* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. c6bc0fb03e0dbb9f1ba34d42195d0601b55891c1
@ 2016-11-04 20:15 git
0 siblings, 0 replies; only message in thread
From: git @ 2016-11-04 20:15 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 12613 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via c6bc0fb03e0dbb9f1ba34d42195d0601b55891c1 (commit)
via 34f6a3f1b56e724062897d480d102d81e4e47298 (commit)
via 2d646e983864558cbf50a0e2150b080a70976d8b (commit)
via d4af85f252c5e1573f548377ea97928adf07c4d0 (commit)
via 08fc1aa43b293dccf211b8f961a6d1b7606ed352 (commit)
via 7ebc0a16e23b438fb79e981be0fda612cf17fdcb (commit)
via 3ddad158cd5fd4a311812bdcd52a46cbb9ca4866 (commit)
via 2872f345b07eeef2ab9897ac26f06add6f92101e (commit)
via f8571e07beed5b753cf1485d4ace6f09d4ffe882 (commit)
via a6dcc5bb77760d887f1bee7271590b78437b85f4 (commit)
from f8aa041f1a957f782c47c441c6b403e65707dd85 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c6bc0fb03e0dbb9f1ba34d42195d0601b55891c1
Merge: f8aa041 34f6a3f
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Fri Nov 4 21:12:25 2016 +0100
Merge remote-tracking branch 'origin/master' into next
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/core/107/filelists/files | 2 ++
config/rootfiles/core/107/update.sh | 4 ++++
config/unbound/unbound.conf | 12 +++---------
lfs/guardian | 2 +-
src/initscripts/init.d/ntp | 8 ++++++++
src/initscripts/init.d/unbound | 21 ++-------------------
src/paks/{netsnmpd => guardian}/install.sh | 3 ++-
.../{squid-accounting => guardian}/uninstall.sh | 6 ++++--
src/paks/{cacti => guardian}/update.sh | 2 +-
9 files changed, 27 insertions(+), 33 deletions(-)
copy src/paks/{netsnmpd => guardian}/install.sh (94%)
copy src/paks/{squid-accounting => guardian}/uninstall.sh (94%)
copy src/paks/{cacti => guardian}/update.sh (96%)
Difference in files:
diff --git a/config/rootfiles/core/107/filelists/files b/config/rootfiles/core/107/filelists/files
index 1dc0a35..94704cf 100644
--- a/config/rootfiles/core/107/filelists/files
+++ b/config/rootfiles/core/107/filelists/files
@@ -1,6 +1,8 @@
etc/system-release
etc/issue
+etc/unbound/unbound.conf
etc/rc.d/init.d/unbound
+etc/rc.d/init.d/ntp
srv/web/ipfire/cgi-bin/logs.cgi/log.dat
srv/web/ipfire/cgi-bin/traffic.cgi
var/ipfire/langs
diff --git a/config/rootfiles/core/107/update.sh b/config/rootfiles/core/107/update.sh
index b8987b0..276dae5 100644
--- a/config/rootfiles/core/107/update.sh
+++ b/config/rootfiles/core/107/update.sh
@@ -138,6 +138,7 @@ esac
tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
# Remove some old files
+rm -f /etc/unbound/interfaces.conf
# update linker config
ldconfig
@@ -177,6 +178,9 @@ if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
/etc/init.d/ipsec start
fi
+# Restart unbound to activate configuration changes
+/etc/init.d/unbound restart
+
# Delete old QoS enabled indicator
rm -f /var/ipfire/qos/enable
diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf
index 5193dd9..3f724d8 100644
--- a/config/unbound/unbound.conf
+++ b/config/unbound/unbound.conf
@@ -62,21 +62,15 @@ server:
use-caps-for-id: no
# Listen on all interfaces
+ interface-automatic: yes
interface: 0.0.0.0
- # Deny access from everywhere
- access-control: 0.0.0.0/0 refuse
-
- # Allow access from localhost
- access-control: 127.0.0.0/8 allow
+ # Allow access from everywhere
+ access-control: 0.0.0.0/0 allow
# Bootstrap root servers
root-hints: "/etc/unbound/root.hints"
- # IPFire interface configuration
- include: "/etc/unbound/interfaces.conf"
- interface-automatic: no
-
# Include DHCP leases
include: "/etc/unbound/dhcp-leases.conf"
diff --git a/lfs/guardian b/lfs/guardian
index c016f04..d363419 100644
--- a/lfs/guardian
+++ b/lfs/guardian
@@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = guardian
-PAK_VER = 11
+PAK_VER = 13
DEPS = "perl-inotify2 perl-Net-IP"
diff --git a/src/initscripts/init.d/ntp b/src/initscripts/init.d/ntp
index d411ba1..0793927 100644
--- a/src/initscripts/init.d/ntp
+++ b/src/initscripts/init.d/ntp
@@ -27,6 +27,14 @@ case "$1" in
fi
if [ -e /var/ipfire/red/active ]; then
boot_mesg ""
+
+ host ping.ipfire.org > /dev/null 2>&1
+ if [ "${?}" != "0" ]; then
+ boot_mesg "DNS not work ... init with ntp.ipfire.org at 81.3.27.46 ..."
