webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 11:05:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,372 Commits 2 Branches 1 Tag
525204e00fc28fa3fe9971c4fb31c61279b10bbb
Commit Graph

641 Commits

Author SHA1 Message Date
Arne Fitzenreiter
0a79ec4505 ntp: check/wait for onlineconnection. 2014-02-23 18:28:34 +01:00
Michael Tremer
c2f7250b23 firewall: Remove even more redundant rules. 2014-02-21 11:35:05 +01:00
Michael Tremer
29201ca84b firewall: Remove redundant rule. 2014-02-20 13:01:36 +01:00
Arne Fitzenreiter
d10a7de134 leds: add geos router support, updated alix leds. 2014-02-15 16:39:22 +01:00
Michael Tremer
0f5c5ce72d firewall: Load init script functions. 2014-02-14 16:10:21 +01:00
Michael Tremer
cdb725da87 firewall: Load conntrack modules in firewall script. 2014-02-14 12:54:08 +01:00
Michael Tremer
1108a15cc6 Move enabling nf_conntrack_acct where it should be. 2014-02-14 12:52:28 +01:00
Michael Tremer
7d7740a467 firewall: Initialize basic ruleset before entering runlevel 3. 2014-02-14 12:48:11 +01:00
Michael Tremer
e7c5b9dabb network: Remove redundant insertion of wireless rules. 2014-02-14 12:41:23 +01:00
Michael Tremer
4bc91affe0 network: Remove old accounting code. 2014-02-14 12:40:57 +01:00
Michael Tremer
159c55c5c8 firewall: Call firewall.local start at the very end. 2014-02-14 12:40:11 +01:00
Michael Tremer
c581b670ef firewall: Use --wait for every iptables call. 2014-02-14 12:35:40 +01:00
Arne Fitzenreiter
d2b1aa09df partresize: fix output redirection to dev/zero. 2014-02-12 01:02:08 +01:00
Arne Fitzenreiter
6450609d74 partresize: resize partition before c,h,s changes. 2014-02-11 00:23:11 +01:00
Arne Fitzenreiter
b8101c50ea partresize: update c,h,s values before resize. 
Some cards fail with wrong translations so the values are updated before resize.
 2014-02-05 10:52:46 +01:00
Arne Fitzenreiter
97461f500b krng: default entropy pool has 2kb with grsecurity. 2014-02-04 18:50:02 +01:00
Arne Fitzenreiter
af789b69a8 Revert "krng: use kernel entropy if no random-seed is stored." 
This reverts commit 1c72742bca.
 2014-02-04 18:49:00 +01:00
Arne Fitzenreiter
1c72742bca krng: use kernel entropy if no random-seed is stored. 2014-02-02 12:50:22 +01:00
Michael Tremer
73794dad87 apache: Don't show the signal of sync. 
evaluate_retval prints the return code of sync
which is not what we want here.

Also changed some console output.
 2014-02-01 19:35:27 +01:00
Arne Fitzenreiter
c2bf88c1a4 apache: sync filesystem after key generating. 2014-02-01 17:14:39 +01:00
Michael Tremer
2af8179385 rngd: Mix-in RDRAND and reload for HWRNGs added at runtime. 2014-02-01 16:46:22 +01:00
Michael Tremer
167e6ec7a8 openssh: Update to 6.5p1. 
Adds support for ed25519.
 2014-02-01 16:15:10 +01:00
Arne Fitzenreiter
a6acaa34cc udev: mount /dev/shm and /dev/pts if not mounted. 2014-02-03 00:27:17 +01:00
Michael Tremer
8af8d5d127 rng-tools: New package. 
The rng daemon will be installed by default and will
also be installed when a hardware random number generator
is found. It will then read random data from the hardware
random number generator and will feed it into the kernel's
entropy pool.

