[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3a924196805eb3a0a93006b316583609d7e8148b - IPFire-SCM

5 Nov 2024

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
       via  3a924196805eb3a0a93006b316583609d7e8148b (commit)
       via  e595fa11768287b239d049346b6370a0fa23fd3e (commit)
       via  131bcfa999179f58b8d44d871b299747607286be (commit)
       via  a81eefa265610d4129961979182bf8a8bb6230f9 (commit)
       via  17a9ad2f52e908c82929a5907f9e436b552c2ef0 (commit)
       via  74849f68c9bdc827452957a67e30bbd462494a3d (commit)
       via  c6282b001bd2723f554e77f51f224adce5be4156 (commit)
      from  7350feee58b0e190c9a07b1b65580e730053878e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3a924196805eb3a0a93006b316583609d7e8148b
Author: Arne Fitzenreiter arne_f@ipfire.org
Date:   Tue Nov 5 09:13:56 2024 +0100
core190: ship unbound-dhcp-leases-bridge
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit e595fa11768287b239d049346b6370a0fa23fd3e
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Oct 21 16:38:49 2024 +0000
unbound-dhcp-leases-bridge: Fix expiry check on leases
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
    Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 131bcfa999179f58b8d44d871b299747607286be
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Oct 21 16:38:48 2024 +0000
unbound-dhcp-leases-bridge: Don't overwrite static leases
When we import all static leases, their remark will be used as hostname
    (because WTF?) and might be overwritten if the device is not sending any
    or even the same hostname.
This patch avoids that static leases will be modified.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
    Reviewed-by: Bernhard Bitsch bbitsch@ipfire.org
    Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit a81eefa265610d4129961979182bf8a8bb6230f9
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Oct 21 16:38:47 2024 +0000
unbound-dhcp-leases-bridge: Fix typo
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
    Reviewed-by: Bernhard Bitsch bbitsch@ipfire.org
    Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 17a9ad2f52e908c82929a5907f9e436b552c2ef0
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Oct 21 16:38:46 2024 +0000
unbound-dhcp-leases-bridge: Don't export expired leases to Unbound
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
    Reviewed-by: Bernhard Bitsch bbitsch@ipfire.org
    Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 74849f68c9bdc827452957a67e30bbd462494a3d
Author: Arne Fitzenreiter arne_f@ipfire.org
Date:   Tue Nov 5 09:10:01 2024 +0100
core190: ship dhcp client changes
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit c6282b001bd2723f554e77f51f224adce5be4156
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Wed Oct 16 10:47:17 2024 +0000
networking: Allow changing DHCP Option Rapid Commit
This option needs to be configurable since some (braindead) ISPs have
    started running broken DHCP servers to be bug-compatible with cheap
    broken plastic routers.
By default we keep this option enabled, but it can now be turned off
    whenever needed.
Suggested-by: Adolf Belka adolf.belka@ipfire.org
    Signed-off-by: Michael Tremer michael.tremer@ipfire.org
    Tested-by: Adolf Belka adolf.belka@ipfire.org
    Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
-----------------------------------------------------------------------
Summary of changes:
 config/dhcpc/dhcpcd.conf                  |  5 ----
 config/rootfiles/core/190/filelists/files |  4 +++
 config/unbound/unbound-dhcp-leases-bridge | 18 ++++++++----
 src/initscripts/networking/red            | 13 ++++++++-
 src/setup/netstuff.c                      | 47 +++++++++++++++++++++++++------
 5 files changed, 66 insertions(+), 21 deletions(-)
Difference in files:

diff --git a/config/dhcpc/dhcpcd.conf b/config/dhcpc/dhcpcd.conf
index 062e3c975b..b46c85caba 100644
--- a/config/dhcpc/dhcpcd.conf
+++ b/config/dhcpc/dhcpcd.conf
@@ -37,11 +37,6 @@ option host_name
 # Most distributions have NTP support.
 option ntp_servers
-# Rapid commit support.
-# Safe to enable by default because it requires the equivalent option set
-# on the server to actually work.
-option rapid_commit
-
 # A ServerID is required by RFC2131.
 require dhcp_server_identifier
diff --git a/config/rootfiles/core/190/filelists/files b/config/rootfiles/core/190/filelists/files
index 4b65efd1d7..f25c5f8577 100644
--- a/config/rootfiles/core/190/filelists/files
+++ b/config/rootfiles/core/190/filelists/files
@@ -11,6 +11,7 @@ etc/rc.d/init.d/cleanfs
 etc/rc.d/init.d/collectd
 etc/rc.d/init.d/firewall
 etc/rc.d/init.d/networking/functions.network
+etc/rc.d/init.d/networking/red
 etc/rc.d/init.d/squid
 etc/rc.d/init.d/suricata
 lib/udev/network-hotplug-bridges
@@ -25,6 +26,9 @@ usr/lib/firewall/rules.pl
 usr/lib/perl5/5.36.0/xxxMACHINExxx-linux-thread-multi/Compress/Raw/Zlib.pm
 usr/local/bin/openvpnctrl
 usr/local/bin/sshctrl
+usr/sbin/unbound-dhcp-leases-bridge
+usr/sbin/setup
 var/ipfire/backup/include
+var/ipfire/dhcpc/dhcpcd.conf
 var/ipfire/graphs.pl
 var/ipfire/network-functions.pl
diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge
index 986fae2d24..4a6f9587f8 100644
--- a/config/unbound/unbound-dhcp-leases-bridge
+++ b/config/unbound/unbound-dhcp-leases-bridge
@@ -216,6 +216,11 @@ class UnboundDHCPLeasesBridge(object):
    		# Find the old lease
    		old_lease = self._find_lease(address)
+			# Don't update fixed leases as they might clear the hostname
+			if old_lease and old_lease.fixed:
+				log.debug("Won't update fixed lease %s" % old_lease)
+				return
+
    		# Create a new lease
    		lease = Lease(address, {
    			"client-hostname" : name,
@@ -276,12 +281,12 @@ class UnboundDHCPLeasesBridge(object):
    			if lease.has_expired():
    				log.debug("    Expired")
-		self.unbound.update_dhcp_leases(self.leases)
+		self.unbound.update_dhcp_leases([l for l in self.leases if not l.has_expired()])
def _add_lease(self, lease):
-		# Skip leases without an FQDN
+		# Skip leases without a FQDN
    	if not lease.fqdn:
-			log.debug("Skipping lease without an FQDN: %s" % lease)
+			log.debug("Skipping lease without a FQDN: %s" % lease)
    		return
# Skip any leases that also are a static host
@@ -581,19 +586,20 @@ class FixLeases(object):
    				"client-hostname" : hostname,
    				"starts"          : now.strftime("%w %Y/%m/%d %H:%M:%S"),
    				"ends"            : "never",
-				})
+				}, fixed=True)
    			leases.append(l)
return leases
class Lease(object):
-	def __init__(self, ipaddr, properties):
+	def __init__(self, ipaddr, properties, fixed=False):
    	if not isinstance(ipaddr, ipaddress.IPv4Address):
    		ipaddr = ipaddress.IPv4Address(ipaddr)
self.ipaddr = ipaddr
    	self._properties = properties
+		self.fixed = fixed
def __repr__(self):
    	return "<%s for %s (%s)>" % (self.__class__.__name__, self.ipaddr, self.hostname)
@@ -711,7 +717,7 @@ class Lease(object):
    	if not self.time_ends:
    		return self.time_starts > datetime.datetime.utcnow()
-		return self.time_starts > datetime.datetime.utcnow() > self.time_ends
+		return not self.time_starts < datetime.datetime.utcnow() < self.time_ends
@property
    def rrset(self):
diff --git a/src/initscripts/networking/red b/src/initscripts/networking/red
index 34ee8cc581..72b9bf0cf3 100644
--- a/src/initscripts/networking/red
+++ b/src/initscripts/networking/red
@@ -171,9 +171,20 @@ case "${1}" in
    		# To determine this we check if a wpa_supplicant is running.
    		pid="$(pidof wpa_supplicant)"
+			DHCPCD_ARGS=()
+
+			# Enable Rapid Commit (enabled by default)
+			case "${RED_DHCP_RAPID_COMMIT}" in
+				""|yes|true|on)
+					DHCPCD_ARGS+=( "--option" "rapid_commit" )
+					;;
+			esac
+
+			echo dhcpcd_start "${DEVICE}" "${DHCPCD_ARGS[@]}"
+
    		if [ -z "${pid}" ]; then
    			# No wpa_supplicant is running. So it's save to start dhcpcd.
-				dhcpcd_start "${DEVICE}"
+				dhcpcd_start "${DEVICE}" "${DHCPCD_ARGS[@]}"
    		fi
elif [ "$TYPE" == "PPPOE" ]; then
diff --git a/src/setup/netstuff.c b/src/setup/netstuff.c
index 60e27242ff..602ef97f5f 100644
--- a/src/setup/netstuff.c
+++ b/src/setup/netstuff.c
@@ -37,6 +37,7 @@ newtComponent dhcptyperadio;
 newtComponent pppoetyperadio;
 newtComponent dhcphostnameentry;
 newtComponent dhcpforcemtuentry;
+newtComponent dhcprapidcommitentry;
/* acceptable character filter for IP and netmaks entry boxes */
 static int ip_input_filter(newtComponent entry, void * data, int ch, int cursor)
@@ -64,6 +65,7 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    newtComponent gatewaylabel;
    newtComponent dhcphostnamelabel;
    newtComponent dhcpforcemtulabel;
+	newtComponent dhcprapidcommitlabel;
    newtComponent ok, cancel;	
    char message[1000];
    char temp[STRING_SIZE];
@@ -73,6 +75,8 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    char typefield[STRING_SIZE];
    char dhcphostnamefield[STRING_SIZE];
    char dhcpforcemtufield[STRING_SIZE];
+	char dhcprapidcommitfield[STRING_SIZE];
+	char enablerapidcommit;
    int error;
    int result = 0;
    char type[STRING_SIZE];
@@ -88,9 +92,10 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    sprintf(typefield, "%s_TYPE", colour);
    sprintf(dhcphostnamefield, "%s_DHCP_HOSTNAME", colour);
    sprintf(dhcpforcemtufield, "%s_DHCP_FORCE_MTU", colour);
+	sprintf(dhcprapidcommitfield, "%s_DHCP_RAPID_COMMIT", colour);
    	
