package/gluon-core/luasrc/lib/gluon/upgrade/190-preserve-wireless-channels

+#!/usr/bin/lua
+
+local wireless = require 'gluon.wireless'
+local uci = require('simple-uci').cursor()
+
+local preserve_channels = wireless.preserve_channels(uci)
+
+uci:section('gluon', 'wireless', 'wireless', {
+	preserve_channels = preserve_channels or false,
+})
+uci:save('gluon')

package/gluon-core/luasrc/lib/gluon/upgrade/200-wireless

 #!/usr/bin/lua
 
 local util = require 'gluon.util'
+local wireless = require 'gluon.wireless'
 local site = require 'gluon.site'
 local sysconfig = require 'gluon.sysconfig'
 local iwinfo = require 'iwinfo'
@@ -10,87 +11,102 @@ local uci = require('simple-uci').cursor()
 -- Initial
 if not sysconfig.gluon_version then
 	uci:delete_all('wireless', 'wifi-iface')
+
+	-- First count all radios with a fixed frequency band.
+	-- This is needed to distribute devices which have radios
+	-- capable of operating in the 2.4 GHz and 5 GHz band need
+	-- to be distributed evenly.
+	local radio_band_count = {band24=0, band5=0}
+	wireless.foreach_radio(uci, function(radio)
+		local hwmodes = iwinfo.nl80211.hwmodelist(wireless.find_phy(radio))
+		if hwmodes.g and not (hwmodes.a or hwmodes.ac) then
+			-- 2.4 GHz
+			radio_band_count["band24"] = radio_band_count["band24"] + 1
+		elseif (hwmodes.a or hwmodes.ac) and not hwmodes.g then
+			-- 5 GHz
+			radio_band_count["band5"] = radio_band_count["band5"] + 1
+		end
+	end)
+
+	-- Use the number of all fixed 2.4G GHz and 5 GHz radios to
+	-- distribute dualband radios in this step.
+	wireless.foreach_radio(uci, function(radio)
+		local radio_name = radio['.name']
+		local hwmodes = iwinfo.nl80211.hwmodelist(wireless.find_phy(radio))
+		if (hwmodes.a or hwmodes.ac) and hwmodes.g then
+			-- Dualband radio
+			if radio_band_count["band24"] <= radio_band_count["band5"] then
+				-- Assign radio to 2.4GHz band
+				radio_band_count["band24"] = radio_band_count["band24"] + 1
+				uci:set('wireless', radio_name, 'band', '2g')
+			else
+				-- Assign radio to 5GHz band
+				radio_band_count["band5"] = radio_band_count["band5"] + 1
+				uci:set('wireless', radio_name, 'band', '5g')
+			end
+		end
+	end)
+end
+
+local function is_outdoor()
+	return uci:get_bool('gluon', 'wireless', 'outdoor')
 end
 
 local function get_channel(radio, config)
-	local channel
-	if uci:get_first('gluon-core', 'wireless', 'preserve_channels') then
-		channel = radio.channel
+	if radio.band == '5g' and is_outdoor() then
+		-- actual channel will be picked and probed from chanlist
+		return 'auto'
 	end
 
-	return channel or config.channel()
+	return config.channel()
 end
 
 local function get_htmode(radio)
-       local phy = util.find_phy(radio)
+	if wireless.preserve_channels(uci) then
+		return radio.htmode
+	end
+
+	if radio.band == '5g' and is_outdoor() then
+		local outdoor_htmode = uci:get('gluon', 'wireless', 'outdoor_' .. radio['.name'] .. '_htmode')
+		if outdoor_htmode ~= nil then
+			return outdoor_htmode
+		end
+	end
+
+	local phy = wireless.find_phy(radio)
+	if iwinfo.nl80211.hwmodelist(phy).ax then
+		return 'HE20'
+	end
+
 	if iwinfo.nl80211.hwmodelist(phy).ac then
 		return 'VHT20'
-       else
-               return 'HT20'
 	end
+
+	return 'HT20'
 end
 
 local function is_disabled(name)
-	if uci:get('wireless', name) then
-		return uci:get_bool('wireless', name, 'disabled')
-	else
-		return false
+	if not uci:get('wireless', name) then
+		return nil
 	end
+
+	return uci:get_bool('wireless', name, 'disabled')
 end
 
 -- Returns the first argument that is not nil; don't call without any non-nil arguments!
 local function first_non_nil(first, ...)
 	if first ~= nil then
 		return first
-	else
-		return first_non_nil(...)
 	end
+
+	return first_non_nil(...)
 end
 
 
-local function configure_ibss(config, radio, index, suffix, disabled)
-	local radio_name = radio['.name']
+local function delete_ibss(radio_name)
 	local name = 'ibss_' .. radio_name
 
-	uci:delete('network', name)
-	uci:delete('network', name .. '_vlan')
 	uci:delete('wireless', name)
-
-	if not config then
-		return
-	end
-
-	local macaddr = util.get_wlan_mac(uci, radio, index, 3)
-	if not macaddr then
-		return
-	end
-
-	if config.vlan then
-		uci:section('network', 'interface', name, {
-			proto = 'none',
-		})
-
-		uci:section('network', 'interface', name .. '_vlan', {
-			ifname = '@' .. name .. '.' .. config.vlan,
-			proto = 'gluon_mesh',
-		})
-	else
-		uci:section('network', 'interface', name, {
-			proto = 'gluon_mesh',
-		})
-	end
-
-	uci:section('wireless', 'wifi-iface', name, {
-		device = radio_name,
-		network = name,
-		mode = 'adhoc',
-		ssid = config.ssid,
-		bssid = config.bssid,
-		macaddr = macaddr,
-		mcast_rate = config.mcast_rate,
-		ifname = suffix and 'ibss' .. suffix,
-		disabled = disabled,
-	})
 end
 
 local function configure_mesh(config, radio, index, suffix, disabled)
@@ -100,15 +116,13 @@ local function configure_mesh(config, radio, index, suffix, disabled)
 	local macfilter = uci:get('wireless', name, 'macfilter')
 	local maclist = uci:get('wireless', name, 'maclist')
 
