0
|
||||
config_get queue_num globals queue_num 53
|
||||
|
||||
remove_fw_rules
|
||||
|
||||
@@ -40,11 +37,6 @@ configure_fw_rules() {
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ "${queue_num}" -lt 0 ] || [ "${queue_num}" -gt 65535 ]; then
|
||||
log "ERROR: queue_num not in 0-65535"
|
||||
return 1
|
||||
fi
|
||||
|
||||
if [ "${urlfilter}" -eq "1" ]; then
|
||||
if [ ! -f "${OVERRIDE_JSON}" ]; then
|
||||
# throw error
|
||||
@@ -56,11 +48,11 @@ configure_fw_rules() {
|
||||
hw_nat -! > /dev/null 2>&1
|
||||
fi
|
||||
if which conntrack > /dev/null 2>&1; then
|
||||
flush_conntrack_for_hosts
|
||||
conntrack -F > /dev/null 2>&1
|
||||
fi
|
||||
|
||||
# this is for urlfilter daemon
|
||||
add_iptables_nfqueue_rules "$queue_num"
|
||||
add_iptables_nfqueue_rules
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -115,7 +107,7 @@ start_service() {
|
||||
|
||||
procd_open_instance "parentalcontrol"
|
||||
procd_set_param command nice -n 10 "${PROG}" # Lower priority
|
||||
procd_append_param command -l "${loglevel}"
|
||||
procd_append_param command -l ${loglevel}
|
||||
procd_set_param respawn
|
||||
procd_close_instance
|
||||
}
|
||||
@@ -128,19 +120,11 @@ stop_service() {
|
||||
}
|
||||
|
||||
reload_service() {
|
||||
local arg="$1"
|
||||
|
||||
ret=$(ubus call service list '{"name":"parentalcontrol"}' | jsonfilter -qe '@.parentalcontrol.instances.parentalcontrol.running')
|
||||
if [ "$ret" != "true" ]; then
|
||||
stop
|
||||
start
|
||||
else
|
||||
if [ "$arg" = "network" ]; then
|
||||
pidof_sync="$(pidof sync_bundles.sh)"
|
||||
[ -n "$pidof_sync" ] && kill "$pidof_sync"
|
||||
sleep 5
|
||||
fi
|
||||
|
||||
configure_fw_rules
|
||||
copy_dhcp_leases
|
||||
ubus send parentalcontrol.reload
|
||||
@@ -148,19 +132,6 @@ reload_service() {
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
local enable urlfilter default_wan_interface
|
||||
|
||||
validate_global_section || {
|
||||
return 1
|
||||
}
|
||||
|
||||
if [ "${urlfilter}" = "1" ] && [ "$enable" = "1" ] && [ -n "$default_wan_interface" ]; then
|
||||
log "Adding interface trigger for $default_wan_interface"
|
||||
procd_open_trigger
|
||||
procd_add_interface_trigger "interface.*.up" "$default_wan_interface" /etc/init.d/parentalcontrol reload "network"
|
||||
procd_close_trigger
|
||||
fi
|
||||
|
||||
procd_add_reload_trigger "parentalcontrol"
|
||||
procd_add_reload_trigger "schedules"
|
||||
}
|
||||
|
||||
@@ -438,118 +438,102 @@ add_internet_schedule_rules() {
|
||||
}
|
||||
|
||||
add_iptables_nfqueue_rules() {
|
||||
local queue_num="$1"
|
||||
local filter_used
|
||||
|
||||
# Check if urlfilter used
|
||||
if ! uci show parentalcontrol | grep -q profile_urlfilter; then
|
||||
return
|
||||
fi
|
||||
# Check if urlfilter used
|
||||
if ! uci show parentalcontrol | grep -q profile_urlfilter; then
|
||||
return
|
||||
fi
|
||||
|
||||
# IPv4
|
||||
# FORWARD
|
||||
if ! iptables -w -nL | grep -q "URLFILTER_FORWARD"; then
|
||||
iptables -w -N URLFILTER_FORWARD
|
||||
iptables -w -I FORWARD 1 -j URLFILTER_FORWARD
|
||||
# IPv4 rules
|
||||
iptables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -ne 0 ]; then
|
||||
# capture DNS responses (UDP/TCP sport 53) in FORWARD
|
||||
iptables -w -I FORWARD 1 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I FORWARD 1 -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# capture DNS responses (sport 53)
|
||||
iptables -w -A URLFILTER_FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_FORWARD -p udp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
# INPUT: DNS replies to router, skip loopback
|
||||
iptables -w -I INPUT 1 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I INPUT 1 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# HTTP/HTTPS flows
|
||||
iptables -w -A URLFILTER_FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
# OUTPUT: DNS replies from router, skip loopback
|
||||
iptables -w -I OUTPUT 1 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I OUTPUT 1 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# INPUT
|
||||
if ! iptables -w -nL | grep -q "URLFILTER_INPUT"; then
|
||||
iptables -w -N URLFILTER_INPUT
|
||||
iptables -w -I INPUT 1 -j URLFILTER_INPUT
|
||||
# HTTP/HTTPS flows for urlfilter
|
||||
iptables -w -I FORWARD 1 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I FORWARD 1 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
iptables -w -A URLFILTER_INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
# disable acceleration for https packet so that they can be read by urlfilter
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
|
||||
# OUTPUT
|
||||
if ! iptables -w -nL | grep -q "URLFILTER_OUTPUT"; then
|
||||
iptables -w -N URLFILTER_OUTPUT
|
||||
iptables -w -I OUTPUT 1 -j URLFILTER_OUTPUT
|
||||
# IPv6 rules
|
||||
ip6tables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -ne 0 ]; then
|
||||
# capture DNS responses (UDP/TCP sport 53) in FORWARD
|
||||
ip6tables -w -I FORWARD 1 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I FORWARD 1 -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
iptables -w -A URLFILTER_OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
# INPUT: DNS replies to router, skip loopback
|
||||
ip6tables -w -I INPUT 1 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I INPUT 1 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# ebtables bypass for IPv4
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
# OUTPUT: DNS replies from router, skip loopback
|
||||
ip6tables -w -I OUTPUT 1 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I OUTPUT 1 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# IPv6
|
||||
# FORWARD
|
||||
if ! ip6tables -w -nL | grep -q "URLFILTER_FORWARD6"; then
|
||||
ip6tables -w -N URLFILTER_FORWARD6
|
||||
ip6tables -w -I FORWARD 1 -j URLFILTER_FORWARD6
|
||||
# HTTP/HTTPS flows for urlfilter
|
||||
ip6tables -w -I FORWARD 1 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I FORWARD 1 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p tcp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p udp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
|
||||
# INPUT
|
||||
if ! ip6tables -w -nL | grep -q "URLFILTER_INPUT6"; then
|
||||
ip6tables -w -N URLFILTER_INPUT6
|
||||
ip6tables -w -I INPUT 1 -j URLFILTER_INPUT6
|
||||
|
||||
ip6tables -w -A URLFILTER_INPUT6 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_INPUT6 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
|
||||
# OUTPUT
|
||||
if ! ip6tables -w -nL | grep -q "URLFILTER_OUTPUT6"; then
|
||||
ip6tables -w -N URLFILTER_OUTPUT6
|
||||
ip6tables -w -I OUTPUT 1 -j URLFILTER_OUTPUT6
|
||||
|
||||
ip6tables -w -A URLFILTER_OUTPUT6 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_OUTPUT6 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
|
||||
# ebtables bypass for IPv6
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
# disable acceleration for https packet so that they can be read by urlfilter
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
remove_iptables_nfqueue_rules() {
|
||||
# IPv4
|
||||
for chain in URLFILTER_FORWARD URLFILTER_INPUT URLFILTER_OUTPUT; do
|
||||
if iptables -w -nL | grep -q "$chain"; then
|
||||
iptables -w -D FORWARD -j $chain 2>/dev/null
|
||||
iptables -w -D INPUT -j $chain 2>/dev/null
|
||||
iptables -w -D OUTPUT -j $chain 2>/dev/null
