git.ipfire.org Git - people/ms/network.git/log

]> git.ipfire.org Git - people/ms/network.git/log

projects / people / ms / network.git / log

Michael Tremer [Sat, 5 Aug 2017 19:22:21 +0000 (19:22 +0000)]

vlan: Create devices when they don't exist, yet

The hotplug triggers will take care of attaching the
device to the zone it should belong to.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 5 Aug 2017 19:19:37 +0000 (19:19 +0000)]

Revert "Never overwrite PATH"

This reverts commit 42249a1489fab6c1baae91e23fd8a91302570b48.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 5 Aug 2017 19:15:51 +0000 (19:15 +0000)]

util: Drop cmd_clean_environment function

cmd is now doing this by default

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 5 Aug 2017 19:14:23 +0000 (19:14 +0000)]

util: Fix cmd function and never leak anything into the environment

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 5 Aug 2017 18:40:41 +0000 (18:40 +0000)]

ipsec: Save START_ACTION parameter

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 5 Aug 2017 10:30:31 +0000 (12:30 +0200)]

ipsec: log a debug message when deleting a strongswan config

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 5 Aug 2017 10:30:30 +0000 (12:30 +0200)]

ipsec: fix enable and disable

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 5 Aug 2017 10:11:44 +0000 (10:11 +0000)]

ipsec: Only set traffic selector marks in VTI mode

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:52:58 +0000 (21:52 +0000)]

Fix typo

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:51:22 +0000 (21:51 +0000)]

ipsec: Make sure not to reload strongswan if it is not running

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:40:53 +0000 (21:40 +0000)]

settings: Use file_delete to delete a file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:39:43 +0000 (21:39 +0000)]

ipsec: Properly shut down connections when destroyed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:28:17 +0000 (21:28 +0000)]

ipsec: Make sure strongswan is started when it should be

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:26:20 +0000 (21:26 +0000)]

reset: Destroy all user-defined security policies

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:23:50 +0000 (21:23 +0000)]

reset: Destroy all IPsec VPN connections

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:14:55 +0000 (21:14 +0000)]

settings: Don't log skipped configuration lines

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:11:20 +0000 (21:11 +0000)]

ipsec: Add our configuration header to each configuration file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 21:03:03 +0000 (21:03 +0000)]

ipsec: Fix typo in variable check

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 20:59:06 +0000 (20:59 +0000)]

ipsec: Enable strongswan to start at boot when needed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 20:45:39 +0000 (20:45 +0000)]

ipsec: Always make sure that n2n connections are unique

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 4 Aug 2017 20:20:42 +0000 (22:20 +0200)]

ipsec: add status feature

We can now disable and enable IPsec connections.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 4 Aug 2017 19:26:37 +0000 (21:26 +0200)]

ipsec: reload connection when the security policy changes

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 4 Aug 2017 19:26:36 +0000 (21:26 +0200)]

ipsec: reload connection when the config changes

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 19:31:20 +0000 (19:31 +0000)]

ipsec: Set routes to peered networks

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 19:10:23 +0000 (19:10 +0000)]

ipsec: GRE: Use outer IP addresses for peering

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:49:10 +0000 (14:49 +0000)]

ip-tunnel: Use "ip link" instead of "ip tunnel"

ip tunnel seems to be in an awful condition and ip
link works just fine.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:48:52 +0000 (14:48 +0000)]

ipsec: Let the updown script handle all events

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:21:32 +0000 (14:21 +0000)]

Rename fwrite to fappend

Because that is what the function is actually doing.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:04:57 +0000 (14:04 +0000)]

security-policies: Delete cached content when policy is deleted

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:03:22 +0000 (14:03 +0000)]

security-policies: Rename AH proposals to IKE proposals

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:02:00 +0000 (14:02 +0000)]

Revert "ipsec: Only allow strict use of security policies"

This reverts commit a48e4dd265d6256fdc3c5b2fc8e6b85ca4d40361.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 14:01:09 +0000 (14:01 +0000)]

security-policies: Cache output of proposal generators

These functions are really really slow and the output stays
constants as long as the configuration is not being changed.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 13:30:31 +0000 (13:30 +0000)]

ipsec: Only allow strict use of security policies

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 13:29:41 +0000 (13:29 +0000)]

ipsec: Fix DPD configuration

dpd_action has to go into the children section

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 4 Aug 2017 12:07:12 +0000 (14:07 +0200)]

bash-autocompletion: up and down for ipsec connections

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 12:51:35 +0000 (12:51 +0000)]

ipsec: Add prototype-level support for GRE tunnels

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 12:50:05 +0000 (12:50 +0000)]

ip-tunnel: Add support for GRE tunnels

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 12:49:42 +0000 (12:49 +0000)]

ipsec: Fix configuration variable list

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 12:12:44 +0000 (12:12 +0000)]

ipsec: Add prototype-level support for VTI

This will create a VTI interface for IPsec connections
configured as such and bring it up so that traffic can
be passed around.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 11:59:04 +0000 (11:59 +0000)]

ipsec: Add commands to bring connections up and down

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 4 Aug 2017 11:57:32 +0000 (11:57 +0000)]

ip-tunnel: Make local address optional

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 4 Aug 2017 08:32:13 +0000 (10:32 +0200)]

bash-autocompletion: add basic security-policy support

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 4 Aug 2017 08:32:12 +0000 (10:32 +0200)]

raw: add command vpn-security-policy-exists

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 16:33:28 +0000 (18:33 +0200)]

ipsec: add local address, dpd settings and start action settings

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 15:47:51 +0000 (15:47 +0000)]

ipsec: Support Dead Peer Detection

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 15:40:21 +0000 (15:40 +0000)]

ipsec: Allow defining START_ACTION

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 15:20:19 +0000 (15:20 +0000)]

ipsec: Support binding a connection to a certain address

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 14:53:03 +0000 (14:53 +0000)]

ipsec: Write functions to generate strongSwan configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 12:08:04 +0000 (12:08 +0000)]

ipsec: Disable compression in system policy

Compression in IPsec is slow (strongSwan only supports
DEFLATE) and there are security concerns about it
revealing information about the plaintext.

So for a little gain in bandwith, it does not seem to
be right to take that risk right now.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 12:07:40 +0000 (12:07 +0000)]

ipsec: Fix typos in CLI parsing

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 12:07:21 +0000 (12:07 +0000)]

security-policies: List "performance" as read-only

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 11:44:40 +0000 (13:44 +0200)]

bash-autocompletion: fix typos

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 10:51:27 +0000 (12:51 +0200)]

ipsec: add basic bash completion for ipsec

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 10:51:26 +0000 (12:51 +0200)]

raw: add command new list-vpn-security-policies-all

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 10:51:25 +0000 (12:51 +0200)]

raw: add new command list-ipsec-connections

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 10:51:24 +0000 (12:51 +0200)]

raw: add new command ipsec-connection-exists

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 10:51:23 +0000 (12:51 +0200)]

vpn-security-policies: add new function vpn_security_policies_list_all

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 10:51:22 +0000 (12:51 +0200)]

ipsec: add new function ipsec_list_connections

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 3 Aug 2017 09:26:53 +0000 (09:26 +0000)]

Fix typo

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Thu, 3 Aug 2017 09:26:14 +0000 (09:26 +0000)]

wpa_supplication: Correctly escape SSIDs with spaces

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 31 Jul 2017 09:28:33 +0000 (11:28 +0200)]

vti: Disable policy lookups for VTI devices

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Mon, 31 Jul 2017 09:12:02 +0000 (11:12 +0200)]

ipsec: Check PSK for a good length

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 17:02:15 +0000 (19:02 +0200)]

ipsec: Fix typo in warning message

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 17:01:11 +0000 (19:01 +0200)]

ipsec: Fix another shell syntax error

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 17:00:42 +0000 (19:00 +0200)]

ipsec: Always make value of AUTH_MODE uppercase

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 16:30:34 +0000 (18:30 +0200)]

ipsec: Add connection show command

This shows the current configuration of a connection

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 16:29:44 +0000 (18:29 +0200)]

ipsec: Fix another bash syntax error

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 13:37:15 +0000 (15:37 +0200)]

ipsec: Fix typo

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 13:29:13 +0000 (15:29 +0200)]

ipsec: Move connections to /etc/network/vpn/ipsec/connections

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 13:24:46 +0000 (15:24 +0200)]

Makefile: Fix alphabetical order

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 13:24:12 +0000 (15:24 +0200)]

vpn: Move VPN CLI functions into separate files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sun, 30 Jul 2017 13:14:58 +0000 (15:14 +0200)]

route: Move CLI functions into functions file

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 29 Jul 2017 08:39:37 +0000 (10:39 +0200)]

network: add new ipsec functionality

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Sat, 29 Jul 2017 08:39:36 +0000 (10:39 +0200)]

ipsec: add new functions

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Thu, 27 Jul 2017 12:07:01 +0000 (14:07 +0200)]

config hook: prevent two hooks with the same settings

A ipv4-static config with the same IPv4 address twice is senseless.
A new function zone_config_check_same_setting is introduced.
The function provides an easy way to check if a config
of the given hook has the same value for a given key.
We can now check inside hook_new if an ipv4-static or ipv6-static config
with the same value exist and break with an error.

Fixes: #11418
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:44 +0000 (10:44 +0200)]

autocompletion: use hids instead of ids

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:43 +0000 (10:44 +0200)]

raw: add command zone-config-hid-is-valid

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:42 +0000 (10:44 +0200)]

raw: add command list-zone-config-hids

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:41 +0000 (10:44 +0200)]

header-config: add generic hook_hid function

This function will always be there so when we call hook_hid we will get a result.
This is also nice for testing.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:40 +0000 (10:44 +0200)]

hook: also hook_hid is a valid command

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:39 +0000 (10:44 +0200)]

zone: config list print also hids

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:38 +0000 (10:44 +0200)]

zone: accept also hids in zone_config()

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Wed, 26 Jul 2017 08:44:37 +0000 (10:44 +0200)]

zone: add config hid functions

These are the basic functions to work with hids.

Fixes: #11406
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 14 Jul 2017 12:19:42 +0000 (14:19 +0200)]

header-zone: refactor hook_config_destroy

We now just bring the hook down, execute hook_destroy which can be not empty inside the hook,
because it is defined in src/header-config.
After this we delete the config file.

Fixes: #11416
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Fri, 14 Jul 2017 12:19:41 +0000 (14:19 +0200)]

zone: new function zone_config_settings_destroy

Similar to zone_config_settings_write and zone_config_settings_read
this function provides an easy way to delete a config file.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Mon, 24 Jul 2017 19:10:05 +0000 (21:10 +0200)]

autocompletion: improve config part

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Mon, 24 Jul 2017 19:10:04 +0000 (21:10 +0200)]

network: add new raw command zone-config-id-is-valid

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Mon, 24 Jul 2017 19:10:03 +0000 (21:10 +0200)]

network: add new raw command list-zone-config-ids

This commands make it possible to list all used ids
for a zone from the command line.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Jonatan Schlag [Mon, 24 Jul 2017 19:10:02 +0000 (21:10 +0200)]

zone: add new function zone_config_list_ids

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Sat, 22 Jul 2017 20:10:48 +0000 (22:10 +0200)]

Remove support for Rapid Spanning Tree Protocol

The userspace daemon is not very stable and unfortunately
not very well tested so that reliable use of it is impossible
right now.

We keep supporting STP as implemented in the Linux kernel
which has some disadvantages, but has proven to be more solid.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:43:39 +0000 (22:43 +0200)]

security-policies: Add new "performance" policy

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:38:19 +0000 (22:38 +0200)]

Remove overcomplicated list assignment which doesn't work

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:32:33 +0000 (22:32 +0200)]

Fix syntax error after line-break

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:23:23 +0000 (22:23 +0200)]

util: Log return code of commands only if something failed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:14:20 +0000 (22:14 +0200)]

list: Make use of the assign function to set variables

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:14:06 +0000 (22:14 +0200)]

header-port: Remove unsafe use of eval

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 20:13:44 +0000 (22:13 +0200)]

list: Remove unsafe use of eval

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 19:15:08 +0000 (21:15 +0200)]

security-polices: Improve modification of cipher lists

This now supports setting a cipher list in one command and returns
some useful warnings when an intended change could not be performed.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 18:26:32 +0000 (20:26 +0200)]

batman-adv: Use correct functions to read from /sys/class/net

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 21 Jul 2017 18:19:06 +0000 (20:19 +0200)]

Improve performance of reading files from the device tree

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

Networking code of IPFire 3.x.

RSS Atom