Merge commit '961f3dbcd8675f8b62ecd2404a709e47ec2ae343' into fifteen
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 8 Jan 2014 14:01:24 +0000 (15:01 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 8 Jan 2014 14:01:24 +0000 (15:01 +0100)
52 files changed:
config/rootfiles/core/fifteen/filelists/apache2 [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/binutils [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/dracut [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/gcc [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/initscripts [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/linux-kirkwood [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/linux-multi [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/linux-rpi [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/lm_sensors [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/rpi-firmware [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/u-boot [new symlink]
config/rootfiles/core/fifteen/filelists/armv5tel/util-linux [new symlink]
config/rootfiles/core/fifteen/filelists/bridge-utils [new symlink]
config/rootfiles/core/fifteen/filelists/cyrus-sasl [new symlink]
config/rootfiles/core/fifteen/filelists/dosfstools [new symlink]
config/rootfiles/core/fifteen/filelists/files
config/rootfiles/core/fifteen/filelists/fireinfo [new symlink]
config/rootfiles/core/fifteen/filelists/i586/binutils [new symlink]
config/rootfiles/core/fifteen/filelists/i586/dracut [new symlink]
config/rootfiles/core/fifteen/filelists/i586/gcc [new symlink]
config/rootfiles/core/fifteen/filelists/i586/grub [new symlink]
config/rootfiles/core/fifteen/filelists/i586/initscripts [new symlink]
config/rootfiles/core/fifteen/filelists/i586/linux [new symlink]
config/rootfiles/core/fifteen/filelists/i586/lm_sensors [new symlink]
config/rootfiles/core/fifteen/filelists/i586/util-linux [new symlink]
config/rootfiles/core/fifteen/filelists/iptables [new symlink]
config/rootfiles/core/fifteen/filelists/iw [new symlink]
config/rootfiles/core/fifteen/filelists/kmod [new symlink]
config/rootfiles/core/fifteen/filelists/libnl [new symlink]
config/rootfiles/core/fifteen/filelists/libusbx [new symlink]
config/rootfiles/core/fifteen/filelists/mysql-libs [new symlink]
config/rootfiles/core/fifteen/filelists/net-tools [new symlink]
config/rootfiles/core/fifteen/filelists/setup [new symlink]
config/rootfiles/core/fifteen/filelists/udev [new symlink]
config/rootfiles/core/fifteen/filelists/usbutils [new symlink]
config/rootfiles/core/fifteen/filelists/xz [new symlink]
config/rootfiles/core/fifteen/update.sh
doc/language_issues.de
doc/language_issues.en
doc/language_issues.es
doc/language_issues.fr
doc/language_issues.nl
doc/language_issues.pl
doc/language_issues.ru
doc/language_issues.tr
doc/language_missings
html/cgi-bin/ovpnmain.cgi
html/cgi-bin/vpnmain.cgi
langs/de/cgi-bin/de.pl
langs/en/cgi-bin/en.pl
lfs/initrd
lfs/mysql

diff --git a/config/rootfiles/core/fifteen/filelists/apache2 b/config/rootfiles/core/fifteen/filelists/apache2
new file mode 120000 (symlink)
index 0000000..eef95ef
--- /dev/null
@@ -0,0 +1 @@
+../../../common/apache2
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/binutils b/config/rootfiles/core/fifteen/filelists/armv5tel/binutils
new file mode 120000 (symlink)
index 0000000..ac971f9
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/binutils
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/dracut b/config/rootfiles/core/fifteen/filelists/armv5tel/dracut
new file mode 120000 (symlink)
index 0000000..861df3f
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/dracut
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/gcc b/config/rootfiles/core/fifteen/filelists/armv5tel/gcc
new file mode 120000 (symlink)
index 0000000..84f7b93
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/gcc
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/initscripts b/config/rootfiles/core/fifteen/filelists/armv5tel/initscripts
new file mode 120000 (symlink)
index 0000000..af1d762
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/initscripts
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/linux-kirkwood b/config/rootfiles/core/fifteen/filelists/armv5tel/linux-kirkwood
new file mode 120000 (symlink)
index 0000000..7217107
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/linux-kirkwood
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/linux-multi b/config/rootfiles/core/fifteen/filelists/armv5tel/linux-multi
new file mode 120000 (symlink)
index 0000000..204eb4c
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/linux-multi
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/linux-rpi b/config/rootfiles/core/fifteen/filelists/armv5tel/linux-rpi
new file mode 120000 (symlink)
index 0000000..a651a49
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/linux-rpi
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/lm_sensors b/config/rootfiles/core/fifteen/filelists/armv5tel/lm_sensors
new file mode 120000 (symlink)
index 0000000..eec84cd
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/lm_sensors
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/rpi-firmware b/config/rootfiles/core/fifteen/filelists/armv5tel/rpi-firmware
new file mode 120000 (symlink)
index 0000000..428fdf8
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/rpi-firmware
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/u-boot b/config/rootfiles/core/fifteen/filelists/armv5tel/u-boot
new file mode 120000 (symlink)
index 0000000..3df31a8
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/u-boot
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/armv5tel/util-linux b/config/rootfiles/core/fifteen/filelists/armv5tel/util-linux
new file mode 120000 (symlink)
index 0000000..2596908
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/armv5tel/util-linux
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/bridge-utils b/config/rootfiles/core/fifteen/filelists/bridge-utils
new file mode 120000 (symlink)
index 0000000..3dee211
--- /dev/null
@@ -0,0 +1 @@
+../../../common/bridge-utils
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/cyrus-sasl b/config/rootfiles/core/fifteen/filelists/cyrus-sasl
new file mode 120000 (symlink)
index 0000000..bb51b4c
--- /dev/null
@@ -0,0 +1 @@
+../../../common/cyrus-sasl
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/dosfstools b/config/rootfiles/core/fifteen/filelists/dosfstools
new file mode 120000 (symlink)
index 0000000..087ccb0
--- /dev/null
@@ -0,0 +1 @@
+../../../common/dosfstools
\ No newline at end of file
index 0f3a7e9c2ec70004db98727cbdd047d0d062c4dd..ff725c916a87ed0a8adac23aa164ea2cd465b7cf 100644 (file)
@@ -1,5 +1,6 @@
 etc/system-release
 etc/issue
+etc/collectd.conf
 etc/rc.d/init.d/network
 srv/web/ipfire/cgi-bin/credits.cgi
 srv/web/ipfire/cgi-bin/gui.cgi
@@ -15,9 +16,11 @@ srv/web/ipfire/html/themes/darkdos
 srv/web/ipfire/html/themes/ipfire
 srv/web/ipfire/html/themes/ipfire-legacy
 srv/web/ipfire/html/themes/maniac
+usr/local/bin/setddns.pl
 var/ipfire/backup/bin/backup.pl
 var/ipfire/backup/exclude
 var/ipfire/backup/include
 var/ipfire/general-functions.pl
 var/ipfire/header.pl
+var/ipfire/graphs.pl
 var/ipfire/langs
diff --git a/config/rootfiles/core/fifteen/filelists/fireinfo b/config/rootfiles/core/fifteen/filelists/fireinfo
new file mode 120000 (symlink)
index 0000000..c461155
--- /dev/null
@@ -0,0 +1 @@
+../../../common/fireinfo
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/binutils b/config/rootfiles/core/fifteen/filelists/i586/binutils
new file mode 120000 (symlink)
index 0000000..78695d7
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/binutils
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/dracut b/config/rootfiles/core/fifteen/filelists/i586/dracut
new file mode 120000 (symlink)
index 0000000..9a09010
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/dracut
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/gcc b/config/rootfiles/core/fifteen/filelists/i586/gcc
new file mode 120000 (symlink)
index 0000000..ba328e3
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/gcc
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/grub b/config/rootfiles/core/fifteen/filelists/i586/grub
new file mode 120000 (symlink)
index 0000000..feb236a
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/grub
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/initscripts b/config/rootfiles/core/fifteen/filelists/i586/initscripts
new file mode 120000 (symlink)
index 0000000..12d8770
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/initscripts
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/linux b/config/rootfiles/core/fifteen/filelists/i586/linux
new file mode 120000 (symlink)
index 0000000..693ec4b
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/linux
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/lm_sensors b/config/rootfiles/core/fifteen/filelists/i586/lm_sensors
new file mode 120000 (symlink)
index 0000000..17d6c01
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/lm_sensors
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/i586/util-linux b/config/rootfiles/core/fifteen/filelists/i586/util-linux
new file mode 120000 (symlink)
index 0000000..c973106
--- /dev/null
@@ -0,0 +1 @@
+../../../../common/i586/util-linux
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/iptables b/config/rootfiles/core/fifteen/filelists/iptables
new file mode 120000 (symlink)
index 0000000..8caf12b
--- /dev/null
@@ -0,0 +1 @@
+../../../common/iptables
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/iw b/config/rootfiles/core/fifteen/filelists/iw
new file mode 120000 (symlink)
index 0000000..7c58a20
--- /dev/null
@@ -0,0 +1 @@
+../../../common/iw
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/kmod b/config/rootfiles/core/fifteen/filelists/kmod
new file mode 120000 (symlink)
index 0000000..0020e19
--- /dev/null
@@ -0,0 +1 @@
+../../../common/kmod
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/libnl b/config/rootfiles/core/fifteen/filelists/libnl
new file mode 120000 (symlink)
index 0000000..7181849
--- /dev/null
@@ -0,0 +1 @@
+../../../common/libnl
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/libusbx b/config/rootfiles/core/fifteen/filelists/libusbx
new file mode 120000 (symlink)
index 0000000..96c9995
--- /dev/null
@@ -0,0 +1 @@
+../../../common/libusbx
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/mysql-libs b/config/rootfiles/core/fifteen/filelists/mysql-libs
new file mode 120000 (symlink)
index 0000000..c63bc7f
--- /dev/null
@@ -0,0 +1 @@
+../../../common/mysql-libs
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/net-tools b/config/rootfiles/core/fifteen/filelists/net-tools
new file mode 120000 (symlink)
index 0000000..bac6b00
--- /dev/null
@@ -0,0 +1 @@
+../../../common/net-tools
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/setup b/config/rootfiles/core/fifteen/filelists/setup
new file mode 120000 (symlink)
index 0000000..209374b
--- /dev/null
@@ -0,0 +1 @@
+../../../common/setup
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/udev b/config/rootfiles/core/fifteen/filelists/udev
new file mode 120000 (symlink)
index 0000000..e967a1c
--- /dev/null
@@ -0,0 +1 @@
+../../../common/udev
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/usbutils b/config/rootfiles/core/fifteen/filelists/usbutils
new file mode 120000 (symlink)
index 0000000..31db5a7
--- /dev/null
@@ -0,0 +1 @@
+../../../common/usbutils
\ No newline at end of file
diff --git a/config/rootfiles/core/fifteen/filelists/xz b/config/rootfiles/core/fifteen/filelists/xz
new file mode 120000 (symlink)
index 0000000..734e926
--- /dev/null
@@ -0,0 +1 @@
+../../../common/xz
\ No newline at end of file
index 4a5697214c90578b6dcbf0e7101971a72946052c..a31f7d349470d3f1a0959395cfa1914ef348eeca 100644 (file)
 . /opt/pakfire/lib/functions.sh
 /usr/local/bin/backupctrl exclude >/dev/null 2>&1
 
