From: Michael Tremer Date: Mon, 12 May 2014 17:30:02 +0000 (+0200) Subject: Merge remote-tracking branch 'stevee/snort-update' into next X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=dbe2a1cc36f78e1cf48150dc4e1756be1d04abce;hp=afe1107dc978dfae14c576cc1d9dc80c9e09107e Merge remote-tracking branch 'stevee/snort-update' into next --- diff --git a/config/rootfiles/packages/nut b/config/rootfiles/packages/nut index 53935f0f2..4e6167e0d 100644 --- a/config/rootfiles/packages/nut +++ b/config/rootfiles/packages/nut @@ -6,8 +6,10 @@ etc/nut/upsd.users.sample etc/nut/upsmon.conf.sample etc/nut/upssched.conf.sample etc/udev/rules.d/52-nut-usbups.rules +usr/bin/al175 usr/bin/apcsmart usr/bin/apcsmart-old +usr/bin/apcupsd-ups usr/bin/bcmxcp usr/bin/bcmxcp_usb usr/bin/belkin @@ -34,14 +36,18 @@ usr/bin/metasys usr/bin/mge-shut usr/bin/mge-utalk usr/bin/microdowell -usr/bin/newmge-shut usr/bin/nut-scanner +usr/bin/nutdrv_atcl_usb +usr/bin/nutdrv_qx +usr/bin/oldmge-shut usr/bin/oneac usr/bin/optiups usr/bin/powercom usr/bin/powerpanel usr/bin/rhino usr/bin/richcomm_usb +usr/bin/riello_ser +usr/bin/riello_usb usr/bin/safenet usr/bin/skel usr/bin/snmp-ups @@ -52,14 +58,16 @@ usr/bin/tripplitesu usr/bin/upsc usr/bin/upscmd usr/bin/upscode2 -usr/bin/upsdrvctl usr/bin/upslog usr/bin/upsrw usr/bin/upssched-cmd usr/bin/usbhid-ups usr/bin/victronups -#usr/cgi-bin -#usr/html +#usr/lib/libnutclient.a +#usr/lib/libnutclient.la +usr/lib/libnutclient.so +usr/lib/libnutclient.so.0 +usr/lib/libnutclient.so.0.0.0 #usr/lib/libnutscan.a #usr/lib/libnutscan.la usr/lib/libnutscan.so @@ -68,9 +76,10 @@ usr/lib/libnutscan.so.1.0.0 #usr/lib/libupsclient.a #usr/lib/libupsclient.la usr/lib/libupsclient.so -usr/lib/libupsclient.so.1 -usr/lib/libupsclient.so.1.1.0 +usr/lib/libupsclient.so.4 +usr/lib/libupsclient.so.4.0.0 usr/sbin/upsd +usr/sbin/upsdrvctl usr/sbin/upsmon usr/sbin/upssched usr/share/cmdvartab @@ -81,8 +90,10 @@ usr/share/driver.list #usr/share/man/man5/upsd.users.5 #usr/share/man/man5/upsmon.conf.5 #usr/share/man/man5/upssched.conf.5 +#usr/share/man/man8/al175.8 #usr/share/man/man8/apcsmart-old.8 #usr/share/man/man8/apcsmart.8 +#usr/share/man/man8/apcupsd-ups.8 #usr/share/man/man8/bcmxcp.8 #usr/share/man/man8/bcmxcp_usb.8 #usr/share/man/man8/belkin.8 @@ -91,7 +102,8 @@ usr/share/driver.list #usr/share/man/man8/bestfortress.8 #usr/share/man/man8/bestuferrups.8 #usr/share/man/man8/bestups.8 -#usr/share/man/man8/blazer.8 +#usr/share/man/man8/blazer_ser.8 +#usr/share/man/man8/blazer_usb.8 #usr/share/man/man8/clone.8 #usr/share/man/man8/dummy-ups.8 #usr/share/man/man8/etapro.8 @@ -107,7 +119,10 @@ usr/share/driver.list #usr/share/man/man8/mge-shut.8 #usr/share/man/man8/mge-utalk.8 #usr/share/man/man8/microdowell.8 +#usr/share/man/man8/nut-recorder.8 #usr/share/man/man8/nut-scanner.8 +#usr/share/man/man8/nutdrv_atcl_usb.8 +#usr/share/man/man8/nutdrv_qx.8 #usr/share/man/man8/nutupsdrv.8 #usr/share/man/man8/oneac.8 #usr/share/man/man8/optiups.8 @@ -115,6 +130,8 @@ usr/share/driver.list #usr/share/man/man8/powerpanel.8 #usr/share/man/man8/rhino.8 #usr/share/man/man8/richcomm_usb.8 +#usr/share/man/man8/riello_ser.8 +#usr/share/man/man8/riello_usb.8 #usr/share/man/man8/safenet.8 #usr/share/man/man8/snmp-ups.8 #usr/share/man/man8/solis.8 diff --git a/doc/language_issues.de b/doc/language_issues.de index 3746d7d9b..a00e97a05 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -1,4 +1,3 @@ -WARNING: translation string unused: Client status and controlc WARNING: translation string unused: ConnSched scheduler WARNING: translation string unused: ConnSched select profile WARNING: translation string unused: HDD temperature @@ -364,6 +363,7 @@ WARNING: translation string unused: network time WARNING: translation string unused: network traffic graphs WARNING: translation string unused: network updated WARNING: translation string unused: networks settings +WARNING: translation string unused: never WARNING: translation string unused: new optionsfw must boot WARNING: translation string unused: no alcatelusb firmware WARNING: translation string unused: no cfg upload @@ -411,6 +411,8 @@ WARNING: translation string unused: override mtu WARNING: translation string unused: ovpn config WARNING: translation string unused: ovpn dl WARNING: translation string unused: ovpn log +WARNING: translation string unused: ovpn reneg sec +WARNING: translation string unused: ovpn_fastio WARNING: translation string unused: ovpn_fragment WARNING: translation string unused: ovpn_mssfix WARNING: translation string unused: ovpn_mtudisc @@ -456,16 +458,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -596,7 +594,6 @@ WARNING: translation string unused: use dov WARNING: translation string unused: use ibod WARNING: translation string unused: view log WARNING: translation string unused: vpn aggrmode -WARNING: translation string unused: vpn configuration main WARNING: translation string unused: vpn incompatible use of defaultroute WARNING: translation string unused: vpn mtu invalid WARNING: translation string unused: vpn on blue @@ -612,19 +609,21 @@ WARNING: translation string unused: xtaccess all error WARNING: translation string unused: xtaccess bad transfert WARNING: translation string unused: year-graph WARNING: translation string unused: yearly firewallhits -WARNING: untranslated string: Number of Countries for the pie chart WARNING: untranslated string: Scan for Songs WARNING: untranslated string: addons WARNING: untranslated string: bytes WARNING: untranslated string: community rules WARNING: untranslated string: dead peer detection +WARNING: untranslated string: dns servers +WARNING: untranslated string: downlink WARNING: untranslated string: emerging rules -WARNING: untranslated string: firewall logs country +WARNING: untranslated string: first WARNING: untranslated string: fwhost err hostip +WARNING: untranslated string: last WARNING: untranslated string: monitor interface WARNING: untranslated string: qos add subclass WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table -WARNING: untranslated string: source ip country +WARNING: untranslated string: uplink diff --git a/doc/language_issues.en b/doc/language_issues.en index a64b82266..ba7f0307d 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -1,4 +1,3 @@ -WARNING: translation string unused: Client status and controlc WARNING: translation string unused: ConnSched scheduler WARNING: translation string unused: ConnSched select profile WARNING: translation string unused: HDD temperature @@ -146,6 +145,7 @@ WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net WARNING: translation string unused: destination net WARNING: translation string unused: destination port overlaps +WARNING: translation string unused: dh name is invalid WARNING: translation string unused: dhcp base ip fixed lease WARNING: translation string unused: dhcp create fixed leases WARNING: translation string unused: dhcp fixed lease err1 @@ -389,6 +389,7 @@ WARNING: translation string unused: network time WARNING: translation string unused: network traffic graphs WARNING: translation string unused: network updated WARNING: translation string unused: networks settings +WARNING: translation string unused: never WARNING: translation string unused: new optionsfw must boot WARNING: translation string unused: no alcatelusb firmware WARNING: translation string unused: no cfg upload @@ -437,8 +438,8 @@ WARNING: translation string unused: override mtu WARNING: translation string unused: ovpn config WARNING: translation string unused: ovpn dl WARNING: translation string unused: ovpn log +WARNING: translation string unused: ovpn reneg sec WARNING: translation string unused: ovpn_fastio -WARNING: translation string unused: ovpn_fragment WARNING: translation string unused: ovpn_mssfix WARNING: translation string unused: ovpn_mtudisc WARNING: translation string unused: ovpn_processprio @@ -484,16 +485,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -548,6 +545,7 @@ WARNING: translation string unused: successfully refreshed updates list WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information +WARNING: translation string unused: teovpn_fragment WARNING: translation string unused: test WARNING: translation string unused: test email could not be sent WARNING: translation string unused: test email was sent @@ -631,7 +629,6 @@ WARNING: translation string unused: use dov WARNING: translation string unused: use ibod WARNING: translation string unused: view log WARNING: translation string unused: vpn aggrmode -WARNING: translation string unused: vpn configuration main WARNING: translation string unused: vpn incompatible use of defaultroute WARNING: translation string unused: vpn mtu invalid WARNING: translation string unused: vpn on blue @@ -647,13 +644,16 @@ WARNING: translation string unused: xtaccess all error WARNING: translation string unused: xtaccess bad transfert WARNING: translation string unused: year-graph WARNING: translation string unused: yearly firewallhits -WARNING: untranslated string: Number of Countries for the pie chart WARNING: untranslated string: Scan for Songs WARNING: untranslated string: bytes +WARNING: untranslated string: dns servers +WARNING: untranslated string: downlink +WARNING: untranslated string: first WARNING: untranslated string: fwhost err hostip +WARNING: untranslated string: last WARNING: untranslated string: monitor interface WARNING: untranslated string: route config changed WARNING: untranslated string: routing config added WARNING: untranslated string: routing config changed WARNING: untranslated string: routing table -WARNING: untranslated string: source ip country +WARNING: untranslated string: uplink diff --git a/doc/language_issues.es b/doc/language_issues.es index 92622bdaf..54cb32e98 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -420,16 +420,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -638,8 +634,9 @@ WARNING: untranslated string: dead peer detection WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: details WARNING: untranslated string: dh +WARNING: untranslated string: dh key move failed WARNING: untranslated string: dh key warn -WARNING: untranslated string: dh name is invalid +WARNING: untranslated string: dh key warn1 WARNING: untranslated string: dnat address WARNING: untranslated string: dns servers WARNING: untranslated string: dnsforward @@ -877,7 +874,8 @@ WARNING: untranslated string: outgoing firewall p2p allow WARNING: untranslated string: outgoing firewall p2p deny WARNING: untranslated string: ovpn crypt options WARNING: untranslated string: ovpn dh -WARNING: untranslated string: ovpn dh name +WARNING: untranslated string: ovpn dh upload +WARNING: untranslated string: ovpn engines WARNING: untranslated string: ovpn errmsg green already pushed WARNING: untranslated string: ovpn errmsg invalid ip or mask WARNING: untranslated string: ovpn generating the root and host certificates diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 65e036fa8..0386f243c 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -431,16 +431,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -648,8 +644,9 @@ WARNING: untranslated string: dead peer detection WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: details WARNING: untranslated string: dh +WARNING: untranslated string: dh key move failed WARNING: untranslated string: dh key warn -WARNING: untranslated string: dh name is invalid +WARNING: untranslated string: dh key warn1 WARNING: untranslated string: dnat address WARNING: untranslated string: dns address deleted txt WARNING: untranslated string: dns servers @@ -888,7 +885,8 @@ WARNING: untranslated string: other WARNING: untranslated string: outgoing firewall access WARNING: untranslated string: ovpn crypt options WARNING: untranslated string: ovpn dh -WARNING: untranslated string: ovpn dh name +WARNING: untranslated string: ovpn dh upload +WARNING: untranslated string: ovpn engines WARNING: untranslated string: ovpn generating the root and host certificates WARNING: untranslated string: ovpn ha WARNING: untranslated string: ovpn hmac diff --git a/doc/language_issues.nl b/doc/language_issues.nl index e06e8a75c..7c6f729dd 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -485,16 +485,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -654,8 +650,9 @@ WARNING: untranslated string: atm device WARNING: untranslated string: bytes WARNING: untranslated string: capabilities WARNING: untranslated string: dh +WARNING: untranslated string: dh key move failed WARNING: untranslated string: dh key warn -WARNING: untranslated string: dh name is invalid +WARNING: untranslated string: dh key warn1 WARNING: untranslated string: dns servers WARNING: untranslated string: drop outgoing WARNING: untranslated string: firewall logs country @@ -681,7 +678,8 @@ WARNING: untranslated string: monitor interface WARNING: untranslated string: not a valid dh key WARNING: untranslated string: ovpn crypt options WARNING: untranslated string: ovpn dh -WARNING: untranslated string: ovpn dh name +WARNING: untranslated string: ovpn dh upload +WARNING: untranslated string: ovpn engines WARNING: untranslated string: ovpn generating the root and host certificates WARNING: untranslated string: ovpn ha WARNING: untranslated string: ovpn hmac diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 92622bdaf..54cb32e98 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -420,16 +420,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -638,8 +634,9 @@ WARNING: untranslated string: dead peer detection WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: details WARNING: untranslated string: dh +WARNING: untranslated string: dh key move failed WARNING: untranslated string: dh key warn -WARNING: untranslated string: dh name is invalid +WARNING: untranslated string: dh key warn1 WARNING: untranslated string: dnat address WARNING: untranslated string: dns servers WARNING: untranslated string: dnsforward @@ -877,7 +874,8 @@ WARNING: untranslated string: outgoing firewall p2p allow WARNING: untranslated string: outgoing firewall p2p deny WARNING: untranslated string: ovpn crypt options WARNING: untranslated string: ovpn dh -WARNING: untranslated string: ovpn dh name +WARNING: untranslated string: ovpn dh upload +WARNING: untranslated string: ovpn engines WARNING: untranslated string: ovpn errmsg green already pushed WARNING: untranslated string: ovpn errmsg invalid ip or mask WARNING: untranslated string: ovpn generating the root and host certificates diff --git a/doc/language_issues.ru b/doc/language_issues.ru index fbf4d46ef..c7c39ec98 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -425,16 +425,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -642,8 +638,9 @@ WARNING: untranslated string: dead peer detection WARNING: untranslated string: deprecated fs warn WARNING: untranslated string: details WARNING: untranslated string: dh +WARNING: untranslated string: dh key move failed WARNING: untranslated string: dh key warn -WARNING: untranslated string: dh name is invalid +WARNING: untranslated string: dh key warn1 WARNING: untranslated string: disk access per WARNING: untranslated string: dnat address WARNING: untranslated string: dns servers @@ -872,7 +869,8 @@ WARNING: untranslated string: outgoing firewall access WARNING: untranslated string: outgoing traffic in bytes per second WARNING: untranslated string: ovpn crypt options WARNING: untranslated string: ovpn dh -WARNING: untranslated string: ovpn dh name +WARNING: untranslated string: ovpn dh upload +WARNING: untranslated string: ovpn engines WARNING: untranslated string: ovpn generating the root and host certificates WARNING: untranslated string: ovpn ha WARNING: untranslated string: ovpn hmac diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 816967cd3..06cacf10f 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -484,16 +484,12 @@ WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile WARNING: translation string unused: requested data -WARNING: translation string unused: reserved dst port -WARNING: translation string unused: reserved src port WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path WARNING: translation string unused: root user password WARNING: translation string unused: route subnet is invalid WARNING: translation string unused: router ip -WARNING: translation string unused: rsvd dst port overlap -WARNING: translation string unused: rsvd src port overlap WARNING: translation string unused: rules already up to date WARNING: translation string unused: safe removal of umounted device WARNING: translation string unused: save error @@ -652,8 +648,9 @@ WARNING: untranslated string: Scan for Songs WARNING: untranslated string: bytes WARNING: untranslated string: capabilities WARNING: untranslated string: dh +WARNING: untranslated string: dh key move failed WARNING: untranslated string: dh key warn -WARNING: untranslated string: dh name is invalid +WARNING: untranslated string: dh key warn1 WARNING: untranslated string: firewall logs country WARNING: untranslated string: fwhost err hostip WARNING: untranslated string: gen dh @@ -677,7 +674,8 @@ WARNING: untranslated string: monitor interface WARNING: untranslated string: not a valid dh key WARNING: untranslated string: ovpn crypt options WARNING: untranslated string: ovpn dh -WARNING: untranslated string: ovpn dh name +WARNING: untranslated string: ovpn dh upload +WARNING: untranslated string: ovpn engines WARNING: untranslated string: ovpn generating the root and host certificates WARNING: untranslated string: ovpn ha WARNING: untranslated string: ovpn hmac diff --git a/doc/language_missings b/doc/language_missings index b8fe1b475..d25ea40f8 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -6,6 +6,7 @@ ############################################################################ < addon < ccd maxclients +< ovpn_fragment ############################################################################ # Checking install/setup translations for language: fr # ############################################################################ @@ -79,8 +80,9 @@ < deprecated fs warn < details < dh +< dh key move failed < dh key warn -< dh name is invalid +< dh key warn1 < dnat address < dns address deleted txt < dnsforward @@ -90,8 +92,6 @@ < dnsforward entries < dnsforward forward_server < dnsforward zone -< dns servers -< downlink < dpd delay < dpd timeout < drop action @@ -119,8 +119,8 @@ < fireinfo why enable < fireinfo why read more < fireinfo your profile id +< firewall logs country < firewall rules -< first < flag < forward firewall < fw default drop @@ -319,7 +319,6 @@ < ipsec < ipsec network < ipsec no connections -< last < least preferred < lifetime < mac filter @@ -342,11 +341,13 @@ < modem sim information < modem status < most preferred +< never < no hardware random number generator < not a valid dh key < notice < ntp common settings < ntp sync +< Number of Countries for the pie chart < openvpn default < openvpn destination port used < openvpn disabled @@ -363,7 +364,8 @@ < outgoing firewall access < ovpn crypt options < ovpn dh -< ovpn dh name +< ovpn dh upload +< ovpn engines < ovpn generating the root and host certificates < ovpn ha < ovpn hmac @@ -377,6 +379,7 @@ < ovpn mtu-disc yes < ovpn no connections < ovpn port in root range +< ovpn reneg sec < p2p block < p2p block save notice < proxy reports @@ -392,6 +395,7 @@ < snat new source ip address < snort working < software version +< source ip country < ssh < static routes < support donation @@ -453,7 +457,6 @@ < tor use exit nodes < updxlrtr sources < updxlrtr standard view -< uplink < upload dh key < upload new ruleset < uptime @@ -590,8 +593,9 @@ < deprecated fs warn < details < dh +< dh key move failed < dh key warn -< dh name is invalid +< dh key warn1 < dnat address < dnsforward < dnsforward add a new entry @@ -600,8 +604,6 @@ < dnsforward entries < dnsforward forward_server < dnsforward zone -< dns servers -< downlink < dpd delay < dpd timeout < drop action @@ -629,8 +631,8 @@ < fireinfo why enable < fireinfo why read more < fireinfo your profile id +< firewall logs country < firewall rules -< first < flag < forward firewall < fw default drop @@ -829,7 +831,6 @@ < ipsec < ipsec network < ipsec no connections -< last < least preferred < lifetime < mac filter @@ -852,9 +853,11 @@ < modem sim information < modem status < most preferred +< never < no hardware random number generator < not a valid dh key < notice +< Number of Countries for the pie chart < openvpn default < openvpn destination port used < openvpn disabled @@ -885,7 +888,8 @@ < outgoing firewall view group < ovpn crypt options < ovpn dh -< ovpn dh name +< ovpn dh upload +< ovpn engines < ovpn errmsg green already pushed < ovpn errmsg invalid ip or mask < ovpn generating the root and host certificates @@ -901,6 +905,7 @@ < ovpn mtu-disc yes < ovpn no connections < ovpn port in root range +< ovpn reneg sec < ovpn routes push < ovpn routes push options < p2p block @@ -918,6 +923,7 @@ < show dh < snat new source ip address < software version +< source ip country < ssh < static routes < support donation @@ -979,7 +985,6 @@ < tor use exit nodes < updxlrtr sources < updxlrtr standard view -< uplink < upload dh key < uptime < uptime load average @@ -1092,8 +1097,9 @@ < deprecated fs warn < details < dh +< dh key move failed < dh key warn -< dh name is invalid +< dh key warn1 < dnat address < dnsforward < dnsforward add a new entry @@ -1102,8 +1108,6 @@ < dnsforward entries < dnsforward forward_server < dnsforward zone -< dns servers -< downlink < dpd delay < dpd timeout < drop action @@ -1123,8 +1127,8 @@ < extrahd unable to read < extrahd unable to write < extrahd you cant mount +< firewall logs country < firewall rules -< first < flag < forward firewall < fw default drop @@ -1323,7 +1327,6 @@ < ipsec < ipsec network < ipsec no connections -< last < least preferred < lifetime < mac filter @@ -1346,9 +1349,11 @@ < modem sim information < modem status < most preferred +< never < no hardware random number generator < not a valid dh key < notice +< Number of Countries for the pie chart < openvpn default < openvpn destination port used < openvpn disabled @@ -1365,7 +1370,8 @@ < outgoing firewall access < ovpn crypt options < ovpn dh -< ovpn dh name +< ovpn dh upload +< ovpn engines < ovpn errmsg green already pushed < ovpn errmsg invalid ip or mask < ovpn generating the root and host certificates @@ -1381,6 +1387,7 @@ < ovpn mtu-disc yes < ovpn no connections < ovpn port in root range +< ovpn reneg sec < ovpn routes push < ovpn routes push options < p2p block @@ -1397,6 +1404,7 @@ < show dh < snat new source ip address < software version +< source ip country < ssh < static routes < support donation @@ -1457,7 +1465,6 @@ < tor use exit nodes < updxlrtr sources < updxlrtr standard view -< uplink < upload dh key < uptime < uptime load average @@ -1572,8 +1579,9 @@ < deprecated fs warn < details < dh +< dh key move failed < dh key warn -< dh name is invalid +< dh key warn1 < disk access per < dnat address < dnsforward @@ -1583,8 +1591,6 @@ < dnsforward entries < dnsforward forward_server < dnsforward zone -< dns servers -< downlink < dpd delay < dpd timeout < drop action @@ -1605,8 +1611,8 @@ < extrahd unable to read < extrahd unable to write < extrahd you cant mount +< firewall logs country < firewall rules -< first < flag < forward firewall < frequency @@ -1808,7 +1814,6 @@ < ipsec < ipsec network < ipsec no connections -< last < least preferred < lifetime < mac filter @@ -1832,9 +1837,11 @@ < modem status < month-graph < most preferred +< never < no hardware random number generator < not a valid dh key < notice +< Number of Countries for the pie chart < openvpn default < openvpn destination port used < openvpn disabled @@ -1852,7 +1859,8 @@ < outgoing traffic in bytes per second < ovpn crypt options < ovpn dh -< ovpn dh name +< ovpn dh upload +< ovpn engines < ovpn generating the root and host certificates < ovpn ha < ovpn hmac @@ -1866,6 +1874,7 @@ < ovpn mtu-disc yes < ovpn no connections < ovpn port in root range +< ovpn reneg sec < p2p block < p2p block save notice < proxy reports @@ -1880,6 +1889,7 @@ < show dh < snat new source ip address < software version +< source ip country < ssh < static routes < support donation @@ -1940,7 +1950,6 @@ < tor use exit nodes < updxlrtr sources < updxlrtr standard view -< uplink < upload dh key < uptime < uptime load average diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index dec27b722..df5f9ece2 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2013 IPFire Team # +# Copyright (C) 2007-2014 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -19,7 +19,6 @@ # # ############################################################################### ### -# Based on IPFireCore 76 ### use CGI; use CGI qw/:standard/; @@ -90,8 +89,10 @@ $cgiparams{'DCOMPLZO'} = 'off'; $cgiparams{'MSSFIX'} = ''; $cgiparams{'number'} = ''; $cgiparams{'PMTU_DISCOVERY'} = ''; -$cgiparams{'DAUTH'} = ''; $cgiparams{'DCIPHER'} = ''; +$cgiparams{'DAUTH'} = ''; +$cgiparams{'TLSAUTH'} = ''; +$cgiparams{'ENGINES'} = ''; $routes_push_file = "${General::swroot}/ovpn/routes_push"; unless (-e $routes_push_file) { system("touch $routes_push_file"); } unless (-e "${General::swroot}/ovpn/ccd.conf") { system("touch ${General::swroot}/ovpn/ccd.conf"); } @@ -226,6 +227,50 @@ sub checkportinc } } +# Darren Critchley - certain ports are reserved for IPFire +# TCP 67,68,81,222,444 +# UDP 67,68 +# Params passed in -> port, rangeyn, protocol +sub disallowreserved +{ + # port 67 and 68 same for tcp and udp, don't bother putting in an array + my $msg = ""; + my @tcp_reserved = (81,222,444); + my $prt = $_[0]; # the port or range + my $ryn = $_[1]; # tells us whether or not it is a port range + my $prot = $_[2]; # protocol + my $srcdst = $_[3]; # source or destination + if ($ryn) { # disect port range + if ($srcdst eq "src") { + $msg = "$Lang::tr{'rsvd src port overlap'}"; + } else { + $msg = "$Lang::tr{'rsvd dst port overlap'}"; + } + my @tmprng = split(/\:/,$prt); + unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; } + unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; } + if ($prot eq "tcp") { + foreach my $prange (@tcp_reserved) { + unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; } + } + } + } else { + if ($srcdst eq "src") { + $msg = "$Lang::tr{'reserved src port'}"; + } else { + $msg = "$Lang::tr{'reserved dst port'}"; + } + if ($prt == 67) { $errormessage="$msg 67"; return; } + if ($prt == 68) { $errormessage="$msg 68"; return; } + if ($prot eq "tcp") { + foreach my $prange (@tcp_reserved) { + if ($prange == $prt) { $errormessage="$msg $prange"; return; } + } + } + } + return; +} + sub writeserverconf { my %sovpnsettings = (); @@ -251,7 +296,7 @@ sub writeserverconf { print CONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n"; print CONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n"; print CONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n"; - print CONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n"; + print CONF "dh ${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}\n"; my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'}); print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n"; #print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n"; @@ -321,8 +366,16 @@ sub writeserverconf { if ($sovpnsettings{'DAUTH'} eq '') { print CONF ""; } else { - print CONF "auth $sovpnsettings{'DAUTH'}\n"; - } + print CONF "auth $sovpnsettings{'DAUTH'}\n"; + } + if ($sovpnsettings{'TLSAUTH'} eq 'on') { + print CONF "tls-auth ${General::swroot}/ovpn/ca/ta.key 0\n"; + } + if ($sovpnsettings{ENGINES} eq 'disabled') { + print CONF ""; + } else { + print CONF "engine $sovpnsettings{ENGINES}\n"; + } if ($sovpnsettings{DCOMPLZO} eq 'on') { print CONF "comp-lzo\n"; } @@ -519,7 +572,7 @@ sub getccdadresses my @iprange=(); my %ccdhash=(); &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash); - $iprange[0]=$ip1.".".