From 5cee03da1e29e6cde5d4fe121b22b86768006775 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 7 Oct 2024 09:13:12 +0000 Subject: [PATCH 01/10] firewall: Flush SYN_FLOOD_PROTECTION This chain was not flushed when the firewall was being reloaded which made any ports appear as open when rules have been disabled or deleted. This has no security implications, but nevertheless isn't right. Reported-by: Adolf Belka Signed-off-by: Michael Tremer --- config/firewall/rules.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index e38f77242..c414f172c 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -221,6 +221,7 @@ sub flush { run("$IPTABLES -t nat -F $CHAIN_NAT_SOURCE"); run("$IPTABLES -t nat -F $CHAIN_NAT_DESTINATION"); run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX"); + run("$IPTABLES -t raw -F SYN_FLOOD_PROTECT"); } sub buildrules { From ff599dd2cb0d0cb9cac7019f1970b4d516bb2c36 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 8 Oct 2024 08:43:39 +0000 Subject: [PATCH 02/10] core189: Ship rules.pl Signed-off-by: Michael Tremer --- config/rootfiles/core/189/filelists/files | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/core/189/filelists/files b/config/rootfiles/core/189/filelists/files index 7e7959886..1603622e7 100644 --- a/config/rootfiles/core/189/filelists/files +++ b/config/rootfiles/core/189/filelists/files @@ -8,6 +8,7 @@ srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/ovpnmain.cgi srv/web/ipfire/html/include/rrdimage.js usr/bin/suricata-watcher +usr/lib/firewall/rules.pl var/ipfire/graphs.pl var/ipfire/header.pl var/ipfire/ids-functions.pl From 69bb956729ffc7268a40400cb1e01335ab919ea9 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 11:30:03 +0100 Subject: [PATCH 03/10] wlanap.cgi: Disable generating Perl warnings Reported-by: Waynie Signed-off-by: Michael Tremer --- html/cgi-bin/wlanap.cgi | 4 ++-- lfs/hostapd | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 4de4c579c..54ee41ccc 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -22,8 +22,8 @@ use strict; # enable only the following on debugging purpose -use warnings; -use CGI::Carp 'fatalsToBrowser'; +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; require '/var/ipfire/lang.pl'; diff --git a/lfs/hostapd b/lfs/hostapd index 2efa5a605..3f8bc1be7 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 64 +PAK_VER = 65 DEPS = From 03a71cd52131be601e2fc5101e3425e82e654ec9 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 13:13:41 +0200 Subject: [PATCH 04/10] wlanap.cgi: Correctly show broadcast SSID status Signed-off-by: Michael Tremer --- html/cgi-bin/wlanap.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 54ee41ccc..5a22c7f25 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -213,7 +213,7 @@ print < $Lang::tr{'wlanap broadcast ssid'} - + From b165dcdd803ba278013b1af03a8269f8994cb5f7 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 13:16:44 +0200 Subject: [PATCH 05/10] wlanap.cgi: Don't try to show status if there is no interface Signed-off-by: Michael Tremer --- html/cgi-bin/wlanap.cgi | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 5a22c7f25..b5052ac53 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -354,29 +354,33 @@ END &Header::closebox(); -&Header::opensection(); +if ($INTF) { -my @status = `iw dev $INTF info`; + &Header::opensection(); -if (@status) { - print <$Lang::tr{'wlanap wlan status'} + my @status = `iw dev $INTF info`; - 
@status
+ if (@status) { + print <$Lang::tr{'wlanap wlan status'} + + 
@status
END + } + + @status = `iw dev $INTF station dump`; + + if (@status) { + print <$Lang::tr{'wlanap clients'} + + 
@status
+END + } + + &Header::closesection(); } -my @status = `iw dev $INTF station dump`; - -if (@status) { - print <$Lang::tr{'wlanap clients'} - - 
@status
