siteconf tagshttps://git.ffnw.de/florian.lottes/siteconf/-/tagshttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20220608rc/20220608Moin Moin,
Ich habe heute eine neue Firmware gebaut. Basisdaten:
* Firmware-Version: 20220608
* Gluon-Version: v2021.1.x
* Commit ID: 595abcf8cb2dc794801c6ed5f1641783fccf5806
* Download: https://firmware.ffnw.de/l2tp/20220608/
Folgende Gluon spezifischen Änderungen gab es unter anderen:
* The Linux kernel was updated to version 4.14.275
* The mac80211 wireless driver stack was updated to a version based on
kernel 4.19.237
* [SECURITY] Autoupdater: Fix signature verification.
* [SECURITY] Config Mode: Prevent Cross-Site Request Forgery (CSRF).
* Config Mode: Fix occasionally hanging page load after submitting the
configuration wizard causing the reboot message and VPN key not to be
displayed.
* Config Mode (OSM): Update default OpenLayers source URL.
* Config Mode (OSM): Fix error when using " character in attribution
text.
* respondd-module-airtime: Fix respondd crash on devices with disabled
WLAN interfaces.
* ipq40xx: Fix bad WLAN performance on Plasma Cloud PA1200 and PA2200
devices.
* Fix occasional build failure in “perl” package with high number of
threads (-j32 or higher).
* status page: WLAN channel display does not require the respondd-
module-airtime package anymore.
* status page: The “gateway nexthop” label now links to the status page
of the nexthop node.
* status page: The timeout to retrieve information from neighbour nodes
was increased, making the display of the name of overloaded, slow or
otherwise badly reachable nodes more likely to succeed.
Die upstream Änderungen findet ihr hier:
https://github.com/freifunk-gluon/gluon/compare/2dad91bdcb315474cb311c892fc08570c567eab0...595abcf8cb2dc794801c6ed5f1641783fccf5806
Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
werden:
https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20211030...rc%2F20220608
Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
Ein Script zum vereinfachten signieren findet ihr hier:
https://git.ffnw.de/lrnzo/firmware-signing-made-easy
Viele Grüße
Jan-Tarek Butt
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20211030rc/20211030RC hotfix 20211030
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2021091520210915Sign Request 20210915
Moin Moin,
Ich habe heute eine neue Firmware gebaut. Basisdaten:
* Firmware-Version: 20210915
* Gluon-Version: v2021.1.x
* Commit ID: 0622764ed123beb7cee8e06ed49d20afd6d906be
* Download: https://firmware.ffnw.de/l2tp/20210915/
Folgende Gluon spezifischen Änderungen gab es unter anderen:
Added hardware support:
ath79-generic
* Plasma Cloud
- PA300
- PA300E
* TP-Link
- Archer C2 v3
- Archer D50 v1
* Joy-IT
- JT-OR750i
ipq40xx-generic
* AVM
- FRITZ!Box 7530
* Plasma Cloud
- PA1200
- PA2200
ramips-mt7620
* Netgear
- EX3700
- EX3800
ramips-mt76x8
* Xiaomi
- Mi Router 4A (100M Edition)
Major changes:
Multicast optimizations (batman-adv):
In this release, we reenable the multicast optimizations, that have gone
through another round of bug squashing upstream. With this feature
batman-adv will distribute IPv6 link-local multicast packets via
individual unicast packets instead of flooding them through the whole
mesh as long as the number of subscribed nodes does not exceed 16. This
reduces layer 2 overhead, especially for IPv6 Neighbour Discovery.
We also relaxed the firewall for IPv6 multicast packets: Instead of
always dropping non-essential multicast packets we now allow all IPv6
link-local multicast packets to pass when the destination group has up
to 16 subscribers
Status page:
The status page has received much attention in this release and now
exposes many more details that help to understand a node's setup remotely.
Among other things, we now expose wireless client count per radio, the
mac80211 identifiers, the frequencies radios are tuned to, as well as
information about the VPN provider and details on the mesh protocol stack.
gluon-switch-domain utility:
The ``gluon-switch-domain`` utility has been introduced to allow for a
standard way to encapsulate the steps required for safely switching
between domains. Existing packages like the hoodselector and the
scheduled-domain-switch have been tied in with gluon-switch-domain.
