From 39017f76e77fb77fd47c17cc89da69f3b3f0e946 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sun, 11 Sep 2011 16:10:00 +0200 Subject: [PATCH 01/12] fix branch in make.sh. --- make.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make.sh b/make.sh index 99fc86f49..37438678c 100755 --- a/make.sh +++ b/make.sh @@ -709,7 +709,7 @@ buildipfire() { echo >> $BASEDIR/build/var/ipfire/firebuild cat /proc/cpuinfo >> $BASEDIR/build/var/ipfire/firebuild echo $PAKFIRE_CORE > $BASEDIR/build/opt/pakfire/db/core/mine - if [ "$GIT_BRANCH" = "next" ]; then + if [ "$GIT_BRANCH" = "master" ]; then echo "$NAME $VERSION - (Development Build: $GIT_LASTCOMMIT)" > $BASEDIR/build/etc/system-release else echo "$NAME $VERSION - $GIT_BRANCH" > $BASEDIR/build/etc/system-release From 84f23fd9bf9d915473b49ec759099be26c903a07 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Mon, 12 Sep 2011 23:43:57 +0200 Subject: [PATCH 02/12] gcc: fix linker detection patch. --- src/patches/gcc-4.1.2-fix_linker_version_detection.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/patches/gcc-4.1.2-fix_linker_version_detection.patch b/src/patches/gcc-4.1.2-fix_linker_version_detection.patch index c2f43be35..36a756cef 100644 --- a/src/patches/gcc-4.1.2-fix_linker_version_detection.patch +++ b/src/patches/gcc-4.1.2-fix_linker_version_detection.patch @@ -6,7 +6,7 @@ diff -Naur gcc-4.1.2.org/libstdc++-v3/configure gcc-4.1.2/libstdc++-v3/configure ldver=`$LD --version 2>/dev/null | head -1 | \ - sed -e 's/GNU ld version \([0-9.][0-9.]*\).*/\1/'` -+ sed -e 's/GNU ld (GNU binutils) \([0-9.][0-9.]*\).*/\1/'` ++ sed -e 's/GNU ld .*) \([0-9.][0-9.]*\).*/\1/'` glibcxx_gnu_ld_version=`echo $ldver | \ $AWK -F. '{ if (NF<3) $3=0; print ($1*100+$2)*100+$3 }'` From 79231dc50fd71d392ae0f6d54cfb8ec8de2bbcfe Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Mon, 12 Sep 2011 23:46:02 +0200 Subject: [PATCH 03/12] core53: add all langs to updater. --- config/rootfiles/core/53/filelists/files | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/config/rootfiles/core/53/filelists/files b/config/rootfiles/core/53/filelists/files index cdd78c2c1..c2535f356 100644 --- a/config/rootfiles/core/53/filelists/files +++ b/config/rootfiles/core/53/filelists/files @@ -13,11 +13,7 @@ srv/web/ipfire/cgi-bin/ovpnmain.cgi srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/routing.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi -var/ipfire/langs/de.pl -var/ipfire/langs/en.pl -var/ipfire/langs/es.pl -var/ipfire/langs/fr.pl -var/ipfire/langs/pl.pl +var/ipfire/langs/ usr/local/bin/ipsecctrl usr/local/bin/openvpnctrl usr/local/bin/vpn-watch From 1a140b78980fe0f488e25a3b2dd92256e3751ab0 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Mon, 12 Sep 2011 23:47:15 +0200 Subject: [PATCH 04/12] core53: add setup to updater. --- config/rootfiles/core/53/filelists/files | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/core/53/filelists/files b/config/rootfiles/core/53/filelists/files index c2535f356..3e71a05df 100644 --- a/config/rootfiles/core/53/filelists/files +++ b/config/rootfiles/core/53/filelists/files @@ -18,6 +18,7 @@ usr/local/bin/ipsecctrl usr/local/bin/openvpnctrl usr/local/bin/vpn-watch usr/local/bin/rebuildroutes +usr/local/sbin/setup var/ipfire/main/routing var/ipfire/menu.d/30-network.menu opt/pakfire/etc/pakfire.conf From 0f0db884a9bc1524c69c040cd84b8f23bb2c85dd Mon Sep 17 00:00:00 2001 From: Alfred Haas Date: Tue, 13 Sep 2011 14:06:58 +0200 Subject: [PATCH 05/12] log.dat: add n2n to openvpn log. --- html/cgi-bin/logs.cgi/log.dat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/logs.cgi/log.dat b/html/cgi-bin/logs.cgi/log.dat index c0da266f1..e2d02447d 100644 --- a/html/cgi-bin/logs.cgi/log.dat +++ b/html/cgi-bin/logs.cgi/log.dat @@ -61,7 +61,7 @@ my %sections = ( 'auth' => '(\w+\(pam_unix\)\[.