]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/log
Alexander Marx [Wed, 9 Jan 2013 13:42:52 +0000 (14:42 +0100)]
Forward Firewall: Deleted /var/ipfire/outgoing from configroot and aaded default values to /var/ipfire/optionsfw/settings
Alexander Marx [Wed, 9 Jan 2013 09:22:32 +0000 (10:22 +0100)]
Forward Firewall: fixed 12 Bugs from forum.
1) Added more possible chars in remark: : / .
2) Added "Internet" to std networks to be able to define internetaccess
3) When renaming a custom address, the firewallrules get updated
4) Ports are now ignored when using GRE as Protocol
5) When saving a customservice, the cursor is now in first textfield
6) Added a customservices file to installation with predefined services
7) Added ESP as protocol
8) Fixed counterproblem
9) Dropdownboxes for customservices and groups now sorted
10) Firewallrules now sorted in right order
11) fixed a Bug when defining manual address in source and target, the hint message is no longer displayed
12) When defining an external access rule, the last forwardrule was deleted
Alexander Marx [Wed, 9 Jan 2013 08:08:12 +0000 (09:08 +0100)]
Forward Firewall: added a customservices file with default values
Alexander Marx [Tue, 8 Jan 2013 10:20:39 +0000 (11:20 +0100)]
Forward firewall: commented out line in init.d/firewall that all Forward traffic from green is allowed and put it in rules.pl. Now rules.pl allows this traffic when firewall is set to Mode0 or Mode2
Alexander Marx [Sun, 6 Jan 2013 19:43:23 +0000 (20:43 +0100)]
Forward Firewall: fixed default entries in /var/ipfire/optionsfw/settings.
Alexander Marx [Fri, 4 Jan 2013 12:25:06 +0000 (13:25 +0100)]
Forward Firewall: changed languagefiles for loggingoptions in optionsfw.cgi
Alexander Marx [Fri, 4 Jan 2013 08:44:42 +0000 (09:44 +0100)]
Forward Firewall: deleted /var/ipfire/outgoing from backup
Alexander Marx [Fri, 4 Jan 2013 06:55:24 +0000 (07:55 +0100)]
Forward Firewall: Changed Buttons and Layout of fwhosts.cgi
Alexander Marx [Fri, 4 Jan 2013 04:37:19 +0000 (05:37 +0100)]
Forward Firewall: Replaced 'drop output' with 'drop forward' in languagefiles. This is for the loggingoption in the firewall options.
Alexander Marx [Thu, 3 Jan 2013 16:30:11 +0000 (17:30 +0100)]
Forward Firewall: replaced Outgoing-Logging with ForwardFW Logging. And changed Options in optionsfw.cgi from outgoing to forward
Alexander Marx [Thu, 3 Jan 2013 12:29:35 +0000 (13:29 +0100)]
Forward Firewall: Fixed Bug: When deleting a rule, only the last entry in the list is deleted
Alexander Marx [Thu, 3 Jan 2013 11:26:44 +0000 (12:26 +0100)]
Forward Firewall: Deleted outgoingfw.cgi,outgoinggroups.cgi and xtaccess.cgi from /config/rootfils7common/apache2
Alexander Marx [Thu, 3 Jan 2013 11:17:06 +0000 (12:17 +0100)]
Forward Firewall: removed outgoingfw.cgi from /config/rootfiles/core/66/filelists/files
Alexander Marx [Thu, 3 Jan 2013 11:00:09 +0000 (12:00 +0100)]
Forward Firewall: removed outgoingfwctrl from /config/rootfiles/misc-progs
Alexander Marx [Thu, 3 Jan 2013 07:14:28 +0000 (08:14 +0100)]
Forward Firewall: build iso with new firewall
Alexander Marx [Tue, 1 Jan 2013 05:17:06 +0000 (06:17 +0100)]
Forward Firewall: changed remarkfield to have maximum 255 chars. Changed Layout from viewtablerule.
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Sat, 29 Dec 2012 06:09:37 +0000 (07:09 +0100)]
Forward Firewall: fixed Typos
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Fri, 28 Dec 2012 12:29:34 +0000 (13:29 +0100)]
Forward Firewall: fixed rules.pl error when using manual target address
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Alexander Marx [Fri, 28 Dec 2012 07:26:07 +0000 (08:26 +0100)]
Forward Firewall: added new files
Michael Tremer [Fri, 9 Aug 2013 12:02:02 +0000 (14:02 +0200)]
Forward Firewall: applied all changes as diff and added new files. Also deleted c files from xtaccess and setdmzholes.
