webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,722 Commits 2 Branches 1 Tag
main
Commit Graph

389 Commits

Author SHA1 Message Date
Michael Tremer
a56357b8be Revert "ipsec-interfaces: Run when IPsec is disabled" 
This reverts commit 3c3a1cfdb9b473fae9b792e8c211c9940fafc658.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
4cf038dcfe ipsec-interfaces: Run when IPsec is disabled 
This needs to run even when IPsec is disable to remove
and interfaces

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
05af70c2f3 ipsec-interfaces: Use correct righthost variable 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
b8c153bca5 IPsec: Add (experimental) script that creates GRE/VTI interfaces 
Signed-off-by: root <root@interim-edge-a.ec2.internal>
 2019-02-04 18:20:36 +00:00
Stefan Schantl
d6f725e185 update-ids-ruleset: Improve error reporting if the system is offline 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 10:57:31 +01:00
Stefan Schantl
ca8c92108a update-ids-ruleset: Set correct ownership for rulesdir and files 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-29 09:09:11 +01:00
Stefan Schantl
39155be805 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2019-01-26 12:40:04 +01:00
Peter Müller
d38e7e256d use HTTPS for downloading GeoIP database files 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-21 21:03:38 +00:00
Stefan Schantl
c1a3401235 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2019-01-21 13:04:13 +01:00
Arne Fitzenreiter
271bac39a0 xt_geoip_updte: fix download url 
the maxmind server delivers an old version if there are
two slashes before the database filename.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-01-19 15:16:43 +01:00
Stefan Schantl
b76a8a008d xt_geoip_update: Adjust script to download and use the GeoLite2 database 
Fixes #11961.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-07 01:21:01 +00:00
Stefan Schantl
a77870146f xtables-addons: Use shipped xt_geoip_build 
Use the shipped xt_geoip_build directly instead of holding a copy in our GIT.

Reference #11959

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-07 01:20:22 +00:00
Stefan Schantl
a13ddf04d9 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-12-12 09:27:59 +01:00
Michael Tremer
492b0b7c18 backupiso: Add support for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-11-08 16:02:17 +00:00
Michael Tremer
8a0bc03450 backupiso: Fix order of variables 
Some values in variables were corrected but used before.

Reported-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-11-08 15:58:58 +00:00
Arne Fitzenreiter
6104f2e816 backupiso: fix boot on EFI 
the grub on EFI serch the config on volume "IPFire 2.21 arch"
so the custom "ipfire backup ..." volume name is not working
anymore.
This is now fixed and a backup-version.media tag will added.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-11-07 19:16:57 +01:00
Arne Fitzenreiter
84902aa499 backup: fix backupiso mastering 
fixes: #11916

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-11-04 10:16:26 +01:00
Arne Fitzenreiter
ca9c45b3f2 graphs: add NVMe disks 
Add NVMe disks to media and hardwaregraphs.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-10-28 17:56:37 +01:00
Stefan Schantl
2d475a3c6c Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2018-09-26 14:49:34 +02:00
Stefan Schantl
82979dec36 IDS: Introduce update-ids-ruleset 
This script periodly will be called by fcron
and is responsible for downloading and altering
the ruleset, if autoupdate of the configured ruleset is
enabled.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-09-26 14:11:31 +02:00
Arne Fitzenreiter
4eedf6793b rebuild-initrd: update for grub2 
this was was not used for years because we usually ship a prebuild ramdisk
so this incompatiblity was not noticed long time...

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-09-20 20:03:26 +02:00
Michael Tremer
046ef135e6 Merge remote-tracking branch 'origin/efi' into next 2018-08-16 12:49:13 +01:00
Arne Fitzenreiter
b403b04a13 initrd: add early microcode load 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-08-05 13:32:36 +02:00
Michael Tremer
f32cbd89d9 backup: Bump release number in ISO download script 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-08-03 13:07:31 +01:00
Michael Tremer
87589bce00 backup: Make backup ISO bootable on EFI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-31 16:36:09 +01:00
Michael Tremer
befc040497 Move update-bootloader script into installer 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:03:09 +00:00
Michael Tremer
eadde44b05 update-bootloader: Allow passing device to install GRUB on 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:03:09 +00:00
Michael Tremer
c1397b7ab3 update-bootloader: Extend script to support EFI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:03:09 +00:00
Michael Tremer
3ed1c621cf Revert "Add Intel microcode updates from Jan 2018" 
This reverts commit d404b1dba2.

