--- /dev/null
+/etc/stunnel/
ftp:x:45:45:anonymous_user:/home/ftp:/bin/false
vsftpd:x:47:47:vsftpd User:/home/ftp:/bin/false
rsyncd:x:48:48:rsyncd Daemon:/home/rsync:/bin/false
+stunnel:x:51:51:stunnel Daemon:/var/lib/stunnel:/bin/false
sshd:x:74:74:sshd:/var/empty:/bin/false
nobody:x:99:99:Nobody:/home/nobody:/bin/false
postfix:x:100:100::/var/spool/postfix:/bin/false
$grp1='std_net_src';
$source='ORANGE';
}elsif ($configline[2] eq 'red') {
- $grp1='std_net_src';
- $source='IPFire';
+ $grp1='ipfire_src';
+ $source='RED1';
&General::readhash($fwdfwsettings,\%fwdsettings);
$fwdsettings{'POLICY1'}=$outsettings{'POLICY'};
$fwdsettings{'POLICY'}=$outsettings{'POLICY'};
my $chain;
foreach my $protocol (@prot){
my $now=localtime;
- if ($source eq 'IPFire'){
+ if ($source eq 'RED1'){
$chain='OUTGOINGFW';
}else{
$chain='FORWARDFW';
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.10.32 Kernel Configuration
+# Linux/arm 3.10.38 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
CONFIG_NETFILTER_XT_MATCH_HL=m
CONFIG_NETFILTER_XT_MATCH_IPRANGE=m
CONFIG_NETFILTER_XT_MATCH_IPVS=m
+CONFIG_NETFILTER_XT_MATCH_LAYER7=m
+# CONFIG_NETFILTER_XT_MATCH_LAYER7_DEBUG is not set
CONFIG_NETFILTER_XT_MATCH_LENGTH=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
CONFIG_NETFILTER_XT_MATCH_MAC=m
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_NETFILTER_XT_MATCH_SOCKET=m
CONFIG_NETFILTER_XT_MATCH_STATE=m
-CONFIG_NETFILTER_XT_MATCH_LAYER7=m
-# CONFIG_NETFILTER_XT_MATCH_LAYER7_DEBUG is not set
CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
CONFIG_SND_BCM2708_SOC_HIFIBERRY_DAC=m
CONFIG_SND_BCM2708_SOC_HIFIBERRY_DIGI=m
CONFIG_SND_BCM2708_SOC_RPI_DAC=m
+# CONFIG_SND_BCM2708_SOC_IQAUDIO_DAC is not set
CONFIG_SND_DESIGNWARE_I2S=m
CONFIG_SND_SOC_I2C_AND_SPI=m
# CONFIG_SND_SOC_ALL_CODECS is not set
CONFIG_SND_SOC_PCM1794A=m
CONFIG_SND_SOC_PCM5102A=m
+# CONFIG_SND_SOC_PCM512x is not set
CONFIG_SND_SOC_WM8804=m
CONFIG_SND_SIMPLE_CARD=m
# CONFIG_SOUND_PRIME is not set
etc/rc.d/init.d/sshd
#etc/rc.d/init.d/sslh
etc/rc.d/init.d/static-routes
+#etc/rc.d/init.d/stunnel
etc/rc.d/init.d/swap
etc/rc.d/init.d/sysctl
etc/rc.d/init.d/sysklogd
etc/rc.d/init.d/sshd
#etc/rc.d/init.d/sslh
etc/rc.d/init.d/static-routes
+#etc/rc.d/init.d/stunnel
etc/rc.d/init.d/swap
etc/rc.d/init.d/sysctl
etc/rc.d/init.d/sysklogd
/usr/local/bin/qosctrl start
fi
+chown cron:cron /var/spool/cron
# Update crontab
cat <<EOF >> /var/spool/cron/root.orig
etc/rc.d/init.d/pound
-etc/rc.d/rc0.d/K40pound
-etc/rc.d/rc3.d/S60pound
-etc/rc.d/rc6.d/K40pound
#etc/pound.cfg
usr/sbin/pound
usr/sbin/poundctl
--- /dev/null
+etc/rc.d/init.d/stunnel
+etc/stunnel
+etc/stunnel/stunnel.conf
+#etc/stunnel/stunnel.conf-sample
+usr/bin/stunnel
+#usr/bin/stunnel3
+#usr/lib/stunnel
+#usr/lib/stunnel/libstunnel.la
+usr/lib/stunnel/libstunnel.so
+#usr/share/doc/stunnel
+#usr/share/doc/stunnel/AUTHORS
+#usr/share/doc/stunnel/BUGS
+#usr/share/doc/stunnel/COPYING
+#usr/share/doc/stunnel/COPYRIGHT.GPL
+#usr/share/doc/stunnel/CREDITS
+#usr/share/doc/stunnel/ChangeLog
+#usr/share/doc/stunnel/INSTALL
+#usr/share/doc/stunnel/INSTALL.FIPS
+#usr/share/doc/stunnel/INSTALL.W32
+#usr/share/doc/stunnel/INSTALL.WCE
+#usr/share/doc/stunnel/PORTS
+#usr/share/doc/stunnel/README
+#usr/share/doc/stunnel/TODO
+#usr/share/doc/stunnel/examples
+#usr/share/doc/stunnel/examples/ca.html
+#usr/share/doc/stunnel/examples/ca.pl
