ipfire-2.x.git
6 years agoKernel: Add initial support for compulab utilite.
Stefan Schantl [Thu, 19 Dec 2013 20:15:30 +0000 (21:15 +0100)] 
Kernel: Add initial support for compulab utilite.

6 years agoKernel: Add initial support for imx6q wandboard.
Stefan Schantl [Thu, 19 Dec 2013 20:11:54 +0000 (21:11 +0100)] 
Kernel: Add initial support for imx6q wandboard.

The required entries for the device tree are taken from kernel 3.12.

6 years agoRework of flash-images.
Stefan Schantl [Tue, 12 Nov 2013 20:54:12 +0000 (21:54 +0100)] 
Rework of flash-images.

6 years agouboot: Update to 2013.10.
Stefan Schantl [Sat, 16 Nov 2013 21:12:55 +0000 (16:12 -0500)] 
uboot: Update to 2013.10.

6 years agoxen-downloader: build only on i586.
Arne Fitzenreiter [Thu, 19 Dec 2013 09:55:57 +0000 (10:55 +0100)] 
xen-downloader: build only on i586.

6 years agokernel: update to 3.10.24.
Arne Fitzenreiter [Wed, 18 Dec 2013 10:29:48 +0000 (11:29 +0100)] 
kernel: update to 3.10.24.

6 years agoMerge remote-tracking branch 'amarx/difflang' into fifteen
Michael Tremer [Mon, 16 Dec 2013 11:31:19 +0000 (12:31 +0100)] 
Merge remote-tracking branch 'amarx/difflang' into fifteen

6 years agoFirewall: Bugfix: in /etc/init.d/firewall the REDNAT chain was affected BEFORE NAT_SO...
Alexander Marx [Thu, 12 Dec 2013 14:44:45 +0000 (15:44 +0100)] 
Firewall: Bugfix: in /etc/init.d/firewall the REDNAT chain was affected BEFORE NAT_SOURCE. Outgoing SNAT rules where not working though

6 years agoiptables: Update to 1.4.21.
Michael Tremer [Mon, 16 Dec 2013 11:28:08 +0000 (12:28 +0100)] 
iptables: Update to 1.4.21.

6 years agoTOOLS: new script langdiff added. With this script one can check a languagefile again...
Alexander Marx [Fri, 13 Dec 2013 07:03:23 +0000 (08:03 +0100)] 
TOOLS: new script langdiff added. With this script one can check a languagefile against another and gets a txtfile conatining the missing lines.

6 years agowirelesscrtl: Add --wait to iptables command line.
Michael Tremer [Thu, 12 Dec 2013 20:05:56 +0000 (21:05 +0100)] 
wirelesscrtl: Add --wait to iptables command line.

With a huge number of access rules, inserting all rules
into the kernel took a long while in which other iptables
tried to access the kernel's ruleset as well, which then
lead to resource conflicts.

Since iptables 1.4.20, the --wait parameter is supported
that will wait for a global xtables lock and then proceed.

6 years agoMerge remote-tracking branch 'amarx/firewall-fifteen-beta9' into fifteen
Michael Tremer [Tue, 10 Dec 2013 12:31:38 +0000 (13:31 +0100)] 
Merge remote-tracking branch 'amarx/firewall-fifteen-beta9' into fifteen

6 years agoFirewall: rebuild complete counter procedure in firewall-groups. This way the counter...
Alexander Marx [Tue, 10 Dec 2013 11:21:48 +0000 (12:21 +0100)] 
Firewall: rebuild complete counter procedure in firewall-groups. This way the counters are on the fly generated and stable. also this is a prequisite to the new option that firewall-servicegroups can be rolled out by installation

6 years agoMerge branch 'next' into fifteen
Arne Fitzenreiter [Mon, 9 Dec 2013 23:15:01 +0000 (00:15 +0100)] 
Merge branch 'next' into fifteen

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Mon, 9 Dec 2013 23:14:12 +0000 (00:14 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoMerge branch 'master' into next
Arne Fitzenreiter [Mon, 9 Dec 2013 23:13:20 +0000 (00:13 +0100)] 
Merge branch 'master' into next

6 years agosamba: update to 3.6.22.
Arne Fitzenreiter [Mon, 9 Dec 2013 23:07:36 +0000 (00:07 +0100)] 
samba: update to 3.6.22.

