[git.ipfire.org] IPFire 2.x development tree branch, fifteen, updated. 568438067cfef263b683f97b9350776f62396e04 - IPFire-SCM

14 Oct 2013

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, fifteen has been updated
       via  568438067cfef263b683f97b9350776f62396e04 (commit)
       via  8dc177053fc97d89afb99bb2ab4849656d550833 (commit)
       via  81c43f61b09f70f1402b5db6d7c468eae2bbe956 (commit)
       via  0f6b606785f640bfa5dcbc78616ebb4d194f578e (commit)
       via  6e77821da801d9714230c649c3748b19b697817d (commit)
       via  6f49e32b74ba5312385238e6b59bbe2f52ea2e5a (commit)
       via  0e4f36aee459a4e4f7dca4037c8bbdc181d74836 (commit)
      from  5b0bc4ca3d5609bed04a34284b5f746616f768f1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 568438067cfef263b683f97b9350776f62396e04
Merge: 5b0bc4c 8dc1770
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Oct 14 14:12:04 2013 +0200
Merge branch 'next' into fifteen
-----------------------------------------------------------------------
Summary of changes:
 config/rootfiles/oldcore/73/update.sh |  9 +++++++++
 doc/language_issues.es                |  2 ++
 doc/language_issues.fr                |  2 ++
 doc/language_issues.nl                |  2 ++
 doc/language_issues.pl                |  2 ++
 doc/language_issues.ru                |  2 ++
 doc/language_issues.tr                |  2 ++
 doc/language_missings                 |  8 ++++++++
 html/cgi-bin/proxy.cgi                | 35 ++++++++++++++++++++++++++++-------
 langs/de/cgi-bin/de.pl                |  2 ++
 langs/en/cgi-bin/en.pl                |  2 ++
 lfs/apache2                           |  3 +++
 lfs/squid                             |  6 +++---
 src/initscripts/init.d/squid          |  6 +++---
 14 files changed, 70 insertions(+), 13 deletions(-)
Difference in files:

diff --git a/config/rootfiles/oldcore/73/update.sh b/config/rootfiles/oldcore/73/update.sh
index 1fb3ac6..6730e0d 100644
--- a/config/rootfiles/oldcore/73/update.sh
+++ b/config/rootfiles/oldcore/73/update.sh
@@ -42,6 +42,15 @@ done
 #Extract files
 extract_files
+if [ -e "/var/ipfire/proxy/enable" ] || [ -e "/var/ipfire/proxy/enable_blue" ]; then
+	(
+		eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
+
+		TRANSPARENT_PORT="$(( ${PROXY_PORT} + 1 ))"
+		echo "TRANSPORT_PORT=${TRANSPARENT_PORT}" >> /var/ipfire/proxy/advanced/settings
+	)
+fi
+
 # Regenerate squid configuration files.
 /srv/web/ipfire/cgi-bin/proxy.cgi
diff --git a/doc/language_issues.es b/doc/language_issues.es
index d4f500c..7bf3829 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -549,6 +549,8 @@ WARNING: untranslated string: Set time on boot
 WARNING: untranslated string: advproxy cache-digest
 WARNING: untranslated string: advproxy errmsg cache
 WARNING: untranslated string: advproxy errmsg invalid upstream proxy
+WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: age second
 WARNING: untranslated string: age seconds
 WARNING: untranslated string: age shour
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index e161500..70f8ecf 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -551,6 +551,8 @@ WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: advproxy cache-digest
 WARNING: untranslated string: advproxy errmsg cache
 WARNING: untranslated string: advproxy errmsg invalid upstream proxy
+WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: age second
 WARNING: untranslated string: age seconds
 WARNING: untranslated string: age shour
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index fed5e45..c27610f 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -552,6 +552,8 @@ WARNING: translation string unused: year-graph
 WARNING: translation string unused: yearly firewallhits
 WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: advproxy cache-digest
+WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: age second
 WARNING: untranslated string: age seconds
 WARNING: untranslated string: age shour
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index d4f500c..7bf3829 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -549,6 +549,8 @@ WARNING: untranslated string: Set time on boot
 WARNING: untranslated string: advproxy cache-digest
 WARNING: untranslated string: advproxy errmsg cache
 WARNING: untranslated string: advproxy errmsg invalid upstream proxy
+WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: age second
 WARNING: untranslated string: age seconds
 WARNING: untranslated string: age shour
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 1d3eb79..35cba16 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -543,6 +543,8 @@ WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: advproxy cache-digest
 WARNING: untranslated string: advproxy errmsg cache
 WARNING: untranslated string: advproxy errmsg invalid upstream proxy
+WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: age second
 WARNING: untranslated string: age seconds
 WARNING: untranslated string: age shour
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 079f411..f293e6e 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -555,6 +555,8 @@ WARNING: translation string unused: xtaccess bad transfert
 WARNING: translation string unused: year-graph
 WARNING: translation string unused: yearly firewallhits
 WARNING: untranslated string: Scan for Songs
+WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy proxy port transparent
 WARNING: untranslated string: bytes
 WARNING: untranslated string: dnsforward
 WARNING: untranslated string: dnsforward add a new entry
diff --git a/doc/language_missings b/doc/language_missings
index 704db02..2dfa5c7 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -13,6 +13,8 @@
 ############################################################################
 < advproxy errmsg cache
 < advproxy errmsg invalid upstream proxy
+< advproxy errmsg proxy ports equal
+< advproxy proxy port transparent
 < age second
 < age seconds
 < age shour
@@ -414,6 +416,8 @@
 ############################################################################
 < advproxy errmsg cache
 < advproxy errmsg invalid upstream proxy
+< advproxy errmsg proxy ports equal
+< advproxy proxy port transparent
 < age second
 < age seconds
 < age shour
@@ -808,6 +812,8 @@
 ############################################################################
 < advproxy errmsg cache
 < advproxy errmsg invalid upstream proxy
+< advproxy errmsg proxy ports equal
+< advproxy proxy port transparent
 < age second
 < age seconds
 < age shour
@@ -1178,6 +1184,8 @@
