Arne Fitzenreiter
29b907c677
intel-microcode: update to 20190514
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2019-05-15 13:17:26 +02:00
Michael Tremer
a7e185c590
grub: Fix rootfile
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2019-04-28 09:43:48 +01:00
Michael Tremer
452d2b6eaa
grub: Disable efiemu on PC builds
...
This won't compile with GCC 8 and we do not need it
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2019-04-26 16:19:42 +01:00
Arne Fitzenreiter
5fa063f859
kernel: update to 4.14.112
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2019-04-17 22:30:19 +02:00
Michael Tremer
01604708c3
Merge remote-tracking branch 'stevee/next-suricata' into next
2019-03-14 13:19:35 +00:00
Michael Tremer
771c9b78ee
binutils: Ship strings & readelf
...
This is needed by the spectre meltdown checker script
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2019-03-02 13:01:42 +00:00
Stefan Schantl
8117fff863
IDS: Call helper script when red interface gets up
...
The helper script will be automatically called when the red interface gets up
and will re-generate the HOME_NET file, to take care if the IP-address of this
interface has changed.
Fixes #11989
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org >
2019-02-06 15:40:19 +01:00
Michael Tremer
b8c153bca5
IPsec: Add (experimental) script that creates GRE/VTI interfaces
...
Signed-off-by: root <root@interim-edge-a.ec2.internal >
2019-02-04 18:20:36 +00:00
Michael Tremer
6c920b19cd
IPsec: Rename ipsec-block script to ipsec-policy
...
This is a more general name for a script that will be extended
soon to do more than just add blocking rules.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2019-02-04 18:20:36 +00:00
Stefan Schantl
c1a3401235
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata
2019-01-21 13:04:13 +01:00
Michael Tremer
7d5caee6bd
Add initscript for conntrackd
...
The daemon will be started by default when a configuration
file exists.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2019-01-06 08:59:25 +00:00
Arne Fitzenreiter
5e6f343b7d
python: update to 2.7.15
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2019-01-06 15:51:53 +01:00
Stefan Schantl
ed809cf07a
Ship update-ids-ruleset script also on x86_64 and aarch64
...
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org >
2018-12-28 07:36:19 +01:00
Stefan Schantl
a13ddf04d9
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata
...
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org >
2018-12-12 09:27:59 +01:00
Michael Tremer
f354601bbe
initscripts: Import pakfire keys before importing AWS configuration
...
This is useful when the user-data script is installing
packages. For that it will need valid keys for course.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-12-07 11:38:55 +00:00
Arne Fitzenreiter
16c18024bb
kernel: compress kernel modules with xz
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-11-18 14:30:14 +01:00
Michael Tremer
9af7531136
glibc: Update to 2.28
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-10-24 11:16:38 +01:00
Stefan Schantl
2d475a3c6c
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata
2018-09-26 14:49:34 +02:00
Arne Fitzenreiter
924b48c789
kernel: update to 4.14.69
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-09-12 21:04:07 +02:00
Stefan Schantl
cb52183c6a
Fix merge conflicts during merge of next and the suricata branch
2018-08-23 10:34:17 +02:00
Michael Tremer
84cd9b9162
Drop the network-trigger script
...
This is done at boot time and doesn't normally need to be done again.
On AWS or in the setup, renaming any network interfaces is being
handled automatically.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-08-22 14:05:43 +01:00
Arne Fitzenreiter
3b81e38a08
gcc: x86_64 add libspp to rootfile
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-08-20 17:38:31 +02:00
Michael Tremer
046ef135e6
Merge remote-tracking branch 'origin/efi' into next
2018-08-16 12:49:13 +01:00
Arne Fitzenreiter
3d0e252e35
intel-microcode: update to 20180807
...
fixes #11590
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-08-11 20:52:45 +02:00
Stefan Schantl
843a8c570c
snort: Drop package
...
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org >
2018-08-03 10:19:35 +02:00
Stefan Schantl
914cca3d8e
initscripts: Link against suricata initscript in runlevels and red.up hook
...
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org >
2018-08-03 10:02:34 +02:00
Stefan Schantl
d72b3e64c2
suricata: Introduce basic initscript
...
Add a very basic initscript, which currently allows to start/stop/restart suricata and
check if the daemon is running.
The script will detect when starting suricata how many CPU cores are present on the system and
will launch suricata in inline mode (NFQUEUE) and listen to as much queues as CPU cores are
detected.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org >
2018-08-02 19:54:22 +02:00
Michael Tremer
befc040497
Move update-bootloader script into installer
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-20 12:03:09 +00:00
Michael Tremer
701c891b40
Build efibootmgr and efivars only for x86_64 and aarch64
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:53 +01:00
Michael Tremer
7c80f8c5cc
syslinux: Update to 6.04-pre1
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:53 +01:00
Michael Tremer
24e811b03a
grub: Don't install an empty EFI configuration file
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:51 +01:00
Michael Tremer
308af080f6
grub: Build new version in EFI mode
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:50 +01:00
Michael Tremer
df26133793
syslinux: Update to 6.03
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:50 +01:00
Michael Tremer
0268380764
ipfire-netboot: Ship EFI image
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:49 +01:00
Michael Tremer
7fbbd2aebc
Enable EFI on x86_64
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-07-14 13:43:49 +01:00
Arne Fitzenreiter
1ac0d5c598
Merge branch 'aarch64' into next
...
Conflicts:
config/rootfiles/core/121/filelists/acpid
config/rootfiles/core/121/filelists/apache2
config/rootfiles/core/121/filelists/apr
config/rootfiles/core/121/filelists/aprutil
config/rootfiles/core/121/filelists/armv5tel/files
config/rootfiles/core/121/filelists/armv5tel/linux-initrd-kirkwood
config/rootfiles/core/121/filelists/armv5tel/linux-initrd-multi
config/rootfiles/core/121/filelists/armv5tel/linux-kirkwood
config/rootfiles/core/121/filelists/armv5tel/linux-multi
config/rootfiles/core/121/filelists/armv5tel/rpi-firmware
config/rootfiles/core/121/filelists/armv5tel/u-boot
config/rootfiles/core/121/filelists/armv5tel/u-boot-kirkwood
config/rootfiles/core/121/filelists/armv5tel/u-boot-mkimage
config/rootfiles/core/121/filelists/beep
config/rootfiles/core/121/filelists/cmake
config/rootfiles/core/121/filelists/crda
config/rootfiles/core/121/filelists/dhcp
config/rootfiles/core/121/filelists/flex
config/rootfiles/core/121/filelists/i586/grub
config/rootfiles/core/121/filelists/i586/intel-microcode
config/rootfiles/core/121/filelists/i586/linux
config/rootfiles/core/121/filelists/i586/linux-initrd
config/rootfiles/core/121/filelists/iw
config/rootfiles/core/121/filelists/jwhois
config/rootfiles/core/121/filelists/libidn
config/rootfiles/core/121/filelists/multipath-tools
config/rootfiles/core/121/filelists/pcre
config/rootfiles/core/121/filelists/tar
config/rootfiles/core/121/filelists/unbound
config/rootfiles/core/121/filelists/wget
config/rootfiles/core/121/filelists/x86_64/grub
config/rootfiles/core/121/filelists/x86_64/intel-microcode
config/rootfiles/core/121/filelists/x86_64/linux
config/rootfiles/core/121/filelists/x86_64/linux-initrd
config/rootfiles/core/122/filelists/aarch64/files
config/rootfiles/core/122/filelists/acpid
config/rootfiles/core/122/filelists/apache2
config/rootfiles/core/122/filelists/apr
config/rootfiles/core/122/filelists/aprutil
config/rootfiles/core/122/filelists/armv5tel/linux-initrd-kirkwood
config/rootfiles/core/122/filelists/armv5tel/linux-initrd-multi
config/rootfiles/core/122/filelists/armv5tel/linux-kirkwood
config/rootfiles/core/122/filelists/armv5tel/linux-multi
config/rootfiles/core/122/filelists/armv5tel/rpi-firmware
config/rootfiles/core/122/filelists/armv5tel/u-boot
config/rootfiles/core/122/filelists/armv5tel/u-boot-kirkwood
config/rootfiles/core/122/filelists/armv5tel/u-boot-mkimage
config/rootfiles/core/122/filelists/beep
config/rootfiles/core/122/filelists/cmake
config/rootfiles/core/122/filelists/crda
config/rootfiles/core/122/filelists/dhcp
config/rootfiles/core/122/filelists/flex
config/rootfiles/core/122/filelists/i586/grub
config/rootfiles/core/122/filelists/i586/intel-microcode
config/rootfiles/core/122/filelists/i586/linux
config/rootfiles/core/122/filelists/i586/linux-initrd
config/rootfiles/core/122/filelists/iw
config/rootfiles/core/122/filelists/jwhois
config/rootfiles/core/122/filelists/libidn
config/rootfiles/core/122/filelists/multipath-tools
config/rootfiles/core/122/filelists/pcre
config/rootfiles/core/122/filelists/tar
config/rootfiles/core/122/filelists/unbound
config/rootfiles/core/122/filelists/wget
config/rootfiles/core/122/filelists/x86_64/grub
config/rootfiles/core/122/filelists/x86_64/intel-microcode
