Changes for ewrt-0.4.3 (0.4-FINAL): (Prepared by Troy Jaqua for Portless Networks) ================================= * Three major functional fixups for NoCatSplash: - The peer data can now be synced to a file with each auth/unauth, and leases re-initialized across server restarts or reboot. Simply define LeaseFile in your nocat.conf (set NC_LeaseFile in nvram on ewrt) - The redirect didn't wait for the firewall scripts to finish, often resulting in a user getting the splash page a second time. - The DHCP server would occasionaly recycle "pulled" leases too quickly, and a user would be trapped in a loop on their new IP, since it was still in the peer database with the old MAC. They automatically replace the old lease now. * A few changes to generalize the model dependencies and config process in expectation of major changes and adding more supported hardware, coming in ewrt-0.5. * Fixed the ipkg and ipkgtmp scripts to do the right things in the right places. I added an ipkg.conf which fetches packages from our website by default, but this can be overridden by setting IPKG_CONF_DIR. NOTE: ewrt-0.4 will only run ipkg-ed kernel modules for 2.4.20, or binaries linked statically, or to the installed uClibc-0.9.19 libs. * A bunch of new logging to syslog in the init process and callbacks for udhcpc events; I moved some of this stuff off of the serial console to make that easier to use as well. * A new nvram variable: ip_conntrack_max, which will set the corresponding /proc entry (if >1024) at boot to raise the limit on the number of NAT-tracked connections. This is useful if you have a lot of users and start getting messages in the syslog saying the limit has been reached. Changes for ewrt-0.4-beta1: (Prepared by Troy Jaqua for Portless Networks) =========================== This version of ewrt is primarily a bugfix and maintenance release for the NoCatSplash gateway software. We reverted to an older version (0.90) in ewrt-0.3 beta2 and beta3. This release includes the latest NoCat-0.93pre2, with additional patches for stablility, garnered from our own and other NoCat developers' testing. Also included is my backport of a number of really interesting and useful system changes from the HotSpotZone project, including code which can be enabled to authenticate via RADIUS-AAA (Authentication, Authorization & Accounting) servers. If you currently wish to use the RADIUS features, you may want to check out the HSZ-project code at http://www.hot-spot-zone.de/. I am currently working on modularizing the modes to save space, and building a system which can be mode-switched on-the-fly via the web interface, or run with multiple simultaneous auth modes. EWRT includes this code, but is reconfigured to support Open mode (ie splash-page/confirmation/redirect builtin to the gateway, and auth-ed users are free to use all services without login.) The rest of our and HSZ's system changes are also very useful, and are listed below. I'd like to thank Maurice Schoenmaker [maurice.schoenmakers@hot-spot-zone.de] for all his hard work at improving the functionality of these system components. -------- EWRT-0.4-beta1 system changes: - Fixed Upgrade.asp and code-pattern checks for WRT54G v2-v5 and WRT54GS v1-v4 To build an image for the WRT54G units up to v3.1, use: make (in src/ dir) To build an image for the WRT54GS units up to v3.1, now use: make install-gs To build an image for WRT54G v4 or v5 or WRT54GSv4, now use: make install-gv4 - Applied httpd-POST and ezc-disabling security patches, thanks to Markus Breitenbach - Added processing for a user-defined startup script (eg rc_start=/opt/rc.start) on the rw partition. - Reconfigured BusyBox, adding a few needed utilities (cron, uptime, rmmod, free, gzip/gunzip, etc.) - Re-added start_wds_init function at startup to process both wl_wds and WDS_[0-5] nvram vars for link info. Thanks: BCN @ Briel Computer - Rewrote lan_gateway_enable and lan_gateway options for gateways on a routed subnet, or proxy-arp bridge, and added the ability to define a WDS link as the wan_ifname, not adding it to the lan bridge by default. nvram options: lan_gateway_enable (=1 -> use a LAN-local gateway instead of wan_gateway) lan_gateway (IP address of the LAN-local gateway) lan_wan_bridge (=1 -> bridge the wan to the lan bridge device) lan_wan_proxy_arp (=1 -> sets the interfaces to be a routed proxy-arp-bridge) - New/replaced options in NoCat: -> Open-mode authentication splash page needs "mode_login" button and "accept_terms=yes" returned in it's POST Query. -> ForcedRedirect is now an int: (0=off, 1=force redirect to: HomePage) -> More http_request handler patches -> Fixed a few memory leaks and I/O channel unrefs -> More debugging levels and reorganization -> disabled https redirection because it doesn't work yet, and hangs the parser. -> router Makefiles currently support building either/both of nocat (Open-mode) and nocat-radius (Radius-mode) binaries -> conffile/options written out to user-defined NC_DocumentRoot -> Added NC_binary_path and NC_binary_name options to switch between them NOTE: I may still need to fix the autogeneration of the config file for radius mode to work out of the box ----- Other NoCat-0.93 features: -> syslogd support fixed -> status page fixups (goto http://:/status) -> arp-checking for IdleTimeout*MaxMissedARP expiry of missing peers -> http-request handler fixes -> auto-daemonize splashd at startup (but no more multi-threading) -> ExternalDevice/InternalDevice & network auto-detection -> ipkg support (currently unused by ewrt) ----- Hotspot-zone extensions 0.4: - firmware version update-checks - automatic reboot via crontab - syslogd changes to include a prefix sent with each message - sip proxy siproxd (not yet fully functional) - smtp with tcp proxy for smtp redirection (not yet fully functional) - dyndns with own server in ez-ipupdate - HSZ-NoCat improvements: -> SIGUSR1 handler for firewall reinit -> Per-peer and aggregate traffic counters added to firewall rules -> HTTP-header password and host-checking methods for access to admin/status data -> an improved splashd ( RADIUS support (login, confirm, and logout page on external server,) auto-logout, traffic-reporting, improved reinit of firewall rules, automatic self-test (splashtest.c) ) -> simple, 2-step hot-spot-zone.de portal configuration on setup page (for groups without their own RADIUS server) -> There is nothing that prevents to use your own radius server, web pages etc. Changed up to Ewrt 0.3-beta2 ============================ * Fixed the build system to build both G and GS-compatible binaries * Fixed the setting of NC_DocumentRoot from the web UI * Reverted back to NoCatSplash 0.90, like we used in ewrt-0.2 -fixes stability found in 0.3-beta1 * Added a new nocat variable called "ForcedRedirct", that forces the users first post-splashpage view to the file or site defined here. If the variable is blank, the user is redirected to the original destination. * Default ssid is now ewrt * Fixed issue with sshd_wanport variable not being configurable from the admin web gui Changes up to Ewrt 0.3-beta1 ============================ * Branched from 3.01.3 * Fixed autoconf timestamp problems by removing timestamp checks * Imported dropbear 0.44 clients: dbclient (ssh), scp, dropbearkey, dropbearconvert fixed pty support to work with devfs. use PTMX instead of openpty * Replaced the Ping UI with the Command Shell UI * Enabled /etc/profile, motd * Changed kernel and build process from cramfs to Squashfs 2.1-r2 resulted in 600k size reduction - woohoo! * Added NocatSplash 0.92 to the tree, hooked it up to the build along with glib * Upgraded Busybox to busybox-1.00 Re-added Linksys ping feature for qos * Added jffs2 filesystem * Added code to automatically take the free flash space and allocate it to a new mtd partition for jffs2 * Added code to automatically mount the jffs2 partition under /opt * Added code to automatically erase the "jffs2" partition and then mount it if the device has been flashed or reset * Added code to start syslogd and klogd * Changed "Upgrade is successful", to "Upgrade was successful". * Fixed the busybox reboot command to work like it used to * Imported selected UI bits from Ewrt 0.2 so that the UI reflects reality * Fix bug where DNS wasn't being populated in nocat.conf if getting it from DHCP * Fixed a bug where services (syslogd, splashd especially) were getting started before the WAN interface was up * Fixed a bug where the inside IP addr wasn't allowed in Nocat by default * Incorporated Nocat stability fixes from Yurgi Arginzoniz (iurgi.arginzoniz at gmail.com) and Ewrt-0.2 * Re-added txpwr, txant and wl0_antdiv stuff to Wireless_Advanced.asp * Fixed re-mounting of the jffs2 partition - it needed to be unlocked first * added mtd unlock functions to rc/mtd.c (and symlink) * Fix a bug where /opt was not being unmounted at shutdown time, causing reboots to fail when the /opt filesystem had been written to