project/unetd.git
2 days agounet-tool: add support for dumping pubkey from signed file
Felix Fietkau [Sun, 15 Dec 2024 17:01:34 +0000 (18:01 +0100)]
unet-tool: add support for dumping pubkey from signed file

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 days agounet-tool: add support for generating keys from salt + seed passphrase
Felix Fietkau [Fri, 13 Dec 2024 16:56:36 +0000 (17:56 +0100)]
unet-tool: add support for generating keys from salt + seed passphrase

Uses PBKDF2-HMAC-SHA512 with configurable number of rounds to derive the key

Signed-off-by: Felix Fietkau <nbd@nbd.name>
7 weeks agohost: fix peer routes on a node acting as gateway
Felix Fietkau [Wed, 23 Oct 2024 15:11:25 +0000 (17:11 +0200)]
host: fix peer routes on a node acting as gateway

When acting as a gateway for a peer, add its addresses as allowed ips locally

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 months agobpf_skb_utils.h: add missing include to fix build against newer kernel headers
Felix Fietkau [Fri, 20 Sep 2024 21:12:26 +0000 (23:12 +0200)]
bpf_skb_utils.h: add missing include to fix build against newer kernel headers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
8 months agounet-cli: strip initial newline in usage message
Felix Fietkau [Sun, 31 Mar 2024 17:40:41 +0000 (19:40 +0200)]
unet-cli: strip initial newline in usage message

Signed-off-by: Felix Fietkau <nbd@nbd.name>
8 months agounet-cli: emit id by default
Felix Fietkau [Sun, 31 Mar 2024 15:56:45 +0000 (17:56 +0200)]
unet-cli: emit id by default

Use the public auth key as id. This provides more entropy for the network id

Signed-off-by: Felix Fietkau <nbd@nbd.name>
8 months agonetwork: fix endian issue in converting port to network id
Felix Fietkau [Sun, 31 Mar 2024 15:56:21 +0000 (17:56 +0200)]
network: fix endian issue in converting port to network id

Use little endian to remain compatible with most systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
8 months agopex: fix endian issues on config transfer
Felix Fietkau [Tue, 19 Mar 2024 08:57:36 +0000 (09:57 +0100)]
pex: fix endian issues on config transfer

Fixes transferring network config between big-endian and little-endian devices.
Please note that on little-endian this makes patched and unpatched devices
incompatible to each other, since protocol fields are changed to big-endian.

Reported-by: Paul Spooren <mail@aparcar.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
15 months agopex: do not query for hosts with a gateway
Felix Fietkau [Mon, 21 Aug 2023 20:36:01 +0000 (22:36 +0200)]
pex: do not query for hosts with a gateway

If we're not the gateway, we don't care about the result
If we are the gateway, nobody else will have the answer

Signed-off-by: Felix Fietkau <nbd@nbd.name>
15 months agopex: do not send peer notifications for hosts with a gateway
Felix Fietkau [Mon, 21 Aug 2023 20:31:34 +0000 (22:31 +0200)]
pex: do not send peer notifications for hosts with a gateway

These notifications will be useless to all other hosts

Signed-off-by: Felix Fietkau <nbd@nbd.name>
15 months agopex: track indirect hosts (reachable via gateway) as peers without adding them to wg
Felix Fietkau [Mon, 21 Aug 2023 20:27:37 +0000 (22:27 +0200)]
pex: track indirect hosts (reachable via gateway) as peers without adding them to wg

This allows other hosts to respond to them via global PEX, in order to help
them find their gateway

Signed-off-by: Felix Fietkau <nbd@nbd.name>
16 months agopex: after receiving data update req, notify peer of local address/port
Felix Fietkau [Thu, 17 Aug 2023 14:46:32 +0000 (16:46 +0200)]
pex: after receiving data update req, notify peer of local address/port

This helps in situations where a server with a public IP is being used as
a gateway for peers behind NAT.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
18 months agowg-linux: increase default messages size
Felix Fietkau [Wed, 31 May 2023 08:41:16 +0000 (10:41 +0200)]
wg-linux: increase default messages size