It has an experimental ``--no-reboot`` flag that requires further
testing, to ensure it doesn't accidentally bridge separate domains.
Other changes:
- The private WLAN interface is now assigned the interface name
`wan_radioX` where X is the phy index.
- Linux kernel has been updated to 4.14.235
- The kernel's mac80211 stack has been updated to 4.19.193-test1 to
mitigate the `FragAttacks <https://www.fragattacks.com/>`_ vulnerabilities
- OpenSSL has been updated to 1.1.1l, fixing CVE-2021-3449 and CVE-2021-3450
- openssl: use --cross-compile-prefix in Configure
- Dropbear has been patched against mishandling of special filenames in
its scp component (CVE-2020-36524)
- kernel: bump 4.14 to 4.14.245
Bugfixes:
- The firmware partition lookup in gluon-web-admin's firmware update
page was using an old partition label and therefore failed to look up
the available flash size. This resulted in misleading error messages in
case the uploaded firmware file exceeds the flash size.
- Android 9 and higher do not properly wake up to renew their MLD
subscriptions, therefore dropping out of the Neighbor Discovery MLD
group, which leads to broken IPv6 connectivity after the device has
slept for a while. A workaround has been deployed to wake these devices
up in regular intervals to prevent this regression.
- Missing bandwith limit settings resulted in a respondd crash for v2021.1.
- The Tunneldigger VPN provider was not registered with the Gluon VPN backend, resulting in broken Tunneldigger configurations.
- Disabling Radio interfaces in v2021.1 could lead to nullpointer dereferences in the respondd airtime module, as the survey returns no data in this case.
Internal:
Mesh-VPN Abstraction Layer:
In preparation for the introduction of new tunneling protocols, the
gluon-mesh-vpn framework has been modularized. This allows for providers
to use a standard interface and keep their implementation details in a
dedicated package.
Continuous Integration:
* GitHub Actions
- GitHub actions is now enabled for the Gluon project, build-testing
all available targets.
- CI jobs are now run based on which paths have been modified.
- Linters for lua and shell scripts have been integrated.
Die upstream Änderungen findet ihr hier:
https://github.com/freifunk-gluon/gluon/compare/197e44da8ba47104ac088aedac73cde35135db67...0622764ed123beb7cee8e06ed49d20afd6d906be
Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
* Das Buildscript kann nun builddir cleanups über alle Architekturen.
* ein RC autoupdater branch ist eingerichtet um das testen von release
canidates zu vereinfachen.
* Alle Domains bekommen ein zusätzliches neues IPv6 Präfix.
* Die Domain Delmenhorst wurde westlicher von Delmenhost verschoben und
heißt jetzt Landkreis Oldenburg. Hinzugekommen ist die Domain Bremen.
* Teile der Domain landkreis_osnabrueck wurden in die Domain bad_iburg
verschoben um Domain grenzen weniger durch Ortschaften laufen zu lassen
und die Anzahl der Router pro Domain anzugleichen.
* Die Domain landkreis_wittmund wurde in landkreis_wittmund_nord und
landkreis_wittmund_sued geteilt.
* Der Patch
0004-patches-openwrt-add-0016-ath9k-check-for-deaf-rx-pat.patch wurde
entfernt.
* eine Outdoor channel liste wurde hinzugefügt.
Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
werden:
https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20210427...rc%2F20210915
Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
Ein Script zum vereinfachten signieren findet ihr hier:
https://git.ffnw.de/lrnzo/firmware-signing-made-easy
Viele Grüße
Jan-Tarek Butt
_______________________________________________
Dev mailing list -- dev@lists.ffnw.de
To unsubscribe send an email to dev-leave@lists.ffnw.de
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2021042720210427Sign Request 20210427
Moin Moin,
Ich habe heute eine neue Firmware gebaut. Basisdaten:
* Firmware-Version: 20210427
* Gluon-Version: v2020.2.x
* Commit ID: 197e44da8ba47104ac088aedac73cde35135db67
* Download: https://firmware.ffnw.de/l2tp/20210427/
Folgende Gluon spezifischen Änderungen gab es unter anderen:
- LEDs on the ASUS RT-AC51 are now fully functional.
- Netgear EX6150v1 randomly booting into failsafe mode has been fixed.
This happened dependant on the state of the mode setting switch.
- Dnsmasq has been patched against multiple security issues in its DNS
response validation.
See the OpenWrt advisory at https://openwrt.org/advisory/2021-01-19-1
Other changes
-------------
- Linux kernel has been updated to 4.14.224
- batman-adv fixes were backported from its 2021.0 release
- OpenSSL has been updated to 1.1.1k
Die upstream Änderungen findet ihr hier:
https://github.com/freifunk-gluon/gluon/compare/90d0e33c619cef9e0af928ef4d6477f6c1bdc0de...197e44da8ba47104ac088aedac73cde35135db67
Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
* romove package ffnw-vxlan-switch
* activate VXLAN for domain: leer, lohne, oldenburg2, osnabrueck,
osnabrueck2, rastede, suedost, tossens und wilhelmshaven alle domains
haben nun vxlan aktiviert.
Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
werden:
https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20210103...rc%2F20210427
Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
Ein Script zum vereinfachten signieren findet ihr hier:
https://git.ffnw.de/lrnzo/firmware-signing-made-easy
Viele Grüße
Jan-Tarek Butt
_______________________________________________
Dev mailing list -- dev@lists.ffnw.de
To unsubscribe send an email to dev-leave@lists.ffnw.de
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20210915rc/20210915Moin Moin,
Ich habe heute eine neue Firmware gebaut. Basisdaten:
* Firmware-Version: 20210915
* Gluon-Version: v2021.1.x
* Commit ID: 0622764ed123beb7cee8e06ed49d20afd6d906be
* Download: https://firmware.ffnw.de/l2tp/20210915/
Folgende Gluon spezifischen Änderungen gab es unter anderen:
Added hardware support:
ath79-generic
* Plasma Cloud
- PA300
- PA300E
* TP-Link
- Archer C2 v3
- Archer D50 v1
* Joy-IT
- JT-OR750i
ipq40xx-generic
* AVM
- FRITZ!Box 7530
* Plasma Cloud
- PA1200
- PA2200
ramips-mt7620
* Netgear
- EX3700
- EX3800
ramips-mt76x8
* Xiaomi
- Mi Router 4A (100M Edition)
Major changes:
Multicast optimizations (batman-adv):
In this release, we reenable the multicast optimizations, that have gone
through another round of bug squashing upstream. With this feature
batman-adv will distribute IPv6 link-local multicast packets via
individual unicast packets instead of flooding them through the whole
mesh as long as the number of subscribed nodes does not exceed 16. This
reduces layer 2 overhead, especially for IPv6 Neighbour Discovery.
We also relaxed the firewall for IPv6 multicast packets: Instead of
always dropping non-essential multicast packets we now allow all IPv6
link-local multicast packets to pass when the destination group has up
to 16 subscribers
Status page:
The status page has received much attention in this release and now
exposes many more details that help to understand a node's setup remotely.
Among other things, we now expose wireless client count per radio, the
mac80211 identifiers, the frequencies radios are tuned to, as well as
information about the VPN provider and details on the mesh protocol stack.
gluon-switch-domain utility:
The ``gluon-switch-domain`` utility has been introduced to allow for a
standard way to encapsulate the steps required for safely switching
between domains. Existing packages like the hoodselector and the
scheduled-domain-switch have been tied in with gluon-switch-domain.
It has an experimental ``--no-reboot`` flag that requires further
testing, to ensure it doesn't accidentally bridge separate domains.
Other changes:
- The private WLAN interface is now assigned the interface name
`wan_radioX` where X is the phy index.
