From 512d54a98f02dbed4bd67c73dad0c318d8831f8c Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Tue, 18 Jan 2011 19:20:48 +0100 Subject: [PATCH 01/40] Fixed Proxy unable to handle max download size correct. Added and started to core 45. --- config/rootfiles/core/45/exclude | 0 config/rootfiles/core/45/filelists/files | 3 ++ config/rootfiles/core/45/meta | 1 + config/rootfiles/core/45/update.sh | 49 ++++++++++++++++++++++++ html/cgi-bin/proxy.cgi | 12 +++--- 5 files changed, 58 insertions(+), 7 deletions(-) create mode 100644 config/rootfiles/core/45/exclude create mode 100644 config/rootfiles/core/45/filelists/files create mode 100644 config/rootfiles/core/45/meta create mode 100644 config/rootfiles/core/45/update.sh diff --git a/config/rootfiles/core/45/exclude b/config/rootfiles/core/45/exclude new file mode 100644 index 000000000..e69de29bb diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files new file mode 100644 index 000000000..d3c27e8a1 --- /dev/null +++ b/config/rootfiles/core/45/filelists/files @@ -0,0 +1,3 @@ +etc/system-release +etc/issue +srv/web/ipfire/cgi-bin/proxy.cgi diff --git a/config/rootfiles/core/45/meta b/config/rootfiles/core/45/meta new file mode 100644 index 000000000..d547fa86f --- /dev/null +++ b/config/rootfiles/core/45/meta @@ -0,0 +1 @@ +DEPS="" diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh new file mode 100644 index 000000000..40d08d438 --- /dev/null +++ b/config/rootfiles/core/45/update.sh @@ -0,0 +1,49 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2010 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +# +#Stop services + +# +#Extract files +extract_files + +# +#Start services + +# +#Update Language cache +#perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" + +#Rebuild module dep's +#depmod 2.6.32.28-ipfire +#depmod 2.6.32.28-ipfire-pae +#depmod 2.6.32.28-ipfire-xen + +# +#Finish +#Don't report the exitcode last command +exit 0 diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 2525b6e2f..f732c5b68 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -82,7 +82,6 @@ my @templist=(); my $cachemem=0; my $proxy1=''; my $proxy2=''; -my $replybodymaxsize=0; my $browser_regexp=''; my $needhup = 0; my $errormessage=''; @@ -3870,19 +3869,18 @@ END request_body_max_size $proxysettings{'MAX_OUTGOING_SIZE'} KB END ; - $replybodymaxsize = 1024 * $proxysettings{'MAX_INCOMING_SIZE'}; if ($proxysettings{'MAX_INCOMING_SIZE'} > 0) { - if (!-z $acl_src_unrestricted_ip) { print FILE "reply_body_max_size 0 deny IPFire_unrestricted_ips\n"; } - if (!-z $acl_src_unrestricted_mac) { print FILE "reply_body_max_size 0 deny IPFire_unrestricted_mac\n"; } + if (!-z $acl_src_unrestricted_ip) { print FILE "reply_body_max_size none IPFire_unrestricted_ips\n"; } + if (!-z $acl_src_unrestricted_mac) { print FILE "reply_body_max_size none IPFire_unrestricted_mac\n"; } if ($proxysettings{'AUTH_METHOD'} eq 'ncsa') { - if (!-z $extgrp) { print FILE "reply_body_max_size 0 deny for_extended_users\n"; } + if (!-z $extgrp) { print FILE "reply_body_max_size none for_extended_users\n"; } } } - if ( $replybodymaxsize != '0' ) + if ( $proxysettings{'MAX_INCOMING_SIZE'} != '0' ) { - print FILE "reply_body_max_size $replybodymaxsize deny all\n\n"; + print FILE "reply_body_max_size $proxysettings{'MAX_INCOMING_SIZE'} KB all\n\n"; } print FILE "visible_hostname"; From 090e421172e56743af36a4f3e734b8b60e4e0b0c Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 18 Jan 2011 19:18:41 +0100 Subject: [PATCH 02/40] fireinfo: Fix hash collision because of very weird UUID. --- lfs/fireinfo | 4 ++++ src/patches/fireinfo-invalid-id.patch | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 src/patches/fireinfo-invalid-id.patch diff --git a/lfs/fireinfo b/lfs/fireinfo index abc9d848d..97b5a8705 100644 --- a/lfs/fireinfo +++ b/lfs/fireinfo @@ -70,6 +70,10 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + + # Fix for braindead board vendors. + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-invalid-id.patch + cd $(DIR_APP) && python setup.py build cd $(DIR_APP) && python setup.py install diff --git a/src/patches/fireinfo-invalid-id.patch b/src/patches/fireinfo-invalid-id.patch new file mode 100644 index 000000000..669deb62e --- /dev/null +++ b/src/patches/fireinfo-invalid-id.patch @@ -0,0 +1,18 @@ +commit ac68f90a0229083d755e7e2e8980822405ac2da8 +Author: Michael Tremer +Date: Tue Jan 18 19:11:06 2011 +0100 + + Add invalid ID: 00020003-0004-0005-0006-000700080009. + +diff --git a/fireinfo/system.py b/fireinfo/system.py +index 135c29b..690eae2 100644 +--- a/fireinfo/system.py ++++ b/fireinfo/system.py +@@ -41,6 +41,7 @@ INVALID_ID_STRINGS = ( + "N/A", "n/a", + "12345", "54321", "202020", + "Chassis", "chassis", ++ "00020003-0004-0005-0006-000700080009", + ) + + class Singleton(type): From f2ab614b46212a977026117aba71968fc8bf361c Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 18 Jan 2011 19:59:44 +0100 Subject: [PATCH 03/40] fireinfo: Update to 2.0.3. --- lfs/fireinfo | 8 ++------ src/patches/fireinfo-invalid-id.patch | 18 ------------------ 2 files changed, 2 insertions(+), 24 deletions(-) delete mode 100644 src/patches/fireinfo-invalid-id.patch diff --git a/lfs/fireinfo b/lfs/fireinfo index 97b5a8705..0c55e007c 100644 --- a/lfs/fireinfo +++ b/lfs/fireinfo @@ -24,7 +24,7 @@ include Config -VER = 2.0.2 +VER = 2.0.3 THISAPP = fireinfo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = ed29f591ccfeeb6386a61eafcc5dc398 +$(DL_FILE)_MD5 = f9ce8b96350dd5af1e5c095806128cd0 install : $(TARGET) @@ -70,10 +70,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - - # Fix for braindead board vendors. - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-invalid-id.patch - cd $(DIR_APP) && python setup.py build cd $(DIR_APP) && python setup.py install diff --git a/src/patches/fireinfo-invalid-id.patch b/src/patches/fireinfo-invalid-id.patch deleted file mode 100644 index 669deb62e..000000000 --- a/src/patches/fireinfo-invalid-id.patch +++ /dev/null @@ -1,18 +0,0 @@ -commit ac68f90a0229083d755e7e2e8980822405ac2da8 -Author: Michael Tremer -Date: Tue Jan 18 19:11:06 2011 +0100 - - Add invalid ID: 00020003-0004-0005-0006-000700080009. - -diff --git a/fireinfo/system.py b/fireinfo/system.py -index 135c29b..690eae2 100644 ---- a/fireinfo/system.py -+++ b/fireinfo/system.py -@@ -41,6 +41,7 @@ INVALID_ID_STRINGS = ( - "N/A", "n/a", - "12345", "54321", "202020", - "Chassis", "chassis", -+ "00020003-0004-0005-0006-000700080009", - ) - - class Singleton(type): From 7bb21658735d8e84fac4721892ed7c81ddc2ac7a Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 18 Jan 2011 21:30:58 +0100 Subject: [PATCH 04/40] Add fireinfo update to core45. --- config/rootfiles/core/45/filelists/fireinfo | 1 + 1 file changed, 1 insertion(+) create mode 120000 config/rootfiles/core/45/filelists/fireinfo diff --git a/config/rootfiles/core/45/filelists/fireinfo b/config/rootfiles/core/45/filelists/fireinfo new file mode 120000 index 000000000..c46115521 --- /dev/null +++ b/config/rootfiles/core/45/filelists/fireinfo @@ -0,0 +1 @@ +../../../common/fireinfo \ No newline at end of file From 5d547072c3e454549eb0ac0c36827ebcba8eba4a Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 19 Jan 2011 01:27:23 +0100 Subject: [PATCH 05/40] parted: New package. --- config/rootfiles/packages/parted | 48 ++++++++++++++++++++ lfs/parted | 77 ++++++++++++++++++++++++++++++++ make.sh | 1 + 3 files changed, 126 insertions(+) create mode 100644 config/rootfiles/packages/parted create mode 100644 lfs/parted diff --git a/config/rootfiles/packages/parted b/config/rootfiles/packages/parted new file mode 100644 index 000000000..74164e0b7 --- /dev/null +++ b/config/rootfiles/packages/parted @@ -0,0 +1,48 @@ +#usr/include/parted +#usr/include/parted/constraint.h +#usr/include/parted/debug.h +#usr/include/parted/device.h +#usr/include/parted/disk.h +#usr/include/parted/exception.h +#usr/include/parted/filesys.h +#usr/include/parted/geom.h +#usr/include/parted/natmath.h +#usr/include/parted/parted.h +#usr/include/parted/timer.h +#usr/include/parted/unit.h +#usr/lib/libparted.a +#usr/lib/libparted.la +#usr/lib/libparted.so +usr/lib/libparted.so.0 +usr/lib/libparted.so.0.0.1 +#usr/lib/pkgconfig/libparted.pc +usr/sbin/parted +usr/sbin/partprobe +#usr/share/info/parted.info +#usr/share/locale/ca/LC_MESSAGES/parted.mo +#usr/share/locale/cs/LC_MESSAGES/parted.mo +#usr/share/locale/da/LC_MESSAGES/parted.mo +#usr/share/locale/de/LC_MESSAGES/parted.mo +#usr/share/locale/es/LC_MESSAGES/parted.mo +#usr/share/locale/fr/LC_MESSAGES/parted.mo +#usr/share/locale/gl/LC_MESSAGES/parted.mo +#usr/share/locale/id/LC_MESSAGES/parted.mo +#usr/share/locale/it/LC_MESSAGES/parted.mo +#usr/share/locale/ja/LC_MESSAGES/parted.mo +#usr/share/locale/nl/LC_MESSAGES/parted.mo +#usr/share/locale/nn/LC_MESSAGES/parted.mo +#usr/share/locale/pl/LC_MESSAGES/parted.mo +#usr/share/locale/pt/LC_MESSAGES/parted.mo +#usr/share/locale/pt_BR/LC_MESSAGES/parted.mo +#usr/share/locale/ro/LC_MESSAGES/parted.mo +#usr/share/locale/ru/LC_MESSAGES/parted.mo +#usr/share/locale/rw/LC_MESSAGES/parted.mo +#usr/share/locale/sk/LC_MESSAGES/parted.mo +#usr/share/locale/sv/LC_MESSAGES/parted.mo +#usr/share/locale/tr/LC_MESSAGES/parted.mo +#usr/share/locale/uk/LC_MESSAGES/parted.mo +#usr/share/locale/vi/LC_MESSAGES/parted.mo +#usr/share/locale/zh_CN/LC_MESSAGES/parted.mo +#usr/share/locale/zh_TW/LC_MESSAGES/parted.mo +#usr/share/man/man8/parted.8 +#usr/share/man/man8/partprobe.8 diff --git a/lfs/parted b/lfs/parted new file mode 100644 index 000000000..7a70d9927 --- /dev/null +++ b/lfs/parted @@ -0,0 +1,77 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 2.3 + +THISAPP = parted-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 30ceb6df7e8681891e865e2fe5a7903d + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr --disable-device-mapper + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index fe473aeec..13d79e088 