webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 04:05:53 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,101 Commits 2 Branches 1 Tag
dc6ed83537e1bcc1347ad16bee095ef4d641bc69
Commit Graph

3077 Commits

Author SHA1 Message Date
Matthias Fischer
e3fc1d0a2b apache: Update to 2.4.28 
http://apache.mirror.digionline.de//httpd/CHANGES_2.4.28

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-09 14:46:00 +01:00
Michael Tremer
6772cc8035 Download ISO images from https://downloads.ipfire.org 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-06 13:03:40 +01:00
Michael Tremer
5e6fcc8844 Pull latest translations for installer & setup from Transifex 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-06 12:15:26 +01:00
Michael Tremer
cb40ff6027 captive portal: Reload firewall rules after cleanup 
This is not necessary to stop any clients from accessing the
Internet, but if we know that we don't need a line for certain
any more, we can as well remove the firewall rule straight away.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:09:58 +02:00
Michael Tremer
9c83954567 captivectrl: Remove unused code 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:06:45 +02:00
Michael Tremer
b1773d1a37 captive portal: Don't remove unlimited access after one hour 
Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 12:04:29 +02:00
Michael Tremer
027614d2dc Merge branch 'captive-portal' into next 2017-10-04 16:10:07 +01:00
Arne Fitzenreiter
3aa4579f8f Merge remote-tracking branch 'origin/next' 2017-09-23 10:38:18 +02:00
Michael Tremer
5511fa319a captive: Fix another typo in captivectrl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
abc41f02dd captive: Do not generally allow access to TCP/1013 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
fb1d26d1bc captivectrl: Add protection against DNS tunnels 
Limit the amount of DNS traffic for each client that
has not registered, yet.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
76ece32362 captivectrl: Skip all lines that start with # 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Alexander Marx
07d56062a9 Captive-Portal: fix cleanup script 
The cleanup-script did not write back the hash after the expired voucher
was delted

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:45 +01:00
Alexander Marx
e01c5ab71a Captive-Portal: redesign Webinterface 
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Alexander Marx
bbaa3613b4 Captive-Portal: add captive chains to firewall initscript 
When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Alexander Marx
4d9002279f Captive-Portal: add crontab and cleanup scripts 
The cleanup script is called every hour and deletes expired clients from
the clients file.
every night the captivectrl warpper runs once to flush the chains and
reload rules for active clients

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
cec16b8242 captivectrl: Move sure that the settings are always initialised 
This just removes a compiler warning.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
5906c96206 wirelessctrl: Disable MAC filter on blue if captive portal is enabled 
Fixes #11038

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
0d6a599aba captivectrl: Add missing space character 
The iptables argument list was botched. Oops. Sorry.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
0c24f0a9df captivectrl: Support unlimited leases 
When the expiry time equals zero, the lease will have
no time constraints. The IP address will also be removed
as it might probably change.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
5fbeaf1333 captivectrl: Allow empty IP addresses 
Probably required for very long leases

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
7ef66b6199 captivectrl: Change format of clients configuration 
We store the start of the lease now and the time in
seconds after the lease expires

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:03 +01:00
Michael Tremer
ee40139d9a Captive Portal: add c-wrapper captivectrl 
This wrapper reads the captive settings and clients and sets the
firewall access rules. It is called every time the config changed or
everytime that a client changes. Also this wrapper is later called once
hourly to flush the chains and rebuild rules for actual clients.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Matthias Fischer
b76d0433be apache2: Import patch for CVE-2017-9798 ("optionsbleed") 
Imported from:
https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch

For details see:
https://nvd.nist.gov/vuln/detail/CVE-2017-9798

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-20 22:01:50 +01:00
Michael Tremer
b9863c8845 apache2: Import patch for PR61382 
We usually do not download patches, but rather ship them with
our source.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-07 12:27:43 +01:00
Wolfgang Apolinarski
d41fe99f74 Update to apache 2.4.27 
- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-04 12:40:20 +01:00
Arne Fitzenreiter
391e3390ef unbound: flush negative and bogus at update forwarders 
this resolves problems that negative answers from
a forwarder was still used after setting new servers.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-08-30 19:00:40 +02:00
Arne Fitzenreiter
68fac98a5b unbound: run time fix also after update forwarder 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-08-30 10:32:44 +02:00
Stephan Feddersen
fe6f676b35 WIO: fix the bugs reported in the forum 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-29 14:37:30 +01:00
Matthias Fischer
c60ad61a14 squid: Update to 3.5.27 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-23 11:32:33 +01:00
Arne Fitzenreiter
05478072cd unbound/ntp: move not working DNS fallback from ntp to unbound initskript 
the ntp initskript will only run at first connection try. If this fails
and the connection can established later DNS will not work if the clock
is too far away.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-08-15 20:20:16 +02:00
Arne Fitzenreiter
874eabd6f5 serial-console: remove baudrate from inittab 
new versions of agetty missinterpretes the baudrate and set it as TERM
without the parameter agetty use the previous rate that was set by the
kernel via console=XXX,Baudrate parameter.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-08-15 20:08:22 +02:00
Stephan Feddersen
1bee37ba2c WIO: wio.cgi edit how to get the ips for the networks 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-15 14:24:34 +01:00
Matthias Fischer
41d06f42b7 unbound: Update to 1.6.4 
Hi, ("...back in town...") ;-)

For details see:
http://www.unbound.net/download.html

I had to remove the patch file: it wouldn't apply.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-15 11:50:03 +01:00
Matthias Fischer
6edc270abc squid 3.5.26: latest patches (14169-14182) 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-15 11:49:51 +01:00
Stephan Feddersen
f539ff6d5d WIO: minor changes 
correct typo in wio.en.pl language file
add button in wio.cgi to change to systems logs (section wio)

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-15 11:45:54 +01:00
Stephan Feddersen
dec5269370 WIO: patch log.dat to show wio logs 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-15 11:45:51 +01:00
Stephan Feddersen
0d6cc79d98 WIO: first addon release v1.3.1 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-08-15 11:45:46 +01:00
Arne Fitzenreiter
da504bdc57 grub: ignore missing .symtab in modules 
old binutis add an empty .symtab section at stripping
and grub check that this exists also on modules that export
no symbols.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-07-05 17:42:21 +02:00
Michael Tremer
dff0a94825 directfb: Fix compilation on ARM 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-22 16:06:06 +01:00
Arne Fitzenreiter
0b4976e293 kernel: fix amba modules build with gcc6 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-06-20 06:12:45 +02:00
Arne Fitzenreiter
ad73e5ec63 kernel: rpi build fix 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-06-18 10:29:45 +02:00
Michael Tremer
15a2c03f5d glibc: Don't use locale-archive 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-15 11:45:19 +01:00
Matthias Fischer
772237d99f squid: Update to 3.5.26 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-14 15:52:33 +01:00
Matthias Fischer
c63136978f squid 3.5.25: latest patches (14155-14167) 
For details see:
http://www.squid-cache.org/Versions/v3/3.5/changesets/

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-14 15:52:33 +01:00
Michael Tremer
2ee623a89a stripper: Fix for newer versions of file 
The output has changed and this patch will now ignore any
additional output.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-07 10:34:58 +01:00
Michael Tremer
b98ca5fa2d stripper: Abort if stripping fails 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-07 10:34:43 +01:00
Marcel Lorenz
35d4925c74 7zip: update to 16.02 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-07 10:09:50 +01:00
Marcel Lorenz
d31ef401a6 gawk: update to 4.1.4 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-07 10:03:50 +01:00
Marcel Lorenz
8e700473ac remove old bash 3.2 patches 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-06-07 10:00:43 +01:00