Samba 3.6.22 have been issued as security releases in order
to address CVE-2013-4408 (DCE-RPC fragment length field is incorrectly checked)
and CVE-2012-6150 (pam_winbind login without require_membership_of
restrictions).

6 years agoMerge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Arne Fitzenreiter [Mon, 9 Dec 2013 16:13:34 +0000 (17:13 +0100)] 
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen

6 years agokernel: update to 3.10.23.
Arne Fitzenreiter [Mon, 9 Dec 2013 16:10:59 +0000 (17:10 +0100)] 
kernel: update to 3.10.23.

6 years agoFirewall: added DNS (UDP,TCP) to default services
Alexander Marx [Mon, 9 Dec 2013 10:06:50 +0000 (11:06 +0100)] 
Firewall: added DNS (UDP,TCP) to default services

6 years agoFirewall: Fix BETA8 - It was not possible to delete single services from servicegroups
Alexander Marx [Mon, 9 Dec 2013 08:33:21 +0000 (09:33 +0100)] 
Firewall: Fix BETA8 - It was not possible to delete single services from servicegroups

6 years agoMerge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into firewall-fifteen1
Alexander Marx [Mon, 9 Dec 2013 08:29:50 +0000 (09:29 +0100)] 
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into firewall-fifteen1

6 years agomountkernfs: fix mount of /sys and /proc without initrd.
Arne Fitzenreiter [Sun, 8 Dec 2013 15:07:35 +0000 (16:07 +0100)] 
mountkernfs: fix mount of /sys and /proc without initrd.

6 years agokernel: enable grsecurity on rpi kernel.
Arne Fitzenreiter [Sun, 8 Dec 2013 15:03:25 +0000 (16:03 +0100)] 
kernel: enable grsecurity on rpi kernel.

6 years agoFirewall: Added new feature: Now protocols can be added to servicegroups (GRE,AH...
Alexander Marx [Fri, 6 Dec 2013 07:47:11 +0000 (08:47 +0100)] 
Firewall: Added new feature: Now protocols can be added to servicegroups (GRE,AH,ESP,IPIP,IPV6)

6 years agokernel: update to 3.10.22.
Arne Fitzenreiter [Thu, 5 Dec 2013 18:46:25 +0000 (19:46 +0100)] 
kernel: update to 3.10.22.

6 years agoFirewall: forgot to delete a development test string
Alexander Marx [Thu, 5 Dec 2013 14:51:15 +0000 (15:51 +0100)] 
Firewall: forgot to delete a development test string

6 years agoFirewall: Bugfix: Fixed wrong language strings in outgoing FW rules when using std...
Alexander Marx [Mon, 2 Dec 2013 06:56:01 +0000 (07:56 +0100)] 
Firewall: Bugfix: Fixed wrong language strings in outgoing FW rules when using std networks or ipfire

6 years agoFirewall: FIxed wrong language strings in outgoing Firewall
Alexander Marx [Fri, 29 Nov 2013 12:41:57 +0000 (13:41 +0100)] 
Firewall: FIxed wrong language strings in outgoing Firewall

6 years agoFirewall: Fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitd...
Alexander Marx [Tue, 26 Nov 2013 12:34:08 +0000 (13:34 +0100)] 
Firewall: Fixes commit git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=e19a36c4a09ea417ce9d577c262f17242eec4a31

Now all "active" Strings from all languagefiles are checked against the old rule to find out if logging is enabled

Conflicts:
config/firewall/convert-outgoingfw

6 years agoFirewall: fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitd...
Alexander Marx [Tue, 26 Nov 2013 12:02:08 +0000 (13:02 +0100)] 
Firewall: fixes commit git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=1ed4b214d785ad0538b0a864f43babccd55475b1

Conflicts:
html/cgi-bin/firewall.cgi

6 years agoFirewall: BUGFIX: RUles.pl did not create LOGGING rules properly.
Alexander Marx [Tue, 26 Nov 2013 10:45:05 +0000 (11:45 +0100)] 
Firewall: BUGFIX: RUles.pl did not create LOGGING rules properly.

