people/teissler/ipfire-2.x.git
7 years agoFirewall: select right value in DNAT Dropdown
Alexander Marx [Tue, 18 Mar 2014 14:13:02 +0000 (15:13 +0100)] 
Firewall: select right value in DNAT Dropdown

7 years agoFirewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN
Alexander Marx [Tue, 18 Mar 2014 14:02:55 +0000 (15:02 +0100)] 
Firewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN

7 years agoopenssh: Update to 6.6p1.
Michael Tremer [Tue, 18 Mar 2014 17:03:14 +0000 (18:03 +0100)] 
openssh: Update to 6.6p1.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Tue, 18 Mar 2014 17:00:42 +0000 (18:00 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agocore76: add tzdata to update.
Arne Fitzenreiter [Tue, 18 Mar 2014 06:28:13 +0000 (07:28 +0100)] 
core76: add tzdata to update.

7 years agotzdata: fix rootfile.
Arne Fitzenreiter [Tue, 18 Mar 2014 06:20:41 +0000 (07:20 +0100)] 
tzdata: fix rootfile.

7 years agoinitskripts: add pcengines apu support to leds.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:25:08 +0000 (00:25 +0100)] 
initskripts: add pcengines apu support to leds.

7 years agoMerge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Mon, 17 Mar 2014 23:22:24 +0000 (00:22 +0100)] 
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next

7 years agokernel: add pcengines apu led support.
Arne Fitzenreiter [Mon, 17 Mar 2014 23:21:38 +0000 (00:21 +0100)] 
kernel: add pcengines apu led support.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Mon, 17 Mar 2014 21:04:48 +0000 (22:04 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agoMerge remote-tracking branch 'alfh/feature_firewalllog_centergraph' into next
Michael Tremer [Mon, 17 Mar 2014 21:04:44 +0000 (22:04 +0100)] 
Merge remote-tracking branch 'alfh/feature_firewalllog_centergraph' into next

7 years agofirewall: rules.pl: Code cleanup.
Michael Tremer [Mon, 17 Mar 2014 17:03:00 +0000 (18:03 +0100)] 
firewall: rules.pl: Code cleanup.

7 years agofirewall: Fix DNAT rules between internal zones.
Michael Tremer [Mon, 17 Mar 2014 16:39:47 +0000 (17:39 +0100)] 
firewall: Fix DNAT rules between internal zones.

7 years agofirewall: rules.pl: Sanitise source and destination IP addresses.
Michael Tremer [Mon, 17 Mar 2014 14:47:28 +0000 (15:47 +0100)] 
firewall: rules.pl: Sanitise source and destination IP addresses.

Those variables are now empty if source or destination are
unspecified.

7 years agodialctrl: Remove defunct script.
Michael Tremer [Mon, 17 Mar 2014 13:17:44 +0000 (14:17 +0100)] 
dialctrl: Remove defunct script.

7 years agoFirewall: Bugfix: Remark in hostgroups and servicegroups was not changeable
Alexander Marx [Mon, 17 Mar 2014 06:22:24 +0000 (07:22 +0100)] 
Firewall: Bugfix: Remark in hostgroups and servicegroups was not changeable

Another Bugfix: Layout of hostgroups was broken when more than 1 vpn
connection is defined. There where dropdownboxes for every vpn
connection instead of only one

7 years agoUpdate Turkish translation.
Ersan Yildirim [Mon, 17 Mar 2014 11:38:22 +0000 (12:38 +0100)] 
Update Turkish translation.

7 years agotzdata: Update to 2014a.
Michael Tremer [Sun, 16 Mar 2014 15:02:18 +0000 (16:02 +0100)] 
tzdata: Update to 2014a.

7 years agosudo: Update to 1.8.10p1.
Michael Tremer [Sat, 15 Mar 2014 14:08:37 +0000 (15:08 +0100)] 
sudo: Update to 1.8.10p1.

