This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via bd4ea3c25bfa9a9a8b11c613e293070f57e6ecfd (commit) via 1498017b64188e2d43e3f647f7cc673905da0ed9 (commit) from 3d8249d34fb6df24168df4ab8052136b54343672 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit bd4ea3c25bfa9a9a8b11c613e293070f57e6ecfd Author: Christian Schmidt christian.schmidt@ipfire.org Date: Fri Sep 3 12:25:41 2010 +0200
Some bugfixes for the outgoing fw and grouping feature.
commit 1498017b64188e2d43e3f647f7cc673905da0ed9 Author: Christian Schmidt christian.schmidt@ipfire.org Date: Fri Sep 3 12:18:23 2010 +0200
Updated snort to current stable 2.8.6.1
-----------------------------------------------------------------------
Summary of changes: config/outgoingfw/outgoingfw.pl | 5 +++-- config/rootfiles/core/40/filelists/files | 1 + config/rootfiles/core/{38 => 40}/filelists/snort | 0 doc/packages-list.txt | 1 + html/cgi-bin/ids.cgi | 4 ++-- html/cgi-bin/outgoingfw.cgi | 16 ++++++++-------- html/cgi-bin/outgoinggrp.cgi | 8 ++++++++ langs/de/cgi-bin/de.pl | 3 ++- langs/en/cgi-bin/en.pl | 3 ++- langs/es/cgi-bin/es.pl | 3 ++- langs/fr/cgi-bin/fr.pl | 3 ++- lfs/snort | 4 ++-- 12 files changed, 33 insertions(+), 18 deletions(-) copy config/rootfiles/core/{38 => 40}/filelists/snort (100%)
Difference in files: diff --git a/config/outgoingfw/outgoingfw.pl b/config/outgoingfw/outgoingfw.pl index b323c38..e2f9093 100644 --- a/config/outgoingfw/outgoingfw.pl +++ b/config/outgoingfw/outgoingfw.pl @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2005-2010 IPTifre Team # +# Copyright (C) 2005-2010 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -164,6 +164,7 @@ foreach $configentry (sort @configs) @SOURCE = `cat /var/ipfire/outgoing/groups/ipgroups/$configline[2]`; } elsif ( -e "/var/ipfire/outgoing/groups/macgroups/$configline[2]" ) { @SOURCE = `cat /var/ipfire/outgoing/groups/macgroups/$configline[2]`; + $configline[2] = "mac"; } $DEV = ""; } @@ -188,7 +189,7 @@ foreach $configentry (sort @configs)
if ( $SOURCE eq "" ){next;}
- if ( $configline[6] ne "" ){ + if ( $configline[6] ne "" || $configline[2] eq 'mac' ){ $SOURCE =~ s/[^a-zA-Z0-9]/:/gi; $CMD = "/sbin/iptables -A OUTGOINGFWMAC -m mac --mac-source $SOURCE -d $DESTINATION -p $PROTO"; } else { diff --git a/config/rootfiles/core/40/filelists/files b/config/rootfiles/core/40/filelists/files index 47ccf94..81d9d06 100644 --- a/config/rootfiles/core/40/filelists/files +++ b/config/rootfiles/core/40/filelists/files @@ -12,6 +12,7 @@ etc/rc.d/init.d/functions etc/rc.d/init.d/networking/red srv/web/ipfire/cgi-bin/backup.cgi srv/web/ipfire/cgi-bin/dhcp.cgi +srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/time.cgi srv/web/ipfire/cgi-bin/pppsetup.cgi srv/web/ipfire/cgi-bin/outgoinggrp.cgi diff --git a/config/rootfiles/core/40/filelists/snort b/config/rootfiles/core/40/filelists/snort new file mode 120000 index 0000000..9406ce0 --- /dev/null +++ b/config/rootfiles/core/40/filelists/snort @@ -0,0 +1 @@ +../../../common/snort \ No newline at end of file diff --git a/doc/packages-list.txt b/doc/packages-list.txt index c8dbc2e..5f3ac7c 100644 --- a/doc/packages-list.txt +++ b/doc/packages-list.txt @@ -310,6 +310,7 @@ * slang-1.4.9 * smartmontools-5.39.1 * snort-2.8.6 +* snort-2.8.6.1 * sox-12.18.1 * spandsp-0.0.6pre12 * splix-2.0.0-rc2 diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 4d66d22..1b70ca6 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -264,11 +264,11 @@ if (-e "/etc/snort/snort.conf") {
if ($snortsettings{'RULES'} eq 'subscripted') { #$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$sn..."; - $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2860_s.tar.gz/$snortsetti..."; + $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2861_s.tar.gz/$snortsetti..."; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings%7B%27OINKCODE%27%..."; } elsif ($snortsettings{'RULES'} eq 'registered') { #$url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snor..."; - $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2860.tar.gz/$snortsetting..."; + $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2861.tar.gz/$snortsetting..."; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings%7B%27OINKCODE%27%..."; } else { $url="http://www.emergingthreats.net/rules/emerging.rules.tar.gz"; diff --git