webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-18 23:12:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into next

Browse Source 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This commit is contained in:
Arne Fitzenreiter
2024-03-31 13:36:08 +02:00
parent ce30d74893 bb46f3bef8
commit 2d4f4ebfa2
38 changed files with 421 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
config/cfgroot/ids-functions.pl
View File

@@ -30,7 +30,7 @@ require "${General::swroot}/network-functions.pl";
require "${General::swroot}/suricata/ruleset-sources";
# Load perl module to deal with Archives.
use Archive::Tar;
use Archive::Peek::Libarchive;
# Load perl module to deal with files and path.
use File::Basename;
@@ -515,9 +515,6 @@ sub downloadruleset ($) {
sub extractruleset ($) {
my ($provider) = @_;
# Disable chown functionality when uncompressing files.
$Archive::Tar::CHOWN = "0";
# Get full path and downloaded rulesfile for the given provider.
my $tarball = &_get_dl_rulesfile($provider);
@@ -547,13 +544,11 @@ sub extractruleset ($) {
} elsif ( $type eq "archive") {
# Initialize the tar module.
my $tar = Archive::Tar->new($tarball);
my $tar = Archive::Peek::Libarchive->new(filename => $tarball);
# Get the filelist inside the tarball.
my @packed_files = $tar->list_files;
# Loop through the filelist.
foreach my $packed_file (@packed_files) {
# Loop through the archive
$tar->iterate( sub {
my ($packed_file, $content) = @_;
my $destination;
# Splitt the packed file into chunks.
@@ -572,13 +567,13 @@ sub extractruleset ($) {
# Handle rules files.
} elsif ($file =~ m/\.rules$/) {
# Skip rule files which are not located in the rules directory or archive root.
next unless(($packed_file =~ /^rules\//) || ($packed_file =~ /^$provider-rules\//) || ($packed_file !~ /\//));
return unless(($packed_file =~ /^rules\//) || ($packed_file =~ /^$provider-rules\//) || ($packed_file !~ /\//));
# Skip deleted.rules.
#
# Mostly they have been taken out for correctness or performance reasons and therfore
# it is not a great idea to enable any of them.
next if($file =~ m/deleted.rules$/);
return if($file =~ m/deleted.rules$/);
my $rulesfilename;
@@ -615,39 +610,24 @@ sub extractruleset ($) {
$destination = "$tmp_rules_directory/$rulesfilename";
} else {
# Skip all other files.
next;
return;
}
# Check if the destination file exists.
unless(-e "$destination") {
# Extract the file to the temporary directory.
$tar->extract_file("$packed_file", "$destination");
# Open filehandle to write the content to a new file.
open(FILE, ">", "$destination") or die "Could not open $destination. $!\n";
} else {
# Generate temporary file name, located in the temporary rules directory and a suffix of ".tmp".
my $tmp = File::Temp->new( SUFFIX => ".tmp", DIR => "$tmp_rules_directory", UNLINK => 0 );
my $tmpfile = $tmp->filename();
# Extract the file to the new temporary file name.
$tar->extract_file("$packed_file", "$tmpfile");
# Open the the existing file.
open(DESTFILE, ">>", "$destination") or die "Could not open $destination. $!\n";
open(TMPFILE, "<", "$tmpfile") or die "Could not open $tmpfile. $!\n";
# Loop through the content of the temporary file.
while (<TMPFILE>) {
# Append the content line by line to the destination file.
print DESTFILE "$_";
}
# Close the file handles.
close(TMPFILE);
close(DESTFILE);
# Remove the temporary file.
unlink("$tmpfile");
# Open filehandle to append the content to the existing file.
open(FILE, ">>", "$destination") or die "Could not open $destination. $!\n";
}
}
# Write the extracted file content to the filehandle.
print FILE "$content" if ($content);
# Close the file handle.
close(FILE);
});
}
}

8
config/rootfiles/common/perl-Archive-Peek-Libarchive Normal file
View File

@@ -0,0 +1,8 @@
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/Archive
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/Archive/Peek
usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/Archive/Peek/Libarchive.pm
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Archive/Peek
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Archive/Peek/Libarchive
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Archive/Peek/Libarchive/.packlist
usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Archive/Peek/Libarchive/Libarchive.so
#usr/share/man/man3/Archive::Peek::Libarchive.3

