bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-22 08:52:58 +02:00

Author	SHA1	Message	Date
Matthias Fischer	6e11539dc2	ntp: Update to 4.2.8p4 ntp-Update to 4.2.8p4, regarding "13 low- and medium-severity vulnerabilities". For a complete list, see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-10-26 13:08:53 +00:00
Michael Tremer	80fbd89949	ipsec: Add block rules to avoid conntrack entries If an IPsec VPN connections is not established, there are rare cases when packets are supposed to be sent through that said tunnel and incorrectly handled. Those packets are sent to the default gateway an entry for this connection is created in the connection tracking table (usually only happens to UDP). All following packets are sent the same route even after the tunnel has been brought up. That leads to SIP phones not being able to register among other things. This patch adds firewall rules that these packets are rejected. That will sent a notification to the client that the tunnel is not up and avoid the connection to be added to the connection tracking table. Apart from a small performance penalty there should be no other side-effects. Fixes: #10908 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Cc: tomvend@rymes.com Cc: daniel.weismueller@ipfire.org Cc: morlix@morlix.de Reviewed-by: Timo Eissler <timo.eissler@ipfire.org>	2015-10-15 22:44:47 +01:00
Michael Tremer	4504c412af	procps: Ship pgrep Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-10-03 19:53:57 +01:00
Michael Tremer	8235f17df5	strongswan: Update to 5.3.3 ChaCha is disabled since our kernel does not support it yet Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-10-03 19:17:01 +01:00
Michael Tremer	26e91280ea	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-28 20:14:42 +01:00
Michael Tremer	dfe630f77c	Merge remote-tracking branch 'ms/experimental-vlan-hotplugging' into next	2015-09-28 14:33:49 +01:00
Arne Fitzenreiter	c9f0174979	kernel: update to 3.14.53 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-27 12:58:22 +02:00
Matthias Fischer	9b3ffc7457	iproute2: Update to 4.2.0 List of changes can be seen at http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/log/ Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-19 18:49:24 +01:00
Arne Fitzenreiter	25a9df261e	perl-Email-Date-Format: fix rootfile name. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-18 01:21:20 +02:00
Arne Fitzenreiter	b88a7166bc	perl-MIME-Lite: fix rootfile name. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-18 01:20:01 +02:00
Arne Fitzenreiter	e07760a24b	binutils: rootfile update. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-17 13:13:19 +02:00
Arne Fitzenreiter	9890333ecb	linux: rootfile update. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-17 12:56:48 +02:00
Alexander Marx	6a3d7dff1f	DMA: added new file mail.conf to rootfile Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-14 13:49:23 +01:00
Matthias Fischer	67cafd240f	libgpg-error: Update to 1.20 * configure.ac: Set LT version to C16/A16/R0. Add new version macros. * src/gpg-error.h.in (GPGRT_VERSION): New. (GPGRT_VERSION_NUMBER): New. (GPG_ERROR_VERSION, GPG_ERROR_VERSION_NUMBER): Move to top of file. Add macro GPGRT_INLINE and avoid -Wundef warnings. * src/gpg-error.h.in (GPG_ERR_INLINE): Use #if defined for possible undefined macros to avoid warning with GCC's -Wundef option. (GPGRT_INLINE): New. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-12 15:53:18 +01:00
Matthias Fischer	09f13f8366	libgcrypt: Update to 1.6.4 * configure.ac: Change LT version to C20/A0/R4. w32: Avoid a few compiler warnings. * cipher/cipher-selftest.c (_gcry_selftest_helper_cbc) (_gcry_selftest_helper_cfb, _gcry_selftest_helper_ctr): Mark variable as unused. * random/rndw32.c (slow_gatherer): Avoid signed pointer mismatch warning. * src/secmem.c (init_pool): Avoid unused variable warning. * tests/random.c (writen, readn): Include on if needed. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-12 15:52:45 +01:00
Michael Tremer	27957a3f2b	Merge remote-tracking branch 'ms/x86_64' into next	2015-09-11 15:06:09 +01:00
Michael Tremer	4ff2679978	x86_64: Add more architecture-dependent rootfiles Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-11 15:37:20 +02:00
Michael Tremer	ba58389215	kernel: Add a preliminary kernel from the i586 PAE configuration Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-11 00:20:08 +02:00
Michael Tremer	ebf9683b4d	grub: Build for x86_64 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-11 00:18:41 +02:00
