webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-11 01:38:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next

Browse Source
This commit is contained in:
Arne Fitzenreiter
2014-03-18 00:22:24 +01:00
parent e583643a25 da7a2208d3
commit 607c9d3ae0
42 changed files with 784 additions and 589 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
config/cfgroot/general-functions.pl
View File

@@ -507,23 +507,45 @@ sub validipandmask
sub checksubnets
{
my %ccdconfhash=();
my %ovpnconfhash=();
my %vpnconf=();
my %ipsecconf=();
my %ownnet=();
my %ovpnconf=();
my @ccdconf=();
my $ccdname=$_[0];
my $ccdnet=$_[1];
my $ownnet=$_[2];
my $errormessage;
my ($ip,$cidr)=split(/\//,$ccdnet);
$cidr=&iporsubtocidr($cidr);
#get OVPN-Subnet (dynamic range)
my %ovpnconf=();
&readhash("${General::swroot}/ovpn/settings", \%ovpnconf);
my ($ovpnip,$ovpncidr)= split (/\//,$ovpnconf{'DOVPN_SUBNET'});
$ovpncidr=&iporsubtocidr($ovpncidr);
#check if we try to use same network as ovpn server
if ("$ip/$cidr" eq "$ovpnip/$ovpncidr") {
$errormessage=$errormessage.$Lang::tr{'ccd err isovpnnet'}."<br>";
return $errormessage;
}
#check if we use a network-name/subnet that already exists
#check if we try to use same network as another ovpn N2N
if($ownnet ne 'ovpn'){
&readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ovpnconfhash);
foreach my $key (keys %ovpnconfhash) {
if ($ovpnconfhash{$key}[3] eq 'net'){
my @ovpnnet=split (/\//,$ovpnconfhash{$key}[11]);
if (&IpInSubnet($ip,$ovpnnet[0],&iporsubtodec($ovpnnet[1]))){
$errormessage=$errormessage.$Lang::tr{'ccd err isovpnn2n'}." $ovpnconfhash{$key}[1] <br>";
return $errormessage;
}
}
}
}
#check if we use a network-name/subnet (static-ovpn) that already exists
&readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash);
foreach my $key (keys %ccdconfhash) {
@ccdconf=split(/\//,$ccdconfhash{$key}[1]);
@@ -535,12 +557,13 @@ sub checksubnets
my ($newip,$newsub) = split(/\//,$ccdnet);
if (&IpInSubnet($newip,$ccdconf[0],&iporsubtodec($ccdconf[1])))
{
$errormessage=$errormessage.$Lang::tr{'ccd err issubnet'}."<br>";
$errormessage=$errormessage.$Lang::tr{'ccd err issubnet'}." $ccdconfhash{$key}[0]<br>";
return $errormessage;
}
}
#check if we use a ipsec right network which is already defined
my %ipsecconf=();
if($ownnet ne 'ipsec'){
&General::readhasharray("${General::swroot}/vpn/config", \%ipsecconf);
foreach my $key (keys %ipsecconf){
if ($ipsecconf{$key}[11] ne ''){
@@ -554,13 +577,25 @@ sub checksubnets
}
}
}
}
#check if we use the ipsec RW Network (if defined)
&readhash("${General::swroot}/vpn/settings", \%vpnconf);
if ($vpnconf{'RW_NET'} ne ''){
my ($ipsecrwnet,$ipsecrwsub)=split (/\//, $vpnconf{'RW_NET'});
if (&IpInSubnet($ip,$ipsecrwnet,&iporsubtodec($ipsecrwsub)))
{
$errormessage=$errormessage.$Lang::tr{'ccd err isipsecrw'}."<br>";
return $errormessage;
}
}
#check if we use one of ipfire's networks (green,orange,blue)
my %ownnet=();
&readhash("${General::swroot}/ethernet/settings", \%ownnet);
if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ownnet{'GREEN_NETADDRESS'},$ip,&iporsubtodec($cidr))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ownnet{'ORANGE_NETADDRESS'},$ip,&iporsubtodec($cidr))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ownnet{'BLUE_NETADDRESS'},$ip,&iporsubtodec($cidr))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ownnet{'RED_NETADDRESS'},$ip,&iporsubtodec($cidr))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'GREEN_NETADDRESS'},&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'ORANGE_NETADDRESS'},&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'BLUE_NETADDRESS'},&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
}

4
config/cfgroot/graphs.pl
View File

@@ -92,8 +92,8 @@ sub makegraphbox {
print "<a href='".$_[0]."?".$_[1]."?month' target='".$_[1]."box'><b>".$Lang::tr{'month'}."</b></a>";
print " - ";
print "<a href='".$_[0]."?".$_[1]."?year' target='".$_[1]."box'><b>".$Lang::tr{'year'}."</b></a>";
print "<iframe src='".$_[0]."?".$_[1]."?".$_[2]."' width='".$width."' height='".$height."' scrolling='no' frameborder='no' marginheight='0' name='".$_[1]."box'></iframe>";
print "</center>";
print "<iframe src='".$_[0]."?".$_[1]."?".$_[2]."' width='".$width."' height='".$height."' scrolling='no' frameborder='no' marginheight='0' name='".$_[1]."box'></iframe>";
}
# Generate the CPU Graph for the current period of time for values given by
@@ -1140,7 +1140,6 @@ sub updateentropygraph {
"-t $Lang::tr{'entropy'}",
"-v $Lang::tr{'bit'}",
"DEF:entropy=$mainsettings{'RRDLOG'}/collectd/localhost/entropy/entropy.rrd:entropy:AVERAGE",
"CDEF:entropytrend=entropy,43200,TREND",
"LINE3:entropy#ff0000:" . sprintf("%-15s", $Lang::tr{'entropy'}),
"VDEF:entrmin=entropy,MINIMUM",
"VDEF:entrmax=entropy,MAXIMUM",
@@ -1148,7 +1147,6 @@ sub updateentropygraph {
"GPRINT:entrmax:" . sprintf("%12s\\: %%5.0lf", $Lang::tr{'maximum'}),
"GPRINT:entrmin:" . sprintf("%12s\\: %%5.0lf", $Lang::tr{'minimum'}),
"GPRINT:entravg:" . sprintf("%12s\\: %%5.0lf", $Lang::tr{'average'}) . "\\n",
"LINE3:entropytrend#000000",
);
RRDs::graph (@command);

3
config/cron/crontab
View File

@@ -50,9 +50,6 @@ HOME=/
%weekly * 3-5 /var/ipfire/updatexlrator/autocheck/cron.weekly
%monthly * 3-5 * /var/ipfire/updatexlrator/autocheck/cron.monthly
# Reset Dialup Statistics
&bootrun 0 0 1 * * /usr/local/bin/dialctrl.pl reset
# fireinfo
%nightly,random * 23-4 /usr/bin/sendprofile >/dev/null 2>&1

9
config/firewall/firewall-policy
View File

@@ -52,10 +52,19 @@ case "${CONFIG_TYPE}" in
;;
esac
HAVE_IPSEC="true"
HAVE_OPENVPN="true"
# INPUT
# IPsec INPUT
case "${HAVE_IPSEC},${POLICY}" in
true,MODE1) ;;
true,*)
iptables -A POLICYIN -m policy --pol ipsec --dir in -j ACCEPT
;;
esac
# OpenVPN INPUT
# Allow direct access to the internal IP addresses of the firewall
# from remote subnets if forward policy is allowed.

95
config/firewall/rules.pl
View File

@@ -39,6 +39,7 @@ my $CHAIN_NAT_SOURCE = "NAT_SOURCE";
my $CHAIN_NAT_DESTINATION = "NAT_DESTINATION";
my $CHAIN_MANGLE_NAT_DESTINATION_FIX = "NAT_DESTINATION";
my @VALID_CHAINS = ($CHAIN_INPUT, $CHAIN_FORWARD, $CHAIN_OUTPUT);
my @ANY_ADDRESSES = ("0.0.0.0/0.0.0.0", "0.0.0.0/0", "0/0");
my @PROTOCOLS = ("tcp", "udp", "icmp", "igmp", "ah", "esp", "gre", "ipv6", "ipip");
my @PROTOCOLS_WITH_PORTS = ("tcp", "udp");
@@ -255,6 +256,16 @@ sub buildrules {
# Skip invalid rules.
next if (!$source || !$destination || ($destination eq "none"));
# Sanitize source.
if ($source ~~ @ANY_ADDRESSES) {
$source = "";
}
# Sanitize destination.
if ($destination ~~ @ANY_ADDRESSES) {
$destination = "";
}
# Array with iptables arguments.
my @options = ();
@@ -268,19 +279,27 @@ sub buildrules {
my @source_options = ();
if ($source =~ /mac/) {
push(@source_options, $source);
} else {
} elsif ($source) {
push(@source_options, ("-s", $source));
}
# Prepare destination options.
my @destination_options = ("-d", $destination);
my @destination_options = ();
if ($destination) {
push(@destination_options, ("-d", $destination));
}
# Add time constraint options.
push(@options, @time_options);
my $firewall_is_in_source_subnet = 0;
if ($source) {
$firewall_is_in_source_subnet = &firewall_is_in_subnet($source);
}
# Process NAT rules.
if ($NAT) {
my $nat_address = &get_nat_address($$hash{$key}[29]);
my $nat_address = &get_nat_address($$hash{$key}[29], $source);
# Skip NAT rules if the NAT address is unknown
# (i.e. no internet connection has been established, yet).
@@ -289,7 +308,10 @@ sub buildrules {
# Destination NAT
if ($NAT_MODE eq "DNAT") {
# Make port-forwardings useable from the internal networks.
my @internal_addresses = &get_internal_firewall_ip_addresses(1);
unless ($nat_address ~~ @internal_addresses) {
&add_dnat_mangle_rules($nat_address, @options);
}
my @nat_options = @options;
push(@nat_options, @source_options);
@@ -326,6 +348,14 @@ sub buildrules {
}
push(@options, @source_options);
if ($firewall_is_in_source_subnet && ($fwdfwsettings{"POLICY"} eq "MODE1") && ($chain eq $CHAIN_FORWARD)) {
if ($LOG && !$NAT) {
run("$IPTABLES -A $CHAIN_INPUT @options @log_limit_options -j LOG --log-prefix '$CHAIN_INPUT '");
}
run("$IPTABLES -A $CHAIN_INPUT @options -j $target");
}
push(@options, @destination_options);
# Insert firewall rule.
@@ -367,12 +397,21 @@ sub get_alias {
sub get_nat_address {
my $zone = shift;
my $source = shift;
# Any static address of any zone.
if ($zone eq "RED" || $zone eq "GREEN" || $zone eq "ORANGE" || $zone eq "BLUE") {
return $defaultNetworks{$zone . "_ADDRESS"};
} elsif ($zone eq "Default IP") {
if ($source) {
my $firewall_ip = &get_internal_firewall_ip_address($source, 1);
if ($firewall_ip) {
return $firewall_ip;
}
}
return &get_external_address();
} else {
@@ -781,3 +820,53 @@ sub make_log_limit_options {
return @options;
}
sub get_internal_firewall_ip_addresses {
my $use_orange = shift;
my @zones = ("GREEN", "BLUE");
if ($use_orange) {
push(@zones, "ORANGE");
}
my @addresses = ();
for my $zone (@zones) {
next unless (exists $defaultNetworks{$zone . "_ADDRESS"});
my $zone_address = $defaultNetworks{$zone . "_ADDRESS"};
push(@addresses, $zone_address);
}
return @addresses;
}
sub get_internal_firewall_ip_address {
my $subnet = shift;
my $use_orange = shift;
my ($net_address, $net_mask) = split("/", $subnet);
if (!$net_mask) {
return;
}
my @addresses = &get_internal_firewall_ip_addresses($use_orange);
foreach my $zone_address (@addresses) {
if (&General::IpInSubnet($zone_address, $net_address, $net_mask)) {
return $zone_address;
}
}
}
sub firewall_is_in_subnet {
my $subnet = shift;
# ORANGE is missing here, because nothing may ever access
# the firewall from this network.
my $address = &get_internal_firewall_ip_address($subnet, 0);
if ($address) {
return 1;
}
return 0;
}