*\]: )', 'kernel' => '(kernel: (?!DROP_))', 'ipsec' => '(ipsec_[\w_]+: |pluto\[.*\]: |charon: |vpnwatch: )', - 'openvpn' => '(openvpnserver)\[.*\]: ', + 'openvpn' => '(openvpnserver\[.*\]: |.*n2n\[.*\]: )', 'pakfire' => '(pakfire:) ', 'wireless' => '(hostapd:|kernel: ath.*:|kernel: wifi[0-9]:) ' ); From 38ce4769ab38fdef7fc5892b4fe554de968d8d47 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 13 Sep 2011 14:09:59 +0200 Subject: [PATCH 06/12] core53: add log.dat to updater. --- config/rootfiles/core/53/filelists/files | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/core/53/filelists/files b/config/rootfiles/core/53/filelists/files index 3e71a05df..2d47486a7 100644 --- a/config/rootfiles/core/53/filelists/files +++ b/config/rootfiles/core/53/filelists/files @@ -13,6 +13,7 @@ srv/web/ipfire/cgi-bin/ovpnmain.cgi srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/routing.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi +srv/web/ipfire/cgi-bin/logs.cgi/log.dat var/ipfire/langs/ usr/local/bin/ipsecctrl usr/local/bin/openvpnctrl From 7589902e644345a8b383d604cf5e16c786352f59 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 13 Sep 2011 14:25:44 +0200 Subject: [PATCH 07/12] strongswan: import micha's new strongswan gateway detection. --- lfs/strongswan | 2 +- ...re.patch => strongswan-4.5.3_ipfire.patch} | 110 +++++++++++++----- 2 files changed, 84 insertions(+), 28 deletions(-) rename src/patches/{strongswan-4.4.0_ipfire.patch => strongswan-4.5.3_ipfire.patch} (83%) diff --git a/lfs/strongswan b/lfs/strongswan index 1efd283bb..cb97bf7e4 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -71,7 +71,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-4.4.0_ipfire.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-4.5.3_ipfire.patch cd $(DIR_APP) && ./configure --prefix="/usr" --sysconfdir="/etc" \ --enable-cisco-quirks \ diff --git a/src/patches/strongswan-4.4.0_ipfire.patch b/src/patches/strongswan-4.5.3_ipfire.patch similarity index 83% rename from src/patches/strongswan-4.4.0_ipfire.patch rename to src/patches/strongswan-4.5.3_ipfire.patch index 298a1e3a7..2ba975b1d 100644 --- a/src/patches/strongswan-4.4.0_ipfire.patch +++ b/src/patches/strongswan-4.5.3_ipfire.patch @@ -1,7 +1,37 @@ -diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_updown/_updown.in ---- strongswan-4.4.0.org/src/_updown/_updown.in 2010-03-15 21:52:51.000000000 +0100 -+++ strongswan-4.4.0/src/_updown/_updown.in 2010-05-15 13:33:40.000000000 +0200 -@@ -374,12 +374,12 @@ +diff -Naur strongswan-4.5.3.org/src/_updown/_updown.in strongswan-4.5.3/src/_updown/_updown.in +--- strongswan-4.5.3.org/src/_updown/_updown.in 2010-10-22 16:33:30.000000000 +0200 ++++ strongswan-4.5.3/src/_updown/_updown.in 2011-09-13 14:19:31.000000000 +0200 +@@ -183,6 +183,29 @@ + ;; + esac + ++function ip_encode() { ++ local IFS=. ++ ++ local int=0 ++ for field in $1; do ++ int=$(( $(( $int << 8 )) | $field )) ++ done ++ ++ echo $int ++} ++ ++function ip_in_subnet() { ++ local netmask ++ netmask=$(_netmask $2) ++ [ $(( $(ip_encode $1) & $netmask)) = $(( $(ip_encode ${2%/*}) & $netmask )) ] ++} ++ ++function _netmask() { ++ local vlsm ++ vlsm=${1#*/} ++ [ $vlsm -eq 0 ] && echo 0 || echo $(( -1 << $(( 32 - $vlsm )) )) ++} ++ + # utility functions for route manipulation + # Meddling with this stuff should not be necessary and requires great care. + uproute() { +@@ -387,12 +410,12 @@ # connection to me, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. @@ -17,7 +47,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd # # log IPsec host connection setup if [ $VPN_LOGGING ] -@@ -387,10 +387,10 @@ +@@ -400,10 +423,10 @@ if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO \ @@ -30,7 +60,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd fi fi ;; -@@ -398,12 +398,12 @@ +@@ -411,12 +434,12 @@ # connection to me, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. @@ -46,7 +76,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd # # log IPsec host connection teardown if [ $VPN_LOGGING ] -@@ -411,10 +411,10 @@ +@@ -424,10 +447,10 @@ if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO -- \ @@ -59,7 +89,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd fi fi ;; -@@ -424,10 +424,10 @@ +@@ -437,10 +460,10 @@ # ones, so do not mess with it; see CAUTION comment up at top. if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ] then @@ -73,7 +103,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_PEER_CLIENT $S_PEER_PORT \ -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT fi -@@ -436,12 +436,12 @@ +@@ -449,12 +472,12 @@ # or sometimes host access via the internal IP is needed if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] then @@ -89,7 +119,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd fi # # log IPsec client connection setup -@@ -450,12 +450,38 @@ +@@ -463,12 +486,51 @@ if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO \ @@ -120,17 +150,30 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd + fi + + # Add source nat so also the gateway can access the other nets -+ src=$(/sbin/ip route|grep $PLUTO_MY_CLIENT|(read net key_dev dev key_proto key_kernel key_scope key_link key_src src; echo $src)) -+ iptables -t nat -A IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src -+ logger -t $TAG -p $FAC_PRIO \ -+ "snat+ $PLUTO_INTERFACE-$PLUTO_ME : $PLUTO_PEER_CLIENT - $src" ++ eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) ++ for _src in ${GREEN_ADDRESS} ${BLUE_ADDRESS} ${ORANGE_ADDRESS}; do ++ ip_in_subnet "${_src}" "${PLUTO_MY_CLIENT}" ++ if [ $? -eq 0 ]; then ++ src=${_src} ++ break ++ fi ++ done ++ ++ if [ -n "${src}" ]; then ++ iptables -t nat -A IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src ++ logger -t $TAG -p $FAC_PRIO \ ++ "snat+ $PLUTO_INTERFACE-$PLUTO_ME : $PLUTO_PEER_CLIENT - $src" ++ else ++ logger -t $TAG -p $FAC_PRIO \ ++ "Cannot create NAT rule because no IP of the IPFire does match the subnet. $PLUTO_MY_CLIENT" ++ fi + + # Flush routing cache + ip route flush cache ;; down-client:iptables) # connection to client subnet, with (left/right)firewall=yes, going down -@@ -463,11 +489,11 @@ +@@ -476,11 +538,11 @@ # ones, so do not mess with it; see CAUTION comment up at top. if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ] then @@ -145,7 +188,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_PEER_CLIENT $S_PEER_PORT \ -d $PLUTO_MY_CLIENT $D_MY_PORT \ $IPSEC_POLICY_IN -j ACCEPT -@@ -477,14 +503,14 @@ +@@ -490,14 +552,14 @@ # or sometimes host access via the internal IP is needed if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] then @@ -163,7 +206,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd fi # # log IPsec client connection teardown -@@ -493,12 +519,38 @@ +@@ -506,12 +568,51 @@ if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO -- \ @@ -194,17 +237,30 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd + fi + + # remove source nat -+ src=$(/sbin/ip route|grep $PLUTO_MY_CLIENT|(read net key_dev dev key_proto key_kernel key_scope key_link key_src src; echo $src)) -+ iptables -t nat -D IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src -+ logger -t $TAG -p $FAC_PRIO \ -+ "snat- $PLUTO_INTERFACE-$PLUTO_ME : $PLUTO_PEER_CLIENT - $src" ++ eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) ++ for _src in ${GREEN_ADDRESS} ${BLUE_ADDRESS} ${ORANGE_ADDRESS}; do ++ ip_in_subnet "${_src}" "${PLUTO_MY_CLIENT}" ++ if [ $? -eq 0 ]; then ++ src=${_src} ++ break ++ fi ++ done ++ ++ if [ -n "${src}" ]; then ++ iptables -t nat -D IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src ++ logger -t $TAG -p $FAC_PRIO \ ++ "snat- $PLUTO_INTERFACE-$PLUTO_ME : $PLUTO_PEER_CLIENT - $src" ++ else ++ logger -t $TAG -p $FAC_PRIO \ ++ "Cannot remove NAT rule because no IP of the IPFire does match the subnet." ++ fi + + # Flush routing cache + ip route flush cache ;; # # IPv6 -@@ -533,10 +585,10 @@ +@@ -546,10 +647,10 @@ # connection to me, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. @@ -217,7 +273,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \ -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT # -@@ -557,10 +609,10 @@ +@@ -570,10 +671,10 @@ # connection to me, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. @@ -230,7 +286,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \ -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT # -@@ -583,10 +635,10 @@ +@@ -596,10 +697,10 @@ # ones, so do not mess with it; see CAUTION comment up at top. if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ] then @@ -243,7 +299,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_PEER_CLIENT $S_PEER_PORT \ -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT fi -@@ -595,10 +647,10 @@ +@@ -608,10 +709,10 @@ # or sometimes host access via the internal IP is needed if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] then @@ -256,7 +312,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_MY_CLIENT $S_MY_PORT \ -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT fi -@@ -622,11 +674,11 @@ +@@ -635,11 +736,11 @@ # ones, so do not mess with it; see CAUTION comment up at top. if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ] then @@ -270,7 +326,7 @@ diff -Naur strongswan-4.4.0.org/src/_updown/_updown.in strongswan-4.4.0/src/_upd -s $PLUTO_PEER_CLIENT $S_PEER_PORT \ -d $PLUTO_MY_CLIENT $D_MY_PORT \ $IPSEC_POLICY_IN -j ACCEPT -@@ -636,11 +688,11 @@ +@@ -649,11 +750,11 @@ # or sometimes host access via the internal IP is needed if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ] then From f1f39aea071c0660f87cbd04b385bb77cb70cf00 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 13 Sep 2011 19:05:04 +0200 Subject: [PATCH 08/12] ovpnmain.cgi: change connected/disconnected to enabled/disabled at n2n connections. --- html/cgi-bin/ovpnmain.cgi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index b66299bf6..ea52f858c 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -3727,7 +3727,7 @@ END my $active = "
$Lang::tr{'capsclosed'}
"; if ($confighash{$key}[0] eq 'off') { - $active = "
$Lang::tr{'capsclosed'}
"; + $active = "
$Lang::tr{'disabled'}
"; } else { ### @@ -3750,7 +3750,7 @@ END # $p->close(); if (-e "/var/run/$confighash{$key}[1]n2n.pid") { - $active = "
$Lang::tr{'capsopen'}
"; + $active = "
$Lang::tr{'enabledtitle'}
