stop)
boot_mesg "Stopping avahi..."
- killproc /usr/sbin/avahi-daemon -k
+ /usr/sbin/avahi-daemon -k
;;
reload)
--- /dev/null
+/etc/my.cnf
+/srv/mysql
# pakfire
%nightly,random * 23-4 /usr/local/bin/pakfire update >/dev/null 2>&1
+
+# Re-read firewall rules every Sunday in March, October and November to take care of daylight saving time
+00 3 * 3 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
+00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
my @p2ps=();
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
-require "${General::swroot}/firewall/bin/firewall-lib.pl";
+require "/usr/lib/firewall/firewall-lib.pl";
my $configfwdfw = "${General::swroot}/firewall/config";
my $configinput = "${General::swroot}/firewall/input";
$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ next if ($targethash{$b}[0] eq 'none');
+ $STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
if($DPROT ne ''){
if(substr($sourcehash{$a}[0], 3, 3) ne 'mac' && $sourcehash{$a}[0] ne ''){ $STAG="-s";}
}
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ next if ($targethash{$b}[0] eq 'none');
+ $STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
if($DPROT ne ''){
if(substr($sourcehash{$a}[0], 3, 3) ne 'mac' && $sourcehash{$a}[0] ne ''){ $STAG="-s";}
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.10.10-ipfire-kirkwood Kernel Configuration
+# Linux/arm 3.10.27-ipfire-kirkwood Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
CONFIG_L2TP_IP=m
CONFIG_L2TP_ETH=m
CONFIG_STP=y
-CONFIG_GARP=y
+CONFIG_GARP=m
CONFIG_BRIDGE=y
CONFIG_BRIDGE_IGMP_SNOOPING=y
CONFIG_BRIDGE_VLAN_FILTERING=y
#
CONFIG_INPUT=y
# CONFIG_INPUT_FF_MEMLESS is not set
-CONFIG_INPUT_POLLDEV=m
+CONFIG_INPUT_POLLDEV=y
CONFIG_INPUT_SPARSEKMAP=m
CONFIG_INPUT_MATRIXKMAP=m
CONFIG_UWB_HWA=m
CONFIG_UWB_WHCI=m
CONFIG_UWB_I1480U=m
-CONFIG_MMC=m
+CONFIG_MMC=y
# CONFIG_MMC_DEBUG is not set
# CONFIG_MMC_UNSAFE_RESUME is not set
# CONFIG_MMC_CLKGATE is not set
#
# MMC/SD/SDIO Card Drivers
#
-CONFIG_MMC_BLOCK=m
+CONFIG_MMC_BLOCK=y
CONFIG_MMC_BLOCK_MINORS=8
CONFIG_MMC_BLOCK_BOUNCE=y
# CONFIG_SDIO_UART is not set
CONFIG_MMC_SDHCI_PXAV3=m
CONFIG_MMC_SDHCI_PXAV2=m
CONFIG_MMC_TIFM_SD=m
-CONFIG_MMC_MVSDIO=m
+CONFIG_MMC_MVSDIO=y
CONFIG_MMC_CB710=m
CONFIG_MMC_VIA_SDMMC=m
CONFIG_MMC_DW=m
#
# DMA Clients
#
-CONFIG_NET_DMA=y
CONFIG_ASYNC_TX_DMA=y
# CONFIG_DMATEST is not set
# CONFIG_AUXDISPLAY is not set
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.10.21 Kernel Configuration
+# Linux/arm 3.10.27-ipfire-multi Kernel Configuration
#
CONFIG_ARM=y
CONFIG_MIGHT_HAVE_PCI=y
CONFIG_IMX_HAVE_PLATFORM_GPIO_KEYS=y
CONFIG_IMX_HAVE_PLATFORM_IMX2_WDT=y
CONFIG_WAND_RFKILL=m
-# CONFIG_ARCH_OMAP2PLUS is not set
+
+#
+# TI OMAP Common Features
+#
+
+#
+# OMAP Feature Selections
+#
+# CONFIG_POWER_AVS_OMAP is not set
+# CONFIG_OMAP_RESET_CLOCKS is not set
+CONFIG_OMAP_MUX=y
+# CONFIG_OMAP_MUX_DEBUG is not set
+CONFIG_OMAP_MUX_WARNINGS=y
+CONFIG_OMAP_32K_TIMER=y
+# CONFIG_OMAP3_L2_AUX_SECURE_SAVE_RESTORE is not set
+CONFIG_OMAP_DM_TIMER=y
+CONFIG_OMAP_PM_NOOP=y
+CONFIG_MACH_OMAP_GENERIC=y
+CONFIG_ARCH_OMAP=y
+CONFIG_ARCH_OMAP2PLUS=y
+
+#
+# TI OMAP2/3/4 Specific Features
+#
+CONFIG_ARCH_OMAP2PLUS_TYPICAL=y
+CONFIG_SOC_HAS_OMAP2_SDRC=y
+CONFIG_SOC_HAS_REALTIME_COUNTER=y
+CONFIG_ARCH_OMAP3=y
+CONFIG_ARCH_OMAP4=y
+CONFIG_SOC_OMAP5=y
+CONFIG_SOC_OMAP3430=y
+CONFIG_SOC_TI81XX=y
+CONFIG_SOC_AM33XX=y
+CONFIG_OMAP_PACKAGE_CBB=y
+CONFIG_OMAP_PACKAGE_CUS=y
+CONFIG_OMAP_PACKAGE_CBP=y
+CONFIG_OMAP_PACKAGE_CBL=y
+CONFIG_OMAP_PACKAGE_CBS=y
+
+#
+# OMAP Board Type
+#
+CONFIG_MACH_OMAP3_BEAGLE=y
+CONFIG_MACH_DEVKIT8000=y
+CONFIG_MACH_OMAP_LDP=y
+CONFIG_MACH_OMAP3530_LV_SOM=y
+CONFIG_MACH_OMAP3_TORPEDO=y
+CONFIG_MACH_OVERO=y
+CONFIG_MACH_OMAP3EVM=y
+CONFIG_MACH_OMAP3517EVM=y
+# CONFIG_MACH_CRANEBOARD is not set
+CONFIG_MACH_OMAP3_PANDORA=y
+CONFIG_MACH_TOUCHBOOK=y
+CONFIG_MACH_OMAP_3430SDP=y
+CONFIG_MACH_NOKIA_RM680=y
+CONFIG_MACH_NOKIA_RX51=y
+CONFIG_MACH_OMAP_ZOOM2=y