6
config/rootfiles/common/perl-Capture-Tiny Normal file
View File

@@ -0,0 +1,6 @@
#usr/lib/perl5/site_perl/5.36.0/Capture
#usr/lib/perl5/site_perl/5.36.0/Capture/Tiny.pm
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Capture
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Capture/Tiny
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Capture/Tiny/.packlist
#usr/share/man/man3/Capture::Tiny.3

6
config/rootfiles/common/perl-Config-AutoConf Normal file
View File

@@ -0,0 +1,6 @@
#usr/lib/perl5/site_perl/5.36.0/Config
#usr/lib/perl5/site_perl/5.36.0/Config/AutoConf.pm
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Config
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Config/AutoConf
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Config/AutoConf/.packlist
#usr/share/man/man3/Config::AutoConf.3

6
config/rootfiles/common/perl-Object-Tiny Normal file
View File

@@ -0,0 +1,6 @@
#usr/lib/perl5/site_perl/5.36.0/Object
usr/lib/perl5/site_perl/5.36.0/Object/Tiny.pm
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Object
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Object/Tiny
#usr/lib/perl5/site_perl/5.36.0/xxxMACHINExxx-linux-thread-multi/auto/Object/Tiny/.packlist
#usr/share/man/man3/Object::Tiny.3

4
config/rootfiles/common/protobuf-c
View File

@@ -8,6 +8,6 @@
#usr/lib/libprotobuf-c.a
#usr/lib/libprotobuf-c.la
#usr/lib/libprotobuf-c.so
#usr/lib/libprotobuf-c.so.1
#usr/lib/libprotobuf-c.so.1.0.0
usr/lib/libprotobuf-c.so.1
usr/lib/libprotobuf-c.so.1.0.0
#usr/lib/pkgconfig/libprotobuf-c.pc

