]>
git.ipfire.org Git - people/teissler/ipfire-2.x.git/log
Michael Tremer [Sat, 24 Aug 2013 15:19:36 +0000 (17:19 +0200)]
tor: Fix initscript (again).
Arne Fitzenreiter [Fri, 23 Aug 2013 15:37:42 +0000 (17:37 +0200)]
transmission: update to 2.82.
Arne Fitzenreiter [Fri, 23 Aug 2013 12:46:27 +0000 (14:46 +0200)]
compat-drivers: add patch for atheros to ignore eeprom regdomain.
patch is needed for access-point mode with channels>12 (2,4 and 5Ghz)
On cards that are set to WORLD "6A" (most new atheros cards)
these channels are set to passive scanning and this make it unuseable
for ap-mode.
Michael Tremer [Thu, 22 Aug 2013 15:27:13 +0000 (17:27 +0200)]
squid: Update rootfile.
Michael Tremer [Thu, 22 Aug 2013 15:26:23 +0000 (17:26 +0200)]
tor: Rootfile update.
Michael Tremer [Thu, 22 Aug 2013 11:03:51 +0000 (13:03 +0200)]
core73: Add squid update to 3.3.
Michael Tremer [Thu, 7 Mar 2013 17:23:29 +0000 (18:23 +0100)]
squid: Update to 3.3.8.
Michael Tremer [Wed, 21 Aug 2013 15:41:28 +0000 (17:41 +0200)]
core73: Add changes files from #10406.
Michael Tremer [Wed, 21 Aug 2013 15:40:44 +0000 (17:40 +0200)]
Merge remote-tracking branch 'ms/xss' into next
Michael Tremer [Wed, 21 Aug 2013 15:19:05 +0000 (17:19 +0200)]
core73: Add HTML::Template.
Michael Tremer [Wed, 21 Aug 2013 15:14:42 +0000 (17:14 +0200)]
core73: Add redirection template engine.
Michael Tremer [Wed, 21 Aug 2013 15:08:57 +0000 (17:08 +0200)]
urlfilter: Make redirect.cgi template selectable.
Michael Tremer [Wed, 21 Aug 2013 14:11:55 +0000 (16:11 +0200)]
redirect.cgi: Introduce a small template engine for the error pages.
Michael Tremer [Wed, 21 Aug 2013 14:10:49 +0000 (16:10 +0200)]
HTML-Template: New package.
Michael Tremer [Tue, 20 Aug 2013 09:06:36 +0000 (11:06 +0200)]
proxylog.dat: Escape usernames.
Bug #10406.
Michael Tremer [Tue, 20 Aug 2013 09:05:28 +0000 (11:05 +0200)]
header.pl: Create new escape function that uses HTML::Entities.
This partly replaces cleanhtml(), which is kept for
backwards-compatibility and for a special case.
Michael Tremer [Tue, 20 Aug 2013 08:39:40 +0000 (10:39 +0200)]
tor.cgi: Remember selected exit node country.
Michael Tremer [Mon, 19 Aug 2013 15:40:57 +0000 (17:40 +0200)]
ovpnmain.cgi: Don't fail if files are not existant.
N2N connections could not be deleted if they have never been
started.
Michael Tremer [Mon, 19 Aug 2013 15:33:23 +0000 (17:33 +0200)]
ovpnmain.cgi: Fix remote IP address validation.
Michael Tremer [Mon, 19 Aug 2013 11:23:51 +0000 (13:23 +0200)]
tor: Only start tor when it has been enabled.
Michael Tremer [Mon, 19 Aug 2013 11:20:42 +0000 (13:20 +0200)]
translation: Fix typo.
Michael Tremer [Mon, 19 Aug 2013 11:19:13 +0000 (13:19 +0200)]
Merge remote-tracking branch 'earl/tor' into next
Timo Eissler [Sun, 18 Aug 2013 11:30:03 +0000 (13:30 +0200)]
xinetd: New package.
Jan Paul Tuecking [Sun, 18 Aug 2013 10:42:24 +0000 (12:42 +0200)]
tor: added startup files
Jan Paul Tuecking [Sun, 18 Aug 2013 10:18:50 +0000 (12:18 +0200)]
tor: new stings added to language files
Jan Paul Tuecking [Sun, 18 Aug 2013 10:11:58 +0000 (12:11 +0200)]
tor: added daemon stats and little changes on styling
Arne Fitzenreiter [Wed, 14 Aug 2013 17:13:33 +0000 (19:13 +0200)]
samba: update to 3.6.18.
