webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,537 Commits 2 Branches 1 Tag
0.9.0
Commit Graph

21537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vincent Li
996b80701e keepalived UI: add dummy ip for HA state tracking 
add dummy ip 192.0.2.1 in virutal_ipaddress from (TEST-NET-1)
according to https://www.rfc-editor.org/rfc/rfc5737#section-3
for keepalived HA state tracking, the Master will always
have the dummy ip assigned to green0.

add refresh button for HA state refresh

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
0.9.0 		2024-07-10 23:25:40 +00:00
Vincent Li
56a1588f96 vim: Disable vim automatic visual mode on mouse select 
when mouse select, vim automatically turns into
visual mode, this is not convienent when copy
and paste in vim with mouse select. create this
setting for root user.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-09 02:41:58 +00:00
Vincent Li
aa7d243558 langs: installer/setup Chinese translation 
complete the chinese translation referenced below
https://git.ipfire.org/?p=people/ummeegge/ipfire-2.x.git;a=commit;h=ca149dc8e2e24f3cfcf7bbc1e2333b2b6d43e0e4

Asked ChatGPT to translate English in msgid to msgstr in Chinese and
ChatGPT did the translation automatically with correct format.  copied
from ChatGPT and pasted in po.zh

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-09 01:47:46 +00:00
Vincent Li
dcb6b5e117 LoxiLB UI: get VIP from ipconfigfile 
in HA scenario, the shared/floating VIP
is not configured on the red0 interface

when setup LoxiLB lb from the UI in standby
BPFire, some VIPs are missing since these
VIPs are only configured in the active BPFire.

get VIPs from /var/ipfire/loxilb/ipconfigfile

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-09 01:47:46 +00:00
Vincent Li
067bbaf136 LoxiLB: rename UI ipconfig to ipconfigfile 
when run loxicmd save -a -c /var/ipfire/loxilb/
ipconfig directory will be created, which conflicts
with loxilb UI that also save virtual ip to
/var/ipfire/loxilb/ipconfig, so rename ipconfig to
ipconfigfile.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-09 01:47:46 +00:00
Vincent Li
02724e7427 LoxiLB: enable firewall SNAT for green network 
when loxilb is enabled and started, enable the
firewall SNAT for green network so green network
could have initiate outgoing traffic like internet
access.

we can achieve this by restoring firewall SNAT setting
from default /var/ipfire/loxilb/FWconfig.txt when loxilb
start up with --config-path=/var/ipfire/loxilb thanks
to the enhancement addressed in issue:

https://github.com/loxilb-io/loxilb/issues/706

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-09 01:47:46 +00:00
Vincent Li
9f7cd8358f LoxiLB: upgrade to loxilb development branch 
LoxiLB 0.9.4 lack of SNAT feature for egress traffic
initiated from BPFire green network, when loxilb is
enabled, it breaks BPFire green network client Internet
access, this issue is fixed in the loxilb development
branch, temporarily I make loxilb development branch
as 0.9.5 in BPFire so I could test the SNAT feature and
it works.

see detail in https://github.com/loxilb-io/loxilb/issues/718

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-09 01:47:37 +00:00
Vincent Li
a06eab4ae1 keepalived vs/rs UI: add virtual/real server UI 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-05 21:46:07 +00:00
Vincent Li
0f54cfef92 keepalived/ipvs: move ipvsadm to core package 
prepare keepalived with ipvs for layer 4
load balancer

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-02 20:52:49 +00:00
Vincent Li
fa69bf1da3 openssh: update openssh due to CVE-2024-6387 
Update from version 9.7p1 to 9.8p1

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-02 19:36:16 +00:00
Vincent Li
e7e1e67fc7 initscripts: start loxilb keepalived after reboot 
When loxilb and keepalived are enabled, after BPFire
rebooted, loxilb and keepalived failed to start and
shows as "STOPPED" from UI, this is not expected since
we want to loxilb and keepalived to continue to be enabled
after reboot based on the enabled state of loxilb and
keepalived before reboot.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-01 17:30:54 +00:00
Vincent Li
fae6f15fbe LoxiLB UI: remove @nosaved items 
remove @nosaved from /var/ipfire/loxilb/settings
as it could interfere with running state of
loxilb

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-01 04:14:51 +00:00
Vincent Li
ebdd4d59b4 keepalived UI: remove @nosaved item 
remove @nosaved item from form submission
before writehash to each setting file because
it could interfere with each other.