"; } } From 828aaba2ac9d211f76ac9fef95e1dbd19c2315cb Mon Sep 17 00:00:00 2001 From: Alfred Haas Date: Tue, 13 Sep 2011 21:07:28 +0200 Subject: [PATCH 09/12] ovpnmain.cgi: disabed debug output. --- html/cgi-bin/ovpnmain.cgi | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index ea52f858c..165f3511c 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2011 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -33,8 +33,8 @@ require "${General::swroot}/header.pl"; require "${General::swroot}/countries.pl"; # enable only the following on debugging purpose -use warnings; -use CGI::Carp 'fatalsToBrowser'; +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; #workaround to suppress a warning when a variable is used only once my @dummy = ( ${Header::colourgreen} ); undef (@dummy); From c0c9df130fbb3c5080755822d227277627605196 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 13 Sep 2011 20:44:48 +0200 Subject: [PATCH 10/12] Remove OpenVPN changes in index.cgi. --- html/cgi-bin/index.cgi | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 0ef95ba8c..b325250a5 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -390,25 +390,6 @@ END END } -### -# m.a.d n2n -### - -if ( -d "${General::swroot}/ovpn/n2nconf") { -my %confighash=(); -&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash); -foreach my $dkey (keys %confighash) { -if ($confighash{$dkey}[0] eq 'on' && $confighash{$dkey}[3] eq 'net') { -my @n2novpnet = split(/\//,$confighash{$dkey}[27]); - print <OpenVPN n2n
- $n2novpnet[0] - $confighash{$dkey}[6] -END -} -} - } - # Fireinfo if ( ! -e "/var/ipfire/main/send_profile") { $warnmessage .= "
  • $Lang::tr{'fireinfo please enable'}
    • "; From 736d1ed96ec00bafb3635f67673796151de02774 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Fri, 16 Sep 2011 19:46:03 +0200 Subject: [PATCH 11/12] apache2: update to 2.2.21. --- config/rootfiles/core/53/filelists/apache2 | 1 + config/rootfiles/core/53/update.sh | 2 ++ lfs/apache2 | 4 ++-- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 120000 config/rootfiles/core/53/filelists/apache2 diff --git a/config/rootfiles/core/53/filelists/apache2 b/config/rootfiles/core/53/filelists/apache2 new file mode 120000 index 000000000..eef95efa7 --- /dev/null +++ b/config/rootfiles/core/53/filelists/apache2 @@ -0,0 +1 @@ +../../../common/apache2 \ No newline at end of file diff --git a/config/rootfiles/core/53/update.sh b/config/rootfiles/core/53/update.sh index 10b45b98e..fbf19954a 100644 --- a/config/rootfiles/core/53/update.sh +++ b/config/rootfiles/core/53/update.sh @@ -36,6 +36,7 @@ done #Stop services /etc/init.d/ipsec stop +/etc/init.d/apache stop # # Remove old strongswan libs @@ -65,6 +66,7 @@ sed -i -e "s|^options cfg80211 ieee80211_regdom=EU|#options cfg80211 ieee80211_r # #Start services +/etc/init.d/apache start if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then /etc/init.d/ipsec start fi diff --git a/lfs/apache2 b/lfs/apache2 index c5fd75429..f548271c5 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,7 +25,7 @@ include Config -VER = 2.2.20 +VER = 2.2.21 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -47,7 +47,7 @@ objects = $(DL_FILE) \ $(DL_FILE) = $(DL_FROM)/$(DL_FILE) httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch -$(DL_FILE)_MD5 = 1ac251431c8c4285f6b085c1d156bb56 +$(DL_FILE)_MD5 = 1696ae62cd879ab1d4dd9ff021a470f2 httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822 install : $(TARGET) From fa0bb39f77d3e5bbb5e178dd911f2347d6356277 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Fri, 16 Sep 2011 21:20:32 +0200 Subject: [PATCH 12/12] close core53. --- make.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make.sh b/make.sh index 37438678c..67464d545 100755 --- a/make.sh +++ b/make.sh @@ -26,7 +26,7 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.11" # Version number CORE="53" # Core Level (Filename) -PAKFIRE_CORE="52" # Core Level (PAKFIRE) +PAKFIRE_CORE="53" # Core Level (PAKFIRE) GIT_BRANCH=`git status | head -n1 | cut -d" " -f4` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir