This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 06ac824331726523e90607f472b822a9b50d156b (commit) via f0092a6e3e246846caa55458364514064f2c5103 (commit) via d499e86b168ca1267b6155496cbefa11ec11b916 (commit) via 5cf83d56fa06a2e04e70db4aba4a0fb4195a5157 (commit) via f622fd8ed09d60b627da3589d91b9fc8d6a77393 (commit) via 00f9dcd91d5edbd7ae3acd0d731c0d415079bae5 (commit) via f69aca76ea22dfac13f41225545d8c403e5327f7 (commit) via 0ca3baedfc623a968c7e38c356352b4f64c9f695 (commit) via f107bb39c53266cd7b2f70c8875dbc07221aeeab (commit) via 035f6c75aed2165a8ecd92571c48daf07edf4ab5 (commit) via 01db691a1ebd569afdc0d9304a67b4e048708b84 (commit) via 06fd3467d1fce5aa56dd255a686c2e46090e2edf (commit) via a04ec923897debb91c72b4c6223586ca0f1c7486 (commit) via 8ff42d82c4ab2d5743b1fdcd076249c7b2e51794 (commit) via 30c59cbb0b370a0fd1470087a94d91b35d4e54a3 (commit) via e3429b4aad01ad011792d00570a3190d0058e7ff (commit) via 11de35622f930cdf9cd64a786a832076ee251672 (commit) via 042a5fe60a51277d3d1c717c207858dce1d28ff1 (commit) via d381c56dc82e10ce01e68bb24b197dce0fa10580 (commit) via ff21ff90d24de0f648d24bb906c45738b81ce67a (commit) via 9d1708e081d7e7ba490db3620509dcce29cb0ae8 (commit) via b76a8a008dca77f8ea9b68c95b2d04e074dfef64 (commit) via a77870146fcf1e4575a9a0e59a85a10674599e91 (commit) via 9f6849b3adfcc8eb91549427f531bdeb89f6d750 (commit) via 4ed2162324a40bc19faf9e3cf698b8f03d256434 (commit) via 045d54c324ac17edc9074b14c5a1a3187b78c2c3 (commit) via 985741db6140464fe2f74ab76bc94223862eb6ce (commit) via af2cc3be64d82d35978590b316a46b5b206afa0d (commit) via 5321fcbff33f69e98f87bd0a354bab53e2a830bf (commit) via 7d5caee6bdbb44b688b579f9b1836bd5a3d0d619 (commit) via ae5b9c5ad5fafbb42e2d7f8201f4cbcc995bfcc4 (commit) via e26a5c488556579d1bd639b50adbc31da450e70c (commit) via e0c4ed1783d665d6f341d00e506395c507198807 (commit) via ce1f04ee404bc373169cd2e8efa7804206bc85de (commit) via c2f1b8183c5f4eb335e89676b46b11eb460b3b89 (commit) via cdd4cf4094df9562f53e175ece8f0bcc4a1cf2f1 (commit) via d68e150e865c86f8a8f784da242701215325abad (commit) via a1018d86ae3d01342758b93e6782735f7b3aa47f (commit) via 6df2d5288768ba0557b3070a52b20db95f3b88fa (commit) via fa286b133085da2776087d7890b57f96a400cc58 (commit) via 5c2a76f7b3799b78e2d9fb33d5f3d7d408b8314b (commit) via dc637f087fe07ab26ae1dee00133da69bab5e6a1 (commit) via ea72700a3b5f53680b218e9261593806bdc5f7d4 (commit) via eedca6e36c1131ce5542da5ccbfbb5667648c024 (commit) via 1a3323f2e6aa4ebe701f2e61a6829c8bedb7eb10 (commit) via 79b89b90e4b9425e29551bd8ceb8a85cd224c62d (commit) via d09cb651b5e829db009d5f0bfeb13acf353bc041 (commit) via 0cd3eab3ae87f31e3d928eb2f800e3abaf1896bf (commit) via d01b31914a69c5e1edf9a059b1fd6b8e5a90ec84 (commit) via 1338e08d0d10300a279ece4e7b4673b20209679b (commit) via 0708b3b343e5eec032c17157255f5543baf9e8d1 (commit) via 5e6f343b7d60abad53248532cd451bb9f81af84c (commit) via b15309e9d14baff65f70b3954ec337944ee1d3bd (commit) via 9ab1c9302c01f11010d0cb87a66366361465461e (commit) via bb473fd1d6e97785dee70ceb75f9b898f92fc507 (commit) via 7f90513e611040a99422b951884062e14271adc4 (commit) via 1183d50b731d6b276b26fc4d8fc680c483cb6b70 (commit) via 2aff684f37afc08d6fa4520188e460e888cee2d8 (commit) via 3407695fbcbe525d7bb860f2f796c6947b201b9c (commit) via cd309fe6a2f4b319272f94bd448fb17fce23b8fd (commit) via 0a12cd70393d3ee6f64e3d81422212eab55468f9 (commit) via 6e1aa54da0e172bf931ef13a3e1c7ad6de9b5a20 (commit) via 34ad12b165639d86f9a9709dc264cbd36c1bd2ca (commit) via e6f7f8e7ba0e716acede7f6cadf9a284d115440b (commit) via 4c83d9fbdcf137c126d0b5ed0935dbe18c9733f3 (commit) via cdaad0cdd33e63232fe8939644825619576b6be3 (commit) via c86d893830560165e065cd44ee44f13c2d7e97a7 (commit) via 13827014fcee7d3094529feb2be17513602e5421 (commit) via 49deea707bc6db5683ecc139070d5c83b89b7c48 (commit) via 4c76d08b2a1ef5ac9ff8b546c0d887e342adec1c (commit) via 67c9261257542c09407f54280e3b4e764c24ebaa (commit) via f1f40274a095f0c5173a69767d9efa647e9f1a8a (commit) via e978f0429f7f33d8eb1051b7089962d52b306792 (commit) via ae84d3745de4235efbe7cf13e9d8542df916083d (commit) via 6f1f51ba1c9e211946bb7b829bd7362ff61ecae7 (commit) via f33d28978d0014e956fb98c6dc42d79fb1a7d3d6 (commit) via cb8a25e5ec4c045f634ba585012f2edf09e6be29 (commit) via 1a26564e95b5694337e51860544e7775d35055f3 (commit) via c9ae511ecf3caea0836b06211ca49d3fec4bf6b8 (commit) via 086bb132ec3155b9221cee5acf307fabfb7515b6 (commit) via 4af8d6964beb8abc822bada4b8dc1474a098514e (commit) via 909549b1d6af51a8b18d4fc799370b32bf7861ce (commit) via 452e537092ba0310dab68e5aeaac4c96fbc4a409 (commit) via a2bcb4135bc7b64a54c06f12a0e577830ecf3ebf (commit) via 27801da08916e6826f99c2c51461d53f403aaf5b (commit) via cab2314ac41105e678be25ba379f58ec43f2ee9e (commit) via a38eb040bfcad9372bca895029d974b587aa011b (commit) via 57c04aa49db6b93dee562477ce9fec5141c787a6 (commit) via 6174b7b1c72cd5141e04ac2621eef90d86987a91 (commit) via 53ac9dd222aac232b35d0c1ce453eaf4cacc3419 (commit) via edff2bb85107c411d890b0ad4c55305fd9297566 (commit) via 848ac6900974f8ac3718c0ea4febec6e56954823 (commit) via 81e1e80e38609e01f98af649ee38e064420bab3d (commit) via 58e840bd96d6f7e34d332d8b18c95857ced5ca1d (commit) via de4f303186927ad1a7a8ff1ec221583d0f8ca047 (commit) via 707846392ee8108d15095d7bc5ee1f43a967053f (commit) via 5df66de303e799537e73c590ead94950f24f38ca (commit) via 8b02a92fe73e16538940aa030e4bcb389cce7f67 (commit) via 66f7b646cd6bf3a1f34d2ad998caad90f3c6c4fc (commit) via 7e17de5f863a96d2f4e67fd27daeade3b1b1d471 (commit) via adde1ca8ce1588997936f5b22687525a2e6637b2 (commit) via c519be42262c629abac86fb251a3f3921d42310d (commit) from ed4bbe44d121480e56c817f42f797423507c7630 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 06ac824331726523e90607f472b822a9b50d156b Author: Arne Fitzenreiter arne_f@ipfire.org Date: Wed Jan 16 22:31:43 2019 +0100
core127: set pakfire version to 127
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit f0092a6e3e246846caa55458364514064f2c5103 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 13 12:50:26 2019 +0100
keepalived: Move change of conntrack sysctl option into package
The setting cannot be set on the default system because the ip_vs module is not loaded by default and there is no reason to load it just because we would be able to set the setting.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit d499e86b168ca1267b6155496cbefa11ec11b916 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 13 12:28:10 2019 +0100
GeoIP: Add accidentially removed paths to database
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5cf83d56fa06a2e04e70db4aba4a0fb4195a5157 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 13 11:53:41 2019 +0100
firewall-lib.pl: Fix incorrect path to geoip-functions.pl
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit f622fd8ed09d60b627da3589d91b9fc8d6a77393 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sat Jan 12 20:01:00 2019 +0100
linux-initrd: fix build of uInit on aarch64
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 00f9dcd91d5edbd7ae3acd0d731c0d415079bae5 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sat Jan 12 09:04:23 2019 +0100
core127: fix xtables kmod rootfiles for arm32 builds
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit f69aca76ea22dfac13f41225545d8c403e5327f7 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Fri Jan 11 14:41:57 2019 +0100
xtables 3.2: Fix for rootfile
Found during the test builds...
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 0ca3baedfc623a968c7e38c356352b4f64c9f695 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Fri Jan 11 10:05:24 2019 +0100
Revert "geoip-functions.pl: Re-write code to lookup the iso country code of a given IP-address."
Enhanching the code to fix the lookup will rapidely slow down the lookup speed. Because using the GeoIP2 module is no option ( the reasons have been described in the commit message which will now reverted), we have decided to temporary switch back to the old module until a nice solution has been found.
This reverts commit ff21ff90d24de0f648d24bb906c45738b81ce67a.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit f107bb39c53266cd7b2f70c8875dbc07221aeeab Author: Stefan Schantl stefan.schantl@ipfire.org Date: Fri Jan 11 10:05:23 2019 +0100
Revert "GeoIP: Drop legacy GeoIP perl module."
This reverts commit 9d1708e081d7e7ba490db3620509dcce29cb0ae8.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 035f6c75aed2165a8ecd92571c48daf07edf4ab5 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Fri Jan 11 01:32:37 2019 +0100
xtables-addons: Fix typo in lfs
Just some typos...
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 01db691a1ebd569afdc0d9304a67b4e048708b84 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 10 22:48:25 2019 +0000
Bump kernel version to ship a new PAE kernel
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 06fd3467d1fce5aa56dd255a686c2e46090e2edf Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 10 22:46:31 2019 +0000
core127: Ship updated kernel modules for xtables
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a04ec923897debb91c72b4c6223586ca0f1c7486 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 10 22:43:45 2019 +0000
core127: Ship updated firewall functions library
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 8ff42d82c4ab2d5743b1fdcd076249c7b2e51794 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 20:40:04 2019 +0100
firewall-lib.pl: Use get_geoip_locations from geoip-functions.pl
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 30c59cbb0b370a0fd1470087a94d91b35d4e54a3 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 20:40:03 2019 +0100
geoip-locations.pl: Add get_geoip_locations().
This function is used to get all available GeoIP locations.
The functions returns them as array, sorted in alphabetical order.
Reference #11959
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit e3429b4aad01ad011792d00570a3190d0058e7ff Author: Matthias Fischer matthias.fischer@ipfire.org Date: Thu Jan 10 15:30:49 2019 +0100
clamav: Update to 0.101.1
For details see: https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 11de35622f930cdf9cd64a786a832076ee251672 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 7 01:32:46 2019 +0000
core127: Ship updated tar
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 042a5fe60a51277d3d1c717c207858dce1d28ff1 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Thu Jan 10 14:29:22 2019 +0100
tar: Update to 1.31, including fix for bug #11958
For details see:
http://savannah.gnu.org/forum/forum.php?forum_id=9344
"- Fix heap-buffer-overrun with --one-top-level. - Support for zstd compression. - The -K option interacts properly with member names given in the command line. - Fix CVE-2018-20482"
This patch was reverted because 'tar 1.31' crashed when installing PakFire packages with the option '--no-overwrite-dir'. See: https://bugzilla.ipfire.org/show_bug.cgi?id=11958
Included is now a patch from https://savannah.gnu.org/bugs/?55413, which seems to fix this issue. The test cases given in https://savannah.gnu.org/bugs/?55413#comment1 ran without problems.
As always, please check and confirm.
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit d381c56dc82e10ce01e68bb24b197dce0fa10580 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 7 01:28:38 2019 +0000
core127: Ship updated GeoIP functions
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ff21ff90d24de0f648d24bb906c45738b81ce67a Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 13:00:17 2019 +0100
geoip-functions.pl: Re-write code to lookup the iso country code of a given IP-address.
Drop the usage of the old legacy GeoIP perl module which was not able to handle the new GeoLite2 databases.
Write some code to directly access the databases and extract the required data.
Usage of the GeoIP2 perl module would provide a lot of more functionality which is not used/needed. Unfortunately ir requires at lot of additional perl modules which are not available on IPFire and would only be build and shipped for this module. Buildig all of them will slow down the entire build process, mess up the system and requires a lot more space on disk.
Fixes #11962.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 9d1708e081d7e7ba490db3620509dcce29cb0ae8 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 13:00:16 2019 +0100
GeoIP: Drop legacy GeoIP perl module.
The legacy GeoIP perl module cannot handle the new GeoLite2 databases provided from maxmind and therefore needs to be dropped.
Reference #11960
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit b76a8a008dca77f8ea9b68c95b2d04e074dfef64 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 13:00:15 2019 +0100
xt_geoip_update: Adjust script to download and use the GeoLite2 database
Fixes #11961.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a77870146fcf1e4575a9a0e59a85a10674599e91 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 13:00:14 2019 +0100
xtables-addons: Use shipped xt_geoip_build
Use the shipped xt_geoip_build directly instead of holding a copy in our GIT.
Reference #11959
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 9f6849b3adfcc8eb91549427f531bdeb89f6d750 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 13:00:13 2019 +0100
xtables-addons: Update to 3.2
Reference #11959
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 4ed2162324a40bc19faf9e3cf698b8f03d256434 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 7 00:34:30 2019 +0000
perl-Net-CIDR-Lite: Make rootfile work on other arches
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 045d54c324ac17edc9074b14c5a1a3187b78c2c3 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 7 00:31:46 2019 +0000
perl-Net-CIDR-Lite: Fix whitespace
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 985741db6140464fe2f74ab76bc94223862eb6ce Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Jan 10 13:00:12 2019 +0100
perl-Net-CIDR-Lite: New package.
This is a runtime dependency of the xt_geoip_build perl script shipped by xtables-addons in version 3.2.
Reference #11960.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit af2cc3be64d82d35978590b316a46b5b206afa0d Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 6 21:33:43 2019 +0000
IPVS: Enable connection tracking by default
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5321fcbff33f69e98f87bd0a354bab53e2a830bf Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 6 09:00:47 2019 +0000
Backup conntrackd's configuration file
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 7d5caee6bdbb44b688b579f9b1836bd5a3d0d619 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 6 08:59:25 2019 +0000
Add initscript for conntrackd
The daemon will be started by default when a configuration file exists.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ae5b9c5ad5fafbb42e2d7f8201f4cbcc995bfcc4 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jan 6 07:03:08 2019 +0000
Update translations
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit e26a5c488556579d1bd639b50adbc31da450e70c Author: Matthias Fischer matthias.fischer@ipfire.org Date: Tue Jan 8 14:14:41 2019 +0100
Fix typo in 'html/cgi-bin/logs.cgi/log.dat'
Translation string uses capital letter: 'Captive' => 'Captive Portal',
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit e0c4ed1783d665d6f341d00e506395c507198807 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:14:01 2019 +0100
core127: Ship updated proxy.cgi and regenerate configuration
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ce1f04ee404bc373169cd2e8efa7804206bc85de Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:09:46 2019 +0100
proxy: Allow selecting throttled bandwidth in MBit/s
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c2f1b8183c5f4eb335e89676b46b11eb460b3b89 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:02:05 2019 +0100
proxy: Suggest modern defaults for cache memory and disk
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cdd4cf4094df9562f53e175ece8f0bcc4a1cf2f1 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 16:00:05 2019 +0100
proxy: Drop support for throttling only certain mime types
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit d68e150e865c86f8a8f784da242701215325abad Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:54:56 2019 +0100
proxy: Drop web browser check
This is neither reliable nor up to date and is therefore removed
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a1018d86ae3d01342758b93e6782735f7b3aa47f Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:49:18 2019 +0100
proxy: Set authentication TTL for NTLM authentication also
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6df2d5288768ba0557b3070a52b20db95f3b88fa Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:48:32 2019 +0100
proxy: Use correct authentication cache TTL for AD
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit fa286b133085da2776087d7890b57f96a400cc58 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:46:20 2019 +0100
proxy: Use entered setting for auth children for AD
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5c2a76f7b3799b78e2d9fb33d5f3d7d408b8314b Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:44:19 2019 +0100
proxy: Use correct realm for AD authentication
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit dc637f087fe07ab26ae1dee00133da69bab5e6a1 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:37:00 2019 +0100
proxy: Remove AUTH_IPCACHE_TTL
This is potentially dangerous to set larger than zero.
Authentication is perfomed on basis of IP addresses which is not a good idea at all.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ea72700a3b5f53680b218e9261593806bdc5f7d4 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 15:27:54 2019 +0100
proxy: Drop NTLM authentication
This is the authentication againt NT 4.0 style domain controllers.
squid has dropped support for this in the 4.5 release and nobody should be using these old domain controllers any more.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit eedca6e36c1131ce5542da5ccbfbb5667648c024 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 8 03:33:37 2019 +0100
squid: Run as many redirectors as we have CPU cores
This makes sure that we use the optimal ratio of memory and CPU usage.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org Tested-by: Daniel Weismüller daniel.weismueller@ipfire.org Tested-by: Matthias Fischer matthias.fischer@ipfire.org
commit 1a3323f2e6aa4ebe701f2e61a6829c8bedb7eb10 Author: Daniel Weismüller daniel.weismueller@ipfire.org Date: Tue Oct 30 12:06:59 2018 +0100
BUG 11786 - squid: Remove setting for filter processes the number of Squid processes
I added a function to determine the number of cores. Now the number of squid processes will be equal to the number of logical cores. Further I removed the possibility of changing the number of squid processes in the proxy.cgi
Signed-off-by: Daniel Weismüller daniel.weismueller@ipfire.org Signed-off-by: root root@ipfire.test
commit 79b89b90e4b9425e29551bd8ceb8a85cd224c62d Author: Michael Tremer michael.tremer@ipfire.org Date: Sat Jan 5 21:12:24 2019 +0000
Revert "core127: Ship updated tar"
This reverts commit 9ab1c9302c01f11010d0cb87a66366361465461e.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit d09cb651b5e829db009d5f0bfeb13acf353bc041 Author: Michael Tremer michael.tremer@ipfire.org Date: Sat Jan 5 21:11:44 2019 +0000
Revert "tar: Update to 1.31"
This reverts commit bb473fd1d6e97785dee70ceb75f9b898f92fc507.
tar crashes when used with --no-overwrite-dir. See #11958.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 0cd3eab3ae87f31e3d928eb2f800e3abaf1896bf Author: Michael Tremer michael.tremer@ipfire.org Date: Sat Jan 5 21:11:14 2019 +0000
core127: Ship updated snort
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit d01b31914a69c5e1edf9a059b1fd6b8e5a90ec84 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Jan 5 10:40:08 2019 +0100
snort: Update to 2.9.12
For details see:
Release notes: https://snort.org/downloads/snort/release_notes_2.9.12.txt
Changelog: https://snort.org/downloads/snort/changelog_2.9.12.txt
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1338e08d0d10300a279ece4e7b4673b20209679b Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sun Jan 6 16:29:57 2019 +0100
core127: ship framebuffer.conf blacklist
the file is generated at kernel build and in core126 the module commpression was changed to xz so the list was empty.
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 0708b3b343e5eec032c17157255f5543baf9e8d1 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sun Jan 6 15:53:27 2019 +0100
core127: remove double files from armv5tel filelist
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 5e6f343b7d60abad53248532cd451bb9f81af84c Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sun Jan 6 15:51:53 2019 +0100
python: update to 2.7.15
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit b15309e9d14baff65f70b3954ec337944ee1d3bd Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sat Jan 5 13:47:31 2019 +0100
transmission: update to 2.94
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 9ab1c9302c01f11010d0cb87a66366361465461e Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Jan 4 02:43:06 2019 +0000
core127: Ship updated tar
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit bb473fd1d6e97785dee70ceb75f9b898f92fc507 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Fri Jan 4 18:54:49 2019 +0100
tar: Update to 1.31
For details see: http://savannah.gnu.org/forum/forum.php?forum_id=9344
"- Fix heap-buffer-overrun with --one-top-level. - Support for zstd compression. - The -K option interacts properly with member names given in the command line. - Fix CVE-2018-20482"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 7f90513e611040a99422b951884062e14271adc4 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 3 16:28:00 2019 +0000
Update translations
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1183d50b731d6b276b26fc4d8fc680c483cb6b70 Author: Peter Müller peter.mueller@link38.eu Date: Thu Jan 3 17:57:32 2019 +0100
fix SSH port description in WebUI again
Fixes #11881.
Signed-off-by: Peter Müller peter.mueller@link38.eu Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 2aff684f37afc08d6fa4520188e460e888cee2d8 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 3 15:12:39 2019 +0000
libvirt: The package no longer depends on jansson
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 3407695fbcbe525d7bb860f2f796c6947b201b9c Author: Stéphane Pautrel stephane.pautrel@gmail.com Date: Thu Jan 3 15:02:53 2019 +0000
Update of French translation
This improves the translation and enhances consistency in many places.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cd309fe6a2f4b319272f94bd448fb17fce23b8fd Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 3 14:58:47 2019 +0000
Update translations
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 0a12cd70393d3ee6f64e3d81422212eab55468f9 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Wed Dec 26 14:37:25 2018 +0100
dnsforward.cgi: fix for language string
Hi,
In https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=1a26564e95b5694337e5... the language string 'dnsforward forward_server' => 'DNS-Server', was deleted and replaced by 'dnsforward forward_servers' => 'DNS-Server',
IMHO this leads to an empty string in 'dnsforward.cgi', line 223:
... <td width='20%' class='base'>$Lang::tr{'dnsforward forward_server'}: <img src='/blob.gif' alt='*' /></td> ...
I changed this line...
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6e1aa54da0e172bf931ef13a3e1c7ad6de9b5a20 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Thu Dec 27 01:57:18 2018 +0100
attr 2.4.47: Update for rootfile
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 34ad12b165639d86f9a9709dc264cbd36c1bd2ca Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 3 14:53:34 2019 +0000
core127: Ship updated VPN CGI files
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit e6f7f8e7ba0e716acede7f6cadf9a284d115440b Author: Erik Kapfer ummeegge@ipfire.org Date: Thu Jan 3 03:57:16 2019 +0100
database_attribute: Deliver/create index.txt.attr
Fixes #11904
Since OpenSSL-1.1.0x the database attribute file for IPSec and OpenVPN wasn´t created while initial PKI generation. OpenVPN delivered an error message but IPSec did crashed within the first attempt. This problem persists also after X509 deletion and new generation.
index.txt.attr will now be delivered by the system but also deleted and recreated while setting up a new x509.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 4c83d9fbdcf137c126d0b5ed0935dbe18c9733f3 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Wed Jan 2 16:43:42 2019 +0100
mc: Update to 4.8.22
For details see: http://midnight-commander.org/wiki/NEWS-4.8.22
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cdaad0cdd33e63232fe8939644825619576b6be3 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 2 16:24:39 2019 +0000
libvirt: Bump package version
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c86d893830560165e065cd44ee44f13c2d7e97a7 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Tue Jan 1 18:39:03 2019 +0100
squid: Update to 4.5
For details see: http://www.squid-cache.org/Versions/v4/changesets/
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 13827014fcee7d3094529feb2be17513602e5421 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Dec 31 00:36:23 2018 +0000
core127: Ship updated wget
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 49deea707bc6db5683ecc139070d5c83b89b7c48 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Thu Dec 27 18:16:35 2018 +0100
wget: Update to 1.20.1
This is a bugfix release:
"due to some privacy issues in default settings of Wget, we introduce this bugfix release.
The --xattr option (saving original URL and Referer into extended file attributes) was introduced and enabled by default since Wget 1.19. It possibly saved - possibly unrecognized by the user - credentials, access tokes etc that were included in the requested URL.
We changed three details as a countermeasure, see below in the NEWS section.
With Best Regards, Tim
...
NEWS
* Changes in Wget 1.20.1
** --xattr is no longer default since it introduces privacy issues.
** --xattr saves the Referer as scheme/host/port, user/pw/path/query/fragment are no longer saved to prevent privacy issues.
** --xattr saves the Original URL without user/password to prevent privacy issues."
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 4c76d08b2a1ef5ac9ff8b546c0d887e342adec1c Author: Arne Fitzenreiter arne_f@ipfire.org Date: Wed Jan 2 15:33:16 2019 +0100
kernel: fix generation of framebuffer blacklist
modules are now xz compressed.
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 67c9261257542c09407f54280e3b4e764c24ebaa Author: Arne Fitzenreiter arne_f@ipfire.org Date: Fri Dec 28 16:05:38 2018 +0100
mpd: add soxr dependency
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit f1f40274a095f0c5173a69767d9efa647e9f1a8a Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sun Dec 23 11:12:15 2018 +0100
u-boot: fix x86 builds
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit e978f0429f7f33d8eb1051b7089962d52b306792 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 23:38:48 2018 +0000
keepalived: Fix incorrect path in initscript
This path to keepalived was just incorrect and therefore the daemon could not easily be reloaded.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ae84d3745de4235efbe7cf13e9d8542df916083d Author: Arne Fitzenreiter arne_f@ipfire.org Date: Thu Dec 20 08:04:22 2018 +0100
u-boot: fix typo in boot.scr
fix serial console output on RPi3 B+ at aarch64
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 6f1f51ba1c9e211946bb7b829bd7362ff61ecae7 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 21:01:20 2018 +0100
core127: Ship DNS forwarding settings
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit f33d28978d0014e956fb98c6dc42d79fb1a7d3d6 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 21:00:21 2018 +0100
unbound: Use correct parameter for IP addresses and hostnames
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cb8a25e5ec4c045f634ba585012f2edf09e6be29 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 20:47:41 2018 +0100
DNS Forwarding: Let UI accept hostnames, too
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1a26564e95b5694337e51860544e7775d35055f3 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 20:42:46 2018 +0100
DNS Forwarding: Allow passing multiple name servers (separated by comma)
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c9ae511ecf3caea0836b06211ca49d3fec4bf6b8 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 20:23:59 2018 +0100
unbound: Allow forwarding to multiple servers at the same time
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 086bb132ec3155b9221cee5acf307fabfb7515b6 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 18:55:23 2018 +0000
ipvsadm: Update to 1.29
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 4af8d6964beb8abc822bada4b8dc1474a098514e Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 19 15:42:23 2018 +0000
pcre: Enable JIT
This is now possible because we no longer run grsecurity-enabled kernels. The performance of PCRE increases dramatically and applications like the IDS benefit hugely:
https://blog.inliniac.net/2011/10/12/suricata-and-pcre-performance/
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 909549b1d6af51a8b18d4fc799370b32bf7861ce Author: Jonatan Schlag jonatan.schlag@ipfire.org Date: Thu Dec 13 17:02:44 2018 +0000
Update libvirt to version 4.10
This partially fixes #11941 as libvirt now states clearly that seccomp needs to be disabled
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 452e537092ba0310dab68e5aeaac4c96fbc4a409 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 18 22:32:07 2018 +0000
core127: Ship updated squid
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a2bcb4135bc7b64a54c06f12a0e577830ecf3ebf Author: Matthias Fischer matthias.fischer@ipfire.org Date: Thu Dec 13 18:40:24 2018 +0100
squid: Update to 4.4 (stable)
For details see: http://www.squid-cache.org/Versions/v4/changesets/
In July 2018, 'squid 4' was "released for production use", see: https://wiki.squid-cache.org/Squid-4
"The features have been set and large code changes are reserved for later versions."
I've tested almost all 4.x-versions and patch series before with good results. Right now, 4.4 is running here with no seen problems together with 'squidclamav', 'squidguard' and 'privoxy'.
I too would declare this version stable.
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 27801da08916e6826f99c2c51461d53f403aaf5b Author: erik.kapfer ummeegge@ipfire.org Date: Fri Dec 14 12:43:00 2018 +0100
unbound: Add TFO support for unbound
For further informations, see https://tools.ietf.org/html/rfc7413
Signed-off-by: erik.kapfer ummeegge@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cab2314ac41105e678be25ba379f58ec43f2ee9e Author: Matthias Fischer matthias.fischer@ipfire.org Date: Fri Dec 14 21:20:15 2018 +0100
bind: Update to 9.11.5-P1
For details see: http://ftp.isc.org/isc/bind9/9.11.5-P1/RELEASE-NOTES-bind-9.11.5-P1.html
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a38eb040bfcad9372bca895029d974b587aa011b Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 18 22:28:59 2018 +0000
sqlite: Update to 3.26.0
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 57c04aa49db6b93dee562477ce9fec5141c787a6 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Dec 16 22:23:50 2018 +0000
Revert "make.sh: Build in ramdisk"
This reverts commit 6174b7b1c72cd5141e04ac2621eef90d86987a91.
This had absolutely no effect on build time or rather made it slower. So this is being reverted to save ourselves the RAM.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6174b7b1c72cd5141e04ac2621eef90d86987a91 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Dec 16 16:50:13 2018 +0000
make.sh: Build in ramdisk
This is an experimental change that I want to trial to speed up the nightly builds. The build environment will be mounted in a ramdisk and the build will be performed in there.
This will hopefully reduce IO on the (slow) replicated disks.
If there is no significant performance gain from this, this commit will be reverted.
To enable this, USE_RAMDISK must be set to 1 in .config.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 53ac9dd222aac232b35d0c1ce453eaf4cacc3419 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Wed Dec 12 20:41:54 2018 +0100
unbound: Update to 1.8.3
For details see: https://nlnetlabs.nl/svn/unbound/tags/release-1.8.3/doc/Changelog
"Fix dns64 allocation in wrong region for returned internal queries."
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit edff2bb85107c411d890b0ad4c55305fd9297566 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Dec 13 13:11:01 2018 +0000
core127: Ship updated grub
It doesn't need to be re-installed because no system with that configuration should exist right now.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 848ac6900974f8ac3718c0ea4febec6e56954823 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Thu Dec 13 12:52:50 2018 +0100
grub: xfs: Accept filesystem with sparse inodes
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Tested-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 81e1e80e38609e01f98af649ee38e064420bab3d Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Dec 12 11:34:12 2018 +0000
AWS: Prefer red* or eth* when importing configuration
This change is necessary to make sure that the script prefers are link with internet access. That would usually be red (after the second boot) or eth* (on the first boot).
