These are not considered secure anymore but are unfortunately
still needed in some cases (legacy hardware, ...).
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Display GeoIP information on active network connections in WebUI.
Use newly implemented function in /var/ipfire/geoip-functions.pl .
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Display GeoIP information on ipinfo.cgi and use newly implemented
function in /var/ipfire/geoip-functions.pl .
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Add GeoIP and rDNS information to DNS nameserver list at netexternal.cgi
Use newly implemented GeoIP function in /var/ipfire/geoip-functions.pl
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The WebUI IDS log did not display the rule name for alerts
where a signature with a five digit number was triggered
(some Emerging Threats signatures are using them).
Changing the regular expression so it will match on five
digit SIDs, too.
Fixes#11519.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Show a link to the DNS server status at netexternal.cgi
on index.cgi in WebUI.
For the lazy ones... :-)
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The page description (title and headline) should print
"hardware graphs" instead of only mentioning HDDs.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The links to the IPFire homepage in the credits.cgi file should
point to the HTTPS version of the site now.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Add option to change remote syslog protocol to TCP, which
is more reliable than UDP, but might be unsupported on
older syslog servers.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The compression is causing some interoperatibility issues
and does not really compress data very much - even when the
data is quite compressible.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Instead of opening the database again for each lookup,
we will read it into memory on first use and every lookup
after that will be coming from cache.
Reviewed-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Set the default operating mode to "relay" in the Tor WebUI
configuration page.
Running a Tor exit relay may cause legal trouble in some
countries and should not be the default setting to prevent
users from accidentally running an exit router.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Another clickable link for 'proxy.cgi', this time for 'Cache Manager Interface' - this one opens in a new window.
And: This time - hopefully - with correct '_blank'-attribute (deleted the backslashes) - based on current 'next'.
Plus: Deleted some "blind" tabs - found by chance.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Since the terms are always shown when set, we need a way
to edit them in coupon mode as well.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Added extended key usage based on RFC3280 TLS rules for OpenVPNs OpenSSL configuration,
so '--remote-cert-tls' can be used instead of the old and deprecated '--ns-cert-type'
if the host certificate are newely generated with this options.
Nevertheless both directives (old and new) will work also with old CAs.
- Automatic detection if the host certificate uses the new options.
If it does, '--remote-cert-tls server' will be automatically set into the client
configuration files for Net-to-Net and Roadwarriors connections.
If it does NOT, the old '--ns-cert-type server' directive will be set in the client
configuration file.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Added clickable links for 'URL filter' and 'Update accelerator' for faster access,
this time without the need to alter the language-files.
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
There was a function with different name but essentially
same functionality which is already existant in &show_clients().
Therefore this patch drops the old function without any functional
changes.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
