webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 19:55:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into kernel-test

Browse Source
This commit is contained in:
Arne Fitzenreiter
2014-07-20 21:06:11 +02:00
parent 60984f8c47 7535861c50
commit ccb96d4fc5
80 changed files with 12344 additions and 1437 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/backup/include
View File

@@ -12,6 +12,7 @@
/etc/hosts*
/etc/httpd/*
/etc/ssh/ssh_host*
/etc/logrotate.d
/var/ipfire/auth/users
/var/ipfire/dhcp/*
/var/ipfire/dnsforward/*

2
config/backup/includes/owncloud Normal file
View File

@@ -0,0 +1,2 @@
/srv/web/owncloud/config
/var/owncloud/data

1
config/bind/trusted-key.key Normal file
View File

@@ -0,0 +1 @@
. 3600 IN DNSKEY 257 3 8 AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=

25
config/cfgroot/general-functions.pl
View File

@@ -598,6 +598,19 @@ sub checksubnets
if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
}
sub check_net_internal{
my $network=shift;
my ($ip,$cidr)=split(/\//,$network);
my %ownnet=();
my $errormessage;
$cidr=&iporsubtocidr($cidr);
#check if we use one of ipfire's networks (green,orange,blue)
&readhash("${General::swroot}/ethernet/settings", \%ownnet);
if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'GREEN_NETADDRESS'},&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'ORANGE_NETADDRESS'},&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'BLUE_NETADDRESS'},&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
}
sub validport
{
@@ -1174,4 +1187,16 @@ sub firewall_reload() {
system("/usr/local/bin/firewallctrl");
}
# Function which will return the used interface for the red network zone (red0, ppp0, etc).
sub get_red_interface() {
open(IFACE, "${General::swroot}/red/iface") or die "Could not open /var/ipfire/red/iface";
my $interface = <IFACE>;
close(IFACE);
chomp $interface;
return $interface;
}
1;

3
config/cfgroot/header.pl
View File

@@ -142,6 +142,8 @@ sub genmenu {
my %sublogshash = ();
my $sublogs = \%sublogshash;
if ( -e "/var/ipfire/main/gpl_accepted") {
eval `/bin/cat /var/ipfire/menu.d/*.menu`;
eval `/bin/cat /var/ipfire/menu.d/*.main`;
@@ -159,6 +161,7 @@ sub genmenu {
if ( $ethsettings{'RED_TYPE'} eq "PPPOE" && $pppsettings{'MONPORT'} ne "" ) {
$menu->{'02.status'}{'subMenu'}->{'74.modem-status'}{'enabled'} = 1;
}
}
}
sub showhttpheaders

10
config/cron/crontab
View File

@@ -24,12 +24,10 @@ HOME=/
*/5 * * * * /usr/local/bin/makegraphs >/dev/null
17 5 * * * /etc/init.d/tmpfs backup >/dev/null
# Force update the dynamic dns registration once a week
# Force update even if IP has not changed once a month if 'minimize update' selected in GUI
# to avoid account declared as dead
*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl
9 2 * * 0 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f
3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f -m
# Update dynamic DNS records every five minutes.
# Force an update once a month
*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all
3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all --force
# Logwatch
01 0 * * * /usr/local/bin/logwatch > /var/log/logwatch/`date -I -d yesterday`; \

3
config/etc/logrotate.conf
View File

@@ -10,6 +10,9 @@ create
# uncomment this if you want your log files compressed
compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# wtmp
/var/log/wtmp {
weekly

21
config/owncloud/owncloud.conf Normal file
View File

@@ -0,0 +1,21 @@
Listen 1011
<VirtualHost *:1011>
DocumentRoot /srv/web/owncloud
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:HIGH:!RC4:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
SSLHonorCipherOrder on
SSLCertificateFile /etc/httpd/owncloud.crt
SSLCertificateKeyFile /etc/httpd/owncloud.key
Include /etc/httpd/conf/conf.d/php*.conf
<Directory /srv/web/owncloud>
Options Indexes FollowSymlinks MultiViews
AllowOverride ALL
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

0
config/rootfiles/common/gmp → config/rootfiles/common/armv5tel/gmp
View File

1
config/rootfiles/common/armv5tel/initscripts
View File

@@ -24,6 +24,7 @@ etc/rc.d/init.d/console
#etc/rc.d/init.d/cyrus-imapd
#etc/rc.d/init.d/cyrus-sasl
etc/rc.d/init.d/dhcp
etc/rc.d/init.d/dhcrelay
etc/rc.d/init.d/dnsmasq
etc/rc.d/init.d/fcron
#etc/rc.d/init.d/fetchmail

9
config/rootfiles/common/bind
View File

@@ -1,8 +1,9 @@
etc/trusted-key.key
usr/bin/dig
usr/bin/host
usr/bin/nslookup
usr/bin/nsupdate
#usr/man/man1/dig.1
#usr/man/man1/host.1
#usr/man/man1/nslookup.1
#usr/man/man8/nsupdate.8
#usr/share/man/man1/dig.1
#usr/share/man/man1/host.1
#usr/share/man/man1/nslookup.1
#usr/share/man/man1/nsupdate.1

63
config/rootfiles/common/ddns Normal file
View File

@@ -0,0 +1,63 @@
usr/bin/ddns
usr/lib/python2.7/site-packages/ddns
usr/lib/python2.7/site-packages/ddns/__init__.py
usr/lib/python2.7/site-packages/ddns/__init__.pyc
usr/lib/python2.7/site-packages/ddns/__init__.pyo
usr/lib/python2.7/site-packages/ddns/__version__.py
usr/lib/python2.7/site-packages/ddns/__version__.pyc
usr/lib/python2.7/site-packages/ddns/__version__.pyo
usr/lib/python2.7/site-packages/ddns/errors.py
usr/lib/python2.7/site-packages/ddns/errors.pyc
usr/lib/python2.7/site-packages/ddns/errors.pyo
usr/lib/python2.7/site-packages/ddns/i18n.py
usr/lib/python2.7/site-packages/ddns/i18n.pyc
usr/lib/python2.7/site-packages/ddns/i18n.pyo
usr/lib/python2.7/site-packages/ddns/providers.py
usr/lib/python2.7/site-packages/ddns/providers.pyc
usr/lib/python2.7/site-packages/ddns/providers.pyo
usr/lib/python2.7/site-packages/ddns/system.py
usr/lib/python2.7/site-packages/ddns/system.pyc
usr/lib/python2.7/site-packages/ddns/system.pyo
#usr/share/doc/ddns
#usr/share/doc/ddns/COPYING
#usr/share/locale/ar/LC_MESSAGES/ddns.mo
#usr/share/locale/ca/LC_MESSAGES/ddns.mo
#usr/share/locale/cs_CZ
#usr/share/locale/cs_CZ/LC_MESSAGES
#usr/share/locale/cs_CZ/LC_MESSAGES/ddns.mo
#usr/share/locale/da/LC_MESSAGES/ddns.mo
#usr/share/locale/de/LC_MESSAGES/ddns.mo
#usr/share/locale/el_GR
#usr/share/locale/el_GR/LC_MESSAGES
#usr/share/locale/el_GR/LC_MESSAGES/ddns.mo
#usr/share/locale/es/LC_MESSAGES/ddns.mo
#usr/share/locale/fa/LC_MESSAGES/ddns.mo
#usr/share/locale/fr/LC_MESSAGES/ddns.mo
#usr/share/locale/hu/LC_MESSAGES/ddns.mo
#usr/share/locale/id/LC_MESSAGES/ddns.mo
#usr/share/locale/it/LC_MESSAGES/ddns.mo
#usr/share/locale/ja/LC_MESSAGES/ddns.mo
#usr/share/locale/km_KH
#usr/share/locale/km_KH/LC_MESSAGES
#usr/share/locale/km_KH/LC_MESSAGES/ddns.mo
#usr/share/locale/nl/LC_MESSAGES/ddns.mo
#usr/share/locale/pl/LC_MESSAGES/ddns.mo
#usr/share/locale/pt_BR/LC_MESSAGES/ddns.mo
#usr/share/locale/pt_PT/LC_MESSAGES/ddns.mo
#usr/share/locale/ro_RO
#usr/share/locale/ro_RO/LC_MESSAGES
#usr/share/locale/ro_RO/LC_MESSAGES/ddns.mo
#usr/share/locale/ru/LC_MESSAGES/ddns.mo
#usr/share/locale/sq/LC_MESSAGES/ddns.mo
#usr/share/locale/sv/LC_MESSAGES/ddns.mo
#usr/share/locale/th/LC_MESSAGES/ddns.mo
#usr/share/locale/tk
#usr/share/locale/tk/LC_MESSAGES
#usr/share/locale/tk/LC_MESSAGES/ddns.mo
#usr/share/locale/tr/LC_MESSAGES/ddns.mo
#usr/share/locale/uk/LC_MESSAGES/ddns.mo
#usr/share/locale/uz@Latn
#usr/share/locale/uz@Latn/LC_MESSAGES
#usr/share/locale/uz@Latn/LC_MESSAGES/ddns.mo
#usr/share/locale/vi/LC_MESSAGES/ddns.mo
#var/ipfire/ddns/ddns.conf.sample

2
config/rootfiles/common/dhcp
View File

@@ -21,7 +21,7 @@ etc/dhcp/dhcpd.conf
#usr/lib/libomapi.a
#usr/sbin/dhclient
usr/sbin/dhcpd
#usr/sbin/dhcrelay
usr/sbin/dhcrelay
#usr/share/man/man1/omshell.1
#usr/share/man/man3/dhcpctl.3
#usr/share/man/man3/omapi.3

25
config/rootfiles/common/i586/gmp Normal file
View File

@@ -0,0 +1,25 @@
#usr/include/gmp.h
#usr/include/gmpxx.h
#usr/include/mp.h
#usr/lib/libgmp.a
#usr/lib/libgmp.la
#usr/lib/libgmp.so
usr/lib/libgmp.so.10
usr/lib/libgmp.so.10.0.5
#usr/lib/libgmpxx.a
#usr/lib/libgmpxx.la
#usr/lib/libgmpxx.so
usr/lib/libgmpxx.so.4
usr/lib/libgmpxx.so.4.2.5
#usr/lib/libmp.a
#usr/lib/libmp.la
#usr/lib/libmp.so
usr/lib/libmp.so.3
usr/lib/libmp.so.3.1.25
usr/lib/sse2/libgmp.so.10
usr/lib/sse2/libgmp.so.10.0.5
usr/lib/sse2/libmp.so.3
usr/lib/sse2/libmp.so.3.1.25
#usr/share/info/gmp.info
#usr/share/info/gmp.info-1
#usr/share/info/gmp.info-2

1
config/rootfiles/common/i586/initscripts
View File

@@ -26,6 +26,7 @@ etc/rc.d/init.d/console
#etc/rc.d/init.d/cyrus-imapd
#etc/rc.d/init.d/cyrus-sasl
etc/rc.d/init.d/dhcp
etc/rc.d/init.d/dhcrelay
etc/rc.d/init.d/dnsmasq
etc/rc.d/init.d/fcron
#etc/rc.d/init.d/fetchmail

71
config/rootfiles/common/nettle Normal file
View File

@@ -0,0 +1,71 @@
#usr/bin/nettle-hash
#usr/bin/nettle-lfib-stream
#usr/bin/nettle-pbkdf2
#usr/bin/pkcs1-conv
#usr/bin/sexp-conv
#usr/include/nettle
#usr/include/nettle/aes.h
#usr/include/nettle/arcfour.h
#usr/include/nettle/arctwo.h
#usr/include/nettle/asn1.h
#usr/include/nettle/base16.h
#usr/include/nettle/base64.h
#usr/include/nettle/bignum.h
#usr/include/nettle/blowfish.h
#usr/include/nettle/buffer.h
#usr/include/nettle/camellia.h
#usr/include/nettle/cast128.h
#usr/include/nettle/cbc.h
#usr/include/nettle/ccm.h
#usr/include/nettle/chacha-poly1305.h
#usr/include/nettle/chacha.h
#usr/include/nettle/ctr.h
#usr/include/nettle/des-compat.h
#usr/include/nettle/des.h
#usr/include/nettle/dsa-compat.h
#usr/include/nettle/dsa.h
#usr/include/nettle/eax.h
#usr/include/nettle/ecc-curve.h
#usr/include/nettle/ecc.h
#usr/include/nettle/ecdsa.h
#usr/include/nettle/gcm.h
#usr/include/nettle/gosthash94.h
#usr/include/nettle/hmac.h
#usr/include/nettle/knuth-lfib.h
#usr/include/nettle/macros.h
#usr/include/nettle/md2.h
#usr/include/nettle/md4.h
#usr/include/nettle/md5-compat.h
#usr/include/nettle/md5.h
#usr/include/nettle/memxor.h
#usr/include/nettle/nettle-meta.h
#usr/include/nettle/nettle-stdint.h
#usr/include/nettle/nettle-types.h
#usr/include/nettle/pbkdf2.h
#usr/include/nettle/pgp.h
#usr/include/nettle/pkcs1.h
#usr/include/nettle/poly1305.h
#usr/include/nettle/realloc.h
#usr/include/nettle/ripemd160.h
#usr/include/nettle/rsa.h
#usr/include/nettle/salsa20.h
#usr/include/nettle/serpent.h
#usr/include/nettle/sexp.h
#usr/include/nettle/sha.h
#usr/include/nettle/sha1.h
#usr/include/nettle/sha2.h
#usr/include/nettle/sha3.h
#usr/include/nettle/twofish.h
#usr/include/nettle/umac.h
#usr/include/nettle/yarrow.h
#usr/lib/libhogweed.a
#usr/lib/libhogweed.so
usr/lib/libhogweed.so.3
usr/lib/libhogweed.so.3.0
#usr/lib/libnettle.a
#usr/lib/libnettle.so
usr/lib/libnettle.so.5
usr/lib/libnettle.so.5.0
#usr/lib/pkgconfig/hogweed.pc
#usr/lib/pkgconfig/nettle.pc
#usr/share/info/nettle.info

