ipfire-2.x.git
7 years agoMerge branch 'iptables-upnpfw' into core67-merge
Stefan Schantl [Sun, 3 Mar 2013 12:57:39 +0000 (13:57 +0100)] 
Merge branch 'iptables-upnpfw' into core67-merge

7 years agoMerge remote-tracking branch 'erik/sendEmail' into core67-merge
Stefan Schantl [Sun, 3 Mar 2013 12:42:22 +0000 (13:42 +0100)] 
Merge remote-tracking branch 'erik/sendEmail' into core67-merge

Conflicts:
make.sh

7 years agoMerge branch 'ovpn-client-pkg-download' into core67-merge
Stefan Schantl [Sun, 3 Mar 2013 12:37:15 +0000 (13:37 +0100)] 
Merge branch 'ovpn-client-pkg-download' into core67-merge

7 years agoupdateaxelerator: Add extension for Windows 8 updates.
Joern-Ingo Weigert [Sat, 2 Mar 2013 22:06:32 +0000 (23:06 +0100)] 
updateaxelerator: Add extension for Windows 8 updates.

New extension for Windows 8 update files (msu).

Fixes #10326.

7 years agoupdatexlrator.cgi: Vendor icon "updxl-src-unknown.gif" are used, regardless of presen...
Joern-Ingo Weigert [Sat, 2 Mar 2013 21:34:20 +0000 (22:34 +0100)] 
updatexlrator.cgi: Vendor icon "updxl-src-unknown.gif" are used, regardless of presence in image-dir.

Fixes #10254.

7 years agoupdateaxelerator: Adding line to hint where to add new sources.
Joern-Ingo Weigert [Sat, 2 Mar 2013 19:06:03 +0000 (20:06 +0100)] 
updateaxelerator: Adding line to hint where to add new sources.

Fixes #10253.

7 years agoovpnmain.cgi: Change check for pushed dhcp domains.
Alexander Marx [Sat, 2 Mar 2013 11:48:11 +0000 (12:48 +0100)] 
ovpnmain.cgi: Change check for pushed dhcp domains.

The Domainname is now checked against validdomainname instead of validfqdn,
so there's no need of a dotted domainname anymore.

Fixes #10262.

7 years agoovpnmain.cgi: Fix downloading of client packages.
Alexander Marx [Fri, 1 Mar 2013 18:25:15 +0000 (19:25 +0100)] 
ovpnmain.cgi: Fix downloading of client packages.

It was only possible to download the client packages if the OpenVPN server is running - which is very confusing.

Fixes #10300.

7 years agocore66: add backup.cgi to updater. core66
Arne Fitzenreiter [Sun, 17 Feb 2013 21:38:35 +0000 (22:38 +0100)] 
core66: add backup.cgi to updater.

7 years agoQoS: remove noecn from fq_codel option. v2.13-core66
Arne Fitzenreiter [Sat, 16 Feb 2013 15:34:22 +0000 (16:34 +0100)] 
QoS: remove noecn from fq_codel option.

ingress shaping need to drop some packets to limiting downloads.

7 years agobackupiso: disable on arm (we have no iso).
Arne Fitzenreiter [Fri, 15 Feb 2013 18:15:11 +0000 (19:15 +0100)] 
backupiso: disable on arm (we have no iso).

and fix syntax error.

7 years agoinstaller: fix firstsetup and set ext4 fs for unattend.
Arne Fitzenreiter [Fri, 15 Feb 2013 06:41:50 +0000 (07:41 +0100)] 
installer: fix firstsetup and set ext4 fs for unattend.

7 years agobackupiso: don't redownload source iso every time.
Arne Fitzenreiter [Fri, 15 Feb 2013 06:30:11 +0000 (07:30 +0100)] 
backupiso: don't redownload source iso every time.

7 years agoIPFire 2.13 final.
Arne Fitzenreiter [Thu, 14 Feb 2013 21:16:16 +0000 (22:16 +0100)] 
IPFire 2.13 final.

