New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rndis_host: support Novatel Verizon USB730L #730
Commits on Dec 20, 2020
Commits on Dec 21, 2020
-
build: disable RSAv2 key usage
Latest GPL merge should now be able to fully work with the original, public RSAv1 key.
Commits on Dec 22, 2020
Commits on Dec 23, 2020
-
openvpn: use iproute2 instead of netlink for all platforms
When using netlink, the route_net_gateway ENV var may end up containing the default gateway of another tunnel instead of the real default gateway from the main table, breaking things when multiple clients are running. The issue isn't unique to 2.6.xx and was reproduced on 4.1.52 as well.
-
-
httpd: implement runner status report for RT-AC86U/GT-AC2900; fix unk…
…nown status report fcctl on these older HND models do not report the state of runner. Look for the presence of the pktrunner module instead on these two models. Also encode HTML entities for <unknown> reports to avoid being parsed as HTML tags.
Commits on Dec 24, 2020
Commits on Dec 28, 2020
-
-
-
-
Refresh 386_41350 binary blobs for RT-AC68U/RT-AC86U/RT-AC88U/RT-AC53…
…00 from GPL tarballs
-
-
-
-
-
Commits on Dec 29, 2020
Commits on Dec 31, 2020
-
rc: shared: webui: Hardcode fq_codel usage for tQoS/Bandwidth Limiter…
…, remove option to select sfq as a qsched There are no reason for anyone to want to use sfq instead of fq_codel.
-
-
-
Commits on Jan 1, 2021
Commits on Jan 3, 2021
-
-
-
Merge pull request RMerl#671 from JackMerlin/master
github: provide issue templates
-
-
libovpn: enable multihome for UDP servers
Required as the router has multiple interfaces and we don't bind to a specific one.
Commits on Jan 5, 2021
Commits on Jan 6, 2021
Commits on Jan 7, 2021
Commits on Jan 8, 2021
Commits on Jan 10, 2021
-
SDK 4908: revert bdmf.o to 386_40577 version
Seems to resolve various issues, like failing firmware upgrades and general throughput issues when using the Trend Micro engine.
-
rc: don't use prebuilt init-broadcom
We need to make some changes to it, and so far both the source file and the prebuilt are available... for now.
Commits on Jan 13, 2021
Commits on Jan 18, 2021
Commits on Jan 19, 2021
Commits on Jan 22, 2021
-
-
wsdd2: Also bind to specific interface when listening to SSDP address
This allows wsdd2 to still be able to handle multicasts when WAN interface is down (otherwise it results in "Network is unreachable") Need to ensure that this fix still works in a scenario where one might not be requesting a specific interface to bind to at run time. Maybe only bind multicasts if "-i" was actually specified at run time?
Commits on Jan 24, 2021
Commits on Jan 26, 2021
Commits on Jan 27, 2021
Commits on Jan 28, 2021
-
Revert "wsdd2: Also bind to specific interface when listening to SSDP…
… address" While this fixes issues when WAN is down, other scenarios no longer work. Will require more in depth analysis. This reverts commit 2585ca7.
-
rc: restart nasapps/wsdd2 on WAN up
Temporary workaround for the issue where wsdd2 won't work properly if started before WAN. This causes wsdd2 to get restarted when WAN comes up.
Commits on Jan 30, 2021
Commits on Feb 1, 2021
Commits on Feb 4, 2021
-
Harmonized target profiles with upstream
Resolves a few issues such as non-working 160 MHz support for RT-AC88U SKUs that support it, or missing Instant Guard on some models.
-
Commits on Feb 6, 2021
-
-
-
www: accept IPv6 ending with :: as being valid
split() resulting in an empty string will still have a length of 1 since it's an array with one element of an empty string. This fixes 6in4 tunnel prefixes that will end with "::"
-
Commits on Feb 7, 2021
-
www: update and fixes to get_oui_full_vendor() to use local DB
Asus querying the OUI database stored on their own server would fail when accessing the webui over https (due to their database being only reachable over http). Keep a local copy on the router instead. Remove the old OUI db implementation (which was JS-based), switching to the new JSON db. Allow querying MACs that do not belong to a networkmap client (so querying site survey MACs is possible).
-
rc: rework ssh key handling/generation so SSH can work even with non-…
…functional JFFS - Move nvram-to-JFFS migration to format.c. - If JFFS is unaccessible, then create keys in /etc/dropbear/ as fallback so SSH can still be used even with a non-working JFFS partition.
-
webui: add missing Netools and Wifi Insight pages to GT-AC2900 and RT…
…-AX86U (fixes #690)
-
Commits on Feb 8, 2021
-
-
-
rc: add badblock skipping to mtd_erase()
Otherwise, mtd_erase() will return an error as it will abort at the first bad block encountered on erase.
-
Commits on Feb 9, 2021
-
snmp: Enable SNMP support on the RT-AX86U
Seems to be working properly unlike the RT-AC86U which still floods the kernel log with MDIO errors (could be related to the BCM SDK version)
-
-
rc: replace jffs2_enable with jffs2_on as used upstream
Since we no longer allow users to enable/disable the jffs2 partition there is no point in using a different variable. The name change is old legacy code from back when we used to make it user configurable.
-
Commits on Feb 12, 2021
Commits on Feb 17, 2021
Commits on Feb 18, 2021
Commits on Feb 20, 2021
-
-
rc: move start of sshd near the end of the boot process
This gives more time to the kernel entropy pool to be properly seeded, otherwise dropbearkey could get forever stuck at boot time when the user just migrated from stock firmware and dropbear attempts to create the ed25519 host key during boot, or if the user just erased his JFFS partition. Ideally, the new jitter entropy source would need to be backported from newer kernels, as an alternative to the current interrupt-based entropy source. Another option would be to have dropbear fallback to urandom if getrandom() can't get enough entropy.
-
-
-
Commits on Feb 21, 2021
-
Add jitterentropy-rngd daemon to HND models
Routers are often starved for entropy, leading to delays at boot time (when services like cfg_mnt try to generate a key/cert, or when dropbear attempts to generate missing keys). This daemon uses timer jitter to fill up the entropy pool very early at boot time (where there aren't enough interrupts for the kernel to properly seed the pool on itself). This will prevent boot time delays as services await for more entropy to be available, or even potential deadlocks. It will also generally improve entropy, which improves crypto security in general. Unfortunately the daemon doesn't help on older kernel/platforms, so this is only enabled for HND models at this time.
-
Commits on Feb 23, 2021
-
Use interval for clock & boot time
Replace timeout to fix delay/sync of clock
Commits on Feb 25, 2021
-
rc: remove SSH brute force protection option, as it is redundant
Asus's Protect Service daemon already takes care of blacklisting IPs that generate too many authentication failures on the SSH service.
-
Merge pull request RMerl#706 from jackyaz/patch-1
www: Use interval for clock & boot time
-
rc: time_zone_x_mapping bug fix (RMerl#701)
Bug for some time zones where time_zone_dstoff would not be appended to /etc/TZ.
Commits on Feb 26, 2021
Commits on Feb 28, 2021
-
-
iproute2-4.3: backported tc cake support from 14d2df887481dd2130c6ae5…
…d023325262429ce3c
-
-
rc: fix bad merge in qos.c from GPL_41700
Upload classes 1:10 through 1:40 are missing on the upload WAN interface. This commit reverts to the specific code block from 386.1beta4.
-
Merge pull request RMerl#709 from dave14305/patch-1
rc: fix bad merge in qos.c from GPL_41700
-
Commits on Mar 2, 2021
-
rc: implement Cake QoS mode for HND routers
Cake support is implemented as new qos_type of 9 (high number was used to avoid conflicts in case Asus add more qos types in the future). A couple of notes: - Only supported by kernel 4.1.xx (that's HND models at this time) - Not compatible with flow cache/runner/archer acceleration, so currently not suitable for connections above ~350 Mbps - In line with the original Cake design philosophy, only a limited number of configurable settings are exposed to the user - If user sets bandwidth to Automatic (or 0) on webui, then set bandwidth to unlimited. ingress-autorate was tested, and show to provide very poor performance, so it wasn't implemented - A diffserv3 setup is used for upstream (so users of ATA/VoIP phones with diffserv support can benefit from it), and besteffort on downstream - overhead (including mpu, atm and ptm settings) are supported at the webui level - nat mode is enabled if the router handles NAT
-
-
Commits on Mar 3, 2021
-
Fix NetEase UU Game Accelerator model type
VersusClyne authored and VersusClyne committedMar 3, 2021 -
iproute2-4.3: fix display of negative deficit and drop_next values (R…
…Merl#710) * iproute2-4.3: fix display of negative deficit values * iproute2-4.3: fix display of negative drop_next values
-
-
Commits on Mar 4, 2021
-
-
iproute2: re-apply BCM/Asus patches from iproute2-4.3.0 on top of 5.1…
…1.0; disable building unused components
-
-
-
rc: split Cake parameters and script into two separate files
This will make it easier for users to replace the default cake setup script with their own, and still be able to reuse the settings generated by the router such as up/downstream bandwidth.
-
Commits on Mar 5, 2021
Commits on Mar 6, 2021
-
-
-
-
build: fix platform.mak for building HND models following 42095 merge
42095 GPLs have different platform.mak, unify them together so it can handle all HND SDKs.
-
build: remove FTP_SSL setting from build targets since it's alreaedy …
…globally enabled in config_base
-
iproute2: fix confdir location in iproute2-5.11.0
Fixes ip being unable to recognize table names
Commits on Mar 7, 2021
-
-
-
-
-
SDK 5.02p1: SDK5.02.675x: fix kernel modules dependencies
Kernel module depedencies are generated from router/Makefile. On the RT-AX86U, these depdendencies are overwritten by an invalid depmod.pl call which tries to use the wrong (32-bit) version of nm instead of the aarch64 version (like router/Makefile correctly does). Remove depmod.pl calls from buildFS so the correctly generated modules.dep is kept intact.
Commits on Mar 8, 2021
-
Merge pull request RMerl#712 from VersusClyne/master
webui: Fix NetEase UU Game Accelerator model type
-
-
-
Merge pull request RMerl#715 from paldier/revert-712-master
Revert "Fix NetEase UU Game Accelerator model type"
-
qos: move all variables parameters into cake-qos.conf; add cake-qos.c…
…onf.add support; tweak file permissions
Commits on Mar 9, 2021
-
-
rc: always mount jffs2 partition regardless of jffs2_on setting
Some users have the wrong value there for some unknown reason. Since there is no real reason to disable JFFS2 (as the firmware relies heavily on it these days), remove the check for that variable.
-
-
Commits on Mar 10, 2021
Commits on Mar 12, 2021
-
-
Merge pull request RMerl#718 from sadoneli/master
build: add .dummy file for wlcsm to make sure GT-AX11000 passing fw build
-
Commits on Mar 13, 2021
-
rc: fix pointer corruption in filter_setting()
filter_setting() sets pointers to nvram content for wanx_if and a few other variables. Later on, there is a call to config_ic_rule_string(), which issues a call to clean_invalid_config(). That function does two nvram_set() and one nvram_commit(), invalidating these existing pointers. This was causing firewall rules to contain garbled/missing interface information on some platforms. Replace pointers with actual buffers, so their content remain intact after the nvram changes done by the new parental control code.
-
rc: rewritten dnsfilter server table management
- Use a defined struct for code clarity - No longer rely on nvram pointers which may change - Reduces the number of nvram access - Fixed dnsfilter_support_dot() possibly returning the wrong result
-
webui: QoS Classification page: add warning in Cake mode; harmonise q…
…os type handling with nvram value
Commits on Mar 14, 2021
-
rc: revert static DNS routes added with GPL 42095
Add an nvram setting that can be used for re-enabling this feature.
-
rc: make qos-start run in blocking mode
Since QoS config gets applied immediately after rather than before calling this script, ensure it has all the necessary time to complete its own changes to QoS settings.
Commits on Mar 17, 2021
-
webui: store local copies of online json files; add code to refresh them
Asus now retrieves some webui content (such as updated TZ info or the OUI database) through ajax calls made to their download site. Those ajax calls however are done over http, which will be blocked by modern browsers when you are accessing the router's webui over https. Their site has an invalid certificate, so switching to https is currently not an option. To resolve this, keep local copies of these files on the router (like we were already doing for the OUI db), and use these instead. This includes: o Timezone database o ouiDB (we were already using a local copy for some functions) o DNS presets for the WAN configuration Also updated the GameList database that was already cached locally but not up to date.
Commits on Mar 20, 2021
Commits on Mar 21, 2021
-
rc: Rearrange Cake variable positions
This would allow user customizations in DLOPTIONS and ULOPTIONS to override the firmware-generated OVERHEAD and FRAMING via Cake keywords (docsis, pppoe-ptm in DLOPTIONS and ULOPTIONS).
