webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-17 14:33:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,930 Commits 2 Branches 1 Tag
30f68903d339fdb2e1a0b3ff62b6b770fee9ca36
Commit Graph

6930 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arne Fitzenreiter
30f68903d3 Merge remote-tracking branch 'origin/next' into fifteen 2013-12-21 10:05:39 +01:00
Arne Fitzenreiter
562e14b01f kernel: update to 3.10.25. 2013-12-20 23:31:40 +01:00
Alexander Marx
3c037075d0 Firewall: when DNAT external port is given and dest port is empty, theres now an errormessage displayed 2013-12-20 13:04:56 +01:00
Alexander Marx
a8b113e73d Firewall: Now servicegroups and networkgroups can be renamed 2013-12-20 12:10:35 +01:00
Alexander Marx
5f037986b7 Firewall: added JS to automatically select radiobuttons in fwhosts 2013-12-20 12:10:03 +01:00
Alexander Marx
484269ceac FIrewall: Rewrote complete counters for firewall-groups (hosts,networks, network-groups) 2013-12-20 12:09:52 +01:00
Alexander Marx
ce2dbe92ce Firewall: Bugfix - When editing a DNAT rule and setting prot to "all" the port from previus rule was not resettet 2013-12-20 12:08:43 +01:00
Arne Fitzenreiter
dd6c9bb9c3 collectd initskript: parse new lm_sensors config. 2013-12-19 22:46:48 +01:00
Arne Fitzenreiter
724908c680 lm_sensors: update to 3.3.4. 2013-12-19 22:45:34 +01:00
Stefan Schantl
8a5ef45f15 Rework of flash-images. 2013-12-19 11:14:52 +01:00
Stefan Schantl
e3181add8e uboot: Update to 2013.10. 2013-12-19 11:09:00 +01:00
Arne Fitzenreiter
3fc43cd15b xen-downloader: build only on i586. 2013-12-19 10:55:57 +01:00
Arne Fitzenreiter
b2c2422191 kernel: update to 3.10.24. 2013-12-18 11:29:48 +01:00
Michael Tremer
30f08bcf80 Merge remote-tracking branch 'amarx/difflang' into fifteen 2013-12-16 12:31:19 +01:00
Alexander Marx
fac3861429 Firewall: Bugfix: in /etc/init.d/firewall the REDNAT chain was affected BEFORE NAT_SOURCE. Outgoing SNAT rules where not working though 2013-12-16 12:29:02 +01:00
Michael Tremer
39962c6e3d iptables: Update to 1.4.21. 2013-12-16 12:28:08 +01:00
Arne Fitzenreiter
5cd3a05bf0 finalize core 74. 2013-12-14 22:01:16 +01:00
Alexander Marx
33e64584dd TOOLS: new script langdiff added. With this script one can check a languagefile against another and gets a txtfile conatining the missing lines. 2013-12-13 08:03:23 +01:00
Michael Tremer
6c859e0382 core74: Add httpscert script. 2013-12-12 21:20:56 +01:00
Michael Tremer
325aa1e1f4 httpscert: Increase size of the RSA key to 4096. 
RSA keys with length of 1024 bits are considered weak.
 2013-12-12 21:18:56 +01:00
Michael Tremer
a1365ee37c httpscert: Use regular random source. 
Previous to this patch, the kernel image file and internal
configuration settings have been used as a source for random
data, which is not random at all.
 2013-12-12 21:17:53 +01:00
Michael Tremer
cfb00625b8 strongswan: Disable rdrand plugin. 
Disabled because of security concerns.
 2013-12-12 21:15:24 +01:00
Michael Tremer
7506baa2eb wirelesscrtl: Add --wait to iptables command line. 
With a huge number of access rules, inserting all rules
into the kernel took a long while in which other iptables
tried to access the kernel's ruleset as well, which then
lead to resource conflicts.

