webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,621 Commits 2 Branches 1 Tag
f155baa6f034f8935337578afd33cdc30fd37760
Commit Graph

10621 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marcel Lorenz
f155baa6f0 m4: update to 1.4.18 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 10:10:25 +01:00
Marcel Lorenz
e0e3f3a3e7 acpid: update to 2.0.28 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 10:06:46 +01:00
Marcel Lorenz
6c96150b45 unzip: update to 60 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 10:06:08 +01:00
Michael Tremer
49e3621c32 gzip: Drop patch that is no longer applied 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 10:04:34 +01:00
Marcel Lorenz
3b7a290523 gzip: update to 1.8 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 10:02:18 +01:00
Marcel Lorenz
361cc1bd0c file: update to 5.30 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 09:57:50 +01:00
Matthias Fischer
176ba83d49 logwatch 7.4.3: next fix, output for 'lm_sensors' was missing 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-06 09:56:16 +01:00
Matthias Fischer
cd31b51ea5 logwatch 7.4.3: some more fixes for rootfile 
Hi,

'eximstats', 'zz-sys' and 'resolver'-files were missing.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 14:10:48 +01:00
Daniel Weismüller
2dbfc4020d netsnmpd: added lmsensors and some other mibs 
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 12:23:32 +01:00
Michael Tremer
9bc2e596d0 IPsec: Include Curve 25519 in default proposal 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 12:16:52 +01:00
Michael Tremer
64056cae46 IPsec: Allow selecting Curve 25519 as group type 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 12:16:20 +01:00
Michael Tremer
1ef80c4352 strongswan: Update to version 5.5.2 
Introduces support for Curve25519 for IKE as defined by RFC8031.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 12:08:39 +01:00
Michael Tremer
570d54fd84 IPsec: Drop SHA1 and MODP<=1536 from proposed ciphers 
IPsec is still proposing to use SHA1 and MODP-1536 or MODP-1024
when initiating a connection. These are considered weak although
many off-the-shelf hardware is still using this as defaults.

This patch disables those algorithms and additionally changes
default behaviour to only accept the configured cipher suites.

This might create some interoperability issues, but increases
security of IPFire-to-IPFire IPsec connections.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 11:42:55 +01:00
Michael Tremer
4f6790a7e4 ipsecctrl: Reload IPsec block rules after connection is deleted 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 10:33:49 +01:00
Matthias Fischer
3fa1cb5f35 logwatch: Update to 7.4.3 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 10:08:24 +01:00
Matthias Fischer
9d8574996e logwatch 7.4.1: another fix for rootfile 
Hi,

similar to:

http://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=9f46e637ac345509ff75248d1087b1bff117ff20

A missing '#' for "usr/share/logwatch/default.conf/services" in rootfile.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 10:08:21 +01:00
Matthias Fischer
31b34f9509 logwatch 7.4.1: fix for rootfile 
Hi,

One missing '#' and all underlying 'services' in 'usr/share/logwatch/scripts/services'
are installed. 147 files are active, but it should be only 33.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-05 10:08:20 +01:00
Arne Fitzenreiter
09f518fbb1 mpd: mpd needs opus libs 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-04-04 19:14:31 +02:00
Arne Fitzenreiter
af7e2f072f Merge branch 'next' 2017-04-03 23:04:59 +02:00
Arne Fitzenreiter
7ea716b46b core110: finish update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-04-03 23:04:03 +02:00
Matthias Fischer
bffe0abd59 squid: Update to 3.5.25 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-03 20:28:12 +01:00
Matthias Fischer
24a80f0c22 squid 3.5.24: latest patches (14149-14153) 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-03 11:11:20 +01:00
Matthias Fischer
a5c0ef3679 squid 3.5.24: latest patches (14144-14148) 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-03 11:11:13 +01:00
Matthias Fischer
39e7154976 squid 3.5.24: latest patch (14143) 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-03 11:11:12 +01:00
Michael Tremer
183b23b5ca DNS: Show DNSSEC status on index page if deavtivated 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-02 19:48:20 +01:00
Michael Tremer
73b3a1264f core110: Ship updated ntp package 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:20:50 +01:00
Matthias Fischer
776363274f ntp: Update to 4.2.8p10 
"It addresses 6 medum- and 5 low-severity security issues, 4 informational security topics,
15 bugfixes, and contains other improvements over 4.2.8p9."

