From: Arne Fitzenreiter Date: Sat, 10 Mar 2012 17:21:44 +0000 (+0100) Subject: Merge branch 'kernel-update' of ssh://arne_f@git.ipfire.org/pub/git/ipfire-2.x into... X-Git-Tag: v2.13-beta1~379 X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=deddfbd445426c80f0b2e765786cc1bdc3849e12;hp=9b95d689d522622fc8b1b9173cd3002de6c366f8 Merge branch 'kernel-update' of ssh://arne_f@git.ipfire.org/pub/git/ipfire-2.x into kernel-update --- diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index cd4bfd5661..567f2e104e 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -414,6 +414,14 @@ sub ipcidr return "$ip\/$cidr"; } +sub ipcidr2msk +{ + my ($ip,$cidr) = &Net::IPv4Addr::ipv4_parse(shift); + my $netmask = &Net::IPv4Addr::ipv4_cidr2msk($cidr); + return "$ip\/$netmask"; +} + + sub validemail { my $mail = shift; return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ ); diff --git a/config/rootfiles/common/Net-Telnet b/config/rootfiles/common/Net-Telnet new file mode 100644 index 0000000000..8769517877 --- /dev/null +++ b/config/rootfiles/common/Net-Telnet @@ -0,0 +1,4 @@ +usr/lib/perl5/site_perl/5.12.3/Net/Telnet.pm +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/Telnet +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/Telnet/.packlist +#usr/share/man/man3/Net::Telnet.3 diff --git a/config/rootfiles/common/libpng b/config/rootfiles/common/libpng index 2b2ab107f3..c29eaa7db7 100644 --- a/config/rootfiles/common/libpng +++ b/config/rootfiles/common/libpng @@ -9,12 +9,12 @@ #usr/lib/libpng.la usr/lib/libpng.so usr/lib/libpng.so.3 -usr/lib/libpng.so.3.44.0 +usr/lib/libpng.so.3.46.0 #usr/lib/libpng12.a #usr/lib/libpng12.la usr/lib/libpng12.so usr/lib/libpng12.so.0 -usr/lib/libpng12.so.0.44.0 +usr/lib/libpng12.so.0.46.0 #usr/lib/pkgconfig/libpng.pc #usr/lib/pkgconfig/libpng12.pc #usr/share/man/man3/libpng.3 diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn index 0f2aa47182..18f4d31972 100644 --- a/config/rootfiles/common/openvpn +++ b/config/rootfiles/common/openvpn @@ -1,5 +1,6 @@ -lib/openvpn-auth-pam.so -lib/openvpn-down-root.so +usr/lib/openvpn +usr/lib/openvpn/openvpn-auth-pam.so +usr/lib/openvpn/openvpn-down-root.so usr/sbin/openvpn #usr/share/doc/openvpn #usr/share/doc/openvpn/management-notes.txt @@ -16,5 +17,6 @@ var/ipfire/ovpn/n2nconf var/ipfire/ovpn/openssl/ovpn.cnf var/ipfire/ovpn/ovpn-leases.db var/ipfire/ovpn/ovpnconfig +var/ipfire/ovpn/scripts var/ipfire/ovpn/settings var/ipfire/ovpn/verify diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan index c7d4bbd452..9b02c0b6fb 100644 --- a/config/rootfiles/common/strongswan +++ b/config/rootfiles/common/strongswan @@ -10,6 +10,7 @@ etc/ipsec.d/private etc/ipsec.d/reqs etc/ipsec.secrets etc/strongswan.conf +#usr/lib/ipsec #usr/lib/ipsec/libcharon.a #usr/lib/ipsec/libcharon.la usr/lib/ipsec/libcharon.so @@ -25,15 +26,6 @@ usr/lib/ipsec/libhydra.so.0.0.0 usr/lib/ipsec/libstrongswan.so usr/lib/ipsec/libstrongswan.so.0 usr/lib/ipsec/libstrongswan.so.0.0.0 -#usr/libexec/ipsec -usr/libexec/ipsec/_copyright -usr/libexec/ipsec/_pluto_adns -usr/libexec/ipsec/_updown -usr/libexec/ipsec/_updown_espmark -usr/libexec/ipsec/charon -usr/libexec/ipsec/openac -usr/libexec/ipsec/pki -#usr/lib/ipsec #usr/lib/ipsec/plugins #usr/lib/ipsec/plugins/libstrongswan-aes.a #usr/lib/ipsec/plugins/libstrongswan-aes.la @@ -77,6 +69,9 @@ usr/lib/ipsec/plugins/libstrongswan-pgp.so #usr/lib/ipsec/plugins/libstrongswan-pkcs1.a #usr/lib/ipsec/plugins/libstrongswan-pkcs1.la usr/lib/ipsec/plugins/libstrongswan-pkcs1.so +#usr/lib/ipsec/plugins/libstrongswan-pkcs8.a +#usr/lib/ipsec/plugins/libstrongswan-pkcs8.la +usr/lib/ipsec/plugins/libstrongswan-pkcs8.so #usr/lib/ipsec/plugins/libstrongswan-pubkey.a #usr/lib/ipsec/plugins/libstrongswan-pubkey.la usr/lib/ipsec/plugins/libstrongswan-pubkey.so @@ -113,6 +108,14 @@ usr/lib/ipsec/plugins/libstrongswan-xauth.so #usr/lib/ipsec/plugins/libstrongswan-xcbc.a #usr/lib/ipsec/plugins/libstrongswan-xcbc.la usr/lib/ipsec/plugins/libstrongswan-xcbc.so +#usr/libexec/ipsec +usr/libexec/ipsec/_copyright +usr/libexec/ipsec/_pluto_adns +usr/libexec/ipsec/_updown +usr/libexec/ipsec/_updown_espmark +usr/libexec/ipsec/charon +usr/libexec/ipsec/openac +usr/libexec/ipsec/pki usr/libexec/ipsec/pluto usr/libexec/ipsec/scepclient usr/libexec/ipsec/starter diff --git a/config/rootfiles/common/usb_modeswitch b/config/rootfiles/common/usb_modeswitch index fe60c0553e..ab46c4dc45 100644 --- a/config/rootfiles/common/usb_modeswitch +++ b/config/rootfiles/common/usb_modeswitch @@ -1,5 +1,5 @@ etc/usb_modeswitch.conf -#lib/udev/usb_modeswitch +lib/udev/usb_modeswitch