- Linux kernel has been updated to 4.14.235
- The kernel's mac80211 stack has been updated to 4.19.193-test1 to
mitigate the `FragAttacks <https://www.fragattacks.com/>`_ vulnerabilities
- OpenSSL has been updated to 1.1.1l, fixing CVE-2021-3449 and CVE-2021-3450
- openssl: use --cross-compile-prefix in Configure
- Dropbear has been patched against mishandling of special filenames in
its scp component (CVE-2020-36524)
- kernel: bump 4.14 to 4.14.245
Bugfixes:
- The firmware partition lookup in gluon-web-admin's firmware update
page was using an old partition label and therefore failed to look up
the available flash size. This resulted in misleading error messages in
case the uploaded firmware file exceeds the flash size.
- Android 9 and higher do not properly wake up to renew their MLD
subscriptions, therefore dropping out of the Neighbor Discovery MLD
group, which leads to broken IPv6 connectivity after the device has
slept for a while. A workaround has been deployed to wake these devices
up in regular intervals to prevent this regression.
- Missing bandwith limit settings resulted in a respondd crash for v2021.1.
- The Tunneldigger VPN provider was not registered with the Gluon VPN backend, resulting in broken Tunneldigger configurations.
- Disabling Radio interfaces in v2021.1 could lead to nullpointer dereferences in the respondd airtime module, as the survey returns no data in this case.
Internal:
Mesh-VPN Abstraction Layer:
In preparation for the introduction of new tunneling protocols, the
gluon-mesh-vpn framework has been modularized. This allows for providers
to use a standard interface and keep their implementation details in a
dedicated package.
Continuous Integration:
* GitHub Actions
- GitHub actions is now enabled for the Gluon project, build-testing
all available targets.
- CI jobs are now run based on which paths have been modified.
- Linters for lua and shell scripts have been integrated.
Die upstream Änderungen findet ihr hier:
https://github.com/freifunk-gluon/gluon/compare/197e44da8ba47104ac088aedac73cde35135db67...0622764ed123beb7cee8e06ed49d20afd6d906be
Folgende Comunnity spezifischen Änderungen gab es im siteconf repo:
* Das Buildscript kann nun builddir cleanups über alle Architekturen.
* ein RC autoupdater branch ist eingerichtet um das testen von release
canidates zu vereinfachen.
* Alle Domains bekommen ein zusätzliches neues IPv6 Präfix.
* Die Domain Delmenhorst wurde westlicher von Delmenhost verschoben und
heißt jetzt Landkreis Oldenburg. Hinzugekommen ist die Domain Bremen.
* Teile der Domain landkreis_osnabrueck wurden in die Domain bad_iburg
verschoben um Domain grenzen weniger durch Ortschaften laufen zu lassen
und die Anzahl der Router pro Domain anzugleichen.
* Die Domain landkreis_wittmund wurde in landkreis_wittmund_nord und
landkreis_wittmund_sued geteilt.
* Der Patch
0004-patches-openwrt-add-0016-ath9k-check-for-deaf-rx-pat.patch wurde
entfernt.
* eine Outdoor channel liste wurde hinzugefügt.
Die Änderungen an der Siteconf können im Siteconf-Repo hier eingesehen
werden:
https://git.ffnw.de/ffnw-firmware/siteconf/-/compare/rc%2F20210427...rc%2F20210915
Ich bitte euch die Änderungen zu prüfen und die Firmware im Anschluss zu
signieren. Die Dokumentation zum Signaturprozess findet ihr im Wiki unter:
https://wiki.ffnw.de/Firmware/Releaseprozess#Firmware_signieren
Ein Script zum vereinfachten signieren findet ihr hier:
https://git.ffnw.de/lrnzo/firmware-signing-made-easy
Viele Grüße
Jan-Tarek Butt
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/stable%2F20210915stable/20210915Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20210810rc/20210810Release canidate 20210810
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20210427rc/20210427rc20210427Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20210103rc/20210103Release 20210103
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/stable%2F20210103stable/20210103Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20201221rc/20201221Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/stable%2F20201221stable/20201221Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2020120720201207Release 20201207
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2020112820201128Release 20201128
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/rc%2F20201207rc/20201207Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/stable%2F20201128stable/20201128Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2020110220201102Release 20201102
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2020082020200820Release 20200820
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2020052520200525Release 20200525
Jan-Tarek Butthttps://git.ffnw.de/florian.lottes/siteconf/-/tags/2020021220200212Release 20200212
Jan-Tarek Butt