]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/log
Arne Fitzenreiter [Sun, 8 Dec 2013 15:03:25 +0000 (16:03 +0100)]
kernel: enable grsecurity on rpi kernel.
Arne Fitzenreiter [Thu, 5 Dec 2013 18:46:25 +0000 (19:46 +0100)]
kernel: update to 3.10.22.
Alexander Marx [Thu, 5 Dec 2013 14:51:15 +0000 (15:51 +0100)]
Firewall: forgot to delete a development test string
Alexander Marx [Mon, 2 Dec 2013 06:56:01 +0000 (07:56 +0100)]
Firewall: Bugfix: Fixed wrong language strings in outgoing FW rules when using std networks or ipfire
Alexander Marx [Fri, 29 Nov 2013 12:41:57 +0000 (13:41 +0100)]
Firewall: FIxed wrong language strings in outgoing Firewall
Alexander Marx [Tue, 26 Nov 2013 12:34:08 +0000 (13:34 +0100)]
Firewall: Fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=
e19a36c4a09ea417ce9d577c262f17242eec4a31
Now all "active" Strings from all languagefiles are checked against the old rule to find out if logging is enabled
Conflicts:
config/firewall/convert-outgoingfw
Alexander Marx [Tue, 26 Nov 2013 12:02:08 +0000 (13:02 +0100)]
Firewall: fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=
1ed4b214d785ad0538b0a864f43babccd55475b1
Conflicts:
html/cgi-bin/firewall.cgi
Alexander Marx [Tue, 26 Nov 2013 10:45:05 +0000 (11:45 +0100)]
Firewall: BUGFIX: RUles.pl did not create LOGGING rules properly.
Arne Fitzenreiter [Sun, 1 Dec 2013 13:09:02 +0000 (14:09 +0100)]
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Arne Fitzenreiter [Sun, 1 Dec 2013 13:08:08 +0000 (14:08 +0100)]
rootfile fixes for arm.
Arne Fitzenreiter [Sat, 30 Nov 2013 11:45:31 +0000 (12:45 +0100)]
Merge branch 'next' into fifteen
Conflicts:
doc/language_issues.tr
Arne Fitzenreiter [Sat, 30 Nov 2013 11:39:33 +0000 (12:39 +0100)]
Merge branch 'master' into next
Arne Fitzenreiter [Sat, 30 Nov 2013 11:38:16 +0000 (12:38 +0100)]
samba: update to 3.6.21.
Arne Fitzenreiter [Fri, 29 Nov 2013 22:37:39 +0000 (23:37 +0100)]
kernel: update to 3.10.21.
Michael Tremer [Tue, 26 Nov 2013 10:43:11 +0000 (11:43 +0100)]
squid: Apply patch for properly detect rlimit.
https://bugzilla.ipfire.org/show_bug.cgi?id=10445
Michael Tremer [Thu, 21 Nov 2013 20:36:02 +0000 (21:36 +0100)]
proxy: Set number of file descriptors much higher.
Some users are hitting the 65k limit regularly, so
we set the limit to a much higher number.
Alexander Marx [Thu, 21 Nov 2013 06:43:53 +0000 (07:43 +0100)]
Firewall: Bugfix: Last rule for outgoing showed wrong color, Bugfix:When using a rule with sourceport and afterwards editing this rule to use service or servicegroup, there was an errormessage.
Alexander Marx [Wed, 20 Nov 2013 15:01:46 +0000 (16:01 +0100)]
Firewall: refined dmz-converter. RUles are now converted with defined protocol instead of "all" protocol
Alexander Marx [Wed, 20 Nov 2013 13:28:42 +0000 (14:28 +0100)]
Firewall: Fixed xtaccess converter. The protocol in the old rules are now converted correctly
Arne Fitzenreiter [Thu, 21 Nov 2013 13:14:41 +0000 (14:14 +0100)]
linux-pae: rebuild module deps before initrd build.
Arne Fitzenreiter [Thu, 21 Nov 2013 12:50:03 +0000 (13:50 +0100)]
rootfile updates.
Arne Fitzenreiter [Thu, 21 Nov 2013 12:49:15 +0000 (13:49 +0100)]
kernel: update to 3.10.20.
Arne Fitzenreiter [Thu, 21 Nov 2013 07:10:21 +0000 (08:10 +0100)]
remove old openssh updater rootfile.