Alexander Marx [Wed, 14 Aug 2013 12:19:36 +0000 (14:19 +0200)]
Forward Firewall: ip addresses in firewall-groups (groups) are now colorized
Alexander Marx [Wed, 14 Aug 2013 10:51:21 +0000 (12:51 +0200)]
Forward Firewall: Now all customhosts are colored correctly in ruletable. Also the ip addresses in firewall-groups (hosts) are colored correctly if they are part of green,orange,blue,openvpn or ipsec
Alexander Marx [Wed, 14 Aug 2013 07:06:38 +0000 (09:06 +0200)]
Forward Firewall: BUGFIX: when having more than 10 hosts/networks in a firewall-groups group, the table was not shown correctly
Alexander Marx [Tue, 13 Aug 2013 14:00:32 +0000 (16:00 +0200)]
Forward Firewall: BUG: when creating a new group in firewall-groups with the same name as an existing group, the line "no rule defined" was added.
BUG: THe line "no rules defined" is now "no entries in this group".
Alexander Marx [Tue, 13 Aug 2013 11:58:48 +0000 (13:58 +0200)]
Forward Firewall: Modified the Message to reread firewallrules in p2p-block.cgi. This is now the same as in forwardfw.cgi and fwhost.cgi
Alexander Marx [Tue, 13 Aug 2013 11:47:27 +0000 (13:47 +0200)]
Forward Firewall: edited GPL-header
Alexander Marx [Tue, 13 Aug 2013 10:44:01 +0000 (12:44 +0200)]
Forward Firewall: added GPL header to all files
Michael Tremer [Mon, 12 Aug 2013 16:58:37 +0000 (16:58 +0000)]
u-boot: Build images for Pandaboard and Wandboard.
Michael Tremer [Mon, 12 Aug 2013 15:22:22 +0000 (15:22 +0000)]
u-boot-panda: Don't install mkimage from this version of u-boot.
Michael Tremer [Mon, 12 Aug 2013 15:10:10 +0000 (15:10 +0000)]
Rename u-boot package to u-boot-panda.
Alexander Marx [Mon, 12 Aug 2013 13:53:16 +0000 (15:53 +0200)]
Forward Firewall: added /var/ipfire/forward/bin to backup-exclude script
Michael Tremer [Mon, 12 Aug 2013 12:45:07 +0000 (14:45 +0200)]
initscripts: Reset links that reload the firewall after RED connected.
Michael Tremer [Mon, 12 Aug 2013 12:42:16 +0000 (14:42 +0200)]
forwardctrl: Remove unused and possibly dangerous flush option.
Also remove unused header files.
Michael Tremer [Mon, 12 Aug 2013 12:39:34 +0000 (14:39 +0200)]
Firewall: Fix spelling of service names in custom services.
Alexander Marx [Mon, 12 Aug 2013 11:30:45 +0000 (13:30 +0200)]
Merge remote-tracking branch 'ms/firewall-new' into firewall
Michael Tremer [Sun, 11 Aug 2013 11:36:28 +0000 (13:36 +0200)]
iptraf-ng: Update to 1.1.4.
Michael Tremer [Sun, 11 Aug 2013 11:33:48 +0000 (13:33 +0200)]
Merge remote-tracking branch 'ummeegge/iptraf-ng' into next
Conflicts:
make.sh
Michael Tremer [Sun, 11 Aug 2013 11:32:51 +0000 (13:32 +0200)]
Merge remote-tracking branch 'ummeegge/wavemon' into next
Conflicts:
make.sh
Michael Tremer [Sun, 11 Aug 2013 11:25:56 +0000 (13:25 +0200)]
core73: Add updated language files.
Michael Tremer [Sun, 11 Aug 2013 11:25:34 +0000 (13:25 +0200)]
Merge remote-tracking branch 'ummeegge/langs' into next
Michael Tremer [Sun, 11 Aug 2013 11:23:55 +0000 (13:23 +0200)]
core73: Add updated list of user agents.
Michael Tremer [Sun, 11 Aug 2013 11:22:10 +0000 (13:22 +0200)]
Merge remote-tracking branch 'ummeegge/useragent' into next
Arne Fitzenreiter [Sun, 11 Aug 2013 09:55:19 +0000 (11:55 +0200)]
start core73.
