ipfire-2.x.git
5 years agoMerge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x into seventeen-geoip
Stefan Schantl [Sat, 14 Feb 2015 11:34:31 +0000 (12:34 +0100)] 
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x into seventeen-geoip

Conflicts:
make.sh

5 years agoLanguage file update.
Stefan Schantl [Thu, 12 Feb 2015 19:10:05 +0000 (20:10 +0100)] 
Language file update.

5 years agoswconfig: supress error on non dtb machines.
Arne Fitzenreiter [Wed, 11 Feb 2015 07:07:49 +0000 (08:07 +0100)] 
swconfig: supress error on non dtb machines.

5 years agokernel: r8169 disable PCIe L23 modes.
Arne Fitzenreiter [Wed, 11 Feb 2015 07:03:57 +0000 (08:03 +0100)] 
kernel: r8169 disable PCIe L23 modes.

5 years agokernel: update to 3.14.32.
Arne Fitzenreiter [Sun, 8 Feb 2015 21:36:02 +0000 (22:36 +0100)] 
kernel: update to 3.14.32.

5 years agofirewall.cgi: Add support for GeoIP locations / GeoIP groups.
Stefan Schantl [Sun, 8 Feb 2015 17:41:44 +0000 (18:41 +0100)] 
firewall.cgi: Add support for GeoIP locations / GeoIP groups.

5 years agogeoip-block.cgi: Use geoip-functions.pl.
Stefan Schantl [Sun, 8 Feb 2015 17:24:51 +0000 (18:24 +0100)] 
geoip-block.cgi: Use geoip-functions.pl.

5 years agogeoip-functions.pl: A collection of functions dealing with GeoIP.
Stefan Schantl [Sun, 8 Feb 2015 17:23:01 +0000 (18:23 +0100)] 
geoip-functions.pl: A collection of functions dealing with GeoIP.

5 years agofwhosts.cgi: Add support for GeoIP groups.
Stefan Schantl [Sun, 8 Feb 2015 12:37:06 +0000 (13:37 +0100)] 
fwhosts.cgi: Add support for GeoIP groups.

5 years agosetup: Better not include the language directories recursively
Michael Tremer [Wed, 4 Feb 2015 18:51:30 +0000 (19:51 +0100)] 
setup: Better not include the language directories recursively

5 years agoinstaller+setup: Rootfile update
Michael Tremer [Wed, 4 Feb 2015 18:49:51 +0000 (19:49 +0100)] 
installer+setup: Rootfile update

5 years agoinstaller+setup: Automatically update language lists
Michael Tremer [Wed, 4 Feb 2015 12:31:36 +0000 (13:31 +0100)] 
installer+setup: Automatically update language lists

5 years agoopenvpn certificate generation: Update openssl config file
Michael Tremer [Wed, 4 Feb 2015 12:21:43 +0000 (13:21 +0100)] 
openvpn certificate generation: Update openssl config file

This was not correctly updated with Core Update 79 because
of the exclude file.

Bug #10741

5 years agokernel: update to 3.14.31.
Arne Fitzenreiter [Tue, 3 Feb 2015 19:43:32 +0000 (20:43 +0100)] 
kernel: update to 3.14.31.

5 years agocore87: serial console update part 2.
root [Mon, 2 Feb 2015 13:38:16 +0000 (14:38 +0100)] 
core87: serial console update part 2.

5 years agocore87: fix stay on serial console at update.
Arne Fitzenreiter [Mon, 2 Feb 2015 09:58:19 +0000 (10:58 +0100)] 
core87: fix stay on serial console at update.

5 years agoinstaller+setup: Update translations
Michael Tremer [Sun, 1 Feb 2015 11:57:05 +0000 (12:57 +0100)] 
installer+setup: Update translations

5 years agoset version to 2.17 core87 rc1.
Arne Fitzenreiter [Fri, 30 Jan 2015 17:13:30 +0000 (18:13 +0100)] 
set version to 2.17 core87 rc1.