Since iptables 1.4.20, the --wait parameter is supported
that will wait for a global xtables lock and then proceed.
 2013-12-12 21:05:56 +01:00
Michael Tremer
dfb1bfaf7b Always create squid.conf. 
In some cases, /var/ipfire/proxy/squid.conf does not belong to
nobody:nobody, so we do this explicitely.
 2013-12-11 21:59:22 +01:00
Michael Tremer
7d5e022df4 Merge remote-tracking branch 'amarx/firewall-fifteen-beta9' into fifteen 2013-12-10 13:31:38 +01:00
Alexander Marx
3a162dc14f Firewall: rebuild complete counter procedure in firewall-groups. This way the counters are on the fly generated and stable. also this is a prequisite to the new option that firewall-servicegroups can be rolled out by installation 2013-12-10 12:21:48 +01:00
Arne Fitzenreiter
5d4d41b18c Merge branch 'next' into fifteen 2013-12-10 00:15:01 +01:00
Arne Fitzenreiter
9fa1849586 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2013-12-10 00:14:12 +01:00
Arne Fitzenreiter
afa7593932 Merge branch 'master' into next 2013-12-10 00:13:20 +01:00
Arne Fitzenreiter
af2dcb40f6 samba: update to 3.6.22. 
Samba 3.6.22 have been issued as security releases in order
to address CVE-2013-4408 (DCE-RPC fragment length field is incorrectly checked)
and CVE-2012-6150 (pam_winbind login without require_membership_of
restrictions).
 2013-12-10 00:07:36 +01:00
Arne Fitzenreiter
e39ac92dd2 Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen 2013-12-09 17:13:34 +01:00
Arne Fitzenreiter
be33adfb3d kernel: update to 3.10.23. 2013-12-09 17:10:59 +01:00
Alexander Marx
50ce309b6a Firewall: added DNS (UDP,TCP) to default services 2013-12-09 11:06:50 +01:00
Alexander Marx
fe2bae3b74 Firewall: Fix BETA8 - It was not possible to delete single services from servicegroups 2013-12-09 09:33:21 +01:00
Alexander Marx
a8ec686f17 Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into firewall-fifteen1 2013-12-09 09:29:50 +01:00
Arne Fitzenreiter
3a3759c625 mountkernfs: fix mount of /sys and /proc without initrd. 2013-12-08 16:07:35 +01:00
Arne Fitzenreiter
8a2cf24a1f kernel: enable grsecurity on rpi kernel. 2013-12-08 16:03:25 +01:00
Alexander Marx
82b837cff8 Firewall: Added new feature: Now protocols can be added to servicegroups (GRE,AH,ESP,IPIP,IPV6) 2013-12-06 08:47:11 +01:00
Arne Fitzenreiter
342a91ae25 kernel: update to 3.10.22. 2013-12-05 19:46:25 +01:00
Alexander Marx
784098e4db Firewall: forgot to delete a development test string 2013-12-05 15:51:15 +01:00
Alexander Marx
0c733ab750 Firewall: Bugfix: Fixed wrong language strings in outgoing FW rules when using std networks or ipfire 2013-12-05 15:16:19 +01:00
Alexander Marx
2be048cedc Firewall: FIxed wrong language strings in outgoing Firewall 2013-12-05 15:16:02 +01:00
Alexander Marx
02cb636c8b Firewall: Fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=e19a36c4a09ea417ce9d577c262f17242eec4a31 
Now all "active" Strings from all languagefiles are checked against the old rule to find out if logging is enabled

Conflicts:
	config/firewall/convert-outgoingfw
 2013-12-05 15:15:37 +01:00
Alexander Marx
5558ca2a96 Firewall: fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=1ed4b214d785ad0538b0a864f43babccd55475b1 
Conflicts:
	html/cgi-bin/firewall.cgi
 2013-12-05 15:12:37 +01:00
Alexander Marx
cdb3536bc8 Firewall: BUGFIX: RUles.pl did not create LOGGING rules properly. 2013-12-05 14:48:59 +01:00
Michael Tremer
3868dc2a0c Merge remote-tracking branch 'earl/tor' into next 2013-12-05 00:00:28 +01:00
Michael Tremer
a408e02da2 squid: Update to 3.3.11. 2013-12-03 14:42:30 +01:00
Michael Tremer
6003c4bbdb strongswan: Rootfile update. 2013-12-03 14:00:29 +01:00
Michael Tremer
4ea955c544 core74: Fix incrementation. 2013-12-02 21:41:12 +01:00
Michael Tremer
9f9e43dcdd core74: Ship dnsforward.cgi in update as well. 
Adds the CGI file on systems which have been installed
with an ISO image where dnsforward.cgi was not included.
 2013-12-02 21:35:12 +01:00