<dansan>
Habbie, hurricos Sorry for the slow response, but thanks for the help! I'm not sure about using Perl in this context. I only have miniperl on builds with 16MiB flash and I'm trying to stick to the LuCI schema.
<dansan>
I started doing web programming in 1996 so I know a million antiquated ways to do this
danitool has quit [Ping timeout: 480 seconds]
goliath has quit []
rua has quit [Quit: Leaving.]
valku has quit [Quit: valku]
mattytap has quit [Quit: Leaving]
mattytap has joined #openwrt-devel
goliath has joined #openwrt-devel
Tapper has joined #openwrt-devel
lemmi has quit [Remote host closed the connection]
<jow>
iptables-translate is no viable choice, its just crappy python code
<jow>
reimplementing all logic, it can fail for unknown/exotic extensions, and also requires python
<jow>
at the very minimum we should siwtch to iptables with nft backend
<jow>
like any other distro
<jow>
and I agree with stintel, postponing fw4 now will mean the same discussion reoccurs with the next release
<jow>
I find it funny the people feverishly adopt bleeding edge kernel releases, dropping interest on the current one like a hot potato as soon as it landed in the tree, yet when it comes to actually modernize subsystems we're suddenly becoming conservative
<jow>
or let us take ujail as another example
<jow>
it still procudes bugs, it is enabled by default, many packages are not adopted to it or produce issues with non-default configs
<jow>
yet nobody is lobbying for turning it off for this release because it is too ambitious
rua has quit [Quit: Leaving.]
rua has joined #openwrt-devel
rmilecki has joined #openwrt-devel
<zorun>
maybe we should simply introduce merge windows
<zorun>
once major release X is out, allow any big changes during N months, and then "freeze"/stabilise for M months before releasing X+1
<zorun>
jow: you're being unfair, the "bleeding edge kernel" people are the same people pushing fw4, right?
<stintel>
no
<zorun>
I didn't follow closely, sorry
<stintel>
I am blocking 5.15 until we branch
<jow>
zorun: yes merge windows are a solution
<zorun>
to me it's a timing issue, allowing big changes now (kernel or core software) is a sure way of delaying the next release
<stintel>
but for that we need a dedicated person handling that
<jow>
so far it's not even planned, so not sure how it could be delayed
<jow>
unless it was agreed to happen in jan? then please disregard my remark
<zorun>
I guess that will be a topic for the next dev meeting
<stintel>
in one of the meetings I think we decided to "aim" for branching somewhere around new years
<stintel>
meeting notes also mention wait with 5.15 until branching, unless this doesn't happen this year (2021)
<stintel>
but if there's one thing that will delay a release is adding a new kernel, much more than pushing just firewall4
<stintel>
because everybody is so eager to jump on 5.15 and nobody will care about 22.01 anymore
robimarko has joined #openwrt-devel
<robimarko>
My opinion is to just switch to fw4
<stintel>
which is the main reason I am actively talking about blocking 5.15 until we branch, and why I picked up firewall4 and started working on it
<robimarko>
Because usually you gotta break stuff in order to get people to update/fix properly
<robimarko>
Otherwise if you offer some kind of compat layer they will just keep using it for years until its finally dropped
<robimarko>
People are eager for 5.15 as it makes new HW possible much easier, not to mention stuff like DSA which is currently a mess of backports
<jow>
robimarko: people are always eager for current kernel + X, as soon as 5.15 lands, people will discover things that are better with 5.20
<robimarko>
And thats natural
<robimarko>
Cause, currently adding new stuff is just painfull
<stintel>
