domenico/openwrt-armor-g5
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit
Some checks failed
Build Kernel / Build all affected Kernels (push) Has been cancelled
Details
Build all core packages / Build all core packages for selected target (push) Has been cancelled
Details
Build and Push prebuilt tools container / Build and Push all prebuilt containers (push) Has been cancelled
Details
Build Toolchains / Build Toolchains for each target (push) Has been cancelled
Details
Build host tools / Build host tools for linux and macos based systems (push) Has been cancelled
Details
Coverity scan build / Coverity x86/64 build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
domenico
2025-06-24 12:51:15 +02:00
commit 27c9d80f51
10493 changed files with 1885777 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
package/network/services/dnsmasq/files/50-dnsmasq-migrate-ipset.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/sh
ipsets=$(uci -q get dhcp.@dnsmasq[0].ipset)
[ -z "$ipsets" ] && exit 0
for ipset in $ipsets; do
names=${ipset##*/}
domains=${ipset%/*}
[ -z "$names" ] || [ -z "$domains" ] && continue
uci add dhcp ipset
OLDIFS="$IFS"
IFS=","
for name in $names; do
uci add_list dhcp.@ipset[-1].name="$name"
done
IFS="/"
for domain in ${domains:1}; do
uci add_list dhcp.@ipset[-1].domain="$domain"
done
IFS="$OLDIFS"
uci del_list dhcp.@dnsmasq[0].ipset="$ipset"
done
uci commit dhcp
exit 0

8
package/network/services/dnsmasq/files/50-dnsmasq-migrate-resolv-conf-auto.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
[ "$(uci get dhcp.@dnsmasq[0].resolvfile)" = "/tmp/resolv.conf.auto" ] && {
uci set dhcp.@dnsmasq[0].resolvfile="/tmp/resolv.conf.d/resolv.conf.auto"
uci commit dhcp
}
exit 0

53
package/network/services/dnsmasq/files/dhcp-script.sh Executable file
View File

@@ -0,0 +1,53 @@
#!/bin/sh
[ -f "$USER_DHCPSCRIPT" ] && . "$USER_DHCPSCRIPT" "$@"
. /usr/share/libubox/jshn.sh
json_init
json_add_array env
hotplugobj=""
case "$1" in
add | del | old | arp-add | arp-del)
json_add_string "" "MACADDR=$2"
json_add_string "" "IPADDR=$3"
;;
esac
case "$1" in
add)
json_add_string "" "ACTION=add"
json_add_string "" "HOSTNAME=$4"
hotplugobj="dhcp"
;;
del)
json_add_string "" "ACTION=remove"
json_add_string "" "HOSTNAME=$4"
hotplugobj="dhcp"
;;
old)
json_add_string "" "ACTION=update"
json_add_string "" "HOSTNAME=$4"
hotplugobj="dhcp"
;;
arp-add)
json_add_string "" "ACTION=add"
hotplugobj="neigh"
;;
arp-del)
json_add_string "" "ACTION=remove"
hotplugobj="neigh"
;;
tftp)
json_add_string "" "ACTION=add"
json_add_string "" "TFTP_SIZE=$2"
json_add_string "" "TFTP_ADDR=$3"
json_add_string "" "TFTP_PATH=$4"
hotplugobj="tftp"
;;
esac
json_close_array env
[ -n "$hotplugobj" ] && ubus call hotplug.${hotplugobj} call "$(json_dump)"

