webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 03:07:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,156 Commits 2 Branches 1 Tag
35cdc506b06ed2e5fc8f7ad7fe57239eaadbda58
Commit Graph

13156 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
cc0104dce3 core129: Ship updated libgcrypt 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:58:04 +00:00
Peter Müller
b66c2faac2 libgcrypt: update to 1.8.4 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:57:18 +00:00
Michael Tremer
07b73b195c core129: Ship updated unbound 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:56:49 +00:00
Matthias Fischer
97a238f4bf unbound: Update to 1.9.0 
For details see:
https://nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:56:05 +00:00
Michael Tremer
59db01c753 core129: Ship changes from ipsec branch 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:55:31 +00:00
Michael Tremer
50d1bbf0f5 Merge branch 'ipsec' into next 2019-02-25 00:48:08 +00:00
Michael Tremer
b5ef99df2c Start Core Update 129 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:47:28 +00:00
Michael Tremer
21eead8d17 Add script to search for missing libraries 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-24 11:45:55 +00:00
Michael Tremer
232c42e14d core128: Drop old openssl engines 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-24 04:06:52 +00:00
Michael Tremer
001481edf3 cups: Depends on bluetooth library 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-24 04:04:51 +00:00
Arne Fitzenreiter
1e1273df1d core128: add openldap to update 
openldap was linked against old openssl lib

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-24 20:50:16 +01:00
Arne Fitzenreiter
ed971af3a4 core128: add sse2 openssl libs 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-24 17:04:44 +01:00
Arne Fitzenreiter
42e48984ad core128: apply local sshd config 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-24 10:55:49 +01:00
Arne Fitzenreiter
c09758302b kernel: update to 4.14.103 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-23 15:56:21 +01:00
Arne Fitzenreiter
8818db9a1c core128: finish core128 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-22 21:33:45 +01:00
Arne Fitzenreiter
173844d352 kernel: import cve-2019-8912 patch 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-22 21:20:57 +01:00
Arne Fitzenreiter
186402fbe8 core128: stop apache before replacing files 
apache will not restart without stopped before
the files was replaced.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-22 19:26:08 +01:00
Arne Fitzenreiter
6957b699b3 kernel: apu leds: add more id's 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-22 18:02:45 +01:00
Arne Fitzenreiter
710153a89c partresize: add "apu1" for apus with new bios. 2019-02-22 18:01:18 +01:00
Stefan Schantl
cc636c4741 convert-snort: Try to download ruleset if none is present. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-22 10:04:27 +01:00
Arne Fitzenreiter
4a25ada199 core128: add kernel to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-21 19:23:05 +01:00
Arne Fitzenreiter
a2d49659f3 kernel: cleanup unused rpi patch 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-21 19:13:27 +01:00
Arne Fitzenreiter
8c8b4b2154 kernel: update to 4.14.102 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-21 10:52:38 +01:00
Arne Fitzenreiter
8f49959d70 partresize: enable serial console on PC Engines APU 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-19 15:26:41 +01:00
Arne Fitzenreiter
17872019ba kernel: update apu led patch for apu3 and 4 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-19 01:04:19 +01:00
Stefan Schantl
5d7d8749dc convert-snort: Set correct ownership after modify_sids_file has been generated. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-18 13:33:41 +01:00
Stefan Schantl
d0f9526beb ids.cgi: Add language string for ignored hosts section. 
Fixes #12002.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-18 13:29:47 +01:00
Michael Tremer
06f57f7230 general-functions.pl: Only skip lines with a # at the beginning 
This accidientially dropped all lines that include #. That resulted
in colour codes not being loaded from file any more.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-18 11:36:37 +01:00
Stefan Schantl
7c3b7cdcca ids-functions.pl: Tune rules to always monitor in both directions. 
This will allow to scan the traffic from an EXTERNAL_NET to the HOME_NET and from
the HOME_NET to the EXTERNAL_NET.

