Skip to content

Commit

Permalink
Merge tag '386.3_2' into dsl-master
Browse files Browse the repository at this point in the history
386.3_2
  • Loading branch information
zaloisio committed Aug 7, 2021
2 parents 843ec3d + cc376d7 commit 258b5c8
Show file tree
Hide file tree
Showing 10 changed files with 97 additions and 82 deletions.
31 changes: 31 additions & 0 deletions Changelog-NG.txt
Original file line number Diff line number Diff line change
@@ -1,6 +1,37 @@
Asuswrt-Merlin 386/NG Changelog
===============================

386.3_2 (6-Aug-2021)
- NOTE: closed down the Issue tracker on Github, as 90%
of it was people asking for technical support,
or failing to use the supplied submission form.
- CHANGED: Re-disabled jitterentropy-rngd on non-HND
models. It kept using CPU time every two
seconds and had a very marginal impact on
the entropy pool (which it never could push
above the target threshold of 1024).
- CHANGED: Moved the "Redirect Internet traffic" setting on
the OpenVPN Client page to the Network Settings
section to increase its visibility, as too many
users are forgetting to configure it.
- CHANGED: Display "Internet traffic not redirected" instead
of "Public IP Unknown" on the OpenVPN Client
status display when Redirect Internet traffic
is set to "No".
- FIXED: Only the first OpenVPN client would be used if
you had multiple clients connected and the first
one had a Redirect Internet set to "No". Now,
setting this to "No" means that client's routing
table will no longer get a default gateway
configured, allowing traffic to be processed
by other RPDB tables if there wasn't a matching
route within that client's table.
- FIXED: IPV6-compatible DNSFilter servers weren't
properly configured in dnsmasq.
- FIXED: DNSFilter client rules may get corrupted after a
reboot.


386.3 (23-July-2021)
- NOTE: First time you boot into this version, you need to
either shift-reload the main index page, or clear
Expand Down
2 changes: 1 addition & 1 deletion release/src-rt/version.conf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
KERNEL_VER=3.0
FS_VER=0.4
SERIALNO=386.3
EXTENDNO=0
EXTENDNO=2
RCNO=0
2 changes: 2 additions & 0 deletions release/src/router/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -1465,7 +1465,9 @@ obj-$(RTCONFIG_DNSSEC) += $(if $(RTCONFIG_DNSSEC_OPENSSL),openssl,) $(if $(RTCON
obj-$(RTCONFIG_SAMBA36X) += libiconv-1.14
obj-$(RTCONFIG_TELENET) += lanauth
obj-y += wsdd2
ifeq ($(HND_ROUTER),y)
obj-y += jitterentropy-rngd
endif
#obj-$(RTCONFIG_BWDPI) += faketc

ifneq ($(HND_ROUTER),y)
Expand Down
10 changes: 8 additions & 2 deletions release/src/router/httpd/sysinfo.c
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,8 @@ typedef struct {
unsigned int speed[4];
} phyState;
#endif
#include "openvpn_config.h"


unsigned int get_phy_temperature(int radio);
unsigned int get_wifi_clients(int unit, int querytype);
Expand Down Expand Up @@ -413,7 +415,7 @@ int ej_show_sysinfo(int eid, webs_t wp, int argc, char_t ** argv)
int instance = 1;
int fd;
struct ifreq ifr;
char buf[18];
char buf[18], buf2[18];

strcpy(result, "0.0.0.0");

Expand All @@ -426,7 +428,11 @@ int ej_show_sysinfo(int eid, webs_t wp, int argc, char_t ** argv)
strlcpy(result, inet_ntoa(((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr), sizeof result);

snprintf(buf, sizeof buf, "vpn_client%d_rip", instance);
if (!strlen(nvram_safe_get(buf))) {
snprintf(buf2, sizeof buf2, "vpn_client%d_rgw", instance);

if (nvram_get_int(buf2) == OVPN_RGW_NONE) {
nvram_set(buf, "no Internet traffic");
} else if (!strlen(nvram_safe_get(buf))) {
sprintf(buf, "%d", instance);
eval("/usr/sbin/gettunnelip.sh", buf);
}
Expand Down
7 changes: 6 additions & 1 deletion release/src/router/libovpn/openvpn_control.c
Original file line number Diff line number Diff line change
Expand Up @@ -382,7 +382,12 @@ void ovpn_client_up_handler(int unit)
// Handle traffic redirection
rgw = nvram_pf_get_int(prefix, "rgw");

