Merge branch 'next' into gcc4.1.2

config/cfgroot/useragents

@@ -11,6 +11,7 @@ GOZILLA,Go!Zilla,(Go!Zilla)
 GOOGLE,Google Toolbar,(Google\sToolbar)
 JAVA,Java,(Java)
 KONQUEROR,Konqueror,(Konqueror)
+LIBWWWPERL,libwww-perl,(libww-perl)
 LYNX,Lynx,(Lynx)
 MSIE,Internet Explorer,(MSIE.*[)]$)
 NETSCAPE,Netscape,(^Mozilla\/4.[7|8])|(Netscape)

config/etc/modprobe.d/cfg80211

@@ -1,2 +1,2 @@
-options cfg80211 ieee80211_regdom=EU
+#options cfg80211 ieee80211_regdom=DE
 blacklist ieee80211

config/rootfiles/common/initscripts

@@ -110,6 +110,7 @@ etc/rc.d/init.d/snort
 etc/rc.d/init.d/squid
 etc/rc.d/init.d/sshd
 #etc/rc.d/init.d/sslh
+etc/rc.d/init.d/static-routes
 etc/rc.d/init.d/swap
 etc/rc.d/init.d/sysctl
 etc/rc.d/init.d/sysklogd

config/rootfiles/common/strongswan

@@ -10,21 +10,21 @@ etc/ipsec.d/private
 etc/ipsec.d/reqs
 etc/ipsec.secrets
 etc/strongswan.conf
-#usr/lib/libcharon.a
-#usr/lib/libcharon.la
-usr/lib/libcharon.so
-usr/lib/libcharon.so.0
-usr/lib/libcharon.so.0.0.0
-#usr/lib/libhydra.a
-#usr/lib/libhydra.la
-usr/lib/libhydra.so
-usr/lib/libhydra.so.0
-usr/lib/libhydra.so.0.0.0
-#usr/lib/libstrongswan.a
-#usr/lib/libstrongswan.la
-usr/lib/libstrongswan.so
-usr/lib/libstrongswan.so.0
-usr/lib/libstrongswan.so.0.0.0
+#usr/lib/ipsec/libcharon.a
+#usr/lib/ipsec/libcharon.la
+usr/lib/ipsec/libcharon.so
+usr/lib/ipsec/libcharon.so.0
+usr/lib/ipsec/libcharon.so.0.0.0
+#usr/lib/ipsec/libhydra.a
+#usr/lib/ipsec/libhydra.la
+usr/lib/ipsec/libhydra.so
+usr/lib/ipsec/libhydra.so.0
+usr/lib/ipsec/libhydra.so.0.0.0
+#usr/lib/ipsec/libstrongswan.a
+#usr/lib/ipsec/libstrongswan.la
+usr/lib/ipsec/libstrongswan.so
+usr/lib/ipsec/libstrongswan.so.0
+usr/lib/ipsec/libstrongswan.so.0.0.0
 #usr/libexec/ipsec
 usr/libexec/ipsec/_copyright
 usr/libexec/ipsec/_pluto_adns
@@ -33,85 +33,86 @@ usr/libexec/ipsec/_updown_espmark
 usr/libexec/ipsec/charon
 usr/libexec/ipsec/openac
 usr/libexec/ipsec/pki
-#usr/libexec/ipsec/plugins
-#usr/libexec/ipsec/plugins/libstrongswan-aes.a
-#usr/libexec/ipsec/plugins/libstrongswan-aes.la
-usr/libexec/ipsec/plugins/libstrongswan-aes.so
-#usr/libexec/ipsec/plugins/libstrongswan-attr.a
-#usr/libexec/ipsec/plugins/libstrongswan-attr.la
-usr/libexec/ipsec/plugins/libstrongswan-attr.so
-#usr/libexec/ipsec/plugins/libstrongswan-constraints.a
-#usr/libexec/ipsec/plugins/libstrongswan-constraints.la
-usr/libexec/ipsec/plugins/libstrongswan-constraints.so
-#usr/libexec/ipsec/plugins/libstrongswan-curl.a
-#usr/libexec/ipsec/plugins/libstrongswan-curl.la
-usr/libexec/ipsec/plugins/libstrongswan-curl.so
-#usr/libexec/ipsec/plugins/libstrongswan-des.a
-#usr/libexec/ipsec/plugins/libstrongswan-des.la
-usr/libexec/ipsec/plugins/libstrongswan-des.so
-#usr/libexec/ipsec/plugins/libstrongswan-dnskey.a
-#usr/libexec/ipsec/plugins/libstrongswan-dnskey.la
-usr/libexec/ipsec/plugins/libstrongswan-dnskey.so
-#usr/libexec/ipsec/plugins/libstrongswan-fips-prf.a
-#usr/libexec/ipsec/plugins/libstrongswan-fips-prf.la
-usr/libexec/ipsec/plugins/libstrongswan-fips-prf.so
-#usr/libexec/ipsec/plugins/libstrongswan-gmp.a
-#usr/libexec/ipsec/plugins/libstrongswan-gmp.la
-usr/libexec/ipsec/plugins/libstrongswan-gmp.so
-#usr/libexec/ipsec/plugins/libstrongswan-hmac.a
-#usr/libexec/ipsec/plugins/libstrongswan-hmac.la
-usr/libexec/ipsec/plugins/libstrongswan-hmac.so
-#usr/libexec/ipsec/plugins/libstrongswan-kernel-netlink.a
-#usr/libexec/ipsec/plugins/libstrongswan-kernel-netlink.la
-usr/libexec/ipsec/plugins/libstrongswan-kernel-netlink.so
-#usr/libexec/ipsec/plugins/libstrongswan-md5.a
-#usr/libexec/ipsec/plugins/libstrongswan-md5.la
-usr/libexec/ipsec/plugins/libstrongswan-md5.so
-#usr/libexec/ipsec/plugins/libstrongswan-pem.a
-#usr/libexec/ipsec/plugins/libstrongswan-pem.la
-usr/libexec/ipsec/plugins/libstrongswan-pem.so
-#usr/libexec/ipsec/plugins/libstrongswan-pgp.a
-#usr/libexec/ipsec/plugins/libstrongswan-pgp.la
-usr/libexec/ipsec/plugins/libstrongswan-pgp.so
-#usr/libexec/ipsec/plugins/libstrongswan-pkcs1.a
-#usr/libexec/ipsec/plugins/libstrongswan-pkcs1.la
-usr/libexec/ipsec/plugins/libstrongswan-pkcs1.so
-#usr/libexec/ipsec/plugins/libstrongswan-pubkey.a
-#usr/libexec/ipsec/plugins/libstrongswan-pubkey.la
-usr/libexec/ipsec/plugins/libstrongswan-pubkey.so
-#usr/libexec/ipsec/plugins/libstrongswan-random.a
-#usr/libexec/ipsec/plugins/libstrongswan-random.la
-usr/libexec/ipsec/plugins/libstrongswan-random.so
-#usr/libexec/ipsec/plugins/libstrongswan-resolve.a
-#usr/libexec/ipsec/plugins/libstrongswan-resolve.la
-usr/libexec/ipsec/plugins/libstrongswan-resolve.so
-#usr/libexec/ipsec/plugins/libstrongswan-revocation.a
-#usr/libexec/ipsec/plugins/libstrongswan-revocation.la
-usr/libexec/ipsec/plugins/libstrongswan-revocation.so
-#usr/libexec/ipsec/plugins/libstrongswan-sha1.a
-#usr/libexec/ipsec/plugins/libstrongswan-sha1.la
-usr/libexec/ipsec/plugins/libstrongswan-sha1.so
-#usr/libexec/ipsec/plugins/libstrongswan-sha2.a
-#usr/libexec/ipsec/plugins/libstrongswan-sha2.la
-usr/libexec/ipsec/plugins/libstrongswan-sha2.so
-#usr/libexec/ipsec/plugins/libstrongswan-socket-raw.a
-#usr/libexec/ipsec/plugins/libstrongswan-socket-raw.la
-usr/libexec/ipsec/plugins/libstrongswan-socket-raw.so
-#usr/libexec/ipsec/plugins/libstrongswan-stroke.a
-#usr/libexec/ipsec/plugins/libstrongswan-stroke.la
-usr/libexec/ipsec/plugins/libstrongswan-stroke.so
-#usr/libexec/ipsec/plugins/libstrongswan-updown.a
-#usr/libexec/ipsec/plugins/libstrongswan-updown.la
-usr/libexec/ipsec/plugins/libstrongswan-updown.so
-#usr/libexec/ipsec/plugins/libstrongswan-x509.a
-#usr/libexec/ipsec/plugins/libstrongswan-x509.la
-usr/libexec/ipsec/plugins/libstrongswan-x509.so
-#usr/libexec/ipsec/plugins/libstrongswan-xauth.a
-#usr/libexec/ipsec/plugins/libstrongswan-xauth.la
-usr/libexec/ipsec/plugins/libstrongswan-xauth.so
-#usr/libexec/ipsec/plugins/libstrongswan-xcbc.a
-#usr/libexec/ipsec/plugins/libstrongswan-xcbc.la
-usr/libexec/ipsec/plugins/libstrongswan-xcbc.so
+#usr/lib/ipsec
+#usr/lib/ipsec/plugins
+#usr/lib/ipsec/plugins/libstrongswan-aes.a
+#usr/lib/ipsec/plugins/libstrongswan-aes.la
+usr/lib/ipsec/plugins/libstrongswan-aes.so
+#usr/lib/ipsec/plugins/libstrongswan-attr.a
+#usr/lib/ipsec/plugins/libstrongswan-attr.la
+usr/lib/ipsec/plugins/libstrongswan-attr.so
+#usr/lib/ipsec/plugins/libstrongswan-constraints.a
+#usr/lib/ipsec/plugins/libstrongswan-constraints.la
+usr/lib/ipsec/plugins/libstrongswan-constraints.so
+#usr/lib/ipsec/plugins/libstrongswan-curl.a
+#usr/lib/ipsec/plugins/libstrongswan-curl.la
+usr/lib/ipsec/plugins/libstrongswan-curl.so
+#usr/lib/ipsec/plugins/libstrongswan-des.a
+#usr/lib/ipsec/plugins/libstrongswan-des.la
+usr/lib/ipsec/plugins/libstrongswan-des.so
+#usr/lib/ipsec/plugins/libstrongswan-dnskey.a
+#usr/lib/ipsec/plugins/libstrongswan-dnskey.la
+usr/lib/ipsec/plugins/libstrongswan-dnskey.so
+#usr/lib/ipsec/plugins/libstrongswan-fips-prf.a
+#usr/lib/ipsec/plugins/libstrongswan-fips-prf.la
+usr/lib/ipsec/plugins/libstrongswan-fips-prf.so
+#usr/lib/ipsec/plugins/libstrongswan-gmp.a
+#usr/lib/ipsec/plugins/libstrongswan-gmp.la
+usr/lib/ipsec/plugins/libstrongswan-gmp.so
+#usr/lib/ipsec/plugins/libstrongswan-hmac.a
+#usr/lib/ipsec/plugins/libstrongswan-hmac.la
+usr/lib/ipsec/plugins/libstrongswan-hmac.so
+#usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.a
+#usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.la
+usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so
+#usr/lib/ipsec/plugins/libstrongswan-md5.a
+#usr/lib/ipsec/plugins/libstrongswan-md5.la
+usr/lib/ipsec/plugins/libstrongswan-md5.so
+#usr/lib/ipsec/plugins/libstrongswan-pem.a
+#usr/lib/ipsec/plugins/libstrongswan-pem.la
+usr/lib/ipsec/plugins/libstrongswan-pem.so
+#usr/lib/ipsec/plugins/libstrongswan-pgp.a
+#usr/lib/ipsec/plugins/libstrongswan-pgp.la
+usr/lib/ipsec/plugins/libstrongswan-pgp.so
+#usr/lib/ipsec/plugins/libstrongswan-pkcs1.a
+#usr/lib/ipsec/plugins/libstrongswan-pkcs1.la
+usr/lib/ipsec/plugins/libstrongswan-pkcs1.so
+#usr/lib/ipsec/plugins/libstrongswan-pubkey.a
+#usr/lib/ipsec/plugins/libstrongswan-pubkey.la
+usr/lib/ipsec/plugins/libstrongswan-pubkey.so
+#usr/lib/ipsec/plugins/libstrongswan-random.a
+#usr/lib/ipsec/plugins/libstrongswan-random.la
+usr/lib/ipsec/plugins/libstrongswan-random.so
+#usr/lib/ipsec/plugins/libstrongswan-resolve.a
+#usr/lib/ipsec/plugins/libstrongswan-resolve.la
+usr/lib/ipsec/plugins/libstrongswan-resolve.so
+#usr/lib/ipsec/plugins/libstrongswan-revocation.a
+#usr/lib/ipsec/plugins/libstrongswan-revocation.la
+usr/lib/ipsec/plugins/libstrongswan-revocation.so
+#usr/lib/ipsec/plugins/libstrongswan-sha1.a
+#usr/lib/ipsec/plugins/libstrongswan-sha1.la
+usr/lib/ipsec/plugins/libstrongswan-sha1.so
+#usr/lib/ipsec/plugins/libstrongswan-sha2.a
+#usr/lib/ipsec/plugins/libstrongswan-sha2.la
+usr/lib/ipsec/plugins/libstrongswan-sha2.so
+#usr/lib/ipsec/plugins/libstrongswan-socket-raw.a
+#usr/lib/ipsec/plugins/libstrongswan-socket-raw.la
+usr/lib/ipsec/plugins/libstrongswan-socket-raw.so
+#usr/lib/ipsec/plugins/libstrongswan-stroke.a
+#usr/lib/ipsec/plugins/libstrongswan-stroke.la
+usr/lib/ipsec/plugins/libstrongswan-stroke.so
+#usr/lib/ipsec/plugins/libstrongswan-updown.a
+#usr/lib/ipsec/plugins/libstrongswan-updown.la
+usr/lib/ipsec/plugins/libstrongswan-updown.so
+#usr/lib/ipsec/plugins/libstrongswan-x509.a
+#usr/lib/ipsec/plugins/libstrongswan-x509.la
+usr/lib/ipsec/plugins/libstrongswan-x509.so
+#usr/lib/ipsec/plugins/libstrongswan-xauth.a
+#usr/lib/ipsec/plugins/libstrongswan-xauth.la
+usr/lib/ipsec/plugins/libstrongswan-xauth.so
+#usr/lib/ipsec/plugins/libstrongswan-xcbc.a
+#usr/lib/ipsec/plugins/libstrongswan-xcbc.la
+usr/lib/ipsec/plugins/libstrongswan-xcbc.so
 usr/libexec/ipsec/pluto
 usr/libexec/ipsec/scepclient
 usr/libexec/ipsec/starter

config/rootfiles/core/51/filelists/dhcp

@@ -0,0 +1 @@
+../../../common/dhcp

config/rootfiles/core/51/filelists/files

@@ -1,3 +1,4 @@
 etc/system-release
 etc/sysctl.conf
 var/ipfire/langs/
+var/ipfire/proxy/advanced/useragents

config/rootfiles/core/51/update.sh

@@ -44,12 +44,11 @@ fi
 
 
 #
-# check if we the backup file already exist
-if [ -e /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 ]; then
-    echo Moving backup to backup-old ...
-    mv -f /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \
-       /var/ipfire/backup/core-upgrade_$KVER-old.tar.bz2
-fi
+# erase old backups to prefent disk-full on small installations
+rm -f /var/ipfire/backup/core-upgrade_*.tar.bz2
+
+#
+# backup
 echo First we made a backup of all files that was inside of the
 echo update archive. This may take a while ...
 # Add some files that are not in the package to backup
@@ -80,7 +79,7 @@ cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org
 /etc/init.d/snort stop
 /etc/init.d/squid stop
 /etc/init.d/ipsec stop
-
+/etc/init.d/dhcp stop
 #
 # Unpack the updated files
 #
@@ -97,12 +96,14 @@ rm -f /etc/modprobe.d/ralink_wireless
 #
 # Start services
 #
+/etc/init.d/dhcp start
 /etc/init.d/squid start
 /etc/init.d/snort start
 if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
 	/etc/init.d/ipsec start
 fi
 
+
 #
 # Modify grub.conf
 #
@@ -142,6 +143,11 @@ perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
 #
 rm -rf /etc/sysconfig/lm_sensors
 
+# Ensure that all data was written...
+sync
+sync
+sync
+
 # Reboot message to console
 /usr/bin/logger -p syslog.emerg -t core-upgrade-51 "Upgrade finished. If you use a customized grub.cfg"
 /usr/bin/logger -p syslog.emerg -t core-upgrade-51 "Check it before reboot !!!"
@@ -154,5 +160,12 @@ touch /var/run/need_reboot
 #Finish
 /etc/init.d/fireinfo start
 sendprofile
+
+# Ensure that all data was written...
+sync
+sync
+sync
+
+#
 #Don't report the exitcode last command
 exit 0

config/rootfiles/core/next/filelists/crda

@@ -1 +0,0 @@
-../../../common/crda

config/rootfiles/core/next/filelists/dracut

@@ -1 +0,0 @@
-../../../common/dracut

config/rootfiles/core/next/filelists/grub

@@ -1 +0,0 @@
-../../../common/grub

config/rootfiles/core/next/filelists/iw

@@ -1 +0,0 @@
-../../../common/iw

config/rootfiles/core/next/filelists/linux

@@ -1 +0,0 @@
-../../../common/linux

config/rootfiles/core/next/filelists/linux-firmware

@@ -1 +0,0 @@
-../../../common/linux-firmware

config/rootfiles/core/next/filelists/wireless-regdb

@@ -1 +0,0 @@
-../../../common/wireless-regdb

config/rootfiles/core/next/filelists/zd1211-firmware

@@ -1 +0,0 @@
-../../../common/zd1211-firmware

config/rootfiles/core/next/update.sh

@@ -23,116 +23,53 @@
 #
 . /opt/pakfire/lib/functions.sh
 /usr/local/bin/backupctrl exclude >/dev/null 2>&1
-#
-KVER="xxxKVERxxx"
-MOUNT=`grep "kernel" /boot/grub/grub.conf | tail -n 1`
-# Nur den letzten Parameter verwenden
-echo $MOUNT > /dev/null
-MOUNT=$_
-if [ ! $MOUNT == "rw" ]; then
-	MOUNT="ro"
-fi
-
 