5 years agofirmwares: add Banana Pro and Wandboard wlan NVRAM files.
Arne Fitzenreiter [Fri, 30 Jan 2015 17:09:21 +0000 (18:09 +0100)] 
firmwares: add Banana Pro and Wandboard wlan NVRAM files.

5 years agohostapd: undo rename if dual interfaces are not supported.
Arne Fitzenreiter [Fri, 30 Jan 2015 16:39:34 +0000 (17:39 +0100)] 
hostapd: undo rename if dual interfaces are not supported.

5 years agokernel: update banana pi, lamobo-r1 and add banana pro dtb.
Arne Fitzenreiter [Thu, 29 Jan 2015 23:09:00 +0000 (00:09 +0100)] 
kernel: update banana pi, lamobo-r1 and add banana pro dtb.

5 years agocore87: work arround u-boot folder detection bug.
Arne Fitzenreiter [Thu, 29 Jan 2015 18:00:13 +0000 (19:00 +0100)] 
core87: work arround u-boot folder detection bug.

some u-boot version seems only scan the first directory entries for
folders and not find the dtb's if the folder are created to late.

5 years agocore87: remove linux-xen code from updater.
Arne Fitzenreiter [Thu, 29 Jan 2015 07:37:59 +0000 (08:37 +0100)] 
core87: remove linux-xen code from updater.

5 years agocore87: remove old dtb's and backup uEnv.txt at update.
Arne Fitzenreiter [Thu, 29 Jan 2015 07:36:26 +0000 (08:36 +0100)] 
core87: remove old dtb's and backup uEnv.txt at update.

5 years agokernel: update to 3.14.30.
Arne Fitzenreiter [Thu, 29 Jan 2015 06:47:16 +0000 (07:47 +0100)] 
kernel: update to 3.14.30.

5 years agopound addon: upgrade to latest stable 2.7
Dirk Wagner [Wed, 28 Jan 2015 21:02:19 +0000 (22:02 +0100)] 
pound addon: upgrade to latest stable 2.7

5 years agoMerge remote-tracking branch 'ummeegge/fping'
Michael Tremer [Wed, 28 Jan 2015 21:44:45 +0000 (22:44 +0100)] 
Merge remote-tracking branch 'ummeegge/fping'

5 years agoMerge remote-tracking branch 'ummeegge/mtr'
Michael Tremer [Wed, 28 Jan 2015 21:42:28 +0000 (22:42 +0100)] 
Merge remote-tracking branch 'ummeegge/mtr'

5 years agoglibc: Backport hotfixes from RHEL
Michael Tremer [Tue, 27 Jan 2015 21:01:24 +0000 (22:01 +0100)] 
glibc: Backport hotfixes from RHEL

5 years agoadd swconfig for lamobo-r1 switch setup.
Arne Fitzenreiter [Tue, 27 Jan 2015 19:21:17 +0000 (20:21 +0100)] 
add swconfig for lamobo-r1 switch setup.

5 years agokernel: add support for lamobo-r1.
Arne Fitzenreiter [Tue, 27 Jan 2015 18:11:57 +0000 (19:11 +0100)] 
kernel: add support for lamobo-r1.

5 years agoinstaller: Fix selection English as default language
Michael Tremer [Thu, 22 Jan 2015 22:09:43 +0000 (23:09 +0100)] 
installer: Fix selection English as default language

5 years agofirewall: Fix SNAT rules that use a default network as source
Michael Tremer [Thu, 22 Jan 2015 15:06:25 +0000 (16:06 +0100)] 
firewall: Fix SNAT rules that use a default network as source

In the POSTROUTING chain using -i intf0 does not work at all.
We now only use the -s parameter to figure out if the rule applied.
The filter chain still uses -i and -o to match patches not only
by the network address, but also by the incoming/outgoing interface.

5 years agoMerge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Michael Tremer [Wed, 21 Jan 2015 13:24:29 +0000 (14:24 +0100)] 
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x

5 years agoutil-linux: Ship tailf
Michael Tremer [Wed, 21 Jan 2015 13:24:06 +0000 (14:24 +0100)] 
util-linux: Ship tailf

5 years agowlanap.cgi: remove trailing 0 from channellist.
Arne Fitzenreiter [Wed, 21 Jan 2015 13:20:54 +0000 (14:20 +0100)] 
wlanap.cgi: remove trailing 0 from channellist.