+function add_to_backup ()
+{
+       # Add path to ROOTFILES but remove old entries to prevent double
+       # files in the tar
+       grep -v "^$1" /opt/pakfire/tmp/ROOTFILES > /opt/pakfire/tmp/ROOTFILES.tmp
+       mv /opt/pakfire/tmp/ROOTFILES.tmp /opt/pakfire/tmp/ROOTFILES
+       echo $1 >> /opt/pakfire/tmp/ROOTFILES
+}
+
 #
 # Remove old core updates from pakfire cache to save space...
-core=74
+core=76
 for (( i=1; i<=$core; i++ ))
 do
        rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
 done
 
+#
+# Do some sanity checks.
+case $(uname -r) in
+       *-ipfire-versatile )
+               /usr/bin/logger -p syslog.emerg -t ipfire \
+                       "core-update-$core: ERROR cannot update. versatile support is dropped."
+               # Report no error to pakfire. So it does not try to install it again.
+               exit 0
+               ;;
+       *-ipfire-xen )
+               BOOTSIZE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f2 | tail -n 1`
+               if [ $BOOTSIZE -lt 28000 ]; then
+                       /usr/bin/logger -p syslog.emerg -t ipfire \
+                               "core-update-$core: ERROR cannot update because not enough space on boot."
+                       exit 2
+               fi
+               ;;
+       *-ipfire* )
+               # Ok.
+               ;;
+       * )
+               /usr/bin/logger -p syslog.emerg -t ipfire \
+                       "core-update-$core: ERROR cannot update. No IPFire Kernel."
+               exit 1
+       ;;
+esac
+
+
+#
+#
+KVER="3.10.25"
+MOUNT=`grep "kernel" /boot/grub/grub.conf 2>/dev/null | tail -n 1 `
+# Nur den letzten Parameter verwenden
+echo $MOUNT > /dev/null
+MOUNT=$_
+if [ ! $MOUNT == "rw" ]; then
+       MOUNT="ro"
+fi
+
+#
+# check if we the backup file already exist
+if [ -e /var/ipfire/backup/core-upgrade$core_$KVER.tar.xz ]; then
+    echo Moving backup to backup-old ...
+    mv -f /var/ipfire/backup/core-upgrade$core_$KVER.tar.xz \
+       /var/ipfire/backup/core-upgrade$core_$KVER-old.tar.xz
+fi
+echo First we made a backup of all files that was inside of the
+echo update archive. This may take a while ...
+# Add some files that are not in the package to backup
+add_to_backup lib/modules
+add_to_backup etc/udev
+add_to_backup lib/udev
+add_to_backup boot
+add_to_backup etc/sysconfig/lm_sensors
+add_to_backup etc/sysconfig/rc.local
+add_to_backup srv/web/ipfire/html/themes/ipfire
+add_to_backup usr/lib/engines
+add_to_backup etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
+add_to_backup etc/rc.d/init.d/networking/red.up/25-portfw
+add_to_backup etc/rc.d/init.d/networking/red.up/26-xtaccess
+add_to_backup usr/local/bin/setportfw
+add_to_backup usr/local/bin/setdmzholes
+add_to_backup usr/local/bin/setxtaccess
+add_to_backup usr/local/bin/outgoingfwctrl
+add_to_backup srv/web/ipfire/cgi-bin/{dmzholes,outgoingfw,portfw,xtaccess}.cgi
+add_to_backup var/ipfire/{dmzholes,portfw,outgoing,xtaccess}
+
+# Backup the files
+tar cJvf /var/ipfire/backup/core-upgrade$core_$KVER.tar.xz \
+    -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' --exclude='/var/cache' > /dev/null 2>&1
+
+# Check diskspace on root
+ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $ROOTSPACE -lt 70000 ]; then
+       /usr/bin/logger -p syslog.emerg -t ipfire \
+               "core-update-$core: ERROR cannot update because not enough free space on root."
+       exit 2
+fi
+
+
+echo
+echo Update Kernel to $KVER ...
+#
+# Remove old kernel, configs, initrd, modules ...
+#
+rm -rf /boot/System.map-*
+rm -rf /boot/config-*
+rm -rf /boot/ipfirerd-*
+rm -rf /boot/vmlinuz-*
+rm -rf /boot/uImage-ipfire-*
+rm -rf /boot/uInit-ipfire-*
+rm -rf /lib/modules
+
+#
+# Remove old udev rules.
+#
+if [ -e /etc/udev/rules.d/29-ct-server-network.rules ]; then
+       cp /etc/udev/rules.d/29-ct-server-network.rules /tmp/
+fi
+cp /etc/udev/rules.d/30-persistent-network.rules /tmp/
+rm -rf /etc/udev
+rm -rf /lib/udev
+mkdir -p /etc/udev/rules.d
+if [ -e /tmp/rules.d/29-ct-server-network.rules ]; then
+       mv /tmp/29-ct-server-network.rules /etc/udev/rules.d/
+fi
+mv /tmp/30-persistent-network.rules /etc/udev/rules.d/
+
+case $(uname -m) in
+       i?86 )
+               #
+               # Backup grub.conf
+               #
+               cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org
+       ;;
+esac
+#
+#Stop services
+/etc/init.d/snort stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+/etc/init.d/apache stop
+
 # Remove the old default theme
 rm -rf /srv/web/ipfire/html/themes/ipfire
 