 #
-# check if we the backup file already exist
-if [ -e /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 ]; then
-    echo Moving backup to backup-old ...
-    mv -f /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \
-       /var/ipfire/backup/core-upgrade_$KVER-old.tar.bz2
-fi
-echo First we made a backup of all files that was inside of the
-echo update archive. This may take a while ...
-# Add some files that are not in the package to backup
-echo lib/modules >> /opt/pakfire/tmp/ROOTFILES
-echo boot >> /opt/pakfire/tmp/ROOTFILES
-
-# Backup the files
-tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \
-    -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' > /dev/null 2>&1
-
-echo
-echo Update Kernel to $KVER ...
-# Remove old kernel, configs, initrd, modules ...
-#
-rm -rf /boot/System.map-*
-rm -rf /boot/config-*
-rm -rf /boot/ipfirerd-*
-rm -rf /boot/vmlinuz-*
-rm -rf /lib/modules/*-ipfire
-#
-# Backup grub.conf
-#
-cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org
+# Remove old core updates from pakfire cache to save space...
+core=52
+for (( i=1; i<=$core; i++ ))
+do
+	rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
 
 #
-# Stop services to save memory
-#
-/etc/init.d/snort stop
-/etc/init.d/squid stop
+#Stop services
+
 /etc/init.d/ipsec stop
 
 #
-# Unpack the updated files
-#
-echo
-echo Unpack the updated files ...
-#
-tar xvf /opt/pakfire/tmp/files --preserve --numeric-owner -C / \
-	--no-overwrite-dir
+# Remove old strongswan libs
+rm -rf /usr/lib/libcharon.so
+rm -rf /usr/lib/libcharon.so.0
+rm -rf /usr/lib/libcharon.so.0.0.0
+rm -rf /usr/lib/libhydra.so
+rm -rf /usr/lib/libhydra.so.0
+rm -rf /usr/lib/libhydra.so.0.0.0
+rm -rf /usr/lib/libstrongswan.so
+rm -rf /usr/lib/libstrongswan.so.0
+rm -rf /usr/lib/libstrongswan.so.0.0.0
+rm -rf /usr/libexec/ipsec/plugins
 
 #
-# Enable ralink rt73 hardware encryption again
-rm -f /etc/modprobe.d/ralink_wireless
+#Extract files
+extract_files
 
 #
-# Start services
-#
-/etc/init.d/squid start
-/etc/init.d/snort start
+#Start services
+
 if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
 	/etc/init.d/ipsec start
 fi
 
 #
-# Modify grub.conf
-#
-echo
-echo Update grub configuration ...
-ROOT=`mount | grep " / " | cut -d" " -f1`
-if [ ! -z $ROOT ]; then
-	ROOTUUID=`blkid -c /dev/null -sUUID $ROOT | cut -d'"' -f2`
-fi
-if [ ! -z $ROOTUUID ]; then
-	sed -i "s|ROOT|UUID=$ROOTUUID|g" /boot/grub/grub.conf
-else
-	sed -i "s|ROOT|$ROOT|g" /boot/grub/grub.conf
-fi
-sed -i "s|KVER|$KVER|g" /boot/grub/grub.conf
-sed -i "s|MOUNT|$MOUNT|g" /boot/grub/grub.conf
-
-if [ "$(grep "^serial" /boot/grub/grub.conf.org)" == "" ]; then
-	echo "grub use default console ..."
-else
-	echo "grub use serial console ..."
-	sed -i -e "s|splashimage|#splashimage|g" /boot/grub/grub.conf
-	sed -i -e "s|#serial|serial|g" /boot/grub/grub.conf
-	sed -i -e "s|#terminal|terminal|g" /boot/grub/grub.conf
-	sed -i -e "s| panic=10 | console=ttyS0,38400n8 panic=10 |g" /boot/grub/grub.conf
-fi
-#
-# ReInstall grub
-#
-grub-install --no-floppy ${ROOT::`expr length $ROOT`-1} --recheck
-#
-# Rebuild Language
-#
+#Update Language cache
 perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
-#
-# Delete old lm-sensor modullist to force search at next boot
-#
-rm -rf /etc/sysconfig/lm_sensors
-##
+
+#Rebuild module dep's
+#depmod 2.6.32.45-ipfire     >/dev/null 2>&1
+#depmod 2.6.32.45-ipfire-pae >/dev/null 2>&1
+#depmod 2.6.32.45-ipfire-xen >/dev/null 2>&1
+
 ## Change version of Pakfire.conf
 ##
 #OLDVERSION=`grep "version = " /opt/pakfire/etc/pakfire.conf | cut -d'"' -f2`
@@ -162,6 +99,10 @@ rm -rf /etc/sysconfig/lm_sensors
 #echo
 #echo Please wait until pakfire has ended...
 #echo
-/usr/bin/logger -p syslog.emerg -t core-upgrade-next "Upgrade finished. If you use a customized grub.cfg"
-/usr/bin/logger -p syslog.emerg -t core-upgrade-next "Check it before reboot !!!"
-/usr/bin/logger -p syslog.emerg -t core-upgrade-next " *** Please reboot... *** "
+
+#
+#Finish
+/etc/init.d/fireinfo start
+sendprofile
+#Don't report the exitcode last command
+exit 0

config/rootfiles/packages/ipfireseeder

@@ -1,5 +1,5 @@
 etc/rc.d/init.d/ipfireseeder
 #var/ipfire/seeder
-var/ipfire/seeder/ipfire-2.9.i586-full-core50.iso.torrent
+var/ipfire/seeder/ipfire-2.9.i586-full-core51.iso.torrent
 #var/log/seeder
 var/log/seeder/info