-	uci:delete('network', name)
-	uci:delete('network', name .. '_vlan')
 	uci:delete('wireless', name)
 
 	if not config then
 		return
 	end
 
-	local macaddr = util.get_wlan_mac(uci, radio, index, 2)
+	local macaddr = wireless.get_wlan_mac(uci, radio, index, 2)
 	if not macaddr then
 		return
 	end
@@ -124,6 +138,7 @@ local function configure_mesh(config, radio, index, suffix, disabled)
 		mesh_id = config.id,
 		mesh_fwding = false,
 		macaddr = macaddr,
+		basic_rate = { config.mcast_rate },
 		mcast_rate = config.mcast_rate,
 		ifname = suffix and 'mesh' .. suffix,
 		disabled = disabled,
@@ -140,7 +155,7 @@ local function fixup_wan(radio, index)
 		return
 	end
 
-	local macaddr = util.get_wlan_mac(uci, radio, index, 4)
+	local macaddr = wireless.get_wlan_mac(uci, radio, index, 4)
 	if not macaddr then
 		return
 	end
@@ -148,9 +163,38 @@ local function fixup_wan(radio, index)
 	uci:set('wireless', name, 'macaddr', macaddr)
 end
 
-util.foreach_radio(uci, function(radio, index, config)
+local function configure_mesh_wireless(radio, index, config, disabled)
+	local radio_name = radio['.name']
+	local suffix = radio_name:match('^radio(%d+)$')
+
+	configure_mesh(config.mesh(), radio, index, suffix,
+		first_non_nil(
+			disabled,
+			is_disabled('mesh_' .. radio_name),
+			config.mesh.disabled(false)
+		)
+	)
+end
+
+local function set_channels(radio, radio_name, config)
+	if wireless.preserve_channels(uci) then
+		return
+	end
+	local channel = get_channel(radio, config)
+	uci:set('wireless', radio_name, 'channel', channel)
+
+	local chanlist
+	if radio.band == '5g' and is_outdoor() then
+		chanlist = config.outdoor_chanlist()
+	end
+	uci:set('wireless', radio_name, 'channels', chanlist)
+end
+
+wireless.foreach_radio(uci, function(radio, index, config)
 	local radio_name = radio['.name']
 
+	delete_ibss(radio_name)
+
 	if not config() then
 		uci:set('wireless', radio_name, 'disabled', true)
 		return
@@ -161,48 +205,52 @@ util.foreach_radio(uci, function(radio, index, config)
 		return
 	end
 
-	local channel = get_channel(radio, config)
 	local htmode = get_htmode(radio)
+	local beacon_interval = config.beacon_interval()
 
 	uci:delete('wireless', radio_name, 'disabled')
 
-	uci:set('wireless', radio_name, 'channel', channel)
+	set_channels(radio, radio_name, config)
+
 	uci:set('wireless', radio_name, 'htmode', htmode)
 	uci:set('wireless', radio_name, 'country', site.regdom())
 
-	uci:set_list('wireless', radio_name, 'supported_rates', config.supported_rates())
-	uci:set_list('wireless', radio_name, 'basic_rate', config.basic_rate())
-
-
-	local ibss_disabled = is_disabled('ibss_' .. radio_name)
-	local mesh_disabled = is_disabled('mesh_' .. radio_name)
+	uci:delete('wireless', radio_name, 'supported_rates')
+	uci:delete('wireless', radio_name, 'basic_rate')
+
+	local band = radio.band
+	if band == '2g' then
+		uci:set('wireless', radio_name, 'legacy_rates', false)
+		configure_mesh_wireless(radio, index, config)
+	elseif (band == '5g') then
+		-- ToDo: Remove in v2024.x
+		local hostapd_options = uci:get_list('wireless', radio_name, 'hostapd_options')
+		util.remove_from_set(hostapd_options, 'country3=0x4f')
+		uci:set_list('wireless', radio_name, 'hostapd_options', hostapd_options)
+
+		if is_outdoor() then
+			-- enforce outdoor channels by filtering the regdom for outdoor channels
+			uci:set('wireless', radio_name, 'country3', '0x4f')
+			configure_mesh_wireless(radio, index, config, true)
+		else
+			uci:delete('wireless', radio_name, 'country3')
+			configure_mesh_wireless(radio, index, config)
+		end
+	end
 
-	configure_ibss(config.ibss(), radio, index, suffix,
-		first_non_nil(
-			ibss_disabled,
-			mesh_disabled,
-			config.ibss.disabled(false)
-		)
-	)
-	configure_mesh(config.mesh(), radio, index, suffix,
-		first_non_nil(
-			mesh_disabled,
-			ibss_disabled,
-			config.mesh.disabled(false)
-		)
-	)
+	uci:set('wireless', radio_name, 'beacon_int', beacon_interval)
 
 	fixup_wan(radio, index)
 end)
 
 
 if uci:get('system', 'rssid_wlan0') then
-	if uci:get('wireless', 'mesh_radio0') then
 	uci:set('system', 'rssid_wlan0', 'dev', 'mesh0')
-	else
-		uci:set('system', 'rssid_wlan0', 'dev', 'ibss0')
+	uci:save('system')
 end
 
