This patch adds a function to verify the user manual links
configuration file at build time.
Run with "./make.sh check-manualpages"
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
to proper filter IPSec im QoS without using mark or connmark i need ipt filters
for tc which are only build if iptables are build prior iproute2.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- ExtUtils-PkgConfig is required when building perl-GD
- lfs and rootfile created
- All rootfile entries commented out as only required for building of perl-GD
- added to make.sh file just before perl-GD
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Instead of having a very dodgy diff of filelists, this rsync call does
everything automatically and only requires authentication once.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Create lfs and rootfile
- Add exfatprogs to make.sh
- exfat is supported as a native kernel module since kernel 5.7
- This package requires CONFIG_EXFAT_FS=m to be set for the kernel module for each
architecture that will be supported. Currently that is only i586
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Final patch for removal of python2 from IPFire. This can be implemented in an
appropriate Core Update after all other python2 related patches have been implemented
and confirmed working.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This package adds an ASNBL helper for detecting Fast Flux setups and
selectively announced networks (i. e. FQDNs resolving to IP addresses
not being announced by an Autonomous System) to the distribution.
Afterwards, the helper script is located at /usr/bin/asnbl-helper.py .
The second version of this patch updates squid-asnbl to upstream version
0.2.2, improving logging in case of detected Fast Flux setups.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
u-boot for nanopi r2s (rockchip rk3328) need dtc to build the image
so this adds dtc as build dependency for u-boot
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Impementation of libyang-2.0.7 as a dependency for the build of frr
- Creation of rootfile with all entries commented out so that it is only used for the build
libyang is a YANG data modelling language parser and toolkit written (and providing API)
in C.In the future if there is demand to use these functions in frr then this package
may need to be moved from a build only option to a dependency for frr providing the
yang libraries.
- Added into make.sh just before frr
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- p11-kit required for certs extraction in building of python3 compatible ca-certificates
- p11-kit requires libtasn1 as a build dependency
- p11-kit and libtasn1 added to make.sh
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 1.2.15 (2013) to 2.0.16 (2021)
- Source file name changed from SDL to SDL2 so also deleted old sdl and created sdl2
files for rootfile and lfs
- Changelog is too large to include here. Details can be found in the WhatsNew.txt file
in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- crda only works with python2 version of m2crypto
python-m2crypto requires python-setuptools and python-typing
- With Linux kernel 4.15 and later the country code status check that crda did is built
into the kernel.
- So from kernel 4.15, crda can be removed, which allows removal of m2crypto, setuptools
and typing.
- python-typing is built into python3 so no additional python3 module required.
- python3 version of python-setuptools has already been installed.
- python3 version of python-m2crypto is not required. python-m2crypto is only used for the
build of crda.
- ipaddr can be removed as the function of this python2 module is built into python3 with
ipaddress.py
- removal of crda tested with 5.10.45 kernel and the setting of a country code was
recognised. If this test carried out with crda removed and 4.14.232 kernel then country
code stays defined as the global code "00".
- wlanap.cgi uses regdbdump from crda to create a text based list of the
wireless settings by country database. With the removal of crda a modification is
required to wireless-reg to copy the db.txt file to a specific location that wlan.cgi
can then access. db.txt is the text file version of the wireless settings by country
database.
- This series version copies the db.txt file and renames it regulatorydb.txt and places it in
/lib/firmware/
- This series version also corrects the loading command from regulatorydb.txt into the
@countrylist_cmd variable
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
binutils is using to compress LTO? debugging data. Since binutils linked
against zstd from stage2 is expecting data being compressed, we need to
have zstd available at the toolchain stage.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Setting it to something higher than the number of physical CPU cores was
a good idea when we used to have slow magnetic storage. That way, at
least there was always one process waiting for IO.
With modern fast flash-based storage, this does not hold any more since
it is fast enough that we don't need to have a couple of processes ready
to wait.
It will probably have made work for the scheduler more challenging since
more processes were ready and processes were moved around processors.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Because we are deactivating the compiler checksumming, we need to keep a
distinct cache between different versions of the toolchain.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This version has changed its build system to cmake and
can use zstd. We build zstd just before this package, but
depend on cmake from the host system.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
we have no supported armv5tel board left so we can switch to the higher
arch. This now can use the vpu (still in softfp calling convention to
not break existing installations.)
this fix many compile problems, also boost is now working again.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This package seems to be unmaintained for at least five years. It's
(former?) upstream traces back to https://section5.ch/index.php/2011/01/13/dpf-hacking/,
but download links to both dpfhack and a patched version of lcd4linux
point to http://localhost/.
http://tech.section5.ch/files/dpfhack-0.1alpha.tgz still serves
something apparently related to dpfhack, but it is unclear whether that
is a previous version than the "0.12devel" we know about, or a
successor. https://tech.section5.ch/files/dpfhack-0.1alpha.tgz, just to
have it noticed, comes with a X.509 certificate not issued for this
FQDN.
dpfhack is solely needed as a dependancy for lcd4linux, which appears to
be unmaintained as well, hence being dropped in a dedicated patch.
Given the status quo, bugs in dpfhack cannot be reported properly,
security issues won't be addressed (by anybody else then ourselves), and
technical questions cannot be clarified aside a reverse engineering
approach.
We should not allow such an add-on to be installed on a firewall system.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This package has not received any updates or attention within the last
three years. It's sole known upstream URL (https://ssl.bulix.org/projects/lcd4linux/)
returns a HTTP error 404 nowadays, and the author was unable to locate
any upstream source that appears to be still maintained today.
Given the status quo, bugs in lcd4linux cannot be reported properly,
security issues won't be addressed (by anybody else then ourselves), and
technical questions cannot be clarified aside a reverse engineering
approach.
We should not allow such an add-on to be installed on a firewall system.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.2.0 to 2.4.7
- Migrate from python2 to python3
- Move the rootfile from common to packages as pyparsing is an addon
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- python3-setuptools works with python3-daemon but not with
python-m2crypto. m2crypto has to stay with python2 because crda
will not find the python3 version of m2crypto.
- python-m2crypto only works with python-setuptools so both the
python2 and python3 versions of setuptools need to stay in place.
- Therefore this patch only creates python3-setuptools, it does not
remove python-setuptools
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This library has received no attention within the last three years. By
design, UPnP is a security risk on any firewall, and and outdated
version of a UPnP library definitely is.
This patch therefore drops libupnp completely.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