That allows (and ensures) that we can install packages in the user-data script.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 58e840bd96d6f7e34d332d8b18c95857ced5ca1d Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 11 20:43:24 2018 +0000
installer: Intialize part_boot_efi_idx
This variable was not initialized on systems where EFI was not in use. Therefore the generated parted command line was not valid and caused the installation to abort.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit de4f303186927ad1a7a8ff1ec221583d0f8ca047 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 11 19:46:10 2018 +0000
core127: Ship updated unbound
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 707846392ee8108d15095d7bc5ee1f43a967053f Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Dec 8 18:13:23 2018 +0100
unbound: Update to 1.8.2
For details see: https://nlnetlabs.nl/projects/unbound/download/
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5df66de303e799537e73c590ead94950f24f38ca Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Dec 8 18:21:19 2018 +0100
clamav: Update to 0.101.0
For details see: https://blog.clamav.net/
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 8b02a92fe73e16538940aa030e4bcb389cce7f67 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 11 19:41:31 2018 +0000
core127: Ship updated fireinfo
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 66f7b646cd6bf3a1f34d2ad998caad90f3c6c4fc Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 11 19:41:09 2018 +0000
Start Core Update 127
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 7e17de5f863a96d2f4e67fd27daeade3b1b1d471 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 11 19:38:21 2018 +0000
fireinfo: Add authentication for upstream proxies
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit adde1ca8ce1588997936f5b22687525a2e6637b2 Merge: c519be422 ed4bbe44d Author: Arne Fitzenreiter arne_f@ipfire.org Date: Tue Dec 11 08:01:59 2018 +0100
Merge branch 'master' into next
commit c519be42262c629abac86fb251a3f3921d42310d Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Dec 10 00:36:04 2018 +0000
haproxy: Create/restore backup when package is installed/uninstalled
Fixes: #11946 Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/backup/include | 1 + config/cfgroot/general-functions.pl | 7 + config/cfgroot/geoip-functions.pl | 36 ++ config/cfgroot/useragents | 25 -- config/firewall/firewall-lib.pl | 32 +- .../includes/lcdproc => ovpn/certs/index.txt.attr} | 0 config/rootfiles/common/aarch64/initscripts | 4 + config/rootfiles/common/aarch64/linux-initrd | 2 +- config/rootfiles/common/aarch64/python | 43 ++- config/rootfiles/common/armv5tel/initscripts | 4 + config/rootfiles/common/armv5tel/python | 43 ++- config/rootfiles/common/attr | 7 +- config/rootfiles/common/bind | 2 +- config/rootfiles/common/configroot | 2 +- config/rootfiles/common/i586/initscripts | 4 + config/rootfiles/common/i586/python | 43 ++- config/rootfiles/common/openvpn | 1 + .../common/{HTML-Tagset => perl-Net-CIDR-Lite} | 12 +- config/rootfiles/common/squid | 64 ++- config/rootfiles/common/unbound | 2 +- config/rootfiles/common/x86_64/initscripts | 4 + config/rootfiles/common/x86_64/python | 43 ++- config/rootfiles/common/xtables-addons | 2 +- config/rootfiles/core/{126 => 127}/exclude | 0 config/rootfiles/core/127/filelists/aarch64/files | 9 + .../124 => core/127}/filelists/aarch64/grub | 0 config/rootfiles/core/127/filelists/aarch64/python | 1 + .../core/127/filelists/aarch64/xtables-addons-kmod | 18 + .../127/filelists/armv5tel/files} | 0 .../rootfiles/core/127/filelists/armv5tel/python | 1 + .../armv5tel/xtables-addons-kmod-kirkwood | 18 + .../filelists/armv5tel/xtables-addons-kmod-multi | 18 + config/rootfiles/core/127/filelists/files | 20 + .../{oldcore/44 => core/127}/filelists/fireinfo | 0 .../{oldcore/100 => core/127}/filelists/i586/grub | 0 .../112 => core/127}/filelists/i586/python | 0 .../core/127/filelists/i586/xtables-addons-kmod | 18 + .../{oldcore/101 => core/127}/filelists/pcre | 0 .../core/127/filelists/perl-Net-CIDR-Lite | 1 + .../{oldcore/104 => core/127}/filelists/snort | 0 .../{oldcore/125 => core/127}/filelists/sqlite | 0 .../{oldcore/100 => core/127}/filelists/squid | 0 .../{oldcore/121 => core/127}/filelists/tar | 0 .../{oldcore/106 => core/127}/filelists/unbound | 0 .../{oldcore/104 => core/127}/filelists/wget | 0 .../100 => core/127}/filelists/x86_64/grub | 0 .../112 => core/127}/filelists/x86_64/python | 0 .../core/127/filelists/x86_64/xtables-addons-kmod | 18 + .../121 => core/127}/filelists/xtables-addons | 0 .../rootfiles/{oldcore/125 => core/127}/update.sh | 21 +- config/rootfiles/{core => oldcore}/126/exclude | 0 .../{core => oldcore}/126/filelists/aarch64/linux | 0 .../126/filelists/aarch64/linux-initrd | 0 .../126/filelists/armv5tel/linux-initrd-kirkwood | 0 .../126/filelists/armv5tel/linux-initrd-multi | 0 .../126/filelists/armv5tel/linux-kirkwood | 0 .../126/filelists/armv5tel/linux-multi | 0 .../rootfiles/{core => oldcore}/126/filelists/bind | 0 .../{core => oldcore}/126/filelists/files | 0 .../{core => oldcore}/126/filelists/i586/linux | 0 .../126/filelists/i586/linux-initrd | 0 .../{core => oldcore}/126/filelists/libconfig | 0 .../{core => oldcore}/126/filelists/openssl | 0 .../{core => oldcore}/126/filelists/openssl-compat | 0 .../{core => oldcore}/126/filelists/x86_64/linux | 0 .../126/filelists/x86_64/linux-initrd | 0 config/rootfiles/{core => oldcore}/126/update.sh | 0 config/rootfiles/packages/clamav | 15 +- config/rootfiles/packages/libvirt | 397 +++++++++++-------- config/rootfiles/packages/mc | 2 + config/u-boot/boot.cmd | 2 +- config/u-boot/boot.scr | Bin 2463 -> 2463 bytes doc/language_issues.de | 30 +- doc/language_issues.en | 35 +- doc/language_issues.es | 33 +- doc/language_issues.fr | 37 +- doc/language_issues.it | 33 +- doc/language_issues.nl | 33 +- doc/language_issues.pl | 33 +- doc/language_issues.ru | 33 +- doc/language_issues.tr | 33 +- doc/language_missings | 20 +- html/cgi-bin/dnsforward.cgi | 34 +- html/cgi-bin/ids.cgi | 4 +- html/cgi-bin/logs.cgi/log.dat | 2 +- html/cgi-bin/ovpnmain.cgi | 9 + html/cgi-bin/proxy.cgi | 429 ++------------------- html/cgi-bin/vpnmain.cgi | 9 + langs/de/cgi-bin/de.pl | 5 +- langs/en/cgi-bin/en.pl | 5 +- langs/fr/cgi-bin/fr.pl | 242 ++++++------ lfs/bind | 4 +- lfs/clamav | 6 +- lfs/configroot | 3 +- lfs/fireinfo | 1 + lfs/grub | 1 + lfs/haproxy | 2 +- lfs/initscripts | 3 + lfs/ipvsadm | 8 +- lfs/keepalived | 2 +- lfs/libvirt | 8 +- lfs/linux | 8 +- lfs/linux-initrd | 8 +- lfs/mc | 6 +- lfs/mpd | 2 +- lfs/pcre | 2 +- lfs/{perl-Sort-Naturally => perl-Net-CIDR-Lite} | 12 +- lfs/python | 9 +- lfs/python-optional-src | 6 +- lfs/snort | 8 +- lfs/sqlite | 4 +- lfs/squid | 12 +- lfs/tar | 7 +- lfs/transmission | 9 +- lfs/unbound | 6 +- lfs/wget | 4 +- lfs/xtables-addons | 8 +- make.sh | 7 +- src/initscripts/packages/keepalived | 8 +- src/initscripts/system/aws | 3 +- src/initscripts/system/conntrackd | 41 ++ src/initscripts/system/unbound | 20 +- src/installer/hw.c | 4 +- src/paks/haproxy/install.sh | 1 + src/paks/haproxy/uninstall.sh | 1 + ...upport-upstream-proxy-with-authentication.patch | 61 +++ ...-xfs-accept-filesystem-with-sparse-inodes.patch | 60 +++ src/patches/python-2.7.13-getentropy.patch | 22 -- ...tion_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch | 72 ---- ..._memory_leak_when_parsing_SNMP_packet_313.patch | 22 -- ...ch => squid-4.5-fix-max-file-descriptors.patch} | 4 +- src/patches/tar/01_extract.c.patch | 12 + src/patches/transmission-2.92-openssl-1.1.0.patch | 261 ------------- src/scripts/xt_geoip_build | 89 ----- src/scripts/xt_geoip_update | 63 ++- 135 files changed, 1427 insertions(+), 1474 deletions(-) delete mode 100644 config/cfgroot/useragents copy config/{backup/includes/lcdproc => ovpn/certs/index.txt.attr} (100%) copy config/rootfiles/common/{HTML-Tagset => perl-Net-CIDR-Lite} (52%) copy config/rootfiles/core/{126 => 127}/exclude (100%) create mode 100644 config/rootfiles/core/127/filelists/aarch64/files copy config/rootfiles/{oldcore/124 => core/127}/filelists/aarch64/grub (100%) create mode 120000 config/rootfiles/core/127/filelists/aarch64/python create mode 100644 config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod copy config/rootfiles/{oldcore/124/filelists/aarch64/files-aarch64 => core/127/filelists/armv5tel/files} (100%) create mode 120000 config/rootfiles/core/127/filelists/armv5tel/python create mode 100644 config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-kirkwood create mode 100644 config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-multi create mode 100644 config/rootfiles/core/127/filelists/files copy config/rootfiles/{oldcore/44 => core/127}/filelists/fireinfo (100%) copy config/rootfiles/{oldcore/100 => core/127}/filelists/i586/grub (100%) copy config/rootfiles/{oldcore/112 => core/127}/filelists/i586/python (100%) create mode 100644 config/rootfiles/core/127/filelists/i586/xtables-addons-kmod copy config/rootfiles/{oldcore/101 => core/127}/filelists/pcre (100%) create mode 120000 config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite copy config/rootfiles/{oldcore/104 => core/127}/filelists/snort (100%) copy config/rootfiles/{oldcore/125 => core/127}/filelists/sqlite (100%) copy config/rootfiles/{oldcore/100 => core/127}/filelists/squid (100%) copy config/rootfiles/{oldcore/121 => core/127}/filelists/tar (100%) copy config/rootfiles/{oldcore/106 => core/127}/filelists/unbound (100%) copy config/rootfiles/{oldcore/104 => core/127}/filelists/wget (100%) copy config/rootfiles/{oldcore/100 => core/127}/filelists/x86_64/grub (100%) copy config/rootfiles/{oldcore/112 => core/127}/filelists/x86_64/python (100%) create mode 100644 config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod copy config/rootfiles/{oldcore/121 => core/127}/filelists/xtables-addons (100%) copy config/rootfiles/{oldcore/125 => core/127}/update.sh (90%) rename config/rootfiles/{core => oldcore}/126/exclude (100%) rename config/rootfiles/{core => oldcore}/126/filelists/aarch64/linux (100%) rename config/rootfiles/{core => oldcore}/126/filelists/aarch64/linux-initrd (100%) rename config/rootfiles/{core => oldcore}/126/filelists/armv5tel/linux-initrd-kirkwood (100%) rename config/rootfiles/{core => oldcore}/126/filelists/armv5tel/linux-initrd-multi (100%) rename config/rootfiles/{core => oldcore}/126/filelists/armv5tel/linux-kirkwood (100%) rename config/rootfiles/{core => oldcore}/126/filelists/armv5tel/linux-multi (100%) rename config/rootfiles/{core => oldcore}/126/filelists/bind (100%) rename config/rootfiles/{core => oldcore}/126/filelists/files (100%) rename config/rootfiles/{core => oldcore}/126/filelists/i586/linux (100%) rename config/rootfiles/{core => oldcore}/126/filelists/i586/linux-initrd (100%) rename config/rootfiles/{core => oldcore}/126/filelists/libconfig (100%) rename config/rootfiles/{core => oldcore}/126/filelists/openssl (100%) rename config/rootfiles/{core => oldcore}/126/filelists/openssl-compat (100%) rename config/rootfiles/{core => oldcore}/126/filelists/x86_64/linux (100%) rename config/rootfiles/{core => oldcore}/126/filelists/x86_64/linux-initrd (100%) rename config/rootfiles/{core => oldcore}/126/update.sh (100%) copy lfs/{perl-Sort-Naturally => perl-Net-CIDR-Lite} (95%) create mode 100755 src/initscripts/system/conntrackd create mode 100644 src/patches/fireinfo-support-upstream-proxy-with-authentication.patch create mode 100644 src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch delete mode 100644 src/patches/python-2.7.13-getentropy.patch delete mode 100644 src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch delete mode 100644 src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.patch rename src/patches/squid/{squid-3.5.28-fix-max-file-descriptors.patch => squid-4.5-fix-max-file-descriptors.patch} (92%) create mode 100644 src/patches/tar/01_extract.c.patch delete mode 100644 src/patches/transmission-2.92-openssl-1.1.0.patch delete mode 100644 src/scripts/xt_geoip_build
Difference in files: diff --git a/config/backup/include b/config/backup/include index 75bd85807..6c7affa20 100644 --- a/config/backup/include +++ b/config/backup/include @@ -1,3 +1,4 @@ +/etc/conntrackd/conntrackd.conf /etc/group /etc/hosts* /etc/httpd/server.crt diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index 0577afe28..e8495e885 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -1165,5 +1165,12 @@ sub dnssec_status() {
return $status; } +sub number_cpu_cores() { + open my $cpuinfo, "/proc/cpuinfo" or die "Can't open cpuinfo: $!\n"; + my $cores = scalar (map /^processor/, <$cpuinfo>); + close $cpuinfo; + + return $cores; +}
1; diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functions.pl index be50d5e14..d03503a3f 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -26,6 +26,9 @@ package GeoIP; use Geo::IP::PurePerl; use Locale::Codes::Country;
+my $geoip_database_dir = "/var/lib/GeoIP"; +my $location_database = "GeoLite2-Country-Locations-en.csv"; + my $database;
sub lookup($) { @@ -117,4 +120,37 @@ sub get_full_country_name($) { return $name; }
+# Function to get all available GeoIP locations. +sub get_geoip_locations() { + my @locations; + + # Open the location database. + open(LOCATION, "$geoip_database_dir/$location_database") or die "Could not open $geoip_database_dir/$location_database. $!\n"; + + # Loop through the file. + while(my $line = <LOCATION>) { + # Remove newlines. + chomp($line); + + # Split the line content. + my ($geoname_id, $locale_code, $continent_code, $continent_name, $country_iso_code, $country_name, $is_in_european_union) = split(/,/, $line); + + # Check if the country_iso_code is upper case. + if($country_iso_code =~ /[A-Z]/) { + # Add the current ISO code. + push(@locations, $country_iso_code); + } + } + + # Close filehandle. + close(LOCATION); + + # Sort locations array in alphabetical order. + my @sorted_locations = sort(@locations); + + # Return the array.. + return @sorted_locations; +} + + 1; diff --git a/config/cfgroot/useragents b/config/cfgroot/useragents deleted file mode 100644 index d5164fd63..000000000 --- a/config/cfgroot/useragents +++ /dev/null @@ -1,25 +0,0 @@ -APTGET,apt-get,(APT-HTTP) -AOL,AOL,(AOL) -AVANT,AvantBrowser,(avantbrowser) -CHROME,Chrome,(Chrome) -FIREFOX,Firefox,(Firefox) -FRONTPAGE,FrontPage,(FrontPage) -GEARTH,Google Earth,(kh_lt/LT) -GECKO,Gecko compatible,(Gecko) -GETRIGHT,GetRight,(GetRight) -GOZILLA,Go!Zilla,(Go!Zilla) -GOOGLE,Google Toolbar,(Google\sToolbar) -JAVA,Java,(Java) -KONQUEROR,Konqueror,(Konqueror) -LIBWWWPERL,libwww-perl,(libwww-perl) -LYNX,Lynx,(Lynx) -MSIE,Internet Explorer,(MSIE.*[)]$) -NETSCAPE,Netscape,(^Mozilla/4.[7|8])|(Netscape) -OPERA,Opera,(Opera) -SAFARI,Safari,(Safari) -SYMLU,Symantec LiveUpdate,(Symantec\sLiveUpdate) -THUNDERBIRD,Thunderbird,(Thunderbird) -WGA,WGA,(LegitCheck) -WGET,Wget,(Wget) -WINUPD,Windows Update,(Industry\sUpdate\sControl)|(Windows\sUpdate)|(Service\sPack\sSetup)|(Progressive\sDownload)|(Windows-Update-Agent)|(Microsoft\sBITS) -WMP,Media Player,(Windows-Media-Player)|(NSPlayer) diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl index 9b7f55c9d..2820eea65 100644 --- a/config/firewall/firewall-lib.pl +++ b/config/firewall/firewall-lib.pl @@ -39,6 +39,7 @@ my %ovpnsettings=(); my %aliases=();
require '/var/ipfire/general-functions.pl'; +require '/var/ipfire/geoip-functions.pl';
my $confignet = "${General::swroot}/fwhosts/customnetworks"; my $confighost = "${General::swroot}/fwhosts/customhosts"; @@ -591,36 +592,7 @@ sub get_internal_firewall_ip_address }
sub get_geoip_locations() { - # Path to the directory which contains the binary geoip - # databases. - my $directory="/usr/share/xt_geoip/LE"; - - # Array to store the final country list. - my @country_codes = (); - - # Open location and do a directory listing. - opendir(DIR, "$directory"); - my @locations = readdir(DIR); - closedir(DIR); - - # Loop through the directory listing, and cut of the file extensions. - foreach my $location (sort @locations) { - # skip . and .. - next if($location =~ /^.$/); - next if($location =~ /^..$/); - - # Remove whitespaces. - chomp($location); - - # Cut-off file extension. - my ($country_code, $extension) = split(/./, $location); - - # Add country code to array. - push(@country_codes, $country_code); - } - - # Return final array. - return @country_codes; + return &GeoIP::get_geoip_locations(); }
return 1; diff --git a/config/ovpn/certs/index.txt.attr b/config/ovpn/certs/index.txt.attr new file mode 100644 index 000000000..e69de29bb diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts index 18adeea21..367a0a725 100644 --- a/config/rootfiles/common/aarch64/initscripts +++ b/config/rootfiles/common/aarch64/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -103,6 +104,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -131,6 +133,7 @@ etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -154,6 +157,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/aarch64/linux-initrd b/config/rootfiles/common/aarch64/linux-initrd index a5a0da72e..8abbf654a 100644 --- a/config/rootfiles/common/aarch64/linux-initrd +++ b/config/rootfiles/common/aarch64/linux-initrd @@ -1,2 +1,2 @@ -#boot/uInit-KVER-ipfire +boot/uInit-KVER-ipfire boot/initramfs-KVER-ipfire.img diff --git a/config/rootfiles/common/aarch64/python b/config/rootfiles/common/aarch64/python index 463dfed8f..3259a241b 100644 --- a/config/rootfiles/common/aarch64/python +++ b/config/rootfiles/common/aarch64/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2100,9 +2100,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2752,6 +2752,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2790,6 +2793,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3040,6 +3046,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3065,6 +3074,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3098,7 +3110,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3118,6 +3129,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3663,6 +3681,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3792,9 +3813,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3963,6 +3981,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4140,6 +4161,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4373,6 +4397,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index 18adeea21..367a0a725 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -103,6 +104,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -131,6 +133,7 @@ etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -154,6 +157,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/armv5tel/python b/config/rootfiles/common/armv5tel/python index 9248201f9..586755c9b 100644 --- a/config/rootfiles/common/armv5tel/python +++ b/config/rootfiles/common/armv5tel/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2102,9 +2102,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2754,6 +2754,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2792,6 +2795,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3042,6 +3048,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3067,6 +3076,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3100,7 +3112,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3120,6 +3131,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3665,6 +3683,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3794,9 +3815,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3965,6 +3983,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4142,6 +4163,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4375,6 +4399,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/attr b/config/rootfiles/common/attr index e8c2055fb..edfefa7e1 100644 --- a/config/rootfiles/common/attr +++ b/config/rootfiles/common/attr @@ -28,15 +28,18 @@ usr/lib/libattr.so.1.1.0 #usr/share/man/man1/attr.1 #usr/share/man/man1/getfattr.1 #usr/share/man/man1/setfattr.1 +#usr/share/man/man2/fgetxattr.2 #usr/share/man/man2/flistxattr.2 #usr/share/man/man2/fremovexattr.2 #usr/share/man/man2/fsetxattr.2 #usr/share/man/man2/getxattr.2 -#usr/share/man/man2/setxattr.2 +#usr/share/man/man2/lgetxattr.2 +#usr/share/man/man2/listxattr.2 #usr/share/man/man2/llistxattr.2 #usr/share/man/man2/lremovexattr.2 -#usr/share/man/man2/removexattr.2 #usr/share/man/man2/lsetxattr.2 +#usr/share/man/man2/removexattr.2 +#usr/share/man/man2/setxattr.2 #usr/share/man/man3/attr_get.3 #usr/share/man/man3/attr_getf.3 #usr/share/man/man3/attr_list.3 diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index 7ddfab332..bbe0e0741 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -270,7 +270,7 @@ usr/lib/libbind9.so.161.0.0 #usr/lib/libdns.la #usr/lib/libdns.so usr/lib/libdns.so.1104 -usr/lib/libdns.so.1104.0.0 +usr/lib/libdns.so.1104.0.1 #usr/lib/libisc.la #usr/lib/libisc.so usr/lib/libisc.so.1100 diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index c72768165..fa18a0525 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -19,6 +19,7 @@ var/ipfire/captive/settings var/ipfire/captive/voucher_out var/ipfire/certs #var/ipfire/certs/index.txt +var/ipfire/certs/index.txt.attr #var/ipfire/certs/serial var/ipfire/connscheduler #var/ipfire/connscheduler/connscheduler.conf @@ -150,7 +151,6 @@ var/ipfire/proxy #var/ipfire/proxy/advanced/cre #var/ipfire/proxy/advanced/cre/enable #var/ipfire/proxy/advanced/settings -#var/ipfire/proxy/advanced/useragents #var/ipfire/proxy/calamaris #var/ipfire/proxy/calamaris/bin #var/ipfire/proxy/settings diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index 7b2c1c5f4..6f9868ec3 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -102,6 +103,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -130,6 +132,7 @@ etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S11unbound etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -153,6 +156,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/i586/python b/config/rootfiles/common/i586/python index 9248201f9..586755c9b 100644 --- a/config/rootfiles/common/i586/python +++ b/config/rootfiles/common/i586/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2102,9 +2102,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2754,6 +2754,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2792,6 +2795,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3042,6 +3048,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3067,6 +3076,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3100,7 +3112,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3120,6 +3131,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3665,6 +3683,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3794,9 +3815,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3965,6 +3983,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4142,6 +4163,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4375,6 +4399,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn index 131d79873..547842db3 100644 --- a/config/rootfiles/common/openvpn +++ b/config/rootfiles/common/openvpn @@ -25,6 +25,7 @@ var/ipfire/ovpn/caconfig var/ipfire/ovpn/ccd #var/ipfire/ovpn/certs var/ipfire/ovpn/certs/index.txt +var/ipfire/ovpn/certs/index.txt.attr var/ipfire/ovpn/certs/serial var/ipfire/ovpn/crls var/ipfire/ovpn/n2nconf diff --git a/config/rootfiles/common/perl-Net-CIDR-Lite b/config/rootfiles/common/perl-Net-CIDR-Lite new file mode 100644 index 000000000..691a7693f --- /dev/null +++ b/config/rootfiles/common/perl-Net-CIDR-Lite @@ -0,0 +1,6 @@ +#usr/lib/perl5/site_perl/5.12.3/Net/CIDR +usr/lib/perl5/site_perl/5.12.3/Net/CIDR/Lite.pm +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/CIDR +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/CIDR/Lite +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/CIDR/Lite/.packlist +#usr/share/man/man3/Net::CIDR::Lite.3 diff --git a/config/rootfiles/common/squid b/config/rootfiles/common/squid index 4e8259a6d..6c8998f93 100644 --- a/config/rootfiles/common/squid +++ b/config/rootfiles/common/squid @@ -20,7 +20,6 @@ usr/lib/squid/basic_db_auth usr/lib/squid/basic_fake_auth usr/lib/squid/basic_getpwnam_auth usr/lib/squid/basic_ldap_auth -usr/lib/squid/basic_msnt_multi_domain_auth usr/lib/squid/basic_ncsa_auth usr/lib/squid/basic_nis_auth usr/lib/squid/basic_pam_auth @@ -29,7 +28,6 @@ usr/lib/squid/basic_radius_auth usr/lib/squid/basic_sasl_auth usr/lib/squid/basic_smb_auth usr/lib/squid/basic_smb_auth.sh -usr/lib/squid/basic_smb_lm_auth #usr/lib/squid/cachemgr.cgi usr/lib/squid/digest_edirectory_auth usr/lib/squid/digest_file_auth @@ -69,6 +67,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/af/ERR_NO_RELAY #usr/lib/squid/errors/af/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/af/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/af/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/af/ERR_READ_ERROR #usr/lib/squid/errors/af/ERR_READ_TIMEOUT #usr/lib/squid/errors/af/ERR_SECURE_CONNECT_FAIL @@ -128,6 +127,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/ar/ERR_NO_RELAY #usr/lib/squid/errors/ar/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ar/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ar/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ar/ERR_READ_ERROR #usr/lib/squid/errors/ar/ERR_READ_TIMEOUT #usr/lib/squid/errors/ar/ERR_SECURE_CONNECT_FAIL @@ -172,6 +172,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/az/ERR_NO_RELAY #usr/lib/squid/errors/az/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/az/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/az/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/az/ERR_READ_ERROR #usr/lib/squid/errors/az/ERR_READ_TIMEOUT #usr/lib/squid/errors/az/ERR_SECURE_CONNECT_FAIL @@ -216,6 +217,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/bg/ERR_NO_RELAY #usr/lib/squid/errors/bg/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/bg/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/bg/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/bg/ERR_READ_ERROR #usr/lib/squid/errors/bg/ERR_READ_TIMEOUT #usr/lib/squid/errors/bg/ERR_SECURE_CONNECT_FAIL @@ -229,6 +231,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/bg/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/bg/error-details.txt #usr/lib/squid/errors/ca +#usr/lib/squid/errors/ca-es #usr/lib/squid/errors/ca/ERR_ACCESS_DENIED #usr/lib/squid/errors/ca/ERR_ACL_TIME_QUOTA_EXCEEDED #usr/lib/squid/errors/ca/ERR_AGENT_CONFIGURE @@ -259,6 +262,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/ca/ERR_NO_RELAY #usr/lib/squid/errors/ca/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ca/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ca/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ca/ERR_READ_ERROR #usr/lib/squid/errors/ca/ERR_READ_TIMEOUT #usr/lib/squid/errors/ca/ERR_SECURE_CONNECT_FAIL @@ -303,6 +307,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/cs/ERR_NO_RELAY #usr/lib/squid/errors/cs/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/cs/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/cs/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/cs/ERR_READ_ERROR #usr/lib/squid/errors/cs/ERR_READ_TIMEOUT #usr/lib/squid/errors/cs/ERR_SECURE_CONNECT_FAIL @@ -347,6 +352,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/da/ERR_NO_RELAY #usr/lib/squid/errors/da/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/da/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/da/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/da/ERR_READ_ERROR #usr/lib/squid/errors/da/ERR_READ_TIMEOUT #usr/lib/squid/errors/da/ERR_SECURE_CONNECT_FAIL @@ -395,6 +401,7 @@ usr/lib/squid/errors/de/ERR_LIFETIME_EXP usr/lib/squid/errors/de/ERR_NO_RELAY usr/lib/squid/errors/de/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/de/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/de/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/de/ERR_READ_ERROR usr/lib/squid/errors/de/ERR_READ_TIMEOUT usr/lib/squid/errors/de/ERR_SECURE_CONNECT_FAIL @@ -439,6 +446,7 @@ usr/lib/squid/errors/de/error-details.txt #usr/lib/squid/errors/el/ERR_NO_RELAY #usr/lib/squid/errors/el/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/el/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/el/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/el/ERR_READ_ERROR #usr/lib/squid/errors/el/ERR_READ_TIMEOUT #usr/lib/squid/errors/el/ERR_SECURE_CONNECT_FAIL @@ -455,6 +463,7 @@ usr/lib/squid/errors/de/error-details.txt #usr/lib/squid/errors/en-au #usr/lib/squid/errors/en-bz #usr/lib/squid/errors/en-ca +#usr/lib/squid/errors/en-cn #usr/lib/squid/errors/en-gb #usr/lib/squid/errors/en-ie #usr/lib/squid/errors/en-in @@ -497,6 +506,7 @@ usr/lib/squid/errors/en/ERR_LIFETIME_EXP usr/lib/squid/errors/en/ERR_NO_RELAY usr/lib/squid/errors/en/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/en/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/en/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/en/ERR_READ_ERROR usr/lib/squid/errors/en/ERR_READ_TIMEOUT usr/lib/squid/errors/en/ERR_SECURE_CONNECT_FAIL @@ -530,6 +540,7 @@ usr/lib/squid/errors/en/error-details.txt #usr/lib/squid/errors/es-us #usr/lib/squid/errors/es-uy #usr/lib/squid/errors/es-ve +#usr/lib/squid/errors/es-xl usr/lib/squid/errors/es/ERR_ACCESS_DENIED usr/lib/squid/errors/es/ERR_ACL_TIME_QUOTA_EXCEEDED usr/lib/squid/errors/es/ERR_AGENT_CONFIGURE @@ -560,6 +571,7 @@ usr/lib/squid/errors/es/ERR_LIFETIME_EXP usr/lib/squid/errors/es/ERR_NO_RELAY usr/lib/squid/errors/es/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/es/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/es/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/es/ERR_READ_ERROR usr/lib/squid/errors/es/ERR_READ_TIMEOUT usr/lib/squid/errors/es/ERR_SECURE_CONNECT_FAIL @@ -604,6 +616,7 @@ usr/lib/squid/errors/es/error-details.txt #usr/lib/squid/errors/et/ERR_NO_RELAY #usr/lib/squid/errors/et/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/et/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/et/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/et/ERR_READ_ERROR #usr/lib/squid/errors/et/ERR_READ_TIMEOUT #usr/lib/squid/errors/et/ERR_SECURE_CONNECT_FAIL @@ -649,6 +662,7 @@ usr/lib/squid/errors/es/error-details.txt #usr/lib/squid/errors/fa/ERR_NO_RELAY #usr/lib/squid/errors/fa/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/fa/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/fa/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/fa/ERR_READ_ERROR #usr/lib/squid/errors/fa/ERR_READ_TIMEOUT #usr/lib/squid/errors/fa/ERR_SECURE_CONNECT_FAIL @@ -693,6 +707,7 @@ usr/lib/squid/errors/es/error-details.txt #usr/lib/squid/errors/fi/ERR_NO_RELAY #usr/lib/squid/errors/fi/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/fi/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/fi/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/fi/ERR_READ_ERROR #usr/lib/squid/errors/fi/ERR_READ_TIMEOUT #usr/lib/squid/errors/fi/ERR_SECURE_CONNECT_FAIL @@ -742,6 +757,7 @@ usr/lib/squid/errors/fr/ERR_LIFETIME_EXP usr/lib/squid/errors/fr/ERR_NO_RELAY usr/lib/squid/errors/fr/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/fr/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/fr/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/fr/ERR_READ_ERROR usr/lib/squid/errors/fr/ERR_READ_TIMEOUT usr/lib/squid/errors/fr/ERR_SECURE_CONNECT_FAIL @@ -786,6 +802,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/he/ERR_NO_RELAY #usr/lib/squid/errors/he/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/he/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/he/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/he/ERR_READ_ERROR #usr/lib/squid/errors/he/ERR_READ_TIMEOUT #usr/lib/squid/errors/he/ERR_SECURE_CONNECT_FAIL @@ -830,6 +847,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/hu/ERR_NO_RELAY #usr/lib/squid/errors/hu/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/hu/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/hu/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/hu/ERR_READ_ERROR #usr/lib/squid/errors/hu/ERR_READ_TIMEOUT #usr/lib/squid/errors/hu/ERR_SECURE_CONNECT_FAIL @@ -875,6 +893,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/hy/ERR_NO_RELAY #usr/lib/squid/errors/hy/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/hy/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/hy/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/hy/ERR_READ_ERROR #usr/lib/squid/errors/hy/ERR_READ_TIMEOUT #usr/lib/squid/errors/hy/ERR_SECURE_CONNECT_FAIL @@ -919,6 +938,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/id/ERR_NO_RELAY #usr/lib/squid/errors/id/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/id/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/id/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/id/ERR_READ_ERROR #usr/lib/squid/errors/id/ERR_READ_TIMEOUT #usr/lib/squid/errors/id/ERR_SECURE_CONNECT_FAIL @@ -964,6 +984,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/it/ERR_NO_RELAY #usr/lib/squid/errors/it/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/it/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/it/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/it/ERR_READ_ERROR #usr/lib/squid/errors/it/ERR_READ_TIMEOUT #usr/lib/squid/errors/it/ERR_SECURE_CONNECT_FAIL @@ -1008,6 +1029,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ja/ERR_NO_RELAY #usr/lib/squid/errors/ja/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ja/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ja/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ja/ERR_READ_ERROR #usr/lib/squid/errors/ja/ERR_READ_TIMEOUT #usr/lib/squid/errors/ja/ERR_SECURE_CONNECT_FAIL @@ -1021,6 +1043,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ja/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ja/error-details.txt #usr/lib/squid/errors/ka +#usr/lib/squid/errors/ka-ge #usr/lib/squid/errors/ka/ERR_ACCESS_DENIED #usr/lib/squid/errors/ka/ERR_ACL_TIME_QUOTA_EXCEEDED #usr/lib/squid/errors/ka/ERR_AGENT_CONFIGURE @@ -1051,6 +1074,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ka/ERR_NO_RELAY #usr/lib/squid/errors/ka/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ka/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ka/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ka/ERR_READ_ERROR #usr/lib/squid/errors/ka/ERR_READ_TIMEOUT #usr/lib/squid/errors/ka/ERR_SECURE_CONNECT_FAIL @@ -1063,7 +1087,6 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ka/ERR_WRITE_ERROR #usr/lib/squid/errors/ka/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ka/error-details.txt -#usr/lib/squid/errors/ka-ge #usr/lib/squid/errors/ko #usr/lib/squid/errors/ko-kp #usr/lib/squid/errors/ko-kr @@ -1097,6 +1120,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ko/ERR_NO_RELAY #usr/lib/squid/errors/ko/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ko/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ko/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ko/ERR_READ_ERROR #usr/lib/squid/errors/ko/ERR_READ_TIMEOUT #usr/lib/squid/errors/ko/ERR_SECURE_CONNECT_FAIL @@ -1141,6 +1165,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/lt/ERR_NO_RELAY #usr/lib/squid/errors/lt/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/lt/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/lt/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/lt/ERR_READ_ERROR #usr/lib/squid/errors/lt/ERR_READ_TIMEOUT #usr/lib/squid/errors/lt/ERR_SECURE_CONNECT_FAIL @@ -1185,6 +1210,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/lv/ERR_NO_RELAY #usr/lib/squid/errors/lv/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/lv/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/lv/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/lv/ERR_READ_ERROR #usr/lib/squid/errors/lv/ERR_READ_TIMEOUT #usr/lib/squid/errors/lv/ERR_SECURE_CONNECT_FAIL @@ -1229,6 +1255,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ms/ERR_NO_RELAY #usr/lib/squid/errors/ms/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ms/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ms/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ms/ERR_READ_ERROR #usr/lib/squid/errors/ms/ERR_READ_TIMEOUT #usr/lib/squid/errors/ms/ERR_SECURE_CONNECT_FAIL @@ -1273,6 +1300,7 @@ usr/lib/squid/errors/nl/ERR_LIFETIME_EXP usr/lib/squid/errors/nl/ERR_NO_RELAY usr/lib/squid/errors/nl/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/nl/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/nl/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/nl/ERR_READ_ERROR usr/lib/squid/errors/nl/ERR_READ_TIMEOUT usr/lib/squid/errors/nl/ERR_SECURE_CONNECT_FAIL @@ -1316,6 +1344,7 @@ usr/lib/squid/errors/nl/error-details.txt #usr/lib/squid/errors/oc/ERR_NO_RELAY #usr/lib/squid/errors/oc/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/oc/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/oc/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/oc/ERR_READ_ERROR #usr/lib/squid/errors/oc/ERR_READ_TIMEOUT #usr/lib/squid/errors/oc/ERR_SECURE_CONNECT_FAIL @@ -1360,6 +1389,7 @@ usr/lib/squid/errors/pl/ERR_LIFETIME_EXP usr/lib/squid/errors/pl/ERR_NO_RELAY usr/lib/squid/errors/pl/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/pl/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/pl/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/pl/ERR_READ_ERROR usr/lib/squid/errors/pl/ERR_READ_TIMEOUT usr/lib/squid/errors/pl/ERR_SECURE_CONNECT_FAIL @@ -1404,6 +1434,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/pt-br/ERR_NO_RELAY #usr/lib/squid/errors/pt-br/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/pt-br/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/pt-br/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/pt-br/ERR_READ_ERROR #usr/lib/squid/errors/pt-br/ERR_READ_TIMEOUT #usr/lib/squid/errors/pt-br/ERR_SECURE_CONNECT_FAIL @@ -1418,6 +1449,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/pt-br/error-details.txt #usr/lib/squid/errors/pt-bz #usr/lib/squid/errors/pt-pt +#usr/lib/squid/errors/pt-xl #usr/lib/squid/errors/pt/ERR_ACCESS_DENIED #usr/lib/squid/errors/pt/ERR_ACL_TIME_QUOTA_EXCEEDED #usr/lib/squid/errors/pt/ERR_AGENT_CONFIGURE @@ -1448,6 +1480,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/pt/ERR_NO_RELAY #usr/lib/squid/errors/pt/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/pt/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/pt/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/pt/ERR_READ_ERROR #usr/lib/squid/errors/pt/ERR_READ_TIMEOUT #usr/lib/squid/errors/pt/ERR_SECURE_CONNECT_FAIL @@ -1493,6 +1526,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/ro/ERR_NO_RELAY #usr/lib/squid/errors/ro/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ro/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ro/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ro/ERR_READ_ERROR #usr/lib/squid/errors/ro/ERR_READ_TIMEOUT #usr/lib/squid/errors/ro/ERR_SECURE_CONNECT_FAIL @@ -1537,6 +1571,7 @@ usr/lib/squid/errors/ru/ERR_LIFETIME_EXP usr/lib/squid/errors/ru/ERR_NO_RELAY usr/lib/squid/errors/ru/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/ru/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/ru/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/ru/ERR_READ_ERROR usr/lib/squid/errors/ru/ERR_READ_TIMEOUT usr/lib/squid/errors/ru/ERR_SECURE_CONNECT_FAIL @@ -1581,6 +1616,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sk/ERR_NO_RELAY #usr/lib/squid/errors/sk/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sk/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sk/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sk/ERR_READ_ERROR #usr/lib/squid/errors/sk/ERR_READ_TIMEOUT #usr/lib/squid/errors/sk/ERR_SECURE_CONNECT_FAIL @@ -1625,6 +1661,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sl/ERR_NO_RELAY #usr/lib/squid/errors/sl/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sl/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sl/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sl/ERR_READ_ERROR #usr/lib/squid/errors/sl/ERR_READ_TIMEOUT #usr/lib/squid/errors/sl/ERR_SECURE_CONNECT_FAIL @@ -1672,6 +1709,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sr-cyrl/ERR_NO_RELAY #usr/lib/squid/errors/sr-cyrl/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sr-cyrl/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sr-cyrl/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sr-cyrl/ERR_READ_ERROR #usr/lib/squid/errors/sr-cyrl/ERR_READ_TIMEOUT #usr/lib/squid/errors/sr-cyrl/ERR_SECURE_CONNECT_FAIL @@ -1718,6 +1756,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sr-latn/ERR_NO_RELAY #usr/lib/squid/errors/sr-latn/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sr-latn/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sr-latn/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sr-latn/ERR_READ_ERROR #usr/lib/squid/errors/sr-latn/ERR_READ_TIMEOUT #usr/lib/squid/errors/sr-latn/ERR_SECURE_CONNECT_FAIL @@ -1765,6 +1804,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sv/ERR_NO_RELAY #usr/lib/squid/errors/sv/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sv/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sv/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sv/ERR_READ_ERROR #usr/lib/squid/errors/sv/ERR_READ_TIMEOUT #usr/lib/squid/errors/sv/ERR_SECURE_CONNECT_FAIL @@ -1808,6 +1848,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/templates/ERR_NO_RELAY #usr/lib/squid/errors/templates/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/templates/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/templates/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/templates/ERR_READ_ERROR #usr/lib/squid/errors/templates/ERR_READ_TIMEOUT #usr/lib/squid/errors/templates/ERR_SECURE_CONNECT_FAIL @@ -1852,6 +1893,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/th/ERR_NO_RELAY #usr/lib/squid/errors/th/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/th/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/th/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/th/ERR_READ_ERROR #usr/lib/squid/errors/th/ERR_READ_TIMEOUT #usr/lib/squid/errors/th/ERR_SECURE_CONNECT_FAIL @@ -1896,6 +1938,7 @@ usr/lib/squid/errors/tr/ERR_LIFETIME_EXP usr/lib/squid/errors/tr/ERR_NO_RELAY usr/lib/squid/errors/tr/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/tr/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/tr/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/tr/ERR_READ_ERROR usr/lib/squid/errors/tr/ERR_READ_TIMEOUT usr/lib/squid/errors/tr/ERR_SECURE_CONNECT_FAIL @@ -1940,6 +1983,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/uk/ERR_NO_RELAY #usr/lib/squid/errors/uk/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/uk/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/uk/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/uk/ERR_READ_ERROR #usr/lib/squid/errors/uk/ERR_READ_TIMEOUT #usr/lib/squid/errors/uk/ERR_SECURE_CONNECT_FAIL @@ -1983,6 +2027,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/uz/ERR_NO_RELAY #usr/lib/squid/errors/uz/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/uz/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/uz/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/uz/ERR_READ_ERROR #usr/lib/squid/errors/uz/ERR_READ_TIMEOUT #usr/lib/squid/errors/uz/ERR_SECURE_CONNECT_FAIL @@ -2027,6 +2072,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/vi/ERR_NO_RELAY #usr/lib/squid/errors/vi/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/vi/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/vi/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/vi/ERR_READ_ERROR #usr/lib/squid/errors/vi/ERR_READ_TIMEOUT #usr/lib/squid/errors/vi/ERR_SECURE_CONNECT_FAIL @@ -2073,6 +2119,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/zh-hans/ERR_NO_RELAY #usr/lib/squid/errors/zh-hans/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/zh-hans/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/zh-hans/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/zh-hans/ERR_READ_ERROR #usr/lib/squid/errors/zh-hans/ERR_READ_TIMEOUT #usr/lib/squid/errors/zh-hans/ERR_SECURE_CONNECT_FAIL @@ -2119,6 +2166,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/zh-hant/ERR_NO_RELAY #usr/lib/squid/errors/zh-hant/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/zh-hant/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/zh-hant/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/zh-hant/ERR_READ_ERROR #usr/lib/squid/errors/zh-hant/ERR_READ_TIMEOUT #usr/lib/squid/errors/zh-hant/ERR_SECURE_CONNECT_FAIL @@ -2144,7 +2192,7 @@ usr/lib/squid/ext_sql_session_acl usr/lib/squid/ext_time_quota_acl usr/lib/squid/ext_unix_group_acl usr/lib/squid/ext_wbinfo_group_acl -usr/lib/squid/helper-mux.pl +usr/lib/squid/helper-mux usr/lib/squid/icons usr/lib/squid/icons/SN.png usr/lib/squid/icons/silk @@ -2203,18 +2251,19 @@ usr/lib/squid/log_file_daemon usr/lib/squid/mib.txt usr/lib/squid/negotiate_wrapper_auth usr/lib/squid/ntlm_fake_auth -usr/lib/squid/ntlm_smb_lm_auth +usr/lib/squid/security_fake_certverify usr/lib/squid/storeid_file_rewrite usr/lib/squid/unlinkd usr/lib/squid/url_fake_rewrite usr/lib/squid/url_fake_rewrite.sh +usr/lib/squid/url_lfs_rewrite usr/sbin/squid usr/sbin/updxlrator +#usr/share/man/man1/purge.1 #usr/share/man/man1/squidclient.1 #usr/share/man/man8/basic_db_auth.8 #usr/share/man/man8/basic_getpwnam_auth.8 #usr/share/man/man8/basic_ldap_auth.8 -#usr/share/man/man8/basic_msnt_multi_domain_auth.8 #usr/share/man/man8/basic_ncsa_auth.8 #usr/share/man/man8/basic_pam_auth.8 #usr/share/man/man8/basic_pop3_auth.8 @@ -2231,9 +2280,12 @@ usr/sbin/updxlrator #usr/share/man/man8/ext_time_quota_acl.8 #usr/share/man/man8/ext_unix_group_acl.8 #usr/share/man/man8/ext_wbinfo_group_acl.8 +#usr/share/man/man8/helper-mux.8 #usr/share/man/man8/log_db_daemon.8 +#usr/share/man/man8/security_fake_certverify.8 #usr/share/man/man8/squid.8 #usr/share/man/man8/storeid_file_rewrite.8 +#usr/share/man/man8/url_lfs_rewrite.8 #var/cache/squid var/ipfire/proxy/errorpage-ipfire.css var/ipfire/proxy/errorpage-squid.css diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 2232c6889..9a8126c15 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.8 -usr/lib/libunbound.so.8.0.1 +usr/lib/libunbound.so.8.0.3 #usr/lib/pkgconfig/libunbound.pc usr/sbin/unbound usr/sbin/unbound-anchor diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts index 7b2c1c5f4..6f9868ec3 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -102,6 +103,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -130,6 +132,7 @@ etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S11unbound etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -153,6 +156,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/x86_64/python b/config/rootfiles/common/x86_64/python index 9824e19cb..350171647 100644 --- a/config/rootfiles/common/x86_64/python +++ b/config/rootfiles/common/x86_64/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2100,9 +2100,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2752,6 +2752,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2790,6 +2793,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3040,6 +3046,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3065,6 +3074,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3098,7 +3110,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3118,6 +3129,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3663,6 +3681,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3792,9 +3813,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3963,6 +3981,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4140,6 +4161,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4373,6 +4397,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/xtables-addons b/config/rootfiles/common/xtables-addons index 9e0739528..cb958ee7e 100644 --- a/config/rootfiles/common/xtables-addons +++ b/config/rootfiles/common/xtables-addons @@ -2,7 +2,6 @@ lib/xtables/libxt_ACCOUNT.so lib/xtables/libxt_CHAOS.so lib/xtables/libxt_DELUDE.so lib/xtables/libxt_DHCPMAC.so -#lib/xtables/libxt_DNETMAP.so lib/xtables/libxt_ECHO.so lib/xtables/libxt_IPMARK.so lib/xtables/libxt_LOGMARK.so @@ -26,6 +25,7 @@ usr/lib/libxt_ACCOUNT_cl.so.0.0.0 #usr/libexec/xtables-addons usr/libexec/xtables-addons/xt_geoip_build usr/libexec/xtables-addons/xt_geoip_dl +usr/local/bin/xt_geoip_build usr/sbin/iptaccount #usr/share/man/man1/xt_geoip_build.1 #usr/share/man/man1/xt_geoip_dl.1 diff --git a/config/rootfiles/core/126/exclude b/config/rootfiles/core/127/exclude similarity index 100% rename from config/rootfiles/core/126/exclude rename to config/rootfiles/core/127/exclude diff --git a/config/rootfiles/core/127/filelists/aarch64/files b/config/rootfiles/core/127/filelists/aarch64/files new file mode 100644 index 000000000..d76f3915c --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/files @@ -0,0 +1,9 @@ +boot/boot.cmd +boot/boot.scr +etc/system-release +etc/issue +srv/web/ipfire/cgi-bin/credits.cgi +var/ipfire/langs +etc/rc.d/init.d/aws +etc/rc.d/init.d/unbound +srv/web/ipfire/cgi-bin/dnsforward.cgi diff --git a/config/rootfiles/core/127/filelists/aarch64/grub b/config/rootfiles/core/127/filelists/aarch64/grub new file mode 120000 index 000000000..40ae85fb6 --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/grub @@ -0,0 +1 @@ +../../../../common/aarch64/grub \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/aarch64/python b/config/rootfiles/core/127/filelists/aarch64/python new file mode 120000 index 000000000..b2b0103b6 --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/python @@ -0,0 +1 @@ +../../../../common/aarch64/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod b/config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod new file mode 100644 index 000000000..154a5b70f --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire/extra/compat_xtables.ko +lib/modules/KVER-ipfire/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire/extra/xt_ECHO.ko +lib/modules/KVER-ipfire/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire/extra/xt_condition.ko +lib/modules/KVER-ipfire/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire/extra/xt_geoip.ko +lib/modules/KVER-ipfire/extra/xt_iface.ko +lib/modules/KVER-ipfire/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire/extra/xt_length2.ko +lib/modules/KVER-ipfire/extra/xt_lscan.ko +lib/modules/KVER-ipfire/extra/xt_psd.ko +lib/modules/KVER-ipfire/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/armv5tel/files b/config/rootfiles/core/127/filelists/armv5tel/files new file mode 100644 index 000000000..6a00446f4 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/files @@ -0,0 +1,2 @@ +boot/boot.cmd +boot/boot.scr diff --git a/config/rootfiles/core/127/filelists/armv5tel/python b/config/rootfiles/core/127/filelists/armv5tel/python new file mode 120000 index 000000000..df0dd5c06 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/python @@ -0,0 +1 @@ +../../../../common/armv5tel/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-kirkwood b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-kirkwood new file mode 100644 index 000000000..3effb6443 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-kirkwood @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire-kirkwood/extra/compat_xtables.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_ECHO.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_condition.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_geoip.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_iface.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_length2.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_lscan.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_psd.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-multi b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-multi new file mode 100644 index 000000000..a30335d25 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-multi @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire-multi/extra/compat_xtables.ko +lib/modules/KVER-ipfire-multi/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire-multi/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire-multi/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire-multi/extra/xt_ECHO.ko +lib/modules/KVER-ipfire-multi/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire-multi/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire-multi/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire-multi/extra/xt_condition.ko +lib/modules/KVER-ipfire-multi/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire-multi/extra/xt_geoip.ko +lib/modules/KVER-ipfire-multi/extra/xt_iface.ko +lib/modules/KVER-ipfire-multi/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire-multi/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire-multi/extra/xt_length2.ko +lib/modules/KVER-ipfire-multi/extra/xt_lscan.ko +lib/modules/KVER-ipfire-multi/extra/xt_psd.ko +lib/modules/KVER-ipfire-multi/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/files b/config/rootfiles/core/127/filelists/files new file mode 100644 index 000000000..4b001af63 --- /dev/null +++ b/config/rootfiles/core/127/filelists/files @@ -0,0 +1,20 @@ +etc/system-release +etc/issue +etc/modprobe.d/framebuffer.conf +srv/web/ipfire/cgi-bin/credits.cgi +var/ipfire/langs +etc/rc.d/init.d/aws +etc/rc.d/init.d/conntrackd +etc/rc.d/init.d/unbound +etc/rc.d/rc0.d/K77conntrackd +etc/rc.d/rc3.d/S22conntrackd +etc/rc.d/rc6.d/K77conntrackd +etc/sysctl.conf +srv/web/ipfire/cgi-bin/dnsforward.cgi +srv/web/ipfire/cgi-bin/ids.cgi +srv/web/ipfire/cgi-bin/ovpnmain.cgi +srv/web/ipfire/cgi-bin/proxy.cgi +srv/web/ipfire/cgi-bin/vpnmain.cgi +usr/lib/firewall/firewall-lib.pl +var/ipfire/backup/include +var/ipfire/geoip-functions.pl diff --git a/config/rootfiles/core/127/filelists/fireinfo b/config/rootfiles/core/127/filelists/fireinfo new file mode 120000 index 000000000..c46115521 --- /dev/null +++ b/config/rootfiles/core/127/filelists/fireinfo @@ -0,0 +1 @@ +../../../common/fireinfo \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/i586/grub b/config/rootfiles/core/127/filelists/i586/grub new file mode 120000 index 000000000..feb236a22 --- /dev/null +++ b/config/rootfiles/core/127/filelists/i586/grub @@ -0,0 +1 @@ +../../../../common/i586/grub \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/i586/python b/config/rootfiles/core/127/filelists/i586/python new file mode 120000 index 000000000..a2b842b99 --- /dev/null +++ b/config/rootfiles/core/127/filelists/i586/python @@ -0,0 +1 @@ +../../../../common/i586/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/i586/xtables-addons-kmod b/config/rootfiles/core/127/filelists/i586/xtables-addons-kmod new file mode 100644 index 000000000..154a5b70f --- /dev/null +++ b/config/rootfiles/core/127/filelists/i586/xtables-addons-kmod @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire/extra/compat_xtables.ko +lib/modules/KVER-ipfire/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire/extra/xt_ECHO.ko +lib/modules/KVER-ipfire/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire/extra/xt_condition.ko +lib/modules/KVER-ipfire/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire/extra/xt_geoip.ko +lib/modules/KVER-ipfire/extra/xt_iface.ko +lib/modules/KVER-ipfire/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire/extra/xt_length2.ko +lib/modules/KVER-ipfire/extra/xt_lscan.ko +lib/modules/KVER-ipfire/extra/xt_psd.ko +lib/modules/KVER-ipfire/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/pcre b/config/rootfiles/core/127/filelists/pcre new file mode 120000 index 000000000..b390d9a36 --- /dev/null +++ b/config/rootfiles/core/127/filelists/pcre @@ -0,0 +1 @@ +../../../common/pcre \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite b/config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite new file mode 120000 index 000000000..a51cf8773 --- /dev/null +++ b/config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite @@ -0,0 +1 @@ +../../../common/perl-Net-CIDR-Lite \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/snort b/config/rootfiles/core/127/filelists/snort new file mode 120000 index 000000000..9406ce01c --- /dev/null +++ b/config/rootfiles/core/127/filelists/snort @@ -0,0 +1 @@ +../../../common/snort \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/sqlite b/config/rootfiles/core/127/filelists/sqlite new file mode 120000 index 000000000..4ea569766 --- /dev/null +++ b/config/rootfiles/core/127/filelists/sqlite @@ -0,0 +1 @@ +../../../common/sqlite \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/squid b/config/rootfiles/core/127/filelists/squid new file mode 120000 index 000000000..2dc8372a0 --- /dev/null +++ b/config/rootfiles/core/127/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/tar b/config/rootfiles/core/127/filelists/tar new file mode 120000 index 000000000..3e585d2eb --- /dev/null +++ b/config/rootfiles/core/127/filelists/tar @@ -0,0 +1 @@ +../../../common/tar \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/unbound b/config/rootfiles/core/127/filelists/unbound new file mode 120000 index 000000000..66adf0924 --- /dev/null +++ b/config/rootfiles/core/127/filelists/unbound @@ -0,0 +1 @@ +../../../common/unbound \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/wget b/config/rootfiles/core/127/filelists/wget new file mode 120000 index 000000000..fcb57dfec --- /dev/null +++ b/config/rootfiles/core/127/filelists/wget @@ -0,0 +1 @@ +../../../common/wget \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/x86_64/grub b/config/rootfiles/core/127/filelists/x86_64/grub new file mode 120000 index 000000000..78d3bd784 --- /dev/null +++ b/config/rootfiles/core/127/filelists/x86_64/grub @@ -0,0 +1 @@ +../../../../common/x86_64/grub \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/x86_64/python b/config/rootfiles/core/127/filelists/x86_64/python new file mode 120000 index 000000000..a593187de --- /dev/null +++ b/config/rootfiles/core/127/filelists/x86_64/python @@ -0,0 +1 @@ +../../../../common/x86_64/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod b/config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod new file mode 100644 index 000000000..154a5b70f --- /dev/null +++ b/config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire/extra/compat_xtables.ko +lib/modules/KVER-ipfire/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire/extra/xt_ECHO.ko +lib/modules/KVER-ipfire/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire/extra/xt_condition.ko +lib/modules/KVER-ipfire/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire/extra/xt_geoip.ko +lib/modules/KVER-ipfire/extra/xt_iface.ko +lib/modules/KVER-ipfire/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire/extra/xt_length2.ko +lib/modules/KVER-ipfire/extra/xt_lscan.ko +lib/modules/KVER-ipfire/extra/xt_psd.ko +lib/modules/KVER-ipfire/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/xtables-addons b/config/rootfiles/core/127/filelists/xtables-addons new file mode 120000 index 000000000..2e24c4298 --- /dev/null +++ b/config/rootfiles/core/127/filelists/xtables-addons @@ -0,0 +1 @@ +../../../common/xtables-addons \ No newline at end of file diff --git a/config/rootfiles/core/127/update.sh b/config/rootfiles/core/127/update.sh new file mode 100644 index 000000000..4fe045ec9 --- /dev/null +++ b/config/rootfiles/core/127/update.sh @@ -0,0 +1,73 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2018 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +core=127 + +# Remove old core updates from pakfire cache to save space... +for (( i=1; i<=$core; i++ )); do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# Stop services +/etc/init.d/squid stop + +# Remove files + +# Extract files +extract_files + +# update linker config +ldconfig + +# Update Language cache +/usr/local/bin/update-lang-cache + +# Regenerate squid configuration file +sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi + +# Start services +/etc/init.d/unbound restart +/etc/init.d/squid start + +# Reload sysctl.conf +sysctl -p + +# Re-run depmod +depmod -a + +# Finish +/etc/init.d/fireinfo start +sendprofile + +# Update grub config to display new core version +if [ -e /boot/grub/grub.cfg ]; then + grub-mkconfig -o /boot/grub/grub.cfg +fi + +sync + +# Don't report the exitcode last command +exit 0 diff --git a/config/rootfiles/oldcore/126/exclude b/config/rootfiles/oldcore/126/exclude new file mode 100644 index 000000000..b22159878 --- /dev/null +++ b/config/rootfiles/oldcore/126/exclude @@ -0,0 +1,28 @@ +boot/config.txt +boot/grub/grub.cfg +boot/grub/grubenv +etc/alternatives +etc/collectd.custom +etc/default/grub +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/shadow +etc/snort/snort.conf +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/dma +var/ipfire/time +var/ipfire/ovpn +var/lib/alternatives +var/log/cache +var/log/dhcpcd.log +var/log/messages +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/core/126/filelists/aarch64/linux b/config/rootfiles/oldcore/126/filelists/aarch64/linux similarity index 100% rename from config/rootfiles/core/126/filelists/aarch64/linux rename to config/rootfiles/oldcore/126/filelists/aarch64/linux diff --git a/config/rootfiles/core/126/filelists/aarch64/linux-initrd b/config/rootfiles/oldcore/126/filelists/aarch64/linux-initrd similarity index 100% rename from config/rootfiles/core/126/filelists/aarch64/linux-initrd rename to config/rootfiles/oldcore/126/filelists/aarch64/linux-initrd diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-initrd-kirkwood b/config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-kirkwood similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-initrd-kirkwood rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-kirkwood diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-initrd-multi b/config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-multi similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-initrd-multi rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-multi diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-kirkwood b/config/rootfiles/oldcore/126/filelists/armv5tel/linux-kirkwood similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-kirkwood rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-kirkwood diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-multi b/config/rootfiles/oldcore/126/filelists/armv5tel/linux-multi similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-multi rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-multi diff --git a/config/rootfiles/core/126/filelists/bind b/config/rootfiles/oldcore/126/filelists/bind similarity index 100% rename from config/rootfiles/core/126/filelists/bind rename to config/rootfiles/oldcore/126/filelists/bind diff --git a/config/rootfiles/core/126/filelists/files b/config/rootfiles/oldcore/126/filelists/files similarity index 100% rename from config/rootfiles/core/126/filelists/files rename to config/rootfiles/oldcore/126/filelists/files diff --git a/config/rootfiles/core/126/filelists/i586/linux b/config/rootfiles/oldcore/126/filelists/i586/linux similarity index 100% rename from config/rootfiles/core/126/filelists/i586/linux rename to config/rootfiles/oldcore/126/filelists/i586/linux diff --git a/config/rootfiles/core/126/filelists/i586/linux-initrd b/config/rootfiles/oldcore/126/filelists/i586/linux-initrd similarity index 100% rename from config/rootfiles/core/126/filelists/i586/linux-initrd rename to config/rootfiles/oldcore/126/filelists/i586/linux-initrd diff --git a/config/rootfiles/core/126/filelists/libconfig b/config/rootfiles/oldcore/126/filelists/libconfig similarity index 100% rename from config/rootfiles/core/126/filelists/libconfig rename to config/rootfiles/oldcore/126/filelists/libconfig diff --git a/config/rootfiles/core/126/filelists/openssl b/config/rootfiles/oldcore/126/filelists/openssl similarity index 100% rename from config/rootfiles/core/126/filelists/openssl rename to config/rootfiles/oldcore/126/filelists/openssl diff --git a/config/rootfiles/core/126/filelists/openssl-compat b/config/rootfiles/oldcore/126/filelists/openssl-compat similarity index 100% rename from config/rootfiles/core/126/filelists/openssl-compat rename to config/rootfiles/oldcore/126/filelists/openssl-compat diff --git a/config/rootfiles/core/126/filelists/x86_64/linux b/config/rootfiles/oldcore/126/filelists/x86_64/linux similarity index 100% rename from config/rootfiles/core/126/filelists/x86_64/linux rename to config/rootfiles/oldcore/126/filelists/x86_64/linux diff --git a/config/rootfiles/core/126/filelists/x86_64/linux-initrd b/config/rootfiles/oldcore/126/filelists/x86_64/linux-initrd similarity index 100% rename from config/rootfiles/core/126/filelists/x86_64/linux-initrd rename to config/rootfiles/oldcore/126/filelists/x86_64/linux-initrd diff --git a/config/rootfiles/core/126/update.sh b/config/rootfiles/oldcore/126/update.sh similarity index 100% rename from config/rootfiles/core/126/update.sh rename to config/rootfiles/oldcore/126/update.sh diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/clamav index 2be31d5db..e95d4dc6e 100644 --- a/config/rootfiles/packages/clamav +++ b/config/rootfiles/packages/clamav @@ -8,26 +8,25 @@ usr/bin/clamscan usr/bin/clamsubmit usr/bin/freshclam usr/bin/sigtool +#usr/include/clamav-types.h #usr/include/clamav.h #usr/lib/libclamav.la usr/lib/libclamav.so -usr/lib/libclamav.so.7 -usr/lib/libclamav.so.7.1.1 -#usr/lib/libclammspack.a +usr/lib/libclamav.so.9 +usr/lib/libclamav.so.9.0.1 #usr/lib/libclammspack.la usr/lib/libclammspack.so usr/lib/libclammspack.so.0 usr/lib/libclammspack.so.0.1.0 #usr/lib/libclamunrar.la usr/lib/libclamunrar.so -usr/lib/libclamunrar.so.7 -usr/lib/libclamunrar.so.7.1.1 +usr/lib/libclamunrar.so.9 +usr/lib/libclamunrar.so.9.0.1 #usr/lib/libclamunrar_iface.la usr/lib/libclamunrar_iface.so -usr/lib/libclamunrar_iface.so.7 -usr/lib/libclamunrar_iface.so.7.1.1 +usr/lib/libclamunrar_iface.so.9 +usr/lib/libclamunrar_iface.so.9.0.1 #usr/lib/pkgconfig/libclamav.pc -#usr/lib/pkgconfig/libclammspack.pc usr/sbin/clamd #usr/share/man/man1/clambc.1 #usr/share/man/man1/clamconf.1 diff --git a/config/rootfiles/packages/libvirt b/config/rootfiles/packages/libvirt index 30b9d1329..633febf05 100644 --- a/config/rootfiles/packages/libvirt +++ b/config/rootfiles/packages/libvirt @@ -62,19 +62,19 @@ usr/bin/virt-xml-validate #usr/lib/libvirt-admin.la #usr/lib/libvirt-admin.so usr/lib/libvirt-admin.so.0 -usr/lib/libvirt-admin.so.0.4006.0 +usr/lib/libvirt-admin.so.0.4010.0 #usr/lib/libvirt-lxc.la #usr/lib/libvirt-lxc.so usr/lib/libvirt-lxc.so.0 -usr/lib/libvirt-lxc.so.0.4006.0 +usr/lib/libvirt-lxc.so.0.4010.0 #usr/lib/libvirt-qemu.la #usr/lib/libvirt-qemu.so usr/lib/libvirt-qemu.so.0 -usr/lib/libvirt-qemu.so.0.4006.0 +usr/lib/libvirt-qemu.so.0.4010.0 #usr/lib/libvirt.la #usr/lib/libvirt.so usr/lib/libvirt.so.0 -usr/lib/libvirt.so.0.4006.0 +usr/lib/libvirt.so.0.4010.0 #usr/lib/libvirt/connection-driver #usr/lib/libvirt/connection-driver/libvirt_driver_interface.la usr/lib/libvirt/connection-driver/libvirt_driver_interface.so @@ -120,171 +120,171 @@ usr/sbin/virtlogd #usr/share/augeas/lenses/tests/test_virtlogd.aug #usr/share/augeas/lenses/virtlockd.aug #usr/share/augeas/lenses/virtlogd.aug -#usr/share/doc/libvirt-4.6.0 -#usr/share/doc/libvirt-4.6.0/html -#usr/share/doc/libvirt-4.6.0/html/32favicon.png -#usr/share/doc/libvirt-4.6.0/html/404.html -#usr/share/doc/libvirt-4.6.0/html/acl.html -#usr/share/doc/libvirt-4.6.0/html/aclpolkit.html -#usr/share/doc/libvirt-4.6.0/html/api.html -#usr/share/doc/libvirt-4.6.0/html/api_extension.html -#usr/share/doc/libvirt-4.6.0/html/apps.html -#usr/share/doc/libvirt-4.6.0/html/architecture.gif -#usr/share/doc/libvirt-4.6.0/html/architecture.html -#usr/share/doc/libvirt-4.6.0/html/auditlog.html -#usr/share/doc/libvirt-4.6.0/html/auth.html -#usr/share/doc/libvirt-4.6.0/html/bindings.html -#usr/share/doc/libvirt-4.6.0/html/bugs.html -#usr/share/doc/libvirt-4.6.0/html/cgroups.html -#usr/share/doc/libvirt-4.6.0/html/compiling.html -#usr/share/doc/libvirt-4.6.0/html/contact.html -#usr/share/doc/libvirt-4.6.0/html/contribute.html -#usr/share/doc/libvirt-4.6.0/html/csharp.html -#usr/share/doc/libvirt-4.6.0/html/dbus.html -#usr/share/doc/libvirt-4.6.0/html/devguide.html -#usr/share/doc/libvirt-4.6.0/html/docs.html -#usr/share/doc/libvirt-4.6.0/html/downloads.html -#usr/share/doc/libvirt-4.6.0/html/drivers.html -#usr/share/doc/libvirt-4.6.0/html/drvbhyve.html -#usr/share/doc/libvirt-4.6.0/html/drvesx.html -#usr/share/doc/libvirt-4.6.0/html/drvhyperv.html -#usr/share/doc/libvirt-4.6.0/html/drvlxc.html -#usr/share/doc/libvirt-4.6.0/html/drvnodedev.html -#usr/share/doc/libvirt-4.6.0/html/drvopenvz.html -#usr/share/doc/libvirt-4.6.0/html/drvphyp.html -#usr/share/doc/libvirt-4.6.0/html/drvqemu.html -#usr/share/doc/libvirt-4.6.0/html/drvremote.html -#usr/share/doc/libvirt-4.6.0/html/drvtest.html -#usr/share/doc/libvirt-4.6.0/html/drvuml.html -#usr/share/doc/libvirt-4.6.0/html/drvvbox.html -#usr/share/doc/libvirt-4.6.0/html/drvvirtuozzo.html -#usr/share/doc/libvirt-4.6.0/html/drvvmware.html -#usr/share/doc/libvirt-4.6.0/html/drvxen.html -#usr/share/doc/libvirt-4.6.0/html/errors.html -#usr/share/doc/libvirt-4.6.0/html/firewall.html -#usr/share/doc/libvirt-4.6.0/html/fonts -#usr/share/doc/libvirt-4.6.0/html/fonts/LICENSE.md -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-bold-italic.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-bold.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-italic.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-light-italic.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-light.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-bold.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-light.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-regular.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-semibold.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-regular.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/stylesheet.css -#usr/share/doc/libvirt-4.6.0/html/format.html -#usr/share/doc/libvirt-4.6.0/html/formatcaps.html -#usr/share/doc/libvirt-4.6.0/html/formatdomain.html -#usr/share/doc/libvirt-4.6.0/html/formatdomaincaps.html -#usr/share/doc/libvirt-4.6.0/html/formatnetwork.html -#usr/share/doc/libvirt-4.6.0/html/formatnode.html -#usr/share/doc/libvirt-4.6.0/html/formatnwfilter.html -#usr/share/doc/libvirt-4.6.0/html/formatsecret.html -#usr/share/doc/libvirt-4.6.0/html/formatsnapshot.html -#usr/share/doc/libvirt-4.6.0/html/formatstorage.html -#usr/share/doc/libvirt-4.6.0/html/formatstorageencryption.html -#usr/share/doc/libvirt-4.6.0/html/generic.css -#usr/share/doc/libvirt-4.6.0/html/goals.html -#usr/share/doc/libvirt-4.6.0/html/governance.html -#usr/share/doc/libvirt-4.6.0/html/hacking.html -#usr/share/doc/libvirt-4.6.0/html/hooks.html -#usr/share/doc/libvirt-4.6.0/html/html -#usr/share/doc/libvirt-4.6.0/html/html/home.png -#usr/share/doc/libvirt-4.6.0/html/html/index.html -#usr/share/doc/libvirt-4.6.0/html/html/left.png -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-common.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-domain-snapshot.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-domain.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-event.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-host.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-interface.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-network.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-nodedev.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-nwfilter.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-secret.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-storage.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-stream.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-virterror.html -#usr/share/doc/libvirt-4.6.0/html/html/right.png -#usr/share/doc/libvirt-4.6.0/html/html/up.png -#usr/share/doc/libvirt-4.6.0/html/hvsupport.html -#usr/share/doc/libvirt-4.6.0/html/index.html -#usr/share/doc/libvirt-4.6.0/html/internals -#usr/share/doc/libvirt-4.6.0/html/internals.html -#usr/share/doc/libvirt-4.6.0/html/internals/command.html -#usr/share/doc/libvirt-4.6.0/html/internals/eventloop.html -#usr/share/doc/libvirt-4.6.0/html/internals/locking.html -#usr/share/doc/libvirt-4.6.0/html/internals/oomtesting.html -#usr/share/doc/libvirt-4.6.0/html/internals/rpc.html -#usr/share/doc/libvirt-4.6.0/html/java.html -#usr/share/doc/libvirt-4.6.0/html/libvirt-daemon-arch.png -#usr/share/doc/libvirt-4.6.0/html/libvirt-driver-arch.png -#usr/share/doc/libvirt-4.6.0/html/libvirt-object-model.png -#usr/share/doc/libvirt-4.6.0/html/libvirt.css -#usr/share/doc/libvirt-4.6.0/html/locking-lockd.html -#usr/share/doc/libvirt-4.6.0/html/locking-sanlock.html -#usr/share/doc/libvirt-4.6.0/html/locking.html -#usr/share/doc/libvirt-4.6.0/html/logging.html -#usr/share/doc/libvirt-4.6.0/html/logos -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-dark-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-dark-800.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-dark.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-light-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-light-800.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-light.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-base.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-128.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-192.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-96.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-128.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-192.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-96.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square.svg -#usr/share/doc/libvirt-4.6.0/html/main.css -#usr/share/doc/libvirt-4.6.0/html/migration-managed-direct.png -#usr/share/doc/libvirt-4.6.0/html/migration-managed-p2p.png -#usr/share/doc/libvirt-4.6.0/html/migration-native.png -#usr/share/doc/libvirt-4.6.0/html/migration-tunnel.png -#usr/share/doc/libvirt-4.6.0/html/migration-unmanaged-direct.png -#usr/share/doc/libvirt-4.6.0/html/migration.html -#usr/share/doc/libvirt-4.6.0/html/mobile.css -#usr/share/doc/libvirt-4.6.0/html/news-2005.html -#usr/share/doc/libvirt-4.6.0/html/news-2006.html -#usr/share/doc/libvirt-4.6.0/html/news-2007.html -#usr/share/doc/libvirt-4.6.0/html/news-2008.html -#usr/share/doc/libvirt-4.6.0/html/news-2009.html -#usr/share/doc/libvirt-4.6.0/html/news-2010.html -#usr/share/doc/libvirt-4.6.0/html/news-2011.html -#usr/share/doc/libvirt-4.6.0/html/news-2012.html -#usr/share/doc/libvirt-4.6.0/html/news-2013.html -#usr/share/doc/libvirt-4.6.0/html/news-2014.html -#usr/share/doc/libvirt-4.6.0/html/news-2015.html -#usr/share/doc/libvirt-4.6.0/html/news-2016.html -#usr/share/doc/libvirt-4.6.0/html/news.html -#usr/share/doc/libvirt-4.6.0/html/node.gif -#usr/share/doc/libvirt-4.6.0/html/nss.html -#usr/share/doc/libvirt-4.6.0/html/pci-hotplug.html -#usr/share/doc/libvirt-4.6.0/html/php.html -#usr/share/doc/libvirt-4.6.0/html/platforms.html -#usr/share/doc/libvirt-4.6.0/html/python.html -#usr/share/doc/libvirt-4.6.0/html/remote.html -#usr/share/doc/libvirt-4.6.0/html/secureusage.html -#usr/share/doc/libvirt-4.6.0/html/securityprocess.html -#usr/share/doc/libvirt-4.6.0/html/storage.html -#usr/share/doc/libvirt-4.6.0/html/support.html -#usr/share/doc/libvirt-4.6.0/html/testapi.html -#usr/share/doc/libvirt-4.6.0/html/testsuites.html -#usr/share/doc/libvirt-4.6.0/html/testtck.html -#usr/share/doc/libvirt-4.6.0/html/todo.html -#usr/share/doc/libvirt-4.6.0/html/uri.html -#usr/share/doc/libvirt-4.6.0/html/virshcmdref.html -#usr/share/doc/libvirt-4.6.0/html/windows.html +#usr/share/doc/libvirt-4.10.0 +#usr/share/doc/libvirt-4.10.0/html +#usr/share/doc/libvirt-4.10.0/html/32favicon.png +#usr/share/doc/libvirt-4.10.0/html/404.html +#usr/share/doc/libvirt-4.10.0/html/acl.html +#usr/share/doc/libvirt-4.10.0/html/aclpolkit.html +#usr/share/doc/libvirt-4.10.0/html/api.html +#usr/share/doc/libvirt-4.10.0/html/api_extension.html +#usr/share/doc/libvirt-4.10.0/html/apps.html +#usr/share/doc/libvirt-4.10.0/html/architecture.gif +#usr/share/doc/libvirt-4.10.0/html/architecture.html +#usr/share/doc/libvirt-4.10.0/html/auditlog.html +#usr/share/doc/libvirt-4.10.0/html/auth.html +#usr/share/doc/libvirt-4.10.0/html/bindings.html +#usr/share/doc/libvirt-4.10.0/html/bugs.html +#usr/share/doc/libvirt-4.10.0/html/cgroups.html +#usr/share/doc/libvirt-4.10.0/html/compiling.html +#usr/share/doc/libvirt-4.10.0/html/contact.html +#usr/share/doc/libvirt-4.10.0/html/contribute.html +#usr/share/doc/libvirt-4.10.0/html/csharp.html +#usr/share/doc/libvirt-4.10.0/html/dbus.html +#usr/share/doc/libvirt-4.10.0/html/devguide.html +#usr/share/doc/libvirt-4.10.0/html/docs.html +#usr/share/doc/libvirt-4.10.0/html/downloads.html +#usr/share/doc/libvirt-4.10.0/html/drivers.html +#usr/share/doc/libvirt-4.10.0/html/drvbhyve.html +#usr/share/doc/libvirt-4.10.0/html/drvesx.html +#usr/share/doc/libvirt-4.10.0/html/drvhyperv.html +#usr/share/doc/libvirt-4.10.0/html/drvlxc.html +#usr/share/doc/libvirt-4.10.0/html/drvnodedev.html +#usr/share/doc/libvirt-4.10.0/html/drvopenvz.html +#usr/share/doc/libvirt-4.10.0/html/drvphyp.html +#usr/share/doc/libvirt-4.10.0/html/drvqemu.html +#usr/share/doc/libvirt-4.10.0/html/drvremote.html +#usr/share/doc/libvirt-4.10.0/html/drvtest.html +#usr/share/doc/libvirt-4.10.0/html/drvuml.html +#usr/share/doc/libvirt-4.10.0/html/drvvbox.html +#usr/share/doc/libvirt-4.10.0/html/drvvirtuozzo.html +#usr/share/doc/libvirt-4.10.0/html/drvvmware.html +#usr/share/doc/libvirt-4.10.0/html/drvxen.html +#usr/share/doc/libvirt-4.10.0/html/errors.html +#usr/share/doc/libvirt-4.10.0/html/firewall.html +#usr/share/doc/libvirt-4.10.0/html/fonts +#usr/share/doc/libvirt-4.10.0/html/fonts/LICENSE.md +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-bold-italic.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-bold.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-italic.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-light-italic.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-light.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-bold.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-light.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-regular.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-semibold.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-regular.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/stylesheet.css +#usr/share/doc/libvirt-4.10.0/html/format.html +#usr/share/doc/libvirt-4.10.0/html/formatcaps.html +#usr/share/doc/libvirt-4.10.0/html/formatdomain.html +#usr/share/doc/libvirt-4.10.0/html/formatdomaincaps.html +#usr/share/doc/libvirt-4.10.0/html/formatnetwork.html +#usr/share/doc/libvirt-4.10.0/html/formatnode.html +#usr/share/doc/libvirt-4.10.0/html/formatnwfilter.html +#usr/share/doc/libvirt-4.10.0/html/formatsecret.html +#usr/share/doc/libvirt-4.10.0/html/formatsnapshot.html +#usr/share/doc/libvirt-4.10.0/html/formatstorage.html +#usr/share/doc/libvirt-4.10.0/html/formatstorageencryption.html +#usr/share/doc/libvirt-4.10.0/html/generic.css +#usr/share/doc/libvirt-4.10.0/html/goals.html +#usr/share/doc/libvirt-4.10.0/html/governance.html +#usr/share/doc/libvirt-4.10.0/html/hacking.html +#usr/share/doc/libvirt-4.10.0/html/hooks.html +#usr/share/doc/libvirt-4.10.0/html/html +#usr/share/doc/libvirt-4.10.0/html/html/home.png +#usr/share/doc/libvirt-4.10.0/html/html/index.html +#usr/share/doc/libvirt-4.10.0/html/html/left.png +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-common.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-domain-snapshot.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-domain.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-event.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-host.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-interface.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-network.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-nodedev.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-nwfilter.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-secret.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-storage.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-stream.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-virterror.html +#usr/share/doc/libvirt-4.10.0/html/html/right.png +#usr/share/doc/libvirt-4.10.0/html/html/up.png +#usr/share/doc/libvirt-4.10.0/html/hvsupport.html +#usr/share/doc/libvirt-4.10.0/html/index.html +#usr/share/doc/libvirt-4.10.0/html/internals +#usr/share/doc/libvirt-4.10.0/html/internals.html +#usr/share/doc/libvirt-4.10.0/html/internals/command.html +#usr/share/doc/libvirt-4.10.0/html/internals/eventloop.html +#usr/share/doc/libvirt-4.10.0/html/internals/locking.html +#usr/share/doc/libvirt-4.10.0/html/internals/oomtesting.html +#usr/share/doc/libvirt-4.10.0/html/internals/rpc.html +#usr/share/doc/libvirt-4.10.0/html/java.html +#usr/share/doc/libvirt-4.10.0/html/libvirt-daemon-arch.png +#usr/share/doc/libvirt-4.10.0/html/libvirt-driver-arch.png +#usr/share/doc/libvirt-4.10.0/html/libvirt-object-model.png +#usr/share/doc/libvirt-4.10.0/html/libvirt.css +#usr/share/doc/libvirt-4.10.0/html/locking-lockd.html +#usr/share/doc/libvirt-4.10.0/html/locking-sanlock.html +#usr/share/doc/libvirt-4.10.0/html/locking.html +#usr/share/doc/libvirt-4.10.0/html/logging.html +#usr/share/doc/libvirt-4.10.0/html/logos +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-dark-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-dark-800.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-dark.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-light-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-light-800.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-light.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-base.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-128.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-192.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-96.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-128.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-192.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-96.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square.svg +#usr/share/doc/libvirt-4.10.0/html/main.css +#usr/share/doc/libvirt-4.10.0/html/migration-managed-direct.png +#usr/share/doc/libvirt-4.10.0/html/migration-managed-p2p.png +#usr/share/doc/libvirt-4.10.0/html/migration-native.png +#usr/share/doc/libvirt-4.10.0/html/migration-tunnel.png +#usr/share/doc/libvirt-4.10.0/html/migration-unmanaged-direct.png +#usr/share/doc/libvirt-4.10.0/html/migration.html +#usr/share/doc/libvirt-4.10.0/html/mobile.css +#usr/share/doc/libvirt-4.10.0/html/news-2005.html +#usr/share/doc/libvirt-4.10.0/html/news-2006.html +#usr/share/doc/libvirt-4.10.0/html/news-2007.html +#usr/share/doc/libvirt-4.10.0/html/news-2008.html +#usr/share/doc/libvirt-4.10.0/html/news-2009.html +#usr/share/doc/libvirt-4.10.0/html/news-2010.html +#usr/share/doc/libvirt-4.10.0/html/news-2011.html +#usr/share/doc/libvirt-4.10.0/html/news-2012.html +#usr/share/doc/libvirt-4.10.0/html/news-2013.html +#usr/share/doc/libvirt-4.10.0/html/news-2014.html +#usr/share/doc/libvirt-4.10.0/html/news-2015.html +#usr/share/doc/libvirt-4.10.0/html/news-2016.html +#usr/share/doc/libvirt-4.10.0/html/news.html +#usr/share/doc/libvirt-4.10.0/html/node.gif +#usr/share/doc/libvirt-4.10.0/html/nss.html +#usr/share/doc/libvirt-4.10.0/html/pci-hotplug.html +#usr/share/doc/libvirt-4.10.0/html/php.html +#usr/share/doc/libvirt-4.10.0/html/platforms.html +#usr/share/doc/libvirt-4.10.0/html/python.html +#usr/share/doc/libvirt-4.10.0/html/remote.html +#usr/share/doc/libvirt-4.10.0/html/secureusage.html +#usr/share/doc/libvirt-4.10.0/html/securityprocess.html +#usr/share/doc/libvirt-4.10.0/html/storage.html +#usr/share/doc/libvirt-4.10.0/html/support.html +#usr/share/doc/libvirt-4.10.0/html/testapi.html +#usr/share/doc/libvirt-4.10.0/html/testsuites.html +#usr/share/doc/libvirt-4.10.0/html/testtck.html +#usr/share/doc/libvirt-4.10.0/html/todo.html +#usr/share/doc/libvirt-4.10.0/html/uri.html +#usr/share/doc/libvirt-4.10.0/html/virshcmdref.html +#usr/share/doc/libvirt-4.10.0/html/windows.html #usr/share/gtk-doc/html/libvirt #usr/share/gtk-doc/html/libvirt/general.html #usr/share/gtk-doc/html/libvirt/home.png @@ -301,7 +301,64 @@ usr/share/libvirt/api/libvirt-admin-api.xml usr/share/libvirt/api/libvirt-api.xml usr/share/libvirt/api/libvirt-lxc-api.xml usr/share/libvirt/api/libvirt-qemu-api.xml -usr/share/libvirt/cpu_map.xml +#usr/share/libvirt/cpu_map +usr/share/libvirt/cpu_map/index.xml +usr/share/libvirt/cpu_map/ppc64_POWER6.xml +usr/share/libvirt/cpu_map/ppc64_POWER7.xml +usr/share/libvirt/cpu_map/ppc64_POWER8.xml +usr/share/libvirt/cpu_map/ppc64_POWER9.xml +usr/share/libvirt/cpu_map/ppc64_POWERPC_e5500.xml +usr/share/libvirt/cpu_map/ppc64_POWERPC_e6500.xml +usr/share/libvirt/cpu_map/ppc64_vendors.xml +usr/share/libvirt/cpu_map/x86_486.xml +usr/share/libvirt/cpu_map/x86_Broadwell-IBRS.xml +usr/share/libvirt/cpu_map/x86_Broadwell-noTSX-IBRS.xml +usr/share/libvirt/cpu_map/x86_Broadwell-noTSX.xml +usr/share/libvirt/cpu_map/x86_Broadwell.xml +usr/share/libvirt/cpu_map/x86_Conroe.xml +usr/share/libvirt/cpu_map/x86_EPYC-IBRS.xml +usr/share/libvirt/cpu_map/x86_EPYC.xml +usr/share/libvirt/cpu_map/x86_Haswell-IBRS.xml +usr/share/libvirt/cpu_map/x86_Haswell-noTSX-IBRS.xml +usr/share/libvirt/cpu_map/x86_Haswell-noTSX.xml +usr/share/libvirt/cpu_map/x86_Haswell.xml +usr/share/libvirt/cpu_map/x86_Icelake-Client.xml +usr/share/libvirt/cpu_map/x86_Icelake-Server.xml +usr/share/libvirt/cpu_map/x86_IvyBridge-IBRS.xml +usr/share/libvirt/cpu_map/x86_IvyBridge.xml +usr/share/libvirt/cpu_map/x86_Nehalem-IBRS.xml +usr/share/libvirt/cpu_map/x86_Nehalem.xml +usr/share/libvirt/cpu_map/x86_Opteron_G1.xml +usr/share/libvirt/cpu_map/x86_Opteron_G2.xml +usr/share/libvirt/cpu_map/x86_Opteron_G3.xml +usr/share/libvirt/cpu_map/x86_Opteron_G4.xml +usr/share/libvirt/cpu_map/x86_Opteron_G5.xml +usr/share/libvirt/cpu_map/x86_Penryn.xml +usr/share/libvirt/cpu_map/x86_SandyBridge-IBRS.xml +usr/share/libvirt/cpu_map/x86_SandyBridge.xml +usr/share/libvirt/cpu_map/x86_Skylake-Client-IBRS.xml +usr/share/libvirt/cpu_map/x86_Skylake-Client.xml +usr/share/libvirt/cpu_map/x86_Skylake-Server-IBRS.xml +usr/share/libvirt/cpu_map/x86_Skylake-Server.xml +usr/share/libvirt/cpu_map/x86_Westmere-IBRS.xml +usr/share/libvirt/cpu_map/x86_Westmere.xml +usr/share/libvirt/cpu_map/x86_athlon.xml +usr/share/libvirt/cpu_map/x86_core2duo.xml +usr/share/libvirt/cpu_map/x86_coreduo.xml +usr/share/libvirt/cpu_map/x86_cpu64-rhel5.xml +usr/share/libvirt/cpu_map/x86_cpu64-rhel6.xml +usr/share/libvirt/cpu_map/x86_features.xml +usr/share/libvirt/cpu_map/x86_kvm32.xml +usr/share/libvirt/cpu_map/x86_kvm64.xml +usr/share/libvirt/cpu_map/x86_n270.xml +usr/share/libvirt/cpu_map/x86_pentium.xml +usr/share/libvirt/cpu_map/x86_pentium2.xml +usr/share/libvirt/cpu_map/x86_pentium3.xml +usr/share/libvirt/cpu_map/x86_pentiumpro.xml +usr/share/libvirt/cpu_map/x86_phenom.xml +usr/share/libvirt/cpu_map/x86_qemu32.xml +usr/share/libvirt/cpu_map/x86_qemu64.xml +usr/share/libvirt/cpu_map/x86_vendors.xml #usr/share/libvirt/schemas usr/share/libvirt/schemas/basictypes.rng usr/share/libvirt/schemas/capability.rng diff --git a/config/rootfiles/packages/mc b/config/rootfiles/packages/mc index 4733af6fa..06c536ed4 100644 --- a/config/rootfiles/packages/mc +++ b/config/rootfiles/packages/mc @@ -179,6 +179,7 @@ usr/share/mc/syntax/m4.syntax usr/share/mc/syntax/mail.syntax usr/share/mc/syntax/makefile.syntax usr/share/mc/syntax/markdown.syntax +usr/share/mc/syntax/meson.syntax usr/share/mc/syntax/ml.syntax usr/share/mc/syntax/named.syntax usr/share/mc/syntax/nemerle.syntax @@ -198,6 +199,7 @@ usr/share/mc/syntax/puppet.syntax usr/share/mc/syntax/python.syntax usr/share/mc/syntax/r.syntax usr/share/mc/syntax/ruby.syntax +usr/share/mc/syntax/rust.syntax usr/share/mc/syntax/sh.syntax usr/share/mc/syntax/slang.syntax usr/share/mc/syntax/smalltalk.syntax diff --git a/config/u-boot/boot.cmd b/config/u-boot/boot.cmd index 5184e6f87..2ba403824 100644 --- a/config/u-boot/boot.cmd +++ b/config/u-boot/boot.cmd @@ -39,7 +39,7 @@ if test "${SERIAL-CONSOLE}" = "ON"; then if test ${console} = ""; then if test "${board}" = "rpi"; then if test ${cpu} = "armv8"; then - if test "${fdtfile}" = "boradcom/bcm2837-rpi-3-b-plus.dtb"; then + if test "${fdtfile}" = "broadcom/bcm2837-rpi-3-b-plus.dtb"; then setenv console ttyS1,115200n8; else if test "${fdtfile}" = "broadcom/bcm2837-rpi-3-b.dtb"; then diff --git a/config/u-boot/boot.scr b/config/u-boot/boot.scr index d9395c0ae..2c81cef76 100644 Binary files a/config/u-boot/boot.scr and b/config/u-boot/boot.scr differ diff --git a/doc/language_issues.de b/doc/language_issues.de index e2048d7d1..c5dad0168 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -45,9 +45,24 @@ WARNING: translation string unused: addon WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,13 +71,27 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -703,7 +732,6 @@ WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: addons = Addons WARNING: untranslated string: bytes = unknown string -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: community rules = Snort/VRT GPLv2 Community Rules WARNING: untranslated string: dead peer detection = Dead Peer Detection WARNING: untranslated string: emerging rules = Emergingthreats.net Community Rules diff --git a/doc/language_issues.en b/doc/language_issues.en index 228b685f8..3e16e2180 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -121,13 +121,11 @@ WARNING: untranslated string: advproxy AUTH method ident = identd WARNING: untranslated string: advproxy AUTH method ldap = LDAP WARNING: untranslated string: advproxy AUTH method ncsa = Local WARNING: untranslated string: advproxy AUTH method none = None -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy AUTH method radius = RADIUS WARNING: untranslated string: advproxy AUTH no auth = Domains without authentication (one per line) WARNING: untranslated string: advproxy AUTH number of auth processes = Number of authentication processes WARNING: untranslated string: advproxy AUTH realm = Authentication realm prompt -WARNING: untranslated string: advproxy AUTH user IP cache TTL = User/IP cache TTL (in minutes) WARNING: untranslated string: advproxy IDENT authorized users = Authorized users (one per line) WARNING: untranslated string: advproxy IDENT aware hosts = Ident aware hosts (one per line) WARNING: untranslated string: advproxy IDENT identd settings = Common identd settings @@ -169,17 +167,6 @@ WARNING: untranslated string: advproxy NCSA update user = Update user WARNING: untranslated string: advproxy NCSA user accounts = User accounts WARNING: untranslated string: advproxy NCSA user management = User management WARNING: untranslated string: advproxy NCSA username = Username -WARNING: untranslated string: advproxy NTLM BDC hostname = BDC hostname -WARNING: untranslated string: advproxy NTLM PDC hostname = PDC hostname -WARNING: untranslated string: advproxy NTLM auth mode = Authentication mode -WARNING: untranslated string: advproxy NTLM authorized users = Authorized domain users (one per line) -WARNING: untranslated string: advproxy NTLM domain = Domain -WARNING: untranslated string: advproxy NTLM domain settings = Common domain settings -WARNING: untranslated string: advproxy NTLM unauthorized users = Unauthorized domain users (one per line) -WARNING: untranslated string: advproxy NTLM use integrated auth = Enable Windows integrated authentication -WARNING: untranslated string: advproxy NTLM use negative access list = Use negative access control -WARNING: untranslated string: advproxy NTLM use positive access list = Use positive access control -WARNING: untranslated string: advproxy NTLM user based access restrictions = User based access restrictions WARNING: untranslated string: advproxy RADIUS authorized users = Authorized users (one per line) WARNING: untranslated string: advproxy RADIUS identifier = Identifier WARNING: untranslated string: advproxy RADIUS port = Port @@ -190,13 +177,11 @@ WARNING: untranslated string: advproxy RADIUS unauthorized users = Unauthorized WARNING: untranslated string: advproxy RADIUS use negative access list = Use negative access control WARNING: untranslated string: advproxy RADIUS use positive access list = Use positive access control WARNING: untranslated string: advproxy RADIUS user based access restrictions = User based access restrictions -WARNING: untranslated string: advproxy UA enable filter = Enable browser check WARNING: untranslated string: advproxy access = Access WARNING: untranslated string: advproxy admin mail = Cache administrator e-mail WARNING: untranslated string: advproxy advanced web proxy = Advanced Web Proxy WARNING: untranslated string: advproxy advanced web proxy configuration = Advanced web proxy configuration WARNING: untranslated string: advproxy allowed subnets = Allowed subnets (one per line) -WARNING: untranslated string: advproxy allowed web browsers = Allowed clients for web access WARNING: untranslated string: advproxy back to main page = Back to main page WARNING: untranslated string: advproxy banned ip clients = Banned IP addresses (one per line) WARNING: untranslated string: advproxy banned mac clients = Banned MAC addresses (one per line) @@ -208,7 +193,6 @@ WARNING: untranslated string: advproxy classroom extensions = Classroom extensio WARNING: untranslated string: advproxy clear cache = Clear Cache WARNING: untranslated string: advproxy client IP forwarding = Client IP address forwarding WARNING: untranslated string: advproxy common settings = Common settings -WARNING: untranslated string: advproxy content based throttling = Enable content based throttling WARNING: untranslated string: advproxy cre disabled = The management interface has been disabled by the administrator WARNING: untranslated string: advproxy cre group definitions = Classroom group definitions WARNING: untranslated string: advproxy cre supervisors = Supervisor IP addresses (one per line) @@ -220,15 +204,12 @@ WARNING: untranslated string: advproxy errmsg acl cannot be empty = Access contr WARNING: untranslated string: advproxy errmsg auth cache ttl = Invalid value for authentication cache TTL WARNING: untranslated string: advproxy errmsg auth children = Invalid number of authentication processes WARNING: untranslated string: advproxy errmsg auth ipcache may not be null = Authentication cache TTL may not be 0 when using IP address limits -WARNING: untranslated string: advproxy errmsg auth ipcache ttl = Invalid value for user/IP cache TTL WARNING: untranslated string: advproxy errmsg cache = The RAM cache size is greater than the harddisk cache size: WARNING: untranslated string: advproxy errmsg hdd cache size = Invalid value for harddisk cache size (min 10 MB required) WARNING: untranslated string: advproxy errmsg ident timeout = Invalid ident timeout -WARNING: untranslated string: advproxy errmsg invalid bdc = Invalid hostname for backup domain controller WARNING: untranslated string: advproxy errmsg invalid destination port = Invalid destination port WARNING: untranslated string: advproxy errmsg invalid ip or mask = Invalid IP address or network mask WARNING: untranslated string: advproxy errmsg invalid mac = Invalid MAC address -WARNING: untranslated string: advproxy errmsg invalid pdc = Invalid hostname for primary domain controller WARNING: untranslated string: advproxy errmsg invalid proxy port = Invalid proxy port WARNING: untranslated string: advproxy errmsg invalid upstream proxy = Invalid upstream proxy IP/hostname WARNING: untranslated string: advproxy errmsg invalid upstream proxy username or password setting = Invalid upstream proxy username or password setting @@ -238,11 +219,8 @@ WARNING: untranslated string: advproxy errmsg ldap port = Invalid LDAP port numb WARNING: untranslated string: advproxy errmsg ldap server = Invalid IP address/hostname for LDAP Server WARNING: untranslated string: advproxy errmsg max userip = Invalid number of IP addresses per user WARNING: untranslated string: advproxy errmsg mem cache size = Invalid value for memory cache size -WARNING: untranslated string: advproxy errmsg no browser = At least one browser or client must be selected for web access WARNING: untranslated string: advproxy errmsg no username = Username can not be empty WARNING: untranslated string: advproxy errmsg non-transparent proxy required = Web proxy must be running in non-transparent mode for authentication -WARNING: untranslated string: advproxy errmsg ntlm domain = Windows domain name required -WARNING: untranslated string: advproxy errmsg ntlm pdc = Hostname for primary domain controller required WARNING: untranslated string: advproxy errmsg password length = Invalid value for password length WARNING: untranslated string: advproxy errmsg password length 1 = Password must have at least WARNING: untranslated string: advproxy errmsg password length 2 = characters @@ -261,7 +239,6 @@ WARNING: untranslated string: advproxy from = From WARNING: untranslated string: advproxy group access control = Group based access control WARNING: untranslated string: advproxy group required = Required group WARNING: untranslated string: advproxy hdd cache size = Harddisk cache size (MB) -WARNING: untranslated string: advproxy invalid num of children = Invalid number of filter processes WARNING: untranslated string: advproxy log enabled = Log enabled WARNING: untranslated string: advproxy log query = Log query terms WARNING: untranslated string: advproxy log settings = Log settings @@ -276,7 +253,6 @@ WARNING: untranslated string: advproxy mode deny = deny WARNING: untranslated string: advproxy monday = Mon WARNING: untranslated string: advproxy network based access = Network based access control WARNING: untranslated string: advproxy no cache sites = Do not cache these domains (one per line) -WARNING: untranslated string: advproxy no clients defined = No clients defined WARNING: untranslated string: advproxy no connection auth = No connection oriented authentication forwarding WARNING: untranslated string: advproxy no cre groups = There are no access groups available WARNING: untranslated string: advproxy no internal proxy on blue = Disable internal proxy access from BLUE to other subnets @@ -289,7 +265,6 @@ WARNING: untranslated string: advproxy privacy = Privacy WARNING: untranslated string: advproxy proxy port = Proxy port WARNING: untranslated string: advproxy proxy port transparent = Transparent port WARNING: untranslated string: advproxy ram cache size = Memory cache size (MB) -WARNING: untranslated string: advproxy redirector children = Number of filter processes WARNING: untranslated string: advproxy reset = Reset WARNING: untranslated string: advproxy saturday = Sat WARNING: untranslated string: advproxy save and restart = Save and Restart @@ -301,9 +276,6 @@ WARNING: untranslated string: advproxy standard ports = Allowed standard ports ( WARNING: untranslated string: advproxy sunday = Sun WARNING: untranslated string: advproxy supervisor password = Supervisor password WARNING: untranslated string: advproxy suppress version = Suppress version information -WARNING: untranslated string: advproxy throttle binary = Binary files -WARNING: untranslated string: advproxy throttle dskimg = CD images -WARNING: untranslated string: advproxy throttle mmedia = Multimedia WARNING: untranslated string: advproxy throttling per host on = Limit per host on WARNING: untranslated string: advproxy throttling total on = Overall limit on WARNING: untranslated string: advproxy throttling unlimited = unlimited @@ -325,7 +297,6 @@ WARNING: untranslated string: advproxy url filter = URL filter WARNING: untranslated string: advproxy username forwarding = Username forwarding WARNING: untranslated string: advproxy via forwarding = Proxy address forwarding WARNING: untranslated string: advproxy visible hostname = Visible hostname -WARNING: untranslated string: advproxy web browser = Web browser WARNING: untranslated string: advproxy wednesday = Wed WARNING: untranslated string: age second = second WARNING: untranslated string: aktiv = Active @@ -433,7 +404,6 @@ WARNING: untranslated string: capsclosed = DISCONNECTED WARNING: untranslated string: capsopen = CONNECTED WARNING: untranslated string: capswarning = WARNING WARNING: untranslated string: caption = Caption -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: ccd add = Add network WARNING: untranslated string: ccd choose net = Choose network WARNING: untranslated string: ccd client options = Advanced client options @@ -650,7 +620,7 @@ WARNING: untranslated string: dnsforward add a new entry = Add a new entry WARNING: untranslated string: dnsforward configuration = DNS forward configuration WARNING: untranslated string: dnsforward edit an entry = Edit an existing entry WARNING: untranslated string: dnsforward entries = Current entries -WARNING: untranslated string: dnsforward forward_server = Nameserver +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnsforward zone = Zone WARNING: untranslated string: dnssec aware = DNSSEC Aware WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled @@ -1120,6 +1090,7 @@ WARNING: untranslated string: invalid input for remote host/ip = Invalid input f WARNING: untranslated string: invalid input for state or province = Invalid input for state or province. WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). WARNING: untranslated string: invalid ip = Invalid IP Address +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid keep time = Keep time must be a valid number WARNING: untranslated string: invalid key = Invalid key. WARNING: untranslated string: invalid local-remote id = local & remote id must not be equal and begin with a "@" sign. These are leftid and rightid in strongswan terminology. @@ -1638,7 +1609,7 @@ WARNING: untranslated string: ssh login time = Logged in since WARNING: untranslated string: ssh no active logins = No active logins WARNING: untranslated string: ssh no auth = You have not allowed any authentication methods; this will stop you logging in WARNING: untranslated string: ssh passwords = Allow password based authentication -WARNING: untranslated string: ssh port = SSH port set to 222 (default is 22) +WARNING: untranslated string: ssh port = Set SSH port to default 22 (222 is used otherwise) WARNING: untranslated string: ssh portfw = Allow TCP forwarding WARNING: untranslated string: ssh tempstart15 = Stop SSH demon in 15 minutes WARNING: untranslated string: ssh tempstart30 = Stop SSH demon in 30 minutes diff --git a/doc/language_issues.es