webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-20 16:02:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,926 Commits 2 Branches 1 Tag
8ecb64505dc79a02c6599bd728f8393eb1146da9
Commit Graph

6926 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Marx
8ecb64505d Firewall: Edited update.sh for fifteen core update 2013-12-23 14:52:33 +01:00
Alexander Marx
c0f99754df Firewall: now it is possible to connect from one ipfire to a green network of another openvpn connected ipfire 
Please take care to put this into the docu! One can create DROP rules if
the remote ipfire should NOT be able to connect to the others internal
networks. Therefor you have to take the green interface IP as SOURCE!
 2013-12-23 11:05:04 +01:00
Alexander Marx
454d47a994 Firewall: changed outgoingfw converter to reflect new counters 2013-12-23 08:08:27 +01:00
Arne Fitzenreiter
562e14b01f kernel: update to 3.10.25. 2013-12-20 23:31:40 +01:00
Alexander Marx
3c037075d0 Firewall: when DNAT external port is given and dest port is empty, theres now an errormessage displayed 2013-12-20 13:04:56 +01:00
Alexander Marx
a8b113e73d Firewall: Now servicegroups and networkgroups can be renamed 2013-12-20 12:10:35 +01:00
Alexander Marx
5f037986b7 Firewall: added JS to automatically select radiobuttons in fwhosts 2013-12-20 12:10:03 +01:00
Alexander Marx
484269ceac FIrewall: Rewrote complete counters for firewall-groups (hosts,networks, network-groups) 2013-12-20 12:09:52 +01:00
Alexander Marx
ce2dbe92ce Firewall: Bugfix - When editing a DNAT rule and setting prot to "all" the port from previus rule was not resettet 2013-12-20 12:08:43 +01:00
Arne Fitzenreiter
dd6c9bb9c3 collectd initskript: parse new lm_sensors config. 2013-12-19 22:46:48 +01:00
Arne Fitzenreiter
724908c680 lm_sensors: update to 3.3.4. 2013-12-19 22:45:34 +01:00
Stefan Schantl
8a5ef45f15 Rework of flash-images. 2013-12-19 11:14:52 +01:00
Stefan Schantl
e3181add8e uboot: Update to 2013.10. 2013-12-19 11:09:00 +01:00
Arne Fitzenreiter
3fc43cd15b xen-downloader: build only on i586. 2013-12-19 10:55:57 +01:00
Arne Fitzenreiter
b2c2422191 kernel: update to 3.10.24. 2013-12-18 11:29:48 +01:00
Michael Tremer
30f08bcf80 Merge remote-tracking branch 'amarx/difflang' into fifteen 2013-12-16 12:31:19 +01:00
Alexander Marx
fac3861429 Firewall: Bugfix: in /etc/init.d/firewall the REDNAT chain was affected BEFORE NAT_SOURCE. Outgoing SNAT rules where not working though 2013-12-16 12:29:02 +01:00
Michael Tremer
39962c6e3d iptables: Update to 1.4.21. 2013-12-16 12:28:08 +01:00
Alexander Marx
33e64584dd TOOLS: new script langdiff added. With this script one can check a languagefile against another and gets a txtfile conatining the missing lines. 2013-12-13 08:03:23 +01:00
Michael Tremer
7506baa2eb wirelesscrtl: Add --wait to iptables command line. 
With a huge number of access rules, inserting all rules
into the kernel took a long while in which other iptables
tried to access the kernel's ruleset as well, which then
lead to resource conflicts.

