]>
git.ipfire.org Git - people/teissler/ipfire-2.x.git/log
Arne Fitzenreiter [Thu, 21 Nov 2013 13:14:41 +0000 (14:14 +0100)]
linux-pae: rebuild module deps before initrd build.
Arne Fitzenreiter [Thu, 21 Nov 2013 12:50:03 +0000 (13:50 +0100)]
rootfile updates.
Arne Fitzenreiter [Thu, 21 Nov 2013 12:49:15 +0000 (13:49 +0100)]
kernel: update to 3.10.20.
Arne Fitzenreiter [Thu, 21 Nov 2013 07:10:21 +0000 (08:10 +0100)]
remove old openssh updater rootfile.
Arne Fitzenreiter [Wed, 20 Nov 2013 23:01:21 +0000 (00:01 +0100)]
usbutils: update to 007.
Michael Tremer [Wed, 20 Nov 2013 20:43:20 +0000 (21:43 +0100)]
Merge branch 'master' into fifteen
Michael Tremer [Wed, 20 Nov 2013 20:28:05 +0000 (21:28 +0100)]
Add openssh update to core update 73.
Arne Fitzenreiter [Wed, 20 Nov 2013 16:15:31 +0000 (17:15 +0100)]
install: create /var/run folder on rootfs.
Arne Fitzenreiter [Wed, 20 Nov 2013 06:37:51 +0000 (07:37 +0100)]
setup: change persistent network rules for new udev.
Arne Fitzenreiter [Wed, 20 Nov 2013 06:37:01 +0000 (07:37 +0100)]
udev: disable new netdev names and systemd log prefix.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:36:10 +0000 (23:36 +0100)]
initskripts: updates for new udev.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:34:00 +0000 (23:34 +0100)]
stage2: add /run symlink to /var/run.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:30:27 +0000 (23:30 +0100)]
dracut: fixes for new udev and missing scsi_wait.
Arne Fitzenreiter [Mon, 18 Nov 2013 22:27:37 +0000 (23:27 +0100)]
udev: update to 208.
Arne Fitzenreiter [Mon, 18 Nov 2013 18:00:51 +0000 (19:00 +0100)]
kmod: replace module-init-tools by kmod-13.
newer udev depend on kmod.
Arne Fitzenreiter [Sun, 17 Nov 2013 17:51:04 +0000 (18:51 +0100)]
util-linux: update to 2.24.
this is needed for newer udev versions but need some initskript
changes. The updater and arm rootfile is not finished yet.
Alexander Marx [Wed, 13 Nov 2013 09:44:42 +0000 (10:44 +0100)]
Firewall: Fixed portfw-converter (rules where not converted correctly) And Standard network "IPsec RW" now has brackets around the Ip (when set)
Michael Tremer [Thu, 14 Nov 2013 10:41:18 +0000 (11:41 +0100)]
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Michael Tremer [Thu, 14 Nov 2013 10:40:36 +0000 (11:40 +0100)]
configroot: Fix recursively including /var/ipfire/backup.
This issue has been introduced in
a72fac88 .
Arne Fitzenreiter [Wed, 13 Nov 2013 13:05:27 +0000 (14:05 +0100)]
kernel: update to 3.10.19.
Arne Fitzenreiter [Wed, 13 Nov 2013 13:05:15 +0000 (14:05 +0100)]
Merge remote-tracking branch 'origin/next' into fifteen
Conflicts:
lfs/samba
lfs/strongswan
Arne Fitzenreiter [Wed, 13 Nov 2013 12:39:35 +0000 (13:39 +0100)]
samba: update to 3.6.20.
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
Arne Fitzenreiter [Wed, 13 Nov 2013 12:39:35 +0000 (13:39 +0100)]
samba: update to 3.6.20.
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
Alexander Marx [Tue, 12 Nov 2013 15:24:29 +0000 (16:24 +0100)]
Firewall: new errormessage for maximum number of ports in servicegroups
Alexander Marx [Tue, 12 Nov 2013 15:04:55 +0000 (16:04 +0100)]
Firewall: appended check of maximum ports per protocol. portranges 100:200 count as 2 ports
Alexander Marx [Tue, 12 Nov 2013 14:08:58 +0000 (15:08 +0100)]
Firewall: The maximum of definable services in a servicegroup is limited to 13 per protocol (tcp,udp) because iptables can only handle max 13 services in Multiport
Alexander Marx [Tue, 12 Nov 2013 08:27:16 +0000 (09:27 +0100)]
Firewall: New feature: Now it is possible to define a custom service with a portrange. When using this service in a rule or in a servciegroup, the rule is applied correctly.
Alexander Marx [Mon, 11 Nov 2013 09:23:39 +0000 (10:23 +0100)]
Firewall: Bugfix: the routine to check if a vpn net or host was deleted did not work as expected. Now it even works when source and target contain a vpn host or net
Alexander Marx [Sun, 10 Nov 2013 08:28:02 +0000 (09:28 +0100)]
Firewall: fixed colors of target column when using standard networks
When using RED, OpenVPN-Dyn or IPsec RW as target, the column was not
colored.
Erik Kapfer [Sun, 3 Nov 2013 20:29:04 +0000 (21:29 +0100)]
langs: Fix typo
Michael Tremer [Tue, 12 Nov 2013 23:25:27 +0000 (00:25 +0100)]
strongswan: Delay sending DPD packets after rekeying.
Michael Tremer [Sat, 9 Nov 2013 13:33:16 +0000 (14:33 +0100)]
Merge branch 'master' into next
Michael Tremer [Sat, 9 Nov 2013 13:19:52 +0000 (14:19 +0100)]
Merge branch 'master' into fifteen
Michael Tremer [Sat, 9 Nov 2013 13:16:52 +0000 (14:16 +0100)]
openssh: Update to 6.4p1.
Security fix because of
http://www.openssh.com/txt/gcmrekey.adv
Michael Tremer [Fri, 8 Nov 2013 13:55:23 +0000 (14:55 +0100)]
Ship paxctl with the distribution.
Michael Tremer [Sat, 7 Sep 2013 14:38:23 +0000 (16:38 +0200)]
Multiple CGI files: Check if BLUE or ORANGE are actually configured.
Michael Tremer [Fri, 8 Nov 2013 13:13:30 +0000 (14:13 +0100)]
squid: Update to 3.3.10 + SSL options fix.
Alexander Marx [Tue, 5 Nov 2013 12:47:56 +0000 (13:47 +0100)]
Firewall: Fix typo in backup script which stops the conversion of old firewallrules
Alexander Marx [Mon, 4 Nov 2013 07:04:44 +0000 (08:04 +0100)]
Firewall: Bugfix: When creating a servcie in firewall-groups and selecting a protocol other than icmp, the enty in the ruletable shows correct values PLUS the "all icmp-types" under ICMP.
Now the ICMP FIeld is emtpy when selecting another protocol than icmp
Alexander Marx [Fri, 8 Nov 2013 12:40:24 +0000 (13:40 +0100)]
Firewall: Bugfix: When creating a rule and using brackets in comment, the rule is denied because of invalid characters in String. But when creating a rule with just valid characters (witjout brackets) and then editing the rule it is possible to use brackets without errormessage.
Now brackets are allowed.
Alexander Marx [Mon, 4 Nov 2013 06:31:31 +0000 (07:31 +0100)]
Firewall: remove /var/ipfire/portfw as it is not used anymore
Michael Tremer [Fri, 8 Nov 2013 12:38:09 +0000 (13:38 +0100)]
firewall: Don't require to enable the RW server for N2N networks.
The firewall rules for OpenVPN have not been applied for N2N
connections when the road warrior server was disabled.
Michael Tremer [Thu, 7 Nov 2013 19:56:43 +0000 (20:56 +0100)]
strongswan: Update to 5.1.1.
Arne Fitzenreiter [Mon, 4 Nov 2013 20:26:52 +0000 (21:26 +0100)]
kernel: update to 3.10.18.
Michael Tremer [Thu, 31 Oct 2013 14:35:34 +0000 (15:35 +0100)]
Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen
Michael Tremer [Thu, 31 Oct 2013 14:34:40 +0000 (15:34 +0100)]
firewall: Fix wrong symbol for variable.
Alexander Marx [Wed, 30 Oct 2013 14:49:21 +0000 (15:49 +0100)]
Firewall: added IP-Address to dropdown in DNAT part and now all ip-addresses are in brackets
Alexander Marx [Wed, 30 Oct 2013 12:41:33 +0000 (13:41 +0100)]
Firewall: Show IP-Adresses in NAT-Source dropdown
Michael Tremer [Tue, 29 Oct 2013 17:45:40 +0000 (18:45 +0100)]
firewall: Simplify code which shows the last rule.