usr/sbin/usb_modeswitch usr/sbin/usb_modeswitch_dispatcher #usr/share/man/man1/usb_modeswitch.1 diff --git a/config/rootfiles/core/57/update.sh b/config/rootfiles/core/57/update.sh index 6668c8f552..177bf721f7 100644 --- a/config/rootfiles/core/57/update.sh +++ b/config/rootfiles/core/57/update.sh @@ -36,16 +36,19 @@ done #Stop services /etc/init.d/squid stop /etc/init.d/apache stop +/etc/init.d/ipsec stop # #Extract files extract_files - # #Start services /etc/init.d/squid start /etc/init.d/apache start +if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then + /etc/init.d/ipsec start +fi # #Update Language cache diff --git a/config/rootfiles/core/58/exclude b/config/rootfiles/core/58/exclude new file mode 100644 index 0000000000..7360266bd0 --- /dev/null +++ b/config/rootfiles/core/58/exclude @@ -0,0 +1,12 @@ +srv/web/ipfire/html/proxy.pac +etc/udev/rules.d/30-persistent-network.rules +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +var/updatecache +etc/localtime +var/ipfire/ovpn +etc/ssh/ssh_config +etc/ssh/sshd_config +etc/ssl/openssl.cnf diff --git a/config/rootfiles/core/58/filelists/Net-Telnet b/config/rootfiles/core/58/filelists/Net-Telnet new file mode 120000 index 0000000000..66ca926ff3 --- /dev/null +++ b/config/rootfiles/core/58/filelists/Net-Telnet @@ -0,0 +1 @@ +../../../common/Net-Telnet \ No newline at end of file diff --git a/config/rootfiles/core/58/filelists/files b/config/rootfiles/core/58/filelists/files new file mode 100644 index 0000000000..afb3d99699 --- /dev/null +++ b/config/rootfiles/core/58/filelists/files @@ -0,0 +1,3 @@ +etc/system-release +etc/issue +etc/vimrc diff --git a/config/rootfiles/core/58/filelists/libpng b/config/rootfiles/core/58/filelists/libpng new file mode 120000 index 0000000000..8ef96e2c13 --- /dev/null +++ b/config/rootfiles/core/58/filelists/libpng @@ -0,0 +1 @@ +../../../common/libpng \ No newline at end of file diff --git a/config/rootfiles/core/58/filelists/openvpn b/config/rootfiles/core/58/filelists/openvpn new file mode 120000 index 0000000000..493f3f7a42 --- /dev/null +++ b/config/rootfiles/core/58/filelists/openvpn @@ -0,0 +1 @@ +../../../common/openvpn \ No newline at end of file diff --git a/config/rootfiles/core/58/filelists/strongswan b/config/rootfiles/core/58/filelists/strongswan new file mode 120000 index 0000000000..90c727e265 --- /dev/null +++ b/config/rootfiles/core/58/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/core/58/filelists/usb_modeswitch b/config/rootfiles/core/58/filelists/usb_modeswitch new file mode 120000 index 0000000000..acbab6f332 --- /dev/null +++ b/config/rootfiles/core/58/filelists/usb_modeswitch @@ -0,0 +1 @@ +../../../common/usb_modeswitch \ No newline at end of file diff --git a/config/rootfiles/core/58/meta b/config/rootfiles/core/58/meta new file mode 100644 index 0000000000..d547fa86fa --- /dev/null +++ b/config/rootfiles/core/58/meta @@ -0,0 +1 @@ +DEPS="" diff --git a/config/rootfiles/core/58/update.sh b/config/rootfiles/core/58/update.sh new file mode 100644 index 0000000000..d05fb84f90 --- /dev/null +++ b/config/rootfiles/core/58/update.sh @@ -0,0 +1,77 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2012 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +# +# Remove old core updates from pakfire cache to save space... +core=58 +for (( i=1; i<=$core; i++ )) +do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# +#Stop services +/etc/init.d/ipsec stop + +# +#Extract files +extract_files + +# +#Start services +if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then + /etc/init.d/ipsec start +fi + +# +#Update Language cache +perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" + +#Rebuild module dep's +#depmod -a 2.6.32.45-ipfire >/dev/null 2>&1 +#depmod -a 2.6.32.45-ipfire-pae >/dev/null 2>&1 +#depmod -a 2.6.32.45-ipfire-xen >/dev/null 2>&1 + +#Rebuild initrd's because some compat-wireless modules are inside +#/sbin/dracut --force --verbose /boot/ipfirerd-2.6.32.45.img 2.6.32.45-ipfire +#if [ -e /boot/ipfirerd-2.6.32.45-pae.img ]; then +#/sbin/dracut --force --verbose /boot/ipfirerd-2.6.32.45-pae.img 2.6.32.45-ipfire-pae +#fi +#if [ -e /boot/ipfirerd-2.6.32.45-xen.img ]; then +#/sbin/dracut --force --verbose /boot/ipfirerd-2.6.32.45-xen.img 2.6.32.45-ipfire-xen +#fi + +sync + +# This update need a reboot... +#touch /var/run/need_reboot + +# +#Finish +/etc/init.d/fireinfo start +sendprofile +#Don't report the exitcode last command +exit 0 diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index b325250a58..002352354a 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -20,6 +20,7 @@ ############################################################################### use strict; +use Net::Telnet; # enable only the following on debugging purpose #use warnings; @@ -387,9 +388,54 @@ END OpenVPN
