Firmware-ng Changelog

r481

  • NEW: OM2P-HSv2 platform support
  • FIX: [OM2P] send ibss probe responses with noack flag to reduce number of sent probe responses
  • FIX: [OM2P] process management frames only once per BSS to reduce number of sent probe responses
  • FIX: [OM2P] don't drop connections of roaming clients when bridge_mode is disabled
  • FIX: [OM1P] disable mesh encryption due to failures in the encryption over time

r479

  • FIX: fallback inet_test uses checkin URL to avoid endless SSL redirect
  • FIX: [ng2ng] don't enable ng2ng mesh bridge while running in orphan mode
  • FIX: [nds] deactivate oversized thread stack cache
  • FIX: [nds] check if kernel module was loaded already to avoid insmod failure
  • FIX: [nds] work around the leaking thread stack
  • FIX: [coova-chilli] fix DNS regression for chilli and orphan mode
  • FIX: [OM2P] fix decrypt_error initialization to avoid decryption problem
  • FIX: [OM2P] avoid mangling powersave keys when the chip key cache is filled
  • FIX: [OM2P] allow multicast frames on eth1 (dropped by ethernet switch)
  • FIX: [OM2P] set fallback to /tmp/resolv.conf for inet_test DNS check in repeater mode

r476

  • NEW: update fallback dashboard IP to point to server in Oregon
  • NEW: send hostname with syslog messages
  • NEW: reboot after 6 checkins in orphan mode if no upgrade or mesh key is available
  • NEW: [OM2P] print extensive logs when/how a device was rebooted
  • NEW: [OM2P] drop unsolicited DHCP broadcast packets instead of forwarding them
  • FIX: fix wireless WPA key cache corruption leading to wifi disconnects
  • FIX: ignore case of captive portal variable sent from the dashboard (prevents health care reboot of ticket #618)
  • FIX: backport port asprintf memory leak
  • FIX: [nds] remove threading for HTTP access to minimize risk for race conditions
  • FIX: [nds] deactivate over-sized thread stack cache
  • FIX: [nds] check if kernel module was loaded already to avoid insmod failure
  • FIX: [nds] work around of the leaking stack of thread
  • FIX: [coova-chilli] properly configure LAN block if enabled (closes ticket #593)
  • FIX: [OM2P] fix invalid memory access in crashlog potentially leading to a crash
  • FIX: [OM2P] stop bridge-in-batman DHCP packet mangling when bridge_netfilter is enabled (ng463 regression)
  • FIX: [OM2P] increase beacon interval to 300ms to reduce channel pollution

r466

  • NEW: [nds] allow walled garden refresh without nds restart
  • FIX: avoid running multiple dhcp clients on repeaters
  • FIX: remove interface event handler delay to avoid losing events on the LAN
  • FIX: launch dhcp watch also when connected to a possible lan
  • FIX: avoid lockup by releasing gw lock before exiting in case of memory shortage
  • FIX: set dhcp start IP option to not waste 99 IPs from the IP pool
  • FIX: [nds] sanatize voucher input
  • FIX: [health care] detect if cable is plugged but ignored by the system (closes ticket #485)
  • FIX: re-order health care rule processing to run dashboard rules first (closes ticket #499)
  • FIX: [OM2P] workaround roaming breakage with bridge mode enabled
  • FIX: [OM2P] fix sending DHCP INFORM packets to wrong subnets (e.g. LAN)

r459

  • FIX: properly handle IP range calculation on gateways with high node ids

r458

  • FIX: disable bridge loop avoidance completely when bridge mode is disabled (closes ticket #441)
  • FIX: uci creash triggered by too long string
  • FIX: [OM2P] wifi stability fixes (closes ticket #439)
  • FIX: [wgarden] do not activate wgarden ip verification when coova-chilli is running

r456

  • NEW: [nds] redirect including node & client mac
  • NEW: [checkin] after 12 subsequent alt dashboard timeouts contact dfl dashboard
  • NEW: [checkin] alternate dashboard checkin timeout flag
  • NEW: [walled garden] periodic DNS update
  • FIX: [walled garden] separate /etc/hosts entry from walled garden entries
  • FIX: remove accidental restriction of local LAN interface access (closes ticket #229 and #262)

