/etc/passwd
/etc/shadow
/etc/group
+/etc/ipsec.user.*
/etc/sysconfig/*
/etc/hosts*
/etc/httpd/*
/var/ipfire/auth/users
/var/ipfire/dhcp/*
/var/ipfire/main/*
+/var/ipfire/outgoing/groups
/var/ipfire/outgoing/rules
/var/ipfire/outgoing/p2protocols
/var/ipfire/ovpn
etc/ssh/ssh_config
#etc/ssh/ssh_host_dsa_key
#etc/ssh/ssh_host_dsa_key.pub
+#etc/ssh/ssh_host_ecdsa_key
+#etc/ssh/ssh_host_ecdsa_key.pub
#etc/ssh/ssh_host_key
#etc/ssh/ssh_host_key.pub
#etc/ssh/ssh_host_rsa_key
#usr/share/man/man3/dsa.3
#usr/share/man/man3/ecdsa.3
#usr/share/man/man3/engine.3
+#usr/share/man/man3/err.3
#usr/share/man/man3/evp.3
#usr/share/man/man3/hmac.3
#usr/share/man/man3/i2d_ASN1_OBJECT.3
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
etc/system-release
boot/ipfirerd-2.6.32.28.img
+opt/pakfire/lib/functions.pl
+var/ipfire/backup/include
+srv/web/ipfire/cgi-bin/system.cgi
+srv/web/ipfire/cgi-bin/ddns.cgi
+usr/local/bin/setddns.pl
+var/ipfire/langs/de.pl
+var/ipfire/langs/en.pl
+var/ipfire/langs/es.pl
+var/ipfire/langs/fr.pl
--- /dev/null
+../../../common/openssh
\ No newline at end of file
--- /dev/null
+../../../common/openssl
\ No newline at end of file
--- /dev/null
+../../../common/squid
\ No newline at end of file
#
#Start services
+/etc/init.d/squid restart
#
#Update Language cache
-#perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
# Rebuild initrd of optional pae and xen kernel
KVER=2.6.32.28
#
#Finish
+/etc/init.d/fireinfo start
+sendprofile
#Don't report the exitcode last command
exit 0
--- /dev/null
+etc/system-release
+srv/web/ipfire/cgi-bin/services.cgi
+srv/web/ipfire/cgi-bin/ids.cgi
+var/ipfire/backup/include
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2011 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+#
+# Remove core updates from pakfire cache to save space...
+rm -f /var/cache/pakfire/core-upgrade-*.ipfire
+#
+#Stop services
+
+#
+#Extract files
+extract_files
+
+#
+#Start services
+
+#
+#Update Language cache
+#perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+
+#Rebuild module dep's
+#depmod 2.6.32.28-ipfire >/dev/null 2>&1
+#depmod 2.6.32.28-ipfire-pae >/dev/null 2>&1
+#depmod 2.6.32.28-ipfire-xen >/dev/null 2>&1
+
+#
+#Finish
+/etc/init.d/fireinfo start
+sendprofile
+#Don't report the exitcode last command
+exit 0
#usr/lib/libclamav.la
usr/lib/libclamav.so
usr/lib/libclamav.so.6
-usr/lib/libclamav.so.6.1.7
+usr/lib/libclamav.so.6.1.9
#usr/lib/libclamunrar.la
usr/lib/libclamunrar.so
usr/lib/libclamunrar.so.6
-usr/lib/libclamunrar.so.6.1.7
+usr/lib/libclamunrar.so.6.1.9
#usr/lib/libclamunrar_iface.la
usr/lib/libclamunrar_iface.so
usr/lib/libclamunrar_iface.so.6
-usr/lib/libclamunrar_iface.so.6.1.7
+usr/lib/libclamunrar_iface.so.6.1.9
#usr/lib/pkgconfig/libclamav.pc
usr/sbin/clamd
usr/share/clamav
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
$checked{'SERVICE'}{'enom.com'} = '';
$checked{'SERVICE'}{'freedns.afraid.org'} = '';
$checked{'SERVICE'}{'hn.org'} = '';
-$checked{'SERVICE'}{'mydyn.de'} = '';
$checked{'SERVICE'}{'no-ip.com'} = '';
$checked{'SERVICE'}{'nsupdate'} = '';
$checked{'SERVICE'}{'ovh.com'} = '';
$checked{'SERVICE'}{'regfish.com'} = '';
$checked{'SERVICE'}{'selfhost.de'} = '';
+$checked{'SERVICE'}{'strato.com'} = '';
$checked{'SERVICE'}{'tzo.com'} = '';
$checked{'SERVICE'}{'zoneedit.com'} = '';
$checked{'SERVICE'}{$settings{'SERVICE'}} = "selected='selected'";
<option $checked{'SERVICE'}{'enom.com'}>enom.com</option>
<option $checked{'SERVICE'}{'freedns.afraid.org'}>freedns.afraid.org</option>
<option $checked{'SERVICE'}{'hn.org'}>hn.org</option>
- <option $checked{'SERVICE'}{'mydyn.de'}>mydyn.de</option>
<option $checked{'SERVICE'}{'no-ip.com'}>no-ip.com</option>
<option $checked{'SERVICE'}{'nsupdate'}>nsupdate</option>
<option $checked{'SERVICE'}{'ovh.com'}>ovh.com</option>
<option $checked{'SERVICE'}{'regfish.com'}>regfish.com</option>
<option $checked{'SERVICE'}{'selfhost.de'}>selfhost.de</option>
+ <option $checked{'SERVICE'}{'strato.com'}>strato.com</option>
<!-- <option $checked{'SERVICE'}{'tzo.com'}>tzo.com</option> comment this service out until a working fix is developed -->
<option $checked{'SERVICE'}{'zoneedit.com'}>zoneedit.com</option>
</select></td>
if ($snortsettings{'RULES'} eq 'subscripted') {
#$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
- $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2902_s.tar.gz/$snortsettings{'OINKCODE'}";
+ $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2903_s.tar.gz/$snortsettings{'OINKCODE'}";
#$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz";
} elsif ($snortsettings{'RULES'} eq 'registered') {
#$url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
- $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2902.tar.gz/$snortsettings{'OINKCODE'}";
+ $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2903.tar.gz/$snortsettings{'OINKCODE'}";
#$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz";
} else {
$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
if ( $testcmd =~ /is\ running/ && $testcmd !~ /is\ not\ running/){
$status = "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td>";
+ $testcmd =~ s/.* //gi;
$testcmd =~ s/[a-z_]//gi;
$testcmd =~ s/\[[0-1]\;[0-9]+//gi;
$testcmd =~ s/[\(\)\.]//gi;
&Header::openpage($Lang::tr{'status information'}, 1, '');
&Header::openbigbox('100%', 'left');
+ &Header::openbox('100%', 'center', "CPU $Lang::tr{'graph'}");
+ &Graphs::makegraphbox("system.cgi","cpu","day","325");
+ &Header::closebox();
+
if ( -e "$mainsettings{'RRDLOG'}/collectd/localhost/cpufreq/cpufreq-0.rrd"){
&Header::openbox('100%', 'center', "CPU $Lang::tr{'graph'}");
&Graphs::makegraphbox("system.cgi","cpufreq","day","325");
&Header::closebox();
}
- &Header::openbox('100%', 'center', "CPU $Lang::tr{'graph'}");
- &Graphs::makegraphbox("system.cgi","cpu","day","325");
- &Header::closebox();
-
&Header::openbox('100%', 'center', "Load $Lang::tr{'graph'}");
&Graphs::makegraphbox("system.cgi","load","day");
&Header::closebox();
'ConnSched ipsecstart' => 'IPSec (neu)starten',
'ConnSched ipsecstop' => 'IPSec stop',
'ConnSched reconnect' => 'Neu verbinden',
+'cpu frequency per' => 'CPU Frequenz pro',
'ConnSched scheduled actions' => 'Geplante Aktionen',
'ConnSched scheduler' => 'Scheduler',
'ConnSched select profile' => 'Wähle Profil',
'ConnSched down' => 'Down',
'ConnSched ipsecstart' => 'IPSec (re)start',
'ConnSched ipsecstop' => 'IPSec stop',
+'cpu frequency per' => 'CPU frequency per',
'ConnSched reconnect' => 'Reconnect',
'ConnSched scheduled actions' => 'Scheduled actions',
'ConnSched scheduler' => 'Scheduler',
'cpu idle usage' => 'Uso de CPU inactivo',
'cpu interrupt usage' => 'Uso de interrupción de CPU',
'cpu iowait usage' => 'CPU esperando IO',
+'cpu frequency per' => 'CPU frecuencia por',
'cpu irq usage' => 'Uso de IRQ del CPU',
'cpu nice usage' => 'Buen uso de CPU',
'cpu steal usage' => 'uso de CPU steal',
'ConnSched days' => 'Jours :',
'ConnSched down' => 'Arrêt',
'ConnSched ipsecstart' => 'IPSec (re)démarrage',
+'cpu frequency per' => 'CPU fréquence par',
'ConnSched ipsecstop' => 'IPSec arrêt',
'ConnSched reconnect' => 'Reconnecter',
'ConnSched scheduled actions' => 'Actions planifiées',
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2010 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 0.96.5
+VER = 0.97
THISAPP = clamav-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 14
+PAK_VER = 15
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 202e51d47298779e5babacc443102c6a
+$(DL_FILE)_MD5 = 605ed132b2f8e89df11064adea2b183b
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 5.6p1
+VER = 5.8p1
THISAPP = openssh-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = e6ee52e47c768bf0ec42a232b5d18fb0
+$(DL_FILE)_MD5 = 86f5e1c23b4c4845f23b9b7b493fb53d
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2010 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 0.9.8q
+VER = 0.9.8r
THISAPP = openssl-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 80e67291bec9230f03eefb5cfe858998
+$(DL_FILE)_MD5 = 0352932ea863bc02b056cda7c9ac5b79
install : $(TARGET)
--enable-referer-log \
--enable-snmp \
--with-pthreads --with-dl \
- --with-maxfd="16384"
+ --with-maxfd="16384" \
+ --with-large-files
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.9" # Version number
-CORE="46" # Core Level (Filename)
-PAKFIRE_CORE="45" # Core Level (PAKFIRE)
+CORE="47" # Core Level (Filename)
+PAKFIRE_CORE="46" # Core Level (PAKFIRE)
GIT_BRANCH=`git status | head -n1 | cut -d" " -f4` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir
unless ( "$ret" eq "0" ) {
message("CRYPTO WARN: The GnuPG isn't configured corectly. Trying now to fix this.");
message("CRYPTO WARN: It's normal to see this on first execution.");
- my $command = "gpg --keyserver pgp.mit.edu --always-trust --status-fd 2";
+ my $command = "gpg --keyserver pgp.ipfire.org --always-trust --status-fd 2";
system("$command --recv-key $myid >> $Conf::logdir/gnupg-database.log 2>&1");
system("$command --recv-key $trustid >> $Conf::logdir/gnupg-database.log 2>&1");
} else {
#
. /opt/pakfire/lib/functions.sh
extract_files
-/usr/local/bin/clamavctrl enable
+/usr/local/bin/clamavctrl enable &
&General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : failure (could not connect to server)");
}
}
- elsif ($settings{'SERVICE'} eq 'mydyn') {
- # use proxy ?
- my %proxysettings;
- &General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
- if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
- my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
- Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
- }
-
- my ($out, $response) = Net::SSLeay::get_http( 'www.mydyn.de',
- 80,
- "/cgi-bin/update.pl?$settings{'LOGIN'}-$settings{'PASSWORD'}",
- Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
- );
-
- if ($response =~ m%HTTP/1\.. 200 OK%) {
- if ( $out !~ m/The IP address of the subdomain/ ) {
- &General::log("Dynamic DNS ip-update for mydyn.de ($settings{'LOGIN'}) : failure (bad password or login)");
- } else {
- &General::log("Dynamic DNS ip-update for mydyn.de ($settings{'LOGIN'}) : success");
- $success++;
- }
- } else {
- &General::log("Dynamic DNS ip-update for mydyn.de ($settings{'LOGIN'}) : failure (could not connect to server)");
- }
-
- }
elsif ($settings{'SERVICE'} eq 'selfhost') {
# use proxy ?
my %proxysettings;
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)");
}
}
- elsif ($settings{'SERVICE'} eq 'regfish') {
+ elsif ($settings{'SERVICE'} eq 'strato') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
- my ($out, $response) = Net::SSLeay::get_https( 'dyndns.regfish.de',
- 443,
- "/?fqdn=$settings{'DOMAIN'}&ipv4=$ip&forcehost=1&authtype=secure&token=$settings{'LOGIN'}",
- Net::SSLeay::make_headers('User-Agent' => 'Ipfire' )
- );
- #Valid responses from service are:
- # success|100|update succeeded!
- # success|101|no update needed at this time..
+
+ if ($settings{'HOSTNAME'} eq '') {
+ $settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
+ } else {
+ $settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
+ }
+
+ my ($out, $response) = Net::SSLeay::get_https( 'dyndns.strato.com',
+ 443,
+ "/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip",
+ Net::SSLeay::make_headers('User-Agent' => 'IPFire',
+ 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}") )
+ );
+
if ($response =~ m%HTTP/1\.. 200 OK%) {
- if ( $out !~ m/(success\|(100|101)\|)/ig ) {
- &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure ($out)");
+ #Valid responses from update => ErrCount=0
+ if ( $out =~ m/good |nochg /ig) {
+ &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
+ $success++;
} else {
- &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : success");
+ &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure1 ($out)");
$success++;
}
+ } elsif ( $out =~ m/<title>(.*)<\/title>/ig ) {
+ &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure2 ($1)");
} else {
- &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure (could not connect to server)");
+ &General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure3 ($response)");
}
}
+ elsif ($settings{'SERVICE'} eq 'regfish') {
+ # use proxy ?
+ my %proxysettings;
+ &General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
+ if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
+ my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
+ Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
+ }
+ my ($out, $response) = Net::SSLeay::get_https( 'dyndns.regfish.de',
+ 443,
+ "/?fqdn=$settings{'DOMAIN'}&ipv4=$ip&forcehost=1&authtype=secure&token=$settings{'LOGIN'}",
+ Net::SSLeay::make_headers('User-Agent' => 'Ipfire' )
+ );
+ #Valid responses from service are:
+ #success|100|update succeeded!
+ #success|101|no update needed at this time..
+ if ($response =~ m%HTTP/1\.. 200 OK%) {
+ if ( $out !~ m/(success\|(100|101)\|)/ig ) {
+ &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure ($out)");
+ } else {
+ &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : success");
+ $success++;
+ }
+ } else {
+ &General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure (could not connect to server)");
+ }
+ }
elsif ($settings{'SERVICE'} eq 'ovh') {
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);