6 years agoMerge remote-tracking branch 'earl/tor' into next
Michael Tremer [Wed, 4 Dec 2013 23:00:28 +0000 (00:00 +0100)] 
Merge remote-tracking branch 'earl/tor' into next

6 years agosquid: Update to 3.3.11.
Michael Tremer [Tue, 3 Dec 2013 13:42:30 +0000 (14:42 +0100)] 
squid: Update to 3.3.11.

6 years agostrongswan: Rootfile update.
Michael Tremer [Thu, 24 Oct 2013 17:41:17 +0000 (19:41 +0200)] 
strongswan: Rootfile update.

6 years agocore74: Fix incrementation.
Michael Tremer [Mon, 2 Dec 2013 20:41:12 +0000 (21:41 +0100)] 
core74: Fix incrementation.

6 years agocore74: Ship dnsforward.cgi in update as well.
Michael Tremer [Mon, 2 Dec 2013 20:35:12 +0000 (21:35 +0100)] 
core74: Ship dnsforward.cgi in update as well.

Adds the CGI file on systems which have been installed
with an ISO image where dnsforward.cgi was not included.

6 years agocore74: Add strongswan update.
Michael Tremer [Mon, 2 Dec 2013 19:55:58 +0000 (20:55 +0100)] 
core74: Add strongswan update.

6 years agocore74: Add dnsforward.cgi to ISO.
Michael Tremer [Mon, 2 Dec 2013 19:48:58 +0000 (20:48 +0100)] 
core74: Add dnsforward.cgi to ISO.

Bug #10447.

6 years agocore74: Add updated proxy.cgi.
Michael Tremer [Mon, 2 Dec 2013 19:45:20 +0000 (20:45 +0100)] 
core74: Add updated proxy.cgi.

Reflects the FD changes.

6 years agocore74: Add openvpn.
Michael Tremer [Mon, 2 Dec 2013 19:44:28 +0000 (20:44 +0100)] 
core74: Add openvpn.

This package has been updated before.

6 years agocore74: Add squid.
Michael Tremer [Mon, 2 Dec 2013 19:43:58 +0000 (20:43 +0100)] 
core74: Add squid.

Covers the filedescriptors issues.

6 years agoCreate Core Update 74.
Michael Tremer [Mon, 2 Dec 2013 19:41:25 +0000 (20:41 +0100)] 
Create Core Update 74.

Will automatically increase the transparent proxy port
if it is set to 81.

6 years agoMerge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Arne Fitzenreiter [Sun, 1 Dec 2013 13:09:02 +0000 (14:09 +0100)] 
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen

6 years agorootfile fixes for arm.
Arne Fitzenreiter [Sun, 1 Dec 2013 13:08:08 +0000 (14:08 +0100)] 
rootfile fixes for arm.

6 years agoMerge branch 'next' into fifteen
Arne Fitzenreiter [Sat, 30 Nov 2013 11:45:31 +0000 (12:45 +0100)] 
Merge branch 'next' into fifteen

Conflicts:
doc/language_issues.tr

6 years agoMerge branch 'master' into next
Arne Fitzenreiter [Sat, 30 Nov 2013 11:39:33 +0000 (12:39 +0100)] 
Merge branch 'master' into next

6 years agosamba: update to 3.6.21.
Arne Fitzenreiter [Sat, 30 Nov 2013 11:38:16 +0000 (12:38 +0100)] 
samba: update to 3.6.21.

6 years agokernel: update to 3.10.21.
Arne Fitzenreiter [Fri, 29 Nov 2013 22:37:39 +0000 (23:37 +0100)] 
kernel: update to 3.10.21.

6 years agosquid: Apply patch for properly detect rlimit.
Michael Tremer [Tue, 26 Nov 2013 10:43:11 +0000 (11:43 +0100)] 
squid: Apply patch for properly detect rlimit.

https://bugzilla.ipfire.org/show_bug.cgi?id=10445

6 years agoproxy: Set number of file descriptors much higher.
Michael Tremer [Thu, 21 Nov 2013 20:36:02 +0000 (21:36 +0100)] 
proxy: Set number of file descriptors much higher.

