--- /dev/null
+../../../common/apache2
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/binutils
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/dracut
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/gcc
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/initscripts
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-kirkwood
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-multi
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-rpi
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/lm_sensors
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/rpi-firmware
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/u-boot
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/util-linux
\ No newline at end of file
--- /dev/null
+../../../common/bridge-utils
\ No newline at end of file
--- /dev/null
+../../../common/cyrus-sasl
\ No newline at end of file
--- /dev/null
+../../../common/dosfstools
\ No newline at end of file
etc/system-release
etc/issue
+etc/collectd.conf
etc/rc.d/init.d/network
srv/web/ipfire/cgi-bin/credits.cgi
srv/web/ipfire/cgi-bin/gui.cgi
srv/web/ipfire/html/themes/ipfire
srv/web/ipfire/html/themes/ipfire-legacy
srv/web/ipfire/html/themes/maniac
+usr/local/bin/setddns.pl
var/ipfire/backup/bin/backup.pl
var/ipfire/backup/exclude
var/ipfire/backup/include
var/ipfire/general-functions.pl
var/ipfire/header.pl
+var/ipfire/graphs.pl
var/ipfire/langs
--- /dev/null
+../../../common/fireinfo
\ No newline at end of file
--- /dev/null
+../../../../common/i586/binutils
\ No newline at end of file
--- /dev/null
+../../../../common/i586/dracut
\ No newline at end of file
--- /dev/null
+../../../../common/i586/gcc
\ No newline at end of file
--- /dev/null
+../../../../common/i586/grub
\ No newline at end of file
--- /dev/null
+../../../../common/i586/initscripts
\ No newline at end of file
--- /dev/null
+../../../../common/i586/linux
\ No newline at end of file
--- /dev/null
+../../../../common/i586/lm_sensors
\ No newline at end of file
--- /dev/null
+../../../../common/i586/util-linux
\ No newline at end of file
--- /dev/null
+../../../common/iptables
\ No newline at end of file
--- /dev/null
+../../../common/iw
\ No newline at end of file
--- /dev/null
+../../../common/kmod
\ No newline at end of file
--- /dev/null
+../../../common/libnl
\ No newline at end of file
--- /dev/null
+../../../common/libusbx
\ No newline at end of file
--- /dev/null
+../../../common/mysql-libs
\ No newline at end of file
--- /dev/null
+../../../common/net-tools
\ No newline at end of file
--- /dev/null
+../../../common/setup
\ No newline at end of file
--- /dev/null
+../../../common/udev
\ No newline at end of file
--- /dev/null
+../../../common/usbutils
\ No newline at end of file
--- /dev/null
+../../../common/xz
\ No newline at end of file
. /opt/pakfire/lib/functions.sh
/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+function add_to_backup ()
+{
+ # Add path to ROOTFILES but remove old entries to prevent double
+ # files in the tar
+ grep -v "^$1" /opt/pakfire/tmp/ROOTFILES > /opt/pakfire/tmp/ROOTFILES.tmp
+ mv /opt/pakfire/tmp/ROOTFILES.tmp /opt/pakfire/tmp/ROOTFILES
+ echo $1 >> /opt/pakfire/tmp/ROOTFILES
+}
+
#
# Remove old core updates from pakfire cache to save space...
-core=74
+core=76
for (( i=1; i<=$core; i++ ))
do
rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
done
+#
+# Do some sanity checks.
+case $(uname -r) in
+ *-ipfire-versatile )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-$core: ERROR cannot update. versatile support is dropped."
+ # Report no error to pakfire. So it does not try to install it again.
+ exit 0
+ ;;
+ *-ipfire-xen )
+ BOOTSIZE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f2 | tail -n 1`
+ if [ $BOOTSIZE -lt 28000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-$core: ERROR cannot update because not enough space on boot."
+ exit 2
+ fi
+ ;;
+ *-ipfire* )
+ # Ok.
+ ;;
+ * )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-$core: ERROR cannot update. No IPFire Kernel."
+ exit 1
+ ;;
+esac
+
+
+#
+#
+KVER="3.10.25"
+MOUNT=`grep "kernel" /boot/grub/grub.conf 2>/dev/null | tail -n 1 `
+# Nur den letzten Parameter verwenden
+echo $MOUNT > /dev/null
+MOUNT=$_
+if [ ! $MOUNT == "rw" ]; then
+ MOUNT="ro"
+fi
+
+#
+# check if we the backup file already exist
+if [ -e /var/ipfire/backup/core-upgrade$core_$KVER.tar.xz ]; then
+ echo Moving backup to backup-old ...
+ mv -f /var/ipfire/backup/core-upgrade$core_$KVER.tar.xz \
+ /var/ipfire/backup/core-upgrade$core_$KVER-old.tar.xz
+fi
+echo First we made a backup of all files that was inside of the
+echo update archive. This may take a while ...
