webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-26 10:52:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,722 Commits 2 Branches 1 Tag
ed4b4c19b9e47229ead960bd43bcc9cd6a01413a
Commit Graph

7722 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Marx
eae92b2baf Firewall: Bug 10514 fixed 2014-04-14 23:16:59 +02:00
Arne Fitzenreiter
a78d662c7a kernel: update to 3.10.37. 2014-04-14 20:13:14 +02:00
Michael Tremer
1d3c37402c Merge remote-tracking branch 'ummeegge/openvpn' into next 2014-04-13 15:45:44 +02:00
Erik Kapfer
c2b5d12b34 OpenVPN:Add HMAC, cipher 'n2n' and DH key selection. Fixes and new design. 
Added HMAC algorithm selection menu for N2N and RW.
Added cipher selection menu for N2N connections.
Added DH key selection also for existing installations incl. DH key upload possibility.
Adjusted the ovpn main WUI design to IPSec WUI.
Extend key lenght for CA, cert and control channel with faktor 2.
Some code and typo cleanup.
Bugfixes for #10317, #10149, #10462, #10463
V.2 New changes:
Integrated changes in langs and ovpnmain.cgi until 20.03.2014 2.15-Beta3.
ovpn.cnf have now default bits of 2048 instead of 1024.
ovpn.cnf default_md works now with sha256 instead of md5.
Bugfix: By new installation the auth directive for RWs is faded out #10462 Comment 15.
Added error message if the crl should be displayed but no crl is present.
 2014-04-13 07:14:25 +02:00
Michael Tremer
d22294fa7e firewall: Fix outgoing OpenVPN N2N tunnel packets. 
Don't throw away packets from the firewall that pass through
an OpenVPN N2N tunnel.
 2014-04-12 16:17:20 +02:00
Michael Tremer
cc81c43053 firewall: Fix spelling and seperate spelling issues. 2014-04-12 16:01:11 +02:00
Michael Tremer
2dd3aa93f4 firewall: Change headlines for rule sections. 2014-04-12 15:55:44 +02:00
Michael Tremer
766c2f601d rules.pl: Rewrite P2P protocol filter. 2014-04-12 15:40:14 +02:00
Michael Tremer
28e003e486 firewall.cgi: Sort protocols alphabetically. 2014-04-12 15:23:45 +02:00
Michael Tremer
aa5f4b6568 firewall: Fix creation of automatic rules for the firewall. 
If the firewall is part of a local network (e.g. GREEN),
we automatically add rules that grant/forbid access for the firewall,
too.