$ovpnip Online + END + } +### +# m.a.d n2n +### + +if ( -d "${General::swroot}/ovpn/n2nconf") { +my %confighash=(); +my $display = ''; + +&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); +foreach my $dkey (keys %confighash) { +if ($confighash{$dkey}[3] eq 'net') { + + + if (-e "/var/run/$confighash{$dkey}[1]n2n.pid") { + my @output = ""; + my @tustate = ""; + my $tport = $confighash{$dkey}[22]; + my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); + if ($tport ne '') { + $tnet->open('127.0.0.1'); + @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/'); + @tustate = split(/\,/, $output[1]); + if ( $tustate[1] eq 'CONNECTED') + { $display = "$Lang::tr{'capsopen'}"; + } else { + $display = "$tustate[1]"; } + + print <OpenVPN n2n
+ $confighash{$dkey}[10] $display + +END +; +} +} +} +} +} + +### +# m.a.d n2n end +### + # Fireinfo if ( ! -e "/var/ipfire/main/send_profile") { $warnmessage .= "
  • $Lang::tr{'fireinfo please enable'}
    • "; diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index b6c5fc0ade..4bfb6aa2c6 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -18,11 +18,14 @@ # along with this program. If not, see . # # # ############################################################################### - +### +# Based on IPFireCore 55 +### use CGI; use CGI qw/:standard/; use Net::DNS; use Net::Ping; +use Net::Telnet; use File::Copy; use File::Temp qw/ tempfile tempdir /; use strict; @@ -33,8 +36,8 @@ require "${General::swroot}/header.pl"; require "${General::swroot}/countries.pl"; # enable only the following on debugging purpose -#use warnings; -#use CGI::Carp 'fatalsToBrowser'; +use warnings; +use CGI::Carp 'fatalsToBrowser'; #workaround to suppress a warning when a variable is used only once my @dummy = ( ${Header::colourgreen} ); undef (@dummy); @@ -57,6 +60,7 @@ my %selected=(); my $warnmessage = ''; my $errormessage = ''; my %settings=(); +my $routes_push_file = ''; &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); $cgiparams{'ENABLED'} = 'off'; $cgiparams{'ENABLED_BLUE'} = 'off'; @@ -70,9 +74,11 @@ $cgiparams{'CA_NAME'} = ''; $cgiparams{'DHCP_DOMAIN'} = ''; $cgiparams{'DHCP_DNS'} = ''; $cgiparams{'DHCP_WINS'} = ''; +$cgiparams{'ROUTES_PUSH'} = ''; $cgiparams{'DCOMPLZO'} = 'off'; $cgiparams{'MSSFIX'} = ''; - +$routes_push_file = "${General::swroot}/ovpn/routes_push"; +unless (-e $routes_push_file) { system("touch $routes_push_file"); } &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'}); @@ -307,10 +313,13 @@ sub disallowreserved return; } + sub writeserverconf { - my %sovpnsettings = (); + my %sovpnsettings = (); + my @temp = (); &General::readhash("${General::swroot}/ovpn/settings", \%sovpnsettings); - + &read_routepushfile; + open(CONF, ">${General::swroot}/ovpn/server.conf") or die "Unable to open ${General::swroot}/ovpn/server.conf: $!"; flock CONF, 2; print CONF "#OpenVPN Server conf\n"; @@ -333,6 +342,16 @@ sub writeserverconf { my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'}); print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n"; print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n"; + + if ($vpnsettings{'ROUTES_PUSH'} ne '') { + @temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'}); + foreach (@temp) + { + @tempovpnsubnet = split("\/",&General::ipcidr2msk($_)); + print CONF "push \"route " . $tempovpnsubnet[0]. " " . $tempovpnsubnet[1] . "\"\n"; + } + } + if ($sovpnsettings{CLIENT2CLIENT} eq 'on') { print CONF "client-to-client\n"; } @@ -410,7 +429,29 @@ sub validdotmask if (($mask =~ /\./ )) { return 0; } return 1; } - + +# ------------------------------------------------------------------- + +sub write_routepushfile +{ + open(FILE, ">$routes_push_file"); + flock(FILE, 2); + if ($vpnsettings{'ROUTES_PUSH'} ne '') { + print FILE $vpnsettings{'ROUTES_PUSH'}; + } + close(FILE); +} + +sub read_routepushfile +{ + if (-e "$routes_push_file") { + open(FILE,"$routes_push_file"); + delete $vpnsettings{'ROUTES_PUSH'}; + while () { $vpnsettings{'ROUTES_PUSH'} .