7 years agoMerge branch 'next' of https://github.com/ipfire/ipfire-2.x into feature_firewalllog_...
Alf H√łgemark [Sat, 15 Mar 2014 07:47:56 +0000 (08:47 +0100)] 
Merge branch 'next' of https://github.com/ipfire/ipfire-2.x into feature_firewalllog_centergraph

7 years agoipfire theme: Fix default setting for hostname in title.
Michael Tremer [Thu, 13 Mar 2014 14:43:52 +0000 (15:43 +0100)] 
ipfire theme: Fix default setting for hostname in title.

7 years agofwhost.cgi: disable "use warnings"
Alexander Marx [Thu, 13 Mar 2014 14:35:14 +0000 (15:35 +0100)] 
fwhost.cgi: disable "use warnings"

7 years agoUpdate translations.
Michael Tremer [Thu, 13 Mar 2014 14:37:05 +0000 (15:37 +0100)] 
Update translations.

7 years agoMerge remote-tracking branch 'amarx/BETA3' into next
Michael Tremer [Thu, 13 Mar 2014 14:32:00 +0000 (15:32 +0100)] 
Merge remote-tracking branch 'amarx/BETA3' into next

7 years agoentropy graph: Remove trend line.
Michael Tremer [Thu, 13 Mar 2014 14:29:53 +0000 (15:29 +0100)] 
entropy graph: Remove trend line.

7 years agoAdd link to entropy page and show if there is hardware support available.
Michael Tremer [Thu, 13 Mar 2014 14:27:14 +0000 (15:27 +0100)] 
Add link to entropy page and show if there is hardware support available.

7 years agoVPN Checksubnets: Buttons are now Language Strings
Alexander Marx [Thu, 13 Mar 2014 14:27:01 +0000 (15:27 +0100)] 
VPN Checksubnets: Buttons are now Language Strings

7 years agoVPN Checksubnets: Now the remote subnets (OpenVPN/IPSec) are checked. If they are...
Alexander Marx [Thu, 13 Mar 2014 14:09:01 +0000 (15:09 +0100)] 
VPN Checksubnets: Now the remote subnets (OpenVPN/IPSec) are checked. If they are defined elsewhere, there's a warningmessage displayed

7 years agoFirewall: When delting an OpenVPN or IPSec connection, the rules are only colored...
Alexander Marx [Thu, 13 Mar 2014 12:53:39 +0000 (13:53 +0100)] 
Firewall: When delting an OpenVPN or IPSec connection, the rules are only colored yellow and the firewallrules are reloaded automatically

7 years agoFirewall: When delting an OpenVPN or IPSec connection, the rules are only colored...
Alexander Marx [Thu, 13 Mar 2014 12:53:39 +0000 (13:53 +0100)] 
Firewall: When delting an OpenVPN or IPSec connection, the rules are only colored yellow and the firewallrules are reloaded automatically

7 years agosamba: update to 3.6.23.
Arne Fitzenreiter [Thu, 13 Mar 2014 11:45:56 +0000 (12:45 +0100)] 
samba: update to 3.6.23.

7 years agolinux: Remove disabling of loading the pcspkr module.
Michael Tremer [Tue, 11 Mar 2014 20:47:16 +0000 (21:47 +0100)] 
linux: Remove disabling of loading the pcspkr module.

7 years agobeep: Update to 1.3.
Michael Tremer [Tue, 11 Mar 2014 17:03:59 +0000 (18:03 +0100)] 
beep: Update to 1.3.

7 years agoMerge remote-tracking branch 'amarx/INDEX' into next
Michael Tremer [Mon, 10 Mar 2014 20:35:15 +0000 (21:35 +0100)] 
Merge remote-tracking branch 'amarx/INDEX' into next

7 years agofirewall: Add auxiliary rules for firewall access.
Michael Tremer [Mon, 10 Mar 2014 18:40:20 +0000 (19:40 +0100)] 
firewall: Add auxiliary rules for firewall access.

