]>
git.ipfire.org Git - ipfire-2.x.git/log
Dirk Wagner [Mon, 14 Apr 2014 11:12:14 +0000 (13:12 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into asterisk-update
Dirk Wagner [Mon, 14 Apr 2014 11:09:20 +0000 (13:09 +0200)]
asterisk addon: Update to latest asterisk LTS version 11.8.1
Dirk Wagner [Mon, 14 Apr 2014 11:05:40 +0000 (13:05 +0200)]
lcr addon: Update to latest version due to build errors with asterisk 11.
Michael Tremer [Sun, 13 Apr 2014 13:45:19 +0000 (15:45 +0200)]
Merge remote-tracking branch 'ummeegge/openvpn' into next
Erik Kapfer [Sun, 13 Apr 2014 05:14:25 +0000 (07:14 +0200)]
OpenVPN:Add HMAC, cipher 'n2n' and DH key selection. Fixes and new design.
Added HMAC algorithm selection menu for N2N and RW.
Added cipher selection menu for N2N connections.
Added DH key selection also for existing installations incl. DH key upload possibility.
Adjusted the ovpn main WUI design to IPSec WUI.
Extend key lenght for CA, cert and control channel with faktor 2.
Some code and typo cleanup.
Bugfixes for #10317, #10149, #10462, #10463
V.2 New changes:
Integrated changes in langs and ovpnmain.cgi until 20.03.2014 2.15-Beta3.
ovpn.cnf have now default bits of 2048 instead of 1024.
ovpn.cnf default_md works now with sha256 instead of md5.
Bugfix: By new installation the auth directive for RWs is faded out #10462 Comment 15.
Added error message if the crl should be displayed but no crl is present.
Michael Tremer [Fri, 11 Apr 2014 13:18:50 +0000 (15:18 +0200)]
Merge branch 'master' into next
Conflicts:
doc/language_issues.tr
Michael Tremer [Fri, 11 Apr 2014 13:17:21 +0000 (15:17 +0200)]
Update translations.
Michael Tremer [Fri, 11 Apr 2014 13:17:08 +0000 (15:17 +0200)]
Merge remote-tracking branch 'amarx/RC2-master'
Alexander Marx [Fri, 11 Apr 2014 10:06:52 +0000 (12:06 +0200)]
Firewall: When having rules with more than 3 protocols, show "many" and tooltip
Arne Fitzenreiter [Wed, 9 Apr 2014 16:20:46 +0000 (18:20 +0200)]
kernel: disable intel mei.
Intel Management Engine Interface is still crashing the kernel.
Alexander Marx [Wed, 9 Apr 2014 14:23:55 +0000 (16:23 +0200)]
Firewall: Fix 10510 - Show all protocols from servicegroups (GRE,IPIP,IPV6,...)
Arne Fitzenreiter [Wed, 9 Apr 2014 16:20:46 +0000 (18:20 +0200)]
kernel: disable intel mei.
Intel Management Engine Interface is still crashing the kernel.
Michael Tremer [Wed, 9 Apr 2014 13:14:25 +0000 (15:14 +0200)]
firewall-policy: Remove empty line.
Michael Tremer [Wed, 9 Apr 2014 13:11:41 +0000 (15:11 +0200)]
Fix missing Connection Scheduler strings.
Michael Tremer [Wed, 9 Apr 2014 12:19:16 +0000 (14:19 +0200)]
aliases.cgi: Mark name field as mandatory.
Michael Tremer [Wed, 9 Apr 2014 12:16:32 +0000 (14:16 +0200)]
firewall: Apply destination NAT rules for the firewall itself, too.
Michael Tremer [Wed, 9 Apr 2014 12:06:32 +0000 (14:06 +0200)]
firewall: Fix rule generation for protocols without ports.
Arne Fitzenreiter [Mon, 7 Apr 2014 19:33:34 +0000 (21:33 +0200)]
openssl: update to 1.0.1g.
Fix for CVE-2014-0160
Add TLS padding extension workaround for broken servers.
Fix for CVE-2014-0076
Alexander Marx [Mon, 7 Apr 2014 14:14:20 +0000 (16:14 +0200)]
Firewall: fix coloring of internet hosts
Alexander Marx [Mon, 7 Apr 2014 10:09:16 +0000 (12:09 +0200)]
Firewall: Fix source preselection of alias when Firewall is selected
Alexander Marx [Mon, 7 Apr 2014 10:04:50 +0000 (12:04 +0200)]
Firewall: BUGFIX 10505
Alexander Marx [Mon, 7 Apr 2014 06:24:54 +0000 (08:24 +0200)]
Firewall: BUGFIX 10507
Michael Tremer [Mon, 7 Apr 2014 14:49:33 +0000 (16:49 +0200)]
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Arne Fitzenreiter [Sun, 6 Apr 2014 22:35:31 +0000 (00:35 +0200)]
glibc: rootfile update (arm).