= $_ }; + close(FILE); + $cgiparams{'ROUTES_PUSH'} = $vpnsettings{'ROUTES_PUSH'}; + } +} #hier die refresh page @@ -473,6 +514,8 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { $vpnsettings{'DHCP_DOMAIN'} = $cgiparams{'DHCP_DOMAIN'}; $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'}; $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'}; + $vpnsettings{'ROUTES_PUSH'} = $cgiparams{'ROUTES_PUSH'}; + my @temp=(); if ($cgiparams{'FRAGMENT'} eq '') { delete $vpnsettings{'FRAGMENT'}; @@ -504,8 +547,31 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { if ($cgiparams{'DHCP_WINS'} ne ''){ unless (&General::validfqdn($cgiparams{'DHCP_WINS'}) || &General::validip($cgiparams{'DHCP_WINS'})) { $errormessage = $Lang::tr{'invalid input for dhcp wins'}; - goto ADV_ERROR; + goto ADV_ERROR; + } + } + if ($cgiparams{'ROUTES_PUSH'} ne ''){ + @temp = split(/\n/,$cgiparams{'ROUTES_PUSH'}); + undef $vpnsettings{'ROUTES_PUSH'}; + foreach (@temp) + { + s/^\s+//g; s/\s+$//g; + if ($_) + { + unless (&General::validipandmask($_)) { + $errormessage = $Lang::tr{'ovpn errmsg invalid ip or mask'}; + goto ADV_ERROR; + } + my ($ip, $cidr) = split("\/",&General::ipcidr2msk($_)); + if ($ip eq $netsettings{'GREEN_NETADDRESS'} && $cidr eq $netsettings{'GREEN_NETMASK'}) { + $errormessage = $Lang::tr{'ovpn errmsg green already pushed'}; + goto ADV_ERROR; + } + $vpnsettings{'ROUTES_PUSH'} .= $_."\n"; + } } + &write_routepushfile; + undef $vpnsettings{'ROUTES_PUSH'}; } if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) { $errormessage = $Lang::tr{'invalid input for max clients'}; @@ -541,7 +607,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq 'net' && my @remsubnet = split(/\//,$cgiparams{'REMOTE_SUBNET'}); my @ovsubnettemp = split(/\./,$cgiparams{'OVPN_SUBNET'}); -my $ovsubnet = "@ovsubnettemp[0].@ovsubnettemp[1].@ovsubnettemp[2]"; +my $ovsubnet = "$ovsubnettemp[0].$ovsubnettemp[1].$ovsubnettemp[2]"; my $tunmtu = ''; unless(-d "${General::swroot}/ovpn/n2nconf/"){mkdir "${General::swroot}/ovpn/n2nconf", 0755 or die "Unable to create dir $!";} @@ -564,7 +630,7 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "# IP adresses of the VPN Subnet\n"; print SERVERCONF "ifconfig $ovsubnet.1 $ovsubnet.2\n"; print SERVERCONF "# Client Gateway Network\n"; - print SERVERCONF "route @remsubnet[0] @remsubnet[1]\n"; + print SERVERCONF "route $remsubnet[0] $remsubnet[1]\n"; print SERVERCONF "# tun Device\n"; print SERVERCONF "dev tun\n"; print SERVERCONF "# Port and Protokol\n"; @@ -582,10 +648,9 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "# Paketsize\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1500'} else {$tunmtu = $cgiparams{'MTU'}}; print SERVERCONF "tun-mtu $tunmtu\n"; - if ($cgiparams{'FRAGMENT'} ne '') {print SERVERCONF "fragment $cgiparams{'FRAGMENT'}\n";} - if ($cgiparams{'MSSFIX'} eq 'on') {print SERVERCONF "mssfix\n";} + if ($cgiparams{'FRAGMENT'} ne '') {print SERVERCONF "fragment $cgiparams{'FRAGMENT'}\n";} + if ($cgiparams{'MSSFIX'} eq 'on') {print SERVERCONF "mssfix\n"; }; } - print SERVERCONF "# Auth. Server\n"; print SERVERCONF "tls-server\n"; print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n"; @@ -606,7 +671,8 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "daemon $cgiparams{'NAME'}n2n\n"; print SERVERCONF "writepid /var/run/$cgiparams{'NAME'}n2n.pid\n"; print SERVERCONF "# Activate Management Interface and Port\n"; - print SERVERCONF "#management localhost 4711\n"; + if ($cgiparams{'OVPN_MGMT'} eq '') {print SERVERCONF "management localhost $cgiparams{'DEST_PORT'}\n"} + else {print SERVERCONF "management localhost $cgiparams{'OVPN_MGMT'}\n"}; close(SERVERCONF); } @@ -618,10 +684,10 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq 'net' && $cgiparams{'SIDE'} eq 'client') { my @ovsubnettemp = split(/\./,$cgiparams{'OVPN_SUBNET'}); - my $ovsubnet = "@ovsubnettemp[0].@ovsubnettemp[1].@ovsubnettemp[2]"; + my $ovsubnet = "$ovsubnettemp[0].$ovsubnettemp[1].$ovsubnettemp[2]"; my @remsubnet = split(/\//,$cgiparams{'REMOTE_SUBNET'}); my $tunmtu = ''; - + unless(-d "${General::swroot}/ovpn/n2nconf/"){mkdir "${General::swroot}/ovpn/n2nconf", 0755 or die "Unable to create dir $!";} unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}", 0770 or die "Unable to create dir $!";} @@ -642,7 +708,7 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "# IP adresses of the VPN Subnet\n"; print CLIENTCONF "ifconfig $ovsubnet.2 $ovsubnet.1\n"; print CLIENTCONF "# Server Gateway Network\n"; - print CLIENTCONF "route @remsubnet[0] @remsubnet[1]\n"; + print CLIENTCONF "route $remsubnet[0] $remsubnet[1]\n"; print CLIENTCONF "# tun Device\n"; print CLIENTCONF "dev tun\n"; print CLIENTCONF "# Port and Protokol\n"; @@ -653,7 +719,6 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "# Packet size\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1400'} else {$tunmtu = $cgiparams{'MTU'}}; print CLIENTCONF "tun-mtu $tunmtu\n"; - print CLIENTCONF "ns-cert-type server\n"; } if ($cgiparams{'PROTOCOL'} eq 'udp') { @@ -661,10 +726,11 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "# Paketsize\n"; if ($cgiparams{'MTU'} eq '') {$tunmtu = '1500'} else {$tunmtu = $cgiparams{'MTU'}}; print CLIENTCONF "tun-mtu $tunmtu\n"; - if ($cgiparams{'FRAGMENT'} ne '') {print CLIENTCONF "fragment $cgiparams{'FRAGMENT'}\n";} - if ($cgiparams{'MSSFIX'} eq 'on') {print CLIENTCONF "mssfix\n";} + if ($cgiparams{'FRAGMENT'} ne '') {print CLIENTCONF "fragment $cgiparams{'FRAGMENT'}\n";} + if ($cgiparams{'MSSFIX'} eq 'on') {print CLIENTCONF "mssfix\n"; }; } - + + print CLIENTCONF "ns-cert-type server\n"; print CLIENTCONF "# Auth. Client\n"; print CLIENTCONF "tls-client\n"; print CLIENTCONF "# Cipher\n"; @@ -682,7 +748,8 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "daemon $cgiparams{'NAME'}n2n\n"; print CLIENTCONF "writepid /var/run/$cgiparams{'NAME'}n2n.pid\n"; print CLIENTCONF "# Activate Management Interface and Port\n"; - print CLIENTCONF "# management localhost 4711\n"; + if ($cgiparams{'OVPN_MGMT'} eq '') {print CLIENTCONF "management localhost $cgiparams{'DEST_PORT'}\n"} + else {print CLIENTCONF "management localhost $cgiparams{'OVPN_MGMT'}\n"}; close(CLIENTCONF); } @@ -1549,9 +1616,10 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ my $zippathname = "$zippath$zipname"; $clientovpn = "$confighash{$cgiparams{'KEY'}}[1].conf"; my @ovsubnettemp = split(/\./,$confighash{$cgiparams{'KEY'}}[27]); - my $ovsubnet = "@ovsubnettemp[0].@ovsubnettemp[1].@ovsubnettemp[2]"; + my $ovsubnet = "$ovsubnettemp[0].$ovsubnettemp[1].$ovsubnettemp[2]"; my $tunmtu = ''; my @remsubnet = split(/\//,$confighash{$cgiparams{'KEY'}}[8]); + my $n2nfragment = ''; open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $!"; flock CLIENTCONF, 2; @@ -1582,7 +1650,6 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ print CLIENTCONF "# Packet size\n"; if ($confighash{$cgiparams{'KEY'}}[31] eq '') {$tunmtu = '1400'} else {$tunmtu = $confighash{$cgiparams{'KEY'}}[31]}; print CLIENTCONF "tun-mtu $tunmtu\n"; - print CLIENTCONF "ns-cert-type server\n"; } if ($confighash{$cgiparams{'KEY'}}[28] eq 'udp') { @@ -1590,10 +1657,10 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ print CLIENTCONF "# Paketsize\n"; if ($confighash{$cgiparams{'KEY'}}[31] eq '') {$tunmtu = '1500'} else {$tunmtu = $confighash{$cgiparams{'KEY'}}[31]}; print CLIENTCONF "tun-mtu $tunmtu\n"; - if ($cgiparams{'FRAGMENT'} ne '') {print CLIENTCONF "fragment $cgiparams{'FRAGMENT'}\n";} + if ($confighash{$cgiparams{'KEY'}}[24] ne '') {print CLIENTCONF "fragment $confighash{$cgiparams{'KEY'}}[24]\n";} if ($confighash{$cgiparams{'KEY'}}[23] eq 'on') {print CLIENTCONF "mssfix\n";} } - + print CLIENTCONF "ns-cert-type server\n"; print CLIENTCONF "# Auth. Client\n"; print CLIENTCONF "tls-client\n"; print CLIENTCONF "# Cipher\n"; @@ -1614,7 +1681,8 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ print CLIENTCONF "daemon $confighash{$cgiparams{'KEY'}}[1]n2n\n"; print CLIENTCONF "writepid /var/run/$confighash{$cgiparams{'KEY'}}[1]n2n.pid\n"; print CLIENTCONF "# Activate Management Interface and Port\n"; - print CLIENTCONF "# management localhost 4711\n"; + if ($confighash{$cgiparams{'KEY'}}[22] eq '') {print CLIENTCONF "management localhost $confighash{$cgiparams{'KEY'}}[29]\n"} + else {print CLIENTCONF "management localhost $confighash{$cgiparams{'KEY'}}[22]\n"}; print CLIENTCONF "# remsub $confighash{$cgiparams{'KEY'}}[11]\n"; @@ -1812,6 +1880,7 @@ else %cahash = (); %confighash = (); &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams); + read_routepushfile; # if ($cgiparams{'CLIENT2CLIENT'} eq '') { # $cgiparams{'CLIENT2CLIENT'} = 'on'; @@ -1886,6 +1955,25 @@ ADV_ERROR: WINS + + + $Lang::tr{'ovpn routes push options'} + + + $Lang::tr{'ovpn routes push'} + + +
    @@ -2200,7 +2288,12 @@ if ( -s "${General::swroot}/ovpn/settings") { $Lang::tr{'net to net vpn'} (Upload Client Package)   - +  Import Connection Name +  Default : Client Packagename +