7 years agobackupiso: serveral small improvements.
Timo Eissler [Thu, 14 Feb 2013 21:08:30 +0000 (22:08 +0100)] 
backupiso: serveral small improvements.

fixes #10233

7 years agoproxy: allow access to IPFire itself if nets are blocked.
Arne Fitzenreiter [Thu, 14 Feb 2013 18:33:37 +0000 (19:33 +0100)] 
proxy: allow access to IPFire itself if nets are blocked.

This fixes missing pictures on blocking pages.
fixes #10138

7 years agoreadhash: allow % character in config files.
Arne Fitzenreiter [Thu, 14 Feb 2013 17:59:42 +0000 (18:59 +0100)] 
readhash: allow % character in config files.

7 years agoQoS: Don't create template when bandwidth is empty.
Michael Tremer [Thu, 14 Feb 2013 14:35:43 +0000 (15:35 +0100)] 
QoS: Don't create template when bandwidth is empty.

7 years agoqos: Remove advanced settings.
Stefan Schantl [Wed, 13 Feb 2013 20:35:54 +0000 (21:35 +0100)] 
qos: Remove advanced settings.

7 years agoQoS: Make fq_codel queues smaller and remove HTB qdisc when QoS stops.
Michael Tremer [Wed, 13 Feb 2013 18:01:18 +0000 (19:01 +0100)] 
QoS: Make fq_codel queues smaller and remove HTB qdisc when QoS stops.

  http://patchwork.openwrt.org/patch/2681/

7 years agocurl: Update to 7.29.0.
Michael Tremer [Tue, 12 Feb 2013 19:13:59 +0000 (20:13 +0100)] 
curl: Update to 7.29.0.

Security fix for http://curl.haxx.se/docs/adv_20130206.html.

7 years agoFix typo in Dutch translation.
Michael Tremer [Tue, 12 Feb 2013 18:11:35 +0000 (19:11 +0100)] 
Fix typo in Dutch translation.

7 years agoAdd Dutch squid error messages.
Michael Tremer [Sat, 9 Feb 2013 20:58:14 +0000 (21:58 +0100)] 
Add Dutch squid error messages.

7 years agoUpdate of Dutch translation.
Hans Horsten [Sat, 9 Feb 2013 20:56:30 +0000 (21:56 +0100)] 
Update of Dutch translation.

7 years agoIPFire 2.13rc2. rc2 v2.13-rc2
Arne Fitzenreiter [Fri, 8 Feb 2013 18:22:40 +0000 (19:22 +0100)] 
IPFire 2.13rc2.

7 years agocore66: add changed initskripts to updater.
Arne Fitzenreiter [Fri, 8 Feb 2013 18:21:52 +0000 (19:21 +0100)] 
core66: add changed initskripts to updater.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Fri, 8 Feb 2013 14:49:38 +0000 (15:49 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agoleds: setup alix:1 as heartbeat.
Arne Fitzenreiter [Thu, 7 Feb 2013 19:28:11 +0000 (20:28 +0100)] 
leds: setup alix:1 as heartbeat.

7 years agosyslinux: update to 4.06.
Arne Fitzenreiter [Thu, 7 Feb 2013 19:25:54 +0000 (20:25 +0100)] 
syslinux: update to 4.06.

7 years agonetwork-skripts: fix gateway replace in /etc/hosts.
Arne Fitzenreiter [Thu, 7 Feb 2013 19:23:01 +0000 (20:23 +0100)] 
network-skripts: fix gateway replace in /etc/hosts.

7 years agobind: Ship dig.
Michael Tremer [Thu, 7 Feb 2013 16:06:13 +0000 (17:06 +0100)] 
bind: Ship dig.

References #10151.

7 years agoDelete checkdeaddl.lck file on boot.
Daniel Weismüller [Thu, 7 Feb 2013 10:36:03 +0000 (11:36 +0100)] 
Delete checkdeaddl.lck file on boot.

This lock file does only exist, when the system has suddenly
been shut down while update accelerator is optimizing its cache.

7 years agokernel: update to 3.2.38.
Arne Fitzenreiter [Wed, 6 Feb 2013 19:08:02 +0000 (20:08 +0100)] 
kernel: update to 3.2.38.