|
||||
iptables -w -F $chain
|
||||
iptables -w -X $chain
|
||||
fi
|
||||
done
|
||||
iptables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -eq 0 ]; then
|
||||
# DNS response rules
|
||||
iptables -w -D FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D FORWARD -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
# HTTP/HTTPS
|
||||
iptables -w -D FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# IPv6
|
||||
for chain in URLFILTER_FORWARD6 URLFILTER_INPUT6 URLFILTER_OUTPUT6; do
|
||||
if ip6tables -w -nL | grep -q "$chain"; then
|
||||
ip6tables -w -D FORWARD -j $chain 2>/dev/null
|
||||
ip6tables -w -D INPUT -j $chain 2>/dev/null
|
||||
ip6tables -w -D OUTPUT -j $chain 2>/dev/null
|
||||
ip6tables -w -F $chain
|
||||
ip6tables -w -X $chain
|
||||
fi
|
||||
done
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ip6tables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -eq 0 ]; then
|
||||
# DNS response rules
|
||||
ip6tables -w -D FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D FORWARD -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# HTTP/HTTPS
|
||||
ip6tables -w -D FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
remove_internet_schedule_rules() {
|
||||
@@ -567,62 +551,6 @@ remove_internet_schedule_rules() {
|
||||
fi
|
||||
}
|
||||
|
||||
# Global array for resolved IPs
|
||||
URLFILTER_IPS=""
|
||||
|
||||
# Resolve hostname or MAC to IP from lease_file
|
||||
get_host_ip() {
|
||||
local host="$1"
|
||||
local ip
|
||||
local lease_file="/tmp/dhcp.leases"
|
||||
|
||||
[ -f "$lease_file" ] || lease_file="/etc/parentalcontrol/dhcp.leases"
|
||||
[ -f "$lease_file" ] || { log "Error: get_host_ip(): No DHCP lease file found."; return 1; }
|
||||
|
||||
# try DHCP lease lookup
|
||||
ip="$(awk -v h="$host" '
|
||||
{
|
||||
mac=$2; ipaddr=$3; name=$4
|
||||
if (h == name || h == mac) { print ipaddr; exit }
|
||||
}' "$lease_file")"
|
||||
|
||||
[ -n "$ip" ] && URLFILTER_IPS="$URLFILTER_IPS $ip"
|
||||
}
|
||||
|
||||
# Process each profile section
|
||||
resolve_profile_hosts() {
|
||||
local section="$1"
|
||||
local hostlist
|
||||
|
||||
config_get hostlist "$section" host
|
||||
[ -z "$hostlist" ] && return
|
||||
|
||||
for h in $hostlist; do
|
||||
get_host_ip "$h"
|
||||
done
|
||||
}
|
||||
|
||||
# Main function to collect IPs and delete conntrack entries
|
||||
flush_conntrack_for_hosts() {
|
||||
URLFILTER_IPS=""
|
||||
local count max
|
||||
|
||||
config_foreach resolve_profile_hosts profile
|
||||
|
||||
URLFILTER_IPS="$(echo "$URLFILTER_IPS" | tr ' ' '\n' | sort -u | xargs)"
|
||||
for ip in $URLFILTER_IPS; do
|
||||
count=0
|
||||
max=1000
|
||||
while conntrack -D -s "$ip" >/dev/null 2>&1; do
|
||||
count=$((count+1))
|
||||
if [ $count -ge $max ]; then
|
||||
log "Warning: Forced to stop conntrack delete after $max deletions for $ip (possible loop)"
|
||||
break
|
||||
fi
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
OVERRIDE_JSON="/etc/parentalcontrol/urlbundle_override.json"
|
||||
DM_PLUGIN_PATH="/usr/share/bbfdm/micro_services/parentalcontrol/urlbundle_override.json"
|
||||
|
||||
|
||||
@@ -161,23 +161,7 @@ handle_download_url() {
|
||||
# If the URL is HTTP, fetch the file size
|
||||
local bundle_file_size
|
||||
if echo "$sanitized_url" | grep -qE "^https?://"; then
|
||||
bundle_file_header="$(curl -Is --max-time 30 "$sanitized_url" 2>/var/log/urlfilter_curl_err.log)"
|
||||
curl_rc=$?
|
||||
|
||||
case $curl_rc in
|
||||
0)
|
||||
# Success
|
||||
;;
|
||||
6|7|28|35|52|55|56)
|
||||
log_info "handle_download_url: URL not reachable (curl rc=$curl_rc): ${sanitized_url}"
|
||||
return 1
|
||||
;;
|
||||
*)
|
||||
log_info "handle_download_url: unexpected curl rc=$curl_rc for ${sanitized_url}"
|
||||
;;
|
||||
esac
|
||||
|
||||
bundle_file_size="$(echo "$bundle_file_header" | grep -i 'content-length' | cut -d: -f2 | xargs)"
|
||||
bundle_file_size="$(curl -I "$sanitized_url" 2>&1 | grep -i 'content-length' | cut -d: -f2 | xargs)"
|
||||
[ -z "$bundle_file_size" ] && bundle_file_size=0
|
||||
else
|
||||
# If it's a file:// URL, get the file size from the filesystem
|
||||
|
||||
@@ -39,6 +39,9 @@ define Package/$(PKG_NAME)/install
|
||||
|
||||
$(INSTALL_DIR) $(1)/usr/lib/security
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/pam_passwdqc.so $(1)/usr/lib/security/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/passwdqc.uci_default $(1)/etc/uci-defaults/99-add_passwdqc_pam
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,$(PKG_NAME)))
|
||||
|
||||
19
passwdqc/files/passwdqc.uci_default
Normal file
19
passwdqc/files/passwdqc.uci_default
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/bin/sh
|
||||
|
||||
CONFIG_FILE="/etc/pam.d/common-password"
|
||||
# for some reason setting to 8 makes passwdqc accept minimum 12 letter password with this configuration
|
||||
# if we set it to 12 then we need atleast 16 characters and so on
|
||||
# passphrase = 0 means no space separated words
|
||||
# rest can be figured out from passwdqc man page
|
||||
MODULE_LINE="password requisite pam_passwdqc.so min=disabled,disabled,disabled,disabled,8 max=20 passphrase=0 retry=3 enforce=everyone"
|
||||
|
||||
# Ensure the file exists before modifying
|
||||
[ -f "$CONFIG_FILE" ] || exit 0
|
||||
|
||||
# Check if pam_passwdqc is already in the file
|
||||
if ! grep -q "pam_passwdqc.so" "$CONFIG_FILE"; then
|
||||
# Insert before pam_unix.so
|
||||
sed -i "/pam_unix.so/ i\\$MODULE_LINE" "$CONFIG_FILE"
|
||||
fi
|
||||
|
||||
exit 0
|
||||
@@ -1,7 +1,7 @@
|
||||
if PACKAGE_sshmngr
|
||||
choice
|
||||
prompt "Select backend for SSH management"
|
||||
default SSHMNGR_BACKEND_OPENSSH_PAM
|
||||
default SSHMNGR_BACKEND_OPENSSH
|
||||
depends on PACKAGE_sshmngr
|
||||
help
|
||||
Select which backend daemon to use for SSH
|
||||
|
||||
@@ -5,11 +5,11 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-base
|
||||
PKG_VERSION:=5.1.7
|
||||
PKG_VERSION:=5.1.2
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu.git
|
||||
PKG_SOURCE_VERSION:=c87ba4d9648280dde6987493fc423cdd64128b09
|
||||
PKG_SOURCE_VERSION:=6ee43863415b54c312a56e113a7a91d5ae25df28
|
||||
PKG_MIRROR_HASH:=skip
|
||||
|
||||
SULU_MOD:=core
|
||||
|
||||
@@ -5,12 +5,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-builder
|
||||
PKG_VERSION:=5.1.7
|
||||
PKG_VERSION:=5.1.2
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu-builder.git
|
||||
PKG_SOURCE_VERSION:=ff551283f7b05674f3215a0ece2de777223347ee
|
||||
PKG_SOURCE_VERSION:=cca6a777e46584c888a1a06fafa75f7a063b803d
|
||||
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/sulu-$(PKG_VERSION)/sulu-builder-$(PKG_SOURCE_VERSION)
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
|
||||
. /lib/functions.sh
|
||||
. /usr/share/libubox/jshn.sh
|
||||
#. /lib/functions/iopsys-environment.sh
|
||||
|
||||
RESTART_REQ=0
|
||||
_RESTART_SERVICES="0"
|
||||
@@ -169,20 +170,18 @@ _create_mosquitto_acl() {
|
||||
|
||||
users="$(_get_sulu_user_roles)"
|
||||
if [ -f "${ACL_FILE}" ]; then
|
||||
acl_users="$(awk '/^user / {print $2}' "${ACL_FILE}")"
|
||||
for user in ${acl_users}; do
|
||||
if ! echo "$users" | grep -qwF "$user"; then
|
||||
acl_users="$(awk '/^user/ {print $2}' "${ACL_FILE}")"
|
||||
for user in ${users}; do
|
||||
if ! grep -q "$user" "${acl_users}"; then
|
||||
rm -f "${ACL_FILE}"