Some users are hitting the 65k limit regularly, so
we set the limit to a much higher number.

6 years agoFirewall: Bugfix: Last rule for outgoing showed wrong color, Bugfix:When using a...
Alexander Marx [Thu, 21 Nov 2013 06:43:53 +0000 (07:43 +0100)] 
Firewall: Bugfix: Last rule for outgoing showed wrong color, Bugfix:When using a rule with sourceport and afterwards editing this rule to use service or servicegroup, there was an errormessage.

6 years agoFirewall: refined dmz-converter. RUles are now converted with defined protocol instea...
Alexander Marx [Wed, 20 Nov 2013 15:01:46 +0000 (16:01 +0100)] 
Firewall: refined dmz-converter. RUles are now converted with defined protocol instead of "all" protocol

6 years agoFirewall: Fixed xtaccess converter. The protocol in the old rules are now converted...
Alexander Marx [Wed, 20 Nov 2013 13:28:42 +0000 (14:28 +0100)] 
Firewall: Fixed xtaccess converter. The protocol in the old rules are now converted correctly

6 years agolinux-pae: rebuild module deps before initrd build.
Arne Fitzenreiter [Thu, 21 Nov 2013 13:14:41 +0000 (14:14 +0100)] 
linux-pae: rebuild module deps before initrd build.

6 years agorootfile updates.
Arne Fitzenreiter [Thu, 21 Nov 2013 12:50:03 +0000 (13:50 +0100)] 
rootfile updates.

6 years agokernel: update to 3.10.20.
Arne Fitzenreiter [Thu, 21 Nov 2013 12:49:15 +0000 (13:49 +0100)] 
kernel: update to 3.10.20.

6 years agotor: update to 0.2.4.18-rc
Jan Paul Tuecking [Thu, 21 Nov 2013 08:28:44 +0000 (09:28 +0100)] 
tor: update to 0.2.4.18-rc

6 years agoremove old openssh updater rootfile.
Arne Fitzenreiter [Thu, 21 Nov 2013 07:10:21 +0000 (08:10 +0100)] 
remove old openssh updater rootfile.

6 years agousbutils: update to 007.
Arne Fitzenreiter [Wed, 20 Nov 2013 23:01:21 +0000 (00:01 +0100)] 
usbutils: update to 007.

6 years agoopenvpn: Update to version 2.3.2
Erik Kapfer [Mon, 28 Oct 2013 17:50:30 +0000 (18:50 +0100)] 
openvpn: Update to version 2.3.2

Fixes #10440

6 years agoMerge branch 'master' into fifteen
Michael Tremer [Wed, 20 Nov 2013 20:43:20 +0000 (21:43 +0100)] 
Merge branch 'master' into fifteen

6 years agoMerge branch 'master' into next
Michael Tremer [Wed, 20 Nov 2013 20:43:02 +0000 (21:43 +0100)] 
Merge branch 'master' into next

6 years agoAdd openssh update to core update 73. core73
Michael Tremer [Wed, 20 Nov 2013 20:28:05 +0000 (21:28 +0100)] 
Add openssh update to core update 73.

6 years agoinstall: create /var/run folder on rootfs.
Arne Fitzenreiter [Wed, 20 Nov 2013 16:15:31 +0000 (17:15 +0100)] 
install: create /var/run folder on rootfs.

6 years agosetup: change persistent network rules for new udev.
Arne Fitzenreiter [Wed, 20 Nov 2013 06:37:51 +0000 (07:37 +0100)] 
setup: change persistent network rules for new udev.

6 years agoudev: disable new netdev names and systemd log prefix.
Arne Fitzenreiter [Wed, 20 Nov 2013 06:37:01 +0000 (07:37 +0100)] 
udev: disable new netdev names and systemd log prefix.

6 years agoinitskripts: updates for new udev.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:36:10 +0000 (23:36 +0100)] 
initskripts: updates for new udev.