r453

  • FIX: [OM2P-HS] disable LDPC to workaround printer connection issues

r452

  • NEW: strip CR characters from custom scripts (closes ticket #379)
  • NEW: [OM2P] build GRE kernel module (closes ticket #220)
  • NEW: [OM2P] auto-orphan mode
  • NEW: [chilli] make dhcp lease timeout configurable via uci
  • FIX: [OM2P] fix random ethernet driver crash (closes ticket #373)
  • FIX: [OM2P] improve wifi reset reliability after errors
  • FIX: [OM2P-LC] disable wifi diversity in eeprom
  • FIX: [MR500] gateway crash due to random memory access
  • FIX: configure dnsmasq to also forward DNS SRV records (closes ticket #386)
  • FIX: [health care] protect health care config change with file lock
  • FIX: [nds] limit dashboard pre-authentication checks

r444

  • FIX: [OM2P] connected wifi client reporting
  • FIX: [nds] limit the number of voucher authentication attempts [5 attempts every 30 minutes] (closes ticket #356)

r443

  • NEW: [OM2P] allow dashboard to specify SSID encryption type (WPA1+2 or WPA2-only)
  • NEW: [OM2P] crashlog support - store debug information while rebooting due to kernel crash
  • NEW: [connkeeper] add support for CHECKIN and REBOOT command
  • NEW: [OM2P] support TKIP countermeasures according to WFA requirements
  • FIX: filter problematic LF characters from dashboard configuration
  • FIX: [OM2P] adapt slot time in IBSS mode for higher mesh performance
  • FIX: [OM2P] fix WMM VI and VO handling
  • FIX: [OM2P] downgrade coova-chilli to version 1.2.8
  • FIX: [OM2P] skb leaks leading to hostapd/wpa_supplicant hangs (closes ticket #365)
  • FIX: [nds] retry 3 times when trying to authenticate a voucher
  • FIX: [health care]: write test & test result into log file when running dashboard tests

r439

  • NEW: separate hostname for remoteauthdata/remotevoucher/remoteblockedmsg to be able to use different hosts for each
  • FIX: [OM2P] replace batman-adv race condition workaround with proper fix
  • FIX: [OM2P] ignored MTU setting (regression)
  • FIX: [OM2P] retry mesh encryption key exchange on failure
  • FIX: [OM2P] improve IBSS state station handling to make mesh encryption more reliable
  • FIX: [OM2P] re-enable Atheros noise immunity for single chain devices (OM2P/OM2P-LC)
  • FIX: [MR500] fix batman-adv backport to calculate mac header length correctly (closes ticket #342)
  • FIX: [nds] report "last seen" field correctly (table layout change)

r434

  • NEW: redesigned bridge loop avoidance (closes ticket #40)
  • NEW: AP isolation (closes ticket #37)
  • NEW: mesh encryption
  • NEW: fast roaming for clients
  • NEW: roaming client threshold to force switching the gateway
  • NEW: SMTP redirect support added
  • NEW: delay mesh relevant WiFi settings to avoid outages & prolonged recovery phase
  • NEW: include support for OM2P-LC / OM2P-HS devices
  • NEW: public firmware hooks for internet connect / disconnect events
  • NEW: [nds] display blocked user message even if splash page is disabled
  • NEW: [nds] unblock authentication if dashboard authenticator can't be reached (closes ticket #338)
  • NEW: [OM2P] ACL whitelisting support (closes ticket #266)
  • NEW: [OM2P] WPA / WPA2 Enterprise (mixed)
  • NEW: [OM2P] include OpenWrt sysupgrade support to allow manual reflash
  • FIX: harden signal handling to avoid unnecessary reboots
  • FIX: randomize dashboard check-ins to distribute check-in load
  • FIX: [OM2P] enable vlan tagging on 2nd Ethernet port
  • FIX: [OM2P] delete leaving stations immediately without waiting for their ACK (closes ticket #300)
  • FIX: [MR500] internal loop due to non-unique mac addresses
  • FIX: [MR500] WPA-Enterprise authentication regression (closes ticket #274)
  • FIX: [nds] check & repair folder layout before downloading splash pages (closes ticket #278)
  • FIX: [lonely] recover faster from prolonged internet outage (closes ticket #231)