Signed-off-by: Alexander Marx <amarx@ipfire.org>
Conflicts:
config/backup/include
lfs/configroot
lfs/usb-stick
Michael Tremer [Wed, 7 Aug 2013 20:15:31 +0000 (22:15 +0200)]
squid: Fix two security issues.
* CVE-2013-4115
* CVE-2013-4123
http://www.squid-cache.org/Versions/v3/3.1/changesets/
Arne Fitzenreiter [Tue, 6 Aug 2013 13:01:26 +0000 (15:01 +0200)]
samba: update to 3.6.17.
Michael Tremer [Sat, 3 Aug 2013 11:36:19 +0000 (13:36 +0200)]
DDNS: Use HTTPS for all-inkl.com.
Michael Tremer [Fri, 2 Aug 2013 11:17:54 +0000 (13:17 +0200)]
tor.cgi: Always show all configuration options.
Otherwise, if tor was disable, all settings like nickname, etc.
were reset to default.
Michael Tremer [Fri, 2 Aug 2013 09:27:14 +0000 (11:27 +0200)]
tor.cgi: Check for valid accounting limit.
Michael Tremer [Fri, 2 Aug 2013 09:22:52 +0000 (11:22 +0200)]
tor.cgi: Check for valid relay address.
Michael Tremer [Fri, 2 Aug 2013 09:20:53 +0000 (11:20 +0200)]
tor.cgi: Check for valid port numbers.
Michael Tremer [Fri, 2 Aug 2013 09:06:40 +0000 (11:06 +0200)]
tor.cgi: Catch invalid characters in relay name.
Michael Tremer [Fri, 2 Aug 2013 08:57:01 +0000 (10:57 +0200)]
tor.cgi: Burst bandwidth may never be less than rate.
Michael Tremer [Fri, 2 Aug 2013 08:42:41 +0000 (10:42 +0200)]
tor: The slowest bandwidth rate for a relay is 20 kbyte/s.
Michael Tremer [Fri, 2 Aug 2013 08:42:08 +0000 (10:42 +0200)]
tor: Fix path to readhash in initscript.
Michael Tremer [Fri, 2 Aug 2013 08:41:27 +0000 (10:41 +0200)]
Merge branch 'ddns-all-inkl' into next
Conflicts:
config/rootfiles/core/72/filelists/files
Arne Fitzenreiter [Thu, 1 Aug 2013 20:28:32 +0000 (22:28 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Thu, 1 Aug 2013 20:27:37 +0000 (22:27 +0200)]
tor: fix permissions.
Michael Tremer [Thu, 1 Aug 2013 17:41:21 +0000 (19:41 +0200)]
core72: Add strongswan update.
Michael Tremer [Thu, 1 Aug 2013 17:38:50 +0000 (19:38 +0200)]
strongswan: Update to 5.1.0.
Michael Tremer [Thu, 1 Aug 2013 16:24:03 +0000 (18:24 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Thu, 1 Aug 2013 15:38:12 +0000 (17:38 +0200)]
DDNS: Support for all-inkl.com.
Requested by Daniel Kovacs <daniel.kovacs@pleasuredome.org>.
Michael Tremer [Wed, 31 Jul 2013 17:40:17 +0000 (19:40 +0200)]
Merge remote-tracking branch 'ms/tor' into tor
Michael Tremer [Wed, 31 Jul 2013 17:26:37 +0000 (19:26 +0200)]
tor.cgi: Show number of connected relays.
Michael Tremer [Wed, 31 Jul 2013 17:22:00 +0000 (19:22 +0200)]
tor: Don't ship torify.
This will need tsocks, which is not present on IPFire.
Michael Tremer [Wed, 31 Jul 2013 17:20:42 +0000 (19:20 +0200)]
WUI: Add Tor menu entry.
Michael Tremer [Wed, 31 Jul 2013 17:11:59 +0000 (19:11 +0200)]
tor.cgi: Minor functionality fixes and layout improvements.
Michael Tremer [Wed, 31 Jul 2013 16:06:05 +0000 (18:06 +0200)]
arm: Don't require distutils.
We don't have that module shipped and we don't really
need it for arm either.
Michael Tremer [Wed, 31 Jul 2013 10:56:58 +0000 (12:56 +0200)]
core72: Add updated firewall script.
Michael Tremer [Wed, 31 Jul 2013 10:56:17 +0000 (12:56 +0200)]
torctrl: Add new binary to rootfiles.
Michael Tremer [Wed, 31 Jul 2013 10:55:08 +0000 (12:55 +0200)]
torctrl: Add stop action.
Michael Tremer [Wed, 31 Jul 2013 10:52:40 +0000 (12:52 +0200)]
tor: Add necessary firewall rules.
Michael Tremer [Wed, 31 Jul 2013 10:52:26 +0000 (12:52 +0200)]
tor: Add torctrl binary.
Michael Tremer [Tue, 30 Jul 2013 19:53:16 +0000 (21:53 +0200)]
tor: Import CGI script.
Michael Tremer [Tue, 30 Jul 2013 19:39:50 +0000 (21:39 +0200)]
tor: Configuration file updates.
Michael Tremer [Fri, 19 Jul 2013 12:34:14 +0000 (14:34 +0200)]
arm: New package.
Resource monitor for tor.
Michael Tremer [Fri, 19 Jul 2013 09:40:14 +0000 (11:40 +0200)]
tor: New package.
Michael Tremer [Thu, 25 Jul 2013 14:46:54 +0000 (16:46 +0200)]
vpnmain.cgi: Use MODP groups with smaller key lengths by default.
https://bugzilla.ipfire.org/show_bug.cgi?id=10396
Michael Tremer [Tue, 16 Jul 2013 10:04:29 +0000 (12:04 +0200)]
ipsecctrl: Re-read everything when configuration is reloaded.
Michael Tremer [Sun, 21 Jul 2013 18:33:36 +0000 (20:33 +0200)]
network: red: Remove duplicate MRU option.
Michael Tremer [Sat, 20 Jul 2013 16:48:29 +0000 (18:48 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Sat, 20 Jul 2013 16:47:51 +0000 (18:47 +0200)]
Add IPsec ECP changes to core update 72.
Michael Tremer [Sat, 20 Jul 2013 16:47:36 +0000 (18:47 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Sat, 20 Jul 2013 10:49:46 +0000 (12:49 +0200)]
ipsec: Add ECP cryptography.
Allow selecting ECDH for IPsec VPN connections.
Michael Tremer [Sat, 20 Jul 2013 15:35:53 +0000 (17:35 +0200)]
strongswan: Update to 5.1.0rc1.
Michael Tremer [Sat, 20 Jul 2013 10:54:31 +0000 (12:54 +0200)]
Merge remote-tracking branch 'ms/strongswan-next' into strongswan-next
Michael Tremer [Sat, 20 Jul 2013 10:51:26 +0000 (12:51 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Sat, 20 Jul 2013 10:49:46 +0000 (12:49 +0200)]
ipsec: Add ECP cryptography.
Allow selecting ECDH for IPsec VPN connections.
Michael Tremer [Sat, 20 Jul 2013 09:08:56 +0000 (11:08 +0200)]
Merge remote-tracking branch 'stevee/ovpnmain.cgi-fixes' into next
Stefan Schantl [Wed, 17 Jul 2013 20:30:29 +0000 (22:30 +0200)]
ovpnmain.cgi: Allow to keep the Remote field empty for N2N connections.
* It's now possible to keep the Remote Host/IP field empty.
* Cleaned up code.
Fixes #10392.
Arne Fitzenreiter [Fri, 19 Jul 2013 16:19:40 +0000 (18:19 +0200)]
transmission: update to 2.81.
Arne Fitzenreiter [Fri, 19 Jul 2013 08:03:22 +0000 (10:03 +0200)]
start core72.
Michael Tremer [Thu, 18 Jul 2013 19:22:10 +0000 (21:22 +0200)]
strongswan: Update rootfile.
Michael Tremer [Thu, 18 Jul 2013 11:10:22 +0000 (13:10 +0200)]
vdr: Add /etc/sysconfig/vdr to backup.
Michael Tremer [Thu, 18 Jul 2013 11:06:42 +0000 (13:06 +0200)]
vdr: Disable debugging logging.
3 is default and includes a lot of debugging output which
leads to really heavy IO with installations with a lot of
channels (satellite mainly).
http://www.vdr-wiki.de/wiki/index.php/VDR_Optionen
Stefan Schantl [Wed, 17 Jul 2013 19:01:14 +0000 (21:01 +0200)]
ovpnmain.cgi: Set mtu-disc to off if not configured.
Fixes #10391.