$ip2.".".$ip3.".".($ip4+2); + $iprange[0]=$ip1.".".$ip2.".".$ip3.".".2; for (my $i=1;$i<=$count;$i++) { my $tmpip=$iprange[$i-1]; my $stepper=$i*4; @@ -742,6 +795,8 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { $vpnsettings{'ROUTES_PUSH'} = $cgiparams{'ROUTES_PUSH'}; $vpnsettings{'PMTU_DISCOVERY'} = $cgiparams{'PMTU_DISCOVERY'}; $vpnsettings{'DAUTH'} = $cgiparams{'DAUTH'}; + $vpnsettings{'TLSAUTH'} = $cgiparams{'TLSAUTH'}; + $vpnsettings{'ENGINES'} = $cgiparams{'ENGINES'}; my @temp=(); if ($cgiparams{'FRAGMENT'} eq '') { @@ -754,12 +809,20 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { $vpnsettings{'FRAGMENT'} = $cgiparams{'FRAGMENT'}; } } + if ($cgiparams{'MSSFIX'} ne 'on') { delete $vpnsettings{'MSSFIX'}; } else { $vpnsettings{'MSSFIX'} = $cgiparams{'MSSFIX'}; } + # Create ta.key for tls-auth if not presant + if ($cgiparams{'TLSAUTH'} eq 'on') { + if ( ! -e "${General::swroot}/ovpn/ca/ta.key") { + system('/usr/sbin/openvpn', '--genkey', '--secret', "${General::swroot}/ovpn/ca/ta.key") + } + } + if (($cgiparams{'PMTU_DISCOVERY'} eq 'yes') || ($cgiparams{'PMTU_DISCOVERY'} eq 'maybe') || ($cgiparams{'PMTU_DISCOVERY'} eq 'no' )) { @@ -936,11 +999,21 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n"; print SERVERCONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n"; print SERVERCONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n"; - print SERVERCONF "dh ${General::swroot}/ovpn/ca/dh1024.pem\n"; + print SERVERCONF "dh ${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}\n"; print SERVERCONF "# Cipher\n"; print SERVERCONF "cipher $cgiparams{'DCIPHER'}\n"; - print SERVERCONF "# HMAC algorithm\n"; - print SERVERCONF "auth $cgiparams{'DAUTH'}\n"; + if ($cgiparams{'DAUTH'} eq '') { + print SERVERCONF "auth SHA1\n"; + } else { + print SERVERCONF "# HMAC algorithm\n"; + print SERVERCONF "auth $cgiparams{'DAUTH'}\n"; + } + if ($cgiparams{'ENGINES'} eq 'disabled') { + print SERVERCONF ""; + } else { + print SERVERCONF "# Crypto engine\n"; + print SERVERCONF "engine $cgiparams{'ENGINES'}\n"; + } if ($cgiparams{'COMPLZO'} eq 'on') { print SERVERCONF "# Enable Compression\n"; print SERVERCONF "comp-lzo\r\n"; @@ -1029,9 +1102,19 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "tls-client\n"; print CLIENTCONF "# Cipher\n"; print CLIENTCONF "cipher $cgiparams{'DCIPHER'}\n"; - print CLIENTCONF "# HMAC algorithm\n"; - print CLIENTCONF "auth $cgiparams{'DAUTH'}\n"; print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12\r\n"; + if ($cgiparams{'DAUTH'} eq '') { + print CLIENTCONF "auth SHA1\n"; + } else { + print CLIENTCONF "# HMAC algorithm\n"; + print CLIENTCONF "auth $cgiparams{'DAUTH'}\n"; + } + if ($cgiparams{'ENGINES'} eq 'disabled') { + print CLIENTCONF ""; + } else { + print CLIENTCONF "# Crypto engine\n"; + print CLIENTCONF "engine $cgiparams{'ENGINES'}\n"; + } if ($cgiparams{'COMPLZO'} eq 'on') { print CLIENTCONF "# Enable Compression\n"; print CLIENTCONF "comp-lzo\r\n"; @@ -1165,41 +1248,43 @@ SETTINGS_ERROR: } } while ($file = glob("${General::swroot}/ovpn/ca/*")) { - unlink $file + unlink $file; } while ($file = glob("${General::swroot}/ovpn/certs/*")) { - unlink $file + unlink $file; } while ($file = glob("${General::swroot}/ovpn/crls/*")) { - unlink $file + unlink $file; } &cleanssldatabase(); if (open(FILE, ">${General::swroot}/ovpn/caconfig")) { print FILE ""; close FILE; } - if (open(FILE, ">${General::swroot}/ovpn/ccdroute")) { - print FILE ""; - close FILE; - } - if (open(FILE, ">${General::swroot}/ovpn/ccdroute2")) { - print FILE ""; - close FILE; - } - while ($file = glob("${General::swroot}/ovpn/ccd/*")) { - unlink $file - } - if (open(FILE, ">${General::swroot}/ovpn/ovpn-leases.db")) { - print FILE ""; - close FILE; - } - if (open(FILE, ">${General::swroot}/ovpn/ovpnconfig")) { - print FILE ""; - close FILE; - } - while ($file = glob("${General::swroot}/ovpn/n2nconf/*")) { - system ("rm -rf $file") - } + if (open(FILE, ">${General::swroot}/ovpn/ccdroute")) { + print FILE ""; + close FILE; + } + if (open(FILE, ">${General::swroot}/ovpn/ccdroute2")) { + print FILE ""; + close FILE; + } + while ($file = glob("${General::swroot}/ovpn/ccd/*")) { + unlink $file + } + if (open(FILE, ">${General::swroot}/ovpn/ovpn-leases.db")) { + print FILE ""; + close FILE; + } + if (open(FILE, ">${General::swroot}/ovpn/ovpnconfig")) { + print FILE ""; + close FILE; + } + while ($file = glob("${General::swroot}/ovpn/n2nconf/*")) { + system ("rm -rf $file"); + } + + #&writeserverconf(); ### ### Reset all step 1 ### @@ -1215,6 +1300,7 @@ SETTINGS_ERROR: $Lang::tr{'capswarning'}: + $Lang::tr{'capswarning'}: $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'} @@ -1234,7 +1320,7 @@ END ### Generate DH key step 2 ### } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate dh key'} && $cgiparams{'AREUSURE'} eq 'yes') { - # Delete if old key exists + # Delete if old key exists if (-f "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}") { unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}"; } @@ -1258,7 +1344,7 @@ END - +
$Lang::tr{'ovpn dh'}: @@ -1276,10 +1362,12 @@ END
- $Lang::tr{'capswarning'}: - $Lang::tr{'dh key warn'} - + $Lang::tr{'capswarning'}: $Lang::tr{'dh key warn'} + + + + @@ -1298,21 +1386,17 @@ END ### Upload DH key ### } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload dh key'}) { - if ($cgiparams{'DH_NAME'} !~ /dh1024.pem/) { - $errormessage = $Lang::tr{'dh name is invalid'}; - goto UPLOADCA_ERROR; - } if (ref ($cgiparams{'FH'}) ne 'Fh') { $errormessage = $Lang::tr{'there was no file upload'}; goto UPLOADCA_ERROR; } - # Move uploaded dh key to a temporary file + # Move uploaded dh key to a temporary file (my $fh, my $filename) = tempfile( ); if (copy ($cgiparams{'FH'}, $fh) != 1) { $errormessage = $!; - goto UPLOADCA_ERROR; + goto UPLOADCA_ERROR; } - my $temp = `/usr/bin/openssl dhparam -text -in $filename`; + my $temp = `/usr/bin/openssl dhparam -text -in $filename`; if ($temp !~ /DH Parameters: \((1024|2048|3072|4096) bit\)/) { $errormessage = $Lang::tr{'not a valid dh key'}; unlink ($filename); @@ -1323,11 +1407,11 @@ END unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}"; } move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}"); - if ($? ne 0) { - $errormessage = "$Lang::tr{'certificate file move failed'}: $!"; - unlink ($filename); - goto UPLOADCA_ERROR; - } + if ($? ne 0) { + $errormessage = "$Lang::tr{'dh key move failed'}: $!"; + unlink ($filename); + goto UPLOADCA_ERROR; + } } ### @@ -1784,7 +1868,7 @@ END } } else { # child unless (exec ('/usr/bin/openssl', 'req', '-x509', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache', - '-days', '999999', '-newkey', 'rsa:4096', + '-days', '999999', '-newkey', 'rsa:4096', '-sha512', '-keyout', "${General::swroot}/ovpn/ca/cakey.pem", '-out', "${General::swroot}/ovpn/ca/cacert.pem", '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) { @@ -1894,7 +1978,7 @@ END &Header::closebox(); } &Header::openbox('100%', 'LEFT', "$Lang::tr{'generate root/host certificates'}:"); - print <
$Lang::tr{'dh key warn1'}

@@ -1927,8 +2011,8 @@ END } print ">$country"; } - print < + print < - - + +
$Lang::tr{'organization name'}:
$Lang::tr{'ovpn dh'}:   
* $Lang::tr{'this field may be blank'}


- $Lang::tr{'capswarning'}: - $Lang::tr{'ovpn generating the root and host certificates'} -

+ + $Lang::tr{'capswarning'}: $Lang::tr{'ovpn generating the root and host certificates'} + - + + + + +
$Lang::tr{'dh key warn'}
- $Lang::tr{'dh key warn'} -
$Lang::tr{'dh key warn1'}

+ @@ -2104,14 +2191,19 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){ print CLIENTCONF "ns-cert-type server\n"; print CLIENTCONF "# Auth. Client\n"; print CLIENTCONF "tls-client\n"; - print CLIENTCONF "# Cipher\n"; + print CLIENTCONF "# Cipher\n"; print CLIENTCONF "cipher $confighash{$cgiparams{'KEY'}}[40]\n"; - print CLIENTCONF "# HMAC algorithm\n"; - print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n"; if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") { print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12\r\n"; $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n"; - } + } + if ($confighash{$cgiparams{'KEY'}}[39] eq '') { + print CLIENTCONF "# HMAC algorithm\n"; + print CLIENTCONF "auth SHA1\n"; + } else { + print CLIENTCONF "# HMAC algorithm\n"; + print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n"; + } if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') { print CLIENTCONF "# Enable Compression\n"; print CLIENTCONF "comp-lzo\r\n"; @@ -2207,11 +2299,15 @@ else $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n"; } print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n"; - if ($vpnsettings{'DAUTH'} eq '') { + if ($vpnsettings{'DAUTH'} eq '') { print CLIENTCONF ""; } else { - print CLIENTCONF "auth $vpnsettings{'DAUTH'}\r\n"; - } + print CLIENTCONF "auth $vpnsettings{'DAUTH'}\r\n"; + } + if ($vpnsettings{'TLSAUTH'} eq 'on') { + print CLIENTCONF "tls-auth ta.key 1\r\n"; + $zip->addFile( "${General::swroot}/ovpn/ca/ta.key", "ta.key") or die "Can't add file ta.key\n"; + } if ($vpnsettings{DCOMPLZO} eq 'on') { print CLIENTCONF "comp-lzo\r\n"; } @@ -2320,8 +2416,7 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { } else { $errormessage = $Lang::tr{'invalid key'}; } - - &General::firewall_reload(); + &General::firewall_reload(); ### ### Download PKCS12 file @@ -2361,7 +2456,7 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show dh'}) { if (! -e "${General::swroot}/ovpn/ca/dh1024.pem") { - $errormessage = $Lang::tr{'not present'}; + $errormessage = $Lang::tr{'not present'}; } else { &Header::showhttpheaders(); &Header::openpage($Lang::tr{'ovpn'}, 1, ''); @@ -2383,21 +2478,21 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') { } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show crl'}) { # &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); - if (! -e "${General::swroot}/ovpn/crls/cacrl.pem") { - $errormessage = $Lang::tr{'not present'}; + if (! -e "${General::swroot}/ovpn/crls/cacrl.pem") { + $errormessage = $Lang::tr{'not present'}; } else { - &Header::showhttpheaders(); - &Header::openpage($Lang::tr{'ovpn'}, 1, ''); - &Header::openbigbox('100%', 'LEFT', '', ''); - &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:"); - my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`; - $output = &Header::cleanhtml($output,"y"); - print "
$output
\n"; - &Header::closebox(); - print "
$Lang::tr{'back'}
"; - &Header::closebigbox(); - &Header::closepage(); - exit(0); + &Header::showhttpheaders(); + &Header::openpage($Lang::tr{'ovpn'}, 1, ''); + &Header::openbigbox('100%', 'LEFT', '', ''); + &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:"); + my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`; + $output = &Header::cleanhtml($output,"y"); + print "
$output
\n"; + &Header::closebox(); + print "
$Lang::tr{'back'}
"; + &Header::closebigbox(); + &Header::closepage(); + exit(0); } ### @@ -2435,6 +2530,15 @@ ADV_ERROR: if ($cgiparams{'DAUTH'} eq '') { $cgiparams{'DAUTH'} = 'SHA1'; } + if ($cgiparams{'DAUTH'} eq '') { + $cgiparams{'DAUTH'} = 'SHA1'; + } + if ($cgiparams{'ENGINES'} eq '') { + $cgiparams{'ENGINES'} = 'disabled'; + } + if ($cgiparams{'TLSAUTH'} eq '') { + $cgiparams{'TLSAUTH'} = 'off'; + } $checked{'CLIENT2CLIENT'}{'off'} = ''; $checked{'CLIENT2CLIENT'}{'on'} = ''; $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED'; @@ -2445,6 +2549,7 @@ ADV_ERROR: $checked{'MSSFIX'}{'on'} = ''; $checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED'; $checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\''; + $selected{'LOG_VERB'}{'0'} = ''; $selected{'LOG_VERB'}{'1'} = ''; $selected{'LOG_VERB'}{'2'} = ''; $selected{'LOG_VERB'}{'3'} = ''; @@ -2456,15 +2561,22 @@ ADV_ERROR: $selected{'LOG_VERB'}{'9'} = ''; $selected{'LOG_VERB'}{'10'} = ''; $selected{'LOG_VERB'}{'11'} = ''; - $selected{'LOG_VERB'}{'0'} = ''; $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED'; $selected{'DAUTH'}{'whirlpool'} = ''; $selected{'DAUTH'}{'SHA512'} = ''; $selected{'DAUTH'}{'SHA384'} = ''; $selected{'DAUTH'}{'SHA256'} = ''; - $selected{'DAUTH'}{'ecdsa-with-SHA1'} = ''; $selected{'DAUTH'}{'SHA1'} = ''; $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED'; + $checked{'TLSAUTH'}{'off'} = ''; + $checked{'TLSAUTH'}{'on'} = ''; + $checked{'TLSAUTH'}{$cgiparams{'TLSAUTH'}} = 'CHECKED'; + $selected{'ENGINES'}{'cryptodev'} = ''; + $selected{'ENGINES'}{'dynamic'} = ''; + $selected{'ENGINES'}{'aesni'} = ''; + $selected{'ENGINES'}{'padlock'} = ''; + $selected{'ENGINES'}{'disabled'} = ''; + $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED'; &Header::showhttpheaders(); &Header::openpage($Lang::tr{'status ovpn'}, 1, ''); @@ -2478,7 +2590,7 @@ ADV_ERROR: &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'}); print < -
$Lang::tr{'upload p12 file'}:
+
@@ -2546,12 +2658,13 @@ print < - - + + - - + + + @@ -2564,30 +2677,28 @@ print <
$Lang::tr{'dhcp-options'}
fragment
mssfix $Lang::tr{'openvpn default'}: on
$Lang::tr{'openvpn default'}: off
$Lang::tr{'ovpn mtu-disc'} $Lang::tr{'ovpn mtu-disc yes'}
- + - + - -
$Lang::tr{'log-options'}$Lang::tr{'log-options'}
VERB -
+ + + + + + + + + + + + + +
@@ -2599,24 +2710,46 @@ print < -
$Lang::tr{'ovpn ha'} Default: SHA1 (160 $Lang::tr{'bit'})
+ + + $Lang::tr{'ovpn engines'} + + + Default: $Lang::tr{'disabled'} + + + + + + + + + + + +
HMAC tls-auth
END if ( -e "/var/run/openvpn.pid"){ print"
$Lang::tr{'attention'}:
$Lang::tr{'server restart'}

"; - print<   @@ -2632,7 +2765,7 @@ END }else{ -print<   @@ -2687,11 +2820,11 @@ if ($cgiparams{'ACTION'} eq "edit"){ &Header::openbox('100%', 'LEFT', $Lang::tr{'ccd modify'}); - print <
$Lang::tr{'ccd name'}: - $Lang::tr{'ccd subnet'}: + $Lang::tr{'ccd subnet'}:
@@ -2701,7 +2834,7 @@ END &Header::closebox(); &Header::openbox('100%', 'LEFT',$Lang::tr{'ccd net'} ); - print < $Lang::tr{'ccd name'}$Lang::tr{'network'}$Lang::tr{'ccd used'} @@ -2711,7 +2844,7 @@ END else{ if (! -e "/var/run/openvpn.pid"){ &Header::openbox('100%', 'LEFT', $Lang::tr{'ccd add'}); - print < $Lang::tr{'ccd hint'}

@@ -2751,7 +2884,7 @@ END print"$ccdconf[0]$ccdconf[1]$ccdhosts/".(&ccdmaxclients($ccdconf[1])+1).""; print < - + @@ -2760,7 +2893,7 @@ END - + END ; } @@ -2864,7 +2997,7 @@ END } print ""; - print < @@ -2979,7 +3112,7 @@ END if ( -s "${General::swroot}/ovpn/settings") { - print <$Lang::tr{'connection type'}:
@@ -2990,7 +3123,7 @@ if ( -s "${General::swroot}/ovpn/settings") { - + @@ -3000,7 +3133,7 @@ END } else { - print <$Lang::tr{'connection type'}:
$Lang::tr{'net to net vpn'} (Upload Client Package)
 
 Import Connection Name
 $Lang::tr{'openvpn default'}: Client Packagename
 Default : Client Packagename
* $Lang::tr{'this field may be blank'}
@@ -3149,6 +3282,7 @@ my $complzoactive; my $mssfixactive; my $authactive; my $n2nfragment; +my $authactive; my @n2nmtudisc = split(/ /, (grep { /^mtu-disc/ } @firen2nconf)[0]); my @n2nproto2 = split(/ /, (grep { /^proto/ } @firen2nconf)[0]); my @n2nproto = split(/-/, $n2nproto2[1]); @@ -3168,7 +3302,7 @@ my @n2nmgmt = split(/ /, (grep { /^management/ } @firen2nconf)[0]); my @n2nlocalsub = split(/ /, (grep { /^# remsub/ } @firen2nconf)[0]); my @n2ncipher = split(/ /, (grep { /^cipher/ } @firen2nconf)[0]); my @n2nauth = split(/ /, (grep { /^auth/ } @firen2nconf)[0]); - +my @n2nengine = split(/ /, (grep { /^engine/ } @firen2nconf)[0]);; ### # m.a.d delete CR and LF from arrays for this chomp doesnt work @@ -3189,6 +3323,7 @@ $n2nmgmt[2] =~ s/\n|\r//g; $n2nmtudisc[1] =~ s/\n|\r//g; $n2ncipher[1] =~ s/\n|\r//g; $n2nauth[1] =~ s/\n|\r//g; +$n2nengine[1] =~ s/\n|\r//g; chomp ($complzoactive); chomp ($mssfixactive); @@ -3242,7 +3377,7 @@ foreach my $dkey (keys %confighash) { $key = &General::findhasharraykey (\%confighash); - foreach my $i (0 .. 41) { $confighash{$key}[$i] = "";} + foreach my $i (0 .. 42) { $confighash{$key}[$i] = "";} $confighash{$key}[0] = 'off'; $confighash{$key}[1] = $n2nname[0]; @@ -3263,9 +3398,10 @@ foreach my $dkey (keys %confighash) { $confighash{$key}[29] = $n2nport[1]; $confighash{$key}[30] = $complzoactive; $confighash{$key}[31] = $n2ntunmtu[1]; - $confighash{$key}[38] = $n2nmtudisc[1]; + $confighash{$key}[38] = $n2nmtudisc[1]; $confighash{$key}[39] = $n2nauth[1]; $confighash{$key}[40] = $n2ncipher[1]; + $confighash{$key}[41] = 'disabled'; &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); @@ -3285,7 +3421,7 @@ foreach my $dkey (keys %confighash) { &Header::openbox('100%', 'LEFT', 'import ipfire net2net config'); } if ($errormessage eq ''){ - print <
$Lang::tr{'host to net vpn'}
@@ -3302,8 +3438,8 @@ foreach my $dkey (keys %confighash) { - - + + @@ -3405,6 +3541,8 @@ if ($confighash{$cgiparams{'KEY'}}) { $cgiparams{'PMTU_DISCOVERY'} = $confighash{$cgiparams{'KEY'}}[38]; $cgiparams{'DAUTH'} = $confighash{$cgiparams{'KEY'}}[39]; $cgiparams{'DCIPHER'} = $confighash{$cgiparams{'KEY'}}[40]; + $cgiparams{'TLSAUTH'} = $confighash{$cgiparams{'KEY'}}[41]; + $cgiparams{'ENGINES'} = $confighash{$cgiparams{'KEY'}}[42]; } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) { $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'}); @@ -3723,14 +3861,13 @@ if ($cgiparams{'TYPE'} eq 'net') { unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; goto VPNCONF_ERROR; - } - #Check if remote subnet is used elsewhere - my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'}); - $warnmessage=&General::checksubnets('',$n2nip,'ovpn'); - if ($warnmessage){ - $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'})
".$warnmessage; - } - + } + #Check if remote subnet is used elsewhere + my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'}); + $warnmessage=&General::checksubnets('',$n2nip,'ovpn'); + if ($warnmessage){ + $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'})
