webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-11 09:48:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,952 Commits 2 Branches 1 Tag
a7f6809c7fc104acf6b39549ecaca59ed1a277b6
Commit Graph

14952 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Pautrel
22680ad9be Update French translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 17:57:39 +00:00
Erik Kapfer
fb7226d0a6 tshark: Update to version 3.0.7 
Several bugfixes are included in this version, some protocol support has been added.
For a complete overview of the changelog, take a look in here -->
https://www.wireshark.org/docs/relnotes/wireshark-3.0.6.html
https://www.wireshark.org/docs/relnotes/wireshark-3.0.7.html .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 13:46:32 +00:00
Arne Fitzenreiter
424442d27d core140: add unbound/saveserch changes to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 13:44:20 +00:00
Arne Fitzenreiter
30b3b2cde7 checkrootfiles: ignore arch folder and add x86_64,aarch64 
rust has arch depending rootfiles which make no sense to
replache the arch by machine.
Also added missing arches to check.
 2019-12-29 13:42:31 +00:00
Michael Tremer
d7190078ce unbound: Configure Safe Search dynamically 
The safe search code relied on working DNS resolution, but
was executed before unbound was even started and no network
was brought up.

That resulted in no records being created and nothing being
filtered.

This will now set/reset safe search when the system connects
to the Internet.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 08:51:21 +00:00
Stéphane Pautrel
1ec1e499d0 Update of French translations 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 08:50:52 +00:00
Stefan Schantl
5bc042df2f rust: Update to 1.39 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 08:50:31 +00:00
Stefan Schantl
8245498310 make.sh: Introduce RUSTFLAGS 
This allows to set arch-specific FLAGS when dealing with
software written in rust.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 08:49:25 +00:00
Stefan Schantl
1cb8ffe84d Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2019-12-16 09:04:29 +01:00
Peter Müller
fd2dccaabb Core Update 139: fix syntax of generated Suricata DNS server file 
The YAML syntax of /var/ipfire/suricata/suricata-dns-servers.yaml was
invalid and caused Suricata to crash after upgrading to Core Update 139.

Due to strange NFQUEUE behaviour, this caused IPsec traffic to be
emitted to the internet directly. While this patch represents a quick
solution for Core Update 139, another one is needed for changing the
IPtables chain order to avoid similar information leaks in future.

Thanks to Michael for his debugging effort.

Fixes #12260
Partially fixes #12257

Cc: Michael Tremer <michael.tremer@ipfire.org>
Cc: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-14 07:26:05 +00:00
Peter Müller
a59cf47b9e Core Update 139 needs a reboot 
Fixes #12258

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-14 07:25:48 +00:00
Peter Müller
19ad0ddb2f Core Update 139: apply SSH configuration and restart SSH daemon 
Fixes #12259

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-14 07:25:35 +00:00
Stefan Schantl
4e033257ef ipinfo.cgi: Use continent RIR whois server. 
Determine the continent for the current processed IP-Address and
send the request to the responsible whois server of the local RIR
instead of sending all requests to ARIN.

Fixes #11267.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-12 12:12:59 +01:00
Stefan Schantl
ec1c52633e geoip-functions.pl: Add get_continent_code() 
This function allows to recieve the continent code of a given
country (code).

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-12 12:07:34 +01:00
Stefan Schantl
a3afe9058f geoip-functions.pl: Adjust location_dir 
The data directory upstream has been moved to "/var/lib/location".

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-12 09:39:34 +01:00
Stefan Schantl
c3b612bb6c libloc: Update to 0.9.0 (Git rev: cd022c) 
* Includes fix for database verification
* The public gpg signing key
* Datadir has been moved to /var/lib/location

