webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-24 09:52:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,772 Commits 2 Branches 1 Tag
92bed25016aa2f4054723e4d607680a3354d8d96
Commit Graph

235 Commits

Author SHA1 Message Date
Michael Tremer
8fcb92530e ipsecctrl: Fix compiler warning. 2014-03-26 23:47:14 +01:00
Michael Tremer
5c3de120aa openvpnctrl: Allow ICMP error messages to pass the transfer net. 2014-03-01 16:51:03 +01:00
Michael Tremer
73372ed4e6 firewall: Move scripts from /var/ipfire/firewall/bin to /usr/lib/firewall. 2014-01-28 20:48:24 +01:00
Stefan Schantl
e1a51ebb85 openvpnctrl: Pass external IP address to N2N daemons. 
Fixes #10313.
 2014-01-12 15:34:27 +01:00
Michael Tremer
7506baa2eb wirelesscrtl: Add --wait to iptables command line. 
With a huge number of access rules, inserting all rules
into the kernel took a long while in which other iptables
tried to access the kernel's ruleset as well, which then
lead to resource conflicts.

Since iptables 1.4.20, the --wait parameter is supported
that will wait for a global xtables lock and then proceed.
 2013-12-12 21:05:56 +01:00
Michael Tremer
ab4876ad42 firewall: Don't require to enable the RW server for N2N networks. 
The firewall rules for OpenVPN have not been applied for N2N
connections when the road warrior server was disabled.
 2013-11-08 13:38:09 +01:00
Alexander Marx
8039a71099 Firewall: renamed forwardfwctrl to firewallctrl 2013-10-24 09:42:42 +02:00
Alexander Marx
6d8eb5dec7 Firewall: Renamed directory /var/ipfire/forward to /var/ipfire/firewall 2013-10-24 09:24:12 +02:00
Michael Tremer
0e43079789 firewall: Cleanup rules reloading. 
This has been messed up a lot because there were multiple
files which indicated that a reload is needed; shell commands
were used to create and remove the indicator file; some
functions were duplicated.
 2013-10-22 18:53:48 +02:00
Michael Tremer
2dcea58cc2 misc-progs: Re-indent setuid.c. 2013-10-12 18:47:16 +02:00
Michael Tremer
1293811896 misc-progs: Convert to right file encoding. 2013-10-12 18:25:33 +02:00
Michael Tremer
555637d156 misc-progs: Sync STRING_SIZE. 2013-10-12 18:25:14 +02:00
Michael Tremer
2b875b3985 misc-progs: Remove own copy of strlcat. 
Add compatibility define that uses strncat.
 2013-10-12 18:23:40 +02:00
Michael Tremer
52e54c1c9a misc-progs: Move network stuff to own header file. 2013-10-12 18:22:51 +02:00
Michael Tremer
42ec14cf2b misc-progs: Remove unused functions. 2013-10-12 16:23:41 +02:00
Michael Tremer
ab89cb2253 misc-progs: Fix invalid command line argument parsing. 
Fixes #10431.
 2013-10-12 16:20:20 +02:00
Arne Fitzenreiter
f7bb003150 wirelessctrl: fix blue access "enabled" checkbox. 2013-10-03 14:50:33 +02:00
Michael Tremer
ec36876e6a wirelessctrl: Fix evaluation of configuration settings. 2013-10-01 17:45:00 +02:00
Michael Tremer
27ba58fb46 wirelessctrl: Silence error messages when no BLUE device is configured. 2013-09-07 16:10:02 +02:00
Michael Tremer
d69bf6191a wirelessctrl: Re-indent the code. 2013-09-07 15:21:40 +02:00
Michael Tremer
8e9a041324 openvpnctrl: Silence PID file error message. 2013-09-02 21:52:35 +02:00
Michael Tremer
3ad23ee1d9 openvpnctrl: Suppress silly error messages and cleanup coding style. 2013-09-02 21:05:47 +02:00
Michael Tremer
8c60701a4f forwardctrl: Remove unused and possibly dangerous flush option. 
Also remove unused header files.
 2013-08-12 14:42:16 +02:00
Michael Tremer
d2c4a3cab9 openvpnctrl: Cleanup flushChain functions. 2013-08-09 14:15:28 +02:00
Michael Tremer
2181b55552 openvpnctl: Flush BLOCK and SNAT chain when needed. 2013-08-09 14:15:28 +02:00
Michael Tremer
c31f18b6a9 openvpnctrl: Block all transfer subnets. 2013-08-09 14:15:27 +02:00
Michael Tremer
7c50b04834 openvpnctrl: Remove unneeded code. 2013-08-09 14:15:27 +02:00
Alexander Marx
93b75f31ad Forward Firewall: clean up some files 
Fix iptables loop wirelessctrl
Fix firewall chain order
Fix policies (added comment for statistic)
 2013-08-09 14:11:56 +02:00
Alexander Marx
9efd8d1c7e Forward Firewall: delete old portforwarding from system and fix for wlan-firewall part 1 (loop) 2013-08-09 14:11:56 +02:00
Alexander Marx
443a6e8a5f Forward Firewall: deleted creation of OVPNFORWARD and the accept rule. 2013-08-09 14:09:17 +02:00
Alexander Marx
8dc23ff4fc Forward Firewall: adapted initscripts/firewall and wirelessctrl.c 
Now the Wirelesschains should work with new firewall.
 2013-08-09 14:08:09 +02:00
Alexander Marx
8139398721 Forward Firewall: edited /src/initscripts/init.d/firewall and misc-progs/wirelessctrl.c 
added WIRELESSFORWARD to FORWARDFW (instead of FORWARD) so that rules work
commented out DMZHOLES lines in wirelessctrl.c to get rid of booterrormessages (There's no DMZHOLES anymore)
 2013-08-09 14:08:09 +02:00
Alexander Marx
231499fcc8 Forward Firewall: build iso with new firewall 2013-08-09 14:04:38 +02:00
Michael Tremer
111c99ddfa Forward Firewall: applied all changes as diff and added new files. Also deleted c files from xtaccess and setdmzholes. 
Signed-off-by: Alexander Marx <amarx@ipfire.org>