Rules for accessing the firewall are added when access
to networks (GREEN, BLUE, ...) the firewall resides in is allowed.

7 years agovpnmain.cgi: Remove left-over </td> tag.
Michael Tremer [Mon, 10 Mar 2014 15:11:50 +0000 (16:11 +0100)] 
vpnmain.cgi: Remove left-over </td> tag.

7 years agographs.pl : fixed layout on Nexus 7 devices "hour-Day-week-month-year" now on top...
Alexander Marx [Mon, 10 Mar 2014 11:54:06 +0000 (12:54 +0100)] 
graphs.pl : fixed layout on Nexus 7 devices "hour-Day-week-month-year" now on top of graph

7 years agoindex.cgi: fix colors and tables for vpn connections
Alexander Marx [Mon, 10 Mar 2014 11:22:32 +0000 (12:22 +0100)] 
index.cgi: fix colors and tables for vpn connections

7 years agoipsec: Allow to create firewall rules for IPsec input as well.
Michael Tremer [Sat, 8 Mar 2014 16:29:47 +0000 (17:29 +0100)] 
ipsec: Allow to create firewall rules for IPsec input as well.

7 years agoSet version to 2.15 beta3.
Arne Fitzenreiter [Sat, 8 Mar 2014 13:03:08 +0000 (14:03 +0100)] 
Set version to 2.15 beta3.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Fri, 7 Mar 2014 15:33:42 +0000 (16:33 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agosetddns.pl: Use GetDyndnsRedIP from general-functions.pl.
Michael Tremer [Fri, 7 Mar 2014 15:33:03 +0000 (16:33 +0100)] 
setddns.pl: Use GetDyndnsRedIP from general-functions.pl.

http://forum.ipfire.org/index.php?topic=7504.msg63721#msg63721

7 years agokernel: update to 3.10.33.
Arne Fitzenreiter [Fri, 7 Mar 2014 08:29:20 +0000 (09:29 +0100)] 
kernel: update to 3.10.33.

7 years agogpl.cgi: Fix proper redirection so that the agreement has only to be accepted once.
Michael Tremer [Wed, 5 Mar 2014 22:53:21 +0000 (23:53 +0100)] 
gpl.cgi: Fix proper redirection so that the agreement has only to be accepted once.

7 years agofirewall: Filter logging of broadcasts from the internal networks.
Michael Tremer [Wed, 5 Mar 2014 13:07:23 +0000 (14:07 +0100)] 
firewall: Filter logging of broadcasts from the internal networks.

7 years agofirewall: Allow remarks in Unicode.
Michael Tremer [Wed, 5 Mar 2014 12:59:28 +0000 (13:59 +0100)] 
firewall: Allow remarks in Unicode.

7 years agofirewall: Make ICMP ratelimiting a bit saner again.
Michael Tremer [Wed, 5 Mar 2014 11:31:36 +0000 (12:31 +0100)] 
firewall: Make ICMP ratelimiting a bit saner again.

7 years agoMerge remote-tracking branch 'amarx/beta3' into next
Michael Tremer [Wed, 5 Mar 2014 11:25:12 +0000 (12:25 +0100)] 
Merge remote-tracking branch 'amarx/beta3' into next

7 years agoFirewall: Remarkcheck should now support old firewallrules from converter
Alexander Marx [Wed, 5 Mar 2014 07:13:04 +0000 (08:13 +0100)] 
Firewall: Remarkcheck should now support old firewallrules from converter

7 years agoFirewall: When no manual ip is given on rulecreation and rule is added, there's autom...
Alexander Marx [Wed, 5 Mar 2014 07:02:05 +0000 (08:02 +0100)] 
Firewall: When no manual ip is given on rulecreation and rule is added, there's automatically std_networks "ALL" selected

7 years agofirewall: Don't colourise MAC addresses.
Michael Tremer [Tue, 4 Mar 2014 13:26:55 +0000 (14:26 +0100)] 
firewall: Don't colourise MAC addresses.