6
config/menu/20-status.menu
View File

@@ -46,6 +46,12 @@
'title' => "$Lang::tr{'hardware graphs'}",
'enabled' => 1,
};
$substatus->{'61.entropy'} = {
'caption' => "$Lang::tr{'entropy'}",
'uri' => '/cgi-bin/entropy.cgi',
'title' => "$Lang::tr{'entropy graphs'}",
'enabled' => 1,
};
$substatus->{'71.connections'} = {
'caption' => $Lang::tr{'connections'},
'uri' => '/cgi-bin/connections.cgi',

2
config/rootfiles/common/armv5tel/initscripts
View File

@@ -74,7 +74,6 @@ etc/rc.d/init.d/networking/red.down/10-ipsec
etc/rc.d/init.d/networking/red.down/10-miniupnpd
etc/rc.d/init.d/networking/red.down/10-ovpn
etc/rc.d/init.d/networking/red.down/20-RL-firewall
etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
#etc/rc.d/init.d/networking/red.up
etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
@@ -89,7 +88,6 @@ etc/rc.d/init.d/networking/red.up/40-ipac
etc/rc.d/init.d/networking/red.up/50-ipsec
etc/rc.d/init.d/networking/red.up/50-ovpn
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl
etc/rc.d/init.d/networking/red.up/99-fireinfo
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe

2
config/rootfiles/common/i586/initscripts
View File

@@ -76,7 +76,6 @@ etc/rc.d/init.d/networking/red.down/10-ipsec
etc/rc.d/init.d/networking/red.down/10-miniupnpd
etc/rc.d/init.d/networking/red.down/10-ovpn
etc/rc.d/init.d/networking/red.down/20-RL-firewall
etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
#etc/rc.d/init.d/networking/red.up
etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
@@ -91,7 +90,6 @@ etc/rc.d/init.d/networking/red.up/40-ipac
etc/rc.d/init.d/networking/red.up/50-ipsec
etc/rc.d/init.d/networking/red.up/50-ovpn
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl
etc/rc.d/init.d/networking/red.up/99-fireinfo
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe

1
config/rootfiles/common/stage2
View File

@@ -81,7 +81,6 @@ usr/local/bin/backupiso
usr/local/bin/connscheduler
usr/local/bin/consort.sh
usr/local/bin/convert-ovpn
usr/local/bin/dialctrl.pl
usr/local/bin/hddshutdown
usr/local/bin/httpscert
usr/local/bin/makegraphs

79
config/rootfiles/common/sudo
View File

@@ -1,10 +1,77 @@
etc/sudoers
etc/sudoers.d
usr/bin/sudo
usr/bin/sudoedit
usr/lib/sudo_noexec.la
usr/lib/sudo_noexec.so
#usr/man/man5/sudoers.5
#usr/man/man8/sudo.8
#usr/man/man8/sudoedit.8
#usr/man/man8/visudo.8
usr/bin/sudoreplay
#usr/include/sudo_plugin.h
usr/lib/sudo
usr/lib/sudo/group_file.so
usr/lib/sudo/sudo_noexec.so
usr/lib/sudo/sudoers.so
usr/lib/sudo/system_group.so
usr/sbin/visudo
#usr/share/doc/sudo
#usr/share/doc/sudo/CONTRIBUTORS
#usr/share/doc/sudo/ChangeLog
#usr/share/doc/sudo/HISTORY
#usr/share/doc/sudo/LICENSE
#usr/share/doc/sudo/NEWS
#usr/share/doc/sudo/README
#usr/share/doc/sudo/TROUBLESHOOTING
#usr/share/doc/sudo/UPGRADE
#usr/share/doc/sudo/sample.pam
#usr/share/doc/sudo/sample.sudo.conf
#usr/share/doc/sudo/sample.sudoers
#usr/share/doc/sudo/sample.syslog.conf
#usr/share/locale/ca/LC_MESSAGES/sudo.mo
#usr/share/locale/cs/LC_MESSAGES/sudo.mo
#usr/share/locale/cs/LC_MESSAGES/sudoers.mo
#usr/share/locale/da/LC_MESSAGES/sudo.mo
#usr/share/locale/da/LC_MESSAGES/sudoers.mo
#usr/share/locale/de/LC_MESSAGES/sudo.mo
#usr/share/locale/de/LC_MESSAGES/sudoers.mo
#usr/share/locale/eo/LC_MESSAGES/sudo.mo
#usr/share/locale/eo/LC_MESSAGES/sudoers.mo
#usr/share/locale/es/LC_MESSAGES/sudo.mo
#usr/share/locale/eu/LC_MESSAGES/sudo.mo
#usr/share/locale/eu/LC_MESSAGES/sudoers.mo
#usr/share/locale/fi/LC_MESSAGES/sudo.mo
#usr/share/locale/fi/LC_MESSAGES/sudoers.mo
#usr/share/locale/fr/LC_MESSAGES/sudo.mo
#usr/share/locale/gl/LC_MESSAGES/sudo.mo
#usr/share/locale/hr/LC_MESSAGES/sudo.mo
#usr/share/locale/hr/LC_MESSAGES/sudoers.mo
#usr/share/locale/it/LC_MESSAGES/sudo.mo
#usr/share/locale/it/LC_MESSAGES/sudoers.mo
#usr/share/locale/ja/LC_MESSAGES/sudo.mo
#usr/share/locale/ja/LC_MESSAGES/sudoers.mo
#usr/share/locale/lt/LC_MESSAGES/sudoers.mo
#usr/share/locale/nl/LC_MESSAGES/sudo.mo
#usr/share/locale/nl/LC_MESSAGES/sudoers.mo
#usr/share/locale/pl/LC_MESSAGES/sudo.mo
#usr/share/locale/pl/LC_MESSAGES/sudoers.mo
#usr/share/locale/pt_BR/LC_MESSAGES/sudo.mo
#usr/share/locale/pt_BR/LC_MESSAGES/sudoers.mo
#usr/share/locale/ru/LC_MESSAGES/sudo.mo
#usr/share/locale/sl/LC_MESSAGES/sudo.mo
#usr/share/locale/sl/LC_MESSAGES/sudoers.mo
#usr/share/locale/sr/LC_MESSAGES/sudo.mo
#usr/share/locale/sr/LC_MESSAGES/sudoers.mo
#usr/share/locale/sv/LC_MESSAGES/sudo.mo
#usr/share/locale/sv/LC_MESSAGES/sudoers.mo
#usr/share/locale/tr/LC_MESSAGES/sudo.mo
#usr/share/locale/tr/LC_MESSAGES/sudoers.mo
#usr/share/locale/uk/LC_MESSAGES/sudo.mo
#usr/share/locale/uk/LC_MESSAGES/sudoers.mo
#usr/share/locale/vi/LC_MESSAGES/sudo.mo
#usr/share/locale/vi/LC_MESSAGES/sudoers.mo
#usr/share/locale/zh_CN/LC_MESSAGES/sudo.mo
#usr/share/locale/zh_CN/LC_MESSAGES/sudoers.mo
#usr/share/man/man5/sudo.conf.5
#usr/share/man/man5/sudoers.5
#usr/share/man/man8/sudo.8
#usr/share/man/man8/sudo_plugin.8
#usr/share/man/man8/sudoedit.8
#usr/share/man/man8/sudoreplay.8
#usr/share/man/man8/visudo.8
var/lib/sudo

