--- /dev/null
+/var/ipfire/dma
+/var/ipfire/dma/dma.conf
+/var/ipfire/dma/auth.conf
+/var/ipfire/dma/mail.conf
+/var/spool/dma
return &check_netmask($netmask);
}
+# Returns True for all valid subnets like a.b.c.d/e or a.b.c.d/a.b.c.d
+sub check_subnet($) {
+ my $subnet = shift;
+
+ my ($address, $network) = split(/\//, $subnet, 2);
+
+ # Check if the IP address is fine.
+ my $result = &check_ip_address($address);
+ unless ($result) {
+ return $result;
+ }
+
+ return &check_prefix($network) || &check_netmask($network);
+}
+
# For internal use only. Will take an IP address and
# return it in a normalised style. Like 8.8.8.010 -> 8.8.8.8.
sub _normalise_ip_address($) {
17 5 * * * /etc/init.d/tmpfs backup >/dev/null
# Update dynamic DNS records every five minutes.
-# Force an update once a month
*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all
-3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all --force
# Logwatch
01 0 * * * /usr/local/bin/logwatch > /var/log/logwatch/`date -I -d yesterday`; \
# Update GeoIP database once a month.
%monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1
+
+# Retry sending spooled mails regularly
+%hourly * /usr/sbin/dma -q
+
+# Cleanup the mail spool directory
+%weekly * * /usr/sbin/dma-cleanup-spool
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2015 Michael Tremer <michael.tremer@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+SPOOL_DIR="/var/spool/dma"
+
+find_messages() {
+ find "${SPOOL_DIR}" -type f -name "M*" -mtime +30
+}
+
+remove_message() {
+ local f_message="${1}"
+ local f_queue="${f_message/${SPOOL_DIR}\/M/${SPOOL_DIR}\/Q}"
+
+ # If a message file and a queue file exist, delete both
+ [ -f "${f_message}" ] || return 1
+ [ -f "${f_queue}" ] || return 1
+
+ rm -f "${f_message}" "${f_queue}"
+ return 0
+}
+
+main() {
+ for message in $(find_messages); do
+ remove_message "${message}"
+ done
+
+ return 0
+}
+
+main || exit $?
-# user secrets that should not overwritten by the webif
+# user secrets that should not be overwritten by the webif
#
'title' => "$Lang::tr{'time server'}",
'enabled' => 1,
};
+ $subservices->{'41.dma'} = {'caption' => $Lang::tr{'email settings'},
+ 'uri' => '/cgi-bin/mail.cgi',
+ 'title' => "$Lang::tr{'email settings'}",
+ 'enabled' => 1,
+ };
$subservices->{'50.qos'} = {'caption' => 'Quality of Service',
'uri' => '/cgi-bin/qos.cgi',
'title' => "Quality of Service",
--- /dev/null
+#usr/lib/perl5/site_perl/5.12.3/Email
+#usr/lib/perl5/site_perl/5.12.3/Email/Date
+usr/lib/perl5/site_perl/5.12.3/Email/Date/Format.pm
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Email
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Email/Date
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Email/Date/Format
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Email/Date/Format/.packlist
+#usr/share/man/man3/Email::Date::Format.3
--- /dev/null
+usr/lib/perl5/site_perl/5.12.3/MIME/Lite.pm
+#usr/lib/perl5/site_perl/5.12.3/MIME/changes.pod
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/MIME/Lite
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/MIME/Lite/.packlist
+#usr/share/man/man3/MIME::Lite.3
+#usr/share/man/man3/MIME::changes.3
--- /dev/null
+#etc/alternatives
+usr/sbin/alternatives
+usr/sbin/update-alternatives
+#var/lib/alternatives
--- /dev/null
+etc/alternatives/sendmail
+usr/lib/dma-mbox-create
+usr/sbin/dma
+usr/sbin/dma-cleanup-spool
+usr/sbin/mailq
+usr/sbin/sendmail
+usr/sbin/sendmail.dma
+#usr/share/man/man8/dma.8
+var/ipfire/dma
+var/ipfire/dma/auth.conf
+var/ipfire/dma/dma.conf
+var/lib/alternatives/sendmail
+var/spool/dma
#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/RRDs/RRDs.bs
usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/RRDs/RRDs.so
#usr/lib/pkgconfig/librrd.pc
-#usr/share/doc/rrdtool-1.5.3
-#usr/share/doc/rrdtool-1.5.3/html
-#usr/share/doc/rrdtool-1.5.3/html/RRDp.html
-#usr/share/doc/rrdtool-1.5.3/html/RRDs.html
-#usr/share/doc/rrdtool-1.5.3/html/bin_dec_hex.html
-#usr/share/doc/rrdtool-1.5.3/html/cdeftutorial.html
-#usr/share/doc/rrdtool-1.5.3/html/index.html
-#usr/share/doc/rrdtool-1.5.3/html/librrd.html
-#usr/share/doc/rrdtool-1.5.3/html/rpntutorial.html
-#usr/share/doc/rrdtool-1.5.3/html/rrd-beginners.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdbuild.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdcached.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdcgi.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdcreate.html
-#usr/share/doc/rrdtool-1.5.3/html/rrddump.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdfetch.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdfirst.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdflushcached.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdgraph.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdgraph_data.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdgraph_examples.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdgraph_graph.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdgraph_rpn.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdinfo.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdlast.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdlastupdate.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdresize.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdrestore.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdthreads.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdtool.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdtune.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdtutorial.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdupdate.html
-#usr/share/doc/rrdtool-1.5.3/html/rrdxport.html
-#usr/share/doc/rrdtool-1.5.3/txt
-#usr/share/doc/rrdtool-1.5.3/txt/bin_dec_hex.pod
-#usr/share/doc/rrdtool-1.5.3/txt/bin_dec_hex.txt
-#usr/share/doc/rrdtool-1.5.3/txt/cdeftutorial.pod
-#usr/share/doc/rrdtool-1.5.3/txt/cdeftutorial.txt
-#usr/share/doc/rrdtool-1.5.3/txt/librrd.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rpntutorial.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rpntutorial.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrd-beginners.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrd-beginners.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdbuild.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdbuild.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdcached.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdcached.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdcgi.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdcgi.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdcreate.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdcreate.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrddump.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrddump.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdfetch.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdfetch.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdfirst.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdfirst.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdflushcached.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdflushcached.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_data.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_data.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_examples.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_examples.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_graph.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_graph.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_rpn.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdgraph_rpn.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdinfo.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdinfo.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdlast.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdlast.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdlastupdate.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdlastupdate.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdresize.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdresize.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdrestore.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdrestore.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdthreads.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdthreads.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdtool.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdtool.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdtune.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdtune.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdtutorial.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdtutorial.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdupdate.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdupdate.txt
-#usr/share/doc/rrdtool-1.5.3/txt/rrdxport.pod
-#usr/share/doc/rrdtool-1.5.3/txt/rrdxport.txt
+#usr/share/doc/rrdtool-1.5.4
+#usr/share/doc/rrdtool-1.5.4/html
+#usr/share/doc/rrdtool-1.5.4/html/RRDp.html
+#usr/share/doc/rrdtool-1.5.4/html/RRDs.html
+#usr/share/doc/rrdtool-1.5.4/html/bin_dec_hex.html
+#usr/share/doc/rrdtool-1.5.4/html/cdeftutorial.html
+#usr/share/doc/rrdtool-1.5.4/html/index.html
+#usr/share/doc/rrdtool-1.5.4/html/librrd.html
+#usr/share/doc/rrdtool-1.5.4/html/rpntutorial.html
+#usr/share/doc/rrdtool-1.5.4/html/rrd-beginners.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdbuild.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdcached.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdcgi.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdcreate.html
+#usr/share/doc/rrdtool-1.5.4/html/rrddump.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdfetch.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdfirst.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdflushcached.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdgraph.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdgraph_data.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdgraph_examples.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdgraph_graph.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdgraph_rpn.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdinfo.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdlast.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdlastupdate.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdresize.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdrestore.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdthreads.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdtool.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdtune.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdtutorial.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdupdate.html
+#usr/share/doc/rrdtool-1.5.4/html/rrdxport.html
+#usr/share/doc/rrdtool-1.5.4/txt
+#usr/share/doc/rrdtool-1.5.4/txt/bin_dec_hex.pod
+#usr/share/doc/rrdtool-1.5.4/txt/bin_dec_hex.txt
+#usr/share/doc/rrdtool-1.5.4/txt/cdeftutorial.pod
+#usr/share/doc/rrdtool-1.5.4/txt/cdeftutorial.txt
+#usr/share/doc/rrdtool-1.5.4/txt/librrd.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rpntutorial.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rpntutorial.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrd-beginners.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrd-beginners.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdbuild.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdbuild.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdcached.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdcached.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdcgi.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdcgi.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdcreate.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdcreate.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrddump.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrddump.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdfetch.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdfetch.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdfirst.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdfirst.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdflushcached.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdflushcached.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_data.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_data.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_examples.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_examples.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_graph.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_graph.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_rpn.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdgraph_rpn.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdinfo.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdinfo.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdlast.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdlast.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdlastupdate.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdlastupdate.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdresize.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdresize.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdrestore.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdrestore.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdthreads.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdthreads.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdtool.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdtool.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdtune.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdtune.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdtutorial.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdtutorial.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdupdate.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdupdate.txt
+#usr/share/doc/rrdtool-1.5.4/txt/rrdxport.pod
+#usr/share/doc/rrdtool-1.5.4/txt/rrdxport.txt
#usr/share/man/man1/bin_dec_hex.1
#usr/share/man/man1/cdeftutorial.1
#usr/share/man/man1/rpntutorial.1
#usr/share/rrdtool/examples/rrdcached/rrdcached-size.pl
#usr/share/rrdtool/examples/shared-demo.pl
#usr/share/rrdtool/examples/stripes.pl
+#usr/share/rrdtool/examples/stripes.py
var/log/rrd
srv/web/ipfire/cgi-bin/logs.cgi/summary.dat
srv/web/ipfire/cgi-bin/logs.cgi/urlfilter.dat
srv/web/ipfire/cgi-bin/mac.cgi
+srv/web/ipfire/cgi-bin/mail.cgi
srv/web/ipfire/cgi-bin/mdstat.cgi
srv/web/ipfire/cgi-bin/media.cgi
srv/web/ipfire/cgi-bin/memory.cgi
--- /dev/null
+boot/config.txt
+etc/alternatives
+etc/collectd.custom
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/shadow
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/ovpn
+var/lib/alternatives
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+../../../common/Email-Date-Format
\ No newline at end of file
--- /dev/null
+../../../common/MIME-Lite
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/glibc
\ No newline at end of file
--- /dev/null
+../../../common/chkconfig
\ No newline at end of file
--- /dev/null
+../../../common/coreutils
\ No newline at end of file
--- /dev/null
+../../../common/dma
\ No newline at end of file
--- /dev/null
+../../../common/file
\ No newline at end of file
--- /dev/null
+etc/system-release
+etc/issue
+etc/rc.d/init.d/sshd
+srv/web/ipfire/cgi-bin/logs.cgi/log.dat
+srv/web/ipfire/cgi-bin/mail.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
+var/ipfire/langs
+var/ipfire/menu.d/40-services.menu
+var/ipfire/network-functions.pl
--- /dev/null
+../../../common/fireinfo
\ No newline at end of file
--- /dev/null
+../../../common/hdparm
\ No newline at end of file
--- /dev/null
+../../../../common/i586/glibc
\ No newline at end of file
--- /dev/null
+../../../common/openssh
\ No newline at end of file
--- /dev/null
+../../../common/rrdtool
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2015 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+# Remove old core updates from pakfire cache to save space...
+core=94
+for (( i=1; i<=$core; i++ ))
+do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+# Stop services
+/etc/init.d/squid stop
+/etc/init.d/sshd stop
+/etc/init.d/dnsmasq stop
+
+# Extract files
+extract_files
+
+# Update Language cache
+/usr/local/bin/update-lang-cache
+
+# Update SSH configuration
+sed -i /etc/ssh/sshd_config \
+ -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/'
+
+# Move away old and unsupported keys
+mv -f /etc/ssh/ssh_host_dsa_key{,.old}
+# Regenerating weak RSA keys
+mv -f /etc/ssh/ssh_host_key{,.old}
+mv -f /etc/ssh/ssh_host_rsa_key{,.old}
+
+# Update crontab
+sed -i /var/spool/cron/root.orig -e "/Force an update once a month/d"
+sed -i /var/spool/cron/root.orig -e "/ddns update-all --force/d"
+
+grep -qv "dma -q" || cat <<EOF >> /var/spool/cron/root.orig
+
+# Retry sending spooled mails regularly
+%hourly * /usr/sbin/dma -q
+
+# Cleanup the mail spool directory
+%weekly * * /usr/sbin/dma-cleanup-spool
+EOF
+
+fcrontab -z &>/dev/null
+
+# Start services
+/etc/init.d/dnsmasq start
+/etc/init.d/sshd start
+/etc/init.d/squid start
+
+# This update need a reboot...