+if uci:get('system', 'rssid_wlan1') then
+	uci:set('system', 'rssid_wlan1', 'dev', 'mesh1')
 	uci:save('system')
 end
 

package/gluon-core/luasrc/lib/gluon/upgrade/205-dsa-conduit

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+local platform = require 'gluon.platform'
+
+-- This is a workaround to result in a configuration where all ports
+-- on the DSA switch are connected to the same CPU interface.
+--
+-- See Gluon issue #3479 for details.
+-- https://github.com/freifunk-gluon/gluon/issues/3479
+
+if not platform.match('ipq806x', 'generic', {
+	'netgear,r7800',
+	'tplink,c2600',
+}) then
+	return
+end
+
+
+local ports = {
+	'lan1',
+	'lan2',
+	'lan3',
+	'lan4',
+	'wan',
+}
+local cpu_conduit = 'eth0'
+
+for _, port in ipairs(ports) do
+	local section_name = 'port_' .. port
+
+	uci:section('network', 'device', section_name, {
+		name = port,
+		conduit = cpu_conduit,
+	})
+end
+
+uci:save('network')

package/gluon-core/luasrc/lib/gluon/upgrade/210-interface-mesh

+#!/usr/bin/lua
+
+local site = require 'gluon.site'
+local uci = require('simple-uci').cursor()
+local util = require 'gluon.util'
+
+local mesh_interfaces = util.get_role_interfaces(uci, 'mesh')
+local uplink_interfaces = util.get_role_interfaces(uci, 'uplink')
+
+local mesh_interfaces_uplink = {}
+local mesh_interfaces_other = {}
+for _, iface in ipairs(mesh_interfaces) do
+	if util.contains(uplink_interfaces, iface) then
+		table.insert(mesh_interfaces_uplink, iface)
+	else
+		table.insert(mesh_interfaces_other, iface)
+	end
+end
+
+if #mesh_interfaces_uplink > 0 then
+	uci:section('network', 'interface', 'mesh_uplink', {
+		ifname = 'br-wan',
+		proto = 'gluon_wired',
+		index = 0,
+		vxlan = site.mesh.vxlan(true),
+	})
+end
+
+if #mesh_interfaces_other > 0 then
+	local iftype, ifname
+	if #mesh_interfaces_other == 1 then
+		ifname = mesh_interfaces_other[1]
+	else
+		iftype = 'bridge'
+		ifname = mesh_interfaces_other
+
+		for _, iface in ipairs(ifname) do
+			uci:section('network', 'device', nil, {
+				name = iface,
+				isolate = true,
+			})
+		end
+
+	end
+
+	uci:section('network', 'interface', 'mesh_other', {
+		ifname = ifname,
+		type = iftype,
+		igmp_snooping = false,
+		proto = 'gluon_wired',
+		index = 4,
+		vxlan = site.mesh.vxlan(true),
+	})
+end
+
+uci:save('network')

package/gluon-core/luasrc/lib/gluon/upgrade/210-interface-wan

-#!/usr/bin/lua
-
-local site = require 'gluon.site'
-local uci = require('simple-uci').cursor()
-
-local old_proto = uci:get('network', 'mesh_wan', 'proto')
-
-uci:section('network', 'interface', 'mesh_wan', {
-	ifname = 'br-wan',
-	proto  = 'gluon_wired',
-	index  = 0,
-})
-
-local enable = site.mesh_on_wan(false)
-local old_auto = uci:get('network', 'mesh_wan', 'auto')
-local old_disabled = uci:get('network', 'mesh_wan', 'disabled')
-if old_auto ~= nil or old_disabled ~= nil then
-	enable = old_auto ~= '0' and old_disabled ~= '1'
-end
-uci:set('network', 'mesh_wan', 'disabled', not enable)
-
-if uci:get('network', 'mesh_wan', 'transitive') == nil then
-	uci:set('network', 'mesh_wan', 'transitive', true)
-end
-
-uci:delete('network', 'mesh_wan', 'auto')
-uci:delete('network', 'mesh_wan', 'fixed_mtu')
-uci:delete('network', 'mesh_wan', 'legacy')
-
-uci:save('network')

