network.git
2 weeks agoman: Make syntax format more similar across files master
Michael Tremer [Mon, 1 Apr 2019 17:49:01 +0000 (19:49 +0200)]
man: Make syntax format more similar across files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Fix authorship warnings
Michael Tremer [Mon, 1 Apr 2019 10:47:02 +0000 (12:47 +0200)]
man: Fix authorship warnings

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Do not generate HTML documentation in normal build
Michael Tremer [Mon, 1 Apr 2019 10:45:55 +0000 (12:45 +0200)]
man: Do not generate HTML documentation in normal build

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoMakefile: Add target to upload HTML man pages
Michael Tremer [Mon, 1 Apr 2019 10:31:53 +0000 (12:31 +0200)]
Makefile: Add target to upload HTML man pages

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: network-route-static: Fix name
Michael Tremer [Sun, 31 Mar 2019 18:17:09 +0000 (20:17 +0200)]
man: network-route-static: Fix name

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Include include files in tarball
Michael Tremer [Sun, 31 Mar 2019 18:14:34 +0000 (20:14 +0200)]
man: Include include files in tarball

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Make distcheck happy
Michael Tremer [Sun, 31 Mar 2019 18:08:00 +0000 (20:08 +0200)]
man: Make distcheck happy

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Cleanup XML files
Michael Tremer [Sun, 31 Mar 2019 18:01:00 +0000 (20:01 +0200)]
man: Cleanup XML files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone-wireless(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 15:53:20 +0000 (17:53 +0200)]
man: Convert network-zone-wireless(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone-pppoe(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 15:42:10 +0000 (17:42 +0200)]
man: Convert network-zone-pppoe(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone-modem(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 15:34:10 +0000 (17:34 +0200)]
man: Convert network-zone-modem(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone-ip-tunnel(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 15:23:07 +0000 (17:23 +0200)]
man: Convert network-zone-ip-tunnel(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone-config-pppoe-server(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 15:15:50 +0000 (17:15 +0200)]
man: Convert network-zone-config-pppoe-server(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone-bridge(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 14:59:10 +0000 (16:59 +0200)]
man: Convert network-zone-bridge(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 weeks agoman: Convert network-zone(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 14:46:07 +0000 (16:46 +0200)]
man: Convert network-zone(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-vpn-security-policies(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 14:30:26 +0000 (16:30 +0200)]
man: Convert network-vpn-security-policies(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-vpn(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 13:59:21 +0000 (15:59 +0200)]
man: Convert network-vpn(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-settings(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 13:47:14 +0000 (15:47 +0200)]
man: Convert network-settings(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-route-static(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 13:34:19 +0000 (15:34 +0200)]
man: Convert network-route-static(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks ago.gitignore: Ignore DS_Store
Michael Tremer [Sun, 31 Mar 2019 13:10:49 +0000 (15:10 +0200)]
.gitignore: Ignore DS_Store

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-route(8) to asciidoc
Michael Tremer [Sun, 31 Mar 2019 13:08:46 +0000 (15:08 +0200)]
man: Convert network-route(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Fix page headers
Michael Tremer [Sun, 30 Sep 2018 20:55:51 +0000 (22:55 +0200)]
man: Fix page headers

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Drop old network-color(8) man page
Michael Tremer [Sun, 30 Sep 2018 20:54:02 +0000 (22:54 +0200)]
man: Drop old network-color(8) man page

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Use include for color commands
Michael Tremer [Sun, 30 Sep 2018 20:53:20 +0000 (22:53 +0200)]
man: Use include for color commands

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Converting network-quick-start(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 20:40:35 +0000 (22:40 +0200)]
man: Converting network-quick-start(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-port(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 20:27:40 +0000 (22:27 +0200)]
man: Convert network-port(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-performance-tuning(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 20:04:08 +0000 (22:04 +0200)]
man: Convert network-performance-tuning(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-dns-server(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 19:59:01 +0000 (21:59 +0200)]
man: Convert network-dns-server(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-dhcp(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 19:46:49 +0000 (21:46 +0200)]
man: Convert network-dhcp(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-device(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 19:40:53 +0000 (21:40 +0200)]
man: Convert network-device(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-description(8) to asciidoc
Michael Tremer [Sun, 30 Sep 2018 19:24:48 +0000 (21:24 +0200)]
man: Convert network-description(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert firewall-settings to asciidoc
Michael Tremer [Sun, 30 Sep 2018 19:16:10 +0000 (21:16 +0200)]
man: Convert firewall-settings to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: network-color: Add synopsis
Michael Tremer [Wed, 26 Sep 2018 22:47:19 +0000 (00:47 +0200)]
man: network-color: Add synopsis

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Drop test page
Michael Tremer [Wed, 26 Sep 2018 22:36:02 +0000 (00:36 +0200)]
man: Drop test page

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network-color(8) to asciidoc
Michael Tremer [Wed, 26 Sep 2018 22:34:35 +0000 (00:34 +0200)]
man: Convert network-color(8) to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Convert network(8) from docbook to asciidoc
Michael Tremer [Wed, 26 Sep 2018 22:25:12 +0000 (00:25 +0200)]
man: Convert network(8) from docbook to asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Add asciidoc configuration file
Michael Tremer [Wed, 26 Sep 2018 22:22:59 +0000 (00:22 +0200)]
man: Add asciidoc configuration file

This adds a short command to link to other man pages

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Use asciidoc to generate HTML pages directly
Michael Tremer [Wed, 26 Sep 2018 21:04:35 +0000 (23:04 +0200)]
man: Use asciidoc to generate HTML pages directly

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoman: Add test page for asciidoc
Michael Tremer [Wed, 26 Sep 2018 20:42:36 +0000 (22:42 +0200)]
man: Add test page for asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoconfigure: Require asciidoc
Michael Tremer [Wed, 26 Sep 2018 20:14:27 +0000 (22:14 +0200)]
configure: Require asciidoc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agobird: Make sure the daemon is always running
Michael Tremer [Sun, 31 Mar 2019 12:28:44 +0000 (14:28 +0200)]
bird: Make sure the daemon is always running

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks ago.gitignore: Ignore vim's swp files
Michael Tremer [Sun, 31 Mar 2019 12:21:18 +0000 (14:21 +0200)]
.gitignore: Ignore vim's swp files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoDrop code for radvd
Michael Tremer [Sun, 31 Mar 2019 12:20:40 +0000 (14:20 +0200)]
Drop code for radvd

This is now being replaced by bird.

Bird is running anyways and can do this job just as well.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agobird: Write IPv6 router advertisement configuration
Michael Tremer [Sun, 31 Mar 2019 12:14:55 +0000 (14:14 +0200)]
bird: Write IPv6 router advertisement configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohostapd: Require MFP for SAE when it is enabled
Michael Tremer [Sun, 31 Mar 2019 11:10:30 +0000 (13:10 +0200)]
hostapd: Require MFP for SAE when it is enabled

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agolock: Cleanup lock files
Michael Tremer [Sat, 30 Mar 2019 18:03:24 +0000 (19:03 +0100)]
lock: Cleanup lock files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoip-tunnel: Enable support for 6in4 tunnels
Michael Tremer [Sat, 30 Mar 2019 17:56:04 +0000 (18:56 +0100)]
ip-tunnel: Enable support for 6in4 tunnels

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoDrop old locking functions
Michael Tremer [Sat, 30 Mar 2019 17:51:13 +0000 (18:51 +0100)]
Drop old locking functions

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agowireless-ap: Check that secret has the correct length and no invalid characters
Michael Tremer [Sat, 30 Mar 2019 17:14:07 +0000 (18:14 +0100)]
wireless-ap: Check that secret has the correct length and no invalid characters

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohooks: Add HOOK_UNIQUE which stops us from creating multiple instances
Michael Tremer [Sat, 30 Mar 2019 16:05:58 +0000 (17:05 +0100)]
hooks: Add HOOK_UNIQUE which stops us from creating multiple instances

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agodhcp: Fix syntax error in last commit
Michael Tremer [Sat, 30 Mar 2019 16:05:44 +0000 (17:05 +0100)]
dhcp: Fix syntax error in last commit

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agodhcp: Rename "enabled" from configuration parameters
Michael Tremer [Sat, 30 Mar 2019 15:57:31 +0000 (16:57 +0100)]
dhcp: Rename "enabled" from configuration parameters

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohook: Rename HOOK_CONFIG_SETTINGS to HOOK_SETTINGS
Michael Tremer [Sat, 30 Mar 2019 15:54:04 +0000 (16:54 +0100)]
hook: Rename HOOK_CONFIG_SETTINGS to HOOK_SETTINGS

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohooks: Use cli_get_bool convenience function where ever possible
Michael Tremer [Sat, 30 Mar 2019 15:30:05 +0000 (16:30 +0100)]
hooks: Use cli_get_bool convenience function where ever possible

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agowireless-ap: Enable 802.11w by default
Michael Tremer [Sat, 30 Mar 2019 15:23:55 +0000 (16:23 +0100)]
wireless-ap: Enable 802.11w by default

This causes some problems on broken Intel systems, but I
guess it is better to prefer security than compatibility in the
default settings.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohostapd: Allow WPA2 authentication only with SHA256
Michael Tremer [Sat, 30 Mar 2019 15:22:45 +0000 (16:22 +0100)]
hostapd: Allow WPA2 authentication only with SHA256

This experimental change disables support for the legacy WPA2
authentication that does not support SHA256.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohotplug-rename: Drop unused variable
Michael Tremer [Sat, 30 Mar 2019 15:19:24 +0000 (16:19 +0100)]
hotplug-rename: Drop unused variable

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agowireless-ap: Add support for WPA3 and rewrite WPA2
Michael Tremer [Sat, 30 Mar 2019 15:12:53 +0000 (16:12 +0100)]
wireless-ap: Add support for WPA3 and rewrite WPA2

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agowireless-ap: Remove support for WPA
Michael Tremer [Sat, 30 Mar 2019 14:02:34 +0000 (15:02 +0100)]
wireless-ap: Remove support for WPA

This is a deprecated protocol and not secure.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohotplug: Remove multiple copies of the same function
Michael Tremer [Sat, 30 Mar 2019 13:58:12 +0000 (14:58 +0100)]
hotplug: Remove multiple copies of the same function

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoports: Drop HOOK_SETTINGS variable
Michael Tremer [Sat, 30 Mar 2019 13:14:56 +0000 (14:14 +0100)]
ports: Drop HOOK_SETTINGS variable

This does not need to be passed to the port_settings_* functions
any more which makes them more easy to use

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agosettings: Some code refactoring
Michael Tremer [Sat, 30 Mar 2019 13:04:35 +0000 (14:04 +0100)]
settings: Some code refactoring

No functional changes

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoConvert HOOK_SETTINGS into an array
Michael Tremer [Sat, 30 Mar 2019 12:49:08 +0000 (13:49 +0100)]
Convert HOOK_SETTINGS into an array

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohooks: Import zone default settings, too
Michael Tremer [Sat, 30 Mar 2019 12:10:58 +0000 (13:10 +0100)]
hooks: Import zone default settings, too

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohooks: Automatically set defaults for all port hooks
Michael Tremer [Sat, 30 Mar 2019 12:03:59 +0000 (13:03 +0100)]
hooks: Automatically set defaults for all port hooks

Before, this was broken so that all configuration parameters
had to be passed all the time.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohostapd: Enable WPA authentication with SHA256
Michael Tremer [Sat, 30 Mar 2019 11:47:32 +0000 (12:47 +0100)]
hostapd: Enable WPA authentication with SHA256

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agowireless-ap: Automatically enable all supported ciphers
Michael Tremer [Sat, 30 Mar 2019 10:27:50 +0000 (11:27 +0100)]
wireless-ap: Automatically enable all supported ciphers

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agohostapd: Dump config file in debug mode
Michael Tremer [Sat, 30 Mar 2019 10:26:38 +0000 (11:26 +0100)]
hostapd: Dump config file in debug mode

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agoMove cli_device_status_phy() to functions.phy
Michael Tremer [Fri, 29 Mar 2019 17:47:47 +0000 (18:47 +0100)]
Move cli_device_status_phy() to functions.phy

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 weeks agonetwork: Show when a PHY supports ACS
Michael Tremer [Fri, 29 Mar 2019 17:46:25 +0000 (18:46 +0100)]
network: Show when a PHY supports ACS

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Allow to enable/disable 802.11w Management Frame Protection
Michael Tremer [Fri, 22 Mar 2019 11:27:38 +0000 (12:27 +0100)]
wireless-ap: Allow to enable/disable 802.11w Management Frame Protection

This is disabled by default, because loads of stations have issues
associating with an AP that has 802.11w enabled.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Always qoute SSID
Michael Tremer [Fri, 22 Mar 2019 11:08:08 +0000 (12:08 +0100)]
hostapd: Always qoute SSID

hostapd has a new parameter that always allows us to set
the SSID as a quoted UTF8 string

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Kick stations that are too far away
Michael Tremer [Fri, 22 Mar 2019 11:02:46 +0000 (12:02 +0100)]
hostapd: Kick stations that are too far away

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Set default WMM settings
Michael Tremer [Fri, 22 Mar 2019 11:02:25 +0000 (12:02 +0100)]
hostapd: Set default WMM settings

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Always enable Transmit Power Control
Michael Tremer [Fri, 22 Mar 2019 10:45:03 +0000 (11:45 +0100)]
hostapd: Always enable Transmit Power Control

Also advertise this to clients

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Remove now useless comment
Michael Tremer [Fri, 22 Mar 2019 10:40:32 +0000 (11:40 +0100)]
hostapd: Remove now useless comment

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Allow setting the wireless environment (indoor/outdoor)
Michael Tremer [Thu, 21 Mar 2019 21:14:43 +0000 (22:14 +0100)]
wireless-ap: Allow setting the wireless environment (indoor/outdoor)

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Enable ACS only for ath* devices
Michael Tremer [Thu, 21 Mar 2019 19:22:56 +0000 (20:22 +0100)]
wireless-ap: Enable ACS only for ath* devices

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Apply channel bandwidth to configuration
Michael Tremer [Mon, 18 Mar 2019 20:24:02 +0000 (21:24 +0100)]
hostapd: Apply channel bandwidth to configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Forgot to add configuration variables to file
Michael Tremer [Mon, 18 Mar 2019 20:21:37 +0000 (21:21 +0100)]
wireless-ap: Forgot to add configuration variables to file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Add CLI to set channel bandwidth
Michael Tremer [Mon, 18 Mar 2019 19:50:44 +0000 (20:50 +0100)]
wireless-ap: Add CLI to set channel bandwidth

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agohostapd: Disable DFS automatically when not supported by hardware
Michael Tremer [Mon, 18 Mar 2019 19:10:56 +0000 (20:10 +0100)]
hostapd: Disable DFS automatically when not supported by hardware

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Allow to disable DFS in configuration
Michael Tremer [Mon, 18 Mar 2019 18:58:25 +0000 (19:58 +0100)]
wireless-ap: Allow to disable DFS in configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 weeks agowireless-ap: Use automatic channel selection (ACS) by default
Michael Tremer [Mon, 18 Mar 2019 18:46:06 +0000 (19:46 +0100)]
wireless-ap: Use automatic channel selection (ACS) by default

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2 months agodns: Always enable EDNS0
Michael Tremer [Wed, 13 Feb 2019 17:45:05 +0000 (17:45 +0000)]
dns: Always enable EDNS0

This is for all DNS queries originating from the firewall.

Since we have had DNS Flag Day, we are expecting all DNS servers
to support this now. If not, then you are very unlucky.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 months agobird: (Re-)generate configuration when network is initialised
Michael Tremer [Sun, 16 Dec 2018 17:55:25 +0000 (17:55 +0000)]
bird: (Re-)generate configuration when network is initialised

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 months agobird: Apply static routes instead of doing that manually with ip
Michael Tremer [Sun, 16 Dec 2018 17:47:57 +0000 (17:47 +0000)]
bird: Apply static routes instead of doing that manually with ip

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 months agobird: Add some generic configuration file
Michael Tremer [Sun, 16 Dec 2018 17:10:47 +0000 (17:10 +0000)]
bird: Add some generic configuration file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
4 months agoip-tunnel: Set TTL to 255 by default
Michael Tremer [Mon, 3 Dec 2018 12:38:13 +0000 (13:38 +0100)]
ip-tunnel: Set TTL to 255 by default

By default, the Linux kernel inherits the TTL of the transported
packet. Usually with BGP, the TTL is deliberately set to 1 or very
low numbers which causes the packet to be dropped after the first
hop.

Since the tunnel should be routed, we set this to a default value
of 255 and ignore the TTL of the encapsulated packet.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobonding; Validate any MAC address passed
Michael Tremer [Sun, 30 Sep 2018 23:02:27 +0000 (01:02 +0200)]
bonding; Validate any MAC address passed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agoRemove unused function
Michael Tremer [Sun, 30 Sep 2018 22:07:37 +0000 (00:07 +0200)]
Remove unused function

Fixes: #11423
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobridge: Add option to missing --stp-max-age=
Michael Tremer [Mon, 24 Sep 2018 21:32:40 +0000 (23:32 +0200)]
bridge: Add option to missing --stp-max-age=

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobridge: Order arguments in alphabetical order
Michael Tremer [Mon, 24 Sep 2018 21:31:43 +0000 (23:31 +0200)]
bridge: Order arguments in alphabetical order

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobridge: Set proper defaults
Michael Tremer [Mon, 24 Sep 2018 21:29:25 +0000 (23:29 +0200)]
bridge: Set proper defaults

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobridge: Reorder functions into the common order
Michael Tremer [Mon, 24 Sep 2018 21:17:30 +0000 (23:17 +0200)]
bridge: Reorder functions into the common order

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobridge: Fix assertion for MTU
Michael Tremer [Mon, 24 Sep 2018 21:15:26 +0000 (23:15 +0200)]
bridge: Fix assertion for MTU

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agobridge: Check input and return useful errors
Michael Tremer [Mon, 24 Sep 2018 21:13:22 +0000 (23:13 +0200)]
bridge: Check input and return useful errors

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agoBump version to 011
Michael Tremer [Mon, 24 Sep 2018 20:55:51 +0000 (21:55 +0100)]
Bump version to 011

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agoBump version to 010 010
Michael Tremer [Mon, 24 Sep 2018 20:54:39 +0000 (21:54 +0100)]
Bump version to 010

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
6 months agoipsec: security policies: system: Order by complexity
Michael Tremer [Sun, 23 Sep 2018 23:21:45 +0000 (01:21 +0200)]
ipsec: security policies: system: Order by complexity

strongswan uses the cipher suites in the order as listed by first
match instead of complexity. This patch re-orders them so that
maximum complexity is tried first and everything else after.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>