+#touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+# Update grub config to display new core version
+if [ -e /boot/grub/grub.cfg ]; then
+ grub-mkconfig -o /boot/grub/grub.cfg
+fi
+sync
+
+# Don't report the exitcode last command
+exit 0
--- /dev/null
+../../../common/dnsmasq
\ No newline at end of file
--- /dev/null
+../../../common/pcre
\ No newline at end of file
--- /dev/null
+../../../common/squid
\ No newline at end of file
usr/sbin/postmulti
usr/sbin/postqueue
usr/sbin/postsuper
-usr/sbin/sendmail
+usr/sbin/sendmail.postfix
#usr/share/man/man1/mailq.1
#usr/share/man/man1/newaliases.1
#usr/share/man/man1/postalias.1
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
WARNING: translation string unused: eg
+WARNING: translation string unused: email error
WARNING: translation string unused: email server can not be empty
+WARNING: translation string unused: email subject
+WARNING: translation string unused: email success
+WARNING: translation string unused: email text
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: untranslated string: fwhost cust geoipgrp
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
+WARNING: untranslated string: info messages
WARNING: untranslated string: no data
WARNING: untranslated string: none
WARNING: untranslated string: qos add subclass
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: show tls-auth key
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn statistics n2n
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
WARNING: translation string unused: eg
+WARNING: translation string unused: email error
WARNING: translation string unused: email server can not be empty
+WARNING: translation string unused: email subject
+WARNING: translation string unused: email success
+WARNING: translation string unused: email text
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: untranslated string: fwhost cust geoipgrp
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
+WARNING: untranslated string: info messages
WARNING: untranslated string: no data
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: drop action2
WARNING: untranslated string: drop forward
WARNING: untranslated string: drop outgoing
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: drop action2
WARNING: untranslated string: drop forward
WARNING: untranslated string: drop outgoing
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: advproxy group required
WARNING: untranslated string: bytes
WARNING: untranslated string: check all
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: fwdfw err concon
WARNING: untranslated string: fwdfw err ratecon
WARNING: untranslated string: fwdfw limitconcon
WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: invalid input for valid till days
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: samba join domain
WARNING: untranslated string: search
WARNING: untranslated string: uncheck all
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: drop outgoing
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwdfw err concon
WARNING: untranslated string: fwdfw err ratecon
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: invalid input for valid till days
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: uncheck all
WARNING: untranslated string: upload dh key
WARNING: untranslated string: vendor
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: drop action2
WARNING: untranslated string: drop forward
WARNING: untranslated string: drop outgoing
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: drop action2
WARNING: untranslated string: drop forward
WARNING: untranslated string: drop outgoing
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: incoming firewall access
WARNING: untranslated string: incoming overhead in bytes per second
WARNING: untranslated string: incoming traffic in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn keyexchange
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: check all
+WARNING: untranslated string: email config
+WARNING: untranslated string: email empty field
+WARNING: untranslated string: email invalid
+WARNING: untranslated string: email invalid mailfqdn
+WARNING: untranslated string: email invalid mailip
+WARNING: untranslated string: email invalid mailport
+WARNING: untranslated string: email mailaddr
+WARNING: untranslated string: email mailpass
+WARNING: untranslated string: email mailport
+WARNING: untranslated string: email mailrcpt
+WARNING: untranslated string: email mailsender
+WARNING: untranslated string: email mailuser
+WARNING: untranslated string: email settings
+WARNING: untranslated string: email testmail
+WARNING: untranslated string: email tls
+WARNING: untranslated string: email usemail
WARNING: untranslated string: fwhost addgeoipgrp
WARNING: untranslated string: fwhost cust geoipgroup
WARNING: untranslated string: fwhost cust geoipgrp
WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: info messages
WARNING: untranslated string: invalid input for valid till days
WARNING: untranslated string: no data
WARNING: untranslated string: none
WARNING: untranslated string: routing table
WARNING: untranslated string: search
WARNING: untranslated string: uncheck all
+WARNING: untranslated string: vpn force mobike
WARNING: untranslated string: vpn statistic n2n
WARNING: untranslated string: vpn statistic rw
WARNING: untranslated string: vpn statistics n2n
< drop action2
< drop forward
< drop outgoing
+< email config
+< email empty field
+< email error
+< email invalid
+< email invalid mailfqdn
+< email invalid mailip
+< email invalid mailport
+< email mailaddr
+< email mailpass
+< email mailport
+< email mailrcpt
+< email mailsender
+< email mailuser
+< email settings
+< email subject
+< email success
+< email testmail
+< email text
+< email tls
+< email usemail
< encryption
< entropy
< entropy graphs
< drop action2
< drop forward
< drop outgoing
+< email config
+< email empty field
+< email error
+< email invalid
+< email invalid mailfqdn
+< email invalid mailip
+< email invalid mailport
+< email mailaddr
+< email mailpass
+< email mailport
+< email mailrcpt
+< email mailsender
+< email mailuser
+< email settings
+< email subject
+< email success
+< email testmail
+< email text
+< email tls
+< email usemail
< encryption
< entropy
< entropy graphs
< drop action2
< drop forward
< drop outgoing
+< email config
+< email empty field
+< email error
+< email invalid
+< email invalid mailfqdn
+< email invalid mailip
+< email invalid mailport
+< email mailaddr
+< email mailpass
+< email mailport
+< email mailrcpt
+< email mailsender
+< email mailuser
+< email settings
+< email subject
+< email success
+< email testmail
+< email text
+< email tls
+< email usemail
< encryption
< entropy
< entropy graphs
< drop forward
< drop outgoing
< Edit an existing route
+< email config
+< email empty field
+< email error
+< email invalid
+< email invalid mailfqdn
+< email invalid mailip
+< email invalid mailport
+< email mailaddr
+< email mailpass
+< email mailport
+< email mailrcpt
+< email mailsender
+< email mailuser
+< email settings
+< email subject
+< email success
+< email testmail
+< email text
+< email tls
+< email usemail
< encryption
< entropy
< entropy graphs
'red' => '(red:|pppd\[.*\]: |chat\[.*\]|pppoe\[.*\]|pptp\[.*\]|pppoa\[.*\]|pppoa3\[.*\]|pppoeci\[.*\]|ipppd|ipppd\[.*\]|kernel: ippp\d|kernel: isdn.*|ibod\[.*\]|dhcpcd\[.*\]|modem_run\[.*\])',
'ddns' => '(ddns\[\d+\]:)',
'dns' => '(dnsmasq\[.*\]: )',
+ 'dma' => '(dma\[.*\]: )',
'dhcp' => '(dhcpd: )',
'clamav' => '(clamd\[.*\]: |freshclam\[.*\]: )',
'collectd' => '(collectd\[.*\]: )',
'red' => 'RED',
'ddns' => $Lang::tr{'dynamic dns'},
'dns' => 'DNS',
+ 'dma' => 'Mail',
'dhcp' => "$Lang::tr{'dhcp server'}",
'cron' => 'Cron',
'collectd' => 'Collectd',
# calculate file name
if ($gzindex == 0) {
$filestr = "/var/log/messages";
+ $filestr = "/var/log/mail" if (${section} =~ 'dma');
} else {
$filestr = "/var/log/messages.$gzindex";
+ $filestr = "/var/log/mail.$gzindex" if (${section} =~ 'dma');
$filestr = "$filestr.gz" if -f "$filestr.gz";
}
# now read file if existing
--- /dev/null
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2015 IPFire Team <alexander.marx@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use MIME::Lite;
+
+#enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+
+#Initialize variables and hashes
+my $dmafile="${General::swroot}/dma/dma.conf";
+my $authfile="${General::swroot}/dma/auth.conf";
+my $mailfile="${General::swroot}/dma/mail.conf";
+my %dma=();
+my %auth=();
+my %mail=();
+my %mainsettings=();
+my %cgiparams=();
+my $errormessage='';
+
+#Read all parameters for site
+&Header::getcgihash(\%cgiparams);
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
+#Show Headers
+&Header::showhttpheaders();
+
+#Check configfiles
+if ( -f $dmafile){
+ open (FILE, "<", $dmafile) or die $!;
+ foreach my $line (<FILE>) {
+ $line =~ m/^([A-Z]+)\s+?(.*)?$/;
+ my $key = $1;
+ my $val = $2;
+ $dma{$key}=$val;
+ }
+}else{
+ open(FILE, ">$dmafile") or die $!;
+}
+close FILE;
+
+if (exists $dma{'AUTHPATH'}){
+ open (FILE, "<", $dma{'AUTHPATH'}) or die "$dma{'AUTHPATH'} nicht gefunden $! ";
+ my $authline;
+ foreach my $line (<FILE>) {
+ $authline = $line;
+ }
+ my @part1 = split(/\|/,$authline);
+ my @part2 = split(/\:/,$part1[1]);
+ $auth{'AUTHNAME'} = $part1[0];
+ $auth{'AUTHHOST'} = $part2[0];
+ $auth{'AUTHPASS'} = $part2[1];
+}
+
+if ( -f $mailfile){
+ &General::readhash($mailfile, \%mail);
+}
+
+#ACTIONS
+if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}"){ #SaveButton on configsite
+ #Check fields
+ if ($cgiparams{'USEMAIL'} eq 'on'){
+ $errormessage=&checkmailsettings;
+ }else{
+ $cgiparams{'txt_mailserver'}='';
+ $cgiparams{'txt_mailport'}='';
+ $cgiparams{'txt_mailuser'}='';
+ $cgiparams{'txt_mailpass'}='';
+ $cgiparams{'mail_tls'}='';
+ $cgiparams{'txt_mailsender'}='';
+ $cgiparams{'txt_recipient'}='';
+ }
+ if(!$errormessage){
+ #clear hashes
+ %auth=();
+ %dma=();
+ %mail=();
+
+ #clear configfiles
+ open (TXT, ">$dmafile") or die("Could not open /var/ipfire/dma/dma.conf: $!\n");
+ open (TXT1, ">$authfile") or die("Could not open /var/ipfire/dma/auth.conf: $!\n");
+ open (TXT2, ">$mailfile") or die("Could not open /var/ipfire/dma/mail.conf: $!\n");
+ close TXT2;
+
+ #Fill hashes with actual values
+ $mail{'USEMAIL'} = $cgiparams{'USEMAIL'};
+ $mail{'SENDER'} = $cgiparams{'txt_mailsender'};
+ $mail{'RECIPIENT'} = $cgiparams{'txt_recipient'};
+
+ $auth{'AUTHNAME'} = $cgiparams{'txt_mailuser'};
+ $auth{'AUTHPASS'} = $cgiparams{'txt_mailpass'};
+ $auth{'AUTHHOST'} = $cgiparams{'txt_mailserver'};
+
+ $dma{'SMARTHOST'} = $cgiparams{'txt_mailserver'};
+ $dma{'PORT'} = $cgiparams{'txt_mailport'};
+ $dma{'STARTTLS'} = '' if ($cgiparams{'mail_tls'});
+ $dma{'SECURETRANSFER'} = '' if exists $dma{'STARTTLS'};
+ $dma{'SPOOLDIR'} = "/var/spool/dma";
+ $dma{'FULLBOUNCE'} = '';
+ $dma{'MAILNAME'} = "$mainsettings{'HOSTNAME'}.$mainsettings{DOMAINNAME}";
+ $dma{'AUTHPATH'} = "$authfile" if exists $auth{'AUTHNAME'};
+
+ #Create new configfiles
+ &General::writehash("$mailfile", \%mail);
+ while ( ($k,$v) = each %dma ) {
+ print TXT "$k $v\n";
+ }
+ close TXT;
+ print TXT1 "$auth{'AUTHNAME'}|$auth{'AUTHHOST'}:$auth{'AUTHPASS'}\n";
+ close TXT2;
+
+ }else{
+ $cgiparams{'update'}='on';
+ &configsite;
+ }
+}
+if ($cgiparams{'ACTION'} eq "$Lang::tr{'email testmail'}"){ #Testmail button on configsite
+ &testmail;
+}
+
+#Show site
+&configsite;
+
+#FUNCTIONS
+sub configsite{
+
+
+ #If update set fieldvalues new
+ if($cgiparams{'update'} eq 'on'){
+ $dma{'USEMAIL'}= 'on';
+ $dma{'SMARTHOST'} = $cgiparams{'txt_mailserver'};
+ $dma{'PORT'} = $cgiparams{'txt_mailport'};
+ $auth{'AUTHUSER'} = $cgiparams{'txt_mailuser'};
+ $auth{'AUTHHOST'} = $cgiparams{'txt_mailserver'};
+ $auth{'AUTHPASS'} = $cgiparams{'txt_mailpass'};
+ }
+ #find preselections
+ $checked{'usemail'}{$mail{'USEMAIL'}} = 'CHECKED';
+ $checked{'mail_tls'}{'on'} = 'CHECKED' if exists $dma{'STARTTLS'};
+
+ #Open site
+ &Header::openpage($Lang::tr{'email settings'}, 1, '');
+ &Header::openbigbox('100%', 'center');
+ &error;
+ &info;
+ &Header::openbox('100%', 'left', $Lang::tr{'email config'});
+
+ #### JAVA SCRIPT ####
+ print<<END;
+<script>
+ \$(document).ready(function() {
+ // Show/Hide elements when USEMAIL checkbox is checked.