+CONFIG_MACH_OMAP_ZOOM3=y
+CONFIG_MACH_CM_T35=y
+CONFIG_MACH_CM_T3517=y
+CONFIG_MACH_CM_T3730=y
+CONFIG_MACH_IGEP0020=y
+CONFIG_MACH_IGEP0030=y
+CONFIG_MACH_SBC3530=y
+CONFIG_MACH_OMAP_3630SDP=y
+CONFIG_MACH_TI8168EVM=y
+CONFIG_MACH_TI8148EVM=y
+CONFIG_MACH_OMAP_4430SDP=y
+CONFIG_MACH_OMAP4_PANDA=y
+# CONFIG_OMAP3_EMU is not set
+# CONFIG_OMAP3_SDRC_AC_TIMING is not set
# CONFIG_ARCH_SOCFPGA is not set
# CONFIG_PLAT_SPEAR is not set
# CONFIG_ARCH_SUNXI is not set
# CONFIG_CPU_DCACHE_DISABLE is not set
# CONFIG_CPU_BPREDICT_DISABLE is not set
CONFIG_KUSER_HELPERS=y
-CONFIG_DMA_CACHE_RWFO=y
CONFIG_OUTER_CACHE=y
CONFIG_OUTER_CACHE_SYNC=y
CONFIG_MIGHT_HAVE_CACHE_L2X0=y
#
CONFIG_ARM_AMBA=y
CONFIG_PCI=y
-CONFIG_PCIE_DW=y
CONFIG_PCI_DOMAINS=y
CONFIG_PCI_SYSCALL=y
# CONFIG_PCI_DEBUG is not set
#
# PCI host controller drivers
#
+CONFIG_PCIE_DW=y
CONFIG_PCI_IMX6=y
# CONFIG_PCCARD is not set
CONFIG_HOTPLUG_CPU=y
CONFIG_ARM_PSCI=y
CONFIG_LOCAL_TIMERS=y
-CONFIG_ARCH_NR_GPIO=352
+CONFIG_ARCH_NR_GPIO=512
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
# CONFIG_THUMB2_KERNEL is not set
CONFIG_AEABI=y
# CONFIG_OABI_COMPAT is not set
+CONFIG_ARCH_HAS_HOLES_MEMORYMODEL=y
# CONFIG_ARCH_SPARSEMEM_DEFAULT is not set
# CONFIG_ARCH_SELECT_MEMORY_MODEL is not set
CONFIG_HAVE_ARCH_PFN_VALID=y
CONFIG_CROSS_MEMORY_ATTACH=y
CONFIG_CLEANCACHE=y
# CONFIG_FRONTSWAP is not set
-CONFIG_FORCE_MAX_ZONEORDER=11
+CONFIG_FORCE_MAX_ZONEORDER=12
CONFIG_ALIGNMENT_TRAP=y
# CONFIG_SECCOMP is not set
CONFIG_CC_STACKPROTECTOR=y
# CONFIG_ARM_EXYNOS5440_CPUFREQ is not set
CONFIG_ARM_IMX6Q_CPUFREQ=m
# CONFIG_ARM_KIRKWOOD_CPUFREQ is not set
+CONFIG_ARM_OMAP2PLUS_CPUFREQ=y
CONFIG_CPU_IDLE=y
CONFIG_CPU_IDLE_MULTIPLE_DRIVERS=y
CONFIG_CPU_IDLE_GOV_LADDER=y
CONFIG_CPU_IDLE_GOV_MENU=y
-# CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set
+CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED=y
#
# Floating point emulation
# CONFIG_DEBUG_DEVRES is not set
# CONFIG_SYS_HYPERVISOR is not set
# CONFIG_GENERIC_CPU_DEVICES is not set
+CONFIG_SOC_BUS=y
CONFIG_REGMAP=y
CONFIG_REGMAP_I2C=y
CONFIG_REGMAP_MMIO=y
#
# Bus devices
#
+CONFIG_OMAP_OCP2SCP=y
+CONFIG_OMAP_INTERCONNECT=y
CONFIG_CONNECTOR=y
CONFIG_PROC_EVENTS=y
CONFIG_MTD=y
# Disk-On-Chip Device Drivers
#
# CONFIG_MTD_DOCG3 is not set
+CONFIG_BCH_CONST_M=13
+CONFIG_BCH_CONST_T=8
CONFIG_MTD_NAND_ECC=y
CONFIG_MTD_NAND_ECC_SMC=y
CONFIG_MTD_NAND=y
# CONFIG_MTD_SM_COMMON is not set
# CONFIG_MTD_NAND_DENALI is not set
# CONFIG_MTD_NAND_GPIO is not set
+CONFIG_MTD_NAND_OMAP2=y
+CONFIG_MTD_NAND_OMAP_BCH=m
+CONFIG_MTD_NAND_OMAP_BCH8=y
+# CONFIG_MTD_NAND_OMAP_BCH4 is not set
CONFIG_MTD_NAND_IDS=y
# CONFIG_MTD_NAND_RICOH is not set
# CONFIG_MTD_NAND_DISKONCHIP is not set
CONFIG_NET_VENDOR_TEHUTI=y
# CONFIG_TEHUTI is not set
CONFIG_NET_VENDOR_TI=y
+# CONFIG_TI_DAVINCI_EMAC is not set
+# CONFIG_TI_DAVINCI_MDIO is not set
+# CONFIG_TI_DAVINCI_CPDMA is not set
+# CONFIG_TI_CPSW is not set
# CONFIG_TLAN is not set
CONFIG_NET_VENDOR_VIA=y
# CONFIG_VIA_RHINE is not set
# CONFIG_KEYBOARD_SAMSUNG is not set
# CONFIG_KEYBOARD_STOWAWAY is not set
# CONFIG_KEYBOARD_SUNKBD is not set
+CONFIG_KEYBOARD_OMAP4=m
CONFIG_KEYBOARD_TWL4030=m
# CONFIG_KEYBOARD_XTKBD is not set
CONFIG_INPUT_MOUSE=y
# CONFIG_SERIAL_JSM is not set
# CONFIG_SERIAL_VT8500 is not set
CONFIG_SERIAL_OF_PLATFORM=y
+CONFIG_SERIAL_OMAP=y
+CONFIG_SERIAL_OMAP_CONSOLE=y
CONFIG_SERIAL_SCCNXP=m
# CONFIG_SERIAL_TIMBERDALE is not set
# CONFIG_SERIAL_ALTERA_JTAGUART is not set
# CONFIG_I2C_INTEL_MID is not set
CONFIG_I2C_NOMADIK=y
# CONFIG_I2C_OCORES is not set
+CONFIG_I2C_OMAP=y
CONFIG_I2C_PCA_PLATFORM=m
# CONFIG_I2C_PXA_PCI is not set
CONFIG_I2C_SIMTEC=m
CONFIG_PINCTRL_IMX51=y
CONFIG_PINCTRL_IMX53=y
CONFIG_PINCTRL_IMX6Q=y
-CONFIG_PINCTRL_SINGLE=m
+CONFIG_PINCTRL_SINGLE=y
# CONFIG_PINCTRL_EXYNOS is not set
# CONFIG_PINCTRL_EXYNOS5440 is not set
CONFIG_PINCTRL_WMT=y