32
config/rootfiles/common/tzdata
View File

@@ -281,6 +281,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/Asia/Kashgar
#usr/share/zoneinfo/Asia/Kathmandu
#usr/share/zoneinfo/Asia/Katmandu
+usr/share/zoneinfo/Asia/Khandyga
#usr/share/zoneinfo/Asia/Kolkata
#usr/share/zoneinfo/Asia/Krasnoyarsk
#usr/share/zoneinfo/Asia/Kuala_Lumpur
@@ -304,9 +305,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/Asia/Qyzylorda
#usr/share/zoneinfo/Asia/Rangoon
#usr/share/zoneinfo/Asia/Riyadh
#usr/share/zoneinfo/Asia/Riyadh87
#usr/share/zoneinfo/Asia/Riyadh88
#usr/share/zoneinfo/Asia/Riyadh89
#usr/share/zoneinfo/Asia/Saigon
#usr/share/zoneinfo/Asia/Sakhalin
#usr/share/zoneinfo/Asia/Samarkand
@@ -325,6 +323,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/Asia/Ulaanbaatar
#usr/share/zoneinfo/Asia/Ulan_Bator
#usr/share/zoneinfo/Asia/Urumqi
+usr/share/zoneinfo/Asia/Ust-Nera
#usr/share/zoneinfo/Asia/Vientiane
#usr/share/zoneinfo/Asia/Vladivostok
#usr/share/zoneinfo/Asia/Yakutsk
@@ -440,6 +439,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/Europe/Brussels
#usr/share/zoneinfo/Europe/Bucharest
#usr/share/zoneinfo/Europe/Budapest
+usr/share/zoneinfo/Europe/Busingen
#usr/share/zoneinfo/Europe/Chisinau
#usr/share/zoneinfo/Europe/Copenhagen
#usr/share/zoneinfo/Europe/Dublin
@@ -524,10 +524,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/Mexico/BajaNorte
#usr/share/zoneinfo/Mexico/BajaSur
#usr/share/zoneinfo/Mexico/General
#usr/share/zoneinfo/Mideast
#usr/share/zoneinfo/Mideast/Riyadh87
#usr/share/zoneinfo/Mideast/Riyadh88
#usr/share/zoneinfo/Mideast/Riyadh89
#usr/share/zoneinfo/NZ
#usr/share/zoneinfo/NZ-CHAT
#usr/share/zoneinfo/Navajo
@@ -886,6 +882,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/posix/Asia/Kashgar
#usr/share/zoneinfo/posix/Asia/Kathmandu
#usr/share/zoneinfo/posix/Asia/Katmandu
+usr/share/zoneinfo/posix/Asia/Khandyga
#usr/share/zoneinfo/posix/Asia/Kolkata
#usr/share/zoneinfo/posix/Asia/Krasnoyarsk
#usr/share/zoneinfo/posix/Asia/Kuala_Lumpur
@@ -909,9 +906,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/posix/Asia/Qyzylorda
#usr/share/zoneinfo/posix/Asia/Rangoon
#usr/share/zoneinfo/posix/Asia/Riyadh
#usr/share/zoneinfo/posix/Asia/Riyadh87
#usr/share/zoneinfo/posix/Asia/Riyadh88
#usr/share/zoneinfo/posix/Asia/Riyadh89
#usr/share/zoneinfo/posix/Asia/Saigon
#usr/share/zoneinfo/posix/Asia/Sakhalin
#usr/share/zoneinfo/posix/Asia/Samarkand
@@ -930,6 +924,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/posix/Asia/Ulaanbaatar
#usr/share/zoneinfo/posix/Asia/Ulan_Bator
#usr/share/zoneinfo/posix/Asia/Urumqi
+usr/share/zoneinfo/posix/Asia/Ust-Nera
#usr/share/zoneinfo/posix/Asia/Vientiane
#usr/share/zoneinfo/posix/Asia/Vladivostok
#usr/share/zoneinfo/posix/Asia/Yakutsk
@@ -1045,6 +1040,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/posix/Europe/Brussels
#usr/share/zoneinfo/posix/Europe/Bucharest
#usr/share/zoneinfo/posix/Europe/Budapest
+usr/share/zoneinfo/posix/Europe/Busingen
#usr/share/zoneinfo/posix/Europe/Chisinau
#usr/share/zoneinfo/posix/Europe/Copenhagen
#usr/share/zoneinfo/posix/Europe/Dublin
@@ -1093,7 +1089,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/posix/Europe/Zagreb
#usr/share/zoneinfo/posix/Europe/Zaporozhye
#usr/share/zoneinfo/posix/Europe/Zurich
#usr/share/zoneinfo/posix/Factory
#usr/share/zoneinfo/posix/GB
#usr/share/zoneinfo/posix/GB-Eire
#usr/share/zoneinfo/posix/GMT
@@ -1129,10 +1124,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/posix/Mexico/BajaNorte
#usr/share/zoneinfo/posix/Mexico/BajaSur
#usr/share/zoneinfo/posix/Mexico/General
#usr/share/zoneinfo/posix/Mideast
#usr/share/zoneinfo/posix/Mideast/Riyadh87
#usr/share/zoneinfo/posix/Mideast/Riyadh88
#usr/share/zoneinfo/posix/Mideast/Riyadh89
#usr/share/zoneinfo/posix/NZ
#usr/share/zoneinfo/posix/NZ-CHAT
#usr/share/zoneinfo/posix/Navajo
@@ -1491,6 +1482,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/right/Asia/Kashgar
#usr/share/zoneinfo/right/Asia/Kathmandu
#usr/share/zoneinfo/right/Asia/Katmandu
+usr/share/zoneinfo/right/Asia/Khandyga
#usr/share/zoneinfo/right/Asia/Kolkata
#usr/share/zoneinfo/right/Asia/Krasnoyarsk
#usr/share/zoneinfo/right/Asia/Kuala_Lumpur
@@ -1514,9 +1506,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/right/Asia/Qyzylorda
#usr/share/zoneinfo/right/Asia/Rangoon
#usr/share/zoneinfo/right/Asia/Riyadh
#usr/share/zoneinfo/right/Asia/Riyadh87
#usr/share/zoneinfo/right/Asia/Riyadh88
#usr/share/zoneinfo/right/Asia/Riyadh89
#usr/share/zoneinfo/right/Asia/Saigon
#usr/share/zoneinfo/right/Asia/Sakhalin
#usr/share/zoneinfo/right/Asia/Samarkand
@@ -1535,6 +1524,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/right/Asia/Ulaanbaatar
#usr/share/zoneinfo/right/Asia/Ulan_Bator
#usr/share/zoneinfo/right/Asia/Urumqi
+usr/share/zoneinfo/right/Asia/Ust-Nera
#usr/share/zoneinfo/right/Asia/Vientiane
#usr/share/zoneinfo/right/Asia/Vladivostok
#usr/share/zoneinfo/right/Asia/Yakutsk
@@ -1650,6 +1640,7 @@ usr/share/zoneinfo
#usr/share/zoneinfo/right/Europe/Brussels
#usr/share/zoneinfo/right/Europe/Bucharest
#usr/share/zoneinfo/right/Europe/Budapest
+usr/share/zoneinfo/right/Europe/Busingen
#usr/share/zoneinfo/right/Europe/Chisinau
#usr/share/zoneinfo/right/Europe/Copenhagen
#usr/share/zoneinfo/right/Europe/Dublin
@@ -1698,7 +1689,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/right/Europe/Zagreb
#usr/share/zoneinfo/right/Europe/Zaporozhye
#usr/share/zoneinfo/right/Europe/Zurich
#usr/share/zoneinfo/right/Factory
#usr/share/zoneinfo/right/GB
#usr/share/zoneinfo/right/GB-Eire
#usr/share/zoneinfo/right/GMT
@@ -1734,10 +1724,6 @@ usr/share/zoneinfo
#usr/share/zoneinfo/right/Mexico/BajaNorte
#usr/share/zoneinfo/right/Mexico/BajaSur
#usr/share/zoneinfo/right/Mexico/General
#usr/share/zoneinfo/right/Mideast
#usr/share/zoneinfo/right/Mideast/Riyadh87
#usr/share/zoneinfo/right/Mideast/Riyadh88
#usr/share/zoneinfo/right/Mideast/Riyadh89
#usr/share/zoneinfo/right/NZ
#usr/share/zoneinfo/right/NZ-CHAT
#usr/share/zoneinfo/right/Navajo

1
config/rootfiles/core/76/exclude
View File

@@ -9,6 +9,7 @@ etc/shadow
etc/ssh/ssh_config
etc/ssh/sshd_config
etc/ssl/openssl.cnf
etc/sudoers
etc/sysconfig/firewall.local
etc/sysconfig/rc.local
etc/udev/rules.d/30-persistent-network.rules

1
config/rootfiles/core/76/filelists/beep Symbolic link
View File

@@ -0,0 +1 @@
../../../common/beep

9
config/rootfiles/core/76/update.sh
View File

@@ -110,6 +110,9 @@ add_to_backup var/ipfire/{dmzholes,portfw,outgoing,xtaccess}
add_to_backup etc/inittab
add_to_backup etc/fstab
add_to_backup usr/share/usb_modeswitch
add_to_backup etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
add_to_backup etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl
add_to_backup usr/local/bin/dialctrl.pl
# Backup the files
tar cJvf /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz \
@@ -141,6 +144,12 @@ rm -rf /lib/modules
# Remove old usb_modeswitch_data
rm -rf /usr/share/usb_modeswitch
# Remove dialctrl.pl script
rm -f \
/etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl \
/etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl \
/usr/local/bin/dialctrl.pl
#
# Remove old udev rules.
#

2
doc/language_issues.de
View File

@@ -206,6 +206,8 @@ WARNING: translation string unused: from warn email bad
WARNING: translation string unused: fwdfw MODE1
WARNING: translation string unused: fwdfw MODE2
WARNING: translation string unused: fwdfw addrule
WARNING: translation string unused: fwdfw err nosrcip
WARNING: translation string unused: fwdfw err notgtip
WARNING: translation string unused: fwdfw err prot_port1
WARNING: translation string unused: fwdfw final_rule
WARNING: translation string unused: fwdfw from

2
doc/language_issues.en
View File

@@ -228,6 +228,8 @@ WARNING: translation string unused: from warn email bad
WARNING: translation string unused: fwdfw MODE1
WARNING: translation string unused: fwdfw MODE2
WARNING: translation string unused: fwdfw addrule
WARNING: translation string unused: fwdfw err nosrcip
WARNING: translation string unused: fwdfw err notgtip
WARNING: translation string unused: fwdfw err prot_port1
WARNING: translation string unused: fwdfw final_rule
WARNING: translation string unused: fwdfw from

12
doc/language_issues.es
View File

@@ -593,6 +593,8 @@ WARNING: untranslated string: ccd err invalidname
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
@@ -627,6 +629,7 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
@@ -637,6 +640,7 @@ WARNING: untranslated string: drop outgoing
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fireinfo ipfire version
WARNING: untranslated string: fireinfo is disabled
WARNING: untranslated string: fireinfo is enabled
@@ -679,9 +683,7 @@ WARNING: untranslated string: fwdfw dnat porterr
WARNING: untranslated string: fwdfw dnat porterr2
WARNING: untranslated string: fwdfw edit
WARNING: untranslated string: fwdfw err nosrc
WARNING: untranslated string: fwdfw err nosrcip
WARNING: untranslated string: fwdfw err notgt
WARNING: untranslated string: fwdfw err notgtip
WARNING: untranslated string: fwdfw err prot_port
WARNING: untranslated string: fwdfw err remark
WARNING: untranslated string: fwdfw err ruleexists
@@ -727,6 +729,7 @@ WARNING: untranslated string: fwdfw use nat
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
@@ -801,6 +804,7 @@ WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
@@ -814,6 +818,7 @@ WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
@@ -860,6 +865,8 @@ WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: system has hwrng
WARNING: untranslated string: system has rdrand
WARNING: untranslated string: system information
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
@@ -909,6 +916,7 @@ WARNING: untranslated string: tor traffic limit hard
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: visit us at

12
doc/language_issues.fr
View File

@@ -603,6 +603,8 @@ WARNING: untranslated string: ccd err invalidname
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
@@ -638,6 +640,7 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
@@ -648,6 +651,7 @@ WARNING: untranslated string: drop outgoing
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fireinfo ipfire version
WARNING: untranslated string: fireinfo is disabled
WARNING: untranslated string: fireinfo is enabled
@@ -690,9 +694,7 @@ WARNING: untranslated string: fwdfw dnat porterr
WARNING: untranslated string: fwdfw dnat porterr2
WARNING: untranslated string: fwdfw edit
WARNING: untranslated string: fwdfw err nosrc
WARNING: untranslated string: fwdfw err nosrcip
WARNING: untranslated string: fwdfw err notgt
WARNING: untranslated string: fwdfw err notgtip
WARNING: untranslated string: fwdfw err prot_port
WARNING: untranslated string: fwdfw err remark
WARNING: untranslated string: fwdfw err ruleexists
@@ -738,6 +740,7 @@ WARNING: untranslated string: fwdfw use nat
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
@@ -812,6 +815,7 @@ WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
@@ -825,6 +829,7 @@ WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: notice
WARNING: untranslated string: ntp common settings
WARNING: untranslated string: ntp sync
@@ -868,6 +873,8 @@ WARNING: untranslated string: snort working
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: system has hwrng
WARNING: untranslated string: system has rdrand
WARNING: untranslated string: system information
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
@@ -917,6 +924,7 @@ WARNING: untranslated string: tor traffic limit hard
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
WARNING: untranslated string: upload new ruleset
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter file ext block

12
doc/language_issues.nl
View File

@@ -591,6 +591,8 @@ WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd iroute2
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
@@ -603,6 +605,7 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
@@ -612,6 +615,7 @@ WARNING: untranslated string: drop forward
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: entropy graphs
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
WARNING: untranslated string: fw default drop
@@ -637,9 +641,7 @@ WARNING: untranslated string: fwdfw dnat porterr
WARNING: untranslated string: fwdfw dnat porterr2
WARNING: untranslated string: fwdfw edit
WARNING: untranslated string: fwdfw err nosrc
WARNING: untranslated string: fwdfw err nosrcip
WARNING: untranslated string: fwdfw err notgt
WARNING: untranslated string: fwdfw err notgtip
WARNING: untranslated string: fwdfw err prot_port
WARNING: untranslated string: fwdfw err remark
WARNING: untranslated string: fwdfw err ruleexists
@@ -685,6 +687,7 @@ WARNING: untranslated string: fwdfw use nat
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
@@ -759,6 +762,7 @@ WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
@@ -771,6 +775,7 @@ WARNING: untranslated string: mac filter
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn network
WARNING: untranslated string: ovpn mgmt in root range
@@ -787,6 +792,8 @@ WARNING: untranslated string: routing table
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: support donation
WARNING: untranslated string: system has hwrng
WARNING: untranslated string: system has rdrand
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor accounting bytes
@@ -835,6 +842,7 @@ WARNING: untranslated string: tor traffic limit hard
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: wlan client

12
doc/language_issues.pl
View File

@@ -593,6 +593,8 @@ WARNING: untranslated string: ccd err invalidname
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
@@ -627,6 +629,7 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
@@ -637,6 +640,7 @@ WARNING: untranslated string: drop outgoing
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fireinfo ipfire version
WARNING: untranslated string: fireinfo is disabled
WARNING: untranslated string: fireinfo is enabled
@@ -679,9 +683,7 @@ WARNING: untranslated string: fwdfw dnat porterr
WARNING: untranslated string: fwdfw dnat porterr2
WARNING: untranslated string: fwdfw edit
WARNING: untranslated string: fwdfw err nosrc
WARNING: untranslated string: fwdfw err nosrcip
WARNING: untranslated string: fwdfw err notgt
WARNING: untranslated string: fwdfw err notgtip
WARNING: untranslated string: fwdfw err prot_port
WARNING: untranslated string: fwdfw err remark
WARNING: untranslated string: fwdfw err ruleexists
@@ -727,6 +729,7 @@ WARNING: untranslated string: fwdfw use nat
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
@@ -801,6 +804,7 @@ WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
@@ -814,6 +818,7 @@ WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
@@ -860,6 +865,8 @@ WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: system has hwrng
WARNING: untranslated string: system has rdrand
WARNING: untranslated string: system information
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
@@ -909,6 +916,7 @@ WARNING: untranslated string: tor traffic limit hard
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: visit us at

12
doc/language_issues.ru
View File

@@ -596,6 +596,8 @@ WARNING: untranslated string: ccd err invalidname
WARNING: untranslated string: ccd err invalidnet
WARNING: untranslated string: ccd err irouteexist
WARNING: untranslated string: ccd err isipsecnet
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: ccd err isovpnnet
WARNING: untranslated string: ccd err issubnet
WARNING: untranslated string: ccd err name
@@ -632,6 +634,7 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
@@ -642,6 +645,7 @@ WARNING: untranslated string: drop outgoing
WARNING: untranslated string: emerging rules
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: entropy graphs
WARNING: untranslated string: extrahd because there is already a device mounted
WARNING: untranslated string: extrahd cant umount
WARNING: untranslated string: extrahd install or load driver
@@ -674,9 +678,7 @@ WARNING: untranslated string: fwdfw dnat porterr
WARNING: untranslated string: fwdfw dnat porterr2
WARNING: untranslated string: fwdfw edit
WARNING: untranslated string: fwdfw err nosrc
WARNING: untranslated string: fwdfw err nosrcip
WARNING: untranslated string: fwdfw err notgt
WARNING: untranslated string: fwdfw err notgtip
WARNING: untranslated string: fwdfw err prot_port
WARNING: untranslated string: fwdfw err remark
WARNING: untranslated string: fwdfw err ruleexists
@@ -722,6 +724,7 @@ WARNING: untranslated string: fwdfw use nat
WARNING: untranslated string: fwdfw use srcport
WARNING: untranslated string: fwdfw use srv
WARNING: untranslated string: fwdfw useless rule
WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwdfw wd_fri
WARNING: untranslated string: fwdfw wd_mon
WARNING: untranslated string: fwdfw wd_sat
@@ -796,6 +799,7 @@ WARNING: untranslated string: fwhost type
WARNING: untranslated string: fwhost used
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
WARNING: untranslated string: incoming traffic in bytes per second
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
@@ -810,6 +814,7 @@ WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: most preferred
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn default
WARNING: untranslated string: openvpn destination port used
@@ -850,6 +855,8 @@ WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: static routes
WARNING: untranslated string: support donation
WARNING: untranslated string: system has hwrng
WARNING: untranslated string: system has rdrand
WARNING: untranslated string: tor
WARNING: untranslated string: tor accounting
WARNING: untranslated string: tor accounting bytes
@@ -898,6 +905,7 @@ WARNING: untranslated string: tor traffic limit hard
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
WARNING: untranslated string: uplink
WARNING: untranslated string: uptime load average
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: visit us at

62
doc/language_issues.tr
View File

@@ -214,6 +214,7 @@ WARNING: translation string unused: firewall log viewer
WARNING: translation string unused: firmware
WARNING: translation string unused: firmware upload
WARNING: translation string unused: force update
WARNING: translation string unused: forward firewall
WARNING: translation string unused: forwarding rule added
WARNING: translation string unused: forwarding rule removed
WARNING: translation string unused: forwarding rule updated
@@ -228,6 +229,8 @@ WARNING: translation string unused: from warn email bad
WARNING: translation string unused: fwdfw MODE1
WARNING: translation string unused: fwdfw MODE2
WARNING: translation string unused: fwdfw addrule
WARNING: translation string unused: fwdfw err nosrcip
WARNING: translation string unused: fwdfw err notgtip
WARNING: translation string unused: fwdfw err prot_port1
WARNING: translation string unused: fwdfw final_rule
WARNING: translation string unused: fwdfw from
@@ -241,7 +244,6 @@ WARNING: translation string unused: fwdfw std network
WARNING: translation string unused: fwdfw till
WARNING: translation string unused: fwdfw time
WARNING: translation string unused: fwdfw xt access
WARNING: translation string unused: fwhost addrule
WARNING: translation string unused: fwhost attention
WARNING: translation string unused: fwhost blue
WARNING: translation string unused: fwhost changeremark
@@ -301,6 +303,7 @@ WARNING: translation string unused: invalid upstream proxy username or password
WARNING: translation string unused: invert
WARNING: translation string unused: ip address in use
WARNING: translation string unused: ipfire side
WARNING: translation string unused: ipsec no connections
WARNING: translation string unused: iptable rules
WARNING: translation string unused: isdn
WARNING: translation string unused: isdn settings
@@ -631,60 +634,19 @@ WARNING: translation string unused: xtaccess bad transfert
WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: addons
WARNING: untranslated string: advproxy errmsg proxy ports equal
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: bit
WARNING: untranslated string: bytes
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: default ip
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
WARNING: untranslated string: drop action1
WARNING: untranslated string: drop action2
WARNING: untranslated string: drop forward
WARNING: untranslated string: ccd err isipsecrw
WARNING: untranslated string: ccd err isovpnn2n
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: encryption
WARNING: untranslated string: entropy
WARNING: untranslated string: firewall rules
WARNING: untranslated string: first
WARNING: untranslated string: fwdfw dnat extport
WARNING: untranslated string: fwdfw dnat nochoice
WARNING: untranslated string: fwdfw dnat porterr2
WARNING: untranslated string: fwdfw hint mac
WARNING: untranslated string: entropy graphs
WARNING: untranslated string: fwdfw warn1
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: grouptype
WARNING: untranslated string: integrity
WARNING: untranslated string: invalid input for dpd delay
WARNING: untranslated string: invalid input for dpd timeout
WARNING: untranslated string: ipsec
WARNING: untranslated string: ipsec network
WARNING: untranslated string: hardware support
WARNING: untranslated string: last
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: most preferred
WARNING: untranslated string: notice
WARNING: untranslated string: openvpn network
WARNING: untranslated string: ovpn mgmt in root range
WARNING: untranslated string: ovpn no connections
WARNING: untranslated string: ovpn port in root range
WARNING: untranslated string: p2p block
WARNING: untranslated string: p2p block save notice
WARNING: untranslated string: red1
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: snat new source ip address
WARNING: untranslated string: ssh
WARNING: untranslated string: support donation
WARNING: untranslated string: tor directory port
WARNING: untranslated string: tor errmsg invalid directory port
WARNING: untranslated string: urlfilter redirect template
WARNING: untranslated string: wlan clients
WARNING: untranslated string: system has hwrng
WARNING: untranslated string: system has rdrand