+ if (\$("#MAIL").attr("checked")) {
+ \$(".MAILSRV").show();
+ } else {
+ \$(".MAILSRV").hide();
+ }
+
+ // Toggle MAIL elements when "USEMAIL" checkbox is clicked
+ \$("#MAIL").change(function() {
+ \$(".MAILSRV").toggle();
+ });
+ });
+</script>
+END
+ ##### JAVA SCRIPT END ####
+ my $col="style='background-color:$color{'color22'}'";
+ print<<END;
+ <form method='post' action='$ENV{'SCRIPT_NAME'}'>
+ <table style='width:100%' border='0'>
+ <tr>
+ <th colspan='3'></th>
+ </tr>
+ <tr>
+ <td style='width:24em'>$Lang::tr{'email usemail'}</td>
+ <td><label><input type='checkbox' name='USEMAIL' id='MAIL' $checked{'usemail'}{'on'}></label></td>
+ <td></td>
+ </tr>
+ </table><br>
+
+ <div class="MAILSRV">
+ <table style='width:100%;'>
+ <tr>
+ <td>$Lang::tr{'email mailsender'}<img src='/blob.gif' alt='*' /></td>
+ <td><input type='text' name='txt_mailsender' value='$mail{'SENDER'}' style='width:22em;'></td>
+ </tr>
+ <tr>
+ <td>$Lang::tr{'email mailrcpt'}<img src='/blob.gif' alt='*' /></td>
+ <td><input type='text' name='txt_recipient' value='$mail{'RECIPIENT'}' style='width:22em;'></td>
+ </tr>
+ <tr>
+ <td style='width:24em'>$Lang::tr{'email mailaddr'}<img src='/blob.gif' alt='*' /></td>
+ <td><input type='text' name='txt_mailserver' value='$dma{'SMARTHOST'}' style='width:22em;'></td>
+ </tr>
+ <tr>
+ <td>$Lang::tr{'email mailport'}<img src='/blob.gif' alt='*' /></td>
+ <td><input type='text' name='txt_mailport' value='$dma{'PORT'}' size='3'></td>
+ </tr>
+ <tr>
+ <td>$Lang::tr{'email mailuser'}</td>
+ <td><input type='text' name='txt_mailuser' value='$auth{'AUTHNAME'}' style='width:22em;'></td>
+ </tr>
+ <tr>
+ <td>$Lang::tr{'email mailpass'}</td>
+ <td><input type='password' name='txt_mailpass' value='$auth{'AUTHPASS'}' style='width:22em;' ></td>
+ </tr>
+ <tr>
+ <td>$Lang::tr{'email tls'}</td>
+ <td><input type='checkbox' name='mail_tls' $checked{'mail_tls'}{'on'}></td>
+ </tr>
+END
+ if (! -z $dmafile && $mail{'USEMAIL'} eq 'on'){
+ print "<tr>";
+ print "<td></td>";
+ print "<td><input type='submit' name='ACTION' value='$Lang::tr{'email testmail'}'></td>";
+ print "</tr>";
+ }
+ print<<END;;
+ <tr>
+ <td colspan='2'> </td>
+ </tr>
+ </table>
+ </div>
+
+ <table style='width:100%;'>
+ <tr>
+ <td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
+ </tr>
+ </table>
+ <br>
+ </form>
+END
+ &Header::closebox();
+ &Header::closebigbox();
+ &Header::closepage();
+ exit 0;
+}
+
+sub checkmailsettings {
+ #Check if mailserver is an ip address or a domain
+ if ($cgiparams{'txt_mailserver'} =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/){
+ if (! &General::validip($cgiparams{'txt_mailserver'})){
+ $errormessage.="$Lang::tr{'email invalid mailip'} $cgiparams{'txt_mailserver'}<br>";
+ }
+ }elsif(! &General::validfqdn($cgiparams{'txt_mailserver'})){
+ $errormessage.="$Lang::tr{'email invalid mailfqdn'} $cgiparams{'txt_mailserver'}<br>";
+ }
+ #Check valid mailserverport
+ if($cgiparams{'txt_mailport'} < 1 || $cgiparams{'txt_mailport'} > 65535){
+ $errormessage.="$Lang::tr{'email invalid mailport'} $cgiparams{'txt_mailport'}<br>";
+ }
+ #Check valid sender
+ if(! $cgiparams{'txt_mailsender'}){
+ $errormessage.="$Lang::tr{'email empty field'} $Lang::tr{'email mailsender'}<br>";
+ }else{
+ if (! &General::validemail($cgiparams{'txt_mailsender'})){
+ $errormessage.="<br>$Lang::tr{'email invalid'} $Lang::tr{'email mailsender'}<br>";
+ }
+ }
+ return $errormessage;
+}
+
+sub testmail {
+ ### Create a new multipart message:
+ $msg = MIME::Lite->new(
+ From => $mail{'SENDER'},
+ To => $mail{'RECIPIENT'},
+ #Cc => 'some@other.com, some@more.com',
+ Subject => 'IPFire Testmail',
+ Type => 'multipart/mixed'
+ );
+
+ ### Add parts (each "attach" has same arguments as "new"):
+ $msg->attach(
+ Type => 'TEXT',
+ Data => "This is the IPFire test mail."
+ );
+
+ ### Add attachment for testing
+ #$msg->attach(
+ # Type => 'application/txt',
+ # Encoding => 'base64',
+ # Path => '/var/ipfire/dma/dma.conf',
+ # Filename => 'dma.conf',
+ # Disposition => 'attachment'
+ #);
+
+ $msg->send_by_sendmail;
+}
+
+sub info {
+ if ($infomessage) {
+ &Header::openbox('100%', 'left', $Lang::tr{'info messages'});
+ print "<class name='base'>$infomessage\n";
+ print " </class>\n";
+ &Header::closebox();
+ }
+}
+
+sub error {
+ if ($errormessage) {
+ &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
+ print "<class name='base'>$errormessage\n";
+ print " </class>\n";
+ &Header::closebox();
+ }
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
$cgiparams{'RW_NET'} = '';
$cgiparams{'DPD_DELAY'} = '30';
$cgiparams{'DPD_TIMEOUT'} = '120';
+$cgiparams{'FORCE_MOBIKE'} = 'off';
&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
###
# Compression
print CONF "\tcompress=yes\n" if ($lconfighash{$key}[13] eq 'on');
+ # Force MOBIKE?
+ if (($lconfighash{$key}[29] eq "ikev2") && ($lconfighash{$key}[32] eq 'on')) {
+ print CONF "\tmobike=yes\n";
+ }
+
# Dead Peer Detection
my $dpdaction = $lconfighash{$key}[27];
print CONF "\tdpdaction=$dpdaction\n";
$cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14];
$cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30];
$cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31];
+ $cgiparams{'FORCE_MOBIKE'} = $confighash{$cgiparams{'KEY'}}[32];
if (!$cgiparams{'DPD_DELAY'}) {
$cgiparams{'DPD_DELAY'} = 30;
my $key = $cgiparams{'KEY'};
if (! $key) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 32) { $confighash{$key}[$i] = "";}
}
$confighash{$key}[0] = $cgiparams{'ENABLED'};
$confighash{$key}[1] = $cgiparams{'NAME'};
$confighash{$key}[14] = $cgiparams{'VHOST'};
$confighash{$key}[30] = $cgiparams{'DPD_TIMEOUT'};
$confighash{$key}[31] = $cgiparams{'DPD_DELAY'};
+ $confighash{$key}[32] = $cgiparams{'FORCE_MOBIKE'};
#free unused fields!
$confighash{$key}[6] = 'off';
$cgiparams{'DPD_TIMEOUT'} = 120;
}
+ if (!$cgiparams{'FORCE_MOBIKE'}) {
+ $cgiparams{'FORCE_MOBIKE'} = 'no';
+ }
+
# Default IKE Version to v2
if (!$cgiparams{'IKE_VERSION'}) {
$cgiparams{'IKE_VERSION'} = 'ikev2';
<input type='hidden' name='DPD_ACTION' value='$cgiparams{'DPD_ACTION'}' />
<input type='hidden' name='DPD_DELAY' value='$cgiparams{'DPD_DELAY'}' />
<input type='hidden' name='DPD_TIMEOUT' value='$cgiparams{'DPD_TIMEOUT'}' />
+ <input type='hidden' name='FORCE_MOBIKE' value='$cgiparams{'FORCE_MOBIKE'}' />
END
;
if ($cgiparams{'KEY'}) {
if (
($cgiparams{'COMPRESSION'} !~ /^(|on|off)$/) ||
+ ($cgiparams{'FORCE_MOBIKE'} !~ /^(|on|off)$/) ||
($cgiparams{'ONLY_PROPOSED'} !~ /^(|on|off)$/) ||
($cgiparams{'PFS'} !~ /^(|on|off)$/) ||
($cgiparams{'VHOST'} !~ /^(|on|off)$/)
$confighash{$cgiparams{'KEY'}}[27] = $cgiparams{'DPD_ACTION'};
$confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'DPD_TIMEOUT'};
$confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'DPD_DELAY'};
+ $confighash{$cgiparams{'KEY'}}[32] = $cgiparams{'FORCE_MOBIKE'};
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
&writeipsecfiles();
if (&vpnenabled) {
$cgiparams{'DPD_ACTION'} = $confighash{$cgiparams{'KEY'}}[27];
$cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30];
$cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31];
+ $cgiparams{'FORCE_MOBIKE'} = $confighash{$cgiparams{'KEY'}}[32];
if (!$cgiparams{'DPD_DELAY'}) {
$cgiparams{'DPD_DELAY'} = 30;
foreach my $key (@temp) {$checked{'ESP_GROUPTYPE'}{$key} = "selected='selected'"; }
$checked{'COMPRESSION'} = $cgiparams{'COMPRESSION'} eq 'on' ? "checked='checked'" : '' ;
+ $checked{'FORCE_MOBIKE'} = $cgiparams{'FORCE_MOBIKE'} eq 'on' ? "checked='checked'" : '' ;
$checked{'ONLY_PROPOSED'} = $cgiparams{'ONLY_PROPOSED'} eq 'on' ? "checked='checked'" : '' ;
$checked{'PFS'} = $cgiparams{'PFS'} eq 'on' ? "checked='checked'" : '' ;
$checked{'VHOST'} = $cgiparams{'VHOST'} eq 'on' ? "checked='checked'" : '' ;
</label>
</td>
</tr>
+ <tr>
+ <td>
+ <label>
+ <input type='checkbox' name='FORCE_MOBIKE' $checked{'FORCE_MOBIKE'} />
+ $Lang::tr{'vpn force mobike'}
+ </label>
+ </td>
+ </tr>
EOF
;
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
'edit share' => 'Freigabe bearbeiten',
'editor' => 'Editor',
'eg' => 'z.B.:',
+'email config' => 'Konfiguration',
+'email empty field' => 'Leeres Feld',
+'email error' => 'ERROR: Testmail konnte nicht versendet werden',
+'email invalid' => 'Ungültiges Feld',
+'email invalid mailfqdn' => 'Ungültiger FQDN für Mailserver',
+'email invalid mailip' => 'Ungültige IP-Adresse für Mailserver',
+'email invalid mailport' => 'Ungültiger Port für Mailserver',
+'email mailaddr' => 'Mailserver-Adresse',
+'email mailpass' => 'Passwort',
+'email mailport' => 'Mailserver-Port',
+'email mailrcpt' => 'E-Mail-Empfänger',
+'email mailsender' => 'E-Mail Absender',
+'email mailuser' => 'Benutzername',
'email server can not be empty' => 'Email-Server darf nicht leer sein',
+'email settings' => 'Mailversand',
+'email subject' => 'IPFire Testmail',
+'email success' => 'Testmail erfolgreich versendet',
+'email testmail' => 'Testnachricht senden',
+'email text' => 'Testnachricht vom IPFire Mailversand.',
+'email tls' => 'TLS aktivieren',
+'email usemail' => 'Mailversand aktivieren',
'emailreportlevel' => 'Email-Reportlevel',
'empty' => 'Dieses Feld kann leer bleiben',
'empty profile' => 'Unbenannt',
'edit share' => 'Edit share',
'editor' => 'Editor',
'eg' => 'e.g.:',
+'email config' => 'Configuration',
+'email empty field' => 'Empty field',
+'email error' => 'ERROR: Testmail could not be sent',
+'email invalid' => 'Invalid field',
+'email invalid mailfqdn' => 'Invalid mailserver fqdn',
+'email invalid mailip' => 'Invalid mailserver IP address',
+'email invalid mailport' => 'Invalid mailserver port',
+'email mailaddr' => 'Mailserver address',
+'email mailpass' => 'Password',
+'email mailport' => 'Mailserver port',
+'email mailrcpt' => 'Mail recipient',
+'email mailsender' => 'Mail sender',
+'email mailuser' => 'Username',
'email server can not be empty' => 'E-mail server can not be empty',
+'email settings' => 'Mailservice',
+'email subject' => 'IPFire Testmail',
+'email success' => 'Testmail successfully sent',
+'email testmail' => 'Send testmail',
+'email text' => 'Testmail from IPFire Mailservice.',
+'email tls' => 'Use TLS',
+'email usemail' => 'Activate Mailservice',
'emailreportlevel' => 'E-mailreportlevel',
'emerging rules' => 'Emergingthreats.net Community Rules',
'empty' => 'This field may be left blank',
'vpn configuration main' => 'VPN Configuration',
'vpn delayed start' => 'Delay before launching VPN (seconds)',
'vpn delayed start help' => 'If required, this delay can be used to allow dynamic DNS updates to propagate properly. 60 is a common value when RED is a dynamic IP.',
+'vpn force mobike' => 'Force using MOBIKE (only IKEv2)',
'vpn incompatible use of defaultroute' => 'hostname=%defaultroute not allowed',
'vpn keyexchange' => 'Keyexchange',
'vpn local id' => 'Local ID',
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2010 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.5
+
+THISAPP = chkconfig-$(VER)
+DL_FILE = $(THISAPP).tar.bz2
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 0e59a43ef588a7bba5528b10bb59bef2
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && make alternatives
+ cd $(DIR_APP) && install -v -m 755 alternatives /usr/sbin
+ ln -svf alternatives /usr/sbin/update-alternatives
+ -mkdir -pv /etc/alternatives /var/lib/alternatives
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 8.23
+VER = 8.24
THISAPP = coreutils-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = abed135279f87ad6762ce57ff6d89c41