that is not relevant for the next release anyway, as we've decided it will use 5.10
<robimarko>
Yeah, and thats fine for me
<jow>
sorry, I need to run
<robimarko>
But that means that it needs to happen relatively fast
<jow>
we should likely just give up maintaining releases and simply snapshot master every N months
<jow>
I honestly don't see how it could work otherwise. active contributors are disappointed by old components, users are disappointed by slow releases
<jow>
stability of releases sucks anyway<
<robimarko>
At least shorten the support time for each release
<jow>
so might as well just jump from snpashot to snapshot every N months
<stintel>
we can't do that if we don't release often
<robimarko>
Cause currently 1 release per year is not enough
<stintel>
but also in one of the recent meetings we again had to conclude we do not have the manpower to do proper multiple releases per year
<robimarko>
In the current form with multi-year support for sure not
<jow>
every single openwrt upgrade introduces other regressions in my setup
<jow>
it would be a nightmare having to do that multiple times a year
<stintel>
yeah that too. I never understood why people are actively promoting sysupgrade -n when going to a next release
<stintel>
that's just utterly wrong
srslypascal has quit [Remote host closed the connection]
srslypascal has joined #openwrt-devel
<robimarko>
Well thats mostly because of the better start fresh idea
<robimarko>
At least that is how I see it
<stintel>
if I cannot sysupgrade with keeping settings from release A to B, then I'm going to find another OS to run on my network devices
<PaulFertser>
The official notes do not promote -n
<stintel>
that may be, but many people do
rua has quit [Ping timeout: 480 seconds]
<robimarko>
Not much you can do about that
rua has joined #openwrt-devel
victhor has joined #openwrt-devel
<stintel>
better start fresh is really counterproductive if you have configs worth days of configuring and fine-tuning
<robimarko>
Trust me, I agree with you
<PaulFertser>
On IRC many people ask about keeping configs, and it feels like they're the majority.
<PaulFertser>
Surprisingly many users are not aware of how sysupgrade really works (and what it can do for them), and way too many are unaware of generic failsafe. Probably the next release notes can highlight that.
<PaulFertser>
Also, promoting "auc" might be a solution to educating users about proper upgrades.
dangole has quit [Remote host closed the connection]
<hurricos>
dansan: I was only commenting on the name :P
<Tapper>
stintel: Do a OpenWrt 21.03 then ask all devs to work on getting openwrt 22.xx with k5.10 out for mid 2022
<Tapper>
From what I know about the 21.xx branch now you could kick off a new build of it rite now.
<stintel>
uhm, right. what if there's not staging_dir/host/bin/python3?
dangole has joined #openwrt-devel
valku has joined #openwrt-devel
lmore377 has quit [Quit: No Ping reply in 180 seconds.]
lmore377 has joined #openwrt-devel
valku has quit [Quit: valku]
robimarko has quit [Quit: Page closed]
clayface has quit [Read error: Connection reset by peer]
clayface has joined #openwrt-devel
minimal has joined #openwrt-devel
clayface has quit [Read error: Connection reset by peer]
clayface has joined #openwrt-devel
clayface has quit [Read error: Connection reset by peer]
pmelange has joined #openwrt-devel
pmelange has left #openwrt-devel [#openwrt-devel]
clayface has joined #openwrt-devel
mattytap_ has joined #openwrt-devel
mattytap has quit [Ping timeout: 480 seconds]
yolo has joined #openwrt-devel
<yolo>
https://github.com/ARMmbed/mbedtls/pull/5362 mbedtls will have tls1.3 soon, wolfssl is GPL or $5000/product(if commercial), how hard to swap in mbedtls for wolfssl now?(have not tried).
<aparcar>
yolo: you want to replace Wolfssl with mbed?