37
package/network/services/dnsmasq/files/dhcp.conf Normal file
View File

@@ -0,0 +1,37 @@
config dnsmasq
option domainneeded 1
option boguspriv 1
option filterwin2k 0 # enable for dial on demand
option localise_queries 1
option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
option rebind_localhost 1 # enable for RBL checking and similar services
#list rebind_domain example.lan # whitelist RFC1918 responses for domains
option local '/lan/'
option domain 'lan'
option expandhosts 1
option nonegcache 0
option cachesize 1000
option authoritative 1
option readethers 1
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
#list server '/mycompany.local/1.2.3.4'
option nonwildcard 1 # bind to & keep track of interfaces
#list interface br-lan
#list notinterface lo
#list bogusnxdomain '64.94.110.11'
option localservice 1 # disable to allow DNS requests from non-local subnets
option ednspacket_max 1232
option filter_aaaa 0
option filter_a 0
#list addnmount /some/path # read-only mount path to expose it to dnsmasq
config dhcp lan
option interface lan
option start 100
option limit 150
option leasetime 12h
config dhcp wan
option interface wan
option ignore 1

8
package/network/services/dnsmasq/files/dhcpbogushostname.conf Normal file
View File

@@ -0,0 +1,8 @@
# dhcpbogushostname.conf included configuration file for dnsmasq
#
# includes a list of hostnames that should not be associated with dhcp leases
# in response to CERT VU#598349
# file included by default, option dhcpbogushostname 0 to disable
dhcp-name-match=set:dhcp_bogus_hostname,localhost
dhcp-name-match=set:dhcp_bogus_hostname,wpad

37
package/network/services/dnsmasq/files/dnsmasq.conf Normal file
View File

@@ -0,0 +1,37 @@
# Change the following lines if you want dnsmasq to serve SRV
# records.
# You may add multiple srv-host lines.
# The fields are <name>,<target>,<port>,<priority>,<weight>
# A SRV record sending LDAP for the example.com domain to
# ldapserver.example.com port 289
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
# Two SRV records for LDAP, each with different priorities
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
# A SRV record indicating that there is no LDAP server for the domain
# example.com
#srv-host=_ldap._tcp.example.com
# The following line shows how to make dnsmasq serve an arbitrary PTR
# record. This is useful for DNS-SD.
# The fields are <name>,<target>
#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
# Change the following lines to enable dnsmasq to serve TXT records.
# These are used for things like SPF and zeroconf.
# The fields are <name>,<text>,<text>...
#Example SPF.
#txt-record=example.com,"v=spf1 a -all"
#Example zeroconf
#txt-record=_http._tcp.example.com,name=value,paper=A4
# Provide an alias for a "local" DNS name. Note that this _only_ works
# for targets which are names from DHCP or /etc/hosts. Give host
# "bert" another name, bertrand
# The fields are <cname>,<target>
#cname=bertand,bert

1342
package/network/services/dnsmasq/files/dnsmasq.init Executable file
View File

File diff suppressed because it is too large Load Diff

15
package/network/services/dnsmasq/files/dnsmasq_acl.json Normal file
View File

@@ -0,0 +1,15 @@
{
"user": "dnsmasq",
"publish": [ "dnsmasq" ],
"access": {
"hotplug.dhcp": {
"methods": [ "call" ]
},
"hotplug.neigh": {
"methods": [ "call" ]
},
"hotplug.tftp": {
"methods": [ "call" ]
}
}
}

12
package/network/services/dnsmasq/files/dnsmasqsec.hotplug Normal file
View File

@@ -0,0 +1,12 @@
TIMEVALIDFILE="/var/state/dnsmasqsec"
[ "$ACTION" = "stratum" ] || exit 0
[ -f "$TIMEVALIDFILE" ] || {
echo "ntpd says time is valid" >$TIMEVALIDFILE
/etc/init.d/dnsmasq enabled && {
initscript=dnsmasq
. /lib/functions/procd.sh
procd_send_signal dnsmasq '*' INT
}
}

11
package/network/services/dnsmasq/files/rfc6761.conf Normal file
View File

@@ -0,0 +1,11 @@
# RFC6761 included configuration file for dnsmasq
#
# includes a list of domains that should not be forwarded to Internet name servers
# to reduce burden on them, asking questions that they won't know the answer to.
server=/bind/
server=/invalid/
server=/local/
server=/localhost/
server=/onion/
server=/test/