]>
git.ipfire.org Git - people/mfischer/ipfire-2.x.git/log
Michael Tremer [Thu, 17 Apr 2014 10:44:18 +0000 (12:44 +0200)]
Fix spelling of "IPsec".
Michael Tremer [Thu, 17 Apr 2014 10:40:04 +0000 (12:40 +0200)]
Update translations.
Alexander Marx [Thu, 17 Apr 2014 09:14:25 +0000 (11:14 +0200)]
Firewall: Bug10513
Arne Fitzenreiter [Wed, 16 Apr 2014 04:52:01 +0000 (06:52 +0200)]
strongswan: rootfile update.
Arne Fitzenreiter [Tue, 15 Apr 2014 23:54:14 +0000 (01:54 +0200)]
move core75 files to oldcore.
Michael Tremer [Tue, 15 Apr 2014 19:38:24 +0000 (21:38 +0200)]
Rename IPFire 2.15 Core Update 76 -> 77.
Michael Tremer [Tue, 15 Apr 2014 19:16:14 +0000 (21:16 +0200)]
strongswan: Update to 5.1.3.
Fixes CVE-2014-2338.
Alexander Marx [Mon, 14 Apr 2014 06:02:16 +0000 (08:02 +0200)]
Firewall: Bug 10514 fixed
Arne Fitzenreiter [Mon, 14 Apr 2014 18:13:14 +0000 (20:13 +0200)]
kernel: update to 3.10.37.
Michael Tremer [Sat, 12 Apr 2014 14:17:20 +0000 (16:17 +0200)]
firewall: Fix outgoing OpenVPN N2N tunnel packets.
Don't throw away packets from the firewall that pass through
an OpenVPN N2N tunnel.
Michael Tremer [Sat, 12 Apr 2014 14:01:11 +0000 (16:01 +0200)]
firewall: Fix spelling and seperate spelling issues.
Michael Tremer [Sat, 12 Apr 2014 13:55:44 +0000 (15:55 +0200)]
firewall: Change headlines for rule sections.
Michael Tremer [Sat, 12 Apr 2014 13:39:08 +0000 (15:39 +0200)]
rules.pl: Rewrite P2P protocol filter.
Michael Tremer [Sat, 12 Apr 2014 13:23:45 +0000 (15:23 +0200)]
firewall.cgi: Sort protocols alphabetically.
Michael Tremer [Sat, 12 Apr 2014 13:16:08 +0000 (15:16 +0200)]
firewall: Fix creation of automatic rules for the firewall.
If the firewall is part of a local network (e.g. GREEN),
we automatically add rules that grant/forbid access for the firewall,
too.
This has been broken for various default policies other than ALLOWED.
Michael Tremer [Sat, 12 Apr 2014 10:18:57 +0000 (12:18 +0200)]
media.cgi: Add missing 'tr'.
Michael Tremer [Fri, 11 Apr 2014 13:17:21 +0000 (15:17 +0200)]
Update translations.
Michael Tremer [Fri, 11 Apr 2014 13:17:08 +0000 (15:17 +0200)]
Merge remote-tracking branch 'amarx/RC2-master'
Alexander Marx [Fri, 11 Apr 2014 10:06:52 +0000 (12:06 +0200)]
Firewall: When having rules with more than 3 protocols, show "many" and tooltip
Arne Fitzenreiter [Wed, 9 Apr 2014 16:20:46 +0000 (18:20 +0200)]
kernel: disable intel mei.
Intel Management Engine Interface is still crashing the kernel.
Alexander Marx [Wed, 9 Apr 2014 14:23:55 +0000 (16:23 +0200)]
Firewall: Fix 10510 - Show all protocols from servicegroups (GRE,IPIP,IPV6,...)
Arne Fitzenreiter [Wed, 9 Apr 2014 16:20:46 +0000 (18:20 +0200)]
kernel: disable intel mei.
Intel Management Engine Interface is still crashing the kernel.
Michael Tremer [Wed, 9 Apr 2014 13:14:25 +0000 (15:14 +0200)]
firewall-policy: Remove empty line.
Michael Tremer [Wed, 9 Apr 2014 13:11:41 +0000 (15:11 +0200)]
Fix missing Connection Scheduler strings.