config/rootfiles/core/122/filelists/x86_64/linux
config/rootfiles/core/122/filelists/x86_64/linux-initrd
config/rootfiles/core/123/filelists/unbound
config/rootfiles/oldcore/121/filelists/acpid
config/rootfiles/oldcore/121/filelists/apache2
config/rootfiles/oldcore/121/filelists/apr
config/rootfiles/oldcore/121/filelists/aprutil
config/rootfiles/oldcore/121/filelists/armv5tel/files
config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-kirkwood
config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-multi
config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-rpi
config/rootfiles/oldcore/121/filelists/armv5tel/linux-kirkwood
config/rootfiles/oldcore/121/filelists/armv5tel/linux-multi
config/rootfiles/oldcore/121/filelists/armv5tel/linux-rpi
config/rootfiles/oldcore/121/filelists/armv5tel/rpi-firmware
config/rootfiles/oldcore/121/filelists/armv5tel/u-boot
config/rootfiles/oldcore/121/filelists/armv5tel/u-boot-kirkwood
config/rootfiles/oldcore/121/filelists/armv5tel/u-boot-mkimage
config/rootfiles/oldcore/121/filelists/beep
config/rootfiles/oldcore/121/filelists/cmake
config/rootfiles/oldcore/121/filelists/crda
config/rootfiles/oldcore/121/filelists/dhcp
config/rootfiles/oldcore/121/filelists/flex
config/rootfiles/oldcore/121/filelists/i586/grub
config/rootfiles/oldcore/121/filelists/i586/intel-microcode
config/rootfiles/oldcore/121/filelists/i586/linux
config/rootfiles/oldcore/121/filelists/i586/linux-initrd
config/rootfiles/oldcore/121/filelists/iw
config/rootfiles/oldcore/121/filelists/jwhois
config/rootfiles/oldcore/121/filelists/libidn
config/rootfiles/oldcore/121/filelists/multipath-tools
config/rootfiles/oldcore/121/filelists/pcre
config/rootfiles/oldcore/121/filelists/tar
config/rootfiles/oldcore/121/filelists/wget
config/rootfiles/oldcore/121/filelists/x86_64/grub
config/rootfiles/oldcore/121/filelists/x86_64/intel-microcode
config/rootfiles/oldcore/121/filelists/x86_64/linux
config/rootfiles/oldcore/121/filelists/x86_64/linux-initrd
make.sh
2018-07-03 11:52:05 +01:00
Arne Fitzenreiter
4838034131
random: update initskript for machines with low entropy
...
the script wait until crng is correct initialized before restore the
random seed and make some disc io to work around low entropy at boot
on some machines. Not really a fix but it should be better than reverting
CVE-2018-1108 fixes from kernel.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-06-28 20:48:58 +02:00
Michael Tremer
bd3bcb45d6
AWS: Import aws setup script
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-06-25 10:55:39 +01:00
Michael Tremer
1c21ebf8d5
Add initscript that automatically configures IPFire on AWS EC2
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-06-21 16:45:40 +01:00
Jonatan Schlag
87b5f3711b
Add Intel microcode updates
...
Fixes : #11590
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org >
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-05-29 16:42:51 +01:00
Arne Fitzenreiter
20406699e3
grub: update to 2.02
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-04-17 06:10:06 +02:00
Arne Fitzenreiter
69acde2ecd
acpid: build also on arm
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-04-14 18:42:00 +02:00
Arne Fitzenreiter
96a2ff029e
kernel: update config
...
disable isdn
disable audit
disable profiling on arm
disable scsi driver on arm
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-04-11 18:36:57 +02:00
Arne Fitzenreiter
e12d216eec
kernel: x86_64 rootfile update
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-03-31 09:56:48 +02:00
Arne Fitzenreiter
302dba205b
Merge remote-tracking branch 'origin/master' into kernel-4.14
2018-03-30 10:26:01 +02:00
Michael Tremer
eb68e27dd2
pakfire: Import key when system boots up
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-03-19 19:44:50 +00:00
Michael Tremer
35cdaa194a
Fix python-m2crypto rootfile
...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-03-19 11:52:44 +00:00
Arne Fitzenreiter
1a7cfc2f10
Merge remote-tracking branch 'origin/core119' into kernel-4.14
...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org >
2018-02-27 12:38:18 +01:00
Michael Tremer
a350ea6dea
Drop mISDN userspace tools
...
This is unsupported for quite a while and nobody should be using this.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-02-12 11:41:50 +00:00
Michael Tremer
59a6d4e439
glibc: Enable obsolete NSL
...
This will re-activate the deprecated NIS code on which lots of
software relies on so that we can have some extra time to migrate.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2018-02-11 20:56:12 +00:00