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:20:31 +01:00
Matthias Fischer
21094f574e mpd 0.20.6: fixes for lfs-file 
Package refused to build without initscript.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:19:57 +01:00
Matthias Fischer
109b1914d1 motion 4.0.1: suggested new rootfile 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:19:25 +01:00
Matthias Fischer
baa8a93fd1 motion: Update to 4.0.1 
'ffmpeg' seems to need this update.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:19:23 +01:00
Michael Tremer
0be884d6b2 network: Create route to gateway 
Some hosters have their gateway in a different subnet than
the RED interface is to save IPv4 address space.

This patch sets a host route to that gateway so that
IPFire can be installed in data centres that use such
technique.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:17:03 +01:00
Michael Tremer
2170bad5b9 setup: Allow setting netmask to 255.255.255.255 
Some hosters require that the subnet mask of the RED network
is set to 255.255.255.255. This was not possible to save before.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:17:03 +01:00
Michael Tremer
4a0d69ca46 unbound: Increase memory size on even larger systems 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 10:29:03 +01:00
Michael Tremer
128db1a363 unbound: Double buffer size 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 10:25:39 +01:00
Michael Tremer
c20b20092f unbound: Increase size of send/receive buffers 
This will allow to not drop any packets when there is a
peak in queries

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 10:24:40 +01:00
Michael Tremer
5012e53c29 unbound: Re-use UDP sockets 
This will make UDP queries faster

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 10:17:33 +01:00
Michael Tremer
0a7dca2c5f unbound: Increase number of parallel queries 
The parameters are the recommended values for libevent

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 10:16:56 +01:00
Marcel Lorenz
e0174da88b mpd: update to 0.20.6 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-25 11:09:50 +01:00
Michael Tremer
cda384a280 ipsec: Do not reject connections in on-demand mode 
When an on-demand VPN connection is not up, the packets will
traverse the firewall and be rejected by the IPSECBLOCK chain
which will cause that an ICMP error message will be sent to
the client. If that does not happen and the packet is being
silently dropped, the client will retransmit and by then
the VPN connection will hopefully be up.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-24 13:24:42 +01:00
Michael Tremer
e89b407f88 Fix updated graphs in legacy theme 
The images are now a little bigger and will be scaled down
here, but the iframe box never grows bigger than the max.
size of the container.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-22 17:22:26 +00:00
Marcel Lorenz
8714488c73 ffmpeg and ffmpeg-libs: update to 3.2.4 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-22 17:02:46 +00:00
Michael Tremer
65c3b7c913 Revert "BUG11278: enable creation from subnets of internal networks" 
This reverts commit ff6cc71107.

This patch causes that no new networks can be created and
an error message is shown that the created network is the GREEN
network which is incorrect.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-22 11:15:44 +00:00
Michael Tremer
a249ccd2e4 Improve graphs 
The graphs are using an iframe and PNG images where the resolution
did often not fit and the browser had to resize the image. That
led to blurred fonts and hard to read graphs.

This patch increases the size of the box and the image. With that
higher resolution resizing should not be too much of an issue, but
since the sizes of the iframe and image have been aligned should
not even be necessary.

Reported-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-15 13:45:05 +00:00
Michael Tremer
d38ed86f8b strongswan: Disable IPv6 by default 
IPFire 2 does not have IPv6 connectivity with exception of a
few systems for testing where IPsec connections become a little
bit unstable when trying to connect over IPv6.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-15 12:56:05 +00:00
Marcel Lorenz
373c0c7bed apcupsd: update to 3.14.14 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-12 16:05:33 +00:00
Jonatan Schlag
0f1cda211c Disable netfilter on all bridges per default 
Fixes: #11301

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-11 10:08:16 +00:00
Jonatan Schlag
3baa3661a1 xinetd: fix the call of INSTALL_INITSCRIPT 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-10 16:13:48 +00:00
Jonatan Schlag
d04e15178d Fix rootfile of keepalived after initscript changes 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-10 16:13:45 +00:00
Matthias Fischer
a3fd3c237d Midnight Commander: Update to 4.8.19 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-09 11:11:33 +00:00
Michael Tremer
acf0e4d2da Merge branch 'initscripts-cleanup' of git://git.ipfire.org/people/jschlag/ipfire-2.x into next 2017-03-09 11:04:52 +00:00