bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-13 20:42:58 +02:00

Author	SHA1	Message	Date
Erik Kapfer	63cbd2c1df	ipset: New package Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-11-05 11:47:14 +00:00
Arne Fitzenreiter	60fcb2410e	firewall: fix disable MASQERADE in green only mode. using MASQERADE_GREEN="off" will not work because "NETWORK_GREEN" is not correctly defined in green only mode. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-11-01 11:20:56 +01:00
Lars Schuhmacher	673351d8a2	Fix unnecessary space character in "E-Mail Absender" Fix unnecessary space character in "E-Mail Absender". Replaces the space character with a dash as is correct and already used in the other words in that part. Signed-off-by: Lars Schuhmacher <larsen007@web.de> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-10-31 19:44:42 +00:00
Arne Fitzenreiter	16cb6ae3d0	geo-ip: download initial database in background. on slow internet connections like gprs the first start hung many minutes. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-10-31 16:57:16 +01:00
Arne Fitzenreiter	bd64e2a02a	kernel: genksyms fix empty symbol crc. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-10-27 16:57:24 +01:00
Arne Fitzenreiter	038169b894	kernel: uppdate to 3.14.55 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-10-23 11:00:03 +02:00
Arne Fitzenreiter	4c5c4f3afc	Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next	2015-10-21 21:02:19 +02:00
Arne Fitzenreiter	52daacc5c4	kernel: update to 3.14.54 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-10-21 18:48:32 +02:00
Michael Tremer	364452506f	Merge remote-tracking branch 'ms/dhcp-rfc2136-broken-down' into next	2015-10-21 13:50:31 +01:00
Michael Tremer	80fbd89949	ipsec: Add block rules to avoid conntrack entries If an IPsec VPN connections is not established, there are rare cases when packets are supposed to be sent through that said tunnel and incorrectly handled. Those packets are sent to the default gateway an entry for this connection is created in the connection tracking table (usually only happens to UDP). All following packets are sent the same route even after the tunnel has been brought up. That leads to SIP phones not being able to register among other things. This patch adds firewall rules that these packets are rejected. That will sent a notification to the client that the tunnel is not up and avoid the connection to be added to the connection tracking table. Apart from a small performance penalty there should be no other side-effects. Fixes: #10908 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Cc: tomvend@rymes.com Cc: daniel.weismueller@ipfire.org Cc: morlix@morlix.de Reviewed-by: Timo Eissler <timo.eissler@ipfire.org>	2015-10-15 22:44:47 +01:00
Arne Fitzenreiter	1f011c6594	backports: add Tevii S482 patch Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-10-01 11:14:58 +02:00
Michael Tremer	dfe630f77c	Merge remote-tracking branch 'ms/experimental-vlan-hotplugging' into next	2015-09-28 14:33:49 +01:00
Arne Fitzenreiter	1f2bda9ba3	backports: enable build on x86_64. backports 4.1.1-1 is not stable so we need to stay on the older version. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-27 11:27:40 +02:00
Lars Schuhmacher	e3edceeb7a	Mark required input fields with a star Mark required input fields with a star as nowadays this is the de-facto default. Before, it was the other way around and optional fields were marked. Signed-off-by: Lars Schumacher <larsen007@web.de> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-21 16:40:41 +01:00
Michael Tremer	b1fb211827	Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next	2015-09-21 16:12:25 +01:00
Osmar Gonzalez	0a39488e4a	Corrected typo in networking.c Corrected "Misssing" to "Missing". Signed-off-by: Osmar Gonzalez <mibs510@gmail.com> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-20 13:31:15 +01:00
Arne Fitzenreiter	4d4f36ef55	kernel: Update pcengines apu led patch for x86_64 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2015-09-20 12:46:12 +02:00
Matthias Fischer	7f263dc736	Fixed some typos in initscript "Createing= => "Creating"... Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-19 18:50:54 +01:00
Matthias Fischer	f62ac3224c	dnsmasq: latest upstream patches dnsmasq: latest upstream patches Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-14 23:30:32 +01:00
Douglas Duckworth	6ee104aeb7	snort: Remove trailing slash in pid path Fixes: https://bugzilla.ipfire.org/show_bug.cgi?id=10924 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-14 23:19:50 +01:00
Michael Tremer	27957a3f2b	Merge remote-tracking branch 'ms/x86_64' into next	2015-09-11 15:06:09 +01:00