40
doc/language_missings
View File

@@ -39,6 +39,8 @@
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
< ccd err isipsecrw
< ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
@@ -75,6 +77,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
< downlink
< dpd delay
< dpd timeout
< drop action
@@ -84,6 +87,7 @@
< drop outgoing
< encryption
< entropy
< entropy graphs
< fireinfo ipfire version
< fireinfo is disabled
< fireinfo is enabled
@@ -185,6 +189,7 @@
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
< fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
@@ -278,6 +283,7 @@
< fw settings remark
< fw settings ruletable
< grouptype
< hardware support
< integrity
< invalid input for dpd delay
< invalid input for dpd timeout
@@ -292,6 +298,7 @@
< minimum
< minute
< most preferred
< no hardware random number generator
< notice
< ntp common settings
< ntp sync
@@ -333,6 +340,8 @@
< ssh
< static routes
< support donation
< system has hwrng
< system has rdrand
< system information
< tor
< tor 0 = disabled
@@ -389,6 +398,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< upload new ruleset
< uptime
< uptime load average
@@ -483,6 +493,8 @@
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
< ccd err isipsecrw
< ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
@@ -518,6 +530,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
< downlink
< dpd delay
< dpd timeout
< drop action
@@ -527,6 +540,7 @@
< drop outgoing
< encryption
< entropy
< entropy graphs
< fireinfo ipfire version
< fireinfo is disabled
< fireinfo is enabled
@@ -628,6 +642,7 @@
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
< fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
@@ -721,6 +736,7 @@
< fw settings remark
< fw settings ruletable
< grouptype
< hardware support
< integrity
< invalid input for dpd delay
< invalid input for dpd timeout
@@ -735,6 +751,7 @@
< minimum
< minute
< most preferred
< no hardware random number generator
< notice
< openvpn default
< openvpn destination port used
@@ -792,6 +809,8 @@
< ssh
< static routes
< support donation
< system has hwrng
< system has rdrand
< system information
< tor
< tor 0 = disabled
@@ -848,6 +867,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< uptime
< uptime load average
< urlfilter redirect template
@@ -918,6 +938,8 @@
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
< ccd err isipsecrw
< ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
@@ -953,6 +975,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
< downlink
< dpd delay
< dpd timeout
< drop action
@@ -962,6 +985,7 @@
< drop outgoing
< encryption
< entropy
< entropy graphs
< extrahd because there is already a device mounted
< extrahd cant umount
< extrahd install or load driver
@@ -1055,6 +1079,7 @@
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
< fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
@@ -1148,6 +1173,7 @@
< fw settings remark
< fw settings ruletable
< grouptype
< hardware support
< integrity
< invalid input for dpd delay
< invalid input for dpd timeout
@@ -1162,6 +1188,7 @@
< minimum
< minute
< most preferred
< no hardware random number generator
< notice
< openvpn default
< openvpn destination port used
@@ -1204,6 +1231,8 @@
< ssh
< static routes
< support donation
< system has hwrng
< system has rdrand
< tor
< tor 0 = disabled
< tor accounting
@@ -1259,6 +1288,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< uptime
< uptime load average
< urlfilter redirect template
@@ -1330,6 +1360,8 @@
< ccd err iroute
< ccd err irouteexist
< ccd err isipsecnet
< ccd err isipsecrw
< ccd err isovpnn2n
< ccd err isovpnnet
< ccd err issubnet
< ccd err name
@@ -1367,6 +1399,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
< downlink
< dpd delay
< dpd timeout
< drop action
@@ -1377,6 +1410,7 @@
< Edit an existing route
< encryption
< entropy
< entropy graphs
< extrahd because there is already a device mounted
< extrahd cant umount
< extrahd install or load driver
@@ -1471,6 +1505,7 @@
< fwdfw use nat
< fwdfw use srcport
< fwdfw use srv
< fwdfw warn1
< fwdfw wd_fri
< fwdfw wd_mon
< fwdfw wd_sat
@@ -1564,6 +1599,7 @@
< fw settings remark
< fw settings ruletable
< grouptype
< hardware support
< hour-graph
< incoming traffic in bytes per second
< integrity
@@ -1581,6 +1617,7 @@
< minute
< month-graph
< most preferred
< no hardware random number generator
< notice
< openvpn default
< openvpn destination port used
@@ -1620,6 +1657,8 @@
< ssh
< static routes
< support donation
< system has hwrng
< system has rdrand
< tor
< tor 0 = disabled
< tor accounting
@@ -1675,6 +1714,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< uptime
< uptime load average
< urlfilter redirect template

36
html/cgi-bin/entropy.cgi
View File

@@ -48,6 +48,42 @@ if ( $querry[0] ne~ "") {
&Graphs::makegraphbox("entropy.cgi", "day", '', 350);
&Header::closebox();
# Check for hardware support.
my $message;
my $message_colour = $Header::colourred;
if (&has_hwrng()) {
$message = $Lang::tr{'system has hwrng'};
$message_colour = $Header::colourgreen;
} elsif (&has_rdrand()) {
$message = $Lang::tr{'system has rdrand'};
$message_colour = $Header::colourgreen;
} else {
$message = $Lang::tr{'no hardware random number generator'};
}
&Header::openbox('100%', 'center', $Lang::tr{'hardware support'});
print <<EOF;
<p style="color: $message_colour; text-align: center;">$message</p>
EOF
&Header::closebox();
&Header::closebigbox();
&Header::closepage();
}
sub has_hwrng() {
return (-c "/dev/hwrng");
}
sub has_rdrand() {
open(FILE, "/proc/cpuinfo") or return 0;
my @cpuinfo = <FILE>;
close(FILE);
my @result = grep(/rdrand/, @cpuinfo);
if (@result) {
return 1;
}
return 0;
}

20
html/cgi-bin/firewall.cgi
View File

@@ -2375,26 +2375,18 @@ END
if($$hash{$key}[3] eq 'ipsec_net_src'){
if(&fwlib::get_ipsec_net_ip($host,11) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[3] eq 'ovpn_net_src'){
if(&fwlib::get_ovpn_net_ip($host,1) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[3] eq 'ovpn_n2n_src'){
if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[3] eq 'ovpn_host_src'){
if(&fwlib::get_ovpn_host_ip($host,33) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}
}
@@ -2402,26 +2394,18 @@ END
if($$hash{$key}[5] eq 'ipsec_net_tgt'){
if(&fwlib::get_ipsec_net_ip($host,11) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_net_tgt'){
if(&fwlib::get_ovpn_net_ip($host,1) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_n2n_tgt'){
if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_host_tgt'){
if(&fwlib::get_ovpn_host_ip($host,33) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}
}
@@ -2429,15 +2413,11 @@ END
foreach my $netgroup (sort keys %customgrp){
if(($$hash{$key}[4] eq $customgrp{$netgroup}[0] || $$hash{$key}[6] eq $customgrp{$netgroup}[0]) && $customgrp{$netgroup}[2] eq 'none'){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}
foreach my $srvgroup (sort keys %customservicegrp){
if($$hash{$key}[15] eq $customservicegrp{$srvgroup}[0] && $customservicegrp{$srvgroup}[2] eq 'none'){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}
$$hash{'ACTIVE'}=$$hash{$key}[2];

83
html/cgi-bin/fwhosts.cgi
View File

@@ -21,7 +21,8 @@
use strict;
# enable only the following on debugging purpose
use warnings;
#use warnings;
use Sort::Naturally;
use CGI::Carp 'fatalsToBrowser';
no warnings 'uninitialized';
@@ -1235,7 +1236,7 @@ END
<tr><form method='post' style='display:inline'>
<td>$Lang::tr{'remark'}:</td>
<td colspan='2' style='width:98%;'><input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'></td>
<td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
<td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
</tr>
</table></form>
<br><br>
@@ -1255,7 +1256,7 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='DEFAULT_SRC_ADR' style='min-width:16em;'>
<select name='DEFAULT_SRC_ADR' style='width:16em;'>
END
foreach my $network (sort keys %defaultNetworks)
{
@@ -1284,7 +1285,7 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='CUST_SRC_NET' style='min-width:16em;'>";
<select name='CUST_SRC_NET' style='width:16em;'>";
END
foreach my $key (sort { ncmp($customnetwork{$a}[0],$customnetwork{$b}[0]) } keys %customnetwork) {
print"<option>$customnetwork{$key}[0]</option>";
@@ -1301,7 +1302,7 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='CUST_SRC_HOST' style='min-width:16em;'>";
<select name='CUST_SRC_HOST' style='width:16em;'>";
END
foreach my $key (sort { ncmp($customhost{$a}[0],$customhost{$b}[0]) } keys %customhost) {
print"<option>$customhost{$key}[0]</option>";
@@ -1321,7 +1322,7 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='OVPN_CCD_NET' style='min-width:16em;'>";
<select name='OVPN_CCD_NET' style='width:16em;'>";
END
foreach my $key (sort { ncmp($ccdnet{$a}[0],$ccdnet{$b}[0]) } keys %ccdnet)
{
@@ -1330,9 +1331,16 @@ END
print"</select></td></tr>";
}
#OVPN clients
my @ovpn_clients=();
foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost)
{
if ($ccdhost{$key}[33] ne ''){
$show='1';
push (@ovpn_clients,$ccdhost{$key}[1]);
}
}
if ($show eq '1'){
$show='';
print<<END;
<td style='width:15em;'>
<label>
@@ -1341,16 +1349,23 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='OVPN_CCD_HOST' style='min-width:16em;'>" if ($show eq '');
<select name='OVPN_CCD_HOST' style='width:16em;'>" if ($show eq '');
END
$show='1';
print"<option value='$ccdhost{$key}[1]'>$ccdhost{$key}[1]</option>";
foreach(@ovpn_clients){
print"<option value='$_'>$_</option>";
}
print"</select></td></tr>";
}
if ($show eq '1'){$show='';print"</select></td></tr>";}
#OVPN n2n networks
my @OVPN_N2N=();
foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) {
if($ccdhost{$key}[3] eq 'net'){
$show='1';
push (@OVPN_N2N,$ccdhost{$key}[1]);
}
}
if ($show eq '1'){
$show='';
print<<END;
<td style='width:15em;'>
<label>
@@ -1359,16 +1374,23 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='OVPN_N2N' style='min-width:16em;'>"
<select name='OVPN_N2N' style='width:16em;'>"
END
$show='1';
print"<option>$ccdhost{$key}[1]</option>";
foreach(@OVPN_N2N){
print"<option>$_</option>";
}
print"</select></td></tr>";
}
if ($show eq '1'){$show='';print"</select></td></tr>";}
#IPsec networks
my @IPSEC_N2N=();
foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) {
if ($ipsecconf{$key}[3] eq 'net'){
$show='1';
push (@IPSEC_N2N,$ipsecconf{$key}[1]);
}
}
if ($show eq '1'){
$show='';
print<<END;
<td style='width:15em;'>
<label>
@@ -1377,13 +1399,13 @@ END
</label>
</td>
<td style='text-align:right;'>
<select name='IPSEC_NET' style='min-width:16em;'>"
<select name='IPSEC_NET' style='width:16em;'>"
END
$show='1';
print"<option value='$ipsecconf{$key}[1]'>$ipsecconf{$key}[1]</option>";
foreach(@IPSEC_N2N){
print"<option value='$_'>$_</option>";
}
}
if ($show eq '1'){$show='';print"</select></td></tr>";}
print"</select></td></tr>";
print"</table>";
print"</td></tr></table>";
print"<br><br>";
@@ -1478,9 +1500,28 @@ END
print<<END;
<table width='100%'><form method='post' style='display:inline'>
<tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' size='14'></td><td align='left'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvgrpname' value='$fwhostsettings{'oldsrvgrpname'}'><input type='hidden' name='ACTION' value='changesrvgrpname'></td><td width='3%'></td></form></tr>
<tr><form method='post'><td width='10%'>$Lang::tr{'remark'}:</td><td colspan='2'><input type='text' name='newsrvrem' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'></td><td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='changesrvgrpremark' ></td></tr>
<tr><td colspan='4'><br></td></td></tr>
</table></form>
<tr>
<form method='post'>
<td width='10%'>
$Lang::tr{'remark'}:
</td>
<td colspan='2'>
<input type='text' name='newsrvrem' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'>
</td>
<td align='right'>
<input type='submit' value='$Lang::tr{'fwhost change'}'>
<input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'>
<input type='hidden' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}'>
<input type='hidden' name='ACTION' value='changesrvgrpremark' >
</td>
</tr>
<tr>
<td colspan='4'>
<br>
</td>
</tr>
</table>
</form>
END
}
if($fwhostsettings{'updatesrvgrp'} eq 'on'){