# CONFIG_GPIO_MAX732X is not set
# CONFIG_GPIO_PCF857X is not set
# CONFIG_GPIO_SX150X is not set
-CONFIG_GPIO_TWL4030=m
+CONFIG_GPIO_TWL4030=y
# CONFIG_GPIO_ADP5588 is not set
CONFIG_GPIO_ADNP=m
CONFIG_W1_MASTER_MXC=m
CONFIG_W1_MASTER_DS1WM=m
# CONFIG_W1_MASTER_GPIO is not set
+# CONFIG_HDQ_MASTER_OMAP is not set
#
# 1-wire Slaves
# CONFIG_BATTERY_RX51 is not set
# CONFIG_CHARGER_ISP1704 is not set
# CONFIG_CHARGER_MAX8903 is not set
-CONFIG_CHARGER_TWL4030=m
+CONFIG_CHARGER_TWL4030=y
# CONFIG_CHARGER_LP8727 is not set
# CONFIG_CHARGER_GPIO is not set
# CONFIG_CHARGER_MANAGER is not set
CONFIG_ARM_SP805_WATCHDOG=m
# CONFIG_DW_WATCHDOG is not set
CONFIG_MPCORE_WATCHDOG=m
+CONFIG_OMAP_WATCHDOG=m
CONFIG_TWL4030_WATCHDOG=m
# CONFIG_MAX63XX_WATCHDOG is not set
CONFIG_IMX2_WDT=m
CONFIG_MFD_SYSCON=y
# CONFIG_MFD_TI_AM335X_TSCADC is not set
# CONFIG_MFD_LP8788 is not set
+CONFIG_MFD_OMAP_USB_HOST=y
# CONFIG_MFD_PALMAS is not set
# CONFIG_TPS6105X is not set
# CONFIG_TPS65010 is not set
# CONFIG_MFD_TPS65912_I2C is not set
# CONFIG_MFD_TPS80031 is not set
CONFIG_TWL4030_CORE=y
-CONFIG_TWL4030_MADC=m
+CONFIG_TWL4030_MADC=y
CONFIG_TWL4030_POWER=y
CONFIG_MFD_TWL4030_AUDIO=y
# CONFIG_TWL6040_CORE is not set
# CONFIG_VIDEO_FIXED_MINOR_RANGES is not set
CONFIG_VIDEO_TUNER=m
CONFIG_V4L2_MEM2MEM_DEV=m
-CONFIG_VIDEOBUF_GEN=m
+CONFIG_VIDEOBUF_GEN=y
CONFIG_VIDEOBUF_VMALLOC=m
-CONFIG_VIDEOBUF_DMA_CONTIG=m
+CONFIG_VIDEOBUF_DMA_CONTIG=y
CONFIG_VIDEOBUF_DVB=m
CONFIG_VIDEOBUF2_CORE=m
CONFIG_VIDEOBUF2_MEMOPS=m
# CONFIG_MEDIA_PCI_SUPPORT is not set
CONFIG_V4L_PLATFORM_DRIVERS=y
# CONFIG_VIDEO_CAFE_CCIC is not set
+# CONFIG_VIDEO_DM6446_CCDC is not set
+CONFIG_VIDEO_OMAP2_VOUT_VRFB=y
+CONFIG_VIDEO_OMAP2_VOUT=y
CONFIG_VIDEO_TIMBERDALE=m
CONFIG_SOC_CAMERA=m
CONFIG_SOC_CAMERA_PLATFORM=m
# CONFIG_DRM_AST is not set
# CONFIG_DRM_MGAG200 is not set
# CONFIG_DRM_CIRRUS_QEMU is not set
-# CONFIG_DRM_TILCDC is not set
+CONFIG_DRM_OMAP=m
+CONFIG_DRM_OMAP_NUM_CRTCS=2
+CONFIG_DRM_TILCDC=m
# CONFIG_DRM_QXL is not set
# CONFIG_TEGRA_HOST1X is not set
# CONFIG_VGASTATE is not set
CONFIG_VIDEOMODE_HELPERS=y
CONFIG_HDMI=y
CONFIG_FB=y
-# CONFIG_FIRMWARE_EDID is not set
+CONFIG_FIRMWARE_EDID=y
# CONFIG_FB_DDC is not set
# CONFIG_FB_BOOT_VESA_SUPPORT is not set
CONFIG_FB_CFB_FILLRECT=m
# CONFIG_FB_MACMODES is not set
# CONFIG_FB_BACKLIGHT is not set
CONFIG_FB_MODE_HELPERS=y
-# CONFIG_FB_TILEBLITTING is not set
+CONFIG_FB_TILEBLITTING=y
#
# Frame buffer hardware drivers
# CONFIG_FB_BROADSHEET is not set
# CONFIG_FB_AUO_K190X is not set
# CONFIG_FB_SIMPLE is not set
+CONFIG_OMAP2_VRFB=y
+CONFIG_OMAP2_DSS=y
+# CONFIG_OMAP2_DSS_DEBUG is not set
+# CONFIG_OMAP2_DSS_DEBUGFS is not set
+CONFIG_OMAP2_DSS_DPI=y
+CONFIG_OMAP2_DSS_RFBI=y
+CONFIG_OMAP2_DSS_VENC=y
+CONFIG_OMAP4_DSS_HDMI=y
+CONFIG_OMAP4_DSS_HDMI_AUDIO=y
+CONFIG_OMAP2_DSS_SDI=y
+CONFIG_OMAP2_DSS_DSI=y
+CONFIG_OMAP2_DSS_MIN_FCK_PER_PCK=8
+CONFIG_OMAP2_DSS_SLEEP_AFTER_VENC_RESET=y
+CONFIG_FB_OMAP2=m
+CONFIG_FB_OMAP2_DEBUG_SUPPORT=y
+CONFIG_FB_OMAP2_NUM_FBS=3
+
+#
+# OMAP2/3 Display Device Drivers
+#
+CONFIG_PANEL_GENERIC_DPI=m
+CONFIG_PANEL_TFP410=m
+CONFIG_PANEL_SHARP_LS037V7DW01=m
+CONFIG_PANEL_PICODLP=m
+CONFIG_PANEL_TAAL=m
# CONFIG_EXYNOS_VIDEO is not set
CONFIG_BACKLIGHT_LCD_SUPPORT=y
CONFIG_LCD_CLASS_DEVICE=m
CONFIG_DUMMY_CONSOLE=y
CONFIG_FRAMEBUFFER_CONSOLE=y
CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y
-# CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set
+CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y
# CONFIG_FONTS is not set
CONFIG_FONT_8x8=y
CONFIG_FONT_8x16=y
CONFIG_SND_SOC_IMX_PCM_DMA=y
CONFIG_SND_SOC_IMX_AUDMUX=m
CONFIG_SND_SOC_IMX_SGTL5000=m
+CONFIG_SND_OMAP_SOC=m
+CONFIG_SND_OMAP_SOC_MCBSP=m
+CONFIG_SND_OMAP_SOC_HDMI=m
+CONFIG_SND_OMAP_SOC_RX51=m
+CONFIG_SND_OMAP_SOC_AM3517EVM=m
+CONFIG_SND_OMAP_SOC_OMAP_TWL4030=m
+CONFIG_SND_OMAP_SOC_OMAP_HDMI=m
+CONFIG_SND_OMAP_SOC_OMAP3_PANDORA=m
CONFIG_SND_SOC_I2C_AND_SPI=m
# CONFIG_SND_SOC_ALL_CODECS is not set
+CONFIG_SND_SOC_OMAP_HDMI_CODEC=m
CONFIG_SND_SOC_SGTL5000=m
+CONFIG_SND_SOC_TLV320AIC23=m
+CONFIG_SND_SOC_TLV320AIC3X=m
+CONFIG_SND_SOC_TWL4030=m
+CONFIG_SND_SOC_TPA6130A2=m
CONFIG_SND_SIMPLE_CARD=m
# CONFIG_SOUND_PRIME is not set
CONFIG_AC97_BUS=m
#
CONFIG_USB_DEFAULT_PERSIST=y
# CONFIG_USB_DYNAMIC_MINORS is not set
-# CONFIG_USB_OTG is not set
+CONFIG_USB_OTG=y
# CONFIG_USB_OTG_WHITELIST is not set
# CONFIG_USB_OTG_BLACKLIST_HUB is not set
CONFIG_USB_MON=m
CONFIG_USB_EHCI_TT_NEWSCHED=y
CONFIG_USB_EHCI_PCI=y
CONFIG_USB_EHCI_MXC=m
+CONFIG_USB_EHCI_HCD_OMAP=y
CONFIG_USB_EHCI_HCD_PLATFORM=y
# CONFIG_USB_OXU210HP_HCD is not set
# CONFIG_USB_ISP116X_HCD is not set
CONFIG_USB_XUSBATM=m
CONFIG_USB_PHY=y
CONFIG_NOP_USB_XCEIV=m
-CONFIG_OMAP_CONTROL_USB=m
+CONFIG_OMAP_CONTROL_USB=y
+CONFIG_OMAP_USB2=y
CONFIG_OMAP_USB3=m
CONFIG_SAMSUNG_USBPHY=m
CONFIG_SAMSUNG_USB2PHY=m
CONFIG_MMC_SDHCI_ESDHC_IMX=y
CONFIG_MMC_SDHCI_PXAV3=m
CONFIG_MMC_SDHCI_PXAV2=m
+CONFIG_MMC_OMAP=y
+CONFIG_MMC_OMAP_HS=y
CONFIG_MMC_MXC=m
# CONFIG_MMC_TIFM_SD is not set
# CONFIG_MMC_CB710 is not set
CONFIG_LEDS_LM3530=m
CONFIG_LEDS_LM3533=m
CONFIG_LEDS_LM3642=m
-# CONFIG_LEDS_PCA9532 is not set
+CONFIG_LEDS_PCA9532=m
+CONFIG_LEDS_PCA9532_GPIO=y
CONFIG_LEDS_GPIO=y
CONFIG_LEDS_LP3944=m
CONFIG_LEDS_LP55XX_COMMON=m
CONFIG_LEDS_LP5521=m
CONFIG_LEDS_LP5523=m
CONFIG_LEDS_LP5562=m
-# CONFIG_LEDS_PCA955X is not set
+CONFIG_LEDS_PCA955X=m
CONFIG_LEDS_PCA9633=m
CONFIG_LEDS_PWM=m
CONFIG_LEDS_REGULATOR=m
-# CONFIG_LEDS_BD2802 is not set
+CONFIG_LEDS_BD2802=m
CONFIG_LEDS_LT3593=m
-# CONFIG_LEDS_RENESAS_TPU is not set
+CONFIG_LEDS_RENESAS_TPU=y
CONFIG_LEDS_TCA6507=m
CONFIG_LEDS_LM355x=m
CONFIG_LEDS_OT200=m
CONFIG_RTC_DRV_M41T80=m
CONFIG_RTC_DRV_M41T80_WDT=y
CONFIG_RTC_DRV_BQ32K=m
-CONFIG_RTC_DRV_TWL4030=m
+CONFIG_RTC_DRV_TWL4030=y
# CONFIG_RTC_DRV_S35390A is not set
CONFIG_RTC_DRV_FM3130=m
CONFIG_RTC_DRV_RX8581=m
# on-CPU RTC drivers
#
CONFIG_RTC_DRV_IMXDI=m
+CONFIG_RTC_DRV_OMAP=y
CONFIG_RTC_DRV_PL030=m
CONFIG_RTC_DRV_PL031=m
CONFIG_RTC_DRV_VT8500=m
CONFIG_IMX_SDMA=y
CONFIG_IMX_DMA=y
CONFIG_MXS_DMA=y
+CONFIG_DMA_OMAP=y
CONFIG_DMA_ENGINE=y
CONFIG_DMA_VIRTUAL_CHANNELS=y
CONFIG_DMA_OF=y
#
# DMA Clients
#
-CONFIG_NET_DMA=y
CONFIG_ASYNC_TX_DMA=y
# CONFIG_DMATEST is not set
# CONFIG_AUXDISPLAY is not set
CONFIG_COMMON_CLK_VERSATILE=y
CONFIG_COMMON_CLK_SI5351=m
CONFIG_COMMON_CLK_AXI_CLKGEN=m
+CONFIG_HWSPINLOCK=y
#
# Hardware Spinlock drivers
#
+CONFIG_HWSPINLOCK_OMAP=y
CONFIG_CLKSRC_OF=y
CONFIG_CLKSRC_MMIO=y
CONFIG_VT8500_TIMER=y
CONFIG_ARM_ARCH_TIMER=y
CONFIG_MAILBOX=y
CONFIG_PL320_MBOX=y
-CONFIG_IOMMU_SUPPORT=y
-CONFIG_OF_IOMMU=y
+# CONFIG_IOMMU_SUPPORT is not set
#
# Remoteproc drivers
# CONFIG_PM_DEVFREQ is not set
# CONFIG_EXTCON is not set
CONFIG_MEMORY=y
+# CONFIG_TI_EMIF is not set
CONFIG_IIO=m
CONFIG_IIO_BUFFER=y
CONFIG_IIO_BUFFER_CB=y
# CONFIG_VME_BUS is not set
CONFIG_PWM=y
CONFIG_PWM_IMX=m
+# CONFIG_PWM_TIECAP is not set
+# CONFIG_PWM_TIEHRPWM is not set
CONFIG_PWM_TWL=m
CONFIG_PWM_TWL_LED=m
CONFIG_PWM_VT8500=m
# CONFIG_DEBUG_ZYNQ_UART1 is not set
# CONFIG_DEBUG_IMX51_UART is not set
# CONFIG_DEBUG_IMX53_UART is not set
-CONFIG_DEBUG_IMX6Q_UART=y
+# CONFIG_DEBUG_IMX6Q_UART is not set
+CONFIG_DEBUG_OMAP2PLUS_UART=y
# CONFIG_DEBUG_VEXPRESS_UART0_DETECT is not set
# CONFIG_DEBUG_VEXPRESS_UART0_CA9 is not set
# CONFIG_DEBUG_VEXPRESS_UART0_RS1 is not set
# CONFIG_DEBUG_ICEDCC is not set
# CONFIG_DEBUG_SEMIHOSTING is not set
CONFIG_DEBUG_IMX_UART_PORT=1
-CONFIG_DEBUG_LL_INCLUDE="debug/imx.S"
-CONFIG_DEBUG_UNCOMPRESS=y
+# CONFIG_DEBUG_OMAP2UART1 is not set
+# CONFIG_DEBUG_OMAP2UART2 is not set
+# CONFIG_DEBUG_OMAP2UART3 is not set
+# CONFIG_DEBUG_OMAP3UART3 is not set
+CONFIG_DEBUG_OMAP4UART3=y
+# CONFIG_DEBUG_OMAP3UART4 is not set
+# CONFIG_DEBUG_OMAP4UART4 is not set
+# CONFIG_DEBUG_TI81XXUART1 is not set
+# CONFIG_DEBUG_TI81XXUART2 is not set
+# CONFIG_DEBUG_TI81XXUART3 is not set
+# CONFIG_DEBUG_AM33XXUART1 is not set
+# CONFIG_DEBUG_ZOOM_UART is not set
+CONFIG_DEBUG_LL_INCLUDE="debug/omap2plus.S"
CONFIG_UNCOMPRESS_INCLUDE="debug/uncompress.h"
CONFIG_EARLY_PRINTK=y
CONFIG_OC_ETM=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_HW=y
# CONFIG_CRYPTO_DEV_HIFN_795X is not set
+CONFIG_CRYPTO_DEV_OMAP_SHAM=y
+CONFIG_CRYPTO_DEV_OMAP_AES=y
CONFIG_ASYMMETRIC_KEY_TYPE=m
CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=m
CONFIG_PUBLIC_KEY_ALGO_RSA=m
CONFIG_DECOMPRESS_XZ=y
CONFIG_DECOMPRESS_LZO=y
CONFIG_GENERIC_ALLOCATOR=y
+CONFIG_BCH=m
+CONFIG_BCH_CONST_PARAMS=y
CONFIG_TEXTSEARCH=y
CONFIG_TEXTSEARCH_KMP=m
CONFIG_TEXTSEARCH_BM=m
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.10.22 Kernel Configuration
+# Linux/arm 3.10.27 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
CONFIG_FIQ=y
CONFIG_VECTORS_BASE=0xffff0000
CONFIG_ARM_PATCH_PHYS_VIRT=y
+CONFIG_NEED_MACH_GPIO_H=y
CONFIG_NEED_MACH_IO_H=y
CONFIG_NEED_MACH_MEMORY_H=y
CONFIG_GENERIC_BUG=y
CONFIG_BCM2708_GPIO=y
CONFIG_BCM2708_VCMEM=y
# CONFIG_BCM2708_NOL2CACHE is not set
-CONFIG_BCM2708_DMAER=m
CONFIG_BCM2708_SPIDEV=y
+CONFIG_BCM2708_DMAER=m
#
# Processor Type
CONFIG_REGMAP=y
CONFIG_REGMAP_I2C=m
CONFIG_REGMAP_SPI=m
+CONFIG_REGMAP_MMIO=m
CONFIG_DMA_SHARED_BUFFER=y
CONFIG_CMA=y
# CONFIG_CMA_DEBUG is not set
CONFIG_V4L_PLATFORM_DRIVERS=y
# CONFIG_VIDEO_TIMBERDALE is not set
# CONFIG_SOC_CAMERA is not set
+CONFIG_VIDEO_BCM2835=y
+CONFIG_VIDEO_BCM2835_MMAL=m
# CONFIG_V4L_MEM2MEM_DRIVERS is not set
# CONFIG_V4L_TEST_DRIVERS is not set
CONFIG_SND_USB_CAIAQ_INPUT=y
CONFIG_SND_USB_6FIRE=m
CONFIG_SND_SOC=m
+CONFIG_SND_SOC_DMAENGINE_PCM=y
+CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM=y
# CONFIG_SND_ATMEL_SOC is not set
+CONFIG_SND_BCM2708_SOC_I2S=m
+CONFIG_SND_BCM2708_SOC_HIFIBERRY_DAC=m
+CONFIG_SND_BCM2708_SOC_HIFIBERRY_DIGI=m
+CONFIG_SND_BCM2708_SOC_RPI_DAC=m
CONFIG_SND_DESIGNWARE_I2S=m
CONFIG_SND_SOC_I2C_AND_SPI=m
# CONFIG_SND_SOC_ALL_CODECS is not set
+CONFIG_SND_SOC_PCM1794A=m
+CONFIG_SND_SOC_PCM5102A=m
+CONFIG_SND_SOC_WM8804=m
CONFIG_SND_SIMPLE_CARD=m
# CONFIG_SOUND_PRIME is not set
CONFIG_AC97_BUS=m
# CONFIG_DW_DMAC_BIG_ENDIAN_IO is not set
# CONFIG_TIMB_DMA is not set
CONFIG_PL330_DMA=y
+CONFIG_DMA_BCM2708=y
CONFIG_DMA_ENGINE=y
CONFIG_DMA_VIRTUAL_CHANNELS=y
CONFIG_DMA_OF=y
#
# DMA Clients
#
-CONFIG_NET_DMA=y
CONFIG_ASYNC_TX_DMA=y
CONFIG_DMATEST=m
# CONFIG_AUXDISPLAY is not set
srv/web/ipfire/cgi-bin/fireinfo.cgi
srv/web/ipfire/cgi-bin/firewall.cgi
srv/web/ipfire/cgi-bin/fwhosts.cgi
+srv/web/ipfire/cgi-bin/gpl.cgi
srv/web/ipfire/cgi-bin/gui.cgi
srv/web/ipfire/cgi-bin/hardwaregraphs.cgi
srv/web/ipfire/cgi-bin/hosts.cgi
#var/ipfire/extrahd/scan
#var/ipfire/extrahd/settings
var/ipfire/firewall
-#var/ipfire/firewall/bin
-#var/ipfire/firewall/bin/firewall-lib.pl
-#var/ipfire/firewall/bin/rules.pl
#var/ipfire/firewall/config
#var/ipfire/firewall/dmz
#var/ipfire/firewall/input
#usr/bin/catchsegv
#usr/bin/gencat
#usr/bin/getconf
-#usr/bin/getent
+usr/bin/getent
#usr/bin/iconv
usr/bin/ldd
#usr/bin/lddlibc4
#usr/bin/perl
#usr/include
#usr/lib
+usr/lib/firewall
+usr/lib/firewall/firewall-lib.pl
+usr/lib/firewall/rules.pl
#usr/lib/libgcc_s.so
usr/lib/libgcc_s.so.1
#usr/lib/libstdc++.la
usr/sbin/convert-portfw
usr/sbin/convert-xtaccess
usr/sbin/firewall-policy
-var/ipfire/firewall
-var/ipfire/firewall/bin/firewall-lib.pl
-var/ipfire/firewall/bin/rules.pl
-var/ipfire/firewall/config
-var/ipfire/firewall/input
-var/ipfire/firewall/outgoing
var/ipfire/firewall/p2protocols
-var/ipfire/firewall/settings
-var/ipfire/fwhosts
-var/ipfire/fwhosts/customhosts
-var/ipfire/fwhosts/customnetworks
-var/ipfire/fwhosts/customgroups
-var/ipfire/fwhosts/customservices
-var/ipfire/fwhosts/customservicegrp
var/ipfire/fwhosts/icmp-types
var/ipfire/menu.d/50-firewall.menu
#
#
-KVER="3.10.27"
+KVER="3.10.28"
MOUNT=`grep "kernel" /boot/grub/grub.conf 2>/dev/null | tail -n 1 `
# Nur den letzten Parameter verwenden
echo $MOUNT > /dev/null
ln -svf ../run /var/run
+# Creating directories for new firewall.