Reference: 10273

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-18 10:55:27 +01:00
Stefan Schantl
20b4c4d863 suricata: Swith to "16" as repeat-mark and repeat-mask. 
Marks "1-3" are used for marking source-natted packets on the
interfaces and 4 up to 6 for TOS and QOS. The mark "32" is used by IPsec.

See commit: f5ad510e3c

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-18 10:02:29 +01:00
Michael Tremer
9bc1760052 unbound: Drop certificates for local control connection 
These are a cause of worry because they are sometimes generated with
an invalid timestamp and therefore render unbound being unusable.

There is no strong reason to use self-signed certificates for extra
security here.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-17 13:46:51 +00:00
Matthias Fischer
256070e92f Added 'CONFIG_X86_MSR=y for 'powertop' to i586 and x86_64 builds for fixing #11997 
Triggered by:
https://forum.ipfire.org/viewtopic.php?f=69&t=22274

This - probably - fixes Bug #11997.

Needs testing on 64bit installations!

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-17 13:03:56 +00:00
Rob Brewer
34f4af78a8 Fix ownership of sendEmail script 
The script used to be owned by a non-privileged user and it should
just be owned by root.root like any other binary.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-17 13:03:30 +00:00
Arne Fitzenreiter
56ec56a819 borgbackup: fix build on armv5tel 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-16 22:49:47 +01:00
Arne Fitzenreiter
2caca41217 kernel: enable PCA953X GPIO extender for ClearFog boards 
fixes: #12000

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-16 21:44:52 +01:00
Arne Fitzenreiter
ede9247310 kernel: update to 4.14.101 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-15 17:46:54 +01:00
Stefan Schantl
77c07352a5 Suricata: Start service on red.up event if requested 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-15 13:26:55 +01:00
Stefan Schantl
d215f6e980 collectd: Stop collecting process details for snort 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-15 12:39:56 +01:00
Stefan Schantl
0d8cc90f4d services.cgi: Show status of suricata instead of snort 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-15 12:18:45 +01:00
Stefan Schantl
1ef235f08d logrotate: Rotate suricata logs instead of snort ones 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-15 11:22:14 +01:00
Stefan Schantl
78690361ab convert-snort: Always create directory and filelayout 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-14 12:37:13 +01:00
Stefan Schantl
b09c13f1b6 convert-snort: Call subfunction to change ownership of rulestarball 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-14 12:15:41 +01:00
Stefan Schantl
99b2e30636 ids-ruleset-sources: Fix rootfile 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-14 11:43:31 +01:00
Stefan Schantl
c980ac7f2a Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2019-02-13 19:46:45 +01:00
Michael Tremer
5368ccb0fc core128: Ship kdig 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-13 11:32:00 +00:00
Erik Kapfer
2397e51335 knot: Reduced version of knot with kdig only 
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-13 11:31:37 +00:00
Michael Tremer
59d673ae44 core128: Ship libedit 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-13 11:31:24 +00:00
Erik Kapfer
17b3255b7f libedit: A command line editor library 
Dependency for knot (kdig).

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-13 11:30:58 +00:00
Matthias Fischer
17d9d42571 powertop: Update to 2.10 
Hi,

Triggered by:
https://forum.ipfire.org/viewtopic.php?f=69&t=22274

For details see:
https://01.org/powertop/downloads/powertop-v2.10

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-13 11:29:39 +00:00
Matthias Fischer
941a3dec4e dhcpcd: Update to 7.1.1 
For details see:
https://roy.marples.name/blog/dhcpcd-7-1-1-released

"A minor update, highlights include:

 IPv4LL: Fixed build with this disabled
 IPv4LL: Remember last address between carrier resets
 BSD: Fixed initial link infos reported as LINK_STATE_UNKNOWN
 FreeBSD: Avoid panicing kernel when RTA_IFP is set for IPv6 prefix routes"

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-13 11:28:30 +00:00