webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-21 08:22:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,839 Commits 2 Branches 1 Tag
d66433fca6323940ac217d7a0834a0b178d509eb
Commit Graph

12839 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
d66433fca6 strongswan: Manually install all routes for non-routed VPNs 
This is a regression from disabling charon.install_routes.

VPNs are routing fine as long as traffic is passing through
the firewall. Traps are not propertly used as long as these
routes are not present and therefore we won't trigger any
tunnels when traffic originates from the firewall.

Fixes: #12045
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-09 07:22:26 +02:00
Michael Tremer
49ce16f9be core130: Ship updated wget 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-09 07:21:15 +02:00
Matthias Fischer
8d76eb2085 wget: Update to 1.20.2 
For details see:
https://fossies.org/linux/wget/ChangeLog

Excerpt from "NEWS":

* Changes in Wget 1.20.2
** NTLM authentication will retry under certain cases
** Fixed a buffer overflow vulnerability"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-09 07:20:48 +02:00
Matthias Fischer
bfd5cfa9c6 clamav: Update to 0.101.2 
For details see:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html

"ClamAV 0.101.2 is a patch release to address a handful of security related bugs."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-09 07:19:34 +02:00
Michael Tremer
a485606c27 ipsec-interfaces: Apply static routes (again) after creating IPsec interfaces 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-09 07:18:42 +02:00
Peter Müller
4fc1a0045b amavisd: update to 2.11.1 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-13 09:35:07 +00:00
Peter Müller
867151a8b2 Postfix: update to 3.4.3 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-13 09:35:07 +00:00
Michael Tremer
5ea26096ca installer: Set the clock correctly when installing over network 
If a system has a not very up to date clock, downloading files
over HTTPS is impossible.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-13 09:35:07 +00:00
Arne Fitzenreiter
9deeda77b6 core129: finish update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 15:18:52 +01:00
Arne Fitzenreiter
668119063c u-boot: try to boot without ramdisk if the system cannot load it 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 15:17:28 +01:00
Arne Fitzenreiter
eaf004a468 knot: update to 2.8.0 and build/install only kdig 
This fix compile errors on small arm boards. (cc1 internal error)

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 15:06:23 +01:00
Arne Fitzenreiter
b57220aacd groff: update to 1.22.4 
This fix compile problems on small arm boards. (cc1 internal error)

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 15:04:40 +01:00
Arne Fitzenreiter
c448474fc7 Revert "kernel: cleanup unused rpi patch" 
This reverts commit a2d49659f3.

The patch is still needed to prevent strange crashes

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 09:39:07 +01:00
Michael Tremer
beac548962 Update list of contributors 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 15:58:45 +00:00
Michael Tremer
e26e86dcaa core129: Ship updated dnsforward.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 15:58:04 +00:00
Michael Tremer
56947acb12 Merge remote-tracking branch 'ms/dns-forwarding' into next 2019-03-11 15:57:15 +00:00
Michael Tremer
f1042a5d44 core129: Ship updated dhcp.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 09:54:19 +00:00
Michael Tremer
8288c0394b Merge remote-tracking branch 'ms/dhcp' into next 2019-03-11 09:53:56 +00:00
Peter Müller
04f9321955 Tor WebUI: drop relay bandwith options < 1 MBit/s 
Tor requires at least 1 MBit/s in order to participate.

Fixes #12001

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 09:52:54 +00:00
Michael Tremer
199db95a70 dnsdist: Limit to fewer concurrent build processes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 09:38:56 +00:00
Michael Tremer
61424e9c67 core129: Ship updated less 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:23:22 +00:00
Peter Müller
9f7524c8b0 less: update to 530 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:22:53 +00:00
Peter Müller
e29c6d29c9 Postfix: update to 3.4.1 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:22:39 +00:00
Matthias Fischer
15b1a3e360 slang: revert parallelized build 
This partially reverts https://git.ipfire.org/?p=ipfire-2.x.git;a=blob;f=lfs/slang;h=217e74c77317d4c829913f934458779fd278bf29;hb=23164efba5f57b3d8ccb07a166b613f2f951e1b6