+$(DL_FILE)_MD5 = 40efdbce865d2458d8da0a9dcee7c16c
install : $(TARGET)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2011 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 0.9.1
+
+THISAPP = dma-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = dma
+PAK_VER = 1
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 56afaf438ba34d4ff9c8879dc29a16b1
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ mkdir -pv /var/ipfire/dma
+ cd $(DIR_APP) && sed -i '/PREFIX/s/usr\/local/usr/g' Makefile
+ cd $(DIR_APP) && sed -i '/CONFDIR/s/etc\/dma/var\/ipfire\/dma/g' Makefile
+ cd $(DIR_APP) && make
+ cd $(DIR_APP) && make install mailq-link install-spool-dirs install-etc
+ install -v -m 755 $(DIR_SRC)/config/dma/dma-cleanup-spool /usr/sbin
+ chown -R nobody.nobody /var/ipfire/dma
+ chown nobody.root /var/ipfire/dma/auth.conf
+ ln -svf dma /usr/sbin/sendmail.dma
+ /usr/sbin/alternatives --install /usr/sbin/sendmail sendmail /usr/sbin/sendmail.dma 20
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-include_0_0_0_0_8_in_DNS_rebind_checks.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-enhance_add_subnet_to_allow_arbitary_subnet_addresses.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-dont_answer_non_auth_queries_for_auth_zones_locally_when_localise_queries_set.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
+
cd $(DIR_APP) && sed -i src/config.h \
-e 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' \
-e 's|/\* #define HAVE_DNSSEC \*/|#define HAVE_DNSSEC|g' \
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 5.20
+VER = 5.24
THISAPP = file-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 5d5e13eb3e0e13839da869a31790faf2
+$(DL_FILE)_MD5 = ec161b5a0d2aef147fb046e5630b1408
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Add-an-other-forbidden-string-Serial.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Skip-search-for-hypervisor-name-when-the-CPU-string-.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo/0001-Add-an-other-forbidden-string-Serial.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo/0002-Escape-any-non-printable-ascii-characters.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo/0003-Skip-search-for-hypervisor-name-when-the-CPU-string-.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo/0004-Filter-all-IDs-that-only-consist-of-0xff.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo/0005-Fix-crash-if-there-is-id-has-already-been-reset-to-N.patch
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh
cd $(DIR_APP) && ./configure --prefix=/usr
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1183533.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1207995.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1209375.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1217186.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-resolv-stack_chk_fail.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-remove-ctors-dtors-output-sections.patch
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 9.45
+VER = 9.48
THISAPP = hdparm-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1c75d0751a44928b6c4bc81fb16d7fe8
+$(DL_FILE)_MD5 = 213efdbe7471fad3408198918e164354
install : $(TARGET)
include Config
-VER = 6.8p1
+VER = 7.1p1
THISAPP = openssh-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 08f72de6751acfbd0892b5f003922701
+$(DL_FILE)_MD5 = 8709736bc8a8c253bc4eeb4829888ca5
install : $(TARGET)
-e 's/^#\?SyslogFacility AUTH .*$$/SyslogFacility AUTH/' \
-e 's/^#\?LogLevel INFO .*$$/LogLevel INFO/' \
-e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \
+ -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \
/etc/ssh/sshd_config
@rm -rf $(DIR_APP)
@$(POSTBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/pcre-8.37-Fix-buffer-overflow-for-named-recursive-back-referen.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/pcre-8.37-Fix-buffer-overflow-for-forward-reference-within-bac.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/pcre-8.37-Fix-named-forward-reference-to-duplicate-group-numbe.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/pcre-8.37-Fix-another-buffer-overflow.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/pcre-8.37-Fix-buffer-overflow-for-named-references-in-situatio.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--disable-static \
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.005
+
+THISAPP = Email-Date-Format-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 030dcee3bc1a44674900b0132925bd03
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && perl Makefile.PL
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 3.030
+
+THISAPP = MIME-Lite-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 5a6d90329e049eee77248d667343acc7
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && yes |perl Makefile.PL
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = postfix
-PAK_VER = 8
+PAK_VER = 9
DEPS = "amavisd mysql"
install -v -m 644 $(DIR_SRC)/config/backup/includes/postfix \
/var/ipfire/backup/addons/includes/postfix
+ mv /usr/sbin/sendmail /usr/sbin/sendmail.postfix
@rm -rf $(DIR_APP)
@$(POSTBUILD)
include Config
-VER = 1.5.3
+VER = 1.5.4
THISAPP = rrdtool-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 868a828cc6b10654c440a85054240ae2
+$(DL_FILE)_MD5 = 4daea1e628e1c70d91800d6a06427dc1
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13228.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--sysconfdir=/etc/squid \
--enable-cache-digests \
--enable-forw-via-db \
--enable-htcp \
- --enable-linux-netfilter \
--enable-kill-parent-hack \
--disable-wccpv2 \
--enable-icap-client \
include Config
-VER = 1.0.3
+VER = 1.0.4
THISAPP = squid-accounting-$(VER)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = squid-accounting
-PAK_VER = 6
+PAK_VER = 7
-DEPS = "perl-DBI perl-DBD-SQLite perl-File-ReadBackwards perl-PDF-API2 sendEmail"
+DEPS = "perl-DBI perl-DBD-SQLite perl-File-ReadBackwards perl-PDF-API2"
###############################################################################
# Top-level Rules
chmod 777 /var/log/accounting.log
#Set permissions for logo and graphs
chmod -R 777 /srv/web/ipfire/html/accounting
-
-
+
install -v -m 755 $(DIR_APP)/squid-accounting/accounting.cgi /srv/web/ipfire/cgi-bin/
install -v -m 755 $(DIR_APP)/squid-accounting/acct.pl /usr/local/bin/
install -v -m 644 $(DIR_APP)/squid-accounting/acct-lib.pl /var/ipfire/accounting/
install -v -m 755 $(DIR_APP)/squid-accounting/dbinstall.pl /var/ipfire/accounting/
install -v -m 644 $(DIR_APP)/squid-accounting/config/backup/includes/squid-accounting \
/var/ipfire/backup/addons/includes/squid-accounting
-
+
#activate hourly logging of proxy logfile
ln -sf /usr/local/bin/acct.pl /etc/fcron.hourly/squid-accounting
-
chown -R nobody.nobody /var/ipfire/accounting
@rm -rf $(DIR_APP)
@$(POSTBUILD)
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.17" # Version number
-CORE="93" # Core Level (Filename)
+CORE="94" # Core Level (Filename)
PAKFIRE_CORE="93" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
ipfiremake screen
ipfiremake smartmontools
ipfiremake htop
+ ipfiremake chkconfig
ipfiremake postfix
ipfiremake fetchmail
ipfiremake cyrus-imapd
ipfiremake clamav
ipfiremake spamassassin
ipfiremake amavisd
+ ipfiremake dma
ipfiremake alsa
ipfiremake mpfire
ipfiremake guardian
ipfiremake perl-Net-SMTP-SSL
ipfiremake perl-MIME-Base64
ipfiremake perl-Authen-SASL
+ ipfiremake perl-MIME-Lite
+ ipfiremake perl-Email-Date-Format
ipfiremake git
ipfiremake squidclamav
ipfiremake vnstat
case "$1" in
start)
- if [ ! -e "/etc/ssh/ssh_host_key" ]; then
- boot_mesg "Generating SSH host key..."
- ssh-keygen -qf /etc/ssh/ssh_host_key -N '' -t rsa1
- evaluate_retval
- fi
-
- for algo in rsa dsa ecdsa ed25519; do
+ for algo in rsa ecdsa ed25519; do
keyfile="/etc/ssh/ssh_host_${algo}_key"
# If the key already exists, there is nothing to do.
[ -e "${keyfile}" ] && continue
- case "${algo}" in
- rsa)
- algo="rsa1"
- ;;
- esac
-
boot_mesg "Generating SSH key (${algo})..."
ssh-keygen -qf "${keyfile}" -N '' -t ${algo}
evaluate_retval
ln -sf ../init.d/postfix /etc/rc.d/rc0.d/K25postfix
ln -sf ../init.d/postfix /etc/rc.d/rc3.d/S35postfix
ln -sf ../init.d/postfix /etc/rc.d/rc6.d/K25postfix
+
+# Update alternatives
+/usr/sbin/alternatives --install /usr/sbin/sendmail sendmail /usr/sbin/sendmail.postfix 15
extract_backup_includes
stop_service ${NAME}
make_backup ${NAME}
+/usr/sbin/alternatives --remove sendmail /usr/sbin/sendmail.postfix
remove_files
rm -rfv /etc/rc.d/rc*.d/*postfix
--- /dev/null
+From d2aa7dfbb6d1088dcbea9fecc61b9293b320eb95 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Mon, 3 Aug 2015 21:52:12 +0100
+Subject: [PATCH] Include 0.0.0.0/8 in DNS rebind checks.
+
+---
+ CHANGELOG | 7 +++++++
+ src/rfc1035.c | 3 ++-
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 901da47..3f4026d 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -1,3 +1,10 @@
++version 2.76
++ Include 0.0.0.0/8 in DNS rebind checks. This range
++ translates to hosts on the local network, or, at
++ least, 0.0.0.0 accesses the local host, so could
++ be targets for DNS rebinding. See RFC 5735 section 3
++ for details. Thanks to Stephen Röttger for the bug report.
++
+ version 2.75
+ Fix reversion on 2.74 which caused 100% CPU use when a
+ dhcp-script is configured. Thanks to Adrian Davey for
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 56647b0..29e9e65 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -728,7 +728,8 @@ int private_net(struct in_addr addr, int ban_localhost)
+ in_addr_t ip_addr = ntohl(addr.s_addr);
+
+ return
+- (((ip_addr & 0xFF000000) == 0x7F000000) && ban_localhost) /* 127.0.0.0/8 (loopback) */ ||
++ (((ip_addr & 0xFF000000) == 0x7F000000) && ban_localhost) /* 127.0.0.0/8 (loopback) */ ||
++ ((ip_addr & 0xFF000000) == 0x00000000) /* RFC 5735 section 3. "here" network */ ||
+ ((ip_addr & 0xFFFF0000) == 0xC0A80000) /* 192.168.0.0/16 (private) */ ||
+ ((ip_addr & 0xFF000000) == 0x0A000000) /* 10.0.0.0/8 (private) */ ||
+ ((ip_addr & 0xFFF00000) == 0xAC100000) /* 172.16.0.0/12 (private) */ ||
+--
+1.7.10.4
--- /dev/null
+From a7369bef8abd241c3d85633fa9c870943f091e76 Mon Sep 17 00:00:00 2001
+From: Ed Bardsley <ebardsley@google.com>
+Date: Wed, 5 Aug 2015 21:17:18 +0100
+Subject: [PATCH] Enhance --add-subnet to allow arbitary subnet addresses.
+
+---
+ CHANGELOG | 4 ++++
+ man/dnsmasq.8 | 32 ++++++++++++++++++++-----------
+ src/dnsmasq.h | 13 ++++++++++---
+ src/option.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
+ src/rfc1035.c | 39 +++++++++++++++++++++++++++++++-------
+ 5 files changed, 121 insertions(+), 26 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 3f4026d..bbc2834 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -4,6 +4,10 @@ version 2.76
+ least, 0.0.0.0 accesses the local host, so could
+ be targets for DNS rebinding. See RFC 5735 section 3
+ for details. Thanks to Stephen Röttger for the bug report.
++
++ Enhance --add-subnet to allow arbitrary subnet addresses.
++ Thanks to Ed Barsley for the patch.
++
+
+ version 2.75
+ Fix reversion on 2.74 which caused 100% CPU use when a
+diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
+index c8913b5..a23c898 100644
+--- a/man/dnsmasq.8
++++ b/man/dnsmasq.8
+@@ -604,17 +604,27 @@ experimental. Also note that exposing MAC addresses in this way may
+ have security and privacy implications. The warning about caching
+ given for --add-subnet applies to --add-mac too.
