bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 11:13:24 +02:00

Author	SHA1	Message	Date
Stefan Schantl	dc7466ce9a	index.cgi: Do not longer display the DNS servers. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-09 16:30:10 +01:00
Stefan Schantl	9f9b2b8ebc	guardian: Remove code for DNS servers. In the past this code was used to add the DNS servers to the ignore list and prevent them from being blocked by guardian. Because of the switch to suricata as IPS, guardian now prevents from password brute-forcing on SSH and/or the webserver, so this code is not longer needed and safly can be removed. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-09 09:15:05 +01:00
Stefan Schantl	9702252470	dns.cgi: Move grab_address_from_file function to general-functions.pl Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 18:44:41 +01:00
Stefan Schantl	8f4bde6574	dns.cgi: Also restart unbound if a server got enabled/disabled Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 18:19:58 +01:00
Stefan Schantl	46cc88ed22	dns.cgi: Remove accidently commited debug code Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 18:15:33 +01:00
Stefan Schantl	719db1cdb8	dns.cgi: Restart unbound Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 18:12:38 +01:00
Stefan Schantl	770ea81ee5	dns.cgi: Display DNS system status. For this, a test query to the local unbound instance will be sent and if the DNS system work properly can be answerd. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 18:00:15 +01:00
Stefan Schantl	4314099302	dns.cgi: Perform server checks on user request Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 17:44:55 +01:00
Stefan Schantl	a969acc7d7	dns.cgi: Remove hard-coded box title. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 15:22:56 +01:00
Stefan Schantl	03e466de35	dns.cgi: Do not perform kdig tests when adding a server Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 12:58:50 +01:00
Stefan Schantl	038f962ea0	dns.cgi: Check for empty server address. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 12:12:29 +01:00
Stefan Schantl	70187da6a6	dns.cgi: Perform kdig tests only if the system is online. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 11:13:05 +01:00
Stefan Schantl	f36855fe73	dns.cgi: Introduce red_is_active() Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 11:12:42 +01:00
Stefan Schantl	f10fb4bf43	dns.cgi: Always display the input field for TLS_HOSTNAME * Mark it as required if the protocol is set to TLS. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 10:35:52 +01:00
Stefan Schantl	25dda4a082	dns.cgi: Only perform reverse lookups if the system is online Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-08 10:35:24 +01:00
Michael Tremer	77c7a94cdd	dns.cgi: Show ISP name servers as disabled Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 14:49:54 +00:00
Michael Tremer	984f14bdc4	dns.cgi: Fix handling of WARNINGs from kdig There might be multiple warnings which must all be shown to the user. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 14:41:13 +00:00
Michael Tremer	71471d9bde	dns.cgi: Remove smartmatch operator Perl likes to make things difficult Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 13:46:11 +00:00
Michael Tremer	dab1258a78	dns.cgi: Timeout after 2 seconds for DNS server checks Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 13:45:21 +00:00
Michael Tremer	1434fa0df5	DNS: Write name servers received from ISP to /var/run/dns{1,2} Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 13:35:45 +00:00
Michael Tremer	3bf804e834	dns.cgi: Set EDNS buffer size to 1232 References: #12240 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 11:06:10 +00:00
Michael Tremer	e8981e3c8f	netexternal.cgi: Drop DNSSEC status This has now been moved to the new dns.cgi. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-01-07 10:45:08 +00:00
Stefan Schantl	24d7c5ef6b	dns.cgi: Rework to allow central DNS configuration. Fixes #12237. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-07 10:30:37 +01:00
Stefan Schantl	456f0b06f4	pppsetup.cgi: Remove support for configure DNS settings. Fixes #12234. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2020-01-05 12:37:57 +01:00
Stefan Schantl	51b63b4186	IDS: Allow to inspect traffic from or to OpenVPN This commit allows to configure suricata to monitor traffic from or to OpenVPN tunnels. This includes the RW server and all established N2N connections. Because the RW server and/or each N2N connection uses it's own tun? device, it is only possible to enable monitoring all of them or to disable monitoring entirely. Fixes #12111. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-12-29 19:12:06 +00:00
Stefan Schantl	4e033257ef	ipinfo.cgi: Use continent RIR whois server. Determine the continent for the current processed IP-Address and send the request to the responsible whois server of the local RIR instead of sending all requests to ARIN. Fixes #11267. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-12 12:12:59 +01:00
Arne Fitzenreiter	f23b944ecb	core139: finish Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-12-09 18:48:07 +01:00
Erik Kapfer	6a9d9ff4af	ovpn: Fix LZO checkbox restore Triggered by --> https://community.ipfire.org/t/openvpn-is-lzo-compression-now-effectively-disabled/503 . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-12-06 16:39:55 +00:00
Stefan Schantl	95bb1a5c95	logs.cgi/showrequrestfromcountry.dat: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:42:09 +01:00
Stefan Schantl	9288b11011	remote.cgi: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:39:54 +01:00
Stefan Schantl	83ccdf7fea	openvpnmain.cgi: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:36:48 +01:00
Stefan Schantl	bb7ba3b404	netexternal.cgi: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:33:54 +01:00
Stefan Schantl	50494dfd6e	logs.cgi/*: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:30:39 +01:00
Stefan Schantl	87bc6401bc	connections.cgi: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:22:01 +01:00
Stefan Schantl	13c0fb7910	ipinfo.cgi: Use new location lookup method. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-12-06 14:21:08 +01:00
Arne Fitzenreiter	d346d47467	up/down beep: move from ppp ip-up/down to general red.up/down Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-12-01 15:29:59 +01:00
Alexander Marx	650aac182e	BUG12245: captive portal - clients are not automatically removed With this patch the clients are updated and those who are expired get deleted from the hash. In addition the table of active clients is now sorted. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-30 09:53:04 +00:00
Arne Fitzenreiter	b007a35292	vulnearabilities.cgi: add tsx async abort and itlb_multihit Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-14 22:10:04 +01:00
Stefan Schantl	a40ee6b9bf	ids.cgi: Generate and store the DNS server configuration. This will be done by the recently added generate_dns_servers_file() function from ids-functions.pl. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-13 19:13:25 +00:00
Erik Kapfer	fa5274763c	OpenVPN: Fix max-clients option Fix: Triggered by https://forum.ipfire.org/viewtopic.php?f=16&t=23551 Since the 'DHCP_WINS' cgiparam has been set for the max-client directive, changes in the WUI has not been adapted to server.conf. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-13 18:55:15 +00:00
Michael Tremer	095bf49407	mail.cgi: Do not print content of input fields This was printed unescaped and could therefore be used for a stored XSS attack. Fixes: #12226 Reported-by: Pisher Honda <pisher24@gmail.com> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-13 18:41:02 +00:00
Michael Tremer	0a340fbe1e	mail.cgi: Always check content of fields These checks did not do anything but clear all fields when mailing was disabled. It makes a lot more sense to retain people's settings, even when they have been disabled. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-13 18:41:01 +00:00
Michael Tremer	76bf53db8b	QoS: Drop support for setting TOS bits per class This is useless since no ISP will evaluate those settings any more and it has a rather large impact on throughput. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-21 18:58:31 +00:00
Michael Tremer	afe23fbb52	QoS: Drop support for subclasses This feature was never properly implemented and the UI was dead Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-21 18:58:12 +00:00
Arne Fitzenreiter	50e97cd55f	Revert "QoS: Drop support for subclasses" This reverts commit `bc4d4da870`.	2019-10-20 20:18:00 +00:00
Arne Fitzenreiter	6aeaa3a75e	Revert "QoS: Drop support for setting TOS bits per class" This reverts commit `3174d9c6b6`.	2019-10-20 20:17:18 +00:00
Michael Tremer	2ad1b18bdb	vpnmain.cgi+ovpnmain.cgi: Fix file upload with new versions of Perl File uploads did not work since Perl was upgraded. This patch fixes that problem by only checking if an object was returned instead of performing a string comparison. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-14 18:10:20 +00:00
Michael Tremer	3174d9c6b6	QoS: Drop support for setting TOS bits per class This is useless since no ISP will evaluate those settings any more and it has a rather large impact on throughput. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-14 18:04:53 +00:00
Michael Tremer	bc4d4da870	QoS: Drop support for subclasses This feature was never properly implemented and the UI was dead Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-14 18:04:39 +00:00
peter.mueller@ipfire.org	fe9fb38682	fix link to public DNS server list in dns.cgi Fixes: #11851 Reported-by: Dani W <assgex@gmail.com> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-14 17:41:49 +00:00

... 3 4 5 6 7 ...

2509 Commits