 < Add a route
 < advproxy errmsg cache
 < advproxy errmsg invalid upstream proxy
+< advproxy errmsg proxy ports equal
+< advproxy proxy port transparent
 < age second
 < age seconds
 < age shour
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index 97e752e..6dd900f 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -195,6 +195,7 @@ $proxysettings{'ENABLE_BLUE'} = 'off';
 $proxysettings{'TRANSPARENT'} = 'off';
 $proxysettings{'TRANSPARENT_BLUE'} = 'off';
 $proxysettings{'PROXY_PORT'} = '800';
+$proxysettings{'TRANSPARENT_PORT'} = '3128';
 $proxysettings{'VISIBLE_HOSTNAME'} = '';
 $proxysettings{'ADMIN_MAIL_ADDRESS'} = '';
 $proxysettings{'ADMIN_PASSWORD'} = '';
@@ -212,7 +213,7 @@ $proxysettings{'LOGGING'} = 'off';
 $proxysettings{'CACHEMGR'} = 'off';
 $proxysettings{'LOGQUERY'} = 'off';
 $proxysettings{'LOGUSERAGENT'} = 'off';
-$proxysettings{'FILEDESCRIPTORS'} = '4096';
+$proxysettings{'FILEDESCRIPTORS'} = '16384';
 $proxysettings{'CACHE_MEM'} = '2';
 $proxysettings{'CACHE_SIZE'} = '50';
 $proxysettings{'MAX_SIZE'} = '4096';
@@ -359,6 +360,15 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
    	$errormessage = $Lang::tr{'advproxy errmsg invalid proxy port'};
    	goto ERROR;
    }
+	if (!(&General::validport($proxysettings{'TRANSPARENT_PORT'})))
+	{
+		$errormessage = $Lang::tr{'advproxy errmsg invalid proxy port'};
+		goto ERROR;
+	}
+	if ($proxysettings{'PROXY_PORT'} eq $proxysettings{'TRANSPARENT_PORT'}) {
+		$errormessage = $Lang::tr{'advproxy errmsg proxy ports equal'};
+		goto ERROR;
+	}
    if (!($proxysettings{'UPSTREAM_PROXY'} eq ''))
    {
    	my @temp = split(/:/,$proxysettings{'UPSTREAM_PROXY'});
@@ -956,8 +966,8 @@ print <<END
 <tr>
    <td class='base'>$Lang::tr{'advproxy transparent on'} <font color="$Header::colourgreen">Green</font>:</td>
    <td><input type='checkbox' name='TRANSPARENT' $checked{'TRANSPARENT'}{'on'} /></td>
-	<td class='base'>$Lang::tr{'advproxy visible hostname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
-	<td><input type='text' name='VISIBLE_HOSTNAME' value='$proxysettings{'VISIBLE_HOSTNAME'}' /></td>
+	<td width='25%' class='base'>$Lang::tr{'advproxy proxy port transparent'}:</td>
+	<td width='30%'><input type='text' name='TRANSPARENT_PORT' value='$proxysettings{'TRANSPARENT_PORT'}' size='5' /></td>
 </tr>
 <tr>
 END
@@ -969,7 +979,8 @@ if ($netsettings{'BLUE_DEV'}) {
    print "<td colspan='2'>&nbsp;</td>";
 }
 print <<END
-	<td colspan='2'>&nbsp;</td>
+	<td class='base'>$Lang::tr{'advproxy visible hostname'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
+	<td><input type='text' name='VISIBLE_HOSTNAME' value='$proxysettings{'VISIBLE_HOSTNAME'}' /></td>
 </tr>
 <tr>
 END
@@ -3078,15 +3089,25 @@ END
    }
print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
-	if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" }
    if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
    print FILE "\n";
+	if ($proxysettings{'TRANSPARENT'} eq 'on') {
+		print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'TRANSPARENT_PORT'} intercept";
+		if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
+		print FILE "\n";
+	}
+
    if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {
    	print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
-		if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') { print FILE " transparent" }
    	if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
    	print FILE "\n";
+
+		if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') {
+			print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'TRANSPARENT_PORT'} intercept";
+			if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
+			print FILE "\n";
+		}
    }
if ($proxysettings{'CACHE_SIZE'} > 0)
@@ -3457,7 +3478,7 @@ END
    # Check if squidclamav is enabled.
    if ($proxysettings{'ENABLE_CLAMAV'} eq 'on') {
    	print FILE "\n#Settings for squidclamav:\n";
-		print FILE "http_port 127.0.0.1:$proxysettings{'PROXY_PORT'} transparent\n";
+		print FILE "http_port 127.0.0.1:$proxysettings{'PROXY_PORT'}\n";
    	print FILE "acl purge method PURGE\n";
    	print FILE "http_access deny to_localhost\n";
