This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via dd79c3999b595db4f9be7df57b7d7423b3a78912 (commit) via fb617ff53952f9e6c067cb83608b168ed986a272 (commit) from 9e48325fd2cea579b32e57c3ecfe0ce97210b084 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit dd79c3999b595db4f9be7df57b7d7423b3a78912 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Mon Feb 15 20:15:11 2010 +0100
Change some iptables rules to match new negation syntax.
commit fb617ff53952f9e6c067cb83608b168ed986a272 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Mon Feb 15 20:14:11 2010 +0100
Set wlan regulatory domain to "EU".
-----------------------------------------------------------------------
Summary of changes: config/etc/modprobe.d/cfg80211 | 2 ++ config/qos/makeqosscripts.pl | 4 ++-- config/rootfiles/common/stage2 | 1 + lfs/stage2 | 4 +--- src/initscripts/init.d/firewall | 2 +- src/misc-progs/wirelessctrl.c | 6 +++--- 6 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 config/etc/modprobe.d/cfg80211 mode change 100755 => 100644 src/misc-progs/Makefile mode change 100755 => 100644 src/misc-progs/setaliases.c
Difference in files: diff --git a/config/etc/modprobe.d/cfg80211 b/config/etc/modprobe.d/cfg80211 new file mode 100644 index 0000000..3339ea8 --- /dev/null +++ b/config/etc/modprobe.d/cfg80211 @@ -0,0 +1,2 @@ +options cfg80211 ieee80211_regdom=EU +blacklist ieee80211 diff --git a/config/qos/makeqosscripts.pl b/config/qos/makeqosscripts.pl index 66bdc4f..d62e630 100644 --- a/config/qos/makeqosscripts.pl +++ b/config/qos/makeqosscripts.pl @@ -514,7 +514,7 @@ print <<END
### ADD QOS-INC CHAIN TO THE MANGLE TABLE IN IPTABLES iptables -t mangle -N QOS-INC - iptables -t mangle -A POSTROUTING -m mark ! --mark 0 -o ! $qossettings{'RED_DEV'} -j IMQ --todev 0 + iptables -t mangle -A POSTROUTING -m mark ! --mark 0 ! -o $qossettings{'RED_DEV'} -j IMQ --todev 0 iptables -t mangle -I FORWARD -i $qossettings{'RED_DEV'} -j QOS-INC iptables -t mangle -A FORWARD -i $qossettings{'RED_DEV'} -j QOS-TOS
@@ -687,7 +687,7 @@ print <<END tc qdisc del dev $qossettings{'IMQ_DEV'} root >/dev/null 2>&1 # STOP IMQ-DEVICE ip link set $qossettings{'IMQ_DEV'} down >/dev/null 2>&1 - iptables -t mangle --delete POSTROUTING -m mark ! --mark 0 -o ! $qossettings{'RED_DEV'} -j IMQ --todev 0 >/dev/null 2>&1 + iptables -t mangle --delete POSTROUTING -m mark ! --mark 0 ! -o $qossettings{'RED_DEV'} -j IMQ --todev 0 >/dev/null 2>&1 iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0 >/dev/null 2>&1 # rmmod imq # this crash on 2.6.25.xx # REMOVE & FLUSH CHAINS diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2 index 7702cf3..6a7a099 100644 --- a/config/rootfiles/common/stage2 +++ b/config/rootfiles/common/stage2 @@ -19,6 +19,7 @@ etc/ld.so.conf etc/logrotate.conf etc/mime.types etc/modprobe.d +etc/modprobe.d/cfg80211 etc/modules.conf etc/mtab etc/nsswitch.conf diff --git a/lfs/stage2 b/lfs/stage2 index 59cb947..b2be2d6 100644 --- a/lfs/stage2 +++ b/lfs/stage2 @@ -69,9 +69,7 @@ $(TARGET) : -ln -sv bash /bin/sh
# Config files - for i in $(DIR_SRC)/config/etc/*; do \ - [ -f $$i ] && cp $$i /etc; \ - done + cp -rvf $(DIR_SRC)/config/etc/* /etc; touch /etc/mtab echo "$(NAME) v$(VERSION) - $(SLOGAN)" > /etc/issue echo "===============================" >> /etc/issue diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall index 0392e9f..410ff87 100644 --- a/src/initscripts/init.d/firewall +++ b/src/initscripts/init.d/firewall @@ -186,7 +186,7 @@ case "$1" in /sbin/iptables -A FORWARD -i lo -m state --state NEW -j ACCEPT /sbin/iptables -A FORWARD -s 127.0.0.0/8 -m state --state NEW -j DROP /sbin/iptables -A FORWARD -d 127.0.0.0/8 -m state --state NEW -j DROP - /sbin/iptables -A INPUT -i $GREEN_DEV -m state --state NEW -j ACCEPT -p ! icmp + /sbin/iptables -A INPUT -i $GREEN_DEV -m state --state NEW -j ACCEPT ! -p icmp /sbin/iptables -A FORWARD -i $GREEN_DEV -m state --state NEW -j ACCEPT
# If a host on orange tries to initiate a connection to IPFire's red IP and diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile old mode 100755 new mode 100644 diff --git a/src/misc-progs/setaliases.c b/src/misc-progs/setaliases.c old mode 100755 new mode 100644 diff --git a/src/misc-progs/wirelessctrl.c b/src/misc-progs/wirelessctrl.c index 01743a7..bfd4527 100644 --- a/src/misc-progs/wirelessctrl.c +++ b/src/misc-progs/wirelessctrl.c @@ -151,7 +151,7 @@ int main(void) (VALID_IP(ipaddress))) { snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSINPUT -m mac --mac-source %s -s %s -i %s -j ACCEPT", macaddress, ipaddress, blue_dev); safe_system(command); - snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s -o ! %s -j ACCEPT", macaddress, ipaddress, blue_dev, green_dev); + snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s ! -o %s -j ACCEPT", macaddress, ipaddress, blue_dev, green_dev); safe_system(command); snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s -j DMZHOLES", macaddress, ipaddress, blue_dev); safe_system(command); @@ -161,7 +161,7 @@ int main(void) if (strlen(macaddress) == 17) { snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSINPUT -m mac --mac-source %s -i %s -j ACCEPT", macaddress, blue_dev); safe_system(command); - snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s -o ! %s -j ACCEPT", macaddress, blue_dev, green_dev); + snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s ! -o %s -j ACCEPT", macaddress, blue_dev, green_dev); safe_system(command); snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s -j DMZHOLES", macaddress, blue_dev); safe_system(command); @@ -170,7 +170,7 @@ int main(void) if (VALID_IP(ipaddress)) { snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSINPUT -s %s -i %s -j ACCEPT", ipaddress, blue_dev); safe_system(command); - snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s -o ! %s -j ACCEPT", ipaddress, blue_dev, green_dev); + snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s ! -o %s -j ACCEPT", ipaddress, blue_dev, green_dev); safe_system(command); snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s -j DMZHOLES", ipaddress, blue_dev); safe_system(command);
hooks/post-receive -- IPFire 2.x development tree