3
config/rootfiles/common/stage2
View File

@@ -74,6 +74,7 @@ usr/lib/libgcc_s.so.1
#usr/lib/libstdc++.la
#usr/lib/libstdc++.so
usr/lib/libstdc++.so.6
#usr/lib/sse2
#usr/local
#usr/local/bin
#usr/local/bin/archive.files
@@ -90,7 +91,6 @@ usr/local/bin/rebuild-initrd
usr/local/bin/run-parts
#usr/local/bin/sanedloop
usr/local/bin/scanhd
usr/local/bin/setddns.pl
usr/local/bin/settime
usr/local/bin/timecheck
usr/local/bin/timezone-transition
@@ -98,6 +98,7 @@ usr/local/bin/timezone-transition
usr/local/bin/update-lang-cache
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
#usr/local/sbin
#usr/local/share
#usr/local/share/doc

7
config/rootfiles/common/strongswan
View File

@@ -54,7 +54,6 @@ etc/strongswan.d/charon/sha2.conf
etc/strongswan.d/charon/socket-default.conf
etc/strongswan.d/charon/sshkey.conf
etc/strongswan.d/charon/stroke.conf
etc/strongswan.d/charon/unity.conf
etc/strongswan.d/charon/updown.conf
etc/strongswan.d/charon/x509.conf
etc/strongswan.d/charon/xauth-eap.conf
@@ -62,8 +61,8 @@ etc/strongswan.d/charon/xauth-generic.conf
etc/strongswan.d/charon/xauth-noauth.conf
etc/strongswan.d/charon/xcbc.conf
etc/strongswan.d/pki.conf
etc/strongswan.d/scepclient.conf
etc/strongswan.d/starter.conf
etc/strongswan.d/tools.conf
usr/bin/pki
#usr/lib/ipsec
#usr/lib/ipsec/libcharon.a
@@ -133,7 +132,6 @@ usr/lib/ipsec/plugins/libstrongswan-sha2.so
usr/lib/ipsec/plugins/libstrongswan-socket-default.so
usr/lib/ipsec/plugins/libstrongswan-sshkey.so
usr/lib/ipsec/plugins/libstrongswan-stroke.so
usr/lib/ipsec/plugins/libstrongswan-unity.so
usr/lib/ipsec/plugins/libstrongswan-updown.so
usr/lib/ipsec/plugins/libstrongswan-x509.so
usr/lib/ipsec/plugins/libstrongswan-xauth-eap.so
@@ -213,7 +211,6 @@ usr/sbin/ipsec
#usr/share/strongswan/templates/config/plugins/socket-default.conf
#usr/share/strongswan/templates/config/plugins/sshkey.conf
#usr/share/strongswan/templates/config/plugins/stroke.conf
#usr/share/strongswan/templates/config/plugins/unity.conf
#usr/share/strongswan/templates/config/plugins/updown.conf
#usr/share/strongswan/templates/config/plugins/x509.conf
#usr/share/strongswan/templates/config/plugins/xauth-eap.conf
@@ -225,5 +222,5 @@ usr/sbin/ipsec
#usr/share/strongswan/templates/config/strongswan.d/charon-logging.conf
#usr/share/strongswan/templates/config/strongswan.d/charon.conf
#usr/share/strongswan/templates/config/strongswan.d/pki.conf
#usr/share/strongswan/templates/config/strongswan.d/scepclient.conf
#usr/share/strongswan/templates/config/strongswan.d/starter.conf
#usr/share/strongswan/templates/config/strongswan.d/tools.conf

1
config/rootfiles/core/80/filelists/bind Symbolic link
View File

@@ -0,0 +1 @@
../../../common/bind

1
config/rootfiles/core/80/filelists/ddns Symbolic link
View File

@@ -0,0 +1 @@
../../../common/ddns

1
config/rootfiles/core/80/filelists/dnsmasq Symbolic link
View File

@@ -0,0 +1 @@
../../../common/dnsmasq

14
config/rootfiles/core/80/filelists/files
View File

@@ -1,5 +1,17 @@
etc/system-release
etc/issue
usr/local/bin/setddns.pl
etc/logrotate.conf
etc/rc.d/init.d/cleanfs
etc/rc.d/init.d/dhcrelay
etc/rc.d/init.d/dnsmasq
etc/rc.d/init.d/networking/red.up/30-ddns
srv/web/ipfire/cgi-bin/ddns.cgi
srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat
srv/web/ipfire/cgi-bin/netexternal.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/proxy.cgi
srv/web/ipfire/cgi-bin/routing.cgi
usr/sbin/dhcrelay
var/ipfire/general-functions.pl
var/ipfire/header.pl
var/ipfire/langs

1
config/rootfiles/core/80/filelists/i586/gmp Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/i586/gmp

1
config/rootfiles/core/80/filelists/lzo Symbolic link
View File

@@ -0,0 +1 @@
../../../common/lzo

1
config/rootfiles/core/80/filelists/nettle Symbolic link
View File

@@ -0,0 +1 @@
../../../common/nettle

1
config/rootfiles/core/80/filelists/wpa_supplicant Symbolic link
View File

@@ -0,0 +1 @@
../../../common/wpa_supplicant

42
config/rootfiles/core/80/update.sh
View File

@@ -32,11 +32,25 @@ do
done
# Stop services
/etc/init.d/ipsec stop
# Remove old strongswan files
rm -f \
/etc/strongswan.d/charon/unity.conf \
/usr/lib/ipsec/plugins/libstrongswan-unity.so \
/usr/share/strongswan/templates/config/plugins/unity.conf
rm -f /usr/local/bin/setddns.pl
# Extract files
extract_files
# Start services
/etc/init.d/dnsmasq restart
if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
/etc/init.d/ipsec start
fi
# Update Language cache
perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
@@ -46,6 +60,34 @@ rm -f \
/opt/pakfire/db/installed/meta-libgpg-error \
/opt/pakfire/db/rootfiles/libgpg-error
# Regenerate squid configuration file
sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi
# Fix broken proxy configuration permissions
chown -R nobody.nobody \
/var/ipfire/proxy/advanced \
/var/ipfire/proxy/acl-1.4 \
/var/ipfire/proxy/enable \
/var/ipfire/proxy/settings \
/var/ipfire/proxy/squid.conf \
/var/ipfire/proxy/transparent
# Generate ddns configuration file
sudo -u nobody /srv/web/ipfire/cgi-bin/ddns.cgi
# Update crontab
sed -i /var/spool/cron/root.orig -e "/setddns.pl/d"
grep -q /usr/bin/ddns /var/spool/cron/root.orig || cat <<EOF >> /var/spool/cron/root.orig
# Update dynamic DNS records every five minutes.
# Force an update once a month
*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all
3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all --force
EOF
fcrontab -z &>/dev/null
sync
# This update need a reboot...

2
config/rootfiles/packages/asterisk
View File

@@ -2706,7 +2706,7 @@ var/lib/asterisk/static-http/prototype.js
var/log/asterisk/cdr-csv
var/log/asterisk/cdr-custom
var/log/asterisk/cel-custom
var/run/asterisk
#var/run/asterisk
#var/spool/asterisk
var/spool/asterisk/dictate
var/spool/asterisk/meetme

2
config/rootfiles/packages/clamav
View File

@@ -41,6 +41,6 @@ var/ipfire/clamav/clamd.conf
var/ipfire/clamav/clamd.conf.sample
var/ipfire/clamav/freshclam.conf
var/ipfire/clamav/freshclam.conf.sample
var/run/clamav
#var/run/clamav
etc/rc.d/init.d/clamav
usr/local/bin/clamavctrl

4
config/rootfiles/packages/cups
View File

@@ -936,7 +936,7 @@ var/ipfire/cups/ppd
var/ipfire/cups/snmp.conf
var/ipfire/cups/ssl
var/log/cups
var/run/cups
var/run/cups/certs
#var/run/cups
#var/run/cups/certs
var/spool/cups
var/spool/cups/tmp

2
config/rootfiles/packages/dbus
View File

@@ -50,4 +50,4 @@ usr/share/dbus-1/services
#usr/share/man/man1/dbus-send.1
#usr/share/man/man1/dbus-uuidgen.1
var/lib/dbus
var/run/dbus
#var/run/dbus

2
config/rootfiles/packages/mysql
View File

@@ -300,4 +300,4 @@ usr/share/mysql
#usr/share/mysql/ukrainian
#usr/share/mysql/ukrainian/errmsg.sys
var/ipfire/backup/addons/includes/mysql
var/run/mysql
#var/run/mysql

9994
config/rootfiles/packages/owncloud Normal file
View File

File diff suppressed because it is too large Load Diff

2
config/rootfiles/packages/vdradmin
View File

@@ -182,4 +182,4 @@ etc/rc.d/rc3.d/S99vdradmin
#usr/share/locale/en_US.utf8/LC_MESSAGES/vdradmin.mo
var/cache/vdradmin
var/log/vdradmin
var/run/vdradmin
#var/run/vdradmin

18
doc/language_issues.de
View File

@@ -41,6 +41,7 @@ WARNING: translation string unused: advproxy errmsg password incorrect
WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: age second
WARNING: translation string unused: age seconds
WARNING: translation string unused: age shour
@@ -59,6 +60,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup config floppy
WARNING: translation string unused: backup configuration
WARNING: translation string unused: backup export key
@@ -70,6 +72,7 @@ WARNING: translation string unused: backup password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bitrate
WARNING: translation string unused: bleeding rules
WARNING: translation string unused: blue access use hint
@@ -116,6 +119,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default ip
@@ -144,6 +149,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: download dh parameter
WARNING: translation string unused: driver
@@ -159,6 +165,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -446,6 +453,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -460,12 +468,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -492,6 +504,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -606,6 +619,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -616,15 +630,11 @@ WARNING: untranslated string: addons
WARNING: untranslated string: bytes
WARNING: untranslated string: community rules
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: downlink
WARNING: untranslated string: emerging rules
WARNING: untranslated string: first
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: last
WARNING: untranslated string: qos add subclass
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: uplink

19
doc/language_issues.en
View File

@@ -41,6 +41,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: age second
WARNING: translation string unused: age seconds
WARNING: translation string unused: age shour
@@ -60,6 +61,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -86,6 +88,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -135,6 +138,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default ip
@@ -166,6 +171,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: download dh parameter
@@ -182,6 +188,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -472,6 +479,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -487,12 +495,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -522,6 +534,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -631,6 +644,7 @@ WARNING: translation string unused: use dov
WARNING: translation string unused: use ibod
WARNING: translation string unused: view log
WARNING: translation string unused: vpn aggrmode
WARNING: translation string unused: vpn configuration main
WARNING: translation string unused: vpn incompatible use of defaultroute
WARNING: translation string unused: vpn mtu invalid
WARNING: translation string unused: vpn on blue
@@ -641,6 +655,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -648,12 +663,8 @@ WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: downlink
WARNING: untranslated string: first
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: last
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: uplink

19
doc/language_issues.es
View File

@@ -42,6 +42,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
WARNING: translation string unused: all interfaces
@@ -56,6 +57,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -82,6 +84,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -129,6 +132,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default networks
@@ -158,6 +163,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: driver
@@ -174,6 +180,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -405,6 +412,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -420,12 +428,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -455,6 +467,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -563,6 +576,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -649,6 +663,10 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: dnssec aware
WARNING: untranslated string: dnssec information
WARNING: untranslated string: dnssec not supported
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: downlink
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: dpd delay
@@ -860,6 +878,7 @@ WARNING: untranslated string: modem sim information
WARNING: untranslated string: modem status
WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: nameserver
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice

19
doc/language_issues.fr
View File

@@ -42,6 +42,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
WARNING: translation string unused: all interfaces
@@ -56,6 +57,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -82,6 +84,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -129,6 +132,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default networks
@@ -158,6 +163,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: driver
@@ -174,6 +180,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -416,6 +423,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -431,12 +439,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -466,6 +478,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -576,6 +589,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
WARNING: translation string unused: year-graph
@@ -660,6 +674,10 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: dnssec aware
WARNING: untranslated string: dnssec information
WARNING: untranslated string: dnssec not supported
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: downlink
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: dpd delay
@@ -871,6 +889,7 @@ WARNING: untranslated string: modem sim information
WARNING: untranslated string: modem status
WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: nameserver
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice

19
doc/language_issues.nl
View File

@@ -42,6 +42,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: age second
WARNING: translation string unused: age seconds
WARNING: translation string unused: age shour
@@ -61,6 +62,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -87,6 +89,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -136,6 +139,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default ip
@@ -166,6 +171,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: driver
@@ -182,6 +188,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -470,6 +477,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -485,12 +493,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -520,6 +532,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -639,6 +652,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -657,6 +671,10 @@ WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
WARNING: untranslated string: dh parameter
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnssec aware
WARNING: untranslated string: dnssec information
WARNING: untranslated string: dnssec not supported
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: firewall logs country
@@ -679,6 +697,7 @@ WARNING: untranslated string: modem no connection message
WARNING: untranslated string: modem sim information
WARNING: untranslated string: modem status
WARNING: untranslated string: monitor interface
WARNING: untranslated string: nameserver
WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: ovpn crypt options
WARNING: untranslated string: ovpn dh

