Skip to content
Tags give the ability to mark specific points in history as being important
  • rc/20220608
    75c0794d · rm test flag ·
    Moin Moin,
    
    Ich habe heute eine neue Firmware gebaut. Basisdaten:
     * Firmware-Version: 20220608
     * Gluon-Version: v2021.1.x
     * Commit ID: 595abcf8cb2dc794801c6ed5f1641783fccf5806
     * Download: https://firmware.ffnw.de/l2tp/20220608/
    
    Folgende Gluon spezifischen Änderungen gab es unter anderen:
    
     * The Linux kernel was updated to version 4.14.275
    
     * The mac80211 wireless driver stack was updated to a version based on
       kernel 4.19.237
    
     * [SECURITY] Autoupdater: Fix signature verification.
    
     * [SECURITY] Config Mode: Prevent Cross-Site Request Forgery (CSRF).
    
     * Config Mode: Fix occasionally hanging page load after submitting the
       configuration wizard causing the reboot message and VPN key not to be
       displayed.
    
     * Config Mode (OSM): Update default OpenLayers source URL.
    
     * Config Mode (OSM): Fix error when using " character in attribution
       text.
    
     * respondd-module-airtime: Fix respondd crash on devices with disabled
       WLAN interfaces.
    
     * ipq40xx: Fix bad WLAN performance on Plasma Cloud PA1200 and PA2200
       devices.
    
     * Fix occasional build failure in “perl” package with high number of
       threads (-j32 or higher).
    
     * status page: WLAN channel display does not require the respondd-
       module-airtime package anymore.
    
     * status page: The “gateway nexthop” label now links to the status page
       of the nexthop node.
    
     * status page: The timeout to retrieve information from neighbour nodes
       was increased, making the display of the name of overloaded, slow or
       otherwise badly reachable nodes more likely to succeed.
    
    Die upstream Änderungen findet ihr hier:
    https://github.com/freifunk-gluon/gluon/compare/2dad91bdcb315474cb311c892fc08570c567eab0...595abcf8cb2dc794801c6ed5f1641783fccf5806
    
    Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
    
    Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
    werden:
    
    https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20211030...rc%2F20220608
    
    Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
    signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
    https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
    
    Ein Script zum vereinfachten signieren findet ihr hier:
    https://git.ffnw.de/lrnzo/firmware-signing-made-easy
    
    Viele Grüße
    Jan-Tarek Butt
    
  • rc/20211030
    1a61e833 · rm testing flag ·
    RC hotfix 20211030
    
  • 20210915
    2f0ce146 · domains: rm test flag ·
    Sign Request 20210915
    
    Moin Moin,
    
    Ich habe heute eine neue Firmware gebaut. Basisdaten:
     * Firmware-Version: 20210915
     * Gluon-Version: v2021.1.x
     * Commit ID: 0622764ed123beb7cee8e06ed49d20afd6d906be
     * Download: https://firmware.ffnw.de/l2tp/20210915/
    
    Folgende Gluon spezifischen Änderungen gab es unter anderen:
    
    Added hardware support:
    
    ath79-generic
    * Plasma Cloud
        - PA300
        - PA300E
    * TP-Link
        - Archer C2 v3
        - Archer D50 v1
    * Joy-IT
        - JT-OR750i
    
    ipq40xx-generic
    * AVM
        - FRITZ!Box 7530
    * Plasma Cloud
        - PA1200
        - PA2200
    ramips-mt7620
    * Netgear
        - EX3700
        - EX3800
    ramips-mt76x8
    * Xiaomi
        - Mi Router 4A (100M Edition)
    
    Major changes:
    
    Multicast optimizations (batman-adv):
    
    In this release, we reenable the multicast optimizations, that have gone
    through another round of bug squashing upstream. With this feature
    batman-adv will distribute IPv6 link-local multicast packets via
    individual unicast packets instead of flooding them through the whole
    mesh as long as the number of subscribed nodes does not exceed 16. This
    reduces layer 2 overhead, especially for IPv6 Neighbour Discovery.
    
    We also relaxed the firewall for IPv6 multicast packets: Instead of
    always dropping non-essential multicast packets we now allow all IPv6
    link-local multicast packets to pass when the destination group has up
    to 16 subscribers
    
    Status page:
    
    The status page has received much attention in this release and now
    exposes many more details that help to understand a node's setup remotely.
    