if (rgw != OVPN_RGW_NONE) {
if (rgw == OVPN_RGW_NONE) {
snprintf(buffer, sizeof (buffer), "/usr/sbin/ip route del default table ovpnc%d", unit);
system(buffer);
if (verb >= 6)
logmessage("openvpn-routing", "Remove default gateway for client %d table", unit);
} else {
// Force traffic to remote VPN server to go through local GW
remote_env = getenv("trusted_ip");
localgw = getenv("route_net_gateway");
Expand Down
6 changes: 6 additions & 0 deletions release/src/router/rc/dnsfilter.c
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,13 @@ void dnsfilter_setup_dnsmasq(FILE *fp) {
}

/* DNS server per client */
#ifdef HND_ROUTER
nv = nvp = malloc(255 * 6 + 1);
if (nv) nvram_split_get("dnsfilter_rulelist", nv, 255 * 6 + 1, 5);
#else
nv = nvp = strdup(nvram_safe_get("dnsfilter_rulelist"));
#endif

while (nv && (b = strsep(&nvp, "<")) != NULL) {
if (vstrsep(b, ">", &name, &mac, &mode, &enable) < 3)
continue;
Expand Down
49 changes: 0 additions & 49 deletions release/src/router/rc/format.c
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,6 @@ extern int vpnc_load_profile(VPNC_PROFILE *list, const int list_size, const int
#include <netinet/in.h>
#include <arpa/inet.h>

#ifdef RTCONFIG_DNSFILTER
#include "dnsfilter.h"
#endif

void adjust_merlin_config(void)
{
#ifdef RTCONFIG_OPENVPN
Expand All @@ -34,9 +30,6 @@ void adjust_merlin_config(void)
char *nv, *nvp, *entry;
char *name, *mac, *mode, *ipaddr, *nvname;
char tmp[64];
#ifdef RTCONFIG_DNSFILTER
int globalmode;
#endif
int count;
int need_commit=0;

Expand Down Expand Up @@ -232,48 +225,6 @@ void adjust_merlin_config(void)
nvram_set("dev_fail_reboot", "1");
}

/* Remove discontinued DNSFilter services (384.7) */
#ifdef RTCONFIG_DNSFILTER
globalmode = nvram_get_int("dnsfilter_mode");
if (globalmode == DNSF_SRV_NORTON1 || globalmode == DNSF_SRV_NORTON2 || globalmode == DNSF_SRV_NORTON3)
nvram_set_int("dnsfilter_mode", DNSF_SRV_OPENDNS_FAMILY);

#ifdef HND_ROUTER
nv = nvp = malloc(255 * 6 + 1);
if (nv) nvram_split_get("dnsfilter_rulelist", nv, 255 * 6 + 1, 5);
#else
nv = nvp = strdup(nvram_safe_get("dnsfilter_rulelist"));
#endif
newstr = malloc(strlen(nv) + 1);

if (newstr) {
newstr[0] = '\0';

while (nv && (entry = strsep(&nvp, "<")) != NULL) {
if (vstrsep(entry, ">", &name, &mac, &mode) != 3)
continue;
if (!*mac || !*mode )
continue;

if (atoi(mode) == DNSF_SRV_NORTON1 || atoi(mode) == DNSF_SRV_NORTON2 || atoi(mode) == DNSF_SRV_NORTON3) {
need_commit = 1;
snprintf(tmp, sizeof(tmp), "<%s>%s>%d", name, mac, DNSF_SRV_OPENDNS_FAMILY);
}
else
snprintf(tmp, sizeof(tmp), "<%s>%s>%s", name, mac, mode);
strcat(newstr, tmp);
}

#ifdef HND_ROUTER
nvram_split_set("dnsfilter_rulelist", newstr, 255 * 6 + 1, 5);
#else
nvram_set("dnsfilter_rulelist", newstr);
#endif
free(newstr);
}
free(nv);
#endif

