This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The tag, v2.23-core139 has been created at fd2dccaabb2e28cf875d7d81c7faf90f7941f56b (commit)
- Log ----------------------------------------------------------------- commit fd2dccaabb2e28cf875d7d81c7faf90f7941f56b Author: Peter Müller peter.mueller@ipfire.org Date: Fri Dec 13 17:28:00 2019 +0000
Core Update 139: fix syntax of generated Suricata DNS server file
The YAML syntax of /var/ipfire/suricata/suricata-dns-servers.yaml was invalid and caused Suricata to crash after upgrading to Core Update 139.
Due to strange NFQUEUE behaviour, this caused IPsec traffic to be emitted to the internet directly. While this patch represents a quick solution for Core Update 139, another one is needed for changing the IPtables chain order to avoid similar information leaks in future.
Thanks to Michael for his debugging effort.
Fixes #12260 Partially fixes #12257
Cc: Michael Tremer michael.tremer@ipfire.org Cc: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Peter Müller peter.mueller@ipfire.org Reviewed-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org -----------------------------------------------------------------------
hooks/post-receive -- IPFire 2.x development tree