webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 02:55:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,085 Commits 2 Branches 1 Tag
f36855fe73010235ffbcf409219cbb2dadded8a2
Commit Graph

14085 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Schantl
f36855fe73 dns.cgi: Introduce red_is_active() 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-01-08 11:12:42 +01:00
Stefan Schantl
f10fb4bf43 dns.cgi: Always display the input field for TLS_HOSTNAME 
* Mark it as required if the protocol is set to TLS.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-01-08 10:35:52 +01:00
Stefan Schantl
25dda4a082 dns.cgi: Only perform reverse lookups if the system is online 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-01-08 10:35:24 +01:00
Michael Tremer
beebf925c3 unbound: Implement setting qname minimisation into strict mode 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 16:32:35 +00:00
Michael Tremer
a33489a7aa unbound: Try to set time when DNS is not working 
Since DNSSEC relies on time to validate its signatures,
a common problem is that some systems (usually those without
a working RTC) are not being able to reach their time server.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 16:24:35 +00:00
Michael Tremer
a32fd634ce unbound: Do not update the forwarders when we are running in TLS mode 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 16:02:14 +00:00
Michael Tremer
4b26aac625 unbound: Read configuration globally 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 15:28:21 +00:00
Michael Tremer
2654c66945 unbound: Update forwarders when system connects/disconnects 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 15:21:59 +00:00
Michael Tremer
54898bc6c1 unbound: Update setting Safe Search redirects 
When the system comes online, we must update entries
in the unbound cache to point to the "safe" IP addresses.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 15:03:56 +00:00
Michael Tremer
77c7a94cdd dns.cgi: Show ISP name servers as disabled 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 14:49:54 +00:00
Michael Tremer
984f14bdc4 dns.cgi: Fix handling of WARNINGs from kdig 
There might be multiple warnings which must all be shown
to the user.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 14:41:13 +00:00
Michael Tremer
71471d9bde dns.cgi: Remove smartmatch operator 
Perl likes to make things difficult

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 13:46:11 +00:00
Michael Tremer
dab1258a78 dns.cgi: Timeout after 2 seconds for DNS server checks 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 13:45:21 +00:00
Michael Tremer
1434fa0df5 DNS: Write name servers received from ISP to /var/run/dns{1,2} 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 13:35:45 +00:00
Michael Tremer
4e2d3325af unbound: Drop live checks 
Those checks have caused us a lot of trouble and are now being dropped.

Users must make sure to choose servers that support DNSSEC or enable
any of the tunneling mechanisms to be able to reach them.

Fixes: #12239
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 13:11:38 +00:00
Michael Tremer
ffc46751f2 unbound: Add path to TLS CA bundle 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 12:59:24 +00:00
Michael Tremer
ee90aa9858 unbound: No longer read old configuration file 
The old configuration file in /etc/sysconfig/unbound is no
longer being used and all settings should be in
/var/ipfire/dns/settings.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 12:58:28 +00:00
Michael Tremer
50005ad1d4 unbound: Write upstream name servers to forward.conf 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 12:55:35 +00:00
Michael Tremer
94a51c64bb unbound: Remove test-name-server command 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 11:18:41 +00:00
Michael Tremer
15cf79e3b8 unbound: Convert forward zones to stub zones 
It was incorrect to use forward zones here, because that
assumes that unbound is talking a recursive resolver here.

The feature is however designed to be talking to an authoritative
server.

