From 7fcd8b981caad64d60f855ebc6b21828b8c23617 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Wed, 24 Mar 2021 12:07:15 +0000 Subject: [PATCH 1/2] Replace gre+wireguard with openvpn --- config | 57 +++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 43 insertions(+), 14 deletions(-) diff --git a/config b/config index bad0f1b..1a42522 100644 --- a/config +++ b/config @@ -3,25 +3,37 @@ CONFIG_TARGET_ipq40xx_generic=y CONFIG_TARGET_ipq40xx_generic_DEVICE_compex_wpj428=y CONFIG_DROPBEAR_ECC=y CONFIG_DROPBEAR_ECC_FULL=y +CONFIG_GNUTLS_ALPN=y +CONFIG_GNUTLS_ANON=y +CONFIG_GNUTLS_DTLS_SRTP=y +CONFIG_GNUTLS_HEARTBEAT=y +CONFIG_GNUTLS_OCSP=y +CONFIG_GNUTLS_PSK=y CONFIG_LIBQMI_WITH_MBIM_QMUX=y CONFIG_LIBQMI_WITH_QRTR_GLIB=y CONFIG_MODEMMANAGER_WITH_AT_COMMAND_VIA_DBUS=y CONFIG_MODEMMANAGER_WITH_MBIM=y CONFIG_MODEMMANAGER_WITH_QMI=y +CONFIG_OPENSSL_ENGINE=y +CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM=y +CONFIG_OPENSSL_WITH_ASM=y +CONFIG_OPENSSL_WITH_CHACHA_POLY1305=y +CONFIG_OPENSSL_WITH_CMS=y +CONFIG_OPENSSL_WITH_DEPRECATED=y +CONFIG_OPENSSL_WITH_ERROR_MESSAGES=y +CONFIG_OPENSSL_WITH_PSK=y +CONFIG_OPENSSL_WITH_SRP=y +CONFIG_OPENSSL_WITH_TLS13=y +CONFIG_OPENVPN_mbedtls_ENABLE_DEF_AUTH=y +CONFIG_OPENVPN_mbedtls_ENABLE_FRAGMENT=y +CONFIG_OPENVPN_mbedtls_ENABLE_LZ4=y +CONFIG_OPENVPN_mbedtls_ENABLE_MULTIHOME=y +CONFIG_OPENVPN_mbedtls_ENABLE_PF=y +CONFIG_OPENVPN_mbedtls_ENABLE_PORT_SHARE=y +CONFIG_OPENVPN_mbedtls_ENABLE_SMALL=y CONFIG_PACKAGE_cgi-io=y CONFIG_PACKAGE_dbus=y -# CONFIG_PACKAGE_dnsmasq is not set -CONFIG_PACKAGE_dnsmasq-full=y -CONFIG_PACKAGE_dnsmasq_full_auth=y -CONFIG_PACKAGE_dnsmasq_full_conntrack=y -CONFIG_PACKAGE_dnsmasq_full_dhcp=y -CONFIG_PACKAGE_dnsmasq_full_dhcpv6=y -CONFIG_PACKAGE_dnsmasq_full_dnssec=y -CONFIG_PACKAGE_dnsmasq_full_ipset=y -CONFIG_PACKAGE_dnsmasq_full_noid=y -CONFIG_PACKAGE_dnsmasq_full_tftp=y CONFIG_PACKAGE_glib2=y -CONFIG_PACKAGE_gre=y CONFIG_PACKAGE_iptables-mod-conntrack-extra=y CONFIG_PACKAGE_iptables-mod-ipopt=y CONFIG_PACKAGE_kmod-crypto-hash=y @@ -47,6 +59,7 @@ CONFIG_PACKAGE_kmod-nfnetlink=y CONFIG_PACKAGE_kmod-sched-cake=y CONFIG_PACKAGE_kmod-sched-core=y CONFIG_PACKAGE_kmod-scsi-core=y +CONFIG_PACKAGE_kmod-tun=y