Arne Fitzenreiter [Sun, 11 Aug 2013 09:51:40 +0000 (11:51 +0200)]
Merge remote-tracking branch 'origin/next'
Arne Fitzenreiter [Sun, 11 Aug 2013 09:50:50 +0000 (11:50 +0200)]
close core72.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:46:16 +0000 (09:46 +0200)]
core72: start ipsec only if enabled after update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:40:54 +0000 (09:40 +0200)]
core72: allow to update "ovpn verify script".
Don't forget to readd this exclude to next core updater to prevent overwrite
the user ca at a openvpn update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:40:03 +0000 (09:40 +0200)]
core72: add ovpnmain.cgi to update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:34:52 +0000 (09:34 +0200)]
core72: stop/start squid while update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:33:25 +0000 (09:33 +0200)]
core72: add language files to update.
Arne Fitzenreiter [Sat, 10 Aug 2013 18:10:00 +0000 (20:10 +0200)]
snort: update to 2.9.5.3.
Arne Fitzenreiter [Sat, 10 Aug 2013 18:09:03 +0000 (20:09 +0200)]
daq: update to 2.0.1.
Arne Fitzenreiter [Sat, 10 Aug 2013 16:48:16 +0000 (18:48 +0200)]
snort: enable non-ether-decoder for ppp support.
Michael Tremer [Sat, 10 Aug 2013 10:14:29 +0000 (12:14 +0200)]
tor.cgi: Remove NoAdvertise option.
This does not make much sense with our setup.
Michael Tremer [Sat, 10 Aug 2013 09:08:25 +0000 (11:08 +0200)]
OpenVPN verify: Fix login for RW clients with >= 2 spaces in name.
http://forum.ipfire.org/index.php?topic=8702.0
Michael Tremer [Fri, 9 Aug 2013 12:50:50 +0000 (14:50 +0200)]
Update translations.
Michael Tremer [Mon, 5 Aug 2013 07:32:46 +0000 (09:32 +0200)]
general-functions.pl: Fix overwritten substitutions.
Alexander Marx [Fri, 2 Aug 2013 05:55:44 +0000 (07:55 +0200)]
Forward Firewall: deleted unused warning message regarding mac addresses
Michael Tremer [Wed, 31 Jul 2013 13:47:25 +0000 (15:47 +0200)]
firewall: Language updates (English and German).
Michael Tremer [Wed, 31 Jul 2013 12:31:18 +0000 (14:31 +0200)]
firewall: Add TOR chains.
Alexander Marx [Wed, 31 Jul 2013 06:28:29 +0000 (08:28 +0200)]
Forward Firewall: Network addresses are now allowed as source and the ip addressfield has now size 18.
Alexander Marx [Tue, 30 Jul 2013 10:32:25 +0000 (12:32 +0200)]
Forward Firewall: changed rule coloring. Now whole field is colored instead of just borders. Back Button in firewall groups /hostgroups showed a white site
Alexander Marx [Thu, 25 Jul 2013 08:36:36 +0000 (10:36 +0200)]
Forward Firewall: Bugfix: ICMP rules where applied double
Alexander Marx [Thu, 25 Jul 2013 05:33:20 +0000 (07:33 +0200)]
Forward FIrewall: Bugfix: When using predefined services in rulecreation, the rule was not applied. Bugfix: when in rulecreationpage and pressing "back" the site gets white.
Alexander Marx [Wed, 24 Jul 2013 06:06:24 +0000 (08:06 +0200)]
Forward FIrewall: BUGFIX: when setting outgoing to blocked and creating a rule, the last rule changes to "accept"
Alexander Marx [Thu, 18 Jul 2013 11:15:10 +0000 (13:15 +0200)]
Forward Firewall: renamed IPFire to Firewall in SNAT area
Alexander Marx [Fri, 12 Jul 2013 11:30:14 +0000 (13:30 +0200)]
Forward Firewall: show default rule when input is empty
Alexander Marx [Fri, 12 Jul 2013 09:40:04 +0000 (11:40 +0200)]
Forward Firewall: language fixes on last rule in ruletable
Alexander Marx [Fri, 12 Jul 2013 09:05:57 +0000 (11:05 +0200)]
Forward Firewall: set default options for optionsfw and minor change on optionsfw.cgi
Alexander Marx [Fri, 12 Jul 2013 06:01:01 +0000 (08:01 +0200)]
Forward Firewall: added some javascript to automatically select radiobuttons when dropdowns are changed
Alexander Marx [Thu, 11 Jul 2013 15:15:15 +0000 (17:15 +0200)]
Forward Firewall: added some java Script to automatically select radiobuttons when dropdowns are changed. Some cleanup of the code
Alexander Marx [Thu, 11 Jul 2013 05:43:42 +0000 (07:43 +0200)]
Forward Firewall: deleted configfile "nat" in ovpnmain.cgi for portfw check. File "nat" no longer exists. Now the portfw rules are in file "config"
Alexander Marx [Wed, 10 Jul 2013 11:51:46 +0000 (13:51 +0200)]
Forward Firewall: just increased version number
Alexander Marx [Wed, 10 Jul 2013 11:49:52 +0000 (13:49 +0200)]
Forward Firewall: The default rule table (at the end of Forward) shows only default values depending on the network configuration
Alexander Marx [Tue, 9 Jul 2013 12:59:55 +0000 (14:59 +0200)]
Forward Firewall: fixed check for already existing rules.