6 years agostage2: add /run symlink to /var/run.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:34:00 +0000 (23:34 +0100)] 
stage2: add /run symlink to /var/run.

6 years agodracut: fixes for new udev and missing scsi_wait.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:30:27 +0000 (23:30 +0100)] 
dracut: fixes for new udev and missing scsi_wait.

6 years agoudev: update to 208.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:27:37 +0000 (23:27 +0100)] 
udev: update to 208.

6 years agokmod: replace module-init-tools by kmod-13.
Arne Fitzenreiter [Mon, 18 Nov 2013 18:00:51 +0000 (19:00 +0100)] 
kmod: replace module-init-tools by kmod-13.

newer udev depend on kmod.

6 years agoUpdates for Turkish translation.
Ersan Yildirim [Mon, 18 Nov 2013 10:39:51 +0000 (11:39 +0100)] 
Updates for Turkish translation.

6 years agoutil-linux: update to 2.24.
Arne Fitzenreiter [Sun, 17 Nov 2013 17:51:04 +0000 (18:51 +0100)] 
util-linux: update to 2.24.

this is needed for newer udev versions but need some initskript
changes. The updater and arm rootfile is not finished yet.

6 years agoFirewall: Fixed portfw-converter (rules where not converted correctly) And Standard...
Alexander Marx [Wed, 13 Nov 2013 09:44:42 +0000 (10:44 +0100)] 
Firewall: Fixed portfw-converter (rules where not converted correctly) And Standard network "IPsec RW" now has brackets around the Ip (when set)

6 years agoMerge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Michael Tremer [Thu, 14 Nov 2013 10:41:18 +0000 (11:41 +0100)] 
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen

6 years agoconfigroot: Fix recursively including /var/ipfire/backup.
Michael Tremer [Thu, 14 Nov 2013 10:40:36 +0000 (11:40 +0100)] 
configroot: Fix recursively including /var/ipfire/backup.

This issue has been introduced in a72fac88.

6 years agokernel: update to 3.10.19.
Arne Fitzenreiter [Wed, 13 Nov 2013 13:05:27 +0000 (14:05 +0100)] 
kernel: update to 3.10.19.

6 years agoMerge remote-tracking branch 'origin/next' into fifteen
Arne Fitzenreiter [Wed, 13 Nov 2013 13:05:15 +0000 (14:05 +0100)] 
Merge remote-tracking branch 'origin/next' into fifteen

Conflicts:
lfs/samba
lfs/strongswan

6 years agosamba: update to 3.6.20.
Arne Fitzenreiter [Wed, 13 Nov 2013 12:39:35 +0000 (13:39 +0100)] 
samba: update to 3.6.20.

These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).

6 years agosamba: update to 3.6.20.
Arne Fitzenreiter [Wed, 13 Nov 2013 12:39:35 +0000 (13:39 +0100)] 
samba: update to 3.6.20.

These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).

6 years agoFirewall: new errormessage for maximum number of ports in servicegroups
Alexander Marx [Tue, 12 Nov 2013 15:24:29 +0000 (16:24 +0100)] 
Firewall: new errormessage for maximum number of ports in servicegroups

6 years agoFirewall: appended check of maximum ports per protocol. portranges 100:200 count...
Alexander Marx [Tue, 12 Nov 2013 15:04:55 +0000 (16:04 +0100)] 
Firewall: appended check of maximum ports per protocol. portranges 100:200 count as 2 ports

6 years agoFirewall: The maximum of definable services in a servicegroup is limited to 13 per...
Alexander Marx [Tue, 12 Nov 2013 14:08:58 +0000 (15:08 +0100)] 
Firewall: The maximum of definable services in a servicegroup is limited to 13 per protocol (tcp,udp) because iptables can only handle max 13 services in Multiport

6 years agoFirewall: New feature: Now it is possible to define a custom service with a portrange...
Alexander Marx [Tue, 12 Nov 2013 08:27:16 +0000 (09:27 +0100)] 
Firewall: New feature: Now it is possible to define a custom service with a portrange. When using this service in a rule or in a servciegroup, the rule is applied correctly.