Makes the need for splitting messages less likely

Signed-off-by: Felix Fietkau <nbd@nbd.name>
18 months agowg-linux: add support for splitting netlink messages for allowed ips
Felix Fietkau [Wed, 31 May 2023 08:40:40 +0000 (10:40 +0200)]
wg-linux: add support for splitting netlink messages for allowed ips

Fixes an issue when too many allowed ips are set for one peer
(e.g. when using a gateway)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
18 months agohost: fix crash parsing gateway when no endpoint is specified
Felix Fietkau [Tue, 30 May 2023 18:11:13 +0000 (20:11 +0200)]
host: fix crash parsing gateway when no endpoint is specified

Signed-off-by: Felix Fietkau <nbd@nbd.name>
18 months agopex-msg: fix memory leak on fread fail in pex_msg_update_request_init
Christian Marangi [Fri, 26 May 2023 17:25:35 +0000 (19:25 +0200)]
pex-msg: fix memory leak on fread fail in pex_msg_update_request_init

Fix Coverty Scan CID 1521052 memory leak on fread fail in
pex_msg_update_request_init.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agoutils: fix ipv4 checksum issue
Felix Fietkau [Fri, 5 May 2023 12:37:19 +0000 (14:37 +0200)]
utils: fix ipv4 checksum issue

The parameter order for protocol and length was accidentally reversed,
leading to issues for packets > 256 bytes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
22 months agonetwork: prevent adding endpoint routes for addresses on the network
Felix Fietkau [Fri, 17 Feb 2023 11:32:52 +0000 (12:32 +0100)]
network: prevent adding endpoint routes for addresses on the network

Sometimes a peer might be reachable only over another peer. In that case
PEX could announce an endpoint address already covered by the network routes.
When connecting, asking netifd to route that address breaks access, since
it's only reachable over unet.
Detect this case and skip the netifd host route request.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: add stun server list editing support
Felix Fietkau [Fri, 16 Sep 2022 19:21:28 +0000 (21:21 +0200)]
unet-cli: add stun server list editing support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: update last query sent timestamp
Felix Fietkau [Fri, 16 Sep 2022 19:14:20 +0000 (21:14 +0200)]
pex: update last query sent timestamp

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: avoid sending a query to a host more than once every 15 seconds
Felix Fietkau [Fri, 16 Sep 2022 18:18:33 +0000 (20:18 +0200)]
pex: avoid sending a query to a host more than once every 15 seconds

Avoids unnecessary packet spam

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agohost: keep multiple endpoint candidates, one for each type
Felix Fietkau [Fri, 16 Sep 2022 18:14:14 +0000 (20:14 +0200)]
host: keep multiple endpoint candidates, one for each type

Some discovery methods might be more reliable than others. Avoid having
them overwrite each other's discovery result

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: automatically create host entries from incoming endpoint port notifications
Felix Fietkau [Fri, 16 Sep 2022 16:47:11 +0000 (18:47 +0200)]
pex: automatically create host entries from incoming endpoint port notifications

Improves turnaround time on initial connect

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: add DHT support
Felix Fietkau [Fri, 16 Sep 2022 16:37:48 +0000 (18:37 +0200)]
unet-cli: add DHT support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: improve handling of a longer list of PEX hosts
Felix Fietkau [Fri, 16 Sep 2022 13:25:20 +0000 (15:25 +0200)]
pex: improve handling of a longer list of PEX hosts

Instead of rotating and picking one every 5 seconds, pick one from the list
every 500ms, but enforce a minimum interval of 10 seconds per host between
pings

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: add support for figuring out the external data port via STUN servers
Felix Fietkau [Fri, 16 Sep 2022 09:00:15 +0000 (11:00 +0200)]
pex: add support for figuring out the external data port via STUN servers

When establishing a direct connection on the auth/PEX port via DHT, both sides
need to know the externally mapped data port number in order to establish a
wireguard connection.
If there is an existing data connection, the port can be queried via PEX
over the tunnel. If that is not available, an external public server is needed
in order to poke a hole in the NAT. The easiest way to do this is to use
STUN, since there are a lot of public servers available.