+#usr/share/doc/stunnel/examples/importCA.html
+#usr/share/doc/stunnel/examples/importCA.sh
+#usr/share/doc/stunnel/examples/script.sh
+#usr/share/doc/stunnel/examples/stunnel.init
+#usr/share/doc/stunnel/examples/stunnel.service
+#usr/share/doc/stunnel/examples/stunnel.spec
+#usr/share/doc/stunnel/stunnel.fr.html
+#usr/share/doc/stunnel/stunnel.html
+#usr/share/doc/stunnel/stunnel.pl.html
+#usr/share/man/man8/stunnel.8
+#usr/share/man/man8/stunnel.fr.8
+#usr/share/man/man8/stunnel.pl.8
+var/ipfire/backup/addons/includes/stunnel
+var/lib/stunnel
+var/lib/stunnel/run
--- /dev/null
+; File: /etc/stunnel/stunnel.conf
+
+; Note: The pid and output locations are relative to the chroot location.
+
+pid = /run/stunnel.pid
+chroot = /var/lib/stunnel
+client = no
+setuid = stunnel
+setgid = stunnel
+cert = /etc/stunnel/stunnel.pem
+
+;debug = 7
+;output = stunnel.log
+
+;[https]
+;accept = 443
+;connect = 80
+;; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SSL
+;; Microsoft implementations do not use SSL close-notify alert and thus
+;; they are vulnerable to truncation attacks
+;TIMEOUTclose = 0
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
+WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: proxy reports today
WARNING: untranslated string: proxy reports weekly
WARNING: untranslated string: qos enter bandwidths
+WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: red1
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
+WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: proxy reports today
WARNING: untranslated string: proxy reports weekly
WARNING: untranslated string: qos enter bandwidths
+WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: red1
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
+WARNING: untranslated string: atm device
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: p2p block
WARNING: untranslated string: p2p block save notice
WARNING: untranslated string: qos enter bandwidths
+WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: red1
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
+WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: proxy reports today
WARNING: untranslated string: proxy reports weekly
WARNING: untranslated string: qos enter bandwidths
+WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: red1
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
+WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: proxy reports today
WARNING: untranslated string: proxy reports weekly
WARNING: untranslated string: qos enter bandwidths
+WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: red1
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
+WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
< age shour
< age sminute
< age ssecond
+< atm device
< attention
< bit
< ccd add
< proxy reports today
< proxy reports weekly
< qos enter bandwidths
+< random number generator daemon
< red1
< server restart
< snat new source ip address
< age sminute
< age ssecond
< Async logging enabled
+< atm device
< attention
< bit
< ccd add
< proxy reports today
< proxy reports weekly
< qos enter bandwidths
+< random number generator daemon
< red1
< server restart
< Set time on boot
< age shour
< age sminute
< age ssecond
+< atm device
< attention
< bit
< ccd add
< proxy reports today
< proxy reports weekly
< qos enter bandwidths
+< random number generator daemon
< red1
< server restart