6 years agoFirewall: Bugfix: the routine to check if a vpn net or host was deleted did not work...
Alexander Marx [Mon, 11 Nov 2013 09:23:39 +0000 (10:23 +0100)] 
Firewall: Bugfix: the routine to check if a vpn net or host was deleted did not work as expected. Now it even works when source and target contain a vpn host or net

6 years agoFirewall: fixed colors of target column when using standard networks
Alexander Marx [Sun, 10 Nov 2013 08:28:02 +0000 (09:28 +0100)] 
Firewall: fixed colors of target column when using standard networks

When using RED, OpenVPN-Dyn or IPsec RW as target, the column was not
colored.

6 years agolangs: Fix typo
Erik Kapfer [Sun, 3 Nov 2013 20:29:04 +0000 (21:29 +0100)] 
langs: Fix typo

6 years agostrongswan: Delay sending DPD packets after rekeying.
Michael Tremer [Tue, 12 Nov 2013 23:25:27 +0000 (00:25 +0100)] 
strongswan: Delay sending DPD packets after rekeying.

6 years agoMerge branch 'master' into next
Michael Tremer [Sat, 9 Nov 2013 13:33:16 +0000 (14:33 +0100)] 
Merge branch 'master' into next

6 years agoMerge branch 'master' into fifteen
Michael Tremer [Sat, 9 Nov 2013 13:19:52 +0000 (14:19 +0100)] 
Merge branch 'master' into fifteen

6 years agoopenssh: Update to 6.4p1.
Michael Tremer [Sat, 9 Nov 2013 13:16:52 +0000 (14:16 +0100)] 
openssh: Update to 6.4p1.

Security fix because of
 http://www.openssh.com/txt/gcmrekey.adv

6 years agoShip paxctl with the distribution.
Michael Tremer [Fri, 8 Nov 2013 13:55:23 +0000 (14:55 +0100)] 
Ship paxctl with the distribution.

6 years agoMultiple CGI files: Check if BLUE or ORANGE are actually configured.
Michael Tremer [Sat, 7 Sep 2013 14:38:23 +0000 (16:38 +0200)] 
Multiple CGI files: Check if BLUE or ORANGE are actually configured.

6 years agosquid: Update to 3.3.10 + SSL options fix.
Michael Tremer [Fri, 8 Nov 2013 13:13:30 +0000 (14:13 +0100)] 
squid: Update to 3.3.10 + SSL options fix.

6 years agoFirewall: Fix typo in backup script which stops the conversion of old firewallrules
Alexander Marx [Tue, 5 Nov 2013 12:47:56 +0000 (13:47 +0100)] 
Firewall: Fix typo in backup script which stops the conversion of old firewallrules

6 years agoFirewall: Bugfix: When creating a servcie in firewall-groups and selecting a protocol...
Alexander Marx [Mon, 4 Nov 2013 07:04:44 +0000 (08:04 +0100)] 
Firewall: Bugfix: When creating a servcie in firewall-groups and selecting a protocol other than icmp, the enty in the ruletable shows correct values PLUS the "all icmp-types" under ICMP.
Now the ICMP FIeld is emtpy when selecting another protocol than icmp

6 years agoFirewall: Bugfix: When creating a rule and using brackets in comment, the rule is...
Alexander Marx [Fri, 8 Nov 2013 12:40:24 +0000 (13:40 +0100)] 
Firewall: Bugfix: When creating a rule and using brackets in comment, the rule is denied because of invalid characters in String. But when creating a rule with just valid characters (witjout brackets) and then editing the rule it is possible to use brackets without errormessage.
Now brackets are allowed.

6 years agoFirewall: remove /var/ipfire/portfw as it is not used anymore
Alexander Marx [Mon, 4 Nov 2013 06:31:31 +0000 (07:31 +0100)] 
Firewall: remove /var/ipfire/portfw as it is not used anymore

6 years agofirewall: Don't require to enable the RW server for N2N networks.
Michael Tremer [Fri, 8 Nov 2013 12:38:09 +0000 (13:38 +0100)] 
firewall: Don't require to enable the RW server for N2N networks.

The firewall rules for OpenVPN have not been applied for N2N
connections when the road warrior server was disabled.