Arne Fitzenreiter [Sun, 6 Apr 2014 21:33:51 +0000 (23:33 +0200)]
kernel-header: rootfile update.
Michael Tremer [Sun, 6 Apr 2014 15:24:13 +0000 (17:24 +0200)]
media.cgi: Fix typo once again.
Ersan Yildirim [Sun, 6 Apr 2014 15:22:31 +0000 (17:22 +0200)]
Update Turkish translation.
Michael Tremer [Sun, 6 Apr 2014 10:53:30 +0000 (12:53 +0200)]
core76: Include changed /etc/sysctl.conf in update.
Arne Fitzenreiter [Sun, 6 Apr 2014 08:29:27 +0000 (10:29 +0200)]
glibc: fix image, updater and filecount in installer.
switch from locale-archive to normale locales add est. 5000 files.
todo: arm-rootfile.
Michael Tremer [Sat, 5 Apr 2014 15:09:56 +0000 (17:09 +0200)]
firewall: Fix using aliases.
Fix coding errors, actually read aliases configuration
and fall back to default RED IP address if no suitable
alias was found.
Michael Tremer [Sat, 5 Apr 2014 15:08:17 +0000 (17:08 +0200)]
convert-portfw: Fix converting aliases.
ALL is not suitable as it is not a valid configuration value.
Michael Tremer [Sat, 5 Apr 2014 15:02:33 +0000 (17:02 +0200)]
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Arne Fitzenreiter [Sat, 5 Apr 2014 09:04:25 +0000 (11:04 +0200)]
firewall: fix green only mode.
disable masquerade and green IP/NET check if internet is
connected via green.
Arne Fitzenreiter [Fri, 4 Apr 2014 19:17:08 +0000 (21:17 +0200)]
apache2: update to 2.2.27.
Arne Fitzenreiter [Fri, 4 Apr 2014 11:53:41 +0000 (13:53 +0200)]
kernel: update to 3.10.36.
Arne Fitzenreiter [Thu, 3 Apr 2014 08:06:47 +0000 (10:06 +0200)]
kernel: update to 3.10.35.
Michael Tremer [Tue, 1 Apr 2014 14:24:50 +0000 (16:24 +0200)]
glibc: Install all known locales.
Michael Tremer [Mon, 31 Mar 2014 11:16:26 +0000 (13:16 +0200)]
firewall: Fix perl coding error.
Example:
my @as = (1, 2, 3);
foreach my $a (@as) {
$a += 1;
print "$a\n";
}
$a will be a reference to the number in the array and not
copied. Therefore $a += 1 will change the numbers in the
array as well, so that after the loop the content of @as
would be (2, 3, 4).
To avoid that, the number needs to be copied into a new
variable like: my $b = $a; and we are fine.
This caused that the content of the @sources and @destinations
array has been altered for the second run of the loop and
incorrect (i.e. no) rules were created.
Michael Tremer [Sun, 30 Mar 2014 21:28:35 +0000 (23:28 +0200)]
Merge branch 'kernel-layer7-oom'
Michael Tremer [Sun, 30 Mar 2014 21:26:29 +0000 (23:26 +0200)]
kernel: Update layer7 patch.
Brings back the /proc interface and is supposed to
fix a memory leak.
Michael Tremer [Sun, 30 Mar 2014 20:33:58 +0000 (22:33 +0200)]
firewall-policy: Clarify policy rules.
There are no functional changes here. Everything that
is not explicitely allowed is now forbidden when the
forward policy is "ALLOWED".
Michael Tremer [Sat, 29 Mar 2014 23:21:33 +0000 (00:21 +0100)]
Merge branch 'beyond-next' into next
Arne Fitzenreiter [Sat, 29 Mar 2014 14:06:35 +0000 (15:06 +0100)]
firewall-policy: fix drop and logging on red0;
Arne Fitzenreiter [Fri, 28 Mar 2014 17:16:31 +0000 (18:16 +0100)]
set version to IPFire 2.15 rc1.
Michael Tremer [Thu, 27 Mar 2014 14:08:17 +0000 (15:08 +0100)]
firewall: Create mangle chain NAT_DESTINATION to silence error messages when updating.
