Darryl Sokoloski [Thu, 10 Aug 2023 15:48:32 +0000 (15:48 +0000)]
netifyd: Updated to v4.4.7
Bug Fixes
- Fixed mbedTLS crashes and TLS handshake errors when the nDPI-bundled libgcrypt "lite" version conflicts with the system version (via libcurl).
- Fixed linking order issue with libini.
- Fixed non-portable static linking warning with libndpi.
- Write flows to sockets regardless if "add_flows" is true.
- Fixed compilation error if _DIRENT_HAVE_D_RECLEN isn't defined.
- Fixed Agent path.
- [OpenWrt] Switch to "grep -E" as "egrep" is deprecated.
- Fixed possible ndAddr crash: return a const reference for cached strings.
Josef Schlehofer [Tue, 19 Sep 2023 23:48:12 +0000 (01:48 +0200)]
czmq: drop libpcre dependency
It seems like the libpcre dependency was added by mistake.
While checking in the source code of czmq (Makefile.am, CMakeLists.txt),
I see there are several dependencies, but there isn't PCRE.
Fixes: 936a48a ("czmq: add new package") Signed-off-by: Josef Schlehofer <redacted>
The tracking and interface status was mixed up in the report. To fix
this, the interface status and the tracking status are now used
directly. The online, uptime and error information are appended to the
status line if needed. If certain routing tables and routing rules are
missing, the error number is also given.
The tracker state is not shown via ubus. Only if the tracker was in
active state, then the boolean running was set or not. By adding the
tracking state to the ubus information we could also evaluate the state
of the tracker. To remain compatible, the runnig flag of the tracker is
not removed, which in fact displays the same information, but only if
the tracker is in state 'active' or not.
mwan3: remove notracking in mwan3track ubus status
The function 'get_mwan3_status' is reading the internal state from the
tracker via the status file. Do not use the state 'notracking' status
anymore. If the mwan3track is not running always return 'unknown'
and not 'notracking'. There is already an other function that evaluates
the external state of the tracker.
We have now the following states of the tracker:
internal (mwan3track):
- offline
- online
- diconnecting
- connecting
- disabled
- unknown
external (via pgrep and config):
- paused
- active
- down
- not enabled
v1.2.1 changes:
- sandbox: Add support for escaping resolv.conf symlinks. This fixes usage in WSL environments which symlinks /etc/resolv.conf under a shared location under /mnt.
Hannu Nyman [Mon, 18 Sep 2023 17:16:14 +0000 (20:16 +0300)]
collectd: remove target dependency from cpufreq plugin
We currently have more package architectures supporting
CPU frequency scaling than earlier, and the package architecture
vs. CPU target SDK matching does not fully reflect that.
(E.g. aarch64_cortex-a53 is currently using bcm27xx/bcm2710)
Simplify things by removing the target dependency and let the plugin
be built for all architectures.
Jeffery To [Mon, 18 Sep 2023 01:30:56 +0000 (09:30 +0800)]
rust: Set rustflags by environment variable
In order to use $(RUSTC_TARGET_ARCH) in HOST_BUILD_DIR, the line to
include rust-values.mk in the Rust makefile was moved in f489e019ac4a15e974518d9928ef913a157d135a, causing it to be included
before package.mk is included.
This had the side effect of preventing "-lssp_nonshared" from being
added to RUSTC_LDFLAGS, because PKG_SSP is indirectly set by package.mk
(package.mk includes hardening.mk, hardening.mk sets PKG_SSP).
There is a deeper issue; it is the Rust package's PKG_SSP value that
causes RUSTC_LDFLAGS to be set and written to the Cargo config file. For
packages that use Rust to build, their PKG_SSP value does not affect the
linker flag.
This sets rustflags with the RUSTFLAGS environment variable, instead of
writing the value to the Cargo config file, allowing PKG_SSP from the
package being built to be used and for the package being built to modify
the rustflags used.
This also:
* Fix "-lssp_nonshared" being added to TARGET_CFLAGS instead of
RUSTC_LDFLAGS, when CONFIG_PKG_CC_STACKPROTECTOR_STRONG is set.
* Remove the use of $(RUSTC_TARGET_ARCH) in HOST_BUILD_DIR and move the
include line for rust-values.mk back to after package.mk.
Since the host build directory was moved under the target build
directory in efdbac38dc8b649ca26b49fac27abeb5cf76cd28, it is no longer
necessary to separate build directories with RUSTC_TARGET_ARCH;
$(BUILD_DIR) already separates build directories by target.
* Add BUILDONLY:=1, as the Rust package does not build a target package.
* Install the Cargo config file as "config.toml" instead of "config", as
this is the preferred form[1].
* Rename RUST_CFLAGS to RUSTC_CFLAGS and CONFIG_HOST_SUFFIX to
RUSTC_HOST_SUFFIX, for consistency.
* Allow CARGO_VARS to be set before rust-values.mk is included.
build hosts with busybox fail with long options on rm
command. Short versions are supported by all, so this
makes it script compatible with busybox hosts as well.
podman still seems to use catatonit with
rootless containers. It seems that it is
possible to use alternatives, such as tini,
but maybe go the same way they went on mainstream.
- Fixed a performance issue when calculating diff sizes in overlay. The podman system df command should see a significant performance improvement.
- Fixed a bug where containers in a pod would use the pod restart policy over the set container restart policy.
- Fixed a bug in the Compat Build endpoint where the pull query parameter did not parse 0/1 as a boolean.
- Updated the containers/storage library to v1.48.1
Changes:
- support arbitrary idmapped mounts. Now it is possible to specify a mapping for any type of mount, not only bind mounts.
- add support for "ridmap" mount option to support recursive idmapped mounts.
- fix check for oom_score_adj. Write the oom_score_adj file even when the new value is 0.
- features: Support mountExtensions.
- correctly handle unknown signal string when it doesn't start with a digit.
- do not attempt to join again already joined namespace.
- wasmer: use latest wasix API.
- refresh libocispec
Bug fixes:
- stdio: ignore EIO for terminals
- ensure console socket buffers are properly sized
- conmon: drop return after pexit()
- ctrl: make accept4 failures fatal
- logging: avoid opening /dev/null for each write
- oom: restore old OOM score
- Use default umask 0022
Misc changes:
- cli: log parsing errors to stderr
- Changes to build conmon for riscv64
- Changes to build conmon for ppc64le
- Fix close_other_fds on FreeBSD
This package is not maintained by upstream anymore as they replace it by Ntopng 3. [1]
Upstream repository is archived and read only since February 2022 [2]
Tyler Young [Thu, 14 Sep 2023 15:14:43 +0000 (11:14 -0400)]
tailscale: set nftables as default
This changes the default firewall method used by Tailscale to nftables.
The 'autodetection' mode is only supported by arm64 and amd64 for now[1].
This causes mips devices to not do proper detection and incorrectly default back to
iptables.
I added a fw_mode variable to the tailscale.conf file that could be
set to iptables for easy conversion for someone still using iptables.
I was able to test on an older mips device and my current aarch64
without issues.
Also a few readme updates to bring it up to the current status.
,,_ -*> Snort++ <*-
o" )~ Version 3.1.70.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2023 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.12
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.10 1 Aug 2023
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.2.13
Using Hyperscan version 5.4.2 2023-09-07
During the renameing of mwan3_connected_v4 to mwan3_connected_ipv4 and
mwan3_connected_v6 to mwan3_connected_ipv6 the adjustment in the ubus
call was forgotten. This commit fixes this.
git.99rst.org / openwrt-packages.git / log