- Update from 2.3.11 to 2.4.0
- Update of rootfile not required
- Update of patches as the source code is different enough that the
patches failed to work.
- Changelog has information on changes for version 2.4.0. Prior version
information is for 2.3.3 from 2012. All intervening versions have no
changelog information available.
Version 2.4.0
- Update translations.
- Useragent report is produced if information is available.
- Don't abort if DNS resolution is failing to resolve a host IP address.
- xz compressed log files are supported.
- Compressed redirector logs are now supported.
- Filter converted and split logs using -t command line option.
- Add many new buffer overflow checks.
- Use random temporary directory name by default.
- Many bug fixed.
- Many new features added.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- What is it?
pmacct is a monitoring tool for network management tasks. Data collected
can be used for analysis and troubleshooting purposes to maintain the
health of the network. pmacct can collect, replicate and export network
information. It can cache in memory tables, store persistently to SQLite3
and output to flat-files like CSV, formatted, and JSON.
- Why is it needed?
To monitor data usage (IP-based or MAC-based data accounting) down to the
client level. Net-Traffic will monitor traffic for the entire RED, GREEN,
etc. networks, but it cannot pinpoint which client is using lots of data.
Connections will take a snapshot but not show day by day sums. pmacct can
help admins keep tabs on users that use too much data.
- What are the use cases?
An ISP may implement data caps and if the limit is over-run then you have
to pay for every additional xxGB of data used. Typical charges can be
around $10 per 50GB. With pmacct you can identify the high users and take
action, hopefully before the limit is breached.
- This is being introduced as a command line only tool. However, at a later
date, if it is useful to enough additional users a WUI page could be
developed as discussed in the development mailing list
https://lists.ipfire.org/pipermail/development/2021-January/009174.html
- Changes in V2 version
- Initscript is using IPFire template and installed with IPFire method.
- All other daemons except pmacct and pmacctd have been removed from the install.
- Example conf files have been removed from /etc/pmacct
Both example conf files are described in the pmacct wiki draft.
Tested-by: Jon Murphy <jon.murphy@ipfire.org>
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org>
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- v2 version has updated rootfile. One line was accidentally missed out of
original patch submission.
- Change from building with python2 to python3
- iotop setup.py used "itervalues" which is no longer used by python3
In python3 this has been changed to "values". Patch created to update
this in the source tarball setup.py
- Update lfs file with patch application and use of python3
- Update of rootfile
- Installed updated version into vm testbed and iotop confirmed working
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.3.26 (2013-04-23) to 6.4.19 (2021-04-24)
- Update rootfile
- Delete fetchmail-6.3.26-permit-build-without-ssl3.patch as it is not
needed with version 6.4.19
- Added command to use python3 to lfs
- Changelog is too large to include here
Full details can be found in NEWS file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
* Return output of iptables directly instead of writing it to files.
* Make iptables wait for 5s if xtables is locked by another iptables
process. (--wait 5 argument)
* Add optional parameter "-x" to have iptables report exact numbers.
* Add optional parameter "-f" to display the filter table (default).
* Add optional parameter "-n" to display the nat table.
* Add optional parameter "-m" to display the mangle table.
* Adapt iptables.cgi and guardian.cgi to catch getipstat output
instead of reading temp-files.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- v2 patch version has required libraries not commented
- v2 patch version has lua.pc file commented out in the rootfile
pkgconfig file is only required for build or development and not
for normal running of IPFire
- v2 patch version has make linux changed to make all
INSTALL_TOP is required - default is /usr/local
INSTALL_DATA is required - default results in an empty rootfile
TO_LIB is required - default results in only lua.a in rootfile
- v2 patch version includes PAK_VER updates for dnsdist and haproxy due to
sobump. These packages showed up as dependencies to the old lua library
ncat was also linked but already had a PAK_VER change due to a package
upgrade and so no longer showed up in the find-dependencies scan
- Update from 5.3.5 to 5.4.3
- Autotoolize patch not update since 5.3 series
Based on input from Michael Tremer implemented build approach
from BLFS. This approach also used by Arch Linux. Updated lfs in
line with approach. Added pkgconfig file lua.pc as used in BLFS.
