webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
16,364 Commits 2 Branches 1 Tag
dccd7e874bf53efd9642756a3ed60abc95df43bb
Commit Graph

1093 Commits

Author SHA1 Message Date
Michael Tremer
dccd7e874b IPsec: Allow sending DNS server addresses to RW clients 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-05-05 11:27:04 +00:00
Michael Tremer
c7fe09c6ad vpnmain.cgi: Add field for roadwarrior endpoint 
This is the IP address or FQDN which will be written into
Apple Configuration profiles as public peer address.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-05-05 11:27:04 +00:00
Michael Tremer
26a0befd75 IPsec: Add prototype to export Apple Configuration profiles 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-05-05 11:21:00 +00:00
Michael Tremer
1d69b1a07f Update languages 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-08 10:20:18 +00:00
Michael Tremer
50365e4bb1 Update translation issues 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-07 13:12:14 +00:00
Stéphane Pautrel
b037af96cd Update French translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 14:39:09 +00:00
Leo-Andres Hofmann
715aa887b6 zoneconf.cgi: Fix VLAN tag range check 
Use the correct VLAN tag range 1-4094 and add an error message
to the range check.
The missing error message was discovered by Jonatan.

Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 10:37:47 +00:00
Leo-Andres Hofmann
5867e4a511 Rename update accelerator passive mode 
Fixes #12577

Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-04 10:49:57 +00:00
Michael Tremer
ffafaa71a6 firewall: Remove ALGs from UI 
This change drops the UIs that could enable ALGs for various protocols.

Those have been all forcibly disabled because "NAT Slipstream".

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-02 18:45:13 +00:00
Michael Tremer
08ab1b41dd Run "./make.sh lang" 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-02-22 19:01:07 +00:00
Michael Tremer
72c8478ee5 lang: Actually check Polish translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-02-22 13:41:31 +00:00
Roberto Peña
2f44c09d80 Add Spanish translations for Captive Portal 
- Ran ./make lang before adding translations and git status was clear
- Ran ./make lang after adding translations and git status included also
    doc/language_issues.pl although I did not change anything for Polish
    and it was clear before making any changes

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-02-22 11:30:15 +00:00
Michael Tremer
e902ebe3be wirelessclient.cgi: Show when 802.11w is active 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-02-16 17:41:23 +01:00
Michael Tremer
51605e1b52 Update languages 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-02-03 22:30:37 +00:00
Michael Tremer
5addf34780 wireless client: Add support for WPA3 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-01-12 10:38:59 +00:00
Stéphane Pautrel
438fce1f19 lang: Update French translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-29 10:16:08 +00:00
Michael Tremer
73a92c604c Run "./make.sh lang" 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-24 12:01:12 +00:00
Adolf Belka
9dbf3c4936 Fix for bug 10743 
This adds in the option to have "deny known clients" in dhcpd.conf
This is applied to the range command so applies to the dynamic addresses
given.
If you have just a range statement say in blue then if you are not using
vlans you could have the situation where a known host in green might end
up getting a lease from the blue range. Here a deny known-clients makes
sense. Your range in this case would be limited to only unknown clients if
deny known-clients was selected.
dhcp WUI has been modified to add in this command. Error message has been
added to check that a range has been specified if the deny unknown clients
checkbox has been selected.
Language files updated with additional items (English, German & Dutch).

For more information on the history of this please see the bugzilla entry
Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-12-21 16:48:01 +00:00
Michael Tremer
0291b69ec6 Run "./make.sh lang" 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-25 17:21:56 +00:00
Peter Müller
7b405169be en.pl: fix accidentially removed line by ./make.sh langs 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-16 18:42:44 +00:00
Michael Tremer
1ba481b3f4 Run "./make.sh lang" 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-11 18:30:45 +00:00
Michael Tremer
65ef52a335 DNS: Make YouTube configurable for Safe Search 
When safe search is enabled, it is being enabled on YouTube, too.

This creates problems in some scenarios like schools where politics
is being tought as well as other subjects that might be censored by
YouTube (i.e. election TV spots).

Therefore it is now possible to exclude YouTube from Safe Search
but keep it enabled for the search engines.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-11 12:08:21 +00:00
Michael Tremer
0c6112b0b3 Run "./make.sh lang" 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-11-07 13:27:43 +00:00
Stéphane Pautrel
5e1579023a Update French translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-29 10:38:09 +00:00
Michael Tremer
13cbb92ad4 hostapd: Allow to make Management Frame Protection optional 
WPA3 mandates MFP, but many clients do not support it at all.