|
||||
RESTART_REQ="1"
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
[ -f "${ACL_FILE}" ] || touch "${ACL_FILE}"
|
||||
touch "${ACL_FILE}"
|
||||
|
||||
agentid="$(_get_agent_id)"
|
||||
for user in ${users}; do
|
||||
if ! grep -qxF "user $user" "${ACL_FILE}"; then
|
||||
if ! grep -q "user $user" "${ACL_FILE}"; then
|
||||
{
|
||||
echo "user ${user}"
|
||||
echo "topic read /usp/${agentid}/${user}/controller/reply-to"
|
||||
@@ -201,7 +200,9 @@ _create_mosquitto_acl() {
|
||||
}
|
||||
|
||||
update_obuspa_config() {
|
||||
|
||||
RESTART_REQ=0
|
||||
uci_load obuspa
|
||||
_update_obuspa_config_rbac
|
||||
uci_commit obuspa
|
||||
|
||||
@@ -217,7 +218,7 @@ configure_sulu() {
|
||||
generate_sulu_conn_config
|
||||
}
|
||||
|
||||
while getopts ":r" opt; do
|
||||
while getopts ":rq" opt; do
|
||||
case ${opt} in
|
||||
r)
|
||||
_RESTART_SERVICES="1"
|
||||
|
||||
@@ -1,16 +1,15 @@
|
||||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
UCI_TEMPLATE="/etc/nginx/uci.conf.template"
|
||||
|
||||
if [ ! -f "/etc/config/mosquitto" ]; then
|
||||
logger -t sulu.ucidefault "Local mosquitto broker not available"
|
||||
return 1
|
||||
echo "Local mosquitto broker not available"
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ ! -f "${UCI_TEMPLATE}" ]; then
|
||||
logger -t sulu.ucidefault "nginx utils not installed, sulu can't run"
|
||||
return 1
|
||||
echo "nginx utils not installed, sulu can't run"
|
||||
return 0
|
||||
fi
|
||||
|
||||
update_nginx_uci_template()
|
||||
@@ -20,7 +19,7 @@ update_nginx_uci_template()
|
||||
port="$(uci -q get mosquitto.sulu.port)"
|
||||
port="${port:-9009}"
|
||||
|
||||
if ! grep -w "upstream websocket" ${UCI_TEMPLATE} | grep -wq "127.0.0.1:${port}"; then
|
||||
if ! grep -q "upstream websocket" ${UCI_TEMPLATE}; then
|
||||
sed -i '/#UCI_HTTP_CONFIG$/i\ map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
|
||||
sed -i "/#UCI_HTTP_CONFIG$/i\ upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}
|
||||
fi
|
||||
@@ -28,30 +27,37 @@ update_nginx_uci_template()
|
||||
|
||||
add_sulu_config_to_mosquitto()
|
||||
{
|
||||
uci_add mosquitto listener sulu
|
||||
uci_set mosquitto sulu enabled 1
|
||||
uci_set mosquitto sulu port '9009'
|
||||
uci_set mosquitto sulu no_remote_access '1'
|
||||
uci_set mosquitto sulu protocol 'websockets'
|
||||
uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
|
||||
uci_set mosquitto sulu acl_file '/etc/sulu/mqtt.acl'
|
||||
if ! uci_get mosquitto sulu >/dev/null 2>&1; then
|
||||
uci_add mosquitto listener sulu
|
||||
uci_set mosquitto sulu enabled 1
|
||||
uci_set mosquitto sulu port '9009'
|
||||
uci_set mosquitto sulu no_remote_access '1'
|
||||
uci_set mosquitto sulu protocol 'websockets'
|
||||
uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
|
||||
uci_set mosquitto sulu acl_file '/etc/sulu/mqtt.acl'
|
||||
fi
|
||||
}
|
||||
|
||||
add_sulu_userinterface_uci()
|
||||
{
|
||||
if [ -f "/etc/config/userinterface" ]; then
|
||||
uci_load userinterface
|
||||
|
||||
if ! uci_get userinterface _sulu_s >/dev/null 2>&1; then
|
||||
uci_add userinterface http_access _sulu_s
|
||||
uci_set userinterface _sulu_s path_prefix '/sulu'
|
||||
uci_set userinterface _sulu_s port '8443'
|
||||
uci_set userinterface _sulu_s _nginx_include '/etc/sulu/nginx.locations'
|
||||
uci_add_list userinterface _sulu_s _nginx_include '/etc/sulu/nginx.locations'
|
||||
uci_set userinterface _sulu_s _nginx_uci_manage_ssl 'self-signed'
|
||||
uci_set userinterface _sulu_s _nginx_ssl_certificate '/etc/nginx/conf.d/_lan.crt'
|
||||
uci_set userinterface _sulu_s _nginx_ssl_certificate_key '/etc/nginx/conf.d/_lan.key'
|
||||
uci_set userinterface _sulu_s _nginx_ssl_session_cache 'none'
|
||||
uci_set userinterface _sulu_s _nginx_error_page '503 /maintenance.html'
|
||||
uci_set userinterface _sulu_s protocol 'HTTPS'
|
||||
uci_set userinterface _sulu_s role 'admin user'
|
||||
uci_add_list userinterface _sulu_s role 'admin'
|
||||
uci_add_list userinterface _sulu_s role 'user'
|
||||
fi
|
||||
|
||||
if ! uci_get userinterface _suluredirect >/dev/null 2>&1; then
|
||||
uci_add userinterface http_access _suluredirect
|
||||
uci_set userinterface _suluredirect redirect '_sulu_s'
|
||||
uci_set userinterface _suluredirect protocol 'HTTP'
|
||||
|
||||
@@ -2,16 +2,23 @@
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
uci_load nginx
|
||||
# this is to make sure to not mess up existing config
|
||||
if uci_get nginx _sulu_s >/dev/null 2>&1; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
update_default_nginx_listner() {
|
||||
if [ ! -f "/etc/config/nginx" ]; then
|
||||
return 0
|
||||
|
||||
if [ ! -f /etc/config/nginx ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
if ! uci_get nginx _lan >/dev/null 2>&1; then
|
||||
return 0
|
||||
return
|
||||
fi
|
||||
|
||||
if ! opkg list-installed | grep -q "^luci "; then
|
||||
if ! opkg list-installed |grep -q "luci "; then
|
||||
echo "Luci not installed, removing luci config"
|
||||
uci_remove nginx _lan
|
||||
uci_remove nginx _redirect2ssl
|
||||
@@ -21,7 +28,7 @@ update_default_nginx_listner() {
|
||||
uci_add_list nginx _lan listen "[::]:8443 ssl default_server"
|
||||
|
||||
if ! uci_get nginx _redirect2ssl >/dev/null 2>&1; then
|
||||
return 0
|
||||
return
|
||||
fi
|
||||
|
||||
uci_remove nginx _redirect2ssl listen
|
||||
@@ -32,19 +39,17 @@ update_default_nginx_listner() {
|
||||
}
|
||||
|
||||
move_sulu_to_443_and_80() {
|
||||
if ! config_load userinterface; then
|
||||
return 0
|
||||
uci_load userinterface
|
||||
if [ ! -f /etc/config/userinterface ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
set_port() {
|
||||
local protocol port
|
||||
|
||||
local protocol
|
||||
config_get protocol "$1" protocol
|
||||
config_get port "$1" port
|
||||
|
||||
if [ "$protocol" == "HTTPS" ] && [ "${port}" -eq "8443" ]; then
|
||||
if [ "$protocol" == "HTTPS" ]; then
|
||||
uci_set userinterface "$1" port "443"
|
||||
elif [ "$protocol" == "HTTP" ] && [ "${port}" -eq "8080" ]; then
|
||||
elif [ "$protocol" == "HTTP" ]; then
|
||||
uci_set userinterface "$1" port "80"
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -5,11 +5,11 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-theme-genexis
|
||||
PKG_VERSION:=5.1.7
|
||||
PKG_VERSION:=5.1.2
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/gnx/sulu-theme-genexis
|
||||
PKG_SOURCE_VERSION:=d329108aa49a0d57325cd8e639c80ba70c126f3f
|
||||
PKG_SOURCE_VERSION:=bf58defd238eaf4d9e42df68942df2c8f7c4f136
|
||||
PKG_MIRROR_HASH:=skip
|
||||
|
||||
include ../sulu-builder/sulu.mk
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-vendorext
|
||||
PKG_VERSION:=0.0.4
|
||||
PKG_VERSION:=0.0.1
|
||||
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
|
||||
@@ -22,13 +22,16 @@ define Build/Compile
|
||||
endef
|
||||
|
||||
define Package/sulu-vendorext/install
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_firewall.json $(1) firewallmngr
|
||||
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_CWMP.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_extra_info.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_guest_wifi_5.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_mesh.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_voip.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_wan.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_guest_wifi_2_4.json $(1) sysmngr