r397

  • NEW: asynchronous internet availability tests
  • NEW: reboot node via dashboard (closes ticket #124)
  • NEW: gateway stickiness configurable via dashboard
  • NEW: allow specifying alternate check-in path after alternate hostname
  • NEW: report alternate 404 error via flag (0x0080)
  • NEW: new status flag - dashboard check-in timeout (0x0040)
  • NEW: adding sequence number handling to allow dashboard configuration consistency check
  • NEW: filter incoming DHCP requests from ng nodes (closes ticket #168)
  • NEW: [OM1P] orphan mode to recover from network incompatibilities automatically
  • NEW: [OM1P] ng2ng mode (using batman on the LAN if another ng node was detected) (closes ticket #247)
  • NEW: [OM2P] orphan mode to recover from network incompatibilities automatically
  • NEW: [OM2P] ng2ng mode (using batman on the LAN if another ng node was detected) (closes ticket #247)
  • NEW: [OM2P] while running in lonely mode the red wifi led blinks
  • NEW: [OM2P] while running in orphan client mode the yellow wifi led blinks
  • FIX: use DHCP lease timeout supplied by DHCP server on ethernet
  • FIX: check for self-referencing symlinks before updating /etc/hosts
  • FIX: replace built-in shell arp command with proper arp to set arp entries
  • FIX: health care restores missing dashboard configuration if it went missing
  • FIX: health care restores NAT iptables rule on gateways if it went missing
  • FIX: check for 404 error when using alternate dashboard setting and fallback to default settings
  • FIX: detect dashboard check-in timeout (avoid false 0x02 and 0x03 flag reports)
  • FIX: parse dashboard enable / disable internet check instruction correctly
  • FIX: double size of ARP tables to better support large LANs
  • FIX: [health care] fix endless reboots due to hostapd misconfiguration in bridge mode (closes ticket #240)
  • FIX: [health care] consistency check for captive portal + repair if necessary
  • FIX: [health care] tighten low memory check (closes ticket #146)
  • FIX: [chilli] configure ip addresses after node id has been processed
  • FIX: [nds] correctly reset bandwidth shaping on logout (closes ticket #226)
  • FIX: [MR500] health care check for dead secondary CPU

r376

  • NEW: rogue AP background scan
  • NEW: adding anyip support
  • NEW: ng upgrade respects /etc/sysupgrade.conf (closes ticket #187)
  • NEW: flag signaling first check-in after lonely mode (0x20)
  • NEW: [OM2P] add +/- after 2.4GHz channel report when 40Mhz channels are enabled
  • FIX: [OM2P] do not favor low RSSI links
  • FIX: [OM2P] fix wifi distance setting
  • FIX: [OM2P] disable rts/cts to improve wifi speed and avoid connection problems (close ticket #189, #192 and #194)
  • FIX: [nds] remove network name minimum length for vouchers to work
  • FIX: [coova-chilli] correctly set alternate dns server (closes ticket #186)
  • FIX: [coova-chilli] bogus radius user multi-session reports fixed (closes ticket #163)
  • FIX: faster DHCP answer by disabling DHCP server ping check
  • FIX: layer2 traceroute: check incoming sequence numbers to avoid reporting bogus routes
  • FIX: apply walled garden settings even when only the walled garden settings were modified on the dashboard
  • FIX: append postrouting NAT rule to allow custom firewall rules
  • FIX: empty dashboard config checksum after lonely mode run to force applying the config

r354

  • NEW: send 'invalid key' flag (0x10) if the dashboard reply can't be decrypted
  • NEW: [OM2P] allow setting the txpower via dashboard
  • FIX: [OM2P] fix wifi connection loss when going into sleep mode (closes ticket #164)
  • FIX: WPA enterprise authentication (regression)
  • FIX: missing decryption key reporting
  • FIX: unique ip address space for gateways (closes ticket #176)