34
config/rootfiles/common/xz
View File

@@ -41,18 +41,17 @@ usr/bin/xzmore
#usr/lib/liblzma.la
#usr/lib/liblzma.so
usr/lib/liblzma.so.5
usr/lib/liblzma.so.5.6.1
usr/lib/liblzma.so.5.4.5
#usr/lib/pkgconfig/liblzma.pc
#usr/share/doc/xz
#usr/share/doc/xz/AUTHORS
#usr/share/doc/xz/COPYING
#usr/share/doc/xz/COPYING.0BSD
#usr/share/doc/xz/COPYING.GPLv2
#usr/share/doc/xz/NEWS
#usr/share/doc/xz/README
#usr/share/doc/xz/THANKS
#usr/share/doc/xz/TODO
#usr/share/doc/xz/api
#usr/share/doc/xz/api/COPYING.CC-BY-SA-4.0
#usr/share/doc/xz/api/annotated.html
#usr/share/doc/xz/api/base_8h.html
#usr/share/doc/xz/api/bc_s.png
@@ -121,15 +120,16 @@ usr/lib/liblzma.so.5.6.1
#usr/share/doc/xz/api/tabs.css
#usr/share/doc/xz/api/version_8h.html
#usr/share/doc/xz/api/vli_8h.html
#usr/share/doc/xz/api/xz-logo.png
#usr/share/doc/xz/examples
#usr/share/doc/xz/examples/00_README.txt
#usr/share/doc/xz/examples/01_compress_easy.c
#usr/share/doc/xz/examples/02_decompress.c
#usr/share/doc/xz/examples/03_compress_custom.c
#usr/share/doc/xz/examples/04_compress_easy_mt.c
#usr/share/doc/xz/examples/11_file_info.c
#usr/share/doc/xz/examples/Makefile
#usr/share/doc/xz/examples_old
#usr/share/doc/xz/examples_old/xz_pipe_comp.c
#usr/share/doc/xz/examples_old/xz_pipe_decomp.c
#usr/share/doc/xz/faq.txt
#usr/share/doc/xz/history.txt
#usr/share/doc/xz/lzma-file-format.txt
@@ -168,7 +168,6 @@ usr/lib/liblzma.so.5.6.1
#usr/share/man/de/man1/lzless.1
#usr/share/man/de/man1/lzma.1
#usr/share/man/de/man1/lzmadec.1
#usr/share/man/de/man1/lzmainfo.1
#usr/share/man/de/man1/lzmore.1
#usr/share/man/de/man1/unlzma.1
#usr/share/man/de/man1/unxz.1
@@ -185,16 +184,21 @@ usr/lib/liblzma.so.5.6.1
#usr/share/man/fr
#usr/share/man/fr/man1
#usr/share/man/fr/man1/lzcat.1
#usr/share/man/fr/man1/lzcmp.1
#usr/share/man/fr/man1/lzdiff.1
#usr/share/man/fr/man1/lzless.1
#usr/share/man/fr/man1/lzma.1
#usr/share/man/fr/man1/lzmadec.1
#usr/share/man/fr/man1/lzmainfo.1
#usr/share/man/fr/man1/lzmore.1
#usr/share/man/fr/man1/unlzma.1
#usr/share/man/fr/man1/unxz.1
#usr/share/man/fr/man1/xz.1
#usr/share/man/fr/man1/xzcat.1
#usr/share/man/fr/man1/xzcmp.1
#usr/share/man/fr/man1/xzdec.1
#usr/share/man/fr/man1/xzdiff.1
#usr/share/man/fr/man1/xzless.1
#usr/share/man/fr/man1/xzmore.1
#usr/share/man/ko
#usr/share/man/ko/man1
#usr/share/man/ko/man1/lzcat.1
@@ -206,7 +210,6 @@ usr/lib/liblzma.so.5.6.1
#usr/share/man/ko/man1/lzless.1
#usr/share/man/ko/man1/lzma.1
#usr/share/man/ko/man1/lzmadec.1
#usr/share/man/ko/man1/lzmainfo.1
#usr/share/man/ko/man1/lzmore.1
#usr/share/man/ko/man1/unlzma.1
#usr/share/man/ko/man1/unxz.1
@@ -246,16 +249,27 @@ usr/lib/liblzma.so.5.6.1
#usr/share/man/pt_BR
#usr/share/man/pt_BR/man1
#usr/share/man/pt_BR/man1/lzcat.1
#usr/share/man/pt_BR/man1/lzcmp.1
#usr/share/man/pt_BR/man1/lzdiff.1
#usr/share/man/pt_BR/man1/lzegrep.1
#usr/share/man/pt_BR/man1/lzfgrep.1
#usr/share/man/pt_BR/man1/lzgrep.1
#usr/share/man/pt_BR/man1/lzless.1
#usr/share/man/pt_BR/man1/lzma.1
#usr/share/man/pt_BR/man1/lzmadec.1
#usr/share/man/pt_BR/man1/lzmainfo.1
#usr/share/man/pt_BR/man1/lzmore.1
#usr/share/man/pt_BR/man1/unlzma.1
#usr/share/man/pt_BR/man1/unxz.1
#usr/share/man/pt_BR/man1/xz.1
#usr/share/man/pt_BR/man1/xzcat.1
#usr/share/man/pt_BR/man1/xzcmp.1
#usr/share/man/pt_BR/man1/xzdec.1
#usr/share/man/pt_BR/man1/xzdiff.1
#usr/share/man/pt_BR/man1/xzegrep.1
#usr/share/man/pt_BR/man1/xzfgrep.1
#usr/share/man/pt_BR/man1/xzgrep.1
#usr/share/man/pt_BR/man1/xzless.1
#usr/share/man/pt_BR/man1/xzmore.1
#usr/share/man/ro
#usr/share/man/ro/man1
#usr/share/man/ro/man1/lzcat.1
@@ -267,7 +281,6 @@ usr/lib/liblzma.so.5.6.1
#usr/share/man/ro/man1/lzless.1
#usr/share/man/ro/man1/lzma.1
#usr/share/man/ro/man1/lzmadec.1
#usr/share/man/ro/man1/lzmainfo.1
#usr/share/man/ro/man1/lzmore.1
#usr/share/man/ro/man1/unlzma.1
#usr/share/man/ro/man1/unxz.1
@@ -292,7 +305,6 @@ usr/lib/liblzma.so.5.6.1
#usr/share/man/uk/man1/lzless.1
#usr/share/man/uk/man1/lzma.1
#usr/share/man/uk/man1/lzmadec.1
#usr/share/man/uk/man1/lzmainfo.1
#usr/share/man/uk/man1/lzmore.1
#usr/share/man/uk/man1/unlzma.1
#usr/share/man/uk/man1/unxz.1

