]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/log
Alexander Marx [Sat, 19 Jan 2013 06:24:08 +0000 (07:24 +0100)]
Forward Firewall: deleted comments from converterscript
Alexander Marx [Sat, 19 Jan 2013 06:15:25 +0000 (07:15 +0100)]
Forward Firewall: implemented multiport support for source and target ports
Alexander Marx [Fri, 18 Jan 2013 09:58:33 +0000 (10:58 +0100)]
Forward Firewall: Edited Backup.pl so that any old backups get converted to new firewall. Afterwards the directories /var/ipfire/outgoing and /var/ipfire/xtaccess are removed!
Alexander Marx [Fri, 18 Jan 2013 09:18:25 +0000 (10:18 +0100)]
Forward Firewall: Bugfix: when editing an rule, the default ACTION (ACCEPT,DROP,REJECT) was set depending on Firewallmode. Now it checks, if a rule is edited and value is set to rule action
Alexander Marx [Fri, 18 Jan 2013 09:00:21 +0000 (10:00 +0100)]
Forward Firewall: removed newline when processing rules.pl
Alexander Marx [Fri, 18 Jan 2013 08:40:59 +0000 (09:40 +0100)]
Forward Firewall: edited rules.pl, so thatrules are created when source and target are 0.0.0.0/0.0.0.0
Alexander Marx [Fri, 18 Jan 2013 08:23:13 +0000 (09:23 +0100)]
Forward Firewall: Removed console output from outgoingfw-converter
Alexander Marx [Fri, 18 Jan 2013 07:53:51 +0000 (08:53 +0100)]
Forward Firewall: changed LOG directory to /var/log/converters
Alexander Marx [Fri, 18 Jan 2013 07:35:25 +0000 (08:35 +0100)]
Forward Firewall: added converters for old exaccess rules and old rules from outgoingfw and old firewallgroups.
Also fixed a Bug: Day SUN was not checked when in rule-edit mode
Alexander Marx [Wed, 16 Jan 2013 05:12:34 +0000 (06:12 +0100)]
Forward Firewall: edited p2pblock call in rules.pl
Alexander Marx [Tue, 15 Jan 2013 12:07:59 +0000 (13:07 +0100)]
Forward Firewall: Bugfix: when usinf ESP or AH as target protocol, no rules where created
Alexander Marx [Tue, 15 Jan 2013 11:37:27 +0000 (12:37 +0100)]
Forward Firewall: added p2protocols to /var/ipfire/forward/ for p2pblocking options
Alexander Marx [Tue, 15 Jan 2013 11:31:09 +0000 (12:31 +0100)]
Forward Firewall: added P2P Block Option
Alexander Marx [Tue, 15 Jan 2013 04:04:33 +0000 (05:04 +0100)]
Forward Firewall: set standard config for Firewall
Alexander Marx [Tue, 15 Jan 2013 03:56:26 +0000 (04:56 +0100)]
Forward Firewall: updated de.pl
Alexander Marx [Mon, 14 Jan 2013 13:15:18 +0000 (14:15 +0100)]
Forward Firewall: Added AH Protocol and fixed a bug
Alexander Marx [Mon, 14 Jan 2013 12:56:36 +0000 (13:56 +0100)]
Forward Firewall: BUGFIX: When editing a rule and changing position, no other changes where saved.
added the DMZHOLES Rule to init.d/firewall (but chnaged DMZHOLES to FORWARDFW
Alexander Marx [Sat, 12 Jan 2013 09:51:51 +0000 (10:51 +0100)]
Forward Firewall: refined routine to check if an existing rule is equal to a new one
Alexander Marx [Sat, 12 Jan 2013 09:22:49 +0000 (10:22 +0100)]
Forward Firewall: fixed routine for rulepositioning
Alexander Marx [Sat, 12 Jan 2013 07:07:33 +0000 (08:07 +0100)]
Forward Firewall: changed hash sorting to get right ruleorder in Iptables
Alexander Marx [Fri, 11 Jan 2013 12:33:34 +0000 (13:33 +0100)]
Forward Firewall: hopefully fixed delte-bug. When deleting a rule, it was possible that the rulenumbers get "holes"
Alexander Marx [Fri, 11 Jan 2013 12:21:43 +0000 (13:21 +0100)]
Forward Firewall: when adding custom hosts or networks the cursor is now in first textfield
Alexander Marx [Fri, 11 Jan 2013 07:48:20 +0000 (08:48 +0100)]
Forward Firewall: added possibility to change ruleposition
Alexander Marx [Thu, 10 Jan 2013 11:55:56 +0000 (12:55 +0100)]
Forward Firewall: adapted initscripts/firewall and wirelessctrl.c
Now the Wirelesschains should work with new firewall.
Alexander Marx [Thu, 10 Jan 2013 11:17:30 +0000 (12:17 +0100)]
Forward Firewall: edited /src/initscripts/init.d/firewall and misc-progs/wirelessctrl.c
added WIRELESSFORWARD to FORWARDFW (instead of FORWARD) so that rules work
commented out DMZHOLES lines in wirelessctrl.c to get rid of booterrormessages (There's no DMZHOLES anymore)
Alexander Marx [Thu, 10 Jan 2013 08:58:38 +0000 (09:58 +0100)]
Forward Firewall: added check for mac rules
Alexander Marx [Thu, 10 Jan 2013 08:41:04 +0000 (09:41 +0100)]
Forward Firewall: BUGFIX: MAC source addresses where not created as rules
Alexander Marx [Wed, 9 Jan 2013 13:54:31 +0000 (14:54 +0100)]
Forward Firewall: added Red interface to get_std_network function
Alexander Marx [Wed, 9 Jan 2013 13:48:35 +0000 (14:48 +0100)]
Forward Firewall: Deleted /var/ipfire/outgoing from /config/rootfiles/common/configroot
Alexander Marx [Wed, 9 Jan 2013 13:44:10 +0000 (14:44 +0100)]
Forward Firewall: Deleted config/cfgroot/p2protocols
Alexander Marx [Wed, 9 Jan 2013 13:42:52 +0000 (14:42 +0100)]
Forward Firewall: Deleted /var/ipfire/outgoing from configroot and aaded default values to /var/ipfire/optionsfw/settings
Alexander Marx [Wed, 9 Jan 2013 09:22:32 +0000 (10:22 +0100)]
Forward Firewall: fixed 12 Bugs from forum.
1) Added more possible chars in remark: : / .
2) Added "Internet" to std networks to be able to define internetaccess
3) When renaming a custom address, the firewallrules get updated
4) Ports are now ignored when using GRE as Protocol
5) When saving a customservice, the cursor is now in first textfield
6) Added a customservices file to installation with predefined services
7) Added ESP as protocol
8) Fixed counterproblem
9) Dropdownboxes for customservices and groups now sorted
10) Firewallrules now sorted in right order
11) fixed a Bug when defining manual address in source and target, the hint message is no longer displayed
12) When defining an external access rule, the last forwardrule was deleted
Alexander Marx [Wed, 9 Jan 2013 08:08:12 +0000 (09:08 +0100)]
Forward Firewall: added a customservices file with default values
Alexander Marx [Tue, 8 Jan 2013 10:20:39 +0000 (11:20 +0100)]
Forward firewall: commented out line in init.d/firewall that all Forward traffic from green is allowed and put it in rules.pl. Now rules.pl allows this traffic when firewall is set to Mode0 or Mode2
Alexander Marx [Sun, 6 Jan 2013 19:43:23 +0000 (20:43 +0100)]
Forward Firewall: fixed default entries in /var/ipfire/optionsfw/settings.
Alexander Marx [Fri, 4 Jan 2013 12:25:06 +0000 (13:25 +0100)]
Forward Firewall: changed languagefiles for loggingoptions in optionsfw.cgi
Alexander Marx [Fri, 4 Jan 2013 08:44:42 +0000 (09:44 +0100)]
Forward Firewall: deleted /var/ipfire/outgoing from backup
Alexander Marx [Fri, 4 Jan 2013 06:55:24 +0000 (07:55 +0100)]
Forward Firewall: Changed Buttons and Layout of fwhosts.cgi
Alexander Marx [Fri, 4 Jan 2013 04:37:19 +0000 (05:37 +0100)]
Forward Firewall: Replaced 'drop output' with 'drop forward' in languagefiles. This is for the loggingoption in the firewall options.
Alexander Marx [Thu, 3 Jan 2013 16:30:11 +0000 (17:30 +0100)]
Forward Firewall: replaced Outgoing-Logging with ForwardFW Logging. And changed Options in optionsfw.cgi from outgoing to forward
Alexander Marx [Thu, 3 Jan 2013 12:29:35 +0000 (13:29 +0100)]
Forward Firewall: Fixed Bug: When deleting a rule, only the last entry in the list is deleted
Alexander Marx [Thu, 3 Jan 2013 11:26:44 +0000 (12:26 +0100)]
Forward Firewall: Deleted outgoingfw.cgi,outgoinggroups.cgi and xtaccess.cgi from /config/rootfils7common/apache2
Alexander Marx [Thu, 3 Jan 2013 11:17:06 +0000 (12:17 +0100)]
Forward Firewall: removed outgoingfw.cgi from /config/rootfiles/core/66/filelists/files
Alexander Marx [Thu, 3 Jan 2013 11:00:09 +0000 (12:00 +0100)]
Forward Firewall: removed outgoingfwctrl from /config/rootfiles/misc-progs
Alexander Marx [Thu, 3 Jan 2013 07:14:28 +0000 (08:14 +0100)]
Forward Firewall: build iso with new firewall
Alexander Marx [Tue, 1 Jan 2013 05:17:06 +0000 (06:17 +0100)]
Forward Firewall: changed remarkfield to have maximum 255 chars. Changed Layout from viewtablerule.