+ loadproc /usr/local/bin/settime 81.3.27.46
+ boot_mesg "Setting time on boot..."
+ fi
+
loadproc /usr/local/bin/settime $(cat /var/ipfire/time/settime.conf)
else
boot_mesg " ERROR! Not online!"
diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound
index a7952fc..01a560d 100644
--- a/src/initscripts/init.d/unbound
+++ b/src/initscripts/init.d/unbound
@@ -12,6 +12,7 @@ TEST_DOMAIN="ipfire.org"
# This domain will never validate
TEST_DOMAIN_FAIL="dnssec-failed.org"
+INSECURE_ZONES=
USE_FORWARDERS=1
# Cache any local zones for 60 seconds
@@ -147,28 +148,11 @@ update_hosts() {
done < /var/ipfire/main/hosts
}
-write_interfaces_conf() {
- (
- config_header
-
- # 1.1.1.1 is reserved for unused green
- if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then
- echo "# allow access from GREEN"
- echo "access-control: $(cidr ${GREEN_NETADDRESS} ${GREEN_NETMASK}) allow"
- fi
-
- if [ -n "${BLUE_ADDRESS}" ]; then
- echo "# allow access from BLUE"
- echo "access-control: $(cidr ${BLUE_NETADDRESS} ${BLUE_NETMASK}) allow"
- fi
- ) > /etc/unbound/interfaces.conf
-}
-
write_forward_conf() {
(
config_header
- local insecure_zones
+ local insecure_zones="${INSECURE_ZONES}"
local enabled zone server remark
while IFS="," read -r enabled zone server remark; do
@@ -351,7 +335,6 @@ case "$1" in
# Update configuration files
write_tuning_conf
- write_interfaces_conf
write_forward_conf
boot_mesg "Starting Unbound DNS Proxy..."
diff --git a/src/paks/guardian/install.sh b/src/paks/guardian/install.sh
new file mode 100644
index 0000000..88caf53
--- /dev/null
+++ b/src/paks/guardian/install.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007-2016 IPFire-Team <info(a)ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+extract_files
+/usr/local/bin/update-lang-cache
+restore_backup ${NAME}
+start_service --background ${NAME}
diff --git a/src/paks/guardian/uninstall.sh b/src/paks/guardian/uninstall.sh
new file mode 100644
index 0000000..334a6f0
--- /dev/null
+++ b/src/paks/guardian/uninstall.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007-2016 IPFire-Team <info(a)ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+stop_service ${NAME}
+make_backup ${NAME}
+remove_files
+/usr/local/bin/update-lang-cache
+exit 0
diff --git a/src/paks/guardian/update.sh b/src/paks/guardian/update.sh
new file mode 100644
index 0000000..4bec42b
--- /dev/null
+++ b/src/paks/guardian/update.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007-2016 IPFire-Team <info(a)ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+./uninstall.sh
+./install.sh
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-11-04 20:15 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-04 20:15 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. c6bc0fb03e0dbb9f1ba34d42195d0601b55891c1 git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox