bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-13 04:22:58 +02:00

Author	SHA1	Message	Date
Michael Tremer	7eed864c93	suricata: Use 64MB of RAM for defragmentation Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:56:46 +01:00
Michael Tremer	83b576c892	suricata: Use the correct path for the magic database Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:56:46 +01:00
Michael Tremer	0e28ea9f3e	suricata: Log to syslog Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:56:46 +01:00
Michael Tremer	682f1fdaca	suricata: We do not use any IP reputation lists Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:56:46 +01:00
Michael Tremer	cf976e93c4	suricata: Allow 32MB of RAM for DNS decoding Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:56:29 +01:00
Michael Tremer	fe5bd1862f	suricata: Drop sections that require Rust Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:55:26 +01:00
Michael Tremer	bc2cb52953	suricata: Drop some commented stuff from configuration The file is really large and we should not carry anything we will never use. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:55:26 +01:00
Michael Tremer	75fba6cd24	suricata: Drop profiling section from configuration This is not compiled in as it slows down detection and is only really useful for debugging Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:55:26 +01:00
Michael Tremer	5196d8ddbb	suricata: Set detection profile to high This will merge rules more aggressively so that the engine is only processing those that can actually match. Memory is cheap. People with little memory should not run suricata anyways. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:55:25 +01:00
Michael Tremer	9f726f8f53	suricata: Set default packet size to 1514 We usually use a MTU of 1500 + Ethernet header Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:55:25 +01:00
Michael Tremer	16446608cb	suricata: Set max-pending-packets to 1024 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:55:25 +01:00
Peter Müller	1f3c61b66c	Suricata: detect TLS traffic on port 444, too This is the default port for IPFire's administrative web interface and should be monitored by Suricata, too. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> c: Stefan Schantl <stefan.schantl@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-03-01 17:53:04 +01:00
Michael Tremer	e37e796206	sysctl.conf: Revert enabling busy loop waiting on sockets This causes the firmware in my ath10k module to crash. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-28 18:53:22 +00:00
Michael Tremer	ebda3cb93b	Update openssl rootfile Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-27 03:52:26 +00:00
Michael Tremer	f907865389	core129: Ship updated OpenSSL Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-26 17:25:11 +00:00
Michael Tremer	7c85ff1362	openssl: Update to 1.1.1b This is a bug fix only release Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-26 17:24:08 +00:00
Michael Tremer	31672dc8bd	DHCP: Fix error when editing a newly added fixed lease They key was remembered but then the array was sorted which resulted the key showing a wrong line. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-26 16:33:46 +00:00
Michael Tremer	4eb23a9198	DHCP: Restart server in background This allows for the CGI to return quicker. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-26 10:18:33 +00:00
Michael Tremer	820ab96c69	DHCP: Escape slashes in filename Fixes: #12006 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-26 10:16:21 +00:00
Michael Tremer	2f7e8b59a6	core129: Ship updated credits.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 02:31:23 +00:00
Michael Tremer	f6a1d9e929	Update list of contributors Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 02:30:56 +00:00
Michael Tremer	97499aa8a3	core129: Ship updated OpenVPN Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 02:29:29 +00:00
Erik Kapfer	ab83c4876a	OpenVPN: Update to version 2.4.7 Changelog can be found in here https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24 . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 02:24:28 +00:00
Peter Müller	82b405615f	update Tor to 0.3.5.8 See https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312 for release notes. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 01:03:01 +00:00
Peter Müller	0675a66d83	update metrics links in Tor WebUI https://atlas.torproject.org/ is deprecated in favour of https://metrics.torproject.org/ by now. Fixes #11781. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 01:02:59 +00:00
Michael Tremer	cc0104dce3	core129: Ship updated libgcrypt Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 00:58:04 +00:00
Peter Müller	b66c2faac2	libgcrypt: update to 1.8.4 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 00:57:18 +00:00
Michael Tremer	07b73b195c	core129: Ship updated unbound Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 00:56:49 +00:00
Matthias Fischer	97a238f4bf	unbound: Update to 1.9.0 For details see: https://nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 00:56:05 +00:00
Michael Tremer	59db01c753	core129: Ship changes from ipsec branch Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 00:55:31 +00:00
Michael Tremer	50d1bbf0f5	Merge branch 'ipsec' into next	2019-02-25 00:48:08 +00:00
Michael Tremer	b5ef99df2c	Start Core Update 129 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-25 00:47:28 +00:00
Michael Tremer	21eead8d17	Add script to search for missing libraries Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-24 11:45:55 +00:00
Michael Tremer	232c42e14d	core128: Drop old openssl engines Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-24 04:06:52 +00:00
Michael Tremer	001481edf3	cups: Depends on bluetooth library Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-24 04:04:51 +00:00
Arne Fitzenreiter	1e1273df1d	core128: add openldap to update openldap was linked against old openssl lib Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-24 20:50:16 +01:00
Arne Fitzenreiter	ed971af3a4	core128: add sse2 openssl libs Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-24 17:04:44 +01:00
Arne Fitzenreiter	42e48984ad	core128: apply local sshd config Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-24 10:55:49 +01:00
Arne Fitzenreiter	c09758302b	kernel: update to 4.14.103 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-23 15:56:21 +01:00
Arne Fitzenreiter	8818db9a1c	core128: finish core128 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-22 21:33:45 +01:00
Arne Fitzenreiter	173844d352	kernel: import cve-2019-8912 patch Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-22 21:20:57 +01:00
Arne Fitzenreiter	186402fbe8	core128: stop apache before replacing files apache will not restart without stopped before the files was replaced. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-22 19:26:08 +01:00
Arne Fitzenreiter	6957b699b3	kernel: apu leds: add more id's Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-22 18:02:45 +01:00
Arne Fitzenreiter	710153a89c	partresize: add "apu1" for apus with new bios.	2019-02-22 18:01:18 +01:00
Stefan Schantl	cc636c4741	convert-snort: Try to download ruleset if none is present. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-22 10:04:27 +01:00
Arne Fitzenreiter	4a25ada199	core128: add kernel to updater Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-21 19:23:05 +01:00
Arne Fitzenreiter	a2d49659f3	kernel: cleanup unused rpi patch Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-21 19:13:27 +01:00
Arne Fitzenreiter	8c8b4b2154	kernel: update to 4.14.102 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-21 10:52:38 +01:00
Arne Fitzenreiter	8f49959d70	partresize: enable serial console on PC Engines APU Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-19 15:26:41 +01:00
Arne Fitzenreiter	17872019ba	kernel: update apu led patch for apu3 and 4 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-19 01:04:19 +01:00

... 6 7 8 9 10 ...

13381 Commits