Alexander Marx [Thu, 27 Mar 2014 10:58:48 +0000 (11:58 +0100)]
Firewall: fix Update from core 75 to 76
Michael Tremer [Thu, 27 Mar 2014 14:07:26 +0000 (15:07 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Thu, 27 Mar 2014 10:36:12 +0000 (11:36 +0100)]
cups: Fix rootfile.
Basically, include just everything.
Arne Fitzenreiter [Thu, 27 Mar 2014 06:30:56 +0000 (07:30 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Thu, 27 Mar 2014 06:29:19 +0000 (07:29 +0100)]
rpi-firmware: update to
18a7921 .
Arne Fitzenreiter [Thu, 27 Mar 2014 06:25:24 +0000 (07:25 +0100)]
kernel: update RPi patchset to
dea8280 .
Michael Tremer [Wed, 26 Mar 2014 22:47:14 +0000 (23:47 +0100)]
ipsecctrl: Fix compiler warning.
Michael Tremer [Wed, 26 Mar 2014 22:43:04 +0000 (23:43 +0100)]
Merge branch 'ppp-update' into beyond-next
Michael Tremer [Wed, 26 Mar 2014 22:42:57 +0000 (23:42 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into beyond-next
Michael Tremer [Wed, 26 Mar 2014 22:42:05 +0000 (23:42 +0100)]
ppp: Update to 2.4.6.
Michael Tremer [Wed, 26 Mar 2014 22:35:18 +0000 (23:35 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 26 Mar 2014 22:34:58 +0000 (23:34 +0100)]
media.cgi: Fix typo 'writen'.
Arne Fitzenreiter [Wed, 26 Mar 2014 07:35:00 +0000 (08:35 +0100)]
wlanap.cgi: fix missing line from wlan info.
Arne Fitzenreiter [Tue, 25 Mar 2014 18:11:03 +0000 (19:11 +0100)]
hostapd: change setting of the regdomain.
the regdomain is only updated if it was really changed but after boot
the system believe it is "00" World but it is not correctly set at
some cards. So we set a region and set it back to "00" before the
real region was set.
Arne Fitzenreiter [Tue, 25 Mar 2014 12:15:43 +0000 (13:15 +0100)]
wlanap: fix typo.
Arne Fitzenreiter [Tue, 25 Mar 2014 12:03:56 +0000 (13:03 +0100)]
wlanap.cgi: fix detection of not useable channels.
Arne Fitzenreiter [Tue, 25 Mar 2014 11:59:37 +0000 (12:59 +0100)]
iwlwifi: use noibss flags only on radar detection channels.
Arne Fitzenreiter [Mon, 24 Mar 2014 12:28:29 +0000 (13:28 +0100)]
kernel: update to 3.10.34.
Arne Fitzenreiter [Sun, 23 Mar 2014 16:39:47 +0000 (17:39 +0100)]
graphs.pl: fix links position in chrome for android.
Michael Tremer [Fri, 21 Mar 2014 13:48:22 +0000 (14:48 +0100)]
Merge remote-tracking branch 'stevee/squid-zph-qos' into beyond-next
Michael Tremer [Fri, 21 Mar 2014 12:46:03 +0000 (13:46 +0100)]
squid: Update to 3.4.4.
Michael Tremer [Fri, 21 Mar 2014 12:39:03 +0000 (13:39 +0100)]
firewall: rules.pl: Honour time constraints for NAT rules as well.
Michael Tremer [Fri, 21 Mar 2014 12:33:08 +0000 (13:33 +0100)]
firewall: rules.pl: Catch invalid configurations.
Michael Tremer [Fri, 21 Mar 2014 12:28:00 +0000 (13:28 +0100)]
firewall: rules.pl: Allow REDIRECT rules.
Alexander Marx [Fri, 21 Mar 2014 11:54:12 +0000 (12:54 +0100)]
Firewall: Allow DNAT with target firewall
Alexander Marx [Fri, 21 Mar 2014 11:20:50 +0000 (12:20 +0100)]
Firewall: Rename defaultNetworks to netsettings
Alexander Marx [Fri, 21 Mar 2014 07:28:24 +0000 (08:28 +0100)]
Firewall: DNAT - Show right DNAT interface in ruletable
Now:
When using a hostgroup as source there are all corresponding DNAT
interfaces shown in ruletable depending on the entries in the group.
When in DNAT area "-automatic" is selected, the DNAT interfaces are
shown as IP-Addresses, else they are shown as "ORANGE","GREEN","BLUE"...