- Update of shared_library patch obtained from BLFS
- Update of rootfile
- Removal of old lua-5.3.5 patches
- Changelog
Main changes
new generational mode for garbage collection
to-be-closed variables
const variables
userdata can have multiple user values
new implementation for math.random
warning system
debug information about function arguments and returns
new semantics for the integer 'for' loop
optional 'init' argument to 'string.gmatch'
new functions 'lua_resetthread' and 'coroutine.close'
string-to-number coercions moved to the string library
allocation function allowed to fail when shrinking a memory block
new format '%p' in 'string.format'
utf8 library accepts codepoints up to 2^31
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
With wireless device as members in bridges, we cannot predict the name
very well. So we will use the MAC address and find the correct device
name when we launch hostapd.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.54.3 to 2.68.1
- Update rootfile
- glib-2.54.3-compile-fixes-1.patch not required, all changes now
incorporated in the source tarball
- meson/ninja have replaced autotools
- As so's updated ran find-dependencies
No additional programs flagged up
- Changelog is too large to include here
Full details can be viewed in the NEWS file in the source tarball
Large number of bugs fixed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The initscript it setting a lot of options which are set by hostapd
which will fail to start the AP instead of using fire-and-forget.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is the first ppp release for years, and the project appears to have
a different maintainer (team?) by now. As a result, some of our patches
are no longer necessary as they made it into upstream, while others need
to be adjusted slightly.
In addition, their configure script does not handle commas in CFLAGS
properly, which is why the delimiter for the 'sed' call in it has to be
changed to something neither appearing in a path nor in our CLFAGS set.
The full changelog of this release can be retrieved from
https://ppp.samba.org/README.html and says:
* Support for new EAP (Extensible Authentication Protocol) methods:
- Support for EAP-TLS, from Jan Just Keijser and others
- Support for EAP-MSCHAPv2, from Eivind Næss, Thomas Omerzu, Tijs
Van Buggenhout and others
* New pppd options:
- chap-timeout
- chapms-strip-domain
- replacedefaultroute
- noreplacedefaultroute
- ipv6cp-accept-remote
- lcp-echo-adaptive
- ip-up-script
- ip-down-script
- ca
- capath
- cert
- key
- crl-dir
- crl
- max-tls-version
- need-peer-eap
* Fixes for CVE-2020-8597 and CVE-2015-3310.
* libpcap is now required when compiling on Linux (previously, if
libpcap was not present, pppd would be compiled without packet
filtering support).
* The rp-pppoe plugin has been renamed to pppoe, to distinguish it
from the upstream rp-pppoe code. Its options have changed names,
but the old names are kept as aliases.
* The configure script now supports cross-compilation.
* Many bug fixes and cleanups.
Thanks to Michael for his hint on the ./configure CFLAGS issue.
The second version of this patch correctly updates the
src/patches/ppp/0013-everywhere-O_CLOEXEC-harder.patch patch for the
second hunk in pppd/main.c, where socket permissions have been changed
meanwhile.
Further, it has been successfully tested against a VDSL 100 line in
Germany, using PAP to Easybell via 1&1 L2 BSA. No connectivity issues or
other anomalies have been observed so far.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 5.0 with patch 18 to 5.1 wih patch 4
- Remove old bash50 patches
- Update rootfiles
- Add new bash51 patches
- Installed updated version in a vm testbed system
All bash commands that were run, executed correctly
Script created to redirect output to a file and ran correctly
- Changelog
1. New Features in bash-5.1 since release of bash-5.0
a. `bind -x' now supports different bindings for different editing modes and
keymaps.
b. Bash attempts to optimize the number of times it forks when executing
commands in subshells and from `bash -c'.
c. Here documents and here strings now use pipes for the expanded document if
it's smaller than the pipe buffer size, reverting to temporary files if it's
larger.
d. There are new loadable builtins: mktemp, accept, mkfifo, csv, cut/lcut
e. In posix mode, `trap -p' now displays signals whose disposition is SIG_DFL
and those that were SIG_IGN when the shell starts.
f. The shell now expands the history number (e.g., in PS1) even if it is not
currently saving commands to the history list.
g. `read -e' may now be used with arbitrary file descriptors (`read -u N').
h. The `select' builtin now runs traps if its internal call to the read builtin
is interrupted by a signal.
i. SRANDOM: a new variable that expands to a 32-bit random number that is not
produced by an LCRNG, and uses getrandom/getentropy, falling back to
/dev/urandom or arc4random if available. There is a fallback generator if
none of these are available.
j. shell-transpose-words: a new bindable readline command that uses the same
definition of word as shell-forward-word, etc.
k. The shell now adds default bindings for shell-forward-word,
shell-backward-word, shell-transpose-words, and shell-kill-word.
l. Bash now allows ARGV0 appearing in the initial shell environment to set $0.
m. If `unset' is executed without option arguments, bash tries to unset a shell
function if a name argument cannot be a shell variable name because it's not
an identifier.
n. The `test -N' operator uses nanosecond timestamp granularity if it's
available.
o. Bash posix mode now treats assignment statements preceding shell function
definitions the same as in its default mode, since POSIX has changed and
no longer requires those assignments to persist after the function returns
(POSIX interp 654).
p. BASH_REMATCH is no longer readonly.
q. wait: has a new -p VARNAME option, which stores the PID returned by `wait -n'
or `wait' without arguments.
r. Sorting the results of pathname expansion now uses byte-by-byte comparisons
if two strings collate equally to impose a total order; the result of a
POSIX interpretation.
s. Bash now allows SIGINT trap handlers to execute recursively.
t. Bash now saves and restores state around setting and unsetting posix mode,
instead of having unsetting posix mode set a known state.
u. Process substitution is now available in posix mode.
v. READLINE_MARK: a new variable available while executing commands bound with
`bind -x', contains the value of the mark.
w. Bash removes SIGCHLD from the set of blocked signals if it's blocked at shell
startup.
x. `test -v N' can now test whether or not positional parameter N is set.
y. `local' now honors the `-p' option to display all local variables at the
current context.
z. The `@a' variable transformation now prints attributes for unset array
variables.
aa. The `@A' variable transformation now prints a declare command that sets a
variable's attributes if the variable has attributes but is unset.
bb. `declare' and `local' now have a -I option that inherits attributes and
value from a variable with the same name at a previous scope.
cc. When run from a -c command, `jobs' now reports the status of completed jobs.
dd. New `U', `u', and `L' parameter transformations to convert to uppercase,
convert first character to uppercase, and convert to lowercase,
respectively.
ee. PROMPT_COMMAND: can now be an array variable, each element of which can
contain a command to be executed like a string PROMPT_COMMAND variable.
ff. `ulimit' has a -R option to report and set the RLIMIT_RTTIME resource.
gg. Associative arrays may be assigned using a list of key-value pairs within
a compound assignment. Compound assignments where the words are not of
the form [key]=value are assumed to be key-value assignments. A missing or
empty key is an error; a missing value is treated as NULL. Assignments may
not mix the two forms.
hh. New `K' parameter transformation to display associative arrays as key-
value pairs.
ii. Writing history to syslog now handles messages longer than the syslog max
length by writing multiple messages with a sequence number.
jj. SECONDS and RANDOM may now be assigned using arithmetic expressions, since
they are nominally integer variables. LINENO is not an integer variable.
kk. Bash temporarily suppresses the verbose option when running the DEBUG trap
while running a command from the `fc' builtin.
ll. `wait -n' now accepts a list of job specifications as arguments and will
wait for the first one in the list to change state.
mm. The associative array implementation can now dynamically increase the
size of the hash table based on insertion patterns.
nn. HISTFILE is now readonly in a restricted shell.
oo. The bash malloc now returns memory that is 16-byte aligned on 64-bit
systems.
pp. If the hash builtin is listing hashed filenames portably, don't print
anything if the table is empty.
qq. GLOBIGNORE now ignores `.' and `..' as a terminal pathname component.
rr. Bash attempts to optimize away forks in the last command in a function body
under appropriate circumstances.