Michael Tremer [Wed, 9 Apr 2014 12:19:16 +0000 (14:19 +0200)]
aliases.cgi: Mark name field as mandatory.
Michael Tremer [Wed, 9 Apr 2014 12:16:32 +0000 (14:16 +0200)]
firewall: Apply destination NAT rules for the firewall itself, too.
Michael Tremer [Wed, 9 Apr 2014 12:06:32 +0000 (14:06 +0200)]
firewall: Fix rule generation for protocols without ports.
Arne Fitzenreiter [Mon, 7 Apr 2014 19:33:34 +0000 (21:33 +0200)]
openssl: update to 1.0.1g.
Fix for CVE-2014-0160
Add TLS padding extension workaround for broken servers.
Fix for CVE-2014-0076
Alexander Marx [Mon, 7 Apr 2014 14:14:20 +0000 (16:14 +0200)]
Firewall: fix coloring of internet hosts
Alexander Marx [Mon, 7 Apr 2014 10:09:16 +0000 (12:09 +0200)]
Firewall: Fix source preselection of alias when Firewall is selected
Alexander Marx [Mon, 7 Apr 2014 10:04:50 +0000 (12:04 +0200)]
Firewall: BUGFIX 10505
Alexander Marx [Mon, 7 Apr 2014 06:24:54 +0000 (08:24 +0200)]
Firewall: BUGFIX 10507
Michael Tremer [Mon, 7 Apr 2014 14:49:33 +0000 (16:49 +0200)]
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Arne Fitzenreiter [Sun, 6 Apr 2014 22:35:31 +0000 (00:35 +0200)]
glibc: rootfile update (arm).
Arne Fitzenreiter [Sun, 6 Apr 2014 21:33:51 +0000 (23:33 +0200)]
kernel-header: rootfile update.
Michael Tremer [Sun, 6 Apr 2014 15:24:13 +0000 (17:24 +0200)]
media.cgi: Fix typo once again.
Ersan Yildirim [Sun, 6 Apr 2014 15:22:31 +0000 (17:22 +0200)]
Update Turkish translation.
Michael Tremer [Sun, 6 Apr 2014 10:53:30 +0000 (12:53 +0200)]
core76: Include changed /etc/sysctl.conf in update.
Arne Fitzenreiter [Sun, 6 Apr 2014 08:29:27 +0000 (10:29 +0200)]
glibc: fix image, updater and filecount in installer.
switch from locale-archive to normale locales add est. 5000 files.
todo: arm-rootfile.
Michael Tremer [Sat, 5 Apr 2014 15:09:56 +0000 (17:09 +0200)]
firewall: Fix using aliases.
Fix coding errors, actually read aliases configuration
and fall back to default RED IP address if no suitable
alias was found.
Michael Tremer [Sat, 5 Apr 2014 15:08:17 +0000 (17:08 +0200)]
convert-portfw: Fix converting aliases.
ALL is not suitable as it is not a valid configuration value.
Michael Tremer [Sat, 5 Apr 2014 15:02:33 +0000 (17:02 +0200)]
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Arne Fitzenreiter [Sat, 5 Apr 2014 09:04:25 +0000 (11:04 +0200)]
firewall: fix green only mode.
disable masquerade and green IP/NET check if internet is
connected via green.
Arne Fitzenreiter [Fri, 4 Apr 2014 19:17:08 +0000 (21:17 +0200)]
apache2: update to 2.2.27.
Arne Fitzenreiter [Fri, 4 Apr 2014 11:53:41 +0000 (13:53 +0200)]
kernel: update to 3.10.36.
Arne Fitzenreiter [Thu, 3 Apr 2014 08:06:47 +0000 (10:06 +0200)]
kernel: update to 3.10.35.
Michael Tremer [Tue, 1 Apr 2014 14:24:50 +0000 (16:24 +0200)]
glibc: Install all known locales.
Michael Tremer [Mon, 31 Mar 2014 11:16:26 +0000 (13:16 +0200)]
firewall: Fix perl coding error.
Example:
my @as = (1, 2, 3);
foreach my $a (@as) {
$a += 1;
print "$a\n";
}
$a will be a reference to the number in the array and not
copied. Therefore $a += 1 will change the numbers in the
array as well, so that after the loop the content of @as
would be (2, 3, 4).
To avoid that, the number needs to be copied into a new
variable like: my $b = $a; and we are fine.
This caused that the content of the @sources and @destinations
array has been altered for the second run of the loop and
incorrect (i.e. no) rules were created.
Michael Tremer [Sun, 30 Mar 2014 21:28:35 +0000 (23:28 +0200)]
Merge branch 'kernel-layer7-oom'
Michael Tremer [Sun, 30 Mar 2014 21:26:29 +0000 (23:26 +0200)]
kernel: Update layer7 patch.
Brings back the /proc interface and is supposed to
fix a memory leak.
Michael Tremer [Sun, 30 Mar 2014 20:33:58 +0000 (22:33 +0200)]
firewall-policy: Clarify policy rules.
There are no functional changes here. Everything that
is not explicitely allowed is now forbidden when the
forward policy is "ALLOWED".
Arne Fitzenreiter [Sat, 29 Mar 2014 14:06:35 +0000 (15:06 +0100)]
firewall-policy: fix drop and logging on red0;
Arne Fitzenreiter [Fri, 28 Mar 2014 17:16:31 +0000 (18:16 +0100)]
set version to IPFire 2.15 rc1.
Michael Tremer [Thu, 27 Mar 2014 14:08:17 +0000 (15:08 +0100)]
firewall: Create mangle chain NAT_DESTINATION to silence error messages when updating.
Alexander Marx [Thu, 27 Mar 2014 10:58:48 +0000 (11:58 +0100)]
Firewall: fix Update from core 75 to 76
Michael Tremer [Thu, 27 Mar 2014 14:07:26 +0000 (15:07 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Thu, 27 Mar 2014 10:36:12 +0000 (11:36 +0100)]
cups: Fix rootfile.
Basically, include just everything.
Arne Fitzenreiter [Thu, 27 Mar 2014 06:30:56 +0000 (07:30 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Thu, 27 Mar 2014 06:29:19 +0000 (07:29 +0100)]
rpi-firmware: update to
18a7921 .
Arne Fitzenreiter [Thu, 27 Mar 2014 06:25:24 +0000 (07:25 +0100)]
kernel: update RPi patchset to
dea8280 .
Michael Tremer [Wed, 26 Mar 2014 22:47:14 +0000 (23:47 +0100)]
ipsecctrl: Fix compiler warning.
Michael Tremer [Wed, 26 Mar 2014 22:35:18 +0000 (23:35 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 26 Mar 2014 22:34:58 +0000 (23:34 +0100)]
media.cgi: Fix typo 'writen'.
Arne Fitzenreiter [Wed, 26 Mar 2014 07:35:00 +0000 (08:35 +0100)]
wlanap.cgi: fix missing line from wlan info.
Arne Fitzenreiter [Tue, 25 Mar 2014 18:11:03 +0000 (19:11 +0100)]
hostapd: change setting of the regdomain.
the regdomain is only updated if it was really changed but after boot
the system believe it is "00" World but it is not correctly set at
some cards. So we set a region and set it back to "00" before the
real region was set.
Arne Fitzenreiter [Tue, 25 Mar 2014 12:15:43 +0000 (13:15 +0100)]
wlanap: fix typo.
Arne Fitzenreiter [Tue, 25 Mar 2014 12:03:56 +0000 (13:03 +0100)]
wlanap.cgi: fix detection of not useable channels.
Arne Fitzenreiter [Tue, 25 Mar 2014 11:59:37 +0000 (12:59 +0100)]
iwlwifi: use noibss flags only on radar detection channels.
Arne Fitzenreiter [Mon, 24 Mar 2014 12:28:29 +0000 (13:28 +0100)]
kernel: update to 3.10.34.
Arne Fitzenreiter [Sun, 23 Mar 2014 16:39:47 +0000 (17:39 +0100)]
graphs.pl: fix links position in chrome for android.
Michael Tremer [Fri, 21 Mar 2014 12:39:03 +0000 (13:39 +0100)]
firewall: rules.pl: Honour time constraints for NAT rules as well.
Michael Tremer [Fri, 21 Mar 2014 12:33:08 +0000 (13:33 +0100)]
firewall: rules.pl: Catch invalid configurations.
Michael Tremer [Fri, 21 Mar 2014 12:28:00 +0000 (13:28 +0100)]
firewall: rules.pl: Allow REDIRECT rules.
