webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 02:55:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,280 Commits 2 Branches 1 Tag
7bf83f9d39d3101ac096b42d0fc43a8caef97c5e
Commit Graph

1895 Commits

Author SHA1 Message Date
Alexander Marx
5d7faa4518 Forward Firewall: First part of adding OUTGOING to th efirewall 2013-08-09 14:08:20 +02:00
Alexander Marx
12dcfbbdbe Forward Firewall: Portfw now working and firewall closed correctly 2013-08-09 14:08:19 +02:00
Alexander Marx
d6bdebd47d Forward Firewall: fixed icmp-types and deleted dmzholes chain 2013-08-09 14:08:17 +02:00
Alexander Marx
0b14d3d9b1 Forward Firewall: fixed portforward rules. Now possible even if firewall in mode1 2013-08-09 14:08:16 +02:00
Alexander Marx
6adcf1569c Forward Firewall: set standard rules for blue in mode 2 2013-08-09 14:08:16 +02:00
Alexander Marx
210ee67b53 Forward Firewall: deleted mode0, added default Mode2 and fixed /etc/init.d/firewall to reload the rules correctly on reload. Also made it possible to create broadcastrules (To drop broadcastpackets) 2013-08-09 14:08:15 +02:00
Alexander Marx
e44fa0792b Forward Firewall: BUGFIX: When editing a rule and changing position, no other changes where saved. 
added the DMZHOLES Rule to init.d/firewall (but chnaged DMZHOLES to FORWARDFW
 2013-08-09 14:08:10 +02:00
Alexander Marx
8dc23ff4fc Forward Firewall: adapted initscripts/firewall and wirelessctrl.c 
Now the Wirelesschains should work with new firewall.
 2013-08-09 14:08:09 +02:00
Alexander Marx
8139398721 Forward Firewall: edited /src/initscripts/init.d/firewall and misc-progs/wirelessctrl.c 
added WIRELESSFORWARD to FORWARDFW (instead of FORWARD) so that rules work
commented out DMZHOLES lines in wirelessctrl.c to get rid of booterrormessages (There's no DMZHOLES anymore)
 2013-08-09 14:08:09 +02:00
Alexander Marx
62fc851166 Forward Firewall: fixed 12 Bugs from forum. 
1) Added more possible chars in remark: : / .
2) Added "Internet" to std networks to be able to define internetaccess
3) When renaming a custom address, the firewallrules get updated
4) Ports are now ignored when using GRE as Protocol
5) When saving a customservice, the cursor is now in first textfield
6) Added a customservices file to installation with predefined services
7) Added ESP as protocol
8) Fixed counterproblem
9) Dropdownboxes for customservices and groups now sorted
10) Firewallrules now sorted in right order
11) fixed a Bug when defining manual address in source and target, the hint message is no longer displayed
12) When defining an external access rule, the last forwardrule was deleted
 2013-08-09 14:08:04 +02:00
Alexander Marx
fd10a52ca2 Forward firewall: commented out line in init.d/firewall that all Forward traffic from green is allowed and put it in rules.pl. Now rules.pl allows this traffic when firewall is set to Mode0 or Mode2 2013-08-09 14:07:15 +02:00
Alexander Marx
6be0579b18 Forward Firewall: replaced Outgoing-Logging with ForwardFW Logging. And changed Options in optionsfw.cgi from outgoing to forward 2013-08-09 14:05:22 +02:00
Alexander Marx
231499fcc8 Forward Firewall: build iso with new firewall 2013-08-09 14:04:38 +02:00
Michael Tremer
111c99ddfa Forward Firewall: applied all changes as diff and added new files. Also deleted c files from xtaccess and setdmzholes. 
Signed-off-by: Alexander Marx <amarx@ipfire.org>

Conflicts:
	config/backup/include
	lfs/configroot
	lfs/usb-stick
 2013-08-09 14:02:02 +02:00
Michael Tremer
7323724196 squid: Fix two security issues. 
* CVE-2013-4115
* CVE-2013-4123