".$warnmessage; + } } # if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) { @@ -4085,7 +4222,7 @@ if ($cgiparams{'TYPE'} eq 'net') { if (! $key) { $key = &General::findhasharraykey (\%confighash); - foreach my $i (0 .. 41) { $confighash{$key}[$i] = "";} + foreach my $i (0 .. 43) { $confighash{$key}[$i] = "";} } $confighash{$key}[0] = $cgiparams{'ENABLED'}; $confighash{$key}[1] = $cgiparams{'NAME'}; @@ -4131,6 +4268,7 @@ if ($cgiparams{'TYPE'} eq 'net') { $confighash{$key}[38] = $cgiparams{'PMTU_DISCOVERY'}; $confighash{$key}[39] = $cgiparams{'DAUTH'}; $confighash{$key}[40] = $cgiparams{'DCIPHER'}; + $confighash{$key}[42] = $cgiparams{'ENGINES'}; &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); @@ -4240,8 +4378,9 @@ if ($cgiparams{'TYPE'} eq 'net') { ### $cgiparams{'MSSFIX'} = 'on'; $cgiparams{'FRAGMENT'} = '1300'; - $cgiparams{'PMTU_DISCOVERY'} = 'off'; - $cgiparams{'DAUTH'} = 'SHA1'; + $cgiparams{'PMTU_DISCOVERY'} = 'off'; + $cgiparams{'DAUTH'} = 'SHA1'; + $cgiparams{'ENGINES'} = 'disabled'; ### # m.a.d n2n end ### @@ -4306,14 +4445,6 @@ if ($cgiparams{'TYPE'} eq 'net') { } $checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\''; - $selected{'DAUTH'}{'whirlpool'} = ''; - $selected{'DAUTH'}{'SHA512'} = ''; - $selected{'DAUTH'}{'SHA384'} = ''; - $selected{'DAUTH'}{'SHA256'} = ''; - $selected{'DAUTH'}{'ecdsa-with-SHA1'} = ''; - $selected{'DAUTH'}{'SHA1'} = ''; - $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED'; - $selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = ''; $selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = ''; $selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = ''; @@ -4330,7 +4461,35 @@ if ($cgiparams{'TYPE'} eq 'net') { $selected{'DCIPHER'}{'DES-CBC'} = ''; $selected{'DCIPHER'}{'RC2-64-CBC'} = ''; $selected{'DCIPHER'}{'RC2-40-CBC'} = ''; + # If no cipher has been chossen yet, select + # the old default (AES-256-CBC) for compatiblity reasons. + if ($cgiparams{'DCIPHER'} eq '') { + $cgiparams{'DCIPHER'} = 'AES-256-CBC'; + } $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED'; + $selected{'DAUTH'}{'whirlpool'} = ''; + $selected{'DAUTH'}{'SHA512'} = ''; + $selected{'DAUTH'}{'SHA384'} = ''; + $selected{'DAUTH'}{'SHA256'} = ''; + $selected{'DAUTH'}{'SHA1'} = ''; + # If no hash algorythm has been choosen yet, select + # the old default value (SHA1) for compatiblity reasons. + if ($cgiparams{'DAUTH'} eq '') { + $cgiparams{'DAUTH'} = 'SHA1'; + } + $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED'; + + $selected{'ENGINES'}{'disabled'} = ''; + $selected{'ENGINES'}{'cryptodev'} = ''; + $selected{'ENGINES'}{'dynamic'} = ''; + $selected{'ENGINES'}{'aesni'} = ''; + $selected{'ENGINES'}{'padlock'} = ''; + # If no engine has been choosen yet, select + # a default one (disabled). + if ($cgiparams{'ENGINES'} eq '') { + $cgiparams{'ENGINES'} = 'disabled'; + } + $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED'; if (1) { &Header::showhttpheaders(); @@ -4386,7 +4545,6 @@ if ($cgiparams{'TYPE'} eq 'net') { } else { print ""; } - print <  @@ -4405,77 +4563,93 @@ if ($cgiparams{'TYPE'} eq 'net') { - - - - + + + - - + + + + + - + + + + + + + + - + + - + - - - - + + + + END ; } @@ -4538,7 +4712,7 @@ if ($cgiparams{'TYPE'} eq 'host') { if ($cgiparams{'TYPE'} eq 'host') { - print < @@ -4563,7 +4737,7 @@ END } else { - print < @@ -4597,7 +4771,7 @@ END ### if ($cgiparams{'TYPE'} eq 'host') { - print < @@ -4605,7 +4779,7 @@ if ($cgiparams{'TYPE'} eq 'host') { - + @@ -4613,7 +4787,7 @@ if ($cgiparams{'TYPE'} eq 'host') {
  
MSSFIX:$confighash{$key}[23]
Fragment:$confighash{$key}[24]
$Lang::tr{'MTU'}$confighash{$key}[31]
$Lang::tr{'ovpn mtu-disc'}:$confighash{$key}[38]
Management Port:$confighash{$key}[22]
$Lang::tr{'ovpn mtu-disc'}$confighash{$key}[38]
Management Port $confighash{$key}[22]
$Lang::tr{'ovpn hmac'}:$confighash{$key}[39]
$Lang::tr{'cipher'}$confighash{$key}[40]
  
 
$Lang::tr{'ovpn subnet'}$Lang::tr{'destination port'}:
$Lang::tr{'protocol'} Management Port ($Lang::tr{'openvpn default'}: $Lang::tr{'destination port'}):   $Lang::tr{'destination port'}:
$Lang::tr{'cipher'} $Lang::tr{'ovpn ha'}: +
$Lang::tr{'ovpn engines'}   +
$Lang::tr{'MTU'} 
Management Port ($Lang::tr{'openvpn default'}: $Lang::tr{'destination port'}):  
$Lang::tr{'MTU'}  $Lang::tr{'openvpn default'}: udp/tcp 1500/1400
fragment:  
fragment   $Lang::tr{'openvpn default'}: 1300
mssfix:  
mssfix   $Lang::tr{'openvpn default'}: on
$Lang::tr{'comp-lzo'}   -
$Lang::tr{'ovpn mtu-disc'}: - $Lang::tr{'ovpn mtu-disc yes'} - $Lang::tr{'ovpn mtu-disc maybe'} - $Lang::tr{'ovpn mtu-disc no'} - $Lang::tr{'ovpn mtu-disc off'} -
$Lang::tr{'comp-lzo'}   +
$Lang::tr{'ovpn mtu-disc'} + $Lang::tr{'ovpn mtu-disc yes'} + $Lang::tr{'ovpn mtu-disc maybe'} + $Lang::tr{'ovpn mtu-disc no'} + $Lang::tr{'ovpn mtu-disc off'} +
$Lang::tr{'upload a certificate request'}
$Lang::tr{'generate a certificate'} 
 $Lang::tr{'valid till'} (days):
  $Lang::tr{'pkcs12 file password'}:
 $Lang::tr{'pkcs12 file password'}:
($Lang::tr{'confirmation'})
 $Lang::tr{'pkcs12 file password'}:
($Lang::tr{'confirmation'})
 
END }else{ - print <         @@ -4741,7 +4915,7 @@ END if (&haveOrangeNet() && $selorange == '1'){ print"";$selorange=0;}elsif(&haveOrangeNet() && $selorange == '0'){print"";} if ($selgreen == '1' || $other == '0'){ print"";$set=0;}else{print"";}; - print<DNS1: DNS2: WINS:
@@ -4803,6 +4977,9 @@ END if ($cgiparams{'DAUTH'} eq '') { $cgiparams{'DAUTH'} = 'SHA1'; } + if ($cgiparams{'ENGINES'} eq '') { + $cgiparams{'ENGINES'} = 'disabled'; + } if ($cgiparams{'DOVPN_SUBNET'} eq '') { $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0'; } @@ -4845,10 +5022,16 @@ END $selected{'DAUTH'}{'SHA512'} = ''; $selected{'DAUTH'}{'SHA384'} = ''; $selected{'DAUTH'}{'SHA256'} = ''; - $selected{'DAUTH'}{'ecdsa-with-SHA1'} = ''; $selected{'DAUTH'}{'SHA1'} = ''; $selected{'DAUTH'}{$cgiparams{'DAUTH'}} = 'SELECTED'; + $selected{'ENGINES'}{'cryptodev'} = ''; + $selected{'ENGINES'}{'dynamic'} = ''; + $selected{'ENGINES'}{'aesni'} = ''; + $selected{'ENGINES'}{'padlock'} = ''; + $selected{'ENGINES'}{'disabled'} = ''; + $selected{'ENGINES'}{$cgiparams{'ENGINES'}} = 'SELECTED'; + $checked{'DCOMPLZO'}{'off'} = ''; $checked{'DCOMPLZO'}{'on'} = ''; $checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED'; @@ -4869,15 +5052,15 @@ END &Header::closebox(); } - if ($warnmessage) { - &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'}); - print "$warnmessage
"; - print "$Lang::tr{'fwdfw warn1'}
"; - &Header::closebox(); - print"
"; - &Header::closepage(); - exit 0; - } + if ($warnmessage) { + &Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'}); + print "$warnmessage
"; + print "$Lang::tr{'fwdfw warn1'}
"; + &Header::closebox(); + print"
"; + &Header::closepage(); + exit 0; + } my $sactive = "
$Lang::tr{'stopped'}
"; my $srunning = "no"; @@ -5337,10 +5520,10 @@ END - $Lang::tr{'ovpn dh name'}: - + $Lang::tr{'ovpn dh upload'}: + - +
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index c4cff4789..2a9d49394 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -2972,11 +2972,23 @@ sub writepacfile print FILE < 'Konfiguriert als', +'Act as' => 'Konfiguriert als:', 'Add Level7 rule' => 'Level7-Regel hinzufügen', 'Add Port Rule' => 'Port-Regel hinzufügen', 'Add Rule' => 'Regel hinzufügen', @@ -10,7 +10,6 @@ 'Choose Rule' => 'Wählen Sie eine der untenstehenden Regeln aus.', 'Class' => 'Klasse', 'Class was deleted' => 'wurde mit eventuell vorhandenen Unterklassen gelöscht', -'Client status and controlc' => 'Client-Status und -Kontrolle', 'ConnSched action' => 'Aktion:', 'ConnSched add action' => 'Aktion hinzufügen', 'ConnSched change profile title' => 'Wechsle zu Profil:', @@ -39,7 +38,8 @@ 'Local VPN IP' => 'Internes Netzwerk (GREEN)', 'MB read' => 'MB gelesen', 'MB written' => 'MB geschrieben', -'MTU' => 'MTU Size:', +'MTU' => 'MTU-Größe:', +'Number of Countries for the pie chart' => 'Anzahl der angezeigten Länder im Diagramm', 'Number of IPs for the pie chart' => 'Anzahl der angezeigten IPs im Diagramm', 'Number of Ports for the pie chart' => 'Anzahl der angezeigten Ports im Diagramm', 'OVPN' => 'OpenVPN', @@ -661,9 +661,10 @@ 'details' => 'Mehr', 'device' => 'Gerät', 'devices on blue' => 'Geräte auf Blau', -'dh' => 'Diffie-Hellman Key', -'dh key warn' => 'Keys mit 1024 und 2048 Bit können mehrere Minuten, 3072 und 4096 Bit bis zu mehreren Stunden dauern. Bitte haben sie Geduld.', -'dh name is invalid' => 'Name ist ungültig, bitte "dh1024.pem" verwenden.', +'dh' => 'Diffie-Hellman-Parameter', +'dh key move failed' => 'Verschieben der Diffie-Hellman-Parameter fehlgeschlagen.', +'dh key warn' => 'Das Generieren der Diffie-Hellman-Parameter mit 1024 oder 2048 Bit dauert üblicherweise mehrere Minuten. Schlüssellängen von 3072 oder 4096 Bit beanspruchen mehrere Stunden. Bitte haben Sie etwas Geduld.', +'dh key warn1' => 'Bei schwachen Systemen oder Systeme mit wenig Entropie wird empfohlen lange Diffie-Hellman-Parameter über die Upload-Funktion hochzuladen.', 'dhcp advopt add' => 'DHCP Option hinzufügen', 'dhcp advopt added' => 'DHCP Option hinzugefügt', 'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein', @@ -736,8 +737,7 @@ 'dns proxy server' => 'DNS-Proxyserver', 'dns saved' => 'Erfolgreich gespeichert!', 'dns saved txt' => 'Die beiden eingegebenen DNS-Server-Adressen wurde erfolgreich gespeichert.
