webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 11:13:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,457 Commits 2 Branches 1 Tag
fe9dbfa1245e90edfd3389c2c532bda49fe22d0c
Commit Graph

13457 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
46bbc13b91 python3: Build package in toolchain 
This will be required to build glibc 2.29

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:38 +01:00
Michael Tremer
e81233173f gcc: Update rootfile for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:38 +01:00
Michael Tremer
ecc9e5efb4 binutils: Update rootfile for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
968a17d64c make.sh: Bump toolchain version 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
525f5d2959 gcc: Update to 8.3.0 
This patch carries the rootfile for x86_64 only.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
3596937440 binutils: Update to 2.32 
This patch carries the rootfile for x86_64 only.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
a7e185c590 grub: Fix rootfile 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:43:48 +01:00
Michael Tremer
4987d0ed19 grub: Fix relocation type issue 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:43:37 +01:00
Michael Tremer
bab38dad60 ipfire-netboot: Fix compiling and linking with new GCC & binutils 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:43:24 +01:00
Michael Tremer
7f156022b5 sarg: Fix build with newer GCCs 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:43:08 +01:00
Arne Fitzenreiter
20c7552e0d Merge branch 'master' into next 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-26 19:39:55 +02:00
Michael Tremer
2cecfd0fdb grub: Fix build error with GCC 8 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:19:51 +01:00
Michael Tremer
452d2b6eaa grub: Disable efiemu on PC builds 
This won't compile with GCC 8 and we do not need it

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:19:42 +01:00
Michael Tremer
999e17bf9e nasm: Update to 2.14.02 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:19:17 +01:00
Michael Tremer
a0c9850c77 ltrace: Bump package version 
This package needs to be rebuilt because it uses elfutils
which has had an soname bump.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:19:16 +01:00
Michael Tremer
95028c1ce2 elfutils: Update to 0.176 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:18:46 +01:00
Erik Kapfer
948173dbb4 OpenVPN: Fixed certificate generation in French 
Fixes #12060

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:17:50 +01:00
Stefan Schantl
9cf253e150 initscripts/suricata: Rework creation of firewall rules. 
The script now will use the previously introduced seperate firewall chains called
IPS_INPUT, IPS_FORWARD and IPS_OUTPUT.

The commit also creates an AND connection between the choosen network zones in the UI and
the final firwall rules.

Fixes #12062.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-26 07:46:15 +02:00
Stefan Schantl
5e3067cb52 initscripts/suricata: Move functions order and always use flush_fw_chain function 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-26 07:46:15 +02:00
Stefan Schantl
686c4b9f25 firewall: Use seperate firewall chains for passing traffic to the IPS 
Create and use seperate iptables chain called IPS_INPUT, IPS_FORWARD and IPS_OUTPUT
to be more flexible which kind of traffic should be passed to suricata.