b/doc/language_issues.es index 01315971b..236248d55 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -22,9 +22,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -33,14 +47,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -670,7 +698,6 @@ WARNING: untranslated string: Set time on boot = Force setting the system clock WARNING: untranslated string: addons = Addons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation @@ -688,7 +715,6 @@ WARNING: untranslated string: bit = bit WARNING: untranslated string: block = Block WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: capabilities = Capabilities -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: ccd add = Add network WARNING: untranslated string: ccd choose net = Choose network WARNING: untranslated string: ccd client options = Advanced client options @@ -755,7 +781,7 @@ WARNING: untranslated string: dnsforward add a new entry = Add a new entry WARNING: untranslated string: dnsforward configuration = DNS forward configuration WARNING: untranslated string: dnsforward edit an entry = Edit an existing entry WARNING: untranslated string: dnsforward entries = Current entries -WARNING: untranslated string: dnsforward forward_server = Nameserver +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnsforward zone = Zone WARNING: untranslated string: dnssec aware = DNSSEC Aware WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled @@ -1028,6 +1054,7 @@ WARNING: untranslated string: invalid input for dpd delay = Invalid input for DP WARNING: untranslated string: invalid input for dpd timeout = Invalid input for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec network = IPsec network diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 3fd7f35c4..e2f20eb5c 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -45,9 +45,24 @@ WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,14 +71,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -195,6 +224,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -507,7 +537,6 @@ WARNING: translation string unused: ovpn mtu-disc with mssfix or fragment WARNING: translation string unused: ovpn mtu-disc yes WARNING: translation string unused: ovpn reneg sec WARNING: translation string unused: ovpn_fastio -WARNING: translation string unused: ovpn_fragment WARNING: translation string unused: ovpn_mssfix WARNING: translation string unused: ovpn_mtudisc WARNING: translation string unused: ovpn_processprio @@ -741,7 +770,7 @@ WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Captive clients = unknown string WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: bytes = unknown string -WARNING: untranslated string: captive = unknown string +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: fwhost cust geoipgrp = unknown string WARNING: untranslated string: fwhost err hostip = unknown string WARNING: untranslated string: guardian block a host = unknown string @@ -781,13 +810,11 @@ WARNING: untranslated string: guardian service = unknown string WARNING: untranslated string: guardian watch snort alertfile = unknown string WARNING: untranslated string: ike lifetime should be between 1 and 8 hours = unknown string WARNING: untranslated string: info messages = unknown string +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: no data = unknown string -WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> WARNING: untranslated string: pakfire ago = ago. WARNING: untranslated string: route config changed = unknown string WARNING: untranslated string: routing config added = unknown string WARNING: untranslated string: routing config changed = unknown string WARNING: untranslated string: routing table = unknown string WARNING: untranslated string: vpn statistics n2n = unknown string -WARNING: untranslated string: wlanap neighbor scan = Neighborhood scan -WARNING: untranslated string: wlanap neighbor scan warning = Warning! Disabling may violate regulatory rules! diff --git a/doc/language_issues.it b/doc/language_issues.it index 1a1b283c0..5500eedc9 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -23,9 +23,24 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +49,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -173,6 +202,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -756,7 +786,6 @@ WARNING: untranslated string: advproxy group required = Required group WARNING: untranslated string: application layer gateways = Application Layer Gateways WARNING: untranslated string: block = Block WARNING: untranslated string: bytes = unknown string -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: check all = Check all WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning @@ -766,6 +795,7 @@ WARNING: untranslated string: dhcp dns update = DNS Update WARNING: untranslated string: dhcp dns update algo = Algorithm: WARNING: untranslated string: dhcp dns update secret = Secret: WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip) +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled WARNING: untranslated string: eight hours = 8 Hours WARNING: untranslated string: email config = Configuration @@ -856,6 +886,7 @@ WARNING: untranslated string: incoming overhead in bytes per second = Incoming O WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: log server protocol = protocol: WARNING: untranslated string: masquerade blue = Masquerade BLUE diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 0de2a0f17..64778ffd7 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -23,9 +23,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +48,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -172,6 +200,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -745,7 +774,6 @@ WARNING: untranslated string: Number of Countries for the pie chart = Number of WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy group access control = Group based access control @@ -755,7 +783,6 @@ WARNING: untranslated string: atm device = Device: WARNING: untranslated string: block = Block WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: capabilities = Capabilities -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: check all = Check all WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning @@ -772,6 +799,7 @@ WARNING: untranslated string: dhcp dns update algo = Algorithm: WARNING: untranslated string: dhcp dns update secret = Secret: WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip) WARNING: untranslated string: dns servers = DNS Servers +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnssec aware = DNSSEC Aware WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled WARNING: untranslated string: dnssec information = DNSSEC Information @@ -872,6 +900,7 @@ WARNING: untranslated string: incoming overhead in bytes per second = Incoming O WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: log server protocol = protocol: WARNING: untranslated string: masquerade blue = Masquerade BLUE diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 01315971b..236248d55 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -22,9 +22,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -33,14 +47,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -670,7 +698,6 @@ WARNING: untranslated string: Set time on boot = Force setting the system clock WARNING: untranslated string: addons = Addons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation @@ -688,7 +715,6 @@ WARNING: untranslated string: bit = bit WARNING: untranslated string: block = Block WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: capabilities = Capabilities -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: ccd add = Add network WARNING: untranslated string: ccd choose net = Choose network WARNING: untranslated string: ccd client options = Advanced client options @@ -755,7 +781,7 @@ WARNING: untranslated string: dnsforward add a new entry = Add a new entry WARNING: untranslated string: dnsforward configuration = DNS forward configuration WARNING: untranslated string: dnsforward edit an entry = Edit an existing entry WARNING: untranslated string: dnsforward entries = Current entries -WARNING: untranslated string: dnsforward forward_server = Nameserver +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnsforward zone = Zone WARNING: untranslated string: dnssec aware = DNSSEC Aware WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled @@ -1028,6 +1054,7 @@ WARNING: untranslated string: invalid input for dpd delay = Invalid input for DP WARNING: untranslated string: invalid input for dpd timeout = Invalid input for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec network = IPsec network diff --git a/doc/language_issues.ru b/doc/language_issues.ru index ca75c0b29..810b16f50 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -23,9 +23,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +48,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -672,7 +700,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: addons = Addons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username -WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation @@ -690,7 +717,6 @@ WARNING: untranslated string: bit = bit WARNING: untranslated string: block = Block WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: capabilities = Capabilities -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: ccd add = Add network WARNING: untranslated string: ccd choose net = Choose network WARNING: untranslated string: ccd client options = Advanced client options @@ -759,7 +785,7 @@ WARNING: untranslated string: dnsforward add a new entry = Add a new entry WARNING: untranslated string: dnsforward configuration = DNS forward configuration WARNING: untranslated string: dnsforward edit an entry = Edit an existing entry WARNING: untranslated string: dnsforward entries = Current entries -WARNING: untranslated string: dnsforward forward_server = Nameserver +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: dnsforward zone = Zone WARNING: untranslated string: dnssec aware = DNSSEC Aware WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled @@ -1030,6 +1056,7 @@ WARNING: untranslated string: invalid input for dpd delay = Invalid input for DP WARNING: untranslated string: invalid input for dpd timeout = Invalid input for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days = Invalid input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: invalid logserver protocol = Invalid syslogd server protocol WARNING: untranslated string: ipsec = IPsec WARNING: untranslated string: ipsec network = IPsec network diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 6a79d65a4..140658346 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -45,9 +45,24 @@ WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrictions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,14 +71,28 @@ WARNING: translation string unused: advproxy chgwebpwd new password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -195,6 +224,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -740,9 +770,9 @@ WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Captive clients = unknown string WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: bytes = unknown string -WARNING: untranslated string: captive = unknown string WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning +WARNING: untranslated string: dnsforward forward_servers = Nameservers WARNING: untranslated string: fwdfw all subnets = All subnets WARNING: untranslated string: fwhost cust geoipgrp = unknown string WARNING: untranslated string: fwhost err hostip = unknown string @@ -783,6 +813,7 @@ WARNING: untranslated string: guardian service = unknown string WARNING: untranslated string: guardian watch snort alertfile = unknown string WARNING: untranslated string: ike lifetime should be between 1 and 8 hours = unknown string WARNING: untranslated string: info messages = unknown string +WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname WARNING: untranslated string: no data = unknown string WARNING: untranslated string: ovpn error dh = The Diffie-Hellman parameter needs to be in minimum 2048 bit! <br>Please generate or upload a new Diffie-Hellman parameter, this can be made below in the section "Diffie-Hellman parameters options".</br> WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> diff --git a/doc/language_missings b/doc/language_missings index 56219c5fc..938a9551e 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -210,7 +210,7 @@ < dnsforward configuration < dnsforward edit an entry < dnsforward entries -< dnsforward forward_server +< dnsforward forward_servers < dnsforward zone < dnssec aware < dnssec disabled warning @@ -494,6 +494,7 @@ < invalid input for dpd timeout < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < ipsec < ipsec network @@ -781,9 +782,8 @@ ############################################################################ # Checking cgi-bin translations for language: fr # ############################################################################ -< ovpn warning rfc3280 -< wlanap neighbor scan -< wlanap neighbor scan warning +< dnsforward forward_servers +< invalid ip or hostname ############################################################################ # Checking cgi-bin translations for language: it # ############################################################################ @@ -860,6 +860,7 @@ < dhcp dns update algo < dhcp dns update secret < dl client arch insecure +< dnsforward forward_servers < dnssec disabled warning < eight hours < email config @@ -919,6 +920,7 @@ < incoming overhead in bytes per second < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < log server protocol < masquerade blue @@ -1082,6 +1084,7 @@ < dh name is invalid < dh parameter < dl client arch insecure +< dnsforward forward_servers < dnssec aware < dnssec disabled warning < dnssec information @@ -1153,6 +1156,7 @@ < incoming overhead in bytes per second < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < log server protocol < masquerade blue @@ -1423,7 +1427,7 @@ < dnsforward configuration < dnsforward edit an entry < dnsforward entries -< dnsforward forward_server +< dnsforward forward_servers < dnsforward zone < dnssec aware < dnssec disabled warning @@ -1709,6 +1713,7 @@ < invalid input for dpd timeout < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < ipsec < ipsec network @@ -2137,7 +2142,7 @@ < dnsforward configuration < dnsforward edit an entry < dnsforward entries -< dnsforward forward_server +< dnsforward forward_servers < dnsforward zone < dnssec aware < dnssec disabled warning @@ -2427,6 +2432,7 @@ < invalid input for dpd timeout < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < ipsec < ipsec network @@ -2700,7 +2706,9 @@ ############################################################################ < crypto error < crypto warning +< dnsforward forward_servers < fwdfw all subnets +< invalid ip or hostname < ovpn error dh < ovpn error md5 < ovpn warning rfc3280 diff --git a/html/cgi-bin/dnsforward.cgi b/html/cgi-bin/dnsforward.cgi index ee63c6dd7..0439817b9 100644 --- a/html/cgi-bin/dnsforward.cgi +++ b/html/cgi-bin/dnsforward.cgi @@ -50,7 +50,7 @@ my %mainsettings = (); $cgiparams{'ENABLED'} = 'off'; $cgiparams{'ACTION'} = ''; $cgiparams{'ZONE'} = ''; -$cgiparams{'FORWARD_SERVER'} = ''; +$cgiparams{'FORWARD_SERVERS'} = ''; $cgiparams{'REMARK'} =''; &Header::getcgihash(%cgiparams); open(FILE, $filename) or die 'Unable to open config file.'; @@ -67,14 +67,21 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) $errormessage = $Lang::tr{'invalid domain name'}; }
- # Check if the settings for the forward server are valid. - unless(&General::validip($cgiparams{'FORWARD_SERVER'})) { - $errormessage = $Lang::tr{'invalid ip'}; + my @forward_servers = split(/,/, $cgiparams{'FORWARD_SERVERS'}); + foreach my $forward_server (@forward_servers) { + # Check if the settings for the forward server are valid. + unless(&General::validip($forward_server) || &General::validfqdn($forward_server)) { + $errormessage = "$Lang::tr{'invalid ip or hostname'}: $forward_server"; + last; + } }
# Go further if there was no error. if ( ! $errormessage) { + # Save servers separated by | + $cgiparams{'FORWARD_SERVERS'} = join("|", @forward_servers); + # Check if a remark has been entered. $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
@@ -82,7 +89,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) if($cgiparams{'EDITING'} eq 'no') { open(FILE,">>$filename") or die 'Unable to open config file.'; flock FILE, 2; - print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVER'},$cgiparams{'REMARK'}\n"; + print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVERS'},$cgiparams{'REMARK'}\n"; } else { open(FILE, ">$filename") or die 'Unable to open config file.'; flock FILE, 2; @@ -91,7 +98,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) { $id++; if ($cgiparams{'EDITING'} eq $id) { - print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVER'},$cgiparams{'REMARK'}\n"; + print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVERS'},$cgiparams{'REMARK'}\n"; } else { print FILE "$line"; } } } @@ -167,7 +174,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) my @temp = split(/,/,$line); $cgiparams{'ENABLED'} = $temp[0]; $cgiparams{'ZONE'} = $temp[1]; - $cgiparams{'FORWARD_SERVER'} = $temp[2]; + $cgiparams{'FORWARD_SERVERS'} = join(",", split(/|/, $temp[2])); $cgiparams{'REMARK'} = $temp[3]; } } @@ -213,8 +220,8 @@ print <<END </tr>
<tr> - <td width='20%' class='base'>$Lang::tr{'dnsforward forward_server'}: <img src='/blob.gif' alt='*' /></td> - <td><input type='text' name='FORWARD_SERVER' value='$cgiparams{'FORWARD_SERVER'}' size='24' /></td> + <td width='20%' class='base'>$Lang::tr{'dnsforward forward_servers'}: <img src='/blob.gif' alt='*' /></td> + <td><input type='text' name='FORWARD_SERVERS' value='$cgiparams{'FORWARD_SERVERS'}' size='24' /></td> </tr> </table>
@@ -255,7 +262,7 @@ print <<END <table width='100%' class='tbl'> <tr> <th width='35%' class='boldbase' align='center'><b>$Lang::tr{'dnsforward zone'}</b></th> - <th width='30%' class='boldbase' align='center'><b>$Lang::tr{'dnsforward forward_server'}</b></th> + <th width='30%' class='boldbase' align='center'><b>$Lang::tr{'dnsforward forward_servers'}</b></th> <th width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th> <th width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></th> </tr> @@ -284,7 +291,10 @@ foreach my $line (@current) my $gif = ''; my $gdesc = ''; my $toggle = ''; - + + # Format lists of servers + my $servers = join(", ", split(/|/, $temp[2])); + if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) { print "<tr>"; $col="bgcolor='${Header::colouryellow}'"; } @@ -303,7 +313,7 @@ foreach my $line (@current) # print <<END <td align='center' $col>$temp[1]</td> - <td align='center' $col>$temp[2]</td> + <td align='center' $col>$servers</td> <td align='center' $col>$temp[3]</td> <td align='center' $col> <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'> diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index eddfc387c..5a3f4c314 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -259,9 +259,9 @@ if ($snortsettings{'OINKCODE'} ne "") {
if (!$errormessage) { if ($snortsettings{'RULES'} eq 'subscripted') { - $url=" https://www.snort.org/rules/snortrules-snapshot-29111.tar.gz?oinkcode=$snort..."; + $url=" https://www.snort.org/rules/snortrules-snapshot-29120.tar.gz?oinkcode=$snort..."; } elsif ($snortsettings{'RULES'} eq 'registered') { - $url=" https://www.snort.org/rules/snortrules-snapshot-29111.tar.gz?oinkcode=$snort..."; + $url=" https://www.snort.org/rules/snortrules-snapshot-29120.tar.gz?oinkcode=$snort..."; } elsif ($snortsettings{'RULES'} eq 'community') { $url=" https://www.snort.org/rules/community"; } else { diff --git a/html/cgi-bin/logs.cgi/log.dat b/html/cgi-bin/logs.cgi/log.dat index f241365a1..153ffb5f0 100644 --- a/html/cgi-bin/logs.cgi/log.dat +++ b/html/cgi-bin/logs.cgi/log.dat @@ -78,7 +78,7 @@ my %sections = ( my %trsections = ( 'auth' => "$Lang::tr{'loginlogout'}", 'wio' => 'Who Is Online?', - 'captive' => $Lang::tr{'captive'}, + 'captive' => $Lang::tr{'Captive'}, 'clamav' => 'ClamAV', 'collectd' => 'Collectd', 'cron' => 'Cron', diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 976300fc7..4fb234995 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -174,7 +174,12 @@ sub cleanssldatabase print FILE ""; close FILE; } + if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt.attr")) { + print FILE ""; + close FILE; + } unlink ("${General::swroot}/ovpn/certs/index.txt.old"); + unlink ("${General::swroot}/ovpn/certs/index.txt.attr.old"); unlink ("${General::swroot}/ovpn/certs/serial.old"); unlink ("${General::swroot}/ovpn/certs/01.pem"); } @@ -189,7 +194,11 @@ sub newcleanssldatabase if (! -s ">${General::swroot}/ovpn/certs/index.txt") { system ("touch ${General::swroot}/ovpn/certs/index.txt"); } + if (! -s ">${General::swroot}/ovpn/certs/index.txt.attr") { + system ("touch ${General::swroot}/ovpn/certs/index.txt.attr"); + } unlink ("${General::swroot}/ovpn/certs/index.txt.old"); + unlink ("${General::swroot}/ovpn/certs/index.txt.attr.old"); unlink ("${General::swroot}/ovpn/certs/serial.old"); }
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 738425b9a..0bf72fed2 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -56,17 +56,11 @@ my %mainsettings=(); my %checked=(); my %selected=();
-my @throttle_limits=(64,128,256,384,512,768,1024,1280,1536,1792,2048,2560,3072,3584,4096,5120,6144,7168,8192,10240,12288,16384,20480); -my $throttle_binary="7z|arj|bin|bz2|cab|exe|gz|lzh|rar|sea|tar|tgz|xz|zip"; -my $throttle_dskimg="b5t|bin|bwt|ccd|cdi|cue|gho|img|iso|mds|nrg|pqi|vmdk"; -my $throttle_mmedia="aiff?|asf|avi|divx|mov|mp3|mpe?g|ogg|qt|ra?m|ts|vob"; +my @throttle_limits=(64,128,256,512,1024,1536,2048,3072,4096,5120,6144,7168,8192,10240,16384,20480,51200,102400);
my $def_ports_safe="80 # http\n21 # ftp\n443 # https\n563 # snews\n70 # gopher\n210 # wais\n1025-65535 # unregistered ports\n280 # http-mgmt\n488 # gss-http\n591 # filemaker\n777 # multiling http\n800 # Squids port (for icons)\n"; my $def_ports_ssl="443 # https\n563 # snews\n";
-my @useragent=(); -my @useragentlist=(); - my $hintcolour='#FFFFCC'; my $ncsa_buttontext=''; my $language=''; @@ -89,7 +83,6 @@ my $errormessage='';
my $acldir = "${General::swroot}/proxy/advanced/acls"; my $ncsadir = "${General::swroot}/proxy/advanced/ncsa"; -my $ntlmdir = "${General::swroot}/proxy/advanced/ntlm"; my $raddir = "${General::swroot}/proxy/advanced/radius"; my $identdir = "${General::swroot}/proxy/advanced/ident"; my $credir = "${General::swroot}/proxy/advanced/cre"; @@ -99,7 +92,6 @@ my $stdgrp = "$ncsadir/standard.grp"; my $extgrp = "$ncsadir/extended.grp"; my $disgrp = "$ncsadir/disabled.grp";
-my $browserdb = "${General::swroot}/proxy/advanced/useragents"; my $mimetypes = "${General::swroot}/proxy/advanced/mimetypes"; my $throttled_urls = "${General::swroot}/proxy/advanced/throttle";
@@ -137,7 +129,6 @@ my $urlfilterversion = 'n/a';
unless (-d "$acldir") { mkdir("$acldir"); } unless (-d "$ncsadir") { mkdir("$ncsadir"); } -unless (-d "$ntlmdir") { mkdir("$ntlmdir"); } unless (-d "$raddir") { mkdir("$raddir"); } unless (-d "$identdir") { mkdir("$identdir"); } unless (-d "$credir") { mkdir("$credir"); } @@ -170,15 +161,10 @@ unless (-e $acl_ports_safe) { system("touch $acl_ports_safe"); } unless (-e $acl_ports_ssl) { system("touch $acl_ports_ssl"); } unless (-e $acl_include) { system("touch $acl_include"); }
-unless (-e $browserdb) { system("touch $browserdb"); } unless (-e $mimetypes) { system("touch $mimetypes"); }
my $HAVE_NTLM_AUTH = (-e "/usr/bin/ntlm_auth");
-open FILE, $browserdb; -@useragentlist = sort { reverse(substr(reverse(substr($a,index($a,',')+1)),index(reverse(substr($a,index($a,','))),',')+1)) cmp reverse(substr(reverse(substr($b,index($b,',')+1)),index(reverse(substr($b,index($b,','))),',')+1))} grep !/(^$)|(^\s*#)/,<FILE>; -close(FILE); - &General::readhash("${General::swroot}/ethernet/settings", %netsettings); &General::readhash("${General::swroot}/main/settings", %mainsettings);
@@ -217,8 +203,8 @@ $proxysettings{'CACHEMGR'} = 'off'; $proxysettings{'LOGQUERY'} = 'off'; $proxysettings{'LOGUSERAGENT'} = 'off'; $proxysettings{'FILEDESCRIPTORS'} = '16384'; -$proxysettings{'CACHE_MEM'} = '2'; -$proxysettings{'CACHE_SIZE'} = '50'; +$proxysettings{'CACHE_MEM'} = '128'; +$proxysettings{'CACHE_SIZE'} = '0'; $proxysettings{'MAX_SIZE'} = '4096'; $proxysettings{'MIN_SIZE'} = '0'; $proxysettings{'MEM_POLICY'} = 'LRU'; @@ -241,18 +227,13 @@ $proxysettings{'THROTTLING_GREEN_TOTAL'} = 'unlimited'; $proxysettings{'THROTTLING_GREEN_HOST'} = 'unlimited'; $proxysettings{'THROTTLING_BLUE_TOTAL'} = 'unlimited'; $proxysettings{'THROTTLING_BLUE_HOST'} = 'unlimited'; -$proxysettings{'THROTTLE_BINARY'} = 'off'; -$proxysettings{'THROTTLE_DSKIMG'} = 'off'; -$proxysettings{'THROTTLE_MMEDIA'} = 'off'; $proxysettings{'ENABLE_MIME_FILTER'} = 'off'; -$proxysettings{'ENABLE_BROWSER_CHECK'} = 'off'; $proxysettings{'FAKE_USERAGENT'} = ''; $proxysettings{'FAKE_REFERER'} = ''; $proxysettings{'AUTH_METHOD'} = 'none'; $proxysettings{'AUTH_REALM'} = ''; $proxysettings{'AUTH_MAX_USERIP'} = ''; $proxysettings{'AUTH_CACHE_TTL'} = '60'; -$proxysettings{'AUTH_IPCACHE_TTL'} = '0'; $proxysettings{'AUTH_CHILDREN'} = '5'; $proxysettings{'NCSA_MIN_PASS_LEN'} = '6'; $proxysettings{'NCSA_BYPASS_REDIR'} = 'off'; @@ -287,7 +268,6 @@ $proxysettings{'IDENT_USER_ACL'} = 'positive'; $proxysettings{'ENABLE_FILTER'} = 'off'; $proxysettings{'ENABLE_UPDXLRATOR'} = 'off'; $proxysettings{'ENABLE_CLAMAV'} = 'off'; -$proxysettings{'CHILDREN'} = '10';
$ncsa_buttontext = $Lang::tr{'advproxy NCSA create user'};
@@ -436,27 +416,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} { $errormessage = $Lang::tr{'invalid maximum incoming size'}; goto ERROR; - } - if (!($proxysettings{'CHILDREN'} =~ /^\d+$/) || ($proxysettings{'CHILDREN'} < 1)) - { - $errormessage = $Lang::tr{'advproxy invalid num of children'}; - goto ERROR; - } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') - { - $browser_regexp = ''; - foreach (@useragentlist) - { - chomp; - @useragent = split(/,/); - if ($proxysettings{'UA_'.$useragent[0]} eq 'on') { $browser_regexp .= "$useragent[2]|"; } - } - chop($browser_regexp); - if (!$browser_regexp) - { - $errormessage = $Lang::tr{'advproxy errmsg no browser'}; - goto ERROR; - } } if (!($proxysettings{'AUTH_METHOD'} eq 'none')) { @@ -480,23 +439,18 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} } } } - if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && - ((!($proxysettings{'AUTH_MAX_USERIP'} =~ /^\d+/)) || ($proxysettings{'AUTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255))) - { - $errormessage = $Lang::tr{'advproxy errmsg max userip'}; - goto ERROR; - } if (!($proxysettings{'AUTH_CACHE_TTL'} =~ /^\d+/)) { $errormessage = $Lang::tr{'advproxy errmsg auth cache ttl'}; goto ERROR; } - if (!($proxysettings{'AUTH_IPCACHE_TTL'} =~ /^\d+/)) + if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && + ((!($proxysettings{'AUTH_MAX_USERIP'} =~ /^\d+/)) || ($proxysettings{'AUTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255))) { - $errormessage = $Lang::tr{'advproxy errmsg auth ipcache ttl'}; + $errormessage = $Lang::tr{'advproxy errmsg max userip'}; goto ERROR; } - if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && ($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) + if (!($proxysettings{'AUTH_MAX_USERIP'} eq '')) { $errormessage = $Lang::tr{'advproxy errmsg auth ipcache may not be null'}; goto ERROR; @@ -552,33 +506,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} } } } - if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') - { - if ($proxysettings{'NTLM_DOMAIN'} eq '') - { - $errormessage = $Lang::tr{'advproxy errmsg ntlm domain'}; - goto ERROR; - } - if ($proxysettings{'NTLM_PDC'} eq '') - { - $errormessage = $Lang::tr{'advproxy errmsg ntlm pdc'}; - goto ERROR; - } - if (!&General::validhostname($proxysettings{'NTLM_PDC'})) - { - $errormessage = $Lang::tr{'advproxy errmsg invalid pdc'}; - goto ERROR; - } - if ((!($proxysettings{'NTLM_BDC'} eq '')) && (!&General::validhostname($proxysettings{'NTLM_BDC'}))) - { - $errormessage = $Lang::tr{'advproxy errmsg invalid bdc'}; - goto ERROR; - } - - $proxysettings{'NTLM_DOMAIN'} = lc($proxysettings{'NTLM_DOMAIN'}); - $proxysettings{'NTLM_PDC'} = lc($proxysettings{'NTLM_PDC'}); - $proxysettings{'NTLM_BDC'} = lc($proxysettings{'NTLM_BDC'}); - } if ($proxysettings{'AUTH_METHOD'} eq 'radius') { if (!&General::validip($proxysettings{'RADIUS_SERVER'})) @@ -834,36 +761,14 @@ $selected{'THROTTLING_GREEN_HOST'}{$proxysettings{'THROTTLING_GREEN_HOST'}} = "s $selected{'THROTTLING_BLUE_TOTAL'}{$proxysettings{'THROTTLING_BLUE_TOTAL'}} = "selected='selected'"; $selected{'THROTTLING_BLUE_HOST'}{$proxysettings{'THROTTLING_BLUE_HOST'}} = "selected='selected'";
-$checked{'THROTTLE_BINARY'}{'off'} = ''; -$checked{'THROTTLE_BINARY'}{'on'} = ''; -$checked{'THROTTLE_BINARY'}{$proxysettings{'THROTTLE_BINARY'}} = "checked='checked'"; -$checked{'THROTTLE_DSKIMG'}{'off'} = ''; -$checked{'THROTTLE_DSKIMG'}{'on'} = ''; -$checked{'THROTTLE_DSKIMG'}{$proxysettings{'THROTTLE_DSKIMG'}} = "checked='checked'"; -$checked{'THROTTLE_MMEDIA'}{'off'} = ''; -$checked{'THROTTLE_MMEDIA'}{'on'} = ''; -$checked{'THROTTLE_MMEDIA'}{$proxysettings{'THROTTLE_MMEDIA'}} = "checked='checked'"; - $checked{'ENABLE_MIME_FILTER'}{'off'} = ''; $checked{'ENABLE_MIME_FILTER'}{'on'} = ''; $checked{'ENABLE_MIME_FILTER'}{$proxysettings{'ENABLE_MIME_FILTER'}} = "checked='checked'";
-$checked{'ENABLE_BROWSER_CHECK'}{'off'} = ''; -$checked{'ENABLE_BROWSER_CHECK'}{'on'} = ''; -$checked{'ENABLE_BROWSER_CHECK'}{$proxysettings{'ENABLE_BROWSER_CHECK'}} = "checked='checked'"; - -foreach (@useragentlist) { - @useragent = split(/,/); - $checked{'UA_'.$useragent[0]}{'off'} = ''; - $checked{'UA_'.$useragent[0]}{'on'} = ''; - $checked{'UA_'.$useragent[0]}{$proxysettings{'UA_'.$useragent[0]}} = "checked='checked'"; -} - $checked{'AUTH_METHOD'}{'none'} = ''; $checked{'AUTH_METHOD'}{'ncsa'} = ''; $checked{'AUTH_METHOD'}{'ident'} = ''; $checked{'AUTH_METHOD'}{'ldap'} = ''; -$checked{'AUTH_METHOD'}{'ntlm'} = ''; $checked{'AUTH_METHOD'}{'ntlm-auth'} = ''; $checked{'AUTH_METHOD'}{'radius'} = ''; $checked{'AUTH_METHOD'}{$proxysettings{'AUTH_METHOD'}} = "checked='checked'"; @@ -1034,12 +939,8 @@ print <<END </table> <hr size='1'> <table width='100%'> -<tr><td class='base' colspan='4'><b>$Lang::tr{'advproxy redirector children'}</b></td></tr> -<tr><td class='base' >$Lang::tr{'processes'}: <img src='/blob.gif' alt='*' /><input type='text' name='CHILDREN' value='$proxysettings{'CHILDREN'}' size='5' /></td> END ; -my $count = `ip n| wc -l`; -if ( $count < 1 ){$count = 1;} if ( -e "/usr/bin/squidclamav" ) { print "<td class='base'><b>".$Lang::tr{'advproxy squidclamav'}."</b><br />"; if ( ! -e "/var/run/clamav/clamd.pid" ){ @@ -1048,18 +949,16 @@ if ( -e "/usr/bin/squidclamav" ) { } else { print $Lang::tr{'advproxy enabled'}."<input type='checkbox' name='ENABLE_CLAMAV' ".$checked{'ENABLE_CLAMAV'}{'on'}." /><br />"; - print "+ ".int(( $count**(1/3)) * 8);} +} print "</td>"; } else { print "<td></td>"; } print "<td class='base'><a href='/cgi-bin/urlfilter.cgi'><b>".$Lang::tr{'advproxy url filter'}."</a></b><br />"; print $Lang::tr{'advproxy enabled'}."<input type='checkbox' name='ENABLE_FILTER' ".$checked{'ENABLE_FILTER'}{'on'}." /><br />"; -print "+ ".int(($count**(1/3)) * 6); print "</td>"; print "<td class='base'><a href='/cgi-bin/updatexlrator.cgi'><b>".$Lang::tr{'advproxy update accelerator'}."</a></b><br />"; print $Lang::tr{'advproxy enabled'}."<input type='checkbox' name='ENABLE_UPDXLRATOR' ".$checked{'ENABLE_UPDXLRATOR'}{'on'}." /><br />"; -print "+ ".int(($count**(1/3)) * 5); print "</td></tr>"; print <<END </table> @@ -1531,7 +1430,15 @@ END ;
foreach (@throttle_limits) { - print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$_ kbit/s</option>\n"; + my $val = $_; + my $unit = "kbit/s"; + + if ($val >= 1024) { + $unit = "Mbit/s"; + $val /= 1024; + } + + print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$val $unit</option>\n"; }
print <<END @@ -1594,21 +1501,6 @@ END
print <<END </table> -<table width='100%'> -<tr> - <td colspan='4'><i>$Lang::tr{'advproxy content based throttling'}:</i></td> -</tr> -<tr> - <td width='15%' class='base'>$Lang::tr{'advproxy throttle binary'}:</td> - <td width='10%'><input type='checkbox' name='THROTTLE_BINARY' $checked{'THROTTLE_BINARY'}{'on'} /></td> - <td width='15%' class='base'>$Lang::tr{'advproxy throttle dskimg'}:</td> - <td width='10%'><input type='checkbox' name='THROTTLE_DSKIMG' $checked{'THROTTLE_DSKIMG'}{'on'} /></td> - <td width='15%' class='base'>$Lang::tr{'advproxy throttle mmedia'}:</td> - <td width='10%'><input type='checkbox' name='THROTTLE_MMEDIA' $checked{'THROTTLE_MMEDIA'}{'on'} /></td> - <td width='15%'> </td> - <td width='10%'> </td> -</tr> -</table> <hr size='1'> <table width='100%'> <tr> @@ -1642,42 +1534,7 @@ print <<END </table>
<hr size='1'> -<table width='100%'> -<tr> - <td colspan='4'><b>$Lang::tr{'advproxy web browser'}</b> $Lang::tr{'advproxy UA enable filter'}:<input type='checkbox' name='ENABLE_BROWSER_CHECK' $checked{'ENABLE_BROWSER_CHECK'}{'on'} /></td> -</tr> -END -; -if ( $proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on' ){ -print <<END -<tr> - <td colspan='4'><i> -END -; -if (@useragentlist) { print "$Lang::tr{'advproxy allowed web browsers'}:"; } else { print "$Lang::tr{'advproxy no clients defined'}"; } -print <<END -</i></td> -</tr> -</table> -<table width='100%'> -END -;
-for ($n=0; $n<=@useragentlist; $n = $n + $i) { - for ($i=0; $i<=3; $i++) { - if ($i eq 0) { print "<tr>\n"; } - if (($n+$i) < @useragentlist) { - @useragent = split(/,/,@useragentlist[$n+$i]); - print "<td width='15%'>$useragent[1]:</td>\n"; - print "<td width='10%'><input type='checkbox' name='UA_$useragent[0]' $checked{'UA_'.$useragent[0]}{'on'} /></td>\n"; - } - if ($i eq 3) { print "</tr>\n"; } - } -} -} -print <<END -</table> -<hr size='1'> <table width='100%'> <tr> <td><b>$Lang::tr{'advproxy privacy'}</b></td> @@ -1711,7 +1568,6 @@ print <<END; <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ncsa' $checked{'AUTH_METHOD'}{'ncsa'} />$Lang::tr{'advproxy AUTH method ncsa'}</td> <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ident' $checked{'AUTH_METHOD'}{'ident'} />$Lang::tr{'advproxy AUTH method ident'}</td> <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ldap' $checked{'AUTH_METHOD'}{'ldap'} />$Lang::tr{'advproxy AUTH method ldap'}</td> - <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm' $checked{'AUTH_METHOD'}{'ntlm'} />$Lang::tr{'advproxy AUTH method ntlm'}</td> END