+# Add some files that are not in the package to backup
+add_to_backup lib/modules
+add_to_backup etc/udev
+add_to_backup lib/udev
+add_to_backup boot
+add_to_backup etc/sysconfig/lm_sensors
+add_to_backup etc/sysconfig/rc.local
+add_to_backup srv/web/ipfire/html/themes/ipfire
+add_to_backup usr/lib/engines
+add_to_backup etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
+add_to_backup etc/rc.d/init.d/networking/red.up/25-portfw
+add_to_backup etc/rc.d/init.d/networking/red.up/26-xtaccess
+add_to_backup usr/local/bin/setportfw
+add_to_backup usr/local/bin/setdmzholes
+add_to_backup usr/local/bin/setxtaccess
+add_to_backup usr/local/bin/outgoingfwctrl
+add_to_backup srv/web/ipfire/cgi-bin/{dmzholes,outgoingfw,portfw,xtaccess}.cgi
+add_to_backup var/ipfire/{dmzholes,portfw,outgoing,xtaccess}
+
+# Backup the files
+tar cJvf /var/ipfire/backup/core-upgrade$core_$KVER.tar.xz \
+ -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' --exclude='/var/cache' > /dev/null 2>&1
+
+# Check diskspace on root
+ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $ROOTSPACE -lt 70000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-$core: ERROR cannot update because not enough free space on root."
+ exit 2
+fi
+
+
+echo
+echo Update Kernel to $KVER ...
+#
+# Remove old kernel, configs, initrd, modules ...
+#
+rm -rf /boot/System.map-*
+rm -rf /boot/config-*
+rm -rf /boot/ipfirerd-*
+rm -rf /boot/vmlinuz-*
+rm -rf /boot/uImage-ipfire-*
+rm -rf /boot/uInit-ipfire-*
+rm -rf /lib/modules
+
+#
+# Remove old udev rules.
+#
+if [ -e /etc/udev/rules.d/29-ct-server-network.rules ]; then
+ cp /etc/udev/rules.d/29-ct-server-network.rules /tmp/
+fi
+cp /etc/udev/rules.d/30-persistent-network.rules /tmp/
+rm -rf /etc/udev
+rm -rf /lib/udev
+mkdir -p /etc/udev/rules.d
+if [ -e /tmp/rules.d/29-ct-server-network.rules ]; then
+ mv /tmp/29-ct-server-network.rules /etc/udev/rules.d/
+fi
+mv /tmp/30-persistent-network.rules /etc/udev/rules.d/
+
+case $(uname -m) in
+ i?86 )
+ #
+ # Backup grub.conf
+ #
+ cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org
+ ;;
+esac
+#
+#Stop services
+/etc/init.d/snort stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+/etc/init.d/apache stop
+
# Remove the old default theme
rm -rf /srv/web/ipfire/html/themes/ipfire
-# Stop services
+#
+#Extract files
+tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
+# Check diskspace on boot
+BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
-# Extract files
-extract_files
+if [ $BOOTSPACE -lt 1000 ]; then
+ case $(uname -r) in
+ *-ipfire-kirkwood )
+ # Special handling for old kirkwood images.
+ # (install only kirkwood kernel)
+ rm -rf /boot/*
+ tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \
+ --numeric-owner -C / --wildcards 'boot/*-kirkwood*'
+ ;;
+ * )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-$core: FATAL-ERROR space run out on boot. System is not bootable..."
+ /etc/init.d/apache start
+ exit 4
+ ;;
+ esac
+fi
-# Start services
+#
+#Reload init to close old linker/glibc
+telinit u
+# Regenerate ipsec configuration files.
+/srv/web/ipfire/cgi-bin/vpnmain.cgi
# Update Language cache
perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
# Remove old firewall configuration files
rm -rf /var/ipfire/{dmzholes,portfw,outgoing,xtaccess}
-sync
+#
+# Start services
+#
+/etc/init.d/apache start
+/etc/init.d/squid start
+/etc/init.d/snort start
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+ /etc/init.d/ipsec start
+fi
+
+#
+# Rebuild qosscript if enabled
+#
+if [ -e /var/ipfire/qos/enable ]; then
+ /usr/local/bin/qosctrl stop
+ /usr/local/bin/qosctrl generate
+ /usr/local/bin/qosctrl start
+fi
+
+
+case $(uname -m) in
+ i?86 )
+ #
+ # Modify grub.conf
+ #
+ echo
+ echo Update grub configuration ...
