webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 03:25:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,381 Commits 2 Branches 1 Tag
40407aee99546b4f25632bcaeb796d2a53cb1bcb
Commit Graph

121 Commits

Author SHA1 Message Date
Michael Tremer
01604708c3 Merge remote-tracking branch 'stevee/next-suricata' into next 2019-03-14 13:19:35 +00:00
Michael Tremer
38f6bdb740 ipsec: Drop delayed restart setting 
This is a very bad race-condition situation and is not solved by
an unintuitive setting.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Stefan Schantl
85a62b0523 IDS: Install snort to suricata converter 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-29 08:26:15 +01:00
Stefan Schantl
c1a3401235 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2019-01-21 13:04:13 +01:00
Michael Tremer
d68e150e86 proxy: Drop web browser check 
This is neither reliable nor up to date and is therefore removed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-08 15:54:56 +01:00
Erik Kapfer
e6f7f8e7ba database_attribute: Deliver/create index.txt.attr 
Fixes #11904

Since OpenSSL-1.1.0x the database attribute file for IPSec and OpenVPN wasn´t created while initial PKI generation.
OpenVPN delivered an error message but IPSec did crashed within the first attempt.
This problem persists also after X509 deletion and new generation.

index.txt.attr will now be delivered by the system but also deleted and recreated while setting up a new x509.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-03 14:52:53 +00:00
Stefan Schantl
a13ddf04d9 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-12-12 09:27:59 +01:00
Michael Tremer
77729e5be8 nfs: Install configuration in package 
This was lost in the last update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-11-28 19:02:53 +00:00
Stefan Schantl
2d475a3c6c Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2018-09-26 14:49:34 +02:00
Peter Müller
eee037b890 update disclaimer in LFS files 
Most of these files still used old dates and/or domain names for contact
mail addresses. This is now replaced by an up-to-date copyright line.

Just some housekeeping... :-)

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-09-10 19:20:36 +01:00
Stefan Schantl
72b2109c72 configroot: Move from snort to suricata 
Create /var/ipfire/suricata and /var/ipfire/suricata/settings instead of
/var/ipfire/snort and /var/ipfire/snort/settings.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-02 15:47:31 +02:00
Stefan Schantl
8dcebe5342 IDS: Introduce ids-functions.pl. 
This library will contain a set of functions used by the IDS CGI script
and the planned update script for auto-updating the snort ruleset.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-07-26 11:54:25 +02:00
Michael Tremer
dc845b6c81 AWS: Hide certain things on the web UI 
Those are practically unusable on AWS.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 12:15:00 +01:00
Michael Tremer
0009de91e8 Ship default settings for language, theme, etc. in all images 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-27 09:59:47 +01:00
Michael Tremer
f4a91e23d9 Drop noip updater 
This package is unused since we introduced ddns. Dropped.

Fixes: #11708
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-24 11:04:34 +01:00
Alexander Marx
5ca163cd82 Captive-Portal: add captive dirs and files to configroot 
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
5edc06b701 Remove IPAC stuff 
This is unused for a very very very long time and serves
no purpose any more.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-02 15:13:55 +01:00
Michael Tremer
32d91ecad8 conntrack: Remove old disable_nf_sip indicator file 
This is not used any more and not needed either.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-04-20 16:23:22 +01:00
Michael Tremer
8a1a3bf393 Merge remote-tracking branch 'ms/iptables-conntrack' into next 2016-01-22 00:54:14 +00:00
Michael Tremer
2b163f4497 Drop tripwire 
This add-on is likely to be unused

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-04 22:18:27 +00:00
Michael Tremer
53a6b00c4f firewall: Disable the PPTP and AMANDA conntrack helpers by default 
These do not seem to work at the moment.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-12 12:46:07 +01:00
Michael Tremer
c8f8bf328f firewall: Add H.323 to the conntrack helpers 2015-05-12 13:33:27 +02:00
Michael Tremer
50354ffe3a firewall: Add IRC to the conntrack helpers 2015-05-12 13:27:24 +02:00
Michael Tremer
a93bf69617 firewall: Add amanda to the conntrack helpers 2015-05-12 13:25:04 +02:00
Michael Tremer
d57c6162cb firewall: Make conntrack helpers configurable 2015-05-12 13:16:40 +02:00
Stefan Schantl
30654fd82b configroot: Add geoip related files. 
Create required empty files and install geoip-functions.pl to
desired destination.
 2015-04-16 19:39:11 +02:00
Michael Tremer
4e9a2b5732 general-functions.pl: Replace lots of broken network code. 
The state of some code especially in general-functions.pl
is in such a bad shape and faulty.
This is a first step that replaces some of the network
functions with those who have been tested and work for
undefined inputs.