r347

  • NEW: country code setting support
  • NEW: [nds] support blocked user message
  • NEW: [nds] (local) logout URL => '!http://logout'
  • NEW: [nds] walled garden for captive portal (closes #135)
  • FIX: [OM2P] wifi connection issues (closes #137)
  • FIX: [OM2P] wifi power save issues (closes #156)
  • FIX: [OM2P] ethernet random slowness
  • FIX: [OM2P] gateway crash / reboot cycle after dashboard config update (closes #139 and #142)
  • FIX: [OM2P] enable WPA/WPA2 mixed mode if encrypted
  • FIX: [MR500] fix 'last seen on' mac address reporting
  • FIX: extend lonely scan per channel to compensate slower mesh
  • FIX: allow custom.sh URL with or without leading '!http://'

r330

  • NEW: OM2P hardware support
  • NEW: major platform upgrade (new kernel, new wifi drivers, etc)
  • NEW: revamped flash utility with mutli-flash mode
  • NEW: allow disabling the internet check via the dashboard
  • NEW: vlan tagging support
  • NEW: add support for custom script feature
  • NEW: [OM1P] use combined images for system upgrade
  • FIX: setting default 2.4GHz channel to 5 (same as dashboard default)
  • FIX: wait for coova-chilli to properly come up before starting depending services
  • FIX: apply mac address filter instantly (without requiring a reboot)
  • FIX: update inet check traceroute IP list (closes ticket #106)
  • FIX: force DNS redirect to local device

r300

  • NEW: extend the LAN block to prohibit access to 10.0.0.0/8, 172.16.0.0/12 & 192.168.0.0/16
  • FIX: DNS reply regression when using coova chilli
  • FIX: health care system cleans caches before checking available RAM

r299

  • NEW: individual bandwidth configuration for nodogsplash
  • NEW: send dashboard mac address before showing splash page
  • NEW: add secure voucher mechanism
  • NEW: add support for mac address whitelist (ACL) on SSID!#2 (closes #61)
  • NEW: changing all URLs from *.open-mesh.com to *.cloudtrax.com
  • NEW: [MR500] add user space hardware watchdog support
  • NEW: [MR500] add support for mac address whitelist (ACL) on SSID!#1
  • FIX: [MR500] health care: check for hanging kernel
  • FIX: [MR500] fix IRQ locking in ethernet driver
  • FIX: [OM1P] avoid switching channels after AP scan
  • FIX: put repeaters onto their own virtual network to not make them unaffected by bridge mode (closes #55 and #80)
  • FIX: avoid alternate DNS server being overridden by dhcp client (closes ticket #73)
  • FIX: slow down mesh interval to reduce overhead
  • FIX: health care: checks for low memory
  • FIX: health care: check for correct wifi channel
  • FIX: health care: check for bridge interfaces being correctly configured
  • FIX: report hardware type / 2.4GHz channel / 5GHz channel to dashboard
  • FIX: keep health care always running to also catch kernel lockups during config phase
  • FIX: force dhcp / dns server to only listen on specific interfaces
  • FIX: set hard-coded dashboard fallback IP to checkin.cloudtrax.com
  • FIX: only apply mac filter on active interfaces
  • FIX: regression - allow short essids again (closes ticket #53)

r277

  • NEW: [OM1P] report nearby wifi networks to the dashboard
  • NEW: [OM1P] report detailed wifi information of connected wifi clients
  • FIX: [OM1P] speed test regression for distant nodes (more than one hop)
  • FIX: [OM1P] sudden wifi speed drop
  • FIX: [MR500] enable hidden essid (closes ticket #51)
  • FIX: disallow empty essid as it breaks startups scripts
  • FIX: try re-installing the captive portal if the first attempt failed
  • FIX: add signal handler to avoid gateway deadlock

r274

  • NEW: [MR500] report nearby wifi networks to the dashboard
  • NEW: [MR500] report detailed wifi information of connected wifi clients
  • NEW: allow changing the 5GHz channel via the dashoard
  • NEW: increase coova-chilli version to 1.2.5 (closes ticket #27)
  • FIX: [OM1P] add workaround to reset wifi driver if stuck on too slow speed
  • FIX: [MR500] lan outages during system upgrade / dashboard checkin
  • FIX: [MR500] wifi driver does not switch channel automatically
  • FIX: [MR500] wifi driver joins wifi cells based on the BSSID
  • FIX: [MR500] use local DNS if configured
  • FIX: empty gateway link quality report (red bar)
  • FIX: [MR500] abort lonely mode if cable is plugged
  • FIX: [MR500] health care loop through all available ethernet interfaces
  • FIX: [MR500] add RSSI based penalties to choose better paths
  • FIX: [MR500] on-the-fly uboot upgrade to version 2011/01/10
  • FIX: batman fragmentation in bridged networks