Arne Fitzenreiter [Wed, 20 Nov 2013 23:01:21 +0000 (00:01 +0100)]
usbutils: update to 007.
Erik Kapfer [Mon, 28 Oct 2013 17:50:30 +0000 (18:50 +0100)]
openvpn: Update to version 2.3.2
Fixes #10440
Michael Tremer [Wed, 20 Nov 2013 20:43:20 +0000 (21:43 +0100)]
Merge branch 'master' into fifteen
Michael Tremer [Wed, 20 Nov 2013 20:43:02 +0000 (21:43 +0100)]
Merge branch 'master' into next
Michael Tremer [Wed, 20 Nov 2013 20:28:05 +0000 (21:28 +0100)]
Add openssh update to core update 73.
Arne Fitzenreiter [Wed, 20 Nov 2013 16:15:31 +0000 (17:15 +0100)]
install: create /var/run folder on rootfs.
Arne Fitzenreiter [Wed, 20 Nov 2013 06:37:51 +0000 (07:37 +0100)]
setup: change persistent network rules for new udev.
Arne Fitzenreiter [Wed, 20 Nov 2013 06:37:01 +0000 (07:37 +0100)]
udev: disable new netdev names and systemd log prefix.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:36:10 +0000 (23:36 +0100)]
initskripts: updates for new udev.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:34:00 +0000 (23:34 +0100)]
stage2: add /run symlink to /var/run.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:30:27 +0000 (23:30 +0100)]
dracut: fixes for new udev and missing scsi_wait.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:27:37 +0000 (23:27 +0100)]
udev: update to 208.
Arne Fitzenreiter [Mon, 18 Nov 2013 18:00:51 +0000 (19:00 +0100)]
kmod: replace module-init-tools by kmod-13.
newer udev depend on kmod.
Ersan Yildirim [Mon, 18 Nov 2013 10:39:51 +0000 (11:39 +0100)]
Updates for Turkish translation.
Arne Fitzenreiter [Sun, 17 Nov 2013 17:51:04 +0000 (18:51 +0100)]
util-linux: update to 2.24.
this is needed for newer udev versions but need some initskript
changes. The updater and arm rootfile is not finished yet.
Alexander Marx [Wed, 13 Nov 2013 09:44:42 +0000 (10:44 +0100)]
Firewall: Fixed portfw-converter (rules where not converted correctly) And Standard network "IPsec RW" now has brackets around the Ip (when set)
Michael Tremer [Thu, 14 Nov 2013 10:41:18 +0000 (11:41 +0100)]
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Michael Tremer [Thu, 14 Nov 2013 10:40:36 +0000 (11:40 +0100)]
configroot: Fix recursively including /var/ipfire/backup.
This issue has been introduced in
a72fac88 .
Arne Fitzenreiter [Wed, 13 Nov 2013 13:05:27 +0000 (14:05 +0100)]
kernel: update to 3.10.19.
Arne Fitzenreiter [Wed, 13 Nov 2013 13:05:15 +0000 (14:05 +0100)]
Merge remote-tracking branch 'origin/next' into fifteen
Conflicts:
lfs/samba
lfs/strongswan
Arne Fitzenreiter [Wed, 13 Nov 2013 12:39:35 +0000 (13:39 +0100)]
samba: update to 3.6.20.
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
Arne Fitzenreiter [Wed, 13 Nov 2013 12:39:35 +0000 (13:39 +0100)]
samba: update to 3.6.20.
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
Alexander Marx [Tue, 12 Nov 2013 15:24:29 +0000 (16:24 +0100)]
Firewall: new errormessage for maximum number of ports in servicegroups
Alexander Marx [Tue, 12 Nov 2013 15:04:55 +0000 (16:04 +0100)]
Firewall: appended check of maximum ports per protocol. portranges 100:200 count as 2 ports
Alexander Marx [Tue, 12 Nov 2013 14:08:58 +0000 (15:08 +0100)]
Firewall: The maximum of definable services in a servicegroup is limited to 13 per protocol (tcp,udp) because iptables can only handle max 13 services in Multiport
Alexander Marx [Tue, 12 Nov 2013 08:27:16 +0000 (09:27 +0100)]
Firewall: New feature: Now it is possible to define a custom service with a portrange. When using this service in a rule or in a servciegroup, the rule is applied correctly.