-END -} - -&Header::closesection(); &Header::closebigbox(); &Header::closepage(); From 5474f9b32ffb2c41c89e30560919854584ed8169 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 13:17:59 +0200 Subject: [PATCH 06/10] wlanap.cgi: Enable Neighbourhood Scan by default Signed-off-by: Michael Tremer --- html/cgi-bin/wlanap.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index b5052ac53..e7f144f21 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -47,7 +47,7 @@ my %wlanapsettings=(); "PWD" => "", "HTCAPS" => "", "VHTCAPS" => "", - "NOSCAN" => "off", + "NOSCAN" => "on", "CLIENTISOLATION" => "off", "IEEE80211W" => "off", }); From 375d1dc6dd46783900b9eb2f4fb3e3e25e7e0778 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 13:19:10 +0200 Subject: [PATCH 07/10] wlanap.cgi: Default to channel 0 for ACS Signed-off-by: Michael Tremer --- html/cgi-bin/wlanap.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index e7f144f21..7c10b865f 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -41,7 +41,7 @@ my %wlanapsettings=(); "HIDESSID" => "off", "ENC" => "wpa2", "TXPOWER" => "auto", - "CHANNEL" => "6", + "CHANNEL" => "0", "COUNTRY" => "00", "HW_MODE" => "g", "PWD" => "", From d56df86ce26d5c35a89ffde492a0eb708396ee7e Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 13:55:40 +0200 Subject: [PATCH 08/10] wlanap.cgi: Change broadcast SSID to hide SSID Signed-off-by: Michael Tremer --- doc/language_issues.en | 2 +- doc/language_issues.es | 2 ++ doc/language_issues.fr | 2 ++ doc/language_issues.it | 2 +- doc/language_issues.nl | 2 +- doc/language_issues.pl | 2 +- doc/language_issues.ru | 2 +- doc/language_issues.tr | 2 +- doc/language_missings | 12 +++++++----- html/cgi-bin/wlanap.cgi | 4 ++-- langs/de/cgi-bin/de.pl | 2 +- langs/en/cgi-bin/en.pl | 2 +- 12 files changed, 21 insertions(+), 15 deletions(-) diff --git a/doc/language_issues.en b/doc/language_issues.en index c762cc6f7..0e3a3eb74 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -2351,13 +2351,13 @@ WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional WARNING: untranslated string: wlanap auto = Automatic Channel Selection -WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID WARNING: untranslated string: wlanap channel = Channel WARNING: untranslated string: wlanap client isolation = Client Isolation WARNING: untranslated string: wlanap clients = unknown string WARNING: untranslated string: wlanap configuration = Wireless Access Point Configuration WARNING: untranslated string: wlanap country = Country Code WARNING: untranslated string: wlanap encryption = Encryption +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap interface = Select Interface WARNING: untranslated string: wlanap invalid wpa = Invalid length in WPA passphrase. Must be between 8 and 63 characters. WARNING: untranslated string: wlanap management frame protection = Management Frame Protection (802.11w) diff --git a/doc/language_issues.es b/doc/language_issues.es index 67f82a450..b33ffa2dc 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -940,6 +940,7 @@ WARNING: translation string unused: wins server WARNING: translation string unused: wins support WARNING: translation string unused: wlan clients WARNING: translation string unused: wlanap access point +WARNING: translation string unused: wlanap broadcast ssid WARNING: translation string unused: wlanap debugging WARNING: translation string unused: wlanap del interface WARNING: translation string unused: wlanap informations @@ -1197,5 +1198,6 @@ WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wlan client configuration = Wireless Client Configuration WARNING: untranslated string: wlanap = Wireless Access Point WARNING: untranslated string: wlanap clients = unknown string +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap psk = Pre-Shared Key WARNING: untranslated string: wlanap wireless mode = Wireless Mode diff --git a/doc/language_issues.fr b/doc/language_issues.fr index db8b6071e..93466bd9e 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -909,6 +909,7 @@ WARNING: translation string unused: wildcards WARNING: translation string unused: wins server WARNING: translation string unused: wins support WARNING: translation string unused: wlan clients +WARNING: translation string unused: wlanap broadcast ssid WARNING: translation string unused: wlanap debugging WARNING: translation string unused: wlanap del interface WARNING: translation string unused: wlanap informations @@ -1133,5 +1134,6 @@ WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wlanap clients = unknown string +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap psk = Pre-Shared Key WARNING: untranslated string: wlanap wireless mode = Wireless Mode diff --git a/doc/language_issues.it b/doc/language_issues.it index 553417e59..426df7759 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -1504,10 +1504,10 @@ WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional WARNING: untranslated string: wlanap auto = Automatic Channel Selection -WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID WARNING: untranslated string: wlanap client isolation = Client Isolation WARNING: untranslated string: wlanap clients = unknown string WARNING: untranslated string: wlanap configuration = Wireless Access Point Configuration +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap management frame protection = Management Frame Protection (802.11w) WARNING: untranslated string: wlanap neighbor scan = Neighborhood Scan WARNING: untranslated string: wlanap neighbor scan warning = Warning: Disabling may violate regulatory rules diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 0b16d098d..046e5943b 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -1527,10 +1527,10 @@ WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional WARNING: untranslated string: wlanap auto = Automatic Channel Selection -WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID WARNING: untranslated string: wlanap client isolation = Client Isolation WARNING: untranslated string: wlanap clients = unknown string WARNING: untranslated string: wlanap configuration = Wireless Access Point Configuration +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap management frame protection = Management Frame Protection (802.11w) WARNING: untranslated string: wlanap neighbor scan = Neighborhood Scan WARNING: untranslated string: wlanap neighbor scan warning = Warning: Disabling may violate regulatory rules diff --git a/doc/language_issues.pl b/doc/language_issues.pl index a3acd734f..f0a60ab30 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -1797,11 +1797,11 @@ WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional WARNING: untranslated string: wlanap auto = Automatic Channel Selection -WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID WARNING: untranslated string: wlanap client isolation = Client Isolation WARNING: untranslated string: wlanap clients = unknown string WARNING: untranslated string: wlanap configuration = Wireless Access Point Configuration WARNING: untranslated string: wlanap country = Country Code +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap management frame protection = Management Frame Protection (802.11w) WARNING: untranslated string: wlanap neighbor scan = Neighborhood Scan WARNING: untranslated string: wlanap neighbor scan warning = Warning: Disabling may violate regulatory rules diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 66b6cae13..a8f2c1549 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -1790,11 +1790,11 @@ WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional WARNING: untranslated string: wlanap auto = Automatic Channel Selection -WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID WARNING: untranslated string: wlanap client isolation = Client Isolation WARNING: untranslated string: wlanap clients = unknown string WARNING: untranslated string: wlanap configuration = Wireless Access Point Configuration WARNING: untranslated string: wlanap country = Country Code +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap management frame protection = Management Frame Protection (802.11w) WARNING: untranslated string: wlanap neighbor scan = Neighborhood Scan WARNING: untranslated string: wlanap neighbor scan warning = Warning: Disabling may violate regulatory rules diff --git a/doc/language_issues.tr b/doc/language_issues.tr index ec657539f..93619c0a4 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -1372,9 +1372,9 @@ WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional WARNING: untranslated