r265

  • NEW: support WPA Enterprise
  • FIX: change checkin method to bypass baracuda content filter
  • FIX: ACL host list parsing incomplete (closes ticket #29)

r263

  • FIX: ignore double node names when retrieving latency and hops
  • FIX: [MR500] fix random crash at boot time

r260

  • NEW: [MR500] fix performance bottleneck to achieve high throughput
  • FIX: force mac address of client bridge interface to remain static
  • FIX: set wifi country code to US (closes ticket #25)
  • FIX: gateway IP selection on big endian systems
  • FIX: [MR500] drop batman-adv encapsulated traffic on AP interfaces
  • FIX: if a repeater does not have a batman-gateway report missing gateway
  • FIX: wget timeouts to avoid hanging checkins (closes ticket #26)

r254

  • NEW: [MR500] ralink driver updated to version 2.5 (including custom patches)
  • NEW: [MR500] TUX kernel webserver added to achieve higher speed test results
  • NEW: [MR500] allow wide channel (40MHz) for client APs
  • NEW: send warning flags (0x08) to the dashboard if the captive portal can't be installed
  • NEW: speed up DHCP client detection by buffering the DHCP requests to forward them after the timeout has expired
  • FIX: delay internet access search over the mesh to give the node time to detect the LAN
  • FIX: node upgrade may fail if the new image size differs from the current image size
  • FIX: report correct last seen mac when client is connected to a gateway directly
  • FIX: force mac address of LAN bridge interface to remain static
  • FIX: don't display wrong client names if the client can't be found in the lease file
  • FIX: health care should allow more than one dhclient process
  • FIX: [MR500] ralink driver did not apply all changes after configuring the dashboard
  • FIX: nodogsplash start at boot time
  • FIX: force dhclient timeout to expire after 5 minutes
  • FIX: let dhclient wait for configured interface in case it is not available (instead of exiting)
  • FIX: force OpenWRT to not configure interfaces that have a cable plugged (make 20 seconds boot delay unnecessary)
  • FIX: use HTTP/1.0 for checkin to avoid chunked reply
  • FIX: dashboard checkin if alternate dashboard is specified but DNS is broken
  • FIX: include tunnel binary per default
  • FIX: on boot don't restart wifi unless dashboard configuration changed
  • FIX: only reload captive portal if nodogsplash/coova/splash pages config changed
  • FIX: wifirush connectivity problems (closes ticket #14)

r244

  • FIX: lonely termination - check if plugged cable offers internet again
  • FIX: use http based internet availability check if UDP traceroute does not work
  • FIX: drop batman-adv encapsulated traffic on AP interfaces

r243

  • NEW: lan block support added
  • NEW: ethernet clients can be connected to SSID!#2 (closes ticket #12)
  • NEW: adding support for wificpa enterprise service
  • NEW: support multiple ethernet clients while acting as a gateway
  • FIX: random segfault while retrieving the route towards the gateway
  • FIX: fix reboot due to a malfunctioning detection whether chilli is running or not
  • FIX: report coova user data was not correctly
  • FIX: apply tunnel status changes on-the-fly (without reboot)
  • FIX: package repository for nodogsplash / coova / etc dependend on stable/testing firmware settings
  • FIX: 'open-mesh-flash' has been renamed to 'open-mesh-flash-ng' to avoid confusion
  • FIX: nodogsplash - give each authenticated user its own bandwidth slot
  • FIX: report repeater macs along with the captive portal usage data (closes ticket #13)
  • FIX: increase lonely timeout to 20 minutes

r235

  • FIX: report RSSI values that are smaller than 10
  • FIX: report mac address of mesh interface to dashboard
  • FIX: in bridge mode packets to non-master gateways are forwarded to the master gateway
  • FIX: gateway must not forward dhcp requests to other gateways
  • FIX: avoid poisoning the LAN with DHCP replies from the mesh
  • FIX: add dhcp detection delay to avoid switching into client bridge mode when connected to a LAN
  • FIX: cleanup hanging dashboard checkins