+ ROOT=`mount | grep " / " | cut -d" " -f1`
+
+ if [ ! -z $ROOT ]; then
+ ROOTUUID=`blkid -c /dev/null -sUUID $ROOT | cut -d'"' -f2`
+ fi
+
+ if [ ! -z $ROOTUUID ]; then
+ sed -i "s|ROOT|UUID=$ROOTUUID|g" /boot/grub/grub.conf
+ else
+ sed -i "s|ROOT|$ROOT|g" /boot/grub/grub.conf
+ fi
+ sed -i "s|KVER|$KVER|g" /boot/grub/grub.conf
+ sed -i "s|MOUNT|$MOUNT|g" /boot/grub/grub.conf
+
+ if [ "$(grep "^serial" /boot/grub/grub.conf.org)" == "" ]; then
+ echo "grub use default console ..."
+ else
+ echo "grub use serial console ..."
+ sed -i -e "s|splashimage|#splashimage|g" /boot/grub/grub.conf
+ sed -i -e "s|#serial|serial|g" /boot/grub/grub.conf
+ sed -i -e "s|#terminal|terminal|g" /boot/grub/grub.conf
+ sed -i -e "s| panic=10 | console=ttyS0,115200n8 panic=10 |g" /boot/grub/grub.conf
+ fi
+
+ #
+ # ReInstall grub
+ #
+ echo "(hd0) ${ROOT::`expr length $ROOT`-1}" > /boot/grub/device.map
+ grub-install --no-floppy ${ROOT::`expr length $ROOT`-1}
+ ;;
+esac
+#
+# Delete old lm-sensor modullist to force search at next boot
+#
+rm -rf /etc/sysconfig/lm_sensors
+
+
+# Force (re)install pae kernel if pae is supported
+rm -rf /opt/pakfire/db/*/meta-linux-pae
+if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
+ ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+ BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+ if [ $BOOTSPACE -lt 8000 -o $ROOTSPACE -lt 70000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-$core: WARNING not enough space for pae kernel."
+ else
+ echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
+ echo "ProgVersion: 3.10.24" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Release: 30" >> /opt/pakfire/db/installed/meta-linux-pae
+ fi
+fi
+
+# Force reinstall xen kernel if it was installed
+if [ -e "/opt/pakfire/db/installed/meta-linux-xen" ]; then
+ echo "Name: linux-xen" > /opt/pakfire/db/installed/meta-linux-xen
+ echo "ProgVersion: 2.6.32.60" >> /opt/pakfire/db/installed/meta-linux-xen
+ echo "Release: 24" >> /opt/pakfire/db/installed/meta-linux-xen
+ # Add xvc0 to /etc/securetty
+ echo "xvc0" >> /etc/securetty
+fi
+
+#
+# After pakfire has ended run it again and update the lists and do upgrade
+#
+echo '#!/bin/bash' > /tmp/pak_update
+echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
+echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
+#
+chmod +x /tmp/pak_update
+/tmp/pak_update &
-# This update need a reboot...
-touch /var/run/need_reboot
+sync
-# Finish
-# Update the fireinfo profile
+#
+#Finish
(
/etc/init.d/fireinfo start
sendprofile
) >/dev/null 2>&1 &
+echo
+echo Please wait until pakfire has ended...
+echo
+#Don't report the exitcode last command
exit 0
+
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: translation string unused: fwdfw MODE1
WARNING: translation string unused: fwdfw MODE2
WARNING: translation string unused: fwdfw err prot_port1
-WARNING: translation string unused: fwdfw err tgt_port
WARNING: translation string unused: fwdfw final_rule
WARNING: translation string unused: fwdfw from
WARNING: translation string unused: fwdfw ipsec network
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: bytes
WARNING: untranslated string: community rules
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: emerging rules
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: new
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: translation string unused: fwdfw MODE1
WARNING: translation string unused: fwdfw MODE2
WARNING: translation string unused: fwdfw err prot_port1
-WARNING: translation string unused: fwdfw err tgt_port
WARNING: translation string unused: fwdfw final_rule
WARNING: translation string unused: fwdfw from
WARNING: translation string unused: fwdfw ipsec network
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: dnat address
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: fwdfw err tgt_addr
WARNING: untranslated string: fwdfw err tgt_grp
WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
WARNING: untranslated string: fwdfw err time
WARNING: untranslated string: fwdfw external port nat
WARNING: untranslated string: fwdfw hint ip1
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: minute
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: dnat address
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: fwdfw err tgt_addr
WARNING: untranslated string: fwdfw err tgt_grp
WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
WARNING: untranslated string: fwdfw err time
WARNING: untranslated string: fwdfw external port nat
WARNING: untranslated string: fwdfw hint ip1
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: minute
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: bytes
WARNING: untranslated string: ccd iroute2
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: dnat address
WARNING: untranslated string: dnsforward
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: fwdfw err tgt_addr
WARNING: untranslated string: fwdfw err tgt_grp
WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
WARNING: untranslated string: fwdfw err time
WARNING: untranslated string: fwdfw external port nat
WARNING: untranslated string: fwdfw hint ip1
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: most preferred
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: dnat address
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: fwdfw err tgt_addr
WARNING: untranslated string: fwdfw err tgt_grp
WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
WARNING: untranslated string: fwdfw err time