package/gluon-core/luasrc/lib/gluon/upgrade/220-interface-lan

-#!/usr/bin/lua
-
-local site = require 'gluon.site'
-local util = require 'gluon.util'
-local sysconfig = require 'gluon.sysconfig'
-
-local uci = require('simple-uci').cursor()
-
-if not sysconfig.lan_ifname then
-	os.exit(0)
-end
-
-local old_proto = uci:get('network', 'mesh_lan', 'proto')
-
-uci:section('network', 'interface', 'mesh_lan', {
-	ifname        = sysconfig.lan_ifname,
-	igmp_snooping = false,
-	proto         = 'gluon_wired',
-	index         = 4,
-})
-
-if sysconfig.lan_ifname:match(' ') then
-	uci:set('network', 'mesh_lan', 'type', 'bridge')
-else
-	uci:delete('network', 'mesh_lan', 'type')
-end
-
-local enable = site.mesh_on_lan(false)
-local old_auto = uci:get('network', 'mesh_lan', 'auto')
-local old_disabled = uci:get('network', 'mesh_lan', 'disabled')
-if old_auto ~= nil or old_disabled ~= nil then
-	enable = old_auto ~= '0' and old_disabled ~= '1'
-end
-
-if enable then
-	local interfaces = uci:get_list('network', 'client', 'ifname')
-
-	if interfaces then
-		for lanif in sysconfig.lan_ifname:gmatch('%S+') do
-			if util.contains(interfaces, lanif) then
-				enable = false
-				break
-			end
-		end
-	end
-end
-
-uci:set('network', 'mesh_lan', 'disabled', not enable)
-
-if uci:get('network', 'mesh_lan', 'transitive') == nil then
-	uci:set('network', 'mesh_lan', 'transitive', true)
-end
-
-uci:delete('network', 'mesh_lan', 'auto')
-uci:delete('network', 'mesh_lan', 'fixed_mtu')
-uci:delete('network', 'mesh_lan', 'legacy')
-
-uci:save('network')

package/gluon-core/luasrc/lib/gluon/upgrade/250-cellular

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+local platform = require 'gluon.platform'
+
+if not platform.is_cellular_device() then
+	return
+end
+
+local function set_or_delete(package, section, option, val)
+	if val ~= nil and string.len(val) ~= 0 then
+		uci:set(package, section, option, val)
+	else
+		uci:delete(package, section, option)
+	end
+end
+
+local function setup_ncm_qmi(devpath, control_type, delay)
+	local pdptype = uci:get('gluon', 'cellular', 'pdptype')
+
+	local pincode = uci:get('gluon', 'cellular', 'pin')
+	local username = uci:get('gluon', 'cellular', 'username')
+	local password = uci:get('gluon', 'cellular', 'password')
+	local auth = uci:get('gluon', 'cellular', 'auth')
+
+	uci:section('network', 'interface', 'cellular', {
+		proto = control_type,
+		device = devpath,
+		disabled = not uci:get_bool('gluon', 'cellular', 'enabled'),
+		pdptype = pdptype,
+		peerdns = false,
+		apn = uci:get('gluon', 'cellular', 'apn'),
+	})
+
+	if pdptype ~= 'IP' then
+		uci:set('network', 'cellular', 'ipv6', 'auto')
+	else
+		uci:delete('network', 'cellular', 'ipv6')
+	end
+
+	set_or_delete('network', 'cellular', 'pincode', pincode)
+	set_or_delete('network', 'cellular', 'username', username)
+	set_or_delete('network', 'cellular', 'password', password)
+	set_or_delete('network', 'cellular', 'auth', auth)
+	set_or_delete('network', 'cellular', 'delay', delay)
+end
+
+if platform.match('ath79', 'nand', {
+	'glinet,gl-e750',
+	'glinet,gl-xe300',
+}) then
+	setup_ncm_qmi('/dev/cdc-wdm0', 'qmi', 15)
+elseif platform.match('ath79', 'nand', {
+	'zte,mf281',
+}) then
+	setup_ncm_qmi('/dev/ttyACM0', 'ncm', 15)
+elseif platform.match('ipq40xx', 'generic', {
+	'glinet,gl-ap1300',
+	'zte,mf289f',
+}) then
+	setup_ncm_qmi('/dev/cdc-wdm0', 'qmi', 15)
+elseif platform.match('ramips', 'mt7621', {
+	'wavlink,ws-wn572hp3-4g',
+}) then
+	setup_ncm_qmi('/dev/ttyUSB2', 'ncm', 15)
+elseif platform.match('ramips', 'mt76x8', {
+	'tplink,tl-mr6400-v5',
+}) then
+	setup_ncm_qmi('/dev/cdc-wdm0', 'qmi', 15)
+end
+
+uci:save('network')

package/gluon-core/luasrc/lib/gluon/upgrade/140-firewall-rules → package/gluon-core/luasrc/lib/gluon/upgrade/300-firewall-rules

 #!/usr/bin/lua
 
 local uci = require('simple-uci').cursor()
+local platform = require 'gluon.platform'
 
 
 local defaults = uci:get_first('firewall', 'defaults')
@@ -16,9 +17,19 @@ local function reject_input_on_wan(zone)
 	return true
 end
 
+local function add_cellular_wan(zone)
+	if zone.name == 'wan' then
+		uci:set('firewall', zone['.name'], 'network', {'wan', 'wan6', 'cellular_4', 'cellular_6'})
+	end
+end
+
 uci:foreach('firewall', 'zone', reject_input_on_wan)
 
-for _, zone in ipairs({'mesh', 'local_client', 'wired_mesh'}) do
+if platform.is_cellular_device() then
+	uci:foreach('firewall', 'zone', add_cellular_wan)
+end
+
+for _, zone in ipairs({'mesh', 'loc_client', 'wired_mesh'}) do
 	-- Other packages assign interfaces to these zones
 	uci:section('firewall', 'zone', zone, {
 		name = zone,
@@ -52,13 +63,10 @@ for _, zone in ipairs({'mesh', 'local_client', 'wired_mesh'}) do
 		family = 'ipv6',
 		target = 'ACCEPT',
 	})
-
-	-- Can be removed soon: was never in a release
-	uci:delete('firewall', zone .. '_ICMPv6_out')
 end
 
