webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 11:05:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
5,740 Commits 2 Branches 1 Tag
96096995ed505c5286cebd48ffdcb0e34cbcd196
Commit Graph

826 Commits

Author SHA1 Message Date
Alexander Marx
96096995ed ovpnmain.cgi: Fix downloading of client packages. 
It was only possible to download the client packages if the OpenVPN server is running - which is very confusing.

Fixes #10300.
 2013-03-01 19:25:15 +01:00
Arne Fitzenreiter
eb7fff99fc backupiso: disable on arm (we have no iso). 
and fix syntax error.
 2013-02-15 19:16:06 +01:00
Arne Fitzenreiter
b34fdcae83 proxy: allow access to IPFire itself if nets are blocked. 
This fixes missing pictures on blocking pages.
fixes #10138
 2013-02-14 19:33:37 +01:00
Michael Tremer
40d3e72956 QoS: Don't create template when bandwidth is empty. 2013-02-14 15:35:43 +01:00
Stefan Schantl
48d9bbba75 qos: Remove advanced settings. 2013-02-13 21:35:54 +01:00
Arne Fitzenreiter
ea31a62aad graphs: add mmcblk to media graphs. 2013-02-05 02:10:50 +01:00
Arne Fitzenreiter
3e30714aa7 snort: fix sourcefire rules downloads. 2013-02-02 09:57:14 +01:00
Arne Fitzenreiter
745d9c0717 Revert "Revert "snort: Update to 2.9.4."" 
This reverts commit f17d112c04.
 2013-02-02 09:50:49 +01:00
Arne Fitzenreiter
4a29f8541b vpnmain: disabled address check. 
this temporary fixes bug #10294 until the check was fixed to check the
complete source and dest net.
 2013-02-02 09:40:15 +01:00
Stefan Schantl
dcfc6334b9 proxy.cgi: Allow to set a hostname as upstream proxy. 
Fixes #10215.
 2013-01-22 19:38:12 +01:00
Stefan Schantl
e201b6d537 proxy.cgi: Also allow to use a hostname for the LDAP server. 
Fixes #10265.
 2013-01-21 21:15:50 +01:00
Alexander Marx
8b6f424c03 SQUID : BUG 10280: extended patch, so that 0 is a valid value for disk-cache 2013-01-20 17:06:48 +01:00
Michael Tremer
60cc2e54a7 vpnmain.cgi: Fix selection of AES-192 as ESP cipher. 2013-01-15 15:57:29 +01:00
Michael Tremer
b2531cb080 vpnmain.cgi: Allow to use PSK if public IP is '%defaultroute'. 
Openswan did not support to use PSKs on net-to-net connections,
when the public IP of the IPFire box was "%defaultroute".
However, it is required to set the public IP to "%defaultroute"
on NAT-ed devices (such as UMTS connections in Germany) to
connect to other sites as the IPFire box does not know
the real public IP address.
 2013-01-15 15:45:29 +01:00
Arne Fitzenreiter
e7b7cbae36 proxy: fix cache_replacement_policy setting. 
fixes: 10264
thx to SAHC for help.
 2013-01-13 22:46:49 +01:00
Alexander Marx
d5a7ff9500 Squid: added check if ram cache is greater than harddisk cache 2013-01-10 16:40:52 +01:00
Bernhard Bittner
f0ccae1819 ovpnmain.cgi: Fix typo. 2013-01-09 15:22:21 +01:00
Alexander Marx
b643120c01 OpenVPN CCD: Fix ccd filename when certificate has spaces in name. Now the filename gets an underscore to provide full functionality of openvpn. 2013-01-07 12:31:03 +01:00
Arne Fitzenreiter
c3d9a16d57 hostapd: add country selection and fix txpower display. 2012-12-29 16:20:16 +01:00
Arne Fitzenreiter
360378014d Merge remote-tracking branch 'origin/next' into thirteen 2012-12-17 22:52:28 +01:00
Stefan Schantl
4f6e3ae3b8 ovpnmain.cgi: Fix client package creation. 
Fix print aguments to fit with operation systems which uses \r\n on textfiles.

Fixes #10269.
 2012-12-17 21:54:33 +01:00
Arne Fitzenreiter
fc992179a1 Merge remote-tracking branch 'origin/next' into thirteen 2012-12-17 10:16:46 +01:00
Arne Fitzenreiter
f17d112c04 Revert "snort: Update to 2.9.4." 
This reverts commit 7c8301fb8a.
reverted because sourcefire has not released the rules for
non-paying user yet. Will readded to IPFire 2.13 soon.
 2012-12-16 10:11:18 +01:00
Michael Tremer
7c8301fb8a snort: Update to 2.9.4. 
Comes with a bunch of bugfixes. Nothing too exciting for us.
 2012-12-11 12:35:24 +01:00
Michael Tremer
ff1ed674e0 routing.cgi: Allow adding static routes with subnet masks. 
It was not possible to enter networks in the subnet mask notation,
which is fixed by this patch.

Fixes #10219.
 2012-12-11 12:16:54 +01:00
Arne Fitzenreiter
d7a3254ace Merge remote-tracking branch 'origin/next' into thirteen 
Conflicts:
	config/rootfiles/common/stage2
	make.sh
 2012-12-06 19:29:29 +01:00
Alexander Marx
82c809c752 OpenVPN ccd: fixed typos in ccd-files 2012-11-29 21:31:32 +01:00
Michael Tremer
79d29f0082 Merge remote-tracking branch 'stevee/next' into next 2012-11-28 22:59:33 +01:00
Michael Tremer
f4819f1f76 Merge remote-tracking branch 'amarx/ipsec' into next 2012-11-28 22:12:50 +01:00
Stefan Schantl
4cdf8b927a ovpnmain.cgi: Some cosmetic changes on the Net-to-Net section. 
* Fix colspan of column.
* Check of mtu-disc and fragment or mssfix, before mtu will be performend.
 2012-11-28 22:03:44 +01:00
Alexander Marx
e2429e8d34 OpenVPN ccd: created subnet checkfunction in general_functions, because ipsec needs this too! 
This should prevent ipsec Hosts/Nets to have same ip addresses than openvpn Hosts/Nets
 2012-11-28 20:24:59 +01:00
Alexander Marx
ac87f37110 OpenVPN ccd: fixed counter in static networks. Only 63 hosts are possible in /24 subnet Now IP-Range begins with ".2" 2012-11-28 20:18:14 +01:00
Alexander Marx
df9b48b753 OpenVPN ccd: added alphanumeric sort of static networks and under ROUTING, NONE is selected if no route is specified 2012-11-28 20:17:23 +01:00
Alexander Marx
f7fc17c38a IPSEC: added checkroutine for used OpenVPN subnets/Hosts 2012-11-26 13:19:07 +01:00
Michael Tremer
3ef99ad95a Add links to sarg reports on the proxy reports page. 2012-11-26 12:18:54 +01:00
Michael Tremer
d46bec5299 calamaris: Fix viewing reports. 
Fixes that only the last created report could be viewed (#10259).
 2012-11-26 10:55:32 +01:00
Alexander Marx
5068ac3822 OpenVPN ccd: try to adapt changes to latest next branch. 2012-11-26 10:31:47 +01:00
Michael Tremer
43f4c938c1 ipsec: Shut up strongswan logging. 
Just log the basic stuff.
 2012-11-24 14:22:14 +01:00
Michael Tremer
b368a2f84d Merge remote-tracking branch 'stevee/next' into next 2012-11-23 12:58:40 +01:00
Alexander Marx
290007b3b0 openvpn ccd: Fix subnet mask validation. 2012-11-23 12:56:54 +01:00
Alexander Marx
52d08bcbd2 openvpn ccd: Minor fixes: iroute, delete route line. 
Fixed several bugs:

1) iroute line not correctly printed in ccd file
2) route line was not deleted from server.conf when deleting a client
3) Routebox (client has access to these networks on ipfire site) did not show green,orange and blue when no static route was defined on ipfire
4) Green is no longer selected as default route in clientconfig.

Tested all Options with Windows 7 Client and Linux Mint 12
 2012-11-23 12:56:47 +01:00
Stefan Schantl
1647059d74 ovpnmain.cgi: Check and only allow valid operation modes for mtu-disc. 
In the past some unexpected things has been happened if the Path MTU Discovery not has been
configured.
 2012-11-22 19:59:56 +01:00
Stefan Schantl
9e3b875694 ovpnmain.cgi: Path MTU Discovery defaults to Off on Net-to-Net connections. 2012-11-22 19:47:30 +01:00
Stefan Schantl
f2621c3190 Revert "openvpn.cgi: Respect if mtu-disc hasn't been configured yet." 
This reverts commit a66e24bbfd.
 2012-11-22 19:45:44 +01:00
Stefan Schantl
b228aaf09d ovpnmain.cgi: Path MTU Discovery defaults to Off on Net-to-Net connections. 2012-11-20 19:26:13 +01:00
Alexander Marx
e81be1e1ed openvpn ccd: Minor fixes. 
some bugfixes, client advanced options no more visible under net-2-net config, blue network is recognized,
Fixed the bug with wrong ip address in ccd file.
 2012-11-20 17:11:08 +01:00
Stefan Schantl
a66e24bbfd openvpn.cgi: Respect if mtu-disc hasn't been configured yet. 
If mtu-disc has not been configured, the script anyway has write mtu-disc to the configuration files,
which has brocken them.
 2012-11-19 21:07:55 +01:00
Stefan Schantl
350f298025 Merge branch 'ovpn-mtu-disc' into next 
Conflicts:
	html/cgi-bin/ovpnmain.cgi
 2012-11-17 13:10:05 +01:00
Alexander Marx
8c877a82f6 OpenVPN: Add CCD configuration GUI. 2012-11-16 17:08:49 +01:00
Stefan Schantl
2ee746be04 Add support for mtu-disc to openvpn. 
OpenVPN now have support for an automaticaly mtu path discovery.
This feature can be enabled on roadwarrior or net-to-net connections.
It can be fully configured by using the webinterface.
 2012-11-14 20:46:36 +01:00