WARNING: untranslated string: fwdfw external port nat
WARNING: untranslated string: fwdfw hint ip1
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: minute
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
WARNING: untranslated string: community rules
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: disk access per
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: fwdfw err tgt_addr
WARNING: untranslated string: fwdfw err tgt_grp
WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
WARNING: untranslated string: fwdfw err time
WARNING: untranslated string: fwdfw external port nat
WARNING: untranslated string: fwdfw hint ip1
WARNING: untranslated string: grouptype
WARNING: untranslated string: incoming traffic in bytes per second
WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: minute
WARNING: translation string unused: edit network
WARNING: translation string unused: edit service
WARNING: translation string unused: editor
+WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enabled on
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: bytes
+WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: dnat address
+WARNING: untranslated string: dpd delay
+WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: fwdfw err tgt_addr
WARNING: untranslated string: fwdfw err tgt_grp
WARNING: untranslated string: fwdfw err tgt_mac
+WARNING: untranslated string: fwdfw err tgt_port
WARNING: untranslated string: fwdfw err time
WARNING: untranslated string: fwdfw external port nat
WARNING: untranslated string: fwdfw hint ip1
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: integrity
+WARNING: untranslated string: invalid input for dpd delay
+WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: most preferred
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
+< dpd delay
+< dpd timeout
< drop action
< drop action1
< drop action2
< fw settings ruletable
< grouptype
< integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
< least preferred
< lifetime
< minute
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
+< dpd delay
+< dpd timeout
< drop action
< drop action1
< drop action2
< fw settings ruletable
< grouptype
< integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
< least preferred
< lifetime
< minute
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
+< dpd delay
+< dpd timeout
< drop action
< drop action1
< drop action2
< fw settings ruletable
< grouptype
< integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
< least preferred
< lifetime
< minute
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
+< dpd delay
+< dpd timeout
< drop action
< drop action1
< drop action2
< hour-graph
< incoming traffic in bytes per second
< integrity
+< invalid input for dpd delay
+< invalid input for dpd timeout
< least preferred
< lifetime
< minute
<input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
</td></form>
<form method='post' name='frmhostcrtb'><td width='3%' align='center'>
- <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/media-floppy.png' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+ <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/media-floppy.png' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" border='0' />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
</td></form>
<td width='4%'> </td></tr>
END
$cgiparams{'ROOTCERT_CITY'} = '';
$cgiparams{'ROOTCERT_STATE'} = '';
$cgiparams{'RW_NET'} = '';
-
+$cgiparams{'DPD_DELAY'} = '30';
+$cgiparams{'DPD_TIMEOUT'} = '120';
&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
###
print CONF "\tcompress=yes\n" if ($lconfighash{$key}[13] eq 'on');
# Dead Peer Detection
- print CONF "\tdpddelay=30\n";
- print CONF "\tdpdtimeout=120\n";
- print CONF "\tdpdaction=$lconfighash{$key}[27]\n";
+ my $dpdaction = $lconfighash{$key}[27];
+ print CONF "\tdpdaction=$dpdaction\n";
+
+ # If the dead peer detection is disabled and IKEv2 is used,
+ # dpddelay must be set to zero, too.
+ if ($dpdaction eq "none") {
+ if ($lconfighash{$key}[29] eq "ikev2") {
+ print CONF "\tdpddelay=0\n";
+ }
+ } else {
+ my $dpddelay = $lconfighash{$key}[30];
+ if (!$dpddelay) {
+ $dpddelay = 30;
+ }
+ print CONF "\tdpddelay=$dpddelay\n";
+ my $dpdtimeout = $lconfighash{$key}[31];
+ if (!$dpdtimeout) {
+ $dpdtimeout = 120;
+ }
+ print CONF "\tdpdtimeout=$dpdtimeout\n";
+ }
# Build Authentication details: LEFTid RIGHTid : PSK psk
my $psk_line;
$cgiparams{'ONLY_PROPOSED'} = $confighash{$cgiparams{'KEY'}}[24];
$cgiparams{'PFS'} = $confighash{$cgiparams{'KEY'}}[28];
$cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14];
+ $cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30];
+ $cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31];
+
+ if (!$cgiparams{'DPD_DELAY'}) {
+ $cgiparams{'DPD_DELAY'} = 30;
+ }
+
+ if (!$cgiparams{'DPD_TIMEOUT'}) {
+ $cgiparams{'DPD_TIMEOUT'} = 120;
+ }
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
my $key = $cgiparams{'KEY'};
if (! $key) {
$key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 28) { $confighash{$key}[$i] = "";}
+ foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
}
$confighash{$key}[0] = $cgiparams{'ENABLED'};
$confighash{$key}[1] = $cgiparams{'NAME'};
$confighash{$key}[24] = $cgiparams{'ONLY_PROPOSED'};
$confighash{$key}[28] = $cgiparams{'PFS'};
$confighash{$key}[14] = $cgiparams{'VHOST'};
+ $confighash{$key}[30] = $cgiparams{'DPD_TIMEOUT'};
+ $confighash{$key}[31] = $cgiparams{'DPD_DELAY'};
#free unused fields!
