webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 19:53:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,864 Commits 2 Branches 1 Tag
8076deba79f9bbd4e551fdfe1eb49e8a77b2c19e
Commit Graph

245 Commits

Author SHA1 Message Date
Stefan Schantl
8117fff863 IDS: Call helper script when red interface gets up 
The helper script will be automatically called when the red interface gets up
and will re-generate the HOME_NET file, to take care if the IP-address of this
interface has changed.

Fixes #11989

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-02-06 15:40:19 +01:00
Stefan Schantl
c1a3401235 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2019-01-21 13:04:13 +01:00
Michael Tremer
7d5caee6bd Add initscript for conntrackd 
The daemon will be started by default when a configuration
file exists.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-01-06 08:59:25 +00:00
Arne Fitzenreiter
5e6f343b7d python: update to 2.7.15 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-01-06 15:51:53 +01:00
Stefan Schantl
a13ddf04d9 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-12-12 09:27:59 +01:00
Michael Tremer
f354601bbe initscripts: Import pakfire keys before importing AWS configuration 
This is useful when the user-data script is installing
packages. For that it will need valid keys for course.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-12-07 11:38:55 +00:00
Arne Fitzenreiter
16c18024bb kernel: compress kernel modules with xz 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-11-18 14:30:14 +01:00
Michael Tremer
9040a476cc core125: Ship glibc for i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-10-29 10:50:35 +00:00
Stefan Schantl
2d475a3c6c Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata 2018-09-26 14:49:34 +02:00
Arne Fitzenreiter
924b48c789 kernel: update to 4.14.69 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-09-12 21:04:07 +02:00
Stefan Schantl
cb52183c6a Fix merge conflicts during merge of next and the suricata branch 2018-08-23 10:34:17 +02:00
Michael Tremer
84cd9b9162 Drop the network-trigger script 
This is done at boot time and doesn't normally need to be done again.

On AWS or in the setup, renaming any network interfaces is being
handled automatically.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-08-22 14:05:43 +01:00
Stefan Schantl
843a8c570c snort: Drop package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-03 10:19:35 +02:00
Stefan Schantl
914cca3d8e initscripts: Link against suricata initscript in runlevels and red.up hook 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-03 10:02:34 +02:00
Stefan Schantl
d72b3e64c2 suricata: Introduce basic initscript 
Add a very basic initscript, which currently allows to start/stop/restart suricata and
check if the daemon is running.

The script will detect when starting suricata how many CPU cores are present on the system and
will launch suricata in inline mode (NFQUEUE) and listen to as much queues as CPU cores are
detected.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2018-08-02 19:54:22 +02:00
Arne Fitzenreiter
948d660c10 syslinux: update i586 rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-07-21 16:39:46 +02:00
Michael Tremer
479d82d1b8 Rootfile update 
We don't have EFI on i586

