[git.ipfire.org] IPFire 2.x development tree branch, core80, updated. b3f401fba4b69ea06a1987a971f8f7ff59b3ee33

[git.ipfire.org] IPFire 2.x development tree branch, core80, updated. b3f401fba4b69ea06a1987a971f8f7ff59b3ee33

[git]

[-- Attachment #1: Type: text/plain, Size: 5523 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, core80 has been updated
       via  b3f401fba4b69ea06a1987a971f8f7ff59b3ee33 (commit)
       via  cea4fc3aaf3fb9b776a2209ccdaff6452e099f8e (commit)
       via  8df091d9680ca0230723fc62b56c9e1d29acb481 (commit)
       via  bc70c8273792c3cbe41edca1a90f62b4ff0666a1 (commit)
      from  5b861b054576b43e5564289ca08875ee28859cbf (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b3f401fba4b69ea06a1987a971f8f7ff59b3ee33
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date:   Tue Jul 29 22:29:28 2014 +0200

    ids.cgi fix snort rules download url.
    
    fixes: 10579

-----------------------------------------------------------------------

Summary of changes:
 config/cfgroot/general-functions.pl      | 27 +++++++++------------------
 config/rootfiles/core/80/filelists/files |  2 ++
 html/cgi-bin/ids.cgi                     |  6 +++---
 src/initscripts/init.d/rngd              | 10 ++++++++--
 4 files changed, 22 insertions(+), 23 deletions(-)

Difference in files:
diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 6994f33..dbac0d7 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -413,9 +413,9 @@ sub getnetworkip
 	#Gets:  IP, CIDR    (10.10.10.0-255, 24)
 	#Gives:  10.10.10.0
 	my ($ccdip,$ccdsubnet) = @_;
-	my $ip_address_binary = &Socket::inet_pton( AF_INET,$ccdip );
-	my $netmask_binary = &Socket::inet_pton(AF_INET,&iporsubtodec($ccdsubnet));
-	my $network_address    = &Socket::inet_ntop( AF_INET,$ip_address_binary & $netmask_binary );
+	my $ip_address_binary = inet_aton( $ccdip );
+	my $netmask_binary    = ~pack("N", (2**(32-$ccdsubnet))-1);
+	my $network_address    = inet_ntoa( $ip_address_binary & $netmask_binary );
 	return $network_address;
 }
 
@@ -773,21 +773,12 @@ sub validportrange # used to check a port range
 # Return: TRUE/FALSE
 sub IpInSubnet
 {
-	my $addr = shift;
-	my $network = shift;
-	my $netmask = shift;
-
-	my $addr_num = &Socket::inet_pton(AF_INET,$addr);
-	my $network_num = &Socket::inet_pton(AF_INET,$network);
-	my $netmask_num = &Socket::inet_pton(AF_INET,$netmask);
-
-	# Find start address
-	my $network_start = $network_num & $netmask_num;
-
-	# Find end address
-	my $network_end = $network_start ^ ~$netmask_num;
-
-	return (($addr_num ge $network_start) && ($addr_num le $network_end));
+    my $ip = unpack('N', &Socket::inet_aton(shift));
+    my $start = unpack('N', &Socket::inet_aton(shift));
+    my $mask  = unpack('N', &Socket::inet_aton(shift));
+       $start &= $mask;  # base of subnet...
+    my $end   = $start + ~$mask;
+    return (($ip >= $start) && ($ip <= $end));
 }
 
 #
diff --git a/config/rootfiles/core/80/filelists/files b/config/rootfiles/core/80/filelists/files
index 5f4c42c..cdddaac 100644
--- a/config/rootfiles/core/80/filelists/files
+++ b/config/rootfiles/core/80/filelists/files
@@ -6,7 +6,9 @@ etc/rc.d/init.d/dhcrelay
 etc/rc.d/init.d/dnsmasq
 etc/rc.d/init.d/firewall
 etc/rc.d/init.d/networking/red.up/30-ddns
+etc/rc.d/init.d/rngd
 srv/web/ipfire/cgi-bin/ddns.cgi
+srv/web/ipfire/cgi-bin/ids.cgi
 srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat
 srv/web/ipfire/cgi-bin/logs.cgi/log.dat
 srv/web/ipfire/cgi-bin/netexternal.cgi
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 5a28daa..ff72b78 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -263,11 +263,11 @@ if (-e "/etc/snort/snort.conf") {
 #######################  End added for snort rules control  #################################
 
 if ($snortsettings{'RULES'} eq 'subscripted') {
-	$url=" http://www.snort.org/sub-rules/snortrules-snapshot-2961.tar.gz/$snortsettings{'OINKCODE'}";
+	$url=" https://www.snort.org/rules/snortrules-snapshot-2961.tar.gz?oinkcode=$snortsettings{'OINKCODE'}";
 } elsif ($snortsettings{'RULES'} eq 'registered') {
-	$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/$snortsettings{'OINKCODE'}";
+	$url=" https://www.snort.org/rules/snortrules-snapshot-2961.tar.gz?oinkcode=$snortsettings{'OINKCODE'}";
 } elsif ($snortsettings{'RULES'} eq 'community') {
-	$url=" http://s3.amazonaws.com/snort-org/www/rules/community/community-rules.tar.gz";
+	$url=" https://www.snort.org/rules/community";
 } else {
 	$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
 }
diff --git a/src/initscripts/init.d/rngd b/src/initscripts/init.d/rngd
index 22437fd..df4aa7d 100644
--- a/src/initscripts/init.d/rngd
+++ b/src/initscripts/init.d/rngd
@@ -28,12 +28,18 @@ case "${1}" in
 		fi
 
 		boot_mesg "Starting Random Number Generator Daemon..."
-		loadproc /usr/sbin/rngd --no-tpm=1
+
+		if pidofproc /usr/sbin/rngd &>/dev/null; then
+			# Is already running.
+			echo_ok
+		else
+			loadproc /usr/sbin/rngd --no-tpm=1
+		fi
 		;;
 
 	stop)
 		boot_mesg "Stopping Random Number Generator Daemon..."
-		killproc /usr/sbin/rngd
+		killproc -p /var/run/rngd.pid /usr/sbin/rngd
 		;;
 
 	restart)


hooks/post-receive
--
IPFire 2.x development tree