7247 Commits

Author	SHA1	Message	Date
Arne Fitzenreiter	804deb1b23	core143: add dhcp ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:46:05 +00:00
Arne Fitzenreiter	0167befa0a	core143: add logwatch ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:44:08 +00:00
Arne Fitzenreiter	67345f5665	core143: add openssh ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:41:57 +00:00
Peter Müller	0017b688e8	ssh_config: Do not set defaults explicitly ... Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:40:52 +00:00
Peter Müller	57302eeb16	sshd_config: Do not set defaults explicitly ... In order to keep configurations as small as possible and to make them easier to read/audit, this patch omits all default configuration in the OpenSSH server configuration file. Further, it mentions where to refer for the full documentation. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:40:50 +00:00
Peter Müller	3fd3f4de44	OpenSSH: update to 8.2p1 ... Please refer to https://www.openssh.com/txt/release-8.2 for release announcements. Since glibc < 2.31 is used, no additional patching was required in order to restore correct login functionality. Cc: Marcel Lorenz <marcel.lorenz@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:40:06 +00:00
Arne Fitzenreiter	a48d35f3ff	smartmontools: update rootfile ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 17:38:32 +00:00
Arne Fitzenreiter	f64ce4966b	core143: add localnet initscript ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 10:09:14 +00:00
Arne Fitzenreiter	ff9788d2d8	core143: netother.cgi ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 10:04:15 +00:00
Arne Fitzenreiter	2c0b745abb	core143: add smartmontools ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 10:00:20 +00:00
Arne Fitzenreiter	87b18665c0	core143: add ovpnmain.cgi ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 09:45:17 +00:00
Matthias Fischer	a7e9342c18	ncurses: Update to 6.2 ... For details see: https://invisible-island.net/ncurses/announce.html#h2-release-notes Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-26 09:42:12 +00:00
Arne Fitzenreiter	9145787719	core143: add xz ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-24 08:59:58 +00:00
Marcel Lorenz	3b891a2d90	xz: update to 5.2.5	2020-03-23 18:38:17 +00:00
Arne Fitzenreiter	0617c1ce82	core143: add coreutils ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-23 18:33:39 +00:00
Peter Müller	d519f1239f	coreutils: update rootfiles ... Cc: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-23 18:32:33 +00:00
Arne Fitzenreiter	4e412a00d3	core143: add glibc ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-22 19:10:46 +00:00
Michael Tremer	29cb9e478a	glibc: Update to 2.31 ... Fixes: #12288 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-22 07:30:45 +00:00
Arne Fitzenreiter	6319c9315c	core143: add hwdata ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:30:15 +00:00
Arne Fitzenreiter	06b809b314	core143: add strongswan ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:28:04 +00:00
Peter Müller	b427793a58	strongSwan: update to 5.8.2 ... Please refer to https://wiki.strongswan.org/versions/75 for release notes. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:27:22 +00:00
Arne Fitzenreiter	426902c9b4	core143: add rules.pl ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:26:38 +00:00
Stefan Schantl	c4b7692ad9	rules.pl: Fix SNAT over VPN. ... This commit adds flags which will are applied if SNAT should be used on the red address or any configured alias. They prevent doing the SNAT when tranismitting packet through a VPN over the red interface. Fixes #12162. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Tested-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:24:44 +00:00
Arne Fitzenreiter	e1379d6737	core143: add swap changes ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:23:36 +00:00
Michael Tremer	6b3b3a32ab	swap: Start swap after mounting filesystems ... When using a swap file, it is not being activated correctly when the filesystem it is residing on is not mounted, yet. The root file system is mounted read-only here before S40mountfs is being executed. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:19:54 +00:00
Arne Fitzenreiter	36050876ea	core143: add unbound ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:17:11 +00:00
Matthias Fischer	98bd7ab1be	unbound: Update to 1.10.0 ... For details see: https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-February/006711.html Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:16:40 +00:00
Arne Fitzenreiter	e7e89f4901	core143: add apr and pcre ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:15:00 +00:00
Wolfgang Apolinarski	ddda384a44	Update Apache Dependencies ... Update apache dependencies: APR: update to version 1.7.0 PCRE: update to version 8.44 Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:14:08 +00:00
Arne Fitzenreiter	e8810200aa	core143: add dhcp.cgi and fireinfo.cgi ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:12:54 +00:00
Arne Fitzenreiter	46609450dc	core143: add ntp ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:06:21 +00:00
Arne Fitzenreiter	10e9b34392	core143: add libssh ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:04:58 +00:00
Erik Kapfer	f09135aa43	tshark: Update to version 3.2.2 . ... Update to 3.2.x includes, several bugfixes, updated protocols, new and updated features. For the complete changelog, take a look into here --> https://www.wireshark.org/docs/relnotes/ . Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:04:08 +00:00
Erik Kapfer	5b9e7d37c3	libssh: Update to version 0.9.3 . ... Fixes CVE-2019-14889 and several issues after an security audit. The complete changelog can be found in here --> https://www.libssh.org/category/release/ . This version is also needed for tshark-3.2.2 to prevent 'error while loading shared libraries: libssh.so.4' for sshdump and ciscodump. Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 16:03:54 +00:00
Erik Kapfer	a8c6cd6322	keepalived: Update to version 2.0.20 . ... Since this update is a mayor version update, it brings a lot of changes. The changelog can be found in here --> http://www.keepalived.com/changelog.html . Added /etc/sysconfig/keepalived in ROOTFILE and in backup/includes. Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:59:38 +00:00
Arne Fitzenreiter	78f4edc02b	core143: add openssl ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:58:31 +00:00
Michael Tremer	3a17ab3893	openssl: Update to 1.1.1e ... Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1551). Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:56:05 +00:00
Arne Fitzenreiter	a945138e4d	core142: add gcc, binutils and cairo to update ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:53:58 +00:00
Michael Tremer	50a04f785d	cairo: Update to 1.16.0 ... This updates the package and adds a patch so that it compiles with binutils 2.34. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:44:08 +00:00
Peter Müller	cfd2f07cf0	binutils: update to 2.34 ... Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:44:06 +00:00
Michael Tremer	067a6fd040	gcc: Update to 9.3.0 ... Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:43:41 +00:00
Arne Fitzenreiter	592be1d206	bluetooth: drop outdated bluetooth addon ... The cgi support only rfcomm modem dialup. This is not used by modern hardware. Also the used bluez stack version is outdated long time. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:41:22 +00:00
Arne Fitzenreiter	e6c2265d82	core143: open core updater ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-21 15:38:22 +00:00
Arne Fitzenreiter	57fda8c8ad	suricata: use KILL is suricata not shut down normal. ... sometimes suricata hung and lock the pidfile at suricata stop. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-09 06:41:32 +00:00
Arne Fitzenreiter	b3bc092dad	core142: start suricata before unbound after update ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-05 05:54:09 +00:00
Arne Fitzenreiter	233141c6c9	core142: add unbound.conf to updater ... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-04 21:49:05 +00:00
Michael Tremer	9700617aeb	unbound: Disable using mixed case for DNS queries ... This seems to cause that some resolvers do not respond to queries any more until unbound falls back. To ensure better DNS performance, we disabled this. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-04 21:47:37 +00:00
Peter Müller	e737776db5	unbound.conf: Do not set defaults explicitly ... In order to keep configuration files small and easy to review/audit, omitting defaults makes more sense than configure them explicitly (have changed my mind here). Unbound comes with a good default confiuration, and we should only make changes when they are necessary. In addition, this patch updates the documentation's URL to the current one. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Cc: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-04 21:46:48 +00:00
Michael Tremer	0bdb63924b	backup: Fix saving DNS settings ... There was a typo in /var/ipfire/dns/servers and the settings file was not explicitely included in the backup. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-04 11:30:31 +00:00
Arne Fitzenreiter	a344d3c902	unbound/red.up: run unbound update-forwarders after suricata init. ... The old suricata instance blocks dns requests if the red ip has changed. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-03-04 08:52:56 +01:00