Alexander Marx [Fri, 21 Mar 2014 11:54:12 +0000 (12:54 +0100)]
Firewall: Allow DNAT with target firewall
Alexander Marx [Fri, 21 Mar 2014 11:20:50 +0000 (12:20 +0100)]
Firewall: Rename defaultNetworks to netsettings
Alexander Marx [Fri, 21 Mar 2014 07:28:24 +0000 (08:28 +0100)]
Firewall: DNAT - Show right DNAT interface in ruletable
Now:
When using a hostgroup as source there are all corresponding DNAT
interfaces shown in ruletable depending on the entries in the group.
When in DNAT area "-automatic" is selected, the DNAT interfaces are
shown as IP-Addresses, else they are shown as "ORANGE","GREEN","BLUE"...
BUGFIX: When there is a MAC address used in a sourcegroup, the rules could not be set. Now MAC addresses get allways the public interface as DNAT
Alexander Marx [Thu, 20 Mar 2014 16:27:53 +0000 (17:27 +0100)]
Firewall: Move some functions from rules.pl to firewall-lib.pl
Michael Tremer [Fri, 21 Mar 2014 11:40:55 +0000 (12:40 +0100)]
firewall: rules.pl: Fix rules with other NAT port.
Michael Tremer [Thu, 20 Mar 2014 22:07:26 +0000 (23:07 +0100)]
Update translations.
Alexander Marx [Thu, 20 Mar 2014 15:23:47 +0000 (16:23 +0100)]
Firewall: DNAT - always show right red address in dropdown.
Edited language String in DNAT area: external ip address is now Firewall
Interface
Arne Fitzenreiter [Wed, 19 Mar 2014 18:07:27 +0000 (19:07 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Wed, 19 Mar 2014 18:03:22 +0000 (19:03 +0100)]
hostapd: enable CONFIG_ACS for dfs channels.
Arne Fitzenreiter [Wed, 19 Mar 2014 18:00:47 +0000 (19:00 +0100)]
hostapd: change channellist and status for dfs channels.
Arne Fitzenreiter [Wed, 19 Mar 2014 08:05:37 +0000 (09:05 +0100)]
core76: add wpa_supplicant to update.
Arne Fitzenreiter [Wed, 19 Mar 2014 06:23:40 +0000 (07:23 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Wed, 19 Mar 2014 06:22:49 +0000 (07:22 +0100)]
hostapd: update to 2.1.
Michael Tremer [Tue, 18 Mar 2014 22:49:23 +0000 (23:49 +0100)]
firewall: rules.pl: Add support for auto selection of NAT addresses.
Alexander Marx [Tue, 18 Mar 2014 14:13:02 +0000 (15:13 +0100)]
Firewall: select right value in DNAT Dropdown
Alexander Marx [Tue, 18 Mar 2014 14:02:55 +0000 (15:02 +0100)]
Firewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN
Michael Tremer [Tue, 18 Mar 2014 17:03:14 +0000 (18:03 +0100)]
openssh: Update to 6.6p1.
Michael Tremer [Tue, 18 Mar 2014 17:00:42 +0000 (18:00 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Tue, 18 Mar 2014 06:28:13 +0000 (07:28 +0100)]
core76: add tzdata to update.
Arne Fitzenreiter [Tue, 18 Mar 2014 06:20:41 +0000 (07:20 +0100)]
tzdata: fix rootfile.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:25:08 +0000 (00:25 +0100)]
initskripts: add pcengines apu support to leds.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:22:24 +0000 (00:22 +0100)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Mon, 17 Mar 2014 23:21:38 +0000 (00:21 +0100)]
kernel: add pcengines apu led support.
Michael Tremer [Mon, 17 Mar 2014 21:04:48 +0000 (22:04 +0100)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Mon, 17 Mar 2014 21:04:44 +0000 (22:04 +0100)]
Merge remote-tracking branch 'alfh/feature_firewalllog_centergraph' into next
Michael Tremer [Mon, 17 Mar 2014 17:03:00 +0000 (18:03 +0100)]
firewall: rules.pl: Code cleanup.
Michael Tremer [Mon, 17 Mar 2014 16:39:47 +0000 (17:39 +0100)]
firewall: Fix DNAT rules between internal zones.