-# Stop services
+#
+#Extract files
+tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
 
+# Check diskspace on boot
+BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
 
-# Extract files
-extract_files
+if [ $BOOTSPACE -lt 1000 ]; then
+       case $(uname -r) in
+               *-ipfire-kirkwood )
+                       # Special handling for old kirkwood images.
+                       # (install only kirkwood kernel)
+                       rm -rf /boot/*
+                       tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \
+                               --numeric-owner -C / --wildcards 'boot/*-kirkwood*'
+                       ;;
+               * )
+                       /usr/bin/logger -p syslog.emerg -t ipfire \
+                               "core-update-$core: FATAL-ERROR space run out on boot. System is not bootable..."
+                       /etc/init.d/apache start
+                       exit 4
+                       ;;
+       esac
+fi
 
-# Start services
+#
+#Reload init to close old linker/glibc
+telinit u
 
+# Regenerate ipsec configuration files.
+/srv/web/ipfire/cgi-bin/vpnmain.cgi
 
 # Update Language cache
 perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
@@ -82,16 +238,128 @@ rm -f /srv/web/ipfire/cgi-bin/{dmzholes,outgoingfw,portfw,xtaccess}.cgi
 # Remove old firewall configuration files
 rm -rf /var/ipfire/{dmzholes,portfw,outgoing,xtaccess}
 
-sync
+#
+# Start services
+#
+/etc/init.d/apache start
+/etc/init.d/squid start
+/etc/init.d/snort start
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+       /etc/init.d/ipsec start
+fi
+
+#
+# Rebuild qosscript if enabled
+#
+if [ -e /var/ipfire/qos/enable ]; then
+       /usr/local/bin/qosctrl stop
+       /usr/local/bin/qosctrl generate
+       /usr/local/bin/qosctrl start
+fi
+
+
+case $(uname -m) in
+       i?86 )
+               #
+               # Modify grub.conf
+               #
+               echo
+               echo Update grub configuration ...
+               ROOT=`mount | grep " / " | cut -d" " -f1`
+
+               if [ ! -z $ROOT ]; then
+                       ROOTUUID=`blkid -c /dev/null -sUUID $ROOT | cut -d'"' -f2`
+               fi
+
+               if [ ! -z $ROOTUUID ]; then
+                       sed -i "s|ROOT|UUID=$ROOTUUID|g" /boot/grub/grub.conf
+               else
+                       sed -i "s|ROOT|$ROOT|g" /boot/grub/grub.conf
+               fi
+               sed -i "s|KVER|$KVER|g" /boot/grub/grub.conf
+               sed -i "s|MOUNT|$MOUNT|g" /boot/grub/grub.conf
+
+               if [ "$(grep "^serial" /boot/grub/grub.conf.org)" == "" ]; then
+                       echo "grub use default console ..."
+               else
+                       echo "grub use serial console ..."
+                       sed -i -e "s|splashimage|#splashimage|g" /boot/grub/grub.conf
+                       sed -i -e "s|#serial|serial|g" /boot/grub/grub.conf
+                       sed -i -e "s|#terminal|terminal|g" /boot/grub/grub.conf
+                       sed -i -e "s| panic=10 | console=ttyS0,115200n8 panic=10 |g" /boot/grub/grub.conf
+               fi
+
+               #
+               # ReInstall grub
+               #
+                       echo "(hd0) ${ROOT::`expr length $ROOT`-1}" > /boot/grub/device.map
+                       grub-install --no-floppy ${ROOT::`expr length $ROOT`-1}
+       ;;
+esac
+#
+# Delete old lm-sensor modullist to force search at next boot
+#
+rm -rf /etc/sysconfig/lm_sensors
+
+
+# Force (re)install pae kernel if pae is supported
+rm -rf /opt/pakfire/db/*/meta-linux-pae
+if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
+       ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+       BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+       if [ $BOOTSPACE -lt 8000 -o $ROOTSPACE -lt 70000 ]; then
+               /usr/bin/logger -p syslog.emerg -t ipfire \
+                       "core-update-$core: WARNING not enough space for pae kernel."
+       else
+               echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
+               echo "ProgVersion: 3.10.24" >> /opt/pakfire/db/installed/meta-linux-pae
+               echo "Release: 30"     >> /opt/pakfire/db/installed/meta-linux-pae
+       fi
+fi
+
+# Force reinstall xen kernel if it was installed
+if [ -e "/opt/pakfire/db/installed/meta-linux-xen" ]; then
+       echo "Name: linux-xen" > /opt/pakfire/db/installed/meta-linux-xen
+       echo "ProgVersion: 2.6.32.60" >> /opt/pakfire/db/installed/meta-linux-xen
+       echo "Release: 24"     >> /opt/pakfire/db/installed/meta-linux-xen
+       # Add xvc0 to /etc/securetty
+       echo "xvc0" >> /etc/securetty
+fi
+
+#
+# After pakfire has ended run it again and update the lists and do upgrade
+#
+echo '#!/bin/bash'                                        >  /tmp/pak_update
+echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
+echo '    sleep 1'                                        >> /tmp/pak_update
+echo 'done'                                               >> /tmp/pak_update
+echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do'   >> /tmp/pak_update
+echo '    sleep 1'                                        >> /tmp/pak_update
+echo 'done'                                               >> /tmp/pak_update
+echo '/opt/pakfire/pakfire update -y --force'             >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
+echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
+#
+chmod +x /tmp/pak_update
+/tmp/pak_update &
 
