- Disable generate_psk by default to prevent issues with PSK roaming on VLANs
- Set message_exchange to 'ds' for SAE/WPA3 RADIUS roaming
Signed-off-by: John Crispin <john@phrozen.org>
creating a meshpoint interface with no batman-adv tunnel being present generates
an invalid configuration.
Signed-off-by: Aditya-Rai-25 <aditya21.rai@routerarchitects.com>
1. Extend ucentral schema & state for HaLow
2. Refine "system" into "sysinfo" to avoid confliction with system trace in state.uc
Fixes: WIFI-14436
Signed-off-by: Ian Chen <ian77_chen@accton.com>
This option specifies the maximum time (in seconds) a client can remain idle before it gets disconnected.
It can be configured under ssids in the config.
Signed-off-by: Venkat Chimata <venkata@shasta.cloud>
Add a new encryption type to specify MPSK AAA for 6GHz.
mpsk-radius encryption means:
- psk2-radius for 2.4GHz, 5GHz
- sae for 6GHz
Signed-off-by: Marek Kwaczynski <marek@shasta.cloud>
When configuring an SSID for 6G + 5G and/or 2G, it's possible to use
WPA3-Transition mode which is configured in the uCentral schema using
the 'sae-mixed' value. When this is converted into the UCI
configuration, the 6G PHY ssid entry must be configured for 'sae' while
the other band(s) stay with 'sae-mixed'
Signed-off-by: Paul White <paul@shasta.cloud>
When using dynamic (dhcp) addressing for IPv4, allow the vendor-class
and list of requested options to be configured, along with specific
defaults:
vendor-class default is "OpenLAN"
requested options default is [ 43, 60, 224 ]
These defaults enable support for cloud discovery FQDN (224) and the
DHCP-VSI feature (43, 60)
Fixes: WIFI-14271
Signed-off-by: Paul White <paul@shasta.cloud>
Do not validate encryption against bands supported by the phy, but
against the band in use by getting the cross-section of ssid bands and
phy bands.
Fixes no default wireless configuration being generated if the phy is
both 5G and 6G capable, as all 6G encryption constraints are applied
even if the radio isn't configured for the 6G band.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
We treated ssid.encryption.proto = "none" in validate_encryption() as no
encryption, we should do the same in match_ieee80211w().
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
In ethernet.uc, the section names are the same as that of interface names with . replaced by _
However name and ifname should still be the name with the . (dot). Fixed it.
Interface with _ in the name does n't exist
In ieee8021x.uc , auth and aut_vlan should be updated on the already created section in the network
and not on a new section. Otherwise a redundant device section would be created which is not correct.
Signed-off-by: Venkat Chimata <venkata@shasta.cloud>
Fixes WIFI-13641 : strict-forwarding for yuncore_fap655 and
other similar devices where the wan_port is on the switch.
Update the correct wan_port in /etc/config/event as part of the
configuration update.
Signed-off-by: joydeepbenison <joydeep.ghosh@benisontech.com>
Configure only the switch port for the WAN port instead of all Ethernet
ports. When adding a dynamic VLAN, it should be added to the WAN port
as tagged only, and not the LAN ports.
When LAN ports were included in the interface config, it resulted in
their switch ports also being added to event.swconfig.ports as well as
duplicating the CPU port for each LAN port. This also caused the
swconfig command to fail.
Config before the fix:
config config 'config'
list wan_port 'eth0.1'
option swconfig 'switch1'
list swconfig_ports '5t'
list swconfig_ports '6t'
list swconfig_ports '2t'
list swconfig_ports '6t'
list swconfig_ports '3t'
list swconfig_ports '6t'
list swconfig_ports '4t'
list swconfig_ports '6t'
Config after the fix:
config config 'config'
list wan_port 'eth0.1'
option swconfig 'switch1'
list swconfig_ports '5t'
list swconfig_ports '6t'
Signed-off-by: Paul White <paul@shasta.cloud>