< snat new source ip address
< age shour
< age sminute
< age ssecond
+< atm device
< attention
< bit
< ccd add
< proxy reports today
< proxy reports weekly
< qos enter bandwidths
+< random number generator daemon
< red1
< server restart
< snat new source ip address
$message = $Lang::tr{'no hardware random number generator'};
}
+ my $rngd_status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td>";
+ if (&rngd_is_running()) {
+ $rngd_status = "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td>";
+ }
+
&Header::openbox('100%', 'center', $Lang::tr{'hardware support'});
print <<EOF;
<p style="color: $message_colour; text-align: center;">$message</p>
+
+ <table width='80%' cellspacing='1' class='tbl'>
+ <tr>
+ <th align='center'><b>$Lang::tr{'service'}</b></th>
+ <th align='center'><b>$Lang::tr{'status'}</b></th>
+ </tr>
+ <tr>
+ <td align='center'>
+ $Lang::tr{'random number generator daemon'}
+ </td>
+ $rngd_status
+ </tr>
+ </table>
EOF
&Header::closebox();
return 0;
}
+
+sub rngd_is_running() {
+ return (-e "/var/run/rngd.pid");
+}
push (@nat_ifaces,&fwlib::get_nat_address($$hash{$key}[29],$val));
}
@nat_ifaces=&del_double(@nat_ifaces);
- $natstring = join(', ', @nat_ifaces);
+ $natstring = "";
}else{
- $natstring = $$hash{$key}[29];
+ $natstring = "($$hash{$key}[29])";
}
- print "$Lang::tr{'firewall'} ($natstring)";
+ print "$Lang::tr{'firewall'} $natstring";
if($$hash{$key}[30] ne ''){
$$hash{$key}[30]=~ tr/|/,/;
print": $$hash{$key}[30]";
if (($pppsettings{'VPI'} eq '0') && ($pppsettings{'VCI'} eq '0')) {
$errormessage = $Lang::tr{'invalid vpi vpci'};
goto ERROR; }
+ if ($pppsettings{'ATM_DEV'} eq '') {
+ $errormessage = $Lang::tr{'invalid input'};
+ goto ERROR; }
if ( $pppsettings{'PROTOCOL'} eq '' ) {
$errormessage = $Lang::tr{'invalid input'};
goto ERROR; }
print <<END
<tr>
- <td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'adsl settings'}:</b></td>
+ <td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'atm settings'}:</b></td>
<tr>
-
+ <td nowrap='nowrap'>$Lang::tr{'atm device'}</td>
+ <td><input type='text' size='5' name='ATM_DEV' value='$pppsettings{'ATM_DEV'}' /></td>
<td> $Lang::tr{'encapsulation'}:</td>
- <td colspan='2' width='30%'>
+ <td>
<select name='ENCAP'>
<option value='0' $selected{'ENCAP'}{'0'}>LLC</option>
<option value='1' $selected{'ENCAP'}{'1'}>VCmux</option>
</td>
</tr>
<tr>
-
<td nowrap='nowrap'>$Lang::tr{'vpi number'}</td>
<td><input type='text' size='5' name='VPI' value='$pppsettings{'VPI'}' /></td>
- <td align='right'>$Lang::tr{'vci number'}</td>
- <td colspan='2'><input type='text' size='5' name='VCI' value='$pppsettings{'VCI'}' /></td>
+ <td> $Lang::tr{'vci number'}</td>
+ <td><input type='text' size='5' name='VCI' value='$pppsettings{'VCI'}' /></td>
</tr>
END
;
$pppsettings{'ENCAP'} = '0';
$pppsettings{'VPI'} = '1';
$pppsettings{'VCI'} = '32';
+ $pppsettings{'ATM_DEV'} = '0';
$pppsettings{'PPTP_PEER'} = '10.0.0.138';
$pppsettings{'PPTP_NICCFG'} = '10.0.0.140/24 broadcast 10.0.0.255';
$pppsettings{'PPTP_ROUTE'} = '';
'admin user password has been changed' => 'Passwort für Benutzer admin wurde geändert.',
'admin users' => 'Liste der Benutzer mit Super User Rechten',
'administrator user password' => 'Passwort für Benutzer "admin":',
-'adsl settings' => 'ADSL-Einstellungen',
'advanced' => 'Erweitert',
'advanced server' => 'Erweiterte Server-Optionen',