This has been broken for various default policies other than ALLOWED.
 2014-04-12 15:16:08 +02:00
Michael Tremer
dd73ef846e media.cgi: Add missing 'tr'. 2014-04-12 12:18:57 +02:00
Michael Tremer
b04a34188c Merge branch 'master' into next 
Conflicts:
	doc/language_issues.tr
 2014-04-11 15:18:50 +02:00
Michael Tremer
21674d364b Update translations. 2014-04-11 15:17:21 +02:00
Michael Tremer
883aa361b0 Merge remote-tracking branch 'amarx/RC2-master' 2014-04-11 15:17:08 +02:00
Alexander Marx
0626fac1ac Firewall: When having rules with more than 3 protocols, show "many" and tooltip 2014-04-11 12:07:41 +02:00
Arne Fitzenreiter
9fa2794f08 kernel: disable intel mei. 
Intel Management Engine Interface is still crashing the kernel.
 2014-04-11 12:07:41 +02:00
Alexander Marx
712500d0dc Firewall: Fix 10510 - Show all protocols from servicegroups (GRE,IPIP,IPV6,...) 2014-04-10 08:19:56 +02:00
Arne Fitzenreiter
0cd7c451dd kernel: disable intel mei. 
Intel Management Engine Interface is still crashing the kernel.
 2014-04-09 18:20:46 +02:00
Michael Tremer
b8ec7b86ac firewall-policy: Remove empty line. 2014-04-09 15:14:25 +02:00
Michael Tremer
62ff8d9627 Fix missing Connection Scheduler strings. 2014-04-09 15:11:41 +02:00
Michael Tremer
48fde0b6f9 aliases.cgi: Mark name field as mandatory. 2014-04-09 14:19:16 +02:00
Michael Tremer
99f11a16f6 firewall: Apply destination NAT rules for the firewall itself, too. 2014-04-09 14:16:32 +02:00
Michael Tremer
fcc68a4277 firewall: Fix rule generation for protocols without ports. 2014-04-09 14:06:32 +02:00
Arne Fitzenreiter
b1f11b0402 openssl: update to 1.0.1g. 
Fix for CVE-2014-0160
Add TLS padding extension workaround for broken servers.
Fix for CVE-2014-0076
 2014-04-07 21:33:34 +02:00
Alexander Marx
1ccfb89eab Firewall: fix coloring of internet hosts 2014-04-07 16:53:01 +02:00
Alexander Marx
6effa000ec Firewall: Fix source preselection of alias when Firewall is selected 2014-04-07 16:52:55 +02:00
Alexander Marx
747d030a24 Firewall: BUGFIX 10505 2014-04-07 16:52:49 +02:00
Alexander Marx
476b122fa8 Firewall: BUGFIX 10507 2014-04-07 16:52:42 +02:00
Michael Tremer
2250019f7d Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x 2014-04-07 16:49:33 +02:00
Arne Fitzenreiter
1e7a2feaeb glibc: rootfile update (arm). 2014-04-07 00:35:31 +02:00
Arne Fitzenreiter
b3c0ff6239 kernel-header: rootfile update. 2014-04-06 23:34:32 +02:00
Michael Tremer
6cf0f959f0 media.cgi: Fix typo once again. 2014-04-06 17:24:13 +02:00
Ersan Yildirim
8824d89482 Update Turkish translation. 2014-04-06 17:22:31 +02:00
Michael Tremer
888911ed57 core76: Include changed /etc/sysctl.conf in update. 2014-04-06 12:53:30 +02:00
Arne Fitzenreiter
68561214b3 glibc: fix image, updater and filecount in installer. 
switch from locale-archive to normale locales add est. 5000 files.
todo: arm-rootfile.
 2014-04-06 10:29:27 +02:00
Michael Tremer
085a20ec8b firewall: Fix using aliases. 
Fix coding errors, actually read aliases configuration
and fall back to default RED IP address if no suitable
alias was found.
 2014-04-05 17:09:56 +02:00
Michael Tremer
1d9c1c3079 convert-portfw: Fix converting aliases. 
ALL is not suitable as it is not a valid configuration value.
 2014-04-05 17:08:17 +02:00
Michael Tremer
057b351186 Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x 2014-04-05 17:02:33 +02:00
Arne Fitzenreiter
c926c6375d firewall: fix green only mode. 
disable masquerade and green IP/NET check if internet is
connected via green.
 2014-04-05 11:04:25 +02:00
Arne Fitzenreiter
fee04791f4 apache2: update to 2.2.27. 2014-04-04 21:17:08 +02:00
Arne Fitzenreiter
8e05d96896 kernel: update to 3.10.36. 2014-04-04 13:53:41 +02:00
Arne Fitzenreiter
51e7782863 kernel: update to 3.10.35. 2014-04-03 10:06:47 +02:00
Michael Tremer
4e3ce5438b glibc: Install all known locales. 2014-04-01 16:24:50 +02:00
Michael Tremer
025741919a firewall: Fix perl coding error. 
Example:
	my @as = (1, 2, 3);
	foreach my $a (@as) {
		$a += 1;
		print "$a\n";
	}

$a will be a reference to the number in the array and not
copied. Therefore $a += 1 will change the numbers in the
array as well, so that after the loop the content of @as
would be (2, 3, 4).
To avoid that, the number needs to be copied into a new
variable like: my $b = $a; and we are fine.

This caused that the content of the @sources and @destinations
array has been altered for the second run of the loop and
incorrect (i.e. no) rules were created.
 2014-03-31 13:16:26 +02:00
Michael Tremer
c5fb845c4e Merge branch 'kernel-layer7-oom' 2014-03-30 23:28:35 +02:00
Michael Tremer
af8c09ff38 kernel: Update layer7 patch. 
Brings back the /proc interface and is supposed to
fix a memory leak.
 2014-03-30 23:26:29 +02:00
Michael Tremer
c26a9ed25c firewall-policy: Clarify policy rules. 
There are no functional changes here. Everything that
is not explicitely allowed is now forbidden when the
forward policy is "ALLOWED".
 2014-03-30 22:33:58 +02:00
Michael Tremer
ae6ae33f84 Merge branch 'beyond-next' into next 2014-03-30 00:21:33 +01:00
Arne Fitzenreiter
8089b78d9d firewall-policy: fix drop and logging on red0; 2014-03-29 15:06:35 +01:00
Arne Fitzenreiter
ea219d3a0f set version to IPFire 2.15 rc1. 2014-03-28 18:16:31 +01:00