Drop the usage of the old legacy GeoIP perl module which was not able to handle the
new GeoLite2 databases.
Write some code to directly access the databases and extract the required data.
Usage of the GeoIP2 perl module would provide a lot of more functionality which is not
used/needed. Unfortunately ir requires at lot of additional perl modules which are
not available on IPFire and would only be build and shipped for this module. Buildig all
of them will slow down the entire build process, mess up the system and requires a lot
more space on disk.
Fixes#11962.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The legacy GeoIP perl module cannot handle the new GeoLite2 databases
provided from maxmind and therefore needs to be dropped.
Reference #11960
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is a runtime dependency of the xt_geoip_build perl script
shipped by xtables-addons in version 3.2.
Reference #11960.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is potentially dangerous to set larger than zero.
Authentication is perfomed on basis of IP addresses which is
not a good idea at all.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is the authentication againt NT 4.0 style domain controllers.
squid has dropped support for this in the 4.5 release and nobody
should be using these old domain controllers any more.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
I added a function to determine the number of cores.
Now the number of squid processes will be equal to the number of logical cores.
Further I removed the possibility of changing the number
of squid processes in the proxy.cgi
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: root <root@ipfire.test>
the file is generated at kernel build and in core126
the module commpression was changed to xz so the list was empty.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Fixes#11904
Since OpenSSL-1.1.0x the database attribute file for IPSec and OpenVPN wasn´t created while initial PKI generation.
OpenVPN delivered an error message but IPSec did crashed within the first attempt.
This problem persists also after X509 deletion and new generation.
index.txt.attr will now be delivered by the system but also deleted and recreated while setting up a new x509.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is a bugfix release:
"due to some privacy issues in default settings of Wget, we introduce
this bugfix release.
The --xattr option (saving original URL and Referer into extended file
attributes) was introduced and enabled by default since Wget 1.19.
It possibly saved - possibly unrecognized by the user - credentials,
access tokes etc that were included in the requested URL.
We changed three details as a countermeasure, see below in the NEWS section.
With Best Regards, Tim
...
NEWS
* Changes in Wget 1.20.1
** --xattr is no longer default since it introduces privacy issues.
** --xattr saves the Referer as scheme/host/port,
user/pw/path/query/fragment
are no longer saved to prevent privacy issues.
** --xattr saves the Original URL without user/password to prevent
privacy issues."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