ss. The globbing code now uses fnmatch(3) to check collation elements (if
available) even in cases without multibyte characters.
tt. The `fg' and `bg' builtins now return an error in a command substitution
when asked to restart a job inherited from the parent shell.
uu. The shell now attempts to unlink all FIFOs on exit, whether a consuming
process has finished with them or not.
vv. There is a new contributed loadable builtin: asort.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Updated from 8.0 with patch 1 to 8.1 with no patches
- Commented out the patch section in the lfs as no current patches
When patches are issued then the patch section can be uncommented
- Update rootfiles
- Remove old readline patches
- Changelog
New Features in readline-8.1 since the release of readline-8.0
a. If a second consecutive completion attempt produces matches where the first
did not, treat it as a new completion attempt and insert a match as
appropriate.
b. Bracketed paste mode works in more places: incremental search strings, vi
overstrike mode, character search, and reading numeric arguments.
c. Readline automatically switches to horizontal scrolling if the terminal has
only one line.
d. Unbinding all key sequences bound to a particular readline function now
descends into keymaps for multi-key sequences.
e. rl-clear-display: new bindable command that clears the screen and, if
possible, the scrollback buffer (bound to emacs mode M-C-l by default).
f. New active mark and face feature: when enabled, it will highlight the text
inserted by a bracketed paste (the `active region') and the text found by
incremental and non-incremental history searches. This is tied to bracketed
paste and can be disabled by turning off bracketed paste.
g. Readline sets the mark in several additional commands.
h. Bracketed paste mode is enabled by default. There is a configure-time
option (--enable-bracketed-paste-default) to set the default to on or off.
i. Readline tries to take advantage of the more regular structure of UTF-8
characters to identify the beginning and end of characters when moving
through the line buffer.
j. The bindable operate-and-get-next command (and its default bindings) are
now part of readline instead of a bash-specific addition.
k. The signal cleanup code now blocks SIGINT while processing after a SIGINT.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This disables the theme support and makes it impossible to use any other
themes than the ipfire default theme.
The only intention of this patch is to hardcode the theme to ipfire.
To change any cgi we have is an ugly way, but the only way to do this
fast. The colour handling needs certainly to be improved as well, but
this will and should be done in other patches.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 5.30.0 to 5.32.1
- Update of rootfile carried out
- Removal of perl-5.30.0.fix.build.failure-against-gcc-10.patch as no
longer required
- Changelog is too large to fit here.
Full details for release 5.33.1 from 5.32.0 are in the source tarball
in pod/perldelta.pod
For the details of changes in previous releases, see the individual
perlNNNdelta.pod files. For example, pod/perl588delta.pod describes the
changes between versions 5.8.7 and 5.8.8.
- Updated iso from build of perl and all other changes has been installed
in a vm testbed. All pages and graphs that have been looked at worked
without any hiccups.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Fix for Bug 12445: There is no proper way to distinguish between MS Azure and a local
Hyper-V installation Procedure: try to get the metadata info from the
internal MS metadata service at IP 169.254.169.254 If this fails the system
is running on an local Hyper-V instance wget takes too long to exit if the IP
is not reachable Added --timeout and --tries param to wget to reduce the
duation from 8 minutes to 9 seconds 9 seconds at one try should be enough
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Thomas Cekal <admin@cekal.org>
- Update from 0.2.3 to 1.2.5
- rpcbind-0.2.3-tirpc_fix-1.patch no longer needed as changes are now
included in the tarball
- Updated rootfile
- Dependency of nfs addon package
- Changelog
Too many lines to put in here
Full change logs for 0.2.4 and 1.2.5 can be found at
https://sourceforge.net/projects/rpcbind/files/rpcbind/
No bug fixes in 0.2.4
One bug fix in 1.2.5
Author: Steve Dickson <steved@redhat.com>
Date: Sat Dec 16 15:31:21 2017 -0500
rpcbind.service: Not pulling the rpcbind.target
According to systemd.special(7) manpage:
rpcbind.target
The portmapper/rpcbind pulls in this target and orders itself
before it, to indicate its availability. systemd automatically
adds dependencies of type After= for this target unit to
all SysV init script service units with an LSB header
referring to the "$portmap" facility.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1431574
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.0.2 to 1.3.1
- libtirpc-1.0.2-glibc-2.26.patch no longer needed as changes are now
included in the tarball
- Updated rootfile
- Dependency of rpcbind addon which is a dependency for the nfs addon
- Changelog
No changelog file provided anymore. Only git commits available
See http://git.linux-nfs.org/?p=steved/libtirpc.git;a=log for details
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.2 to 3.4
- Updated rootfile
- parted-3.2-device-mapper.patch and parted-3.2-sysmacros.patch are no
longer needed as changes are now included in the tarball
- Changelog is too large to put in here.
