* fix ath11k reload issue
* drop patches that were used by data mode v0
* imporve maverick logging
* fix lldp on qca units
Signed-off-by: John Crispin <john@phrozen.org>
batman-adv is a layer 2 implementation of the B.A.T.M.A.N. (IV/V) algorithm.
The batmand is an old layer 3 implementation of the B.A.T.M.A.N. III
algorithm. The latter is not really useful when already using batman-adv on
top of the IBSS/meshpoint interfaces. And running layer 3 B.A.T.M.A.N. III
on top of layer 2 B.A.T.M.A.N. IV might lead to all kind of unexpected
behavior.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The batman-adv for non-802.11ax devices was a completely different one than
for 802.11ax devices. The latter is using a private copy because the QCA
kernel is extremely old and doesn't match the kernel from OpenWrt 21.02.
And the mac80211 version (and its backports/compat code) is not fully
compatible with the official one.
At least import the newest version from openwrt-routing openwrt-21.02 and
change to build against the special kernel and mac80211 version.
The used commit from openwrt-routing is 5d09821ed7c4 ("batman-adv: Always
send iface index+name in genlmsg")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The encrypted mesh interfaces need a wpa_supplicant which supports SAE.
This can be for example wpad-openssl or wpad-mesh-openssl. Otherwise
wpa_supplicant fails with on startup:
Line 7: invalid key_mgmt 'SAE'
Line 7: no key_mgmt values configured.
Line 7: failed to parse key_mgmt 'SAE'.
Line 8: too large mode (value=5 max_value=4)
Line 8: failed to parse mode '5'.
Line 9: unknown network field 'mesh_fwding'.
Line 18: failed to parse network block.
The correct package for this was already listed in the dependencies for
ucentral-ap and ucentral-ap-light. But this package conflicted with the
default package wpad and was therefore only build as optional package. The
wpad package must therefore be deselected before selecting
wpad(-mesh)-openssl.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The switch in the IPQ807x/IPQ60xx devices will automatically learn the mac
addresses behind a port. But it will not unlearn this entry when some mac
switches from the ethernet port to the CPU port. This will for example
happens when a device roams from on AP to another AP. At least when both
are APs are bridging the wifi traffic directly or indirectly (mesh) to the
same ethernet broadcast domain.
As result, the roaming device can no longer receive any ethernet packets
which the AP is expected to receive on the ethernet port. This state will
be kept for a couple of minutes until the entry in the FDB is dropped
automatically. But it is still possible for the wifi device to send data
via the ethernet during this whole time.
One solution is to just disable learning on all ports. The other option
would be to enable the qca bridge-mgr which takes care of gathering the
events from the bridge and forwards it to the qca-ssdk (to manipulate the
state of the switch). The latter option was chosen to follow the approach
which QCA is also using in their QSDK.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
* add freeradius wrapper package for gateway images
* pass version and hash in the firmware field
* update ucode to latest HEAD
Signed-off-by: John Crispin <john@phrozen.org>
* fix poco build on MIPS
* add certificate generation for the gateway package
I make vlan filtering work on mt7621
* add ucentral-gateway profile
* add ubnt_edgerouter-x profiles
Signed-off-by: John Crispin <john@phrozen.org>
* fix build dependency of ucentral-wifi
* update ucentral-schema, the radio channel was not getting applied
Signed-off-by: John Crispin <john@phrozen.org>
* rename eap6x0 to exxx7
* update schema
* update client
* update gateway
* update usteer
* implement all missing ucentral commands
* patch the led script to allow turning of all leds
Signed-off-by: John Crispin <john@phrozen.org>
* fix dhcpsnoop on ipq807x
* update ucentralgw
* add eap620/660 support
* add cigwf610d
* do not deploy a default ratelimit config
* add eap225 support
Signed-off-by: John Crispin <john@phrozen.org>
* add support for more commands
* add firstcontact support
* add pstore based crashlog support
* fix github workflow
* improve captive portal/guest support
Signed-off-by: John Crispin <john@phrozen.org>
* Gateway and client are now talking jsonrpc on the wire.
* update the datamodel to the latest version.
* add github workflow
* add zero touch on-boarding
Signed-off-by: John Crispin <john@phrozen.org>