for example, when change keepalived configuration
for green or red interface from the UI,
without removing @nosaved which has 'ENABLE_HA'
before writehash, 'ENABLE_HA=off' would be saved
in '/var/ipfire/keepalived/settings', this would
trigger the UI to show keepalived being "STOPPED"
or it could actually stopoped keepalived.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-07-01 00:16:30 +00:00
Vincent Li
6f8ab2d9ec menu: remove pakfire menu 
pakfire addon install may cause
conflict with BPFire, remove it
for now.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-30 15:05:49 +00:00
Vincent Li
4363971e05 dhcp: allow user to specify router IP 
In BPFire HA deployment, a floating/shared router IP
is required for backend/endpoint server. by default
BPFire uses the primary IP on green0 when running
setup script. Now the floating/shared router IP can
be added to green0 interface as secondary IP through
loxilb UI, keepalived UI can configure the secondary
IP as virtual ipaddress, when HA failover happens,
keepalived will move the virtual ipaddress to new active
BPFire.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-29 20:57:01 +00:00
Vincent Li
2cddcb14f6 keepalived: add keepalivedctrl program 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-29 20:57:01 +00:00
Vincent Li
ed89f965bf keepalived UI: add keepalived UI 
BPFire red0 does not support multicast, need to
have unicast peer configured, then the virtual
ipaddress can be added to red0 interface.

the UI requires /var/ipfire/keepalived/runsettings
/var/ipfire/keepalived/settings to be created, so
add them lfs/configroot

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-29 20:55:28 +00:00
Vincent Li
07750a74ba LoxiLB UI: add required field mark 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-29 19:14:30 +00:00
Vincent Li
5955087887 keepalived: move keepalived to core package 
change keepalived default config to
/var/ipfire/keepalived/keepalived.conf so keepalived WebUI
could read/write the configuration file. also add
/var/ipfire/keepalived directory

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>

keepalived: create /var/ipfire/keepalived
 2024-06-29 19:13:10 +00:00
Vincent Li
61d054216d LoxiLB UI: select virtual ip from red0 interface 
since we added loxilb ip management to add ip on
red0 interface, we can select the virtual ip from
red0 interface.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-20 02:49:02 +00:00
Vincent Li
780f556e9c LoxiLB UI: add loxilb ip management 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-20 02:48:55 +00:00
Vincent Li
3f1e411f95 move tcpdump and strace to core package 
tcpdump and strace are essential for trouble
shooting ship it as core package

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-18 03:14:29 +00:00
Vincent Li
7e5fd9e655 Revert "make.sh: change ipfire name to bpfire name" 
This reverts commit 2624a47e88.

the name change seems making the iso build downloading
image from upstream ipfire image during instalation. revert
it

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-16 02:55:13 +00:00
Vincent Li
8f4062f4da LoxiLB UI: show loxilb server running status 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-15 20:52:48 +00:00
Vincent Li
2624a47e88 make.sh: change ipfire name to bpfire name 
this change would build iso/img with bpfire name.

note make.sh has toolchain name with ipfire,
so this rename may break something, revert this
commit if running into issue in future.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-15 02:50:17 +00:00
Vincent Li
56461e0173 errormessage: use red color for errormessage 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-15 02:14:22 +00:00
Vincent Li
4bbf33e119 LoxiLB: lb config requires lb name 
since now we delete lb by name, so lb name
is required field.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-15 00:46:30 +00:00
Vincent Li
e928445c91 LoxiLB: delete lb by name 
since loxilb is upgraded to 0.9.4 which allows
loxicmd delete lb by name.

fix: https://github.com/vincentmli/BPFire/issues/26

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-14 22:14:16 +00:00
Vincent Li
94f9604493 LoxiLB: remove workaround in loxilbconfig.cgi 
now loxilb is upgraded to 0.9.4, it fixes:
https://github.com/vincentmli/BPFire/issues/25

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-14 22:06:19 +00:00
Vincent Li
a221be1818 LoxiLB: upgrade loxicmd to 0.9.4 
upgrade procedure:

git clone https://github.com/loxilb-io/loxicmd.git
cd loxicmd
git checkout -b v0.9.4 v0.9.4
go mod vendor
cd ..
mv loxicmd loxicmd-0.9.4
tar cvf loxicmd-0.9.4.tar loxicmd-0.9.4
gzip loxicmd-0.9.4.tar
cp loxicmd-0.9.4.tar.gz <BPFire source>/cache/
b2sum <BPFire source>/cache/loxicmd-0.9.4.tar.gz

modify lfs/loxicmd to change the version and b2sum checksum

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-14 18:16:43 +00:00
Vincent Li
b9b523d293 Loxilb: upgrade loxilb to 0.9.4 
upgrade procedure:

git clone --recurse-submodules https://github.com/loxilb-io/loxilb.git
cd loxilb
git checkout -b v0.9.4 v0.9.4
go mod vendor
cd ..
mv loxilb loxilb-0.9.4
tar cvf loxilb-0.9.4.tar loxilb-0.9.4
gzip loxilb-0.9.4.tar
cp loxilb-0.9.4.tar.gz <BPFire source>/cache/
b2sum <BPFire source>/cache/loxilb-0.9.4.tar.gz

modify lfs/loxilb to change the version and b2sum checksum

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-14 18:15:07 +00:00
Vincent Li
0003dd9c8c Loxilb UI: add loxilb firewall UI 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-13 04:22:02 +00:00
Vincent Li
63c3e67c07 loxilb UI: fix updating existing LB mode/sel 
fix: https://github.com/vincentmli/BPFire/issues/24

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-02 01:54:02 +00:00
Vincent Li
6df412401c loxilb UI: add backend monitor option 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-01 21:09:54 +00:00
Vincent Li
284b13c137 loxilb UI: use select drop down option 
learned from ChatGPT to print dynamic options.
add semi column ';' right after heredoc like:

print <<END;
...
...
END

following result in error

print <<END
...
...
END; #<<<< ERROR

following is correct

print <<END
...
...
END
;

so better use the first format

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-01 20:42:16 +00:00
Vincent Li
c946e2d263 README: update load balancer screen shot 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-01 14:15:48 +00:00
Vincent Li
8608700ba9 menu: adjust menu titles 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-01 14:15:48 +00:00
Vincent Li
6994edf40b Add loxilb lb config UI 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-06-01 14:15:41 +00:00
Vincent Li
f60a419e84 BPFire menu re-arrange 
Re-arrange the menu to have BPF centric
main menu, this also easy the developing
of loxilb load balancer GUI since loxilb
will have multiple functions like enable
loxilb, create loxilb lb, create loxilb ip
...etc, so each loxilb function has their
own CGI UI.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-29 18:18:31 +00:00
Vincent Li
280869f883 Do not attach loxilb TC to ethX devices 
see [0] loxilb attach TC program to all devices
by default.

[0]:https://github.com/vincentmli/BPFire/issues/22

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-28 18:12:51 +00:00
Vincent Li
9c58dcd145 Add WebUI loxilb.cgi for ebpf load balancer 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-27 18:23:17 +00:00
Vincent Li
a9c944483b Add loxilb load balancer menu 
run command below when update language menu
perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-27 18:23:17 +00:00
Vincent Li
61caf1c5eb Add loxilb safe call program 
when rebuild image: do

rm log/misc-progs

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-27 18:23:17 +00:00
Vincent Li
0c2b510130 add loxilb start/stop init script and settings 
when rebuid the image, do:

rm log/configroot
rm log/initscripts

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-27 18:23:09 +00:00
Vincent Li
01b41130e5 Update README.md 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-17 03:57:24 +00:00
Vincent Li
fb763397b4 loxilb: add loxilb load balancer addon 
build loxilb in BPFire requires golang 1.22.0,
but then had issue [0], run go mod vendor to
prepare the loxilb to download golang dependencies
package beforehand to avoid issue [0]

loxilb-ebpf build also requires gnu/stubs-32.h
use [1] as workaround

[0]: https://github.com/vincentmli/BPFire/issues/18
[1]: https://github.com/vincentmli/BPFire/issues/16

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-13 18:00:30 +00:00
Vincent Li
a7ed289c04 golang: upgrade from 1.20.4 to 1.22.0 
meet loxilb 1.22.0 requirements
see https://github.com/vincentmli/BPFire/issues/19

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-13 14:34:14 +00:00
Vincent Li
927b3dfe54 loxicmd addon 
Avoid downloading golang dependency packages
during build time due to issue [0], run
go mod vendor so loxicmd source include vendor
directory to include golang dependency packages

[0]: https://github.com/vincentmli/BPFire/issues/18

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-13 14:33:10 +00:00
Vincent Li
0000eed295 Add Loxilb ntc and libmd libbsd addon 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-11 17:41:01 +00:00
Vincent Li
49df562431 ebpf: Enable kernel BPF_EVENTS 
loxilb or other ebpf program could use
bpf_printk for debugging, bpf_printk requires
BPF_EVENTS to be enabled, see [0]

[0] https://github.com/loxilb-io/loxilb/issues/666#issuecomment-2097850413

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
 2024-05-08 03:26:51 +00:00