+ .TP
+-.B --add-subnet[[=<IPv4 prefix length>],<IPv6 prefix length>]
+-Add the subnet address of the requestor to the DNS queries which are
+-forwarded upstream. The amount of the address forwarded depends on the
+-prefix length parameter: 32 (128 for IPv6) forwards the whole address,
+-zero forwards none of it but still marks the request so that no
+-upstream nameserver will add client address information either. The
+-default is zero for both IPv4 and IPv6. Note that upstream nameservers
+-may be configured to return different results based on this
+-information, but the dnsmasq cache does not take account. If a dnsmasq
+-instance is configured such that different results may be encountered,
+-caching should be disabled.
++.B --add-subnet[[=[<IPv4 address>/]<IPv4 prefix length>][,[<IPv6 address>/]<IPv6 prefix length>]]
++Add a subnet address to the DNS queries which are forwarded
++upstream. If an address is specified in the flag, it will be used,
++otherwise, the address of the requestor will be used. The amount of
++the address forwarded depends on the prefix length parameter: 32 (128
++for IPv6) forwards the whole address, zero forwards none of it but
++still marks the request so that no upstream nameserver will add client
++address information either. The default is zero for both IPv4 and
++IPv6. Note that upstream nameservers may be configured to return
++different results based on this information, but the dnsmasq cache
++does not take account. If a dnsmasq instance is configured such that
++different results may be encountered, caching should be disabled.
++
++For example,
++.B --add-subnet=24,96
++will add the /24 and /96 subnets of the requestor for IPv4 and IPv6 requestors, respectively.
++.B --add-subnet=1.2.3.4/24
++will add 1.2.3.0/24 for IPv4 requestors and ::/0 for IPv6 requestors.
++.B --add-subnet=1.2.3.4/24,1.2.3.4/24
++will add 1.2.3.0/24 for both IPv4 and IPv6 requestors.
++
+ .TP
+ .B \-c, --cache-size=<cachesize>
+ Set the size of dnsmasq's cache. The default is 150 names. Setting the cache size to zero disables caching.
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index cf1a782..f42acdb 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -541,6 +541,13 @@ struct iname {
+ struct iname *next;
+ };
+
++/* subnet parameters from command line */
++struct mysubnet {
++ union mysockaddr addr;
++ int addr_used;
++ int mask;
++};
++
+ /* resolv-file parms from command-line */
+ struct resolvc {
+ struct resolvc *next;
+@@ -935,9 +942,9 @@ extern struct daemon {
+ struct auth_zone *auth_zones;
+ struct interface_name *int_names;
+ char *mxtarget;
+- int addr4_netmask;
+- int addr6_netmask;
+- char *lease_file;
++ struct mysubnet *add_subnet4;
++ struct mysubnet *add_subnet6;
++ char *lease_file;
+ char *username, *groupname, *scriptuser;
+ char *luascript;
+ char *authserver, *hostmaster;
+diff --git a/src/option.c b/src/option.c
+index ecc2619..746cd11 100644
+--- a/src/option.c
++++ b/src/option.c
+@@ -445,7 +445,7 @@ static struct {
+ { LOPT_PXE_SERV, ARG_DUP, "<service>", gettext_noop("Boot service for PXE menu."), NULL },
+ { LOPT_TEST, 0, NULL, gettext_noop("Check configuration syntax."), NULL },
+ { LOPT_ADD_MAC, OPT_ADD_MAC, NULL, gettext_noop("Add requestor's MAC address to forwarded DNS queries."), NULL },
+- { LOPT_ADD_SBNET, ARG_ONE, "<v4 pref>[,<v6 pref>]", gettext_noop("Add requestor's IP subnet to forwarded DNS queries."), NULL },
++ { LOPT_ADD_SBNET, ARG_ONE, "<v4 pref>[,<v6 pref>]", gettext_noop("Add specified IP subnet to forwarded DNS queries."), NULL },
+ { LOPT_DNSSEC, OPT_DNSSEC_PROXY, NULL, gettext_noop("Proxy DNSSEC validation results from upstream nameservers."), NULL },
+ { LOPT_INCR_ADDR, OPT_CONSEC_ADDR, NULL, gettext_noop("Attempt to allocate sequential IP addresses to DHCP clients."), NULL },
+ { LOPT_CONNTRACK, OPT_CONNTRACK, NULL, gettext_noop("Copy connection-track mark from queries to upstream connections."), NULL },
+@@ -722,6 +722,20 @@ static void do_usage(void)
+
+ #define ret_err(x) do { strcpy(errstr, (x)); return 0; } while (0)
+
++static char *parse_mysockaddr(char *arg, union mysockaddr *addr)
++{
++ if (inet_pton(AF_INET, arg, &addr->in.sin_addr) > 0)
++ addr->sa.sa_family = AF_INET;
++#ifdef HAVE_IPV6
++ else if (inet_pton(AF_INET6, arg, &addr->in6.sin6_addr) > 0)
++ addr->sa.sa_family = AF_INET6;
++#endif
++ else
++ return _("bad address");
++
++ return NULL;
++}
++
+ char *parse_server(char *arg, union mysockaddr *addr, union mysockaddr *source_addr, char *interface, int *flags)
+ {
+ int source_port = 0, serv_port = NAMESERVER_PORT;
+@@ -1585,7 +1599,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
+ li = match_suffix->next;
+ free(match_suffix->suffix);
+ free(match_suffix);
+- }
++ }
+ break;
+ }
+
+@@ -1593,10 +1607,45 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
+ set_option_bool(OPT_CLIENT_SUBNET);
+ if (arg)
+ {
++ char *err, *end;
+ comma = split(arg);
+- if (!atoi_check(arg, &daemon->addr4_netmask) ||
+- (comma && !atoi_check(comma, &daemon->addr6_netmask)))
+- ret_err(gen_err);
++
++ struct mysubnet* new = opt_malloc(sizeof(struct mysubnet));
++ if ((end = split_chr(arg, '/')))
++ {
++ /* has subnet+len */
++ err = parse_mysockaddr(arg, &new->addr);
++ if (err)
++ ret_err(err);
++ if (!atoi_check(end, &new->mask))
++ ret_err(gen_err);
++ new->addr_used = 1;
++ }
++ else if (!atoi_check(arg, &new->mask))
++ ret_err(gen_err);
++
++ daemon->add_subnet4 = new;
++
++ new = opt_malloc(sizeof(struct mysubnet));
++ if (comma)
++ {
++ if ((end = split_chr(comma, '/')))
++ {
++ /* has subnet+len */
++ err = parse_mysockaddr(comma, &new->addr);
++ if (err)
++ ret_err(err);
++ if (!atoi_check(end, &new->mask))
++ ret_err(gen_err);
++ new->addr_used = 1;
++ }
++ else
++ {
++ if (!atoi_check(comma, &new->mask))
++ ret_err(gen_err);
++ }
++ }
++ daemon->add_subnet6 = new;
+ }
+ break;
+
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 29e9e65..6a51b30 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -629,26 +629,47 @@ struct subnet_opt {
+ #endif
+ };
+
++static void *get_addrp(union mysockaddr *addr, const short family)
++{
++#ifdef HAVE_IPV6
++ if (family == AF_INET6)
++ return &addr->in6.sin6_addr;
++#endif
++
++ return &addr->in.sin_addr;
++}
++
+ static size_t calc_subnet_opt(struct subnet_opt *opt, union mysockaddr *source)
+ {
+ /* http://tools.ietf.org/html/draft-vandergaast-edns-client-subnet-02 */
+
+ int len;
+ void *addrp;
++ int sa_family = source->sa.sa_family;
+
+ #ifdef HAVE_IPV6
+ if (source->sa.sa_family == AF_INET6)
+ {
+- opt->family = htons(2);
+- opt->source_netmask = daemon->addr6_netmask;
+- addrp = &source->in6.sin6_addr;
++ opt->source_netmask = daemon->add_subnet6->mask;
++ if (daemon->add_subnet6->addr_used)
++ {
++ sa_family = daemon->add_subnet6->addr.sa.sa_family;
++ addrp = get_addrp(&daemon->add_subnet6->addr, sa_family);
++ }
++ else
++ addrp = &source->in6.sin6_addr;
+ }
+ else
+ #endif
+ {
+- opt->family = htons(1);
+- opt->source_netmask = daemon->addr4_netmask;
+- addrp = &source->in.sin_addr;
++ opt->source_netmask = daemon->add_subnet4->mask;
++ if (daemon->add_subnet4->addr_used)
++ {
++ sa_family = daemon->add_subnet4->addr.sa.sa_family;
++ addrp = get_addrp(&daemon->add_subnet4->addr, sa_family);
++ }
++ else
++ addrp = &source->in.sin_addr;
+ }
+
+ opt->scope_netmask = 0;
+@@ -656,6 +677,11 @@ static size_t calc_subnet_opt(struct subnet_opt *opt, union mysockaddr *source)
+
+ if (opt->source_netmask != 0)
+ {
++#ifdef HAVE_IPV6
++ opt->family = htons(sa_family == AF_INET6 ? 2 : 1);
++#else
++ opt->family = htons(1);
++#endif
+ len = ((opt->source_netmask - 1) >> 3) + 1;
+ memcpy(opt->addr, addrp, len);
+ if (opt->source_netmask & 7)
+@@ -2335,4 +2361,3 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
+
+ return len;
+ }
+-
+--
+1.7.10.4
--- /dev/null
+From 3a3965ac21b1b759eab8799b6edb09195b671306 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sun, 9 Aug 2015 17:45:06 +0100
+Subject: [PATCH] Don't answer non-auth queries for auth zones locally when
+ --localise-queries set.