|
||||
|
||||
$(BBFDM_REGISTER_SERVICES) ./bbfdm_service.json $(1) suluvendorext
|
||||
$(BBFDM_INSTALL_MS_DM) ./extn/X_IOWRT_EU_MAPController.json $(1) suluvendorext
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_firewall.json $(1) firewallmngr
|
||||
|
||||
$(CP) ./files/* $(1)/
|
||||
endef
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"daemon": {
|
||||
"enable": "1",
|
||||
"service_name": "suluvendorext",
|
||||
"service_name": "hostmngr",
|
||||
"unified_daemon": false,
|
||||
"services": [
|
||||
{
|
||||
"parent_dm": "Device.",
|
||||
"object": "X_IOWRT_EU_MAPController"
|
||||
"object": "Hosts"
|
||||
}
|
||||
],
|
||||
"config": {
|
||||
|
||||
182
sulu/sulu-vendorext/extn/X_GENEXIS_EU_CWMP.json
Normal file
182
sulu/sulu-vendorext/extn/X_GENEXIS_EU_CWMP.json
Normal file
@@ -0,0 +1,182 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.CWMPManagementServer.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"dependency": "file:/etc/config/cwmp",
|
||||
"EnableCWMP": {
|
||||
"type": "boolean",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "cpe"
|
||||
},
|
||||
"option": {
|
||||
"name": "enable"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"log_to_console": {
|
||||
"type": "boolean",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "cpe"
|
||||
},
|
||||
"option": {
|
||||
"name": "log_to_console"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.CWMPManagementServer.acs.": {
|
||||
"type": "object",
|
||||
"version": "2.15",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"dependency": "file:/etc/config/cwmp",
|
||||
"url": {
|
||||
"type": "string",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "url"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"userid": {
|
||||
"type": "string",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "userid"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"password": {
|
||||
"type": "string",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "passwd"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"periodic_interval_enable": {
|
||||
"type": "boolean",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "periodic_inform_enable"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"periodic_inform_interval": {
|
||||
"type": "int",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "periodic_inform_interval"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
180
sulu/sulu-vendorext/extn/X_GENEXIS_EU_extra_info.json
Normal file
180
sulu/sulu-vendorext/extn/X_GENEXIS_EU_extra_info.json
Normal file
@@ -0,0 +1,180 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.external_info.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"support_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "support_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"faq_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "faq_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"contact_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "contact_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"contact_phone": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "contact_phone"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"contact_times": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "contact_times"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"livechat_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "livechat_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"extra_info": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "extra_info"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
168
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_2_4.json
Normal file
168
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_2_4.json
Normal file
@@ -0,0 +1,168 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.guest2.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"ssid": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
]
|
||||
},
|
||||
"encryption": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"key": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
167
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_5.json
Normal file
167
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_5.json
Normal file
@@ -0,0 +1,167 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.guest5.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"ssid": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
]
|
||||
},
|
||||
"encryption": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"key": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
416
sulu/sulu-vendorext/extn/X_GENEXIS_EU_mesh.json
Normal file
416
sulu/sulu-vendorext/extn/X_GENEXIS_EU_mesh.json
Normal file
@@ -0,0 +1,416 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU_mesh.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"meshmode": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "ubus",
|
||||
"ubus": {
|
||||
"object": "meshmode",
|
||||
"method": "status",
|
||||
"key": "mode"
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "ubus",
|
||||
"ubus": {
|
||||
"object": "meshmode",
|
||||
"method": "change_meshmode",
|
||||
"args": {
|
||||
"mode": "@Value"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"easymesh_controller_enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"default": true,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "controller"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"enable_sta_steer": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "@sta_steering[0]"
|
||||
},
|
||||
"option": {
|
||||
"name": "enable_sta_steer"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"use_bcn_metrics": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "@sta_steering[0]"
|
||||
},
|
||||
"option": {
|
||||
"name": "use_bcn_metrics"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"sta_steering_enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "@sta_steering[0]"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"ApNumberOfEntries": {
|
||||
"type": "unsignedInt",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"read": true,
|
||||
"write": false,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap"
|
||||
},
|
||||
"option": {
|
||||
"name": "@Count"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"Device.DeviceInfo.X_GENEXIS_EU_mesh.ap.{i}.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": true,
|
||||
"array": true,
|
||||
"mapping": {
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap"
|
||||
},
|
||||
"dmmapfile": "dmmap_mapcontroller"
|
||||
}
|
||||
},
|
||||
"ssid": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"datatype": "string",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"band": {
|
||||
"type": "unsignedInt",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"enumerations": [
|
||||
"2",
|
||||
"5",
|
||||
"6"
|
||||
],
|
||||
"datatype": "string",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "band"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"encryption": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"enumerations": [
|
||||
"sae",
|
||||
"sae+aes",
|
||||
"psk2",
|
||||
"psk2+aes",
|
||||
"sae-mixed",
|
||||
"sae-mixed+aes",
|
||||
"none",
|
||||
"psk-mixed",
|
||||
"psk-mixed+aes",
|
||||
"psk",
|
||||
