To improve the user experience, the configuration part of generating new vouchers has been reworked.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
When configuring the captiveportal for the first time the form
will be empty after clicking on save button if not all relevant fields are set.
Now the settings are stored even if there is an error.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
The cleanup script is called every hour and deletes expired clients from
the clients file.
every night the captivectrl warpper runs once to flush the chains and
reload rules for active clients
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Introduce new Captive-Portal.
Here we add the menu, apache configuration (vhost), IPFire configuration
website and Captive-Portal Access site. Also the languagefiles are
updated.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
When the expiry time equals zero, the lease will have
no time constraints. The IP address will also be removed
as it might probably change.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This wrapper reads the captive settings and clients and sets the
firewall access rules. It is called every time the config changed or
everytime that a client changes. Also this wrapper is later called once
hourly to flush the chains and rebuild rules for actual clients.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- APR 1.6.2 is a requirement for building apache httpd 2.4
- APR-Util 1.6.0 is a requirement for building apache httpd 2.4
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Disable unauthenticated access to cgi-bin/credits.cgi. The page
leaks the currently installed version of IPFire and the hardware
architecture.
Both information might make a successful attack much easier.
This issue can be reproduced by accessing https://[IPFire-IP]:444/cgi-bin/credits.cgi
and accepting a SSL certificate warning (if any).
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Unify translations of various terms.
- Unify translations of week days.
- Correct some typos and grammar errors.
- Modify some phrases which were not fully translated.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
this resolves problems that negative answers from
a forwarder was still used after setting new servers.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