Um die Änderung wirksam zu machen, müssen Sie neustarten oder wiederverbinden!', -'dns server' => 'DNS-Server', -'dns servers' => 'DNS-Server', +'dns server' => 'DNS Server', 'dns title' => 'Domain Name System', 'dnsforward' => 'DNS-Weiterleitung', 'dnsforward add a new entry' => 'Neuen Eintrag hinzufügen', @@ -761,7 +761,6 @@ 'donation-text' => 'IPFire wird von Freiwilligen in ihrer Freizeit betrieben und auch betreut. Um dieses Projekt am Laufen zu halten, entstehen uns natürlich auch Kosten. Wenn Sie uns unterstützen wollen, würden wir uns über eine kleine Spende sehr freuen.', 'dos charset' => 'DOS Charset', 'down and up speed' => 'Geben Sie bitte hier ihre Download- bzw. Upload-Geschwindigkeit ein
und klicken Sie danach auf Speichern.', -'downlink' => 'Downlink', 'downlink speed' => 'Downlink-Geschwindigkeit (kBit/sek)', 'downlink std class' => 'Downloadstandardklasse', 'download' => 'herunterladen', @@ -907,13 +906,13 @@ 'firewall log' => 'Firewall-Protokoll', 'firewall log viewer' => 'Betrachter der Firewall-Logdateien', 'firewall logs' => 'Firewall-Logdateien', +'firewall logs country' => 'Fw-Logdiagramme (Land)', 'firewall logs ip' => 'Fw-Logdiagramme (IP)', 'firewall logs port' => 'Fw-Logdiagramme (Port)', 'firewall rules' => 'Firewallregeln', 'firewallhits' => 'Firewalltreffer', 'firmware' => 'Firmware', 'firmware upload' => 'Hochladen der Firmware/Treiber', -'first' => 'Erste', 'fixed ip lease added' => 'Feste IP-Zuordnung hinzugefügt', 'fixed ip lease modified' => 'Feste IP-Zuordnung geändert', 'fixed ip lease removed' => 'Feste IP-Zuordnung gelöscht', @@ -1124,7 +1123,7 @@ 'fwhost wo subnet' => '(Ohne Subnetz)', 'gateway' => 'Gateway', 'gateway ip' => 'Gateway-IP', -'gen dh' => 'Diffie-Hellman Key erzeugen', +'gen dh' => 'Diffie-Hellman-Parameter erzeugen', 'gen static key' => 'Statischen Schlüssel erzeugen', 'generate' => 'Root/Host-Zertifikate generieren', 'generate a certificate' => 'Erzeuge ein Zertifikat:', @@ -1339,7 +1338,6 @@ 'lan' => 'LAN', 'lang' => 'de', 'languagepurpose' => 'Wählen Sie eine Sprache, in der IPFire angezeigt werden soll:', -'last' => 'Letzte', 'last activity' => 'Letzte Aktivität', 'lateprompting' => 'Late prompting', 'lease expires' => 'Zuordnung verfällt', @@ -1544,6 +1542,7 @@ 'network traffic graphs others' => 'Netzwerk (sonstige)', 'network updated' => 'Benutzerdefiniertes Netzwerk aktualisiert', 'networks settings' => 'Firewall - Netzwerkeinstellungen', +'never' => 'Nie', 'new optionsfw later' => 'Einige Einstellungen werden erst nach einem Neustart aktiv', 'new optionsfw must boot' => 'Sie müssen Ihren IPFire neu starten', 'newer' => 'Neuer', @@ -1565,7 +1564,7 @@ 'nonetworkname' => 'Kein Netzwerkname wurde eingegeben', 'noservicename' => 'Kein Dienstname wurde eingegeben', 'not a valid ca certificate' => 'Kein gültiges CA Zertifikat.', -'not a valid dh key' => 'Kein gültiger Diffie-Hellman Schlüssel. Bitte nur 1024, 2048, 3072 oder 4096 Bit im PKCS#3 Format verwenden.', +'not a valid dh key' => 'Kein gültiger Diffie-Hellman-Parameter. Es sind nur Parameter mit einer Länge von 1024, 2048, 3072 oder 4096 Bit im PKCS#3-Format erlaubt.', 'not enough disk space' => 'Nicht genügend Plattenplatz vorhanden', 'not present' => 'Nicht vorhanden', 'not running' => 'nicht gestartet', @@ -1658,15 +1657,16 @@ 'ovpn con stat' => 'OpenVPN Verbindungs-Statistik', 'ovpn config' => 'OVPN-Konfiguration', 'ovpn crypt options' => 'Kryptografieoptionen', -'ovpn device' => 'OpenVPN-Gerät:', -'ovpn dh' => 'Diffie-Hellman Key Länge', -'ovpn dh name' => 'Diffie-Hellman Key Name', +'ovpn device' => 'OpenVPN-Gerät', +'ovpn dh' => 'Diffie-Hellman-Parameter-Länge', +'ovpn dh upload' => 'Diffie-Hellman-Parameter hochladen', 'ovpn dl' => 'OVPN-Konfiguration downloaden', +'ovpn engines' => 'Krypto Engine', 'ovpn errmsg green already pushed' => 'Route für grünes Netzwerk wird immer gesetzt', 'ovpn errmsg invalid ip or mask' => 'Ungültige Netzwerk-Adresse oder Subnetzmaske', 'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.', -'ovpn ha' => 'Hash Algorithmus', -'ovpn hmac' => 'HMAC Optionen', +'ovpn ha' => 'Hash-Algorithmus', +'ovpn hmac' => 'HMAC-Optionen', 'ovpn log' => 'OVPN-Log', 'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', 'ovpn mtu-disc' => 'Path MTU Discovery', @@ -1681,12 +1681,14 @@ 'ovpn on orange' => 'OpenVPN auf ORANGE:', 'ovpn on red' => 'OpenVPN auf ROT:', 'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', +'ovpn reneg sec' => 'Session Key Lifetime', 'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push Optionen', 'ovpn server status' => 'OpenVPN-Server-Status', 'ovpn subnet' => 'OpenVPN-Subnetz:', 'ovpn subnet is invalid' => 'Das OpenVPN-Subnetz ist ungültig.', 'ovpn subnet overlap' => 'OpenVPNSubnetz überschneidet sich mit ', +'ovpn_fastio' => 'Fast-IO', 'ovpn_fragment' => 'Fragmentgrösse', 'ovpn_mssfix' => 'MSSFIX-Grösse', 'ovpn_mtudisc' => 'MTU-Discovery', @@ -1927,7 +1929,7 @@ 'show ca certificate' => 'CA Zertifikat anzeigen', 'show certificate' => 'Zertifikat anzeigen', 'show crl' => 'Certificate Revocation List anzeigen', -'show dh' => 'Diffie-Hellman Key anzeigen', +'show dh' => 'Diffie-Hellman-Parameter anzeigen', 'show host certificate' => 'Host-Zertifikat anzeigen', 'show last x lines' => 'die letzten x Zeilen anzeigen', 'show root certificate' => 'Root-Zertifikat anzeigen', @@ -1965,6 +1967,7 @@ 'source ip' => 'Quell-IP-Adresse', 'source ip and port' => 'Quell-IP:Port', 'source ip bad' => 'Ungültige Quell-IP-Adresse.', +'source ip country' => 'Quell-IP-Adresse Land', 'source ip in use' => 'Benutzte Quell-IP:', 'source ip or net' => 'Quellen-IP oder Netz', 'source net' => 'Quell-Netz', @@ -2256,14 +2259,13 @@ 'updxlrtr weekly' => 'wöchentlich', 'updxlrtr year' => 'einem Jahr', 'upgrade' => 'upgrade', -'uplink' => 'Uplink', 'uplink speed' => 'Uplink-Geschwindigkeit (kBit/sek)', 'uplink std class' => 'Uploadstandardklasse', 'upload' => 'Hochladen', 'upload a certificate' => 'Ein Zertifikat hochladen:', 'upload a certificate request' => 'Eine Zertifikatsanfrage hochladen:', 'upload ca certificate' => 'CA-Zertifikat hochladen', -'upload dh key' => 'Diffie-Hellman Key hochladen', +'upload dh key' => 'Diffie-Hellman-Parameter hochladen', 'upload file' => 'Datei zum hochladen', 'upload new ruleset' => 'Neuen Regelsatz hochladen', 'upload p12 file' => 'PKCS12-Datei hochladen', @@ -2514,7 +2516,6 @@ 'vpn aggrmode' => 'IKE Aggressive Mode zugelassen. Wenn möglich, vermeiden (preshared Schlüssel wird im Klartext übertragen)!', 'vpn altname syntax' => 'Der Subjekt Alternativ Name ist eine durch Komma getrennte Liste von Email, DNS, URI, RID und IP Objekten.
Email: eine Email Adresse. Syntax Email: \'copy\' benutzt die Email Adresse aus dem Zertifikatfeld.
DNS: ein gültiger Domain Name.
URI: eine gültige URI.
RID: Registriertes Objekt Identifikation.
IP: eine IP Adresse.
Bitte beachten: der Zeichensatz ist eingeschränkt und die Groß-/Kleinschreibung ist entscheidend.
Beispiel:
email:info@ipfire.org,email:copy,DNS:www.ipfire.org,IP:127.0.0.1,URI:http://url/nach/irgendwo', 'vpn auth-dn' => 'Peer wird identifiziert durch entweder ein IPV4_ADDR, FQDN, USER_FQDN oder DER_ASN1_DN string in Remote ID Feld', -'vpn configuration main' => 'VPN-Konfiguration', 'vpn delayed start' => 'Verzögerung bevor VPN gestartet wird (Sekunden)', 'vpn delayed start help' => 'Falls notwendig, kann diese Verzögerung dazu verwendet werden, um Dynamic-DNS-Updates ordnungsgemäß anzuwenden. 60 ist ein gängiger Wert, wenn ROT (RED) eine dynamische IP Adresse ist.', 'vpn incompatible use of defaultroute' => 'Hostname=%defaultroute nicht zulässig', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 64a31a182..5ccad79ee 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -10,7 +10,6 @@ 'Choose Rule' => 'Choose one of the following rules.', 'Class' => 'Class', 'Class was deleted' => 'with potential subclasses was deleted', -'Client status and controlc' => 'Client status and control:', 'ConnSched action' => 'Action:', 'ConnSched add action' => 'Add action', 'ConnSched change profile title' => 'Change to profile:', @@ -40,6 +39,7 @@ 'MB read' => 'MB read', 'MB written' => 'MB written', 'MTU' => 'MTU size:', +'Number of Countries for the pie chart' => 'Number of Countries for the pie chart', 'Number of IPs for the pie chart' => 'Number of IPs for the pie chart', 'Number of Ports for the pie chart' => 'Number of ports for the pie chart', 'OVPN' => 'OpenVPN', @@ -424,7 +424,7 @@ 'behind a proxy' => 'Behind a proxy:', 'bewan adsl pci st' => 'TO BE REMOVED', 'bewan adsl usb' => 'TO BE REMOVED', -'bit' => 'Bit', +'bit' => 'bit', 'bitrate' => 'Bitrate', 'bleeding rules' => 'Bleeding Edge Snort Rules', 'blue' => 'BLUE', @@ -683,8 +683,10 @@ 'details' => 'Details', 'device' => 'Device', 'devices on blue' => 'Devices on BLUE', -'dh' => 'Diffie-Hellman Key', -'dh key warn' => 'Keys with 1024 and 2048 bit takes up to several minutes, 3072 and 4096 bit might needs several hours. Please be patient.', +'dh' => 'Diffie-Hellman parameters', +'dh key move failed' => 'Diffie-Hellman parameters move failed.', +'dh key warn' => 'Creating Diffie-Hellman parameters with lengths of 1024 or 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient.', +'dh key warn1' => 'For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function.', 'dh name is invalid' => 'Name is invalid, please use "dh1024.pem".', 'dhcp advopt add' => 'Add a DHCP option', 'dhcp advopt added' => 'DHCP option added', @@ -761,7 +763,6 @@ 'dns saved' => 'Successfully saved!', 'dns saved txt' => 'The two entered DNS server addresses have been saved successfully.