<yolo>
maybe, for license reasons even though I do not make commercial products, just to see if it's still feasible without lots of porting/testing
<aparcar>
yolo: from my understanding we need Wolfssl for wpa3 support, if you can make this work on mbed, lets go
<yolo>
got it. once mbedtls 1.3 is out i can give it a shot. thanks
<yolo>
i mean mbedtls with tls1.3
Tapper has quit [Ping timeout: 480 seconds]
<aparcar>
yolo: so wpa3 really just needs tls1.3 to work? that sounds easy enough
* Slimey
waves
<yolo>
aparcar: i'm not 100% sure, but it seems this is where wolfssl 'won' over mbedtls in that mbedtls lacks tls1.3
mattytap_ has quit [Read error: Connection reset by peer]
<aparcar>
yolo: well keep me posted in case you figure out how to add wpa3
nlowe has joined #openwrt-devel
<blocktrron1>
aparcar: hostapd lacks integration of mbedtls, so it is considerable work to make this happen
<aparcar>
blocktrron1: snap
<nlowe>
I notice Windows 11 reports from show "netsh wlan show network mode=bssid" from Windows 11 that hash to element is not supported for SAE
<nlowe>
Suspect we need to set sae_pwe=2 in the hostapd.conf generated
Tapper has joined #openwrt-devel
<blocktrron1>
wolfssl integration broke already two times (that i noticed) and the wolfssl people didn't really care for it
<nlowe>
# 2 = both hunting-and-pecking loop and hash-to-element enabled - yup, it defaults to 0
<blocktrron1>
Apart from that, you are subject to GPL anyways in case you use it with linux / OpenWrt
srslypascal is now known as Guest40
srslypascal has joined #openwrt-devel
goliath has joined #openwrt-devel
nlowe has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<aparcar>
hauke: thanks for the response
nlowe has joined #openwrt-devel
Guest40 has quit [Ping timeout: 480 seconds]
nlowe has quit []
Borromini has joined #openwrt-devel
dedeckeh has quit [Remote host closed the connection]
<stintel>
jow or me will try looking into that next week
shibboleth has joined #openwrt-devel
<jow>
I wanted to look into whether alternatives could solve that
<jow>
dangole's suggested fix would make sense too though. But I believe it won't solve menuconfig precedence
<stintel>
would apk solve this ? :P
<jow>
(neither does alternatives, this is something I wanted to look into in general)
<stintel>
because if it does, that's an argument to put apk on the table again, no?
<jow>
I don't think so
<jow>
we need something to control what ends up being selected by default in menuconfig if a user enables a package that depends on something which is provided by multiple things
<jow>
so it needs to happen somewhere in scripts/metadata.*
<jow>
apk/opkg only deals with runtime install and/or imagebuilder
<dwfreed>
apk the alpine package manager has used .apk for years and there's been no loud complaints
<dwfreed>
Gentoo uses .tbz2 for binpkgs, even though they're not really just bzip2-compressed tarballs
<jow>
first android release september 2008, first apk-tools commit april 2008
<jow>
and that commit soon became 2.0-pre and added source files with a copyright of 2007
<dwfreed>
yeah, but alpine wasn't really a well-known and viable distro until relatively recently compared to android :P
<jow>
so I'd say Google squatted the acronym :P
svlobanov has quit [Remote host closed the connection]
pmelange1 has quit [Ping timeout: 480 seconds]
<jow>
ah, apk-tools before it was rewritten in C is even older, first commit june 2005
<jow>
alright, enough with the trivia
nlowe has joined #openwrt-devel
nlowe has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
nlowe has joined #openwrt-devel
svlobanov has joined #openwrt-devel
svlobanov has quit [Ping timeout: 480 seconds]
svlobanov has joined #openwrt-devel
<karlp>
deja vu :)
svlobanov has quit [Ping timeout: 480 seconds]
hallowfell has joined #openwrt-devel
hallowfell has quit [Quit: leaving]
<rsalvaterra>
jow: It's understandable people are so eager to try new kernel releases (myself included). Pretty much everything network-related runs inside the kernel. The user space is just there for configuring it.
mattytap has joined #openwrt-devel
GNUmoon has quit [Ping timeout: 480 seconds]
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
Tapper has quit [Ping timeout: 480 seconds]
nlowe has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Tapper has joined #openwrt-devel
minimal has quit []
dedeckeh has quit [Remote host closed the connection]
GNUmoon has joined #openwrt-devel
<shibboleth>
dwfreed, true, but it'll play havoc with re to search terms for future troubleshooting
Borromini has quit [Quit: leaving]
floof58_ has joined #openwrt-devel
floof58 has quit [Read error: Connection reset by peer]
floof58_ has quit [Read error: No route to host]
floof58 has joined #openwrt-devel
floof58_ has joined #openwrt-devel
floof58 has quit [Read error: No route to host]
Grommish has joined #openwrt-devel
kb1sph has quit [Ping timeout: 480 seconds]
kb1sph has joined #openwrt-devel
<neggles>
custom file extension time? .owpk :P
nlowe has joined #openwrt-devel
nlowe has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]