"psk+aes"
|
||||
],
|
||||
"datatype": "string",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"key": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"datatype": "string",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vid": {
|
||||
"type": "unsignedInt",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"datatype": "string",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "vid"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"ap_type": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"enumerations": [
|
||||
"fronthaul",
|
||||
"backhaul",
|
||||
"combined"
|
||||
],
|
||||
"datatype": "string",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "type"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"builtin": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"datatype": "boolean",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "builtin"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"datatype": "boolean",
|
||||
"default": true,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap",
|
||||
"index": "@{i-1}"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
73
sulu/sulu-vendorext/extn/X_GENEXIS_EU_voip.json
Normal file
73
sulu/sulu-vendorext/extn/X_GENEXIS_EU_voip.json
Normal file
@@ -0,0 +1,73 @@
|
||||
{
|
||||
"json_plugin_version": 2,
|
||||
"Device.Services.VoiceService.{i}.SIP.Client.{i}.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": true,
|
||||
"array": true,
|
||||
"X_GENEXIS_EU_reset": {
|
||||
"type": "string",
|
||||
"read": false,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "ubus",
|
||||
"ubus": {
|
||||
"object": "voip",
|
||||
"method": "reset",
|
||||
"args": {
|
||||
"sip": "@Value"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"X_GENEXIS_EU_reset()": {
|
||||
"type": "command",
|
||||
"async": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"input": {
|
||||
"sip": {
|
||||
"type": "string",
|
||||
"read": "true",
|
||||
"write": "true",
|
||||
"protocols": [
|
||||
"usp"
|
||||
]
|
||||
}
|
||||
},
|
||||
"output": {
|
||||
"result": {
|
||||
"type": "string",
|
||||
"read": "true",
|
||||
"write": "false",
|
||||
"protocols": [
|
||||
"usp"
|
||||
]
|
||||
}
|
||||
},
|
||||
"mapping": [
|
||||
{
|
||||
"type": "ubus",
|
||||
"ubus": {
|
||||
"object": "voip",
|
||||
"method": "reset",
|
||||
"args": {
|
||||
"sip": "@Input.sip"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,353 +0,0 @@
|
||||
{
|
||||
"json_plugin_version": 2,
|
||||
"Device.X_IOWRT_EU_MAPController.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"Device.X_IOWRT_EU_MAPController.Controller.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"dependency": "file:/etc/config/mapcontroller",
|
||||
"Enable": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"default": true,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "controller"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"ChannelPlan": {
|
||||
"type": "unsignedInt",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "controller"
|
||||
},
|
||||
"option": {
|
||||
"name": "channel_plan_interval"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"AllowBackgroundDFS": {
|
||||
"type": "unsignedInt",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "controller"
|
||||
},
|
||||
"option": {
|
||||
"name": "bgdfs_interval"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"TrafficSeparation": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "controller"
|
||||
},
|
||||
"option": {
|
||||
"name": "traffic_separation"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"InitialChannelScan": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "controller"
|
||||
},
|
||||
"option": {
|
||||
"name": "initial_scan"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"Device.X_IOWRT_EU_MAPController.AccessPoint.{i}.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": true,
|
||||
"array": true,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"type": "ap"
|
||||
},
|
||||
"dmmapfile": "dmmap_mapcontroller"
|
||||
}
|
||||
}
|
||||
],
|
||||
"Band": {
|
||||
"type": "string",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "band"
|
||||
}
|
||||
]
|
||||
},
|
||||
"SSID": {
|
||||
"type": "string",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "ssid"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Encryption": {
|
||||
"type": "string",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "encryption"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Key": {
|
||||
"type": "string",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"flags": [
|
||||
"Secure"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "key"
|
||||
}
|
||||
]
|
||||
},
|
||||
"HaulType": {
|
||||
"type": "string",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"default": "fronthaul",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "type"
|
||||
}
|
||||
]
|
||||
},
|
||||
"NetworkType": {
|
||||
"type": "string",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"default": "Primary",
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "network_type"
|
||||
}
|
||||
]
|
||||
},
|
||||
"VID": {
|
||||
"type": "unsignedInt",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"default": 1,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "vid"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Enable": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"default": true,
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci_sec",
|
||||
"data": "@Parent",
|
||||
"key": "enabled"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"Device.X_IOWRT_EU_MAPController.STASteering.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"dependency": "file:/etc/config/mapcontroller",
|
||||
"STASteering": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "sta_steering"
|
||||
},
|
||||
"option": {
|
||||
"name": "enable_sta_steer"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"BackhaulSTASteering": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "sta_steering"
|
||||
},
|
||||
"option": {
|
||||
"name": "enable_bsta_steer"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"BandSteering": {
|
||||
"type": "boolean",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "sta_steering"
|
||||
},
|
||||
"option": {
|
||||
"name": "bandsteer"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
92
sulu/sulu-vendorext/files/etc/init.d/hmg_ap_to_mld_creds_sync
Executable file
92
sulu/sulu-vendorext/files/etc/init.d/hmg_ap_to_mld_creds_sync
Executable file
@@ -0,0 +1,92 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
|
||||
START=97
|
||||
USE_PROCD=1
|
||||
|
||||
start_service() {
|
||||
# --- STEP 1: process fronthaul APs with mld_id ---
|
||||
mld_ids=$(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1 | while read -r ap; do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
uci -q get "$ap.mld_id"
|
||||
done | sort -u | grep -v '^$')
|
||||
|
||||
for mld_id in $mld_ids; do
|
||||
ap_list=""
|
||||
ssid_ref=""
|
||||
key_ref=""
|
||||
ssid_mismatch=0
|
||||
|
||||
# collect all fronthaul APs with this mld_id
|
||||
for ap in $(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
cur_id=$(uci -q get "$ap.mld_id")
|
||||
[ "$cur_id" = "$mld_id" ] || continue
|
||||
|
||||
cur_ssid=$(uci -q get "$ap.ssid")
|
||||
cur_key=$(uci -q get "$ap.key")
|
||||
|