19
doc/language_issues.pl
View File

@@ -42,6 +42,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
WARNING: translation string unused: all interfaces
@@ -56,6 +57,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -82,6 +84,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -129,6 +132,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default networks
@@ -158,6 +163,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: driver
@@ -174,6 +180,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -405,6 +412,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -420,12 +428,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -455,6 +467,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -563,6 +576,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -649,6 +663,10 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: dnssec aware
WARNING: untranslated string: dnssec information
WARNING: untranslated string: dnssec not supported
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: downlink
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: dpd delay
@@ -860,6 +878,7 @@ WARNING: untranslated string: modem sim information
WARNING: untranslated string: modem status
WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: nameserver
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice

19
doc/language_issues.ru
View File

@@ -42,6 +42,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
WARNING: translation string unused: all interfaces
@@ -56,6 +57,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -82,6 +84,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -128,6 +131,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default networks
@@ -157,6 +162,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: driver
@@ -173,6 +179,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -410,6 +417,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -425,12 +433,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -460,6 +472,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -567,6 +580,7 @@ WARNING: translation string unused: vpn watch
WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -654,6 +668,10 @@ WARNING: untranslated string: dnsforward edit an entry
WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: dnssec aware
WARNING: untranslated string: dnssec information
WARNING: untranslated string: dnssec not supported
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: downlink
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: dpd delay
@@ -856,6 +874,7 @@ WARNING: untranslated string: modem sim information
WARNING: untranslated string: modem status
WARNING: untranslated string: monitor interface
WARNING: untranslated string: most preferred
WARNING: untranslated string: nameserver
WARNING: untranslated string: no hardware random number generator
WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: notice

19
doc/language_issues.tr
View File

@@ -42,6 +42,7 @@ WARNING: translation string unused: advproxy no cre groups
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: translation string unused: age second
WARNING: translation string unused: age seconds
WARNING: translation string unused: age shour
@@ -61,6 +62,7 @@ WARNING: translation string unused: apply
WARNING: translation string unused: archive not exist
WARNING: translation string unused: attemps
WARNING: translation string unused: available updates
WARNING: translation string unused: avoid dod
WARNING: translation string unused: backup archive
WARNING: translation string unused: backup clear archive
WARNING: translation string unused: backup config floppy
@@ -87,6 +89,7 @@ WARNING: translation string unused: backup protect key password
WARNING: translation string unused: backup sets
WARNING: translation string unused: backup to floppy
WARNING: translation string unused: bad characters in
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bewan adsl pci st
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
@@ -136,6 +139,8 @@ WARNING: translation string unused: dbfile
WARNING: translation string unused: ddns help dnsmadeeasy
WARNING: translation string unused: ddns help freedns
WARNING: translation string unused: ddns help plus
WARNING: translation string unused: ddns minimize updates
WARNING: translation string unused: ddns noip prefix
WARNING: translation string unused: debugme
WARNING: translation string unused: deep scan directories
WARNING: translation string unused: default ip
@@ -166,6 +171,7 @@ WARNING: translation string unused: dmz pinhole rule removed
WARNING: translation string unused: dmzpinholes for same net not necessary
WARNING: translation string unused: dns server
WARNING: translation string unused: do not log this port list
WARNING: translation string unused: domain not set
WARNING: translation string unused: donation-link
WARNING: translation string unused: done
WARNING: translation string unused: driver
@@ -181,6 +187,7 @@ WARNING: translation string unused: editor
WARNING: translation string unused: eg
WARNING: translation string unused: email server can not be empty
WARNING: translation string unused: enable javascript
WARNING: translation string unused: enable wildcards
WARNING: translation string unused: enabled on
WARNING: translation string unused: enabledtitle
WARNING: translation string unused: encrypted
@@ -469,6 +476,7 @@ WARNING: translation string unused: pots
WARNING: translation string unused: pppoe
WARNING: translation string unused: present
WARNING: translation string unused: profiles
WARNING: translation string unused: proxy
WARNING: translation string unused: proxy access graphs
WARNING: translation string unused: proxy no proxy extend
WARNING: translation string unused: proxy no proxy local
@@ -484,12 +492,16 @@ WARNING: translation string unused: released
WARNING: translation string unused: removable device advice
WARNING: translation string unused: reportfile
WARNING: translation string unused: requested data
WARNING: translation string unused: reserved dst port
WARNING: translation string unused: reserved src port
WARNING: translation string unused: restore hardware settings
WARNING: translation string unused: root
WARNING: translation string unused: root path
WARNING: translation string unused: root user password
WARNING: translation string unused: route subnet is invalid
WARNING: translation string unused: router ip
WARNING: translation string unused: rsvd dst port overlap
WARNING: translation string unused: rsvd src port overlap
WARNING: translation string unused: rules already up to date
WARNING: translation string unused: safe removal of umounted device
WARNING: translation string unused: save error
@@ -519,6 +531,7 @@ WARNING: translation string unused: source ip in use
WARNING: translation string unused: source ip or net
WARNING: translation string unused: source net
WARNING: translation string unused: source network
WARNING: translation string unused: source port in use
WARNING: translation string unused: source port overlaps
WARNING: translation string unused: squid extension methods
WARNING: translation string unused: squid extension methods invalid
@@ -642,6 +655,7 @@ WARNING: translation string unused: warn when traffic reaches
WARNING: translation string unused: web proxy configuration
WARNING: translation string unused: week-graph
WARNING: translation string unused: weekly firewallhits
WARNING: translation string unused: wildcards
WARNING: translation string unused: wlanap wlan services
WARNING: translation string unused: xtaccess all error
WARNING: translation string unused: xtaccess bad transfert
@@ -658,6 +672,10 @@ WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnssec aware
WARNING: untranslated string: dnssec information
WARNING: untranslated string: dnssec not supported
WARNING: untranslated string: dnssec validating
WARNING: untranslated string: download tls-auth key
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
@@ -679,6 +697,7 @@ WARNING: untranslated string: modem no connection message
WARNING: untranslated string: modem sim information
WARNING: untranslated string: modem status
WARNING: untranslated string: monitor interface
WARNING: untranslated string: nameserver
WARNING: untranslated string: not a valid dh key
WARNING: untranslated string: ovpn crypt options
WARNING: untranslated string: ovpn dh

36
doc/language_missings
View File

@@ -94,7 +94,12 @@
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
< dnssec aware
< dnssec information
< dnssec not supported
< dnssec validating
< dns servers
< downlink
< download dh parameter
< download tls-auth key
< dpd delay
@@ -126,6 +131,7 @@
< fireinfo your profile id
< firewall logs country
< firewall rules
< first
< flag
< forward firewall
< fw default drop
@@ -324,6 +330,7 @@
< ipsec
< ipsec network
< ipsec no connections
< last
< least preferred
< lifetime
< mac filter
@@ -348,6 +355,7 @@
< monitor interface
< most preferred
< MTU settings
< nameserver
< never
< no hardware random number generator
< not a valid dh key
@@ -467,6 +475,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< upload dh key
< upload new ruleset
< uptime
@@ -616,7 +625,12 @@
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
< dnssec aware
< dnssec information
< dnssec not supported
< dnssec validating
< dns servers
< downlink
< download dh parameter
< download tls-auth key
< dpd delay
@@ -648,6 +662,7 @@
< fireinfo your profile id
< firewall logs country
< firewall rules
< first
< flag
< forward firewall
< fw default drop
@@ -846,6 +861,7 @@
< ipsec
< ipsec network
< ipsec no connections
< last
< least preferred
< lifetime
< mac filter
@@ -870,6 +886,7 @@
< monitor interface
< most preferred
< MTU settings
< nameserver
< never
< no hardware random number generator
< not a valid dh key
@@ -1005,6 +1022,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< upload dh key
< uptime
< uptime load average
@@ -1130,7 +1148,12 @@
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
< dnssec aware
< dnssec information
< dnssec not supported
< dnssec validating
< dns servers
< downlink
< download dh parameter
< download tls-auth key
< dpd delay
@@ -1154,6 +1177,7 @@
< extrahd you cant mount
< firewall logs country
< firewall rules
< first
< flag
< forward firewall
< fw default drop
@@ -1352,6 +1376,7 @@
< ipsec
< ipsec network
< ipsec no connections
< last
< least preferred
< lifetime
< mac filter
@@ -1376,6 +1401,7 @@
< monitor interface
< most preferred
< MTU settings
< nameserver
< never
< no hardware random number generator
< not a valid dh key
@@ -1495,6 +1521,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< upload dh key
< uptime
< uptime load average
@@ -1623,7 +1650,12 @@
< dnsforward entries
< dnsforward forward_server
< dnsforward zone
< dnssec aware
< dnssec information
< dnssec not supported
< dnssec validating
< dns servers
< downlink
< download dh parameter
< download tls-auth key
< dpd delay
@@ -1648,6 +1680,7 @@
< extrahd you cant mount
< firewall logs country
< firewall rules
< first
< flag
< forward firewall
< frequency
@@ -1849,6 +1882,7 @@
< ipsec
< ipsec network
< ipsec no connections
< last
< least preferred
< lifetime
< mac filter
@@ -1874,6 +1908,7 @@
< month-graph
< most preferred
< MTU settings
< nameserver
< never
< no hardware random number generator
< not a valid dh key
@@ -1990,6 +2025,7 @@
< tor use exit nodes
< updxlrtr sources
< updxlrtr standard view
< uplink
< upload dh key
< uptime
< uptime load average

995
html/cgi-bin/ddns.cgi
View File

File diff suppressed because it is too large Load Diff

4
html/cgi-bin/logs.cgi/firewalllogcountry.dat
View File

@@ -283,12 +283,14 @@ END
&Header::openbox('100%', 'left', 'Firewall Logs');
print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
my $red_interface = &General::get_red_interface();
my $linesjc = 0;
my %tabjc;
my $gi = Geo::IP::PurePerl->new();
if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; };
$lines = 0;
foreach $_ (@log)
{
/^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
@@ -296,7 +298,7 @@ foreach $_ (@log)
$packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
$packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
if($iface eq 'red0') {
if($iface eq $red_interface) {
if($srcaddr ne '') {
my $ccode = $gi->country_code_by_name($srcaddr);
if( $ccode eq '') {

111
html/cgi-bin/netexternal.cgi
View File

@@ -76,6 +76,86 @@ if ( $querry[0] ne~ ""){
&Header::closebox();
}
## DNSSEC
my @nameservers = ();
foreach my $f ("${General::swroot}/red/dns1", "${General::swroot}/red/dns2") {
open(DNS, "<$f");
my $nameserver = <DNS>;
close(DNS);
chomp($nameserver);
if ($nameserver) {
push(@nameservers, $nameserver);
}
}
&Header::openbox('100%', 'center', $Lang::tr{'dnssec information'});
print <<END;
<table class="tbl" width='66%'>
<thead>
<tr>
<th align="center">
<strong>$Lang::tr{'nameserver'}</strong>
</th>
<th align="center">
<strong>$Lang::tr{'status'}</strong>
</th>
</tr>
</thead>
<tbody>
END
my $id = 0;
for my $nameserver (@nameservers) {
my $status = &check_dnssec($nameserver, "ping.ipfire.org");
my $colour = "";
my $bgcolour = "";
my $message = "";
# DNSSEC Not supported
if ($status == 0) {
$message = $Lang::tr{'dnssec not supported'};
$colour = "white";
$bgcolour = ${Header::colourred};
# DNSSEC Aware
} elsif ($status == 1) {
$message = $Lang::tr{'dnssec aware'};
$colour = "black";
$bgcolour = ${Header::colouryellow};
# DNSSEC Validating
} elsif ($status == 2) {
$message = $Lang::tr{'dnssec validating'};
$colour = "white";
$bgcolour = ${Header::colourgreen};
# Error
} else {
$colour = ${Header::colourred};
}
my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
print <<END;
<tr bgcolor="$table_colour">
<td>$nameserver</td>
<td bgcolor="$bgcolour" align="center">
<font color="$colour"><strong>$message</strong></font>
</td>
</tr>
END
}
print <<END;
</tbody>
</table>
END
&Header::closebox();
if ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} eq "DHCP"){
&Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
@@ -161,4 +241,33 @@ END
&Header::closebigbox();
&Header::closepage();
}
}
sub check_dnssec($$) {
my $nameserver = shift;
my $record = shift;
my @command = ("dig", "+dnssec", $record, "\@$nameserver");
my @output = qx(@command);
my $output = join("", @output);
my $status = 0;
if ($output =~ m/status: (\w+)/) {
$status = ($1 eq "NOERROR");
if (!$status) {
return -1;
}
}
my @flags = ();
if ($output =~ m/flags: (.*);/) {
@flags = split(/ /, $1);
}
my $aware = ($output =~ m/RRSIG/);
my $validating = ("ad" ~~ @flags);
return $aware + $validating;
}