12
html/cgi-bin/index.cgi
View File

@@ -228,8 +228,6 @@ END
#Dial profiles
if ( $netsettings{'RED_TYPE'} ne "STATIC" && $netsettings{'RED_TYPE'} ne "DHCP" ){
# The dialctrl.pl script outputs html
print `/usr/local/bin/dialctrl.pl show`;
if ( ( $pppsettings{'VALID'} eq 'yes' ) || ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ ) ) {
print <<END;
<br/>
@@ -358,7 +356,7 @@ if (($confighash{'ENABLED'} eq "on") ||
$ovpnip="$ovpnip/$sub";
print <<END;
<tr>
<td style='width:25%; text-align:center; background-color:$Header::colourvpn;'>
<td style='width:25%; text-align:center; background-color:$Header::colourovpn;'>
<a href='/cgi-bin/ovpnmain.cgi' style='color:white'><b>OpenVPN</b></a>
</td>
<td style='width:30%; text-align:center;'>$ovpnip</td>
@@ -372,7 +370,7 @@ print"</table>";
#Check if there are any vpns configured (ipsec and openvpn)
&General::readhasharray("${General::swroot}/vpn/config", \%vpnconfig);
foreach my $key (sort { ncmp($vpnconfig{$a}[1],$vpnconfig{$b}[1]) } keys %vpnconfig) {
if ($vpnconfig{$key}[0] eq 'on'){
if ($vpnconfig{$key}[0] eq 'on' && $vpnconfig{$key}[3] ne 'host'){
$showipsec=1;
$showbox=1;
last;
@@ -409,7 +407,7 @@ if ($showbox){
</tr>
END
foreach my $key (sort { uc($vpnconfig{$a}[1]) cmp uc($vpnconfig{$b}[1]) } keys %vpnconfig) {
if ($vpnconfig{$key}[0] eq 'on') {
if ($vpnconfig{$key}[0] eq 'on' && $vpnconfig{$key}[3] ne 'host') {
$count++;
my ($vpnip,$vpnsub) = split("/",$vpnconfig{$key}[11]);
$vpnsub=&General::iporsubtocidr($vpnsub);
@@ -420,8 +418,8 @@ END
$col = $color{'color20'};
}
print "<tr>";
print "<td style='text-align:left; color:white; background-color:$Header::colourovpn;'>$vpnconfig{$key}[1]</td>";
print "<td style='text-align:left; background-color:$col'>$vpnip</td>";
print "<td style='text-align:left; color:white; background-color:$Header::colourvpn;'>$vpnconfig{$key}[1]</td>";
print "<td style='text-align:center; background-color:$col'>$vpnip</td>";
my $activecolor = $Header::colourred;
my $activestatus = $Lang::tr{'capsclosed'};

19
html/cgi-bin/ovpnmain.cgi
View File

@@ -2159,7 +2159,7 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
} else {
$errormessage = $Lang::tr{'invalid key'};
}
&General::firewall_reload();
###
### Download PKCS12 file
@@ -3510,7 +3510,12 @@ if ($cgiparams{'TYPE'} eq 'net') {
rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
}
#Check if remote subnet is used elsewhere
my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'});
$warnmessage=&General::checksubnets('',$n2nip,'ovpn');
if ($warnmessage){
$warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>".$warnmessage;
}
}
# if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
@@ -4569,6 +4574,16 @@ END
&Header::closebox();
}
if ($warnmessage) {
&Header::openbox('100%', 'LEFT', $Lang::tr{'warning messages'});
print "$warnmessage<br>";
print "$Lang::tr{'fwdfw warn1'}<br>";
&Header::closebox();
print"<center><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'ok'}' style='width: 5em;'></form>";
&Header::closepage();
exit 0;
}
my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
my $srunning = "no";
my $activeonrun = "";

29
html/cgi-bin/vpnmain.cgi
View File

@@ -1225,7 +1225,7 @@ END
} else {
$errormessage = $Lang::tr{'invalid key'};
}
&General::firewall_reload();
###
### Choose between adding a host-net or net-net connection
###
@@ -1407,14 +1407,13 @@ END
goto VPNCONF_ERROR;
}
#temporary disabled (BUG 10294)
# if ($cgiparams{'TYPE'} eq 'net'){
# $errormessage=&General::checksubnets($cgiparams{'NAME'},$cgiparams{'REMOTE_SUBNET'});
# if ($errormessage ne ''){
# goto VPNCONF_ERROR;
# }
#
# }
if ($cgiparams{'TYPE'} eq 'net'){
$warnmessage=&General::checksubnets('',$cgiparams{'REMOTE_SUBNET'},'ipsec');
if ($warnmessage ne ''){
$warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>".$warnmessage;
}
}
if ($cgiparams{'AUTH'} eq 'psk') {
if (! length($cgiparams{'PSK'}) ) {
$errormessage = $Lang::tr{'pre-shared key is too short'};
@@ -2520,7 +2519,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
<td>
<label>
<input type='checkbox' name='ONLY_PROPOSED' $checked{'ONLY_PROPOSED'} />
IKE+ESP: $Lang::tr{'use only proposed settings'}</td>
IKE+ESP: $Lang::tr{'use only proposed settings'}
</label>
</td>
</tr>
@@ -2612,6 +2611,16 @@ EOF
&Header::closebox();
}
if ($warnmessage) {
&Header::openbox('100%', 'left', $Lang::tr{'warning messages'});
print "$warnmessage<br>";
print "$Lang::tr{'fwdfw warn1'}<br>";
&Header::closebox();
print"<center><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'ok'}' style='width: 5em;'></form>";
&Header::closepage();
exit 0;
}
&Header::openbox('100%', 'left', $Lang::tr{'global settings'});
print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>

2
html/html/themes/ipfire/include/functions.pl
View File

@@ -110,7 +110,7 @@ sub openpage {
&genmenu();
my $headline = "IPFire";
if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
if (($settings{'WINDOWWITHHOSTNAME'} eq 'on') || ($settings{'WINDOWWITHHOSTNAME'} eq '')) {
$headline = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'}";
}

12
langs/de/cgi-bin/de.pl
View File

@@ -481,8 +481,10 @@
'ccd err iroute' => 'Netzadresse für Route ungültig.',
'ccd err irouteexist' => 'Diese Route wird bereits verwendet.',
'ccd err isipsecnet' => 'Diese Subnetzadresse wird bereits für ein IPsec-Netzwerk verwendet.',
'ccd err isovpnnet' => 'Subnetzadresse wird für bereits für den OpenVPN-Server verwendet!',
'ccd err issubnet' => 'Subnetzadresse wird bereits verwendet.',
'ccd err isipsecrw' => 'Diese Subnetzadresse wird bereits für das IPsec-RW Netz verwendet.',
'ccd err isovpnn2n' => 'Die Subnetzadresse wird für bereits für eine OpenVPN Netz-zu-Netz-Verbindung verwendet.',
'ccd err isovpnnet' => 'Die Subnetzadresse wird für bereits für den OpenVPN-Server verwendet.',
'ccd err issubnet' => 'Die Subnetzadresse wird bereits verwendet.',
'ccd err name' => 'Es muss ein Name angegeben werden.',
'ccd err nameexist' => 'Name existiert bereits.',
'ccd err netadr' => 'Subnetzadresse ist ungültig oder Bereich zu groß.',
@@ -813,6 +815,7 @@
'enter ack class' => 'Legen Sie hier die ACK-Klasse fest <br /> und klicken Sie danach auf <i>Speichern</i>.',
'enter data' => 'Geben Sie die Daten ein <br /> und klicken Sie danach auf <i>Speichern</i>.',
'entropy' => 'Entropie',
'entropy graphs' => 'Entropiegraphen',
'err bk 1' => 'Fehler beim Erzeugen des Archivs',
'err bk 10 password' => 'Fehler beim Datensicherungs-Passwort',
'err bk 2 key' => 'Fehler beim Erzeugen der Schlüsseldatei',
@@ -1005,6 +1008,7 @@
'fwdfw use srcport' => 'Quellport:',
'fwdfw use srv' => 'Zielport:',
'fwdfw useless rule' => 'Diese Regel ist nicht sinnvoll.',
'fwdfw warn1' => 'Dies kann dazu führen, dass Firewallregeln auf Netze angewendet werden, für die sie nicht gedacht sind.',
'fwdfw wd_fri' => 'Fr',
'fwdfw wd_mon' => 'Mo',
'fwdfw wd_sat' => 'Sa',
@@ -1131,6 +1135,7 @@
'harddisk temperature' => 'Festplattentemperatur',
'harddisk temperature graphs' => 'HDD-Diagramme',
'hardware graphs' => 'Hardware-Diagramme',
'hardware support' => 'Hardware-Unterstützung',
'hdd temperature in' => 'Festplattentemperatur in',
'help' => 'Hilfe',
'high' => 'Hoch',
@@ -1506,6 +1511,7 @@
'no eciadsl synch.bin file' => 'Keine ECI ADSL Datei synch.bin vorhanden. Bitte hochladen.',
'no filter pass' => 'Legen Sie hier die Standardklassen fest durch die nicht-gefilterte Pakete gehen.',
'no fritzdsl driver' => 'Kein Fritz!DSL-Treiber vorhanden. Bitte hochladen.',
'no hardware random number generator' => 'Dieses System hat keine Entropiequelle.',
'no information available' => 'Keine Informationen verfügbar.',
'no log selected' => 'kein Log ausgewählt',
'no modem selected' => 'Kein Modem ausgewählt',
@@ -1976,6 +1982,8 @@
'swap usage per' => 'Nutzung von Auslagerungsspeicher (Swap) pro',
'system' => 'System',
'system graphs' => 'System-Diagramme',
'system has hwrng' => 'Dieses System hat einen Hardware-Zufallszahlengenerator.',
'system has rdrand' => 'Dieses System unterstützt Intel(R) RDRAND.',
'system information' => 'Systeminformationen',
'system log viewer' => 'Betrachter der System-Logdateien',
'system logs' => 'System-Logdateien',

