New option added to ecm config: `disable_gro_list`
This config option defaults to '1' (AKA disable rx-gro-list)
`rx-gro-list` is enabled by default in mainline OpenWrt, however it
is very bug prone, and causes various issues related to
UDP traffic (i.e DHCP, WireGuard, DNS, etc.)
This option is not explicitly required. If a user sets this to '0', a
warning will be shown in the logs everytime ECM is started.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
NSS_IPV4_RULE_CREATE_RAWIP_VALID is only found in NSS FW 12.5 and
higher. Check if enabled before and macros for it.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
iptables based bridge filtering is incompatible with nftables (fw4), and
causes just causes NAT loopback issues.
This is only required for systems using legacy iptables (fw3) as the
primary firewalling. nftables doesn't need explicit enablement of bridge filtering.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Update to comply with APK's `pkgver` format.
Rather than stick with the same convention as upstream `qca-ssdk` and
`qca-nss-dp` which uses:
```
$(PKG_NAME)-$(PKG_SOURCE_DATE)~$(PKG_SOURCE_VERSION)
```
i.e. `qca-ssdk-2024.06.13~c451136b.tar.zst`
Add in the QSDK version as part of the release since we
have options to build for both 11.4 and 12.5. This makes it easier to
debug build related issues, by knowing exactly which QSDK version is
being built against.
Example:
```
qca-nss-drv-11.4.0.5.2021.06.24~dc14ca2.tar.zst
qca-nss-drv-12.5.2024.04.06~53a0dc1.tar.zst
qca-nss-clients-11.4.0.5.2021.08.17~153998d.tar.zst
qca-nss-clients-12.5.2024.03.05~9a53b18.tar.zst
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
note: qca-nss-crypto, and qca-nss-cfi are non-code change releases, but
align with naming scheme upstream anyways.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
The way ECM uci config is handled is pretty ugly due to it not specifying a
named section for 'general'.
Current:
```
➤ uci show ecm
ecm.global=ecm
ecm.global.acceleration_engine='nss'
ecm.@general[0]=general
ecm.@general[0].enable_bridge_filtering='0'
ecm.@general[0].disable_offloads='0'
ecm.@general[0].disable_flow_control='0'
ecm.@general[0].disable_interrupt_moderation='0'
ecm.@general[0].disable_gro='0'
```
None of the options require the use of unnamed sections
(like /etc/config/dhcp does when defining configs for multiple hosts)
With this change the config would produce:
```
ecm.global=ecm
ecm.global.acceleration_engine='nss'
ecm.general=ecm
ecm.general.enable_bridge_filtering='0'
ecm.general.disable_offloads='0'
ecm.general.disable_flow_control='0'
ecm.general.disable_interrupt_moderation='0'
ecm.general.disable_gro='0'
```
Which is a lot easier to read, and access programmatically.
We can also merge `global` and `general` into a single section as it
doesn't really make sense why we need global/general when it's
technically "ALL" globally applied.
For now, to ease users on the change, let's just stick to 2 sections.
**PLEASE NOTE: For users building their own images, and storing their**
**configs in 'files/etc/config/ecm' you will need to manually update the**
**config before compiling.**
For users using **sysupgrade** or installing without custom config at build
time 'files/etc/config/ecm' should be OK.
The following can be run manually on the config file 'ecm'
```sh
conf=/etc/config/ecm
uci -q show ecm.general || {
echo "Converting 'ECM' config to new format."
sed -i "s/config.*general.*/config ecm 'general'/g" "$conf"
}
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
To keep fork as closely synced with upstream, move NSS packages back
into repository. Not sure why they were moved out from my original fork.
* nss-firmware
* qca-nss-crypto
* qca-nss-cfi
Removed the following:
* mhz (already available in packages repo)
* qrtr (unecessary, and has been broken for years)
Also moved packages out of `qca` and back into root directory.
