This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 3eeb913b052a2debec285c5fa9ce9d108855931d (commit) via 9d0acf61e017f010df9f77107da45825a7f3f3dc (commit) via a53c3c2621a67674d105f0afa40f6dfd15cbbd78 (commit) via 890f0b12f7f5de0581a5a23e69bb0ea2bcfeada4 (commit) via 4e2bce180421f90ab45ed71d00d2bbf902c407ee (commit) via 78a14abf81e61ea4fc62d313dfd6779cda9421ae (commit) from e967320c35488b13cf6dd77b0745fc8c6f083d68 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 3eeb913b052a2debec285c5fa9ce9d108855931d Author: Erik Kapfer erik.kapfer@ipfire.org Date: Fri Aug 24 15:47:01 2012 +0200
nmap: Update to 6.01.
commit 9d0acf61e017f010df9f77107da45825a7f3f3dc Author: Erik Kapfer erik.kapfer@ipfire.org Date: Fri Aug 24 15:44:11 2012 +0200
fping: New package.
commit a53c3c2621a67674d105f0afa40f6dfd15cbbd78 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Aug 24 15:37:36 2012 +0200
minidlna: Add initscript and all the other fancy install stuff.
commit 890f0b12f7f5de0581a5a23e69bb0ea2bcfeada4 Merge: e967320 4e2bce1 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Aug 24 15:29:29 2012 +0200
Merge branch 'outgoingfw' into next
commit 4e2bce180421f90ab45ed71d00d2bbf902c407ee Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Aug 12 20:45:21 2012 +0200
outgoingfw: Remove unused variable in generator script.
commit 78a14abf81e61ea4fc62d313dfd6779cda9421ae Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 7 16:37:29 2012 +0200
outgoingfw: mode=1: Change policy ACCEPT -> RETURN.
Because of the early acceptance of packets, that pass the outgoing firewall, it was possible to circumvent the MAC address filter on blue. The RETURN target forces the packets to go on. Other packets, that do not pass the outgoing firewall will be dropped immediately.
-----------------------------------------------------------------------
Summary of changes: config/outgoingfw/outgoingfw.pl | 17 ++++----- config/rootfiles/common/armv5tel/initscripts | 1 + config/rootfiles/common/i586/initscripts | 1 + config/rootfiles/core/62/filelists/files | 1 + config/rootfiles/packages/fping | 2 + config/rootfiles/packages/minidlna | 1 + lfs/{joe => fping} | 8 ++-- lfs/nmap | 6 ++-- make.sh | 1 + src/initscripts/init.d/minidlna | 48 ++++++++++++++++++++++++++ src/paks/{gnump3d => minidlna}/install.sh | 9 +++-- src/paks/{default => minidlna}/uninstall.sh | 2 +- src/paks/{asterisk => minidlna}/update.sh | 1 - 13 files changed, 75 insertions(+), 23 deletions(-) create mode 100644 config/rootfiles/packages/fping copy lfs/{joe => fping} (96%) create mode 100755 src/initscripts/init.d/minidlna copy src/paks/{gnump3d => minidlna}/install.sh (90%) copy src/paks/{default => minidlna}/uninstall.sh (98%) copy src/paks/{asterisk => minidlna}/update.sh (98%)
Difference in files: diff --git a/config/outgoingfw/outgoingfw.pl b/config/outgoingfw/outgoingfw.pl index 1d7dd93..8bb49e0 100644 --- a/config/outgoingfw/outgoingfw.pl +++ b/config/outgoingfw/outgoingfw.pl @@ -73,7 +73,6 @@ my $PROTO = ""; my $DPORT = ""; my $DEV = ""; my $MAC = ""; -my $POLICY = ""; my $DO = ""; my $DAY = "";
@@ -90,11 +89,9 @@ close FILE;
if ( $outfwsettings{'POLICY'} eq 'MODE1' ) { $outfwsettings{'STATE'} = "ALLOW"; - $POLICY = "DROP"; - $DO = "ACCEPT"; + $DO = "RETURN"; } elsif ( $outfwsettings{'POLICY'} eq 'MODE2' ) { $outfwsettings{'STATE'} = "DENY"; - $POLICY = "ACCEPT"; $DO = "DROP -m comment --comment 'DROP_OUTGOINGFW '"; }
@@ -112,13 +109,13 @@ if ( $outfwsettings{'POLICY'} eq 'MODE0' ) { }
if ( $outfwsettings{'POLICY'} eq 'MODE1' ) { - $CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j ACCEPT"; + $CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j RETURN"; if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); } - $CMD = "/sbin/iptables -A OUTGOINGFWMAC -m state --state ESTABLISHED,RELATED -j ACCEPT"; + $CMD = "/sbin/iptables -A OUTGOINGFWMAC -m state --state ESTABLISHED,RELATED -j RETURN"; if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); } - $CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j ACCEPT"; + $CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j RETURN"; if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); } - $CMD = "/sbin/iptables -A OUTGOINGFWMAC -p icmp -j ACCEPT"; + $CMD = "/sbin/iptables -A OUTGOINGFWMAC -p icmp -j RETURN"; if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); } }