50
html/cgi-bin/ovpnmain.cgi
View File

@@ -5024,24 +5024,41 @@ END
###
&Header::openbox('100%', 'LEFT', $Lang::tr{'connection status and controlc' });
print <<END;
<table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
<tr>
<th width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
<th width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></th>
<th width='22%' class='boldbase' align='center'><b>$Lang::tr{'network'}</b></th>
<th width='20%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th>
<th width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></th>
<th width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></th>
</tr>
END
;
my $id = 0;
my $gif;
my $col1="";
foreach my $key (sort { ncmp ($confighash{$a}[1],$confighash{$b}[1]) } keys %confighash) {
my $lastnet;
foreach my $key (sort { ncmp ($confighash{$a}[32],$confighash{$b}[32]) } sort { ncmp ($confighash{$a}[1],$confighash{$b}[1]) } keys %confighash) {
if ($confighash{$key}[32] eq "" && $confighash{$key}[3] eq 'net' ){$confighash{$key}[32]=$Lang::tr{'fwhost OpenVPN N-2-N'};}
if ($confighash{$key}[32] eq "dynamic"){$confighash{$key}[32]=$Lang::tr{'ccd dynrange'};}
if($id == 0){
print"<b>$confighash{$key}[32]</b>";
print <<END;
<table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
<tr>
<th width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
<th width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></th>
<th width='20%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th>
<th width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></th>
<th width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></th>
</tr>
END
}
if ($id > 0 && $lastnet ne $confighash{$key}[32]){
print "</table><br>";
print"<b>$confighash{$key}[32]</b>";
print <<END;
<table width='100%' cellspacing='1' cellpadding='0' class='tbl'>
<tr>
<th width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></th>
<th width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></th>
<th width='20%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th>
<th width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></th>
<th width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></th>
</tr>
END
}
if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
if ($id % 2) {
print "<tr>";
@@ -5060,9 +5077,6 @@ END
my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
$cavalid =~ /Not After : (.*)[\n]/;
$cavalid = $1;
if ($confighash{$key}[32] eq "" && $confighash{$key}[3] eq 'net' ){$confighash{$key}[32]="net-2-net";}
if ($confighash{$key}[32] eq "" && $confighash{$key}[3] eq 'host' ){$confighash{$key}[32]="dynamic";}
print "<td align='center' $col>$confighash{$key}[32]</td>";
print "<td align='center' $col>$confighash{$key}[25]</td>";
$col1="bgcolor='${Header::colourred}'";
my $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b>";
@@ -5191,7 +5205,9 @@ END
END
;
$id++;
$lastnet = $confighash{$key}[32];
}
print"</table>";
;
# If the config file contains entries, print Key to action icons

94
html/cgi-bin/proxy.cgi
View File

@@ -3169,9 +3169,35 @@ END
print FILE "\n";
}
if ($proxysettings{'CACHE_SIZE'} ne '0')
if ($proxysettings{'CACHE_SIZE'} > 0) {
print FILE <<END
maximum_object_size $proxysettings{'MAX_SIZE'} KB
minimum_object_size $proxysettings{'MIN_SIZE'} KB
cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} $proxysettings{'L1_DIRS'} 256
END
;
} else {
print FILE "cache deny all\n\n";
}
print FILE <<END
request_body_max_size $proxysettings{'MAX_OUTGOING_SIZE'} KB
END
;
if ($proxysettings{'MAX_INCOMING_SIZE'} > 0) {
if (!-z $acl_src_unrestricted_ip) { print FILE "reply_body_max_size none IPFire_unrestricted_ips\n"; }
if (!-z $acl_src_unrestricted_mac) { print FILE "reply_body_max_size none IPFire_unrestricted_mac\n"; }
if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
{
if (!-z $extgrp) { print FILE "reply_body_max_size none for_extended_users\n"; }
}
}
if ( $proxysettings{'MAX_INCOMING_SIZE'} != '0' )
{
print FILE "cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} $proxysettings{'L1_DIRS'} 256\n\n";
print FILE "reply_body_max_size $proxysettings{'MAX_INCOMING_SIZE'} KB all\n\n";
}
if ($proxysettings{'LOGGING'} eq 'on')
@@ -3396,19 +3422,25 @@ END
}
open (PORTS,"$acl_ports_ssl");
@temp = <PORTS>;
my @ssl_ports = <PORTS>;
close PORTS;
if (@temp)
{
foreach (@temp) { print FILE "acl SSL_ports port $_"; }
if (@ssl_ports) {
foreach (@ssl_ports) {
print FILE "acl SSL_ports port $_";
}
}
open (PORTS,"$acl_ports_safe");
@temp = <PORTS>;
my @safe_ports = <PORTS>;
close PORTS;
if (@temp)
{
foreach (@temp) { print FILE "acl Safe_ports port $_"; }
if (@safe_ports) {
foreach (@safe_ports) {
print FILE "acl Safe_ports port $_";
}
}
print FILE <<END
acl IPFire_http port $http_port
@@ -3498,7 +3530,7 @@ END
print FILE "http_access deny purge\n";
print FILE "url_rewrite_access deny localhost\n";
}
print FILE <<END
print FILE <<END;
#Access to squid:
#local machine, no restriction
@@ -3509,11 +3541,15 @@ http_access allow IPFire_ips IPFire_networks IPFire_http
http_access allow CONNECT IPFire_ips IPFire_networks IPFire_https
#Deny not web services
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
END
;
if (@safe_ports) {
print FILE "http_access deny !Safe_ports\n";
}
if (@ssl_ports) {
print FILE "http_access deny CONNECT !SSL_ports\n";
}
if ($proxysettings{'AUTH_METHOD'} eq 'ident')
{
@@ -3941,34 +3977,6 @@ END
print FILE "http_reply_access allow all\n\n";
}
if ($proxysettings{'CACHE_SIZE'} > 0)
{
print FILE <<END
maximum_object_size $proxysettings{'MAX_SIZE'} KB
minimum_object_size $proxysettings{'MIN_SIZE'} KB
END
;
} else { print FILE "cache deny all\n\n"; }
print FILE <<END
request_body_max_size $proxysettings{'MAX_OUTGOING_SIZE'} KB
END
;
if ($proxysettings{'MAX_INCOMING_SIZE'} > 0) {
if (!-z $acl_src_unrestricted_ip) { print FILE "reply_body_max_size none IPFire_unrestricted_ips\n"; }
if (!-z $acl_src_unrestricted_mac) { print FILE "reply_body_max_size none IPFire_unrestricted_mac\n"; }
if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
{
if (!-z $extgrp) { print FILE "reply_body_max_size none for_extended_users\n"; }
}
}
if ( $proxysettings{'MAX_INCOMING_SIZE'} != '0' )
{
print FILE "reply_body_max_size $proxysettings{'MAX_INCOMING_SIZE'} KB all\n\n";
}
print FILE "visible_hostname";
if ($proxysettings{'VISIBLE_HOSTNAME'} eq '')
{

21
html/cgi-bin/routing.cgi
View File

@@ -134,6 +134,27 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
$errormessage = $Lang::tr{'invalid ip'}. " - ".$Lang::tr{'gateway ip'};
}
#set networkip if not already correctly defined
my($ip,$cidr) = split(/\//,$settings{'IP'});
my $netip=&General::getnetworkip($ip,$cidr);
$settings{'IP'} = "$netip/$cidr";
#Check for already existing routing entry
foreach my $line (@current) {
chomp($line); # remove newline
my @temp=split(/\,/,$line);
$temp[2] ='' unless defined $temp[2]; # not always populated
$temp[3] ='' unless defined $temp[2]; # not always populated
#Same ip already used?
if($temp[1] eq $settings{'IP'}){
$errormessage = $Lang::tr{'ccd err irouteexist'};
last;
}
#Is the network part of an internal network?
$errormessage .= &General::check_net_internal($settings{'IP'});
last;
}
unless ($errormessage) {
if ($settings{'KEY1'} eq '') { #add or edit ?
unshift (@current, "$settings{'EN'},$settings{'IP'},$settings{'GATEWAY'},$settings{'REMARK'}\n");

9
langs/de/cgi-bin/de.pl
View File

@@ -750,6 +750,10 @@
'dnsforward entries' => 'Aktuelle Einträge',
'dnsforward forward_server' => 'DNS-Server',
'dnsforward zone' => 'Zone',
'dnssec aware' => 'DNSSEC-aware',
'dnssec information' => 'DNSSEC-Informationen',
'dnssec not supported' => 'DNSSEC wird nicht unterstützt',
'dnssec validating' => 'DNSSEC-validierend',
'do not log this port list' => 'Verwerfe diese Port-Liste kurz bevor sie protokolliert werden (reduziert Protokollgröße)',
'dod' => 'Dial-on-Demand-Modus',
'dod for dns' => 'Dial-on-Demand für DNS:',
@@ -765,6 +769,7 @@
'donation-text' => '<strong>IPFire</strong> wird von Freiwilligen in ihrer Freizeit betrieben und auch betreut. Um dieses Projekt am Laufen zu halten, entstehen uns natürlich auch Kosten. Wenn Sie uns unterstützen wollen, würden wir uns über eine kleine Spende sehr freuen.',
'dos charset' => 'DOS Charset',
'down and up speed' => 'Geben Sie bitte hier ihre Download- bzw. Upload-Geschwindigkeit ein <br /> und klicken Sie danach auf <i>Speichern</i>.',
'downlink' => 'Downlink',
'downlink speed' => 'Downlink-Geschwindigkeit (kBit/sek)',
'downlink std class' => 'Downloadstandardklasse',
'download' => 'herunterladen',
@@ -919,6 +924,7 @@
'firewallhits' => 'Firewalltreffer',
'firmware' => 'Firmware',
'firmware upload' => 'Hochladen der Firmware/Treiber',
'first' => 'Erste',
'fixed ip lease added' => 'Feste IP-Zuordnung hinzugefügt',
'fixed ip lease modified' => 'Feste IP-Zuordnung geändert',
'fixed ip lease removed' => 'Feste IP-Zuordnung gelöscht',
@@ -1344,6 +1350,7 @@
'lan' => 'LAN',
'lang' => 'de',
'languagepurpose' => 'Wählen Sie eine Sprache, in der IPFire angezeigt werden soll:',
'last' => 'Letzte',
'last activity' => 'Letzte Aktivität',
'lateprompting' => 'Late prompting',
'lease expires' => 'Zuordnung verfällt',
@@ -1520,6 +1527,7 @@
'name is invalid' => 'Name ist ungültig',
'name must only contain characters' => 'Name darf nur Buchstaben enthalten.',
'name too long' => 'Der volle Benutzername oder der System Hostname ist zu lang',
'nameserver' => 'Nameserver',
'nat-traversal' => 'Nat Traversal:',
'needreboot' => 'Ein Update benötigt einen Neustart',
'net' => 'Netz',
@@ -2269,6 +2277,7 @@
'updxlrtr weekly' => 'wöchentlich',
'updxlrtr year' => 'einem Jahr',
'upgrade' => 'upgrade',
'uplink' => 'Uplink',
'uplink speed' => 'Uplink-Geschwindigkeit (kBit/sek)',
'uplink std class' => 'Uploadstandardklasse',
'upload' => 'Hochladen',

10
langs/en/cgi-bin/en.pl
View File

@@ -775,6 +775,10 @@
'dnsforward entries' => 'Current entries',
'dnsforward forward_server' => 'Nameserver',
'dnsforward zone' => 'Zone',
'dnssec aware' => 'DNSSEC Aware',
'dnssec information' => 'DNSSEC Information',
'dnssec not supported' => 'DNSSEC Not supported',
'dnssec validating' => 'DNSSEC Validating',
'do not log this port list' => 'Drop this port list just before they are logged (reduces log size)',
'dod' => 'Dial on Demand',
'dod for dns' => 'Dial on Demand for DNS:',
@@ -791,6 +795,7 @@
'done' => 'Do it',
'dos charset' => 'DOS Charset',
'down and up speed' => 'Enter your Down- and Uplink-Speed <br /> and then press <i>Save</i>.',
'downlink' => 'Downlink',
'downlink speed' => 'Downlink speed (kbit/sec)',
'downlink std class' => 'downlink standard class',
'download' => 'download',
@@ -946,6 +951,7 @@
'firewallhits' => 'firewallhits',
'firmware' => 'Firmware',
'firmware upload' => 'Upload Firmware/Drivers',
'first' => 'First',
'fixed ip lease added' => 'Fixed IP lease added',
'fixed ip lease modified' => 'Fixed IP lease modified',
'fixed ip lease removed' => 'Fixed IP lease removed',
@@ -1374,6 +1380,7 @@
'lan' => 'LAN',
'lang' => 'en',
'languagepurpose' => 'Select the language you wish IPFire to display in:',
'last' => 'Last',
'last activity' => 'Last Activity',
'lateprompting' => 'Lateprompting',
'lease expires' => 'Lease expires',
@@ -1550,6 +1557,7 @@
'name is invalid' => 'Name is invalid',
'name must only contain characters' => 'Name must only contain characters.',
'name too long' => 'User\'s full name or system hostname is too long',
'nameserver' => 'Nameserver',
'nat-traversal' => 'Nat Traversal:',
'needreboot' => 'An update requires a restart',
'net' => 'Net',
@@ -2309,6 +2317,7 @@
'updxlrtr weekly' => 'weekly',
'updxlrtr year' => 'one year',
'upgrade' => 'upgrade',
'uplink' => 'Uplink',
'uplink speed' => 'Uplink speed (kbit/sec)',
'uplink std class' => 'uplink standard class',
'upload' => 'Upload',
@@ -2563,6 +2572,7 @@
'vpn aggrmode' => 'IKE aggressive mode allowed. Avoid if possible (preshared key is transmitted in clear text)!',
'vpn altname syntax' => 'SubjectAltName is a comma separated list of e-mail, dns, uri, rid and ip objects.<br />email:an email address. Syntax email:copy takes the email field from the cert to be used.<br />DNS:a valid domain name.<br />URI:any valid uri.<br />RID:registered object identifier.<br />IP:an IP address.<br />Note:charset is limited and case is significant.<br />Example:<br /><b>e-mail:</b>ipfire@foo.org<b>,email:</b>copy<b>,DNS:</b>www.ipfire.org<b>,IP:</b>127.0.0.1<b>,URI:</b>http://url/to/something',
'vpn auth-dn' => 'Peer is identified by either IPV4_ADDR, FQDN, USER_FQDN or DER_ASN1_DN string in remote ID field',
'vpn configuration main' => 'VPN Configuration',
'vpn delayed start' => 'Delay before launching VPN (seconds)',
'vpn delayed start help' => 'If required, this delay can be used to allow dynamic DNS updates to propagate properly. 60 is a common value when RED is a dynamic IP.',
'vpn incompatible use of defaultroute' => 'hostname=%defaultroute not allowed',

16
lfs/bind
View File

@@ -25,7 +25,7 @@
include Config
VER = 9.3.2
VER = 9.9.5
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -33,6 +33,8 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
export CPPFLAGS = -DDIG_SIGCHASE
###############################################################################
# Top-level Rules
###############################################################################
@@ -41,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 55e709501a7780233c36e25ccd15ece2
$(DL_FILE)_MD5 = e676c65cad5234617ee22f48e328c24e
install : $(TARGET)
@@ -71,7 +73,11 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls --disable-ipv6
cd $(DIR_APP) && STD_CDEFINES="$(CPPFLAGS)" \
./configure \
--prefix=/usr \
--disable-static \
--disable-openssl-version-check
cd $(DIR_APP) && make -C lib/dns
cd $(DIR_APP) && make -C lib/isc
cd $(DIR_APP) && make -C lib/bind9
@@ -81,5 +87,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && make -C bin/dig install
cd $(DIR_APP) && make -C bin/nsupdate
cd $(DIR_APP) && make -C bin/nsupdate install
install -v -m 644 $(DIR_SRC)/config/bind/trusted-key.key \
/etc/trusted-key.key
@rm -rf $(DIR_APP)
@$(POSTBUILD)

8
lfs/check_mk_agent
View File

@@ -24,15 +24,15 @@
include Config
VER = 1.2.2p2
VER = 1.2.4p5
THISAPP = check_mk_agent-$(VER)
DL_FILE = check_mk-${VER}.tar.gz
DL_FROM = http://mathias-kettner.de/download
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/check_mk-${VER}
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = check_mk_agent
PAK_VER = 2
PAK_VER = 3
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = caa0f7662b4d170b2b6db2516bd41a89
$(DL_FILE)_MD5 = ef3055d191bd38295d1716b3f7824115
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))

80
lfs/ddns Normal file
View File

@@ -0,0 +1,80 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2010 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 003
THISAPP = ddns-$(VER)
DL_FILE = $(THISAPP).tar.xz
DL_FROM = http://source.ipfire.org/releases/ddns/
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 9ff8ab5fa716859b51f63b0a241f1337
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/var/ipfire
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)

29
lfs/dnsmasq
View File

@@ -24,14 +24,16 @@
include Config
VER = 2.45
VER = 2.71
THISAPP = dnsmasq-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
COPTS = -DHAVE_ISC_READER
###############################################################################
# Top-level Rules
###############################################################################
@@ -40,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = b7956e15c9766e05b3eca3ce88fdb616
$(DL_FILE)_MD5 = 9e2e4d59c75e71ee3ca817ff0f9be69e
install : $(TARGET)
@@ -69,13 +71,18 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && sed -i -e 's|/usr/local|/usr|g' Makefile
cd $(DIR_APP)/src && sed -i \
-e 's|^\/\* #define HAVE_ISC_READER .*$$|#define HAVE_ISC_READER\n#define NO_IPV6|' \
-e 's|^#define HAVE_TFTP *$$|//#define HAVE_TFTP|' \
-e 's/^#define CHUSER .*$$/#define CHUSER "dnsmasq"/' config.h
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-2.71-support-nettle-3.0.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch
cd $(DIR_APP) && sed -i src/config.h \
-e 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' \
-e 's|/\* #define HAVE_DNSSEC \*/|#define HAVE_DNSSEC|g' \
-e 's|#define HAVE_DHCP|//#define HAVE_DHCP|g' \
-e 's|#define HAVE_DHCP6|//#define HAVE_DHCP6|g' \
-e 's|#define HAVE_TFTP|//#define HAVE_TFTP|g'
cd $(DIR_APP) && make CFLAGS="$(CFLAGS)" COPTS="$(COPTS)" $(MAKETUNING)
cd $(DIR_APP) && make PREFIX=/usr install
@rm -rf $(DIR_APP)
@$(POSTBUILD)

34
lfs/gmp
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -34,8 +34,15 @@ TARGET = $(DIR_INFO)/$(THISAPP)
ifeq "$(MACHINE)" "i586"
CONFIGURE_ARGS = ABI=32
BUILDTARGET_PENTIUM4 = $(patsubst $(MACHINE)-%,pentium4-%,$(BUILDTARGET))
endif
CONFIGURE_OPTIONS = \
--prefix=/usr \
--enable-cxx \
--enable-mpbsd \
--disable-nls
###############################################################################
# Top-level Rules
###############################################################################
@@ -74,9 +81,30 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && $(CONFIGURE_ARGS) ./configure --prefix=/usr \
--enable-cxx --enable-mpbsd --disable-nls
cd $(DIR_APP) && \
$(CONFIGURE_ARGS) \
./configure \
--build=$(BUILDTARGET) \
$(CONFIGURE_OPTIONS)
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
ifeq "$(MACHINE)" "i586"
# Build SSE/SSE2 optimised version for x86
cd $(DIR_APP) && make clean
cd $(DIR_APP) && \
$(CONFIGURE_ARGS) \
./configure \
--build=$(BUILDTARGET_PENTIUM4) \
$(CONFIGURE_OPTIONS) \
CFLAGS="$(CFLAGS) -march=pentium4" \
CXXFLAGS="$(CXXFLAGS) -march=pentium4"
cd $(DIR_APP) && make $(MAKETUNING)
-mkdir -pv /usr/lib/sse2
cd $(DIR_APP) && install -v -m 755 .libs/libgmp.so.10.0.5 /usr/lib/sse2
cd $(DIR_APP) && install -v -m 755 .libs/libmp.so.3.1.25 /usr/lib/sse2
endif
@rm -rf $(DIR_APP)
@$(POSTBUILD)

3
lfs/gmp-compat
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -75,6 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && $(CONFIGURE_ARGS) ./configure --prefix=/usr \
--build=$(BUILDTARGET) \
--enable-cxx --enable-mpbsd --disable-nls
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && install -m 644 .libs/libgmp.so.3.5.2 /usr/lib

6
lfs/hostapd
View File

@@ -24,7 +24,7 @@
include Config
VER = 2.1
VER = 2.2
THISAPP = hostapd-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
PAK_VER = 29
PAK_VER = 30
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = bb9c50e87c5af6f89f387e63911effac
$(DL_FILE)_MD5 = 23c1f78a693c3288802d516adb7fd289
install : $(TARGET)

6
lfs/lzo
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
VER = 2.06
VER = 2.08
THISAPP = lzo-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 95380bd4081f85ef08c5209f4107e9f8
$(DL_FILE)_MD5 = fcec64c26a0f4f4901468f360029678f
install : $(TARGET)

79
lfs/nettle Normal file
View File

@@ -0,0 +1,79 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 3.0
THISAPP = nettle-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = f64b1bf1e774b7ae6e507318e340250e
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--enable-shared
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)

100
lfs/owncloud Normal file
View File

@@ -0,0 +1,100 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 6.0.4
THISAPP = owncloud-$(VER)
DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = owncloud
PAK_VER = 1
DEPS = ""
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 0a92cf5971e9c9c58e40219b385bd8f4
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
md5 : $(subst %,%_MD5,$(objects))
dist:
@$(PAK)
###############################################################################
# Downloading, checking, md5sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_MD5,$(objects)) :
@$(MD5)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_SRC)/$(PROG) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_SRC) && cp -vrf owncloud /srv/web/
# Rename files with spaces in the name.
while read -r file; do \
mv -v "$${file}" "$${file//\ /_}"; \
done <<< "$$(find /srv/web/owncloud | grep ' ')"
# Create data directory
mkdir -pv /var/owncloud/data
ln -s /var/owncloud/data /srv/web/owncloud/data
# Make sure everything is owned by root, except...
chown -R root.root /srv/web/owncloud
chown -R nobody.nobody /srv/web/owncloud/{apps,data,config}
install -v -m644 $(DIR_SRC)/config/owncloud/owncloud.conf \
/etc/httpd/conf/vhosts.d/
install -v -m 644 $(DIR_SRC)/config/backup/includes/owncloud \
/var/ipfire/backup/addons/includes/owncloud
@$(POSTBUILD)

2
lfs/stage2
View File

@@ -53,7 +53,7 @@ $(TARGET) :
-mkdir -pv /{media/{floppy,cdrom,usbkey},sbin,srv,var}
-install -dv -m 0750 /root
-install -dv -m 1777 /tmp /var/tmp
-mkdir -pv /usr/{,local/}{bin,include,lib,sbin,src}
-mkdir -pv /usr/{,local/}{bin,include,lib{,/sse2},sbin,src}
-mkdir -pv /usr/{,local/}share/{doc,info,locale,man}
-mkdir -v /usr/{,local/}share/{misc,terminfo,zoneinfo}
-mkdir -pv /usr/{,local/}share/man/man{1..8}

5
lfs/strongswan
View File

@@ -24,7 +24,7 @@
include Config
VER = 5.2.0dr6
VER = 5.2.0
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 6b9ac43a3934dcdf66ccbdfebc54081b
$(DL_FILE)_MD5 = 5cee4ee1a6ccb74400758b3ace54d46e
install : $(TARGET)
@@ -97,7 +97,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--enable-eap-peap \
--enable-eap-mschapv2 \
--enable-eap-identity \
--enable-unity \
$(CONFIGURE_OPTIONS)
cd $(DIR_APP) && make $(MAKETUNING)

6
lfs/tor
View File

@@ -24,7 +24,7 @@
include Config
VER = 0.2.4.20
VER = 0.2.4.22
THISAPP = tor-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = tor
PAK_VER = 6
PAK_VER = 7
DEPS = "libevent2"
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = a8cd8e3b3a3f6a7770f2c22d280f19b8
$(DL_FILE)_MD5 = 5a7eee0d9df87233255d78b25c6f8270
install : $(TARGET)

6
lfs/transmission
View File

@@ -24,7 +24,7 @@
include Config
VER = 2.83
VER = 2.84
THISAPP = transmission-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = transmission
PAK_VER = 10
PAK_VER = 11
DEPS = "libevent2"
@@ -46,7 +46,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 4620cfbfefee2ce55a6fa12c3ec330a7
$(DL_FILE)_MD5 = 411aec1c418c14f6765710d89743ae42
install : $(TARGET)

4
lfs/wpa_supplicant
View File

@@ -24,7 +24,7 @@
include Config
VER = 2.1
VER = 2.2
THISAPP = wpa_supplicant-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = e96b8db5a8171cd17a5b2012d6ad7cc7
$(DL_FILE)_MD5 = 238e8e888bbd558e1a57e3eb28d1dd07
install : $(TARGET)

21
make.sh
View File

@@ -26,7 +26,7 @@ NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.15" # Version number
CORE="80" # Core Level (Filename)
PAKFIRE_CORE="79" # Core Level (PAKFIRE)
PAKFIRE_CORE="80" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir
@@ -385,9 +385,6 @@ buildipfire() {
export LOGFILE
ipfiremake configroot
ipfiremake backup
ipfiremake bind
ipfiremake dhcp
ipfiremake dhcpcd
ipfiremake libusb
ipfiremake libusbx
ipfiremake libpcap
@@ -459,17 +456,20 @@ buildipfire() {
;;
esac
ipfiremake pkg-config
ipfiremake openssl
ipfiremake openssl-compat
ipfiremake libgpg-error
ipfiremake libgcrypt
ipfiremake libassuan
ipfiremake bind
ipfiremake dhcp
ipfiremake dhcpcd
ipfiremake linux-atm
ipfiremake cpio
ipfiremake dracut
ipfiremake expat
ipfiremake gdbm
ipfiremake pam
ipfiremake openssl
ipfiremake openssl-compat
ipfiremake libgpg-error
ipfiremake libgcrypt
ipfiremake libassuan
ipfiremake curl
ipfiremake tcl
ipfiremake sqlite
@@ -508,6 +508,7 @@ buildipfire() {
ipfiremake arping
ipfiremake beep
ipfiremake dvdrtools
ipfiremake nettle
ipfiremake dnsmasq
ipfiremake dosfstools
ipfiremake reiserfsprogs
@@ -762,6 +763,7 @@ buildipfire() {
ipfiremake python-progressbar
ipfiremake python-xattr
ipfiremake intltool
ipfiremake ddns
ipfiremake transmission
ipfiremake dpfhack
ipfiremake lcd4linux
@@ -804,6 +806,7 @@ buildipfire() {
ipfiremake iotop
ipfiremake stunnel
ipfiremake sslscan
ipfiremake owncloud
}
buildinstaller() {