The servers can be configured via the network data, based on the assumption,
that an auth exchange with network data update can be done directly

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoutils: add support for passings address family to network_get_endpoint()
Felix Fietkau [Thu, 15 Sep 2022 20:02:09 +0000 (22:02 +0200)]
utils: add support for passings address family to network_get_endpoint()

Can be used to limit results to IPv4 addresses

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: add utility function to get the sockets based on type / address family
Felix Fietkau [Thu, 15 Sep 2022 19:47:20 +0000 (21:47 +0200)]
pex: add utility function to get the sockets based on type / address family

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: move raw ip send code to sendto_rawudp() in utils.c
Felix Fietkau [Thu, 15 Sep 2022 19:44:47 +0000 (21:44 +0200)]
pex: move raw ip send code to sendto_rawudp() in utils.c

This allows it to be reused for other purposes later

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: move rx header check to callback function
Felix Fietkau [Thu, 15 Sep 2022 19:18:42 +0000 (21:18 +0200)]
pex: move rx header check to callback function

Fixes some length check bugs in the cli code and allows other protocols to be
used on the global PEX port.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: keep active pex hosts after the specified timeout
Felix Fietkau [Sat, 10 Sep 2022 10:33:03 +0000 (12:33 +0200)]
pex: keep active pex hosts after the specified timeout

Keep them as long as they have sent us a valid message in the last minute

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd DHT discovery service
Felix Fietkau [Sat, 10 Sep 2022 06:43:22 +0000 (08:43 +0200)]
add DHT discovery service

This uses the BitTorrent 'Mainline' DHT in order to find peers.
It operates on the global PEX port, in order to allow exchanging network data
through double NAT. Only the IPv4 DHT is used at the moment.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoubus: notify on network updates
Felix Fietkau [Fri, 16 Sep 2022 16:38:08 +0000 (18:38 +0200)]
ubus: notify on network updates

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: add support for sending/receiving global PEX messages via unix socket
Felix Fietkau [Mon, 5 Sep 2022 10:30:07 +0000 (12:30 +0200)]
pex: add support for sending/receiving global PEX messages via unix socket

This can be used for allowing another protocol (e.g. DHT) to run on the same
port, making it easier to deal with NAT

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: remove pex event debug spam
Felix Fietkau [Fri, 16 Sep 2022 12:55:33 +0000 (14:55 +0200)]
pex: remove pex event debug spam

Makes debugging output more readable

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: reduce unnecessary ping traffic
Felix Fietkau [Fri, 16 Sep 2022 12:54:45 +0000 (14:54 +0200)]
pex: reduce unnecessary ping traffic

Only ping once after the idle time exceeds keepalive time.
Do not ping if no endpoint address is known yet

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agowg-linux: ship a copy of linux/wireguard.h
Felix Fietkau [Mon, 5 Sep 2022 09:40:42 +0000 (11:40 +0200)]
wg-linux: ship a copy of linux/wireguard.h

Makes it possible to build unetd on hosts with older toolchain headers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agocli: fix typo
Felix Fietkau [Sun, 4 Sep 2022 16:44:55 +0000 (18:44 +0200)]
cli: fix typo

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoubus: add reload command
Felix Fietkau [Thu, 1 Sep 2022 18:38:50 +0000 (20:38 +0200)]
ubus: add reload command

This will reload all explicitly configured files (network json, peer lists)
without causing unnecessary network disruption

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agonetwork: add support for configuring extra peers via a separate json file
Felix Fietkau [Thu, 1 Sep 2022 17:42:10 +0000 (19:42 +0200)]
network: add support for configuring extra peers via a separate json file

Peers added to this file are only used locally and not advertised on the
network. Peers should use IP addresses that are part of locally announced
or otherwise configured subnets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoubus: add support for adding auth_connect hosts at runtime
Felix Fietkau [Wed, 31 Aug 2022 18:37:05 +0000 (20:37 +0200)]
ubus: add support for adding auth_connect hosts at runtime

These hosts always need to have a timeout value. After the timeout, they
are automatically deleted. Other than that, they work just like regular
configured auth_host entries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoubus: add support for querying active networks
Felix Fietkau [Wed, 31 Aug 2022 12:48:22 +0000 (14:48 +0200)]
ubus: add support for querying active networks