||||
ap_list="$ap_list $ap"
|
||||
|
||||
if [ -z "$ssid_ref" ]; then
|
||||
ssid_ref="$cur_ssid"
|
||||
key_ref="$cur_key"
|
||||
elif [ "$cur_ssid" != "$ssid_ref" ]; then
|
||||
ssid_mismatch=1
|
||||
fi
|
||||
done
|
||||
|
||||
if [ "$ssid_mismatch" -eq 1 ]; then
|
||||
for ap in $ap_list; do
|
||||
logger -t mldsync "Removing mld_id from $ap due to SSID mismatch"
|
||||
uci -q delete "$ap.mld_id"
|
||||
done
|
||||
else
|
||||
for mld in $(uci show mapcontroller | grep "^mapcontroller.@mld\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$mld.id")" = "$mld_id" ] || continue
|
||||
logger -t mldsync "Updating $mld with ssid=$ssid_ref and key=$key_ref"
|
||||
uci -q set "$mld.ssid=$ssid_ref"
|
||||
uci -q set "$mld.key=$key_ref"
|
||||
done
|
||||
fi
|
||||
done
|
||||
|
||||
# --- STEP 2: handle fronthaul APs with no mld_id but same SSID ---
|
||||
for ssid in $(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1 | while read -r ap; do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
[ -z "$(uci -q get "$ap.mld_id")" ] || continue
|
||||
uci -q get "$ap.ssid"
|
||||
done | sort | uniq); do
|
||||
ap_group=""
|
||||
key_ref=""
|
||||
count=0
|
||||
|
||||
for ap in $(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
[ "$(uci -q get "$ap.ssid")" = "$ssid" ] || continue
|
||||
[ -z "$(uci -q get "$ap.mld_id")" ] || continue
|
||||
ap_group="$ap_group $ap"
|
||||
key_ref=$(uci -q get "$ap.key")
|
||||
count=$((count + 1))
|
||||
done
|
||||
|
||||
[ "$count" -lt 2 ] && continue
|
||||
|
||||
for ap in $ap_group; do
|
||||
logger -t mldsync "Assigning mld_id=1 to $ap (ssid=$ssid)"
|
||||
uci -q set "$ap.mld_id=1"
|
||||
done
|
||||
|
||||
for mld in $(uci show mapcontroller | grep "^mapcontroller.@mld\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$mld.id")" = "1" ] || continue
|
||||
logger -t mldsync "Updating $mld with ssid=$ssid and key=$key_ref (from unassigned group)"
|
||||
uci -q set "$mld.ssid=$ssid"
|
||||
uci -q set "$mld.key=$key_ref"
|
||||
done
|
||||
done
|
||||
|
||||
uci -q commit mapcontroller
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger "mapcontroller"
|
||||
}
|
||||
@@ -2,9 +2,8 @@
|
||||
# shellcheck disable=SC1091,SC3043,SC3043
|
||||
|
||||
. /usr/share/libubox/jshn.sh
|
||||
. /lib/functions/network.sh
|
||||
|
||||
persistent_file="/tmp/sulu.json"
|
||||
persistent_file="/opconf/user.json"
|
||||
|
||||
init_json() {
|
||||
json_init
|
||||
@@ -15,33 +14,7 @@ init_json() {
|
||||
fi
|
||||
|
||||
if ! json_select "wan" >/dev/null; then
|
||||
local current_dev=""
|
||||
local current_proto=""
|
||||
local current_vid=""
|
||||
local current_mtu=""
|
||||
local current_username=""
|
||||
local current_password=""
|
||||
local default_gw_interface=""
|
||||
# Load current settings
|
||||
network_find_wan default_gw_interface
|
||||
[ -z "${default_gw_interface}" ] && default_gw_interface="wan"
|
||||
current_dev="$(uci -q get network."${default_gw_interface}".device)"
|
||||
current_proto="$(uci -q get network."${default_gw_interface}".proto || echo "dhcp")"
|
||||
current_vid="$(uci -q get network."${current_dev}".vid)"
|
||||
current_mtu="$(uci -q get network."${default_gw_interface}".mtu)"
|
||||
if [ "pppoe" = "${current_proto}" ]; then
|
||||
current_username="$(uci -q get network."${default_gw_interface}".username)"
|
||||
current_password="$(uci -q get network."${default_gw_interface}".password)"
|
||||
fi
|
||||
json_add_array "wan"
|
||||
json_add_object
|
||||
json_add_string "name" "wan"
|
||||
json_add_string "proto" "${current_proto}"
|
||||
[ -n "${current_vid}" ] && json_add_int "vlan_id" "${current_vid}"
|
||||
[ -n "${current_mtu}" ] && json_add_int "mtu" "${current_mtu}"
|
||||
[ -n "${current_username}" ] && json_add_string "username" "${current_username}"
|
||||
[ -n "${current_password}" ] && json_add_string "password" "${current_password}"
|
||||
json_close_object
|
||||
fi
|
||||
json_close_object
|
||||
json_close_object
|
||||
@@ -58,13 +31,11 @@ save_and_exit() {
|
||||
|
||||
save_userconf() {
|
||||
json_dump >"${persistent_file}"
|
||||
# reload opconf to apply changes from persistent file, discarding output
|
||||
opconf "${persistent_file}" > /dev/null 2>&1
|
||||
# Commit network changes
|
||||
opconf "${persistent_file}"
|
||||
ubus call uci commit '{"config": "network"}'
|
||||
}
|
||||
|
||||
# Create skeleton file if it doesn't exists after that load in $persistent_file
|
||||
# Create skeleton file if it doesn't exists after that load in user.json
|
||||
init_json
|
||||
|
||||
go_L2() {
|
||||
@@ -161,9 +132,6 @@ set_wan_param() {
|
||||
vid | vland_id)
|
||||
json_add_int "vlan_id" "${value}"
|
||||
;;
|
||||
mtu)
|
||||
json_add_int "mtu" "${value}"
|
||||
;;
|
||||
*)
|
||||
logger "sulu_functions: Unkown name '${name}' in set_wan_param"
|
||||
;;
|
||||
@@ -171,7 +139,7 @@ set_wan_param() {
|
||||
json_close_object
|
||||
json_select ..
|
||||
json_select ..
|
||||
logger -s "sulu_functions Name: '${name}'='${value}'"
|
||||
logger -s "Name: '${name}'='${value}'"
|
||||
save_userconf
|
||||
json_set_namespace old_cb
|
||||
}
|
||||
@@ -190,7 +158,7 @@ get_wan_value() {
|
||||
*) ;;
|
||||
esac
|
||||
|
||||
for json_file in /opconf/*.json ${persistent_file}; do
|
||||
for json_file in /opconf/*.json; do
|
||||
value_from_opconf="$(jsonfilter -e "@.network.wan[@.name='wan'].${variable_name}" <"${json_file}")"
|
||||
[ -n "${value_from_opconf}" ] && final_config="${value_from_opconf}"
|
||||
done
|
||||
|
||||
@@ -57,18 +57,15 @@ set_fwmode() {
|
||||
case "$mode" in
|
||||
low)
|
||||
# add rule for incoming gateway
|
||||
json_init
|
||||
json_load "$(ubus -S call genexis.wan status)"
|
||||
json_load "$(ubus call heimgard.wan status)"
|
||||
json_get_var gateway gateway
|
||||
|
||||
if [ -n "$gateway" ]; then
|
||||
uci set firewall.${allow_gw_rule}=rule
|
||||
uci set firewall.${allow_gw_rule}.name='Allow-Gateway-In'
|
||||
uci set firewall.${allow_gw_rule}.src='wan'
|
||||
uci set firewall.${allow_gw_rule}.src_ip="$gateway"
|
||||
uci set firewall.${allow_gw_rule}.target='ACCEPT'
|
||||
uci reorder firewall.${allow_gw_rule}=1
|
||||
fi
|
||||
uci set firewall.${allow_gw_rule}=rule
|
||||
uci set firewall.${allow_gw_rule}.name='Allow-Gateway-In'
|
||||
uci set firewall.${allow_gw_rule}.src='wan'
|
||||
uci set firewall.${allow_gw_rule}.src_ip="$gateway"
|
||||
uci set firewall.${allow_gw_rule}.target='ACCEPT'
|
||||
uci reorder firewall.${allow_gw_rule}=1
|
||||
;;
|
||||
medium)
|
||||
uci set firewall.wan.input='DROP'
|
||||
|
||||
@@ -99,7 +99,7 @@ call)
|
||||
read -r input
|
||||
_param="$(echo "$input" | jsonfilter -e '@.param')"
|
||||
value="$(echo "$input" | jsonfilter -e '@.value')"
|
||||
logger -t "genexis.wan" "_param: ${_param} value: ${value}"
|
||||
logger -t "heimgard.wan" "_param: ${_param} value: ${value}"
|
||||
json_init
|
||||
reply="$(set_wan_param "$_param" "$value")"
|
||||
json_add_string "status" "${reply}"
|
||||
|
||||
@@ -7,9 +7,10 @@ init_json
|
||||
|
||||
get_netmode() {
|
||||
local _netmode
|
||||
local persistent_file="/opconf/user.json"
|
||||
if [ -f "${persistent_file}" ]; then
|
||||
json_init
|
||||
json_load_file "${persistent_file}"
|
||||
json_load_file '/opconf/user.json'
|
||||
if json_select netmode; then
|
||||
json_get_var _netmode current "unknown"
|
||||
json_select ..