config/rootfiles/packages/libsatsolver

@@ -1,52 +0,0 @@
-#usr/include/satsolver
-#usr/include/satsolver/bitmap.h
-#usr/include/satsolver/chksum.h
-#usr/include/satsolver/dirpool.h
-#usr/include/satsolver/evr.h
-#usr/include/satsolver/hash.h
-#usr/include/satsolver/knownid.h
-#usr/include/satsolver/md5.h
-#usr/include/satsolver/policy.h
-#usr/include/satsolver/pool.h
-#usr/include/satsolver/pool_fileconflicts.h
-#usr/include/satsolver/poolarch.h
-#usr/include/satsolver/poolid.h
-#usr/include/satsolver/pooltypes.h
-#usr/include/satsolver/poolvendor.h
-#usr/include/satsolver/problems.h
-#usr/include/satsolver/queue.h
-#usr/include/satsolver/repo.h
-#usr/include/satsolver/repo_content.h
-#usr/include/satsolver/repo_deb.h
-#usr/include/satsolver/repo_deltainfoxml.h
-#usr/include/satsolver/repo_helix.h
-#usr/include/satsolver/repo_products.h
-#usr/include/satsolver/repo_releasefile_products.h
-#usr/include/satsolver/repo_repomdxml.h
-#usr/include/satsolver/repo_rpmdb.h
-#usr/include/satsolver/repo_rpmmd.h
-#usr/include/satsolver/repo_solv.h
-#usr/include/satsolver/repo_susetags.h
-#usr/include/satsolver/repo_updateinfoxml.h
-#usr/include/satsolver/repo_write.h
-#usr/include/satsolver/repo_zyppdb.h
-#usr/include/satsolver/repodata.h
-#usr/include/satsolver/repopage.h
-#usr/include/satsolver/rules.h
-#usr/include/satsolver/sat_xfopen.h
-#usr/include/satsolver/satversion.h
-#usr/include/satsolver/sha1.h
-#usr/include/satsolver/sha2.h
-#usr/include/satsolver/solvable.h
-#usr/include/satsolver/solver.h
-#usr/include/satsolver/solverdebug.h
-#usr/include/satsolver/strpool.h
-#usr/include/satsolver/tools_util.h
-#usr/include/satsolver/transaction.h
-#usr/include/satsolver/util.h
-usr/lib/libsatsolver.so
-usr/lib/libsatsolver.so.0
-usr/lib/libsatsolver.so.0.17
-usr/lib/libsatsolverext.so
-usr/lib/libsatsolverext.so.0
-usr/lib/libsatsolverext.so.0.17

config/rootfiles/packages/libsolv

@@ -0,0 +1,47 @@
+#usr/include/solv
+#usr/include/solv/bitmap.h
+#usr/include/solv/chksum.h
+#usr/include/solv/dirpool.h
+#usr/include/solv/evr.h
+#usr/include/solv/hash.h
+#usr/include/solv/knownid.h
+#usr/include/solv/policy.h
+#usr/include/solv/pool.h
+#usr/include/solv/pool_fileconflicts.h
+#usr/include/solv/poolarch.h
+#usr/include/solv/poolid.h
+#usr/include/solv/pooltypes.h
+#usr/include/solv/poolvendor.h
+#usr/include/solv/problems.h
+#usr/include/solv/queue.h
+#usr/include/solv/repo.h
+#usr/include/solv/repo_content.h
+#usr/include/solv/repo_deb.h
+#usr/include/solv/repo_deltainfoxml.h
+#usr/include/solv/repo_helix.h
+#usr/include/solv/repo_products.h
+#usr/include/solv/repo_releasefile_products.h
+#usr/include/solv/repo_repomdxml.h
+#usr/include/solv/repo_rpmdb.h
+#usr/include/solv/repo_rpmmd.h
+#usr/include/solv/repo_solv.h
+#usr/include/solv/repo_susetags.h
+#usr/include/solv/repo_updateinfoxml.h
+#usr/include/solv/repo_write.h
+#usr/include/solv/repo_zyppdb.h
+#usr/include/solv/repodata.h
+#usr/include/solv/repopage.h
+#usr/include/solv/rules.h
+#usr/include/solv/solv_xfopen.h
+#usr/include/solv/solvable.h
+#usr/include/solv/solver.h
+#usr/include/solv/solverdebug.h
+#usr/include/solv/solvversion.h
+#usr/include/solv/strpool.h
+#usr/include/solv/tools_util.h
+#usr/include/solv/transaction.h
+#usr/include/solv/util.h
+usr/lib/libsolv.so
+usr/lib/libsolv.so.0
+usr/lib/libsolvext.so
+usr/lib/libsolvext.so.0

config/rootfiles/packages/python-satsolver

@@ -1,2 +0,0 @@
-usr/lib/python2.7/site-packages/_satsolver.so
-usr/lib/python2.7/site-packages/satsolver.py

html/cgi-bin/vpnmain.cgi

@@ -439,6 +439,7 @@ sub writeipsecfiles {
 	# Automatically start only if a net-to-net connection
 	if ($lconfighash{$key}[3] eq 'host') {
 	    print CONF "\tauto=add\n";
+	    print CONF "\trightsourceip=$lvpnsettings{'RW_NET'}\n";
 	} else {
 	    print CONF "\tauto=start\n";
 	}

lfs/dhcp

@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 3.1.0
+VER        = 3.1-ESV-R3
 
 THISAPP    = dhcp-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 27d179a3c3fbef576566b456a1168246
+$(DL_FILE)_MD5 = af3d8db60f62664f1d5538b81e406459
 
 install : $(TARGET)
 