if ($HAVE_NTLM_AUTH) { @@ -1789,10 +1645,6 @@ print <<END <td class='base'>$Lang::tr{'advproxy AUTH limit of IP addresses'}:</td> <td><input type='text' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td> </tr> -<tr> - <td class='base'>$Lang::tr{'advproxy AUTH user IP cache TTL'}:</td> - <td><input type='text' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td> -</tr> <tr> <td class='base'>$Lang::tr{'advproxy AUTH always required'}:</td> <td><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td> @@ -1926,80 +1778,6 @@ if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print <<END END ; }
-# =================================================================== -# NTLM auth settings -# =================================================================== - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { -print <<END -<hr size='1'> -<table width='100%'> -<tr> - <td colspan='6'><b>$Lang::tr{'advproxy NTLM domain settings'}</b></td> -</tr> -<tr> - <td class='base'>$Lang::tr{'advproxy NTLM domain'}:</td> - <td><input type='text' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}' size='15' /></td> - <td class='base'>$Lang::tr{'advproxy NTLM PDC hostname'}:</td> - <td><input type='text' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}' size='14' /></td> - <td class='base'>$Lang::tr{'advproxy NTLM BDC hostname'}:</td> - <td><input type='text' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}' size='14' /></td> -</tr> -</table> -<hr size ='1'> -<table width='100%'> -<tr> - <td colspan='3'><b>$Lang::tr{'advproxy NTLM auth mode'}</b></td> -</tr> -<tr> - <td width='25%' class='base' width='25%'>$Lang::tr{'advproxy NTLM use integrated auth'}:</td> - <td width='20%'><input type='checkbox' name='NTLM_ENABLE_INT_AUTH' $checked{'NTLM_ENABLE_INT_AUTH'}{'on'} /></td> - <td> </td> -</tr> -</table> -<hr size ='1'> -<table width='100%'> -<tr> - <td colspan='4'><b>$Lang::tr{'advproxy NTLM user based access restrictions'}</b></td> -</tr> -<tr> - <td width='25%' class='base'>$Lang::tr{'advproxy enabled'}:</td> - <td width='20%'><input type='checkbox' name='NTLM_ENABLE_ACL' $checked{'NTLM_ENABLE_ACL'}{'on'} /></td> - <td width='25%'> </td> - <td width='30%'> </td> -</tr> -<tr> - <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='positive' $checked{'NTLM_USER_ACL'}{'positive'} /> - $Lang::tr{'advproxy NTLM use positive access list'}:</td> - <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='negative' $checked{'NTLM_USER_ACL'}{'negative'} /> - $Lang::tr{'advproxy NTLM use negative access list'}:</td> -</tr> -<tr> - <td colspan='2'>$Lang::tr{'advproxy NTLM authorized users'}</td> - <td colspan='2'>$Lang::tr{'advproxy NTLM unauthorized users'}</td> -</tr> -<tr> - <td colspan='2'><textarea name='NTLM_ALLOW_USERS' cols='32' rows='6' wrap='off'> -END -; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_ALLOW_USERS'}; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END -</textarea></td> - <td colspan='2'><textarea name='NTLM_DENY_USERS' cols='32' rows='6' wrap='off'> -END -; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_DENY_USERS'}; } - -if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END -</textarea></td> -</tr> -</table> -END -; } - # =================================================================== # NTLM-AUTH settings # =================================================================== @@ -2163,7 +1941,6 @@ print <<END <td><input type='hidden' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}'></td> <td><input type='hidden' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td> -<td><input type='hidden' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_ALWAYS_REQUIRED' value='$proxysettings{'AUTH_ALWAYS_REQUIRED'}'></td> <td><input type='hidden' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}'></td> <td><input type='hidden' name='DST_NOAUTH' value='$proxysettings{'DST_NOAUTH'}'></td> @@ -2175,7 +1952,6 @@ print <<END <td><input type='hidden' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}'></td> <td><input type='hidden' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td> -<td><input type='hidden' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td> <td><input type='hidden' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}'></td> END ; } @@ -2211,19 +1987,6 @@ print <<END END ; }
-if (!($proxysettings{'AUTH_METHOD'} eq 'ntlm')) { -print <<END -<td><input type='hidden' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}'></td> -<td><input type='hidden' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}'></td> -<td><input type='hidden' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}'></td> -<td><input type='hidden' name='NTLM_ENABLE_INT_AUTH' value='$proxysettings{'NTLM_ENABLE_INT_AUTH'}'></td> -<td><input type='hidden' name='NTLM_ENABLE_ACL' value='$proxysettings{'NTLM_ENABLE_ACL'}'></td> -<td><input type='hidden' name='NTLM_USER_ACL' value='$proxysettings{'NTLM_USER_ACL'}'></td> -<td><input type='hidden' name='NTLM_ALLOW_USERS' value='$proxysettings{'NTLM_ALLOW_USERS'}'></td> -<td><input type='hidden' name='NTLM_DENY_USERS' value='$proxysettings{'NTLM_DENY_USERS'}'></td> -END -; } - if (!($proxysettings{'AUTH_METHOD'} eq 'radius')) { print <<END <td><input type='hidden' name='RADIUS_SERVER' value='$proxysettings{'RADIUS_SERVER'}'></td> @@ -2513,18 +2276,6 @@ sub read_acls while (<FILE>) { $proxysettings{'MIME_TYPES'} .= $_ }; close(FILE); } - if (-e "$ntlmdir/msntauth.allowusers") { - open(FILE,"$ntlmdir/msntauth.allowusers"); - delete $proxysettings{'NTLM_ALLOW_USERS'}; - while (<FILE>) { $proxysettings{'NTLM_ALLOW_USERS'} .= $_ }; - close(FILE); - } - if (-e "$ntlmdir/msntauth.denyusers") { - open(FILE,"$ntlmdir/msntauth.denyusers"); - delete $proxysettings{'NTLM_DENY_USERS'}; - while (<FILE>) { $proxysettings{'NTLM_DENY_USERS'} .= $_ }; - close(FILE); - } if (-e "$raddir/radauth.allowusers") { open(FILE,"$raddir/radauth.allowusers"); delete $proxysettings{'RADIUS_ALLOW_USERS'}; @@ -2933,23 +2684,6 @@ sub write_acls if (!$proxysettings{'PORTS_SSL'}) { print FILE $def_ports_ssl; } else { print FILE $proxysettings{'PORTS_SSL'}; } close(FILE);
- open(FILE, ">$acl_dst_throttle"); - flock(FILE, 2); - if ($proxysettings{'THROTTLE_BINARY'} eq 'on') - { - @temp = split(/|/,$throttle_binary); - foreach (@temp) { print FILE "\.$_$\n"; } - } - if ($proxysettings{'THROTTLE_DSKIMG'} eq 'on') - { - @temp = split(/|/,$throttle_dskimg); - foreach (@temp) { print FILE "\.$_$\n"; } - } - if ($proxysettings{'THROTTLE_MMEDIA'} eq 'on') - { - @temp = split(/|/,$throttle_mmedia); - foreach (@temp) { print FILE "\.$_$\n"; } - } if (-s $throttled_urls) { open(URLFILE, $throttled_urls); @@ -2964,16 +2698,6 @@ sub write_acls print FILE $proxysettings{'MIME_TYPES'}; close(FILE);
- open(FILE, ">$ntlmdir/msntauth.allowusers"); - flock(FILE, 2); - print FILE $proxysettings{'NTLM_ALLOW_USERS'}; - close(FILE); - - open(FILE, ">$ntlmdir/msntauth.denyusers"); - flock(FILE, 2); - print FILE $proxysettings{'NTLM_DENY_USERS'}; - close(FILE); - open(FILE, ">$raddir/radauth.allowusers"); flock(FILE, 2); print FILE $proxysettings{'RADIUS_ALLOW_USERS'}; @@ -3332,6 +3056,11 @@ END } print FILE "\n";
+ # If we use authentication, users must always authenticate + unless ($proxysettings{"AUTH_METHOD"} eq "") { + print FILE "authenticate_ip_ttl 0\n\n"; + } + if ((!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH_METHOD'} eq 'ident'))) { if ($proxysettings{'AUTH_METHOD'} eq 'ncsa') @@ -3340,7 +3069,6 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } }
if ($proxysettings{'AUTH_METHOD'} eq 'ldap') @@ -3385,40 +3113,6 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - } - - if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') - { - if ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') - { - print FILE "auth_param ntlm program $authdir/ntlm_smb_lm_auth $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}"; - if ($proxysettings{'NTLM_BDC'} eq '') { print FILE "\n"; } else { print FILE " $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_BDC'}\n"; } - print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - } else { - print FILE "auth_param basic program $authdir/basic_msnt_auth\n"; - print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; - print FILE "auth_param basic realm $authrealm\n"; - print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - - open(MSNTCONF, ">$ntlmdir/msntauth.conf"); - flock(MSNTCONF,2); - print MSNTCONF "server $proxysettings{'NTLM_PDC'}"; - if ($proxysettings{'NTLM_BDC'} eq '') { print MSNTCONF " $proxysettings{'NTLM_PDC'}"; } else { print MSNTCONF " $proxysettings{'NTLM_BDC'}"; } - print MSNTCONF " $proxysettings{'NTLM_DOMAIN'}\n"; - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if ($proxysettings{'NTLM_USER_ACL'} eq 'positive') - { - print MSNTCONF "allowusers $ntlmdir/msntauth.allowusers\n"; - } else { - print MSNTCONF "denyusers $ntlmdir/msntauth.denyusers\n"; - } - } - close(MSNTCONF); - } }
if ($proxysettings{'AUTH_METHOD'} eq 'ntlm-auth') @@ -3433,6 +3127,7 @@ END print FILE "\n";
print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n\n"; + print FILE "auth_param ntlm credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n\n";
# BASIC authentication if ($proxysettings{'NTLM_AUTH_BASIC'} eq "on") { @@ -3444,9 +3139,9 @@ END print FILE " --require-membership-of=$ntlm_auth_group"; } print FILE "\n"; - print FILE "auth_param basic children 10\n"; - print FILE "auth_param basic realm IPFire Web Proxy Server\n"; - print FILE "auth_param basic credentialsttl 2 hours\n\n"; + print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; + print FILE "auth_param basic realm $authrealm\n"; + print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n\n"; } }
@@ -3458,22 +3153,10 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } }
print FILE "\n"; print FILE "acl for_inetusers proxy_auth REQUIRED\n"; - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')) - { - if ((!-z "$ntlmdir/msntauth.allowusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'positive')) - { - print FILE "acl for_acl_users proxy_auth "$ntlmdir/msntauth.allowusers"\n"; - } - if ((!-z "$ntlmdir/msntauth.denyusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'negative')) - { - print FILE "acl for_acl_users proxy_auth "$ntlmdir/msntauth.denyusers"\n"; - } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')) { if ((!-z "$raddir/radauth.allowusers") && ($proxysettings{'RADIUS_USER_ACL'} eq 'positive')) @@ -3526,8 +3209,6 @@ END
if (($delaypools) && (!-z $acl_dst_throttle)) { print FILE "acl for_throttled_urls url_regex -i "$acl_dst_throttle"\n\n"; }
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE "acl with_allowed_useragents browser $browser_regexp\n\n"; } - print FILE "acl within_timeframe time "; if ($proxysettings{'TIME_MON'} eq 'on') { print FILE "M"; } if ($proxysettings{'TIME_TUE'} eq 'on') { print FILE "T"; } @@ -3778,7 +3459,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " to_ipaddr_without_auth\n"; } if (!-z $acl_dst_noauth_dom) @@ -3788,7 +3468,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " to_domains_without_auth\n"; } if (!-z $acl_dst_noauth_url) @@ -3798,7 +3477,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " to_hosts_without_auth\n"; } } @@ -3832,24 +3510,10 @@ END { if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; } } - if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius')) + if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_METHOD'} eq 'radius')) { print FILE " for_inetusers"; } - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')) - { - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers")) - { - print FILE " for_acl_users"; - } - if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers")) - { - print FILE " !for_acl_users"; - } - } else { print FILE " for_inetusers"; } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')) { if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') @@ -3877,24 +3541,10 @@ END { if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; } } - if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius')) + if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_METHOD'} eq 'radius')) { print FILE " for_inetusers"; } - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')) - { - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers")) - { - print FILE " for_acl_users"; - } - if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers")) - { - print FILE " !for_acl_users"; - } - } else { print FILE " for_inetusers"; } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')) { if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') @@ -3920,14 +3570,6 @@ END }
if ( - ( - ($proxysettings{'AUTH_METHOD'} eq 'ntlm') && - ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && - ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && - ($proxysettings{'NTLM_USER_ACL'} eq 'negative') && - (!-z "$ntlmdir/msntauth.denyusers") - ) - || ( ($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && @@ -3956,20 +3598,11 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE " !on_ident_aware_hosts\n"; }
print FILE "http_access allow IPFire_networks"; if ( - ( - ($proxysettings{'AUTH_METHOD'} eq 'ntlm') && - ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && - ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && - ($proxysettings{'NTLM_USER_ACL'} eq 'positive') && - (!-z "$ntlmdir/msntauth.allowusers") - ) - || ( ($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && @@ -3999,7 +3632,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; } print FILE "\n";
print FILE "http_access deny all\n\n"; @@ -4095,7 +3727,10 @@ END if (($proxysettings{'ENABLE_FILTER'} eq 'on') || ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on') || ($proxysettings{'ENABLE_CLAMAV'} eq 'on')) { print FILE "url_rewrite_program /usr/sbin/redirect_wrapper\n"; - print FILE "url_rewrite_children $proxysettings{'CHILDREN'}\n\n"; + print FILE "url_rewrite_children ", &General::number_cpu_cores(); + print FILE " startup=", &General::number_cpu_cores(); + print FILE " idle=", &General::number_cpu_cores(); + print FILE " queue-size=", &General::number_cpu_cores() * 32, "\n\n"; }
# Include file with user defined settings. diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 21fd1f4cd..a5d27c8d8 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -149,7 +149,12 @@ sub cleanssldatabase { print FILE ""; close FILE; } + if (open(FILE, ">${General::swroot}/certs/index.txt.attr")) { + print FILE ""; + close FILE; + } unlink ("${General::swroot}/certs/index.txt.old"); + unlink ("${General::swroot}/certs/index.txt.attr.old"); unlink ("${General::swroot}/certs/serial.old"); unlink ("${General::swroot}/certs/01.pem"); } @@ -162,7 +167,11 @@ sub newcleanssldatabase { if (! -s ">${General::swroot}/certs/index.txt") { system ("touch ${General::swroot}/certs/index.txt"); } + if (! -s ">${General::swroot}/certs/index.txt.attr") { + system ("touch ${General::swroot}/certs/index.txt.attr"); + } unlink ("${General::swroot}/certs/index.txt.old"); + unlink ("${General::swroot}/certs/index.txt.attr.old"); unlink ("${General::swroot}/certs/serial.old"); # unlink ("${General::swroot}/certs/01.pem"); numbering evolves. Wrong place to delete } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 42eb14103..2f3ed41bc 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -821,7 +821,7 @@ 'dnsforward configuration' => 'Einstellungen für DNS Weiterleitung', 'dnsforward edit an entry' => 'Existierenden Eintrag bearbeiten', 'dnsforward entries' => 'Aktuelle Einträge', -'dnsforward forward_server' => 'DNS-Server', +'dnsforward forward_servers' => 'DNS-Server', 'dnsforward zone' => 'Zone', 'dnssec aware' => 'DNSSEC-Informationen verfügbar, aber nicht validierend', 'dnssec disabled warning' => 'WARNUNG: DNSSEC wurde deaktiviert', @@ -1405,6 +1405,7 @@ 'invalid input for state or province' => 'Ungültige Eingabe für Bundesstaat oder Provinz.', 'invalid input for valid till days' => 'Ungültige Eingabe für Gültig bis (Tage).', 'invalid ip' => 'Ungültige IP-Adresse', +'invalid ip or hostname' => 'Ungültige IP-Addresse oder Hostname', 'invalid keep time' => 'Die Aufbewahrungszeit muss eine gültige Zahl sein', 'invalid key' => 'Ungültiger Schlüssel.', 'invalid loaded file' => 'Ungültige geladene Datei', @@ -2166,7 +2167,7 @@ 'ssh no active logins' => 'Keine aktiven Benutzeranmeldungen', 'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen; dies wird Ihre Anmeldung verhindern', 'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen', -'ssh port' => 'SSH-Port auf 222 setzen (Standard ist 22)', +'ssh port' => 'SSH-Port auf Standardport 22 setzen (andernfalls 222)', 'ssh portfw' => 'TCP-Weiterleitung zulassen', 'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden', 'ssh tempstart30' => 'SSH-Deamon in 30 Minuten beenden', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index e9356407a..258176970 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -846,7 +846,7 @@ 'dnsforward configuration' => 'DNS forward configuration', 'dnsforward edit an entry' => 'Edit an existing entry', 'dnsforward entries' => 'Current entries', -'dnsforward forward_server' => 'Nameserver', +'dnsforward forward_servers' => 'Nameservers', 'dnsforward zone' => 'Zone', 'dnssec aware' => 'DNSSEC Aware', 'dnssec disabled warning' => 'WARNING: DNSSEC has been disabled', @@ -1436,6 +1436,7 @@ 'invalid input for state or province' => 'Invalid input for state or province.', 'invalid input for valid till days' => 'Invalid input for Valid till (days).', 'invalid ip' => 'Invalid IP Address', +'invalid ip or hostname' => 'Invalid IP Address or Hostname', 'invalid keep time' => 'Keep time must be a valid number', 'invalid key' => 'Invalid key.', 'invalid loaded file' => 'Invalid loaded file', @@ -2204,7 +2205,7 @@ 'ssh no active logins' => 'No active logins', 'ssh no auth' => 'You have not allowed any authentication methods; this will stop you logging in', 'ssh passwords' => 'Allow password based authentication', -'ssh port' => 'SSH port set to 222 (default is 22)', +'ssh port' => 'Set SSH port to default 22 (222 is used otherwise)', 'ssh portfw' => 'Allow TCP forwarding', 'ssh tempstart15' => 'Stop SSH demon in 15 minutes', 'ssh tempstart30' => 'Stop SSH demon in 30 minutes', diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl index 9fa05fef5..b89254b59 100644 --- a/langs/fr/cgi-bin/fr.pl +++ b/langs/fr/cgi-bin/fr.pl @@ -240,7 +240,7 @@ 'advproxy RADIUS use negative access list' => 'Utilisation négative de contrôle d'accès', 'advproxy RADIUS use positive access list' => 'Utilisation positive de contrôle d'accès', 'advproxy RADIUS user based access restrictions' => 'Utilisateur en fonction des restrictions d'accès', -'advproxy UA enable filter' => 'Activer la vérification du navigateur', +'advproxy UA enable filter' => 'Activer la vérification du navigateur ', 'advproxy access' => 'Accès', 'advproxy admin mail' => 'Email administrateur du cache ', 'advproxy advanced proxy' => 'Proxy avancé', @@ -249,8 +249,8 @@ 'advproxy allowed subnets' => 'Sous-réseaux autorisés (un par ligne) ', 'advproxy allowed web browsers' => 'Clients autorisés pour l'accès web', 'advproxy back to main page' => 'Retour à l'accueil', -'advproxy banned ip clients' => 'Adresses IP interdites (une par ligne)', -'advproxy banned mac clients' => 'Adresses MAC interdites (une par ligne)', +'advproxy banned ip clients' => 'Adresses IP interdites (une par ligne) ', +'advproxy banned mac clients' => 'Adresses MAC interdites (une par ligne) ', 'advproxy basic authentication' => 'Autoriser l'authentification HTTP basique', 'advproxy cache management' => 'Gestion du cache', 'advproxy cache replacement policy' => 'Politique du cache de remplacement ', @@ -267,7 +267,7 @@ 'advproxy clear cache' => 'Effacer le cache', 'advproxy client IP forwarding' => 'Adresse ip du client 'transféré' ', 'advproxy common settings' => 'Paramètres communs', -'advproxy content based throttling' => 'Activer le contenu en fonction de la capacité', +'advproxy content based throttling' => 'Activer le contenu en fonction de la capacité ', 'advproxy cre disabled' => 'L'interface de gestion a été désactivée par l'administrateur', 'advproxy cre group definitions' => 'Groupe de définitions de classe', 'advproxy cre supervisors' => 'Superviseur des adresses IP (une par ligne)', @@ -316,10 +316,10 @@ 'advproxy errmsg radius secret' => 'Pass-phrase RADIUS requise', 'advproxy errmsg radius server' => 'Adresse IP du serveur RADIUS non valide', 'advproxy errmsg time restriction' => 'Restriction horaire non valide', -'advproxy error design' => 'Construction des messages erronées', -'advproxy error language' => 'Langage des messages erronés', -'advproxy fake referer' => 'Fausses références soumises aux sites externes', -'advproxy fake useragent' => 'Faux useragent soumis aux sites externes', +'advproxy error design' => 'Construction des messages erronées ', +'advproxy error language' => 'Langage des messages erronés ', +'advproxy fake referer' => 'Fausses références soumises aux sites externes ', +'advproxy fake useragent' => 'Faux useragent soumis aux sites externes ', 'advproxy friday' => 'Ven', 'advproxy from' => 'De', 'advproxy group access control' => 'Contrôle d'accès basé sur le groupe', @@ -330,9 +330,9 @@ 'advproxy log query' => 'Termes de recherche en rapports ', 'advproxy log settings' => 'Configuration des rapports', 'advproxy log useragent' => 'Rapport des robots (de recherche) ', -'advproxy max download size' => 'Volume de téléchargement maximal (Ko)', +'advproxy max download size' => 'Volume de téléchargement maximal (Ko) ', 'advproxy max size' => 'Volume d'objet maximal (Ko) ', -'advproxy max upload size' => 'Volume d'envoi maximal (Ko)', +'advproxy max upload size' => 'Volume d'envoi maximal (Ko) ', 'advproxy memory replacement policy' => 'Politique de remplacement de mémoire ', 'advproxy min size' => 'Volume d'objet minimal (Ko) ', 'advproxy mode allow' => 'autoriser', @@ -350,14 +350,14 @@ 'advproxy offline mode' => 'Autoriser le mode hors connexion ', 'advproxy on' => 'Proxy allumé', 'advproxy privacy' => 'Privé', -'advproxy proxy port' => 'Port proxy', -'advproxy proxy port transparent' => 'Port transparent', +'advproxy proxy port' => 'Port proxy ', +'advproxy proxy port transparent' => 'Port transparent ', 'advproxy ram cache size' => 'Taille cache mémoire (Mo) ', 'advproxy redirector children' => 'Nombre de processus de filtre', 'advproxy reset' => 'Relancer', 'advproxy saturday' => 'Sam', 'advproxy save and restart' => 'Sauvegarder et redémarrer', -'advproxy squid version' => 'Version Squid Cache', +'advproxy squid version' => 'Version Squid Cache ', 'advproxy squidclamav' => 'SquidClamav', 'advproxy ssadvanced proxy' => 'Proxy avancé', 'advproxy ssl ports' => 'Ports SSL autorisés (un par ligne) ', @@ -365,10 +365,10 @@ 'advproxy standard ports' => 'Ports standards autorisés (un par ligne) ', 'advproxy sunday' => 'Dim', 'advproxy supervisor password' => 'Mot de passe superviseur', -'advproxy suppress version' => 'Informations sur la version supprimée', -'advproxy throttle binary' => 'Fichiers binaires', -'advproxy throttle dskimg' => 'Images CD', -'advproxy throttle mmedia' => 'Multimédia', +'advproxy suppress version' => 'Informations sur la version supprimée ', +'advproxy throttle binary' => 'Fichiers binaires ', +'advproxy throttle dskimg' => 'Images CD ', +'advproxy throttle mmedia' => 'Multimédia ', 'advproxy throttling per host on' => 'Limite par hôte', 'advproxy throttling total on' => 'Limite globale', 'advproxy throttling unlimited' => 'illimité', @@ -379,8 +379,8 @@ 'advproxy transparent on' => 'Transparent sur', 'advproxy tuesday' => 'Mar', 'advproxy unknown' => 'Inconnu', -'advproxy unrestricted ip clients' => 'Adresses IP sans restriction (une par ligne)', -'advproxy unrestricted mac clients' => 'Adresses MAC sans restriction (une par ligne)', +'advproxy unrestricted ip clients' => 'Adresses IP sans restriction (une par ligne) ', +'advproxy unrestricted mac clients' => 'Adresses MAC sans restriction (une par ligne) ', 'advproxy update accelerator' => 'Mise à jour accélérateur', 'advproxy update information' => 'Une mise à jour est disponible pour le téléchargement. Visitez <a href="http://www.advproxy.net" target="_blank"> http://www.advproxy.net </ a> pour plus d'informations.', 'advproxy update notification' => 'Alerte de mise à jour !', @@ -391,7 +391,7 @@ 'advproxy url filter' => 'Filtre URL', 'advproxy username forwarding' => 'Nom d'utilisateur transféré ', 'advproxy via forwarding' => 'Adresse proxy transférée ', -'advproxy visible hostname' => 'Nom d'hôte visible', +'advproxy visible hostname' => 'Nom d'hôte visible ', 'advproxy web browser' => 'Navigateur web', 'advproxy wednesday' => 'Mer', 'again' => 'De nouveau :', @@ -404,7 +404,7 @@ 'album' => 'Album', 'alcatelusb help' => 'Pour utiliser les modems Speedtouch 330 ou Speedtouch USB, vous devez charger le firmware dans votre PC IPFire. Veuillez télécharger le <b>Firmware Embarqué</b> paquet pour SpeedTouch 330 depuis speedtouch.com; dézippez le et chargez le fichier approprié à votre modem : KQD6_3.xxx quand Rev<4 ou ZZZL_3.xxx pour Rev=4 en utilisant le formulaire ci-dessous.', 'alcatelusb upload' => 'Charger le firmware Speedtouch USB', -'alias ip' => 'Alias IP', +'alias ip' => 'Alias IP ', 'aliases' => 'Alias', 'aliases not active' => 'Les alias ne seront pas actifs tant que votre interface ROUGE est en mode STATIQUE', 'all' => 'Tous', @@ -511,7 +511,7 @@ 'cached memory' => 'Mémoire tampon ', 'cached swap' => 'Swap tampon', 'calamaris available reports' => 'Rapports disponibles ', -'calamaris byte unit' => 'Echelle de bits ', +'calamaris byte unit' => 'Unité (octets) ', 'calamaris create report' => 'Créer un rapport', 'calamaris enable content report' => 'Autoriser le contenu du rapport ', 'calamaris enable distribution histogram' => 'Autoriser l'histogramme de distribution ', @@ -618,8 +618,8 @@ 'clear cache' => 'Vider le cache', 'clear playlist' => 'Liste de lecture vide', 'clenabled' => 'Fournir du temps au réseau local', -'click to disable' => 'Activé (cliquer pour désactiver)', -'click to enable' => 'Désactivé (cliquer pour activer)', +'click to disable' => 'Activé (cocher pour désactiver)', +'click to enable' => 'Désactivé (cocher pour activer)', 'client' => 'Nom de la station (ordinateur)', 'clock has not been synchronized' => 'L'horloge n'est pas synchronisée', 'clock last synchronized at' => 'L'horloge a été synchronisée à :', @@ -789,10 +789,10 @@ 'dhcp fixed lease help1' => 'L'adresse IP doit être saisie comme FQDN', 'dhcp mode' => 'DHCP', 'dhcp server' => 'Serveur DHCP', -'dhcp server disabled' => 'Serveur DHCP éteint. Arrêté.', -'dhcp server disabled on blue interface' => 'Serveur DHCP arrêté sur l'interface BLEUE', -'dhcp server enabled' => 'Serveur DHCP démarré. Redémarrage.', -'dhcp server enabled on blue interface' => 'Serveur DHCP démarré sur l'interface BLEUE', +'dhcp server disabled' => 'Serveur DHCP eteint. Arrete.', +'dhcp server disabled on blue interface' => 'Serveur DHCP arrete sur l'interface BLEUE', +'dhcp server enabled' => 'Serveur DHCP demarre. Redemarrage.', +'dhcp server enabled on blue interface' => 'Serveur DHCP demarre sur l'interface BLEUE', 'dhcp-options' => 'Options Push DHCP', 'dial' => 'Connexion', 'dial profile' => 'Contact avec le profil', @@ -826,11 +826,11 @@ 'dns address done' => 'Les adresses du serveur DNS vont être sauvegardées.', 'dns address recon' => 'Tentative de reconnexion !', 'dns check failed' => 'La vérification DNS a échouée', -'dns desc' => 'Si l'interface ROUGE0 obtient ses informations d'adresse IP via le DHCP du fournisseur d'accès, les adresses du serveur DNS seront définies automatiquement. Maintenant, vous pouvez également changer les adresses IP du serveur DNS par celles de votre choix.', +'dns desc' => 'Si l'interface ROUGE0 obtient ses informations d'adresse IP via le DHCP du fournisseur d'accès, les adresses du serveur DNS seront définies automatiquement. Sinon, vous pouvez également remplacer les adresses IP du serveur DNS par celles de votre choix.', 'dns error 0' => 'L'adresse IP du <strong>premier</strong> serveur DNS n'est pas valide, veuillez revoir votre saisie<br />La saisie de l'adresse du <strong>second</strong> serveur DNS est valide.', 'dns error 01' => 'Les adresses IP du <strong>premier</strong> et du <strong>second</strong> serveur DNS ne sont pas valides, veuillez revoir vos saisies', 'dns error 1' => 'L'adresse IP du <strong>second</strong> serveur DNS n'est pas valide, veuillez revoir votre saisie<br />La saisie de l'adresse du <strong>premier</strong> serveur DNS est valide.', -'dns header' => 'Assigner les adresses du serveur DNS seulemement pour le DHCP sur ROUGE0', +'dns header' => 'Assigner les adresses du serveur DNS seulement pour le DHCP sur ROUGE0', 'dns list' => 'Liste de serveurs DNS publiques gratuits', 'dns menu' => 'Assigner un serveur DNS', 'dns new 0' => 'Nouvelle adresse IP du <strong>premier</strong> serveur DNS :', @@ -846,8 +846,8 @@ 'dnsforward configuration' => 'Configuration de transfert DNS', 'dnsforward edit an entry' => 'Modifier une entrée existante', 'dnsforward entries' => 'Entrées actuelles', -'dnsforward forward_server' => 'Nom du serveur', -'dnsforward zone' => 'Zone', +'dnsforward forward_server' => 'Nom du serveur ', +'dnsforward zone' => 'Zone ', 'dnssec aware' => 'DNSSEC Aware', 'dnssec disabled warning' => 'AVERTISSEMENT : DNSSEC a été désactivé', 'dnssec information' => 'Informations DNSSEC', @@ -870,14 +870,14 @@ 'dos charset' => 'DOS Charset', 'down and up speed' => 'Entrez votre débit descendant et montant <br /> et cliquez sur <i>Sauvegarder</i>.', 'downlink' => 'Downlink', -'downlink speed' => 'Débit descendant - download (kbit/sec)', +'downlink speed' => 'Débit descendant - download (kbit/sec) ', 'downlink std class' => 'Classe standard de téléchargement ', 'download' => 'Téléchargement ', 'download ca certificate' => 'Téléchargez le certificat CA', 'download certificate' => 'Téléchargez le certificat', 'download dh parameter' => 'Télécharger paramètres Diffie-Hellman', 'download host certificate' => 'Téléchargez le certificat de l'hôte', -'download new ruleset' => 'Téléchargez un nouveau règlement', +'download new ruleset' => 'Télécharger de nouvelles règles', 'download pkcs12 file' => 'Téléchargez le fichier PKCS12', 'download root certificate' => 'Téléchargez le certificat Root', 'download tls-auth key' => 'Télécharger la clé tls-auth', @@ -1053,9 +1053,9 @@ 'firmware upload' => 'Charger firmware / pilotes', 'first' => 'Premier', 'five minutes' => '5 minutes', -'fixed ip lease added' => 'Bail IP fixe ajouté', -'fixed ip lease modified' => 'Bail IP fixe modifié', -'fixed ip lease removed' => 'Bail IP fixe supprimé', +'fixed ip lease added' => 'Bail adresse IP fixe ajoute', +'fixed ip lease modified' => 'Bail adresse IP fixe modifie', +'fixed ip lease removed' => 'Bail adresse IP fixe supprime', 'flag' => 'Drap.', 'force update' => 'Forcer la mise à jour', 'force user' => 'Obliger tous les nouveaux fichiers à l'utilisateur', @@ -1335,7 +1335,7 @@ 'host configuration' => 'Configuration de l'hôte', 'host deny' => 'Liste des hôtes non autorisés', 'host ip' => 'Adresse IP de l'hôte ', -'host to net vpn' => 'Réseau privé virtuel (VPN) de l'hôte au net (client nomade)', +'host to net vpn' => 'Réseau privé virtuel (VPN) de l'hôte au réseau (client nomade) ', 'hostname' => 'Nom hôte ', 'hostname and domain already in use' => 'Le nom d'hôte et de domaine sont déjà utilisés.', 'hostname cant be empty' => 'Le nom d'hôte ne peut pas être vide.', @@ -1466,7 +1466,7 @@ 'invalid vpi vpci' => 'Réglages VPI/VPCI non valide', 'invalid wins address' => 'Adresse du serveur WINS non valide.', 'invert' => 'Inverser', -'ip address' => 'Adresse IP', +'ip address' => 'Adresse IP ', 'ip address in use' => 'Adresse IP déjà en cours d'utilisation', 'ip address outside subnets' => 'Adresse IP hors des sous-réseaux', 'ip alias added' => 'Alias d'IP externe ajoutée', @@ -1474,7 +1474,7 @@ 'ip alias removed' => 'Alias d'IP externe supprimée', 'ip info' => 'Information IP', 'ipfire has now rebooted' => 'IPFire va à présent redémarrer.', -'ipfire has now shutdown' => 'IPFire va à présent s'éteindre.', +'ipfire has now shutdown' => 'IPFire va à présent s'arrêter.', 'ipfire side' => 'Côté IPFire :', 'ipfire side is invalid' => 'Côté IPFire non valide.', 'ipfires hostname' => 'Nom d'hôte d'IPFire ', @@ -1483,9 +1483,9 @@ 'ipsec network' => 'Réseau IPsec', 'ipsec no connections' => 'Aucune connexion IPsec active', 'iptable rules' => 'Règles table IP', -'iptmangles' => 'Mangles IPTable', -'iptnats' => 'Traduction d'adresses réseaux table IP', -'ipts' => 'Tables IP', +'iptmangles' => 'Mangles IPTable ', +'iptnats' => 'Traduction d'adresses réseaux table IP ', +'ipts' => 'Tables IP ', 'isdn' => 'ISDN', 'isdn settings' => 'Réglages ISDN supplémentaires :', 'isdn1' => 'ISDN unique', @@ -1569,7 +1569,7 @@ 'mac address saved' => 'Sauvegarde réussie !', 'mac address saved txt' => 'L'adresse MAC a été correctement sauvegardée, mais les changements prendront effets après un redémarrage ou une reconnexion.', 'mac address title' => 'Contrôle d'accès des adresses MAC', -'mac desc' => 'Ici, vous pouvez changer l'adresse MAC de ROUGE0. L'adresse doit être saisie en héxadécimal (0-9,a-f), une adresse valide est <br />par exemple 00-01-02-0e-b8-d6 ou 00:01:02:0e:b8:d6.', +'mac desc' => 'Ici, vous pouvez changer l'adresse MAC de ROUGE0. L'adresse doit être saisie en hexadécimal (0-9,a-f),<br />une adresse valide est par exemple 00-01-02-0e-b8-d6 ou 00:01:02:0e:b8:d6.', 'mac filter' => 'Filtre MAC', 'mac new' => 'Nouvelle adresse MAC :', 'mac1 new' => 'Nouvelle adresse MAC 1 (vdsl-inet) :', @@ -1714,9 +1714,9 @@ 'network time' => 'Utiliser un serveur de temps automatique :', 'network time from' => 'Obtenir l'heure depuis un serveur de temps automatique', 'network traffic graphs' => 'Graphiques de l'activité réseau', -'network traffic graphs external' => 'Graphique du trafic net (externe)', -'network traffic graphs internal' => 'Graphique du trafic net (interne)', -'network traffic graphs others' => 'Réseau (autres)', +'network traffic graphs external' => 'Graphique du trafic réseau (externe)', +'network traffic graphs internal' => 'Graphique du trafic réseau (interne)', +'network traffic graphs others' => 'Graphique de la qualité réseau (autres)', 'network updated' => 'Réseau personnalisé mis à jour', 'networks settings' => 'Réglages pare-feu - réseau', 'never' => 'Jamais', @@ -1878,8 +1878,8 @@ 'ovpn subnet' => 'Sous-réseau OpenVPN (c.a.d. 10.0.10.0/255.255.255.0)', 'ovpn subnet is invalid' => 'Sous-réseau OpenVPN non valide.', 'ovpn subnet overlap' => 'Le sous-réseau OpenVPN se chevauche avec : ', +'ovpn warning rfc3280' => 'Votre certificat d'hôte n'est pas conforme avec la RFC3280.