'advproxy AUTH always required' => 'Authentifizierung für uneingeschränkte Quelladressen erforderlich',
'are you sure' => 'Sind Sie sicher?',
'arp table entries' => 'Einträge der ARP-Tabelle',
'artist' => 'Künstler',
+'atm device' => 'Device:',
+'atm settings' => 'ATM-Einstellungen',
'attemps' => 'Versuche',
'attention' => 'ACHTUNG',
'august' => 'August',
'qos warning' => 'Die Regel <strong>muss</strong> wieder gespeichert werden, ansonsten wird sie verworfen!',
'quick playlist' => 'Quick Playlist',
'ram' => 'RAM-Speicher',
+'random number generator daemon' => 'Random Number Generator Daemon',
'read bytes' => 'Gelesene Bytes',
'read list' => 'Liste der Leseberechtigten',
'real address' => 'Reale Addresse',
'admin user password has been changed' => 'Admin user password has been changed.',
'admin users' => 'User with superuser rights',
'administrator user password' => 'Admin user password:',
-'adsl settings' => 'ADSL settings',
'advanced' => 'Advanced',
'advanced server' => 'Advanced server options',
'advproxy AUTH always required' => 'Require authentication for unrestricted source addresses',
'are you sure' => 'Are you sure?',
'arp table entries' => 'ARP Table Entries',
'artist' => 'Artist',
+'atm device' => 'Device:',
+'atm settings' => 'ATM settings',
'attemps' => 'Attempts',
'attention' => 'ATTENTION',
'august' => 'August',
'quick control' => 'Quick Control',
'quick playlist' => 'Quick Playlist',
'ram' => 'RAM',
+'random number generator daemon' => 'Random Number Generator Daemon',
'read bytes' => 'Read Bytes',
'read list' => 'list with readonly hosts',
'real address' => 'Real Address',
'admin user password has been changed' => 'El password del usuario Admin ha cambiado',
'admin users' => 'Usuario con niveles de superusuario (root)',
'administrator user password' => 'Contraseña del usuario Admin:',
-'adsl settings' => 'Configuraciones ADSL',
'advanced' => 'Avanzadas',
'advanced server' => 'Opciones avanzadas de servidor',
'advproxy AUTH always required' => 'Se necesita autentificación para acceso irrestricto de direcciones de orígen',
'are you sure' => '¿Esta seguro?',
'arp table entries' => 'Tabla de entradas ARP:',
'artist' => 'Artista',
+'atm settings' => 'Configuraciones ATM',
'attemps' => 'Intentos',
'august' => 'Agosto',
'authentication' => 'Autenticación',
'admin user password has been changed' => 'Le mot de passe admin a été changé.',
'admin users' => 'Utilisateur avec droits super-utilisateur',
'administrator user password' => 'Mot de passe de l\'administrateur:',
-'adsl settings' => 'Réglages ADSL',
'advanced' => 'Avancé',
'advanced server' => 'Options avancées du serveur',
'advproxy AUTH always required' => 'Exige l\'authentification pour un accès sans restriction des adresses sources',
'are you sure' => 'Etes vous sûr ?',
'arp table entries' => 'Table d\'entrées ARP:',
'artist' => 'Artiste',
+'atm settings' => 'Réglages ATM',
'attemps' => 'Tentatives',
'august' => 'Août',
'authentication' => 'Authentification :',
'admin user password has been changed' => 'Beheerderswachtwoord is gewijzigd.',
'admin users' => 'Gebruiker met beheerdersrechten.',
'administrator user password' => 'Beheerderswachtwoord:',
-'adsl settings' => 'ADSL instellingen',
'advanced' => 'Geavanceerd',
'advanced server' => 'Geavanceerde server opties',
'advproxy AUTH always required' => 'Authenticatie vereist voor ongelimiteerde bronadressen.',
'are you sure' => 'Weet u het zeker?',
'arp table entries' => 'ARP Tabelingangen:',