a/html/cgi-bin/outgoingfw.cgi b/html/cgi-bin/outgoingfw.cgi index 3482f35..07fcb39 100644 --- a/html/cgi-bin/outgoingfw.cgi +++ b/html/cgi-bin/outgoingfw.cgi @@ -567,13 +567,13 @@ END if ($p2pline[2] eq 'on') { print <<END <input type='hidden' name='ACTION' value='disable' /> - <input type='image' name='submit' src='/images/stock_ok.png' alt='$Lang::tr{'outgoingfw p2p allow'}' title='$Lang::tr{'outgoingfw p2p allow'}'/> + <input type='image' name='submit' src='/images/stock_ok.png' alt='$Lang::tr{'outgoing firewall p2p allow'}' title='$Lang::tr{'outgoing firewall p2p allow'}'/> END ; } else { print <<END <input type='hidden' name='ACTION' value='enable' /> - <input type='image' name='submit' src='/images/stock_stop.png' alt='$Lang::tr{'outgoingfw p2p deny'}' title='$Lang::tr{'outgoingfw p2p deny'}' /> + <input type='image' name='submit' src='/images/stock_stop.png' alt='$Lang::tr{'outgoing firewall p2p deny'}' title='$Lang::tr{'outgoing firewall p2p deny'}' /> END ; } @@ -584,7 +584,7 @@ END } print <<END </table> - <br />$Lang::tr{'outgoingfw p2p description 1'} <img src='/images/stock_ok.png' align='absmiddle' alt='$Lang::tr{'outgoingfw p2p deny'}'> $Lang::tr{'outgoingfw p2p description 2'} <img src='/images/stock_stop.png' align='absmiddle' alt='$Lang::tr{'outgoingfw p2p deny'}'> $Lang::tr{'outgoingfw p2p description 3'} + <br />$Lang::tr{'outgoing firewall p2p description 1'} <img src='/images/stock_ok.png' align='absmiddle' alt='$Lang::tr{'outgoing firewall p2p deny'}'> $Lang::tr{'outgoing firewall p2p description 2'} <img src='/images/stock_stop.png' align='absmiddle' alt='$Lang::tr{'outgoing firewall p2p deny'}'> $Lang::tr{'outgoing firewall p2p description 3'} END ; &Header::closebox(); @@ -594,9 +594,9 @@ END print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> <table width='100%'> - <tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 0:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoingfw mode0'}</td></tr> - <tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 1:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoingfw mode1'}</td></tr> - <tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 2:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoingfw mode2'}</td></tr> + <tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 0:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoing firewall mode0'}</td></tr> + <tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 1:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoing firewall mode1'}</td></tr> + <tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 2:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoing firewall mode2'}</td></tr> <tr><td colspan='3'><hr /></td></tr> <tr><td width='10%' align='left'> <select name='POLICY' style="width: 85px"><option value='MODE0' $selected{'POLICY'}{'MODE0'}>$Lang::tr{'mode'} 0</option><option value='MODE1' $selected{'POLICY'}{'MODE1'}>$Lang::tr{'mode'} 1</option><option value='MODE2' $selected{'POLICY'}{'MODE2'}>$Lang::tr{'mode'} 2</option></select> <td width='45%' align='left'><input type='submit' name='ACTION' value=$Lang::tr{'save'} /> @@ -605,7 +605,7 @@ END ; if ($outfwsettings{'POLICY'} ne 'MODE0') { print <<END - $Lang::tr{'outgoingfw reset'}: <input type='submit' name='ACTION' value=$Lang::tr{'reset'} /> + $Lang::tr{'outgoing firewall reset'}: <input type='submit' name='ACTION' value=$Lang::tr{'reset'} /> END ; } @@ -705,7 +705,7 @@ END </optgroup> </select> </td> - <td align='right' colspan='4'><font color='red'>$Lang::tr{'outgoingfw warning'}</font></td> + <td align='right' colspan='4'><font color='red'>$Lang::tr{'outgoing firewall warning'}</font></td> </tr> <tr> <td align='right' colspan='4' >$Lang::tr{'source ip or net'}<img src='/blob.gif' /></td> diff --git a/html/cgi-bin/outgoinggrp.cgi b/html/cgi-bin/outgoinggrp.cgi index 28e5261..f99468e 100644 --- a/html/cgi-bin/outgoinggrp.cgi +++ b/html/cgi-bin/outgoinggrp.cgi @@ -84,6 +84,10 @@ if ($outgrpsettings{'ACTION'} eq 'newipgroup')