Michael Tremer	257ce821ee	fireinfo: Import upstream fixes Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-09 15:32:09 +01:00
Michael Tremer	71940784ef	fireinfo: Import upstream patch Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-09-01 00:12:31 +01:00
matthias.fischer@ipfire.org	f10a246946	squid 3.4.14: Import latest patch from upstream Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-31 23:26:38 +01:00
Alexander Marx	0f14446a89	Squid-accounting: New Version using dma mailservice Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-28 12:42:53 +01:00
Michael Tremer	8f4af2b25a	Merge branch 'dma' into next	2015-08-25 13:57:40 +01:00
Michael Tremer	377eaee288	openssl: Fix build on x86_64 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-22 23:29:45 +02:00
Michael Tremer	612c14d58b	glibc: Fix build with make version 4.0 and greater Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-22 17:22:16 +01:00
Michael Tremer	191976efbd	pcre: Fix more buffer overflows This reverts commit `cec620efdf`. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 21:29:46 +01:00
Michael Tremer	982ac2f7a2	postfix: Uninstall sendmail alternative when uninstalling Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 09:54:20 +01:00
Alexander Marx	5267e19c3a	make postfix ready for alternatives (chkconfig) Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-21 09:36:13 +01:00
Michael Tremer	ea0033d962	SSH: Replace old RSA keys with a new set Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-20 23:26:49 +01:00
Michael Tremer	04da8aa70a	Do not create any DSA keys any more DSA is considered weak cryptography Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-20 23:22:08 +01:00
Michael Tremer	cec620efdf	Revert "pcre: Fix more buffer overflows" This reverts commit `b62425e3e3`.	2015-08-19 20:30:50 +01:00
Michael Tremer	b62425e3e3	pcre: Fix more buffer overflows Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-17 23:36:36 +01:00
Matthias Fischer	f831e573d4	dnsmasq: latest upstream patches Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-17 20:53:21 +01:00
Michael Tremer	9eb008dc92	glibc: Import security fixes from upstream Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-17 20:49:34 +01:00
Michael Tremer	e628f99413	Remove left-over squid patch file	2015-08-07 20:37:53 +01:00
Michael Tremer	3db584817d	Remove old VLAN initscript Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-05 12:43:53 +01:00
Michael Tremer	d08045eaa6	dnsmasq: Update to 2.75 Rather severe regression in handling DNSSEC with CNAMEs. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-08-01 20:23:34 +01:00
Larsen	60f8111d53	squid-accounting: Fix typos in src/squid-accounting/acct.en.pl Fix typos in src/squid-accounting/acct.en.pl Signed-off-by: Lars Schuhmacher <larsen007@web.de> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-29 16:20:37 +01:00
Michael Tremer	a722eae9dd	ddns: Update to version 008 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-16 12:02:08 +02:00
Michael Tremer	b720e70288	cups: Update to 1.7.5 and fix for CVE-2015-1158 and CVE-2015-1159 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-14 17:15:00 +02:00
Michael Tremer	5929298ea1	pcre: Fix CVE-2015-5073 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-14 17:14:13 +02:00
Arne Fitzenreiter	c9ab30c5d3	kernel: fix trim dataloss on some solid state discs disable trim on SuperSSpeed S238 update queued trim blacklist from kernel 4.2rc1 (add Samsung SSD 8xx and some Crucial and Micron SSD)	2015-07-13 22:00:57 +02:00
Michael Tremer	031becc0e2	pakfire: Resolve dependencies for upgraded packages When updating more than one package, only new dependencies for the first one are resolved. The rest was ignored. This patch fixes that. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 21:01:10 +02:00
Michael Tremer	5555c4b887	pakfire: Fix installing dependencies when updating packages Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 20:53:33 +02:00
Michael Tremer	8c8383e55e	Remove dnsmasq patches These are not applied any more because dnsmasq was updated to the latest release version. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 13:10:46 +02:00
Michael Tremer	d6c40f585d	squid: Apply fix for Squid Advisory SQUID-2015:2 Squid configured with cache_peer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. The bug is important because it allows remote clients to bypass security in an explicit gateway proxy. However, the bug is exploitable only if you have configured cache_peer to receive CONNECT requests. http://www.squid-cache.org/Advisories/SQUID-2015_2.txt Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2015-07-09 13:10:38 +02:00
Arne Fitzenreiter	c50d4f54b6	kernel: fix missing rootdev on xen installation.	2015-07-09 13:10:23 +02:00

1 2 3 4 5 ...

2683 Commits