|
||||
|
||||
@@ -85,7 +85,6 @@ migrate_timemngr_config() {
|
||||
fi
|
||||
|
||||
uci -q delete system.ntp
|
||||
return 0
|
||||
}
|
||||
|
||||
migrate_timemngr_config
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=tr143
|
||||
PKG_VERSION:=1.1.3.2
|
||||
PKG_VERSION:=1.1.3.1
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/tr143d.git
|
||||
PKG_SOURCE_VERSION:=54c76c7afd4eb45d929f3512e96f572f2ad4e2ea
|
||||
PKG_SOURCE_VERSION:=1a10867d639afeb535d6c639b95b25648eb4ef7b
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
if PACKAGE_usermngr
|
||||
|
||||
config USERMNGR_SECURITY_HARDENING
|
||||
bool "Security hardening mechanisms"
|
||||
default y
|
||||
help
|
||||
Enable this option to use PAM based faillock, passwdqc, faildelay for security hardening.
|
||||
endif
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=usermngr
|
||||
PKG_VERSION:=1.4.1
|
||||
PKG_VERSION:=1.3.10
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/usermngr.git
|
||||
PKG_SOURCE_VERSION:=b8611c2b71a178bc4bfd4161be4e5b6513b45e57
|
||||
PKG_SOURCE_VERSION:=37db3e216e508b19228479f39b935caa61815d06
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
@@ -28,14 +28,9 @@ define Package/usermngr
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
SUBMENU:=TRx69
|
||||
DEPENDS:=+shadow-utils +libopenssl +libuci +libubox +ubus
|
||||
DEPENDS:= +shadow-utils +libopenssl +libuci +libubox +ubus
|
||||
DEPENDS+=+libbbfdm-api +libbbfdm-ubus +bbfdmd
|
||||
DEPENDS+=+@BUSYBOX_CONFIG_ADDUSER +@BUSYBOX_CONFIG_DELUSER +@BUSYBOX_CONFIG_ADDGROUP +@BUSYBOX_CONFIG_DELGROUP +shadow-usermod
|
||||
DEPENDS+=+@BUSYBOX_CONFIG_CMP
|
||||
DEPENDS+=+@SHADOW_UTILS_USE_PAM
|
||||
DEPENDS+=+@USERMNGR_SECURITY_HARDENING:BUSYBOX_CONFIG_PAM
|
||||
DEPENDS+=+USERMNGR_SECURITY_HARDENING:linux-pam
|
||||
DEPENDS+=+USERMNGR_SECURITY_HARDENING:passwdqc
|
||||
TITLE:=Package to add Device.Users. datamodel support
|
||||
endef
|
||||
|
||||
@@ -43,10 +38,6 @@ define Package/usermngr/description
|
||||
Package to add Device.Users. datamodel support
|
||||
endef
|
||||
|
||||
define Package/$(PKG_NAME)/config
|
||||
source "$(SOURCE)/Config.in"
|
||||
endef
|
||||
|
||||
ifeq ($(LOCAL_DEV),1)
|
||||
define Build/Prepare
|
||||
$(CP) -rf ~/git/usermngr/* $(PKG_BUILD_DIR)/
|
||||
@@ -61,10 +52,6 @@ define Package/usermngr/install
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/91-sync-shells $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/91-sync-roles $(1)/etc/uci-defaults/
|
||||
ifeq ($(CONFIG_USERMNGR_SECURITY_HARDENING),y)
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/91-security-hardening $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/91-set-ssh-pam $(1)/etc/uci-defaults/
|
||||
endif
|
||||
$(INSTALL_BIN) ./files/etc/init.d/users $(1)/etc/init.d/users
|
||||
$(INSTALL_BIN) ./files/etc/config/users $(1)/etc/config/users
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usermngr $(1)/usr/sbin/usermngr
|
||||
|
||||
@@ -1,17 +1,3 @@
|
||||
config security_policy 'security_policy'
|
||||
option enabled '1'
|
||||
option fail_delay '3'
|
||||
option faillock_attempts '6'
|
||||
option faillock_lockout_time '300'
|
||||
|
||||
config passwdqc 'passwdqc'
|
||||
option enabled '1'
|
||||
option min 'disabled,disabled,disabled,8,8'
|
||||
option max '20'
|
||||
option passphrase '0'
|
||||
option retry '3'
|
||||
option enforce 'everyone'
|
||||
|
||||
config users 'users'
|
||||
option enabled '1'
|
||||
option loglevel '3'
|
||||
|
||||
@@ -6,179 +6,11 @@ USE_PROCD=1
|
||||
|
||||
PROG=/usr/sbin/usermngr
|
||||
|
||||
# List of required .so files
|
||||
REQUIRED_MODULES="
|
||||
/usr/lib/security/pam_faildelay.so
|
||||
/usr/lib/security/pam_faillock.so
|
||||
/usr/lib/security/pam_unix.so
|
||||
/usr/lib/security/pam_deny.so
|
||||
/usr/lib/security/pam_permit.so
|
||||
/usr/lib/security/pam_passwdqc.so
|
||||
"
|
||||
|
||||
check_required_modules() {
|
||||
for mod in $REQUIRED_MODULES; do
|
||||
if [ ! -f "$mod" ]; then
|
||||
logger -p err -t usermngr "ERROR: Cannot setup security policy, missing PAM module: $mod"
|
||||
return 1
|
||||
fi
|
||||
done
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
write_line() {
|
||||
local filepath="$1"
|
||||
local line="$2"
|
||||
|
||||
echo "$line" >> "$filepath"
|
||||
}
|
||||
|
||||
compare_and_replace() {
|
||||
local src dst
|
||||
src="$1"
|
||||
dst="$2"
|
||||
|
||||
if [ ! -f "$dst" ] || ! cmp -s "$src" "$dst"; then
|
||||
cp "$src" "$dst"
|
||||
logger -t pam_policy_setup "Updated $dst"
|
||||
fi
|
||||
}
|
||||
|
||||
update_auth() {
|
||||
# Write /etc/pam.d/common-auth
|
||||
local tmp_file pam_file
|
||||
tmp_file="/tmp/common-auth"
|
||||
pam_file="/etc/pam.d/common-auth"
|
||||
|
||||
rm -f "$tmp_file"
|
||||
touch "$tmp_file"
|
||||
|
||||
if [ "$enabled" != "0" ]; then
|
||||
write_line "$tmp_file" "auth optional pam_faildelay.so delay=$faildelay_usec"
|
||||
write_line "$tmp_file" "auth required pam_faillock.so preauth deny=$faillock_attempts even_deny_root unlock_time=$faillock_lockout_time"
|
||||
fi
|
||||
|
||||
write_line "$tmp_file" "auth sufficient pam_unix.so nullok_secure"
|
||||
|
||||
if [ "$enabled" != "0" ]; then
|
||||
write_line "$tmp_file" "auth [default=die] pam_faillock.so authfail audit deny=$faillock_attempts even_deny_root unlock_time=$faillock_lockout_time"
|
||||
write_line "$tmp_file" ""
|
||||
fi
|
||||
|
||||
write_line "$tmp_file" "auth requisite pam_deny.so"
|
||||
write_line "$tmp_file" "auth required pam_permit.so"
|
||||
|
||||
compare_and_replace "$tmp_file" "$pam_file"
|
||||
}
|
||||
|
||||
build_pam_passwdqc_line() {
|
||||
local base="password requisite pam_passwdqc.so"
|
||||
local k v line
|
||||
|
||||
for line in $(uci show users.passwdqc 2>/dev/null); do
|
||||
case "$line" in
|
||||
users.passwdqc=*) continue ;;
|
||||
users.passwdqc.enabled=*) continue ;;
|
||||
esac
|
||||
|
||||
k="${line%%=*}"
|
||||
k="${k#users.passwdqc.}"
|
||||
v="${line#*=}"
|
||||
v="${v%\'}"
|
||||
v="${v#\'}"
|
||||
base="$base $k=$v"
|
||||
done
|
||||
|
||||
echo "$base"
|
||||
}
|
||||
|
||||
# NOTE:
|
||||
# for some reason setting min 8 makes passwdqc accept minimum 12 letter password with this configuration
|
||||
# if we set it to 12 then we need atleast 16 characters and so on
|
||||
# passphrase = 0 means no space separated words
|
||||
# passphrase = N means the number of words required for a passphrase or 0 to disable the support for user-chosen passphrases.