12
langs/en/cgi-bin/en.pl
View File

@@ -499,8 +499,10 @@
'ccd err invalidnet' => 'Invalid IP address. Format: 192.168.0.0/24 or 192.168.0.0/255.255.255.0.',
'ccd err iroute' => 'Network address for route is invalid.',
'ccd err irouteexist' => 'This route is already in use.',
'ccd err isipsecnet' => 'The given subnet address already used by an IPsec network.',
'ccd err isovpnnet' => 'Subnet address already in use for OpenVPN Server.',
'ccd err isipsecnet' => 'The given subnet address is already used by an IPsec network.',
'ccd err isipsecrw' => 'The given subnet address is already used by the IPsec rw network.',
'ccd err isovpnn2n' => 'The subnet address is already in use for an OpenVPN net-to-net connection.',
'ccd err isovpnnet' => 'The subnet address is already in use for the OpenVPN server.',
'ccd err issubnet' => 'Subnet address already in use.',
'ccd err name' => 'Please choose a name.',
'ccd err nameexist' => 'Name already exists.',
@@ -839,6 +841,7 @@
'enter ack class' => 'Enter the ACK- Class <br /> and then press <i>Save</i>.',
'enter data' => 'Enter your settings <br /> and then press <i>Save</i>.',
'entropy' => 'Entropy',
'entropy graphs' => 'Entropy Graphs',
'err bk 1' => 'Error creating archive',
'err bk 10 password' => 'Error with backup password',
'err bk 2 key' => 'Error creating key file',
@@ -1031,6 +1034,7 @@
'fwdfw use srcport' => 'Source port:',
'fwdfw use srv' => 'Destination port:',
'fwdfw useless rule' => 'This rule is useless.',
'fwdfw warn1' => 'This might lead to firewallrules which are applied to networks for which they are not intended to be.',
'fwdfw wd_fri' => 'Fri',
'fwdfw wd_mon' => 'Mon',
'fwdfw wd_sat' => 'Sat',
@@ -1159,6 +1163,7 @@
'harddisk temperature' => 'Harddisk Temperature',
'harddisk temperature graphs' => 'HDD Graphs',
'hardware graphs' => 'Hardware Graphs',
'hardware support' => 'Hardware Support',
'hdd temperature in' => 'Harddisk temperature in',
'help' => 'Help',
'high' => 'High',
@@ -1535,6 +1540,7 @@
'no eciadsl synch.bin file' => 'No ECI ADSL synch.bin file. Please upload.',
'no filter pass' => 'Enter the standard class for non-filtered packets.',
'no fritzdsl driver' => 'No Fritz!DSL driver. Please upload.',
'no hardware random number generator' => 'This system has no source for entropy.',
'no information available' => 'No information available.',
'no log selected' => 'No log selected',
'no modem selected' => 'No modem selected',
@@ -2011,6 +2017,8 @@
'swap usage per' => 'Swap usage per',
'system' => 'System',
'system graphs' => 'System Graphs',
'system has hwrng' => 'This system has got a hardware random number generator.',
'system has rdrand' => 'This system has got support for Intel(R) RDRAND.',
'system information' => 'System Information',
'system log viewer' => 'System Log Viewer',
'system logs' => 'System Logs',

295
langs/tr/cgi-bin/tr.pl
View File

File diff suppressed because it is too large Load Diff

4
lfs/beep
View File

@@ -24,7 +24,7 @@
include Config
VER = 1.2.2
VER = 1.3
THISAPP = beep-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = d541419fd7e5642952d7b48cbb40c712
$(DL_FILE)_MD5 = 49c340ceb95dbda3f97b2daafac7892a
install : $(TARGET)

4
lfs/initscripts
View File

@@ -185,13 +185,9 @@ $(TARGET) :
/etc/rc.d/init.d/networking/red.up/23-RS-snort
ln -sf ../../../../../usr/local/bin/qosctrl \
/etc/rc.d/init.d/networking/red.up/24-RS-qos
ln -sf ../../../../../usr/local/bin/dialctrl.pl \
/etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl
ln -sf ../../squid /etc/rc.d/init.d/networking/red.up/27-RS-squid
ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.down/05-RS-dnsmasq
ln -sf ../../firewall /etc/rc.d/init.d/networking/red.down/20-RL-firewall
ln -sf ../../../../../usr/local/bin/dialctrl.pl \
/etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
for i in green blue orange; do \
ln -sf any /etc/rc.d/init.d/networking/$$i; \

3
lfs/linux
View File

@@ -127,9 +127,6 @@ ifneq "$(KCFG)" "-headers"
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.7-disable-compat_vdso.patch
endif
# Disable pcspeaker autoload
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.30-no-pcspkr-modalias.patch
# Remove ACPI Blacklist message
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6-silence-acpi-blacklist.patch

8
lfs/samba
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
VER = 3.6.22
VER = 3.6.23
THISAPP = samba-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = samba
PAK_VER = 56
PAK_VER = 57
DEPS = "cups"
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 59add4bb178ebc188d857bc13a508c0b
$(DL_FILE)_MD5 = 2f7aee1dc5d31aefcb364600915b31dc
install : $(TARGET)

18
lfs/sudo
View File

@@ -24,7 +24,7 @@
include Config
VER = 1.6.8p12
VER = 1.8.10p1
THISAPP = sudo-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = b29893c06192df6230dd5f340f3badf5
$(DL_FILE)_MD5 = 1d9c2bc5aaf02608343d17b9a666e8e1
install : $(TARGET)
@@ -70,10 +70,16 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/$(THISAPP)-envvar_fix-1.patch
cd $(DIR_APP) && ./configure --prefix=/usr --libexecdir=/usr/lib \
--enable-noargs-shell --with-ignore-dot --with-all-insults \
--enable-shell-sets-home && \
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
--libexecdir=/usr/lib \
--with-logging=syslog \
--with-logfac=authpriv \
--with-env-editor \
--with-ignore-dot \
--with-tty-tickets \
--with-passpromt="[sudo] password for %p: "
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)

34
lfs/tzdata
View File

@@ -24,15 +24,18 @@
include Config
VER = 2012h
TZDATA_VER = 2012h
TZCODE_VER = 2012h
VER = 2014a
TZDATA_VER = $(VER)
TZCODE_VER = $(VER)
THISAPP = tzdata-$(VER)
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
FILES = africa antarctica asia australasia europe \
northamerica southamerica pacificnew etcetera backward
###############################################################################
# Top-level Rules
###############################################################################
@@ -42,8 +45,8 @@ objects = tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).tar.gz
tzdata$(TZDATA_VER).tar.gz = $(DL_FROM)/tzdata$(TZDATA_VER).tar.gz
tzcode$(TZCODE_VER).tar.gz = $(DL_FROM)/tzcode$(TZCODE_VER).tar.gz
tzdata$(TZDATA_VER).tar.gz_MD5 = b937335e087fb85b7f8e3ce33e69184b
tzcode$(TZCODE_VER).tar.gz_MD5 = 44b3b6c3e50240ac44f16437040a7ba2
tzdata$(TZDATA_VER).tar.gz_MD5 = 423a11bcffc10dda578058cf1587d048
tzcode$(TZCODE_VER).tar.gz_MD5 = 77ccbb720f0f2076f12dff6ded70eb98
install : $(TARGET)
@@ -77,16 +80,21 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
tar axf $(DIR_DL)/tzdata$(TZDATA_VER).tar.gz -C $(DIR_APP)
tar axf $(DIR_DL)/tzcode$(TZCODE_VER).tar.gz -C $(DIR_APP)
cd $(DIR_APP) && make TOPDIR=/usr ETCDIR=/tmp LIBDIR=/tmp MANDIR=/tmp \
TZDIR=/usr/share/zoneinfo all
cd $(DIR_APP) && make TOPDIR=/usr ETCDIR=/tmp LIBDIR=/tmp MANDIR=/tmp \
TZDIR=/usr/share/zoneinfo install
cd $(DIR_APP) && mkdir -pv zoneinfo/{,posix,right}
cd $(DIR_APP) && zic -y ./yearistype -d zoneinfo \
-L /dev/null -p GMT $(FILES)
cd $(DIR_APP) && zic -y ./yearistype -d zoneinfo/posix \
-L /dev/null $(FILES)
cd $(DIR_APP) && zic -y ./yearistype -d zoneinfo/right \
-L /dev/null $(FILES)
rm -rf /usr/share/zoneinfo
cd $(DIR_APP) && cp -prd zoneinfo /usr/share
cd $(DIR_APP) && install -p -m 644 zone.tab iso3166.tab \
/usr/share/zoneinfo
-mkdir -pv /usr/share/zoneinfo
mv -v /usr/share/zoneinfo-posix /usr/share/zoneinfo/posix
mv -v /usr/share/zoneinfo-leaps /usr/share/zoneinfo/right
rm -vf /usr/share/zoneinfo/localtime
cp -vf /usr/share/zoneinfo/GMT /etc/localtime
@rm -rf $(DIR_APP)
@$(POSTBUILD)

12
src/patches/linux-2.6.30-no-pcspkr-modalias.patch
View File

@@ -1,12 +0,0 @@
diff --git a/drivers/input/misc/pcspkr.c b/drivers/input/misc/pcspkr.c
index 34f4d2e..3e40c70 100644
--- a/drivers/input/misc/pcspkr.c
+++ b/drivers/input/misc/pcspkr.c
@@ -24,7 +24,6 @@
MODULE_AUTHOR("Vojtech Pavlik <vojtech@ucw.cz>");
MODULE_DESCRIPTION("PC Speaker beeper driver");
MODULE_LICENSE("GPL");
-MODULE_ALIAS("platform:pcspkr");
static int pcspkr_event(struct input_dev *dev, unsigned int type, unsigned int code, int value)
{