/* Migrate lan_dns_fwd_local (384.11) */
if (nvram_get_int("lan_dns_fwd_local")) {
need_commit = 1;
Expand Down
8 changes: 8 additions & 0 deletions release/src/router/rc/services.c
Original file line number Diff line number Diff line change
Expand Up @@ -175,8 +175,10 @@ void start_cron(void);
void start_wlcscan(void);
void stop_wlcscan(void);

#ifdef HND_ROUTER
void start_jitterentropy(void);
void stop_jitterentropy(void);
#endif /* HND_ROUTER */

#ifndef MS_MOVE
#define MS_MOVE 8192
Expand Down Expand Up @@ -9333,7 +9335,9 @@ start_aura_rgb_sw(void)
int
start_services(void)
{
#ifdef HND_ROUTER
start_jitterentropy();
#endif /* HND_ROUTER */
#if defined(RTAX82U) || defined(DSL_AX82U) || defined(GSAX3000) || defined(GSAX5400)
start_ledg();
start_ledbtn();
Expand Down Expand Up @@ -9990,9 +9994,12 @@ stop_services(void)
#if defined(RTCONFIG_CFEZ) && defined(RTCONFIG_BCMARM)
stop_envrams();
#endif
#ifdef HND_ROUTER
stop_jitterentropy();
#endif /* HND_ROUTER */
}

#ifdef HND_ROUTER
void start_jitterentropy()
{
pid_t pid;
Expand All @@ -10008,6 +10015,7 @@ void stop_jitterentropy()
char *cmd_argv[] = { "killall", "jitterentropy-rngd", NULL};
_eval(cmd_argv, NULL, 0, &pid);
}
#endif /* HND_ROUTER */

#ifdef RTCONFIG_QCA
int stop_wifi_service(void)
Expand Down
4 changes: 4 additions & 0 deletions release/src/router/sch_cake/sch_cake.c
Original file line number Diff line number Diff line change
Expand Up @@ -1070,6 +1070,8 @@ static const void *cake_get_tcpopt(const struct tcphdr *tcph,
length--;
continue;
}
if (length < 2)
break;
opsize = *ptr++;
if (opsize < 2 || opsize > length)
break;
Expand Down Expand Up @@ -1207,6 +1209,8 @@ static bool cake_tcph_may_drop(const struct tcphdr *tcph,
length--;
continue;
}
if (length < 2)
break;
opsize = *ptr++;
if (opsize < 2 || opsize > length)
break;
Expand Down
60 changes: 31 additions & 29 deletions release/src/router/www/Advanced_OpenVPNClient_Content.asp
Original file line number Diff line number Diff line change
Expand Up @@ -713,8 +713,11 @@ function showConnStatus() {
code = "Connecting...";
setTimeout("getConnStatus()",2000);
break;
case "2": // COnnected
code = "Connected (Local: "+ localip + " - Public: " + remoteip + ") <a href='#' style='padding-left:12px;text-decoration:underline;' onclick='refreshVPNIP();'>Refresh</a>";
case "2": // Connected
if (policy_ori == 0)
code = "Connected (Local: "+ localip + " - Internet not redirected)";
else
code = "Connected (Local: "+ localip + " - Public: " + remoteip + ") <a href='#' style='padding-left:12px;text-decoration:underline;' onclick='refreshVPNIP();'>Refresh</a>";
break;
case "-1":
switch (client_errno) {
Expand All @@ -737,7 +740,6 @@ function showConnStatus() {
code = "Error - check configuration!";
break;
}
setTimeout("getConnStatus()",2000);
break;
default:
code = "";
Expand Down Expand Up @@ -1019,17 +1021,6 @@ function refreshVPNIP() {
<label style="margin-left: 4em;">Port:</label><input type="text" maxlength="5" class="input_6_table" name="vpn_client_port" onKeyPress="return validator.isNumber(this,event);" value="<% nvram_get("vpn_client_port"); %>" >
</td>
</tr>
<tr id="client_adns">
<th><a class="hintstyle" href="javascript:void(0);" onClick="openHint(50,24);">Accept DNS Configuration</a></th>
<td>
<select name="vpn_client_adns" class="input_option">
<option value="0" <% nvram_match("vpn_client_adns","0","selected"); %> >Disabled</option>
<option value="1" <% nvram_match("vpn_client_adns","1","selected"); %> >Relaxed</option>
<option value="2" <% nvram_match("vpn_client_adns","2","selected"); %> >Strict</option>
<option value="3" <% nvram_match("vpn_client_adns","3","selected"); %> >Exclusive</option>
</select>
</td>
</tr>
<tr id="client_bridge">
<th>Server is on the same subnet</th>
<td>
Expand Down Expand Up @@ -1067,6 +1058,32 @@ function refreshVPNIP() {
<input type="text" maxlength="15" class="input_15_table" name="vpn_client_nm" onkeypress="return validator.isIPAddr(this, event);" value="<% nvram_get("vpn_client_nm"); %>">
</td>
</tr>
<tr id="client_adns">
<th><a class="hintstyle" href="javascript:void(0);" onClick="openHint(50,24);">Accept DNS Configuration</a></th>
<td>
<select name="vpn_client_adns" class="input_option">
<option value="0" <% nvram_match("vpn_client_adns","0","selected"); %> >Disabled</option>
<option value="1" <% nvram_match("vpn_client_adns","1","selected"); %> >Relaxed</option>
<option value="2" <% nvram_match("vpn_client_adns","2","selected"); %> >Strict</option>
<option value="3" <% nvram_match("vpn_client_adns","3","selected"); %> >Exclusive</option>
</select>
</td>
</tr>
<tr>
<th><a class="hintstyle" href="javascript:void(0);" onClick="openHint(50,19);">Redirect Internet traffic through tunnel</a></th>
<td colspan="2">
<select name="vpn_client_rgw" class="input_option" onChange="update_visibility();">
</select>
<label style="padding-left:3em;" id="client_gateway_label">Gateway:</label><input type="text" maxlength="15" class="input_15_table" id="vpn_client_gw" name="vpn_client_gw" onkeypress="return validator.isIPAddr(this, event);" value="<% nvram_get("vpn_client_gw"); %>">
</td>
</tr>
<tr id="client_enforce">
<th>Killswitch - Block routed clients if tunnel goes down</th>
<td>
<input type="radio" name="vpn_client_enforce" class="input" value="1" <% nvram_match_x("", "vpn_client_enforce", "1", "checked"); %>><#checkbox_Yes#>
<input type="radio" name="vpn_client_enforce" class="input" value="0" <% nvram_match_x("", "vpn_client_enforce", "0", "checked"); %>><#checkbox_No#>
</td>
</tr>
</table>

