webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 04:05:53 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,859 Commits 2 Branches 1 Tag
44ed2a42f02738b7955614461f868eda655eebbd
Commit Graph

6859 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arne Fitzenreiter
44ed2a42f0 linux-pae: rebuild module deps before initrd build. 2013-11-21 14:14:41 +01:00
Arne Fitzenreiter
504fc5af26 rootfile updates. 2013-11-21 13:50:03 +01:00
Arne Fitzenreiter
385394fefa kernel: update to 3.10.20. 2013-11-21 13:49:15 +01:00
Arne Fitzenreiter
1350598261 remove old openssh updater rootfile. 2013-11-21 08:10:21 +01:00
Arne Fitzenreiter
d30819033d usbutils: update to 007. 2013-11-21 00:01:21 +01:00
Michael Tremer
0fc392d65d Merge branch 'master' into fifteen 2013-11-20 21:43:20 +01:00
Michael Tremer
303b81f19c Add openssh update to core update 73. 2013-11-20 21:41:42 +01:00
Arne Fitzenreiter
5702b0cee5 install: create /var/run folder on rootfs. 2013-11-20 17:15:31 +01:00
Arne Fitzenreiter
a5d81233a3 setup: change persistent network rules for new udev. 2013-11-20 07:37:51 +01:00
Arne Fitzenreiter
147446202f udev: disable new netdev names and systemd log prefix. 2013-11-20 07:37:01 +01:00
Arne Fitzenreiter
80469a8935 initskripts: updates for new udev. 2013-11-18 23:36:10 +01:00
Arne Fitzenreiter
b474c1ca15 stage2: add /run symlink to /var/run. 2013-11-18 23:34:00 +01:00
Arne Fitzenreiter
5c3fa3223a dracut: fixes for new udev and missing scsi_wait. 2013-11-18 23:30:27 +01:00
Arne Fitzenreiter
35e188494d udev: update to 208. 2013-11-18 23:27:37 +01:00
Arne Fitzenreiter
ba109afd0d kmod: replace module-init-tools by kmod-13. 
newer udev depend on kmod.
 2013-11-18 19:00:51 +01:00
Arne Fitzenreiter
1ee33ddadf util-linux: update to 2.24. 
this is needed for newer udev versions but need some initskript
changes. The updater and arm rootfile is not finished yet.
 2013-11-17 18:51:04 +01:00
Alexander Marx
6ee9053548 Firewall: Fixed portfw-converter (rules where not converted correctly) And Standard network "IPsec RW" now has brackets around the Ip (when set) 2013-11-14 11:44:11 +01:00
Michael Tremer
1187d46e65 Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen 2013-11-14 11:41:18 +01:00
Michael Tremer
9659f59a86 configroot: Fix recursively including /var/ipfire/backup. 
This issue has been introduced in a72fac88.
 2013-11-14 11:40:36 +01:00
Arne Fitzenreiter
6f0fd5e178 kernel: update to 3.10.19. 2013-11-13 14:05:27 +01:00
Arne Fitzenreiter
d0d3fe9d26 Merge remote-tracking branch 'origin/next' into fifteen 
Conflicts:
	lfs/samba
	lfs/strongswan
 2013-11-13 14:05:15 +01:00
Arne Fitzenreiter
d48c456fa2 samba: update to 3.6.20. 
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
 2013-11-13 13:56:40 +01:00
Arne Fitzenreiter
1a386bb9d8 samba: update to 3.6.20. 
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
 2013-11-13 13:39:35 +01:00
Alexander Marx
7d3b1f7eaf Firewall: new errormessage for maximum number of ports in servicegroups 2013-11-13 00:36:43 +01:00
Alexander Marx
7db6ad6acb Firewall: appended check of maximum ports per protocol. portranges 100:200 count as 2 ports 2013-11-13 00:34:08 +01:00
Alexander Marx
49192c7b31 Firewall: The maximum of definable services in a servicegroup is limited to 13 per protocol (tcp,udp) because iptables can only handle max 13 services in Multiport 2013-11-13 00:33:46 +01:00
Alexander Marx
14bcb9a23d Firewall: New feature: Now it is possible to define a custom service with a portrange. When using this service in a rule or in a servciegroup, the rule is applied correctly. 2013-11-13 00:30:06 +01:00
Alexander Marx
a15f7d0dd5 Firewall: Bugfix: the routine to check if a vpn net or host was deleted did not work as expected. Now it even works when source and target contain a vpn host or net 2013-11-13 00:29:44 +01:00
Alexander Marx
d8afe3e2c0 Firewall: fixed colors of target column when using standard networks 
When using RED, OpenVPN-Dyn or IPsec RW as target, the column was not
colored.