$confighash{$key}[6] = 'off';
# choose appropriate dpd action
if ($cgiparams{'TYPE'} eq 'host') {
- $cgiparams{'DPD_ACTION'} = 'clear';
+ $cgiparams{'DPD_ACTION'} = 'clear';
} else {
- $cgiparams{'DPD_ACTION'} = 'restart';
+ $cgiparams{'DPD_ACTION'} = 'restart';
+ }
+
+ if (!$cgiparams{'DPD_DELAY'}) {
+ $cgiparams{'DPD_DELAY'} = 30;
+ }
+
+ if (!$cgiparams{'DPD_TIMEOUT'}) {
+ $cgiparams{'DPD_TIMEOUT'} = 120;
}
# Default IKE Version to v2
$checked{'AUTH'}{'auth-dn'} = '';
$checked{'AUTH'}{$cgiparams{'AUTH'}} = "checked='checked'";
- $selected{'DPD_ACTION'}{'clear'} = '';
- $selected{'DPD_ACTION'}{'hold'} = '';
- $selected{'DPD_ACTION'}{'restart'} = '';
- $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
-
- $selected{'IKE_VERSION'}{'ikev1'} = '';
- $selected{'IKE_VERSION'}{'ikev2'} = '';
- $selected{'IKE_VERSION'}{$cgiparams{'IKE_VERSION'}} = "selected='selected'";
-
&Header::showhttpheaders();
&Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
print "<form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>";
print<<END
<input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />
+ <input type='hidden' name='IKE_VERSION' value='$cgiparams{'IKE_VERSION'}' />
<input type='hidden' name='IKE_ENCRYPTION' value='$cgiparams{'IKE_ENCRYPTION'}' />
<input type='hidden' name='IKE_INTEGRITY' value='$cgiparams{'IKE_INTEGRITY'}' />
<input type='hidden' name='IKE_GROUPTYPE' value='$cgiparams{'IKE_GROUPTYPE'}' />
<input type='hidden' name='ONLY_PROPOSED' value='$cgiparams{'ONLY_PROPOSED'}' />
<input type='hidden' name='PFS' value='$cgiparams{'PFS'}' />
<input type='hidden' name='VHOST' value='$cgiparams{'VHOST'}' />
+ <input type='hidden' name='DPD_ACTION' value='$cgiparams{'DPD_ACTION'}' />
+ <input type='hidden' name='DPD_DELAY' value='$cgiparams{'DPD_DELAY'}' />
+ <input type='hidden' name='DPD_TIMEOUT' value='$cgiparams{'DPD_TIMEOUT'}' />
END
;
if ($cgiparams{'KEY'}) {
print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
+ print "<input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />";
print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
}
- &Header::openbox('100%', 'left', "$Lang::tr{'connection'}:");
+ &Header::openbox('100%', 'left', "$Lang::tr{'connection'}: $cgiparams{'NAME'}");
print "<table width='100%'>";
- print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
- if ($cgiparams{'KEY'}) {
- print "<td width='25%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' /><b>$cgiparams{'NAME'}</b></td>";
- } else {
- print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' size='30' /></td>";
+ if (!$cgiparams{'KEY'}) {
+ print <<EOF;
+ <tr>
+ <td width='20%'>$Lang::tr{'name'}:</td>
+ <td width='30%'>
+ <input type='text' name='NAME' value='$cgiparams{'NAME'}' size='25' />
+ </td>
+ <td colspan="2"></td>
+ </tr>
+EOF
}
- print "<td>$Lang::tr{'enabled'}</td><td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td></tr>";
- print '</tr><td><br /></td><tr>';
my $disabled;
my $blob;
print <<END
<tr>
- <td class='boldbase'>$Lang::tr{'remote host/ip'}: $blob</td>
- <td>
- <input type='text' name='REMOTE' value='$cgiparams{'REMOTE'}' size='30' />
- </td>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
- <td>
- <input $disabled type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' size='30' />
+ <td width='20%'>$Lang::tr{'enabled'}</td>
+ <td width='30%'>
+ <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} />
+ </td>
+ <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'local subnet'}</td>
+ <td width='30%'>
+ <input type='text' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' size="25" />
</td>
</tr>
<tr>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
- <td colspan='3'>
- <input type='text' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' size='30' />
+ <td class='boldbase' width='20%'>$Lang::tr{'remote host/ip'}: $blob</td>
+ <td width='30%'>
+ <input type='text' name='REMOTE' value='$cgiparams{'REMOTE'}' size="25" />
+ </td>
+ <td class='boldbase' nowrap='nowrap' width='20%'>$Lang::tr{'remote subnet'}</td>
+ <td width='30%'>
+ <input $disabled type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' size="25" />
</td>
</tr>
<tr>
- <td class='boldbase'>$Lang::tr{'vpn local id'}:<br />($Lang::tr{'eg'} <tt>@xy.example.com</tt>)</td>
- <td><input type='text' name='LOCAL_ID' value='$cgiparams{'LOCAL_ID'}' /></td>
- <td class='boldbase'>$Lang::tr{'vpn remote id'}:</td>
- <td><input type='text' name='REMOTE_ID' value='$cgiparams{'REMOTE_ID'}' /></td>
- </tr><tr>
- </tr><td><br /></td><tr>
- <td>$Lang::tr{'vpn keyexchange'}:</td>
- <td><select name='IKE_VERSION'>
- <option value='ikev2' $selected{'IKE_VERSION'}{'ikev2'}>IKEv2</option>
- <option value='ikev1' $selected{'IKE_VERSION'}{'ikev1'}>IKEv1</option>
- </select>
+ <td class='boldbase' width='20%'>$Lang::tr{'vpn local id'}:</td>
+ <td width='30%'>
+ <input type='text' name='LOCAL_ID' value='$cgiparams{'LOCAL_ID'}' size="25" />
</td>
- <td>$Lang::tr{'dpd action'}:</td>
- <td><select name='DPD_ACTION'>
- <option value='clear' $selected{'DPD_ACTION'}{'clear'}>clear</option>
- <option value='hold' $selected{'DPD_ACTION'}{'hold'}>hold</option>
- <option value='restart' $selected{'DPD_ACTION'}{'restart'}>restart</option>
- </select>
+ <td class='boldbase' width='20%'>$Lang::tr{'vpn remote id'}:</td>
+ <td width='30%'>
+ <input type='text' name='REMOTE_ID' value='$cgiparams{'REMOTE_ID'}' size="25" />
+ </td>
+ </tr>
+ <tr><td colspan="4"><br /></td></tr>
+ <tr>
+ <td class='boldbase' width='20%'>$Lang::tr{'remark title'} <img src='/blob.gif' alt='*' /></td>
+ <td colspan='3'>
+ <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' maxlength='50' size="73" />
</td>
- </tr><tr>
- <td class='boldbase'>$Lang::tr{'remark title'} <img src='/blob.gif' alt='*' /></td>
- <td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td>
</tr>
END
;
goto ADVANCED_ERROR;
}
+ if ($cgiparams{'DPD_DELAY'} !~ /^\d+$/) {
+ $errormessage = $Lang::tr{'invalid input for dpd delay'};
+ goto ADVANCED_ERROR;
+ }
+
+ if ($cgiparams{'DPD_TIMEOUT'} !~ /^\d+$/) {
+ $errormessage = $Lang::tr{'invalid input for dpd timeout'};
+ goto ADVANCED_ERROR;
+ }
+
+ $confighash{$cgiparams{'KEY'}}[29] = $cgiparams{'IKE_VERSION'};
$confighash{$cgiparams{'KEY'}}[18] = $cgiparams{'IKE_ENCRYPTION'};
$confighash{$cgiparams{'KEY'}}[19] = $cgiparams{'IKE_INTEGRITY'};
$confighash{$cgiparams{'KEY'}}[20] = $cgiparams{'IKE_GROUPTYPE'};
$confighash{$cgiparams{'KEY'}}[24] = $cgiparams{'ONLY_PROPOSED'};
$confighash{$cgiparams{'KEY'}}[28] = $cgiparams{'PFS'};
$confighash{$cgiparams{'KEY'}}[14] = $cgiparams{'VHOST'};
+ $confighash{$cgiparams{'KEY'}}[27] = $cgiparams{'DPD_ACTION'};
+ $confighash{$cgiparams{'KEY'}}[30] = $cgiparams{'DPD_TIMEOUT'};
+ $confighash{$cgiparams{'KEY'}}[31] = $cgiparams{'DPD_DELAY'};
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
&writeipsecfiles();
if (&vpnenabled) {
}
goto ADVANCED_END;
} else {
+ $cgiparams{'IKE_VERSION'} = $confighash{$cgiparams{'KEY'}}[29];
$cgiparams{'IKE_ENCRYPTION'} = $confighash{$cgiparams{'KEY'}}[18];
$cgiparams{'IKE_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[19];
$cgiparams{'IKE_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[20];
$cgiparams{'ONLY_PROPOSED'} = $confighash{$cgiparams{'KEY'}}[24];
$cgiparams{'PFS'} = $confighash{$cgiparams{'KEY'}}[28];
$cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14];
+ $cgiparams{'DPD_ACTION'} = $confighash{$cgiparams{'KEY'}}[27];
+ $cgiparams{'DPD_TIMEOUT'} = $confighash{$cgiparams{'KEY'}}[30];
+ $cgiparams{'DPD_DELAY'} = $confighash{$cgiparams{'KEY'}}[31];
+
+ if (!$cgiparams{'DPD_DELAY'}) {
+ $cgiparams{'DPD_DELAY'} = 30;
+ }
+
+ if (!$cgiparams{'DPD_TIMEOUT'}) {
+ $cgiparams{'DPD_TIMEOUT'} = 120;
+ }
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net' || $confighash{$cgiparams{'KEY'}}[10]) {
$cgiparams{'VHOST'} = 'off';
$checked{'PFS'} = $cgiparams{'PFS'} eq 'on' ? "checked='checked'" : '' ;
$checked{'VHOST'} = $cgiparams{'VHOST'} eq 'on' ? "checked='checked'" : '' ;
+ $selected{'IKE_VERSION'}{'ikev1'} = '';
+ $selected{'IKE_VERSION'}{'ikev2'} = '';
+ $selected{'IKE_VERSION'}{$cgiparams{'IKE_VERSION'}} = "selected='selected'";
+
+ $selected{'DPD_ACTION'}{'clear'} = '';
+ $selected{'DPD_ACTION'}{'hold'} = '';
+ $selected{'DPD_ACTION'}{'restart'} = '';
+ $selected{'DPD_ACTION'}{'none'} = '';
+ $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
+
&Header::showhttpheaders();
&Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
<table width='100%'>
<thead>
<tr>
- <th></th>
+ <th width="15%"></th>
<th>IKE</th>
<th>ESP</th>
</tr>
</thead>
<tbody>
<tr>
- <td class='boldbase'>$Lang::tr{'encryption'}</td>
+ <td>$Lang::tr{'vpn keyexchange'}:</td>
+ <td>
+ <select name='IKE_VERSION'>
+ <option value='ikev2' $selected{'IKE_VERSION'}{'ikev2'}>IKEv2</option>
+ <option value='ikev1' $selected{'IKE_VERSION'}{'ikev1'}>IKEv1</option>
+ </select>
+ </td>
+ <td></td>
+ </tr>
+ <tr>
+ <td class='boldbase' width="15%">$Lang::tr{'encryption'}</td>
<td class='boldbase'>
<select name='IKE_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
<option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
</tr>
<tr>
- <td class='boldbase'>$Lang::tr{'integrity'}</td>
+ <td class='boldbase' width="15%">$Lang::tr{'integrity'}</td>
<td class='boldbase'>
<select name='IKE_INTEGRITY' multiple='multiple' size='6' style='width: 100%'>
<option value='sha2_512' $checked{'IKE_INTEGRITY'}{'sha2_512'}>SHA2 512 bit</option>
</td>
</tr>
<tr>
- <td class='boldbase'>$Lang::tr{'lifetime'}</td>
+ <td class='boldbase' width="15%">$Lang::tr{'lifetime'}</td>
<td class='boldbase'>
<input type='text' name='IKE_LIFETIME' value='$cgiparams{'IKE_LIFETIME'}' size='5' /> $Lang::tr{'hours'}
</td>
</td>
</tr>
<tr>
- <td class='boldbase'>$Lang::tr{'grouptype'}</td>
+ <td class='boldbase' width="15%">$Lang::tr{'grouptype'}</td>
<td class='boldbase'>
<select name='IKE_GROUPTYPE' multiple='multiple' size='6' style='width: 100%'>
<option value='e521' $checked{'IKE_GROUPTYPE'}{'e521'}>ECP-521 (NIST)</option>
</tbody>
</table>
+ <br><br>
+
+ <h2>$Lang::tr{'dead peer detection'}</h2>
+
+ <table width="100%">
+ <tr>
+ <td width="15%">$Lang::tr{'dpd action'}:</td>
+ <td>
+ <select name='DPD_ACTION'>
+ <option value='none' $selected{'DPD_ACTION'}{'none'}>- $Lang::tr{'disabled'} -</option>
+ <option value='clear' $selected{'DPD_ACTION'}{'clear'}>clear</option>
+ <option value='hold' $selected{'DPD_ACTION'}{'hold'}>hold</option>
+ <option value='restart' $selected{'DPD_ACTION'}{'restart'}>restart</option>
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td width="15%">$Lang::tr{'dpd timeout'}:</td>
+ <td>
+ <input type='text' name='DPD_TIMEOUT' size='5' value='$cgiparams{'DPD_TIMEOUT'}' />
+ </td>
+ </tr>
+ <tr>
+ <td width="15%">$Lang::tr{'dpd delay'}:</td>
+ <td>
+ <input type='text' name='DPD_DELAY' size='5' value='$cgiparams{'DPD_DELAY'}' />
+ </td>
+ </tr>
+ </table>
+
<hr>
<table width="100%">
print <<EOF;
<tr>
- <td align='right'>
+ <td align='right' colspan='2'>
