webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 11:35:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,185 Commits 2 Branches 1 Tag
00a031145e32d31a08037dda3c8a3cc7cc6c815e
Commit Graph

5417 Commits

Author SHA1 Message Date
Stefan Schantl
06b569a442 oinkmaster: Install config file to /var/ipfire/suricata 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-03 13:48:46 +02:00
Stefan Schantl
d33874f496 daq: Drop package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-03 10:20:18 +02:00
Stefan Schantl
843a8c570c snort: Drop package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-03 10:19:35 +02:00
Stefan Schantl
914cca3d8e initscripts: Link against suricata initscript in runlevels and red.up hook 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-03 10:02:34 +02:00
Stefan Schantl
1d9b879140 ids-ruleset-sources: New package 
Move the file which contains the download URL's for the IDS rulesets
into an own common package. This will allow us in future to easily ship
a changed file with a core update.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-02 19:29:36 +02:00
Stefan Schantl
72b2109c72 configroot: Move from snort to suricata 
Create /var/ipfire/suricata and /var/ipfire/suricata/settings instead of
/var/ipfire/snort and /var/ipfire/snort/settings.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-02 15:47:31 +02:00
Stefan Schantl
4c6d6c1ee3 suricata: Install very basic config file 
This config file is mostly based on the example configuration shipped
by the suricata project and needs to be enhanched.

See #11808.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-02 09:10:25 +02:00
Stefan Schantl
a8b8c9e5b2 Merge branch 'next-new-ids.cgi' into next-suricata-and-cgi 2018-07-30 21:33:25 +02:00
Stefan Schantl
67752a9510 suricata: New package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-07-30 21:31:15 +02:00
Stefan Schantl
3498300d87 libhtp: New package 
This is build and runtime dependency for suricata.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-07-29 09:45:05 +02:00
Stefan Schantl
91cc908f84 yaml: New package 
This is a build and runtime dependency for suricata.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-07-29 09:44:52 +02:00
Stefan Schantl
8dcebe5342 IDS: Introduce ids-functions.pl. 
This library will contain a set of functions used by the IDS CGI script
and the planned update script for auto-updating the snort ruleset.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-07-26 11:54:25 +02:00
Stefan Schantl
c6bcdda1af snort: Introduce ruleset-sources.list 
This file contains the ruleset vendors and download urls and
will be used by the ids.cgi.

If an url or filename changes, we easily can adjust this file. In most
cases this will be needed when performing a snort update.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-07-26 11:50:11 +02:00
Michael Tremer
04441d8a3c asterisk: Don't optimise for builder 
Asterisk enables -march=native which renders the code
incompatible to most systems.