-# This update need a reboot...
-touch /var/run/need_reboot
+sync
 
-# Finish
-# Update the fireinfo profile
+#
+#Finish
 (
        /etc/init.d/fireinfo start
        sendprofile
 ) >/dev/null 2>&1 &
 
+echo
+echo Please wait until pakfire has ended...
+echo
+#Don't report the exitcode last command
 exit 0
+
index bcc021423070a5a8b5a4ae8e99f34b6070975504..02c9990701580819134a4e751438e1f724586e50 100644 (file)
@@ -150,6 +150,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -198,7 +199,6 @@ WARNING: translation string unused: from warn email bad
 WARNING: translation string unused: fwdfw MODE1
 WARNING: translation string unused: fwdfw MODE2
 WARNING: translation string unused: fwdfw err prot_port1
-WARNING: translation string unused: fwdfw err tgt_port
 WARNING: translation string unused: fwdfw final_rule
 WARNING: translation string unused: fwdfw from
 WARNING: translation string unused: fwdfw ipsec network
@@ -572,6 +572,7 @@ WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: advproxy cache-digest
 WARNING: untranslated string: bytes
 WARNING: untranslated string: community rules
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: emerging rules
 WARNING: untranslated string: fwhost err hostip
 WARNING: untranslated string: new
index 1eccc80a2fdb9bfe2c33c67053f844b8869efa27..b6b506f6d57ffd0ca2176f13fa1a15d199ab42d4 100644 (file)
@@ -173,6 +173,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -221,7 +222,6 @@ WARNING: translation string unused: from warn email bad
 WARNING: translation string unused: fwdfw MODE1
 WARNING: translation string unused: fwdfw MODE2
 WARNING: translation string unused: fwdfw err prot_port1
-WARNING: translation string unused: fwdfw err tgt_port
 WARNING: translation string unused: fwdfw final_rule
 WARNING: translation string unused: fwdfw from
 WARNING: translation string unused: fwdfw ipsec network
index 6b6424a33983c3b6899b1ece9ccfbb56ab4c20b7..d32c90a584e7c7f34c39c16d31418521f78f98b4 100644 (file)
@@ -167,6 +167,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -595,6 +596,7 @@ WARNING: untranslated string: ccd none
 WARNING: untranslated string: ccd routes
 WARNING: untranslated string: ccd subnet
 WARNING: untranslated string: ccd used
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: default ip
 WARNING: untranslated string: deprecated fs warn
 WARNING: untranslated string: dnat address
@@ -605,6 +607,8 @@ WARNING: untranslated string: dnsforward edit an entry
 WARNING: untranslated string: dnsforward entries
 WARNING: untranslated string: dnsforward forward_server
 WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
 WARNING: untranslated string: drop action
 WARNING: untranslated string: drop action1
 WARNING: untranslated string: drop action2
@@ -664,6 +668,7 @@ WARNING: untranslated string: fwdfw err src_addr
 WARNING: untranslated string: fwdfw err tgt_addr
 WARNING: untranslated string: fwdfw err tgt_grp
 WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
 WARNING: untranslated string: fwdfw err time
 WARNING: untranslated string: fwdfw external port nat
 WARNING: untranslated string: fwdfw hint ip1
@@ -774,6 +779,8 @@ WARNING: untranslated string: fwhost used
 WARNING: untranslated string: fwhost welcome
 WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: minute
index 2f7f60d0098ca9ada5a303ce7a50b46e3638b55e..344c234d418c0333b94b4a23922e9e7ceb17bda0 100644 (file)
@@ -167,6 +167,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -597,6 +598,7 @@ WARNING: untranslated string: ccd none
 WARNING: untranslated string: ccd routes
 WARNING: untranslated string: ccd subnet
 WARNING: untranslated string: ccd used
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: default ip
 WARNING: untranslated string: deprecated fs warn
 WARNING: untranslated string: dnat address
@@ -608,6 +610,8 @@ WARNING: untranslated string: dnsforward edit an entry
 WARNING: untranslated string: dnsforward entries
 WARNING: untranslated string: dnsforward forward_server
 WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
 WARNING: untranslated string: drop action
 WARNING: untranslated string: drop action1
 WARNING: untranslated string: drop action2
@@ -667,6 +671,7 @@ WARNING: untranslated string: fwdfw err src_addr
 WARNING: untranslated string: fwdfw err tgt_addr
 WARNING: untranslated string: fwdfw err tgt_grp
 WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
 WARNING: untranslated string: fwdfw err time
 WARNING: untranslated string: fwdfw external port nat
 WARNING: untranslated string: fwdfw hint ip1
@@ -777,6 +782,8 @@ WARNING: untranslated string: fwhost used
 WARNING: untranslated string: fwhost welcome
 WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: minute
index d543069f313788ac5fd5a082536b592728b7316d..44d92e585a66753e9af4a5b217f01714c056f1d9 100644 (file)
@@ -169,6 +169,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -563,6 +564,7 @@ WARNING: untranslated string: advproxy errmsg proxy ports equal
 WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: bytes
 WARNING: untranslated string: ccd iroute2
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: default ip
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dnsforward
@@ -572,6 +574,8 @@ WARNING: untranslated string: dnsforward edit an entry
 WARNING: untranslated string: dnsforward entries
 WARNING: untranslated string: dnsforward forward_server
 WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
 WARNING: untranslated string: drop action
 WARNING: untranslated string: drop action1
 WARNING: untranslated string: drop action2
@@ -613,6 +617,7 @@ WARNING: untranslated string: fwdfw err src_addr
 WARNING: untranslated string: fwdfw err tgt_addr
 WARNING: untranslated string: fwdfw err tgt_grp
 WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
 WARNING: untranslated string: fwdfw err time
 WARNING: untranslated string: fwdfw external port nat
 WARNING: untranslated string: fwdfw hint ip1
@@ -723,6 +728,8 @@ WARNING: untranslated string: fwhost used
 WARNING: untranslated string: fwhost welcome
 WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: most preferred
index 6b6424a33983c3b6899b1ece9ccfbb56ab4c20b7..d32c90a584e7c7f34c39c16d31418521f78f98b4 100644 (file)
@@ -167,6 +167,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -595,6 +596,7 @@ WARNING: untranslated string: ccd none
 WARNING: untranslated string: ccd routes
 WARNING: untranslated string: ccd subnet
 WARNING: untranslated string: ccd used
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: default ip
 WARNING: untranslated string: deprecated fs warn
 WARNING: untranslated string: dnat address
@@ -605,6 +607,8 @@ WARNING: untranslated string: dnsforward edit an entry
 WARNING: untranslated string: dnsforward entries
 WARNING: untranslated string: dnsforward forward_server
 WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
 WARNING: untranslated string: drop action
 WARNING: untranslated string: drop action1
 WARNING: untranslated string: drop action2
@@ -664,6 +668,7 @@ WARNING: untranslated string: fwdfw err src_addr
 WARNING: untranslated string: fwdfw err tgt_addr
 WARNING: untranslated string: fwdfw err tgt_grp
 WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
 WARNING: untranslated string: fwdfw err time
 WARNING: untranslated string: fwdfw external port nat
 WARNING: untranslated string: fwdfw hint ip1
@@ -774,6 +779,8 @@ WARNING: untranslated string: fwhost used
 WARNING: untranslated string: fwhost welcome
 WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: minute
index 5a1296b544491529ed97465e3f19a408e0ad3f14..09c6930b57f033dd6edebb74c75c450f71d09f76 100644 (file)
@@ -166,6 +166,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -590,6 +591,7 @@ WARNING: untranslated string: ccd routes
 WARNING: untranslated string: ccd subnet
 WARNING: untranslated string: ccd used
 WARNING: untranslated string: community rules
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: default ip
 WARNING: untranslated string: deprecated fs warn
 WARNING: untranslated string: disk access per
@@ -601,6 +603,8 @@ WARNING: untranslated string: dnsforward edit an entry
 WARNING: untranslated string: dnsforward entries
 WARNING: untranslated string: dnsforward forward_server
 WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
 WARNING: untranslated string: drop action
 WARNING: untranslated string: drop action1
 WARNING: untranslated string: drop action2
@@ -650,6 +654,7 @@ WARNING: untranslated string: fwdfw err src_addr
 WARNING: untranslated string: fwdfw err tgt_addr
 WARNING: untranslated string: fwdfw err tgt_grp
 WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
 WARNING: untranslated string: fwdfw err time
 WARNING: untranslated string: fwdfw external port nat
 WARNING: untranslated string: fwdfw hint ip1
@@ -761,6 +766,8 @@ WARNING: untranslated string: fwhost welcome
 WARNING: untranslated string: grouptype
 WARNING: untranslated string: incoming traffic in bytes per second
 WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: minute
index 299c74d64e568eb47794a8df4651cd9446c34b7c..07ee128b380ea795dd19555c91da9c9fdffe7baa 100644 (file)
@@ -174,6 +174,7 @@ WARNING: translation string unused: eciadsl upload
 WARNING: translation string unused: edit network
 WARNING: translation string unused: edit service
 WARNING: translation string unused: editor
+WARNING: translation string unused: eg
 WARNING: translation string unused: email server can not be empty
 WARNING: translation string unused: enable javascript
 WARNING: translation string unused: enabled on
@@ -576,8 +577,11 @@ WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: advproxy errmsg proxy ports equal
 WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: bytes
+WARNING: untranslated string: dead peer detection
 WARNING: untranslated string: default ip
 WARNING: untranslated string: dnat address
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
 WARNING: untranslated string: drop action
 WARNING: untranslated string: drop action1
 WARNING: untranslated string: drop action2
@@ -619,6 +623,7 @@ WARNING: untranslated string: fwdfw err src_addr
 WARNING: untranslated string: fwdfw err tgt_addr
 WARNING: untranslated string: fwdfw err tgt_grp
 WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
 WARNING: untranslated string: fwdfw err time
 WARNING: untranslated string: fwdfw external port nat
 WARNING: untranslated string: fwdfw hint ip1
@@ -729,6 +734,8 @@ WARNING: untranslated string: fwhost used
 WARNING: untranslated string: fwhost welcome
 WARNING: untranslated string: grouptype
 WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
 WARNING: untranslated string: least preferred
 WARNING: untranslated string: lifetime
 WARNING: untranslated string: most preferred
index 86f45b004a3b4f0fed15b92ace404f7c623b7dc1..952e1e5f2a29dbc111c976c40434aed557f123c2 100644 (file)
@@ -70,6 +70,8 @@
 < dnsforward entries
 < dnsforward forward_server
 < dnsforward zone
+< dpd delay
+< dpd timeout
 < drop action
 < drop action1
 < drop action2
 < fw settings ruletable
 < grouptype
 < integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
 < least preferred
 < lifetime
 < minute
 < dnsforward entries
 < dnsforward forward_server
 < dnsforward zone
+< dpd delay
+< dpd timeout
 < drop action
 < drop action1
 < drop action2
 < fw settings ruletable
 < grouptype
 < integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
 < least preferred
 < lifetime
 < minute
 < dnsforward entries
 < dnsforward forward_server
 < dnsforward zone
+< dpd delay
+< dpd timeout
 < drop action
 < drop action1
 < drop action2
 < fw settings ruletable
 < grouptype
 < integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
 < least preferred
 < lifetime
 < minute
 < dnsforward entries
 < dnsforward forward_server
 < dnsforward zone
+< dpd delay
+< dpd timeout
 < drop action
 < drop action1
 < drop action2
 < hour-graph
 < incoming traffic in bytes per second
 < integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
 < least preferred
 < lifetime
 < minute
index 52dc6e4646d0f324e9c849cb95e93ca488aed097..c620ab09d1fa8970a2a2974a54c785244387b286 100644 (file)
@@ -4748,8 +4748,8 @@ END
            <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
        </td></form>
        <form method='post' name='frmhostcrtb'><td width='3%' align='center'>
-           <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
-           <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+           <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
+           <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
        </td></form>
        <td width='4%'>&nbsp;</td></tr>
 END
index 64bf17e93684b10b3d251d8a473443a3c6d1c921..0f60820ed3e733d44edb11b47d5f504d16e15a6d 100644 (file)
@@ -104,7 +104,8 @@ $cgiparams{'ROOTCERT_OU'} = '';
 $cgiparams{'ROOTCERT_CITY'} = '';
 $cgiparams{'ROOTCERT_STATE'} = '';
 $cgiparams{'RW_NET'} = '';
-
+$cgiparams{'DPD_DELAY'} = '30';
+$cgiparams{'DPD_TIMEOUT'} = '120';
 &Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
 
 ###
@@ -384,9 +385,27 @@ sub writeipsecfiles {
        print CONF "\tcompress=yes\n" if ($lconfighash{$key}[13] eq 'on');
 
        # Dead Peer Detection
-       print CONF "\tdpddelay=30\n";
-       print CONF "\tdpdtimeout=120\n";
-       print CONF "\tdpdaction=$lconfighash{$key}[27]\n";
+       my $dpdaction = $lconfighash{$key}[27];
+       print CONF "\tdpdaction=$dpdaction\n";
+
+       # If the dead peer detection is disabled and IKEv2 is used,
+       # dpddelay must be set to zero, too.
+       if ($dpdaction eq "none") {
+               if ($lconfighash{$key}[29] eq "ikev2") {
+                       print CONF "\tdpddelay=0\n";
+               }
+       } else {
+               my $dpddelay = $lconfighash{$key}[30];
+               if (!$dpddelay) {
+                       $dpddelay = 30;
+               }
+               print CONF "\tdpddelay=$dpddelay\n";
+               my $dpdtimeout = $lconfighash{$key}[31];
+               if (!$dpdtimeout) {
+                       $dpdtimeout = 120;
+               }
+               print CONF "\tdpdtimeout=$dpdtimeout\n";
+       }
 
        # Build Authentication details:  LEFTid RIGHTid : PSK psk
        my $psk_line;
@@ -1274,6 +1293,16 @@ END
        $cgiparams{'ONLY_PROPOSED'}     = $confighash{$cgiparams{'KEY'}}[24];
        $cgiparams{'PFS'}               = $confighash{$cgiparams{'KEY'}}[28];
        $cgiparams{'VHOST'}             = $confighash{$cgiparams{'KEY'}}[14];
+       $cgiparams{'DPD_TIMEOUT'}               = $confighash{$cgiparams{'KEY'}}[30];
+       $cgiparams{'DPD_DELAY'}         = $confighash{$cgiparams{'KEY'}}[31];
+
+       if (!$cgiparams{'DPD_DELAY'}) {
+               $cgiparams{'DPD_DELAY'} = 30;
+       }
+
+       if (!$cgiparams{'DPD_TIMEOUT'}) {
+               $cgiparams{'DPD_TIMEOUT'} = 120;
+       }
 
     } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
        $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
@@ -1748,7 +1777,7 @@ END
        my $key = $cgiparams{'KEY'};
        if (! $key) {
            $key = &General::findhasharraykey (\%confighash);
-           foreach my $i (0 .. 28) { $confighash{$key}[$i] = "";}
+           foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
        }
        $confighash{$key}[0] = $cgiparams{'ENABLED'};
        $confighash{$key}[1] = $cgiparams{'NAME'};
@@ -1788,6 +1817,8 @@ END
        $confighash{$key}[24] = $cgiparams{'ONLY_PROPOSED'};
        $confighash{$key}[28] = $cgiparams{'PFS'};
        $confighash{$key}[14] = $cgiparams{'VHOST'};
+       $confighash{$key}[30] = $cgiparams{'DPD_TIMEOUT'};
+       $confighash{$key}[31] = $cgiparams{'DPD_DELAY'};
 
        #free unused fields!
        $confighash{$key}[6] = 'off';
@@ -1823,9 +1854,17 @@ END
 
        # choose appropriate dpd action 
        if ($cgiparams{'TYPE'} eq 'host') {
-           $cgiparams{'DPD_ACTION'} = 'clear';
+               $cgiparams{'DPD_ACTION'} = 'clear';
        } else {
-           $cgiparams{'DPD_ACTION'} = 'restart';
+               $cgiparams{'DPD_ACTION'} = 'restart';
+       }
+
+       if (!$cgiparams{'DPD_DELAY'}) {
+               $cgiparams{'DPD_DELAY'} = 30;
+       }
+
+       if (!$cgiparams{'DPD_TIMEOUT'}) {
+               $cgiparams{'DPD_TIMEOUT'} = 120;
        }
 
        # Default IKE Version to v2
@@ -1869,15 +1908,6 @@ END
     $checked{'AUTH'}{'auth-dn'} = '';
     $checked{'AUTH'}{$cgiparams{'AUTH'}} = "checked='checked'";
 
-    $selected{'DPD_ACTION'}{'clear'} = '';
-    $selected{'DPD_ACTION'}{'hold'} = '';
-    $selected{'DPD_ACTION'}{'restart'} = '';
-    $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
-
-    $selected{'IKE_VERSION'}{'ikev1'} = '';
-    $selected{'IKE_VERSION'}{'ikev2'} = '';
-    $selected{'IKE_VERSION'}{$cgiparams{'IKE_VERSION'}} = "selected='selected'";
-
     &Header::showhttpheaders();
     &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
     &Header::openbigbox('100%', 'left', '', $errormessage);
@@ -1898,6 +1928,7 @@ END
     print "<form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>";
     print<<END
        <input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />
+       <input type='hidden' name='IKE_VERSION' value='$cgiparams{'IKE_VERSION'}' />
        <input type='hidden' name='IKE_ENCRYPTION' value='$cgiparams{'IKE_ENCRYPTION'}' />
        <input type='hidden' name='IKE_INTEGRITY' value='$cgiparams{'IKE_INTEGRITY'}' />
        <input type='hidden' name='IKE_GROUPTYPE' value='$cgiparams{'IKE_GROUPTYPE'}' />
@@ -1910,23 +1941,30 @@ END
        <input type='hidden' name='ONLY_PROPOSED' value='$cgiparams{'ONLY_PROPOSED'}' />
        <input type='hidden' name='PFS' value='$cgiparams{'PFS'}' />
        <input type='hidden' name='VHOST' value='$cgiparams{'VHOST'}' />
+       <input type='hidden' name='DPD_ACTION' value='$cgiparams{'DPD_ACTION'}' />
+       <input type='hidden' name='DPD_DELAY' value='$cgiparams{'DPD_DELAY'}' />
+       <input type='hidden' name='DPD_TIMEOUT' value='$cgiparams{'DPD_TIMEOUT'}' />
 END
     ;
     if ($cgiparams{'KEY'}) {
        print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
+       print "<input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />";
        print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
     }
 
-    &Header::openbox('100%', 'left', "$Lang::tr{'connection'}:");
+    &Header::openbox('100%', 'left', "$Lang::tr{'connection'}: $cgiparams{'NAME'}");
     print "<table width='100%'>";
-    print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
-    if ($cgiparams{'KEY'}) {
-       print "<td width='25%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' /><b>$cgiparams{'NAME'}</b></td>";
-    } else {
-       print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' size='30' /></td>";
+    if (!$cgiparams{'KEY'}) {
+       print <<EOF;
+               <tr>
+                       <td width='20%'>$Lang::tr{'name'}:</td>
+                       <td width='30%'>
+                               <input type='text' name='NAME' value='$cgiparams{'NAME'}' size='25' />
+                       </td>
+                       <td colspan="2"></td>
+               </tr>
+EOF
     }
-    print "<td>$Lang::tr{'enabled'}</td><td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td></tr>";
-    print '</tr><td><br /></td><tr>';
 
     my $disabled;
     my $blob;
@@ -1937,44 +1975,41 @@ END
 
     print <<END
        <tr>
-           <td class='boldbase'>$Lang::tr{'remote host/ip'}:&nbsp;$blob</td>
-           <td>
-               <input type='text' name='REMOTE' value='$cgiparams{'REMOTE'}' size='30' />
-           </td>
-           <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
-           <td>
-               <input $disabled type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' size='30' />
+               <td width='20%'>$Lang::tr{'enabled'}</td>
+               <td width='30%'>
+                       <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} />
+               </td>
+           <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'local subnet'}</td>
+           <td width='30%'>
+               <input type='text' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' size="25" />
            </td>
        </tr>
        <tr>
-           <td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
-           <td colspan='3'>
-               <input type='text' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' size='30' />
+           <td class='boldbase' width='20%'>$Lang::tr{'remote host/ip'}:&nbsp;$blob</td>
+           <td width='30%'>
+               <input type='text' name='REMOTE' value='$cgiparams{'REMOTE'}' size="25" />
+           </td>
+           <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'remote subnet'}</td>
+           <td width='30%'>
+               <input $disabled type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' size="25" />
            </td>
        </tr>
        <tr>
-           <td class='boldbase'>$Lang::tr{'vpn local id'}:<br />($Lang::tr{'eg'} <tt>&#64;xy.example.com</tt>)</td>
-           <td><input type='text' name='LOCAL_ID' value='$cgiparams{'LOCAL_ID'}' /></td>
-           <td class='boldbase'>$Lang::tr{'vpn remote id'}:</td>
-           <td><input type='text' name='REMOTE_ID' value='$cgiparams{'REMOTE_ID'}' /></td>
-       </tr><tr>
-       </tr><td><br /></td><tr>
-           <td>$Lang::tr{'vpn keyexchange'}:</td>
-           <td><select name='IKE_VERSION'>
-               <option value='ikev2' $selected{'IKE_VERSION'}{'ikev2'}>IKEv2</option>
-               <option value='ikev1' $selected{'IKE_VERSION'}{'ikev1'}>IKEv1</option>
-               </select>
+           <td class='boldbase' width='20%'>$Lang::tr{'vpn local id'}:</td>
+           <td width='30%'>
+               <input type='text' name='LOCAL_ID' value='$cgiparams{'LOCAL_ID'}' size="25" />
            </td>
-           <td>$Lang::tr{'dpd action'}:</td>
-           <td><select name='DPD_ACTION'>
-               <option value='clear' $selected{'DPD_ACTION'}{'clear'}>clear</option>
-               <option value='hold' $selected{'DPD_ACTION'}{'hold'}>hold</option>
-               <option value='restart' $selected{'DPD_ACTION'}{'restart'}>restart</option>
-               </select>
+           <td class='boldbase' width='20%'>$Lang::tr{'vpn remote id'}:</td>
+           <td width='30%'>
+               <input type='text' name='REMOTE_ID' value='$cgiparams{'REMOTE_ID'}' size="25" />
+           </td>
+       </tr>
+       <tr><td colspan="4"><br /></td></tr>
+       <tr>
+           <td class='boldbase' width='20%'>$Lang::tr{'remark title'}&nbsp;<img src='/blob.gif' alt='*' /></td>
+           <td colspan='3'>
+               <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' maxlength='50' size="73" />
            </td>
-       </tr><tr>
-           <td class='boldbase'>$Lang::tr{'remark title'}&nbsp;<img src='/blob.gif' alt='*' /></td>
-           <td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td>
        </tr>
 END
     ;
@@ -2184,6 +2219,17 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
            goto ADVANCED_ERROR;
        }
 