100755 --- a/make.sh +++ b/make.sh @@ -685,6 +685,7 @@ buildipfire() { ipfiremake miniupnpd ipfiremake client175 ipfiremake powertop + ipfiremake parted echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild echo >> $BASEDIR/build/var/ipfire/firebuild From e85d32bbb3eb5c5debf106737c4a4fe8c4729325 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 19 Jan 2011 17:35:18 +0100 Subject: [PATCH 06/40] Fix index.cgi autorefresh. --- config/rootfiles/core/45/filelists/files | 3 ++- html/cgi-bin/index.cgi | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index d3c27e8a1..46d399105 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -1,3 +1,4 @@ etc/system-release etc/issue -srv/web/ipfire/cgi-bin/proxy.cgi +srv/web/ipfire/cgi-bin/index.cgi +srv/web/ipfire/cgi-bin/proxy.cgi \ No newline at end of file diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 6a93b6837..45b0fd74c 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2010 IPFire Team # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -58,7 +58,7 @@ my %mainsettings = (); my $connstate = &Header::connectionstatus(); - if ( -e "/var/ipfire/main/gpl-acceted" ) { + if ( -e "/var/ipfire/main/gpl-accepted" ) { if ($cgiparams{'ACTION'} eq $Lang::tr{'shutdown'} || $cgiparams{'ACTION'} eq $Lang::tr{'reboot'}) { $refresh = ""; } elsif ($connstate =~ /$Lang::tr{'connecting'}/ || /$Lang::tr{'connection closed'}/ ){ From 73c7eff80ece6765c5c147514a3ce2153f7bf4c8 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 19 Jan 2011 17:47:56 +0100 Subject: [PATCH 07/40] Remove some httpd errorlog entries. --- config/rootfiles/core/45/filelists/files | 5 ++++- html/cgi-bin/connections.cgi | 4 ++-- html/cgi-bin/index.cgi | 2 +- html/cgi-bin/pppsetup.cgi | 4 ++-- html/cgi-bin/proxy.cgi | 2 +- html/cgi-bin/vpnmain.cgi | 4 ++-- 6 files changed, 12 insertions(+), 9 deletions(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index 46d399105..afefcadb0 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -1,4 +1,7 @@ etc/system-release etc/issue +srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/index.cgi -srv/web/ipfire/cgi-bin/proxy.cgi \ No newline at end of file +srv/web/ipfire/cgi-bin/pppsetup.cgi +srv/web/ipfire/cgi-bin/proxy.cgi +srv/web/ipfire/cgi-bin/vpnmain.cgi diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi index 7b53c009e..14ee20910 100644 --- a/html/cgi-bin/connections.cgi +++ b/html/cgi-bin/connections.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -57,7 +57,7 @@ if (open(IP, "${General::swroot}/red/local-ipaddress")) { push(@colour, ${Header::colourfw} ); } -my @vpn = `/usr/local/bin/ipsecctrl I|grep erouted|cut -d"]" -f3|cut -d"=" -f4|cut -d";" -f1| sed "s|/| |g"`; +my @vpn = `/usr/local/bin/ipsecctrl I 2>/dev/null|grep erouted|cut -d"]" -f3|cut -d"=" -f4|cut -d";" -f1| sed "s|/| |g"`; foreach my $route (@vpn) { chomp($route); my @temp = split(/[\t ]+/, $route); diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 45b0fd74c..8e623c96a 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -431,7 +431,7 @@ foreach my $line (@df) { } # S.M.A.R.T. health warning -my @files = `/bin/ls /var/run/smartctl_out_hddtemp-*`; +my @files = `/bin/ls /var/run/smartctl_out_hddtemp-* 2>/dev/null`; foreach my $file (@files) { chomp ($file); my $disk=`echo $file | cut -d"-" -f2`; diff --git a/html/cgi-bin/pppsetup.cgi b/html/cgi-bin/pppsetup.cgi index 0bfeabd1b..e2af0a088 100644 --- a/html/cgi-bin/pppsetup.cgi +++ b/html/cgi-bin/pppsetup.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -486,7 +486,7 @@ print </dev/null | grep 0`; chomp ($atmdev); if ($atmdev ne '') { print < # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index f336ec610..55582952b 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2010 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2011 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -2400,7 +2400,7 @@ EOF &General::readhasharray("${General::swroot}/vpn/config", \%confighash); $cgiparams{'CA_NAME'} = ''; - my @status = `/usr/local/bin/ipsecctrl I`; + my @status = `/usr/local/bin/ipsecctrl I 2>/dev/null`; # suggest a default name for this side if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") { From 8dbba0e4607ad83d26849e87b09ef52a5ec3f70f Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Wed, 19 Jan 2011 18:43:16 +0100 Subject: [PATCH 08/40] Fixed Avira Update Caching and improved Gentoo Caching. --- config/rootfiles/core/45/filelists/files | 1 + config/rootfiles/core/45/update.sh | 4 ++++ config/updxlrator/updxlrator | 11 +++++++++-- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index afefcadb0..f6d15ca78 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -5,3 +5,4 @@ srv/web/ipfire/cgi-bin/index.cgi srv/web/ipfire/cgi-bin/pppsetup.cgi srv/web/ipfire/cgi-bin/proxy.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi +usr/sbin/updxlrator diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 40d08d438..1197905cd 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -26,6 +26,8 @@ # #Stop services +echo Stopping Proxy +/etc/init.d/squid stop 2>/dev/null # #Extract files @@ -33,6 +35,8 @@ extract_files # #Start services +echo Starting Proxy +/etc/init.d/squid start 2>/dev/null # #Update Language cache diff --git a/config/updxlrator/updxlrator b/config/updxlrator/updxlrator index 7f44ff76d..4aaa38938 100644 --- a/config/updxlrator/updxlrator +++ b/config/updxlrator/updxlrator @@ -101,7 +101,10 @@ while (<>) { # Section: Linux Downloads # ----------------------------------------------------------- - if ($source_url =~ m@^[h|f]t?tp://[^?]+\.(deb|rpm)$@i) + if ( + ($source_url =~ m@^[h|f]t?tp://[^?]+\.(deb|rpm)$@i) || + ($source_url =~ m@^[h|f]t?tp://[^?]+/distfiles/[^?]+\.(tar\.gz|tar\.bz2|tgz|zip|patch\.bz2|gz|docx|patch|pdf|exe)$@i) + ) { $xlrator_url = &check_cache($source_url,$hostaddr,$username,"Linux",$mirror); } @@ -157,7 +160,11 @@ while (<>) { # Section: Avira Downloads # ----------------------------------------------------------- - if ($source_url =~ m@^http://dl[0-9]\.avgate\.net/.*\.(htm|html|gz)$@i) + if ( + ($source_url =~ m@^http://dl[0-9]\.avgate\.net/.*\.(htm|html|gz)$@i) || + ($source_url =~ m@^http://80.190.130.19[4-5]/update/.*\.(htm|html|gz)$@i) || + ($source_url =~ m@^http://62.146.64.14[6-7]/update/.*\.(htm|html|gz)$@i) + ) { $xlrator_url = &check_cache($source_url,$hostaddr,$username,"Avira",$mirror); } From 3c43cafe14ff93fa92932d0895cb4ba7e3d25e83 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Thu, 20 Jan 2011 00:13:39 +0100 Subject: [PATCH 09/40] Fix parted package build. --- lfs/parted | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lfs/parted b/lfs/parted index 7a70d9927..25db9e5c3 100644 --- a/lfs/parted +++ b/lfs/parted @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -32,6 +32,11 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) +PROG = parted +PAK_VER = 1 + +DEPS = "" + ############################################################################### # Top-level Rules ############################################################################### @@ -50,6 +55,9 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects)) md5 : $(subst %,%_MD5,$(objects)) +dist: + @$(PAK) + ############################################################################### # Downloading, checking, md5sum ############################################################################### From 8845173bd6ebcd3ec82a6e2a674da509446d597b Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Thu, 20 Jan 2011 00:15:54 +0100 Subject: [PATCH 10/40] makegraphs: Remove some erroroutputs. --- src/scripts/makegraphs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/scripts/makegraphs b/src/scripts/makegraphs index c2baee7cc..97d086a10 100644 --- a/src/scripts/makegraphs +++ b/src/scripts/makegraphs @@ -3,7 +3,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2008 Michael Tremer & Christian Schmidt # +# Copyright (C) 2008-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -103,7 +103,7 @@ sub updatehdddata{ system ('/usr/bin/vnstat -u'); my @disks = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`; -system("unlink /var/run/hddstatus && touch /var/run/hddstatus"); +system("unlink /var/run/hddstatus 2>/dev/null && touch /var/run/hddstatus"); foreach (@disks){ my $disk = $_; chomp $disk; @@ -114,7 +114,7 @@ foreach (@disks){ my $newdiskstats = ""; my @array = split(/\//,$disk); - $diskstats = `cat /var/run/hddstats-$array[$#array]`; + $diskstats = `cat /var/run/hddstats-$array[$#array] 2>/dev/null`; chomp $diskstats; my $newdiskstats = `/usr/bin/iostat -d -t $disk | tail -2 | head -1 | awk '{ print \$5","\$6}'`; chomp $newdiskstats; @@ -122,7 +122,7 @@ foreach (@disks){ chomp $status; if ($status !~/standby/ || $diskstats ne $newdiskstats){ - if (-e "/var/run/hddshutdown-".$array[$#array]){system("unlink /var/run/hddshutdown-".$array[$#array]);} + if (-e "/var/run/hddshutdown-".$array[$#array]){system("unlink /var/run/hddshutdown-".$array[$#array]." 2>/dev/null");} } if (-e "/var/run/hddshutdown-".$array[$#array]){$status = " standby\n";} From 8955b5a74668565b31ffad1df13d2be1add87fb2 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Thu, 20 Jan 2011 20:10:23 +0100 Subject: [PATCH 11/40] Fixed index.cgi nfs mount warning by using posix output. --- html/cgi-bin/index.