@@ -70,7 +70,6 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-3.0.4-iproute2-1.patch
 	cd $(DIR_APP) && ./configure
 	cd $(DIR_APP) && make $(MAKETUNING)
 	cd $(DIR_APP) && make LIBDIR=/usr/lib INCDIR=/usr/include install

lfs/ipfireseeder

@@ -27,13 +27,13 @@ include Config
 VER        = 1.00
 
 THISAPP    = ipfireseeder-$(VER)
-DL_FILE    = ipfire-2.9.i586-full-core50.iso.torrent
+DL_FILE    = ipfire-2.9.i586-full-core51.iso.torrent
 
 DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = ipfireseeder
-PAK_VER    = 26
+PAK_VER    = 27
 
 DEPS       = "rtorrent"
 
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 07d3b03c3042f67464a33319207d2795
+$(DL_FILE)_MD5 = fa40cd03e4b0a11f8f703595a5c01a76
 
 install : $(TARGET)
 

lfs/kvm-kmod

@@ -34,7 +34,7 @@ else
 endif
 endif
 
-VER        = 2.6.38.6
+VER        = 3.0b
 
 THISAPP    = kvm-kmod-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = b631ba6ba7b0d3c07de870c6104ffbd5
+$(DL_FILE)_MD5 = 19792041adc25779b31ea5c5fdca7d8c
 
 install : $(TARGET)
 
@@ -83,7 +83,7 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/$(THISAPP)_remove_pvclock_scale_delta_redifinition.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/$(THISAPP)_remove_pvclock_scale_delta_redefinition.patch
 	cd $(DIR_APP) && ./configure --kerneldir=/usr/src/linux
 	cd $(DIR_APP) && make $(MAKETUNING)
 	cd $(DIR_APP) && install -m 644 x86/*.ko \

lfs/linux

@@ -24,18 +24,18 @@
 
 include Config
 
-PATCHLEVEL = .44
-VER        = 2.6.32.44
+PATCHLEVEL = .45
+VER        = 2.6.32.45
 
 THISAPP    = linux-$(VER)
-DL_FILE    = $(THISAPP).tar.bz2
+DL_FILE    = $(THISAPP).tar.gz
 DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 CFLAGS     =
 CXXFLAGS   =
 
 PROG	   = linux-xen
-PAK_VER    = 18
+PAK_VER    = 19
 DEPS	   = ""
 
 # Normal build or XEN build.
@@ -68,7 +68,7 @@ patch-2.6.16-nath323-1.3.bz2		= $(URL_IPFIRE)/patch-2.6.16-nath323-1.3.bz2
 reiser4-for-2.6.32.patch.bz2		= $(URL_IPFIRE)/reiser4-for-2.6.32.patch.bz2
 xen-patches-2.6.32-2f.tar.bz2		= $(URL_IPFIRE)/xen-patches-2.6.32-2f.tar.bz2
 
-$(DL_FILE)_MD5				= 38d43bb91fff88783f57ada146415029
+$(DL_FILE)_MD5				= d41f1c7e704cc95fdfc3374367b6fd64
 netfilter-layer7-v2.22.tar.gz_MD5	= 98dff8a3d5a31885b73341633f69501f
 patch-2.6.16-nath323-1.3.bz2_MD5	= f926409ff703a307baf54b57ab75d138
 reiser4-for-2.6.32.patch.bz2_MD5	= 3246397973d9271eb8e6d7c97c5d2d91
@@ -103,7 +103,7 @@ $(subst %,%_MD5,$(objects)) :
 
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
-	@rm -rf $(DIR_APP) $(DIR_SRC)/linux $(DIR_SRC)/linux-*-suse_xen_patches $(DIR_SRC)/xen-* && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+	@rm -rf $(DIR_APP) $(DIR_SRC)/linux $(DIR_SRC)/linux-*-suse_xen_patches $(DIR_SRC)/xen-* && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
 
 	ln -s linux-$(VER) /usr/src/linux
 

lfs/strongswan

@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 4.5.3dr7
+VER        = 4.5.3
 
 THISAPP    = strongswan-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 72036d309e254c0b3cad8e5473d68218
+$(DL_FILE)_MD5 = ee7c50a90c91307b111e8085f2479890
 
 install : $(TARGET)
 

src/misc-progs/ipsecctrl.c

@@ -142,10 +142,42 @@ int decode_line (char *s,
 */
 void turn_connection_on (char *name, char *type) {
 /*
-    if you find a way to start a single connection without changing all add it
-    here. Change also vpn-watch.
+	Rename the connection and run ipsec update and rename it back to readd
+	a deleted connection. Because ipsec update ignores connection that have
+	not changed since last load.
 */
-        safe_system("/etc/rc.d/init.d/ipsec restart >/dev/null");
+        char command[STRING_SIZE];
+        memset(command, 0, STRING_SIZE);
+        snprintf(command, STRING_SIZE - 1, 
+                "sed -i -e 's|^conn %s$|conn %s-renamed|g' /var/ipfire/vpn/ipsec.conf >/dev/null", name, name);
+        safe_system(command);
+
+	// Down and delete IKEv2 Tunnel before ipsec update
+        snprintf(command, STRING_SIZE - 1, 
+                "/usr/sbin/ipsec stroke down %s >/dev/null", name);
+        safe_system(command);
+        snprintf(command, STRING_SIZE - 1, 
+                "/usr/sbin/ipsec stroke delete %s >/dev/null", name);
+        safe_system(command);
+
+        safe_system("/etc/rc.d/init.d/ipsec update >/dev/null");
+
+	sleep(1);
+
+	// Back to original name
+	snprintf(command, STRING_SIZE - 1, 
+                "sed -i -e 's|^conn %s-renamed$|conn %s|g' /var/ipfire/vpn/ipsec.conf >/dev/null", name, name);
+        safe_system(command);
+
+	// Down and delete IKEv2 Tunnel before ipsec update
+        snprintf(command, STRING_SIZE - 1, 
+                "/usr/sbin/ipsec stroke down %s-renamed >/dev/null", name);
+        safe_system(command);
+        snprintf(command, STRING_SIZE - 1, 
+                "/usr/sbin/ipsec stroke delete %s-renamed >/dev/null", name);
+        safe_system(command);
+
+        safe_system("/etc/rc.d/init.d/ipsec update >/dev/null");
 }
 /*
     issue ipsec commmands to turn off connection 'name'
@@ -162,6 +194,7 @@ void turn_connection_off (char *name) {
         snprintf(command, STRING_SIZE - 1, 
                 "/usr/sbin/ipsec stroke delete %s >/dev/null", name);
         safe_system(command);
+
         safe_system("/usr/sbin/ipsec whack --rereadall >/dev/null");
         safe_system("/usr/sbin/ipsec stroke rereadall >/dev/null");
 