'slang 2.3.0' doesn't like "$(MAKETUNING)"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:22:21 +00:00
Michael Tremer
50fcec161c /etc/group: Order groups by ID 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 10:11:23 +00:00
Michael Tremer
3d0a190843 /etc/passwd: Order users by ID 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 10:08:02 +00:00
Michael Tremer
7996c5fee9 zabbix_agent: Create /var/run/zabbix in initscript 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 10:04:28 +00:00
Michael Tremer
661fdb02c2 zabbix_agent: Ensure that the user exists on all systems 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 09:58:56 +00:00
Alexander Koch
06fc6170a2 zabbix_agentd: New addon 
New addon for monitoring IPFire by Zabbix Monitoring (https://www.zabbix.com/features).
See https://forum.ipfire.org/viewtopic.php?f=52&t=22039 and https://lists.ipfire.org/pipermail/development/2019-February/005324.html for further details.

Best regards,
Alex

Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 09:55:18 +00:00
Erik Kapfer
57d1564b3e iptables: Commented legacy ip(6)tables entries from ROOTFILE 
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 09:49:07 +00:00
Michael Tremer
c0ac5ae2a7 installer: Download ISO via HTTPS 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-07 11:27:19 +00:00
Michael Tremer
ea8a02c232 Revert "boost: Build with -O2 only" 
This reverts commit 9ff5b381eb.

Boost wants to build with -O3 no matter what

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-07 10:29:31 +00:00
Michael Tremer
1ececb67a1 unbound: Mark domains as insecure from DNS forwarding 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-05 16:58:29 +00:00
Michael Tremer
025d8e6318 DNS Forwarding: Add UI to Allow to disable DNSSEC for a zone 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-05 16:10:17 +00:00
Michael Tremer
71a355c3a2 Merge branch 'ipsec-on-demand' into next 2019-03-05 15:25:36 +00:00
Michael Tremer
b15b70bc6b vpnmain.cgi: Make on-demand mode default for IPsec VPNs 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-05 15:24:19 +00:00
Michael Tremer
eb09c90ef4 vpnmain.cgi: Carry over START_ACTION attribute correctly 
This setting was not carried correctly and therefore the default was ignored.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-05 15:23:33 +00:00
Michael Tremer
297473d5f4 make.sh: Fit more processes into memory 
Because we have a good way to limit processes now, we should
increase the default size a little bit

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 17:21:15 +00:00
Michael Tremer
9ff5b381eb boost: Build with -O2 only 
This should increase build speed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 17:20:52 +00:00
Michael Tremer
d53537ced9 Config: Builds don't seem to like the space 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:57:22 +00:00
Michael Tremer
a843073c8e perl: Limit build to 23 parallel processes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:52:34 +00:00
Michael Tremer
7691a1bfe7 make.sh: Introduce MAX_PARALLELISM 
This will now adjust MAKETUNING to not launch more processes
than MAX_PARALLELISM. Handy to limit builds that use a lot of memory.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:51:08 +00:00
Michael Tremer
eeee108f18 make.sh: Drop MAKETUNING 
This is now set in lfs/Config

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:45:30 +00:00
Michael Tremer
77c863a2f1 make.sh: Introduce DEFAULT_PARALLELISM 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:43:47 +00:00
Michael Tremer
e4ee36fa17 make.sh: Use variable instead of calling system_processors function again 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:38:38 +00:00
Michael Tremer
deffc27598 make.sh: Rename HOST_MEM to SYSTEM_MEMORY 
We had two variables holding the same data

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:35:15 +00:00
Michael Tremer
8556093359 make.sh: Pass number of processors and total memory so that we can adjust MAKETUNING 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:33:50 +00:00
Wolfgang Apolinarski
23164efba5 Parallelized build for several packages 
Added $(MAKETUNING) to several packages.
Marked packages that do not support parallel build.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:02:03 +00:00
Michael Tremer
ea9cb48ae7 core129: Ship wpa_supplicant 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 09:26:58 +00:00
Matthias Fischer
b2ee5e8aa4 wpa_supplicant: Update to 2.7 
For details see:
https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 09:26:58 +00:00