March 1st, 2021

Agenda

Schedule release date for Core Update 154
Upcoming Core Update 155
- Status of Kernel 5.x (#12464)
- CPU utilization in Suricata (#12548)
- dhcpd on i[5-6]86?
Pakfire
Location database
32-bit ARM, RISC-V, ... - ad nauseam
fireperf
NAT Slipstreaming attack

Many smaller patches, updated packages, et al.
IPsec with Apple devices
CPU utilization in Suricata
- Suricata team did not solve the problem and does not respond to our remarks
- Suricata 6.x unfortunately remains unusable for us :-/
- Overall situation is quite disappointing
Need to ship Suricata due to updated Rust
Kernel 5.x
- iptables issues - this is a show-stopper (#12575)
- ARM patchset not ready
- Some smaller issues (graphs and HW LEDs are broken)
- Delayed, will not land in C155

RISC-V emulator works fine, real hardware currently unavailable
- Rust and Suricata won't work on that architecture
- Branch and toolchain are virtually ready

Daniel tested the hardware he has at hands
Interesting hardware bugs appear en masse
Flapping connection rates above certain thresholds
We are stumbling into some bottlenecks (NIC driver?) but cannot determine it exactly, yet
Feedback and insights welcome

OpenVPN CGI has some severe bugs and needs to be re-worked soon
- Peter tries to contact Erik (OpenVPN guru) on this matter
QoS: Some minor improvements suggested, Leo is taking care of this
Update Accelerator:
- Rename passive mode to something more descriptive (#12577)
- Display file sizes in human-readable units
Remove old themes due complexity (#12578)
Rust is a PITA de luxe, other distributions have trouble with that as well :-/
Turn on GCC static code analysis (#12579)