CONFIG_PACKAGE_kmod-udptunnel4=y CONFIG_PACKAGE_kmod-udptunnel6=y CONFIG_PACKAGE_kmod-usb-ehci=y @@ -66,30 +79,42 @@ CONFIG_PACKAGE_kmod-usb-uhci=m CONFIG_PACKAGE_kmod-usb-wdm=y CONFIG_PACKAGE_kmod-usb2=y CONFIG_PACKAGE_kmod-wireguard=y +CONFIG_PACKAGE_knot-dig=y +CONFIG_PACKAGE_knot-libs=y +CONFIG_PACKAGE_libatomic=y CONFIG_PACKAGE_libattr=y CONFIG_PACKAGE_libdbus=y +CONFIG_PACKAGE_libedit=y CONFIG_PACKAGE_libexpat=y CONFIG_PACKAGE_libffi=y CONFIG_PACKAGE_libgmp=y +CONFIG_PACKAGE_libgnutls=y CONFIG_PACKAGE_libiwinfo-lua=y CONFIG_PACKAGE_liblua=y CONFIG_PACKAGE_liblucihttp=y CONFIG_PACKAGE_liblucihttp-lua=y +CONFIG_PACKAGE_libmbedtls=y CONFIG_PACKAGE_libmbim=y CONFIG_PACKAGE_libmnl=y +CONFIG_PACKAGE_libncurses=y CONFIG_PACKAGE_libnetfilter-conntrack=y CONFIG_PACKAGE_libnettle=y CONFIG_PACKAGE_libnfnetlink=y +CONFIG_PACKAGE_libopenssl=y +CONFIG_PACKAGE_libpcap=y CONFIG_PACKAGE_libqmi=y CONFIG_PACKAGE_libqrtr-glib=y +CONFIG_PACKAGE_librt=y CONFIG_PACKAGE_libubus-lua=y +CONFIG_PACKAGE_lmdb=y CONFIG_PACKAGE_lua=y CONFIG_PACKAGE_luci=y CONFIG_PACKAGE_luci-app-firewall=y +CONFIG_PACKAGE_luci-app-openvpn=y CONFIG_PACKAGE_luci-app-opkg=y CONFIG_PACKAGE_luci-app-sqm=y -CONFIG_PACKAGE_luci-app-wireguard=y CONFIG_PACKAGE_luci-base=y +CONFIG_PACKAGE_luci-compat=y CONFIG_PACKAGE_luci-lib-base=y CONFIG_PACKAGE_luci-lib-ip=y CONFIG_PACKAGE_luci-lib-jsonc=y @@ -101,10 +126,11 @@ CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-modemmanager=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-proto-wireguard=y CONFIG_PACKAGE_luci-theme-bootstrap=y CONFIG_PACKAGE_luci-theme-openwrt=y CONFIG_PACKAGE_modemmanager=y +CONFIG_PACKAGE_openvpn-mbedtls=y +CONFIG_PACKAGE_picocom=y CONFIG_PACKAGE_qmi-utils=y CONFIG_PACKAGE_resolveip=y CONFIG_PACKAGE_rpcd=y @@ -112,10 +138,13 @@ CONFIG_PACKAGE_rpcd-mod-file=y CONFIG_PACKAGE_rpcd-mod-iwinfo=y CONFIG_PACKAGE_rpcd-mod-luci=y CONFIG_PACKAGE_rpcd-mod-rrdns=y +CONFIG_PACKAGE_socat=y CONFIG_PACKAGE_sqm-scripts=y CONFIG_PACKAGE_tc-mod-iptables=y CONFIG_PACKAGE_tc-tiny=y +CONFIG_PACKAGE_tcpdump=y +CONFIG_PACKAGE_terminfo=y CONFIG_PACKAGE_uhttpd=y CONFIG_PACKAGE_uhttpd-mod-ubus=y -CONFIG_PACKAGE_wireguard-tools=y CONFIG_PACKAGE_zlib=y +CONFIG_SOCAT_SSL=y From 