'artist' => 'Artiest',
+'atm settings' => 'ATM instellingen',
'attemps' => 'Pogingen',
'attention' => 'LET OP',
'august' => 'Augustus',
'admin user password has been changed' => 'Hasło administratora zostało zmienione.',
'admin users' => 'Użytkownik prawami superużytkownika',
'administrator user password' => 'Hasło administratora:',
-'adsl settings' => 'Ustawienia ADSL',
'advanced' => 'Zaawansowane',
'advanced server' => 'Zaawansowane ustawienia serwera',
'advproxy AUTH always required' => 'Wymagaj autoryzacji dla adresów źródłowych bez ograniczeń',
'are you sure' => 'Jesteś pewien?',
'arp table entries' => 'Wpisy tabeli ARP:',
'artist' => 'Artysta',
+'atm settings' => 'Ustawienia ATM',
'attemps' => 'Prób',
'august' => 'Sierpień',
'authentication' => 'Uwierzytelnianie:',
'admin user password has been changed' => 'Пароль пользователя Admin был изменён.',
'admin users' => 'Пользователь с правами суперадминистратора',
'administrator user password' => 'Пароль пользователя Admin:',
-'adsl settings' => 'Настройки ADSL',
'advanced' => 'Дополнительно',
'advanced server' => 'Дополнительные настройки сервера',
'advproxy AUTH always required' => 'Требовать аутентификацию у незарегистрированных адресов',
'are you sure' => 'Вы уверены?',
'arp table entries' => 'Записи ARP-таблицы:',
'artist' => 'Artist',
+'atm settings' => 'Настройки ATM',
'attemps' => 'Попытки',
'august' => 'Август',
'authentication' => 'Аутентификация:',
'admin user password has been changed' => 'Yönetici kullanıcı şifresi değiştirildi.',
'admin users' => 'Yetkili kullanıcı hakları ile kullanıcı',
'administrator user password' => 'Admin kullanıcı parolası:',
-'adsl settings' => 'ADSL ayarları',
'advanced' => 'Gelişmiş',
'advanced server' => 'Gelişmiş Sunucu Seçenekleri',
'advproxy AUTH always required' => 'Sınırsız kaynak adresleri için kimlik doğrulaması iste',
'are you sure' => 'Emin misiniz?',
'arp table entries' => 'ARP tablosu girdileri:',
'artist' => 'Sanatçı',
+'atm settings' => 'ATM ayarları',
'attemps' => 'Girişim',
'attention' => 'DİKKAT',
'august' => 'Ağustos',
endif
# /boot: 64MB - OFFSET
-# / : 600MB
+# / : 700MB
S_BOOT := $(shell echo $$(( 131072 - $(S_OFFSET) )))
-S_ROOT := 1228800
+S_ROOT := 1433600
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
rm -rf $(MNThdd) $(IMGinst) $(IMGpart) $(IMGboot) $(IMGroot) && mkdir -p $(MNThdd)
VER = 3.10.38
-RPI_PATCHES = linux-3.10.34-grsec-dea8280
+RPI_PATCHES = linux-3.10.38-grsec-1b49b45
GRS_PATCHES = grsecurity-2.9.1-3.10.38-ipfire1.patch.xz
THISAPP = linux-$(VER)
$(GRS_PATCHES) = $(URL_IPFIRE)/$(GRS_PATCHES)
$(DL_FILE)_MD5 = cef991f05d2d1a15f08ca88ac31ee83e
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = 522683db031f7033b1b5dfe1b1f30e67
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = a7408e8bad57b4b2cb677dd5a0bfb7ff
$(GRS_PATCHES)_MD5 = a50ac65d64c72badd21695c2294f8548
install : $(TARGET)
include Config
-VER = 2.6
+VER = 2.7c
THISAPP = Pound-$(VER)
DL_FILE = $(THISAPP).tgz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = pound
-PAK_VER = 5
+PAK_VER = 6
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 8c913b527332694943c4c67c8f152071
+$(DL_FILE)_MD5 = 56dace6b79c6be1d25b31355269c380a
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -p4 < $(DIR_SRC)/src/patches/pound-2.6.patch
- cd $(DIR_APP) && patch -p1 < $(DIR_SRC)/src/patches/Pound-2.6-reneg-ciphers-altnames-nosslv2.patch
- cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc --enable-cert1l
+ cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
install -v -m 644 $(DIR_SRC)/config/backup/includes/pound \
/var/ipfire/backup/addons/includes/pound
- ln -sf ../init.d/pound /etc/rc.d/rc3.d/S60pound
- ln -sf ../init.d/pound /etc/rc.d/rc0.d/K40pound
- ln -sf ../init.d/pound /etc/rc.d/rc6.d/K40pound
# Remove temporary file.
rm -vf /root/.rnd
include Config
-VER = 18a7921
+VER = cd50136
THISAPP = rpi-firmware-$(VER)
DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 07a83d2700fb73aad67154c9e74901f3
+$(DL_FILE)_MD5 = fced022c0e646affae0d5d5543f59054
install : $(TARGET)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 5.01
+
+THISAPP = stunnel-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = stunnel
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 7b63266b6fa05da696729e245100da65
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+
+ # Create secure directory
+ install -v -m750 -o stunnel -g stunnel -d /var/lib/stunnel/run
+ chown -v stunnel:stunnel /var/lib/stunnel
+
+ # Install default configuration
+ -mkdir -pv /etc/stunnel
+ install -v -m 644 $(DIR_SRC)/config/stunnel/stunnel.conf \
+ /etc/stunnel
+
+ # Install backup include
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/stunnel \
+ /var/ipfire/backup/addons/includes
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
ipfiremake wavemon
ipfiremake iptraf-ng
ipfiremake iotop
+ ipfiremake stunnel
}
buildinstaller() {
ipfiremake cdrom
# Check if there is a loop device for building in virtual environments
- if [ $BUILD_IMAGES == 1 ] && ([ -e /dev/loop/0 ] || [ -e /dev/loop0 ]); then
+ modprobe loop 2>/dev/null
+ if [ $BUILD_IMAGES == 1 ] && ([ -e /dev/loop/0 ] || [ -e /dev/loop0 ] || [ -e "/dev/loop-control" ]); then
ipfiremake flash-images
fi
case "$1" in
start)
boot_mesg "Starting fcron..."
+ chown cron:cron /var/spool/cron
loadproc /usr/sbin/fcron -y
# remove -y to reenable fcron logging
;;
#Define some defaults
INET_VLAN=7
IPTV_VLAN=8
+ATM_DEV=0
eval $(/usr/local/bin/readhash /var/ipfire/main/settings)
if [ "$RRDLOG" == "" ]; then
if [ "$TYPE" == "pppoeatm" ] || [ "$TYPE" == "pptpatm" ]; then
- PPP_NIC=nas0
- DEVICE=nas0
+ PPP_NIC=nas${ATM_DEV}
+ DEVICE=nas${ATM_DEV}
boot_mesg "Createing ATM-Bridge as $PPP_NIC ..."
- br2684ctl -c0 -e${ENCAP} -a0.${VPI}.${VCI} >/dev/null 2>&1 &
+ br2684ctl -c${ATM_DEV} -e${ENCAP} -a${ATM_DEV}.${VPI}.${VCI} >/dev/null 2>&1 &
sleep 1
# use user-defined or green mac address for nas0
if [ -n "$MAC" ]; then
- ip link set dev nas0 address ${MAC}
+ ip link set dev nas${ATM_DEV} address ${MAC}
else
- ip link set dev nas0 address $(cat /sys/class/net/green0/address)
+ ip link set dev nas${ATM_DEV} address $(cat /sys/class/net/green0/address)
fi
if [ "$TYPE" == "pppoeatm" ]; then
--- /dev/null
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/stunnel
+#
+# Description : Provides an SSL encryption wrapper.
+#
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+case "$1" in
+ start)
+ boot_mesg "Starting the Stunnel Daemon..."
+ loadproc /usr/bin/stunnel
+ ;;
+
+ stop)
+ boot_mesg "Stopping the Stunnel Daemon..."
+ killproc /usr/bin/stunnel
+ ;;
+
+ restart)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+
+ status)
+ statusproc /usr/bin/stunnel
+ ;;
+
+ *)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/stunnel
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+
+# Create Username and group.
+getent passwd stunnel >/dev/null || \
+ useradd -u 51 -g stunnel -d /var/lib/stunnel -s /bin/false \
+ -c "stunnel Daemon" stunnel
+
+extract_files
+ln -svf ../init.d/stunnel /etc/rc.d/rc3.d/S65stunnel
+ln -svf ../init.d/stunnel /etc/rc.d/rc0.d/K35stunnel
+ln -svf ../init.d/stunnel /etc/rc.d/rc6.d/K35stunnel
+
+restore_backup ${NAME}
+start_service --background ${NAME}
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+stop_service ${NAME}
+make_backup ${NAME}
+remove_files
+rm -rf /etc/rc.d/rc*.d/*stunnel
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+./uninstall.sh
+./install.sh