-uci:section('firewall', 'rule', 'local_client_ICMPv4_in', {
-	src = 'local_client',
+uci:section('firewall', 'rule', 'loc_client_ICMPv4_in', {
+	src = 'loc_client',
 	proto = 'icmp',
 	icmp_type = {
 		'echo-request',
@@ -67,9 +75,8 @@ uci:section('firewall', 'rule', 'local_client_ICMPv4_in', {
 	target = 'ACCEPT',
 })
 
-
 -- allow inbound SSH from anywhere
-for _, zone in ipairs({ 'wan', 'local_client', 'mesh' }) do
+for _, zone in ipairs({ 'wan', 'loc_client', 'mesh' }) do
 	uci:section('firewall', 'rule', zone .. '_ssh', {
 		name =  zone .. '_ssh',
 		src = zone,
@@ -80,9 +87,18 @@ for _, zone in ipairs({ 'wan', 'local_client', 'mesh' }) do
 end
 
 
--- We can't put mesh_wan into this zone, as mesh_wan is the same
+local wired_mesh_ifaces = {}
+uci:foreach('network', 'interface',
+	function(iface)
+		-- Select all interfaces with proto gluon_wired except for
+		-- mesh_uplink into this zone, as mesh_uplink is the same
 		-- interface as wan, which has its own zone
-uci:set('firewall', 'wired_mesh', 'network', {'mesh_lan'})
+		if iface['proto'] == 'gluon_wired' and iface['.name'] ~= 'mesh_uplink' then
+			table.insert(wired_mesh_ifaces, iface['.name'])
+		end
+	end
+)
+uci:set('firewall', 'wired_mesh', 'network', wired_mesh_ifaces)
 
 -- VXLAN for wired meshing
 for _, zone in ipairs({'wired_mesh', 'wan'}) do

package/gluon-core/luasrc/lib/gluon/upgrade/500-opkg

 #!/usr/bin/lua
 
-local fs = require 'nixio.fs'
+local unistd = require 'posix.unistd'
 
-if not fs.access('/etc/opkg/distfeeds.conf') then
+if not unistd.access('/etc/opkg/distfeeds.conf') then
 	os.exit(0)
 end
 
@@ -14,18 +14,18 @@ local util = require 'gluon.util'
 local subst = {}
 
 
-local f = io.popen('. /etc/openwrt_release; echo "$DISTRIB_CODENAME"; echo "$DISTRIB_RELEASE"; echo "$DISTRIB_TARGET"; echo "$DISTRIB_ARCH"')
-subst['%%n'] = f:read()
-subst['%%v'] = f:read():gsub('-SNAPSHOT', '')
+local f = io.popen('. /etc/os-release; echo "$ID"; echo "$VERSION_ID"; echo "$OPENWRT_BOARD"; echo "$OPENWRT_ARCH"')
+subst['%%d'] = f:read()
+subst['%%v'] = f:read():gsub('-snapshot', '')
 subst['%%S'] = f:read()
 subst['%%A'] = f:read()
 f:close()
 
 subst['%%GS'] = site.site_code()
-subst['%%GV'] = util.trim(fs.readfile('/lib/gluon/gluon-version'))
-subst['%%GR'] = util.trim(fs.readfile('/lib/gluon/release'))
+subst['%%GV'] = util.trim(util.readfile('/lib/gluon/gluon-version'))
+subst['%%GR'] = util.trim(util.readfile('/lib/gluon/release'))
 
-local prefix = subst['%%n'] .. '_'
+local prefix = subst['%%d'] .. '_'
 
 
 local function replace_patterns(url)
@@ -37,7 +37,7 @@ local function replace_patterns(url)
 end
 
 
-local lede = site.opkg.lede()
+local openwrt = site.opkg.openwrt()
 local extra = site.opkg.extra({})
 
 
@@ -46,14 +46,14 @@ for line in io.lines('/etc/opkg/distfeeds.conf') do
 	table.insert(distfeeds, line)
 end
 
-local f = io.open('/etc/opkg/distfeeds.conf', 'w')
+f = io.open('/etc/opkg/distfeeds.conf', 'w')
 
 for _, line in ipairs(distfeeds) do
 	local name = line:match('^src/gz%s' .. prefix .. '(%S+)%s')
 	if name == 'core' then
 		f:write('# ' .. line .. '\n')
-	elseif name and lede then
-		f:write(string.format('src/gz %s %s/%s\n', prefix .. name, replace_patterns(lede), name))
+	elseif name and openwrt then
+		f:write(string.format('src/gz %s %s/%s\n', prefix .. name, replace_patterns(openwrt), name))
 	else
 		f:write(line .. '\n')
 	end
@@ -62,7 +62,7 @@ end
 f:close()
 
 if next(extra) then
-	local f = io.open('/etc/opkg/gluon.conf', 'w')
+	f = io.open('/etc/opkg/gluon.conf', 'w')
 
 	for k, v in pairs(extra) do
 		f:write(string.format('src/gz %s %s\n', k, replace_patterns(v)))

package/gluon-core/luasrc/lib/gluon/upgrade/800-migrate-batadv

-#!/usr/bin/lua
-
-local uci = require('simple-uci').cursor()
-
-local function migrate_iface(iface)
-	if iface.proto ~= 'batadv' or iface.mesh ~= 'bat0' then
-		return
-	end
-
-	local s = iface['.name']
-
-	uci:set('network', s, 'proto', 'gluon_mesh')
-	uci:set('network', s, 'fixed_mtu', true)
-
-	if iface.mesh_no_rebroadcast then
-		uci:set('network', s, 'transitive', iface.mesh_no_rebroadcast)
-	end
-
-	uci:delete('network', s, 'mesh')
-	uci:delete('network', s, 'mesh_no_rebroadcast')
-end
-
-uci:foreach('network', 'interface', migrate_iface)
-uci:save('network')

package/gluon-core/luasrc/lib/gluon/upgrade/820-dns-config

@@ -12,13 +12,13 @@ uci:set('dhcp', dnsmasq, 'localise_queries', true)
 uci:set('dhcp', dnsmasq, 'localservice', false)
 
 uci:set('dhcp', dnsmasq, 'server', dns.servers)
-uci:delete('dhcp', dnsmasq, 'cachesize')
+uci:set('dhcp', dnsmasq, 'cachesize', dns.cacheentries)
 
 uci:delete('firewall', 'client_dns')
 if dns.servers then
 	-- allow inbound traffic for dns from client zone
 	uci:section('firewall', 'rule', 'client_dns', {
-		src = 'local_client',
+		src = 'loc_client',
 		dest_port = '53',
 		proto = 'tcpudp',
 		target = 'ACCEPT',

package/gluon-core/luasrc/lib/gluon/upgrade/997-migrate-preserved

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+
+for _, config in ipairs({'system', 'network'}) do
+	uci:foreach(config .. '_gluon-old', nil, function(s)
+		if s.gluon_preserve ~= '1' then return end
+
+		-- Unnamed sections can't be preserved
+		if s['.anonymous'] then return end
+
+		-- We don't allow overwriting existing sections
+		if uci:get(config, s['.name']) then return end
+
+		uci:section(config, s['.type'], s['.name'], s)
+	end)
+
+	uci:save(config)
+end

package/gluon-core/luasrc/lib/gluon/upgrade/999-version

@@ -2,10 +2,9 @@
 
 local sysconfig = require 'gluon.sysconfig'
 
-local fs = require 'nixio.fs'
 local util = require 'gluon.util'
 
 
 -- Save the Gluon version in the sysconfig so we know which version we
 -- upgraded from after the next upgrade
-sysconfig.gluon_version = util.trim(fs.readfile('/lib/gluon/gluon-version'))
+sysconfig.gluon_version = util.trim(util.readfile('/lib/gluon/gluon-version'))

package/gluon-core/luasrc/usr/bin/gluon-info

+#!/usr/bin/lua
+
+local info = require 'gluon.info'
+
+local values = info.get_info_pretty()
+
+local padTo = 24
+
+for _, value in ipairs(values) do
+	local labelLen = string.len(value[1]) + 1
+
+	print(value[1] .. ':' .. string.rep(' ', padTo - labelLen), value[2])
+end

package/gluon-core/luasrc/usr/bin/gluon-switch-domain

+#!/usr/bin/lua
+
+local unistd = require 'posix.unistd'
+
+
+local function shift()
+	table.remove(arg, 1)
+end
+
+local reboot = true
+if arg[1] == '--no-reboot' then
+	reboot = false
+	shift()
+end
+
+local setup_mode = unistd.access('/var/gluon/setup-mode') == 0
+
+if #arg ~= 1 then
+	io.stderr:write('Usage: gluon-switch-domain [--no-reboot] <domain>\n')
+	os.exit(1)
+end
+local domain = arg[1]
+
+
+if not unistd.access('/lib/gluon/domains/') then
+	io.stderr:write('This Gluon firmware does not support multiple mesh domains.\n')
+	os.exit(1)
+end
+
+
+local function domain_exists(dom)
+	return unistd.access('/lib/gluon/domains/' .. dom .. '.json') == 0
+end
+
+if not domain_exists(domain) then
+	io.stderr:write(string.format("Error: invalid mesh domain '%s'\n", domain))
+	os.exit(1)
+end
+
+
+local uci = require('simple-uci').cursor()
+uci:set('gluon', 'core', 'switch_domain', domain)
+uci:set('gluon', 'core', 'reconfigure', true)
+uci:save('gluon')
+
+local cmd
+if setup_mode then
+	cmd = 'gluon-reconfigure'
+elseif reboot then
+	uci:commit('gluon')
+	cmd = 'reboot'
+else
+	cmd = 'gluon-reload'
+end
+
+unistd.execp(cmd, {[0] = cmd})

