bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-19 23:43:00 +02:00

Author	SHA1	Message	Date
Michael Tremer	3dc21d43bf	ipsec: Log a message when an interface could not be created Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	1a45f9a70a	ipsec-interfaces: Don't add any interfaces when IPsec is disabled Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	a56357b8be	Revert "ipsec-interfaces: Run when IPsec is disabled" This reverts commit 3c3a1cfdb9b473fae9b792e8c211c9940fafc658. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	216bd9b389	vpnmain.cgi: Move advanced IPsec settings to connection page This is required to make the initial setup easier for GRE/VTI connections Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	4cf038dcfe	ipsec-interfaces: Run when IPsec is disabled This needs to run even when IPsec is disable to remove and interfaces Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	05af70c2f3	ipsec-interfaces: Use correct righthost variable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	f2d45a45ab	IPsec: Do not allow 0.0.0.0/0 as remote subnet This renders the whole machine inaccessible Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	68e69b676f	network: Create IPsec interfaces when network is brought up Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	3446a17293	ipsecctrl: Call ipsec-interfaces script when turning up/shutting down connections Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	b8c153bca5	IPsec: Add (experimental) script that creates GRE/VTI interfaces Signed-off-by: root <root@interim-edge-a.ec2.internal>	2019-02-04 18:20:36 +00:00
Michael Tremer	90aa4f1083	IPsec: Use left/rightprotoport in GRE mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	b89ae1a4e3	ipsecctrl: Don't wait when a connection is to be started Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	5a9c9ff312	ipsec-policy: Don't install any block rules for connections with an interface Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	b54cd874b9	ipsec-policy: Permit GRE traffic for GRE connections Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	2704dbbc28	ipsec-policy: Variables don't match those from the CGI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	4cf4f8f623	ipsec-policy: Parse all configuration settings Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	6cf8bc9161	IPsec: Move opening ports from ipsecctrl into ipsec-policy script Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	6c920b19cd	IPsec: Rename ipsec-block script to ipsec-policy This is a more general name for a script that will be extended soon to do more than just add blocking rules. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	b01c17e9d0	IPsec: Update ipsec.conf for GRE/VTI changes Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	55842dda69	IPsec: Add UI for set interface MTU Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	7464131706	IPsec: Add option to configure IP address for tunnel interface Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	8ebe725416	IPsec: Set default inactivity timeout to half an hour Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	1e9457ac6f	IPsec: New connections should defatul to on-demand mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	cae1f4a7a8	IPsec: Add dropdown to select tunnel interface mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	5e6fa03e1e	vpnmain.cgi: Correctly carry over INACTIVITY_TIMEOUT Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	326728d53d	IPsec: Write tunnel/transport mode to strongSwan configuration Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	29f5e0e2b9	IPsec: Add selection for transport/tunnel mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Jonatan Schlag	08d91c0f7a	python3-msgpack: Fix build on i586 Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 09:02:18 +00:00
Michael Tremer	e20b7de067	python3-dateutil: Update rootfiles Changed because of new python3-setuptools Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 07:00:13 +00:00
Michael Tremer	1cca99e3a1	core128: Ship updated dhcpcd Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 00:40:02 +00:00
Matthias Fischer	2378f373dd	dhcpcd: Update to 7.1.0 For some informations about this update see: https://roy.marples.name/blog/dhcpcd-7-1-0-released "dhcpcd-7.1.0 has been released with the following changes: - OpenBSD: works alongside slaacd(8) - NetBSD: sets SO_RERROR on to detect receive socket overflow - BSD: route improvements to avoid listening for own changes - Linux: use NETLINK_BROADCAST_ERROR - BSD: avoid late address deletion messages by testing address existance - IP6: implement IP6 address sharing - BSD: catch UP/DOWN events when interfaces does support media changes - IPv4LL: remember old address when carrier is lost Many other minor fixes and documenation updates have been submitted by various community members for this release..." Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 00:39:25 +00:00
Michael Tremer	60c692e385	core128: Ship updated curl Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 00:15:24 +00:00
Matthias Fischer	d2b7811b15	curl: Update to 7.63.0 For details see: https://curl.haxx.se/changes.html Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 00:14:59 +00:00
Erik Kapfer	b4285088a1	update.sh: Delete .rnd files Since RANDFILE has been disabled in OpenSSL configurations, .rnd files are not needed anymore. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-03 21:43:23 +00:00
Michael Tremer	06232b041a	core128: Ship updated apr Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-03 21:42:43 +00:00
Wolfgang Apolinarski	33f7d610fb	Updated apr, stabilized apache build - Updated apr to 1.6.5 - Stabilized apache build (rebuild) Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-03 21:41:33 +00:00
Arne Fitzenreiter	22f7be0d4d	python3-llfuse: fix rootfile for non x86_64 builds Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-03 15:28:52 +01:00
Arne Fitzenreiter	329788dee5	kernel: update to 4.14.97 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-03 12:45:52 +01:00
Michael Tremer	2a915f98cb	haproxy: Bump version to support TLSv1.3 (and PCRE JIT) Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 17:34:02 +00:00
Michael Tremer	83064ee34e	core128: Restart updated apache Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 17:12:23 +00:00
Matthias Fischer	57bc05a53d	apache: Update to 2.4.38 For details see: http://mirror.checkdomain.de/apache//httpd/CHANGES_2.4.38 Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 17:09:49 +00:00
Michael Tremer	2d8187e8e0	core128: Ship AWS scripts again It seems that this was missing in Core Update 125/126 so not all bug fixes made it into the release. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 17:08:44 +00:00
Jonatan Schlag	46114d79d9	Add new package borgbackup Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 16:27:23 +00:00
Jonatan Schlag	def9f4a3e0	Add new package python3-msgpack Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 16:27:16 +00:00
Jonatan Schlag	3be819876b	Add new package python3-llfuse Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 16:27:06 +00:00
Jonatan Schlag	662b2a812f	Add new package python3-setuptools-scm Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 16:26:59 +00:00
Jonatan Schlag	2d17377aa0	Add new package python3-settuptools Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-01 16:26:39 +00:00
Michael Tremer	feeda1e4dd	core128: Delete SSE2-optimised legacy OpenSSL libraries, too Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-30 18:37:26 +00:00
Michael Tremer	898fe209ff	core128: Ship updated OpenSSL configuration files Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-29 13:51:37 +00:00
Erik Kapfer	a946892338	del_rand: Deletion of RAND file in openssl config Fixes #11943 Since the kernel RNG should do this, there is no need for this anymore. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-29 13:49:29 +00:00

1 2 3 4 5 ...

12692 Commits