+       if ($cgiparams{'DPD_DELAY'} !~ /^\d+$/) {
+           $errormessage = $Lang::tr{'invalid input for dpd delay'};
+           goto ADVANCED_ERROR;
+       }
+
+       if ($cgiparams{'DPD_TIMEOUT'} !~ /^\d+$/) {
+           $errormessage = $Lang::tr{'invalid input for dpd timeout'};
+           goto ADVANCED_ERROR;
+       }
+
+       $confighash{$cgiparams{'KEY'}}[29] = $cgiparams{'IKE_VERSION'};
        $confighash{$cgiparams{'KEY'}}[18] = $cgiparams{'IKE_ENCRYPTION'};
        $confighash{$cgiparams{'KEY'}}[19] = $cgiparams{'IKE_INTEGRITY'};
        $confighash{$cgiparams{'KEY'}}[20] = $cgiparams{'IKE_GROUPTYPE'};
@@ -2197,6 +2243,9 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
        $confighash{$cgiparams{'KEY'}}[24] = $cgiparams{'ONLY_PROPOSED'};
        $confighash{$cgiparams{'KEY'}}[28] = $cgiparams{'PFS'};
        $confighash{$cgiparams{'KEY'}}[14] = $cgiparams{'VHOST'};
+       $confighash{$cgiparams{'KEY'}}[27] = $cgiparams{'DPD_ACTION'};
+       $confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'DPD_TIMEOUT'};
+       $confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'DPD_DELAY'};
        &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
        &writeipsecfiles();
        if (&vpnenabled) {
@@ -2205,6 +2254,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
        }
        goto ADVANCED_END;
     } else {
+    $cgiparams{'IKE_VERSION'}    = $confighash{$cgiparams{'KEY'}}[29];
        $cgiparams{'IKE_ENCRYPTION'} = $confighash{$cgiparams{'KEY'}}[18];
        $cgiparams{'IKE_INTEGRITY'}  = $confighash{$cgiparams{'KEY'}}[19];
        $cgiparams{'IKE_GROUPTYPE'}  = $confighash{$cgiparams{'KEY'}}[20];
@@ -2217,6 +2267,17 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
        $cgiparams{'ONLY_PROPOSED'}  = $confighash{$cgiparams{'KEY'}}[24];
        $cgiparams{'PFS'}            = $confighash{$cgiparams{'KEY'}}[28];
        $cgiparams{'VHOST'}          = $confighash{$cgiparams{'KEY'}}[14];
+       $cgiparams{'DPD_ACTION'}     = $confighash{$cgiparams{'KEY'}}[27];
+       $cgiparams{'DPD_TIMEOUT'}    = $confighash{$cgiparams{'KEY'}}[30];
+       $cgiparams{'DPD_DELAY'}      = $confighash{$cgiparams{'KEY'}}[31];
+
+       if (!$cgiparams{'DPD_DELAY'}) {
+               $cgiparams{'DPD_DELAY'} = 30;
+       }
+
+       if (!$cgiparams{'DPD_TIMEOUT'}) {
+               $cgiparams{'DPD_TIMEOUT'} = 120;
+       }
 
        if ($confighash{$cgiparams{'KEY'}}[3] eq 'net' || $confighash{$cgiparams{'KEY'}}[10]) {
            $cgiparams{'VHOST'}            = 'off';
@@ -2279,6 +2340,16 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
     $checked{'PFS'} = $cgiparams{'PFS'} eq 'on' ? "checked='checked'" : '' ;
     $checked{'VHOST'} = $cgiparams{'VHOST'} eq 'on' ? "checked='checked'" : '' ;
 
+    $selected{'IKE_VERSION'}{'ikev1'} = '';
+    $selected{'IKE_VERSION'}{'ikev2'} = '';
+    $selected{'IKE_VERSION'}{$cgiparams{'IKE_VERSION'}} = "selected='selected'";
+
+    $selected{'DPD_ACTION'}{'clear'} = '';
+    $selected{'DPD_ACTION'}{'hold'} = '';
+    $selected{'DPD_ACTION'}{'restart'} = '';
+    $selected{'DPD_ACTION'}{'none'} = '';
+    $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
+
     &Header::showhttpheaders();
     &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
     &Header::openbigbox('100%', 'left', '', $errormessage);
@@ -2306,14 +2377,24 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
     <table width='100%'>
        <thead>
                <tr>
-                       <th></th>
+                       <th width="15%"></th>
                        <th>IKE</th>
                        <th>ESP</th>
                </tr>
        </thead>
        <tbody>
                <tr>
-                       <td class='boldbase'>$Lang::tr{'encryption'}</td>
+                       <td>$Lang::tr{'vpn keyexchange'}:</td>
+                       <td>
+                               <select name='IKE_VERSION'>
+                                       <option value='ikev2' $selected{'IKE_VERSION'}{'ikev2'}>IKEv2</option>
+                                       <option value='ikev1' $selected{'IKE_VERSION'}{'ikev1'}>IKEv1</option>
+                               </select>
+                       </td>
+                       <td></td>
+               </tr>
+               <tr>
+                       <td class='boldbase' width="15%">$Lang::tr{'encryption'}</td>
                        <td class='boldbase'>
                                <select name='IKE_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
                                        <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
@@ -2339,7 +2420,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
                </tr>
 