674f132ac7b65fa750f2619bf1534904dee7f060 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Wed, 24 Mar 2021 12:14:26 +0000 Subject: [PATCH 2/2] Work on router config --- config | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/config b/config index 1a42522..20540ee 100644 --- a/config +++ b/config @@ -24,13 +24,13 @@ CONFIG_OPENSSL_WITH_ERROR_MESSAGES=y CONFIG_OPENSSL_WITH_PSK=y CONFIG_OPENSSL_WITH_SRP=y CONFIG_OPENSSL_WITH_TLS13=y -CONFIG_OPENVPN_mbedtls_ENABLE_DEF_AUTH=y -CONFIG_OPENVPN_mbedtls_ENABLE_FRAGMENT=y -CONFIG_OPENVPN_mbedtls_ENABLE_LZ4=y -CONFIG_OPENVPN_mbedtls_ENABLE_MULTIHOME=y -CONFIG_OPENVPN_mbedtls_ENABLE_PF=y -CONFIG_OPENVPN_mbedtls_ENABLE_PORT_SHARE=y -CONFIG_OPENVPN_mbedtls_ENABLE_SMALL=y +CONFIG_OPENVPN_openssl_ENABLE_DEF_AUTH=y +CONFIG_OPENVPN_openssl_ENABLE_FRAGMENT=y +CONFIG_OPENVPN_openssl_ENABLE_LZ4=y +CONFIG_OPENVPN_openssl_ENABLE_MULTIHOME=y +CONFIG_OPENVPN_openssl_ENABLE_PF=y +CONFIG_OPENVPN_openssl_ENABLE_PORT_SHARE=y +CONFIG_OPENVPN_openssl_ENABLE_SMALL=y CONFIG_PACKAGE_cgi-io=y CONFIG_PACKAGE_dbus=y CONFIG_PACKAGE_glib2=y @@ -43,16 +43,11 @@ CONFIG_PACKAGE_kmod-crypto-lib-chacha20=y CONFIG_PACKAGE_kmod-crypto-lib-chacha20poly1305=y CONFIG_PACKAGE_kmod-crypto-lib-curve25519=y CONFIG_PACKAGE_kmod-crypto-lib-poly1305=y -CONFIG_PACKAGE_kmod-gre=y -CONFIG_PACKAGE_kmod-gre6=y CONFIG_PACKAGE_kmod-ifb=y -CONFIG_PACKAGE_kmod-ip6-tunnel=y CONFIG_PACKAGE_kmod-ipt-conntrack-extra=y CONFIG_PACKAGE_kmod-ipt-ipopt=y CONFIG_PACKAGE_kmod-ipt-ipset=y CONFIG_PACKAGE_kmod-ipt-raw=y -CONFIG_PACKAGE_kmod-iptunnel=y -CONFIG_PACKAGE_kmod-iptunnel6=y CONFIG_PACKAGE_kmod-mii=y CONFIG_PACKAGE_kmod-nf-conntrack-netlink=y CONFIG_PACKAGE_kmod-nfnetlink=y @@ -93,7 +88,6 @@ CONFIG_PACKAGE_libiwinfo-lua=y CONFIG_PACKAGE_liblua=y CONFIG_PACKAGE_liblucihttp=y CONFIG_PACKAGE_liblucihttp-lua=y -CONFIG_PACKAGE_libmbedtls=y CONFIG_PACKAGE_libmbim=y CONFIG_PACKAGE_libmnl=y CONFIG_PACKAGE_libncurses=y @@ -129,7 +123,7 @@ CONFIG_PACKAGE_luci-proto-ppp=y CONFIG_PACKAGE_luci-theme-bootstrap=y CONFIG_PACKAGE_luci-theme-openwrt=y CONFIG_PACKAGE_modemmanager=y -CONFIG_PACKAGE_openvpn-mbedtls=y +CONFIG_PACKAGE_openvpn-openssl=y CONFIG_PACKAGE_picocom=y CONFIG_PACKAGE_qmi-utils=y CONFIG_PACKAGE_resolveip=y