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-16 22:31:11 +01:00
Michael Tremer
784cd5cbd7 Enhance the flash image to support EFI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-14 13:43:49 +01:00
Arne Fitzenreiter
1ac0d5c598 Merge branch 'aarch64' into next 
Conflicts:
	config/rootfiles/core/121/filelists/acpid
	config/rootfiles/core/121/filelists/apache2
	config/rootfiles/core/121/filelists/apr
	config/rootfiles/core/121/filelists/aprutil
	config/rootfiles/core/121/filelists/armv5tel/files
	config/rootfiles/core/121/filelists/armv5tel/linux-initrd-kirkwood
	config/rootfiles/core/121/filelists/armv5tel/linux-initrd-multi
	config/rootfiles/core/121/filelists/armv5tel/linux-kirkwood
	config/rootfiles/core/121/filelists/armv5tel/linux-multi
	config/rootfiles/core/121/filelists/armv5tel/rpi-firmware
	config/rootfiles/core/121/filelists/armv5tel/u-boot
	config/rootfiles/core/121/filelists/armv5tel/u-boot-kirkwood
	config/rootfiles/core/121/filelists/armv5tel/u-boot-mkimage
	config/rootfiles/core/121/filelists/beep
	config/rootfiles/core/121/filelists/cmake
	config/rootfiles/core/121/filelists/crda
	config/rootfiles/core/121/filelists/dhcp
	config/rootfiles/core/121/filelists/flex
	config/rootfiles/core/121/filelists/i586/grub
	config/rootfiles/core/121/filelists/i586/intel-microcode
	config/rootfiles/core/121/filelists/i586/linux
	config/rootfiles/core/121/filelists/i586/linux-initrd
	config/rootfiles/core/121/filelists/iw
	config/rootfiles/core/121/filelists/jwhois
	config/rootfiles/core/121/filelists/libidn
	config/rootfiles/core/121/filelists/multipath-tools
	config/rootfiles/core/121/filelists/pcre
	config/rootfiles/core/121/filelists/tar
	config/rootfiles/core/121/filelists/unbound
	config/rootfiles/core/121/filelists/wget
	config/rootfiles/core/121/filelists/x86_64/grub
	config/rootfiles/core/121/filelists/x86_64/intel-microcode
	config/rootfiles/core/121/filelists/x86_64/linux
	config/rootfiles/core/121/filelists/x86_64/linux-initrd
	config/rootfiles/core/122/filelists/aarch64/files
	config/rootfiles/core/122/filelists/acpid
	config/rootfiles/core/122/filelists/apache2
	config/rootfiles/core/122/filelists/apr
	config/rootfiles/core/122/filelists/aprutil
	config/rootfiles/core/122/filelists/armv5tel/linux-initrd-kirkwood
	config/rootfiles/core/122/filelists/armv5tel/linux-initrd-multi
	config/rootfiles/core/122/filelists/armv5tel/linux-kirkwood
	config/rootfiles/core/122/filelists/armv5tel/linux-multi
	config/rootfiles/core/122/filelists/armv5tel/rpi-firmware
	config/rootfiles/core/122/filelists/armv5tel/u-boot
	config/rootfiles/core/122/filelists/armv5tel/u-boot-kirkwood
	config/rootfiles/core/122/filelists/armv5tel/u-boot-mkimage
	config/rootfiles/core/122/filelists/beep
	config/rootfiles/core/122/filelists/cmake
	config/rootfiles/core/122/filelists/crda
	config/rootfiles/core/122/filelists/dhcp
	config/rootfiles/core/122/filelists/flex
	config/rootfiles/core/122/filelists/i586/grub
	config/rootfiles/core/122/filelists/i586/intel-microcode
	config/rootfiles/core/122/filelists/i586/linux
	config/rootfiles/core/122/filelists/i586/linux-initrd
	config/rootfiles/core/122/filelists/iw
	config/rootfiles/core/122/filelists/jwhois
	config/rootfiles/core/122/filelists/libidn
	config/rootfiles/core/122/filelists/multipath-tools
	config/rootfiles/core/122/filelists/pcre
	config/rootfiles/core/122/filelists/tar
	config/rootfiles/core/122/filelists/unbound
	config/rootfiles/core/122/filelists/wget
	config/rootfiles/core/122/filelists/x86_64/grub
	config/rootfiles/core/122/filelists/x86_64/intel-microcode
	config/rootfiles/core/122/filelists/x86_64/linux
	config/rootfiles/core/122/filelists/x86_64/linux-initrd
	config/rootfiles/core/123/filelists/unbound
	config/rootfiles/oldcore/121/filelists/acpid
	config/rootfiles/oldcore/121/filelists/apache2
	config/rootfiles/oldcore/121/filelists/apr
	config/rootfiles/oldcore/121/filelists/aprutil
	config/rootfiles/oldcore/121/filelists/armv5tel/files
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-kirkwood
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-multi
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-initrd-rpi
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-kirkwood
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-multi
	config/rootfiles/oldcore/121/filelists/armv5tel/linux-rpi
	config/rootfiles/oldcore/121/filelists/armv5tel/rpi-firmware
	config/rootfiles/oldcore/121/filelists/armv5tel/u-boot
	config/rootfiles/oldcore/121/filelists/armv5tel/u-boot-kirkwood
	config/rootfiles/oldcore/121/filelists/armv5tel/u-boot-mkimage
	config/rootfiles/oldcore/121/filelists/beep
	config/rootfiles/oldcore/121/filelists/cmake
	config/rootfiles/oldcore/121/filelists/crda
	config/rootfiles/oldcore/121/filelists/dhcp
	config/rootfiles/oldcore/121/filelists/flex
	config/rootfiles/oldcore/121/filelists/i586/grub
	config/rootfiles/oldcore/121/filelists/i586/intel-microcode
	config/rootfiles/oldcore/121/filelists/i586/linux
	config/rootfiles/oldcore/121/filelists/i586/linux-initrd
	config/rootfiles/oldcore/121/filelists/iw
	config/rootfiles/oldcore/121/filelists/jwhois
	config/rootfiles/oldcore/121/filelists/libidn
	config/rootfiles/oldcore/121/filelists/multipath-tools
	config/rootfiles/oldcore/121/filelists/pcre
	config/rootfiles/oldcore/121/filelists/tar
	config/rootfiles/oldcore/121/filelists/wget
	config/rootfiles/oldcore/121/filelists/x86_64/grub
	config/rootfiles/oldcore/121/filelists/x86_64/intel-microcode
	config/rootfiles/oldcore/121/filelists/x86_64/linux
	config/rootfiles/oldcore/121/filelists/x86_64/linux-initrd
	make.sh
 2018-07-03 11:52:05 +01:00
Arne Fitzenreiter
4838034131 random: update initskript for machines with low entropy 
the script wait until crng is correct initialized before restore the
random seed and make some disc io to work around low entropy at boot
on some machines. Not really a fix but it should be better than reverting
CVE-2018-1108 fixes from kernel.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-06-28 20:48:58 +02:00
Michael Tremer
bd3bcb45d6 AWS: Import aws setup script 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-25 10:55:39 +01:00
Michael Tremer
1c21ebf8d5 Add initscript that automatically configures IPFire on AWS EC2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-06-21 16:45:40 +01:00
Arne Fitzenreiter
d96d00e9e9 intel-microcode: use symlink for i586 rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-05-31 07:05:37 +02:00
Jonatan Schlag
87b5f3711b Add Intel microcode updates 
Fixes: #11590
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-05-29 16:42:51 +01:00
Arne Fitzenreiter
a9203b4f5b kernel: i586 enable cs5535 gpio module 
this modul is needed for alix led support