Shows configuration, local host name, peer connection status

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: add support for sending endpoint notification from the wg port via raw socket
Felix Fietkau [Wed, 31 Aug 2022 11:03:39 +0000 (13:03 +0200)]
pex: add support for sending endpoint notification from the wg port via raw socket

This makes it possible to use the global PEX socket (used for network data updates)
to be used to receive the endpoint address in a way that works through NAT.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd support for disabling VXLAN/eBPF support
Felix Fietkau [Mon, 29 Aug 2022 18:52:20 +0000 (20:52 +0200)]
add support for disabling VXLAN/eBPF support

This makes it easier to backport or de-bloat on smaller systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd support for overriding peer-exchange-port for individual hosts
Felix Fietkau [Mon, 29 Aug 2022 18:37:12 +0000 (20:37 +0200)]
add support for overriding peer-exchange-port for individual hosts

This can also be used to disable PEX completely for non-unetd host entries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoscripts/update-cmd.pl: run update two times
Felix Fietkau [Mon, 29 Aug 2022 11:16:47 +0000 (13:16 +0200)]
scripts/update-cmd.pl: run update two times

Removing an IP address can clear device routes with matching network/mask.
Running the update a second time ensures that they get recreated

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoscripts/update-cmd.pl: set device up before adding routes/addresses
Felix Fietkau [Mon, 29 Aug 2022 11:10:28 +0000 (13:10 +0200)]
scripts/update-cmd.pl: set device up before adding routes/addresses

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoscripts/update-cmd.pl: reorder add/remove calls to better deal with dynamic changes
Felix Fietkau [Mon, 29 Aug 2022 11:08:29 +0000 (13:08 +0200)]
scripts/update-cmd.pl: reorder add/remove calls to better deal with dynamic changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex-msg: fix siphash key initializer
Felix Fietkau [Sun, 28 Aug 2022 18:39:47 +0000 (20:39 +0200)]
pex-msg: fix siphash key initializer

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobuild.sh: force use of -fPIC on static libraries to fix build error
Felix Fietkau [Sun, 28 Aug 2022 17:56:31 +0000 (19:56 +0200)]
build.sh: force use of -fPIC on static libraries to fix build error

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: fix formatting of help text
Felix Fietkau [Sun, 28 Aug 2022 17:56:12 +0000 (19:56 +0200)]
unet-cli: fix formatting of help text

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: enable ucode strict mode
Jo-Philipp Wich [Wed, 24 Aug 2022 22:58:44 +0000 (00:58 +0200)]
unet-cli: enable ucode strict mode

Enable strict mode and explicitly declare all used variables.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2 years agounet-cli: fix reference to missing variable
Felix Fietkau [Thu, 25 Aug 2022 10:38:32 +0000 (12:38 +0200)]
unet-cli: fix reference to missing variable

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: pass host object to set_host()
Felix Fietkau [Thu, 25 Aug 2022 10:40:17 +0000 (12:40 +0200)]
unet-cli: pass host object to set_host()

Avoids accessing global net_data from within the function

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: pass service object to set_service()
Felix Fietkau [Thu, 25 Aug 2022 10:37:24 +0000 (12:37 +0200)]
unet-cli: pass service object to set_service()

Avoids accessing global net_data from within the function

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: use modern module imports
Jo-Philipp Wich [Wed, 24 Aug 2022 22:49:10 +0000 (00:49 +0200)]
unet-cli: use modern module imports

Instead of loading the entire `fs` module space using `require()`, utilize
the `import` statement to load the fs function we actually use.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2 years agounet-cli: use modern ucode syntax
Jo-Philipp Wich [Wed, 24 Aug 2022 22:43:07 +0000 (00:43 +0200)]
unet-cli: use modern ucode syntax

Refactor various places in the script to use modern syntax, such as
template strings or `in` lookups.