Also change headings of the rule sections.
Michael Tremer [Tue, 29 Oct 2013 15:57:58 +0000 (16:57 +0100)]
firewall: NAT section: Don't show irrelevant controls.
Michael Tremer [Tue, 29 Oct 2013 15:23:35 +0000 (16:23 +0100)]
Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen
Michael Tremer [Tue, 29 Oct 2013 15:22:13 +0000 (16:22 +0100)]
P2P block: Add notice that the user will reload the firewall ruleset.
Alexander Marx [Tue, 29 Oct 2013 07:34:42 +0000 (08:34 +0100)]
Firewall: fixed untranslated Strings
Michael Tremer [Mon, 28 Oct 2013 20:00:03 +0000 (21:00 +0100)]
strongswan: Update to 5.1.1rc1.
Michael Tremer [Mon, 28 Oct 2013 19:35:36 +0000 (20:35 +0100)]
firewall: Fix rendering issue of the rule table.
Michael Tremer [Sun, 27 Oct 2013 12:12:12 +0000 (13:12 +0100)]
Merge branch 'next' into fifteen
Michael Tremer [Sun, 27 Oct 2013 12:09:30 +0000 (13:09 +0100)]
cups: Update to 1.7.0.
Michael Tremer [Fri, 25 Oct 2013 09:40:06 +0000 (11:40 +0200)]
firewall: Fix layout of protocol selection.
Michael Tremer [Thu, 24 Oct 2013 20:16:49 +0000 (22:16 +0200)]
cups: Use libusb.
Michael Tremer [Thu, 24 Oct 2013 20:11:41 +0000 (22:11 +0200)]
libusbx: New package.
Michael Tremer [Thu, 24 Oct 2013 17:41:17 +0000 (19:41 +0200)]
strongswan: Rootfile update.
Michael Tremer [Thu, 24 Oct 2013 16:14:22 +0000 (18:14 +0200)]
gutenprint: Update to 5.2.9.
Alexander Marx [Thu, 24 Oct 2013 14:24:45 +0000 (16:24 +0200)]
Firewall: added missing translation for short IPv6 protcol in ruletable
Alexander Marx [Thu, 24 Oct 2013 14:04:26 +0000 (16:04 +0200)]
Firewall: rename Protocol 41 in Dropdown and ruletable ->Now "IPv6 Encapsulation (protocol 41)" in dropdown and "IPv6 Encap" in ruletable
Michael Tremer [Thu, 24 Oct 2013 13:21:42 +0000 (15:21 +0200)]
foomatic: Update to 4.0.9/4.0.17 (
20131023 ).
Michael Tremer [Thu, 24 Oct 2013 13:21:33 +0000 (15:21 +0200)]
cups: Update to 1.6.4.
Michael Tremer [Thu, 24 Oct 2013 13:20:57 +0000 (15:20 +0200)]
make.sh: Build dbus before cups and foomatic.
Michael Tremer [Thu, 24 Oct 2013 13:12:09 +0000 (15:12 +0200)]
mpage: New package.
Required for foomatic 4.x.
Alexander Marx [Thu, 24 Oct 2013 12:16:03 +0000 (14:16 +0200)]
Firewall: fix deleted files from core fifteen firewall
Alexander Marx [Thu, 24 Oct 2013 07:42:42 +0000 (09:42 +0200)]
Firewall: renamed forwardfwctrl to firewallctrl
Alexander Marx [Thu, 24 Oct 2013 07:24:12 +0000 (09:24 +0200)]
Firewall: Renamed directory /var/ipfire/forward to /var/ipfire/firewall
Alexander Marx [Thu, 24 Oct 2013 06:15:48 +0000 (08:15 +0200)]
Firewall: renamed /config/forwardfw to config/firewall
Alexander Marx [Thu, 24 Oct 2013 05:59:42 +0000 (07:59 +0200)]
Firewall: Added protocols IPv6 (41) and IPIP (94)
Alexander Marx [Thu, 17 Oct 2013 15:14:19 +0000 (17:14 +0200)]
FIREWALL: renamed forwardfw.cgi in firewall.cgi
Alexander Marx [Wed, 23 Oct 2013 14:06:54 +0000 (16:06 +0200)]
Firewall: Make it possible to use NAT rules with servicegroups.