5 years agocollectd: sync after cfg update and ramdisk backup.
Arne Fitzenreiter [Wed, 21 Jan 2015 12:19:00 +0000 (13:19 +0100)] 
collectd: sync after cfg update and ramdisk backup.

5 years agocollectd: fix disable swap plugin if no swap exist.
Arne Fitzenreiter [Wed, 21 Jan 2015 12:05:12 +0000 (13:05 +0100)] 
collectd: fix disable swap plugin if no swap exist.

5 years agocore87: remove useless and time/memory consuming backup.
Arne Fitzenreiter [Tue, 20 Jan 2015 21:04:12 +0000 (22:04 +0100)] 
core87: remove useless and time/memory consuming backup.

nearly no user can rollback with this tar.xz because bootloader is changed.

5 years agomodprobe.d: blacklist btmrvl_sdio.
Arne Fitzenreiter [Tue, 20 Jan 2015 08:14:23 +0000 (09:14 +0100)] 
modprobe.d: blacklist btmrvl_sdio.

5 years agobackports: rpi need smsc mac parameter patch too.
Arne Fitzenreiter [Tue, 20 Jan 2015 08:08:39 +0000 (09:08 +0100)] 
backports: rpi need smsc mac parameter patch too.

5 years agokernel: update to 3.14.29.
Arne Fitzenreiter [Mon, 19 Jan 2015 09:50:10 +0000 (10:50 +0100)] 
kernel: update to 3.14.29.

5 years agokernel: arm7-multi: enable RTC_DRV_MV.
Arne Fitzenreiter [Sun, 18 Jan 2015 20:36:16 +0000 (21:36 +0100)] 
kernel: arm7-multi: enable RTC_DRV_MV.

5 years agoleds: add mirabox support.
Arne Fitzenreiter [Sun, 18 Jan 2015 20:32:15 +0000 (21:32 +0100)] 
leds: add mirabox support.

5 years agohostapd: create additional AP device if switch has failed.
Arne Fitzenreiter [Sun, 18 Jan 2015 20:29:53 +0000 (21:29 +0100)] 
hostapd: create additional AP device if switch has failed.

5 years agocore87: don't reset timeserver setting at update.
Arne Fitzenreiter [Wed, 14 Jan 2015 16:40:59 +0000 (17:40 +0100)] 
core87: don't reset timeserver setting at update.

5 years agokernel: arm-multi: compile mvneta ethernet driver into kernel.
Arne Fitzenreiter [Wed, 14 Jan 2015 06:48:14 +0000 (07:48 +0100)] 
kernel: arm-multi: compile mvneta ethernet driver into kernel.

This is needed for mirabox to take over the mac address from bootloader.

5 years agobackports: add smsc95xx mac address parameter patch.
Arne Fitzenreiter [Wed, 14 Jan 2015 06:47:32 +0000 (07:47 +0100)] 
backports: add smsc95xx mac address parameter patch.

5 years agorootfile updates (crda, arm kernel).
Arne Fitzenreiter [Wed, 14 Jan 2015 06:46:53 +0000 (07:46 +0100)] 
rootfile updates (crda, arm kernel).

5 years agofping: Update to version 3.10.
Erik Kapfer [Tue, 13 Jan 2015 15:41:32 +0000 (16:41 +0100)] 
fping: Update to version 3.10.

fix #10718

5 years agomtr: Update to version 0.86.
Erik Kapfer [Tue, 13 Jan 2015 15:34:57 +0000 (16:34 +0100)] 
mtr: Update to version 0.86.

Fix #10717

5 years agostrongswan: Fix for CVE-2014-9221
Michael Tremer [Mon, 12 Jan 2015 12:03:16 +0000 (13:03 +0100)] 
strongswan: Fix for CVE-2014-9221

5 years agokernel: update config files.
Arne Fitzenreiter [Sun, 11 Jan 2015 10:55:25 +0000 (11:55 +0100)] 
kernel: update config files.

