Hi everyone,
Le lundi 14 juillet 2014 à 22:17 +0900, Baptiste Jonglez a écrit :
> On Mon, Jul 14, 2014 at 02:38:16PM +0200, Steven Barth wrote:
> > Hi Baptiste,
> >
> > in general our current firewalling approach is to keep defaults for IPv4 and
> > IPv6 relatively close (not considering NAT here
Le mardi 15 juillet 2014 à 11:45 -0400, Aaron Z a écrit :
> - Original Message -
> On Monday, July 14, 2014 5:36:09 PM "Benjamin Cama" wrote:
> > Hi everyone,
> >
> > Le lundi 14 juillet 2014 à 22:17 +0900, Baptiste Jonglez a écrit :
> > > I&#x
Le mardi 15 juillet 2014 à 17:43 -0400, Justin Vallon a écrit :
> I don't think turning off the firewall is a sane default.
I don't advise to turn it off for everything. I am trying to find a good
compromise.
> Your
> arguments based on "global addressability" are false because IPv4 can be
> glob
Le mercredi 16 juillet 2014 à 10:53 +0200, Benjamin Cama a écrit :
> Well, if you didn't want them to be accessible, you have many
> possibilities: bind it on some non-global address (LL, ULA), restrict it
> locally (/etc/hosts.deny when appropriate, custom configuration that
>
Le mercredi 16 juillet 2014 à 15:58 -0400, Aaron Z a écrit :
> IMO, it comes down to trust:
> Do you trust that the people who made your NAS, blueray player, etc
> will release patches when exploits are found 3 years down the road? I
> don't.
> Do you trust that the people who made the firmware for
Le mercredi 16 juillet 2014 à 21:12 +0200, Sebastian Moeller a écrit :
> What is so wonderful about IPv6? Maleware surely will evolve quickly
> to take advantage of a dropped layer of defense…
“Layer of defense”? To most, it will just translate to a brick wall that
will have to be worked aro
Le mercredi 16 juillet 2014 à 21:12 +0200, Sebastian Moeller a écrit :
> What is so wonderful about IPv6? Maleware surely will evolve quickly
> to take advantage of a dropped layer of defense…
“Layer of defense”? To most, it will just translate to a brick wall that
will have to be worked aro
Hi Bill,
Le mercredi 16 juillet 2014 à 12:21 -0700, Bill Moffitt a écrit :
> All these routers today, of course, necessarily come NATted, meaning no
> ports are open to the Internet. Users are accustomed to being able to
> connect their computers to the router's network and be shielded from
> u
Le jeudi 17 juillet 2014 à 17:03 -0700, David Lang a écrit :
> But the reality is that hackers and worms have shown that leaving systems
> exposed to the Internet is just a Bad Idea.
Do you mean, all the hackers and worms we see today despite all these
systems being behind blocking firewalls and
Hi,
Sorry to hijack this thread, but this kind of problem is so often raised
here that I cannot help asking.
Le jeudi 11 octobre 2012 à 15:59 +0200, Florian Fainelli a écrit :
> That's not even your cross-gcc here, is it trying to build some host tool?
> If so you should also stage libffi into th
they are debian-standards but may not be
well fitted for openwrt
Signed-off-by: Benjamin Cama
---
Index: nginx/patches/002-sizeof_test_fix
===
--- nginx/patches/002-sizeof_test_fix (révision 0)
+++ nginx/patches/002-sizeof_test_fi
Le lundi 29 juin 2009 à 22:12 +0200, Benjamin Cama a écrit :
> +define Package/nginx
> + SECTION:=custom
> + CATEGORY:=Custom
Mmmhhh forgot to change that to:
+ SECTION:=net
+ CATEGORY:=Network
---
benjamin
___
openwrt-devel mai
Hi,
This patch adds the btrfs (http://btrfs.wiki.kernel.org/) filesystem
module in the kernel options. I also have btrfs-progs on the way.
Benjamin
--
Index: package/kernel/modules/fs.mk
===
--- package/kernel/modules/fs.mk(r
Hi,
Here is a patch to add a btrfs utilities package to OpenWRT.