    + +   + * $Lang::tr{'this field may be blank'} END ; @@ -2231,11 +2324,14 @@ END my @firen2nconf; my @confdetails; my $uplconffilename =''; + my $uplconffilename2 =''; my $uplp12name = ''; + my $uplp12name2 = ''; my @rem_subnet; my @rem_subnet2; my @tmposupnet3; my $key; + my @n2nname; &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); @@ -2299,14 +2395,38 @@ END ### # m.a.d net2net ### + + if ($cgiparams{'n2nname'} ne ''){ + + $uplconffilename2 = "$cgiparams{'n2nname'}.conf"; + $uplp12name2 = "$cgiparams{'n2nname'}.p12"; + $n2nname[0] = $cgiparams{'n2nname'}; + my @n2nname2 = split(/\./,$uplconffilename); + $n2nname2[0] =~ s/\n|\r//g; + my $input1 = "${General::swroot}/ovpn/certs/$uplp12name"; + my $output1 = "${General::swroot}/ovpn/certs/$uplp12name2"; + my $input2 = "$n2nname2[0]n2n"; + my $output2 = "$n2nname[0]n2n"; + my $filename = "$tempdir/$uplconffilename"; + open(FILE, "< $filename") or die 'Unable to open config file.'; + my @current = ; + close(FILE); + foreach (@current) {s/$input1/$output1/g;} + foreach (@current) {s/$input2/$output2/g;} + open (OUT, "> $filename") || die 'Unable to open config file.'; + print OUT @current; + close OUT; - my @n2nname = split(/\./,$uplconffilename); + }else{ + $uplconffilename2 = $uplconffilename; + $uplp12name2 = $uplp12name; + @n2nname = split(/\./,$uplconffilename); $n2nname[0] =~ s/\n|\r//g; - + } unless(-d "${General::swroot}/ovpn/n2nconf/"){mkdir "${General::swroot}/ovpn/n2nconf", 0755 or die "Unable to create dir $!";} unless(-d "${General::swroot}/ovpn/n2nconf/$n2nname[0]"){mkdir "${General::swroot}/ovpn/n2nconf/$n2nname[0]", 0770 or die "Unable to create dir $!";} - move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename"); + move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename2"); if ($? ne 0) { $errormessage = "*.conf move failed: $!"; @@ -2314,7 +2434,7 @@ END goto N2N_ERROR; } - move("$tempdir/$uplp12name", "${General::swroot}/ovpn/certs/$uplp12name"); + move("$tempdir/$uplp12name", "${General::swroot}/ovpn/certs/$uplp12name2"); chmod 0600, "${General::swroot}/ovpn/certs/$uplp12name"; if ($? ne 0) { @@ -2327,18 +2447,20 @@ my $complzoactive; my $mssfixactive; my $n2nfragment; my @n2nproto2 = split(/ /, (grep { /^proto/ } @firen2nconf)[0]); -my @n2nproto = split(/-/, @n2nproto2[1]); +my @n2nproto = split(/-/, $n2nproto2[1]); my @n2nport = split(/ /, (grep { /^port/ } @firen2nconf)[0]); my @n2ntunmtu = split(/ /, (grep { /^tun-mtu/ } @firen2nconf)[0]); my @n2ncomplzo = grep { /^comp-lzo/ } @firen2nconf; if ($n2ncomplzo[0] =~ /comp-lzo/){$complzoactive = "on";} else {$complzoactive = "off";} my @n2nmssfix = grep { /^mssfix/ } @firen2nconf; if ($n2nmssfix[0] =~ /mssfix/){$mssfixactive = "on";} else {$mssfixactive = "off";} +#my @n2nmssfix = split(/ /, (grep { /^mssfix/ } @firen2nconf)[0]); my @n2nfragment = split(/ /, (grep { /^fragment/ } @firen2nconf)[0]); my @n2nremote = split(/ /, (grep { /^remote/ } @firen2nconf)[0]); my @n2novpnsuball = split(/ /, (grep { /^ifconfig/ } @firen2nconf)[0]); my @n2novpnsub = split(/\./,$n2novpnsuball[1]); my @n2nremsub = split(/ /, (grep { /^route/ } @firen2nconf)[0]); +my @n2nmgmt = split(/ /, (grep { /^management/ } @firen2nconf)[0]); my @n2nlocalsub = split(/ /, (grep { /^# remsub/ } @firen2nconf)[0]); @@ -2357,6 +2479,7 @@ $n2nremsub[1] =~ s/\n|\r//g; $n2nremsub[2] =~ s/\n|\r//g; $n2nlocalsub[2] =~ s/\n|\r//g; $n2nfragment[1] =~ s/\n|\r//g; +$n2nmgmt[2] =~ s/\n|\r//g; chomp ($complzoactive); chomp ($mssfixactive); @@ -2420,7 +2543,8 @@ foreach my $dkey (keys %confighash) { $confighash{$key}[8] = $n2nlocalsub[2]; $confighash{$key}[10] = $n2nremote[1]; $confighash{$key}[11] = "$n2nremsub[1]/$n2nremsub[2]"; - $confighash{$key}[23] = $mssfixactive; + $confighash{$key}[22] = $n2nmgmt[2]; + $confighash{$key}[23] = $mssfixactive; $confighash{$key}[24] = $n2nfragment[1]; $confighash{$key}[25] = 'IPFire n2n Client'; $confighash{$key}[26] = 'red'; @@ -2466,6 +2590,7 @@ foreach my $dkey (keys %confighash) { MSSFIX $confighash{$key}[23] Fragment $confighash{$key}[24] $Lang::tr{'MTU'}$confighash{$key}[31] + Management Port $confighash{$key}[22]    END @@ -2546,6 +2671,7 @@ if ($confighash{$cgiparams{'KEY'}}) { $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10]; $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11]; # n2n m.a.d new fields + $cgiparams{'OVPN_MGMT'} = $confighash{$cgiparams{'KEY'}}[22]; $cgiparams{'MSSFIX'} = $confighash{$cgiparams{'KEY'}}[23]; $cgiparams{'FRAGMENT'} = $confighash{$cgiparams{'KEY'}}[24]; $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25]; @@ -2612,6 +2738,13 @@ if ($cgiparams{'TYPE'} eq 'net') { rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; goto VPNCONF_ERROR; } + + if ($cgiparams{'DEST_PORT'} eq '') { + $errormessage = $Lang::tr{'openvpn destination port used'}; + unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; + rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; + goto VPNCONF_ERROR; + } if ($cgiparams{'OVPN_SUBNET'} eq $vpnsettings{'DOVPN_SUBNET'}) { $errormessage = $Lang::tr{'openvpn subnet is used'}; @@ -2654,6 +2787,11 @@ if ($cgiparams{'TYPE'} eq 'net') { rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; goto VPNCONF_ERROR; } + + if ($cgiparams{'OVPN_MGMT'} eq '') { + $cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'}; + } + } # if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) { @@ -3023,6 +3161,11 @@ if ($cgiparams{'TYPE'} eq 'net') { } $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'}; $confighash{$key}[10] = $cgiparams{'REMOTE'}; + if ($cgiparams{'OVPN_MGMT'} eq '') { + $confighash{$key}[22] = $confighash{$key}[29]; + } else { + $confighash{$key}[22] = $cgiparams{'OVPN_MGMT'}; + } $confighash{$key}[23] = $cgiparams{'MSSFIX'}; $confighash{$key}[24] = $cgiparams{'FRAGMENT'}; $confighash{$key}[25] = $cgiparams{'REMARK'}; @@ -3069,6 +3212,14 @@ if ($cgiparams{'TYPE'} eq 'net') { goto VPNCONF_END; } else { $cgiparams{'ENABLED'} = 'on'; +### +# m.a.d n2n begin +### + $cgiparams{'MSSFIX'} = 'on'; + $cgiparams{'FRAGMENT'} = '1300'; +### +# m.a.d n2n end +### $cgiparams{'SIDE'} = 'left'; if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) { $cgiparams{'AUTH'} = 'psk'; @@ -3204,13 +3355,19 @@ if ($cgiparams{'TYPE'} eq 'net') { mssfix   - - fragment   + $Lang::tr{'openvpn default'}: on + + fragment   $Lang::tr{'openvpn default'}: 1300 $Lang::tr{'MTU'}  - + + $Lang::tr{'openvpn default'}: udp/tcp 1500/1400 + + Management Port  + + $Lang::tr{'openvpn default'}: $Lang::tr{'destination port'} END ; @@ -3260,10 +3417,12 @@ END print < - + $Lang::tr{'upload a certificate request'} $Lang::tr{'upload a certificate'} - +   +
    +   $Lang::tr{'generate a certificate'}   $Lang::tr{'users fullname or system hostname'}:  $Lang::tr{'users email'}:  @@ -3292,7 +3451,8 @@ print < $Lang::tr{'city'}:   $Lang::tr{'state or province'}:   $Lang::tr{'country'}:   $Lang::tr{'pkcs12 file password'}:  $Lang::tr{'pkcs12 file password'}:
    ($Lang::tr{'confirmation'}) +   +
    + * $Lang::tr{'this field may be blank'} END }else{ @@ -3331,6 +3494,8 @@ END         +
    + * $Lang::tr{'this field may be blank'} END @@ -3683,6 +3848,7 @@ END ### # m.a.d net2net +#$Lang::tr{'remark'}
    L2089 ### &Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' }); @@ -3694,8 +3860,8 @@ END $Lang::tr{'name'} $Lang::tr{'type'} $Lang::tr{'common name'} - $Lang::tr{'valid till'} - $Lang::tr{'remark'}
    L2089 + $Lang::tr{'valid till'} + $Lang::tr{'remark'} $Lang::tr{'status'} $Lang::tr{'action'} @@ -3727,7 +3893,7 @@ END my $active = "
    $Lang::tr{'capsclosed'}
    "; if ($confighash{$key}[0] eq 'off') { - $active = "
    $Lang::tr{'openvpn disabled'}
    "; + $active = "
    $Lang::tr{'capsclosed'}
    "; } else { ### @@ -3735,24 +3901,36 @@ END ### if ($confighash{$key}[3] eq 'net') { -# my @tempovpnsubnet = split("\/",$confighash{$key}[27]); -# my @ovpnip = split /\./,$tempovpnsubnet[0]; -# my $pingip = ""; -# if ($confighash{$key}[6] eq 'server') { -# $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].2"; -# } else { -# $pingip = "$ovpnip[0].$ovpnip[1].$ovpnip[2].1"; -# } -# my $p = Net::Ping->new("udp",1); -# if ($p->ping($pingip)) { -# $active = "
    $Lang::tr{'capsopen'}
    "; -# } -# $p->close(); - - if (-e "/var/run/$confighash{$key}[1]n2n.pid") { - $active = "
    $Lang::tr{'openvpn enabled'}
    "; - } - } + + if (-e "/var/run/$confighash{$key}[1]n2n.pid") { + my @output = ""; + my @tustate = ""; + my $tport = $confighash{$key}[22]; + my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); + if ($tport ne '') { + $tnet->open('127.0.0.1'); + @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/'); + @tustate = split(/\,/, $output[1]); +### +#CONNECTING -- OpenVPN's initial state. +#WAIT -- (Client only) Waiting for initial response from server. +#AUTH -- (Client only) Authenticating with server. +#GET_CONFIG -- (Client only) Downloading configuration options from server. +#ASSIGN_IP -- Assigning IP address to virtual network interface. +#ADD_ROUTES -- Adding routes to system. +#CONNECTED -- Initialization Sequence Completed. +#RECONNECTING -- A restart has occurred. +#EXITING -- A graceful exit is in progress. +#### + + if ( $tustate[1] eq 'CONNECTED') { + $active = "
    $Lang::tr{'capsopen'}
    "; + } else { + $active = "
    $tustate[1]
    "; + } + } + } + } else { my $cn; my @match = (); @@ -3767,7 +3945,7 @@ END if ($cn eq "$confighash{$key}[2]") { $active = "
    $Lang::tr{'capsopen'}
