]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/log
Alexander Marx [Wed, 6 Feb 2013 14:14:15 +0000 (15:14 +0100)]
Forward Firewall: Bugfix: now the Protocols are corrected in the tablerule if a servicegroup was used
Alexander Marx [Mon, 4 Feb 2013 14:36:37 +0000 (15:36 +0100)]
Forward Firewall: extended the accepted chars for group and servicenames NOw / () and _ are allowed, too
Alexander Marx [Mon, 4 Feb 2013 10:21:33 +0000 (11:21 +0100)]
Forward Firewall: changed sortorder of customhosts and bugfix when remark is changed
Alexander Marx [Fri, 1 Feb 2013 12:18:15 +0000 (13:18 +0100)]
Forward Firewall: redefined layout of customservicegroups and some layout changes
Alexander Marx [Thu, 31 Jan 2013 19:52:56 +0000 (20:52 +0100)]
Forward Firewall: BUGFIX-CustomGroup sort order
Alexander Marx [Thu, 31 Jan 2013 07:45:04 +0000 (08:45 +0100)]
Forward Firewall: fixed icmp-types and deleted dmzholes chain
Alexander Marx [Thu, 31 Jan 2013 06:33:47 +0000 (07:33 +0100)]
Forward Firewall: firewall policy dropdown - resized
Alexander Marx [Thu, 31 Jan 2013 04:48:20 +0000 (05:48 +0100)]
Forward Firewall: Typo in en.pl
Alexander Marx [Thu, 31 Jan 2013 04:17:41 +0000 (05:17 +0100)]
Forward Firewall: changed firewall modes from mode1,mode2 to "allowed" and "blocked". Also new descriptiontext.
Alexander Marx [Wed, 30 Jan 2013 15:28:18 +0000 (16:28 +0100)]
Forward Firewall: fixed portforward rules. Now possible even if firewall in mode1
Alexander Marx [Wed, 30 Jan 2013 14:24:57 +0000 (15:24 +0100)]
Forward Firewall: Tablegroup DMZ and WLAN now only show the own rules
Alexander Marx [Wed, 30 Jan 2013 12:34:54 +0000 (13:34 +0100)]
Forward Firewall: set standard rules for blue in mode 2
Alexander Marx [Wed, 30 Jan 2013 09:27:38 +0000 (10:27 +0100)]
Forward Firewall: when resetting firewall, an error was generated in log, because there's no reread file
Alexander Marx [Wed, 30 Jan 2013 08:14:01 +0000 (09:14 +0100)]
Forward Firewall: deleted mode0, added default Mode2 and fixed /etc/init.d/firewall to reload the rules correctly on reload. Also made it possible to create broadcastrules (To drop broadcastpackets)
Alexander Marx [Wed, 30 Jan 2013 05:22:59 +0000 (06:22 +0100)]
Forward Firewall: Deleted MODE0 from WEB Interface and added a table for DMZ-Rules.