src/patches/dhcp-3.0.4-iproute2-1.patch

@@ -1,230 +0,0 @@
-Submitted By: DJ Lucas (dj at linuxfromscratch dot org)
-Date: 2005-06-18
-Initial Package Version: 3.0.2
-Origin: Jim Gifford, Bruce Dubbs, DJ Lucas
-Description: Fixes client script to use iproute2 (added flush to previous 
-             unversioned patches)
-Upstream Status:  Not submitted
-
---- dhcp-3.0.2-orig/client/scripts/linux	2002-11-14 19:09:09.000000000 -0600
-+++ dhcp-3.0.2/client/scripts/linux	2005-06-18 22:54:59.000000000 -0500
-@@ -1,26 +1,15 @@
- #!/bin/bash
- # dhclient-script for Linux. Dan Halbert, March, 1997.
- # Updated for Linux 2.[12] by Brian J. Murrell, January 1999.
--# No guarantees about this. I'm a novice at the details of Linux
--# networking.
-+
-+# Updated to iproute2 by Jim Gifford (scripts@jg555.com)
- 
- # Notes:
- 
- # 0. This script is based on the netbsd script supplied with dhcp-970306.
--
--# 1. ifconfig down apparently deletes all relevant routes and flushes
--# the arp cache, so this doesn't need to be done explicitly.
--
--# 2. The alias address handling here has not been tested AT ALL.
--# I'm just going by the doc of modern Linux ip aliasing, which uses
--# notations like eth0:0, eth0:1, for each alias.
--
--# 3. I have to calculate the network address, and calculate the broadcast
--# address if it is not supplied. This might be much more easily done
--# by the dhclient C code, and passed on.
--
--# 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious
--# of the $1 in its args.
-+# 1. This script was modified to work with iproute2
-+# 2. cidr_convert based on a script by Kevin Fleming (kpfleming@linuxfromscratch.org)
-+# 3. Updated to delete addresses when taking an interface down (bdubbs@linuxfromscratch.org)
- 
- make_resolv_conf() {
-   if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then
-@@ -32,6 +21,30 @@
-   fi
- }
- 
-+dec2binary()
-+{
-+    local n=$1
-+    local ret=""
-+    while [ $n != 0 ]; do
-+        ret=$[$n%2]$ret
-+        n=$[$n>>1]
-+    done
-+    echo $ret
-+}
-+
-+mask_to_binary()
-+{
-+    echo `dec2binary $1``dec2binary $2``dec2binary $3``dec2binary $4`
-+}
-+
-+cidr_convert()
-+{
-+	netmask=$1
-+        local mask=`mask_to_binary ${netmask//./ }`
-+        mask=${mask%%0*}
-+        cidr=${#mask}
-+}
-+
- # Must be used on exit.   Invokes the local dhcp client exit hooks, if any.
- exit_with_hooks() {
-   exit_status=$1
-@@ -53,11 +66,6 @@
-   fi
- fi
- 
--release=`uname -r`
--release=`expr $release : '\(.*\)\..*'`
--relminor=`echo $release |sed -e 's/[0-9]*\.\([0-9][0-9]*\)\(\..*\)*$/\1/'`
--relmajor=`echo $release |sed -e 's/\([0-9][0-9]*\)\..*$/\1/'`
--
- if [ x$new_broadcast_address != x ]; then
-   new_broadcast_arg="broadcast $new_broadcast_address"
- fi
-@@ -65,13 +73,12 @@
-   old_broadcast_arg="broadcast $old_broadcast_address"
- fi
- if [ x$new_subnet_mask != x ]; then
--  new_subnet_arg="netmask $new_subnet_mask"
-+  cidr_convert $new_subnet_mask
-+  new_subnet_arg="$cidr"
- fi
- if [ x$old_subnet_mask != x ]; then
--  old_subnet_arg="netmask $old_subnet_mask"
--fi
--if [ x$alias_subnet_mask != x ]; then
--  alias_subnet_arg="netmask $alias_subnet_mask"
-+  cidr_convert $old_subnet_mask
-+  old_subnet_arg="$cidr"
- fi
- 
- if [ x$reason = xMEDIUM ]; then
-@@ -82,17 +89,10 @@
- if [ x$reason = xPREINIT ]; then
-   if [ x$alias_ip_address != x ]; then
-     # Bring down alias interface. Its routes will disappear too.
--    ifconfig $interface:0- inet 0
--  fi
--  if [ $relmajor -lt 2 ] || ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] )
--   then
--    ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \
--		broadcast 255.255.255.255 up
--    # Add route to make broadcast work. Do not omit netmask.
--    route add default dev $interface netmask 0.0.0.0
--  else
--    ifconfig $interface 0 up
-+    ip link set $interface down
-+    ip addr del $alias_ip_address  dev $interface
-   fi
-+  ip link set $interface up
- 
-   # We need to give the kernel some time to get the interface up.
-   sleep 1
-@@ -115,83 +115,51 @@
-     fi
-   fi
-     
--  if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \
--		[ x$alias_ip_address != x$old_ip_address ]; then
--    # Possible new alias. Remove old alias.
--    ifconfig $interface:0- inet 0
--  fi
-   if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then
--    # IP address changed. Bringing down the interface will delete all routes,
-+    # IP address changed. Bring down the interface, delete all routes,
-     # and clear the ARP cache.
--    ifconfig $interface inet 0 down
--
-+    ip link set $interface down
-+    ip addr flush dev $interface
-   fi
-   if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \
-      [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then
- 
--    ifconfig $interface inet $new_ip_address $new_subnet_arg \
--							$new_broadcast_arg
-+    ip link set $interface up
-+    ip addr add $new_ip_address/$new_subnet_arg $new_broadcast_arg \
-+       label $interface dev $interface
-     # Add a network route to the computed network address.
--    if [ $relmajor -lt 2 ] || \
--		( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ); then
--      route add -net $new_network_number $new_subnet_arg dev $interface
--    fi
-     for router in $new_routers; do
--      route add default gw $router
-+      ip route add default via $router
-     done
-   fi
--  if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ];
--   then
--    ifconfig $interface:0- inet 0
--    ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
--    route add -host $alias_ip_address $interface:0
--  fi
-   make_resolv_conf
-   exit_with_hooks 0
- fi
- 
- if [ x$reason = xEXPIRE ] || [ x$reason = xFAIL ] || [ x$reason = xRELEASE ] \
-    || [ x$reason = xSTOP ]; then
--  if [ x$alias_ip_address != x ]; then
--    # Turn off alias interface.
--    ifconfig $interface:0- inet 0
--  fi
-   if [ x$old_ip_address != x ]; then
--    # Shut down interface, which will delete routes and clear arp cache.
--    ifconfig $interface inet 0 down
--  fi
--  if [ x$alias_ip_address != x ]; then
--    ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
--    route add -host $alias_ip_address $interface:0
-+    # Shut down interface, delete routes, and clear arp cache.
-+    ip link set $interface down
-+    ip addr flush dev $interface
-   fi
-   exit_with_hooks 0
- fi
- 
- if [ x$reason = xTIMEOUT ]; then
--  if [ x$alias_ip_address != x ]; then
--    ifconfig $interface:0- inet 0
--  fi
--  ifconfig $interface inet $new_ip_address $new_subnet_arg \
--					$new_broadcast_arg
-+  ip link set $interface up
-+  ip addr set $new_ip_address/$new_subnet_arg $new_broadcast_arg \
-+     label $interface dev $interface
-   set $new_routers
--  ############## what is -w in ping?
--  if ping -q -c 1 $1; then
--    if [ x$new_ip_address != x$alias_ip_address ] && \
--			[ x$alias_ip_address != x ]; then
--      ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
--      route add -host $alias_ip_address dev $interface:0
--    fi
--    if [ $relmajor -lt 2 ] || \
--		( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ); then
--      route add -net $new_network_number
--    fi
--    for router in $new_routers; do
--      route add default gw $router
--    done
--    make_resolv_conf
--    exit_with_hooks 0
--  fi
--  ifconfig $interface inet 0 down
-+  
-+  for router in $new_routers; do
-+    ip route add default via $router
-+  done
-+  
-+  make_resolv_conf
-+  exit_with_hooks 0
-+  ip link set $interface down
-+  ip addr flush dev $interface
-   exit_with_hooks 1
- fi
- 