Fixes: #12230
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 11:14:30 +00:00
Michael Tremer
dea5f34914 unbound: Allow forcing to speak TLS to upstream servers only 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 11:14:05 +00:00
Michael Tremer
372576e0ab unbound: Set EDNS buffer size to 1232 bytes 
Fixes: #12240
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 11:12:33 +00:00
Michael Tremer
3bf804e834 dns.cgi: Set EDNS buffer size to 1232 
References: #12240
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 11:06:10 +00:00
Michael Tremer
0fa6bde78a Update English translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 10:53:34 +00:00
Michael Tremer
cdfc93cb7a webif: Show menu entry for DNS all the time 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 10:48:01 +00:00
Michael Tremer
e8981e3c8f netexternal.cgi: Drop DNSSEC status 
This has now been moved to the new dns.cgi.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 10:45:08 +00:00
Michael Tremer
ecbf66761f DNS: Add converter to migrate settings 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 10:43:19 +00:00
Stefan Schantl
2946d562f1 langs/en.pl: Add new strings for modified dns.cgi. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-01-07 09:35:47 +00:00
Stefan Schantl
24d7c5ef6b dns.cgi: Rework to allow central DNS configuration. 
Fixes #12237.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-01-07 10:30:37 +01:00
Stefan Schantl
456f0b06f4 pppsetup.cgi: Remove support for configure DNS settings. 
Fixes #12234.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-01-05 12:37:57 +01:00
Stefan Schantl
0bb159bbfc Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2020-01-05 12:15:00 +01:00
Arne Fitzenreiter
916859f5fa core140: add gcc changes to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-05 09:28:20 +00:00
Peter Müller
96ac98a568 Tor: update to 0.4.2.5 
Please refer to https://blog.torproject.org/new-release-0425-also-0417-0406-and-0359
for release notes.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:25:00 +00:00
Peter Müller
ae28d23d4d libseccomp: update to 2.4.2 
Please refer to https://github.com/seccomp/libseccomp/releases/tag/v2.4.2
for release notes.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:24:49 +00:00
Michael Tremer
ac7ada2a15 openvmtools: Update to 11.0.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:24:29 +00:00
Michael Tremer
321c211528 glib: Fix compiling with GCC 9 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:24:15 +00:00
Michael Tremer
d04fb4ee34 efivar: Update to 37 
This also fixes some build issues with GCC 9.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:23:54 +00:00
Michael Tremer
3e8dd2d3ed mdadm: Update to 4.1 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:23:52 +00:00
Michael Tremer
c63ba73e3a mpc: Update to 1.1.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:23:39 +00:00
Michael Tremer
d3e4320bed mpfr: Update to 4.0.2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:23:28 +00:00
Michael Tremer
210b27e179 gcc: Update to 9.2.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-04 18:23:09 +00:00
Michael Tremer
2f4d1ecb9a lang: Fix typo in "Writen Bytes" and fix grammar 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-03 21:18:36 +00:00
Arne Fitzenreiter
3a3f4c37f2 core140: add convert-snort to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-03 21:17:05 +00:00
Stefan Schantl
cde7cab264 convert-snort: Check and convert snort user and group. 
Fixes #12102.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-03 21:15:11 +00:00
Arne Fitzenreiter
592d3708fe Revert "bind: Update to 9.11.14" 
build fails on armv5tel: https://nightly.ipfire.org/next/2020-01-02%2016:17:54%20+0000-c846ed16/armv5tel/

This reverts commit 7d9b0ab697.
 2020-01-03 21:13:30 +00:00
Stefan Schantl
c5d20f9665 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2020-01-03 11:06:47 +01:00
Arne Fitzenreiter
c846ed1616 pakfire: use HTTPS if no protocol is specified 
also use HTTPS on fallback to mainserver if no mirror was left

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-01-02 16:17:54 +00:00
Arne Fitzenreiter
f93238725f Merge branch 'master' into next 2020-01-02 15:59:53 +00:00
Michael Tremer
25d5058974 stripper: Strip all unneeded relocation information 
Libraries were treated differently and therfore it could
happen that they were not stripped from any unnecessary
relocation information at all.

This patch changes that and strips everything from
libraries that we do not need.

The ISO was 3MB smaller.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 19:20:44 +00:00
Matthias Fischer
61a4972bc6 nano: Update to 4.7 
For details see:
https://www.nano-editor.org/news.php

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-12-29 19:20:13 +00:00