+
+---
+ src/forward.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/forward.c b/src/forward.c
+index 2731b90..b76a974 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -1365,7 +1365,7 @@ void receive_query(struct listener *listen, time_t now)
+
+ #ifdef HAVE_AUTH
+ /* find queries for zones we're authoritative for, and answer them directly */
+- if (!auth_dns)
++ if (!auth_dns && !option_bool(OPT_LOCALISE))
+ for (zone = daemon->auth_zones; zone; zone = zone->next)
+ if (in_zone(zone, daemon->namebuff, NULL))
+ {
+@@ -1904,7 +1904,7 @@ unsigned char *tcp_request(int confd, time_t now,
+
+ #ifdef HAVE_AUTH
+ /* find queries for zones we're authoritative for, and answer them directly */
+- if (!auth_dns)
++ if (!auth_dns && !option_bool(OPT_LOCALISE))
+ for (zone = daemon->auth_zones; zone; zone = zone->next)
+ if (in_zone(zone, daemon->namebuff, NULL))
+ {
+--
+1.7.10.4
From edacae4b2cdc41f1c0bfc93e041532ff6c49f60c Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 17 Mar 2015 22:19:17 +0100
-Subject: [PATCH] Add an other forbidden string: "Serial"
+Subject: [PATCH 1/5] Add an other forbidden string: "Serial"
---
src/fireinfo/system.py | 2 +-
"01010101-0101-0101-0101-010101010101",
"00020003-0004-0005-0006-000700080009",
--
-2.1.0
+2.4.3
--- /dev/null
+From 4468fb2eb49e21d2350f6619584e6816f5159d29 Mon Sep 17 00:00:00 2001
+From: Michael Tremer <michael.tremer@ipfire.org>
+Date: Sat, 28 Mar 2015 13:17:57 +0100
+Subject: [PATCH 2/5] Escape any non-printable ascii characters
+
+http://forum.ipfire.org/viewtopic.php?f=5&t=12970
+---
+ src/fireinfo/system.py | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/src/fireinfo/system.py b/src/fireinfo/system.py
+index 9d7872822b85..4148c66eded7 100644
+--- a/src/fireinfo/system.py
++++ b/src/fireinfo/system.py
+@@ -325,6 +325,16 @@ class System(object):
+
+ return v, m
+
++ @staticmethod
++ def escape_string(s):
++ """
++ Will remove all non-printable characters from the given string
++ """
++ if s is None:
++ return
++
++ return filter(lambda x: x in string.printable, s)
++
+ @property
+ def vendor(self):
+ """
+@@ -334,14 +344,14 @@ class System(object):
+ for file in ("sys_vendor", "board_vendor", "chassis_vendor",):
+ ret = read_from_file(os.path.join(SYS_CLASS_DMI, file))
+ if ret:
+- return ret
++ return self.escape_string(ret)
+
+ if os.path.exists("/proc/device-tree"):
+ ret = self.__cpuinfo.get("Hardware", None)
+ else:
+ ret, m = self.vendor_model_tuple()
+
+- return ret
++ return self.escape_string(ret)
+
+ @property
+ def model(self):
+@@ -352,7 +362,7 @@ class System(object):
+ for file in ("product_name", "board_model", "chassis_model",):
+ ret = read_from_file(os.path.join(SYS_CLASS_DMI, file))
+ if ret:
+- return ret
++ return self.escape_string(ret)
+
+ # Read device-tree model if available
+ ret = read_from_file("/proc/device-tree/model")
+@@ -364,7 +374,7 @@ class System(object):
+ if not ret:
+ v, ret = self.vendor_model_tuple()
+
+- return ret
++ return self.escape_string(ret)
+
+ @property
+ def memory(self):
+--
+2.4.3
+
From c667589410912ca980a78f417e86dd6585d58f9a Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 4 May 2015 16:00:31 +0200
-Subject: [PATCH] Skip search for hypervisor name when the CPU string is empty
+Subject: [PATCH 3/5] Skip search for hypervisor name when the CPU string is
+ empty
---
src/_fireinfo/fireinfo.c | 11 ++++++-----
}
--
-2.1.0
+2.4.3
--- /dev/null
+From d58f8ef75a29dd6f8968084b5383ce0f39c75666 Mon Sep 17 00:00:00 2001
+From: Michael Tremer <michael.tremer@ipfire.org>
+Date: Wed, 12 Aug 2015 10:50:42 +0100
+Subject: [PATCH 4/5] Filter all IDs that only consist of 0xff
+
+Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
+---
+ src/fireinfo/system.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/fireinfo/system.py b/src/fireinfo/system.py
+index 4148c66eded7..edf7359a17e6 100644
+--- a/src/fireinfo/system.py
++++ b/src/fireinfo/system.py
+@@ -255,6 +255,10 @@ class System(object):
+ id = None
+ break
+
++ # Check if the string only contains 0xff
++ if all((e == "\xff" for e in id)):
++ id = None
++
+ if id:
+ _ids.append(id)
+
+--
+2.4.3
+
--- /dev/null
+From deafec982e4c8f2e6ffa3bf70b0a94fa30158e9a Mon Sep 17 00:00:00 2001
+From: Michael Tremer <michael.tremer@ipfire.org>
+Date: Wed, 9 Sep 2015 15:04:43 +0100
+Subject: [PATCH 5/5] Fix crash if there is id has already been reset to None
+
+Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
+---
+ src/fireinfo/system.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/fireinfo/system.py b/src/fireinfo/system.py
+index edf7359a17e6..c2ba12e818f0 100644
+--- a/src/fireinfo/system.py
++++ b/src/fireinfo/system.py
+@@ -256,7 +256,7 @@ class System(object):
+ break
+
+ # Check if the string only contains 0xff
+- if all((e == "\xff" for e in id)):
++ if id and all((e == "\xff" for e in id)):
+ id = None
+
+ if id:
+--
+2.4.3
+
--- /dev/null
+#
+# Author: Carlos O'Donell
+# Upstream status: Needs to go upstream (2015-05-07)
+#
+diff --git a/inet/rcmd.c b/inet/rcmd.c
+index acacaa0..9f2443b 100644
+--- a/inet/rcmd.c
++++ b/inet/rcmd.c
+@@ -803,29 +803,38 @@ __validuser2_sa(hostf, ra, ralen, luser, ruser, rhost)
+ *p = '\0'; /* <nul> terminate username (+host?) */
+
+ /* buf -> host(?) ; user -> username(?) */
++ if (*buf == '\0')
++ break;
++ if (*user == '\0')
++ user = luser;
++
++ /* First check the user part. This is an optimization, since
++ one should always check the host first in order to detect
++ negative host checks (which we check for later). */
++ ucheck = __icheckuser (user, ruser);
++
++ /* Either we found the user, or we didn't and this is a
++ negative host check. We must do the negative host lookup
++ in order to preserve the semantics of stopping on this line
++ before processing others. */
++ if (ucheck != 0 || *buf == '-') {
++
++ /* Next check host part */
++ hcheck = __checkhost_sa (ra, ralen, buf, rhost);
++
++ /* Negative '-host user(?)' match? */
++ if (hcheck < 0)
++ break;
+
+- /* First check host part */
+- hcheck = __checkhost_sa (ra, ralen, buf, rhost);
+-
+- if (hcheck < 0)
+- break;
+-
+- if (hcheck) {
+- /* Then check user part */
+- if (! (*user))
+- user = luser;
+-
+- ucheck = __icheckuser (user, ruser);
+-
+- /* Positive 'host user' match? */
+- if (ucheck > 0) {
++ /* Positive 'host user' match? */
++ if (hcheck > 0 && ucheck > 0) {
+ retval = 0;
+ break;
+ }
+
+- /* Negative 'host -user' match? */
+- if (ucheck < 0)
+- break;
++ /* Negative 'host -user' match? */
++ if (hcheck > 0 && ucheck < 0)
++ break;
+
+ /* Neither, go on looking for match */
+ }
--- /dev/null
+From f6efcf125123199d446c5561266c3c3846ed9f30 Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Wed, 3 Jun 2015 16:51:59 +0000
+Subject: [PATCH] Fix another buffer overflow.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Ported to 8.37:
+
+commit 225f0d5eb16c7a26591a1e3f286c7476907b5a6a
+Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Wed Jun 3 16:51:59 2015 +0000
+
+ Fix another buffer overflow.
+
+ git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1562 2f5784b3-3f2a-0410-8824-cb99058d5e15
+
+Signed-off-by: Petr PÃsaÅ™ <ppisar@redhat.com>
+---
+ pcre_compile.c | 7 ++++++-
+ testdata/testinput2 | 2 ++
+ testdata/testoutput11-16 | 2 +-
+ testdata/testoutput11-32 | 2 +-
+ testdata/testoutput11-8 | 2 +-
+ testdata/testoutput2 | 2 ++
+ 6 files changed, 13 insertions(+), 4 deletions(-)
+
+diff --git a/pcre_compile.c b/pcre_compile.c
+index 8b4aaef..f5d2384 100644
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -7210,7 +7210,12 @@ for (;; ptr++)
+ real compile this will be picked up and the reference wrapped with
+ OP_ONCE to make it atomic, so we must space in case this occurs. */
+
+- if (recno == 0) *lengthptr += 2 + 2*LINK_SIZE;
++ /* In fact, this can happen for a non-forward reference because
++ another group with the same number might be created later. This
++ issue is fixed "properly" in PCRE2. As PCRE1 is now in maintenance
++ only mode, we finesse the bug by allowing more memory always. */
++
++ /* if (recno == 0) */ *lengthptr += 2 + 2*LINK_SIZE;
+ }
+
+ /* In the real compile, search the name table. We check the name
+diff --git a/testdata/testinput2 b/testdata/testinput2
+index 5cc9ce6..e12de3a 100644
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -4156,4 +4156,6 @@ backtracking verbs. --/
+
+ /(?=di(?<=(?1))|(?=(.))))/
+
++"(?J:(?|(?'R')(\k'R')|((?'R'))))"
++
+ /-- End of testinput2 --/
+diff --git a/testdata/testoutput11-16 b/testdata/testoutput11-16
+index 422f2ad..e222e7c 100644
+--- a/testdata/testoutput11-16
++++ b/testdata/testoutput11-16
+@@ -231,7 +231,7 @@ Memory allocation (code space): 73
+ ------------------------------------------------------------------
+
+ /(?P<a>a)...(?P=a)bbb(?P>a)d/BM
+-Memory allocation (code space): 61
++Memory allocation (code space): 77
+ ------------------------------------------------------------------
+ 0 24 Bra
+ 2 5 CBra 1
+diff --git a/testdata/testoutput11-32 b/testdata/testoutput11-32
+index d953ec8..9a80ec9 100644
+--- a/testdata/testoutput11-32
++++ b/testdata/testoutput11-32
+@@ -231,7 +231,7 @@ Memory allocation (code space): 155
+ ------------------------------------------------------------------
+
+ /(?P<a>a)...(?P=a)bbb(?P>a)d/BM
+-Memory allocation (code space): 125
++Memory allocation (code space): 157
+ ------------------------------------------------------------------
+ 0 24 Bra
+ 2 5 CBra 1
+diff --git a/testdata/testoutput11-8 b/testdata/testoutput11-8
+index 6ec18ec..3adaca2 100644
+--- a/testdata/testoutput11-8
++++ b/testdata/testoutput11-8
+@@ -231,7 +231,7 @@ Memory allocation (code space): 45
+ ------------------------------------------------------------------
+
+ /(?P<a>a)...(?P=a)bbb(?P>a)d/BM
+-Memory allocation (code space): 38
++Memory allocation (code space): 50
+ ------------------------------------------------------------------
+ 0 30 Bra
+ 3 7 CBra 1
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index 4decb8d..5bad26c 100644
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -14428,4 +14428,6 @@ Failed: lookbehind assertion is not fixed length at offset 17
+ /(?=di(?<=(?1))|(?=(.))))/
+ Failed: unmatched parentheses at offset 23
+
++"(?J:(?|(?'R')(\k'R')|((?'R'))))"
++
+ /-- End of testinput2 --/
+--
+2.4.3
+
--- /dev/null
+From b3f0b0dd971314df8f865e221aa1a88e75d6d1a6 Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Wed, 5 Aug 2015 15:38:32 +0000
+Subject: [PATCH] Fix buffer overflow for named references in (?| situations.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Ported for 8.37:
+
+commit 7af8e8717def179fd7b69e173abd347c1a3547cb
+Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Wed Aug 5 15:38:32 2015 +0000
+
+ Fix buffer overflow for named references in (?| situations.
+
+ git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1585 2f5784b3-3f2a-0410-8824-cb99058d5e15
+
+Signed-off-by: Petr PÃsaÅ™ <ppisar@redhat.com>
+---
+ pcre_compile.c | 74 ++++++++++++++++++++++++++++++----------------------
+ pcre_internal.h | 1 +
+ testdata/testinput2 | 2 ++
+ testdata/testoutput2 | 2 ++
+ 4 files changed, 48 insertions(+), 31 deletions(-)
+
+diff --git a/pcre_compile.c b/pcre_compile.c
+index f5d2384..5fe5c1d 100644
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -6641,6 +6641,7 @@ for (;; ptr++)
+ /* ------------------------------------------------------------ */
+ case CHAR_VERTICAL_LINE: /* Reset capture count for each branch */
+ reset_bracount = TRUE;
++ cd->dupgroups = TRUE; /* Record (?| encountered */
+ /* Fall through */
+
+ /* ------------------------------------------------------------ */
+@@ -7151,7 +7152,8 @@ for (;; ptr++)
+ if (lengthptr != NULL)
+ {
+ named_group *ng;
+-
++ recno = 0;
++
+ if (namelen == 0)
+ {
+ *errorcodeptr = ERR62;
+@@ -7168,32 +7170,6 @@ for (;; ptr++)
+ goto FAILED;
+ }
+
+- /* The name table does not exist in the first pass; instead we must
+- scan the list of names encountered so far in order to get the
+- number. If the name is not found, set the value to 0 for a forward
+- reference. */
+-
+- recno = 0;
+- ng = cd->named_groups;
+- for (i = 0; i < cd->names_found; i++, ng++)
+- {
+- if (namelen == ng->length &&
+- STRNCMP_UC_UC(name, ng->name, namelen) == 0)
+- {
+- open_capitem *oc;
+- recno = ng->number;
+- if (is_recurse) break;
+- for (oc = cd->open_caps; oc != NULL; oc = oc->next)
+- {
+- if (oc->number == recno)
+- {
+- oc->flag = TRUE;
+- break;
+- }
+- }
+- }
+- }
+-
+ /* Count named back references. */
+
+ if (!is_recurse) cd->namedrefcount++;
+@@ -7215,7 +7191,44 @@ for (;; ptr++)
+ issue is fixed "properly" in PCRE2. As PCRE1 is now in maintenance
+ only mode, we finesse the bug by allowing more memory always. */
+
+- /* if (recno == 0) */ *lengthptr += 2 + 2*LINK_SIZE;
++ *lengthptr += 2 + 2*LINK_SIZE;
++
++ /* It is even worse than that. The current reference may be to an
++ existing named group with a different number (so apparently not
++ recursive) but which later on is also attached to a group with the
++ current number. This can only happen if $(| has been previous
++ encountered. In that case, we allow yet more memory, just in case.