http://www.squid-cache.org/Versions/v3/3.1/changesets/
 2013-08-07 22:15:31 +02:00
Michael Tremer
dfdda7588d DDNS: Use HTTPS for all-inkl.com. 2013-08-03 13:36:19 +02:00
Michael Tremer
9e4cb00b42 tor: Fix path to readhash in initscript. 2013-08-02 10:42:08 +02:00
Michael Tremer
52a2f02f41 Merge branch 'ddns-all-inkl' into next 
Conflicts:
	config/rootfiles/core/72/filelists/files
 2013-08-02 10:41:27 +02:00
Michael Tremer
80002fe433 DDNS: Support for all-inkl.com. 
Requested by Daniel Kovacs <daniel.kovacs@pleasuredome.org>.
 2013-08-01 18:12:01 +02:00
Michael Tremer
6869929e9a arm: Don't require distutils. 
We don't have that module shipped and we don't really
need it for arm either.
 2013-07-31 18:06:05 +02:00
Michael Tremer
9e7591e725 torctrl: Add stop action. 2013-07-31 12:55:08 +02:00
Michael Tremer
c60301c06a tor: Add necessary firewall rules. 2013-07-31 12:52:40 +02:00
Michael Tremer
27cb780589 tor: Add torctrl binary. 2013-07-31 12:52:26 +02:00
Michael Tremer
b312967ce3 tor: New package. 2013-07-29 21:29:34 +02:00
Michael Tremer
8e2683f70d ipsecctrl: Re-read everything when configuration is reloaded. 2013-07-23 13:24:15 +02:00
Michael Tremer
463f9edeb2 network: red: Remove duplicate MRU option. 2013-07-21 20:33:36 +02:00
Michael Tremer
cdbe350442 openvpnctrl: Save the binary from crashing with wrong input. 
See #10390.
 2013-07-17 18:53:13 +02:00
Michael Tremer
cfab012b14 squidclamav: Fix indentation of update script. 2013-07-16 19:46:29 +02:00
Michael Tremer
25848b36da squidclamav: Fix permissions of /etc/squidclamav.conf. 
The file must not be executable, but writeable by anybody
in the group nobody.
 2013-07-16 19:44:57 +02:00
Arne Fitzenreiter
2dd319f5b5 close core71. 2013-07-16 08:35:28 +02:00
Arne Fitzenreiter
8245f77ee3 misc-progs: fix typo in Makefile. 2013-07-15 21:53:47 +02:00
Arne Fitzenreiter
3e862ce4f9 Merge remote-tracking branch 'stevee/proxy-squidclamav' into next 
Conflicts:
	config/cfgroot/general-functions.pl
 2013-07-15 20:49:23 +02:00
Arne Fitzenreiter
c47f57d4e7 Merge remote-tracking branch 'stevee/dnsforward' into next 2013-07-15 20:38:27 +02:00
Arne Fitzenreiter
1043cb0ae9 oinkmaster: add vrt community-rules support. 2013-07-15 17:03:53 +02:00
Stefan Schantl
e4ba53ed59 dnsmasq: Add feature to forward domains to certain DNS servers. 
Fixes #10369.
 2013-07-14 13:43:34 +02:00
Arne Fitzenreiter
067c770905 hwdata: update ids: pci 2013-07-14, usb 2013-05-24. 2013-07-14 11:22:54 +02:00
Arne Fitzenreiter
65b1608fd2 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2013-07-09 20:08:40 +02:00
Arne Fitzenreiter
02d67e7545 functions.network: change "Not running" message. 
Now it looks like other initskripts.
 2013-07-09 19:09:39 +02:00
Michael Tremer
89baf6d537 ppp: Don't require setting the MTU configuration. 2013-07-09 12:15:07 +02:00
Arne Fitzenreiter
d43bb759b1 functions.network: cleanup dhcp stop script. 2013-07-08 22:32:42 +02:00
Arne Fitzenreiter
29fa14154f functions.network: fix cursor position at status write. 2013-07-08 19:58:11 +02:00
Stefan Schantl
5ced384b71 squidclamav: Never use IPv6. 
Squidclamav uses curl to resolve all kind of addresses which the system allow.
If the remote address is an IPv6 address, squidclamav hangs forever.

Nico Prenzel has found a solution to force the usage of IPv4 to prevent from this
issue.

Fixes #10376.
 2013-07-07 10:26:30 +02:00
Arne Fitzenreiter
fcfd54ba9b dnsmasq: kill already old instances before start. 2013-07-07 00:10:59 +02:00
Arne Fitzenreiter
57097305a6 Merge remote-tracking branch 'stevee/wlan-client' into next 
Conflicts:
	config/cfgroot/general-functions.pl
 2013-07-06 13:43:51 +02:00
Michael Tremer
c5e5324cb6 Replace whois by jwhois. 2013-07-04 17:31:30 +02:00
Arne Fitzenreiter
2e11506109 igmpproxy: add igmpproxy.conf backup include. 
fixes #10375.
 2013-07-03 10:31:53 +02:00
Stefan Schantl
f7a617a025 squidclamav: Update squidclamav.conf to use and trust the proxy cache. 
If squidclamav is already installed, the configuration will be saved and updated during
the upgrade process.

Reference #10367.
 2013-07-02 21:25:14 +02:00
Arne Fitzenreiter
2a224f6c10 kernel: update to 3.2.47 and kernel-xen to 2.6.32.61. 2013-06-19 17:18:13 +02:00
Michael Tremer
3142f133bb New package: keepalived 2013-06-14 13:37:59 +02:00
Michael Tremer
97f0fdd5f3 Merge remote-tracking branch 'jlentfer/multicat' into next 
Conflicts:
	make.sh
 2013-06-14 13:12:47 +02:00