Samba will chose this automatically and the documentation advises
against changing the default.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It is not a good default to withdraw samba from the race of becoming
the local master browser. There is no reason why it couldn't be.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It is virtually impossible to limit samba to these interfaces only.
Therefore we add a static list of all interfaces of the local network.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Samba is always linked against CUPS and therefore there is
no way to disable printing anyways.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It is not useful to set this on a modern server. The Linux
kernel will be tuning any send and receive buffer sizes.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Use the libloc data for gathering and displaying the stored network
flags, like "Anonymous Proxy" for the addresses.
The notice of a flag only will be displayed, if a flag is set for the
network which contains the given address.
Currently this notice text is "hardcoded" in englisch language, because
the entire other content of the page is in Englisch (responses from RIR's)
and also the flag names like "Anonymous Proxy" are only availabe in
English.
IMHO there is no need to to translate the string "This address is marked
as" into different languages, because of the reasons abouve.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It could happen that the remote peer re-established the connection
before "ipsec reload" removed it from the daemon.
Now, we write the configuration files first, reload them
and then bring down any connections that are still established.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
ovpnmain.cgi delivers now 'tls-version-min 1.2' for Roadwarrior and N2N.
Since the server needs it only on server side, this patch do not includes it for Roadwarrior clients.
N2N do not uses push options therefor this directive will be included on both sides.
To integrate the new directive into actual working OpenVPN server environment, the following commands
should be executed via update.sh.
Code block start:
if test -f "/var/ipfire/ovpn/server.conf"; then
# Add tls-version-minimum to OpenVPN server if not already there
if ! grep -q '^tls-version-min' /var/ipfire/ovpn/server.conf > /dev/null 2>&1; then
# Stop server before append the line
/usr/local/bin/openvpnctrl -k
# Append new directive
echo >> "tls-version-min 1.2" /var/ipfire/ovpn/server.conf
# Make sure server.conf have the correct permissions to prevent such
# --> https://community.ipfire.org/t/unable-to-start-the-openvpn-server/2465/54?u=ummeegge
# case
chown nobody:nobody /var/ipfire/ovpn/server.conf
# Start server again
/usr/local/bin/openvpnctrl -s
fi
fi
Code block end
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
We have dropped Reiser4 in 2013. There won't be any systems out there
any more running it. We can safely drop this warning.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