string: wlanap auto = Automatic Channel Selection -WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID WARNING: untranslated string: wlanap client isolation = Client Isolation WARNING: untranslated string: wlanap clients = unknown string +WARNING: untranslated string: wlanap hide ssid = Hide SSID WARNING: untranslated string: wlanap management frame protection = Management Frame Protection (802.11w) WARNING: untranslated string: wlanap neighbor scan = Neighborhood Scan WARNING: untranslated string: wlanap neighbor scan warning = Warning: Disabling may violate regulatory rules diff --git a/doc/language_missings b/doc/language_missings index 6a44630bd..2a2333d94 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -167,6 +167,7 @@ < whitelisted < wireguard < wlanap +< wlanap hide ssid < wlanap psk < wlanap wireless mode < wlanap wlan clients @@ -203,6 +204,7 @@ < wg < whitelisted < wireguard +< wlanap hide ssid < wlanap psk < wlanap wireless mode < wlanap wlan clients @@ -702,9 +704,9 @@ < wlanap 802.11w enforced < wlanap 802.11w optional < wlanap auto -< wlanap broadcast ssid < wlanap client isolation < wlanap configuration +< wlanap hide ssid < wlanap management frame protection < wlanap neighbor scan < wlanap neighbor scan warning @@ -1271,9 +1273,9 @@ < wlanap 802.11w enforced < wlanap 802.11w optional < wlanap auto -< wlanap broadcast ssid < wlanap client isolation < wlanap configuration +< wlanap hide ssid < wlanap management frame protection < wlanap neighbor scan < wlanap neighbor scan warning @@ -2255,10 +2257,10 @@ < wlanap 802.11w enforced < wlanap 802.11w optional < wlanap auto -< wlanap broadcast ssid < wlanap client isolation < wlanap configuration < wlanap country +< wlanap hide ssid < wlanap management frame protection < wlanap neighbor scan < wlanap neighbor scan warning @@ -3276,10 +3278,10 @@ < wlanap 802.11w enforced < wlanap 802.11w optional < wlanap auto -< wlanap broadcast ssid < wlanap client isolation < wlanap configuration < wlanap country +< wlanap hide ssid < wlanap management frame protection < wlanap neighbor scan < wlanap neighbor scan warning @@ -3672,8 +3674,8 @@ < wlanap 802.11w enforced < wlanap 802.11w optional < wlanap auto -< wlanap broadcast ssid < wlanap client isolation +< wlanap hide ssid < wlanap management frame protection < wlanap neighbor scan < wlanap neighbor scan warning diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 7c10b865f..447ad8015 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -211,9 +211,9 @@ print < - $Lang::tr{'wlanap broadcast ssid'} + $Lang::tr{'wlanap hide ssid'} - + diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 0598952ca..61288dddf 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -2998,7 +2998,6 @@ 'wlan clients' => 'WLAN-Clients', 'wlanap' => 'Access Point', 'wlanap auto' => 'Automatic Channel Selection', -'wlanap broadcast ssid' => 'SSID übertragen', 'wlanap channel' => 'Kanal', 'wlanap client isolation' => 'Client-Isolierung', 'wlanap configuration' => 'Access Point Konfiguration', @@ -3006,6 +3005,7 @@ 'wlanap debugging' => 'Debugging', 'wlanap del interface' => 'Ausgewähltes Interface zurücksetzen?', 'wlanap encryption' => 'Verschlüsselung', +'wlanap hide ssid' => 'SSID verbergen', 'wlanap informations' => 'Informationen', 'wlanap interface' => 'Interface übernehmen', 'wlanap invalid wpa' => 'Ungültige Länge in WPA-Passphrase. Muss zwischen 8 und 63 Zeichen lang sein.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 91ea2e64a..d73655560 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -3090,7 +3090,6 @@ 'wlanap 802.11w enforced' => 'Enforced', 'wlanap 802.11w optional' => 'Optional', 'wlanap auto' => 'Automatic Channel Selection', -'wlanap broadcast ssid' => 'Broadcast SSID', 'wlanap channel' => 'Channel', 'wlanap client isolation' => 'Client Isolation', 'wlanap configuration' => 'Wireless Access Point Configuration', @@ -3098,6 +3097,7 @@ 'wlanap debugging' => 'Debugging', 'wlanap del interface' => 'Remove selected interface?', 'wlanap encryption' => 'Encryption', +'wlanap hide ssid' => 'Hide SSID', 'wlanap informations' => 'Information', 