Alexander Marx [Mon, 28 Jan 2013 05:12:51 +0000 (06:12 +0100)]
Forward FIrewall: tried to sort servicegroups the right way...not perfect now
Alexander Marx [Sun, 27 Jan 2013 12:20:33 +0000 (13:20 +0100)]
Forward Firewall: Fixed a bug in servicegroup-Tableview
Alexander Marx [Sat, 26 Jan 2013 20:11:21 +0000 (21:11 +0100)]
Forward Firewall: fixed converterbug and added ruleposition to new rules in forwardfw.cgi
Alexander Marx [Sat, 26 Jan 2013 18:49:24 +0000 (19:49 +0100)]
Forward Firewall: bugfix: network ip was treated like single host
Alexander Marx [Fri, 25 Jan 2013 11:18:28 +0000 (12:18 +0100)]
Forward Firewall: minor chnages just layout
Alexander Marx [Thu, 24 Jan 2013 16:37:34 +0000 (17:37 +0100)]
FOrward Firewall: disabled p2p table border
Alexander Marx [Thu, 24 Jan 2013 13:20:01 +0000 (14:20 +0100)]
Forward Firewall: set P2Protocols default to "off"
Alexander Marx [Thu, 24 Jan 2013 11:50:33 +0000 (12:50 +0100)]
Forward Firewall: deleted 22-outgoingfwctrl
Alexander Marx [Thu, 24 Jan 2013 04:25:58 +0000 (05:25 +0100)]
Forward Firewall: changed Layout of P2P table
Alexander Marx [Wed, 23 Jan 2013 14:06:21 +0000 (15:06 +0100)]
Forward Firewall: deleted symlink to outgoingfwctrl from lfs/initscripts
Alexander Marx [Wed, 23 Jan 2013 04:51:30 +0000 (05:51 +0100)]
Forward Firewall: changed sortorder in group tables
Alexander Marx [Tue, 22 Jan 2013 11:28:14 +0000 (12:28 +0100)]
Forward Firewall: edited language file en.pl and changed 'protocol:' to 'protocol' because in de.pl it is also just 'Protokoll'
Alexander Marx [Tue, 22 Jan 2013 04:42:46 +0000 (05:42 +0100)]
Forward Firewall:
1) fixed outgoingfw converter: now checkbox for logging is converted corectly
2) edited p2p_block: now a checked prot is allowed
Alexander Marx [Mon, 21 Jan 2013 20:47:32 +0000 (21:47 +0100)]
Forward Firewall: converter now creates cdir format from ip-addresses
Alexander Marx [Mon, 21 Jan 2013 20:26:44 +0000 (21:26 +0100)]
Forward Firewall: minor improvements, if an outgoingrule has a given port and prot "all", there are two new rules generated for UDP and TCP.
If an outgoingrule has only "all" as prot, but no port, there's only one new rule created
Alexander Marx [Mon, 21 Jan 2013 13:49:21 +0000 (14:49 +0100)]
Forward Firewall: extended converter
Alexander Marx [Mon, 21 Jan 2013 04:54:20 +0000 (05:54 +0100)]
Forward Firewall: edited colspan for timeframe from 6 to 7
edited de.pl and changed "Port(s) manuel" to "Port(s) manuell"
Alexander Marx [Sun, 20 Jan 2013 19:36:11 +0000 (20:36 +0100)]
Forward Firewall: Some more checks to check remark if rule was edited
Alexander Marx [Sun, 20 Jan 2013 12:18:47 +0000 (13:18 +0100)]
Forward Firewall: Bugfix: when editing a rule it was possible to enter invalid chars in remark
Alexander Marx [Sun, 20 Jan 2013 04:54:04 +0000 (05:54 +0100)]
Forward Firewall: edited Backup.pl. If someone put /var/ipfire/outgoing into /var/ipfire/backup/include, the rules are backed up and need to be restored.
Now the backup takes care of this and checks if there are old rules to convert.
Alexander Marx [Sat, 19 Jan 2013 20:21:18 +0000 (21:21 +0100)]
Forward Firewall: edited convert-outgoingfw.
When a Protocol ESP or GRE is used AND a Port is selected (in old system), the rule was not converted successfully.
Alexander Marx [Sat, 19 Jan 2013 19:51:12 +0000 (20:51 +0100)]
Forward Firewall: Minor changes...
1) improved convert-outgoingfw. source was wrong when tun+ interface
2) target had always a ":" in ruletable
3) convert-outgoingfw bugfix: ports where not cleared for next rule
Alexander Marx [Sat, 19 Jan 2013 13:09:50 +0000 (14:09 +0100)]
Forward Firewall: implemented ne column in ruletable "protocol"
Alexander Marx [Sat, 19 Jan 2013 06:24:08 +0000 (07:24 +0100)]
Forward Firewall: deleted comments from converterscript
Alexander Marx [Sat, 19 Jan 2013 06:15:25 +0000 (07:15 +0100)]
Forward Firewall: implemented multiport support for source and target ports
Alexander Marx [Fri, 18 Jan 2013 09:58:33 +0000 (10:58 +0100)]
Forward Firewall: Edited Backup.pl so that any old backups get converted to new firewall. Afterwards the directories /var/ipfire/outgoing and /var/ipfire/xtaccess are removed!
