webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-13 04:22:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,381 Commits 2 Branches 1 Tag
40407aee99546b4f25632bcaeb796d2a53cb1bcb
Commit Graph

13381 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
2704dbbc28 ipsec-policy: Variables don't match those from the CGI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
4cf4f8f623 ipsec-policy: Parse all configuration settings 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
6cf8bc9161 IPsec: Move opening ports from ipsecctrl into ipsec-policy script 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
6c920b19cd IPsec: Rename ipsec-block script to ipsec-policy 
This is a more general name for a script that will be extended
soon to do more than just add blocking rules.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
b01c17e9d0 IPsec: Update ipsec.conf for GRE/VTI changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
55842dda69 IPsec: Add UI for set interface MTU 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
7464131706 IPsec: Add option to configure IP address for tunnel interface 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
8ebe725416 IPsec: Set default inactivity timeout to half an hour 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
1e9457ac6f IPsec: New connections should defatul to on-demand mode 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
cae1f4a7a8 IPsec: Add dropdown to select tunnel interface mode 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
5e6fa03e1e vpnmain.cgi: Correctly carry over INACTIVITY_TIMEOUT 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
326728d53d IPsec: Write tunnel/transport mode to strongSwan configuration 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Michael Tremer
29f5e0e2b9 IPsec: Add selection for transport/tunnel mode 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 18:20:36 +00:00
Jonatan Schlag
08d91c0f7a python3-msgpack: Fix build on i586 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 09:02:18 +00:00
Michael Tremer
e20b7de067 python3-dateutil: Update rootfiles 
Changed because of new python3-setuptools

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 07:00:13 +00:00
Michael Tremer
1cca99e3a1 core128: Ship updated dhcpcd 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 00:40:02 +00:00
Matthias Fischer
2378f373dd dhcpcd: Update to 7.1.0 
For some informations about this update see:
https://roy.marples.name/blog/dhcpcd-7-1-0-released

"dhcpcd-7.1.0 has been released with the following changes:

- OpenBSD: works alongside slaacd(8)
- NetBSD: sets SO_RERROR on to detect receive socket overflow
- BSD: route improvements to avoid listening for own changes
- Linux: use NETLINK_BROADCAST_ERROR
- BSD: avoid late address deletion messages by testing address existance
- IP6: implement IP6 address sharing
- BSD: catch UP/DOWN events when interfaces does support media changes
- IPv4LL: remember old address when carrier is lost

Many other minor fixes and documenation updates have been submitted by various
community members for this release..."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 00:39:25 +00:00
Michael Tremer
60c692e385 core128: Ship updated curl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 00:15:24 +00:00
Matthias Fischer
d2b7811b15 curl: Update to 7.63.0 
For details see:
https://curl.haxx.se/changes.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-04 00:14:59 +00:00
Erik Kapfer
b4285088a1 update.sh: Delete .rnd files 
Since RANDFILE has been disabled in OpenSSL configurations, .rnd files are not needed anymore.

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-03 21:43:23 +00:00
Michael Tremer
06232b041a core128: Ship updated apr 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-03 21:42:43 +00:00
Wolfgang Apolinarski
33f7d610fb Updated apr, stabilized apache build 
- Updated apr to 1.6.5
- Stabilized apache build (rebuild)

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-03 21:41:33 +00:00
Arne Fitzenreiter
22f7be0d4d python3-llfuse: fix rootfile for non x86_64 builds 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-03 15:28:52 +01:00
Arne Fitzenreiter
329788dee5 kernel: update to 4.14.97 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-03 12:45:52 +01:00
Michael Tremer
2a915f98cb haproxy: Bump version to support TLSv1.3 (and PCRE JIT) 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 17:34:02 +00:00
Michael Tremer
83064ee34e core128: Restart updated apache 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 17:12:23 +00:00
Matthias Fischer
57bc05a53d apache: Update to 2.4.38 
For details see:
http://mirror.checkdomain.de/apache//httpd/CHANGES_2.4.38

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 17:09:49 +00:00
Michael Tremer
2d8187e8e0 core128: Ship AWS scripts again 
It seems that this was missing in Core Update 125/126 so not all
bug fixes made it into the release.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 17:08:44 +00:00
Jonatan Schlag
46114d79d9 Add new package borgbackup 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 16:27:23 +00:00
Jonatan Schlag
def9f4a3e0 Add new package python3-msgpack 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 16:27:16 +00:00
Jonatan Schlag
3be819876b Add new package python3-llfuse 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 16:27:06 +00:00
Jonatan Schlag
662b2a812f Add new package python3-setuptools-scm 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 16:26:59 +00:00
Jonatan Schlag
2d17377aa0 Add new package python3-settuptools 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-01 16:26:39 +00:00
Stefan Schantl
067e1847dc suricata.yaml: Add port 222 to list of SSH Ports 
The SSH-server listened on port "222" as default on IPFire in the past.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-01 14:34:25 +01:00
Stefan Schantl
bcbc9897e3 ids-functions.pl: Grab address for RED by using get_red_address() function. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-31 09:50:47 +01:00
Stefan Schantl
de8e1e5b6c ids-functions.pl: Add function to the the current assigned IP-address of RED. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-31 09:41:35 +01:00
Stefan Schantl
912d7472a8 ids.cgi: Automatically download ruleset if the ruleset source has been changed. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-31 08:55:05 +01:00
Michael Tremer
feeda1e4dd core128: Delete SSE2-optimised legacy OpenSSL libraries, too 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-30 18:37:26 +00:00
Stefan Schantl
c9b07d6a0c initscripts/suricata: Generate firewall rules on start and reload 
Fixes #11978

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 13:47:07 +01:00
Stefan Schantl
23c0347ac5 ids-functions.pl: Add RED address and aliases to the HOME_NET 
Reference: #11981

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 12:51:51 +01:00
Stefan Schantl
77c3130174 ids-functions.pl: Add get_aliases() 
This subfunction is used to get all configured and enabled aliases
for the RED network zone. They will be returned as an array.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 11:57:49 +01:00
Stefan Schantl
d6f725e185 update-ids-ruleset: Improve error reporting if the system is offline 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 10:57:31 +01:00
Stefan Schantl
e0cec9fe99 ids.cgi: Dynamically generate SHOW/HIDE for expanding or collapsing a ruleset category 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 10:53:17 +01:00
Stefan Schantl
cf02bf2f7d ids.cgi: Show IDS setting area only if a ruleset is present. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 10:12:11 +01:00
Stefan Schantl
013274d7d8 ids.cgi: Diplay reason, why a ruleset could not be downloaded, if the system is offline. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 10:05:14 +01:00
Stefan Schantl
5fd2e9d64a ids.cgi: Also download the ruleset when saving the ruleset settings 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 09:57:49 +01:00
Stefan Schantl
34a3843865 ids.cgi: Add dropdown option for Emergingthreats.net Pro rules. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 09:42:28 +01:00
Stefan Schantl
d618d67e01 ids.cgi: Only show "update ruleset" button if a ruleset is present 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 09:39:17 +01:00
Stefan Schantl
674912fc3a ids.cgi: Draw daemon status and setting in the same box. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 09:33:47 +01:00
Stefan Schantl
029b8ed2b1 ids.cgi: Show/Hide subscription code area dynamically. 
Dynamically (Java Script) show/hide the area for entering the
subscription code / oinkcode based on the choosen ruleset.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-01-30 09:27:37 +01:00