    Among other things, we now expose wireless client count per radio, the
    mac80211 identifiers, the frequencies radios are tuned to, as well as
    information about the VPN provider and details on the mesh protocol stack.
    
    gluon-switch-domain utility:
    
    The ``gluon-switch-domain`` utility has been introduced to allow for a
    standard way to encapsulate the steps required for safely switching
    between domains. Existing packages like the hoodselector and the
    scheduled-domain-switch have been tied in with gluon-switch-domain.
    
    It has an experimental ``--no-reboot`` flag that requires further
    testing, to ensure it doesn't accidentally bridge separate domains.
    
    Other changes:
    
    - The private WLAN interface is now assigned the interface name
    `wan_radioX` where X is the phy index.
    - Linux kernel has been updated to 4.14.235
    - The kernel's mac80211 stack has been updated to 4.19.193-test1 to
    mitigate the `FragAttacks <https://www.fragattacks.com/>`_ vulnerabilities
    - OpenSSL has been updated to 1.1.1l, fixing CVE-2021-3449 and CVE-2021-3450
    - openssl: use --cross-compile-prefix in Configure
    - Dropbear has been patched against mishandling of special filenames in
    its scp component (CVE-2020-36524)
    - kernel: bump 4.14 to 4.14.245
    
    Bugfixes:
    
    - The firmware partition lookup in gluon-web-admin's firmware update
    page was using an old partition label and therefore failed to look up
    the available flash size. This resulted in misleading error messages in
    case the uploaded firmware file exceeds the flash size.
    
    - Android 9 and higher do not properly wake up to renew their MLD
    subscriptions, therefore dropping out of the Neighbor Discovery MLD
    group, which leads to broken IPv6 connectivity after the device has
    slept for a while. A workaround has been deployed to wake these devices
    up in regular intervals to prevent this regression.
    
    - Missing bandwith limit settings resulted in a respondd crash for v2021.1.
    
    - The Tunneldigger VPN provider was not registered with the Gluon VPN backend, resulting in broken Tunneldigger configurations.
    
    - Disabling Radio interfaces in v2021.1 could lead to nullpointer dereferences in the respondd airtime module, as the survey returns no data in this case.
    
    Internal:
    
    Mesh-VPN Abstraction Layer:
    
    In preparation for the introduction of new tunneling protocols, the
    gluon-mesh-vpn framework has been modularized. This allows for providers
    to use a standard interface and keep their implementation details in a
    dedicated package.
    
    Continuous Integration:
    
    * GitHub Actions
      - GitHub actions is now enabled for the Gluon project, build-testing
    all available targets.
      - CI jobs are now run based on which paths have been modified.
      - Linters for lua and shell scripts have been integrated.
    
    Die upstream Änderungen findet ihr hier:
    https://github.com/freifunk-gluon/gluon/compare/197e44da8ba47104ac088aedac73cde35135db67...0622764ed123beb7cee8e06ed49d20afd6d906be
    
    Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
    
    * Das Buildscript kann nun builddir cleanups über alle Architekturen.
    
    * ein RC autoupdater branch ist eingerichtet um das testen von release
    canidates zu vereinfachen.
    
    * Alle Domains bekommen ein zusätzliches neues IPv6 Präfix.
    
    * Die Domain Delmenhorst wurde westlicher von Delmenhost verschoben und
    heißt jetzt Landkreis Oldenburg. Hinzugekommen ist die Domain Bremen.
    
    * Teile der Domain landkreis_osnabrueck wurden in die Domain bad_iburg
    verschoben um Domain grenzen weniger durch Ortschaften laufen zu lassen
    und die Anzahl der Router pro Domain anzugleichen.
    
    * Die Domain landkreis_wittmund wurde in landkreis_wittmund_nord und
    landkreis_wittmund_sued geteilt.
    
    * Der Patch
    0004-patches-openwrt-add-0016-ath9k-check-for-deaf-rx-pat.patch wurde
    entfernt.
    
    * eine Outdoor channel liste wurde hinzugefügt.
    
    Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
    werden:
    
    https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20210427...rc%2F20210915
    
    Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
    signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
    https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
    
    Ein Script zum vereinfachten signieren findet ihr hier:
    https://git.ffnw.de/lrnzo/firmware-signing-made-easy
    
    Viele Grüße
    Jan-Tarek Butt
    _______________________________________________
    Dev mailing list -- dev@lists.ffnw.de
    To unsubscribe send an email to dev-leave@lists.ffnw.de
    
  • 20210427
    Sign Request 20210427
    
    Moin Moin,
    
    Ich habe heute eine neue Firmware gebaut. Basisdaten:
     * Firmware-Version: 20210427
     * Gluon-Version: v2020.2.x
     * Commit ID: 197e44da8ba47104ac088aedac73cde35135db67
     * Download: https://firmware.ffnw.de/l2tp/20210427/
    
    Folgende Gluon spezifischen Änderungen gab es unter anderen:
    
    - LEDs on the ASUS RT-AC51 are now fully functional.
    