@@ -260,7 +257,7 @@ foreach $p2pentry (sort @p2ps) $P2PSTRING = "$P2PSTRING --$p2pline[1]"; } } else { - $DO = "ACCEPT"; + $DO = "RETURN"; if ("$p2pline[2]" eq "on") { $P2PSTRING = "$P2PSTRING --$p2pline[1]"; } @@ -290,4 +287,4 @@ if ( $outfwsettings{'POLICY'} eq 'MODE1' ) { } else { system("$CMD"); } -} \ No newline at end of file +} diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index eaa6352..c234166 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -47,6 +47,7 @@ etc/rc.d/init.d/mISDN #etc/rc.d/init.d/mediatomb #etc/rc.d/init.d/messagebus #etc/rc.d/init.d/miau +#etc/rc.d/init.d/minidlna #etc/rc.d/init.d/miniupnpd #etc/rc.d/init.d/mldonkey etc/rc.d/init.d/modules diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index 882628a..63cd274 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -48,6 +48,7 @@ etc/rc.d/init.d/mISDN #etc/rc.d/init.d/mediatomb #etc/rc.d/init.d/messagebus #etc/rc.d/init.d/miau +#etc/rc.d/init.d/minidlna #etc/rc.d/init.d/miniupnpd #etc/rc.d/init.d/mldonkey etc/rc.d/init.d/modules diff --git a/config/rootfiles/core/62/filelists/files b/config/rootfiles/core/62/filelists/files index 89987a1..731daa0 100644 --- a/config/rootfiles/core/62/filelists/files +++ b/config/rootfiles/core/62/filelists/files @@ -2,3 +2,4 @@ etc/system-release etc/issue srv/web/ipfire/cgi-bin/connections.cgi usr/lib/gconv +var/ipfire/outgoing/bin/outgoingfw.pl diff --git a/config/rootfiles/packages/fping b/config/rootfiles/packages/fping new file mode 100644 index 0000000..ccc16e9 --- /dev/null +++ b/config/rootfiles/packages/fping @@ -0,0 +1,2 @@ +usr/sbin/fping +#usr/share/man/man8/fping.8 diff --git a/config/rootfiles/packages/minidlna b/config/rootfiles/packages/minidlna index e53330e..c30e30b 100644 --- a/config/rootfiles/packages/minidlna +++ b/config/rootfiles/packages/minidlna @@ -1,2 +1,3 @@ +etc/rc.d/init.d/minidlna etc/minidlna.conf usr/sbin/minidlna diff --git a/lfs/fping b/lfs/fping new file mode 100644 index 0000000..3b7b97c --- /dev/null +++ b/lfs/fping @@ -0,0 +1,84 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 3.1 + +THISAPP = fping-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = fping +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = a2bbf3316da8c7b47a1a0ffe959d5d9e + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/nmap b/lfs/nmap index 5ff3221..38b6da9 100644 --- a/lfs/nmap +++ b/lfs/nmap @@ -24,7 +24,7 @@
include Config
-VER = 5.51 +VER = 6.01
THISAPP = nmap-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nmap -PAK_VER = 5 +PAK_VER = 6
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 0b80d2cb92ace5ebba8095a4c2850275 +$(DL_FILE)_MD5 = a1a71940f238abb835dbf3ee7412bcea
install : $(TARGET)
diff --git a/make.sh b/make.sh index bf8d288..c30786d 100755 --- a/make.sh +++ b/make.sh @@ -770,6 +770,7 @@ buildipfire() { ipfiremake mtr ipfiremake tcpick ipfiremake minidlna + ipfiremake fping echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild echo >> $BASEDIR/build/var/ipfire/firebuild diff --git a/src/initscripts/init.d/minidlna b/src/initscripts/init.d/minidlna new file mode 100755 index 0000000..6823067 --- /dev/null +++ b/src/initscripts/init.d/minidlna @@ -0,0 +1,48 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/minidlna +# +# Description : minidlna - UPNP/DLNA streaming server +# +# Authors : Michael Tremer michael.tremer@ipfire.org +# +# Version : 01.00 +# +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + boot_mesg "Starting minidlna..." + loadproc /usr/sbin/minidlna + ;; + + stop) + boot_mesg "Stopping minidlna..." + killproc /usr/sbin/minidlna + ;; + + reload) + boot_mesg "Reloading minidlna..." + reloadproc /usr/sbin/minidlna + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc /usr/sbin/minidlna + ;; + + *) + echo "Usage: ${0} {start|stop|reload|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/minidlna diff --git a/src/paks/minidlna/install.sh b/src/paks/minidlna/install.sh new file mode 100644 index 0000000..5080157 --- /dev/null +++ b/src/paks/minidlna/install.sh @@ -0,0 +1,32 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +extract_files +[ -d /var/mp3 ] || ( mkdir /var/mp3 && chown nobody.nobody /var/mp3 ) + +start_service ${NAME} + +ln -svf ../init.d/minidlna /etc/rc.d/rc0.d/K00minidlna +ln -svf ../init.d/minidlna /etc/rc.d/rc3.d/S99minidlna +ln -svf ../init.d/minidlna /etc/rc.d/rc6.d/K00minidlna diff --git a/src/paks/minidlna/uninstall.sh b/src/paks/minidlna/uninstall.sh new file mode 100644 index 0000000..bc59838 --- /dev/null +++ b/src/paks/minidlna/uninstall.sh @@ -0,0 +1,27 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +stop_service ${NAME} +remove_files +rm -rf /etc/rc.d/rc*.d/*minidlna diff --git a/src/paks/minidlna/update.sh b/src/paks/minidlna/update.sh new file mode 100644 index 0000000..d5e6116 --- /dev/null +++ b/src/paks/minidlna/update.sh @@ -0,0 +1,25 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +./uninstall.sh +./install.sh
hooks/post-receive -- IPFire 2.x development tree