7
src/initscripts/init.d/cleanfs
View File

@@ -71,6 +71,13 @@ create_files() {
case "${1}" in
start)
if [[ ! -L "/var/run" ]]; then
boot_mesg "Repair /var/run symlink to /run..."
mv -u /var/run/* /run/ 2>&1 > /dev/null
rm -rf /var/run
ln -s ../run /var/run
fi
boot_mesg -n "Cleaning file systems:" ${INFO}
boot_mesg -n " /tmp" ${NORMAL}

53
src/initscripts/init.d/dhcrelay Executable file
View File

@@ -0,0 +1,53 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/dhcrelay
#
# Description : The DHCP Relay Daemon
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
CONFIG_FILE="/var/ipfire/dhcp/relay"
if [ -r "${CONFIG_FILE}" ]; then
eval $(/usr/local/bin/readhash ${CONFIG_FILE})
fi
ARGS="-q"
for interface in ${INTERFACES}; do
ARGS="${ARGS} -i ${interface}"
done
ARGS="${ARGS} ${SERVERS}"
case "${1}" in
start)
boot_mesg "Starting DHCP Relay..."
loadproc /usr/sbin/dhcrelay ${ARGS}
;;
stop)
boot_mesg "Stopping DHCP Relay..."
killproc -p /var/run/dhcrelay.pid /usr/sbin/dhcrelay
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc /usr/sbin/dhcrelay
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/dhcrelay

23
src/initscripts/init.d/dnsmasq
View File

@@ -20,7 +20,20 @@ if [ -e "/etc/sysconfig/dnsmasq" ]; then
. /etc/sysconfig/dnsmasq
fi
CACHE_SIZE=2500
ENABLE_DNSSEC=1
SHOW_SRV=1
TRUST_ANCHOR=".,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5"
function dnssec_args() {
local cmdline="--dnssec"
if [ -n "${TRUST_ANCHOR}" ]; then
cmdline="${cmdline} --trust-anchor=${TRUST_ANCHOR}"
fi
echo "${cmdline}"
}
function dns_forward_args() {
local file="${1}"
@@ -41,7 +54,6 @@ function dns_forward_args() {
echo "${cmdline}"
}
case "${1}" in
start)
# kill already running copy of dnsmasq...
@@ -73,6 +85,15 @@ case "${1}" in
# Add custom forward dns zones.
ARGS="${ARGS} $(dns_forward_args /var/ipfire/dnsforward/config)"
# Enabled DNSSEC validation
if [ "${ENABLE_DNSSEC}" -eq 1 ]; then
ARGS="${ARGS} $(dnssec_args)"
fi
if [ -n "${CACHE_SIZE}" ]; then
ARGS="${ARGS} --cache-size=${CACHE_SIZE}"
fi
loadproc /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $ARGS
if [ "${SHOW_SRV}" -eq 1 ] && [ "${DNS1}" != "" -o "${DNS2}" != "" ]; then

4
src/initscripts/init.d/networking/red.up/30-ddns
View File

@@ -1,5 +1,3 @@
#!/bin/bash
/usr/local/bin/setddns.pl -f
exit 0
exec /usr/bin/ddns update-all

44
src/paks/owncloud/install.sh Normal file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
extract_files
restore_backup ${NAME}
# Fix permissions.
chmod 777 /srv/web/owncloud/apps
chmod 777 /srv/web/owncloud/config
# Create data directory.
mkdir -p /var/owncloud/data
chown -R nobody:nobody /var/owncloud
# Import web interface certificates if none exist.
if [ ! -e "/etc/httpd/owncloud.crt" ] && [ ! -e "/etc/httpd/owncloud.key" ]; then
cat /etc/httpd/server.crt > /etc/httpd/owncloud.crt
cat /etc/httpd/server.key > /etc/httpd/owncloud.key
fi
/etc/init.d/apache reload
exit 0

30
src/paks/owncloud/uninstall.sh Normal file
View File

@@ -0,0 +1,30 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
make_backup ${NAME}
remove_files
/etc/init.d/apache reload
exit 0

26
src/paks/owncloud/update.sh Normal file
View File

@@ -0,0 +1,26 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
./uninstall.sh
./install.sh

365
src/patches/dnsmasq-2.70-Add-support-to-read-ISC-DHCP-lease-file.patch Normal file
View File

@@ -0,0 +1,365 @@
diff --git a/Makefile b/Makefile
index 292c8bd..5e0cdbe 100644
--- a/Makefile
+++ b/Makefile
@@ -69,7 +69,7 @@ objs = cache.o rfc1035.o util.o option.o forward.o network.o \
dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \
helper.o tftp.o log.o conntrack.o dhcp6.o rfc3315.o \
dhcp-common.o outpacket.o radv.o slaac.o auth.o ipset.o \
- domain.o dnssec.o blockdata.o
+ domain.o dnssec.o blockdata.o isc.o
hdrs = dnsmasq.h config.h dhcp-protocol.h dhcp6-protocol.h \
dns-protocol.h radv-protocol.h ip6addr.h
diff --git a/src/cache.c b/src/cache.c
index 5cec918..1f5657f 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -17,7 +17,7 @@
#include "dnsmasq.h"
static struct crec *cache_head = NULL, *cache_tail = NULL, **hash_table = NULL;
-#ifdef HAVE_DHCP
+#if (defined HAVE_DHCP) || (defined HAVE_ISC_READER)
static struct crec *dhcp_spare = NULL;
#endif
static struct crec *new_chain = NULL;
@@ -222,6 +222,9 @@ static void cache_free(struct crec *crecp)
crecp->flags &= ~F_BIGNAME;
}
+ if (crecp->flags & F_DHCP)
+ free(crecp->name.namep);
+
#ifdef HAVE_DNSSEC
cache_blockdata_free(crecp);
#endif
@@ -1110,7 +1113,7 @@ void cache_reload(void)
total_size = read_hostsfile(ah->fname, ah->index, total_size, (struct crec **)daemon->packet, revhashsz);
}
-#ifdef HAVE_DHCP
+#if (defined HAVE_DHCP) || (defined HAVE_ISC_READER)
struct in_addr a_record_from_hosts(char *name, time_t now)
{
struct crec *crecp = NULL;
@@ -1188,7 +1191,7 @@ void cache_add_dhcp_entry(char *host_name, int prot,
addrlen = sizeof(struct in6_addr);
}
#endif
-
+
inet_ntop(prot, host_address, daemon->addrbuff, ADDRSTRLEN);
while ((crec = cache_find_by_name(crec, host_name, 0, flags | F_CNAME)))
@@ -1253,7 +1256,11 @@ void cache_add_dhcp_entry(char *host_name, int prot,
else
crec->ttd = ttd;
crec->addr.addr = *host_address;
+#ifdef HAVE_ISC_READER
+ crec->name.namep = strdup(host_name);
+#else
crec->name.namep = host_name;
+#endif
crec->uid = next_uid();
cache_hash(crec);
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 1c96a0e..156ac9a 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -934,6 +934,11 @@ int main (int argc, char **argv)
poll_resolv(0, daemon->last_resolv != 0, now);
daemon->last_resolv = now;
+
+#ifdef HAVE_ISC_READER
+ if (daemon->lease_file && !daemon->dhcp)
+ load_dhcp(now);
+#endif
}
if (FD_ISSET(piperead, &rset))
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 3032546..a40b2a9 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -1447,3 +1447,8 @@ void slaac_add_addrs(struct dhcp_lease *lease, time_t now, int force);
time_t periodic_slaac(time_t now, struct dhcp_lease *leases);
void slaac_ping_reply(struct in6_addr *sender, unsigned char *packet, char *interface, struct dhcp_lease *leases);
#endif
+
+/* isc.c */
+#ifdef HAVE_ISC_READER
+void load_dhcp(time_t now);
+#endif
diff --git a/src/isc.c b/src/isc.c
new file mode 100644
index 0000000..5106442
--- /dev/null
+++ b/src/isc.c
@@ -0,0 +1,251 @@
+/* dnsmasq is Copyright (c) 2014 John Volpe, Simon Kelley and
+ Michael Tremer
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 dated June, 1991, or
+ (at your option) version 3 dated 29 June, 2007.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ Code in this file is based on contributions by John Volpe and
+ Simon Kelley. Updated for recent versions of dnsmasq by
+ Michael Tremer.
+*/
+
+#include "dnsmasq.h"
+
+#ifdef HAVE_ISC_READER
+#define MAXTOK 50
+
+struct isc_dhcp_lease {
+ char* name;
+ char* fqdn;
+ time_t expires;
+ struct in_addr addr;
+ struct isc_dhcp_lease* next;
+};
+
+static struct isc_dhcp_lease* dhcp_lease_new(const char* hostname) {
+ struct isc_dhcp_lease* lease = whine_malloc(sizeof(*lease));
+
+ lease->name = strdup(hostname);
+ if (daemon->domain_suffix) {
+ asprintf(&lease->fqdn, "%s.%s", hostname, daemon->domain_suffix);
+ }
+ lease->expires = 0;
+ lease->next = NULL;
+
+ return lease;
+}
+
+static void dhcp_lease_free(struct isc_dhcp_lease* lease) {
+ if (!lease)
+ return;
+
+ if (lease->name)
+ free(lease->name);
+ if (lease->fqdn)
+ free(lease->fqdn);
+ free(lease);
+}
+
+static int next_token(char* token, int buffsize, FILE* fp) {
+ int c, count = 0;
+ char* cp = token;
+
+ while ((c = getc(fp)) != EOF) {
+ if (c == '#') {
+ do {
+ c = getc(fp);
+ } while (c != '\n' && c != EOF);
+ }
+
+ if (c == ' ' || c == '\t' || c == '\n' || c == ';') {
+ if (count)
+ break;
+ } else if ((c != '"') && (count < buffsize - 1)) {
+ *cp++ = c;
+ count++;
+ }
+ }
+
+ *cp = 0;
+ return count ? 1 : 0;
+}
+
+static long get_utc_offset() {
+ time_t t = time(NULL);
+ struct tm* time_struct = localtime(&t);
+
+ return time_struct->tm_gmtoff;
+}
+
+static time_t parse_lease_time(const char* token_date, const char* token_time) {
+ time_t time = (time_t)(-1);
+ struct tm lease_time;
+
+ if (sscanf(token_date, "%d/%d/%d", &lease_time.tm_year, &lease_time.tm_mon, &lease_time.tm_mday) == 3) {
+ lease_time.tm_year -= 1900;
+ lease_time.tm_mon -= 1;
+
+ if (sscanf(token_time, "%d:%d:%d", &lease_time.tm_hour, &lease_time.tm_min, &lease_time.tm_sec) == 3) {
+ time = mktime(&lease_time) + get_utc_offset();
+ }
+ }
+
+ return time;
+}
+
+static struct isc_dhcp_lease* find_lease(const char* hostname, struct isc_dhcp_lease* leases) {
+ struct isc_dhcp_lease* lease = leases;
+
+ while (lease) {
+ if (strcmp(hostname, lease->name) == 0) {
+ return lease;
+ }
+ lease = lease->next;
+ }
+
+ return NULL;
+}
+
+static off_t lease_file_size = (off_t)0;
+static ino_t lease_file_inode = (ino_t)0;
+
+void load_dhcp(time_t now) {
+ struct isc_dhcp_lease* leases = NULL;
+
+ struct stat statbuf;
+ if (stat(daemon->lease_file, &statbuf) == -1) {
+ return;
+ }
+
+ /* Do nothing if the lease file has not changed. */
+ if ((statbuf.st_size <= lease_file_size) && (statbuf.st_ino == lease_file_inode))
+ return;
+
+ lease_file_size = statbuf.st_size;
+ lease_file_inode = statbuf.st_ino;
+
+ FILE* fp = fopen(daemon->lease_file, "r");
+ if (!fp) {
+ my_syslog(LOG_ERR, _("failed to load %s:%s"), daemon->lease_file, strerror(errno));
+ return;
+ }
+
+ my_syslog(LOG_INFO, _("reading %s"), daemon->lease_file);
+
+ char* hostname = daemon->namebuff;
+ struct in_addr host_address;
+ time_t time_starts = -1;
+ time_t time_ends = -1;
+ int nomem;
+
+ char token[MAXTOK];
+ while ((next_token(token, MAXTOK, fp))) {
+ if (strcmp(token, "lease") == 0) {
+ hostname[0] = '\0';
+
+ if (next_token(token, MAXTOK, fp) && ((host_address.s_addr = inet_addr(token)) != (in_addr_t)-1)) {
+ if (next_token(token, MAXTOK, fp) && *token == '{') {
+ while (next_token(token, MAXTOK, fp) && *token != '}') {
+ if ((strcmp(token, "client-hostname") == 0) || (strcmp(token, "hostname") == 0)) {
+ if (next_token(hostname, MAXDNAME, fp)) {
+ if (!canonicalise(hostname, &nomem)) {
+ *hostname = 0;
+ my_syslog(LOG_ERR, _("bad name in %s"), daemon->lease_file);
+ }
+ }
+ } else if ((strcmp(token, "starts") == 0) || (strcmp(token, "ends") == 0)) {
+ char token_date[MAXTOK];
+ char token_time[MAXTOK];
+
+ int is_starts = strcmp(token, "starts") == 0;
+
+ // Throw away the weekday and parse the date.
+ if (next_token(token, MAXTOK, fp) && next_token(token_date, MAXTOK, fp) && next_token(token_time, MAXTOK, fp)) {
+ time_t time = parse_lease_time(token_date, token_time);
+
+ if (is_starts)
+ time_starts = time;
+ else
+ time_ends = time;
+ }
+ }
+ }
+
+ if (!*hostname)
+ continue;
+
+ if ((time_starts == -1) || (time_ends == -1))
+ continue;
+
+ if (difftime(now, time_ends) > 0)
+ continue;
+
+ char* dot = strchr(hostname, '.');
+ if (dot) {
+ if (!daemon->domain_suffix || hostname_isequal(dot + 1, daemon->domain_suffix)) {
+ my_syslog(LOG_WARNING,
+ _("Ignoring DHCP lease for %s because it has an illegal domain part"),
+ hostname);
+ continue;
+ }
+ *dot = 0;
+ }
+
+ // Search for an existing lease in the list
+ // with the given host name and update the data
+ // if needed.
+ struct isc_dhcp_lease* lease = find_lease(hostname, leases);
+
+ // If no lease already exists, we create a new one
+ // and append it to the list.
+ if (!lease) {
+ lease = dhcp_lease_new(hostname);
+
+ lease->next = leases;
+ leases = lease;
+ }
+
+ // Only update more recent leases.
+ if (lease->expires > time_ends)
+ continue;
+
+ lease->addr = host_address;
+ lease->expires = time_ends;
+ }
+ }
+ }
+ }
+
+ fclose(fp);
+
+ // Drop all entries.
+ cache_unhash_dhcp();
+
+ while (leases) {
+ struct isc_dhcp_lease *lease = leases;
+ leases = lease->next;
+
+ if (lease->fqdn) {
+ cache_add_dhcp_entry(lease->fqdn, AF_INET, (struct all_addr*)&lease->addr.s_addr, lease->expires);
+ }
+
+ if (lease->name) {
+ cache_add_dhcp_entry(lease->name, AF_INET, (struct all_addr*)&lease->addr.s_addr, lease->expires);
+ }
+
+ // Cleanup
+ dhcp_lease_free(lease);
+ }
+}
+
+#endif
diff --git a/src/option.c b/src/option.c
index daa728f..d16c982 100644
--- a/src/option.c
+++ b/src/option.c
@@ -1642,7 +1642,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
ret_err(_("bad MX target"));
break;
-#ifdef HAVE_DHCP
+#if (defined HAVE_DHCP) || (defined HAVE_ISC_READER)
case 'l': /* --dhcp-leasefile */
daemon->lease_file = opt_string_alloc(arg);
break;

65
src/patches/dnsmasq-2.71-support-nettle-3.0.patch Normal file
View File

@@ -0,0 +1,65 @@
From cdb755c5f16a6768c3e8b1f345fe15fc9244228d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 18 Jun 2014 20:52:53 +0100
Subject: [PATCH] Fix FTBFS with Nettle-3.0.
---
CHANGELOG | 3 +++
src/dnssec.c | 18 ++++++++++++------
2 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/src/dnssec.c b/src/dnssec.c
index 2ffb75d..69bfc29 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -28,6 +28,12 @@
#include <nettle/nettle-meta.h>
#include <nettle/bignum.h>
+/* Nettle-3.0 moved to a new API for DSA. We use a name that's defined in the new API
+ to detect Nettle-3, and invoke the backwards compatibility mode. */
+#ifdef dsa_params_init
+#include <nettle/dsa-compat.h>
+#endif
+
#define SERIAL_UNDEF -100
#define SERIAL_EQ 0
@@ -121,8 +127,8 @@ static int hash_init(const struct nettle_hash *hash, void **ctxp, unsigned char
return 1;
}
-static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
- unsigned char *digest, int algo)
+static int dnsmasq_rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
+ unsigned char *digest, int algo)
{
unsigned char *p;
size_t exp_len;
@@ -173,8 +179,8 @@ static int rsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned
return 0;
}
-static int dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
- unsigned char *digest, int algo)
+static int dnsmasq_dsa_verify(struct blockdata *key_data, unsigned int key_len, unsigned char *sig, size_t sig_len,
+ unsigned char *digest, int algo)
{
unsigned char *p;
unsigned int t;
@@ -293,10 +299,10 @@ static int verify(struct blockdata *key_data, unsigned int key_len, unsigned cha
switch (algo)
{
case 1: case 5: case 7: case 8: case 10:
- return rsa_verify(key_data, key_len, sig, sig_len, digest, algo);
+ return dnsmasq_rsa_verify(key_data, key_len, sig, sig_len, digest, algo);
case 3: case 6:
- return dsa_verify(key_data, key_len, sig, sig_len, digest, algo);
+ return dnsmasq_dsa_verify(key_data, key_len, sig, sig_len, digest, algo);
#ifndef NO_NETTLE_ECC
case 13: case 14:
--
1.7.10.4

88
src/patches/dnsmasq-2.71-use-nettle-with-minigmp.patch Normal file
View File

@@ -0,0 +1,88 @@
From 063efb330a3f341c2548e2cf1f67f83e49cd6395 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 17 Jun 2014 19:49:31 +0100
Subject: [PATCH] Build config: add -DNO_GMP for use with nettle/mini-gmp
---
Makefile | 2 +-
bld/pkg-wrapper | 9 +++++++--
src/config.h | 7 +++++++
src/dnssec.c | 3 ++-
4 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
index c58b50b..17eeb27 100644
--- a/Makefile
+++ b/Makefile
@@ -61,7 +61,7 @@ lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CON
lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1`
nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed`
nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed`
-gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --copy -lgmp`
+gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC NO_GMP --copy -lgmp`
sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
version = -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
diff --git a/bld/pkg-wrapper b/bld/pkg-wrapper
index 9f9332d..0ddb678 100755
--- a/bld/pkg-wrapper
+++ b/bld/pkg-wrapper
@@ -11,9 +11,14 @@ in=`cat`
if grep "^\#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \
echo $in | grep $search >/dev/null 2>&1; then
-
+# Nasty, nasty, in --copy, arg 2 is another config to search for, use with NO_GMP
if [ $op = "--copy" ]; then
- pkg="$*"
+ if grep "^\#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \
+ echo $in | grep $pkg >/dev/null 2>&1; then
+ pkg=""
+ else
+ pkg="$*"
+ fi
elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
pkg=`$pkg --static $op $*`
diff --git a/src/config.h b/src/config.h
index 2155544..ee6d218 100644
--- a/src/config.h
+++ b/src/config.h
@@ -105,6 +105,8 @@ HAVE_AUTH
define this to include the facility to act as an authoritative DNS
server for one or more zones.
+HAVE_DNSSEC
+ include DNSSEC validator.
NO_IPV6
NO_TFTP
@@ -118,6 +120,11 @@ NO_AUTH
which are enabled by default in the distributed source tree. Building dnsmasq
with something like "make COPTS=-DNO_SCRIPT" will do the trick.
+NO_NETTLE_ECC
+ Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions.
+NO_GMP
+ Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
+
LEASEFILE
CONFFILE
RESOLVFILE
diff --git a/src/dnssec.c b/src/dnssec.c
index 44d626b..2ffb75d 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -26,7 +26,8 @@
# include <nettle/ecc-curve.h>
#endif
#include <nettle/nettle-meta.h>
-#include <gmp.h>
+#include <nettle/bignum.h>
+
#define SERIAL_UNDEF -100
#define SERIAL_EQ 0
--
1.7.10.4