Alexander Marx [Wed, 23 Oct 2013 14:05:50 +0000 (16:05 +0200)]
Firewall: Make it possible to use NAT without Ports specified
Michael Tremer [Tue, 22 Oct 2013 19:10:25 +0000 (21:10 +0200)]
Merge branch 'firewall-fifteen' into fifteen
Michael Tremer [Tue, 22 Oct 2013 19:09:01 +0000 (21:09 +0200)]
firewall: Add proper descriptions/translations for NAT.
Michael Tremer [Tue, 22 Oct 2013 18:21:33 +0000 (20:21 +0200)]
firewall: Straighten the format of the rule table.
Lots of markup and code cleanup.
Michael Tremer [Tue, 22 Oct 2013 17:08:35 +0000 (19:08 +0200)]
p2p-block.cgi: Fix coding style.
Michael Tremer [Tue, 22 Oct 2013 16:58:15 +0000 (18:58 +0200)]
P2P block: Fix strings.
Michael Tremer [Tue, 22 Oct 2013 16:53:48 +0000 (18:53 +0200)]
firewall: Cleanup rules reloading.
This has been messed up a lot because there were multiple
files which indicated that a reload is needed; shell commands
were used to create and remove the indicator file; some
functions were duplicated.
Michael Tremer [Tue, 22 Oct 2013 15:39:56 +0000 (17:39 +0200)]
firewall: Predefine value for checkboxes.
It turns out, that this is not good style, but as the
rest of the CGI depends on it, we need to stick with
this.
Michael Tremer [Tue, 22 Oct 2013 15:23:23 +0000 (17:23 +0200)]
firewall: Move NAT port field to the protocol section.
Michael Tremer [Tue, 22 Oct 2013 14:59:16 +0000 (16:59 +0200)]
firewall: Fix collapsing the NAT menu.
Also removing a lot of redundant HTML code and invalid
attributes.
Michael Tremer [Tue, 22 Oct 2013 14:44:43 +0000 (16:44 +0200)]
firewall: Update the re-read button.
Change to a more meaningful description and remove the
big green box.
Michael Tremer [Tue, 22 Oct 2013 13:01:24 +0000 (15:01 +0200)]
strongswan: Update to 5.1.1dr4.
Michael Tremer [Tue, 22 Oct 2013 11:15:36 +0000 (13:15 +0200)]
Merge remote-tracking branch 'morlix/check_mk' into next
Timo Eissler [Sat, 19 Oct 2013 22:46:53 +0000 (00:46 +0200)]
Merge branch 'master' into check_mk
Timo Eissler [Sat, 19 Oct 2013 22:41:22 +0000 (00:41 +0200)]
fix: create check_mk_agent plugins directory
Arne Fitzenreiter [Sat, 19 Oct 2013 13:05:42 +0000 (15:05 +0200)]
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Arne Fitzenreiter [Sat, 19 Oct 2013 13:05:14 +0000 (15:05 +0200)]
kernel: update to 3.10.17.
Michael Tremer [Thu, 17 Oct 2013 15:58:45 +0000 (17:58 +0200)]
firewall: Don't show rule activation checkbox when creating a rule.
Almost certainly, the user wants the new rule to be active when
it is created. We should put as few input elements as possible
on the rule creation page.
Michael Tremer [Thu, 17 Oct 2013 15:39:43 +0000 (17:39 +0200)]
Update translations.
Michael Tremer [Thu, 17 Oct 2013 15:39:12 +0000 (17:39 +0200)]
firewall: Fix invalid HTML syntax.
Michael Tremer [Thu, 17 Oct 2013 15:33:46 +0000 (17:33 +0200)]
firewall: Simplify rule action selection.
Instead of two clicks, this is now changable with only
one click. The color coding should make the decision easier
and warn to not make unwanted configurations.
Michael Tremer [Thu, 17 Oct 2013 14:49:07 +0000 (16:49 +0200)]
firewall: Make time constraints selection collapsable.
Michael Tremer [Thu, 17 Oct 2013 14:19:18 +0000 (16:19 +0200)]
nagios: The plugins cannot be built in parallel.
Alexander Marx [Thu, 17 Oct 2013 12:27:41 +0000 (14:27 +0200)]
Firewall: Language changes, JQuery code cleanup
Alexander Marx [Thu, 17 Oct 2013 10:10:34 +0000 (12:10 +0200)]
Firewall: some languagefile changes