Alexander Marx [Tue, 9 Jul 2013 12:58:30 +0000 (14:58 +0200)]
Forward Firewall: deleted postrouting block in firewall (not used anywhere)
Michael Tremer [Mon, 8 Jul 2013 13:53:30 +0000 (15:53 +0200)]
iptables: Cleanup creating SNAT/DNAT chains.
Michael Tremer [Mon, 8 Jul 2013 13:50:02 +0000 (15:50 +0200)]
iptables: Remove OPENSSL{PHYSICAL,VIRTUAL} chains which are unused.
Michael Tremer [Mon, 8 Jul 2013 13:47:57 +0000 (15:47 +0200)]
iptables: Jump into the firewall rulesets after everything else has been done.
Michael Tremer [Mon, 8 Jul 2013 13:41:15 +0000 (15:41 +0200)]
iptables: Create OVPNNAT chain after CUSTOM* chains.
Michael Tremer [Mon, 8 Jul 2013 13:38:39 +0000 (15:38 +0200)]
iptables: Create guardian's chains after the CUSTOM* chains.
Michael Tremer [Mon, 8 Jul 2013 13:36:45 +0000 (15:36 +0200)]
iptables: Cleanup creating the OVPNBLOCK chain.
This should happen after the CUSTOM* chains.
Michael Tremer [Mon, 8 Jul 2013 13:25:48 +0000 (15:25 +0200)]
iptables: Block all loopback packets on non-loopback interfaces.
Michael Tremer [Mon, 8 Jul 2013 13:21:04 +0000 (15:21 +0200)]
iptables: Create LOOPBACK chain.
This chain accepts all communication on the loopback
interface without running it through the entire connection
tracking first.
Packets on lo can never be blocked and must always be
accepted. The firewall has to trust itself anyway.
Michael Tremer [Mon, 8 Jul 2013 13:17:56 +0000 (15:17 +0200)]
iptables: Only jump into BADTCP for TCP packets.
This saves us from evaluating lots of rules for non-TCP
packets.
Michael Tremer [Mon, 8 Jul 2013 13:14:15 +0000 (15:14 +0200)]
iptables: Replace state module by conntrack module.
The state module is deprecated in recent releases of iptables
and should not be used any more.
Additionally, this patch adds an extra chain for all
connection tracking rules, so we can keep the entire ruleset
more small and clean.
Alexander Marx [Fri, 5 Jul 2013 10:15:05 +0000 (12:15 +0200)]
Forward Firewall: Updated outgoingfw-converter. redesign of the ruletable's defaultrules
Alexander Marx [Thu, 4 Jul 2013 10:37:34 +0000 (12:37 +0200)]
Forward Firewall: some textalignment in last rule row
Alexander Marx [Thu, 4 Jul 2013 10:19:50 +0000 (12:19 +0200)]
Forward Firewall: added "default-rules-table" at the end of forward ruletable
Alexander Marx [Wed, 3 Jul 2013 12:38:40 +0000 (14:38 +0200)]
Forward Firewall: moved default rules from FORWARDFW to POLICYFWD
Alexander Marx [Wed, 3 Jul 2013 09:26:44 +0000 (11:26 +0200)]
Forward Firewall: removed nat part from rules.pl (file nat not existent anymore)
Alexander Marx [Wed, 3 Jul 2013 08:13:06 +0000 (10:13 +0200)]
Forward Firewall: Bugfixes wrong interface in ruletable,when selecting alias firewall interface
Alexander Marx [Wed, 3 Jul 2013 07:26:39 +0000 (09:26 +0200)]
Forward Firewall: some bugfixes