+mkdir -p /var/ipfire/firewall
+mkdir -p /var/ipfire/fwhosts
+
#
#Extract files
tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
/sbin/iptables -t nat -N NAT_SOURCE 2>/dev/null
/sbin/iptables -t nat -N NAT_DESTINATION 2>/dev/null
+# Create config files for firewall and fix permissions.
+touch /var/ipfire/firewall/config
+touch /var/ipfire/firewall/input
+touch /var/ipfire/firewall/outgoing
+touch /var/ipfire/firewall/settings
+touch /var/ipfire/fwhosts/customhosts
+touch /var/ipfire/fwhosts/customnetworks
+touch /var/ipfire/fwhosts/customgroups
+touch /var/ipfire/fwhosts/customservices
+touch /var/ipfire/fwhosts/customservicegrp
+
+# Fix ownership.
+chown -R nobody:nobody /var/ipfire/firewall
+chown -R nobody:nobody /var/ipfire/fwhosts
+
# Convert firewall configuration
/usr/sbin/convert-xtaccess
/usr/sbin/convert-outgoingfw
# Convert inittab and fstab
sed -i -e "s/tty1 9600$/tty1 9600 --noclear/g" /etc/inittab
+sed -i -e "s/xvc0 9600$/tty1 9600 --noclear/g" /etc/inittab
sed -i -e "s/^proc/#proc/g" /etc/fstab
sed -i -e "s/^sysfs/#sysfs/g" /etc/fstab
sed -i -e "s/^devpts/#devpts/g" /etc/fstab
/usr/local/bin/qosctrl start
fi
+# Update crontab
+cat <<EOF >> /var/spool/cron/root.orig
+
+# Re-read firewall rules every Sunday in March, October and November to take care of daylight saving time
+00 3 * 3 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
+00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
+EOF
+fcrontab -z &>/dev/null
+
case $(uname -m) in
i?86 )
echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae
+ echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae
+ echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae
fi
fi
echo "Name: linux-xen" > /opt/pakfire/db/installed/meta-linux-xen
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-xen
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-xen
+ echo "Name: linux-xen" > /opt/pakfire/db/meta/meta-linux-xen
+ echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-xen
+ echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-xen
# Add xvc0 to /etc/securetty
echo "xvc0" >> /etc/securetty
fi
echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
#
+killall -KILL pak_update
chmod +x /tmp/pak_update
/tmp/pak_update &
#usr/share/mysql/swedish/errmsg.sys
#usr/share/mysql/ukrainian
#usr/share/mysql/ukrainian/errmsg.sys
+var/ipfire/backup/addons/includes/mysql
var/run/mysql
fatload mmc 0:1 0x82000000 zImage-ipfire-multi
-fatload mmc 0:1 0x83600000 uInit-ipfire-multi
-fatload mmc 0:1 ${ftdaddr} omap4-${board_name}.dtb
-setenv bootargs vram=32M console=tty1 rootwait smsc95xx.macaddr=$usbethaddr root=/dev/mmcblk0p3 ro
-bootz 0x82000000 0x83600000 ${ftdaddr}
+fatload mmc 0:1 0x85000000 uInit-ipfire-multi
+#fatload mmc 0:1 ${fdtaddr} omap4-${board_name}.dtb
+setenv bootargs vram=32M earlyprintk console=tty1 rootwait smsc95xx.macaddr=$usbethaddr root=/dev/mmcblk0p3 ro
+# Pandaboard has serious Problems in dt mode with kernel 3.10.x
+#bootz 0x82000000 0x85000000 ${fdtaddr}
+bootz 0x82000000 0x85000000
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2013 Arne Fitzenreiter <arne_f@ipfire.org> #
+# Copyright (C) 2007-2014 Arne Fitzenreiter <arne_f@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
######################
#KERN_TYPE=xen
#KVER=2.6.32.61
-#KERN_PACK=27
-#KRNDOWN=http://mirror0.ipfire.org/pakfire2/2.13/paks
+#KERN_PACK=28
+#KRNDOWN=http://mirror0.ipfire.org/pakfire2/2.15/paks
###############################################################################
-SIZEboot=30
+SIZEboot=64
SIZEswap=512
-SIZEroot=512
-SIZEvar=950
+SIZEroot=1024
+SIZEvar=1024
# ct'server does not support ext4 so change this to ext3.
FSTYPE=ext4
#Add getty for xvc0
echo "#Enable login for XEN" >> $MNThdd/etc/inittab
-echo "8:2345:respawn:/sbin/agetty xvc0 9600" >> $MNThdd/etc/inittab
+echo "8:2345:respawn:/sbin/agetty xvc0 9600 -noclear" >> $MNThdd/etc/inittab
#Disable some initskripts
echo "#!/bin/sh" > $MNThdd/etc/rc.d/init.d/setclock
$errormessage.=$Lang::tr{'fwdfw err notgtip'};
return $errormessage;
}
+ #check for mac in targetgroup
+ if ($fwdfwsettings{'grp2'} eq 'cust_grp_tgt'){
+ &General::readhasharray("$configgrp", \%customgrp);
+ &General::readhasharray("$confighost", \%customhost);
+ foreach my $grpkey (sort keys %customgrp){
+ foreach my $hostkey (sort keys %customhost){
+ if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customhost{$hostkey}[1] eq 'mac'){
+ $hint=$Lang::tr{'fwdfw hint mac'};
+ return $hint;
+ }
+ }
+ }
+ }
#check empty fields
if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq ''){ $errormessage.=$Lang::tr{'fwdfw err notgt'}."<br>";}
#check tgt services
print "<class name='base'>$hint\n";
print " </class>\n";
&Header::closebox();
- print"<hr>";
- }
-}
-sub inc_counter
-{
- my $config=shift;
- my %hash=%{(shift)};
- my $val=shift;
- my $pos;
-
- &General::readhasharray($config, \%hash);
- foreach my $key (sort { uc($hash{$a}[0]) cmp uc($hash{$b}[0]) } keys %hash){
- if($hash{$key}[0] eq $val){
- $pos=$#{$hash{$key}};
- $hash{$key}[$pos] = $hash{$key}[$pos]+1;
- }
}
- &General::writehasharray($config, \%hash);
}
sub newrule
{
<td colspan='13'> </td>
</tr>
<tr>
- <td colspan='13'>
+ <td colspan='13' style="padding-left:0px;">
<table width="100%" border='1' rules="cols" cellspacing='0'>
END
print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='ACTION' value='delgrp'></form>";
}
print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='remark' value='$remark' ><input type='hidden' name='ACTION' value='editgrp'></form>";
- print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>Name</b></th><th align='center'><b>$Lang::tr{'ip address'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost type'}</th><th></th></tr>";
+ print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost type'}</th><th></th></tr>";
}
my $col='';
if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) {