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 8e623c96a..0dcadb0b2 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -407,7 +407,7 @@ if ($used / $mem > 90) { # Diskspace usage warning my @temp=(); my $temp2=(); -my @df = `/bin/df -B M -x rootfs`; +my @df = `/bin/df -B M -P -x rootfs`; foreach my $line (@df) { next if $line =~ m/^Filesystem/; if ($line =~ m/root/ ) { From e4e42008adb48a1c97fa4ec829fcb01c242b8c8f Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Thu, 20 Jan 2011 21:01:42 +0100 Subject: [PATCH 12/40] Fixed outgoing fw log messages in mode 1 and found a bug logging only active when using german language. --- config/outgoingfw/outgoingfw.pl | 11 +++++++++-- config/rootfiles/core/45/filelists/files | 1 + config/rootfiles/core/45/update.sh | 2 ++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/config/outgoingfw/outgoingfw.pl b/config/outgoingfw/outgoingfw.pl index 6709ee603..53462db48 100644 --- a/config/outgoingfw/outgoingfw.pl +++ b/config/outgoingfw/outgoingfw.pl @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2005-2010 IPFire Team # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,6 +25,7 @@ use strict; #use warnings; require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; my %outfwsettings = (); my %checked = (); @@ -218,7 +219,13 @@ foreach $configentry (sort @configs) $CMD = "$CMD -o $netsettings{'RED_DEV'}"; - if ($configline[9] eq "aktiv") { + if ( $configline[9] eq $Lang::tr{'aktiv'} && $outfwsettings{'POLICY'} eq 'MODE1' ) { + if ($DEBUG) { + print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'LOG_OUTGOINGFW '\n"; + } else { + system("$CMD -m limit --limit 10/minute -j LOG --log-prefix 'LOG_OUTGOINGFW '"); + } + } elsif ( $configline[9] eq $Lang::tr{'aktiv'} && $outfwsettings{'POLICY'} eq 'MODE2' ) { if ($DEBUG) { print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW '\n"; } else { diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index f6d15ca78..814baf3e4 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -6,3 +6,4 @@ srv/web/ipfire/cgi-bin/pppsetup.cgi srv/web/ipfire/cgi-bin/proxy.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi usr/sbin/updxlrator +var/ipfire/outgoing/bin/outgoingfw.pl diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 1197905cd..03c6cfbba 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -37,6 +37,8 @@ extract_files #Start services echo Starting Proxy /etc/init.d/squid start 2>/dev/null +echo Rewriting Outgoing FW Rules +/var/ipfire/outgoing/bin/outgoingfw.pl # #Update Language cache From 5b7f487baa9a67d5f415ef9ca2de8840933f837d Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Thu, 20 Jan 2011 21:09:14 +0100 Subject: [PATCH 13/40] Fixed firewall log display 20 for local interface. --- config/rootfiles/core/45/filelists/files | 1 + html/cgi-bin/logs.cgi/firewalllog.dat | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index 814baf3e4..8df8185fb 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -7,3 +7,4 @@ srv/web/ipfire/cgi-bin/proxy.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi usr/sbin/updxlrator var/ipfire/outgoing/bin/outgoingfw.pl +srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat \ No newline at end of file diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat index 5979a7679..2c4fb14f0 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -333,7 +333,7 @@ foreach $_ (@log) my $comment = $3; my $packet = $4; - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 eq "27" ){ $iface="";} + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 eq "27" || $1 eq "20"){ $iface="";} $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1; $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1; From b18bad8a194459493ccafefa25698168cda553d3 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 21 Jan 2011 16:11:03 +0100 Subject: [PATCH 14/40] Also fix output of NFS shares in the media status. --- html/cgi-bin/media.cgi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cgi-bin/media.cgi b/html/cgi-bin/media.cgi index 6a89ca867..9456c3c22 100644 --- a/html/cgi-bin/media.cgi +++ b/html/cgi-bin/media.cgi @@ -70,7 +70,7 @@ if ( $querry[0] =~ "sd?" || $querry[0] =~ "hd?" || $querry[0] =~ "xvd??"){ &Header::openbox('100%', 'center', $Lang::tr{'disk usage'}); print "\n"; - open(DF,'/bin/df -B M -x rootfs|'); + open(DF,'/bin/df -P -B M -x rootfs|'); while(){ if ($_ =~ m/^Filesystem/ ){ print < - + "; print "" } diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index cd5bda3e8..0bb42ae31 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2005-2010 IPTifre Team # +# Copyright (C) 2005-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -242,7 +242,7 @@ $selected{'TXPOWER'}{$wlanapsettings{'TXPOWER'}} = "selected='selected'"; $selected{'HW_MODE'}{$wlanapsettings{'HW_MODE'}} = "selected='selected'"; $selected{'MACMODE'}{$wlanapsettings{'MACMODE'}} = "selected='selected'"; -my @channellist_cmd = `iwlist $wlanapsettings{'INTERFACE'} channel`; +my @channellist_cmd = `iwlist $wlanapsettings{'INTERFACE'} channel 2>/dev/null`; # get available channels my @temp; @@ -253,7 +253,7 @@ if ( $channel =~ /\d+/ ){push(@temp,$channel);} } my @channellist = @temp; -my @txpower_cmd = `iwlist $wlanapsettings{'INTERFACE'} txpower`; +my @txpower_cmd = `iwlist $wlanapsettings{'INTERFACE'} txpower 2>/dev/null`; # get available channels my @temp; diff --git a/src/initscripts/init.d/functions b/src/initscripts/init.d/functions index 00cd6fa2a..e2e058d38 100644 --- a/src/initscripts/init.d/functions +++ b/src/initscripts/init.d/functions @@ -27,7 +27,7 @@ KILLDELAY="10" ## Screen Dimensions # Find current screen size if [ -z "${COLUMNS}" ]; then - COLUMNS=$(stty size) + COLUMNS=$(stty size 2>/dev/null) COLUMNS=${COLUMNS##* } fi diff --git a/src/scripts/hddshutdown b/src/scripts/hddshutdown index 28994998b..bb28f830a 100644 --- a/src/scripts/hddshutdown +++ b/src/scripts/hddshutdown @@ -1,13 +1,26 @@ #!/usr/bin/perl +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2011 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### # # IPFire HDD Shutdown state reader # -# This code is distributed under the terms of the GPL -# -# 18.09.2007 Maniacikarus - IPFire.org - maniacikarus@ipfire.org -# 22.09.2007 Arne_F - fitzenreiter.de - arne@fitzenreiter.de - -# begin my @devices = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`; my $diskstats = ""; @@ -20,7 +33,7 @@ if ($debug){print "### Searching for available Disks ###\n";} foreach (@devices){ chomp $_; my @array = split(/\//,$_); - $diskstats = `cat /var/run/hddstats-$array[$#array]`; + $diskstats = `cat /var/run/hddstats-$array[$#array] 2>/dev/null`; chomp $diskstats; $newdiskstats = `iostat -d -t $_ | tail -2 | head -1 | awk '{ print \$5","\$6}'`; chomp $newdiskstats; From 841e825e7ba07fd704c2ccd1601a2a2237576884 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 22 Jan 2011 19:07:34 +0100 Subject: [PATCH 23/40] fcron: disable mails. --- config/cron/crontab | 2 +- config/rootfiles/core/45/update.sh | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/config/cron/crontab b/config/cron/crontab index 7fa37ea8b..5cca1facc 100644 --- a/config/cron/crontab +++ b/config/cron/crontab @@ -3,7 +3,7 @@ # SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin -MAILTO=root +MAILTO= HOME=/ # Do all jobs in this directories diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index d22779172..80201c5c5 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -35,6 +35,10 @@ killall vpn-watch #Extract files extract_files +# Remove disable cron mails... +sed "s|MAILTO=root|MAILTO=|g" < /var/spool/cron/root.orig > /var/tmp/root.tmp +fcrontab /var/tmp/root.tmp + # #Start services echo Starting Proxy From dbd3392c8a15046ab0a5383bea5a63b04e9e9fcb Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 22 Jan 2011 23:47:41 +0100 Subject: [PATCH 24/40] Remove some addon cronjobs from iso. --- config/rootfiles/common/fcron | 18 ++++++++++++------ lfs/fcron | 9 +++++++++ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/config/rootfiles/common/fcron b/config/rootfiles/common/fcron index cf34afc60..b3a1c4960 100644 --- a/config/rootfiles/common/fcron +++ b/config/rootfiles/common/fcron @@ -1,12 +1,18 @@ etc/fcron.allow etc/fcron.conf -etc/fcron.cyclic -etc/fcron.daily +#etc/fcron.cyclic +etc/fcron.cyclic/info.txt +#etc/fcron.daily +etc/fcron.daily/info.txt etc/fcron.deny -etc/fcron.hourly -etc/fcron.minutely -etc/fcron.monthly -etc/fcron.weekly +#etc/fcron.hourly +etc/fcron.hourly/info.txt +#etc/fcron.minutely +etc/fcron.minutely/info.txt +#etc/fcron.monthly +etc/fcron.monthly/info.txt +#etc/fcron.weekly +etc/fcron.weekly/info.txt usr/bin/fcronsighup usr/bin/fcrontab usr/sbin/fcron diff --git a/lfs/fcron b/lfs/fcron index 5cf9cc5e5..38343d407 100644 --- a/lfs/fcron +++ b/lfs/fcron @@ -93,6 +93,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) chmod u-s /usr/bin/fcrontab /usr/bin/fcronsighup mkdir -p /etc/fcron.minutely /etc/fcron.cyclic /etc/fcron.hourly \ /etc/fcron.daily /etc/fcron.weekly /etc/fcron.monthly + + #Create Placeholder files + echo "Place scripts run minutely here ..." > /etc/fcron.minutely/info.txt + echo "Place scripts run cyclic here ..." > /etc/fcron.cyclic/info.txt + echo "Place scripts run hourly here ..." > /etc/fcron.hourly/info.txt + echo "Place scripts run daily here ..." > /etc/fcron.daily/info.txt + echo "Place scripts run weekly here ..." > /etc/fcron.weekly/info.txt + echo "Place scripts run monthly here ..." > /etc/fcron.monthly/info.txt + /usr/bin/fcrontab $(DIR_SRC)/config/cron/crontab @rm -rf $(DIR_APP) @$(POSTBUILD) From 0a478d33513c0c6edae9492f10b96820abe573d9 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 22 Jan 2011 23:48:21 +0100 Subject: [PATCH 25/40] Fix outgoingfw.pl is not executable. --- lfs/configroot | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lfs/configroot b/lfs/configroot index ff1a2062a..43c2d2155 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -139,4 +139,7 @@ $(TARGET) : done chown root:nobody $(CONFIG_ROOT)/dhcpc + # Set outgoingfw.pl executable + chmod 755 $(CONFIG_ROOT)/outgoing/bin/outgoingfw.pl + @$(POSTBUILD) From fc7d153f062440dd637bf4722afb2848ea7ae35c Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 22 Jan 2011 23:48:47 +0100 Subject: [PATCH 26/40] Remove core-updates from pakfire cache. --- config/rootfiles/core/45/update.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 80201c5c5..582bd8213 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -24,6 +24,9 @@ . /opt/pakfire/lib/functions.sh /usr/local/bin/backupctrl exclude >/dev/null 2>&1 +# +# Remove core updates from pakfire cache to save space... +rm -f /var/cache/pakfire core-upgrade-*.ipfire # #Stop services echo Stopping Proxy From bd3c8b59949509e6bc8a77104deb15854ad187bb Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sun, 23 Jan 2011 00:26:21 +0100 Subject: [PATCH 27/40] core45: remove some addon cronjobs if the addons are not installed. --- config/rootfiles/core/45/update.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 582bd8213..69b61e367 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -26,7 +26,7 @@ # # Remove core updates from pakfire cache to save space... -rm -f /var/cache/pakfire core-upgrade-*.ipfire +rm -f /var/cache/pakfire/core-upgrade-*.ipfire # #Stop services echo Stopping Proxy @@ -38,6 +38,12 @@ killall vpn-watch #Extract files extract_files +# +# Remove some addon cronjobs if the addons are not installed +[ ! -e /opt/pakfire/db/installed/meta-cacti ] && rm -f /etc/fcron.cyclic/cacti.cron +[ ! -e /opt/pakfire/db/installed/meta-gnump3d ] && rm -f /etc/fcron.daily/gnump3d-index +[ ! -e /opt/pakfire/db/installed/meta-asterisk ] && rm -f /etc/fcron.minutely/wakeup.sh + # Remove disable cron mails... sed "s|MAILTO=root|MAILTO=|g" < /var/spool/cron/root.orig > /var/tmp/root.tmp fcrontab /var/tmp/root.tmp From aaf12a485ec085c805f153b574059dc0600736c5 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sun, 23 Jan 2011 00:31:04 +0100 Subject: [PATCH 28/40] core45: start vpn-watch only if ipsec is enabled. --- config/rootfiles/core/45/update.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 69b61e367..3229f745e 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -54,8 +54,10 @@ echo Starting Proxy /etc/init.d/squid start 2>/dev/null echo Rewriting Outgoing FW Rules /var/ipfire/outgoing/bin/outgoingfw.pl -echo Starting vpn-watch -/usr/local/bin/vpn-watch & +if [ `grep "ENABLED=on" /var/ipfire/vpn/setting` ]; then + echo Starting vpn-watch + /usr/local/bin/vpn-watch & +fi # #Update Language cache From e7d2f07094a3cd74293a10123184489b1c916c57 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sun, 23 Jan 2011 09:59:37 +0100 Subject: [PATCH 29/40] There are more than 20 and 27 parsings for local interface in the firwall log. --- html/cgi-bin/logs.cgi/firewalllog.dat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat index 2c4fb14f0..c2888c39a 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -333,7 +333,7 @@ foreach $_ (@log) my $comment = $3; my $packet = $4; - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 eq "27" || $1 eq "20"){ $iface="";} + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 $1 =~ /2./ ){ $iface="";} $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1; $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1; From 9011399a1ba2482cb2062e7b4754ea8939e1bd71 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 25 Jan 2011 15:38:44 +0100 Subject: [PATCH 30/40] Updated memtest86+ (4.20). --- lfs/memtest | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/memtest b/lfs/memtest index 5d27047ac..a6179ed36 100644 --- a/lfs/memtest +++ b/lfs/memtest @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 4.10 +VER = 4.20 THISAPP = memtest86+-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 2144f21d4489a04149b1891b8d97e8fc +$(DL_FILE)_MD5 = ef62c2f5be616676c8c62066dedc46b3 install : $(TARGET) From 843f29e9b9ff647ecdcb5d7bc512bb12f630a712 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 25 Jan 2011 22:06:19 +0100 Subject: [PATCH 31/40] Add some checks to vpn-watch and set the restart timer to 60min. --- src/scripts/vpn-watch | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/scripts/vpn-watch b/src/scripts/vpn-watch index 466aaa62d..af646adce 100755 --- a/src/scripts/vpn-watch +++ b/src/scripts/vpn-watch @@ -1,6 +1,6 @@ #!/usr/bin/perl ################################################## -##### VPN-Watch.pl Version 0.6 ##### +##### VPN-Watch.pl Version 0.6a ##### ################################################## # # # VPN-Watch is part of the IPFire Firewall # @@ -31,8 +31,8 @@ while ( $i == 0){ $round++; - # Reset roundcounter after 10 min. To do established check. - if ($round > 9) { $round=0; } + # Reset roundcounter after 60 min. To do established check. + if ($round > 59) { $round=0; } if (open(FILE, "<${General::swroot}/vpn/config")) { @vpnsettings = ; close(FILE); @@ -56,8 +56,9 @@ foreach (@vpnsettings){ if ($remoteip eq ""){next;if ($debug){logger("Unable to resolve $remotehostname.");}} my $ipmatch= `echo "$status" | grep '$remoteip' | grep '$settings[2]'`; my $established= `echo "$status" | grep '$settings[2]' | grep 'erouted;'`; - - if ( $round == 0 && $ipmatch eq '' && $status ne ''){ + my $known= `echo "$status" | grep '$settings[2]'`; + + if ( $ipmatch eq '' && $known ne '' ){ logger("Remote IP for host $remotehostname($remoteip) has changed, restarting ipsec."); system("/usr/local/bin/ipsecctrl S $settings[0]"); $round=0; From caab8fb9e332702bd36f66d91f8342ff260a64e6 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Wed, 26 Jan 2011 00:31:42 +0100 Subject: [PATCH 32/40] Fixed typo for update script. --- config/rootfiles/core/45/update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 3229f745e..b7af7c9c0 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -54,7 +54,7 @@ echo Starting Proxy /etc/init.d/squid start 2>/dev/null echo Rewriting Outgoing FW Rules /var/ipfire/outgoing/bin/outgoingfw.pl -if [ `grep "ENABLED=on" /var/ipfire/vpn/setting` ]; then +if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then echo Starting vpn-watch /usr/local/bin/vpn-watch & fi From 24614d7dfb46bf0ff7fac2f63cfb0d525d82ea95 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Wed, 26 Jan 2011 08:06:26 +0100 Subject: [PATCH 33/40] Fixed a typo in firewalllog.dat. --- html/cgi-bin/logs.cgi/firewalllog.dat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/logs.cgi/firewalllog.dat b/html/cgi-bin/logs.cgi/firewalllog.dat index c2888c39a..466a3cec7 100644 --- a/html/cgi-bin/logs.cgi/firewalllog.dat +++ b/html/cgi-bin/logs.cgi/firewalllog.dat @@ -333,7 +333,7 @@ foreach $_ (@log) my $comment = $3; my $packet = $4; - $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 $1 =~ /2./ ){ $iface="";} + $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";} $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1; $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1; $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1; From 3ae6726a8e15a58a5690ee3a766c68c8d3de67b2 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 26 Jan 2011 17:41:15 +0100 Subject: [PATCH 34/40] Fix ssl-global.conf (settings was ignored). --- config/httpd/ssl-global.conf | 9 --------- 1 file changed, 9 deletions(-) diff --git a/config/httpd/ssl-global.conf b/config/httpd/ssl-global.conf index 458339add..9cf4f8150 100644 --- a/config/httpd/ssl-global.conf +++ b/config/httpd/ssl-global.conf @@ -13,10 +13,6 @@ # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. -# This global SSL configuration is ignored if -# "SSL" is not defined, or if "NOSSL" is defined. - - # @@ -61,9 +57,4 @@ SSLRandomSeed startup builtin SSLRandomSeed connect builtin - SSLLog /var/log/httpd/ssl_engine_log - SSLLogLevel info - - - From 93dc8835c399eba647112e6d85daf545d8181782 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 26 Jan 2011 17:42:09 +0100 Subject: [PATCH 35/40] Fix unattended restore of backupiso cd. --- src/install+setup/install/unattended.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/install+setup/install/unattended.c b/src/install+setup/install/unattended.c index 3e2f3f088..77e1eabbd 100644 --- a/src/install+setup/install/unattended.c +++ b/src/install+setup/install/unattended.c @@ -150,7 +150,7 @@ int unattended_setup(struct keyvalue *unattendedkv) { if (strlen(restore_file) > 0) { fprintf(flog, "unattended: Restoring Backup\n"); snprintf(commandstring, STRING_SIZE, - "cd /harddisk && /bin/tar -xvzp -f /harddisk/var/ipfire/backup/%s", restore_file); + "/usr/sbin/chroot /harddisk /bin/tar -xvzp -f /var/ipfire/backup/%s -C /", restore_file); if (mysystem(commandstring)) { errorbox("unattended: ERROR restoring backup"); } From 5bc7de500f3d69b416205b5c08f4bbf6ac500003 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 26 Jan 2011 17:45:02 +0100 Subject: [PATCH 36/40] Add ssl-global.conf to core45 update. --- config/rootfiles/core/45/filelists/files | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index 03e511f49..d9961955b 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -1,5 +1,6 @@ etc/system-release etc/issue +etc/httpd/conf/ssl-global.conf etc/rc.d/init.d/functions srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/fireinfo.cgi From eefb3b95d8fbdbcec93c9eff338cf41650bdb64c Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 26 Jan 2011 20:28:52 +0100 Subject: [PATCH 37/40] fireinfo: Update to version 2.0.4. --- lfs/fireinfo | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/fireinfo b/lfs/fireinfo index 0c55e007c..6c502e1ff 100644 --- a/lfs/fireinfo +++ b/lfs/fireinfo @@ -24,7 +24,7 @@ include Config -VER = 2.0.3 +VER = 2.0.4 THISAPP = fireinfo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = f9ce8b96350dd5af1e5c095806128cd0 +$(DL_FILE)_MD5 = 7433e108cce180980189339886621539 install : $(TARGET) From bce6a367ded247470b10aa97d1a495cf59795c4d Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 26 Jan 2011 20:39:31 +0100 Subject: [PATCH 38/40] Add changes from b18bad8a194459493ccafefa25698168cda553d3 to core update 45. --- config/rootfiles/core/45/filelists/files | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index d9961955b..0fba2b213 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -6,6 +6,7 @@ srv/web/ipfire/cgi-bin/connections.cgi srv/web/ipfire/cgi-bin/fireinfo.cgi srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/index.cgi +srv/web/ipfire/cgi-bin/media.cgi srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/pppsetup.cgi srv/web/ipfire/cgi-bin/proxy.cgi From f9866a728e33ce8791062f2b449731bec490ab5f Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Wed, 26 Jan 2011 21:06:01 +0100 Subject: [PATCH 39/40] Disabled snort decoder events. --- config/snort/snort.