Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

config/firewall/rules.pl

@@ -580,17 +580,15 @@ sub p2pblock {
 
 sub geoipblock {
 	my %geoipsettings = ();
+	$geoipsettings{'GEOIPBLOCK_ENABLED'} = "off";
+
+	# Flush iptables chain.
+	run("$IPTABLES -F GEOIPBLOCK");
 
 	# Check if the geoip settings file exists
 	if (-e "$geoipfile") {
 		# Read settings file
 		&General::readhash("$geoipfile", \%geoipsettings);
-	} else {
-		# Drop active rules.
-		run("$IPTABLES -F GEOIPBLOCK");
-
-		# Exit submodule, go on processing the remaining script
-		return;
 	}
 
 	# If geoip blocking is not enabled, we are finished here.
@@ -602,9 +600,6 @@ sub geoipblock {
 	# Get supported locations.
 	my @locations = &fwlib::get_geoip_locations();
 
-	# Flush iptables chain.
-	run("$IPTABLES -F GEOIPBLOCK");
-
 	# Loop through all supported geoip locations and
 	# create iptables rules, if blocking this country
 	# is enabled.

config/rootfiles/core/90/filelists/files

@@ -2,6 +2,7 @@ etc/system-release
 etc/issue
 etc/rc.d/init.d/firewall
 etc/rc.d/init.d/network-trigger
+etc/rc.d/init.d/networking/functions.network
 etc/rc.d/init.d/networking/red.up/99-geoip-database
 etc/rc.d/rcsysinit.d/S90network-trigger
 srv/web/ipfire/cgi-bin/firewall.cgi

config/rootfiles/core/90/filelists/iptables

@@ -0,0 +1 @@
+../../../common/iptables

lfs/iptables

@@ -93,9 +93,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.22/iptables-1.4.3forward-for-kernel-2.6.20forward/* \
 	                 ./extensions/
 
-	# ipp2p 0.8.2-pomng
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.4.14-ipp2p-0.8.2-ipfire.patch
-
 	# imq
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.4.12-IMQ-test4.diff
 

lfs/linux

@@ -24,11 +24,11 @@
 
 include Config
 
-VER        = 3.14.38
+VER        = 3.14.39
 
-RPI_PATCHES = 3.14.38-grsec-ipfire1
+RPI_PATCHES = 3.14.39-grsec-ipfire1
-A7M_PATCHES = 3.14.38-grsec-ipfire1
+A7M_PATCHES = 3.14.39-grsec-ipfire1
-GRS_PATCHES = grsecurity-3.1-3.14.38-201504142259.patch.xz
+GRS_PATCHES = grsecurity-3.1-3.14.39-201504190814.patch.xz
 
 THISAPP    = linux-$(VER)
 DL_FILE    = linux-$(VER).tar.xz
@@ -77,10 +77,10 @@ rpi-patches-$(RPI_PATCHES).patch.xz		= $(URL_IPFIRE)/rpi-patches-$(RPI_PATCHES).
 arm7-multi-patches-$(A7M_PATCHES).patch.xz	= $(URL_IPFIRE)/arm7-multi-patches-$(A7M_PATCHES).patch.xz
 $(GRS_PATCHES)					= $(URL_IPFIRE)/$(GRS_PATCHES)
 
-$(DL_FILE)_MD5					= c4d0154627e02dc43c67fa616ff1e569
+$(DL_FILE)_MD5					= 3581855d0dbfcbe1140dfcd1406d0a91
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5		= e423c8b3a408f23b9a26f8f0f4384c50
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5		= 5056304af0a199194abd0bcb00015f28
 arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5	= a4a4103255e93bfcb02652212b0ae3fc
-$(GRS_PATCHES)_MD5				= 6d6ed13c08ae96f6470c30c00e08b130
+$(GRS_PATCHES)_MD5				= 2121d0bf825da9ff6321e2940f247c5e
 
 install : $(TARGET)
 
@@ -118,9 +118,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	# Linux Intermediate Queueing Device
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.22-imq.patch
 
-	# ipp2p 0.8.2-ipfire
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10-ipp2p-0.8.2-ipfire.patch
-
 	# Layer7-patch
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14-layer7-filter.patch
 

src/initscripts/init.d/networking/functions.network

@@ -75,7 +75,7 @@ dhcpcd_start() {
 	fi
 
 	# Start dhcpcd.
-	/sbin/dhcpcd "${device}" "${dhcp_start}" >/dev/null 2>&1
+	/sbin/dhcpcd ${dhcp_start} ${device} >/dev/null 2>&1
 	ret="$?"
 
 	if [ "${ret}" -eq 0 ]; then
@@ -124,7 +124,7 @@ dhcpcd_stop() {
 	fi
 
 	# Stop dhcpcd.
-	/sbin/dhcpcd "${device}" "${dhcp_stop}" &> /dev/null
+	/sbin/dhcpcd ${dhcp_stop} ${device} &> /dev/null
 	ret="$?"
 
 	# Wait until dhcpd has stopped.