}
}
-# Darren Critchley - certain ports are reserved for IPFire
-# TCP 67,68,81,222,445
-# UDP 67,68
-# Params passed in -> port, rangeyn, protocol
-sub disallowreserved
-{
- # port 67 and 68 same for tcp and udp, don't bother putting in an array
- my $msg = "";
- my @tcp_reserved = (81,222,445);
- my $prt = $_[0]; # the port or range
- my $ryn = $_[1]; # tells us whether or not it is a port range
- my $prot = $_[2]; # protocol
- my $srcdst = $_[3]; # source or destination
- if ($ryn) { # disect port range
- if ($srcdst eq "src") {
- $msg = "$Lang::tr{'rsvd src port overlap'}";
- } else {
- $msg = "$Lang::tr{'rsvd dst port overlap'}";
- }
- my @tmprng = split(/\:/,$prt);
- unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
- unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
- if ($prot eq "tcp") {
- foreach my $prange (@tcp_reserved) {
- unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
- }
- }
- } else {
- if ($srcdst eq "src") {
- $msg = "$Lang::tr{'reserved src port'}";
- } else {
- $msg = "$Lang::tr{'reserved dst port'}";
- }
- if ($prt == 67) { $errormessage="$msg 67"; return; }
- if ($prt == 68) { $errormessage="$msg 68"; return; }
- if ($prot eq "tcp") {
- foreach my $prange (@tcp_reserved) {
- if ($prange == $prt) { $errormessage="$msg $prange"; return; }
- }
- }
- }
- return;
-}
-
sub writeserverconf {
my %sovpnsettings = ();
my @temp = ();
goto SETTINGS_ERROR;
}
}
- if ($cgiparams{'ENABLED'} eq 'on'){
- &disallowreserved($cgiparams{'DDEST_PORT'},0,$cgiparams{'DPROTOCOL'},"dest");
- }
if ($errormessage) { goto SETTINGS_ERROR; }
-
-
+
if ($cgiparams{'ENABLED'} eq 'on'){
&checkportfw($cgiparams{'DDEST_PORT'},$cgiparams{'DPROTOCOL'});
}
-
if ($errormessage) { goto SETTINGS_ERROR; }
if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# #
###############################################################################
-print "Status: 302 Moved\n";
+if (! -e "/var/ipfire/main/gpl_accepted" ) {
+ print "Status: 302 Moved Temporarily\n";
+ print "Location: /cgi-bin/gpl.cgi\n\n";
+ exit (0);
+}
+
+print "Status: 302 Moved Temporarily\n";
print "Location: /cgi-bin/index.cgi\n\n";
border-top: 1px solid lightgrey;
border-bottom: 1px solid lightgrey;
background: #cccccc;
+ padding-left: 0.5em;
+ padding-right: 0.5em;
}
.tbl th:first-child {
.tbl th:only-child {
border: 1px solid lightgrey;
}
-
+.tbl td{
+ padding-left: 0.5em;
+ padding-right: 0.5em;
+}
.tbl tr td:first-child {
border-left: 1px solid lightgrey;
}
'fwdfw from' => 'Von:',
'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel mag eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.',
'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn macht: ',
+'fwdfw hint mac' => 'Sie nutzen MAC-Adressen in der Zielgruppe. Diese werden bei der Regelerstellung übersprungen.',
'fwdfw iface' => 'Interface',
'fwdfw ipsec network' => 'IPsec-Netzwerke:',
'fwdfw log' => 'Log',
'fwdfw sourceip' => 'Quelladresse (IP/MAC-Adresse oder Netzwerk):',
'fwdfw std network' => 'Standard Netzwerke:',
'fwdfw target' => 'Ziel',
-'fwdfw targetip' => 'Zieladresse (IP/MAC-Adresse oder Netzwerk):',
+'fwdfw targetip' => 'Zieladresse (IP-Adresse oder Netzwerk):',
'fwdfw till' => 'Bis:',
'fwdfw time' => 'Zeitrahmen',
'fwdfw timeframe' => 'Zeitrahmen hinzufügen',
'fwdfw from' => 'From:',
'fwdfw hint ip1' => 'The last generated rule may never match, because source and destination subnets may overlap.',
'fwdfw hint ip2' => 'Please double-check if this rule makes sense: ',
+'fwdfw hint mac' => 'The destination group contains MAC addresses, which will be skipped during rule creation.',
'fwdfw iface' => 'Interface',
'fwdfw ipsec network' => 'IPsec networks:',
'fwdfw log' => 'Log',
'fwdfw sourceip' => 'Source address (MAC/IP address or network):',
'fwdfw std network' => 'Standard networks:',
'fwdfw target' => 'Destination',
-'fwdfw targetip' => 'Destination address (MAC/IP address or network):',
+'fwdfw targetip' => 'Destination address (IP address or network):',
'fwdfw till' => 'Until:',
'fwdfw time' => 'Time Constraints',
'fwdfw timeframe' => 'Use time constraints',
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = avahi
-PAK_VER = 3
+PAK_VER = 4
-DEPS = "libdaemon"
+DEPS = "dbus libdaemon"
###############################################################################
# Top-level Rules
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure --prefix=/usr --with-avahi-user=avahi \
- --disable-qt3 --disable-qt4 --disable-gtk --disable-gtk3 \
- --disable-pygtk --disable-python-dbus --disable-mono \
- --disable-monodoc --with-distro=none --sysconfdir=/etc
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --with-avahi-user=avahi \
+ --disable-qt3 \
+ --disable-qt4 \
+ --disable-gtk \
+ --disable-gtk3 \
+ --disable-pygtk \
+ --disable-python-dbus \
+ --disable-mono \
+ --disable-monodoc \
+ --with-distro=none
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
cp -avf $(DIR_SRC)/config/avahi/avahi /etc/init.d/
# Create all directories
for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dns dnsforward \
- ethernet extrahd/bin fwlogs fwhosts firewall firewall/bin isdn key langs logging mac main \
+ ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \
menu.d modem net-traffic net-traffic/templates nfs optionsfw \
ovpn patches pakfire portfw ppp private proxy/advanced/cre \
proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \
cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced
cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans
cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/
- cp $(DIR_SRC)/config/firewall/rules.pl $(CONFIG_ROOT)/firewall/bin/rules.pl
cp $(DIR_SRC)/config/firewall/convert-xtaccess /usr/sbin/convert-xtaccess
cp $(DIR_SRC)/config/firewall/convert-outgoingfw /usr/sbin/convert-outgoingfw
cp $(DIR_SRC)/config/firewall/convert-dmz /usr/sbin/convert-dmz
cp $(DIR_SRC)/config/firewall/convert-portfw /usr/sbin/convert-portfw