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-18 06:11:15 +02:00
Arne Fitzenreiter
20406699e3 grub: update to 2.02 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-17 06:10:06 +02:00
Arne Fitzenreiter
69acde2ecd acpid: build also on arm 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-14 18:42:00 +02:00
Arne Fitzenreiter
96a2ff029e kernel: update config 
disable isdn
disable audit
disable profiling on arm
disable scsi driver on arm

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-11 18:36:57 +02:00
Arne Fitzenreiter
302dba205b Merge remote-tracking branch 'origin/master' into kernel-4.14 2018-03-30 10:26:01 +02:00
Michael Tremer
eb68e27dd2 pakfire: Import key when system boots up 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-19 19:44:50 +00:00
Michael Tremer
35cdaa194a Fix python-m2crypto rootfile 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-19 11:52:44 +00:00
Arne Fitzenreiter
1a7cfc2f10 Merge remote-tracking branch 'origin/core119' into kernel-4.14 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-02-27 12:38:18 +01:00
Michael Tremer
9434bffaf2 Merge branch 'openssl-11' into next 2018-02-21 12:21:10 +00:00
Michael Tremer
a1a5dd5566 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-02-15 19:34:50 +00:00
Michael Tremer
1633e0146c Rootfile update for glibc on i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-02-13 16:34:55 +00:00
Michael Tremer
a350ea6dea Drop mISDN userspace tools 
This is unsupported for quite a while and nobody should be using this.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-02-12 11:41:50 +00:00
Michael Tremer
5a9bbaa93d openssl: Update to version 1.1 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-02-11 22:19:45 +00:00
Arne Fitzenreiter
11b5e5cb8e toolchain: update to gcc-7.3.0 and enable retpolines on x86_64 and i586 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-02-11 20:56:12 +00:00
Arne Fitzenreiter
09cdb999da Merge remote-tracking branch 'arne_f/gcc-7-retpol' into kernel-4.14 2018-01-27 10:26:11 +01:00
Arne Fitzenreiter
7520b95a8b toolchain: update to gcc-7.3.0 and enable retpolines on x86_64 and i586 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-01-26 20:48:08 +01:00
Michael Tremer
3ed1c621cf Revert "Add Intel microcode updates from Jan 2018" 
This reverts commit d404b1dba2.

Intel has pulled these microcode updates because of
random system reboots and systems becoming unstable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-24 16:08:22 +00:00
Arne Fitzenreiter
2c21c4e522 Merge remote-tracking branch 'origin/next' into kernel-4.14 2018-01-15 19:08:23 +01:00
Jonatan Schlag
d404b1dba2 Add Intel microcode updates from Jan 2018 
Add intel microcode to the distribution and configure dracut in a way
that the microcode is loaded early in the boot process.

Fixes #11590

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Acknowledged-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-14 15:25:08 +00:00
Arne Fitzenreiter
5901793b61 intel-microcode: ship microcode updates (20180108) 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-01-14 11:33:13 +01:00
Michael Tremer
fbcb5b749a Drop mediatomb 
This didn't build and run in ages and has been removed from
the repositories quite a while ago.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-01-05 13:26:33 +00:00
Arne Fitzenreiter
5b117ef49a Merge remote-tracking branch 'origin/next' into kernel-4.14 2017-11-29 17:37:51 +01:00
Michael Tremer
87ad0c591b strongswan: Update to 5.6.1 
Drop support for Padlock which is not in wide usage
any more and creates some rootfile trouble every time.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-11-29 12:39:04 +00:00
Arne Fitzenreiter
f952832418 kernel: updated i586 config and rootfiles 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-11-26 09:32:47 +01:00
Arne Fitzenreiter
0d6e7dc852 kernel: rootfile update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-07-28 09:16:31 +02:00
Arne Fitzenreiter
b389d73110 Merge branch 'master' into kernel-4.9 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-07-09 12:47:16 +02:00