Ostatnio Na Forum
Polityka prywatności

Portal openrouter.info stosuje pliki cookies ("ciasteczka") pozwalające na dostosowanie zawartości portalu do indywidualnych potrzeb. Korzystanie z portalu bez zmiany ustawień dotyczących ciasteczek oznacza akceptację umieszczenia ich na urządzenia użytkownika. Zmianę ustawień pliku ciasteczek można wykonać zmieniając opcję w ustawieniach przeglądarki internetowej. Więcej informacji można znaleźć w Polityce prywatności.

OpenWrt 21.02-rc2

Dostępna jest następna wersją kandydująca OpenWrt oznaczona jako 21.02-rc2. Dla niektórych niespodzianką może być zmiana składni pliku konfiguracyjnego sieci, ale deweloperzy zdecydowali się przenieść to już teraz z wersji rozwojowej OpenWrt, dołączając także odpowiednie zmiany w LuCI.
Poniżej informacja o wydaniu (EN):

Cytuj:
The OpenWrt community is proud to announce the second release candidate of the upcoming OpenWrt 21.02 stable version series. It incorporates over 5800 commits since branching the previous OpenWrt 19.07 release and has been under development for about one and a half year.


Changes between OpenWrt 21.02.0-rc1 and 21.02.0-rc2


New network configuration syntax

There have been several changes to the network configuration syntax in /etc/config/network:

* in config interface, option ifname has been renamed to device (since it refers to a device section)
* in config device of type bridge, ifname has been renamed to ports
* for new installs, the generated configuration now creates separate sections for layer 2 (config device) and layer 3 (config interface) configuration

The old syntax is still supported to facilitate transition, and there is no automated migration when upgrading.

However, the LuCI web interface detects old-style configuration and will propose to migrate it to the new syntax. This is necessary to be able to edit network configuration through LuCI.

The new configuration style looks like this:
--------------------------------------------------------------------------
config device
option name 'br-lan'
option type 'bridge'
option macaddr '00:01:02:XX:XX:XX'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'

config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'

config device
option name 'eth1'
option macaddr '00:01:02:YY:YY:YY'

config interface 'wan'
option device 'eth1'
option proto 'dhcp'

config interface 'wan6'
option device 'eth1'
option proto 'dhcpv6'
--------------------------------------------------------------------------
This example uses DSA with lanX interface names. A non-DSA device would use more classical ethX interface names.


LuCI update

LuCI has been updated to support the most recent network syntax (and migrate old config files if needed). In some cases migration will take 2 steps.

Support for configuring devices (config device UCI sections) was added.
It can be used for setting layer 2 options (like MTU and MAC address).
It also supports bridge devices (including VLAN tagging).


LuCI HTTPS

LuCI is now available over HTTPS in addition to HTTP in the default images.
After an upgrade from OpenWrt 19.07 to OpenWrt 21.02 unencrypted HTTP requests are redirected to HTTPS. On fresh OpenWrt 21.02 installations they are not edirected. Deactivate the redirect to HTTPS like this:
--------------------------------------------------------------------------
uci set uhttpd.main.redirect_https=0
uci commit uhttpd
service uhttpd reload
--------------------------------------------------------------------------


Software updates

* Linux kernel updated to version 5.4.119 (from 5.4.111 in v21.02.0-rc1)
* mac80211 updated to version 5.10.34-1 (from 5.10.16-1 in v21.02.0-rc1)
* mac80211 backport upstream fixes for the new FragAttacks vulnerabilities in 802.11
* mt76 updated to latest version
* dnsmasq updated to version 2.85 (from 2.84 in v21.02.0-rc1)
* busybox updated to version 1.33.1 (from 1.33.0 in v21.02.0-rc1)

Misc changes

* Linux kernel fix parsing fixed subpartitions
* Linux kernel Activate FORTIFY_SOURCE for MIPS kernel 5.4
* busybox add SRV support to nslookup_lede.c patch
* busybox disable PREFER_IPV4_ADDRESS
* openwrt-keyring only copy sign key for 21.02
* sdk, imagebuilder unset BINARY_FOLDER and DOWNLOAD_FOLDER in final archives
* uqmi fix network registration loop

