The safe search code relied on working DNS resolution, but
was executed before unbound was even started and no network
was brought up.
That resulted in no records being created and nothing being
filtered.
This will now set/reset safe search when the system connects
to the Internet.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
some nic's like Intel e1000e needs a reinit to change the
mtu. In this case the dhcp hook reinit the nic and terminate now
to let the dhcpcd reinit the card in backgrounnd without running the
rest of the hooks.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
freshclam did not have a receive timeout set and a default of
60s was used. That causes that the large main database cannot
be downloaded over a line with a 16 MBit/s downlink.
This patch increases that timeout and should allow a successful
download on slower connections, too.
Suggested-by: Tim Fitzgeorge <ipfb@tfitzgeorge.me.uk>
Fixes: #12246
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
For details see:
https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html
"Fix for the following vulnerability affecting 0.102.0 and 0.101.4 and prior:
CVE-2019-15961:
A Denial-of-Service (DoS) vulnerability may occur when scanning
a specially crafted email file as a result of excessively long scan
times. The issue is resolved by implementing several maximums in parsing
MIME messages and by optimizing use of memory allocation.
Build system fixes to build clamav-milter, to correctly link with
libxml2 when detected, and to correctly detect fanotify for on-access
scanning feature support.
Signature load time is significantly reduced by changing to a more
efficient algorithm for loading signature patterns and allocating the AC
trie. Patch courtesy of Alberto Wu.
Introduced a new configure option to statically link libjson-c with
libclamav. Static linking with libjson is highly recommended to prevent
crashes in applications that use libclamav alongside another JSON
parsing library.
Null-dereference fix in email parser when using the --gen-json metadata
option.
Fixes for Authenticode parsing and certificate signature (.crb database)
bugs."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
With this patch the clients are updated and those who are expired get deleted from the hash.
In addition the table of active clients is now sorted.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
The backup did not pack the configuration file
due to an incorrect path.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
After upgrading to Core 136, 'calamaris' "Proxy reports" stayed empty.
GUI always show "No reports available".
Tested manually on console stops and throws an error:
...
root@ipfire: ~ # /usr/bin/perl /var/ipfire/proxy/calamaris/bin/mkreport
1 0 2019 8 10 2019 -d 10 -P 30 -t 10 -D 2 -u -r -1 -R 100 -s
Can't use 'defined(%hash)' (Maybe you should just omit the defined()?)
at /var/ipfire/proxy/calamaris/bin/calamaris line 2609.
...
Line 2609 was changed and reports are built again.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