If no HW RNG is available, a warning will be printed
at boot time.
 2014-01-29 17:22:48 +01:00
Arne Fitzenreiter
e239818642 pakfire: fix metafile problems. 2014-01-26 23:42:25 +01:00
Michael Tremer
9ac43fb9e1 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2014-01-12 23:02:28 +01:00
Michael Tremer
8b64b1b64e Limit /run to 8M. 2014-01-12 23:02:00 +01:00
Michael Tremer
fd75e5e75c initscripts: Fix syntax error when mounting /run. 2014-01-12 23:01:21 +01:00
Arne Fitzenreiter
dfb08084ba udev: remove /var/run mount from initskript. 2014-01-12 19:02:51 +01:00
Arne Fitzenreiter
b8e2d10888 fifteen: move /var/run to /run. 2014-01-12 12:15:44 +01:00
Arne Fitzenreiter
75474c3c49 apache: Add message for generating host certs. 
On rpi this need 3.5 minutes so it is better to show that this need a while.
 2014-01-06 08:53:30 +01:00
Arne Fitzenreiter
aa8512fac6 firstsetup: init udev hwdb at first boot. 2013-12-30 10:34:33 +01:00
Michael Tremer
0206795e57 sslh: Move binary to /usr/sbin. 2013-12-27 11:29:10 +01:00
Michael Tremer
230eeac04d sslh: Cleanup initscript. 
Calling setxtaccess has been removed and never have been used
at this place.
Also, it is checked if the external IP address was properly
read from file.
 2013-12-27 11:11:29 +01:00
Arne Fitzenreiter
bb234c63ef partresize: fix partresize for new arm image layout. 2013-12-23 22:28:27 +01:00
Alexander Marx
c0f99754df Firewall: now it is possible to connect from one ipfire to a green network of another openvpn connected ipfire 
Please take care to put this into the docu! One can create DROP rules if
the remote ipfire should NOT be able to connect to the others internal
networks. Therefor you have to take the green interface IP as SOURCE!
 2013-12-23 11:05:04 +01:00
Arne Fitzenreiter
dd6c9bb9c3 collectd initskript: parse new lm_sensors config. 2013-12-19 22:46:48 +01:00
Alexander Marx
fac3861429 Firewall: Bugfix: in /etc/init.d/firewall the REDNAT chain was affected BEFORE NAT_SOURCE. Outgoing SNAT rules where not working though 2013-12-16 12:29:02 +01:00
Arne Fitzenreiter
3a3759c625 mountkernfs: fix mount of /sys and /proc without initrd. 2013-12-08 16:07:35 +01:00
Arne Fitzenreiter
80469a8935 initskripts: updates for new udev. 2013-11-18 23:36:10 +01:00
Arne Fitzenreiter
1ee33ddadf util-linux: update to 2.24. 
this is needed for newer udev versions but need some initskript
changes. The updater and arm rootfile is not finished yet.
 2013-11-17 18:51:04 +01:00
Michael Tremer
ab4876ad42 firewall: Don't require to enable the RW server for N2N networks. 
The firewall rules for OpenVPN have not been applied for N2N
connections when the road warrior server was disabled.
 2013-11-08 13:38:09 +01:00
Alexander Marx
8039a71099 Firewall: renamed forwardfwctrl to firewallctrl 2013-10-24 09:42:42 +02:00
Michael Tremer
568438067c Merge branch 'next' into fifteen 2013-10-14 14:12:04 +02:00
Michael Tremer
0f6b606785 squid: Implement intercept mode. 2013-10-14 13:54:24 +02:00
Michael Tremer
ba25f014b2 network-vlans: Use ip link command instead of vconfig. 
This patch gets rid of using vconfig for configuring VLAN
devices. ip link is much more suitable for that and creates
the interface with the right name and MAC address in just
one step.
 2013-10-04 13:36:48 +02:00
Michael Tremer
0203401cf5 Merge remote-tracking branch 'origin/next' into fifteen 
Conflicts:
	doc/language_issues.es
	doc/language_issues.fr
	doc/language_issues.nl
	doc/language_issues.pl
	doc/language_issues.tr
	doc/language_missings
 2013-10-03 14:26:33 +02:00
Michael Tremer
6adacba055 tor: Increase number of max. open file descriptors. 2013-09-30 12:14:09 +02:00
Michael Tremer
d9949d4dd1 Merge remote-tracking branch 'earl/tor' into next 
Conflicts:
	lfs/tor
 2013-09-14 14:37:18 +02:00
Arne Fitzenreiter
1a78fe5e2d firstsetup: add missing "fi". 2013-09-14 12:38:39 +02:00