    - Netgear EX6150v1 randomly booting into failsafe mode has been fixed.
      This happened dependant on the state of the mode setting switch.
    
    - Dnsmasq has been patched against multiple security issues in its DNS
    response validation.
      See the OpenWrt advisory at https://openwrt.org/advisory/2021-01-19-1
    
    Other changes
    -------------
    
    - Linux kernel has been updated to 4.14.224
    - batman-adv fixes were backported from its 2021.0 release
    - OpenSSL has been updated to 1.1.1k
    
    Die upstream Änderungen findet ihr hier:
    https://github.com/freifunk-gluon/gluon/compare/90d0e33c619cef9e0af928ef4d6477f6c1bdc0de...197e44da8ba47104ac088aedac73cde35135db67
    
    Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
    
    * romove package ffnw-vxlan-switch
    
    * activate VXLAN for domain: leer, lohne, oldenburg2, osnabrueck,
    osnabrueck2, rastede, suedost, tossens und wilhelmshaven alle domains
    haben nun vxlan aktiviert.
    
    Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
    werden:
    
    https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20210103...rc%2F20210427
    
    Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
    signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
    https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
    
    Ein Script zum vereinfachten signieren findet ihr hier:
    https://git.ffnw.de/lrnzo/firmware-signing-made-easy
    
    Viele Grüße
    Jan-Tarek Butt
    _______________________________________________
    Dev mailing list -- dev@lists.ffnw.de
    To unsubscribe send an email to dev-leave@lists.ffnw.de
    
  • rc/20210915
    2f0ce146 · domains: rm test flag ·
    Moin Moin,
    
    Ich habe heute eine neue Firmware gebaut. Basisdaten:
     * Firmware-Version: 20210915
     * Gluon-Version: v2021.1.x
     * Commit ID: 0622764ed123beb7cee8e06ed49d20afd6d906be
     * Download: https://firmware.ffnw.de/l2tp/20210915/
    
    Folgende Gluon spezifischen Änderungen gab es unter anderen:
    
    Added hardware support:
    
    ath79-generic
    * Plasma Cloud
        - PA300
        - PA300E
    * TP-Link
        - Archer C2 v3
        - Archer D50 v1
    * Joy-IT
        - JT-OR750i
    
    ipq40xx-generic
    * AVM
        - FRITZ!Box 7530
    * Plasma Cloud
        - PA1200
        - PA2200
    ramips-mt7620
    * Netgear
        - EX3700
        - EX3800
    ramips-mt76x8
    * Xiaomi
        - Mi Router 4A (100M Edition)
    
    Major changes:
    
    Multicast optimizations (batman-adv):
    
    In this release, we reenable the multicast optimizations, that have gone
    through another round of bug squashing upstream. With this feature
    batman-adv will distribute IPv6 link-local multicast packets via
    individual unicast packets instead of flooding them through the whole
    mesh as long as the number of subscribed nodes does not exceed 16. This
    reduces layer 2 overhead, especially for IPv6 Neighbour Discovery.
    
    We also relaxed the firewall for IPv6 multicast packets: Instead of
    always dropping non-essential multicast packets we now allow all IPv6
    link-local multicast packets to pass when the destination group has up
    to 16 subscribers
    
    Status page:
    
    The status page has received much attention in this release and now
    exposes many more details that help to understand a node's setup remotely.
    
    Among other things, we now expose wireless client count per radio, the
    mac80211 identifiers, the frequencies radios are tuned to, as well as
    information about the VPN provider and details on the mesh protocol stack.
    
    gluon-switch-domain utility:
    
    The ``gluon-switch-domain`` utility has been introduced to allow for a
    standard way to encapsulate the steps required for safely switching
    between domains. Existing packages like the hoodselector and the
    scheduled-domain-switch have been tied in with gluon-switch-domain.
    
    It has an experimental ``--no-reboot`` flag that requires further
    testing, to ensure it doesn't accidentally bridge separate domains.
    
