From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: Core Update 157 (testing) report Date: Tue, 25 May 2021 11:25:06 +0100 Message-ID: <8CD68D8F-2C54-4C4F-81BC-EEC825F065C4@ipfire.org> In-Reply-To: <828220bc-761b-0db0-6c81-835d2ee26c8c@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5758454744377198179==" List-Id: --===============5758454744377198179== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, > On 23 May 2021, at 17:15, Peter M=C3=BCller wr= ote: >=20 > Hello *, >=20 > Core Update 157 (testing, see: https://blog.ipfire.org/post/ipfire-2-25-cor= e-update-157-available-for-testing) > is running here for about two days by now. While it did not introduce a maj= or issue or a show-stopper, some minor > quirks came to my attention: >=20 > (a) As several other testers already noticed, the update script is missing = a "/usr/local/bin/sshctrl" call to > apply changed SSH configurations. Patch https://patchwork.ipfire.org/pat= ch/4351/ will fix that, bug #12627 > has been filed for this. Merged. Thank you. > (b) Currently, the update still misses an updated version of the backup.pl = script, leaving users vulnerable to > #12619. Patch https://patchwork.ipfire.org/patch/4352/ will fix that. Also merged. > (c) Other parts of the https://patchwork.ipfire.org/project/ipfire/list/?se= ries=3D2069 patch series clean up > bits and pieces left over from pppd 2.4.8, and fix some permissions for = NRPE plugins. Just mentioning that > for the sake of completeness, none of that is critical. Merged this too, although it strictly didn=E2=80=99t need to be in 157. > (d) The output of "memory.cgi" file is missing some information due to insu= fficient parsing of "free" results. > Bug #12628 has been filed for that - feel free to grab it and work on th= at, as the Perl script appears rather > hacky to me -; this issue appeared on Core Update 156 as well. Looks like this is going into 158 then. > Every now and then, I continue to suffer from an unknown bug causing VoIP c= alls not to be established properly (see: > https://lists.ipfire.org/pipermail/development/2021-March/009656.html). The= changelog file for Linux 4.14.222 > (https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.222) mentions = a commit f66f9f73e0303e0b498529cc72febbbfa11e2103, > which reads "netfilter: conntrack: skip identical origin tuple in same zone= only" and _might_ be related to that. >=20 > Unfortunately, I can currently neither confirm nor deny that this issue has= been fixed, as I am unable to install > the testing update on a second, productive IPFire machine as well. >=20 > Tested IPFire functionalities in detail: > - IPsec (N2N connections only) > - Squid (authentication enabled, using an upstream proxy) > - OpenVPN (RW connections only) > - IPS/Suricata (with Emerging Threats community ruleset enabled) > - Guardian > - Quality of Service > - DNS (using DNS over TLS and strict QNAME minimisation) > - Dynamic DNS > - Tor (relay mode) >=20 > (a) to (c) require rebuilding Core Update 157. After this has been done and= validated to be fixing the problems > mentioned, I look forward to the release of this Core Update. They are pushed and the build should be available in a couple of hours. Thanks for the feedback=E2=80=A6 -Michael >=20 > Thanks, and best regards, > Peter M=C3=BCller --===============5758454744377198179==--