Intel has pulled these microcode updates because of
random system reboots and systems becoming unstable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-24 16:08:22 +00:00
Jonatan Schlag
d404b1dba2 Add Intel microcode updates from Jan 2018 
Add intel microcode to the distribution and configure dracut in a way
that the microcode is loaded early in the boot process.

Fixes #11590

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Acknowledged-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-14 15:25:08 +00:00
Arne Fitzenreiter
9064ba72fe drop httpscert and merge to apache initskript 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-10-22 15:50:38 +02:00
Peter Müller
5760f93a74 generate ECDSA key on existing installations 
Generate ECDSA key (and sign it) in case it does not exist. That way,
httpscert can be ran on existing installations without breaking already
generated (RSA) keys.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:05:34 +01:00
Michael Tremer
6772cc8035 Download ISO images from https://downloads.ipfire.org 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-06 13:03:40 +01:00
Michael Tremer
cb40ff6027 captive portal: Reload firewall rules after cleanup 
This is not necessary to stop any clients from accessing the
Internet, but if we know that we don't need a line for certain
any more, we can as well remove the firewall rule straight away.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:09:58 +02:00
Michael Tremer
b1773d1a37 captive portal: Don't remove unlimited access after one hour 
Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:04:29 +02:00
Alexander Marx
07d56062a9 Captive-Portal: fix cleanup script 
The cleanup-script did not write back the hash after the expired voucher
was delted

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:45 +01:00
Alexander Marx
e01c5ab71a Captive-Portal: redesign Webinterface 
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Alexander Marx
4d9002279f Captive-Portal: add crontab and cleanup scripts 
The cleanup script is called every hour and deletes expired clients from
the clients file.
every night the captivectrl warpper runs once to flush the chains and
reload rules for active clients

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
3ddd5b66a9 Fix environment variables when building file list for core updates 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-05-24 12:20:12 +01:00
Michael Tremer
dc7d6b204d make.sh: Cleanup of polluted environment 
The build environment is using a number of variables which
occasionally conflicted with some other build systems.

This patch cleans that up by renaming some variables and
later unexporting them in the lfs files.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-05-18 12:02:03 +01:00
Matthias Fischer
a0a33a8f10 BUG11271 / GeoIP: Download GeoIP database via HTTPS 
For details see:
https://bugzilla.ipfire.org/show_bug.cgi?id=11271

Download GEoIP database per HTTPS download.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-02-04 13:31:35 +00:00
Jonatan Schlag
b1b6e9f396 Fix the backup iso script once again. 
In commit 391560854f was an error in the
case statement. On i?586 the check fails. Removing the "" fixes the
error.

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-01-04 11:21:28 +00:00
Jonatan Schlag
391560854f Improvement of backup iso script 
The backup iso script did not check the arch of the host. On x86_64 host
the wrong iso was downloaded.

Furthermore, there were some if clauses which could cause trouble which
I also tried to improve.
(For example: -e is valid if we have a directory or a file, but we want
to check for a file only )

Fixes: 11258

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-01-02 19:12:14 +00:00
Arne Fitzenreiter
33513817fa set version to IPFire 2.19 core100 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-03-20 09:36:33 +01:00
Alexander Marx
1d47c971e6 BUG10834: fixes ovpn-ccd-convert 
When restoring an old backup, all OpenVPN RW's get the dynamic network.
 2015-05-06 16:18:00 +02:00
Stefan Schantl
e6c4f090b6 Merge branch 'next-geoip' into core-90-geoip 2015-04-15 17:10:49 +02:00
Alexander Marx
831a5ef6ad core89: Update OpenVPN configuration during the update 2015-04-10 13:16:33 +02:00
Stefan Schantl
d9f47d9b9e xt_geoip_update: Add support for upstream proxy. 2015-03-19 22:09:24 +01:00
Stefan Schantl
663221a256 xt_geoip_update: Fix script path. 2015-03-15 11:40:13 +01:00
Stefan Schantl
93bfe63d55 Merge branch 'seventeen-geoip' into next-geoip 2015-03-15 11:38:45 +01:00