if ( -e "$configpath/macgroups/$outgrpsettings{'ipgroup'}" ){ $errormessage = "$Lang::tr{'outgoing firewall group error'}"; + } elsif ( $outgrpsettings{'ipgroup'} eq "all" || $outgrpsettings{'ipgroup'} eq "red" || $outgrpsettings{'ipgroup'} eq "blue" || + $outgrpsettings{'ipgroup'} eq "green" || $outgrpsettings{'ipgroup'} eq "orange" || $outgrpsettings{'ipgroup'} eq "ip" || + $outgrpsettings{'ipgroup'} eq "mac" || $outgrpsettings{'ipgroup'} eq "ovpn" || $outgrpsettings{'ipgroup'} eq "ipsec" ) { + $errormessage = "$Lang::tr{'outgoing firewall reserved groupname'}"; } else { open (FILE, ">$configpath/ipgroups/$outgrpsettings{'ipgroup'}") or die "Can't save $outgrpsettings{'ipgroup'} settings $!"; flock (FILE, 2); @@ -101,6 +105,10 @@ if ($outgrpsettings{'ACTION'} eq 'newmacgroup')
if ( -e "$configpath/ipgroups/$outgrpsettings{'macgroup'}" ){ $errormessage = "$Lang::tr{'outgoing firewall group error'}"; + } elsif ( $outgrpsettings{'macgroup'} eq "all" || $outgrpsettings{'macgroup'} eq "red" || $outgrpsettings{'macgroup'} eq "blue" || + $outgrpsettings{'macgroup'} eq "green" || $outgrpsettings{'macgroup'} eq "orange" || $outgrpsettings{'macgroup'} eq "ip" || + $outgrpsettings{'macgroup'} eq "mac" || $outgrpsettings{'macgroup'} eq "ovpn" || $outgrpsettings{'macgroup'} eq "ipsec" ) { + $errormessage = "$Lang::tr{'outgoing firewall reserved groupname'}"; } else { open (FILE, ">$configpath/macgroups/$outgrpsettings{'macgroup'}") or die "Can't save $outgrpsettings{'macgroup'} settings $!"; flock (FILE, 2); diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index aa09abe..6b01831 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -22,7 +22,8 @@ 'ConnSched scheduled actions' => 'Geplante Aktionen', 'ConnSched scheduler' => 'Scheduler', 'ConnSched select profile' => 'Wähle Profil', -'outgoingfw warning' => 'Nur die Auswahl Quell IP / MAC aktiviert diese', +'outgoing firewall warning' => 'Nur die Auswahl Quell IP / MAC aktiviert diese', +'outgoing firewall outgoing firewall reserved groupname' => 'Bitte einen anderen Gruppennamen verwenden, dieser ist ein reserviertes Wort.', 'ConnSched time' => 'Zeit:', 'ConnSched up' => 'Hoch', 'ConnSched weekdays' => 'Wochentage:', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 2c053da..907de5d 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -19,7 +19,8 @@ 'ConnSched ipsecstop' => 'IPSec stop', 'ConnSched reconnect' => 'Reconnect', 'ConnSched scheduled actions' => 'Scheduled actions', -'outgoingfw warning' => 'Not selecting source ip or mac ignores them', +'outgoing firewall warning' => 'Not selecting source ip or mac ignores them', +'outgoing firewall outgoing firewall reserved groupname' => 'Please use another group name, this name is reserved.', 'ConnSched scheduler' => 'Scheduler', 'ConnSched select profile' => 'Select profile', 'modify' => 'Modify', diff --git a/langs/es/cgi-bin/es.pl b/langs/es/cgi-bin/es.pl index 8b7d293..8074cd2 100644 --- a/langs/es/cgi-bin/es.pl +++ b/langs/es/cgi-bin/es.pl @@ -18,7 +18,8 @@ 'ConnSched ipsecstop' => 'Detener IPSec', 'ConnSched reconnect' => 'Reconectar', 'ConnSched scheduled actions' => 'Acciones planificadas', -'outgoingfw warning' => 'No seleccionar ip origen o mac las ignora', +'outgoing firewall warning' => 'No seleccionar ip origen o mac las ignora', +'outgoing firewall outgoing firewall reserved groupname' => 'Por favor, utilice otro nombre de grupo, este nombre está reservado', 'ConnSched scheduler' => 'Planificador', 'ConnSched select profile' => 'Elegir Perfil', 'modify' => 'Modificar', diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl index 7d76c78..7904bb6 100644 --- a/langs/fr/cgi-bin/fr.pl +++ b/langs/fr/cgi-bin/fr.pl @@ -18,7 +18,8 @@ 'ConnSched ipsecstart' => 'IPSec (re)démarrage', 'ConnSched ipsecstop' => 'IPSec arrêt', 'ConnSched reconnect' => 'Reconnecter', -'outgoingfw warning' => 'Ne pas choisir IP source ou Mac ignore les', +'outgoing firewall warning' => 'Ne pas choisir IP source ou Mac ignore les', +'outgoing firewall outgoing firewall reserved groupname' => 'S il vous plaît utilisez un autre nom de groupe, ce nom est réservé.', 'ConnSched scheduled actions' => 'Actions planifiées', 'ConnSched scheduler' => 'Planificateur', 'ConnSched select profile' => 'Sélectionner profil', diff --git a/lfs/snort b/lfs/snort index 4b2e348..c44b14e 100644 --- a/lfs/snort +++ b/lfs/snort @@ -24,7 +24,7 @@
include Config
-VER = 2.8.6 +VER = 2.8.6.1
THISAPP = snort-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b1c2d3ddb1c0a859a47c5a31d19e60ad +$(DL_FILE)_MD5 = b1119396a32e9df0d80404e4b6c49166
install : $(TARGET)
hooks/post-receive -- IPFire 2.x development tree