                <tr>
-                       <td class='boldbase'>$Lang::tr{'integrity'}</td>
+                       <td class='boldbase' width="15%">$Lang::tr{'integrity'}</td>
                        <td class='boldbase'>
                                <select name='IKE_INTEGRITY' multiple='multiple' size='6' style='width: 100%'>
                                        <option value='sha2_512' $checked{'IKE_INTEGRITY'}{'sha2_512'}>SHA2 512 bit</option>
@@ -2362,7 +2443,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
                        </td>
                </tr>
                <tr>
-                       <td class='boldbase'>$Lang::tr{'lifetime'}</td>
+                       <td class='boldbase' width="15%">$Lang::tr{'lifetime'}</td>
                        <td class='boldbase'>
                                <input type='text' name='IKE_LIFETIME' value='$cgiparams{'IKE_LIFETIME'}' size='5' /> $Lang::tr{'hours'}
                        </td>
@@ -2371,7 +2452,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
                        </td>
                </tr>
                <tr>
-                       <td class='boldbase'>$Lang::tr{'grouptype'}</td>
+                       <td class='boldbase' width="15%">$Lang::tr{'grouptype'}</td>
                        <td class='boldbase'>
                                <select name='IKE_GROUPTYPE' multiple='multiple' size='6' style='width: 100%'>
                                        <option value='e521' $checked{'IKE_GROUPTYPE'}{'e521'}>ECP-521 (NIST)</option>
@@ -2400,6 +2481,36 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
        </tbody>
     </table>
 
+       <br><br>
+
+       <h2>$Lang::tr{'dead peer detection'}</h2>
+
+    <table width="100%">
+    <tr>
+               <td width="15%">$Lang::tr{'dpd action'}:</td>
+               <td>
+                       <select name='DPD_ACTION'>
+                               <option value='none' $selected{'DPD_ACTION'}{'none'}>- $Lang::tr{'disabled'} -</option>
+                               <option value='clear' $selected{'DPD_ACTION'}{'clear'}>clear</option>
+                               <option value='hold' $selected{'DPD_ACTION'}{'hold'}>hold</option>
+                               <option value='restart' $selected{'DPD_ACTION'}{'restart'}>restart</option>
+                       </select>
+               </td>
+       </tr>
+       <tr>
+               <td width="15%">$Lang::tr{'dpd timeout'}:</td>
+               <td>
+                       <input type='text' name='DPD_TIMEOUT' size='5' value='$cgiparams{'DPD_TIMEOUT'}' />
+               </td>
+       </tr>
+       <tr>
+               <td width="15%">$Lang::tr{'dpd delay'}:</td>
+               <td>
+                       <input type='text' name='DPD_DELAY' size='5' value='$cgiparams{'DPD_DELAY'}' />
+               </td>
+       </tr>
+    </table>
+
     <hr>
 
     <table width="100%">
@@ -2441,7 +2552,7 @@ EOF
 
     print <<EOF;
        <tr>
-               <td align='right'>
+               <td align='right' colspan='2'>
                        <input type='submit' name='ACTION' value='$Lang::tr{'save'}' />
                        <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' />
                </td>
@@ -2759,8 +2870,8 @@ END
        </td>
        <td width='3%' align='center'>
            <form method='post' action='$ENV{'SCRIPT_NAME'}'>
-           <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' />
-           <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+           <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/floppy.gif' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" />
+           <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
            </form>
        </td>
        <td width='4%'>&nbsp;</td></tr>
index 01cd3f6831d4d3ea04e18aba0517116dcb28fdf6..568f057cb67f2de6e49dd049c05923c664d6c11a 100644 (file)
 'download pkcs12 file' => 'PKCS12-Datei herunterladen',
 'download root certificate' => 'Root-Zertifikat herunterladen',
 'dpd action' => 'Aktion für Dead Peer Detection',
+'dpd delay' => 'Verzögerung',
+'dpd timeout' => 'Zeitüberschreitung',
 'driver' => 'Treiber',
 'drop action' => 'Standardverhalten der (Forward) Firewall in Modus "Blocked"',
 'drop action1' => 'Standardverhalten der (Outgoing) Firewall in Modus "Blocked"',
 'invalid input for dhcp dns' => 'Ungültige Eingabe für DHCP DNS',
 'invalid input for dhcp domain' => 'Ungültige Eingabe für DHCP Domain',
 'invalid input for dhcp wins' => 'Ungültige Eingabe für DHCP WINS',
+'invalid input for dpd delay' => 'Ungültige Eingabe für DPD-Verzögerung',
+'invalid input for dpd timeout' => 'Ungültige Eingabe für DPD-Zeitüberschreitung',
 'invalid input for e-mail address' => 'Ungültige Eingabe für die E-mail Adresse',
 'invalid input for esp keylife' => 'Ungültige Eingabe für ESP Schlüssel-Lebensdauer',
 'invalid input for hostname' => 'Ungültige Eingabe für Hostname',
index dc38129f3652ec334dbfc4a96c4a1ccc14b6dae7..451ea79454effe2284d1673b98202773e32adc67 100644 (file)
 'ddns noip prefix' => 'To use no-ip in group mode, prefix hostname with <b>%</b>',
 'deactivate' => 'deactivate',
 'deactivate user' => 'deactivate user',
+'dead peer detection' => 'Dead Peer Detection',
 'debugme' => 'Not yet implemented',
 'december' => 'December',
 'deep scan directories' => 'Scan recursive',
 'download new ruleset' => 'Download new ruleset',
 'download pkcs12 file' => 'Download PKCS12 file',
 'download root certificate' => 'Download root certificate',
-'dpd action' => 'Dead Peer Detection action',
+'dpd action' => 'Action',
+'dpd delay' => 'Delay',
+'dpd timeout' => 'Timeout',
 'driver' => 'Driver',
 'drop action' => 'Default behaviour of (forward) firewall in mode "Blocked"',
 'drop action1' => 'Default behaviour of (outgoing) firewall in mode "Blocked"',
 'invalid input for dhcp dns' => 'Invalid input for DHCP DNS',
 'invalid input for dhcp domain' => 'Invalid input for DHCP domain',
 'invalid input for dhcp wins' => 'Invalid input for DHCP WINS',
+'invalid input for dpd delay' => 'Invalid input for DPD delay',
+'invalid input for dpd timeout' => 'Invalid input for DPD timeout',
 'invalid input for e-mail address' => 'Invalid input for e-mail address.',
 'invalid input for esp keylife' => 'Invalid input for ESP Keylife',
 'invalid input for hostname' => 'Invalid input for hostname.',
index 56e19679bf802c30949407dc0590791053694c51..cc169568043884f5168023fa59a9900efb707e6b 100644 (file)
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2010  IPFire Team  <info@ipfire.org>                          #
+# Copyright (C) 2007-2014  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -88,8 +88,6 @@ $(TARGET) :
 
        #Build Module deps for installer.
        depmod -a -b /install/initrd/ -F /boot/System.map-$(KVER)-ipfire $(KVER)-ipfire
-       # Remove binary depmod files
-       rm -rf /install/initrd/lib/modules/$(KVER)-ipfire/modules.*.bin
 
        #Name service from dhcpcd
        cp -f /etc/nsswitch.conf /install/initrd/etc/
index 5fcd7b3acfafee2bfd1e676d03d15f9ead01f4a5..aa5c3579f05e6258d92f56d00e4c453e154068a8 100644 (file)
--- a/lfs/mysql
+++ b/lfs/mysql
@@ -32,7 +32,9 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = mysql
-PAK_VER    = 2
+PAK_VER    = 3
+
+CFLAGS += -fno-strict-aliasing
 
 ###############################################################################
 # Top-level Rules
@@ -75,7 +77,6 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-       cd $(DIR_APP) && C_EXTRA_FLAGS=-fno-strict-aliasing
        cd $(DIR_APP) && ./configure --prefix=/usr \
                            --sysconfdir=/etc \
                            --libexecdir=/usr/sbin \