package/gluon-core/luasrc/usr/lib/lua/gluon/ethernet.lua

+local util = require 'gluon.util'
+local unistd = require 'posix.unistd'
+local dirent = require 'posix.dirent'
+local uci = require('simple-uci').cursor()
+
+local M = {}
+
+local function has_devtype(iface_dir, devtype)
+	return util.file_contains_line(iface_dir..'/uevent', 'DEVTYPE='..devtype)
+end
+
+local function is_physical(iface_dir)
+	return unistd.access(iface_dir .. '/device') == 0
+end
+
+local function is_swconfig()
+	local has = false
+
+	uci:foreach("network", "switch", function()
+		has = true
+	end)
+
+	uci:foreach("network", "switch_vlan", function()
+		has = true
+	end)
+
+	return has
+end
+
+local function interfaces_raw()
+	local eth_ifaces = {}
+	local ifaces_dir = '/sys/class/net/'
+
+	for iface in dirent.files(ifaces_dir) do
+		if iface ~= '.' and iface ~= '..' then
+			local iface_dir = ifaces_dir .. iface
+			if is_physical(iface_dir) and not has_devtype(iface_dir, 'wlan') then
+				table.insert(eth_ifaces, iface)
+			end
+		end
+	end
+
+	return eth_ifaces
+end
+
+-- In comparison to interfaces_raw, this skips non-DSA ports on DSA devices,
+-- as for ex. hap ac² has a special eth0 that shouldn't be touched
+function M.interfaces()
+	local intfs = interfaces_raw()
+
+	if M.get_switch_type() == 'dsa' then
+		local new_intfs = {}
+		for _, intf in ipairs(intfs) do
+			if has_devtype('/sys/class/net/' .. intf, 'dsa') then
+				table.insert(new_intfs, intf)
+			end
+		end
+
+		return new_intfs
+	end
+
+	return intfs
+end
+
+function M.is_vlan(intf)
+	return has_devtype('/sys/class/net/' .. intf, 'vlan')
+end
+
+function M.get_switch_type()
+	if is_swconfig() then
+		return 'swconfig'
+	end
+
+	for _, intf in ipairs(interfaces_raw()) do
+		if has_devtype('/sys/class/net/' .. intf, 'dsa') then
+			return 'dsa'
+		end
+	end
+
+	return 'none'
+end
+
+return M

package/gluon-core/luasrc/usr/lib/lua/gluon/info.lua

+local uci = require('simple-uci').cursor()
+local pretty_hostname = require 'pretty_hostname'
+
+local site = require 'gluon.site'
+local sysconfig = require 'gluon.sysconfig'
+local platform = require 'gluon.platform'
+local util = require 'gluon.util'
+local has_vpn, vpn = pcall(require, 'gluon.mesh-vpn')
+local ethernet = require 'gluon.ethernet'
+
+local pubkey
+if has_vpn and vpn.enabled() then
+	local _, active_vpn = vpn.get_active_provider()
+
+	if active_vpn ~= nil then
+		pubkey = active_vpn.public_key()
+	end
+end
+
+local M = {}
+
+function M.get_info()
+	local updater_enabled = uci:get_bool('autoupdater', 'settings', 'enabled')
+	return {
+		hostname = pretty_hostname.get(uci),
+		mac_address = sysconfig.primary_mac,
+		hardware_model = platform.get_model(),
+		gluon_version = util.trim(util.readfile('/lib/gluon/gluon-version')),
+		site_version = util.trim(util.readfile('/lib/gluon/site-version')),
+		firmware_release = util.trim(util.readfile('/lib/gluon/release')),
+		site = site.site_name(),
+		domain = uci:get('gluon', 'core', 'domain'),
+		public_vpn_key = pubkey,
+		switch_type = ethernet.get_switch_type(),
+		updater_branch = updater_enabled and uci:get('autoupdater', 'settings', 'branch'),
+	}
+end
+
+function M.get_info_pretty(i18n)
+	local _
+	if i18n then
+		local pkg_i18n = i18n 'gluon-core'
+		_ = function(s)
+			return pkg_i18n.translate(s)
+		end
+	else
+		_ = function(s)
+			return s
+		end
+	end
+
+	local data = M.get_info()
+
+	return {
+		{ _('Hostname'), data.hostname },
+		{ _('MAC address'), data.mac_address },
+		{ _('Hardware model'), data.hardware_model },
+		{ _('Gluon version') .. " / " .. _('Site version'), data.gluon_version .. " / " .. data.site_version },
+		{ _('Firmware release'), data.firmware_release },
+		{ _('Site'), data.site },
+		{ _('Domain'), data.domain or 'n/a' },
+		{ _('Public VPN key'), data.public_vpn_key or _('disabled') },
+		{ _('Switch type'), data.switch_type },
+		{ _('Autoupdater branch'), data.updater_branch or _('disabled') },
+	}
+end
+
+return M

package/gluon-core/luasrc/usr/lib/lua/gluon/iputil.lua

+local bit = require 'bit32'
+
+
+local M = {}
+
+function M.IPv6(address)
+	--[[
+	(c) 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+	(c) 2008 Steven Barth <steven@midlink.org>
+
+	Licensed under the Apache License, Version 2.0 (the "License").
+	You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+	]]--
+	local data = {}
+
+	local borderl = address:sub(1, 1) == ":" and 2 or 1
+	local borderh, zeroh, chunk, block
+
+	if #address > 45 then return nil end
+
+	repeat
+		borderh = address:find(":", borderl, true)
+		if not borderh then break end
+
+		block = tonumber(address:sub(borderl, borderh - 1), 16)
+		if block and block <= 0xFFFF then
+			data[#data+1] = block
+		else
+			if zeroh or borderh - borderl > 1 then return nil end
+			zeroh = #data + 1
+		end
+
+		borderl = borderh + 1
+	until #data == 7
+
+	chunk = address:sub(borderl)
+	if #chunk > 0 and #chunk <= 4 then
+		block = tonumber(chunk, 16)
+		if not block or block > 0xFFFF then return nil end
+
+		data[#data+1] = block
+	elseif #chunk > 4 then
+		if #data == 7 or #chunk > 15 then return nil end
+		borderl = 1
+		for i=1, 4 do
+			borderh = chunk:find(".", borderl, true)
+			if not borderh and i < 4 then return nil end
+			borderh = borderh and borderh - 1
+
+			block = tonumber(chunk:sub(borderl, borderh))
+			if not block or block > 255 then return nil end
+
+			if i == 1 or i == 3 then
+				data[#data+1] = block * 256
+			else
+				data[#data] = data[#data] + block
+			end
+
+			borderl = borderh and borderh + 2
+		end
+	end
+
+	if zeroh then
+		if #data == 8 then return nil end
+		while #data < 8 do
+			table.insert(data, zeroh, 0)
+		end
+	end
+
+	if #data == 8 then
+		return data[1], data[2], data[3], data[4], data[5], data[6], data[7], data[8]
+	end
+end
+
+function M.mac_to_ip(prefix, mac, firstbyte, secondbyte)
+	local m1, m2, m3, m6, m7, m8 = string.match(mac, '(%x%x):(%x%x):(%x%x):(%x%x):(%x%x):(%x%x)')
+	local m4 = firstbyte or 0xff
+	local m5 = secondbyte or 0xfe
+	m1 = bit.bxor(tonumber(m1, 16), 0x02)
+
+	local h1 = 0x100 * m1 + tonumber(m2, 16)
+	local h2 = 0x100 * tonumber(m3, 16) + m4
+	local h3 = 0x100 * m5 + tonumber(m6, 16)
+	local h4 = 0x100 * tonumber(m7, 16) + tonumber(m8, 16)
+
+	prefix = string.match(prefix, '(.*)/%d+')
+
+	local p1, p2, p3, p4 = M.IPv6(prefix)
+
+	return string.format("%x:%x:%x:%x:%x:%x:%x:%x/%d", p1, p2, p3, p4, h1, h2, h3, h4, 128)
+end
+
+return M