Stefan Schantl [Wed, 17 Jul 2013 17:58:20 +0000 (19:58 +0200)]
ovpnmain.cgi: Add check for a valid N2N network.
Fixes #10390.
Michael Tremer [Wed, 17 Jul 2013 16:53:13 +0000 (18:53 +0200)]
openvpnctrl: Save the binary from crashing with wrong input.
See #10390.
Michael Tremer [Wed, 17 Jul 2013 15:45:40 +0000 (17:45 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Arne Fitzenreiter [Tue, 16 Jul 2013 21:05:00 +0000 (23:05 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Tue, 16 Jul 2013 20:58:13 +0000 (22:58 +0200)]
dnsforward: add config to iso and updater.
Michael Tremer [Tue, 16 Jul 2013 20:00:14 +0000 (22:00 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Michael Tremer [Tue, 16 Jul 2013 10:04:29 +0000 (12:04 +0200)]
ipsecctrl: Re-read everything when configuration is reloaded.
Michael Tremer [Tue, 16 Jul 2013 18:54:28 +0000 (20:54 +0200)]
strongswan: Enable EAP authentication algorithms.
Michael Tremer [Tue, 16 Jul 2013 17:46:29 +0000 (19:46 +0200)]
squidclamav: Fix indentation of update script.
Michael Tremer [Tue, 16 Jul 2013 17:42:53 +0000 (19:42 +0200)]
squidclamav: Fix permissions of /etc/squidclamav.conf.
The file must not be executable, but writeable by anybody
in the group nobody.
Michael Tremer [Tue, 16 Jul 2013 17:38:54 +0000 (19:38 +0200)]
proxy.cgi: Re-apply accidentially removed changes.
Removed in
dfee7582f9b386126fcaa6c8cdcb98677e34f5b4 ,
originally introduced in
49c7cb232870cce6986f93bb6fc3b6dbf643ec07 .
Michael Tremer [Tue, 16 Jul 2013 10:04:00 +0000 (12:04 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
Arne Fitzenreiter [Tue, 16 Jul 2013 06:36:54 +0000 (08:36 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Tue, 16 Jul 2013 06:35:28 +0000 (08:35 +0200)]
close core71.
Arne Fitzenreiter [Mon, 15 Jul 2013 22:57:33 +0000 (00:57 +0200)]
usb-modeswitch-data: update to
20130610 .
Arne Fitzenreiter [Mon, 15 Jul 2013 22:56:17 +0000 (00:56 +0200)]
usb-modeswitch: update to 1.2.6.
Michael Tremer [Mon, 15 Jul 2013 20:05:12 +0000 (22:05 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Mon, 15 Jul 2013 20:04:59 +0000 (22:04 +0200)]
squid: Allow to set more FDs in CGI.
Arne Fitzenreiter [Mon, 15 Jul 2013 19:56:56 +0000 (21:56 +0200)]
misc-progs: rootfile updates.
Arne Fitzenreiter [Mon, 15 Jul 2013 19:53:47 +0000 (21:53 +0200)]
misc-progs: fix typo in Makefile.
Arne Fitzenreiter [Mon, 15 Jul 2013 18:51:42 +0000 (20:51 +0200)]
core71: add proxy-squidclam changes to updater.
Arne Fitzenreiter [Mon, 15 Jul 2013 18:49:23 +0000 (20:49 +0200)]
Merge remote-tracking branch 'stevee/proxy-squidclamav' into next
Conflicts:
config/cfgroot/general-functions.pl
Arne Fitzenreiter [Mon, 15 Jul 2013 18:42:59 +0000 (20:42 +0200)]
core71: add dnsforward to updater.
Arne Fitzenreiter [Mon, 15 Jul 2013 18:38:27 +0000 (20:38 +0200)]
Merge remote-tracking branch 'stevee/dnsforward' into next
Arne Fitzenreiter [Mon, 15 Jul 2013 18:36:53 +0000 (20:36 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Mon, 15 Jul 2013 15:05:44 +0000 (17:05 +0200)]
snort: update to 2.9.5.
add VRT/GPLv2 community rules.
fix wrong oinkcode warning if no oinkcode is needed.
Arne Fitzenreiter [Mon, 15 Jul 2013 15:03:53 +0000 (17:03 +0200)]
oinkmaster: add vrt community-rules support.
Michael Tremer [Mon, 15 Jul 2013 12:35:07 +0000 (14:35 +0200)]
squid: Increase FDs to 65536 (#10387).