++ (Again, this is fixed "properly" in PCRE2. */
++
++ if (cd->dupgroups) *lengthptr += 2 + 2*LINK_SIZE;
++
++ /* Otherwise, check for recursion here. The name table does not exist
++ in the first pass; instead we must scan the list of names encountered
++ so far in order to get the number. If the name is not found, leave
++ the value of recno as 0 for a forward reference. */
++
++ else
++ {
++ ng = cd->named_groups;
++ for (i = 0; i < cd->names_found; i++, ng++)
++ {
++ if (namelen == ng->length &&
++ STRNCMP_UC_UC(name, ng->name, namelen) == 0)
++ {
++ open_capitem *oc;
++ recno = ng->number;
++ if (is_recurse) break;
++ for (oc = cd->open_caps; oc != NULL; oc = oc->next)
++ {
++ if (oc->number == recno)
++ {
++ oc->flag = TRUE;
++ break;
++ }
++ }
++ }
++ }
++ }
+ }
+
+ /* In the real compile, search the name table. We check the name
+@@ -7262,8 +7275,6 @@ for (;; ptr++)
+ for (i++; i < cd->names_found; i++)
+ {
+ if (STRCMP_UC_UC(slot + IMM2_SIZE, cslot + IMM2_SIZE) != 0) break;
+-
+-
+ count++;
+ cslot += cd->name_entry_size;
+ }
+@@ -9189,6 +9200,7 @@ cd->names_found = 0;
+ cd->name_entry_size = 0;
+ cd->name_table = NULL;
+ cd->dupnames = FALSE;
++cd->dupgroups = FALSE;
+ cd->namedrefcount = 0;
+ cd->start_code = cworkspace;
+ cd->hwm = cworkspace;
+@@ -9223,7 +9235,7 @@ if (errorcode != 0) goto PCRE_EARLY_ERROR_RETURN;
+
+ DPRINTF(("end pre-compile: length=%d workspace=%d\n", length,
+ (int)(cd->hwm - cworkspace)));
+-
++
+ if (length > MAX_PATTERN_SIZE)
+ {
+ errorcode = ERR20;
+diff --git a/pcre_internal.h b/pcre_internal.h
+index dd0ac7f..7ca6020 100644
+--- a/pcre_internal.h
++++ b/pcre_internal.h
+@@ -2446,6 +2446,7 @@ typedef struct compile_data {
+ BOOL had_pruneorskip; /* (*PRUNE) or (*SKIP) encountered */
+ BOOL check_lookbehind; /* Lookbehinds need later checking */
+ BOOL dupnames; /* Duplicate names exist */
++ BOOL dupgroups; /* Duplicate groups exist: (?| found */
+ BOOL iscondassert; /* Next assert is a condition */
+ int nltype; /* Newline type */
+ int nllen; /* Newline string length */
+diff --git a/testdata/testinput2 b/testdata/testinput2
+index e12de3a..8e044f8 100644
+--- a/testdata/testinput2
++++ b/testdata/testinput2
+@@ -4158,4 +4158,6 @@ backtracking verbs. --/
+
+ "(?J:(?|(?'R')(\k'R')|((?'R'))))"
+
++/(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R')))/
++
+ /-- End of testinput2 --/
+diff --git a/testdata/testoutput2 b/testdata/testoutput2
+index 5bad26c..6019425 100644
+--- a/testdata/testoutput2
++++ b/testdata/testoutput2
+@@ -14430,4 +14430,6 @@ Failed: unmatched parentheses at offset 23
+
+ "(?J:(?|(?'R')(\k'R')|((?'R'))))"
+
++/(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R')))/
++
+ /-- End of testinput2 --/
+--
+2.4.3
+
--- /dev/null
+From 83ed574998fe7b844b98ab7cd56291068feb9e31 Mon Sep 17 00:00:00 2001
+From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Sat, 16 May 2015 11:05:40 +0000
+Subject: [PATCH] Fix named forward reference to duplicate group number
+ overflow bug.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Port to 8.37:
+
+commit 2fa78aa4e42bcebf2d616c4ee89c012f29dc3447
+Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15>
+Date: Sat May 16 11:05:40 2015 +0000
+
+ Fix named forward reference to duplicate group number overflow bug.
+
+ git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1559 2f5784b3-3f2a-0410-8824-cb99058d5e15
+
+Signed-off-by: Petr PÃsaÅ™ <ppisar@redhat.com>
+---
+ pcre_compile.c | 24 ++++++++++++++++--------
+ testdata/testinput1 | 3 +++
+ testdata/testoutput1 | 5 +++++
+ 3 files changed, 24 insertions(+), 8 deletions(-)
+
+diff --git a/pcre_compile.c b/pcre_compile.c
+index b66b1f6..8b4aaef 100644
+--- a/pcre_compile.c
++++ b/pcre_compile.c
+@@ -7183,15 +7183,15 @@ for (;; ptr++)
+ open_capitem *oc;
+ recno = ng->number;
+ if (is_recurse) break;
+- for (oc = cd->open_caps; oc != NULL; oc = oc->next)
+- {
+- if (oc->number == recno)
+- {
+- oc->flag = TRUE;
++ for (oc = cd->open_caps; oc != NULL; oc = oc->next)
++ {
++ if (oc->number == recno)
++ {
++ oc->flag = TRUE;
+ break;
+- }
+- }
+- }
++ }
++ }
++ }
+ }
+
+ /* Count named back references. */
+@@ -7203,6 +7203,14 @@ for (;; ptr++)
+ 16-bit data item. */
+
+ *lengthptr += IMM2_SIZE;
++
++ /* If this is a forward reference and we are within a (?|...) group,
++ the reference may end up as the number of a group which we are
++ currently inside, that is, it could be a recursive reference. In the
++ real compile this will be picked up and the reference wrapped with
++ OP_ONCE to make it atomic, so we must space in case this occurs. */
++
++ if (recno == 0) *lengthptr += 2 + 2*LINK_SIZE;
+ }
+
+ /* In the real compile, search the name table. We check the name
+diff --git a/testdata/testinput1 b/testdata/testinput1
+index 73c2f4d..8379ce0 100644
+--- a/testdata/testinput1
++++ b/testdata/testinput1
+@@ -5730,4 +5730,7 @@ AbcdCBefgBhiBqz
+ "(?1)(?#?'){8}(a)"
+ baaaaaaaaac
+
++"(?|(\k'Pm')|(?'Pm'))"
++ abcd
++
+ /-- End of testinput1 --/
+diff --git a/testdata/testoutput1 b/testdata/testoutput1
+index 0a53fd0..e852ab9 100644
+--- a/testdata/testoutput1
++++ b/testdata/testoutput1
+@@ -9429,4 +9429,9 @@ No match
+ 0: aaaaaaaaa
+ 1: a
+
++"(?|(\k'Pm')|(?'Pm'))"
++ abcd
++ 0:
++ 1:
++
+ /-- End of testinput1 --/
+--
+2.4.3
+
--- /dev/null
+------------------------------------------------------------
+revno: 13228
+revision-id: squid3@treenet.co.nz-20150828132334-3r7v4kh1lrqprrqg
+parent: squid3@treenet.co.nz-20150801072237-5tzh2dczozz1e8sq
+fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3696
+committer: Amos Jeffries <squid3@treenet.co.nz>
+branch nick: 3.4
+timestamp: Fri 2015-08-28 06:23:34 -0700
+message:
+ Bug 3696: crash when client delay pools are activated
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3@treenet.co.nz-20150828132334-3r7v4kh1lrqprrqg
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: d193928c4656282187f2a31bf66d43fd4c247177
+# timestamp: 2015-08-28 13:33:44 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3@treenet.co.nz-20150801072237-\
+# 5tzh2dczozz1e8sq
+#
+# Begin patch
+=== modified file 'src/client_side.cc'
+--- src/client_side.cc 2014-06-21 04:24:37 +0000
++++ src/client_side.cc 2015-08-28 13:23:34 +0000
+@@ -3447,7 +3447,8 @@
+
+ /* pools require explicit 'allow' to assign a client into them */
+ if (pools[pool].access) {
+- ch.accessList = pools[pool].access;
++ cbdataReferenceDone(ch.accessList);
++ ch.accessList = cbdataReference(pools[pool].access);
+ allow_t answer = ch.fastCheck();
+ if (answer == ACCESS_ALLOWED) {
+
+
my $col;
my $proxlog=$Lang::tr{'stopped'};
my $proxsrv=$Lang::tr{'stopped'};
+my $mailfile="${General::swroot}/dma/mail.conf";
&Header::getcgihash(\%cgiparams);
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
&General::readhash("$settingsfile", \%settings) if(-f $settingsfile);
+if ( -f $mailfile){
+ &General::readhash($mailfile, \%mail);
+}
+
#Find out which lang is set (used later to set decimal separator correctly)
my $uplang=uc($mainsettings{'LANGUAGE'});
setlocale LC_NUMERIC,"$mainsettings{'LANGUAGE'}_$uplang";
if ($cgiparams{'USEMAIL'} eq 'on'){
$errormessage=&checkmailsettings;
}elsif($cgiparams{'USEMAIL'} ne 'on'){
- $cgiparams{'txt_mailserver'}='';
- $cgiparams{'txt_mailport'}='';
- $cgiparams{'txt_mailuser'}='';
- $cgiparams{'txt_mailpass'}='';
- $cgiparams{'mail_tls'}='';
$cgiparams{'txt_mailsender'}='';
$cgiparams{'txt_mailsubject'}='';
$mailtxt='';
$settings{'CURRENCY'} = $cgiparams{'txt_currency'};
$settings{'SKIPURLS'} = $skipurls;
$settings{'USEMAIL'} = $cgiparams{'USEMAIL'};
- $settings{'MAILSRV'} = $cgiparams{'txt_mailserver'};
- $settings{'MAILPORT'} = $cgiparams{'txt_mailport'};
- $settings{'MAILUSER'} = $cgiparams{'txt_mailuser'};
- $settings{'MAILPASS'} = $cgiparams{'txt_mailpass'};
- $settings{'TLS'} = $cgiparams{'mail_tls'};
$settings{'MAILSENDER'} = $cgiparams{'txt_mailsender'};
$settings{'MAILSUB'} = $cgiparams{'txt_mailsubject'};
$settings{'MAILTXT'} = $mailtxt;
#If update set fieldvalues new
if($cgiparams{'update'} eq 'on'){
$settings{'USEMAIL'} = 'on';
- $settings{'MAILSRV'} = $cgiparams{'txt_mailserver'};
- $settings{'MAILPORT'} = $cgiparams{'txt_mailport'};
- $settings{'MAILUSER'} = $cgiparams{'txt_mailuser'};
- $settings{'MAILPASS'} = $cgiparams{'txt_mailpass'};
$settings{'MAILSUB'} = $cgiparams{'txt_mailsubject'};
$settings{'MAILTXT'} = $cgiparams{'txt_mailtxt'};
}
$checked{'logging'}{$settings{'LOG'}} = 'CHECKED';
$checked{'multiuser'}{$settings{'MULTIUSER'}} = 'CHECKED';
$checked{'usemail'}{$settings{'USEMAIL'}} = 'CHECKED';
- $checked{'mail_tls'}{$settings{'TLS'}} = 'CHECKED';
-
+
#Open site
&Header::openpage($Lang::tr{'acct settings'}, 1, '');
&Header::openbigbox('100%', 'center');
&error;
&Header::openbox('100%', 'left', $Lang::tr{'acct config'});
-
+
#### JAVA SCRIPT ####
print<<END;
<script>
<td>$Lang::tr{'acct multiuser'}</td>
<td><input type='checkbox' name='multiuser' $checked{'multiuser'}{'on'}></td>
<td></td>
- <tr>
+ </tr>
<tr>
<td>$Lang::tr{'acct mwst'}</td>
<td><input type='text' name='txt_mwst' value='$settings{'MWST'}' style='width:22em;'></td>
<td></td>
+ </tr>
<tr>
<td>$Lang::tr{'acct currency'}</td>
<td><input type='text' name='txt_currency' value='$settings{'CURRENCY'}' style='width:22em;'></td>
<td></td>
-
+ </tr>
<tr>
<td valign='top'>$Lang::tr{'acct skipurl'}</td>
<td style='padding-left:0.2em;'><textarea name="txt_skipurls" cols="20" rows="6" style='width:22em;'>$settings{'SKIPURLS'}</textarea></td>
<td></td>
</tr>
+END
+
+if ($mail{'USEMAIL'} eq 'on'){
+ if (!$settings{'MAILSENDER'}){
+ $settings{'MAILSENDER'} = $mail{'SENDER'};
+ }
+print <<END;
<tr>
<td>$Lang::tr{'acct usemail'}</td>
<td><label><input type='checkbox' name='USEMAIL' id='MAIL' $checked{'usemail'}{'on'}></label></td>
<td></td>
</tr>
- </table><br>
+END
+}
+print <<END;
+ </table><br>
<div class="MAILSRV">
<table style='width:100%;'>
<tr>
- <td style='width:24em'>$Lang::tr{'acct mailaddr'}</td>
- <td><input type='text' name='txt_mailserver' value='$settings{'MAILSRV'}' style='width:22em;'></td>
- </tr>
- <tr>
- <td>$Lang::tr{'acct mailport'}</td>
- <td><input type='text' name='txt_mailport' value='$settings{'MAILPORT'}' size='3'></td>
- </tr>
- <tr>
- <td>$Lang::tr{'acct mailuser'}<img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='txt_mailuser' value='$settings{'MAILUSER'}' style='width:22em;'></td>