cp $(DIR_SRC)/config/firewall/p2protocols $(CONFIG_ROOT)/firewall/p2protocols
- cp $(DIR_SRC)/config/firewall/firewall-lib.pl $(CONFIG_ROOT)/firewall/bin/firewall-lib.pl
cp $(DIR_SRC)/config/firewall/firewall-policy /usr/sbin/firewall-policy
cp $(DIR_SRC)/config/fwhosts/icmp-types $(CONFIG_ROOT)/fwhosts/icmp-types
cp $(DIR_SRC)/config/fwhosts/customservices $(CONFIG_ROOT)/fwhosts/customservices
echo "DROPWIRELESSFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
echo "POLICY=MODE2" >> $(CONFIG_ROOT)/firewall/settings
echo "POLICY1=MODE2" >> $(CONFIG_ROOT)/firewall/settings
-
- # set rules.pl executable
- chmod 755 $(CONFIG_ROOT)/firewall/bin/rules.pl
-
+
# set converters executable
chmod 755 /usr/sbin/convert-*
-
+
# Modify variables in header.pl
sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
-e "s+VERSION+$(VERSION)+g" \
include Config
-VER = 3.10.27
+VER = 3.10.28
-RPI_PATCHES = linux-3.10.10-grsec-c1af7c6
-GRS_PATCHES = grsecurity-2.9.1-3.10.27-ipfire1.patch.xz
+RPI_PATCHES = linux-3.10.27-grsec-943b563
+GRS_PATCHES = grsecurity-2.9.1-3.10.28-ipfire1.patch.xz
THISAPP = linux-$(VER)
DL_FILE = linux-$(VER).tar.xz
CFLAGS =
CXXFLAGS =
-PAK_VER = 32
+PAK_VER = 33
DEPS = ""
VERSUFIX=ipfire$(KCFG)
rpi-patches-$(RPI_PATCHES).patch.xz = $(URL_IPFIRE)/rpi-patches-$(RPI_PATCHES).patch.xz
$(GRS_PATCHES) = $(URL_IPFIRE)/$(GRS_PATCHES)
-$(DL_FILE)_MD5 = 4edaaea57dc940969c54ac249e49f7e7
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = f55981853573236069db5ad9fb7a4bd9
-$(GRS_PATCHES)_MD5 = a83aad5c389ea9a496ba41608267d3dc
+$(DL_FILE)_MD5 = 789a39e8a381a60e46fe922cb66d77e2
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = 8cf81f48408306d93ccee59b58af2e92
+$(GRS_PATCHES)_MD5 = ebbcee19d1231da81f7238de703ff911
install : $(TARGET)
chgrp -v mysql /srv/mysql{,/test,/mysql}
chown mysql.mysql /srv/mysql/
install -v -m755 -o mysql -g mysql -d /var/run/mysql
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/mysql \
+ /var/ipfire/backup/addons/includes/mysql
@rm -rf $(DIR_APP)
@$(POSTBUILD)
include Config
-VER = 1.3.11
+VER = 1.4.4
THISAPP = nginx-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 4d299999bca4d2cecfbe48e51684a345
-
-objects += nginx_tcp_proxy_module.tar.bz2
-nginx_tcp_proxy_module.tar.bz2 = $(DL_FROM)/nginx_tcp_proxy_module.tar.bz2
-nginx_tcp_proxy_module.tar.bz2_MD5 = f07898b5b783ef65d416019b51cb1de8
+$(DL_FILE)_MD5 = 5dfaba1cbeae9087f3949860a02caa9f
install : $(TARGET)
--with-imap --with-imap_ssl_module --with-http_ssl_module \
--with-http_stub_status_module \
--with-http_dav_module \
- --with-http_sub_module \
- --add-module=nginx_tcp_proxy_module/
+ --with-http_sub_module
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
mkdir -p /var/log/nginx /var/spool/nginx
cp /usr/src/config/nginx/nginx /etc/init.d/
# chown http:http /var/log/nginx
-# @rm -rf $(DIR_APP)
+ @rm -rf $(DIR_APP)
@$(POSTBUILD)
include Config
-VER = d4f5315
+VER = 940dc3b
THISAPP = rpi-firmware-$(VER)
DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 65c0a859ab96cb563a80e3529c78f555
+$(DL_FILE)_MD5 = d8e02dc961aa8b5289912fe926a420de
install : $(TARGET)
# Move script to correct place.
mv -vf /usr/local/bin/ovpn-ccd-convert /usr/sbin/
+ # Install firewall scripts.
+ mkdir -pv /usr/lib/firewall
+ install -m 755 $(DIR_SRC)/config/firewall/rules.pl \
+ /usr/lib/firewall/rules.pl
+ install -m 644 $(DIR_SRC)/config/firewall/firewall-lib.pl \
+ /usr/lib/firewall/firewall-lib.pl
+
# Nobody user
-mkdir -p /home/nobody
chown -R nobody:nobody /home/nobody
echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae
+ echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae
+ echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae
fi
fi
if (!(initsetuid()))
exit(1);
- int retval = safe_system("/var/ipfire/firewall/bin/rules.pl");
+ int retval = safe_system("/usr/lib/firewall/rules.pl");
/* If rules.pl has been successfully executed, the indicator
* file is removed. */
############################################################################
#
. /opt/pakfire/lib/functions.sh
+
+# Create Username and group.
+getent group avahi >/dev/null || groupadd -r avahi
+getent passwd avahi >/dev/null || \
+ useradd -r -g avahi -d /var/run/avahi-daemon -s /sbin/nologin \
+ -c "Avahi mDNS daemon" avahi
+
extract_files
ln -svf ../init.d/avahi /etc/rc.d/rc3.d/S65avahi
ln -svf ../init.d/avahi /etc/rc.d/rc0.d/K35avahi
############################################################################
#
. /opt/pakfire/lib/functions.sh
+
extract_files
+
ln -svf ../init.d/mysql /etc/rc.d/rc0.d/K26mysql
ln -svf ../init.d/mysql /etc/rc.d/rc3.d/S34mysql
ln -svf ../init.d/mysql /etc/rc.d/rc6.d/K26mysql
-/etc/init.d/mysql start
+
+restore_backup "${NAME}"
+
+start_service "${NAME}"
+
COUNTER=0
while [ "$COUNTER" -lt "10" ]; do
[ -e "/var/run/mysql/mysql.sock" ] && break
sleep 5
COUNTER=$(($COUNTER + 1))
done
+
[ -e "/var/run/mysql/mysql.sock" ] || (echo "MySQL still noch running... Exiting."; \
exit 1)
+
mysqladmin -u root --password='' password 'mysqlfire'
############################################################################
#
. /opt/pakfire/lib/functions.sh
+
+# Stop the mysql service
+stop_service "${NAME}"
+
+# Make backup
+make_backup "${NAME}"
+
remove_files
+
+# Remove start links.
rm -rvf /etc/rc.d/rc*.d/*mysql
############################################################################
#
. /opt/pakfire/lib/functions.sh
-./uninstall.sh
-./install.sh
+
+# Create backup include file if it is missing.
+if [ ! -e "/var/ipfire/backup/addons/includes/mysql" ]; then
+ cat <<EOF > /var/ipfire/backup/addons/includes/mysql
+/etc/my.cnf
+/srv/mysql
+EOF
+fi
+
+# Stop the mysql service
+stop_service "${NAME}"
+
+# Make backup
+make_backup "${NAME}"
+
+# Update files
+remove_files
+extract_files
+
+# Restore backup
+restore_backup "${NAME}"
+
+# Restart the service
+start_service "${NAME}"
+
+exit 0