|
||||
# rest can be figured out from passwdqc man page
|
||||
update_password() {
|
||||
local tmp_file pam_file enabled line
|
||||
tmp_file="/tmp/common-password"
|
||||
pam_file="/etc/pam.d/common-password"
|
||||
enabled=1
|
||||
|
||||
rm -f "$tmp_file"
|
||||
touch "$tmp_file"
|
||||
|
||||
# Check if section exists
|
||||
if uci -q get users.passwdqc >/dev/null 2>&1; then
|
||||
# if enabled is not present it is assumed to be 0
|
||||
enabled=$(uci -q get users.passwdqc.enabled || echo "0")
|
||||
if [ "$enabled" != "0" ]; then
|
||||
line="$(build_pam_passwdqc_line)"
|
||||
write_line "$tmp_file" "$line"
|
||||
fi
|
||||
fi
|
||||
|
||||
write_line "$tmp_file" "password [success=1 default=ignore] pam_unix.so obscure sha512"
|
||||
write_line "$tmp_file" ""
|
||||
write_line "$tmp_file" "password requisite pam_deny.so"
|
||||
write_line "$tmp_file" "password required pam_permit.so"
|
||||
|
||||
compare_and_replace "$tmp_file" "$pam_file"
|
||||
}
|
||||
|
||||
update_account() {
|
||||
# Write /etc/pam.d/common-account
|
||||
local tmp_file pam_file
|
||||
tmp_file="/tmp/common-account"
|
||||
pam_file="/etc/pam.d/common-account"
|
||||
|
||||
rm -f "$tmp_file"
|
||||
touch "$tmp_file"
|
||||
|
||||
if [ "$enabled" != "0" ]; then
|
||||
write_line "$tmp_file" "account required pam_faillock.so"
|
||||
fi
|
||||
|
||||
write_line "$tmp_file" "account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so"
|
||||
write_line "$tmp_file" ""
|
||||
write_line "$tmp_file" "account requisite pam_deny.so"
|
||||
write_line "$tmp_file" "account required pam_permit.so"
|
||||
|
||||
compare_and_replace "$tmp_file" "$pam_file"
|
||||
}
|
||||
|
||||
handle_security_policy() {
|
||||
local enabled faildelay faillock_lockout_time faillock_attempts faildelay_usec
|
||||
|
||||
# Read UCI values
|
||||
enabled="$(uci -q get users.security_policy.enabled)"
|
||||
faildelay="$(uci -q get users.security_policy.fail_delay)"
|
||||
faillock_lockout_time="$(uci -q get users.security_policy.faillock_lockout_time)"
|
||||
faillock_attempts="$(uci -q get users.security_policy.faillock_attempts)"
|
||||
|
||||
# if any .so files are missing, then we cannot setup security
|
||||
if ! check_required_modules; then
|
||||
return
|
||||
fi
|
||||
|
||||
[ -n "$faildelay" ] || faildelay=3
|
||||
[ -n "$faillock_attempts" ] || faillock_attempts=6
|
||||
[ -n "$faillock_lockout_time" ] || faillock_lockout_time=300
|
||||
# Convert seconds to microseconds for pam_faildelay
|
||||
faildelay_usec=$((faildelay * 1000000))
|
||||
|
||||
update_auth
|
||||
update_account
|
||||
update_password
|
||||
}
|
||||
|
||||
start_service() {
|
||||
local loglevel
|
||||
|
||||
loglevel="$(uci -q get users.users.loglevel)"
|
||||
|
||||
handle_security_policy
|
||||
|
||||
procd_open_instance usermngr
|
||||
procd_set_param command $PROG
|
||||
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Create default security_policy section if missing
|
||||
if ! uci -q get users.security_policy; then
|
||||
uci -q set users.security_policy='security_policy'
|
||||
uci -q set users.security_policy.enabled='1'
|
||||
uci -q set users.security_policy.fail_delay='3'
|
||||
uci -q set users.security_policy.faillock_attempts='6'
|
||||
uci -q set users.security_policy.faillock_lockout_time='300'
|
||||
fi
|
||||
|
||||
# Create default passwdqc section if missing
|
||||
if ! uci -q get users.passwdqc; then
|
||||
uci -q set users.passwdqc='passwdqc'
|
||||
uci -q set users.passwdqc.enabled='1'
|
||||
uci -q set users.passwdqc.min='disabled,disabled,disabled,8,8'
|
||||
uci -q set users.passwdqc.max='20'
|
||||
uci -q set users.passwdqc.passphrase='0'
|
||||
uci -q set users.passwdqc.retry='3'
|
||||
uci -q set users.passwdqc.enforce='everyone'
|
||||
fi
|
||||
|
||||
exit 0
|
||||
@@ -1,7 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ -f /etc/config/sshd ]; then
|
||||
uci -q set sshd.@sshd[0].UsePAM=1
|
||||
fi
|
||||
|
||||
exit 0
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=wifidmd
|
||||
PKG_VERSION:=1.1.33.3
|
||||
PKG_VERSION:=1.1.33.2
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/wifidmd.git
|
||||
PKG_SOURCE_VERSION:=98dbea71e67b4fb962fc5abd6657d143a12b39e4
|
||||
PKG_SOURCE_VERSION:=900fdca6e18dce382c99fbfcbca81b7e90cc5598
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -4,7 +4,7 @@ menu "Configurations"
|
||||
|
||||
config WIFIMNGR_CACHE_SCANRESULTS
|
||||
bool "Cache scan results"
|
||||
default n
|
||||
default y
|
||||
|
||||
endmenu
|
||||
endif
|
||||
|
||||
@@ -6,12 +6,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=wifimngr
|
||||
PKG_VERSION:=17.7.7
|
||||
PKG_VERSION:=17.7.6
|
||||
|
||||
LOCAL_DEV=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=af4fb95993a41210f558d5e8a65c0c1597b7db41
|
||||
PKG_SOURCE_VERSION:=e16058225dc5e9fb819029fff48cb3a5cc658a98
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/wifimngr.git
|
||||
PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@genexis.eu>
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
|
||||
|
||||
Reference in New Issue
Block a user