Conflicts:
	config/backup/include
	lfs/configroot
	lfs/usb-stick
 2013-08-09 14:02:02 +02:00
Michael Tremer
9e7591e725 torctrl: Add stop action. 2013-07-31 12:55:08 +02:00
Michael Tremer
27cb780589 tor: Add torctrl binary. 2013-07-31 12:52:26 +02:00
Michael Tremer
8e2683f70d ipsecctrl: Re-read everything when configuration is reloaded. 2013-07-23 13:24:15 +02:00
Michael Tremer
cdbe350442 openvpnctrl: Save the binary from crashing with wrong input. 
See #10390.
 2013-07-17 18:53:13 +02:00
Arne Fitzenreiter
8245f77ee3 misc-progs: fix typo in Makefile. 2013-07-15 21:53:47 +02:00
Stefan Schantl
e4ba53ed59 dnsmasq: Add feature to forward domains to certain DNS servers. 
Fixes #10369.
 2013-07-14 13:43:34 +02:00
Arne Fitzenreiter
57097305a6 Merge remote-tracking branch 'stevee/wlan-client' into next 
Conflicts:
	config/cfgroot/general-functions.pl
 2013-07-06 13:43:51 +02:00
Michael Tremer
a19ff965bb openvpnctrl: Fixes and improvements. 
Handle invalid data and make the code more robust.
 2013-06-05 18:56:31 +02:00
Michael Tremer
3d1fbbb028 openvpnctrl: SNAT transfer networks. 2013-06-05 18:56:21 +02:00
Michael Tremer
61027579bb Implement wireless client on RED. 
http://wishlist.ipfire.org/wish/wireless-client-on-red

Conflicts:
	doc/language_issues.de
	doc/language_issues.en
	doc/language_issues.es
	doc/language_issues.fr
	doc/language_issues.pl
	doc/language_issues.ru
	src/misc-progs/Makefile
 2013-05-29 18:32:51 +02:00
Michael Tremer
a19f33961c update accelerator: Don't change owner of ALL files in cache. 
When a file has been downloaded, all files in the update accelerator
cache directory have been chowned which causes huge IO load.
It is only required to set permissions that members of the group
can delete the files (purge function on the web user interface).

Changing the owner is completely unnecessary as only the squid
user needs write access and the web server is able to deliver
any file in the update cache anyways.
 2013-01-26 19:31:58 +01:00
Arne Fitzenreiter
fc992179a1 Merge remote-tracking branch 'origin/next' into thirteen 2012-12-17 10:16:46 +01:00
Michael Tremer
f9f13c135b etherwake: Also send broadcast packet. 
Fixes #10191.
 2012-12-11 13:27:27 +01:00
Michael Tremer
95c26b2485 misc-progs: Fix some more uninitialized variables. 2012-11-26 17:40:14 +01:00
Arne Fitzenreiter
6bd5e3144c misc-progs: setportfw: fix unintialised strings. 2012-11-26 17:46:49 +01:00
Michael Tremer
207c9813bc Merge branch 'strongswan-5' into thirteen 2012-10-09 00:30:33 +02:00