7 years agoinstaller: fix dutch language.
Arne Fitzenreiter [Tue, 5 Feb 2013 22:59:38 +0000 (23:59 +0100)] 
installer: fix dutch language.

7 years agoconfigroot: rootfile update.
Arne Fitzenreiter [Tue, 5 Feb 2013 22:33:43 +0000 (23:33 +0100)] 
configroot: rootfile update.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Tue, 5 Feb 2013 21:37:05 +0000 (22:37 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agolibsmooth: add dutch language.
Arne Fitzenreiter [Tue, 5 Feb 2013 21:32:16 +0000 (22:32 +0100)] 
libsmooth: add dutch language.

7 years agoClose console after 10 minutes idle.
Daniel Weismüller [Tue, 5 Feb 2013 20:35:16 +0000 (21:35 +0100)] 
Close console after 10 minutes idle.

For security reasons, all local consoles get closed
after 10 min idle. This does not count for screen or ssh sessions.

7 years agosetup: Add Dutch language selection.
Michael Tremer [Tue, 5 Feb 2013 20:19:41 +0000 (21:19 +0100)] 
setup: Add Dutch language selection.

7 years agoLanguage cleanups by ./make.sh lang.
Michael Tremer [Tue, 5 Feb 2013 20:17:31 +0000 (21:17 +0100)] 
Language cleanups by ./make.sh lang.

7 years agomake.sh: Add Dutch to the language management code.
Michael Tremer [Tue, 5 Feb 2013 20:17:06 +0000 (21:17 +0100)] 
make.sh: Add Dutch to the language management code.

7 years agowui: Add Dutch language selection.
Michael Tremer [Tue, 5 Feb 2013 20:16:42 +0000 (21:16 +0100)] 
wui: Add Dutch language selection.

7 years agoinstaller: Add Dutch language selection.
Michael Tremer [Tue, 5 Feb 2013 20:15:48 +0000 (21:15 +0100)] 
installer: Add Dutch language selection.

7 years agoAdd Nederlands (Dutch) language support.
H. Horsten [Tue, 5 Feb 2013 20:11:02 +0000 (21:11 +0100)] 
Add Nederlands (Dutch) language support.

7 years agoopenssh: Update to 6.1p1.
Michael Tremer [Tue, 5 Feb 2013 18:26:58 +0000 (19:26 +0100)] 
openssh: Update to 6.1p1.

7 years agoopenssl: Update to 0.9.8y.
Michael Tremer [Tue, 5 Feb 2013 18:01:11 +0000 (19:01 +0100)] 
openssl: Update to 0.9.8y.

Fixes the "Lucky Thirteen" issue: http://www.isg.rhul.ac.uk/tls/
also known as CVE-2013-0169

http://www.openssl.org/news/secadv_20130205.txt

7 years agographs: add mmcblk to media graphs.
Arne Fitzenreiter [Tue, 5 Feb 2013 01:07:42 +0000 (02:07 +0100)] 
graphs: add mmcblk to media graphs.

7 years agohostapd: update to 2.0.
Arne Fitzenreiter [Tue, 5 Feb 2013 00:48:27 +0000 (01:48 +0100)] 
hostapd: update to 2.0.

7 years agowpa_supplicant: update to 2.0.
Arne Fitzenreiter [Tue, 5 Feb 2013 00:47:58 +0000 (01:47 +0100)] 
wpa_supplicant: update to 2.0.

7 years agostrongswan: rootfile update. rc1 v2.13-rc1
Arne Fitzenreiter [Sat, 2 Feb 2013 10:56:41 +0000 (11:56 +0100)] 
strongswan: rootfile update.

7 years agosnort: fix sourcefire rules downloads.
Arne Fitzenreiter [Sat, 2 Feb 2013 08:57:14 +0000 (09:57 +0100)] 
snort: fix sourcefire rules downloads.

7 years agosnort: remove wrong core65 file create by the revert.
Arne Fitzenreiter [Sat, 2 Feb 2013 08:51:47 +0000 (09:51 +0100)] 
snort: remove wrong core65 file create by the revert.