BUGFIX: When there is a MAC address used in a sourcegroup, the rules could not be set. Now MAC addresses get allways the public interface as DNAT
Alexander Marx [Thu, 20 Mar 2014 16:27:53 +0000 (17:27 +0100)]
Firewall: Move some functions from rules.pl to firewall-lib.pl
Michael Tremer [Fri, 21 Mar 2014 11:40:55 +0000 (12:40 +0100)]
firewall: rules.pl: Fix rules with other NAT port.
Michael Tremer [Thu, 20 Mar 2014 22:16:15 +0000 (23:16 +0100)]
Merge remote-tracking branch 'alfh/feature_vnstat_1.11' into beyond-next
Michael Tremer [Thu, 20 Mar 2014 22:15:49 +0000 (23:15 +0100)]
Merge remote-tracking branch 'alfh/feature_firewalllogcountry' into beyond-next
Conflicts:
langs/de/cgi-bin/de.pl
Michael Tremer [Thu, 20 Mar 2014 22:14:13 +0000 (23:14 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into beyond-next
Conflicts:
doc/language_issues.es
doc/language_issues.fr
doc/language_issues.nl
doc/language_issues.pl
doc/language_issues.ru
doc/language_issues.tr
doc/language_missings
Michael Tremer [Thu, 20 Mar 2014 22:07:26 +0000 (23:07 +0100)]
Update translations.
Alexander Marx [Thu, 20 Mar 2014 15:23:47 +0000 (16:23 +0100)]
Firewall: DNAT - always show right red address in dropdown.
Edited language String in DNAT area: external ip address is now Firewall
Interface
Arne Fitzenreiter [Wed, 19 Mar 2014 18:07:27 +0000 (19:07 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Wed, 19 Mar 2014 18:03:22 +0000 (19:03 +0100)]
hostapd: enable CONFIG_ACS for dfs channels.
Arne Fitzenreiter [Wed, 19 Mar 2014 18:00:47 +0000 (19:00 +0100)]
hostapd: change channellist and status for dfs channels.
Arne Fitzenreiter [Wed, 19 Mar 2014 08:05:37 +0000 (09:05 +0100)]
core76: add wpa_supplicant to update.
Arne Fitzenreiter [Wed, 19 Mar 2014 06:23:40 +0000 (07:23 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Wed, 19 Mar 2014 06:22:49 +0000 (07:22 +0100)]
hostapd: update to 2.1.
Michael Tremer [Tue, 18 Mar 2014 22:49:23 +0000 (23:49 +0100)]
firewall: rules.pl: Add support for auto selection of NAT addresses.
Alexander Marx [Tue, 18 Mar 2014 14:13:02 +0000 (15:13 +0100)]
Firewall: select right value in DNAT Dropdown
Alexander Marx [Tue, 18 Mar 2014 14:02:55 +0000 (15:02 +0100)]
Firewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN
Michael Tremer [Tue, 18 Mar 2014 17:03:14 +0000 (18:03 +0100)]
openssh: Update to 6.6p1.
Michael Tremer [Tue, 18 Mar 2014 17:00:42 +0000 (18:00 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Tue, 18 Mar 2014 06:28:13 +0000 (07:28 +0100)]
core76: add tzdata to update.
Arne Fitzenreiter [Tue, 18 Mar 2014 06:20:41 +0000 (07:20 +0100)]
tzdata: fix rootfile.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:25:08 +0000 (00:25 +0100)]
initskripts: add pcengines apu support to leds.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:22:24 +0000 (00:22 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Mon, 17 Mar 2014 23:21:38 +0000 (00:21 +0100)]
kernel: add pcengines apu led support.
Michael Tremer [Mon, 17 Mar 2014 21:04:48 +0000 (22:04 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Mon, 17 Mar 2014 21:04:44 +0000 (22:04 +0100)]
Merge remote-tracking branch 'alfh/feature_firewalllog_centergraph' into next
Michael Tremer [Mon, 17 Mar 2014 17:03:00 +0000 (18:03 +0100)]
firewall: rules.pl: Code cleanup.
Michael Tremer [Mon, 17 Mar 2014 16:39:47 +0000 (17:39 +0100)]
firewall: Fix DNAT rules between internal zones.
Michael Tremer [Mon, 17 Mar 2014 14:47:28 +0000 (15:47 +0100)]
firewall: rules.pl: Sanitise source and destination IP addresses.
Those variables are now empty if source or destination are
unspecified.