<table width="100%" border="1" align="center" cellpadding="4" cellspacing="0" bordercolor="#6b8fa3" class="FormTable">
Expand Down Expand Up @@ -1215,21 +1232,6 @@ function refreshVPNIP() {
<label style="padding-left:3em;" id="client_cn_label">Value:</label><input type="text" maxlength="255" class="input_22_table" id="vpn_client_cn" name="vpn_client_cn" value="<% nvram_get("vpn_client_cn"); %>">
</td>
</tr>
<tr>
<th><a class="hintstyle" href="javascript:void(0);" onClick="openHint(50,19);">Redirect Internet traffic through tunnel</a></th>
<td colspan="2">
<select name="vpn_client_rgw" class="input_option" onChange="update_visibility();">
</select>
<label style="padding-left:3em;" id="client_gateway_label">Gateway:</label><input type="text" maxlength="15" class="input_15_table" id="vpn_client_gw" name="vpn_client_gw" onkeypress="return validator.isIPAddr(this, event);" value="<% nvram_get("vpn_client_gw"); %>">
</td>
</tr>
<tr id="client_enforce">
<th>Killswitch - Block routed clients if tunnel goes down</th>
<td>
<input type="radio" name="vpn_client_enforce" class="input" value="1" <% nvram_match_x("", "vpn_client_enforce", "1", "checked"); %>><#checkbox_Yes#>
<input type="radio" name="vpn_client_enforce" class="input" value="0" <% nvram_match_x("", "vpn_client_enforce", "0", "checked"); %>><#checkbox_No#>
</td>
</tr>
</table>

<table id="selectiveTable" width="100%" border="1" align="center" cellpadding="4" cellspacing="0" class="FormTable_table" style="margin-top:8px;">
Expand Down

0 comments on commit 258b5c8

Please sign in to comment.