webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 11:35:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,633 Commits 2 Branches 1 Tag
abe7ef8936adf7d3eb6ca232b25743200b096d2e
Commit Graph

663 Commits

Author SHA1 Message Date
Michael Tremer
abe7ef8936 Merge remote-tracking branch 'ms/stunnel-addon' 2014-04-30 15:02:51 +02:00
Arne Fitzenreiter
6be2813368 fcron: fix /var/spool/cron permissions. 2014-04-30 10:57:14 +02:00
Arne Fitzenreiter
872d5a1e33 pppsetup: add atm device selection. 2014-04-28 23:36:03 +02:00
Michael Tremer
126507e5cf watchdog: Update addon. 2014-04-27 19:37:42 +02:00
Michael Tremer
d2d7a46b1e stunnel: New package. 2014-04-25 12:42:52 +02:00
Michael Tremer
8490e49618 firewall: Explicitely allow DHCP messages. 2014-04-17 12:31:27 +02:00
Michael Tremer
d22294fa7e firewall: Fix outgoing OpenVPN N2N tunnel packets. 
Don't throw away packets from the firewall that pass through
an OpenVPN N2N tunnel.
 2014-04-12 16:17:20 +02:00
Michael Tremer
99f11a16f6 firewall: Apply destination NAT rules for the firewall itself, too. 2014-04-09 14:16:32 +02:00
Arne Fitzenreiter
c926c6375d firewall: fix green only mode. 
disable masquerade and green IP/NET check if internet is
connected via green.
 2014-04-05 11:04:25 +02:00
Arne Fitzenreiter
6a79396ce6 hostapd: change setting of the regdomain. 
the regdomain is only updated if it was really changed but after boot
the system believe it is "00" World but it is not correctly set at
some cards. So we set a region and set it back to "00" before the
real region was set.
 2014-03-25 19:11:03 +01:00
Arne Fitzenreiter
fff24766e3 initskripts: add pcengines apu support to leds. 2014-03-18 00:25:08 +01:00
Michael Tremer
63f2fb7fda firewall: Filter logging of broadcasts from the internal networks. 2014-03-05 14:09:56 +01:00
Michael Tremer
6e87f0aa53 firewall: Allow accessing port forwardings from internal networks. 2014-03-02 20:37:44 +01:00
Michael Tremer
13585cc922 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2014-03-01 16:59:32 +01:00
Michael Tremer
a0a5c14f85 firewall: Make sure that only packets that go through the tunnel are passing OVPNBLOCK. 2014-03-01 16:44:05 +01:00
Arne Fitzenreiter
d0ff84a675 red: change mac address of nas0 device. 
Traverse Technology has reported that ppp over atm-bridge is not working
because there is a bogus mac address at the virtual nas0 device.
 2014-03-01 16:01:11 +01:00
Michael Tremer
bb3834231e firewall: Sort order in which chains are initialized. 
This has been some real trouble because multiple rules could
not be properly inserted into the rule chains in the kernel
because the chains did not exist, yet.
 2014-03-01 15:02:42 +01:00
Michael Tremer
c9cd26f200 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2014-02-27 13:14:02 +01:00
Arne Fitzenreiter
b3aa7a1231 ntp: wait only if wpa_supplicant is running. 2014-02-27 08:22:11 +01:00
Michael Tremer
55a5bcae74 firewall: Call firewallctrl with full path. 2014-02-26 20:03:32 +01:00
Michael Tremer
66f6b279b0 Reload all firewall rules when /etc/init.d/firewall reload is executed. 2014-02-25 12:23:09 +01:00
Michael Tremer
22fd89c656 sshd: Fix warning that oom_adj is deprecated. 
Also make startup faster.
 2014-02-24 21:36:15 +01:00
Arne Fitzenreiter
0a79ec4505 ntp: check/wait for onlineconnection. 2014-02-23 18:28:34 +01:00
Michael Tremer
c2f7250b23 firewall: Remove even more redundant rules. 2014-02-21 11:35:05 +01:00
Michael Tremer
29201ca84b firewall: Remove redundant rule. 2014-02-20 13:01:36 +01:00
Arne Fitzenreiter
d10a7de134 leds: add geos router support, updated alix leds. 2014-02-15 16:39:22 +01:00
Michael Tremer
0f5c5ce72d firewall: Load init script functions. 2014-02-14 16:10:21 +01:00
Michael Tremer
cdb725da87 firewall: Load conntrack modules in firewall script. 2014-02-14 12:54:08 +01:00
Michael Tremer
1108a15cc6 Move enabling nf_conntrack_acct where it should be. 2014-02-14 12:52:28 +01:00
Michael Tremer
7d7740a467 firewall: Initialize basic ruleset before entering runlevel 3. 2014-02-14 12:48:11 +01:00
Michael Tremer
e7c5b9dabb network: Remove redundant insertion of wireless rules. 2014-02-14 12:41:23 +01:00
Michael Tremer
4bc91affe0 network: Remove old accounting code. 2014-02-14 12:40:57 +01:00
Michael Tremer
159c55c5c8 firewall: Call firewall.local start at the very end. 2014-02-14 12:40:11 +01:00
Michael Tremer
c581b670ef firewall: Use --wait for every iptables call. 2014-02-14 12:35:40 +01:00
Arne Fitzenreiter
d2b1aa09df partresize: fix output redirection to dev/zero. 2014-02-12 01:02:08 +01:00
Arne Fitzenreiter
6450609d74 partresize: resize partition before c,h,s changes. 2014-02-11 00:23:11 +01:00
Arne Fitzenreiter
b8101c50ea partresize: update c,h,s values before resize. 
Some cards fail with wrong translations so the values are updated before resize.
 2014-02-05 10:52:46 +01:00
Arne Fitzenreiter
97461f500b krng: default entropy pool has 2kb with grsecurity. 2014-02-04 18:50:02 +01:00
Arne Fitzenreiter
af789b69a8 Revert "krng: use kernel entropy if no random-seed is stored." 
This reverts commit 1c72742bca.
 2014-02-04 18:49:00 +01:00
Arne Fitzenreiter
1c72742bca krng: use kernel entropy if no random-seed is stored. 2014-02-02 12:50:22 +01:00
Michael Tremer
73794dad87 apache: Don't show the signal of sync. 
evaluate_retval prints the return code of sync
which is not what we want here.

Also changed some console output.
 2014-02-01 19:35:27 +01:00
Arne Fitzenreiter
c2bf88c1a4 apache: sync filesystem after key generating. 2014-02-01 17:14:39 +01:00
Michael Tremer
2af8179385 rngd: Mix-in RDRAND and reload for HWRNGs added at runtime. 2014-02-01 16:46:22 +01:00
Michael Tremer
167e6ec7a8 openssh: Update to 6.5p1. 
Adds support for ed25519.
 2014-02-01 16:15:10 +01:00
Arne Fitzenreiter
a6acaa34cc udev: mount /dev/shm and /dev/pts if not mounted. 2014-02-03 00:27:17 +01:00
Michael Tremer
8af8d5d127 rng-tools: New package. 
The rng daemon will be installed by default and will
also be installed when a hardware random number generator
is found. It will then read random data from the hardware
random number generator and will feed it into the kernel's
entropy pool.

If no HW RNG is available, a warning will be printed
at boot time.
 2014-01-29 17:22:48 +01:00
Arne Fitzenreiter
e239818642 pakfire: fix metafile problems. 2014-01-26 23:42:25 +01:00
Michael Tremer
9ac43fb9e1 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2014-01-12 23:02:28 +01:00
Michael Tremer
8b64b1b64e Limit /run to 8M. 2014-01-12 23:02:00 +01:00
Michael Tremer
fd75e5e75c initscripts: Fix syntax error when mounting /run. 2014-01-12 23:01:21 +01:00