src/patches/kvm-kmod-3.0b_remove_pvclock_scale_delta_redefinition.patch

@@ -0,0 +1,12 @@
+diff -Naur kvm-kmod-3.0b.org/x86/external-module-compat.h kvm-kmod-3.0b/x86/external-module-compat.h
+--- kvm-kmod-3.0b.org/x86/external-module-compat.h	2011-07-23 16:39:10.000000000 +0200
++++ kvm-kmod-3.0b/x86/external-module-compat.h	2011-08-13 21:37:56.046677541 +0200
+@@ -1095,7 +1095,7 @@
+ 
+ #endif /* >= 2.6.36 */
+ 
+-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,37) || \
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,37) && \
+     (LINUX_VERSION_CODE == KERNEL_VERSION(2,6,32) && KERNEL_EXTRAVERSION < 40)
+ static inline u64 pvclock_scale_delta(u64 delta, u32 mul_frac, int shift)
+ {

src/scripts/vpn-watch

@@ -1,6 +1,6 @@
 #!/usr/bin/perl 
 ##################################################
-#####     VPN-Watch.pl     Version 0.6a      #####
+#####     VPN-Watch.pl     Version 0.7       #####
 ##################################################
 #                                                #
 #   VPN-Watch is part of the IPFire Firewall     #
@@ -39,12 +39,11 @@ while ( $i == 0){
     unless(@vpnsettings) {exit 1;}
   }
 
-my $status = `ipsec whack --status`;
+my $status = `ipsec status`;
 foreach (@vpnsettings){
  my @settings = split(/,/,$_);
   
   chomp($settings[30]);
-  if ($settings[30] eq 'ikev2'){next;}
   if ($settings[27] ne 'RED'){next;}
   if ($settings[4] ne 'net'){next;}  
   if ($settings[1] ne 'on'){next;}chomp($settings[29]);
@@ -57,15 +56,13 @@ foreach (@vpnsettings){
   my $remoteip = `/usr/bin/ping -c 1 $remotehostname 2>/dev/null | head -n1 | awk '{print \$3}' | tr -d '()' | tr -d ':'`;chomp($remoteip);
   if ($remoteip eq ""){next;if ($debug){logger("Unable to resolve $remotehostname.");}}
   my $ipmatch= `echo "$status" | grep '$remoteip' | grep '$settings[2]'`;
-  my $established= `echo "$status" | grep '$settings[2]' | grep 'erouted;'`;
+  my $established= `echo "$status" | grep '$settings[2]' | grep -e 'erouted;' -e 'INSTALLED'`;
   my $known= `echo "$status" | grep '$settings[2]'`;
 
   if ( $ipmatch eq '' && $known ne '' ){
     logger("Remote IP for host $remotehostname($remoteip) has changed, restarting ipsec.");
     system("/usr/local/bin/ipsecctrl S $settings[0]");
     $round=0;
-    last; #all connections will reloaded
-          #remove this if ipsecctrl can restart single con again
   }
 
   if ($debug){logger("Round=".$round." and established=".$established);}
@@ -74,8 +71,6 @@ foreach (@vpnsettings){
     logger("Connection to $remotehostname($remoteip) not erouted, restarting ipsec.");
     system("/usr/local/bin/ipsecctrl S $settings[0]");
     $round=0;
-    last; #all connections will reloaded
-          #remove this if ipsecctrl can restart single con again
 
   }
  }