Fixes: #11793

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 14:22:59 +00:00
Michael Tremer
011204d963 fireinfo: Import latest patches 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-20 12:06:11 +00:00
Arne Fitzenreiter
66a29eaa02 kernel: apply multi arch patchset for aarch64 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-07-19 09:28:27 +01:00
Michael Tremer
347db51aa5 linux: Simplify compiling and installing the kernel 
There was loads of duplicated code which could have been
made shorter by adding one variable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-12 14:02:47 +01:00
Matthias Fischer
b38c334a25 clamav: Update to 0.100.1 
For details see:
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-10 18:40:15 +01:00
Arne Fitzenreiter
64252706ce Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2018-07-03 11:52:18 +01:00
Arne Fitzenreiter
1ac0d5c598 Merge branch 'aarch64' into next 
Conflicts:
	config/rootfiles/core/121/filelists/acpid
	config/rootfiles/core/121/filelists/apache2
	config/rootfiles/core/121/filelists/apr
	config/rootfiles/core/121/filelists/aprutil
	config/rootfiles/core/121/filelists/armv5tel/files
	config/rootfiles/core/121/filelists/armv5tel/linux-initrd-kirkwood
	config/rootfiles/core/121/filelists/armv5tel/linux-initrd-multi
	config/rootfiles/core/121/filelists/armv5tel/linux-kirkwood
	config/rootfiles/core/121/filelists/armv5tel/linux-multi
	config/rootfiles/core/121/filelists/armv5tel/rpi-firmware
	config/rootfiles/core/121/filelists/armv5tel/u-boot
	config/rootfiles/core/121/filelists/armv5tel/u-boot-kirkwood
	config/rootfiles/core/121/filelists/armv5tel/u-boot-mkimage
	config/rootfiles/core/121/filelists/beep
	config/rootfiles/core/121/filelists/cmake
	config/rootfiles/core/121/filelists/crda
	config/rootfiles/core/121/filelists/dhcp
	config/rootfiles/core/121/filelists/flex
	config/rootfiles/core/121/filelists/i586/grub
	config/rootfiles/core/121/filelists/i586/intel-microcode
	config/rootfiles/core/121/filelists/i586/linux
	config/rootfiles/core/121/filelists/i586/linux-initrd
	config/rootfiles/core/121/filelists/iw
	config/rootfiles/core/121/filelists/jwhois
	config/rootfiles/core/121/filelists/libidn
	config/rootfiles/core/121/filelists/multipath-tools
	config/rootfiles/core/121/filelists/pcre
	config/rootfiles/core/121/filelists/tar
	config/rootfiles/core/121/filelists/unbound
	config/rootfiles/core/121/filelists/wget
	config/rootfiles/core/121/filelists/x86_64/grub
	config/rootfiles/core/121/filelists/x86_64/intel-microcode
	config/rootfiles/core/121/filelists/x86_64/linux
	config/rootfiles/core/121/filelists/x86_64/linux-initrd
	config/rootfiles/core/122/filelists/aarch64/files
	config/rootfiles/core/122/filelists/acpid
	config/rootfiles/core/122/filelists/apache2
	config/rootfiles/core/122/filelists/apr
	config/rootfiles/core/122/filelists/aprutil
	config/rootfiles/core/122/filelists/armv5tel/linux-initrd-kirkwood
	config/rootfiles/core/122/filelists/armv5tel/linux-initrd-multi
	config/rootfiles/core/122/filelists/armv5tel/linux-kirkwood
	config/rootfiles/core/122/filelists/armv5tel/linux-multi
	config/rootfiles/core/122/filelists/armv5tel/rpi-firmware
	config/rootfiles/core/122/filelists/armv5tel/u-boot
	config/rootfiles/core/122/filelists/armv5tel/u-boot-kirkwood
	config/rootfiles/core/122/filelists/armv5tel/u-boot-mkimage
	config/rootfiles/core/122/filelists/beep
	config/rootfiles/core/122/filelists/cmake
	config/rootfiles/core/122/filelists/crda
	config/rootfiles/core/122/filelists/dhcp
	config/rootfiles/core/122/filelists/flex
	config/rootfiles/core/122/filelists/i586/grub
	config/rootfiles/core/122/filelists/i586/intel-microcode
	config/rootfiles/core/122/filelists/i586/linux
	config/rootfiles/core/122/filelists/i586/linux-initrd
	config/rootfiles/core/122/filelists/iw
	config/rootfiles/core/122/filelists/jwhois
	config/rootfiles/core/122/filelists/libidn
	config/rootfiles/core/122/filelists/multipath-tools
	config/rootfiles/core/122/filelists/pcre
	config/rootfiles/core/122/filelists/tar
	config/rootfiles/core/122/filelists/unbound
	config/rootfiles/core/122/filelists/wget
	config/rootfiles/core/122/filelists/x86_64/grub
	config/rootfiles/core/122/filelists/x86_64/intel-microcode
	config/rootfiles/core/122/filelists/x86_64/linux
	config/rootfiles/core/122/filelists/x86_64/linux-initrd
	config/rootfiles/core/123/filelists/unbound
	config/rootfiles/oldcore/121/filelists/acpid
	config/rootfiles/oldcore/121/filelists/apache2
	config/rootfiles/oldcore/121/filelists/apr
	config/rootfiles/oldcore/121/filelists/aprutil
	config/rootfiles/oldcore/121/filelists/armv5tel/files
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-kirkwood
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-multi
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-rpi
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-kirkwood
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-multi
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-rpi
	config/rootfiles/oldcore/121/filelists/armv5tel/rpi-firmware
	config/rootfiles/oldcore/121/filelists/armv5tel/u-boot
	config/rootfiles/oldcore/121/filelists/armv5tel/u-boot-kirkwood
	config/rootfiles/oldcore/121/filelists/armv5tel/u-boot-mkimage
	config/rootfiles/oldcore/121/filelists/beep
	config/rootfiles/oldcore/121/filelists/cmake
	config/rootfiles/oldcore/121/filelists/crda
	config/rootfiles/oldcore/121/filelists/dhcp
	config/rootfiles/oldcore/121/filelists/flex
	config/rootfiles/oldcore/121/filelists/i586/grub
	config/rootfiles/oldcore/121/filelists/i586/intel-microcode
	config/rootfiles/oldcore/121/filelists/i586/linux
	config/rootfiles/oldcore/121/filelists/i586/linux-initrd
	config/rootfiles/oldcore/121/filelists/iw
	config/rootfiles/oldcore/121/filelists/jwhois
	config/rootfiles/oldcore/121/filelists/libidn
	config/rootfiles/oldcore/121/filelists/multipath-tools
	config/rootfiles/oldcore/121/filelists/pcre
	config/rootfiles/oldcore/121/filelists/tar
	config/rootfiles/oldcore/121/filelists/wget
	config/rootfiles/oldcore/121/filelists/x86_64/grub
	config/rootfiles/oldcore/121/filelists/x86_64/intel-microcode
	config/rootfiles/oldcore/121/filelists/x86_64/linux
	config/rootfiles/oldcore/121/filelists/x86_64/linux-initrd
	make.sh
 2018-07-03 11:52:05 +01:00
Erik Kapfer
461d78b412 hplip: Update to version 3.18.6 
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-03 10:34:08 +01:00
Stefan Schantl
b9365dcc95 guardian: Update to 2.0.2 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-03 10:33:58 +01:00
Peter Müller
b07b1bef22 usbutils: update to 010 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-03 10:32:21 +01:00
Peter Müller
d30edb595e update GeoIP.dat database 
There are two GeoIP databases used in IPFire: One for firewall
rules, which is downloaded and installed automatically, and a
second one ("GeoIP.dat") for WebUI lookups via the Perl interface.