11 bug fixes included in logs
Full changelog can be viewed in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This package does not behave according to standard distribution rules
and our script deletes all libraries
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
"wireless extensions" is the old interface to speak to the kernel.
All newer drivers support nl80211 now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This reverts commit d96d979e2a.
Arne requested to revert this commit as well since dhcpcd still does not
run without any problems on i586 systems.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update sysvinit from 2.88dsf to 2.98
- From version 2.89 mounpoint build was not enabled as standard
- Patch created to modify Makefile to define mountpoint to be built
- Update of rootfiles
- Changelog is ~400 lines long from 2.88dsf to 2.98
- For details see the Changelog in the doc directory in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update mpage from 2.5.6 to 2.5.7
- No change to rootfile
- Slight tuning of patch needed due to changes in source file
- Changelog
June 2017
- Released version 2.5.7
- Relicensed code under GPLv2 or later
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update lz4 from 1.9.2 to 1.9.3
- Updated rootfile
- Removed old patches and updated to new version name
- Changelog
v1.9.3
perf: highly improved speed in kernel space, by @terrelln
perf: faster speed with Visual Studio, thanks to @wolfpld and @remittor
perf: improved dictionary compression speed, by @felixhandte
perf: fixed LZ4_compress_HC_destSize() ratio, detected by @hsiangkao
perf: reduced stack usage in high compression mode, by @Yanpas
api : LZ4_decompress_safe_partial() supports unknown compressed size, requested by @jfkthame
api : improved LZ4F_compressBound() with automatic flushing, by Christopher Harvie
api : can (de)compress to/from NULL without UBs
api : fix alignment test on 32-bit systems (state initialization)
api : fix LZ4_saveDictHC() in corner case scenario, detected by @IgorKorkin
cli : `-l` legacy format is now compatible with `-m` multiple files, by Filipe Calasans
cli : benchmark mode supports dictionary, by @rkoradi
cli : fix --fast with large argument, detected by @picoHz
build: link to user-defined memory functions with LZ4_USER_MEMORY_FUNCTIONS, suggested by Yuriy Levchenko
build: contrib/cmake_unofficial/ moved to build/cmake/
build: visual/* moved to build/
build: updated meson script, by @neheb
build: tinycc support, by Anton Kochkov
install: Haiku support, by Jerome Duval
doc : updated LZ4 frame format, clarify EndMark
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update net-tools from 1.60 to 2.10
- Based on guidance from Michael Tremer
- new no-hostname patch created to remove all hostname references
from makefile
- all other patch files removed from lfs as no longer needed
- version 2.10 places ifconfig and route tools in bin instead of sbin
those tools moved to sbin to keep in line with previous approach
- make update replaced by make install as there is no longer a make
rule for make update
- Updated rootfiles
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-Addition of patch to ghoscript as freetype version 2.10.3 and later
have withdrawn a macro that ghostscript used. Confirmed that without
the patch ghostscript failed to build due to the lack of the
FT_CALLBACK_DEF() macro. The fix is to explicitly declare the
callbacks file static.
- Update lfs to apply patch
- Add patch to src/patches
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update pptp from 1.7.2 (Jun 2008) to 1.10.0 (Jan 2018)
- No change to rootfile
- Removal of pptp-1.7.2-compat.patch as all changes to pptp_compat.c are
now included in the file in the new tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