Benjamin
--
Index: btrfs-progs/patches/001-Makefile-gcc-fix
===
--- btrfs-progs/patches/001-Makefile-gcc-fix(revision 0)
+++ btrfs-progs/patches/001-Makefile-gcc-fi
Hi,
I am trying to boot my system through an initramfs that should mount my
root FS somehow. My problem is, I am always stuck here :
https://dev.openwrt.org/browser/trunk/target/linux/generic-2.6/base-files/init#L9
because $rootfs is never set. I tried to look everywhere but didn't see
any pla
Hi Florian,
Florian Fainelli a écrit :
Le Tuesday 28 July 2009 18:04:39 Benjamin Cama, vous avez écrit :
I am trying to boot my system through an initramfs that should mount my
root FS somehow. My problem is, I am always stuck here :
https://dev.openwrt.org/browser/trunk/target/linux/generic
with httpd and
have a good default config ?
Signed-off-by: Benjamin Cama
--
Index: net/nginx/files/nginx.init
===
--- net/nginx/files/nginx.init (révision 0)
+++ net/nginx/files/nginx.init (révision 0)
@@ -0,0 +1,22 @@
+#!/bin/sh
dd another action in them, like
"preinit" that would do the job ?
Signed-off-by: Benjamin Cama
--
Index: target/linux/generic-2.6/base-files/init
===
--- target/linux/generic-2.6/base-files/init(revision 16963)
+++ targe
Le mercredi 05 août 2009 à 21:16 +0200, Benjamin Cama a écrit :
> The following patch adds root= and rootflags= kernel parameters handling
> in the /init initramfs script (I don't know otherwise how $rootfs can be
> set except manually in /etc/preinit or /etc/preinit.arch, which I
Hi all,
I just wanted to clarify the situation in plain english and avoid a
bunch of people spamming with random guess/solutions :
First: I am not related to the openwrt project, so these are just _my_
explanations, as a small random contributor. If some official
explanations were given, I would
Tomas Kopal a écrit :
Hmmm, seems I can't configure Thunderbird properly. Sending as
attachment. Is that ok here, or should I play with the settings to be
able to send patches inline in the future?
https://dev.openwrt.org/wiki/SubmittingPatches
and
http://kerneltrap.org/Linux/Email_Clients_and_
Hi,
Le vendredi 16 octobre 2009 à 13:09 +0200, Mirko Vogt a écrit :
> According commit log this was done by purpose:
>
> Revision 6292: "Change localhost into a fully qualified name[..]"
>
> However this change causes applications/libraries to fail which try to
> resolve "localhost" which is use
Hi,
Le dimanche 18 octobre 2009 à 00:58 +0800, Xiangfu Liu a écrit :
> how about add another line in "/etc/hosts" file ?
Useless duplication to me. I think furthermore that the FQDN is here so
that localhost doesn't become the name of a host on the default subnet
(like localhost.lan)
> write som
Hi,
Le samedi 17 octobre 2009 à 21:44 -0400, Stefan Monnier a écrit :
> I thought that all the names listed in /etc/hosts are FQDN already
> (adding domains is done to hostnames that we lookup, not to the
> hostnames in the hostnames-table), so the additional . is at
> best redundant.
Looked at a
ore recent version (which have
some security fixes).
Signed-off-by: Benjamin Cama
---
Index: Makefile
===
--- Makefile(révision 18623)
+++ Makefile(copie de travail)
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_N
hope nobody falled into this ... but I think I may be the only one using
this fs on openwrt ?).
This patch also add an init script that scan disk for multiple-device
(RAID) btrfs volumes.
Signed-off-by: Benjamin Cama
---
Index: btrfs-progs/files/btrfs-scan
following patch add the corresponding (un)mount calls in the init
script, and also includes the missing file.
Signed-off-by: Benjamin Cama
---
Index: net/nfs-kernel-server/files/nfsd.init
===
--- net/nfs-kernel-server/files
Hi Peter,
Le jeudi 25 février 2010 à 03:30 +0100, Peter Wagner a écrit :
> applied in r19855
Thanks.
> please send the patch next time as file...
OK. I always included them inline and had no complaint, but will do next
time.
> i also fixed a typo:
>
> -> + umount /proc/fs/nsfd
> +> +
(among others) crc32c.ko.
Signed-off-by: Benjamin Cama
Index: package/kernel/modules/fs.mk
===
--- package/kernel/modules/fs.mk (revision 20235)
+++ package/kernel/modules/fs.mk (working copy)
@@ -362,14 +362,12 @@
SUBMENU
).