<br>Veuillez mettre à jour la dernière version d'IPFire et générer dès que possible un nouveau certificat racine et hôte.</br><br>Tous les clients OpenVPN doivent ensuite être renouvelés !</br>', 'ovpn_fastio' => 'Fast-IO', -'ovpn_fragment' => 'Taille des fragments', 'ovpn_mssfix' => 'Taille MSSFIX', 'ovpn_mtudisc' => 'Découverte MTU', 'ovpn_processprio' => 'Priorité du processus', @@ -2056,7 +2056,7 @@ 'resetglobals' => 'Réinitialiser les paramètres globaux', 'resetpolicy' => 'Réinitialiser la politique par défaut', 'resetshares' => 'réinitialiser les partages ?', -'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Réinitialiser la configuration VPN va supprimer le CA root, le certificat hôte et tous les certificats basés sur les connexions', +'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Réinitialiser la configuration VPN va supprimer le CA root, le certificat hôte et tous les certificats basés sur les connexions ', 'restart' => 'Relancer', 'restart ovpn server' => 'Relancer le serveur OpenVPN', 'restore' => 'Restaurer', @@ -2196,7 +2196,7 @@ 'ssh fingerprint' => 'Empreinte digitale', 'ssh host keys' => 'Clef SSH de l'hôte', 'ssh is disabled' => 'SSH est desactive. Arret.', -'ssh is enabled' => 'SSH est active. Redemarrage.', +'ssh is enabled' => 'SSH est active. Redemarrage.', 'ssh key' => 'Clef', 'ssh key size' => 'Taille (bits)', 'ssh keys' => 'Autoriser l'authentification par clef publique', @@ -2238,7 +2238,7 @@ 'subject warn' => 'Attention - Le niveau d'alerte a été atteint', 'subnet' => 'Sous-réseau', 'subnet is invalid' => 'Le masque réseau est non valide', -'subscripted user rules' => 'Régles Sourcefire VRT avec abonnement', +'subscripted user rules' => 'Règles Sourcefire VRT avec abonnement', 'successfully refreshed updates list' => 'La liste des mises à jour a été rafraîchie avec succès.', 'summaries kept' => 'Conserver pour les résumés', 'sunday' => 'Dimanche', @@ -2257,7 +2257,7 @@ 'tcp more reliable' => 'TCP (plus fiable)', 'telephone not set' => 'Téléphone non défini.', 'template' => 'Préétabli', -'template warning' => 'Vous avez deux options pour établir la Qos : La première, vous cliquez sur le bouton de sauvegarde et générez les classes et règles qui vous conviennent. La seconde, vous cliquez sur le bouton préétabli et les classes et règles seront mises en place par un modèle.', +'template warning' => 'Vous avez deux options pour établir la Qos : La première, vous cliquez sur le bouton de sauvegarde et générez les classes et règles qui vous conviennent.<br>La seconde, vous cliquez sur le bouton préétabli et les classes et règles seront mises en place par un modèle.', 'ten minutes' => '10 minutes', 'teovpn_fragment' => 'Taille de fragment', 'test' => 'test', @@ -2299,9 +2299,9 @@ 'tor accounting interval' => 'Interval (UTC)', 'tor accounting limit' => 'Accounting limit (Mo)', 'tor accounting period' => 'Accounting period', -'tor accounting period daily' => 'quotidienne', -'tor accounting period monthly' => 'mensuelle', -'tor accounting period weekly' => 'hebdomadaire', +'tor accounting period daily' => 'Quotidienne', +'tor accounting period monthly' => 'Mensuelle', +'tor accounting period weekly' => 'Hebdomadaire', 'tor acls' => 'Contrôle d'accès', 'tor allowed subnets' => 'Sous-réseaux alloués (un par ligne)', 'tor bandwidth burst' => 'Max. burst', @@ -2410,7 +2410,7 @@ 'updates is old2' => 'jours. Il est recommandé de le mettre à jour depuis la page <b>Système > Mises à jour</b>.', 'updxlrtr 3 months' => 'trois mois', 'updxlrtr 6 months' => 'six mois', -'updxlrtr all files' => 'tous les fichiers ...', +'updxlrtr all files' => 'tous les fichiers...', 'updxlrtr cache dir' => 'Répertoire du cache', 'updxlrtr cache maintenance' => 'Maintenance du cache', 'updxlrtr cache size' => 'Taille du cache (octets)', @@ -2427,7 +2427,7 @@ 'updxlrtr configuration' => 'Mise à jour de l'accélérateur', 'updxlrtr current downloads' => 'Les fichiers suivants sont en cours de téléchargement dans le cache local :', 'updxlrtr current files' => 'Les fichiers courants sont dans le cache local', -'updxlrtr daily' => 'quotidiennement', +'updxlrtr daily' => 'Quotidienne', 'updxlrtr data from cache' => 'Données du cache (octets)', 'updxlrtr disk usage' => 'Utilisation du disque', 'updxlrtr efficiency index' => 'Indice d'efficacité du cache ', @@ -2449,7 +2449,7 @@ 'updxlrtr max disk usage' => 'Utilisation maximum du disque ', 'updxlrtr max download rate' => 'Taux de téléchargement maximum externe (kbit/s) ', 'updxlrtr month' => 'un mois', -'updxlrtr monthly' => 'mensuellement', +'updxlrtr monthly' => 'Mensuelle', 'updxlrtr not accessed' => 'utilisés la dernière fois depuis', 'updxlrtr not enabled' => 'La mise à jour de l'accélérateur n'est pas activée sur la page web du proxy', 'updxlrtr other' => 'Autre', @@ -2462,7 +2462,7 @@ 'updxlrtr save and restart' => 'Sauvegarder et redémarrer', 'updxlrtr source' => 'Source', 'updxlrtr source checkup' => 'Vérifications des sources', -'updxlrtr source checkup schedule' => 'Calendrier de vérification des sources ', +'updxlrtr source checkup schedule' => 'Fréquence de vérification des sources ', 'updxlrtr sources' => 'Sources', 'updxlrtr standard view' => 'Vue standard', 'updxlrtr statistics' => 'Statistiques', @@ -2478,12 +2478,12 @@ 'updxlrtr used by' => 'Utilisé par', 'updxlrtr web proxy service required' => 'Le proxy web doit être activé pour utiliser la mise à jour Accélérateur', 'updxlrtr week' => 'une semaine', -'updxlrtr weekly' => 'hebdomadairement', +'updxlrtr weekly' => 'Hebdomadaire', 'updxlrtr year' => 'une année', 'upgrade' => 'Améliorer', 'uplink' => 'Uplink', 'uplink bit rate' => 'Uplink Bit Rate', -'uplink speed' => 'Débit montant - upload (kbit/sec)', +'uplink speed' => 'Débit montant - upload (kbit/sec) ', 'uplink std class' => 'Classe standard de la connexion ', 'upload' => 'Envoi ', 'upload a certificate' => 'Envoyer un certificat :', @@ -2506,19 +2506,19 @@ 'uptime load average' => 'Charge moyenne', 'url filter' => 'Filtre de contenu', 'urlfilter access' => 'Accès', -'urlfilter activity detection' => 'Détection d'activité', -'urlfilter add new time constraint rule' => 'Ajouter une nouvelle règle de contrainte de temps', -'urlfilter add new user quota rule' => 'Ajouter une nouvelle règle sur le quota de l'utilisateur', +'urlfilter activity detection' => 'Détection d'activité ', +'urlfilter add new time constraint rule' => 'Ajouter une nouvelle règle de contrainte de temps ', +'urlfilter add new user quota rule' => 'Ajouter une nouvelle règle sur le quota de l'utilisateur ', 'urlfilter add rule' => 'Ajouter', 'urlfilter advanced settings' => 'Paramètres avancés', 'urlfilter allow' => 'Autoriser', 'urlfilter allow access' => 'Autoriser l'accès', 'urlfilter allowed domains' => 'Domaines autorisés (un par ligne)', 'urlfilter allowed urls' => 'URLs autorisées (une par ligne)', -'urlfilter assigned quota users' => 'Utilisateurs assignés (un par ligne)', +'urlfilter assigned quota users' => 'Utilisateurs assignés (un par ligne) ', 'urlfilter assigned users' => 'Utilisateurs assignés', 'urlfilter automatic blacklist update' => 'Mise à jour automatique de la liste noire', -'urlfilter automatic update schedule' => 'Mettre à jour le calendrier automatiquement', +'urlfilter automatic update schedule' => 'Fréquence de mise à jour automatique ', 'urlfilter back to main page' => 'Revenir à la page principale', 'urlfilter background image' => 'Filtre d'URLs contenant des images de fonds', 'urlfilter background text' => 'Afin d'avoir une image de fond personnalisée pour les pages bloquées, envoyez le fichier .jpg', @@ -2526,61 +2526,61 @@ 'urlfilter backup error' => 'Impossible de créer un fichier de sauvegarde', 'urlfilter backup settings' => 'Sauvegarder les réglages du filtre d'URL', 'urlfilter banned clients' => 'Adresses IP bannies', -'urlfilter blacklist age 1' => 'La dernière mise à jour de la liste noire a été faite il y a', +'urlfilter blacklist age 1' => 'La dernière mise à jour de la liste noire a eu lieu il y a', 'urlfilter blacklist age 2' => 'jours', -'urlfilter blacklist category name' => 'Nom de la catégorie de la liste noire', +'urlfilter blacklist category name' => 'Nom de la catégorie de la liste noire ', 'urlfilter blacklist editor' => 'Editeur de liste noire', 'urlfilter blacklist editor info' => 'Créer et éditer votre propre fichier de liste noire', 'urlfilter blacklist name' => 'Nom de la liste noire', 'urlfilter blacklist update' => 'Mise à jour de la liste noire', 'urlfilter block' => 'Bloquer', 'urlfilter block access' => 'Bloquer l'accès', -'urlfilter block all' => 'Bloquer toutes les url non autorisées explicitement', +'urlfilter block all' => 'Bloquer toutes les url non autorisées explicitement ', 'urlfilter block archives' => 'Bloquer fichiers d'archives compressés ', 'urlfilter block audio-video' => 'Bloquer fichiers audio / vidéo ', 'urlfilter block categories' => 'Bloquer catégories', 'urlfilter block executables' => 'Bloquer fichiers exécutables ', -'urlfilter block ip' => 'Bloquer sites atteints par leur IP', -'urlfilter block settings' => ' Réglages filtre URL', +'urlfilter block ip' => 'Bloquer les sites atteints par leur IP ', +'urlfilter block settings' => ' Réglages de filtre URL', 'urlfilter blocked domains' => 'Domaines bloqués (un par ligne)', 'urlfilter blocked expressions' => 'Expressions bloquées (comme expressions régulières)', 'urlfilter blocked urls' => 'URL bloquées (une par ligne)', 'urlfilter category' => 'Catégorie', 'urlfilter category all' => 'tout', 'urlfilter category data error' => 'Liste noire vide', -'urlfilter category log' => 'Classer les journaux par catégorie', +'urlfilter category log' => 'Classer les journaux par catégorie ', 'urlfilter category name error' => 'Nom catégorie liste noire requis', 'urlfilter client' => 'Client', 'urlfilter configuration' => 'Configuration filtre URL', 'urlfilter constraint definition' => 'Définition', -'urlfilter constraint outside' => 'Dehors', -'urlfilter constraint within' => 'Dedans', +'urlfilter constraint outside' => 'Hors', +'urlfilter constraint within' => 'Avec', 'urlfilter copy rule' => 'Copie', -'urlfilter current files' => 'Fichiers courant du dépôt local', +'urlfilter current files' => 'Fichiers courant du dépôt local ', 'urlfilter custom blacklist' => 'Liste noire perso', 'urlfilter custom expression list' => 'Liste de mots clés perso', -'urlfilter custom url' => 'Source URL perso', +'urlfilter custom url' => 'Source URL perso ', 'urlfilter custom url required' => 'Source URL perso requise', 'urlfilter custom whitelist' => 'Liste blanche perso', -'urlfilter daily' => 'quotidiennement', +'urlfilter daily' => 'Quotidienne', 'urlfilter disabled' => 'désactivé', 'urlfilter domains' => 'Domaine (un par ligne)', -'urlfilter dont restart urlfilter' => 'Ne pas redémarrer filtre URL', +'urlfilter dont restart urlfilter' => 'Ne pas redémarrer le filtre URL ', 'urlfilter dst' => 'Destination', 'urlfilter dst error' => 'Il doit y avoir au moins une catégorie sélectionnée', 'urlfilter edit domains urls expressions' => 'Modifier domaines, URLs et expressions', 'urlfilter edit time constraint rule' => 'Modifier une règle existante de contrainte de temps', 'urlfilter edit user quota rule' => 'Modifier une règle de quota utilisateur', -'urlfilter empty ads' => 'Bloquer "pubs" avec fenêtre vide', +'urlfilter empty ads' => 'Bloquer "pubs" avec fenêtre vide ', 'urlfilter empty repository' => 'Fichier du dépot local est vide', -'urlfilter enable automatic blacklist update' => 'Activer mise à jour automatique', +'urlfilter enable automatic blacklist update' => 'Activer la mise à jour automatique ', 'urlfilter enable custom blacklist' => 'Activer liste noire perso ', 'urlfilter enable custom expression list' => 'Activer la liste d'expressions personnalisées ', 'urlfilter enable custom whitelist' => 'Activer liste blanche perso ', -'urlfilter enable expression lists' => 'Activer la liste de mots clés perso', -'urlfilter enable full backup' => 'Inclure liste noire complète', +'urlfilter enable expression lists' => 'Activer la liste de mots clés perso ', +'urlfilter enable full backup' => 'Inclure liste noire complète ', 'urlfilter enable jpeg' => 'Activer image d'arrière plan', -'urlfilter enable log' => 'Activer le journal', +'urlfilter enable log' => 'Activer le journal ', 'urlfilter enable rewrite rules' => 'Activer fichier local de redirection ', 'urlfilter enabled' => 'Activé :', 'urlfilter example' => 'Exemple : www.domain.com', @@ -2597,7 +2597,7 @@ 'urlfilter from' => 'De', 'urlfilter hourly' => 'par heure', 'urlfilter import blacklist' => 'Importer liste noire', -'urlfilter import text' => 'Pour importer une liste noire précédemment sauvée, charger le fichier .tar.gz suivant', +'urlfilter import text' => 'Pour importer une liste noire précédemment sauvée, charger le fichier .tar.gz suivant ', 'urlfilter install blacklist' => 'Installer liste noire', 'urlfilter install information' => 'La nouvelle liste noire va être automatiquement compilée pour préparer les bases de données. Ceci peut durer plusieurs minutes et dépend de la taille de la liste noire.', 'urlfilter invalid content' => 'Le fichier n'est pas une liste noire compatible squidGuard', @@ -2612,17 +2612,17 @@ 'urlfilter log viewer' => 'Rapport de filtre URL', 'urlfilter logs' => 'Rapports de filtre URL', 'urlfilter maintenance' => 'Maintenance filtre URL', -'urlfilter manage local file repository' => 'Gérer fichier de dépôt local', +'urlfilter manage local file repository' => 'Gérer fichier de dépôt local ', 'urlfilter manage repository' => 'Gérer dépôt', 'urlfilter minutes' => 'minutes', 'urlfilter mode allow' => 'autoriser', 'urlfilter mode block' => 'bloquer', 'urlfilter mon' => 'Lun', 'urlfilter monday' => 'Lundi', -'urlfilter monthly' => 'Mensuellement', -'urlfilter msg text 1' => 'Message ligne 1', -'urlfilter msg text 2' => 'Message ligne 2', -'urlfilter msg text 3' => 'Message ligne 3', +'urlfilter monthly' => 'Mensuelle', +'urlfilter msg text 1' => 'Message ligne 1 ', +'urlfilter msg text 2' => 'Message ligne 2 ', +'urlfilter msg text 3' => 'Message ligne 3 ', 'urlfilter network access control' => 'Contrôle d'accès réseau en fonction', 'urlfilter no categories' => 'Aucune catégorie disponible', 'urlfilter not enabled' => 'Filtre URL n'est pas activé sur le proxy page web', @@ -2630,10 +2630,10 @@ 'urlfilter quota time error' => 'Valeur non valide pour quota de temps', 'urlfilter quota user error' => 'Au moins un nom d'utilisateur est requis', 'urlfilter redirect template' => 'Redirection modèle de page', -'urlfilter redirectpage' => 'Redirige vers cette URL', +'urlfilter redirectpage' => 'Redirige vers cette URL ', 'urlfilter remove file' => 'Supprime le fichier du dépôt', 'urlfilter renewal' => 'Renouvellement', -'urlfilter renewal period' => 'Période de renouvellement', +'urlfilter renewal period' => 'Période de renouvellement ', 'urlfilter repository information' => 'Les requêtes de téléchargement pour ces fichiers seront redirigées depuis la source originale vers le fichier local du dépôt.', 'urlfilter reset' => 'Remettre à zéro', 'urlfilter restart' => 'Redémarrer filtre URL', @@ -2643,21 +2643,21 @@ 'urlfilter restore results' => 'Restaurer résultats', 'urlfilter restore settings' => 'Restaurer paramètres filtre URL', 'urlfilter restore success' => 'Configuration filtre URL restaurée. Filtre URL doit être redémarré pour activer les nouveaux paramètres.', -'urlfilter restore text' => 'Pour restaurer une configuration précédemment sauvée, charger le fichier de sauvegarde .tar.gz suivant', -'urlfilter safesearch' => 'Activer SafeSearch', +'urlfilter restore text' => 'Pour restaurer une configuration précédemment sauvée, charger le fichier de sauvegarde .tar.gz suivant ', +'urlfilter safesearch' => 'Activer SafeSearch ', 'urlfilter sat' => 'Sam', 'urlfilter saturday' => 'Samedi', 'urlfilter save and restart' => 'Sauvegarder et redémarrer', 'urlfilter save schedule' => 'Valider paramètres de mise à jour', -'urlfilter select blacklist' => 'Sélectionner liste noire existante', +'urlfilter select blacklist' => 'Choisir une liste noire existante ', 'urlfilter select multi' => 'Presser 'Ctrl' pour sélectionner plusieurs catégories', -'urlfilter select source' => 'Sélectionner source de téléchargement', +'urlfilter select source' => 'Choisir une source de téléchargement ', 'urlfilter set time constraints' => 'Fixer les contraintes de temps', 'urlfilter set user quota' => 'Fixer quotas utilisateur', -'urlfilter show category' => 'Montrer la catégorie de page bloquée', -'urlfilter show dnserror' => 'Utiliser "DNS Error" pour les url bloquées', -'urlfilter show ip' => 'Montrer adresse IP page bloquée', -'urlfilter show url' => 'Montrer adresse url page bloquée', +'urlfilter show category' => 'Montrer la catégorie de page bloquée ', +'urlfilter show dnserror' => 'Utiliser "Erreur DNS" pour les url bloquées ', +'urlfilter show ip' => 'Montrer adresse IP page bloquée ', +'urlfilter show url' => 'Montrer adresse url page bloquée ', 'urlfilter source' => 'Hôte(s) ou réseau(x) source(s)', 'urlfilter src' => 'Source', 'urlfilter src error' => 'Source ne peut être vide', @@ -2671,7 +2671,7 @@ 'urlfilter time space' => 'Espace temps', 'urlfilter timebased access control' => 'Contrôle d'accès basé sur le temps', 'urlfilter timespace error' => 'Erreur dans la déclaration d'espace/temps', -'urlfilter to' => 'Vers', +'urlfilter to' => 'A', 'urlfilter tue' => 'Mar', 'urlfilter tuesday' => 'Mardi', 'urlfilter unfiltered clients' => 'Adresses IP non filtrées', @@ -2684,23 +2684,23 @@ 'urlfilter upload blacklist' => 'Télécharger liste noire', 'urlfilter upload file' => 'Télécharger fichier', 'urlfilter upload file information 1' => 'Note', -'urlfilter upload file information 2' => 'Filtre URL doit être redémarré pour activer les changements du dépot.', -'urlfilter upload file text' => 'Pour ajouter un fichier au dépot local, charger le fichier suivant', -'urlfilter upload information' => 'La nouvelle liste noire va être automatiquement compilée pour préparer les bases de données. Le temps dépend de la taille de la liste noire et peut durer plusieurs minutes. Attendre la fin de cette tâche pour relancer filtre URL.', +'urlfilter upload file information 2' => 'Le filtre URL doit être redémarré pour activer les changements du dépot.', +'urlfilter upload file text' => 'Pour ajouter un fichier au dépot local, charger le fichier suivant ', +'urlfilter upload information' => 'La nouvelle liste noire va être automatiquement compilée pour préparer les bases de données.<br>Le temps dépend de la taille de la liste noire et peut durer plusieurs minutes. Veuillez attendre la fin de cette tâche pour relancer le filtre URL.', 'urlfilter upload success' => 'Chargement liste noire complété avec succès.', -'urlfilter upload text' => 'Pour installer une mise à jour, uploader le fichier .tar.gz suivant', +'urlfilter upload text' => 'Pour installer une mise à jour, uploader le fichier .tar.gz suivant ', 'urlfilter url filter' => 'Filtre d'URL', -'urlfilter urlfilter blacklist editor' => 'Editeur de la liste noire du filtre d'URL', +'urlfilter urlfilter blacklist editor' => 'Editeur de la liste noire du filtre d'URL ', 'urlfilter urls' => 'URLs (une par ligne)', -'urlfilter user time quota' => 'Quota de temps (en minutes)', +'urlfilter user time quota' => 'Quota de temps (en minutes) ', 'urlfilter username' => 'Nom d'utilisateur', -'urlfilter username log' => 'Log identifiant', +'urlfilter username log' => 'Log identifiant ', 'urlfilter web proxy service required' => 'Le service proxy web doit être activé pour utiliser les filtres d'URL', 'urlfilter wed' => 'Mer', 'urlfilter wednesday' => 'Mercredi', 'urlfilter weekday error' => 'Au moins un jour doit être sélectionné', -'urlfilter weekly' => 'hebdomadairement', -'urlfilter whitelist always allowed' => 'Autoriser une liste blanche personnalisée de clients bannis', +'urlfilter weekly' => 'Hebdomadaire', +'urlfilter whitelist always allowed' => 'Autoriser une liste blanche personnalisée de clients bannis ', 'urlfilter wrong filetype' => 'Le fichier n'a pas l'extension .tar.gz', 'use' => 'Utiliser', 'use a pre-shared key' => 'Utiliser une clé pré-partagée :', @@ -2737,13 +2737,13 @@ 'vpn aggrmode' => 'Mode agressif IKE autorisé. Eviter si possible (la clé pré-partagée est transmise en clair) !', 'vpn altname syntax' => 'SubjectAltName est une liste séparée par des virgules d'email, DNS, URI, RID et de les objets du IP. <br />Email: une adresse d'email. Email Syntaxe: copie prend le champ email du certificat à être utilisé. <br />DNS: un nom de domaine valide. <br />URI: tout URI valide. <br />RID: identificateur d'objet enregistré. <br />IP: une adresse IP. <br />Remarque : Jeu de caractères est limité et le cas est significatif. <br />Exemple :<br /><b>email :</b>info@ipfire.org<b>, email :</b>copier<b>, DNS:</b>www.ipfire.org<b>, IP:</b>127.0.0.1<b>, URI:</b>http://url/quelque/chose', 'vpn auth-dn' => 'Le pair est identifié par soit IPV4_ADDR, FQDN, USER_FQDN ou la chaine DER_ASN1_DN dans le champ Remote ID', -'vpn broken' => 'Broken', +'vpn broken' => 'Rompu', 'vpn configuration main' => 'VPN configuration - Principal', 'vpn connecting' => 'CONNEXION', -'vpn delayed start' => 'Délai avant le lancement du VPN (secondes)', +'vpn delayed start' => 'Délai avant le lancement du VPN (secondes) ', 'vpn delayed start help' => 'Si requis, ce délai peut être utilisé pour autoriser les mises à jour de DNS dynamique à la propagation appropriée. 60 est une valeur souvent utilisée lorsque l'interface ROUGE est une IP dynamique.', 'vpn force mobike' => 'Force using MOBIKE (only IKEv2)', -'vpn inactivity timeout' => 'Inactivity Timeout', +'vpn inactivity timeout' => 'Délai dépassé inactivité', 'vpn incompatible use of defaultroute' => 'hostname=%defaultroute non admis', 'vpn keyexchange' => 'Keyexchange', 'vpn local id' => 'ID Local', @@ -2755,10 +2755,10 @@ 'vpn on orange' => 'VPN sur ORANGE', 'vpn on-demand' => 'A-LA-DEMANDE', 'vpn payload compression' => 'Négocier la compression de charge utile', -'vpn red name' => 'IP publique ou nom de domaine complet pour l'interface ROUGE ou <%defaultroute>', +'vpn red name' => 'IP publique ou nom de domaine complet pour l'interface ROUGE ou <%defaultroute> ', 'vpn remote id' => 'ID distant', 'vpn start action' => 'Démarrer l'action', -'vpn start action add' => 'Attendre l'initiation de la connexion', +'vpn start action add' => 'Attendre l'initialisation de la connexion', 'vpn start action route' => 'A la demande', 'vpn start action start' => 'Toujours démarré', 'vpn statistic n2n' => 'Stats OpenVPN (site-à-site)', @@ -2802,7 +2802,7 @@ 'wlan client ccmp' => 'CCMP', 'wlan client configuration' => 'Configuration client sans fil', 'wlan client disconnected' => 'Déconnecté', -'wlan client duplicate ssid' => 'Duplicate SSID', +'wlan client duplicate ssid' => 'SSID en double', 'wlan client eap authentication method' => 'Méthode d'authentification EAP', 'wlan client eap phase2 method' => 'Méthode phase 2 EAP', 'wlan client eap state' => 'Statut EAP', @@ -2813,21 +2813,21 @@ 'wlan client encryption wep' => 'WEP', 'wlan client encryption wpa' => 'WPA', 'wlan client encryption wpa2' => 'WPA2', -'wlan client group cipher' => 'Group cipher', +'wlan client group cipher' => 'Chiffrer groupe', 'wlan client group key algorithm' => 'GKA', 'wlan client identity' => 'Identité', 'wlan client invalid key length' => 'Longueur de clé invalide.', 'wlan client method' => 'Méthode', 'wlan client new entry' => 'Créer une nouvelle configuration de client sans fil', 'wlan client new network' => 'Nouveau réseau', -'wlan client pairwise cipher' => 'Pairwise cipher', +'wlan client pairwise cipher' => 'Chiffrer par paire', 'wlan client pairwise key algorithm' => 'PKA', -'wlan client pairwise key group key' => 'Pairwise key/group key', +'wlan client pairwise key group key' => 'Clé par paire / clé de groupe', 'wlan client password' => 'Mot de passe', -'wlan client psk' => 'Pre-shared key', +'wlan client psk' => 'Clé pré-partagée', 'wlan client ssid' => 'SSID', 'wlan client tkip' => 'TKIP', -'wlan client tls cipher' => 'TLS Cipher', +'wlan client tls cipher' => 'Chiffrer TLS', 'wlan client tls version' => 'Version TLS', 'wlan client wpa mode' => 'Mode WPA', 'wlan client wpa mode all' => 'Auto', @@ -2847,6 +2847,8 @@ 'wlanap invalid wpa' => 'Longueur non valide dans la Passphrase WPA. Doit comporter entre 8 et 63 caractères.', 'wlanap link dhcp' => 'Configuration DHCP du réseau local sans fil', 'wlanap link wireless' => 'Activer les clients LAN sans fil', +'wlanap neighbor scan' => 'Balayage des réseaux proches', +'wlanap neighbor scan warning' => 'Attention ! La désactivation peut enfreindre les règles réglementaires !', 'wlanap no interface' => 'L'interface choisie n'est pas une carte LAN sans fil !', 'wlanap none' => 'aucun', 'wlanap notifications' => 'Notifications', diff --git a/lfs/bind b/lfs/bind index c2530b174..44b649fcb 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@
include Config
-VER = 9.11.5 +VER = 9.11.5-P1
THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 17a0d02102117c9a221e857cf2cc8157 +$(DL_FILE)_MD5 = 2825d818db51008f88a0030507edfa8a
install : $(TARGET)
diff --git a/lfs/clamav b/lfs/clamav index 420ee82b3..a6e44ebf2 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -24,7 +24,7 @@
include Config
-VER = 0.100.2 +VER = 0.101.1
THISAPP = clamav-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 41 +PAK_VER = 43
DEPS = ""
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 253dd79dd57da759567e42543a569c5c +$(DL_FILE)_MD5 = 9c137d6172f6e132e08e61fe25b636f8
install : $(TARGET)
diff --git a/lfs/configroot b/lfs/configroot index 4701d9e39..3cdd780fc 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -62,7 +62,7 @@ $(TARGET) :
# Touch empty files for i in auth/users backup/include.user backup/exclude.user \ - captive/settings captive/agb.txt captive/clients captive/voucher_out certs/index.txt ddns/config ddns/settings ddns/ipcache dhcp/settings \ + captive/settings captive/agb.txt captive/clients captive/voucher_out certs/index.txt certs/index.txt.attr ddns/config ddns/settings ddns/ipcache dhcp/settings \ dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \ ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/geoipblock firewall/input firewall/outgoing \ fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customgeoipgrp fwlogs/ipsettings fwlogs/portsettings \ @@ -98,7 +98,6 @@ $(TARGET) : cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settings - cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/ cp $(DIR_SRC)/config/firewall/convert-xtaccess /usr/sbin/convert-xtaccess diff --git a/lfs/fireinfo b/lfs/fireinfo index df736e0f3..2e6d1e94c 100644 --- a/lfs/fireinfo +++ b/lfs/fireinfo @@ -73,6 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Don-t-crash-when-proc-cpuinfo-doesn-t-have-any-infor.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Ignore-any-systems-with-ID-Default-string.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh cd $(DIR_APP) && ./configure --prefix=/usr diff --git a/lfs/grub b/lfs/grub index 1a10c2aa5..e6131f2f5 100644 --- a/lfs/grub +++ b/lfs/grub @@ -99,6 +99,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @rm -rf $(DIR_APP) $(DIR_APP_EFI) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.02_disable_vga_fallback.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch
# Install unifont cp -v $(DIR_DL)/unifont-7.0.03.pcf.gz $(DIR_APP)/unifont.pcf.gz diff --git a/lfs/haproxy b/lfs/haproxy index da56f889d..51414d8b6 100644 --- a/lfs/haproxy +++ b/lfs/haproxy @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = haproxy -PAK_VER = 7 +PAK_VER = 8
DEPS = ""
diff --git a/lfs/initscripts b/lfs/initscripts index bdab03dfe..c053b7115 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -155,6 +155,9 @@ $(TARGET) : ln -sf ../init.d/leds /etc/rc.d/rc3.d/S21leds ln -sf ../init.d/leds /etc/rc.d/rc6.d/K79leds ln -sf ../init.d/fireinfo /etc/rc.d/rc3.d/S15fireinfo + ln -sf ../init.d/conntrackd /etc/rc.d/rc0.d/K77conntrackd + ln -sf ../init.d/conntrackd /etc/rc.d/rc3.d/S22conntrackd + ln -sf ../init.d/conntrackd /etc/rc.d/rc6.d/K77conntrackd ln -sf ../init.d/mountkernfs /etc/rc.d/rcsysinit.d/S00mountkernfs ln -sf ../init.d/sysctl /etc/rc.d/rcsysinit.d/S01sysctl ln -sf ../init.d/modules /etc/rc.d/rcsysinit.d/S05modules diff --git a/lfs/ipvsadm b/lfs/ipvsadm index db245b997..6345237f0 100644 --- a/lfs/ipvsadm +++ b/lfs/ipvsadm @@ -24,15 +24,15 @@
include Config
-VER = 1.26 +VER = 1.29
THISAPP = ipvsadm-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = ipvsadm -PAK_VER = 1 +PAK_VER = 2
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = eac3ba3f62cd4dea2da353aeddd353a8 +$(DL_FILE)_MD5 = 12f0d3b4d436e941d0c4dbe358144bfd
install : $(TARGET)
diff --git a/lfs/keepalived b/lfs/keepalived index 6bdd9d3de..8e01e979d 100644 --- a/lfs/keepalived +++ b/lfs/keepalived @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = keepalived -PAK_VER = 3 +PAK_VER = 5
DEPS = ""
diff --git a/lfs/libvirt b/lfs/libvirt index de25a3d55..d0742e810 100644 --- a/lfs/libvirt +++ b/lfs/libvirt @@ -24,7 +24,7 @@
include Config
-VER = 4.6.0 +VER = 4.10.0
THISAPP = libvirt-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -33,9 +33,9 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = libvirt -PAK_VER = 17 +PAK_VER = 19
-DEPS = "jansson libpciaccess libyajl ncat qemu" +DEPS = "libpciaccess libyajl ncat qemu"
############################################################################### # Top-level Rules @@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6ea17a8f004a4bcdfc4beaed91fcdddd +$(DL_FILE)_MD5 = f85067e830bd89db08b7b7ffa75db6ef
install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) diff --git a/lfs/linux b/lfs/linux index 346378819..7aac547f9 100644 --- a/lfs/linux +++ b/lfs/linux @@ -34,7 +34,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) CFLAGS = CXXFLAGS =
-PAK_VER = 79 +PAK_VER = 80 DEPS = ""
HEADERS_ARCH = $(BUILD_PLATFORM) @@ -211,14 +211,14 @@ ifeq "$(LASTKERNEL)" "1" echo install drm /bin/false > /etc/modprobe.d/framebuffer.conf
# Blacklist old framebuffer modules - for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video/fbdev/ -name *.ko); do \ + for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video/fbdev/ -name *.ko.xz); do \ echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \ done # Blacklist new drm framebuffer modules - for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm -name *.ko); do \ + for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm -name *.ko.xz); do \ echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \ done - sed -i -e "s|.ko||g" /etc/modprobe.d/framebuffer.conf + sed -i -e "s|.ko.xz||g" /etc/modprobe.d/framebuffer.conf
# Disable ipv6 at runtime echo "options ipv6 disable_ipv6=1" > /etc/modprobe.d/ipv6.conf diff --git a/lfs/linux-initrd b/lfs/linux-initrd index 3f0a80739..f5bd4527b 100644 --- a/lfs/linux-initrd +++ b/lfs/linux-initrd @@ -71,13 +71,13 @@ ifeq "$(KCFG)" "-kirkwood" endif
ifeq "$(KCFG)" "-multi" -ifeq "$(BUILD_ARCH)" "aarch64" - cd /boot && mkimage -A arm64 -T ramdisk -C lzma -d initramfs-$(KVER)-$(VERSUFIX).img uInit-$(KVER)-$(VERSUFIX) - # dont remove initramfs because grub need this to boot. -else cd /boot && mkimage -A arm -T ramdisk -C lzma -d initramfs-$(KVER)-$(VERSUFIX).img uInit-$(KVER)-$(VERSUFIX) cd /boot && rm initramfs-$(KVER)-$(VERSUFIX).img endif + +ifeq "$(BUILD_ARCH)" "aarch64" + cd /boot && mkimage -A arm64 -T ramdisk -C lzma -d initramfs-$(KVER)-$(VERSUFIX).img uInit-$(KVER)-$(VERSUFIX) + # dont remove initramfs because grub need this to boot. endif
endif diff --git a/lfs/mc b/lfs/mc index 1aa07c133..6600702e5 100644 --- a/lfs/mc +++ b/lfs/mc @@ -24,7 +24,7 @@
include Config
-VER = 4.8.20 +VER = 4.8.22
THISAPP = mc-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = mc -PAK_VER = 16 +PAK_VER = 17
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7f808b01f3f7d9aa52152a9efb86dbca +$(DL_FILE)_MD5 = 62bba2bfccadf08eb554321899f475bc
install : $(TARGET)
diff --git a/lfs/mpd b/lfs/mpd index bf038a81f..25c3e57d7 100644 --- a/lfs/mpd +++ b/lfs/mpd @@ -34,7 +34,7 @@ TARGET = $(DIR_INFO)/$(THISAPP) PROG = mpd PAK_VER = 19
-DEPS = "alsa avahi faad2 ffmpeg flac lame libmad libshout libogg libid3tag libvorbis opus" +DEPS = "alsa avahi faad2 ffmpeg flac lame libmad libshout libogg libid3tag libvorbis opus soxr"
############################################################################### # Top-level Rules diff --git a/lfs/pcre b/lfs/pcre index 66b34cc30..dc6621f1c 100644 --- a/lfs/pcre +++ b/lfs/pcre @@ -74,7 +74,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --prefix=/usr \ --disable-static \ --enable-utf8 \ - --disable-jit \ + --enable-jit \ --enable-pcre16 \ --enable-pcre32 \ --enable-pcregrep-libz \ diff --git a/lfs/perl-Net-CIDR-Lite b/lfs/perl-Net-CIDR-Lite new file mode 100644 index 000000000..a3c20b42b --- /dev/null +++ b/lfs/perl-Net-CIDR-Lite @@ -0,0 +1,80 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <http://www.gnu.org/licenses/>. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.21 + +THISAPP = Net-CIDR-Lite-$(VER) +DL_FILE = ${THISAPP}.tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 12280b3754886b876918f03f53aee4f5 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && perl Makefile.PL + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/python b/lfs/python index 35651ba60..66bc3b901 100644 --- a/lfs/python +++ b/lfs/python @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> # +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,9 @@