<input type='submit' name='ACTION' value='$Lang::tr{'save'}' />
<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' />
</td>
</td>
<td width='3%' align='center'>
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
+ <input type='image' name="$Lang::tr{'download host certificate'}" src='/images/floppy.gif' alt="$Lang::tr{'download host certificate'}" title="$Lang::tr{'download host certificate'}" />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download host certificate'}" />
</form>
</td>
<td width='4%'> </td></tr>
'download pkcs12 file' => 'PKCS12-Datei herunterladen',
'download root certificate' => 'Root-Zertifikat herunterladen',
'dpd action' => 'Aktion für Dead Peer Detection',
+'dpd delay' => 'Verzögerung',
+'dpd timeout' => 'Zeitüberschreitung',
'driver' => 'Treiber',
'drop action' => 'Standardverhalten der (Forward) Firewall in Modus "Blocked"',
'drop action1' => 'Standardverhalten der (Outgoing) Firewall in Modus "Blocked"',
'invalid input for dhcp dns' => 'Ungültige Eingabe für DHCP DNS',
'invalid input for dhcp domain' => 'Ungültige Eingabe für DHCP Domain',
'invalid input for dhcp wins' => 'Ungültige Eingabe für DHCP WINS',
+'invalid input for dpd delay' => 'Ungültige Eingabe für DPD-Verzögerung',
+'invalid input for dpd timeout' => 'Ungültige Eingabe für DPD-Zeitüberschreitung',
'invalid input for e-mail address' => 'Ungültige Eingabe für die E-mail Adresse',
'invalid input for esp keylife' => 'Ungültige Eingabe für ESP Schlüssel-Lebensdauer',
'invalid input for hostname' => 'Ungültige Eingabe für Hostname',
'ddns noip prefix' => 'To use no-ip in group mode, prefix hostname with <b>%</b>',
'deactivate' => 'deactivate',
'deactivate user' => 'deactivate user',
+'dead peer detection' => 'Dead Peer Detection',
'debugme' => 'Not yet implemented',
'december' => 'December',
'deep scan directories' => 'Scan recursive',
'download new ruleset' => 'Download new ruleset',
'download pkcs12 file' => 'Download PKCS12 file',
'download root certificate' => 'Download root certificate',
-'dpd action' => 'Dead Peer Detection action',
+'dpd action' => 'Action',
+'dpd delay' => 'Delay',
+'dpd timeout' => 'Timeout',
'driver' => 'Driver',
'drop action' => 'Default behaviour of (forward) firewall in mode "Blocked"',
'drop action1' => 'Default behaviour of (outgoing) firewall in mode "Blocked"',
'invalid input for dhcp dns' => 'Invalid input for DHCP DNS',
'invalid input for dhcp domain' => 'Invalid input for DHCP domain',
'invalid input for dhcp wins' => 'Invalid input for DHCP WINS',
+'invalid input for dpd delay' => 'Invalid input for DPD delay',
+'invalid input for dpd timeout' => 'Invalid input for DPD timeout',
'invalid input for e-mail address' => 'Invalid input for e-mail address.',
'invalid input for esp keylife' => 'Invalid input for ESP Keylife',
'invalid input for hostname' => 'Invalid input for hostname.',
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2010 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
#Build Module deps for installer.
depmod -a -b /install/initrd/ -F /boot/System.map-$(KVER)-ipfire $(KVER)-ipfire
- # Remove binary depmod files
- rm -rf /install/initrd/lib/modules/$(KVER)-ipfire/modules.*.bin
#Name service from dhcpcd
cp -f /etc/nsswitch.conf /install/initrd/etc/
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = mysql
-PAK_VER = 2
+PAK_VER = 3
+
+CFLAGS += -fno-strict-aliasing
###############################################################################
# Top-level Rules
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && C_EXTRA_FLAGS=-fno-strict-aliasing
cd $(DIR_APP) && ./configure --prefix=/usr \
--sysconfdir=/etc \
--libexecdir=/usr/sbin \