Commits on Mar 22, 2021
-
Merge pull request RMerl#725 from dave14305/patch-1
rc: Rearrange Cake variable positions
Commits on Mar 23, 2021
-
webui: fix display of connected IPSEC clients on VPNStatus page; adde…
…d display of IKEv2 clients
Commits on Mar 25, 2021
Commits on Mar 26, 2021
-
kernel: proper fix for wlan accumulating stats issue
Patch from upstream/Asus
-
Commits on Mar 27, 2021
-
build: no longer explicitely disable NFCM
This fixes the userspace conntrack command no longer working, due to conntrack netlink support getting disabled in the kernel.
-
-
webui: move main content down on index page when the disabled wifi wa…
…rning banner is shown
-
webui: Fix timezone detection (RMerl#729)
Ignore text in parentheses which may include a dash in non-English languages and confuse the index logic. For example: "GMT+0300 (Itä-Euroopan kesäaika)" Fixes #726
-
Commits on Mar 28, 2021
-
(upstream: torvalds/linux@63ba395)
rndis_host: support Novatel Verizon USB730L Treat the ef/04/01 interface class/subclass/protocol combination used by the Novatel Verizon USB730L (1410:9030) as a possible RNDIS interface. T: Bus=01 Lev=02 Prnt=02 Port=01 Cnt=02 Dev#= 17 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 3 P: Vendor=1410 ProdID=9030 Rev=03.10 S: Manufacturer=Novatel Wireless S: Product=MiFi USB730L S: SerialNumber=0123456789ABCDEF C: #Ifs= 3 Cfg#= 1 Atr=80 MxPwr=500mA I: If#= 0 Alt= 0 #EPs= 1 Cls=ef(misc ) Sub=04 Prot=01 Driver=rndis_host I: If#= 1 Alt= 0 #EPs= 2 Cls=0a(data ) Sub=00 Prot=00 Driver=rndis_host I: If#= 2 Alt= 0 #EPs= 1 Cls=03(HID ) Sub=00 Prot=00 Driver=usbhid Once the network interface is brought up, the user just needs to run a DHCP client to get IP address and routing setup. As a side note, other Novatel Verizon USB730L models with the same vid:pid end up exposing a standard ECM interface which doesn't require any other kernel update to make it work. Signed-off-by: Aleksander Morgado <aleksander@aleksander.es> Reviewed-by: Bjørn Mork <bjorn@mork.no> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Commits on Apr 2, 2021
Commits on Apr 7, 2021
-
-
webui: validator.rangeFloat() should not reject values that are equal…
… to the minimal allowed value
-
Commits on Apr 9, 2021
-
webui: various tweaks and fixes to the Firmware Upgrade page.
- Fix version string formatting for available updates if it's running Asuswrt-Merlin - Re-add download button to the release notes page (link to the model redirector if it's the same model as the main router, otherwise use the global download page on the support site) We cannot use the redirector for all nodes since AiMesh does not expose the base model (i.e. RT-AC68U), only the model name (i.e. RT-AC66U_B1).
-
rc: rework ICMPv6 firewall handling
- Move allowed_icmpv6 and allowed_local_icmpv6 rules into separate chains, for firewall optimization - Put icmpv6 type 128 (echo) packet through rate limit - Also rate limit type 128 traffic in the INPUT chain - Use the same rules for both the FORWARD and INPUT chains. ICMP_V6_LOCAL will accept allowed traffic, and return for unhandled types. ICMP_V6 will then handle those additionnal types, and drop any still unhandled type.
Commits on Apr 11, 2021
Commits on Apr 12, 2021
Commits on Apr 13, 2021
Commits on Apr 14, 2021
Commits on Apr 16, 2021
-
webui: fix new FW notification on AiMesh routers
AiMesh is unable to detect new AM releases, so rely on the legacy webs_state_flag for local router updates.
Commits on Apr 20, 2021
-
Enable jitterentropy-rngd for non-HND models
Based on some tests, it does help even if at a lesser extent than on the newer HND platform.
-
openvpn: don't set incoming client TLS errors as a local server failu…
…re in nvram's errorno Fixes the server randomly reporting as being stuck initializing because it was set in an error state when an incoming client would fail to connect.
-