Since iptables 1.4.20, the --wait parameter is supported
that will wait for a global xtables lock and then proceed.
 2013-12-12 21:05:56 +01:00
Michael Tremer
7d5e022df4 Merge remote-tracking branch 'amarx/firewall-fifteen-beta9' into fifteen 2013-12-10 13:31:38 +01:00
Alexander Marx
3a162dc14f Firewall: rebuild complete counter procedure in firewall-groups. This way the counters are on the fly generated and stable. also this is a prequisite to the new option that firewall-servicegroups can be rolled out by installation 2013-12-10 12:21:48 +01:00
Arne Fitzenreiter
5d4d41b18c Merge branch 'next' into fifteen 2013-12-10 00:15:01 +01:00
Arne Fitzenreiter
9fa1849586 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2013-12-10 00:14:12 +01:00
Arne Fitzenreiter
afa7593932 Merge branch 'master' into next 2013-12-10 00:13:20 +01:00
Arne Fitzenreiter
af2dcb40f6 samba: update to 3.6.22. 
Samba 3.6.22 have been issued as security releases in order
to address CVE-2013-4408 (DCE-RPC fragment length field is incorrectly checked)
and CVE-2012-6150 (pam_winbind login without require_membership_of
restrictions).
 2013-12-10 00:07:36 +01:00
Arne Fitzenreiter
e39ac92dd2 Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen 2013-12-09 17:13:34 +01:00
Arne Fitzenreiter
be33adfb3d kernel: update to 3.10.23. 2013-12-09 17:10:59 +01:00
Alexander Marx
50ce309b6a Firewall: added DNS (UDP,TCP) to default services 2013-12-09 11:06:50 +01:00
Alexander Marx
fe2bae3b74 Firewall: Fix BETA8 - It was not possible to delete single services from servicegroups 2013-12-09 09:33:21 +01:00
Alexander Marx
a8ec686f17 Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into firewall-fifteen1 2013-12-09 09:29:50 +01:00
Arne Fitzenreiter
3a3759c625 mountkernfs: fix mount of /sys and /proc without initrd. 2013-12-08 16:07:35 +01:00
Arne Fitzenreiter
8a2cf24a1f kernel: enable grsecurity on rpi kernel. 2013-12-08 16:03:25 +01:00
Alexander Marx
82b837cff8 Firewall: Added new feature: Now protocols can be added to servicegroups (GRE,AH,ESP,IPIP,IPV6) 2013-12-06 08:47:11 +01:00
Arne Fitzenreiter
342a91ae25 kernel: update to 3.10.22. 2013-12-05 19:46:25 +01:00
Alexander Marx
784098e4db Firewall: forgot to delete a development test string 2013-12-05 15:51:15 +01:00
Alexander Marx
0c733ab750 Firewall: Bugfix: Fixed wrong language strings in outgoing FW rules when using std networks or ipfire 2013-12-05 15:16:19 +01:00
Alexander Marx
2be048cedc Firewall: FIxed wrong language strings in outgoing Firewall 2013-12-05 15:16:02 +01:00
Alexander Marx
02cb636c8b Firewall: Fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=e19a36c4a09ea417ce9d577c262f17242eec4a31 
Now all "active" Strings from all languagefiles are checked against the old rule to find out if logging is enabled

Conflicts:
	config/firewall/convert-outgoingfw
 2013-12-05 15:15:37 +01:00
Alexander Marx
5558ca2a96 Firewall: fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=1ed4b214d785ad0538b0a864f43babccd55475b1 
Conflicts:
	html/cgi-bin/firewall.cgi
 2013-12-05 15:12:37 +01:00
Alexander Marx
cdb3536bc8 Firewall: BUGFIX: RUles.pl did not create LOGGING rules properly. 2013-12-05 14:48:59 +01:00
Michael Tremer
3868dc2a0c Merge remote-tracking branch 'earl/tor' into next 2013-12-05 00:00:28 +01:00
Michael Tremer
a408e02da2 squid: Update to 3.3.11. 2013-12-03 14:42:30 +01:00
Michael Tremer
6003c4bbdb strongswan: Rootfile update. 2013-12-03 14:00:29 +01:00
Michael Tremer
4ea955c544 core74: Fix incrementation. 2013-12-02 21:41:12 +01:00
Michael Tremer
9f9e43dcdd core74: Ship dnsforward.cgi in update as well. 
Adds the CGI file on systems which have been installed
with an ISO image where dnsforward.cgi was not included.
 2013-12-02 21:35:12 +01:00
Michael Tremer
bdbfbac6b4 core74: Add strongswan update. 2013-12-02 20:55:58 +01:00
Michael Tremer
57c8392d1c core74: Add dnsforward.cgi to ISO. 
Bug #10447.
 2013-12-02 20:48:58 +01:00
Michael Tremer
c0a4b92839 core74: Add updated proxy.cgi. 
Reflects the FD changes.
 2013-12-02 20:45:20 +01:00
Michael Tremer
ec4a4fafb2 core74: Add openvpn. 
This package has been updated before.
 2013-12-02 20:44:28 +01:00