include Config
-VER = 2.7.13 +# If you update this make sure that you also change the VER and PAK_VER of +# python-optional-src ! +VER = 2.7.15
THISAPP = Python-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 53b43534153bb2a0363f08bae8b9d990 +$(DL_FILE)_MD5 = a80ae3cc478460b922242f43a1b4094d
install : $(TARGET)
@@ -71,7 +73,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE) rm -rf $(DIR_APP)/Modules/_ctypes/{darwin,libffi,libffi_arm_wince,libffi_msvc,libffi_osx} - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/python-2.7.13-getentropy.patch cd $(DIR_APP) && OPT="$(CFLAGS)" ./configure \ --prefix=/usr \ --enable-shared \ diff --git a/lfs/python-optional-src b/lfs/python-optional-src index 82bb0e894..cb0ac1fa6 100644 --- a/lfs/python-optional-src +++ b/lfs/python-optional-src @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> # +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,12 +24,12 @@
include Config
-VER = 2.7.10 +VER = 2.7.15
include python
PROG = python-optional-src -PAK_VER = 4 +PAK_VER = 5 DEPS =
dist: diff --git a/lfs/snort b/lfs/snort index 813c05c14..e7b5a19f7 100644 --- a/lfs/snort +++ b/lfs/snort @@ -24,7 +24,7 @@
include Config
-VER = 2.9.11.1 +VER = 2.9.12
THISAPP = snort-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 378e3938b2b5c8e358f942d0ffce18cc +$(DL_FILE)_MD5 = 3a305d9c44bd0319aa50783a60c8947f
install : $(TARGET)
@@ -75,7 +75,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --sysconfdir=/etc/snort \ --target=i586 \ --enable-linux-smp-stats \ - --enable-gre --enable-mpls \ + --disable-open-appid \ + --enable-gre \ + --enable-mpls \ --enable-targetbased \ --enable-ppm \ --enable-non-ether-decoders \ diff --git a/lfs/sqlite b/lfs/sqlite index 467e01805..8f02634cd 100644 --- a/lfs/sqlite +++ b/lfs/sqlite @@ -24,7 +24,7 @@
include Config
-VER = 3250200 +VER = 3260000
THISAPP = sqlite-autoconf-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = bfade31d59f58badc51aeaa6ae26a5de +$(DL_FILE)_MD5 = ac2b3b8cd3a97600e36fb8e756e8dda1
install : $(TARGET)
diff --git a/lfs/squid b/lfs/squid index 11b84d719..6033ab394 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@
include Config
-VER = 3.5.28 +VER = 4.5
THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 9367e0375ea53ba0e99f77054d4402c5 +$(DL_FILE)_MD5 = 8275da5846f9f2243ad2625e5aef2ee0
install : $(TARGET)
@@ -72,9 +72,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-4.5-fix-max-file-descriptors.patch
cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi @@ -125,7 +123,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --enable-zph-qos \ --with-dl \ --with-filedescriptors=$$(( 16384 * 64 )) \ - --with-large-files + --with-large-files \ + --without-gnutls \ + --without-netfilter-conntrack
cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/tar b/lfs/tar index cbab6c2a9..953613d51 100644 --- a/lfs/tar +++ b/lfs/tar @@ -24,7 +24,7 @@
include Config
-VER = 1.30 +VER = 1.31
THISAPP = tar-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 8404e4c1fc5a3000228ab2b8ad674a65 +$(DL_FILE)_MD5 = 77afa35b696c8d760331fa0e12c2fac9
install : $(TARGET)
@@ -80,6 +80,9 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/tar/01_extract.c.patch + cd $(DIR_APP) && ./configure $(EXTRA_CONFIG) FORCE_UNSAFE_CONFIGURE=1 cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/transmission b/lfs/transmission index 5de887c43..4eac88bd9 100644 --- a/lfs/transmission +++ b/lfs/transmission @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> # +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.92 +VER = 2.94
THISAPP = transmission-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = transmission -PAK_VER = 15 +PAK_VER = 16
DEPS = ""
@@ -46,7 +46,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 3fce404a436e3cd7fde80fb6ed61c264 +$(DL_FILE)_MD5 = c92829294edfa391c046407eeb16358a
install : $(TARGET)
@@ -79,7 +79,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/transmission-2.92-openssl-1.1.0.patch cd $(DIR_APP) && ./configure --prefix=/usr --disable-static cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP) && make install diff --git a/lfs/unbound b/lfs/unbound index 8dfcfa3a0..07501d1d6 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -24,7 +24,7 @@
include Config
-VER = 1.8.1 +VER = 1.8.3
THISAPP = unbound-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 00ce66e357fd2f969acf69008aa82a40 +$(DL_FILE)_MD5 = 4646203343d3b8f5aeb1b57753c27ead
install : $(TARGET)
@@ -79,6 +79,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --disable-static \ --with-libevent \ --enable-event-api \ + --enable-tfo-client \ + --enable-tfo-server \ ac_cv_func_getentropy=no
cd $(DIR_APP) && make $(MAKETUNING) diff --git a/lfs/wget b/lfs/wget index 39f59ba80..b8c83d10d 100644 --- a/lfs/wget +++ b/lfs/wget @@ -24,7 +24,7 @@
include Config
-VER = 1.19.5 +VER = 1.20.1
THISAPP = wget-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2db6f03d655041f82eb64b8c8a1fa7da +$(DL_FILE)_MD5 = f6ebe9c7b375fc9832fb1b2028271fb7
install : $(TARGET)
diff --git a/lfs/xtables-addons b/lfs/xtables-addons index af2784c1a..260820955 100644 --- a/lfs/xtables-addons +++ b/lfs/xtables-addons @@ -27,7 +27,7 @@ include Config VERSUFIX = ipfire$(KCFG) MODPATH = /lib/modules/$(KVER)-$(VERSUFIX)/extra/
-VER = 2.13 +VER = 3.2
THISAPP = xtables-addons-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = be20b0b9c4b001b364431a836e361d33 +$(DL_FILE)_MD5 = 80ea89ba8d5a001a8d71c7f05b2f0141
install : $(TARGET)
@@ -94,6 +94,10 @@ ifeq "$(USPACE)" "1"
cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + + # Install xt_geoip_build. + cd $(DIR_APP) && install -m 755 geoip/xt_geoip_build \ + /usr/local/bin/ else cd $(DIR_APP) && ./configure \ --with-kbuild=/usr/src/linux-$(KVER)/ diff --git a/make.sh b/make.sh index 83dd9b121..1ee4ba36e 100755 --- a/make.sh +++ b/make.sh @@ -17,7 +17,7 @@ # along with IPFire; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # -# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org>. # +# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org>. # # # ############################################################################ # @@ -25,8 +25,8 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.21" # Version number -CORE="126" # Core Level (Filename) -PAKFIRE_CORE="126" # Core Level (PAKFIRE) +CORE="127" # Core Level (Filename) +PAKFIRE_CORE="127" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir @@ -1434,6 +1434,7 @@ buildipfire() { lfsmake2 mpd lfsmake2 libmpdclient lfsmake2 mpc + lfsmake2 perl-Net-CIDR-Lite lfsmake2 perl-Net-SMTP-SSL lfsmake2 perl-MIME-Base64 lfsmake2 perl-Authen-SASL diff --git a/src/initscripts/packages/keepalived b/src/initscripts/packages/keepalived index 5634194e6..4dda336d5 100644 --- a/src/initscripts/packages/keepalived +++ b/src/initscripts/packages/keepalived @@ -13,6 +13,12 @@
case "${1}" in start) + # Load IPVS module + modprobe ip_vs + + # Enable connection tracking for IPVS + sysctl -w net.ipv4.vs.conntrack=1 &>/dev/null + boot_mesg "Starting keepalive daemon..." loadproc /usr/sbin/keepalived ${KEEPALIVED_OPTIONS} ;; @@ -24,7 +30,7 @@ case "${1}" in
reload) boot_mesg "Reloading keepalive daemon..." - reloadproc /etc/sbin/keepalived + reloadproc /usr/sbin/keepalived ;;
restart) diff --git a/src/initscripts/system/aws b/src/initscripts/system/aws index 2a556801a..b22af7573 100644 --- a/src/initscripts/system/aws +++ b/src/initscripts/system/aws @@ -34,7 +34,8 @@ case "${1}" in running_on_ec2 || exit 0
# Find the first interface to use - for i in /sys/class/net/*; do + for i in /sys/class/net/red* /sys/class/net/eth* \ + /sys/class/net/*; do [ -d "${i}" ] || continue i=$(basename ${i})
diff --git a/src/initscripts/system/conntrackd b/src/initscripts/system/conntrackd new file mode 100755 index 000000000..2e7a2678b --- /dev/null +++ b/src/initscripts/system/conntrackd @@ -0,0 +1,41 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/conntrackd +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + # Don't attempt to launch the daemon when we have no configuration + if [ ! -s "/etc/conntrackd/conntrackd.conf" ]; then + exit 0 + fi + + boot_mesg "Starting Connection Tracking Daemon..." + loadproc /usr/sbin/conntrackd -d + ;; + + stop) + boot_mesg "Stopping Connection Tracking Daemon..." + killproc /usr/sbin/conntrackd + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc /usr/sbin/conntrackd + ;; + + *) + echo "Usage: ${0} {start|stop|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/conntrackd diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index cc46c33c9..08007f50a 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -197,8 +197,8 @@ write_forward_conf() {
local insecure_zones="${INSECURE_ZONES}"
- local enabled zone server remark - while IFS="," read -r enabled zone server remark; do + local enabled zone server servers remark + while IFS="," read -r enabled zone servers remark; do # Line must be enabled. [ "${enabled}" = "on" ] || continue
@@ -215,7 +215,13 @@ write_forward_conf() { *.in-addr.arpa) echo "stub-zone:" echo " name: ${zone}" - echo " stub-addr: ${server}" + for server in ${servers//|/ }; do + if [[ ${server} =~ ^[0-9]+.[0-9]+.[0-9]+.[0-9]+$ ]]; then + echo " stub-addr: ${server}" + else + echo " stub-host: ${server}" + fi + done echo echo "server:" echo " local-zone: "${zone}" transparent" @@ -224,7 +230,13 @@ write_forward_conf() { *) echo "forward-zone:" echo " name: ${zone}" - echo " forward-addr: ${server}" + for server in ${servers//|/ }; do + if [[ ${server} =~ ^[0-9]+.[0-9]+.[0-9]+.[0-9]+$ ]]; then + echo " forward-addr: ${server}" + else + echo " forward-host: ${server}" + fi + done echo ;; esac diff --git a/src/installer/hw.c b/src/installer/hw.c index b329db545..71a1f1cce 100644 --- a/src/installer/hw.c +++ b/src/installer/hw.c @@ -547,8 +547,10 @@ static int hw_calculate_partition_table(struct hw* hw, struct hw_destination* de
snprintf(dest->part_boot_efi, sizeof(dest->part_boot_efi), "%s%d", path, part_idx++); - } else + } else { *dest->part_boot_efi = '\0'; + dest->part_boot_efi_idx = 0; + }
if (dest->size_swap > 0) snprintf(dest->part_swap, sizeof(dest->part_swap), "%s%d", path, part_idx++); diff --git a/src/paks/haproxy/install.sh b/src/paks/haproxy/install.sh index 45b2161b1..8282acb28 100644 --- a/src/paks/haproxy/install.sh +++ b/src/paks/haproxy/install.sh @@ -23,6 +23,7 @@ # . /opt/pakfire/lib/functions.sh extract_files +restore_backup ${NAME}
# Enable autostart ln -sf ../init.d/haproxy /etc/rc.d/rc0.d/K25haproxy diff --git a/src/paks/haproxy/uninstall.sh b/src/paks/haproxy/uninstall.sh index b01ee1147..9621b52a0 100644 --- a/src/paks/haproxy/uninstall.sh +++ b/src/paks/haproxy/uninstall.sh @@ -22,5 +22,6 @@ ############################################################################ # . /opt/pakfire/lib/functions.sh +make_backup ${NAME} remove_files rm -rfv /etc/rc.d/rc*.d/*haproxy diff --git a/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch new file mode 100644 index 000000000..1e5a98655 --- /dev/null +++ b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch @@ -0,0 +1,61 @@ +From 74c5e2adc61548900e256c3e58a0a63f5b3c2a4f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Peter=20M=C3=BCller?= <peter.mueller@link38.eu> +Date: Tue, 4 Dec 2018 18:13:15 +0100 +Subject: [PATCH] fireinfo: support upstream proxy with authentication +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fireinfo could not send its profile to https://fireinfo.ipfire.org/ +if the machine is behind an upstream proxy which requires username +and password. This is fixed by tweaking urllib2's opening handler. + +To apply this on existing installations, the fireinfo package +needs to be shipped during an update. + +The third version of this patch fixes bogus indention, assembles +proxy authentication string more readable and preserves HTTP +proxy handler. + +Fixes #11905 + +Signed-off-by: Peter Müller <peter.mueller@link38.eu> +Cc: Michael Tremer <michael.tremer@ipfire.org> +Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> +--- + src/sendprofile | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + mode change 100644 => 100755 src/sendprofile + +diff --git a/src/sendprofile b/src/sendprofile +old mode 100644 +new mode 100755 +index b836567..3ce68b9 +--- a/src/sendprofile ++++ b/src/sendprofile +@@ -73,10 +73,20 @@ def send_profile(profile): + request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__) + + # Set upstream proxy if we have one. +- # XXX this cannot handle authentication + proxy = get_upstream_proxy() ++ + if proxy["host"]: +- request.set_proxy(proxy["host"], "http") ++ # handling upstream proxies with authentication is more tricky... ++ if proxy["user"] and proxy["pass"]: ++ prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"]) ++ ++ proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string}) ++ auth = urllib2.HTTPBasicAuthHandler() ++ opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler) ++ urllib2.install_opener(opener) ++ else: ++ request.set_proxy(proxy["host"], "http") ++ request.set_proxy(proxy["host"], "https") + + try: + urllib2.urlopen(request, timeout=60) +-- +2.6.3 + diff --git a/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch b/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch new file mode 100644 index 000000000..6c6a750b4 --- /dev/null +++ b/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch @@ -0,0 +1,60 @@ +From cda0a857dd7a27cd5d621747464bfe71e8727fff Mon Sep 17 00:00:00 2001 +From: Daniel Kiper <daniel.kiper@oracle.com> +Date: Tue, 29 May 2018 16:16:02 +0200 +Subject: xfs: Accept filesystem with sparse inodes + +The sparse inode metadata format became a mkfs.xfs default in +xfsprogs-4.16.0, and such filesystems are now rejected by grub as +containing an incompatible feature. + +In essence, this feature allows xfs to allocate inodes into fragmented +freespace. (Without this feature, if xfs could not allocate contiguous +space for 64 new inodes, inode creation would fail.) + +In practice, the disk format change is restricted to the inode btree, +which as far as I can tell is not used by grub. If all you're doing +today is parsing a directory, reading an inode number, and converting +that inode number to a disk location, then ignoring this feature +should be fine, so I've added it to XFS_SB_FEAT_INCOMPAT_SUPPORTED + +I did some brief testing of this patch by hacking up the regression +tests to completely fragment freespace on the test xfs filesystem, and +then write a large-ish number of inodes to consume any existing +contiguous 64-inode chunk. This way any files the grub tests add and +traverse would be in such a fragmented inode allocation. Tests passed, +but I'm not sure how to cleanly integrate that into the test harness. + +Signed-off-by: Eric Sandeen <sandeen@redhat.com> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> +Tested-by: Chris Murphy <lists@colorremedies.com> +--- + grub-core/fs/xfs.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c +index c6031bd..3b00c74 100644 +--- a/grub-core/fs/xfs.c ++++ b/grub-core/fs/xfs.c +@@ -79,9 +79,18 @@ GRUB_MOD_LICENSE ("GPLv3+"); + #define XFS_SB_FEAT_INCOMPAT_SPINODES (1 << 1) /* sparse inode chunks */ + #define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */ + +-/* We do not currently verify metadata UUID so it is safe to read such filesystem */ ++/* ++ * Directory entries with ftype are explicitly handled by GRUB code. ++ * ++ * We do not currently read the inode btrees, so it is safe to read filesystems ++ * with the XFS_SB_FEAT_INCOMPAT_SPINODES feature. ++ * ++ * We do not currently verify metadata UUID, so it is safe to read filesystems ++ * with the XFS_SB_FEAT_INCOMPAT_META_UUID feature. ++ */ + #define XFS_SB_FEAT_INCOMPAT_SUPPORTED \ + (XFS_SB_FEAT_INCOMPAT_FTYPE | \ ++ XFS_SB_FEAT_INCOMPAT_SPINODES | \ + XFS_SB_FEAT_INCOMPAT_META_UUID) + + struct grub_xfs_sblock +-- +cgit v1.0-41-gc330 + diff --git a/src/patches/python-2.7.13-getentropy.patch b/src/patches/python-2.7.13-getentropy.patch deleted file mode 100644 index 7e00061c1..000000000 --- a/src/patches/python-2.7.13-getentropy.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/Python/random.c b/Python/random.c -index 2f83b5d..4cae217 100644 ---- a/Python/random.c -+++ b/Python/random.c -@@ -97,8 +97,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) - } - - /* Issue #25003: Don't use getentropy() on Solaris (available since -- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */ --#elif defined(HAVE_GETENTROPY) && !defined(sun) -+ Solaris 11.3), it is blocking whereas os.urandom() should not block. -+ -+ Issue #29188: Don't use getentropy() on Linux since the glibc 2.24 -+ implements it with the getrandom() syscall which can fail with ENOSYS, -+ and this error is not supported in py_getentropy() and getrandom() is called -+ with flags=0 which blocks until system urandom is initialized, which is not -+ the desired behaviour to seed the Python hash secret nor for os.urandom(): -+ see the PEP 524 which was only implemented in Python 3.6. */ -+#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux) - #define PY_GETENTROPY 1 - - /* Fill buffer with size pseudo-random bytes generated by getentropy(). diff --git a/src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch b/src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch deleted file mode 100644 index fadb1d48c..000000000 --- a/src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch +++ /dev/null @@ -1,72 +0,0 @@ -commit f1657a9decc820f748fa3aff68168d3145258031 -Author: Christos Tsantilas <christos@chtsanti.net> -Date: 2018-10-17 15:14:07 +0000 - - Certificate fields injection via %D in ERR_SECURE_CONNECT_FAIL (#306) - - %ssl_subject, %ssl_ca_name, and %ssl_cn values were not properly escaped when %D code was expanded in HTML context of the ERR_SECURE_CONNECT_FAIL template. This bug affects all - ERR_SECURE_CONNECT_FAIL page templates containing %D, including the default template. - - Other error pages are not vulnerable because Squid does not populate %D with certificate details in other contexts (yet). - - Thanks to Nikolas Lohmann [eBlocker] for identifying the problem. - - TODO: If those certificate details become needed for ACL checks or other non-HTML purposes, make their HTML-escaping conditional. - - This is a Measurement Factory project. - -diff --git a/src/ssl/ErrorDetail.cc b/src/ssl/ErrorDetail.cc -index b5030e3..314e998 100644 ---- a/src/ssl/ErrorDetail.cc -+++ b/src/ssl/ErrorDetail.cc -@@ -8,6 +8,8 @@ - - #include "squid.h" - #include "errorpage.h" -+#include "fatal.h" -+#include "html_quote.h" - #include "ssl/ErrorDetail.h" - - #include <climits> -@@ -432,8 +434,11 @@ const char *Ssl::ErrorDetail::subject() const - { - if (broken_cert.get()) { - static char tmpBuffer[256]; // A temporary buffer -- if (X509_NAME_oneline(X509_get_subject_name(broken_cert.get()), tmpBuffer, sizeof(tmpBuffer))) -- return tmpBuffer; -+ if (X509_NAME_oneline(X509_get_subject_name(broken_cert.get()), tmpBuffer, sizeof(tmpBuffer))) { -+ // quote to avoid possible html code injection through -+ // certificate subject -+ return html_quote(tmpBuffer); -+ } - } - return "[Not available]"; - } -@@ -461,8 +466,11 @@ const char *Ssl::ErrorDetail::cn() const - static String tmpStr; ///< A temporary string buffer - tmpStr.clean(); - Ssl::matchX509CommonNames(broken_cert.get(), &tmpStr, copy_cn); -- if (tmpStr.size()) -- return tmpStr.termedBuf(); -+ if (tmpStr.size()) { -+ // quote to avoid possible html code injection through -+ // certificate subject -+ return html_quote(tmpStr.termedBuf()); -+ } - } - return "[Not available]"; - } -@@ -474,8 +482,11 @@ const char *Ssl::ErrorDetail::ca_name() const - { - if (broken_cert.get()) { - static char tmpBuffer[256]; // A temporary buffer -- if (X509_NAME_oneline(X509_get_issuer_name(broken_cert.get()), tmpBuffer, sizeof(tmpBuffer))) -- return tmpBuffer; -+ if (X509_NAME_oneline(X509_get_issuer_name(broken_cert.get()), tmpBuffer, sizeof(tmpBuffer))) { -+ // quote to avoid possible html code injection through -+ // certificate issuer subject -+ return html_quote(tmpBuffer); -+ } - } - return "[Not available]"; - } diff --git a/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.patch b/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.patch deleted file mode 100644 index 2ae034c20..000000000 --- a/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit bc9786119f058a76ddf0625424bc33d36460b9a2 (refs/remotes/origin/v3.5) -Author: flozilla <fishyflow@gmail.com> -Date: 2018-10-24 14:12:01 +0200 - - Fix memory leak when parsing SNMP packet (#313) - - SNMP queries denied by snmp_access rules and queries with certain - unsupported SNMPv2 commands were leaking a few hundred bytes each. Such - queries trigger "SNMP agent query DENIED from..." WARNINGs in cache.log. - -diff --git a/src/snmp_core.cc b/src/snmp_core.cc -index c4d21c1..16c2993 100644 ---- a/src/snmp_core.cc -+++ b/src/snmp_core.cc -@@ -409,6 +409,7 @@ snmpDecodePacket(SnmpRequest * rq) - snmpConstructReponse(rq); - } else { - debugs(49, DBG_IMPORTANT, "WARNING: SNMP agent query DENIED from : " << rq->from); -+ snmp_free_pdu(PDU); - } - xfree(Community); - diff --git a/src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch b/src/patches/squid/squid-4.5-fix-max-file-descriptors.patch similarity index 92% rename from src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch rename to src/patches/squid/squid-4.5-fix-max-file-descriptors.patch index b740b6104..57fd0a6a6 100644 --- a/src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch +++ b/src/patches/squid/squid-4.5-fix-max-file-descriptors.patch @@ -1,6 +1,6 @@ --- configure.ac.~ Wed Apr 20 14:26:07 2016 +++ configure.ac Fri Apr 22 17:20:46 2016 -@@ -3135,6 +3135,9 @@ +@@ -3160,6 +3160,9 @@ ;; esac
@@ -10,7 +10,7 @@ dnl --with-maxfd present for compatibility with Squid-2. dnl undocumented in ./configure --help to encourage using the Squid-3 directive AC_ARG_WITH(maxfd,, -@@ -3165,8 +3168,6 @@ +@@ -3190,8 +3193,6 @@ esac ])
diff --git a/src/patches/tar/01_extract.c.patch b/src/patches/tar/01_extract.c.patch new file mode 100644 index 000000000..21c3cd86f --- /dev/null +++ b/src/patches/tar/01_extract.c.patch @@ -0,0 +1,12 @@ +--- tar-1.31/src/extract.c 2019-01-02 18:07:48.000000000 +0000 ++++ tar-1.31.patched/src/extract.c 2019-01-09 16:17:20.368612005 +0000 +@@ -782,7 +782,8 @@ + case OVERWRITE_OLD_FILES: + if (0 < remove_any_file (file_name, ORDINARY_REMOVE_OPTION)) + return RECOVER_OK; +- break; ++ errno = e; ++ return RECOVER_NO; + + case UNLINK_FIRST_OLD_FILES: + break; diff --git a/src/patches/transmission-2.92-openssl-1.1.0.patch b/src/patches/transmission-2.92-openssl-1.1.0.patch deleted file mode 100644 index 29484b833..000000000 --- a/src/patches/transmission-2.92-openssl-1.1.0.patch +++ /dev/null @@ -1,261 +0,0 @@ -From f91cf5ad8c677b61ceb0bf5877b87f9e93256dd7 Mon Sep 17 00:00:00 2001 -From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> -Date: Mon, 5 Sep 2016 21:49:07 +0000 -Subject: [PATCH] transmission: build against openssl 1.1.0 - -Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> ---- - libtransmission/crypto-utils-openssl.c | 73 ++++++++++++++++++++++++++++++++-- - 1 file changed, 69 insertions(+), 4 deletions(-) - -diff --git a/libtransmission/crypto-utils-openssl.c b/libtransmission/crypto-utils-openssl.c -index c4539dc..972e24a 100644 ---- a/libtransmission/crypto-utils-openssl.c -+++ b/libtransmission/crypto-utils-openssl.c -@@ -229,6 +229,61 @@ tr_rc4_process (tr_rc4_ctx_t handle, - **** - ***/ - -+#if OPENSSL_VERSION_NUMBER < 0x10100000 -+static inline int -+DH_set0_pqg (DH * dh, -+ BIGNUM * p, -+ BIGNUM * q, -+ BIGNUM * g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p == NULL && p == NULL) -+ || (dh->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_free (dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) { -+ BN_free (dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) { -+ BN_free (dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) { -+ dh->length = BN_num_bits (q); -+ } -+ -+ return 1; -+} -+ -+static inline int -+DH_set_length (DH * dh, -+ long length) -+{ -+ dh->length = length; -+ return 1; -+} -+ -+static inline void -+DH_get0_key(const DH * dh, -+ const BIGNUM ** pub_key, -+ const BIGNUM ** priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = dh->pub_key; -+ if (priv_key != NULL) -+ *priv_key = dh->priv_key; -+} -+ -+#endif -+ - tr_dh_ctx_t - tr_dh_new (const uint8_t * prime_num, - size_t prime_num_length, -@@ -236,13 +291,19 @@ tr_dh_new (const uint8_t * prime_num, - size_t generator_num_length) - { - DH * handle = DH_new (); -+ BIGNUM * p, * g; - - assert (prime_num != NULL); - assert (generator_num != NULL); -+ p = BN_bin2bn (prime_num, prime_num_length, NULL); -+ g = BN_bin2bn (generator_num, generator_num_length, NULL); - -- if (!check_pointer (handle->p = BN_bin2bn (prime_num, prime_num_length, NULL)) || -- !check_pointer (handle->g = BN_bin2bn (generator_num, generator_num_length, NULL))) -+ if (!check_pointer (p) || -+ !check_pointer (g) || -+ !DH_set0_pqg (handle, p, NULL, g)) - { -+ BN_free (p); -+ BN_free (g); - DH_free (handle); - handle = NULL; - } -@@ -267,16 +328,20 @@ tr_dh_make_key (tr_dh_ctx_t raw_handle, - { - DH * handle = raw_handle; - int dh_size, my_public_key_length; -+ const BIGNUM * hand_pub_key; - - assert (handle != NULL); - assert (public_key != NULL); - -- handle->length = private_key_length * 8; -+ -+ DH_set_length(handle, private_key_length * 8); - - if (!check_result (DH_generate_key (handle))) - return false; - -- my_public_key_length = BN_bn2bin (handle->pub_key, public_key); -+ DH_get0_key (handle, &hand_pub_key, NULL); -+ -+ my_public_key_length = BN_bn2bin (hand_pub_key, public_key); - dh_size = DH_size (handle); - - tr_dh_align_key (public_key, my_public_key_length, dh_size); -From 8c8386a7f3f482a9c917f51d28e0042e55f56b3e Mon Sep 17 00:00:00 2001 -From: Mike Gelfand <mikedld@mikedld.com> -Date: Wed, 7 Sep 2016 01:09:04 +0300 -Subject: [PATCH] Fix coding style and building with !TR_LIGHTWEIGHT - ---- - libtransmission/crypto-utils-openssl.c | 60 +++++++++++++++++++--------------- - 1 file changed, 33 insertions(+), 27 deletions(-) - -diff --git a/libtransmission/crypto-utils-openssl.c b/libtransmission/crypto-utils-openssl.c -index 972e24a..9fd2c58 100644 ---- a/libtransmission/crypto-utils-openssl.c -+++ b/libtransmission/crypto-utils-openssl.c -@@ -14,6 +14,7 @@ - #include <assert.h> - - #include <openssl/bn.h> -+#include <openssl/crypto.h> - #include <openssl/dh.h> - #include <openssl/err.h> - #include <openssl/evp.h> -@@ -48,7 +49,12 @@ log_openssl_error (const char * file, - static bool strings_loaded = false; - if (!strings_loaded) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000 - ERR_load_crypto_strings (); -+#else -+ OPENSSL_init_crypto (OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); -+#endif -+ - strings_loaded = true; - } - #endif -@@ -230,6 +236,7 @@ tr_rc4_process (tr_rc4_ctx_t handle, - ***/ - - #if OPENSSL_VERSION_NUMBER < 0x10100000 -+ - static inline int - DH_set0_pqg (DH * dh, - BIGNUM * p, -@@ -237,28 +244,29 @@ DH_set0_pqg (DH * dh, - BIGNUM * g) - { - /* If the fields p and g in d are NULL, the corresponding input -- * parameters MUST be non-NULL. q may remain NULL. -+ * parameters MUST be non-NULL. q may remain NULL. - */ -- if ((dh->p == NULL && p == NULL) -- || (dh->g == NULL && g == NULL)) -+ if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL)) - return 0; - -- if (p != NULL) { -- BN_free (dh->p); -- dh->p = p; -- } -- if (q != NULL) { -- BN_free (dh->q); -- dh->q = q; -- } -- if (g != NULL) { -- BN_free (dh->g); -- dh->g = g; -- } -- -- if (q != NULL) { -+ if (p != NULL) -+ { -+ BN_free (dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) -+ { -+ BN_free (dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) -+ { -+ BN_free (dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) - dh->length = BN_num_bits (q); -- } - - return 1; - } -@@ -267,8 +275,8 @@ static inline int - DH_set_length (DH * dh, - long length) - { -- dh->length = length; -- return 1; -+ dh->length = length; -+ return 1; - } - - static inline void -@@ -295,12 +303,11 @@ tr_dh_new (const uint8_t * prime_num, - - assert (prime_num != NULL); - assert (generator_num != NULL); -+ - p = BN_bin2bn (prime_num, prime_num_length, NULL); - g = BN_bin2bn (generator_num, generator_num_length, NULL); - -- if (!check_pointer (p) || -- !check_pointer (g) || -- !DH_set0_pqg (handle, p, NULL, g)) -+ if (!check_pointer (p) || !check_pointer (g) || !DH_set0_pqg (handle, p, NULL, g)) - { - BN_free (p); - BN_free (g); -@@ -328,20 +335,19 @@ tr_dh_make_key (tr_dh_ctx_t raw_handle, - { - DH * handle = raw_handle; - int dh_size, my_public_key_length; -- const BIGNUM * hand_pub_key; -+ const BIGNUM * my_public_key; - - assert (handle != NULL); - assert (public_key != NULL); - -- - DH_set_length(handle, private_key_length * 8); - - if (!check_result (DH_generate_key (handle))) - return false; - -- DH_get0_key (handle, &hand_pub_key, NULL); -+ DH_get0_key (handle, &my_public_key, NULL); - -- my_public_key_length = BN_bn2bin (hand_pub_key, public_key); -+ my_public_key_length = BN_bn2bin (my_public_key, public_key); - dh_size = DH_size (handle); - - tr_dh_align_key (public_key, my_public_key_length, dh_size); diff --git a/src/scripts/xt_geoip_build b/src/scripts/xt_geoip_build deleted file mode 100644 index 202156f13..000000000 --- a/src/scripts/xt_geoip_build +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/perl -# -# Converter for MaxMind CSV database to binary, for xt_geoip -# Copyright © Jan Engelhardt, 2008-2011 -# -use Getopt::Long; -use IO::Handle; -use Text::CSV_XS; # or trade for Text::CSV -use strict; - -my $csv = Text::CSV_XS->new({ - allow_whitespace => 1, - binary => 1, - eol => $/, -}); # or Text::CSV -my $target_dir = "."; - -&Getopt::Long::Configure(qw(bundling)); -&GetOptions( - "D=s" => $target_dir, -); - -if (!-d $target_dir) { - print STDERR "Target directory $target_dir does not exist.\n"; - exit 1; -} - -my $dir = "$target_dir/LE"; -if (!-e $dir && !mkdir($dir)) { - print STDERR "Could not mkdir $dir: $!\n"; - exit 1; -} - -&dump(&collect()); - -sub collect -{ - my %country; - - while (my $row = $csv->getline(*ARGV)) { - if (!defined($country{$row->[4]})) { - $country{$row->[4]} = { - name => $row->[5], - pool_v4 => [], - pool_v6 => [], - }; - } - my $c = $country{$row->[4]}; - - push(@{$c->{pool_v4}}, [$row->[2], $row->[3]]); - - if ($. % 4096 == 0) { - print STDERR "\r\e[2K$. entries"; - } - } - - print STDERR "\r\e[2K$. entries total\n"; - return %country; -} - -sub dump -{ - my $country = shift @_; - - foreach my $iso_code (sort keys %$country) { - &dump_one($iso_code, $country->{$iso_code}); - } -} - -sub dump_one -{ - my($iso_code, $country) = @_; - my($file, $fh_le, $fh_be); - - printf "%5u IPv4 ranges for %s %s\n", - scalar(@{$country->{pool_v4}}), - $iso_code, $country->{name}; - - $file = "$target_dir/LE/".uc($iso_code).".iv4"; - if (!open($fh_le, "> $file")) { - print STDERR "Error opening $file: $!\n"; - exit 1; - } - foreach my $range (@{$country->{pool_v4}}) { - print $fh_le pack("VV", $range->[0], $range->[1]); - #print $fh_be pack("NN", $range->[0], $range->[1]); - } - close $fh_le; -} diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update index 0aea4d03e..73484c7a0 100644 --- a/src/scripts/xt_geoip_update +++ b/src/scripts/xt_geoip_update @@ -24,13 +24,10 @@ TMP_FILE=$(mktemp -p $TMP_PATH)
SCRIPT_PATH=/usr/local/bin DEST_PATH=/usr/share/xt_geoip +DB_PATH=/var/lib/GeoIP
-DL_URL=https://geolite.maxmind.com/download/geoip/database -DL_FILE=GeoIPCountryCSV.zip - -CSV_FILE=GeoIPCountryWhois.csv - -ARCH=LE +DL_URL=http://geolite.maxmind.com/download/geoip/database/ +DL_FILE=GeoLite2-Country-CSV.zip
eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
@@ -57,42 +54,41 @@ function download() { # Get the latest GeoIP database from server. wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE
- # Extract files. + # Extract files to database path. unzip $TMP_FILE -d $TMP_PATH
return 0 }
-function build() { - echo "Convert database..." +function install() { + echo "Install CSV database..."
- # Check if the csv file exists. - if [ ! -e $TMP_PATH/$CSV_FILE ]; then - echo "$TMP_PATH/$CSV_FILE not found. Exiting." - return 1 + # Check if the database dir exists. + if [ ! -e "$DB_PATH" ]; then + mkdir -p $DB_PATH &>/dev/null fi
- # Run script to convert the CSV file into several xtables - # compatible binary files. - if ! $SCRIPT_PATH/xt_geoip_build $TMP_PATH/$CSV_FILE -D $TMP_PATH; then - echo "Could not convert ruleset. Aborting." >&2 + # Check if the directory for binary databases exists. + if [ ! -e "$DEST_PATH" ]; then + mkdir -p $DEST_PATH &>/dev/null + fi + + # Install CSV databases. + if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then + echo "Could not copy files. Aborting." >&2 return 1 fi
return 0 }
-function install() { - echo "Install databases..." - - # Check if our destination exist. - if [ ! -e "$DEST_PATH" ]; then - mkdir -p $DEST_PATH &>/dev/null - fi +function build() { + echo "Convert database..."
- # Install databases. - if ! cp -af $TMP_PATH/$ARCH $DEST_PATH &>/dev/null; then - echo "Could not copy files. Aborting." >&2 + # Run script to convert the CSV file into several xtables + # compatible binary files. + if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then + echo "Could not convert ruleset. Aborting." >&2 return 1 fi
@@ -113,23 +109,18 @@ function main() { # Download ruleset. download || exit $?
- # Convert the ruleset. - if ! build; then - # Do cleanup. - cleanup || exit $? - exit 1 - fi - - # Install the converted ruleset. if ! install; then # Do cleanup. cleanup || exit $? exit 1 fi
- # Finaly remove temporary files. + # Remove temporary files. cleanup || exit $?
+ # Convert the ruleset. + build || exit $? + return 0 }
hooks/post-receive -- IPFire 2.x development tree