    sprintf(message, _("Interface - %s"), colour);
-	newtCenteredWindow(44, (typeflag ? 19 : 12), message);
+	newtCenteredWindow(44, (typeflag ? 20 : 12), message);
    
    networkform = newtForm(NULL, NULL, 0);
@@ -102,6 +107,15 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
     * of the window down two rows to make room. */
    if (typeflag)
    {
+		*temp = '\0';
+
+		// Find RapidCommit setting
+		findkey(kv, dhcprapidcommitfield, temp);
+		if (strcmp(temp, "yes") == 0 || strcmp(temp, "true") == 0 || strcmp(temp, "on") == 0 || strcmp(temp, "") == 0)
+			enablerapidcommit = '*';
+		else
+			enablerapidcommit = ' ';
+
    	strcpy(temp, "STATIC"); findkey(kv, typefield, temp);
    	if (strcmp(temp, "STATIC") == 0) startstatictype = 1;
    	if (strcmp(temp, "DHCP") == 0) startdhcptype = 1;
@@ -119,28 +133,35 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    	newtTextboxSetText(dhcphostnamelabel, _("DHCP Hostname:"));
    	dhcpforcemtulabel = newtTextbox(2, 9, 18, 1, 0);
    	newtTextboxSetText(dhcpforcemtulabel, _("Force DHCP MTU:"));
+		dhcprapidcommitlabel = newtTextbox(2, 10, 18, 1, 0);
+		newtTextboxSetText(dhcprapidcommitlabel, _("Rapid Commit:"));
    	strcpy(temp, defaultdhcphostname);
    	findkey(kv, dhcphostnamefield, temp);
    	dhcphostnameentry = newtEntry(20, 8, temp, 20, &dhcphostnameresult, 0);
    	strcpy(temp, "");
    	findkey(kv, dhcpforcemtufield, temp);
    	dhcpforcemtuentry = newtEntry(20, 9, temp, 20, &dhcpforcemturesult, 0);
+		dhcprapidcommitentry = newtCheckbox(20, 10, "", enablerapidcommit, " *", &enablerapidcommit);
+		newtComponentAddCallback(dhcprapidcommitentry, networkdialogcallbacktype, NULL);
    	newtFormAddComponent(networkform, dhcphostnamelabel);
    	newtFormAddComponent(networkform, dhcphostnameentry);
    	newtFormAddComponent(networkform, dhcpforcemtulabel);
    	newtFormAddComponent(networkform, dhcpforcemtuentry);
+		newtFormAddComponent(networkform, dhcprapidcommitlabel);
+		newtFormAddComponent(networkform, dhcprapidcommitentry);
    	if (startdhcptype == 0)
    		{
    			newtEntrySetFlags(dhcphostnameentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
    			newtEntrySetFlags(dhcpforcemtuentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
+				newtCheckboxSetFlags(dhcprapidcommitentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
    		}
    }
    /* Address */
-	addresslabel = newtTextbox(2, (typeflag ? 11 : 4) + 0, 18, 1, 0);
+	addresslabel = newtTextbox(2, (typeflag ? 12 : 4) + 0, 18, 1, 0);
    newtTextboxSetText(addresslabel, _("IP address:"));
    strcpy(temp, "");
    findkey(kv, addressfield, temp);
-	addressentry = newtEntry(20, (typeflag ? 11 : 4) + 0, temp, 20, &addressresult, 0);
+	addressentry = newtEntry(20, (typeflag ? 12 : 4) + 0, temp, 20, &addressresult, 0);
    newtEntrySetFilter(addressentry, ip_input_filter, NULL);
    if (typeflag == 1 && startstatictype == 0)
    	newtEntrySetFlags(addressentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
@@ -148,10 +169,10 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    newtFormAddComponent(networkform, addressentry);
    
