fwmark is used internally during firewall processing, and no mark
remains on egress. Yes, the fwmark is to identify egress encrypted
packets, but no egress packet itself contains this value, and
this metadata disappears once the packet leaves the firewall.
The current wording is ambiguous, since "for" does a lot of lifting.
"during" helps limit the scope of this definition.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Allow the DHCPv6 client to accept /64 prefix via SLAAC and extend it on downstream interface (RFC 7278)
useful for ISPs that only distribute /64 IPv6 prefixes through SLAAC.
Signed-off-by: Arayuki Mago <ms@missing233.com>
shellquote method is introduced so an injected code cannot be executed by the popen command.
Signed-off-by: Tom Haley <this_username_has_been_taken2@proton.me>
This commit fixes incorrect peer detection when using IP v6 by deleting all the square the square brackets from the wgHost variable.
Signed-off-by: Tom Haley <this_username_has_been_taken2@proton.me>
See https://github.com/openwrt/luci/issues/7410
Basically: RFC9096 updates the language in order to avoid DHCPv6 RELEASE
upon reboot to avoid re-addressing. (now: RELEASE == SHOULD NOT)
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Since on openwrt keepalive option defaults to "5 1" when it's not
defined:
6720c4ccba/package/network/services/ppp/files/ppp.sh (L128)
Users must be able to set it to 0 to ignore connection failures.
Signed-off-by: Erdem Gez <perport@perport.net>
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Fixed bug with incorrect peer name detection on `Status -> WireGuard`
page when more than one peer with the same public key exist:
1. Peers are now tested not only by public key, but also by
enabled/disabled status, peer host (both IP and FQDN are supported)
and port.
2. Added required `resolveip` dependency.
Closes#7342
Signed-off-by: @this-username-has-been-taken
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
ModemManager protocol has supported setting initial EPS bearer since
package commit [1], so lets expose the same support via LuCI as well.
[1] af12147f8c
Signed-off-by: Damir Samardzic <damir.samardzic@sartura.hr>
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
This has never worked because the option 'auth' is not known to the
modemmanger proto handler. The correct uci name is 'allowedauth' and is
also a uci list option, so that several options can be selected.
This commit fixes this bug.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If for some reason luci-lib-uqr is absent, the GUI shows that the proto
handler needs installing (since it now has a dep which is missing).
Suitable action is to install the lib or remove/install wireguard again.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
This enables more advanced configuration by allowing complex URIs, including
user groups and hidden directories (camouflage). It further simplifies the configuration
by eliminating the port and usergroup parameters.
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
This is no longer a client implementing CISCO anyconnect. Many other
protocols are present.
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Daniel F. Dickinson changed email address to <dfdpublic@wildtechgarden.ca>
luci-all-lxl has a maintainer Petar Koretic <petar.koretic@sartura.hr> but there is no corresponding GitHub account.
So Dirk Brenken was added as a second maintainer: he answered on an issue of the app.
When maintainer wasn't set the initial author was used, or most contributor or Jo-Philipp Wich as a default.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Include in DS-Lite General Settings common AFTR addresses for Japan market
to make it easier to configure OpenWrt in Japan and help people to save
money on hardware.
Fixes: #7133
Ref: https://forum.openwrt.org/t/x/195654
Suggested-by: Konstantin-Glukhov <24302271+Konstantin-Glukhov@users.noreply.github.com>
[shorten subject, rewrap commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This reverts commit 995d3a1801.
The `mtu` option controls the pppd mru and mtu arguments, it is not
specific to pppoe.so.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Remove the unnecessary PROVIDES statements from two protocols.
Wireguard was recently changed erroneously: the old compatibility
reference to luci-app-wireguard was replaced by self-reference.
But as the app and proto were combined already in 2022, the old
compatibility define should be unnecessary by now, so just remove it.
Yggdrasil has had a similar unnecessary setting (package
PROVIDES itself), so remove that at the same time.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The old term "mobile service" is not common, it is replaced by the new
name "cellular network", which is more familiar.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The empty string is not a legal translation key.
Fixes: f5ccfd3df4 ("luci-proto-yggdrasil: add `yggdrasil-jumper` support")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
