This option needs to be configurable since some (braindead) ISPs have
started running broken DHCP servers to be bug-compatible with cheap
broken plastic routers.
By default we keep this option enabled, but it can now be turned off
whenever needed.
Suggested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
i have added the gatewayfield at the line below the IP and Netmask
fields but prior this fields so the cursor jumps first the the gateway
and after this to the IP. This patch fix the activation order.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
DEFAULT_GATEWAY is used only in RED_STATIC config so it
fits better to this menu and is only selectable if red
is set to static mode.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This variable is no longer being used and was only used to
assign IP addresses to the individual interfaces.
However, the kernel knows best which IP address to select
as broadcast address for each network. Therefore we depend
on the kernel which allows us to support RFC3021.
Fixes: #12486 - no /31 transfer net available on red
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
There are NICs with 06: and we cannot simply replace the
first byte of the address.
I have no idea why this hack is needed and I believe we
do not need it at all.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It has been removed that DNS servers could be configured in
setup, but I forgot to remove a check which leads to new
installations not being able to complete the setup wizard.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This is no longer required since we have a new CGI script
that takes care of all DNS settings and stores things in
another format.
Fixes: #12235
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Amazon does not permit that a user logs in as root directly.
Instead they insist on using sudo.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Some hosters require that the subnet mask of the RED network
is set to 255.255.255.255. This was not possible to save before.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This reverts commit eef9b2529c.
It appears that htpasswd is not salting any passwords that are
stored with the SHA (-s) algorithm. MD5 passwords however are
salted.
That leads us to the conclusion that the "MD5 algorithm" in htpasswd
is more secure than the "SHA algorithm" although the hash function
itself should be stronger.
With a rainbow table, cracking "SHA" is easily done.
A rainbow table for "MD5" + salt would be way too large to be
efficiently stored.
Hence this commit is reverted to old behaviour to avoid the clear
failure of design in SHA.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
htpasswd doesn't protect passwords very well. MD5 was used
before and now any newly created passwords will use the
SHA format.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