66
src/patches/strongswan-5.0.2_ipfire.patch
View File

@@ -1,8 +1,6 @@
diff --git a/src/_updown/_updown.in b/src/_updown/_updown.in
index 3a40e21..d9f3ea0 100644
--- a/src/_updown/_updown.in
+++ b/src/_updown/_updown.in
@@ -193,6 +193,29 @@ custom:*) # custom parameters (see above CAUTION comment)
@@ -178,6 +178,29 @@
;;
esac
@@ -32,7 +30,7 @@ index 3a40e21..d9f3ea0 100644
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
@@ -397,12 +420,12 @@ up-host:iptables)
@@ -407,12 +430,12 @@
# connection to me, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
@@ -46,9 +44,9 @@ index 3a40e21..d9f3ea0 100644
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j MARK --set-mark 50
#
# log IPsec host connection setup
if [ $VPN_LOGGING ]
@@ -410,10 +433,10 @@ up-host:iptables)
# allow IPIP traffic because of the implicit SA created by the kernel if
# IPComp is used (for small inbound packets that are not compressed)
@@ -428,10 +451,10 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
@@ -61,7 +59,7 @@ index 3a40e21..d9f3ea0 100644
fi
fi
;;
@@ -421,12 +444,12 @@ down-host:iptables)
@@ -439,12 +462,12 @@
# connection to me, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
@@ -75,9 +73,9 @@ index 3a40e21..d9f3ea0 100644
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j MARK --set-mark 50
#
# log IPsec host connection teardown
if [ $VPN_LOGGING ]
@@ -434,10 +457,10 @@ down-host:iptables)
# IPIP exception teardown
if [ -n "$PLUTO_IPCOMP" ]
@@ -459,10 +482,10 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
@@ -90,7 +88,7 @@ index 3a40e21..d9f3ea0 100644
fi
fi
;;
@@ -447,24 +470,24 @@ up-client:iptables)
@@ -472,24 +495,24 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ]
then
@@ -113,16 +111,26 @@ index 3a40e21..d9f3ea0 100644
- iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
+ -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j RETURN
+ iptables -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j MARK --set-mark 50
fi
#
# log IPsec client connection setup
@@ -473,12 +496,51 @@ up-client:iptables)
# allow IPIP traffic because of the implicit SA created by the kernel if
@@ -497,7 +520,7 @@
# INPUT is correct here even for forwarded traffic.
if [ -n "$PLUTO_IPCOMP" ]
then
- iptables -I INPUT 1 -i $PLUTO_INTERFACE -p 4 \
+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p 4 \
-s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
fi
#
@@ -507,12 +530,51 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
@@ -176,7 +184,7 @@ index 3a40e21..d9f3ea0 100644
;;
down-client:iptables)
# connection to client subnet, with (left/right)firewall=yes, going down
@@ -486,28 +548,28 @@ down-client:iptables)
@@ -520,34 +582,34 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ]
then
@@ -202,8 +210,9 @@ index 3a40e21..d9f3ea0 100644
+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
$IPSEC_POLICY_IN -j ACCEPT
- $IPSEC_POLICY_IN -j ACCEPT
- iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
+ $IPSEC_POLICY_IN -j RETURN
+ iptables -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT \
@@ -211,8 +220,15 @@ index 3a40e21..d9f3ea0 100644
+ $IPSEC_POLICY_OUT -j MARK --set-mark 50
fi
#
# log IPsec client connection teardown
@@ -516,12 +578,51 @@ down-client:iptables)
# IPIP exception teardown
if [ -n "$PLUTO_IPCOMP" ]
then
- iptables -D INPUT -i $PLUTO_INTERFACE -p 4 \
+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p 4 \
-s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
fi
#
@@ -557,12 +619,51 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
@@ -266,7 +282,7 @@ index 3a40e21..d9f3ea0 100644
;;
#
# IPv6
@@ -556,10 +657,10 @@ up-host-v6:iptables)
@@ -597,10 +698,10 @@
# connection to me, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
@@ -279,7 +295,7 @@ index 3a40e21..d9f3ea0 100644
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
#
@@ -580,10 +681,10 @@ down-host-v6:iptables)
@@ -621,10 +722,10 @@
# connection to me, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
@@ -292,7 +308,7 @@ index 3a40e21..d9f3ea0 100644
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
#
@@ -606,10 +707,10 @@ up-client-v6:iptables)
@@ -647,10 +748,10 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ]
then
@@ -305,7 +321,7 @@ index 3a40e21..d9f3ea0 100644
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
fi
@@ -618,10 +719,10 @@ up-client-v6:iptables)
@@ -659,10 +760,10 @@
# or sometimes host access via the internal IP is needed
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
@@ -318,7 +334,7 @@ index 3a40e21..d9f3ea0 100644
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
fi
@@ -645,11 +746,11 @@ down-client-v6:iptables)
@@ -686,11 +787,11 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ]
then
@@ -332,7 +348,7 @@ index 3a40e21..d9f3ea0 100644
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
$IPSEC_POLICY_IN -j ACCEPT
@@ -659,11 +760,11 @@ down-client-v6:iptables)
@@ -700,11 +801,11 @@
# or sometimes host access via the internal IP is needed
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then

201
src/scripts/dialctrl.pl
View File

@@ -1,201 +0,0 @@
#!/usr/bin/perl
#
# Dialup Statistics for IPFire
# based on SilverStar's work on
# http://goodymuc.go.funpic.de
#
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
($sec,$min,$hour,$mday,$mon,$year,$wday,$ydat,$isdst)=localtime();
$jahr=$year;
$monat=$mon+1;
$tag=$mday;
$jahr=$year;
$jahr=$year +1900;
if (length($monat) == 1)
{
$monat="0$monat";
}
if(length($tag) == 1)
{
$tag="0$tag";
}
if(length($hour) == 1)
{
$hour="0$hour";
}
if(length($min) == 1)
{
$min="0$min";
}
if(length($sec) == 1)
{
$sec="0$sec";
}
my $s_date = $tag."/".$monat."/".$jahr;
my $s_time = $hour.":".$min.":".$sec;
my $file_log = "/var/log/counter/dialup.log";
my $file_connect = "/var/log/counter/connect";
my $file_reset = "/var/log/counter/reset";
if ($ARGV[0] eq 'up') {
if (! -e "$file_log") {
&new;
} else {
open(CONNECT,">$file_connect");
close(CONNECT);
open(COUNTER,"<$file_log");
$line = <COUNTER>;
($start,$update,$up,$down,$rec,$on,$bit) = split(/\|/,$line);
close(COUNTER);
$up++;
$update = $s_date." on ".$s_time;
open(COUNTER,">$file_log");
print COUNTER "$start\|$update\|$up\|$down\|$rec\|$on\|$bit";
close(COUNTER);
}
}
if ($ARGV[0] eq 'down') {
if (! -e "$file_log") {
&new;
} else {
open(COUNTER,"<$file_log");
$line = <COUNTER>;
($start,$update,$up,$down,$rec,$on,$bit) = split(/\|/,$line);
close(COUNTER);
$on =~ /(\d+)d\s+(\d+)h\s+(\d+)m\s+(\d+)s/;
$d1 = $1; $h1 = $2; $m1 = $3; $s1 = $4;
$con = &General::age("$file_connect");
$con =~ /(\d+)d\s+(\d+)h\s+(\d+)m\s+(\d+)s/;
$d2 = $1; $h2 = $2; $m2 = $3; $s2 = $4;
$sum_d = ($d1 + $d2) * 86400;
$sum_h = ($h1 + $h2) * 3600;
$sum_m = ($m1 + $m2) * 60;
$sum_s = ($s1 + $s2);
$sum_1 = $sum_d + $sum_h + $sum_m + $sum_s;
$d = int($sum_1 / 86400);
$totalhours = int($sum_1 / 3600);
$h = $totalhours % 24;
$totalmins = int($sum_1 / 60);
$m = $totalmins % 60;
$s = $sum_1 % 60;
$on = "${d}d ${h}h ${m}m ${s}s";
$down++;
$update = $s_date." on ".$s_time;
open(COUNTER,">$file_log");
print COUNTER "$start\|$update\|$up\|$down\|$rec\|$on\|$bit";
close(COUNTER);
}
}
if ($ARGV[0] eq 'rec') {
if (! -e "$file_log") {
&new;
} else {
open(COUNTER,"<$file_log");
$line = <COUNTER>;
($start,$update,$up,$down,$rec,$on,$bit) = split(/\|/,$line);
close(COUNTER);
$rec++;
$update = $s_date." on ".$s_time;
open(COUNTER,">$file_log");
print COUNTER "$start\|$update\|$up\|$down\|$rec\|$on\|$bit";
close(COUNTER);
}
}
elsif ($ARGV[0] eq 'show') {
if (! -e "$file_log") {
&new;
}
else {
open(COUNTER,"<$file_log");
$line = <COUNTER>;
($start,$update,$up,$down,$rec,$on,$bit) = split(/\|/,$line);
$on =~ /(\d+)d\s+(\d+)h\s+(\d+)m\s+(\d+)s/;
$d1 = $1; $h1 = $2; $m1 = $3; $s1 = $4;
close(COUNTER);
if ( ! -e "${General::swroot}/red/active") {
$timecon = "0d 0h 0m 0s";
} else {
$timecon = &General::age("$file_connect");
}
$timecon =~ /(\d+)d\s+(\d+)h\s+(\d+)m\s+(\d+)s/;
$d2 = $1; $h2 = $2; $m2 = $3; $s2 = $4;
$timeres = &General::age("$file_reset");
$timeres =~ /(\d+)d\s+(\d+)h\s+(\d+)m\s+(\d+)s/;
$d3 = $1; $h3 = $2; $m3 = $3; $s3 = $4;
$sum_d1 = ($d1 + $d2) * 86400;
$sum_h1 = ($h1 + $h2) * 3600;
$sum_m1 = ($m1 + $m2) * 60;
$sum_s1 = ($s1 + $s2);
$sum_1 = $sum_d1 + $sum_h1 + $sum_m1 + $sum_s1;
$sum_d2 = $d3 * 86400;
$sum_h2 = $h3 * 3600;
$sum_m2 = $m3 * 60;
$sum_s2 = $s3;
$sum_2 = $sum_d2 + $sum_h2 + $sum_m2 + $sum_s2;
$d = int($sum_1 / 86400);
$totalhours = int($sum_1 / 3600);
$h = $totalhours % 24;
$totalmins = int($sum_1 / 60);
$m = $totalmins % 60;
$s = $sum_1 % 60;
$current = "${d}d ${h}h ${m}m ${s}s";
$ontime = ( $sum_1 * 100 ) / $sum_2;
if ($ontime >= 99.95) {
$ontime = sprintf("%.0f", $ontime);
}
elsif ($ontime <= 0.05) {
$ontime = sprintf("%.0f", $ontime);
}
else {
$ontime = sprintf("%.1f", $ontime);
}
print <<END
<br />$Lang::tr{'since'} $update
<table style='width:60%'>
<tr><td>$Lang::tr{'connections'}: $up</td><td>$Lang::tr{'disconnects'}: $down</td><td>$Lang::tr{'attemps'}: $rec</td></tr>
<tr><td><b>$Lang::tr{'total connection time'}:</b><td>$current</td><td> ~ $ontime%</td></tr>
</table>
END
;
}
}
elsif ($ARGV[0] eq 'reset') {
&new;
}
elsif ($ARGV[0] eq '') {
print "\nDont run on the console...\n\n";
}
exit 0;
sub new {
open(COUNTER,">$file_log");
$start = $s_date." on ".$s_time;
$update = "&#8249;no action since clearing&#8250;";
$up = "0";
$down = "0";
$rec = "0";
$on = "0d 0h 0m";
$bit = "0";
print COUNTER "$start\|$update\|$up\|$down\|$rec\|$on\|$bit";
close(COUNTER);
open(CONNECT,">$file_connect");
print CONNECT "0";
close(CONNECT);
open(RESET,">$file_reset");
print RESET "0";
close(RESET);
}