Fixes #10491.

7 years agofirewall: Extend rate limiting for ICMP error messages.
Michael Tremer [Tue, 4 Mar 2014 13:14:54 +0000 (14:14 +0100)] 
firewall: Extend rate limiting for ICMP error messages.

Fixes #10489.

7 years agofirewall: Add chain name to logged rules.
Michael Tremer [Tue, 4 Mar 2014 11:38:13 +0000 (12:38 +0100)] 
firewall: Add chain name to logged rules.

This helps us to debug faster where a packet has been dropped.

7 years agofirewall: Add rate limiting for LOG messages.
Michael Tremer [Tue, 4 Mar 2014 11:36:52 +0000 (12:36 +0100)] 
firewall: Add rate limiting for LOG messages.

Fixes #10488.

7 years agoFirewall: Now it is possible to just change the remark in input and outgoing
Alexander Marx [Tue, 4 Mar 2014 15:00:14 +0000 (16:00 +0100)] 
Firewall: Now it is possible to just change the remark in input and outgoing

7 years agoFirewall: When no manual ip is given, standard networks "all" is selected
Alexander Marx [Tue, 4 Mar 2014 15:11:35 +0000 (16:11 +0100)] 
Firewall: When no manual ip is given, standard networks "all" is selected

7 years agoFirewall: Now it is possible to just change the remark in input and outgoing
Alexander Marx [Tue, 4 Mar 2014 15:00:14 +0000 (16:00 +0100)] 
Firewall: Now it is possible to just change the remark in input and outgoing

7 years agoFirewall: FIX allowed chars in remark
Alexander Marx [Tue, 4 Mar 2014 14:44:02 +0000 (15:44 +0100)] 
Firewall: FIX allowed chars in remark

7 years agoMerge remote-tracking branch 'amarx/beta3' into next
Michael Tremer [Tue, 4 Mar 2014 13:54:06 +0000 (14:54 +0100)] 
Merge remote-tracking branch 'amarx/beta3' into next

7 years agoFirewall: get rid of /32 subnetz when using manual ip addresses
Alexander Marx [Tue, 4 Mar 2014 13:51:20 +0000 (14:51 +0100)] 
Firewall: get rid of /32 subnetz when using manual ip addresses

7 years agoFirewall: Bugfix - when creating a new hostgroup, the system checked for existing...
Alexander Marx [Tue, 4 Mar 2014 13:40:59 +0000 (14:40 +0100)] 
Firewall: Bugfix - when creating a new hostgroup, the system checked for existing name in servicegroups instead of hostgroups

7 years agofirewall: Don't colourise MAC addresses.
Michael Tremer [Tue, 4 Mar 2014 13:26:55 +0000 (14:26 +0100)] 
firewall: Don't colourise MAC addresses.

Fixes #10491.

7 years agofirewall: Extend rate limiting for ICMP error messages.
Michael Tremer [Tue, 4 Mar 2014 13:14:54 +0000 (14:14 +0100)] 
firewall: Extend rate limiting for ICMP error messages.

Fixes #10489.

7 years agoMerge remote-tracking branch 'amarx/beta3' into next
Michael Tremer [Tue, 4 Mar 2014 13:14:45 +0000 (14:14 +0100)] 
Merge remote-tracking branch 'amarx/beta3' into next

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Tue, 4 Mar 2014 13:14:36 +0000 (14:14 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agoFirewall: Fix oversized Textfields
Alexander Marx [Tue, 4 Mar 2014 13:07:04 +0000 (14:07 +0100)] 
Firewall: Fix oversized Textfields

7 years agofirewall: Add chain name to logged rules.
Michael Tremer [Tue, 4 Mar 2014 11:38:13 +0000 (12:38 +0100)] 
firewall: Add chain name to logged rules.

This helps us to debug faster where a packet has been dropped.