    /* Netmask */
-	netmasklabel = newtTextbox(2, (typeflag ? 11 : 4) + 1, 18, 1, 0);
+	netmasklabel = newtTextbox(2, (typeflag ? 12 : 4) + 1, 18, 1, 0);
    newtTextboxSetText(netmasklabel, _("Network mask:"));
    strcpy(temp, "255.255.255.0"); findkey(kv, netmaskfield, temp);
-	netmaskentry = newtEntry(20, (typeflag ? 11 : 4) + 1, temp, 20, &netmaskresult, 0);
+	netmaskentry = newtEntry(20, (typeflag ? 12 : 4) + 1, temp, 20, &netmaskresult, 0);
    newtEntrySetFilter(netmaskentry, ip_input_filter, NULL);
    if (typeflag == 1 && startstatictype == 0) 
    	newtEntrySetFlags(netmaskentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
@@ -162,11 +183,11 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    if (typeflag)
    {
    	/* Gateway */
-		gatewaylabel = newtTextbox(2, (typeflag ? 11 : 4) + 2, 18, 1, 0);
+		gatewaylabel = newtTextbox(2, (typeflag ? 12 : 4) + 2, 18, 1, 0);
    	newtTextboxSetText(gatewaylabel, _("Gateway:"));
    	strcpy(temp, "");
    	findkey(kv, gatewayfield, temp);
-		gatewayentry = newtEntry(20, (typeflag ? 11 : 4) + 2, temp, 20, &gatewayresult, 0);
+		gatewayentry = newtEntry(20, (typeflag ? 12 : 4) + 2, temp, 20, &gatewayresult, 0);
    	newtEntrySetFilter(gatewayentry, ip_input_filter, NULL);
    	if (typeflag == 1 && startstatictype == 0)
    		newtEntrySetFlags(gatewayentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
@@ -175,8 +196,8 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    }
/* Buttons. */
-	ok = newtButton(8, (typeflag ? 15 : 7), _("OK"));
-	cancel = newtButton(26, (typeflag ? 15 : 7), _("Cancel"));
+	ok = newtButton(8, (typeflag ? 16 : 7), _("OK"));
+	cancel = newtButton(26, (typeflag ? 16 : 7), _("Cancel"));
newtFormAddComponents(networkform, ok, cancel, NULL);
@@ -237,6 +258,12 @@ int changeaddress(struct keyvalue *kv, char *colour, int typeflag,
    			{
    				replacekeyvalue(kv, dhcphostnamefield, dhcphostnameresult);
    				replacekeyvalue(kv, dhcpforcemtufield, dhcpforcemturesult);
+
+					if (enablerapidcommit == '*')
+						replacekeyvalue(kv, dhcprapidcommitfield, "on");
+					else
+						replacekeyvalue(kv, dhcprapidcommitfield, "off");
+
    				if (strcmp(type, "STATIC") != 0)
    				{
    					replacekeyvalue(kv, addressfield, "0.0.0.0");
@@ -352,11 +379,13 @@ void networkdialogcallbacktype(newtComponent cm, void *data)
    {
    	newtEntrySetFlags(dhcphostnameentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_RESET);
    	newtEntrySetFlags(dhcpforcemtuentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_RESET);
+		newtCheckboxSetFlags(dhcprapidcommitentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_RESET);
    }
    else
    {
    	newtEntrySetFlags(dhcphostnameentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);		
    	newtEntrySetFlags(dhcpforcemtuentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);		
+		newtCheckboxSetFlags(dhcprapidcommitentry, NEWT_FLAG_DISABLED, NEWT_FLAGS_SET);
    }
    newtRefresh();
    newtDrawForm(networkform);
hooks/post-receive
--
IPFire 2.x development tree

    