Also introduce a simple `assert()` helper function to deal with the
repeated `if (!cond) { warn(msg); exit(1) }` pattern.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2 years agofix build errors when built against glibc
Felix Fietkau [Thu, 25 Aug 2022 10:16:31 +0000 (12:16 +0200)]
fix build errors when built against glibc

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobuild.sh: add libbpf
Felix Fietkau [Thu, 25 Aug 2022 10:16:07 +0000 (12:16 +0200)]
build.sh: add libbpf

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobuild: explicitly link in libelf and zlib
Felix Fietkau [Thu, 25 Aug 2022 10:15:40 +0000 (12:15 +0200)]
build: explicitly link in libelf and zlib

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agonetwork: add support for specifying a host gateway
Felix Fietkau [Wed, 24 Aug 2022 12:02:48 +0000 (14:02 +0200)]
network: add support for specifying a host gateway

A host will only use its gateway as a peer, and connections from
other hosts will be routed through the gateway host

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: bring up interface on ssh add
Felix Fietkau [Wed, 24 Aug 2022 08:58:49 +0000 (10:58 +0200)]
unet-cli: bring up interface on ssh add

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agounet-cli: allow editing remote host domain
Felix Fietkau [Tue, 23 Aug 2022 21:42:59 +0000 (23:42 +0200)]
unet-cli: allow editing remote host domain

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agonetwork: fix writing domain suffix to hosts file
Felix Fietkau [Tue, 23 Aug 2022 21:37:27 +0000 (23:37 +0200)]
network: fix writing domain suffix to hosts file

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd network json editor written in ucode
Felix Fietkau [Mon, 22 Aug 2022 20:14:32 +0000 (22:14 +0200)]
add network json editor written in ucode

reformat example json to match its output

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agohost: deal with host/peer null pointers in debug messages
Felix Fietkau [Tue, 23 Aug 2022 21:11:28 +0000 (23:11 +0200)]
host: deal with host/peer null pointers in debug messages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: remove connected check in pex_msg_send
Felix Fietkau [Tue, 23 Aug 2022 21:06:09 +0000 (23:06 +0200)]
pex: remove connected check in pex_msg_send

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: remove extra newline in debug message
Felix Fietkau [Tue, 16 Aug 2022 20:49:58 +0000 (22:49 +0200)]
pex: remove extra newline in debug message

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agohost: avoid running connect timer if the network is not up
Felix Fietkau [Tue, 16 Aug 2022 18:31:16 +0000 (20:31 +0200)]
host: avoid running connect timer if the network is not up

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agonetwork: fix potential use-after-free
Felix Fietkau [Tue, 16 Aug 2022 18:30:49 +0000 (20:30 +0200)]
network: fix potential use-after-free

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agonetwork: check for empty string arguments
Felix Fietkau [Tue, 16 Aug 2022 15:48:07 +0000 (17:48 +0200)]
network: check for empty string arguments

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd protocol for exchanging signed network data
Felix Fietkau [Sat, 13 Aug 2022 12:57:43 +0000 (14:57 +0200)]
add protocol for exchanging signed network data

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: fix null pointer check
Felix Fietkau [Tue, 23 Aug 2022 20:35:54 +0000 (22:35 +0200)]
pex: fix null pointer check

check for local_host null pointer before dereferencing it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agofix SPDX tag
Felix Fietkau [Sat, 6 Aug 2022 13:51:18 +0000 (15:51 +0200)]
fix SPDX tag

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agocurve25519: rely on utils.h
Felix Fietkau [Sat, 6 Aug 2022 06:38:32 +0000 (08:38 +0200)]
curve25519: rely on utils.h

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd chacha20 implementation
Felix Fietkau [Fri, 5 Aug 2022 13:32:15 +0000 (15:32 +0200)]
add chacha20 implementation

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agopex: use pubkey directly instead of accessing local_host in pex_msg_init()
Felix Fietkau [Wed, 3 Aug 2022 20:27:01 +0000 (22:27 +0200)]
pex: use pubkey directly instead of accessing local_host in pex_msg_init()

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd support for loading signed network files
Felix Fietkau [Mon, 1 Aug 2022 15:57:46 +0000 (17:57 +0200)]
add support for loading signed network files