7 years agoRevert "Revert "snort: Update to 2.9.4.""
Arne Fitzenreiter [Sat, 2 Feb 2013 08:50:49 +0000 (09:50 +0100)] 
Revert "Revert "snort: Update to 2.9.4.""

This reverts commit f17d112c0480e951771bdca5f5eace7592ecd2c2.

7 years agoqos: fix replacement of fq_codel with htb at qos start.
Arne Fitzenreiter [Sat, 2 Feb 2013 08:47:58 +0000 (09:47 +0100)] 
qos: fix replacement of fq_codel with htb at qos start.

7 years agosetclock: fix empty logfile check.
Arne Fitzenreiter [Sat, 2 Feb 2013 08:42:05 +0000 (09:42 +0100)] 
setclock: fix empty logfile check.

7 years agovpnmain: disabled address check.
Arne Fitzenreiter [Sat, 2 Feb 2013 08:40:15 +0000 (09:40 +0100)] 
vpnmain: disabled address check.

this temporary fixes bug #10294 until the check was fixed to check the
complete source and dest net.

7 years agoIPFire 2.13rc1.
Arne Fitzenreiter [Wed, 30 Jan 2013 18:27:38 +0000 (19:27 +0100)] 
IPFire 2.13rc1.

7 years agosamba: updated to 3.6.12.
Arne Fitzenreiter [Wed, 30 Jan 2013 18:26:40 +0000 (19:26 +0100)] 
samba: updated to 3.6.12.

7 years agomake.sh: Add "dirty" to system-release if uncommited changes found.
Arne Fitzenreiter [Wed, 30 Jan 2013 18:25:52 +0000 (19:25 +0100)] 
make.sh: Add "dirty" to system-release if uncommited changes found.

7 years agoinstaller: Add bigger warning that all data will be destroyed during the installation...
Michael Tremer [Wed, 30 Jan 2013 12:41:13 +0000 (13:41 +0100)] 
installer: Add bigger warning that all data will be destroyed during the installation process.

7 years agolibupnp: Update to 1.6.18.
Michael Tremer [Wed, 30 Jan 2013 08:55:03 +0000 (09:55 +0100)] 
libupnp: Update to 1.6.18.

Fixes a whole bunch of security issues:
  http://www.kb.cert.org/vuls/id/922681

7 years agoMerge remote-tracking branch 'ms/axel-fixperms' into next
Michael Tremer [Sun, 27 Jan 2013 14:58:14 +0000 (15:58 +0100)] 
Merge remote-tracking branch 'ms/axel-fixperms' into next

7 years agoigb: update to 4.1.2.
Arne Fitzenreiter [Sun, 27 Jan 2013 12:01:01 +0000 (13:01 +0100)] 
igb: update to 4.1.2.

7 years agor8168: update to 8.035.00.
Arne Fitzenreiter [Sun, 27 Jan 2013 12:00:14 +0000 (13:00 +0100)] 
r8168: update to 8.035.00.

7 years agocore66: create device.map before grub install.
Arne Fitzenreiter [Sun, 27 Jan 2013 10:33:50 +0000 (11:33 +0100)] 
core66: create device.map before grub install.

7 years agocore66: remove proxy-cache from the updater/backup.
Arne Fitzenreiter [Sat, 26 Jan 2013 19:23:38 +0000 (20:23 +0100)] 
core66: remove proxy-cache from the updater/backup.

7 years agoMerge remote-tracking branch 'ummeegge/ovpn-firewall-fixes' into next
Arne Fitzenreiter [Sat, 26 Jan 2013 19:14:27 +0000 (20:14 +0100)] 
Merge remote-tracking branch 'ummeegge/ovpn-firewall-fixes' into next

7 years agoMerge remote-tracking branch 'stevee/proxy-cgi-ldap-hostname' into next
Arne Fitzenreiter [Sat, 26 Jan 2013 19:10:10 +0000 (20:10 +0100)] 
Merge remote-tracking branch 'stevee/proxy-cgi-ldap-hostname' into next

7 years agocore66: add updatexlerator download to updater.
Arne Fitzenreiter [Sat, 26 Jan 2013 19:08:44 +0000 (20:08 +0100)] 
core66: add updatexlerator download to updater.