'wlanap interface' => 'Select Interface', 'wlanap invalid wpa' => 'Invalid length in WPA passphrase. Must be between 8 and 63 characters.', From 6f7bbb38c9460e1f179f064d9e0a0b2cf4bf45da Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 20 Sep 2024 14:12:07 +0200 Subject: [PATCH 09/10] wlanap.cgi: Fix copying configuration This allows to uncheck checkboxes again. Signed-off-by: Michael Tremer --- html/cgi-bin/wlanap.cgi | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 447ad8015..2691496ab 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -34,6 +34,9 @@ my %selected=(); my %checked=(); my %wlanapsettings=(); +# Read the configuration file +&General::readhash("/var/ipfire/wlanap/settings", \%wlanapsettings); + # Set defaults &General::set_defaults(\%wlanapsettings, { "APMODE" => "on", @@ -52,11 +55,13 @@ my %wlanapsettings=(); "IEEE80211W" => "off", }); -&General::readhash("/var/ipfire/wlanap/settings", \%wlanapsettings); -&Header::getcgihash(\%wlanapsettings); +my %cgiparams = (); + +# Fetch arguments from browser +&Header::getcgihash(\%cgiparams); # Find the selected interface -my $INTF = &Network::get_intf_by_address($wlanapsettings{'INTERFACE'}); +my $INTF = &Network::get_intf_by_address($cgiparams{'INTERFACE'}); delete $wlanapsettings{'__CGI__'}; delete $wlanapsettings{'x'}; @@ -64,20 +69,36 @@ delete $wlanapsettings{'y'}; &Header::showhttpheaders(); -if ($wlanapsettings{'ACTION'} eq "$Lang::tr{'save'}") { +if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") { # verify WPA Passphrase - only with enabled enc - if ($wlanapsettings{'ENC'} ne "none") { + if ($cgiparams{'ENC'} ne "none") { # must be 8 .. 63 characters - if ((length($wlanapsettings{'PWD'}) < 8) || (length($wlanapsettings{'PWD'}) > 63)) { + if ((length($cgiparams{'PWD'}) < 8) || (length($cgiparams{'PWD'}) > 63)) { $errormessage .= "$Lang::tr{'wlanap invalid wpa'}
"; } # only ASCII alowed - if (!($wlanapsettings{'PWD'} !~ /[^\x00-\x7f]/)) { + if (!($cgiparams{'PWD'} !~ /[^\x00-\x7f]/)) { $errormessage .= "$Lang::tr{'wlanap invalid wpa'}
"; } } + # XXX This needs validation + $wlanapsettings{'INTERFACE'} = $cgiparams{'INTERFACE'}; + $wlanapsettings{'SSID'} = $cgiparams{'SSID'}; + $wlanapsettings{'HIDESSID'} = ($cgiparams{'HIDESSID'} eq 'on') ? 'on' : 'off'; + $wlanapsettings{'CLIENTISOLATION'} = ($cgiparams{'CLIENTISOLATION'} eq 'on') ? 'on' : 'off'; + $wlanapsettings{'COUNTRY'} = $cgiparams{'COUNTRY'}; + $wlanapsettings{'HW_MODE'} = $cgiparams{'HW_MODE'}; + $wlanapsettings{'CHANNEL'} = $cgiparams{'CHANNEL'}; + $wlanapsettings{'NOSCAN'} = ($cgiparams{'NOSCAN'} eq 'on') ? 'on' : 'off'; + $wlanapsettings{'ENC'} = $cgiparams{'ENC'}; + $wlanapsettings{'PWD'} = $cgiparams{'PWD'}; + $wlanapsettings{'IEEE80211W'} = ($cgiparams{'IEEE80211W'} eq 'on') ? 'on' : 'off'; + $wlanapsettings{'HTCAPS'} = $cgiparams{'HTCAPS'}; + $wlanapsettings{'VHTCAPS'} = $cgiparams{'VHTCAPS'}; + $wlanapsettings{'TX_POWER'} = $cgiparams{'TX_POWER'}; + if ($errormessage eq '') { &General::writehash("/var/ipfire/wlanap/settings", \%wlanapsettings); &WriteConfig_hostapd(); From 8e1259a31b148fce90ba56f8e4c3ca3e05b35bc1 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sun, 29 Sep 2024 18:03:58 +0200 Subject: [PATCH 10/10] hostapd: update to git 64d60bb4 Signed-off-by: Arne Fitzenreiter Signed-off-by: Michael Tremer --- lfs/hostapd | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lfs/hostapd b/lfs/hostapd index 3f8bc1be7..306b32641 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -25,15 +25,15 @@ include Config SUMMARY = Daemon for running a WPA capable Access Point -VER = 2_11 +VER = 64d60bb4 -THISAPP = hostap_$(VER) -DL_FILE = $(THISAPP).tar.bz2 +THISAPP = hostap-$(VER) +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 65 +PAK_VER = 66 DEPS = @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = de98a3634ff937b0068329219e4fa5dece34c9eeb27fa81a9e7de689d5dd2936ceb0ea43923a0e994e0a7bfcd71709b5f739df2f3efdd7c6ec5c765171711a19 +$(DL_FILE)_BLAKE2 = a377efb1f173a8622ca7ba2073161a64ea3a041c2c662ef35615e74b61e29da2d1f7dccba68a8f2ae1a80c7d3fbde08cd9d72a0babf85324efa9b3b11b1cb3ac install : $(TARGET)