- This error means that a section in extrahd.cgi about the mount path being incorrect
does not get shown for users with english language selected.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: bbitsch@ipfire.org
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Reiserfs was stopped in IPFire in Core Update 167. It has been announced that reiserfs
will be removed from the kernel in 2025.
- This patch gives a warning about this deprecation and removal if reiserfs is used. The
warning also requests that the user does a re-installation using either ext4 or xfs
filesystems.
- Tested out on a vm installation with reiserfs, ext4 and xfs. Messgae shown on system
with reiserfs filesystem but nopt on the other two.
- Warning message added into the English language file and ./make.sh lang run.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- v2 version that has only the removed line in the language files diffs
- Line removed from de, en, es & fr
- No translations had been done for the other languages for that line.
Fixes: Bug#12701
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- This v2 patch has moved the extraHead variable into header.pl
- This patch marks all IP's that are in the Fixed list but are also in the dynamic range
that has been defined, in red.
- Additional function created to check if an ip address is in a defined range.
- Added an additional key item under the Fixed Leases table for Fixed IP in dynamic range
- Added line to English Language file for this key item.
- ./make lang run before commit.
- Tested in vm testbed and confirmed that any ip address in the Fixed Leases table that
is in the defined dynamic range is highlighted in red
- This uses the css background-color appoach from the first patch in this set.
- This patch only highlights those IP's that overlap in red but does nothing more. So a
user can still create new ones if they want but they will all show up in red.
- This patch flags up if people are doing things that they shouldn't be doing but allows
them to continue doing so without changing anything if they don't want to and so will
not break existing setups.
Fixes: Bug#10629
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
This has been removed a long time ago and we should probably spend a
little bit more time on keeping the networking code tidy :)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- On CU172 Testing Build: master/eb9e29f9 when selecting the OpenVPN menu it showed the
Diffie-Hellman info and pressing back took you to the same DH page.
- Tested patch suggestion from Erik on vm testbed and confirmed that it worked.
Suggested-by: Erik Kapfer <erik.kapfer@ipfire.org>
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
* Translate string "Addon" in services.cgi
* Added EN/NL translations
* Correct existing plural DE translation for singular "Add-on"
* Fix usage of the incorrect strings "addon(s)" to correct
hyphenated "add-on(s)" also in other translation strings for
EN/NL/DE
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Some users assume that "check filesystem" does more than just
trigger a simple "fsck" run. This patch changes the button label to avoid
confusion. - NL translation
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Some users assume that "check filesystem" does more than
just trigger a simple "fsck" run. This patch changes the
button label to avoid confusion.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
* addonctrl's new functionality to control explicit addon services was
implemented.
* Change 'Addon' column header to 'Addon Service' to be clear that
it's not addons but services listed here.
* Services not matching the name of the addon now display the addon
name between parentheses, so the user knows where the service comes
from.
* When no valid runlevel symlink is found by addonctrl for a service,
the 'enable on boot' checkbox is replaced by a small exclamation point
with alt-text "No valid runlevel symlink was found for the initscript of
this service." to inform user why a service can't be enabled.
* Added German and Dutch translation for above message.
Fixes: Bug#12935
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
The email recipient was not correctly validated which allowed for some
stored cross-site scripting vulnerability.
Fixes: #12925 - JVN#15411362 Inquiry on vulnerability found in IPFire
Reported-by: Noriko Totsuka <vuls@jpcert.or.jp>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Removed UI code from dblist function and refactor it making it return
a hash representing the pak db for easier handling of this data.
- Moved core update check in dblist to new seperate dbcoreinfo function
making it return a hash with current and possibly available core
version info.
- Update existing calls to dblist
- Bring UI parts previously in dblist to pakfire program itself,
pakfire.cgi and index.cgi with a few small enhancements:
- Translations for 'Core-Update', 'Release', 'Update' and 'Version'
- Add currently installed version numbers to installed paks list in
pakfire.cgi
- Add 'Installed: yes/no' to pakfire list output so people not using
colors have this information too. (Partly fixes Bug #12868)
- Add update available details to pakfire list output if package has
updates available.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
- 29 strings have been added (otp qrcode, ipblocklist, cve mmio stale
data)
- 8 strings have been improved
- 3 strings have been removed (rdrand and hwrng system, hardware
support)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is a little patch which will extend the aliases page to offer an
interface selection if there are more than one RED interfaces.
This is a little hack to make configuration easier for users who have
manually set up more than one RED interface (e.g. for load balancing or
fail-over) and want to use the UI to configure firewall rules.
As a little benefit on the side, I had to rewrite setaliases.c to use
ip(8) instead of ifconfig(8).
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
Since the kernel now always reports 256 bits of entropy to be available,
this CGI does not show any useful information anymore. To avoid
confusions, it will hereby be removed entirely.
Fixes: #12893
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Add two-factor authentication (2FA) to OpenVPN host connections with
one-time passwords.
The 2FA can be enabled or disabled per host connection and requires the
client to download it's configuration again after 2FA has beend enabled
for it.
Additionally the client needs to configure an TOTP application, like
"Google Authenticator" which then provides the second factor.
To faciliate this every connection with enabled 2FA
gets an "show qrcode" button after the "show file" button in the
host connection list to show the 2FA secret and an 2FA configuration QRCode.
When 2FA is enabled, the client needs to provide the second factor plus
the private key password (if set) to successfully authorize.
This only supports time based one-time passwords, TOTP with 30s
window and 6 digits, for now but we may update this in the future.
Signed-off-by: Timo Eissler <timo.eissler@ipfire.org>