    	print FILE "http_access allow localhost\n";
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 68dd61a..a894ba0 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -243,6 +243,7 @@
 'advproxy errmsg password length 1' => 'Passwort muss mindestens',
 'advproxy errmsg password length 2' => ' Zeichen enthalten',
 'advproxy errmsg passwords different' => 'Passwörter stimmen nicht überein',
+'advproxy errmsg proxy ports equal' => 'Der Proxy-Port darf nicht identisch mit dem transparenten Port sein.',
 'advproxy errmsg radius port' => 'Ungültige RADIUS Portnummer',
 'advproxy errmsg radius secret' => 'Shared Secret erforderlich',
 'advproxy errmsg radius server' => 'Ungültige IP-Adresse für den RADIUS-Server',
@@ -280,6 +281,7 @@
 'advproxy on' => 'Proxy an',
 'advproxy privacy' => 'Datenschutz',
 'advproxy proxy port' => 'Proxy-Port',
+'advproxy proxy port transparent' => 'Transparenter Port',
 'advproxy ram cache size' => 'Cachegröße im Arbeitsspeicher (MB)',
 'advproxy redirector children' => 'Anzahl der Filterprozesse',
 'advproxy reset' => 'Zurücksetzen',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index b625a6c..9eb9a83 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -243,6 +243,7 @@
 'advproxy errmsg password length 1' => 'Password must have at least ',
 'advproxy errmsg password length 2' => ' characters',
 'advproxy errmsg passwords different' => 'Passwords don't match',
+'advproxy errmsg proxy ports equal' => 'The proxy port and the transparent port cannot be equal.',
 'advproxy errmsg radius port' => 'Invalid RADIUS port number',
 'advproxy errmsg radius secret' => 'RADIUS shared secret required',
 'advproxy errmsg radius server' => 'Invalid IP address for RADIUS Server',
@@ -280,6 +281,7 @@
 'advproxy on' => 'Proxy on',
 'advproxy privacy' => 'Privacy',
 'advproxy proxy port' => 'Proxy port',
+'advproxy proxy port transparent' => 'Transparent port',
 'advproxy ram cache size' => 'Memory cache size (MB)',
 'advproxy redirector children' => 'Number of filter processes',
 'advproxy reset' => 'Reset',
diff --git a/lfs/apache2 b/lfs/apache2
index c3d9156..f50332b 100644
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -98,6 +98,9 @@ ifeq "$(PASS)" "C"
    chmod -R 755 /srv/web/ipfire/cgi-bin
    chmod -R 644 /srv/web/ipfire/html
    chmod 755 /srv/web/ipfire/html /srv/web/ipfire/html/{index.cgi,redirect.cgi,dial.cgi,images,include,themes,themes/*,themes/*/*}
+
+	# Reset permissions of redirect templates directories
+	find /srv/web/ipfire/html/redirect-templates -type d | xargs chmod -v 755
 else
    @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
    cd $(DIR_APP) && patch -Np1 -i $(DIR_DL)/httpd-2.2.2-config-1.patch
diff --git a/lfs/squid b/lfs/squid
index 4a71b4d..bc0ef71 100644
--- a/lfs/squid
+++ b/lfs/squid
@@ -24,7 +24,7 @@
include Config
-VER        = 3.3.8
+VER        = 3.3.9
THISAPP    = squid-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6a8fa0075f2fbdd899ac4c9d95fe67cb
+$(DL_FILE)_MD5 = 6c4ba0d63c3a6d94de2da689f361cdab
install : $(TARGET)
@@ -114,7 +114,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
    	--enable-cache-digests \
    	--enable-forw-via-db \
    	--enable-htcp \
-		--enable-ipf-transparent \
+		--enable-linux-netfilter \
    	--enable-kill-parent-hack \
    	--disable-wccpv2 \
    	--enable-icap-client \
diff --git a/src/initscripts/init.d/squid b/src/initscripts/init.d/squid
index 62d5bea..c641c7d 100644
--- a/src/initscripts/init.d/squid
+++ b/src/initscripts/init.d/squid
@@ -15,8 +15,8 @@ transparent() {
    	eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
# If the proxy port is not set we set the default to 800.
-		if [ -z $PROXY_PORT ]; then
-			PROXY_PORT=800
+		if [ -z "${TRANSPARENT_PORT}" ]; then
+			TRANSPARENT_PORT=800
    	fi
LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n`
@@ -43,7 +43,7 @@ transparent() {
    	
    	iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
    	
-		iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port $PROXY_PORT
+		iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
 }
case "$1" in
hooks/post-receive
--
IPFire 2.x development tree

    