7 years agofirewall: Add rate limiting for LOG messages.
Michael Tremer [Tue, 4 Mar 2014 11:36:52 +0000 (12:36 +0100)] 
firewall: Add rate limiting for LOG messages.

Fixes #10488.

7 years agoFirewall: Fix Bug 10490 and broken colorization of tables in firewall groups
Alexander Marx [Tue, 4 Mar 2014 10:37:58 +0000 (11:37 +0100)] 
Firewall: Fix Bug 10490 and broken colorization of tables in firewall groups

7 years agokernel: arm-multi: add marvel and allwinner support.
Arne Fitzenreiter [Tue, 4 Mar 2014 06:07:31 +0000 (07:07 +0100)] 
kernel: arm-multi: add marvel and allwinner support.

7 years agovdr: Add eepg plugin.
Michael Tremer [Mon, 3 Mar 2014 15:41:13 +0000 (16:41 +0100)] 
vdr: Add eepg plugin.

7 years agovdr: Add DVBAPI plugin.
Michael Tremer [Mon, 3 Mar 2014 15:31:27 +0000 (16:31 +0100)] 
vdr: Add DVBAPI plugin.

7 years agovdr: Update to 2.0.5.
Michael Tremer [Mon, 3 Mar 2014 15:28:51 +0000 (16:28 +0100)] 
vdr: Update to 2.0.5.

Stupid outdated websites...

7 years agovdr: Update to 2.0.4.
Michael Tremer [Mon, 3 Mar 2014 12:50:37 +0000 (13:50 +0100)] 
vdr: Update to 2.0.4.

7 years agostrongswan: Update to 5.1.2.
Michael Tremer [Mon, 3 Mar 2014 11:27:09 +0000 (12:27 +0100)] 
strongswan: Update to 5.1.2.

http://www.strongswan.org/blog/2014/03/03/strongswan-5.1.2-released.html

7 years agofirewall: Add a trailing space to all log prefixes for better readability.
Michael Tremer [Sun, 2 Mar 2014 21:50:29 +0000 (22:50 +0100)] 
firewall: Add a trailing space to all log prefixes for better readability.

7 years agofirewall: rules.pl: Remove unused variable $time_constraints.
Michael Tremer [Sun, 2 Mar 2014 21:46:17 +0000 (22:46 +0100)] 
firewall: rules.pl: Remove unused variable $time_constraints.

7 years agofirewall: rules.pl: Replace some hardcoded chain names.
Michael Tremer [Sun, 2 Mar 2014 21:44:26 +0000 (22:44 +0100)] 
firewall: rules.pl: Replace some hardcoded chain names.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Sun, 2 Mar 2014 21:38:09 +0000 (22:38 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agofirewall: Resurrect port forwardings with different external ports.
Michael Tremer [Sun, 2 Mar 2014 21:35:27 +0000 (22:35 +0100)] 
firewall: Resurrect port forwardings with different external ports.

7 years agofirewall: Telnet uses TCP
Michael Tremer [Sun, 2 Mar 2014 19:48:58 +0000 (20:48 +0100)] 
firewall: Telnet uses TCP

7 years agofirewall: Make OpenVPN access also possible when INPUT policy is REJECT.
Michael Tremer [Sun, 2 Mar 2014 19:40:00 +0000 (20:40 +0100)] 
firewall: Make OpenVPN access also possible when INPUT policy is REJECT.

7 years agofirewall: Allow accessing port forwardings from internal networks.
Michael Tremer [Sun, 2 Mar 2014 19:37:44 +0000 (20:37 +0100)] 
firewall: Allow accessing port forwardings from internal networks.

7 years agoapache2: update to 2.2.26.
Arne Fitzenreiter [Sun, 2 Mar 2014 18:44:26 +0000 (19:44 +0100)] 
apache2: update to 2.2.26.

7 years agorootfile updates.
Arne Fitzenreiter [Sun, 2 Mar 2014 18:39:42 +0000 (19:39 +0100)] 
rootfile updates.