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/snort/snort.conf b/config/snort/snort.conf index bf4640624..fd4e8ea4f 100644 --- a/config/snort/snort.conf +++ b/config/snort/snort.conf @@ -74,7 +74,7 @@ var PREPROC_RULE_PATH /etc/snort/preproc_rules ################################################### # Stop generic decode events: -#config disable_decode_alerts +config disable_decode_alerts # Stop Alerts on experimental TCP options config disable_tcpopt_experimental_alerts @@ -86,7 +86,7 @@ config disable_tcpopt_obsolete_alerts #config disable_tcpopt_ttcp_alerts # Stop Alerts on all other TCPOption type events: -#config disable_tcpopt_alerts +config disable_tcpopt_alerts # Stop Alerts on invalid ip options #config disable_ipopt_alerts From 8885467fc1c5f93066e214b47100bcc3a1edad90 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 26 Jan 2011 22:28:30 +0100 Subject: [PATCH 40/40] Disabled geode_aes kernel modul. --- config/rootfiles/common/linux | 2 +- config/rootfiles/core/45/update.sh | 14 +++++++++++--- config/rootfiles/packages/linux-pae | 2 +- config/rootfiles/packages/linux-xen | 2 +- lfs/linux | 4 ++++ 5 files changed, 18 insertions(+), 6 deletions(-) diff --git a/config/rootfiles/common/linux b/config/rootfiles/common/linux index 7eeea9a40..32f8cb9d8 100644 --- a/config/rootfiles/common/linux +++ b/config/rootfiles/common/linux @@ -280,7 +280,7 @@ lib/modules/KVER-ipfire #lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq_powersave.ko #lib/modules/KVER-ipfire/kernel/drivers/cpufreq/cpufreq_userspace.ko #lib/modules/KVER-ipfire/kernel/drivers/crypto -#lib/modules/KVER-ipfire/kernel/drivers/crypto/geode-aes.ko +#lib/modules/KVER-ipfire/kernel/drivers/crypto/geode-aes.ko.off #lib/modules/KVER-ipfire/kernel/drivers/crypto/hifn_795x.ko #lib/modules/KVER-ipfire/kernel/drivers/crypto/padlock-aes.ko #lib/modules/KVER-ipfire/kernel/drivers/crypto/padlock-sha.ko diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index b7af7c9c0..64be6d3e6 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -63,10 +63,18 @@ fi #Update Language cache #perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" +#Disable geode_aes modul +mv /lib/modules/2.6.32.28-ipfire/kernel/drivers/crypto/geode-aes.ko \ + /lib/modules/2.6.32.28-ipfire/kernel/drivers/crypto/geode-aes.ko.off >/dev/null 2>&1 +mv /lib/modules/2.6.32.28-ipfire-pae/kernel/drivers/crypto/geode-aes.ko \ + /lib/modules/2.6.32.28-ipfire-pae/kernel/drivers/crypto/geode-aes.ko.off >/dev/null 2>&1 +mv /lib/modules/2.6.32.28-ipfire-xen/kernel/drivers/crypto/geode-aes.ko \ + /lib/modules/2.6.32.28-ipfire-xen/kernel/drivers/crypto/geode-aes.ko.off >/dev/null 2>&1 + #Rebuild module dep's -#depmod 2.6.32.28-ipfire -#depmod 2.6.32.28-ipfire-pae -#depmod 2.6.32.28-ipfire-xen +depmod 2.6.32.28-ipfire >/dev/null 2>&1 +depmod 2.6.32.28-ipfire-pae >/dev/null 2>&1 +depmod 2.6.32.28-ipfire-xen >/dev/null 2>&1 # #Finish diff --git a/config/rootfiles/packages/linux-pae b/config/rootfiles/packages/linux-pae index 611996663..c4899a4d2 100644 --- a/config/rootfiles/packages/linux-pae +++ b/config/rootfiles/packages/linux-pae @@ -277,7 +277,7 @@ lib/modules/KVER-ipfire-pae #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq_powersave.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/cpufreq/cpufreq_userspace.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto -#lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/geode-aes.ko +#lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/geode-aes.ko.off #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/hifn_795x.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/padlock-aes.ko #lib/modules/KVER-ipfire-pae/kernel/drivers/crypto/padlock-sha.ko diff --git a/config/rootfiles/packages/linux-xen b/config/rootfiles/packages/linux-xen index fd2bfe6dc..7a3bc21b8 100644 --- a/config/rootfiles/packages/linux-xen +++ b/config/rootfiles/packages/linux-xen @@ -241,7 +241,7 @@ lib/modules/KVER-ipfire-xen #lib/modules/KVER-ipfire-xen/kernel/drivers/connector #lib/modules/KVER-ipfire-xen/kernel/drivers/connector/cn.ko #lib/modules/KVER-ipfire-xen/kernel/drivers/crypto -#lib/modules/KVER-ipfire-xen/kernel/drivers/crypto/geode-aes.ko +#lib/modules/KVER-ipfire-xen/kernel/drivers/crypto/geode-aes.ko.off #lib/modules/KVER-ipfire-xen/kernel/drivers/crypto/hifn_795x.ko #lib/modules/KVER-ipfire-xen/kernel/drivers/crypto/padlock-aes.ko #lib/modules/KVER-ipfire-xen/kernel/drivers/crypto/padlock-sha.ko diff --git a/lfs/linux b/lfs/linux index 1aec51112..26c7b837b 100644 --- a/lfs/linux +++ b/lfs/linux @@ -208,5 +208,9 @@ endif rm -rvf /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/isdn/mISDN rm -rvf /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/isdn/hardware/mISDN + # Disable geode_aes modul + mv /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/crypto/geode-aes.ko \ + /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/crypto/geode-aes.ko.off + @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/netfilter-layer7-* @$(POSTBUILD)
 \n

Inodes

\n"; - open(DF,'/bin/df -i -x rootfs|'); + open(DF,'/bin/df -P -i -x rootfs|'); while(){ if ($_ =~ m/^Filesystem/ ){ print < Date: Fri, 21 Jan 2011 17:52:32 +0100 Subject: [PATCH 15/40] Fixed several bugs in vpn-watch script. The counter was pending between 0 and 1 and not going up to 9. If ipsec whack is returning and empty page we do not need to check if the remoteip has changed because the tunnel is not up. If ipsec is restarted the counter can be reset. All these facts causes that on low powered system the tunnels are intable if you have a lot of them. But we need to check if the convergation timer is okay because with these bugs the tunnels were minutly restarted and with correct handling after 10. --- config/rootfiles/core/45/filelists/files | 3 ++- config/rootfiles/core/45/update.sh | 4 ++++ src/scripts/vpn-watch | 15 ++++++++++----- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index 8df8185fb..4d88e2395 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -7,4 +7,5 @@ srv/web/ipfire/cgi-bin/proxy.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi usr/sbin/updxlrator var/ipfire/outgoing/bin/outgoingfw.pl -srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat \ No newline at end of file +srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat +usr/local/bin/vpn-watch \ No newline at end of file diff --git a/config/rootfiles/core/45/update.sh b/config/rootfiles/core/45/update.sh index 03c6cfbba..d22779172 100644 --- a/config/rootfiles/core/45/update.sh +++ b/config/rootfiles/core/45/update.sh @@ -28,6 +28,8 @@ #Stop services echo Stopping Proxy /etc/init.d/squid stop 2>/dev/null +echo Stopping vpn-watch +killall vpn-watch # #Extract files @@ -39,6 +41,8 @@ echo Starting Proxy /etc/init.d/squid start 2>/dev/null echo Rewriting Outgoing FW Rules /var/ipfire/outgoing/bin/outgoingfw.pl +echo Starting vpn-watch +/usr/local/bin/vpn-watch & # #Update Language cache diff --git a/src/scripts/vpn-watch b/src/scripts/vpn-watch index 0c5f62d59..32a854983 100755 --- a/src/scripts/vpn-watch +++ b/src/scripts/vpn-watch @@ -1,6 +1,6 @@ #!/usr/bin/perl ################################################## -##### VPN-Watch.pl Version 0.5 ##### +##### VPN-Watch.pl Version 0.6 ##### ################################################## # # # VPN-Watch is part of the IPFire Firewall # @@ -32,7 +32,7 @@ while ( $i == 0){ $round++; # Reset roundcounter after 10 min. To do established check. - if ($round > 9) { $round=0 } + if ($round > 9) { $round==0 } if (open(FILE, "<${General::swroot}/vpn/config")) { @vpnsettings = ; close(FILE); @@ -55,17 +55,22 @@ foreach (@vpnsettings){ my $remoteip = `/usr/bin/ping -c 1 $remotehostname 2>/dev/null | head -n1 | awk '{print \$3}' | tr -d '()' | tr -d ':'`;chomp($remoteip); if ($remoteip eq ""){next;if ($debug){logger("Unable to resolve $remotehostname.");}} my $ipmatch= `echo "$status" | grep '$remoteip' | grep '$settings[2]'`; - my $established= `echo "$status" | grep '$settings[2]' | grep 'erouted;'`; + my $established= `echo "$status" | grep '$settings[2]' | grep 'erouted;'`; - if ( $ipmatch eq '' ){ + if ( $ipmatch eq '' && $status ne ''){ logger("Remote IP for host $remotehostname($remoteip) has changed, restarting ipsec."); system("/usr/local/bin/ipsecctrl S $settings[0]"); + $round=0; last; #all connections will reloaded #remove this if ipsecctrl can restart single con again } - if ( ($round = 0) && ($established eq '')) { + + if ($debug){logger("Round=".$round." and established=".