Jonatan Schlag [Sun, 28 Aug 2016 17:59:19 +0000 (19:59 +0200)] 
Update libvirt to 2.1
This is the update of libvirt to the latest version 2.1.
The most important change from a packager view is the new virtlogd
daemon.
This daemon handles the qemu output and wrote it to log files.
The require some changes:
- A new init script to start, stop restart the daemon called virtlogd.
The daemon is restart with SIGUSR1 (this is important because the daemon
keeps all pipelines etc. open).
This introduces a problem with the uninstall.sh install.sh script.
It is not possible to stop the daemon while virtual machines are
running, so the script update.sh execute from now not uninstall.sh and
install.sh instead it contains all steps from uninstall.sh install.sh
expect the start / stop routine for virtlogd. The daemon is just
restarted after the update, which makes sure that all changes take
effect.
- new symlinks in the uninstall.sh and install.sh script and some root
file changes because of the new virtlogd init script.
- the archive format changes from tar.gz to tar.xz
For Changelogs see:
https://libvirt.org/news-2015.html
https://libvirt.org/news.html (2017 and later:
https://libvirt.org/news-2016.html )
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 31 Aug 2016 21:40:16 +0000 (22:40 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Matthias Fischer [Wed, 17 Aug 2016 16:30:02 +0000 (18:30 +0200)] 
dnsmasq 2.76: latest patches (015-016)
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Tue, 23 Aug 2016 16:30:03 +0000 (18:30 +0200)]
gnupg: Update to 1.4.21
Second try:
Update from 1.4.18 to 1.4.21, based on current 'next'.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Tue, 23 Aug 2016 16:32:54 +0000 (18:32 +0200)]
nano: Update to 2.6.3
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Mon, 22 Aug 2016 05:26:37 +0000 (07:26 +0200)] 
Merge branch 'core104' into next
Matthias Fischer [Sat, 20 Aug 2016 21:51:20 +0000 (23:51 +0200)]
smartmontools: Update to 6.5
For details, see:
https://www.smartmontools.org/browser/tags/RELEASE_6_5/smartmontools/NEWS
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 20 Aug 2016 10:39:17 +0000 (12:39 +0200)]
libgpg-error: Update to 1.24
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 20 Aug 2016 10:33:55 +0000 (12:33 +0200)]
libgcrypt: Update to 1.7.3
Fixes CVE-2016-6313
For details, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
https://bugzilla.redhat.com/show_bug.cgi?id=
1366105
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 20 Aug 2016 10:20:10 +0000 (12:20 +0200)]
libassuan: Update to 2.4.3
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Fri, 19 Aug 2016 22:15:55 +0000 (00:15 +0200)]
squid: Update to 3.5.20 with latest patches (14067-14075)
For details, see:
http://www.squid-cache.org/Versions/v3/3.5/changesets/
Since there were problems with "trailing white spaces" I started a new 'squid_3'
branch from scratch, based on current 'next'.
I hope this is what is needed and that it helps.
This one was built without errors and is running here without seen problems.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sun, 21 Aug 2016 20:40:12 +0000 (22:40 +0200)]
kernel: fix grsecurity patch.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sun, 21 Aug 2016 15:56:47 +0000 (17:56 +0200)]
kernel: update to 3.14.77
fix performance issue with tcp ack security fix.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 18 Aug 2016 20:35:43 +0000 (22:35 +0200)]
kernel: update arm-multi grsec compile fix patch
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Wed, 17 Aug 2016 18:37:07 +0000 (20:37 +0200)]
kernel: add hyper-v: mark tsc unstable patch
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Wed, 17 Aug 2016 17:52:09 +0000 (19:52 +0200)]
kernel: update to 3.14.76
this kernel has important tcp and ext4 fixes.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Wed, 17 Aug 2016 17:51:01 +0000 (19:51 +0200)]
Merge branch 'core104' into next
Jonatan Schlag [Sun, 14 Aug 2016 09:25:01 +0000 (11:25 +0200)]
Libvirt: load vhost_net before libvirtd start.
If the kernel module vhot_net is loaded, the performance of virtio
networking is better then without vhost_net.
So the module is loaded before libvirtd ist started to get the benefit
of vhost_net.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 14 Aug 2016 09:10:36 +0000 (11:10 +0200)]
Libvirt: fix configuration options
Adds a missed - to -without-dbus and -with-interface.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 14 Aug 2016 08:55:38 +0000 (10:55 +0200)]
Libvirt: enable storage-fs
Fixes: 11154
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 14 Aug 2016 09:25:01 +0000 (11:25 +0200)]
Libvirt: load vhost_net before libvirtd start.
If the kernel module vhot_net is loaded, the performance of virtio
networking is better then without vhost_net.
So the module is loaded before libvirtd ist started to get the benefit
of vhost_net.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 14 Aug 2016 09:10:36 +0000 (11:10 +0200)]
Libvirt: fix configuration options
Adds a missed - to -without-dbus and -with-interface.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 14 Aug 2016 08:55:38 +0000 (10:55 +0200)]
Libvirt: enable storage-fs
Fixes: 11154
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sun, 7 Aug 2016 15:08:44 +0000 (17:08 +0200)]
core104: revert adding customservices.
simply adding may use id's twice if the user has
added other services so we don't update this files.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Matthias Fischer [Sun, 7 Aug 2016 11:09:39 +0000 (13:09 +0200)]
dnsmasq 2.76: latest patches (013-014)
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sun, 7 Aug 2016 13:29:44 +0000 (15:29 +0200)]
Add new package libusbredir
This package adds support for the use redirection of spice.
It is now possible to attach USB devices of the host where the spice
client run to the virtual machine.
The binary is not needed for this functionality and that's why they is
not shipped with the package
This feature is also enabled in qemu.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Sat, 6 Aug 2016 10:21:42 +0000 (12:21 +0200)]
set version to core104
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Sat, 6 Aug 2016 10:11:46 +0000 (12:11 +0200)]
Merge remote-tracking branch 'origin/master' into next
Arne Fitzenreiter [Sat, 6 Aug 2016 10:09:44 +0000 (12:09 +0200)]
core104: add changed files
customservices and openssh.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Jonatan Schlag [Wed, 3 Aug 2016 07:47:13 +0000 (09:47 +0200)]
Libvirt: Remove delay from start command in install.sh
Fixes: #11152
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Sat, 23 Jul 2016 21:03:14 +0000 (23:03 +0200)]
dnsmasq 2.76: latest patches from upstream (010-012)
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Tue, 2 Aug 2016 12:01:05 +0000 (14:01 +0200)]
Libvirt: Add backup
The directory /etc/libvirt is backed up on uninstallation and is
restored on installation.
Alle Files in /var are commented in the rootfile so they are not
removed on uninstallation.
Because of the fact that the directories are not shipped with the
package they were created at installation time.
The permissions of 3 directories are changed because the qemu user is
nobody and the qemu group is kvm, so the permissions must be nobody:kvm
Fixes: #11151
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 2 Aug 2016 15:06:35 +0000 (16:06 +0100)]
openssh: Update to 7.3p1
Includes various security fixes:
* sshd(8): Mitigate a potential denial-of-service attack against
the system's crypt(3) function via sshd(8). An attacker could
send very long passwords that would cause excessive CPU use in
crypt(3). sshd(8) now refuses to accept password authentication
requests of length greater than 1024 characters. Independently
reported by Tomas Kuthan (Oracle), Andres Rojas and Javier Nieto.
* sshd(8): Mitigate timing differences in password authentication
that could be used to discern valid from invalid account names
when long passwords were sent and particular password hashing
algorithms are in use on the server. CVE-2016-6210, reported by
EddieEzra.Harari at verint.com
* ssh(1), sshd(8): Fix observable timing weakness in the CBC padding
oracle countermeasures. Reported by Jean Paul Degabriele, Kenny
Paterson, Torben Hansen and Martin Albrecht. Note that CBC ciphers
are disabled by default and only included for legacy compatibility.
* ssh(1), sshd(8): Improve operation ordering of MAC verification for
Encrypt-then-MAC (EtM) mode transport MAC algorithms to verify the
MAC before decrypting any ciphertext. This removes the possibility
of timing differences leaking facts about the plaintext, though no
such leakage has been observed. Reported by Jean Paul Degabriele,
Kenny Paterson, Torben Hansen and Martin Albrecht.
* sshd(8): (portable only) Ignore PAM environment vars when
UseLogin=yes. If PAM is configured to read user-specified
environment variables and UseLogin=yes in sshd_config, then a
hostile local user may attack /bin/login via LD_PRELOAD or
similar environment variables set via PAM. CVE-2015-8325,
found by Shayan Sadigh.
Fixes: #11160
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 2 Aug 2016 11:43:01 +0000 (12:43 +0100)]
Improve wording of the Guardian translations
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 2 Aug 2016 11:18:45 +0000 (12:18 +0100)]
Update translation
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 2 Aug 2016 11:18:29 +0000 (12:18 +0100)]
Merge remote-tracking branch 'stevee/guardian-2.0' into next
Matthias Fischer [Sun, 31 Jul 2016 17:43:26 +0000 (19:43 +0200)]
htop: Update to 2.0.2
For details, see:
http://hisham.hm/htop/index.php?page=downloads
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Sat, 30 Jul 2016 09:31:08 +0000 (11:31 +0200)] 
guardian: Update to the tagged release version.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Arne Fitzenreiter [Fri, 29 Jul 2016 16:58:56 +0000 (18:58 +0200)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Fri, 29 Jul 2016 16:57:49 +0000 (18:57 +0200)]
core104: ship screen
old binary is linked against libshadow.0*
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Stefan Schantl [Fri, 29 Jul 2016 13:40:30 +0000 (15:40 +0200)]
Core 104: Add for guardian changed files to core update.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Jul 2016 11:29:13 +0000 (13:29 +0200)]
initscripts: Drop guardian related code from snort initscript.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Jul 2016 11:25:28 +0000 (13:25 +0200)]
ids.cgi: Drop guardian related code.
Guardian competely will be managed by it's own CGI.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Jul 2016 11:21:08 +0000 (13:21 +0200)]
guardian-legacy: Drop old guardian related files.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Jul 2016 11:16:11 +0000 (13:16 +0200)]
guardian.cgi: Fix path to snort alert file.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Matthias Fischer [Tue, 19 Jul 2016 18:17:11 +0000 (20:17 +0200)]
log.dat: Added entry for 'guardian'
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 4 Jul 2016 09:49:39 +0000 (11:49 +0200)]
guardian: Update to 2.0.
Update guardian to the re-written version.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 13 Jul 2016 07:37:30 +0000 (09:37 +0200)]
guardian.cgi: Prevent from using "syslog" and "debug".
When using syslog as log facility and debug as log mode,
syslog does not log anything.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 2 Jul 2016 08:21:52 +0000 (10:21 +0200)]
guardian.cgi: Also generate ignore file when building the configuration.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 29 Jun 2016 07:39:39 +0000 (09:39 +0200)]
Language file update.
Add guardian related strings to the german language file.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Thu, 18 Feb 2016 17:17:24 +0000 (18:17 +0100)]
perl-Net-IP: New package
The perl-Net-IP module provides various methods for validating
and calculating IP-addresses (both IP protocols supported) and
is a runtime dependency of guardian 2.0.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 7 Oct 2014 17:24:11 +0000 (19:24 +0200)]
perl-common-sense: New package.
This is a runtime dependency for perl-inotify2.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 7 Oct 2014 17:25:11 +0000 (19:25 +0200)]
perl-inotify2: New package.
This module contains inotify bindings for perl, used by the extendend guardian.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 27 Jun 2016 10:54:44 +0000 (12:54 +0200)]
Language file update.
Add new guardian related strings.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 27 Jun 2016 10:52:39 +0000 (12:52 +0200)]
guardian.cgi: Show/Hide options using Java Script.
The options for configuring the log file location and
snort alert priority level now dynamically will be
displayed or hidden if the desired options or feature
is not used.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Thu, 23 Jun 2016 13:54:19 +0000 (15:54 +0200)]
guardian.cgi: Add support for selecting the used firewall action.
This will allow to choose between DROP and REJECT if guardian blocks an
attackers address.
Fixes #10xxx.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 21 Jun 2016 08:05:01 +0000 (10:05 +0200)]
guardian.cgi: Use new feature of ignore file inclusion.
Add support and usage of the recently introduced feature of
including other files in the ignore file to add
the red related IP-addresses to the ignore list on IPFire
systems.
Also use reload-ignore-list feature instead of reloading the
whole configuration on ignore list modifications.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Apr 2016 09:54:53 +0000 (11:54 +0200)]
guardian.cgi: Create config and ignore file if they does not exist.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Apr 2016 09:06:40 +0000 (11:06 +0200)]
guardian.cgi: Prevent from blocking the used DNS servers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Apr 2016 09:06:06 +0000 (11:06 +0200)]
guardian.cgi: Use private subfunction for gateway and DNS server detection.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Apr 2016 08:55:32 +0000 (10:55 +0200)]
guardian.cgi: Add function to generate the guardian.ignore file.
This function is responsible for collecting all required data,
like the green, blue, orange (if the interfaces are available),
red, gateway and used DNS server IP-addresses.
It will add als these addresses and the configured and enabled
user-defined ignored addresses/networks to the ignore file of
guardian to prevent from blocking any of them.
Note:
The IPFire and RED inteface related addresses also will be added
to the ignore file, even if there is no user-defined entry in the
list.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Fri, 29 Apr 2016 07:09:25 +0000 (09:09 +0200)]
guardian.cgi: Use ignored config file.
The CGI now uses an own ignored configuration file for
storing host addresses and/or subnets which should be
ignored by guardian.
This allows to add remarks for them and to enable or disable
each entry individally at any time.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Thu, 25 Feb 2016 10:22:19 +0000 (11:22 +0100)]
guardian.cgi: Use "getipstat" binary.
Rework the GetBlockedHosts() to use the "getipstat" binary
instead of the not longer available "guardianctrl" binary.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 24 Feb 2016 11:41:12 +0000 (12:41 +0100)]
guardian.cgi: Send commands through socket connection.
The guardianctrl binary does not longer exists, use
the Guardian::Socket module to send various commands
by using the provided socket client.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 24 Feb 2016 11:12:11 +0000 (12:12 +0100)]
guardian.cgi: Adjust code for generating the config file.
The config file format and values have been changed, so the
code to do the generation has to be adjusted.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 24 Feb 2016 08:27:10 +0000 (09:27 +0100)]
guardian.cgi: Drop option for configure the path to the snort alertfile.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 24 Feb 2016 08:19:39 +0000 (09:19 +0100)]
guardian.cgi: Rename hash keys for enabled modules.
Rename the hash key names of enabled parser modules,
(services which should be monitored by guardian) to
keep the same name sheme than in the guardian config
file.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Wed, 24 Feb 2016 07:59:42 +0000 (08:59 +0100)]
guardian.cgi: Adjust CGI to use Locale::Codes::Country.
The module has been renamed some time ago.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 28 Feb 2015 11:33:12 +0000 (12:33 +0100)]
guardian.cgi: Disable debugging.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Matthias Fischer [Sat, 28 Feb 2015 10:57:33 +0000 (11:57 +0100)] 
guardian.cgi: Suppress warnings for ${Header::colourgreen} variable.
Reference #10748.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Matthias Fischer [Sat, 28 Feb 2015 10:54:58 +0000 (11:54 +0100)]
guardian.cgi: Fix unititalized value "GUARDIAN_ENABLE_OWNCLOUD".
When the owncloud addon is not installed, this value was not
initialized correctly.
Reference #10748.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Matthias Fischer [Sat, 28 Feb 2015 10:52:33 +0000 (11:52 +0100)]
guardian.cgi: Use variable $pid instead of array element.
This will prevent from a lot of perl suggestions in the
apache error log.
Reference #10748.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 24 Jan 2015 17:41:37 +0000 (18:41 +0100)]
guardian.cgi: Fix path to meta-owncloud.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 17 Jan 2015 09:15:12 +0000 (10:15 +0100)]
guardian.cgi: Add configure options for owncloud.
The related options only will be displayed when the owncloud addon
has been installed.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 1 Nov 2014 12:42:53 +0000 (13:42 +0100)]
guardian.cgi: Allways read-in settings.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 28 Oct 2014 20:53:27 +0000 (21:53 +0100)]
guardian.cgi: Some more input validation.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 27 Oct 2014 20:12:03 +0000 (21:12 +0100)]
guardian.cgi: Correct indentation when writing out the config file.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 27 Oct 2014 20:06:58 +0000 (21:06 +0100)]
guardian.cgi: Add dropdown for PriorityLevel selection.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 27 Oct 2014 19:16:42 +0000 (20:16 +0100)]
guardian.cgi: Fix and improve input validation.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 21 Oct 2014 19:55:07 +0000 (21:55 +0200)]
guardian.cgi: Reload guardian if config or the ignorelist changes.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 19 Oct 2014 17:58:45 +0000 (19:58 +0200)]
guardian.cgi: Add option to configure the BlockCount.
Some small code fixes.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 19 Oct 2014 14:46:38 +0000 (16:46 +0200)]
guardian.cgi: Accidently hardcoded some descriptions.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 19 Oct 2014 14:43:32 +0000 (16:43 +0200)]
guardian.cgi: Add dropdown to select the used loglevel.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 19 Oct 2014 12:01:48 +0000 (14:01 +0200)]
guardian.cgi: Remove code for options which have been dropped from guardian.
Guardian does not longer require the information for the red interface from
the configfile.
Guardian does not longer support a targetfile.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 19 Oct 2014 11:57:30 +0000 (13:57 +0200)]
guardian.cgi: Add options to enable/disable some built-in functions from guardian.
This commit allows to enable or disable the monitoring of the snort alertfile
and to switch off the blocking of SSH and HTTPD Brute-force attempts.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 9 Aug 2014 08:35:32 +0000 (10:35 +0200)]
guardian.cgi: Remove code for Blockinterfaces.
We don't need this code anymore because we dropped interface support
from guardian.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sat, 5 Jul 2014 13:09:50 +0000 (15:09 +0200)]
guardian.cgi: Connect subboxes with input elements to the main boxes.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Mon, 30 Jun 2014 15:59:28 +0000 (17:59 +0200)]
guardian.cgi: Sort blocked IP addresses.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 8 Jun 2014 10:47:58 +0000 (12:47 +0200)]
guardian.cgi: Add hyperlink to ipinfo page for blocked hosts.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Tue, 3 Jun 2014 20:36:32 +0000 (22:36 +0200)]
guardian.cgi: Autodetect the used interface for red.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Stefan Schantl [Sun, 1 Jun 2014 15:24:23 +0000 (17:24 +0200)]
guardian.cgi: New page to configure and interact with guardian.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Michael Tremer [Thu, 28 Jul 2016 09:46:21 +0000 (10:46 +0100)]
nginx: Update to 1.8.1
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Arne Fitzenreiter [Fri, 29 Jul 2016 05:18:37 +0000 (07:18 +0200)]
kernel: update arm buildfix patch
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 28 Jul 2016 16:12:13 +0000 (18:12 +0200)]
core104: add kernel to updater
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 28 Jul 2016 16:01:32 +0000 (18:01 +0200)]
kernel: update to 3.14.74
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Arne Fitzenreiter [Thu, 28 Jul 2016 16:00:50 +0000 (18:00 +0200)]
backports: add upstream driver fixes.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Alexander Marx [Tue, 26 Jul 2016 12:40:45 +0000 (14:40 +0200)] 
Firewall: Add Services SSMTP and submission
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Fri, 22 Jul 2016 20:23:24 +0000 (22:23 +0200)]
nano 2.6.1: fix in rootfile
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 20 Jul 2016 15:49:11 +0000 (16:49 +0100)]
core104: Include recent changes
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Alf Høgemark [Thu, 14 Jul 2016 11:14:55 +0000 (13:14 +0200)] 
Change case of the unit "bit" from "Bit" to "bit" in web UI
The correct case for "kilobit" is "kilobit", not "kiloBit".
And the same applies for Mbit, Gbit etc.
Reference is https://en.wikipedia.org/wiki/Kilobit
This commit changes the texts used in the web UI, so
that it correctly displays as "bit", "kbit", "Mbit" etc.
This fixes bugzilla item 10918.
Signed-off-by: Alf Høgemark <alf@i100.no>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-2.x.git / log