7 years agofirewall: rules.pl: Refactored entire script.
Michael Tremer [Sun, 2 Mar 2014 17:23:28 +0000 (18:23 +0100)] 
firewall: rules.pl: Refactored entire script.

7 years agofirewall: rules.pl: Cleanup time constraints generation.
Michael Tremer [Sat, 1 Mar 2014 19:20:56 +0000 (20:20 +0100)] 
firewall: rules.pl: Cleanup time constraints generation.

7 years agofirewall: rules.pl: Cleanup rule generation.
Michael Tremer [Sat, 1 Mar 2014 18:54:14 +0000 (19:54 +0100)] 
firewall: rules.pl: Cleanup rule generation.

Various perl coding errors that have been suppressed by "no warnings uninitialized"
have been fixed and lots of helper variables have been introduced to make
it much more clearer what the code is actually doing.

7 years agogeneral-functions.pl: Fix wrong perl syntax.
Michael Tremer [Sat, 1 Mar 2014 17:23:52 +0000 (18:23 +0100)] 
general-functions.pl: Fix wrong perl syntax.

7 years agofirewall: rules.pl: Remove $command and introduce $IPTABLES.
Michael Tremer [Sat, 1 Mar 2014 17:18:40 +0000 (18:18 +0100)] 
firewall: rules.pl: Remove $command and introduce $IPTABLES.

7 years agofirewall: rules.pl: Remove command line args parsing and rest from old debugging...
Michael Tremer [Sat, 1 Mar 2014 17:07:39 +0000 (18:07 +0100)] 
firewall: rules.pl: Remove command line args parsing and rest from old debugging mode.

7 years agofirewall: rules.pl: Introduce a more slink debugging mode.
Michael Tremer [Sat, 1 Mar 2014 17:03:58 +0000 (18:03 +0100)] 
firewall: rules.pl: Introduce a more slink debugging mode.

7 years agofirewall: rules.pl: Fix some coding style.
Michael Tremer [Sat, 1 Mar 2014 16:54:22 +0000 (17:54 +0100)] 
firewall: rules.pl: Fix some coding style.

7 years agofirewall: rules.pl: Remove totally bloated debug mode.
Michael Tremer [Sat, 1 Mar 2014 16:49:22 +0000 (17:49 +0100)] 
firewall: rules.pl: Remove totally bloated debug mode.

7 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Sat, 1 Mar 2014 15:59:32 +0000 (16:59 +0100)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

7 years agoopenvpnctrl: Allow ICMP error messages to pass the transfer net.
Michael Tremer [Sat, 1 Mar 2014 15:51:03 +0000 (16:51 +0100)] 
openvpnctrl: Allow ICMP error messages to pass the transfer net.

7 years agofirewall: Make sure that only packets that go through the tunnel are passing OVPNBLOCK.
Michael Tremer [Sat, 1 Mar 2014 15:44:05 +0000 (16:44 +0100)] 
firewall: Make sure that only packets that go through the tunnel are passing OVPNBLOCK.

7 years agofirewall: Allow access to the entire GREEN/BLUE/ORANGE subnets.
Michael Tremer [Sat, 1 Mar 2014 15:04:01 +0000 (16:04 +0100)] 
firewall: Allow access to the entire GREEN/BLUE/ORANGE subnets.

This includes the firewall itself as well.

7 years agored: change mac address of nas0 device.
Arne Fitzenreiter [Sat, 1 Mar 2014 15:01:11 +0000 (16:01 +0100)] 
red: change mac address of nas0 device.

Traverse Technology has reported that ppp over atm-bridge is not working
because there is a bogus mac address at the virtual nas0 device.

7 years agofirewall: Sort order in which chains are initialized.
Michael Tremer [Sat, 1 Mar 2014 14:02:42 +0000 (15:02 +0100)] 
firewall: Sort order in which chains are initialized.

This has been some real trouble because multiple rules could
not be properly inserted into the rule chains in the kernel
because the chains did not exist, yet.