Michael Tremer	7c111f7d49	acpid: Build for x86_64 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-11 00:16:41 +02:00
Michael Tremer	f38841ea0b	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-26 12:17:22 +02:00
Michael Tremer	dbe1e1137f	dma: Add script that cleans up stale emails in the spool directory Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-25 22:02:31 +01:00
Alexander Marx	fa39f287c7	dma: fix rootfile	2015-08-24 11:49:15 +02:00
Michael Tremer	9c19634a3c	Revert "chkconfig: Include configuration directories recursively" This reverts commit `fb79f85b49`. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 21:08:02 +01:00
Michael Tremer	8d1b6fcf4a	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 21:07:39 +01:00
Michael Tremer	d70462b6a4	dma: Update rootfile Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 09:52:55 +01:00
Alexander Marx	fb79f85b49	chkconfig: Include configuration directories recursively Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 09:40:49 +01:00
Alexander Marx	de849bc570	dma: New package Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 09:38:16 +01:00
Alexander Marx	42edc41f30	Add Perl modules needed by dma to compose mails Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 09:33:02 +01:00
Matthias Fischer	af100d627a	rrdtool: Update to 1.5.4 Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-17 23:36:06 +01:00
Alexander Marx	31847530ef	chkconfig: New package Only alternatives and update-alternatives is needed Signed-off-by: Alexander Marx <alexander.marx@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-13 17:59:19 +01:00
Arne Fitzenreiter	edb56d84fa	libevent2: rootfile update.	2015-08-13 14:42:39 +02:00
Michael Tremer	59198bcef5	squid: Update rootfile Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-09 10:43:58 +01:00
Matthias Fischer	ec27a5ae21	squid: Update to 3.4.14 Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-07 20:36:27 +01:00
Michael Tremer	3db584817d	Remove old VLAN initscript Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-05 12:43:53 +01:00
Michael Tremer	36f7fe6a38	udev: Add hotplugging for VLAN devices The VLAN devices will now automatically be created after a parent device has been added. Mainly this will resolve a race-condition between udev initialising the network adapters and sysvinit running scripts that will do the initialisation of the VLAN. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-05 12:43:08 +01:00
Matthias Fischer	52f8264bda	libpcap: Update to 1.7.4 Signed-off-by: Matthias Fischer <fischerm42@t-online.de> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-01 20:43:49 +01:00
Arne Fitzenreiter	388f903e9e	Merge branch 'master' into next	2015-07-10 18:58:11 +02:00
Arne Fitzenreiter	f0aa99fb7b	ca-certificates: New package This package adds a trusted lists of CAs. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-07-10 15:14:15 +02:00
Erik Kapfer	373c622aa6	nettle: Update to 3.1.1 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 12:09:35 +02:00
Erik Kapfer	625bfa65e6	cmake: Update to 3.2.3 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 12:09:26 +02:00
Erik Kapfer	5184e8d361	libarchive: Add new package This is required for newer versions of cmake. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 12:09:16 +02:00
Erik Kapfer	3e9e8800e7	libevent2: Move from package to core system The library is used by many other components and it makes more sense to integrate it into the core system like libevent. Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-07 23:05:18 +02:00
Michael Tremer	df0bd0e304	coreutils: Remove dead symlink /bin/[ Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-02 21:38:20 +02:00
Matthias Fischer	bdb1c52534	curl: Update to 7.43.0	2015-06-26 18:07:49 +02:00
Michael Tremer	f4e1fbab9e	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-06-23 20:38:49 +02:00
Michael Tremer	39a92aabc2	conntrack-tools: Update to 1.4.2 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-06-23 14:45:06 +02:00
Michael Tremer	fec7a5b72f	libnetfilter_cthelper: New package Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-06-23 14:01:44 +02:00
Michael Tremer	ead1c73f2a	libnetfilter_cttimeout: Move out of iptables package Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-06-23 13:56:46 +02:00
Michael Tremer	d2f2ca6560	libnetfilter_queue: Update to version 1.0.2 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-06-23 13:52:08 +02:00

1 2 3 4 5 ...

1406 Commits