package/gluon-core/luasrc/usr/lib/lua/gluon/platform.lua

 local platform_info = require 'platform_info'
 local util = require 'gluon.util'
 
-local setmetatable = setmetatable
 
-
-module 'gluon.platform'
-
-setmetatable(_M,
-	     {
+local M = setmetatable({}, {
 	__index = platform_info,
-	     }
-)
+})
 
-function match(target, subtarget, boards)
-   if get_target() ~= target then
+function M.match(target, subtarget, boards)
+	if target and M.get_target() ~= target then
 		return false
 	end
 
-   if get_subtarget() ~= subtarget then
+	if subtarget and M.get_subtarget() ~= subtarget then
 		return false
 	end
 
-   if boards and not util.contains(boards, get_board_name()) then
+	if boards and not util.contains(boards, M.get_board_name()) then
+		return false
+	end
+
+	return true
+end
+
+function M.is_outdoor_device()
+	if M.match('ath79', 'generic', {
+		'devolo,dvl1750x',
+		'librerouter,librerouter-v1',
+		'plasmacloud,pa300',
+		'plasmacloud,pa300e',
+		'tplink,cpe210-v1',
+		'tplink,cpe210-v2',
+		'tplink,cpe210-v3',
+		'tplink,cpe220-v3',
+		'tplink,cpe510-v1',
+		'tplink,cpe510-v2',
+		'tplink,cpe510-v3',
+		'tplink,cpe710-v1',
+		'tplink,eap225-outdoor-v1',
+		'tplink,eap225-outdoor-v3',
+		'tplink,wbs210-v1',
+		'tplink,wbs210-v2',
+		'tplink,wbs510-v1',
+		'ubnt,nanobeam-ac-xc',
+		'ubnt,nanobeam-m5-xw',
+		'ubnt,nanostation-loco-m-xw',
+		'ubnt,nanostation-m-xw',
+		'ubnt,uk-ultra',
+		'ubnt,unifi-ap-outdoor-plus',
+		'ubnt,unifiac-mesh',
+		'ubnt,unifiac-mesh-pro',
+	}) then
+		return true
+
+	elseif M.match('ath79', 'mikrotik', {
+		'mikrotik,routerboard-wapr-2nd',
+	}) then
+		return true
+
+	elseif M.match('ipq40xx', 'generic', {
+		'aruba,ap-365',
+		'plasmacloud,pa1200',
+	}) then
+		return true
+
+	elseif M.match('ipq40xx', 'mikrotik', {
+		'mikrotik,sxtsq-5-ac',
+	}) then
+		return true
+
+	elseif M.match('mediatek', 'filogic', {
+		'cudy,ap3000outdoor-v1',
+		'wavlink,wl-wn573hx3',
+	}) then
+		return true
+
+	elseif M.match('ramips', 'mt7621', {
+		'wavlink,ws-wn572hp3-4g',
+		'zyxel,nwa55axe',
+	}) then
+		return true
+	end
+
 	return false
 end
 
+function M.is_cellular_device()
+	if M.match('ath79', 'nand', {
+		'zte,mf281',
+		'glinet,gl-e750',
+		'glinet,gl-xe300',
+	}) then
+		return true
+	elseif M.match('ipq40xx', 'generic', {
+		'glinet,gl-ap1300',
+		'zte,mf289f',
+	}) then
+		return true
+	elseif M.match('ramips', 'mt7621', {
+		'wavlink,ws-wn572hp3-4g',
+	}) then
+		return true
+	elseif M.match('ramips', 'mt76x8', {
+		'tplink,tl-mr6400-v5',
+	}) then
 		return true
 	end
+
+	return false
+end
+
+return M

package/gluon-core/luasrc/usr/lib/lua/gluon/site_config.lua

-local site = require 'gluon.site'
-
-local setmetatable = setmetatable
-
-module 'gluon.site_config'
-
-setmetatable(_M, {
-	__index = site(),
-})
-
-return _M