    Other changes:
    
    - The private WLAN interface is now assigned the interface name
    `wan_radioX` where X is the phy index.
    - Linux kernel has been updated to 4.14.235
    - The kernel's mac80211 stack has been updated to 4.19.193-test1 to
    mitigate the `FragAttacks <https://www.fragattacks.com/>`_ vulnerabilities
    - OpenSSL has been updated to 1.1.1l, fixing CVE-2021-3449 and CVE-2021-3450
    - openssl: use --cross-compile-prefix in Configure
    - Dropbear has been patched against mishandling of special filenames in
    its scp component (CVE-2020-36524)
    - kernel: bump 4.14 to 4.14.245
    
    Bugfixes:
    
    - The firmware partition lookup in gluon-web-admin's firmware update
    page was using an old partition label and therefore failed to look up
    the available flash size. This resulted in misleading error messages in
    case the uploaded firmware file exceeds the flash size.
    
    - Android 9 and higher do not properly wake up to renew their MLD
    subscriptions, therefore dropping out of the Neighbor Discovery MLD
    group, which leads to broken IPv6 connectivity after the device has
    slept for a while. A workaround has been deployed to wake these devices
    up in regular intervals to prevent this regression.
    
    - Missing bandwith limit settings resulted in a respondd crash for v2021.1.
    
    - The Tunneldigger VPN provider was not registered with the Gluon VPN backend, resulting in broken Tunneldigger configurations.
    
    - Disabling Radio interfaces in v2021.1 could lead to nullpointer dereferences in the respondd airtime module, as the survey returns no data in this case.
    
    Internal:
    
    Mesh-VPN Abstraction Layer:
    
    In preparation for the introduction of new tunneling protocols, the
    gluon-mesh-vpn framework has been modularized. This allows for providers
    to use a standard interface and keep their implementation details in a
    dedicated package.
    
    Continuous Integration:
    
    * GitHub Actions
      - GitHub actions is now enabled for the Gluon project, build-testing
    all available targets.
      - CI jobs are now run based on which paths have been modified.
      - Linters for lua and shell scripts have been integrated.
    
    Die upstream Änderungen findet ihr hier:
    https://github.com/freifunk-gluon/gluon/compare/197e44da8ba47104ac088aedac73cde35135db67...0622764ed123beb7cee8e06ed49d20afd6d906be
    
    Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
    
    * Das Buildscript kann nun builddir cleanups über alle Architekturen.
    
    * ein RC autoupdater branch ist eingerichtet um das testen von release
    canidates zu vereinfachen.
    
    * Alle Domains bekommen ein zusätzliches neues IPv6 Präfix.
    
    * Die Domain Delmenhorst wurde westlicher von Delmenhost verschoben und
    heißt jetzt Landkreis Oldenburg. Hinzugekommen ist die Domain Bremen.
    
    * Teile der Domain landkreis_osnabrueck wurden in die Domain bad_iburg
    verschoben um Domain grenzen weniger durch Ortschaften laufen zu lassen
    und die Anzahl der Router pro Domain anzugleichen.
    
    * Die Domain landkreis_wittmund wurde in landkreis_wittmund_nord und
    landkreis_wittmund_sued geteilt.
    
    * Der Patch
    0004-patches-openwrt-add-0016-ath9k-check-for-deaf-rx-pat.patch wurde
    entfernt.
    
    * eine Outdoor channel liste wurde hinzugefügt.
    
    Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
    werden:
    
    https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20210427...rc%2F20210915
    
    Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
    signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
    https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
    
    Ein Script zum vereinfachten signieren findet ihr hier:
    https://git.ffnw.de/lrnzo/firmware-signing-made-easy
    
    Viele Grüße
    Jan-Tarek Butt
    
  • stable/20210915
    2f0ce146 · domains: rm test flag ·
  • rc/20210810
    Release canidate 20210810
    
  • rc/20210427
    rc20210427
  • rc/20210103
    342e1283 · remove testing flag ·
    Release 20210103
    
  • stable/20210103
    342e1283 · remove testing flag ·
  • rc/20201221
  • stable/20201221
  • 20201207
    Release 20201207
    
  • 20201128
    Release 20201128
    
  • rc/20201207
  • stable/20201128
  • 20201102
    Release 20201102
    
  • 20200820
    0bba11f5 · domains: remove test flag ·
    Release 20200820
    
  • 20200525
    6a53ed4b · rm testing flag ·
    Release 20200525
    
  • 20200212
    Release 20200212