7 years agoMerge remote-tracking branch 'stevee/axel-log-fix' into next
Arne Fitzenreiter [Sat, 26 Jan 2013 19:06:18 +0000 (20:06 +0100)] 
Merge remote-tracking branch 'stevee/axel-log-fix' into next

7 years agorpi-firmware: disabled idle underclock at default.
Arne Fitzenreiter [Sat, 26 Jan 2013 18:57:14 +0000 (19:57 +0100)] 
rpi-firmware: disabled idle underclock at default.

A user has reported connection problems if this is enabled.

7 years agocifs-utils: new package.
Arne Fitzenreiter [Sat, 26 Jan 2013 18:54:51 +0000 (19:54 +0100)] 
cifs-utils: new package.

last samba update remove mount.cifs so it's now an extra package.

7 years agosamba: update to 3.6.11.
Arne Fitzenreiter [Sat, 26 Jan 2013 18:54:10 +0000 (19:54 +0100)] 
samba: update to 3.6.11.

7 years agoupdate accelerator: Don't change owner of ALL files in cache.
Michael Tremer [Sat, 26 Jan 2013 18:07:17 +0000 (19:07 +0100)] 
update accelerator: Don't change owner of ALL files in cache.

When a file has been downloaded, all files in the update accelerator
cache directory have been chowned which causes huge IO load.
It is only required to set permissions that members of the group
can delete the files (purge function on the web user interface).

Changing the owner is completely unnecessary as only the squid
user needs write access and the web server is able to deliver
any file in the update cache anyways.

7 years agoMerge remote-tracking branch 'stevee/axel-log-fix' into axel-fixperms
Michael Tremer [Sat, 26 Jan 2013 17:54:44 +0000 (18:54 +0100)] 
Merge remote-tracking branch 'stevee/axel-log-fix' into axel-fixperms

7 years agofirewall: Recreate openvpn chains after firewall restart.
Erik Kapfer [Tue, 22 Jan 2013 19:43:15 +0000 (20:43 +0100)] 
firewall: Recreate openvpn chains after firewall restart.

Fixes #10216.

7 years agoproxy.cgi: Allow to set a hostname as upstream proxy.
Stefan Schantl [Tue, 22 Jan 2013 18:38:12 +0000 (19:38 +0100)] 
proxy.cgi: Allow to set a hostname as upstream proxy.

Fixes #10215.

7 years agoproxy.cgi: Also allow to use a hostname for the LDAP server.
Stefan Schantl [Mon, 21 Jan 2013 20:15:50 +0000 (21:15 +0100)] 
proxy.cgi: Also allow to use a hostname for the LDAP server.

Fixes #10265.

7 years agosetclock: use last log access time if no rtc found.
Arne Fitzenreiter [Mon, 21 Jan 2013 16:53:36 +0000 (17:53 +0100)] 
setclock: use last log access time if no rtc found.

This prevents time backjumps that destroy graphs and vnstat data.

7 years agoSQUID : BUG 10280: extended patch, so that 0 is a valid value for disk-cache
Alexander Marx [Wed, 16 Jan 2013 19:38:35 +0000 (20:38 +0100)] 
SQUID : BUG 10280: extended patch, so that 0 is a valid value for disk-cache

7 years agoQoS: Fix configuration of fq_codel as qdisc.
Michael Tremer [Sun, 20 Jan 2013 15:58:43 +0000 (16:58 +0100)] 
QoS: Fix configuration of fq_codel as qdisc.

fq_codel has not been used for egress traffic,
but for ingress traffic.

Also, fq_codel is applied as root qdisc when QoS
is disabled.

7 years agoIPFire 2.13beta2. v2.13-beta2
Arne Fitzenreiter [Sat, 19 Jan 2013 11:48:49 +0000 (12:48 +0100)] 
IPFire 2.13beta2.

7 years agotransmission: update to 2.76.
Arne Fitzenreiter [Sat, 19 Jan 2013 11:07:11 +0000 (12:07 +0100)] 
transmission: update to 2.76.