> This patch also add an init script that scan disk for multiple-device
> (RAID) btrfs volumes.
>
> Signed-off-by: Benjamin Cama
Index: utils/btrfs-progs/files/btrfs-scan.init
===
--- utils/btrfs-progs/files/btrfs-scan.
#x27;t appear in the build log (V=99) is
strange ; I see host libs being built, but not target ones. Still, every
target lib (appart from zlib) is built and copied correctly !? Has
anyone a clue on this ? Cc'ing Alexander who submitted the patch
enabling zlib to see if he better succeeds.
Th
Hi,
The package block-extroot depends on some builtin package like
kmod-ide-core or kmod-usb-storage. But kmod-ata-core was forgotten; this
patch fixes it.
Signed-off-by: Benjamin Cama
Index: package/block-extroot/Makefile
Hi,
I'd like to comment a bit on this patch, too.
Le mardi 27 avril 2010 à 17:11 +0200, Alina Friedrichsen a écrit :
> > Yet it is impossibe to have dhcp-enabled interfaces *without* ipv6 then,
> > thats my point.
>
> Today all interfaces have enabled IPv6 autoconfiguration now. That's the
> rea
Le mardi 27 avril 2010 à 19:32 +0200, Alina Friedrichsen a écrit :
> Routers must not react on router advertisements (written in someone RFC)
> or you have a security problem.
Mmhhh ... you're right, I may not have thought enough in a router
perspective.
> IPv6 autoconfiguration and DHCPv6 are to
Hi,
Le mercredi 28 avril 2010 à 20:29 +1000, Andrew Byrne a écrit :
> Right now it's in the file but commented out (since r12351). Does
> anyone know if having it in there by default causes any errors if
> kmod-ipv6 isn't installed?
Tested here, when doing a sysctl -p with net.ipv6.conf.all.forw
Hi,
Le lundi 26 juillet 2010 à 04:20 -0600, Joseph Roback a écrit :
> I've tried 22362,22380,22382,22388 from fresh SVN checkouts and all 4
> of them worked. Before I even tried a `make dirclean' before
> rebuilding. I also tried manually deleting: `rm -rf bin build_dir
> staging_dir' ...
>
> I m
Le lundi 26 juillet 2010 à 16:13 +, Jim Henderson a écrit :
> I've tracked it down to build 22385 - 22384 (which has the last commit at
> 22383) builds, 22385 doesn't for me.
But you said earlier that a later revision (22388) works; so, why
bother ? Furthermore, these changesets don't seem to
Le lundi 26 juillet 2010 à 23:11 +, Jim Henderson a écrit :
> 22388 didn't build for me. Joseph said a fresh checkout built from him.
Sorry, I thought it was you. But you may give it a try.
> >> What process do you use to clean the offending package?
> >
> > I just meant "make package/foo/c
Hi,
Mpd's libid3tag dependency was lost with changeset 21054. Bring it back,
because it's still needed.
Signed-off-by: Benjamin Cama
Index: sound/mpd/Makefile
===
--- sound/mpd/Makefile (revision 22322)
+++ sound/mp
Le mardi 12 octobre 2010 à 19:57 +0200, Michael Büsch a écrit :
> On Tue, 2010-10-12 at 19:41 +0200, Benjamin Cama wrote:
> > * Your openssl added dependency is wrong: it is optionnaly selected when
> > you enable the SSL module. See Config.in. Is there something wrong with
&g
Hi,
Le jeudi 27 janvier 2011 à 10:02 +0100, Bastian Bittorf a écrit :
> adding support for "--dhcp-script" (long) "-6" (short).
Why "-6" for the short option name? It's often used for IPv6-related
things. I think it may be confusing.
Regards,
Benjamin
___
Hi,
I think someone munching too much with Makefiles thought that quoting
strings with an asterisk in it in bash is OK; it's not. Fix that.
Regards,
benjamin
--
Index: scripts/env
===
--- scripts/env (revision 25704)
+++ scripts/env
Hi,
Le dimanche 17 avril 2011 à 20:33 +0200, Felix Fietkau a écrit :
> On 2011-04-17 7:49 PM, Jochen Friedrich wrote:
> > Signed-off-by: Jochen Friedrich
> Applied in r26704
I heard that 2.6.35 has been chosen as a “flag” version for embedded
use: http://lwn.net/Articles/413341/
Does OpenWRT deve
43 matches
Mail list logo