 2013-11-13 00:29:21 +01:00
Erik Kapfer
dd4796fbea langs: Fix typo 2013-11-13 00:27:08 +01:00
Michael Tremer
c648458609 strongswan: Delay sending DPD packets after rekeying. 2013-11-13 00:25:27 +01:00
Michael Tremer
34daf4dbf8 Merge branch 'master' into next 2013-11-09 14:33:16 +01:00
Michael Tremer
ac14b325e0 Merge branch 'master' into fifteen 2013-11-09 14:19:52 +01:00
Michael Tremer
33590570fb openssh: Update to 6.4p1. 
Security fix because of
 http://www.openssh.com/txt/gcmrekey.adv
 2013-11-09 14:16:52 +01:00
Michael Tremer
340a567eae Ship paxctl with the distribution. 2013-11-08 14:55:23 +01:00
Michael Tremer
d3527a38c1 Multiple CGI files: Check if BLUE or ORANGE are actually configured. 2013-11-08 14:32:08 +01:00
Michael Tremer
36b1c19138 squid: Update to 3.3.10 + SSL options fix. 2013-11-08 14:13:30 +01:00
Alexander Marx
cbc6219852 Firewall: Fix typo in backup script which stops the conversion of old firewallrules 2013-11-08 13:41:25 +01:00
Alexander Marx
f8cbcb7c8a Firewall: Bugfix: When creating a servcie in firewall-groups and selecting a protocol other than icmp, the enty in the ruletable shows correct values PLUS the "all icmp-types" under ICMP. 
Now the ICMP FIeld is emtpy when selecting another protocol than icmp
 2013-11-08 13:41:06 +01:00
Alexander Marx
7b82bee7c4 Firewall: Bugfix: When creating a rule and using brackets in comment, the rule is denied because of invalid characters in String. But when creating a rule with just valid characters (witjout brackets) and then editing the rule it is possible to use brackets without errormessage. 
Now brackets are allowed.
 2013-11-08 13:40:45 +01:00
Alexander Marx
84ac1131b1 Firewall: remove /var/ipfire/portfw as it is not used anymore 2013-11-08 13:39:38 +01:00
Michael Tremer
ab4876ad42 firewall: Don't require to enable the RW server for N2N networks. 
The firewall rules for OpenVPN have not been applied for N2N
connections when the road warrior server was disabled.
 2013-11-08 13:38:09 +01:00
Michael Tremer
ec985733a5 strongswan: Update to 5.1.1. 2013-11-07 20:56:43 +01:00
Arne Fitzenreiter
89f8ad0e99 kernel: update to 3.10.18. 2013-11-04 21:26:52 +01:00
Michael Tremer
cb92b363cf Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen 2013-10-31 15:35:34 +01:00
Michael Tremer
12b901f846 firewall: Fix wrong symbol for variable. 2013-10-31 15:34:40 +01:00
Alexander Marx
11ab2c7d9a Firewall: added IP-Address to dropdown in DNAT part and now all ip-addresses are in brackets 2013-10-30 15:49:21 +01:00
Alexander Marx
68f6312ac5 Firewall: Show IP-Adresses in NAT-Source dropdown 2013-10-30 13:41:33 +01:00
Michael Tremer
c03d4a5e8a firewall: Simplify code which shows the last rule. 
Also change headings of the rule sections.
 2013-10-29 18:45:40 +01:00
Michael Tremer
bee56a2d5d firewall: NAT section: Don't show irrelevant controls. 2013-10-29 16:57:58 +01:00