webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-06 13:06:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,287 Commits 2 Branches 1 Tag
24e7c426de292e00fb482e1db2b8eb77e82a45ee
Commit Graph

3319 Commits

Author SHA1 Message Date
Stefan Schantl
5f3dc2ca06 C165: Fix ownership of suricata classification.config file. 
The file has to be write-able for the WUI and update script, which both
are executed as nobody.

Fixes #12803.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-16 10:14:24 +00:00
Michael Tremer
ebe404ef02 core165: Ship IPS rule updater again and unlock IPS page 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-15 11:16:22 +00:00
Michael Tremer
16cd2d674e core165: Rebuild IPS rules 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-14 15:56:40 +00:00
Michael Tremer
fe6b15f843 core165: Actually ship the core files 
This filelist is there to ship files that contain the version number of
a release and *must* be shipped every time. For that, they will need to
be a part of the filelist.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-10 10:35:44 +00:00
Michael Tremer
7f8bb55a60 core165: Ship hyperscan 
This package is being built with a different configuration.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-08 10:42:00 +00:00
Peter Müller
6fe4eb6094 Core Update 165: Rename squid-accounting add-on to proxy-accounting 
https://lists.ipfire.org/pipermail/development/2022-February/012482.html

The second version of this patch omits bogus directives for restarting a
service, which proxy-accounting is not.

Cc: Michael Tremer <michael.tremer@ipfire.org>
Cc: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-07 18:47:23 +00:00
Michael Tremer
ea04468d07 core165: Ship ids.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-07 18:46:34 +00:00
Michael Tremer
7b82d83d7e core165: Ship optionsfw.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-03-07 18:45:58 +00:00
Peter Müller
ade2424f6b Revert "Core Update 165: Ship update-ids-ruleset" 
update-ids-rulesets is relevant for Core Update 164, not Core Update 165.

This reverts commit 9713023546.
 2022-03-05 14:35:09 +00:00
Peter Müller
9713023546 Core Update 165: Ship update-ids-ruleset 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-03-05 14:30:10 +00:00
Peter Müller
82674728e3 Core Update 165: Ship vpnmain.cgi 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-23 15:54:13 +00:00
Peter Müller
2598706f23 Core Update 165: Ship dhcpcd-related changes 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-23 15:51:33 +00:00
Arne Fitzenreiter
72718c896c Merge branch 'master' into next 2022-02-22 11:40:44 +00:00
Arne Fitzenreiter
ad9d6bf585 core164: exclude boot/uEnv.txt 
uEnv.txt was destroyed on aarch64 because here a new u-boot was shipped.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2022-02-22 11:38:15 +00:00
Peter Müller
f1180ec2dc Core Update 165: Ship oci-setup initscript 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-21 21:36:18 +00:00
Peter Müller
bef6a4dccf Core Update 165: Ship wirelessclient.cgi 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-21 20:56:38 +00:00
Arne Fitzenreiter
3b45d9561b core164: add unbound initskript 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2022-02-19 15:53:54 +00:00
Peter Müller
926d840fae firewall: Make logging of conntrack INVALIDs configureable 
In theory, logging of dropped packets classified by conntrack as being
INVALID should never be disabled, since one wants to have a paper trail
of what his/her firewall is doing.

However, conntrack seems to drop a lot of (at the first glance
legitimate) packets, hence bloating the logs, making spotting the
important firewall hits more difficult.

This patch therefore adds the option to disable logging of packets being
dropped by conntrack due to INVALID state.

Please note:
- This patch does not add this category to the firewall hits graph.
- The variables in this patch ("LOGDROPCTINVALID") should make it clear
  that it is about toggling _logging_, not the actual _dropping_. Other
  variables are still in need of being renamed to clarify this, which
  will be done in a dedicated patch.
- Also, the changes made to update.sh need to take place in
  config/rootfiles/core/164/update.sh for "master", since this patch has
  been developed against "next". Kindly cherry-pick the necessary
  changes.