7 years agocompat-wireless: fix for legacy xen kernel.
Arne Fitzenreiter [Fri, 18 Jan 2013 16:36:25 +0000 (17:36 +0100)] 
compat-wireless: fix for legacy xen kernel.

7 years agofstrim: add daily cronjob.
Arne Fitzenreiter [Thu, 17 Jan 2013 19:38:01 +0000 (20:38 +0100)] 
fstrim: add daily cronjob.

7 years agofstrim: new common package.
Arne Fitzenreiter [Thu, 17 Jan 2013 17:42:10 +0000 (18:42 +0100)] 
fstrim: new common package.

7 years agokernel: updated to 3.2.37.
Arne Fitzenreiter [Thu, 17 Jan 2013 06:41:15 +0000 (07:41 +0100)] 
kernel: updated to 3.2.37.

7 years agovpnmain.cgi: Fix selection of AES-192 as ESP cipher.
Michael Tremer [Tue, 15 Jan 2013 14:57:29 +0000 (15:57 +0100)] 
vpnmain.cgi: Fix selection of AES-192 as ESP cipher.

7 years agovpnmain.cgi: Allow to use PSK if public IP is '%defaultroute'.
Michael Tremer [Tue, 15 Jan 2013 14:45:29 +0000 (15:45 +0100)] 
vpnmain.cgi: Allow to use PSK if public IP is '%defaultroute'.

Openswan did not support to use PSKs on net-to-net connections,
when the public IP of the IPFire box was "%defaultroute".
However, it is required to set the public IP to "%defaultroute"
on NAT-ed devices (such as UMTS connections in Germany) to
connect to other sites as the IPFire box does not know
the real public IP address.

7 years agoinstaller: increase bootpartition.
Arne Fitzenreiter [Sun, 13 Jan 2013 21:54:10 +0000 (22:54 +0100)] 
installer: increase bootpartition.

7 years agoproxy: fix cache_replacement_policy setting.
Arne Fitzenreiter [Sun, 13 Jan 2013 21:46:49 +0000 (22:46 +0100)] 
proxy: fix cache_replacement_policy setting.

fixes: 10264
thx to SAHC for help.

7 years agoupdater: add xvc0 to /etc/securetty on xen update.
Arne Fitzenreiter [Sun, 13 Jan 2013 21:27:25 +0000 (22:27 +0100)] 
updater: add xvc0 to /etc/securetty on xen update.

7 years agosquid: Update to 3.1.23.
Michael Tremer [Sat, 12 Jan 2013 19:44:39 +0000 (20:44 +0100)] 
squid: Update to 3.1.23.

http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_23.html

7 years agode: Fix typos wording and compound/seperate spelling.
Bernhard Bittner [Fri, 11 Jan 2013 14:16:05 +0000 (15:16 +0100)] 
de: Fix typos wording and compound/seperate spelling.

7 years agoAdd proxy.cgi to core update 66.
Michael Tremer [Thu, 10 Jan 2013 20:38:31 +0000 (21:38 +0100)] 
Add proxy.cgi to core update 66.

7 years agoSquid: added check if ram cache is greater than harddisk cache
Alexander Marx [Thu, 10 Jan 2013 15:39:58 +0000 (16:39 +0100)] 
Squid: added check if ram cache is greater than harddisk cache

7 years agoovpn+firewall: Extend example and fixed typos
Erik Kapfer [Thu, 10 Jan 2013 09:13:30 +0000 (10:13 +0100)] 
ovpn+firewall: Extend example and fixed typos

Bug reference #10193 and #10274

7 years agoovpnmain.cgi: Fix typo.
Bernhard Bittner [Wed, 9 Jan 2013 14:21:13 +0000 (15:21 +0100)] 
ovpnmain.cgi: Fix typo.

7 years agosquid: Update to 3.1.22.
Michael Tremer [Wed, 9 Jan 2013 11:39:16 +0000 (12:39 +0100)] 
squid: Update to 3.1.22.

7 years agoupdater: add backup.pl to core.
Arne Fitzenreiter [Mon, 7 Jan 2013 17:17:47 +0000 (18:17 +0100)] 
updater: add backup.pl to core.