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Sat, 29 Dec 2012 06:09:37 +0000 (07:09 +0100)]
Forward Firewall: fixed Typos
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Fri, 28 Dec 2012 12:29:34 +0000 (13:29 +0100)]
Forward Firewall: fixed rules.pl error when using manual target address
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Fri, 28 Dec 2012 07:26:07 +0000 (08:26 +0100)]
Forward Firewall: added new files
Michael Tremer [Fri, 9 Aug 2013 12:02:02 +0000 (14:02 +0200)]
Forward Firewall: applied all changes as diff and added new files. Also deleted c files from xtaccess and setdmzholes.
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Conflicts:
config/backup/include
lfs/configroot
lfs/usb-stick
Michael Tremer [Wed, 7 Aug 2013 20:15:31 +0000 (22:15 +0200)]
squid: Fix two security issues.
* CVE-2013-4115
* CVE-2013-4123
http://www.squid-cache.org/Versions/v3/3.1/changesets/
Arne Fitzenreiter [Tue, 6 Aug 2013 13:01:26 +0000 (15:01 +0200)]
samba: update to 3.6.17.
Michael Tremer [Sat, 3 Aug 2013 11:36:19 +0000 (13:36 +0200)]
DDNS: Use HTTPS for all-inkl.com.
Michael Tremer [Fri, 2 Aug 2013 11:17:54 +0000 (13:17 +0200)]
tor.cgi: Always show all configuration options.
Otherwise, if tor was disable, all settings like nickname, etc.
were reset to default.
Michael Tremer [Fri, 2 Aug 2013 09:27:14 +0000 (11:27 +0200)]
tor.cgi: Check for valid accounting limit.
Michael Tremer [Fri, 2 Aug 2013 09:22:52 +0000 (11:22 +0200)]
tor.cgi: Check for valid relay address.
Michael Tremer [Fri, 2 Aug 2013 09:20:53 +0000 (11:20 +0200)]
tor.cgi: Check for valid port numbers.
Michael Tremer [Fri, 2 Aug 2013 09:06:40 +0000 (11:06 +0200)]
tor.cgi: Catch invalid characters in relay name.
Michael Tremer [Fri, 2 Aug 2013 08:57:01 +0000 (10:57 +0200)]
tor.cgi: Burst bandwidth may never be less than rate.
Michael Tremer [Fri, 2 Aug 2013 08:42:41 +0000 (10:42 +0200)]
tor: The slowest bandwidth rate for a relay is 20 kbyte/s.
Michael Tremer [Fri, 2 Aug 2013 08:42:08 +0000 (10:42 +0200)]
tor: Fix path to readhash in initscript.
Michael Tremer [Fri, 2 Aug 2013 08:41:27 +0000 (10:41 +0200)]
Merge branch 'ddns-all-inkl' into next
Conflicts:
config/rootfiles/core/72/filelists/files
Arne Fitzenreiter [Thu, 1 Aug 2013 20:28:32 +0000 (22:28 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Thu, 1 Aug 2013 20:27:37 +0000 (22:27 +0200)]
tor: fix permissions.
Michael Tremer [Thu, 1 Aug 2013 17:41:21 +0000 (19:41 +0200)]
core72: Add strongswan update.
Michael Tremer [Thu, 1 Aug 2013 17:38:50 +0000 (19:38 +0200)]
strongswan: Update to 5.1.0.
Michael Tremer [Thu, 1 Aug 2013 16:24:03 +0000 (18:24 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Thu, 1 Aug 2013 15:38:12 +0000 (17:38 +0200)]
DDNS: Support for all-inkl.com.
Requested by Daniel Kovacs <daniel.kovacs@pleasuredome.org>.
Michael Tremer [Wed, 31 Jul 2013 17:40:17 +0000 (19:40 +0200)]
Merge remote-tracking branch 'ms/tor' into tor
Michael Tremer [Wed, 31 Jul 2013 17:26:37 +0000 (19:26 +0200)]
tor.cgi: Show number of connected relays.
