lordwelch/router7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
247 Commits 3 Branches 23 Tags
Commit Graph

38 Commits

Author SHA1 Message Date
Matt Layher
61174cde06
internal/netconfig: add missing error check 
Signed-off-by: Matt Layher <mdlayher@gmail.com>
 2020-05-09 17:04:31 -04:00
Michael Stapelberg
bfba9f17af netconfigd: collect all errors but keep going 2020-02-15 23:38:37 +01:00
Michael Stapelberg
96b626897a netconfigd: work not only with uplink0, but also eth0 and ens3 
This makes it possible to use netconfigd on gokrazy Raspberry Pi installations.
 2020-02-15 23:37:29 +01:00
Michael Stapelberg
ef60a01f3f netconfigd: continue if interfaces.json does not exist 2020-02-15 23:35:51 +01:00
Michael Stapelberg
3dad1e9a23 dhcp4: use the configured (not the current) MAC address 
This fixes a race where dhcp4 started before netconfigd had a chance to change
the hardware address on the uplink0 interface.

fiber7’s port security feature may result in an about hour-long internet outage
without this commit.
 2019-02-19 09:39:16 +01:00
Michael Stapelberg
8df6329209 use renameio to write files atomically 2019-01-06 15:25:33 +01:00
Michael Stapelberg
725262d376 netconfig: use sysctl format for easier copy&paste 2018-12-25 14:08:14 +01:00
Michael Stapelberg
ec4f1f4dc5 netconfig: implement WireGuard support 
To set up a tunnel, create a /perm/wireguard.json as illustrated in
netconfig_test.go, and don’t forget to adjust your /perm/interfaces.json with
the address configuration for the WireGuard tunnel.

Note that static routes cannot currently be configured, so the usefulness is
limited. If you have a use-case you’d like to see covered, please explain it in
https://github.com/rtr7/router7/issues/14
 2018-11-26 18:29:03 +01:00
Michael Stapelberg
2e8e0daa0a implement TCP MSS clamping (for non-ethernet uplinks) 
We didn’t have a need to clamp the TCP Maximum Segment Size (MSS) up until now,
because fiber7 uses an MTU of 1500.

Because Path MTU discovery is often broken on the internet, it’s best practice
to limit the Maximum Segment Size (MSS) of each TCP connection, achieving the
same effect (but only for TCP connections).

This change is beneficial when running router7 behind a non-ethernet uplink,
such as a Fritz!Box cable modem.

This has no adverse effect on fiber7: after clamping, the MSS is still 1440, as
without clamping.
 2018-10-22 18:54:25 +02:00
Michael Stapelberg
b03596f1c5 nftables: use stateful object counters 
This way, we can atomically get and reset them.

fixes https://github.com/rtr7/router7/issues/3
 2018-08-08 23:15:21 +02:00
Michael Stapelberg
daa14845ab netconfig: plug fd leak by closing the netlink handle 
fixes #4
 2018-07-22 23:07:23 +02:00
Michael Stapelberg
3282dc5675 netconfig: GetRule filtering is not supported by Linux 4.4.0 (trusty) 2018-07-14 20:53:15 +02:00
Michael Stapelberg
b347ed74c5 update import paths 2018-07-09 08:54:04 +02:00
Michael Stapelberg
ff7aa8f2cb add copyright notices 2018-06-28 20:08:23 +02:00
Michael Stapelberg
2b3cf0bf61 captured: use multilisten 2018-06-28 20:08:23 +02:00
Michael Stapelberg
4c7741a337 add backupd 2018-06-26 18:01:50 +02:00
Michael Stapelberg
60de127991 Describe all packages and binaries. 2018-06-25 20:12:51 +02:00
Michael Stapelberg
3886367a32 remove TODOs: the sysctls have reasonable defaults 2018-06-23 20:34:42 +02:00
Michael Stapelberg
bf2c12a69d netconfigd: export ipv4/ipv6 packet/bytes counters on :8066 2018-06-23 19:56:34 +02:00
Michael Stapelberg
37bf17e1b7 make binaries cope with Squashfs root 2018-06-22 17:59:23 +02:00
Michael Stapelberg
24e2d5de00 dnsd: serve prometheus metrics on port 8053 2018-06-18 08:04:56 +02:00
Michael Stapelberg
0e6add220c notify dyndns from netconfigd, i.e. _after_ applying addresses 2018-06-17 20:44:25 +02:00
Michael Stapelberg
a1c4d60666 netconfig: implement support for port ranges 2018-06-14 22:25:39 +02:00
Michael Stapelberg
390c2af7db netconfig: implement UDP port forwardings 2018-06-14 21:05:43 +02:00
Michael Stapelberg
fdd2201ef5 netconfig: prevent duplicate error messages 2018-06-14 18:28:40 +02:00
Michael Stapelberg
03b2345eb2 netconfig: flush nftables ruleset, replace DHCPv6 address 2018-06-14 08:27:08 +02:00
Michael Stapelberg
589e2ae43d netconfig: replace routes, not add 2018-06-12 09:29:53 +02:00
Michael Stapelberg
0152ef3601 netconfig: implement port forwardings 2018-06-05 08:51:51 +02:00
Michael Stapelberg
320ca04a2f netconfig: use oifname instead of oif 2018-06-05 08:48:30 +02:00
Michael Stapelberg
21ca224281 netconfig: switch from iptables to nft 2018-06-04 10:01:09 +02:00
Michael Stapelberg
1b004597c1 netconfig: implement spoof_hardware_addr for easier testing 2018-06-04 08:30:57 +02:00
Michael Stapelberg
2ef8bf6ea0 dnsd/dhcp4d: listen on configured address (not hard-coded) 2018-06-04 08:22:45 +02:00
Michael Stapelberg
763aa18a74 netconfig: write /etc/resolv.conf 2018-06-04 07:59:25 +02:00
Michael Stapelberg
48ddf81147 netconfig: apply IPv6 address to lan0, not uplink0 2018-06-03 20:35:41 +02:00
Michael Stapelberg
26a22667b2 netconfig: missing lease.json is no error 2018-06-02 17:38:17 +02:00
Michael Stapelberg
d343e06d81 netconfig: apply as much of the config as possible 2018-06-02 17:38:08 +02:00
Michael Stapelberg
fa626839b1 Working radvd 2018-05-28 09:53:54 +02:00
Michael Stapelberg
6b9ce5728a Initial commit 2018-05-27 17:30:42 +02:00