]>
git.ipfire.org Git - ipfire-2.x.git/blob - updates/1.4.10/setup
4 PREVIOUSVERSION
="1.4."$
((`echo $UPGRADEVERSION | /usr/bin/cut -f3 -d '.'`-1))
5 echo "This is the $UPGRADEVERSION update patch for IPCop $PREVIOUSVERSION installing."
7 CURRENTVERSION
=`perl -e "require '/var/ipcop/general-functions.pl';print \\$General::version;"`
8 if [ "$CURRENTVERSION" != "$PREVIOUSVERSION" ]; then
9 echo "You are not running IPCop v$PREVIOUSVERSION for this patch to install."
10 echo "Aborting installation."
14 # general-functions might not be overwrited by patch...
15 /bin
/sed -i -e "s+= '1.4.*$+= '$UPGRADEVERSION';+" /var
/ipcop
/general-functions.pl
17 #protect backup key fix for SF1344032 restrict access to root only
18 [ -e /var
/ipcop
/backup
/backup.key
] && /bin
/chmod 400 /var
/ipcop
/backup
/backup.key
&& .
/fixbackups.sh
20 /bin
/tar -zxpf patch.
tar.gz
-C /
22 # update linker cache (openssl CAN-2005-2969)
26 echo "VPN_DELAYED_START=0" >> /var
/ipcop
/vpn
/settings
28 #replaces ipcoprebirth/ipcopdeath with ipcopreboot
29 /bin
/rm -f /usr
/local
/bin
/{ipcopdeath
,ipcoprebirth
}
31 # restart new httpd apache_1.3.34 mod_ssl-2.8.25-1.3.34 mm-1.4.0
36 # missing from 1.4.9 update
37 /usr
/local
/bin
/setdmzholes
39 # patched squid (CAN-2005-3258 and bug#1405)
40 [ -e /var
/ipcop
/proxy
/squid.conf
] && /usr
/local
/bin
/restartsquid
42 # snort now use binary logging
43 /usr
/local
/bin
/restartsnort
44 # avoid 'too many arguments' on cleanup
45 for i
in `seq 1 9`; do
46 /bin
/rm -rf /var
/log
/snort
/$i*
49 #Insert missing advanced values for VPN settings.
50 #If user never went to adv screen, they are empty.
51 #Whitout them, ipsec uses 3des-(sha|md5)-(768|1024|1536)
52 #as default ike and esp algorythm.
53 #This correction does not add 'aes128' as vpnmain,
54 #so user will see effective algorythm selected.
55 cp /var
/ipcop
/vpn
/config
/var
/ipcop
/vpn
/oldconfig
58 if (open(FILE, '/var/ipcop/vpn/oldconfig')){\
61 foreach my \$line (@lines){\
62 my @confighash=split(',' ,\$line);\
63 \$confighash[15] = 'on' if (\$confighash[15] eq '');\
64 \$confighash[14] = 'off' if (\$confighash[14] eq '');\
65 \$confighash[19] = '3des' if (\$confighash[19] eq '');\
66 \$confighash[20] = 'sha|md5' if (\$confighash[20] eq '');\
67 \$confighash[21] = '1536|1024|768'if (\$confighash[21] eq '');\
68 \$confighash[17] = '1' if (\$confighash[17] eq '');\
69 \$confighash[22] = 'aes128|3des' if (\$confighash[22] eq '');\
70 \$confighash[23] = 'sha1|md5' if (\$confighash[23] eq '');\
71 \$confighash[18] = '8' if (\$confighash[18] eq '');\
72 \$confighash[25] = 'off' if (\$confighash[25] eq '');\
73 print join (',', @confighash); }}" >/var
/ipcop
/vpn
/config
74 rm /var
/ipcop
/vpn
/oldconfig
76 #build cachelang file after all "lang/*.pl" updates
77 perl
-e "require '/var/ipcop/lang.pl'; &Lang::BuildCacheLang"
79 killall mingetty
#redisplay correct version
80 echo "end of $UPGRADEVERSION update"