Partially fixes: #12778

Reported-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-19 15:37:16 +00:00
Peter Müller
cf21dcaa97 Drop ovpn-collectd-convert 
This script is orphaned: It was only used while upgrading to Core Update
89, sitting around in /usr/sbin/ doing nothing ever since.

Keeping it there won't do any harm. On the other hand, dragging an
unused script around on our installations does not make sense either.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-19 00:01:47 +00:00
Peter Müller
772d3dbd60 Core Update 165: Ship wpa_supplicant 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-18 21:57:28 +00:00
Stefan Schantl
1bd6e152c4 Core 165: Export location DB in new format. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
 2022-02-18 09:28:44 +00:00
Peter Müller
26674f2d5c Core Update 165: Fixed symlink after renaming Perl packages 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-17 19:23:15 +00:00
Peter Müller
b84666930e Core Update 165: Ship bind 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-17 19:22:49 +00:00
Arne Fitzenreiter
10148970eb core164: fix adding additional optionfw settings 
the old code erase the settings and cannot reinstalled.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2022-02-17 17:07:28 +00:00
Peter Müller
9dd886fa57 Core Update 165: Sort filelist of rm command for better readability 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 18:25:18 +00:00
Peter Müller
063ec85aed Core Update 165: Delete files from xtables-addons 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 18:24:08 +00:00
Peter Müller
3071989cfc Core Update 165: Ship changes related to P2P block removal 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 18:15:53 +00:00
Peter Müller
f14000733b Core Update 165: Ship ipset-related changes and restart the firewall engine 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 18:11:28 +00:00
Peter Müller
28965d275b Core Update 165: Ship gdbm 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 18:04:48 +00:00
Peter Müller
5fd4dfe002 Core Update 165: Ship ovpnclients.dat 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 18:04:00 +00:00
Peter Müller
bccde9948b Core Update 165: Ship libarchive 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 16:57:00 +00:00
Peter Müller
64b72c4038 Core Update 165: Ship lcms2 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 16:44:56 +00:00
Peter Müller
aed06a32c3 Core Update 165: Ship iana-etc 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-15 16:43:43 +00:00
Peter Müller
10088f21d5 Core Update 165: Ship pakfire.cgi 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 15:22:17 +00:00
Peter Müller
6d2c63f0ac Core Update 165: Ship qos.cgi 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 15:17:21 +00:00
Peter Müller
fbc6b9e0c1 Core Update 165: Ship pango 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 15:08:05 +00:00
Peter Müller
40e2cfd3da Core Update 165: Ship harfbuzz 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 15:07:35 +00:00
Peter Müller
080c9a6574 Core Update 165: Ship findutils 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 15:07:07 +00:00
Peter Müller
e4530e4a29 Core Update 165: Ship libusb 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 09:46:33 +00:00
Peter Müller
fd96c033fc Core Update 165: Ship libxcrypt 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 09:45:12 +00:00
Peter Müller
c36652c467 Core Update 165: Delete Python 3.8 files 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 09:33:18 +00:00
Peter Müller
1d05321687 Remove bogus meson symlink 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 09:27:36 +00:00
Peter Müller
2706e8d806 Core Update 165: Ship Python 3.10 and related changes 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-11 09:26:54 +00:00
Arne Fitzenreiter
0c0784f4b5 core164: ship intel-microcode 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2022-02-10 06:58:28 +00:00
Peter Müller
e04aed385f Core Update 165: Ship changes related to libwww-perl et al. 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-09 20:12:12 +00:00
Peter Müller
61cc8f6e20 Core Update 165: Ship firewall.cgi and related changes 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-06 17:19:34 +00:00
Peter Müller
54e86fb5d6 Core Update 165: Ship expat 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-06 17:15:43 +00:00
Peter Müller
0e88c23ef5 Core Update 165: Ship Bash 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-06 17:15:17 +00:00
Peter Müller
146a6b136b Core Update 165: Ship ethtool 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-06 17:14:46 +00:00
Peter Müller
b313401d3c Core Update 165: Ship curl 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2022-02-06 17:14:08 +00:00