Alexander Marx [Mon, 11 Nov 2013 09:23:39 +0000 (10:23 +0100)]
Firewall: Bugfix: the routine to check if a vpn net or host was deleted did not work as expected. Now it even works when source and target contain a vpn host or net
Alexander Marx [Sun, 10 Nov 2013 08:28:02 +0000 (09:28 +0100)]
Firewall: fixed colors of target column when using standard networks
When using RED, OpenVPN-Dyn or IPsec RW as target, the column was not
colored.
Erik Kapfer [Sun, 3 Nov 2013 20:29:04 +0000 (21:29 +0100)]
langs: Fix typo
Michael Tremer [Tue, 12 Nov 2013 23:25:27 +0000 (00:25 +0100)]
strongswan: Delay sending DPD packets after rekeying.
Michael Tremer [Sat, 9 Nov 2013 13:33:16 +0000 (14:33 +0100)]
Merge branch 'master' into next
Michael Tremer [Sat, 9 Nov 2013 13:19:52 +0000 (14:19 +0100)]
Merge branch 'master' into fifteen
Michael Tremer [Sat, 9 Nov 2013 13:16:52 +0000 (14:16 +0100)]
openssh: Update to 6.4p1.
Security fix because of
http://www.openssh.com/txt/gcmrekey.adv
Michael Tremer [Fri, 8 Nov 2013 13:55:23 +0000 (14:55 +0100)]
Ship paxctl with the distribution.
Michael Tremer [Sat, 7 Sep 2013 14:38:23 +0000 (16:38 +0200)]
Multiple CGI files: Check if BLUE or ORANGE are actually configured.
Michael Tremer [Fri, 8 Nov 2013 13:13:30 +0000 (14:13 +0100)]
squid: Update to 3.3.10 + SSL options fix.
Alexander Marx [Tue, 5 Nov 2013 12:47:56 +0000 (13:47 +0100)]
Firewall: Fix typo in backup script which stops the conversion of old firewallrules
Alexander Marx [Mon, 4 Nov 2013 07:04:44 +0000 (08:04 +0100)]
Firewall: Bugfix: When creating a servcie in firewall-groups and selecting a protocol other than icmp, the enty in the ruletable shows correct values PLUS the "all icmp-types" under ICMP.
Now the ICMP FIeld is emtpy when selecting another protocol than icmp
Alexander Marx [Fri, 8 Nov 2013 12:40:24 +0000 (13:40 +0100)]
Firewall: Bugfix: When creating a rule and using brackets in comment, the rule is denied because of invalid characters in String. But when creating a rule with just valid characters (witjout brackets) and then editing the rule it is possible to use brackets without errormessage.
Now brackets are allowed.
Alexander Marx [Mon, 4 Nov 2013 06:31:31 +0000 (07:31 +0100)]
Firewall: remove /var/ipfire/portfw as it is not used anymore
Michael Tremer [Fri, 8 Nov 2013 12:38:09 +0000 (13:38 +0100)]
firewall: Don't require to enable the RW server for N2N networks.
The firewall rules for OpenVPN have not been applied for N2N
connections when the road warrior server was disabled.
Michael Tremer [Thu, 7 Nov 2013 19:56:43 +0000 (20:56 +0100)]
strongswan: Update to 5.1.1.
Arne Fitzenreiter [Mon, 4 Nov 2013 20:26:52 +0000 (21:26 +0100)]
kernel: update to 3.10.18.
Michael Tremer [Thu, 31 Oct 2013 14:35:34 +0000 (15:35 +0100)]
Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen
Michael Tremer [Thu, 31 Oct 2013 14:34:40 +0000 (15:34 +0100)]
firewall: Fix wrong symbol for variable.
Alexander Marx [Wed, 30 Oct 2013 14:49:21 +0000 (15:49 +0100)]
Firewall: added IP-Address to dropdown in DNAT part and now all ip-addresses are in brackets
Alexander Marx [Wed, 30 Oct 2013 12:41:33 +0000 (13:41 +0100)]
Firewall: Show IP-Adresses in NAT-Source dropdown
Michael Tremer [Tue, 29 Oct 2013 17:45:40 +0000 (18:45 +0100)]
firewall: Simplify code which shows the last rule.
Also change headings of the rule sections.
Michael Tremer [Tue, 29 Oct 2013 15:57:58 +0000 (16:57 +0100)]
firewall: NAT section: Don't show irrelevant controls.
Michael Tremer [Tue, 29 Oct 2013 15:23:35 +0000 (16:23 +0100)]
Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen
Michael Tremer [Tue, 29 Oct 2013 15:22:13 +0000 (16:22 +0100)]
P2P block: Add notice that the user will reload the firewall ruleset.