You have to reboot or reconnect that the changes have effect!', 'dns server' => 'DNS Server', -'dns servers' => 'DNS Servers', 'dns title' => 'Domain Name System', 'dnsforward' => 'DNS Forwarding', 'dnsforward add a new entry' => 'Add a new entry', @@ -786,7 +787,6 @@ 'done' => 'Do it', 'dos charset' => 'DOS Charset', 'down and up speed' => 'Enter your Down- and Uplink-Speed
and then press Save.', -'downlink' => 'Downlink', 'downlink speed' => 'Downlink speed (kbit/sec)', 'downlink std class' => 'downlink standard class', 'download' => 'download', @@ -940,7 +940,6 @@ 'firewallhits' => 'firewallhits', 'firmware' => 'Firmware', 'firmware upload' => 'Upload Firmware/Drivers', -'first' => 'First', 'fixed ip lease added' => 'Fixed IP lease added', 'fixed ip lease modified' => 'Fixed IP lease modified', 'fixed ip lease removed' => 'Fixed IP lease removed', @@ -1153,11 +1152,11 @@ 'g.lite' => 'TO BE REMOVED', 'gateway' => 'Gateway', 'gateway ip' => 'Gateway IP', -'gen dh' => 'Generate Diffie-Hellman key', +'gen dh' => 'Generate Diffie-Hellman parameters', 'gen static key' => 'Generate a static key', 'generate' => 'Generate root/host zertifikate', 'generate a certificate' => 'Generate a certificate:', -'generate dh key' => 'Generate Diffie-Hellman key', +'generate dh key' => 'Generate Diffie-Hellman parameters', 'generate iso' => 'Generate ISO', 'generate root/host certificates' => 'Generate root/host certificates', 'generate tripwire keys and init' => 'generate tripwire keys and init', @@ -1369,7 +1368,6 @@ 'lan' => 'LAN', 'lang' => 'en', 'languagepurpose' => 'Select the language you wish IPFire to display in:', -'last' => 'Last', 'last activity' => 'Last Activity', 'lateprompting' => 'Lateprompting', 'lease expires' => 'Lease expires', @@ -1574,6 +1572,7 @@ 'network traffic graphs others' => 'Network (others)', 'network updated' => 'Custom Network updated', 'networks settings' => 'Firewall - Network settings', +'never' => 'Never', 'new optionsfw later' => 'Some options need a reboot to take effect', 'new optionsfw must boot' => 'You must reboot your IPFire', 'newer' => 'Newer', @@ -1595,7 +1594,7 @@ 'nonetworkname' => 'No Network Name entered', 'noservicename' => 'No Service Name entered', 'not a valid ca certificate' => 'Not a valid CA certificate.', -'not a valid dh key' => 'Not a valid Diffie-Hellman key. Please use 1024, 2048, 3072 or 4096 bit in PKCS#3 format.', +'not a valid dh key' => 'Not a valid Diffie-Hellman parameters file. Please use a length of 1024, 2048, 3072 or 4096 bits and the PKCS#3 format.', 'not enough disk space' => 'Not enough disk space', 'not present' => 'Not present', 'not running' => 'not running', @@ -1690,9 +1689,10 @@ 'ovpn config' => 'OVPN-Config', 'ovpn crypt options' => 'Cryptographic options', 'ovpn device' => 'OpenVPN device:', -'ovpn dh' => 'Diffie-Hellman key lenght', -'ovpn dh name' => 'Diffie-Hellman key name', +'ovpn dh' => 'Diffie-Hellman parameters length', +'ovpn dh upload' => 'Upload Diffie-Hellman parameters', 'ovpn dl' => 'OVPN-Config Download', +'ovpn engines' => 'Crypto engine', 'ovpn errmsg green already pushed' => 'Route for green network is always set', 'ovpn errmsg invalid ip or mask' => 'Invalid network-address or subnetmask', 'ovpn generating the root and host certificates' => 'Generating the root and host certifictae can take a long time.', @@ -1712,6 +1712,7 @@ 'ovpn on orange' => 'OpenVPN on ORANGE:', 'ovpn on red' => 'OpenVPN on RED:', 'ovpn port in root range' => 'A port number of 1024 or higher is required.', +'ovpn reneg sec' => 'Session key lifetime:', 'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push options', 'ovpn server status' => 'Current OpenVPN server status:', @@ -1719,7 +1720,6 @@ 'ovpn subnet is invalid' => 'OpenVPN subnet is invalid.', 'ovpn subnet overlap' => 'OpenVPN Subnet overlaps with : ', 'ovpn_fastio' => 'Fast-IO', -'ovpn_fragment' => 'Fragmentsize', 'ovpn_mssfix' => 'MSSFIX Size', 'ovpn_mtudisc' => 'MTU-Discovery', 'ovpn_processprio' => 'Process priority', @@ -1963,7 +1963,7 @@ 'show ca certificate' => 'Show CA certificate', 'show certificate' => 'Show certificate', 'show crl' => 'Show certificate revocation list', -'show dh' => 'Show Diffie-Hellman key', +'show dh' => 'Show Diffie-Hellman parameters', 'show host certificate' => 'Show host certificate', 'show last x lines' => 'Show last x lines', 'show lines' => 'Show lines', @@ -2002,6 +2002,7 @@ 'source ip' => 'Source IP', 'source ip and port' => 'Source IP: Port', 'source ip bad' => 'Not a valid IP address or a network address.', +'source ip country' => 'Source IP Country', 'source ip in use' => 'Source IP in use:', 'source ip or net' => 'Source IP or Net', 'source net' => 'Source Net', @@ -2082,6 +2083,7 @@ 'telephone not set' => 'Telephone not set.', 'template' => 'Preset', 'template warning' => 'You have two options to set up Qos. The First, you press the save button and generate the classes and rules on your own. The second, you press the preset button and classes and rules will be set up by a template.', +'teovpn_fragment' => 'Fragmentsize', 'test' => 'test', 'test email could not be sent' => 'Could not sent Testemail', 'test email was sent' => 'Testemail was send successfully', @@ -2296,14 +2298,13 @@ 'updxlrtr weekly' => 'weekly', 'updxlrtr year' => 'one year', 'upgrade' => 'upgrade', -'uplink' => 'Uplink', 'uplink speed' => 'Uplink speed (kbit/sec)', 'uplink std class' => 'uplink standard class', 'upload' => 'Upload', 'upload a certificate' => 'Upload a certificate:', 'upload a certificate request' => 'Upload a certificate request:', 'upload ca certificate' => 'Upload CA certificate', -'upload dh key' => 'Upload Diffie-Hellman key', +'upload dh key' => 'Upload Diffie-Hellman parameters', 'upload fcdsl.o' => 'TO BE REMOVED', 'upload file' => 'Upload file', 'upload new ruleset' => 'Upload new ruleset', @@ -2555,7 +2556,6 @@ 'vpn aggrmode' => 'IKE aggressive mode allowed. Avoid if possible (preshared key is transmitted in clear text)!', 'vpn altname syntax' => 'SubjectAltName is a comma separated list of e-mail, dns, uri, rid and ip objects.
email:an email address. Syntax email:copy takes the email field from the cert to be used.
DNS:a valid domain name.
URI:any valid uri.
RID:registered object identifier.
IP:an IP address.
Note:charset is limited and case is significant.
Example:
e-mail:ipfire@foo.org,email:copy,DNS:www.ipfire.org,IP:127.0.0.1,URI:http://url/to/something', 'vpn auth-dn' => 'Peer is identified by either IPV4_ADDR, FQDN, USER_FQDN or DER_ASN1_DN string in remote ID field', -'vpn configuration main' => 'VPN Configuration', 'vpn delayed start' => 'Delay before launching VPN (seconds)', 'vpn delayed start help' => 'If required, this delay can be used to allow dynamic DNS updates to propagate properly. 60 is a common value when RED is a dynamic IP.', 'vpn incompatible use of defaultroute' => 'hostname=%defaultroute not allowed', diff --git a/lfs/nut b/lfs/nut index 0a5f84779..c64c5a26b 100644 --- a/lfs/nut +++ b/lfs/nut @@ -24,7 +24,7 @@ include Config -VER = 2.6.3 +VER = 2.7.2 THISAPP = nut-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nut -PAK_VER = 4 +PAK_VER = 5 DEPS = "" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 8db00c21f8bc03add6e14d15f634ec6a +$(DL_FILE)_MD5 = c3568b42e058cfc385b46d25140dced4 install : $(TARGET) diff --git a/lfs/openvpn b/lfs/openvpn index 053d58198..8c7c81a49 100644 --- a/lfs/openvpn +++ b/lfs/openvpn @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2013 IPFire Team # +# Copyright (C) 2007-2014 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,10 +24,10 @@ include Config -VER = 2.3.2 +VER = 2.3.4 THISAPP = openvpn-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 06e5f93dbf13f2c19647ca15ffc23ac1 +$(DL_FILE)_MD5 = 9b70be9fb45e407117c3c9b118e4ba22 install : $(TARGET) @@ -69,7 +69,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure \ --prefix=/usr \ --sysconfdir=/var/ipfire/ovpn \ diff --git a/lfs/squid b/lfs/squid index 00dc12a10..1f1589d01 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ include Config -VER = 3.4.4 +VER = 3.4.5 THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = dc2bcb967fc6b15bbbc6b961010c0c00 +$(DL_FILE)_MD5 = a831efb36cfbaa419f8dc7a43cba72c9 install : $(TARGET) diff --git a/src/initscripts/init.d/nut b/src/initscripts/init.d/nut index 8aba4ff1b..9b4623ece 100644 --- a/src/initscripts/init.d/nut +++ b/src/initscripts/init.d/nut @@ -35,7 +35,7 @@ if [ "x$MODE" = "xnone" ] ; then fi upsd=/usr/sbin/upsd -upsdrvctl=/usr/bin/upsdrvctl +upsdrvctl=/usr/sbin/upsdrvctl upsmon=/usr/sbin/upsmon log=">/dev/null 2>/dev/null"