The latter one is not updated automatically and was outdated.
libloc will make things much easier here...

Fixes #11777.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-03 10:31:35 +01:00
Michael Tremer
571cfa9718 multipath-tools: Update to 0.7.7 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-02 19:10:36 +01:00
Arne Fitzenreiter
cf7a7a874f Merge remote-tracking branch 'origin/master' into aarch64 2018-07-02 19:07:22 +01:00
Michael Tremer
e6aa297eb3 nss-myhostname: FTBFS on aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-02 18:48:50 +01:00
Peter Müller
6cedc16d90 update cryptography settings in StrongSwan LFS file 
The RC2 plugin was never supported by the WebUI and is insecure,
so it became obsolete here. To support new ChaCha20/Poly1305, the
corresponding module needs to be enabled.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 13:34:32 +01:00
Peter Müller
9aeae88133 smartmontools: update to 6.6. 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:36:18 +01:00
Peter Müller
352796cad7 lynis: update to 2.6.4 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:36:16 +01:00
Peter Müller
df5cc48dd6 update StrongSwan to 5.6.3 
This also takes advantage of changed crypto plugins (see first
patch) and updates the rootfile.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:36:11 +01:00
Peter Müller
0779907e1b libgcrypt: update to 1.8.3 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:36:09 +01:00
Matthias Fischer
79d32988c5 unbound: Update to 1.7.3 
For details see:
http://www.unbound.net/download.html

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:36:04 +01:00
Erik Kapfer
1ff69fca2a OpenVPN: Update to version 2.4.6 
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:36:00 +01:00
Peter Müller
c6e5fcdf12 conntrack-tools: update to 1.4.5 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:35:54 +01:00
Peter Müller
eeab80f8dc libnetfilter_conntrack: update to 1.0.7 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:35:53 +01:00
Peter Müller
733fae2abe iptables: update to 1.6.2 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:35:52 +01:00
Michael Tremer
dc845b6c81 AWS: Hide certain things on the web UI 
Those are practically unusable on AWS.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:15:00 +01:00
Michael Tremer
4e9000b4d8 nss-myhostname: New package 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-30 19:51:38 +01:00
Michael Tremer
16c31d1004 openssh: Write port 22 into the default configuration file 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-30 19:25:15 +01:00
Arne Fitzenreiter
4838034131 random: update initskript for machines with low entropy 
the script wait until crng is correct initialized before restore the
random seed and make some disc io to work around low entropy at boot
on some machines. Not really a fix but it should be better than reverting
CVE-2018-1108 fixes from kernel.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-06-28 20:48:58 +02:00
Michael Tremer
0009de91e8 Ship default settings for language, theme, etc. in all images 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-27 09:59:47 +01:00
Michael Tremer
6723afef09 apache: Write hostname into configuration at boot time 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-25 10:59:49 +01:00
Michael Tremer
bd3bcb45d6 AWS: Import aws setup script 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-25 10:55:39 +01:00
Michael Tremer
1c21ebf8d5 Add initscript that automatically configures IPFire on AWS EC2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-21 16:45:40 +01:00
Michael Tremer
1f2a90b552 flash-image: Make sure that GRUB boots the first entry 
This is required when importing an image into AWS EC2 or
the import of the image fails.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-21 16:45:40 +01:00
Arne Fitzenreiter
5b17da41c1 kernel: add config for aarch64 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-06-21 06:20:35 +01:00
Arne Fitzenreiter
2bd9316d9d rpi-firmware: build for aarch64 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-06-21 06:17:49 +01:00
Arne Fitzenreiter
963f6e973a u-boot: add config for aarch64 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-06-21 06:12:59 +01:00
Peter Müller
319aedce97 iana-etc: update to 2.30 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-19 11:34:25 +01:00