Michael Tremer [Wed, 31 Jul 2013 17:22:00 +0000 (19:22 +0200)]
tor: Don't ship torify.
This will need tsocks, which is not present on IPFire.
Michael Tremer [Wed, 31 Jul 2013 17:20:42 +0000 (19:20 +0200)]
WUI: Add Tor menu entry.
Michael Tremer [Wed, 31 Jul 2013 17:11:59 +0000 (19:11 +0200)]
tor.cgi: Minor functionality fixes and layout improvements.
Michael Tremer [Wed, 31 Jul 2013 16:06:05 +0000 (18:06 +0200)]
arm: Don't require distutils.
We don't have that module shipped and we don't really
need it for arm either.
Michael Tremer [Wed, 31 Jul 2013 10:56:58 +0000 (12:56 +0200)]
core72: Add updated firewall script.
Michael Tremer [Wed, 31 Jul 2013 10:56:17 +0000 (12:56 +0200)]
torctrl: Add new binary to rootfiles.
Michael Tremer [Wed, 31 Jul 2013 10:55:08 +0000 (12:55 +0200)]
torctrl: Add stop action.
Michael Tremer [Wed, 31 Jul 2013 10:52:40 +0000 (12:52 +0200)]
tor: Add necessary firewall rules.
Michael Tremer [Wed, 31 Jul 2013 10:52:26 +0000 (12:52 +0200)]
tor: Add torctrl binary.
Michael Tremer [Tue, 30 Jul 2013 19:53:16 +0000 (21:53 +0200)]
tor: Import CGI script.
Michael Tremer [Tue, 30 Jul 2013 19:39:50 +0000 (21:39 +0200)]
tor: Configuration file updates.
Michael Tremer [Fri, 19 Jul 2013 12:34:14 +0000 (14:34 +0200)]
arm: New package.
Resource monitor for tor.
Michael Tremer [Fri, 19 Jul 2013 09:40:14 +0000 (11:40 +0200)]
tor: New package.
Michael Tremer [Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)]
vpnmain.cgi: Use MODP groups with smaller key lengths by default.
https://bugzilla.ipfire.org/show_bug.cgi?id=10396
Michael Tremer [Tue, 16 Jul 2013 10:04:29 +0000 (12:04 +0200)]
ipsecctrl: Re-read everything when configuration is reloaded.
Michael Tremer [Sun, 21 Jul 2013 18:33:36 +0000 (20:33 +0200)]
network: red: Remove duplicate MRU option.
Michael Tremer [Sat, 20 Jul 2013 16:48:29 +0000 (18:48 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Sat, 20 Jul 2013 16:47:51 +0000 (18:47 +0200)]
Add IPsec ECP changes to core update 72.
Michael Tremer [Sat, 20 Jul 2013 16:47:36 +0000 (18:47 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Sat, 20 Jul 2013 10:49:46 +0000 (12:49 +0200)]
ipsec: Add ECP cryptography.
Allow selecting ECDH for IPsec VPN connections.
Michael Tremer [Sat, 20 Jul 2013 15:35:53 +0000 (17:35 +0200)]
strongswan: Update to 5.1.0rc1.
Michael Tremer [Sat, 20 Jul 2013 10:54:31 +0000 (12:54 +0200)]
Merge remote-tracking branch 'ms/strongswan-next' into strongswan-next
Michael Tremer [Sat, 20 Jul 2013 10:51:26 +0000 (12:51 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Sat, 20 Jul 2013 10:49:46 +0000 (12:49 +0200)]
ipsec: Add ECP cryptography.
Allow selecting ECDH for IPsec VPN connections.
Michael Tremer [Sat, 20 Jul 2013 09:08:56 +0000 (11:08 +0200)]
Merge remote-tracking branch 'stevee/ovpnmain.cgi-fixes' into next
Stefan Schantl [Wed, 17 Jul 2013 20:30:29 +0000 (22:30 +0200)]
ovpnmain.cgi: Allow to keep the Remote field empty for N2N connections.
* It's now possible to keep the Remote Host/IP field empty.
* Cleaned up code.
Fixes #10392.
Arne Fitzenreiter [Fri, 19 Jul 2013 16:19:40 +0000 (18:19 +0200)]
transmission: update to 2.81.
Arne Fitzenreiter [Fri, 19 Jul 2013 08:03:22 +0000 (10:03 +0200)]
start core72.
Michael Tremer [Thu, 18 Jul 2013 19:22:10 +0000 (21:22 +0200)]
strongswan: Update rootfile.
Michael Tremer [Thu, 18 Jul 2013 11:10:22 +0000 (13:10 +0200)]
vdr: Add /etc/sysconfig/vdr to backup.