Alexander Marx [Fri, 18 Jan 2013 09:18:25 +0000 (10:18 +0100)]
Forward Firewall: Bugfix: when editing an rule, the default ACTION (ACCEPT,DROP,REJECT) was set depending on Firewallmode. Now it checks, if a rule is edited and value is set to rule action
Alexander Marx [Fri, 18 Jan 2013 09:00:21 +0000 (10:00 +0100)]
Forward Firewall: removed newline when processing rules.pl
Alexander Marx [Fri, 18 Jan 2013 08:40:59 +0000 (09:40 +0100)]
Forward Firewall: edited rules.pl, so thatrules are created when source and target are 0.0.0.0/0.0.0.0
Alexander Marx [Fri, 18 Jan 2013 08:23:13 +0000 (09:23 +0100)]
Forward Firewall: Removed console output from outgoingfw-converter
Alexander Marx [Fri, 18 Jan 2013 07:53:51 +0000 (08:53 +0100)]
Forward Firewall: changed LOG directory to /var/log/converters
Alexander Marx [Fri, 18 Jan 2013 07:35:25 +0000 (08:35 +0100)]
Forward Firewall: added converters for old exaccess rules and old rules from outgoingfw and old firewallgroups.
Also fixed a Bug: Day SUN was not checked when in rule-edit mode
Alexander Marx [Wed, 16 Jan 2013 05:12:34 +0000 (06:12 +0100)]
Forward Firewall: edited p2pblock call in rules.pl
Alexander Marx [Tue, 15 Jan 2013 12:07:59 +0000 (13:07 +0100)]
Forward Firewall: Bugfix: when usinf ESP or AH as target protocol, no rules where created
Alexander Marx [Tue, 15 Jan 2013 11:37:27 +0000 (12:37 +0100)]
Forward Firewall: added p2protocols to /var/ipfire/forward/ for p2pblocking options
Alexander Marx [Tue, 15 Jan 2013 11:31:09 +0000 (12:31 +0100)]
Forward Firewall: added P2P Block Option
Alexander Marx [Tue, 15 Jan 2013 04:04:33 +0000 (05:04 +0100)]
Forward Firewall: set standard config for Firewall
Alexander Marx [Tue, 15 Jan 2013 03:56:26 +0000 (04:56 +0100)]
Forward Firewall: updated de.pl
Alexander Marx [Mon, 14 Jan 2013 13:15:18 +0000 (14:15 +0100)]
Forward Firewall: Added AH Protocol and fixed a bug
Alexander Marx [Mon, 14 Jan 2013 12:56:36 +0000 (13:56 +0100)]
Forward Firewall: BUGFIX: When editing a rule and changing position, no other changes where saved.
added the DMZHOLES Rule to init.d/firewall (but chnaged DMZHOLES to FORWARDFW
Alexander Marx [Sat, 12 Jan 2013 09:51:51 +0000 (10:51 +0100)]
Forward Firewall: refined routine to check if an existing rule is equal to a new one
Alexander Marx [Sat, 12 Jan 2013 09:22:49 +0000 (10:22 +0100)]
Forward Firewall: fixed routine for rulepositioning
Alexander Marx [Sat, 12 Jan 2013 07:07:33 +0000 (08:07 +0100)]
Forward Firewall: changed hash sorting to get right ruleorder in Iptables
Alexander Marx [Fri, 11 Jan 2013 12:33:34 +0000 (13:33 +0100)]
Forward Firewall: hopefully fixed delte-bug. When deleting a rule, it was possible that the rulenumbers get "holes"
Alexander Marx [Fri, 11 Jan 2013 12:21:43 +0000 (13:21 +0100)]
Forward Firewall: when adding custom hosts or networks the cursor is now in first textfield
Alexander Marx [Fri, 11 Jan 2013 07:48:20 +0000 (08:48 +0100)]
Forward Firewall: added possibility to change ruleposition
Alexander Marx [Thu, 10 Jan 2013 11:55:56 +0000 (12:55 +0100)]
Forward Firewall: adapted initscripts/firewall and wirelessctrl.c
Now the Wirelesschains should work with new firewall.
Alexander Marx [Thu, 10 Jan 2013 11:17:30 +0000 (12:17 +0100)]
Forward Firewall: edited /src/initscripts/init.d/firewall and misc-progs/wirelessctrl.c
added WIRELESSFORWARD to FORWARDFW (instead of FORWARD) so that rules work
commented out DMZHOLES lines in wirelessctrl.c to get rid of booterrormessages (There's no DMZHOLES anymore)
Alexander Marx [Thu, 10 Jan 2013 08:58:38 +0000 (09:58 +0100)]
Forward Firewall: added check for mac rules
Alexander Marx [Thu, 10 Jan 2013 08:41:04 +0000 (09:41 +0100)]
Forward Firewall: BUGFIX: MAC source addresses where not created as rules
Alexander Marx [Wed, 9 Jan 2013 13:54:31 +0000 (14:54 +0100)]
Forward Firewall: added Red interface to get_std_network function
Alexander Marx [Wed, 9 Jan 2013 13:48:35 +0000 (14:48 +0100)]
Forward Firewall: Deleted /var/ipfire/outgoing from /config/rootfiles/common/configroot
Alexander Marx [Wed, 9 Jan 2013 13:44:10 +0000 (14:44 +0100)]
Forward Firewall: Deleted config/cfgroot/p2protocols
Alexander Marx [Wed, 9 Jan 2013 13:42:52 +0000 (14:42 +0100)]
Forward Firewall: Deleted /var/ipfire/outgoing from configroot and aaded default values to /var/ipfire/optionsfw/settings
Alexander Marx [Wed, 9 Jan 2013 09:22:32 +0000 (10:22 +0100)]
Forward Firewall: fixed 12 Bugs from forum.
1) Added more possible chars in remark: : / .
2) Added "Internet" to std networks to be able to define internetaccess
3) When renaming a custom address, the firewallrules get updated
4) Ports are now ignored when using GRE as Protocol
5) When saving a customservice, the cursor is now in first textfield
6) Added a customservices file to installation with predefined services
7) Added ESP as protocol
8) Fixed counterproblem
9) Dropdownboxes for customservices and groups now sorted
10) Firewallrules now sorted in right order
11) fixed a Bug when defining manual address in source and target, the hint message is no longer displayed
12) When defining an external access rule, the last forwardrule was deleted
Alexander Marx [Wed, 9 Jan 2013 08:08:12 +0000 (09:08 +0100)]
Forward Firewall: added a customservices file with default values
Alexander Marx [Tue, 8 Jan 2013 10:20:39 +0000 (11:20 +0100)]
Forward firewall: commented out line in init.d/firewall that all Forward traffic from green is allowed and put it in rules.pl. Now rules.pl allows this traffic when firewall is set to Mode0 or Mode2
Alexander Marx [Sun, 6 Jan 2013 19:43:23 +0000 (20:43 +0100)]
Forward Firewall: fixed default entries in /var/ipfire/optionsfw/settings.
Alexander Marx [Fri, 4 Jan 2013 12:25:06 +0000 (13:25 +0100)]
Forward Firewall: changed languagefiles for loggingoptions in optionsfw.cgi
Alexander Marx [Fri, 4 Jan 2013 08:44:42 +0000 (09:44 +0100)]
Forward Firewall: deleted /var/ipfire/outgoing from backup
Alexander Marx [Fri, 4 Jan 2013 06:55:24 +0000 (07:55 +0100)]
Forward Firewall: Changed Buttons and Layout of fwhosts.cgi
Alexander Marx [Fri, 4 Jan 2013 04:37:19 +0000 (05:37 +0100)]
Forward Firewall: Replaced 'drop output' with 'drop forward' in languagefiles. This is for the loggingoption in the firewall options.
Alexander Marx [Thu, 3 Jan 2013 16:30:11 +0000 (17:30 +0100)]
Forward Firewall: replaced Outgoing-Logging with ForwardFW Logging. And changed Options in optionsfw.cgi from outgoing to forward
Alexander Marx [Thu, 3 Jan 2013 12:29:35 +0000 (13:29 +0100)]
Forward Firewall: Fixed Bug: When deleting a rule, only the last entry in the list is deleted
Alexander Marx [Thu, 3 Jan 2013 11:26:44 +0000 (12:26 +0100)]
Forward Firewall: Deleted outgoingfw.cgi,outgoinggroups.cgi and xtaccess.cgi from /config/rootfils7common/apache2
Alexander Marx [Thu, 3 Jan 2013 11:17:06 +0000 (12:17 +0100)]
Forward Firewall: removed outgoingfw.cgi from /config/rootfiles/core/66/filelists/files
Alexander Marx [Thu, 3 Jan 2013 11:00:09 +0000 (12:00 +0100)]
Forward Firewall: removed outgoingfwctrl from /config/rootfiles/misc-progs
Alexander Marx [Thu, 3 Jan 2013 07:14:28 +0000 (08:14 +0100)]
Forward Firewall: build iso with new firewall
Alexander Marx [Tue, 1 Jan 2013 05:17:06 +0000 (06:17 +0100)]
Forward Firewall: changed remarkfield to have maximum 255 chars. Changed Layout from viewtablerule.
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Sat, 29 Dec 2012 06:09:37 +0000 (07:09 +0100)]
Forward Firewall: fixed Typos
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Fri, 28 Dec 2012 12:29:34 +0000 (13:29 +0100)]
Forward Firewall: fixed rules.pl error when using manual target address
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Fri, 28 Dec 2012 07:26:07 +0000 (08:26 +0100)]
Forward Firewall: added new files
Michael Tremer [Fri, 9 Aug 2013 12:02:02 +0000 (14:02 +0200)]
Forward Firewall: applied all changes as diff and added new files. Also deleted c files from xtaccess and setdmzholes.
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Conflicts:
config/backup/include
lfs/configroot
lfs/usb-stick
Michael Tremer [Wed, 7 Aug 2013 20:15:31 +0000 (22:15 +0200)]
squid: Fix two security issues.
* CVE-2013-4115
* CVE-2013-4123
http://www.squid-cache.org/Versions/v3/3.1/changesets/
Arne Fitzenreiter [Tue, 6 Aug 2013 13:01:26 +0000 (15:01 +0200)]
samba: update to 3.6.17.
Michael Tremer [Sat, 3 Aug 2013 11:36:19 +0000 (13:36 +0200)]
DDNS: Use HTTPS for all-inkl.com.
Michael Tremer [Fri, 2 Aug 2013 11:17:54 +0000 (13:17 +0200)]
tor.cgi: Always show all configuration options.
Otherwise, if tor was disable, all settings like nickname, etc.
were reset to default.
Michael Tremer [Fri, 2 Aug 2013 09:27:14 +0000 (11:27 +0200)]
tor.cgi: Check for valid accounting limit.
Michael Tremer [Fri, 2 Aug 2013 09:22:52 +0000 (11:22 +0200)]
tor.cgi: Check for valid relay address.
Michael Tremer [Fri, 2 Aug 2013 09:20:53 +0000 (11:20 +0200)]
tor.cgi: Check for valid port numbers.
Michael Tremer [Fri, 2 Aug 2013 09:06:40 +0000 (11:06 +0200)]
tor.cgi: Catch invalid characters in relay name.
Michael Tremer [Fri, 2 Aug 2013 08:57:01 +0000 (10:57 +0200)]
tor.cgi: Burst bandwidth may never be less than rate.
Michael Tremer [Fri, 2 Aug 2013 08:42:41 +0000 (10:42 +0200)]
tor: The slowest bandwidth rate for a relay is 20 kbyte/s.
Michael Tremer [Fri, 2 Aug 2013 08:42:08 +0000 (10:42 +0200)]
tor: Fix path to readhash in initscript.
Michael Tremer [Fri, 2 Aug 2013 08:41:27 +0000 (10:41 +0200)]
Merge branch 'ddns-all-inkl' into next
Conflicts:
config/rootfiles/core/72/filelists/files