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-12 09:14:30 +01:00
Stefan Schantl
9a240b7144 update-location-database: Only reload firewall after successfull update. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-10 14:50:35 +01:00
Arne Fitzenreiter
6a3acff934 core140: start 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-09 19:50:03 +01:00
Arne Fitzenreiter
a15dbe4497 Merge branch 'next' 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-09 18:37:16 +00:00
Arne Fitzenreiter
f23b944ecb core139: finish 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-09 18:48:07 +01:00
Stefan Schantl
693b8513df firewall/rules.pl: Only try to export locations if needed. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 18:36:54 +01:00
Stefan Schantl
c947959100 xtables-addons: Update to 3.7 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 18:36:26 +01:00
Stefan Schantl
9832997210 make.sh: Remove dropped packages from build list. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 15:56:20 +01:00
Stefan Schantl
c48a64d6f8 initscripts: Rootfile update. 2019-12-09 15:03:26 +01:00
Stefan Schantl
1eee696bb4 red.up: Download / Update location database. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:59:26 +01:00
Stefan Schantl
d1ca2d1fd5 GeoIP: Drop package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:50:51 +01:00
Arne Fitzenreiter
dd12d8c54c leds: use new APUx ACPI Bios leds if exist. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-09 14:50:44 +01:00
Stefan Schantl
9433a59690 geoip-generator: Drop package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:47:18 +01:00
Stefan Schantl
e4df56f999 Rootfile update. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:37:14 +01:00
Stefan Schantl
03c8f290d9 xtables-addons: Remove xt_geoip_build script 
This script is not longer required.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:35:15 +01:00
Stefan Schantl
eaba273a5f crontab: Adjust crontab to hourly launch the update-location-database 
script.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:26:26 +01:00
Stefan Schantl
8aea15899b Introduce update-location-database script. 
This script obsoletes the old xt_geoip_update script.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:25:51 +01:00
Stefan Schantl
f8e7c1c9d0 crontab: Adjust crontab to hourly launch the update-location-database 
script.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:19:53 +01:00
Stefan Schantl
93a985cc05 Introduce update-location-database script. 
This script obsoletes the old xt_geoip_update script.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 14:14:34 +01:00
Stefan Schantl
ad47d2ae80 firewall/rules.pl: Add code to collect and export all required country 
codes.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 11:08:23 +01:00
Stefan Schantl
e758c76384 geoip-functions.pl: Add functions to export locations and to flush them. 
The export_locations() function requires an array of country codes which
should be exported by the location-exporter script.

The flush_exported_locations() function is used to flush (delete) all
exported location files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 11:05:31 +01:00
Stefan Schantl
f5ad4246de firewall/rules.pl: Make geoipsettings hash and locations array 
script-wide available.

This allows to re-use them.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-09 11:04:30 +01:00
Stefan Schantl
9b2594d8e6 geoip-functions.pl: Export variables. 
This easily allows to use them in other perl script.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-08 18:10:12 +01:00
Erik Kapfer
6a9d9ff4af ovpn: Fix LZO checkbox restore 
Triggered by --> https://community.ipfire.org/t/openvpn-is-lzo-compression-now-effectively-disabled/503 .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-06 16:39:55 +00:00
Stefan Schantl
6fd1d4fa23 libloc: Fix rootfile 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 15:31:56 +01:00
Stefan Schantl
95bb1a5c95 logs.cgi/showrequrestfromcountry.dat: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:42:09 +01:00
Stefan Schantl
9288b11011 remote.cgi: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:39:54 +01:00
Stefan Schantl
83ccdf7fea openvpnmain.cgi: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:36:48 +01:00
Stefan Schantl
bb7ba3b404 netexternal.cgi: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:33:54 +01:00
Stefan Schantl
50494dfd6e logs.cgi/*: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:30:39 +01:00
Stefan Schantl
87bc6401bc connections.cgi: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:22:01 +01:00
Stefan Schantl
13c0fb7910 ipinfo.cgi: Use new location lookup method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:21:08 +01:00
Stefan Schantl
8a64d10f24 geoip-functions.pl: Use libloc instead of maxmind for address lookups. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 14:20:31 +01:00
Stefan Schantl
e34dbea747 geoip-locations.pl: Rework method to grab and handling GeoIP locations. 
Now directly get the locations which are part of ISO 3166 from the perl
Locale::Country module. In case it is not listed there grab the country
code and location name from a hash.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 13:58:20 +01:00
Stefan Schantl
45b32f4dcf Locale-Country: Update to 3.62 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-12-06 13:56:46 +01:00