Therefore this can now be set to optional and clients will
fall back to WPA2.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-27 11:56:30 +00:00
Michael Tremer
21b4b0c78b Update languages 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-23 10:07:37 +00:00
Michael Tremer
36bcdbf7e4 samba: Refactor user management 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-13 17:06:19 +01:00
Michael Tremer
f94e17c7c2 samba: Replace security setting with server role 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-13 17:06:18 +01:00
Michael Tremer
e1e399fb10 samba: Replace icons on top of page with buttons 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-13 17:06:17 +01:00
Michael Tremer
9e329f75d6 samba: Refactor service status 
No functional changes

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-13 17:06:17 +01:00
Michael Tremer
01c4d3ba06 samba: Add option to require clients to encrypt the connection 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-10-13 17:06:16 +01:00
Stéphane Pautrel
b0a707e5a1 Update French translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-09-30 10:26:33 +00:00
Michael Tremer
1ebd84f438 netother.cgi: Fix typo in Connection Tracking headline 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-09-29 13:49:59 +00:00
Michael Tremer
81716b0534 Update languages 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-09-24 17:36:37 +00:00
Michael Tremer
8ffdc78c49 web UI: Add graph for connection tracking 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-19 19:13:10 +00:00
Michael Tremer
fa8edb9bd7 index.cgi: Show a note to people who are running IPFire on i?86 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:08:23 +00:00
Michael Tremer
c0fe5ea579 index.cgi: Drop Reiser4 warning 
We have dropped Reiser4 in 2013. There won't be any systems out there
any more running it. We can safely drop this warning.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:08:22 +00:00
Michael Tremer
4576ca4cc7 make.sh: Add cross-building for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-08-05 18:47:36 +00:00
Stéphane Pautrel
cd6bd02f53 fr: Update French translation 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-07-27 18:09:27 +00:00
Stefan Schantl
af7f9fc43d :xMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-switch-to-libloc 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-07-03 18:48:30 +02:00
Arne Fitzenreiter
96253783d4 update credits.cgi and langs doku 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-07-02 11:22:17 +00:00
Peter Müller
0f8251fe64 Revert "proxy: Remove AUTH_IPCACHE_TTL" 
This reverts commit dc637f087f.

Rationale: "authenticate_ip_ttl" can be safely used as it does not
introduces an authentication bypass, but saves relationships between
successfully authenticated users and their IP addresses.

"max_user_ip" depends on such an authentication cache, so credential
sharing between several IPs (on purpose or by chance) can be detected
properly. This is useful in case of crompromised machines and/or
attackers in internal networks having stolen proxy authentication
credentials.

Quoted from squid.conf.documented or man 5 squid.conf:

>       acl aclname max_user_ip [-s] number
>         # This will be matched when the user attempts to log in from more
>         # than <number> different ip addresses. The authenticate_ip_ttl
>         # parameter controls the timeout on the ip entries. [fast]
>         # If -s is specified the limit is strict, denying browsing
>         # from any further IP addresses until the ttl has expired. Without
>         # -s Squid will just annoy the user by "randomly" denying requests.
>         # (the counter is reset each time the limit is reached and a
>         # request is denied)
>         # NOTE: in acceleration mode or where there is mesh of child proxies,
>         # clients may appear to come from multiple addresses if they are
>         # going through proxy farms, so a limit of 1 may cause user problems.

Fixes: #11994

Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-07-01 12:08:10 +00:00
Michael Tremer
af6aedb6d3 location: Remove "GeoIP" from the UI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-12 16:12:06 +02:00
Michael Tremer
5011657a7b de: Fix typo in "received" 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-18 20:08:49 +00:00
Stéphane Pautrel
1a2cc05fef fr: Add missing strings 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-18 20:08:33 +00:00
Stéphane Pautrel
e0f480cdef lang: Update French translation 
* Adds testing and unstable repository via Pakfire
* TLS email modes
* etc.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 12:02:10 +00:00
Michael Tremer
abeb95489d Update translations 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-05-09 12:01:55 +00:00
Peter Müller
9d436e214a de.pl: update German translations 
This patch adds German translations for the new DNS CGI, some parts of
the hardware vulnerability mitigation CGI, improves some existing
translations and corrects some Deppenleerzeichen and Bildzeitungsbindestriche.

The third version of this patch is correctly based against upstream 'next',
honours Michaels opinion and contains updated language_issues.de and
language_missings files.

Since "./make lang" complains about missing translations marked as unused
in first place, no changes have been made to them in order to avoid
collateral damage.

Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-21 16:00:08 +00:00
Stéphane Pautrel
89440b2d0a lang: Improvements to French translation 
This patch adds translations for the new DNS part as well
as various improvements.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-03-01 19:46:07 +00:00
Michael Tremer
f61be862c6 pakfire.cgi: Add UI to select repository 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-02-15 11:08:43 +00:00