5 years agobackports: disable of_graph.
Arne Fitzenreiter [Sat, 10 Jan 2015 23:40:08 +0000 (00:40 +0100)] 
backports: disable of_graph.

5 years agobackports: more module fixes.
Arne Fitzenreiter [Sat, 10 Jan 2015 23:39:35 +0000 (00:39 +0100)] 
backports: more module fixes.

5 years agobackports: fix module kernel config.
Arne Fitzenreiter [Sat, 10 Jan 2015 09:22:21 +0000 (10:22 +0100)] 
backports: fix module kernel config.

5 years agobackports: fix module cflags for arm.
Arne Fitzenreiter [Fri, 9 Jan 2015 22:34:56 +0000 (23:34 +0100)] 
backports: fix module cflags for arm.

5 years agoopenssl: Update to 1.0.1k and 0.9.8zd
Michael Tremer [Thu, 8 Jan 2015 17:28:12 +0000 (18:28 +0100)] 
openssl: Update to 1.0.1k and 0.9.8zd

https://www.openssl.org/news/secadv_20150108.txt

5 years agowlanap.cgi: add country code 00;
Arne Fitzenreiter [Sun, 4 Jan 2015 21:11:44 +0000 (22:11 +0100)] 
wlanap.cgi: add country code 00;

regdump not display this anymore.

5 years agohostapd/wpa_supplicant: update to 2.3.
Arne Fitzenreiter [Sun, 4 Jan 2015 19:26:59 +0000 (20:26 +0100)] 
hostapd/wpa_supplicant: update to 2.3.

5 years agohostapd: change default channel to 6.
Arne Fitzenreiter [Sun, 4 Jan 2015 19:17:26 +0000 (20:17 +0100)] 
hostapd: change default channel to 6.

5 years agoflashimages: increase root size.
Arne Fitzenreiter [Sun, 4 Jan 2015 17:42:02 +0000 (18:42 +0100)] 
flashimages: increase root size.

arm images not fit in 700MB anymore.

5 years agowireless-regdb: update to 2014.11.18.
Arne Fitzenreiter [Sun, 4 Jan 2015 17:21:06 +0000 (18:21 +0100)] 
wireless-regdb: update to 2014.11.18.

5 years agocrda: update 3.13.
Arne Fitzenreiter [Sun, 4 Jan 2015 17:20:08 +0000 (18:20 +0100)] 
crda: update 3.13.

5 years agogeoip-block.cgi: Requires firewall-lib.pl.
Stefan Schantl [Sun, 4 Jan 2015 13:07:06 +0000 (14:07 +0100)] 
geoip-block.cgi: Requires firewall-lib.pl.

5 years agoLanguage file update.
Stefan Schantl [Sun, 4 Jan 2015 12:52:29 +0000 (13:52 +0100)] 
Language file update.

5 years agoAdd "GeoIP Block" to firewall menu.
Stefan Schantl [Sun, 4 Jan 2015 12:51:28 +0000 (13:51 +0100)] 
Add "GeoIP Block" to firewall menu.

5 years agoAutomatically download and update GeoIP Databases.
Stefan Schantl [Sun, 4 Jan 2015 12:40:34 +0000 (13:40 +0100)] 
Automatically download and update GeoIP Databases.

5 years agolfs/stage2: Add directory for geoip databases.
Stefan Schantl [Sun, 4 Jan 2015 12:36:06 +0000 (13:36 +0100)] 
lfs/stage2: Add directory for geoip databases.

5 years agoRootfile update.
Stefan Schantl [Sun, 4 Jan 2015 07:23:53 +0000 (08:23 +0100)] 
Rootfile update.

5 years agofirewall: Add support for geoipblock to rules.pl.
Stefan Schantl [Sun, 4 Jan 2015 00:05:45 +0000 (01:05 +0100)] 
firewall: Add support for geoipblock to rules.pl.

5 years agoMove "sub get_geoip_locations" to firewall-lib.
Stefan Schantl [Sun, 4 Jan 2015 00:03:21 +0000 (01:03 +0100)] 
Move "sub get_geoip_locations" to firewall-lib.

5 years agoAdd "GEOIPBLOCK" chains to firewall initscript.
Stefan Schantl [Sat, 3 Jan 2015 23:57:23 +0000 (00:57 +0100)] 
Add "GEOIPBLOCK" chains to firewall initscript.

5 years agoAdd default config file for geoipblock.
Stefan Schantl [Sat, 3 Jan 2015 23:56:00 +0000 (00:56 +0100)] 
Add default config file for geoipblock.

5 years agoAdd xt_geoip_update script.
Stefan Schantl [Sat, 3 Jan 2015 23:55:17 +0000 (00:55 +0100)] 
Add xt_geoip_update script.

This script will download the latest available geoip database, convert
it into a compatible binary format and move it to the correct destination.

5 years agoxt_geoip_build: Script to convert GeoIP CSV into compatible binary databases.
Stefan Schantl [Sat, 3 Jan 2015 23:54:46 +0000 (00:54 +0100)] 
xt_geoip_build: Script to convert GeoIP CSV into compatible binary databases.

This is a cleaned up version of the original build script shipped by the
xtables-addons source code.

The following abilities have been removed:
* IPv6 support
* Big Endian

5 years agoheader.pl: Increase maximum allowed size of hashes.
Stefan Schantl [Sat, 3 Jan 2015 19:22:05 +0000 (20:22 +0100)] 
header.pl: Increase maximum allowed size of hashes.

The "getcgihash" function only allowed hashes with a maximum size of 512kb, which
was to small for the new geoip-block.cgi. As a result of this some form data
were cut-off and couldn't be processed correctly.

5 years agoLanguage file update for geoip blocking.
Stefan Schantl [Sat, 3 Jan 2015 19:20:45 +0000 (20:20 +0100)] 
Language file update for geoip blocking.

5 years agogeoip-block.cgi: New CGI for managing geoip blocking.
Stefan Schantl [Sat, 3 Jan 2015 19:20:10 +0000 (20:20 +0100)] 
geoip-block.cgi: New CGI for managing geoip blocking.

5 years agogeneral-functions.pl: Add function to get full country name.
Stefan Schantl [Sat, 3 Jan 2015 19:15:28 +0000 (20:15 +0100)] 
general-functions.pl: Add function to get full country name.

This function will return the full name a country specified by
it's country shortcut. It also will provide some additional names
which are not handled by the perl locale module but are parts of
ISO 3166.

5 years agobackports: rebuild all usb net modules with backports.
Arne Fitzenreiter [Sat, 3 Jan 2015 14:47:38 +0000 (15:47 +0100)] 
backports: rebuild all usb net modules with backports.

fix missing modules eg. with asix usb adapters.

5 years agoxtables-addons: New package.
Stefan Schantl [Sat, 3 Jan 2015 13:07:49 +0000 (14:07 +0100)] 
xtables-addons: New package.

The xtables-addons package provides many additional filter modules for iptables.
Currently we are only building the "geoip" module which can be used to create
firewall rules which will do actions based on the country membership of the senders/targets
address.

In order to build the required kernel modules I had to change build order for
several packages as well.

5 years agoperl-Text-CSV_XS: New package.
Stefan Schantl [Sat, 3 Jan 2015 13:03:20 +0000 (14:03 +0100)] 
perl-Text-CSV_XS: New package.

This perl module is required to convert the provided geoip databases in CSV format into
a useable binary format for the geoip module.

5 years agoperl-Locale-Country: Update country codes to version 3.33.
Stefan Schantl [Sat, 3 Jan 2015 13:01:43 +0000 (14:01 +0100)] 
perl-Locale-Country: Update country codes to version 3.33.

5 years agocore86: remove not changed firmwares from updater.
Arne Fitzenreiter [Fri, 2 Jan 2015 18:46:28 +0000 (19:46 +0100)] 
core86: remove not changed firmwares from updater.

This save 20MB updater size.

5 years agoShip bash with Core Update 86 again
Michael Tremer [Fri, 2 Jan 2015 13:44:55 +0000 (14:44 +0100)] 
Ship bash with Core Update 86 again

It seems that some systems installed some pre-versions
of the distribution which came with an outdated version
of bash. Since this update uses some scripts that use
bash-4-isms, we ship the shell once again.

An other reason is that there have been security fixes
in the shell which should be fixed on all systems.

5 years agoMerge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Michael Tremer [Fri, 2 Jan 2015 13:44:37 +0000 (14:44 +0100)] 
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x

5 years agoMerge branch 'master' of git.ipfire.org:/pub/git/ipfire-2.x
Arne Fitzenreiter [Fri, 2 Jan 2015 13:42:30 +0000 (14:42 +0100)] 
Merge branch 'master' of git.ipfire.org:/pub/git/ipfire-2.x

5 years agoinstaller: Fix crash with small screen resolutions
Michael Tremer [Fri, 2 Jan 2015 13:41:33 +0000 (14:41 +0100)] 
installer: Fix crash with small screen resolutions

The installer is showing a help line at the bottom of the
screen which is in some languages rather long. If it is
longer than the width of the screen, the installer used to
crash which is now fixed in this patch.

5 years agoAdd firewall changes to Core Update 86
Michael Tremer [Fri, 2 Jan 2015 11:27:47 +0000 (12:27 +0100)] 
Add firewall changes to Core Update 86

5 years agofirewall: Fix off-by-one error in configuration parser
Michael Tremer [Fri, 2 Jan 2015 11:20:50 +0000 (12:20 +0100)] 
firewall: Fix off-by-one error in configuration parser

The configuration parser determines how many comma-separated
values there are in a line. If new values are added we need
to check first if those are set in every line to avoid any
undefined behaviour. A wrong comparison parameter was used
which caused that the limit feature was never enabled in
the rule generation.

5 years agoMerge branch 'master' of git.ipfire.org:/pub/git/ipfire-2.x
Arne Fitzenreiter [Fri, 2 Jan 2015 10:29:57 +0000 (11:29 +0100)] 
Merge branch 'master' of git.ipfire.org:/pub/git/ipfire-2.x

5 years agocore86: add updated kbd (new console fonts).
Arne Fitzenreiter [Fri, 2 Jan 2015 10:29:00 +0000 (11:29 +0100)] 
core86: add updated kbd (new console fonts).

5 years agoMerge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x
Michael Tremer [Fri, 2 Jan 2015 09:22:42 +0000 (10:22 +0100)] 
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x

5 years agoBUG10693: Fix wrong monthnumber in PDF Bill
Alexander Marx [Fri, 2 Jan 2015 06:46:21 +0000 (07:46 +0100)] 
BUG10693: Fix wrong monthnumber in PDF Bill

5 years agodvb-firmwares: update to 20141125.
Arne Fitzenreiter [Thu, 1 Jan 2015 23:49:34 +0000 (00:49 +0100)] 
dvb-firmwares: update to 20141125.

5 years agolinux-firmware: update to 78535e8.
Arne Fitzenreiter [Thu, 1 Jan 2015 23:48:33 +0000 (00:48 +0100)] 
linux-firmware: update to 78535e8.

5 years agoupdate-bootloader: Search for /boot first and then /
Michael Tremer [Thu, 1 Jan 2015 15:36:51 +0000 (16:36 +0100)] 
update-bootloader: Search for /boot first and then /

The bootloader is usually installed on the /boot partition
if that exists. Some installations may mount / from a different
device, so we make sure to update the bootloader on the
right device.

5 years agokernel: add backports 3.18.1-1.
Arne Fitzenreiter [Wed, 31 Dec 2014 07:48:56 +0000 (08:48 +0100)] 
kernel: add backports 3.18.1-1.

5 years agotmux: Add missing dependency of libevent2
Erik Kapfer [Sat, 6 Dec 2014 11:48:18 +0000 (12:48 +0100)] 
tmux: Add missing dependency of libevent2

Fix #10695