Device support

* Lantiq DSL multiple backports for DSL statistics
* New devices MikroTik SXTsq 5 ac, MikroTik hAP ac2
* Device fixes for ALFA Network devices, Youku YK1, TP-Link AD7200, TP-Link EAP-225, TP-Link TL-WR810N v1, MikroTik RB922UAGS-5HPaCD


Known issues

* LuCI network migration tool doesn't migrate custom bridge MAC addresses. Custom device MAC has to be set again manually.


Full release notes and upgrade instructions are available at https://openwrt.org/releases/21.02/notes-21.02.0-rc2

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/21.02/note ... own_issues

For a detailed list of all changes since 21.02.0-rc1, refer to https://openwrt.org/releases/21.02/chan ... 1.02.0-rc2

To download the 21.02.0-rc2 images, navigate to: https://downloads.openwrt.org/releases/21.02.0-rc2/

  Więcej na forum…  

OpenWrt 21.02.0-rc1

Wiele miesięcy musieliśmy czekać na kolejne wydanie stabilne OpenWrt i oto jest: świeże wydanie kandydujące oznaczone 21.02.0-rc1. Największymi zmianami są chyba wprowadzenie domyślnie obsługi https oraz WPA3, niesamowita ilość poprawek i dużo aktualizacji pakietów.

Informacje o wydaniu poniżej (EN):

Cytuj:
The OpenWrt community is proud to announce the first release candidate of the upcoming OpenWrt 21.02 stable version series. It incorporates over 5800 commits since branching the previous OpenWrt 19.07 release and has been under development for about one and a half year.


WPA3 support included by default

WPA3 was already supported in 19.07 but it was not provided by the default set of packages in OpenWrt images. With 21.02, all packages necessary to provide WPA3 are installed by default in OpenWrt images.


TLS and HTTPS support included by default

TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that wget and opkg now support fetching resources over HTTPS out-of-the-box. The opkg download server is accessed through HTTPS by default. OpenWrt switched from mbed TLS to wolfSSL as the default SSL library, mbed TLS and OpenSSL are still available and can be installed manually.


Initial DSA support

DSA stands for Distributed Switch Architecture and is the Linux standard to deal with configurable Ethernet switches. OpenWrt 21.02 comes with initial support for DSA, which replaces the swconfig system that OpenWrt was using up until now. Not all targets have been ported: some devices still use swconfig while some devices already switched to DSA. This is a significant change to how switch ports and VLANs are managed. As such, sysupgrade will not be able to convert existing swconfig configuration to DSA configuration (see ?Upgrading? below).

The following targets are using a switch managed with DSA in OpenWrt 21.02:
* ath79 (only TP-Link TL-WR941ND)
* bcm4908
* gemini
* kirkwood
* mediatek (most boards)
* mvebu
* octeon
* ramips/mt7621
* realtek


Increased minimum hardware requirements: 8 MB flash, 64 MB RAM

Due to new features being introduced and the general size increase of the Linux kernel, devices now need at least 8 MB of flash and 64 MB of RAM to run a default build of OpenWrt.It is still possible to build custom OpenWrt images (e.g. using the ImageBuilder) that may fit devices with 4 MB of flash or 32 MB of RAM. However, the level of functionality will be reduced and there is no guarantee to stability. See OpenWrt on 4/32 devices for more details and guidance.


New hardware targets

A new realtek target has been added, which is often found in managed switches. As a result, it is now possible to run OpenWrt on devices with a significant number of Ethernet ports. See supported devices for realtek. In addition, new bcm4908 and rockchip targets have been added. Support for many new boards was added to the existing targets.


Dropped hardware targets

The ar71xx was deprecated in OpenWrt 19.07 and was gradually replaced by ath79, see ar71xx-ath79 migration. With OpenWrt 21.02, the ar71xx has been removed and users must use ath79 instead. If you are still running with the ar71xx target, it is recommended to reinstall OpenWrt 21.02 from scratch. Users already on the ath79 target can use sysupgrade to upgrade to OpenWrt 21.02.
Other targets were also removed: cns3xxx, rb532 and samsung.