Reference #12062

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-26 07:46:15 +02:00
Arne Fitzenreiter
31568a1982 hostapd: bump package version 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-26 07:43:21 +02:00
Michael Tremer
1f35114d7b hostap: Fix wiring of checkboxes for client isolation 
The checkboxes were swapped which lead to client isolation
being enabled when the UI said disabled and vice-versa.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 07:42:48 +02:00
Michael Tremer
c721714036 hostap: Translate configuration settings 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-24 11:31:28 +01:00
Michael Tremer
5cf4aba470 hostap: Fix wiring of checkboxes for client isolation 
The checkboxes were swapped which lead to client isolation
being enabled when the UI said disabled and vice-versa.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-24 11:24:33 +01:00
Michael Tremer
49ef32d164 hostap: Remove deprecated directive 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-24 11:08:36 +01:00
Michael Tremer
dc850cb32f hostap: Enable 80MHz bandwidth by default (when using ACS) 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-24 10:43:50 +01:00
Michael Tremer
37a83c83cd hostap: Enable option to force clients to use 802.11w 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-24 10:39:25 +01:00
Michael Tremer
ea10f1a0b5 hostap: Allow to use Automatic Channel Selection (ACS) 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-24 10:12:29 +01:00
Stefan Schantl
d4f3156777 convert-snort: Fix ownership of the generated homenet file. 
Fixes #12059.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 22:05:43 +02:00
Stefan Schantl
e8a28edbea suricata: Use device ppp0 if PPPoE dialin is used. 
Fixes #12058.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 22:05:05 +02:00
Michael Tremer
a86bc6dfc6 suricata: EXTERNAL_NET should equal any 
This enables that we scan servers in ORANGE for clients in
GREEN which absolutely makes sense.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 22:04:30 +02:00
Michael Tremer
56f6d107ff suricata: Do not always convert rules to be bi-directional 
This creates some overhead that we do not need and rules need to
be adjusted to match any direction they are supposed to match.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 22:03:33 +02:00
Michael Tremer
fabe150953 core132: Ship updated suricata initscript 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:56:07 +01:00
Michael Tremer
a1cd844f71 core132: Ship updated convert-snort script 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:55:22 +01:00
Stefan Schantl
25d424387e convert-snort: Fix ownership of the generated homenet file. 
Fixes #12059.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:54:54 +01:00
Alexander Koch
6088176639 core132: Bugfix for typo in filelist 
Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:53:36 +01:00
Stefan Schantl
372975ed0c suricata: Use device ppp0 if PPPoE dialin is used. 
Fixes #12058.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:51:27 +01:00
Michael Tremer
5061292091 suricata: EXTERNAL_NET should equal any 
This enables that we scan servers in ORANGE for clients in
GREEN which absolutely makes sense.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:45:42 +01:00
Michael Tremer
f27bac491a core132: Ship updated list of mime types 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:20:14 +01:00
Alexander Koch
68d7ae338e apache / WPAD: Add correct MIME type for wpad.dat and proxy.pac 
Some clients require the correct MIME type to be set for accepting/handling the Proxy-Settings properly.

See: http://findproxyforurl.com/deploying-wpad/

Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:19:43 +01:00
Michael Tremer
2dd5e64592 suricata: Do not always convert rules to be bi-directional 
This creates some overhead that we do not need and rules need to
be adjusted to match any direction they are supposed to match.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-23 20:18:07 +01:00
Arne Fitzenreiter
7b0c8a80af core131: add services.cgi to update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-23 19:21:30 +02:00
Arne Fitzenreiter
c33a6e7103 finish core131 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-20 18:12:21 +02:00
Arne Fitzenreiter
e7a52c52d1 Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2019-04-20 17:35:54 +02:00
Arne Fitzenreiter
08639bc2a9 kernel: update 4.14.113 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-20 17:21:03 +02:00
Michael Tremer
e967871e8f Update contributors 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-20 14:21:46 +01:00
Michael Tremer
08caa596fa core132: Ship WPAD/proxy changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-20 14:20:06 +01:00
Michael Tremer
e24daa08fa Update translation 
Fix some apostrophe and spelling errors

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-20 14:18:17 +01:00
Alexander Koch
cdc82a993a squid / WPAD: Add Wiki-Link for required further adjustments to GUI 
This patch adds a notice with a link to the Wiki-page https://wiki.ipfire.org/configuration/network/proxy/extend/wpad to the new WebGUI-Setion to make the user aware of the fact, that WPAD will only work correctly if he makes further adjustments:

- Add DHCP-Options for WPAD via DHCP
- Add HOST-Entries to DNS and Apache-vhost or haproxy-frontend/backend or firewall-redirect for WPAD via DNS

These additional options depend on the users environment and can not be shipped by default as they might break the users setups.

Note: The translations are only done for "en" and "de" yet!

Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-20 14:16:00 +01:00
Alexander Koch
ce1c170b0c squid / WPAD: Add GUI for exception-files for generation of proxy.pac 
This patch adds the missing Web-GUI for the WPAD-Exceptions to proxy.cgi

Note: The translations are only done for "en" and "de" yet!

Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-20 14:15:51 +01:00