bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-25 18:32:57 +02:00

Author	SHA1	Message	Date
Arne Fitzenreiter	4838034131	random: update initskript for machines with low entropy the script wait until crng is correct initialized before restore the random seed and make some disc io to work around low entropy at boot on some machines. Not really a fix but it should be better than reverting CVE-2018-1108 fixes from kernel. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-06-28 20:48:58 +02:00
Michael Tremer	7d06d0de7b	AWS: Restart udev to rename network interfaces Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-06-28 11:15:29 +01:00
Michael Tremer	fd52e82a72	setup: Write /etc/hosts in initscript Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-06-25 11:08:04 +01:00
Michael Tremer	6723afef09	apache: Write hostname into configuration at boot time Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-06-25 10:59:49 +01:00
Michael Tremer	bd3bcb45d6	AWS: Import aws setup script Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-06-25 10:55:39 +01:00
Michael Tremer	1c21ebf8d5	Add initscript that automatically configures IPFire on AWS EC2 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-06-21 16:45:40 +01:00
Arne Fitzenreiter	c8dfbfabf5	collectd: initskript: dont run sensors-detect on aarch64 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-06-21 06:18:49 +01:00
Arne Fitzenreiter	6cc7c2a3d0	collectd: move cpufreq plugin init because arm has no cpufrequtils Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-05-30 11:30:01 +02:00
Michael Tremer	ab91dde24b	rngd: Always start the daemon We cannot reliably detect in this script any more if the system has an actual HWRNG (/dev/hwrng always exists). Therefore we always start the daemon now and let it deal with what ever comes. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-05-22 20:25:03 +01:00
Michael Tremer	90940aded5	rngd: Update to version 6.2 Fixes #11737 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-05-22 20:23:42 +01:00
Arne Fitzenreiter	4a27765601	swconfig: update switch config script for Lamobo R1 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-05-16 10:40:36 +02:00
Arne Fitzenreiter	6077d53865	leds: dreamplug: the blue led has wrong name in dtb Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-22 10:24:36 +02:00
Arne Fitzenreiter	2b97294c8b	leds: rename dreamplug leds for new kernel Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-22 10:16:37 +02:00
Arne Fitzenreiter	c4172fad43	firstsetup: fix disabling tty's on scon mode Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-17 13:42:17 +02:00
Arne Fitzenreiter	eef0d706e8	acpid: start also if kernel has no acpi support. acpid is also needed for gpio and hid powerbuttons if there is no real acpi support. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-16 18:12:24 +02:00
Arne Fitzenreiter	6b56624445	flash-images: merge normal and scon to one image. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-12 16:36:31 +02:00
Michael Tremer	9a507db2cb	pakfire: Store key material in own directory Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-04-03 17:31:50 +01:00
Michael Tremer	74e715a5a2	pakfire: Import old key, too Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-04-02 15:46:40 +01:00
Michael Tremer	397d3a8e15	pakfire: Rename new key to pakfire-2018.key Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-04-02 15:46:40 +01:00
Michael Tremer	9f0999325d	unbound: Fix crash on startup Zone names should not be terminated with a dot. Fixes: #11689 Reported-by: Pontus Larsson <pontuslarsson51@yahoo.se> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-03-28 16:39:35 +01:00
Michael Tremer	e7ea357cec	Forgot to "git add" the new pakfire init script Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-03-20 11:08:58 +00:00
Peter Müller	438da7e0a0	test if nameservers with DNSSEC support return "ad"-flagged data DNSSEC-validating nameservers return an "ad" (Authenticated Data) flag in the DNS response header. This can be used as a negative indicator for DNSSEC validation: In case a nameserver does not return the flag, but failes to look up a domain with an invalid signature, it does not support DNSSEC validation. This makes it easier to detect nameservers which do not fully comply to the RFCs or try to tamper DNS queries. See bug #11595 (https://bugzilla.ipfire.org/show_bug.cgi?id=11595) for further details. The second version of this patch avoids unnecessary usage of grep. Thanks to Michael Tremer for the hint. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-03-05 15:19:55 +00:00
Michael Tremer	0eccedd1c8	dhcp: Allow adding extra DHCP interfaces Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-02-26 11:12:20 +00:00
Michael Tremer	2d5940daca	Drop MySQL This is outdated and still on 5.0.x and nobody volunteered to update this package. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-02-12 12:05:46 +00:00
Michael Tremer	a350ea6dea	Drop mISDN userspace tools This is unsupported for quite a while and nobody should be using this. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2018-02-12 11:41:50 +00:00
Michael Tremer	c7e41255bb	unbound: Fix reverse lookup zones These should be stubs and overlay the internal zones that unbound comes with. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Fixes: #11625	2018-02-11 17:44:21 +00:00
Michael Tremer	11e900e0b4	apache: Wait until apache has stopped when we want to stop it Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-28 14:14:16 +00:00
Michael Tremer	d409286074	apache: Ensure that not everyone can read the keys This would become a security risk if anyone gets shell access as any user to copy out the HTTPS keys. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-28 14:11:49 +00:00
Michael Tremer	9bb4055367	captive portal: Require authorization before redirecting to proxy Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-11 12:48:54 +00:00
Michael Tremer	682a6b2dc8	unbound: Silence error when upstream name servers cannot be read Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:02:28 +01:00
Arne Fitzenreiter	9064ba72fe	drop httpscert and merge to apache initskript Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-10-22 15:50:38 +02:00
Alexander Marx	bbaa3613b4	Captive-Portal: add captive chains to firewall initscript When loading the initscript of the firewall the neccessary chains for the captive portalneed to be created. Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>	2017-09-22 18:54:03 +01:00
Arne Fitzenreiter	391e3390ef	unbound: flush negative and bogus at update forwarders this resolves problems that negative answers from a forwarder was still used after setting new servers. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-08-30 19:00:40 +02:00
Arne Fitzenreiter	68fac98a5b	unbound: run time fix also after update forwarder Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-08-30 10:32:44 +02:00
Arne Fitzenreiter	05478072cd	unbound/ntp: move not working DNS fallback from ntp to unbound initskript the ntp initskript will only run at first connection try. If this fails and the connection can established later DNS will not work if the clock is too far away. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-08-15 20:20:16 +02:00
Arne Fitzenreiter	874eabd6f5	serial-console: remove baudrate from inittab new versions of agetty missinterpretes the baudrate and set it as TERM without the parameter agetty use the previous rate that was set by the kernel via console=XXX,Baudrate parameter. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-08-15 20:08:22 +02:00
Michael Tremer	f2c9478008	wlan client: Generate wpa_supplicant configuration file for EAP Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-05-05 11:31:36 +01:00
Michael Tremer	094a27c8f9	unbound: Update dnssec-status file The status file was not updated when DNSSEC was disabled before and has been enabled after which always caused the webif to show that DNSSEC was disabled. Fixes #11315 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-04-30 13:09:51 +01:00
Michael Tremer	183b23b5ca	DNS: Show DNSSEC status on index page if deavtivated Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-04-02 19:48:20 +01:00
Michael Tremer	4a0d69ca46	unbound: Increase memory size on even larger systems Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-03-28 10:29:03 +01:00
Michael Tremer	128db1a363	unbound: Double buffer size Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-03-28 10:25:39 +01:00
Michael Tremer	c20b20092f	unbound: Increase size of send/receive buffers This will allow to not drop any packets when there is a peak in queries Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-03-28 10:24:40 +01:00
Michael Tremer	5012e53c29	unbound: Re-use UDP sockets This will make UDP queries faster Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-03-28 10:17:33 +01:00
Michael Tremer	0a7dca2c5f	unbound: Increase number of parallel queries The parameters are the recommended values for libevent Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-03-28 10:16:56 +01:00
Jonatan Schlag	17f7f41e41	Merge branch 'next' into initscripts-cleanup	2017-03-03 14:56:35 +01:00
Jonatan Schlag	33f53d55cc	Move all initscripts for the system to src/initscripts/system Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>	2017-02-22 11:54:00 +01:00

1 2 3

146 Commits