webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,814 Commits 2 Branches 1 Tag
bb64cd092ce7b5338a7cc8882c9fbfc8262efbce
Commit Graph

13814 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arne Fitzenreiter
bb64cd092c core137: add updated xt_geoip_update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:46:27 +00:00
Daniel Weismüller
a18addb946 xt_geoip_update: Always call the cleanup function when some step fails 
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:45:29 +00:00
Daniel Weismüller
7b2d933055 xt_geoip_update: Do not create temporary directories again 
These already exist

Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:45:27 +00:00
Daniel Weismüller
3cd8d55010 xt_geoip_update: Use /var/tmp for temporary data 
Since we have some systems that are restricted to only 2GB of
space on /, we need to move this to where we have enough space.

Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:45:23 +00:00
Daniel Weismüller
0df1839239 xt_geoip_update: Perform cleanup after successful operation 
The temporary files were never being cleaned up after the script
has finished compiling the database.

Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:45:20 +00:00
Arne Fitzenreiter
efa43d82b5 core137: add dns.cgi to update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:42:35 +00:00
peter.mueller@ipfire.org
fe9fb38682 fix link to public DNS server list in dns.cgi 
Fixes: #11851

Reported-by: Dani W <assgex@gmail.com>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:41:49 +00:00
peter.mueller@ipfire.org
41fe437400 fix typo in hostapd initscript 
Fixes: #11237

Reported-by: Tom Rymes <tomvend@rymes.com>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:40:25 +00:00
peter.mueller@ipfire.org
04a42c81f5 rust: fix year in LFS file 
Tempus fugit, I know... :-)

Cc: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:37:33 +00:00
Arne Fitzenreiter
6f828b103e core137: add updated ruleset-sources 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:36:36 +00:00
Stefan Schantl
6a56ee2a3e ruleset-sources: Update snort dl urls. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:34:03 +00:00
Arne Fitzenreiter
ff42e56224 core137: add updated backup.pl 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:30:37 +00:00
Tim FitzGeorge
28797d488e Restart logging after restoring backup 
Send SIGHUP to syslogd and suricata after restoring backup.  This ensures that
if the restored backup includes log files that any new log messages get
appended to the restored log files.  Otherwise they will be written to the
old log files which are pending deletion.

httpd is told to restart using apachectl, which is the equivalent of sending
a signal. 'graceful' (USR1) is used rather than 'restart' (HUP) because the
latter immediately kills the process restoring the backup, preventing
converters from running.

Fixes: 12196
Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:27:54 +00:00
Arne Fitzenreiter
57ff953341 core137: add ipset to update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:22:44 +00:00
Erik Kapfer
f3acac7f11 ipset: Update to version 7.3 
Some kernel part fixes are included. For a overview of the changelog,
take a look in here --> http://ipset.netfilter.org/changelog.html .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:15:16 +00:00
peter.mueller@ipfire.org
5c0345f5c1 ship updated bash and readline 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:12:53 +00:00
peter.mueller@ipfire.org
95f1c332d8 bash/readline: drop orphaned patches 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:12:46 +00:00
peter.mueller@ipfire.org
c5f0c44451 readline: add patch 001 for version 8.0 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:12:38 +00:00
peter.mueller@ipfire.org
2c0ee2b962 bash: add patches 001 - 011 for 5.0 version 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:12:09 +00:00
peter.mueller@ipfire.org
f41d936026 update rootfiles for bash and readline 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:12:06 +00:00
peter.mueller@ipfire.org
6e8e8ee41c readline: update to 8.0 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:12:03 +00:00
peter.mueller@ipfire.org
700f11b305 bash: update to 5.0 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-14 17:11:59 +00:00
Matthias Fischer
4863f2096c dhcpcd: Update to 8.1.0 
For details see:
https://roy.marples.name/blog/dhcpcd-8-1-0-released

"DragonFlyBSD: Improved rc.d handling
Fix carrier status after a route socket overflow
Allow domain spaced options
DHCP: Allow not sending Force Renew Nonce or Reconf Accept
IPv4LL: Now passes Apple Bonjour test versions 1.4 and 1.5
ARP: Fix a typo and remove pragma (thus working with old gcc)
DHCP6: Fix a cosmetic issue with infinite leases
DHCP6: SLA 0 and Prefix Len 0 will now add a delegated /64 address
Ignore some virtual interfaces such as Tap and Bridge by default
BPF: Move validation logic out of BPF and back into dhcpcd"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-13 06:08:05 +00:00
Arne Fitzenreiter
ff592e1e07 core137: close update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-12 15:57:59 +00:00
Arne Fitzenreiter
fcb0e92dec core137: restart updated services 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-12 15:56:40 +00:00
Arne Fitzenreiter
778dd44789 kernel: update to 4.14.149 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-12 13:12:03 +02:00
Arne Fitzenreiter
2fabddb44d rust: update armv5tel rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 20:23:05 +02:00
Arne Fitzenreiter
194c7b16e4 rust: add i586 and aarch64 rootfile 
todo: armv5tel is still missing...

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 18:11:32 +02:00
Arne Fitzenreiter
f947ce9af1 sane: add special aarch64 rootfile 
libsane-qcam is not available for aarch64 so we need an extra rootfile

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 18:10:23 +02:00
Arne Fitzenreiter
c67519ac7c sane: rootfile update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 18:06:54 +02:00
Arne Fitzenreiter
3791a79239 tshark: rootfile update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 18:05:50 +02:00
Arne Fitzenreiter
e29eb3a6c1 speedtest-cli: add rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 18:04:30 +02:00
Arne Fitzenreiter
7739cbf456 sane/stage2: remove sanedloop 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-09 08:37:23 +02:00
Arne Fitzenreiter
f2e7d2bf50 rust: fix typo 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:49:01 +00:00
Arne Fitzenreiter
2228871e3e rust: fix md5 sums for i586 and arm 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:44:54 +00:00
Stefan Schantl
5b87687cb1 suricata: Enable rust support 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:08:37 +00:00
Stefan Schantl
59fe973584 rust: New package. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:08:23 +00:00
Erik Kapfer
5848f7288b ncat: Update to version 7.80 
Several improvements has been added. This update is part of the nmap-7.80 update.
For the complete changelog take a look in here --> https://seclists.org/nmap-announce/2019/0 .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:07:01 +00:00
Erik Kapfer
692d6e012b nmap: Update to version 7.80 
Several improvements, NSE scripts and libraries has been added.
The complete changelog can be found in here --> https://seclists.org/nmap-announce/2019/0 .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:06:34 +00:00
Arne Fitzenreiter
2513c3bba9 core137: ship libpcap 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:05:50 +00:00
Matthias Fischer
64243e995b libpcap: Update to 1.9.1 
For details see:
https://www.tcpdump.org/libpcap-changes.txt

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:04:36 +00:00
Arne Fitzenreiter
a647499b10 core137: ship unbound 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:03:50 +00:00
Matthias Fischer
146c8a58ab unbound: Update to 1.9.4 
For details see:
https://nlnetlabs.nl/pipermail/unbound-users/2019-October/011832.html

"This release is a fix for vulnerability CVE-2019-16866 that causes a
failure when a specially crafted query is received."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:01:41 +00:00
Matthias Fischer
6c20eff135 tcpdump: Update to 4.9.3 
For details see:
https://www.tcpdump.org/tcpdump-changes.txt

"Fix buffer overflow/overread vulnerabilities:
      CVE-2017-16808 (AoE)
      CVE-2018-14468 (FrameRelay)
      CVE-2018-14469 (IKEv1)
      CVE-2018-14470 (BABEL)
      CVE-2018-14466 (AFS/RX)
      CVE-2018-14461 (LDP)
      CVE-2018-14462 (ICMP)
      CVE-2018-14465 (RSVP)
      CVE-2018-14881 (BGP)
      CVE-2018-14464 (LMP)
      CVE-2018-14463 (VRRP)
      CVE-2018-14467 (BGP)
      CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
      CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
      CVE-2018-14880 (OSPF6)
      CVE-2018-16451 (SMB)
      CVE-2018-14882 (RPL)
      CVE-2018-16227 (802.11)
      CVE-2018-16229 (DCCP)
      CVE-2018-16301 (was fixed in libpcap)
      CVE-2018-16230 (BGP)
      CVE-2018-16452 (SMB)
      CVE-2018-16300 (BGP)
      CVE-2018-16228 (HNCP)
      CVE-2019-15166 (LMP)
      CVE-2019-15167 (VRRP)
    Fix for cmdline argument/local issues:
      CVE-2018-14879 (tcpdump -V)"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:01:28 +00:00
Matthias Fischer
a92ede2487 clamav: Update to 0.102.0 
For details see:
https://blog.clamav.net/2019/10/clamav-01020-has-been-released.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:01:02 +00:00
Matthias Fischer
d46c0db060 nano: Update to 4.5 
For details see:
https://www.nano-editor.org/news.php

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 19:00:26 +00:00
Erik Kapfer
1da6583980 tshark: Update to version 3.0.5 
The jump from 3.0.2 to 3.0.5 includes several bugfixes, updated protocols and new and updated capture support.
The complete release notes can be found in here --> https://www.wireshark.org/docs/relnotes/ .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 18:57:43 +00:00
Arne Fitzenreiter
5fe5334daa core137: ship strongwan and vpnmain.cgi 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 18:56:47 +00:00
Michael Tremer
d47b2cc28b IPsec: Add support for Curve448 
This is supported since strongswan 5.7.2 and is a good alternative
to Curve25519 because Curve448 is almost equally secure but performs
faster.

  https://en.wikipedia.org/wiki/Curve448

This is enabled by default although we do not expect many other
implementations to be able to support this.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 18:53:23 +00:00
Michael Tremer
4dde3dd50f strongswan: Update 5.8.1 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 18:53:13 +00:00