1
config/rootfiles/oldcore/185/filelists/aarch64/boost Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/aarch64/boost

1
config/rootfiles/oldcore/185/filelists/aarch64/grub Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/aarch64/grub

1
config/rootfiles/oldcore/185/filelists/apache2 Symbolic link
View File

@@ -0,0 +1 @@
../../../common/apache2

1
config/rootfiles/oldcore/185/filelists/collectd Symbolic link
View File

@@ -0,0 +1 @@
../../../common/collectd

1
config/rootfiles/oldcore/185/filelists/files
View File

@@ -50,6 +50,7 @@ srv/web/ipfire/cgi-bin/ids.cgi
srv/web/ipfire/cgi-bin/index.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/time.cgi
usr/lib/python3.10/lib-dynload/_lzma.cpython-310-xxxMACHINExxx-linux-gnu.so
usr/local/bin/update-ids-ruleset
var/ipfire/backup/bin/backup.pl
var/ipfire/ids-functions.pl

1
config/rootfiles/oldcore/185/filelists/kmod Symbolic link
View File

@@ -0,0 +1 @@
../../../common/kmod

1
config/rootfiles/oldcore/185/filelists/libarchive Symbolic link
View File

@@ -0,0 +1 @@
../../../common/libarchive

1
config/rootfiles/oldcore/185/filelists/libtiff Symbolic link
View File

@@ -0,0 +1 @@
../../../common/libtiff

1
config/rootfiles/oldcore/185/filelists/libxml2 Symbolic link
View File

@@ -0,0 +1 @@
../../../common/libxml2

1
config/rootfiles/oldcore/185/filelists/perl-Archive-Peek-Libarchive Symbolic link
View File

@@ -0,0 +1 @@
../../../common/perl-Archive-Peek-Libarchive

1
config/rootfiles/oldcore/185/filelists/perl-Capture-Tiny Symbolic link
View File

@@ -0,0 +1 @@
../../../common/perl-Capture-Tiny

1
config/rootfiles/oldcore/185/filelists/perl-Config-AutoConf Symbolic link
View File

@@ -0,0 +1 @@
../../../common/perl-Config-AutoConf

1
config/rootfiles/oldcore/185/filelists/perl-Object-Tiny Symbolic link
View File

@@ -0,0 +1 @@
../../../common/perl-Object-Tiny

1
config/rootfiles/oldcore/185/filelists/riscv64/boost Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/riscv64/boost

1
config/rootfiles/oldcore/185/filelists/riscv64/grub Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/riscv64/grub

1
config/rootfiles/oldcore/185/filelists/x86_64/boost Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/x86_64/boost

1
config/rootfiles/oldcore/185/filelists/x86_64/grub Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/x86_64/grub

6
config/rootfiles/oldcore/185/update.sh
View File

@@ -67,7 +67,8 @@ rm -rvf \
/var/ipfire/geoip-functions.pl \
/var/ipfire/dhcpc/dhcpcd-hooks/00-linux \
/var/ipfire/dhcpc/dhcpcd-hooks/02-dump \
/var/lib/location/tmp*
/var/lib/location/tmp* \
/usr/lib/liblzma.so.5.6.*
# update linker config
ldconfig
@@ -88,12 +89,15 @@ chmod -v 640 /etc/sudoers.d/*
# Start services
telinit u
/etc/init.d/sshd restart
/etc/init.d/apache restart
/etc/init.d/suricata restart
/etc/init.d/unbound restart
/etc/init.d/ntp start
if [ -f /var/ipfire/proxy/enable ]; then
/etc/init.d/squid start
fi
/etc/init.d/collectd restart
## Modify ovpnconfig according to bug 13548 for no-pass entry for N2N client connections
# Check if ovpnconfig exists and is not empty
if [ -s /var/ipfire/ovpn/ovpnconfig ]; then