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd cli tool for signing network json files
Felix Fietkau [Sun, 31 Jul 2022 19:56:36 +0000 (21:56 +0200)]
add cli tool for signing network json files

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd ed25519 code to libunet
Felix Fietkau [Fri, 29 Jul 2022 11:14:22 +0000 (13:14 +0200)]
add ed25519 code to libunet

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobpf_skb_utils: fix skb parsing on older kernels
Felix Fietkau [Sat, 13 Aug 2022 12:55:02 +0000 (14:55 +0200)]
bpf_skb_utils: fix skb parsing on older kernels

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomss-bpf: remove unused-but-set variable
Felix Fietkau [Tue, 2 Aug 2022 19:05:49 +0000 (21:05 +0200)]
mss-bpf: remove unused-but-set variable

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoutils: free the correct addrinfo
Felix Fietkau [Tue, 2 Aug 2022 18:58:43 +0000 (20:58 +0200)]
utils: free the correct addrinfo

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoremove dummy mode
Felix Fietkau [Mon, 1 Aug 2022 05:48:39 +0000 (07:48 +0200)]
remove dummy mode

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomss-bpf: rework the code to use a common skb parser header file
Felix Fietkau [Sat, 9 Jul 2022 15:44:12 +0000 (17:44 +0200)]
mss-bpf: rework the code to use a common skb parser header file

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoutils: fix memory leak in network_get_endpoint()
Felix Fietkau [Tue, 2 Aug 2022 16:48:52 +0000 (18:48 +0200)]
utils: fix memory leak in network_get_endpoint()

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobpf: ignore errors on program attach
Felix Fietkau [Thu, 30 Jun 2022 15:40:33 +0000 (17:40 +0200)]
bpf: ignore errors on program attach

Fixes issues with old kernels, which return errors for no reason

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobuild: move some code to libunet
Felix Fietkau [Wed, 29 Jun 2022 18:35:29 +0000 (20:35 +0200)]
build: move some code to libunet

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agovxlan: add bpf program to fix up tcp mss values
Felix Fietkau [Wed, 29 Jun 2022 18:12:48 +0000 (20:12 +0200)]
vxlan: add bpf program to fix up tcp mss values

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agovxlan: fix endian of the configured port
Felix Fietkau [Tue, 28 Jun 2022 12:06:30 +0000 (14:06 +0200)]
vxlan: fix endian of the configured port

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agovxlan: add missing options
Felix Fietkau [Mon, 27 Jun 2022 15:55:15 +0000 (17:55 +0200)]
vxlan: add missing options

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd some documentation about the PEX protocol
Felix Fietkau [Thu, 23 Jun 2022 11:09:48 +0000 (13:09 +0200)]
add some documentation about the PEX protocol

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoexample: create wireguard and tunnel device
Felix Fietkau [Thu, 23 Jun 2022 08:46:19 +0000 (10:46 +0200)]
example: create wireguard and tunnel device

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoservice: filter out duplicate members
Felix Fietkau [Fri, 17 Jun 2022 12:26:00 +0000 (14:26 +0200)]
service: filter out duplicate members

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoservice: add vxlan tunnel support
Felix Fietkau [Wed, 15 Jun 2022 13:12:25 +0000 (15:12 +0200)]
service: add vxlan tunnel support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoservices: switch to vlist
Felix Fietkau [Tue, 31 May 2022 12:06:07 +0000 (14:06 +0200)]
services: switch to vlist

preparatation for supporting service types

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd missing copyright header
Felix Fietkau [Tue, 31 May 2022 10:30:14 +0000 (12:30 +0200)]
add missing copyright header

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoadd script for standalone builds
Felix Fietkau [Mon, 23 May 2022 17:57:30 +0000 (19:57 +0200)]
add script for standalone builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomake ubus support optional (enabled by default)
Felix Fietkau [Mon, 23 May 2022 13:04:57 +0000 (15:04 +0200)]
make ubus support optional (enabled by default)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agoinitial commit
Felix Fietkau [Thu, 5 May 2022 08:49:46 +0000 (10:49 +0200)]
initial commit

Signed-off-by: Felix Fietkau <nbd@nbd.name>