    "; } - + } } } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 727470fba9..a47c9f7bc8 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1367,6 +1367,10 @@ 'ovpn_processprioVH' => 'Sehr Hoch', 'ovpnstatus log' => 'OVPN-Status-Log', 'ovpnsys log' => 'OVPN-System-Log', +'ovpn routes push options' => 'Route push Optionen', +'ovpn routes push' => 'Routen', +'ovpn errmsg invalid ip or mask' => 'Ungültige Netzwerk-Adresse oder Subnetzmaske', +'ovpn errmsg green already pushed' => 'Route für grünes Netzwerk wird immer gesetzt', 'package failed to install' => 'Programmpaket konnte nicht installiert werden.', 'pagerefresh' => 'Seite wird aktualisiert. Bitte warten.', 'pakfire accept all' => 'Möchten Sie der Installation aller Pakete zustimmen?', diff --git a/lfs/Net-Telnet b/lfs/Net-Telnet new file mode 100644 index 0000000000..8d911f80bf --- /dev/null +++ b/lfs/Net-Telnet @@ -0,0 +1,77 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2012 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 3.03 + +THISAPP = Net-Telnet-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 2f7d34b09d6117baefe89d44cff9d5fc + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && perl Makefile.PL + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/libpng b/lfs/libpng index 60b25a009d..707511867f 100644 --- a/lfs/libpng +++ b/lfs/libpng @@ -24,10 +24,10 @@ include Config -VER = 1.2.44 +VER = 1.2.46 THISAPP = libpng-$(VER) -DL_FILE = $(THISAPP).tar.xz +DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 098ab673ab74015978db98667febc4a9 +$(DL_FILE)_MD5 = 03ddfc17ad321db93f984581e9415d22 install : $(TARGET) @@ -69,7 +69,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/openvpn b/lfs/openvpn index 41594b7091..4f10e7afbe 100644 --- a/lfs/openvpn +++ b/lfs/openvpn @@ -24,7 +24,7 @@ include Config -VER = 2.2.1 +VER = 2.2.2 THISAPP = openvpn-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 500bee5449b29906150569aaf2eb2730 +$(DL_FILE)_MD5 = c5181e27b7945fa6276d21873329c5c7 install : $(TARGET) @@ -70,20 +70,26 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/var/ipfire/ovpn \ - --enable-pthread + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/var/ipfire/ovpn \ + --enable-password-save \ + --enable-pthread cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install cd $(DIR_APP) && cp -Rvf $(DIR_SRC)/config/ovpn /var/ipfire + -mkdir -pv /usr/lib/openvpn cd $(DIR_APP)/plugin/auth-pam && make - cp -pvf $(DIR_APP)/plugin/auth-pam/openvpn-auth-pam.so /lib/ + cp -pvf $(DIR_APP)/plugin/auth-pam/openvpn-auth-pam.so /usr/lib/openvpn cd $(DIR_APP)/plugin/down-root && make - cp -pvf $(DIR_APP)/plugin/down-root/openvpn-down-root.so /lib/ + cp -pvf $(DIR_APP)/plugin/down-root/openvpn-down-root.so /usr/lib/openvpn -mkdir -vp /var/ipfire/ovpn/ca -mkdir -vp /var/ipfire/ovpn/crls -mkdir -vp /var/ipfire/ovpn/n2nconf + -mkdir -vp /var/ipfire/ovpn/scripts touch /var/ipfire/ovpn/ovpn-leases.db chmod 700 /var/ipfire/ovpn/ovpn-leases.db + chown -R root:root /var/ipfire/ovpn/scripts chown -R nobody:nobody /var/ipfire/ovpn chown root.nobody /var/log/ovpnserver.log chmod 755 /var/ipfire/ovpn/verify diff --git a/lfs/strongswan b/lfs/strongswan index 7370be9e5a..964f2ed46e 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -24,7 +24,7 @@ include Config -VER = 4.6.1 +VER = 4.6.2 THISAPP = strongswan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 85a28a12ed6f286a5bc9117e3a9386bb +$(DL_FILE)_MD5 = ed64e6746011930a70f3a271dc0e3c9e install : $(TARGET) diff --git a/lfs/usb_modeswitch b/lfs/usb_modeswitch index db9ca3a47b..09a0b682f2 100644 --- a/lfs/usb_modeswitch +++ b/lfs/usb_modeswitch @@ -24,7 +24,7 @@ include Config -VER = 1.2.2 +VER = 1.2.3 THISAPP = usb-modeswitch-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 4f3d3b9342b59b488089a8a81abda3ae +$(DL_FILE)_MD5 = 9b29e8b0d93d7604a9e5efc4696d37a3 install : $(TARGET) diff --git a/lfs/vim b/lfs/vim index a018dc1c4e..3935d33516 100644 --- a/lfs/vim +++ b/lfs/vim @@ -79,9 +79,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) ln -sv vim /usr/bin/vi echo "set nocompatible" > /etc/vimrc echo "set backspace=2" >> /etc/vimrc + echo "set ruler" >> /etc/vimrc echo "syntax on" >> /etc/vimrc echo -e "if (&term == \"iterm\") || (&term == \"putty\")" >> /etc/vimrc - echo "set background=dark" >> /etc/vimrc + echo " set background=dark" >> /etc/vimrc echo "endif" >> /etc/vimrc @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/make.sh b/make.sh index c5f0828952..da98e2883f 100755 --- a/make.sh +++ b/make.sh @@ -25,7 +25,7 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.11" # Version number -CORE="57" # Core Level (Filename) +CORE="58" # Core Level (Filename) PAKFIRE_CORE="57" # Core Level (PAKFIRE) GIT_BRANCH=`git status | head -n1 | cut -d" " -f4` # Git Branch SLOGAN="www.ipfire.org" # Software slogan @@ -575,6 +575,7 @@ buildipfire() { ipfiremake Locale-Country ipfiremake XML-Parser ipfiremake Crypt-PasswdMD5 + ipfiremake Net-Telnet ipfiremake python-setuptools ipfiremake python-clientform ipfiremake python-mechanize