862
src/scripts/setddns.pl
View File

@@ -1,862 +0,0 @@
#!/usr/bin/perl
#
# SmoothWall CGIs
#
# This code is distributed under the terms of the GPL
#
# (c) The SmoothWall Team
#
# $Id: setddns.pl,v 1.4.2.32 2006/02/07 01:29:47 franck78 Exp $
#
#close(STDIN);
#close(STDOUT);
#close(STDERR);
use strict;
use IO::Socket;
use Net::SSLeay;
require '/var/ipfire/general-functions.pl';
#Prototypes functions
sub encode_base64 ($;$);
my %settings;
my $filename = "${General::swroot}/ddns/config";
my $cachefile = "${General::swroot}/ddns/ipcache";
my $ipcache = 0;
my @current = ();
if (open(FILE, "$filename")) {
@current = <FILE>;
close(FILE);
unless(@current) {
exit 0;
}
} else {
&General::log('Dynamic DNS failure : unable to open config file.');
exit 0;
}
&General::readhash("${General::swroot}/ddns/settings", \%settings);
# ignore monthly update if not in minimize update mode
exit 0 if (($settings{'MINIMIZEUPDATES'} ne 'on') && ($ARGV[1] eq '-m'));
my $ip = &General::GetDyndnsRedIP();
if ($ip eq "unavailable") {
&General::log("Dynamic DNS error: RED/Public IP is unavailable");
exit(0);
}
#&General::log("Dynamic DNS public router IP is: $ip");
if ($ARGV[0] eq '-f') {
unlink ($cachefile); # next regular calls will try again if this force update fails.
} else {
open(IPCACHE, "$cachefile");
$ipcache = <IPCACHE>;
close(IPCACHE);
chomp $ipcache;
}
if ($ip ne $ipcache) {
my $id = 0;
my $success = 0;
my $line;
my $lines = @current;
foreach $line (@current) {
$id++;
chomp($line);
my @temp = split(/\,/,$line);
unless ($temp[7] ne "on") {
$settings{'SERVICE'} = $temp[0];
$settings{'HOSTNAME'} = $temp[1];
$settings{'DOMAIN'} = $temp[2];
$settings{'PROXY'} = $temp[3];
$settings{'WILDCARDS'} = $temp[4];
$settings{'LOGIN'} = $temp[5];
$settings{'PASSWORD'} = $temp[6];
$settings{'ENABLED'} = $temp[7];
#Some connection are very stable (more than 40 days). Finally force
#one update / month to avoid account lost
#cron call once/week with -f & once/month with -f -m options
#minimize update ?
if ( ($settings{'MINIMIZEUPDATES'} eq 'on') && ($ARGV[1] ne '-m') ) {
if (General::DyndnsServiceSync($ip, $settings{'HOSTNAME'},$settings{'DOMAIN'})) {
&General::log ("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} is uptodate [$ip]");
$success++;
next; # do not update, go to test next service
}
}
if ($settings{'SERVICE'} ne "dns.lightningwirelabs.com") {
my @service = split(/\./, "$settings{'SERVICE'}");
$settings{'SERVICE'} = "$service[0]";
}
if ($settings{'SERVICE'} eq 'no-ip') {
open(F, ">${General::swroot}/ddns/noipsettings");
flock F, 2;
print F "PROXY=" . ($settings{'PROXY'} eq 'on' ? "Y\n" : "N\n");
print F "PASSWORD=$settings{'PASSWORD'}\n";
print F "NAT=N\n";
print F "LOGIN=$settings{'LOGIN'}\n";
print F "INTERVAL=1\n";
if ($settings{'HOSTNAME'} !~ s/$General::noipprefix//) {
print F "HOSTNAME=$settings{'HOSTNAME'}\n";
print F "GROUP=\n";
} else {
print F "HOSTNAME=\n";
print F "GROUP=$settings{'HOSTNAME'}\n";
}
print F "DOMAIN=$settings{'DOMAIN'}\n";
print F "DEVICE=\n";
print F "DAEMON=N\n";
close(F);
my @ddnscommand = ('/usr/bin/noip','-c',"${General::swroot}/ddns/noipsettings",'-i',"$ip");
my $result = system(@ddnscommand);
if ( $result != 0) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
}
}
elsif ($settings{'SERVICE'} eq 'all-inkl') {
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
my ($out, $response) = Net::SSLeay::get_https("dyndns.kasserver.com", 443, "/", Net::SSLeay::make_headers(
'User-Agent' => 'IPFire', 'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")
));
# Valid response are 'ok' 'nochange'
if ($response =~ m%HTTP/1\.. 200 OK%) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server, check your credentials)");
}
}
elsif ($settings{'SERVICE'} eq 'cjb') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
my ($out, $response) = Net::SSLeay::get_http( 'www.cjb.net',
80,
"/cgi-bin/dynip.cgi?username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}&ip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/has been updated to point to/ ) {
&General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : failure (bad password or login)");
} else {
&General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for cjb.net ($settings{'LOGIN'}) : failure (could not connect to server)");
}
}
elsif ($settings{'SERVICE'} eq 'selfhost') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
my ($out, $response) = Net::SSLeay::get_https( 'carol.selfhost.de',
443,
"/update?username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}&textmodi=1",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/status=(200|204)/ ) {
$out =~ s/\n/ /g;
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)");
}
}
elsif ($settings{'SERVICE'} eq 'dnspark') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( "www.dnspark.net",
443,
"/api/dynamic/update.php?hostname=$settings{'HOSTDOMAIN'}&ip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire',
'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")
)
);
# Valid response are 'ok' 'nochange'
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/^(ok|nochange)/ ) {
$out =~ s/\n/ /g;
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials)");
}
}
elsif ($settings{'SERVICE'} eq 'dns.lightningwirelabs.com') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my $authstring;
if ($settings{'LOGIN'} eq "token") {
$authstring = "token=$settings{'PASSWORD'}";
} else {
$authstring = "username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}";
}
my $user_agent = &General::MakeUserAgent();
my ($out, $response) = Net::SSLeay::get_https("dns.lightningwirelabs.com", 443,
"/update?hostname=$settings{'HOSTDOMAIN'}&address4=$ip&$authstring",
Net::SSLeay::make_headers('User-Agent' => $user_agent)
);
# Valid response are 'ok' 'nochange'
if ($response =~ m%HTTP/1\.. 200 OK%) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success");
$success++;
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials)");
}
}
elsif ($settings{'SERVICE'} eq 'enom') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_http( 'dynamic.name-services.com',
80,
"/interface.asp?Command=SetDNSHost&Zone=$settings{'DOMAIN'}&DomainPassword=$settings{'PASSWORD'}&Address=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
if ($response =~ m%HTTP/1\.. 200 OK%) {
#Valid responses from update => ErrCount=0
if ( $out !~ m/ErrCount=0/ ) {
$out =~ s/(\n|\x0D)/ /g;
$out =~ /Err1=([\w ]+) /;
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($1)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)");
}
}
elsif ($settings{'SERVICE'} eq 'nsupdate') {
# Fetch UI configurable values and assemble the host name.
my $hostName="$settings{'DOMAIN'}";
if ($settings{'HOSTNAME'} ne "") {
$hostName="$settings{'HOSTNAME'}.$hostName";
}
my $keyName=$settings{'LOGIN'};
my $keySecret=$settings{'PASSWORD'};
# Use a relatively long TTL value to reduce load on DNS.
# Some public Dynamic DNS servers use values around 4 hours,
# some use values as low as 60 seconds.
# XXX Maybe we could fetch the master value from the server
# (not the timed-down version supplied by DNS cache)
my $timeToLive="3600";
# Internal setting that can be used to override the DNS server
# where the update is applied. It can be of use when testing
# against a private DNS server.
my $masterServer="";
# Prepare the nsupdate command script to remove and re-add the
# updated A record for the domain.
my $cmdFile="/tmp/nsupdate-$hostName-commands";
my $logFile="/tmp/nsupdate-$hostName-result";
open(TF, ">$cmdFile");
if ($masterServer ne "") {
print TF "server $masterServer\n";
}
if ($keyName ne "" && $keySecret ne "") {
print TF "key $keyName $keySecret\n";
}
print TF "update delete $hostName A\n";
print TF "update add $hostName $timeToLive A $ip\n";
print TF "send\n";
close(TF);
# Run nsupdate with -v to use TCP instead of UDP because we're
# issuing multiple cmds and potentially long keys, and -d to
# get diagnostic result output.
my $result = system("/usr/bin/nsupdate -v -d $cmdFile 2>$logFile");
if ($result != 0) {
&General::log("Dynamic DNS ip-update for $hostName : failure");
open(NSLOG, "$logFile");
my @nsLog = <NSLOG>;
close(NSLOG);
my $logLine;
foreach $logLine (@nsLog) {
chomp($logLine);
if ($logLine ne "") {
&General::log("... $logLine");
}
}
} else {
&General::log("Dynamic DNS ip-update for $hostName : success");
$success++;
}
unlink $cmdFile, $logFile;
}
elsif ($settings{'SERVICE'} eq 'freedns') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
my ($out, $response) = Net::SSLeay::get_https( 'freedns.afraid.org',
443,
"/dynamic/update.php?$settings{'LOGIN'}",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
#Valid responses from service are:
#Updated n host(s) <domain>
#ERROR: <ip> has not changed.
if ($response =~ m%HTTP/1\.. 200 OK%) {
#Valid responses from update => ErrCount=0
if ( $out !~ m/(^Updated|Address .* has not changed)/ig ) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)");
}
}
elsif ($settings{'SERVICE'} eq 'spdns.de') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( 'update.spdns.de', 443,
"/nic/update?&hostname=$settings{'HOSTDOMAIN'}&myip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' ,
'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}"))
);
#Valid responses from service are:
# good xxx.xxx.xxx.xxx
# nochg xxx.xxx.xxx.xxx
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ($out !~ m/good |nochg /ig) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server)");
}
}
elsif ($settings{'SERVICE'} eq 'strato') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( 'dyndns.strato.com',
443,
"/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire',
'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}") )
);
if ($response =~ m%HTTP/1\.. 200 OK%) {
#Valid responses from update => ErrCount=0
if ( $out =~ m/good |nochg /ig) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure1 ($out)");
$success++;
}
} elsif ( $out =~ m/<title>(.*)<\/title>/ig ) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure2 ($1)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure3 ($response)");
}
}
elsif ($settings{'SERVICE'} eq 'regfish') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
my ($out, $response) = Net::SSLeay::get_https( 'dyndns.regfish.de',
443,
"/?fqdn=$settings{'DOMAIN'}&ipv4=$ip&forcehost=1&authtype=secure&token=$settings{'LOGIN'}",
Net::SSLeay::make_headers('User-Agent' => 'Ipfire' )
);
#Valid responses from service are:
#success|100|update succeeded!
#success|101|no update needed at this time..
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/(success\|(100|101)\|)/ig ) {
&General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure (could not connect to server)");
}
}
elsif ($settings{'SERVICE'} eq 'ovh') {
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
my $peer = 'www.ovh.com';
my $peerport = 80;
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
}
my $sock;
unless($sock = new IO::Socket::INET (PeerAddr => $peer, PeerPort => $peerport, Proto => 'tcp', Timeout => 5)) {
&General::log("Dynamic DNS failure : could not connect to $peer:$peerport: $@");
next;
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($GET_CMD, $code64);
$GET_CMD = "GET http://www.ovh.com/nic/update?system=dyndns&hostname=$settings{'HOSTDOMAIN'}&myip=$ip HTTP/1.1\r\n";
$GET_CMD .= "Host: www.ovh.com\r\n";
chomp($code64 = encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}"));
$GET_CMD .= "Authorization: Basic $code64\r\n";
$GET_CMD .= "User-Agent: ipfire\r\n";
#$GET_CMD .= "Content-Type: application/x-www-form-urlencoded\r\n";
$GET_CMD .= "\r\n";
print $sock "$GET_CMD";
my $out = '';
while(<$sock>) {
$out .= $_;
}
close($sock);
#HTTP response => error (in Title tag) else text response
#Valid responses from service:good,nochg (ez-ipupdate like)
#Should use ez-ipdate but "system=dyndns" is not present
if ( $out =~ m/<Title>(.*)<\/Title>/ig ) {
&General::log("Dynamic DNS ovh.com : failure ($1)");
}
elsif ($out !~ m/good |nochg /ig) {
$out =~ s/.+?\015?\012\015?\012//s; # header HTTP
my @out = split("\r", $out);
&General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : failure ($out[1])");
} else {
&General::log("Dynamic DNS ip-update for $settings{'DOMAIN'} : success");
$success++;
}
}
elsif ($settings{'SERVICE'} eq 'dtdns') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_http( 'www.dtdns.com',
80,
"/api/autodns.cfm?id=$settings{'HOSTDOMAIN'}&pw=$settings{'PASSWORD'}",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
#Valid responses from service are:
# now points to
#
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/Host .* now points to/ig ) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server)");
}
}
#namecheap test
elsif ($settings{'SERVICE'} eq 'namecheap') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
my ($out, $response) = Net::SSLeay::get_https( 'dynamicdns.park-your-domain.com',
443,
"/update?host=$settings{'HOSTNAME'}&domain=$settings{'DOMAIN'}&password=$settings{'PASSWORD'}&ip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
#Valid responses from service are:
# wait confirmation!!
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/<ErrCount>0<\/ErrCount>/ ) {
$out =~ m/<Err1>(.*)<\/Err1>/;
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($1)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure (could not connect to server)");
}
}
#end namecheap test
elsif ($settings{'SERVICE'} eq 'dynu') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( 'api.dynu.com',
443,
"/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip&username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}",
Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
);
# Valid responses are 'good xxx.xxx.xxx.xxx', 'nochg'
# see http://www.dynu.com/Default.aspx?page=dnsapi for further details
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/^(good|nochg)/ ) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success ($out)");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server---$out-$response)");
}
}
elsif ($settings{'SERVICE'} eq 'udmedia') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( 'www.udmedia.de',
443,
"/nic/update?myip=$ip&username=$settings{'HOSTDOMAIN'}&password=$settings{'PASSWORD'}",
Net::SSLeay::make_headers('User-Agent' => 'IPFire',
'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) );
# Valid response are 'ok' 'nochange'
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/^(ok|nochg)/ ) {
$out =~ s/\n/ /g;
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials---$out-$response--)");
}
}
elsif ($settings{'SERVICE'} eq 'twodns') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( 'update.twodns.de',
443,
"/update?hostname=$settings{'HOSTDOMAIN'}&ip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire',
'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) );
# Valid response are 'ok' 'nochange'
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/^(good|nochg)/ ) {
$out =~ s/\n/ /g;
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials---$out-$response--)");
}
}
elsif ($settings{'SERVICE'} eq 'variomedia') {
# use proxy ?
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
}
if ($settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my ($out, $response) = Net::SSLeay::get_https( 'dyndns.variomedia.de',
443,
"/nic/update?hostname=$settings{'HOSTDOMAIN'}&myip=$ip",
Net::SSLeay::make_headers('User-Agent' => 'IPFire',
'Authorization' => 'Basic ' . encode_base64("$settings{'LOGIN'}:$settings{'PASSWORD'}")) );
# Valid response is 'good $ip'
if ($response =~ m%HTTP/1\.. 200 OK%) {
if ( $out !~ m/^good $ip/ ) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} ($ip) : failure ($out)");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} ($ip) : success");
$success++;
}
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'} : failure (could not connect to server, check your credentials---$out-$response--)");
}
}
else {
if ($settings{'WILDCARDS'} eq 'on') {
$settings{'WILDCARDS'} = '-w';
} else {
$settings{'WILDCARDS'} = '';
}
if (($settings{'SERVICE'} eq 'dyndns-custom' ||
$settings{'SERVICE'} eq 'easydns' ||
$settings{'SERVICE'} eq 'zoneedit') && $settings{'HOSTNAME'} eq '') {
$settings{'HOSTDOMAIN'} = $settings{'DOMAIN'};
} else {
$settings{'HOSTDOMAIN'} = "$settings{'HOSTNAME'}.$settings{'DOMAIN'}";
}
my @ddnscommand = ('/usr/bin/ez-ipupdate', '-a', "$ip", '-S', "$settings{'SERVICE'}", '-u', "$settings{'LOGIN'}:$settings{'PASSWORD'}", '-h', "$settings{'HOSTDOMAIN'}", "$settings{'WILDCARDS'}", '-q');
my $result = system(@ddnscommand);
if ( $result != 0) {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'}: failure");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTDOMAIN'}: success");
$success++;
}
}
} else {
# If a line is disabled, then we should discount it
$lines--;
}
}
if ($lines == $success) {
open(IPCACHE, ">$cachefile");
flock IPCACHE, 2;
print IPCACHE $ip;
close(IPCACHE);
exit 1;
}
}
exit 0;
# Extracted from Base64.pm
sub encode_base64 ($;$) {
my $res = "";
my $eol = $_[1];
$eol = "\n" unless defined $eol;
pos($_[0]) = 0; # ensure start at the beginning
while ($_[0] =~ /(.{1,45})/gs) {
$res .= substr(pack('u', $1), 1);
chop($res);
}
$res =~ tr|` -_|AA-Za-z0-9+/|; # `# help emacs
# fix padding at the end
my $padding = (3 - length($_[0]) % 3) % 3;
$res =~ s/.{$padding}$/'=' x $padding/e if $padding;
# break encoded string into lines of no more than 76 characters each
if (length $eol) {
$res =~ s/(.{1,76})/$1$eol/g;
}
$res;
}
__END__
old code for selfhost.de
my %proxysettings;
&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
my $peer = 'carol.selfhost.de';
my $peerport = 80;
if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
}
my $sock;
unless($sock = new IO::Socket::INET (PeerAddr => $peer, PeerPort => $peerport, Proto => 'tcp', Timeout => 5)) {
die "Could not connect to $peer:$peerport: $@";
return 1;
}
my $GET_CMD;
$GET_CMD = "GET https://carol.selfhost.de/update?username=$settings{'LOGIN'}&password=$settings{'PASSWORD'}&myip=$ip&textmodi=1 HTTP/1.1\r\n";
$GET_CMD .= "Host: carol.selfhost.de\r\n";
$GET_CMD .= "User-Agent: ipfire\r\n";
$GET_CMD .= "Connection: close\r\n\r\n";
print $sock "$GET_CMD";
my $out = '';
while(<$sock>) {
$out .= $_;
}
close($sock);
if ( $out !~ m/status=(200|204)/ ) {
#cleanup http response...
$out =~ s/.+?\015?\012\015?\012//s; # header HTTP
my @out = split("\r", $out);
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : failure ($out[1])");
} else {
&General::log("Dynamic DNS ip-update for $settings{'HOSTNAME'}.$settings{'DOMAIN'} : success");
$success++;
}

7
tools/checkwronginitlinks
View File

@@ -25,3 +25,10 @@ if [ "${?}" == "0" ]; then
grep -r "^etc/init.d//*" ./config/rootfiles/
echo "Change this to 'etc/rc.d/init.d/...' !"
fi
grep -r "^var/run//*" ./config/rootfiles/ >/dev/null 2>&1
if [ "${?}" == "0" ]; then
echo "Error! 'var/run/...' in rootfiles files found!"
grep -r "^var/run//*" ./config/rootfiles/
echo "Comment this and create it at initskript if needed !"
fi

2
tools/make-functions
View File

@@ -71,7 +71,7 @@ configure_target() {
i586)
BUILDTARGET="${target_arch}-pc-linux-gnu"
CROSSTARGET="${BUILD_ARCH}-cross-linux-gnu"
CFLAGS_ARCH="-march=i586 -fomit-frame-pointer"
CFLAGS_ARCH="-march=i586 -mtune=generic -fomit-frame-pointer"
;;
armv5tel)