ASLR activated

Network exposed user space applications are linked as position-independent executable (PIE) to allow full Address Space Layout
Randomization (ASLR) support. This makes it harder for attackers to exploit OpenWrt. See Hardening build options for more details.


Kernel with container support

Multiple Linux kernel compile options, needed for Linux Containers (LXC) and procd-ujail are activated by default for most targets. This allows to use LXC and ujail with the normal release builds.


SELinux support

It is possible to compile OpenWrt with SELinux support. This is currently not activated by default.


Core components update

Core components have the following versions in 21.02.0-rc1:
- Updated toolchain:
* musl libc 1.1.24
* glibc 2.33
* gcc 8.4.0
* binutils 2.35.1
- Updated Linux kernel
* 5.4.111 for all targets
- Network:
* hostapd 2020-06-08, dnsmasq 2.84, dropbear 2020.81
* cfg80211/mac80211 from kernel 5.10.16
* wireguard backport from upstream Linux kernel
- System userland:
* busybox 1.33.0

In addition to the listed applications, many others were also updated.


Upgrading to 21.02.0-rc1

Sysupgrade can be used to upgrade a device from 19.07 to 21.02, and configuration will be preserved in most cases.

Sysupgrade from 18.06 to 21.02 is not supported.

There is no migration path for targets that switched from swconfig to DSA. In that case, sysupgrade will refuse to proceed with an appropriate error message:
Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed

The default root file system partition size changed for targets/devices relying on booting from mass storage (HDD, USB flash, SD card, etc.), so MBR will change and any additional partition will be deleted when sysupgrading.


Known issues

* DSA support is new and might not be complete or fully working
* The LuCI web interface has no support for DSA yet
* LuCI writes unnecessary IPv6 RA options to /etc/config/dhcp if the user edits interface's DHCP settings. This could prevent client IPv6 connectivity.
* Update luci-mod-network to git-21.107.58557 or later to fix this problem


Full release notes and upgrade instructions are available at https://openwrt.org/releases/21.02/notes-21.02.0-rc1

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/21.02/note ... own_issues

For a very detailed list of all changes since 19.07, refer to https://openwrt.org/releases/21.02/chan ... 1.02.0-rc1

To download the v21.02.0-rc1 images, navigate to: https://downloads.openwrt.org/releases/21.02.0-rc1/

- ---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact


As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  

OpenWrt 19.07.7

Została wydana kolejna wersja poprawkowa OpenWrt oznaczona numerem 19.07.7. Jak zwykle dotyczy ona poprawek bezpieczeństwa i stabilności systemu.

Cytuj:
The OpenWrt community is proud to announce the seventh service release of OpenWrt 19.07. It fixes security issues, improves device support, and brings a few bug fixes.

The main changes from OpenWrt 19.07.6 are:

Security fixes
==============

* Security Advisory 2021-02-02-1 - netifd and odhcp6c routing loop on IPv6 point to point links (CVE-2021-22161)

* Security Advisory 2021-02-02-2 - wolfSSL heap buffer overflow in RsaPad_PSS (CVE-2020-36177)

Major bug fixes
===============

* Fix dnsmasq error messages such as "failed to send packet: Network unreachable" or "failed to send packet: Address family not supported by protocol" that could be filling up logs. This was a regression caused by the dnsmasq update in 19.07.6.

* Fix opkg so that it purges obsolete packages from its local cache. This fixes a long-standing issue in the ImageBuilder where a manual cleanup was needed before rebuilding.

Device support
==============

* Improve stability of mediatek Ethernet switch (affects many mt7621 devices)

* Fix Wi-Fi band detection on some Broadcom-based devices

* Fix poor 2.4 GHz Wi-Fi performance on TP-Link Archer C50 v4 due to a missing EEPROM chip ID

* Make initramfs image usable out-of-the-box on Turris Omnia

* Use full flash size on Nucom R5010UN v2

* Fix support for TP-Link TL-WR810N v1 in ath79

* Remove broken factory image for TP-Link Archer C2 v1

* Fix unintended failsafe mode during boot on Netgear EX6150

Various fixes and improvements
==============================

* The ImageBuilder no longer requires compilers (gcc, g++) and libncurses-dev. This was partially implemented in 19.07.6 but one part was missing to make it actually work.

* Update to a new major version of ksmbd to fix several bugs. This breaks compatibility with previous versions of OpenWrt (19.07.0 to 19.07.6): it is no longer possible to install a working version of ksmbd-tools on previous versions of OpenWrt. Existing installations will keep working, but ksmbd-tools should not be upgraded with opkg.

Unfortunately, this ksmbd update introduced a regression: the kernel module package for ksmbd depends on the non-existant kmod-crypto-arc4. If you are affected by this issue, see https://openwrt.org/releases/19.07/note ... egressions for a workaround.

LuCI web interface
==================

* Fix array sorting on Chrome
* Add nextdns.io and quad 101 providers to luci-app-https-dns-proxy package

Core components
===============

* Update Linux kernel from 4.14.215 to 4.14.221

* Update wolfssl from 4.5.0 to 4.6.0


Full release notes and upgrade instructions are available at https://openwrt.org/releases/19.07/notes-19.07.7

In particular, make sure to read the regressions and known issues before upgrading:
https://openwrt.org/releases/19.07/note ... egressions

For a very detailed list of all changes since 19.07.6, refer to https://openwrt.org/releases/19.07/changelog-19.07.7

For latest information about the 19.07 series, refer to the wiki at: https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.7 firmware image for your device, head to the Table of Hardware:
https://openwrt.org/toh/start

Or use the new firmware selector: https://firmware-selector.openwrt.org/

You can also navigate directly in the list of firmware images: https://downloads.openwrt.org/releases/19.07.6/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

  Więcej na forum…  

OpenWrt 19.07.6

Wydano OpenWrt 19.07.6. Głównym powodem stworzenia nowego wydania było znalezienie poważnych problemów w lokalnym serwerze dns i dhcp - dnsmasq.

Poniżej informacja o wydaniu [EN]

Cytuj:
The OpenWrt community is proud to announce the sixth service release of OpenWrt 19.07. It focuses on fixing several security issues.

Main changes from OpenWrt 19.07.5

Security fixes
* Security Advisory 2021-01-19-1 - dnsmasq multiple vulnerabilities CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686)
* openssl: NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS attack. (CVE-2020-1971)

Note: security fixes for most packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade. This can be done with opkg update; opkg upgrade the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 19.07.6 or later versions whenever possible.

Major bug fixes
* Fix iOS 14 tethering problem

Device support
* Enable LED VCC for Asus RT-AC51U

LuCI web interface
* luci-mod-system: properly handle SSH pubkeys with options (GH#4684)
* luci-mod-network: properly handle wireless netdevs when creating interfaces
* Update translations from weblate

Core components
* Update Linux kernel from 4.14.209 to 4.14.215
* Update mac80211 and wifi drivers from 4.19.137-1 to 4.19.161-1
* Update wireless-regdb from 2019.06.03 to 2020.11.20
* Update mbedtls from 2.16.8 to 2.16.9
* Update openssl from 1.1.1h to 1.1.1i

Full release notes and upgrade instructions are available at https://openwrt.org/releases/19.07/notes-19.07.6

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/19.07/note ... egressions

For a very detailed list of all changes since 19.07.5, refer to https://openwrt.org/releases/19.07/changelog-19.07.6

- ---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

- ---

For latest information about the 19.07 series, refer to the wiki at: https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.6 firmware image for your device, head to the Table of Hardware: https://openwrt.org/toh/start

Or navigate directly in the list of firmware images: https://downloads.openwrt.org/releases/19.07.6/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  

OpenWrt 19.07.5

Dostępne jest nowe wydanie linii stabilnej OpenWrt 19.07.5. Poprawiono kilka rzeczy związanych z bezpieczeństwem (m.in bibliotekę systemową musl), dlatego też zaleca się aktualizację systemu do najnowszej dostępnej wersji.

Informacje o wydaniu (EN):

Cytuj:
The OpenWrt community is proud to announce the fifth service release of OpenWrt 19.07. It focuses on fixing several regression as well as security issues.

Main changes from OpenWrt 19.07.4

Security fixes
* Security Advisory 2020-12-09-2 - libuci import heap use after free (CVE-2020-28951)
* Security Advisory 2020-12-09-1 - Linux kernel - ICMP rate limiting can be used to facilitate DNS poisoning attack (CVE-2020-25705)
* musl: fix possible destination buffer overflow in some applications (CVE-2020-28928)

Note: security fixes for most packages can also be applied by upgrading only the affected packages on running devices, without the need for a full firmware upgrade. This can be done with opkg update; opkg upgrade the_package_name or through the LuCI web interface.

Nevertheless, we encourage all users to upgrade their devices to OpenWrt 19.07.5 or later versions whenever possible.

Major bug fixes
* Fix regression in 19.07.4 causing transmit timeout and packet loss on mt7620 devices: FS#3332
* Fix regression in 19.07.4 where VLAN tagging no longer works on ipq40xx devices: FS#3239
* Fix long-standing instability issue on Ethernet link on several ath79 devices: FS#2216, FS#2730, FS#3225

Device support
* Various fixes for My Net Range Extender, PowerCloud Systems CAP324, D-Link DIR-645, Quad-E4G
* Support newer version of Turris Omnia
* Fix ath9k firmware extraction for UniFi AP
* Fix MAC address assignment on UniFi AC family (UniFi AC Mesh, UniFi AC LR, UniFi Lite)
* Allow booting espressobin with a mainline firmware

Various fixes and improvements
* Fix support for 3G USB modems
* uhttpd: fix spurious keepalive connection timeouts
* firewall: fix parsing of boolean attributes
* mac80211: do not allow bigger VHT MPDUs than the hardware supports

LuCI web interface
* Set the fallback default of rollback timeout to 90s
* luci-app-firewall: fix removing networks from zone (GH#4523, GH#4573)
* rpcd-mod-luci: handle lease files from all dnsmasq/odhcpd sections (GH#911, GH#4303, GH#4308)
* luci-app-firewall: rules: add ICMPv6 Packet Too Big (Type 2)
* Update translations from weblate

Core components
* Update Linux kernel from 4.14.195 to 4.14.209
* Update intel-microcode from 20190918 to 20200616
* Update amd-microcode from 20180524 to 20191218


Full release notes and upgrade instructions are available at https://openwrt.org/releases/19.07/notes-19.07.5

In particular, make sure to read the regressions and known issues before upgrading: https://openwrt.org/releases/19.07/note ... egressions

For a very detailed list of all changes since 19.07.4, refer to https://openwrt.org/releases/19.07/changelog-19.07.5

- ---

To stay informed of new OpenWrt releases and security advisories, there are new channels available:

* a low-volume mailing list for important announcements: https://lists.openwrt.org/mailman/listi ... t-announce

* a dedicated "announcements" section in the forum: https://forum.openwrt.org/c/announcements/14

* other announcement channels (such as RSS feeds) might be added in the future, they will be listed at https://openwrt.org/contact

- ---

For latest information about the 19.07 series, refer to the wiki at: https://openwrt.org/releases/19.07/

To download a OpenWrt 19.07.5 firmware image for your device, head to the Table of Hardware: https://openwrt.org/toh/start

Or navigate directly in the list of firmware images: https://downloads.openwrt.org/releases/19.07.5/targets/

As always, a big thank you goes to all our active package maintainers, testers, documenters, and supporters.

Have fun!

The OpenWrt Community

  Więcej na forum…  
Starsze wiadomości  
designed by digi-led.pl
góra
...Copyright © 2010-2017, Ekipa openrouter.info