- </tr>
- <tr>
- <td>$Lang::tr{'acct mailpass'}<img src='/blob.gif' alt='*' /></td>
- <td><input type='password' name='txt_mailpass' value='$settings{'MAILPASS'}' style='width:22em;' ></td>
- </tr>
- <tr>
- <td>$Lang::tr{'acct tls'}</td>
- <td><input type='checkbox' name='mail_tls' $checked{'mail_tls'}{'on'}></td>
- </tr>
- <tr>
- <td>$Lang::tr{'acct mailsender'}</td>
+ <td style='width:24em'>$Lang::tr{'acct mailsender'}</td>
<td><input type='text' name='txt_mailsender' value='$settings{'MAILSENDER'}' style='width:22em;'></td>
</tr>
- <tr>
- <td colspan='2'> </td>
- </tr>
<tr>
<td>$Lang::tr{'acct subject'}</td>
<td><input type='text' name='txt_mailsubject' value='$settings{'MAILSUB'}' style='width:22em;'></td>
</table>
</div>
-
<table style='width:100%;'>
<tr>
<td colspan='3' display:inline align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
<td>
<input type='radio' name='rdo_companytype' value='CUST' $checked{'rdo_companytype'}{'CUST'}>$Lang::tr{'acct customer'}
<input type='radio' name='rdo_companytype' value='HOST' $checked{'rdo_companytype'}{'HOST'}>$Lang::tr{'acct hoster'}</td>
- <td style='width:8em;'>$Lang::tr{'acct bank'}</td>
+ <td style='width:8em;'>$Lang::tr{'acct bank'}<img src='/blob.gif' alt='*' /></td>
<td>
<input type='text' name='txt_bank' value='$cgiparams{'txt_bank'}' style='width:25em;'></td>
</tr>
<tr>
- <td>$Lang::tr{'acct company'}</td>
+ <td>$Lang::tr{'acct company'}<img src='/blob.gif' alt='*' /></td>
<td>
<input type='text' name='txt_company' value='$cgiparams{'txt_company'}' style='width:25em;'></td>
- <td>$Lang::tr{'acct iban'}<img src='/blob.gif' alt='*' /></td>
+ <td>$Lang::tr{'acct iban'}</td>
<td>
<input type='text' name='txt_iban' value='$cgiparams{'txt_iban'}' style='width:25em;'></td>
</tr>
<tr>
- <td>$Lang::tr{'acct name1'}<img src='/blob.gif' alt='*' /></td>
+ <td>$Lang::tr{'acct name1'}</td>
<td>
<input type='text' name='txt_name1' value='$cgiparams{'txt_name1'}' style='width:25em;'></td>
- <td>$Lang::tr{'acct bic'}<img src='/blob.gif' alt='*' /></td>
+ <td>$Lang::tr{'acct bic'}</td>
<td>
<input type='text' name='txt_bic' maxlength='8' value='$cgiparams{'txt_bic'}' style='width:25em;'></td>
</tr>
<tr>
- <td>$Lang::tr{'acct str'}</td>
+ <td>$Lang::tr{'acct str'}<img src='/blob.gif' alt='*' /></td>
<td align='left'>
<input type='text' name='txt_str' value='$cgiparams{'txt_str'}' style='width:25em;'></td>
<td>$Lang::tr{'acct blz'}</td>
<input type='text' name='txt_blz' maxlength='8' value='$cgiparams{'txt_blz'}' style='width:25em;'></td>
</tr>
<tr>
- <td>$Lang::tr{'acct str_nr'}</td>
+ <td>$Lang::tr{'acct str_nr'}<img src='/blob.gif' alt='*' /></td>
<td><input type='text' name='txt_str_nr' value='$cgiparams{'txt_str_nr'}' style='width:25em;'></td>
<td>$Lang::tr{'acct kto'}</td>
<td>
<tr>
- <td>$Lang::tr{'acct plz'}</td>
+ <td>$Lang::tr{'acct plz'}<img src='/blob.gif' alt='*' /></td>
<td>
<input type='text' name='txt_plz' value='$cgiparams{'txt_plz'}' style='width:25em;'></td>
- <td>$Lang::tr{'acct email'}</td>
+ <td>$Lang::tr{'acct email'}<img src='/blob.gif' alt='*' /></td>
<td><input type='text' name='txt_email' value='$cgiparams{'txt_email'}' style='width:25em;'></td>
</tr>
<tr>
- <td>$Lang::tr{'acct city'}</td>
+ <td>$Lang::tr{'acct city'}<img src='/blob.gif' alt='*' /></td>
<td><input type='text' name='txt_city' value='$cgiparams{'txt_city'}' style='width:25em;'></td>
- <td>$Lang::tr{'acct inet'}<img src='/blob.gif' alt='*' /></td>
+ <td>$Lang::tr{'acct inet'}</td>
<td>
<input type='text' name='txt_inet' value='$cgiparams{'txt_inet'}' style='width:25em;'></td>
</tr>
<tr>
<td></td>
<td></td>
- <td>$Lang::tr{'acct ustid'}</td>
+ <td>$Lang::tr{'acct ustid'}<img src='/blob.gif' alt='*' /></td>
<td><input type='text' name='txt_ustid' value='$cgiparams{'txt_ustid'}' style='width:25em;'></td>
</tr>
<tr>
<td></td>
<td></td>
- <td>$Lang::tr{'acct tel'}<img src='/blob.gif' alt='*' /></td>
+ <td>$Lang::tr{'acct tel'}</td>
<td>
<input type='text' name='txt_tel' value='$cgiparams{'txt_tel'}' style='width:25em;'></td>
</tr>
<tr>
<td></td>
<td></td>
- <td>$Lang::tr{'acct fax'}<img src='/blob.gif' alt='*' /></td>
+ <td>$Lang::tr{'acct fax'}</td>
<td>
<input type='text' name='txt_fax' value='$cgiparams{'txt_fax'}' style='width:25em;'></td>
</tr>
<tr>
- <td colspan='6'><img src='/blob.gif' alt='*' /><font size="1">$Lang::tr{'acct optional'}</font></td>
+ <td colspan='6'><img src='/blob.gif' alt='*' /><font size="1">$Lang::tr{'acct not optional'}</font></td>
</tr>
<tr>
END
}
sub checkmailsettings{
- #Check if mailserver is an ip address or a domain
- if ($cgiparams{'txt_mailserver'} =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/){
- if (! &General::validip($cgiparams{'txt_mailserver'})){
- $errormessage.="$Lang::tr{'acct invalid mailip'} $cgiparams{'txt_mailserver'}<br>";
- }
- }elsif(! &General::validfqdn($cgiparams{'txt_mailserver'})){
- $errormessage.="$Lang::tr{'acct invalid mailfqdn'} $cgiparams{'txt_mailserver'}<br>";
- }
- #Check valid mailserverport
- if($cgiparams{'txt_mailport'} < 1 || $cgiparams{'txt_mailport'} > 65535){
- $errormessage.="$Lang::tr{'acct invalid mailport'} $cgiparams{'txt_mailport'}<br>";
- }
#Check valid sender
if(! $cgiparams{'txt_mailsender'}){
$errormessage.="$Lang::tr{'acct empty field'} $Lang::tr{'acct mailsender'}<br>";
'acct mwst' => 'Mehrwertsteuer in %',
'acct name1' => 'Name 1',
'acct name2' => 'Name 2',
+'acct not optional' => 'Diese Felder sind Pflichtfelder',
'acct nr' => 'RG-Nr.',
'acct oldestdb' => 'Erster DB-Eintrag',
-'acct optional' => 'Diese Felder sind optional',
'acct parameter' => 'Parameter',
'acct path' => 'Pfad',
'acct pdf billtxt' => 'Rechnung',
'acct name2' => 'Name 2',
'acct nr' => 'RG-No.',
'acct oldestdb' => 'Fist DB Entry',
-'acct optional' => 'These fields are optional',
+'acct not optional' => 'These fields are required',
'acct parameter' => 'Parameter',
'acct path' => 'Path',
'acct pdf billtxt' => 'Bill',
use Time::Local;
use File::ReadBackwards;
use strict;
+use MIME::Lite;
+
#use warnings;
require '/var/ipfire/general-functions.pl';
my $now = localtime;
my $proxylog;
my $proxysrv;
+my $dmafile="${General::swroot}/dma/dma.conf";
+my $authfile="${General::swroot}/dma/auth.conf";
+my $mailfile="${General::swroot}/dma/mail.conf";
+my %mail=();
+my %dma=();
########
# Main #
&checkproxy;
+
#If we have a disabled file and the proxy is off, we don't need to check anything, exit!
if((! -f $proxyenabled || $proxylog eq $Lang::tr{'stopped'}) && -f "${General::swroot}/accounting/disabled"){
&ACCT::logger($settings{'LOG'}," Proxy or proxylogging disabled - exiting with no data collection\n");
$dbh=&ACCT::connectdb;
my $m=sprintf("%d",(localtime((time-3600)))[4]+1);
&ACCT::logger($settings{'LOG'},"month before one hour $m, now is ".($mon+1)."\n");
- if ($m < ($mon+1) || $m == '12' && ($mon+1) == '1'){
+ if ($m = ($mon+1) || $m == '12' && ($mon+1) == '1'){
#Logrotate
my $year1=$year+1900;
system ("tar", "cfz", "/var/log/accounting-$m-$year1.tar.gz", "/var/log/accounting.log");
#move all db entries older than this month to second table and cumulate them daily
&ACCT::movedbdata;
&ACCT::logger($settings{'LOG'},"New Month. Old trafficvalues moved to ACCT_HIST Table\n");
- if ($settings{'USEMAIL'} eq 'on'){
+ #check if mail is enabled
+ if ( -f $mailfile){
+ &General::readhash($mailfile, \%mail);
+ }
+ if ($mail{'USEMAIL'} eq 'on'){
&ACCT::logger($settings{'LOG'},"Mailserver is activated - Now sending bills via mail...\n");
my $res=&ACCT::getbillgroups;
foreach my $line (@$res){
my ($grp) = @$line;
+ open (FILE, "<", $dmafile) or die $!;
+ foreach my $line (<FILE>) {
+ $line =~ m/^([A-Z]+)\s+?(.*)?$/;
+ my $key = $1;
+ my $val = $2;
+ $dma{$key}=$val;
+ }
&sendbill($grp,$settings{'MWST'},$settings{'CURRENCY'});
}
}else{
$month = '0'.$actmonth if $actmonth < 10;
$month = '12' if $actmonth == 0;
my $actyear = $now[5];
- my ($from,$till)=&ACCT::getmonth($actmonth,$actyear); #FIXME month and year as variables!
+ my ($from,$till)=&ACCT::getmonth($actmonth,$actyear);
my @billar = &ACCT::GetTaValues($from,$till,$rggrp);
my $address_cust = &ACCT::getTaAddress($rggrp,'CUST');
my $address_host = &ACCT::getTaAddress($rggrp,'HOST');
if ($back eq '0'){
&ACCT::logger($settings{'LOG'},"Bill for $company_cust successfully created.\n");
- my $file="'/var/ipfire/accounting/bill/$rggrp/$month-$actyear-$no.pdf'";
+ my $file="/var/ipfire/accounting/bill/$rggrp/$month-$actyear-$no.pdf";
$settings{'MAILTXT'} =~ tr/\|/\r\n/ ;
- my $cmd = "/usr/local/bin/sendEmail ";
- $cmd .= " -f $settings{'MAILSENDER'}"; #Sender
- $cmd .= " -t $email"; #Recipient
- if ($ccmail){
- $cmd .= " -cc $ccmail";
- }
- #Send Mail via TLS?
- if ($settings{'TLS'} eq 'on'){
- $cmd .= " -o tls=yes"; #TLS
- }
- $cmd .= " -u '$settings{'MAILSUB'}'"; #Subject
- $cmd .= " -m '$settings{'MAILTXT'}'"; #Mailtext
- $cmd .= " -s $settings{'MAILSRV'}:$settings{'MAILPORT'}"; #Mailserver:port
- $cmd .= " -a $file";
- my $res=system ($cmd);
+
+ #extract filename from path
+ my ($filename) = $file =~ m{([^/]+)$};
+
+ my $msg = MIME::Lite->new(
+ From => $mail{'SENDER'},
+ To => $email,
+ Cc => $ccmail,
+ Subject => $settings{'MAILSUB'},
+ Type => 'multipart/mixed'
+ );
+
+ $msg->attach(
+ Type => 'TEXT',
+ Data => $settings{'MAILTXT'}
+ );
+
+ $msg->attach(
+ Type => 'application/pdf',
+ Path => $file,
+ Filename => $filename,
+ Disposition => 'attachment'
+ );
+
+ my $res=$msg->send_by_sendmail;
+
if ($res == 0){
&ACCT::logger($settings{'LOG'},"Bill for $company_cust successfully sent.\n");
}elsif ($res > 0){
}else{
&ACCT::logger($settings{'LOG'},"ERROR Bill for $company_cust could not be created.\n");
- my $cmd = "/usr/local/bin/sendEmail ";
- $cmd .= " -f $settings{'MAILSENDER'}";
- $cmd .= " -t $settings{'MAILSENDER'}";
- $cmd .= " -u Fehler Squid Accounting";
- $cmd .= " -m 'Die Rechnung konnte nicht erzeugt und per Mail versendet werden' $company_cust";
- $cmd .= " -s $settings{'MAILSRV'}:$settings{'MAILPORT'}";
- my $res=system ($cmd);
+ my $msg = MIME::Lite->new(
+ From => $mail{'SENDER'},
+ To => $mail{'RECIPIENT'},
+ Subject => "ERROR Squid Accounting",
+ Type => 'multipart/mixed'
+ );
+
+ $msg->attach(
+ Type => 'TEXT',
+ Data => "The bill could not be created for customer $company_cust"
+ );
+
+ $msg->send_by_sendmail;
return 0;
}
}