$established);} + + if ( ($round == 0) && ($established eq '')) { logger("Connection to $remotehostname($remoteip) not erouted, restarting ipsec."); system("/usr/local/bin/ipsecctrl S $settings[0]"); + $round=0; last; #all connections will reloaded #remove this if ipsecctrl can restart single con again From 9f9298d99459a03e3497f67a8accdf7c29c6a96a Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Fri, 21 Jan 2011 18:01:49 +0100 Subject: [PATCH 16/40] Fixed little typo. --- src/scripts/vpn-watch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/scripts/vpn-watch b/src/scripts/vpn-watch index 32a854983..ee6807cdb 100755 --- a/src/scripts/vpn-watch +++ b/src/scripts/vpn-watch @@ -32,7 +32,7 @@ while ( $i == 0){ $round++; # Reset roundcounter after 10 min. To do established check. - if ($round > 9) { $round==0 } + if ($round > 9) { $round=0; } if (open(FILE, "<${General::swroot}/vpn/config")) { @vpnsettings = ; close(FILE); From aa7970cc87ef9b4dfb8e771b6d80e457ef27658b Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sat, 22 Jan 2011 11:16:39 +0100 Subject: [PATCH 17/40] Fix vpn-watch script not restarting minutly when remote ip has changed. --- src/scripts/vpn-watch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/scripts/vpn-watch b/src/scripts/vpn-watch index ee6807cdb..466aaa62d 100755 --- a/src/scripts/vpn-watch +++ b/src/scripts/vpn-watch @@ -57,7 +57,7 @@ foreach (@vpnsettings){ my $ipmatch= `echo "$status" | grep '$remoteip' | grep '$settings[2]'`; my $established= `echo "$status" | grep '$settings[2]' | grep 'erouted;'`; - if ( $ipmatch eq '' && $status ne ''){ + if ( $round == 0 && $ipmatch eq '' && $status ne ''){ logger("Remote IP for host $remotehostname($remoteip) has changed, restarting ipsec."); system("/usr/local/bin/ipsecctrl S $settings[0]"); $round=0; From 7f8eb58ded528ab6f71dee3fbdfd4cd0b7f529ef Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 22 Jan 2011 12:59:50 +0100 Subject: [PATCH 18/40] core45: fix missing lf in filelist. --- config/rootfiles/core/45/filelists/files | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index 4d88e2395..ae685d538 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -8,4 +8,4 @@ srv/web/ipfire/cgi-bin/vpnmain.cgi usr/sbin/updxlrator var/ipfire/outgoing/bin/outgoingfw.pl srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat -usr/local/bin/vpn-watch \ No newline at end of file +usr/local/bin/vpn-watch From 2eea44c8d4bef120d7d7c8b1d2b8479ea7b8921b Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sat, 22 Jan 2011 15:49:31 +0100 Subject: [PATCH 19/40] Update snort to current stable. This will fix some parsing. If we still face problems we can comment out the decoder warnings in the snort.conf or fix guardian not to handle these. --- config/rootfiles/core/45/exclude | 1 + config/rootfiles/core/45/filelists/snort | 1 + lfs/snort | 4 ++-- 3 files changed, 4 insertions(+), 2 deletions(-) create mode 120000 config/rootfiles/core/45/filelists/snort diff --git a/config/rootfiles/core/45/exclude b/config/rootfiles/core/45/exclude index e69de29bb..2cb97983d 100644 --- a/config/rootfiles/core/45/exclude +++ b/config/rootfiles/core/45/exclude @@ -0,0 +1 @@ +etc/snort/snort.conf \ No newline at end of file diff --git a/config/rootfiles/core/45/filelists/snort b/config/rootfiles/core/45/filelists/snort new file mode 120000 index 000000000..9406ce01c --- /dev/null +++ b/config/rootfiles/core/45/filelists/snort @@ -0,0 +1 @@ +../../../common/snort \ No newline at end of file diff --git a/lfs/snort b/lfs/snort index 47b8b5aad..7b5d41bc2 100644 --- a/lfs/snort +++ b/lfs/snort @@ -24,7 +24,7 @@ include Config -VER = 2.9.0.2 +VER = 2.9.0.3 THISAPP = snort-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 5d4dabe98bccbea166bbc86e2439f22a +$(DL_FILE)_MD5 = 5f0c48b06453696ad32e27b9b3dd6603 install : $(TARGET) From 0a3c4cf02b75d4c717892908cf2d4ce8223b4040 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sat, 22 Jan 2011 15:52:01 +0100 Subject: [PATCH 20/40] Updated squid to current stables. This should fix some bugs. --- config/rootfiles/common/squid | 154 +++++++++++++++++++++++ config/rootfiles/core/45/filelists/squid | 1 + lfs/squid | 8 +- 3 files changed, 159 insertions(+), 4 deletions(-) create mode 120000 config/rootfiles/core/45/filelists/squid diff --git a/config/rootfiles/common/squid b/config/rootfiles/common/squid index 910e12ff7..dd4122fdd 100644 --- a/config/rootfiles/common/squid +++ b/config/rootfiles/common/squid @@ -47,6 +47,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/af/ERR_LIFETIME_EXP #usr/lib/squid/errors/af/ERR_NO_RELAY #usr/lib/squid/errors/af/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/af/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/af/ERR_READ_ERROR #usr/lib/squid/errors/af/ERR_READ_TIMEOUT #usr/lib/squid/errors/af/ERR_SECURE_CONNECT_FAIL @@ -99,6 +100,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/ar/ERR_LIFETIME_EXP #usr/lib/squid/errors/ar/ERR_NO_RELAY #usr/lib/squid/errors/ar/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ar/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ar/ERR_READ_ERROR #usr/lib/squid/errors/ar/ERR_READ_TIMEOUT #usr/lib/squid/errors/ar/ERR_SECURE_CONNECT_FAIL @@ -136,6 +138,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/az/ERR_LIFETIME_EXP #usr/lib/squid/errors/az/ERR_NO_RELAY #usr/lib/squid/errors/az/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/az/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/az/ERR_READ_ERROR #usr/lib/squid/errors/az/ERR_READ_TIMEOUT #usr/lib/squid/errors/az/ERR_SECURE_CONNECT_FAIL @@ -173,6 +176,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/bg/ERR_LIFETIME_EXP #usr/lib/squid/errors/bg/ERR_NO_RELAY #usr/lib/squid/errors/bg/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/bg/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/bg/ERR_READ_ERROR #usr/lib/squid/errors/bg/ERR_READ_TIMEOUT #usr/lib/squid/errors/bg/ERR_SECURE_CONNECT_FAIL @@ -209,6 +213,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/ca/ERR_LIFETIME_EXP #usr/lib/squid/errors/ca/ERR_NO_RELAY #usr/lib/squid/errors/ca/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ca/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ca/ERR_READ_ERROR #usr/lib/squid/errors/ca/ERR_READ_TIMEOUT #usr/lib/squid/errors/ca/ERR_SECURE_CONNECT_FAIL @@ -246,6 +251,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/cs/ERR_LIFETIME_EXP #usr/lib/squid/errors/cs/ERR_NO_RELAY #usr/lib/squid/errors/cs/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/cs/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/cs/ERR_READ_ERROR #usr/lib/squid/errors/cs/ERR_READ_TIMEOUT #usr/lib/squid/errors/cs/ERR_SECURE_CONNECT_FAIL @@ -283,6 +289,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/da/ERR_LIFETIME_EXP #usr/lib/squid/errors/da/ERR_NO_RELAY #usr/lib/squid/errors/da/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/da/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/da/ERR_READ_ERROR #usr/lib/squid/errors/da/ERR_READ_TIMEOUT #usr/lib/squid/errors/da/ERR_SECURE_CONNECT_FAIL @@ -324,6 +331,7 @@ usr/lib/squid/errors/de/ERR_INVALID_URL usr/lib/squid/errors/de/ERR_LIFETIME_EXP usr/lib/squid/errors/de/ERR_NO_RELAY usr/lib/squid/errors/de/ERR_ONLY_IF_CACHED_MISS +usr/lib/squid/errors/de/ERR_PRECONDITION_FAILED usr/lib/squid/errors/de/ERR_READ_ERROR usr/lib/squid/errors/de/ERR_READ_TIMEOUT usr/lib/squid/errors/de/ERR_SECURE_CONNECT_FAIL @@ -361,6 +369,7 @@ usr/lib/squid/errors/de/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/el/ERR_LIFETIME_EXP #usr/lib/squid/errors/el/ERR_NO_RELAY #usr/lib/squid/errors/el/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/el/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/el/ERR_READ_ERROR #usr/lib/squid/errors/el/ERR_READ_TIMEOUT #usr/lib/squid/errors/el/ERR_SECURE_CONNECT_FAIL @@ -412,6 +421,7 @@ usr/lib/squid/errors/en/ERR_INVALID_URL usr/lib/squid/errors/en/ERR_LIFETIME_EXP usr/lib/squid/errors/en/ERR_NO_RELAY usr/lib/squid/errors/en/ERR_ONLY_IF_CACHED_MISS +usr/lib/squid/errors/en/ERR_PRECONDITION_FAILED usr/lib/squid/errors/en/ERR_READ_ERROR usr/lib/squid/errors/en/ERR_READ_TIMEOUT usr/lib/squid/errors/en/ERR_SECURE_CONNECT_FAIL @@ -467,6 +477,7 @@ usr/lib/squid/errors/es/ERR_INVALID_URL usr/lib/squid/errors/es/ERR_LIFETIME_EXP usr/lib/squid/errors/es/ERR_NO_RELAY usr/lib/squid/errors/es/ERR_ONLY_IF_CACHED_MISS +usr/lib/squid/errors/es/ERR_PRECONDITION_FAILED usr/lib/squid/errors/es/ERR_READ_ERROR usr/lib/squid/errors/es/ERR_READ_TIMEOUT usr/lib/squid/errors/es/ERR_SECURE_CONNECT_FAIL @@ -504,6 +515,7 @@ usr/lib/squid/errors/es/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/et/ERR_LIFETIME_EXP #usr/lib/squid/errors/et/ERR_NO_RELAY #usr/lib/squid/errors/et/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/et/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/et/ERR_READ_ERROR #usr/lib/squid/errors/et/ERR_READ_TIMEOUT #usr/lib/squid/errors/et/ERR_SECURE_CONNECT_FAIL @@ -542,6 +554,7 @@ usr/lib/squid/errors/es/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/fa/ERR_LIFETIME_EXP #usr/lib/squid/errors/fa/ERR_NO_RELAY #usr/lib/squid/errors/fa/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/fa/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/fa/ERR_READ_ERROR #usr/lib/squid/errors/fa/ERR_READ_TIMEOUT #usr/lib/squid/errors/fa/ERR_SECURE_CONNECT_FAIL @@ -579,6 +592,7 @@ usr/lib/squid/errors/es/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/fi/ERR_LIFETIME_EXP #usr/lib/squid/errors/fi/ERR_NO_RELAY #usr/lib/squid/errors/fi/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/fi/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/fi/ERR_READ_ERROR #usr/lib/squid/errors/fi/ERR_READ_TIMEOUT #usr/lib/squid/errors/fi/ERR_SECURE_CONNECT_FAIL @@ -621,6 +635,7 @@ usr/lib/squid/errors/fr/ERR_INVALID_URL usr/lib/squid/errors/fr/ERR_LIFETIME_EXP usr/lib/squid/errors/fr/ERR_NO_RELAY usr/lib/squid/errors/fr/ERR_ONLY_IF_CACHED_MISS +usr/lib/squid/errors/fr/ERR_PRECONDITION_FAILED usr/lib/squid/errors/fr/ERR_READ_ERROR usr/lib/squid/errors/fr/ERR_READ_TIMEOUT usr/lib/squid/errors/fr/ERR_SECURE_CONNECT_FAIL @@ -658,6 +673,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/he/ERR_LIFETIME_EXP #usr/lib/squid/errors/he/ERR_NO_RELAY #usr/lib/squid/errors/he/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/he/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/he/ERR_READ_ERROR #usr/lib/squid/errors/he/ERR_READ_TIMEOUT #usr/lib/squid/errors/he/ERR_SECURE_CONNECT_FAIL @@ -695,6 +711,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/hu/ERR_LIFETIME_EXP #usr/lib/squid/errors/hu/ERR_NO_RELAY #usr/lib/squid/errors/hu/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/hu/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/hu/ERR_READ_ERROR #usr/lib/squid/errors/hu/ERR_READ_TIMEOUT #usr/lib/squid/errors/hu/ERR_SECURE_CONNECT_FAIL @@ -708,6 +725,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/hu/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/hy #usr/lib/squid/errors/hy-am +#usr/lib/squid/errors/hy-armn #usr/lib/squid/errors/hy/ERR_ACCESS_DENIED #usr/lib/squid/errors/hy/ERR_CACHE_ACCESS_DENIED #usr/lib/squid/errors/hy/ERR_CACHE_MGR_ACCESS_DENIED @@ -732,6 +750,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/hy/ERR_LIFETIME_EXP #usr/lib/squid/errors/hy/ERR_NO_RELAY #usr/lib/squid/errors/hy/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/hy/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/hy/ERR_READ_ERROR #usr/lib/squid/errors/hy/ERR_READ_TIMEOUT #usr/lib/squid/errors/hy/ERR_SECURE_CONNECT_FAIL @@ -769,6 +788,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/id/ERR_LIFETIME_EXP #usr/lib/squid/errors/id/ERR_NO_RELAY #usr/lib/squid/errors/id/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/id/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/id/ERR_READ_ERROR #usr/lib/squid/errors/id/ERR_READ_TIMEOUT #usr/lib/squid/errors/id/ERR_SECURE_CONNECT_FAIL @@ -807,6 +827,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/it/ERR_LIFETIME_EXP #usr/lib/squid/errors/it/ERR_NO_RELAY #usr/lib/squid/errors/it/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/it/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/it/ERR_READ_ERROR #usr/lib/squid/errors/it/ERR_READ_TIMEOUT #usr/lib/squid/errors/it/ERR_SECURE_CONNECT_FAIL @@ -844,6 +865,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ja/ERR_LIFETIME_EXP #usr/lib/squid/errors/ja/ERR_NO_RELAY #usr/lib/squid/errors/ja/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ja/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ja/ERR_READ_ERROR #usr/lib/squid/errors/ja/ERR_READ_TIMEOUT #usr/lib/squid/errors/ja/ERR_SECURE_CONNECT_FAIL @@ -882,6 +904,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ko/ERR_LIFETIME_EXP #usr/lib/squid/errors/ko/ERR_NO_RELAY #usr/lib/squid/errors/ko/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ko/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ko/ERR_READ_ERROR #usr/lib/squid/errors/ko/ERR_READ_TIMEOUT #usr/lib/squid/errors/ko/ERR_SECURE_CONNECT_FAIL @@ -919,6 +942,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/lt/ERR_LIFETIME_EXP #usr/lib/squid/errors/lt/ERR_NO_RELAY #usr/lib/squid/errors/lt/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/lt/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/lt/ERR_READ_ERROR #usr/lib/squid/errors/lt/ERR_READ_TIMEOUT #usr/lib/squid/errors/lt/ERR_SECURE_CONNECT_FAIL @@ -956,6 +980,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/lv/ERR_LIFETIME_EXP #usr/lib/squid/errors/lv/ERR_NO_RELAY #usr/lib/squid/errors/lv/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/lv/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/lv/ERR_READ_ERROR #usr/lib/squid/errors/lv/ERR_READ_TIMEOUT #usr/lib/squid/errors/lv/ERR_SECURE_CONNECT_FAIL @@ -993,6 +1018,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ms/ERR_LIFETIME_EXP #usr/lib/squid/errors/ms/ERR_NO_RELAY #usr/lib/squid/errors/ms/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ms/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ms/ERR_READ_ERROR #usr/lib/squid/errors/ms/ERR_READ_TIMEOUT #usr/lib/squid/errors/ms/ERR_SECURE_CONNECT_FAIL @@ -1030,6 +1056,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/nl/ERR_LIFETIME_EXP #usr/lib/squid/errors/nl/ERR_NO_RELAY #usr/lib/squid/errors/nl/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/nl/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/nl/ERR_READ_ERROR #usr/lib/squid/errors/nl/ERR_READ_TIMEOUT #usr/lib/squid/errors/nl/ERR_SECURE_CONNECT_FAIL @@ -1041,6 +1068,43 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/nl/ERR_URN_RESOLVE #usr/lib/squid/errors/nl/ERR_WRITE_ERROR #usr/lib/squid/errors/nl/ERR_ZERO_SIZE_OBJECT +#usr/lib/squid/errors/oc +#usr/lib/squid/errors/oc/ERR_ACCESS_DENIED +#usr/lib/squid/errors/oc/ERR_CACHE_ACCESS_DENIED +#usr/lib/squid/errors/oc/ERR_CACHE_MGR_ACCESS_DENIED +#usr/lib/squid/errors/oc/ERR_CANNOT_FORWARD +#usr/lib/squid/errors/oc/ERR_CONNECT_FAIL +#usr/lib/squid/errors/oc/ERR_DIR_LISTING +#usr/lib/squid/errors/oc/ERR_DNS_FAIL +#usr/lib/squid/errors/oc/ERR_ESI +#usr/lib/squid/errors/oc/ERR_FORWARDING_DENIED +#usr/lib/squid/errors/oc/ERR_FTP_DISABLED +#usr/lib/squid/errors/oc/ERR_FTP_FAILURE +#usr/lib/squid/errors/oc/ERR_FTP_FORBIDDEN +#usr/lib/squid/errors/oc/ERR_FTP_NOT_FOUND +#usr/lib/squid/errors/oc/ERR_FTP_PUT_CREATED +#usr/lib/squid/errors/oc/ERR_FTP_PUT_ERROR +#usr/lib/squid/errors/oc/ERR_FTP_PUT_MODIFIED +#usr/lib/squid/errors/oc/ERR_FTP_UNAVAILABLE +#usr/lib/squid/errors/oc/ERR_ICAP_FAILURE +#usr/lib/squid/errors/oc/ERR_INVALID_REQ +#usr/lib/squid/errors/oc/ERR_INVALID_RESP +#usr/lib/squid/errors/oc/ERR_INVALID_URL +#usr/lib/squid/errors/oc/ERR_LIFETIME_EXP +#usr/lib/squid/errors/oc/ERR_NO_RELAY +#usr/lib/squid/errors/oc/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/oc/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/oc/ERR_READ_ERROR +#usr/lib/squid/errors/oc/ERR_READ_TIMEOUT +#usr/lib/squid/errors/oc/ERR_SECURE_CONNECT_FAIL +#usr/lib/squid/errors/oc/ERR_SHUTTING_DOWN +#usr/lib/squid/errors/oc/ERR_SOCKET_FAILURE +#usr/lib/squid/errors/oc/ERR_TOO_BIG +#usr/lib/squid/errors/oc/ERR_UNSUP_HTTPVERSION +#usr/lib/squid/errors/oc/ERR_UNSUP_REQ +#usr/lib/squid/errors/oc/ERR_URN_RESOLVE +#usr/lib/squid/errors/oc/ERR_WRITE_ERROR +#usr/lib/squid/errors/oc/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/pl #usr/lib/squid/errors/pl-pl #usr/lib/squid/errors/pl/ERR_ACCESS_DENIED @@ -1067,6 +1131,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/pl/ERR_LIFETIME_EXP #usr/lib/squid/errors/pl/ERR_NO_RELAY #usr/lib/squid/errors/pl/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/pl/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/pl/ERR_READ_ERROR #usr/lib/squid/errors/pl/ERR_READ_TIMEOUT #usr/lib/squid/errors/pl/ERR_SECURE_CONNECT_FAIL @@ -1104,6 +1169,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/pt-br/ERR_LIFETIME_EXP #usr/lib/squid/errors/pt-br/ERR_NO_RELAY #usr/lib/squid/errors/pt-br/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/pt-br/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/pt-br/ERR_READ_ERROR #usr/lib/squid/errors/pt-br/ERR_READ_TIMEOUT #usr/lib/squid/errors/pt-br/ERR_SECURE_CONNECT_FAIL @@ -1140,6 +1206,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/pt/ERR_LIFETIME_EXP #usr/lib/squid/errors/pt/ERR_NO_RELAY #usr/lib/squid/errors/pt/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/pt/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/pt/ERR_READ_ERROR #usr/lib/squid/errors/pt/ERR_READ_TIMEOUT #usr/lib/squid/errors/pt/ERR_SECURE_CONNECT_FAIL @@ -1178,6 +1245,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ro/ERR_LIFETIME_EXP #usr/lib/squid/errors/ro/ERR_NO_RELAY #usr/lib/squid/errors/ro/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ro/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ro/ERR_READ_ERROR #usr/lib/squid/errors/ro/ERR_READ_TIMEOUT #usr/lib/squid/errors/ro/ERR_SECURE_CONNECT_FAIL @@ -1215,6 +1283,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ru/ERR_LIFETIME_EXP #usr/lib/squid/errors/ru/ERR_NO_RELAY #usr/lib/squid/errors/ru/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/ru/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/ru/ERR_READ_ERROR #usr/lib/squid/errors/ru/ERR_READ_TIMEOUT #usr/lib/squid/errors/ru/ERR_SECURE_CONNECT_FAIL @@ -1252,6 +1321,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/sk/ERR_LIFETIME_EXP #usr/lib/squid/errors/sk/ERR_NO_RELAY #usr/lib/squid/errors/sk/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/sk/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/sk/ERR_READ_ERROR #usr/lib/squid/errors/sk/ERR_READ_TIMEOUT #usr/lib/squid/errors/sk/ERR_SECURE_CONNECT_FAIL @@ -1264,6 +1334,43 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/sk/ERR_WRITE_ERROR #usr/lib/squid/errors/sk/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/sr +#usr/lib/squid/errors/sr-cyrl +#usr/lib/squid/errors/sr-cyrl/ERR_ACCESS_DENIED +#usr/lib/squid/errors/sr-cyrl/ERR_CACHE_ACCESS_DENIED +#usr/lib/squid/errors/sr-cyrl/ERR_CACHE_MGR_ACCESS_DENIED +#usr/lib/squid/errors/sr-cyrl/ERR_CANNOT_FORWARD +#usr/lib/squid/errors/sr-cyrl/ERR_CONNECT_FAIL +#usr/lib/squid/errors/sr-cyrl/ERR_DIR_LISTING +#usr/lib/squid/errors/sr-cyrl/ERR_DNS_FAIL +#usr/lib/squid/errors/sr-cyrl/ERR_ESI +#usr/lib/squid/errors/sr-cyrl/ERR_FORWARDING_DENIED +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_DISABLED +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_FAILURE +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_FORBIDDEN +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_NOT_FOUND +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_PUT_CREATED +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_PUT_ERROR +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_PUT_MODIFIED +#usr/lib/squid/errors/sr-cyrl/ERR_FTP_UNAVAILABLE +#usr/lib/squid/errors/sr-cyrl/ERR_ICAP_FAILURE +#usr/lib/squid/errors/sr-cyrl/ERR_INVALID_REQ +#usr/lib/squid/errors/sr-cyrl/ERR_INVALID_RESP +#usr/lib/squid/errors/sr-cyrl/ERR_INVALID_URL +#usr/lib/squid/errors/sr-cyrl/ERR_LIFETIME_EXP +#usr/lib/squid/errors/sr-cyrl/ERR_NO_RELAY +#usr/lib/squid/errors/sr-cyrl/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/sr-cyrl/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sr-cyrl/ERR_READ_ERROR +#usr/lib/squid/errors/sr-cyrl/ERR_READ_TIMEOUT +#usr/lib/squid/errors/sr-cyrl/ERR_SECURE_CONNECT_FAIL +#usr/lib/squid/errors/sr-cyrl/ERR_SHUTTING_DOWN +#usr/lib/squid/errors/sr-cyrl/ERR_SOCKET_FAILURE +#usr/lib/squid/errors/sr-cyrl/ERR_TOO_BIG +#usr/lib/squid/errors/sr-cyrl/ERR_UNSUP_HTTPVERSION +#usr/lib/squid/errors/sr-cyrl/ERR_UNSUP_REQ +#usr/lib/squid/errors/sr-cyrl/ERR_URN_RESOLVE +#usr/lib/squid/errors/sr-cyrl/ERR_WRITE_ERROR +#usr/lib/squid/errors/sr-cyrl/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/sr-latn #usr/lib/squid/errors/sr-latn-cs #usr/lib/squid/errors/sr-latn/ERR_ACCESS_DENIED @@ -1290,6 +1397,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/sr-latn/ERR_LIFETIME_EXP #usr/lib/squid/errors/sr-latn/ERR_NO_RELAY #usr/lib/squid/errors/sr-latn/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/sr-latn/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/sr-latn/ERR_READ_ERROR #usr/lib/squid/errors/sr-latn/ERR_READ_TIMEOUT #usr/lib/squid/errors/sr-latn/ERR_SECURE_CONNECT_FAIL @@ -1329,6 +1437,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/sv/ERR_LIFETIME_EXP #usr/lib/squid/errors/sv/ERR_NO_RELAY #usr/lib/squid/errors/sv/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/sv/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/sv/ERR_READ_ERROR #usr/lib/squid/errors/sv/ERR_READ_TIMEOUT #usr/lib/squid/errors/sv/ERR_SECURE_CONNECT_FAIL @@ -1365,6 +1474,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/templates/ERR_LIFETIME_EXP #usr/lib/squid/errors/templates/ERR_NO_RELAY #usr/lib/squid/errors/templates/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/templates/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/templates/ERR_READ_ERROR #usr/lib/squid/errors/templates/ERR_READ_TIMEOUT #usr/lib/squid/errors/templates/ERR_SECURE_CONNECT_FAIL @@ -1402,6 +1512,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/th/ERR_LIFETIME_EXP #usr/lib/squid/errors/th/ERR_NO_RELAY #usr/lib/squid/errors/th/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/th/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/th/ERR_READ_ERROR #usr/lib/squid/errors/th/ERR_READ_TIMEOUT #usr/lib/squid/errors/th/ERR_SECURE_CONNECT_FAIL @@ -1439,6 +1550,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/tr/ERR_LIFETIME_EXP #usr/lib/squid/errors/tr/ERR_NO_RELAY #usr/lib/squid/errors/tr/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/tr/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/tr/ERR_READ_ERROR #usr/lib/squid/errors/tr/ERR_READ_TIMEOUT #usr/lib/squid/errors/tr/ERR_SECURE_CONNECT_FAIL @@ -1476,6 +1588,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/uk/ERR_LIFETIME_EXP #usr/lib/squid/errors/uk/ERR_NO_RELAY #usr/lib/squid/errors/uk/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/uk/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/uk/ERR_READ_ERROR #usr/lib/squid/errors/uk/ERR_READ_TIMEOUT #usr/lib/squid/errors/uk/ERR_SECURE_CONNECT_FAIL @@ -1512,6 +1625,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/uz/ERR_LIFETIME_EXP #usr/lib/squid/errors/uz/ERR_NO_RELAY #usr/lib/squid/errors/uz/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/uz/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/uz/ERR_READ_ERROR #usr/lib/squid/errors/uz/ERR_READ_TIMEOUT #usr/lib/squid/errors/uz/ERR_SECURE_CONNECT_FAIL @@ -1523,6 +1637,44 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/uz/ERR_URN_RESOLVE #usr/lib/squid/errors/uz/ERR_WRITE_ERROR #usr/lib/squid/errors/uz/ERR_ZERO_SIZE_OBJECT +#usr/lib/squid/errors/vi +#usr/lib/squid/errors/vi-vn +#usr/lib/squid/errors/vi/ERR_ACCESS_DENIED +#usr/lib/squid/errors/vi/ERR_CACHE_ACCESS_DENIED +#usr/lib/squid/errors/vi/ERR_CACHE_MGR_ACCESS_DENIED +#usr/lib/squid/errors/vi/ERR_CANNOT_FORWARD +#usr/lib/squid/errors/vi/ERR_CONNECT_FAIL +#usr/lib/squid/errors/vi/ERR_DIR_LISTING +#usr/lib/squid/errors/vi/ERR_DNS_FAIL +#usr/lib/squid/errors/vi/ERR_ESI +#usr/lib/squid/errors/vi/ERR_FORWARDING_DENIED +#usr/lib/squid/errors/vi/ERR_FTP_DISABLED +#usr/lib/squid/errors/vi/ERR_FTP_FAILURE +#usr/lib/squid/errors/vi/ERR_FTP_FORBIDDEN +#usr/lib/squid/errors/vi/ERR_FTP_NOT_FOUND +#usr/lib/squid/errors/vi/ERR_FTP_PUT_CREATED +#usr/lib/squid/errors/vi/ERR_FTP_PUT_ERROR +#usr/lib/squid/errors/vi/ERR_FTP_PUT_MODIFIED +#usr/lib/squid/errors/vi/ERR_FTP_UNAVAILABLE +#usr/lib/squid/errors/vi/ERR_ICAP_FAILURE +#usr/lib/squid/errors/vi/ERR_INVALID_REQ +#usr/lib/squid/errors/vi/ERR_INVALID_RESP +#usr/lib/squid/errors/vi/ERR_INVALID_URL +#usr/lib/squid/errors/vi/ERR_LIFETIME_EXP +#usr/lib/squid/errors/vi/ERR_NO_RELAY +#usr/lib/squid/errors/vi/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/vi/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/vi/ERR_READ_ERROR +#usr/lib/squid/errors/vi/ERR_READ_TIMEOUT +#usr/lib/squid/errors/vi/ERR_SECURE_CONNECT_FAIL +#usr/lib/squid/errors/vi/ERR_SHUTTING_DOWN +#usr/lib/squid/errors/vi/ERR_SOCKET_FAILURE +#usr/lib/squid/errors/vi/ERR_TOO_BIG +#usr/lib/squid/errors/vi/ERR_UNSUP_HTTPVERSION +#usr/lib/squid/errors/vi/ERR_UNSUP_REQ +#usr/lib/squid/errors/vi/ERR_URN_RESOLVE +#usr/lib/squid/errors/vi/ERR_WRITE_ERROR +#usr/lib/squid/errors/vi/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/zh-cn #usr/lib/squid/errors/zh-cn/ERR_ACCESS_DENIED #usr/lib/squid/errors/zh-cn/ERR_CACHE_ACCESS_DENIED @@ -1548,6 +1700,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/zh-cn/ERR_LIFETIME_EXP #usr/lib/squid/errors/zh-cn/ERR_NO_RELAY #usr/lib/squid/errors/zh-cn/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/zh-cn/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/zh-cn/ERR_READ_ERROR #usr/lib/squid/errors/zh-cn/ERR_READ_TIMEOUT #usr/lib/squid/errors/zh-cn/ERR_SECURE_CONNECT_FAIL @@ -1587,6 +1740,7 @@ usr/lib/squid/errors/fr/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/zh-tw/ERR_LIFETIME_EXP #usr/lib/squid/errors/zh-tw/ERR_NO_RELAY #usr/lib/squid/errors/zh-tw/ERR_ONLY_IF_CACHED_MISS +#usr/lib/squid/errors/zh-tw/ERR_PRECONDITION_FAILED #usr/lib/squid/errors/zh-tw/ERR_READ_ERROR #usr/lib/squid/errors/zh-tw/ERR_READ_TIMEOUT #usr/lib/squid/errors/zh-tw/ERR_SECURE_CONNECT_FAIL diff --git a/config/rootfiles/core/45/filelists/squid b/config/rootfiles/core/45/filelists/squid new file mode 120000 index 000000000..2dc8372a0 --- /dev/null +++ b/config/rootfiles/core/45/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/lfs/squid b/lfs/squid index 8b907156f..9bb8b50b8 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,10 +24,10 @@ include Config -VER = 3.1.8 +VER = 3.1.10 THISAPP = squid-$(VER) -DL_FILE = $(THISAPP).tar.bz2 +DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = a8160dfba55ab7c400c622b72d39fc13 +$(DL_FILE)_MD5 = 0a233d8966a563a795065ccb654caa4f install : $(TARGET) @@ -69,7 +69,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xzf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls \ --datadir=/usr/lib/squid \ From d89eab6d695b14607512de9896f9ab9e8c825c90 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Sat, 22 Jan 2011 18:00:07 +0100 Subject: [PATCH 21/40] Fixing the weekday parsing at outgoingfw.pl --- config/outgoingfw/outgoingfw.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/config/outgoingfw/outgoingfw.pl b/config/outgoingfw/outgoingfw.pl index 53462db48..1d7dd93aa 100644 --- a/config/outgoingfw/outgoingfw.pl +++ b/config/outgoingfw/outgoingfw.pl @@ -207,6 +207,7 @@ foreach $configentry (sort @configs) } if ($configline[17] && $configline[18]) { + $DAY = ""; if ($configline[10]){$DAY = "Mon,"} if ($configline[11]){$DAY .= "Tue,"} if ($configline[12]){$DAY .= "Wed,"} From 324bb8881f2e21a483d0d8495564be240af33b66 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 22 Jan 2011 18:54:31 +0100 Subject: [PATCH 22/40] remove more bogus logentries. --- config/rootfiles/core/45/filelists/files | 6 ++++++ html/cgi-bin/fireinfo.cgi | 2 +- html/cgi-bin/ids.cgi | 4 ++-- html/cgi-bin/pakfire.cgi | 10 ++------- html/cgi-bin/wlanap.cgi | 6 +++--- src/initscripts/init.d/functions | 2 +- src/scripts/hddshutdown | 27 ++++++++++++++++++------ 7 files changed, 35 insertions(+), 22 deletions(-) diff --git a/config/rootfiles/core/45/filelists/files b/config/rootfiles/core/45/filelists/files index ae685d538..03e511f49 100644 --- a/config/rootfiles/core/45/filelists/files +++ b/config/rootfiles/core/45/filelists/files @@ -1,11 +1,17 @@ etc/system-release etc/issue +etc/rc.d/init.d/functions srv/web/ipfire/cgi-bin/connections.cgi +srv/web/ipfire/cgi-bin/fireinfo.cgi +srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/index.cgi +srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/pppsetup.cgi srv/web/ipfire/cgi-bin/proxy.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi usr/sbin/updxlrator var/ipfire/outgoing/bin/outgoingfw.pl srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat +usr/local/bin/makegraphs +usr/local/bin/hddshutdown usr/local/bin/vpn-watch diff --git a/html/cgi-bin/fireinfo.cgi b/html/cgi-bin/fireinfo.cgi index 1be0ebe33..11c4637d6 100644 --- a/html/cgi-bin/fireinfo.cgi +++ b/html/cgi-bin/fireinfo.cgi @@ -152,7 +152,7 @@ print <
  
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 7567fd06e..734e7dc88 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2005-2010 IPFire Team # +# Copyright (C) 2005-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -97,7 +97,7 @@ if (-e "/etc/snort/snort.conf") { close(FILE); open(FILE, ">/etc/snort/snort.conf") or die 'Unable to write snort config file.'; - my @rules = `cd /etc/snort/rules/ && ls *.rules`; # With this loop the rule might be display with correct rulepath set + my @rules = `cd /etc/snort/rules/ && ls *.rules 2>/dev/null`; # With this loop the rule might be display with correct rulepath set foreach (@rules) { chomp $_; my $temp = join(";",@snortconfig); diff --git a/html/cgi-bin/pakfire.cgi b/html/cgi-bin/pakfire.cgi index da761f085..124f912cf 100644 --- a/html/cgi-bin/pakfire.cgi +++ b/html/cgi-bin/pakfire.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2011 Michael Tremer & Christian Schmidt # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -57,12 +57,6 @@ sub refreshpage{&Header::openbox( 'Waiting', 1, "/dev/null`) { - $reboot = 1; -} - if ($pakfiresettings{'ACTION'} eq 'install'){ $pakfiresettings{'INSPAKS'} =~ s/\|/\ /g; if ("$pakfiresettings{'FORCE'}" eq "on") { @@ -236,7 +230,7 @@ my $packages_update_age = &General::age("/opt/pakfire/db/lists/packages_list.db" print < END -if ($reboot == 1) { +if ( -e "/var/run/need_reboot") { print "
$Lang::tr{'needreboot'}!