Alexander Marx [Tue, 29 Oct 2013 07:34:42 +0000 (08:34 +0100)]
Firewall: fixed untranslated Strings
Michael Tremer [Mon, 28 Oct 2013 20:00:03 +0000 (21:00 +0100)]
strongswan: Update to 5.1.1rc1.
Michael Tremer [Mon, 28 Oct 2013 19:35:36 +0000 (20:35 +0100)]
firewall: Fix rendering issue of the rule table.
Michael Tremer [Sun, 27 Oct 2013 12:12:12 +0000 (13:12 +0100)]
Merge branch 'next' into fifteen
Michael Tremer [Sun, 27 Oct 2013 12:09:30 +0000 (13:09 +0100)]
cups: Update to 1.7.0.
Michael Tremer [Fri, 25 Oct 2013 09:40:06 +0000 (11:40 +0200)]
firewall: Fix layout of protocol selection.
Michael Tremer [Thu, 24 Oct 2013 20:16:49 +0000 (22:16 +0200)]
cups: Use libusb.
Michael Tremer [Thu, 24 Oct 2013 20:11:41 +0000 (22:11 +0200)]
libusbx: New package.
Michael Tremer [Thu, 24 Oct 2013 17:41:17 +0000 (19:41 +0200)]
strongswan: Rootfile update.
Michael Tremer [Thu, 24 Oct 2013 16:14:22 +0000 (18:14 +0200)]
gutenprint: Update to 5.2.9.
Alexander Marx [Thu, 24 Oct 2013 14:24:45 +0000 (16:24 +0200)]
Firewall: added missing translation for short IPv6 protcol in ruletable
Alexander Marx [Thu, 24 Oct 2013 14:04:26 +0000 (16:04 +0200)]
Firewall: rename Protocol 41 in Dropdown and ruletable ->Now "IPv6 Encapsulation (protocol 41)" in dropdown and "IPv6 Encap" in ruletable
Michael Tremer [Thu, 24 Oct 2013 13:21:42 +0000 (15:21 +0200)]
foomatic: Update to 4.0.9/4.0.17 (
20131023 ).
Michael Tremer [Thu, 24 Oct 2013 13:21:33 +0000 (15:21 +0200)]
cups: Update to 1.6.4.
Michael Tremer [Thu, 24 Oct 2013 13:20:57 +0000 (15:20 +0200)]
make.sh: Build dbus before cups and foomatic.
Michael Tremer [Thu, 24 Oct 2013 13:12:09 +0000 (15:12 +0200)]
mpage: New package.
Required for foomatic 4.x.
Alexander Marx [Thu, 24 Oct 2013 12:16:03 +0000 (14:16 +0200)]
Firewall: fix deleted files from core fifteen firewall
Alexander Marx [Thu, 24 Oct 2013 07:42:42 +0000 (09:42 +0200)]
Firewall: renamed forwardfwctrl to firewallctrl
Alexander Marx [Thu, 24 Oct 2013 07:24:12 +0000 (09:24 +0200)]
Firewall: Renamed directory /var/ipfire/forward to /var/ipfire/firewall
Alexander Marx [Thu, 24 Oct 2013 06:15:48 +0000 (08:15 +0200)]
Firewall: renamed /config/forwardfw to config/firewall
Alexander Marx [Thu, 24 Oct 2013 05:59:42 +0000 (07:59 +0200)]
Firewall: Added protocols IPv6 (41) and IPIP (94)
Alexander Marx [Thu, 17 Oct 2013 15:14:19 +0000 (17:14 +0200)]
FIREWALL: renamed forwardfw.cgi in firewall.cgi
Alexander Marx [Wed, 23 Oct 2013 14:06:54 +0000 (16:06 +0200)]
Firewall: Make it possible to use NAT rules with servicegroups.
Alexander Marx [Wed, 23 Oct 2013 14:05:50 +0000 (16:05 +0200)]
Firewall: Make it possible to use NAT without Ports specified
Michael Tremer [Tue, 22 Oct 2013 19:10:25 +0000 (21:10 +0200)]
Merge branch 'firewall-fifteen' into fifteen
Michael Tremer [Tue, 22 Oct 2013 19:09:01 +0000 (21:09 +0200)]
firewall: Add proper descriptions/translations for NAT.