The old functions have been left in place as stubs
and must be removed at some time.
 2014-07-27 22:46:20 +02:00
Michael Tremer
c5e3d520e9 Add modem status page. 
On this page, much useful information is displayed about
the hardware and the status of an LTE/3G or other kinds
of modems that respond to AT commands.
 2014-04-16 16:05:12 +02:00
Alexander Marx
a3f2459f8f Firewall: fix Update from core 75 to 76 2014-03-27 15:07:41 +01:00
Michael Tremer
73372ed4e6 firewall: Move scripts from /var/ipfire/firewall/bin to /usr/lib/firewall. 2014-01-28 20:48:24 +01:00
Arne Fitzenreiter
30f68903d3 Merge remote-tracking branch 'origin/next' into fifteen 2013-12-21 10:05:39 +01:00
Michael Tremer
dfb1bfaf7b Always create squid.conf. 
In some cases, /var/ipfire/proxy/squid.conf does not belong to
nobody:nobody, so we do this explicitely.
 2013-12-11 21:59:22 +01:00
Alexander Marx
6d8eb5dec7 Firewall: Renamed directory /var/ipfire/forward to /var/ipfire/firewall 2013-10-24 09:24:12 +02:00
Alexander Marx
6921f0ea0a Firewall: renamed /config/forwardfw to config/firewall 2013-10-24 08:15:48 +02:00
Arne Fitzenreiter
a1fdbdac79 configroot: enable log off wireless packet drop. 2013-10-03 11:53:35 +02:00
Michael Tremer
409cd018c5 optionsfw: Use saner defaults for DROPPROXY and DROPSAMBA. 2013-09-07 15:04:41 +02:00
Michael Tremer
7b906cb23a cfgroot: Fix typo in path. 2013-09-03 16:55:35 +02:00
Michael Tremer
d7fcd5daa3 configroot: Fix permissions of executable files. 
This must always be owned by root and must not be editable
and executable by the world.
 2013-09-02 22:22:26 +02:00
Arne Fitzenreiter
daa3a95004 configroot: fix merge problem. 2013-09-01 20:52:06 +02:00
Alexander Marx
34f30c5f92 Forward Firewall: set default options for optionsfw and minor change on optionsfw.cgi 2013-08-09 14:16:42 +02:00
Alexander Marx
a0fb1099ef Forward Firewall: Design changes 
1) source has a new option "firewall" with dropdown for interfaces
2) source default networks->deleted IPFire, all ip's now in brackets
3) deleted warning message in Target that a mac is not usable
4) changes for "apply" button
5) in ruletable the protocol is now right beneath the ruletype column
6) changed target dropdown "INTERNET" to "RED"
7) renamed OpenVPN N-2N to OpenVPN Net-to-Net
8) set missing default firewall options
9) little changes on the en and de lang files
 2013-08-09 14:15:30 +02:00
Alexander Marx
4f3bd0ca20 Forward Firewall: changed layout of "apply-button" (after rules where changed. When using single hosts in rules, the prefix is no longer shown in the ruletable. Default settings for firewall-options changed 2013-08-09 14:15:29 +02:00
Alexander Marx
a60dbb4b6a Forward Firewall: added dmz-converter. 
Also extended backup.pl script to support old backups. Now it is possible to restore old backups into new firewall. On restore, all config files of new firewall will be destroyed and the 4 converters will recreate them.
 2013-08-09 14:12:37 +02:00
Alexander Marx
36e9534f24 Forward Firewall: Added configoption in Buildsystem -< POLICY2='DROP' (for POLICYIN) 2013-08-09 14:11:09 +02:00
Alexander Marx
ec329c0699 Forward FIrewall: fixed typo 2013-08-09 14:09:17 +02:00
Alexander Marx
d998784149 Forward Firewall: added an option to firewall-options to show all dropdowns on rulecreation site. 2013-08-09 14:09:17 +02:00
Alexander Marx
5aa8edf6f7 Forward Firewall: some changes for ISO 2013-08-09 14:09:12 +02:00
Alexander Marx
4e62b47f33 FORWARD Firewall: integrating OUTGOING Firewall Part 2 2013-08-09 14:08:20 +02:00
Alexander Marx
5d7faa4518 Forward Firewall: First part of adding OUTGOING to th efirewall 2013-08-09 14:08:20 +02:00
Alexander Marx
7bd9d462de Forward Firewall: Deleted MODE0 from WEB Interface and added a table for DMZ-Rules. 2013-08-09 14:08:15 +02:00